{"version":3,"file":"vendor-0f7d2cf6.prod.8fe7c18deb8088b808d2.js","mappings":";kKAkBA,IAAIA,EAAgB,SAASC,EAAGC,GAI5B,OAHAF,EAAgBG,OAAOC,gBAClB,CAAEC,UAAW,cAAgBC,OAAS,SAAUL,EAAGC,GAAKD,EAAEI,UAAYH,IACvE,SAAUD,EAAGC,GAAK,IAAK,IAAIK,KAAKL,EAAOC,OAAOK,UAAUC,eAAeC,KAAKR,EAAGK,KAAIN,EAAEM,GAAKL,EAAEK,KACzFP,EAAcC,EAAGC,IAG5B,SAASS,EAAUV,EAAGC,GAElB,SAASU,IAAOC,KAAKC,YAAcb,EADnCD,EAAcC,EAAGC,GAEjBD,EAAEO,UAAkB,OAANN,EAAaC,OAAOY,OAAOb,IAAMU,EAAGJ,UAAYN,EAAEM,UAAW,IAAII,GAGnF,IAAII,EAAW,WAQX,OAPAA,EAAWb,OAAOc,QAAU,SAAkBC,GAC1C,IAAK,IAAIC,EAAGC,EAAI,EAAGC,EAAIC,UAAUC,OAAQH,EAAIC,EAAGD,IAE5C,IAAK,IAAIb,KADTY,EAAIG,UAAUF,GACOjB,OAAOK,UAAUC,eAAeC,KAAKS,EAAGZ,KAAIW,EAAEX,GAAKY,EAAEZ,IAE9E,OAAOW,GAEJF,EAASQ,MAAMX,KAAMS,YAGhC,SAASG,EAAUC,EAASC,EAAYC,EAAGC,GAEvC,OAAO,IAAKD,IAAMA,EAAIE,WAAU,SAAUC,EAASC,GAC/C,SAASC,EAAUC,GAAS,IAAMC,EAAKN,EAAUO,KAAKF,IAAW,MAAOG,GAAKL,EAAOK,IACpF,SAASC,EAASJ,GAAS,IAAMC,EAAKN,EAAiB,MAAEK,IAAW,MAAOG,GAAKL,EAAOK,IACvF,SAASF,EAAKI,GAJlB,IAAeL,EAIaK,EAAOC,KAAOT,EAAQQ,EAAOL,QAJ1CA,EAIyDK,EAAOL,MAJhDA,aAAiBN,EAAIM,EAAQ,IAAIN,GAAE,SAAUG,GAAWA,EAAQG,OAITO,KAAKR,EAAWK,GAClGH,GAAMN,EAAYA,EAAUL,MAAME,EAASC,GAAc,KAAKS,WAItE,SAASM,EAAYhB,EAASiB,GAC1B,IAAsGC,EAAGC,EAAG3B,EAAG4B,EAA3GC,EAAI,CAAEC,MAAO,EAAGC,KAAM,WAAa,GAAW,EAAP/B,EAAE,GAAQ,MAAMA,EAAE,GAAI,OAAOA,EAAE,IAAOgC,KAAM,GAAIC,IAAK,IAChG,OAAOL,EAAI,CAAEV,KAAMgB,EAAK,GAAI,MAASA,EAAK,GAAI,OAAUA,EAAK,IAAwB,mBAAXC,SAA0BP,EAAEO,OAAOC,UAAY,WAAa,OAAOzC,OAAUiC,EACvJ,SAASM,EAAK/B,GAAK,OAAO,SAAUkC,GAAK,OACzC,SAAcC,GACV,GAAIZ,EAAG,MAAM,IAAIa,UAAU,mCAC3B,KAAOV,OACH,GAAIH,EAAI,EAAGC,IAAM3B,EAAY,EAARsC,EAAG,GAASX,EAAU,OAAIW,EAAG,GAAKX,EAAS,SAAO3B,EAAI2B,EAAU,SAAM3B,EAAER,KAAKmC,GAAI,GAAKA,EAAET,SAAWlB,EAAIA,EAAER,KAAKmC,EAAGW,EAAG,KAAKhB,KAAM,OAAOtB,EAE3J,OADI2B,EAAI,EAAG3B,IAAGsC,EAAK,CAAS,EAARA,EAAG,GAAQtC,EAAEgB,QACzBsB,EAAG,IACP,KAAK,EAAG,KAAK,EAAGtC,EAAIsC,EAAI,MACxB,KAAK,EAAc,OAAXT,EAAEC,QAAgB,CAAEd,MAAOsB,EAAG,GAAIhB,MAAM,GAChD,KAAK,EAAGO,EAAEC,QAASH,EAAIW,EAAG,GAAIA,EAAK,CAAC,GAAI,SACxC,KAAK,EAAGA,EAAKT,EAAEI,IAAIO,MAAOX,EAAEG,KAAKQ,MAAO,SACxC,QACI,MAAkBxC,GAAZA,EAAI6B,EAAEG,MAAY3B,OAAS,GAAKL,EAAEA,EAAEK,OAAS,KAAkB,IAAViC,EAAG,IAAsB,IAAVA,EAAG,IAAW,CAAET,EAAI,EAAG,SACjG,GAAc,IAAVS,EAAG,MAActC,GAAMsC,EAAG,GAAKtC,EAAE,IAAMsC,EAAG,GAAKtC,EAAE,IAAM,CAAE6B,EAAEC,MAAQQ,EAAG,GAAI,MAC9E,GAAc,IAAVA,EAAG,IAAYT,EAAEC,MAAQ9B,EAAE,GAAI,CAAE6B,EAAEC,MAAQ9B,EAAE,GAAIA,EAAIsC,EAAI,MAC7D,GAAItC,GAAK6B,EAAEC,MAAQ9B,EAAE,GAAI,CAAE6B,EAAEC,MAAQ9B,EAAE,GAAI6B,EAAEI,IAAIQ,KAAKH,GAAK,MACvDtC,EAAE,IAAI6B,EAAEI,IAAIO,MAChBX,EAAEG,KAAKQ,MAAO,SAEtBF,EAAKb,EAAKjC,KAAKgB,EAASqB,GAC1B,MAAOV,GAAKmB,EAAK,CAAC,EAAGnB,GAAIQ,EAAI,EAAK,QAAUD,EAAI1B,EAAI,EACtD,GAAY,EAARsC,EAAG,GAAQ,MAAMA,EAAG,GAAI,MAAO,CAAEtB,MAAOsB,EAAG,GAAKA,EAAG,QAAK,EAAQhB,MAAM,GArB9BL,CAAK,CAACd,EAAGkC,MAyB7D,SAASK,IACL,IAAK,IAAIzC,EAAI,EAAGC,EAAI,EAAGyC,EAAKvC,UAAUC,OAAQH,EAAIyC,EAAIzC,IAAKD,GAAKG,UAAUF,GAAGG,OACxE,IAAIuC,EAAIxD,MAAMa,GAAI4C,EAAI,EAA3B,IAA8B3C,EAAI,EAAGA,EAAIyC,EAAIzC,IACzC,IAAK,IAAI4C,EAAI1C,UAAUF,GAAI6C,EAAI,EAAGC,EAAKF,EAAEzC,OAAQ0C,EAAIC,EAAID,IAAKF,IAC1DD,EAAEC,GAAKC,EAAEC,GACjB,OAAOH,+DCzEPK,EAA2B,WAC3B,SAASA,EAAUC,EAAUC,GACzB,GAAI,YAAoBD,GACpB,MAAM,gCAA4CA,GAEtDvD,KAAKuD,SAAWA,EAChBvD,KAAKyD,OAASH,EAAUI,mBAAmBH,EAAUC,GAoBzD,OAbAF,EAAUI,mBAAqB,SAAUC,EAAcH,GACnD,IAAII,EAAe,oBAA4BD,GAE/C,IACI,IAAIE,EAAqBD,EAAaE,WAElCC,EAAgBP,EAAOQ,aAAaH,GACxC,OAAOI,KAAKC,MAAMH,GAEtB,MAAOI,GACH,MAAM,4BAAwCA,KAG/Cb,EA1BmB,oBCN9B,IAAIc,mBACJ,SAAWA,GACPA,EAAmC,gBAAI,kBACvCA,EAAuB,IAAI,MAF/B,CAGGA,IAAsBA,EAAoB,kFCK7C,SAASC,EAAgBC,EAAed,GACpC,GAAI,YAAoBc,GACpB,MAAM,iCAEV,IACI,IAAIC,EAAoBf,EAAOQ,aAAaM,GAC5C,OAAOL,KAAKC,MAAMK,GAEtB,MAAO/C,GACH,MAAM,kCAA8CA,IAO5D,SAASgD,EAAiCC,GACtC,GAAI,YAAoBA,GACpB,MAAM,kCAA8C,8BAExD,IAAIC,EAAkBD,EAAcE,MAAM,2BAAkC,GAC5E,MAAO,CACHC,IAAKF,EAAgB,GACrBG,KAAMH,EAAgBhE,OAAS,EAAI,kBAAyBgE,EAAgB,gEChCpF,SAASI,EAAuBC,GAC5B,OAAQA,EAASnF,eAAe,2BAC5BmF,EAASnF,eAAe,mBACxBmF,EAASnF,eAAe,yBACxBmF,EAASnF,eAAe,gFCD5BoF,EAAiC,WACjC,SAASA,EAAgBC,GACrBjF,KAAKiF,iBAAmBA,EAuG5B,OAhGAD,EAAgBrF,UAAUuF,aAAe,SAAUC,EAAmBC,GAClE,OAAO,QAAUpF,UAAM,OAAQ,GAAQ,WACnC,IAAIqF,EAAwBC,EAA0BC,EAAoBC,EAC1E,OAAO,QAAYxF,MAAM,SAAUyF,GAC/B,OAAQA,EAAGtD,OACP,KAAK,EAED,GADAkD,EAAyBF,EACK,MAAO,CAAC,EAAa,GACnDM,EAAGtD,MAAQ,EACf,KAAK,EAED,OADAsD,EAAGpD,KAAKS,KAAK,CAAC,EAAG,EAAG,CAAE,IACf,CAAC,EAAa9C,KAAK0F,kBAAkBC,EAAA,kBAChD,KAAK,EAMD,OALAL,EAA2BG,EAAGrD,QACDwD,SAAW,mBACpCP,EAAyBC,EAAyBxD,KAClDsD,EAAwBS,cAAgB,UAEtCP,EAAyBM,SAAW,oBAAsC,CAAC,EAAa,GACvF,CAAC,EAAa5F,KAAK8F,qBAC9B,KAAK,EAED,OADAP,EAAqBE,EAAGrD,QAKjB,CAAC,EAAapC,KAAK0F,kBAAkBH,KAHxCH,EAAwBS,cAAgB,0BACjC,CAAC,EAAc,OAG9B,KAAK,GACDL,EAA6BC,EAAGrD,QACDwD,SAAW,mBACtCP,EAAyBG,EAA2B1D,KACpDsD,EAAwBS,cAAgB,UAE5CJ,EAAGtD,MAAQ,EACf,KAAK,EAAG,MAAO,CAAC,EAAa,GAC7B,KAAK,EAGD,OAFAsD,EAAGrD,OACHgD,EAAwBS,cAAgB,0BACjC,CAAC,EAAc,MAC1B,KAAK,EAAG,MAAO,CAAC,EAAa,GAC7B,KAAK,EACDT,EAAwBS,cAAgB,yBACxCJ,EAAGtD,MAAQ,EACf,KAAK,EAKD,OAHKkD,IACDD,EAAwBS,cAAgB,2BAErC,CAAC,EAAcR,GAA0B,cAWpEL,EAAgBrF,UAAU+F,kBAAoB,SAAUK,GACpD,OAAO,QAAU/F,UAAM,OAAQ,GAAQ,WACnC,OAAO,QAAYA,MAAM,SAAUyF,GAC/B,MAAO,CAAC,EAAczF,KAAKiF,iBAAiBe,oBAAoBL,EAAA,iBAA0B,gBAAkBI,EAAU,eAAgBf,EAAgBiB,aAAcN,EAAA,yBAShLX,EAAgBrF,UAAUmG,kBAAoB,WAC1C,OAAO,QAAU9F,UAAM,OAAQ,GAAQ,WACnC,IAAI+E,EACJ,OAAO,QAAY/E,MAAM,SAAUyF,GAC/B,OAAQA,EAAGtD,OACP,KAAK,EAED,OADAsD,EAAGpD,KAAKS,KAAK,CAAC,EAAG,EAAG,CAAE,IACf,CAAC,EAAa9C,KAAKiF,iBAAiBe,oBAAoBL,EAAA,iBAA0B,eAAgBX,EAAgBiB,eAC7H,KAAK,EAGD,OAFAlB,EAAWU,EAAGrD,QAEDwD,SAAW,qBAAgCb,EAASjD,MAAQiD,EAASjD,KAAK,oBAAsBiD,EAASjD,KAAK,mBAAmBpB,OAAS,EAC5I,CAAC,EAAcqE,EAASjD,KAAK,mBAAmB,IAEpD,CAAC,EAAc,MAC1B,KAAK,EAED,OADA2D,EAAGrD,OACI,CAAC,EAAc,MAC1B,KAAK,EAAG,MAAO,CAAC,WAMhC4C,EAAgBiB,aAAe,CAAEC,QAAS,CAAE,SAAY,SACjDlB,EAzGyB,GCahCmB,EAA2B,WAC3B,SAASA,EAAUC,EAAWnB,EAAkBoB,EAAcC,GAC1DtG,KAAKuG,mBAAqBH,EAC1BpG,KAAKwG,oBAAoBC,gBACzBzG,KAAKiF,iBAAmBA,EACxBjF,KAAKqG,aAAeA,EACpBrG,KAAKsG,iBAAmBA,EACxBtG,KAAK0G,gBAAkB,IAAI1B,EAAgBC,GAC3CjF,KAAKoF,wBAA0B,CAAEuB,iBAAaC,EAAWf,mBAAee,EAAWC,oBAAgBD,GA2hBvG,OAzhBAtH,OAAOwH,eAAeX,EAAUxG,UAAW,gBAAiB,CAExDoH,IAAK,WACD,IAAIC,EAAehH,KAAKiH,gCAAgCC,aACxD,OAAIF,EAAatG,QAAUsG,EAAa,GAAGG,gBAAkBxB,EAAA,QAClDyB,EAAA,OAEJA,EAAA,WAEXC,YAAY,EACZC,cAAc,IAElBhI,OAAOwH,eAAeX,EAAUxG,UAAW,eAAgB,CAIvDoH,IAAK,WACD,OAAO/G,KAAKsG,iBAAiBiB,cAEjCF,YAAY,EACZC,cAAc,IAElBhI,OAAOwH,eAAeX,EAAUxG,UAAW,UAAW,CAIlDoH,IAAK,WACD,OAAO/G,KAAKsG,kBAEhBe,YAAY,EACZC,cAAc,IAElBhI,OAAOwH,eAAeX,EAAUxG,UAAW,qBAAsB,CAI7DoH,IAAK,WACD,OAAO/G,KAAKwG,oBAAoBgB,WAKpCC,IAAK,SAAUC,GACX1H,KAAKwG,oBAAsB,IAAImB,EAAA,EAAUD,GACzC1H,KAAKwG,oBAAoBC,gBACzBzG,KAAK4H,iCAAmC,MAE5CP,YAAY,EACZC,cAAc,IAElBhI,OAAOwH,eAAeX,EAAUxG,UAAW,kCAAmC,CAI1EoH,IAAK,WAID,OAHK/G,KAAK4H,mCACN5H,KAAK4H,iCAAmC5H,KAAKwG,oBAAoBqB,oBAE9D7H,KAAK4H,kCAEhBP,YAAY,EACZC,cAAc,IAElBhI,OAAOwH,eAAeX,EAAUxG,UAAW,kBAAmB,CAI1DoH,IAAK,WACD,OAAO/G,KAAKiH,gCAAgCa,gBAAgBX,eAEhEE,YAAY,EACZC,cAAc,IAElBhI,OAAOwH,eAAeX,EAAUxG,UAAW,SAAU,CAIjDoH,IAAK,WACD,OAAO/G,KAAKiH,gCAAgCC,aAAa,IAE7DG,YAAY,EACZC,cAAc,IAElBhI,OAAOwH,eAAeX,EAAUxG,UAAW,wBAAyB,CAIhEoH,IAAK,WACD,GAAI/G,KAAK+H,oBAAqB,CAC1B,IAAIC,EAAWhI,KAAKiI,YAAYjI,KAAKkI,SAASC,wBAC9C,OAAOnI,KAAKoI,cAAcJ,GAG1B,MAAMK,EAAA,yCAAuD,0BAGrEhB,YAAY,EACZC,cAAc,IAElBhI,OAAOwH,eAAeX,EAAUxG,UAAW,gBAAiB,CAIxDoH,IAAK,WACD,GAAI/G,KAAK+H,oBAAqB,CAC1B,IAAIC,EAAWhI,KAAKiI,YAAYjI,KAAKkI,SAASI,gBAC9C,OAAOtI,KAAKoI,cAAcJ,GAG1B,MAAMK,EAAA,yCAAuD,0BAGrEhB,YAAY,EACZC,cAAc,IAElBhI,OAAOwH,eAAeX,EAAUxG,UAAW,qBAAsB,CAC7DoH,IAAK,WACD,GAAI/G,KAAK+H,oBAAqB,CAC1B,IAAIC,EAAWhI,KAAKiI,YAAYjI,KAAKkI,SAASI,eAAeC,QAAQ,SAAU,gBAC/E,OAAOvI,KAAKoI,cAAcJ,GAG1B,MAAMK,EAAA,yCAAuD,0BAGrEhB,YAAY,EACZC,cAAc,IAElBhI,OAAOwH,eAAeX,EAAUxG,UAAW,qBAAsB,CAI7DoH,IAAK,WACD,GAAI/G,KAAK+H,oBAAqB,CAC1B,IAAIC,EAAWhI,KAAKiI,YAAYjI,KAAKkI,SAASM,sBAC9C,OAAOxI,KAAKoI,cAAcJ,GAG1B,MAAMK,EAAA,yCAAuD,0BAGrEhB,YAAY,EACZC,cAAc,IAElBhI,OAAOwH,eAAeX,EAAUxG,UAAW,wBAAyB,CAIhEoH,IAAK,WACD,GAAI/G,KAAK+H,oBAAqB,CAC1B,IAAIC,EAAWhI,KAAKiI,YAAYjI,KAAKkI,SAASO,QAC9C,OAAOzI,KAAKoI,cAAcJ,GAG1B,MAAMK,EAAA,yCAAuD,0BAGrEhB,YAAY,EACZC,cAAc,IAMlBnB,EAAUxG,UAAUyI,cAAgB,SAAUZ,GAC1C,OAAOA,EAAUe,QAAQ,uBAAwBvI,KAAK0I,SAM1DvC,EAAUxG,UAAUsI,YAAc,SAAUT,GACxC,IAAIQ,EAAWR,EAEXmB,EADqB,IAAIhB,EAAA,EAAU3H,KAAKkI,SAASU,qBACPf,mBAAmBX,aAQjE,OAP4BlH,KAAKiH,gCAAgCC,aAC3C2B,SAAQ,SAAUC,EAAaC,GACjD,IAAIC,EAAaL,EAAqBI,GAClCD,IAAgBE,IAChBhB,EAAWA,EAASO,QAAQ,IAAMS,EAAa,IAAK,IAAMF,EAAc,SAGzEd,GAEX1I,OAAOwH,eAAeX,EAAUxG,UAAW,qCAAsC,CAI7EoH,IAAK,WACD,OAAI/G,KAAKiJ,gBAAkB7B,EAAA,QAAsBpH,KAAKuH,eAAiB2B,EAAA,OAC5DlJ,KAAKuG,mBAAqB,mCAE9BvG,KAAKuG,mBAAqB,yCAErCc,YAAY,EACZC,cAAc,IAKlBnB,EAAUxG,UAAUoI,kBAAoB,WACpC,QAAS/H,KAAKkI,UAMlB/B,EAAUxG,UAAUwJ,sBAAwB,WACxC,OAAO,QAAUnJ,UAAM,OAAQ,GAAQ,WACnC,IAAIoJ,EAAgBC,EAAsBC,EAAgBC,EAC1D,OAAO,QAAYvJ,MAAM,SAAUyF,GAC/B,OAAQA,EAAGtD,OACP,KAAK,EAMD,OALAiH,EAAiBpJ,KAAKqG,aAAamD,4BAA4BxJ,KAAKyJ,oBAEhEL,EAAiB,IAAIM,EAAA,GACNC,yBAAyB3J,KAAKuG,oBAE1C,CAAC,EAAavG,KAAK4J,6BAA6BR,IAC3D,KAAK,EAGD,OAFAC,EAAuB5D,EAAGrD,OAC1BpC,KAAKuG,mBAAqBvG,KAAKuG,mBAAmBgC,QAAQvI,KAAKyJ,gBAAiBL,EAAeS,mBACxF,CAAC,EAAa7J,KAAK8J,uBAAuBV,IACrD,KAAK,EAUD,OATAE,EAAiB7D,EAAGrD,OAChBiH,IAAyB,YAAiCC,IAAmB,aAE7EF,EAAeW,iBACfX,EAAeO,yBAAyB3J,KAAKuG,qBAEjDgD,EAAWvJ,KAAKqG,aAAa2D,kCAAkCZ,EAAea,iBAC9EjK,KAAKqG,aAAa6D,qBAAqBX,EAAUH,GACjDpJ,KAAKkI,SAAWkB,EACT,CAAC,WAS5BjD,EAAUxG,UAAUmK,uBAAyB,SAAUV,GACnD,IAAI3D,EACJ,OAAO,QAAUzF,UAAM,OAAQ,GAAQ,WACnC,IAAIkI,EAAU7C,EAAwB8E,EACtC,OAAO,QAAYnK,MAAM,SAAUoK,GAC/B,OAAQA,EAAGjI,OACP,KAAK,EAED,OADA+F,EAAWlI,KAAKqK,kCAEZjB,EAAeU,uBAAuB5B,GAAU,GACzC,CAAC,EAAc,cAEtBlI,KAAKsK,oBAAoBlB,IAAmBA,EAAemB,uBAAyBnB,EAAeoB,YAE5F,CAAC,EAAc,YAEnB,CAAC,EAAaxK,KAAKyK,kCAC9B,KAAK,EAED,OADAvC,EAAWkC,EAAGhI,SAEkD,QAAzDqD,EAAKzF,KAAKsG,iBAAiBoE,gCAA6C,IAAPjF,OAAgB,EAASA,EAAG0E,aAC7F,CAAC,EAAanK,KAAK0G,gBAAgBxB,aAAalF,KAAKsG,iBAAiBoE,yBAAyBvF,kBAAmBnF,KAAKoF,0BADL,CAAC,EAAa,GADjH,CAAC,EAAa,GAGxC,KAAK,EACDC,EAAyB+E,EAAGhI,OAC5B+H,EAAcnK,KAAKsG,iBAAiBoE,yBAAyBP,cAAgBxE,EAAA,mCACvEN,EACArF,KAAKsG,iBAAiBoE,yBAAyBP,YACjDnK,KAAKsG,iBAAiBoE,yBAAyBP,cAAgBxE,EAAA,mCAC/D3F,KAAKoF,wBAAwByB,eAAiBxB,EAC1C,yCACA,qCAIArF,KAAKoF,wBAAwByB,eAD7BxB,EAC+CrF,KAAKsG,iBAAiBoE,yBAAyBP,cAAgB9E,EAC1G,iCACA,6BAG0C,kCAGlD8E,IACAnK,KAAKoF,wBAAwBuB,YAAcwD,EAC3CjC,EAAW/B,EAAUwE,+BAA+BzC,EAAUiC,IAElEC,EAAGjI,MAAQ,EACf,KAAK,EAED,OADAiH,EAAeU,uBAAuB5B,GAAU,GACzC,CAAC,EAAc,cAC1B,KAAK,EAAG,MAAMG,EAAA,qCAAmDrI,KAAK4K,4CAUtFzE,EAAUxG,UAAU2K,oBAAsB,SAAUlB,GAGhD,OAFyB,IAAIzB,EAAA,EAAUyB,EAAeR,qBACjBf,mBAAmBX,aACrCxG,SAAWV,KAAKiH,gCAAgCC,aAAaxG,QAKpFyF,EAAUxG,UAAU0K,8BAAgC,WAChD,GAAIrK,KAAKsG,iBAAiBuE,kBACtB,IACI,OAAO5G,KAAKC,MAAMlE,KAAKsG,iBAAiBuE,mBAE5C,MAAOrJ,GACH,MAAMsJ,EAAA,wCAGd,OAAO,MAKX3E,EAAUxG,UAAU8K,+BAAiC,WACjD,OAAO,QAAUzK,UAAM,OAAQ,GAAQ,WACnC,IAAI+E,EACJ,OAAO,QAAY/E,MAAM,SAAUyF,GAC/B,OAAQA,EAAGtD,OACP,KAAK,EAED,OADAsD,EAAGpD,KAAKS,KAAK,CAAC,EAAG,EAAG,CAAE,IACf,CAAC,EAAa9C,KAAKiF,iBAAiBe,oBAAoBhG,KAAK4K,qCACxE,KAAK,EAED,MAAO,CAAC,EAAc9F,GADtBC,EAAWU,EAAGrD,QACwCN,MAAQiD,EAASjD,KAAO,MAClF,KAAK,EAED,OADA2D,EAAGrD,OACI,CAAC,EAAc,MAC1B,KAAK,EAAG,MAAO,CAAC,WAUhC+D,EAAUxG,UAAUiK,6BAA+B,SAAUR,GACzD,OAAO,QAAUpJ,UAAM,OAAQ,GAAQ,WACnC,IAAIkI,EACJ,OAAO,QAAYlI,MAAM,SAAUyF,GAC/B,OAAQA,EAAGtD,OACP,KAAK,EAED,OADA+F,EAAWlI,KAAK+K,wCAEZ3B,EAAeQ,6BAA6B1B,GAAU,GAC/C,CAAC,EAAc,cAGtBlI,KAAKsK,oBAAoBlB,IAAmBA,EAAe4B,qBAAuB5B,EAAeoB,YAE1F,CAAC,EAAc,YAEnB,CAAC,EAAaxK,KAAKiL,wCAC9B,KAAK,EAED,GADA/C,EAAWzC,EAAGrD,OAGV,OADAgH,EAAeQ,6BAA6B1B,GAAU,GAC/C,CAAC,EAAc,cAItB,MAAM4C,EAAA,0CAS9B3E,EAAUxG,UAAUoL,oCAAsC,WAEtD,GAAI/K,KAAKsG,iBAAiB4E,uBACtB,IACI,IAAIC,EAAiBlH,KAAKC,MAAMlE,KAAKsG,iBAAiB4E,wBAClDhD,EAAW/B,EAAUiF,6CAA6CD,EAAejD,SAAUlI,KAAKyJ,iBACpG,GAAIvB,EACA,OAAOA,EAGf,MAAO1G,GACH,MAAMsJ,EAAA,6CAId,OAAI9K,KAAKqL,uBACElF,EAAUmF,qCAAqCtL,KAAKyJ,iBAExD,MAMXtD,EAAUxG,UAAUsL,qCAAuC,WACvD,OAAO,QAAUjL,UAAM,OAAQ,GAAQ,WACnC,IAAIuL,EAA2BC,EAAOzG,EAAUmD,EAChD,OAAO,QAAYlI,MAAM,SAAUyF,GAC/B,OAAQA,EAAGtD,OACP,KAAK,EACDoJ,EAA4B,GAAK5F,EAAA,gCAAyC3F,KAAKuG,mBAAqB,wBACpGiF,EAAQ,KACR/F,EAAGtD,MAAQ,EACf,KAAK,EAED,OADAsD,EAAGpD,KAAKS,KAAK,CAAC,EAAG,EAAG,CAAE,IACf,CAAC,EAAa9C,KAAKiF,iBAAiBe,oBAAoBuF,IACnE,KAAK,EAGD,OAFAxG,EAAWU,EAAGrD,OACd8F,EC9bxB,SAA0CnD,GACtC,OAAQA,EAASnF,eAAe,8BAC5BmF,EAASnF,eAAe,YD4bG6L,CAAiC1G,EAASjD,MAAQiD,EAASjD,KAAKoG,SAAW,GAC9D,IAApBA,EAASxH,OAEF,CAAC,EAAc,OAE1B8K,EAAQrF,EAAUiF,6CAA6ClD,EAAUlI,KAAKyJ,iBACvE,CAAC,EAAa,IACzB,KAAK,EAED,OADAhE,EAAGrD,OACI,CAAC,EAAc,MAC1B,KAAK,EAKD,OAJKoJ,IAEDA,EAAQrF,EAAUmF,qCAAqCtL,KAAKyJ,kBAEzD,CAAC,EAAc+B,WAQ1CrF,EAAUxG,UAAU0L,qBAAuB,WACvC,IAAIK,EAAQ1L,KAIZ,OAHcA,KAAKsG,iBAAiBqF,iBAAiBC,QAAO,SAAUxF,GAClE,OAAOuB,EAAA,mBAA2BvB,GAAWe,gBAAkBuE,EAAMjC,mBAE1D/I,OAAS,GAM5ByF,EAAUmF,qCAAuC,SAAUO,GACvD,MAAO,CACHhC,kBAAmBgC,EACnB5B,gBAAiB4B,EACjBC,QAAS,CAACD,KAQlB1F,EAAUiF,6CAA+C,SAAUrG,EAAUqB,GACzE,IAAK,IAAI7F,EAAI,EAAGA,EAAIwE,EAASrE,OAAQH,IAAK,CACtC,IAAI2H,EAAWnD,EAASxE,GACxB,GAAI2H,EAAS4D,QAAQC,QAAQ3F,IAAc,EACvC,OAAO8B,EAGf,OAAO,MAKX/B,EAAUxG,UAAUqM,kBAAoB,WACpC,GAAIhM,KAAK+H,oBACL,OAAO/H,KAAKkI,SAAS+B,gBAGrB,MAAM5B,EAAA,yCAAuD,0BAOrElC,EAAUxG,UAAUsM,QAAU,SAAUJ,GACpC,OAAO7L,KAAKkI,SAAS4D,QAAQC,QAAQF,IAAS,GAQlD1F,EAAU+F,uBAAyB,SAAUL,GACzC,OAAOlG,EAAA,+BAAsCkG,IAAS,GAQ1D1F,EAAUgG,6BAA+B,SAAUN,EAAMO,EAAQC,GAE7D,IAAIC,EAAuB,IAAI3E,EAAA,EAAUkE,GACzCS,EAAqB7F,gBACrB,IAAI8F,EAAoBD,EAAqBzE,mBACzC2E,EAAkBJ,EAAS,IAAMG,EAAkBzE,gBACnD9H,KAAKkM,uBAAuBK,EAAkBzE,mBAC9C0E,EAAkBJ,EAAS,IAAMzG,EAAA,sCAGrC,IAAI+B,EAAMC,EAAA,mCAA0C,SAAS,QAAS,GAAI2E,EAAqBzE,oBAAqB,CAAEC,gBAAiB0E,KAAoBhF,UAE3J,OAAI6E,EACO3E,EAAM,IAAM2E,EAChB3E,GAQXvB,EAAUwE,+BAAiC,SAAUzC,EAAUiC,GAK3D,OAJAjC,EAASC,uBAAyBhC,EAAUgG,6BAA6BjE,EAASC,uBAAwBgC,GAE1GjC,EAASI,eAAiBnC,EAAUgG,6BAA6BjE,EAASI,eAAgB6B,EAAa,yBACvGjC,EAASM,qBAAuBrC,EAAUgG,6BAA6BjE,EAASM,qBAAsB2B,GAC/FjC,GAEJ/B,EAniBmB,+FEV1BsG,EAAkC,WAClC,SAASA,KAmDT,OAvCAA,EAAiBC,yBAA2B,SAAUC,EAAcC,EAAevG,EAAcC,GAC7F,OAAO,QAAUtG,UAAM,OAAQ,GAAQ,WACnC,IAAI6M,EAAuBC,EAC3B,OAAO,QAAY9M,MAAM,SAAUyF,GAC/B,OAAQA,EAAGtD,OACP,KAAK,EACD0K,EAAwBJ,EAAiBM,eAAeJ,EAAcC,EAAevG,EAAcC,GACnGb,EAAGtD,MAAQ,EACf,KAAK,EAED,OADAsD,EAAGpD,KAAKS,KAAK,CAAC,EAAG,EAAG,CAAE,IACf,CAAC,EAAa+J,EAAsB1D,yBAC/C,KAAK,EAED,OADA1D,EAAGrD,OACI,CAAC,EAAcyK,GAC1B,KAAK,EAED,MADAC,EAAMrH,EAAGrD,OACH,2CAAuD0K,GACjE,KAAK,EAAG,MAAO,CAAC,WAehCL,EAAiBM,eAAiB,SAAUC,EAAc/H,EAAkBoB,EAAcC,GAEtF,GAAI,YAAoB0G,GACpB,MAAM,0BAEV,OAAO,IAAI,IAAUA,EAAc/H,EAAkBoB,EAAcC,IAEhEmG,EApD0B,oBCHrC,IAAIrF,mBACJ,SAAWA,GACPA,EAAcA,EAAuB,QAAI,GAAK,UAC9CA,EAAcA,EAAoB,KAAI,GAAK,OAF/C,CAGGA,IAAkBA,EAAgB,sBCJrC,IAAI8B,mBACJ,SAAWA,GACPA,EAAkB,IAAI,MACtBA,EAAmB,KAAI,OAF3B,CAGGA,IAAiBA,EAAe,wICK/B+D,EAA8B,WAC9B,SAASA,EAAaC,EAAUC,GAC5BnN,KAAKkN,SAAWA,EAChBlN,KAAKmN,WAAaA,EA4rBtB,OAvrBAF,EAAatN,UAAUyN,eAAiB,WACpC,IAAI1B,EAAQ1L,KACRqN,EAAkBrN,KAAKsN,wBACvBC,EAAgBjO,OAAOkO,KAAKH,GAAiBI,KAAI,SAAUC,GAAc,OAAOL,EAAgBK,MAEpG,OADkBH,EAAc7M,OACd,EACP,GAGW6M,EAAcE,KAAI,SAAUpM,GAC1C,IACIsM,EADgBV,EAAaW,SAAS,IAAI,IAAiBvM,GAC/BwM,iBAC5BC,EAAUpC,EAAMqC,qBAAqBrC,EAAMwB,SAAUS,GAIzD,OAHIG,IAAYH,EAAYK,gBACxBL,EAAYK,cAAgB,IAAI,IAAUF,EAAQG,OAAQvC,EAAMyB,YAAY1J,QAEzEkK,MASnBV,EAAatN,UAAUuO,gBAAkB,SAAUC,GAC/C,OAAO,QAAUnO,UAAM,OAAQ,GAAQ,WACnC,OAAO,QAAYA,MAAM,SAAUyF,GAC/B,OAAQA,EAAGtD,OACP,KAAK,EACD,IAAKgM,EACD,MAAM,uCAQV,OANMA,EAAYC,SACdpO,KAAKqO,WAAWF,EAAYC,SAE1BD,EAAYL,SACd9N,KAAKsO,qBAAqBH,EAAYL,SAEnCK,EAAYI,YACZ,CAAC,EAAavO,KAAKwO,gBAAgBL,EAAYI,cADf,CAAC,EAAa,GAEzD,KAAK,EACD9I,EAAGrD,OACHqD,EAAGtD,MAAQ,EACf,KAAK,EAOD,OANMgM,EAAYM,cACdzO,KAAK0O,0BAA0BP,EAAYM,cAEzCN,EAAYQ,aACd3O,KAAK4O,eAAeT,EAAYQ,aAE7B,CAAC,WAS5B1B,EAAatN,UAAU6O,gBAAkB,SAAUK,GAC/C,OAAO,QAAU7O,UAAM,OAAQ,GAAQ,WACnC,IAAI8O,EAAmBC,EAAeC,EAAqBC,EACvDvD,EAAQ1L,KACZ,OAAO,QAAYA,MAAM,SAAUyF,GAC/B,OAAQA,EAAGtD,OACP,KAAK,EAWD,OAVA2M,EAAoB9O,KAAKkP,yBAAyB,CAC9ChC,SAAU2B,EAAW3B,SACrBiC,eAAgBN,EAAWM,eAC3BC,YAAaP,EAAWO,YACxB3K,cAAeoK,EAAWpK,cAC1B4K,MAAOR,EAAWQ,MAClBC,UAAWT,EAAWS,YAE1BP,EAAgB,eAAoBF,EAAWU,SAC/CP,EAAsB1P,OAAOkO,KAAKsB,EAAkBU,cAAc/B,KAAI,SAAUgC,GAAO,OAAOX,EAAkBU,aAAaC,QAE7HR,EAAwB,GACxBD,EAAoBnG,SAAQ,SAAU6G,GACd,eAAoBA,EAAYH,QAClCI,sBAAsBZ,IACpCE,EAAsBnM,KAAK4I,EAAMkE,iBAAiBF,OAGnD,CAAC,EAAazO,QAAQ4O,IAAIZ,KARA,CAAC,EAAa,GASnD,KAAK,EACDxJ,EAAGrD,OACHqD,EAAGtD,MAAQ,EACf,KAAK,EAED,OADAnC,KAAK8P,yBAAyBjB,GACvB,CAAC,WAY5B5B,EAAatN,UAAU2N,sBAAwB,SAAUyC,GACrD,OAAO/P,KAAKgQ,8BAA8BD,EAAgBA,EAActL,cAAgB,GAAIsL,EAAgBA,EAAcX,YAAc,GAAIW,EAAgBA,EAAcV,MAAQ,KAStLpC,EAAatN,UAAUqQ,8BAAgC,SAAUvL,EAAe2K,EAAaC,GACzF,IAAI3D,EAAQ1L,KACRiQ,EAAejQ,KAAKkQ,UACpBC,EAAmB,GAiBvB,OAhBAF,EAAapH,SAAQ,SAAUU,GAC3B,IAAI6G,EAAS1E,EAAM2E,WAAW9G,GACzB6G,IAGC3L,IAAkBiH,EAAM4E,mBAAmBF,EAAQ3L,IAGnD2K,IAAgB1D,EAAM6E,iBAAiBH,EAAQhB,IAG/CC,IAAU3D,EAAM8E,WAAWJ,EAAQf,KAGzCc,EAAiB5G,GAAY6G,OAE1BD,GAWXlD,EAAatN,UAAUuP,yBAA2B,SAAUtD,GACxD,OAAO5L,KAAKyQ,iCAAiC7E,EAAOnH,cAAemH,EAAOwD,YAAaxD,EAAOuD,eAAgBvD,EAAOsB,SAAUtB,EAAO8E,SAAU9E,EAAOyD,MAAOzD,EAAO2D,OAAQ3D,EAAO+E,aAAc/E,EAAO0D,YAa7MrC,EAAatN,UAAU8Q,iCAAmC,SAAUhM,EAAe2K,EAAaD,EAAgBjC,EAAUwD,EAAUrB,EAAOE,EAAQoB,EAAcrB,GAC7J,IAAI5D,EAAQ1L,KACRiQ,EAAejQ,KAAKkQ,UACpBU,EAAsB,CACtBC,SAAU,GACVrB,aAAc,GACdsB,cAAe,IAiEnB,OA/DAb,EAAapH,SAAQ,SAAUU,GAE3B,IAAIwH,EAAW,sBAAmCxH,GAClD,GAAIwH,IAAa,iBAAjB,CAIA,IAAIX,EAAS1E,EAAMsF,sBAAsBzH,EAAUwH,GACnD,GAAKX,KAGCO,GAAiBjF,EAAMuF,kBAAkBb,EAAQO,OAGjDlM,GAAkBiH,EAAM4E,mBAAmBF,EAAQ3L,OAGnD2K,GAAgB1D,EAAM6E,iBAAiBH,EAAQhB,OAG/CC,GAAU3D,EAAM8E,WAAWJ,EAAQf,OAGnCF,GAAmBzD,EAAMwF,oBAAoBd,EAAQjB,OAGrDjC,GAAaxB,EAAMyF,cAAcf,EAAQlD,OAGzCwD,GAAahF,EAAM0F,cAAchB,EAAQM,OAOzCnB,GAAW7D,EAAM2F,YAAYjB,EAAQb,IAA3C,CAGA,GAAIJ,IAAmB,mCAA8C,CACjE,GAAMG,IAAc5D,EAAM4F,eAAelB,EAAQd,GAC7C,OAGJ,IAAoD,IAAhD/F,EAASwC,QAAQ,UAGjB,YADAL,EAAM6F,WAAWhI,EAAU,iBAInC,OAAQwH,GACJ,KAAK,cACDH,EAAoBC,SAAStH,GAAY6G,EACzC,MACJ,KAAK,kBACL,KAAK,mCACDQ,EAAoBpB,aAAajG,GAAY6G,EAC7C,MACJ,KAAK,mBACDQ,EAAoBE,cAAcvH,GAAY6G,QAInDQ,GAMX3D,EAAatN,UAAU6R,yBAA2B,SAAU5F,GACxD,OAAO5L,KAAKyR,iCAAiC7F,EAAOwD,YAAaxD,EAAOsB,WAO5ED,EAAatN,UAAU8R,iCAAmC,SAAUrC,EAAalC,GAC7E,IAAIxB,EAAQ1L,KACRiQ,EAAejQ,KAAKkQ,UACpBwB,EAAsB,GAmB1B,OAlBAzB,EAAapH,SAAQ,SAAUU,GAE3B,GAAKmC,EAAMiG,cAAcpI,GAAzB,CAIA,IAAI6G,EAAS1E,EAAMkG,eAAerI,GAC7B6G,IAGChB,IAAgB1D,EAAM6E,iBAAiBH,EAAQhB,IAG/ClC,IAAaxB,EAAMyF,cAAcf,EAAQlD,KAG/CwE,EAAoBnI,GAAY6G,QAE7BsB,GAMXzE,EAAatN,UAAU6J,4BAA8B,SAAUqC,GAC3D,IAAIH,EAAQ1L,KACRiQ,EAAejQ,KAAK6R,2BACpBC,EAAgB,KAgBpB,OAfA7B,EAAapH,SAAQ,SAAUU,GAE3B,GAAKmC,EAAMqG,oBAAoBxI,KAAmD,IAAtCA,EAASwC,QAAQL,EAAMwB,UAAnE,CAIA,IAAIkD,EAAS1E,EAAMsG,qBAAqBzI,GACnC6G,IAGiC,IAAlCA,EAAOtE,QAAQC,QAAQF,KAG3BiG,EAAgB1B,OAEb0B,GAKX7E,EAAatN,UAAUsS,kBAAoB,WACvC,OAAO,QAAUjS,UAAM,OAAQ,GAAQ,WACnC,IAAIiQ,EAAciC,EACdxG,EAAQ1L,KACZ,OAAO,QAAYA,MAAM,SAAUyF,GAC/B,OAAQA,EAAGtD,OACP,KAAK,EAUD,OATA8N,EAAejQ,KAAKkQ,UACpBgC,EAAkB,GAClBjC,EAAapH,SAAQ,SAAUU,GACdmC,EAAM2E,WAAW9G,IAI9B2I,EAAgBpP,KAAK4I,EAAMyG,cAAc5I,OAEtC,CAAC,EAAatI,QAAQ4O,IAAIqC,IACrC,KAAK,EAED,OADAzM,EAAGrD,OACI,CAAC,GAAc,WAS1C6K,EAAatN,UAAUwS,cAAgB,SAAUzE,GAC7C,OAAO,QAAU1N,UAAM,OAAQ,GAAQ,WACnC,IAAIoO,EACJ,OAAO,QAAYpO,MAAM,SAAUyF,GAC/B,OAAQA,EAAGtD,OACP,KAAK,EAED,KADAiM,EAAUpO,KAAKqQ,WAAW3C,IAEtB,MAAM,gCAEV,MAAO,CAAC,EAAa1N,KAAKoS,qBAAqBhE,IACnD,KAAK,EAAG,MAAO,CAAC,EAAgB3I,EAAGrD,QAAWpC,KAAKuR,WAAW7D,EAAY,uBAS1FT,EAAatN,UAAUyS,qBAAuB,SAAUhE,GACpD,OAAO,QAAUpO,UAAM,OAAQ,GAAQ,WACnC,IAAIiQ,EAAcoC,EAAWC,EACzB5G,EAAQ1L,KACZ,OAAO,QAAYA,MAAM,SAAUyF,GAC/B,OAAQA,EAAGtD,OACP,KAAK,EAeD,OAdA8N,EAAejQ,KAAKkQ,UACpBmC,EAAYjE,EAAQmE,oBACpBD,EAAqB,GACrBrC,EAAapH,SAAQ,SAAUU,GAE3B,IAAIwH,EAAW,sBAAmCxH,GAClD,GAAIwH,IAAa,iBAAjB,CAGA,IAAIyB,EAAc9G,EAAMsF,sBAAsBzH,EAAUwH,GAClDyB,GAAeH,IAAcG,EAAYD,qBAC3CD,EAAmBxP,KAAK4I,EAAMkE,iBAAiB4C,QAGhD,CAAC,EAAavR,QAAQ4O,IAAIyC,IACrC,KAAK,EAED,OADA7M,EAAGrD,OACI,CAAC,GAAc,WAS1C6K,EAAatN,UAAUiQ,iBAAmB,SAAUf,GAChD,OAAO,QAAU7O,UAAM,OAAQ,GAAQ,WACnC,IAAIyP,EAAsCgD,EAC1C,OAAO,QAAYzS,MAAM,SAAUyF,GAC/B,OAAQA,EAAGtD,OACP,KAAK,EAED,GADAsN,EAAMZ,EAAW6D,wBACX7D,EAAWM,eAAehI,gBAAkB,iDAA6D,MAAO,CAAC,EAAa,GAGpI,KADAsL,EADkC5D,EACI8D,OAC5B,MAAO,CAAC,EAAa,GAC/BlN,EAAGtD,MAAQ,EACf,KAAK,EAED,OADAsD,EAAGpD,KAAKS,KAAK,CAAC,EAAG,EAAG,CAAE,IACf,CAAC,EAAa9C,KAAKmN,WAAWyF,sBAAsBH,IAC/D,KAAK,EAED,OADAhN,EAAGrD,OACI,CAAC,EAAa,GACzB,KAAK,EAED,MADAqD,EAAGrD,OACG,sCACV,KAAK,EAAG,MAAO,CAAC,EAAcpC,KAAKuR,WAAW9B,EAAK,0BAQnExC,EAAatN,UAAUkT,kBAAoB,WACvC,IAAInH,EAAQ1L,KAOZ,OANmBA,KAAKkQ,UACXrH,SAAQ,SAAUU,GACvBmC,EAAMiG,cAAcpI,IACpBmC,EAAM6F,WAAWhI,EAAU,uBAG5B,GAUX0D,EAAatN,UAAUmT,gBAAkB,SAAU1E,EAASlB,EAAU6F,EAAQ3D,EAAa4D,GACvF,IAAIC,EAAgBjT,KAAKkT,qBAAqB9E,GAC1C+E,EAAgBnT,KAAK+N,qBAAqBb,EAAUkB,GACpDgF,EAAoBpT,KAAKqT,yBAAyBnG,EAAUkB,EAAS2E,EAAQC,GAC7EM,EAAqBtT,KAAKuT,0BAA0BrG,EAAUkB,GAAS,GACvEoF,EAAoBxT,KAAKyT,yBAAyBrE,EAAalC,GAInE,OAHI+F,GAAiBE,IACjBF,EAAcjF,cAAgB,IAAI,IAAUmF,EAAclF,OAAQjO,KAAKmN,YAAY1J,QAEhF,CACH2K,QAAS6E,EACTnF,QAASqF,EACT5E,YAAa6E,EACb3E,aAAc6E,EACd3E,YAAa6E,IAOrBvG,EAAatN,UAAUuT,qBAAuB,SAAU9E,GACpD,IAAIV,EAAa,4BAAsCU,GACvD,OAAOpO,KAAKqQ,WAAW3C,IAQ3BT,EAAatN,UAAUoO,qBAAuB,SAAUb,EAAUkB,GAC9D,IAAIsF,EAAgB,CAChBjP,cAAe2J,EAAQ3J,cACvB2K,YAAahB,EAAQgB,YACrBD,eAAgB,cAChBjC,SAAUA,EACVmC,MAAOjB,EAAQuF,UAEfC,EAAkB5T,KAAKkP,yBAAyBwE,GAChD7C,EAAWvR,OAAOkO,KAAKoG,EAAgB/C,UAAUpD,KAAI,SAAUgC,GAAO,OAAOmE,EAAgB/C,SAASpB,MACtGoE,EAAchD,EAASnQ,OAC3B,GAAImT,EAAc,EACd,OAAO,KAEN,GAAIA,EAAc,EACnB,MAAM,+CAEV,OAAOhD,EAAS,IASpB5D,EAAatN,UAAU0T,yBAA2B,SAAUnG,EAAUkB,EAAS2E,EAAQC,GAEnF,IAAI7D,EAAkB6D,IAAe,SAA4B,mCAA+C,kBAC5Gc,EAAoB,CACpBrP,cAAe2J,EAAQ3J,cACvB2K,YAAahB,EAAQgB,YACrBD,eAAgBA,EAChBjC,SAAUA,EACVmC,MAAOjB,EAAQuF,SACfpE,OAAQwD,EAAOgB,uBACfzE,UAAW0D,GAEXY,EAAkB5T,KAAKkP,yBAAyB4E,GAChDtE,EAAelQ,OAAOkO,KAAKoG,EAAgBpE,cAAc/B,KAAI,SAAUgC,GAAO,OAAOmE,EAAgBpE,aAAaC,MAClHuE,EAAkBxE,EAAa9O,OACnC,GAAIsT,EAAkB,EAClB,OAAO,KAEN,GAAIA,EAAkB,EACvB,MAAM,+CAEV,OAAOxE,EAAa,IAQxBvC,EAAatN,UAAU4T,0BAA4B,SAAUrG,EAAUkB,EAAS6F,GAC5E,IAAIC,EAAKD,EAAW,UAAgBrN,EAChCuN,EAAqB,CACrB1P,cAAe2J,EAAQ3J,cACvB2K,YAAahB,EAAQgB,YACrBD,eAAgB,mBAChBjC,SAAUA,EACVwD,SAAUwD,GAEVN,EAAkB5T,KAAKkP,yBAAyBiF,GAChDrD,EAAgBxR,OAAOkO,KAAKoG,EAAgB9C,eAAerD,KAAI,SAAUgC,GAAO,OAAOmE,EAAgB9C,cAAcrB,MAEzH,OADuBqB,EAAcpQ,OACd,EACZ,KAGJoQ,EAAc,IAKzB7D,EAAatN,UAAU8T,yBAA2B,SAAUrE,EAAalC,GACrE,IAAIkH,EAAoB,CACpBhF,YAAaA,EACblC,SAAUA,GAEVyB,EAAc3O,KAAKwR,yBAAyB4C,GAC5CC,EAAqB/U,OAAOkO,KAAKmB,GAAalB,KAAI,SAAUgC,GAAO,OAAOd,EAAYc,MACtF6E,EAAiBD,EAAmB3T,OACxC,GAAI4T,EAAiB,EACjB,OAAO,KAEN,GAAIA,EAAiB,EACtB,MAAM,oDAEV,OAAOD,EAAmB,IAO9BpH,EAAatN,UAAU4U,kBAAoB,SAAUnF,EAAalC,GAC9D,IAAIyB,EAAc3O,KAAKyT,yBAAyBrE,EAAalC,GAC7D,SAAUyB,GAAeA,EAAY+B,WAAa,OAOtDzD,EAAatN,UAAU2Q,mBAAqB,SAAUF,EAAQ3L,GAC1D,SAAU2L,EAAO3L,eAAiBA,IAAkB2L,EAAO3L,gBAO/DwI,EAAatN,UAAUsR,kBAAoB,SAAUb,EAAQO,GACzD,SAAUP,EAAOO,cAAgBA,IAAiBP,EAAOO,eAO7D1D,EAAatN,UAAU4Q,iBAAmB,SAAUH,EAAQhB,GACxD,IAAIoF,EAAgBxU,KAAKwJ,4BAA4B4F,GACrD,SAAIoF,GAAiBA,EAAc1I,QAAQC,QAAQqE,EAAOhB,cAAgB,IAU9EnC,EAAatN,UAAUuR,oBAAsB,SAAUd,EAAQjB,GAC3D,OAAQiB,EAAOjB,gBAAkBA,EAAehI,gBAAkBiJ,EAAOjB,eAAehI,eAO5F8F,EAAatN,UAAUwR,cAAgB,SAAUf,EAAQlD,GACrD,SAAUkD,EAAOlD,UAAYA,IAAakD,EAAOlD,WAOrDD,EAAatN,UAAUyR,cAAgB,SAAUhB,EAAQM,GACrD,SAAUN,EAAOM,UAAYA,IAAaN,EAAOM,WAOrDzD,EAAatN,UAAU6Q,WAAa,SAAUJ,EAAQf,GAClD,SAAUe,EAAOf,OAASA,IAAUe,EAAOf,QAO/CpC,EAAatN,UAAU0R,YAAc,SAAUjB,EAAQb,GAEnD,GADkCa,EAAOjB,iBAAmB,mBAA+BiB,EAAOjB,iBAAmB,qCAClFiB,EAAOb,OACtC,OAAO,EAEX,IAAIkF,EAAiB,eAAoBrE,EAAOb,QAC5CmF,EAAwB,eAAoBnF,GAOhD,OANKmF,EAAsBC,yBAIvBD,EAAsBE,YAAY,2BAHlCF,EAAsBG,mBAKnBJ,EAAeK,iBAAiBJ,IAO3CzH,EAAatN,UAAU2R,eAAiB,SAAUlB,EAAQd,GACtD,SAAUc,EAAOd,WAAac,EAAOd,YAAcA,IAMvDrC,EAAatN,UAAUgS,cAAgB,SAAUlC,GAC7C,OAAsC,IAA/BA,EAAI1D,QAAQ,OAMvBkB,EAAatN,UAAUoS,oBAAsB,SAAUtC,GACnD,OAAgE,IAAzDA,EAAI1D,QAAQ,iBAKvBkB,EAAatN,UAAUqK,kCAAoC,SAAU5D,GACjE,OAAO,eAAyC,IAAMpG,KAAKkN,SAAW,IAAM9G,GAOhF6G,EAAatN,UAAUqR,sBAAwB,SAAUvB,EAAKsB,GAC1D,OAAQA,GACJ,KAAK,cACD,OAAO/Q,KAAK+U,qBAAqBtF,GAErC,KAAK,kBACL,KAAK,mCACD,OAAOzP,KAAKgV,yBAAyBvF,GAEzC,KAAK,mBACD,OAAOzP,KAAKiV,0BAA0BxF,GAE1C,QACI,OAAO,OAQnBxC,EAAaW,SAAW,SAAUsH,EAAKC,GACnC,IAAK,IAAIC,KAAgBD,EACrBD,EAAIE,GAAgBD,EAAKC,GAE7B,OAAOF,GAEJjI,EA/rBsB,GAisB7BoI,EAAqC,SAAUC,GAE/C,SAASD,IACL,OAAkB,OAAXC,GAAmBA,EAAO3U,MAAMX,KAAMS,YAAcT,KA2F/D,OA7FA,QAAUqV,EAAqBC,GAI/BD,EAAoB1V,UAAU0O,WAAa,WAEvC,MAAM,0BADW,8FAGrBgH,EAAoB1V,UAAU0Q,WAAa,WAEvC,MAAM,0BADW,8FAGrBgF,EAAoB1V,UAAU2O,qBAAuB,WAEjD,MAAM,0BADW,wGAGrB+G,EAAoB1V,UAAUoV,qBAAuB,WAEjD,MAAM,0BADW,wGAGrBM,EAAoB1V,UAAUmQ,yBAA2B,WAErD,MAAM,0BADW,4GAGrBuF,EAAoB1V,UAAUqV,yBAA2B,WAErD,MAAM,0BADW,4GAGrBK,EAAoB1V,UAAU+O,0BAA4B,WAEtD,MAAM,0BADW,6GAGrB2G,EAAoB1V,UAAUsV,0BAA4B,WAEtD,MAAM,0BADW,6GAGrBI,EAAoB1V,UAAUiP,eAAiB,WAE3C,MAAM,0BADW,kGAGrByG,EAAoB1V,UAAUiS,eAAiB,WAE3C,MAAM,0BADW,kGAGrByD,EAAoB1V,UAAU4V,mBAAqB,WAE/C,MAAM,0BADW,sGAGrBF,EAAoB1V,UAAU6V,mBAAqB,WAE/C,MAAM,0BADW,sGAGrBH,EAAoB1V,UAAUuK,qBAAuB,WAEjD,MAAM,0BADW,wGAGrBmL,EAAoB1V,UAAUqS,qBAAuB,WAEjD,MAAM,0BADW,wGAGrBqD,EAAoB1V,UAAUkS,yBAA2B,WAErD,MAAM,0BADW,4GAGrBwD,EAAoB1V,UAAU8V,mBAAqB,WAE/C,MAAM,0BADW,sGAGrBJ,EAAoB1V,UAAU+V,mBAAqB,WAE/C,MAAM,0BADW,sGAGrBL,EAAoB1V,UAAU4R,WAAa,WAEvC,MAAM,0BADW,8FAGrB8D,EAAoB1V,UAAUgW,YAAc,WAExC,MAAM,0BADW,+FAGrBN,EAAoB1V,UAAUuQ,QAAU,WAEpC,MAAM,0BADW,2FAGrBmF,EAAoB1V,UAAUiW,MAAQ,WAClC,OAAO,QAAU5V,UAAM,OAAQ,GAAQ,WAEnC,OAAO,QAAYA,MAAM,SAAUyF,GAE/B,MAAM,0BADO,+FAKlB4P,EA9F6B,CA+FtCpI,oHC5wBE4I,EAAmC,SAAUP,GAE7C,SAASO,IACL,OAAkB,OAAXP,GAAmBA,EAAO3U,MAAMX,KAAMS,YAAcT,KAiE/D,OAnEA,QAAU6V,EAAmBP,GAe7BO,EAAkBC,wBAA0B,SAAUrR,EAAe2K,EAAab,EAAarB,EAAUyG,EAAUZ,EAAQgD,EAAWC,EAAcC,EAAaC,EAAW5G,EAAWqB,GACnL,IAAIlL,EACA0Q,EAAW,IAAIN,EACnBM,EAAS1R,cAAgBA,EACzB0R,EAAShH,eAAiB,kBAC1BgH,EAASlI,OAASM,EAClB,IAAI6H,EAAc,iBAkBlB,GAjBAD,EAASE,SAAWD,EAAYE,WAKhCH,EAASJ,UAAYA,EAAUO,WAC/BH,EAASI,kBAAoBP,EAAaM,WACtCJ,IACAC,EAASD,UAAYA,EAAUI,YAEnCH,EAAS/G,YAAcA,EACvB+G,EAASjJ,SAAWA,EACpBiJ,EAAS9G,MAAQsE,EACjBwC,EAAS5G,OAASwD,EAClBoD,EAASxF,aAAeA,EACxBwF,EAAS7G,UAAY,YAAoBA,GAAa,YAA8BA,EAEhF6G,EAAS7G,YAAc,SAA0B,CACjD6G,EAAShH,eAAiB,mCAE1B,IAAIqH,EAAc,uBAA6BjI,EAAa0H,GAC5D,KAA2F,QAApFxQ,EAAK+Q,MAAAA,OAAiD,EAASA,EAAYC,WAAwB,IAAPhR,OAAgB,EAASA,EAAGgN,KAC3H,MAAM,qCAEV0D,EAASxD,MAAQ6D,EAAYC,IAAIhE,IAErC,OAAO0D,GAMXN,EAAkBa,oBAAsB,SAAUtG,GAC9C,QAAKA,GAGGA,EAAOxQ,eAAe,kBAC1BwQ,EAAOxQ,eAAe,gBACtBwQ,EAAOxQ,eAAe,mBACtBwQ,EAAOxQ,eAAe,UACtBwQ,EAAOxQ,eAAe,aACtBwQ,EAAOxQ,eAAe,WACtBwQ,EAAOxQ,eAAe,YACrBwQ,EAAuB,iBAAM,mBAA+BA,EAAuB,iBAAM,qCAE3FyF,EApE2B,CAqEpC,gGCxEEc,EAA+B,WAC/B,SAASA,KAyMT,OApMAA,EAAchX,UAAU4S,kBAAoB,WAExC,MADgB,CAACvS,KAAKyE,cAAezE,KAAKoP,aACzBwH,KAAK,0BAAgCzP,eAK1DwP,EAAchX,UAAUkX,mBAAqB,WACzC,OAAOF,EAAcG,wBAAwB,CACzCrS,cAAezE,KAAKyE,cACpB2K,YAAapP,KAAKoP,YAClBuE,SAAU3T,KAAKqP,MACf0H,SAAU/W,KAAK+W,SACfC,eAAgBhX,KAAKgX,kBAM7BL,EAAchX,UAAUsX,aAAe,WACnC,OAAQjX,KAAKiJ,eACT,KAAK,uBACD,OAAO,UACX,KAAK,wBACD,OAAO,SACX,KAAK,wBACD,OAAO,WACX,KAAK,0BACD,OAAO,aACX,QACI,MAAM,yCAOlB0N,EAAchX,UAAUkO,eAAiB,WACrC,MAAO,CACHpJ,cAAezE,KAAKyE,cACpB2K,YAAapP,KAAKoP,YAClBuE,SAAU3T,KAAKqP,MACf0H,SAAU/W,KAAK+W,SACfC,eAAgBhX,KAAKgX,eACrBE,KAAMlX,KAAKkX,KACXlJ,cAAehO,KAAKgO,gBAO5B2I,EAAcG,wBAA0B,SAAUK,GAM9C,MALiB,CACbA,EAAiB1S,cACjB0S,EAAiB/H,aAAe,GAChC+H,EAAiBxD,UAAY,IAEfiD,KAAK,0BAAgCzP,eAS3DwP,EAAcS,cAAgB,SAAUC,EAAY5S,EAAeqJ,EAAS1H,EAAWuK,EAAc2G,EAAoBC,EAAanI,GAClI,IAAI3J,EAAI2E,EAAIoN,EAAIC,EAAIC,EAAIC,EACpBvJ,EAAU,IAAIuI,EAClBvI,EAAQnF,cAAgB,wBACxBmF,EAAQiJ,WAAaA,EACrBjJ,EAAQ3J,cAAgBA,EACxB,IAAImT,EAAMxI,GAAgBhJ,GAAaA,EAAU4F,oBACjD,IAAK4L,EACD,MAAM,yCAmBV,OAjBAxJ,EAAQgB,YAAcwI,EAEtBxJ,EAAQiB,OAAqF,QAA3E5J,EAAKqI,MAAAA,OAAyC,EAASA,EAAQrK,cAA2B,IAAPgC,OAAgB,EAASA,EAAGoS,MAAQ,GACzIzJ,EAAQuC,aAAeA,EACnB7C,IACAM,EAAQJ,cAAgBF,EAAQrK,OAEhC2K,EAAQ4I,gBAA8F,QAA3E5M,EAAK0D,MAAAA,OAAyC,EAASA,EAAQrK,cAA2B,IAAP2G,OAAgB,EAASA,EAAG0N,OAAqF,QAA3EN,EAAK1J,MAAAA,OAAyC,EAASA,EAAQrK,cAA2B,IAAP+T,OAAgB,EAASA,EAAGO,MAAQ,GAK3Q3J,EAAQ2I,UAAwF,QAA3EU,EAAK3J,MAAAA,OAAyC,EAASA,EAAQrK,cAA2B,IAAPgU,OAAgB,EAASA,EAAGO,uBAAqG,QAA3EN,EAAK5J,MAAAA,OAAyC,EAASA,EAAQrK,cAA2B,IAAPiU,OAAgB,EAASA,EAAGO,QAAUnK,EAAQrK,OAAOwU,OAAO,GAAK,IAClT7J,EAAQ8I,KAAmF,QAA3ES,EAAK7J,MAAAA,OAAyC,EAASA,EAAQrK,cAA2B,IAAPkU,OAAgB,EAASA,EAAGT,MAEnI9I,EAAQkJ,mBAAqBA,EAC7BlJ,EAAQmJ,YAAcA,EACfnJ,GAOXuI,EAAcuB,qBAAuB,SAAUzT,EAAeqJ,EAAS1H,EAAWuK,EAAc2G,EAAoBC,EAAanI,GAC7H,IAAI3J,EAAI2E,EAAIoN,EAAIC,EACZrJ,EAAU,IAAIuI,EAClBvI,EAAQnF,cAAiB7C,GAAaA,EAAU6C,gBAAkB,SAAsB,uBAAqC,0BAC7HmF,EAAQ3J,cAAgBA,EAExB2J,EAAQiB,MAAQ,GAChBjB,EAAQuC,aAAeA,EACvB,IAAIiH,EAAMxI,GAAehJ,GAAaA,EAAU4F,oBAChD,IAAK4L,EACD,MAAM,yCAiBV,OAfI9J,IAEAM,EAAQ4I,gBAA8F,QAA3EvR,EAAKqI,MAAAA,OAAyC,EAASA,EAAQrK,cAA2B,IAAPgC,OAAgB,EAASA,EAAGqS,OAAqF,QAA3E1N,EAAK0D,MAAAA,OAAyC,EAASA,EAAQrK,cAA2B,IAAP2G,OAAgB,EAASA,EAAG2N,MAAQ,GAE3Q3J,EAAQ2I,UAAwF,QAA3ES,EAAK1J,MAAAA,OAAyC,EAASA,EAAQrK,cAA2B,IAAP+T,OAAgB,EAASA,EAAGW,MAAQ,GAC5I/J,EAAQ8I,MAAoF,QAA3EO,EAAK3J,MAAAA,OAAyC,EAASA,EAAQrK,cAA2B,IAAPgU,OAAgB,EAASA,EAAGP,OAAS,GACzI9I,EAAQJ,cAAgBF,MAAAA,OAAyC,EAASA,EAAQrK,QAEtF2K,EAAQgB,YAAcwI,EACtBxJ,EAAQkJ,mBAAqBA,EAC7BlJ,EAAQmJ,YAAcA,EAKfnJ,GAOXuI,EAAcyB,sBAAwB,SAAUC,EAAkBC,EAAUC,EAAQC,EAAW1K,GAC3F,IAAIrI,EACA4M,GAAyF,QAA3E5M,EAAKqI,MAAAA,OAAyC,EAASA,EAAQrK,cAA2B,IAAPgC,OAAgB,EAASA,EAAGsS,KAAOjK,EAAQrK,OAAOsU,IAAM,kBAE7J,GAAIO,IAAa,SACb,OAAOjG,EAGX,GAAIgG,EACA,IACI,IAAIhB,GAAa,OAAgBgB,EAAkBG,GACnD,IAAK,YAAoBnB,EAAWzS,OAAS,YAAoByS,EAAWxS,MACxE,MAAO,GAAKwS,EAAWzS,IAAM,2BAAmCyS,EAAWxS,KAGnF,MAAOrD,IAIX,OADA+W,EAAOE,QAAQ,8BACRpG,GAMXsE,EAAc+B,gBAAkB,SAAUtI,GACtC,QAAKA,GAGGA,EAAOxQ,eAAe,kBAC1BwQ,EAAOxQ,eAAe,gBACtBwQ,EAAOxQ,eAAe,UACtBwQ,EAAOxQ,eAAe,mBACtBwQ,EAAOxQ,eAAe,aACtBwQ,EAAOxQ,eAAe,kBAQ9B+W,EAAcgC,mBAAqB,SAAUC,EAAUC,EAAUC,GAC7D,IAAKF,IAAaC,EACd,OAAO,EAEX,IAAIE,GAAc,EAClB,GAAID,EAAe,CACf,IAAIE,EAAkBJ,EAAS5K,eAAiB,GAC5CiL,EAAkBJ,EAAS7K,eAAiB,GAEhD+K,EAAeC,EAAeE,MAAQD,EAAeC,KAChDF,EAAeG,QAAUF,EAAeE,MAEjD,OAAQP,EAASnU,gBAAkBoU,EAASpU,eACvCmU,EAAS5B,iBAAmB6B,EAAS7B,gBACrC4B,EAAS7B,WAAa8B,EAAS9B,UAC/B6B,EAASjF,WAAakF,EAASlF,UAC/BiF,EAASxJ,cAAgByJ,EAASzJ,aACnC2J,GAEDpC,EA1MuB,oDCb9ByC,EAAmC,WACnC,SAASA,KA8CT,OAzCAA,EAAkBzZ,UAAU0Z,uBAAyB,WACjD,OAAOD,EAAkBE,4BAA4BtZ,KAAKoP,YAAapP,KAAKkN,WAKhFkM,EAAkBE,4BAA8B,SAAUlK,EAAalC,GAMnE,MAL0B,CACtB,KACAkC,EACAlC,GAEuB0J,KAAK,0BAAgCzP,eAQpEiS,EAAkBG,wBAA0B,SAAUrM,EAAUkC,EAAasB,GACzE,IAAI/B,EAAc,IAAIyK,EAMtB,OALAzK,EAAYzB,SAAWA,EACvByB,EAAYS,YAAcA,EACtBsB,IACA/B,EAAY+B,SAAWA,GAEpB/B,GAMXyK,EAAkBI,oBAAsB,SAAU/J,EAAKW,GACnD,QAAKA,GAGiC,IAA9BX,EAAI1D,QAAQ,OAChBqE,EAAOxQ,eAAe,aACtBwQ,EAAOxQ,eAAe,gBAEvBwZ,EA/C2B,+DCblC1P,EAAyC,WACzC,SAASA,IACL1J,KAAKyZ,UAAY,iBAAyB,0BAiE9C,OA1DA/P,EAAwB/J,UAAUiK,6BAA+B,SAAU1B,EAAUwR,GACjF1Z,KAAK8L,QAAU5D,EAAS4D,QACxB9L,KAAKiK,gBAAkB/B,EAAS+B,gBAChCjK,KAAK6J,kBAAoB3B,EAAS2B,kBAClC7J,KAAKgL,mBAAqB0O,GAO9BhQ,EAAwB/J,UAAUmK,uBAAyB,SAAU5B,EAAUwR,GAC3E1Z,KAAKmI,uBAAyBD,EAASC,uBACvCnI,KAAKsI,eAAiBJ,EAASI,eAC/BtI,KAAKwI,qBAAuBN,EAASM,qBACrCxI,KAAKyI,OAASP,EAASO,OACvBzI,KAAKuK,qBAAuBmP,GAMhChQ,EAAwB/J,UAAUgK,yBAA2B,SAAUvD,GACnEpG,KAAK4I,oBAAsBxC,GAK/BsD,EAAwB/J,UAAUoK,eAAiB,WAC/C/J,KAAKyZ,UAAY,iBAAyB,2BAK9C/P,EAAwB/J,UAAU6K,UAAY,WAC1C,OAAOxK,KAAKyZ,WAAa,kBAM7B/P,EAAwBiQ,0BAA4B,SAAUlK,EAAKW,GAC/D,QAAKA,GAG2D,IAAxDX,EAAI1D,QAAQ,iBAChBqE,EAAOxQ,eAAe,YACtBwQ,EAAOxQ,eAAe,oBACtBwQ,EAAOxQ,eAAe,sBACtBwQ,EAAOxQ,eAAe,wBACtBwQ,EAAOxQ,eAAe,2BACtBwQ,EAAOxQ,eAAe,mBACtBwQ,EAAOxQ,eAAe,yBACtBwQ,EAAOxQ,eAAe,WACtBwQ,EAAOxQ,eAAe,uBACtBwQ,EAAOxQ,eAAe,yBACtBwQ,EAAOxQ,eAAe,cAEvB8J,EAnEiC,qCCH5C,IAAIkQ,EACA,SAAqBC,EAAeC,EAAeC,EAAmBC,EAAoBC,GACtFja,KAAKoO,QAAUyL,GAAiB,KAChC7Z,KAAK8N,QAAUgM,GAAiB,KAChC9Z,KAAKuO,YAAcwL,GAAqB,KACxC/Z,KAAKyO,aAAeuL,GAAsB,KAC1Cha,KAAK2O,YAAcsL,GAAqB,iECkB5CC,EAAkC,WAClC,SAASA,KAiHT,OA5GAA,EAAiBva,UAAU4S,kBAAoB,WAC3C,OAAO2H,EAAiBC,6BAA6Bna,KAAKyE,cAAezE,KAAKoP,cAKlF8K,EAAiBva,UAAUya,qBAAuB,WAC9C,OAAOF,EAAiBG,gCAAgCra,KAAKmP,eAAgBnP,KAAKkN,SAAUlN,KAAKqP,MAAOrP,KAAK0Q,WAKjHwJ,EAAiBva,UAAU2a,eAAiB,WACxC,OAAOJ,EAAiBK,0BAA0Bva,KAAKuP,SAK3D2K,EAAiBva,UAAU+S,sBAAwB,WAC/C,OAAOwH,EAAiBM,2BAA2Bxa,KAAKyE,cAAezE,KAAKoP,YAAapP,KAAKmP,eAAgBnP,KAAKkN,SAAUlN,KAAKqP,MAAOrP,KAAKuP,OAAQvP,KAAK0Q,SAAU1Q,KAAKsP,YAK9K4K,EAAiBva,UAAUsX,aAAe,WACtC,OAAQjX,KAAKmP,gBACT,KAAK,cACD,OAAO,cACX,KAAK,kBACL,KAAK,mCACD,OAAO,kBACX,KAAK,mBACD,OAAO,mBACX,QACI,MAAM,4CAQlB+K,EAAiBO,kBAAoB,SAAUhL,GAE3C,OAAgE,IAA5DA,EAAI1D,QAAQ,kCAEqE,IAA7E0D,EAAI1D,QAAQ,kDACL,mCAEJ,mBAEsD,IAAxD0D,EAAI1D,QAAQ,6BACV,eAE2D,IAA7D0D,EAAI1D,QAAQ,kCACV,mBAEJ,kBAMXmO,EAAiBM,2BAA6B,SAAU/V,EAAe2K,EAAaD,EAAgBjC,EAAUmC,EAAOE,EAAQmB,EAAUpB,GACnI,IAAIoL,EAAgB,CAChB1a,KAAKma,6BAA6B1V,EAAe2K,GACjDpP,KAAKqa,gCAAgClL,EAAgBjC,EAAUmC,EAAOqB,GACtE1Q,KAAKua,0BAA0BhL,IAMnC,OAHID,IAAc,UACdoL,EAAc5X,KAAKwM,EAAUnI,eAE1BuT,EAAc9D,KAAK,0BAAgCzP,eAO9D+S,EAAiBC,6BAA+B,SAAU1V,EAAe2K,GAErE,MADgB,CAAC3K,EAAe2K,GACfwH,KAAK,0BAAgCzP,eAS1D+S,EAAiBG,gCAAkC,SAAUlL,EAAgBjC,EAAUmC,EAAOqB,GAS1F,MALmB,CACfvB,EAJmBA,IAAmB,oBACpCuB,GACAxD,EAIFmC,GAAS,IAEOuH,KAAK,0BAAgCzP,eAK7D+S,EAAiBK,0BAA4B,SAAUxH,GACnD,OAAQA,GAAU,IAAI5L,eAEnB+S,EAlH0B,wECHjCS,EAA+B,SAAUrF,GAEzC,SAASqF,IACL,OAAkB,OAAXrF,GAAmBA,EAAO3U,MAAMX,KAAMS,YAAcT,KAoC/D,OAtCA,QAAU2a,EAAerF,GAWzBqF,EAAcC,oBAAsB,SAAUnW,EAAe2K,EAAatB,EAASZ,EAAUyG,EAAUhD,GACnG,IAAImJ,EAAgB,IAAIa,EAQxB,OAPAb,EAAc3K,eAAiB,cAC/B2K,EAAcrV,cAAgBA,EAC9BqV,EAAc1K,YAAcA,EAC5B0K,EAAc5M,SAAWA,EACzB4M,EAAc7L,OAASH,EACvBgM,EAAczK,MAAQsE,EACtBmG,EAAcnJ,aAAeA,EACtBmJ,GAMXa,EAAcE,gBAAkB,SAAUzK,GACtC,QAAKA,GAGGA,EAAOxQ,eAAe,kBAC1BwQ,EAAOxQ,eAAe,gBACtBwQ,EAAOxQ,eAAe,mBACtBwQ,EAAOxQ,eAAe,UACtBwQ,EAAOxQ,eAAe,aACtBwQ,EAAOxQ,eAAe,WACtBwQ,EAAuB,iBAAM,eAE9BuK,EAvCuB,CAwChC,0ECtCEG,EAAoC,SAAUxF,GAE9C,SAASwF,IACL,OAAkB,OAAXxF,GAAmBA,EAAO3U,MAAMX,KAAMS,YAAcT,KAoC/D,OAtCA,QAAU8a,EAAoBxF,GAW9BwF,EAAmBC,yBAA2B,SAAUtW,EAAe2K,EAAaX,EAAcvB,EAAUwD,EAAUC,GAClH,IAAIqK,EAAW,IAAIF,EASnB,OARAE,EAAS9N,SAAWA,EACpB8N,EAAS7L,eAAiB,mBAC1B6L,EAAS5L,YAAcA,EACvB4L,EAASvW,cAAgBA,EACzBuW,EAAS/M,OAASQ,EAClBuM,EAASrK,aAAeA,EACpBD,IACAsK,EAAStK,SAAWA,GACjBsK,GAMXF,EAAmBG,qBAAuB,SAAU7K,GAChD,QAAKA,GAGGA,EAAOxQ,eAAe,kBAC1BwQ,EAAOxQ,eAAe,gBACtBwQ,EAAOxQ,eAAe,mBACtBwQ,EAAOxQ,eAAe,aACtBwQ,EAAOxQ,eAAe,WACtBwQ,EAAuB,iBAAM,oBAE9B0K,EAvC4B,CAwCrC,sDC7DEI,EAAuC,WACvC,SAASA,IACLlb,KAAKmb,eAAiB,GACtBnb,KAAKob,OAAS,GACdpb,KAAKqb,UAAY,EAkBrB,OAXAH,EAAsBI,wBAA0B,SAAU7L,EAAKW,GAC3D,IAAImL,EAAgE,IAAlD9L,EAAI1D,QAAQ,gBAC1ByP,GAAiB,EAOrB,OANIpL,IACAoL,EACIpL,EAAOxQ,eAAe,mBAClBwQ,EAAOxQ,eAAe,WACtBwQ,EAAOxQ,eAAe,cAE3B2b,GAAeC,GAEnBN,EAtB+B,oDCAtCO,EAAkC,WAClC,SAASA,KAkBT,OAXAA,EAAiBC,mBAAqB,SAAUjM,EAAKW,GACjD,IAAImL,GAAc,EACd9L,IACA8L,EAAqE,IAAvD9L,EAAI1D,QAAQ,yBAE9B,IAAIyP,GAAiB,EAIrB,OAHIpL,IACAoL,EAAiBpL,EAAOxQ,eAAe,iBAEpC2b,GAAeC,GAEnBC,EAnB0B,qCCCjC,IAAIE,EAAmC,WACvC,SAASA,EAAkBC,EAAYC,GACnC7b,KAAK8b,MAAQF,EACb5b,KAAK6b,WAAaA,EAsBtB,OApBAvc,OAAOwH,eAAe6U,EAAkBhc,UAAW,kBAAmB,CAIlEoH,IAAK,WACD,OAAO/G,KAAK6b,YAEhBxU,YAAY,EACZC,cAAc,IAElBhI,OAAOwH,eAAe6U,EAAkBhc,UAAW,aAAc,CAI7DoH,IAAK,WACD,OAAO/G,KAAK8b,OAEhBzU,YAAY,EACZC,cAAc,IAEXqU,EAzB+B,qLCctCI,EAAyC,SAAUzG,GAEnD,SAASyG,EAAwBC,GAC7B,OAAO1G,EAAOzV,KAAKG,KAAMgc,IAAkBhc,KAsW/C,OAxWA,QAAU+b,EAAyBzG,GAcnCyG,EAAwBpc,UAAUsc,eAAiB,SAAUC,GACzD,OAAO,QAAUlc,UAAM,OAAQ,GAAQ,WACnC,IAAIqM,EACJ,OAAO,QAAYrM,MAAM,SAAUyF,GAE/B,OADA4G,EAAcrM,KAAKmc,6BAA6BD,GACzC,CAAC,EAAc,sBAA4Blc,KAAKoG,UAAUgW,sBAAuB/P,WASpG0P,EAAwBpc,UAAU0c,aAAe,SAAUH,EAASI,GAChE,OAAO,QAAUtc,UAAM,OAAQ,GAAQ,WACnC,IAAIuc,EAAcxX,EAAUyX,EAC5B,OAAO,QAAYxc,MAAM,SAAUyF,GAC/B,OAAQA,EAAGtD,OACP,KAAK,EAED,GADAnC,KAAKuY,OAAOkE,KAAK,yBACZP,GAAW,YAAoBA,EAAQQ,MACxC,MAAM,0CAGV,OADAH,EAAe,iBACR,CAAC,EAAavc,KAAK2c,oBAAoB3c,KAAKoG,UAAW8V,IAClE,KAAK,EAKD,OAJAnX,EAAWU,EAAGrD,QACdoa,EAAkB,IAAI,IAAgBxc,KAAK4c,OAAOC,YAAY3P,SAAUlN,KAAKqG,aAAcrG,KAAKiW,YAAajW,KAAKuY,OAAQvY,KAAK4c,OAAOE,kBAAmB9c,KAAK4c,OAAOG,oBAErJC,sBAAsBjY,EAASjD,MACxC,CAAC,EAAa0a,EAAgBS,0BAA0BlY,EAASjD,KAAM9B,KAAKoG,UAAWmW,EAAcL,EAASI,IACzH,KAAK,EAAG,MAAO,CAAC,EAAc7W,EAAGrD,gBAUjD2Z,EAAwBpc,UAAUud,uBAAyB,SAAUC,EAAcC,GAE/E,IAAIZ,EAAkB,IAAI,IAAgBxc,KAAK4c,OAAOC,YAAY3P,SAAUlN,KAAKqG,aAAcrG,KAAKiW,YAAajW,KAAKuY,OAAQ,KAAM,MAEhI8E,EAAgB,IAAI,IAAUF,GAE9BG,EAAe,wBAA8BD,EAAcE,WAI/D,GAFAf,EAAgBgB,wCAAwCF,EAAcF,EAAapd,KAAKiW,cAEnFqH,EAAaZ,KACd,MAAM,4CAEV,OAAO,SAAS,QAAS,GAAIY,GAAe,CAExCZ,KAAMY,EAAaZ,QAO3BX,EAAwBpc,UAAU8d,aAAe,SAAUC,GAEvD,IAAKA,EACD,MAAM,oCAEV,IAAIrR,EAAcrM,KAAK2d,2BAA2BD,GAElD,OAAO,sBAA4B1d,KAAKoG,UAAUwX,mBAAoBvR,IAO1E0P,EAAwBpc,UAAUgd,oBAAsB,SAAUvW,EAAW8V,GACzE,OAAO,QAAUlc,UAAM,OAAQ,GAAQ,WACnC,IAAI6d,EAAYC,EAAaC,EAAiBC,EAAe3G,EAAYnR,EAAS8B,EAClF,OAAO,QAAYhI,MAAM,SAAUyF,GAC/B,OAAQA,EAAGtD,OACP,KAAK,EAUD,OATA0b,EAAa,CACT3Q,SAAUlN,KAAK4c,OAAOC,YAAY3P,SAClC9G,UAAWA,EAAUG,mBACrBwM,OAAQmJ,EAAQnJ,OAChBkL,qBAAsB/B,EAAQ+B,qBAC9BC,sBAAuBhC,EAAQgC,sBAC/BC,mBAAoBjC,EAAQiC,mBAC5BC,UAAWlC,EAAQkC,WAEhB,CAAC,EAAape,KAAKqe,uBAAuBnC,IACrD,KAAK,EAID,GAHA4B,EAAcrY,EAAGrD,OACjB2b,EAAkB/d,KAAKse,2BAA2BpC,GAClD8B,OAAgBpX,EACZsV,EAAQ7E,WACR,IACIA,GAAa,OAAgB6E,EAAQ7E,WAAYrX,KAAKiW,aACtD+H,EAAgB,CACZnP,WAAY,GAAKwI,EAAWzS,IAAM,2BAAmCyS,EAAWxS,KAChF0Z,KAAM,qBAGd,MAAO/c,GACHxB,KAAKuY,OAAOE,QAAQ,+CAAiDjX,GAK7E,OAFA0E,EAAUlG,KAAKwe,0BAA0BR,GAAiB9B,EAAQ8B,eAClEhW,EAAW,YAAoB+V,GAAmB3X,EAAUqY,cAAgBrY,EAAUqY,cAAgB,IAAMV,EACrG,CAAC,EAAc/d,KAAK0e,2BAA2B1W,EAAU8V,EAAa5X,EAAS2X,YAS1G9B,EAAwBpc,UAAU2e,2BAA6B,SAAUpC,GACrE,IAAIyC,EAAmB,IAAI,IAI3B,OAHIzC,EAAQ0C,sBACRD,EAAiBE,wBAAwB3C,EAAQ0C,sBAE9CD,EAAiBG,qBAM5B/C,EAAwBpc,UAAU0e,uBAAyB,SAAUnC,GACjE,OAAO,QAAUlc,UAAM,OAAQ,GAAQ,WACnC,IAAI2e,EAAkBI,EAAoCC,EAAWC,EAAeC,EAAqB7H,EACzG,OAAO,QAAYrX,MAAM,SAAUyF,GAC/B,OAAQA,EAAGtD,OACP,KAAK,EA6BD,OA5BAwc,EAAmB,IAAI,KACNQ,YAAYnf,KAAK4c,OAAOC,YAAY3P,UAErDyR,EAAiBS,eAAelD,EAAQmD,aAExCV,EAAiBW,UAAUpD,EAAQnJ,QAEnC4L,EAAiBY,qBAAqBrD,EAAQQ,MAE9CiC,EAAiBa,eAAexf,KAAK4c,OAAO6C,aAC5Cd,EAAiBe,gBACb1f,KAAK2f,wBACLhB,EAAiBiB,mBAAmB5f,KAAK2f,wBAGzCzD,EAAQ2D,cACRlB,EAAiBmB,gBAAgB5D,EAAQ2D,cAEzC7f,KAAK4c,OAAOmD,kBAAkBC,cAC9BrB,EAAiBsB,gBAAgBjgB,KAAK4c,OAAOmD,kBAAkBC,cAE/DhgB,KAAK4c,OAAOmD,kBAAkBhB,kBAC9BA,EAAkB/e,KAAK4c,OAAOmD,kBAAkBhB,gBAChDJ,EAAiBuB,mBAAmBnB,EAAgBoB,WACpDxB,EAAiByB,uBAAuBrB,EAAgBsB,gBAE5D1B,EAAiB2B,aAAa,+BAC9B3B,EAAiB4B,gBACXrE,EAAQ+B,uBAAyB,SAAkC,CAAC,EAAa,GAEhF,CAAC,EADY,IAAI,IAAkBje,KAAKiW,aACRuK,YAAYtE,IACvD,KAAK,EACD8C,EAAYvZ,EAAGrD,OACfuc,EAAiB8B,YAAYzB,GAC7BvZ,EAAGtD,MAAQ,EACf,KAAK,EAOD,GANA8c,EAAgB/C,EAAQ+C,eAAiBjf,KAAK4c,OAAO8D,gBAAgBC,gBACrEhC,EAAiBiC,iBAAiB3B,KAC7B,eAAuB/C,EAAQzY,SAAWzD,KAAK4c,OAAOC,YAAYgE,oBAAsB7gB,KAAK4c,OAAOC,YAAYgE,mBAAmBngB,OAAS,IAC7Iie,EAAiBmC,UAAU5E,EAAQzY,OAAQzD,KAAK4c,OAAOC,YAAYgE,oBAEvE3B,OAAUtY,EACNsV,EAAQ7E,WACR,IACIA,GAAa,OAAgB6E,EAAQ7E,WAAYrX,KAAKiW,aACtDiJ,EAAU,CACNrQ,WAAY,GAAKwI,EAAWzS,IAAM,2BAAmCyS,EAAWxS,KAChF0Z,KAAM,qBAGd,MAAO/c,GACHxB,KAAKuY,OAAOE,QAAQ,+CAAiDjX,QAIzE0d,EAAUhD,EAAQ8B,cAGtB,GAAIhe,KAAK4c,OAAOmE,cAAcC,sBAAwB9B,EAClD,OAAQA,EAAQX,MACZ,KAAK,oBACD,IACIlH,GAAa,OAAiC6H,EAAQrQ,YACtD8P,EAAiBsC,UAAU5J,GAE/B,MAAO7V,GACHxB,KAAKuY,OAAOE,QAAQ,mDAAqDjX,GAE7E,MACJ,KAAK,QACDmd,EAAiBuC,UAAUhC,EAAQrQ,YAI/C,MAAO,CAAC,EAAc8P,EAAiBG,6BAS3D/C,EAAwBpc,UAAUwc,6BAA+B,SAAUD,GACvE,IAAIyC,EAAmB,IAAI,IAC3BA,EAAiBQ,YAAYnf,KAAK4c,OAAOC,YAAY3P,UACrD,IAAIiU,GAAgB,QAAejF,EAAQnJ,QAAU,GAAImJ,EAAQkF,sBAAwB,IACzFzC,EAAiBW,UAAU6B,GAE3BxC,EAAiBS,eAAelD,EAAQmD,aAExC,IAAIJ,EAAgB/C,EAAQ+C,eAAiBjf,KAAK4c,OAAO8D,gBAAgBC,gBAoBzE,GAnBAhC,EAAiBiC,iBAAiB3B,GAElCN,EAAiB0C,gBAAgBnF,EAAQoF,cAEzC3C,EAAiB4C,sBAEjB5C,EAAiBa,eAAexf,KAAK4c,OAAO6C,aAE5Cd,EAAiB4B,gBACbrE,EAAQsF,eAAiBtF,EAAQuF,qBACjC9C,EAAiB+C,uBAAuBxF,EAAQsF,cAAetF,EAAQuF,qBAEvEvF,EAAQyF,QACRhD,EAAiBiD,UAAU1F,EAAQyF,QAEnCzF,EAAQ2F,YACRlD,EAAiBmD,cAAc5F,EAAQ2F,YAGvC3F,EAAQyF,SAAW,oBAEnB,GAAIzF,EAAQ6F,KAAO7F,EAAQyF,SAAW,UAElC3hB,KAAKuY,OAAOE,QAAQ,yEACpBkG,EAAiBqD,OAAO9F,EAAQ6F,UAE/B,GAAI7F,EAAQ9N,QAAS,CACtB,IAAI6T,EAAajiB,KAAKkiB,kBAAkBhG,EAAQ9N,SAEhD,GAAI6T,GAAc/F,EAAQyF,SAAW,UAAkB,CAEnD3hB,KAAKuY,OAAOE,QAAQ,yEACpBkG,EAAiBqD,OAAOC,GACxB,IACI,IAAI5K,GAAa,OAAiC6E,EAAQ9N,QAAQ3J,eAClEka,EAAiBsC,UAAU5J,GAE/B,MAAO7V,GACHxB,KAAKuY,OAAOE,QAAQ,mDAAqDjX,SAG5E,GAAI0a,EAAQiG,UACbniB,KAAKuY,OAAOE,QAAQ,gEACpBkG,EAAiByD,aAAalG,EAAQiG,WACtCxD,EAAiBuC,UAAUhF,EAAQiG,gBAElC,GAAIjG,EAAQ9N,QAAQ2I,SAAU,CAE/B/W,KAAKuY,OAAOE,QAAQ,gEACpBkG,EAAiByD,aAAalG,EAAQ9N,QAAQ2I,UAC9C,IACQM,GAAa,OAAiC6E,EAAQ9N,QAAQ3J,eAClEka,EAAiBsC,UAAU5J,GAE/B,MAAO7V,GACHxB,KAAKuY,OAAOE,QAAQ,mDAAqDjX,UAI5E0a,EAAQiG,YACbniB,KAAKuY,OAAOE,QAAQ,4EACpBkG,EAAiByD,aAAalG,EAAQiG,WACtCxD,EAAiBuC,UAAUhF,EAAQiG,iBAIvCniB,KAAKuY,OAAOE,QAAQ,kFAcxB,OAZIyD,EAAQ/C,OACRwF,EAAiB0D,SAASnG,EAAQ/C,OAElC+C,EAAQoG,OACR3D,EAAiB4D,SAASrG,EAAQoG,SAEjC,YAAoBpG,EAAQzY,SAAWzD,KAAK4c,OAAOC,YAAYgE,oBAAsB7gB,KAAK4c,OAAOC,YAAYgE,mBAAmBngB,OAAS,IAC1Iie,EAAiBmC,UAAU5E,EAAQzY,OAAQzD,KAAK4c,OAAOC,YAAYgE,oBAEnE3E,EAAQsG,sBACR7D,EAAiBE,wBAAwB3C,EAAQsG,sBAE9C7D,EAAiBG,qBAM5B/C,EAAwBpc,UAAUge,2BAA6B,SAAUzB,GACrE,IAAIyC,EAAmB,IAAI,IAgB3B,OAfIzC,EAAQuG,uBACR9D,EAAiB+D,yBAAyBxG,EAAQuG,uBAElDvG,EAAQ+C,eACRN,EAAiBiC,iBAAiB1E,EAAQ+C,eAE1C/C,EAAQyG,aACRhE,EAAiBiE,eAAe1G,EAAQyG,aAExCzG,EAAQoG,OACR3D,EAAiB4D,SAASrG,EAAQoG,OAElCpG,EAAQsG,sBACR7D,EAAiBE,wBAAwB3C,EAAQsG,sBAE9C7D,EAAiBG,qBAM5B/C,EAAwBpc,UAAUuiB,kBAAoB,SAAU9T,GAC5D,OAAIA,EAAQJ,eACUI,EAAQJ,cACP+T,KAEhB,MAEJhG,EAzWiC,CA0W1C,gGCtXE8G,EAAgC,WAChC,SAASA,EAAejW,EAAevG,GACnCrG,KAAK4M,cAAgBA,EACrB5M,KAAKqG,aAAeA,EAqCxB,OA7BAwc,EAAeljB,UAAUmjB,gBAAkB,SAAUjF,EAAYY,EAAesE,GAC5E,OAAO,QAAU/iB,UAAM,OAAQ,GAAQ,WACnC,IAAI+E,EAAU+H,EACd,OAAO,QAAY9M,MAAM,SAAUyF,GAC/B,OAAQA,EAAGtD,OACP,KAAK,EACD6gB,EAAA,aAA2BhjB,KAAKqG,aAAcwX,GAC9CpY,EAAGtD,MAAQ,EACf,KAAK,EAED,OADAsD,EAAGpD,KAAKS,KAAK,CAAC,EAAG,EAAG,CAAE,IACf,CAAC,EAAa9C,KAAK4M,cAAcqW,qBAAqBxE,EAAesE,IAChF,KAAK,EAED,OADAhe,EAAWU,EAAGrD,OACP,CAAC,EAAa,GACzB,KAAK,EAED,MADA0K,EAAMrH,EAAGrD,kBACU8gB,EAAA,EACTpW,EAGAzE,EAAA,qBAAmCoW,EAAe3R,GAEhE,KAAK,EAED,OADAkW,EAAA,cAA4BhjB,KAAKqG,aAAcwX,EAAY9Y,GACpD,CAAC,EAAcA,WAKnC8d,EAxCwB,wDCQ/BM,EAA4B,WAC5B,SAASA,EAAWnH,GAEhBhc,KAAK4c,QAAS,OAAyBZ,GAEvChc,KAAKuY,OAAS,IAAI6K,EAAA,EAAOpjB,KAAK4c,OAAOyG,cAAe,IAAM,KAE1DrjB,KAAKiW,YAAcjW,KAAK4c,OAAO8D,gBAE/B1gB,KAAKqG,aAAerG,KAAK4c,OAAO0G,iBAEhCtjB,KAAK4M,cAAgB5M,KAAK4c,OAAO3X,iBAEjCjF,KAAKujB,eAAiB,IAAIV,EAAe7iB,KAAK4M,cAAe5M,KAAKqG,cAElErG,KAAK2f,uBAAyB3f,KAAK4c,OAAO+C,uBAE1C3f,KAAKoG,UAAYpG,KAAK4c,OAAOC,YAAYzW,UA4D7C,OAvDA+c,EAAWxjB,UAAU6e,0BAA4B,SAAUU,GACvD,IAAIhZ,EAAU,GAEd,GADAA,EAAQ,mBAA4BP,EAAA,0BAC/B3F,KAAK4c,OAAOmE,cAAcC,sBAAwB9B,EACnD,OAAQA,EAAQX,MACZ,KAAKiF,EAAA,kBACD,IACI,IAAInM,GAAa,OAAiC6H,EAAQrQ,YAC1D3I,EAAQ,iBAA0B,OAASmR,EAAWzS,IAAM,IAAMyS,EAAWxS,KAEjF,MAAOrD,GACHxB,KAAKuY,OAAOE,QAAQ,mDAAqDjX,GAE7E,MACJ,KAAKgiB,EAAA,MACDtd,EAAQ,iBAA0B,QAAUgZ,EAAQrQ,WAIhE,OAAO3I,GASXid,EAAWxjB,UAAU+e,2BAA6B,SAAUD,EAAepS,EAAanG,EAAS2X,GAC7F,OAAO,QAAU7d,UAAM,OAAQ,GAAQ,WACnC,IAAI+E,EACJ,OAAO,QAAY/E,MAAM,SAAUyF,GAC/B,OAAQA,EAAGtD,OACP,KAAK,EAAG,MAAO,CAAC,EAAanC,KAAKujB,eAAeT,gBAAgBjF,EAAYY,EAAe,CAAE3c,KAAMuK,EAAanG,QAASA,KAC1H,KAAK,EAMD,OALAnB,EAAWU,EAAGrD,OACVpC,KAAK4c,OAAO+C,wBAA0B5a,EAASa,OAAS,KAA2B,MAApBb,EAASa,QAExE5F,KAAK4c,OAAO+C,uBAAuB8D,sBAEhC,CAAC,EAAc1e,WAS1Coe,EAAWxjB,UAAU+jB,gBAAkB,SAAUC,GAC7C,IAAKA,EAAiB5b,oBAClB,MAAMM,EAAA,yCAAuD,2DAEjErI,KAAKoG,UAAYud,GAEdR,EA7EoB,gMCK3BS,EAAoC,SAAUtO,GAE9C,SAASsO,EAAmB5H,GACxB,OAAO1G,EAAOzV,KAAKG,KAAMgc,IAAkBhc,KAwL/C,OA1LA,QAAU4jB,EAAoBtO,GAI9BsO,EAAmBjkB,UAAU0c,aAAe,SAAUH,GAClD,OAAO,QAAUlc,UAAM,OAAQ,GAAQ,WACnC,IAAIuc,EAAcxX,EAAUyX,EAC5B,OAAO,QAAYxc,MAAM,SAAUyF,GAC/B,OAAQA,EAAGtD,OACP,KAAK,EAED,OADAoa,EAAe,iBACR,CAAC,EAAavc,KAAK2c,oBAAoBT,EAASlc,KAAKoG,YAChE,KAAK,EAID,OAHArB,EAAWU,EAAGrD,QACdoa,EAAkB,IAAI,IAAgBxc,KAAK4c,OAAOC,YAAY3P,SAAUlN,KAAKqG,aAAcrG,KAAKiW,YAAajW,KAAKuY,OAAQvY,KAAK4c,OAAOE,kBAAmB9c,KAAK4c,OAAOG,oBACrJC,sBAAsBjY,EAASjD,MACxC,CAAC,EAAc0a,EAAgBS,0BAA0BlY,EAASjD,KAAM9B,KAAKoG,UAAWmW,EAAcL,OAAStV,OAAWA,GAAW,YAShKgd,EAAmBjkB,UAAUkkB,2BAA6B,SAAU3H,GAChE,OAAO,QAAUlc,UAAM,OAAQ,GAAQ,WACnC,IAAY8jB,EAAmBC,EAC/B,OAAO,QAAY/jB,MAAM,SAAUyF,GAE/B,IAAKyW,EACD,MAAM,mCAGV,IAAKA,EAAQ9N,QACT,MAAM,0CAIV,GAFSpO,KAAKqG,aAAakO,kBAAkB2H,EAAQ9N,QAAQgB,YAAapP,KAAK4c,OAAOC,YAAY3P,UAG9F,IACI,MAAO,CAAC,EAAclN,KAAKgkB,mCAAmC9H,GAAS,IAE3E,MAAO1a,GAIH,GAHAsiB,EAAoBtiB,aAAa,KAAmBA,EAAEyiB,YAAc,4BACpEF,EAAkCviB,aAAa,KAAeA,EAAEyiB,YAAc,0BAA8BziB,EAAE0iB,WAAa,2BAEvHJ,GAAqBC,EACrB,MAAO,CAAC,EAAc/jB,KAAKgkB,mCAAmC9H,GAAS,IAIvE,MAAM1a,EAKlB,MAAO,CAAC,EAAcxB,KAAKgkB,mCAAmC9H,GAAS,WAQnF0H,EAAmBjkB,UAAUqkB,mCAAqC,SAAU9H,EAASiI,GACjF,OAAO,QAAUnkB,UAAM,OAAQ,GAAQ,WACnC,IAAIyO,EAAc2V,EAClB,OAAO,QAAYpkB,MAAM,SAAUyF,GAG/B,KAFAgJ,EAAezO,KAAKqG,aAAakN,0BAA0BvT,KAAK4c,OAAOC,YAAY3P,SAAUgP,EAAQ9N,QAAS+V,IAG1G,MAAM,+BAMV,OAJAC,GAAsB,SAAS,QAAS,GAAIlI,GAAU,CAAEzN,aAAcA,EAAaR,OAAQgQ,qBAAsB/B,EAAQ+B,sBAAwB,YAA6BD,cAAe,CACrLnP,WAAYqN,EAAQ9N,QAAQ3J,cAC5B8Z,KAAM,uBAEP,CAAC,EAAcve,KAAKqc,aAAa+H,WASpDR,EAAmBjkB,UAAUgd,oBAAsB,SAAUT,EAAS9V,GAClE,OAAO,QAAUpG,UAAM,OAAQ,GAAQ,WACnC,IAAI8d,EAAaC,EAAiB7X,EAAS2X,EAAY7V,EACvD,OAAO,QAAYhI,MAAM,SAAUyF,GAC/B,OAAQA,EAAGtD,OACP,KAAK,EAAG,MAAO,CAAC,EAAanC,KAAKqe,uBAAuBnC,IACzD,KAAK,EAcD,OAbA4B,EAAcrY,EAAGrD,OACjB2b,EAAkB/d,KAAKse,2BAA2BpC,GAClDhW,EAAUlG,KAAKwe,0BAA0BtC,EAAQ8B,eACjDH,EAAa,CACT3Q,SAAUlN,KAAK4c,OAAOC,YAAY3P,SAClC9G,UAAWA,EAAUG,mBACrBwM,OAAQmJ,EAAQnJ,OAChBkL,qBAAsB/B,EAAQ+B,qBAC9BC,sBAAuBhC,EAAQgC,sBAC/BC,mBAAoBjC,EAAQiC,mBAC5BC,UAAWlC,EAAQkC,WAEvBpW,EAAW,sBAA4B5B,EAAUqY,cAAeV,GACzD,CAAC,EAAc/d,KAAK0e,2BAA2B1W,EAAU8V,EAAa5X,EAAS2X,YAS1G+F,EAAmBjkB,UAAU2e,2BAA6B,SAAUpC,GAChE,IAAIyC,EAAmB,IAAI,IAI3B,OAHIzC,EAAQ0C,sBACRD,EAAiBE,wBAAwB3C,EAAQ0C,sBAE9CD,EAAiBG,qBAM5B8E,EAAmBjkB,UAAU0e,uBAAyB,SAAUnC,GAC5D,OAAO,QAAUlc,UAAM,OAAQ,GAAQ,WACnC,IAAI2e,EAAkBM,EAAeF,EAAiBsF,EAAmB5e,EAAI2E,EAAIiN,EACjF,OAAO,QAAYrX,MAAM,SAAUwX,GAC/B,OAAQA,EAAGrV,OACP,KAAK,EAsBD,OArBAwc,EAAmB,IAAI,KACNQ,YAAYnf,KAAK4c,OAAOC,YAAY3P,UACrDyR,EAAiBW,UAAUpD,EAAQnJ,QACnC4L,EAAiB2B,aAAa,0BAC9B3B,EAAiB4B,gBACjB5B,EAAiBa,eAAexf,KAAK4c,OAAO6C,aAC5Cd,EAAiBe,gBACb1f,KAAK2f,wBACLhB,EAAiBiB,mBAAmB5f,KAAK2f,wBAE7CV,EAAgB/C,EAAQ+C,eAAiBjf,KAAK4c,OAAO8D,gBAAgBC,gBACrEhC,EAAiBiC,iBAAiB3B,GAClCN,EAAiB2F,gBAAgBpI,EAAQzN,cACrCzO,KAAK4c,OAAOmD,kBAAkBC,cAC9BrB,EAAiBsB,gBAAgBjgB,KAAK4c,OAAOmD,kBAAkBC,cAE/DhgB,KAAK4c,OAAOmD,kBAAkBhB,kBAC9BA,EAAkB/e,KAAK4c,OAAOmD,kBAAkBhB,gBAChDJ,EAAiBuB,mBAAmBnB,EAAgBoB,WACpDxB,EAAiByB,uBAAuBrB,EAAgBsB,gBAEtDnE,EAAQ+B,uBAAyB,SAAkC,CAAC,EAAa,IACvFoG,EAAoB,IAAI,IAAkBrkB,KAAKiW,aAC/C7L,GAAM3E,EAAKkZ,GAAkB8B,YACtB,CAAC,EAAa4D,EAAkB7D,YAAYtE,KACvD,KAAK,EACD9R,EAAGzJ,MAAM8E,EAAI,CAAC+R,EAAGpV,SACjBoV,EAAGrV,MAAQ,EACf,KAAK,EAID,KAHK,eAAuB+Z,EAAQzY,SAAWzD,KAAK4c,OAAOC,YAAYgE,oBAAsB7gB,KAAK4c,OAAOC,YAAYgE,mBAAmBngB,OAAS,IAC7Iie,EAAiBmC,UAAU5E,EAAQzY,OAAQzD,KAAK4c,OAAOC,YAAYgE,oBAEnE7gB,KAAK4c,OAAOmE,cAAcC,sBAAwB9E,EAAQ8B,cAC1D,OAAQ9B,EAAQ8B,cAAcO,MAC1B,KAAK,oBACD,IACIlH,GAAa,OAAiC6E,EAAQ8B,cAAcnP,YACpE8P,EAAiBsC,UAAU5J,GAE/B,MAAO7V,GACHxB,KAAKuY,OAAOE,QAAQ,mDAAqDjX,GAE7E,MACJ,KAAK,QACDmd,EAAiBuC,UAAUhF,EAAQ8B,cAAcnP,YAI7D,MAAO,CAAC,EAAc8P,EAAiBG,6BAKpD8E,EA3L4B,CA4LrC,kKClMEW,EAAkC,SAAUjP,GAE5C,SAASiP,EAAiBvI,GACtB,OAAO1G,EAAOzV,KAAKG,KAAMgc,IAAkBhc,KA0G/C,OA5GA,QAAUukB,EAAkBjP,GAS5BiP,EAAiB5kB,UAAU0c,aAAe,SAAUH,GAChD,OAAO,QAAUlc,UAAM,OAAQ,GAAQ,WACnC,IAAI8M,EACJ,OAAO,QAAY9M,MAAM,SAAUyF,GAC/B,OAAQA,EAAGtD,OACP,KAAK,EAED,OADAsD,EAAGpD,KAAKS,KAAK,CAAC,EAAG,EAAG,CAAE,IACf,CAAC,EAAa9C,KAAKwkB,mBAAmBtI,IACjD,KAAK,EAAG,MAAO,CAAC,EAAczW,EAAGrD,QACjC,KAAK,EAED,IADA0K,EAAMrH,EAAGrD,kBACU,KAAmB0K,EAAImX,YAAc,8BAEpD,MAAO,CAAC,EADa,IAAI,IAAmBjkB,KAAK4c,QACRiH,2BAA2B3H,IAGpE,MAAMpP,EAEd,KAAK,EAAG,MAAO,CAAC,WAShCyX,EAAiB5kB,UAAU6kB,mBAAqB,SAAUtI,GACtD,IAAIzW,EAAI2E,EAAIoN,EAAIC,EAChB,OAAO,QAAUzX,UAAM,OAAQ,GAAQ,WACnC,IAAImhB,EAAe/R,EAAa4D,EAAY7E,EAC5C,OAAO,QAAYnO,MAAM,SAAU0X,GAC/B,OAAQA,EAAGvV,OACP,KAAK,EAED,IAAK+Z,EACD,MAAM,mCAGV,IAAKA,EAAQ9N,QACT,MAAM,0CAMV,GAJA+S,EAAgB,IAAI,IAASjF,EAAQnJ,QAAU,IAC/C3D,EAAc8M,EAAQ9V,WAAapG,KAAKoG,UAAU4F,oBAClDgH,EAAakJ,EAAQ+B,sBAAwB,YAC7C9P,EAAcnO,KAAKqG,aAAayM,gBAAgBoJ,EAAQ9N,QAASpO,KAAK4c,OAAOC,YAAY3P,SAAUiU,EAAe/R,EAAa4D,GAC3HkJ,EAAQuI,aAGR,MADuC,QAAtChf,EAAKzF,KAAK2f,8BAA2C,IAAPla,GAAyBA,EAAGif,gBAAgB,oBACrF,iCAEL,IAAKvW,EAAYI,YAGlB,MADuC,QAAtCnE,EAAKpK,KAAK2f,8BAA2C,IAAPvV,GAAyBA,EAAGsa,gBAAgB,6BACrF,iCAEL,GAAI,uBAA6BvW,EAAYI,YAAY8H,WAC1D,mBAAyBlI,EAAYI,YAAYwH,UAAW/V,KAAK4c,OAAOmE,cAAc4D,2BAGtF,MADuC,QAAtCnN,EAAKxX,KAAK2f,8BAA2C,IAAPnI,GAAyBA,EAAGkN,gBAAgB,kCACrF,iCAEL,GAAIvW,EAAYI,YAAY2H,WAAa,mBAAyB/H,EAAYI,YAAY2H,UAAW,GAGtG,MADuC,QAAtCuB,EAAKzX,KAAK2f,8BAA2C,IAAPlI,GAAyBA,EAAGiN,gBAAgB,kCACrF,iCAEL,IAAK,eAAuBxI,EAAQzY,QAErC,MAAM,iCAKV,OAHIzD,KAAK4c,OAAO+C,wBACZ3f,KAAK4c,OAAO+C,uBAAuBiF,qBAEhC,CAAC,EAAa5kB,KAAK6kB,8BAA8B1W,EAAa+N,IACzE,KAAK,EAAG,MAAO,CAAC,EAAcxE,EAAGtV,gBASjDmiB,EAAiB5kB,UAAUklB,8BAAgC,SAAU1W,EAAa+N,GAC9E,OAAO,QAAUlc,UAAM,OAAQ,GAAQ,WACnC,IAAI8kB,EACJ,OAAO,QAAY9kB,MAAM,SAAUyF,GAC/B,OAAQA,EAAGtD,OACP,KAAK,EAID,OAHIgM,EAAYL,UACZgX,EAAa,IAAI,IAAU3W,EAAYL,QAAQG,OAAQjO,KAAK4c,OAAO8D,kBAEhE,CAAC,EAAa,iCAA6C1gB,KAAKiW,YAAajW,KAAKoG,UAAW+H,GAAa,EAAM+N,EAAS4I,IACpI,KAAK,EAAG,MAAO,CAAC,EAAcrf,EAAGrD,gBAK1CmiB,EA7G0B,CA8GnC,8HChHEQ,EAAyB,CACzBJ,0BAFmC,IAGnC3D,sBAAsB,GAEtBgE,EAAgC,CAChCC,eAAgB,aAGhBC,mBAAmB,EACnBC,SAAU,SACVlG,cAAe,IAEfmG,EAAiC,CACjCpf,oBAAqB,WACjB,OAAO,QAAUhG,UAAM,OAAQ,GAAQ,WAEnC,OAAO,QAAYA,MAAM,SAAUyF,GAE/B,MAAM,0BADO,6EAKzBwd,qBAAsB,WAClB,OAAO,QAAUjjB,UAAM,OAAQ,GAAQ,WAEnC,OAAO,QAAYA,MAAM,SAAUyF,GAE/B,MAAM,0BADO,+EAMzB4f,EAAuB,CACvBC,IAAK,SACLvf,QAAS,IACTwf,IAAK,GACLC,GAAI,IAEJC,EAA6B,CAC7BzF,aAAc,GACdjB,qBAAiBnY,GASrB,SAAS8e,EAAyBjgB,GAC9B,IAoBsBoX,EApBlB8I,EAAkBlgB,EAAGoX,YAAa+I,EAAoBngB,EAAGsb,cAAe8E,EAAmBpgB,EAAG4d,cAAeyC,EAAwBrgB,EAAG6d,iBAAkByC,EAAwBtgB,EAAGR,iBAAkB+gB,EAAuBvgB,EAAGib,gBAAiBX,EAAoBta,EAAGsa,kBAAmBN,EAAcha,EAAGga,YAAaE,EAAyBla,EAAGka,uBAAwB5C,EAAoBtX,EAAGsX,kBAAmBD,EAAoBrX,EAAGqX,kBAC/auG,GAAgB,SAAS,QAAS,GAAI2B,GAAgCa,GAC1E,MAAO,CACHhJ,aAiBkBA,EAjBY8I,GAkB3B,QAAS,CAAE9E,mBAAoB,IAAMhE,IAjBxCkE,eAAe,SAAS,QAAS,GAAIgE,GAAyBa,GAC9DvC,cAAeA,EACfC,iBAAkBwC,GAAyB,IAAI,IAAoBH,EAAgBzY,SAAU,KAC7FjI,iBAAkB8gB,GAAyBX,EAC3C1E,gBAAiBsF,GAAwB,IACzCjG,kBAAmBA,GAAqB0F,EACxChG,aAAa,SAAS,QAAS,GAAI4F,GAAuB5F,GAC1DE,uBAAwBA,GAA0B,KAClD5C,kBAAmBA,GAAqB,KACxCD,kBAAmBA,GAAqB,iECtE5CmJ,EAAgC,CAChCtF,cAAe,WAEX,MAAM,0BADW,gEAGrB3c,aAAc,WAEV,MAAM,0BADW,+DAGrBkiB,aAAc,WAEV,MAAM,0BADW,+DAGrBC,kBAAmB,WACf,OAAO,QAAUnmB,UAAM,OAAQ,GAAQ,WAEnC,OAAO,QAAYA,MAAM,SAAUyF,GAE/B,MAAM,0BADO,0EAKzB2gB,uBAAwB,WACpB,OAAO,QAAUpmB,UAAM,OAAQ,GAAQ,WAEnC,OAAO,QAAYA,MAAM,SAAUyF,GAE/B,MAAM,0BADO,+EAKzBmN,sBAAuB,WACnB,OAAO,QAAU5S,UAAM,OAAQ,GAAQ,WAEnC,OAAO,QAAYA,MAAM,SAAUyF,GAE/B,MAAM,0BADO,8EAKzB4gB,cAAe,WACX,OAAO,QAAUrmB,UAAM,OAAQ,GAAQ,WAEnC,OAAO,QAAYA,MAAM,SAAUyF,GAE/B,MAAM,0BADO,sEAKzB6gB,QAAS,WACL,OAAO,QAAUtmB,UAAM,OAAQ,GAAQ,WAEnC,OAAO,QAAYA,MAAM,SAAUyF,GAE/B,MAAM,0BADO,uGClDzB8gB,yDACJ,SAAWA,GACPA,EAAgB,GAAI,KACpBA,EAAiB,IAAI,MAFzB,CAGGA,IAAgBA,EAAc,KACjC,IAAIC,EAAmC,WACnC,SAASA,EAAkBvQ,GACvBjW,KAAKiW,YAAcA,EA2DvB,OAzDAuQ,EAAkB7mB,UAAU6gB,YAAc,SAAUtE,GAChD,OAAO,QAAUlc,UAAM,OAAQ,GAAQ,WACnC,IAAIymB,EACJ,OAAO,QAAYzmB,MAAM,SAAUyF,GAC/B,OAAQA,EAAGtD,OACP,KAAK,EAAG,MAAO,CAAC,EAAanC,KAAK0mB,YAAYxK,IAC9C,KAAK,EAED,OADAuK,EAAShhB,EAAGrD,OACL,CAAC,EAAcpC,KAAKiW,YAAYiQ,aAAajiB,KAAK0iB,UAAUF,aAKvFD,EAAkB7mB,UAAU+mB,YAAc,SAAUxK,GAChD,OAAO,QAAUlc,UAAM,OAAQ,GAAQ,WAEnC,OAAO,QAAYA,MAAM,SAAUyF,GAC/B,OAAQA,EAAGtD,OACP,KAAK,EAAG,MAAO,CAAC,EAAanC,KAAKiW,YAAYmQ,uBAAuBlK,IACrE,KAAK,EAED,MAAO,CAAC,EAAc,CACdzJ,IAFQhN,EAAGrD,OAGXwkB,QAASL,EAAYM,aAMjDL,EAAkB7mB,UAAUmnB,aAAe,SAAUvY,EAAa2N,GAC9D,IAAIzW,EACJ,OAAO,QAAUzF,UAAM,OAAQ,GAAQ,WACnC,IAAIwW,EACJ,OAAO,QAAYxW,MAAM,SAAUoK,GAE/B,GADAoM,EAAc,uBAA6BjI,EAAavO,KAAKiW,eAC8B,QAApFxQ,EAAK+Q,MAAAA,OAAiD,EAASA,EAAYC,WAAwB,IAAPhR,OAAgB,EAASA,EAAGgN,KAC3H,MAAM,qCAEV,MAAO,CAAC,EAAczS,KAAK+mB,YAAYxY,EAAaiI,EAAYC,IAAIhE,IAAKyJ,WAIrFsK,EAAkB7mB,UAAUonB,YAAc,SAAUC,EAASvU,EAAKyJ,EAASzY,GACvE,OAAO,QAAUzD,UAAM,OAAQ,GAAQ,WACnC,IAAIke,EAAuBC,EAAoBC,EAAW6I,EAAmBC,EAC7E,OAAO,QAAYlnB,MAAM,SAAUyF,GAC/B,OAAQA,EAAGtD,OACP,KAAK,EAID,OAHA+b,EAAwBhC,EAAQgC,sBAAuBC,EAAqBjC,EAAQiC,mBAAoBC,EAAYlC,EAAQkC,UAC5H6I,EAAoB,EAAuB,IAAI,IAAU9I,QAAsBvX,EAC/EsgB,EAAwBD,MAAAA,OAA6D,EAASA,EAAkBpf,mBACzG,CAAC,EAAa7H,KAAKiW,YAAYqQ,SAAQ,QAAS,CAAEa,GAAIH,EAASI,GAAI,iBAAwBC,EAAGnJ,MAAAA,OAAqE,EAASA,EAAsBoJ,cAAeC,EAAGL,MAAAA,OAAqE,EAASA,EAAsBpf,gBAAiBqR,MAAOnZ,KAAKiW,YAAY0K,gBAAiBjhB,EAAGwnB,MAAAA,OAAqE,EAASA,EAAsBM,aAAcC,GAAIP,MAAAA,OAAqE,EAASA,EAAsBQ,aAAe,CAAC,GAAIR,EAAsBQ,kBAAe9gB,EAAW+gB,cAAevJ,QAAaxX,GAAanD,GAASgP,IAChtB,KAAK,EAAG,MAAO,CAAC,EAAchN,EAAGrD,gBAK1CokB,EA7D2B,6DCLlCoB,EAEU,mBAFVA,EAGU,sCAMV1E,EAA2B,SAAU5N,GAErC,SAAS4N,EAAUe,EAAW4D,EAAcC,GACxC,IAAIpc,EAAQ1L,KACR+nB,EAAcF,EAAe5D,EAAY,KAAO4D,EAAe5D,EAOnE,OANAvY,EAAQ4J,EAAOzV,KAAKG,KAAM+nB,IAAgB/nB,KAC1CV,OAAOC,eAAemM,EAAOwX,EAAUvjB,WACvC+L,EAAMuY,UAAYA,GAAa,kBAC/BvY,EAAMmc,aAAeA,GAAgB,GACrCnc,EAAMwY,SAAW4D,GAAY,GAC7Bpc,EAAMwL,KAAO,YACNxL,EAYX,OAtBA,QAAUwX,EAAW5N,GAYrB4N,EAAUvjB,UAAUqoB,iBAAmB,SAAU/I,GAC7Cjf,KAAKif,cAAgBA,GAMzBiE,EAAU+E,sBAAwB,SAAUC,GACxC,OAAO,IAAIhF,EAAU0E,EAAuCA,EAAwC,KAAOM,IAExGhF,EAvBmB,CAwB5BiF,yECjCEC,EAAyB,CACzBC,wBAAyB,CACrB3L,KAAM,6BACN4L,KAAM,+GAEVC,qBAAsB,CAClB7L,KAAM,0BACN4L,KAAM,mFAEVE,kBAAmB,CACf9L,KAAM,sBACN4L,KAAM,8EAEVG,iBAAkB,CACd/L,KAAM,sBACN4L,KAAM,oFAEVI,wBAAyB,CACrBhM,KAAM,6BACN4L,KAAM,2EAEVK,aAAc,CACVjM,KAAM,gBACN4L,KAAM,+EAEVM,6BAA8B,CAC1BlM,KAAM,sBACN4L,KAAM,+IAEVO,oBAAqB,CACjBnM,KAAM,wBACN4L,KAAM,uGAEVQ,mBAAoB,CAChBpM,KAAM,uBACN4L,KAAM,sFAEVS,kBAAmB,CACfrM,KAAM,gBACN4L,KAAM,6IAEVU,mBAAoB,CAChBtM,KAAM,iBACN4L,KAAM,iGAEVW,mBAAoB,CAChBvM,KAAM,kBACN4L,KAAM,mBAEVY,mBAAoB,CAChBxM,KAAM,iBACN4L,KAAM,wFAEVa,mBAAoB,CAChBzM,KAAM,kBACN4L,KAAM,mBAEVc,mBAAoB,CAChB1M,KAAM,kBACN4L,KAAM,oLAEVe,uBAAwB,CACpB3M,KAAM,2BACN4L,KAAM,qJAGVgB,yBAA0B,CACtB5M,KAAM,6BACN4L,KAAM,6HAEViB,4BAA6B,CACzB7M,KAAM,gCACN4L,KAAM,oIAEVkB,yBAA0B,CACtB9M,KAAM,yBACN4L,KAAM,6EAEVmB,sBAAuB,CACnB/M,KAAM,4BACN4L,KAAM,8FAEVoB,sBAAuB,CACnBhN,KAAM,4BACN4L,KAAM,gGAEVqB,oBAAqB,CACjBjN,KAAM,yBACN4L,KAAM,wCAEVsB,wBAAyB,CACrBlN,KAAM,uBACN4L,KAAM,6CAEVuB,2BAA4B,CACxBnN,KAAM,gCACN4L,KAAM,mHAEVwB,kBAAmB,CACfpN,KAAM,sBACN4L,KAAM,2BAEVyB,uBAAwB,CACpBrN,KAAM,4BACN4L,KAAM,oDAEV0B,yBAA0B,CACtBtN,KAAM,+BACN4L,KAAM,2FAEV2B,mBAAoB,CAChBvN,KAAM,uBACN4L,KAAM,8CAEV4B,wBAAyB,CACrBxN,KAAM,4BACN4L,KAAM,6DAEV6B,eAAgB,CACZzN,KAAM,mBACN4L,KAAM,4CAEV8B,iBAAkB,CACd1N,KAAM,sCACN4L,KAAM,iFAEV+B,YAAa,CACT3N,KAAM,mBACN4L,KAAM,6EAEVgC,iBAAkB,CACd5N,KAAM,qBACN4L,KAAM,sBAEViC,sBAAuB,CACnB7N,KAAM,0BACN4L,KAAM,4BAEVkC,yBAA0B,CACtB9N,KAAM,6BACN4L,KAAM,+BAEVmC,iBAAkB,CACd/N,KAAM,oBACN4L,KAAM,4FAEVoC,wBAAyB,CACrBhO,KAAM,4BACN4L,KAAM,kKAEVqC,qBAAsB,CAClBjO,KAAM,yBACN4L,KAAM,sOAEVsC,mBAAoB,CAChBlO,KAAM,uBACN4L,KAAM,wDAEVuC,oBAAqB,CACjBnO,KAAM,0CACN4L,KAAM,mEAEVwC,8BAA+B,CAC3BpO,KAAM,kDACN4L,KAAM,qEAEVyC,sBAAuB,CACnBrO,KAAM,2BACN4L,KAAM,mEAEV0C,2BAA4B,CACxBtO,KAAM,2BACN4L,KAAM,uGAEV2C,0BAA2B,CACvBvO,KAAM,0BACN4L,KAAM,gEAMVjgB,EAAiC,SAAUiN,GAE3C,SAASjN,EAAgB4b,EAAW4D,GAChC,IAAInc,EAAQ4J,EAAOzV,KAAKG,KAAMikB,EAAW4D,IAAiB7nB,KAG1D,OAFA0L,EAAMwL,KAAO,kBACb5X,OAAOC,eAAemM,EAAOrD,EAAgB1I,WACtC+L,EAkQX,OAvQA,QAAUrD,EAAiBiN,GAW3BjN,EAAgB6iB,8BAAgC,SAAUC,GACtD,OAAO,IAAI9iB,EAAgB+f,EAAuBC,wBAAwB3L,KAAM0L,EAAuBC,wBAAwBC,KAAO,uBAAyB6C,IAMnK9iB,EAAgB+iB,2BAA6B,WACzC,OAAO,IAAI/iB,EAAgB+f,EAAuBG,qBAAqB7L,KAAM,GAAK0L,EAAuBG,qBAAqBD,OAMlIjgB,EAAgBgjB,wBAA0B,SAAUC,GAChD,OAAO,IAAIjjB,EAAgB+f,EAAuBI,kBAAkB9L,KAAM0L,EAAuBI,kBAAkBF,KAAO,uBAAyBgD,IAMvJjjB,EAAgBkjB,4BAA8B,SAAUC,GACpD,OAAO,IAAInjB,EAAgB+f,EAAuBK,iBAAiB/L,KAAM0L,EAAuBK,iBAAiBH,KAAO,qBAAuBkD,IAKnJnjB,EAAgBojB,uCAAyC,SAAUC,GAC/D,OAAO,IAAIrjB,EAAgB+f,EAAuBM,wBAAwBhM,KAAM0L,EAAuBM,wBAAwBJ,KAAO,YAAcoD,IAKxJrjB,EAAgBsjB,mBAAqB,SAAU3jB,EAAU0jB,GACrD,OAAO,IAAIrjB,EAAgB+f,EAAuBO,aAAajM,KAAM0L,EAAuBO,aAAaL,KAAO,0BAA4BoD,EAAY,0BAA4B1jB,EAASrD,MAAM,KAAK,KAK5M0D,EAAgBujB,mCAAqC,SAAUF,GAC3D,OAAO,IAAIrjB,EAAgB+f,EAAuBQ,6BAA6BlM,KAAM0L,EAAuBQ,6BAA6BN,KAAO,0CAA4CoD,IAMhMrjB,EAAgBwjB,+BAAiC,SAAUC,GACvD,OAAO,IAAIzjB,EAAgB+f,EAAuBS,oBAAoBnM,KAAM0L,EAAuBS,oBAAoBP,KAAO,kBAAoBwD,IAMtJzjB,EAAgB0jB,wBAA0B,SAAUC,EAAcjE,GAC9D,OAAO,IAAI1f,EAAgB+f,EAAuBW,kBAAkBrM,KAAM0L,EAAuBW,kBAAkBT,KAAO,mBAAqB0D,EAAe,eAAiBjE,IAKnL1f,EAAgB4jB,yBAA2B,WACvC,OAAO,IAAI5jB,EAAgB+f,EAAuBY,mBAAmBtM,KAAM0L,EAAuBY,mBAAmBV,OAMzHjgB,EAAgB6jB,yBAA2B,SAAUC,GACjD,OAAO,IAAI9jB,EAAgB+f,EAAuBa,mBAAmBvM,KAAM0L,EAAuBa,mBAAmBX,KAAO,MAAQ6D,IAKxI9jB,EAAgB+jB,yBAA2B,WACvC,OAAO,IAAI/jB,EAAgB+f,EAAuBc,mBAAmBxM,KAAM0L,EAAuBc,mBAAmBZ,OAMzHjgB,EAAgBgkB,yBAA2B,SAAUC,GACjD,OAAO,IAAIjkB,EAAgB+f,EAAuBe,mBAAmBzM,KAAM0L,EAAuBe,mBAAmBb,KAAO,MAAQgE,IAKxIjkB,EAAgBkkB,yBAA2B,WACvC,OAAO,IAAIlkB,EAAgB+f,EAAuBgB,mBAAmB1M,KAAM0L,EAAuBgB,mBAAmBd,OAKzHjgB,EAAgBmkB,yCAA2C,WACvD,OAAO,IAAInkB,EAAgB+f,EAAuBiB,uBAAuB3M,KAAM0L,EAAuBiB,uBAAuBf,KAAO,MAKxIjgB,EAAgBokB,2CAA6C,WACzD,OAAO,IAAIpkB,EAAgB+f,EAAuBkB,yBAAyB5M,KAAM0L,EAAuBkB,yBAAyBhB,OAKrIjgB,EAAgBqkB,8CAAgD,WAC5D,OAAO,IAAIrkB,EAAgB+f,EAAuBmB,4BAA4B7M,KAAM0L,EAAuBmB,4BAA4BjB,OAK3IjgB,EAAgBskB,oCAAsC,WAClD,OAAO,IAAItkB,EAAgB+f,EAAuBoB,yBAAyB9M,KAAM0L,EAAuBoB,yBAAyBlB,OAMrIjgB,EAAgBukB,iCAAmC,SAAUC,GACzD,OAAO,IAAIxkB,EAAgB+f,EAAuBqB,sBAAsB/M,KAAM0L,EAAuBqB,sBAAsBnB,KAAO,iBAAmBuE,IAMzJxkB,EAAgBykB,mCAAqC,SAAUD,GAC3D,OAAO,IAAIxkB,EAAgB+f,EAAuBsB,sBAAsBhN,KAAM0L,EAAuBsB,sBAAsBpB,KAAO,iBAAmBuE,IAMzJxkB,EAAgB0kB,0BAA4B,SAAUC,GAClD,OAAO,IAAI3kB,EAAgB+f,EAAuBuB,oBAAoBjN,KAAM0L,EAAuBuB,oBAAoBrB,KAAO,kBAAoB0E,IAMtJ3kB,EAAgB4kB,8BAAgC,WAC5C,OAAO,IAAI5kB,EAAgB+f,EAAuBwB,wBAAwBlN,KAAM,GAAK0L,EAAuBwB,wBAAwBtB,OAKxIjgB,EAAgB6kB,+BAAiC,WAC7C,OAAO,IAAI7kB,EAAgB+f,EAAuByB,2BAA2BnN,KAAM,GAAK0L,EAAuByB,2BAA2BvB,OAK9IjgB,EAAgB8kB,6BAA+B,WAC3C,OAAO,IAAI9kB,EAAgB+f,EAAuB0B,kBAAkBpN,KAAM,GAAK0L,EAAuB0B,kBAAkBxB,OAK5HjgB,EAAgB+kB,6BAA+B,WAC3C,OAAO,IAAI/kB,EAAgB+f,EAAuB2B,uBAAuBrN,KAAM,GAAK0L,EAAuB2B,uBAAuBzB,OAKtIjgB,EAAgBglB,oCAAsC,WAClD,OAAO,IAAIhlB,EAAgB+f,EAAuB4B,yBAAyBtN,KAAM,GAAK0L,EAAuB4B,yBAAyB1B,OAK1IjgB,EAAgBilB,iCAAmC,WAC/C,OAAO,IAAIjlB,EAAgB+f,EAAuB6B,mBAAmBvN,KAAM0L,EAAuB6B,mBAAmB3B,OAKzHjgB,EAAgBklB,mCAAqC,WACjD,OAAO,IAAIllB,EAAgB+f,EAAuB8B,wBAAwBxN,KAAM0L,EAAuB8B,wBAAwB5B,OAKnIjgB,EAAgBmlB,0BAA4B,WACxC,OAAO,IAAInlB,EAAgB+f,EAAuB+B,eAAezN,KAAM0L,EAAuB+B,eAAe7B,OAKjHjgB,EAAgBolB,uBAAyB,WACrC,OAAO,IAAIplB,EAAgB+f,EAAuBgC,iBAAiB1N,KAAM,GAAK0L,EAAuBgC,iBAAiB9B,OAM1HjgB,EAAgBqlB,0BAA4B,SAAUC,GAClD,OAAO,IAAItlB,EAAgB+f,EAAuBiC,YAAY3N,KAAM,GAAK0L,EAAuBiC,YAAY/B,KAAOqF,IAKvHtlB,EAAgBulB,4BAA8B,WAC1C,OAAO,IAAIvlB,EAAgB+f,EAAuBkC,iBAAiB5N,KAAM,GAAK0L,EAAuBkC,iBAAiBhC,OAK1HjgB,EAAgBwlB,iCAAmC,WAC/C,OAAO,IAAIxlB,EAAgB+f,EAAuBmC,sBAAsB7N,KAAM,GAAK0L,EAAuBmC,sBAAsBjC,OAKpIjgB,EAAgBylB,oCAAsC,WAClD,OAAO,IAAIzlB,EAAgB+f,EAAuBoC,yBAAyB9N,KAAM,GAAK0L,EAAuBoC,yBAAyBlC,OAK1IjgB,EAAgB0lB,4BAA8B,WAC1C,OAAO,IAAI1lB,EAAgB+f,EAAuBqC,iBAAiB/N,KAAM,GAAK0L,EAAuBqC,iBAAiBnC,OAK1HjgB,EAAgB2lB,6BAA+B,WAC3C,OAAO,IAAI3lB,EAAgB+f,EAAuBsC,wBAAwBhO,KAAM,GAAK0L,EAAuBsC,wBAAwBpC,OAKxIjgB,EAAgB4lB,2BAA6B,WACzC,OAAO,IAAI5lB,EAAgB+f,EAAuBuC,qBAAqBjO,KAAM0L,EAAuBuC,qBAAqBrC,OAK7HjgB,EAAgB6lB,8BAAgC,WAC5C,OAAO,IAAI7lB,EAAgB+f,EAAuBwC,mBAAmBlO,KAAM0L,EAAuBwC,mBAAmBtC,OAKzHjgB,EAAgB8lB,+BAAiC,WAC7C,OAAO,IAAI9lB,EAAgB+f,EAAuByC,oBAAoBnO,KAAM0L,EAAuByC,oBAAoBvC,OAK3HjgB,EAAgB+lB,sCAAwC,WACpD,OAAO,IAAI/lB,EAAgB+f,EAAuB0C,8BAA8BpO,KAAM0L,EAAuB0C,8BAA8BxC,OAE/IjgB,EAAgBgmB,gCAAkC,WAC9C,OAAO,IAAIhmB,EAAgB+f,EAAuB6C,0BAA0BvO,KAAM0L,EAAuB6C,0BAA0B3C,OAEhIjgB,EAxQyB,CAyQlC,gEC/bEimB,EAEU,qBAFVA,EAGU,mEAHVA,EAMU,wBANVA,EAOU,2CAPVA,EAUU,+BAVVA,EAWU,mDAXVA,EAcU,yBAdVA,EAeU,4NAfVA,EAkBU,kBAlBVA,EAmBU,qDAnBVA,EAsBU,kBAtBVA,EAuBU,yBAvBVA,EA0BU,2BA1BVA,EA2BU,iHA3BVA,EAkCU,8BAlCVA,EAmCU,oDAnCVA,EAsCU,uBAtCVA,EAuCU,+QAvCVA,EA0CU,iBA1CVA,EA2CU,4DA3CVA,EA8CU,sBA9CVA,EA+CU,kDA/CVA,EAkDU,uBAlDVA,EAmDU,4CAnDVA,EAsDU,gCAtDVA,EAuDU,gFAvDVA,EA0DU,sBA1DVA,EA2DU,sGA3DVA,EA8DU,mCA9DVA,EA+DU,0HA/DVA,EAkEU,6BAlEVA,EAmEU,oJAnEVA,EAsEU,sBAtEVA,EAuEU,6HAMVxjB,EAA0C,SAAUwK,GAEpD,SAASxK,EAAyBmZ,EAAW4D,GACzC,IAAInc,EAAQ4J,EAAOzV,KAAKG,KAAMikB,EAAW4D,IAAiB7nB,KAG1D,OAFA0L,EAAMwL,KAAO,2BACb5X,OAAOC,eAAemM,EAAOZ,EAAyBnL,WAC/C+L,EA8GX,OAnHA,QAAUZ,EAA0BwK,GAUpCxK,EAAyByjB,4BAA8B,WACnD,OAAO,IAAIzjB,EAAyBwjB,EAAwDA,IAKhGxjB,EAAyB0jB,sCAAwC,WAC7D,OAAO,IAAI1jB,EAAyBwjB,EAA0DA,IAKlGxjB,EAAyB2jB,gCAAkC,SAAUC,GACjE,OAAO,IAAI5jB,EAAyBwjB,EAAgEA,EAAiE,iBAAmBI,IAM5L5jB,EAAyB6jB,gCAAkC,SAAUnnB,GACjE,OAAO,IAAIsD,EAAyBwjB,EAA2DA,EAA4D,eAAiB9mB,IAMhLsD,EAAyB8jB,oBAAsB,SAAUC,GACrD,OAAO,IAAI/jB,EAAyBwjB,EAAoDA,EAAqD,iBAAmBO,IAMpK/jB,EAAyBgkB,oBAAsB,WAC3C,OAAO,IAAIhkB,EAAyBwjB,EAAoDA,IAM5FxjB,EAAyBikB,4BAA8B,WACnD,OAAO,IAAIjkB,EAAyBwjB,EAAuD,GAAKA,IAMpGxjB,EAAyBkkB,+BAAiC,SAAUC,GAChE,OAAO,IAAInkB,EAAyBwjB,EAA+DA,EAAgE,kBAAoBW,IAM3LnkB,EAAyBokB,yBAA2B,SAAUC,GAC1D,OAAO,IAAIrkB,EAAyBwjB,EAAoDA,EAAqD,iBAAmBa,IAKpKrkB,EAAyBskB,gCAAkC,WACvD,OAAO,IAAItkB,EAAyBwjB,EAA2DA,IAKnGxjB,EAAyBukB,8BAAgC,WACrD,OAAO,IAAIvkB,EAAyBwjB,EAA8DA,IAKtGxjB,EAAyBwkB,6BAA+B,WACpD,OAAO,IAAIxkB,EAAyBwjB,EAA6DA,IAKrGxjB,EAAyBykB,sCAAwC,WAC7D,OAAO,IAAIzkB,EAAyBwjB,EAAiEA,IAKzGxjB,EAAyB0kB,sCAAwC,WAC7D,OAAO,IAAI1kB,EAAyBwjB,EAAiEA,IAKzGxjB,EAAyB2kB,yCAA2C,WAChE,OAAO,IAAI3kB,EAAyBwjB,EAAoEA,IAK5GxjB,EAAyB4kB,oCAAsC,WAC3D,OAAO,IAAI5kB,EAAyBwjB,EAA+DA,IAKvGxjB,EAAyB6kB,8BAAgC,WACrD,OAAO,IAAI7kB,EAAyBwjB,EAAyDA,IAE1FxjB,EApHkC,CAqH3C,iEClME8kB,EAAsC,CACtC,uBACA,mBACA,kBAEAC,EAAyC,CACzC,eACA,oBACA,eACA,wBACA,oBAKAC,EAA8C,SAAUxa,GAExD,SAASwa,EAA6B7L,EAAW4D,EAAc3D,GAC3D,IAAIxY,EAAQ4J,EAAOzV,KAAKG,KAAMikB,EAAW4D,EAAc3D,IAAalkB,KAGpE,OAFA0L,EAAMwL,KAAO,+BACb5X,OAAOC,eAAemM,EAAOokB,EAA6BnwB,WACnD+L,EAUX,OAfA,QAAUokB,EAA8Bxa,GAOxCwa,EAA6BC,2BAA6B,SAAU9L,EAAW8D,EAAa7D,GACxF,IAAI8L,IAAmC/L,GAAa2L,EAAoC7jB,QAAQkY,IAAc,EAC1GgM,IAAkC/L,GAAY2L,EAAuC9jB,QAAQmY,IAAa,EAC1GgM,IAAmCnI,GAAe6H,EAAoCO,MAAK,SAAUC,GACrG,OAAOrI,EAAYhc,QAAQqkB,IAAgB,KAE/C,OAAOJ,GAAkCE,GAAkCD,GAExEH,EAhBsC,CAiB/C,qDChCEO,EAA6B,SAAU/a,GAEvC,SAAS+a,EAAYpM,EAAW4D,EAAc3D,GAC1C,IAAIxY,EAAQ4J,EAAOzV,KAAKG,KAAMikB,EAAW4D,EAAc3D,IAAalkB,KAGpE,OAFA0L,EAAMwL,KAAO,cACb5X,OAAOC,eAAemM,EAAO2kB,EAAY1wB,WAClC+L,EAEX,OAPA,QAAU2kB,EAAa/a,GAOhB+a,EARqB,SAS9B,iDCTEC,yBACJ,SAAWA,GACPA,EAASA,EAAgB,MAAI,GAAK,QAClCA,EAASA,EAAkB,QAAI,GAAK,UACpCA,EAASA,EAAe,KAAI,GAAK,OACjCA,EAASA,EAAkB,QAAI,GAAK,UACpCA,EAASA,EAAgB,MAAI,GAAK,QALtC,CAMGA,IAAaA,EAAW,KAI3B,IAAIlN,EAAwB,WACxB,SAASA,EAAOC,EAAekN,EAAaC,GAExCxwB,KAAKywB,MAAQH,EAASI,KAItB1wB,KAAK2wB,cAAgBtN,EAAc4B,gBAHP,aAI5BjlB,KAAKklB,kBAAoB7B,EAAc6B,oBAAqB,EAC5DllB,KAAKywB,MAA4C,iBAA5BpN,EAAsB,SAAiBA,EAAc8B,SAAWmL,EAASI,KAC9F1wB,KAAKif,cAAgBoE,EAAcpE,eAAiB,GACpDjf,KAAKuwB,YAAcA,GAAe,kBAClCvwB,KAAKwwB,eAAiBA,GAAkB,kBAiJ5C,OA5IApN,EAAOzjB,UAAUixB,MAAQ,SAAUL,EAAaC,EAAgBvR,GAC5D,OAAO,IAAImE,EAAO,CAAE6B,eAAgBjlB,KAAK2wB,cAAezL,kBAAmBllB,KAAKklB,kBAAmBC,SAAUnlB,KAAKywB,MAAOxR,cAAeA,GAAiBjf,KAAKif,eAAiBsR,EAAaC,IAKhMpN,EAAOzjB,UAAUkxB,WAAa,SAAUA,EAAY9N,GAChD,KAAKA,EAAQoC,SAAWnlB,KAAKywB,QAAYzwB,KAAKklB,mBAAqBnC,EAAQ+N,aAA3E,CAGA,IAAIC,GAAY,IAAIC,MAAOC,cAYvBC,GATC,YAAoBnO,EAAQ9D,eAGvB,YAAoBjf,KAAKif,eAInB,IAAM8R,EAAY,IAHlB,IAAMA,EAAY,QAAU/wB,KAAKif,cAAgB,IAHjD,IAAM8R,EAAY,QAAUhO,EAAQ9D,cAAgB,KAQ9C,MAAQjf,KAAKuwB,YAAc,IAAMvwB,KAAKwwB,eAAiB,MAAQF,EAASvN,EAAQoC,UAAY,MAAQ0L,EAE1H7wB,KAAKmxB,gBAAgBpO,EAAQoC,SAAU+L,EAAKnO,EAAQ+N,cAAe,KAKvE1N,EAAOzjB,UAAUwxB,gBAAkB,SAAUV,EAAOW,EAASN,GACrD9wB,KAAK2wB,eACL3wB,KAAK2wB,cAAcF,EAAOW,EAASN,IAM3C1N,EAAOzjB,UAAU0xB,MAAQ,SAAUD,EAASnS,GACxCjf,KAAK6wB,WAAWO,EAAS,CACrBjM,SAAUmL,EAASnI,MACnB2I,aAAa,EACb7R,cAAeA,GAAiB,MAMxCmE,EAAOzjB,UAAU2xB,SAAW,SAAUF,EAASnS,GAC3Cjf,KAAK6wB,WAAWO,EAAS,CACrBjM,SAAUmL,EAASnI,MACnB2I,aAAa,EACb7R,cAAeA,GAAiB,MAMxCmE,EAAOzjB,UAAU4xB,QAAU,SAAUH,EAASnS,GAC1Cjf,KAAK6wB,WAAWO,EAAS,CACrBjM,SAAUmL,EAASkB,QACnBV,aAAa,EACb7R,cAAeA,GAAiB,MAMxCmE,EAAOzjB,UAAU8xB,WAAa,SAAUL,EAASnS,GAC7Cjf,KAAK6wB,WAAWO,EAAS,CACrBjM,SAAUmL,EAASkB,QACnBV,aAAa,EACb7R,cAAeA,GAAiB,MAMxCmE,EAAOzjB,UAAU8c,KAAO,SAAU2U,EAASnS,GACvCjf,KAAK6wB,WAAWO,EAAS,CACrBjM,SAAUmL,EAASI,KACnBI,aAAa,EACb7R,cAAeA,GAAiB,MAMxCmE,EAAOzjB,UAAU+xB,QAAU,SAAUN,EAASnS,GAC1Cjf,KAAK6wB,WAAWO,EAAS,CACrBjM,SAAUmL,EAASI,KACnBI,aAAa,EACb7R,cAAeA,GAAiB,MAMxCmE,EAAOzjB,UAAU8Y,QAAU,SAAU2Y,EAASnS,GAC1Cjf,KAAK6wB,WAAWO,EAAS,CACrBjM,SAAUmL,EAASqB,QACnBb,aAAa,EACb7R,cAAeA,GAAiB,MAMxCmE,EAAOzjB,UAAUiyB,WAAa,SAAUR,EAASnS,GAC7Cjf,KAAK6wB,WAAWO,EAAS,CACrBjM,SAAUmL,EAASqB,QACnBb,aAAa,EACb7R,cAAeA,GAAiB,MAMxCmE,EAAOzjB,UAAUkyB,MAAQ,SAAUT,EAASnS,GACxCjf,KAAK6wB,WAAWO,EAAS,CACrBjM,SAAUmL,EAASwB,MACnBhB,aAAa,EACb7R,cAAeA,GAAiB,MAMxCmE,EAAOzjB,UAAUoyB,SAAW,SAAUX,EAASnS,GAC3Cjf,KAAK6wB,WAAWO,EAAS,CACrBjM,SAAUmL,EAASwB,MACnBhB,aAAa,EACb7R,cAAeA,GAAiB,MAMxCmE,EAAOzjB,UAAUqyB,oBAAsB,WACnC,OAAOhyB,KAAKklB,oBAAqB,GAE9B9B,EA7JgB,mDCfvB6O,EAAuB,CACvBjsB,oBAAqB,WAEjB,OAAO/E,QAAQE,OAAO,0BADL,mGAGrB8hB,qBAAsB,WAElB,OAAOhiB,QAAQE,OAAO,0BADL,iKCLrB6hB,EAAiC,WACjC,SAASA,KAoFT,OA9EAA,EAAgBkP,6BAA+B,SAAUrU,GACrD,OAAO,uBAAwC,IAAM5Z,KAAK0iB,UAAU9I,IAOxEmF,EAAgBmP,WAAa,SAAU9rB,EAAcwX,GACjD,IAAIpY,EACAgK,EAAMuT,EAAgBkP,6BAA6BrU,GACnDxc,EAAQgF,EAAaqP,mBAAmBjG,GAC5C,GAAIpO,EAAO,CACP,GAAIA,EAAM+wB,aAAepB,KAAKqB,MAE1B,YADAhsB,EAAakL,WAAW9B,EAAK,iBAGjC,MAAM,IAAI,KAAyC,QAA3BhK,EAAKpE,EAAMixB,kBAA+B,IAAP7sB,OAAgB,EAASA,EAAGmR,KAAK,OAAS,kBAAwBvV,EAAMwmB,aAAcxmB,EAAM6iB,YAS/JlB,EAAgBuP,YAAc,SAAUlsB,EAAcwX,EAAY9Y,GAC9D,GAAIie,EAAgBwP,oBAAoBztB,IAAaie,EAAgByP,2BAA2B1tB,GAAW,CACvG,IAAI2tB,EAAkB,CAClBN,aAAcpP,EAAgB2P,sBAAsBC,SAAS7tB,EAASmB,QAAQ,oBAC9EmrB,MAAOtsB,EAASjD,KAAKuvB,MACrBiB,WAAYvtB,EAASjD,KAAK+wB,YAC1BhL,aAAc9iB,EAASjD,KAAKgxB,kBAC5B5O,SAAUnf,EAASjD,KAAKgmB,UAE5BzhB,EAAaoP,mBAAmBuN,EAAgBkP,6BAA6BrU,GAAa6U,KAOlG1P,EAAgBwP,oBAAsB,SAAUztB,GAC5C,OAA2B,MAApBA,EAASa,QAAkBb,EAASa,QAAU,KAAOb,EAASa,OAAS,KAMlFod,EAAgByP,2BAA6B,SAAU1tB,GACnD,QAAIA,EAASmB,SACFnB,EAASmB,QAAQtG,eAAe,oBAA6BmF,EAASa,OAAS,KAAOb,EAASa,QAAU,MAQxHod,EAAgB2P,sBAAwB,SAAUP,GAC9C,IAAIW,EAAOX,GAAgB,EAAI,EAAIA,EAC/BY,EAAiBhC,KAAKqB,MAAQ,IAClC,OAAOY,KAAKC,MAAuK,IAAjKD,KAAKE,IAAIH,GAAkBD,GAAQ,oCAAoDC,EAAiB,0CAE9HhQ,EAAgBoQ,eAAiB,SAAU/sB,EAAc6G,EAAUgP,EAASmX,GACxE,IAAIxV,EAAa,CACb3Q,SAAUA,EACV9G,UAAW8V,EAAQ9V,UACnB2M,OAAQmJ,EAAQnJ,OAChBsgB,sBAAuBA,EACvBpV,qBAAsB/B,EAAQ+B,qBAC9BC,sBAAuBhC,EAAQgC,sBAC/BC,mBAAoBjC,EAAQiC,mBAC5BC,UAAWlC,EAAQkC,WAEnB3O,EAAMzP,KAAKkyB,6BAA6BrU,GAC5C,OAAOxX,EAAakL,WAAW9B,EAAK,kBAEjCuT,EArFyB","sources":["webpack://landing-page/./.yarn/cache/@azure-msal-common-npm-5.0.0-590107997b-1769c8f8a4.zip/node_modules/@azure/msal-common/dist/_virtual/_tslib.js","webpack://landing-page/./.yarn/cache/@azure-msal-common-npm-5.0.0-590107997b-1769c8f8a4.zip/node_modules/@azure/msal-common/dist/account/AuthToken.js","webpack://landing-page/./.yarn/cache/@azure-msal-common-npm-5.0.0-590107997b-1769c8f8a4.zip/node_modules/@azure/msal-common/dist/account/CcsCredential.js","webpack://landing-page/./.yarn/cache/@azure-msal-common-npm-5.0.0-590107997b-1769c8f8a4.zip/node_modules/@azure/msal-common/dist/account/ClientInfo.js","webpack://landing-page/./.yarn/cache/@azure-msal-common-npm-5.0.0-590107997b-1769c8f8a4.zip/node_modules/@azure/msal-common/dist/authority/OpenIdConfigResponse.js","webpack://landing-page/./.yarn/cache/@azure-msal-common-npm-5.0.0-590107997b-1769c8f8a4.zip/node_modules/@azure/msal-common/dist/authority/RegionDiscovery.js","webpack://landing-page/./.yarn/cache/@azure-msal-common-npm-5.0.0-590107997b-1769c8f8a4.zip/node_modules/@azure/msal-common/dist/authority/Authority.js","webpack://landing-page/./.yarn/cache/@azure-msal-common-npm-5.0.0-590107997b-1769c8f8a4.zip/node_modules/@azure/msal-common/dist/authority/CloudInstanceDiscoveryResponse.js","webpack://landing-page/./.yarn/cache/@azure-msal-common-npm-5.0.0-590107997b-1769c8f8a4.zip/node_modules/@azure/msal-common/dist/authority/AuthorityFactory.js","webpack://landing-page/./.yarn/cache/@azure-msal-common-npm-5.0.0-590107997b-1769c8f8a4.zip/node_modules/@azure/msal-common/dist/authority/AuthorityType.js","webpack://landing-page/./.yarn/cache/@azure-msal-common-npm-5.0.0-590107997b-1769c8f8a4.zip/node_modules/@azure/msal-common/dist/authority/ProtocolMode.js","webpack://landing-page/./.yarn/cache/@azure-msal-common-npm-5.0.0-590107997b-1769c8f8a4.zip/node_modules/@azure/msal-common/dist/cache/CacheManager.js","webpack://landing-page/./.yarn/cache/@azure-msal-common-npm-5.0.0-590107997b-1769c8f8a4.zip/node_modules/@azure/msal-common/dist/cache/entities/AccessTokenEntity.js","webpack://landing-page/./.yarn/cache/@azure-msal-common-npm-5.0.0-590107997b-1769c8f8a4.zip/node_modules/@azure/msal-common/dist/cache/entities/AccountEntity.js","webpack://landing-page/./.yarn/cache/@azure-msal-common-npm-5.0.0-590107997b-1769c8f8a4.zip/node_modules/@azure/msal-common/dist/cache/entities/AppMetadataEntity.js","webpack://landing-page/./.yarn/cache/@azure-msal-common-npm-5.0.0-590107997b-1769c8f8a4.zip/node_modules/@azure/msal-common/dist/cache/entities/AuthorityMetadataEntity.js","webpack://landing-page/./.yarn/cache/@azure-msal-common-npm-5.0.0-590107997b-1769c8f8a4.zip/node_modules/@azure/msal-common/dist/cache/entities/CacheRecord.js","webpack://landing-page/./.yarn/cache/@azure-msal-common-npm-5.0.0-590107997b-1769c8f8a4.zip/node_modules/@azure/msal-common/dist/cache/entities/CredentialEntity.js","webpack://landing-page/./.yarn/cache/@azure-msal-common-npm-5.0.0-590107997b-1769c8f8a4.zip/node_modules/@azure/msal-common/dist/cache/entities/IdTokenEntity.js","webpack://landing-page/./.yarn/cache/@azure-msal-common-npm-5.0.0-590107997b-1769c8f8a4.zip/node_modules/@azure/msal-common/dist/cache/entities/RefreshTokenEntity.js","webpack://landing-page/./.yarn/cache/@azure-msal-common-npm-5.0.0-590107997b-1769c8f8a4.zip/node_modules/@azure/msal-common/dist/cache/entities/ServerTelemetryEntity.js","webpack://landing-page/./.yarn/cache/@azure-msal-common-npm-5.0.0-590107997b-1769c8f8a4.zip/node_modules/@azure/msal-common/dist/cache/entities/ThrottlingEntity.js","webpack://landing-page/./.yarn/cache/@azure-msal-common-npm-5.0.0-590107997b-1769c8f8a4.zip/node_modules/@azure/msal-common/dist/cache/persistence/TokenCacheContext.js","webpack://landing-page/./.yarn/cache/@azure-msal-common-npm-5.0.0-590107997b-1769c8f8a4.zip/node_modules/@azure/msal-common/dist/client/AuthorizationCodeClient.js","webpack://landing-page/./.yarn/cache/@azure-msal-common-npm-5.0.0-590107997b-1769c8f8a4.zip/node_modules/@azure/msal-common/dist/network/NetworkManager.js","webpack://landing-page/./.yarn/cache/@azure-msal-common-npm-5.0.0-590107997b-1769c8f8a4.zip/node_modules/@azure/msal-common/dist/client/BaseClient.js","webpack://landing-page/./.yarn/cache/@azure-msal-common-npm-5.0.0-590107997b-1769c8f8a4.zip/node_modules/@azure/msal-common/dist/client/RefreshTokenClient.js","webpack://landing-page/./.yarn/cache/@azure-msal-common-npm-5.0.0-590107997b-1769c8f8a4.zip/node_modules/@azure/msal-common/dist/client/SilentFlowClient.js","webpack://landing-page/./.yarn/cache/@azure-msal-common-npm-5.0.0-590107997b-1769c8f8a4.zip/node_modules/@azure/msal-common/dist/config/ClientConfiguration.js","webpack://landing-page/./.yarn/cache/@azure-msal-common-npm-5.0.0-590107997b-1769c8f8a4.zip/node_modules/@azure/msal-common/dist/crypto/ICrypto.js","webpack://landing-page/./.yarn/cache/@azure-msal-common-npm-5.0.0-590107997b-1769c8f8a4.zip/node_modules/@azure/msal-common/dist/crypto/PopTokenGenerator.js","webpack://landing-page/./.yarn/cache/@azure-msal-common-npm-5.0.0-590107997b-1769c8f8a4.zip/node_modules/@azure/msal-common/dist/error/AuthError.js","webpack://landing-page/./.yarn/cache/@azure-msal-common-npm-5.0.0-590107997b-1769c8f8a4.zip/node_modules/@azure/msal-common/dist/error/ClientAuthError.js","webpack://landing-page/./.yarn/cache/@azure-msal-common-npm-5.0.0-590107997b-1769c8f8a4.zip/node_modules/@azure/msal-common/dist/error/ClientConfigurationError.js","webpack://landing-page/./.yarn/cache/@azure-msal-common-npm-5.0.0-590107997b-1769c8f8a4.zip/node_modules/@azure/msal-common/dist/error/InteractionRequiredAuthError.js","webpack://landing-page/./.yarn/cache/@azure-msal-common-npm-5.0.0-590107997b-1769c8f8a4.zip/node_modules/@azure/msal-common/dist/error/ServerError.js","webpack://landing-page/./.yarn/cache/@azure-msal-common-npm-5.0.0-590107997b-1769c8f8a4.zip/node_modules/@azure/msal-common/dist/logger/Logger.js","webpack://landing-page/./.yarn/cache/@azure-msal-common-npm-5.0.0-590107997b-1769c8f8a4.zip/node_modules/@azure/msal-common/dist/network/INetworkModule.js","webpack://landing-page/./.yarn/cache/@azure-msal-common-npm-5.0.0-590107997b-1769c8f8a4.zip/node_modules/@azure/msal-common/dist/network/ThrottlingUtils.js"],"sourcesContent":["/*! @azure/msal-common v5.0.0 2021-09-08 */\n'use strict';\n/*! *****************************************************************************\r\nCopyright (c) Microsoft Corporation.\r\n\r\nPermission to use, copy, modify, and/or distribute this software for any\r\npurpose with or without fee is hereby granted.\r\n\r\nTHE SOFTWARE IS PROVIDED \"AS IS\" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH\r\nREGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY\r\nAND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT,\r\nINDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM\r\nLOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR\r\nOTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR\r\nPERFORMANCE OF THIS SOFTWARE.\r\n***************************************************************************** */\r\n/* global Reflect, Promise */\r\n\r\nvar extendStatics = function(d, b) {\r\n extendStatics = Object.setPrototypeOf ||\r\n ({ __proto__: [] } instanceof Array && function (d, b) { d.__proto__ = b; }) ||\r\n function (d, b) { for (var p in b) if (Object.prototype.hasOwnProperty.call(b, p)) d[p] = b[p]; };\r\n return extendStatics(d, b);\r\n};\r\n\r\nfunction __extends(d, b) {\r\n extendStatics(d, b);\r\n function __() { this.constructor = d; }\r\n d.prototype = b === null ? Object.create(b) : (__.prototype = b.prototype, new __());\r\n}\r\n\r\nvar __assign = function() {\r\n __assign = Object.assign || function __assign(t) {\r\n for (var s, i = 1, n = arguments.length; i < n; i++) {\r\n s = arguments[i];\r\n for (var p in s) if (Object.prototype.hasOwnProperty.call(s, p)) t[p] = s[p];\r\n }\r\n return t;\r\n };\r\n return __assign.apply(this, arguments);\r\n};\r\n\r\nfunction __awaiter(thisArg, _arguments, P, generator) {\r\n function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }\r\n return new (P || (P = Promise))(function (resolve, reject) {\r\n function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }\r\n function rejected(value) { try { step(generator[\"throw\"](value)); } catch (e) { reject(e); } }\r\n function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }\r\n step((generator = generator.apply(thisArg, _arguments || [])).next());\r\n });\r\n}\r\n\r\nfunction __generator(thisArg, body) {\r\n var _ = { label: 0, sent: function() { if (t[0] & 1) throw t[1]; return t[1]; }, trys: [], ops: [] }, f, y, t, g;\r\n return g = { next: verb(0), \"throw\": verb(1), \"return\": verb(2) }, typeof Symbol === \"function\" && (g[Symbol.iterator] = function() { return this; }), g;\r\n function verb(n) { return function (v) { return step([n, v]); }; }\r\n function step(op) {\r\n if (f) throw new TypeError(\"Generator is already executing.\");\r\n while (_) try {\r\n if (f = 1, y && (t = op[0] & 2 ? y[\"return\"] : op[0] ? y[\"throw\"] || ((t = y[\"return\"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;\r\n if (y = 0, t) op = [op[0] & 2, t.value];\r\n switch (op[0]) {\r\n case 0: case 1: t = op; break;\r\n case 4: _.label++; return { value: op[1], done: false };\r\n case 5: _.label++; y = op[1]; op = [0]; continue;\r\n case 7: op = _.ops.pop(); _.trys.pop(); continue;\r\n default:\r\n if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) { _ = 0; continue; }\r\n if (op[0] === 3 && (!t || (op[1] > t[0] && op[1] < t[3]))) { _.label = op[1]; break; }\r\n if (op[0] === 6 && _.label < t[1]) { _.label = t[1]; t = op; break; }\r\n if (t && _.label < t[2]) { _.label = t[2]; _.ops.push(op); break; }\r\n if (t[2]) _.ops.pop();\r\n _.trys.pop(); continue;\r\n }\r\n op = body.call(thisArg, _);\r\n } catch (e) { op = [6, e]; y = 0; } finally { f = t = 0; }\r\n if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true };\r\n }\r\n}\r\n\r\nfunction __spreadArrays() {\r\n for (var s = 0, i = 0, il = arguments.length; i < il; i++) s += arguments[i].length;\r\n for (var r = Array(s), k = 0, i = 0; i < il; i++)\r\n for (var a = arguments[i], j = 0, jl = a.length; j < jl; j++, k++)\r\n r[k] = a[j];\r\n return r;\r\n}\n\nexport { __assign, __awaiter, __extends, __generator, __spreadArrays };\n//# sourceMappingURL=_tslib.js.map\n","/*! @azure/msal-common v5.0.0 2021-09-08 */\n'use strict';\nimport { ClientAuthError } from '../error/ClientAuthError.js';\nimport { StringUtils } from '../utils/StringUtils.js';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\n/**\r\n * JWT Token representation class. Parses token string and generates claims object.\r\n */\r\nvar AuthToken = /** @class */ (function () {\r\n function AuthToken(rawToken, crypto) {\r\n if (StringUtils.isEmpty(rawToken)) {\r\n throw ClientAuthError.createTokenNullOrEmptyError(rawToken);\r\n }\r\n this.rawToken = rawToken;\r\n this.claims = AuthToken.extractTokenClaims(rawToken, crypto);\r\n }\r\n /**\r\n * Extract token by decoding the rawToken\r\n *\r\n * @param encodedToken\r\n */\r\n AuthToken.extractTokenClaims = function (encodedToken, crypto) {\r\n var decodedToken = StringUtils.decodeAuthToken(encodedToken);\r\n // token will be decoded to get the username\r\n try {\r\n var base64TokenPayload = decodedToken.JWSPayload;\r\n // base64Decode() should throw an error if there is an issue\r\n var base64Decoded = crypto.base64Decode(base64TokenPayload);\r\n return JSON.parse(base64Decoded);\r\n }\r\n catch (err) {\r\n throw ClientAuthError.createTokenParsingError(err);\r\n }\r\n };\r\n return AuthToken;\r\n}());\n\nexport { AuthToken };\n//# sourceMappingURL=AuthToken.js.map\n","/*! @azure/msal-common v5.0.0 2021-09-08 */\n'use strict';\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\nvar CcsCredentialType;\r\n(function (CcsCredentialType) {\r\n CcsCredentialType[\"HOME_ACCOUNT_ID\"] = \"home_account_id\";\r\n CcsCredentialType[\"UPN\"] = \"UPN\";\r\n})(CcsCredentialType || (CcsCredentialType = {}));\n\nexport { CcsCredentialType };\n//# sourceMappingURL=CcsCredential.js.map\n","/*! @azure/msal-common v5.0.0 2021-09-08 */\n'use strict';\nimport { ClientAuthError } from '../error/ClientAuthError.js';\nimport { StringUtils } from '../utils/StringUtils.js';\nimport { Constants, Separators } from '../utils/Constants.js';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\n/**\r\n * Function to build a client info object from server clientInfo string\r\n * @param rawClientInfo\r\n * @param crypto\r\n */\r\nfunction buildClientInfo(rawClientInfo, crypto) {\r\n if (StringUtils.isEmpty(rawClientInfo)) {\r\n throw ClientAuthError.createClientInfoEmptyError();\r\n }\r\n try {\r\n var decodedClientInfo = crypto.base64Decode(rawClientInfo);\r\n return JSON.parse(decodedClientInfo);\r\n }\r\n catch (e) {\r\n throw ClientAuthError.createClientInfoDecodingError(e);\r\n }\r\n}\r\n/**\r\n * Function to build a client info object from cached homeAccountId string\r\n * @param homeAccountId\r\n */\r\nfunction buildClientInfoFromHomeAccountId(homeAccountId) {\r\n if (StringUtils.isEmpty(homeAccountId)) {\r\n throw ClientAuthError.createClientInfoDecodingError(\"Home account ID was empty.\");\r\n }\r\n var clientInfoParts = homeAccountId.split(Separators.CLIENT_INFO_SEPARATOR, 2);\r\n return {\r\n uid: clientInfoParts[0],\r\n utid: clientInfoParts.length < 2 ? Constants.EMPTY_STRING : clientInfoParts[1]\r\n };\r\n}\n\nexport { buildClientInfo, buildClientInfoFromHomeAccountId };\n//# sourceMappingURL=ClientInfo.js.map\n","/*! @azure/msal-common v5.0.0 2021-09-08 */\n'use strict';\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\nfunction isOpenIdConfigResponse(response) {\r\n return (response.hasOwnProperty(\"authorization_endpoint\") &&\r\n response.hasOwnProperty(\"token_endpoint\") &&\r\n response.hasOwnProperty(\"end_session_endpoint\") &&\r\n response.hasOwnProperty(\"issuer\"));\r\n}\n\nexport { isOpenIdConfigResponse };\n//# sourceMappingURL=OpenIdConfigResponse.js.map\n","/*! @azure/msal-common v5.0.0 2021-09-08 */\n'use strict';\nimport { __awaiter, __generator } from '../_virtual/_tslib.js';\nimport { RegionDiscoverySources, ResponseCodes, Constants } from '../utils/Constants.js';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\nvar RegionDiscovery = /** @class */ (function () {\r\n function RegionDiscovery(networkInterface) {\r\n this.networkInterface = networkInterface;\r\n }\r\n /**\r\n * Detect the region from the application's environment.\r\n *\r\n * @returns Promise\r\n */\r\n RegionDiscovery.prototype.detectRegion = function (environmentRegion, regionDiscoveryMetadata) {\r\n return __awaiter(this, void 0, void 0, function () {\r\n var autodetectedRegionName, localIMDSVersionResponse, currentIMDSVersion, currentIMDSVersionResponse;\r\n return __generator(this, function (_a) {\r\n switch (_a.label) {\r\n case 0:\r\n autodetectedRegionName = environmentRegion;\r\n if (!!autodetectedRegionName) return [3 /*break*/, 8];\r\n _a.label = 1;\r\n case 1:\r\n _a.trys.push([1, 6, , 7]);\r\n return [4 /*yield*/, this.getRegionFromIMDS(Constants.IMDS_VERSION)];\r\n case 2:\r\n localIMDSVersionResponse = _a.sent();\r\n if (localIMDSVersionResponse.status === ResponseCodes.httpSuccess) {\r\n autodetectedRegionName = localIMDSVersionResponse.body;\r\n regionDiscoveryMetadata.region_source = RegionDiscoverySources.IMDS;\r\n }\r\n if (!(localIMDSVersionResponse.status === ResponseCodes.httpBadRequest)) return [3 /*break*/, 5];\r\n return [4 /*yield*/, this.getCurrentVersion()];\r\n case 3:\r\n currentIMDSVersion = _a.sent();\r\n if (!currentIMDSVersion) {\r\n regionDiscoveryMetadata.region_source = RegionDiscoverySources.FAILED_AUTO_DETECTION;\r\n return [2 /*return*/, null];\r\n }\r\n return [4 /*yield*/, this.getRegionFromIMDS(currentIMDSVersion)];\r\n case 4:\r\n currentIMDSVersionResponse = _a.sent();\r\n if (currentIMDSVersionResponse.status === ResponseCodes.httpSuccess) {\r\n autodetectedRegionName = currentIMDSVersionResponse.body;\r\n regionDiscoveryMetadata.region_source = RegionDiscoverySources.IMDS;\r\n }\r\n _a.label = 5;\r\n case 5: return [3 /*break*/, 7];\r\n case 6:\r\n _a.sent();\r\n regionDiscoveryMetadata.region_source = RegionDiscoverySources.FAILED_AUTO_DETECTION;\r\n return [2 /*return*/, null];\r\n case 7: return [3 /*break*/, 9];\r\n case 8:\r\n regionDiscoveryMetadata.region_source = RegionDiscoverySources.ENVIRONMENT_VARIABLE;\r\n _a.label = 9;\r\n case 9:\r\n // If no region was auto detected from the environment or from the IMDS endpoint, mark the attempt as a FAILED_AUTO_DETECTION\r\n if (!autodetectedRegionName) {\r\n regionDiscoveryMetadata.region_source = RegionDiscoverySources.FAILED_AUTO_DETECTION;\r\n }\r\n return [2 /*return*/, autodetectedRegionName || null];\r\n }\r\n });\r\n });\r\n };\r\n /**\r\n * Make the call to the IMDS endpoint\r\n *\r\n * @param imdsEndpointUrl\r\n * @returns Promise>\r\n */\r\n RegionDiscovery.prototype.getRegionFromIMDS = function (version) {\r\n return __awaiter(this, void 0, void 0, function () {\r\n return __generator(this, function (_a) {\r\n return [2 /*return*/, this.networkInterface.sendGetRequestAsync(Constants.IMDS_ENDPOINT + \"?api-version=\" + version + \"&format=text\", RegionDiscovery.IMDS_OPTIONS, Constants.IMDS_TIMEOUT)];\r\n });\r\n });\r\n };\r\n /**\r\n * Get the most recent version of the IMDS endpoint available\r\n *\r\n * @returns Promise\r\n */\r\n RegionDiscovery.prototype.getCurrentVersion = function () {\r\n return __awaiter(this, void 0, void 0, function () {\r\n var response;\r\n return __generator(this, function (_a) {\r\n switch (_a.label) {\r\n case 0:\r\n _a.trys.push([0, 2, , 3]);\r\n return [4 /*yield*/, this.networkInterface.sendGetRequestAsync(Constants.IMDS_ENDPOINT + \"?format=json\", RegionDiscovery.IMDS_OPTIONS)];\r\n case 1:\r\n response = _a.sent();\r\n // When IMDS endpoint is called without the api version query param, bad request response comes back with latest version.\r\n if (response.status === ResponseCodes.httpBadRequest && response.body && response.body[\"newest-versions\"] && response.body[\"newest-versions\"].length > 0) {\r\n return [2 /*return*/, response.body[\"newest-versions\"][0]];\r\n }\r\n return [2 /*return*/, null];\r\n case 2:\r\n _a.sent();\r\n return [2 /*return*/, null];\r\n case 3: return [2 /*return*/];\r\n }\r\n });\r\n });\r\n };\r\n // Options for the IMDS endpoint request\r\n RegionDiscovery.IMDS_OPTIONS = { headers: { \"Metadata\": \"true\" } };\r\n return RegionDiscovery;\r\n}());\n\nexport { RegionDiscovery };\n//# sourceMappingURL=RegionDiscovery.js.map\n","/*! @azure/msal-common v5.0.0 2021-09-08 */\n'use strict';\nimport { __awaiter, __generator, __assign } from '../_virtual/_tslib.js';\nimport { AuthorityType } from './AuthorityType.js';\nimport { isOpenIdConfigResponse } from './OpenIdConfigResponse.js';\nimport { UrlString } from '../url/UrlString.js';\nimport { ClientAuthError } from '../error/ClientAuthError.js';\nimport { Constants, AuthorityMetadataSource, RegionDiscoveryOutcomes } from '../utils/Constants.js';\nimport { ClientConfigurationError } from '../error/ClientConfigurationError.js';\nimport { ProtocolMode } from './ProtocolMode.js';\nimport { AuthorityMetadataEntity } from '../cache/entities/AuthorityMetadataEntity.js';\nimport { isCloudInstanceDiscoveryResponse } from './CloudInstanceDiscoveryResponse.js';\nimport { RegionDiscovery } from './RegionDiscovery.js';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\n/**\r\n * The authority class validates the authority URIs used by the user, and retrieves the OpenID Configuration Data from the\r\n * endpoint. It will store the pertinent config data in this object for use during token calls.\r\n */\r\nvar Authority = /** @class */ (function () {\r\n function Authority(authority, networkInterface, cacheManager, authorityOptions) {\r\n this.canonicalAuthority = authority;\r\n this._canonicalAuthority.validateAsUri();\r\n this.networkInterface = networkInterface;\r\n this.cacheManager = cacheManager;\r\n this.authorityOptions = authorityOptions;\r\n this.regionDiscovery = new RegionDiscovery(networkInterface);\r\n this.regionDiscoveryMetadata = { region_used: undefined, region_source: undefined, region_outcome: undefined };\r\n }\r\n Object.defineProperty(Authority.prototype, \"authorityType\", {\r\n // See above for AuthorityType\r\n get: function () {\r\n var pathSegments = this.canonicalAuthorityUrlComponents.PathSegments;\r\n if (pathSegments.length && pathSegments[0].toLowerCase() === Constants.ADFS) {\r\n return AuthorityType.Adfs;\r\n }\r\n return AuthorityType.Default;\r\n },\r\n enumerable: false,\r\n configurable: true\r\n });\r\n Object.defineProperty(Authority.prototype, \"protocolMode\", {\r\n /**\r\n * ProtocolMode enum representing the way endpoints are constructed.\r\n */\r\n get: function () {\r\n return this.authorityOptions.protocolMode;\r\n },\r\n enumerable: false,\r\n configurable: true\r\n });\r\n Object.defineProperty(Authority.prototype, \"options\", {\r\n /**\r\n * Returns authorityOptions which can be used to reinstantiate a new authority instance\r\n */\r\n get: function () {\r\n return this.authorityOptions;\r\n },\r\n enumerable: false,\r\n configurable: true\r\n });\r\n Object.defineProperty(Authority.prototype, \"canonicalAuthority\", {\r\n /**\r\n * A URL that is the authority set by the developer\r\n */\r\n get: function () {\r\n return this._canonicalAuthority.urlString;\r\n },\r\n /**\r\n * Sets canonical authority.\r\n */\r\n set: function (url) {\r\n this._canonicalAuthority = new UrlString(url);\r\n this._canonicalAuthority.validateAsUri();\r\n this._canonicalAuthorityUrlComponents = null;\r\n },\r\n enumerable: false,\r\n configurable: true\r\n });\r\n Object.defineProperty(Authority.prototype, \"canonicalAuthorityUrlComponents\", {\r\n /**\r\n * Get authority components.\r\n */\r\n get: function () {\r\n if (!this._canonicalAuthorityUrlComponents) {\r\n this._canonicalAuthorityUrlComponents = this._canonicalAuthority.getUrlComponents();\r\n }\r\n return this._canonicalAuthorityUrlComponents;\r\n },\r\n enumerable: false,\r\n configurable: true\r\n });\r\n Object.defineProperty(Authority.prototype, \"hostnameAndPort\", {\r\n /**\r\n * Get hostname and port i.e. login.microsoftonline.com\r\n */\r\n get: function () {\r\n return this.canonicalAuthorityUrlComponents.HostNameAndPort.toLowerCase();\r\n },\r\n enumerable: false,\r\n configurable: true\r\n });\r\n Object.defineProperty(Authority.prototype, \"tenant\", {\r\n /**\r\n * Get tenant for authority.\r\n */\r\n get: function () {\r\n return this.canonicalAuthorityUrlComponents.PathSegments[0];\r\n },\r\n enumerable: false,\r\n configurable: true\r\n });\r\n Object.defineProperty(Authority.prototype, \"authorizationEndpoint\", {\r\n /**\r\n * OAuth /authorize endpoint for requests\r\n */\r\n get: function () {\r\n if (this.discoveryComplete()) {\r\n var endpoint = this.replacePath(this.metadata.authorization_endpoint);\r\n return this.replaceTenant(endpoint);\r\n }\r\n else {\r\n throw ClientAuthError.createEndpointDiscoveryIncompleteError(\"Discovery incomplete.\");\r\n }\r\n },\r\n enumerable: false,\r\n configurable: true\r\n });\r\n Object.defineProperty(Authority.prototype, \"tokenEndpoint\", {\r\n /**\r\n * OAuth /token endpoint for requests\r\n */\r\n get: function () {\r\n if (this.discoveryComplete()) {\r\n var endpoint = this.replacePath(this.metadata.token_endpoint);\r\n return this.replaceTenant(endpoint);\r\n }\r\n else {\r\n throw ClientAuthError.createEndpointDiscoveryIncompleteError(\"Discovery incomplete.\");\r\n }\r\n },\r\n enumerable: false,\r\n configurable: true\r\n });\r\n Object.defineProperty(Authority.prototype, \"deviceCodeEndpoint\", {\r\n get: function () {\r\n if (this.discoveryComplete()) {\r\n var endpoint = this.replacePath(this.metadata.token_endpoint.replace(\"/token\", \"/devicecode\"));\r\n return this.replaceTenant(endpoint);\r\n }\r\n else {\r\n throw ClientAuthError.createEndpointDiscoveryIncompleteError(\"Discovery incomplete.\");\r\n }\r\n },\r\n enumerable: false,\r\n configurable: true\r\n });\r\n Object.defineProperty(Authority.prototype, \"endSessionEndpoint\", {\r\n /**\r\n * OAuth logout endpoint for requests\r\n */\r\n get: function () {\r\n if (this.discoveryComplete()) {\r\n var endpoint = this.replacePath(this.metadata.end_session_endpoint);\r\n return this.replaceTenant(endpoint);\r\n }\r\n else {\r\n throw ClientAuthError.createEndpointDiscoveryIncompleteError(\"Discovery incomplete.\");\r\n }\r\n },\r\n enumerable: false,\r\n configurable: true\r\n });\r\n Object.defineProperty(Authority.prototype, \"selfSignedJwtAudience\", {\r\n /**\r\n * OAuth issuer for requests\r\n */\r\n get: function () {\r\n if (this.discoveryComplete()) {\r\n var endpoint = this.replacePath(this.metadata.issuer);\r\n return this.replaceTenant(endpoint);\r\n }\r\n else {\r\n throw ClientAuthError.createEndpointDiscoveryIncompleteError(\"Discovery incomplete.\");\r\n }\r\n },\r\n enumerable: false,\r\n configurable: true\r\n });\r\n /**\r\n * Replaces tenant in url path with current tenant. Defaults to common.\r\n * @param urlString\r\n */\r\n Authority.prototype.replaceTenant = function (urlString) {\r\n return urlString.replace(/{tenant}|{tenantid}/g, this.tenant);\r\n };\r\n /**\r\n * Replaces path such as tenant or policy with the current tenant or policy.\r\n * @param urlString\r\n */\r\n Authority.prototype.replacePath = function (urlString) {\r\n var endpoint = urlString;\r\n var cachedAuthorityUrl = new UrlString(this.metadata.canonical_authority);\r\n var cachedAuthorityParts = cachedAuthorityUrl.getUrlComponents().PathSegments;\r\n var currentAuthorityParts = this.canonicalAuthorityUrlComponents.PathSegments;\r\n currentAuthorityParts.forEach(function (currentPart, index) {\r\n var cachedPart = cachedAuthorityParts[index];\r\n if (currentPart !== cachedPart) {\r\n endpoint = endpoint.replace(\"/\" + cachedPart + \"/\", \"/\" + currentPart + \"/\");\r\n }\r\n });\r\n return endpoint;\r\n };\r\n Object.defineProperty(Authority.prototype, \"defaultOpenIdConfigurationEndpoint\", {\r\n /**\r\n * The default open id configuration endpoint for any canonical authority.\r\n */\r\n get: function () {\r\n if (this.authorityType === AuthorityType.Adfs || this.protocolMode === ProtocolMode.OIDC) {\r\n return this.canonicalAuthority + \".well-known/openid-configuration\";\r\n }\r\n return this.canonicalAuthority + \"v2.0/.well-known/openid-configuration\";\r\n },\r\n enumerable: false,\r\n configurable: true\r\n });\r\n /**\r\n * Boolean that returns whethr or not tenant discovery has been completed.\r\n */\r\n Authority.prototype.discoveryComplete = function () {\r\n return !!this.metadata;\r\n };\r\n /**\r\n * Perform endpoint discovery to discover aliases, preferred_cache, preferred_network\r\n * and the /authorize, /token and logout endpoints.\r\n */\r\n Authority.prototype.resolveEndpointsAsync = function () {\r\n return __awaiter(this, void 0, void 0, function () {\r\n var metadataEntity, cloudDiscoverySource, endpointSource, cacheKey;\r\n return __generator(this, function (_a) {\r\n switch (_a.label) {\r\n case 0:\r\n metadataEntity = this.cacheManager.getAuthorityMetadataByAlias(this.hostnameAndPort);\r\n if (!metadataEntity) {\r\n metadataEntity = new AuthorityMetadataEntity();\r\n metadataEntity.updateCanonicalAuthority(this.canonicalAuthority);\r\n }\r\n return [4 /*yield*/, this.updateCloudDiscoveryMetadata(metadataEntity)];\r\n case 1:\r\n cloudDiscoverySource = _a.sent();\r\n this.canonicalAuthority = this.canonicalAuthority.replace(this.hostnameAndPort, metadataEntity.preferred_network);\r\n return [4 /*yield*/, this.updateEndpointMetadata(metadataEntity)];\r\n case 2:\r\n endpointSource = _a.sent();\r\n if (cloudDiscoverySource !== AuthorityMetadataSource.CACHE && endpointSource !== AuthorityMetadataSource.CACHE) {\r\n // Reset the expiration time unless both values came from a successful cache lookup\r\n metadataEntity.resetExpiresAt();\r\n metadataEntity.updateCanonicalAuthority(this.canonicalAuthority);\r\n }\r\n cacheKey = this.cacheManager.generateAuthorityMetadataCacheKey(metadataEntity.preferred_cache);\r\n this.cacheManager.setAuthorityMetadata(cacheKey, metadataEntity);\r\n this.metadata = metadataEntity;\r\n return [2 /*return*/];\r\n }\r\n });\r\n });\r\n };\r\n /**\r\n * Update AuthorityMetadataEntity with new endpoints and return where the information came from\r\n * @param metadataEntity\r\n */\r\n Authority.prototype.updateEndpointMetadata = function (metadataEntity) {\r\n var _a;\r\n return __awaiter(this, void 0, void 0, function () {\r\n var metadata, autodetectedRegionName, azureRegion;\r\n return __generator(this, function (_b) {\r\n switch (_b.label) {\r\n case 0:\r\n metadata = this.getEndpointMetadataFromConfig();\r\n if (metadata) {\r\n metadataEntity.updateEndpointMetadata(metadata, false);\r\n return [2 /*return*/, AuthorityMetadataSource.CONFIG];\r\n }\r\n if (this.isAuthoritySameType(metadataEntity) && metadataEntity.endpointsFromNetwork && !metadataEntity.isExpired()) {\r\n // No need to update\r\n return [2 /*return*/, AuthorityMetadataSource.CACHE];\r\n }\r\n return [4 /*yield*/, this.getEndpointMetadataFromNetwork()];\r\n case 1:\r\n metadata = _b.sent();\r\n if (!metadata) return [3 /*break*/, 4];\r\n if (!((_a = this.authorityOptions.azureRegionConfiguration) === null || _a === void 0 ? void 0 : _a.azureRegion)) return [3 /*break*/, 3];\r\n return [4 /*yield*/, this.regionDiscovery.detectRegion(this.authorityOptions.azureRegionConfiguration.environmentRegion, this.regionDiscoveryMetadata)];\r\n case 2:\r\n autodetectedRegionName = _b.sent();\r\n azureRegion = this.authorityOptions.azureRegionConfiguration.azureRegion === Constants.AZURE_REGION_AUTO_DISCOVER_FLAG\r\n ? autodetectedRegionName\r\n : this.authorityOptions.azureRegionConfiguration.azureRegion;\r\n if (this.authorityOptions.azureRegionConfiguration.azureRegion === Constants.AZURE_REGION_AUTO_DISCOVER_FLAG) {\r\n this.regionDiscoveryMetadata.region_outcome = autodetectedRegionName ?\r\n RegionDiscoveryOutcomes.AUTO_DETECTION_REQUESTED_SUCCESSFUL :\r\n RegionDiscoveryOutcomes.AUTO_DETECTION_REQUESTED_FAILED;\r\n }\r\n else {\r\n if (autodetectedRegionName) {\r\n this.regionDiscoveryMetadata.region_outcome = (this.authorityOptions.azureRegionConfiguration.azureRegion === autodetectedRegionName) ?\r\n RegionDiscoveryOutcomes.CONFIGURED_MATCHES_DETECTED :\r\n RegionDiscoveryOutcomes.CONFIGURED_NOT_DETECTED;\r\n }\r\n else {\r\n this.regionDiscoveryMetadata.region_outcome = RegionDiscoveryOutcomes.CONFIGURED_NO_AUTO_DETECTION;\r\n }\r\n }\r\n if (azureRegion) {\r\n this.regionDiscoveryMetadata.region_used = azureRegion;\r\n metadata = Authority.replaceWithRegionalInformation(metadata, azureRegion);\r\n }\r\n _b.label = 3;\r\n case 3:\r\n metadataEntity.updateEndpointMetadata(metadata, true);\r\n return [2 /*return*/, AuthorityMetadataSource.NETWORK];\r\n case 4: throw ClientAuthError.createUnableToGetOpenidConfigError(this.defaultOpenIdConfigurationEndpoint);\r\n }\r\n });\r\n });\r\n };\r\n /**\r\n * Compares the number of url components after the domain to determine if the cached authority metadata can be used for the requested authority\r\n * Protects against same domain different authority such as login.microsoftonline.com/tenant and login.microsoftonline.com/tfp/tenant/policy\r\n * @param metadataEntity\r\n */\r\n Authority.prototype.isAuthoritySameType = function (metadataEntity) {\r\n var cachedAuthorityUrl = new UrlString(metadataEntity.canonical_authority);\r\n var cachedParts = cachedAuthorityUrl.getUrlComponents().PathSegments;\r\n return cachedParts.length === this.canonicalAuthorityUrlComponents.PathSegments.length;\r\n };\r\n /**\r\n * Parse authorityMetadata config option\r\n */\r\n Authority.prototype.getEndpointMetadataFromConfig = function () {\r\n if (this.authorityOptions.authorityMetadata) {\r\n try {\r\n return JSON.parse(this.authorityOptions.authorityMetadata);\r\n }\r\n catch (e) {\r\n throw ClientConfigurationError.createInvalidAuthorityMetadataError();\r\n }\r\n }\r\n return null;\r\n };\r\n /**\r\n * Gets OAuth endpoints from the given OpenID configuration endpoint.\r\n */\r\n Authority.prototype.getEndpointMetadataFromNetwork = function () {\r\n return __awaiter(this, void 0, void 0, function () {\r\n var response;\r\n return __generator(this, function (_a) {\r\n switch (_a.label) {\r\n case 0:\r\n _a.trys.push([0, 2, , 3]);\r\n return [4 /*yield*/, this.networkInterface.sendGetRequestAsync(this.defaultOpenIdConfigurationEndpoint)];\r\n case 1:\r\n response = _a.sent();\r\n return [2 /*return*/, isOpenIdConfigResponse(response.body) ? response.body : null];\r\n case 2:\r\n _a.sent();\r\n return [2 /*return*/, null];\r\n case 3: return [2 /*return*/];\r\n }\r\n });\r\n });\r\n };\r\n /**\r\n * Updates the AuthorityMetadataEntity with new aliases, preferred_network and preferred_cache and returns where the information was retrived from\r\n * @param cachedMetadata\r\n * @param newMetadata\r\n */\r\n Authority.prototype.updateCloudDiscoveryMetadata = function (metadataEntity) {\r\n return __awaiter(this, void 0, void 0, function () {\r\n var metadata;\r\n return __generator(this, function (_a) {\r\n switch (_a.label) {\r\n case 0:\r\n metadata = this.getCloudDiscoveryMetadataFromConfig();\r\n if (metadata) {\r\n metadataEntity.updateCloudDiscoveryMetadata(metadata, false);\r\n return [2 /*return*/, AuthorityMetadataSource.CONFIG];\r\n }\r\n // If The cached metadata came from config but that config was not passed to this instance, we must go to the network\r\n if (this.isAuthoritySameType(metadataEntity) && metadataEntity.aliasesFromNetwork && !metadataEntity.isExpired()) {\r\n // No need to update\r\n return [2 /*return*/, AuthorityMetadataSource.CACHE];\r\n }\r\n return [4 /*yield*/, this.getCloudDiscoveryMetadataFromNetwork()];\r\n case 1:\r\n metadata = _a.sent();\r\n if (metadata) {\r\n metadataEntity.updateCloudDiscoveryMetadata(metadata, true);\r\n return [2 /*return*/, AuthorityMetadataSource.NETWORK];\r\n }\r\n else {\r\n // Metadata could not be obtained from config, cache or network\r\n throw ClientConfigurationError.createUntrustedAuthorityError();\r\n }\r\n }\r\n });\r\n });\r\n };\r\n /**\r\n * Parse cloudDiscoveryMetadata config or check knownAuthorities\r\n */\r\n Authority.prototype.getCloudDiscoveryMetadataFromConfig = function () {\r\n // Check if network response was provided in config\r\n if (this.authorityOptions.cloudDiscoveryMetadata) {\r\n try {\r\n var parsedResponse = JSON.parse(this.authorityOptions.cloudDiscoveryMetadata);\r\n var metadata = Authority.getCloudDiscoveryMetadataFromNetworkResponse(parsedResponse.metadata, this.hostnameAndPort);\r\n if (metadata) {\r\n return metadata;\r\n }\r\n }\r\n catch (e) {\r\n throw ClientConfigurationError.createInvalidCloudDiscoveryMetadataError();\r\n }\r\n }\r\n // If cloudDiscoveryMetadata is empty or does not contain the host, check knownAuthorities\r\n if (this.isInKnownAuthorities()) {\r\n return Authority.createCloudDiscoveryMetadataFromHost(this.hostnameAndPort);\r\n }\r\n return null;\r\n };\r\n /**\r\n * Called to get metadata from network if CloudDiscoveryMetadata was not populated by config\r\n * @param networkInterface\r\n */\r\n Authority.prototype.getCloudDiscoveryMetadataFromNetwork = function () {\r\n return __awaiter(this, void 0, void 0, function () {\r\n var instanceDiscoveryEndpoint, match, response, metadata;\r\n return __generator(this, function (_a) {\r\n switch (_a.label) {\r\n case 0:\r\n instanceDiscoveryEndpoint = \"\" + Constants.AAD_INSTANCE_DISCOVERY_ENDPT + this.canonicalAuthority + \"oauth2/v2.0/authorize\";\r\n match = null;\r\n _a.label = 1;\r\n case 1:\r\n _a.trys.push([1, 3, , 4]);\r\n return [4 /*yield*/, this.networkInterface.sendGetRequestAsync(instanceDiscoveryEndpoint)];\r\n case 2:\r\n response = _a.sent();\r\n metadata = isCloudInstanceDiscoveryResponse(response.body) ? response.body.metadata : [];\r\n if (metadata.length === 0) {\r\n // If no metadata is returned, authority is untrusted\r\n return [2 /*return*/, null];\r\n }\r\n match = Authority.getCloudDiscoveryMetadataFromNetworkResponse(metadata, this.hostnameAndPort);\r\n return [3 /*break*/, 4];\r\n case 3:\r\n _a.sent();\r\n return [2 /*return*/, null];\r\n case 4:\r\n if (!match) {\r\n // Custom Domain scenario, host is trusted because Instance Discovery call succeeded \r\n match = Authority.createCloudDiscoveryMetadataFromHost(this.hostnameAndPort);\r\n }\r\n return [2 /*return*/, match];\r\n }\r\n });\r\n });\r\n };\r\n /**\r\n * Helper function to determine if this host is included in the knownAuthorities config option\r\n */\r\n Authority.prototype.isInKnownAuthorities = function () {\r\n var _this = this;\r\n var matches = this.authorityOptions.knownAuthorities.filter(function (authority) {\r\n return UrlString.getDomainFromUrl(authority).toLowerCase() === _this.hostnameAndPort;\r\n });\r\n return matches.length > 0;\r\n };\r\n /**\r\n * Creates cloud discovery metadata object from a given host\r\n * @param host\r\n */\r\n Authority.createCloudDiscoveryMetadataFromHost = function (host) {\r\n return {\r\n preferred_network: host,\r\n preferred_cache: host,\r\n aliases: [host]\r\n };\r\n };\r\n /**\r\n * Searches instance discovery network response for the entry that contains the host in the aliases list\r\n * @param response\r\n * @param authority\r\n */\r\n Authority.getCloudDiscoveryMetadataFromNetworkResponse = function (response, authority) {\r\n for (var i = 0; i < response.length; i++) {\r\n var metadata = response[i];\r\n if (metadata.aliases.indexOf(authority) > -1) {\r\n return metadata;\r\n }\r\n }\r\n return null;\r\n };\r\n /**\r\n * helper function to generate environment from authority object\r\n */\r\n Authority.prototype.getPreferredCache = function () {\r\n if (this.discoveryComplete()) {\r\n return this.metadata.preferred_cache;\r\n }\r\n else {\r\n throw ClientAuthError.createEndpointDiscoveryIncompleteError(\"Discovery incomplete.\");\r\n }\r\n };\r\n /**\r\n * Returns whether or not the provided host is an alias of this authority instance\r\n * @param host\r\n */\r\n Authority.prototype.isAlias = function (host) {\r\n return this.metadata.aliases.indexOf(host) > -1;\r\n };\r\n /**\r\n * Checks whether the provided host is that of a public cloud authority\r\n *\r\n * @param authority string\r\n * @returns bool\r\n */\r\n Authority.isPublicCloudAuthority = function (host) {\r\n return Constants.KNOWN_PUBLIC_CLOUDS.indexOf(host) >= 0;\r\n };\r\n /**\r\n * Rebuild the authority string with the region\r\n *\r\n * @param host string\r\n * @param region string\r\n */\r\n Authority.buildRegionalAuthorityString = function (host, region, queryString) {\r\n // Create and validate a Url string object with the initial authority string\r\n var authorityUrlInstance = new UrlString(host);\r\n authorityUrlInstance.validateAsUri();\r\n var authorityUrlParts = authorityUrlInstance.getUrlComponents();\r\n var hostNameAndPort = region + \".\" + authorityUrlParts.HostNameAndPort;\r\n if (this.isPublicCloudAuthority(authorityUrlParts.HostNameAndPort)) {\r\n hostNameAndPort = region + \".\" + Constants.REGIONAL_AUTH_PUBLIC_CLOUD_SUFFIX;\r\n }\r\n // Include the query string portion of the url\r\n var url = UrlString.constructAuthorityUriFromObject(__assign(__assign({}, authorityUrlInstance.getUrlComponents()), { HostNameAndPort: hostNameAndPort })).urlString;\r\n // Add the query string if a query string was provided\r\n if (queryString)\r\n return url + \"?\" + queryString;\r\n return url;\r\n };\r\n /**\r\n * Replace the endpoints in the metadata object with their regional equivalents.\r\n *\r\n * @param metadata OpenIdConfigResponse\r\n * @param azureRegion string\r\n */\r\n Authority.replaceWithRegionalInformation = function (metadata, azureRegion) {\r\n metadata.authorization_endpoint = Authority.buildRegionalAuthorityString(metadata.authorization_endpoint, azureRegion);\r\n // TODO: Enquire on whether we should leave the query string or remove it before releasing the feature\r\n metadata.token_endpoint = Authority.buildRegionalAuthorityString(metadata.token_endpoint, azureRegion, \"allowestsrnonmsi=true\");\r\n metadata.end_session_endpoint = Authority.buildRegionalAuthorityString(metadata.end_session_endpoint, azureRegion);\r\n return metadata;\r\n };\r\n return Authority;\r\n}());\n\nexport { Authority };\n//# sourceMappingURL=Authority.js.map\n","/*! @azure/msal-common v5.0.0 2021-09-08 */\n'use strict';\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\nfunction isCloudInstanceDiscoveryResponse(response) {\r\n return (response.hasOwnProperty(\"tenant_discovery_endpoint\") &&\r\n response.hasOwnProperty(\"metadata\"));\r\n}\n\nexport { isCloudInstanceDiscoveryResponse };\n//# sourceMappingURL=CloudInstanceDiscoveryResponse.js.map\n","/*! @azure/msal-common v5.0.0 2021-09-08 */\n'use strict';\nimport { __awaiter, __generator } from '../_virtual/_tslib.js';\nimport { Authority } from './Authority.js';\nimport { ClientConfigurationError } from '../error/ClientConfigurationError.js';\nimport { StringUtils } from '../utils/StringUtils.js';\nimport { ClientAuthError } from '../error/ClientAuthError.js';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\nvar AuthorityFactory = /** @class */ (function () {\r\n function AuthorityFactory() {\r\n }\r\n /**\r\n * Create an authority object of the correct type based on the url\r\n * Performs basic authority validation - checks to see if the authority is of a valid type (i.e. aad, b2c, adfs)\r\n *\r\n * Also performs endpoint discovery.\r\n *\r\n * @param authorityUri\r\n * @param networkClient\r\n * @param protocolMode\r\n */\r\n AuthorityFactory.createDiscoveredInstance = function (authorityUri, networkClient, cacheManager, authorityOptions) {\r\n return __awaiter(this, void 0, void 0, function () {\r\n var acquireTokenAuthority, e_1;\r\n return __generator(this, function (_a) {\r\n switch (_a.label) {\r\n case 0:\r\n acquireTokenAuthority = AuthorityFactory.createInstance(authorityUri, networkClient, cacheManager, authorityOptions);\r\n _a.label = 1;\r\n case 1:\r\n _a.trys.push([1, 3, , 4]);\r\n return [4 /*yield*/, acquireTokenAuthority.resolveEndpointsAsync()];\r\n case 2:\r\n _a.sent();\r\n return [2 /*return*/, acquireTokenAuthority];\r\n case 3:\r\n e_1 = _a.sent();\r\n throw ClientAuthError.createEndpointDiscoveryIncompleteError(e_1);\r\n case 4: return [2 /*return*/];\r\n }\r\n });\r\n });\r\n };\r\n /**\r\n * Create an authority object of the correct type based on the url\r\n * Performs basic authority validation - checks to see if the authority is of a valid type (i.e. aad, b2c, adfs)\r\n *\r\n * Does not perform endpoint discovery.\r\n *\r\n * @param authorityUrl\r\n * @param networkInterface\r\n * @param protocolMode\r\n */\r\n AuthorityFactory.createInstance = function (authorityUrl, networkInterface, cacheManager, authorityOptions) {\r\n // Throw error if authority url is empty\r\n if (StringUtils.isEmpty(authorityUrl)) {\r\n throw ClientConfigurationError.createUrlEmptyError();\r\n }\r\n return new Authority(authorityUrl, networkInterface, cacheManager, authorityOptions);\r\n };\r\n return AuthorityFactory;\r\n}());\n\nexport { AuthorityFactory };\n//# sourceMappingURL=AuthorityFactory.js.map\n","/*! @azure/msal-common v5.0.0 2021-09-08 */\n'use strict';\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\n/**\r\n * Authority types supported by MSAL.\r\n */\r\nvar AuthorityType;\r\n(function (AuthorityType) {\r\n AuthorityType[AuthorityType[\"Default\"] = 0] = \"Default\";\r\n AuthorityType[AuthorityType[\"Adfs\"] = 1] = \"Adfs\";\r\n})(AuthorityType || (AuthorityType = {}));\n\nexport { AuthorityType };\n//# sourceMappingURL=AuthorityType.js.map\n","/*! @azure/msal-common v5.0.0 2021-09-08 */\n'use strict';\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\n/**\r\n * Protocol modes supported by MSAL.\r\n */\r\nvar ProtocolMode;\r\n(function (ProtocolMode) {\r\n ProtocolMode[\"AAD\"] = \"AAD\";\r\n ProtocolMode[\"OIDC\"] = \"OIDC\";\r\n})(ProtocolMode || (ProtocolMode = {}));\n\nexport { ProtocolMode };\n//# sourceMappingURL=ProtocolMode.js.map\n","/*! @azure/msal-common v5.0.0 2021-09-08 */\n'use strict';\nimport { __awaiter, __generator, __extends } from '../_virtual/_tslib.js';\nimport { Constants, CredentialType, AuthenticationScheme, CacheSchemaType, THE_FAMILY_ID, APP_METADATA, AUTHORITY_METADATA_CONSTANTS } from '../utils/Constants.js';\nimport { CredentialEntity } from './entities/CredentialEntity.js';\nimport { ScopeSet } from '../request/ScopeSet.js';\nimport { AccountEntity } from './entities/AccountEntity.js';\nimport { AuthError } from '../error/AuthError.js';\nimport { ClientAuthError } from '../error/ClientAuthError.js';\nimport { AuthToken } from '../account/AuthToken.js';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\n/**\r\n * Interface class which implement cache storage functions used by MSAL to perform validity checks, and store tokens.\r\n */\r\nvar CacheManager = /** @class */ (function () {\r\n function CacheManager(clientId, cryptoImpl) {\r\n this.clientId = clientId;\r\n this.cryptoImpl = cryptoImpl;\r\n }\r\n /**\r\n * Returns all accounts in cache\r\n */\r\n CacheManager.prototype.getAllAccounts = function () {\r\n var _this = this;\r\n var currentAccounts = this.getAccountsFilteredBy();\r\n var accountValues = Object.keys(currentAccounts).map(function (accountKey) { return currentAccounts[accountKey]; });\r\n var numAccounts = accountValues.length;\r\n if (numAccounts < 1) {\r\n return [];\r\n }\r\n else {\r\n var allAccounts = accountValues.map(function (value) {\r\n var accountEntity = CacheManager.toObject(new AccountEntity(), value);\r\n var accountInfo = accountEntity.getAccountInfo();\r\n var idToken = _this.readIdTokenFromCache(_this.clientId, accountInfo);\r\n if (idToken && !accountInfo.idTokenClaims) {\r\n accountInfo.idTokenClaims = new AuthToken(idToken.secret, _this.cryptoImpl).claims;\r\n }\r\n return accountInfo;\r\n });\r\n return allAccounts;\r\n }\r\n };\r\n /**\r\n * saves a cache record\r\n * @param cacheRecord\r\n */\r\n CacheManager.prototype.saveCacheRecord = function (cacheRecord) {\r\n return __awaiter(this, void 0, void 0, function () {\r\n return __generator(this, function (_a) {\r\n switch (_a.label) {\r\n case 0:\r\n if (!cacheRecord) {\r\n throw ClientAuthError.createNullOrUndefinedCacheRecord();\r\n }\r\n if (!!cacheRecord.account) {\r\n this.setAccount(cacheRecord.account);\r\n }\r\n if (!!cacheRecord.idToken) {\r\n this.setIdTokenCredential(cacheRecord.idToken);\r\n }\r\n if (!!!cacheRecord.accessToken) return [3 /*break*/, 2];\r\n return [4 /*yield*/, this.saveAccessToken(cacheRecord.accessToken)];\r\n case 1:\r\n _a.sent();\r\n _a.label = 2;\r\n case 2:\r\n if (!!cacheRecord.refreshToken) {\r\n this.setRefreshTokenCredential(cacheRecord.refreshToken);\r\n }\r\n if (!!cacheRecord.appMetadata) {\r\n this.setAppMetadata(cacheRecord.appMetadata);\r\n }\r\n return [2 /*return*/];\r\n }\r\n });\r\n });\r\n };\r\n /**\r\n * saves access token credential\r\n * @param credential\r\n */\r\n CacheManager.prototype.saveAccessToken = function (credential) {\r\n return __awaiter(this, void 0, void 0, function () {\r\n var currentTokenCache, currentScopes, currentAccessTokens, removedAccessTokens_1;\r\n var _this = this;\r\n return __generator(this, function (_a) {\r\n switch (_a.label) {\r\n case 0:\r\n currentTokenCache = this.getCredentialsFilteredBy({\r\n clientId: credential.clientId,\r\n credentialType: credential.credentialType,\r\n environment: credential.environment,\r\n homeAccountId: credential.homeAccountId,\r\n realm: credential.realm,\r\n tokenType: credential.tokenType\r\n });\r\n currentScopes = ScopeSet.fromString(credential.target);\r\n currentAccessTokens = Object.keys(currentTokenCache.accessTokens).map(function (key) { return currentTokenCache.accessTokens[key]; });\r\n if (!currentAccessTokens) return [3 /*break*/, 2];\r\n removedAccessTokens_1 = [];\r\n currentAccessTokens.forEach(function (tokenEntity) {\r\n var tokenScopeSet = ScopeSet.fromString(tokenEntity.target);\r\n if (tokenScopeSet.intersectingScopeSets(currentScopes)) {\r\n removedAccessTokens_1.push(_this.removeCredential(tokenEntity));\r\n }\r\n });\r\n return [4 /*yield*/, Promise.all(removedAccessTokens_1)];\r\n case 1:\r\n _a.sent();\r\n _a.label = 2;\r\n case 2:\r\n this.setAccessTokenCredential(credential);\r\n return [2 /*return*/];\r\n }\r\n });\r\n });\r\n };\r\n /**\r\n * retrieve accounts matching all provided filters; if no filter is set, get all accounts\r\n * not checking for casing as keys are all generated in lower case, remember to convert to lower case if object properties are compared\r\n * @param homeAccountId\r\n * @param environment\r\n * @param realm\r\n */\r\n CacheManager.prototype.getAccountsFilteredBy = function (accountFilter) {\r\n return this.getAccountsFilteredByInternal(accountFilter ? accountFilter.homeAccountId : \"\", accountFilter ? accountFilter.environment : \"\", accountFilter ? accountFilter.realm : \"\");\r\n };\r\n /**\r\n * retrieve accounts matching all provided filters; if no filter is set, get all accounts\r\n * not checking for casing as keys are all generated in lower case, remember to convert to lower case if object properties are compared\r\n * @param homeAccountId\r\n * @param environment\r\n * @param realm\r\n */\r\n CacheManager.prototype.getAccountsFilteredByInternal = function (homeAccountId, environment, realm) {\r\n var _this = this;\r\n var allCacheKeys = this.getKeys();\r\n var matchingAccounts = {};\r\n allCacheKeys.forEach(function (cacheKey) {\r\n var entity = _this.getAccount(cacheKey);\r\n if (!entity) {\r\n return;\r\n }\r\n if (!!homeAccountId && !_this.matchHomeAccountId(entity, homeAccountId)) {\r\n return;\r\n }\r\n if (!!environment && !_this.matchEnvironment(entity, environment)) {\r\n return;\r\n }\r\n if (!!realm && !_this.matchRealm(entity, realm)) {\r\n return;\r\n }\r\n matchingAccounts[cacheKey] = entity;\r\n });\r\n return matchingAccounts;\r\n };\r\n /**\r\n * retrieve credentails matching all provided filters; if no filter is set, get all credentials\r\n * @param homeAccountId\r\n * @param environment\r\n * @param credentialType\r\n * @param clientId\r\n * @param realm\r\n * @param target\r\n */\r\n CacheManager.prototype.getCredentialsFilteredBy = function (filter) {\r\n return this.getCredentialsFilteredByInternal(filter.homeAccountId, filter.environment, filter.credentialType, filter.clientId, filter.familyId, filter.realm, filter.target, filter.oboAssertion, filter.tokenType);\r\n };\r\n /**\r\n * Support function to help match credentials\r\n * @param homeAccountId\r\n * @param environment\r\n * @param credentialType\r\n * @param clientId\r\n * @param realm\r\n * @param target\r\n * @param oboAssertion\r\n * @param tokenType\r\n */\r\n CacheManager.prototype.getCredentialsFilteredByInternal = function (homeAccountId, environment, credentialType, clientId, familyId, realm, target, oboAssertion, tokenType) {\r\n var _this = this;\r\n var allCacheKeys = this.getKeys();\r\n var matchingCredentials = {\r\n idTokens: {},\r\n accessTokens: {},\r\n refreshTokens: {},\r\n };\r\n allCacheKeys.forEach(function (cacheKey) {\r\n // don't parse any non-credential type cache entities\r\n var credType = CredentialEntity.getCredentialType(cacheKey);\r\n if (credType === Constants.NOT_DEFINED) {\r\n return;\r\n }\r\n // Attempt retrieval\r\n var entity = _this.getSpecificCredential(cacheKey, credType);\r\n if (!entity) {\r\n return;\r\n }\r\n if (!!oboAssertion && !_this.matchOboAssertion(entity, oboAssertion)) {\r\n return;\r\n }\r\n if (!!homeAccountId && !_this.matchHomeAccountId(entity, homeAccountId)) {\r\n return;\r\n }\r\n if (!!environment && !_this.matchEnvironment(entity, environment)) {\r\n return;\r\n }\r\n if (!!realm && !_this.matchRealm(entity, realm)) {\r\n return;\r\n }\r\n if (!!credentialType && !_this.matchCredentialType(entity, credentialType)) {\r\n return;\r\n }\r\n if (!!clientId && !_this.matchClientId(entity, clientId)) {\r\n return;\r\n }\r\n if (!!familyId && !_this.matchFamilyId(entity, familyId)) {\r\n return;\r\n }\r\n /*\r\n * idTokens do not have \"target\", target specific refreshTokens do exist for some types of authentication\r\n * Resource specific refresh tokens case will be added when the support is deemed necessary\r\n */\r\n if (!!target && !_this.matchTarget(entity, target)) {\r\n return;\r\n }\r\n if (credentialType === CredentialType.ACCESS_TOKEN_WITH_AUTH_SCHEME) {\r\n if (!!tokenType && !_this.matchTokenType(entity, tokenType)) {\r\n return;\r\n }\r\n // This check avoids matching outdated POP tokens that don't have the <-scheme> in the cache key\r\n if (cacheKey.indexOf(AuthenticationScheme.POP) === -1) {\r\n // AccessToken_With_AuthScheme that doesn't have pop in the key is outdated\r\n _this.removeItem(cacheKey, CacheSchemaType.CREDENTIAL);\r\n return;\r\n }\r\n }\r\n switch (credType) {\r\n case CredentialType.ID_TOKEN:\r\n matchingCredentials.idTokens[cacheKey] = entity;\r\n break;\r\n case CredentialType.ACCESS_TOKEN:\r\n case CredentialType.ACCESS_TOKEN_WITH_AUTH_SCHEME:\r\n matchingCredentials.accessTokens[cacheKey] = entity;\r\n break;\r\n case CredentialType.REFRESH_TOKEN:\r\n matchingCredentials.refreshTokens[cacheKey] = entity;\r\n break;\r\n }\r\n });\r\n return matchingCredentials;\r\n };\r\n /**\r\n * retrieve appMetadata matching all provided filters; if no filter is set, get all appMetadata\r\n * @param filter\r\n */\r\n CacheManager.prototype.getAppMetadataFilteredBy = function (filter) {\r\n return this.getAppMetadataFilteredByInternal(filter.environment, filter.clientId);\r\n };\r\n /**\r\n * Support function to help match appMetadata\r\n * @param environment\r\n * @param clientId\r\n */\r\n CacheManager.prototype.getAppMetadataFilteredByInternal = function (environment, clientId) {\r\n var _this = this;\r\n var allCacheKeys = this.getKeys();\r\n var matchingAppMetadata = {};\r\n allCacheKeys.forEach(function (cacheKey) {\r\n // don't parse any non-appMetadata type cache entities\r\n if (!_this.isAppMetadata(cacheKey)) {\r\n return;\r\n }\r\n // Attempt retrieval\r\n var entity = _this.getAppMetadata(cacheKey);\r\n if (!entity) {\r\n return;\r\n }\r\n if (!!environment && !_this.matchEnvironment(entity, environment)) {\r\n return;\r\n }\r\n if (!!clientId && !_this.matchClientId(entity, clientId)) {\r\n return;\r\n }\r\n matchingAppMetadata[cacheKey] = entity;\r\n });\r\n return matchingAppMetadata;\r\n };\r\n /**\r\n * retrieve authorityMetadata that contains a matching alias\r\n * @param filter\r\n */\r\n CacheManager.prototype.getAuthorityMetadataByAlias = function (host) {\r\n var _this = this;\r\n var allCacheKeys = this.getAuthorityMetadataKeys();\r\n var matchedEntity = null;\r\n allCacheKeys.forEach(function (cacheKey) {\r\n // don't parse any non-authorityMetadata type cache entities\r\n if (!_this.isAuthorityMetadata(cacheKey) || cacheKey.indexOf(_this.clientId) === -1) {\r\n return;\r\n }\r\n // Attempt retrieval\r\n var entity = _this.getAuthorityMetadata(cacheKey);\r\n if (!entity) {\r\n return;\r\n }\r\n if (entity.aliases.indexOf(host) === -1) {\r\n return;\r\n }\r\n matchedEntity = entity;\r\n });\r\n return matchedEntity;\r\n };\r\n /**\r\n * Removes all accounts and related tokens from cache.\r\n */\r\n CacheManager.prototype.removeAllAccounts = function () {\r\n return __awaiter(this, void 0, void 0, function () {\r\n var allCacheKeys, removedAccounts;\r\n var _this = this;\r\n return __generator(this, function (_a) {\r\n switch (_a.label) {\r\n case 0:\r\n allCacheKeys = this.getKeys();\r\n removedAccounts = [];\r\n allCacheKeys.forEach(function (cacheKey) {\r\n var entity = _this.getAccount(cacheKey);\r\n if (!entity) {\r\n return;\r\n }\r\n removedAccounts.push(_this.removeAccount(cacheKey));\r\n });\r\n return [4 /*yield*/, Promise.all(removedAccounts)];\r\n case 1:\r\n _a.sent();\r\n return [2 /*return*/, true];\r\n }\r\n });\r\n });\r\n };\r\n /**\r\n * returns a boolean if the given account is removed\r\n * @param account\r\n */\r\n CacheManager.prototype.removeAccount = function (accountKey) {\r\n return __awaiter(this, void 0, void 0, function () {\r\n var account;\r\n return __generator(this, function (_a) {\r\n switch (_a.label) {\r\n case 0:\r\n account = this.getAccount(accountKey);\r\n if (!account) {\r\n throw ClientAuthError.createNoAccountFoundError();\r\n }\r\n return [4 /*yield*/, this.removeAccountContext(account)];\r\n case 1: return [2 /*return*/, ((_a.sent()) && this.removeItem(accountKey, CacheSchemaType.ACCOUNT))];\r\n }\r\n });\r\n });\r\n };\r\n /**\r\n * returns a boolean if the given account is removed\r\n * @param account\r\n */\r\n CacheManager.prototype.removeAccountContext = function (account) {\r\n return __awaiter(this, void 0, void 0, function () {\r\n var allCacheKeys, accountId, removedCredentials;\r\n var _this = this;\r\n return __generator(this, function (_a) {\r\n switch (_a.label) {\r\n case 0:\r\n allCacheKeys = this.getKeys();\r\n accountId = account.generateAccountId();\r\n removedCredentials = [];\r\n allCacheKeys.forEach(function (cacheKey) {\r\n // don't parse any non-credential type cache entities\r\n var credType = CredentialEntity.getCredentialType(cacheKey);\r\n if (credType === Constants.NOT_DEFINED) {\r\n return;\r\n }\r\n var cacheEntity = _this.getSpecificCredential(cacheKey, credType);\r\n if (!!cacheEntity && accountId === cacheEntity.generateAccountId()) {\r\n removedCredentials.push(_this.removeCredential(cacheEntity));\r\n }\r\n });\r\n return [4 /*yield*/, Promise.all(removedCredentials)];\r\n case 1:\r\n _a.sent();\r\n return [2 /*return*/, true];\r\n }\r\n });\r\n });\r\n };\r\n /**\r\n * returns a boolean if the given credential is removed\r\n * @param credential\r\n */\r\n CacheManager.prototype.removeCredential = function (credential) {\r\n return __awaiter(this, void 0, void 0, function () {\r\n var key, accessTokenWithAuthSchemeEntity, kid;\r\n return __generator(this, function (_a) {\r\n switch (_a.label) {\r\n case 0:\r\n key = credential.generateCredentialKey();\r\n if (!(credential.credentialType.toLowerCase() === CredentialType.ACCESS_TOKEN_WITH_AUTH_SCHEME.toLowerCase())) return [3 /*break*/, 4];\r\n accessTokenWithAuthSchemeEntity = credential;\r\n kid = accessTokenWithAuthSchemeEntity.keyId;\r\n if (!kid) return [3 /*break*/, 4];\r\n _a.label = 1;\r\n case 1:\r\n _a.trys.push([1, 3, , 4]);\r\n return [4 /*yield*/, this.cryptoImpl.removeTokenBindingKey(kid)];\r\n case 2:\r\n _a.sent();\r\n return [3 /*break*/, 4];\r\n case 3:\r\n _a.sent();\r\n throw ClientAuthError.createBindingKeyNotRemovedError();\r\n case 4: return [2 /*return*/, this.removeItem(key, CacheSchemaType.CREDENTIAL)];\r\n }\r\n });\r\n });\r\n };\r\n /**\r\n * Removes all app metadata objects from cache.\r\n */\r\n CacheManager.prototype.removeAppMetadata = function () {\r\n var _this = this;\r\n var allCacheKeys = this.getKeys();\r\n allCacheKeys.forEach(function (cacheKey) {\r\n if (_this.isAppMetadata(cacheKey)) {\r\n _this.removeItem(cacheKey, CacheSchemaType.APP_METADATA);\r\n }\r\n });\r\n return true;\r\n };\r\n /**\r\n * Retrieve the cached credentials into a cacherecord\r\n * @param account\r\n * @param clientId\r\n * @param scopes\r\n * @param environment\r\n * @param authScheme\r\n */\r\n CacheManager.prototype.readCacheRecord = function (account, clientId, scopes, environment, authScheme) {\r\n var cachedAccount = this.readAccountFromCache(account);\r\n var cachedIdToken = this.readIdTokenFromCache(clientId, account);\r\n var cachedAccessToken = this.readAccessTokenFromCache(clientId, account, scopes, authScheme);\r\n var cachedRefreshToken = this.readRefreshTokenFromCache(clientId, account, false);\r\n var cachedAppMetadata = this.readAppMetadataFromCache(environment, clientId);\r\n if (cachedAccount && cachedIdToken) {\r\n cachedAccount.idTokenClaims = new AuthToken(cachedIdToken.secret, this.cryptoImpl).claims;\r\n }\r\n return {\r\n account: cachedAccount,\r\n idToken: cachedIdToken,\r\n accessToken: cachedAccessToken,\r\n refreshToken: cachedRefreshToken,\r\n appMetadata: cachedAppMetadata,\r\n };\r\n };\r\n /**\r\n * Retrieve AccountEntity from cache\r\n * @param account\r\n */\r\n CacheManager.prototype.readAccountFromCache = function (account) {\r\n var accountKey = AccountEntity.generateAccountCacheKey(account);\r\n return this.getAccount(accountKey);\r\n };\r\n /**\r\n * Retrieve IdTokenEntity from cache\r\n * @param clientId\r\n * @param account\r\n * @param inputRealm\r\n */\r\n CacheManager.prototype.readIdTokenFromCache = function (clientId, account) {\r\n var idTokenFilter = {\r\n homeAccountId: account.homeAccountId,\r\n environment: account.environment,\r\n credentialType: CredentialType.ID_TOKEN,\r\n clientId: clientId,\r\n realm: account.tenantId,\r\n };\r\n var credentialCache = this.getCredentialsFilteredBy(idTokenFilter);\r\n var idTokens = Object.keys(credentialCache.idTokens).map(function (key) { return credentialCache.idTokens[key]; });\r\n var numIdTokens = idTokens.length;\r\n if (numIdTokens < 1) {\r\n return null;\r\n }\r\n else if (numIdTokens > 1) {\r\n throw ClientAuthError.createMultipleMatchingTokensInCacheError();\r\n }\r\n return idTokens[0];\r\n };\r\n /**\r\n * Retrieve AccessTokenEntity from cache\r\n * @param clientId\r\n * @param account\r\n * @param scopes\r\n * @param authScheme\r\n */\r\n CacheManager.prototype.readAccessTokenFromCache = function (clientId, account, scopes, authScheme) {\r\n // Distinguish between Bearer and PoP token cache types\r\n var credentialType = (authScheme === AuthenticationScheme.POP) ? CredentialType.ACCESS_TOKEN_WITH_AUTH_SCHEME : CredentialType.ACCESS_TOKEN;\r\n var accessTokenFilter = {\r\n homeAccountId: account.homeAccountId,\r\n environment: account.environment,\r\n credentialType: credentialType,\r\n clientId: clientId,\r\n realm: account.tenantId,\r\n target: scopes.printScopesLowerCase(),\r\n tokenType: authScheme\r\n };\r\n var credentialCache = this.getCredentialsFilteredBy(accessTokenFilter);\r\n var accessTokens = Object.keys(credentialCache.accessTokens).map(function (key) { return credentialCache.accessTokens[key]; });\r\n var numAccessTokens = accessTokens.length;\r\n if (numAccessTokens < 1) {\r\n return null;\r\n }\r\n else if (numAccessTokens > 1) {\r\n throw ClientAuthError.createMultipleMatchingTokensInCacheError();\r\n }\r\n return accessTokens[0];\r\n };\r\n /**\r\n * Helper to retrieve the appropriate refresh token from cache\r\n * @param clientId\r\n * @param account\r\n * @param familyRT\r\n */\r\n CacheManager.prototype.readRefreshTokenFromCache = function (clientId, account, familyRT) {\r\n var id = familyRT ? THE_FAMILY_ID : undefined;\r\n var refreshTokenFilter = {\r\n homeAccountId: account.homeAccountId,\r\n environment: account.environment,\r\n credentialType: CredentialType.REFRESH_TOKEN,\r\n clientId: clientId,\r\n familyId: id\r\n };\r\n var credentialCache = this.getCredentialsFilteredBy(refreshTokenFilter);\r\n var refreshTokens = Object.keys(credentialCache.refreshTokens).map(function (key) { return credentialCache.refreshTokens[key]; });\r\n var numRefreshTokens = refreshTokens.length;\r\n if (numRefreshTokens < 1) {\r\n return null;\r\n }\r\n // address the else case after remove functions address environment aliases\r\n return refreshTokens[0];\r\n };\r\n /**\r\n * Retrieve AppMetadataEntity from cache\r\n */\r\n CacheManager.prototype.readAppMetadataFromCache = function (environment, clientId) {\r\n var appMetadataFilter = {\r\n environment: environment,\r\n clientId: clientId,\r\n };\r\n var appMetadata = this.getAppMetadataFilteredBy(appMetadataFilter);\r\n var appMetadataEntries = Object.keys(appMetadata).map(function (key) { return appMetadata[key]; });\r\n var numAppMetadata = appMetadataEntries.length;\r\n if (numAppMetadata < 1) {\r\n return null;\r\n }\r\n else if (numAppMetadata > 1) {\r\n throw ClientAuthError.createMultipleMatchingAppMetadataInCacheError();\r\n }\r\n return appMetadataEntries[0];\r\n };\r\n /**\r\n * Return the family_id value associated with FOCI\r\n * @param environment\r\n * @param clientId\r\n */\r\n CacheManager.prototype.isAppMetadataFOCI = function (environment, clientId) {\r\n var appMetadata = this.readAppMetadataFromCache(environment, clientId);\r\n return !!(appMetadata && appMetadata.familyId === THE_FAMILY_ID);\r\n };\r\n /**\r\n * helper to match account ids\r\n * @param value\r\n * @param homeAccountId\r\n */\r\n CacheManager.prototype.matchHomeAccountId = function (entity, homeAccountId) {\r\n return !!(entity.homeAccountId && homeAccountId === entity.homeAccountId);\r\n };\r\n /**\r\n * helper to match assertion\r\n * @param value\r\n * @param oboAssertion\r\n */\r\n CacheManager.prototype.matchOboAssertion = function (entity, oboAssertion) {\r\n return !!(entity.oboAssertion && oboAssertion === entity.oboAssertion);\r\n };\r\n /**\r\n * helper to match environment\r\n * @param value\r\n * @param environment\r\n */\r\n CacheManager.prototype.matchEnvironment = function (entity, environment) {\r\n var cloudMetadata = this.getAuthorityMetadataByAlias(environment);\r\n if (cloudMetadata && cloudMetadata.aliases.indexOf(entity.environment) > -1) {\r\n return true;\r\n }\r\n return false;\r\n };\r\n /**\r\n * helper to match credential type\r\n * @param entity\r\n * @param credentialType\r\n */\r\n CacheManager.prototype.matchCredentialType = function (entity, credentialType) {\r\n return (entity.credentialType && credentialType.toLowerCase() === entity.credentialType.toLowerCase());\r\n };\r\n /**\r\n * helper to match client ids\r\n * @param entity\r\n * @param clientId\r\n */\r\n CacheManager.prototype.matchClientId = function (entity, clientId) {\r\n return !!(entity.clientId && clientId === entity.clientId);\r\n };\r\n /**\r\n * helper to match family ids\r\n * @param entity\r\n * @param familyId\r\n */\r\n CacheManager.prototype.matchFamilyId = function (entity, familyId) {\r\n return !!(entity.familyId && familyId === entity.familyId);\r\n };\r\n /**\r\n * helper to match realm\r\n * @param entity\r\n * @param realm\r\n */\r\n CacheManager.prototype.matchRealm = function (entity, realm) {\r\n return !!(entity.realm && realm === entity.realm);\r\n };\r\n /**\r\n * Returns true if the target scopes are a subset of the current entity's scopes, false otherwise.\r\n * @param entity\r\n * @param target\r\n */\r\n CacheManager.prototype.matchTarget = function (entity, target) {\r\n var isNotAccessTokenCredential = (entity.credentialType !== CredentialType.ACCESS_TOKEN && entity.credentialType !== CredentialType.ACCESS_TOKEN_WITH_AUTH_SCHEME);\r\n if (isNotAccessTokenCredential || !entity.target) {\r\n return false;\r\n }\r\n var entityScopeSet = ScopeSet.fromString(entity.target);\r\n var requestTargetScopeSet = ScopeSet.fromString(target);\r\n if (!requestTargetScopeSet.containsOnlyOIDCScopes()) {\r\n requestTargetScopeSet.removeOIDCScopes(); // ignore OIDC scopes\r\n }\r\n else {\r\n requestTargetScopeSet.removeScope(Constants.OFFLINE_ACCESS_SCOPE);\r\n }\r\n return entityScopeSet.containsScopeSet(requestTargetScopeSet);\r\n };\r\n /**\r\n * Returns true if the credential's tokenType or Authentication Scheme matches the one in the request, false otherwise\r\n * @param entity\r\n * @param tokenType\r\n */\r\n CacheManager.prototype.matchTokenType = function (entity, tokenType) {\r\n return !!(entity.tokenType && entity.tokenType === tokenType);\r\n };\r\n /**\r\n * returns if a given cache entity is of the type appmetadata\r\n * @param key\r\n */\r\n CacheManager.prototype.isAppMetadata = function (key) {\r\n return key.indexOf(APP_METADATA) !== -1;\r\n };\r\n /**\r\n * returns if a given cache entity is of the type authoritymetadata\r\n * @param key\r\n */\r\n CacheManager.prototype.isAuthorityMetadata = function (key) {\r\n return key.indexOf(AUTHORITY_METADATA_CONSTANTS.CACHE_KEY) !== -1;\r\n };\r\n /**\r\n * returns cache key used for cloud instance metadata\r\n */\r\n CacheManager.prototype.generateAuthorityMetadataCacheKey = function (authority) {\r\n return AUTHORITY_METADATA_CONSTANTS.CACHE_KEY + \"-\" + this.clientId + \"-\" + authority;\r\n };\r\n /**\r\n * Returns the specific credential (IdToken/AccessToken/RefreshToken) from the cache\r\n * @param key\r\n * @param credType\r\n */\r\n CacheManager.prototype.getSpecificCredential = function (key, credType) {\r\n switch (credType) {\r\n case CredentialType.ID_TOKEN: {\r\n return this.getIdTokenCredential(key);\r\n }\r\n case CredentialType.ACCESS_TOKEN:\r\n case CredentialType.ACCESS_TOKEN_WITH_AUTH_SCHEME: {\r\n return this.getAccessTokenCredential(key);\r\n }\r\n case CredentialType.REFRESH_TOKEN: {\r\n return this.getRefreshTokenCredential(key);\r\n }\r\n default:\r\n return null;\r\n }\r\n };\r\n /**\r\n * Helper to convert serialized data to object\r\n * @param obj\r\n * @param json\r\n */\r\n CacheManager.toObject = function (obj, json) {\r\n for (var propertyName in json) {\r\n obj[propertyName] = json[propertyName];\r\n }\r\n return obj;\r\n };\r\n return CacheManager;\r\n}());\r\nvar DefaultStorageClass = /** @class */ (function (_super) {\r\n __extends(DefaultStorageClass, _super);\r\n function DefaultStorageClass() {\r\n return _super !== null && _super.apply(this, arguments) || this;\r\n }\r\n DefaultStorageClass.prototype.setAccount = function () {\r\n var notImplErr = \"Storage interface - setAccount() has not been implemented for the cacheStorage interface.\";\r\n throw AuthError.createUnexpectedError(notImplErr);\r\n };\r\n DefaultStorageClass.prototype.getAccount = function () {\r\n var notImplErr = \"Storage interface - getAccount() has not been implemented for the cacheStorage interface.\";\r\n throw AuthError.createUnexpectedError(notImplErr);\r\n };\r\n DefaultStorageClass.prototype.setIdTokenCredential = function () {\r\n var notImplErr = \"Storage interface - setIdTokenCredential() has not been implemented for the cacheStorage interface.\";\r\n throw AuthError.createUnexpectedError(notImplErr);\r\n };\r\n DefaultStorageClass.prototype.getIdTokenCredential = function () {\r\n var notImplErr = \"Storage interface - getIdTokenCredential() has not been implemented for the cacheStorage interface.\";\r\n throw AuthError.createUnexpectedError(notImplErr);\r\n };\r\n DefaultStorageClass.prototype.setAccessTokenCredential = function () {\r\n var notImplErr = \"Storage interface - setAccessTokenCredential() has not been implemented for the cacheStorage interface.\";\r\n throw AuthError.createUnexpectedError(notImplErr);\r\n };\r\n DefaultStorageClass.prototype.getAccessTokenCredential = function () {\r\n var notImplErr = \"Storage interface - getAccessTokenCredential() has not been implemented for the cacheStorage interface.\";\r\n throw AuthError.createUnexpectedError(notImplErr);\r\n };\r\n DefaultStorageClass.prototype.setRefreshTokenCredential = function () {\r\n var notImplErr = \"Storage interface - setRefreshTokenCredential() has not been implemented for the cacheStorage interface.\";\r\n throw AuthError.createUnexpectedError(notImplErr);\r\n };\r\n DefaultStorageClass.prototype.getRefreshTokenCredential = function () {\r\n var notImplErr = \"Storage interface - getRefreshTokenCredential() has not been implemented for the cacheStorage interface.\";\r\n throw AuthError.createUnexpectedError(notImplErr);\r\n };\r\n DefaultStorageClass.prototype.setAppMetadata = function () {\r\n var notImplErr = \"Storage interface - setAppMetadata() has not been implemented for the cacheStorage interface.\";\r\n throw AuthError.createUnexpectedError(notImplErr);\r\n };\r\n DefaultStorageClass.prototype.getAppMetadata = function () {\r\n var notImplErr = \"Storage interface - getAppMetadata() has not been implemented for the cacheStorage interface.\";\r\n throw AuthError.createUnexpectedError(notImplErr);\r\n };\r\n DefaultStorageClass.prototype.setServerTelemetry = function () {\r\n var notImplErr = \"Storage interface - setServerTelemetry() has not been implemented for the cacheStorage interface.\";\r\n throw AuthError.createUnexpectedError(notImplErr);\r\n };\r\n DefaultStorageClass.prototype.getServerTelemetry = function () {\r\n var notImplErr = \"Storage interface - getServerTelemetry() has not been implemented for the cacheStorage interface.\";\r\n throw AuthError.createUnexpectedError(notImplErr);\r\n };\r\n DefaultStorageClass.prototype.setAuthorityMetadata = function () {\r\n var notImplErr = \"Storage interface - setAuthorityMetadata() has not been implemented for the cacheStorage interface.\";\r\n throw AuthError.createUnexpectedError(notImplErr);\r\n };\r\n DefaultStorageClass.prototype.getAuthorityMetadata = function () {\r\n var notImplErr = \"Storage interface - getAuthorityMetadata() has not been implemented for the cacheStorage interface.\";\r\n throw AuthError.createUnexpectedError(notImplErr);\r\n };\r\n DefaultStorageClass.prototype.getAuthorityMetadataKeys = function () {\r\n var notImplErr = \"Storage interface - getAuthorityMetadataKeys() has not been implemented for the cacheStorage interface.\";\r\n throw AuthError.createUnexpectedError(notImplErr);\r\n };\r\n DefaultStorageClass.prototype.setThrottlingCache = function () {\r\n var notImplErr = \"Storage interface - setThrottlingCache() has not been implemented for the cacheStorage interface.\";\r\n throw AuthError.createUnexpectedError(notImplErr);\r\n };\r\n DefaultStorageClass.prototype.getThrottlingCache = function () {\r\n var notImplErr = \"Storage interface - getThrottlingCache() has not been implemented for the cacheStorage interface.\";\r\n throw AuthError.createUnexpectedError(notImplErr);\r\n };\r\n DefaultStorageClass.prototype.removeItem = function () {\r\n var notImplErr = \"Storage interface - removeItem() has not been implemented for the cacheStorage interface.\";\r\n throw AuthError.createUnexpectedError(notImplErr);\r\n };\r\n DefaultStorageClass.prototype.containsKey = function () {\r\n var notImplErr = \"Storage interface - containsKey() has not been implemented for the cacheStorage interface.\";\r\n throw AuthError.createUnexpectedError(notImplErr);\r\n };\r\n DefaultStorageClass.prototype.getKeys = function () {\r\n var notImplErr = \"Storage interface - getKeys() has not been implemented for the cacheStorage interface.\";\r\n throw AuthError.createUnexpectedError(notImplErr);\r\n };\r\n DefaultStorageClass.prototype.clear = function () {\r\n return __awaiter(this, void 0, void 0, function () {\r\n var notImplErr;\r\n return __generator(this, function (_a) {\r\n notImplErr = \"Storage interface - clear() has not been implemented for the cacheStorage interface.\";\r\n throw AuthError.createUnexpectedError(notImplErr);\r\n });\r\n });\r\n };\r\n return DefaultStorageClass;\r\n}(CacheManager));\n\nexport { CacheManager, DefaultStorageClass };\n//# sourceMappingURL=CacheManager.js.map\n","/*! @azure/msal-common v5.0.0 2021-09-08 */\n'use strict';\nimport { __extends } from '../../_virtual/_tslib.js';\nimport { CredentialEntity } from './CredentialEntity.js';\nimport { CredentialType, AuthenticationScheme } from '../../utils/Constants.js';\nimport { TimeUtils } from '../../utils/TimeUtils.js';\nimport { StringUtils } from '../../utils/StringUtils.js';\nimport { AuthToken } from '../../account/AuthToken.js';\nimport { ClientAuthError } from '../../error/ClientAuthError.js';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\n/**\r\n * ACCESS_TOKEN Credential Type\r\n *\r\n * Key:Value Schema:\r\n *\r\n * Key Example: uid.utid-login.microsoftonline.com-accesstoken-clientId-contoso.com-user.read\r\n *\r\n * Value Schema:\r\n * {\r\n * homeAccountId: home account identifier for the auth scheme,\r\n * environment: entity that issued the token, represented as a full host\r\n * credentialType: Type of credential as a string, can be one of the following: RefreshToken, AccessToken, IdToken, Password, Cookie, Certificate, Other\r\n * clientId: client ID of the application\r\n * secret: Actual credential as a string\r\n * familyId: Family ID identifier, usually only used for refresh tokens\r\n * realm: Full tenant or organizational identifier that the account belongs to\r\n * target: Permissions that are included in the token, or for refresh tokens, the resource identifier.\r\n * cachedAt: Absolute device time when entry was created in the cache.\r\n * expiresOn: Token expiry time, calculated based on current UTC time in seconds. Represented as a string.\r\n * extendedExpiresOn: Additional extended expiry time until when token is valid in case of server-side outage. Represented as string in UTC seconds.\r\n * keyId: used for POP and SSH tokenTypes\r\n * tokenType: Type of the token issued. Usually \"Bearer\"\r\n * }\r\n */\r\nvar AccessTokenEntity = /** @class */ (function (_super) {\r\n __extends(AccessTokenEntity, _super);\r\n function AccessTokenEntity() {\r\n return _super !== null && _super.apply(this, arguments) || this;\r\n }\r\n /**\r\n * Create AccessTokenEntity\r\n * @param homeAccountId\r\n * @param environment\r\n * @param accessToken\r\n * @param clientId\r\n * @param tenantId\r\n * @param scopes\r\n * @param expiresOn\r\n * @param extExpiresOn\r\n */\r\n AccessTokenEntity.createAccessTokenEntity = function (homeAccountId, environment, accessToken, clientId, tenantId, scopes, expiresOn, extExpiresOn, cryptoUtils, refreshOn, tokenType, oboAssertion) {\r\n var _a;\r\n var atEntity = new AccessTokenEntity();\r\n atEntity.homeAccountId = homeAccountId;\r\n atEntity.credentialType = CredentialType.ACCESS_TOKEN;\r\n atEntity.secret = accessToken;\r\n var currentTime = TimeUtils.nowSeconds();\r\n atEntity.cachedAt = currentTime.toString();\r\n /*\r\n * Token expiry time.\r\n * This value should be  calculated based on the current UTC time measured locally and the value  expires_in Represented as a string in JSON.\r\n */\r\n atEntity.expiresOn = expiresOn.toString();\r\n atEntity.extendedExpiresOn = extExpiresOn.toString();\r\n if (refreshOn) {\r\n atEntity.refreshOn = refreshOn.toString();\r\n }\r\n atEntity.environment = environment;\r\n atEntity.clientId = clientId;\r\n atEntity.realm = tenantId;\r\n atEntity.target = scopes;\r\n atEntity.oboAssertion = oboAssertion;\r\n atEntity.tokenType = StringUtils.isEmpty(tokenType) ? AuthenticationScheme.BEARER : tokenType;\r\n // Create Access Token With AuthScheme instead of regular access token\r\n if (atEntity.tokenType === AuthenticationScheme.POP) {\r\n atEntity.credentialType = CredentialType.ACCESS_TOKEN_WITH_AUTH_SCHEME;\r\n // Make sure keyId is present and add it to credential\r\n var tokenClaims = AuthToken.extractTokenClaims(accessToken, cryptoUtils);\r\n if (!((_a = tokenClaims === null || tokenClaims === void 0 ? void 0 : tokenClaims.cnf) === null || _a === void 0 ? void 0 : _a.kid)) {\r\n throw ClientAuthError.createTokenClaimsRequiredError();\r\n }\r\n atEntity.keyId = tokenClaims.cnf.kid;\r\n }\r\n return atEntity;\r\n };\r\n /**\r\n * Validates an entity: checks for all expected params\r\n * @param entity\r\n */\r\n AccessTokenEntity.isAccessTokenEntity = function (entity) {\r\n if (!entity) {\r\n return false;\r\n }\r\n return (entity.hasOwnProperty(\"homeAccountId\") &&\r\n entity.hasOwnProperty(\"environment\") &&\r\n entity.hasOwnProperty(\"credentialType\") &&\r\n entity.hasOwnProperty(\"realm\") &&\r\n entity.hasOwnProperty(\"clientId\") &&\r\n entity.hasOwnProperty(\"secret\") &&\r\n entity.hasOwnProperty(\"target\") &&\r\n (entity[\"credentialType\"] === CredentialType.ACCESS_TOKEN || entity[\"credentialType\"] === CredentialType.ACCESS_TOKEN_WITH_AUTH_SCHEME));\r\n };\r\n return AccessTokenEntity;\r\n}(CredentialEntity));\n\nexport { AccessTokenEntity };\n//# sourceMappingURL=AccessTokenEntity.js.map\n","/*! @azure/msal-common v5.0.0 2021-09-08 */\n'use strict';\nimport { Separators, CacheAccountType, CacheType, Constants } from '../../utils/Constants.js';\nimport { buildClientInfo } from '../../account/ClientInfo.js';\nimport { StringUtils } from '../../utils/StringUtils.js';\nimport { ClientAuthError } from '../../error/ClientAuthError.js';\nimport { AuthorityType } from '../../authority/AuthorityType.js';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\n/**\r\n * Type that defines required and optional parameters for an Account field (based on universal cache schema implemented by all MSALs).\r\n *\r\n * Key : Value Schema\r\n *\r\n * Key: --\r\n *\r\n * Value Schema:\r\n * {\r\n * homeAccountId: home account identifier for the auth scheme,\r\n * environment: entity that issued the token, represented as a full host\r\n * realm: Full tenant or organizational identifier that the account belongs to\r\n * localAccountId: Original tenant-specific accountID, usually used for legacy cases\r\n * username: primary username that represents the user, usually corresponds to preferred_username in the v2 endpt\r\n * authorityType: Accounts authority type as a string\r\n * name: Full name for the account, including given name and family name,\r\n * clientInfo: Full base64 encoded client info received from ESTS\r\n * lastModificationTime: last time this entity was modified in the cache\r\n * lastModificationApp:\r\n * oboAssertion: access token passed in as part of OBO request\r\n * idTokenClaims: Object containing claims parsed from ID token\r\n * }\r\n */\r\nvar AccountEntity = /** @class */ (function () {\r\n function AccountEntity() {\r\n }\r\n /**\r\n * Generate Account Id key component as per the schema: -\r\n */\r\n AccountEntity.prototype.generateAccountId = function () {\r\n var accountId = [this.homeAccountId, this.environment];\r\n return accountId.join(Separators.CACHE_KEY_SEPARATOR).toLowerCase();\r\n };\r\n /**\r\n * Generate Account Cache Key as per the schema: --\r\n */\r\n AccountEntity.prototype.generateAccountKey = function () {\r\n return AccountEntity.generateAccountCacheKey({\r\n homeAccountId: this.homeAccountId,\r\n environment: this.environment,\r\n tenantId: this.realm,\r\n username: this.username,\r\n localAccountId: this.localAccountId\r\n });\r\n };\r\n /**\r\n * returns the type of the cache (in this case account)\r\n */\r\n AccountEntity.prototype.generateType = function () {\r\n switch (this.authorityType) {\r\n case CacheAccountType.ADFS_ACCOUNT_TYPE:\r\n return CacheType.ADFS;\r\n case CacheAccountType.MSAV1_ACCOUNT_TYPE:\r\n return CacheType.MSA;\r\n case CacheAccountType.MSSTS_ACCOUNT_TYPE:\r\n return CacheType.MSSTS;\r\n case CacheAccountType.GENERIC_ACCOUNT_TYPE:\r\n return CacheType.GENERIC;\r\n default: {\r\n throw ClientAuthError.createUnexpectedAccountTypeError();\r\n }\r\n }\r\n };\r\n /**\r\n * Returns the AccountInfo interface for this account.\r\n */\r\n AccountEntity.prototype.getAccountInfo = function () {\r\n return {\r\n homeAccountId: this.homeAccountId,\r\n environment: this.environment,\r\n tenantId: this.realm,\r\n username: this.username,\r\n localAccountId: this.localAccountId,\r\n name: this.name,\r\n idTokenClaims: this.idTokenClaims\r\n };\r\n };\r\n /**\r\n * Generates account key from interface\r\n * @param accountInterface\r\n */\r\n AccountEntity.generateAccountCacheKey = function (accountInterface) {\r\n var accountKey = [\r\n accountInterface.homeAccountId,\r\n accountInterface.environment || \"\",\r\n accountInterface.tenantId || \"\",\r\n ];\r\n return accountKey.join(Separators.CACHE_KEY_SEPARATOR).toLowerCase();\r\n };\r\n /**\r\n * Build Account cache from IdToken, clientInfo and authority/policy. Associated with AAD.\r\n * @param clientInfo\r\n * @param authority\r\n * @param idToken\r\n * @param policy\r\n */\r\n AccountEntity.createAccount = function (clientInfo, homeAccountId, idToken, authority, oboAssertion, cloudGraphHostName, msGraphHost, environment) {\r\n var _a, _b, _c, _d, _e, _f;\r\n var account = new AccountEntity();\r\n account.authorityType = CacheAccountType.MSSTS_ACCOUNT_TYPE;\r\n account.clientInfo = clientInfo;\r\n account.homeAccountId = homeAccountId;\r\n var env = environment || (authority && authority.getPreferredCache());\r\n if (!env) {\r\n throw ClientAuthError.createInvalidCacheEnvironmentError();\r\n }\r\n account.environment = env;\r\n // non AAD scenarios can have empty realm\r\n account.realm = ((_a = idToken === null || idToken === void 0 ? void 0 : idToken.claims) === null || _a === void 0 ? void 0 : _a.tid) || \"\";\r\n account.oboAssertion = oboAssertion;\r\n if (idToken) {\r\n account.idTokenClaims = idToken.claims;\r\n // How do you account for MSA CID here?\r\n account.localAccountId = ((_b = idToken === null || idToken === void 0 ? void 0 : idToken.claims) === null || _b === void 0 ? void 0 : _b.oid) || ((_c = idToken === null || idToken === void 0 ? void 0 : idToken.claims) === null || _c === void 0 ? void 0 : _c.sub) || \"\";\r\n /*\r\n * In B2C scenarios the emails claim is used instead of preferred_username and it is an array. In most cases it will contain a single email.\r\n * This field should not be relied upon if a custom policy is configured to return more than 1 email.\r\n */\r\n account.username = ((_d = idToken === null || idToken === void 0 ? void 0 : idToken.claims) === null || _d === void 0 ? void 0 : _d.preferred_username) || (((_e = idToken === null || idToken === void 0 ? void 0 : idToken.claims) === null || _e === void 0 ? void 0 : _e.emails) ? idToken.claims.emails[0] : \"\");\r\n account.name = (_f = idToken === null || idToken === void 0 ? void 0 : idToken.claims) === null || _f === void 0 ? void 0 : _f.name;\r\n }\r\n account.cloudGraphHostName = cloudGraphHostName;\r\n account.msGraphHost = msGraphHost;\r\n return account;\r\n };\r\n /**\r\n * Builds non-AAD/ADFS account.\r\n * @param authority\r\n * @param idToken\r\n */\r\n AccountEntity.createGenericAccount = function (homeAccountId, idToken, authority, oboAssertion, cloudGraphHostName, msGraphHost, environment) {\r\n var _a, _b, _c, _d;\r\n var account = new AccountEntity();\r\n account.authorityType = (authority && authority.authorityType === AuthorityType.Adfs) ? CacheAccountType.ADFS_ACCOUNT_TYPE : CacheAccountType.GENERIC_ACCOUNT_TYPE;\r\n account.homeAccountId = homeAccountId;\r\n // non AAD scenarios can have empty realm\r\n account.realm = \"\";\r\n account.oboAssertion = oboAssertion;\r\n var env = environment || authority && authority.getPreferredCache();\r\n if (!env) {\r\n throw ClientAuthError.createInvalidCacheEnvironmentError();\r\n }\r\n if (idToken) {\r\n // How do you account for MSA CID here?\r\n account.localAccountId = ((_a = idToken === null || idToken === void 0 ? void 0 : idToken.claims) === null || _a === void 0 ? void 0 : _a.oid) || ((_b = idToken === null || idToken === void 0 ? void 0 : idToken.claims) === null || _b === void 0 ? void 0 : _b.sub) || \"\";\r\n // upn claim for most ADFS scenarios\r\n account.username = ((_c = idToken === null || idToken === void 0 ? void 0 : idToken.claims) === null || _c === void 0 ? void 0 : _c.upn) || \"\";\r\n account.name = ((_d = idToken === null || idToken === void 0 ? void 0 : idToken.claims) === null || _d === void 0 ? void 0 : _d.name) || \"\";\r\n account.idTokenClaims = idToken === null || idToken === void 0 ? void 0 : idToken.claims;\r\n }\r\n account.environment = env;\r\n account.cloudGraphHostName = cloudGraphHostName;\r\n account.msGraphHost = msGraphHost;\r\n /*\r\n * add uniqueName to claims\r\n * account.name = idToken.claims.uniqueName;\r\n */\r\n return account;\r\n };\r\n /**\r\n * Generate HomeAccountId from server response\r\n * @param serverClientInfo\r\n * @param authType\r\n */\r\n AccountEntity.generateHomeAccountId = function (serverClientInfo, authType, logger, cryptoObj, idToken) {\r\n var _a;\r\n var accountId = ((_a = idToken === null || idToken === void 0 ? void 0 : idToken.claims) === null || _a === void 0 ? void 0 : _a.sub) ? idToken.claims.sub : Constants.EMPTY_STRING;\r\n // since ADFS does not have tid and does not set client_info\r\n if (authType === AuthorityType.Adfs) {\r\n return accountId;\r\n }\r\n // for cases where there is clientInfo\r\n if (serverClientInfo) {\r\n try {\r\n var clientInfo = buildClientInfo(serverClientInfo, cryptoObj);\r\n if (!StringUtils.isEmpty(clientInfo.uid) && !StringUtils.isEmpty(clientInfo.utid)) {\r\n return \"\" + clientInfo.uid + Separators.CLIENT_INFO_SEPARATOR + clientInfo.utid;\r\n }\r\n }\r\n catch (e) { }\r\n }\r\n // default to \"sub\" claim\r\n logger.verbose(\"No client info in response\");\r\n return accountId;\r\n };\r\n /**\r\n * Validates an entity: checks for all expected params\r\n * @param entity\r\n */\r\n AccountEntity.isAccountEntity = function (entity) {\r\n if (!entity) {\r\n return false;\r\n }\r\n return (entity.hasOwnProperty(\"homeAccountId\") &&\r\n entity.hasOwnProperty(\"environment\") &&\r\n entity.hasOwnProperty(\"realm\") &&\r\n entity.hasOwnProperty(\"localAccountId\") &&\r\n entity.hasOwnProperty(\"username\") &&\r\n entity.hasOwnProperty(\"authorityType\"));\r\n };\r\n /**\r\n * Helper function to determine whether 2 accountInfo objects represent the same account\r\n * @param accountA\r\n * @param accountB\r\n * @param compareClaims - If set to true idTokenClaims will also be compared to determine account equality\r\n */\r\n AccountEntity.accountInfoIsEqual = function (accountA, accountB, compareClaims) {\r\n if (!accountA || !accountB) {\r\n return false;\r\n }\r\n var claimsMatch = true; // default to true so as to not fail comparison below if compareClaims: false\r\n if (compareClaims) {\r\n var accountAClaims = (accountA.idTokenClaims || {});\r\n var accountBClaims = (accountB.idTokenClaims || {});\r\n // issued at timestamp and nonce are expected to change each time a new id token is acquired\r\n claimsMatch = (accountAClaims.iat === accountBClaims.iat) &&\r\n (accountAClaims.nonce === accountBClaims.nonce);\r\n }\r\n return (accountA.homeAccountId === accountB.homeAccountId) &&\r\n (accountA.localAccountId === accountB.localAccountId) &&\r\n (accountA.username === accountB.username) &&\r\n (accountA.tenantId === accountB.tenantId) &&\r\n (accountA.environment === accountB.environment) &&\r\n claimsMatch;\r\n };\r\n return AccountEntity;\r\n}());\n\nexport { AccountEntity };\n//# sourceMappingURL=AccountEntity.js.map\n","/*! @azure/msal-common v5.0.0 2021-09-08 */\n'use strict';\nimport { Separators, APP_METADATA } from '../../utils/Constants.js';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\n/**\r\n * APP_METADATA Cache\r\n *\r\n * Key:Value Schema:\r\n *\r\n * Key: appmetadata--\r\n *\r\n * Value:\r\n * {\r\n * clientId: client ID of the application\r\n * environment: entity that issued the token, represented as a full host\r\n * familyId: Family ID identifier, '1' represents Microsoft Family\r\n * }\r\n */\r\nvar AppMetadataEntity = /** @class */ (function () {\r\n function AppMetadataEntity() {\r\n }\r\n /**\r\n * Generate AppMetadata Cache Key as per the schema: appmetadata--\r\n */\r\n AppMetadataEntity.prototype.generateAppMetadataKey = function () {\r\n return AppMetadataEntity.generateAppMetadataCacheKey(this.environment, this.clientId);\r\n };\r\n /**\r\n * Generate AppMetadata Cache Key\r\n */\r\n AppMetadataEntity.generateAppMetadataCacheKey = function (environment, clientId) {\r\n var appMetaDataKeyArray = [\r\n APP_METADATA,\r\n environment,\r\n clientId,\r\n ];\r\n return appMetaDataKeyArray.join(Separators.CACHE_KEY_SEPARATOR).toLowerCase();\r\n };\r\n /**\r\n * Creates AppMetadataEntity\r\n * @param clientId\r\n * @param environment\r\n * @param familyId\r\n */\r\n AppMetadataEntity.createAppMetadataEntity = function (clientId, environment, familyId) {\r\n var appMetadata = new AppMetadataEntity();\r\n appMetadata.clientId = clientId;\r\n appMetadata.environment = environment;\r\n if (familyId) {\r\n appMetadata.familyId = familyId;\r\n }\r\n return appMetadata;\r\n };\r\n /**\r\n * Validates an entity: checks for all expected params\r\n * @param entity\r\n */\r\n AppMetadataEntity.isAppMetadataEntity = function (key, entity) {\r\n if (!entity) {\r\n return false;\r\n }\r\n return (key.indexOf(APP_METADATA) === 0 &&\r\n entity.hasOwnProperty(\"clientId\") &&\r\n entity.hasOwnProperty(\"environment\"));\r\n };\r\n return AppMetadataEntity;\r\n}());\n\nexport { AppMetadataEntity };\n//# sourceMappingURL=AppMetadataEntity.js.map\n","/*! @azure/msal-common v5.0.0 2021-09-08 */\n'use strict';\nimport { AUTHORITY_METADATA_CONSTANTS } from '../../utils/Constants.js';\nimport { TimeUtils } from '../../utils/TimeUtils.js';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\nvar AuthorityMetadataEntity = /** @class */ (function () {\r\n function AuthorityMetadataEntity() {\r\n this.expiresAt = TimeUtils.nowSeconds() + AUTHORITY_METADATA_CONSTANTS.REFRESH_TIME_SECONDS;\r\n }\r\n /**\r\n * Update the entity with new aliases, preferred_cache and preferred_network values\r\n * @param metadata\r\n * @param fromNetwork\r\n */\r\n AuthorityMetadataEntity.prototype.updateCloudDiscoveryMetadata = function (metadata, fromNetwork) {\r\n this.aliases = metadata.aliases;\r\n this.preferred_cache = metadata.preferred_cache;\r\n this.preferred_network = metadata.preferred_network;\r\n this.aliasesFromNetwork = fromNetwork;\r\n };\r\n /**\r\n * Update the entity with new endpoints\r\n * @param metadata\r\n * @param fromNetwork\r\n */\r\n AuthorityMetadataEntity.prototype.updateEndpointMetadata = function (metadata, fromNetwork) {\r\n this.authorization_endpoint = metadata.authorization_endpoint;\r\n this.token_endpoint = metadata.token_endpoint;\r\n this.end_session_endpoint = metadata.end_session_endpoint;\r\n this.issuer = metadata.issuer;\r\n this.endpointsFromNetwork = fromNetwork;\r\n };\r\n /**\r\n * Save the authority that was used to create this cache entry\r\n * @param authority\r\n */\r\n AuthorityMetadataEntity.prototype.updateCanonicalAuthority = function (authority) {\r\n this.canonical_authority = authority;\r\n };\r\n /**\r\n * Reset the exiresAt value\r\n */\r\n AuthorityMetadataEntity.prototype.resetExpiresAt = function () {\r\n this.expiresAt = TimeUtils.nowSeconds() + AUTHORITY_METADATA_CONSTANTS.REFRESH_TIME_SECONDS;\r\n };\r\n /**\r\n * Returns whether or not the data needs to be refreshed\r\n */\r\n AuthorityMetadataEntity.prototype.isExpired = function () {\r\n return this.expiresAt <= TimeUtils.nowSeconds();\r\n };\r\n /**\r\n * Validates an entity: checks for all expected params\r\n * @param entity\r\n */\r\n AuthorityMetadataEntity.isAuthorityMetadataEntity = function (key, entity) {\r\n if (!entity) {\r\n return false;\r\n }\r\n return (key.indexOf(AUTHORITY_METADATA_CONSTANTS.CACHE_KEY) === 0 &&\r\n entity.hasOwnProperty(\"aliases\") &&\r\n entity.hasOwnProperty(\"preferred_cache\") &&\r\n entity.hasOwnProperty(\"preferred_network\") &&\r\n entity.hasOwnProperty(\"canonical_authority\") &&\r\n entity.hasOwnProperty(\"authorization_endpoint\") &&\r\n entity.hasOwnProperty(\"token_endpoint\") &&\r\n entity.hasOwnProperty(\"end_session_endpoint\") &&\r\n entity.hasOwnProperty(\"issuer\") &&\r\n entity.hasOwnProperty(\"aliasesFromNetwork\") &&\r\n entity.hasOwnProperty(\"endpointsFromNetwork\") &&\r\n entity.hasOwnProperty(\"expiresAt\"));\r\n };\r\n return AuthorityMetadataEntity;\r\n}());\n\nexport { AuthorityMetadataEntity };\n//# sourceMappingURL=AuthorityMetadataEntity.js.map\n","/*! @azure/msal-common v5.0.0 2021-09-08 */\n'use strict';\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\nvar CacheRecord = /** @class */ (function () {\r\n function CacheRecord(accountEntity, idTokenEntity, accessTokenEntity, refreshTokenEntity, appMetadataEntity) {\r\n this.account = accountEntity || null;\r\n this.idToken = idTokenEntity || null;\r\n this.accessToken = accessTokenEntity || null;\r\n this.refreshToken = refreshTokenEntity || null;\r\n this.appMetadata = appMetadataEntity || null;\r\n }\r\n return CacheRecord;\r\n}());\n\nexport { CacheRecord };\n//# sourceMappingURL=CacheRecord.js.map\n","/*! @azure/msal-common v5.0.0 2021-09-08 */\n'use strict';\nimport { CredentialType, CacheType, Constants, AuthenticationScheme, Separators } from '../../utils/Constants.js';\nimport { ClientAuthError } from '../../error/ClientAuthError.js';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\n/**\r\n * Base type for credentials to be stored in the cache: eg: ACCESS_TOKEN, ID_TOKEN etc\r\n *\r\n * Key:Value Schema:\r\n *\r\n * Key: ------\r\n *\r\n * Value Schema:\r\n * {\r\n * homeAccountId: home account identifier for the auth scheme,\r\n * environment: entity that issued the token, represented as a full host\r\n * credentialType: Type of credential as a string, can be one of the following: RefreshToken, AccessToken, IdToken, Password, Cookie, Certificate, Other\r\n * clientId: client ID of the application\r\n * secret: Actual credential as a string\r\n * familyId: Family ID identifier, usually only used for refresh tokens\r\n * realm: Full tenant or organizational identifier that the account belongs to\r\n * target: Permissions that are included in the token, or for refresh tokens, the resource identifier.\r\n * oboAssertion: access token passed in as part of OBO request\r\n * tokenType: Matches the authentication scheme for which the token was issued (i.e. Bearer or pop)\r\n * }\r\n */\r\nvar CredentialEntity = /** @class */ (function () {\r\n function CredentialEntity() {\r\n }\r\n /**\r\n * Generate Account Id key component as per the schema: -\r\n */\r\n CredentialEntity.prototype.generateAccountId = function () {\r\n return CredentialEntity.generateAccountIdForCacheKey(this.homeAccountId, this.environment);\r\n };\r\n /**\r\n * Generate Credential Id key component as per the schema: --\r\n */\r\n CredentialEntity.prototype.generateCredentialId = function () {\r\n return CredentialEntity.generateCredentialIdForCacheKey(this.credentialType, this.clientId, this.realm, this.familyId);\r\n };\r\n /**\r\n * Generate target key component as per schema: \r\n */\r\n CredentialEntity.prototype.generateTarget = function () {\r\n return CredentialEntity.generateTargetForCacheKey(this.target);\r\n };\r\n /**\r\n * generates credential key\r\n */\r\n CredentialEntity.prototype.generateCredentialKey = function () {\r\n return CredentialEntity.generateCredentialCacheKey(this.homeAccountId, this.environment, this.credentialType, this.clientId, this.realm, this.target, this.familyId, this.tokenType);\r\n };\r\n /**\r\n * returns the type of the cache (in this case credential)\r\n */\r\n CredentialEntity.prototype.generateType = function () {\r\n switch (this.credentialType) {\r\n case CredentialType.ID_TOKEN:\r\n return CacheType.ID_TOKEN;\r\n case CredentialType.ACCESS_TOKEN:\r\n case CredentialType.ACCESS_TOKEN_WITH_AUTH_SCHEME:\r\n return CacheType.ACCESS_TOKEN;\r\n case CredentialType.REFRESH_TOKEN:\r\n return CacheType.REFRESH_TOKEN;\r\n default: {\r\n throw ClientAuthError.createUnexpectedCredentialTypeError();\r\n }\r\n }\r\n };\r\n /**\r\n * helper function to return `CredentialType`\r\n * @param key\r\n */\r\n CredentialEntity.getCredentialType = function (key) {\r\n // First keyword search will match all \"AccessToken\" and \"AccessToken_With_AuthScheme\" credentials\r\n if (key.indexOf(CredentialType.ACCESS_TOKEN.toLowerCase()) !== -1) {\r\n // Perform second search to differentiate between \"AccessToken\" and \"AccessToken_With_AuthScheme\" credential types\r\n if (key.indexOf(CredentialType.ACCESS_TOKEN_WITH_AUTH_SCHEME.toLowerCase()) !== -1) {\r\n return CredentialType.ACCESS_TOKEN_WITH_AUTH_SCHEME;\r\n }\r\n return CredentialType.ACCESS_TOKEN;\r\n }\r\n else if (key.indexOf(CredentialType.ID_TOKEN.toLowerCase()) !== -1) {\r\n return CredentialType.ID_TOKEN;\r\n }\r\n else if (key.indexOf(CredentialType.REFRESH_TOKEN.toLowerCase()) !== -1) {\r\n return CredentialType.REFRESH_TOKEN;\r\n }\r\n return Constants.NOT_DEFINED;\r\n };\r\n /**\r\n * generates credential key\r\n * -\\-----\r\n */\r\n CredentialEntity.generateCredentialCacheKey = function (homeAccountId, environment, credentialType, clientId, realm, target, familyId, tokenType) {\r\n var credentialKey = [\r\n this.generateAccountIdForCacheKey(homeAccountId, environment),\r\n this.generateCredentialIdForCacheKey(credentialType, clientId, realm, familyId),\r\n this.generateTargetForCacheKey(target)\r\n ];\r\n // PoP Tokens include scheme in cache key\r\n if (tokenType === AuthenticationScheme.POP) {\r\n credentialKey.push(tokenType.toLowerCase());\r\n }\r\n return credentialKey.join(Separators.CACHE_KEY_SEPARATOR).toLowerCase();\r\n };\r\n /**\r\n * generates Account Id for keys\r\n * @param homeAccountId\r\n * @param environment\r\n */\r\n CredentialEntity.generateAccountIdForCacheKey = function (homeAccountId, environment) {\r\n var accountId = [homeAccountId, environment];\r\n return accountId.join(Separators.CACHE_KEY_SEPARATOR).toLowerCase();\r\n };\r\n /**\r\n * Generates Credential Id for keys\r\n * @param credentialType\r\n * @param realm\r\n * @param clientId\r\n * @param familyId\r\n */\r\n CredentialEntity.generateCredentialIdForCacheKey = function (credentialType, clientId, realm, familyId) {\r\n var clientOrFamilyId = credentialType === CredentialType.REFRESH_TOKEN\r\n ? familyId || clientId\r\n : clientId;\r\n var credentialId = [\r\n credentialType,\r\n clientOrFamilyId,\r\n realm || \"\",\r\n ];\r\n return credentialId.join(Separators.CACHE_KEY_SEPARATOR).toLowerCase();\r\n };\r\n /**\r\n * Generate target key component as per schema: \r\n */\r\n CredentialEntity.generateTargetForCacheKey = function (scopes) {\r\n return (scopes || \"\").toLowerCase();\r\n };\r\n return CredentialEntity;\r\n}());\n\nexport { CredentialEntity };\n//# sourceMappingURL=CredentialEntity.js.map\n","/*! @azure/msal-common v5.0.0 2021-09-08 */\n'use strict';\nimport { __extends } from '../../_virtual/_tslib.js';\nimport { CredentialEntity } from './CredentialEntity.js';\nimport { CredentialType } from '../../utils/Constants.js';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\n/**\r\n * ID_TOKEN Cache\r\n *\r\n * Key:Value Schema:\r\n *\r\n * Key Example: uid.utid-login.microsoftonline.com-idtoken-clientId-contoso.com-\r\n *\r\n * Value Schema:\r\n * {\r\n * homeAccountId: home account identifier for the auth scheme,\r\n * environment: entity that issued the token, represented as a full host\r\n * credentialType: Type of credential as a string, can be one of the following: RefreshToken, AccessToken, IdToken, Password, Cookie, Certificate, Other\r\n * clientId: client ID of the application\r\n * secret: Actual credential as a string\r\n * realm: Full tenant or organizational identifier that the account belongs to\r\n * }\r\n */\r\nvar IdTokenEntity = /** @class */ (function (_super) {\r\n __extends(IdTokenEntity, _super);\r\n function IdTokenEntity() {\r\n return _super !== null && _super.apply(this, arguments) || this;\r\n }\r\n /**\r\n * Create IdTokenEntity\r\n * @param homeAccountId\r\n * @param authenticationResult\r\n * @param clientId\r\n * @param authority\r\n */\r\n IdTokenEntity.createIdTokenEntity = function (homeAccountId, environment, idToken, clientId, tenantId, oboAssertion) {\r\n var idTokenEntity = new IdTokenEntity();\r\n idTokenEntity.credentialType = CredentialType.ID_TOKEN;\r\n idTokenEntity.homeAccountId = homeAccountId;\r\n idTokenEntity.environment = environment;\r\n idTokenEntity.clientId = clientId;\r\n idTokenEntity.secret = idToken;\r\n idTokenEntity.realm = tenantId;\r\n idTokenEntity.oboAssertion = oboAssertion;\r\n return idTokenEntity;\r\n };\r\n /**\r\n * Validates an entity: checks for all expected params\r\n * @param entity\r\n */\r\n IdTokenEntity.isIdTokenEntity = function (entity) {\r\n if (!entity) {\r\n return false;\r\n }\r\n return (entity.hasOwnProperty(\"homeAccountId\") &&\r\n entity.hasOwnProperty(\"environment\") &&\r\n entity.hasOwnProperty(\"credentialType\") &&\r\n entity.hasOwnProperty(\"realm\") &&\r\n entity.hasOwnProperty(\"clientId\") &&\r\n entity.hasOwnProperty(\"secret\") &&\r\n entity[\"credentialType\"] === CredentialType.ID_TOKEN);\r\n };\r\n return IdTokenEntity;\r\n}(CredentialEntity));\n\nexport { IdTokenEntity };\n//# sourceMappingURL=IdTokenEntity.js.map\n","/*! @azure/msal-common v5.0.0 2021-09-08 */\n'use strict';\nimport { __extends } from '../../_virtual/_tslib.js';\nimport { CredentialEntity } from './CredentialEntity.js';\nimport { CredentialType } from '../../utils/Constants.js';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\n/**\r\n * REFRESH_TOKEN Cache\r\n *\r\n * Key:Value Schema:\r\n *\r\n * Key Example: uid.utid-login.microsoftonline.com-refreshtoken-clientId--\r\n *\r\n * Value:\r\n * {\r\n * homeAccountId: home account identifier for the auth scheme,\r\n * environment: entity that issued the token, represented as a full host\r\n * credentialType: Type of credential as a string, can be one of the following: RefreshToken, AccessToken, IdToken, Password, Cookie, Certificate, Other\r\n * clientId: client ID of the application\r\n * secret: Actual credential as a string\r\n * familyId: Family ID identifier, '1' represents Microsoft Family\r\n * realm: Full tenant or organizational identifier that the account belongs to\r\n * target: Permissions that are included in the token, or for refresh tokens, the resource identifier.\r\n * }\r\n */\r\nvar RefreshTokenEntity = /** @class */ (function (_super) {\r\n __extends(RefreshTokenEntity, _super);\r\n function RefreshTokenEntity() {\r\n return _super !== null && _super.apply(this, arguments) || this;\r\n }\r\n /**\r\n * Create RefreshTokenEntity\r\n * @param homeAccountId\r\n * @param authenticationResult\r\n * @param clientId\r\n * @param authority\r\n */\r\n RefreshTokenEntity.createRefreshTokenEntity = function (homeAccountId, environment, refreshToken, clientId, familyId, oboAssertion) {\r\n var rtEntity = new RefreshTokenEntity();\r\n rtEntity.clientId = clientId;\r\n rtEntity.credentialType = CredentialType.REFRESH_TOKEN;\r\n rtEntity.environment = environment;\r\n rtEntity.homeAccountId = homeAccountId;\r\n rtEntity.secret = refreshToken;\r\n rtEntity.oboAssertion = oboAssertion;\r\n if (familyId)\r\n rtEntity.familyId = familyId;\r\n return rtEntity;\r\n };\r\n /**\r\n * Validates an entity: checks for all expected params\r\n * @param entity\r\n */\r\n RefreshTokenEntity.isRefreshTokenEntity = function (entity) {\r\n if (!entity) {\r\n return false;\r\n }\r\n return (entity.hasOwnProperty(\"homeAccountId\") &&\r\n entity.hasOwnProperty(\"environment\") &&\r\n entity.hasOwnProperty(\"credentialType\") &&\r\n entity.hasOwnProperty(\"clientId\") &&\r\n entity.hasOwnProperty(\"secret\") &&\r\n entity[\"credentialType\"] === CredentialType.REFRESH_TOKEN);\r\n };\r\n return RefreshTokenEntity;\r\n}(CredentialEntity));\n\nexport { RefreshTokenEntity };\n//# sourceMappingURL=RefreshTokenEntity.js.map\n","/*! @azure/msal-common v5.0.0 2021-09-08 */\n'use strict';\nimport { SERVER_TELEM_CONSTANTS } from '../../utils/Constants.js';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\nvar ServerTelemetryEntity = /** @class */ (function () {\r\n function ServerTelemetryEntity() {\r\n this.failedRequests = [];\r\n this.errors = [];\r\n this.cacheHits = 0;\r\n }\r\n /**\r\n * validates if a given cache entry is \"Telemetry\", parses \r\n * @param key\r\n * @param entity\r\n */\r\n ServerTelemetryEntity.isServerTelemetryEntity = function (key, entity) {\r\n var validateKey = key.indexOf(SERVER_TELEM_CONSTANTS.CACHE_KEY) === 0;\r\n var validateEntity = true;\r\n if (entity) {\r\n validateEntity =\r\n entity.hasOwnProperty(\"failedRequests\") &&\r\n entity.hasOwnProperty(\"errors\") &&\r\n entity.hasOwnProperty(\"cacheHits\");\r\n }\r\n return validateKey && validateEntity;\r\n };\r\n return ServerTelemetryEntity;\r\n}());\n\nexport { ServerTelemetryEntity };\n//# sourceMappingURL=ServerTelemetryEntity.js.map\n","/*! @azure/msal-common v5.0.0 2021-09-08 */\n'use strict';\nimport { ThrottlingConstants } from '../../utils/Constants.js';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\nvar ThrottlingEntity = /** @class */ (function () {\r\n function ThrottlingEntity() {\r\n }\r\n /**\r\n * validates if a given cache entry is \"Throttling\", parses \r\n * @param key\r\n * @param entity\r\n */\r\n ThrottlingEntity.isThrottlingEntity = function (key, entity) {\r\n var validateKey = false;\r\n if (key) {\r\n validateKey = key.indexOf(ThrottlingConstants.THROTTLING_PREFIX) === 0;\r\n }\r\n var validateEntity = true;\r\n if (entity) {\r\n validateEntity = entity.hasOwnProperty(\"throttleTime\");\r\n }\r\n return validateKey && validateEntity;\r\n };\r\n return ThrottlingEntity;\r\n}());\n\nexport { ThrottlingEntity };\n//# sourceMappingURL=ThrottlingEntity.js.map\n","/*! @azure/msal-common v5.0.0 2021-09-08 */\n'use strict';\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\n/**\r\n * This class instance helps track the memory changes facilitating\r\n * decisions to read from and write to the persistent cache\r\n */ var TokenCacheContext = /** @class */ (function () {\r\n function TokenCacheContext(tokenCache, hasChanged) {\r\n this.cache = tokenCache;\r\n this.hasChanged = hasChanged;\r\n }\r\n Object.defineProperty(TokenCacheContext.prototype, \"cacheHasChanged\", {\r\n /**\r\n * boolean which indicates the changes in cache\r\n */\r\n get: function () {\r\n return this.hasChanged;\r\n },\r\n enumerable: false,\r\n configurable: true\r\n });\r\n Object.defineProperty(TokenCacheContext.prototype, \"tokenCache\", {\r\n /**\r\n * function to retrieve the token cache\r\n */\r\n get: function () {\r\n return this.cache;\r\n },\r\n enumerable: false,\r\n configurable: true\r\n });\r\n return TokenCacheContext;\r\n}());\n\nexport { TokenCacheContext };\n//# sourceMappingURL=TokenCacheContext.js.map\n","/*! @azure/msal-common v5.0.0 2021-09-08 */\n'use strict';\nimport { __extends, __awaiter, __generator, __assign, __spreadArrays } from '../_virtual/_tslib.js';\nimport { BaseClient } from './BaseClient.js';\nimport { RequestParameterBuilder } from '../request/RequestParameterBuilder.js';\nimport { PromptValue, Separators, GrantType, AuthenticationScheme } from '../utils/Constants.js';\nimport { ResponseHandler } from '../response/ResponseHandler.js';\nimport { StringUtils } from '../utils/StringUtils.js';\nimport { ClientAuthError } from '../error/ClientAuthError.js';\nimport { UrlString } from '../url/UrlString.js';\nimport { PopTokenGenerator } from '../crypto/PopTokenGenerator.js';\nimport { TimeUtils } from '../utils/TimeUtils.js';\nimport { buildClientInfoFromHomeAccountId, buildClientInfo } from '../account/ClientInfo.js';\nimport { CcsCredentialType } from '../account/CcsCredential.js';\nimport { ClientConfigurationError } from '../error/ClientConfigurationError.js';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\n/**\r\n * Oauth2.0 Authorization Code client\r\n */\r\nvar AuthorizationCodeClient = /** @class */ (function (_super) {\r\n __extends(AuthorizationCodeClient, _super);\r\n function AuthorizationCodeClient(configuration) {\r\n return _super.call(this, configuration) || this;\r\n }\r\n /**\r\n * Creates the URL of the authorization request letting the user input credentials and consent to the\r\n * application. The URL target the /authorize endpoint of the authority configured in the\r\n * application object.\r\n *\r\n * Once the user inputs their credentials and consents, the authority will send a response to the redirect URI\r\n * sent in the request and should contain an authorization code, which can then be used to acquire tokens via\r\n * acquireToken(AuthorizationCodeRequest)\r\n * @param request\r\n */\r\n AuthorizationCodeClient.prototype.getAuthCodeUrl = function (request) {\r\n return __awaiter(this, void 0, void 0, function () {\r\n var queryString;\r\n return __generator(this, function (_a) {\r\n queryString = this.createAuthCodeUrlQueryString(request);\r\n return [2 /*return*/, UrlString.appendQueryString(this.authority.authorizationEndpoint, queryString)];\r\n });\r\n });\r\n };\r\n /**\r\n * API to acquire a token in exchange of 'authorization_code` acquired by the user in the first leg of the\r\n * authorization_code_grant\r\n * @param request\r\n */\r\n AuthorizationCodeClient.prototype.acquireToken = function (request, authCodePayload) {\r\n return __awaiter(this, void 0, void 0, function () {\r\n var reqTimestamp, response, responseHandler;\r\n return __generator(this, function (_a) {\r\n switch (_a.label) {\r\n case 0:\r\n this.logger.info(\"in acquireToken call\");\r\n if (!request || StringUtils.isEmpty(request.code)) {\r\n throw ClientAuthError.createTokenRequestCannotBeMadeError();\r\n }\r\n reqTimestamp = TimeUtils.nowSeconds();\r\n return [4 /*yield*/, this.executeTokenRequest(this.authority, request)];\r\n case 1:\r\n response = _a.sent();\r\n responseHandler = new ResponseHandler(this.config.authOptions.clientId, this.cacheManager, this.cryptoUtils, this.logger, this.config.serializableCache, this.config.persistencePlugin);\r\n // Validate response. This function throws a server error if an error is returned by the server.\r\n responseHandler.validateTokenResponse(response.body);\r\n return [4 /*yield*/, responseHandler.handleServerTokenResponse(response.body, this.authority, reqTimestamp, request, authCodePayload)];\r\n case 2: return [2 /*return*/, _a.sent()];\r\n }\r\n });\r\n });\r\n };\r\n /**\r\n * Handles the hash fragment response from public client code request. Returns a code response used by\r\n * the client to exchange for a token in acquireToken.\r\n * @param hashFragment\r\n */\r\n AuthorizationCodeClient.prototype.handleFragmentResponse = function (hashFragment, cachedState) {\r\n // Handle responses.\r\n var responseHandler = new ResponseHandler(this.config.authOptions.clientId, this.cacheManager, this.cryptoUtils, this.logger, null, null);\r\n // Deserialize hash fragment response parameters.\r\n var hashUrlString = new UrlString(hashFragment);\r\n // Deserialize hash fragment response parameters.\r\n var serverParams = UrlString.getDeserializedHash(hashUrlString.getHash());\r\n // Get code response\r\n responseHandler.validateServerAuthorizationCodeResponse(serverParams, cachedState, this.cryptoUtils);\r\n // throw when there is no auth code in the response\r\n if (!serverParams.code) {\r\n throw ClientAuthError.createNoAuthCodeInServerResponseError();\r\n }\r\n return __assign(__assign({}, serverParams), { \r\n // Code param is optional in ServerAuthorizationCodeResponse but required in AuthorizationCodePaylod\r\n code: serverParams.code });\r\n };\r\n /**\r\n * Used to log out the current user, and redirect the user to the postLogoutRedirectUri.\r\n * Default behaviour is to redirect the user to `window.location.href`.\r\n * @param authorityUri\r\n */\r\n AuthorizationCodeClient.prototype.getLogoutUri = function (logoutRequest) {\r\n // Throw error if logoutRequest is null/undefined\r\n if (!logoutRequest) {\r\n throw ClientConfigurationError.createEmptyLogoutRequestError();\r\n }\r\n var queryString = this.createLogoutUrlQueryString(logoutRequest);\r\n // Construct logout URI.\r\n return UrlString.appendQueryString(this.authority.endSessionEndpoint, queryString);\r\n };\r\n /**\r\n * Executes POST request to token endpoint\r\n * @param authority\r\n * @param request\r\n */\r\n AuthorizationCodeClient.prototype.executeTokenRequest = function (authority, request) {\r\n return __awaiter(this, void 0, void 0, function () {\r\n var thumbprint, requestBody, queryParameters, ccsCredential, clientInfo, headers, endpoint;\r\n return __generator(this, function (_a) {\r\n switch (_a.label) {\r\n case 0:\r\n thumbprint = {\r\n clientId: this.config.authOptions.clientId,\r\n authority: authority.canonicalAuthority,\r\n scopes: request.scopes,\r\n authenticationScheme: request.authenticationScheme,\r\n resourceRequestMethod: request.resourceRequestMethod,\r\n resourceRequestUri: request.resourceRequestUri,\r\n shrClaims: request.shrClaims\r\n };\r\n return [4 /*yield*/, this.createTokenRequestBody(request)];\r\n case 1:\r\n requestBody = _a.sent();\r\n queryParameters = this.createTokenQueryParameters(request);\r\n ccsCredential = undefined;\r\n if (request.clientInfo) {\r\n try {\r\n clientInfo = buildClientInfo(request.clientInfo, this.cryptoUtils);\r\n ccsCredential = {\r\n credential: \"\" + clientInfo.uid + Separators.CLIENT_INFO_SEPARATOR + clientInfo.utid,\r\n type: CcsCredentialType.HOME_ACCOUNT_ID\r\n };\r\n }\r\n catch (e) {\r\n this.logger.verbose(\"Could not parse client info for CCS Header: \" + e);\r\n }\r\n }\r\n headers = this.createTokenRequestHeaders(ccsCredential || request.ccsCredential);\r\n endpoint = StringUtils.isEmpty(queryParameters) ? authority.tokenEndpoint : authority.tokenEndpoint + \"?\" + queryParameters;\r\n return [2 /*return*/, this.executePostToTokenEndpoint(endpoint, requestBody, headers, thumbprint)];\r\n }\r\n });\r\n });\r\n };\r\n /**\r\n * Creates query string for the /token request\r\n * @param request\r\n */\r\n AuthorizationCodeClient.prototype.createTokenQueryParameters = function (request) {\r\n var parameterBuilder = new RequestParameterBuilder();\r\n if (request.tokenQueryParameters) {\r\n parameterBuilder.addExtraQueryParameters(request.tokenQueryParameters);\r\n }\r\n return parameterBuilder.createQueryString();\r\n };\r\n /**\r\n * Generates a map for all the params to be sent to the service\r\n * @param request\r\n */\r\n AuthorizationCodeClient.prototype.createTokenRequestBody = function (request) {\r\n return __awaiter(this, void 0, void 0, function () {\r\n var parameterBuilder, clientAssertion, popTokenGenerator, cnfString, correlationId, ccsCred, clientInfo, clientInfo;\r\n return __generator(this, function (_a) {\r\n switch (_a.label) {\r\n case 0:\r\n parameterBuilder = new RequestParameterBuilder();\r\n parameterBuilder.addClientId(this.config.authOptions.clientId);\r\n // validate the redirectUri (to be a non null value)\r\n parameterBuilder.addRedirectUri(request.redirectUri);\r\n // Add scope array, parameter builder will add default scopes and dedupe\r\n parameterBuilder.addScopes(request.scopes);\r\n // add code: user set, not validated\r\n parameterBuilder.addAuthorizationCode(request.code);\r\n // Add library metadata\r\n parameterBuilder.addLibraryInfo(this.config.libraryInfo);\r\n parameterBuilder.addThrottling();\r\n if (this.serverTelemetryManager) {\r\n parameterBuilder.addServerTelemetry(this.serverTelemetryManager);\r\n }\r\n // add code_verifier if passed\r\n if (request.codeVerifier) {\r\n parameterBuilder.addCodeVerifier(request.codeVerifier);\r\n }\r\n if (this.config.clientCredentials.clientSecret) {\r\n parameterBuilder.addClientSecret(this.config.clientCredentials.clientSecret);\r\n }\r\n if (this.config.clientCredentials.clientAssertion) {\r\n clientAssertion = this.config.clientCredentials.clientAssertion;\r\n parameterBuilder.addClientAssertion(clientAssertion.assertion);\r\n parameterBuilder.addClientAssertionType(clientAssertion.assertionType);\r\n }\r\n parameterBuilder.addGrantType(GrantType.AUTHORIZATION_CODE_GRANT);\r\n parameterBuilder.addClientInfo();\r\n if (!(request.authenticationScheme === AuthenticationScheme.POP)) return [3 /*break*/, 2];\r\n popTokenGenerator = new PopTokenGenerator(this.cryptoUtils);\r\n return [4 /*yield*/, popTokenGenerator.generateCnf(request)];\r\n case 1:\r\n cnfString = _a.sent();\r\n parameterBuilder.addPopToken(cnfString);\r\n _a.label = 2;\r\n case 2:\r\n correlationId = request.correlationId || this.config.cryptoInterface.createNewGuid();\r\n parameterBuilder.addCorrelationId(correlationId);\r\n if (!StringUtils.isEmptyObj(request.claims) || this.config.authOptions.clientCapabilities && this.config.authOptions.clientCapabilities.length > 0) {\r\n parameterBuilder.addClaims(request.claims, this.config.authOptions.clientCapabilities);\r\n }\r\n ccsCred = undefined;\r\n if (request.clientInfo) {\r\n try {\r\n clientInfo = buildClientInfo(request.clientInfo, this.cryptoUtils);\r\n ccsCred = {\r\n credential: \"\" + clientInfo.uid + Separators.CLIENT_INFO_SEPARATOR + clientInfo.utid,\r\n type: CcsCredentialType.HOME_ACCOUNT_ID\r\n };\r\n }\r\n catch (e) {\r\n this.logger.verbose(\"Could not parse client info for CCS Header: \" + e);\r\n }\r\n }\r\n else {\r\n ccsCred = request.ccsCredential;\r\n }\r\n // Adds these as parameters in the request instead of headers to prevent CORS preflight request\r\n if (this.config.systemOptions.preventCorsPreflight && ccsCred) {\r\n switch (ccsCred.type) {\r\n case CcsCredentialType.HOME_ACCOUNT_ID:\r\n try {\r\n clientInfo = buildClientInfoFromHomeAccountId(ccsCred.credential);\r\n parameterBuilder.addCcsOid(clientInfo);\r\n }\r\n catch (e) {\r\n this.logger.verbose(\"Could not parse home account ID for CCS Header: \" + e);\r\n }\r\n break;\r\n case CcsCredentialType.UPN:\r\n parameterBuilder.addCcsUpn(ccsCred.credential);\r\n break;\r\n }\r\n }\r\n return [2 /*return*/, parameterBuilder.createQueryString()];\r\n }\r\n });\r\n });\r\n };\r\n /**\r\n * This API validates the `AuthorizationCodeUrlRequest` and creates a URL\r\n * @param request\r\n */\r\n AuthorizationCodeClient.prototype.createAuthCodeUrlQueryString = function (request) {\r\n var parameterBuilder = new RequestParameterBuilder();\r\n parameterBuilder.addClientId(this.config.authOptions.clientId);\r\n var requestScopes = __spreadArrays(request.scopes || [], request.extraScopesToConsent || []);\r\n parameterBuilder.addScopes(requestScopes);\r\n // validate the redirectUri (to be a non null value)\r\n parameterBuilder.addRedirectUri(request.redirectUri);\r\n // generate the correlationId if not set by the user and add\r\n var correlationId = request.correlationId || this.config.cryptoInterface.createNewGuid();\r\n parameterBuilder.addCorrelationId(correlationId);\r\n // add response_mode. If not passed in it defaults to query.\r\n parameterBuilder.addResponseMode(request.responseMode);\r\n // add response_type = code\r\n parameterBuilder.addResponseTypeCode();\r\n // add library info parameters\r\n parameterBuilder.addLibraryInfo(this.config.libraryInfo);\r\n // add client_info=1\r\n parameterBuilder.addClientInfo();\r\n if (request.codeChallenge && request.codeChallengeMethod) {\r\n parameterBuilder.addCodeChallengeParams(request.codeChallenge, request.codeChallengeMethod);\r\n }\r\n if (request.prompt) {\r\n parameterBuilder.addPrompt(request.prompt);\r\n }\r\n if (request.domainHint) {\r\n parameterBuilder.addDomainHint(request.domainHint);\r\n }\r\n // Add sid or loginHint with preference for sid -> loginHint -> username of AccountInfo object\r\n if (request.prompt !== PromptValue.SELECT_ACCOUNT) {\r\n // AAD will throw if prompt=select_account is passed with an account hint\r\n if (request.sid && request.prompt === PromptValue.NONE) {\r\n // SessionID is only used in silent calls\r\n this.logger.verbose(\"createAuthCodeUrlQueryString: Prompt is none, adding sid from request\");\r\n parameterBuilder.addSid(request.sid);\r\n }\r\n else if (request.account) {\r\n var accountSid = this.extractAccountSid(request.account);\r\n // If account and loginHint are provided, we will check account first for sid before adding loginHint\r\n if (accountSid && request.prompt === PromptValue.NONE) {\r\n // SessionId is only used in silent calls\r\n this.logger.verbose(\"createAuthCodeUrlQueryString: Prompt is none, adding sid from account\");\r\n parameterBuilder.addSid(accountSid);\r\n try {\r\n var clientInfo = buildClientInfoFromHomeAccountId(request.account.homeAccountId);\r\n parameterBuilder.addCcsOid(clientInfo);\r\n }\r\n catch (e) {\r\n this.logger.verbose(\"Could not parse home account ID for CCS Header: \" + e);\r\n }\r\n }\r\n else if (request.loginHint) {\r\n this.logger.verbose(\"createAuthCodeUrlQueryString: Adding login_hint from request\");\r\n parameterBuilder.addLoginHint(request.loginHint);\r\n parameterBuilder.addCcsUpn(request.loginHint);\r\n }\r\n else if (request.account.username) {\r\n // Fallback to account username if provided\r\n this.logger.verbose(\"createAuthCodeUrlQueryString: Adding login_hint from account\");\r\n parameterBuilder.addLoginHint(request.account.username);\r\n try {\r\n var clientInfo = buildClientInfoFromHomeAccountId(request.account.homeAccountId);\r\n parameterBuilder.addCcsOid(clientInfo);\r\n }\r\n catch (e) {\r\n this.logger.verbose(\"Could not parse home account ID for CCS Header: \" + e);\r\n }\r\n }\r\n }\r\n else if (request.loginHint) {\r\n this.logger.verbose(\"createAuthCodeUrlQueryString: No account, adding login_hint from request\");\r\n parameterBuilder.addLoginHint(request.loginHint);\r\n parameterBuilder.addCcsUpn(request.loginHint);\r\n }\r\n }\r\n else {\r\n this.logger.verbose(\"createAuthCodeUrlQueryString: Prompt is select_account, ignoring account hints\");\r\n }\r\n if (request.nonce) {\r\n parameterBuilder.addNonce(request.nonce);\r\n }\r\n if (request.state) {\r\n parameterBuilder.addState(request.state);\r\n }\r\n if (!StringUtils.isEmpty(request.claims) || this.config.authOptions.clientCapabilities && this.config.authOptions.clientCapabilities.length > 0) {\r\n parameterBuilder.addClaims(request.claims, this.config.authOptions.clientCapabilities);\r\n }\r\n if (request.extraQueryParameters) {\r\n parameterBuilder.addExtraQueryParameters(request.extraQueryParameters);\r\n }\r\n return parameterBuilder.createQueryString();\r\n };\r\n /**\r\n * This API validates the `EndSessionRequest` and creates a URL\r\n * @param request\r\n */\r\n AuthorizationCodeClient.prototype.createLogoutUrlQueryString = function (request) {\r\n var parameterBuilder = new RequestParameterBuilder();\r\n if (request.postLogoutRedirectUri) {\r\n parameterBuilder.addPostLogoutRedirectUri(request.postLogoutRedirectUri);\r\n }\r\n if (request.correlationId) {\r\n parameterBuilder.addCorrelationId(request.correlationId);\r\n }\r\n if (request.idTokenHint) {\r\n parameterBuilder.addIdTokenHint(request.idTokenHint);\r\n }\r\n if (request.state) {\r\n parameterBuilder.addState(request.state);\r\n }\r\n if (request.extraQueryParameters) {\r\n parameterBuilder.addExtraQueryParameters(request.extraQueryParameters);\r\n }\r\n return parameterBuilder.createQueryString();\r\n };\r\n /**\r\n * Helper to get sid from account. Returns null if idTokenClaims are not present or sid is not present.\r\n * @param account\r\n */\r\n AuthorizationCodeClient.prototype.extractAccountSid = function (account) {\r\n if (account.idTokenClaims) {\r\n var tokenClaims = account.idTokenClaims;\r\n return tokenClaims.sid || null;\r\n }\r\n return null;\r\n };\r\n return AuthorizationCodeClient;\r\n}(BaseClient));\n\nexport { AuthorizationCodeClient };\n//# sourceMappingURL=AuthorizationCodeClient.js.map\n","/*! @azure/msal-common v5.0.0 2021-09-08 */\n'use strict';\nimport { __awaiter, __generator } from '../_virtual/_tslib.js';\nimport { ThrottlingUtils } from './ThrottlingUtils.js';\nimport { ClientAuthError } from '../error/ClientAuthError.js';\nimport { AuthError } from '../error/AuthError.js';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\nvar NetworkManager = /** @class */ (function () {\r\n function NetworkManager(networkClient, cacheManager) {\r\n this.networkClient = networkClient;\r\n this.cacheManager = cacheManager;\r\n }\r\n /**\r\n * Wraps sendPostRequestAsync with necessary preflight and postflight logic\r\n * @param thumbprint\r\n * @param tokenEndpoint\r\n * @param options\r\n */\r\n NetworkManager.prototype.sendPostRequest = function (thumbprint, tokenEndpoint, options) {\r\n return __awaiter(this, void 0, void 0, function () {\r\n var response, e_1;\r\n return __generator(this, function (_a) {\r\n switch (_a.label) {\r\n case 0:\r\n ThrottlingUtils.preProcess(this.cacheManager, thumbprint);\r\n _a.label = 1;\r\n case 1:\r\n _a.trys.push([1, 3, , 4]);\r\n return [4 /*yield*/, this.networkClient.sendPostRequestAsync(tokenEndpoint, options)];\r\n case 2:\r\n response = _a.sent();\r\n return [3 /*break*/, 4];\r\n case 3:\r\n e_1 = _a.sent();\r\n if (e_1 instanceof AuthError) {\r\n throw e_1;\r\n }\r\n else {\r\n throw ClientAuthError.createNetworkError(tokenEndpoint, e_1);\r\n }\r\n case 4:\r\n ThrottlingUtils.postProcess(this.cacheManager, thumbprint, response);\r\n return [2 /*return*/, response];\r\n }\r\n });\r\n });\r\n };\r\n return NetworkManager;\r\n}());\n\nexport { NetworkManager };\n//# sourceMappingURL=NetworkManager.js.map\n","/*! @azure/msal-common v5.0.0 2021-09-08 */\n'use strict';\nimport { __awaiter, __generator } from '../_virtual/_tslib.js';\nimport { buildClientConfiguration } from '../config/ClientConfiguration.js';\nimport { NetworkManager } from '../network/NetworkManager.js';\nimport { Logger } from '../logger/Logger.js';\nimport { HeaderNames, Constants } from '../utils/Constants.js';\nimport { name, version } from '../packageMetadata.js';\nimport { ClientAuthError } from '../error/ClientAuthError.js';\nimport { CcsCredentialType } from '../account/CcsCredential.js';\nimport { buildClientInfoFromHomeAccountId } from '../account/ClientInfo.js';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\n/**\r\n * Base application class which will construct requests to send to and handle responses from the Microsoft STS using the authorization code flow.\r\n */\r\nvar BaseClient = /** @class */ (function () {\r\n function BaseClient(configuration) {\r\n // Set the configuration\r\n this.config = buildClientConfiguration(configuration);\r\n // Initialize the logger\r\n this.logger = new Logger(this.config.loggerOptions, name, version);\r\n // Initialize crypto\r\n this.cryptoUtils = this.config.cryptoInterface;\r\n // Initialize storage interface\r\n this.cacheManager = this.config.storageInterface;\r\n // Set the network interface\r\n this.networkClient = this.config.networkInterface;\r\n // Set the NetworkManager\r\n this.networkManager = new NetworkManager(this.networkClient, this.cacheManager);\r\n // Set TelemetryManager\r\n this.serverTelemetryManager = this.config.serverTelemetryManager;\r\n // set Authority\r\n this.authority = this.config.authOptions.authority;\r\n }\r\n /**\r\n * Creates default headers for requests to token endpoint\r\n */\r\n BaseClient.prototype.createTokenRequestHeaders = function (ccsCred) {\r\n var headers = {};\r\n headers[HeaderNames.CONTENT_TYPE] = Constants.URL_FORM_CONTENT_TYPE;\r\n if (!this.config.systemOptions.preventCorsPreflight && ccsCred) {\r\n switch (ccsCred.type) {\r\n case CcsCredentialType.HOME_ACCOUNT_ID:\r\n try {\r\n var clientInfo = buildClientInfoFromHomeAccountId(ccsCred.credential);\r\n headers[HeaderNames.CCS_HEADER] = \"Oid:\" + clientInfo.uid + \"@\" + clientInfo.utid;\r\n }\r\n catch (e) {\r\n this.logger.verbose(\"Could not parse home account ID for CCS Header: \" + e);\r\n }\r\n break;\r\n case CcsCredentialType.UPN:\r\n headers[HeaderNames.CCS_HEADER] = \"UPN: \" + ccsCred.credential;\r\n break;\r\n }\r\n }\r\n return headers;\r\n };\r\n /**\r\n * Http post to token endpoint\r\n * @param tokenEndpoint\r\n * @param queryString\r\n * @param headers\r\n * @param thumbprint\r\n */\r\n BaseClient.prototype.executePostToTokenEndpoint = function (tokenEndpoint, queryString, headers, thumbprint) {\r\n return __awaiter(this, void 0, void 0, function () {\r\n var response;\r\n return __generator(this, function (_a) {\r\n switch (_a.label) {\r\n case 0: return [4 /*yield*/, this.networkManager.sendPostRequest(thumbprint, tokenEndpoint, { body: queryString, headers: headers })];\r\n case 1:\r\n response = _a.sent();\r\n if (this.config.serverTelemetryManager && response.status < 500 && response.status !== 429) {\r\n // Telemetry data successfully logged by server, clear Telemetry cache\r\n this.config.serverTelemetryManager.clearTelemetryCache();\r\n }\r\n return [2 /*return*/, response];\r\n }\r\n });\r\n });\r\n };\r\n /**\r\n * Updates the authority object of the client. Endpoint discovery must be completed.\r\n * @param updatedAuthority\r\n */\r\n BaseClient.prototype.updateAuthority = function (updatedAuthority) {\r\n if (!updatedAuthority.discoveryComplete()) {\r\n throw ClientAuthError.createEndpointDiscoveryIncompleteError(\"Updated authority has not completed endpoint discovery.\");\r\n }\r\n this.authority = updatedAuthority;\r\n };\r\n return BaseClient;\r\n}());\n\nexport { BaseClient };\n//# sourceMappingURL=BaseClient.js.map\n","/*! @azure/msal-common v5.0.0 2021-09-08 */\n'use strict';\nimport { __extends, __awaiter, __generator, __assign } from '../_virtual/_tslib.js';\nimport { BaseClient } from './BaseClient.js';\nimport { RequestParameterBuilder } from '../request/RequestParameterBuilder.js';\nimport { AuthenticationScheme, GrantType, Errors } from '../utils/Constants.js';\nimport { ResponseHandler } from '../response/ResponseHandler.js';\nimport { PopTokenGenerator } from '../crypto/PopTokenGenerator.js';\nimport { StringUtils } from '../utils/StringUtils.js';\nimport { ClientConfigurationError } from '../error/ClientConfigurationError.js';\nimport { ClientAuthError, ClientAuthErrorMessage } from '../error/ClientAuthError.js';\nimport { ServerError } from '../error/ServerError.js';\nimport { TimeUtils } from '../utils/TimeUtils.js';\nimport { UrlString } from '../url/UrlString.js';\nimport { CcsCredentialType } from '../account/CcsCredential.js';\nimport { buildClientInfoFromHomeAccountId } from '../account/ClientInfo.js';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\n/**\r\n * OAuth2.0 refresh token client\r\n */\r\nvar RefreshTokenClient = /** @class */ (function (_super) {\r\n __extends(RefreshTokenClient, _super);\r\n function RefreshTokenClient(configuration) {\r\n return _super.call(this, configuration) || this;\r\n }\r\n RefreshTokenClient.prototype.acquireToken = function (request) {\r\n return __awaiter(this, void 0, void 0, function () {\r\n var reqTimestamp, response, responseHandler;\r\n return __generator(this, function (_a) {\r\n switch (_a.label) {\r\n case 0:\r\n reqTimestamp = TimeUtils.nowSeconds();\r\n return [4 /*yield*/, this.executeTokenRequest(request, this.authority)];\r\n case 1:\r\n response = _a.sent();\r\n responseHandler = new ResponseHandler(this.config.authOptions.clientId, this.cacheManager, this.cryptoUtils, this.logger, this.config.serializableCache, this.config.persistencePlugin);\r\n responseHandler.validateTokenResponse(response.body);\r\n return [2 /*return*/, responseHandler.handleServerTokenResponse(response.body, this.authority, reqTimestamp, request, undefined, undefined, true)];\r\n }\r\n });\r\n });\r\n };\r\n /**\r\n * Gets cached refresh token and attaches to request, then calls acquireToken API\r\n * @param request\r\n */\r\n RefreshTokenClient.prototype.acquireTokenByRefreshToken = function (request) {\r\n return __awaiter(this, void 0, void 0, function () {\r\n var isFOCI, noFamilyRTInCache, clientMismatchErrorWithFamilyRT;\r\n return __generator(this, function (_a) {\r\n // Cannot renew token if no request object is given.\r\n if (!request) {\r\n throw ClientConfigurationError.createEmptyTokenRequestError();\r\n }\r\n // We currently do not support silent flow for account === null use cases; This will be revisited for confidential flow usecases\r\n if (!request.account) {\r\n throw ClientAuthError.createNoAccountInSilentRequestError();\r\n }\r\n isFOCI = this.cacheManager.isAppMetadataFOCI(request.account.environment, this.config.authOptions.clientId);\r\n // if the app is part of the family, retrive a Family refresh token if present and make a refreshTokenRequest\r\n if (isFOCI) {\r\n try {\r\n return [2 /*return*/, this.acquireTokenWithCachedRefreshToken(request, true)];\r\n }\r\n catch (e) {\r\n noFamilyRTInCache = e instanceof ClientAuthError && e.errorCode === ClientAuthErrorMessage.noTokensFoundError.code;\r\n clientMismatchErrorWithFamilyRT = e instanceof ServerError && e.errorCode === Errors.INVALID_GRANT_ERROR && e.subError === Errors.CLIENT_MISMATCH_ERROR;\r\n // if family Refresh Token (FRT) cache acquisition fails or if client_mismatch error is seen with FRT, reattempt with application Refresh Token (ART)\r\n if (noFamilyRTInCache || clientMismatchErrorWithFamilyRT) {\r\n return [2 /*return*/, this.acquireTokenWithCachedRefreshToken(request, false)];\r\n // throw in all other cases\r\n }\r\n else {\r\n throw e;\r\n }\r\n }\r\n }\r\n // fall back to application refresh token acquisition\r\n return [2 /*return*/, this.acquireTokenWithCachedRefreshToken(request, false)];\r\n });\r\n });\r\n };\r\n /**\r\n * makes a network call to acquire tokens by exchanging RefreshToken available in userCache; throws if refresh token is not cached\r\n * @param request\r\n */\r\n RefreshTokenClient.prototype.acquireTokenWithCachedRefreshToken = function (request, foci) {\r\n return __awaiter(this, void 0, void 0, function () {\r\n var refreshToken, refreshTokenRequest;\r\n return __generator(this, function (_a) {\r\n refreshToken = this.cacheManager.readRefreshTokenFromCache(this.config.authOptions.clientId, request.account, foci);\r\n // no refresh Token\r\n if (!refreshToken) {\r\n throw ClientAuthError.createNoTokensFoundError();\r\n }\r\n refreshTokenRequest = __assign(__assign({}, request), { refreshToken: refreshToken.secret, authenticationScheme: request.authenticationScheme || AuthenticationScheme.BEARER, ccsCredential: {\r\n credential: request.account.homeAccountId,\r\n type: CcsCredentialType.HOME_ACCOUNT_ID\r\n } });\r\n return [2 /*return*/, this.acquireToken(refreshTokenRequest)];\r\n });\r\n });\r\n };\r\n /**\r\n * Constructs the network message and makes a NW call to the underlying secure token service\r\n * @param request\r\n * @param authority\r\n */\r\n RefreshTokenClient.prototype.executeTokenRequest = function (request, authority) {\r\n return __awaiter(this, void 0, void 0, function () {\r\n var requestBody, queryParameters, headers, thumbprint, endpoint;\r\n return __generator(this, function (_a) {\r\n switch (_a.label) {\r\n case 0: return [4 /*yield*/, this.createTokenRequestBody(request)];\r\n case 1:\r\n requestBody = _a.sent();\r\n queryParameters = this.createTokenQueryParameters(request);\r\n headers = this.createTokenRequestHeaders(request.ccsCredential);\r\n thumbprint = {\r\n clientId: this.config.authOptions.clientId,\r\n authority: authority.canonicalAuthority,\r\n scopes: request.scopes,\r\n authenticationScheme: request.authenticationScheme,\r\n resourceRequestMethod: request.resourceRequestMethod,\r\n resourceRequestUri: request.resourceRequestUri,\r\n shrClaims: request.shrClaims\r\n };\r\n endpoint = UrlString.appendQueryString(authority.tokenEndpoint, queryParameters);\r\n return [2 /*return*/, this.executePostToTokenEndpoint(endpoint, requestBody, headers, thumbprint)];\r\n }\r\n });\r\n });\r\n };\r\n /**\r\n * Creates query string for the /token request\r\n * @param request\r\n */\r\n RefreshTokenClient.prototype.createTokenQueryParameters = function (request) {\r\n var parameterBuilder = new RequestParameterBuilder();\r\n if (request.tokenQueryParameters) {\r\n parameterBuilder.addExtraQueryParameters(request.tokenQueryParameters);\r\n }\r\n return parameterBuilder.createQueryString();\r\n };\r\n /**\r\n * Helper function to create the token request body\r\n * @param request\r\n */\r\n RefreshTokenClient.prototype.createTokenRequestBody = function (request) {\r\n return __awaiter(this, void 0, void 0, function () {\r\n var parameterBuilder, correlationId, clientAssertion, popTokenGenerator, _a, _b, clientInfo;\r\n return __generator(this, function (_c) {\r\n switch (_c.label) {\r\n case 0:\r\n parameterBuilder = new RequestParameterBuilder();\r\n parameterBuilder.addClientId(this.config.authOptions.clientId);\r\n parameterBuilder.addScopes(request.scopes);\r\n parameterBuilder.addGrantType(GrantType.REFRESH_TOKEN_GRANT);\r\n parameterBuilder.addClientInfo();\r\n parameterBuilder.addLibraryInfo(this.config.libraryInfo);\r\n parameterBuilder.addThrottling();\r\n if (this.serverTelemetryManager) {\r\n parameterBuilder.addServerTelemetry(this.serverTelemetryManager);\r\n }\r\n correlationId = request.correlationId || this.config.cryptoInterface.createNewGuid();\r\n parameterBuilder.addCorrelationId(correlationId);\r\n parameterBuilder.addRefreshToken(request.refreshToken);\r\n if (this.config.clientCredentials.clientSecret) {\r\n parameterBuilder.addClientSecret(this.config.clientCredentials.clientSecret);\r\n }\r\n if (this.config.clientCredentials.clientAssertion) {\r\n clientAssertion = this.config.clientCredentials.clientAssertion;\r\n parameterBuilder.addClientAssertion(clientAssertion.assertion);\r\n parameterBuilder.addClientAssertionType(clientAssertion.assertionType);\r\n }\r\n if (!(request.authenticationScheme === AuthenticationScheme.POP)) return [3 /*break*/, 2];\r\n popTokenGenerator = new PopTokenGenerator(this.cryptoUtils);\r\n _b = (_a = parameterBuilder).addPopToken;\r\n return [4 /*yield*/, popTokenGenerator.generateCnf(request)];\r\n case 1:\r\n _b.apply(_a, [_c.sent()]);\r\n _c.label = 2;\r\n case 2:\r\n if (!StringUtils.isEmptyObj(request.claims) || this.config.authOptions.clientCapabilities && this.config.authOptions.clientCapabilities.length > 0) {\r\n parameterBuilder.addClaims(request.claims, this.config.authOptions.clientCapabilities);\r\n }\r\n if (this.config.systemOptions.preventCorsPreflight && request.ccsCredential) {\r\n switch (request.ccsCredential.type) {\r\n case CcsCredentialType.HOME_ACCOUNT_ID:\r\n try {\r\n clientInfo = buildClientInfoFromHomeAccountId(request.ccsCredential.credential);\r\n parameterBuilder.addCcsOid(clientInfo);\r\n }\r\n catch (e) {\r\n this.logger.verbose(\"Could not parse home account ID for CCS Header: \" + e);\r\n }\r\n break;\r\n case CcsCredentialType.UPN:\r\n parameterBuilder.addCcsUpn(request.ccsCredential.credential);\r\n break;\r\n }\r\n }\r\n return [2 /*return*/, parameterBuilder.createQueryString()];\r\n }\r\n });\r\n });\r\n };\r\n return RefreshTokenClient;\r\n}(BaseClient));\n\nexport { RefreshTokenClient };\n//# sourceMappingURL=RefreshTokenClient.js.map\n","/*! @azure/msal-common v5.0.0 2021-09-08 */\n'use strict';\nimport { __extends, __awaiter, __generator } from '../_virtual/_tslib.js';\nimport { BaseClient } from './BaseClient.js';\nimport { ScopeSet } from '../request/ScopeSet.js';\nimport { AuthToken } from '../account/AuthToken.js';\nimport { TimeUtils } from '../utils/TimeUtils.js';\nimport { RefreshTokenClient } from './RefreshTokenClient.js';\nimport { ClientAuthError, ClientAuthErrorMessage } from '../error/ClientAuthError.js';\nimport { ClientConfigurationError } from '../error/ClientConfigurationError.js';\nimport { ResponseHandler } from '../response/ResponseHandler.js';\nimport { CacheOutcome, AuthenticationScheme } from '../utils/Constants.js';\nimport { StringUtils } from '../utils/StringUtils.js';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\nvar SilentFlowClient = /** @class */ (function (_super) {\r\n __extends(SilentFlowClient, _super);\r\n function SilentFlowClient(configuration) {\r\n return _super.call(this, configuration) || this;\r\n }\r\n /**\r\n * Retrieves a token from cache if it is still valid, or uses the cached refresh token to renew\r\n * the given token and returns the renewed token\r\n * @param request\r\n */\r\n SilentFlowClient.prototype.acquireToken = function (request) {\r\n return __awaiter(this, void 0, void 0, function () {\r\n var e_1, refreshTokenClient;\r\n return __generator(this, function (_a) {\r\n switch (_a.label) {\r\n case 0:\r\n _a.trys.push([0, 2, , 3]);\r\n return [4 /*yield*/, this.acquireCachedToken(request)];\r\n case 1: return [2 /*return*/, _a.sent()];\r\n case 2:\r\n e_1 = _a.sent();\r\n if (e_1 instanceof ClientAuthError && e_1.errorCode === ClientAuthErrorMessage.tokenRefreshRequired.code) {\r\n refreshTokenClient = new RefreshTokenClient(this.config);\r\n return [2 /*return*/, refreshTokenClient.acquireTokenByRefreshToken(request)];\r\n }\r\n else {\r\n throw e_1;\r\n }\r\n case 3: return [2 /*return*/];\r\n }\r\n });\r\n });\r\n };\r\n /**\r\n * Retrieves token from cache or throws an error if it must be refreshed.\r\n * @param request\r\n */\r\n SilentFlowClient.prototype.acquireCachedToken = function (request) {\r\n var _a, _b, _c, _d;\r\n return __awaiter(this, void 0, void 0, function () {\r\n var requestScopes, environment, authScheme, cacheRecord;\r\n return __generator(this, function (_e) {\r\n switch (_e.label) {\r\n case 0:\r\n // Cannot renew token if no request object is given.\r\n if (!request) {\r\n throw ClientConfigurationError.createEmptyTokenRequestError();\r\n }\r\n // We currently do not support silent flow for account === null use cases; This will be revisited for confidential flow usecases\r\n if (!request.account) {\r\n throw ClientAuthError.createNoAccountInSilentRequestError();\r\n }\r\n requestScopes = new ScopeSet(request.scopes || []);\r\n environment = request.authority || this.authority.getPreferredCache();\r\n authScheme = request.authenticationScheme || AuthenticationScheme.BEARER;\r\n cacheRecord = this.cacheManager.readCacheRecord(request.account, this.config.authOptions.clientId, requestScopes, environment, authScheme);\r\n if (request.forceRefresh) {\r\n // Must refresh due to present force_refresh flag.\r\n (_a = this.serverTelemetryManager) === null || _a === void 0 ? void 0 : _a.setCacheOutcome(CacheOutcome.FORCE_REFRESH);\r\n throw ClientAuthError.createRefreshRequiredError();\r\n }\r\n else if (!cacheRecord.accessToken) {\r\n // Must refresh due to non-existent access_token.\r\n (_b = this.serverTelemetryManager) === null || _b === void 0 ? void 0 : _b.setCacheOutcome(CacheOutcome.NO_CACHED_ACCESS_TOKEN);\r\n throw ClientAuthError.createRefreshRequiredError();\r\n }\r\n else if (TimeUtils.wasClockTurnedBack(cacheRecord.accessToken.cachedAt) ||\r\n TimeUtils.isTokenExpired(cacheRecord.accessToken.expiresOn, this.config.systemOptions.tokenRenewalOffsetSeconds)) {\r\n // Must refresh due to expired access_token.\r\n (_c = this.serverTelemetryManager) === null || _c === void 0 ? void 0 : _c.setCacheOutcome(CacheOutcome.CACHED_ACCESS_TOKEN_EXPIRED);\r\n throw ClientAuthError.createRefreshRequiredError();\r\n }\r\n else if (cacheRecord.accessToken.refreshOn && TimeUtils.isTokenExpired(cacheRecord.accessToken.refreshOn, 0)) {\r\n // Must refresh due to the refresh_in value.\r\n (_d = this.serverTelemetryManager) === null || _d === void 0 ? void 0 : _d.setCacheOutcome(CacheOutcome.REFRESH_CACHED_ACCESS_TOKEN);\r\n throw ClientAuthError.createRefreshRequiredError();\r\n }\r\n else if (!StringUtils.isEmptyObj(request.claims)) {\r\n // Must refresh due to request parameters.\r\n throw ClientAuthError.createRefreshRequiredError();\r\n }\r\n if (this.config.serverTelemetryManager) {\r\n this.config.serverTelemetryManager.incrementCacheHits();\r\n }\r\n return [4 /*yield*/, this.generateResultFromCacheRecord(cacheRecord, request)];\r\n case 1: return [2 /*return*/, _e.sent()];\r\n }\r\n });\r\n });\r\n };\r\n /**\r\n * Helper function to build response object from the CacheRecord\r\n * @param cacheRecord\r\n */\r\n SilentFlowClient.prototype.generateResultFromCacheRecord = function (cacheRecord, request) {\r\n return __awaiter(this, void 0, void 0, function () {\r\n var idTokenObj;\r\n return __generator(this, function (_a) {\r\n switch (_a.label) {\r\n case 0:\r\n if (cacheRecord.idToken) {\r\n idTokenObj = new AuthToken(cacheRecord.idToken.secret, this.config.cryptoInterface);\r\n }\r\n return [4 /*yield*/, ResponseHandler.generateAuthenticationResult(this.cryptoUtils, this.authority, cacheRecord, true, request, idTokenObj)];\r\n case 1: return [2 /*return*/, _a.sent()];\r\n }\r\n });\r\n });\r\n };\r\n return SilentFlowClient;\r\n}(BaseClient));\n\nexport { SilentFlowClient };\n//# sourceMappingURL=SilentFlowClient.js.map\n","/*! @azure/msal-common v5.0.0 2021-09-08 */\n'use strict';\nimport { __assign, __awaiter, __generator } from '../_virtual/_tslib.js';\nimport { DEFAULT_CRYPTO_IMPLEMENTATION } from '../crypto/ICrypto.js';\nimport { AuthError } from '../error/AuthError.js';\nimport { LogLevel } from '../logger/Logger.js';\nimport { Constants } from '../utils/Constants.js';\nimport { version } from '../packageMetadata.js';\nimport { DefaultStorageClass } from '../cache/CacheManager.js';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\n// Token renewal offset default in seconds\r\nvar DEFAULT_TOKEN_RENEWAL_OFFSET_SEC = 300;\r\nvar DEFAULT_SYSTEM_OPTIONS = {\r\n tokenRenewalOffsetSeconds: DEFAULT_TOKEN_RENEWAL_OFFSET_SEC,\r\n preventCorsPreflight: false\r\n};\r\nvar DEFAULT_LOGGER_IMPLEMENTATION = {\r\n loggerCallback: function () {\r\n // allow users to not set loggerCallback\r\n },\r\n piiLoggingEnabled: false,\r\n logLevel: LogLevel.Info,\r\n correlationId: \"\"\r\n};\r\nvar DEFAULT_NETWORK_IMPLEMENTATION = {\r\n sendGetRequestAsync: function () {\r\n return __awaiter(this, void 0, void 0, function () {\r\n var notImplErr;\r\n return __generator(this, function (_a) {\r\n notImplErr = \"Network interface - sendGetRequestAsync() has not been implemented\";\r\n throw AuthError.createUnexpectedError(notImplErr);\r\n });\r\n });\r\n },\r\n sendPostRequestAsync: function () {\r\n return __awaiter(this, void 0, void 0, function () {\r\n var notImplErr;\r\n return __generator(this, function (_a) {\r\n notImplErr = \"Network interface - sendPostRequestAsync() has not been implemented\";\r\n throw AuthError.createUnexpectedError(notImplErr);\r\n });\r\n });\r\n }\r\n};\r\nvar DEFAULT_LIBRARY_INFO = {\r\n sku: Constants.SKU,\r\n version: version,\r\n cpu: \"\",\r\n os: \"\"\r\n};\r\nvar DEFAULT_CLIENT_CREDENTIALS = {\r\n clientSecret: \"\",\r\n clientAssertion: undefined\r\n};\r\n/**\r\n * Function that sets the default options when not explicitly configured from app developer\r\n *\r\n * @param Configuration\r\n *\r\n * @returns Configuration\r\n */\r\nfunction buildClientConfiguration(_a) {\r\n var userAuthOptions = _a.authOptions, userSystemOptions = _a.systemOptions, userLoggerOption = _a.loggerOptions, storageImplementation = _a.storageInterface, networkImplementation = _a.networkInterface, cryptoImplementation = _a.cryptoInterface, clientCredentials = _a.clientCredentials, libraryInfo = _a.libraryInfo, serverTelemetryManager = _a.serverTelemetryManager, persistencePlugin = _a.persistencePlugin, serializableCache = _a.serializableCache;\r\n var loggerOptions = __assign(__assign({}, DEFAULT_LOGGER_IMPLEMENTATION), userLoggerOption);\r\n return {\r\n authOptions: buildAuthOptions(userAuthOptions),\r\n systemOptions: __assign(__assign({}, DEFAULT_SYSTEM_OPTIONS), userSystemOptions),\r\n loggerOptions: loggerOptions,\r\n storageInterface: storageImplementation || new DefaultStorageClass(userAuthOptions.clientId, DEFAULT_CRYPTO_IMPLEMENTATION),\r\n networkInterface: networkImplementation || DEFAULT_NETWORK_IMPLEMENTATION,\r\n cryptoInterface: cryptoImplementation || DEFAULT_CRYPTO_IMPLEMENTATION,\r\n clientCredentials: clientCredentials || DEFAULT_CLIENT_CREDENTIALS,\r\n libraryInfo: __assign(__assign({}, DEFAULT_LIBRARY_INFO), libraryInfo),\r\n serverTelemetryManager: serverTelemetryManager || null,\r\n persistencePlugin: persistencePlugin || null,\r\n serializableCache: serializableCache || null\r\n };\r\n}\r\n/**\r\n * Construct authoptions from the client and platform passed values\r\n * @param authOptions\r\n */\r\nfunction buildAuthOptions(authOptions) {\r\n return __assign({ clientCapabilities: [] }, authOptions);\r\n}\n\nexport { DEFAULT_SYSTEM_OPTIONS, buildClientConfiguration };\n//# sourceMappingURL=ClientConfiguration.js.map\n","/*! @azure/msal-common v5.0.0 2021-09-08 */\n'use strict';\nimport { __awaiter, __generator } from '../_virtual/_tslib.js';\nimport { AuthError } from '../error/AuthError.js';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\nvar DEFAULT_CRYPTO_IMPLEMENTATION = {\r\n createNewGuid: function () {\r\n var notImplErr = \"Crypto interface - createNewGuid() has not been implemented\";\r\n throw AuthError.createUnexpectedError(notImplErr);\r\n },\r\n base64Decode: function () {\r\n var notImplErr = \"Crypto interface - base64Decode() has not been implemented\";\r\n throw AuthError.createUnexpectedError(notImplErr);\r\n },\r\n base64Encode: function () {\r\n var notImplErr = \"Crypto interface - base64Encode() has not been implemented\";\r\n throw AuthError.createUnexpectedError(notImplErr);\r\n },\r\n generatePkceCodes: function () {\r\n return __awaiter(this, void 0, void 0, function () {\r\n var notImplErr;\r\n return __generator(this, function (_a) {\r\n notImplErr = \"Crypto interface - generatePkceCodes() has not been implemented\";\r\n throw AuthError.createUnexpectedError(notImplErr);\r\n });\r\n });\r\n },\r\n getPublicKeyThumbprint: function () {\r\n return __awaiter(this, void 0, void 0, function () {\r\n var notImplErr;\r\n return __generator(this, function (_a) {\r\n notImplErr = \"Crypto interface - getPublicKeyThumbprint() has not been implemented\";\r\n throw AuthError.createUnexpectedError(notImplErr);\r\n });\r\n });\r\n },\r\n removeTokenBindingKey: function () {\r\n return __awaiter(this, void 0, void 0, function () {\r\n var notImplErr;\r\n return __generator(this, function (_a) {\r\n notImplErr = \"Crypto interface - removeTokenBindingKey() has not been implemented\";\r\n throw AuthError.createUnexpectedError(notImplErr);\r\n });\r\n });\r\n },\r\n clearKeystore: function () {\r\n return __awaiter(this, void 0, void 0, function () {\r\n var notImplErr;\r\n return __generator(this, function (_a) {\r\n notImplErr = \"Crypto interface - clearKeystore() has not been implemented\";\r\n throw AuthError.createUnexpectedError(notImplErr);\r\n });\r\n });\r\n },\r\n signJwt: function () {\r\n return __awaiter(this, void 0, void 0, function () {\r\n var notImplErr;\r\n return __generator(this, function (_a) {\r\n notImplErr = \"Crypto interface - signJwt() has not been implemented\";\r\n throw AuthError.createUnexpectedError(notImplErr);\r\n });\r\n });\r\n }\r\n};\n\nexport { DEFAULT_CRYPTO_IMPLEMENTATION };\n//# sourceMappingURL=ICrypto.js.map\n","/*! @azure/msal-common v5.0.0 2021-09-08 */\n'use strict';\nimport { __awaiter, __generator, __assign } from '../_virtual/_tslib.js';\nimport { AuthToken } from '../account/AuthToken.js';\nimport { TimeUtils } from '../utils/TimeUtils.js';\nimport { UrlString } from '../url/UrlString.js';\nimport { ClientAuthError } from '../error/ClientAuthError.js';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\nvar KeyLocation;\r\n(function (KeyLocation) {\r\n KeyLocation[\"SW\"] = \"sw\";\r\n KeyLocation[\"UHW\"] = \"uhw\";\r\n})(KeyLocation || (KeyLocation = {}));\r\nvar PopTokenGenerator = /** @class */ (function () {\r\n function PopTokenGenerator(cryptoUtils) {\r\n this.cryptoUtils = cryptoUtils;\r\n }\r\n PopTokenGenerator.prototype.generateCnf = function (request) {\r\n return __awaiter(this, void 0, void 0, function () {\r\n var reqCnf;\r\n return __generator(this, function (_a) {\r\n switch (_a.label) {\r\n case 0: return [4 /*yield*/, this.generateKid(request)];\r\n case 1:\r\n reqCnf = _a.sent();\r\n return [2 /*return*/, this.cryptoUtils.base64Encode(JSON.stringify(reqCnf))];\r\n }\r\n });\r\n });\r\n };\r\n PopTokenGenerator.prototype.generateKid = function (request) {\r\n return __awaiter(this, void 0, void 0, function () {\r\n var kidThumbprint;\r\n return __generator(this, function (_a) {\r\n switch (_a.label) {\r\n case 0: return [4 /*yield*/, this.cryptoUtils.getPublicKeyThumbprint(request)];\r\n case 1:\r\n kidThumbprint = _a.sent();\r\n return [2 /*return*/, {\r\n kid: kidThumbprint,\r\n xms_ksl: KeyLocation.SW\r\n }];\r\n }\r\n });\r\n });\r\n };\r\n PopTokenGenerator.prototype.signPopToken = function (accessToken, request) {\r\n var _a;\r\n return __awaiter(this, void 0, void 0, function () {\r\n var tokenClaims;\r\n return __generator(this, function (_b) {\r\n tokenClaims = AuthToken.extractTokenClaims(accessToken, this.cryptoUtils);\r\n if (!((_a = tokenClaims === null || tokenClaims === void 0 ? void 0 : tokenClaims.cnf) === null || _a === void 0 ? void 0 : _a.kid)) {\r\n throw ClientAuthError.createTokenClaimsRequiredError();\r\n }\r\n return [2 /*return*/, this.signPayload(accessToken, tokenClaims.cnf.kid, request)];\r\n });\r\n });\r\n };\r\n PopTokenGenerator.prototype.signPayload = function (payload, kid, request, claims) {\r\n return __awaiter(this, void 0, void 0, function () {\r\n var resourceRequestMethod, resourceRequestUri, shrClaims, resourceUrlString, resourceUrlComponents;\r\n return __generator(this, function (_a) {\r\n switch (_a.label) {\r\n case 0:\r\n resourceRequestMethod = request.resourceRequestMethod, resourceRequestUri = request.resourceRequestUri, shrClaims = request.shrClaims;\r\n resourceUrlString = (resourceRequestUri) ? new UrlString(resourceRequestUri) : undefined;\r\n resourceUrlComponents = resourceUrlString === null || resourceUrlString === void 0 ? void 0 : resourceUrlString.getUrlComponents();\r\n return [4 /*yield*/, this.cryptoUtils.signJwt(__assign({ at: payload, ts: TimeUtils.nowSeconds(), m: resourceRequestMethod === null || resourceRequestMethod === void 0 ? void 0 : resourceRequestMethod.toUpperCase(), u: resourceUrlComponents === null || resourceUrlComponents === void 0 ? void 0 : resourceUrlComponents.HostNameAndPort, nonce: this.cryptoUtils.createNewGuid(), p: resourceUrlComponents === null || resourceUrlComponents === void 0 ? void 0 : resourceUrlComponents.AbsolutePath, q: (resourceUrlComponents === null || resourceUrlComponents === void 0 ? void 0 : resourceUrlComponents.QueryString) ? [[], resourceUrlComponents.QueryString] : undefined, client_claims: shrClaims || undefined }, claims), kid)];\r\n case 1: return [2 /*return*/, _a.sent()];\r\n }\r\n });\r\n });\r\n };\r\n return PopTokenGenerator;\r\n}());\n\nexport { PopTokenGenerator };\n//# sourceMappingURL=PopTokenGenerator.js.map\n","/*! @azure/msal-common v5.0.0 2021-09-08 */\n'use strict';\nimport { __extends } from '../_virtual/_tslib.js';\nimport { Constants } from '../utils/Constants.js';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\n/**\r\n * AuthErrorMessage class containing string constants used by error codes and messages.\r\n */\r\nvar AuthErrorMessage = {\r\n unexpectedError: {\r\n code: \"unexpected_error\",\r\n desc: \"Unexpected error in authentication.\"\r\n }\r\n};\r\n/**\r\n * General error class thrown by the MSAL.js library.\r\n */\r\nvar AuthError = /** @class */ (function (_super) {\r\n __extends(AuthError, _super);\r\n function AuthError(errorCode, errorMessage, suberror) {\r\n var _this = this;\r\n var errorString = errorMessage ? errorCode + \": \" + errorMessage : errorCode;\r\n _this = _super.call(this, errorString) || this;\r\n Object.setPrototypeOf(_this, AuthError.prototype);\r\n _this.errorCode = errorCode || Constants.EMPTY_STRING;\r\n _this.errorMessage = errorMessage || \"\";\r\n _this.subError = suberror || \"\";\r\n _this.name = \"AuthError\";\r\n return _this;\r\n }\r\n AuthError.prototype.setCorrelationId = function (correlationId) {\r\n this.correlationId = correlationId;\r\n };\r\n /**\r\n * Creates an error that is thrown when something unexpected happens in the library.\r\n * @param errDesc\r\n */\r\n AuthError.createUnexpectedError = function (errDesc) {\r\n return new AuthError(AuthErrorMessage.unexpectedError.code, AuthErrorMessage.unexpectedError.desc + \": \" + errDesc);\r\n };\r\n return AuthError;\r\n}(Error));\n\nexport { AuthError, AuthErrorMessage };\n//# sourceMappingURL=AuthError.js.map\n","/*! @azure/msal-common v5.0.0 2021-09-08 */\n'use strict';\nimport { __extends } from '../_virtual/_tslib.js';\nimport { AuthError } from './AuthError.js';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\n/**\r\n * ClientAuthErrorMessage class containing string constants used by error codes and messages.\r\n */\r\nvar ClientAuthErrorMessage = {\r\n clientInfoDecodingError: {\r\n code: \"client_info_decoding_error\",\r\n desc: \"The client info could not be parsed/decoded correctly. Please review the trace to determine the root cause.\"\r\n },\r\n clientInfoEmptyError: {\r\n code: \"client_info_empty_error\",\r\n desc: \"The client info was empty. Please review the trace to determine the root cause.\"\r\n },\r\n tokenParsingError: {\r\n code: \"token_parsing_error\",\r\n desc: \"Token cannot be parsed. Please review stack trace to determine root cause.\"\r\n },\r\n nullOrEmptyToken: {\r\n code: \"null_or_empty_token\",\r\n desc: \"The token is null or empty. Please review the trace to determine the root cause.\"\r\n },\r\n endpointResolutionError: {\r\n code: \"endpoints_resolution_error\",\r\n desc: \"Error: could not resolve endpoints. Please check network and try again.\"\r\n },\r\n networkError: {\r\n code: \"network_error\",\r\n desc: \"Network request failed. Please check network trace to determine root cause.\"\r\n },\r\n unableToGetOpenidConfigError: {\r\n code: \"openid_config_error\",\r\n desc: \"Could not retrieve endpoints. Check your authority and verify the .well-known/openid-configuration endpoint returns the required endpoints.\"\r\n },\r\n hashNotDeserialized: {\r\n code: \"hash_not_deserialized\",\r\n desc: \"The hash parameters could not be deserialized. Please review the trace to determine the root cause.\"\r\n },\r\n blankGuidGenerated: {\r\n code: \"blank_guid_generated\",\r\n desc: \"The guid generated was blank. Please review the trace to determine the root cause.\"\r\n },\r\n invalidStateError: {\r\n code: \"invalid_state\",\r\n desc: \"State was not the expected format. Please check the logs to determine whether the request was sent using ProtocolUtils.setRequestState().\"\r\n },\r\n stateMismatchError: {\r\n code: \"state_mismatch\",\r\n desc: \"State mismatch error. Please check your network. Continued requests may cause cache overflow.\"\r\n },\r\n stateNotFoundError: {\r\n code: \"state_not_found\",\r\n desc: \"State not found\"\r\n },\r\n nonceMismatchError: {\r\n code: \"nonce_mismatch\",\r\n desc: \"Nonce mismatch error. This may be caused by a race condition in concurrent requests.\"\r\n },\r\n nonceNotFoundError: {\r\n code: \"nonce_not_found\",\r\n desc: \"nonce not found\"\r\n },\r\n noTokensFoundError: {\r\n code: \"no_tokens_found\",\r\n desc: \"No tokens were found for the given scopes, and no authorization code was passed to acquireToken. You must retrieve an authorization code before making a call to acquireToken().\"\r\n },\r\n multipleMatchingTokens: {\r\n code: \"multiple_matching_tokens\",\r\n desc: \"The cache contains multiple tokens satisfying the requirements. \" +\r\n \"Call AcquireToken again providing more requirements such as authority or account.\"\r\n },\r\n multipleMatchingAccounts: {\r\n code: \"multiple_matching_accounts\",\r\n desc: \"The cache contains multiple accounts satisfying the given parameters. Please pass more info to obtain the correct account\"\r\n },\r\n multipleMatchingAppMetadata: {\r\n code: \"multiple_matching_appMetadata\",\r\n desc: \"The cache contains multiple appMetadata satisfying the given parameters. Please pass more info to obtain the correct appMetadata\"\r\n },\r\n tokenRequestCannotBeMade: {\r\n code: \"request_cannot_be_made\",\r\n desc: \"Token request cannot be made without authorization code or refresh token.\"\r\n },\r\n appendEmptyScopeError: {\r\n code: \"cannot_append_empty_scope\",\r\n desc: \"Cannot append null or empty scope to ScopeSet. Please check the stack trace for more info.\"\r\n },\r\n removeEmptyScopeError: {\r\n code: \"cannot_remove_empty_scope\",\r\n desc: \"Cannot remove null or empty scope from ScopeSet. Please check the stack trace for more info.\"\r\n },\r\n appendScopeSetError: {\r\n code: \"cannot_append_scopeset\",\r\n desc: \"Cannot append ScopeSet due to error.\"\r\n },\r\n emptyInputScopeSetError: {\r\n code: \"empty_input_scopeset\",\r\n desc: \"Empty input ScopeSet cannot be processed.\"\r\n },\r\n DeviceCodePollingCancelled: {\r\n code: \"device_code_polling_cancelled\",\r\n desc: \"Caller has cancelled token endpoint polling during device code flow by setting DeviceCodeRequest.cancel = true.\"\r\n },\r\n DeviceCodeExpired: {\r\n code: \"device_code_expired\",\r\n desc: \"Device code is expired.\"\r\n },\r\n DeviceCodeUnknownError: {\r\n code: \"device_code_unknown_error\",\r\n desc: \"Device code stopped polling for unknown reasons.\"\r\n },\r\n NoAccountInSilentRequest: {\r\n code: \"no_account_in_silent_request\",\r\n desc: \"Please pass an account object, silent flow is not supported without account information\"\r\n },\r\n invalidCacheRecord: {\r\n code: \"invalid_cache_record\",\r\n desc: \"Cache record object was null or undefined.\"\r\n },\r\n invalidCacheEnvironment: {\r\n code: \"invalid_cache_environment\",\r\n desc: \"Invalid environment when attempting to create cache entry\"\r\n },\r\n noAccountFound: {\r\n code: \"no_account_found\",\r\n desc: \"No account found in cache for given key.\"\r\n },\r\n CachePluginError: {\r\n code: \"no cache plugin set on CacheManager\",\r\n desc: \"ICachePlugin needs to be set before using readFromStorage or writeFromStorage\"\r\n },\r\n noCryptoObj: {\r\n code: \"no_crypto_object\",\r\n desc: \"No crypto object detected. This is required for the following operation: \"\r\n },\r\n invalidCacheType: {\r\n code: \"invalid_cache_type\",\r\n desc: \"Invalid cache type\"\r\n },\r\n unexpectedAccountType: {\r\n code: \"unexpected_account_type\",\r\n desc: \"Unexpected account type.\"\r\n },\r\n unexpectedCredentialType: {\r\n code: \"unexpected_credential_type\",\r\n desc: \"Unexpected credential type.\"\r\n },\r\n invalidAssertion: {\r\n code: \"invalid_assertion\",\r\n desc: \"Client assertion must meet requirements described in https://tools.ietf.org/html/rfc7515\"\r\n },\r\n invalidClientCredential: {\r\n code: \"invalid_client_credential\",\r\n desc: \"Client credential (secret, certificate, or assertion) must not be empty when creating a confidential client. An application should at most have one credential\"\r\n },\r\n tokenRefreshRequired: {\r\n code: \"token_refresh_required\",\r\n desc: \"Cannot return token from cache because it must be refreshed. This may be due to one of the following reasons: forceRefresh parameter is set to true, claims have been requested, there is no cached access token or it is expired.\"\r\n },\r\n userTimeoutReached: {\r\n code: \"user_timeout_reached\",\r\n desc: \"User defined timeout for device code polling reached\",\r\n },\r\n tokenClaimsRequired: {\r\n code: \"token_claims_cnf_required_for_signedjwt\",\r\n desc: \"Cannot generate a POP jwt if the token_claims are not populated\"\r\n },\r\n noAuthorizationCodeFromServer: {\r\n code: \"authorization_code_missing_from_server_response\",\r\n desc: \"Server response does not contain an authorization code to proceed\"\r\n },\r\n noAzureRegionDetected: {\r\n code: \"no_azure_region_detected\",\r\n desc: \"No azure region was detected and no fallback was made available\"\r\n },\r\n accessTokenEntityNullError: {\r\n code: \"access_token_entity_null\",\r\n desc: \"Access token entity is null, please check logs and cache to ensure a valid access token is present.\"\r\n },\r\n bindingKeyNotRemovedError: {\r\n code: \"binding_key_not_removed\",\r\n desc: \"Could not remove the credential's binding key from storage.\"\r\n }\r\n};\r\n/**\r\n * Error thrown when there is an error in the client code running on the browser.\r\n */\r\nvar ClientAuthError = /** @class */ (function (_super) {\r\n __extends(ClientAuthError, _super);\r\n function ClientAuthError(errorCode, errorMessage) {\r\n var _this = _super.call(this, errorCode, errorMessage) || this;\r\n _this.name = \"ClientAuthError\";\r\n Object.setPrototypeOf(_this, ClientAuthError.prototype);\r\n return _this;\r\n }\r\n /**\r\n * Creates an error thrown when client info object doesn't decode correctly.\r\n * @param caughtError\r\n */\r\n ClientAuthError.createClientInfoDecodingError = function (caughtError) {\r\n return new ClientAuthError(ClientAuthErrorMessage.clientInfoDecodingError.code, ClientAuthErrorMessage.clientInfoDecodingError.desc + \" Failed with error: \" + caughtError);\r\n };\r\n /**\r\n * Creates an error thrown if the client info is empty.\r\n * @param rawClientInfo\r\n */\r\n ClientAuthError.createClientInfoEmptyError = function () {\r\n return new ClientAuthError(ClientAuthErrorMessage.clientInfoEmptyError.code, \"\" + ClientAuthErrorMessage.clientInfoEmptyError.desc);\r\n };\r\n /**\r\n * Creates an error thrown when the id token extraction errors out.\r\n * @param err\r\n */\r\n ClientAuthError.createTokenParsingError = function (caughtExtractionError) {\r\n return new ClientAuthError(ClientAuthErrorMessage.tokenParsingError.code, ClientAuthErrorMessage.tokenParsingError.desc + \" Failed with error: \" + caughtExtractionError);\r\n };\r\n /**\r\n * Creates an error thrown when the id token string is null or empty.\r\n * @param invalidRawTokenString\r\n */\r\n ClientAuthError.createTokenNullOrEmptyError = function (invalidRawTokenString) {\r\n return new ClientAuthError(ClientAuthErrorMessage.nullOrEmptyToken.code, ClientAuthErrorMessage.nullOrEmptyToken.desc + \" Raw Token Value: \" + invalidRawTokenString);\r\n };\r\n /**\r\n * Creates an error thrown when the endpoint discovery doesn't complete correctly.\r\n */\r\n ClientAuthError.createEndpointDiscoveryIncompleteError = function (errDetail) {\r\n return new ClientAuthError(ClientAuthErrorMessage.endpointResolutionError.code, ClientAuthErrorMessage.endpointResolutionError.desc + \" Detail: \" + errDetail);\r\n };\r\n /**\r\n * Creates an error thrown when the fetch client throws\r\n */\r\n ClientAuthError.createNetworkError = function (endpoint, errDetail) {\r\n return new ClientAuthError(ClientAuthErrorMessage.networkError.code, ClientAuthErrorMessage.networkError.desc + \" | Fetch client threw: \" + errDetail + \" | Attempted to reach: \" + endpoint.split(\"?\")[0]);\r\n };\r\n /**\r\n * Creates an error thrown when the openid-configuration endpoint cannot be reached or does not contain the required data\r\n */\r\n ClientAuthError.createUnableToGetOpenidConfigError = function (errDetail) {\r\n return new ClientAuthError(ClientAuthErrorMessage.unableToGetOpenidConfigError.code, ClientAuthErrorMessage.unableToGetOpenidConfigError.desc + \" Attempted to retrieve endpoints from: \" + errDetail);\r\n };\r\n /**\r\n * Creates an error thrown when the hash cannot be deserialized.\r\n * @param hashParamObj\r\n */\r\n ClientAuthError.createHashNotDeserializedError = function (hashParamObj) {\r\n return new ClientAuthError(ClientAuthErrorMessage.hashNotDeserialized.code, ClientAuthErrorMessage.hashNotDeserialized.desc + \" Given Object: \" + hashParamObj);\r\n };\r\n /**\r\n * Creates an error thrown when the state cannot be parsed.\r\n * @param invalidState\r\n */\r\n ClientAuthError.createInvalidStateError = function (invalidState, errorString) {\r\n return new ClientAuthError(ClientAuthErrorMessage.invalidStateError.code, ClientAuthErrorMessage.invalidStateError.desc + \" Invalid State: \" + invalidState + \", Root Err: \" + errorString);\r\n };\r\n /**\r\n * Creates an error thrown when two states do not match.\r\n */\r\n ClientAuthError.createStateMismatchError = function () {\r\n return new ClientAuthError(ClientAuthErrorMessage.stateMismatchError.code, ClientAuthErrorMessage.stateMismatchError.desc);\r\n };\r\n /**\r\n * Creates an error thrown when the state is not present\r\n * @param missingState\r\n */\r\n ClientAuthError.createStateNotFoundError = function (missingState) {\r\n return new ClientAuthError(ClientAuthErrorMessage.stateNotFoundError.code, ClientAuthErrorMessage.stateNotFoundError.desc + \": \" + missingState);\r\n };\r\n /**\r\n * Creates an error thrown when the nonce does not match.\r\n */\r\n ClientAuthError.createNonceMismatchError = function () {\r\n return new ClientAuthError(ClientAuthErrorMessage.nonceMismatchError.code, ClientAuthErrorMessage.nonceMismatchError.desc);\r\n };\r\n /**\r\n * Creates an error thrown when the mnonce is not present\r\n * @param missingNonce\r\n */\r\n ClientAuthError.createNonceNotFoundError = function (missingNonce) {\r\n return new ClientAuthError(ClientAuthErrorMessage.nonceNotFoundError.code, ClientAuthErrorMessage.nonceNotFoundError.desc + \": \" + missingNonce);\r\n };\r\n /**\r\n * Creates an error thrown when the authorization code required for a token request is null or empty.\r\n */\r\n ClientAuthError.createNoTokensFoundError = function () {\r\n return new ClientAuthError(ClientAuthErrorMessage.noTokensFoundError.code, ClientAuthErrorMessage.noTokensFoundError.desc);\r\n };\r\n /**\r\n * Throws error when multiple tokens are in cache.\r\n */\r\n ClientAuthError.createMultipleMatchingTokensInCacheError = function () {\r\n return new ClientAuthError(ClientAuthErrorMessage.multipleMatchingTokens.code, ClientAuthErrorMessage.multipleMatchingTokens.desc + \".\");\r\n };\r\n /**\r\n * Throws error when multiple accounts are in cache for the given params\r\n */\r\n ClientAuthError.createMultipleMatchingAccountsInCacheError = function () {\r\n return new ClientAuthError(ClientAuthErrorMessage.multipleMatchingAccounts.code, ClientAuthErrorMessage.multipleMatchingAccounts.desc);\r\n };\r\n /**\r\n * Throws error when multiple appMetada are in cache for the given clientId.\r\n */\r\n ClientAuthError.createMultipleMatchingAppMetadataInCacheError = function () {\r\n return new ClientAuthError(ClientAuthErrorMessage.multipleMatchingAppMetadata.code, ClientAuthErrorMessage.multipleMatchingAppMetadata.desc);\r\n };\r\n /**\r\n * Throws error when no auth code or refresh token is given to ServerTokenRequestParameters.\r\n */\r\n ClientAuthError.createTokenRequestCannotBeMadeError = function () {\r\n return new ClientAuthError(ClientAuthErrorMessage.tokenRequestCannotBeMade.code, ClientAuthErrorMessage.tokenRequestCannotBeMade.desc);\r\n };\r\n /**\r\n * Throws error when attempting to append a null, undefined or empty scope to a set\r\n * @param givenScope\r\n */\r\n ClientAuthError.createAppendEmptyScopeToSetError = function (givenScope) {\r\n return new ClientAuthError(ClientAuthErrorMessage.appendEmptyScopeError.code, ClientAuthErrorMessage.appendEmptyScopeError.desc + \" Given Scope: \" + givenScope);\r\n };\r\n /**\r\n * Throws error when attempting to append a null, undefined or empty scope to a set\r\n * @param givenScope\r\n */\r\n ClientAuthError.createRemoveEmptyScopeFromSetError = function (givenScope) {\r\n return new ClientAuthError(ClientAuthErrorMessage.removeEmptyScopeError.code, ClientAuthErrorMessage.removeEmptyScopeError.desc + \" Given Scope: \" + givenScope);\r\n };\r\n /**\r\n * Throws error when attempting to append null or empty ScopeSet.\r\n * @param appendError\r\n */\r\n ClientAuthError.createAppendScopeSetError = function (appendError) {\r\n return new ClientAuthError(ClientAuthErrorMessage.appendScopeSetError.code, ClientAuthErrorMessage.appendScopeSetError.desc + \" Detail Error: \" + appendError);\r\n };\r\n /**\r\n * Throws error if ScopeSet is null or undefined.\r\n * @param givenScopeSet\r\n */\r\n ClientAuthError.createEmptyInputScopeSetError = function () {\r\n return new ClientAuthError(ClientAuthErrorMessage.emptyInputScopeSetError.code, \"\" + ClientAuthErrorMessage.emptyInputScopeSetError.desc);\r\n };\r\n /**\r\n * Throws error if user sets CancellationToken.cancel = true during polling of token endpoint during device code flow\r\n */\r\n ClientAuthError.createDeviceCodeCancelledError = function () {\r\n return new ClientAuthError(ClientAuthErrorMessage.DeviceCodePollingCancelled.code, \"\" + ClientAuthErrorMessage.DeviceCodePollingCancelled.desc);\r\n };\r\n /**\r\n * Throws error if device code is expired\r\n */\r\n ClientAuthError.createDeviceCodeExpiredError = function () {\r\n return new ClientAuthError(ClientAuthErrorMessage.DeviceCodeExpired.code, \"\" + ClientAuthErrorMessage.DeviceCodeExpired.desc);\r\n };\r\n /**\r\n * Throws error if device code is expired\r\n */\r\n ClientAuthError.createDeviceCodeUnknownError = function () {\r\n return new ClientAuthError(ClientAuthErrorMessage.DeviceCodeUnknownError.code, \"\" + ClientAuthErrorMessage.DeviceCodeUnknownError.desc);\r\n };\r\n /**\r\n * Throws error when silent requests are made without an account object\r\n */\r\n ClientAuthError.createNoAccountInSilentRequestError = function () {\r\n return new ClientAuthError(ClientAuthErrorMessage.NoAccountInSilentRequest.code, \"\" + ClientAuthErrorMessage.NoAccountInSilentRequest.desc);\r\n };\r\n /**\r\n * Throws error when cache record is null or undefined.\r\n */\r\n ClientAuthError.createNullOrUndefinedCacheRecord = function () {\r\n return new ClientAuthError(ClientAuthErrorMessage.invalidCacheRecord.code, ClientAuthErrorMessage.invalidCacheRecord.desc);\r\n };\r\n /**\r\n * Throws error when provided environment is not part of the CloudDiscoveryMetadata object\r\n */\r\n ClientAuthError.createInvalidCacheEnvironmentError = function () {\r\n return new ClientAuthError(ClientAuthErrorMessage.invalidCacheEnvironment.code, ClientAuthErrorMessage.invalidCacheEnvironment.desc);\r\n };\r\n /**\r\n * Throws error when account is not found in cache.\r\n */\r\n ClientAuthError.createNoAccountFoundError = function () {\r\n return new ClientAuthError(ClientAuthErrorMessage.noAccountFound.code, ClientAuthErrorMessage.noAccountFound.desc);\r\n };\r\n /**\r\n * Throws error if ICachePlugin not set on CacheManager.\r\n */\r\n ClientAuthError.createCachePluginError = function () {\r\n return new ClientAuthError(ClientAuthErrorMessage.CachePluginError.code, \"\" + ClientAuthErrorMessage.CachePluginError.desc);\r\n };\r\n /**\r\n * Throws error if crypto object not found.\r\n * @param operationName\r\n */\r\n ClientAuthError.createNoCryptoObjectError = function (operationName) {\r\n return new ClientAuthError(ClientAuthErrorMessage.noCryptoObj.code, \"\" + ClientAuthErrorMessage.noCryptoObj.desc + operationName);\r\n };\r\n /**\r\n * Throws error if cache type is invalid.\r\n */\r\n ClientAuthError.createInvalidCacheTypeError = function () {\r\n return new ClientAuthError(ClientAuthErrorMessage.invalidCacheType.code, \"\" + ClientAuthErrorMessage.invalidCacheType.desc);\r\n };\r\n /**\r\n * Throws error if unexpected account type.\r\n */\r\n ClientAuthError.createUnexpectedAccountTypeError = function () {\r\n return new ClientAuthError(ClientAuthErrorMessage.unexpectedAccountType.code, \"\" + ClientAuthErrorMessage.unexpectedAccountType.desc);\r\n };\r\n /**\r\n * Throws error if unexpected credential type.\r\n */\r\n ClientAuthError.createUnexpectedCredentialTypeError = function () {\r\n return new ClientAuthError(ClientAuthErrorMessage.unexpectedCredentialType.code, \"\" + ClientAuthErrorMessage.unexpectedCredentialType.desc);\r\n };\r\n /**\r\n * Throws error if client assertion is not valid.\r\n */\r\n ClientAuthError.createInvalidAssertionError = function () {\r\n return new ClientAuthError(ClientAuthErrorMessage.invalidAssertion.code, \"\" + ClientAuthErrorMessage.invalidAssertion.desc);\r\n };\r\n /**\r\n * Throws error if client assertion is not valid.\r\n */\r\n ClientAuthError.createInvalidCredentialError = function () {\r\n return new ClientAuthError(ClientAuthErrorMessage.invalidClientCredential.code, \"\" + ClientAuthErrorMessage.invalidClientCredential.desc);\r\n };\r\n /**\r\n * Throws error if token cannot be retrieved from cache due to refresh being required.\r\n */\r\n ClientAuthError.createRefreshRequiredError = function () {\r\n return new ClientAuthError(ClientAuthErrorMessage.tokenRefreshRequired.code, ClientAuthErrorMessage.tokenRefreshRequired.desc);\r\n };\r\n /**\r\n * Throws error if the user defined timeout is reached.\r\n */\r\n ClientAuthError.createUserTimeoutReachedError = function () {\r\n return new ClientAuthError(ClientAuthErrorMessage.userTimeoutReached.code, ClientAuthErrorMessage.userTimeoutReached.desc);\r\n };\r\n /*\r\n * Throws error if token claims are not populated for a signed jwt generation\r\n */\r\n ClientAuthError.createTokenClaimsRequiredError = function () {\r\n return new ClientAuthError(ClientAuthErrorMessage.tokenClaimsRequired.code, ClientAuthErrorMessage.tokenClaimsRequired.desc);\r\n };\r\n /**\r\n * Throws error when the authorization code is missing from the server response\r\n */\r\n ClientAuthError.createNoAuthCodeInServerResponseError = function () {\r\n return new ClientAuthError(ClientAuthErrorMessage.noAuthorizationCodeFromServer.code, ClientAuthErrorMessage.noAuthorizationCodeFromServer.desc);\r\n };\r\n ClientAuthError.createBindingKeyNotRemovedError = function () {\r\n return new ClientAuthError(ClientAuthErrorMessage.bindingKeyNotRemovedError.code, ClientAuthErrorMessage.bindingKeyNotRemovedError.desc);\r\n };\r\n return ClientAuthError;\r\n}(AuthError));\n\nexport { ClientAuthError, ClientAuthErrorMessage };\n//# sourceMappingURL=ClientAuthError.js.map\n","/*! @azure/msal-common v5.0.0 2021-09-08 */\n'use strict';\nimport { __extends } from '../_virtual/_tslib.js';\nimport { ClientAuthError } from './ClientAuthError.js';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\n/**\r\n * ClientConfigurationErrorMessage class containing string constants used by error codes and messages.\r\n */\r\nvar ClientConfigurationErrorMessage = {\r\n redirectUriNotSet: {\r\n code: \"redirect_uri_empty\",\r\n desc: \"A redirect URI is required for all calls, and none has been set.\"\r\n },\r\n postLogoutUriNotSet: {\r\n code: \"post_logout_uri_empty\",\r\n desc: \"A post logout redirect has not been set.\"\r\n },\r\n claimsRequestParsingError: {\r\n code: \"claims_request_parsing_error\",\r\n desc: \"Could not parse the given claims request object.\"\r\n },\r\n authorityUriInsecure: {\r\n code: \"authority_uri_insecure\",\r\n desc: \"Authority URIs must use https. Please see here for valid authority configuration options: https://docs.microsoft.com/en-us/azure/active-directory/develop/msal-js-initializing-client-applications#configuration-options\"\r\n },\r\n urlParseError: {\r\n code: \"url_parse_error\",\r\n desc: \"URL could not be parsed into appropriate segments.\"\r\n },\r\n urlEmptyError: {\r\n code: \"empty_url_error\",\r\n desc: \"URL was empty or null.\"\r\n },\r\n emptyScopesError: {\r\n code: \"empty_input_scopes_error\",\r\n desc: \"Scopes cannot be passed as null, undefined or empty array because they are required to obtain an access token.\"\r\n },\r\n nonArrayScopesError: {\r\n code: \"nonarray_input_scopes_error\",\r\n desc: \"Scopes cannot be passed as non-array.\"\r\n },\r\n clientIdSingleScopeError: {\r\n code: \"clientid_input_scopes_error\",\r\n desc: \"Client ID can only be provided as a single scope.\"\r\n },\r\n invalidPrompt: {\r\n code: \"invalid_prompt_value\",\r\n desc: \"Supported prompt values are 'login', 'select_account', 'consent', 'create' and 'none'. Please see here for valid configuration options: https://azuread.github.io/microsoft-authentication-library-for-js/ref/modules/_azure_msal_common.html#commonauthorizationurlrequest\",\r\n },\r\n invalidClaimsRequest: {\r\n code: \"invalid_claims\",\r\n desc: \"Given claims parameter must be a stringified JSON object.\"\r\n },\r\n tokenRequestEmptyError: {\r\n code: \"token_request_empty\",\r\n desc: \"Token request was empty and not found in cache.\"\r\n },\r\n logoutRequestEmptyError: {\r\n code: \"logout_request_empty\",\r\n desc: \"The logout request was null or undefined.\"\r\n },\r\n invalidCodeChallengeMethod: {\r\n code: \"invalid_code_challenge_method\",\r\n desc: \"code_challenge_method passed is invalid. Valid values are \\\"plain\\\" and \\\"S256\\\".\"\r\n },\r\n invalidCodeChallengeParams: {\r\n code: \"pkce_params_missing\",\r\n desc: \"Both params: code_challenge and code_challenge_method are to be passed if to be sent in the request\"\r\n },\r\n invalidCloudDiscoveryMetadata: {\r\n code: \"invalid_cloud_discovery_metadata\",\r\n desc: \"Invalid cloudDiscoveryMetadata provided. Must be a JSON object containing tenant_discovery_endpoint and metadata fields\"\r\n },\r\n invalidAuthorityMetadata: {\r\n code: \"invalid_authority_metadata\",\r\n desc: \"Invalid authorityMetadata provided. Must by a JSON object containing authorization_endpoint, token_endpoint, end_session_endpoint, issuer fields.\"\r\n },\r\n untrustedAuthority: {\r\n code: \"untrusted_authority\",\r\n desc: \"The provided authority is not a trusted authority. Please include this authority in the knownAuthorities config parameter.\"\r\n }\r\n};\r\n/**\r\n * Error thrown when there is an error in configuration of the MSAL.js library.\r\n */\r\nvar ClientConfigurationError = /** @class */ (function (_super) {\r\n __extends(ClientConfigurationError, _super);\r\n function ClientConfigurationError(errorCode, errorMessage) {\r\n var _this = _super.call(this, errorCode, errorMessage) || this;\r\n _this.name = \"ClientConfigurationError\";\r\n Object.setPrototypeOf(_this, ClientConfigurationError.prototype);\r\n return _this;\r\n }\r\n /**\r\n * Creates an error thrown when the redirect uri is empty (not set by caller)\r\n */\r\n ClientConfigurationError.createRedirectUriEmptyError = function () {\r\n return new ClientConfigurationError(ClientConfigurationErrorMessage.redirectUriNotSet.code, ClientConfigurationErrorMessage.redirectUriNotSet.desc);\r\n };\r\n /**\r\n * Creates an error thrown when the post-logout redirect uri is empty (not set by caller)\r\n */\r\n ClientConfigurationError.createPostLogoutRedirectUriEmptyError = function () {\r\n return new ClientConfigurationError(ClientConfigurationErrorMessage.postLogoutUriNotSet.code, ClientConfigurationErrorMessage.postLogoutUriNotSet.desc);\r\n };\r\n /**\r\n * Creates an error thrown when the claims request could not be successfully parsed\r\n */\r\n ClientConfigurationError.createClaimsRequestParsingError = function (claimsRequestParseError) {\r\n return new ClientConfigurationError(ClientConfigurationErrorMessage.claimsRequestParsingError.code, ClientConfigurationErrorMessage.claimsRequestParsingError.desc + \" Given value: \" + claimsRequestParseError);\r\n };\r\n /**\r\n * Creates an error thrown if authority uri is given an insecure protocol.\r\n * @param urlString\r\n */\r\n ClientConfigurationError.createInsecureAuthorityUriError = function (urlString) {\r\n return new ClientConfigurationError(ClientConfigurationErrorMessage.authorityUriInsecure.code, ClientConfigurationErrorMessage.authorityUriInsecure.desc + \" Given URI: \" + urlString);\r\n };\r\n /**\r\n * Creates an error thrown if URL string does not parse into separate segments.\r\n * @param urlString\r\n */\r\n ClientConfigurationError.createUrlParseError = function (urlParseError) {\r\n return new ClientConfigurationError(ClientConfigurationErrorMessage.urlParseError.code, ClientConfigurationErrorMessage.urlParseError.desc + \" Given Error: \" + urlParseError);\r\n };\r\n /**\r\n * Creates an error thrown if URL string is empty or null.\r\n * @param urlString\r\n */\r\n ClientConfigurationError.createUrlEmptyError = function () {\r\n return new ClientConfigurationError(ClientConfigurationErrorMessage.urlEmptyError.code, ClientConfigurationErrorMessage.urlEmptyError.desc);\r\n };\r\n /**\r\n * Error thrown when scopes are empty.\r\n * @param scopesValue\r\n */\r\n ClientConfigurationError.createEmptyScopesArrayError = function () {\r\n return new ClientConfigurationError(ClientConfigurationErrorMessage.emptyScopesError.code, \"\" + ClientConfigurationErrorMessage.emptyScopesError.desc);\r\n };\r\n /**\r\n * Error thrown when client id scope is not provided as single scope.\r\n * @param inputScopes\r\n */\r\n ClientConfigurationError.createClientIdSingleScopeError = function (inputScopes) {\r\n return new ClientConfigurationError(ClientConfigurationErrorMessage.clientIdSingleScopeError.code, ClientConfigurationErrorMessage.clientIdSingleScopeError.desc + \" Given Scopes: \" + inputScopes);\r\n };\r\n /**\r\n * Error thrown when prompt is not an allowed type.\r\n * @param promptValue\r\n */\r\n ClientConfigurationError.createInvalidPromptError = function (promptValue) {\r\n return new ClientConfigurationError(ClientConfigurationErrorMessage.invalidPrompt.code, ClientConfigurationErrorMessage.invalidPrompt.desc + \" Given value: \" + promptValue);\r\n };\r\n /**\r\n * Creates error thrown when claims parameter is not a stringified JSON object\r\n */\r\n ClientConfigurationError.createInvalidClaimsRequestError = function () {\r\n return new ClientConfigurationError(ClientConfigurationErrorMessage.invalidClaimsRequest.code, ClientConfigurationErrorMessage.invalidClaimsRequest.desc);\r\n };\r\n /**\r\n * Throws error when token request is empty and nothing cached in storage.\r\n */\r\n ClientConfigurationError.createEmptyLogoutRequestError = function () {\r\n return new ClientConfigurationError(ClientConfigurationErrorMessage.logoutRequestEmptyError.code, ClientConfigurationErrorMessage.logoutRequestEmptyError.desc);\r\n };\r\n /**\r\n * Throws error when token request is empty and nothing cached in storage.\r\n */\r\n ClientConfigurationError.createEmptyTokenRequestError = function () {\r\n return new ClientConfigurationError(ClientConfigurationErrorMessage.tokenRequestEmptyError.code, ClientConfigurationErrorMessage.tokenRequestEmptyError.desc);\r\n };\r\n /**\r\n * Throws error when an invalid code_challenge_method is passed by the user\r\n */\r\n ClientConfigurationError.createInvalidCodeChallengeMethodError = function () {\r\n return new ClientConfigurationError(ClientConfigurationErrorMessage.invalidCodeChallengeMethod.code, ClientConfigurationErrorMessage.invalidCodeChallengeMethod.desc);\r\n };\r\n /**\r\n * Throws error when both params: code_challenge and code_challenge_method are not passed together\r\n */\r\n ClientConfigurationError.createInvalidCodeChallengeParamsError = function () {\r\n return new ClientConfigurationError(ClientConfigurationErrorMessage.invalidCodeChallengeParams.code, ClientConfigurationErrorMessage.invalidCodeChallengeParams.desc);\r\n };\r\n /**\r\n * Throws an error when the user passes invalid cloudDiscoveryMetadata\r\n */\r\n ClientConfigurationError.createInvalidCloudDiscoveryMetadataError = function () {\r\n return new ClientConfigurationError(ClientConfigurationErrorMessage.invalidCloudDiscoveryMetadata.code, ClientConfigurationErrorMessage.invalidCloudDiscoveryMetadata.desc);\r\n };\r\n /**\r\n * Throws an error when the user passes invalid cloudDiscoveryMetadata\r\n */\r\n ClientConfigurationError.createInvalidAuthorityMetadataError = function () {\r\n return new ClientConfigurationError(ClientConfigurationErrorMessage.invalidAuthorityMetadata.code, ClientConfigurationErrorMessage.invalidAuthorityMetadata.desc);\r\n };\r\n /**\r\n * Throws error when provided authority is not a member of the trusted host list\r\n */\r\n ClientConfigurationError.createUntrustedAuthorityError = function () {\r\n return new ClientConfigurationError(ClientConfigurationErrorMessage.untrustedAuthority.code, ClientConfigurationErrorMessage.untrustedAuthority.desc);\r\n };\r\n return ClientConfigurationError;\r\n}(ClientAuthError));\n\nexport { ClientConfigurationError, ClientConfigurationErrorMessage };\n//# sourceMappingURL=ClientConfigurationError.js.map\n","/*! @azure/msal-common v5.0.0 2021-09-08 */\n'use strict';\nimport { __extends } from '../_virtual/_tslib.js';\nimport { ServerError } from './ServerError.js';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\n/**\r\n * InteractionRequiredAuthErrorMessage class containing string constants used by error codes and messages.\r\n */\r\nvar InteractionRequiredAuthErrorMessage = [\r\n \"interaction_required\",\r\n \"consent_required\",\r\n \"login_required\"\r\n];\r\nvar InteractionRequiredAuthSubErrorMessage = [\r\n \"message_only\",\r\n \"additional_action\",\r\n \"basic_action\",\r\n \"user_password_expired\",\r\n \"consent_required\"\r\n];\r\n/**\r\n * Error thrown when user interaction is required at the auth server.\r\n */\r\nvar InteractionRequiredAuthError = /** @class */ (function (_super) {\r\n __extends(InteractionRequiredAuthError, _super);\r\n function InteractionRequiredAuthError(errorCode, errorMessage, subError) {\r\n var _this = _super.call(this, errorCode, errorMessage, subError) || this;\r\n _this.name = \"InteractionRequiredAuthError\";\r\n Object.setPrototypeOf(_this, InteractionRequiredAuthError.prototype);\r\n return _this;\r\n }\r\n InteractionRequiredAuthError.isInteractionRequiredError = function (errorCode, errorString, subError) {\r\n var isInteractionRequiredErrorCode = !!errorCode && InteractionRequiredAuthErrorMessage.indexOf(errorCode) > -1;\r\n var isInteractionRequiredSubError = !!subError && InteractionRequiredAuthSubErrorMessage.indexOf(subError) > -1;\r\n var isInteractionRequiredErrorDesc = !!errorString && InteractionRequiredAuthErrorMessage.some(function (irErrorCode) {\r\n return errorString.indexOf(irErrorCode) > -1;\r\n });\r\n return isInteractionRequiredErrorCode || isInteractionRequiredErrorDesc || isInteractionRequiredSubError;\r\n };\r\n return InteractionRequiredAuthError;\r\n}(ServerError));\n\nexport { InteractionRequiredAuthError, InteractionRequiredAuthErrorMessage, InteractionRequiredAuthSubErrorMessage };\n//# sourceMappingURL=InteractionRequiredAuthError.js.map\n","/*! @azure/msal-common v5.0.0 2021-09-08 */\n'use strict';\nimport { __extends } from '../_virtual/_tslib.js';\nimport { AuthError } from './AuthError.js';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\n/**\r\n * Error thrown when there is an error with the server code, for example, unavailability.\r\n */\r\nvar ServerError = /** @class */ (function (_super) {\r\n __extends(ServerError, _super);\r\n function ServerError(errorCode, errorMessage, subError) {\r\n var _this = _super.call(this, errorCode, errorMessage, subError) || this;\r\n _this.name = \"ServerError\";\r\n Object.setPrototypeOf(_this, ServerError.prototype);\r\n return _this;\r\n }\r\n return ServerError;\r\n}(AuthError));\n\nexport { ServerError };\n//# sourceMappingURL=ServerError.js.map\n","/*! @azure/msal-common v5.0.0 2021-09-08 */\n'use strict';\nimport { StringUtils } from '../utils/StringUtils.js';\nimport { Constants } from '../utils/Constants.js';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\n/**\r\n * Log message level.\r\n */\r\nvar LogLevel;\r\n(function (LogLevel) {\r\n LogLevel[LogLevel[\"Error\"] = 0] = \"Error\";\r\n LogLevel[LogLevel[\"Warning\"] = 1] = \"Warning\";\r\n LogLevel[LogLevel[\"Info\"] = 2] = \"Info\";\r\n LogLevel[LogLevel[\"Verbose\"] = 3] = \"Verbose\";\r\n LogLevel[LogLevel[\"Trace\"] = 4] = \"Trace\";\r\n})(LogLevel || (LogLevel = {}));\r\n/**\r\n * Class which facilitates logging of messages to a specific place.\r\n */\r\nvar Logger = /** @class */ (function () {\r\n function Logger(loggerOptions, packageName, packageVersion) {\r\n // Current log level, defaults to info.\r\n this.level = LogLevel.Info;\r\n var defaultLoggerCallback = function () {\r\n return;\r\n };\r\n this.localCallback = loggerOptions.loggerCallback || defaultLoggerCallback;\r\n this.piiLoggingEnabled = loggerOptions.piiLoggingEnabled || false;\r\n this.level = typeof (loggerOptions.logLevel) === \"number\" ? loggerOptions.logLevel : LogLevel.Info;\r\n this.correlationId = loggerOptions.correlationId || \"\";\r\n this.packageName = packageName || Constants.EMPTY_STRING;\r\n this.packageVersion = packageVersion || Constants.EMPTY_STRING;\r\n }\r\n /**\r\n * Create new Logger with existing configurations.\r\n */\r\n Logger.prototype.clone = function (packageName, packageVersion, correlationId) {\r\n return new Logger({ loggerCallback: this.localCallback, piiLoggingEnabled: this.piiLoggingEnabled, logLevel: this.level, correlationId: correlationId || this.correlationId }, packageName, packageVersion);\r\n };\r\n /**\r\n * Log message with required options.\r\n */\r\n Logger.prototype.logMessage = function (logMessage, options) {\r\n if ((options.logLevel > this.level) || (!this.piiLoggingEnabled && options.containsPii)) {\r\n return;\r\n }\r\n var timestamp = new Date().toUTCString();\r\n // Add correlationId to logs if set, correlationId provided on log messages take precedence\r\n var logHeader;\r\n if (!StringUtils.isEmpty(options.correlationId)) {\r\n logHeader = \"[\" + timestamp + \"] : [\" + options.correlationId + \"]\";\r\n }\r\n else if (!StringUtils.isEmpty(this.correlationId)) {\r\n logHeader = \"[\" + timestamp + \"] : [\" + this.correlationId + \"]\";\r\n }\r\n else {\r\n logHeader = \"[\" + timestamp + \"]\";\r\n }\r\n var log = logHeader + \" : \" + this.packageName + \"@\" + this.packageVersion + \" : \" + LogLevel[options.logLevel] + \" - \" + logMessage;\r\n // debug(`msal:${LogLevel[options.logLevel]}${options.containsPii ? \"-Pii\": \"\"}${options.context ? `:${options.context}` : \"\"}`)(logMessage);\r\n this.executeCallback(options.logLevel, log, options.containsPii || false);\r\n };\r\n /**\r\n * Execute callback with message.\r\n */\r\n Logger.prototype.executeCallback = function (level, message, containsPii) {\r\n if (this.localCallback) {\r\n this.localCallback(level, message, containsPii);\r\n }\r\n };\r\n /**\r\n * Logs error messages.\r\n */\r\n Logger.prototype.error = function (message, correlationId) {\r\n this.logMessage(message, {\r\n logLevel: LogLevel.Error,\r\n containsPii: false,\r\n correlationId: correlationId || \"\"\r\n });\r\n };\r\n /**\r\n * Logs error messages with PII.\r\n */\r\n Logger.prototype.errorPii = function (message, correlationId) {\r\n this.logMessage(message, {\r\n logLevel: LogLevel.Error,\r\n containsPii: true,\r\n correlationId: correlationId || \"\"\r\n });\r\n };\r\n /**\r\n * Logs warning messages.\r\n */\r\n Logger.prototype.warning = function (message, correlationId) {\r\n this.logMessage(message, {\r\n logLevel: LogLevel.Warning,\r\n containsPii: false,\r\n correlationId: correlationId || \"\"\r\n });\r\n };\r\n /**\r\n * Logs warning messages with PII.\r\n */\r\n Logger.prototype.warningPii = function (message, correlationId) {\r\n this.logMessage(message, {\r\n logLevel: LogLevel.Warning,\r\n containsPii: true,\r\n correlationId: correlationId || \"\"\r\n });\r\n };\r\n /**\r\n * Logs info messages.\r\n */\r\n Logger.prototype.info = function (message, correlationId) {\r\n this.logMessage(message, {\r\n logLevel: LogLevel.Info,\r\n containsPii: false,\r\n correlationId: correlationId || \"\"\r\n });\r\n };\r\n /**\r\n * Logs info messages with PII.\r\n */\r\n Logger.prototype.infoPii = function (message, correlationId) {\r\n this.logMessage(message, {\r\n logLevel: LogLevel.Info,\r\n containsPii: true,\r\n correlationId: correlationId || \"\"\r\n });\r\n };\r\n /**\r\n * Logs verbose messages.\r\n */\r\n Logger.prototype.verbose = function (message, correlationId) {\r\n this.logMessage(message, {\r\n logLevel: LogLevel.Verbose,\r\n containsPii: false,\r\n correlationId: correlationId || \"\"\r\n });\r\n };\r\n /**\r\n * Logs verbose messages with PII.\r\n */\r\n Logger.prototype.verbosePii = function (message, correlationId) {\r\n this.logMessage(message, {\r\n logLevel: LogLevel.Verbose,\r\n containsPii: true,\r\n correlationId: correlationId || \"\"\r\n });\r\n };\r\n /**\r\n * Logs trace messages.\r\n */\r\n Logger.prototype.trace = function (message, correlationId) {\r\n this.logMessage(message, {\r\n logLevel: LogLevel.Trace,\r\n containsPii: false,\r\n correlationId: correlationId || \"\"\r\n });\r\n };\r\n /**\r\n * Logs trace messages with PII.\r\n */\r\n Logger.prototype.tracePii = function (message, correlationId) {\r\n this.logMessage(message, {\r\n logLevel: LogLevel.Trace,\r\n containsPii: true,\r\n correlationId: correlationId || \"\"\r\n });\r\n };\r\n /**\r\n * Returns whether PII Logging is enabled or not.\r\n */\r\n Logger.prototype.isPiiLoggingEnabled = function () {\r\n return this.piiLoggingEnabled || false;\r\n };\r\n return Logger;\r\n}());\n\nexport { LogLevel, Logger };\n//# sourceMappingURL=Logger.js.map\n","/*! @azure/msal-common v5.0.0 2021-09-08 */\n'use strict';\nimport { AuthError } from '../error/AuthError.js';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\nvar StubbedNetworkModule = {\r\n sendGetRequestAsync: function () {\r\n var notImplErr = \"Network interface - sendGetRequestAsync() has not been implemented for the Network interface.\";\r\n return Promise.reject(AuthError.createUnexpectedError(notImplErr));\r\n },\r\n sendPostRequestAsync: function () {\r\n var notImplErr = \"Network interface - sendPostRequestAsync() has not been implemented for the Network interface.\";\r\n return Promise.reject(AuthError.createUnexpectedError(notImplErr));\r\n }\r\n};\n\nexport { StubbedNetworkModule };\n//# sourceMappingURL=INetworkModule.js.map\n","/*! @azure/msal-common v5.0.0 2021-09-08 */\n'use strict';\nimport { ThrottlingConstants, CacheSchemaType, Constants, HeaderNames } from '../utils/Constants.js';\nimport { ServerError } from '../error/ServerError.js';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\nvar ThrottlingUtils = /** @class */ (function () {\r\n function ThrottlingUtils() {\r\n }\r\n /**\r\n * Prepares a RequestThumbprint to be stored as a key.\r\n * @param thumbprint\r\n */\r\n ThrottlingUtils.generateThrottlingStorageKey = function (thumbprint) {\r\n return ThrottlingConstants.THROTTLING_PREFIX + \".\" + JSON.stringify(thumbprint);\r\n };\r\n /**\r\n * Performs necessary throttling checks before a network request.\r\n * @param cacheManager\r\n * @param thumbprint\r\n */\r\n ThrottlingUtils.preProcess = function (cacheManager, thumbprint) {\r\n var _a;\r\n var key = ThrottlingUtils.generateThrottlingStorageKey(thumbprint);\r\n var value = cacheManager.getThrottlingCache(key);\r\n if (value) {\r\n if (value.throttleTime < Date.now()) {\r\n cacheManager.removeItem(key, CacheSchemaType.THROTTLING);\r\n return;\r\n }\r\n throw new ServerError(((_a = value.errorCodes) === null || _a === void 0 ? void 0 : _a.join(\" \")) || Constants.EMPTY_STRING, value.errorMessage, value.subError);\r\n }\r\n };\r\n /**\r\n * Performs necessary throttling checks after a network request.\r\n * @param cacheManager\r\n * @param thumbprint\r\n * @param response\r\n */\r\n ThrottlingUtils.postProcess = function (cacheManager, thumbprint, response) {\r\n if (ThrottlingUtils.checkResponseStatus(response) || ThrottlingUtils.checkResponseForRetryAfter(response)) {\r\n var thumbprintValue = {\r\n throttleTime: ThrottlingUtils.calculateThrottleTime(parseInt(response.headers[HeaderNames.RETRY_AFTER])),\r\n error: response.body.error,\r\n errorCodes: response.body.error_codes,\r\n errorMessage: response.body.error_description,\r\n subError: response.body.suberror\r\n };\r\n cacheManager.setThrottlingCache(ThrottlingUtils.generateThrottlingStorageKey(thumbprint), thumbprintValue);\r\n }\r\n };\r\n /**\r\n * Checks a NetworkResponse object's status codes against 429 or 5xx\r\n * @param response\r\n */\r\n ThrottlingUtils.checkResponseStatus = function (response) {\r\n return response.status === 429 || response.status >= 500 && response.status < 600;\r\n };\r\n /**\r\n * Checks a NetworkResponse object's RetryAfter header\r\n * @param response\r\n */\r\n ThrottlingUtils.checkResponseForRetryAfter = function (response) {\r\n if (response.headers) {\r\n return response.headers.hasOwnProperty(HeaderNames.RETRY_AFTER) && (response.status < 200 || response.status >= 300);\r\n }\r\n return false;\r\n };\r\n /**\r\n * Calculates the Unix-time value for a throttle to expire given throttleTime in seconds.\r\n * @param throttleTime\r\n */\r\n ThrottlingUtils.calculateThrottleTime = function (throttleTime) {\r\n var time = throttleTime <= 0 ? 0 : throttleTime;\r\n var currentSeconds = Date.now() / 1000;\r\n return Math.floor(Math.min(currentSeconds + (time || ThrottlingConstants.DEFAULT_THROTTLE_TIME_SECONDS), currentSeconds + ThrottlingConstants.DEFAULT_MAX_THROTTLE_TIME_SECONDS) * 1000);\r\n };\r\n ThrottlingUtils.removeThrottle = function (cacheManager, clientId, request, homeAccountIdentifier) {\r\n var thumbprint = {\r\n clientId: clientId,\r\n authority: request.authority,\r\n scopes: request.scopes,\r\n homeAccountIdentifier: homeAccountIdentifier,\r\n authenticationScheme: request.authenticationScheme,\r\n resourceRequestMethod: request.resourceRequestMethod,\r\n resourceRequestUri: request.resourceRequestUri,\r\n shrClaims: request.shrClaims\r\n };\r\n var key = this.generateThrottlingStorageKey(thumbprint);\r\n return cacheManager.removeItem(key, CacheSchemaType.THROTTLING);\r\n };\r\n return ThrottlingUtils;\r\n}());\n\nexport { ThrottlingUtils };\n//# sourceMappingURL=ThrottlingUtils.js.map\n"],"names":["extendStatics","d","b","Object","setPrototypeOf","__proto__","Array","p","prototype","hasOwnProperty","call","__extends","__","this","constructor","create","__assign","assign","t","s","i","n","arguments","length","apply","__awaiter","thisArg","_arguments","P","generator","Promise","resolve","reject","fulfilled","value","step","next","e","rejected","result","done","then","__generator","body","f","y","g","_","label","sent","trys","ops","verb","Symbol","iterator","v","op","TypeError","pop","push","__spreadArrays","il","r","k","a","j","jl","AuthToken","rawToken","crypto","claims","extractTokenClaims","encodedToken","decodedToken","base64TokenPayload","JWSPayload","base64Decoded","base64Decode","JSON","parse","err","CcsCredentialType","buildClientInfo","rawClientInfo","decodedClientInfo","buildClientInfoFromHomeAccountId","homeAccountId","clientInfoParts","split","uid","utid","isOpenIdConfigResponse","response","RegionDiscovery","networkInterface","detectRegion","environmentRegion","regionDiscoveryMetadata","autodetectedRegionName","localIMDSVersionResponse","currentIMDSVersion","currentIMDSVersionResponse","_a","getRegionFromIMDS","Constants","status","region_source","getCurrentVersion","version","sendGetRequestAsync","IMDS_OPTIONS","headers","Authority","authority","cacheManager","authorityOptions","canonicalAuthority","_canonicalAuthority","validateAsUri","regionDiscovery","region_used","undefined","region_outcome","defineProperty","get","pathSegments","canonicalAuthorityUrlComponents","PathSegments","toLowerCase","AuthorityType","enumerable","configurable","protocolMode","urlString","set","url","UrlString","_canonicalAuthorityUrlComponents","getUrlComponents","HostNameAndPort","discoveryComplete","endpoint","replacePath","metadata","authorization_endpoint","replaceTenant","ClientAuthError","token_endpoint","replace","end_session_endpoint","issuer","tenant","cachedAuthorityParts","canonical_authority","forEach","currentPart","index","cachedPart","authorityType","ProtocolMode","resolveEndpointsAsync","metadataEntity","cloudDiscoverySource","endpointSource","cacheKey","getAuthorityMetadataByAlias","hostnameAndPort","AuthorityMetadataEntity","updateCanonicalAuthority","updateCloudDiscoveryMetadata","preferred_network","updateEndpointMetadata","resetExpiresAt","generateAuthorityMetadataCacheKey","preferred_cache","setAuthorityMetadata","azureRegion","_b","getEndpointMetadataFromConfig","isAuthoritySameType","endpointsFromNetwork","isExpired","getEndpointMetadataFromNetwork","azureRegionConfiguration","replaceWithRegionalInformation","defaultOpenIdConfigurationEndpoint","authorityMetadata","ClientConfigurationError","getCloudDiscoveryMetadataFromConfig","aliasesFromNetwork","getCloudDiscoveryMetadataFromNetwork","cloudDiscoveryMetadata","parsedResponse","getCloudDiscoveryMetadataFromNetworkResponse","isInKnownAuthorities","createCloudDiscoveryMetadataFromHost","instanceDiscoveryEndpoint","match","isCloudInstanceDiscoveryResponse","_this","knownAuthorities","filter","host","aliases","indexOf","getPreferredCache","isAlias","isPublicCloudAuthority","buildRegionalAuthorityString","region","queryString","authorityUrlInstance","authorityUrlParts","hostNameAndPort","AuthorityFactory","createDiscoveredInstance","authorityUri","networkClient","acquireTokenAuthority","e_1","createInstance","authorityUrl","CacheManager","clientId","cryptoImpl","getAllAccounts","currentAccounts","getAccountsFilteredBy","accountValues","keys","map","accountKey","accountInfo","toObject","getAccountInfo","idToken","readIdTokenFromCache","idTokenClaims","secret","saveCacheRecord","cacheRecord","account","setAccount","setIdTokenCredential","accessToken","saveAccessToken","refreshToken","setRefreshTokenCredential","appMetadata","setAppMetadata","credential","currentTokenCache","currentScopes","currentAccessTokens","removedAccessTokens_1","getCredentialsFilteredBy","credentialType","environment","realm","tokenType","target","accessTokens","key","tokenEntity","intersectingScopeSets","removeCredential","all","setAccessTokenCredential","accountFilter","getAccountsFilteredByInternal","allCacheKeys","getKeys","matchingAccounts","entity","getAccount","matchHomeAccountId","matchEnvironment","matchRealm","getCredentialsFilteredByInternal","familyId","oboAssertion","matchingCredentials","idTokens","refreshTokens","credType","getSpecificCredential","matchOboAssertion","matchCredentialType","matchClientId","matchFamilyId","matchTarget","matchTokenType","removeItem","getAppMetadataFilteredBy","getAppMetadataFilteredByInternal","matchingAppMetadata","isAppMetadata","getAppMetadata","getAuthorityMetadataKeys","matchedEntity","isAuthorityMetadata","getAuthorityMetadata","removeAllAccounts","removedAccounts","removeAccount","removeAccountContext","accountId","removedCredentials","generateAccountId","cacheEntity","kid","generateCredentialKey","keyId","removeTokenBindingKey","removeAppMetadata","readCacheRecord","scopes","authScheme","cachedAccount","readAccountFromCache","cachedIdToken","cachedAccessToken","readAccessTokenFromCache","cachedRefreshToken","readRefreshTokenFromCache","cachedAppMetadata","readAppMetadataFromCache","idTokenFilter","tenantId","credentialCache","numIdTokens","accessTokenFilter","printScopesLowerCase","numAccessTokens","familyRT","id","refreshTokenFilter","appMetadataFilter","appMetadataEntries","numAppMetadata","isAppMetadataFOCI","cloudMetadata","entityScopeSet","requestTargetScopeSet","containsOnlyOIDCScopes","removeScope","removeOIDCScopes","containsScopeSet","getIdTokenCredential","getAccessTokenCredential","getRefreshTokenCredential","obj","json","propertyName","DefaultStorageClass","_super","setServerTelemetry","getServerTelemetry","setThrottlingCache","getThrottlingCache","containsKey","clear","AccessTokenEntity","createAccessTokenEntity","expiresOn","extExpiresOn","cryptoUtils","refreshOn","atEntity","currentTime","cachedAt","toString","extendedExpiresOn","tokenClaims","cnf","isAccessTokenEntity","AccountEntity","join","generateAccountKey","generateAccountCacheKey","username","localAccountId","generateType","name","accountInterface","createAccount","clientInfo","cloudGraphHostName","msGraphHost","_c","_d","_e","_f","env","tid","oid","sub","preferred_username","emails","createGenericAccount","upn","generateHomeAccountId","serverClientInfo","authType","logger","cryptoObj","verbose","isAccountEntity","accountInfoIsEqual","accountA","accountB","compareClaims","claimsMatch","accountAClaims","accountBClaims","iat","nonce","AppMetadataEntity","generateAppMetadataKey","generateAppMetadataCacheKey","createAppMetadataEntity","isAppMetadataEntity","expiresAt","fromNetwork","isAuthorityMetadataEntity","CacheRecord","accountEntity","idTokenEntity","accessTokenEntity","refreshTokenEntity","appMetadataEntity","CredentialEntity","generateAccountIdForCacheKey","generateCredentialId","generateCredentialIdForCacheKey","generateTarget","generateTargetForCacheKey","generateCredentialCacheKey","getCredentialType","credentialKey","IdTokenEntity","createIdTokenEntity","isIdTokenEntity","RefreshTokenEntity","createRefreshTokenEntity","rtEntity","isRefreshTokenEntity","ServerTelemetryEntity","failedRequests","errors","cacheHits","isServerTelemetryEntity","validateKey","validateEntity","ThrottlingEntity","isThrottlingEntity","TokenCacheContext","tokenCache","hasChanged","cache","AuthorizationCodeClient","configuration","getAuthCodeUrl","request","createAuthCodeUrlQueryString","authorizationEndpoint","acquireToken","authCodePayload","reqTimestamp","responseHandler","info","code","executeTokenRequest","config","authOptions","serializableCache","persistencePlugin","validateTokenResponse","handleServerTokenResponse","handleFragmentResponse","hashFragment","cachedState","hashUrlString","serverParams","getHash","validateServerAuthorizationCodeResponse","getLogoutUri","logoutRequest","createLogoutUrlQueryString","endSessionEndpoint","thumbprint","requestBody","queryParameters","ccsCredential","authenticationScheme","resourceRequestMethod","resourceRequestUri","shrClaims","createTokenRequestBody","createTokenQueryParameters","type","createTokenRequestHeaders","tokenEndpoint","executePostToTokenEndpoint","parameterBuilder","tokenQueryParameters","addExtraQueryParameters","createQueryString","clientAssertion","cnfString","correlationId","ccsCred","addClientId","addRedirectUri","redirectUri","addScopes","addAuthorizationCode","addLibraryInfo","libraryInfo","addThrottling","serverTelemetryManager","addServerTelemetry","codeVerifier","addCodeVerifier","clientCredentials","clientSecret","addClientSecret","addClientAssertion","assertion","addClientAssertionType","assertionType","addGrantType","addClientInfo","generateCnf","addPopToken","cryptoInterface","createNewGuid","addCorrelationId","clientCapabilities","addClaims","systemOptions","preventCorsPreflight","addCcsOid","addCcsUpn","requestScopes","extraScopesToConsent","addResponseMode","responseMode","addResponseTypeCode","codeChallenge","codeChallengeMethod","addCodeChallengeParams","prompt","addPrompt","domainHint","addDomainHint","sid","addSid","accountSid","extractAccountSid","loginHint","addLoginHint","addNonce","state","addState","extraQueryParameters","postLogoutRedirectUri","addPostLogoutRedirectUri","idTokenHint","addIdTokenHint","NetworkManager","sendPostRequest","options","ThrottlingUtils","sendPostRequestAsync","AuthError","BaseClient","Logger","loggerOptions","storageInterface","networkManager","CcsCredential","clearTelemetryCache","updateAuthority","updatedAuthority","RefreshTokenClient","acquireTokenByRefreshToken","noFamilyRTInCache","clientMismatchErrorWithFamilyRT","acquireTokenWithCachedRefreshToken","errorCode","subError","foci","refreshTokenRequest","popTokenGenerator","addRefreshToken","SilentFlowClient","acquireCachedToken","forceRefresh","setCacheOutcome","tokenRenewalOffsetSeconds","incrementCacheHits","generateResultFromCacheRecord","idTokenObj","DEFAULT_SYSTEM_OPTIONS","DEFAULT_LOGGER_IMPLEMENTATION","loggerCallback","piiLoggingEnabled","logLevel","DEFAULT_NETWORK_IMPLEMENTATION","DEFAULT_LIBRARY_INFO","sku","cpu","os","DEFAULT_CLIENT_CREDENTIALS","buildClientConfiguration","userAuthOptions","userSystemOptions","userLoggerOption","storageImplementation","networkImplementation","cryptoImplementation","DEFAULT_CRYPTO_IMPLEMENTATION","base64Encode","generatePkceCodes","getPublicKeyThumbprint","clearKeystore","signJwt","KeyLocation","PopTokenGenerator","reqCnf","generateKid","stringify","xms_ksl","SW","signPopToken","signPayload","payload","resourceUrlString","resourceUrlComponents","at","ts","m","toUpperCase","u","AbsolutePath","q","QueryString","client_claims","AuthErrorMessage","errorMessage","suberror","errorString","setCorrelationId","createUnexpectedError","errDesc","Error","ClientAuthErrorMessage","clientInfoDecodingError","desc","clientInfoEmptyError","tokenParsingError","nullOrEmptyToken","endpointResolutionError","networkError","unableToGetOpenidConfigError","hashNotDeserialized","blankGuidGenerated","invalidStateError","stateMismatchError","stateNotFoundError","nonceMismatchError","nonceNotFoundError","noTokensFoundError","multipleMatchingTokens","multipleMatchingAccounts","multipleMatchingAppMetadata","tokenRequestCannotBeMade","appendEmptyScopeError","removeEmptyScopeError","appendScopeSetError","emptyInputScopeSetError","DeviceCodePollingCancelled","DeviceCodeExpired","DeviceCodeUnknownError","NoAccountInSilentRequest","invalidCacheRecord","invalidCacheEnvironment","noAccountFound","CachePluginError","noCryptoObj","invalidCacheType","unexpectedAccountType","unexpectedCredentialType","invalidAssertion","invalidClientCredential","tokenRefreshRequired","userTimeoutReached","tokenClaimsRequired","noAuthorizationCodeFromServer","noAzureRegionDetected","accessTokenEntityNullError","bindingKeyNotRemovedError","createClientInfoDecodingError","caughtError","createClientInfoEmptyError","createTokenParsingError","caughtExtractionError","createTokenNullOrEmptyError","invalidRawTokenString","createEndpointDiscoveryIncompleteError","errDetail","createNetworkError","createUnableToGetOpenidConfigError","createHashNotDeserializedError","hashParamObj","createInvalidStateError","invalidState","createStateMismatchError","createStateNotFoundError","missingState","createNonceMismatchError","createNonceNotFoundError","missingNonce","createNoTokensFoundError","createMultipleMatchingTokensInCacheError","createMultipleMatchingAccountsInCacheError","createMultipleMatchingAppMetadataInCacheError","createTokenRequestCannotBeMadeError","createAppendEmptyScopeToSetError","givenScope","createRemoveEmptyScopeFromSetError","createAppendScopeSetError","appendError","createEmptyInputScopeSetError","createDeviceCodeCancelledError","createDeviceCodeExpiredError","createDeviceCodeUnknownError","createNoAccountInSilentRequestError","createNullOrUndefinedCacheRecord","createInvalidCacheEnvironmentError","createNoAccountFoundError","createCachePluginError","createNoCryptoObjectError","operationName","createInvalidCacheTypeError","createUnexpectedAccountTypeError","createUnexpectedCredentialTypeError","createInvalidAssertionError","createInvalidCredentialError","createRefreshRequiredError","createUserTimeoutReachedError","createTokenClaimsRequiredError","createNoAuthCodeInServerResponseError","createBindingKeyNotRemovedError","ClientConfigurationErrorMessage","createRedirectUriEmptyError","createPostLogoutRedirectUriEmptyError","createClaimsRequestParsingError","claimsRequestParseError","createInsecureAuthorityUriError","createUrlParseError","urlParseError","createUrlEmptyError","createEmptyScopesArrayError","createClientIdSingleScopeError","inputScopes","createInvalidPromptError","promptValue","createInvalidClaimsRequestError","createEmptyLogoutRequestError","createEmptyTokenRequestError","createInvalidCodeChallengeMethodError","createInvalidCodeChallengeParamsError","createInvalidCloudDiscoveryMetadataError","createInvalidAuthorityMetadataError","createUntrustedAuthorityError","InteractionRequiredAuthErrorMessage","InteractionRequiredAuthSubErrorMessage","InteractionRequiredAuthError","isInteractionRequiredError","isInteractionRequiredErrorCode","isInteractionRequiredSubError","isInteractionRequiredErrorDesc","some","irErrorCode","ServerError","LogLevel","packageName","packageVersion","level","Info","localCallback","clone","logMessage","containsPii","timestamp","Date","toUTCString","log","executeCallback","message","error","errorPii","warning","Warning","warningPii","infoPii","Verbose","verbosePii","trace","Trace","tracePii","isPiiLoggingEnabled","StubbedNetworkModule","generateThrottlingStorageKey","preProcess","throttleTime","now","errorCodes","postProcess","checkResponseStatus","checkResponseForRetryAfter","thumbprintValue","calculateThrottleTime","parseInt","error_codes","error_description","time","currentSeconds","Math","floor","min","removeThrottle","homeAccountIdentifier"],"sourceRoot":""}