{"version":3,"file":"js/chunk-vendors-7bea4d72.304c4e66.js","mappings":"6PAkBIA,EAA8B,WAC9B,SAASA,EAAaC,EAAUC,GAC5BC,KAAKF,SAAWA,EAChBE,KAAKD,WAAaA,CACtB,CA2vBA,OAvvBAF,EAAaI,UAAUC,eAAiB,WACpC,IAAIC,EAAQH,KACRI,EAAkBJ,KAAKK,wBACvBC,EAAgBC,OAAOC,KAAKJ,GAAiBK,KAAI,SAAUC,GAAc,OAAON,EAAgBM,EAAa,IAC7GC,EAAcL,EAAcM,OAChC,GAAID,EAAc,EACd,MAAO,GAGP,IAAIE,EAAcP,EAAcG,KAAI,SAAUK,GAC1C,IAAIC,EAAgBlB,EAAamB,SAAS,IAAI,IAAiBF,GAC3DG,EAAcF,EAAcG,iBAC5BC,EAAUhB,EAAMiB,qBAAqBjB,EAAML,SAAUmB,GAKzD,OAJIE,IAAYF,EAAYI,gBACxBJ,EAAYE,QAAUA,EAAQG,OAC9BL,EAAYI,cAAgB,IAAI,IAAUF,EAAQG,OAAQnB,EAAMJ,YAAYwB,QAEzEN,CACX,IACA,OAAOJ,CAEf,EAKAhB,EAAaI,UAAUuB,gBAAkB,SAAUC,GAC/C,OAAO,QAAUzB,UAAM,OAAQ,GAAQ,WACnC,OAAO,QAAYA,MAAM,SAAU0B,GAC/B,OAAQA,EAAGC,OACP,KAAK,EACD,IAAKF,EACD,MAAM,uCAQV,OANMA,EAAYG,SACd5B,KAAK6B,WAAWJ,EAAYG,SAE1BH,EAAYN,SACdnB,KAAK8B,qBAAqBL,EAAYN,SAEnCM,EAAYM,YACZ,CAAC,EAAa/B,KAAKgC,gBAAgBP,EAAYM,cADf,CAAC,EAAa,GAEzD,KAAK,EACDL,EAAGO,OACHP,EAAGC,MAAQ,EACf,KAAK,EAOD,OANMF,EAAYS,cACdlC,KAAKmC,0BAA0BV,EAAYS,cAEzCT,EAAYW,aACdpC,KAAKqC,eAAeZ,EAAYW,aAE7B,CAAC,GAEpB,GACJ,GACJ,EAKAvC,EAAaI,UAAU+B,gBAAkB,SAAUM,GAC/C,OAAO,QAAUtC,UAAM,OAAQ,GAAQ,WACnC,IAAIuC,EAAmBC,EAAeC,EAAqBC,EACvDvC,EAAQH,KACZ,OAAO,QAAYA,MAAM,SAAU0B,GAC/B,OAAQA,EAAGC,OACP,KAAK,EAYD,OAXAY,EAAoBvC,KAAK2C,yBAAyB,CAC9C7C,SAAUwC,EAAWxC,SACrB8C,eAAgBN,EAAWM,eAC3BC,YAAaP,EAAWO,YACxBC,cAAeR,EAAWQ,cAC1BC,MAAOT,EAAWS,MAClBC,UAAWV,EAAWU,UACtBC,oBAAqBX,EAAWW,sBAEpCT,EAAgB,eAAoBF,EAAWY,QAC/CT,EAAsBlC,OAAOC,KAAK+B,EAAkBY,cAAc1C,KAAI,SAAU2C,GAAO,OAAOb,EAAkBY,aAAaC,EAAM,IAC9HX,GACLC,EAAwB,GACxBD,EAAoBY,SAAQ,SAAUC,GAClC,IAAIC,EAAgB,eAAoBD,EAAYJ,QAChDK,EAAcC,sBAAsBhB,IACpCE,EAAsBe,KAAKtD,EAAMuD,iBAAiBJ,GAE1D,IACO,CAAC,EAAaK,QAAQC,IAAIlB,KARA,CAAC,EAAa,GASnD,KAAK,EACDhB,EAAGO,OACHP,EAAGC,MAAQ,EACf,KAAK,EAED,OADA3B,KAAK6D,yBAAyBvB,GACvB,CAAC,GAEpB,GACJ,GACJ,EAQAzC,EAAaI,UAAUI,sBAAwB,SAAUyD,GACrD,OAAO9D,KAAK+D,8BAA8BD,EAAgBA,EAAchB,cAAgB,kBAAwBgB,EAAgBA,EAAcjB,YAAc,kBAAwBiB,EAAgBA,EAAcf,MAAQ,kBAAwBe,EAAgBA,EAAcE,gBAAkB,kBACtS,EAQAnE,EAAaI,UAAU8D,8BAAgC,SAAUjB,EAAeD,EAAaE,EAAOiB,GAChG,IAAI7D,EAAQH,KACRiE,EAAejE,KAAKkE,UACpBC,EAAmB,CAAC,EAoBxB,OAnBAF,EAAaZ,SAAQ,SAAUe,GAC3B,IAAIC,EAASlE,EAAMmE,WAAWF,GACzBC,IAGCvB,IAAkB3C,EAAMoE,mBAAmBF,EAAQvB,IAGnDD,IAAgB1C,EAAMqE,iBAAiBH,EAAQxB,IAG/CE,IAAU5C,EAAMsE,WAAWJ,EAAQtB,IAGnCiB,IAAoB7D,EAAMuE,qBAAqBL,EAAQL,KAG7DG,EAAiBC,GAAYC,GACjC,IACOF,CACX,EAUAtE,EAAaI,UAAU0C,yBAA2B,SAAUgC,GACxD,OAAO3E,KAAK4E,iCAAiCD,EAAO7B,cAAe6B,EAAO9B,YAAa8B,EAAO/B,eAAgB+B,EAAO7E,SAAU6E,EAAOE,SAAUF,EAAO5B,MAAO4B,EAAOzB,OAAQyB,EAAOG,kBAAmBH,EAAO3B,UAAW2B,EAAOI,MAAOJ,EAAO1B,oBAClP,EAYApD,EAAaI,UAAU2E,iCAAmC,SAAU9B,EAAeD,EAAaD,EAAgB9C,EAAU+E,EAAU9B,EAAOG,EAAQ4B,EAAmB9B,EAAW+B,EAAO9B,GACpL,IAAI9C,EAAQH,KACRiE,EAAejE,KAAKkE,UACpBc,EAAsB,CACtBC,SAAU,CAAC,EACX9B,aAAc,CAAC,EACf+B,cAAe,CAAC,GA+EpB,OA7EAjB,EAAaZ,SAAQ,SAAUe,GAE3B,IAAIe,EAAW,sBAAmCf,GAClD,GAAIe,IAAa,iBAAjB,CAIA,IAAId,EAASlE,EAAMiF,sBAAsBhB,EAAUe,GACnD,GAAKd,KAGCS,GAAsB3E,EAAMkF,uBAAuBhB,EAAQS,MAOnC,kBAAlBhC,GAAgC3C,EAAMoE,mBAAmBF,EAAQvB,OAGvED,GAAgB1C,EAAMqE,iBAAiBH,EAAQxB,OAG/CE,GAAU5C,EAAMsE,WAAWJ,EAAQtB,OAGnCH,GAAmBzC,EAAMmF,oBAAoBjB,EAAQzB,OAGrD9C,GAAaK,EAAMoF,cAAclB,EAAQvE,OAGzC+E,GAAa1E,EAAMqF,cAAcnB,EAAQQ,OAOzC3B,GAAW/C,EAAMsF,YAAYpB,EAAQnB,OAIvCD,IAAuBoB,EAAOpB,qBAE1BoB,EAAOpB,sBAAwBA,GAFvC,CAOA,GAAIL,IAAmB,mCAA8C,CACjE,GAAMI,IAAc7C,EAAMuF,eAAerB,EAAQrB,GAC7C,OAGJ,GAAIA,IAAc,UACV+B,IAAU5E,EAAMwF,WAAWtB,EAAQU,GACnC,MAGZ,CAEA,IAAIa,EAAkBzF,EAAM0F,yBAAyBzB,EAAUC,GAC/D,OAAQc,GACJ,KAAK,cACDH,EAAoBC,SAASW,GAAmBvB,EAChD,MACJ,KAAK,kBACL,KAAK,mCACDW,EAAoB7B,aAAayC,GAAmBvB,EACpD,MACJ,KAAK,mBACDW,EAAoBE,cAAcU,GAAmBvB,EACrD,MAzBR,CA5CA,CAuEJ,IACOW,CACX,EAKAnF,EAAaI,UAAU6F,yBAA2B,SAAUnB,GACxD,OAAO3E,KAAK+F,iCAAiCpB,EAAO9B,YAAa8B,EAAO7E,SAC5E,EAMAD,EAAaI,UAAU8F,iCAAmC,SAAUlD,EAAa/C,GAC7E,IAAIK,EAAQH,KACRiE,EAAejE,KAAKkE,UACpB8B,EAAsB,CAAC,EAmB3B,OAlBA/B,EAAaZ,SAAQ,SAAUe,GAE3B,GAAKjE,EAAM8F,cAAc7B,GAAzB,CAIA,IAAIC,EAASlE,EAAM+F,eAAe9B,GAC7BC,IAGCxB,IAAgB1C,EAAMqE,iBAAiBH,EAAQxB,IAG/C/C,IAAaK,EAAMoF,cAAclB,EAAQvE,KAG/CkG,EAAoB5B,GAAYC,GAZhC,CAaJ,IACO2B,CACX,EAKAnG,EAAaI,UAAUkG,4BAA8B,SAAUC,GAC3D,IAAIjG,EAAQH,KACRiE,EAAejE,KAAKqG,2BACpBC,EAAgB,KAgBpB,OAfArC,EAAaZ,SAAQ,SAAUe,GAE3B,GAAKjE,EAAMoG,oBAAoBnC,KAAmD,IAAtCA,EAASoC,QAAQrG,EAAML,UAAnE,CAIA,IAAIuE,EAASlE,EAAMsG,qBAAqBrC,GACnCC,IAGiC,IAAlCA,EAAOqC,QAAQF,QAAQJ,KAG3BE,EAAgBjC,EAThB,CAUJ,IACOiC,CACX,EAIAzG,EAAaI,UAAU0G,kBAAoB,WACvC,OAAO,QAAU3G,UAAM,OAAQ,GAAQ,WACnC,IAAIiE,EAAc2C,EACdzG,EAAQH,KACZ,OAAO,QAAYA,MAAM,SAAU0B,GAC/B,OAAQA,EAAGC,OACP,KAAK,EAUD,OATAsC,EAAejE,KAAKkE,UACpB0C,EAAkB,GAClB3C,EAAaZ,SAAQ,SAAUe,GAC3B,IAAIC,EAASlE,EAAMmE,WAAWF,GACzBC,GAGLuC,EAAgBnD,KAAKtD,EAAM0G,cAAczC,GAC7C,IACO,CAAC,EAAaT,QAAQC,IAAIgD,IACrC,KAAK,EAED,OADAlF,EAAGO,OACI,CAAC,GAAc,GAElC,GACJ,GACJ,EAKApC,EAAaI,UAAU4G,cAAgB,SAAUnG,GAC7C,OAAO,QAAUV,UAAM,OAAQ,GAAQ,WACnC,IAAI4B,EACJ,OAAO,QAAY5B,MAAM,SAAU0B,GAC/B,OAAQA,EAAGC,OACP,KAAK,EAED,GADAC,EAAU5B,KAAKsE,WAAW5D,IACrBkB,EACD,MAAM,gCAEV,MAAO,CAAC,EAAa5B,KAAK8G,qBAAqBlF,IACnD,KAAK,EAAG,MAAO,CAAC,EAAgBF,EAAGO,QAAWjC,KAAK+G,WAAWrG,EAAY,eAElF,GACJ,GACJ,EAKAb,EAAaI,UAAU6G,qBAAuB,SAAUlF,GACpD,OAAO,QAAU5B,UAAM,OAAQ,GAAQ,WACnC,IAAIiE,EAAc+C,EAAWC,EACzB9G,EAAQH,KACZ,OAAO,QAAYA,MAAM,SAAU0B,GAC/B,OAAQA,EAAGC,OACP,KAAK,EAeD,OAdAsC,EAAejE,KAAKkE,UACpB8C,EAAYpF,EAAQsF,oBACpBD,EAAqB,GACrBhD,EAAaZ,SAAQ,SAAUe,GAE3B,IAAIe,EAAW,sBAAmCf,GAClD,GAAIe,IAAa,iBAAjB,CAGA,IAAIgC,EAAchH,EAAMiF,sBAAsBhB,EAAUe,GAClDgC,GAAeH,IAAcG,EAAYD,qBAC3CD,EAAmBxD,KAAKtD,EAAMuD,iBAAiByD,GAHnD,CAKJ,IACO,CAAC,EAAaxD,QAAQC,IAAIqD,IACrC,KAAK,EAED,OADAvF,EAAGO,OACI,CAAC,GAAc,GAElC,GACJ,GACJ,EAKApC,EAAaI,UAAUyD,iBAAmB,SAAUpB,GAChD,OAAO,QAAUtC,UAAM,OAAQ,GAAQ,WACnC,IAAIoD,EAAKgE,EAAiCC,EAC1C,OAAO,QAAYrH,MAAM,SAAU0B,GAC/B,OAAQA,EAAGC,OACP,KAAK,EAED,GADAyB,EAAMd,EAAWgF,wBACXhF,EAAWM,eAAe2E,gBAAkB,iDAA6D,MAAO,CAAC,EAAa,GACpI,GAAMjF,EAAWU,YAAc,SAA2B,MAAO,CAAC,EAAa,GAG/E,GAFAoE,EAAkC9E,EAClC+E,EAAMD,EAAgCrC,OACjCsC,EAAK,MAAO,CAAC,EAAa,GAC/B3F,EAAGC,MAAQ,EACf,KAAK,EAED,OADAD,EAAG8F,KAAK/D,KAAK,CAAC,EAAG,EAAG,CAAE,IACf,CAAC,EAAazD,KAAKD,WAAW0H,sBAAsBJ,IAC/D,KAAK,EAED,OADA3F,EAAGO,OACI,CAAC,EAAa,GACzB,KAAK,EAED,MADAP,EAAGO,OACG,sCACV,KAAK,EAAG,MAAO,CAAC,EAAcjC,KAAK+G,WAAW3D,EAAK,kBAE3D,GACJ,GACJ,EAIAvD,EAAaI,UAAUyH,kBAAoB,WACvC,IAAIvH,EAAQH,KACRiE,EAAejE,KAAKkE,UAMxB,OALAD,EAAaZ,SAAQ,SAAUe,GACvBjE,EAAM8F,cAAc7B,IACpBjE,EAAM4G,WAAW3C,EAAU,kBAEnC,KACO,CACX,EASAvE,EAAaI,UAAU0H,gBAAkB,SAAU/F,EAAS9B,EAAU8H,EAAS/E,GAC3E,IAAIgF,EAAgB7H,KAAK8H,qBAAqBlG,GAC1CmG,EAAgB/H,KAAKoB,qBAAqBtB,EAAU8B,GACpDoG,EAAoBhI,KAAKiI,yBAAyBnI,EAAU8B,EAASgG,GACrEM,EAAqBlI,KAAKmI,0BAA0BrI,EAAU8B,GAAS,GACvEwG,EAAoBpI,KAAKqI,yBAAyBxF,EAAa/C,GAInE,OAHI+H,GAAiBE,IACjBF,EAAcxG,cAAgB,IAAI,IAAU0G,EAAczG,OAAQtB,KAAKD,YAAYwB,QAEhF,CACHK,QAASiG,EACT1G,QAAS4G,EACThG,YAAaiG,EACb9F,aAAcgG,EACd9F,YAAagG,EAErB,EAKAvI,EAAaI,UAAU6H,qBAAuB,SAAUlG,GACpD,IAAIlB,EAAa,4BAAsCkB,GACvD,OAAO5B,KAAKsE,WAAW5D,EAC3B,EAMAb,EAAaI,UAAUqI,wCAA0C,SAAUtE,GAEvE,IAAIF,EAAgB,CAChBE,gBAAiBA,GAEjBuE,EAAevI,KAAKK,sBAAsByD,GAC1C0E,EAAWjI,OAAOC,KAAK+H,GAAc9H,KAAI,SAAU2C,GAAO,OAAOmF,EAAanF,EAAM,IACxF,GAAIoF,EAAS5H,OAAS,EAClB,OAAO,KAEN,GAAI4H,EAAS5H,OAAS,EACvB,MAAM,iDAEV,OAAO2H,EAAa,EACxB,EAOA1I,EAAaI,UAAUmB,qBAAuB,SAAUtB,EAAU8B,GAC9D,IAAI6G,EAAgB,CAChB3F,cAAelB,EAAQkB,cACvBD,YAAajB,EAAQiB,YACrBD,eAAgB,cAChB9C,SAAUA,EACViD,MAAOnB,EAAQ8G,UAEfC,EAAkB3I,KAAK2C,yBAAyB8F,GAChDxD,EAAW1E,OAAOC,KAAKmI,EAAgB1D,UAAUxE,KAAI,SAAU2C,GAAO,OAAOuF,EAAgB1D,SAAS7B,EAAM,IAC5GwF,EAAc3D,EAASrE,OAC3B,GAAIgI,EAAc,EACd,OAAO,KAEN,GAAIA,EAAc,EACnB,MAAM,+CAEV,OAAO3D,EAAS,EACpB,EAQApF,EAAaI,UAAUgI,yBAA2B,SAAUnI,EAAU8B,EAASgG,GAC3E,IAAIiB,EAAS,IAAI,IAASjB,EAAQiB,QAAU,IACxCC,EAAalB,EAAQmB,sBAAwB,YAK7CnG,EAAkBkG,GAAcA,EAAWvB,gBAAkB,0BAA6C,mCAA+C,kBACzJyB,EAAoB,CACpBlG,cAAelB,EAAQkB,cACvBD,YAAajB,EAAQiB,YACrBD,eAAgBA,EAChB9C,SAAUA,EACViD,MAAOnB,EAAQ8G,SACfxF,OAAQ2F,EAAOI,uBACfjG,UAAW8F,EACX/D,MAAO6C,EAAQsB,OACfjG,oBAAqB2E,EAAQ3E,qBAE7B0F,EAAkB3I,KAAK2C,yBAAyBqG,GAChD7F,EAAe5C,OAAOC,KAAKmI,EAAgBxF,cAAc1C,KAAI,SAAU2C,GAAO,OAAOuF,EAAgBxF,aAAaC,EAAM,IACxH+F,EAAkBhG,EAAavC,OACnC,GAAIuI,EAAkB,EAClB,OAAO,KAEN,GAAIA,EAAkB,EACvB,MAAM,+CAEV,OAAOhG,EAAa,EACxB,EAOAtD,EAAaI,UAAUkI,0BAA4B,SAAUrI,EAAU8B,EAASwH,GAC5E,IAAIC,EAAKD,EAAW,UAAgBE,EAChCC,EAAqB,CACrBzG,cAAelB,EAAQkB,cACvBD,YAAajB,EAAQiB,YACrBD,eAAgB,mBAChB9C,SAAUA,EACV+E,SAAUwE,GAEVV,EAAkB3I,KAAK2C,yBAAyB4G,GAChDrE,EAAgB3E,OAAOC,KAAKmI,EAAgBzD,eAAezE,KAAI,SAAU2C,GAAO,OAAOuF,EAAgBzD,cAAc9B,EAAM,IAC3HoG,EAAmBtE,EAActE,OACrC,OAAI4I,EAAmB,EACZ,KAGJtE,EAAc,EACzB,EAIArF,EAAaI,UAAUoI,yBAA2B,SAAUxF,EAAa/C,GACrE,IAAI2J,EAAoB,CACpB5G,YAAaA,EACb/C,SAAUA,GAEVsC,EAAcpC,KAAK8F,yBAAyB2D,GAC5CC,EAAqBnJ,OAAOC,KAAK4B,GAAa3B,KAAI,SAAU2C,GAAO,OAAOhB,EAAYgB,EAAM,IAC5FuG,EAAiBD,EAAmB9I,OACxC,GAAI+I,EAAiB,EACjB,OAAO,KAEN,GAAIA,EAAiB,EACtB,MAAM,oDAEV,OAAOD,EAAmB,EAC9B,EAMA7J,EAAaI,UAAU2J,kBAAoB,SAAU/G,EAAa/C,GAC9D,IAAIsC,EAAcpC,KAAKqI,yBAAyBxF,EAAa/C,GAC7D,SAAUsC,GAAeA,EAAYyC,WAAa,KACtD,EAMAhF,EAAaI,UAAUsE,mBAAqB,SAAUF,EAAQvB,GAC1D,QAA2C,kBAAzBuB,EAAOvB,eAAgCA,IAAkBuB,EAAOvB,cACtF,EAMAjD,EAAaI,UAAUoF,uBAAyB,SAAUhB,EAAQS,GAC9D,SAAUT,EAAOS,mBAAqBA,IAAsBT,EAAOS,kBACvE,EAMAjF,EAAaI,UAAUuE,iBAAmB,SAAUH,EAAQxB,GACxD,IAAIgH,EAAgB7J,KAAKmG,4BAA4BtD,GACrD,SAAIgH,GAAiBA,EAAcnD,QAAQF,QAAQnC,EAAOxB,cAAgB,EAI9E,EAMAhD,EAAaI,UAAUqF,oBAAsB,SAAUjB,EAAQzB,GAC3D,OAAQyB,EAAOzB,gBAAkBA,EAAe2E,gBAAkBlD,EAAOzB,eAAe2E,aAC5F,EAMA1H,EAAaI,UAAUsF,cAAgB,SAAUlB,EAAQvE,GACrD,SAAUuE,EAAOvE,UAAYA,IAAauE,EAAOvE,SACrD,EAMAD,EAAaI,UAAUuF,cAAgB,SAAUnB,EAAQQ,GACrD,SAAUR,EAAOQ,UAAYA,IAAaR,EAAOQ,SACrD,EAMAhF,EAAaI,UAAUwE,WAAa,SAAUJ,EAAQtB,GAClD,SAAUsB,EAAOtB,OAASA,IAAUsB,EAAOtB,MAC/C,EAOAlD,EAAaI,UAAUyE,qBAAuB,SAAUL,EAAQL,GAC5D,SAAUK,EAAOL,iBAAmBA,IAAoBK,EAAOL,gBACnE,EAMAnE,EAAaI,UAAUwF,YAAc,SAAUpB,EAAQnB,GACnD,IAAI4G,EAA8BzF,EAAOzB,iBAAmB,mBAA+ByB,EAAOzB,iBAAmB,mCACrH,GAAIkH,IAA+BzF,EAAOnB,OACtC,OAAO,EAEX,IAAI6G,EAAiB,eAAoB1F,EAAOnB,QAC5C8G,EAAwB,eAAoB9G,GAOhD,OANK8G,EAAsBC,yBAIvBD,EAAsBE,YAAY,2BAHlCF,EAAsBG,mBAKnBJ,EAAeK,iBAAiBJ,EAC3C,EAMAnK,EAAaI,UAAUyF,eAAiB,SAAUrB,EAAQrB,GACtD,SAAUqB,EAAOrB,WAAaqB,EAAOrB,YAAcA,EACvD,EAMAnD,EAAaI,UAAU0F,WAAa,SAAUtB,EAAQU,GAClD,SAAUV,EAAOU,OAASV,EAAOU,QAAUA,EAC/C,EAKAlF,EAAaI,UAAUgG,cAAgB,SAAU7C,GAC7C,OAAsC,IAA/BA,EAAIoD,QAAQ,KACvB,EAKA3G,EAAaI,UAAUsG,oBAAsB,SAAUnD,GACnD,OAAgE,IAAzDA,EAAIoD,QAAQ,eACvB,EAIA3G,EAAaI,UAAUoK,kCAAoC,SAAUC,GACjE,OAAO,eAAyC,IAAMtK,KAAKF,SAAW,IAAMwK,CAChF,EAMAzK,EAAaI,UAAUmF,sBAAwB,SAAUhC,EAAK+B,GAC1D,OAAQA,GACJ,KAAK,cACD,OAAOnF,KAAKuK,qBAAqBnH,GAErC,KAAK,kBACL,KAAK,mCACD,OAAOpD,KAAKwK,yBAAyBpH,GAEzC,KAAK,mBACD,OAAOpD,KAAKyK,0BAA0BrH,GAE1C,QACI,OAAO,KAEnB,EAMAvD,EAAamB,SAAW,SAAU0J,EAAKC,GACnC,IAAK,IAAIC,KAAgBD,EACrBD,EAAIE,GAAgBD,EAAKC,GAE7B,OAAOF,CACX,EACO7K,CACX,CAhwBiC,GAiwB7BgL,EAAqC,SAAUC,GAE/C,SAASD,IACL,OAAkB,OAAXC,GAAmBA,EAAOC,MAAM/K,KAAMgL,YAAchL,IAC/D,CA8FA,OAjGA,QAAU6K,EAAqBC,GAI/BD,EAAoB5K,UAAU4B,WAAa,WACvC,IAAIoJ,EAAa,4FACjB,MAAM,0BAAgCA,EAC1C,EACAJ,EAAoB5K,UAAUqE,WAAa,WACvC,IAAI2G,EAAa,4FACjB,MAAM,0BAAgCA,EAC1C,EACAJ,EAAoB5K,UAAU6B,qBAAuB,WACjD,IAAImJ,EAAa,sGACjB,MAAM,0BAAgCA,EAC1C,EACAJ,EAAoB5K,UAAUsK,qBAAuB,WACjD,IAAIU,EAAa,sGACjB,MAAM,0BAAgCA,EAC1C,EACAJ,EAAoB5K,UAAU4D,yBAA2B,WACrD,IAAIoH,EAAa,0GACjB,MAAM,0BAAgCA,EAC1C,EACAJ,EAAoB5K,UAAUuK,yBAA2B,WACrD,IAAIS,EAAa,0GACjB,MAAM,0BAAgCA,EAC1C,EACAJ,EAAoB5K,UAAUkC,0BAA4B,WACtD,IAAI8I,EAAa,2GACjB,MAAM,0BAAgCA,EAC1C,EACAJ,EAAoB5K,UAAUwK,0BAA4B,WACtD,IAAIQ,EAAa,2GACjB,MAAM,0BAAgCA,EAC1C,EACAJ,EAAoB5K,UAAUoC,eAAiB,WAC3C,IAAI4I,EAAa,gGACjB,MAAM,0BAAgCA,EAC1C,EACAJ,EAAoB5K,UAAUiG,eAAiB,WAC3C,IAAI+E,EAAa,gGACjB,MAAM,0BAAgCA,EAC1C,EACAJ,EAAoB5K,UAAUiL,mBAAqB,WAC/C,IAAID,EAAa,oGACjB,MAAM,0BAAgCA,EAC1C,EACAJ,EAAoB5K,UAAUkL,mBAAqB,WAC/C,IAAIF,EAAa,oGACjB,MAAM,0BAAgCA,EAC1C,EACAJ,EAAoB5K,UAAUmL,qBAAuB,WACjD,IAAIH,EAAa,sGACjB,MAAM,0BAAgCA,EAC1C,EACAJ,EAAoB5K,UAAUwG,qBAAuB,WACjD,IAAIwE,EAAa,sGACjB,MAAM,0BAAgCA,EAC1C,EACAJ,EAAoB5K,UAAUoG,yBAA2B,WACrD,IAAI4E,EAAa,0GACjB,MAAM,0BAAgCA,EAC1C,EACAJ,EAAoB5K,UAAUoL,mBAAqB,WAC/C,IAAIJ,EAAa,oGACjB,MAAM,0BAAgCA,EAC1C,EACAJ,EAAoB5K,UAAUqL,mBAAqB,WAC/C,IAAIL,EAAa,oGACjB,MAAM,0BAAgCA,EAC1C,EACAJ,EAAoB5K,UAAU8G,WAAa,WACvC,IAAIkE,EAAa,4FACjB,MAAM,0BAAgCA,EAC1C,EACAJ,EAAoB5K,UAAUsL,YAAc,WACxC,IAAIN,EAAa,6FACjB,MAAM,0BAAgCA,EAC1C,EACAJ,EAAoB5K,UAAUiE,QAAU,WACpC,IAAI+G,EAAa,yFACjB,MAAM,0BAAgCA,EAC1C,EACAJ,EAAoB5K,UAAUuL,MAAQ,WAClC,OAAO,QAAUxL,UAAM,OAAQ,GAAQ,WACnC,IAAIiL,EACJ,OAAO,QAAYjL,MAAM,SAAU0B,GAE/B,MADAuJ,EAAa,uFACP,0BAAgCA,EAC1C,GACJ,GACJ,EACAJ,EAAoB5K,UAAU4F,yBAA2B,WACrD,IAAIoF,EAAa,0GACjB,MAAM,0BAAgCA,EAC1C,EACOJ,CACX,CAnGwC,CAmGtChL,E,8HCh1BE4L,EAAmC,SAAUX,GAE7C,SAASW,IACL,OAAkB,OAAXX,GAAmBA,EAAOC,MAAM/K,KAAMgL,YAAchL,IAC/D,CA6EA,OAhFA,QAAUyL,EAAmBX,GAe7BW,EAAkBC,wBAA0B,SAAU5I,EAAeD,EAAad,EAAajC,EAAU4I,EAAUG,EAAQ8C,EAAWC,EAAcC,EAAaC,EAAW9I,EAAW8B,EAAmBC,EAAOgH,EAAiB9I,GAC9N,IAAIvB,EAAIsK,EACJC,EAAW,IAAIR,EACnBQ,EAASnJ,cAAgBA,EACzBmJ,EAASrJ,eAAiB,kBAC1BqJ,EAAS3K,OAASS,EAClB,IAAImK,EAAc,iBAyBlB,GAxBAD,EAASE,SAAWD,EAAYE,WAKhCH,EAASN,UAAYA,EAAUS,WAC/BH,EAASI,kBAAoBT,EAAaQ,WACtCN,IACAG,EAASH,UAAYA,EAAUM,YAEnCH,EAASpJ,YAAcA,EACvBoJ,EAASnM,SAAWA,EACpBmM,EAASlJ,MAAQ2F,EACjBuD,EAAS/I,OAAS2F,EAClBoD,EAASnH,kBAAoBA,EAC7BmH,EAASjJ,UAAY,YAAoBA,GAAa,YAA8BA,EAChF+I,IACAE,EAASF,gBAAkBA,EAC3BE,EAAShJ,oBAAsBA,IAMA,QAA7BvB,EAAKuK,EAASjJ,iBAA8B,IAAPtB,OAAgB,EAASA,EAAG6F,iBAAmB,0BAEtF,OADA0E,EAASrJ,eAAiB,mCAClBqJ,EAASjJ,WACb,KAAK,SAED,IAAIsJ,EAAc,uBAA6BvK,EAAa8J,GAC5D,KAA2F,QAApFG,EAAqB,OAAhBM,QAAwC,IAAhBA,OAAyB,EAASA,EAAYC,WAAwB,IAAPP,OAAgB,EAASA,EAAG3E,KAC3H,MAAM,qCAEV4E,EAASlH,MAAQuH,EAAYC,IAAIlF,IACjC,MACJ,KAAK,SACD4E,EAASlH,MAAQA,EAG7B,OAAOkH,CACX,EAKAR,EAAkBe,oBAAsB,SAAUnI,GAC9C,QAAKA,IAGGA,EAAOoI,eAAe,kBAC1BpI,EAAOoI,eAAe,gBACtBpI,EAAOoI,eAAe,mBACtBpI,EAAOoI,eAAe,UACtBpI,EAAOoI,eAAe,aACtBpI,EAAOoI,eAAe,WACtBpI,EAAOoI,eAAe,YACrBpI,EAAO,oBAAsB,mBAA+BA,EAAO,oBAAsB,oCAClG,EACOoH,CACX,CAlFsC,CAkFpC,I,4GCrFEiB,EAA+B,WAC/B,SAASA,IACT,CA6MA,OAzMAA,EAAczM,UAAUiH,kBAAoB,WACxC,IAAIF,EAAY,CAAChH,KAAK8C,cAAe9C,KAAK6C,aAC1C,OAAOmE,EAAU2F,KAAK,0BAAgCpF,aAC1D,EAIAmF,EAAczM,UAAU2M,mBAAqB,WACzC,OAAOF,EAAcG,wBAAwB,CACzC/J,cAAe9C,KAAK8C,cACpBD,YAAa7C,KAAK6C,YAClB6F,SAAU1I,KAAK+C,MACf+J,SAAU9M,KAAK8M,SACfC,eAAgB/M,KAAK+M,gBAE7B,EAIAL,EAAczM,UAAU+M,aAAe,WACnC,OAAQhN,KAAKiN,eACT,KAAK,uBACD,OAAO,UACX,KAAK,wBACD,OAAO,SACX,KAAK,wBACD,OAAO,WACX,KAAK,0BACD,OAAO,aACX,QACI,MAAM,uCAGlB,EAIAP,EAAczM,UAAUiB,eAAiB,WACrC,MAAO,CACH4B,cAAe9C,KAAK8C,cACpBD,YAAa7C,KAAK6C,YAClB6F,SAAU1I,KAAK+C,MACf+J,SAAU9M,KAAK8M,SACfC,eAAgB/M,KAAK+M,eACrBG,KAAMlN,KAAKkN,KACX7L,cAAerB,KAAKqB,cACpB2C,gBAAiBhE,KAAKgE,gBAE9B,EAKA0I,EAAcG,wBAA0B,SAAUM,GAC9C,IAAIzM,EAAa,CACbyM,EAAiBrK,cACjBqK,EAAiBtK,aAAe,kBAChCsK,EAAiBzE,UAAY,mBAEjC,OAAOhI,EAAWiM,KAAK,0BAAgCpF,aAC3D,EAQAmF,EAAcU,cAAgB,SAAUC,EAAYvK,EAAe3B,EAASmJ,EAAWgD,EAAoBC,EAAa1K,EAAamB,GACjI,IAAItC,EAAIsK,EAAIwB,EAAIC,EAAIC,EAAIC,EACpB/L,EAAU,IAAI8K,EAClB9K,EAAQqL,cAAgB,wBACxBrL,EAAQyL,WAAaA,EACrBzL,EAAQkB,cAAgBA,EACxBlB,EAAQoC,gBAAkBA,EAC1B,IAAI4J,EAAM/K,GAAgByH,GAAaA,EAAUuD,oBACjD,IAAKD,EACD,MAAM,yCAKV,GAHAhM,EAAQiB,YAAc+K,EAEtBhM,EAAQmB,OAAqF,QAA3ErB,EAAiB,OAAZP,QAAgC,IAAZA,OAAqB,EAASA,EAAQI,cAA2B,IAAPG,OAAgB,EAASA,EAAGoM,MAAQ,kBACrI3M,EAAS,CACTS,EAAQP,cAAgBF,EAAQI,OAEhCK,EAAQmL,gBAA8F,QAA3Ef,EAAiB,OAAZ7K,QAAgC,IAAZA,OAAqB,EAASA,EAAQI,cAA2B,IAAPyK,OAAgB,EAASA,EAAG+B,OAAqF,QAA3EP,EAAiB,OAAZrM,QAAgC,IAAZA,OAAqB,EAASA,EAAQI,cAA2B,IAAPiM,OAAgB,EAASA,EAAGQ,MAAQ,kBAM3Q,IAAIC,EAAgG,QAA3ER,EAAiB,OAAZtM,QAAgC,IAAZA,OAAqB,EAASA,EAAQI,cAA2B,IAAPkM,OAAgB,EAASA,EAAGS,mBACpIC,GAAqF,QAA3ET,EAAiB,OAAZvM,QAAgC,IAAZA,OAAqB,EAASA,EAAQI,cAA2B,IAAPmM,OAAgB,EAASA,EAAGU,QAAUjN,EAAQI,OAAO6M,OAAO,GAAK,KAClKxM,EAAQkL,SAAWmB,GAAqBE,GAAS,kBACjDvM,EAAQsL,KAAmF,QAA3ES,EAAiB,OAAZxM,QAAgC,IAAZA,OAAqB,EAASA,EAAQI,cAA2B,IAAPoM,OAAgB,EAASA,EAAGT,IACnI,CAGA,OAFAtL,EAAQ0L,mBAAqBA,EAC7B1L,EAAQ2L,YAAcA,EACf3L,CACX,EAMA8K,EAAc2B,qBAAuB,SAAUvL,EAAe3B,EAASmJ,EAAWgD,EAAoBC,EAAa1K,GAC/G,IAAInB,EAAIsK,EAAIwB,EAAIC,EACZ7L,EAAU,IAAI8K,EAClB9K,EAAQqL,cAAiB3C,GACrBA,EAAU2C,gBAAkB,SAAsB,uBAAqC,0BAC3FrL,EAAQkB,cAAgBA,EAExBlB,EAAQmB,MAAQ,kBAChB,IAAI6K,EAAM/K,GAAeyH,GAAaA,EAAUuD,oBAChD,IAAKD,EACD,MAAM,yCAiBV,OAfIzM,IAEAS,EAAQmL,gBAA8F,QAA3ErL,EAAiB,OAAZP,QAAgC,IAAZA,OAAqB,EAASA,EAAQI,cAA2B,IAAPG,OAAgB,EAASA,EAAGqM,OAAqF,QAA3E/B,EAAiB,OAAZ7K,QAAgC,IAAZA,OAAqB,EAASA,EAAQI,cAA2B,IAAPyK,OAAgB,EAASA,EAAGgC,MAAQ,kBAE3QpM,EAAQkL,UAAwF,QAA3EU,EAAiB,OAAZrM,QAAgC,IAAZA,OAAqB,EAASA,EAAQI,cAA2B,IAAPiM,OAAgB,EAASA,EAAGc,MAAQ,kBAC5I1M,EAAQsL,MAAoF,QAA3EO,EAAiB,OAAZtM,QAAgC,IAAZA,OAAqB,EAASA,EAAQI,cAA2B,IAAPkM,OAAgB,EAASA,EAAGP,OAAS,kBACzItL,EAAQP,cAA4B,OAAZF,QAAgC,IAAZA,OAAqB,EAASA,EAAQI,QAEtFK,EAAQiB,YAAc+K,EACtBhM,EAAQ0L,mBAAqBA,EAC7B1L,EAAQ2L,YAAcA,EAKf3L,CACX,EAMA8K,EAAc6B,sBAAwB,SAAUC,EAAkBC,EAAUC,EAAQC,EAAWxN,GAC3F,IAAIO,EACAsF,GAAyF,QAA3EtF,EAAiB,OAAZP,QAAgC,IAAZA,OAAqB,EAASA,EAAQI,cAA2B,IAAPG,OAAgB,EAASA,EAAGsM,KAAO7M,EAAQI,OAAOyM,IAAM,kBAE7J,GAAIS,IAAa,UAAsBA,IAAa,SAChD,OAAOzH,EAGX,GAAIwH,EACA,IACI,IAAInB,GAAa,OAAgBmB,EAAkBG,GACnD,IAAK,YAAoBtB,EAAWuB,OAAS,YAAoBvB,EAAWwB,MACxE,MAAO,GAAKxB,EAAWuB,IAAM,2BAAmCvB,EAAWwB,IAGvE,CAAZ,MAAOC,GAAK,CAIhB,OADAJ,EAAOK,QAAQ,8BACR/H,CACX,EAKA0F,EAAcsC,gBAAkB,SAAU3K,GACtC,QAAKA,IAGGA,EAAOoI,eAAe,kBAC1BpI,EAAOoI,eAAe,gBACtBpI,EAAOoI,eAAe,UACtBpI,EAAOoI,eAAe,mBACtBpI,EAAOoI,eAAe,aACtBpI,EAAOoI,eAAe,iBAC9B,EAOAC,EAAcuC,mBAAqB,SAAUC,EAAUC,EAAUC,GAC7D,IAAKF,IAAaC,EACd,OAAO,EAEX,IAAIE,GAAc,EAClB,GAAID,EAAe,CACf,IAAIE,EAAkBJ,EAAS7N,eAAiB,CAAC,EAC7CkO,EAAkBJ,EAAS9N,eAAiB,CAAC,EAEjDgO,EAAeC,EAAeE,MAAQD,EAAeC,KAChDF,EAAeG,QAAUF,EAAeE,KACjD,CACA,OAAQP,EAASpM,gBAAkBqM,EAASrM,eACvCoM,EAASnC,iBAAmBoC,EAASpC,gBACrCmC,EAASpC,WAAaqC,EAASrC,UAC/BoC,EAASxG,WAAayG,EAASzG,UAC/BwG,EAASrM,cAAgBsM,EAAStM,aAClCqM,EAASlL,kBAAoBmL,EAASnL,iBACvCqL,CACR,EACO3C,CACX,CAhNkC,E,qECb9BgD,EAAmC,WACnC,SAASA,IACT,CA6CA,OAzCAA,EAAkBzP,UAAU0P,uBAAyB,WACjD,OAAOD,EAAkBE,4BAA4B5P,KAAK6C,YAAa7C,KAAKF,SAChF,EAIA4P,EAAkBE,4BAA8B,SAAU/M,EAAa/C,GACnE,IAAI+P,EAAsB,CACtB,KACAhN,EACA/C,GAEJ,OAAO+P,EAAoBlD,KAAK,0BAAgCpF,aACpE,EAOAmI,EAAkBI,wBAA0B,SAAUhQ,EAAU+C,EAAagC,GACzE,IAAIzC,EAAc,IAAIsN,EAMtB,OALAtN,EAAYtC,SAAWA,EACvBsC,EAAYS,YAAcA,EACtBgC,IACAzC,EAAYyC,SAAWA,GAEpBzC,CACX,EAKAsN,EAAkBK,oBAAsB,SAAU3M,EAAKiB,GACnD,QAAKA,IAGiC,IAA9BjB,EAAIoD,QAAQ,OAChBnC,EAAOoI,eAAe,aACtBpI,EAAOoI,eAAe,eAC9B,EACOiD,CACX,CAhDsC;0HCblCM,EAAyC,WACzC,SAASA,IACLhQ,KAAKiQ,UAAY,iBAAyB,yBAC9C,CAiEA,OA3DAD,EAAwB/P,UAAUiQ,6BAA+B,SAAUC,EAAUC,GACjFpQ,KAAK0G,QAAUyJ,EAASzJ,QACxB1G,KAAKqQ,gBAAkBF,EAASE,gBAChCrQ,KAAKsQ,kBAAoBH,EAASG,kBAClCtQ,KAAKuQ,mBAAqBH,CAC9B,EAMAJ,EAAwB/P,UAAUuQ,uBAAyB,SAAUL,EAAUC,GAC3EpQ,KAAKyQ,uBAAyBN,EAASM,uBACvCzQ,KAAK0Q,eAAiBP,EAASO,eAC/B1Q,KAAK2Q,qBAAuBR,EAASQ,qBACrC3Q,KAAK4Q,OAAST,EAASS,OACvB5Q,KAAK6Q,qBAAuBT,EAC5BpQ,KAAK8Q,SAAWX,EAASW,QAC7B,EAKAd,EAAwB/P,UAAU8Q,yBAA2B,SAAUzG,GACnEtK,KAAKgR,oBAAsB1G,CAC/B,EAIA0F,EAAwB/P,UAAUgR,eAAiB,WAC/CjR,KAAKiQ,UAAY,iBAAyB,yBAC9C,EAIAD,EAAwB/P,UAAUiR,UAAY,WAC1C,OAAOlR,KAAKiQ,WAAa,gBAC7B,EAKAD,EAAwBmB,0BAA4B,SAAU/N,EAAKiB,GAC/D,QAAKA,IAG2D,IAAxDjB,EAAIoD,QAAQ,iBAChBnC,EAAOoI,eAAe,YACtBpI,EAAOoI,eAAe,oBACtBpI,EAAOoI,eAAe,sBACtBpI,EAAOoI,eAAe,wBACtBpI,EAAOoI,eAAe,2BACtBpI,EAAOoI,eAAe,mBACtBpI,EAAOoI,eAAe,WACtBpI,EAAOoI,eAAe,uBACtBpI,EAAOoI,eAAe,yBACtBpI,EAAOoI,eAAe,cACtBpI,EAAOoI,eAAe,YAC9B,EACOuD,CACX,CArE4C,E;;ACH5C,IAAIoB,EAA6B,WAC7B,SAASA,EAAYrQ,EAAesQ,EAAeC,EAAmBC,EAAoBC,GACtFxR,KAAK4B,QAAUb,GAAiB,KAChCf,KAAKmB,QAAUkQ,GAAiB,KAChCrR,KAAK+B,YAAcuP,GAAqB,KACxCtR,KAAKkC,aAAeqP,GAAsB,KAC1CvR,KAAKoC,YAAcoP,GAAqB,IAC5C,CACA,OAAOJ,CACX,CATgC,E,6ECyB5BK,EAAkC,WAClC,SAASA,IACT,CA8HA,OA1HAA,EAAiBxR,UAAUiH,kBAAoB,WAC3C,OAAOuK,EAAiBC,6BAA6B1R,KAAK8C,cAAe9C,KAAK6C,YAClF,EAIA4O,EAAiBxR,UAAU0R,qBAAuB,WAC9C,OAAOF,EAAiBG,gCAAgC5R,KAAK4C,eAAgB5C,KAAKF,SAAUE,KAAK+C,MAAO/C,KAAK6E,SACjH,EAIA4M,EAAiBxR,UAAU4R,eAAiB,WACxC,OAAOJ,EAAiBK,0BAA0B9R,KAAKkD,OAC3D,EAIAuO,EAAiBxR,UAAUqH,sBAAwB,WAC/C,OAAOmK,EAAiBM,2BAA2B/R,KAAK8C,cAAe9C,KAAK6C,YAAa7C,KAAK4C,eAAgB5C,KAAKF,SAAUE,KAAK+C,MAAO/C,KAAKkD,OAAQlD,KAAK6E,SAAU7E,KAAKgD,UAAWhD,KAAKiD,oBAC9L,EAIAwO,EAAiBxR,UAAU+M,aAAe,WACtC,OAAQhN,KAAK4C,gBACT,KAAK,cACD,OAAO,cACX,KAAK,kBACL,KAAK,mCACD,OAAO,kBACX,KAAK,mBACD,OAAO,mBACX,QACI,MAAM,0CAGlB,EAKA6O,EAAiBO,kBAAoB,SAAU5O,GAE3C,OAAgE,IAA5DA,EAAIoD,QAAQ,kCAEqE,IAA7EpD,EAAIoD,QAAQ,kDACL,mCAEJ,mBAEsD,IAAxDpD,EAAIoD,QAAQ,6BACV,eAE2D,IAA7DpD,EAAIoD,QAAQ,kCACV,mBAEJ,gBACX,EAKAiL,EAAiBM,2BAA6B,SAAUjP,EAAeD,EAAaD,EAAgB9C,EAAUiD,EAAOG,EAAQ2B,EAAU7B,EAAWC,GAC9I,IAAIgP,EAAgB,CAChBjS,KAAK0R,6BAA6B5O,EAAeD,GACjD7C,KAAK4R,gCAAgChP,EAAgB9C,EAAUiD,EAAO8B,GACtE7E,KAAK8R,0BAA0B5O,GAC/BlD,KAAKkS,8BAA8BjP,GACnCjD,KAAKmS,0BAA0BnP,IAEnC,OAAOiP,EAActF,KAAK,0BAAgCpF,aAC9D,EAMAkK,EAAiBC,6BAA+B,SAAU5O,EAAeD,GACrE,IAAImE,EAAY,CAAClE,EAAeD,GAChC,OAAOmE,EAAU2F,KAAK,0BAAgCpF,aAC1D,EAQAkK,EAAiBG,gCAAkC,SAAUhP,EAAgB9C,EAAUiD,EAAO8B,GAC1F,IAAIuN,EAAmBxP,IAAmB,oBACpCiC,GACA/E,EACFuS,EAAe,CACfzP,EACAwP,EACArP,GAAS,mBAEb,OAAOsP,EAAa1F,KAAK,0BAAgCpF,aAC7D,EAIAkK,EAAiBK,0BAA4B,SAAUjJ,GACnD,OAAQA,GAAU,mBAAwBtB,aAC9C,EAIAkK,EAAiBS,8BAAgC,SAAUjP,GACvD,OAAQA,GAAuB,mBAAwBsE,aAC3D,EAIAkK,EAAiBU,0BAA4B,SAAUnP,GAKnD,OAAQA,GAAaA,EAAUuE,gBAAkB,0BAA6CvE,EAAUuE,cAAgB,iBAC5H,EACOkK,CACX,CAjIqC,E,uFCJjCa,EAA+B,SAAUxH,GAEzC,SAASwH,IACL,OAAkB,OAAXxH,GAAmBA,EAAOC,MAAM/K,KAAMgL,YAAchL,IAC/D,CAkCA,OArCA,QAAUsS,EAAexH,GAWzBwH,EAAcC,oBAAsB,SAAUzP,EAAeD,EAAa1B,EAASrB,EAAU4I,GACzF,IAAI2I,EAAgB,IAAIiB,EAOxB,OANAjB,EAAczO,eAAiB,cAC/ByO,EAAcvO,cAAgBA,EAC9BuO,EAAcxO,YAAcA,EAC5BwO,EAAcvR,SAAWA,EACzBuR,EAAc/P,OAASH,EACvBkQ,EAActO,MAAQ2F,EACf2I,CACX,EAKAiB,EAAcE,gBAAkB,SAAUnO,GACtC,QAAKA,IAGGA,EAAOoI,eAAe,kBAC1BpI,EAAOoI,eAAe,gBACtBpI,EAAOoI,eAAe,mBACtBpI,EAAOoI,eAAe,UACtBpI,EAAOoI,eAAe,aACtBpI,EAAOoI,eAAe,WACtBpI,EAAO,oBAAsB,cACrC,EACOiO,CACX,CAvCkC,CAuChC,I,wFCrCEG,EAAoC,SAAU3H,GAE9C,SAAS2H,IACL,OAAkB,OAAX3H,GAAmBA,EAAOC,MAAM/K,KAAMgL,YAAchL,IAC/D,CAmCA,OAtCA,QAAUyS,EAAoB3H,GAW9B2H,EAAmBC,yBAA2B,SAAU5P,EAAeD,EAAaX,EAAcpC,EAAU+E,EAAUC,GAClH,IAAI6N,EAAW,IAAIF,EASnB,OARAE,EAAS7S,SAAWA,EACpB6S,EAAS/P,eAAiB,mBAC1B+P,EAAS9P,YAAcA,EACvB8P,EAAS7P,cAAgBA,EACzB6P,EAASrR,OAASY,EAClByQ,EAAS7N,kBAAoBA,EACzBD,IACA8N,EAAS9N,SAAWA,GACjB8N,CACX,EAKAF,EAAmBG,qBAAuB,SAAUvO,GAChD,QAAKA,IAGGA,EAAOoI,eAAe,kBAC1BpI,EAAOoI,eAAe,gBACtBpI,EAAOoI,eAAe,mBACtBpI,EAAOoI,eAAe,aACtBpI,EAAOoI,eAAe,WACtBpI,EAAO,oBAAsB,mBACrC,EACOoO,CACX,CAxCuC,CAwCrC,I,qEC7DEI,EAAuC,WACvC,SAASA,IACL7S,KAAK8S,eAAiB,GACtB9S,KAAK+S,OAAS,GACd/S,KAAKgT,UAAY,CACrB,CAiBA,OAXAH,EAAsBI,wBAA0B,SAAU7P,EAAKiB,GAC3D,IAAI6O,EAAgE,IAAlD9P,EAAIoD,QAAQ,gBAC1B2M,GAAiB,EAOrB,OANI9O,IACA8O,EACI9O,EAAOoI,eAAe,mBAClBpI,EAAOoI,eAAe,WACtBpI,EAAOoI,eAAe,cAE3ByG,GAAeC,CAC1B,EACON,CACX,CAvB0C;gHCAtCO,EAAkC,WAClC,SAASA,IACT,CAiBA,OAXAA,EAAiBC,mBAAqB,SAAUjQ,EAAKiB,GACjD,IAAI6O,GAAc,EACd9P,IACA8P,EAAqE,IAAvD9P,EAAIoD,QAAQ,yBAE9B,IAAI2M,GAAiB,EAIrB,OAHI9O,IACA8O,EAAiB9O,EAAOoI,eAAe,iBAEpCyG,GAAeC,CAC1B,EACOC,CACX,CApBqC;;;ACCjC,IAAIE,EAAmC,WACvC,SAASA,EAAkBC,EAAYC,GACnCxT,KAAKyT,MAAQF,EACbvT,KAAKwT,WAAaA,CACtB,CAqBA,OApBAjT,OAAOmT,eAAeJ,EAAkBrT,UAAW,kBAAmB,CAIlE0T,IAAK,WACD,OAAO3T,KAAKwT,UAChB,EACAI,YAAY,EACZC,cAAc,IAElBtT,OAAOmT,eAAeJ,EAAkBrT,UAAW,aAAc,CAI7D0T,IAAK,WACD,OAAO3T,KAAKyT,KAChB,EACAG,YAAY,EACZC,cAAc,IAEXP,CACX,CA1B0C,E,sMCetCQ,EAAyC,SAAUhJ,GAEnD,SAASgJ,EAAwBC,GAC7B,IAAI5T,EAAQ2K,EAAOkJ,KAAKhU,KAAM+T,IAAkB/T,KAGhD,OADAG,EAAM8T,oBAAqB,EACpB9T,CACX,CAkbA,OAxbA,QAAU2T,EAAyBhJ,GAiBnCgJ,EAAwB7T,UAAUiU,eAAiB,SAAUtM,GACzD,OAAO,QAAU5H,UAAM,OAAQ,GAAQ,WACnC,IAAImU,EACJ,OAAO,QAAYnU,MAAM,SAAU0B,GAC/B,OAAQA,EAAGC,OACP,KAAK,EAAG,MAAO,CAAC,EAAa3B,KAAKoU,6BAA6BxM,IAC/D,KAAK,EAED,OADAuM,EAAczS,EAAGO,OACV,CAAC,EAAc,sBAA4BjC,KAAKsK,UAAU+J,sBAAuBF,IAEpG,GACJ,GACJ,EAMAL,EAAwB7T,UAAUqU,aAAe,SAAU1M,EAAS2M,GAChE,IAAI7S,EACJ,OAAO,QAAU1B,UAAM,OAAQ,GAAQ,WACnC,IAAIwU,EAAcC,EAAUC,EAAWC,EACvC,OAAO,QAAY3U,MAAM,SAAUgM,GAC/B,OAAQA,EAAGrK,OACP,KAAK,EAED,GADA3B,KAAK0O,OAAOkG,KAAK,yBACZhN,GAAW,YAAoBA,EAAQiN,MACxC,MAAM,0CAGV,OADAL,EAAe,iBACR,CAAC,EAAaxU,KAAK8U,oBAAoB9U,KAAKsK,UAAW1C,IAClE,KAAK,EAMD,OALA6M,EAAWzI,EAAG/J,OACdyS,EAAwC,QAA3BhT,EAAK+S,EAASM,eAA4B,IAAPrT,OAAgB,EAASA,EAAG,sBAC5EiT,EAAkB,IAAI,IAAgB3U,KAAKgV,OAAOC,YAAYnV,SAAUE,KAAKkV,aAAclV,KAAK6L,YAAa7L,KAAK0O,OAAQ1O,KAAKgV,OAAOG,kBAAmBnV,KAAKgV,OAAOI,mBAErKT,EAAgBU,sBAAsBZ,EAASa,MACxC,CAAC,EAAaX,EAAgBY,0BAA0Bd,EAASa,KAAMtV,KAAKsK,UAAWkK,EAAc5M,EAAS2M,OAAiBjL,OAAWA,OAAWA,EAAWoL,IAC3K,KAAK,EAAG,MAAO,CAAC,EAAc1I,EAAG/J,QAEzC,GACJ,GACJ,EAMA6R,EAAwB7T,UAAUuV,uBAAyB,SAAUC,EAAcC,GAE/E,IAAIf,EAAkB,IAAI,IAAgB3U,KAAKgV,OAAOC,YAAYnV,SAAUE,KAAKkV,aAAclV,KAAK6L,YAAa7L,KAAK0O,OAAQ,KAAM,MAEhIiH,EAAgB,IAAI,IAAUF,GAE9BG,EAAe,wBAA8BD,EAAcE,WAI/D,GAFAlB,EAAgBmB,wCAAwCF,EAAcF,EAAa1V,KAAK6L,cAEnF+J,EAAaf,KACd,MAAM,4CAEV,OAAO,SAAS,QAAS,CAAC,EAAGe,GAAe,CAExCf,KAAMe,EAAaf,MAC3B,EAMAf,EAAwB7T,UAAU8V,aAAe,SAAUC,GAEvD,IAAKA,EACD,MAAM,oCAEV,IAAI7B,EAAcnU,KAAKiW,2BAA2BD,GAElD,OAAO,sBAA4BhW,KAAKsK,UAAU4L,mBAAoB/B,EAC1E,EAMAL,EAAwB7T,UAAU6U,oBAAsB,SAAUxK,EAAW1C,GACzE,OAAO,QAAU5H,UAAM,OAAQ,GAAQ,WACnC,IAAImW,EAAYC,EAAaC,EAAiBC,EAAejJ,EAAY0H,EAASwB,EAClF,OAAO,QAAYvW,MAAM,SAAU0B,GAC/B,OAAQA,EAAGC,OACP,KAAK,EAYD,OAXAwU,EAAa,CACTrW,SAAUE,KAAKgV,OAAOC,YAAYnV,SAClCwK,UAAWA,EAAUkM,mBACrB3N,OAAQjB,EAAQiB,OAChBtH,OAAQqG,EAAQrG,OAChBwH,qBAAsBnB,EAAQmB,qBAC9B0N,sBAAuB7O,EAAQ6O,sBAC/BC,mBAAoB9O,EAAQ8O,mBAC5BC,UAAW/O,EAAQ+O,UACnBzN,OAAQtB,EAAQsB,QAEb,CAAC,EAAalJ,KAAK4W,uBAAuBhP,IACrD,KAAK,EAID,GAHAwO,EAAc1U,EAAGO,OACjBoU,EAAkBrW,KAAK6W,2BAA2BjP,GAClD0O,OAAgBhN,EACZ1B,EAAQyF,WACR,IACIA,GAAa,OAAgBzF,EAAQyF,WAAYrN,KAAK6L,aACtDyK,EAAgB,CACZhU,WAAY,GAAK+K,EAAWuB,IAAM,2BAAmCvB,EAAWwB,KAChFiI,KAAM,oBAKd,CAFA,MAAOhI,GACH9O,KAAK0O,OAAOK,QAAQ,+CAAiDD,EACzE,CAIJ,OAFAiG,EAAU/U,KAAK+W,0BAA0BT,GAAiB1O,EAAQ0O,eAClEC,EAAW,YAAoBF,GAAmB/L,EAAU0M,cAAgB1M,EAAU0M,cAAgB,IAAMX,EACrG,CAAC,EAAcrW,KAAKiX,2BAA2BV,EAAUH,EAAarB,EAASoB,IAElG,GACJ,GACJ,EAKArC,EAAwB7T,UAAU4W,2BAA6B,SAAUjP,GACrE,IAAIsP,EAAmB,IAAI,IAI3B,OAHItP,EAAQuP,sBACRD,EAAiBE,wBAAwBxP,EAAQuP,sBAE9CD,EAAiBG,mBAC5B,EAKAvD,EAAwB7T,UAAU2W,uBAAyB,SAAUhP,GACjE,OAAO,QAAU5H,UAAM,OAAQ,GAAQ,WACnC,IAAIkX,EAAkBI,EAAiBC,EAAmBC,EAAYC,EAAeC,EAAqBrK,EACtG3L,EACJ,OAAO,QAAY1B,MAAM,SAAUgM,GAC/B,OAAQA,EAAGrK,OACP,KAAK,EAwCD,OAvCAuV,EAAmB,IAAI,IACvBA,EAAiBS,YAAY3X,KAAKgV,OAAOC,YAAYnV,UAKhDE,KAAKiU,mBAMNiD,EAAiBU,eAAehQ,EAAQiQ,aAJxC,wBAAqCjQ,EAAQiQ,aAOjDX,EAAiBY,UAAUlQ,EAAQiB,QAEnCqO,EAAiBa,qBAAqBnQ,EAAQiN,MAE9CqC,EAAiBc,eAAehY,KAAKgV,OAAOiD,aAC5Cf,EAAiBgB,wBAAwBlY,KAAKgV,OAAOmD,UAAUC,aAC/DlB,EAAiBmB,gBACbrY,KAAKsY,wBACLpB,EAAiBqB,mBAAmBvY,KAAKsY,wBAGzC1Q,EAAQ4Q,cACRtB,EAAiBuB,gBAAgB7Q,EAAQ4Q,cAEzCxY,KAAKgV,OAAO0D,kBAAkBC,cAC9BzB,EAAiB0B,gBAAgB5Y,KAAKgV,OAAO0D,kBAAkBC,cAE/D3Y,KAAKgV,OAAO0D,kBAAkBpB,kBAC9BA,EAAkBtX,KAAKgV,OAAO0D,kBAAkBpB,gBAChDJ,EAAiB2B,mBAAmBvB,EAAgBwB,WACpD5B,EAAiB6B,uBAAuBzB,EAAgB0B,gBAE5D9B,EAAiB+B,aAAa,+BAC9B/B,EAAiBgC,gBACXtR,EAAQmB,uBAAyB,SAAkC,CAAC,EAAa,IACvFwO,EAAoB,IAAI,IAAkBvX,KAAK6L,aACxC,CAAC,EAAa0L,EAAkB4B,YAAYvR,KACvD,KAAK,EAID,OAHA4P,EAAaxL,EAAG/J,OAEhBiV,EAAiBkC,YAAY5B,EAAW6B,cACjC,CAAC,EAAa,GACzB,KAAK,EACD,GAAIzR,EAAQmB,uBAAyB,SAA0B,CAC3D,IAAInB,EAAQ0R,OAIR,MAAM,+BAHNpC,EAAiBqC,UAAU3R,EAAQ0R,OAK3C,CACAtN,EAAGrK,MAAQ,EACf,KAAK,EAOD,GANA8V,EAAgB7P,EAAQ6P,eAAiBzX,KAAKgV,OAAOwE,gBAAgBC,gBACrEvC,EAAiBwC,iBAAiBjC,KAC7B,eAAuB7P,EAAQrG,SAAWvB,KAAKgV,OAAOC,YAAY0E,oBAAsB3Z,KAAKgV,OAAOC,YAAY0E,mBAAmB/Y,OAAS,IAC7IsW,EAAiB0C,UAAUhS,EAAQrG,OAAQvB,KAAKgV,OAAOC,YAAY0E,oBAEvEjC,OAAUpO,EACN1B,EAAQyF,WACR,IACIA,GAAa,OAAgBzF,EAAQyF,WAAYrN,KAAK6L,aACtD6L,EAAU,CACNpV,WAAY,GAAK+K,EAAWuB,IAAM,2BAAmCvB,EAAWwB,KAChFiI,KAAM,oBAKd,CAFA,MAAOhI,GACH9O,KAAK0O,OAAOK,QAAQ,+CAAiDD,EACzE,MAGA4I,EAAU9P,EAAQ0O,cAGtB,GAAItW,KAAKgV,OAAO6E,cAAcC,sBAAwBpC,EAClD,OAAQA,EAAQZ,MACZ,KAAK,oBACD,IACIzJ,GAAa,OAAiCqK,EAAQpV,YACtD4U,EAAiB6C,UAAU1M,EAI/B,CAFA,MAAOyB,GACH9O,KAAK0O,OAAOK,QAAQ,mDAAqDD,EAC7E,CACA,MACJ,KAAK,QACDoI,EAAiB8C,UAAUtC,EAAQpV,YACnC,MAYZ,OATIsF,EAAQqS,qBACR/C,EAAiBE,wBAAwBxP,EAAQqS,sBAGjDrS,EAAQsS,4BAAgCtS,EAAQqS,qBAAwBrS,EAAQqS,oBAAoB,uBACpG/C,EAAiBE,yBAAyB1V,EAAK,CAAC,EAC5CA,EAAG,sBAAsC,IACzCA,IAED,CAAC,EAAcwV,EAAiBG,qBAEnD,GACJ,GACJ,EAKAvD,EAAwB7T,UAAUmU,6BAA+B,SAAUxM,GACvE,OAAO,QAAU5H,UAAM,OAAQ,GAAQ,WACnC,IAAIkX,EAAkBiD,EAAe1C,EAAe2C,EAAYC,EAA+ChN,EAAYkK,EAAmBC,EAC9I,OAAO,QAAYxX,MAAM,SAAU0B,GAC/B,OAAQA,EAAGC,OACP,KAAK,EA4BD,GA3BAuV,EAAmB,IAAI,IACvBA,EAAiBS,YAAY3X,KAAKgV,OAAOC,YAAYnV,UACrDqa,GAAgB,QAAevS,EAAQiB,QAAU,GAAIjB,EAAQ0S,sBAAwB,IACrFpD,EAAiBY,UAAUqC,GAE3BjD,EAAiBU,eAAehQ,EAAQiQ,aACxCJ,EAAgB7P,EAAQ6P,eAAiBzX,KAAKgV,OAAOwE,gBAAgBC,gBACrEvC,EAAiBwC,iBAAiBjC,GAElCP,EAAiBqD,gBAAgB3S,EAAQ4S,cAEzCtD,EAAiBuD,sBAEjBvD,EAAiBc,eAAehY,KAAKgV,OAAOiD,aAC5Cf,EAAiBgB,wBAAwBlY,KAAKgV,OAAOmD,UAAUC,aAE/DlB,EAAiBgC,gBACbtR,EAAQ8S,eAAiB9S,EAAQ+S,qBACjCzD,EAAiB0D,uBAAuBhT,EAAQ8S,cAAe9S,EAAQ+S,qBAEvE/S,EAAQiT,QACR3D,EAAiB4D,UAAUlT,EAAQiT,QAEnCjT,EAAQmT,YACR7D,EAAiB8D,cAAcpT,EAAQmT,YAGvCnT,EAAQiT,SAAW,oBAEnB,GAAIjT,EAAQqT,KAAOrT,EAAQiT,SAAW,UAElC7a,KAAK0O,OAAOK,QAAQ,yEACpBmI,EAAiBgE,OAAOtT,EAAQqT,UAE/B,GAAIrT,EAAQhG,SAIb,GAHAwY,EAAapa,KAAKmb,kBAAkBvT,EAAQhG,SAC5CyY,EAAwBra,KAAKob,iBAAiBxT,EAAQhG,SAElDyY,EAAuB,CACvBra,KAAK0O,OAAOK,QAAQ,qEACpBmI,EAAiBmE,aAAahB,GAC9B,IACIhN,GAAa,OAAiCzF,EAAQhG,QAAQkB,eAC9DoU,EAAiB6C,UAAU1M,EAI/B,CAFA,MAAOyB,GACH9O,KAAK0O,OAAOK,QAAQ,+EACxB,CACJ,MACK,GAAIqL,GAAcxS,EAAQiT,SAAW,UAAkB,CAKxD7a,KAAK0O,OAAOK,QAAQ,yEACpBmI,EAAiBgE,OAAOd,GACxB,IACI/M,GAAa,OAAiCzF,EAAQhG,QAAQkB,eAC9DoU,EAAiB6C,UAAU1M,EAI/B,CAFA,MAAOyB,GACH9O,KAAK0O,OAAOK,QAAQ,+EACxB,CACJ,MACK,GAAInH,EAAQ0T,UACbtb,KAAK0O,OAAOK,QAAQ,gEACpBmI,EAAiBmE,aAAazT,EAAQ0T,WACtCpE,EAAiB8C,UAAUpS,EAAQ0T,gBAElC,GAAI1T,EAAQhG,QAAQkL,SAAU,CAE/B9M,KAAK0O,OAAOK,QAAQ,gEACpBmI,EAAiBmE,aAAazT,EAAQhG,QAAQkL,UAC9C,IACIO,GAAa,OAAiCzF,EAAQhG,QAAQkB,eAC9DoU,EAAiB6C,UAAU1M,EAI/B,CAFA,MAAOyB,GACH9O,KAAK0O,OAAOK,QAAQ,+EACxB,CACJ,OAEKnH,EAAQ0T,YACbtb,KAAK0O,OAAOK,QAAQ,4EACpBmI,EAAiBmE,aAAazT,EAAQ0T,WACtCpE,EAAiB8C,UAAUpS,EAAQ0T,iBAIvCtb,KAAK0O,OAAOK,QAAQ,kFAcxB,OAZInH,EAAQ6H,OACRyH,EAAiBqE,SAAS3T,EAAQ6H,OAElC7H,EAAQ4T,OACRtE,EAAiBuE,SAAS7T,EAAQ4T,SAEjC,YAAoB5T,EAAQrG,SAAWvB,KAAKgV,OAAOC,YAAY0E,oBAAsB3Z,KAAKgV,OAAOC,YAAY0E,mBAAmB/Y,OAAS,IAC1IsW,EAAiB0C,UAAUhS,EAAQrG,OAAQvB,KAAKgV,OAAOC,YAAY0E,oBAEnE/R,EAAQ8T,sBACRxE,EAAiBE,wBAAwBxP,EAAQ8T,sBAEhD9T,EAAQ+T,cAEbzE,EAAiB0E,kBACXhU,EAAQmB,uBAAyB,SAAkC,CAAC,EAAa,IACvFwO,EAAoB,IAAI,IAAkBvX,KAAK6L,aACxC,CAAC,EAAa0L,EAAkB4B,YAAYvR,MALjB,CAAC,EAAa,GAMpD,KAAK,EACD4P,EAAa9V,EAAGO,OAChBiV,EAAiBkC,YAAY5B,EAAWqE,YACxCna,EAAGC,MAAQ,EACf,KAAK,EAAG,MAAO,CAAC,EAAcuV,EAAiBG,qBAEvD,GACJ,GACJ,EAKAvD,EAAwB7T,UAAUgW,2BAA6B,SAAUrO,GACrE,IAAIsP,EAAmB,IAAI,IAmB3B,OAlBItP,EAAQkU,uBACR5E,EAAiB6E,yBAAyBnU,EAAQkU,uBAElDlU,EAAQ6P,eACRP,EAAiBwC,iBAAiB9R,EAAQ6P,eAE1C7P,EAAQoU,aACR9E,EAAiB+E,eAAerU,EAAQoU,aAExCpU,EAAQ4T,OACRtE,EAAiBuE,SAAS7T,EAAQ4T,OAElC5T,EAAQsU,YACRhF,EAAiBiF,cAAcvU,EAAQsU,YAEvCtU,EAAQ8T,sBACRxE,EAAiBE,wBAAwBxP,EAAQ8T,sBAE9CxE,EAAiBG,mBAC5B,EAKAvD,EAAwB7T,UAAUkb,kBAAoB,SAAUvZ,GAC5D,IAAIF,EACJ,OAAyC,QAAhCA,EAAKE,EAAQP,qBAAkC,IAAPK,OAAgB,EAASA,EAAGuZ,MAAQ,IACzF,EACAnH,EAAwB7T,UAAUmb,iBAAmB,SAAUxZ,GAC3D,IAAIF,EACJ,OAAyC,QAAhCA,EAAKE,EAAQP,qBAAkC,IAAPK,OAAgB,EAASA,EAAG0a,aAAe,IAChG,EACOtI,CACX,CA1b4C,CA0b1C,I,4GCvcEuI,EAAgC,WAChC,SAASA,EAAeC,EAAepH,GACnClV,KAAKsc,cAAgBA,EACrBtc,KAAKkV,aAAeA,CACxB,CAoCA,OA7BAmH,EAAepc,UAAUsc,gBAAkB,SAAUpG,EAAYa,EAAewF,GAC5E,OAAO,QAAUxc,UAAM,OAAQ,GAAQ,WACnC,IAAIyU,EAAUgI,EACd,OAAO,QAAYzc,MAAM,SAAU0B,GAC/B,OAAQA,EAAGC,OACP,KAAK,EACD+a,EAAA,aAA2B1c,KAAKkV,aAAciB,GAC9CzU,EAAGC,MAAQ,EACf,KAAK,EAED,OADAD,EAAG8F,KAAK/D,KAAK,CAAC,EAAG,EAAG,CAAE,IACf,CAAC,EAAazD,KAAKsc,cAAcK,qBAAqB3F,EAAewF,IAChF,KAAK,EAED,OADA/H,EAAW/S,EAAGO,OACP,CAAC,EAAa,GACzB,KAAK,EAED,MADAwa,EAAM/a,EAAGO,OACLwa,aAAeG,EAAA,EACTH,EAGAI,EAAA,qBAAmC7F,EAAeyF,GAEhE,KAAK,EAED,OADAC,EAAA,cAA4B1c,KAAKkV,aAAciB,EAAY1B,GACpD,CAAC,EAAcA,GAElC,GACJ,GACJ,EACO4H,CACX,CAzCmC,G,kDCQ/BS,EAA4B,WAC5B,SAASA,EAAW/I,EAAegJ,GAE/B/c,KAAKgV,QAAS,OAAyBjB,GAEvC/T,KAAK0O,OAAS,IAAIsO,EAAA,EAAOhd,KAAKgV,OAAOiI,cAAe,IAAM,KAE1Djd,KAAK6L,YAAc7L,KAAKgV,OAAOwE,gBAE/BxZ,KAAKkV,aAAelV,KAAKgV,OAAOkI,iBAEhCld,KAAKsc,cAAgBtc,KAAKgV,OAAOmI,iBAEjCnd,KAAKod,eAAiB,IAAIf,EAAerc,KAAKsc,cAAetc,KAAKkV,cAElElV,KAAKsY,uBAAyBtY,KAAKgV,OAAOsD,uBAE1CtY,KAAKsK,UAAYtK,KAAKgV,OAAOC,YAAY3K,UAEzCtK,KAAK+c,kBAAoBA,CAC7B,CA2DA,OAvDAD,EAAW7c,UAAU8W,0BAA4B,SAAUW,GACvD,IAAI3C,EAAU,CAAC,EAEf,GADAA,EAAQ,mBAA4BsI,EAAA,0BAC/Brd,KAAKgV,OAAO6E,cAAcC,sBAAwBpC,EACnD,OAAQA,EAAQZ,MACZ,KAAKwG,EAAA,kBACD,IACI,IAAIjQ,GAAa,OAAiCqK,EAAQpV,YAC1DyS,EAAQ,iBAA0B,OAAS1H,EAAWuB,IAAM,IAAMvB,EAAWwB,IAIjF,CAFA,MAAOC,GACH9O,KAAK0O,OAAOK,QAAQ,mDAAqDD,EAC7E,CACA,MACJ,KAAKwO,EAAA,MACDvI,EAAQ,iBAA0B,QAAU2C,EAAQpV,WACpD,MAGZ,OAAOyS,CACX,EAQA+H,EAAW7c,UAAUgX,2BAA6B,SAAUD,EAAe7C,EAAaY,EAASoB,GAC7F,OAAO,QAAUnW,UAAM,OAAQ,GAAQ,WACnC,IAAIyU,EACJ,OAAO,QAAYzU,MAAM,SAAU0B,GAC/B,OAAQA,EAAGC,OACP,KAAK,EAAG,MAAO,CAAC,EAAa3B,KAAKod,eAAeb,gBAAgBpG,EAAYa,EAAe,CAAE1B,KAAMnB,EAAaY,QAASA,EAASwI,SAAUvd,KAAKgV,OAAO6E,cAAc0D,YACvK,KAAK,EAMD,OALA9I,EAAW/S,EAAGO,OACVjC,KAAKgV,OAAOsD,wBAA0B7D,EAAS+I,OAAS,KAA2B,MAApB/I,EAAS+I,QAExExd,KAAKgV,OAAOsD,uBAAuBmF,sBAEhC,CAAC,EAAchJ,GAElC,GACJ,GACJ,EAKAqI,EAAW7c,UAAUyd,gBAAkB,SAAUC,GAC7C,IAAKA,EAAiBC,oBAClB,MAAMf,EAAA,yCAAuD,2DAEjE7c,KAAKsK,UAAYqT,CACrB,EACOb,CACX,CAhF+B,E,0NCO3Be,EAAoC,SAAU/S,GAE9C,SAAS+S,EAAmB9J,EAAegJ,GACvC,OAAOjS,EAAOkJ,KAAKhU,KAAM+T,EAAegJ,IAAsB/c,IAClE,CAyPA,OA5PA,QAAU6d,EAAoB/S,GAI9B+S,EAAmB5d,UAAUqU,aAAe,SAAU1M,GAClD,IAAIlG,EAAIsK,EACR,OAAO,QAAUhM,UAAM,OAAQ,GAAQ,WACnC,IAAI8d,EAAgBtJ,EAAcC,EAAUC,EAAWC,EACnDxU,EAAQH,KACZ,OAAO,QAAYA,MAAM,SAAUwN,GAC/B,OAAQA,EAAG7L,OACP,KAAK,EAID,OAHAmc,EAAmD,QAAjCpc,EAAK1B,KAAK+c,yBAAsC,IAAPrb,OAAgB,EAASA,EAAGqc,iBAAiB,mCAAkDnW,EAAQ6P,eAClKzX,KAAK0O,OAAOK,QAAQ,wCAAyCnH,EAAQ6P,eACrEjD,EAAe,iBACR,CAAC,EAAaxU,KAAK8U,oBAAoBlN,EAAS5H,KAAKsK,YAChE,KAAK,EAKD,OAJAmK,EAAWjH,EAAGvL,OACdyS,EAAwC,QAA3B1I,EAAKyI,EAASM,eAA4B,IAAP/I,OAAgB,EAASA,EAAG,sBAC5E2I,EAAkB,IAAI,IAAgB3U,KAAKgV,OAAOC,YAAYnV,SAAUE,KAAKkV,aAAclV,KAAK6L,YAAa7L,KAAK0O,OAAQ1O,KAAKgV,OAAOG,kBAAmBnV,KAAKgV,OAAOI,mBACrKT,EAAgBU,sBAAsBZ,EAASa,MACxC,CAAC,EAAcX,EAAgBY,0BAA0Bd,EAASa,KAAMtV,KAAKsK,UAAWkK,EAAc5M,OAAS0B,OAAWA,GAAW,EAAM1B,EAAQoW,WAAYtJ,GAAWuJ,MAAK,SAAUC,GACxL,IAAIxc,EAKJ,OAJmB,OAAnBoc,QAA8C,IAAnBA,GAAqCA,EAAeK,eAAe,CAC1FC,SAAS,EACTC,kBAA0D,QAAtC3c,EAAK+S,EAASa,KAAKgJ,qBAAkC,IAAP5c,OAAgB,EAASA,EAAGd,SAAW,IAEtGsd,CACX,IACKK,OAAM,SAAUC,GAQjB,MAPAre,EAAMuO,OAAOK,QAAQ,kCAAmCnH,EAAQ6P,eAC7C,OAAnBqG,QAA8C,IAAnBA,GAAqCA,EAAeK,eAAe,CAC1FM,UAAWD,EAAMC,UACjBC,aAAcF,EAAMG,SACpBP,SAAS,EACTC,sBAAkB/U,IAEhBkV,CACV,KAEhB,GACJ,GACJ,EAKAX,EAAmB5d,UAAU2e,2BAA6B,SAAUhX,GAChE,OAAO,QAAU5H,UAAM,OAAQ,GAAQ,WACnC,IAAI6e,EAAQC,EAAmBC,EAC/B,OAAO,QAAY/e,MAAM,SAAU0B,GAE/B,IAAKkG,EACD,MAAM,mCAGV,IAAKA,EAAQhG,QACT,MAAM,0CAIV,GAFAid,EAAS7e,KAAKkV,aAAatL,kBAAkBhC,EAAQhG,QAAQiB,YAAa7C,KAAKgV,OAAOC,YAAYnV,UAE9F+e,EACA,IACI,MAAO,CAAC,EAAc7e,KAAKgf,mCAAmCpX,GAAS,GAa3E,CAXA,MAAOkH,GAIH,GAHAgQ,EAAoBhQ,aAAa,MAAgCA,EAAE2P,YAAc,6BACjFM,EAAkCjQ,aAAa,KAAeA,EAAE2P,YAAc,0BAA8B3P,EAAE6P,WAAa,2BAEvHG,GAAqBC,EACrB,MAAO,CAAC,EAAc/e,KAAKgf,mCAAmCpX,GAAS,IAIvE,MAAMkH,CAEd,CAGJ,MAAO,CAAC,EAAc9O,KAAKgf,mCAAmCpX,GAAS,GAC3E,GACJ,GACJ,EAKAiW,EAAmB5d,UAAU+e,mCAAqC,SAAUpX,EAASqX,GACjF,IAAIvd,EACJ,OAAO,QAAU1B,UAAM,OAAQ,GAAQ,WACnC,IAAI8d,EAAgB5b,EAAcgd,EAClC,OAAO,QAAYlf,MAAM,SAAUgM,GAI/B,GAHA8R,EAAmD,QAAjCpc,EAAK1B,KAAK+c,yBAAsC,IAAPrb,OAAgB,EAASA,EAAGqc,iBAAiB,yDAAwEnW,EAAQ6P,eACxLzX,KAAK0O,OAAOK,QAAQ,8DAA+DnH,EAAQ6P,eAC3FvV,EAAelC,KAAKkV,aAAa/M,0BAA0BnI,KAAKgV,OAAOC,YAAYnV,SAAU8H,EAAQhG,QAASqd,IACzG/c,EAED,MADmB,OAAnB4b,QAA8C,IAAnBA,GAAqCA,EAAeqB,qBACzE,gCAUV,OAPmB,OAAnBrB,QAA8C,IAAnBA,GAAqCA,EAAeK,eAAe,CAC1FC,SAAS,IAEbc,GAAsB,SAAS,QAAS,CAAC,EAAGtX,GAAU,CAAE1F,aAAcA,EAAaZ,OAAQyH,qBAAsBnB,EAAQmB,sBAAwB,YAA6BuN,cAAe,CACrLhU,WAAYsF,EAAQhG,QAAQkB,cAC5BgU,KAAM,uBAEP,CAAC,EAAc9W,KAAKsU,aAAa4K,GAC5C,GACJ,GACJ,EAMArB,EAAmB5d,UAAU6U,oBAAsB,SAAUlN,EAAS0C,GAClE,IAAI5I,EACJ,OAAO,QAAU1B,UAAM,OAAQ,GAAQ,WACnC,IAAIof,EAAyBhJ,EAAaC,EAAiBtB,EAASoB,EAAYI,EAChF,OAAO,QAAYvW,MAAM,SAAUgM,GAC/B,OAAQA,EAAGrK,OACP,KAAK,EAED,OADAyd,EAA4D,QAAjC1d,EAAK1B,KAAK+c,yBAAsC,IAAPrb,OAAgB,EAASA,EAAGqc,iBAAiB,0CAAyDnW,EAAQ6P,eAC3K,CAAC,EAAazX,KAAK4W,uBAAuBhP,IACrD,KAAK,EAgBD,OAfAwO,EAAcpK,EAAG/J,OACjBoU,EAAkBrW,KAAK6W,2BAA2BjP,GAClDmN,EAAU/U,KAAK+W,0BAA0BnP,EAAQ0O,eACjDH,EAAa,CACTrW,SAAUE,KAAKgV,OAAOC,YAAYnV,SAClCwK,UAAWA,EAAUkM,mBACrB3N,OAAQjB,EAAQiB,OAChBtH,OAAQqG,EAAQrG,OAChBwH,qBAAsBnB,EAAQmB,qBAC9B0N,sBAAuB7O,EAAQ6O,sBAC/BC,mBAAoB9O,EAAQ8O,mBAC5BC,UAAW/O,EAAQ+O,UACnBzN,OAAQtB,EAAQsB,QAEpBqN,EAAW,sBAA4BjM,EAAU0M,cAAeX,GACzD,CAAC,EAAcrW,KAAKiX,2BAA2BV,EAAUH,EAAarB,EAASoB,GAC7E8H,MAAK,SAAUC,GAIhB,OAH4B,OAA5BkB,QAAgE,IAA5BA,GAA8CA,EAAwBjB,eAAe,CACrHC,SAAS,IAENF,CACX,IACKK,OAAM,SAAUC,GAIjB,MAH4B,OAA5BY,QAAgE,IAA5BA,GAA8CA,EAAwBjB,eAAe,CACrHC,SAAS,IAEPI,CACV,KAEhB,GACJ,GACJ,EAKAX,EAAmB5d,UAAU4W,2BAA6B,SAAUjP,GAChE,IAAIsP,EAAmB,IAAI,IAI3B,OAHItP,EAAQuP,sBACRD,EAAiBE,wBAAwBxP,EAAQuP,sBAE9CD,EAAiBG,mBAC5B,EAKAwG,EAAmB5d,UAAU2W,uBAAyB,SAAUhP,GAC5D,IAAIlG,EACJ,OAAO,QAAU1B,UAAM,OAAQ,GAAQ,WACnC,IAAIyX,EAAe2H,EAAyBlI,EAAkBI,EAAiBC,EAAmBC,EAAYnK,EAC9G,OAAO,QAAYrN,MAAM,SAAUgM,GAC/B,OAAQA,EAAGrK,OACP,KAAK,EAwBD,OAvBA8V,EAAgB7P,EAAQ6P,cACxB2H,EAA4D,QAAjC1d,EAAK1B,KAAK+c,yBAAsC,IAAPrb,OAAgB,EAASA,EAAGqc,iBAAiB,wCAAuDtG,GACxKP,EAAmB,IAAI,IACvBA,EAAiBS,YAAY3X,KAAKgV,OAAOC,YAAYnV,UACrDoX,EAAiBY,UAAUlQ,EAAQiB,QACnCqO,EAAiB+B,aAAa,0BAC9B/B,EAAiBgC,gBACjBhC,EAAiBc,eAAehY,KAAKgV,OAAOiD,aAC5Cf,EAAiBgB,wBAAwBlY,KAAKgV,OAAOmD,UAAUC,aAC/DlB,EAAiBmB,gBACbrY,KAAKsY,wBACLpB,EAAiBqB,mBAAmBvY,KAAKsY,wBAE7CpB,EAAiBwC,iBAAiBjC,GAClCP,EAAiBmI,gBAAgBzX,EAAQ1F,cACrClC,KAAKgV,OAAO0D,kBAAkBC,cAC9BzB,EAAiB0B,gBAAgB5Y,KAAKgV,OAAO0D,kBAAkBC,cAE/D3Y,KAAKgV,OAAO0D,kBAAkBpB,kBAC9BA,EAAkBtX,KAAKgV,OAAO0D,kBAAkBpB,gBAChDJ,EAAiB2B,mBAAmBvB,EAAgBwB,WACpD5B,EAAiB6B,uBAAuBzB,EAAgB0B,gBAEtDpR,EAAQmB,uBAAyB,SAAkC,CAAC,EAAa,IACvFwO,EAAoB,IAAI,IAAkBvX,KAAK6L,aACxC,CAAC,EAAa0L,EAAkB4B,YAAYvR,KACvD,KAAK,EAID,OAHA4P,EAAaxL,EAAG/J,OAEhBiV,EAAiBkC,YAAY5B,EAAW6B,cACjC,CAAC,EAAa,GACzB,KAAK,EACD,GAAIzR,EAAQmB,uBAAyB,SAA0B,CAC3D,IAAInB,EAAQ0R,OAOR,MAH4B,OAA5B8F,QAAgE,IAA5BA,GAA8CA,EAAwBjB,eAAe,CACrHC,SAAS,IAEP,+BANNlH,EAAiBqC,UAAU3R,EAAQ0R,OAQ3C,CACAtN,EAAGrK,MAAQ,EACf,KAAK,EAID,KAHK,eAAuBiG,EAAQrG,SAAWvB,KAAKgV,OAAOC,YAAY0E,oBAAsB3Z,KAAKgV,OAAOC,YAAY0E,mBAAmB/Y,OAAS,IAC7IsW,EAAiB0C,UAAUhS,EAAQrG,OAAQvB,KAAKgV,OAAOC,YAAY0E,oBAEnE3Z,KAAKgV,OAAO6E,cAAcC,sBAAwBlS,EAAQ0O,cAC1D,OAAQ1O,EAAQ0O,cAAcQ,MAC1B,KAAK,oBACD,IACIzJ,GAAa,OAAiCzF,EAAQ0O,cAAchU,YACpE4U,EAAiB6C,UAAU1M,EAI/B,CAFA,MAAOyB,GACH9O,KAAK0O,OAAOK,QAAQ,mDAAqDD,EAC7E,CACA,MACJ,KAAK,QACDoI,EAAiB8C,UAAUpS,EAAQ0O,cAAchU,YACjD,MAMZ,OAH4B,OAA5B8c,QAAgE,IAA5BA,GAA8CA,EAAwBjB,eAAe,CACrHC,SAAS,IAEN,CAAC,EAAclH,EAAiBG,qBAEnD,GACJ,GACJ,EACOwG,CACX,CA9PuC,CA8PrC,I,mJCxQEyB,EAAkC,SAAUxU,GAE5C,SAASwU,EAAiBvL,EAAegJ,GACrC,OAAOjS,EAAOkJ,KAAKhU,KAAM+T,EAAegJ,IAAsB/c,IAClE,CA+GA,OAlHA,QAAUsf,EAAkBxU,GAS5BwU,EAAiBrf,UAAUqU,aAAe,SAAU1M,GAChD,OAAO,QAAU5H,UAAM,OAAQ,GAAQ,WACnC,IAAIyc,EAAK8C,EACT,OAAO,QAAYvf,MAAM,SAAU0B,GAC/B,OAAQA,EAAGC,OACP,KAAK,EAED,OADAD,EAAG8F,KAAK/D,KAAK,CAAC,EAAG,EAAG,CAAE,IACf,CAAC,EAAazD,KAAKwf,mBAAmB5X,IACjD,KAAK,EAAG,MAAO,CAAC,EAAclG,EAAGO,QACjC,KAAK,EAED,GADAwa,EAAM/a,EAAGO,OACLwa,aAAe,KAAmBA,EAAIgC,YAAc,8BAEpD,OADAc,EAAqB,IAAI,IAAmBvf,KAAKgV,OAAQhV,KAAK+c,mBACvD,CAAC,EAAcwC,EAAmBX,2BAA2BhX,IAGpE,MAAM6U,EAEd,KAAK,EAAG,MAAO,CAAC,GAExB,GACJ,GACJ,EAKA6C,EAAiBrf,UAAUuf,mBAAqB,SAAU5X,GACtD,IAAIlG,EAAIsK,EAAIwB,EAAIC,EAChB,OAAO,QAAUzN,UAAM,OAAQ,GAAQ,WACnC,IAAI6C,EAAapB,EACjB,OAAO,QAAYzB,MAAM,SAAU0N,GAC/B,OAAQA,EAAG/L,OACP,KAAK,EAED,IAAKiG,EACD,MAAM,mCAEV,GAAIA,EAAQ6X,aAIR,MAFuC,QAAtC/d,EAAK1B,KAAKsY,8BAA2C,IAAP5W,GAAyBA,EAAGge,gBAAgB,oBAC3F1f,KAAK0O,OAAOkG,KAAK,sFACX,iCAGV,IAAKhN,EAAQhG,QACT,MAAM,0CAIV,GAFAiB,EAAc+E,EAAQ0C,WAAatK,KAAKsK,UAAUuD,oBAClDpM,EAAczB,KAAKkV,aAAavN,gBAAgBC,EAAQhG,QAAS5B,KAAKgV,OAAOC,YAAYnV,SAAU8H,EAAS/E,IACvGpB,EAAYM,YAIb,MAFuC,QAAtCiK,EAAKhM,KAAKsY,8BAA2C,IAAPtM,GAAyBA,EAAG0T,gBAAgB,6BAC3F1f,KAAK0O,OAAOkG,KAAK,kGACX,iCAEL,GAAI,uBAA6BnT,EAAYM,YAAYoK,WAC1D,mBAAyB1K,EAAYM,YAAY4J,UAAW3L,KAAKgV,OAAO6E,cAAc8F,2BAItF,MAFuC,QAAtCnS,EAAKxN,KAAKsY,8BAA2C,IAAP9K,GAAyBA,EAAGkS,gBAAgB,kCAC3F1f,KAAK0O,OAAOkG,KAAK,8FAAgG5U,KAAKgV,OAAO6E,cAAc8F,0BAA4B,aACjK,iCAEL,GAAIle,EAAYM,YAAY+J,WAAa,mBAAyBrK,EAAYM,YAAY+J,UAAW,GAItG,MAFuC,QAAtC2B,EAAKzN,KAAKsY,8BAA2C,IAAP7K,GAAyBA,EAAGiS,gBAAgB,kCAC3F1f,KAAK0O,OAAOkG,KAAK,sGACX,iCAKV,OAHI5U,KAAKgV,OAAOsD,wBACZtY,KAAKgV,OAAOsD,uBAAuBsH,qBAEhC,CAAC,EAAa5f,KAAK6f,8BAA8Bpe,EAAamG,IACzE,KAAK,EAAG,MAAO,CAAC,EAAc8F,EAAGzL,QAEzC,GACJ,GACJ,EAKAqd,EAAiBrf,UAAU4f,8BAAgC,SAAUpe,EAAamG,GAC9E,OAAO,QAAU5H,UAAM,OAAQ,GAAQ,WACnC,IAAI8f,EAAYC,EAChB,OAAO,QAAY/f,MAAM,SAAU0B,GAC/B,OAAQA,EAAGC,OACP,KAAK,EAKD,GAJIF,EAAYN,UACZ2e,EAAa,IAAI,IAAUre,EAAYN,QAAQG,OAAQtB,KAAKgV,OAAOwE,kBAGnE5R,EAAQoY,QAA8B,IAAnBpY,EAAQoY,OAAe,CAE1C,GADAD,EAA0B,OAAfD,QAAsC,IAAfA,OAAwB,EAASA,EAAWve,OAAO0e,WAChFF,EACD,MAAM,kCAEV,gBAAsBA,EAAUnY,EAAQoY,OAC5C,CACA,MAAO,CAAC,EAAa,iCAA6ChgB,KAAK6L,YAAa7L,KAAKsK,UAAW7I,GAAa,EAAMmG,EAASkY,IACpI,KAAK,EAAG,MAAO,CAAC,EAAcpe,EAAGO,QAEzC,GACJ,GACJ,EACOqd,CACX,CApHqC,CAoHnC,I,kKCpHEY,EAAmC,IACnCC,EAAyB,CACzBR,0BAA2BO,EAC3BpG,sBAAsB,EACtByD,SAAU,mBAEV6C,EAAgC,CAChCC,eAAgB,WAEhB,EACAC,mBAAmB,EACnBC,SAAU,SACV9I,cAAe,mBAEf+I,EAAiC,CACjCC,oBAAqB,WACjB,OAAO,QAAUzgB,UAAM,OAAQ,GAAQ,WACnC,IAAIiL,EACJ,OAAO,QAAYjL,MAAM,SAAU0B,GAE/B,MADAuJ,EAAa,qEACP,0BAAgCA,EAC1C,GACJ,GACJ,EACA0R,qBAAsB,WAClB,OAAO,QAAU3c,UAAM,OAAQ,GAAQ,WACnC,IAAIiL,EACJ,OAAO,QAAYjL,MAAM,SAAU0B,GAE/B,MADAuJ,EAAa,sEACP,0BAAgCA,EAC1C,GACJ,GACJ,GAEAyV,EAAuB,CACvBC,IAAK,SACLC,QAAS,IACTC,IAAK,kBACLC,GAAI,mBAEJC,EAA6B,CAC7BpI,aAAc,kBACdrB,qBAAiBhO,GAEjB0X,EAA8B,CAC9BC,mBAAoB,SACpBC,OAAQ,GAAK,4BAEbC,EAA4B,CAC5B/I,YAAa,CACTgJ,QAAS,GACTC,WAAY,KAUpB,SAASC,EAAyB5f,GAC9B,IAAI6f,EAAkB7f,EAAGuT,YAAauM,EAAoB9f,EAAGmY,cAAe4H,EAAmB/f,EAAGub,cAAeyE,EAAwBhgB,EAAGwb,iBAAkByE,EAAwBjgB,EAAGyb,iBAAkByE,EAAuBlgB,EAAG8X,gBAAiBd,EAAoBhX,EAAGgX,kBAAmBT,EAAcvW,EAAGuW,YAAaE,EAAYzW,EAAGyW,UAAWG,EAAyB5W,EAAG4W,uBAAwBlD,EAAoB1T,EAAG0T,kBAAmBD,EAAoBzT,EAAGyT,kBACzc8H,GAAgB,SAAS,QAAS,CAAC,EAAGmD,GAAgCqB,GAC1E,MAAO,CACHxM,YAAa4M,EAAiBN,GAC9B1H,eAAe,SAAS,QAAS,CAAC,EAAGsG,GAAyBqB,GAC9DvE,cAAeA,EACfC,iBAAkBwE,GAAyB,IAAI,IAAoBH,EAAgBzhB,SAAU,KAC7Fqd,iBAAkBwE,GAAyBnB,EAC3ChH,gBAAiBoI,GAAwB,IACzClJ,kBAAmBA,GAAqBqI,EACxC9I,aAAa,SAAS,QAAS,CAAC,EAAGyI,GAAuBzI,GAC1DE,WAAW,SAAS,QAAS,CAAC,EAAGgJ,GAA4BhJ,GAC7DG,uBAAwBA,GAA0B,KAClDlD,kBAAmBA,GAAqB,KACxCD,kBAAmBA,GAAqB,KAEhD,CAKA,SAAS0M,EAAiB5M,GACtB,OAAO,QAAS,CAAE0E,mBAAoB,GAAImI,kBAAmBd,EAA6Be,4BAA4B,GAAS9M,EACnI,C,+EC5FI+M,EAAgC,CAChCvI,cAAe,WACX,IAAIxO,EAAa,8DACjB,MAAM,0BAAgCA,EAC1C,EACAgX,aAAc,WACV,IAAIhX,EAAa,6DACjB,MAAM,0BAAgCA,EAC1C,EACAiX,aAAc,WACV,IAAIjX,EAAa,6DACjB,MAAM,0BAAgCA,EAC1C,EACAkX,kBAAmB,WACf,OAAO,QAAUniB,UAAM,OAAQ,GAAQ,WACnC,IAAIiL,EACJ,OAAO,QAAYjL,MAAM,SAAU0B,GAE/B,MADAuJ,EAAa,kEACP,0BAAgCA,EAC1C,GACJ,GACJ,EACAmX,uBAAwB,WACpB,OAAO,QAAUpiB,UAAM,OAAQ,GAAQ,WACnC,IAAIiL,EACJ,OAAO,QAAYjL,MAAM,SAAU0B,GAE/B,MADAuJ,EAAa,uEACP,0BAAgCA,EAC1C,GACJ,GACJ,EACAxD,sBAAuB,WACnB,OAAO,QAAUzH,UAAM,OAAQ,GAAQ,WACnC,IAAIiL,EACJ,OAAO,QAAYjL,MAAM,SAAU0B,GAE/B,MADAuJ,EAAa,sEACP,0BAAgCA,EAC1C,GACJ,GACJ,EACAoX,cAAe,WACX,OAAO,QAAUriB,UAAM,OAAQ,GAAQ,WACnC,IAAIiL,EACJ,OAAO,QAAYjL,MAAM,SAAU0B,GAE/B,MADAuJ,EAAa,8DACP,0BAAgCA,EAC1C,GACJ,GACJ,EACAqX,QAAS,WACL,OAAO,QAAUtiB,UAAM,OAAQ,GAAQ,WACnC,IAAIiL,EACJ,OAAO,QAAYjL,MAAM,SAAU0B,GAE/B,MADAuJ,EAAa,wDACP,0BAAgCA,EAC1C,GACJ,GACJ,EACAsX,WAAY,WACR,OAAO,QAAUviB,UAAM,OAAQ,GAAQ,WACnC,IAAIiL,EACJ,OAAO,QAAYjL,MAAM,SAAU0B,GAE/B,MADAuJ,EAAa,2DACP,0BAAgCA,EAC1C,GACJ,GACJ,E,+EC/DAuX,EAAyB,CACzBC,gBAAiB,CACb5N,KAAM,oBACN6N,KAAM,sJAEVC,gBAAiB,CACb9N,KAAM,oBACN6N,KAAM,2JAMVE,EAAiC,SAAU9X,GAE3C,SAAS8X,EAAgBnE,EAAWoE,GAChC,IAAI1iB,EAAQ2K,EAAOkJ,KAAKhU,KAAMye,EAAWoE,IAAiB7iB,KAG1D,OAFAG,EAAM+M,KAAO,kBACb3M,OAAOuiB,eAAe3iB,EAAOyiB,EAAgB3iB,WACtCE,CACX,CAaA,OAnBA,QAAUyiB,EAAiB9X,GAU3B8X,EAAgBG,sBAAwB,WACpC,OAAO,IAAIH,EAAgBJ,EAAuBC,gBAAgB5N,KAAM2N,EAAuBC,gBAAgBC,KACnH,EAIAE,EAAgBI,sBAAwB,WACpC,OAAO,IAAIJ,EAAgBJ,EAAuBG,gBAAgB9N,KAAM2N,EAAuBG,gBAAgBD,KACnH,EACOE,CACX,CArBoC,CAqBlChG,EAAA,G,UCrCEqG,EAA4B,WAC5B,SAASA,EAAWzG,GAChBxc,KAAKkjB,IAAM1G,EAAQ0G,IACnBljB,KAAKmjB,IAAM3G,EAAQ2G,IACnBnjB,KAAKqH,IAAMmV,EAAQnV,GACvB,CA0BA,OAjBA4b,EAAWG,mBAAqB,SAAUC,GAEtC,IAAKA,EAAiBhc,IAClB,MAAMub,EAAgBG,wBAG1B,IAAKM,EAAiBF,IAClB,MAAMP,EAAgBI,wBAE1B,IAAIM,EAAY,IAAIL,EAAW,CAE3BC,IAAKG,EAAiBH,KAAO,QAC7B7b,IAAKgc,EAAiBhc,IACtB8b,IAAKE,EAAiBF,MAE1B,OAAOI,KAAKC,UAAUF,EAC1B,EACOL,CACX,CAhC+B,E,2DCC3BQ,E,+BACJ,SAAWA,GACPA,EAAY,MAAQ,KACpBA,EAAY,OAAS,KACxB,EAHD,CAGGA,IAAgBA,EAAc,CAAC,IAClC,IAAIC,EAAmC,WACnC,SAASA,EAAkB7X,GACvB7L,KAAK6L,YAAcA,CACvB,CAoFA,OA7EA6X,EAAkBzjB,UAAUkZ,YAAc,SAAUvR,GAChD,OAAO,QAAU5H,UAAM,OAAQ,GAAQ,WACnC,IAAI2jB,EAAQtK,EAAc3X,EAC1B,OAAO,QAAY1B,MAAM,SAAUgM,GAC/B,OAAQA,EAAGrK,OACP,KAAK,EAAG,MAAO,CAAC,EAAa3B,KAAK4jB,YAAYhc,IAC9C,KAAK,EAOD,OANA+b,EAAS3X,EAAG/J,OACZoX,EAAerZ,KAAK6L,YAAYqW,aAAaqB,KAAKC,UAAUG,IAC5DjiB,EAAK,CACD2F,IAAKsc,EAAOtc,IACZgS,aAAcA,GAEX,CAAC,EAAarZ,KAAK6L,YAAY0W,WAAWlJ,IACrD,KAAK,EAAG,MAAO,CAAC,GAAe3X,EAAGma,WAAa7P,EAAG/J,OAC1CP,IAEhB,GACJ,GACJ,EAMAgiB,EAAkBzjB,UAAU2jB,YAAc,SAAUhc,GAChD,OAAO,QAAU5H,UAAM,OAAQ,GAAQ,WACnC,IAAI6jB,EACJ,OAAO,QAAY7jB,MAAM,SAAU0B,GAC/B,OAAQA,EAAGC,OACP,KAAK,EAAG,MAAO,CAAC,EAAa3B,KAAK6L,YAAYuW,uBAAuBxa,IACrE,KAAK,EAED,OADAic,EAAgBniB,EAAGO,OACZ,CAAC,EAAc,CACdoF,IAAKwc,EACLC,QAASL,EAAYM,KAGzC,GACJ,GACJ,EAOAL,EAAkBzjB,UAAU+jB,aAAe,SAAUjiB,EAAagD,EAAO6C,GACrE,OAAO,QAAU5H,UAAM,OAAQ,GAAQ,WACnC,OAAO,QAAYA,MAAM,SAAU0B,GAC/B,MAAO,CAAC,EAAc1B,KAAKikB,YAAYliB,EAAagD,EAAO6C,GAC/D,GACJ,GACJ,EASA8b,EAAkBzjB,UAAUgkB,YAAc,SAAUC,EAASnf,EAAO6C,EAASrG,GACzE,OAAO,QAAUvB,UAAM,OAAQ,GAAQ,WACnC,IAAIyW,EAAuBC,EAAoBC,EAAWwN,EAAUC,EAAmBC,EACvF,OAAO,QAAYrkB,MAAM,SAAU0B,GAC/B,OAAQA,EAAGC,OACP,KAAK,EAID,OAHA8U,EAAwB7O,EAAQ6O,sBAAuBC,EAAqB9O,EAAQ8O,mBAAoBC,EAAY/O,EAAQ+O,UAAWwN,EAAWvc,EAAQuc,SAC1JC,EAAoB,EAAuB,IAAI,IAAU1N,QAAsBpN,EAC/E+a,EAA8C,OAAtBD,QAAoD,IAAtBA,OAA+B,EAASA,EAAkBE,mBACzG,CAAC,EAAatkB,KAAK6L,YAAYyW,SAAQ,QAAS,CAAEiC,GAAIL,EAASM,GAAI,iBAAwBC,EAA6B,OAA1BhO,QAA4D,IAA1BA,OAAmC,EAASA,EAAsBiO,cAAeC,EAA6B,OAA1BN,QAA4D,IAA1BA,OAAmC,EAASA,EAAsBO,gBAAiBnV,MAAO0U,GAAYnkB,KAAK6L,YAAY4N,gBAAiBoL,EAA6B,OAA1BR,QAA4D,IAA1BA,OAAmC,EAASA,EAAsBS,aAAcC,GAA8B,OAA1BV,QAA4D,IAA1BA,OAAmC,EAASA,EAAsBW,aAAe,CAAC,GAAIX,EAAsBW,kBAAe1b,EAAW2b,cAAetO,QAAarN,GAAa/H,GAASwD,EAAO6C,EAAQ6P,gBAC3uB,KAAK,EAAG,MAAO,CAAC,EAAc/V,EAAGO,QAEzC,GACJ,GACJ,EACOyhB,CACX,CAxFsC,E,+ECHlCwB,EAAmB,CACnBC,gBAAiB,CACbtQ,KAAM,mBACN6N,KAAM,uCAEV0C,kBAAmB,CACfvQ,KAAM,sBACN6N,KAAM,yIAMV9F,EAA2B,SAAU9R,GAErC,SAAS8R,EAAU6B,EAAWoE,EAAcwC,GACxC,IAAIllB,EAAQH,KACRslB,EAAczC,EAAepE,EAAY,KAAOoE,EAAepE,EAOnE,OANAte,EAAQ2K,EAAOkJ,KAAKhU,KAAMslB,IAAgBtlB,KAC1CO,OAAOuiB,eAAe3iB,EAAOyc,EAAU3c,WACvCE,EAAMse,UAAYA,GAAa,kBAC/Bte,EAAM0iB,aAAeA,GAAgB,kBACrC1iB,EAAMwe,SAAW0G,GAAY,kBAC7BllB,EAAM+M,KAAO,YACN/M,CACX,CAmBA,OA9BA,QAAUyc,EAAW9R,GAYrB8R,EAAU3c,UAAUslB,iBAAmB,SAAU9N,GAC7CzX,KAAKyX,cAAgBA,CACzB,EAKAmF,EAAU4I,sBAAwB,SAAUC,GACxC,OAAO,IAAI7I,EAAUsI,EAAiBC,gBAAgBtQ,KAAMqQ,EAAiBC,gBAAgBzC,KAAO,KAAO+C,EAC/G,EAMA7I,EAAU8I,wBAA0B,SAAUD,GAC1C,OAAO,IAAI7I,EAAUsI,EAAiBE,kBAAkBvQ,KAAMqQ,EAAiBE,kBAAkB1C,KAAO,KAAO+C,EACnH,EACO7I,CACX,CAhC8B,CAgC5B+I,M,qGC7CEC,EAAyB,CACzBC,wBAAyB,CACrBhR,KAAM,6BACN6N,KAAM,+GAEVoD,qBAAsB,CAClBjR,KAAM,0BACN6N,KAAM,mFAEVqD,kBAAmB,CACflR,KAAM,sBACN6N,KAAM,8EAEVsD,iBAAkB,CACdnR,KAAM,sBACN6N,KAAM,oFAEVuD,wBAAyB,CACrBpR,KAAM,6BACN6N,KAAM,2EAEVwD,aAAc,CACVrR,KAAM,gBACN6N,KAAM,+EAEVyD,6BAA8B,CAC1BtR,KAAM,sBACN6N,KAAM,+IAEV0D,oBAAqB,CACjBvR,KAAM,wBACN6N,KAAM,uGAEV2D,mBAAoB,CAChBxR,KAAM,uBACN6N,KAAM,sFAEV4D,kBAAmB,CACfzR,KAAM,gBACN6N,KAAM,6IAEV6D,mBAAoB,CAChB1R,KAAM,iBACN6N,KAAM,iGAEV8D,mBAAoB,CAChB3R,KAAM,kBACN6N,KAAM,mBAEV+D,mBAAoB,CAChB5R,KAAM,iBACN6N,KAAM,wFAEVgE,mBAAoB,CAChB7R,KAAM,kBACN6N,KAAM,mBAEViE,sBAAuB,CACnB9R,KAAM,sBACN6N,KAAM,gOAIVkE,sBAAuB,CACnB/R,KAAM,qBACN6N,KAAM,6FAEVmE,mBAAoB,CAChBhS,KAAM,kBACN6N,KAAM,oLAEVoE,uBAAwB,CACpBjS,KAAM,2BACN6N,KAAM,qJAGVqE,yBAA0B,CACtBlS,KAAM,6BACN6N,KAAM,6HAEVsE,4BAA6B,CACzBnS,KAAM,gCACN6N,KAAM,oIAEVuE,yBAA0B,CACtBpS,KAAM,yBACN6N,KAAM,6EAEVwE,sBAAuB,CACnBrS,KAAM,4BACN6N,KAAM,8FAEVyE,sBAAuB,CACnBtS,KAAM,4BACN6N,KAAM,gGAEV0E,oBAAqB,CACjBvS,KAAM,yBACN6N,KAAM,wCAEV2E,wBAAyB,CACrBxS,KAAM,uBACN6N,KAAM,6CAEV4E,2BAA4B,CACxBzS,KAAM,gCACN6N,KAAM,mHAEV6E,kBAAmB,CACf1S,KAAM,sBACN6N,KAAM,2BAEV8E,uBAAwB,CACpB3S,KAAM,4BACN6N,KAAM,oDAEV+E,yBAA0B,CACtB5S,KAAM,+BACN6N,KAAM,2FAEVgF,mBAAoB,CAChB7S,KAAM,uBACN6N,KAAM,8CAEViF,wBAAyB,CACrB9S,KAAM,4BACN6N,KAAM,6DAEVkF,eAAgB,CACZ/S,KAAM,mBACN6N,KAAM,4CAEVmF,iBAAkB,CACdhT,KAAM,sCACN6N,KAAM,iFAEVoF,YAAa,CACTjT,KAAM,mBACN6N,KAAM,6EAEVqF,iBAAkB,CACdlT,KAAM,qBACN6N,KAAM,sBAEVsF,sBAAuB,CACnBnT,KAAM,0BACN6N,KAAM,4BAEVuF,yBAA0B,CACtBpT,KAAM,6BACN6N,KAAM,+BAEVwF,iBAAkB,CACdrT,KAAM,oBACN6N,KAAM,4FAEVyF,wBAAyB,CACrBtT,KAAM,4BACN6N,KAAM,kKAEV0F,qBAAsB,CAClBvT,KAAM,yBACN6N,KAAM,sOAEV2F,mBAAoB,CAChBxT,KAAM,uBACN6N,KAAM,wDAEV4F,oBAAqB,CACjBzT,KAAM,0CACN6N,KAAM,mEAEV6F,8BAA+B,CAC3B1T,KAAM,kDACN6N,KAAM,qEAEV8F,sBAAuB,CACnB3T,KAAM,2BACN6N,KAAM,mEAEV+F,2BAA4B,CACxB5T,KAAM,2BACN6N,KAAM,uGAEVgG,0BAA2B,CACvB7T,KAAM,0BACN6N,KAAM,+DAEViG,mBAAoB,CAChB9T,KAAM,qCACN6N,KAAM,+CAEVkG,aAAc,CACV/T,KAAM,iBACN6N,KAAM,0IAMV7F,EAAiC,SAAU/R,GAE3C,SAAS+R,EAAgB4B,EAAWoE,GAChC,IAAI1iB,EAAQ2K,EAAOkJ,KAAKhU,KAAMye,EAAWoE,IAAiB7iB,KAG1D,OAFAG,EAAM+M,KAAO,kBACb3M,OAAOuiB,eAAe3iB,EAAO0c,EAAgB5c,WACtCE,CACX,CAoRA,OA1RA,QAAU0c,EAAiB/R,GAW3B+R,EAAgBgM,8BAAgC,SAAUC,GACtD,OAAO,IAAIjM,EAAgB+I,EAAuBC,wBAAwBhR,KAAM+Q,EAAuBC,wBAAwBnD,KAAO,uBAAyBoG,EACnK,EAKAjM,EAAgBkM,2BAA6B,WACzC,OAAO,IAAIlM,EAAgB+I,EAAuBE,qBAAqBjR,KAAM,GAAK+Q,EAAuBE,qBAAqBpD,KAClI,EAKA7F,EAAgBmM,wBAA0B,SAAUC,GAChD,OAAO,IAAIpM,EAAgB+I,EAAuBG,kBAAkBlR,KAAM+Q,EAAuBG,kBAAkBrD,KAAO,uBAAyBuG,EACvJ,EAKApM,EAAgBqM,4BAA8B,SAAUC,GACpD,OAAO,IAAItM,EAAgB+I,EAAuBI,iBAAiBnR,KAAM+Q,EAAuBI,iBAAiBtD,KAAO,qBAAuByG,EACnJ,EAIAtM,EAAgBuM,uCAAyC,SAAUC,GAC/D,OAAO,IAAIxM,EAAgB+I,EAAuBK,wBAAwBpR,KAAM+Q,EAAuBK,wBAAwBvD,KAAO,YAAc2G,EACxJ,EAIAxM,EAAgByM,mBAAqB,SAAU/S,EAAU8S,GACrD,OAAO,IAAIxM,EAAgB+I,EAAuBM,aAAarR,KAAM+Q,EAAuBM,aAAaxD,KAAO,0BAA4B2G,EAAY,0BAA4B9S,EAASgT,MAAM,KAAK,GAC5M,EAIA1M,EAAgB2M,mCAAqC,SAAUH,GAC3D,OAAO,IAAIxM,EAAgB+I,EAAuBO,6BAA6BtR,KAAM+Q,EAAuBO,6BAA6BzD,KAAO,0CAA4C2G,EAChM,EAKAxM,EAAgB4M,+BAAiC,SAAUC,GACvD,OAAO,IAAI7M,EAAgB+I,EAAuBQ,oBAAoBvR,KAAM+Q,EAAuBQ,oBAAoB1D,KAAO,kBAAoBgH,EACtJ,EAKA7M,EAAgB8M,wBAA0B,SAAUC,EAActE,GAC9D,OAAO,IAAIzI,EAAgB+I,EAAuBU,kBAAkBzR,KAAM+Q,EAAuBU,kBAAkB5D,KAAO,mBAAqBkH,EAAe,eAAiBtE,EACnL,EAIAzI,EAAgBgN,yBAA2B,WACvC,OAAO,IAAIhN,EAAgB+I,EAAuBW,mBAAmB1R,KAAM+Q,EAAuBW,mBAAmB7D,KACzH,EAKA7F,EAAgBiN,yBAA2B,SAAUC,GACjD,OAAO,IAAIlN,EAAgB+I,EAAuBY,mBAAmB3R,KAAM+Q,EAAuBY,mBAAmB9D,KAAO,MAAQqH,EACxI,EAIAlN,EAAgBmN,yBAA2B,WACvC,OAAO,IAAInN,EAAgB+I,EAAuBa,mBAAmB5R,KAAM+Q,EAAuBa,mBAAmB/D,KACzH,EAKA7F,EAAgBoN,4BAA8B,WAC1C,OAAO,IAAIpN,EAAgB+I,EAAuBe,sBAAsB9R,KAAM+Q,EAAuBe,sBAAsBjE,KAC/H,EAIA7F,EAAgBqN,4BAA8B,WAC1C,OAAO,IAAIrN,EAAgB+I,EAAuBgB,sBAAsB/R,KAAM+Q,EAAuBgB,sBAAsBlE,KAC/H,EAKA7F,EAAgBsN,yBAA2B,SAAUC,GACjD,OAAO,IAAIvN,EAAgB+I,EAAuBc,mBAAmB7R,KAAM+Q,EAAuBc,mBAAmBhE,KAAO,MAAQ0H,EACxI,EAIAvN,EAAgBwN,yCAA2C,WACvD,OAAO,IAAIxN,EAAgB+I,EAAuBkB,uBAAuBjS,KAAM+Q,EAAuBkB,uBAAuBpE,KAAO,IACxI,EAIA7F,EAAgByN,2CAA6C,WACzD,OAAO,IAAIzN,EAAgB+I,EAAuBmB,yBAAyBlS,KAAM+Q,EAAuBmB,yBAAyBrE,KACrI,EAIA7F,EAAgB0N,8CAAgD,WAC5D,OAAO,IAAI1N,EAAgB+I,EAAuBoB,4BAA4BnS,KAAM+Q,EAAuBoB,4BAA4BtE,KAC3I,EAIA7F,EAAgB2N,oCAAsC,WAClD,OAAO,IAAI3N,EAAgB+I,EAAuBqB,yBAAyBpS,KAAM+Q,EAAuBqB,yBAAyBvE,KACrI,EAKA7F,EAAgB4N,iCAAmC,SAAUC,GACzD,OAAO,IAAI7N,EAAgB+I,EAAuBsB,sBAAsBrS,KAAM+Q,EAAuBsB,sBAAsBxE,KAAO,iBAAmBgI,EACzJ,EAKA7N,EAAgB8N,mCAAqC,SAAUD,GAC3D,OAAO,IAAI7N,EAAgB+I,EAAuBuB,sBAAsBtS,KAAM+Q,EAAuBuB,sBAAsBzE,KAAO,iBAAmBgI,EACzJ,EAKA7N,EAAgB+N,0BAA4B,SAAUC,GAClD,OAAO,IAAIhO,EAAgB+I,EAAuBwB,oBAAoBvS,KAAM+Q,EAAuBwB,oBAAoB1E,KAAO,kBAAoBmI,EACtJ,EAKAhO,EAAgBiO,8BAAgC,WAC5C,OAAO,IAAIjO,EAAgB+I,EAAuByB,wBAAwBxS,KAAM,GAAK+Q,EAAuByB,wBAAwB3E,KACxI,EAIA7F,EAAgBkO,+BAAiC,WAC7C,OAAO,IAAIlO,EAAgB+I,EAAuB0B,2BAA2BzS,KAAM,GAAK+Q,EAAuB0B,2BAA2B5E,KAC9I,EAIA7F,EAAgBmO,6BAA+B,WAC3C,OAAO,IAAInO,EAAgB+I,EAAuB2B,kBAAkB1S,KAAM,GAAK+Q,EAAuB2B,kBAAkB7E,KAC5H,EAIA7F,EAAgBoO,6BAA+B,WAC3C,OAAO,IAAIpO,EAAgB+I,EAAuB4B,uBAAuB3S,KAAM,GAAK+Q,EAAuB4B,uBAAuB9E,KACtI,EAIA7F,EAAgBqO,oCAAsC,WAClD,OAAO,IAAIrO,EAAgB+I,EAAuB6B,yBAAyB5S,KAAM,GAAK+Q,EAAuB6B,yBAAyB/E,KAC1I,EAIA7F,EAAgBsO,iCAAmC,WAC/C,OAAO,IAAItO,EAAgB+I,EAAuB8B,mBAAmB7S,KAAM+Q,EAAuB8B,mBAAmBhF,KACzH,EAIA7F,EAAgBuO,mCAAqC,WACjD,OAAO,IAAIvO,EAAgB+I,EAAuB+B,wBAAwB9S,KAAM+Q,EAAuB+B,wBAAwBjF,KACnI,EAIA7F,EAAgBwO,0BAA4B,WACxC,OAAO,IAAIxO,EAAgB+I,EAAuBgC,eAAe/S,KAAM+Q,EAAuBgC,eAAelF,KACjH,EAIA7F,EAAgByO,uBAAyB,WACrC,OAAO,IAAIzO,EAAgB+I,EAAuBiC,iBAAiBhT,KAAM,GAAK+Q,EAAuBiC,iBAAiBnF,KAC1H,EAKA7F,EAAgB0O,0BAA4B,SAAUC,GAClD,OAAO,IAAI3O,EAAgB+I,EAAuBkC,YAAYjT,KAAM,GAAK+Q,EAAuBkC,YAAYpF,KAAO8I,EACvH,EAIA3O,EAAgB4O,4BAA8B,WAC1C,OAAO,IAAI5O,EAAgB+I,EAAuBmC,iBAAiBlT,KAAM,GAAK+Q,EAAuBmC,iBAAiBrF,KAC1H,EAIA7F,EAAgB6O,iCAAmC,WAC/C,OAAO,IAAI7O,EAAgB+I,EAAuBoC,sBAAsBnT,KAAM,GAAK+Q,EAAuBoC,sBAAsBtF,KACpI,EAIA7F,EAAgB8O,oCAAsC,WAClD,OAAO,IAAI9O,EAAgB+I,EAAuBqC,yBAAyBpT,KAAM,GAAK+Q,EAAuBqC,yBAAyBvF,KAC1I,EAIA7F,EAAgB+O,4BAA8B,WAC1C,OAAO,IAAI/O,EAAgB+I,EAAuBsC,iBAAiBrT,KAAM,GAAK+Q,EAAuBsC,iBAAiBxF,KAC1H,EAIA7F,EAAgBgP,6BAA+B,WAC3C,OAAO,IAAIhP,EAAgB+I,EAAuBuC,wBAAwBtT,KAAM,GAAK+Q,EAAuBuC,wBAAwBzF,KACxI,EAIA7F,EAAgBiP,2BAA6B,WACzC,OAAO,IAAIjP,EAAgB+I,EAAuBwC,qBAAqBvT,KAAM+Q,EAAuBwC,qBAAqB1F,KAC7H,EAIA7F,EAAgBkP,8BAAgC,WAC5C,OAAO,IAAIlP,EAAgB+I,EAAuByC,mBAAmBxT,KAAM+Q,EAAuByC,mBAAmB3F,KACzH,EAIA7F,EAAgBmP,+BAAiC,WAC7C,OAAO,IAAInP,EAAgB+I,EAAuB0C,oBAAoBzT,KAAM+Q,EAAuB0C,oBAAoB5F,KAC3H,EAIA7F,EAAgBoP,sCAAwC,WACpD,OAAO,IAAIpP,EAAgB+I,EAAuB2C,8BAA8B1T,KAAM+Q,EAAuB2C,8BAA8B7F,KAC/I,EACA7F,EAAgBqP,gCAAkC,WAC9C,OAAO,IAAIrP,EAAgB+I,EAAuB8C,0BAA0B7T,KAAM+Q,EAAuB8C,0BAA0BhG,KACvI,EAIA7F,EAAgBsP,8BAAgC,WAC5C,OAAO,IAAItP,EAAgB+I,EAAuB+C,mBAAmB9T,KAAM+Q,EAAuB+C,mBAAmBjG,KACzH,EAIA7F,EAAgBuP,wBAA0B,WACtC,OAAO,IAAIvP,EAAgB+I,EAAuBgD,aAAa/T,KAAM+Q,EAAuBgD,aAAalG,KAC7G,EACO7F,CACX,CA5RoC,CA4RlC,I,8ECpeEwP,EAAkC,CAClCC,kBAAmB,CACfzX,KAAM,qBACN6N,KAAM,oEAEV6J,oBAAqB,CACjB1X,KAAM,wBACN6N,KAAM,4CAEV8J,0BAA2B,CACvB3X,KAAM,+BACN6N,KAAM,oDAEV+J,qBAAsB,CAClB5X,KAAM,yBACN6N,KAAM,6NAEVgK,cAAe,CACX7X,KAAM,kBACN6N,KAAM,sDAEViK,cAAe,CACX9X,KAAM,kBACN6N,KAAM,0BAEVkK,iBAAkB,CACd/X,KAAM,2BACN6N,KAAM,kHAEVmK,oBAAqB,CACjBhY,KAAM,8BACN6N,KAAM,yCAEVoK,yBAA0B,CACtBjY,KAAM,8BACN6N,KAAM,qDAEVqK,cAAe,CACXlY,KAAM,uBACN6N,KAAM,8RAEVsK,qBAAsB,CAClBnY,KAAM,iBACN6N,KAAM,6DAEVuK,uBAAwB,CACpBpY,KAAM,sBACN6N,KAAM,mDAEVwK,wBAAyB,CACrBrY,KAAM,uBACN6N,KAAM,6CAEVyK,2BAA4B,CACxBtY,KAAM,gCACN6N,KAAM,iFAEV0K,2BAA4B,CACxBvY,KAAM,sBACN6N,KAAM,uGAEV2K,8BAA+B,CAC3BxY,KAAM,mCACN6N,KAAM,uIAEV4K,yBAA0B,CACtBzY,KAAM,6BACN6N,KAAM,2IAEV6K,mBAAoB,CAChB1Y,KAAM,sBACN6N,KAAM,8HAEV8K,0BAA2B,CACvB3Y,KAAM,+BACN6N,KAAM,uHAEV+K,cAAe,CACX5Y,KAAM,kBACN6N,KAAM,+HAEVgL,cAAe,CACX7Y,KAAM,kBACN6N,KAAM,yJAEViL,iCAAkC,CAC9B9Y,KAAM,sCACN6N,KAAM,kLAEVkL,4BAA6B,CACzB/Y,KAAM,gCACN6N,KAAM,2CAMVmL,EAA0C,SAAU/iB,GAEpD,SAAS+iB,EAAyBpP,EAAWoE,GACzC,IAAI1iB,EAAQ2K,EAAOkJ,KAAKhU,KAAMye,EAAWoE,IAAiB7iB,KAG1D,OAFAG,EAAM+M,KAAO,2BACb3M,OAAOuiB,eAAe3iB,EAAO0tB,EAAyB5tB,WAC/CE,CACX,CA2IA,OAjJA,QAAU0tB,EAA0B/iB,GAUpC+iB,EAAyBC,4BAA8B,WACnD,OAAO,IAAID,EAAyBxB,EAAgCC,kBAAkBzX,KAAMwX,EAAgCC,kBAAkB5J,KAClJ,EAIAmL,EAAyBE,sCAAwC,WAC7D,OAAO,IAAIF,EAAyBxB,EAAgCE,oBAAoB1X,KAAMwX,EAAgCE,oBAAoB7J,KACtJ,EAIAmL,EAAyBG,gCAAkC,SAAUC,GACjE,OAAO,IAAIJ,EAAyBxB,EAAgCG,0BAA0B3X,KAAMwX,EAAgCG,0BAA0B9J,KAAO,iBAAmBuL,EAC5L,EAKAJ,EAAyBK,gCAAkC,SAAUC,GACjE,OAAO,IAAIN,EAAyBxB,EAAgCI,qBAAqB5X,KAAMwX,EAAgCI,qBAAqB/J,KAAO,eAAiByL,EAChL,EAKAN,EAAyBO,oBAAsB,SAAU1B,GACrD,OAAO,IAAImB,EAAyBxB,EAAgCK,cAAc7X,KAAMwX,EAAgCK,cAAchK,KAAO,iBAAmBgK,EACpK,EAKAmB,EAAyBQ,oBAAsB,WAC3C,OAAO,IAAIR,EAAyBxB,EAAgCM,cAAc9X,KAAMwX,EAAgCM,cAAcjK,KAC1I,EAKAmL,EAAyBS,4BAA8B,WACnD,OAAO,IAAIT,EAAyBxB,EAAgCO,iBAAiB/X,KAAM,GAAKwX,EAAgCO,iBAAiBlK,KACrJ,EAKAmL,EAAyBU,+BAAiC,SAAUC,GAChE,OAAO,IAAIX,EAAyBxB,EAAgCS,yBAAyBjY,KAAMwX,EAAgCS,yBAAyBpK,KAAO,kBAAoB8L,EAC3L,EAKAX,EAAyBY,yBAA2B,SAAUC,GAC1D,OAAO,IAAIb,EAAyBxB,EAAgCU,cAAclY,KAAMwX,EAAgCU,cAAcrK,KAAO,iBAAmBgM,EACpK,EAIAb,EAAyBc,gCAAkC,WACvD,OAAO,IAAId,EAAyBxB,EAAgCW,qBAAqBnY,KAAMwX,EAAgCW,qBAAqBtK,KACxJ,EAIAmL,EAAyBe,8BAAgC,WACrD,OAAO,IAAIf,EAAyBxB,EAAgCa,wBAAwBrY,KAAMwX,EAAgCa,wBAAwBxK,KAC9J,EAIAmL,EAAyBgB,6BAA+B,WACpD,OAAO,IAAIhB,EAAyBxB,EAAgCY,uBAAuBpY,KAAMwX,EAAgCY,uBAAuBvK,KAC5J,EAIAmL,EAAyBiB,sCAAwC,WAC7D,OAAO,IAAIjB,EAAyBxB,EAAgCc,2BAA2BtY,KAAMwX,EAAgCc,2BAA2BzK,KACpK,EAIAmL,EAAyBkB,sCAAwC,WAC7D,OAAO,IAAIlB,EAAyBxB,EAAgCe,2BAA2BvY,KAAMwX,EAAgCe,2BAA2B1K,KACpK,EAIAmL,EAAyBmB,yCAA2C,WAChE,OAAO,IAAInB,EAAyBxB,EAAgCgB,8BAA8BxY,KAAMwX,EAAgCgB,8BAA8B3K,KAC1K,EAIAmL,EAAyBoB,oCAAsC,WAC3D,OAAO,IAAIpB,EAAyBxB,EAAgCiB,yBAAyBzY,KAAMwX,EAAgCiB,yBAAyB5K,KAChK,EAIAmL,EAAyBqB,8BAAgC,WACrD,OAAO,IAAIrB,EAAyBxB,EAAgCkB,mBAAmB1Y,KAAMwX,EAAgCkB,mBAAmB7K,KACpJ,EAIAmL,EAAyBsB,qCAAuC,WAC5D,OAAO,IAAItB,EAAyBxB,EAAgCmB,0BAA0B3Y,KAAMwX,EAAgCmB,0BAA0B9K,KAClK,EAIAmL,EAAyBuB,yBAA2B,WAChD,OAAO,IAAIvB,EAAyBxB,EAAgCoB,cAAc5Y,KAAMwX,EAAgCoB,cAAc/K,KAC1I,EAIAmL,EAAyBwB,yBAA2B,WAChD,OAAO,IAAIxB,EAAyBxB,EAAgCqB,cAAc7Y,KAAMwX,EAAgCqB,cAAchL,KAC1I,EAIAmL,EAAyByB,6CAA+C,WACpE,OAAO,IAAIzB,EAAyBxB,EAAgCsB,iCAAiC9Y,KAAMwX,EAAgCsB,iCAAiCjL,KAChL,EAIAmL,EAAyB0B,uCAAyC,SAAUC,EAAmBC,GAC3F,OAAO,IAAI5B,EAAyBxB,EAAgCuB,4BAA4B/Y,KAAMwX,EAAgCuB,4BAA4BlL,KAAO,qBAAuB8M,EAAoB,cAAgBC,EACxO,EACO5B,CACX,CAnJ6C,CAmJ3C,I,wGCpPE6B,EAAwC,CACxC,uBACA,mBACA,kBAEAC,EAAyC,CACzC,eACA,oBACA,eACA,wBACA,oBAKAC,EAAsC,CACtC/I,mBAAoB,CAChBhS,KAAM,kBACN6N,KAAM,wDAEVmN,2BAA4B,CACxBhb,KAAM,6BACN6N,KAAM,wJAMVoN,EAA8C,SAAUhlB,GAExD,SAASglB,EAA6BrR,EAAWoE,EAAclE,GAC3D,IAAIxe,EAAQ2K,EAAOkJ,KAAKhU,KAAMye,EAAWoE,EAAclE,IAAa3e,KAGpE,OAFAG,EAAM+M,KAAO,+BACb3M,OAAOuiB,eAAe3iB,EAAO2vB,EAA6B7vB,WACnDE,CACX,CA4BA,OAlCA,QAAU2vB,EAA8BhlB,GAaxCglB,EAA6BC,2BAA6B,SAAUtR,EAAW6G,EAAa3G,GACxF,IAAIqR,IAAmCvR,GAAaiR,EAAsClpB,QAAQiY,IAAc,EAC5GwR,IAAkCtR,GAAYgR,EAAuCnpB,QAAQmY,IAAa,EAC1GuR,IAAmC5K,GAAeoK,EAAsCS,MAAK,SAAUC,GACvG,OAAO9K,EAAY9e,QAAQ4pB,IAAgB,CAC/C,IACA,OAAOJ,GAAkCE,GAAkCD,CAC/E,EAIAH,EAA6BO,yBAA2B,WACpD,OAAO,IAAIP,EAA6BF,EAAoC/I,mBAAmBhS,KAAM+a,EAAoC/I,mBAAmBnE,KAChK,EAKAoN,EAA6BQ,oCAAsC,WAC/D,OAAO,IAAIR,EAA6BF,EAAoCC,2BAA2Bhb,KAAM+a,EAAoCC,2BAA2BnN,KAChL,EACOoN,CACX,CApCiD,CAoC/C,I,+EChEES,EAA6B,SAAUzlB,GAEvC,SAASylB,EAAY9R,EAAWoE,EAAclE,GAC1C,IAAIxe,EAAQ2K,EAAOkJ,KAAKhU,KAAMye,EAAWoE,EAAclE,IAAa3e,KAGpE,OAFAG,EAAM+M,KAAO,cACb3M,OAAOuiB,eAAe3iB,EAAOowB,EAAYtwB,WAClCE,CACX,CACA,OAPA,QAAUowB,EAAazlB,GAOhBylB,CACX,CATgC,CAS9B,I,kFCTEC,E,qBACJ,SAAWA,GACPA,EAASA,EAAS,SAAW,GAAK,QAClCA,EAASA,EAAS,WAAa,GAAK,UACpCA,EAASA,EAAS,QAAU,GAAK,OACjCA,EAASA,EAAS,WAAa,GAAK,UACpCA,EAASA,EAAS,SAAW,GAAK,OACrC,EAND,CAMGA,IAAaA,EAAW,CAAC,IAI5B,IAAIxT,EAAwB,WACxB,SAASA,EAAOC,EAAewT,EAAaC,GAExC1wB,KAAK2wB,MAAQH,EAASI,KACtB,IAAIC,EAAwB,WAE5B,EACA7wB,KAAK8wB,cAAgB7T,EAAcoD,gBAAkBwQ,EACrD7wB,KAAKsgB,kBAAoBrD,EAAcqD,oBAAqB,EAC5DtgB,KAAK2wB,MAA4C,kBAA5B1T,EAAsB,SAAiBA,EAAcsD,SAAWiQ,EAASI,KAC9F5wB,KAAKyX,cAAgBwF,EAAcxF,eAAiB,kBACpDzX,KAAKywB,YAAcA,GAAe,kBAClCzwB,KAAK0wB,eAAiBA,GAAkB,iBAC5C,CAgJA,OA5IA1T,EAAO/c,UAAU8wB,MAAQ,SAAUN,EAAaC,EAAgBjZ,GAC5D,OAAO,IAAIuF,EAAO,CAAEqD,eAAgBrgB,KAAK8wB,cAAexQ,kBAAmBtgB,KAAKsgB,kBAAmBC,SAAUvgB,KAAK2wB,MAAOlZ,cAAeA,GAAiBzX,KAAKyX,eAAiBgZ,EAAaC,EAChM,EAIA1T,EAAO/c,UAAU+wB,WAAa,SAAUA,EAAYxU,GAChD,KAAKA,EAAQ+D,SAAWvgB,KAAK2wB,QAAY3wB,KAAKsgB,mBAAqB9D,EAAQyU,aAA3E,CAGA,IAEIC,EAFAC,GAAY,IAAIC,MAAOC,cAUvBH,EAPC,YAAoB1U,EAAQ/E,eAGvB,YAAoBzX,KAAKyX,eAInB,IAAM0Z,EAAY,IAHlB,IAAMA,EAAY,QAAUnxB,KAAKyX,cAAgB,IAHjD,IAAM0Z,EAAY,QAAU3U,EAAQ/E,cAAgB,IAQpE,IAAI6Z,EAAMJ,EAAY,MAAQlxB,KAAKywB,YAAc,IAAMzwB,KAAK0wB,eAAiB,MAAQF,EAAShU,EAAQ+D,UAAY,MAAQyQ,EAE1HhxB,KAAKuxB,gBAAgB/U,EAAQ+D,SAAU+Q,EAAK9U,EAAQyU,cAAe,EAfnE,CAgBJ,EAIAjU,EAAO/c,UAAUsxB,gBAAkB,SAAUZ,EAAOa,EAASP,GACrDjxB,KAAK8wB,eACL9wB,KAAK8wB,cAAcH,EAAOa,EAASP,EAE3C,EAIAjU,EAAO/c,UAAUue,MAAQ,SAAUgT,EAAS/Z,GACxCzX,KAAKgxB,WAAWQ,EAAS,CACrBjR,SAAUiQ,EAAS7K,MACnBsL,aAAa,EACbxZ,cAAeA,GAAiB,mBAExC,EAIAuF,EAAO/c,UAAUwxB,SAAW,SAAUD,EAAS/Z,GAC3CzX,KAAKgxB,WAAWQ,EAAS,CACrBjR,SAAUiQ,EAAS7K,MACnBsL,aAAa,EACbxZ,cAAeA,GAAiB,mBAExC,EAIAuF,EAAO/c,UAAUyxB,QAAU,SAAUF,EAAS/Z,GAC1CzX,KAAKgxB,WAAWQ,EAAS,CACrBjR,SAAUiQ,EAASmB,QACnBV,aAAa,EACbxZ,cAAeA,GAAiB,mBAExC,EAIAuF,EAAO/c,UAAU2xB,WAAa,SAAUJ,EAAS/Z,GAC7CzX,KAAKgxB,WAAWQ,EAAS,CACrBjR,SAAUiQ,EAASmB,QACnBV,aAAa,EACbxZ,cAAeA,GAAiB,mBAExC,EAIAuF,EAAO/c,UAAU2U,KAAO,SAAU4c,EAAS/Z,GACvCzX,KAAKgxB,WAAWQ,EAAS,CACrBjR,SAAUiQ,EAASI,KACnBK,aAAa,EACbxZ,cAAeA,GAAiB,mBAExC,EAIAuF,EAAO/c,UAAU4xB,QAAU,SAAUL,EAAS/Z,GAC1CzX,KAAKgxB,WAAWQ,EAAS,CACrBjR,SAAUiQ,EAASI,KACnBK,aAAa,EACbxZ,cAAeA,GAAiB,mBAExC,EAIAuF,EAAO/c,UAAU8O,QAAU,SAAUyiB,EAAS/Z,GAC1CzX,KAAKgxB,WAAWQ,EAAS,CACrBjR,SAAUiQ,EAASsB,QACnBb,aAAa,EACbxZ,cAAeA,GAAiB,mBAExC,EAIAuF,EAAO/c,UAAU8xB,WAAa,SAAUP,EAAS/Z,GAC7CzX,KAAKgxB,WAAWQ,EAAS,CACrBjR,SAAUiQ,EAASsB,QACnBb,aAAa,EACbxZ,cAAeA,GAAiB,mBAExC,EAIAuF,EAAO/c,UAAU+xB,MAAQ,SAAUR,EAAS/Z,GACxCzX,KAAKgxB,WAAWQ,EAAS,CACrBjR,SAAUiQ,EAASyB,MACnBhB,aAAa,EACbxZ,cAAeA,GAAiB,mBAExC,EAIAuF,EAAO/c,UAAUiyB,SAAW,SAAUV,EAAS/Z,GAC3CzX,KAAKgxB,WAAWQ,EAAS,CACrBjR,SAAUiQ,EAASyB,MACnBhB,aAAa,EACbxZ,cAAeA,GAAiB,mBAExC,EAIAuF,EAAO/c,UAAUkyB,oBAAsB,WACnC,OAAOnyB,KAAKsgB,oBAAqB,CACrC,EACOtD,CACX,CA9J2B,E,oECfvBoV,EAAuB,CACvB3R,oBAAqB,WACjB,IAAIxV,EAAa,gGACjB,OAAOtH,QAAQ0uB,OAAO,0BAAgCpnB,GAC1D,EACA0R,qBAAsB,WAClB,IAAI1R,EAAa,iGACjB,OAAOtH,QAAQ0uB,OAAO,0BAAgCpnB,GAC1D;0HCPAyR,EAAiC,WACjC,SAASA,IACT,CAqFA,OAhFAA,EAAgB4V,6BAA+B,SAAUnc,GACrD,OAAO,uBAAwC,IAAMoN,KAAKC,UAAUrN,EACxE,EAMAuG,EAAgB6V,WAAa,SAAUrd,EAAciB,GACjD,IAAIzU,EACA0B,EAAMsZ,EAAgB4V,6BAA6Bnc,GACnDrV,EAAQoU,EAAa5J,mBAAmBlI,GAC5C,GAAItC,EAAO,CACP,GAAIA,EAAM0xB,aAAepB,KAAKqB,MAE1B,YADAvd,EAAanO,WAAW3D,EAAK,iBAGjC,MAAM,IAAI,KAAyC,QAA3B1B,EAAKZ,EAAM4xB,kBAA+B,IAAPhxB,OAAgB,EAASA,EAAGiL,KAAK,OAAS,kBAAwB7L,EAAM+hB,aAAc/hB,EAAM6d,SAC3J,CACJ,EAOAjC,EAAgBiW,YAAc,SAAUzd,EAAciB,EAAY1B,GAC9D,GAAIiI,EAAgBkW,oBAAoBne,IAAaiI,EAAgBmW,2BAA2Bpe,GAAW,CACvG,IAAIqe,EAAkB,CAClBN,aAAc9V,EAAgBqW,sBAAsBC,SAASve,EAASM,QAAQ,oBAC9EyJ,MAAO/J,EAASa,KAAKkJ,MACrBkU,WAAYje,EAASa,KAAK2d,YAC1BpQ,aAAcpO,EAASa,KAAK4d,kBAC5BvU,SAAUlK,EAASa,KAAK+P,UAE5BnQ,EAAa7J,mBAAmBqR,EAAgB4V,6BAA6Bnc,GAAa2c,EAC9F,CACJ,EAKApW,EAAgBkW,oBAAsB,SAAUne,GAC5C,OAA2B,MAApBA,EAAS+I,QAAkB/I,EAAS+I,QAAU,KAAO/I,EAAS+I,OAAS,GAClF,EAKAd,EAAgBmW,2BAA6B,SAAUpe,GACnD,QAAIA,EAASM,UACFN,EAASM,QAAQtI,eAAe,oBAA6BgI,EAAS+I,OAAS,KAAO/I,EAAS+I,QAAU,KAGxH,EAKAd,EAAgBqW,sBAAwB,SAAUP,GAC9C,IAAIW,EAAOX,GAAgB,EAAI,EAAIA,EAC/BY,EAAiBhC,KAAKqB,MAAQ,IAClC,OAAOY,KAAKC,MAAuK,IAAjKD,KAAKE,IAAIH,GAAkBD,GAAQ,oCAAoDC,EAAiB,wCAC9H,EACA1W,EAAgB8W,eAAiB,SAAUte,EAAcpV,EAAU8H,EAAS6rB,GACxE,IAAItd,EAAa,CACbrW,SAAUA,EACVwK,UAAW1C,EAAQ0C,UACnBzB,OAAQjB,EAAQiB,OAChB4qB,sBAAuBA,EACvBlyB,OAAQqG,EAAQrG,OAChBwH,qBAAsBnB,EAAQmB,qBAC9B0N,sBAAuB7O,EAAQ6O,sBAC/BC,mBAAoB9O,EAAQ8O,mBAC5BC,UAAW/O,EAAQ+O,UACnBzN,OAAQtB,EAAQsB,QAEhB9F,EAAMpD,KAAKsyB,6BAA6Bnc,GAC5C,OAAOjB,EAAanO,WAAW3D,EAAK,gBACxC,EACOsZ,CACX,CAxFoC,E","sources":["webpack://ida-jandaya/./node_modules/@azure/msal-common/dist/cache/CacheManager.js","webpack://ida-jandaya/./node_modules/@azure/msal-common/dist/cache/entities/AccessTokenEntity.js","webpack://ida-jandaya/./node_modules/@azure/msal-common/dist/cache/entities/AccountEntity.js","webpack://ida-jandaya/./node_modules/@azure/msal-common/dist/cache/entities/AppMetadataEntity.js","webpack://ida-jandaya/./node_modules/@azure/msal-common/dist/cache/entities/AuthorityMetadataEntity.js","webpack://ida-jandaya/./node_modules/@azure/msal-common/dist/cache/entities/CacheRecord.js","webpack://ida-jandaya/./node_modules/@azure/msal-common/dist/cache/entities/CredentialEntity.js","webpack://ida-jandaya/./node_modules/@azure/msal-common/dist/cache/entities/IdTokenEntity.js","webpack://ida-jandaya/./node_modules/@azure/msal-common/dist/cache/entities/RefreshTokenEntity.js","webpack://ida-jandaya/./node_modules/@azure/msal-common/dist/cache/entities/ServerTelemetryEntity.js","webpack://ida-jandaya/./node_modules/@azure/msal-common/dist/cache/entities/ThrottlingEntity.js","webpack://ida-jandaya/./node_modules/@azure/msal-common/dist/cache/persistence/TokenCacheContext.js","webpack://ida-jandaya/./node_modules/@azure/msal-common/dist/client/AuthorizationCodeClient.js","webpack://ida-jandaya/./node_modules/@azure/msal-common/dist/network/NetworkManager.js","webpack://ida-jandaya/./node_modules/@azure/msal-common/dist/client/BaseClient.js","webpack://ida-jandaya/./node_modules/@azure/msal-common/dist/client/RefreshTokenClient.js","webpack://ida-jandaya/./node_modules/@azure/msal-common/dist/client/SilentFlowClient.js","webpack://ida-jandaya/./node_modules/@azure/msal-common/dist/config/ClientConfiguration.js","webpack://ida-jandaya/./node_modules/@azure/msal-common/dist/crypto/ICrypto.js","webpack://ida-jandaya/./node_modules/@azure/msal-common/dist/error/JoseHeaderError.js","webpack://ida-jandaya/./node_modules/@azure/msal-common/dist/crypto/JoseHeader.js","webpack://ida-jandaya/./node_modules/@azure/msal-common/dist/crypto/PopTokenGenerator.js","webpack://ida-jandaya/./node_modules/@azure/msal-common/dist/error/AuthError.js","webpack://ida-jandaya/./node_modules/@azure/msal-common/dist/error/ClientAuthError.js","webpack://ida-jandaya/./node_modules/@azure/msal-common/dist/error/ClientConfigurationError.js","webpack://ida-jandaya/./node_modules/@azure/msal-common/dist/error/InteractionRequiredAuthError.js","webpack://ida-jandaya/./node_modules/@azure/msal-common/dist/error/ServerError.js","webpack://ida-jandaya/./node_modules/@azure/msal-common/dist/logger/Logger.js","webpack://ida-jandaya/./node_modules/@azure/msal-common/dist/network/INetworkModule.js","webpack://ida-jandaya/./node_modules/@azure/msal-common/dist/network/ThrottlingUtils.js"],"sourcesContent":["/*! @azure/msal-common v7.6.0 2022-10-10 */\n'use strict';\nimport { __awaiter, __generator, __extends } from '../_virtual/_tslib.js';\nimport { Constants, CredentialType, AuthenticationScheme, CacheSchemaType, THE_FAMILY_ID, APP_METADATA, AUTHORITY_METADATA_CONSTANTS } from '../utils/Constants.js';\nimport { CredentialEntity } from './entities/CredentialEntity.js';\nimport { ScopeSet } from '../request/ScopeSet.js';\nimport { AccountEntity } from './entities/AccountEntity.js';\nimport { AuthError } from '../error/AuthError.js';\nimport { ClientAuthError } from '../error/ClientAuthError.js';\nimport { AuthToken } from '../account/AuthToken.js';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\n/**\r\n * Interface class which implement cache storage functions used by MSAL to perform validity checks, and store tokens.\r\n */\r\nvar CacheManager = /** @class */ (function () {\r\n function CacheManager(clientId, cryptoImpl) {\r\n this.clientId = clientId;\r\n this.cryptoImpl = cryptoImpl;\r\n }\r\n /**\r\n * Returns all accounts in cache\r\n */\r\n CacheManager.prototype.getAllAccounts = function () {\r\n var _this = this;\r\n var currentAccounts = this.getAccountsFilteredBy();\r\n var accountValues = Object.keys(currentAccounts).map(function (accountKey) { return currentAccounts[accountKey]; });\r\n var numAccounts = accountValues.length;\r\n if (numAccounts < 1) {\r\n return [];\r\n }\r\n else {\r\n var allAccounts = accountValues.map(function (value) {\r\n var accountEntity = CacheManager.toObject(new AccountEntity(), value);\r\n var accountInfo = accountEntity.getAccountInfo();\r\n var idToken = _this.readIdTokenFromCache(_this.clientId, accountInfo);\r\n if (idToken && !accountInfo.idTokenClaims) {\r\n accountInfo.idToken = idToken.secret;\r\n accountInfo.idTokenClaims = new AuthToken(idToken.secret, _this.cryptoImpl).claims;\r\n }\r\n return accountInfo;\r\n });\r\n return allAccounts;\r\n }\r\n };\r\n /**\r\n * saves a cache record\r\n * @param cacheRecord\r\n */\r\n CacheManager.prototype.saveCacheRecord = function (cacheRecord) {\r\n return __awaiter(this, void 0, void 0, function () {\r\n return __generator(this, function (_a) {\r\n switch (_a.label) {\r\n case 0:\r\n if (!cacheRecord) {\r\n throw ClientAuthError.createNullOrUndefinedCacheRecord();\r\n }\r\n if (!!cacheRecord.account) {\r\n this.setAccount(cacheRecord.account);\r\n }\r\n if (!!cacheRecord.idToken) {\r\n this.setIdTokenCredential(cacheRecord.idToken);\r\n }\r\n if (!!!cacheRecord.accessToken) return [3 /*break*/, 2];\r\n return [4 /*yield*/, this.saveAccessToken(cacheRecord.accessToken)];\r\n case 1:\r\n _a.sent();\r\n _a.label = 2;\r\n case 2:\r\n if (!!cacheRecord.refreshToken) {\r\n this.setRefreshTokenCredential(cacheRecord.refreshToken);\r\n }\r\n if (!!cacheRecord.appMetadata) {\r\n this.setAppMetadata(cacheRecord.appMetadata);\r\n }\r\n return [2 /*return*/];\r\n }\r\n });\r\n });\r\n };\r\n /**\r\n * saves access token credential\r\n * @param credential\r\n */\r\n CacheManager.prototype.saveAccessToken = function (credential) {\r\n return __awaiter(this, void 0, void 0, function () {\r\n var currentTokenCache, currentScopes, currentAccessTokens, removedAccessTokens_1;\r\n var _this = this;\r\n return __generator(this, function (_a) {\r\n switch (_a.label) {\r\n case 0:\r\n currentTokenCache = this.getCredentialsFilteredBy({\r\n clientId: credential.clientId,\r\n credentialType: credential.credentialType,\r\n environment: credential.environment,\r\n homeAccountId: credential.homeAccountId,\r\n realm: credential.realm,\r\n tokenType: credential.tokenType,\r\n requestedClaimsHash: credential.requestedClaimsHash\r\n });\r\n currentScopes = ScopeSet.fromString(credential.target);\r\n currentAccessTokens = Object.keys(currentTokenCache.accessTokens).map(function (key) { return currentTokenCache.accessTokens[key]; });\r\n if (!currentAccessTokens) return [3 /*break*/, 2];\r\n removedAccessTokens_1 = [];\r\n currentAccessTokens.forEach(function (tokenEntity) {\r\n var tokenScopeSet = ScopeSet.fromString(tokenEntity.target);\r\n if (tokenScopeSet.intersectingScopeSets(currentScopes)) {\r\n removedAccessTokens_1.push(_this.removeCredential(tokenEntity));\r\n }\r\n });\r\n return [4 /*yield*/, Promise.all(removedAccessTokens_1)];\r\n case 1:\r\n _a.sent();\r\n _a.label = 2;\r\n case 2:\r\n this.setAccessTokenCredential(credential);\r\n return [2 /*return*/];\r\n }\r\n });\r\n });\r\n };\r\n /**\r\n * retrieve accounts matching all provided filters; if no filter is set, get all accounts\r\n * not checking for casing as keys are all generated in lower case, remember to convert to lower case if object properties are compared\r\n * @param homeAccountId\r\n * @param environment\r\n * @param realm\r\n */\r\n CacheManager.prototype.getAccountsFilteredBy = function (accountFilter) {\r\n return this.getAccountsFilteredByInternal(accountFilter ? accountFilter.homeAccountId : Constants.EMPTY_STRING, accountFilter ? accountFilter.environment : Constants.EMPTY_STRING, accountFilter ? accountFilter.realm : Constants.EMPTY_STRING, accountFilter ? accountFilter.nativeAccountId : Constants.EMPTY_STRING);\r\n };\r\n /**\r\n * retrieve accounts matching all provided filters; if no filter is set, get all accounts\r\n * not checking for casing as keys are all generated in lower case, remember to convert to lower case if object properties are compared\r\n * @param homeAccountId\r\n * @param environment\r\n * @param realm\r\n */\r\n CacheManager.prototype.getAccountsFilteredByInternal = function (homeAccountId, environment, realm, nativeAccountId) {\r\n var _this = this;\r\n var allCacheKeys = this.getKeys();\r\n var matchingAccounts = {};\r\n allCacheKeys.forEach(function (cacheKey) {\r\n var entity = _this.getAccount(cacheKey);\r\n if (!entity) {\r\n return;\r\n }\r\n if (!!homeAccountId && !_this.matchHomeAccountId(entity, homeAccountId)) {\r\n return;\r\n }\r\n if (!!environment && !_this.matchEnvironment(entity, environment)) {\r\n return;\r\n }\r\n if (!!realm && !_this.matchRealm(entity, realm)) {\r\n return;\r\n }\r\n if (!!nativeAccountId && !_this.matchNativeAccountId(entity, nativeAccountId)) {\r\n return;\r\n }\r\n matchingAccounts[cacheKey] = entity;\r\n });\r\n return matchingAccounts;\r\n };\r\n /**\r\n * retrieve credentails matching all provided filters; if no filter is set, get all credentials\r\n * @param homeAccountId\r\n * @param environment\r\n * @param credentialType\r\n * @param clientId\r\n * @param realm\r\n * @param target\r\n */\r\n CacheManager.prototype.getCredentialsFilteredBy = function (filter) {\r\n return this.getCredentialsFilteredByInternal(filter.homeAccountId, filter.environment, filter.credentialType, filter.clientId, filter.familyId, filter.realm, filter.target, filter.userAssertionHash, filter.tokenType, filter.keyId, filter.requestedClaimsHash);\r\n };\r\n /**\r\n * Support function to help match credentials\r\n * @param homeAccountId\r\n * @param environment\r\n * @param credentialType\r\n * @param clientId\r\n * @param realm\r\n * @param target\r\n * @param userAssertionHash\r\n * @param tokenType\r\n */\r\n CacheManager.prototype.getCredentialsFilteredByInternal = function (homeAccountId, environment, credentialType, clientId, familyId, realm, target, userAssertionHash, tokenType, keyId, requestedClaimsHash) {\r\n var _this = this;\r\n var allCacheKeys = this.getKeys();\r\n var matchingCredentials = {\r\n idTokens: {},\r\n accessTokens: {},\r\n refreshTokens: {},\r\n };\r\n allCacheKeys.forEach(function (cacheKey) {\r\n // don't parse any non-credential type cache entities\r\n var credType = CredentialEntity.getCredentialType(cacheKey);\r\n if (credType === Constants.NOT_DEFINED) {\r\n return;\r\n }\r\n // Attempt retrieval\r\n var entity = _this.getSpecificCredential(cacheKey, credType);\r\n if (!entity) {\r\n return;\r\n }\r\n if (!!userAssertionHash && !_this.matchUserAssertionHash(entity, userAssertionHash)) {\r\n return;\r\n }\r\n /*\r\n * homeAccountId can undefined, and we want to filter out cached items that have a homeAccountId of \"\"\r\n * because we don't want a client_credential request to return a cached token that has a homeAccountId\r\n */\r\n if ((typeof homeAccountId === \"string\") && !_this.matchHomeAccountId(entity, homeAccountId)) {\r\n return;\r\n }\r\n if (!!environment && !_this.matchEnvironment(entity, environment)) {\r\n return;\r\n }\r\n if (!!realm && !_this.matchRealm(entity, realm)) {\r\n return;\r\n }\r\n if (!!credentialType && !_this.matchCredentialType(entity, credentialType)) {\r\n return;\r\n }\r\n if (!!clientId && !_this.matchClientId(entity, clientId)) {\r\n return;\r\n }\r\n if (!!familyId && !_this.matchFamilyId(entity, familyId)) {\r\n return;\r\n }\r\n /*\r\n * idTokens do not have \"target\", target specific refreshTokens do exist for some types of authentication\r\n * Resource specific refresh tokens case will be added when the support is deemed necessary\r\n */\r\n if (!!target && !_this.matchTarget(entity, target)) {\r\n return;\r\n }\r\n // If request OR cached entity has requested Claims Hash, check if they match\r\n if (requestedClaimsHash || entity.requestedClaimsHash) {\r\n // Don't match if either is undefined or they are different\r\n if (entity.requestedClaimsHash !== requestedClaimsHash) {\r\n return;\r\n }\r\n }\r\n // Access Token with Auth Scheme specific matching\r\n if (credentialType === CredentialType.ACCESS_TOKEN_WITH_AUTH_SCHEME) {\r\n if (!!tokenType && !_this.matchTokenType(entity, tokenType)) {\r\n return;\r\n }\r\n // KeyId (sshKid) in request must match cached SSH certificate keyId because SSH cert is bound to a specific key\r\n if (tokenType === AuthenticationScheme.SSH) {\r\n if (keyId && !_this.matchKeyId(entity, keyId)) {\r\n return;\r\n }\r\n }\r\n }\r\n // At this point, the entity matches the request, update cache key if key schema has changed\r\n var updatedCacheKey = _this.updateCredentialCacheKey(cacheKey, entity);\r\n switch (credType) {\r\n case CredentialType.ID_TOKEN:\r\n matchingCredentials.idTokens[updatedCacheKey] = entity;\r\n break;\r\n case CredentialType.ACCESS_TOKEN:\r\n case CredentialType.ACCESS_TOKEN_WITH_AUTH_SCHEME:\r\n matchingCredentials.accessTokens[updatedCacheKey] = entity;\r\n break;\r\n case CredentialType.REFRESH_TOKEN:\r\n matchingCredentials.refreshTokens[updatedCacheKey] = entity;\r\n break;\r\n }\r\n });\r\n return matchingCredentials;\r\n };\r\n /**\r\n * retrieve appMetadata matching all provided filters; if no filter is set, get all appMetadata\r\n * @param filter\r\n */\r\n CacheManager.prototype.getAppMetadataFilteredBy = function (filter) {\r\n return this.getAppMetadataFilteredByInternal(filter.environment, filter.clientId);\r\n };\r\n /**\r\n * Support function to help match appMetadata\r\n * @param environment\r\n * @param clientId\r\n */\r\n CacheManager.prototype.getAppMetadataFilteredByInternal = function (environment, clientId) {\r\n var _this = this;\r\n var allCacheKeys = this.getKeys();\r\n var matchingAppMetadata = {};\r\n allCacheKeys.forEach(function (cacheKey) {\r\n // don't parse any non-appMetadata type cache entities\r\n if (!_this.isAppMetadata(cacheKey)) {\r\n return;\r\n }\r\n // Attempt retrieval\r\n var entity = _this.getAppMetadata(cacheKey);\r\n if (!entity) {\r\n return;\r\n }\r\n if (!!environment && !_this.matchEnvironment(entity, environment)) {\r\n return;\r\n }\r\n if (!!clientId && !_this.matchClientId(entity, clientId)) {\r\n return;\r\n }\r\n matchingAppMetadata[cacheKey] = entity;\r\n });\r\n return matchingAppMetadata;\r\n };\r\n /**\r\n * retrieve authorityMetadata that contains a matching alias\r\n * @param filter\r\n */\r\n CacheManager.prototype.getAuthorityMetadataByAlias = function (host) {\r\n var _this = this;\r\n var allCacheKeys = this.getAuthorityMetadataKeys();\r\n var matchedEntity = null;\r\n allCacheKeys.forEach(function (cacheKey) {\r\n // don't parse any non-authorityMetadata type cache entities\r\n if (!_this.isAuthorityMetadata(cacheKey) || cacheKey.indexOf(_this.clientId) === -1) {\r\n return;\r\n }\r\n // Attempt retrieval\r\n var entity = _this.getAuthorityMetadata(cacheKey);\r\n if (!entity) {\r\n return;\r\n }\r\n if (entity.aliases.indexOf(host) === -1) {\r\n return;\r\n }\r\n matchedEntity = entity;\r\n });\r\n return matchedEntity;\r\n };\r\n /**\r\n * Removes all accounts and related tokens from cache.\r\n */\r\n CacheManager.prototype.removeAllAccounts = function () {\r\n return __awaiter(this, void 0, void 0, function () {\r\n var allCacheKeys, removedAccounts;\r\n var _this = this;\r\n return __generator(this, function (_a) {\r\n switch (_a.label) {\r\n case 0:\r\n allCacheKeys = this.getKeys();\r\n removedAccounts = [];\r\n allCacheKeys.forEach(function (cacheKey) {\r\n var entity = _this.getAccount(cacheKey);\r\n if (!entity) {\r\n return;\r\n }\r\n removedAccounts.push(_this.removeAccount(cacheKey));\r\n });\r\n return [4 /*yield*/, Promise.all(removedAccounts)];\r\n case 1:\r\n _a.sent();\r\n return [2 /*return*/, true];\r\n }\r\n });\r\n });\r\n };\r\n /**\r\n * returns a boolean if the given account is removed\r\n * @param account\r\n */\r\n CacheManager.prototype.removeAccount = function (accountKey) {\r\n return __awaiter(this, void 0, void 0, function () {\r\n var account;\r\n return __generator(this, function (_a) {\r\n switch (_a.label) {\r\n case 0:\r\n account = this.getAccount(accountKey);\r\n if (!account) {\r\n throw ClientAuthError.createNoAccountFoundError();\r\n }\r\n return [4 /*yield*/, this.removeAccountContext(account)];\r\n case 1: return [2 /*return*/, ((_a.sent()) && this.removeItem(accountKey, CacheSchemaType.ACCOUNT))];\r\n }\r\n });\r\n });\r\n };\r\n /**\r\n * Removes credentials associated with the provided account\r\n * @param account\r\n */\r\n CacheManager.prototype.removeAccountContext = function (account) {\r\n return __awaiter(this, void 0, void 0, function () {\r\n var allCacheKeys, accountId, removedCredentials;\r\n var _this = this;\r\n return __generator(this, function (_a) {\r\n switch (_a.label) {\r\n case 0:\r\n allCacheKeys = this.getKeys();\r\n accountId = account.generateAccountId();\r\n removedCredentials = [];\r\n allCacheKeys.forEach(function (cacheKey) {\r\n // don't parse any non-credential type cache entities\r\n var credType = CredentialEntity.getCredentialType(cacheKey);\r\n if (credType === Constants.NOT_DEFINED) {\r\n return;\r\n }\r\n var cacheEntity = _this.getSpecificCredential(cacheKey, credType);\r\n if (!!cacheEntity && accountId === cacheEntity.generateAccountId()) {\r\n removedCredentials.push(_this.removeCredential(cacheEntity));\r\n }\r\n });\r\n return [4 /*yield*/, Promise.all(removedCredentials)];\r\n case 1:\r\n _a.sent();\r\n return [2 /*return*/, true];\r\n }\r\n });\r\n });\r\n };\r\n /**\r\n * returns a boolean if the given credential is removed\r\n * @param credential\r\n */\r\n CacheManager.prototype.removeCredential = function (credential) {\r\n return __awaiter(this, void 0, void 0, function () {\r\n var key, accessTokenWithAuthSchemeEntity, kid;\r\n return __generator(this, function (_a) {\r\n switch (_a.label) {\r\n case 0:\r\n key = credential.generateCredentialKey();\r\n if (!(credential.credentialType.toLowerCase() === CredentialType.ACCESS_TOKEN_WITH_AUTH_SCHEME.toLowerCase())) return [3 /*break*/, 4];\r\n if (!(credential.tokenType === AuthenticationScheme.POP)) return [3 /*break*/, 4];\r\n accessTokenWithAuthSchemeEntity = credential;\r\n kid = accessTokenWithAuthSchemeEntity.keyId;\r\n if (!kid) return [3 /*break*/, 4];\r\n _a.label = 1;\r\n case 1:\r\n _a.trys.push([1, 3, , 4]);\r\n return [4 /*yield*/, this.cryptoImpl.removeTokenBindingKey(kid)];\r\n case 2:\r\n _a.sent();\r\n return [3 /*break*/, 4];\r\n case 3:\r\n _a.sent();\r\n throw ClientAuthError.createBindingKeyNotRemovedError();\r\n case 4: return [2 /*return*/, this.removeItem(key, CacheSchemaType.CREDENTIAL)];\r\n }\r\n });\r\n });\r\n };\r\n /**\r\n * Removes all app metadata objects from cache.\r\n */\r\n CacheManager.prototype.removeAppMetadata = function () {\r\n var _this = this;\r\n var allCacheKeys = this.getKeys();\r\n allCacheKeys.forEach(function (cacheKey) {\r\n if (_this.isAppMetadata(cacheKey)) {\r\n _this.removeItem(cacheKey, CacheSchemaType.APP_METADATA);\r\n }\r\n });\r\n return true;\r\n };\r\n /**\r\n * Retrieve the cached credentials into a cacherecord\r\n * @param account\r\n * @param clientId\r\n * @param scopes\r\n * @param environment\r\n * @param authScheme\r\n */\r\n CacheManager.prototype.readCacheRecord = function (account, clientId, request, environment) {\r\n var cachedAccount = this.readAccountFromCache(account);\r\n var cachedIdToken = this.readIdTokenFromCache(clientId, account);\r\n var cachedAccessToken = this.readAccessTokenFromCache(clientId, account, request);\r\n var cachedRefreshToken = this.readRefreshTokenFromCache(clientId, account, false);\r\n var cachedAppMetadata = this.readAppMetadataFromCache(environment, clientId);\r\n if (cachedAccount && cachedIdToken) {\r\n cachedAccount.idTokenClaims = new AuthToken(cachedIdToken.secret, this.cryptoImpl).claims;\r\n }\r\n return {\r\n account: cachedAccount,\r\n idToken: cachedIdToken,\r\n accessToken: cachedAccessToken,\r\n refreshToken: cachedRefreshToken,\r\n appMetadata: cachedAppMetadata,\r\n };\r\n };\r\n /**\r\n * Retrieve AccountEntity from cache\r\n * @param account\r\n */\r\n CacheManager.prototype.readAccountFromCache = function (account) {\r\n var accountKey = AccountEntity.generateAccountCacheKey(account);\r\n return this.getAccount(accountKey);\r\n };\r\n /**\r\n * Retrieve AccountEntity from cache\r\n * @param nativeAccountId\r\n * @returns AccountEntity or Null\r\n */\r\n CacheManager.prototype.readAccountFromCacheWithNativeAccountId = function (nativeAccountId) {\r\n // fetch account from memory\r\n var accountFilter = {\r\n nativeAccountId: nativeAccountId\r\n };\r\n var accountCache = this.getAccountsFilteredBy(accountFilter);\r\n var accounts = Object.keys(accountCache).map(function (key) { return accountCache[key]; });\r\n if (accounts.length < 1) {\r\n return null;\r\n }\r\n else if (accounts.length > 1) {\r\n throw ClientAuthError.createMultipleMatchingAccountsInCacheError();\r\n }\r\n return accountCache[0];\r\n };\r\n /**\r\n * Retrieve IdTokenEntity from cache\r\n * @param clientId\r\n * @param account\r\n * @param inputRealm\r\n */\r\n CacheManager.prototype.readIdTokenFromCache = function (clientId, account) {\r\n var idTokenFilter = {\r\n homeAccountId: account.homeAccountId,\r\n environment: account.environment,\r\n credentialType: CredentialType.ID_TOKEN,\r\n clientId: clientId,\r\n realm: account.tenantId,\r\n };\r\n var credentialCache = this.getCredentialsFilteredBy(idTokenFilter);\r\n var idTokens = Object.keys(credentialCache.idTokens).map(function (key) { return credentialCache.idTokens[key]; });\r\n var numIdTokens = idTokens.length;\r\n if (numIdTokens < 1) {\r\n return null;\r\n }\r\n else if (numIdTokens > 1) {\r\n throw ClientAuthError.createMultipleMatchingTokensInCacheError();\r\n }\r\n return idTokens[0];\r\n };\r\n /**\r\n * Retrieve AccessTokenEntity from cache\r\n * @param clientId\r\n * @param account\r\n * @param scopes\r\n * @param authScheme\r\n */\r\n CacheManager.prototype.readAccessTokenFromCache = function (clientId, account, request) {\r\n var scopes = new ScopeSet(request.scopes || []);\r\n var authScheme = request.authenticationScheme || AuthenticationScheme.BEARER;\r\n /*\r\n * Distinguish between Bearer and PoP/SSH token cache types\r\n * Cast to lowercase to handle \"bearer\" from ADFS\r\n */\r\n var credentialType = (authScheme && authScheme.toLowerCase() !== AuthenticationScheme.BEARER.toLowerCase()) ? CredentialType.ACCESS_TOKEN_WITH_AUTH_SCHEME : CredentialType.ACCESS_TOKEN;\r\n var accessTokenFilter = {\r\n homeAccountId: account.homeAccountId,\r\n environment: account.environment,\r\n credentialType: credentialType,\r\n clientId: clientId,\r\n realm: account.tenantId,\r\n target: scopes.printScopesLowerCase(),\r\n tokenType: authScheme,\r\n keyId: request.sshKid,\r\n requestedClaimsHash: request.requestedClaimsHash,\r\n };\r\n var credentialCache = this.getCredentialsFilteredBy(accessTokenFilter);\r\n var accessTokens = Object.keys(credentialCache.accessTokens).map(function (key) { return credentialCache.accessTokens[key]; });\r\n var numAccessTokens = accessTokens.length;\r\n if (numAccessTokens < 1) {\r\n return null;\r\n }\r\n else if (numAccessTokens > 1) {\r\n throw ClientAuthError.createMultipleMatchingTokensInCacheError();\r\n }\r\n return accessTokens[0];\r\n };\r\n /**\r\n * Helper to retrieve the appropriate refresh token from cache\r\n * @param clientId\r\n * @param account\r\n * @param familyRT\r\n */\r\n CacheManager.prototype.readRefreshTokenFromCache = function (clientId, account, familyRT) {\r\n var id = familyRT ? THE_FAMILY_ID : undefined;\r\n var refreshTokenFilter = {\r\n homeAccountId: account.homeAccountId,\r\n environment: account.environment,\r\n credentialType: CredentialType.REFRESH_TOKEN,\r\n clientId: clientId,\r\n familyId: id,\r\n };\r\n var credentialCache = this.getCredentialsFilteredBy(refreshTokenFilter);\r\n var refreshTokens = Object.keys(credentialCache.refreshTokens).map(function (key) { return credentialCache.refreshTokens[key]; });\r\n var numRefreshTokens = refreshTokens.length;\r\n if (numRefreshTokens < 1) {\r\n return null;\r\n }\r\n // address the else case after remove functions address environment aliases\r\n return refreshTokens[0];\r\n };\r\n /**\r\n * Retrieve AppMetadataEntity from cache\r\n */\r\n CacheManager.prototype.readAppMetadataFromCache = function (environment, clientId) {\r\n var appMetadataFilter = {\r\n environment: environment,\r\n clientId: clientId,\r\n };\r\n var appMetadata = this.getAppMetadataFilteredBy(appMetadataFilter);\r\n var appMetadataEntries = Object.keys(appMetadata).map(function (key) { return appMetadata[key]; });\r\n var numAppMetadata = appMetadataEntries.length;\r\n if (numAppMetadata < 1) {\r\n return null;\r\n }\r\n else if (numAppMetadata > 1) {\r\n throw ClientAuthError.createMultipleMatchingAppMetadataInCacheError();\r\n }\r\n return appMetadataEntries[0];\r\n };\r\n /**\r\n * Return the family_id value associated with FOCI\r\n * @param environment\r\n * @param clientId\r\n */\r\n CacheManager.prototype.isAppMetadataFOCI = function (environment, clientId) {\r\n var appMetadata = this.readAppMetadataFromCache(environment, clientId);\r\n return !!(appMetadata && appMetadata.familyId === THE_FAMILY_ID);\r\n };\r\n /**\r\n * helper to match account ids\r\n * @param value\r\n * @param homeAccountId\r\n */\r\n CacheManager.prototype.matchHomeAccountId = function (entity, homeAccountId) {\r\n return !!((typeof entity.homeAccountId === \"string\") && (homeAccountId === entity.homeAccountId));\r\n };\r\n /**\r\n * helper to match assertion\r\n * @param value\r\n * @param oboAssertion\r\n */\r\n CacheManager.prototype.matchUserAssertionHash = function (entity, userAssertionHash) {\r\n return !!(entity.userAssertionHash && userAssertionHash === entity.userAssertionHash);\r\n };\r\n /**\r\n * helper to match environment\r\n * @param value\r\n * @param environment\r\n */\r\n CacheManager.prototype.matchEnvironment = function (entity, environment) {\r\n var cloudMetadata = this.getAuthorityMetadataByAlias(environment);\r\n if (cloudMetadata && cloudMetadata.aliases.indexOf(entity.environment) > -1) {\r\n return true;\r\n }\r\n return false;\r\n };\r\n /**\r\n * helper to match credential type\r\n * @param entity\r\n * @param credentialType\r\n */\r\n CacheManager.prototype.matchCredentialType = function (entity, credentialType) {\r\n return (entity.credentialType && credentialType.toLowerCase() === entity.credentialType.toLowerCase());\r\n };\r\n /**\r\n * helper to match client ids\r\n * @param entity\r\n * @param clientId\r\n */\r\n CacheManager.prototype.matchClientId = function (entity, clientId) {\r\n return !!(entity.clientId && clientId === entity.clientId);\r\n };\r\n /**\r\n * helper to match family ids\r\n * @param entity\r\n * @param familyId\r\n */\r\n CacheManager.prototype.matchFamilyId = function (entity, familyId) {\r\n return !!(entity.familyId && familyId === entity.familyId);\r\n };\r\n /**\r\n * helper to match realm\r\n * @param entity\r\n * @param realm\r\n */\r\n CacheManager.prototype.matchRealm = function (entity, realm) {\r\n return !!(entity.realm && realm === entity.realm);\r\n };\r\n /**\r\n * helper to match nativeAccountId\r\n * @param entity\r\n * @param nativeAccountId\r\n * @returns boolean indicating the match result\r\n */\r\n CacheManager.prototype.matchNativeAccountId = function (entity, nativeAccountId) {\r\n return !!(entity.nativeAccountId && nativeAccountId === entity.nativeAccountId);\r\n };\r\n /**\r\n * Returns true if the target scopes are a subset of the current entity's scopes, false otherwise.\r\n * @param entity\r\n * @param target\r\n */\r\n CacheManager.prototype.matchTarget = function (entity, target) {\r\n var isNotAccessTokenCredential = (entity.credentialType !== CredentialType.ACCESS_TOKEN && entity.credentialType !== CredentialType.ACCESS_TOKEN_WITH_AUTH_SCHEME);\r\n if (isNotAccessTokenCredential || !entity.target) {\r\n return false;\r\n }\r\n var entityScopeSet = ScopeSet.fromString(entity.target);\r\n var requestTargetScopeSet = ScopeSet.fromString(target);\r\n if (!requestTargetScopeSet.containsOnlyOIDCScopes()) {\r\n requestTargetScopeSet.removeOIDCScopes(); // ignore OIDC scopes\r\n }\r\n else {\r\n requestTargetScopeSet.removeScope(Constants.OFFLINE_ACCESS_SCOPE);\r\n }\r\n return entityScopeSet.containsScopeSet(requestTargetScopeSet);\r\n };\r\n /**\r\n * Returns true if the credential's tokenType or Authentication Scheme matches the one in the request, false otherwise\r\n * @param entity\r\n * @param tokenType\r\n */\r\n CacheManager.prototype.matchTokenType = function (entity, tokenType) {\r\n return !!(entity.tokenType && entity.tokenType === tokenType);\r\n };\r\n /**\r\n * Returns true if the credential's keyId matches the one in the request, false otherwise\r\n * @param entity\r\n * @param tokenType\r\n */\r\n CacheManager.prototype.matchKeyId = function (entity, keyId) {\r\n return !!(entity.keyId && entity.keyId === keyId);\r\n };\r\n /**\r\n * returns if a given cache entity is of the type appmetadata\r\n * @param key\r\n */\r\n CacheManager.prototype.isAppMetadata = function (key) {\r\n return key.indexOf(APP_METADATA) !== -1;\r\n };\r\n /**\r\n * returns if a given cache entity is of the type authoritymetadata\r\n * @param key\r\n */\r\n CacheManager.prototype.isAuthorityMetadata = function (key) {\r\n return key.indexOf(AUTHORITY_METADATA_CONSTANTS.CACHE_KEY) !== -1;\r\n };\r\n /**\r\n * returns cache key used for cloud instance metadata\r\n */\r\n CacheManager.prototype.generateAuthorityMetadataCacheKey = function (authority) {\r\n return AUTHORITY_METADATA_CONSTANTS.CACHE_KEY + \"-\" + this.clientId + \"-\" + authority;\r\n };\r\n /**\r\n * Returns the specific credential (IdToken/AccessToken/RefreshToken) from the cache\r\n * @param key\r\n * @param credType\r\n */\r\n CacheManager.prototype.getSpecificCredential = function (key, credType) {\r\n switch (credType) {\r\n case CredentialType.ID_TOKEN: {\r\n return this.getIdTokenCredential(key);\r\n }\r\n case CredentialType.ACCESS_TOKEN:\r\n case CredentialType.ACCESS_TOKEN_WITH_AUTH_SCHEME: {\r\n return this.getAccessTokenCredential(key);\r\n }\r\n case CredentialType.REFRESH_TOKEN: {\r\n return this.getRefreshTokenCredential(key);\r\n }\r\n default:\r\n return null;\r\n }\r\n };\r\n /**\r\n * Helper to convert serialized data to object\r\n * @param obj\r\n * @param json\r\n */\r\n CacheManager.toObject = function (obj, json) {\r\n for (var propertyName in json) {\r\n obj[propertyName] = json[propertyName];\r\n }\r\n return obj;\r\n };\r\n return CacheManager;\r\n}());\r\nvar DefaultStorageClass = /** @class */ (function (_super) {\r\n __extends(DefaultStorageClass, _super);\r\n function DefaultStorageClass() {\r\n return _super !== null && _super.apply(this, arguments) || this;\r\n }\r\n DefaultStorageClass.prototype.setAccount = function () {\r\n var notImplErr = \"Storage interface - setAccount() has not been implemented for the cacheStorage interface.\";\r\n throw AuthError.createUnexpectedError(notImplErr);\r\n };\r\n DefaultStorageClass.prototype.getAccount = function () {\r\n var notImplErr = \"Storage interface - getAccount() has not been implemented for the cacheStorage interface.\";\r\n throw AuthError.createUnexpectedError(notImplErr);\r\n };\r\n DefaultStorageClass.prototype.setIdTokenCredential = function () {\r\n var notImplErr = \"Storage interface - setIdTokenCredential() has not been implemented for the cacheStorage interface.\";\r\n throw AuthError.createUnexpectedError(notImplErr);\r\n };\r\n DefaultStorageClass.prototype.getIdTokenCredential = function () {\r\n var notImplErr = \"Storage interface - getIdTokenCredential() has not been implemented for the cacheStorage interface.\";\r\n throw AuthError.createUnexpectedError(notImplErr);\r\n };\r\n DefaultStorageClass.prototype.setAccessTokenCredential = function () {\r\n var notImplErr = \"Storage interface - setAccessTokenCredential() has not been implemented for the cacheStorage interface.\";\r\n throw AuthError.createUnexpectedError(notImplErr);\r\n };\r\n DefaultStorageClass.prototype.getAccessTokenCredential = function () {\r\n var notImplErr = \"Storage interface - getAccessTokenCredential() has not been implemented for the cacheStorage interface.\";\r\n throw AuthError.createUnexpectedError(notImplErr);\r\n };\r\n DefaultStorageClass.prototype.setRefreshTokenCredential = function () {\r\n var notImplErr = \"Storage interface - setRefreshTokenCredential() has not been implemented for the cacheStorage interface.\";\r\n throw AuthError.createUnexpectedError(notImplErr);\r\n };\r\n DefaultStorageClass.prototype.getRefreshTokenCredential = function () {\r\n var notImplErr = \"Storage interface - getRefreshTokenCredential() has not been implemented for the cacheStorage interface.\";\r\n throw AuthError.createUnexpectedError(notImplErr);\r\n };\r\n DefaultStorageClass.prototype.setAppMetadata = function () {\r\n var notImplErr = \"Storage interface - setAppMetadata() has not been implemented for the cacheStorage interface.\";\r\n throw AuthError.createUnexpectedError(notImplErr);\r\n };\r\n DefaultStorageClass.prototype.getAppMetadata = function () {\r\n var notImplErr = \"Storage interface - getAppMetadata() has not been implemented for the cacheStorage interface.\";\r\n throw AuthError.createUnexpectedError(notImplErr);\r\n };\r\n DefaultStorageClass.prototype.setServerTelemetry = function () {\r\n var notImplErr = \"Storage interface - setServerTelemetry() has not been implemented for the cacheStorage interface.\";\r\n throw AuthError.createUnexpectedError(notImplErr);\r\n };\r\n DefaultStorageClass.prototype.getServerTelemetry = function () {\r\n var notImplErr = \"Storage interface - getServerTelemetry() has not been implemented for the cacheStorage interface.\";\r\n throw AuthError.createUnexpectedError(notImplErr);\r\n };\r\n DefaultStorageClass.prototype.setAuthorityMetadata = function () {\r\n var notImplErr = \"Storage interface - setAuthorityMetadata() has not been implemented for the cacheStorage interface.\";\r\n throw AuthError.createUnexpectedError(notImplErr);\r\n };\r\n DefaultStorageClass.prototype.getAuthorityMetadata = function () {\r\n var notImplErr = \"Storage interface - getAuthorityMetadata() has not been implemented for the cacheStorage interface.\";\r\n throw AuthError.createUnexpectedError(notImplErr);\r\n };\r\n DefaultStorageClass.prototype.getAuthorityMetadataKeys = function () {\r\n var notImplErr = \"Storage interface - getAuthorityMetadataKeys() has not been implemented for the cacheStorage interface.\";\r\n throw AuthError.createUnexpectedError(notImplErr);\r\n };\r\n DefaultStorageClass.prototype.setThrottlingCache = function () {\r\n var notImplErr = \"Storage interface - setThrottlingCache() has not been implemented for the cacheStorage interface.\";\r\n throw AuthError.createUnexpectedError(notImplErr);\r\n };\r\n DefaultStorageClass.prototype.getThrottlingCache = function () {\r\n var notImplErr = \"Storage interface - getThrottlingCache() has not been implemented for the cacheStorage interface.\";\r\n throw AuthError.createUnexpectedError(notImplErr);\r\n };\r\n DefaultStorageClass.prototype.removeItem = function () {\r\n var notImplErr = \"Storage interface - removeItem() has not been implemented for the cacheStorage interface.\";\r\n throw AuthError.createUnexpectedError(notImplErr);\r\n };\r\n DefaultStorageClass.prototype.containsKey = function () {\r\n var notImplErr = \"Storage interface - containsKey() has not been implemented for the cacheStorage interface.\";\r\n throw AuthError.createUnexpectedError(notImplErr);\r\n };\r\n DefaultStorageClass.prototype.getKeys = function () {\r\n var notImplErr = \"Storage interface - getKeys() has not been implemented for the cacheStorage interface.\";\r\n throw AuthError.createUnexpectedError(notImplErr);\r\n };\r\n DefaultStorageClass.prototype.clear = function () {\r\n return __awaiter(this, void 0, void 0, function () {\r\n var notImplErr;\r\n return __generator(this, function (_a) {\r\n notImplErr = \"Storage interface - clear() has not been implemented for the cacheStorage interface.\";\r\n throw AuthError.createUnexpectedError(notImplErr);\r\n });\r\n });\r\n };\r\n DefaultStorageClass.prototype.updateCredentialCacheKey = function () {\r\n var notImplErr = \"Storage interface - updateCredentialCacheKey() has not been implemented for the cacheStorage interface.\";\r\n throw AuthError.createUnexpectedError(notImplErr);\r\n };\r\n return DefaultStorageClass;\r\n}(CacheManager));\n\nexport { CacheManager, DefaultStorageClass };\n//# sourceMappingURL=CacheManager.js.map\n","/*! @azure/msal-common v7.6.0 2022-10-10 */\n'use strict';\nimport { __extends } from '../../_virtual/_tslib.js';\nimport { CredentialEntity } from './CredentialEntity.js';\nimport { CredentialType, AuthenticationScheme } from '../../utils/Constants.js';\nimport { TimeUtils } from '../../utils/TimeUtils.js';\nimport { StringUtils } from '../../utils/StringUtils.js';\nimport { AuthToken } from '../../account/AuthToken.js';\nimport { ClientAuthError } from '../../error/ClientAuthError.js';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\n/**\r\n * ACCESS_TOKEN Credential Type\r\n *\r\n * Key:Value Schema:\r\n *\r\n * Key Example: uid.utid-login.microsoftonline.com-accesstoken-clientId-contoso.com-user.read\r\n *\r\n * Value Schema:\r\n * {\r\n * homeAccountId: home account identifier for the auth scheme,\r\n * environment: entity that issued the token, represented as a full host\r\n * credentialType: Type of credential as a string, can be one of the following: RefreshToken, AccessToken, IdToken, Password, Cookie, Certificate, Other\r\n * clientId: client ID of the application\r\n * secret: Actual credential as a string\r\n * familyId: Family ID identifier, usually only used for refresh tokens\r\n * realm: Full tenant or organizational identifier that the account belongs to\r\n * target: Permissions that are included in the token, or for refresh tokens, the resource identifier.\r\n * cachedAt: Absolute device time when entry was created in the cache.\r\n * expiresOn: Token expiry time, calculated based on current UTC time in seconds. Represented as a string.\r\n * extendedExpiresOn: Additional extended expiry time until when token is valid in case of server-side outage. Represented as string in UTC seconds.\r\n * keyId: used for POP and SSH tokenTypes\r\n * tokenType: Type of the token issued. Usually \"Bearer\"\r\n * }\r\n */\r\nvar AccessTokenEntity = /** @class */ (function (_super) {\r\n __extends(AccessTokenEntity, _super);\r\n function AccessTokenEntity() {\r\n return _super !== null && _super.apply(this, arguments) || this;\r\n }\r\n /**\r\n * Create AccessTokenEntity\r\n * @param homeAccountId\r\n * @param environment\r\n * @param accessToken\r\n * @param clientId\r\n * @param tenantId\r\n * @param scopes\r\n * @param expiresOn\r\n * @param extExpiresOn\r\n */\r\n AccessTokenEntity.createAccessTokenEntity = function (homeAccountId, environment, accessToken, clientId, tenantId, scopes, expiresOn, extExpiresOn, cryptoUtils, refreshOn, tokenType, userAssertionHash, keyId, requestedClaims, requestedClaimsHash) {\r\n var _a, _b;\r\n var atEntity = new AccessTokenEntity();\r\n atEntity.homeAccountId = homeAccountId;\r\n atEntity.credentialType = CredentialType.ACCESS_TOKEN;\r\n atEntity.secret = accessToken;\r\n var currentTime = TimeUtils.nowSeconds();\r\n atEntity.cachedAt = currentTime.toString();\r\n /*\r\n * Token expiry time.\r\n * This value should be  calculated based on the current UTC time measured locally and the value  expires_in Represented as a string in JSON.\r\n */\r\n atEntity.expiresOn = expiresOn.toString();\r\n atEntity.extendedExpiresOn = extExpiresOn.toString();\r\n if (refreshOn) {\r\n atEntity.refreshOn = refreshOn.toString();\r\n }\r\n atEntity.environment = environment;\r\n atEntity.clientId = clientId;\r\n atEntity.realm = tenantId;\r\n atEntity.target = scopes;\r\n atEntity.userAssertionHash = userAssertionHash;\r\n atEntity.tokenType = StringUtils.isEmpty(tokenType) ? AuthenticationScheme.BEARER : tokenType;\r\n if (requestedClaims) {\r\n atEntity.requestedClaims = requestedClaims;\r\n atEntity.requestedClaimsHash = requestedClaimsHash;\r\n }\r\n /*\r\n * Create Access Token With Auth Scheme instead of regular access token\r\n * Cast to lower to handle \"bearer\" from ADFS\r\n */\r\n if (((_a = atEntity.tokenType) === null || _a === void 0 ? void 0 : _a.toLowerCase()) !== AuthenticationScheme.BEARER.toLowerCase()) {\r\n atEntity.credentialType = CredentialType.ACCESS_TOKEN_WITH_AUTH_SCHEME;\r\n switch (atEntity.tokenType) {\r\n case AuthenticationScheme.POP:\r\n // Make sure keyId is present and add it to credential\r\n var tokenClaims = AuthToken.extractTokenClaims(accessToken, cryptoUtils);\r\n if (!((_b = tokenClaims === null || tokenClaims === void 0 ? void 0 : tokenClaims.cnf) === null || _b === void 0 ? void 0 : _b.kid)) {\r\n throw ClientAuthError.createTokenClaimsRequiredError();\r\n }\r\n atEntity.keyId = tokenClaims.cnf.kid;\r\n break;\r\n case AuthenticationScheme.SSH:\r\n atEntity.keyId = keyId;\r\n }\r\n }\r\n return atEntity;\r\n };\r\n /**\r\n * Validates an entity: checks for all expected params\r\n * @param entity\r\n */\r\n AccessTokenEntity.isAccessTokenEntity = function (entity) {\r\n if (!entity) {\r\n return false;\r\n }\r\n return (entity.hasOwnProperty(\"homeAccountId\") &&\r\n entity.hasOwnProperty(\"environment\") &&\r\n entity.hasOwnProperty(\"credentialType\") &&\r\n entity.hasOwnProperty(\"realm\") &&\r\n entity.hasOwnProperty(\"clientId\") &&\r\n entity.hasOwnProperty(\"secret\") &&\r\n entity.hasOwnProperty(\"target\") &&\r\n (entity[\"credentialType\"] === CredentialType.ACCESS_TOKEN || entity[\"credentialType\"] === CredentialType.ACCESS_TOKEN_WITH_AUTH_SCHEME));\r\n };\r\n return AccessTokenEntity;\r\n}(CredentialEntity));\n\nexport { AccessTokenEntity };\n//# sourceMappingURL=AccessTokenEntity.js.map\n","/*! @azure/msal-common v7.6.0 2022-10-10 */\n'use strict';\nimport { Separators, CacheAccountType, CacheType, Constants } from '../../utils/Constants.js';\nimport { buildClientInfo } from '../../account/ClientInfo.js';\nimport { StringUtils } from '../../utils/StringUtils.js';\nimport { ClientAuthError } from '../../error/ClientAuthError.js';\nimport { AuthorityType } from '../../authority/AuthorityType.js';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\n/**\r\n * Type that defines required and optional parameters for an Account field (based on universal cache schema implemented by all MSALs).\r\n *\r\n * Key : Value Schema\r\n *\r\n * Key: --\r\n *\r\n * Value Schema:\r\n * {\r\n * homeAccountId: home account identifier for the auth scheme,\r\n * environment: entity that issued the token, represented as a full host\r\n * realm: Full tenant or organizational identifier that the account belongs to\r\n * localAccountId: Original tenant-specific accountID, usually used for legacy cases\r\n * username: primary username that represents the user, usually corresponds to preferred_username in the v2 endpt\r\n * authorityType: Accounts authority type as a string\r\n * name: Full name for the account, including given name and family name,\r\n * clientInfo: Full base64 encoded client info received from ESTS\r\n * lastModificationTime: last time this entity was modified in the cache\r\n * lastModificationApp:\r\n * idTokenClaims: Object containing claims parsed from ID token\r\n * nativeAccountId: Account identifier on the native device\r\n * }\r\n */\r\nvar AccountEntity = /** @class */ (function () {\r\n function AccountEntity() {\r\n }\r\n /**\r\n * Generate Account Id key component as per the schema: -\r\n */\r\n AccountEntity.prototype.generateAccountId = function () {\r\n var accountId = [this.homeAccountId, this.environment];\r\n return accountId.join(Separators.CACHE_KEY_SEPARATOR).toLowerCase();\r\n };\r\n /**\r\n * Generate Account Cache Key as per the schema: --\r\n */\r\n AccountEntity.prototype.generateAccountKey = function () {\r\n return AccountEntity.generateAccountCacheKey({\r\n homeAccountId: this.homeAccountId,\r\n environment: this.environment,\r\n tenantId: this.realm,\r\n username: this.username,\r\n localAccountId: this.localAccountId\r\n });\r\n };\r\n /**\r\n * returns the type of the cache (in this case account)\r\n */\r\n AccountEntity.prototype.generateType = function () {\r\n switch (this.authorityType) {\r\n case CacheAccountType.ADFS_ACCOUNT_TYPE:\r\n return CacheType.ADFS;\r\n case CacheAccountType.MSAV1_ACCOUNT_TYPE:\r\n return CacheType.MSA;\r\n case CacheAccountType.MSSTS_ACCOUNT_TYPE:\r\n return CacheType.MSSTS;\r\n case CacheAccountType.GENERIC_ACCOUNT_TYPE:\r\n return CacheType.GENERIC;\r\n default: {\r\n throw ClientAuthError.createUnexpectedAccountTypeError();\r\n }\r\n }\r\n };\r\n /**\r\n * Returns the AccountInfo interface for this account.\r\n */\r\n AccountEntity.prototype.getAccountInfo = function () {\r\n return {\r\n homeAccountId: this.homeAccountId,\r\n environment: this.environment,\r\n tenantId: this.realm,\r\n username: this.username,\r\n localAccountId: this.localAccountId,\r\n name: this.name,\r\n idTokenClaims: this.idTokenClaims,\r\n nativeAccountId: this.nativeAccountId\r\n };\r\n };\r\n /**\r\n * Generates account key from interface\r\n * @param accountInterface\r\n */\r\n AccountEntity.generateAccountCacheKey = function (accountInterface) {\r\n var accountKey = [\r\n accountInterface.homeAccountId,\r\n accountInterface.environment || Constants.EMPTY_STRING,\r\n accountInterface.tenantId || Constants.EMPTY_STRING,\r\n ];\r\n return accountKey.join(Separators.CACHE_KEY_SEPARATOR).toLowerCase();\r\n };\r\n /**\r\n * Build Account cache from IdToken, clientInfo and authority/policy. Associated with AAD.\r\n * @param clientInfo\r\n * @param authority\r\n * @param idToken\r\n * @param policy\r\n */\r\n AccountEntity.createAccount = function (clientInfo, homeAccountId, idToken, authority, cloudGraphHostName, msGraphHost, environment, nativeAccountId) {\r\n var _a, _b, _c, _d, _e, _f;\r\n var account = new AccountEntity();\r\n account.authorityType = CacheAccountType.MSSTS_ACCOUNT_TYPE;\r\n account.clientInfo = clientInfo;\r\n account.homeAccountId = homeAccountId;\r\n account.nativeAccountId = nativeAccountId;\r\n var env = environment || (authority && authority.getPreferredCache());\r\n if (!env) {\r\n throw ClientAuthError.createInvalidCacheEnvironmentError();\r\n }\r\n account.environment = env;\r\n // non AAD scenarios can have empty realm\r\n account.realm = ((_a = idToken === null || idToken === void 0 ? void 0 : idToken.claims) === null || _a === void 0 ? void 0 : _a.tid) || Constants.EMPTY_STRING;\r\n if (idToken) {\r\n account.idTokenClaims = idToken.claims;\r\n // How do you account for MSA CID here?\r\n account.localAccountId = ((_b = idToken === null || idToken === void 0 ? void 0 : idToken.claims) === null || _b === void 0 ? void 0 : _b.oid) || ((_c = idToken === null || idToken === void 0 ? void 0 : idToken.claims) === null || _c === void 0 ? void 0 : _c.sub) || Constants.EMPTY_STRING;\r\n /*\r\n * In B2C scenarios the emails claim is used instead of preferred_username and it is an array.\r\n * In most cases it will contain a single email. This field should not be relied upon if a custom\r\n * policy is configured to return more than 1 email.\r\n */\r\n var preferredUsername = (_d = idToken === null || idToken === void 0 ? void 0 : idToken.claims) === null || _d === void 0 ? void 0 : _d.preferred_username;\r\n var email = ((_e = idToken === null || idToken === void 0 ? void 0 : idToken.claims) === null || _e === void 0 ? void 0 : _e.emails) ? idToken.claims.emails[0] : null;\r\n account.username = preferredUsername || email || Constants.EMPTY_STRING;\r\n account.name = (_f = idToken === null || idToken === void 0 ? void 0 : idToken.claims) === null || _f === void 0 ? void 0 : _f.name;\r\n }\r\n account.cloudGraphHostName = cloudGraphHostName;\r\n account.msGraphHost = msGraphHost;\r\n return account;\r\n };\r\n /**\r\n * Builds non-AAD/ADFS account.\r\n * @param authority\r\n * @param idToken\r\n */\r\n AccountEntity.createGenericAccount = function (homeAccountId, idToken, authority, cloudGraphHostName, msGraphHost, environment) {\r\n var _a, _b, _c, _d;\r\n var account = new AccountEntity();\r\n account.authorityType = (authority &&\r\n authority.authorityType === AuthorityType.Adfs) ? CacheAccountType.ADFS_ACCOUNT_TYPE : CacheAccountType.GENERIC_ACCOUNT_TYPE;\r\n account.homeAccountId = homeAccountId;\r\n // non AAD scenarios can have empty realm\r\n account.realm = Constants.EMPTY_STRING;\r\n var env = environment || authority && authority.getPreferredCache();\r\n if (!env) {\r\n throw ClientAuthError.createInvalidCacheEnvironmentError();\r\n }\r\n if (idToken) {\r\n // How do you account for MSA CID here?\r\n account.localAccountId = ((_a = idToken === null || idToken === void 0 ? void 0 : idToken.claims) === null || _a === void 0 ? void 0 : _a.oid) || ((_b = idToken === null || idToken === void 0 ? void 0 : idToken.claims) === null || _b === void 0 ? void 0 : _b.sub) || Constants.EMPTY_STRING;\r\n // upn claim for most ADFS scenarios\r\n account.username = ((_c = idToken === null || idToken === void 0 ? void 0 : idToken.claims) === null || _c === void 0 ? void 0 : _c.upn) || Constants.EMPTY_STRING;\r\n account.name = ((_d = idToken === null || idToken === void 0 ? void 0 : idToken.claims) === null || _d === void 0 ? void 0 : _d.name) || Constants.EMPTY_STRING;\r\n account.idTokenClaims = idToken === null || idToken === void 0 ? void 0 : idToken.claims;\r\n }\r\n account.environment = env;\r\n account.cloudGraphHostName = cloudGraphHostName;\r\n account.msGraphHost = msGraphHost;\r\n /*\r\n * add uniqueName to claims\r\n * account.name = idToken.claims.uniqueName;\r\n */\r\n return account;\r\n };\r\n /**\r\n * Generate HomeAccountId from server response\r\n * @param serverClientInfo\r\n * @param authType\r\n */\r\n AccountEntity.generateHomeAccountId = function (serverClientInfo, authType, logger, cryptoObj, idToken) {\r\n var _a;\r\n var accountId = ((_a = idToken === null || idToken === void 0 ? void 0 : idToken.claims) === null || _a === void 0 ? void 0 : _a.sub) ? idToken.claims.sub : Constants.EMPTY_STRING;\r\n // since ADFS does not have tid and does not set client_info\r\n if (authType === AuthorityType.Adfs || authType === AuthorityType.Dsts) {\r\n return accountId;\r\n }\r\n // for cases where there is clientInfo\r\n if (serverClientInfo) {\r\n try {\r\n var clientInfo = buildClientInfo(serverClientInfo, cryptoObj);\r\n if (!StringUtils.isEmpty(clientInfo.uid) && !StringUtils.isEmpty(clientInfo.utid)) {\r\n return \"\" + clientInfo.uid + Separators.CLIENT_INFO_SEPARATOR + clientInfo.utid;\r\n }\r\n }\r\n catch (e) { }\r\n }\r\n // default to \"sub\" claim\r\n logger.verbose(\"No client info in response\");\r\n return accountId;\r\n };\r\n /**\r\n * Validates an entity: checks for all expected params\r\n * @param entity\r\n */\r\n AccountEntity.isAccountEntity = function (entity) {\r\n if (!entity) {\r\n return false;\r\n }\r\n return (entity.hasOwnProperty(\"homeAccountId\") &&\r\n entity.hasOwnProperty(\"environment\") &&\r\n entity.hasOwnProperty(\"realm\") &&\r\n entity.hasOwnProperty(\"localAccountId\") &&\r\n entity.hasOwnProperty(\"username\") &&\r\n entity.hasOwnProperty(\"authorityType\"));\r\n };\r\n /**\r\n * Helper function to determine whether 2 accountInfo objects represent the same account\r\n * @param accountA\r\n * @param accountB\r\n * @param compareClaims - If set to true idTokenClaims will also be compared to determine account equality\r\n */\r\n AccountEntity.accountInfoIsEqual = function (accountA, accountB, compareClaims) {\r\n if (!accountA || !accountB) {\r\n return false;\r\n }\r\n var claimsMatch = true; // default to true so as to not fail comparison below if compareClaims: false\r\n if (compareClaims) {\r\n var accountAClaims = (accountA.idTokenClaims || {});\r\n var accountBClaims = (accountB.idTokenClaims || {});\r\n // issued at timestamp and nonce are expected to change each time a new id token is acquired\r\n claimsMatch = (accountAClaims.iat === accountBClaims.iat) &&\r\n (accountAClaims.nonce === accountBClaims.nonce);\r\n }\r\n return (accountA.homeAccountId === accountB.homeAccountId) &&\r\n (accountA.localAccountId === accountB.localAccountId) &&\r\n (accountA.username === accountB.username) &&\r\n (accountA.tenantId === accountB.tenantId) &&\r\n (accountA.environment === accountB.environment) &&\r\n (accountA.nativeAccountId === accountB.nativeAccountId) &&\r\n claimsMatch;\r\n };\r\n return AccountEntity;\r\n}());\n\nexport { AccountEntity };\n//# sourceMappingURL=AccountEntity.js.map\n","/*! @azure/msal-common v7.6.0 2022-10-10 */\n'use strict';\nimport { Separators, APP_METADATA } from '../../utils/Constants.js';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\n/**\r\n * APP_METADATA Cache\r\n *\r\n * Key:Value Schema:\r\n *\r\n * Key: appmetadata--\r\n *\r\n * Value:\r\n * {\r\n * clientId: client ID of the application\r\n * environment: entity that issued the token, represented as a full host\r\n * familyId: Family ID identifier, '1' represents Microsoft Family\r\n * }\r\n */\r\nvar AppMetadataEntity = /** @class */ (function () {\r\n function AppMetadataEntity() {\r\n }\r\n /**\r\n * Generate AppMetadata Cache Key as per the schema: appmetadata--\r\n */\r\n AppMetadataEntity.prototype.generateAppMetadataKey = function () {\r\n return AppMetadataEntity.generateAppMetadataCacheKey(this.environment, this.clientId);\r\n };\r\n /**\r\n * Generate AppMetadata Cache Key\r\n */\r\n AppMetadataEntity.generateAppMetadataCacheKey = function (environment, clientId) {\r\n var appMetaDataKeyArray = [\r\n APP_METADATA,\r\n environment,\r\n clientId,\r\n ];\r\n return appMetaDataKeyArray.join(Separators.CACHE_KEY_SEPARATOR).toLowerCase();\r\n };\r\n /**\r\n * Creates AppMetadataEntity\r\n * @param clientId\r\n * @param environment\r\n * @param familyId\r\n */\r\n AppMetadataEntity.createAppMetadataEntity = function (clientId, environment, familyId) {\r\n var appMetadata = new AppMetadataEntity();\r\n appMetadata.clientId = clientId;\r\n appMetadata.environment = environment;\r\n if (familyId) {\r\n appMetadata.familyId = familyId;\r\n }\r\n return appMetadata;\r\n };\r\n /**\r\n * Validates an entity: checks for all expected params\r\n * @param entity\r\n */\r\n AppMetadataEntity.isAppMetadataEntity = function (key, entity) {\r\n if (!entity) {\r\n return false;\r\n }\r\n return (key.indexOf(APP_METADATA) === 0 &&\r\n entity.hasOwnProperty(\"clientId\") &&\r\n entity.hasOwnProperty(\"environment\"));\r\n };\r\n return AppMetadataEntity;\r\n}());\n\nexport { AppMetadataEntity };\n//# sourceMappingURL=AppMetadataEntity.js.map\n","/*! @azure/msal-common v7.6.0 2022-10-10 */\n'use strict';\nimport { AUTHORITY_METADATA_CONSTANTS } from '../../utils/Constants.js';\nimport { TimeUtils } from '../../utils/TimeUtils.js';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\nvar AuthorityMetadataEntity = /** @class */ (function () {\r\n function AuthorityMetadataEntity() {\r\n this.expiresAt = TimeUtils.nowSeconds() + AUTHORITY_METADATA_CONSTANTS.REFRESH_TIME_SECONDS;\r\n }\r\n /**\r\n * Update the entity with new aliases, preferred_cache and preferred_network values\r\n * @param metadata\r\n * @param fromNetwork\r\n */\r\n AuthorityMetadataEntity.prototype.updateCloudDiscoveryMetadata = function (metadata, fromNetwork) {\r\n this.aliases = metadata.aliases;\r\n this.preferred_cache = metadata.preferred_cache;\r\n this.preferred_network = metadata.preferred_network;\r\n this.aliasesFromNetwork = fromNetwork;\r\n };\r\n /**\r\n * Update the entity with new endpoints\r\n * @param metadata\r\n * @param fromNetwork\r\n */\r\n AuthorityMetadataEntity.prototype.updateEndpointMetadata = function (metadata, fromNetwork) {\r\n this.authorization_endpoint = metadata.authorization_endpoint;\r\n this.token_endpoint = metadata.token_endpoint;\r\n this.end_session_endpoint = metadata.end_session_endpoint;\r\n this.issuer = metadata.issuer;\r\n this.endpointsFromNetwork = fromNetwork;\r\n this.jwks_uri = metadata.jwks_uri;\r\n };\r\n /**\r\n * Save the authority that was used to create this cache entry\r\n * @param authority\r\n */\r\n AuthorityMetadataEntity.prototype.updateCanonicalAuthority = function (authority) {\r\n this.canonical_authority = authority;\r\n };\r\n /**\r\n * Reset the exiresAt value\r\n */\r\n AuthorityMetadataEntity.prototype.resetExpiresAt = function () {\r\n this.expiresAt = TimeUtils.nowSeconds() + AUTHORITY_METADATA_CONSTANTS.REFRESH_TIME_SECONDS;\r\n };\r\n /**\r\n * Returns whether or not the data needs to be refreshed\r\n */\r\n AuthorityMetadataEntity.prototype.isExpired = function () {\r\n return this.expiresAt <= TimeUtils.nowSeconds();\r\n };\r\n /**\r\n * Validates an entity: checks for all expected params\r\n * @param entity\r\n */\r\n AuthorityMetadataEntity.isAuthorityMetadataEntity = function (key, entity) {\r\n if (!entity) {\r\n return false;\r\n }\r\n return (key.indexOf(AUTHORITY_METADATA_CONSTANTS.CACHE_KEY) === 0 &&\r\n entity.hasOwnProperty(\"aliases\") &&\r\n entity.hasOwnProperty(\"preferred_cache\") &&\r\n entity.hasOwnProperty(\"preferred_network\") &&\r\n entity.hasOwnProperty(\"canonical_authority\") &&\r\n entity.hasOwnProperty(\"authorization_endpoint\") &&\r\n entity.hasOwnProperty(\"token_endpoint\") &&\r\n entity.hasOwnProperty(\"issuer\") &&\r\n entity.hasOwnProperty(\"aliasesFromNetwork\") &&\r\n entity.hasOwnProperty(\"endpointsFromNetwork\") &&\r\n entity.hasOwnProperty(\"expiresAt\") &&\r\n entity.hasOwnProperty(\"jwks_uri\"));\r\n };\r\n return AuthorityMetadataEntity;\r\n}());\n\nexport { AuthorityMetadataEntity };\n//# sourceMappingURL=AuthorityMetadataEntity.js.map\n","/*! @azure/msal-common v7.6.0 2022-10-10 */\n'use strict';\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\nvar CacheRecord = /** @class */ (function () {\r\n function CacheRecord(accountEntity, idTokenEntity, accessTokenEntity, refreshTokenEntity, appMetadataEntity) {\r\n this.account = accountEntity || null;\r\n this.idToken = idTokenEntity || null;\r\n this.accessToken = accessTokenEntity || null;\r\n this.refreshToken = refreshTokenEntity || null;\r\n this.appMetadata = appMetadataEntity || null;\r\n }\r\n return CacheRecord;\r\n}());\n\nexport { CacheRecord };\n//# sourceMappingURL=CacheRecord.js.map\n","/*! @azure/msal-common v7.6.0 2022-10-10 */\n'use strict';\nimport { CredentialType, CacheType, Constants, Separators, AuthenticationScheme } from '../../utils/Constants.js';\nimport { ClientAuthError } from '../../error/ClientAuthError.js';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\n/**\r\n * Base type for credentials to be stored in the cache: eg: ACCESS_TOKEN, ID_TOKEN etc\r\n *\r\n * Key:Value Schema:\r\n *\r\n * Key: -------\r\n *\r\n * Value Schema:\r\n * {\r\n * homeAccountId: home account identifier for the auth scheme,\r\n * environment: entity that issued the token, represented as a full host\r\n * credentialType: Type of credential as a string, can be one of the following: RefreshToken, AccessToken, IdToken, Password, Cookie, Certificate, Other\r\n * clientId: client ID of the application\r\n * secret: Actual credential as a string\r\n * familyId: Family ID identifier, usually only used for refresh tokens\r\n * realm: Full tenant or organizational identifier that the account belongs to\r\n * target: Permissions that are included in the token, or for refresh tokens, the resource identifier.\r\n * tokenType: Matches the authentication scheme for which the token was issued (i.e. Bearer or pop)\r\n * requestedClaimsHash: Matches the SHA 256 hash of the claims object included in the token request\r\n * userAssertionHash: Matches the SHA 256 hash of the obo_assertion for the OBO flow\r\n * }\r\n */\r\nvar CredentialEntity = /** @class */ (function () {\r\n function CredentialEntity() {\r\n }\r\n /**\r\n * Generate Account Id key component as per the schema: -\r\n */\r\n CredentialEntity.prototype.generateAccountId = function () {\r\n return CredentialEntity.generateAccountIdForCacheKey(this.homeAccountId, this.environment);\r\n };\r\n /**\r\n * Generate Credential Id key component as per the schema: --\r\n */\r\n CredentialEntity.prototype.generateCredentialId = function () {\r\n return CredentialEntity.generateCredentialIdForCacheKey(this.credentialType, this.clientId, this.realm, this.familyId);\r\n };\r\n /**\r\n * Generate target key component as per schema: \r\n */\r\n CredentialEntity.prototype.generateTarget = function () {\r\n return CredentialEntity.generateTargetForCacheKey(this.target);\r\n };\r\n /**\r\n * generates credential key\r\n */\r\n CredentialEntity.prototype.generateCredentialKey = function () {\r\n return CredentialEntity.generateCredentialCacheKey(this.homeAccountId, this.environment, this.credentialType, this.clientId, this.realm, this.target, this.familyId, this.tokenType, this.requestedClaimsHash);\r\n };\r\n /**\r\n * returns the type of the cache (in this case credential)\r\n */\r\n CredentialEntity.prototype.generateType = function () {\r\n switch (this.credentialType) {\r\n case CredentialType.ID_TOKEN:\r\n return CacheType.ID_TOKEN;\r\n case CredentialType.ACCESS_TOKEN:\r\n case CredentialType.ACCESS_TOKEN_WITH_AUTH_SCHEME:\r\n return CacheType.ACCESS_TOKEN;\r\n case CredentialType.REFRESH_TOKEN:\r\n return CacheType.REFRESH_TOKEN;\r\n default: {\r\n throw ClientAuthError.createUnexpectedCredentialTypeError();\r\n }\r\n }\r\n };\r\n /**\r\n * helper function to return `CredentialType`\r\n * @param key\r\n */\r\n CredentialEntity.getCredentialType = function (key) {\r\n // First keyword search will match all \"AccessToken\" and \"AccessToken_With_AuthScheme\" credentials\r\n if (key.indexOf(CredentialType.ACCESS_TOKEN.toLowerCase()) !== -1) {\r\n // Perform second search to differentiate between \"AccessToken\" and \"AccessToken_With_AuthScheme\" credential types\r\n if (key.indexOf(CredentialType.ACCESS_TOKEN_WITH_AUTH_SCHEME.toLowerCase()) !== -1) {\r\n return CredentialType.ACCESS_TOKEN_WITH_AUTH_SCHEME;\r\n }\r\n return CredentialType.ACCESS_TOKEN;\r\n }\r\n else if (key.indexOf(CredentialType.ID_TOKEN.toLowerCase()) !== -1) {\r\n return CredentialType.ID_TOKEN;\r\n }\r\n else if (key.indexOf(CredentialType.REFRESH_TOKEN.toLowerCase()) !== -1) {\r\n return CredentialType.REFRESH_TOKEN;\r\n }\r\n return Constants.NOT_DEFINED;\r\n };\r\n /**\r\n * generates credential key\r\n * -\\-----\r\n */\r\n CredentialEntity.generateCredentialCacheKey = function (homeAccountId, environment, credentialType, clientId, realm, target, familyId, tokenType, requestedClaimsHash) {\r\n var credentialKey = [\r\n this.generateAccountIdForCacheKey(homeAccountId, environment),\r\n this.generateCredentialIdForCacheKey(credentialType, clientId, realm, familyId),\r\n this.generateTargetForCacheKey(target),\r\n this.generateClaimsHashForCacheKey(requestedClaimsHash),\r\n this.generateSchemeForCacheKey(tokenType)\r\n ];\r\n return credentialKey.join(Separators.CACHE_KEY_SEPARATOR).toLowerCase();\r\n };\r\n /**\r\n * generates Account Id for keys\r\n * @param homeAccountId\r\n * @param environment\r\n */\r\n CredentialEntity.generateAccountIdForCacheKey = function (homeAccountId, environment) {\r\n var accountId = [homeAccountId, environment];\r\n return accountId.join(Separators.CACHE_KEY_SEPARATOR).toLowerCase();\r\n };\r\n /**\r\n * Generates Credential Id for keys\r\n * @param credentialType\r\n * @param realm\r\n * @param clientId\r\n * @param familyId\r\n */\r\n CredentialEntity.generateCredentialIdForCacheKey = function (credentialType, clientId, realm, familyId) {\r\n var clientOrFamilyId = credentialType === CredentialType.REFRESH_TOKEN\r\n ? familyId || clientId\r\n : clientId;\r\n var credentialId = [\r\n credentialType,\r\n clientOrFamilyId,\r\n realm || Constants.EMPTY_STRING,\r\n ];\r\n return credentialId.join(Separators.CACHE_KEY_SEPARATOR).toLowerCase();\r\n };\r\n /**\r\n * Generate target key component as per schema: \r\n */\r\n CredentialEntity.generateTargetForCacheKey = function (scopes) {\r\n return (scopes || Constants.EMPTY_STRING).toLowerCase();\r\n };\r\n /**\r\n * Generate requested claims key component as per schema: \r\n */\r\n CredentialEntity.generateClaimsHashForCacheKey = function (requestedClaimsHash) {\r\n return (requestedClaimsHash || Constants.EMPTY_STRING).toLowerCase();\r\n };\r\n /**\r\n * Generate scheme key componenet as per schema: \r\n */\r\n CredentialEntity.generateSchemeForCacheKey = function (tokenType) {\r\n /*\r\n * PoP Tokens and SSH certs include scheme in cache key\r\n * Cast to lowercase to handle \"bearer\" from ADFS\r\n */\r\n return (tokenType && tokenType.toLowerCase() !== AuthenticationScheme.BEARER.toLowerCase()) ? tokenType.toLowerCase() : Constants.EMPTY_STRING;\r\n };\r\n return CredentialEntity;\r\n}());\n\nexport { CredentialEntity };\n//# sourceMappingURL=CredentialEntity.js.map\n","/*! @azure/msal-common v7.6.0 2022-10-10 */\n'use strict';\nimport { __extends } from '../../_virtual/_tslib.js';\nimport { CredentialEntity } from './CredentialEntity.js';\nimport { CredentialType } from '../../utils/Constants.js';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\n/**\r\n * ID_TOKEN Cache\r\n *\r\n * Key:Value Schema:\r\n *\r\n * Key Example: uid.utid-login.microsoftonline.com-idtoken-clientId-contoso.com-\r\n *\r\n * Value Schema:\r\n * {\r\n * homeAccountId: home account identifier for the auth scheme,\r\n * environment: entity that issued the token, represented as a full host\r\n * credentialType: Type of credential as a string, can be one of the following: RefreshToken, AccessToken, IdToken, Password, Cookie, Certificate, Other\r\n * clientId: client ID of the application\r\n * secret: Actual credential as a string\r\n * realm: Full tenant or organizational identifier that the account belongs to\r\n * }\r\n */\r\nvar IdTokenEntity = /** @class */ (function (_super) {\r\n __extends(IdTokenEntity, _super);\r\n function IdTokenEntity() {\r\n return _super !== null && _super.apply(this, arguments) || this;\r\n }\r\n /**\r\n * Create IdTokenEntity\r\n * @param homeAccountId\r\n * @param authenticationResult\r\n * @param clientId\r\n * @param authority\r\n */\r\n IdTokenEntity.createIdTokenEntity = function (homeAccountId, environment, idToken, clientId, tenantId) {\r\n var idTokenEntity = new IdTokenEntity();\r\n idTokenEntity.credentialType = CredentialType.ID_TOKEN;\r\n idTokenEntity.homeAccountId = homeAccountId;\r\n idTokenEntity.environment = environment;\r\n idTokenEntity.clientId = clientId;\r\n idTokenEntity.secret = idToken;\r\n idTokenEntity.realm = tenantId;\r\n return idTokenEntity;\r\n };\r\n /**\r\n * Validates an entity: checks for all expected params\r\n * @param entity\r\n */\r\n IdTokenEntity.isIdTokenEntity = function (entity) {\r\n if (!entity) {\r\n return false;\r\n }\r\n return (entity.hasOwnProperty(\"homeAccountId\") &&\r\n entity.hasOwnProperty(\"environment\") &&\r\n entity.hasOwnProperty(\"credentialType\") &&\r\n entity.hasOwnProperty(\"realm\") &&\r\n entity.hasOwnProperty(\"clientId\") &&\r\n entity.hasOwnProperty(\"secret\") &&\r\n entity[\"credentialType\"] === CredentialType.ID_TOKEN);\r\n };\r\n return IdTokenEntity;\r\n}(CredentialEntity));\n\nexport { IdTokenEntity };\n//# sourceMappingURL=IdTokenEntity.js.map\n","/*! @azure/msal-common v7.6.0 2022-10-10 */\n'use strict';\nimport { __extends } from '../../_virtual/_tslib.js';\nimport { CredentialEntity } from './CredentialEntity.js';\nimport { CredentialType } from '../../utils/Constants.js';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\n/**\r\n * REFRESH_TOKEN Cache\r\n *\r\n * Key:Value Schema:\r\n *\r\n * Key Example: uid.utid-login.microsoftonline.com-refreshtoken-clientId--\r\n *\r\n * Value:\r\n * {\r\n * homeAccountId: home account identifier for the auth scheme,\r\n * environment: entity that issued the token, represented as a full host\r\n * credentialType: Type of credential as a string, can be one of the following: RefreshToken, AccessToken, IdToken, Password, Cookie, Certificate, Other\r\n * clientId: client ID of the application\r\n * secret: Actual credential as a string\r\n * familyId: Family ID identifier, '1' represents Microsoft Family\r\n * realm: Full tenant or organizational identifier that the account belongs to\r\n * target: Permissions that are included in the token, or for refresh tokens, the resource identifier.\r\n * }\r\n */\r\nvar RefreshTokenEntity = /** @class */ (function (_super) {\r\n __extends(RefreshTokenEntity, _super);\r\n function RefreshTokenEntity() {\r\n return _super !== null && _super.apply(this, arguments) || this;\r\n }\r\n /**\r\n * Create RefreshTokenEntity\r\n * @param homeAccountId\r\n * @param authenticationResult\r\n * @param clientId\r\n * @param authority\r\n */\r\n RefreshTokenEntity.createRefreshTokenEntity = function (homeAccountId, environment, refreshToken, clientId, familyId, userAssertionHash) {\r\n var rtEntity = new RefreshTokenEntity();\r\n rtEntity.clientId = clientId;\r\n rtEntity.credentialType = CredentialType.REFRESH_TOKEN;\r\n rtEntity.environment = environment;\r\n rtEntity.homeAccountId = homeAccountId;\r\n rtEntity.secret = refreshToken;\r\n rtEntity.userAssertionHash = userAssertionHash;\r\n if (familyId)\r\n rtEntity.familyId = familyId;\r\n return rtEntity;\r\n };\r\n /**\r\n * Validates an entity: checks for all expected params\r\n * @param entity\r\n */\r\n RefreshTokenEntity.isRefreshTokenEntity = function (entity) {\r\n if (!entity) {\r\n return false;\r\n }\r\n return (entity.hasOwnProperty(\"homeAccountId\") &&\r\n entity.hasOwnProperty(\"environment\") &&\r\n entity.hasOwnProperty(\"credentialType\") &&\r\n entity.hasOwnProperty(\"clientId\") &&\r\n entity.hasOwnProperty(\"secret\") &&\r\n entity[\"credentialType\"] === CredentialType.REFRESH_TOKEN);\r\n };\r\n return RefreshTokenEntity;\r\n}(CredentialEntity));\n\nexport { RefreshTokenEntity };\n//# sourceMappingURL=RefreshTokenEntity.js.map\n","/*! @azure/msal-common v7.6.0 2022-10-10 */\n'use strict';\nimport { SERVER_TELEM_CONSTANTS } from '../../utils/Constants.js';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\nvar ServerTelemetryEntity = /** @class */ (function () {\r\n function ServerTelemetryEntity() {\r\n this.failedRequests = [];\r\n this.errors = [];\r\n this.cacheHits = 0;\r\n }\r\n /**\r\n * validates if a given cache entry is \"Telemetry\", parses \r\n * @param key\r\n * @param entity\r\n */\r\n ServerTelemetryEntity.isServerTelemetryEntity = function (key, entity) {\r\n var validateKey = key.indexOf(SERVER_TELEM_CONSTANTS.CACHE_KEY) === 0;\r\n var validateEntity = true;\r\n if (entity) {\r\n validateEntity =\r\n entity.hasOwnProperty(\"failedRequests\") &&\r\n entity.hasOwnProperty(\"errors\") &&\r\n entity.hasOwnProperty(\"cacheHits\");\r\n }\r\n return validateKey && validateEntity;\r\n };\r\n return ServerTelemetryEntity;\r\n}());\n\nexport { ServerTelemetryEntity };\n//# sourceMappingURL=ServerTelemetryEntity.js.map\n","/*! @azure/msal-common v7.6.0 2022-10-10 */\n'use strict';\nimport { ThrottlingConstants } from '../../utils/Constants.js';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\nvar ThrottlingEntity = /** @class */ (function () {\r\n function ThrottlingEntity() {\r\n }\r\n /**\r\n * validates if a given cache entry is \"Throttling\", parses \r\n * @param key\r\n * @param entity\r\n */\r\n ThrottlingEntity.isThrottlingEntity = function (key, entity) {\r\n var validateKey = false;\r\n if (key) {\r\n validateKey = key.indexOf(ThrottlingConstants.THROTTLING_PREFIX) === 0;\r\n }\r\n var validateEntity = true;\r\n if (entity) {\r\n validateEntity = entity.hasOwnProperty(\"throttleTime\");\r\n }\r\n return validateKey && validateEntity;\r\n };\r\n return ThrottlingEntity;\r\n}());\n\nexport { ThrottlingEntity };\n//# sourceMappingURL=ThrottlingEntity.js.map\n","/*! @azure/msal-common v7.6.0 2022-10-10 */\n'use strict';\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\n/**\r\n * This class instance helps track the memory changes facilitating\r\n * decisions to read from and write to the persistent cache\r\n */ var TokenCacheContext = /** @class */ (function () {\r\n function TokenCacheContext(tokenCache, hasChanged) {\r\n this.cache = tokenCache;\r\n this.hasChanged = hasChanged;\r\n }\r\n Object.defineProperty(TokenCacheContext.prototype, \"cacheHasChanged\", {\r\n /**\r\n * boolean which indicates the changes in cache\r\n */\r\n get: function () {\r\n return this.hasChanged;\r\n },\r\n enumerable: false,\r\n configurable: true\r\n });\r\n Object.defineProperty(TokenCacheContext.prototype, \"tokenCache\", {\r\n /**\r\n * function to retrieve the token cache\r\n */\r\n get: function () {\r\n return this.cache;\r\n },\r\n enumerable: false,\r\n configurable: true\r\n });\r\n return TokenCacheContext;\r\n}());\n\nexport { TokenCacheContext };\n//# sourceMappingURL=TokenCacheContext.js.map\n","/*! @azure/msal-common v7.6.0 2022-10-10 */\n'use strict';\nimport { __extends, __awaiter, __generator, __assign, __spreadArrays } from '../_virtual/_tslib.js';\nimport { BaseClient } from './BaseClient.js';\nimport { RequestParameterBuilder } from '../request/RequestParameterBuilder.js';\nimport { Separators, AADServerParamKeys, AuthenticationScheme, GrantType, PromptValue, HeaderNames } from '../utils/Constants.js';\nimport { ResponseHandler } from '../response/ResponseHandler.js';\nimport { StringUtils } from '../utils/StringUtils.js';\nimport { ClientAuthError } from '../error/ClientAuthError.js';\nimport { UrlString } from '../url/UrlString.js';\nimport { PopTokenGenerator } from '../crypto/PopTokenGenerator.js';\nimport { TimeUtils } from '../utils/TimeUtils.js';\nimport { buildClientInfo, buildClientInfoFromHomeAccountId } from '../account/ClientInfo.js';\nimport { CcsCredentialType } from '../account/CcsCredential.js';\nimport { ClientConfigurationError } from '../error/ClientConfigurationError.js';\nimport { RequestValidator } from '../request/RequestValidator.js';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\n/**\r\n * Oauth2.0 Authorization Code client\r\n */\r\nvar AuthorizationCodeClient = /** @class */ (function (_super) {\r\n __extends(AuthorizationCodeClient, _super);\r\n function AuthorizationCodeClient(configuration) {\r\n var _this = _super.call(this, configuration) || this;\r\n // Flag to indicate if client is for hybrid spa auth code redemption\r\n _this.includeRedirectUri = true;\r\n return _this;\r\n }\r\n /**\r\n * Creates the URL of the authorization request letting the user input credentials and consent to the\r\n * application. The URL target the /authorize endpoint of the authority configured in the\r\n * application object.\r\n *\r\n * Once the user inputs their credentials and consents, the authority will send a response to the redirect URI\r\n * sent in the request and should contain an authorization code, which can then be used to acquire tokens via\r\n * acquireToken(AuthorizationCodeRequest)\r\n * @param request\r\n */\r\n AuthorizationCodeClient.prototype.getAuthCodeUrl = function (request) {\r\n return __awaiter(this, void 0, void 0, function () {\r\n var queryString;\r\n return __generator(this, function (_a) {\r\n switch (_a.label) {\r\n case 0: return [4 /*yield*/, this.createAuthCodeUrlQueryString(request)];\r\n case 1:\r\n queryString = _a.sent();\r\n return [2 /*return*/, UrlString.appendQueryString(this.authority.authorizationEndpoint, queryString)];\r\n }\r\n });\r\n });\r\n };\r\n /**\r\n * API to acquire a token in exchange of 'authorization_code` acquired by the user in the first leg of the\r\n * authorization_code_grant\r\n * @param request\r\n */\r\n AuthorizationCodeClient.prototype.acquireToken = function (request, authCodePayload) {\r\n var _a;\r\n return __awaiter(this, void 0, void 0, function () {\r\n var reqTimestamp, response, requestId, responseHandler;\r\n return __generator(this, function (_b) {\r\n switch (_b.label) {\r\n case 0:\r\n this.logger.info(\"in acquireToken call\");\r\n if (!request || StringUtils.isEmpty(request.code)) {\r\n throw ClientAuthError.createTokenRequestCannotBeMadeError();\r\n }\r\n reqTimestamp = TimeUtils.nowSeconds();\r\n return [4 /*yield*/, this.executeTokenRequest(this.authority, request)];\r\n case 1:\r\n response = _b.sent();\r\n requestId = (_a = response.headers) === null || _a === void 0 ? void 0 : _a[HeaderNames.X_MS_REQUEST_ID];\r\n responseHandler = new ResponseHandler(this.config.authOptions.clientId, this.cacheManager, this.cryptoUtils, this.logger, this.config.serializableCache, this.config.persistencePlugin);\r\n // Validate response. This function throws a server error if an error is returned by the server.\r\n responseHandler.validateTokenResponse(response.body);\r\n return [4 /*yield*/, responseHandler.handleServerTokenResponse(response.body, this.authority, reqTimestamp, request, authCodePayload, undefined, undefined, undefined, requestId)];\r\n case 2: return [2 /*return*/, _b.sent()];\r\n }\r\n });\r\n });\r\n };\r\n /**\r\n * Handles the hash fragment response from public client code request. Returns a code response used by\r\n * the client to exchange for a token in acquireToken.\r\n * @param hashFragment\r\n */\r\n AuthorizationCodeClient.prototype.handleFragmentResponse = function (hashFragment, cachedState) {\r\n // Handle responses.\r\n var responseHandler = new ResponseHandler(this.config.authOptions.clientId, this.cacheManager, this.cryptoUtils, this.logger, null, null);\r\n // Deserialize hash fragment response parameters.\r\n var hashUrlString = new UrlString(hashFragment);\r\n // Deserialize hash fragment response parameters.\r\n var serverParams = UrlString.getDeserializedHash(hashUrlString.getHash());\r\n // Get code response\r\n responseHandler.validateServerAuthorizationCodeResponse(serverParams, cachedState, this.cryptoUtils);\r\n // throw when there is no auth code in the response\r\n if (!serverParams.code) {\r\n throw ClientAuthError.createNoAuthCodeInServerResponseError();\r\n }\r\n return __assign(__assign({}, serverParams), { \r\n // Code param is optional in ServerAuthorizationCodeResponse but required in AuthorizationCodePaylod\r\n code: serverParams.code });\r\n };\r\n /**\r\n * Used to log out the current user, and redirect the user to the postLogoutRedirectUri.\r\n * Default behaviour is to redirect the user to `window.location.href`.\r\n * @param authorityUri\r\n */\r\n AuthorizationCodeClient.prototype.getLogoutUri = function (logoutRequest) {\r\n // Throw error if logoutRequest is null/undefined\r\n if (!logoutRequest) {\r\n throw ClientConfigurationError.createEmptyLogoutRequestError();\r\n }\r\n var queryString = this.createLogoutUrlQueryString(logoutRequest);\r\n // Construct logout URI\r\n return UrlString.appendQueryString(this.authority.endSessionEndpoint, queryString);\r\n };\r\n /**\r\n * Executes POST request to token endpoint\r\n * @param authority\r\n * @param request\r\n */\r\n AuthorizationCodeClient.prototype.executeTokenRequest = function (authority, request) {\r\n return __awaiter(this, void 0, void 0, function () {\r\n var thumbprint, requestBody, queryParameters, ccsCredential, clientInfo, headers, endpoint;\r\n return __generator(this, function (_a) {\r\n switch (_a.label) {\r\n case 0:\r\n thumbprint = {\r\n clientId: this.config.authOptions.clientId,\r\n authority: authority.canonicalAuthority,\r\n scopes: request.scopes,\r\n claims: request.claims,\r\n authenticationScheme: request.authenticationScheme,\r\n resourceRequestMethod: request.resourceRequestMethod,\r\n resourceRequestUri: request.resourceRequestUri,\r\n shrClaims: request.shrClaims,\r\n sshKid: request.sshKid\r\n };\r\n return [4 /*yield*/, this.createTokenRequestBody(request)];\r\n case 1:\r\n requestBody = _a.sent();\r\n queryParameters = this.createTokenQueryParameters(request);\r\n ccsCredential = undefined;\r\n if (request.clientInfo) {\r\n try {\r\n clientInfo = buildClientInfo(request.clientInfo, this.cryptoUtils);\r\n ccsCredential = {\r\n credential: \"\" + clientInfo.uid + Separators.CLIENT_INFO_SEPARATOR + clientInfo.utid,\r\n type: CcsCredentialType.HOME_ACCOUNT_ID\r\n };\r\n }\r\n catch (e) {\r\n this.logger.verbose(\"Could not parse client info for CCS Header: \" + e);\r\n }\r\n }\r\n headers = this.createTokenRequestHeaders(ccsCredential || request.ccsCredential);\r\n endpoint = StringUtils.isEmpty(queryParameters) ? authority.tokenEndpoint : authority.tokenEndpoint + \"?\" + queryParameters;\r\n return [2 /*return*/, this.executePostToTokenEndpoint(endpoint, requestBody, headers, thumbprint)];\r\n }\r\n });\r\n });\r\n };\r\n /**\r\n * Creates query string for the /token request\r\n * @param request\r\n */\r\n AuthorizationCodeClient.prototype.createTokenQueryParameters = function (request) {\r\n var parameterBuilder = new RequestParameterBuilder();\r\n if (request.tokenQueryParameters) {\r\n parameterBuilder.addExtraQueryParameters(request.tokenQueryParameters);\r\n }\r\n return parameterBuilder.createQueryString();\r\n };\r\n /**\r\n * Generates a map for all the params to be sent to the service\r\n * @param request\r\n */\r\n AuthorizationCodeClient.prototype.createTokenRequestBody = function (request) {\r\n return __awaiter(this, void 0, void 0, function () {\r\n var parameterBuilder, clientAssertion, popTokenGenerator, reqCnfData, correlationId, ccsCred, clientInfo, clientInfo;\r\n var _a;\r\n return __generator(this, function (_b) {\r\n switch (_b.label) {\r\n case 0:\r\n parameterBuilder = new RequestParameterBuilder();\r\n parameterBuilder.addClientId(this.config.authOptions.clientId);\r\n /*\r\n * For hybrid spa flow, there will be a code but no verifier\r\n * In this scenario, don't include redirect uri as auth code will not be bound to redirect URI\r\n */\r\n if (!this.includeRedirectUri) {\r\n // Just validate\r\n RequestValidator.validateRedirectUri(request.redirectUri);\r\n }\r\n else {\r\n // Validate and include redirect uri\r\n parameterBuilder.addRedirectUri(request.redirectUri);\r\n }\r\n // Add scope array, parameter builder will add default scopes and dedupe\r\n parameterBuilder.addScopes(request.scopes);\r\n // add code: user set, not validated\r\n parameterBuilder.addAuthorizationCode(request.code);\r\n // Add library metadata\r\n parameterBuilder.addLibraryInfo(this.config.libraryInfo);\r\n parameterBuilder.addApplicationTelemetry(this.config.telemetry.application);\r\n parameterBuilder.addThrottling();\r\n if (this.serverTelemetryManager) {\r\n parameterBuilder.addServerTelemetry(this.serverTelemetryManager);\r\n }\r\n // add code_verifier if passed\r\n if (request.codeVerifier) {\r\n parameterBuilder.addCodeVerifier(request.codeVerifier);\r\n }\r\n if (this.config.clientCredentials.clientSecret) {\r\n parameterBuilder.addClientSecret(this.config.clientCredentials.clientSecret);\r\n }\r\n if (this.config.clientCredentials.clientAssertion) {\r\n clientAssertion = this.config.clientCredentials.clientAssertion;\r\n parameterBuilder.addClientAssertion(clientAssertion.assertion);\r\n parameterBuilder.addClientAssertionType(clientAssertion.assertionType);\r\n }\r\n parameterBuilder.addGrantType(GrantType.AUTHORIZATION_CODE_GRANT);\r\n parameterBuilder.addClientInfo();\r\n if (!(request.authenticationScheme === AuthenticationScheme.POP)) return [3 /*break*/, 2];\r\n popTokenGenerator = new PopTokenGenerator(this.cryptoUtils);\r\n return [4 /*yield*/, popTokenGenerator.generateCnf(request)];\r\n case 1:\r\n reqCnfData = _b.sent();\r\n // SPA PoP requires full Base64Url encoded req_cnf string (unhashed)\r\n parameterBuilder.addPopToken(reqCnfData.reqCnfString);\r\n return [3 /*break*/, 3];\r\n case 2:\r\n if (request.authenticationScheme === AuthenticationScheme.SSH) {\r\n if (request.sshJwk) {\r\n parameterBuilder.addSshJwk(request.sshJwk);\r\n }\r\n else {\r\n throw ClientConfigurationError.createMissingSshJwkError();\r\n }\r\n }\r\n _b.label = 3;\r\n case 3:\r\n correlationId = request.correlationId || this.config.cryptoInterface.createNewGuid();\r\n parameterBuilder.addCorrelationId(correlationId);\r\n if (!StringUtils.isEmptyObj(request.claims) || this.config.authOptions.clientCapabilities && this.config.authOptions.clientCapabilities.length > 0) {\r\n parameterBuilder.addClaims(request.claims, this.config.authOptions.clientCapabilities);\r\n }\r\n ccsCred = undefined;\r\n if (request.clientInfo) {\r\n try {\r\n clientInfo = buildClientInfo(request.clientInfo, this.cryptoUtils);\r\n ccsCred = {\r\n credential: \"\" + clientInfo.uid + Separators.CLIENT_INFO_SEPARATOR + clientInfo.utid,\r\n type: CcsCredentialType.HOME_ACCOUNT_ID\r\n };\r\n }\r\n catch (e) {\r\n this.logger.verbose(\"Could not parse client info for CCS Header: \" + e);\r\n }\r\n }\r\n else {\r\n ccsCred = request.ccsCredential;\r\n }\r\n // Adds these as parameters in the request instead of headers to prevent CORS preflight request\r\n if (this.config.systemOptions.preventCorsPreflight && ccsCred) {\r\n switch (ccsCred.type) {\r\n case CcsCredentialType.HOME_ACCOUNT_ID:\r\n try {\r\n clientInfo = buildClientInfoFromHomeAccountId(ccsCred.credential);\r\n parameterBuilder.addCcsOid(clientInfo);\r\n }\r\n catch (e) {\r\n this.logger.verbose(\"Could not parse home account ID for CCS Header: \" + e);\r\n }\r\n break;\r\n case CcsCredentialType.UPN:\r\n parameterBuilder.addCcsUpn(ccsCred.credential);\r\n break;\r\n }\r\n }\r\n if (request.tokenBodyParameters) {\r\n parameterBuilder.addExtraQueryParameters(request.tokenBodyParameters);\r\n }\r\n // Add hybrid spa parameters if not already provided\r\n if (request.enableSpaAuthorizationCode && (!request.tokenBodyParameters || !request.tokenBodyParameters[AADServerParamKeys.RETURN_SPA_CODE])) {\r\n parameterBuilder.addExtraQueryParameters((_a = {},\r\n _a[AADServerParamKeys.RETURN_SPA_CODE] = \"1\",\r\n _a));\r\n }\r\n return [2 /*return*/, parameterBuilder.createQueryString()];\r\n }\r\n });\r\n });\r\n };\r\n /**\r\n * This API validates the `AuthorizationCodeUrlRequest` and creates a URL\r\n * @param request\r\n */\r\n AuthorizationCodeClient.prototype.createAuthCodeUrlQueryString = function (request) {\r\n return __awaiter(this, void 0, void 0, function () {\r\n var parameterBuilder, requestScopes, correlationId, accountSid, accountLoginHintClaim, clientInfo, clientInfo, clientInfo, popTokenGenerator, reqCnfData;\r\n return __generator(this, function (_a) {\r\n switch (_a.label) {\r\n case 0:\r\n parameterBuilder = new RequestParameterBuilder();\r\n parameterBuilder.addClientId(this.config.authOptions.clientId);\r\n requestScopes = __spreadArrays(request.scopes || [], request.extraScopesToConsent || []);\r\n parameterBuilder.addScopes(requestScopes);\r\n // validate the redirectUri (to be a non null value)\r\n parameterBuilder.addRedirectUri(request.redirectUri);\r\n correlationId = request.correlationId || this.config.cryptoInterface.createNewGuid();\r\n parameterBuilder.addCorrelationId(correlationId);\r\n // add response_mode. If not passed in it defaults to query.\r\n parameterBuilder.addResponseMode(request.responseMode);\r\n // add response_type = code\r\n parameterBuilder.addResponseTypeCode();\r\n // add library info parameters\r\n parameterBuilder.addLibraryInfo(this.config.libraryInfo);\r\n parameterBuilder.addApplicationTelemetry(this.config.telemetry.application);\r\n // add client_info=1\r\n parameterBuilder.addClientInfo();\r\n if (request.codeChallenge && request.codeChallengeMethod) {\r\n parameterBuilder.addCodeChallengeParams(request.codeChallenge, request.codeChallengeMethod);\r\n }\r\n if (request.prompt) {\r\n parameterBuilder.addPrompt(request.prompt);\r\n }\r\n if (request.domainHint) {\r\n parameterBuilder.addDomainHint(request.domainHint);\r\n }\r\n // Add sid or loginHint with preference for login_hint claim (in request) -> sid -> loginHint (upn/email) -> username of AccountInfo object\r\n if (request.prompt !== PromptValue.SELECT_ACCOUNT) {\r\n // AAD will throw if prompt=select_account is passed with an account hint\r\n if (request.sid && request.prompt === PromptValue.NONE) {\r\n // SessionID is only used in silent calls\r\n this.logger.verbose(\"createAuthCodeUrlQueryString: Prompt is none, adding sid from request\");\r\n parameterBuilder.addSid(request.sid);\r\n }\r\n else if (request.account) {\r\n accountSid = this.extractAccountSid(request.account);\r\n accountLoginHintClaim = this.extractLoginHint(request.account);\r\n // If login_hint claim is present, use it over sid/username\r\n if (accountLoginHintClaim) {\r\n this.logger.verbose(\"createAuthCodeUrlQueryString: login_hint claim present on account\");\r\n parameterBuilder.addLoginHint(accountLoginHintClaim);\r\n try {\r\n clientInfo = buildClientInfoFromHomeAccountId(request.account.homeAccountId);\r\n parameterBuilder.addCcsOid(clientInfo);\r\n }\r\n catch (e) {\r\n this.logger.verbose(\"createAuthCodeUrlQueryString: Could not parse home account ID for CCS Header\");\r\n }\r\n }\r\n else if (accountSid && request.prompt === PromptValue.NONE) {\r\n /*\r\n * If account and loginHint are provided, we will check account first for sid before adding loginHint\r\n * SessionId is only used in silent calls\r\n */\r\n this.logger.verbose(\"createAuthCodeUrlQueryString: Prompt is none, adding sid from account\");\r\n parameterBuilder.addSid(accountSid);\r\n try {\r\n clientInfo = buildClientInfoFromHomeAccountId(request.account.homeAccountId);\r\n parameterBuilder.addCcsOid(clientInfo);\r\n }\r\n catch (e) {\r\n this.logger.verbose(\"createAuthCodeUrlQueryString: Could not parse home account ID for CCS Header\");\r\n }\r\n }\r\n else if (request.loginHint) {\r\n this.logger.verbose(\"createAuthCodeUrlQueryString: Adding login_hint from request\");\r\n parameterBuilder.addLoginHint(request.loginHint);\r\n parameterBuilder.addCcsUpn(request.loginHint);\r\n }\r\n else if (request.account.username) {\r\n // Fallback to account username if provided\r\n this.logger.verbose(\"createAuthCodeUrlQueryString: Adding login_hint from account\");\r\n parameterBuilder.addLoginHint(request.account.username);\r\n try {\r\n clientInfo = buildClientInfoFromHomeAccountId(request.account.homeAccountId);\r\n parameterBuilder.addCcsOid(clientInfo);\r\n }\r\n catch (e) {\r\n this.logger.verbose(\"createAuthCodeUrlQueryString: Could not parse home account ID for CCS Header\");\r\n }\r\n }\r\n }\r\n else if (request.loginHint) {\r\n this.logger.verbose(\"createAuthCodeUrlQueryString: No account, adding login_hint from request\");\r\n parameterBuilder.addLoginHint(request.loginHint);\r\n parameterBuilder.addCcsUpn(request.loginHint);\r\n }\r\n }\r\n else {\r\n this.logger.verbose(\"createAuthCodeUrlQueryString: Prompt is select_account, ignoring account hints\");\r\n }\r\n if (request.nonce) {\r\n parameterBuilder.addNonce(request.nonce);\r\n }\r\n if (request.state) {\r\n parameterBuilder.addState(request.state);\r\n }\r\n if (!StringUtils.isEmpty(request.claims) || this.config.authOptions.clientCapabilities && this.config.authOptions.clientCapabilities.length > 0) {\r\n parameterBuilder.addClaims(request.claims, this.config.authOptions.clientCapabilities);\r\n }\r\n if (request.extraQueryParameters) {\r\n parameterBuilder.addExtraQueryParameters(request.extraQueryParameters);\r\n }\r\n if (!request.nativeBroker) return [3 /*break*/, 2];\r\n // signal ests that this is a WAM call\r\n parameterBuilder.addNativeBroker();\r\n if (!(request.authenticationScheme === AuthenticationScheme.POP)) return [3 /*break*/, 2];\r\n popTokenGenerator = new PopTokenGenerator(this.cryptoUtils);\r\n return [4 /*yield*/, popTokenGenerator.generateCnf(request)];\r\n case 1:\r\n reqCnfData = _a.sent();\r\n parameterBuilder.addPopToken(reqCnfData.reqCnfHash);\r\n _a.label = 2;\r\n case 2: return [2 /*return*/, parameterBuilder.createQueryString()];\r\n }\r\n });\r\n });\r\n };\r\n /**\r\n * This API validates the `EndSessionRequest` and creates a URL\r\n * @param request\r\n */\r\n AuthorizationCodeClient.prototype.createLogoutUrlQueryString = function (request) {\r\n var parameterBuilder = new RequestParameterBuilder();\r\n if (request.postLogoutRedirectUri) {\r\n parameterBuilder.addPostLogoutRedirectUri(request.postLogoutRedirectUri);\r\n }\r\n if (request.correlationId) {\r\n parameterBuilder.addCorrelationId(request.correlationId);\r\n }\r\n if (request.idTokenHint) {\r\n parameterBuilder.addIdTokenHint(request.idTokenHint);\r\n }\r\n if (request.state) {\r\n parameterBuilder.addState(request.state);\r\n }\r\n if (request.logoutHint) {\r\n parameterBuilder.addLogoutHint(request.logoutHint);\r\n }\r\n if (request.extraQueryParameters) {\r\n parameterBuilder.addExtraQueryParameters(request.extraQueryParameters);\r\n }\r\n return parameterBuilder.createQueryString();\r\n };\r\n /**\r\n * Helper to get sid from account. Returns null if idTokenClaims are not present or sid is not present.\r\n * @param account\r\n */\r\n AuthorizationCodeClient.prototype.extractAccountSid = function (account) {\r\n var _a;\r\n return ((_a = account.idTokenClaims) === null || _a === void 0 ? void 0 : _a.sid) || null;\r\n };\r\n AuthorizationCodeClient.prototype.extractLoginHint = function (account) {\r\n var _a;\r\n return ((_a = account.idTokenClaims) === null || _a === void 0 ? void 0 : _a.login_hint) || null;\r\n };\r\n return AuthorizationCodeClient;\r\n}(BaseClient));\n\nexport { AuthorizationCodeClient };\n//# sourceMappingURL=AuthorizationCodeClient.js.map\n","/*! @azure/msal-common v7.6.0 2022-10-10 */\n'use strict';\nimport { __awaiter, __generator } from '../_virtual/_tslib.js';\nimport { ThrottlingUtils } from './ThrottlingUtils.js';\nimport { AuthError } from '../error/AuthError.js';\nimport { ClientAuthError } from '../error/ClientAuthError.js';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\nvar NetworkManager = /** @class */ (function () {\r\n function NetworkManager(networkClient, cacheManager) {\r\n this.networkClient = networkClient;\r\n this.cacheManager = cacheManager;\r\n }\r\n /**\r\n * Wraps sendPostRequestAsync with necessary preflight and postflight logic\r\n * @param thumbprint\r\n * @param tokenEndpoint\r\n * @param options\r\n */\r\n NetworkManager.prototype.sendPostRequest = function (thumbprint, tokenEndpoint, options) {\r\n return __awaiter(this, void 0, void 0, function () {\r\n var response, e_1;\r\n return __generator(this, function (_a) {\r\n switch (_a.label) {\r\n case 0:\r\n ThrottlingUtils.preProcess(this.cacheManager, thumbprint);\r\n _a.label = 1;\r\n case 1:\r\n _a.trys.push([1, 3, , 4]);\r\n return [4 /*yield*/, this.networkClient.sendPostRequestAsync(tokenEndpoint, options)];\r\n case 2:\r\n response = _a.sent();\r\n return [3 /*break*/, 4];\r\n case 3:\r\n e_1 = _a.sent();\r\n if (e_1 instanceof AuthError) {\r\n throw e_1;\r\n }\r\n else {\r\n throw ClientAuthError.createNetworkError(tokenEndpoint, e_1);\r\n }\r\n case 4:\r\n ThrottlingUtils.postProcess(this.cacheManager, thumbprint, response);\r\n return [2 /*return*/, response];\r\n }\r\n });\r\n });\r\n };\r\n return NetworkManager;\r\n}());\n\nexport { NetworkManager };\n//# sourceMappingURL=NetworkManager.js.map\n","/*! @azure/msal-common v7.6.0 2022-10-10 */\n'use strict';\nimport { __awaiter, __generator } from '../_virtual/_tslib.js';\nimport { buildClientConfiguration } from '../config/ClientConfiguration.js';\nimport { NetworkManager } from '../network/NetworkManager.js';\nimport { Logger } from '../logger/Logger.js';\nimport { HeaderNames, Constants } from '../utils/Constants.js';\nimport { name, version } from '../packageMetadata.js';\nimport { ClientAuthError } from '../error/ClientAuthError.js';\nimport { CcsCredentialType } from '../account/CcsCredential.js';\nimport { buildClientInfoFromHomeAccountId } from '../account/ClientInfo.js';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\n/**\r\n * Base application class which will construct requests to send to and handle responses from the Microsoft STS using the authorization code flow.\r\n */\r\nvar BaseClient = /** @class */ (function () {\r\n function BaseClient(configuration, performanceClient) {\r\n // Set the configuration\r\n this.config = buildClientConfiguration(configuration);\r\n // Initialize the logger\r\n this.logger = new Logger(this.config.loggerOptions, name, version);\r\n // Initialize crypto\r\n this.cryptoUtils = this.config.cryptoInterface;\r\n // Initialize storage interface\r\n this.cacheManager = this.config.storageInterface;\r\n // Set the network interface\r\n this.networkClient = this.config.networkInterface;\r\n // Set the NetworkManager\r\n this.networkManager = new NetworkManager(this.networkClient, this.cacheManager);\r\n // Set TelemetryManager\r\n this.serverTelemetryManager = this.config.serverTelemetryManager;\r\n // set Authority\r\n this.authority = this.config.authOptions.authority;\r\n // set performance telemetry client\r\n this.performanceClient = performanceClient;\r\n }\r\n /**\r\n * Creates default headers for requests to token endpoint\r\n */\r\n BaseClient.prototype.createTokenRequestHeaders = function (ccsCred) {\r\n var headers = {};\r\n headers[HeaderNames.CONTENT_TYPE] = Constants.URL_FORM_CONTENT_TYPE;\r\n if (!this.config.systemOptions.preventCorsPreflight && ccsCred) {\r\n switch (ccsCred.type) {\r\n case CcsCredentialType.HOME_ACCOUNT_ID:\r\n try {\r\n var clientInfo = buildClientInfoFromHomeAccountId(ccsCred.credential);\r\n headers[HeaderNames.CCS_HEADER] = \"Oid:\" + clientInfo.uid + \"@\" + clientInfo.utid;\r\n }\r\n catch (e) {\r\n this.logger.verbose(\"Could not parse home account ID for CCS Header: \" + e);\r\n }\r\n break;\r\n case CcsCredentialType.UPN:\r\n headers[HeaderNames.CCS_HEADER] = \"UPN: \" + ccsCred.credential;\r\n break;\r\n }\r\n }\r\n return headers;\r\n };\r\n /**\r\n * Http post to token endpoint\r\n * @param tokenEndpoint\r\n * @param queryString\r\n * @param headers\r\n * @param thumbprint\r\n */\r\n BaseClient.prototype.executePostToTokenEndpoint = function (tokenEndpoint, queryString, headers, thumbprint) {\r\n return __awaiter(this, void 0, void 0, function () {\r\n var response;\r\n return __generator(this, function (_a) {\r\n switch (_a.label) {\r\n case 0: return [4 /*yield*/, this.networkManager.sendPostRequest(thumbprint, tokenEndpoint, { body: queryString, headers: headers, proxyUrl: this.config.systemOptions.proxyUrl })];\r\n case 1:\r\n response = _a.sent();\r\n if (this.config.serverTelemetryManager && response.status < 500 && response.status !== 429) {\r\n // Telemetry data successfully logged by server, clear Telemetry cache\r\n this.config.serverTelemetryManager.clearTelemetryCache();\r\n }\r\n return [2 /*return*/, response];\r\n }\r\n });\r\n });\r\n };\r\n /**\r\n * Updates the authority object of the client. Endpoint discovery must be completed.\r\n * @param updatedAuthority\r\n */\r\n BaseClient.prototype.updateAuthority = function (updatedAuthority) {\r\n if (!updatedAuthority.discoveryComplete()) {\r\n throw ClientAuthError.createEndpointDiscoveryIncompleteError(\"Updated authority has not completed endpoint discovery.\");\r\n }\r\n this.authority = updatedAuthority;\r\n };\r\n return BaseClient;\r\n}());\n\nexport { BaseClient };\n//# sourceMappingURL=BaseClient.js.map\n","/*! @azure/msal-common v7.6.0 2022-10-10 */\n'use strict';\nimport { __extends, __awaiter, __generator, __assign } from '../_virtual/_tslib.js';\nimport { BaseClient } from './BaseClient.js';\nimport { RequestParameterBuilder } from '../request/RequestParameterBuilder.js';\nimport { AuthenticationScheme, GrantType, HeaderNames, Errors } from '../utils/Constants.js';\nimport { ResponseHandler } from '../response/ResponseHandler.js';\nimport { PopTokenGenerator } from '../crypto/PopTokenGenerator.js';\nimport { StringUtils } from '../utils/StringUtils.js';\nimport { ClientConfigurationError } from '../error/ClientConfigurationError.js';\nimport { ClientAuthError } from '../error/ClientAuthError.js';\nimport { ServerError } from '../error/ServerError.js';\nimport { TimeUtils } from '../utils/TimeUtils.js';\nimport { UrlString } from '../url/UrlString.js';\nimport { CcsCredentialType } from '../account/CcsCredential.js';\nimport { buildClientInfoFromHomeAccountId } from '../account/ClientInfo.js';\nimport { InteractionRequiredAuthError, InteractionRequiredAuthErrorMessage } from '../error/InteractionRequiredAuthError.js';\nimport { PerformanceEvents } from '../telemetry/performance/PerformanceEvent.js';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\n/**\r\n * OAuth2.0 refresh token client\r\n */\r\nvar RefreshTokenClient = /** @class */ (function (_super) {\r\n __extends(RefreshTokenClient, _super);\r\n function RefreshTokenClient(configuration, performanceClient) {\r\n return _super.call(this, configuration, performanceClient) || this;\r\n }\r\n RefreshTokenClient.prototype.acquireToken = function (request) {\r\n var _a, _b;\r\n return __awaiter(this, void 0, void 0, function () {\r\n var atsMeasurement, reqTimestamp, response, requestId, responseHandler;\r\n var _this = this;\r\n return __generator(this, function (_c) {\r\n switch (_c.label) {\r\n case 0:\r\n atsMeasurement = (_a = this.performanceClient) === null || _a === void 0 ? void 0 : _a.startMeasurement(PerformanceEvents.RefreshTokenClientAcquireToken, request.correlationId);\r\n this.logger.verbose(\"RefreshTokenClientAcquireToken called\", request.correlationId);\r\n reqTimestamp = TimeUtils.nowSeconds();\r\n return [4 /*yield*/, this.executeTokenRequest(request, this.authority)];\r\n case 1:\r\n response = _c.sent();\r\n requestId = (_b = response.headers) === null || _b === void 0 ? void 0 : _b[HeaderNames.X_MS_REQUEST_ID];\r\n responseHandler = new ResponseHandler(this.config.authOptions.clientId, this.cacheManager, this.cryptoUtils, this.logger, this.config.serializableCache, this.config.persistencePlugin);\r\n responseHandler.validateTokenResponse(response.body);\r\n return [2 /*return*/, responseHandler.handleServerTokenResponse(response.body, this.authority, reqTimestamp, request, undefined, undefined, true, request.forceCache, requestId).then(function (result) {\r\n var _a;\r\n atsMeasurement === null || atsMeasurement === void 0 ? void 0 : atsMeasurement.endMeasurement({\r\n success: true,\r\n refreshTokenSize: ((_a = response.body.refresh_token) === null || _a === void 0 ? void 0 : _a.length) || 0\r\n });\r\n return result;\r\n })\r\n .catch(function (error) {\r\n _this.logger.verbose(\"Error in fetching refresh token\", request.correlationId);\r\n atsMeasurement === null || atsMeasurement === void 0 ? void 0 : atsMeasurement.endMeasurement({\r\n errorCode: error.errorCode,\r\n subErrorCode: error.subError,\r\n success: false,\r\n refreshTokenSize: undefined\r\n });\r\n throw error;\r\n })];\r\n }\r\n });\r\n });\r\n };\r\n /**\r\n * Gets cached refresh token and attaches to request, then calls acquireToken API\r\n * @param request\r\n */\r\n RefreshTokenClient.prototype.acquireTokenByRefreshToken = function (request) {\r\n return __awaiter(this, void 0, void 0, function () {\r\n var isFOCI, noFamilyRTInCache, clientMismatchErrorWithFamilyRT;\r\n return __generator(this, function (_a) {\r\n // Cannot renew token if no request object is given.\r\n if (!request) {\r\n throw ClientConfigurationError.createEmptyTokenRequestError();\r\n }\r\n // We currently do not support silent flow for account === null use cases; This will be revisited for confidential flow usecases\r\n if (!request.account) {\r\n throw ClientAuthError.createNoAccountInSilentRequestError();\r\n }\r\n isFOCI = this.cacheManager.isAppMetadataFOCI(request.account.environment, this.config.authOptions.clientId);\r\n // if the app is part of the family, retrive a Family refresh token if present and make a refreshTokenRequest\r\n if (isFOCI) {\r\n try {\r\n return [2 /*return*/, this.acquireTokenWithCachedRefreshToken(request, true)];\r\n }\r\n catch (e) {\r\n noFamilyRTInCache = e instanceof InteractionRequiredAuthError && e.errorCode === InteractionRequiredAuthErrorMessage.noTokensFoundError.code;\r\n clientMismatchErrorWithFamilyRT = e instanceof ServerError && e.errorCode === Errors.INVALID_GRANT_ERROR && e.subError === Errors.CLIENT_MISMATCH_ERROR;\r\n // if family Refresh Token (FRT) cache acquisition fails or if client_mismatch error is seen with FRT, reattempt with application Refresh Token (ART)\r\n if (noFamilyRTInCache || clientMismatchErrorWithFamilyRT) {\r\n return [2 /*return*/, this.acquireTokenWithCachedRefreshToken(request, false)];\r\n // throw in all other cases\r\n }\r\n else {\r\n throw e;\r\n }\r\n }\r\n }\r\n // fall back to application refresh token acquisition\r\n return [2 /*return*/, this.acquireTokenWithCachedRefreshToken(request, false)];\r\n });\r\n });\r\n };\r\n /**\r\n * makes a network call to acquire tokens by exchanging RefreshToken available in userCache; throws if refresh token is not cached\r\n * @param request\r\n */\r\n RefreshTokenClient.prototype.acquireTokenWithCachedRefreshToken = function (request, foci) {\r\n var _a;\r\n return __awaiter(this, void 0, void 0, function () {\r\n var atsMeasurement, refreshToken, refreshTokenRequest;\r\n return __generator(this, function (_b) {\r\n atsMeasurement = (_a = this.performanceClient) === null || _a === void 0 ? void 0 : _a.startMeasurement(PerformanceEvents.RefreshTokenClientAcquireTokenWithCachedRefreshToken, request.correlationId);\r\n this.logger.verbose(\"RefreshTokenClientAcquireTokenWithCachedRefreshToken called\", request.correlationId);\r\n refreshToken = this.cacheManager.readRefreshTokenFromCache(this.config.authOptions.clientId, request.account, foci);\r\n if (!refreshToken) {\r\n atsMeasurement === null || atsMeasurement === void 0 ? void 0 : atsMeasurement.discardMeasurement();\r\n throw InteractionRequiredAuthError.createNoTokensFoundError();\r\n }\r\n // attach cached RT size to the current measurement\r\n atsMeasurement === null || atsMeasurement === void 0 ? void 0 : atsMeasurement.endMeasurement({\r\n success: true\r\n });\r\n refreshTokenRequest = __assign(__assign({}, request), { refreshToken: refreshToken.secret, authenticationScheme: request.authenticationScheme || AuthenticationScheme.BEARER, ccsCredential: {\r\n credential: request.account.homeAccountId,\r\n type: CcsCredentialType.HOME_ACCOUNT_ID\r\n } });\r\n return [2 /*return*/, this.acquireToken(refreshTokenRequest)];\r\n });\r\n });\r\n };\r\n /**\r\n * Constructs the network message and makes a NW call to the underlying secure token service\r\n * @param request\r\n * @param authority\r\n */\r\n RefreshTokenClient.prototype.executeTokenRequest = function (request, authority) {\r\n var _a;\r\n return __awaiter(this, void 0, void 0, function () {\r\n var acquireTokenMeasurement, requestBody, queryParameters, headers, thumbprint, endpoint;\r\n return __generator(this, function (_b) {\r\n switch (_b.label) {\r\n case 0:\r\n acquireTokenMeasurement = (_a = this.performanceClient) === null || _a === void 0 ? void 0 : _a.startMeasurement(PerformanceEvents.RefreshTokenClientExecuteTokenRequest, request.correlationId);\r\n return [4 /*yield*/, this.createTokenRequestBody(request)];\r\n case 1:\r\n requestBody = _b.sent();\r\n queryParameters = this.createTokenQueryParameters(request);\r\n headers = this.createTokenRequestHeaders(request.ccsCredential);\r\n thumbprint = {\r\n clientId: this.config.authOptions.clientId,\r\n authority: authority.canonicalAuthority,\r\n scopes: request.scopes,\r\n claims: request.claims,\r\n authenticationScheme: request.authenticationScheme,\r\n resourceRequestMethod: request.resourceRequestMethod,\r\n resourceRequestUri: request.resourceRequestUri,\r\n shrClaims: request.shrClaims,\r\n sshKid: request.sshKid\r\n };\r\n endpoint = UrlString.appendQueryString(authority.tokenEndpoint, queryParameters);\r\n return [2 /*return*/, this.executePostToTokenEndpoint(endpoint, requestBody, headers, thumbprint)\r\n .then(function (result) {\r\n acquireTokenMeasurement === null || acquireTokenMeasurement === void 0 ? void 0 : acquireTokenMeasurement.endMeasurement({\r\n success: true\r\n });\r\n return result;\r\n })\r\n .catch(function (error) {\r\n acquireTokenMeasurement === null || acquireTokenMeasurement === void 0 ? void 0 : acquireTokenMeasurement.endMeasurement({\r\n success: false\r\n });\r\n throw error;\r\n })];\r\n }\r\n });\r\n });\r\n };\r\n /**\r\n * Creates query string for the /token request\r\n * @param request\r\n */\r\n RefreshTokenClient.prototype.createTokenQueryParameters = function (request) {\r\n var parameterBuilder = new RequestParameterBuilder();\r\n if (request.tokenQueryParameters) {\r\n parameterBuilder.addExtraQueryParameters(request.tokenQueryParameters);\r\n }\r\n return parameterBuilder.createQueryString();\r\n };\r\n /**\r\n * Helper function to create the token request body\r\n * @param request\r\n */\r\n RefreshTokenClient.prototype.createTokenRequestBody = function (request) {\r\n var _a;\r\n return __awaiter(this, void 0, void 0, function () {\r\n var correlationId, acquireTokenMeasurement, parameterBuilder, clientAssertion, popTokenGenerator, reqCnfData, clientInfo;\r\n return __generator(this, function (_b) {\r\n switch (_b.label) {\r\n case 0:\r\n correlationId = request.correlationId;\r\n acquireTokenMeasurement = (_a = this.performanceClient) === null || _a === void 0 ? void 0 : _a.startMeasurement(PerformanceEvents.BaseClientCreateTokenRequestHeaders, correlationId);\r\n parameterBuilder = new RequestParameterBuilder();\r\n parameterBuilder.addClientId(this.config.authOptions.clientId);\r\n parameterBuilder.addScopes(request.scopes);\r\n parameterBuilder.addGrantType(GrantType.REFRESH_TOKEN_GRANT);\r\n parameterBuilder.addClientInfo();\r\n parameterBuilder.addLibraryInfo(this.config.libraryInfo);\r\n parameterBuilder.addApplicationTelemetry(this.config.telemetry.application);\r\n parameterBuilder.addThrottling();\r\n if (this.serverTelemetryManager) {\r\n parameterBuilder.addServerTelemetry(this.serverTelemetryManager);\r\n }\r\n parameterBuilder.addCorrelationId(correlationId);\r\n parameterBuilder.addRefreshToken(request.refreshToken);\r\n if (this.config.clientCredentials.clientSecret) {\r\n parameterBuilder.addClientSecret(this.config.clientCredentials.clientSecret);\r\n }\r\n if (this.config.clientCredentials.clientAssertion) {\r\n clientAssertion = this.config.clientCredentials.clientAssertion;\r\n parameterBuilder.addClientAssertion(clientAssertion.assertion);\r\n parameterBuilder.addClientAssertionType(clientAssertion.assertionType);\r\n }\r\n if (!(request.authenticationScheme === AuthenticationScheme.POP)) return [3 /*break*/, 2];\r\n popTokenGenerator = new PopTokenGenerator(this.cryptoUtils);\r\n return [4 /*yield*/, popTokenGenerator.generateCnf(request)];\r\n case 1:\r\n reqCnfData = _b.sent();\r\n // SPA PoP requires full Base64Url encoded req_cnf string (unhashed)\r\n parameterBuilder.addPopToken(reqCnfData.reqCnfString);\r\n return [3 /*break*/, 3];\r\n case 2:\r\n if (request.authenticationScheme === AuthenticationScheme.SSH) {\r\n if (request.sshJwk) {\r\n parameterBuilder.addSshJwk(request.sshJwk);\r\n }\r\n else {\r\n acquireTokenMeasurement === null || acquireTokenMeasurement === void 0 ? void 0 : acquireTokenMeasurement.endMeasurement({\r\n success: false\r\n });\r\n throw ClientConfigurationError.createMissingSshJwkError();\r\n }\r\n }\r\n _b.label = 3;\r\n case 3:\r\n if (!StringUtils.isEmptyObj(request.claims) || this.config.authOptions.clientCapabilities && this.config.authOptions.clientCapabilities.length > 0) {\r\n parameterBuilder.addClaims(request.claims, this.config.authOptions.clientCapabilities);\r\n }\r\n if (this.config.systemOptions.preventCorsPreflight && request.ccsCredential) {\r\n switch (request.ccsCredential.type) {\r\n case CcsCredentialType.HOME_ACCOUNT_ID:\r\n try {\r\n clientInfo = buildClientInfoFromHomeAccountId(request.ccsCredential.credential);\r\n parameterBuilder.addCcsOid(clientInfo);\r\n }\r\n catch (e) {\r\n this.logger.verbose(\"Could not parse home account ID for CCS Header: \" + e);\r\n }\r\n break;\r\n case CcsCredentialType.UPN:\r\n parameterBuilder.addCcsUpn(request.ccsCredential.credential);\r\n break;\r\n }\r\n }\r\n acquireTokenMeasurement === null || acquireTokenMeasurement === void 0 ? void 0 : acquireTokenMeasurement.endMeasurement({\r\n success: true\r\n });\r\n return [2 /*return*/, parameterBuilder.createQueryString()];\r\n }\r\n });\r\n });\r\n };\r\n return RefreshTokenClient;\r\n}(BaseClient));\n\nexport { RefreshTokenClient };\n//# sourceMappingURL=RefreshTokenClient.js.map\n","/*! @azure/msal-common v7.6.0 2022-10-10 */\n'use strict';\nimport { __extends, __awaiter, __generator } from '../_virtual/_tslib.js';\nimport { BaseClient } from './BaseClient.js';\nimport { AuthToken } from '../account/AuthToken.js';\nimport { TimeUtils } from '../utils/TimeUtils.js';\nimport { RefreshTokenClient } from './RefreshTokenClient.js';\nimport { ClientAuthError, ClientAuthErrorMessage } from '../error/ClientAuthError.js';\nimport { ClientConfigurationError } from '../error/ClientConfigurationError.js';\nimport { ResponseHandler } from '../response/ResponseHandler.js';\nimport { CacheOutcome } from '../utils/Constants.js';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\nvar SilentFlowClient = /** @class */ (function (_super) {\r\n __extends(SilentFlowClient, _super);\r\n function SilentFlowClient(configuration, performanceClient) {\r\n return _super.call(this, configuration, performanceClient) || this;\r\n }\r\n /**\r\n * Retrieves a token from cache if it is still valid, or uses the cached refresh token to renew\r\n * the given token and returns the renewed token\r\n * @param request\r\n */\r\n SilentFlowClient.prototype.acquireToken = function (request) {\r\n return __awaiter(this, void 0, void 0, function () {\r\n var e_1, refreshTokenClient;\r\n return __generator(this, function (_a) {\r\n switch (_a.label) {\r\n case 0:\r\n _a.trys.push([0, 2, , 3]);\r\n return [4 /*yield*/, this.acquireCachedToken(request)];\r\n case 1: return [2 /*return*/, _a.sent()];\r\n case 2:\r\n e_1 = _a.sent();\r\n if (e_1 instanceof ClientAuthError && e_1.errorCode === ClientAuthErrorMessage.tokenRefreshRequired.code) {\r\n refreshTokenClient = new RefreshTokenClient(this.config, this.performanceClient);\r\n return [2 /*return*/, refreshTokenClient.acquireTokenByRefreshToken(request)];\r\n }\r\n else {\r\n throw e_1;\r\n }\r\n case 3: return [2 /*return*/];\r\n }\r\n });\r\n });\r\n };\r\n /**\r\n * Retrieves token from cache or throws an error if it must be refreshed.\r\n * @param request\r\n */\r\n SilentFlowClient.prototype.acquireCachedToken = function (request) {\r\n var _a, _b, _c, _d;\r\n return __awaiter(this, void 0, void 0, function () {\r\n var environment, cacheRecord;\r\n return __generator(this, function (_e) {\r\n switch (_e.label) {\r\n case 0:\r\n // Cannot renew token if no request object is given.\r\n if (!request) {\r\n throw ClientConfigurationError.createEmptyTokenRequestError();\r\n }\r\n if (request.forceRefresh) {\r\n // Must refresh due to present force_refresh flag.\r\n (_a = this.serverTelemetryManager) === null || _a === void 0 ? void 0 : _a.setCacheOutcome(CacheOutcome.FORCE_REFRESH);\r\n this.logger.info(\"SilentFlowClient:acquireCachedToken - Skipping cache because forceRefresh is true.\");\r\n throw ClientAuthError.createRefreshRequiredError();\r\n }\r\n // We currently do not support silent flow for account === null use cases; This will be revisited for confidential flow usecases\r\n if (!request.account) {\r\n throw ClientAuthError.createNoAccountInSilentRequestError();\r\n }\r\n environment = request.authority || this.authority.getPreferredCache();\r\n cacheRecord = this.cacheManager.readCacheRecord(request.account, this.config.authOptions.clientId, request, environment);\r\n if (!cacheRecord.accessToken) {\r\n // Must refresh due to non-existent access_token.\r\n (_b = this.serverTelemetryManager) === null || _b === void 0 ? void 0 : _b.setCacheOutcome(CacheOutcome.NO_CACHED_ACCESS_TOKEN);\r\n this.logger.info(\"SilentFlowClient:acquireCachedToken - No access token found in cache for the given properties.\");\r\n throw ClientAuthError.createRefreshRequiredError();\r\n }\r\n else if (TimeUtils.wasClockTurnedBack(cacheRecord.accessToken.cachedAt) ||\r\n TimeUtils.isTokenExpired(cacheRecord.accessToken.expiresOn, this.config.systemOptions.tokenRenewalOffsetSeconds)) {\r\n // Must refresh due to expired access_token.\r\n (_c = this.serverTelemetryManager) === null || _c === void 0 ? void 0 : _c.setCacheOutcome(CacheOutcome.CACHED_ACCESS_TOKEN_EXPIRED);\r\n this.logger.info(\"SilentFlowClient:acquireCachedToken - Cached access token is expired or will expire within \" + this.config.systemOptions.tokenRenewalOffsetSeconds + \" seconds.\");\r\n throw ClientAuthError.createRefreshRequiredError();\r\n }\r\n else if (cacheRecord.accessToken.refreshOn && TimeUtils.isTokenExpired(cacheRecord.accessToken.refreshOn, 0)) {\r\n // Must refresh due to the refresh_in value.\r\n (_d = this.serverTelemetryManager) === null || _d === void 0 ? void 0 : _d.setCacheOutcome(CacheOutcome.REFRESH_CACHED_ACCESS_TOKEN);\r\n this.logger.info(\"SilentFlowClient:acquireCachedToken - Cached access token's refreshOn property has been exceeded'.\");\r\n throw ClientAuthError.createRefreshRequiredError();\r\n }\r\n if (this.config.serverTelemetryManager) {\r\n this.config.serverTelemetryManager.incrementCacheHits();\r\n }\r\n return [4 /*yield*/, this.generateResultFromCacheRecord(cacheRecord, request)];\r\n case 1: return [2 /*return*/, _e.sent()];\r\n }\r\n });\r\n });\r\n };\r\n /**\r\n * Helper function to build response object from the CacheRecord\r\n * @param cacheRecord\r\n */\r\n SilentFlowClient.prototype.generateResultFromCacheRecord = function (cacheRecord, request) {\r\n return __awaiter(this, void 0, void 0, function () {\r\n var idTokenObj, authTime;\r\n return __generator(this, function (_a) {\r\n switch (_a.label) {\r\n case 0:\r\n if (cacheRecord.idToken) {\r\n idTokenObj = new AuthToken(cacheRecord.idToken.secret, this.config.cryptoInterface);\r\n }\r\n // token max_age check\r\n if (request.maxAge || (request.maxAge === 0)) {\r\n authTime = idTokenObj === null || idTokenObj === void 0 ? void 0 : idTokenObj.claims.auth_time;\r\n if (!authTime) {\r\n throw ClientAuthError.createAuthTimeNotFoundError();\r\n }\r\n AuthToken.checkMaxAge(authTime, request.maxAge);\r\n }\r\n return [4 /*yield*/, ResponseHandler.generateAuthenticationResult(this.cryptoUtils, this.authority, cacheRecord, true, request, idTokenObj)];\r\n case 1: return [2 /*return*/, _a.sent()];\r\n }\r\n });\r\n });\r\n };\r\n return SilentFlowClient;\r\n}(BaseClient));\n\nexport { SilentFlowClient };\n//# sourceMappingURL=SilentFlowClient.js.map\n","/*! @azure/msal-common v7.6.0 2022-10-10 */\n'use strict';\nimport { __assign, __awaiter, __generator } from '../_virtual/_tslib.js';\nimport { DEFAULT_CRYPTO_IMPLEMENTATION } from '../crypto/ICrypto.js';\nimport { AuthError } from '../error/AuthError.js';\nimport { LogLevel } from '../logger/Logger.js';\nimport { Constants } from '../utils/Constants.js';\nimport { version } from '../packageMetadata.js';\nimport { AzureCloudInstance } from '../authority/AuthorityOptions.js';\nimport { DefaultStorageClass } from '../cache/CacheManager.js';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\n// Token renewal offset default in seconds\r\nvar DEFAULT_TOKEN_RENEWAL_OFFSET_SEC = 300;\r\nvar DEFAULT_SYSTEM_OPTIONS = {\r\n tokenRenewalOffsetSeconds: DEFAULT_TOKEN_RENEWAL_OFFSET_SEC,\r\n preventCorsPreflight: false,\r\n proxyUrl: Constants.EMPTY_STRING\r\n};\r\nvar DEFAULT_LOGGER_IMPLEMENTATION = {\r\n loggerCallback: function () {\r\n // allow users to not set loggerCallback\r\n },\r\n piiLoggingEnabled: false,\r\n logLevel: LogLevel.Info,\r\n correlationId: Constants.EMPTY_STRING\r\n};\r\nvar DEFAULT_NETWORK_IMPLEMENTATION = {\r\n sendGetRequestAsync: function () {\r\n return __awaiter(this, void 0, void 0, function () {\r\n var notImplErr;\r\n return __generator(this, function (_a) {\r\n notImplErr = \"Network interface - sendGetRequestAsync() has not been implemented\";\r\n throw AuthError.createUnexpectedError(notImplErr);\r\n });\r\n });\r\n },\r\n sendPostRequestAsync: function () {\r\n return __awaiter(this, void 0, void 0, function () {\r\n var notImplErr;\r\n return __generator(this, function (_a) {\r\n notImplErr = \"Network interface - sendPostRequestAsync() has not been implemented\";\r\n throw AuthError.createUnexpectedError(notImplErr);\r\n });\r\n });\r\n }\r\n};\r\nvar DEFAULT_LIBRARY_INFO = {\r\n sku: Constants.SKU,\r\n version: version,\r\n cpu: Constants.EMPTY_STRING,\r\n os: Constants.EMPTY_STRING\r\n};\r\nvar DEFAULT_CLIENT_CREDENTIALS = {\r\n clientSecret: Constants.EMPTY_STRING,\r\n clientAssertion: undefined\r\n};\r\nvar DEFAULT_AZURE_CLOUD_OPTIONS = {\r\n azureCloudInstance: AzureCloudInstance.None,\r\n tenant: \"\" + Constants.DEFAULT_COMMON_TENANT\r\n};\r\nvar DEFAULT_TELEMETRY_OPTIONS = {\r\n application: {\r\n appName: \"\",\r\n appVersion: \"\"\r\n }\r\n};\r\n/**\r\n * Function that sets the default options when not explicitly configured from app developer\r\n *\r\n * @param Configuration\r\n *\r\n * @returns Configuration\r\n */\r\nfunction buildClientConfiguration(_a) {\r\n var userAuthOptions = _a.authOptions, userSystemOptions = _a.systemOptions, userLoggerOption = _a.loggerOptions, storageImplementation = _a.storageInterface, networkImplementation = _a.networkInterface, cryptoImplementation = _a.cryptoInterface, clientCredentials = _a.clientCredentials, libraryInfo = _a.libraryInfo, telemetry = _a.telemetry, serverTelemetryManager = _a.serverTelemetryManager, persistencePlugin = _a.persistencePlugin, serializableCache = _a.serializableCache;\r\n var loggerOptions = __assign(__assign({}, DEFAULT_LOGGER_IMPLEMENTATION), userLoggerOption);\r\n return {\r\n authOptions: buildAuthOptions(userAuthOptions),\r\n systemOptions: __assign(__assign({}, DEFAULT_SYSTEM_OPTIONS), userSystemOptions),\r\n loggerOptions: loggerOptions,\r\n storageInterface: storageImplementation || new DefaultStorageClass(userAuthOptions.clientId, DEFAULT_CRYPTO_IMPLEMENTATION),\r\n networkInterface: networkImplementation || DEFAULT_NETWORK_IMPLEMENTATION,\r\n cryptoInterface: cryptoImplementation || DEFAULT_CRYPTO_IMPLEMENTATION,\r\n clientCredentials: clientCredentials || DEFAULT_CLIENT_CREDENTIALS,\r\n libraryInfo: __assign(__assign({}, DEFAULT_LIBRARY_INFO), libraryInfo),\r\n telemetry: __assign(__assign({}, DEFAULT_TELEMETRY_OPTIONS), telemetry),\r\n serverTelemetryManager: serverTelemetryManager || null,\r\n persistencePlugin: persistencePlugin || null,\r\n serializableCache: serializableCache || null,\r\n };\r\n}\r\n/**\r\n * Construct authoptions from the client and platform passed values\r\n * @param authOptions\r\n */\r\nfunction buildAuthOptions(authOptions) {\r\n return __assign({ clientCapabilities: [], azureCloudOptions: DEFAULT_AZURE_CLOUD_OPTIONS, skipAuthorityMetadataCache: false }, authOptions);\r\n}\n\nexport { DEFAULT_SYSTEM_OPTIONS, buildClientConfiguration };\n//# sourceMappingURL=ClientConfiguration.js.map\n","/*! @azure/msal-common v7.6.0 2022-10-10 */\n'use strict';\nimport { __awaiter, __generator } from '../_virtual/_tslib.js';\nimport { AuthError } from '../error/AuthError.js';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\nvar DEFAULT_CRYPTO_IMPLEMENTATION = {\r\n createNewGuid: function () {\r\n var notImplErr = \"Crypto interface - createNewGuid() has not been implemented\";\r\n throw AuthError.createUnexpectedError(notImplErr);\r\n },\r\n base64Decode: function () {\r\n var notImplErr = \"Crypto interface - base64Decode() has not been implemented\";\r\n throw AuthError.createUnexpectedError(notImplErr);\r\n },\r\n base64Encode: function () {\r\n var notImplErr = \"Crypto interface - base64Encode() has not been implemented\";\r\n throw AuthError.createUnexpectedError(notImplErr);\r\n },\r\n generatePkceCodes: function () {\r\n return __awaiter(this, void 0, void 0, function () {\r\n var notImplErr;\r\n return __generator(this, function (_a) {\r\n notImplErr = \"Crypto interface - generatePkceCodes() has not been implemented\";\r\n throw AuthError.createUnexpectedError(notImplErr);\r\n });\r\n });\r\n },\r\n getPublicKeyThumbprint: function () {\r\n return __awaiter(this, void 0, void 0, function () {\r\n var notImplErr;\r\n return __generator(this, function (_a) {\r\n notImplErr = \"Crypto interface - getPublicKeyThumbprint() has not been implemented\";\r\n throw AuthError.createUnexpectedError(notImplErr);\r\n });\r\n });\r\n },\r\n removeTokenBindingKey: function () {\r\n return __awaiter(this, void 0, void 0, function () {\r\n var notImplErr;\r\n return __generator(this, function (_a) {\r\n notImplErr = \"Crypto interface - removeTokenBindingKey() has not been implemented\";\r\n throw AuthError.createUnexpectedError(notImplErr);\r\n });\r\n });\r\n },\r\n clearKeystore: function () {\r\n return __awaiter(this, void 0, void 0, function () {\r\n var notImplErr;\r\n return __generator(this, function (_a) {\r\n notImplErr = \"Crypto interface - clearKeystore() has not been implemented\";\r\n throw AuthError.createUnexpectedError(notImplErr);\r\n });\r\n });\r\n },\r\n signJwt: function () {\r\n return __awaiter(this, void 0, void 0, function () {\r\n var notImplErr;\r\n return __generator(this, function (_a) {\r\n notImplErr = \"Crypto interface - signJwt() has not been implemented\";\r\n throw AuthError.createUnexpectedError(notImplErr);\r\n });\r\n });\r\n },\r\n hashString: function () {\r\n return __awaiter(this, void 0, void 0, function () {\r\n var notImplErr;\r\n return __generator(this, function (_a) {\r\n notImplErr = \"Crypto interface - hashString() has not been implemented\";\r\n throw AuthError.createUnexpectedError(notImplErr);\r\n });\r\n });\r\n }\r\n};\n\nexport { DEFAULT_CRYPTO_IMPLEMENTATION };\n//# sourceMappingURL=ICrypto.js.map\n","/*! @azure/msal-common v7.6.0 2022-10-10 */\n'use strict';\nimport { __extends } from '../_virtual/_tslib.js';\nimport { AuthError } from './AuthError.js';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\n/**\r\n * ClientAuthErrorMessage class containing string constants used by error codes and messages.\r\n */\r\nvar JoseHeaderErrorMessage = {\r\n missingKidError: {\r\n code: \"missing_kid_error\",\r\n desc: \"The JOSE Header for the requested JWT, JWS or JWK object requires a keyId to be configured as the 'kid' header claim. No 'kid' value was provided.\"\r\n },\r\n missingAlgError: {\r\n code: \"missing_alg_error\",\r\n desc: \"The JOSE Header for the requested JWT, JWS or JWK object requires an algorithm to be specified as the 'alg' header claim. No 'alg' value was provided.\"\r\n },\r\n};\r\n/**\r\n * Error thrown when there is an error in the client code running on the browser.\r\n */\r\nvar JoseHeaderError = /** @class */ (function (_super) {\r\n __extends(JoseHeaderError, _super);\r\n function JoseHeaderError(errorCode, errorMessage) {\r\n var _this = _super.call(this, errorCode, errorMessage) || this;\r\n _this.name = \"JoseHeaderError\";\r\n Object.setPrototypeOf(_this, JoseHeaderError.prototype);\r\n return _this;\r\n }\r\n /**\r\n * Creates an error thrown when keyId isn't set on JOSE header.\r\n */\r\n JoseHeaderError.createMissingKidError = function () {\r\n return new JoseHeaderError(JoseHeaderErrorMessage.missingKidError.code, JoseHeaderErrorMessage.missingKidError.desc);\r\n };\r\n /**\r\n * Creates an error thrown when algorithm isn't set on JOSE header.\r\n */\r\n JoseHeaderError.createMissingAlgError = function () {\r\n return new JoseHeaderError(JoseHeaderErrorMessage.missingAlgError.code, JoseHeaderErrorMessage.missingAlgError.desc);\r\n };\r\n return JoseHeaderError;\r\n}(AuthError));\n\nexport { JoseHeaderError, JoseHeaderErrorMessage };\n//# sourceMappingURL=JoseHeaderError.js.map\n","/*! @azure/msal-common v7.6.0 2022-10-10 */\n'use strict';\nimport { JoseHeaderError } from '../error/JoseHeaderError.js';\nimport { JsonTypes } from '../utils/Constants.js';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\nvar JoseHeader = /** @class */ (function () {\r\n function JoseHeader(options) {\r\n this.typ = options.typ;\r\n this.alg = options.alg;\r\n this.kid = options.kid;\r\n }\r\n /**\r\n * Builds SignedHttpRequest formatted JOSE Header from the\r\n * JOSE Header options provided or previously set on the object and returns\r\n * the stringified header object.\r\n * Throws if keyId or algorithm aren't provided since they are required for Access Token Binding.\r\n * @param shrHeaderOptions\r\n * @returns\r\n */\r\n JoseHeader.getShrHeaderString = function (shrHeaderOptions) {\r\n // KeyID is required on the SHR header\r\n if (!shrHeaderOptions.kid) {\r\n throw JoseHeaderError.createMissingKidError();\r\n }\r\n // Alg is required on the SHR header\r\n if (!shrHeaderOptions.alg) {\r\n throw JoseHeaderError.createMissingAlgError();\r\n }\r\n var shrHeader = new JoseHeader({\r\n // Access Token PoP headers must have type JWT, but the type header can be overriden for special cases\r\n typ: shrHeaderOptions.typ || JsonTypes.Jwt,\r\n kid: shrHeaderOptions.kid,\r\n alg: shrHeaderOptions.alg\r\n });\r\n return JSON.stringify(shrHeader);\r\n };\r\n return JoseHeader;\r\n}());\n\nexport { JoseHeader };\n//# sourceMappingURL=JoseHeader.js.map\n","/*! @azure/msal-common v7.6.0 2022-10-10 */\n'use strict';\nimport { __awaiter, __generator, __assign } from '../_virtual/_tslib.js';\nimport { TimeUtils } from '../utils/TimeUtils.js';\nimport { UrlString } from '../url/UrlString.js';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\nvar KeyLocation;\r\n(function (KeyLocation) {\r\n KeyLocation[\"SW\"] = \"sw\";\r\n KeyLocation[\"UHW\"] = \"uhw\";\r\n})(KeyLocation || (KeyLocation = {}));\r\nvar PopTokenGenerator = /** @class */ (function () {\r\n function PopTokenGenerator(cryptoUtils) {\r\n this.cryptoUtils = cryptoUtils;\r\n }\r\n /**\r\n * Generates the req_cnf validated at the RP in the POP protocol for SHR parameters\r\n * and returns an object containing the keyid, the full req_cnf string and the req_cnf string hash\r\n * @param request\r\n * @returns\r\n */\r\n PopTokenGenerator.prototype.generateCnf = function (request) {\r\n return __awaiter(this, void 0, void 0, function () {\r\n var reqCnf, reqCnfString, _a;\r\n return __generator(this, function (_b) {\r\n switch (_b.label) {\r\n case 0: return [4 /*yield*/, this.generateKid(request)];\r\n case 1:\r\n reqCnf = _b.sent();\r\n reqCnfString = this.cryptoUtils.base64Encode(JSON.stringify(reqCnf));\r\n _a = {\r\n kid: reqCnf.kid,\r\n reqCnfString: reqCnfString\r\n };\r\n return [4 /*yield*/, this.cryptoUtils.hashString(reqCnfString)];\r\n case 2: return [2 /*return*/, (_a.reqCnfHash = _b.sent(),\r\n _a)];\r\n }\r\n });\r\n });\r\n };\r\n /**\r\n * Generates key_id for a SHR token request\r\n * @param request\r\n * @returns\r\n */\r\n PopTokenGenerator.prototype.generateKid = function (request) {\r\n return __awaiter(this, void 0, void 0, function () {\r\n var kidThumbprint;\r\n return __generator(this, function (_a) {\r\n switch (_a.label) {\r\n case 0: return [4 /*yield*/, this.cryptoUtils.getPublicKeyThumbprint(request)];\r\n case 1:\r\n kidThumbprint = _a.sent();\r\n return [2 /*return*/, {\r\n kid: kidThumbprint,\r\n xms_ksl: KeyLocation.SW\r\n }];\r\n }\r\n });\r\n });\r\n };\r\n /**\r\n * Signs the POP access_token with the local generated key-pair\r\n * @param accessToken\r\n * @param request\r\n * @returns\r\n */\r\n PopTokenGenerator.prototype.signPopToken = function (accessToken, keyId, request) {\r\n return __awaiter(this, void 0, void 0, function () {\r\n return __generator(this, function (_a) {\r\n return [2 /*return*/, this.signPayload(accessToken, keyId, request)];\r\n });\r\n });\r\n };\r\n /**\r\n * Utility function to generate the signed JWT for an access_token\r\n * @param payload\r\n * @param kid\r\n * @param request\r\n * @param claims\r\n * @returns\r\n */\r\n PopTokenGenerator.prototype.signPayload = function (payload, keyId, request, claims) {\r\n return __awaiter(this, void 0, void 0, function () {\r\n var resourceRequestMethod, resourceRequestUri, shrClaims, shrNonce, resourceUrlString, resourceUrlComponents;\r\n return __generator(this, function (_a) {\r\n switch (_a.label) {\r\n case 0:\r\n resourceRequestMethod = request.resourceRequestMethod, resourceRequestUri = request.resourceRequestUri, shrClaims = request.shrClaims, shrNonce = request.shrNonce;\r\n resourceUrlString = (resourceRequestUri) ? new UrlString(resourceRequestUri) : undefined;\r\n resourceUrlComponents = resourceUrlString === null || resourceUrlString === void 0 ? void 0 : resourceUrlString.getUrlComponents();\r\n return [4 /*yield*/, this.cryptoUtils.signJwt(__assign({ at: payload, ts: TimeUtils.nowSeconds(), m: resourceRequestMethod === null || resourceRequestMethod === void 0 ? void 0 : resourceRequestMethod.toUpperCase(), u: resourceUrlComponents === null || resourceUrlComponents === void 0 ? void 0 : resourceUrlComponents.HostNameAndPort, nonce: shrNonce || this.cryptoUtils.createNewGuid(), p: resourceUrlComponents === null || resourceUrlComponents === void 0 ? void 0 : resourceUrlComponents.AbsolutePath, q: (resourceUrlComponents === null || resourceUrlComponents === void 0 ? void 0 : resourceUrlComponents.QueryString) ? [[], resourceUrlComponents.QueryString] : undefined, client_claims: shrClaims || undefined }, claims), keyId, request.correlationId)];\r\n case 1: return [2 /*return*/, _a.sent()];\r\n }\r\n });\r\n });\r\n };\r\n return PopTokenGenerator;\r\n}());\n\nexport { PopTokenGenerator };\n//# sourceMappingURL=PopTokenGenerator.js.map\n","/*! @azure/msal-common v7.6.0 2022-10-10 */\n'use strict';\nimport { __extends } from '../_virtual/_tslib.js';\nimport { Constants } from '../utils/Constants.js';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\n/**\r\n * AuthErrorMessage class containing string constants used by error codes and messages.\r\n */\r\nvar AuthErrorMessage = {\r\n unexpectedError: {\r\n code: \"unexpected_error\",\r\n desc: \"Unexpected error in authentication.\"\r\n },\r\n postRequestFailed: {\r\n code: \"post_request_failed\",\r\n desc: \"Post request failed from the network, could be a 4xx/5xx or a network unavailability. Please check the exact error code for details.\"\r\n }\r\n};\r\n/**\r\n * General error class thrown by the MSAL.js library.\r\n */\r\nvar AuthError = /** @class */ (function (_super) {\r\n __extends(AuthError, _super);\r\n function AuthError(errorCode, errorMessage, suberror) {\r\n var _this = this;\r\n var errorString = errorMessage ? errorCode + \": \" + errorMessage : errorCode;\r\n _this = _super.call(this, errorString) || this;\r\n Object.setPrototypeOf(_this, AuthError.prototype);\r\n _this.errorCode = errorCode || Constants.EMPTY_STRING;\r\n _this.errorMessage = errorMessage || Constants.EMPTY_STRING;\r\n _this.subError = suberror || Constants.EMPTY_STRING;\r\n _this.name = \"AuthError\";\r\n return _this;\r\n }\r\n AuthError.prototype.setCorrelationId = function (correlationId) {\r\n this.correlationId = correlationId;\r\n };\r\n /**\r\n * Creates an error that is thrown when something unexpected happens in the library.\r\n * @param errDesc\r\n */\r\n AuthError.createUnexpectedError = function (errDesc) {\r\n return new AuthError(AuthErrorMessage.unexpectedError.code, AuthErrorMessage.unexpectedError.desc + \": \" + errDesc);\r\n };\r\n /**\r\n * Creates an error for post request failures.\r\n * @param errDesc\r\n * @returns\r\n */\r\n AuthError.createPostRequestFailed = function (errDesc) {\r\n return new AuthError(AuthErrorMessage.postRequestFailed.code, AuthErrorMessage.postRequestFailed.desc + \": \" + errDesc);\r\n };\r\n return AuthError;\r\n}(Error));\n\nexport { AuthError, AuthErrorMessage };\n//# sourceMappingURL=AuthError.js.map\n","/*! @azure/msal-common v7.6.0 2022-10-10 */\n'use strict';\nimport { __extends } from '../_virtual/_tslib.js';\nimport { AuthError } from './AuthError.js';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\n/**\r\n * ClientAuthErrorMessage class containing string constants used by error codes and messages.\r\n */\r\nvar ClientAuthErrorMessage = {\r\n clientInfoDecodingError: {\r\n code: \"client_info_decoding_error\",\r\n desc: \"The client info could not be parsed/decoded correctly. Please review the trace to determine the root cause.\"\r\n },\r\n clientInfoEmptyError: {\r\n code: \"client_info_empty_error\",\r\n desc: \"The client info was empty. Please review the trace to determine the root cause.\"\r\n },\r\n tokenParsingError: {\r\n code: \"token_parsing_error\",\r\n desc: \"Token cannot be parsed. Please review stack trace to determine root cause.\"\r\n },\r\n nullOrEmptyToken: {\r\n code: \"null_or_empty_token\",\r\n desc: \"The token is null or empty. Please review the trace to determine the root cause.\"\r\n },\r\n endpointResolutionError: {\r\n code: \"endpoints_resolution_error\",\r\n desc: \"Error: could not resolve endpoints. Please check network and try again.\"\r\n },\r\n networkError: {\r\n code: \"network_error\",\r\n desc: \"Network request failed. Please check network trace to determine root cause.\"\r\n },\r\n unableToGetOpenidConfigError: {\r\n code: \"openid_config_error\",\r\n desc: \"Could not retrieve endpoints. Check your authority and verify the .well-known/openid-configuration endpoint returns the required endpoints.\"\r\n },\r\n hashNotDeserialized: {\r\n code: \"hash_not_deserialized\",\r\n desc: \"The hash parameters could not be deserialized. Please review the trace to determine the root cause.\"\r\n },\r\n blankGuidGenerated: {\r\n code: \"blank_guid_generated\",\r\n desc: \"The guid generated was blank. Please review the trace to determine the root cause.\"\r\n },\r\n invalidStateError: {\r\n code: \"invalid_state\",\r\n desc: \"State was not the expected format. Please check the logs to determine whether the request was sent using ProtocolUtils.setRequestState().\"\r\n },\r\n stateMismatchError: {\r\n code: \"state_mismatch\",\r\n desc: \"State mismatch error. Please check your network. Continued requests may cause cache overflow.\"\r\n },\r\n stateNotFoundError: {\r\n code: \"state_not_found\",\r\n desc: \"State not found\"\r\n },\r\n nonceMismatchError: {\r\n code: \"nonce_mismatch\",\r\n desc: \"Nonce mismatch error. This may be caused by a race condition in concurrent requests.\"\r\n },\r\n nonceNotFoundError: {\r\n code: \"nonce_not_found\",\r\n desc: \"nonce not found\"\r\n },\r\n authTimeNotFoundError: {\r\n code: \"auth_time_not_found\",\r\n desc: \"Max Age was requested and the ID token is missing the auth_time variable.\" +\r\n \" auth_time is an optional claim and is not enabled by default - it must be enabled.\" +\r\n \" See https://aka.ms/msaljs/optional-claims for more information.\"\r\n },\r\n maxAgeTranspiredError: {\r\n code: \"max_age_transpired\",\r\n desc: \"Max Age is set to 0, or too much time has elapsed since the last end-user authentication.\"\r\n },\r\n noTokensFoundError: {\r\n code: \"no_tokens_found\",\r\n desc: \"No tokens were found for the given scopes, and no authorization code was passed to acquireToken. You must retrieve an authorization code before making a call to acquireToken().\"\r\n },\r\n multipleMatchingTokens: {\r\n code: \"multiple_matching_tokens\",\r\n desc: \"The cache contains multiple tokens satisfying the requirements. \" +\r\n \"Call AcquireToken again providing more requirements such as authority or account.\"\r\n },\r\n multipleMatchingAccounts: {\r\n code: \"multiple_matching_accounts\",\r\n desc: \"The cache contains multiple accounts satisfying the given parameters. Please pass more info to obtain the correct account\"\r\n },\r\n multipleMatchingAppMetadata: {\r\n code: \"multiple_matching_appMetadata\",\r\n desc: \"The cache contains multiple appMetadata satisfying the given parameters. Please pass more info to obtain the correct appMetadata\"\r\n },\r\n tokenRequestCannotBeMade: {\r\n code: \"request_cannot_be_made\",\r\n desc: \"Token request cannot be made without authorization code or refresh token.\"\r\n },\r\n appendEmptyScopeError: {\r\n code: \"cannot_append_empty_scope\",\r\n desc: \"Cannot append null or empty scope to ScopeSet. Please check the stack trace for more info.\"\r\n },\r\n removeEmptyScopeError: {\r\n code: \"cannot_remove_empty_scope\",\r\n desc: \"Cannot remove null or empty scope from ScopeSet. Please check the stack trace for more info.\"\r\n },\r\n appendScopeSetError: {\r\n code: \"cannot_append_scopeset\",\r\n desc: \"Cannot append ScopeSet due to error.\"\r\n },\r\n emptyInputScopeSetError: {\r\n code: \"empty_input_scopeset\",\r\n desc: \"Empty input ScopeSet cannot be processed.\"\r\n },\r\n DeviceCodePollingCancelled: {\r\n code: \"device_code_polling_cancelled\",\r\n desc: \"Caller has cancelled token endpoint polling during device code flow by setting DeviceCodeRequest.cancel = true.\"\r\n },\r\n DeviceCodeExpired: {\r\n code: \"device_code_expired\",\r\n desc: \"Device code is expired.\"\r\n },\r\n DeviceCodeUnknownError: {\r\n code: \"device_code_unknown_error\",\r\n desc: \"Device code stopped polling for unknown reasons.\"\r\n },\r\n NoAccountInSilentRequest: {\r\n code: \"no_account_in_silent_request\",\r\n desc: \"Please pass an account object, silent flow is not supported without account information\"\r\n },\r\n invalidCacheRecord: {\r\n code: \"invalid_cache_record\",\r\n desc: \"Cache record object was null or undefined.\"\r\n },\r\n invalidCacheEnvironment: {\r\n code: \"invalid_cache_environment\",\r\n desc: \"Invalid environment when attempting to create cache entry\"\r\n },\r\n noAccountFound: {\r\n code: \"no_account_found\",\r\n desc: \"No account found in cache for given key.\"\r\n },\r\n CachePluginError: {\r\n code: \"no cache plugin set on CacheManager\",\r\n desc: \"ICachePlugin needs to be set before using readFromStorage or writeFromStorage\"\r\n },\r\n noCryptoObj: {\r\n code: \"no_crypto_object\",\r\n desc: \"No crypto object detected. This is required for the following operation: \"\r\n },\r\n invalidCacheType: {\r\n code: \"invalid_cache_type\",\r\n desc: \"Invalid cache type\"\r\n },\r\n unexpectedAccountType: {\r\n code: \"unexpected_account_type\",\r\n desc: \"Unexpected account type.\"\r\n },\r\n unexpectedCredentialType: {\r\n code: \"unexpected_credential_type\",\r\n desc: \"Unexpected credential type.\"\r\n },\r\n invalidAssertion: {\r\n code: \"invalid_assertion\",\r\n desc: \"Client assertion must meet requirements described in https://tools.ietf.org/html/rfc7515\"\r\n },\r\n invalidClientCredential: {\r\n code: \"invalid_client_credential\",\r\n desc: \"Client credential (secret, certificate, or assertion) must not be empty when creating a confidential client. An application should at most have one credential\"\r\n },\r\n tokenRefreshRequired: {\r\n code: \"token_refresh_required\",\r\n desc: \"Cannot return token from cache because it must be refreshed. This may be due to one of the following reasons: forceRefresh parameter is set to true, claims have been requested, there is no cached access token or it is expired.\"\r\n },\r\n userTimeoutReached: {\r\n code: \"user_timeout_reached\",\r\n desc: \"User defined timeout for device code polling reached\",\r\n },\r\n tokenClaimsRequired: {\r\n code: \"token_claims_cnf_required_for_signedjwt\",\r\n desc: \"Cannot generate a POP jwt if the token_claims are not populated\"\r\n },\r\n noAuthorizationCodeFromServer: {\r\n code: \"authorization_code_missing_from_server_response\",\r\n desc: \"Server response does not contain an authorization code to proceed\"\r\n },\r\n noAzureRegionDetected: {\r\n code: \"no_azure_region_detected\",\r\n desc: \"No azure region was detected and no fallback was made available\"\r\n },\r\n accessTokenEntityNullError: {\r\n code: \"access_token_entity_null\",\r\n desc: \"Access token entity is null, please check logs and cache to ensure a valid access token is present.\"\r\n },\r\n bindingKeyNotRemovedError: {\r\n code: \"binding_key_not_removed\",\r\n desc: \"Could not remove the credential's binding key from storage.\"\r\n },\r\n logoutNotSupported: {\r\n code: \"end_session_endpoint_not_supported\",\r\n desc: \"Provided authority does not support logout.\"\r\n },\r\n keyIdMissing: {\r\n code: \"key_id_missing\",\r\n desc: \"A keyId value is missing from the requested bound token's cache record and is required to match the token to it's stored binding key.\"\r\n }\r\n};\r\n/**\r\n * Error thrown when there is an error in the client code running on the browser.\r\n */\r\nvar ClientAuthError = /** @class */ (function (_super) {\r\n __extends(ClientAuthError, _super);\r\n function ClientAuthError(errorCode, errorMessage) {\r\n var _this = _super.call(this, errorCode, errorMessage) || this;\r\n _this.name = \"ClientAuthError\";\r\n Object.setPrototypeOf(_this, ClientAuthError.prototype);\r\n return _this;\r\n }\r\n /**\r\n * Creates an error thrown when client info object doesn't decode correctly.\r\n * @param caughtError\r\n */\r\n ClientAuthError.createClientInfoDecodingError = function (caughtError) {\r\n return new ClientAuthError(ClientAuthErrorMessage.clientInfoDecodingError.code, ClientAuthErrorMessage.clientInfoDecodingError.desc + \" Failed with error: \" + caughtError);\r\n };\r\n /**\r\n * Creates an error thrown if the client info is empty.\r\n * @param rawClientInfo\r\n */\r\n ClientAuthError.createClientInfoEmptyError = function () {\r\n return new ClientAuthError(ClientAuthErrorMessage.clientInfoEmptyError.code, \"\" + ClientAuthErrorMessage.clientInfoEmptyError.desc);\r\n };\r\n /**\r\n * Creates an error thrown when the id token extraction errors out.\r\n * @param err\r\n */\r\n ClientAuthError.createTokenParsingError = function (caughtExtractionError) {\r\n return new ClientAuthError(ClientAuthErrorMessage.tokenParsingError.code, ClientAuthErrorMessage.tokenParsingError.desc + \" Failed with error: \" + caughtExtractionError);\r\n };\r\n /**\r\n * Creates an error thrown when the id token string is null or empty.\r\n * @param invalidRawTokenString\r\n */\r\n ClientAuthError.createTokenNullOrEmptyError = function (invalidRawTokenString) {\r\n return new ClientAuthError(ClientAuthErrorMessage.nullOrEmptyToken.code, ClientAuthErrorMessage.nullOrEmptyToken.desc + \" Raw Token Value: \" + invalidRawTokenString);\r\n };\r\n /**\r\n * Creates an error thrown when the endpoint discovery doesn't complete correctly.\r\n */\r\n ClientAuthError.createEndpointDiscoveryIncompleteError = function (errDetail) {\r\n return new ClientAuthError(ClientAuthErrorMessage.endpointResolutionError.code, ClientAuthErrorMessage.endpointResolutionError.desc + \" Detail: \" + errDetail);\r\n };\r\n /**\r\n * Creates an error thrown when the fetch client throws\r\n */\r\n ClientAuthError.createNetworkError = function (endpoint, errDetail) {\r\n return new ClientAuthError(ClientAuthErrorMessage.networkError.code, ClientAuthErrorMessage.networkError.desc + \" | Fetch client threw: \" + errDetail + \" | Attempted to reach: \" + endpoint.split(\"?\")[0]);\r\n };\r\n /**\r\n * Creates an error thrown when the openid-configuration endpoint cannot be reached or does not contain the required data\r\n */\r\n ClientAuthError.createUnableToGetOpenidConfigError = function (errDetail) {\r\n return new ClientAuthError(ClientAuthErrorMessage.unableToGetOpenidConfigError.code, ClientAuthErrorMessage.unableToGetOpenidConfigError.desc + \" Attempted to retrieve endpoints from: \" + errDetail);\r\n };\r\n /**\r\n * Creates an error thrown when the hash cannot be deserialized.\r\n * @param hashParamObj\r\n */\r\n ClientAuthError.createHashNotDeserializedError = function (hashParamObj) {\r\n return new ClientAuthError(ClientAuthErrorMessage.hashNotDeserialized.code, ClientAuthErrorMessage.hashNotDeserialized.desc + \" Given Object: \" + hashParamObj);\r\n };\r\n /**\r\n * Creates an error thrown when the state cannot be parsed.\r\n * @param invalidState\r\n */\r\n ClientAuthError.createInvalidStateError = function (invalidState, errorString) {\r\n return new ClientAuthError(ClientAuthErrorMessage.invalidStateError.code, ClientAuthErrorMessage.invalidStateError.desc + \" Invalid State: \" + invalidState + \", Root Err: \" + errorString);\r\n };\r\n /**\r\n * Creates an error thrown when two states do not match.\r\n */\r\n ClientAuthError.createStateMismatchError = function () {\r\n return new ClientAuthError(ClientAuthErrorMessage.stateMismatchError.code, ClientAuthErrorMessage.stateMismatchError.desc);\r\n };\r\n /**\r\n * Creates an error thrown when the state is not present\r\n * @param missingState\r\n */\r\n ClientAuthError.createStateNotFoundError = function (missingState) {\r\n return new ClientAuthError(ClientAuthErrorMessage.stateNotFoundError.code, ClientAuthErrorMessage.stateNotFoundError.desc + \": \" + missingState);\r\n };\r\n /**\r\n * Creates an error thrown when the nonce does not match.\r\n */\r\n ClientAuthError.createNonceMismatchError = function () {\r\n return new ClientAuthError(ClientAuthErrorMessage.nonceMismatchError.code, ClientAuthErrorMessage.nonceMismatchError.desc);\r\n };\r\n /**\r\n * Creates an error thrown when max_age was provided in the request, but auth_time is not in the token claims\r\n * @param missingNonce\r\n */\r\n ClientAuthError.createAuthTimeNotFoundError = function () {\r\n return new ClientAuthError(ClientAuthErrorMessage.authTimeNotFoundError.code, ClientAuthErrorMessage.authTimeNotFoundError.desc);\r\n };\r\n /**\r\n * Creates an error thrown when too much time has elapsed since the last end-user authentication\r\n */\r\n ClientAuthError.createMaxAgeTranspiredError = function () {\r\n return new ClientAuthError(ClientAuthErrorMessage.maxAgeTranspiredError.code, ClientAuthErrorMessage.maxAgeTranspiredError.desc);\r\n };\r\n /**\r\n * Creates an error thrown when the mnonce is not present\r\n * @param missingNonce\r\n */\r\n ClientAuthError.createNonceNotFoundError = function (missingNonce) {\r\n return new ClientAuthError(ClientAuthErrorMessage.nonceNotFoundError.code, ClientAuthErrorMessage.nonceNotFoundError.desc + \": \" + missingNonce);\r\n };\r\n /**\r\n * Throws error when multiple tokens are in cache.\r\n */\r\n ClientAuthError.createMultipleMatchingTokensInCacheError = function () {\r\n return new ClientAuthError(ClientAuthErrorMessage.multipleMatchingTokens.code, ClientAuthErrorMessage.multipleMatchingTokens.desc + \".\");\r\n };\r\n /**\r\n * Throws error when multiple accounts are in cache for the given params\r\n */\r\n ClientAuthError.createMultipleMatchingAccountsInCacheError = function () {\r\n return new ClientAuthError(ClientAuthErrorMessage.multipleMatchingAccounts.code, ClientAuthErrorMessage.multipleMatchingAccounts.desc);\r\n };\r\n /**\r\n * Throws error when multiple appMetada are in cache for the given clientId.\r\n */\r\n ClientAuthError.createMultipleMatchingAppMetadataInCacheError = function () {\r\n return new ClientAuthError(ClientAuthErrorMessage.multipleMatchingAppMetadata.code, ClientAuthErrorMessage.multipleMatchingAppMetadata.desc);\r\n };\r\n /**\r\n * Throws error when no auth code or refresh token is given to ServerTokenRequestParameters.\r\n */\r\n ClientAuthError.createTokenRequestCannotBeMadeError = function () {\r\n return new ClientAuthError(ClientAuthErrorMessage.tokenRequestCannotBeMade.code, ClientAuthErrorMessage.tokenRequestCannotBeMade.desc);\r\n };\r\n /**\r\n * Throws error when attempting to append a null, undefined or empty scope to a set\r\n * @param givenScope\r\n */\r\n ClientAuthError.createAppendEmptyScopeToSetError = function (givenScope) {\r\n return new ClientAuthError(ClientAuthErrorMessage.appendEmptyScopeError.code, ClientAuthErrorMessage.appendEmptyScopeError.desc + \" Given Scope: \" + givenScope);\r\n };\r\n /**\r\n * Throws error when attempting to append a null, undefined or empty scope to a set\r\n * @param givenScope\r\n */\r\n ClientAuthError.createRemoveEmptyScopeFromSetError = function (givenScope) {\r\n return new ClientAuthError(ClientAuthErrorMessage.removeEmptyScopeError.code, ClientAuthErrorMessage.removeEmptyScopeError.desc + \" Given Scope: \" + givenScope);\r\n };\r\n /**\r\n * Throws error when attempting to append null or empty ScopeSet.\r\n * @param appendError\r\n */\r\n ClientAuthError.createAppendScopeSetError = function (appendError) {\r\n return new ClientAuthError(ClientAuthErrorMessage.appendScopeSetError.code, ClientAuthErrorMessage.appendScopeSetError.desc + \" Detail Error: \" + appendError);\r\n };\r\n /**\r\n * Throws error if ScopeSet is null or undefined.\r\n * @param givenScopeSet\r\n */\r\n ClientAuthError.createEmptyInputScopeSetError = function () {\r\n return new ClientAuthError(ClientAuthErrorMessage.emptyInputScopeSetError.code, \"\" + ClientAuthErrorMessage.emptyInputScopeSetError.desc);\r\n };\r\n /**\r\n * Throws error if user sets CancellationToken.cancel = true during polling of token endpoint during device code flow\r\n */\r\n ClientAuthError.createDeviceCodeCancelledError = function () {\r\n return new ClientAuthError(ClientAuthErrorMessage.DeviceCodePollingCancelled.code, \"\" + ClientAuthErrorMessage.DeviceCodePollingCancelled.desc);\r\n };\r\n /**\r\n * Throws error if device code is expired\r\n */\r\n ClientAuthError.createDeviceCodeExpiredError = function () {\r\n return new ClientAuthError(ClientAuthErrorMessage.DeviceCodeExpired.code, \"\" + ClientAuthErrorMessage.DeviceCodeExpired.desc);\r\n };\r\n /**\r\n * Throws error if device code is expired\r\n */\r\n ClientAuthError.createDeviceCodeUnknownError = function () {\r\n return new ClientAuthError(ClientAuthErrorMessage.DeviceCodeUnknownError.code, \"\" + ClientAuthErrorMessage.DeviceCodeUnknownError.desc);\r\n };\r\n /**\r\n * Throws error when silent requests are made without an account object\r\n */\r\n ClientAuthError.createNoAccountInSilentRequestError = function () {\r\n return new ClientAuthError(ClientAuthErrorMessage.NoAccountInSilentRequest.code, \"\" + ClientAuthErrorMessage.NoAccountInSilentRequest.desc);\r\n };\r\n /**\r\n * Throws error when cache record is null or undefined.\r\n */\r\n ClientAuthError.createNullOrUndefinedCacheRecord = function () {\r\n return new ClientAuthError(ClientAuthErrorMessage.invalidCacheRecord.code, ClientAuthErrorMessage.invalidCacheRecord.desc);\r\n };\r\n /**\r\n * Throws error when provided environment is not part of the CloudDiscoveryMetadata object\r\n */\r\n ClientAuthError.createInvalidCacheEnvironmentError = function () {\r\n return new ClientAuthError(ClientAuthErrorMessage.invalidCacheEnvironment.code, ClientAuthErrorMessage.invalidCacheEnvironment.desc);\r\n };\r\n /**\r\n * Throws error when account is not found in cache.\r\n */\r\n ClientAuthError.createNoAccountFoundError = function () {\r\n return new ClientAuthError(ClientAuthErrorMessage.noAccountFound.code, ClientAuthErrorMessage.noAccountFound.desc);\r\n };\r\n /**\r\n * Throws error if ICachePlugin not set on CacheManager.\r\n */\r\n ClientAuthError.createCachePluginError = function () {\r\n return new ClientAuthError(ClientAuthErrorMessage.CachePluginError.code, \"\" + ClientAuthErrorMessage.CachePluginError.desc);\r\n };\r\n /**\r\n * Throws error if crypto object not found.\r\n * @param operationName\r\n */\r\n ClientAuthError.createNoCryptoObjectError = function (operationName) {\r\n return new ClientAuthError(ClientAuthErrorMessage.noCryptoObj.code, \"\" + ClientAuthErrorMessage.noCryptoObj.desc + operationName);\r\n };\r\n /**\r\n * Throws error if cache type is invalid.\r\n */\r\n ClientAuthError.createInvalidCacheTypeError = function () {\r\n return new ClientAuthError(ClientAuthErrorMessage.invalidCacheType.code, \"\" + ClientAuthErrorMessage.invalidCacheType.desc);\r\n };\r\n /**\r\n * Throws error if unexpected account type.\r\n */\r\n ClientAuthError.createUnexpectedAccountTypeError = function () {\r\n return new ClientAuthError(ClientAuthErrorMessage.unexpectedAccountType.code, \"\" + ClientAuthErrorMessage.unexpectedAccountType.desc);\r\n };\r\n /**\r\n * Throws error if unexpected credential type.\r\n */\r\n ClientAuthError.createUnexpectedCredentialTypeError = function () {\r\n return new ClientAuthError(ClientAuthErrorMessage.unexpectedCredentialType.code, \"\" + ClientAuthErrorMessage.unexpectedCredentialType.desc);\r\n };\r\n /**\r\n * Throws error if client assertion is not valid.\r\n */\r\n ClientAuthError.createInvalidAssertionError = function () {\r\n return new ClientAuthError(ClientAuthErrorMessage.invalidAssertion.code, \"\" + ClientAuthErrorMessage.invalidAssertion.desc);\r\n };\r\n /**\r\n * Throws error if client assertion is not valid.\r\n */\r\n ClientAuthError.createInvalidCredentialError = function () {\r\n return new ClientAuthError(ClientAuthErrorMessage.invalidClientCredential.code, \"\" + ClientAuthErrorMessage.invalidClientCredential.desc);\r\n };\r\n /**\r\n * Throws error if token cannot be retrieved from cache due to refresh being required.\r\n */\r\n ClientAuthError.createRefreshRequiredError = function () {\r\n return new ClientAuthError(ClientAuthErrorMessage.tokenRefreshRequired.code, ClientAuthErrorMessage.tokenRefreshRequired.desc);\r\n };\r\n /**\r\n * Throws error if the user defined timeout is reached.\r\n */\r\n ClientAuthError.createUserTimeoutReachedError = function () {\r\n return new ClientAuthError(ClientAuthErrorMessage.userTimeoutReached.code, ClientAuthErrorMessage.userTimeoutReached.desc);\r\n };\r\n /*\r\n * Throws error if token claims are not populated for a signed jwt generation\r\n */\r\n ClientAuthError.createTokenClaimsRequiredError = function () {\r\n return new ClientAuthError(ClientAuthErrorMessage.tokenClaimsRequired.code, ClientAuthErrorMessage.tokenClaimsRequired.desc);\r\n };\r\n /**\r\n * Throws error when the authorization code is missing from the server response\r\n */\r\n ClientAuthError.createNoAuthCodeInServerResponseError = function () {\r\n return new ClientAuthError(ClientAuthErrorMessage.noAuthorizationCodeFromServer.code, ClientAuthErrorMessage.noAuthorizationCodeFromServer.desc);\r\n };\r\n ClientAuthError.createBindingKeyNotRemovedError = function () {\r\n return new ClientAuthError(ClientAuthErrorMessage.bindingKeyNotRemovedError.code, ClientAuthErrorMessage.bindingKeyNotRemovedError.desc);\r\n };\r\n /**\r\n * Thrown when logout is attempted for an authority that doesnt have an end_session_endpoint\r\n */\r\n ClientAuthError.createLogoutNotSupportedError = function () {\r\n return new ClientAuthError(ClientAuthErrorMessage.logoutNotSupported.code, ClientAuthErrorMessage.logoutNotSupported.desc);\r\n };\r\n /**\r\n * Create an error when kid attribute is missing from a PoP token's cache record\r\n */\r\n ClientAuthError.createKeyIdMissingError = function () {\r\n return new ClientAuthError(ClientAuthErrorMessage.keyIdMissing.code, ClientAuthErrorMessage.keyIdMissing.desc);\r\n };\r\n return ClientAuthError;\r\n}(AuthError));\n\nexport { ClientAuthError, ClientAuthErrorMessage };\n//# sourceMappingURL=ClientAuthError.js.map\n","/*! @azure/msal-common v7.6.0 2022-10-10 */\n'use strict';\nimport { __extends } from '../_virtual/_tslib.js';\nimport { ClientAuthError } from './ClientAuthError.js';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\n/**\r\n * ClientConfigurationErrorMessage class containing string constants used by error codes and messages.\r\n */\r\nvar ClientConfigurationErrorMessage = {\r\n redirectUriNotSet: {\r\n code: \"redirect_uri_empty\",\r\n desc: \"A redirect URI is required for all calls, and none has been set.\"\r\n },\r\n postLogoutUriNotSet: {\r\n code: \"post_logout_uri_empty\",\r\n desc: \"A post logout redirect has not been set.\"\r\n },\r\n claimsRequestParsingError: {\r\n code: \"claims_request_parsing_error\",\r\n desc: \"Could not parse the given claims request object.\"\r\n },\r\n authorityUriInsecure: {\r\n code: \"authority_uri_insecure\",\r\n desc: \"Authority URIs must use https. Please see here for valid authority configuration options: https://docs.microsoft.com/en-us/azure/active-directory/develop/msal-js-initializing-client-applications#configuration-options\"\r\n },\r\n urlParseError: {\r\n code: \"url_parse_error\",\r\n desc: \"URL could not be parsed into appropriate segments.\"\r\n },\r\n urlEmptyError: {\r\n code: \"empty_url_error\",\r\n desc: \"URL was empty or null.\"\r\n },\r\n emptyScopesError: {\r\n code: \"empty_input_scopes_error\",\r\n desc: \"Scopes cannot be passed as null, undefined or empty array because they are required to obtain an access token.\"\r\n },\r\n nonArrayScopesError: {\r\n code: \"nonarray_input_scopes_error\",\r\n desc: \"Scopes cannot be passed as non-array.\"\r\n },\r\n clientIdSingleScopeError: {\r\n code: \"clientid_input_scopes_error\",\r\n desc: \"Client ID can only be provided as a single scope.\"\r\n },\r\n invalidPrompt: {\r\n code: \"invalid_prompt_value\",\r\n desc: \"Supported prompt values are 'login', 'select_account', 'consent', 'create', 'none' and 'no_session'. Please see here for valid configuration options: https://azuread.github.io/microsoft-authentication-library-for-js/ref/modules/_azure_msal_common.html#commonauthorizationurlrequest\",\r\n },\r\n invalidClaimsRequest: {\r\n code: \"invalid_claims\",\r\n desc: \"Given claims parameter must be a stringified JSON object.\"\r\n },\r\n tokenRequestEmptyError: {\r\n code: \"token_request_empty\",\r\n desc: \"Token request was empty and not found in cache.\"\r\n },\r\n logoutRequestEmptyError: {\r\n code: \"logout_request_empty\",\r\n desc: \"The logout request was null or undefined.\"\r\n },\r\n invalidCodeChallengeMethod: {\r\n code: \"invalid_code_challenge_method\",\r\n desc: \"code_challenge_method passed is invalid. Valid values are \\\"plain\\\" and \\\"S256\\\".\"\r\n },\r\n invalidCodeChallengeParams: {\r\n code: \"pkce_params_missing\",\r\n desc: \"Both params: code_challenge and code_challenge_method are to be passed if to be sent in the request\"\r\n },\r\n invalidCloudDiscoveryMetadata: {\r\n code: \"invalid_cloud_discovery_metadata\",\r\n desc: \"Invalid cloudDiscoveryMetadata provided. Must be a stringified JSON object containing tenant_discovery_endpoint and metadata fields\"\r\n },\r\n invalidAuthorityMetadata: {\r\n code: \"invalid_authority_metadata\",\r\n desc: \"Invalid authorityMetadata provided. Must by a stringified JSON object containing authorization_endpoint, token_endpoint, issuer fields.\"\r\n },\r\n untrustedAuthority: {\r\n code: \"untrusted_authority\",\r\n desc: \"The provided authority is not a trusted authority. Please include this authority in the knownAuthorities config parameter.\"\r\n },\r\n invalidAzureCloudInstance: {\r\n code: \"invalid_azure_cloud_instance\",\r\n desc: \"Invalid AzureCloudInstance provided. Please refer MSAL JS docs: aks.ms/msaljs/azure_cloud_instance for valid values\"\r\n },\r\n missingSshJwk: {\r\n code: \"missing_ssh_jwk\",\r\n desc: \"Missing sshJwk in SSH certificate request. A stringified JSON Web Key is required when using the SSH authentication scheme.\"\r\n },\r\n missingSshKid: {\r\n code: \"missing_ssh_kid\",\r\n desc: \"Missing sshKid in SSH certificate request. A string that uniquely identifies the public SSH key is required when using the SSH authentication scheme.\"\r\n },\r\n missingNonceAuthenticationHeader: {\r\n code: \"missing_nonce_authentication_header\",\r\n desc: \"Unable to find an authentication header containing server nonce. Either the Authentication-Info or WWW-Authenticate headers must be present in order to obtain a server nonce.\"\r\n },\r\n invalidAuthenticationHeader: {\r\n code: \"invalid_authentication_header\",\r\n desc: \"Invalid authentication header provided\"\r\n }\r\n};\r\n/**\r\n * Error thrown when there is an error in configuration of the MSAL.js library.\r\n */\r\nvar ClientConfigurationError = /** @class */ (function (_super) {\r\n __extends(ClientConfigurationError, _super);\r\n function ClientConfigurationError(errorCode, errorMessage) {\r\n var _this = _super.call(this, errorCode, errorMessage) || this;\r\n _this.name = \"ClientConfigurationError\";\r\n Object.setPrototypeOf(_this, ClientConfigurationError.prototype);\r\n return _this;\r\n }\r\n /**\r\n * Creates an error thrown when the redirect uri is empty (not set by caller)\r\n */\r\n ClientConfigurationError.createRedirectUriEmptyError = function () {\r\n return new ClientConfigurationError(ClientConfigurationErrorMessage.redirectUriNotSet.code, ClientConfigurationErrorMessage.redirectUriNotSet.desc);\r\n };\r\n /**\r\n * Creates an error thrown when the post-logout redirect uri is empty (not set by caller)\r\n */\r\n ClientConfigurationError.createPostLogoutRedirectUriEmptyError = function () {\r\n return new ClientConfigurationError(ClientConfigurationErrorMessage.postLogoutUriNotSet.code, ClientConfigurationErrorMessage.postLogoutUriNotSet.desc);\r\n };\r\n /**\r\n * Creates an error thrown when the claims request could not be successfully parsed\r\n */\r\n ClientConfigurationError.createClaimsRequestParsingError = function (claimsRequestParseError) {\r\n return new ClientConfigurationError(ClientConfigurationErrorMessage.claimsRequestParsingError.code, ClientConfigurationErrorMessage.claimsRequestParsingError.desc + \" Given value: \" + claimsRequestParseError);\r\n };\r\n /**\r\n * Creates an error thrown if authority uri is given an insecure protocol.\r\n * @param urlString\r\n */\r\n ClientConfigurationError.createInsecureAuthorityUriError = function (urlString) {\r\n return new ClientConfigurationError(ClientConfigurationErrorMessage.authorityUriInsecure.code, ClientConfigurationErrorMessage.authorityUriInsecure.desc + \" Given URI: \" + urlString);\r\n };\r\n /**\r\n * Creates an error thrown if URL string does not parse into separate segments.\r\n * @param urlString\r\n */\r\n ClientConfigurationError.createUrlParseError = function (urlParseError) {\r\n return new ClientConfigurationError(ClientConfigurationErrorMessage.urlParseError.code, ClientConfigurationErrorMessage.urlParseError.desc + \" Given Error: \" + urlParseError);\r\n };\r\n /**\r\n * Creates an error thrown if URL string is empty or null.\r\n * @param urlString\r\n */\r\n ClientConfigurationError.createUrlEmptyError = function () {\r\n return new ClientConfigurationError(ClientConfigurationErrorMessage.urlEmptyError.code, ClientConfigurationErrorMessage.urlEmptyError.desc);\r\n };\r\n /**\r\n * Error thrown when scopes are empty.\r\n * @param scopesValue\r\n */\r\n ClientConfigurationError.createEmptyScopesArrayError = function () {\r\n return new ClientConfigurationError(ClientConfigurationErrorMessage.emptyScopesError.code, \"\" + ClientConfigurationErrorMessage.emptyScopesError.desc);\r\n };\r\n /**\r\n * Error thrown when client id scope is not provided as single scope.\r\n * @param inputScopes\r\n */\r\n ClientConfigurationError.createClientIdSingleScopeError = function (inputScopes) {\r\n return new ClientConfigurationError(ClientConfigurationErrorMessage.clientIdSingleScopeError.code, ClientConfigurationErrorMessage.clientIdSingleScopeError.desc + \" Given Scopes: \" + inputScopes);\r\n };\r\n /**\r\n * Error thrown when prompt is not an allowed type.\r\n * @param promptValue\r\n */\r\n ClientConfigurationError.createInvalidPromptError = function (promptValue) {\r\n return new ClientConfigurationError(ClientConfigurationErrorMessage.invalidPrompt.code, ClientConfigurationErrorMessage.invalidPrompt.desc + \" Given value: \" + promptValue);\r\n };\r\n /**\r\n * Creates error thrown when claims parameter is not a stringified JSON object\r\n */\r\n ClientConfigurationError.createInvalidClaimsRequestError = function () {\r\n return new ClientConfigurationError(ClientConfigurationErrorMessage.invalidClaimsRequest.code, ClientConfigurationErrorMessage.invalidClaimsRequest.desc);\r\n };\r\n /**\r\n * Throws error when token request is empty and nothing cached in storage.\r\n */\r\n ClientConfigurationError.createEmptyLogoutRequestError = function () {\r\n return new ClientConfigurationError(ClientConfigurationErrorMessage.logoutRequestEmptyError.code, ClientConfigurationErrorMessage.logoutRequestEmptyError.desc);\r\n };\r\n /**\r\n * Throws error when token request is empty and nothing cached in storage.\r\n */\r\n ClientConfigurationError.createEmptyTokenRequestError = function () {\r\n return new ClientConfigurationError(ClientConfigurationErrorMessage.tokenRequestEmptyError.code, ClientConfigurationErrorMessage.tokenRequestEmptyError.desc);\r\n };\r\n /**\r\n * Throws error when an invalid code_challenge_method is passed by the user\r\n */\r\n ClientConfigurationError.createInvalidCodeChallengeMethodError = function () {\r\n return new ClientConfigurationError(ClientConfigurationErrorMessage.invalidCodeChallengeMethod.code, ClientConfigurationErrorMessage.invalidCodeChallengeMethod.desc);\r\n };\r\n /**\r\n * Throws error when both params: code_challenge and code_challenge_method are not passed together\r\n */\r\n ClientConfigurationError.createInvalidCodeChallengeParamsError = function () {\r\n return new ClientConfigurationError(ClientConfigurationErrorMessage.invalidCodeChallengeParams.code, ClientConfigurationErrorMessage.invalidCodeChallengeParams.desc);\r\n };\r\n /**\r\n * Throws an error when the user passes invalid cloudDiscoveryMetadata\r\n */\r\n ClientConfigurationError.createInvalidCloudDiscoveryMetadataError = function () {\r\n return new ClientConfigurationError(ClientConfigurationErrorMessage.invalidCloudDiscoveryMetadata.code, ClientConfigurationErrorMessage.invalidCloudDiscoveryMetadata.desc);\r\n };\r\n /**\r\n * Throws an error when the user passes invalid cloudDiscoveryMetadata\r\n */\r\n ClientConfigurationError.createInvalidAuthorityMetadataError = function () {\r\n return new ClientConfigurationError(ClientConfigurationErrorMessage.invalidAuthorityMetadata.code, ClientConfigurationErrorMessage.invalidAuthorityMetadata.desc);\r\n };\r\n /**\r\n * Throws error when provided authority is not a member of the trusted host list\r\n */\r\n ClientConfigurationError.createUntrustedAuthorityError = function () {\r\n return new ClientConfigurationError(ClientConfigurationErrorMessage.untrustedAuthority.code, ClientConfigurationErrorMessage.untrustedAuthority.desc);\r\n };\r\n /**\r\n * Throws error when the AzureCloudInstance is set to an invalid value\r\n */\r\n ClientConfigurationError.createInvalidAzureCloudInstanceError = function () {\r\n return new ClientConfigurationError(ClientConfigurationErrorMessage.invalidAzureCloudInstance.code, ClientConfigurationErrorMessage.invalidAzureCloudInstance.desc);\r\n };\r\n /**\r\n * Throws an error when the authentication scheme is set to SSH but the SSH public key is omitted from the request\r\n */\r\n ClientConfigurationError.createMissingSshJwkError = function () {\r\n return new ClientConfigurationError(ClientConfigurationErrorMessage.missingSshJwk.code, ClientConfigurationErrorMessage.missingSshJwk.desc);\r\n };\r\n /**\r\n * Throws an error when the authentication scheme is set to SSH but the SSH public key ID is omitted from the request\r\n */\r\n ClientConfigurationError.createMissingSshKidError = function () {\r\n return new ClientConfigurationError(ClientConfigurationErrorMessage.missingSshKid.code, ClientConfigurationErrorMessage.missingSshKid.desc);\r\n };\r\n /**\r\n * Throws error when provided headers don't contain a header that a server nonce can be extracted from\r\n */\r\n ClientConfigurationError.createMissingNonceAuthenticationHeadersError = function () {\r\n return new ClientConfigurationError(ClientConfigurationErrorMessage.missingNonceAuthenticationHeader.code, ClientConfigurationErrorMessage.missingNonceAuthenticationHeader.desc);\r\n };\r\n /**\r\n * Throws error when a provided header is invalid in any way\r\n */\r\n ClientConfigurationError.createInvalidAuthenticationHeaderError = function (invalidHeaderName, details) {\r\n return new ClientConfigurationError(ClientConfigurationErrorMessage.invalidAuthenticationHeader.code, ClientConfigurationErrorMessage.invalidAuthenticationHeader.desc + \". Invalid header: \" + invalidHeaderName + \". Details: \" + details);\r\n };\r\n return ClientConfigurationError;\r\n}(ClientAuthError));\n\nexport { ClientConfigurationError, ClientConfigurationErrorMessage };\n//# sourceMappingURL=ClientConfigurationError.js.map\n","/*! @azure/msal-common v7.6.0 2022-10-10 */\n'use strict';\nimport { __extends } from '../_virtual/_tslib.js';\nimport { AuthError } from './AuthError.js';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\n/**\r\n * InteractionRequiredServerErrorMessage contains string constants used by error codes and messages returned by the server indicating interaction is required\r\n */\r\nvar InteractionRequiredServerErrorMessage = [\r\n \"interaction_required\",\r\n \"consent_required\",\r\n \"login_required\"\r\n];\r\nvar InteractionRequiredAuthSubErrorMessage = [\r\n \"message_only\",\r\n \"additional_action\",\r\n \"basic_action\",\r\n \"user_password_expired\",\r\n \"consent_required\"\r\n];\r\n/**\r\n * Interaction required errors defined by the SDK\r\n */\r\nvar InteractionRequiredAuthErrorMessage = {\r\n noTokensFoundError: {\r\n code: \"no_tokens_found\",\r\n desc: \"No refresh token found in the cache. Please sign-in.\"\r\n },\r\n native_account_unavailable: {\r\n code: \"native_account_unavailable\",\r\n desc: \"The requested account is not available in the native broker. It may have been deleted or logged out. Please sign-in again using an interactive API.\"\r\n }\r\n};\r\n/**\r\n * Error thrown when user interaction is required.\r\n */\r\nvar InteractionRequiredAuthError = /** @class */ (function (_super) {\r\n __extends(InteractionRequiredAuthError, _super);\r\n function InteractionRequiredAuthError(errorCode, errorMessage, subError) {\r\n var _this = _super.call(this, errorCode, errorMessage, subError) || this;\r\n _this.name = \"InteractionRequiredAuthError\";\r\n Object.setPrototypeOf(_this, InteractionRequiredAuthError.prototype);\r\n return _this;\r\n }\r\n /**\r\n * Helper function used to determine if an error thrown by the server requires interaction to resolve\r\n * @param errorCode\r\n * @param errorString\r\n * @param subError\r\n */\r\n InteractionRequiredAuthError.isInteractionRequiredError = function (errorCode, errorString, subError) {\r\n var isInteractionRequiredErrorCode = !!errorCode && InteractionRequiredServerErrorMessage.indexOf(errorCode) > -1;\r\n var isInteractionRequiredSubError = !!subError && InteractionRequiredAuthSubErrorMessage.indexOf(subError) > -1;\r\n var isInteractionRequiredErrorDesc = !!errorString && InteractionRequiredServerErrorMessage.some(function (irErrorCode) {\r\n return errorString.indexOf(irErrorCode) > -1;\r\n });\r\n return isInteractionRequiredErrorCode || isInteractionRequiredErrorDesc || isInteractionRequiredSubError;\r\n };\r\n /**\r\n * Creates an error thrown when the authorization code required for a token request is null or empty.\r\n */\r\n InteractionRequiredAuthError.createNoTokensFoundError = function () {\r\n return new InteractionRequiredAuthError(InteractionRequiredAuthErrorMessage.noTokensFoundError.code, InteractionRequiredAuthErrorMessage.noTokensFoundError.desc);\r\n };\r\n /**\r\n * Creates an error thrown when the native broker returns ACCOUNT_UNAVAILABLE status, indicating that the account was removed and interactive sign-in is required\r\n * @returns\r\n */\r\n InteractionRequiredAuthError.createNativeAccountUnavailableError = function () {\r\n return new InteractionRequiredAuthError(InteractionRequiredAuthErrorMessage.native_account_unavailable.code, InteractionRequiredAuthErrorMessage.native_account_unavailable.desc);\r\n };\r\n return InteractionRequiredAuthError;\r\n}(AuthError));\n\nexport { InteractionRequiredAuthError, InteractionRequiredAuthErrorMessage, InteractionRequiredAuthSubErrorMessage, InteractionRequiredServerErrorMessage };\n//# sourceMappingURL=InteractionRequiredAuthError.js.map\n","/*! @azure/msal-common v7.6.0 2022-10-10 */\n'use strict';\nimport { __extends } from '../_virtual/_tslib.js';\nimport { AuthError } from './AuthError.js';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\n/**\r\n * Error thrown when there is an error with the server code, for example, unavailability.\r\n */\r\nvar ServerError = /** @class */ (function (_super) {\r\n __extends(ServerError, _super);\r\n function ServerError(errorCode, errorMessage, subError) {\r\n var _this = _super.call(this, errorCode, errorMessage, subError) || this;\r\n _this.name = \"ServerError\";\r\n Object.setPrototypeOf(_this, ServerError.prototype);\r\n return _this;\r\n }\r\n return ServerError;\r\n}(AuthError));\n\nexport { ServerError };\n//# sourceMappingURL=ServerError.js.map\n","/*! @azure/msal-common v7.6.0 2022-10-10 */\n'use strict';\nimport { StringUtils } from '../utils/StringUtils.js';\nimport { Constants } from '../utils/Constants.js';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\n/**\r\n * Log message level.\r\n */\r\nvar LogLevel;\r\n(function (LogLevel) {\r\n LogLevel[LogLevel[\"Error\"] = 0] = \"Error\";\r\n LogLevel[LogLevel[\"Warning\"] = 1] = \"Warning\";\r\n LogLevel[LogLevel[\"Info\"] = 2] = \"Info\";\r\n LogLevel[LogLevel[\"Verbose\"] = 3] = \"Verbose\";\r\n LogLevel[LogLevel[\"Trace\"] = 4] = \"Trace\";\r\n})(LogLevel || (LogLevel = {}));\r\n/**\r\n * Class which facilitates logging of messages to a specific place.\r\n */\r\nvar Logger = /** @class */ (function () {\r\n function Logger(loggerOptions, packageName, packageVersion) {\r\n // Current log level, defaults to info.\r\n this.level = LogLevel.Info;\r\n var defaultLoggerCallback = function () {\r\n return;\r\n };\r\n this.localCallback = loggerOptions.loggerCallback || defaultLoggerCallback;\r\n this.piiLoggingEnabled = loggerOptions.piiLoggingEnabled || false;\r\n this.level = typeof (loggerOptions.logLevel) === \"number\" ? loggerOptions.logLevel : LogLevel.Info;\r\n this.correlationId = loggerOptions.correlationId || Constants.EMPTY_STRING;\r\n this.packageName = packageName || Constants.EMPTY_STRING;\r\n this.packageVersion = packageVersion || Constants.EMPTY_STRING;\r\n }\r\n /**\r\n * Create new Logger with existing configurations.\r\n */\r\n Logger.prototype.clone = function (packageName, packageVersion, correlationId) {\r\n return new Logger({ loggerCallback: this.localCallback, piiLoggingEnabled: this.piiLoggingEnabled, logLevel: this.level, correlationId: correlationId || this.correlationId }, packageName, packageVersion);\r\n };\r\n /**\r\n * Log message with required options.\r\n */\r\n Logger.prototype.logMessage = function (logMessage, options) {\r\n if ((options.logLevel > this.level) || (!this.piiLoggingEnabled && options.containsPii)) {\r\n return;\r\n }\r\n var timestamp = new Date().toUTCString();\r\n // Add correlationId to logs if set, correlationId provided on log messages take precedence\r\n var logHeader;\r\n if (!StringUtils.isEmpty(options.correlationId)) {\r\n logHeader = \"[\" + timestamp + \"] : [\" + options.correlationId + \"]\";\r\n }\r\n else if (!StringUtils.isEmpty(this.correlationId)) {\r\n logHeader = \"[\" + timestamp + \"] : [\" + this.correlationId + \"]\";\r\n }\r\n else {\r\n logHeader = \"[\" + timestamp + \"]\";\r\n }\r\n var log = logHeader + \" : \" + this.packageName + \"@\" + this.packageVersion + \" : \" + LogLevel[options.logLevel] + \" - \" + logMessage;\r\n // debug(`msal:${LogLevel[options.logLevel]}${options.containsPii ? \"-Pii\": Constants.EMPTY_STRING}${options.context ? `:${options.context}` : Constants.EMPTY_STRING}`)(logMessage);\r\n this.executeCallback(options.logLevel, log, options.containsPii || false);\r\n };\r\n /**\r\n * Execute callback with message.\r\n */\r\n Logger.prototype.executeCallback = function (level, message, containsPii) {\r\n if (this.localCallback) {\r\n this.localCallback(level, message, containsPii);\r\n }\r\n };\r\n /**\r\n * Logs error messages.\r\n */\r\n Logger.prototype.error = function (message, correlationId) {\r\n this.logMessage(message, {\r\n logLevel: LogLevel.Error,\r\n containsPii: false,\r\n correlationId: correlationId || Constants.EMPTY_STRING\r\n });\r\n };\r\n /**\r\n * Logs error messages with PII.\r\n */\r\n Logger.prototype.errorPii = function (message, correlationId) {\r\n this.logMessage(message, {\r\n logLevel: LogLevel.Error,\r\n containsPii: true,\r\n correlationId: correlationId || Constants.EMPTY_STRING\r\n });\r\n };\r\n /**\r\n * Logs warning messages.\r\n */\r\n Logger.prototype.warning = function (message, correlationId) {\r\n this.logMessage(message, {\r\n logLevel: LogLevel.Warning,\r\n containsPii: false,\r\n correlationId: correlationId || Constants.EMPTY_STRING\r\n });\r\n };\r\n /**\r\n * Logs warning messages with PII.\r\n */\r\n Logger.prototype.warningPii = function (message, correlationId) {\r\n this.logMessage(message, {\r\n logLevel: LogLevel.Warning,\r\n containsPii: true,\r\n correlationId: correlationId || Constants.EMPTY_STRING\r\n });\r\n };\r\n /**\r\n * Logs info messages.\r\n */\r\n Logger.prototype.info = function (message, correlationId) {\r\n this.logMessage(message, {\r\n logLevel: LogLevel.Info,\r\n containsPii: false,\r\n correlationId: correlationId || Constants.EMPTY_STRING\r\n });\r\n };\r\n /**\r\n * Logs info messages with PII.\r\n */\r\n Logger.prototype.infoPii = function (message, correlationId) {\r\n this.logMessage(message, {\r\n logLevel: LogLevel.Info,\r\n containsPii: true,\r\n correlationId: correlationId || Constants.EMPTY_STRING\r\n });\r\n };\r\n /**\r\n * Logs verbose messages.\r\n */\r\n Logger.prototype.verbose = function (message, correlationId) {\r\n this.logMessage(message, {\r\n logLevel: LogLevel.Verbose,\r\n containsPii: false,\r\n correlationId: correlationId || Constants.EMPTY_STRING\r\n });\r\n };\r\n /**\r\n * Logs verbose messages with PII.\r\n */\r\n Logger.prototype.verbosePii = function (message, correlationId) {\r\n this.logMessage(message, {\r\n logLevel: LogLevel.Verbose,\r\n containsPii: true,\r\n correlationId: correlationId || Constants.EMPTY_STRING\r\n });\r\n };\r\n /**\r\n * Logs trace messages.\r\n */\r\n Logger.prototype.trace = function (message, correlationId) {\r\n this.logMessage(message, {\r\n logLevel: LogLevel.Trace,\r\n containsPii: false,\r\n correlationId: correlationId || Constants.EMPTY_STRING\r\n });\r\n };\r\n /**\r\n * Logs trace messages with PII.\r\n */\r\n Logger.prototype.tracePii = function (message, correlationId) {\r\n this.logMessage(message, {\r\n logLevel: LogLevel.Trace,\r\n containsPii: true,\r\n correlationId: correlationId || Constants.EMPTY_STRING\r\n });\r\n };\r\n /**\r\n * Returns whether PII Logging is enabled or not.\r\n */\r\n Logger.prototype.isPiiLoggingEnabled = function () {\r\n return this.piiLoggingEnabled || false;\r\n };\r\n return Logger;\r\n}());\n\nexport { LogLevel, Logger };\n//# sourceMappingURL=Logger.js.map\n","/*! @azure/msal-common v7.6.0 2022-10-10 */\n'use strict';\nimport { AuthError } from '../error/AuthError.js';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\nvar StubbedNetworkModule = {\r\n sendGetRequestAsync: function () {\r\n var notImplErr = \"Network interface - sendGetRequestAsync() has not been implemented for the Network interface.\";\r\n return Promise.reject(AuthError.createUnexpectedError(notImplErr));\r\n },\r\n sendPostRequestAsync: function () {\r\n var notImplErr = \"Network interface - sendPostRequestAsync() has not been implemented for the Network interface.\";\r\n return Promise.reject(AuthError.createUnexpectedError(notImplErr));\r\n }\r\n};\n\nexport { StubbedNetworkModule };\n//# sourceMappingURL=INetworkModule.js.map\n","/*! @azure/msal-common v7.6.0 2022-10-10 */\n'use strict';\nimport { ThrottlingConstants, CacheSchemaType, Constants, HeaderNames } from '../utils/Constants.js';\nimport { ServerError } from '../error/ServerError.js';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\nvar ThrottlingUtils = /** @class */ (function () {\r\n function ThrottlingUtils() {\r\n }\r\n /**\r\n * Prepares a RequestThumbprint to be stored as a key.\r\n * @param thumbprint\r\n */\r\n ThrottlingUtils.generateThrottlingStorageKey = function (thumbprint) {\r\n return ThrottlingConstants.THROTTLING_PREFIX + \".\" + JSON.stringify(thumbprint);\r\n };\r\n /**\r\n * Performs necessary throttling checks before a network request.\r\n * @param cacheManager\r\n * @param thumbprint\r\n */\r\n ThrottlingUtils.preProcess = function (cacheManager, thumbprint) {\r\n var _a;\r\n var key = ThrottlingUtils.generateThrottlingStorageKey(thumbprint);\r\n var value = cacheManager.getThrottlingCache(key);\r\n if (value) {\r\n if (value.throttleTime < Date.now()) {\r\n cacheManager.removeItem(key, CacheSchemaType.THROTTLING);\r\n return;\r\n }\r\n throw new ServerError(((_a = value.errorCodes) === null || _a === void 0 ? void 0 : _a.join(\" \")) || Constants.EMPTY_STRING, value.errorMessage, value.subError);\r\n }\r\n };\r\n /**\r\n * Performs necessary throttling checks after a network request.\r\n * @param cacheManager\r\n * @param thumbprint\r\n * @param response\r\n */\r\n ThrottlingUtils.postProcess = function (cacheManager, thumbprint, response) {\r\n if (ThrottlingUtils.checkResponseStatus(response) || ThrottlingUtils.checkResponseForRetryAfter(response)) {\r\n var thumbprintValue = {\r\n throttleTime: ThrottlingUtils.calculateThrottleTime(parseInt(response.headers[HeaderNames.RETRY_AFTER])),\r\n error: response.body.error,\r\n errorCodes: response.body.error_codes,\r\n errorMessage: response.body.error_description,\r\n subError: response.body.suberror\r\n };\r\n cacheManager.setThrottlingCache(ThrottlingUtils.generateThrottlingStorageKey(thumbprint), thumbprintValue);\r\n }\r\n };\r\n /**\r\n * Checks a NetworkResponse object's status codes against 429 or 5xx\r\n * @param response\r\n */\r\n ThrottlingUtils.checkResponseStatus = function (response) {\r\n return response.status === 429 || response.status >= 500 && response.status < 600;\r\n };\r\n /**\r\n * Checks a NetworkResponse object's RetryAfter header\r\n * @param response\r\n */\r\n ThrottlingUtils.checkResponseForRetryAfter = function (response) {\r\n if (response.headers) {\r\n return response.headers.hasOwnProperty(HeaderNames.RETRY_AFTER) && (response.status < 200 || response.status >= 300);\r\n }\r\n return false;\r\n };\r\n /**\r\n * Calculates the Unix-time value for a throttle to expire given throttleTime in seconds.\r\n * @param throttleTime\r\n */\r\n ThrottlingUtils.calculateThrottleTime = function (throttleTime) {\r\n var time = throttleTime <= 0 ? 0 : throttleTime;\r\n var currentSeconds = Date.now() / 1000;\r\n return Math.floor(Math.min(currentSeconds + (time || ThrottlingConstants.DEFAULT_THROTTLE_TIME_SECONDS), currentSeconds + ThrottlingConstants.DEFAULT_MAX_THROTTLE_TIME_SECONDS) * 1000);\r\n };\r\n ThrottlingUtils.removeThrottle = function (cacheManager, clientId, request, homeAccountIdentifier) {\r\n var thumbprint = {\r\n clientId: clientId,\r\n authority: request.authority,\r\n scopes: request.scopes,\r\n homeAccountIdentifier: homeAccountIdentifier,\r\n claims: request.claims,\r\n authenticationScheme: request.authenticationScheme,\r\n resourceRequestMethod: request.resourceRequestMethod,\r\n resourceRequestUri: request.resourceRequestUri,\r\n shrClaims: request.shrClaims,\r\n sshKid: request.sshKid\r\n };\r\n var key = this.generateThrottlingStorageKey(thumbprint);\r\n return cacheManager.removeItem(key, CacheSchemaType.THROTTLING);\r\n };\r\n return ThrottlingUtils;\r\n}());\n\nexport { ThrottlingUtils };\n//# sourceMappingURL=ThrottlingUtils.js.map\n"],"names":["CacheManager","clientId","cryptoImpl","this","prototype","getAllAccounts","_this","currentAccounts","getAccountsFilteredBy","accountValues","Object","keys","map","accountKey","numAccounts","length","allAccounts","value","accountEntity","toObject","accountInfo","getAccountInfo","idToken","readIdTokenFromCache","idTokenClaims","secret","claims","saveCacheRecord","cacheRecord","_a","label","account","setAccount","setIdTokenCredential","accessToken","saveAccessToken","sent","refreshToken","setRefreshTokenCredential","appMetadata","setAppMetadata","credential","currentTokenCache","currentScopes","currentAccessTokens","removedAccessTokens_1","getCredentialsFilteredBy","credentialType","environment","homeAccountId","realm","tokenType","requestedClaimsHash","target","accessTokens","key","forEach","tokenEntity","tokenScopeSet","intersectingScopeSets","push","removeCredential","Promise","all","setAccessTokenCredential","accountFilter","getAccountsFilteredByInternal","nativeAccountId","allCacheKeys","getKeys","matchingAccounts","cacheKey","entity","getAccount","matchHomeAccountId","matchEnvironment","matchRealm","matchNativeAccountId","filter","getCredentialsFilteredByInternal","familyId","userAssertionHash","keyId","matchingCredentials","idTokens","refreshTokens","credType","getSpecificCredential","matchUserAssertionHash","matchCredentialType","matchClientId","matchFamilyId","matchTarget","matchTokenType","matchKeyId","updatedCacheKey","updateCredentialCacheKey","getAppMetadataFilteredBy","getAppMetadataFilteredByInternal","matchingAppMetadata","isAppMetadata","getAppMetadata","getAuthorityMetadataByAlias","host","getAuthorityMetadataKeys","matchedEntity","isAuthorityMetadata","indexOf","getAuthorityMetadata","aliases","removeAllAccounts","removedAccounts","removeAccount","removeAccountContext","removeItem","accountId","removedCredentials","generateAccountId","cacheEntity","accessTokenWithAuthSchemeEntity","kid","generateCredentialKey","toLowerCase","trys","removeTokenBindingKey","removeAppMetadata","readCacheRecord","request","cachedAccount","readAccountFromCache","cachedIdToken","cachedAccessToken","readAccessTokenFromCache","cachedRefreshToken","readRefreshTokenFromCache","cachedAppMetadata","readAppMetadataFromCache","readAccountFromCacheWithNativeAccountId","accountCache","accounts","idTokenFilter","tenantId","credentialCache","numIdTokens","scopes","authScheme","authenticationScheme","accessTokenFilter","printScopesLowerCase","sshKid","numAccessTokens","familyRT","id","undefined","refreshTokenFilter","numRefreshTokens","appMetadataFilter","appMetadataEntries","numAppMetadata","isAppMetadataFOCI","cloudMetadata","isNotAccessTokenCredential","entityScopeSet","requestTargetScopeSet","containsOnlyOIDCScopes","removeScope","removeOIDCScopes","containsScopeSet","generateAuthorityMetadataCacheKey","authority","getIdTokenCredential","getAccessTokenCredential","getRefreshTokenCredential","obj","json","propertyName","DefaultStorageClass","_super","apply","arguments","notImplErr","setServerTelemetry","getServerTelemetry","setAuthorityMetadata","setThrottlingCache","getThrottlingCache","containsKey","clear","AccessTokenEntity","createAccessTokenEntity","expiresOn","extExpiresOn","cryptoUtils","refreshOn","requestedClaims","_b","atEntity","currentTime","cachedAt","toString","extendedExpiresOn","tokenClaims","cnf","isAccessTokenEntity","hasOwnProperty","AccountEntity","join","generateAccountKey","generateAccountCacheKey","username","localAccountId","generateType","authorityType","name","accountInterface","createAccount","clientInfo","cloudGraphHostName","msGraphHost","_c","_d","_e","_f","env","getPreferredCache","tid","oid","sub","preferredUsername","preferred_username","email","emails","createGenericAccount","upn","generateHomeAccountId","serverClientInfo","authType","logger","cryptoObj","uid","utid","e","verbose","isAccountEntity","accountInfoIsEqual","accountA","accountB","compareClaims","claimsMatch","accountAClaims","accountBClaims","iat","nonce","AppMetadataEntity","generateAppMetadataKey","generateAppMetadataCacheKey","appMetaDataKeyArray","createAppMetadataEntity","isAppMetadataEntity","AuthorityMetadataEntity","expiresAt","updateCloudDiscoveryMetadata","metadata","fromNetwork","preferred_cache","preferred_network","aliasesFromNetwork","updateEndpointMetadata","authorization_endpoint","token_endpoint","end_session_endpoint","issuer","endpointsFromNetwork","jwks_uri","updateCanonicalAuthority","canonical_authority","resetExpiresAt","isExpired","isAuthorityMetadataEntity","CacheRecord","idTokenEntity","accessTokenEntity","refreshTokenEntity","appMetadataEntity","CredentialEntity","generateAccountIdForCacheKey","generateCredentialId","generateCredentialIdForCacheKey","generateTarget","generateTargetForCacheKey","generateCredentialCacheKey","getCredentialType","credentialKey","generateClaimsHashForCacheKey","generateSchemeForCacheKey","clientOrFamilyId","credentialId","IdTokenEntity","createIdTokenEntity","isIdTokenEntity","RefreshTokenEntity","createRefreshTokenEntity","rtEntity","isRefreshTokenEntity","ServerTelemetryEntity","failedRequests","errors","cacheHits","isServerTelemetryEntity","validateKey","validateEntity","ThrottlingEntity","isThrottlingEntity","TokenCacheContext","tokenCache","hasChanged","cache","defineProperty","get","enumerable","configurable","AuthorizationCodeClient","configuration","call","includeRedirectUri","getAuthCodeUrl","queryString","createAuthCodeUrlQueryString","authorizationEndpoint","acquireToken","authCodePayload","reqTimestamp","response","requestId","responseHandler","info","code","executeTokenRequest","headers","config","authOptions","cacheManager","serializableCache","persistencePlugin","validateTokenResponse","body","handleServerTokenResponse","handleFragmentResponse","hashFragment","cachedState","hashUrlString","serverParams","getHash","validateServerAuthorizationCodeResponse","getLogoutUri","logoutRequest","createLogoutUrlQueryString","endSessionEndpoint","thumbprint","requestBody","queryParameters","ccsCredential","endpoint","canonicalAuthority","resourceRequestMethod","resourceRequestUri","shrClaims","createTokenRequestBody","createTokenQueryParameters","type","createTokenRequestHeaders","tokenEndpoint","executePostToTokenEndpoint","parameterBuilder","tokenQueryParameters","addExtraQueryParameters","createQueryString","clientAssertion","popTokenGenerator","reqCnfData","correlationId","ccsCred","addClientId","addRedirectUri","redirectUri","addScopes","addAuthorizationCode","addLibraryInfo","libraryInfo","addApplicationTelemetry","telemetry","application","addThrottling","serverTelemetryManager","addServerTelemetry","codeVerifier","addCodeVerifier","clientCredentials","clientSecret","addClientSecret","addClientAssertion","assertion","addClientAssertionType","assertionType","addGrantType","addClientInfo","generateCnf","addPopToken","reqCnfString","sshJwk","addSshJwk","cryptoInterface","createNewGuid","addCorrelationId","clientCapabilities","addClaims","systemOptions","preventCorsPreflight","addCcsOid","addCcsUpn","tokenBodyParameters","enableSpaAuthorizationCode","requestScopes","accountSid","accountLoginHintClaim","extraScopesToConsent","addResponseMode","responseMode","addResponseTypeCode","codeChallenge","codeChallengeMethod","addCodeChallengeParams","prompt","addPrompt","domainHint","addDomainHint","sid","addSid","extractAccountSid","extractLoginHint","addLoginHint","loginHint","addNonce","state","addState","extraQueryParameters","nativeBroker","addNativeBroker","reqCnfHash","postLogoutRedirectUri","addPostLogoutRedirectUri","idTokenHint","addIdTokenHint","logoutHint","addLogoutHint","login_hint","NetworkManager","networkClient","sendPostRequest","options","e_1","ThrottlingUtils","sendPostRequestAsync","AuthError","ClientAuthError","BaseClient","performanceClient","Logger","loggerOptions","storageInterface","networkInterface","networkManager","Constants","CcsCredential","proxyUrl","status","clearTelemetryCache","updateAuthority","updatedAuthority","discoveryComplete","RefreshTokenClient","atsMeasurement","startMeasurement","forceCache","then","result","endMeasurement","success","refreshTokenSize","refresh_token","catch","error","errorCode","subErrorCode","subError","acquireTokenByRefreshToken","isFOCI","noFamilyRTInCache","clientMismatchErrorWithFamilyRT","acquireTokenWithCachedRefreshToken","foci","refreshTokenRequest","discardMeasurement","acquireTokenMeasurement","addRefreshToken","SilentFlowClient","refreshTokenClient","acquireCachedToken","forceRefresh","setCacheOutcome","tokenRenewalOffsetSeconds","incrementCacheHits","generateResultFromCacheRecord","idTokenObj","authTime","maxAge","auth_time","DEFAULT_TOKEN_RENEWAL_OFFSET_SEC","DEFAULT_SYSTEM_OPTIONS","DEFAULT_LOGGER_IMPLEMENTATION","loggerCallback","piiLoggingEnabled","logLevel","DEFAULT_NETWORK_IMPLEMENTATION","sendGetRequestAsync","DEFAULT_LIBRARY_INFO","sku","version","cpu","os","DEFAULT_CLIENT_CREDENTIALS","DEFAULT_AZURE_CLOUD_OPTIONS","azureCloudInstance","tenant","DEFAULT_TELEMETRY_OPTIONS","appName","appVersion","buildClientConfiguration","userAuthOptions","userSystemOptions","userLoggerOption","storageImplementation","networkImplementation","cryptoImplementation","buildAuthOptions","azureCloudOptions","skipAuthorityMetadataCache","DEFAULT_CRYPTO_IMPLEMENTATION","base64Decode","base64Encode","generatePkceCodes","getPublicKeyThumbprint","clearKeystore","signJwt","hashString","JoseHeaderErrorMessage","missingKidError","desc","missingAlgError","JoseHeaderError","errorMessage","setPrototypeOf","createMissingKidError","createMissingAlgError","JoseHeader","typ","alg","getShrHeaderString","shrHeaderOptions","shrHeader","JSON","stringify","KeyLocation","PopTokenGenerator","reqCnf","generateKid","kidThumbprint","xms_ksl","SW","signPopToken","signPayload","payload","shrNonce","resourceUrlString","resourceUrlComponents","getUrlComponents","at","ts","m","toUpperCase","u","HostNameAndPort","p","AbsolutePath","q","QueryString","client_claims","AuthErrorMessage","unexpectedError","postRequestFailed","suberror","errorString","setCorrelationId","createUnexpectedError","errDesc","createPostRequestFailed","Error","ClientAuthErrorMessage","clientInfoDecodingError","clientInfoEmptyError","tokenParsingError","nullOrEmptyToken","endpointResolutionError","networkError","unableToGetOpenidConfigError","hashNotDeserialized","blankGuidGenerated","invalidStateError","stateMismatchError","stateNotFoundError","nonceMismatchError","nonceNotFoundError","authTimeNotFoundError","maxAgeTranspiredError","noTokensFoundError","multipleMatchingTokens","multipleMatchingAccounts","multipleMatchingAppMetadata","tokenRequestCannotBeMade","appendEmptyScopeError","removeEmptyScopeError","appendScopeSetError","emptyInputScopeSetError","DeviceCodePollingCancelled","DeviceCodeExpired","DeviceCodeUnknownError","NoAccountInSilentRequest","invalidCacheRecord","invalidCacheEnvironment","noAccountFound","CachePluginError","noCryptoObj","invalidCacheType","unexpectedAccountType","unexpectedCredentialType","invalidAssertion","invalidClientCredential","tokenRefreshRequired","userTimeoutReached","tokenClaimsRequired","noAuthorizationCodeFromServer","noAzureRegionDetected","accessTokenEntityNullError","bindingKeyNotRemovedError","logoutNotSupported","keyIdMissing","createClientInfoDecodingError","caughtError","createClientInfoEmptyError","createTokenParsingError","caughtExtractionError","createTokenNullOrEmptyError","invalidRawTokenString","createEndpointDiscoveryIncompleteError","errDetail","createNetworkError","split","createUnableToGetOpenidConfigError","createHashNotDeserializedError","hashParamObj","createInvalidStateError","invalidState","createStateMismatchError","createStateNotFoundError","missingState","createNonceMismatchError","createAuthTimeNotFoundError","createMaxAgeTranspiredError","createNonceNotFoundError","missingNonce","createMultipleMatchingTokensInCacheError","createMultipleMatchingAccountsInCacheError","createMultipleMatchingAppMetadataInCacheError","createTokenRequestCannotBeMadeError","createAppendEmptyScopeToSetError","givenScope","createRemoveEmptyScopeFromSetError","createAppendScopeSetError","appendError","createEmptyInputScopeSetError","createDeviceCodeCancelledError","createDeviceCodeExpiredError","createDeviceCodeUnknownError","createNoAccountInSilentRequestError","createNullOrUndefinedCacheRecord","createInvalidCacheEnvironmentError","createNoAccountFoundError","createCachePluginError","createNoCryptoObjectError","operationName","createInvalidCacheTypeError","createUnexpectedAccountTypeError","createUnexpectedCredentialTypeError","createInvalidAssertionError","createInvalidCredentialError","createRefreshRequiredError","createUserTimeoutReachedError","createTokenClaimsRequiredError","createNoAuthCodeInServerResponseError","createBindingKeyNotRemovedError","createLogoutNotSupportedError","createKeyIdMissingError","ClientConfigurationErrorMessage","redirectUriNotSet","postLogoutUriNotSet","claimsRequestParsingError","authorityUriInsecure","urlParseError","urlEmptyError","emptyScopesError","nonArrayScopesError","clientIdSingleScopeError","invalidPrompt","invalidClaimsRequest","tokenRequestEmptyError","logoutRequestEmptyError","invalidCodeChallengeMethod","invalidCodeChallengeParams","invalidCloudDiscoveryMetadata","invalidAuthorityMetadata","untrustedAuthority","invalidAzureCloudInstance","missingSshJwk","missingSshKid","missingNonceAuthenticationHeader","invalidAuthenticationHeader","ClientConfigurationError","createRedirectUriEmptyError","createPostLogoutRedirectUriEmptyError","createClaimsRequestParsingError","claimsRequestParseError","createInsecureAuthorityUriError","urlString","createUrlParseError","createUrlEmptyError","createEmptyScopesArrayError","createClientIdSingleScopeError","inputScopes","createInvalidPromptError","promptValue","createInvalidClaimsRequestError","createEmptyLogoutRequestError","createEmptyTokenRequestError","createInvalidCodeChallengeMethodError","createInvalidCodeChallengeParamsError","createInvalidCloudDiscoveryMetadataError","createInvalidAuthorityMetadataError","createUntrustedAuthorityError","createInvalidAzureCloudInstanceError","createMissingSshJwkError","createMissingSshKidError","createMissingNonceAuthenticationHeadersError","createInvalidAuthenticationHeaderError","invalidHeaderName","details","InteractionRequiredServerErrorMessage","InteractionRequiredAuthSubErrorMessage","InteractionRequiredAuthErrorMessage","native_account_unavailable","InteractionRequiredAuthError","isInteractionRequiredError","isInteractionRequiredErrorCode","isInteractionRequiredSubError","isInteractionRequiredErrorDesc","some","irErrorCode","createNoTokensFoundError","createNativeAccountUnavailableError","ServerError","LogLevel","packageName","packageVersion","level","Info","defaultLoggerCallback","localCallback","clone","logMessage","containsPii","logHeader","timestamp","Date","toUTCString","log","executeCallback","message","errorPii","warning","Warning","warningPii","infoPii","Verbose","verbosePii","trace","Trace","tracePii","isPiiLoggingEnabled","StubbedNetworkModule","reject","generateThrottlingStorageKey","preProcess","throttleTime","now","errorCodes","postProcess","checkResponseStatus","checkResponseForRetryAfter","thumbprintValue","calculateThrottleTime","parseInt","error_codes","error_description","time","currentSeconds","Math","floor","min","removeThrottle","homeAccountIdentifier"],"sourceRoot":""}