{"version":3,"sources":["node_modules/@aws-amplify/auth/dist/esm/utils/getAuthUserAgentValue.mjs","node_modules/@aws-amplify/auth/dist/esm/errors/AuthError.mjs","node_modules/@aws-amplify/auth/dist/esm/providers/cognito/tokenProvider/types.mjs","node_modules/@aws-amplify/auth/dist/esm/providers/cognito/tokenProvider/errorHelpers.mjs","node_modules/@aws-amplify/auth/dist/esm/providers/cognito/tokenProvider/TokenStore.mjs","node_modules/@aws-amplify/auth/dist/esm/errors/constants.mjs","node_modules/@aws-amplify/auth/dist/esm/providers/cognito/utils/types.mjs","node_modules/@aws-amplify/auth/dist/esm/providers/cognito/utils/signInWithRedirectStore.mjs","node_modules/@aws-amplify/auth/dist/esm/providers/cognito/utils/oauth/oAuthStore.mjs","node_modules/@aws-amplify/auth/dist/esm/foundation/parsers/regionParsers.mjs","node_modules/@aws-amplify/auth/dist/esm/foundation/factories/serviceClients/cognitoIdentityProvider/shared/serde/createUserPoolSerializer.mjs","node_modules/@aws-amplify/auth/dist/esm/errors/utils/assertServiceError.mjs","node_modules/@aws-amplify/auth/dist/esm/foundation/factories/serviceClients/cognitoIdentityProvider/shared/serde/createUserPoolDeserializer.mjs","node_modules/@aws-amplify/auth/dist/esm/foundation/factories/serviceClients/cognitoIdentityProvider/shared/handler/cognitoUserPoolTransferHandler.mjs","node_modules/@aws-amplify/auth/dist/esm/foundation/constants.mjs","node_modules/@aws-amplify/auth/dist/esm/foundation/factories/serviceClients/cognitoIdentityProvider/constants.mjs","node_modules/@aws-amplify/auth/dist/esm/foundation/factories/serviceClients/cognitoIdentityProvider/createInitiateAuthClient.mjs","node_modules/@aws-amplify/auth/dist/esm/foundation/cognitoUserPoolEndpointResolver.mjs","node_modules/@aws-amplify/auth/dist/esm/providers/cognito/factories/createCognitoUserPoolEndpointResolver.mjs","node_modules/@aws-amplify/auth/dist/esm/providers/cognito/utils/userContextData.mjs","node_modules/@aws-amplify/auth/dist/esm/providers/cognito/utils/refreshAuthTokens.mjs","node_modules/@aws-amplify/auth/dist/esm/providers/cognito/utils/oauth/inflightPromise.mjs","node_modules/@aws-amplify/auth/dist/esm/providers/cognito/tokenProvider/TokenOrchestrator.mjs","node_modules/@aws-amplify/auth/dist/esm/providers/cognito/tokenProvider/CognitoUserPoolsTokenProvider.mjs","node_modules/@aws-amplify/auth/dist/esm/providers/cognito/tokenProvider/tokenProvider.mjs","node_modules/@aws-amplify/auth/dist/esm/providers/cognito/tokenProvider/cacheTokens.mjs","node_modules/@aws-amplify/auth/dist/esm/providers/cognito/apis/internal/getCurrentUser.mjs","node_modules/@aws-amplify/auth/dist/esm/providers/cognito/apis/getCurrentUser.mjs","node_modules/@aws-amplify/auth/dist/esm/providers/cognito/utils/dispatchSignedInHubEvent.mjs","node_modules/@aws-amplify/auth/dist/esm/errors/types/validation.mjs","node_modules/@aws-amplify/auth/dist/esm/common/AuthErrorStrings.mjs","node_modules/@aws-amplify/auth/dist/esm/Errors.mjs","node_modules/@aws-amplify/auth/dist/esm/providers/cognito/utils/oauth/createOAuthError.mjs","node_modules/@aws-amplify/auth/dist/esm/types/Auth.mjs","node_modules/@aws-amplify/auth/dist/esm/providers/cognito/utils/oauth/validateState.mjs","node_modules/@aws-amplify/auth/dist/esm/providers/cognito/utils/oauth/completeOAuthFlow.mjs","node_modules/@aws-amplify/auth/dist/esm/providers/cognito/utils/oauth/getRedirectUrl.mjs","node_modules/@aws-amplify/auth/dist/esm/providers/cognito/utils/oauth/handleFailure.mjs","node_modules/@aws-amplify/auth/dist/esm/providers/cognito/utils/oauth/attemptCompleteOAuthFlow.mjs","node_modules/@aws-amplify/auth/dist/esm/providers/cognito/utils/oauth/enableOAuthListener.mjs","node_modules/@aws-amplify/auth/dist/esm/providers/cognito/types/models.mjs","node_modules/@aws-amplify/auth/dist/esm/utils/openAuthSession.mjs","node_modules/@aws-amplify/auth/dist/esm/providers/cognito/types/errors.mjs","node_modules/@aws-amplify/auth/dist/esm/errors/utils/assertValidationError.mjs","node_modules/@aws-amplify/auth/dist/esm/foundation/factories/serviceClients/cognitoIdentityProvider/createRespondToAuthChallengeClient.mjs","node_modules/@aws-amplify/auth/dist/esm/foundation/factories/serviceClients/cognitoIdentityProvider/createAssociateSoftwareTokenClient.mjs","node_modules/@aws-amplify/auth/dist/esm/foundation/factories/serviceClients/cognitoIdentityProvider/createConfirmDeviceClient.mjs","node_modules/@aws-amplify/auth/dist/esm/providers/cognito/utils/signInStore.mjs","node_modules/@aws-amplify/auth/dist/esm/providers/cognito/utils/textEncoder/index.mjs","node_modules/@aws-amplify/auth/dist/esm/providers/cognito/utils/srp/BigInteger/BigInteger.mjs","node_modules/@aws-amplify/auth/dist/esm/providers/cognito/utils/srp/calculate/calculateS.mjs","node_modules/@aws-amplify/auth/dist/esm/providers/cognito/utils/srp/constants.mjs","node_modules/@aws-amplify/auth/dist/esm/providers/cognito/utils/srp/getBytesFromHex.mjs","node_modules/@aws-amplify/auth/dist/esm/providers/cognito/utils/srp/getHexFromBytes.mjs","node_modules/@aws-amplify/auth/dist/esm/providers/cognito/utils/srp/getHashFromData.mjs","node_modules/@aws-amplify/auth/dist/esm/providers/cognito/utils/srp/getHashFromHex.mjs","node_modules/@aws-amplify/auth/dist/esm/providers/cognito/utils/srp/getPaddedHex.mjs","node_modules/@aws-amplify/auth/dist/esm/providers/cognito/utils/srp/calculate/calculateU.mjs","node_modules/@aws-amplify/auth/dist/esm/providers/cognito/utils/srp/getHkdfKey.mjs","node_modules/@aws-amplify/auth/dist/esm/providers/cognito/utils/srp/getRandomBytes.mjs","node_modules/@aws-amplify/auth/dist/esm/providers/cognito/utils/srp/getRandomString.mjs","node_modules/@aws-amplify/auth/dist/esm/providers/cognito/utils/srp/AuthenticationHelper/AuthenticationHelper.mjs","node_modules/@aws-amplify/auth/dist/esm/providers/cognito/utils/srp/calculate/calculateA.mjs","node_modules/@aws-amplify/auth/dist/esm/providers/cognito/utils/srp/getAuthenticationHelper.mjs","node_modules/@aws-amplify/auth/dist/esm/providers/cognito/utils/srp/getNowString.mjs","node_modules/@aws-amplify/auth/dist/esm/providers/cognito/utils/srp/getSignatureString.mjs","node_modules/@aws-amplify/auth/dist/esm/providers/cognito/utils/signInHelpers.mjs","node_modules/@aws-amplify/auth/dist/esm/providers/cognito/utils/oauth/generateCodeVerifier.mjs","node_modules/@aws-amplify/auth/dist/esm/providers/cognito/utils/oauth/generateState.mjs","node_modules/@aws-amplify/auth/dist/esm/providers/cognito/utils/oauth/cancelOAuthFlow.mjs","node_modules/@aws-amplify/auth/dist/esm/providers/cognito/apis/signInWithRedirect.mjs","node_modules/@aws-amplify/auth/dist/esm/providers/cognito/utils/apiHelpers.mjs","node_modules/@aws-amplify/auth/dist/esm/providers/cognito/apis/signInWithCustomAuth.mjs","node_modules/@aws-amplify/auth/dist/esm/providers/cognito/apis/signInWithCustomSRPAuth.mjs","node_modules/@aws-amplify/auth/dist/esm/providers/cognito/apis/signInWithSRP.mjs","node_modules/@aws-amplify/auth/dist/esm/providers/cognito/apis/signInWithUserPassword.mjs","node_modules/@aws-amplify/auth/dist/esm/providers/cognito/apis/signIn.mjs","node_modules/@aws-amplify/auth/dist/esm/providers/cognito/apis/autoSignIn.mjs","node_modules/@aws-amplify/auth/dist/esm/providers/cognito/utils/signUpHelpers.mjs","node_modules/@aws-amplify/auth/dist/esm/foundation/factories/serviceClients/cognitoIdentityProvider/createSignUpClient.mjs","node_modules/@aws-amplify/auth/dist/esm/providers/cognito/apis/signUp.mjs","node_modules/@aws-amplify/auth/dist/esm/foundation/factories/serviceClients/cognitoIdentityProvider/createForgotPasswordClient.mjs","node_modules/@aws-amplify/auth/dist/esm/providers/cognito/apis/resetPassword.mjs","node_modules/@aws-amplify/auth/dist/esm/foundation/factories/serviceClients/cognitoIdentityProvider/createConfirmForgotPasswordClient.mjs","node_modules/@aws-amplify/auth/dist/esm/providers/cognito/apis/confirmResetPassword.mjs","node_modules/@aws-amplify/auth/dist/esm/foundation/factories/serviceClients/cognitoIdentityProvider/createResendConfirmationCodeClient.mjs","node_modules/@aws-amplify/auth/dist/esm/providers/cognito/apis/resendSignUpCode.mjs","node_modules/@aws-amplify/auth/dist/esm/foundation/factories/serviceClients/cognitoIdentityProvider/createConfirmSignUpClient.mjs","node_modules/@aws-amplify/auth/dist/esm/providers/cognito/apis/confirmSignUp.mjs","node_modules/@aws-amplify/auth/dist/esm/foundation/factories/serviceClients/cognitoIdentityProvider/createGetUserClient.mjs","node_modules/@aws-amplify/auth/dist/esm/providers/cognito/apis/internal/fetchUserAttributes.mjs","node_modules/@aws-amplify/auth/dist/esm/providers/cognito/apis/fetchUserAttributes.mjs","node_modules/@aws-amplify/auth/dist/esm/providers/cognito/utils/oauth/completeOAuthSignOut.mjs","node_modules/@aws-amplify/auth/dist/esm/providers/cognito/utils/oauth/oAuthSignOutRedirect.mjs","node_modules/@aws-amplify/auth/dist/esm/providers/cognito/utils/oauth/handleOAuthSignOut.mjs","node_modules/@aws-amplify/auth/dist/esm/foundation/factories/serviceClients/cognitoIdentityProvider/createRevokeTokenClient.mjs","node_modules/@aws-amplify/auth/dist/esm/foundation/factories/serviceClients/cognitoIdentityProvider/createGlobalSignOutClient.mjs","node_modules/@aws-amplify/auth/dist/esm/providers/cognito/apis/signOut.mjs","node_modules/@aws-amplify/auth/dist/esm/foundation/factories/serviceClients/cognitoIdentityProvider/shared/serde/createEmptyResponseDeserializer.mjs","node_modules/@aws-amplify/auth/dist/esm/foundation/factories/serviceClients/cognitoIdentityProvider/createDeleteUserClient.mjs","node_modules/@aws-amplify/auth/dist/esm/providers/cognito/apis/deleteUser.mjs","node_modules/@aws-amplify/auth/dist/esm/providers/cognito/credentialsProvider/types.mjs","node_modules/@aws-amplify/auth/dist/esm/providers/cognito/credentialsProvider/IdentityIdStore.mjs","node_modules/@aws-amplify/auth/dist/esm/providers/cognito/credentialsProvider/utils.mjs","node_modules/@aws-amplify/auth/dist/esm/providers/cognito/credentialsProvider/IdentityIdProvider.mjs","node_modules/@aws-amplify/auth/dist/esm/providers/cognito/credentialsProvider/credentialsProvider.mjs","src/app/core/auth/auth.service.ts"],"sourcesContent":["import { getAmplifyUserAgent, Category } from '@aws-amplify/core/internals/utils';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nconst getAuthUserAgentValue = (action, customUserAgentDetails) => getAmplifyUserAgent({\n category: Category.Auth,\n action,\n ...customUserAgentDetails\n});\nexport { getAuthUserAgentValue };\n","import { AmplifyError } from '@aws-amplify/core/internals/utils';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nclass AuthError extends AmplifyError {\n constructor(params) {\n super(params);\n // Hack for making the custom error class work when transpiled to es5\n // TODO: Delete the following 2 lines after we change the build target to >= es2015\n this.constructor = AuthError;\n Object.setPrototypeOf(this, AuthError.prototype);\n }\n}\nexport { AuthError };\n","const AuthTokenStorageKeys = {\n accessToken: 'accessToken',\n idToken: 'idToken',\n oidcProvider: 'oidcProvider',\n clockDrift: 'clockDrift',\n refreshToken: 'refreshToken',\n deviceKey: 'deviceKey',\n randomPasswordKey: 'randomPasswordKey',\n deviceGroupKey: 'deviceGroupKey',\n signInDetails: 'signInDetails',\n oauthMetadata: 'oauthMetadata'\n};\nexport { AuthTokenStorageKeys };\n","import { createAssertionFunction } from '@aws-amplify/core/internals/utils';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nvar TokenProviderErrorCode = /*#__PURE__*/function (TokenProviderErrorCode) {\n TokenProviderErrorCode[\"InvalidAuthTokens\"] = \"InvalidAuthTokens\";\n return TokenProviderErrorCode;\n}(TokenProviderErrorCode || {});\nconst tokenValidationErrorMap = {\n [TokenProviderErrorCode.InvalidAuthTokens]: {\n message: 'Invalid tokens.',\n recoverySuggestion: 'Make sure the tokens are valid.'\n }\n};\nconst assert = createAssertionFunction(tokenValidationErrorMap);\nexport { TokenProviderErrorCode, assert };\n","import { decodeJWT, assertTokenProviderConfig } from '@aws-amplify/core/internals/utils';\nimport { AuthError } from '../../../errors/AuthError.mjs';\nimport { AuthTokenStorageKeys } from './types.mjs';\nimport { assert, TokenProviderErrorCode } from './errorHelpers.mjs';\nclass DefaultTokenStore {\n constructor() {\n this.name = 'CognitoIdentityServiceProvider'; // To be backwards compatible with V5, no migration needed\n }\n getKeyValueStorage() {\n if (!this.keyValueStorage) {\n throw new AuthError({\n name: 'KeyValueStorageNotFoundException',\n message: 'KeyValueStorage was not found in TokenStore'\n });\n }\n return this.keyValueStorage;\n }\n setKeyValueStorage(keyValueStorage) {\n this.keyValueStorage = keyValueStorage;\n }\n setAuthConfig(authConfig) {\n this.authConfig = authConfig;\n }\n async loadTokens() {\n // TODO(v6): migration logic should be here\n // Reading V5 tokens old format\n try {\n const authKeys = await this.getAuthKeys();\n const accessTokenString = await this.getKeyValueStorage().getItem(authKeys.accessToken);\n if (!accessTokenString) {\n throw new AuthError({\n name: 'NoSessionFoundException',\n message: 'Auth session was not found. Make sure to call signIn.'\n });\n }\n const accessToken = decodeJWT(accessTokenString);\n const itString = await this.getKeyValueStorage().getItem(authKeys.idToken);\n const idToken = itString ? decodeJWT(itString) : undefined;\n const refreshToken = (await this.getKeyValueStorage().getItem(authKeys.refreshToken)) ?? undefined;\n const clockDriftString = (await this.getKeyValueStorage().getItem(authKeys.clockDrift)) ?? '0';\n const clockDrift = Number.parseInt(clockDriftString);\n const signInDetails = await this.getKeyValueStorage().getItem(authKeys.signInDetails);\n const tokens = {\n accessToken,\n idToken,\n refreshToken,\n deviceMetadata: (await this.getDeviceMetadata()) ?? undefined,\n clockDrift,\n username: await this.getLastAuthUser()\n };\n if (signInDetails) {\n tokens.signInDetails = JSON.parse(signInDetails);\n }\n return tokens;\n } catch (err) {\n return null;\n }\n }\n async storeTokens(tokens) {\n assert(tokens !== undefined, TokenProviderErrorCode.InvalidAuthTokens);\n await this.clearTokens();\n const lastAuthUser = tokens.username;\n await this.getKeyValueStorage().setItem(this.getLastAuthUserKey(), lastAuthUser);\n const authKeys = await this.getAuthKeys();\n await this.getKeyValueStorage().setItem(authKeys.accessToken, tokens.accessToken.toString());\n if (tokens.idToken) {\n await this.getKeyValueStorage().setItem(authKeys.idToken, tokens.idToken.toString());\n }\n if (tokens.refreshToken) {\n await this.getKeyValueStorage().setItem(authKeys.refreshToken, tokens.refreshToken);\n }\n if (tokens.deviceMetadata) {\n if (tokens.deviceMetadata.deviceKey) {\n await this.getKeyValueStorage().setItem(authKeys.deviceKey, tokens.deviceMetadata.deviceKey);\n }\n if (tokens.deviceMetadata.deviceGroupKey) {\n await this.getKeyValueStorage().setItem(authKeys.deviceGroupKey, tokens.deviceMetadata.deviceGroupKey);\n }\n await this.getKeyValueStorage().setItem(authKeys.randomPasswordKey, tokens.deviceMetadata.randomPassword);\n }\n if (tokens.signInDetails) {\n await this.getKeyValueStorage().setItem(authKeys.signInDetails, JSON.stringify(tokens.signInDetails));\n }\n await this.getKeyValueStorage().setItem(authKeys.clockDrift, `${tokens.clockDrift}`);\n }\n async clearTokens() {\n const authKeys = await this.getAuthKeys();\n // Not calling clear because it can remove data that is not managed by AuthTokenStore\n await Promise.all([this.getKeyValueStorage().removeItem(authKeys.accessToken), this.getKeyValueStorage().removeItem(authKeys.idToken), this.getKeyValueStorage().removeItem(authKeys.clockDrift), this.getKeyValueStorage().removeItem(authKeys.refreshToken), this.getKeyValueStorage().removeItem(authKeys.signInDetails), this.getKeyValueStorage().removeItem(this.getLastAuthUserKey()), this.getKeyValueStorage().removeItem(authKeys.oauthMetadata)]);\n }\n async getDeviceMetadata(username) {\n const authKeys = await this.getAuthKeys(username);\n const deviceKey = await this.getKeyValueStorage().getItem(authKeys.deviceKey);\n const deviceGroupKey = await this.getKeyValueStorage().getItem(authKeys.deviceGroupKey);\n const randomPassword = await this.getKeyValueStorage().getItem(authKeys.randomPasswordKey);\n return randomPassword && deviceGroupKey && deviceKey ? {\n deviceKey,\n deviceGroupKey,\n randomPassword\n } : null;\n }\n async clearDeviceMetadata(username) {\n const authKeys = await this.getAuthKeys(username);\n await Promise.all([this.getKeyValueStorage().removeItem(authKeys.deviceKey), this.getKeyValueStorage().removeItem(authKeys.deviceGroupKey), this.getKeyValueStorage().removeItem(authKeys.randomPasswordKey)]);\n }\n async getAuthKeys(username) {\n assertTokenProviderConfig(this.authConfig?.Cognito);\n const lastAuthUser = username ?? (await this.getLastAuthUser());\n return createKeysForAuthStorage(this.name, `${this.authConfig.Cognito.userPoolClientId}.${lastAuthUser}`);\n }\n getLastAuthUserKey() {\n assertTokenProviderConfig(this.authConfig?.Cognito);\n const identifier = this.authConfig.Cognito.userPoolClientId;\n return `${this.name}.${identifier}.LastAuthUser`;\n }\n async getLastAuthUser() {\n const lastAuthUser = (await this.getKeyValueStorage().getItem(this.getLastAuthUserKey())) ?? 'username';\n return lastAuthUser;\n }\n async setOAuthMetadata(metadata) {\n const {\n oauthMetadata: oauthMetadataKey\n } = await this.getAuthKeys();\n await this.getKeyValueStorage().setItem(oauthMetadataKey, JSON.stringify(metadata));\n }\n async getOAuthMetadata() {\n const {\n oauthMetadata: oauthMetadataKey\n } = await this.getAuthKeys();\n const oauthMetadata = await this.getKeyValueStorage().getItem(oauthMetadataKey);\n return oauthMetadata && JSON.parse(oauthMetadata);\n }\n}\nconst createKeysForAuthStorage = (provider, identifier) => {\n return getAuthStorageKeys(AuthTokenStorageKeys)(`${provider}`, identifier);\n};\nfunction getAuthStorageKeys(authKeys) {\n const keys = Object.values({\n ...authKeys\n });\n return (prefix, identifier) => keys.reduce((acc, authKey) => ({\n ...acc,\n [authKey]: `${prefix}.${identifier}.${authKey}`\n }), {});\n}\nexport { DefaultTokenStore, createKeysForAuthStorage, getAuthStorageKeys };\n","import { AuthError } from './AuthError.mjs';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nconst USER_UNAUTHENTICATED_EXCEPTION = 'UserUnAuthenticatedException';\nconst USER_ALREADY_AUTHENTICATED_EXCEPTION = 'UserAlreadyAuthenticatedException';\nconst DEVICE_METADATA_NOT_FOUND_EXCEPTION = 'DeviceMetadataNotFoundException';\nconst AUTO_SIGN_IN_EXCEPTION = 'AutoSignInException';\nconst INVALID_REDIRECT_EXCEPTION = 'InvalidRedirectException';\nconst INVALID_APP_SCHEME_EXCEPTION = 'InvalidAppSchemeException';\nconst INVALID_PREFERRED_REDIRECT_EXCEPTION = 'InvalidPreferredRedirectUrlException';\nconst invalidRedirectException = new AuthError({\n name: INVALID_REDIRECT_EXCEPTION,\n message: 'signInRedirect or signOutRedirect had an invalid format or was not found.',\n recoverySuggestion: 'Please make sure the signIn/Out redirect in your oauth config is valid.'\n});\nconst invalidAppSchemeException = new AuthError({\n name: INVALID_APP_SCHEME_EXCEPTION,\n message: 'A valid non-http app scheme was not found in the config.',\n recoverySuggestion: 'Please make sure a valid custom app scheme is present in the config.'\n});\nconst invalidPreferredRedirectUrlException = new AuthError({\n name: INVALID_PREFERRED_REDIRECT_EXCEPTION,\n message: 'The given preferredRedirectUrl does not match any items in the redirectSignOutUrls array from the config.',\n recoverySuggestion: 'Please make sure a matching preferredRedirectUrl is provided.'\n});\nconst INVALID_ORIGIN_EXCEPTION = 'InvalidOriginException';\nconst invalidOriginException = new AuthError({\n name: INVALID_ORIGIN_EXCEPTION,\n message: 'redirect is coming from a different origin. The oauth flow needs to be initiated from the same origin',\n recoverySuggestion: 'Please call signInWithRedirect from the same origin.'\n});\nconst OAUTH_SIGNOUT_EXCEPTION = 'OAuthSignOutException';\nconst TOKEN_REFRESH_EXCEPTION = 'TokenRefreshException';\nconst UNEXPECTED_SIGN_IN_INTERRUPTION_EXCEPTION = 'UnexpectedSignInInterruptionException';\nexport { AUTO_SIGN_IN_EXCEPTION, DEVICE_METADATA_NOT_FOUND_EXCEPTION, INVALID_APP_SCHEME_EXCEPTION, INVALID_ORIGIN_EXCEPTION, INVALID_PREFERRED_REDIRECT_EXCEPTION, INVALID_REDIRECT_EXCEPTION, OAUTH_SIGNOUT_EXCEPTION, TOKEN_REFRESH_EXCEPTION, UNEXPECTED_SIGN_IN_INTERRUPTION_EXCEPTION, USER_ALREADY_AUTHENTICATED_EXCEPTION, USER_UNAUTHENTICATED_EXCEPTION, invalidAppSchemeException, invalidOriginException, invalidPreferredRedirectUrlException, invalidRedirectException };\n","import { AuthError } from '../../../errors/AuthError.mjs';\nimport { TOKEN_REFRESH_EXCEPTION, USER_UNAUTHENTICATED_EXCEPTION, DEVICE_METADATA_NOT_FOUND_EXCEPTION } from '../../../errors/constants.mjs';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nfunction isTypeUserPoolConfig(authConfig) {\n if (authConfig && authConfig.Cognito.userPoolId && authConfig.Cognito.userPoolClientId) {\n return true;\n }\n return false;\n}\nfunction assertAuthTokens(tokens) {\n if (!tokens || !tokens.accessToken) {\n throw new AuthError({\n name: USER_UNAUTHENTICATED_EXCEPTION,\n message: 'User needs to be authenticated to call this API.',\n recoverySuggestion: 'Sign in before calling this API again.'\n });\n }\n}\nfunction assertIdTokenInAuthTokens(tokens) {\n if (!tokens || !tokens.idToken) {\n throw new AuthError({\n name: USER_UNAUTHENTICATED_EXCEPTION,\n message: 'User needs to be authenticated to call this API.',\n recoverySuggestion: 'Sign in before calling this API again.'\n });\n }\n}\nconst oAuthTokenRefreshException = new AuthError({\n name: TOKEN_REFRESH_EXCEPTION,\n message: `Token refresh is not supported when authenticated with the 'implicit grant' (token) oauth flow. \n\tPlease change your oauth configuration to use 'code grant' flow.`,\n recoverySuggestion: `Please logout and change your Amplify configuration to use \"code grant\" flow. \n\tE.g { responseType: 'code' }`\n});\nconst tokenRefreshException = new AuthError({\n name: USER_UNAUTHENTICATED_EXCEPTION,\n message: 'User needs to be authenticated to call this API.',\n recoverySuggestion: 'Sign in before calling this API again.'\n});\nfunction assertAuthTokensWithRefreshToken(tokens) {\n if (isAuthenticatedWithImplicitOauthFlow(tokens)) {\n throw oAuthTokenRefreshException;\n }\n if (!isAuthenticatedWithRefreshToken(tokens)) {\n throw tokenRefreshException;\n }\n}\nfunction assertDeviceMetadata(deviceMetadata) {\n if (!deviceMetadata || !deviceMetadata.deviceKey || !deviceMetadata.deviceGroupKey || !deviceMetadata.randomPassword) {\n throw new AuthError({\n name: DEVICE_METADATA_NOT_FOUND_EXCEPTION,\n message: 'Either deviceKey, deviceGroupKey or secretPassword were not found during the sign-in process.',\n recoverySuggestion: 'Make sure to not clear storage after calling the signIn API.'\n });\n }\n}\nconst OAuthStorageKeys = {\n inflightOAuth: 'inflightOAuth',\n oauthSignIn: 'oauthSignIn',\n oauthPKCE: 'oauthPKCE',\n oauthState: 'oauthState'\n};\nfunction isAuthenticated(tokens) {\n return tokens?.accessToken || tokens?.idToken;\n}\nfunction isAuthenticatedWithRefreshToken(tokens) {\n return isAuthenticated(tokens) && tokens?.refreshToken;\n}\nfunction isAuthenticatedWithImplicitOauthFlow(tokens) {\n return isAuthenticated(tokens) && !tokens?.refreshToken;\n}\nexport { OAuthStorageKeys, assertAuthTokens, assertAuthTokensWithRefreshToken, assertDeviceMetadata, assertIdTokenInAuthTokens, isTypeUserPoolConfig, oAuthTokenRefreshException, tokenRefreshException };\n","import { assertTokenProviderConfig } from '@aws-amplify/core/internals/utils';\nimport { getAuthStorageKeys } from '../tokenProvider/TokenStore.mjs';\nimport { OAuthStorageKeys } from './types.mjs';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nconst V5_HOSTED_UI_KEY = 'amplify-signin-with-hostedUI';\nconst name = 'CognitoIdentityServiceProvider';\nclass DefaultOAuthStore {\n constructor(keyValueStorage) {\n this.keyValueStorage = keyValueStorage;\n }\n async clearOAuthInflightData() {\n assertTokenProviderConfig(this.cognitoConfig);\n const authKeys = createKeysForAuthStorage(name, this.cognitoConfig.userPoolClientId);\n await Promise.all([this.keyValueStorage.removeItem(authKeys.inflightOAuth), this.keyValueStorage.removeItem(authKeys.oauthPKCE), this.keyValueStorage.removeItem(authKeys.oauthState)]);\n }\n async clearOAuthData() {\n assertTokenProviderConfig(this.cognitoConfig);\n const authKeys = createKeysForAuthStorage(name, this.cognitoConfig.userPoolClientId);\n await this.clearOAuthInflightData();\n await this.keyValueStorage.removeItem(V5_HOSTED_UI_KEY); // remove in case a customer migrated an App from v5 to v6\n return this.keyValueStorage.removeItem(authKeys.oauthSignIn);\n }\n loadOAuthState() {\n assertTokenProviderConfig(this.cognitoConfig);\n const authKeys = createKeysForAuthStorage(name, this.cognitoConfig.userPoolClientId);\n return this.keyValueStorage.getItem(authKeys.oauthState);\n }\n storeOAuthState(state) {\n assertTokenProviderConfig(this.cognitoConfig);\n const authKeys = createKeysForAuthStorage(name, this.cognitoConfig.userPoolClientId);\n return this.keyValueStorage.setItem(authKeys.oauthState, state);\n }\n loadPKCE() {\n assertTokenProviderConfig(this.cognitoConfig);\n const authKeys = createKeysForAuthStorage(name, this.cognitoConfig.userPoolClientId);\n return this.keyValueStorage.getItem(authKeys.oauthPKCE);\n }\n storePKCE(pkce) {\n assertTokenProviderConfig(this.cognitoConfig);\n const authKeys = createKeysForAuthStorage(name, this.cognitoConfig.userPoolClientId);\n return this.keyValueStorage.setItem(authKeys.oauthPKCE, pkce);\n }\n setAuthConfig(authConfigParam) {\n this.cognitoConfig = authConfigParam;\n }\n async loadOAuthInFlight() {\n assertTokenProviderConfig(this.cognitoConfig);\n const authKeys = createKeysForAuthStorage(name, this.cognitoConfig.userPoolClientId);\n return (await this.keyValueStorage.getItem(authKeys.inflightOAuth)) === 'true';\n }\n async storeOAuthInFlight(inflight) {\n assertTokenProviderConfig(this.cognitoConfig);\n const authKeys = createKeysForAuthStorage(name, this.cognitoConfig.userPoolClientId);\n await this.keyValueStorage.setItem(authKeys.inflightOAuth, `${inflight}`);\n }\n async loadOAuthSignIn() {\n assertTokenProviderConfig(this.cognitoConfig);\n const authKeys = createKeysForAuthStorage(name, this.cognitoConfig.userPoolClientId);\n const isLegacyHostedUISignIn = await this.keyValueStorage.getItem(V5_HOSTED_UI_KEY);\n const [isOAuthSignIn, preferPrivateSession] = (await this.keyValueStorage.getItem(authKeys.oauthSignIn))?.split(',') ?? [];\n return {\n isOAuthSignIn: isOAuthSignIn === 'true' || isLegacyHostedUISignIn === 'true',\n preferPrivateSession: preferPrivateSession === 'true'\n };\n }\n async storeOAuthSignIn(oauthSignIn, preferPrivateSession = false) {\n assertTokenProviderConfig(this.cognitoConfig);\n const authKeys = createKeysForAuthStorage(name, this.cognitoConfig.userPoolClientId);\n await this.keyValueStorage.setItem(authKeys.oauthSignIn, `${oauthSignIn},${preferPrivateSession}`);\n }\n}\nconst createKeysForAuthStorage = (provider, identifier) => {\n return getAuthStorageKeys(OAuthStorageKeys)(provider, identifier);\n};\nexport { DefaultOAuthStore };\n","import { defaultStorage } from '@aws-amplify/core';\nimport { DefaultOAuthStore } from '../signInWithRedirectStore.mjs';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nconst oAuthStore = new DefaultOAuthStore(defaultStorage);\nexport { oAuthStore };\n","import { AuthError } from '../../errors/AuthError.mjs';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nfunction getRegionFromUserPoolId(userPoolId) {\n const region = userPoolId?.split('_')[0];\n if (!userPoolId || userPoolId.indexOf('_') < 0 || !region || typeof region !== 'string') throw new AuthError({\n name: 'InvalidUserPoolId',\n message: 'Invalid user pool id provided.'\n });\n return region;\n}\nfunction getRegionFromIdentityPoolId(identityPoolId) {\n if (!identityPoolId || !identityPoolId.includes(':')) {\n throw new AuthError({\n name: 'InvalidIdentityPoolIdException',\n message: 'Invalid identity pool id provided.',\n recoverySuggestion: 'Make sure a valid identityPoolId is given in the config.'\n });\n }\n return identityPoolId.split(':')[0];\n}\nexport { getRegionFromIdentityPoolId, getRegionFromUserPoolId };\n","// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nconst createUserPoolSerializer = operation => (input, endpoint) => {\n const headers = getSharedHeaders(operation);\n const body = JSON.stringify(input);\n return buildHttpRpcRequest(endpoint, headers, body);\n};\nconst getSharedHeaders = operation => ({\n 'content-type': 'application/x-amz-json-1.1',\n 'x-amz-target': `AWSCognitoIdentityProviderService.${operation}`\n});\nconst buildHttpRpcRequest = ({\n url\n}, headers, body) => ({\n headers,\n url,\n body,\n method: 'POST'\n});\nexport { createUserPoolSerializer };\n","import { AmplifyErrorCode } from '@aws-amplify/core/internals/utils';\nimport { AuthError } from '../AuthError.mjs';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nfunction assertServiceError(error) {\n if (!error || error.name === 'Error' || error instanceof TypeError) {\n throw new AuthError({\n name: AmplifyErrorCode.Unknown,\n message: 'An unknown error has occurred.',\n underlyingError: error\n });\n }\n}\nexport { assertServiceError };\n","import { parseJsonError, parseJsonBody } from '@aws-amplify/core/internals/aws-client-utils';\nimport { assertServiceError } from '../../../../../../errors/utils/assertServiceError.mjs';\nimport { AuthError } from '../../../../../../errors/AuthError.mjs';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nconst createUserPoolDeserializer = () => async response => {\n if (response.statusCode >= 300) {\n const error = await parseJsonError(response);\n assertServiceError(error);\n throw new AuthError({\n name: error.name,\n message: error.message\n });\n }\n return parseJsonBody(response);\n};\nexport { createUserPoolDeserializer };\n","import { composeTransferHandler } from '@aws-amplify/core/internals/aws-client-utils/composers';\nimport { unauthenticatedHandler } from '@aws-amplify/core/internals/aws-client-utils';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n/**\n * A Cognito Identity-specific middleware that disables caching for all requests.\n */\nconst disableCacheMiddlewareFactory = () => (next, _) => async function disableCacheMiddleware(request) {\n request.headers['cache-control'] = 'no-store';\n return next(request);\n};\n/**\n * A Cognito Identity-specific transfer handler that does NOT sign requests, and\n * disables caching.\n *\n * @internal\n */\nconst cognitoUserPoolTransferHandler = composeTransferHandler(unauthenticatedHandler, [disableCacheMiddlewareFactory]);\nexport { cognitoUserPoolTransferHandler };\n","// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n/**\n * The service name used to sign requests if the API requires authentication.\n */\nconst COGNITO_IDP_SERVICE_NAME = 'cognito-idp';\nexport { COGNITO_IDP_SERVICE_NAME };\n","import { getRetryDecider, parseJsonError, jitteredBackoff } from '@aws-amplify/core/internals/aws-client-utils';\nimport { getAmplifyUserAgent } from '@aws-amplify/core/internals/utils';\nimport { COGNITO_IDP_SERVICE_NAME } from '../../../constants.mjs';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nconst DEFAULT_SERVICE_CLIENT_API_CONFIG = {\n service: COGNITO_IDP_SERVICE_NAME,\n retryDecider: getRetryDecider(parseJsonError),\n computeDelay: jitteredBackoff,\n userAgentValue: getAmplifyUserAgent(),\n cache: 'no-store'\n};\nexport { DEFAULT_SERVICE_CLIENT_API_CONFIG };\n","import { composeServiceApi } from '@aws-amplify/core/internals/aws-client-utils/composers';\nimport { createUserPoolSerializer } from './shared/serde/createUserPoolSerializer.mjs';\nimport { createUserPoolDeserializer } from './shared/serde/createUserPoolDeserializer.mjs';\nimport '@aws-amplify/core/internals/aws-client-utils';\nimport '@aws-amplify/core/internals/utils';\nimport { cognitoUserPoolTransferHandler } from './shared/handler/cognitoUserPoolTransferHandler.mjs';\nimport { DEFAULT_SERVICE_CLIENT_API_CONFIG } from './constants.mjs';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nconst createInitiateAuthClient = config => composeServiceApi(cognitoUserPoolTransferHandler, createUserPoolSerializer('InitiateAuth'), createUserPoolDeserializer(), {\n ...DEFAULT_SERVICE_CLIENT_API_CONFIG,\n ...config\n});\nexport { createInitiateAuthClient };\n","import { getDnsSuffix } from '@aws-amplify/core/internals/aws-client-utils';\nimport { AmplifyUrl } from '@aws-amplify/core/internals/utils';\nimport { COGNITO_IDP_SERVICE_NAME } from './constants.mjs';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nconst cognitoUserPoolEndpointResolver = ({\n region\n}) => ({\n url: new AmplifyUrl(`https://${COGNITO_IDP_SERVICE_NAME}.${region}.${getDnsSuffix(region)}`)\n});\nexport { cognitoUserPoolEndpointResolver };\n","import { AmplifyUrl } from '@aws-amplify/core/internals/utils';\nimport { cognitoUserPoolEndpointResolver } from '../../../foundation/cognitoUserPoolEndpointResolver.mjs';\nconst createCognitoUserPoolEndpointResolver = ({\n endpointOverride\n}) => input => {\n if (endpointOverride) {\n return {\n url: new AmplifyUrl(endpointOverride)\n };\n }\n return cognitoUserPoolEndpointResolver(input);\n};\nexport { createCognitoUserPoolEndpointResolver };\n","// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nfunction getUserContextData({\n username,\n userPoolId,\n userPoolClientId\n}) {\n if (typeof window === 'undefined') {\n return undefined;\n }\n const amazonCognitoAdvancedSecurityData = window.AmazonCognitoAdvancedSecurityData;\n if (typeof amazonCognitoAdvancedSecurityData === 'undefined') {\n return undefined;\n }\n const advancedSecurityData = amazonCognitoAdvancedSecurityData.getData(username, userPoolId, userPoolClientId);\n if (advancedSecurityData) {\n const userContextData = {\n EncodedData: advancedSecurityData\n };\n return userContextData;\n }\n return {};\n}\nexport { getUserContextData };\n","import { deDupeAsyncFunction, assertTokenProviderConfig, decodeJWT } from '@aws-amplify/core/internals/utils';\nimport { getRegionFromUserPoolId } from '../../../foundation/parsers/regionParsers.mjs';\nimport { assertAuthTokensWithRefreshToken } from './types.mjs';\nimport { AuthError } from '../../../errors/AuthError.mjs';\nimport { createInitiateAuthClient } from '../../../foundation/factories/serviceClients/cognitoIdentityProvider/createInitiateAuthClient.mjs';\nimport '@aws-amplify/core/internals/aws-client-utils/composers';\nimport '../../../foundation/factories/serviceClients/cognitoIdentityProvider/shared/handler/cognitoUserPoolTransferHandler.mjs';\nimport '@aws-amplify/core/internals/aws-client-utils';\nimport '../../../foundation/factories/serviceClients/cognitoIdentityProvider/constants.mjs';\nimport { createCognitoUserPoolEndpointResolver } from '../factories/createCognitoUserPoolEndpointResolver.mjs';\nimport { getUserContextData } from './userContextData.mjs';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nconst refreshAuthTokensFunction = async ({\n tokens,\n authConfig,\n username\n}) => {\n assertTokenProviderConfig(authConfig?.Cognito);\n const {\n userPoolId,\n userPoolClientId,\n userPoolEndpoint\n } = authConfig.Cognito;\n const region = getRegionFromUserPoolId(userPoolId);\n assertAuthTokensWithRefreshToken(tokens);\n const refreshTokenString = tokens.refreshToken;\n const AuthParameters = {\n REFRESH_TOKEN: refreshTokenString\n };\n if (tokens.deviceMetadata?.deviceKey) {\n AuthParameters.DEVICE_KEY = tokens.deviceMetadata.deviceKey;\n }\n const UserContextData = getUserContextData({\n username,\n userPoolId,\n userPoolClientId\n });\n const initiateAuth = createInitiateAuthClient({\n endpointResolver: createCognitoUserPoolEndpointResolver({\n endpointOverride: userPoolEndpoint\n })\n });\n const {\n AuthenticationResult\n } = await initiateAuth({\n region\n }, {\n ClientId: userPoolClientId,\n AuthFlow: 'REFRESH_TOKEN_AUTH',\n AuthParameters,\n UserContextData\n });\n const accessToken = decodeJWT(AuthenticationResult?.AccessToken ?? '');\n const idToken = AuthenticationResult?.IdToken ? decodeJWT(AuthenticationResult.IdToken) : undefined;\n const {\n iat\n } = accessToken.payload;\n // This should never happen. If it does, it's a bug from the service.\n if (!iat) {\n throw new AuthError({\n name: 'iatNotFoundException',\n message: 'iat not found in access token'\n });\n }\n const clockDrift = iat * 1000 - new Date().getTime();\n return {\n accessToken,\n idToken,\n clockDrift,\n refreshToken: refreshTokenString,\n username\n };\n};\nconst refreshAuthTokens = deDupeAsyncFunction(refreshAuthTokensFunction);\nconst refreshAuthTokensWithoutDedupe = refreshAuthTokensFunction;\nexport { refreshAuthTokens, refreshAuthTokensWithoutDedupe };\n","// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nconst inflightPromises = [];\nconst addInflightPromise = resolver => {\n inflightPromises.push(resolver);\n};\nconst resolveAndClearInflightPromises = () => {\n while (inflightPromises.length) {\n inflightPromises.pop()?.();\n }\n};\nexport { addInflightPromise, resolveAndClearInflightPromises };\n","import { Hub } from '@aws-amplify/core';\nimport { isBrowser, assertTokenProviderConfig, isTokenExpired, AMPLIFY_SYMBOL } from '@aws-amplify/core/internals/utils';\nimport { assertServiceError } from '../../../errors/utils/assertServiceError.mjs';\nimport { AuthError } from '../../../errors/AuthError.mjs';\nimport { oAuthStore } from '../utils/oauth/oAuthStore.mjs';\nimport { addInflightPromise } from '../utils/oauth/inflightPromise.mjs';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nclass TokenOrchestrator {\n constructor() {\n this.waitForInflightOAuth = isBrowser() ? async () => {\n if (!(await oAuthStore.loadOAuthInFlight())) {\n return;\n }\n if (this.inflightPromise) {\n return this.inflightPromise;\n }\n // when there is valid oauth config and there is an inflight oauth flow, try\n // to block async calls that require fetching tokens before the oauth flow completes\n // e.g. getCurrentUser, fetchAuthSession etc.\n this.inflightPromise = new Promise((resolve, _reject) => {\n addInflightPromise(resolve);\n });\n return this.inflightPromise;\n } : async () => {\n // no-op for non-browser environments\n };\n }\n setAuthConfig(authConfig) {\n oAuthStore.setAuthConfig(authConfig.Cognito);\n this.authConfig = authConfig;\n }\n setTokenRefresher(tokenRefresher) {\n this.tokenRefresher = tokenRefresher;\n }\n setAuthTokenStore(tokenStore) {\n this.tokenStore = tokenStore;\n }\n getTokenStore() {\n if (!this.tokenStore) {\n throw new AuthError({\n name: 'EmptyTokenStoreException',\n message: 'TokenStore not set'\n });\n }\n return this.tokenStore;\n }\n getTokenRefresher() {\n if (!this.tokenRefresher) {\n throw new AuthError({\n name: 'EmptyTokenRefresherException',\n message: 'TokenRefresher not set'\n });\n }\n return this.tokenRefresher;\n }\n async getTokens(options) {\n let tokens;\n try {\n assertTokenProviderConfig(this.authConfig?.Cognito);\n } catch (_err) {\n // Token provider not configured\n return null;\n }\n await this.waitForInflightOAuth();\n this.inflightPromise = undefined;\n tokens = await this.getTokenStore().loadTokens();\n const username = await this.getTokenStore().getLastAuthUser();\n if (tokens === null) {\n return null;\n }\n const idTokenExpired = !!tokens?.idToken && isTokenExpired({\n expiresAt: (tokens.idToken?.payload?.exp ?? 0) * 1000,\n clockDrift: tokens.clockDrift ?? 0\n });\n const accessTokenExpired = isTokenExpired({\n expiresAt: (tokens.accessToken?.payload?.exp ?? 0) * 1000,\n clockDrift: tokens.clockDrift ?? 0\n });\n if (options?.forceRefresh || idTokenExpired || accessTokenExpired) {\n tokens = await this.refreshTokens({\n tokens,\n username\n });\n if (tokens === null) {\n return null;\n }\n }\n return {\n accessToken: tokens?.accessToken,\n idToken: tokens?.idToken,\n signInDetails: tokens?.signInDetails\n };\n }\n async refreshTokens({\n tokens,\n username\n }) {\n try {\n const {\n signInDetails\n } = tokens;\n const newTokens = await this.getTokenRefresher()({\n tokens,\n authConfig: this.authConfig,\n username\n });\n newTokens.signInDetails = signInDetails;\n await this.setTokens({\n tokens: newTokens\n });\n Hub.dispatch('auth', {\n event: 'tokenRefresh'\n }, 'Auth', AMPLIFY_SYMBOL);\n return newTokens;\n } catch (err) {\n return this.handleErrors(err);\n }\n }\n handleErrors(err) {\n assertServiceError(err);\n if (err.message !== 'Network error') {\n // TODO(v6): Check errors on client\n this.clearTokens();\n }\n Hub.dispatch('auth', {\n event: 'tokenRefresh_failure',\n data: {\n error: err\n }\n }, 'Auth', AMPLIFY_SYMBOL);\n if (err.name.startsWith('NotAuthorizedException')) {\n return null;\n }\n throw err;\n }\n async setTokens({\n tokens\n }) {\n return this.getTokenStore().storeTokens(tokens);\n }\n async clearTokens() {\n return this.getTokenStore().clearTokens();\n }\n getDeviceMetadata(username) {\n return this.getTokenStore().getDeviceMetadata(username);\n }\n clearDeviceMetadata(username) {\n return this.getTokenStore().clearDeviceMetadata(username);\n }\n setOAuthMetadata(metadata) {\n return this.getTokenStore().setOAuthMetadata(metadata);\n }\n getOAuthMetadata() {\n return this.getTokenStore().getOAuthMetadata();\n }\n}\nexport { TokenOrchestrator };\n","import { defaultStorage } from '@aws-amplify/core';\nimport { refreshAuthTokens } from '../utils/refreshAuthTokens.mjs';\nimport { DefaultTokenStore } from './TokenStore.mjs';\nimport { TokenOrchestrator } from './TokenOrchestrator.mjs';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nclass CognitoUserPoolsTokenProvider {\n constructor() {\n this.authTokenStore = new DefaultTokenStore();\n this.authTokenStore.setKeyValueStorage(defaultStorage);\n this.tokenOrchestrator = new TokenOrchestrator();\n this.tokenOrchestrator.setAuthTokenStore(this.authTokenStore);\n this.tokenOrchestrator.setTokenRefresher(refreshAuthTokens);\n }\n getTokens({\n forceRefresh\n } = {\n forceRefresh: false\n }) {\n return this.tokenOrchestrator.getTokens({\n forceRefresh\n });\n }\n setKeyValueStorage(keyValueStorage) {\n this.authTokenStore.setKeyValueStorage(keyValueStorage);\n }\n setAuthConfig(authConfig) {\n this.authTokenStore.setAuthConfig(authConfig);\n this.tokenOrchestrator.setAuthConfig(authConfig);\n }\n}\nexport { CognitoUserPoolsTokenProvider };\n","import { CognitoUserPoolsTokenProvider } from './CognitoUserPoolsTokenProvider.mjs';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n/**\n * The default provider for the JWT access token and ID token issued from the configured Cognito user pool. It manages\n * the refresh and storage of the tokens. It stores the tokens in `window.localStorage` if available, and falls back to\n * in-memory storage if not.\n */\nconst cognitoUserPoolsTokenProvider = new CognitoUserPoolsTokenProvider();\nconst {\n tokenOrchestrator\n} = cognitoUserPoolsTokenProvider;\nexport { cognitoUserPoolsTokenProvider, tokenOrchestrator };\n","import { decodeJWT, AmplifyError } from '@aws-amplify/core/internals/utils';\nimport { tokenOrchestrator } from './tokenProvider.mjs';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nasync function cacheCognitoTokens(AuthenticationResult) {\n if (AuthenticationResult.AccessToken) {\n const accessToken = decodeJWT(AuthenticationResult.AccessToken);\n const accessTokenIssuedAtInMillis = (accessToken.payload.iat || 0) * 1000;\n const currentTime = new Date().getTime();\n const clockDrift = accessTokenIssuedAtInMillis > 0 ? accessTokenIssuedAtInMillis - currentTime : 0;\n let idToken;\n let refreshToken;\n let deviceMetadata;\n if (AuthenticationResult.RefreshToken) {\n refreshToken = AuthenticationResult.RefreshToken;\n }\n if (AuthenticationResult.IdToken) {\n idToken = decodeJWT(AuthenticationResult.IdToken);\n }\n if (AuthenticationResult?.NewDeviceMetadata) {\n deviceMetadata = AuthenticationResult.NewDeviceMetadata;\n }\n const tokens = {\n accessToken,\n idToken,\n refreshToken,\n clockDrift,\n deviceMetadata,\n username: AuthenticationResult.username\n };\n if (AuthenticationResult?.signInDetails) {\n tokens.signInDetails = AuthenticationResult.signInDetails;\n }\n await tokenOrchestrator.setTokens({\n tokens\n });\n } else {\n // This would be a service error\n throw new AmplifyError({\n message: 'Invalid tokens',\n name: 'InvalidTokens',\n recoverySuggestion: 'Check Cognito UserPool settings'\n });\n }\n}\nexport { cacheCognitoTokens };\n","import { assertTokenProviderConfig } from '@aws-amplify/core/internals/utils';\nimport { assertAuthTokens } from '../../utils/types.mjs';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nconst getCurrentUser = async amplify => {\n const authConfig = amplify.getConfig().Auth?.Cognito;\n assertTokenProviderConfig(authConfig);\n const tokens = await amplify.Auth.getTokens({\n forceRefresh: false\n });\n assertAuthTokens(tokens);\n const {\n 'cognito:username': username,\n sub\n } = tokens.idToken?.payload ?? {};\n const authUser = {\n username: username,\n userId: sub\n };\n const signInDetails = getSignInDetailsFromTokens(tokens);\n if (signInDetails) {\n authUser.signInDetails = signInDetails;\n }\n return authUser;\n};\nfunction getSignInDetailsFromTokens(tokens) {\n return tokens?.signInDetails;\n}\nexport { getCurrentUser };\n","import { Amplify } from '@aws-amplify/core';\nimport { getCurrentUser as getCurrentUser$1 } from './internal/getCurrentUser.mjs';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n/**\n * Gets the current user from the idToken.\n *\n * @param input - The GetCurrentUserInput object.\n * @returns GetCurrentUserOutput\n * @throws - {@link InitiateAuthException} - Thrown when the service fails to refresh the tokens.\n * @throws AuthTokenConfigException - Thrown when the token provider config is invalid.\n */\nconst getCurrentUser = async () => {\n return getCurrentUser$1(Amplify);\n};\nexport { getCurrentUser };\n","import { Hub } from '@aws-amplify/core';\nimport { AMPLIFY_SYMBOL } from '@aws-amplify/core/internals/utils';\nimport { getCurrentUser } from '../apis/getCurrentUser.mjs';\nimport { USER_UNAUTHENTICATED_EXCEPTION, UNEXPECTED_SIGN_IN_INTERRUPTION_EXCEPTION } from '../../../errors/constants.mjs';\nimport { AuthError } from '../../../errors/AuthError.mjs';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nconst ERROR_MESSAGE = 'Unable to get user session following successful sign-in.';\nconst dispatchSignedInHubEvent = async () => {\n try {\n Hub.dispatch('auth', {\n event: 'signedIn',\n data: await getCurrentUser()\n }, 'Auth', AMPLIFY_SYMBOL);\n } catch (error) {\n if (error.name === USER_UNAUTHENTICATED_EXCEPTION) {\n throw new AuthError({\n name: UNEXPECTED_SIGN_IN_INTERRUPTION_EXCEPTION,\n message: ERROR_MESSAGE,\n recoverySuggestion: 'This most likely is due to auth tokens not being persisted. If you are using cookie store, please ensure cookies can be correctly set from your server.'\n });\n }\n throw error;\n }\n};\nexport { ERROR_MESSAGE, dispatchSignedInHubEvent };\n","// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nvar AuthValidationErrorCode = /*#__PURE__*/function (AuthValidationErrorCode) {\n AuthValidationErrorCode[\"EmptySignInUsername\"] = \"EmptySignInUsername\";\n AuthValidationErrorCode[\"EmptySignInPassword\"] = \"EmptySignInPassword\";\n AuthValidationErrorCode[\"CustomAuthSignInPassword\"] = \"CustomAuthSignInPassword\";\n AuthValidationErrorCode[\"EmptySignUpUsername\"] = \"EmptySignUpUsername\";\n AuthValidationErrorCode[\"EmptySignUpPassword\"] = \"EmptySignUpPassword\";\n AuthValidationErrorCode[\"EmptyConfirmSignUpUsername\"] = \"EmptyConfirmSignUpUsername\";\n AuthValidationErrorCode[\"EmptyConfirmSignUpCode\"] = \"EmptyConfirmSignUpCode\";\n AuthValidationErrorCode[\"EmptyResendSignUpCodeUsername\"] = \"EmptyresendSignUpCodeUsername\";\n AuthValidationErrorCode[\"EmptyChallengeResponse\"] = \"EmptyChallengeResponse\";\n AuthValidationErrorCode[\"EmptyConfirmResetPasswordUsername\"] = \"EmptyConfirmResetPasswordUsername\";\n AuthValidationErrorCode[\"EmptyConfirmResetPasswordNewPassword\"] = \"EmptyConfirmResetPasswordNewPassword\";\n AuthValidationErrorCode[\"EmptyConfirmResetPasswordConfirmationCode\"] = \"EmptyConfirmResetPasswordConfirmationCode\";\n AuthValidationErrorCode[\"EmptyResetPasswordUsername\"] = \"EmptyResetPasswordUsername\";\n AuthValidationErrorCode[\"EmptyVerifyTOTPSetupCode\"] = \"EmptyVerifyTOTPSetupCode\";\n AuthValidationErrorCode[\"EmptyConfirmUserAttributeCode\"] = \"EmptyConfirmUserAttributeCode\";\n AuthValidationErrorCode[\"IncorrectMFAMethod\"] = \"IncorrectMFAMethod\";\n AuthValidationErrorCode[\"EmptyUpdatePassword\"] = \"EmptyUpdatePassword\";\n return AuthValidationErrorCode;\n}(AuthValidationErrorCode || {});\nexport { AuthValidationErrorCode };\n","import { AuthValidationErrorCode } from '../errors/types/validation.mjs';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nconst validationErrorMap = {\n [AuthValidationErrorCode.EmptyChallengeResponse]: {\n message: 'challengeResponse is required to confirmSignIn'\n },\n [AuthValidationErrorCode.EmptyConfirmResetPasswordUsername]: {\n message: 'username is required to confirmResetPassword'\n },\n [AuthValidationErrorCode.EmptyConfirmSignUpCode]: {\n message: 'code is required to confirmSignUp'\n },\n [AuthValidationErrorCode.EmptyConfirmSignUpUsername]: {\n message: 'username is required to confirmSignUp'\n },\n [AuthValidationErrorCode.EmptyConfirmResetPasswordConfirmationCode]: {\n message: 'confirmationCode is required to confirmResetPassword'\n },\n [AuthValidationErrorCode.EmptyConfirmResetPasswordNewPassword]: {\n message: 'newPassword is required to confirmResetPassword'\n },\n [AuthValidationErrorCode.EmptyResendSignUpCodeUsername]: {\n message: 'username is required to confirmSignUp'\n },\n [AuthValidationErrorCode.EmptyResetPasswordUsername]: {\n message: 'username is required to resetPassword'\n },\n [AuthValidationErrorCode.EmptySignInPassword]: {\n message: 'password is required to signIn'\n },\n [AuthValidationErrorCode.EmptySignInUsername]: {\n message: 'username is required to signIn'\n },\n [AuthValidationErrorCode.EmptySignUpPassword]: {\n message: 'password is required to signUp'\n },\n [AuthValidationErrorCode.EmptySignUpUsername]: {\n message: 'username is required to signUp'\n },\n [AuthValidationErrorCode.CustomAuthSignInPassword]: {\n message: 'A password is not needed when signing in with CUSTOM_WITHOUT_SRP',\n recoverySuggestion: 'Do not include a password in your signIn call.'\n },\n [AuthValidationErrorCode.IncorrectMFAMethod]: {\n message: 'Incorrect MFA method was chosen. It should be either SMS or TOTP',\n recoverySuggestion: 'Try to pass TOTP or SMS as the challengeResponse'\n },\n [AuthValidationErrorCode.EmptyVerifyTOTPSetupCode]: {\n message: 'code is required to verifyTotpSetup'\n },\n [AuthValidationErrorCode.EmptyUpdatePassword]: {\n message: 'oldPassword and newPassword are required to changePassword'\n },\n [AuthValidationErrorCode.EmptyConfirmUserAttributeCode]: {\n message: 'confirmation code is required to confirmUserAttribute'\n }\n};\n// TODO: delete this code when the Auth class is removed.\nvar AuthErrorStrings = /*#__PURE__*/function (AuthErrorStrings) {\n AuthErrorStrings[\"DEFAULT_MSG\"] = \"Authentication Error\";\n AuthErrorStrings[\"EMPTY_EMAIL\"] = \"Email cannot be empty\";\n AuthErrorStrings[\"EMPTY_PHONE\"] = \"Phone number cannot be empty\";\n AuthErrorStrings[\"EMPTY_USERNAME\"] = \"Username cannot be empty\";\n AuthErrorStrings[\"INVALID_USERNAME\"] = \"The username should either be a string or one of the sign in types\";\n AuthErrorStrings[\"EMPTY_PASSWORD\"] = \"Password cannot be empty\";\n AuthErrorStrings[\"EMPTY_CODE\"] = \"Confirmation code cannot be empty\";\n AuthErrorStrings[\"SIGN_UP_ERROR\"] = \"Error creating account\";\n AuthErrorStrings[\"NO_MFA\"] = \"No valid MFA method provided\";\n AuthErrorStrings[\"INVALID_MFA\"] = \"Invalid MFA type\";\n AuthErrorStrings[\"EMPTY_CHALLENGE\"] = \"Challenge response cannot be empty\";\n AuthErrorStrings[\"NO_USER_SESSION\"] = \"Failed to get the session because the user is empty\";\n AuthErrorStrings[\"NETWORK_ERROR\"] = \"Network Error\";\n AuthErrorStrings[\"DEVICE_CONFIG\"] = \"Device tracking has not been configured in this User Pool\";\n AuthErrorStrings[\"AUTOSIGNIN_ERROR\"] = \"Please use your credentials to sign in\";\n AuthErrorStrings[\"OAUTH_ERROR\"] = \"Couldn't finish OAuth flow, check your User Pool HostedUI settings\";\n return AuthErrorStrings;\n}(AuthErrorStrings || {});\nvar AuthErrorCodes = /*#__PURE__*/function (AuthErrorCodes) {\n AuthErrorCodes[\"SignInException\"] = \"SignInException\";\n AuthErrorCodes[\"OAuthSignInError\"] = \"OAuthSignInException\";\n return AuthErrorCodes;\n}(AuthErrorCodes || {});\nexport { AuthErrorCodes, AuthErrorStrings, validationErrorMap };\n","import { ConsoleLogger } from '@aws-amplify/core';\nimport { AuthErrorStrings } from './common/AuthErrorStrings.mjs';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n// TODO: delete this module when the Auth class is removed.\nconst logger = new ConsoleLogger('AuthError');\nclass AuthError extends Error {\n constructor(type) {\n const {\n message,\n log\n } = authErrorMessages[type];\n super(message);\n // Hack for making the custom error class work when transpiled to es5\n // TODO: Delete the following 2 lines after we change the build target to >= es2015\n this.constructor = AuthError;\n Object.setPrototypeOf(this, AuthError.prototype);\n this.name = 'AuthError';\n this.log = log || message;\n logger.error(this.log);\n }\n}\nclass NoUserPoolError extends AuthError {\n constructor(type) {\n super(type);\n // Hack for making the custom error class work when transpiled to es5\n // TODO: Delete the following 2 lines after we change the build target to >= es2015\n this.constructor = NoUserPoolError;\n Object.setPrototypeOf(this, NoUserPoolError.prototype);\n this.name = 'NoUserPoolError';\n }\n}\nconst authErrorMessages = {\n oauthSignInError: {\n message: AuthErrorStrings.OAUTH_ERROR,\n log: 'Make sure Cognito Hosted UI has been configured correctly'\n },\n noConfig: {\n message: AuthErrorStrings.DEFAULT_MSG,\n log: `\n Error: Amplify has not been configured correctly.\n This error is typically caused by one of the following scenarios:\n\n 1. Make sure you're passing the awsconfig object to Amplify.configure() in your app's entry point\n See https://aws-amplify.github.io/docs/js/authentication#configure-your-app for more information\n \n 2. There might be multiple conflicting versions of amplify packages in your node_modules.\n\t\t\t\tRefer to our docs site for help upgrading Amplify packages (https://docs.amplify.aws/lib/troubleshooting/upgrading/q/platform/js)\n `\n },\n missingAuthConfig: {\n message: AuthErrorStrings.DEFAULT_MSG,\n log: `\n Error: Amplify has not been configured correctly. \n The configuration object is missing required auth properties.\n This error is typically caused by one of the following scenarios:\n\n 1. Did you run \\`amplify push\\` after adding auth via \\`amplify add auth\\`?\n See https://aws-amplify.github.io/docs/js/authentication#amplify-project-setup for more information\n\n 2. This could also be caused by multiple conflicting versions of amplify packages, see (https://docs.amplify.aws/lib/troubleshooting/upgrading/q/platform/js) for help upgrading Amplify packages.\n `\n },\n emptyUsername: {\n message: AuthErrorStrings.EMPTY_USERNAME\n },\n // TODO: should include a list of valid sign-in types\n invalidUsername: {\n message: AuthErrorStrings.INVALID_USERNAME\n },\n emptyPassword: {\n message: AuthErrorStrings.EMPTY_PASSWORD\n },\n emptyCode: {\n message: AuthErrorStrings.EMPTY_CODE\n },\n signUpError: {\n message: AuthErrorStrings.SIGN_UP_ERROR,\n log: 'The first parameter should either be non-null string or object'\n },\n noMFA: {\n message: AuthErrorStrings.NO_MFA\n },\n invalidMFA: {\n message: AuthErrorStrings.INVALID_MFA\n },\n emptyChallengeResponse: {\n message: AuthErrorStrings.EMPTY_CHALLENGE\n },\n noUserSession: {\n message: AuthErrorStrings.NO_USER_SESSION\n },\n deviceConfig: {\n message: AuthErrorStrings.DEVICE_CONFIG\n },\n networkError: {\n message: AuthErrorStrings.NETWORK_ERROR\n },\n autoSignInError: {\n message: AuthErrorStrings.AUTOSIGNIN_ERROR\n },\n default: {\n message: AuthErrorStrings.DEFAULT_MSG\n }\n};\nexport { AuthError, NoUserPoolError, authErrorMessages };\n","import { authErrorMessages } from '../../../../Errors.mjs';\nimport { AuthErrorCodes } from '../../../../common/AuthErrorStrings.mjs';\nimport { AuthError } from '../../../../errors/AuthError.mjs';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nconst createOAuthError = (message, recoverySuggestion) => new AuthError({\n message: message ?? 'An error has occurred during the oauth process.',\n name: AuthErrorCodes.OAuthSignInError,\n recoverySuggestion: recoverySuggestion ?? authErrorMessages.oauthSignInError.log\n});\nexport { createOAuthError };\n","// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nvar AuthErrorTypes = /*#__PURE__*/function (AuthErrorTypes) {\n AuthErrorTypes[\"NoConfig\"] = \"noConfig\";\n AuthErrorTypes[\"MissingAuthConfig\"] = \"missingAuthConfig\";\n AuthErrorTypes[\"EmptyUsername\"] = \"emptyUsername\";\n AuthErrorTypes[\"InvalidUsername\"] = \"invalidUsername\";\n AuthErrorTypes[\"EmptyPassword\"] = \"emptyPassword\";\n AuthErrorTypes[\"EmptyCode\"] = \"emptyCode\";\n AuthErrorTypes[\"SignUpError\"] = \"signUpError\";\n AuthErrorTypes[\"NoMFA\"] = \"noMFA\";\n AuthErrorTypes[\"InvalidMFA\"] = \"invalidMFA\";\n AuthErrorTypes[\"EmptyChallengeResponse\"] = \"emptyChallengeResponse\";\n AuthErrorTypes[\"NoUserSession\"] = \"noUserSession\";\n AuthErrorTypes[\"Default\"] = \"default\";\n AuthErrorTypes[\"DeviceConfig\"] = \"deviceConfig\";\n AuthErrorTypes[\"NetworkError\"] = \"networkError\";\n AuthErrorTypes[\"AutoSignInError\"] = \"autoSignInError\";\n AuthErrorTypes[\"OAuthSignInError\"] = \"oauthSignInError\";\n return AuthErrorTypes;\n}(AuthErrorTypes || {});\nexport { AuthErrorTypes };\n","import { AuthError } from '../../../../errors/AuthError.mjs';\nimport { AuthErrorTypes } from '../../../../types/Auth.mjs';\nimport { oAuthStore } from './oAuthStore.mjs';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nconst flowCancelledMessage = '`signInWithRedirect` has been canceled.';\nconst validationFailedMessage = 'An error occurred while validating the state.';\nconst validationRecoverySuggestion = 'Try to initiate an OAuth flow from Amplify';\nconst validateState = async state => {\n const savedState = await oAuthStore.loadOAuthState();\n // This is because savedState only exists if the flow was initiated by Amplify\n const validatedState = state === savedState ? savedState : undefined;\n if (!validatedState) {\n throw new AuthError({\n name: AuthErrorTypes.OAuthSignInError,\n message: state === null ? flowCancelledMessage : validationFailedMessage,\n recoverySuggestion: state === null ? undefined : validationRecoverySuggestion\n });\n }\n return validatedState;\n};\nexport { flowCancelledMessage, validateState, validationFailedMessage, validationRecoverySuggestion };\n","import { AmplifyUrl, USER_AGENT_HEADER, urlSafeDecode, AMPLIFY_SYMBOL } from '@aws-amplify/core/internals/utils';\nimport { decodeJWT, Hub } from '@aws-amplify/core';\nimport { cacheCognitoTokens } from '../../tokenProvider/cacheTokens.mjs';\nimport { dispatchSignedInHubEvent } from '../dispatchSignedInHubEvent.mjs';\nimport '../refreshAuthTokens.mjs';\nimport '../../tokenProvider/errorHelpers.mjs';\nimport { oAuthStore } from './oAuthStore.mjs';\nimport { resolveAndClearInflightPromises } from './inflightPromise.mjs';\nimport { tokenOrchestrator } from '../../tokenProvider/tokenProvider.mjs';\nimport { createOAuthError } from './createOAuthError.mjs';\nimport { validateState } from './validateState.mjs';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nconst completeOAuthFlow = async ({\n currentUrl,\n userAgentValue,\n clientId,\n redirectUri,\n responseType,\n domain,\n preferPrivateSession\n}) => {\n const urlParams = new AmplifyUrl(currentUrl);\n const error = urlParams.searchParams.get('error');\n const errorMessage = urlParams.searchParams.get('error_description');\n if (error) {\n throw createOAuthError(errorMessage ?? error);\n }\n if (responseType === 'code') {\n return handleCodeFlow({\n currentUrl,\n userAgentValue,\n clientId,\n redirectUri,\n domain,\n preferPrivateSession\n });\n }\n return handleImplicitFlow({\n currentUrl,\n redirectUri,\n preferPrivateSession\n });\n};\nconst handleCodeFlow = async ({\n currentUrl,\n userAgentValue,\n clientId,\n redirectUri,\n domain,\n preferPrivateSession\n}) => {\n /* Convert URL into an object with parameters as keys\n { redirect_uri: 'http://localhost:3000/', response_type: 'code', ...} */\n const url = new AmplifyUrl(currentUrl);\n const code = url.searchParams.get('code');\n const state = url.searchParams.get('state');\n // if `code` or `state` is not presented in the redirect url, most likely\n // that the end user cancelled the inflight oauth flow by:\n // 1. clicking the back button of browser\n // 2. closing the provider hosted UI page and coming back to the app\n if (!code || !state) {\n throw createOAuthError('User cancelled OAuth flow.');\n }\n // may throw error is being caught in attemptCompleteOAuthFlow.ts\n const validatedState = await validateState(state);\n const oAuthTokenEndpoint = 'https://' + domain + '/oauth2/token';\n // TODO(v6): check hub events\n // dispatchAuthEvent(\n // \t'codeFlow',\n // \t{},\n // \t`Retrieving tokens from ${oAuthTokenEndpoint}`\n // );\n const codeVerifier = await oAuthStore.loadPKCE();\n const oAuthTokenBody = {\n grant_type: 'authorization_code',\n code,\n client_id: clientId,\n redirect_uri: redirectUri,\n ...(codeVerifier ? {\n code_verifier: codeVerifier\n } : {})\n };\n const body = Object.entries(oAuthTokenBody).map(([k, v]) => `${encodeURIComponent(k)}=${encodeURIComponent(v)}`).join('&');\n const {\n access_token,\n refresh_token: refreshToken,\n id_token,\n error,\n error_message: errorMessage,\n token_type,\n expires_in\n } = await (await fetch(oAuthTokenEndpoint, {\n method: 'POST',\n headers: {\n 'Content-Type': 'application/x-www-form-urlencoded',\n [USER_AGENT_HEADER]: userAgentValue\n },\n body\n })).json();\n if (error) {\n // error is being caught in attemptCompleteOAuthFlow.ts\n throw createOAuthError(errorMessage ?? error);\n }\n const username = (access_token && decodeJWT(access_token).payload.username) ?? 'username';\n await cacheCognitoTokens({\n username,\n AccessToken: access_token,\n IdToken: id_token,\n RefreshToken: refreshToken,\n TokenType: token_type,\n ExpiresIn: expires_in\n });\n return completeFlow({\n redirectUri,\n state: validatedState,\n preferPrivateSession\n });\n};\nconst handleImplicitFlow = async ({\n currentUrl,\n redirectUri,\n preferPrivateSession\n}) => {\n // hash is `null` if `#` doesn't exist on URL\n const url = new AmplifyUrl(currentUrl);\n const {\n id_token,\n access_token,\n state,\n token_type,\n expires_in,\n error_description,\n error\n } = (url.hash ?? '#').substring(1) // Remove # from returned code\n .split('&').map(pairings => pairings.split('=')).reduce((accum, [k, v]) => ({\n ...accum,\n [k]: v\n }), {\n id_token: undefined,\n access_token: undefined,\n state: undefined,\n token_type: undefined,\n expires_in: undefined,\n error_description: undefined,\n error: undefined\n });\n if (error) {\n throw createOAuthError(error_description ?? error);\n }\n if (!access_token) {\n // error is being caught in attemptCompleteOAuthFlow.ts\n throw createOAuthError('No access token returned from OAuth flow.');\n }\n const validatedState = await validateState(state);\n const username = (access_token && decodeJWT(access_token).payload.username) ?? 'username';\n await cacheCognitoTokens({\n username,\n AccessToken: access_token,\n IdToken: id_token,\n TokenType: token_type,\n ExpiresIn: expires_in\n });\n return completeFlow({\n redirectUri,\n state: validatedState,\n preferPrivateSession\n });\n};\nconst completeFlow = async ({\n redirectUri,\n state,\n preferPrivateSession\n}) => {\n await tokenOrchestrator.setOAuthMetadata({\n oauthSignIn: true\n });\n await oAuthStore.clearOAuthData();\n await oAuthStore.storeOAuthSignIn(true, preferPrivateSession);\n // this should be called before any call that involves `fetchAuthSession`\n // e.g. `getCurrentUser()` below, so it allows every inflight async calls to\n // `fetchAuthSession` can be resolved\n resolveAndClearInflightPromises();\n if (isCustomState(state)) {\n Hub.dispatch('auth', {\n event: 'customOAuthState',\n data: urlSafeDecode(getCustomState(state))\n }, 'Auth', AMPLIFY_SYMBOL);\n }\n Hub.dispatch('auth', {\n event: 'signInWithRedirect'\n }, 'Auth', AMPLIFY_SYMBOL);\n await dispatchSignedInHubEvent();\n clearHistory(redirectUri);\n};\nconst isCustomState = state => {\n return /-/.test(state);\n};\nconst getCustomState = state => {\n return state.split('-').splice(1).join('-');\n};\nconst clearHistory = redirectUri => {\n if (typeof window !== 'undefined' && typeof window.history !== 'undefined') {\n window.history.replaceState(window.history.state, '', redirectUri);\n }\n};\nexport { completeOAuthFlow };\n","import { invalidPreferredRedirectUrlException, invalidOriginException, invalidRedirectException } from '../../../../errors/constants.mjs';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n/** @internal */\nfunction getRedirectUrl(redirects, preferredRedirectUrl) {\n if (preferredRedirectUrl) {\n const redirectUrl = redirects?.find(redirect => redirect === preferredRedirectUrl);\n if (!redirectUrl) {\n throw invalidPreferredRedirectUrlException;\n }\n return redirectUrl;\n } else {\n const redirectUrlFromTheSameOrigin = redirects?.find(isSameOriginAndPathName) ?? redirects?.find(isTheSameDomain);\n const redirectUrlFromDifferentOrigin = redirects?.find(isHttps) ?? redirects?.find(isHttp);\n if (redirectUrlFromTheSameOrigin) {\n return redirectUrlFromTheSameOrigin;\n } else if (redirectUrlFromDifferentOrigin) {\n throw invalidOriginException;\n }\n throw invalidRedirectException;\n }\n}\n// origin + pathname => https://example.com/app\nconst isSameOriginAndPathName = redirect => redirect.startsWith(String(window.location.origin + window.location.pathname ?? '/'));\n// domain => outlook.live.com, github.com\nconst isTheSameDomain = redirect => redirect.includes(String(window.location.hostname));\nconst isHttp = redirect => redirect.startsWith('http://');\nconst isHttps = redirect => redirect.startsWith('https://');\nexport { getRedirectUrl };\n","import { Hub } from '@aws-amplify/core';\nimport { AMPLIFY_SYMBOL } from '@aws-amplify/core/internals/utils';\nimport { oAuthStore } from './oAuthStore.mjs';\nimport { resolveAndClearInflightPromises } from './inflightPromise.mjs';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nconst handleFailure = async error => {\n resolveAndClearInflightPromises();\n await oAuthStore.clearOAuthInflightData();\n Hub.dispatch('auth', {\n event: 'signInWithRedirect_failure',\n data: {\n error\n }\n }, 'Auth', AMPLIFY_SYMBOL);\n};\nexport { handleFailure };\n","import { assertTokenProviderConfig, assertOAuthConfig, AuthAction } from '@aws-amplify/core/internals/utils';\nimport { getAuthUserAgentValue } from '../../../../utils/getAuthUserAgentValue.mjs';\nimport { oAuthStore } from './oAuthStore.mjs';\nimport { completeOAuthFlow } from './completeOAuthFlow.mjs';\nimport { getRedirectUrl } from './getRedirectUrl.mjs';\nimport { handleFailure } from './handleFailure.mjs';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nconst attemptCompleteOAuthFlow = async authConfig => {\n try {\n assertTokenProviderConfig(authConfig);\n assertOAuthConfig(authConfig);\n oAuthStore.setAuthConfig(authConfig);\n } catch (_) {\n // no-op\n // This should not happen as Amplify singleton checks the oauth config key\n // unless the oauth config object doesn't contain required properties\n return;\n }\n // No inflight OAuth\n if (!(await oAuthStore.loadOAuthInFlight())) {\n return;\n }\n try {\n const currentUrl = window.location.href;\n const {\n loginWith,\n userPoolClientId\n } = authConfig;\n const {\n domain,\n redirectSignIn,\n responseType\n } = loginWith.oauth;\n const redirectUri = getRedirectUrl(redirectSignIn);\n await completeOAuthFlow({\n currentUrl,\n clientId: userPoolClientId,\n domain,\n redirectUri,\n responseType,\n userAgentValue: getAuthUserAgentValue(AuthAction.SignInWithRedirect)\n });\n } catch (err) {\n await handleFailure(err);\n }\n};\nexport { attemptCompleteOAuthFlow };\n","import { Amplify } from '@aws-amplify/core';\nimport { isBrowser, ADD_OAUTH_LISTENER } from '@aws-amplify/core/internals/utils';\nimport { attemptCompleteOAuthFlow } from './attemptCompleteOAuthFlow.mjs';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n// attach the side effect for handling the completion of an inflight oauth flow\n// this side effect works only on Web\nisBrowser() && (() => {\n // add the listener to the singleton for triggering\n Amplify[ADD_OAUTH_LISTENER](attemptCompleteOAuthFlow);\n})();\n","// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nconst cognitoHostedUIIdentityProviderMap = {\n Google: 'Google',\n Facebook: 'Facebook',\n Amazon: 'LoginWithAmazon',\n Apple: 'SignInWithApple'\n};\nexport { cognitoHostedUIIdentityProviderMap };\n","// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nconst openAuthSession = async url => {\n if (!window?.location) {\n return;\n }\n // enforce HTTPS\n window.location.href = url.replace('http://', 'https://');\n};\nexport { openAuthSession };\n","// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nvar AssociateSoftwareTokenException = /*#__PURE__*/function (AssociateSoftwareTokenException) {\n AssociateSoftwareTokenException[\"ConcurrentModificationException\"] = \"ConcurrentModificationException\";\n AssociateSoftwareTokenException[\"ForbiddenException\"] = \"ForbiddenException\";\n AssociateSoftwareTokenException[\"InternalErrorException\"] = \"InternalErrorException\";\n AssociateSoftwareTokenException[\"InvalidParameterException\"] = \"InvalidParameterException\";\n AssociateSoftwareTokenException[\"NotAuthorizedException\"] = \"NotAuthorizedException\";\n AssociateSoftwareTokenException[\"ResourceNotFoundException\"] = \"ResourceNotFoundException\";\n AssociateSoftwareTokenException[\"SoftwareTokenMFANotFoundException\"] = \"SoftwareTokenMFANotFoundException\";\n return AssociateSoftwareTokenException;\n}(AssociateSoftwareTokenException || {});\nvar ChangePasswordException = /*#__PURE__*/function (ChangePasswordException) {\n ChangePasswordException[\"ForbiddenException\"] = \"ForbiddenException\";\n ChangePasswordException[\"InternalErrorException\"] = \"InternalErrorException\";\n ChangePasswordException[\"InvalidParameterException\"] = \"InvalidParameterException\";\n ChangePasswordException[\"InvalidPasswordException\"] = \"InvalidPasswordException\";\n ChangePasswordException[\"LimitExceededException\"] = \"LimitExceededException\";\n ChangePasswordException[\"NotAuthorizedException\"] = \"NotAuthorizedException\";\n ChangePasswordException[\"PasswordResetRequiredException\"] = \"PasswordResetRequiredException\";\n ChangePasswordException[\"ResourceNotFoundException\"] = \"ResourceNotFoundException\";\n ChangePasswordException[\"TooManyRequestsException\"] = \"TooManyRequestsException\";\n ChangePasswordException[\"UserNotConfirmedException\"] = \"UserNotConfirmedException\";\n ChangePasswordException[\"UserNotFoundException\"] = \"UserNotFoundException\";\n return ChangePasswordException;\n}(ChangePasswordException || {});\nvar ConfirmDeviceException = /*#__PURE__*/function (ConfirmDeviceException) {\n ConfirmDeviceException[\"ForbiddenException\"] = \"ForbiddenException\";\n ConfirmDeviceException[\"InternalErrorException\"] = \"InternalErrorException\";\n ConfirmDeviceException[\"InvalidLambdaResponseException\"] = \"InvalidLambdaResponseException\";\n ConfirmDeviceException[\"InvalidParameterException\"] = \"InvalidParameterException\";\n ConfirmDeviceException[\"InvalidPasswordException\"] = \"InvalidPasswordException\";\n ConfirmDeviceException[\"InvalidUserPoolConfigurationException\"] = \"InvalidUserPoolConfigurationException\";\n ConfirmDeviceException[\"NotAuthorizedException\"] = \"NotAuthorizedException\";\n ConfirmDeviceException[\"PasswordResetRequiredException\"] = \"PasswordResetRequiredException\";\n ConfirmDeviceException[\"ResourceNotFoundException\"] = \"ResourceNotFoundException\";\n ConfirmDeviceException[\"TooManyRequestsException\"] = \"TooManyRequestsException\";\n ConfirmDeviceException[\"UsernameExistsException\"] = \"UsernameExistsException\";\n ConfirmDeviceException[\"UserNotConfirmedException\"] = \"UserNotConfirmedException\";\n ConfirmDeviceException[\"UserNotFoundException\"] = \"UserNotFoundException\";\n return ConfirmDeviceException;\n}(ConfirmDeviceException || {});\nvar ConfirmForgotPasswordException = /*#__PURE__*/function (ConfirmForgotPasswordException) {\n ConfirmForgotPasswordException[\"CodeMismatchException\"] = \"CodeMismatchException\";\n ConfirmForgotPasswordException[\"ExpiredCodeException\"] = \"ExpiredCodeException\";\n ConfirmForgotPasswordException[\"ForbiddenException\"] = \"ForbiddenException\";\n ConfirmForgotPasswordException[\"InternalErrorException\"] = \"InternalErrorException\";\n ConfirmForgotPasswordException[\"InvalidLambdaResponseException\"] = \"InvalidLambdaResponseException\";\n ConfirmForgotPasswordException[\"InvalidParameterException\"] = \"InvalidParameterException\";\n ConfirmForgotPasswordException[\"InvalidPasswordException\"] = \"InvalidPasswordException\";\n ConfirmForgotPasswordException[\"LimitExceededException\"] = \"LimitExceededException\";\n ConfirmForgotPasswordException[\"NotAuthorizedException\"] = \"NotAuthorizedException\";\n ConfirmForgotPasswordException[\"ResourceNotFoundException\"] = \"ResourceNotFoundException\";\n ConfirmForgotPasswordException[\"TooManyFailedAttemptsException\"] = \"TooManyFailedAttemptsException\";\n ConfirmForgotPasswordException[\"TooManyRequestsException\"] = \"TooManyRequestsException\";\n ConfirmForgotPasswordException[\"UnexpectedLambdaException\"] = \"UnexpectedLambdaException\";\n ConfirmForgotPasswordException[\"UserLambdaValidationException\"] = \"UserLambdaValidationException\";\n ConfirmForgotPasswordException[\"UserNotConfirmedException\"] = \"UserNotConfirmedException\";\n ConfirmForgotPasswordException[\"UserNotFoundException\"] = \"UserNotFoundException\";\n return ConfirmForgotPasswordException;\n}(ConfirmForgotPasswordException || {});\nvar ConfirmSignUpException = /*#__PURE__*/function (ConfirmSignUpException) {\n ConfirmSignUpException[\"AliasExistsException\"] = \"AliasExistsException\";\n ConfirmSignUpException[\"CodeMismatchException\"] = \"CodeMismatchException\";\n ConfirmSignUpException[\"ExpiredCodeException\"] = \"ExpiredCodeException\";\n ConfirmSignUpException[\"ForbiddenException\"] = \"ForbiddenException\";\n ConfirmSignUpException[\"InternalErrorException\"] = \"InternalErrorException\";\n ConfirmSignUpException[\"InvalidLambdaResponseException\"] = \"InvalidLambdaResponseException\";\n ConfirmSignUpException[\"InvalidParameterException\"] = \"InvalidParameterException\";\n ConfirmSignUpException[\"LimitExceededException\"] = \"LimitExceededException\";\n ConfirmSignUpException[\"NotAuthorizedException\"] = \"NotAuthorizedException\";\n ConfirmSignUpException[\"ResourceNotFoundException\"] = \"ResourceNotFoundException\";\n ConfirmSignUpException[\"TooManyFailedAttemptsException\"] = \"TooManyFailedAttemptsException\";\n ConfirmSignUpException[\"TooManyRequestsException\"] = \"TooManyRequestsException\";\n ConfirmSignUpException[\"UnexpectedLambdaException\"] = \"UnexpectedLambdaException\";\n ConfirmSignUpException[\"UserLambdaValidationException\"] = \"UserLambdaValidationException\";\n ConfirmSignUpException[\"UserNotFoundException\"] = \"UserNotFoundException\";\n return ConfirmSignUpException;\n}(ConfirmSignUpException || {});\nvar DeleteUserAttributesException = /*#__PURE__*/function (DeleteUserAttributesException) {\n DeleteUserAttributesException[\"ForbiddenException\"] = \"ForbiddenException\";\n DeleteUserAttributesException[\"InternalErrorException\"] = \"InternalErrorException\";\n DeleteUserAttributesException[\"InvalidParameterException\"] = \"InvalidParameterException\";\n DeleteUserAttributesException[\"NotAuthorizedException\"] = \"NotAuthorizedException\";\n DeleteUserAttributesException[\"PasswordResetRequiredException\"] = \"PasswordResetRequiredException\";\n DeleteUserAttributesException[\"ResourceNotFoundException\"] = \"ResourceNotFoundException\";\n DeleteUserAttributesException[\"TooManyRequestsException\"] = \"TooManyRequestsException\";\n DeleteUserAttributesException[\"UserNotConfirmedException\"] = \"UserNotConfirmedException\";\n DeleteUserAttributesException[\"UserNotFoundException\"] = \"UserNotFoundException\";\n return DeleteUserAttributesException;\n}(DeleteUserAttributesException || {});\nvar DeleteUserException = /*#__PURE__*/function (DeleteUserException) {\n DeleteUserException[\"ForbiddenException\"] = \"ForbiddenException\";\n DeleteUserException[\"InternalErrorException\"] = \"InternalErrorException\";\n DeleteUserException[\"InvalidParameterException\"] = \"InvalidParameterException\";\n DeleteUserException[\"NotAuthorizedException\"] = \"NotAuthorizedException\";\n DeleteUserException[\"PasswordResetRequiredException\"] = \"PasswordResetRequiredException\";\n DeleteUserException[\"ResourceNotFoundException\"] = \"ResourceNotFoundException\";\n DeleteUserException[\"TooManyRequestsException\"] = \"TooManyRequestsException\";\n DeleteUserException[\"UserNotConfirmedException\"] = \"UserNotConfirmedException\";\n DeleteUserException[\"UserNotFoundException\"] = \"UserNotFoundException\";\n return DeleteUserException;\n}(DeleteUserException || {});\nvar ForgetDeviceException = /*#__PURE__*/function (ForgetDeviceException) {\n ForgetDeviceException[\"ForbiddenException\"] = \"ForbiddenException\";\n ForgetDeviceException[\"InternalErrorException\"] = \"InternalErrorException\";\n ForgetDeviceException[\"InvalidParameterException\"] = \"InvalidParameterException\";\n ForgetDeviceException[\"InvalidUserPoolConfigurationException\"] = \"InvalidUserPoolConfigurationException\";\n ForgetDeviceException[\"NotAuthorizedException\"] = \"NotAuthorizedException\";\n ForgetDeviceException[\"PasswordResetRequiredException\"] = \"PasswordResetRequiredException\";\n ForgetDeviceException[\"ResourceNotFoundException\"] = \"ResourceNotFoundException\";\n ForgetDeviceException[\"TooManyRequestsException\"] = \"TooManyRequestsException\";\n ForgetDeviceException[\"UserNotConfirmedException\"] = \"UserNotConfirmedException\";\n ForgetDeviceException[\"UserNotFoundException\"] = \"UserNotFoundException\";\n return ForgetDeviceException;\n}(ForgetDeviceException || {});\nvar ForgotPasswordException = /*#__PURE__*/function (ForgotPasswordException) {\n ForgotPasswordException[\"CodeDeliveryFailureException\"] = \"CodeDeliveryFailureException\";\n ForgotPasswordException[\"ForbiddenException\"] = \"ForbiddenException\";\n ForgotPasswordException[\"InternalErrorException\"] = \"InternalErrorException\";\n ForgotPasswordException[\"InvalidEmailRoleAccessPolicyException\"] = \"InvalidEmailRoleAccessPolicyException\";\n ForgotPasswordException[\"InvalidLambdaResponseException\"] = \"InvalidLambdaResponseException\";\n ForgotPasswordException[\"InvalidParameterException\"] = \"InvalidParameterException\";\n ForgotPasswordException[\"InvalidSmsRoleAccessPolicyException\"] = \"InvalidSmsRoleAccessPolicyException\";\n ForgotPasswordException[\"InvalidSmsRoleTrustRelationshipException\"] = \"InvalidSmsRoleTrustRelationshipException\";\n ForgotPasswordException[\"LimitExceededException\"] = \"LimitExceededException\";\n ForgotPasswordException[\"NotAuthorizedException\"] = \"NotAuthorizedException\";\n ForgotPasswordException[\"ResourceNotFoundException\"] = \"ResourceNotFoundException\";\n ForgotPasswordException[\"TooManyRequestsException\"] = \"TooManyRequestsException\";\n ForgotPasswordException[\"UnexpectedLambdaException\"] = \"UnexpectedLambdaException\";\n ForgotPasswordException[\"UserLambdaValidationException\"] = \"UserLambdaValidationException\";\n ForgotPasswordException[\"UserNotFoundException\"] = \"UserNotFoundException\";\n return ForgotPasswordException;\n}(ForgotPasswordException || {});\nvar GetUserException = /*#__PURE__*/function (GetUserException) {\n GetUserException[\"ForbiddenException\"] = \"ForbiddenException\";\n GetUserException[\"InternalErrorException\"] = \"InternalErrorException\";\n GetUserException[\"InvalidParameterException\"] = \"InvalidParameterException\";\n GetUserException[\"NotAuthorizedException\"] = \"NotAuthorizedException\";\n GetUserException[\"PasswordResetRequiredException\"] = \"PasswordResetRequiredException\";\n GetUserException[\"ResourceNotFoundException\"] = \"ResourceNotFoundException\";\n GetUserException[\"TooManyRequestsException\"] = \"TooManyRequestsException\";\n GetUserException[\"UserNotConfirmedException\"] = \"UserNotConfirmedException\";\n GetUserException[\"UserNotFoundException\"] = \"UserNotFoundException\";\n return GetUserException;\n}(GetUserException || {});\nvar GetIdException = /*#__PURE__*/function (GetIdException) {\n GetIdException[\"ExternalServiceException\"] = \"ExternalServiceException\";\n GetIdException[\"InternalErrorException\"] = \"InternalErrorException\";\n GetIdException[\"InvalidParameterException\"] = \"InvalidParameterException\";\n GetIdException[\"LimitExceededException\"] = \"LimitExceededException\";\n GetIdException[\"NotAuthorizedException\"] = \"NotAuthorizedException\";\n GetIdException[\"ResourceConflictException\"] = \"ResourceConflictException\";\n GetIdException[\"ResourceNotFoundException\"] = \"ResourceNotFoundException\";\n GetIdException[\"TooManyRequestsException\"] = \"TooManyRequestsException\";\n return GetIdException;\n}(GetIdException || {});\nvar GetCredentialsForIdentityException = /*#__PURE__*/function (GetCredentialsForIdentityException) {\n GetCredentialsForIdentityException[\"ExternalServiceException\"] = \"ExternalServiceException\";\n GetCredentialsForIdentityException[\"InternalErrorException\"] = \"InternalErrorException\";\n GetCredentialsForIdentityException[\"InvalidIdentityPoolConfigurationException\"] = \"InvalidIdentityPoolConfigurationException\";\n GetCredentialsForIdentityException[\"InvalidParameterException\"] = \"InvalidParameterException\";\n GetCredentialsForIdentityException[\"NotAuthorizedException\"] = \"NotAuthorizedException\";\n GetCredentialsForIdentityException[\"ResourceConflictException\"] = \"ResourceConflictException\";\n GetCredentialsForIdentityException[\"ResourceNotFoundException\"] = \"ResourceNotFoundException\";\n GetCredentialsForIdentityException[\"TooManyRequestsException\"] = \"TooManyRequestsException\";\n return GetCredentialsForIdentityException;\n}(GetCredentialsForIdentityException || {});\nvar GetUserAttributeVerificationException = /*#__PURE__*/function (GetUserAttributeVerificationException) {\n GetUserAttributeVerificationException[\"CodeDeliveryFailureException\"] = \"CodeDeliveryFailureException\";\n GetUserAttributeVerificationException[\"ForbiddenException\"] = \"ForbiddenException\";\n GetUserAttributeVerificationException[\"InternalErrorException\"] = \"InternalErrorException\";\n GetUserAttributeVerificationException[\"InvalidEmailRoleAccessPolicyException\"] = \"InvalidEmailRoleAccessPolicyException\";\n GetUserAttributeVerificationException[\"InvalidLambdaResponseException\"] = \"InvalidLambdaResponseException\";\n GetUserAttributeVerificationException[\"InvalidParameterException\"] = \"InvalidParameterException\";\n GetUserAttributeVerificationException[\"InvalidSmsRoleAccessPolicyException\"] = \"InvalidSmsRoleAccessPolicyException\";\n GetUserAttributeVerificationException[\"InvalidSmsRoleTrustRelationshipException\"] = \"InvalidSmsRoleTrustRelationshipException\";\n GetUserAttributeVerificationException[\"LimitExceededException\"] = \"LimitExceededException\";\n GetUserAttributeVerificationException[\"NotAuthorizedException\"] = \"NotAuthorizedException\";\n GetUserAttributeVerificationException[\"PasswordResetRequiredException\"] = \"PasswordResetRequiredException\";\n GetUserAttributeVerificationException[\"ResourceNotFoundException\"] = \"ResourceNotFoundException\";\n GetUserAttributeVerificationException[\"TooManyRequestsException\"] = \"TooManyRequestsException\";\n GetUserAttributeVerificationException[\"UnexpectedLambdaException\"] = \"UnexpectedLambdaException\";\n GetUserAttributeVerificationException[\"UserLambdaValidationException\"] = \"UserLambdaValidationException\";\n GetUserAttributeVerificationException[\"UserNotConfirmedException\"] = \"UserNotConfirmedException\";\n GetUserAttributeVerificationException[\"UserNotFoundException\"] = \"UserNotFoundException\";\n return GetUserAttributeVerificationException;\n}(GetUserAttributeVerificationException || {});\nvar GlobalSignOutException = /*#__PURE__*/function (GlobalSignOutException) {\n GlobalSignOutException[\"ForbiddenException\"] = \"ForbiddenException\";\n GlobalSignOutException[\"InternalErrorException\"] = \"InternalErrorException\";\n GlobalSignOutException[\"InvalidParameterException\"] = \"InvalidParameterException\";\n GlobalSignOutException[\"NotAuthorizedException\"] = \"NotAuthorizedException\";\n GlobalSignOutException[\"PasswordResetRequiredException\"] = \"PasswordResetRequiredException\";\n GlobalSignOutException[\"ResourceNotFoundException\"] = \"ResourceNotFoundException\";\n GlobalSignOutException[\"TooManyRequestsException\"] = \"TooManyRequestsException\";\n GlobalSignOutException[\"UserNotConfirmedException\"] = \"UserNotConfirmedException\";\n return GlobalSignOutException;\n}(GlobalSignOutException || {});\nvar InitiateAuthException = /*#__PURE__*/function (InitiateAuthException) {\n InitiateAuthException[\"PasswordResetRequiredException\"] = \"PasswordResetRequiredException\";\n InitiateAuthException[\"ForbiddenException\"] = \"ForbiddenException\";\n InitiateAuthException[\"InternalErrorException\"] = \"InternalErrorException\";\n InitiateAuthException[\"InvalidLambdaResponseException\"] = \"InvalidLambdaResponseException\";\n InitiateAuthException[\"InvalidParameterException\"] = \"InvalidParameterException\";\n InitiateAuthException[\"InvalidSmsRoleAccessPolicyException\"] = \"InvalidSmsRoleAccessPolicyException\";\n InitiateAuthException[\"InvalidSmsRoleTrustRelationshipException\"] = \"InvalidSmsRoleTrustRelationshipException\";\n InitiateAuthException[\"InvalidUserPoolConfigurationException\"] = \"InvalidUserPoolConfigurationException\";\n InitiateAuthException[\"NotAuthorizedException\"] = \"NotAuthorizedException\";\n InitiateAuthException[\"ResourceNotFoundException\"] = \"ResourceNotFoundException\";\n InitiateAuthException[\"TooManyRequestsException\"] = \"TooManyRequestsException\";\n InitiateAuthException[\"UnexpectedLambdaException\"] = \"UnexpectedLambdaException\";\n InitiateAuthException[\"UserLambdaValidationException\"] = \"UserLambdaValidationException\";\n InitiateAuthException[\"UserNotConfirmedException\"] = \"UserNotConfirmedException\";\n InitiateAuthException[\"UserNotFoundException\"] = \"UserNotFoundException\";\n return InitiateAuthException;\n}(InitiateAuthException || {});\nvar ResendConfirmationException = /*#__PURE__*/function (ResendConfirmationException) {\n ResendConfirmationException[\"CodeDeliveryFailureException\"] = \"CodeDeliveryFailureException\";\n ResendConfirmationException[\"ForbiddenException\"] = \"ForbiddenException\";\n ResendConfirmationException[\"InternalErrorException\"] = \"InternalErrorException\";\n ResendConfirmationException[\"InvalidEmailRoleAccessPolicyException\"] = \"InvalidEmailRoleAccessPolicyException\";\n ResendConfirmationException[\"InvalidLambdaResponseException\"] = \"InvalidLambdaResponseException\";\n ResendConfirmationException[\"InvalidParameterException\"] = \"InvalidParameterException\";\n ResendConfirmationException[\"InvalidSmsRoleAccessPolicyException\"] = \"InvalidSmsRoleAccessPolicyException\";\n ResendConfirmationException[\"InvalidSmsRoleTrustRelationshipException\"] = \"InvalidSmsRoleTrustRelationshipException\";\n ResendConfirmationException[\"LimitExceededException\"] = \"LimitExceededException\";\n ResendConfirmationException[\"NotAuthorizedException\"] = \"NotAuthorizedException\";\n ResendConfirmationException[\"ResourceNotFoundException\"] = \"ResourceNotFoundException\";\n ResendConfirmationException[\"TooManyRequestsException\"] = \"TooManyRequestsException\";\n ResendConfirmationException[\"UnexpectedLambdaException\"] = \"UnexpectedLambdaException\";\n ResendConfirmationException[\"UserLambdaValidationException\"] = \"UserLambdaValidationException\";\n ResendConfirmationException[\"UserNotFoundException\"] = \"UserNotFoundException\";\n return ResendConfirmationException;\n}(ResendConfirmationException || {});\nvar RespondToAuthChallengeException = /*#__PURE__*/function (RespondToAuthChallengeException) {\n RespondToAuthChallengeException[\"AliasExistsException\"] = \"AliasExistsException\";\n RespondToAuthChallengeException[\"CodeMismatchException\"] = \"CodeMismatchException\";\n RespondToAuthChallengeException[\"ExpiredCodeException\"] = \"ExpiredCodeException\";\n RespondToAuthChallengeException[\"ForbiddenException\"] = \"ForbiddenException\";\n RespondToAuthChallengeException[\"InternalErrorException\"] = \"InternalErrorException\";\n RespondToAuthChallengeException[\"InvalidLambdaResponseException\"] = \"InvalidLambdaResponseException\";\n RespondToAuthChallengeException[\"InvalidParameterException\"] = \"InvalidParameterException\";\n RespondToAuthChallengeException[\"InvalidPasswordException\"] = \"InvalidPasswordException\";\n RespondToAuthChallengeException[\"InvalidSmsRoleAccessPolicyException\"] = \"InvalidSmsRoleAccessPolicyException\";\n RespondToAuthChallengeException[\"InvalidSmsRoleTrustRelationshipException\"] = \"InvalidSmsRoleTrustRelationshipException\";\n RespondToAuthChallengeException[\"InvalidUserPoolConfigurationException\"] = \"InvalidUserPoolConfigurationException\";\n RespondToAuthChallengeException[\"MFAMethodNotFoundException\"] = \"MFAMethodNotFoundException\";\n RespondToAuthChallengeException[\"NotAuthorizedException\"] = \"NotAuthorizedException\";\n RespondToAuthChallengeException[\"PasswordResetRequiredException\"] = \"PasswordResetRequiredException\";\n RespondToAuthChallengeException[\"ResourceNotFoundException\"] = \"ResourceNotFoundException\";\n RespondToAuthChallengeException[\"SoftwareTokenMFANotFoundException\"] = \"SoftwareTokenMFANotFoundException\";\n RespondToAuthChallengeException[\"TooManyRequestsException\"] = \"TooManyRequestsException\";\n RespondToAuthChallengeException[\"UnexpectedLambdaException\"] = \"UnexpectedLambdaException\";\n RespondToAuthChallengeException[\"UserLambdaValidationException\"] = \"UserLambdaValidationException\";\n RespondToAuthChallengeException[\"UserNotConfirmedException\"] = \"UserNotConfirmedException\";\n RespondToAuthChallengeException[\"UserNotFoundException\"] = \"UserNotFoundException\";\n return RespondToAuthChallengeException;\n}(RespondToAuthChallengeException || {});\nvar SetUserMFAPreferenceException = /*#__PURE__*/function (SetUserMFAPreferenceException) {\n SetUserMFAPreferenceException[\"ForbiddenException\"] = \"ForbiddenException\";\n SetUserMFAPreferenceException[\"InternalErrorException\"] = \"InternalErrorException\";\n SetUserMFAPreferenceException[\"InvalidParameterException\"] = \"InvalidParameterException\";\n SetUserMFAPreferenceException[\"NotAuthorizedException\"] = \"NotAuthorizedException\";\n SetUserMFAPreferenceException[\"PasswordResetRequiredException\"] = \"PasswordResetRequiredException\";\n SetUserMFAPreferenceException[\"ResourceNotFoundException\"] = \"ResourceNotFoundException\";\n SetUserMFAPreferenceException[\"UserNotConfirmedException\"] = \"UserNotConfirmedException\";\n SetUserMFAPreferenceException[\"UserNotFoundException\"] = \"UserNotFoundException\";\n return SetUserMFAPreferenceException;\n}(SetUserMFAPreferenceException || {});\nvar SignUpException = /*#__PURE__*/function (SignUpException) {\n SignUpException[\"CodeDeliveryFailureException\"] = \"CodeDeliveryFailureException\";\n SignUpException[\"InternalErrorException\"] = \"InternalErrorException\";\n SignUpException[\"InvalidEmailRoleAccessPolicyException\"] = \"InvalidEmailRoleAccessPolicyException\";\n SignUpException[\"InvalidLambdaResponseException\"] = \"InvalidLambdaResponseException\";\n SignUpException[\"InvalidParameterException\"] = \"InvalidParameterException\";\n SignUpException[\"InvalidPasswordException\"] = \"InvalidPasswordException\";\n SignUpException[\"InvalidSmsRoleAccessPolicyException\"] = \"InvalidSmsRoleAccessPolicyException\";\n SignUpException[\"InvalidSmsRoleTrustRelationshipException\"] = \"InvalidSmsRoleTrustRelationshipException\";\n SignUpException[\"NotAuthorizedException\"] = \"NotAuthorizedException\";\n SignUpException[\"ResourceNotFoundException\"] = \"ResourceNotFoundException\";\n SignUpException[\"TooManyRequestsException\"] = \"TooManyRequestsException\";\n SignUpException[\"UnexpectedLambdaException\"] = \"UnexpectedLambdaException\";\n SignUpException[\"UserLambdaValidationException\"] = \"UserLambdaValidationException\";\n SignUpException[\"UsernameExistsException\"] = \"UsernameExistsException\";\n return SignUpException;\n}(SignUpException || {});\nvar UpdateUserAttributesException = /*#__PURE__*/function (UpdateUserAttributesException) {\n UpdateUserAttributesException[\"AliasExistsException\"] = \"AliasExistsException\";\n UpdateUserAttributesException[\"CodeDeliveryFailureException\"] = \"CodeDeliveryFailureException\";\n UpdateUserAttributesException[\"CodeMismatchException\"] = \"CodeMismatchException\";\n UpdateUserAttributesException[\"ExpiredCodeException\"] = \"ExpiredCodeException\";\n UpdateUserAttributesException[\"ForbiddenException\"] = \"ForbiddenException\";\n UpdateUserAttributesException[\"InternalErrorException\"] = \"InternalErrorException\";\n UpdateUserAttributesException[\"InvalidEmailRoleAccessPolicyException\"] = \"InvalidEmailRoleAccessPolicyException\";\n UpdateUserAttributesException[\"InvalidLambdaResponseException\"] = \"InvalidLambdaResponseException\";\n UpdateUserAttributesException[\"InvalidParameterException\"] = \"InvalidParameterException\";\n UpdateUserAttributesException[\"InvalidSmsRoleAccessPolicyException\"] = \"InvalidSmsRoleAccessPolicyException\";\n UpdateUserAttributesException[\"InvalidSmsRoleTrustRelationshipException\"] = \"InvalidSmsRoleTrustRelationshipException\";\n UpdateUserAttributesException[\"NotAuthorizedException\"] = \"NotAuthorizedException\";\n UpdateUserAttributesException[\"PasswordResetRequiredException\"] = \"PasswordResetRequiredException\";\n UpdateUserAttributesException[\"ResourceNotFoundException\"] = \"ResourceNotFoundException\";\n UpdateUserAttributesException[\"TooManyRequestsException\"] = \"TooManyRequestsException\";\n UpdateUserAttributesException[\"UnexpectedLambdaException\"] = \"UnexpectedLambdaException\";\n UpdateUserAttributesException[\"UserLambdaValidationException\"] = \"UserLambdaValidationException\";\n UpdateUserAttributesException[\"UserNotConfirmedException\"] = \"UserNotConfirmedException\";\n UpdateUserAttributesException[\"UserNotFoundException\"] = \"UserNotFoundException\";\n return UpdateUserAttributesException;\n}(UpdateUserAttributesException || {});\nvar VerifySoftwareTokenException = /*#__PURE__*/function (VerifySoftwareTokenException) {\n VerifySoftwareTokenException[\"CodeMismatchException\"] = \"CodeMismatchException\";\n VerifySoftwareTokenException[\"EnableSoftwareTokenMFAException\"] = \"EnableSoftwareTokenMFAException\";\n VerifySoftwareTokenException[\"ForbiddenException\"] = \"ForbiddenException\";\n VerifySoftwareTokenException[\"InternalErrorException\"] = \"InternalErrorException\";\n VerifySoftwareTokenException[\"InvalidParameterException\"] = \"InvalidParameterException\";\n VerifySoftwareTokenException[\"InvalidUserPoolConfigurationException\"] = \"InvalidUserPoolConfigurationException\";\n VerifySoftwareTokenException[\"NotAuthorizedException\"] = \"NotAuthorizedException\";\n VerifySoftwareTokenException[\"PasswordResetRequiredException\"] = \"PasswordResetRequiredException\";\n VerifySoftwareTokenException[\"ResourceNotFoundException\"] = \"ResourceNotFoundException\";\n VerifySoftwareTokenException[\"SoftwareTokenMFANotFoundException\"] = \"SoftwareTokenMFANotFoundException\";\n VerifySoftwareTokenException[\"TooManyRequestsException\"] = \"TooManyRequestsException\";\n VerifySoftwareTokenException[\"UserNotConfirmedException\"] = \"UserNotConfirmedException\";\n VerifySoftwareTokenException[\"UserNotFoundException\"] = \"UserNotFoundException\";\n return VerifySoftwareTokenException;\n}(VerifySoftwareTokenException || {});\nvar VerifyUserAttributeException = /*#__PURE__*/function (VerifyUserAttributeException) {\n VerifyUserAttributeException[\"AliasExistsException\"] = \"AliasExistsException\";\n VerifyUserAttributeException[\"CodeMismatchException\"] = \"CodeMismatchException\";\n VerifyUserAttributeException[\"ExpiredCodeException\"] = \"ExpiredCodeException\";\n VerifyUserAttributeException[\"ForbiddenException\"] = \"ForbiddenException\";\n VerifyUserAttributeException[\"InternalErrorException\"] = \"InternalErrorException\";\n VerifyUserAttributeException[\"InvalidParameterException\"] = \"InvalidParameterException\";\n VerifyUserAttributeException[\"LimitExceededException\"] = \"LimitExceededException\";\n VerifyUserAttributeException[\"NotAuthorizedException\"] = \"NotAuthorizedException\";\n VerifyUserAttributeException[\"PasswordResetRequiredException\"] = \"PasswordResetRequiredException\";\n VerifyUserAttributeException[\"ResourceNotFoundException\"] = \"ResourceNotFoundException\";\n VerifyUserAttributeException[\"TooManyRequestsException\"] = \"TooManyRequestsException\";\n VerifyUserAttributeException[\"UserNotConfirmedException\"] = \"UserNotConfirmedException\";\n VerifyUserAttributeException[\"UserNotFoundException\"] = \"UserNotFoundException\";\n return VerifyUserAttributeException;\n}(VerifyUserAttributeException || {});\nvar UpdateDeviceStatusException = /*#__PURE__*/function (UpdateDeviceStatusException) {\n UpdateDeviceStatusException[\"ForbiddenException\"] = \"ForbiddenException\";\n UpdateDeviceStatusException[\"InternalErrorException\"] = \"InternalErrorException\";\n UpdateDeviceStatusException[\"InvalidParameterException\"] = \"InvalidParameterException\";\n UpdateDeviceStatusException[\"InvalidUserPoolConfigurationException\"] = \"InvalidUserPoolConfigurationException\";\n UpdateDeviceStatusException[\"NotAuthorizedException\"] = \"NotAuthorizedException\";\n UpdateDeviceStatusException[\"PasswordResetRequiredException\"] = \"PasswordResetRequiredException\";\n UpdateDeviceStatusException[\"ResourceNotFoundException\"] = \"ResourceNotFoundException\";\n UpdateDeviceStatusException[\"TooManyRequestsException\"] = \"TooManyRequestsException\";\n UpdateDeviceStatusException[\"UserNotConfirmedException\"] = \"UserNotConfirmedException\";\n UpdateDeviceStatusException[\"UserNotFoundException\"] = \"UserNotFoundException\";\n return UpdateDeviceStatusException;\n}(UpdateDeviceStatusException || {});\nvar ListDevicesException = /*#__PURE__*/function (ListDevicesException) {\n ListDevicesException[\"ForbiddenException\"] = \"ForbiddenException\";\n ListDevicesException[\"InternalErrorException\"] = \"InternalErrorException\";\n ListDevicesException[\"InvalidParameterException\"] = \"InvalidParameterException\";\n ListDevicesException[\"InvalidUserPoolConfigurationException\"] = \"InvalidUserPoolConfigurationException\";\n ListDevicesException[\"NotAuthorizedException\"] = \"NotAuthorizedException\";\n ListDevicesException[\"PasswordResetRequiredException\"] = \"PasswordResetRequiredException\";\n ListDevicesException[\"ResourceNotFoundException\"] = \"ResourceNotFoundException\";\n ListDevicesException[\"TooManyRequestsException\"] = \"TooManyRequestsException\";\n ListDevicesException[\"UserNotConfirmedException\"] = \"UserNotConfirmedException\";\n ListDevicesException[\"UserNotFoundException\"] = \"UserNotFoundException\";\n return ListDevicesException;\n}(ListDevicesException || {});\nconst SETUP_TOTP_EXCEPTION = 'SetUpTOTPException';\nexport { AssociateSoftwareTokenException, ChangePasswordException, ConfirmDeviceException, ConfirmForgotPasswordException, ConfirmSignUpException, DeleteUserAttributesException, DeleteUserException, ForgetDeviceException, ForgotPasswordException, GetCredentialsForIdentityException, GetIdException, GetUserAttributeVerificationException, GetUserException, GlobalSignOutException, InitiateAuthException, ListDevicesException, ResendConfirmationException, RespondToAuthChallengeException, SETUP_TOTP_EXCEPTION, SetUserMFAPreferenceException, SignUpException, UpdateDeviceStatusException, UpdateUserAttributesException, VerifySoftwareTokenException, VerifyUserAttributeException };\n","import { validationErrorMap } from '../../common/AuthErrorStrings.mjs';\nimport { AuthError } from '../AuthError.mjs';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nfunction assertValidationError(assertion, name) {\n const {\n message,\n recoverySuggestion\n } = validationErrorMap[name];\n if (!assertion) {\n throw new AuthError({\n name,\n message,\n recoverySuggestion\n });\n }\n}\nexport { assertValidationError };\n","import { composeServiceApi } from '@aws-amplify/core/internals/aws-client-utils/composers';\nimport { cognitoUserPoolTransferHandler } from './shared/handler/cognitoUserPoolTransferHandler.mjs';\nimport { createUserPoolSerializer } from './shared/serde/createUserPoolSerializer.mjs';\nimport { createUserPoolDeserializer } from './shared/serde/createUserPoolDeserializer.mjs';\nimport '@aws-amplify/core/internals/aws-client-utils';\nimport '@aws-amplify/core/internals/utils';\nimport { DEFAULT_SERVICE_CLIENT_API_CONFIG } from './constants.mjs';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nconst createRespondToAuthChallengeClient = config => composeServiceApi(cognitoUserPoolTransferHandler, createUserPoolSerializer('RespondToAuthChallenge'), createUserPoolDeserializer(), {\n ...DEFAULT_SERVICE_CLIENT_API_CONFIG,\n ...config\n});\nexport { createRespondToAuthChallengeClient };\n","import { composeServiceApi } from '@aws-amplify/core/internals/aws-client-utils/composers';\nimport { cognitoUserPoolTransferHandler } from './shared/handler/cognitoUserPoolTransferHandler.mjs';\nimport { createUserPoolSerializer } from './shared/serde/createUserPoolSerializer.mjs';\nimport { createUserPoolDeserializer } from './shared/serde/createUserPoolDeserializer.mjs';\nimport '@aws-amplify/core/internals/aws-client-utils';\nimport '@aws-amplify/core/internals/utils';\nimport { DEFAULT_SERVICE_CLIENT_API_CONFIG } from './constants.mjs';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nconst createAssociateSoftwareTokenClient = config => composeServiceApi(cognitoUserPoolTransferHandler, createUserPoolSerializer('AssociateSoftwareToken'), createUserPoolDeserializer(), {\n ...DEFAULT_SERVICE_CLIENT_API_CONFIG,\n ...config\n});\nexport { createAssociateSoftwareTokenClient };\n","import { composeServiceApi } from '@aws-amplify/core/internals/aws-client-utils/composers';\nimport { cognitoUserPoolTransferHandler } from './shared/handler/cognitoUserPoolTransferHandler.mjs';\nimport { createUserPoolSerializer } from './shared/serde/createUserPoolSerializer.mjs';\nimport { createUserPoolDeserializer } from './shared/serde/createUserPoolDeserializer.mjs';\nimport '@aws-amplify/core/internals/aws-client-utils';\nimport '@aws-amplify/core/internals/utils';\nimport { DEFAULT_SERVICE_CLIENT_API_CONFIG } from './constants.mjs';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nconst createConfirmDeviceClient = config => composeServiceApi(cognitoUserPoolTransferHandler, createUserPoolSerializer('ConfirmDevice'), createUserPoolDeserializer(), {\n ...DEFAULT_SERVICE_CLIENT_API_CONFIG,\n ...config\n});\nexport { createConfirmDeviceClient };\n","// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nconst signInReducer = (state, action) => {\n switch (action.type) {\n case 'SET_SIGN_IN_SESSION':\n return {\n ...state,\n signInSession: action.value\n };\n case 'SET_SIGN_IN_STATE':\n return {\n ...action.value\n };\n case 'SET_CHALLENGE_NAME':\n return {\n ...state,\n challengeName: action.value\n };\n case 'SET_USERNAME':\n return {\n ...state,\n username: action.value\n };\n case 'SET_INITIAL_STATE':\n return defaultState();\n default:\n return state;\n }\n};\nfunction defaultState() {\n return {\n username: undefined,\n challengeName: undefined,\n signInSession: undefined\n };\n}\nconst createStore = reducer => {\n let currentState = reducer(defaultState(), {\n type: 'SET_INITIAL_STATE'\n });\n return {\n getState: () => currentState,\n dispatch: action => {\n currentState = reducer(currentState, action);\n }\n };\n};\nconst signInStore = createStore(signInReducer);\nfunction setActiveSignInState(state) {\n signInStore.dispatch({\n type: 'SET_SIGN_IN_STATE',\n value: state\n });\n}\nfunction cleanActiveSignInState() {\n signInStore.dispatch({\n type: 'SET_INITIAL_STATE'\n });\n}\nexport { cleanActiveSignInState, setActiveSignInState, signInStore };\n","// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nconst textEncoder = {\n convert(input) {\n return new TextEncoder().encode(input);\n }\n};\nexport { textEncoder };\n","/* eslint-disable */\n// @ts-nocheck -> BigInteger is already a vended utility\n// A small implementation of BigInteger based on http://www-cs-students.stanford.edu/~tjw/jsbn/\n//\n// All public methods have been removed except the following:\n// new BigInteger(a, b) (only radix 2, 4, 8, 16 and 32 supported)\n// toString (only radix 2, 4, 8, 16 and 32 supported)\n// negate\n// abs\n// compareTo\n// bitLength\n// mod\n// equals\n// add\n// subtract\n// multiply\n// divide\n// modPow\n/*\n * Copyright (c) 2003-2005 Tom Wu\n * All Rights Reserved.\n *\n * Permission is hereby granted, free of charge, to any person obtaining\n * a copy of this software and associated documentation files (the\n * \"Software\"), to deal in the Software without restriction, including\n * without limitation the rights to use, copy, modify, merge, publish,\n * distribute, sublicense, and/or sell copies of the Software, and to\n * permit persons to whom the Software is furnished to do so, subject to\n * the following conditions:\n *\n * The above copyright notice and this permission notice shall be\n * included in all copies or substantial portions of the Software.\n *\n * THE SOFTWARE IS PROVIDED \"AS-IS\" AND WITHOUT WARRANTY OF ANY KIND,\n * EXPRESS, IMPLIED OR OTHERWISE, INCLUDING WITHOUT LIMITATION, ANY\n * WARRANTY OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.\n *\n * IN NO EVENT SHALL TOM WU BE LIABLE FOR ANY SPECIAL, INCIDENTAL,\n * INDIRECT OR CONSEQUENTIAL DAMAGES OF ANY KIND, OR ANY DAMAGES WHATSOEVER\n * RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER OR NOT ADVISED OF\n * THE POSSIBILITY OF DAMAGE, AND ON ANY THEORY OF LIABILITY, ARISING OUT\n * OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.\n *\n * In addition, the following condition applies:\n *\n * All redistributions must retain an intact copy of this copyright notice\n * and disclaimer.\n */\n// (public) Constructor\nfunction BigInteger(a, b) {\n if (a != null) this.fromString(a, b);\n}\n// return new, unset BigInteger\nfunction nbi() {\n return new BigInteger(null, null);\n}\n// Bits per digit\nlet dbits;\n// JavaScript engine analysis\nconst canary = 0xdeadbeefcafe;\nconst j_lm = (canary & 0xffffff) === 0xefcafe;\n// am: Compute w_j += (x*this_i), propagate carries,\n// c is initial carry, returns final carry.\n// c < 3*dvalue, x < 2*dvalue, this_i < dvalue\n// We need to select the fastest one that works in this environment.\n// am1: use a single mult and divide to get the high bits,\n// max digit bits should be 26 because\n// max internal value = 2*dvalue^2-2*dvalue (< 2^53)\nfunction am1(i, x, w, j, c, n) {\n while (--n >= 0) {\n const v = x * this[i++] + w[j] + c;\n c = Math.floor(v / 0x4000000);\n w[j++] = v & 0x3ffffff;\n }\n return c;\n}\n// am2 avoids a big mult-and-extract completely.\n// Max digit bits should be <= 30 because we do bitwise ops\n// on values up to 2*hdvalue^2-hdvalue-1 (< 2^31)\nfunction am2(i, x, w, j, c, n) {\n const xl = x & 0x7fff;\n const xh = x >> 15;\n while (--n >= 0) {\n let l = this[i] & 0x7fff;\n const h = this[i++] >> 15;\n const m = xh * l + h * xl;\n l = xl * l + ((m & 0x7fff) << 15) + w[j] + (c & 0x3fffffff);\n c = (l >>> 30) + (m >>> 15) + xh * h + (c >>> 30);\n w[j++] = l & 0x3fffffff;\n }\n return c;\n}\n// Alternately, set max digit bits to 28 since some\n// browsers slow down when dealing with 32-bit numbers.\nfunction am3(i, x, w, j, c, n) {\n const xl = x & 0x3fff;\n const xh = x >> 14;\n while (--n >= 0) {\n let l = this[i] & 0x3fff;\n const h = this[i++] >> 14;\n const m = xh * l + h * xl;\n l = xl * l + ((m & 0x3fff) << 14) + w[j] + c;\n c = (l >> 28) + (m >> 14) + xh * h;\n w[j++] = l & 0xfffffff;\n }\n return c;\n}\nconst inBrowser = typeof navigator !== 'undefined';\nif (inBrowser && j_lm && navigator.appName === 'Microsoft Internet Explorer') {\n BigInteger.prototype.am = am2;\n dbits = 30;\n} else if (inBrowser && j_lm && navigator.appName !== 'Netscape') {\n BigInteger.prototype.am = am1;\n dbits = 26;\n} else {\n // Mozilla/Netscape seems to prefer am3\n BigInteger.prototype.am = am3;\n dbits = 28;\n}\nBigInteger.prototype.DB = dbits;\nBigInteger.prototype.DM = (1 << dbits) - 1;\nBigInteger.prototype.DV = 1 << dbits;\nconst BI_FP = 52;\nBigInteger.prototype.FV = Math.pow(2, BI_FP);\nBigInteger.prototype.F1 = BI_FP - dbits;\nBigInteger.prototype.F2 = 2 * dbits - BI_FP;\n// Digit conversions\nconst BI_RM = '0123456789abcdefghijklmnopqrstuvwxyz';\nconst BI_RC = [];\nlet rr, vv;\nrr = '0'.charCodeAt(0);\nfor (vv = 0; vv <= 9; ++vv) BI_RC[rr++] = vv;\nrr = 'a'.charCodeAt(0);\nfor (vv = 10; vv < 36; ++vv) BI_RC[rr++] = vv;\nrr = 'A'.charCodeAt(0);\nfor (vv = 10; vv < 36; ++vv) BI_RC[rr++] = vv;\nfunction int2char(n) {\n return BI_RM.charAt(n);\n}\nfunction intAt(s, i) {\n const c = BI_RC[s.charCodeAt(i)];\n return c == null ? -1 : c;\n}\n// (protected) copy this to r\nfunction bnpCopyTo(r) {\n for (let i = this.t - 1; i >= 0; --i) r[i] = this[i];\n r.t = this.t;\n r.s = this.s;\n}\n// (protected) set from integer value x, -DV <= x < DV\nfunction bnpFromInt(x) {\n this.t = 1;\n this.s = x < 0 ? -1 : 0;\n if (x > 0) this[0] = x;else if (x < -1) this[0] = x + this.DV;else this.t = 0;\n}\n// return bigint initialized to value\nfunction nbv(i) {\n const r = nbi();\n r.fromInt(i);\n return r;\n}\n// (protected) set from string and radix\nfunction bnpFromString(s, b) {\n let k;\n if (b === 16) k = 4;else if (b === 8) k = 3;else if (b === 2) k = 1;else if (b === 32) k = 5;else if (b === 4) k = 2;else throw new Error('Only radix 2, 4, 8, 16, 32 are supported');\n this.t = 0;\n this.s = 0;\n let i = s.length;\n let mi = false;\n let sh = 0;\n while (--i >= 0) {\n const x = intAt(s, i);\n if (x < 0) {\n if (s.charAt(i) === '-') mi = true;\n continue;\n }\n mi = false;\n if (sh === 0) this[this.t++] = x;else if (sh + k > this.DB) {\n this[this.t - 1] |= (x & (1 << this.DB - sh) - 1) << sh;\n this[this.t++] = x >> this.DB - sh;\n } else this[this.t - 1] |= x << sh;\n sh += k;\n if (sh >= this.DB) sh -= this.DB;\n }\n this.clamp();\n if (mi) BigInteger.ZERO.subTo(this, this);\n}\n// (protected) clamp off excess high words\nfunction bnpClamp() {\n const c = this.s & this.DM;\n while (this.t > 0 && this[this.t - 1] == c) --this.t;\n}\n// (public) return string representation in given radix\nfunction bnToString(b) {\n if (this.s < 0) return '-' + this.negate().toString(b);\n let k;\n if (b == 16) k = 4;else if (b === 8) k = 3;else if (b === 2) k = 1;else if (b === 32) k = 5;else if (b === 4) k = 2;else throw new Error('Only radix 2, 4, 8, 16, 32 are supported');\n const km = (1 << k) - 1;\n let d;\n let m = false;\n let r = '';\n let i = this.t;\n let p = this.DB - i * this.DB % k;\n if (i-- > 0) {\n if (p < this.DB && (d = this[i] >> p) > 0) {\n m = true;\n r = int2char(d);\n }\n while (i >= 0) {\n if (p < k) {\n d = (this[i] & (1 << p) - 1) << k - p;\n d |= this[--i] >> (p += this.DB - k);\n } else {\n d = this[i] >> (p -= k) & km;\n if (p <= 0) {\n p += this.DB;\n --i;\n }\n }\n if (d > 0) m = true;\n if (m) r += int2char(d);\n }\n }\n return m ? r : '0';\n}\n// (public) -this\nfunction bnNegate() {\n const r = nbi();\n BigInteger.ZERO.subTo(this, r);\n return r;\n}\n// (public) |this|\nfunction bnAbs() {\n return this.s < 0 ? this.negate() : this;\n}\n// (public) return + if this > a, - if this < a, 0 if equal\nfunction bnCompareTo(a) {\n let r = this.s - a.s;\n if (r != 0) return r;\n let i = this.t;\n r = i - a.t;\n if (r != 0) return this.s < 0 ? -r : r;\n while (--i >= 0) if ((r = this[i] - a[i]) != 0) return r;\n return 0;\n}\n// returns bit length of the integer x\nfunction nbits(x) {\n let r = 1;\n let t;\n if ((t = x >>> 16) !== 0) {\n x = t;\n r += 16;\n }\n if ((t = x >> 8) !== 0) {\n x = t;\n r += 8;\n }\n if ((t = x >> 4) !== 0) {\n x = t;\n r += 4;\n }\n if ((t = x >> 2) !== 0) {\n x = t;\n r += 2;\n }\n if ((t = x >> 1) !== 0) {\n x = t;\n r += 1;\n }\n return r;\n}\n// (public) return the number of bits in \"this\"\nfunction bnBitLength() {\n if (this.t <= 0) return 0;\n return this.DB * (this.t - 1) + nbits(this[this.t - 1] ^ this.s & this.DM);\n}\n// (protected) r = this << n*DB\nfunction bnpDLShiftTo(n, r) {\n let i;\n for (i = this.t - 1; i >= 0; --i) r[i + n] = this[i];\n for (i = n - 1; i >= 0; --i) r[i] = 0;\n r.t = this.t + n;\n r.s = this.s;\n}\n// (protected) r = this >> n*DB\nfunction bnpDRShiftTo(n, r) {\n for (let i = n; i < this.t; ++i) r[i - n] = this[i];\n r.t = Math.max(this.t - n, 0);\n r.s = this.s;\n}\n// (protected) r = this << n\nfunction bnpLShiftTo(n, r) {\n const bs = n % this.DB;\n const cbs = this.DB - bs;\n const bm = (1 << cbs) - 1;\n const ds = Math.floor(n / this.DB);\n let c = this.s << bs & this.DM;\n let i;\n for (i = this.t - 1; i >= 0; --i) {\n r[i + ds + 1] = this[i] >> cbs | c;\n c = (this[i] & bm) << bs;\n }\n for (i = ds - 1; i >= 0; --i) r[i] = 0;\n r[ds] = c;\n r.t = this.t + ds + 1;\n r.s = this.s;\n r.clamp();\n}\n// (protected) r = this >> n\nfunction bnpRShiftTo(n, r) {\n r.s = this.s;\n const ds = Math.floor(n / this.DB);\n if (ds >= this.t) {\n r.t = 0;\n return;\n }\n const bs = n % this.DB;\n const cbs = this.DB - bs;\n const bm = (1 << bs) - 1;\n r[0] = this[ds] >> bs;\n for (let i = ds + 1; i < this.t; ++i) {\n r[i - ds - 1] |= (this[i] & bm) << cbs;\n r[i - ds] = this[i] >> bs;\n }\n if (bs > 0) r[this.t - ds - 1] |= (this.s & bm) << cbs;\n r.t = this.t - ds;\n r.clamp();\n}\n// (protected) r = this - a\nfunction bnpSubTo(a, r) {\n let i = 0;\n let c = 0;\n const m = Math.min(a.t, this.t);\n while (i < m) {\n c += this[i] - a[i];\n r[i++] = c & this.DM;\n c >>= this.DB;\n }\n if (a.t < this.t) {\n c -= a.s;\n while (i < this.t) {\n c += this[i];\n r[i++] = c & this.DM;\n c >>= this.DB;\n }\n c += this.s;\n } else {\n c += this.s;\n while (i < a.t) {\n c -= a[i];\n r[i++] = c & this.DM;\n c >>= this.DB;\n }\n c -= a.s;\n }\n r.s = c < 0 ? -1 : 0;\n if (c < -1) r[i++] = this.DV + c;else if (c > 0) r[i++] = c;\n r.t = i;\n r.clamp();\n}\n// (protected) r = this * a, r != this,a (HAC 14.12)\n// \"this\" should be the larger one if appropriate.\nfunction bnpMultiplyTo(a, r) {\n const x = this.abs();\n const y = a.abs();\n let i = x.t;\n r.t = i + y.t;\n while (--i >= 0) r[i] = 0;\n for (i = 0; i < y.t; ++i) r[i + x.t] = x.am(0, y[i], r, i, 0, x.t);\n r.s = 0;\n r.clamp();\n if (this.s !== a.s) BigInteger.ZERO.subTo(r, r);\n}\n// (protected) r = this^2, r != this (HAC 14.16)\nfunction bnpSquareTo(r) {\n const x = this.abs();\n let i = r.t = 2 * x.t;\n while (--i >= 0) r[i] = 0;\n for (i = 0; i < x.t - 1; ++i) {\n const c = x.am(i, x[i], r, 2 * i, 0, 1);\n if ((r[i + x.t] += x.am(i + 1, 2 * x[i], r, 2 * i + 1, c, x.t - i - 1)) >= x.DV) {\n r[i + x.t] -= x.DV;\n r[i + x.t + 1] = 1;\n }\n }\n if (r.t > 0) r[r.t - 1] += x.am(i, x[i], r, 2 * i, 0, 1);\n r.s = 0;\n r.clamp();\n}\n// (protected) divide this by m, quotient and remainder to q, r (HAC 14.20)\n// r != q, this != m. q or r may be null.\nfunction bnpDivRemTo(m, q, r) {\n const pm = m.abs();\n if (pm.t <= 0) return;\n const pt = this.abs();\n if (pt.t < pm.t) {\n if (q != null) q.fromInt(0);\n if (r != null) this.copyTo(r);\n return;\n }\n if (r === null) r = nbi();\n const y = nbi();\n const ts = this.s;\n const ms = m.s;\n const nsh = this.DB - nbits(pm[pm.t - 1]);\n // normalize modulus\n if (nsh > 0) {\n pm.lShiftTo(nsh, y);\n pt.lShiftTo(nsh, r);\n } else {\n pm.copyTo(y);\n pt.copyTo(r);\n }\n const ys = y.t;\n const y0 = y[ys - 1];\n if (y0 === 0) return;\n const yt = y0 * (1 << this.F1) + (ys > 1 ? y[ys - 2] >> this.F2 : 0);\n const d1 = this.FV / yt;\n const d2 = (1 << this.F1) / yt;\n const e = 1 << this.F2;\n let i = r.t;\n let j = i - ys;\n const t = q === null ? nbi() : q;\n y.dlShiftTo(j, t);\n if (r.compareTo(t) >= 0) {\n r[r.t++] = 1;\n r.subTo(t, r);\n }\n BigInteger.ONE.dlShiftTo(ys, t);\n t.subTo(y, y);\n // \"negative\" y so we can replace sub with am later\n while (y.t < ys) y[y.t++] = 0;\n while (--j >= 0) {\n // Estimate quotient digit\n let qd = r[--i] === y0 ? this.DM : Math.floor(r[i] * d1 + (r[i - 1] + e) * d2);\n if ((r[i] += y.am(0, qd, r, j, 0, ys)) < qd) {\n // Try it out\n y.dlShiftTo(j, t);\n r.subTo(t, r);\n while (r[i] < --qd) r.subTo(t, r);\n }\n }\n if (q !== null) {\n r.drShiftTo(ys, q);\n if (ts !== ms) BigInteger.ZERO.subTo(q, q);\n }\n r.t = ys;\n r.clamp();\n if (nsh > 0) r.rShiftTo(nsh, r);\n // Denormalize remainder\n if (ts < 0) BigInteger.ZERO.subTo(r, r);\n}\n// (public) this mod a\nfunction bnMod(a) {\n const r = nbi();\n this.abs().divRemTo(a, null, r);\n if (this.s < 0 && r.compareTo(BigInteger.ZERO) > 0) a.subTo(r, r);\n return r;\n}\n// (protected) return \"-1/this % 2^DB\"; useful for Mont. reduction\n// justification:\n// xy == 1 (mod m)\n// xy = 1+km\n// xy(2-xy) = (1+km)(1-km)\n// x[y(2-xy)] = 1-k^2m^2\n// x[y(2-xy)] == 1 (mod m^2)\n// if y is 1/x mod m, then y(2-xy) is 1/x mod m^2\n// should reduce x and y(2-xy) by m^2 at each step to keep size bounded.\n// JS multiply \"overflows\" differently from C/C++, so care is needed here.\nfunction bnpInvDigit() {\n if (this.t < 1) return 0;\n const x = this[0];\n if ((x & 1) === 0) return 0;\n let y = x & 3;\n // y == 1/x mod 2^2\n y = y * (2 - (x & 0xf) * y) & 0xf;\n // y == 1/x mod 2^4\n y = y * (2 - (x & 0xff) * y) & 0xff;\n // y == 1/x mod 2^8\n y = y * (2 - ((x & 0xffff) * y & 0xffff)) & 0xffff;\n // y == 1/x mod 2^16\n // last step - calculate inverse mod DV directly;\n // assumes 16 < DB <= 32 and assumes ability to handle 48-bit ints\n y = y * (2 - x * y % this.DV) % this.DV;\n // y == 1/x mod 2^dbits\n // we really want the negative inverse, and -DV < y < DV\n return y > 0 ? this.DV - y : -y;\n}\nfunction bnEquals(a) {\n return this.compareTo(a) === 0;\n}\n// (protected) r = this + a\nfunction bnpAddTo(a, r) {\n let i = 0;\n let c = 0;\n const m = Math.min(a.t, this.t);\n while (i < m) {\n c += this[i] + a[i];\n r[i++] = c & this.DM;\n c >>= this.DB;\n }\n if (a.t < this.t) {\n c += a.s;\n while (i < this.t) {\n c += this[i];\n r[i++] = c & this.DM;\n c >>= this.DB;\n }\n c += this.s;\n } else {\n c += this.s;\n while (i < a.t) {\n c += a[i];\n r[i++] = c & this.DM;\n c >>= this.DB;\n }\n c += a.s;\n }\n r.s = c < 0 ? -1 : 0;\n if (c > 0) r[i++] = c;else if (c < -1) r[i++] = this.DV + c;\n r.t = i;\n r.clamp();\n}\n// (public) this + a\nfunction bnAdd(a) {\n const r = nbi();\n this.addTo(a, r);\n return r;\n}\n// (public) this - a\nfunction bnSubtract(a) {\n const r = nbi();\n this.subTo(a, r);\n return r;\n}\n// (public) this * a\nfunction bnMultiply(a) {\n const r = nbi();\n this.multiplyTo(a, r);\n return r;\n}\n// (public) this / a\nfunction bnDivide(a) {\n const r = nbi();\n this.divRemTo(a, r, null);\n return r;\n}\n// Montgomery reduction\nfunction Montgomery(m) {\n this.m = m;\n this.mp = m.invDigit();\n this.mpl = this.mp & 0x7fff;\n this.mph = this.mp >> 15;\n this.um = (1 << m.DB - 15) - 1;\n this.mt2 = 2 * m.t;\n}\n// xR mod m\nfunction montConvert(x) {\n const r = nbi();\n x.abs().dlShiftTo(this.m.t, r);\n r.divRemTo(this.m, null, r);\n if (x.s < 0 && r.compareTo(BigInteger.ZERO) > 0) this.m.subTo(r, r);\n return r;\n}\n// x/R mod m\nfunction montRevert(x) {\n const r = nbi();\n x.copyTo(r);\n this.reduce(r);\n return r;\n}\n// x = x/R mod m (HAC 14.32)\nfunction montReduce(x) {\n while (x.t <= this.mt2)\n // pad x so am has enough room later\n x[x.t++] = 0;\n for (let i = 0; i < this.m.t; ++i) {\n // faster way of calculating u0 = x[i]*mp mod DV\n let j = x[i] & 0x7fff;\n const u0 = j * this.mpl + ((j * this.mph + (x[i] >> 15) * this.mpl & this.um) << 15) & x.DM;\n // use am to combine the multiply-shift-add into one call\n j = i + this.m.t;\n x[j] += this.m.am(0, u0, x, i, 0, this.m.t);\n // propagate carry\n while (x[j] >= x.DV) {\n x[j] -= x.DV;\n x[++j]++;\n }\n }\n x.clamp();\n x.drShiftTo(this.m.t, x);\n if (x.compareTo(this.m) >= 0) x.subTo(this.m, x);\n}\n// r = \"x^2/R mod m\"; x != r\nfunction montSqrTo(x, r) {\n x.squareTo(r);\n this.reduce(r);\n}\n// r = \"xy/R mod m\"; x,y != r\nfunction montMulTo(x, y, r) {\n x.multiplyTo(y, r);\n this.reduce(r);\n}\nMontgomery.prototype.convert = montConvert;\nMontgomery.prototype.revert = montRevert;\nMontgomery.prototype.reduce = montReduce;\nMontgomery.prototype.mulTo = montMulTo;\nMontgomery.prototype.sqrTo = montSqrTo;\n// (public) this^e % m (HAC 14.85)\nfunction bnModPow(e, m, callback) {\n let i = e.bitLength();\n let k;\n let r = nbv(1);\n const z = new Montgomery(m);\n if (i <= 0) return r;else if (i < 18) k = 1;else if (i < 48) k = 3;else if (i < 144) k = 4;else if (i < 768) k = 5;else k = 6;\n // precomputation\n const g = [];\n let n = 3;\n const k1 = k - 1;\n const km = (1 << k) - 1;\n g[1] = z.convert(this);\n if (k > 1) {\n const g2 = nbi();\n z.sqrTo(g[1], g2);\n while (n <= km) {\n g[n] = nbi();\n z.mulTo(g2, g[n - 2], g[n]);\n n += 2;\n }\n }\n let j = e.t - 1;\n let w;\n let is1 = true;\n let r2 = nbi();\n let t;\n i = nbits(e[j]) - 1;\n while (j >= 0) {\n if (i >= k1) w = e[j] >> i - k1 & km;else {\n w = (e[j] & (1 << i + 1) - 1) << k1 - i;\n if (j > 0) w |= e[j - 1] >> this.DB + i - k1;\n }\n n = k;\n while ((w & 1) === 0) {\n w >>= 1;\n --n;\n }\n if ((i -= n) < 0) {\n i += this.DB;\n --j;\n }\n if (is1) {\n // ret == 1, don't bother squaring or multiplying it\n g[w].copyTo(r);\n is1 = false;\n } else {\n while (n > 1) {\n z.sqrTo(r, r2);\n z.sqrTo(r2, r);\n n -= 2;\n }\n if (n > 0) z.sqrTo(r, r2);else {\n t = r;\n r = r2;\n r2 = t;\n }\n z.mulTo(r2, g[w], r);\n }\n while (j >= 0 && (e[j] & 1 << i) === 0) {\n z.sqrTo(r, r2);\n t = r;\n r = r2;\n r2 = t;\n if (--i < 0) {\n i = this.DB - 1;\n --j;\n }\n }\n }\n const result = z.revert(r);\n callback(null, result);\n return result;\n}\n// protected\nBigInteger.prototype.copyTo = bnpCopyTo;\nBigInteger.prototype.fromInt = bnpFromInt;\nBigInteger.prototype.fromString = bnpFromString;\nBigInteger.prototype.clamp = bnpClamp;\nBigInteger.prototype.dlShiftTo = bnpDLShiftTo;\nBigInteger.prototype.drShiftTo = bnpDRShiftTo;\nBigInteger.prototype.lShiftTo = bnpLShiftTo;\nBigInteger.prototype.rShiftTo = bnpRShiftTo;\nBigInteger.prototype.subTo = bnpSubTo;\nBigInteger.prototype.multiplyTo = bnpMultiplyTo;\nBigInteger.prototype.squareTo = bnpSquareTo;\nBigInteger.prototype.divRemTo = bnpDivRemTo;\nBigInteger.prototype.invDigit = bnpInvDigit;\nBigInteger.prototype.addTo = bnpAddTo;\n// public\nBigInteger.prototype.toString = bnToString;\nBigInteger.prototype.negate = bnNegate;\nBigInteger.prototype.abs = bnAbs;\nBigInteger.prototype.compareTo = bnCompareTo;\nBigInteger.prototype.bitLength = bnBitLength;\nBigInteger.prototype.mod = bnMod;\nBigInteger.prototype.equals = bnEquals;\nBigInteger.prototype.add = bnAdd;\nBigInteger.prototype.subtract = bnSubtract;\nBigInteger.prototype.multiply = bnMultiply;\nBigInteger.prototype.divide = bnDivide;\nBigInteger.prototype.modPow = bnModPow;\n// \"constants\"\nBigInteger.ZERO = nbv(0);\nBigInteger.ONE = nbv(1);\nexport { BigInteger as default };\n","// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n/**\n * @internal\n */\nconst calculateS = async ({\n a,\n g,\n k,\n x,\n B,\n N,\n U\n}) => {\n return new Promise((resolve, reject) => {\n g.modPow(x, N, (outerErr, outerResult) => {\n if (outerErr) {\n reject(outerErr);\n return;\n }\n B.subtract(k.multiply(outerResult)).modPow(a.add(U.multiply(x)), N, (innerErr, innerResult) => {\n if (innerErr) {\n reject(innerErr);\n return;\n }\n resolve(innerResult.mod(N));\n });\n });\n });\n};\nexport { calculateS };\n","// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nconst INIT_N = 'FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1' + '29024E088A67CC74020BBEA63B139B22514A08798E3404DD' + 'EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245' + 'E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED' + 'EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D' + 'C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F' + '83655D23DCA3AD961C62F356208552BB9ED529077096966D' + '670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B' + 'E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9' + 'DE2BCBF6955817183995497CEA956AE515D2261898FA0510' + '15728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64' + 'ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7' + 'ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6B' + 'F12FFA06D98A0864D87602733EC86A64521F2B18177B200C' + 'BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31' + '43DB5BFCE0FD108E4B82D120A93AD2CAFFFFFFFFFFFFFFFF';\nconst SHORT_TO_HEX = {};\nconst HEX_TO_SHORT = {};\nfor (let i = 0; i < 256; i++) {\n let encodedByte = i.toString(16).toLowerCase();\n if (encodedByte.length === 1) {\n encodedByte = `0${encodedByte}`;\n }\n SHORT_TO_HEX[i] = encodedByte;\n HEX_TO_SHORT[encodedByte] = i;\n}\nexport { HEX_TO_SHORT, INIT_N, SHORT_TO_HEX };\n","import { HEX_TO_SHORT } from './constants.mjs';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n/**\n * Converts a hexadecimal encoded string to a Uint8Array of bytes.\n *\n * @param encoded The hexadecimal encoded string\n */\nconst getBytesFromHex = encoded => {\n if (encoded.length % 2 !== 0) {\n throw new Error('Hex encoded strings must have an even number length');\n }\n const out = new Uint8Array(encoded.length / 2);\n for (let i = 0; i < encoded.length; i += 2) {\n const encodedByte = encoded.slice(i, i + 2).toLowerCase();\n if (encodedByte in HEX_TO_SHORT) {\n out[i / 2] = HEX_TO_SHORT[encodedByte];\n } else {\n throw new Error(`Cannot decode unrecognized sequence ${encodedByte} as hexadecimal`);\n }\n }\n return out;\n};\nexport { getBytesFromHex };\n","import { SHORT_TO_HEX } from './constants.mjs';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n/**\n * Converts a Uint8Array of binary data to a hexadecimal encoded string.\n *\n * @param bytes The binary data to encode\n */\nconst getHexFromBytes = bytes => {\n let out = '';\n for (let i = 0; i < bytes.byteLength; i++) {\n out += SHORT_TO_HEX[bytes[i]];\n }\n return out;\n};\nexport { getHexFromBytes };\n","import { Sha256 } from '@aws-crypto/sha256-js';\nimport { getHexFromBytes } from './getHexFromBytes.mjs';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n/**\n * Calculate a hash from a `SourceData`\n * @param {SourceData} data Value to hash.\n * @returns {string} Hex-encoded hash.\n * @private\n */\nconst getHashFromData = data => {\n const sha256 = new Sha256();\n sha256.update(data);\n const hashedData = sha256.digestSync();\n const hashHexFromUint8 = getHexFromBytes(hashedData);\n return new Array(64 - hashHexFromUint8.length).join('0') + hashHexFromUint8;\n};\nexport { getHashFromData };\n","import { getBytesFromHex } from './getBytesFromHex.mjs';\nimport { getHashFromData } from './getHashFromData.mjs';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n/**\n * Calculate a hash from a hex string\n * @param {string} hexStr Value to hash.\n * @returns {string} Hex-encoded hash.\n * @private\n */\nconst getHashFromHex = hexStr => getHashFromData(getBytesFromHex(hexStr));\nexport { getHashFromHex };\n","import BigInteger from './BigInteger/BigInteger.mjs';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n/**\n * Tests if a hex string has it most significant bit set (case-insensitive regex)\n */\nconst HEX_MSB_REGEX = /^[89a-f]/i;\n/**\n * Returns an unambiguous, even-length hex string of the two's complement encoding of an integer.\n *\n * It is compatible with the hex encoding of Java's BigInteger's toByteArray(), wich returns a\n * byte array containing the two's-complement representation of a BigInteger. The array contains\n * the minimum number of bytes required to represent the BigInteger, including at least one sign bit.\n *\n * Examples showing how ambiguity is avoided by left padding with:\n * \t\"00\" (for positive values where the most-significant-bit is set)\n * \"FF\" (for negative values where the most-significant-bit is set)\n *\n * padHex(bigInteger.fromInt(-236)) === \"FF14\"\n * padHex(bigInteger.fromInt(20)) === \"14\"\n *\n * padHex(bigInteger.fromInt(-200)) === \"FF38\"\n * padHex(bigInteger.fromInt(56)) === \"38\"\n *\n * padHex(bigInteger.fromInt(-20)) === \"EC\"\n * padHex(bigInteger.fromInt(236)) === \"00EC\"\n *\n * padHex(bigInteger.fromInt(-56)) === \"C8\"\n * padHex(bigInteger.fromInt(200)) === \"00C8\"\n *\n * @param {AuthBigInteger} bigInt Number to encode.\n * @returns {String} even-length hex string of the two's complement encoding.\n */\nconst getPaddedHex = bigInt => {\n if (!(bigInt instanceof BigInteger)) {\n throw new Error('Not a BigInteger');\n }\n const isNegative = bigInt.compareTo(BigInteger.ZERO) < 0;\n /* Get a hex string for abs(bigInt) */\n let hexStr = bigInt.abs().toString(16);\n /* Pad hex to even length if needed */\n hexStr = hexStr.length % 2 !== 0 ? `0${hexStr}` : hexStr;\n /* Prepend \"00\" if the most significant bit is set */\n hexStr = HEX_MSB_REGEX.test(hexStr) ? `00${hexStr}` : hexStr;\n if (isNegative) {\n /* Flip the bits of the representation */\n const invertedNibbles = hexStr.split('').map(x => {\n const invertedNibble = ~parseInt(x, 16) & 0xf;\n return '0123456789ABCDEF'.charAt(invertedNibble);\n }).join('');\n /* After flipping the bits, add one to get the 2's complement representation */\n const flippedBitsBI = new BigInteger(invertedNibbles, 16).add(BigInteger.ONE);\n hexStr = flippedBitsBI.toString(16);\n /*\n For hex strings starting with 'FF8', 'FF' can be dropped, e.g. 0xFFFF80=0xFF80=0x80=-128\n Any sequence of '1' bits on the left can always be substituted with a single '1' bit\n without changing the represented value.\n This only happens in the case when the input is 80...00\n */\n if (hexStr.toUpperCase().startsWith('FF8')) {\n hexStr = hexStr.substring(2);\n }\n }\n return hexStr;\n};\nexport { getPaddedHex };\n","import BigInteger from '../BigInteger/BigInteger.mjs';\nimport { getHashFromHex } from '../getHashFromHex.mjs';\nimport { getPaddedHex } from '../getPaddedHex.mjs';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n/**\n * @internal\n */\nconst calculateU = ({\n A,\n B\n}) => {\n const U = new BigInteger(getHashFromHex(getPaddedHex(A) + getPaddedHex(B)), 16);\n if (U.equals(BigInteger.ZERO)) {\n throw new Error('U cannot be zero.');\n }\n return U;\n};\nexport { calculateU };\n","import { Sha256 } from '@aws-crypto/sha256-js';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n/**\n * Standard HKDF algorithm.\n *\n * @param {Uint8Array} ikm Input key material.\n * @param {Uint8Array} salt Salt value.\n * @param {Uint8Array} info Context and application specific info.\n *\n * @returns {Uint8Array} Strong key material.\n *\n * @internal\n */\nconst getHkdfKey = (ikm, salt, info) => {\n const awsCryptoHash = new Sha256(salt);\n awsCryptoHash.update(ikm);\n const resultFromAWSCryptoPrk = awsCryptoHash.digestSync();\n const awsCryptoHashHmac = new Sha256(resultFromAWSCryptoPrk);\n awsCryptoHashHmac.update(info);\n const resultFromAWSCryptoHmac = awsCryptoHashHmac.digestSync();\n const hashHexFromAWSCrypto = resultFromAWSCryptoHmac;\n return hashHexFromAWSCrypto.slice(0, 16);\n};\nexport { getHkdfKey };\n","import { WordArray } from '@aws-amplify/core/internals/utils';\nimport { getBytesFromHex } from './getBytesFromHex.mjs';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n/**\n * Returns a Uint8Array with a sequence of random nBytes\n *\n * @param {number} nBytes\n * @returns {Uint8Array} fixed-length sequence of random bytes\n */\nconst getRandomBytes = nBytes => {\n const str = new WordArray().random(nBytes).toString();\n return getBytesFromHex(str);\n};\nexport { getRandomBytes };\n","import { base64Encoder } from '@aws-amplify/core/internals/utils';\nimport { getRandomBytes } from './getRandomBytes.mjs';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n/**\n * Helper function to generate a random string\n * @returns {string} a random value.\n *\n * @internal\n */\nconst getRandomString = () => base64Encoder.convert(getRandomBytes(40));\nexport { getRandomString };\n","import { AuthError } from '../../../../../errors/AuthError.mjs';\nimport { textEncoder } from '../../textEncoder/index.mjs';\nimport BigInteger from '../BigInteger/BigInteger.mjs';\nimport { calculateS } from '../calculate/calculateS.mjs';\nimport { calculateU } from '../calculate/calculateU.mjs';\nimport { getBytesFromHex } from '../getBytesFromHex.mjs';\nimport { getHashFromData } from '../getHashFromData.mjs';\nimport { getHashFromHex } from '../getHashFromHex.mjs';\nimport { getHexFromBytes } from '../getHexFromBytes.mjs';\nimport { getHkdfKey } from '../getHkdfKey.mjs';\nimport { getPaddedHex } from '../getPaddedHex.mjs';\nimport { getRandomBytes } from '../getRandomBytes.mjs';\nimport { getRandomString } from '../getRandomString.mjs';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n/** @class */\nclass AuthenticationHelper {\n constructor({\n userPoolName,\n a,\n g,\n A,\n N\n }) {\n this.encoder = textEncoder;\n this.userPoolName = userPoolName;\n this.a = a;\n this.g = g;\n this.A = A;\n this.N = N;\n this.k = new BigInteger(getHashFromHex(`${getPaddedHex(N)}${getPaddedHex(g)}`), 16);\n }\n /**\n * @returns {string} Generated random value included in password hash.\n */\n getRandomPassword() {\n if (!this.randomPassword) {\n throw new AuthError({\n name: 'EmptyBigIntegerRandomPassword',\n message: 'random password is empty'\n });\n }\n return this.randomPassword;\n }\n /**\n * @returns {string} Generated random value included in devices hash.\n */\n getSaltToHashDevices() {\n if (!this.saltToHashDevices) {\n throw new AuthError({\n name: 'EmptyBigIntegersaltToHashDevices',\n message: 'saltToHashDevices is empty'\n });\n }\n return this.saltToHashDevices;\n }\n /**\n * @returns {string} Value used to verify devices.\n */\n getVerifierDevices() {\n if (!this.verifierDevices) {\n throw new AuthError({\n name: 'EmptyBigIntegerVerifierDevices',\n message: 'verifyDevices is empty'\n });\n }\n return this.verifierDevices;\n }\n /**\n * Generate salts and compute verifier.\n *\n * @param {string} deviceGroupKey Devices to generate verifier for.\n * @param {string} username User to generate verifier for.\n *\n * @returns {Promise}\n */\n async generateHashDevice(deviceGroupKey, username) {\n this.randomPassword = getRandomString();\n const combinedString = `${deviceGroupKey}${username}:${this.randomPassword}`;\n const hashedString = getHashFromData(combinedString);\n const hexRandom = getHexFromBytes(getRandomBytes(16));\n // The random hex will be unambiguously represented as a postive integer\n this.saltToHashDevices = getPaddedHex(new BigInteger(hexRandom, 16));\n return new Promise((resolve, reject) => {\n this.g.modPow(new BigInteger(getHashFromHex(this.saltToHashDevices + hashedString), 16), this.N, (err, result) => {\n if (err) {\n reject(err);\n return;\n }\n this.verifierDevices = getPaddedHex(result);\n resolve();\n });\n });\n }\n /**\n * Calculates the final HKDF key based on computed S value, computed U value and the key\n *\n * @param {String} username Username.\n * @param {String} password Password.\n * @param {AuthBigInteger} B Server B value.\n * @param {AuthBigInteger} salt Generated salt.\n */\n async getPasswordAuthenticationKey({\n username,\n password,\n serverBValue,\n salt\n }) {\n if (serverBValue.mod(this.N).equals(BigInteger.ZERO)) {\n throw new Error('B cannot be zero.');\n }\n const U = calculateU({\n A: this.A,\n B: serverBValue\n });\n const usernamePassword = `${this.userPoolName}${username}:${password}`;\n const usernamePasswordHash = getHashFromData(usernamePassword);\n const x = new BigInteger(getHashFromHex(getPaddedHex(salt) + usernamePasswordHash), 16);\n const S = await calculateS({\n a: this.a,\n g: this.g,\n k: this.k,\n x,\n B: serverBValue,\n N: this.N,\n U\n });\n const context = this.encoder.convert('Caldera Derived Key');\n const spacer = this.encoder.convert(String.fromCharCode(1));\n const info = new Uint8Array(context.byteLength + spacer.byteLength);\n info.set(context, 0);\n info.set(spacer, context.byteLength);\n const hkdfKey = getHkdfKey(getBytesFromHex(getPaddedHex(S)), getBytesFromHex(getPaddedHex(U)), info);\n return hkdfKey;\n }\n}\nexport { AuthenticationHelper as default };\n","import BigInteger from '../BigInteger/BigInteger.mjs';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n/**\n * @internal\n */\nconst calculateA = async ({\n a,\n g,\n N\n}) => {\n return new Promise((resolve, reject) => {\n g.modPow(a, N, (err, A) => {\n if (err) {\n reject(err);\n return;\n }\n if (A.mod(N).equals(BigInteger.ZERO)) {\n reject(new Error('Illegal parameter. A mod N cannot be 0.'));\n return;\n }\n resolve(A);\n });\n });\n};\nexport { calculateA };\n","import AuthenticationHelper from './AuthenticationHelper/AuthenticationHelper.mjs';\nimport BigInteger from './BigInteger/BigInteger.mjs';\nimport { calculateA } from './calculate/calculateA.mjs';\nimport { INIT_N } from './constants.mjs';\nimport '@aws-crypto/sha256-js';\nimport { getHexFromBytes } from './getHexFromBytes.mjs';\nimport { getRandomBytes } from './getRandomBytes.mjs';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n/**\n * Returns a new {@link AuthenticationHelper} instance with randomly generated BigInteger seed\n *\n * @param userPoolName Cognito user pool name.\n * @returns An {@link AuthenticationHelper} instance.\n *\n * @internal\n */\nconst getAuthenticationHelper = async userPoolName => {\n const N = new BigInteger(INIT_N, 16);\n const g = new BigInteger('2', 16);\n const a = generateRandomBigInteger();\n const A = await calculateA({\n a,\n g,\n N\n });\n return new AuthenticationHelper({\n userPoolName,\n a,\n g,\n A,\n N\n });\n};\n/**\n * Generates a random BigInteger.\n *\n * @returns {BigInteger} a random value.\n */\nconst generateRandomBigInteger = () => {\n // This will be interpreted as a postive 128-bit integer\n const hexRandom = getHexFromBytes(getRandomBytes(128));\n // There is no need to do randomBigInt.mod(this.N - 1) as N (3072-bit) is > 128 bytes (1024-bit)\n return new BigInteger(hexRandom, 16);\n};\nexport { getAuthenticationHelper };\n","// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nconst MONTH_NAMES = ['Jan', 'Feb', 'Mar', 'Apr', 'May', 'Jun', 'Jul', 'Aug', 'Sep', 'Oct', 'Nov', 'Dec'];\nconst WEEK_NAMES = ['Sun', 'Mon', 'Tue', 'Wed', 'Thu', 'Fri', 'Sat'];\nconst getNowString = () => {\n const now = new Date();\n const weekDay = WEEK_NAMES[now.getUTCDay()];\n const month = MONTH_NAMES[now.getUTCMonth()];\n const day = now.getUTCDate();\n let hours = now.getUTCHours();\n if (hours < 10) {\n hours = `0${hours}`;\n }\n let minutes = now.getUTCMinutes();\n if (minutes < 10) {\n minutes = `0${minutes}`;\n }\n let seconds = now.getUTCSeconds();\n if (seconds < 10) {\n seconds = `0${seconds}`;\n }\n const year = now.getUTCFullYear();\n // ddd MMM D HH:mm:ss UTC YYYY\n const dateNow = `${weekDay} ${month} ${day} ${hours}:${minutes}:${seconds} UTC ${year}`;\n return dateNow;\n};\nexport { getNowString };\n","import { Sha256 } from '@aws-crypto/sha256-js';\nimport { base64Encoder, base64Decoder } from '@aws-amplify/core/internals/utils';\nimport { textEncoder } from '../textEncoder/index.mjs';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nconst getSignatureString = ({\n userPoolName,\n username,\n challengeParameters,\n dateNow,\n hkdf\n}) => {\n const bufUPIDaToB = textEncoder.convert(userPoolName);\n const bufUNaToB = textEncoder.convert(username);\n const bufSBaToB = urlB64ToUint8Array(challengeParameters.SECRET_BLOCK);\n const bufDNaToB = textEncoder.convert(dateNow);\n const bufConcat = new Uint8Array(bufUPIDaToB.byteLength + bufUNaToB.byteLength + bufSBaToB.byteLength + bufDNaToB.byteLength);\n bufConcat.set(bufUPIDaToB, 0);\n bufConcat.set(bufUNaToB, bufUPIDaToB.byteLength);\n bufConcat.set(bufSBaToB, bufUPIDaToB.byteLength + bufUNaToB.byteLength);\n bufConcat.set(bufDNaToB, bufUPIDaToB.byteLength + bufUNaToB.byteLength + bufSBaToB.byteLength);\n const awsCryptoHash = new Sha256(hkdf);\n awsCryptoHash.update(bufConcat);\n const resultFromAWSCrypto = awsCryptoHash.digestSync();\n const signatureString = base64Encoder.convert(resultFromAWSCrypto);\n return signatureString;\n};\nconst urlB64ToUint8Array = base64String => {\n const padding = '='.repeat((4 - base64String.length % 4) % 4);\n const base64 = (base64String + padding).replace(/-/g, '+').replace(/_/g, '/');\n const rawData = base64Decoder.convert(base64);\n const outputArray = new Uint8Array(rawData.length);\n for (let i = 0; i < rawData.length; ++i) {\n outputArray[i] = rawData.charCodeAt(i);\n }\n return outputArray;\n};\nexport { getSignatureString };\n","import { Amplify } from '@aws-amplify/core';\nimport { AuthAction, assertTokenProviderConfig, AmplifyUrl, base64Encoder, getDeviceName } from '@aws-amplify/core/internals/utils';\nimport { AuthError } from '../../../errors/AuthError.mjs';\nimport { InitiateAuthException } from '../types/errors.mjs';\nimport { AuthErrorCodes } from '../../../common/AuthErrorStrings.mjs';\nimport { AuthValidationErrorCode } from '../../../errors/types/validation.mjs';\nimport { assertValidationError } from '../../../errors/utils/assertValidationError.mjs';\nimport { USER_ALREADY_AUTHENTICATED_EXCEPTION } from '../../../errors/constants.mjs';\nimport { getCurrentUser } from '../apis/getCurrentUser.mjs';\nimport { getAuthUserAgentValue } from '../../../utils/getAuthUserAgentValue.mjs';\nimport { createInitiateAuthClient } from '../../../foundation/factories/serviceClients/cognitoIdentityProvider/createInitiateAuthClient.mjs';\nimport '@aws-amplify/core/internals/aws-client-utils/composers';\nimport '../../../foundation/factories/serviceClients/cognitoIdentityProvider/shared/handler/cognitoUserPoolTransferHandler.mjs';\nimport '@aws-amplify/core/internals/aws-client-utils';\nimport '../../../foundation/factories/serviceClients/cognitoIdentityProvider/constants.mjs';\nimport { createRespondToAuthChallengeClient } from '../../../foundation/factories/serviceClients/cognitoIdentityProvider/createRespondToAuthChallengeClient.mjs';\nimport { createVerifySoftwareTokenClient } from '../../../foundation/factories/serviceClients/cognitoIdentityProvider/createVerifySoftwareTokenClient.mjs';\nimport { createAssociateSoftwareTokenClient } from '../../../foundation/factories/serviceClients/cognitoIdentityProvider/createAssociateSoftwareTokenClient.mjs';\nimport { createConfirmDeviceClient } from '../../../foundation/factories/serviceClients/cognitoIdentityProvider/createConfirmDeviceClient.mjs';\nimport { createCognitoUserPoolEndpointResolver } from '../factories/createCognitoUserPoolEndpointResolver.mjs';\nimport { getRegionFromUserPoolId } from '../../../foundation/parsers/regionParsers.mjs';\nimport { signInStore } from './signInStore.mjs';\nimport { assertDeviceMetadata } from './types.mjs';\nimport { getAuthenticationHelper } from './srp/getAuthenticationHelper.mjs';\nimport { getBytesFromHex } from './srp/getBytesFromHex.mjs';\nimport { getNowString } from './srp/getNowString.mjs';\nimport { getSignatureString } from './srp/getSignatureString.mjs';\nimport BigInteger from './srp/BigInteger/BigInteger.mjs';\nimport { getUserContextData } from './userContextData.mjs';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nconst USER_ATTRIBUTES = 'userAttributes.';\nasync function handleCustomChallenge({\n challengeResponse,\n clientMetadata,\n session,\n username,\n config,\n tokenOrchestrator\n}) {\n const {\n userPoolId,\n userPoolClientId,\n userPoolEndpoint\n } = config;\n const challengeResponses = {\n USERNAME: username,\n ANSWER: challengeResponse\n };\n const deviceMetadata = await tokenOrchestrator?.getDeviceMetadata(username);\n if (deviceMetadata && deviceMetadata.deviceKey) {\n challengeResponses.DEVICE_KEY = deviceMetadata.deviceKey;\n }\n const UserContextData = getUserContextData({\n username,\n userPoolId,\n userPoolClientId\n });\n const jsonReq = {\n ChallengeName: 'CUSTOM_CHALLENGE',\n ChallengeResponses: challengeResponses,\n Session: session,\n ClientMetadata: clientMetadata,\n ClientId: userPoolClientId,\n UserContextData\n };\n const respondToAuthChallenge = createRespondToAuthChallengeClient({\n endpointResolver: createCognitoUserPoolEndpointResolver({\n endpointOverride: userPoolEndpoint\n })\n });\n const response = await respondToAuthChallenge({\n region: getRegionFromUserPoolId(userPoolId),\n userAgentValue: getAuthUserAgentValue(AuthAction.ConfirmSignIn)\n }, jsonReq);\n if (response.ChallengeName === 'DEVICE_SRP_AUTH') {\n return handleDeviceSRPAuth({\n username,\n config,\n clientMetadata,\n session: response.Session,\n tokenOrchestrator\n });\n }\n return response;\n}\nasync function handleMFASetupChallenge({\n challengeResponse,\n username,\n clientMetadata,\n session,\n deviceName,\n config\n}) {\n const {\n userPoolId,\n userPoolClientId,\n userPoolEndpoint\n } = config;\n const challengeResponses = {\n USERNAME: username\n };\n const verifySoftwareToken = createVerifySoftwareTokenClient({\n endpointResolver: createCognitoUserPoolEndpointResolver({\n endpointOverride: userPoolEndpoint\n })\n });\n const {\n Session\n } = await verifySoftwareToken({\n region: getRegionFromUserPoolId(userPoolId),\n userAgentValue: getAuthUserAgentValue(AuthAction.ConfirmSignIn)\n }, {\n UserCode: challengeResponse,\n Session: session,\n FriendlyDeviceName: deviceName\n });\n signInStore.dispatch({\n type: 'SET_SIGN_IN_SESSION',\n value: Session\n });\n const jsonReq = {\n ChallengeName: 'MFA_SETUP',\n ChallengeResponses: challengeResponses,\n Session,\n ClientMetadata: clientMetadata,\n ClientId: userPoolClientId\n };\n const respondToAuthChallenge = createRespondToAuthChallengeClient({\n endpointResolver: createCognitoUserPoolEndpointResolver({\n endpointOverride: userPoolEndpoint\n })\n });\n return respondToAuthChallenge({\n region: getRegionFromUserPoolId(userPoolId)\n }, jsonReq);\n}\nasync function handleSelectMFATypeChallenge({\n challengeResponse,\n username,\n clientMetadata,\n session,\n config\n}) {\n const {\n userPoolId,\n userPoolClientId,\n userPoolEndpoint\n } = config;\n assertValidationError(challengeResponse === 'TOTP' || challengeResponse === 'SMS', AuthValidationErrorCode.IncorrectMFAMethod);\n const challengeResponses = {\n USERNAME: username,\n ANSWER: mapMfaType(challengeResponse)\n };\n const UserContextData = getUserContextData({\n username,\n userPoolId,\n userPoolClientId\n });\n const jsonReq = {\n ChallengeName: 'SELECT_MFA_TYPE',\n ChallengeResponses: challengeResponses,\n Session: session,\n ClientMetadata: clientMetadata,\n ClientId: userPoolClientId,\n UserContextData\n };\n const respondToAuthChallenge = createRespondToAuthChallengeClient({\n endpointResolver: createCognitoUserPoolEndpointResolver({\n endpointOverride: userPoolEndpoint\n })\n });\n return respondToAuthChallenge({\n region: getRegionFromUserPoolId(userPoolId),\n userAgentValue: getAuthUserAgentValue(AuthAction.ConfirmSignIn)\n }, jsonReq);\n}\nasync function handleSMSMFAChallenge({\n challengeResponse,\n clientMetadata,\n session,\n username,\n config\n}) {\n const {\n userPoolId,\n userPoolClientId,\n userPoolEndpoint\n } = config;\n const challengeResponses = {\n USERNAME: username,\n SMS_MFA_CODE: challengeResponse\n };\n const UserContextData = getUserContextData({\n username,\n userPoolId,\n userPoolClientId\n });\n const jsonReq = {\n ChallengeName: 'SMS_MFA',\n ChallengeResponses: challengeResponses,\n Session: session,\n ClientMetadata: clientMetadata,\n ClientId: userPoolClientId,\n UserContextData\n };\n const respondToAuthChallenge = createRespondToAuthChallengeClient({\n endpointResolver: createCognitoUserPoolEndpointResolver({\n endpointOverride: userPoolEndpoint\n })\n });\n return respondToAuthChallenge({\n region: getRegionFromUserPoolId(userPoolId),\n userAgentValue: getAuthUserAgentValue(AuthAction.ConfirmSignIn)\n }, jsonReq);\n}\nasync function handleSoftwareTokenMFAChallenge({\n challengeResponse,\n clientMetadata,\n session,\n username,\n config\n}) {\n const {\n userPoolId,\n userPoolClientId,\n userPoolEndpoint\n } = config;\n const challengeResponses = {\n USERNAME: username,\n SOFTWARE_TOKEN_MFA_CODE: challengeResponse\n };\n const UserContextData = getUserContextData({\n username,\n userPoolId,\n userPoolClientId\n });\n const jsonReq = {\n ChallengeName: 'SOFTWARE_TOKEN_MFA',\n ChallengeResponses: challengeResponses,\n Session: session,\n ClientMetadata: clientMetadata,\n ClientId: userPoolClientId,\n UserContextData\n };\n const respondToAuthChallenge = createRespondToAuthChallengeClient({\n endpointResolver: createCognitoUserPoolEndpointResolver({\n endpointOverride: userPoolEndpoint\n })\n });\n return respondToAuthChallenge({\n region: getRegionFromUserPoolId(userPoolId),\n userAgentValue: getAuthUserAgentValue(AuthAction.ConfirmSignIn)\n }, jsonReq);\n}\nasync function handleCompleteNewPasswordChallenge({\n challengeResponse,\n clientMetadata,\n session,\n username,\n requiredAttributes,\n config\n}) {\n const {\n userPoolId,\n userPoolClientId,\n userPoolEndpoint\n } = config;\n const challengeResponses = {\n ...createAttributes(requiredAttributes),\n NEW_PASSWORD: challengeResponse,\n USERNAME: username\n };\n const UserContextData = getUserContextData({\n username,\n userPoolId,\n userPoolClientId\n });\n const jsonReq = {\n ChallengeName: 'NEW_PASSWORD_REQUIRED',\n ChallengeResponses: challengeResponses,\n ClientMetadata: clientMetadata,\n Session: session,\n ClientId: userPoolClientId,\n UserContextData\n };\n const respondToAuthChallenge = createRespondToAuthChallengeClient({\n endpointResolver: createCognitoUserPoolEndpointResolver({\n endpointOverride: userPoolEndpoint\n })\n });\n return respondToAuthChallenge({\n region: getRegionFromUserPoolId(userPoolId),\n userAgentValue: getAuthUserAgentValue(AuthAction.ConfirmSignIn)\n }, jsonReq);\n}\nasync function handleUserPasswordAuthFlow(username, password, clientMetadata, config, tokenOrchestrator) {\n const {\n userPoolClientId,\n userPoolId,\n userPoolEndpoint\n } = config;\n const authParameters = {\n USERNAME: username,\n PASSWORD: password\n };\n const deviceMetadata = await tokenOrchestrator.getDeviceMetadata(username);\n if (deviceMetadata && deviceMetadata.deviceKey) {\n authParameters.DEVICE_KEY = deviceMetadata.deviceKey;\n }\n const UserContextData = getUserContextData({\n username,\n userPoolId,\n userPoolClientId\n });\n const jsonReq = {\n AuthFlow: 'USER_PASSWORD_AUTH',\n AuthParameters: authParameters,\n ClientMetadata: clientMetadata,\n ClientId: userPoolClientId,\n UserContextData\n };\n const initiateAuth = createInitiateAuthClient({\n endpointResolver: createCognitoUserPoolEndpointResolver({\n endpointOverride: userPoolEndpoint\n })\n });\n const response = await initiateAuth({\n region: getRegionFromUserPoolId(userPoolId),\n userAgentValue: getAuthUserAgentValue(AuthAction.SignIn)\n }, jsonReq);\n const activeUsername = response.ChallengeParameters?.USERNAME ?? response.ChallengeParameters?.USER_ID_FOR_SRP ?? username;\n setActiveSignInUsername(activeUsername);\n if (response.ChallengeName === 'DEVICE_SRP_AUTH') return handleDeviceSRPAuth({\n username: activeUsername,\n config,\n clientMetadata,\n session: response.Session,\n tokenOrchestrator\n });\n return response;\n}\nasync function handleUserSRPAuthFlow(username, password, clientMetadata, config, tokenOrchestrator) {\n const {\n userPoolId,\n userPoolClientId,\n userPoolEndpoint\n } = config;\n const userPoolName = userPoolId?.split('_')[1] || '';\n const authenticationHelper = await getAuthenticationHelper(userPoolName);\n const authParameters = {\n USERNAME: username,\n SRP_A: authenticationHelper.A.toString(16)\n };\n const UserContextData = getUserContextData({\n username,\n userPoolId,\n userPoolClientId\n });\n const jsonReq = {\n AuthFlow: 'USER_SRP_AUTH',\n AuthParameters: authParameters,\n ClientMetadata: clientMetadata,\n ClientId: userPoolClientId,\n UserContextData\n };\n const initiateAuth = createInitiateAuthClient({\n endpointResolver: createCognitoUserPoolEndpointResolver({\n endpointOverride: userPoolEndpoint\n })\n });\n const resp = await initiateAuth({\n region: getRegionFromUserPoolId(userPoolId),\n userAgentValue: getAuthUserAgentValue(AuthAction.SignIn)\n }, jsonReq);\n const {\n ChallengeParameters: challengeParameters,\n Session: session\n } = resp;\n const activeUsername = challengeParameters?.USERNAME ?? username;\n setActiveSignInUsername(activeUsername);\n return retryOnResourceNotFoundException(handlePasswordVerifierChallenge, [password, challengeParameters, clientMetadata, session, authenticationHelper, config, tokenOrchestrator], activeUsername, tokenOrchestrator);\n}\nasync function handleCustomAuthFlowWithoutSRP(username, clientMetadata, config, tokenOrchestrator) {\n const {\n userPoolClientId,\n userPoolId,\n userPoolEndpoint\n } = config;\n const authParameters = {\n USERNAME: username\n };\n const deviceMetadata = await tokenOrchestrator.getDeviceMetadata(username);\n if (deviceMetadata && deviceMetadata.deviceKey) {\n authParameters.DEVICE_KEY = deviceMetadata.deviceKey;\n }\n const UserContextData = getUserContextData({\n username,\n userPoolId,\n userPoolClientId\n });\n const jsonReq = {\n AuthFlow: 'CUSTOM_AUTH',\n AuthParameters: authParameters,\n ClientMetadata: clientMetadata,\n ClientId: userPoolClientId,\n UserContextData\n };\n const initiateAuth = createInitiateAuthClient({\n endpointResolver: createCognitoUserPoolEndpointResolver({\n endpointOverride: userPoolEndpoint\n })\n });\n const response = await initiateAuth({\n region: getRegionFromUserPoolId(userPoolId),\n userAgentValue: getAuthUserAgentValue(AuthAction.SignIn)\n }, jsonReq);\n const activeUsername = response.ChallengeParameters?.USERNAME ?? username;\n setActiveSignInUsername(activeUsername);\n if (response.ChallengeName === 'DEVICE_SRP_AUTH') return handleDeviceSRPAuth({\n username: activeUsername,\n config,\n clientMetadata,\n session: response.Session,\n tokenOrchestrator\n });\n return response;\n}\nasync function handleCustomSRPAuthFlow(username, password, clientMetadata, config, tokenOrchestrator) {\n assertTokenProviderConfig(config);\n const {\n userPoolId,\n userPoolClientId,\n userPoolEndpoint\n } = config;\n const userPoolName = userPoolId?.split('_')[1] || '';\n const authenticationHelper = await getAuthenticationHelper(userPoolName);\n const authParameters = {\n USERNAME: username,\n SRP_A: authenticationHelper.A.toString(16),\n CHALLENGE_NAME: 'SRP_A'\n };\n const UserContextData = getUserContextData({\n username,\n userPoolId,\n userPoolClientId\n });\n const jsonReq = {\n AuthFlow: 'CUSTOM_AUTH',\n AuthParameters: authParameters,\n ClientMetadata: clientMetadata,\n ClientId: userPoolClientId,\n UserContextData\n };\n const initiateAuth = createInitiateAuthClient({\n endpointResolver: createCognitoUserPoolEndpointResolver({\n endpointOverride: userPoolEndpoint\n })\n });\n const {\n ChallengeParameters: challengeParameters,\n Session: session\n } = await initiateAuth({\n region: getRegionFromUserPoolId(userPoolId),\n userAgentValue: getAuthUserAgentValue(AuthAction.SignIn)\n }, jsonReq);\n const activeUsername = challengeParameters?.USERNAME ?? username;\n setActiveSignInUsername(activeUsername);\n return retryOnResourceNotFoundException(handlePasswordVerifierChallenge, [password, challengeParameters, clientMetadata, session, authenticationHelper, config, tokenOrchestrator], activeUsername, tokenOrchestrator);\n}\nasync function handleDeviceSRPAuth({\n username,\n config,\n clientMetadata,\n session,\n tokenOrchestrator\n}) {\n const {\n userPoolId,\n userPoolEndpoint\n } = config;\n const clientId = config.userPoolClientId;\n const deviceMetadata = await tokenOrchestrator?.getDeviceMetadata(username);\n assertDeviceMetadata(deviceMetadata);\n const authenticationHelper = await getAuthenticationHelper(deviceMetadata.deviceGroupKey);\n const challengeResponses = {\n USERNAME: username,\n SRP_A: authenticationHelper.A.toString(16),\n DEVICE_KEY: deviceMetadata.deviceKey\n };\n const jsonReqResponseChallenge = {\n ChallengeName: 'DEVICE_SRP_AUTH',\n ClientId: clientId,\n ChallengeResponses: challengeResponses,\n ClientMetadata: clientMetadata,\n Session: session\n };\n const respondToAuthChallenge = createRespondToAuthChallengeClient({\n endpointResolver: createCognitoUserPoolEndpointResolver({\n endpointOverride: userPoolEndpoint\n })\n });\n const {\n ChallengeParameters: respondedChallengeParameters,\n Session\n } = await respondToAuthChallenge({\n region: getRegionFromUserPoolId(userPoolId)\n }, jsonReqResponseChallenge);\n return handleDevicePasswordVerifier(username, respondedChallengeParameters, clientMetadata, Session, authenticationHelper, config, tokenOrchestrator);\n}\nasync function handleDevicePasswordVerifier(username, challengeParameters, clientMetadata, session, authenticationHelper, {\n userPoolId,\n userPoolClientId,\n userPoolEndpoint\n}, tokenOrchestrator) {\n const deviceMetadata = await tokenOrchestrator?.getDeviceMetadata(username);\n assertDeviceMetadata(deviceMetadata);\n const serverBValue = new BigInteger(challengeParameters?.SRP_B, 16);\n const salt = new BigInteger(challengeParameters?.SALT, 16);\n const {\n deviceKey\n } = deviceMetadata;\n const {\n deviceGroupKey\n } = deviceMetadata;\n const hkdf = await authenticationHelper.getPasswordAuthenticationKey({\n username: deviceMetadata.deviceKey,\n password: deviceMetadata.randomPassword,\n serverBValue,\n salt\n });\n const dateNow = getNowString();\n const challengeResponses = {\n USERNAME: challengeParameters?.USERNAME ?? username,\n PASSWORD_CLAIM_SECRET_BLOCK: challengeParameters?.SECRET_BLOCK,\n TIMESTAMP: dateNow,\n PASSWORD_CLAIM_SIGNATURE: getSignatureString({\n username: deviceKey,\n userPoolName: deviceGroupKey,\n challengeParameters,\n dateNow,\n hkdf\n }),\n DEVICE_KEY: deviceKey\n };\n const UserContextData = getUserContextData({\n username,\n userPoolId,\n userPoolClientId\n });\n const jsonReqResponseChallenge = {\n ChallengeName: 'DEVICE_PASSWORD_VERIFIER',\n ClientId: userPoolClientId,\n ChallengeResponses: challengeResponses,\n Session: session,\n ClientMetadata: clientMetadata,\n UserContextData\n };\n const respondToAuthChallenge = createRespondToAuthChallengeClient({\n endpointResolver: createCognitoUserPoolEndpointResolver({\n endpointOverride: userPoolEndpoint\n })\n });\n return respondToAuthChallenge({\n region: getRegionFromUserPoolId(userPoolId)\n }, jsonReqResponseChallenge);\n}\nasync function handlePasswordVerifierChallenge(password, challengeParameters, clientMetadata, session, authenticationHelper, config, tokenOrchestrator) {\n const {\n userPoolId,\n userPoolClientId,\n userPoolEndpoint\n } = config;\n const userPoolName = userPoolId?.split('_')[1] || '';\n const serverBValue = new BigInteger(challengeParameters?.SRP_B, 16);\n const salt = new BigInteger(challengeParameters?.SALT, 16);\n const username = challengeParameters?.USER_ID_FOR_SRP;\n if (!username) throw new AuthError({\n name: 'EmptyUserIdForSRPException',\n message: 'USER_ID_FOR_SRP was not found in challengeParameters'\n });\n const hkdf = await authenticationHelper.getPasswordAuthenticationKey({\n username,\n password,\n serverBValue,\n salt\n });\n const dateNow = getNowString();\n const challengeResponses = {\n USERNAME: username,\n PASSWORD_CLAIM_SECRET_BLOCK: challengeParameters?.SECRET_BLOCK,\n TIMESTAMP: dateNow,\n PASSWORD_CLAIM_SIGNATURE: getSignatureString({\n username,\n userPoolName,\n challengeParameters,\n dateNow,\n hkdf\n })\n };\n const deviceMetadata = await tokenOrchestrator.getDeviceMetadata(username);\n if (deviceMetadata && deviceMetadata.deviceKey) {\n challengeResponses.DEVICE_KEY = deviceMetadata.deviceKey;\n }\n const UserContextData = getUserContextData({\n username,\n userPoolId,\n userPoolClientId\n });\n const jsonReqResponseChallenge = {\n ChallengeName: 'PASSWORD_VERIFIER',\n ChallengeResponses: challengeResponses,\n ClientMetadata: clientMetadata,\n Session: session,\n ClientId: userPoolClientId,\n UserContextData\n };\n const respondToAuthChallenge = createRespondToAuthChallengeClient({\n endpointResolver: createCognitoUserPoolEndpointResolver({\n endpointOverride: userPoolEndpoint\n })\n });\n const response = await respondToAuthChallenge({\n region: getRegionFromUserPoolId(userPoolId)\n }, jsonReqResponseChallenge);\n if (response.ChallengeName === 'DEVICE_SRP_AUTH') return handleDeviceSRPAuth({\n username,\n config,\n clientMetadata,\n session: response.Session,\n tokenOrchestrator\n });\n return response;\n}\nasync function getSignInResult(params) {\n const {\n challengeName,\n challengeParameters\n } = params;\n const authConfig = Amplify.getConfig().Auth?.Cognito;\n assertTokenProviderConfig(authConfig);\n switch (challengeName) {\n case 'CUSTOM_CHALLENGE':\n return {\n isSignedIn: false,\n nextStep: {\n signInStep: 'CONFIRM_SIGN_IN_WITH_CUSTOM_CHALLENGE',\n additionalInfo: challengeParameters\n }\n };\n case 'MFA_SETUP':\n {\n const {\n signInSession,\n username\n } = signInStore.getState();\n if (!isMFATypeEnabled(challengeParameters, 'TOTP')) throw new AuthError({\n name: AuthErrorCodes.SignInException,\n message: `Cannot initiate MFA setup from available types: ${getMFATypes(parseMFATypes(challengeParameters.MFAS_CAN_SETUP))}`\n });\n const associateSoftwareToken = createAssociateSoftwareTokenClient({\n endpointResolver: createCognitoUserPoolEndpointResolver({\n endpointOverride: authConfig.userPoolEndpoint\n })\n });\n const {\n Session,\n SecretCode: secretCode\n } = await associateSoftwareToken({\n region: getRegionFromUserPoolId(authConfig.userPoolId)\n }, {\n Session: signInSession\n });\n signInStore.dispatch({\n type: 'SET_SIGN_IN_SESSION',\n value: Session\n });\n return {\n isSignedIn: false,\n nextStep: {\n signInStep: 'CONTINUE_SIGN_IN_WITH_TOTP_SETUP',\n totpSetupDetails: getTOTPSetupDetails(secretCode, username)\n }\n };\n }\n case 'NEW_PASSWORD_REQUIRED':\n return {\n isSignedIn: false,\n nextStep: {\n signInStep: 'CONFIRM_SIGN_IN_WITH_NEW_PASSWORD_REQUIRED',\n missingAttributes: parseAttributes(challengeParameters.requiredAttributes)\n }\n };\n case 'SELECT_MFA_TYPE':\n return {\n isSignedIn: false,\n nextStep: {\n signInStep: 'CONTINUE_SIGN_IN_WITH_MFA_SELECTION',\n allowedMFATypes: getMFATypes(parseMFATypes(challengeParameters.MFAS_CAN_CHOOSE))\n }\n };\n case 'SMS_MFA':\n return {\n isSignedIn: false,\n nextStep: {\n signInStep: 'CONFIRM_SIGN_IN_WITH_SMS_CODE',\n codeDeliveryDetails: {\n deliveryMedium: challengeParameters.CODE_DELIVERY_DELIVERY_MEDIUM,\n destination: challengeParameters.CODE_DELIVERY_DESTINATION\n }\n }\n };\n case 'SOFTWARE_TOKEN_MFA':\n return {\n isSignedIn: false,\n nextStep: {\n signInStep: 'CONFIRM_SIGN_IN_WITH_TOTP_CODE'\n }\n };\n }\n // TODO: remove this error message for production apps\n throw new AuthError({\n name: AuthErrorCodes.SignInException,\n message: 'An error occurred during the sign in process. ' + `${challengeName} challengeName returned by the underlying service was not addressed.`\n });\n}\nfunction getTOTPSetupDetails(secretCode, username) {\n return {\n sharedSecret: secretCode,\n getSetupUri: (appName, accountName) => {\n const totpUri = `otpauth://totp/${appName}:${accountName ?? username}?secret=${secretCode}&issuer=${appName}`;\n return new AmplifyUrl(totpUri);\n }\n };\n}\nfunction getSignInResultFromError(errorName) {\n if (errorName === InitiateAuthException.PasswordResetRequiredException) {\n return {\n isSignedIn: false,\n nextStep: {\n signInStep: 'RESET_PASSWORD'\n }\n };\n } else if (errorName === InitiateAuthException.UserNotConfirmedException) {\n return {\n isSignedIn: false,\n nextStep: {\n signInStep: 'CONFIRM_SIGN_UP'\n }\n };\n }\n}\nfunction parseAttributes(attributes) {\n if (!attributes) return [];\n const parsedAttributes = JSON.parse(attributes).map(att => att.includes(USER_ATTRIBUTES) ? att.replace(USER_ATTRIBUTES, '') : att);\n return parsedAttributes;\n}\nfunction createAttributes(attributes) {\n if (!attributes) return {};\n const newAttributes = {};\n Object.entries(attributes).forEach(([key, value]) => {\n if (value) newAttributes[`${USER_ATTRIBUTES}${key}`] = value;\n });\n return newAttributes;\n}\nasync function handleChallengeName(username, challengeName, session, challengeResponse, config, tokenOrchestrator, clientMetadata, options) {\n const userAttributes = options?.userAttributes;\n const deviceName = options?.friendlyDeviceName;\n switch (challengeName) {\n case 'SMS_MFA':\n return handleSMSMFAChallenge({\n challengeResponse,\n clientMetadata,\n session,\n username,\n config\n });\n case 'SELECT_MFA_TYPE':\n return handleSelectMFATypeChallenge({\n challengeResponse,\n clientMetadata,\n session,\n username,\n config\n });\n case 'MFA_SETUP':\n return handleMFASetupChallenge({\n challengeResponse,\n clientMetadata,\n session,\n username,\n deviceName,\n config\n });\n case 'NEW_PASSWORD_REQUIRED':\n return handleCompleteNewPasswordChallenge({\n challengeResponse,\n clientMetadata,\n session,\n username,\n requiredAttributes: userAttributes,\n config\n });\n case 'CUSTOM_CHALLENGE':\n return retryOnResourceNotFoundException(handleCustomChallenge, [{\n challengeResponse,\n clientMetadata,\n session,\n username,\n config,\n tokenOrchestrator\n }], username, tokenOrchestrator);\n case 'SOFTWARE_TOKEN_MFA':\n return handleSoftwareTokenMFAChallenge({\n challengeResponse,\n clientMetadata,\n session,\n username,\n config\n });\n }\n // TODO: remove this error message for production apps\n throw new AuthError({\n name: AuthErrorCodes.SignInException,\n message: `An error occurred during the sign in process. \n\t\t${challengeName} challengeName returned by the underlying service was not addressed.`\n });\n}\nfunction mapMfaType(mfa) {\n let mfaType = 'SMS_MFA';\n if (mfa === 'TOTP') mfaType = 'SOFTWARE_TOKEN_MFA';\n return mfaType;\n}\nfunction getMFAType(type) {\n if (type === 'SMS_MFA') return 'SMS';\n if (type === 'SOFTWARE_TOKEN_MFA') return 'TOTP';\n // TODO: log warning for unknown MFA type\n}\nfunction getMFATypes(types) {\n if (!types) return undefined;\n return types.map(getMFAType).filter(Boolean);\n}\nfunction parseMFATypes(mfa) {\n if (!mfa) return [];\n return JSON.parse(mfa);\n}\nfunction isMFATypeEnabled(challengeParams, mfaType) {\n const {\n MFAS_CAN_SETUP\n } = challengeParams;\n const mfaTypes = getMFATypes(parseMFATypes(MFAS_CAN_SETUP));\n if (!mfaTypes) return false;\n return mfaTypes.includes(mfaType);\n}\nasync function assertUserNotAuthenticated() {\n let authUser;\n try {\n authUser = await getCurrentUser();\n } catch (error) {}\n if (authUser && authUser.userId && authUser.username) {\n throw new AuthError({\n name: USER_ALREADY_AUTHENTICATED_EXCEPTION,\n message: 'There is already a signed in user.',\n recoverySuggestion: 'Call signOut before calling signIn again.'\n });\n }\n}\n/**\n * This function is used to kick off the device management flow.\n *\n * If an error is thrown while generating a hash device or calling the `ConfirmDevice`\n * client, then this API will ignore the error and return undefined. Otherwise the authentication\n * flow will not complete and the user won't be able to be signed in.\n *\n * @returns DeviceMetadata | undefined\n */\nasync function getNewDeviceMetadata({\n userPoolId,\n userPoolEndpoint,\n newDeviceMetadata,\n accessToken\n}) {\n if (!newDeviceMetadata) return undefined;\n const userPoolName = userPoolId.split('_')[1] || '';\n const authenticationHelper = await getAuthenticationHelper(userPoolName);\n const deviceKey = newDeviceMetadata?.DeviceKey;\n const deviceGroupKey = newDeviceMetadata?.DeviceGroupKey;\n try {\n await authenticationHelper.generateHashDevice(deviceGroupKey ?? '', deviceKey ?? '');\n } catch (errGenHash) {\n // TODO: log error here\n return undefined;\n }\n const deviceSecretVerifierConfig = {\n Salt: base64Encoder.convert(getBytesFromHex(authenticationHelper.getSaltToHashDevices())),\n PasswordVerifier: base64Encoder.convert(getBytesFromHex(authenticationHelper.getVerifierDevices()))\n };\n const randomPassword = authenticationHelper.getRandomPassword();\n try {\n const confirmDevice = createConfirmDeviceClient({\n endpointResolver: createCognitoUserPoolEndpointResolver({\n endpointOverride: userPoolEndpoint\n })\n });\n await confirmDevice({\n region: getRegionFromUserPoolId(userPoolId)\n }, {\n AccessToken: accessToken,\n DeviceName: await getDeviceName(),\n DeviceKey: newDeviceMetadata?.DeviceKey,\n DeviceSecretVerifierConfig: deviceSecretVerifierConfig\n });\n return {\n deviceKey,\n deviceGroupKey,\n randomPassword\n };\n } catch (error) {\n // TODO: log error here\n return undefined;\n }\n}\n/**\n * It will retry the function if the error is a `ResourceNotFoundException` and\n * will clean the device keys stored in the storage mechanism.\n *\n */\nasync function retryOnResourceNotFoundException(func, args, username, tokenOrchestrator) {\n try {\n return await func(...args);\n } catch (error) {\n if (error instanceof AuthError && error.name === 'ResourceNotFoundException' && error.message.includes('Device does not exist.')) {\n await tokenOrchestrator.clearDeviceMetadata(username);\n return func(...args);\n }\n throw error;\n }\n}\nfunction setActiveSignInUsername(username) {\n const {\n dispatch\n } = signInStore;\n dispatch({\n type: 'SET_USERNAME',\n value: username\n });\n}\nfunction getActiveSignInUsername(username) {\n const state = signInStore.getState();\n return state.username ?? username;\n}\nexport { assertUserNotAuthenticated, createAttributes, getActiveSignInUsername, getMFAType, getMFATypes, getNewDeviceMetadata, getSignInResult, getSignInResultFromError, getTOTPSetupDetails, handleChallengeName, handleCompleteNewPasswordChallenge, handleCustomAuthFlowWithoutSRP, handleCustomChallenge, handleCustomSRPAuthFlow, handleMFASetupChallenge, handlePasswordVerifierChallenge, handleSMSMFAChallenge, handleSelectMFATypeChallenge, handleSoftwareTokenMFAChallenge, handleUserPasswordAuthFlow, handleUserSRPAuthFlow, isMFATypeEnabled, mapMfaType, parseAttributes, parseMFATypes, retryOnResourceNotFoundException, setActiveSignInUsername };\n","import { Sha256 } from '@aws-crypto/sha256-js';\nimport { getCrypto, base64Encoder } from '@aws-amplify/core/internals/utils';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nconst CODE_VERIFIER_CHARSET = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';\n/**\n *\n * @param length Desired length of the code verifier.\n *\n * **NOTE:** According to the [RFC 7636](https://datatracker.ietf.org/doc/html/rfc7636#section-4.1)\n * A code verifier must be with a length >= 43 and <= 128.\n *\n * @returns An object that contains the generated `codeVerifier` and a method\n * `toCodeChallenge` to generate the code challenge from the `codeVerifier`\n * following the spec of [RFC 7636](https://datatracker.ietf.org/doc/html/rfc7636#section-4.2).\n */\nconst generateCodeVerifier = length => {\n const randomBytes = new Uint8Array(length);\n getCrypto().getRandomValues(randomBytes);\n let value = '';\n let codeChallenge;\n for (const byte of randomBytes) {\n value += CODE_VERIFIER_CHARSET.charAt(byte % CODE_VERIFIER_CHARSET.length);\n }\n return {\n value,\n method: 'S256',\n toCodeChallenge() {\n if (codeChallenge) {\n return codeChallenge;\n }\n codeChallenge = generateCodeChallenge(value);\n return codeChallenge;\n }\n };\n};\nfunction generateCodeChallenge(codeVerifier) {\n const awsCryptoHash = new Sha256();\n awsCryptoHash.update(codeVerifier);\n const codeChallenge = removePaddingChar(base64Encoder.convert(awsCryptoHash.digestSync(), {\n urlSafe: true\n }));\n return codeChallenge;\n}\nfunction removePaddingChar(base64Encoded) {\n return base64Encoded.replace(/=/g, '');\n}\nexport { generateCodeVerifier };\n","import { generateRandomString } from '@aws-amplify/core/internals/utils';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nconst generateState = () => {\n return generateRandomString(32);\n};\nexport { generateState };\n","import { createOAuthError } from './createOAuthError.mjs';\nimport { handleFailure } from './handleFailure.mjs';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nconst listenForOAuthFlowCancellation = store => {\n async function handleCancelOAuthFlow(event) {\n const isBfcache = event.persisted;\n if (isBfcache && (await store.loadOAuthInFlight())) {\n const error = createOAuthError('User cancelled OAuth flow.');\n await handleFailure(error);\n }\n window.removeEventListener('pageshow', handleCancelOAuthFlow);\n }\n window.addEventListener('pageshow', handleCancelOAuthFlow);\n};\nexport { listenForOAuthFlowCancellation };\n","import { Amplify } from '@aws-amplify/core';\nimport { assertTokenProviderConfig, assertOAuthConfig, urlSafeEncode, isBrowser, AuthAction } from '@aws-amplify/core/internals/utils';\nimport '../utils/oauth/enableOAuthListener.mjs';\nimport { cognitoHostedUIIdentityProviderMap } from '../types/models.mjs';\nimport { getAuthUserAgentValue } from '../../../utils/getAuthUserAgentValue.mjs';\nimport { openAuthSession } from '../../../utils/openAuthSession.mjs';\nimport { assertUserNotAuthenticated } from '../utils/signInHelpers.mjs';\nimport { generateCodeVerifier } from '../utils/oauth/generateCodeVerifier.mjs';\nimport { generateState } from '../utils/oauth/generateState.mjs';\nimport '../utils/refreshAuthTokens.mjs';\nimport '../tokenProvider/errorHelpers.mjs';\nimport { oAuthStore } from '../utils/oauth/oAuthStore.mjs';\nimport '../tokenProvider/tokenProvider.mjs';\nimport { getRedirectUrl } from '../utils/oauth/getRedirectUrl.mjs';\nimport { handleFailure } from '../utils/oauth/handleFailure.mjs';\nimport { completeOAuthFlow } from '../utils/oauth/completeOAuthFlow.mjs';\nimport { createOAuthError } from '../utils/oauth/createOAuthError.mjs';\nimport { listenForOAuthFlowCancellation } from '../utils/oauth/cancelOAuthFlow.mjs';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n/**\n * Signs in a user with OAuth. Redirects the application to an Identity Provider.\n *\n * @param input - The SignInWithRedirectInput object, if empty it will redirect to Cognito HostedUI\n *\n * @throws AuthTokenConfigException - Thrown when the user pool config is invalid.\n * @throws OAuthNotConfigureException - Thrown when the oauth config is invalid.\n */\nasync function signInWithRedirect(input) {\n const authConfig = Amplify.getConfig().Auth?.Cognito;\n assertTokenProviderConfig(authConfig);\n assertOAuthConfig(authConfig);\n oAuthStore.setAuthConfig(authConfig);\n await assertUserNotAuthenticated();\n let provider = 'COGNITO'; // Default\n if (typeof input?.provider === 'string') {\n provider = cognitoHostedUIIdentityProviderMap[input.provider];\n } else if (input?.provider?.custom) {\n provider = input.provider.custom;\n }\n return oauthSignIn({\n oauthConfig: authConfig.loginWith.oauth,\n clientId: authConfig.userPoolClientId,\n provider,\n customState: input?.customState,\n preferPrivateSession: input?.options?.preferPrivateSession\n });\n}\nconst oauthSignIn = async ({\n oauthConfig,\n provider,\n clientId,\n customState,\n preferPrivateSession\n}) => {\n const {\n domain,\n redirectSignIn,\n responseType,\n scopes\n } = oauthConfig;\n const randomState = generateState();\n /* encodeURIComponent is not URL safe, use urlSafeEncode instead. Cognito\n single-encodes/decodes url on first sign in and double-encodes/decodes url\n when user already signed in. Using encodeURIComponent, Base32, Base64 add\n characters % or = which on further encoding becomes unsafe. '=' create issue\n for parsing query params.\n Refer: https://github.com/aws-amplify/amplify-js/issues/5218 */\n const state = customState ? `${randomState}-${urlSafeEncode(customState)}` : randomState;\n const {\n value,\n method,\n toCodeChallenge\n } = generateCodeVerifier(128);\n const redirectUri = getRedirectUrl(oauthConfig.redirectSignIn);\n if (isBrowser()) oAuthStore.storeOAuthInFlight(true);\n oAuthStore.storeOAuthState(state);\n oAuthStore.storePKCE(value);\n const queryString = Object.entries({\n redirect_uri: redirectUri,\n response_type: responseType,\n client_id: clientId,\n identity_provider: provider,\n scope: scopes.join(' '),\n state,\n ...(responseType === 'code' && {\n code_challenge: toCodeChallenge(),\n code_challenge_method: method\n })\n }).map(([k, v]) => `${encodeURIComponent(k)}=${encodeURIComponent(v)}`).join('&');\n // TODO(v6): use URL object instead\n const oAuthUrl = `https://${domain}/oauth2/authorize?${queryString}`;\n // this will only take effect in the following scenarios:\n // 1. the user cancels the OAuth flow on web via back button, and\n // 2. when bfcache is enabled\n listenForOAuthFlowCancellation(oAuthStore);\n // the following is effective only in react-native as openAuthSession resolves only in react-native\n const {\n type,\n error,\n url\n } = (await openAuthSession(oAuthUrl)) ?? {};\n try {\n if (type === 'error') {\n throw createOAuthError(String(error));\n }\n if (type === 'success' && url) {\n await completeOAuthFlow({\n currentUrl: url,\n clientId,\n domain,\n redirectUri,\n responseType,\n userAgentValue: getAuthUserAgentValue(AuthAction.SignInWithRedirect),\n preferPrivateSession\n });\n }\n } catch (err) {\n await handleFailure(err);\n // rethrow the error so it can be caught by `await signInWithRedirect()` in react-native\n throw err;\n }\n};\nexport { signInWithRedirect };\n","// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n/**\n * Transforms a user attributes object into an array of AttributeType objects.\n * @param attributes user attributes to be mapped to AttributeType objects.\n * @returns an array of AttributeType objects.\n */\nfunction toAttributeType(attributes) {\n return Object.entries(attributes).map(([key, value]) => ({\n Name: key,\n Value: value\n }));\n}\n/**\n * Transforms an array of AttributeType objects into a user attributes object.\n *\n * @param attributes - an array of AttributeType objects.\n * @returns AuthUserAttributes object.\n */\nfunction toAuthUserAttribute(attributes) {\n const userAttributes = {};\n attributes?.forEach(attribute => {\n if (attribute.Name) userAttributes[attribute.Name] = attribute.Value;\n });\n return userAttributes;\n}\nexport { toAttributeType, toAuthUserAttribute };\n","import { Amplify } from '@aws-amplify/core';\nimport { assertTokenProviderConfig } from '@aws-amplify/core/internals/utils';\nimport { AuthValidationErrorCode } from '../../../errors/types/validation.mjs';\nimport { assertValidationError } from '../../../errors/utils/assertValidationError.mjs';\nimport { assertServiceError } from '../../../errors/utils/assertServiceError.mjs';\nimport { retryOnResourceNotFoundException, handleCustomAuthFlowWithoutSRP, getActiveSignInUsername, getNewDeviceMetadata, getSignInResult, getSignInResultFromError } from '../utils/signInHelpers.mjs';\nimport { setActiveSignInState, cleanActiveSignInState } from '../utils/signInStore.mjs';\nimport { cacheCognitoTokens } from '../tokenProvider/cacheTokens.mjs';\nimport '../utils/refreshAuthTokens.mjs';\nimport '../tokenProvider/errorHelpers.mjs';\nimport '../utils/types.mjs';\nimport { tokenOrchestrator } from '../tokenProvider/tokenProvider.mjs';\nimport { dispatchSignedInHubEvent } from '../utils/dispatchSignedInHubEvent.mjs';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n/**\n * Signs a user in using a custom authentication flow without password\n *\n * @param input - The SignInWithCustomAuthInput object\n * @returns AuthSignInResult\n * @throws service: {@link InitiateAuthException } - Cognito service errors thrown during the sign-in process.\n * @throws validation: {@link AuthValidationErrorCode } - Validation errors thrown when either username or password\n * are not defined.\n * @throws SignInWithCustomAuthOutput - Thrown when the token provider config is invalid.\n */\nasync function signInWithCustomAuth(input) {\n const authConfig = Amplify.getConfig().Auth?.Cognito;\n assertTokenProviderConfig(authConfig);\n const {\n username,\n password,\n options\n } = input;\n const signInDetails = {\n loginId: username,\n authFlowType: 'CUSTOM_WITHOUT_SRP'\n };\n const metadata = options?.clientMetadata;\n assertValidationError(!!username, AuthValidationErrorCode.EmptySignInUsername);\n assertValidationError(!password, AuthValidationErrorCode.CustomAuthSignInPassword);\n try {\n const {\n ChallengeName: retriedChallengeName,\n ChallengeParameters: retiredChallengeParameters,\n AuthenticationResult,\n Session\n } = await retryOnResourceNotFoundException(handleCustomAuthFlowWithoutSRP, [username, metadata, authConfig, tokenOrchestrator], username, tokenOrchestrator);\n const activeUsername = getActiveSignInUsername(username);\n // sets up local state used during the sign-in process\n setActiveSignInState({\n signInSession: Session,\n username: activeUsername,\n challengeName: retriedChallengeName,\n signInDetails\n });\n if (AuthenticationResult) {\n cleanActiveSignInState();\n await cacheCognitoTokens({\n username: activeUsername,\n ...AuthenticationResult,\n NewDeviceMetadata: await getNewDeviceMetadata({\n userPoolId: authConfig.userPoolId,\n userPoolEndpoint: authConfig.userPoolEndpoint,\n newDeviceMetadata: AuthenticationResult.NewDeviceMetadata,\n accessToken: AuthenticationResult.AccessToken\n }),\n signInDetails\n });\n await dispatchSignedInHubEvent();\n return {\n isSignedIn: true,\n nextStep: {\n signInStep: 'DONE'\n }\n };\n }\n return getSignInResult({\n challengeName: retriedChallengeName,\n challengeParameters: retiredChallengeParameters\n });\n } catch (error) {\n cleanActiveSignInState();\n assertServiceError(error);\n const result = getSignInResultFromError(error.name);\n if (result) return result;\n throw error;\n }\n}\nexport { signInWithCustomAuth };\n","import { Amplify } from '@aws-amplify/core';\nimport { assertTokenProviderConfig } from '@aws-amplify/core/internals/utils';\nimport { AuthValidationErrorCode } from '../../../errors/types/validation.mjs';\nimport { assertValidationError } from '../../../errors/utils/assertValidationError.mjs';\nimport { assertServiceError } from '../../../errors/utils/assertServiceError.mjs';\nimport { handleCustomSRPAuthFlow, getActiveSignInUsername, getNewDeviceMetadata, getSignInResult, getSignInResultFromError } from '../utils/signInHelpers.mjs';\nimport { setActiveSignInState, cleanActiveSignInState } from '../utils/signInStore.mjs';\nimport { cacheCognitoTokens } from '../tokenProvider/cacheTokens.mjs';\nimport '../utils/refreshAuthTokens.mjs';\nimport '../tokenProvider/errorHelpers.mjs';\nimport '../utils/types.mjs';\nimport { tokenOrchestrator } from '../tokenProvider/tokenProvider.mjs';\nimport { dispatchSignedInHubEvent } from '../utils/dispatchSignedInHubEvent.mjs';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n/**\n * Signs a user in using a custom authentication flow with SRP\n *\n * @param input - The SignInWithCustomSRPAuthInput object\n * @returns SignInWithCustomSRPAuthOutput\n * @throws service: {@link InitiateAuthException }, {@link RespondToAuthChallengeException } - Cognito\n * service errors thrown during the sign-in process.\n * @throws validation: {@link AuthValidationErrorCode } - Validation errors thrown when either username or password\n * are not defined.\n * @throws AuthTokenConfigException - Thrown when the token provider config is invalid.\n */\nasync function signInWithCustomSRPAuth(input) {\n const {\n username,\n password,\n options\n } = input;\n const signInDetails = {\n loginId: username,\n authFlowType: 'CUSTOM_WITH_SRP'\n };\n const authConfig = Amplify.getConfig().Auth?.Cognito;\n assertTokenProviderConfig(authConfig);\n const metadata = options?.clientMetadata;\n assertValidationError(!!username, AuthValidationErrorCode.EmptySignInUsername);\n assertValidationError(!!password, AuthValidationErrorCode.EmptySignInPassword);\n try {\n const {\n ChallengeName: handledChallengeName,\n ChallengeParameters: handledChallengeParameters,\n AuthenticationResult,\n Session\n } = await handleCustomSRPAuthFlow(username, password, metadata, authConfig, tokenOrchestrator);\n const activeUsername = getActiveSignInUsername(username);\n // sets up local state used during the sign-in process\n setActiveSignInState({\n signInSession: Session,\n username: activeUsername,\n challengeName: handledChallengeName,\n signInDetails\n });\n if (AuthenticationResult) {\n await cacheCognitoTokens({\n username: activeUsername,\n ...AuthenticationResult,\n NewDeviceMetadata: await getNewDeviceMetadata({\n userPoolId: authConfig.userPoolId,\n userPoolEndpoint: authConfig.userPoolEndpoint,\n newDeviceMetadata: AuthenticationResult.NewDeviceMetadata,\n accessToken: AuthenticationResult.AccessToken\n }),\n signInDetails\n });\n cleanActiveSignInState();\n await dispatchSignedInHubEvent();\n return {\n isSignedIn: true,\n nextStep: {\n signInStep: 'DONE'\n }\n };\n }\n return getSignInResult({\n challengeName: handledChallengeName,\n challengeParameters: handledChallengeParameters\n });\n } catch (error) {\n cleanActiveSignInState();\n assertServiceError(error);\n const result = getSignInResultFromError(error.name);\n if (result) return result;\n throw error;\n }\n}\nexport { signInWithCustomSRPAuth };\n","import { Amplify } from '@aws-amplify/core';\nimport { assertTokenProviderConfig } from '@aws-amplify/core/internals/utils';\nimport { AuthValidationErrorCode } from '../../../errors/types/validation.mjs';\nimport { assertValidationError } from '../../../errors/utils/assertValidationError.mjs';\nimport { assertServiceError } from '../../../errors/utils/assertServiceError.mjs';\nimport { handleUserSRPAuthFlow, getActiveSignInUsername, getNewDeviceMetadata, getSignInResult, getSignInResultFromError } from '../utils/signInHelpers.mjs';\nimport { setActiveSignInState, cleanActiveSignInState } from '../utils/signInStore.mjs';\nimport { cacheCognitoTokens } from '../tokenProvider/cacheTokens.mjs';\nimport '../utils/refreshAuthTokens.mjs';\nimport '../tokenProvider/errorHelpers.mjs';\nimport '../utils/types.mjs';\nimport { tokenOrchestrator } from '../tokenProvider/tokenProvider.mjs';\nimport { dispatchSignedInHubEvent } from '../utils/dispatchSignedInHubEvent.mjs';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n/**\n * Signs a user in\n *\n * @param input - The SignInWithSRPInput object\n * @returns SignInWithSRPOutput\n * @throws service: {@link InitiateAuthException }, {@link RespondToAuthChallengeException } - Cognito service errors\n * thrown during the sign-in process.\n * @throws validation: {@link AuthValidationErrorCode } - Validation errors thrown when either username or password\n * are not defined.\n * @throws AuthTokenConfigException - Thrown when the token provider config is invalid.\n */\nasync function signInWithSRP(input) {\n const {\n username,\n password\n } = input;\n const authConfig = Amplify.getConfig().Auth?.Cognito;\n const signInDetails = {\n loginId: username,\n authFlowType: 'USER_SRP_AUTH'\n };\n assertTokenProviderConfig(authConfig);\n const clientMetaData = input.options?.clientMetadata;\n assertValidationError(!!username, AuthValidationErrorCode.EmptySignInUsername);\n assertValidationError(!!password, AuthValidationErrorCode.EmptySignInPassword);\n try {\n const {\n ChallengeName: handledChallengeName,\n ChallengeParameters: handledChallengeParameters,\n AuthenticationResult,\n Session\n } = await handleUserSRPAuthFlow(username, password, clientMetaData, authConfig, tokenOrchestrator);\n const activeUsername = getActiveSignInUsername(username);\n // sets up local state used during the sign-in process\n setActiveSignInState({\n signInSession: Session,\n username: activeUsername,\n challengeName: handledChallengeName,\n signInDetails\n });\n if (AuthenticationResult) {\n cleanActiveSignInState();\n await cacheCognitoTokens({\n username: activeUsername,\n ...AuthenticationResult,\n NewDeviceMetadata: await getNewDeviceMetadata({\n userPoolId: authConfig.userPoolId,\n userPoolEndpoint: authConfig.userPoolEndpoint,\n newDeviceMetadata: AuthenticationResult.NewDeviceMetadata,\n accessToken: AuthenticationResult.AccessToken\n }),\n signInDetails\n });\n await dispatchSignedInHubEvent();\n return {\n isSignedIn: true,\n nextStep: {\n signInStep: 'DONE'\n }\n };\n }\n return getSignInResult({\n challengeName: handledChallengeName,\n challengeParameters: handledChallengeParameters\n });\n } catch (error) {\n cleanActiveSignInState();\n assertServiceError(error);\n const result = getSignInResultFromError(error.name);\n if (result) return result;\n throw error;\n }\n}\nexport { signInWithSRP };\n","import { Amplify } from '@aws-amplify/core';\nimport { assertTokenProviderConfig } from '@aws-amplify/core/internals/utils';\nimport { AuthValidationErrorCode } from '../../../errors/types/validation.mjs';\nimport { assertServiceError } from '../../../errors/utils/assertServiceError.mjs';\nimport { assertValidationError } from '../../../errors/utils/assertValidationError.mjs';\nimport { retryOnResourceNotFoundException, handleUserPasswordAuthFlow, getActiveSignInUsername, getNewDeviceMetadata, getSignInResult, getSignInResultFromError } from '../utils/signInHelpers.mjs';\nimport { setActiveSignInState, cleanActiveSignInState } from '../utils/signInStore.mjs';\nimport { cacheCognitoTokens } from '../tokenProvider/cacheTokens.mjs';\nimport '../utils/refreshAuthTokens.mjs';\nimport '../tokenProvider/errorHelpers.mjs';\nimport '../utils/types.mjs';\nimport { tokenOrchestrator } from '../tokenProvider/tokenProvider.mjs';\nimport { dispatchSignedInHubEvent } from '../utils/dispatchSignedInHubEvent.mjs';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n/**\n * Signs a user in using USER_PASSWORD_AUTH AuthFlowType\n *\n * @param input - The SignInWithUserPasswordInput object\n * @returns SignInWithUserPasswordOutput\n * @throws service: {@link InitiateAuthException } - Cognito service error thrown during the sign-in process.\n * @throws validation: {@link AuthValidationErrorCode } - Validation errors thrown when either username or password\n * are not defined.\n * @throws AuthTokenConfigException - Thrown when the token provider config is invalid.\n */\nasync function signInWithUserPassword(input) {\n const {\n username,\n password,\n options\n } = input;\n const authConfig = Amplify.getConfig().Auth?.Cognito;\n const signInDetails = {\n loginId: username,\n authFlowType: 'USER_PASSWORD_AUTH'\n };\n assertTokenProviderConfig(authConfig);\n const metadata = options?.clientMetadata;\n assertValidationError(!!username, AuthValidationErrorCode.EmptySignInUsername);\n assertValidationError(!!password, AuthValidationErrorCode.EmptySignInPassword);\n try {\n const {\n ChallengeName: retiredChallengeName,\n ChallengeParameters: retriedChallengeParameters,\n AuthenticationResult,\n Session\n } = await retryOnResourceNotFoundException(handleUserPasswordAuthFlow, [username, password, metadata, authConfig, tokenOrchestrator], username, tokenOrchestrator);\n const activeUsername = getActiveSignInUsername(username);\n // sets up local state used during the sign-in process\n setActiveSignInState({\n signInSession: Session,\n username: activeUsername,\n challengeName: retiredChallengeName,\n signInDetails\n });\n if (AuthenticationResult) {\n await cacheCognitoTokens({\n ...AuthenticationResult,\n username: activeUsername,\n NewDeviceMetadata: await getNewDeviceMetadata({\n userPoolId: authConfig.userPoolId,\n userPoolEndpoint: authConfig.userPoolEndpoint,\n newDeviceMetadata: AuthenticationResult.NewDeviceMetadata,\n accessToken: AuthenticationResult.AccessToken\n }),\n signInDetails\n });\n cleanActiveSignInState();\n await dispatchSignedInHubEvent();\n return {\n isSignedIn: true,\n nextStep: {\n signInStep: 'DONE'\n }\n };\n }\n return getSignInResult({\n challengeName: retiredChallengeName,\n challengeParameters: retriedChallengeParameters\n });\n } catch (error) {\n cleanActiveSignInState();\n assertServiceError(error);\n const result = getSignInResultFromError(error.name);\n if (result) return result;\n throw error;\n }\n}\nexport { signInWithUserPassword };\n","import { assertUserNotAuthenticated } from '../utils/signInHelpers.mjs';\nimport { signInWithCustomAuth } from './signInWithCustomAuth.mjs';\nimport { signInWithCustomSRPAuth } from './signInWithCustomSRPAuth.mjs';\nimport { signInWithSRP } from './signInWithSRP.mjs';\nimport { signInWithUserPassword } from './signInWithUserPassword.mjs';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n/**\n * Signs a user in\n *\n * @param input - The SignInInput object\n * @returns SignInOutput\n * @throws service: {@link InitiateAuthException }, {@link RespondToAuthChallengeException }\n * - Cognito service errors thrown during the sign-in process.\n * @throws validation: {@link AuthValidationErrorCode } - Validation errors thrown when either username or password\n * are not defined.\n * @throws AuthTokenConfigException - Thrown when the token provider config is invalid.\n */\nasync function signIn(input) {\n const authFlowType = input.options?.authFlowType;\n await assertUserNotAuthenticated();\n switch (authFlowType) {\n case 'USER_SRP_AUTH':\n return signInWithSRP(input);\n case 'USER_PASSWORD_AUTH':\n return signInWithUserPassword(input);\n case 'CUSTOM_WITHOUT_SRP':\n return signInWithCustomAuth(input);\n case 'CUSTOM_WITH_SRP':\n return signInWithCustomSRPAuth(input);\n default:\n return signInWithSRP(input);\n }\n}\nexport { signIn };\n","import { AuthError } from '../../../errors/AuthError.mjs';\nimport { AUTO_SIGN_IN_EXCEPTION } from '../../../errors/constants.mjs';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nconst initialAutoSignIn = async () => {\n throw new AuthError({\n name: AUTO_SIGN_IN_EXCEPTION,\n message: 'The autoSignIn flow has not started, or has been cancelled/completed.',\n recoverySuggestion: 'Please try to use the signIn API or log out before starting a new autoSignIn flow.'\n });\n};\n/**\n * Signs a user in automatically after finishing the sign-up process.\n *\n * This API will automatically sign a user in if the autoSignIn flow has been completed in the following cases:\n * - User confirmed their account with a verification code sent to their phone or email (default option).\n * - User confirmed their account with a verification link sent to their phone or email. In order to\n * enable this option you need to go to the Amazon Cognito [console](https://aws.amazon.com/pm/cognito),\n * look for your userpool, then go to the `Messaging` tab and enable `link` mode inside the `Verification message` option.\n * Finally you need to define the `signUpVerificationMethod` in your `Auth` config.\n *\n * @example\n * ```typescript\n * Amplify.configure({\n * Auth: {\n * Cognito: {\n * ...cognitoConfig,\n * signUpVerificationMethod: \"link\" // the default value is \"code\"\n * }\n *\t}});\n * ```\n *\n * @throws AutoSignInException - Thrown when the autoSignIn flow has not started, or has been cancelled/completed.\n * @returns The signInOutput.\n *\n * @example\n * ```typescript\n * // handleSignUp.ts\n * async function handleSignUp(\n * username:string,\n * password:string\n * ){\n * try {\n * const { nextStep } = await signUp({\n * username,\n * password,\n * options: {\n * userAttributes:{ email:'email@email.com'},\n * autoSignIn: true // This enables the auto sign-in flow.\n * },\n * });\n *\n * handleSignUpStep(nextStep);\n *\n * } catch (error) {\n * console.log(error);\n * }\n * }\n *\n * // handleConfirmSignUp.ts\n * async function handleConfirmSignUp(username:string, confirmationCode:string) {\n * try {\n * const { nextStep } = await confirmSignUp({\n * username,\n * confirmationCode,\n * });\n *\n * handleSignUpStep(nextStep);\n * } catch (error) {\n * console.log(error);\n * }\n * }\n *\n * // signUpUtils.ts\n * async function handleSignUpStep( step: SignUpOutput[\"nextStep\"]) {\n * switch (step.signUpStep) {\n * case \"CONFIRM_SIGN_UP\":\n *\n * // Redirect end-user to confirm-sign up screen.\n *\n * case \"COMPLETE_AUTO_SIGN_IN\":\n *\t const codeDeliveryDetails = step.codeDeliveryDetails;\n * if (codeDeliveryDetails) {\n * // Redirect user to confirm-sign-up with link screen.\n * }\n * const signInOutput = await autoSignIn();\n * // handle sign-in steps\n * }\n *\n * ```\n */\n// TODO(Eslint): can this be refactored not using `let` on exported member?\n// eslint-disable-next-line import/no-mutable-exports\nlet autoSignIn = initialAutoSignIn;\n/**\n * Sets the context of autoSignIn at run time.\n * @internal\n */\nfunction setAutoSignIn(callback) {\n autoSignIn = callback;\n}\n/**\n * Resets the context\n *\n * @internal\n */\nfunction resetAutoSignIn() {\n autoSignIn = initialAutoSignIn;\n}\nexport { autoSignIn, resetAutoSignIn, setAutoSignIn };\n","import { HubInternal } from '@aws-amplify/core/internals/utils';\nimport { signIn } from '../apis/signIn.mjs';\nimport { AuthError } from '../../../errors/AuthError.mjs';\nimport { setAutoSignIn, resetAutoSignIn } from '../apis/autoSignIn.mjs';\nimport { AUTO_SIGN_IN_EXCEPTION } from '../../../errors/constants.mjs';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nconst MAX_AUTOSIGNIN_POLLING_MS = 3 * 60 * 1000;\nfunction handleCodeAutoSignIn(signInInput) {\n const stopHubListener = HubInternal.listen('auth-internal', async ({\n payload\n }) => {\n switch (payload.event) {\n case 'confirmSignUp':\n {\n const response = payload.data;\n if (response?.isSignUpComplete) {\n HubInternal.dispatch('auth-internal', {\n event: 'autoSignIn'\n });\n setAutoSignIn(autoSignInWithCode(signInInput));\n stopHubListener();\n }\n }\n }\n });\n // This will stop the listener if confirmSignUp is not resolved.\n const timeOutId = setTimeout(() => {\n stopHubListener();\n setAutoSignInStarted(false);\n clearTimeout(timeOutId);\n resetAutoSignIn();\n }, MAX_AUTOSIGNIN_POLLING_MS);\n}\nfunction debounce(fun, delay) {\n let timer;\n return args => {\n if (!timer) {\n fun(...args);\n }\n clearTimeout(timer);\n timer = setTimeout(() => {\n timer = undefined;\n }, delay);\n };\n}\nfunction handleAutoSignInWithLink(signInInput, resolve, reject) {\n const start = Date.now();\n const autoSignInPollingIntervalId = setInterval(async () => {\n const elapsedTime = Date.now() - start;\n const maxTime = MAX_AUTOSIGNIN_POLLING_MS;\n if (elapsedTime > maxTime) {\n clearInterval(autoSignInPollingIntervalId);\n setAutoSignInStarted(false);\n reject(new AuthError({\n name: AUTO_SIGN_IN_EXCEPTION,\n message: 'The account was not confirmed on time.',\n recoverySuggestion: 'Try to verify your account by clicking the link sent your email or phone and then login manually.'\n }));\n resetAutoSignIn();\n } else {\n try {\n const signInOutput = await signIn(signInInput);\n if (signInOutput.nextStep.signInStep !== 'CONFIRM_SIGN_UP') {\n resolve(signInOutput);\n clearInterval(autoSignInPollingIntervalId);\n setAutoSignInStarted(false);\n resetAutoSignIn();\n }\n } catch (error) {\n clearInterval(autoSignInPollingIntervalId);\n setAutoSignInStarted(false);\n reject(error);\n resetAutoSignIn();\n }\n }\n }, 5000);\n}\nconst debouncedAutoSignInWithLink = debounce(handleAutoSignInWithLink, 300);\nconst debouncedAutoSignWithCodeOrUserConfirmed = debounce(handleAutoSignInWithCodeOrUserConfirmed, 300);\nlet autoSignInStarted = false;\nlet usernameUsedForAutoSignIn;\nfunction setUsernameUsedForAutoSignIn(username) {\n usernameUsedForAutoSignIn = username;\n}\nfunction isAutoSignInUserUsingConfirmSignUp(username) {\n return usernameUsedForAutoSignIn === username;\n}\nfunction isAutoSignInStarted() {\n return autoSignInStarted;\n}\nfunction setAutoSignInStarted(value) {\n if (value === false) {\n setUsernameUsedForAutoSignIn(undefined);\n }\n autoSignInStarted = value;\n}\nfunction isSignUpComplete(output) {\n return !!output.UserConfirmed;\n}\nfunction autoSignInWhenUserIsConfirmedWithLink(signInInput) {\n return async () => {\n return new Promise((resolve, reject) => {\n debouncedAutoSignInWithLink([signInInput, resolve, reject]);\n });\n };\n}\nasync function handleAutoSignInWithCodeOrUserConfirmed(signInInput, resolve, reject) {\n try {\n const output = await signIn(signInInput);\n resolve(output);\n resetAutoSignIn();\n } catch (error) {\n reject(error);\n resetAutoSignIn();\n }\n}\nfunction autoSignInWithCode(signInInput) {\n return async () => {\n return new Promise((resolve, reject) => {\n debouncedAutoSignWithCodeOrUserConfirmed([signInInput, resolve, reject]);\n });\n };\n}\nconst autoSignInUserConfirmed = autoSignInWithCode;\nexport { autoSignInUserConfirmed, autoSignInWhenUserIsConfirmedWithLink, handleCodeAutoSignIn, isAutoSignInStarted, isAutoSignInUserUsingConfirmSignUp, isSignUpComplete, setAutoSignInStarted, setUsernameUsedForAutoSignIn };\n","import { composeServiceApi } from '@aws-amplify/core/internals/aws-client-utils/composers';\nimport { DEFAULT_SERVICE_CLIENT_API_CONFIG } from './constants.mjs';\nimport { cognitoUserPoolTransferHandler } from './shared/handler/cognitoUserPoolTransferHandler.mjs';\nimport { createUserPoolSerializer } from './shared/serde/createUserPoolSerializer.mjs';\nimport { createUserPoolDeserializer } from './shared/serde/createUserPoolDeserializer.mjs';\nimport '@aws-amplify/core/internals/aws-client-utils';\nimport '@aws-amplify/core/internals/utils';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nconst createSignUpClient = config => composeServiceApi(cognitoUserPoolTransferHandler, createUserPoolSerializer('SignUp'), createUserPoolDeserializer(), {\n ...DEFAULT_SERVICE_CLIENT_API_CONFIG,\n ...config\n});\nexport { createSignUpClient };\n","import { Amplify } from '@aws-amplify/core';\nimport { assertTokenProviderConfig, AuthAction } from '@aws-amplify/core/internals/utils';\nimport { assertValidationError } from '../../../errors/utils/assertValidationError.mjs';\nimport { AuthValidationErrorCode } from '../../../errors/types/validation.mjs';\nimport { getRegionFromUserPoolId } from '../../../foundation/parsers/regionParsers.mjs';\nimport { toAttributeType } from '../utils/apiHelpers.mjs';\nimport { setUsernameUsedForAutoSignIn, setAutoSignInStarted, isSignUpComplete, isAutoSignInStarted, autoSignInUserConfirmed, handleCodeAutoSignIn, autoSignInWhenUserIsConfirmedWithLink } from '../utils/signUpHelpers.mjs';\nimport { getUserContextData } from '../utils/userContextData.mjs';\nimport { getAuthUserAgentValue } from '../../../utils/getAuthUserAgentValue.mjs';\nimport '@aws-amplify/core/internals/aws-client-utils/composers';\nimport '@aws-amplify/core/internals/aws-client-utils';\nimport '../../../foundation/factories/serviceClients/cognitoIdentityProvider/shared/handler/cognitoUserPoolTransferHandler.mjs';\nimport '../../../foundation/factories/serviceClients/cognitoIdentityProvider/constants.mjs';\nimport { createSignUpClient } from '../../../foundation/factories/serviceClients/cognitoIdentityProvider/createSignUpClient.mjs';\nimport { createCognitoUserPoolEndpointResolver } from '../factories/createCognitoUserPoolEndpointResolver.mjs';\nimport { setAutoSignIn } from './autoSignIn.mjs';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n/**\n * Creates a user\n *\n * @param input - The SignUpInput object\n * @returns SignUpOutput\n * @throws service: {@link SignUpException } - Cognito service errors thrown during the sign-up process.\n * @throws validation: {@link AuthValidationErrorCode } - Validation errors thrown either username or password\n * are not defined.\n * @throws AuthTokenConfigException - Thrown when the token provider config is invalid.\n */\nasync function signUp(input) {\n const {\n username,\n password,\n options\n } = input;\n const authConfig = Amplify.getConfig().Auth?.Cognito;\n const signUpVerificationMethod = authConfig?.signUpVerificationMethod ?? 'code';\n const {\n clientMetadata,\n validationData,\n autoSignIn\n } = input.options ?? {};\n assertTokenProviderConfig(authConfig);\n assertValidationError(!!username, AuthValidationErrorCode.EmptySignUpUsername);\n assertValidationError(!!password, AuthValidationErrorCode.EmptySignUpPassword);\n const signInServiceOptions = typeof autoSignIn !== 'boolean' ? autoSignIn : undefined;\n const signInInput = {\n username,\n options: signInServiceOptions\n };\n // if the authFlowType is 'CUSTOM_WITHOUT_SRP' then we don't include the password\n if (signInServiceOptions?.authFlowType !== 'CUSTOM_WITHOUT_SRP') {\n signInInput.password = password;\n }\n if (signInServiceOptions || autoSignIn === true) {\n setUsernameUsedForAutoSignIn(username);\n setAutoSignInStarted(true);\n }\n const {\n userPoolId,\n userPoolClientId,\n userPoolEndpoint\n } = authConfig;\n const signUpClient = createSignUpClient({\n endpointResolver: createCognitoUserPoolEndpointResolver({\n endpointOverride: userPoolEndpoint\n })\n });\n const clientOutput = await signUpClient({\n region: getRegionFromUserPoolId(userPoolId),\n userAgentValue: getAuthUserAgentValue(AuthAction.SignUp)\n }, {\n Username: username,\n Password: password,\n UserAttributes: options?.userAttributes && toAttributeType(options?.userAttributes),\n ClientMetadata: clientMetadata,\n ValidationData: validationData && toAttributeType(validationData),\n ClientId: userPoolClientId,\n UserContextData: getUserContextData({\n username,\n userPoolId,\n userPoolClientId\n })\n });\n const {\n UserSub,\n CodeDeliveryDetails\n } = clientOutput;\n if (isSignUpComplete(clientOutput) && isAutoSignInStarted()) {\n setAutoSignIn(autoSignInUserConfirmed(signInInput));\n return {\n isSignUpComplete: true,\n nextStep: {\n signUpStep: 'COMPLETE_AUTO_SIGN_IN'\n },\n userId: UserSub\n };\n } else if (isSignUpComplete(clientOutput) && !isAutoSignInStarted()) {\n return {\n isSignUpComplete: true,\n nextStep: {\n signUpStep: 'DONE'\n },\n userId: UserSub\n };\n } else if (!isSignUpComplete(clientOutput) && isAutoSignInStarted() && signUpVerificationMethod === 'code') {\n handleCodeAutoSignIn(signInInput);\n } else if (!isSignUpComplete(clientOutput) && isAutoSignInStarted() && signUpVerificationMethod === 'link') {\n setAutoSignIn(autoSignInWhenUserIsConfirmedWithLink(signInInput));\n return {\n isSignUpComplete: false,\n nextStep: {\n signUpStep: 'COMPLETE_AUTO_SIGN_IN',\n codeDeliveryDetails: {\n deliveryMedium: CodeDeliveryDetails?.DeliveryMedium,\n destination: CodeDeliveryDetails?.Destination,\n attributeName: CodeDeliveryDetails?.AttributeName\n }\n },\n userId: UserSub\n };\n }\n return {\n isSignUpComplete: false,\n nextStep: {\n signUpStep: 'CONFIRM_SIGN_UP',\n codeDeliveryDetails: {\n deliveryMedium: CodeDeliveryDetails?.DeliveryMedium,\n destination: CodeDeliveryDetails?.Destination,\n attributeName: CodeDeliveryDetails?.AttributeName\n }\n },\n userId: UserSub\n };\n}\nexport { signUp };\n","import { composeServiceApi } from '@aws-amplify/core/internals/aws-client-utils/composers';\nimport { cognitoUserPoolTransferHandler } from './shared/handler/cognitoUserPoolTransferHandler.mjs';\nimport { createUserPoolSerializer } from './shared/serde/createUserPoolSerializer.mjs';\nimport { createUserPoolDeserializer } from './shared/serde/createUserPoolDeserializer.mjs';\nimport '@aws-amplify/core/internals/aws-client-utils';\nimport '@aws-amplify/core/internals/utils';\nimport { DEFAULT_SERVICE_CLIENT_API_CONFIG } from './constants.mjs';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nconst createForgotPasswordClient = config => composeServiceApi(cognitoUserPoolTransferHandler, createUserPoolSerializer('ForgotPassword'), createUserPoolDeserializer(), {\n ...DEFAULT_SERVICE_CLIENT_API_CONFIG,\n ...config\n});\nexport { createForgotPasswordClient };\n","import { Amplify } from '@aws-amplify/core';\nimport { assertTokenProviderConfig, AuthAction } from '@aws-amplify/core/internals/utils';\nimport { AuthValidationErrorCode } from '../../../errors/types/validation.mjs';\nimport { assertValidationError } from '../../../errors/utils/assertValidationError.mjs';\nimport { getRegionFromUserPoolId } from '../../../foundation/parsers/regionParsers.mjs';\nimport { getAuthUserAgentValue } from '../../../utils/getAuthUserAgentValue.mjs';\nimport { getUserContextData } from '../utils/userContextData.mjs';\nimport '@aws-amplify/core/internals/aws-client-utils/composers';\nimport '@aws-amplify/core/internals/aws-client-utils';\nimport '../../../foundation/factories/serviceClients/cognitoIdentityProvider/shared/handler/cognitoUserPoolTransferHandler.mjs';\nimport '../../../foundation/factories/serviceClients/cognitoIdentityProvider/constants.mjs';\nimport { createForgotPasswordClient } from '../../../foundation/factories/serviceClients/cognitoIdentityProvider/createForgotPasswordClient.mjs';\nimport { createCognitoUserPoolEndpointResolver } from '../factories/createCognitoUserPoolEndpointResolver.mjs';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n/**\n * Resets a user's password.\n *\n * @param input - The ResetPasswordInput object.\n * @returns ResetPasswordOutput\n * @throws -{@link ForgotPasswordException }\n * Thrown due to an invalid confirmation code or password.\n * @throws -{@link AuthValidationErrorCode }\n * Thrown due to an empty username.\n * @throws AuthTokenConfigException - Thrown when the token provider config is invalid.\n **/\nasync function resetPassword(input) {\n const {\n username\n } = input;\n assertValidationError(!!username, AuthValidationErrorCode.EmptyResetPasswordUsername);\n const authConfig = Amplify.getConfig().Auth?.Cognito;\n assertTokenProviderConfig(authConfig);\n const {\n userPoolClientId,\n userPoolId,\n userPoolEndpoint\n } = authConfig;\n const clientMetadata = input.options?.clientMetadata;\n const UserContextData = getUserContextData({\n username,\n userPoolId,\n userPoolClientId\n });\n const forgotPassword = createForgotPasswordClient({\n endpointResolver: createCognitoUserPoolEndpointResolver({\n endpointOverride: userPoolEndpoint\n })\n });\n const res = await forgotPassword({\n region: getRegionFromUserPoolId(userPoolId),\n userAgentValue: getAuthUserAgentValue(AuthAction.ResetPassword)\n }, {\n Username: username,\n ClientMetadata: clientMetadata,\n ClientId: userPoolClientId,\n UserContextData\n });\n const codeDeliveryDetails = res.CodeDeliveryDetails;\n return {\n isPasswordReset: false,\n nextStep: {\n resetPasswordStep: 'CONFIRM_RESET_PASSWORD_WITH_CODE',\n codeDeliveryDetails: {\n deliveryMedium: codeDeliveryDetails?.DeliveryMedium,\n destination: codeDeliveryDetails?.Destination,\n attributeName: codeDeliveryDetails?.AttributeName\n }\n }\n };\n}\nexport { resetPassword };\n","import { composeServiceApi } from '@aws-amplify/core/internals/aws-client-utils/composers';\nimport { cognitoUserPoolTransferHandler } from './shared/handler/cognitoUserPoolTransferHandler.mjs';\nimport { createUserPoolSerializer } from './shared/serde/createUserPoolSerializer.mjs';\nimport { createUserPoolDeserializer } from './shared/serde/createUserPoolDeserializer.mjs';\nimport '@aws-amplify/core/internals/aws-client-utils';\nimport '@aws-amplify/core/internals/utils';\nimport { DEFAULT_SERVICE_CLIENT_API_CONFIG } from './constants.mjs';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nconst createConfirmForgotPasswordClient = config => composeServiceApi(cognitoUserPoolTransferHandler, createUserPoolSerializer('ConfirmForgotPassword'), createUserPoolDeserializer(), {\n ...DEFAULT_SERVICE_CLIENT_API_CONFIG,\n ...config\n});\nexport { createConfirmForgotPasswordClient };\n","import { Amplify } from '@aws-amplify/core';\nimport { assertTokenProviderConfig, AuthAction } from '@aws-amplify/core/internals/utils';\nimport { AuthValidationErrorCode } from '../../../errors/types/validation.mjs';\nimport { assertValidationError } from '../../../errors/utils/assertValidationError.mjs';\nimport { getAuthUserAgentValue } from '../../../utils/getAuthUserAgentValue.mjs';\nimport { getUserContextData } from '../utils/userContextData.mjs';\nimport '@aws-amplify/core/internals/aws-client-utils/composers';\nimport '@aws-amplify/core/internals/aws-client-utils';\nimport '../../../foundation/factories/serviceClients/cognitoIdentityProvider/shared/handler/cognitoUserPoolTransferHandler.mjs';\nimport '../../../foundation/factories/serviceClients/cognitoIdentityProvider/constants.mjs';\nimport { createConfirmForgotPasswordClient } from '../../../foundation/factories/serviceClients/cognitoIdentityProvider/createConfirmForgotPasswordClient.mjs';\nimport { createCognitoUserPoolEndpointResolver } from '../factories/createCognitoUserPoolEndpointResolver.mjs';\nimport { getRegionFromUserPoolId } from '../../../foundation/parsers/regionParsers.mjs';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n/**\n * Confirms the new password and verification code to reset the password.\n *\n * @param input - The ConfirmResetPasswordInput object.\n * @throws -{@link ConfirmForgotPasswordException }\n * Thrown due to an invalid confirmation code or password.\n * @throws -{@link AuthValidationErrorCode }\n * Thrown due to an empty confirmation code, password or username.\n * @throws AuthTokenConfigException - Thrown when the token provider config is invalid.\n */\nasync function confirmResetPassword(input) {\n const authConfig = Amplify.getConfig().Auth?.Cognito;\n assertTokenProviderConfig(authConfig);\n const {\n userPoolClientId,\n userPoolId,\n userPoolEndpoint\n } = authConfig;\n const {\n username,\n newPassword\n } = input;\n assertValidationError(!!username, AuthValidationErrorCode.EmptyConfirmResetPasswordUsername);\n assertValidationError(!!newPassword, AuthValidationErrorCode.EmptyConfirmResetPasswordNewPassword);\n const code = input.confirmationCode;\n assertValidationError(!!code, AuthValidationErrorCode.EmptyConfirmResetPasswordConfirmationCode);\n const metadata = input.options?.clientMetadata;\n const UserContextData = getUserContextData({\n username,\n userPoolId,\n userPoolClientId\n });\n const confirmForgotPassword = createConfirmForgotPasswordClient({\n endpointResolver: createCognitoUserPoolEndpointResolver({\n endpointOverride: userPoolEndpoint\n })\n });\n await confirmForgotPassword({\n region: getRegionFromUserPoolId(authConfig.userPoolId),\n userAgentValue: getAuthUserAgentValue(AuthAction.ConfirmResetPassword)\n }, {\n Username: username,\n ConfirmationCode: code,\n Password: newPassword,\n ClientMetadata: metadata,\n ClientId: authConfig.userPoolClientId,\n UserContextData\n });\n}\nexport { confirmResetPassword };\n","import { composeServiceApi } from '@aws-amplify/core/internals/aws-client-utils/composers';\nimport { cognitoUserPoolTransferHandler } from './shared/handler/cognitoUserPoolTransferHandler.mjs';\nimport { createUserPoolSerializer } from './shared/serde/createUserPoolSerializer.mjs';\nimport { createUserPoolDeserializer } from './shared/serde/createUserPoolDeserializer.mjs';\nimport '@aws-amplify/core/internals/aws-client-utils';\nimport '@aws-amplify/core/internals/utils';\nimport { DEFAULT_SERVICE_CLIENT_API_CONFIG } from './constants.mjs';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nconst createResendConfirmationCodeClient = config => composeServiceApi(cognitoUserPoolTransferHandler, createUserPoolSerializer('ResendConfirmationCode'), createUserPoolDeserializer(), {\n ...DEFAULT_SERVICE_CLIENT_API_CONFIG,\n ...config\n});\nexport { createResendConfirmationCodeClient };\n","import { Amplify } from '@aws-amplify/core';\nimport { assertTokenProviderConfig, AuthAction } from '@aws-amplify/core/internals/utils';\nimport { assertValidationError } from '../../../errors/utils/assertValidationError.mjs';\nimport { AuthValidationErrorCode } from '../../../errors/types/validation.mjs';\nimport { getRegionFromUserPoolId } from '../../../foundation/parsers/regionParsers.mjs';\nimport { getAuthUserAgentValue } from '../../../utils/getAuthUserAgentValue.mjs';\nimport { getUserContextData } from '../utils/userContextData.mjs';\nimport '@aws-amplify/core/internals/aws-client-utils/composers';\nimport '@aws-amplify/core/internals/aws-client-utils';\nimport '../../../foundation/factories/serviceClients/cognitoIdentityProvider/shared/handler/cognitoUserPoolTransferHandler.mjs';\nimport '../../../foundation/factories/serviceClients/cognitoIdentityProvider/constants.mjs';\nimport { createResendConfirmationCodeClient } from '../../../foundation/factories/serviceClients/cognitoIdentityProvider/createResendConfirmationCodeClient.mjs';\nimport { createCognitoUserPoolEndpointResolver } from '../factories/createCognitoUserPoolEndpointResolver.mjs';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n/**\n * Resend the confirmation code while signing up\n *\n * @param input - The ResendSignUpCodeInput object\n * @returns ResendSignUpCodeOutput\n * @throws service: {@link ResendConfirmationException } - Cognito service errors thrown when resending the code.\n * @throws validation: {@link AuthValidationErrorCode } - Validation errors thrown either username are not defined.\n * @throws AuthTokenConfigException - Thrown when the token provider config is invalid.\n */\nasync function resendSignUpCode(input) {\n const {\n username\n } = input;\n assertValidationError(!!username, AuthValidationErrorCode.EmptySignUpUsername);\n const authConfig = Amplify.getConfig().Auth?.Cognito;\n assertTokenProviderConfig(authConfig);\n const {\n userPoolClientId,\n userPoolId,\n userPoolEndpoint\n } = authConfig;\n const clientMetadata = input.options?.clientMetadata;\n const UserContextData = getUserContextData({\n username,\n userPoolId,\n userPoolClientId\n });\n const resendConfirmationCode = createResendConfirmationCodeClient({\n endpointResolver: createCognitoUserPoolEndpointResolver({\n endpointOverride: userPoolEndpoint\n })\n });\n const {\n CodeDeliveryDetails\n } = await resendConfirmationCode({\n region: getRegionFromUserPoolId(authConfig.userPoolId),\n userAgentValue: getAuthUserAgentValue(AuthAction.ResendSignUpCode)\n }, {\n Username: username,\n ClientMetadata: clientMetadata,\n ClientId: authConfig.userPoolClientId,\n UserContextData\n });\n const {\n DeliveryMedium,\n AttributeName,\n Destination\n } = {\n ...CodeDeliveryDetails\n };\n return {\n destination: Destination,\n deliveryMedium: DeliveryMedium,\n attributeName: AttributeName ? AttributeName : undefined\n };\n}\nexport { resendSignUpCode };\n","import { composeServiceApi } from '@aws-amplify/core/internals/aws-client-utils/composers';\nimport { DEFAULT_SERVICE_CLIENT_API_CONFIG } from './constants.mjs';\nimport { cognitoUserPoolTransferHandler } from './shared/handler/cognitoUserPoolTransferHandler.mjs';\nimport { createUserPoolSerializer } from './shared/serde/createUserPoolSerializer.mjs';\nimport { createUserPoolDeserializer } from './shared/serde/createUserPoolDeserializer.mjs';\nimport '@aws-amplify/core/internals/aws-client-utils';\nimport '@aws-amplify/core/internals/utils';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nconst createConfirmSignUpClient = config => composeServiceApi(cognitoUserPoolTransferHandler, createUserPoolSerializer('ConfirmSignUp'), createUserPoolDeserializer(), {\n ...DEFAULT_SERVICE_CLIENT_API_CONFIG,\n ...config\n});\nexport { createConfirmSignUpClient };\n","import { Amplify } from '@aws-amplify/core';\nimport { assertTokenProviderConfig, AuthAction, HubInternal } from '@aws-amplify/core/internals/utils';\nimport { assertValidationError } from '../../../errors/utils/assertValidationError.mjs';\nimport { AuthValidationErrorCode } from '../../../errors/types/validation.mjs';\nimport { getRegionFromUserPoolId } from '../../../foundation/parsers/regionParsers.mjs';\nimport { isAutoSignInStarted, isAutoSignInUserUsingConfirmSignUp, setAutoSignInStarted } from '../utils/signUpHelpers.mjs';\nimport { getAuthUserAgentValue } from '../../../utils/getAuthUserAgentValue.mjs';\nimport { getUserContextData } from '../utils/userContextData.mjs';\nimport '@aws-amplify/core/internals/aws-client-utils/composers';\nimport '@aws-amplify/core/internals/aws-client-utils';\nimport '../../../foundation/factories/serviceClients/cognitoIdentityProvider/shared/handler/cognitoUserPoolTransferHandler.mjs';\nimport '../../../foundation/factories/serviceClients/cognitoIdentityProvider/constants.mjs';\nimport { createConfirmSignUpClient } from '../../../foundation/factories/serviceClients/cognitoIdentityProvider/createConfirmSignUpClient.mjs';\nimport { createCognitoUserPoolEndpointResolver } from '../factories/createCognitoUserPoolEndpointResolver.mjs';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n/**\n * Confirms a new user account.\n *\n * @param input - The ConfirmSignUpInput object.\n * @returns ConfirmSignUpOutput\n * @throws -{@link ConfirmSignUpException }\n * Thrown due to an invalid confirmation code.\n * @throws -{@link AuthValidationErrorCode }\n * Thrown due to an empty confirmation code\n * @throws AuthTokenConfigException - Thrown when the token provider config is invalid.\n */\nasync function confirmSignUp(input) {\n const {\n username,\n confirmationCode,\n options\n } = input;\n const authConfig = Amplify.getConfig().Auth?.Cognito;\n assertTokenProviderConfig(authConfig);\n const {\n userPoolId,\n userPoolClientId,\n userPoolEndpoint\n } = authConfig;\n const clientMetadata = options?.clientMetadata;\n assertValidationError(!!username, AuthValidationErrorCode.EmptyConfirmSignUpUsername);\n assertValidationError(!!confirmationCode, AuthValidationErrorCode.EmptyConfirmSignUpCode);\n const UserContextData = getUserContextData({\n username,\n userPoolId,\n userPoolClientId\n });\n const confirmSignUpClient = createConfirmSignUpClient({\n endpointResolver: createCognitoUserPoolEndpointResolver({\n endpointOverride: userPoolEndpoint\n })\n });\n await confirmSignUpClient({\n region: getRegionFromUserPoolId(authConfig.userPoolId),\n userAgentValue: getAuthUserAgentValue(AuthAction.ConfirmSignUp)\n }, {\n Username: username,\n ConfirmationCode: confirmationCode,\n ClientMetadata: clientMetadata,\n ForceAliasCreation: options?.forceAliasCreation,\n ClientId: authConfig.userPoolClientId,\n UserContextData\n });\n return new Promise((resolve, reject) => {\n try {\n const signUpOut = {\n isSignUpComplete: true,\n nextStep: {\n signUpStep: 'DONE'\n }\n };\n if (!isAutoSignInStarted() || !isAutoSignInUserUsingConfirmSignUp(username)) {\n resolve(signUpOut);\n return;\n }\n const stopListener = HubInternal.listen('auth-internal', ({\n payload\n }) => {\n switch (payload.event) {\n case 'autoSignIn':\n resolve({\n isSignUpComplete: true,\n nextStep: {\n signUpStep: 'COMPLETE_AUTO_SIGN_IN'\n }\n });\n setAutoSignInStarted(false);\n stopListener();\n }\n });\n HubInternal.dispatch('auth-internal', {\n event: 'confirmSignUp',\n data: signUpOut\n });\n } catch (error) {\n reject(error);\n }\n });\n}\nexport { confirmSignUp };\n","import { composeServiceApi } from '@aws-amplify/core/internals/aws-client-utils/composers';\nimport { cognitoUserPoolTransferHandler } from './shared/handler/cognitoUserPoolTransferHandler.mjs';\nimport { createUserPoolSerializer } from './shared/serde/createUserPoolSerializer.mjs';\nimport { createUserPoolDeserializer } from './shared/serde/createUserPoolDeserializer.mjs';\nimport '@aws-amplify/core/internals/aws-client-utils';\nimport '@aws-amplify/core/internals/utils';\nimport { DEFAULT_SERVICE_CLIENT_API_CONFIG } from './constants.mjs';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nconst createGetUserClient = config => composeServiceApi(cognitoUserPoolTransferHandler, createUserPoolSerializer('GetUser'), createUserPoolDeserializer(), {\n ...DEFAULT_SERVICE_CLIENT_API_CONFIG,\n ...config\n});\nexport { createGetUserClient };\n","import { assertTokenProviderConfig, fetchAuthSession, AuthAction } from '@aws-amplify/core/internals/utils';\nimport { getRegionFromUserPoolId } from '../../../../foundation/parsers/regionParsers.mjs';\nimport { assertAuthTokens } from '../../utils/types.mjs';\nimport { toAuthUserAttribute } from '../../utils/apiHelpers.mjs';\nimport { getAuthUserAgentValue } from '../../../../utils/getAuthUserAgentValue.mjs';\nimport '@aws-amplify/core/internals/aws-client-utils/composers';\nimport '@aws-amplify/core/internals/aws-client-utils';\nimport '../../../../foundation/factories/serviceClients/cognitoIdentityProvider/shared/handler/cognitoUserPoolTransferHandler.mjs';\nimport '../../../../foundation/factories/serviceClients/cognitoIdentityProvider/constants.mjs';\nimport { createGetUserClient } from '../../../../foundation/factories/serviceClients/cognitoIdentityProvider/createGetUserClient.mjs';\nimport { createCognitoUserPoolEndpointResolver } from '../../factories/createCognitoUserPoolEndpointResolver.mjs';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nconst fetchUserAttributes = async amplify => {\n const authConfig = amplify.getConfig().Auth?.Cognito;\n assertTokenProviderConfig(authConfig);\n const {\n userPoolEndpoint,\n userPoolId\n } = authConfig;\n const {\n tokens\n } = await fetchAuthSession(amplify, {\n forceRefresh: false\n });\n assertAuthTokens(tokens);\n const getUser = createGetUserClient({\n endpointResolver: createCognitoUserPoolEndpointResolver({\n endpointOverride: userPoolEndpoint\n })\n });\n const {\n UserAttributes\n } = await getUser({\n region: getRegionFromUserPoolId(userPoolId),\n userAgentValue: getAuthUserAgentValue(AuthAction.FetchUserAttributes)\n }, {\n AccessToken: tokens.accessToken.toString()\n });\n return toAuthUserAttribute(UserAttributes);\n};\nexport { fetchUserAttributes };\n","import { Amplify } from '@aws-amplify/core';\nimport { fetchUserAttributes as fetchUserAttributes$1 } from './internal/fetchUserAttributes.mjs';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n/**\n * Fetches the current user attributes while authenticated.\n *\n * @throws - {@link GetUserException} - Cognito service errors thrown when the service is not able to get the user.\n * @throws AuthTokenConfigException - Thrown when the token provider config is invalid.\n */\nconst fetchUserAttributes = () => {\n return fetchUserAttributes$1(Amplify);\n};\nexport { fetchUserAttributes };\n","import { clearCredentials, Hub } from '@aws-amplify/core';\nimport { AMPLIFY_SYMBOL } from '@aws-amplify/core/internals/utils';\nimport '../refreshAuthTokens.mjs';\nimport '../../tokenProvider/errorHelpers.mjs';\nimport '../types.mjs';\nimport { tokenOrchestrator } from '../../tokenProvider/tokenProvider.mjs';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nconst completeOAuthSignOut = async store => {\n await store.clearOAuthData();\n tokenOrchestrator.clearTokens();\n await clearCredentials();\n Hub.dispatch('auth', {\n event: 'signedOut'\n }, 'Auth', AMPLIFY_SYMBOL);\n};\nexport { completeOAuthSignOut };\n","import { assertOAuthConfig } from '@aws-amplify/core/internals/utils';\nimport { openAuthSession } from '../../../../utils/openAuthSession.mjs';\nimport { getRedirectUrl } from './getRedirectUrl.mjs';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nconst oAuthSignOutRedirect = async (authConfig, preferPrivateSession = false, redirectUrl) => {\n assertOAuthConfig(authConfig);\n const {\n loginWith,\n userPoolClientId\n } = authConfig;\n const {\n domain,\n redirectSignOut\n } = loginWith.oauth;\n const signoutUri = getRedirectUrl(redirectSignOut, redirectUrl);\n const oAuthLogoutEndpoint = `https://${domain}/logout?${Object.entries({\n client_id: userPoolClientId,\n logout_uri: encodeURIComponent(signoutUri)\n }).map(([k, v]) => `${k}=${v}`).join('&')}`;\n return openAuthSession(oAuthLogoutEndpoint);\n};\nexport { oAuthSignOutRedirect };\n","import { completeOAuthSignOut } from './completeOAuthSignOut.mjs';\nimport { oAuthSignOutRedirect } from './oAuthSignOutRedirect.mjs';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nconst handleOAuthSignOut = async (cognitoConfig, store, tokenOrchestrator, redirectUrl) => {\n const {\n isOAuthSignIn\n } = await store.loadOAuthSignIn();\n const oauthMetadata = await tokenOrchestrator.getOAuthMetadata();\n // Clear everything before attempting to visted logout endpoint since the current application\n // state could be wiped away on redirect\n await completeOAuthSignOut(store);\n // The isOAuthSignIn flag is propagated by the oAuthToken store which manages oauth keys in local storage only.\n // These keys are used to determine if a user is in an inflight or signedIn oauth states.\n // However, this behavior represents an issue when 2 apps share the same set of tokens in Cookie storage because the app that didn't\n // start the OAuth will not have access to the oauth keys.\n // A heuristic solution is to add oauth metadata to the tokenOrchestrator which will have access to the underlying\n // storage mechanism that is used by Amplify.\n if (isOAuthSignIn || oauthMetadata?.oauthSignIn) {\n // On web, this will always end up being a void action\n return oAuthSignOutRedirect(cognitoConfig, false, redirectUrl);\n }\n};\nexport { handleOAuthSignOut };\n","import { composeServiceApi } from '@aws-amplify/core/internals/aws-client-utils/composers';\nimport { cognitoUserPoolTransferHandler } from './shared/handler/cognitoUserPoolTransferHandler.mjs';\nimport { createUserPoolSerializer } from './shared/serde/createUserPoolSerializer.mjs';\nimport { createUserPoolDeserializer } from './shared/serde/createUserPoolDeserializer.mjs';\nimport '@aws-amplify/core/internals/aws-client-utils';\nimport '@aws-amplify/core/internals/utils';\nimport { DEFAULT_SERVICE_CLIENT_API_CONFIG } from './constants.mjs';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nconst createRevokeTokenClient = config => composeServiceApi(cognitoUserPoolTransferHandler, createUserPoolSerializer('RevokeToken'), createUserPoolDeserializer(), {\n ...DEFAULT_SERVICE_CLIENT_API_CONFIG,\n ...config\n});\nexport { createRevokeTokenClient };\n","import { composeServiceApi } from '@aws-amplify/core/internals/aws-client-utils/composers';\nimport { cognitoUserPoolTransferHandler } from './shared/handler/cognitoUserPoolTransferHandler.mjs';\nimport { createUserPoolSerializer } from './shared/serde/createUserPoolSerializer.mjs';\nimport { createUserPoolDeserializer } from './shared/serde/createUserPoolDeserializer.mjs';\nimport '@aws-amplify/core/internals/aws-client-utils';\nimport '@aws-amplify/core/internals/utils';\nimport { DEFAULT_SERVICE_CLIENT_API_CONFIG } from './constants.mjs';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nconst createGlobalSignOutClient = config => composeServiceApi(cognitoUserPoolTransferHandler, createUserPoolSerializer('GlobalSignOut'), createUserPoolDeserializer(), {\n ...DEFAULT_SERVICE_CLIENT_API_CONFIG,\n ...config\n});\nexport { createGlobalSignOutClient };\n","import { ConsoleLogger, Amplify, clearCredentials, Hub, defaultStorage } from '@aws-amplify/core';\nimport { assertTokenProviderConfig, assertOAuthConfig, AMPLIFY_SYMBOL, AuthAction } from '@aws-amplify/core/internals/utils';\nimport { getAuthUserAgentValue } from '../../../utils/getAuthUserAgentValue.mjs';\nimport '../utils/refreshAuthTokens.mjs';\nimport { AuthError } from '../../../errors/AuthError.mjs';\nimport '../tokenProvider/errorHelpers.mjs';\nimport { DefaultOAuthStore } from '../utils/signInWithRedirectStore.mjs';\nimport { tokenOrchestrator } from '../tokenProvider/tokenProvider.mjs';\nimport { getRegionFromUserPoolId } from '../../../foundation/parsers/regionParsers.mjs';\nimport { assertAuthTokensWithRefreshToken, assertAuthTokens } from '../utils/types.mjs';\nimport '@aws-crypto/sha256-js';\nimport { handleOAuthSignOut } from '../utils/oauth/handleOAuthSignOut.mjs';\nimport { OAUTH_SIGNOUT_EXCEPTION } from '../../../errors/constants.mjs';\nimport '../../../Errors.mjs';\nimport '../../../common/AuthErrorStrings.mjs';\nimport '../../../types/Auth.mjs';\nimport '@aws-amplify/core/internals/aws-client-utils/composers';\nimport '@aws-amplify/core/internals/aws-client-utils';\nimport '../../../foundation/factories/serviceClients/cognitoIdentityProvider/shared/handler/cognitoUserPoolTransferHandler.mjs';\nimport '../../../foundation/factories/serviceClients/cognitoIdentityProvider/constants.mjs';\nimport { createRevokeTokenClient } from '../../../foundation/factories/serviceClients/cognitoIdentityProvider/createRevokeTokenClient.mjs';\nimport { createGlobalSignOutClient } from '../../../foundation/factories/serviceClients/cognitoIdentityProvider/createGlobalSignOutClient.mjs';\nimport { createCognitoUserPoolEndpointResolver } from '../factories/createCognitoUserPoolEndpointResolver.mjs';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nconst logger = new ConsoleLogger('Auth');\n/**\n * Signs a user out\n *\n * @param input - The SignOutInput object\n * @throws AuthTokenConfigException - Thrown when the token provider config is invalid.\n */\nasync function signOut(input) {\n const cognitoConfig = Amplify.getConfig().Auth?.Cognito;\n assertTokenProviderConfig(cognitoConfig);\n if (input?.global) {\n await globalSignOut(cognitoConfig);\n } else {\n await clientSignOut(cognitoConfig);\n }\n let hasOAuthConfig;\n try {\n assertOAuthConfig(cognitoConfig);\n hasOAuthConfig = true;\n } catch (err) {\n hasOAuthConfig = false;\n }\n if (hasOAuthConfig) {\n const oAuthStore = new DefaultOAuthStore(defaultStorage);\n oAuthStore.setAuthConfig(cognitoConfig);\n const {\n type\n } = (await handleOAuthSignOut(cognitoConfig, oAuthStore, tokenOrchestrator, input?.oauth?.redirectUrl)) ?? {};\n if (type === 'error') {\n throw new AuthError({\n name: OAUTH_SIGNOUT_EXCEPTION,\n message: `An error occurred when attempting to log out from OAuth provider.`\n });\n }\n } else {\n // complete sign out\n tokenOrchestrator.clearTokens();\n await clearCredentials();\n Hub.dispatch('auth', {\n event: 'signedOut'\n }, 'Auth', AMPLIFY_SYMBOL);\n }\n}\nasync function clientSignOut(cognitoConfig) {\n try {\n const {\n userPoolEndpoint,\n userPoolId,\n userPoolClientId\n } = cognitoConfig;\n const authTokens = await tokenOrchestrator.getTokenStore().loadTokens();\n assertAuthTokensWithRefreshToken(authTokens);\n if (isSessionRevocable(authTokens.accessToken)) {\n const revokeToken = createRevokeTokenClient({\n endpointResolver: createCognitoUserPoolEndpointResolver({\n endpointOverride: userPoolEndpoint\n })\n });\n await revokeToken({\n region: getRegionFromUserPoolId(userPoolId),\n userAgentValue: getAuthUserAgentValue(AuthAction.SignOut)\n }, {\n ClientId: userPoolClientId,\n Token: authTokens.refreshToken\n });\n }\n } catch (err) {\n // this shouldn't throw\n logger.debug('Client signOut error caught but will proceed with token removal');\n }\n}\nasync function globalSignOut(cognitoConfig) {\n try {\n const {\n userPoolEndpoint,\n userPoolId\n } = cognitoConfig;\n const authTokens = await tokenOrchestrator.getTokenStore().loadTokens();\n assertAuthTokens(authTokens);\n const globalSignOutClient = createGlobalSignOutClient({\n endpointResolver: createCognitoUserPoolEndpointResolver({\n endpointOverride: userPoolEndpoint\n })\n });\n await globalSignOutClient({\n region: getRegionFromUserPoolId(userPoolId),\n userAgentValue: getAuthUserAgentValue(AuthAction.SignOut)\n }, {\n AccessToken: authTokens.accessToken.toString()\n });\n } catch (err) {\n // it should not throw\n logger.debug('Global signOut error caught but will proceed with token removal');\n }\n}\nconst isSessionRevocable = token => !!token?.payload?.origin_jti;\nexport { signOut };\n","import { parseJsonError } from '@aws-amplify/core/internals/aws-client-utils';\nimport { assertServiceError } from '../../../../../../errors/utils/assertServiceError.mjs';\nimport { AuthError } from '../../../../../../errors/AuthError.mjs';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nconst createEmptyResponseDeserializer = () => async response => {\n if (response.statusCode >= 300) {\n const error = await parseJsonError(response);\n assertServiceError(error);\n throw new AuthError({\n name: error.name,\n message: error.message\n });\n } else {\n return undefined;\n }\n};\nexport { createEmptyResponseDeserializer };\n","import { composeServiceApi } from '@aws-amplify/core/internals/aws-client-utils/composers';\nimport { cognitoUserPoolTransferHandler } from './shared/handler/cognitoUserPoolTransferHandler.mjs';\nimport { createUserPoolSerializer } from './shared/serde/createUserPoolSerializer.mjs';\nimport '@aws-amplify/core/internals/aws-client-utils';\nimport '@aws-amplify/core/internals/utils';\nimport { createEmptyResponseDeserializer } from './shared/serde/createEmptyResponseDeserializer.mjs';\nimport { DEFAULT_SERVICE_CLIENT_API_CONFIG } from './constants.mjs';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nconst createDeleteUserClient = config => composeServiceApi(cognitoUserPoolTransferHandler, createUserPoolSerializer('DeleteUser'), createEmptyResponseDeserializer(), {\n ...DEFAULT_SERVICE_CLIENT_API_CONFIG,\n ...config\n});\nexport { createDeleteUserClient };\n","import { Amplify, fetchAuthSession } from '@aws-amplify/core';\nimport { assertTokenProviderConfig, AuthAction } from '@aws-amplify/core/internals/utils';\nimport { getRegionFromUserPoolId } from '../../../foundation/parsers/regionParsers.mjs';\nimport { assertAuthTokens } from '../utils/types.mjs';\nimport '../utils/refreshAuthTokens.mjs';\nimport '../tokenProvider/errorHelpers.mjs';\nimport { tokenOrchestrator } from '../tokenProvider/tokenProvider.mjs';\nimport { getAuthUserAgentValue } from '../../../utils/getAuthUserAgentValue.mjs';\nimport '@aws-amplify/core/internals/aws-client-utils/composers';\nimport '@aws-amplify/core/internals/aws-client-utils';\nimport '../../../foundation/factories/serviceClients/cognitoIdentityProvider/shared/handler/cognitoUserPoolTransferHandler.mjs';\nimport '../../../foundation/factories/serviceClients/cognitoIdentityProvider/constants.mjs';\nimport { createDeleteUserClient } from '../../../foundation/factories/serviceClients/cognitoIdentityProvider/createDeleteUserClient.mjs';\nimport { createCognitoUserPoolEndpointResolver } from '../factories/createCognitoUserPoolEndpointResolver.mjs';\nimport { signOut } from './signOut.mjs';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n/**\n * Deletes a user from the user pool while authenticated.\n *\n * @throws - {@link DeleteUserException}\n * @throws AuthTokenConfigException - Thrown when the token provider config is invalid.\n */\nasync function deleteUser() {\n const authConfig = Amplify.getConfig().Auth?.Cognito;\n assertTokenProviderConfig(authConfig);\n const {\n userPoolEndpoint,\n userPoolId\n } = authConfig;\n const {\n tokens\n } = await fetchAuthSession();\n assertAuthTokens(tokens);\n const serviceDeleteUser = createDeleteUserClient({\n endpointResolver: createCognitoUserPoolEndpointResolver({\n endpointOverride: userPoolEndpoint\n })\n });\n await serviceDeleteUser({\n region: getRegionFromUserPoolId(userPoolId),\n userAgentValue: getAuthUserAgentValue(AuthAction.DeleteUser)\n }, {\n AccessToken: tokens.accessToken.toString()\n });\n await tokenOrchestrator.clearDeviceMetadata();\n await signOut();\n}\nexport { deleteUser };\n","// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nconst IdentityIdStorageKeys = {\n identityId: 'identityId'\n};\nexport { IdentityIdStorageKeys };\n","import { ConsoleLogger } from '@aws-amplify/core';\nimport { assertIdentityPoolIdConfig } from '@aws-amplify/core/internals/utils';\nimport { getAuthStorageKeys } from '../tokenProvider/TokenStore.mjs';\nimport { IdentityIdStorageKeys } from './types.mjs';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nconst logger = new ConsoleLogger('DefaultIdentityIdStore');\nclass DefaultIdentityIdStore {\n setAuthConfig(authConfigParam) {\n assertIdentityPoolIdConfig(authConfigParam.Cognito);\n this.authConfig = authConfigParam;\n this._authKeys = createKeysForAuthStorage('Cognito', authConfigParam.Cognito.identityPoolId);\n }\n constructor(keyValueStorage) {\n this._authKeys = {};\n this.keyValueStorage = keyValueStorage;\n }\n async loadIdentityId() {\n assertIdentityPoolIdConfig(this.authConfig?.Cognito);\n try {\n if (this._primaryIdentityId) {\n return {\n id: this._primaryIdentityId,\n type: 'primary'\n };\n } else {\n const storedIdentityId = await this.keyValueStorage.getItem(this._authKeys.identityId);\n if (storedIdentityId) {\n return {\n id: storedIdentityId,\n type: 'guest'\n };\n }\n return null;\n }\n } catch (err) {\n logger.log('Error getting stored IdentityId.', err);\n return null;\n }\n }\n async storeIdentityId(identity) {\n assertIdentityPoolIdConfig(this.authConfig?.Cognito);\n if (identity.type === 'guest') {\n this.keyValueStorage.setItem(this._authKeys.identityId, identity.id);\n // Clear in-memory storage of primary identityId\n this._primaryIdentityId = undefined;\n } else {\n this._primaryIdentityId = identity.id;\n // Clear locally stored guest id\n this.keyValueStorage.removeItem(this._authKeys.identityId);\n }\n }\n async clearIdentityId() {\n this._primaryIdentityId = undefined;\n await this.keyValueStorage.removeItem(this._authKeys.identityId);\n }\n}\nconst createKeysForAuthStorage = (provider, identifier) => {\n return getAuthStorageKeys(IdentityIdStorageKeys)(`com.amplify.${provider}`, identifier);\n};\nexport { DefaultIdentityIdStore };\n","import { decodeJWT } from '@aws-amplify/core/internals/utils';\nimport { AuthError } from '../../../errors/AuthError.mjs';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nfunction formLoginsMap(idToken) {\n const issuer = decodeJWT(idToken).payload.iss;\n const res = {};\n if (!issuer) {\n throw new AuthError({\n name: 'InvalidIdTokenException',\n message: 'Invalid Idtoken.'\n });\n }\n const domainName = issuer.replace(/(^\\w+:|^)\\/\\//, '');\n res[domainName] = idToken;\n return res;\n}\nexport { formLoginsMap };\n","import { ConsoleLogger, getId } from '@aws-amplify/core';\nimport { AuthError } from '../../../errors/AuthError.mjs';\nimport { getRegionFromIdentityPoolId } from '../../../foundation/parsers/regionParsers.mjs';\nimport { formLoginsMap } from './utils.mjs';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nconst logger = new ConsoleLogger('CognitoIdentityIdProvider');\n/**\n * Provides a Cognito identityId\n *\n * @param tokens - The AuthTokens received after SignIn\n * @returns string\n * @throws configuration exceptions: `InvalidIdentityPoolIdException`\n * - Auth errors that may arise from misconfiguration.\n * @throws service exceptions: {@link GetIdException }\n */\nasync function cognitoIdentityIdProvider({\n tokens,\n authConfig,\n identityIdStore\n}) {\n identityIdStore.setAuthConfig({\n Cognito: authConfig\n });\n // will return null only if there is no identityId cached or if there is an error retrieving it\n let identityId = await identityIdStore.loadIdentityId();\n // Tokens are available so return primary identityId\n if (tokens) {\n // If there is existing primary identityId in-memory return that\n if (identityId && identityId.type === 'primary') {\n return identityId.id;\n } else {\n const logins = tokens.idToken ? formLoginsMap(tokens.idToken.toString()) : {};\n const generatedIdentityId = await generateIdentityId(logins, authConfig);\n if (identityId && identityId.id === generatedIdentityId) {\n logger.debug(`The guest identity ${identityId.id} has become the primary identity.`);\n }\n identityId = {\n id: generatedIdentityId,\n type: 'primary'\n };\n }\n } else {\n // If there is existing guest identityId cached return that\n if (identityId && identityId.type === 'guest') {\n return identityId.id;\n } else {\n identityId = {\n id: await generateIdentityId({}, authConfig),\n type: 'guest'\n };\n }\n }\n // Store in-memory or local storage depending on guest or primary identityId\n identityIdStore.storeIdentityId(identityId);\n return identityId.id;\n}\nasync function generateIdentityId(logins, authConfig) {\n const identityPoolId = authConfig?.identityPoolId;\n const region = getRegionFromIdentityPoolId(identityPoolId);\n // IdentityId is absent so get it using IdentityPoolId with Cognito's GetId API\n const idResult =\n // for a first-time user, this will return a brand new identity\n // for a returning user, this will retrieve the previous identity assocaited with the logins\n (await getId({\n region\n }, {\n IdentityPoolId: identityPoolId,\n Logins: logins\n })).IdentityId;\n if (!idResult) {\n throw new AuthError({\n name: 'GetIdResponseException',\n message: 'Received undefined response from getId operation',\n recoverySuggestion: 'Make sure to pass a valid identityPoolId in the configuration.'\n });\n }\n return idResult;\n}\nexport { cognitoIdentityIdProvider };\n","import { ConsoleLogger, getCredentialsForIdentity } from '@aws-amplify/core';\nimport { assertIdentityPoolIdConfig } from '@aws-amplify/core/internals/utils';\nimport { AuthError } from '../../../errors/AuthError.mjs';\nimport { getRegionFromIdentityPoolId } from '../../../foundation/parsers/regionParsers.mjs';\nimport { assertIdTokenInAuthTokens } from '../utils/types.mjs';\nimport { cognitoIdentityIdProvider } from './IdentityIdProvider.mjs';\nimport { formLoginsMap } from './utils.mjs';\n\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nconst logger = new ConsoleLogger('CognitoCredentialsProvider');\nconst CREDENTIALS_TTL = 50 * 60 * 1000; // 50 min, can be modified on config if required in the future\nclass CognitoAWSCredentialsAndIdentityIdProvider {\n constructor(identityIdStore) {\n this._nextCredentialsRefresh = 0;\n this._identityIdStore = identityIdStore;\n }\n async clearCredentialsAndIdentityId() {\n logger.debug('Clearing out credentials and identityId');\n this._credentialsAndIdentityId = undefined;\n await this._identityIdStore.clearIdentityId();\n }\n async clearCredentials() {\n logger.debug('Clearing out in-memory credentials');\n this._credentialsAndIdentityId = undefined;\n }\n async getCredentialsAndIdentityId(getCredentialsOptions) {\n const isAuthenticated = getCredentialsOptions.authenticated;\n const {\n tokens\n } = getCredentialsOptions;\n const {\n authConfig\n } = getCredentialsOptions;\n try {\n assertIdentityPoolIdConfig(authConfig?.Cognito);\n } catch {\n // No identity pool configured, skipping\n return;\n }\n if (!isAuthenticated && !authConfig.Cognito.allowGuestAccess) {\n // TODO(V6): return partial result like Native platforms\n return;\n }\n const {\n forceRefresh\n } = getCredentialsOptions;\n const tokenHasChanged = this.hasTokenChanged(tokens);\n const identityId = await cognitoIdentityIdProvider({\n tokens,\n authConfig: authConfig.Cognito,\n identityIdStore: this._identityIdStore\n });\n // Clear cached credentials when forceRefresh is true OR the cache token has changed\n if (forceRefresh || tokenHasChanged) {\n this.clearCredentials();\n }\n if (!isAuthenticated) {\n return this.getGuestCredentials(identityId, authConfig.Cognito);\n } else {\n assertIdTokenInAuthTokens(tokens);\n return this.credsForOIDCTokens(authConfig.Cognito, tokens, identityId);\n }\n }\n async getGuestCredentials(identityId, authConfig) {\n // Return existing in-memory cached credentials only if it exists, is not past it's lifetime and is unauthenticated credentials\n if (this._credentialsAndIdentityId && !this.isPastTTL() && this._credentialsAndIdentityId.isAuthenticatedCreds === false) {\n logger.info('returning stored credentials as they neither past TTL nor expired.');\n return this._credentialsAndIdentityId;\n }\n // Clear to discard if any authenticated credentials are set and start with a clean slate\n this.clearCredentials();\n const region = getRegionFromIdentityPoolId(authConfig.identityPoolId);\n // use identityId to obtain guest credentials\n // save credentials in-memory\n // No logins params should be passed for guest creds:\n // https://docs.aws.amazon.com/cognitoidentity/latest/APIReference/API_GetCredentialsForIdentity.html\n const clientResult = await getCredentialsForIdentity({\n region\n }, {\n IdentityId: identityId\n });\n if (clientResult.Credentials && clientResult.Credentials.AccessKeyId && clientResult.Credentials.SecretKey) {\n this._nextCredentialsRefresh = new Date().getTime() + CREDENTIALS_TTL;\n const res = {\n credentials: {\n accessKeyId: clientResult.Credentials.AccessKeyId,\n secretAccessKey: clientResult.Credentials.SecretKey,\n sessionToken: clientResult.Credentials.SessionToken,\n expiration: clientResult.Credentials.Expiration\n },\n identityId\n };\n const identityIdRes = clientResult.IdentityId;\n if (identityIdRes) {\n res.identityId = identityIdRes;\n this._identityIdStore.storeIdentityId({\n id: identityIdRes,\n type: 'guest'\n });\n }\n this._credentialsAndIdentityId = {\n ...res,\n isAuthenticatedCreds: false\n };\n return res;\n } else {\n throw new AuthError({\n name: 'CredentialsNotFoundException',\n message: `Cognito did not respond with either Credentials, AccessKeyId or SecretKey.`\n });\n }\n }\n async credsForOIDCTokens(authConfig, authTokens, identityId) {\n if (this._credentialsAndIdentityId && !this.isPastTTL() && this._credentialsAndIdentityId.isAuthenticatedCreds === true) {\n logger.debug('returning stored credentials as they neither past TTL nor expired.');\n return this._credentialsAndIdentityId;\n }\n // Clear to discard if any unauthenticated credentials are set and start with a clean slate\n this.clearCredentials();\n const logins = authTokens.idToken ? formLoginsMap(authTokens.idToken.toString()) : {};\n const region = getRegionFromIdentityPoolId(authConfig.identityPoolId);\n const clientResult = await getCredentialsForIdentity({\n region\n }, {\n IdentityId: identityId,\n Logins: logins\n });\n if (clientResult.Credentials && clientResult.Credentials.AccessKeyId && clientResult.Credentials.SecretKey) {\n const res = {\n credentials: {\n accessKeyId: clientResult.Credentials.AccessKeyId,\n secretAccessKey: clientResult.Credentials.SecretKey,\n sessionToken: clientResult.Credentials.SessionToken,\n expiration: clientResult.Credentials.Expiration\n },\n identityId\n };\n // Store the credentials in-memory along with the expiration\n this._credentialsAndIdentityId = {\n ...res,\n isAuthenticatedCreds: true,\n associatedIdToken: authTokens.idToken?.toString()\n };\n this._nextCredentialsRefresh = new Date().getTime() + CREDENTIALS_TTL;\n const identityIdRes = clientResult.IdentityId;\n if (identityIdRes) {\n res.identityId = identityIdRes;\n this._identityIdStore.storeIdentityId({\n id: identityIdRes,\n type: 'primary'\n });\n }\n return res;\n } else {\n throw new AuthError({\n name: 'CredentialsException',\n message: `Cognito did not respond with either Credentials, AccessKeyId or SecretKey.`\n });\n }\n }\n isPastTTL() {\n return this._nextCredentialsRefresh === undefined ? true : this._nextCredentialsRefresh <= Date.now();\n }\n hasTokenChanged(tokens) {\n return !!tokens && !!this._credentialsAndIdentityId?.associatedIdToken && tokens.idToken?.toString() !== this._credentialsAndIdentityId.associatedIdToken;\n }\n}\nexport { CognitoAWSCredentialsAndIdentityIdProvider };\n","import { inject, Injectable } from '@angular/core';\nimport { AuthSession, deleteUser, fetchAuthSession, fetchUserAttributes, getCurrentUser, } from '@aws-amplify/auth';\nimport { UserService } from 'app/core/user/user.service';\nimport { signIn, signOut, resetPassword, signUp, confirmResetPassword, confirmSignUp, resendSignUpCode } from '@aws-amplify/auth';\nimport { Hub } from 'aws-amplify/utils';\nimport { TranslocoService } from '@jsverse/transloco';\n\n\n\n@Injectable({ providedIn: 'root' })\nexport class AuthService {\n private _authenticated: boolean = false;\n private _userService = inject(UserService);\n private _translation = inject(TranslocoService);\n private email: string = '';\n private password: string = '';\n \n // -----------------------------------------------------------------------------------------------------\n // @ Accessors\n // -----------------------------------------------------------------------------------------------------\n\n constructor() {\n Hub.listen('auth', async ({ payload }) => {\n console.log('A new auth event has happened: ', payload);\n switch (payload.event) {\n case 'signedIn':\n await this.getUser();\n break;\n case 'signedOut':\n this._userService.user = null;\n console.log('User has been signedOut successfully.');\n break;\n case 'tokenRefresh':\n console.log('auth tokens have been refreshed.');\n break;\n case 'tokenRefresh_failure':\n console.log('failure while refreshing auth tokens.');\n break;\n case \"signInWithRedirect\":\n break;\n case \"signInWithRedirect_failure\":\n console.log(\"signInWithRedirect_failure\");\n break;\n case \"customOAuthState\":\n const state = payload.data; // this will be customState provided on signInWithRedirect function\n break;\n\n }\n });\n\n fetchAuthSession().then((session) => {\n if (!session.tokens?.accessToken) return;\n this.getUser();\n\n });\n\n }\n\n gettingUser = false;\n\n async getUser() {\n\n if (this.gettingUser) return;\n this.gettingUser = true;\n try{\n const attributes = await fetchUserAttributes();\n await this._userService.setup(attributes);\n }\n finally {\n this.gettingUser = false;\n }\n\n \n }\n\n\n /**\n * Setter & getter for access token\n */\n set accessToken(token: string) {\n localStorage.setItem('accessToken', token);\n }\n\n get accessToken(): string {\n return localStorage.getItem('accessToken') ?? '';\n }\n\n get user() {\n return this._userService.user;\n }\n\n // -----------------------------------------------------------------------------------------------------\n // @ Public methods\n // -----------------------------------------------------------------------------------------------------\n\n /**\n * Forgot password\n *\n * @param email\n */\n async forgotPassword(email: string) {\n this.email = email;\n await resetPassword({ username: email });\n }\n\n async delete() {\n await deleteUser();\n }\n\n\n async resendConfirmationCode() {\n if (!this.email) throw ({ message: this._translation.translate('auth.errorBadStatus') });\n await resendSignUpCode({ username: this.email });\n }\n\n /**\n * Reset password\n *\n * @param password\n */\n async confirmForgotPassword(code: string, password: string) {\n if (!this.email) throw ({ message:this._translation.translate('auth.errorBadStatus') });\n this.password = password; \n\n await confirmResetPassword({ username: this.email, newPassword: password, confirmationCode: code });\n if (this.email && this.password) {\n await signIn({ username: this.email, password: this.password });\n this.email = '';\n this.password = '';\n }\n }\n\n /**\n * Sign in\n *\n * @param credentials\n */\n async signIn(email: string, password: string) {\n if (this._authenticated) return\n this.email = email;\n const result = await signIn({ username: email, password: password });\n this._authenticated = result.isSignedIn\n return result.isSignedIn;\n }\n\n\n /**\n * Sign out\n */\n async signOut() {\n this._authenticated = false;\n await signOut();\n }\n\n /**\n * Sign up\n *\n * @param user\n */\n async signUp(email: string, password: string, token, gdpr: string) {\n const { isSignUpComplete } = await signUp({\n username: email,\n password: password,\n options: {\n userAttributes: {\n email: email,\n 'custom:gdpr': gdpr\n },\n validationData: { recaptchaToken: token }\n }\n });\n this.email = email;\n this.password = password;\n return isSignUpComplete;\n\n }\n\n async confirmSignUp(code: string) {\n if (!this.email) throw ({ message: this._translation.translate('auth.errorBadStatus') });\n await confirmSignUp({ username: this.email, confirmationCode: code });\n if (this.email && this.password) {\n await signIn({ username: this.email, password: this.password });\n this.email = '';\n this.password = '';\n }\n }\n\n /**\n * Check the authentication status\n */\n async check(): Promise {\n const session: AuthSession = await fetchAuthSession();\n this._authenticated = session.tokens?.accessToken ? true : false;\n return this._authenticated ? true : false;\n }\n\n\n}\n"],"mappings":"2fAIA,IAAMA,EAAwB,CAACC,EAAQC,IAA2BC,GAAoBC,EAAA,CACpF,SAAUC,GAAS,KACnB,OAAAJ,GACGC,EACJ,ECJD,IAAMI,EAAN,MAAMC,UAAkBC,EAAa,CACnC,YAAYC,EAAQ,CAClB,MAAMA,CAAM,EAGZ,KAAK,YAAcF,EACnB,OAAO,eAAe,KAAMA,EAAU,SAAS,CACjD,CACF,ECZA,IAAMG,GAAuB,CAC3B,YAAa,cACb,QAAS,UACT,aAAc,eACd,WAAY,aACZ,aAAc,eACd,UAAW,YACX,kBAAmB,oBACnB,eAAgB,iBAChB,cAAe,gBACf,cAAe,eACjB,ECPA,IAAIC,GAAsC,SAAUA,EAAwB,CAC1E,OAAAA,EAAuB,kBAAuB,oBACvCA,CACT,EAAEA,IAA0B,CAAC,CAAC,EACxBC,GAA0B,CAC9B,CAACD,GAAuB,iBAAiB,EAAG,CAC1C,QAAS,kBACT,mBAAoB,iCACtB,CACF,EACME,GAASC,GAAwBF,EAAuB,ECV9D,IAAMG,GAAN,KAAwB,CACtB,aAAc,CACZ,KAAK,KAAO,gCACd,CACA,oBAAqB,CACnB,GAAI,CAAC,KAAK,gBACR,MAAM,IAAIC,EAAU,CAClB,KAAM,mCACN,QAAS,6CACX,CAAC,EAEH,OAAO,KAAK,eACd,CACA,mBAAmBC,EAAiB,CAClC,KAAK,gBAAkBA,CACzB,CACA,cAAcC,EAAY,CACxB,KAAK,WAAaA,CACpB,CACM,YAAa,QAAAC,EAAA,sBAGjB,GAAI,CACF,IAAMC,EAAW,MAAM,KAAK,YAAY,EAClCC,EAAoB,MAAM,KAAK,mBAAmB,EAAE,QAAQD,EAAS,WAAW,EACtF,GAAI,CAACC,EACH,MAAM,IAAIL,EAAU,CAClB,KAAM,0BACN,QAAS,uDACX,CAAC,EAEH,IAAMM,EAAcC,EAAUF,CAAiB,EACzCG,EAAW,MAAM,KAAK,mBAAmB,EAAE,QAAQJ,EAAS,OAAO,EACnEK,EAAUD,EAAWD,EAAUC,CAAQ,EAAI,OAC3CE,GAAgB,MAAM,KAAK,mBAAmB,EAAE,QAAQN,EAAS,YAAY,IAAM,OACnFO,GAAoB,MAAM,KAAK,mBAAmB,EAAE,QAAQP,EAAS,UAAU,IAAM,IACrFQ,EAAa,OAAO,SAASD,CAAgB,EAC7CE,EAAgB,MAAM,KAAK,mBAAmB,EAAE,QAAQT,EAAS,aAAa,EAC9EU,EAAS,CACb,YAAAR,EACA,QAAAG,EACA,aAAAC,EACA,gBAAiB,MAAM,KAAK,kBAAkB,IAAM,OACpD,WAAAE,EACA,SAAU,MAAM,KAAK,gBAAgB,CACvC,EACA,OAAIC,IACFC,EAAO,cAAgB,KAAK,MAAMD,CAAa,GAE1CC,CACT,MAAc,CACZ,OAAO,IACT,CACF,GACM,YAAYA,EAAQ,QAAAX,EAAA,sBACxBY,GAAOD,IAAW,OAAWE,GAAuB,iBAAiB,EACrE,MAAM,KAAK,YAAY,EACvB,IAAMC,EAAeH,EAAO,SAC5B,MAAM,KAAK,mBAAmB,EAAE,QAAQ,KAAK,mBAAmB,EAAGG,CAAY,EAC/E,IAAMb,EAAW,MAAM,KAAK,YAAY,EACxC,MAAM,KAAK,mBAAmB,EAAE,QAAQA,EAAS,YAAaU,EAAO,YAAY,SAAS,CAAC,EACvFA,EAAO,UACT,MAAM,KAAK,mBAAmB,EAAE,QAAQV,EAAS,QAASU,EAAO,QAAQ,SAAS,CAAC,GAEjFA,EAAO,eACT,MAAM,KAAK,mBAAmB,EAAE,QAAQV,EAAS,aAAcU,EAAO,YAAY,GAEhFA,EAAO,iBACLA,EAAO,eAAe,YACxB,MAAM,KAAK,mBAAmB,EAAE,QAAQV,EAAS,UAAWU,EAAO,eAAe,SAAS,GAEzFA,EAAO,eAAe,iBACxB,MAAM,KAAK,mBAAmB,EAAE,QAAQV,EAAS,eAAgBU,EAAO,eAAe,cAAc,GAEvG,MAAM,KAAK,mBAAmB,EAAE,QAAQV,EAAS,kBAAmBU,EAAO,eAAe,cAAc,GAEtGA,EAAO,gBACT,MAAM,KAAK,mBAAmB,EAAE,QAAQV,EAAS,cAAe,KAAK,UAAUU,EAAO,aAAa,CAAC,GAEtG,MAAM,KAAK,mBAAmB,EAAE,QAAQV,EAAS,WAAY,GAAGU,EAAO,UAAU,EAAE,CACrF,GACM,aAAc,QAAAX,EAAA,sBAClB,IAAMC,EAAW,MAAM,KAAK,YAAY,EAExC,MAAM,QAAQ,IAAI,CAAC,KAAK,mBAAmB,EAAE,WAAWA,EAAS,WAAW,EAAG,KAAK,mBAAmB,EAAE,WAAWA,EAAS,OAAO,EAAG,KAAK,mBAAmB,EAAE,WAAWA,EAAS,UAAU,EAAG,KAAK,mBAAmB,EAAE,WAAWA,EAAS,YAAY,EAAG,KAAK,mBAAmB,EAAE,WAAWA,EAAS,aAAa,EAAG,KAAK,mBAAmB,EAAE,WAAW,KAAK,mBAAmB,CAAC,EAAG,KAAK,mBAAmB,EAAE,WAAWA,EAAS,aAAa,CAAC,CAAC,CAC7b,GACM,kBAAkBc,EAAU,QAAAf,EAAA,sBAChC,IAAMC,EAAW,MAAM,KAAK,YAAYc,CAAQ,EAC1CC,EAAY,MAAM,KAAK,mBAAmB,EAAE,QAAQf,EAAS,SAAS,EACtEgB,EAAiB,MAAM,KAAK,mBAAmB,EAAE,QAAQhB,EAAS,cAAc,EAChFiB,EAAiB,MAAM,KAAK,mBAAmB,EAAE,QAAQjB,EAAS,iBAAiB,EACzF,OAAOiB,GAAkBD,GAAkBD,EAAY,CACrD,UAAAA,EACA,eAAAC,EACA,eAAAC,CACF,EAAI,IACN,GACM,oBAAoBH,EAAU,QAAAf,EAAA,sBAClC,IAAMC,EAAW,MAAM,KAAK,YAAYc,CAAQ,EAChD,MAAM,QAAQ,IAAI,CAAC,KAAK,mBAAmB,EAAE,WAAWd,EAAS,SAAS,EAAG,KAAK,mBAAmB,EAAE,WAAWA,EAAS,cAAc,EAAG,KAAK,mBAAmB,EAAE,WAAWA,EAAS,iBAAiB,CAAC,CAAC,CAC/M,GACM,YAAYc,EAAU,QAAAf,EAAA,sBAC1BmB,EAA0B,KAAK,YAAY,OAAO,EAClD,IAAML,EAAeC,IAAa,MAAM,KAAK,gBAAgB,GAC7D,OAAOK,GAAyB,KAAK,KAAM,GAAG,KAAK,WAAW,QAAQ,gBAAgB,IAAIN,CAAY,EAAE,CAC1G,GACA,oBAAqB,CACnBK,EAA0B,KAAK,YAAY,OAAO,EAClD,IAAME,EAAa,KAAK,WAAW,QAAQ,iBAC3C,MAAO,GAAG,KAAK,IAAI,IAAIA,CAAU,eACnC,CACM,iBAAkB,QAAArB,EAAA,sBAEtB,OADsB,MAAM,KAAK,mBAAmB,EAAE,QAAQ,KAAK,mBAAmB,CAAC,IAAM,UAE/F,GACM,iBAAiBsB,EAAU,QAAAtB,EAAA,sBAC/B,GAAM,CACJ,cAAeuB,CACjB,EAAI,MAAM,KAAK,YAAY,EAC3B,MAAM,KAAK,mBAAmB,EAAE,QAAQA,EAAkB,KAAK,UAAUD,CAAQ,CAAC,CACpF,GACM,kBAAmB,QAAAtB,EAAA,sBACvB,GAAM,CACJ,cAAeuB,CACjB,EAAI,MAAM,KAAK,YAAY,EACrBC,EAAgB,MAAM,KAAK,mBAAmB,EAAE,QAAQD,CAAgB,EAC9E,OAAOC,GAAiB,KAAK,MAAMA,CAAa,CAClD,GACF,EACMJ,GAA2B,CAACK,EAAUJ,IACnCK,GAAmBC,EAAoB,EAAE,GAAGF,CAAQ,GAAIJ,CAAU,EAE3E,SAASK,GAAmBzB,EAAU,CACpC,IAAM2B,EAAO,OAAO,OAAOC,EAAA,GACtB5B,EACJ,EACD,MAAO,CAAC6B,EAAQT,IAAeO,EAAK,OAAO,CAACG,EAAKC,IAAaC,EAAAJ,EAAA,GACzDE,GADyD,CAE5D,CAACC,CAAO,EAAG,GAAGF,CAAM,IAAIT,CAAU,IAAIW,CAAO,EAC/C,GAAI,CAAC,CAAC,CACR,CC5IA,IAAME,GAAiC,+BACjCC,GAAuC,oCACvCC,GAAsC,kCACtCC,GAAyB,sBACzBC,GAA6B,2BAC7BC,GAA+B,4BAC/BC,GAAuC,uCACvCC,GAA2B,IAAIC,EAAU,CAC7C,KAAMJ,GACN,QAAS,4EACT,mBAAoB,yEACtB,CAAC,EACKK,GAA4B,IAAID,EAAU,CAC9C,KAAMH,GACN,QAAS,2DACT,mBAAoB,sEACtB,CAAC,EACKK,GAAuC,IAAIF,EAAU,CACzD,KAAMF,GACN,QAAS,4GACT,mBAAoB,+DACtB,CAAC,EACKK,GAA2B,yBAC3BC,GAAyB,IAAIJ,EAAU,CAC3C,KAAMG,GACN,QAAS,wGACT,mBAAoB,sDACtB,CAAC,EACKE,GAA0B,wBAC1BC,GAA0B,wBAC1BC,GAA4C,wCCvBlD,SAASC,GAAiBC,EAAQ,CAChC,GAAI,CAACA,GAAU,CAACA,EAAO,YACrB,MAAM,IAAIC,EAAU,CAClB,KAAMC,GACN,QAAS,mDACT,mBAAoB,wCACtB,CAAC,CAEL,CACA,SAASC,GAA0BH,EAAQ,CACzC,GAAI,CAACA,GAAU,CAACA,EAAO,QACrB,MAAM,IAAIC,EAAU,CAClB,KAAMC,GACN,QAAS,mDACT,mBAAoB,wCACtB,CAAC,CAEL,CACA,IAAME,GAA6B,IAAIH,EAAU,CAC/C,KAAMI,GACN,QAAS;AAAA,mEAET,mBAAoB;AAAA,8BAEtB,CAAC,EACKC,GAAwB,IAAIL,EAAU,CAC1C,KAAMC,GACN,QAAS,mDACT,mBAAoB,wCACtB,CAAC,EACD,SAASK,GAAiCP,EAAQ,CAChD,GAAIQ,GAAqCR,CAAM,EAC7C,MAAMI,GAER,GAAI,CAACK,GAAgCT,CAAM,EACzC,MAAMM,EAEV,CACA,SAASI,GAAqBC,EAAgB,CAC5C,GAAI,CAACA,GAAkB,CAACA,EAAe,WAAa,CAACA,EAAe,gBAAkB,CAACA,EAAe,eACpG,MAAM,IAAIV,EAAU,CAClB,KAAMW,GACN,QAAS,gGACT,mBAAoB,8DACtB,CAAC,CAEL,CACA,IAAMC,GAAmB,CACvB,cAAe,gBACf,YAAa,cACb,UAAW,YACX,WAAY,YACd,EACA,SAASC,GAAgBd,EAAQ,CAC/B,OAAOA,GAAQ,aAAeA,GAAQ,OACxC,CACA,SAASS,GAAgCT,EAAQ,CAC/C,OAAOc,GAAgBd,CAAM,GAAKA,GAAQ,YAC5C,CACA,SAASQ,GAAqCR,EAAQ,CACpD,OAAOc,GAAgBd,CAAM,GAAK,CAACA,GAAQ,YAC7C,CClEA,IAAMe,GAAmB,+BACnBC,EAAO,iCACPC,GAAN,KAAwB,CACtB,YAAYC,EAAiB,CAC3B,KAAK,gBAAkBA,CACzB,CACM,wBAAyB,QAAAC,EAAA,sBAC7BC,EAA0B,KAAK,aAAa,EAC5C,IAAMC,EAAWC,GAAyBN,EAAM,KAAK,cAAc,gBAAgB,EACnF,MAAM,QAAQ,IAAI,CAAC,KAAK,gBAAgB,WAAWK,EAAS,aAAa,EAAG,KAAK,gBAAgB,WAAWA,EAAS,SAAS,EAAG,KAAK,gBAAgB,WAAWA,EAAS,UAAU,CAAC,CAAC,CACxL,GACM,gBAAiB,QAAAF,EAAA,sBACrBC,EAA0B,KAAK,aAAa,EAC5C,IAAMC,EAAWC,GAAyBN,EAAM,KAAK,cAAc,gBAAgB,EACnF,aAAM,KAAK,uBAAuB,EAClC,MAAM,KAAK,gBAAgB,WAAWD,EAAgB,EAC/C,KAAK,gBAAgB,WAAWM,EAAS,WAAW,CAC7D,GACA,gBAAiB,CACfD,EAA0B,KAAK,aAAa,EAC5C,IAAMC,EAAWC,GAAyBN,EAAM,KAAK,cAAc,gBAAgB,EACnF,OAAO,KAAK,gBAAgB,QAAQK,EAAS,UAAU,CACzD,CACA,gBAAgBE,EAAO,CACrBH,EAA0B,KAAK,aAAa,EAC5C,IAAMC,EAAWC,GAAyBN,EAAM,KAAK,cAAc,gBAAgB,EACnF,OAAO,KAAK,gBAAgB,QAAQK,EAAS,WAAYE,CAAK,CAChE,CACA,UAAW,CACTH,EAA0B,KAAK,aAAa,EAC5C,IAAMC,EAAWC,GAAyBN,EAAM,KAAK,cAAc,gBAAgB,EACnF,OAAO,KAAK,gBAAgB,QAAQK,EAAS,SAAS,CACxD,CACA,UAAUG,EAAM,CACdJ,EAA0B,KAAK,aAAa,EAC5C,IAAMC,EAAWC,GAAyBN,EAAM,KAAK,cAAc,gBAAgB,EACnF,OAAO,KAAK,gBAAgB,QAAQK,EAAS,UAAWG,CAAI,CAC9D,CACA,cAAcC,EAAiB,CAC7B,KAAK,cAAgBA,CACvB,CACM,mBAAoB,QAAAN,EAAA,sBACxBC,EAA0B,KAAK,aAAa,EAC5C,IAAMC,EAAWC,GAAyBN,EAAM,KAAK,cAAc,gBAAgB,EACnF,OAAQ,MAAM,KAAK,gBAAgB,QAAQK,EAAS,aAAa,KAAO,MAC1E,GACM,mBAAmBK,EAAU,QAAAP,EAAA,sBACjCC,EAA0B,KAAK,aAAa,EAC5C,IAAMC,EAAWC,GAAyBN,EAAM,KAAK,cAAc,gBAAgB,EACnF,MAAM,KAAK,gBAAgB,QAAQK,EAAS,cAAe,GAAGK,CAAQ,EAAE,CAC1E,GACM,iBAAkB,QAAAP,EAAA,sBACtBC,EAA0B,KAAK,aAAa,EAC5C,IAAMC,EAAWC,GAAyBN,EAAM,KAAK,cAAc,gBAAgB,EAC7EW,EAAyB,MAAM,KAAK,gBAAgB,QAAQZ,EAAgB,EAC5E,CAACa,EAAeC,CAAoB,GAAK,MAAM,KAAK,gBAAgB,QAAQR,EAAS,WAAW,IAAI,MAAM,GAAG,GAAK,CAAC,EACzH,MAAO,CACL,cAAeO,IAAkB,QAAUD,IAA2B,OACtE,qBAAsBE,IAAyB,MACjD,CACF,GACM,iBAAiBC,EAAaD,EAAuB,GAAO,QAAAV,EAAA,sBAChEC,EAA0B,KAAK,aAAa,EAC5C,IAAMC,EAAWC,GAAyBN,EAAM,KAAK,cAAc,gBAAgB,EACnF,MAAM,KAAK,gBAAgB,QAAQK,EAAS,YAAa,GAAGS,CAAW,IAAID,CAAoB,EAAE,CACnG,GACF,EACMP,GAA2B,CAACS,EAAUC,IACnCC,GAAmBC,EAAgB,EAAEH,EAAUC,CAAU,ECrElE,IAAMG,EAAa,IAAIC,GAAkBC,EAAc,ECDvD,SAASC,EAAwBC,EAAY,CAC3C,IAAMC,EAASD,GAAY,MAAM,GAAG,EAAE,CAAC,EACvC,GAAI,CAACA,GAAcA,EAAW,QAAQ,GAAG,EAAI,GAAK,CAACC,GAAU,OAAOA,GAAW,SAAU,MAAM,IAAIC,EAAU,CAC3G,KAAM,oBACN,QAAS,gCACX,CAAC,EACD,OAAOD,CACT,CACA,SAASE,GAA4BC,EAAgB,CACnD,GAAI,CAACA,GAAkB,CAACA,EAAe,SAAS,GAAG,EACjD,MAAM,IAAIF,EAAU,CAClB,KAAM,iCACN,QAAS,qCACT,mBAAoB,0DACtB,CAAC,EAEH,OAAOE,EAAe,MAAM,GAAG,EAAE,CAAC,CACpC,CCnBA,IAAMC,EAA2BC,GAAa,CAACC,EAAOC,IAAa,CACjE,IAAMC,EAAUC,GAAiBJ,CAAS,EACpCK,EAAO,KAAK,UAAUJ,CAAK,EACjC,OAAOK,GAAoBJ,EAAUC,EAASE,CAAI,CACpD,EACMD,GAAmBJ,IAAc,CACrC,eAAgB,6BAChB,eAAgB,qCAAqCA,CAAS,EAChE,GACMM,GAAsB,CAAC,CAC3B,IAAAC,CACF,EAAGJ,EAASE,KAAU,CACpB,QAAAF,EACA,IAAAI,EACA,KAAAF,EACA,OAAQ,MACV,GCbA,SAASG,EAAmBC,EAAO,CACjC,GAAI,CAACA,GAASA,EAAM,OAAS,SAAWA,aAAiB,UACvD,MAAM,IAAIC,EAAU,CAClB,KAAMC,GAAiB,QACvB,QAAS,iCACT,gBAAiBF,CACnB,CAAC,CAEL,CCPA,IAAMG,EAA6B,IAAYC,GAAYC,EAAA,wBACzD,GAAID,EAAS,YAAc,IAAK,CAC9B,IAAME,EAAQ,MAAMC,GAAeH,CAAQ,EAC3C,MAAAI,EAAmBF,CAAK,EAClB,IAAIG,EAAU,CAClB,KAAMH,EAAM,KACZ,QAASA,EAAM,OACjB,CAAC,CACH,CACA,OAAOI,GAAcN,CAAQ,CAC/B,GCRA,IAAMO,GAAgC,IAAM,CAACC,EAAMC,IAAM,SAAsCC,EAAS,QAAAC,EAAA,sBACtG,OAAAD,EAAQ,QAAQ,eAAe,EAAI,WAC5BF,EAAKE,CAAO,CACrB,IAOME,EAAiCC,GAAuBC,GAAwB,CAACP,EAA6B,CAAC,ECbrH,IAAMQ,GAA2B,cCCjC,IAAMC,EAAoC,CACxC,QAASC,GACT,aAAcC,GAAgBC,EAAc,EAC5C,aAAcC,GACd,eAAgBC,GAAoB,EACpC,MAAO,UACT,ECFA,IAAMC,GAA2BC,GAAUC,EAAkBC,EAAgCC,EAAyB,cAAc,EAAGC,EAA2B,EAAGC,IAAA,GAChKC,GACAN,EACJ,ECPD,IAAMO,GAAkC,CAAC,CACvC,OAAAC,CACF,KAAO,CACL,IAAK,IAAIC,EAAW,WAAWC,EAAwB,IAAIF,CAAM,IAAIG,GAAaH,CAAM,CAAC,EAAE,CAC7F,GCRA,IAAMI,EAAwC,CAAC,CAC7C,iBAAAC,CACF,IAAMC,GACAD,EACK,CACL,IAAK,IAAIE,EAAWF,CAAgB,CACtC,EAEKG,GAAgCF,CAAK,ECR9C,SAASG,EAAmB,CAC1B,SAAAC,EACA,WAAAC,EACA,iBAAAC,CACF,EAAG,CACD,GAAI,OAAO,OAAW,IACpB,OAEF,IAAMC,EAAoC,OAAO,kCACjD,GAAI,OAAOA,EAAsC,IAC/C,OAEF,IAAMC,EAAuBD,EAAkC,QAAQH,EAAUC,EAAYC,CAAgB,EAC7G,OAAIE,EACsB,CACtB,YAAaA,CACf,EAGK,CAAC,CACV,CCRA,IAAMC,GAAmCC,GAInCC,EAAA,QAJmCD,GAInC,UAJmC,CACvC,OAAAE,EACA,WAAAC,EACA,SAAAC,CACF,EAAM,CACJC,EAA0BF,GAAY,OAAO,EAC7C,GAAM,CACJ,WAAAG,EACA,iBAAAC,EACA,iBAAAC,CACF,EAAIL,EAAW,QACTM,EAASC,EAAwBJ,CAAU,EACjDK,GAAiCT,CAAM,EACvC,IAAMU,EAAqBV,EAAO,aAC5BW,EAAiB,CACrB,cAAeD,CACjB,EACIV,EAAO,gBAAgB,YACzBW,EAAe,WAAaX,EAAO,eAAe,WAEpD,IAAMY,EAAkBC,EAAmB,CACzC,SAAAX,EACA,WAAAE,EACA,iBAAAC,CACF,CAAC,EACKS,EAAeC,GAAyB,CAC5C,iBAAkBC,EAAsC,CACtD,iBAAkBV,CACpB,CAAC,CACH,CAAC,EACK,CACJ,qBAAAW,CACF,EAAI,MAAMH,EAAa,CACrB,OAAAP,CACF,EAAG,CACD,SAAUF,EACV,SAAU,qBACV,eAAAM,EACA,gBAAAC,CACF,CAAC,EACKM,EAAcC,EAAUF,GAAsB,aAAe,EAAE,EAC/DG,EAAUH,GAAsB,QAAUE,EAAUF,EAAqB,OAAO,EAAI,OACpF,CACJ,IAAAI,CACF,EAAIH,EAAY,QAEhB,GAAI,CAACG,EACH,MAAM,IAAIC,EAAU,CAClB,KAAM,uBACN,QAAS,+BACX,CAAC,EAEH,IAAMC,EAAaF,EAAM,IAAO,IAAI,KAAK,EAAE,QAAQ,EACnD,MAAO,CACL,YAAAH,EACA,QAAAE,EACA,WAAAG,EACA,aAAcb,EACd,SAAAR,CACF,CACF,GACMsB,GAAoBC,GAAoB5B,EAAyB,ECzEvE,IAAM6B,GAAmB,CAAC,EACpBC,GAAqBC,GAAY,CACrCF,GAAiB,KAAKE,CAAQ,CAChC,EACMC,GAAkC,IAAM,CAC5C,KAAOH,GAAiB,QACtBA,GAAiB,IAAI,IAAI,CAE7B,ECDA,IAAMI,GAAN,KAAwB,CACtB,aAAc,CACZ,KAAK,qBAAuBC,GAAU,EAAI,IAAYC,EAAA,sBACpD,GAAM,MAAMC,EAAW,kBAAkB,EAGzC,OAAI,KAAK,gBACA,KAAK,iBAKd,KAAK,gBAAkB,IAAI,QAAQ,CAACC,EAASC,IAAY,CACvDC,GAAmBF,CAAO,CAC5B,CAAC,EACM,KAAK,gBACd,GAAI,IAAYF,EAAA,sBAEhB,EACF,CACA,cAAcK,EAAY,CACxBJ,EAAW,cAAcI,EAAW,OAAO,EAC3C,KAAK,WAAaA,CACpB,CACA,kBAAkBC,EAAgB,CAChC,KAAK,eAAiBA,CACxB,CACA,kBAAkBC,EAAY,CAC5B,KAAK,WAAaA,CACpB,CACA,eAAgB,CACd,GAAI,CAAC,KAAK,WACR,MAAM,IAAIC,EAAU,CAClB,KAAM,2BACN,QAAS,oBACX,CAAC,EAEH,OAAO,KAAK,UACd,CACA,mBAAoB,CAClB,GAAI,CAAC,KAAK,eACR,MAAM,IAAIA,EAAU,CAClB,KAAM,+BACN,QAAS,wBACX,CAAC,EAEH,OAAO,KAAK,cACd,CACM,UAAUC,EAAS,QAAAT,EAAA,sBACvB,IAAIU,EACJ,GAAI,CACFC,EAA0B,KAAK,YAAY,OAAO,CACpD,MAAe,CAEb,OAAO,IACT,CACA,MAAM,KAAK,qBAAqB,EAChC,KAAK,gBAAkB,OACvBD,EAAS,MAAM,KAAK,cAAc,EAAE,WAAW,EAC/C,IAAME,EAAW,MAAM,KAAK,cAAc,EAAE,gBAAgB,EAC5D,GAAIF,IAAW,KACb,OAAO,KAET,IAAMG,EAAiB,CAAC,CAACH,GAAQ,SAAWI,GAAe,CACzD,WAAYJ,EAAO,SAAS,SAAS,KAAO,GAAK,IACjD,WAAYA,EAAO,YAAc,CACnC,CAAC,EACKK,EAAqBD,GAAe,CACxC,WAAYJ,EAAO,aAAa,SAAS,KAAO,GAAK,IACrD,WAAYA,EAAO,YAAc,CACnC,CAAC,EACD,OAAID,GAAS,cAAgBI,GAAkBE,KAC7CL,EAAS,MAAM,KAAK,cAAc,CAChC,OAAAA,EACA,SAAAE,CACF,CAAC,EACGF,IAAW,MACN,KAGJ,CACL,YAAaA,GAAQ,YACrB,QAASA,GAAQ,QACjB,cAAeA,GAAQ,aACzB,CACF,GACM,cAAcM,EAGjB,QAAAhB,EAAA,yBAHiB,CAClB,OAAAU,EACA,SAAAE,CACF,EAAG,CACD,GAAI,CACF,GAAM,CACJ,cAAAK,CACF,EAAIP,EACEQ,EAAY,MAAM,KAAK,kBAAkB,EAAE,CAC/C,OAAAR,EACA,WAAY,KAAK,WACjB,SAAAE,CACF,CAAC,EACD,OAAAM,EAAU,cAAgBD,EAC1B,MAAM,KAAK,UAAU,CACnB,OAAQC,CACV,CAAC,EACDC,EAAI,SAAS,OAAQ,CACnB,MAAO,cACT,EAAG,OAAQC,CAAc,EAClBF,CACT,OAASG,EAAK,CACZ,OAAO,KAAK,aAAaA,CAAG,CAC9B,CACF,GACA,aAAaA,EAAK,CAYhB,GAXAC,EAAmBD,CAAG,EAClBA,EAAI,UAAY,iBAElB,KAAK,YAAY,EAEnBF,EAAI,SAAS,OAAQ,CACnB,MAAO,uBACP,KAAM,CACJ,MAAOE,CACT,CACF,EAAG,OAAQD,CAAc,EACrBC,EAAI,KAAK,WAAW,wBAAwB,EAC9C,OAAO,KAET,MAAMA,CACR,CACM,UAAUL,EAEb,QAAAhB,EAAA,yBAFa,CACd,OAAAU,CACF,EAAG,CACD,OAAO,KAAK,cAAc,EAAE,YAAYA,CAAM,CAChD,GACM,aAAc,QAAAV,EAAA,sBAClB,OAAO,KAAK,cAAc,EAAE,YAAY,CAC1C,GACA,kBAAkBY,EAAU,CAC1B,OAAO,KAAK,cAAc,EAAE,kBAAkBA,CAAQ,CACxD,CACA,oBAAoBA,EAAU,CAC5B,OAAO,KAAK,cAAc,EAAE,oBAAoBA,CAAQ,CAC1D,CACA,iBAAiBW,EAAU,CACzB,OAAO,KAAK,cAAc,EAAE,iBAAiBA,CAAQ,CACvD,CACA,kBAAmB,CACjB,OAAO,KAAK,cAAc,EAAE,iBAAiB,CAC/C,CACF,ECtJA,IAAMC,GAAN,KAAoC,CAClC,aAAc,CACZ,KAAK,eAAiB,IAAIC,GAC1B,KAAK,eAAe,mBAAmBC,EAAc,EACrD,KAAK,kBAAoB,IAAIC,GAC7B,KAAK,kBAAkB,kBAAkB,KAAK,cAAc,EAC5D,KAAK,kBAAkB,kBAAkBC,EAAiB,CAC5D,CACA,UAAU,CACR,aAAAC,CACF,EAAI,CACF,aAAc,EAChB,EAAG,CACD,OAAO,KAAK,kBAAkB,UAAU,CACtC,aAAAA,CACF,CAAC,CACH,CACA,mBAAmBC,EAAiB,CAClC,KAAK,eAAe,mBAAmBA,CAAe,CACxD,CACA,cAAcC,EAAY,CACxB,KAAK,eAAe,cAAcA,CAAU,EAC5C,KAAK,kBAAkB,cAAcA,CAAU,CACjD,CACF,ECtBA,IAAMC,GAAgC,IAAIC,GACpC,CACJ,kBAAAC,CACF,EAAIF,GCPJ,SAAeG,EAAmBC,EAAsB,QAAAC,EAAA,sBACtD,GAAID,EAAqB,YAAa,CACpC,IAAME,EAAcC,EAAUH,EAAqB,WAAW,EACxDI,GAA+BF,EAAY,QAAQ,KAAO,GAAK,IAC/DG,EAAc,IAAI,KAAK,EAAE,QAAQ,EACjCC,EAAaF,EAA8B,EAAIA,EAA8BC,EAAc,EAC7FE,EACAC,EACAC,EACAT,EAAqB,eACvBQ,EAAeR,EAAqB,cAElCA,EAAqB,UACvBO,EAAUJ,EAAUH,EAAqB,OAAO,GAE9CA,GAAsB,oBACxBS,EAAiBT,EAAqB,mBAExC,IAAMU,EAAS,CACb,YAAAR,EACA,QAAAK,EACA,aAAAC,EACA,WAAAF,EACA,eAAAG,EACA,SAAUT,EAAqB,QACjC,EACIA,GAAsB,gBACxBU,EAAO,cAAgBV,EAAqB,eAE9C,MAAMW,EAAkB,UAAU,CAChC,OAAAD,CACF,CAAC,CACH,KAEE,OAAM,IAAIE,GAAa,CACrB,QAAS,iBACT,KAAM,gBACN,mBAAoB,iCACtB,CAAC,CAEL,GCxCA,IAAMC,GAAuBC,GAAWC,EAAA,wBACtC,IAAMC,EAAaF,EAAQ,UAAU,EAAE,MAAM,QAC7CG,EAA0BD,CAAU,EACpC,IAAME,EAAS,MAAMJ,EAAQ,KAAK,UAAU,CAC1C,aAAc,EAChB,CAAC,EACDK,GAAiBD,CAAM,EACvB,GAAM,CACJ,mBAAoBE,EACpB,IAAAC,CACF,EAAIH,EAAO,SAAS,SAAW,CAAC,EAC1BI,EAAW,CACf,SAAUF,EACV,OAAQC,CACV,EACME,EAAgBC,GAA2BN,CAAM,EACvD,OAAIK,IACFD,EAAS,cAAgBC,GAEpBD,CACT,GACA,SAASE,GAA2BN,EAAQ,CAC1C,OAAOA,GAAQ,aACjB,CCfA,IAAMO,GAAiB,IAAYC,EAAA,wBACjC,OAAOD,GAAiBE,CAAO,CACjC,GCPA,IAAMC,GAAgB,2DAChBC,GAA2B,IAAYC,EAAA,wBAC3C,GAAI,CACFC,EAAI,SAAS,OAAQ,CACnB,MAAO,WACP,KAAM,MAAMC,GAAe,CAC7B,EAAG,OAAQC,CAAc,CAC3B,OAASC,EAAO,CACd,MAAIA,EAAM,OAASC,GACX,IAAIC,EAAU,CAClB,KAAMC,GACN,QAAST,GACT,mBAAoB,yJACtB,CAAC,EAEGM,CACR,CACF,GCvBA,IAAII,EAAuC,SAAUA,EAAyB,CAC5E,OAAAA,EAAwB,oBAAyB,sBACjDA,EAAwB,oBAAyB,sBACjDA,EAAwB,yBAA8B,2BACtDA,EAAwB,oBAAyB,sBACjDA,EAAwB,oBAAyB,sBACjDA,EAAwB,2BAAgC,6BACxDA,EAAwB,uBAA4B,yBACpDA,EAAwB,8BAAmC,gCAC3DA,EAAwB,uBAA4B,yBACpDA,EAAwB,kCAAuC,oCAC/DA,EAAwB,qCAA0C,uCAClEA,EAAwB,0CAA+C,4CACvEA,EAAwB,2BAAgC,6BACxDA,EAAwB,yBAA8B,2BACtDA,EAAwB,8BAAmC,gCAC3DA,EAAwB,mBAAwB,qBAChDA,EAAwB,oBAAyB,sBAC1CA,CACT,EAAEA,GAA2B,CAAC,CAAC,ECjB/B,IAAMC,GAAqB,CACzB,CAACC,EAAwB,sBAAsB,EAAG,CAChD,QAAS,gDACX,EACA,CAACA,EAAwB,iCAAiC,EAAG,CAC3D,QAAS,8CACX,EACA,CAACA,EAAwB,sBAAsB,EAAG,CAChD,QAAS,mCACX,EACA,CAACA,EAAwB,0BAA0B,EAAG,CACpD,QAAS,uCACX,EACA,CAACA,EAAwB,yCAAyC,EAAG,CACnE,QAAS,sDACX,EACA,CAACA,EAAwB,oCAAoC,EAAG,CAC9D,QAAS,iDACX,EACA,CAACA,EAAwB,6BAA6B,EAAG,CACvD,QAAS,uCACX,EACA,CAACA,EAAwB,0BAA0B,EAAG,CACpD,QAAS,uCACX,EACA,CAACA,EAAwB,mBAAmB,EAAG,CAC7C,QAAS,gCACX,EACA,CAACA,EAAwB,mBAAmB,EAAG,CAC7C,QAAS,gCACX,EACA,CAACA,EAAwB,mBAAmB,EAAG,CAC7C,QAAS,gCACX,EACA,CAACA,EAAwB,mBAAmB,EAAG,CAC7C,QAAS,gCACX,EACA,CAACA,EAAwB,wBAAwB,EAAG,CAClD,QAAS,mEACT,mBAAoB,gDACtB,EACA,CAACA,EAAwB,kBAAkB,EAAG,CAC5C,QAAS,mEACT,mBAAoB,kDACtB,EACA,CAACA,EAAwB,wBAAwB,EAAG,CAClD,QAAS,qCACX,EACA,CAACA,EAAwB,mBAAmB,EAAG,CAC7C,QAAS,4DACX,EACA,CAACA,EAAwB,6BAA6B,EAAG,CACvD,QAAS,uDACX,CACF,EAEIC,EAAgC,SAAUA,EAAkB,CAC9D,OAAAA,EAAiB,YAAiB,uBAClCA,EAAiB,YAAiB,wBAClCA,EAAiB,YAAiB,+BAClCA,EAAiB,eAAoB,2BACrCA,EAAiB,iBAAsB,qEACvCA,EAAiB,eAAoB,2BACrCA,EAAiB,WAAgB,oCACjCA,EAAiB,cAAmB,yBACpCA,EAAiB,OAAY,+BAC7BA,EAAiB,YAAiB,mBAClCA,EAAiB,gBAAqB,qCACtCA,EAAiB,gBAAqB,sDACtCA,EAAiB,cAAmB,gBACpCA,EAAiB,cAAmB,4DACpCA,EAAiB,iBAAsB,yCACvCA,EAAiB,YAAiB,qEAC3BA,CACT,EAAEA,GAAoB,CAAC,CAAC,EACpBC,GAA8B,SAAUA,EAAgB,CAC1D,OAAAA,EAAe,gBAAqB,kBACpCA,EAAe,iBAAsB,uBAC9BA,CACT,EAAEA,IAAkB,CAAC,CAAC,EC7EtB,IAAMC,GAAS,IAAIC,EAAc,WAAW,EA2B5C,IAAMC,GAAoB,CACxB,iBAAkB,CAChB,QAASC,EAAiB,YAC1B,IAAK,2DACP,EACA,SAAU,CACR,QAASA,EAAiB,YAC1B,IAAK;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,SAUP,EACA,kBAAmB,CACjB,QAASA,EAAiB,YAC1B,IAAK;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,SAUP,EACA,cAAe,CACb,QAASA,EAAiB,cAC5B,EAEA,gBAAiB,CACf,QAASA,EAAiB,gBAC5B,EACA,cAAe,CACb,QAASA,EAAiB,cAC5B,EACA,UAAW,CACT,QAASA,EAAiB,UAC5B,EACA,YAAa,CACX,QAASA,EAAiB,cAC1B,IAAK,gEACP,EACA,MAAO,CACL,QAASA,EAAiB,MAC5B,EACA,WAAY,CACV,QAASA,EAAiB,WAC5B,EACA,uBAAwB,CACtB,QAASA,EAAiB,eAC5B,EACA,cAAe,CACb,QAASA,EAAiB,eAC5B,EACA,aAAc,CACZ,QAASA,EAAiB,aAC5B,EACA,aAAc,CACZ,QAASA,EAAiB,aAC5B,EACA,gBAAiB,CACf,QAASA,EAAiB,gBAC5B,EACA,QAAS,CACP,QAASA,EAAiB,WAC5B,CACF,ECnGA,IAAMC,GAAmB,CAACC,EAASC,IAAuB,IAAIC,EAAU,CACtE,QAASF,GAAW,kDACpB,KAAMG,GAAe,iBACrB,mBAAoBF,GAAsBG,GAAkB,iBAAiB,GAC/E,CAAC,ECRD,IAAIC,GAA8B,SAAUA,EAAgB,CAC1D,OAAAA,EAAe,SAAc,WAC7BA,EAAe,kBAAuB,oBACtCA,EAAe,cAAmB,gBAClCA,EAAe,gBAAqB,kBACpCA,EAAe,cAAmB,gBAClCA,EAAe,UAAe,YAC9BA,EAAe,YAAiB,cAChCA,EAAe,MAAW,QAC1BA,EAAe,WAAgB,aAC/BA,EAAe,uBAA4B,yBAC3CA,EAAe,cAAmB,gBAClCA,EAAe,QAAa,UAC5BA,EAAe,aAAkB,eACjCA,EAAe,aAAkB,eACjCA,EAAe,gBAAqB,kBACpCA,EAAe,iBAAsB,mBAC9BA,CACT,EAAEA,IAAkB,CAAC,CAAC,ECdtB,IAAMC,GAAuB,0CACvBC,GAA0B,gDAC1BC,GAA+B,6CAC/BC,GAAsBC,GAASC,EAAA,wBACnC,IAAMC,EAAa,MAAMC,EAAW,eAAe,EAE7CC,EAAiBJ,IAAUE,EAAaA,EAAa,OAC3D,GAAI,CAACE,EACH,MAAM,IAAIC,EAAU,CAClB,KAAMC,GAAe,iBACrB,QAASN,IAAU,KAAOJ,GAAuBC,GACjD,mBAAoBG,IAAU,KAAO,OAAYF,EACnD,CAAC,EAEH,OAAOM,CACT,GCPA,IAAMG,GAA2BC,GAQ3BC,EAAA,QAR2BD,GAQ3B,UAR2B,CAC/B,WAAAE,EACA,eAAAC,EACA,SAAAC,EACA,YAAAC,EACA,aAAAC,EACA,OAAAC,EACA,qBAAAC,CACF,EAAM,CACJ,IAAMC,EAAY,IAAIC,EAAWR,CAAU,EACrCS,EAAQF,EAAU,aAAa,IAAI,OAAO,EAC1CG,EAAeH,EAAU,aAAa,IAAI,mBAAmB,EACnE,GAAIE,EACF,MAAME,GAAiBD,GAAgBD,CAAK,EAE9C,OAAIL,IAAiB,OACZQ,GAAe,CACpB,WAAAZ,EACA,eAAAC,EACA,SAAAC,EACA,YAAAC,EACA,OAAAE,EACA,qBAAAC,CACF,CAAC,EAEIO,GAAmB,CACxB,WAAAb,EACA,YAAAG,EACA,qBAAAG,CACF,CAAC,CACH,GACMM,GAAwBd,GAOxBC,EAAA,QAPwBD,GAOxB,UAPwB,CAC5B,WAAAE,EACA,eAAAC,EACA,SAAAC,EACA,YAAAC,EACA,OAAAE,EACA,qBAAAC,CACF,EAAM,CAGJ,IAAMQ,EAAM,IAAIN,EAAWR,CAAU,EAC/Be,EAAOD,EAAI,aAAa,IAAI,MAAM,EAClCE,EAAQF,EAAI,aAAa,IAAI,OAAO,EAK1C,GAAI,CAACC,GAAQ,CAACC,EACZ,MAAML,GAAiB,4BAA4B,EAGrD,IAAMM,EAAiB,MAAMC,GAAcF,CAAK,EAC1CG,EAAqB,WAAad,EAAS,gBAO3Ce,EAAe,MAAMC,EAAW,SAAS,EACzCC,EAAiBC,EAAA,CACrB,WAAY,qBACZ,KAAAR,EACA,UAAWb,EACX,aAAcC,GACViB,EAAe,CACjB,cAAeA,CACjB,EAAI,CAAC,GAEDI,EAAO,OAAO,QAAQF,CAAc,EAAE,IAAI,CAAC,CAACG,GAAGC,EAAC,IAAM,GAAG,mBAAmBD,EAAC,CAAC,IAAI,mBAAmBC,EAAC,CAAC,EAAE,EAAE,KAAK,GAAG,EACnH,CACJ,aAAAC,EACA,cAAeC,EACf,SAAAC,EACA,MAAApB,EACA,cAAeC,GACf,WAAAoB,GACA,WAAAC,CACF,EAAI,MAAO,MAAM,MAAMZ,EAAoB,CACzC,OAAQ,OACR,QAAS,CACP,eAAgB,oCAChB,CAACa,EAAiB,EAAG/B,CACvB,EACA,KAAAuB,CACF,CAAC,GAAG,KAAK,EACT,GAAIf,EAEF,MAAME,GAAiBD,IAAgBD,CAAK,EAE9C,IAAMwB,IAAYN,GAAgBO,EAAUP,CAAY,EAAE,QAAQ,WAAa,WAC/E,aAAMQ,EAAmB,CACvB,SAAAF,GACA,YAAaN,EACb,QAASE,EACT,aAAcD,EACd,UAAWE,GACX,UAAWC,CACb,CAAC,EACMK,GAAa,CAClB,YAAAjC,EACA,MAAOc,EACP,qBAAAX,CACF,CAAC,CACH,GACMO,GAA4Bf,GAI5BC,EAAA,QAJ4BD,GAI5B,UAJ4B,CAChC,WAAAE,EACA,YAAAG,EACA,qBAAAG,CACF,EAAM,CAEJ,IAAMQ,EAAM,IAAIN,EAAWR,CAAU,EAC/B,CACJ,SAAA6B,EACA,aAAAF,EACA,MAAAX,EACA,WAAAc,EACA,WAAAC,EACA,kBAAAM,EACA,MAAA5B,CACF,GAAKK,EAAI,MAAQ,KAAK,UAAU,CAAC,EAChC,MAAM,GAAG,EAAE,IAAIwB,GAAYA,EAAS,MAAM,GAAG,CAAC,EAAE,OAAO,CAACC,EAAO,CAACd,EAAGC,CAAC,IAAOc,EAAAjB,EAAA,GACvEgB,GADuE,CAE1E,CAACd,CAAC,EAAGC,CACP,GAAI,CACF,SAAU,OACV,aAAc,OACd,MAAO,OACP,WAAY,OACZ,WAAY,OACZ,kBAAmB,OACnB,MAAO,MACT,CAAC,EACD,GAAIjB,EACF,MAAME,GAAiB0B,GAAqB5B,CAAK,EAEnD,GAAI,CAACkB,EAEH,MAAMhB,GAAiB,2CAA2C,EAEpE,IAAMM,EAAiB,MAAMC,GAAcF,CAAK,EAC1CiB,GAAYN,GAAgBO,EAAUP,CAAY,EAAE,QAAQ,WAAa,WAC/E,aAAMQ,EAAmB,CACvB,SAAAF,EACA,YAAaN,EACb,QAASE,EACT,UAAWC,EACX,UAAWC,CACb,CAAC,EACMK,GAAa,CAClB,YAAAjC,EACA,MAAOc,EACP,qBAAAX,CACF,CAAC,CACH,GACM8B,GAAsBtC,GAItBC,EAAA,QAJsBD,GAItB,UAJsB,CAC1B,YAAAK,EACA,MAAAa,EACA,qBAAAV,CACF,EAAM,CACJ,MAAMmC,EAAkB,iBAAiB,CACvC,YAAa,EACf,CAAC,EACD,MAAMpB,EAAW,eAAe,EAChC,MAAMA,EAAW,iBAAiB,GAAMf,CAAoB,EAI5DoC,GAAgC,EAC5BC,GAAc3B,CAAK,GACrB4B,EAAI,SAAS,OAAQ,CACnB,MAAO,mBACP,KAAMC,GAAcC,GAAe9B,CAAK,CAAC,CAC3C,EAAG,OAAQ+B,CAAc,EAE3BH,EAAI,SAAS,OAAQ,CACnB,MAAO,oBACT,EAAG,OAAQG,CAAc,EACzB,MAAMC,GAAyB,EAC/BC,GAAa9C,CAAW,CAC1B,GACMwC,GAAgB3B,GACb,IAAI,KAAKA,CAAK,EAEjB8B,GAAiB9B,GACdA,EAAM,MAAM,GAAG,EAAE,OAAO,CAAC,EAAE,KAAK,GAAG,EAEtCiC,GAAe9C,GAAe,CAC9B,OAAO,OAAW,KAAe,OAAO,OAAO,QAAY,KAC7D,OAAO,QAAQ,aAAa,OAAO,QAAQ,MAAO,GAAIA,CAAW,CAErE,ECzMA,SAAS+C,GAAeC,EAAWC,EAAsB,CACvD,GAAIA,EAAsB,CACxB,IAAMC,EAAcF,GAAW,KAAKG,GAAYA,IAAaF,CAAoB,EACjF,GAAI,CAACC,EACH,MAAME,GAER,OAAOF,CACT,KAAO,CACL,IAAMG,EAA+BL,GAAW,KAAKM,EAAuB,GAAKN,GAAW,KAAKO,EAAe,EAC1GC,EAAiCR,GAAW,KAAKS,EAAO,GAAKT,GAAW,KAAKU,EAAM,EACzF,GAAIL,EACF,OAAOA,EACF,MAAIG,EACHG,GAEFC,EACR,CACF,CAEA,IAAMN,GAA0BH,GAAYA,EAAS,WAAW,OAAO,OAAO,SAAS,OAAS,OAAO,SAAS,QAAe,CAAC,EAE1HI,GAAkBJ,GAAYA,EAAS,SAAS,OAAO,OAAO,SAAS,QAAQ,CAAC,EAChFO,GAASP,GAAYA,EAAS,WAAW,SAAS,EAClDM,GAAUN,GAAYA,EAAS,WAAW,UAAU,ECrB1D,IAAMU,GAAsBC,GAASC,EAAA,wBACnCC,GAAgC,EAChC,MAAMC,EAAW,uBAAuB,EACxCC,EAAI,SAAS,OAAQ,CACnB,MAAO,6BACP,KAAM,CACJ,MAAAJ,CACF,CACF,EAAG,OAAQK,CAAc,CAC3B,GCPA,IAAMC,GAAiCC,GAAcC,EAAA,wBACnD,GAAI,CACFC,EAA0BF,CAAU,EACpCG,GAAkBH,CAAU,EAC5BI,EAAW,cAAcJ,CAAU,CACrC,MAAY,CAIV,MACF,CAEA,GAAM,MAAMI,EAAW,kBAAkB,EAGzC,GAAI,CACF,IAAMC,EAAa,OAAO,SAAS,KAC7B,CACJ,UAAAC,EACA,iBAAAC,CACF,EAAIP,EACE,CACJ,OAAAQ,EACA,eAAAC,EACA,aAAAC,CACF,EAAIJ,EAAU,MACRK,EAAcC,GAAeH,CAAc,EACjD,MAAMI,GAAkB,CACtB,WAAAR,EACA,SAAUE,EACV,OAAAC,EACA,YAAAG,EACA,aAAAD,EACA,eAAgBI,EAAsBC,EAAW,kBAAkB,CACrE,CAAC,CACH,OAASC,EAAK,CACZ,MAAMC,GAAcD,CAAG,CACzB,CACF,GCvCAE,GAAU,GAERC,EAAQC,EAAkB,EAAEC,EAAwB,ECRtD,IAAMC,GAAqC,CACzC,OAAQ,SACR,SAAU,WACV,OAAQ,kBACR,MAAO,iBACT,ECLA,IAAMC,GAAwBC,GAAOC,EAAA,wBAC9B,QAAQ,WAIb,OAAO,SAAS,KAAOD,EAAI,QAAQ,UAAW,UAAU,EAC1D,GC+LA,IAAIE,GAAqC,SAAUA,EAAuB,CACxE,OAAAA,EAAsB,+BAAoC,iCAC1DA,EAAsB,mBAAwB,qBAC9CA,EAAsB,uBAA4B,yBAClDA,EAAsB,+BAAoC,iCAC1DA,EAAsB,0BAA+B,4BACrDA,EAAsB,oCAAyC,sCAC/DA,EAAsB,yCAA8C,2CACpEA,EAAsB,sCAA2C,wCACjEA,EAAsB,uBAA4B,yBAClDA,EAAsB,0BAA+B,4BACrDA,EAAsB,yBAA8B,2BACpDA,EAAsB,0BAA+B,4BACrDA,EAAsB,8BAAmC,gCACzDA,EAAsB,0BAA+B,4BACrDA,EAAsB,sBAA2B,wBAC1CA,CACT,EAAEA,IAAyB,CAAC,CAAC,ECnN7B,SAASC,EAAsBC,EAAWC,EAAM,CAC9C,GAAM,CACJ,QAAAC,EACA,mBAAAC,CACF,EAAIC,GAAmBH,CAAI,EAC3B,GAAI,CAACD,EACH,MAAM,IAAIK,EAAU,CAClB,KAAAJ,EACA,QAAAC,EACA,mBAAAC,CACF,CAAC,CAEL,CCPA,IAAMG,GAAqCC,GAAUC,EAAkBC,EAAgCC,EAAyB,wBAAwB,EAAGC,EAA2B,EAAGC,IAAA,GACpLC,GACAN,EACJ,ECHD,IAAMO,GAAqCC,GAAUC,EAAkBC,EAAgCC,EAAyB,wBAAwB,EAAGC,EAA2B,EAAGC,IAAA,GACpLC,GACAN,EACJ,ECHD,IAAMO,GAA4BC,GAAUC,EAAkBC,EAAgCC,EAAyB,eAAe,EAAGC,EAA2B,EAAGC,IAAA,GAClKC,GACAN,EACJ,ECXD,IAAMO,GAAgB,CAACC,EAAOC,IAAW,CACvC,OAAQA,EAAO,KAAM,CACnB,IAAK,sBACH,OAAOC,EAAAC,EAAA,GACFH,GADE,CAEL,cAAeC,EAAO,KACxB,GACF,IAAK,oBACH,OAAOE,EAAA,GACFF,EAAO,OAEd,IAAK,qBACH,OAAOC,EAAAC,EAAA,GACFH,GADE,CAEL,cAAeC,EAAO,KACxB,GACF,IAAK,eACH,OAAOC,EAAAC,EAAA,GACFH,GADE,CAEL,SAAUC,EAAO,KACnB,GACF,IAAK,oBACH,OAAOG,GAAa,EACtB,QACE,OAAOJ,CACX,CACF,EACA,SAASI,IAAe,CACtB,MAAO,CACL,SAAU,OACV,cAAe,OACf,cAAe,MACjB,CACF,CACA,IAAMC,GAAcC,GAAW,CAC7B,IAAIC,EAAeD,EAAQF,GAAa,EAAG,CACzC,KAAM,mBACR,CAAC,EACD,MAAO,CACL,SAAU,IAAMG,EAChB,SAAUN,GAAU,CAClBM,EAAeD,EAAQC,EAAcN,CAAM,CAC7C,CACF,CACF,EACMO,GAAcH,GAAYN,EAAa,EAC7C,SAASU,GAAqBT,EAAO,CACnCQ,GAAY,SAAS,CACnB,KAAM,oBACN,MAAOR,CACT,CAAC,CACH,CACA,SAASU,GAAyB,CAChCF,GAAY,SAAS,CACnB,KAAM,mBACR,CAAC,CACH,CCxDA,IAAMG,GAAc,CAClB,QAAQC,EAAO,CACb,OAAO,IAAI,YAAY,EAAE,OAAOA,CAAK,CACvC,CACF,EC2CA,SAASC,EAAWC,EAAGC,EAAG,CACpBD,GAAK,MAAM,KAAK,WAAWA,EAAGC,CAAC,CACrC,CAEA,SAASC,GAAM,CACb,OAAO,IAAIH,EAAW,KAAM,IAAI,CAClC,CAEA,IAAII,GAEEC,GAAS,eACTC,IAAQD,GAAS,YAAc,SAQrC,SAASE,GAAIC,EAAGC,EAAGC,EAAGC,EAAGC,EAAGC,EAAG,CAC7B,KAAO,EAAEA,GAAK,GAAG,CACf,IAAMC,EAAIL,EAAI,KAAKD,GAAG,EAAIE,EAAEC,CAAC,EAAIC,EACjCA,EAAI,KAAK,MAAME,EAAI,QAAS,EAC5BJ,EAAEC,GAAG,EAAIG,EAAI,QACf,CACA,OAAOF,CACT,CAIA,SAASG,GAAIP,EAAGC,EAAGC,EAAGC,EAAGC,EAAGC,EAAG,CAC7B,IAAMG,EAAKP,EAAI,MACTQ,EAAKR,GAAK,GAChB,KAAO,EAAEI,GAAK,GAAG,CACf,IAAIK,EAAI,KAAKV,CAAC,EAAI,MACZW,EAAI,KAAKX,GAAG,GAAK,GACjB,EAAIS,EAAKC,EAAIC,EAAIH,EACvBE,EAAIF,EAAKE,IAAM,EAAI,QAAW,IAAMR,EAAEC,CAAC,GAAKC,EAAI,YAChDA,GAAKM,IAAM,KAAO,IAAM,IAAMD,EAAKE,GAAKP,IAAM,IAC9CF,EAAEC,GAAG,EAAIO,EAAI,UACf,CACA,OAAON,CACT,CAGA,SAASQ,GAAIZ,EAAGC,EAAGC,EAAGC,EAAGC,EAAGC,EAAG,CAC7B,IAAMG,EAAKP,EAAI,MACTQ,EAAKR,GAAK,GAChB,KAAO,EAAEI,GAAK,GAAG,CACf,IAAIK,EAAI,KAAKV,CAAC,EAAI,MACZW,EAAI,KAAKX,GAAG,GAAK,GACjB,EAAIS,EAAKC,EAAIC,EAAIH,EACvBE,EAAIF,EAAKE,IAAM,EAAI,QAAW,IAAMR,EAAEC,CAAC,EAAIC,EAC3CA,GAAKM,GAAK,KAAO,GAAK,IAAMD,EAAKE,EACjCT,EAAEC,GAAG,EAAIO,EAAI,SACf,CACA,OAAON,CACT,CACA,IAAMS,GAAY,OAAO,UAAc,IACnCA,IAAaf,IAAQ,UAAU,UAAY,+BAC7CN,EAAW,UAAU,GAAKe,GAC1BX,GAAQ,IACCiB,IAAaf,IAAQ,UAAU,UAAY,YACpDN,EAAW,UAAU,GAAKO,GAC1BH,GAAQ,KAGRJ,EAAW,UAAU,GAAKoB,GAC1BhB,GAAQ,IAEVJ,EAAW,UAAU,GAAKI,GAC1BJ,EAAW,UAAU,IAAM,GAAKI,IAAS,EACzCJ,EAAW,UAAU,GAAK,GAAKI,GAC/B,IAAMkB,GAAQ,GACdtB,EAAW,UAAU,GAAK,KAAK,IAAI,EAAGsB,EAAK,EAC3CtB,EAAW,UAAU,GAAKsB,GAAQlB,GAClCJ,EAAW,UAAU,GAAK,EAAII,GAAQkB,GAEtC,IAAMC,GAAQ,uCACRC,GAAQ,CAAC,EACXC,GAAIC,EACRD,GAAK,GACL,IAAKC,EAAK,EAAGA,GAAM,EAAG,EAAEA,EAAIF,GAAMC,IAAI,EAAIC,EAC1CD,GAAK,GACL,IAAKC,EAAK,GAAIA,EAAK,GAAI,EAAEA,EAAIF,GAAMC,IAAI,EAAIC,EAC3CD,GAAK,GACL,IAAKC,EAAK,GAAIA,EAAK,GAAI,EAAEA,EAAIF,GAAMC,IAAI,EAAIC,EAC3C,SAASC,GAASd,EAAG,CACnB,OAAOU,GAAM,OAAOV,CAAC,CACvB,CACA,SAASe,GAAMC,EAAGrB,EAAG,CACnB,IAAMI,EAAIY,GAAMK,EAAE,WAAWrB,CAAC,CAAC,EAC/B,OAAOI,GAAY,EACrB,CAEA,SAASkB,GAAUC,EAAG,CACpB,QAASvB,EAAI,KAAK,EAAI,EAAGA,GAAK,EAAG,EAAEA,EAAGuB,EAAEvB,CAAC,EAAI,KAAKA,CAAC,EACnDuB,EAAE,EAAI,KAAK,EACXA,EAAE,EAAI,KAAK,CACb,CAEA,SAASC,GAAWvB,EAAG,CACrB,KAAK,EAAI,EACT,KAAK,EAAIA,EAAI,EAAI,GAAK,EAClBA,EAAI,EAAG,KAAK,CAAC,EAAIA,EAAWA,EAAI,GAAI,KAAK,CAAC,EAAIA,EAAI,KAAK,GAAQ,KAAK,EAAI,CAC9E,CAEA,SAASwB,GAAIzB,EAAG,CACd,IAAMuB,EAAI5B,EAAI,EACd,OAAA4B,EAAE,QAAQvB,CAAC,EACJuB,CACT,CAEA,SAASG,GAAcL,EAAG3B,EAAG,CAC3B,IAAIiC,EACJ,GAAIjC,IAAM,GAAIiC,EAAI,UAAWjC,IAAM,EAAGiC,EAAI,UAAWjC,IAAM,EAAGiC,EAAI,UAAWjC,IAAM,GAAIiC,EAAI,UAAWjC,IAAM,EAAGiC,EAAI,MAAO,OAAM,IAAI,MAAM,0CAA0C,EACpL,KAAK,EAAI,EACT,KAAK,EAAI,EACT,IAAI3B,EAAIqB,EAAE,OACNO,EAAK,GACLC,EAAK,EACT,KAAO,EAAE7B,GAAK,GAAG,CACf,IAAMC,EAAImB,GAAMC,EAAGrB,CAAC,EACpB,GAAIC,EAAI,EAAG,CACLoB,EAAE,OAAOrB,CAAC,IAAM,MAAK4B,EAAK,IAC9B,QACF,CACAA,EAAK,GACDC,IAAO,EAAG,KAAK,KAAK,GAAG,EAAI5B,EAAW4B,EAAKF,EAAI,KAAK,IACtD,KAAK,KAAK,EAAI,CAAC,IAAM1B,GAAK,GAAK,KAAK,GAAK4B,GAAM,IAAMA,EACrD,KAAK,KAAK,GAAG,EAAI5B,GAAK,KAAK,GAAK4B,GAC3B,KAAK,KAAK,EAAI,CAAC,GAAK5B,GAAK4B,EAChCA,GAAMF,EACFE,GAAM,KAAK,KAAIA,GAAM,KAAK,GAChC,CACA,KAAK,MAAM,EACPD,GAAIpC,EAAW,KAAK,MAAM,KAAM,IAAI,CAC1C,CAEA,SAASsC,IAAW,CAClB,IAAM1B,EAAI,KAAK,EAAI,KAAK,GACxB,KAAO,KAAK,EAAI,GAAK,KAAK,KAAK,EAAI,CAAC,GAAKA,GAAG,EAAE,KAAK,CACrD,CAEA,SAAS2B,GAAWrC,EAAG,CACrB,GAAI,KAAK,EAAI,EAAG,MAAO,IAAM,KAAK,OAAO,EAAE,SAASA,CAAC,EACrD,IAAIiC,EACJ,GAAIjC,GAAK,GAAIiC,EAAI,UAAWjC,IAAM,EAAGiC,EAAI,UAAWjC,IAAM,EAAGiC,EAAI,UAAWjC,IAAM,GAAIiC,EAAI,UAAWjC,IAAM,EAAGiC,EAAI,MAAO,OAAM,IAAI,MAAM,0CAA0C,EACnL,IAAMK,GAAM,GAAKL,GAAK,EAClBM,EACAC,EAAI,GACJX,EAAI,GACJvB,EAAI,KAAK,EACTmC,EAAI,KAAK,GAAKnC,EAAI,KAAK,GAAK2B,EAChC,GAAI3B,KAAM,EAKR,IAJImC,EAAI,KAAK,KAAOF,EAAI,KAAKjC,CAAC,GAAKmC,GAAK,IACtCD,EAAI,GACJX,EAAIJ,GAASc,CAAC,GAETjC,GAAK,GACNmC,EAAIR,GACNM,GAAK,KAAKjC,CAAC,GAAK,GAAKmC,GAAK,IAAMR,EAAIQ,EACpCF,GAAK,KAAK,EAAEjC,CAAC,IAAMmC,GAAK,KAAK,GAAKR,KAElCM,EAAI,KAAKjC,CAAC,IAAMmC,GAAKR,GAAKK,EACtBG,GAAK,IACPA,GAAK,KAAK,GACV,EAAEnC,IAGFiC,EAAI,IAAGC,EAAI,IACXA,IAAGX,GAAKJ,GAASc,CAAC,GAG1B,OAAOC,EAAIX,EAAI,GACjB,CAEA,SAASa,IAAW,CAClB,IAAMb,EAAI5B,EAAI,EACd,OAAAH,EAAW,KAAK,MAAM,KAAM+B,CAAC,EACtBA,CACT,CAEA,SAASc,IAAQ,CACf,OAAO,KAAK,EAAI,EAAI,KAAK,OAAO,EAAI,IACtC,CAEA,SAASC,GAAY7C,EAAG,CACtB,IAAI8B,EAAI,KAAK,EAAI9B,EAAE,EACnB,GAAI8B,GAAK,EAAG,OAAOA,EACnB,IAAIvB,EAAI,KAAK,EAEb,GADAuB,EAAIvB,EAAIP,EAAE,EACN8B,GAAK,EAAG,OAAO,KAAK,EAAI,EAAI,CAACA,EAAIA,EACrC,KAAO,EAAEvB,GAAK,GAAG,IAAKuB,EAAI,KAAKvB,CAAC,EAAIP,EAAEO,CAAC,IAAM,EAAG,OAAOuB,EACvD,MAAO,EACT,CAEA,SAASgB,GAAMtC,EAAG,CAChB,IAAIsB,EAAI,EACJiB,EACJ,OAAKA,EAAIvC,IAAM,MAAQ,IACrBA,EAAIuC,EACJjB,GAAK,KAEFiB,EAAIvC,GAAK,KAAO,IACnBA,EAAIuC,EACJjB,GAAK,IAEFiB,EAAIvC,GAAK,KAAO,IACnBA,EAAIuC,EACJjB,GAAK,IAEFiB,EAAIvC,GAAK,KAAO,IACnBA,EAAIuC,EACJjB,GAAK,IAEFiB,EAAIvC,GAAK,KAAO,IACnBA,EAAIuC,EACJjB,GAAK,GAEAA,CACT,CAEA,SAASkB,IAAc,CACrB,OAAI,KAAK,GAAK,EAAU,EACjB,KAAK,IAAM,KAAK,EAAI,GAAKF,GAAM,KAAK,KAAK,EAAI,CAAC,EAAI,KAAK,EAAI,KAAK,EAAE,CAC3E,CAEA,SAASG,GAAarC,EAAGkB,EAAG,CAC1B,IAAIvB,EACJ,IAAKA,EAAI,KAAK,EAAI,EAAGA,GAAK,EAAG,EAAEA,EAAGuB,EAAEvB,EAAIK,CAAC,EAAI,KAAKL,CAAC,EACnD,IAAKA,EAAIK,EAAI,EAAGL,GAAK,EAAG,EAAEA,EAAGuB,EAAEvB,CAAC,EAAI,EACpCuB,EAAE,EAAI,KAAK,EAAIlB,EACfkB,EAAE,EAAI,KAAK,CACb,CAEA,SAASoB,GAAatC,EAAGkB,EAAG,CAC1B,QAASvB,EAAIK,EAAGL,EAAI,KAAK,EAAG,EAAEA,EAAGuB,EAAEvB,EAAIK,CAAC,EAAI,KAAKL,CAAC,EAClDuB,EAAE,EAAI,KAAK,IAAI,KAAK,EAAIlB,EAAG,CAAC,EAC5BkB,EAAE,EAAI,KAAK,CACb,CAEA,SAASqB,GAAYvC,EAAGkB,EAAG,CACzB,IAAMsB,EAAKxC,EAAI,KAAK,GACdyC,EAAM,KAAK,GAAKD,EAChBE,GAAM,GAAKD,GAAO,EAClBE,EAAK,KAAK,MAAM3C,EAAI,KAAK,EAAE,EAC7BD,EAAI,KAAK,GAAKyC,EAAK,KAAK,GACxB7C,EACJ,IAAKA,EAAI,KAAK,EAAI,EAAGA,GAAK,EAAG,EAAEA,EAC7BuB,EAAEvB,EAAIgD,EAAK,CAAC,EAAI,KAAKhD,CAAC,GAAK8C,EAAM1C,EACjCA,GAAK,KAAKJ,CAAC,EAAI+C,IAAOF,EAExB,IAAK7C,EAAIgD,EAAK,EAAGhD,GAAK,EAAG,EAAEA,EAAGuB,EAAEvB,CAAC,EAAI,EACrCuB,EAAEyB,CAAE,EAAI5C,EACRmB,EAAE,EAAI,KAAK,EAAIyB,EAAK,EACpBzB,EAAE,EAAI,KAAK,EACXA,EAAE,MAAM,CACV,CAEA,SAAS0B,GAAY5C,EAAGkB,EAAG,CACzBA,EAAE,EAAI,KAAK,EACX,IAAMyB,EAAK,KAAK,MAAM3C,EAAI,KAAK,EAAE,EACjC,GAAI2C,GAAM,KAAK,EAAG,CAChBzB,EAAE,EAAI,EACN,MACF,CACA,IAAMsB,EAAKxC,EAAI,KAAK,GACdyC,EAAM,KAAK,GAAKD,EAChBE,GAAM,GAAKF,GAAM,EACvBtB,EAAE,CAAC,EAAI,KAAKyB,CAAE,GAAKH,EACnB,QAAS7C,EAAIgD,EAAK,EAAGhD,EAAI,KAAK,EAAG,EAAEA,EACjCuB,EAAEvB,EAAIgD,EAAK,CAAC,IAAM,KAAKhD,CAAC,EAAI+C,IAAOD,EACnCvB,EAAEvB,EAAIgD,CAAE,EAAI,KAAKhD,CAAC,GAAK6C,EAErBA,EAAK,IAAGtB,EAAE,KAAK,EAAIyB,EAAK,CAAC,IAAM,KAAK,EAAID,IAAOD,GACnDvB,EAAE,EAAI,KAAK,EAAIyB,EACfzB,EAAE,MAAM,CACV,CAEA,SAAS2B,GAASzD,EAAG8B,EAAG,CACtB,IAAIvB,EAAI,EACJI,EAAI,EACF8B,EAAI,KAAK,IAAIzC,EAAE,EAAG,KAAK,CAAC,EAC9B,KAAOO,EAAIkC,GACT9B,GAAK,KAAKJ,CAAC,EAAIP,EAAEO,CAAC,EAClBuB,EAAEvB,GAAG,EAAII,EAAI,KAAK,GAClBA,IAAM,KAAK,GAEb,GAAIX,EAAE,EAAI,KAAK,EAAG,CAEhB,IADAW,GAAKX,EAAE,EACAO,EAAI,KAAK,GACdI,GAAK,KAAKJ,CAAC,EACXuB,EAAEvB,GAAG,EAAII,EAAI,KAAK,GAClBA,IAAM,KAAK,GAEbA,GAAK,KAAK,CACZ,KAAO,CAEL,IADAA,GAAK,KAAK,EACHJ,EAAIP,EAAE,GACXW,GAAKX,EAAEO,CAAC,EACRuB,EAAEvB,GAAG,EAAII,EAAI,KAAK,GAClBA,IAAM,KAAK,GAEbA,GAAKX,EAAE,CACT,CACA8B,EAAE,EAAInB,EAAI,EAAI,GAAK,EACfA,EAAI,GAAImB,EAAEvB,GAAG,EAAI,KAAK,GAAKI,EAAWA,EAAI,IAAGmB,EAAEvB,GAAG,EAAII,GAC1DmB,EAAE,EAAIvB,EACNuB,EAAE,MAAM,CACV,CAGA,SAAS4B,GAAc1D,EAAG8B,EAAG,CAC3B,IAAMtB,EAAI,KAAK,IAAI,EACbmD,EAAI3D,EAAE,IAAI,EACZO,EAAIC,EAAE,EAEV,IADAsB,EAAE,EAAIvB,EAAIoD,EAAE,EACL,EAAEpD,GAAK,GAAGuB,EAAEvB,CAAC,EAAI,EACxB,IAAKA,EAAI,EAAGA,EAAIoD,EAAE,EAAG,EAAEpD,EAAGuB,EAAEvB,EAAIC,EAAE,CAAC,EAAIA,EAAE,GAAG,EAAGmD,EAAEpD,CAAC,EAAGuB,EAAGvB,EAAG,EAAGC,EAAE,CAAC,EACjEsB,EAAE,EAAI,EACNA,EAAE,MAAM,EACJ,KAAK,IAAM9B,EAAE,GAAGD,EAAW,KAAK,MAAM+B,EAAGA,CAAC,CAChD,CAEA,SAAS8B,GAAY9B,EAAG,CACtB,IAAMtB,EAAI,KAAK,IAAI,EACfD,EAAIuB,EAAE,EAAI,EAAItB,EAAE,EACpB,KAAO,EAAED,GAAK,GAAGuB,EAAEvB,CAAC,EAAI,EACxB,IAAKA,EAAI,EAAGA,EAAIC,EAAE,EAAI,EAAG,EAAED,EAAG,CAC5B,IAAMI,EAAIH,EAAE,GAAGD,EAAGC,EAAED,CAAC,EAAGuB,EAAG,EAAIvB,EAAG,EAAG,CAAC,GACjCuB,EAAEvB,EAAIC,EAAE,CAAC,GAAKA,EAAE,GAAGD,EAAI,EAAG,EAAIC,EAAED,CAAC,EAAGuB,EAAG,EAAIvB,EAAI,EAAGI,EAAGH,EAAE,EAAID,EAAI,CAAC,IAAMC,EAAE,KAC3EsB,EAAEvB,EAAIC,EAAE,CAAC,GAAKA,EAAE,GAChBsB,EAAEvB,EAAIC,EAAE,EAAI,CAAC,EAAI,EAErB,CACIsB,EAAE,EAAI,IAAGA,EAAEA,EAAE,EAAI,CAAC,GAAKtB,EAAE,GAAGD,EAAGC,EAAED,CAAC,EAAGuB,EAAG,EAAIvB,EAAG,EAAG,CAAC,GACvDuB,EAAE,EAAI,EACNA,EAAE,MAAM,CACV,CAGA,SAAS+B,GAAYpB,EAAGqB,EAAGhC,EAAG,CAC5B,IAAMiC,EAAKtB,EAAE,IAAI,EACjB,GAAIsB,EAAG,GAAK,EAAG,OACf,IAAMC,EAAK,KAAK,IAAI,EACpB,GAAIA,EAAG,EAAID,EAAG,EAAG,CACAD,GAAE,QAAQ,CAAC,EACtBhC,GAAK,MAAM,KAAK,OAAOA,CAAC,EAC5B,MACF,CACIA,IAAM,OAAMA,EAAI5B,EAAI,GACxB,IAAMyD,EAAIzD,EAAI,EACR+D,EAAK,KAAK,EACVC,EAAKzB,EAAE,EACP0B,EAAM,KAAK,GAAKrB,GAAMiB,EAAGA,EAAG,EAAI,CAAC,CAAC,EAEpCI,EAAM,GACRJ,EAAG,SAASI,EAAKR,CAAC,EAClBK,EAAG,SAASG,EAAKrC,CAAC,IAElBiC,EAAG,OAAOJ,CAAC,EACXK,EAAG,OAAOlC,CAAC,GAEb,IAAMsC,EAAKT,EAAE,EACPU,EAAKV,EAAES,EAAK,CAAC,EACnB,GAAIC,IAAO,EAAG,OACd,IAAMC,EAAKD,GAAM,GAAK,KAAK,KAAOD,EAAK,EAAIT,EAAES,EAAK,CAAC,GAAK,KAAK,GAAK,GAC5DG,EAAK,KAAK,GAAKD,EACfE,GAAM,GAAK,KAAK,IAAMF,EACtBG,EAAI,GAAK,KAAK,GAChBlE,EAAIuB,EAAE,EACNpB,EAAIH,EAAI6D,EACNrB,EAAIe,IAAM,KAAO5D,EAAI,EAAI4D,EAS/B,IARAH,EAAE,UAAUjD,EAAGqC,CAAC,EACZjB,EAAE,UAAUiB,CAAC,GAAK,IACpBjB,EAAEA,EAAE,GAAG,EAAI,EACXA,EAAE,MAAMiB,EAAGjB,CAAC,GAEd/B,EAAW,IAAI,UAAUqE,EAAIrB,CAAC,EAC9BA,EAAE,MAAMY,EAAGA,CAAC,EAELA,EAAE,EAAIS,GAAIT,EAAEA,EAAE,GAAG,EAAI,EAC5B,KAAO,EAAEjD,GAAK,GAAG,CAEf,IAAIgE,EAAK5C,EAAE,EAAEvB,CAAC,IAAM8D,EAAK,KAAK,GAAK,KAAK,MAAMvC,EAAEvB,CAAC,EAAIgE,GAAMzC,EAAEvB,EAAI,CAAC,EAAIkE,GAAKD,CAAE,EAC7E,IAAK1C,EAAEvB,CAAC,GAAKoD,EAAE,GAAG,EAAGe,EAAI5C,EAAGpB,EAAG,EAAG0D,CAAE,GAAKM,EAIvC,IAFAf,EAAE,UAAUjD,EAAGqC,CAAC,EAChBjB,EAAE,MAAMiB,EAAGjB,CAAC,EACLA,EAAEvB,CAAC,EAAI,EAAEmE,GAAI5C,EAAE,MAAMiB,EAAGjB,CAAC,CAEpC,CACIgC,IAAM,OACRhC,EAAE,UAAUsC,EAAIN,CAAC,EACbG,IAAOC,GAAInE,EAAW,KAAK,MAAM+D,EAAGA,CAAC,GAE3ChC,EAAE,EAAIsC,EACNtC,EAAE,MAAM,EACJqC,EAAM,GAAGrC,EAAE,SAASqC,EAAKrC,CAAC,EAE1BmC,EAAK,GAAGlE,EAAW,KAAK,MAAM+B,EAAGA,CAAC,CACxC,CAEA,SAAS6C,GAAM3E,EAAG,CAChB,IAAM8B,EAAI5B,EAAI,EACd,YAAK,IAAI,EAAE,SAASF,EAAG,KAAM8B,CAAC,EAC1B,KAAK,EAAI,GAAKA,EAAE,UAAU/B,EAAW,IAAI,EAAI,GAAGC,EAAE,MAAM8B,EAAGA,CAAC,EACzDA,CACT,CAWA,SAAS8C,IAAc,CACrB,GAAI,KAAK,EAAI,EAAG,MAAO,GACvB,IAAMpE,EAAI,KAAK,CAAC,EAChB,GAAK,EAAAA,EAAI,GAAU,MAAO,GAC1B,IAAImD,EAAInD,EAAI,EAEZ,OAAAmD,EAAIA,GAAK,GAAKnD,EAAI,IAAOmD,GAAK,GAE9BA,EAAIA,GAAK,GAAKnD,EAAI,KAAQmD,GAAK,IAE/BA,EAAIA,GAAK,IAAMnD,EAAI,OAAUmD,EAAI,QAAW,MAI5CA,EAAIA,GAAK,EAAInD,EAAImD,EAAI,KAAK,IAAM,KAAK,GAG9BA,EAAI,EAAI,KAAK,GAAKA,EAAI,CAACA,CAChC,CACA,SAASkB,GAAS7E,EAAG,CACnB,OAAO,KAAK,UAAUA,CAAC,IAAM,CAC/B,CAEA,SAAS8E,GAAS9E,EAAG8B,EAAG,CACtB,IAAIvB,EAAI,EACJI,EAAI,EACF8B,EAAI,KAAK,IAAIzC,EAAE,EAAG,KAAK,CAAC,EAC9B,KAAOO,EAAIkC,GACT9B,GAAK,KAAKJ,CAAC,EAAIP,EAAEO,CAAC,EAClBuB,EAAEvB,GAAG,EAAII,EAAI,KAAK,GAClBA,IAAM,KAAK,GAEb,GAAIX,EAAE,EAAI,KAAK,EAAG,CAEhB,IADAW,GAAKX,EAAE,EACAO,EAAI,KAAK,GACdI,GAAK,KAAKJ,CAAC,EACXuB,EAAEvB,GAAG,EAAII,EAAI,KAAK,GAClBA,IAAM,KAAK,GAEbA,GAAK,KAAK,CACZ,KAAO,CAEL,IADAA,GAAK,KAAK,EACHJ,EAAIP,EAAE,GACXW,GAAKX,EAAEO,CAAC,EACRuB,EAAEvB,GAAG,EAAII,EAAI,KAAK,GAClBA,IAAM,KAAK,GAEbA,GAAKX,EAAE,CACT,CACA8B,EAAE,EAAInB,EAAI,EAAI,GAAK,EACfA,EAAI,EAAGmB,EAAEvB,GAAG,EAAII,EAAWA,EAAI,KAAImB,EAAEvB,GAAG,EAAI,KAAK,GAAKI,GAC1DmB,EAAE,EAAIvB,EACNuB,EAAE,MAAM,CACV,CAEA,SAASiD,GAAM/E,EAAG,CAChB,IAAM8B,EAAI5B,EAAI,EACd,YAAK,MAAMF,EAAG8B,CAAC,EACRA,CACT,CAEA,SAASkD,GAAWhF,EAAG,CACrB,IAAM8B,EAAI5B,EAAI,EACd,YAAK,MAAMF,EAAG8B,CAAC,EACRA,CACT,CAEA,SAASmD,GAAWjF,EAAG,CACrB,IAAM8B,EAAI5B,EAAI,EACd,YAAK,WAAWF,EAAG8B,CAAC,EACbA,CACT,CAEA,SAASoD,GAASlF,EAAG,CACnB,IAAM8B,EAAI5B,EAAI,EACd,YAAK,SAASF,EAAG8B,EAAG,IAAI,EACjBA,CACT,CAEA,SAASqD,GAAW1C,EAAG,CACrB,KAAK,EAAIA,EACT,KAAK,GAAKA,EAAE,SAAS,EACrB,KAAK,IAAM,KAAK,GAAK,MACrB,KAAK,IAAM,KAAK,IAAM,GACtB,KAAK,IAAM,GAAKA,EAAE,GAAK,IAAM,EAC7B,KAAK,IAAM,EAAIA,EAAE,CACnB,CAEA,SAAS2C,GAAY5E,EAAG,CACtB,IAAMsB,EAAI5B,EAAI,EACd,OAAAM,EAAE,IAAI,EAAE,UAAU,KAAK,EAAE,EAAGsB,CAAC,EAC7BA,EAAE,SAAS,KAAK,EAAG,KAAMA,CAAC,EACtBtB,EAAE,EAAI,GAAKsB,EAAE,UAAU/B,EAAW,IAAI,EAAI,GAAG,KAAK,EAAE,MAAM+B,EAAGA,CAAC,EAC3DA,CACT,CAEA,SAASuD,GAAW7E,EAAG,CACrB,IAAMsB,EAAI5B,EAAI,EACd,OAAAM,EAAE,OAAOsB,CAAC,EACV,KAAK,OAAOA,CAAC,EACNA,CACT,CAEA,SAASwD,GAAW9E,EAAG,CACrB,KAAOA,EAAE,GAAK,KAAK,KAEnBA,EAAEA,EAAE,GAAG,EAAI,EACX,QAASD,EAAI,EAAGA,EAAI,KAAK,EAAE,EAAG,EAAEA,EAAG,CAEjC,IAAIG,EAAIF,EAAED,CAAC,EAAI,MACTgF,EAAK7E,EAAI,KAAK,MAAQA,EAAI,KAAK,KAAOF,EAAED,CAAC,GAAK,IAAM,KAAK,IAAM,KAAK,KAAO,IAAMC,EAAE,GAKzF,IAHAE,EAAIH,EAAI,KAAK,EAAE,EACfC,EAAEE,CAAC,GAAK,KAAK,EAAE,GAAG,EAAG6E,EAAI/E,EAAGD,EAAG,EAAG,KAAK,EAAE,CAAC,EAEnCC,EAAEE,CAAC,GAAKF,EAAE,IACfA,EAAEE,CAAC,GAAKF,EAAE,GACVA,EAAE,EAAEE,CAAC,GAET,CACAF,EAAE,MAAM,EACRA,EAAE,UAAU,KAAK,EAAE,EAAGA,CAAC,EACnBA,EAAE,UAAU,KAAK,CAAC,GAAK,GAAGA,EAAE,MAAM,KAAK,EAAGA,CAAC,CACjD,CAEA,SAASgF,GAAUhF,EAAGsB,EAAG,CACvBtB,EAAE,SAASsB,CAAC,EACZ,KAAK,OAAOA,CAAC,CACf,CAEA,SAAS2D,GAAUjF,EAAGmD,EAAG7B,EAAG,CAC1BtB,EAAE,WAAWmD,EAAG7B,CAAC,EACjB,KAAK,OAAOA,CAAC,CACf,CACAqD,GAAW,UAAU,QAAUC,GAC/BD,GAAW,UAAU,OAASE,GAC9BF,GAAW,UAAU,OAASG,GAC9BH,GAAW,UAAU,MAAQM,GAC7BN,GAAW,UAAU,MAAQK,GAE7B,SAASE,GAAS,EAAGjD,EAAGkD,EAAU,CAChC,IAAIpF,EAAI,EAAE,UAAU,EAChB2B,EACAJ,EAAIE,GAAI,CAAC,EACP4D,EAAI,IAAIT,GAAW1C,CAAC,EAC1B,GAAIlC,GAAK,EAAG,OAAOuB,EAAWvB,EAAI,GAAI2B,EAAI,EAAW3B,EAAI,GAAI2B,EAAI,EAAW3B,EAAI,IAAK2B,EAAI,EAAW3B,EAAI,IAAK2B,EAAI,EAAOA,EAAI,EAE5H,IAAM2D,EAAI,CAAC,EACPjF,EAAI,EACFkF,EAAK5D,EAAI,EACTK,GAAM,GAAKL,GAAK,EAEtB,GADA2D,EAAE,CAAC,EAAID,EAAE,QAAQ,IAAI,EACjB1D,EAAI,EAAG,CACT,IAAM6D,EAAK7F,EAAI,EAEf,IADA0F,EAAE,MAAMC,EAAE,CAAC,EAAGE,CAAE,EACTnF,GAAK2B,GACVsD,EAAEjF,CAAC,EAAIV,EAAI,EACX0F,EAAE,MAAMG,EAAIF,EAAEjF,EAAI,CAAC,EAAGiF,EAAEjF,CAAC,CAAC,EAC1BA,GAAK,CAET,CACA,IAAIF,EAAI,EAAE,EAAI,EACVD,EACAuF,EAAM,GACNC,EAAK/F,EAAI,EACT6C,EAEJ,IADAxC,EAAIuC,GAAM,EAAEpC,CAAC,CAAC,EAAI,EACXA,GAAK,GAAG,CAMb,IALIH,GAAKuF,EAAIrF,EAAI,EAAEC,CAAC,GAAKH,EAAIuF,EAAKvD,GAChC9B,GAAK,EAAEC,CAAC,GAAK,GAAKH,EAAI,GAAK,IAAMuF,EAAKvF,EAClCG,EAAI,IAAGD,GAAK,EAAEC,EAAI,CAAC,GAAK,KAAK,GAAKH,EAAIuF,IAE5ClF,EAAIsB,EACI,EAAAzB,EAAI,IACVA,IAAM,EACN,EAAEG,EAMJ,IAJKL,GAAKK,GAAK,IACbL,GAAK,KAAK,GACV,EAAEG,GAEAsF,EAEFH,EAAEpF,CAAC,EAAE,OAAOqB,CAAC,EACbkE,EAAM,OACD,CACL,KAAOpF,EAAI,GACTgF,EAAE,MAAM9D,EAAGmE,CAAE,EACbL,EAAE,MAAMK,EAAInE,CAAC,EACblB,GAAK,EAEHA,EAAI,EAAGgF,EAAE,MAAM9D,EAAGmE,CAAE,GACtBlD,EAAIjB,EACJA,EAAImE,EACJA,EAAKlD,GAEP6C,EAAE,MAAMK,EAAIJ,EAAEpF,CAAC,EAAGqB,CAAC,CACrB,CACA,KAAOpB,GAAK,GAAM,IAAEA,CAAC,EAAI,GAAKH,IAC5BqF,EAAE,MAAM9D,EAAGmE,CAAE,EACblD,EAAIjB,EACJA,EAAImE,EACJA,EAAKlD,EACD,EAAExC,EAAI,IACRA,EAAI,KAAK,GAAK,EACd,EAAEG,EAGR,CACA,IAAMwF,EAASN,EAAE,OAAO9D,CAAC,EACzB,OAAA6D,EAAS,KAAMO,CAAM,EACdA,CACT,CAEAnG,EAAW,UAAU,OAAS8B,GAC9B9B,EAAW,UAAU,QAAUgC,GAC/BhC,EAAW,UAAU,WAAakC,GAClClC,EAAW,UAAU,MAAQsC,GAC7BtC,EAAW,UAAU,UAAYkD,GACjClD,EAAW,UAAU,UAAYmD,GACjCnD,EAAW,UAAU,SAAWoD,GAChCpD,EAAW,UAAU,SAAWyD,GAChCzD,EAAW,UAAU,MAAQ0D,GAC7B1D,EAAW,UAAU,WAAa2D,GAClC3D,EAAW,UAAU,SAAW6D,GAChC7D,EAAW,UAAU,SAAW8D,GAChC9D,EAAW,UAAU,SAAW6E,GAChC7E,EAAW,UAAU,MAAQ+E,GAE7B/E,EAAW,UAAU,SAAWuC,GAChCvC,EAAW,UAAU,OAAS4C,GAC9B5C,EAAW,UAAU,IAAM6C,GAC3B7C,EAAW,UAAU,UAAY8C,GACjC9C,EAAW,UAAU,UAAYiD,GACjCjD,EAAW,UAAU,IAAM4E,GAC3B5E,EAAW,UAAU,OAAS8E,GAC9B9E,EAAW,UAAU,IAAMgF,GAC3BhF,EAAW,UAAU,SAAWiF,GAChCjF,EAAW,UAAU,SAAWkF,GAChClF,EAAW,UAAU,OAASmF,GAC9BnF,EAAW,UAAU,OAAS2F,GAE9B3F,EAAW,KAAOiC,GAAI,CAAC,EACvBjC,EAAW,IAAMiC,GAAI,CAAC,ECnsBtB,IAAMmE,GAAoBC,GAQpBC,EAAA,QARoBD,GAQpB,UARoB,CACxB,EAAAE,EACA,EAAAC,EACA,EAAAC,EACA,EAAAC,EACA,EAAAC,EACA,EAAAC,EACA,EAAAC,CACF,EAAM,CACJ,OAAO,IAAI,QAAQ,CAACC,EAASC,IAAW,CACtCP,EAAE,OAAOE,EAAGE,EAAG,CAACI,EAAUC,IAAgB,CACxC,GAAID,EAAU,CACZD,EAAOC,CAAQ,EACf,MACF,CACAL,EAAE,SAASF,EAAE,SAASQ,CAAW,CAAC,EAAE,OAAOV,EAAE,IAAIM,EAAE,SAASH,CAAC,CAAC,EAAGE,EAAG,CAACM,EAAUC,IAAgB,CAC7F,GAAID,EAAU,CACZH,EAAOG,CAAQ,EACf,MACF,CACAJ,EAAQK,EAAY,IAAIP,CAAC,CAAC,CAC5B,CAAC,CACH,CAAC,CACH,CAAC,CACH,GC3BA,IAAMQ,GAAS,mwBACTC,GAAe,CAAC,EAChBC,GAAe,CAAC,EACtB,QAASC,EAAI,EAAGA,EAAI,IAAKA,IAAK,CAC5B,IAAIC,EAAcD,EAAE,SAAS,EAAE,EAAE,YAAY,EACzCC,EAAY,SAAW,IACzBA,EAAc,IAAIA,CAAW,IAE/BH,GAAaE,CAAC,EAAIC,EAClBF,GAAaE,CAAW,EAAID,CAC9B,CCHA,IAAME,GAAkBC,GAAW,CACjC,GAAIA,EAAQ,OAAS,IAAM,EACzB,MAAM,IAAI,MAAM,qDAAqD,EAEvE,IAAMC,EAAM,IAAI,WAAWD,EAAQ,OAAS,CAAC,EAC7C,QAASE,EAAI,EAAGA,EAAIF,EAAQ,OAAQE,GAAK,EAAG,CAC1C,IAAMC,EAAcH,EAAQ,MAAME,EAAGA,EAAI,CAAC,EAAE,YAAY,EACxD,GAAIC,KAAeC,GACjBH,EAAIC,EAAI,CAAC,EAAIE,GAAaD,CAAW,MAErC,OAAM,IAAI,MAAM,uCAAuCA,CAAW,iBAAiB,CAEvF,CACA,OAAOF,CACT,ECdA,IAAMI,GAAkBC,GAAS,CAC/B,IAAIC,EAAM,GACV,QAASC,EAAI,EAAGA,EAAIF,EAAM,WAAYE,IACpCD,GAAOE,GAAaH,EAAME,CAAC,CAAC,EAE9B,OAAOD,CACT,ECJA,IAAMG,GAAkBC,GAAQ,CAC9B,IAAMC,EAAS,IAAIC,GACnBD,EAAO,OAAOD,CAAI,EAClB,IAAMG,EAAaF,EAAO,WAAW,EAC/BG,EAAmBC,GAAgBF,CAAU,EACnD,OAAO,IAAI,MAAM,GAAKC,EAAiB,MAAM,EAAE,KAAK,GAAG,EAAIA,CAC7D,ECNA,IAAME,GAAiBC,GAAUC,GAAgBC,GAAgBF,CAAM,CAAC,ECJxE,IAAMG,GAAgB,YA2BhBC,EAAeC,GAAU,CAC7B,GAAI,EAAEA,aAAkBC,GACtB,MAAM,IAAI,MAAM,kBAAkB,EAEpC,IAAMC,EAAaF,EAAO,UAAUC,EAAW,IAAI,EAAI,EAEnDE,EAASH,EAAO,IAAI,EAAE,SAAS,EAAE,EAKrC,GAHAG,EAASA,EAAO,OAAS,IAAM,EAAI,IAAIA,CAAM,GAAKA,EAElDA,EAASL,GAAc,KAAKK,CAAM,EAAI,KAAKA,CAAM,GAAKA,EAClDD,EAAY,CAEd,IAAME,EAAkBD,EAAO,MAAM,EAAE,EAAE,IAAIE,GAAK,CAChD,IAAMC,EAAiB,CAAC,SAASD,EAAG,EAAE,EAAI,GAC1C,MAAO,mBAAmB,OAAOC,CAAc,CACjD,CAAC,EAAE,KAAK,EAAE,EAGVH,EADsB,IAAIF,EAAWG,EAAiB,EAAE,EAAE,IAAIH,EAAW,GAAG,EACrD,SAAS,EAAE,EAO9BE,EAAO,YAAY,EAAE,WAAW,KAAK,IACvCA,EAASA,EAAO,UAAU,CAAC,EAE/B,CACA,OAAOA,CACT,ECxDA,IAAMI,GAAa,CAAC,CAClB,EAAAC,EACA,EAAAC,CACF,IAAM,CACJ,IAAMC,EAAI,IAAIC,EAAWC,GAAeC,EAAaL,CAAC,EAAIK,EAAaJ,CAAC,CAAC,EAAG,EAAE,EAC9E,GAAIC,EAAE,OAAOC,EAAW,IAAI,EAC1B,MAAM,IAAI,MAAM,mBAAmB,EAErC,OAAOD,CACT,ECHA,IAAMI,GAAa,CAACC,EAAKC,EAAMC,IAAS,CACtC,IAAMC,EAAgB,IAAIC,GAAOH,CAAI,EACrCE,EAAc,OAAOH,CAAG,EACxB,IAAMK,EAAyBF,EAAc,WAAW,EAClDG,EAAoB,IAAIF,GAAOC,CAAsB,EAC3D,OAAAC,EAAkB,OAAOJ,CAAI,EACGI,EAAkB,WAAW,EAEjC,MAAM,EAAG,EAAE,CACzC,ECbA,IAAMC,GAAiBC,GAAU,CAC/B,IAAMC,EAAM,IAAIC,GAAU,EAAE,OAAOF,CAAM,EAAE,SAAS,EACpD,OAAOG,GAAgBF,CAAG,CAC5B,ECHA,IAAMG,GAAkB,IAAMC,GAAc,QAAQC,GAAe,EAAE,CAAC,ECMtE,IAAMC,GAAN,KAA2B,CACzB,YAAY,CACV,aAAAC,EACA,EAAAC,EACA,EAAAC,EACA,EAAAC,EACA,EAAAC,CACF,EAAG,CACD,KAAK,QAAUC,GACf,KAAK,aAAeL,EACpB,KAAK,EAAIC,EACT,KAAK,EAAIC,EACT,KAAK,EAAIC,EACT,KAAK,EAAIC,EACT,KAAK,EAAI,IAAIE,EAAWC,GAAe,GAAGC,EAAaJ,CAAC,CAAC,GAAGI,EAAaN,CAAC,CAAC,EAAE,EAAG,EAAE,CACpF,CAIA,mBAAoB,CAClB,GAAI,CAAC,KAAK,eACR,MAAM,IAAIO,EAAU,CAClB,KAAM,gCACN,QAAS,0BACX,CAAC,EAEH,OAAO,KAAK,cACd,CAIA,sBAAuB,CACrB,GAAI,CAAC,KAAK,kBACR,MAAM,IAAIA,EAAU,CAClB,KAAM,mCACN,QAAS,4BACX,CAAC,EAEH,OAAO,KAAK,iBACd,CAIA,oBAAqB,CACnB,GAAI,CAAC,KAAK,gBACR,MAAM,IAAIA,EAAU,CAClB,KAAM,iCACN,QAAS,wBACX,CAAC,EAEH,OAAO,KAAK,eACd,CASM,mBAAmBC,EAAgBC,EAAU,QAAAC,EAAA,sBACjD,KAAK,eAAiBC,GAAgB,EACtC,IAAMC,EAAiB,GAAGJ,CAAc,GAAGC,CAAQ,IAAI,KAAK,cAAc,GACpEI,EAAeC,GAAgBF,CAAc,EAC7CG,EAAYC,GAAgBC,GAAe,EAAE,CAAC,EAEpD,YAAK,kBAAoBX,EAAa,IAAIF,EAAWW,EAAW,EAAE,CAAC,EAC5D,IAAI,QAAQ,CAACG,EAASC,IAAW,CACtC,KAAK,EAAE,OAAO,IAAIf,EAAWC,GAAe,KAAK,kBAAoBQ,CAAY,EAAG,EAAE,EAAG,KAAK,EAAG,CAACO,EAAKC,IAAW,CAChH,GAAID,EAAK,CACPD,EAAOC,CAAG,EACV,MACF,CACA,KAAK,gBAAkBd,EAAae,CAAM,EAC1CH,EAAQ,CACV,CAAC,CACH,CAAC,CACH,GASM,6BAA6BI,EAKhC,QAAAZ,EAAA,yBALgC,CACjC,SAAAD,EACA,SAAAc,EACA,aAAAC,EACA,KAAAC,CACF,EAAG,CACD,GAAID,EAAa,IAAI,KAAK,CAAC,EAAE,OAAOpB,EAAW,IAAI,EACjD,MAAM,IAAI,MAAM,mBAAmB,EAErC,IAAMsB,EAAIC,GAAW,CACnB,EAAG,KAAK,EACR,EAAGH,CACL,CAAC,EACKI,EAAmB,GAAG,KAAK,YAAY,GAAGnB,CAAQ,IAAIc,CAAQ,GAC9DM,EAAuBf,GAAgBc,CAAgB,EACvDE,EAAI,IAAI1B,EAAWC,GAAeC,EAAamB,CAAI,EAAII,CAAoB,EAAG,EAAE,EAChFE,EAAI,MAAMC,GAAW,CACzB,EAAG,KAAK,EACR,EAAG,KAAK,EACR,EAAG,KAAK,EACR,EAAAF,EACA,EAAGN,EACH,EAAG,KAAK,EACR,EAAAE,CACF,CAAC,EACKO,EAAU,KAAK,QAAQ,QAAQ,qBAAqB,EACpDC,EAAS,KAAK,QAAQ,QAAQ,GAAsB,EACpDC,EAAO,IAAI,WAAWF,EAAQ,WAAaC,EAAO,UAAU,EAClE,OAAAC,EAAK,IAAIF,EAAS,CAAC,EACnBE,EAAK,IAAID,EAAQD,EAAQ,UAAU,EACnBG,GAAWC,GAAgB/B,EAAayB,CAAC,CAAC,EAAGM,GAAgB/B,EAAaoB,CAAC,CAAC,EAAGS,CAAI,CAErG,GACF,ECjIA,IAAMG,GAAoBC,GAIpBC,EAAA,QAJoBD,GAIpB,UAJoB,CACxB,EAAAE,EACA,EAAAC,EACA,EAAAC,CACF,EAAM,CACJ,OAAO,IAAI,QAAQ,CAACC,EAASC,IAAW,CACtCH,EAAE,OAAOD,EAAGE,EAAG,CAACG,EAAKC,IAAM,CACzB,GAAID,EAAK,CACPD,EAAOC,CAAG,EACV,MACF,CACA,GAAIC,EAAE,IAAIJ,CAAC,EAAE,OAAOK,EAAW,IAAI,EAAG,CACpCH,EAAO,IAAI,MAAM,yCAAyC,CAAC,EAC3D,MACF,CACAD,EAAQG,CAAC,CACX,CAAC,CACH,CAAC,CACH,GCPA,IAAME,GAAgCC,GAAgBC,EAAA,wBACpD,IAAMC,EAAI,IAAIC,EAAWC,GAAQ,EAAE,EAC7BC,EAAI,IAAIF,EAAW,IAAK,EAAE,EAC1BG,EAAIC,GAAyB,EAC7BC,EAAI,MAAMC,GAAW,CACzB,EAAAH,EACA,EAAAD,EACA,EAAAH,CACF,CAAC,EACD,OAAO,IAAIQ,GAAqB,CAC9B,aAAAV,EACA,EAAAM,EACA,EAAAD,EACA,EAAAG,EACA,EAAAN,CACF,CAAC,CACH,GAMMK,GAA2B,IAAM,CAErC,IAAMI,EAAYC,GAAgBC,GAAe,GAAG,CAAC,EAErD,OAAO,IAAIV,EAAWQ,EAAW,EAAE,CACrC,EC3CA,IAAMG,GAAc,CAAC,MAAO,MAAO,MAAO,MAAO,MAAO,MAAO,MAAO,MAAO,MAAO,MAAO,MAAO,KAAK,EACjGC,GAAa,CAAC,MAAO,MAAO,MAAO,MAAO,MAAO,MAAO,KAAK,EAC7DC,GAAe,IAAM,CACzB,IAAMC,EAAM,IAAI,KACVC,EAAUH,GAAWE,EAAI,UAAU,CAAC,EACpCE,EAAQL,GAAYG,EAAI,YAAY,CAAC,EACrCG,EAAMH,EAAI,WAAW,EACvBI,EAAQJ,EAAI,YAAY,EACxBI,EAAQ,KACVA,EAAQ,IAAIA,CAAK,IAEnB,IAAIC,EAAUL,EAAI,cAAc,EAC5BK,EAAU,KACZA,EAAU,IAAIA,CAAO,IAEvB,IAAIC,EAAUN,EAAI,cAAc,EAC5BM,EAAU,KACZA,EAAU,IAAIA,CAAO,IAEvB,IAAMC,EAAOP,EAAI,eAAe,EAGhC,MADgB,GAAGC,CAAO,IAAIC,CAAK,IAAIC,CAAG,IAAIC,CAAK,IAAIC,CAAO,IAAIC,CAAO,QAAQC,CAAI,EAEvF,ECnBA,IAAMC,GAAqB,CAAC,CAC1B,aAAAC,EACA,SAAAC,EACA,oBAAAC,EACA,QAAAC,EACA,KAAAC,CACF,IAAM,CACJ,IAAMC,EAAcC,GAAY,QAAQN,CAAY,EAC9CO,EAAYD,GAAY,QAAQL,CAAQ,EACxCO,EAAYC,GAAmBP,EAAoB,YAAY,EAC/DQ,EAAYJ,GAAY,QAAQH,CAAO,EACvCQ,EAAY,IAAI,WAAWN,EAAY,WAAaE,EAAU,WAAaC,EAAU,WAAaE,EAAU,UAAU,EAC5HC,EAAU,IAAIN,EAAa,CAAC,EAC5BM,EAAU,IAAIJ,EAAWF,EAAY,UAAU,EAC/CM,EAAU,IAAIH,EAAWH,EAAY,WAAaE,EAAU,UAAU,EACtEI,EAAU,IAAID,EAAWL,EAAY,WAAaE,EAAU,WAAaC,EAAU,UAAU,EAC7F,IAAMI,EAAgB,IAAIC,GAAOT,CAAI,EACrCQ,EAAc,OAAOD,CAAS,EAC9B,IAAMG,EAAsBF,EAAc,WAAW,EAErD,OADwBG,GAAc,QAAQD,CAAmB,CAEnE,EACML,GAAqBO,GAAgB,CACzC,IAAMC,EAAU,IAAI,QAAQ,EAAID,EAAa,OAAS,GAAK,CAAC,EACtDE,GAAUF,EAAeC,GAAS,QAAQ,KAAM,GAAG,EAAE,QAAQ,KAAM,GAAG,EACtEE,EAAUC,GAAc,QAAQF,CAAM,EACtCG,EAAc,IAAI,WAAWF,EAAQ,MAAM,EACjD,QAAS,EAAI,EAAG,EAAIA,EAAQ,OAAQ,EAAE,EACpCE,EAAY,CAAC,EAAIF,EAAQ,WAAW,CAAC,EAEvC,OAAOE,CACT,ECLA,IAAMC,GAAkB,kBAyQxB,SAAeC,GAA2BC,EAAUC,EAAUC,EAAgBC,EAAQC,EAAmB,QAAAC,EAAA,sBACvG,GAAM,CACJ,iBAAAC,EACA,WAAAC,EACA,iBAAAC,CACF,EAAIL,EACEM,EAAiB,CACrB,SAAUT,EACV,SAAUC,CACZ,EACMS,EAAiB,MAAMN,EAAkB,kBAAkBJ,CAAQ,EACrEU,GAAkBA,EAAe,YACnCD,EAAe,WAAaC,EAAe,WAE7C,IAAMC,EAAkBC,EAAmB,CACzC,SAAAZ,EACA,WAAAO,EACA,iBAAAD,CACF,CAAC,EACKO,EAAU,CACd,SAAU,qBACV,eAAgBJ,EAChB,eAAgBP,EAChB,SAAUI,EACV,gBAAAK,CACF,EAMMG,EAAW,MALIC,GAAyB,CAC5C,iBAAkBC,EAAsC,CACtD,iBAAkBR,CACpB,CAAC,CACH,CAAC,EACmC,CAClC,OAAQS,EAAwBV,CAAU,EAC1C,eAAgBW,EAAsBC,EAAW,MAAM,CACzD,EAAGN,CAAO,EACJO,EAAiBN,EAAS,qBAAqB,UAAYA,EAAS,qBAAqB,iBAAmBd,EAElH,OADAqB,GAAwBD,CAAc,EAClCN,EAAS,gBAAkB,kBAA0BQ,GAAoB,CAC3E,SAAUF,EACV,OAAAjB,EACA,eAAAD,EACA,QAASY,EAAS,QAClB,kBAAAV,CACF,CAAC,EACMU,CACT,GACA,SAAeS,GAAsBvB,EAAUC,EAAUC,EAAgBC,EAAQC,EAAmB,QAAAC,EAAA,sBAClG,GAAM,CACJ,WAAAE,EACA,iBAAAD,EACA,iBAAAE,CACF,EAAIL,EACEqB,EAAejB,GAAY,MAAM,GAAG,EAAE,CAAC,GAAK,GAC5CkB,EAAuB,MAAMC,GAAwBF,CAAY,EACjEf,EAAiB,CACrB,SAAUT,EACV,MAAOyB,EAAqB,EAAE,SAAS,EAAE,CAC3C,EACMd,EAAkBC,EAAmB,CACzC,SAAAZ,EACA,WAAAO,EACA,iBAAAD,CACF,CAAC,EACKO,EAAU,CACd,SAAU,gBACV,eAAgBJ,EAChB,eAAgBP,EAChB,SAAUI,EACV,gBAAAK,CACF,EAMMgB,EAAO,MALQZ,GAAyB,CAC5C,iBAAkBC,EAAsC,CACtD,iBAAkBR,CACpB,CAAC,CACH,CAAC,EAC+B,CAC9B,OAAQS,EAAwBV,CAAU,EAC1C,eAAgBW,EAAsBC,EAAW,MAAM,CACzD,EAAGN,CAAO,EACJ,CACJ,oBAAqBe,EACrB,QAASC,CACX,EAAIF,EACEP,EAAiBQ,GAAqB,UAAY5B,EACxD,OAAAqB,GAAwBD,CAAc,EAC/BU,GAAiCC,GAAiC,CAAC9B,EAAU2B,EAAqB1B,EAAgB2B,EAASJ,EAAsBtB,EAAQC,CAAiB,EAAGgB,EAAgBhB,CAAiB,CACvN,GACA,SAAe4B,GAA+BhC,EAAUE,EAAgBC,EAAQC,EAAmB,QAAAC,EAAA,sBACjG,GAAM,CACJ,iBAAAC,EACA,WAAAC,EACA,iBAAAC,CACF,EAAIL,EACEM,EAAiB,CACrB,SAAUT,CACZ,EACMU,EAAiB,MAAMN,EAAkB,kBAAkBJ,CAAQ,EACrEU,GAAkBA,EAAe,YACnCD,EAAe,WAAaC,EAAe,WAE7C,IAAMC,EAAkBC,EAAmB,CACzC,SAAAZ,EACA,WAAAO,EACA,iBAAAD,CACF,CAAC,EACKO,EAAU,CACd,SAAU,cACV,eAAgBJ,EAChB,eAAgBP,EAChB,SAAUI,EACV,gBAAAK,CACF,EAMMG,EAAW,MALIC,GAAyB,CAC5C,iBAAkBC,EAAsC,CACtD,iBAAkBR,CACpB,CAAC,CACH,CAAC,EACmC,CAClC,OAAQS,EAAwBV,CAAU,EAC1C,eAAgBW,EAAsBC,EAAW,MAAM,CACzD,EAAGN,CAAO,EACJO,EAAiBN,EAAS,qBAAqB,UAAYd,EAEjE,OADAqB,GAAwBD,CAAc,EAClCN,EAAS,gBAAkB,kBAA0BQ,GAAoB,CAC3E,SAAUF,EACV,OAAAjB,EACA,eAAAD,EACA,QAASY,EAAS,QAClB,kBAAAV,CACF,CAAC,EACMU,CACT,GACA,SAAemB,GAAwBjC,EAAUC,EAAUC,EAAgBC,EAAQC,EAAmB,QAAAC,EAAA,sBACpG6B,EAA0B/B,CAAM,EAChC,GAAM,CACJ,WAAAI,EACA,iBAAAD,EACA,iBAAAE,CACF,EAAIL,EACEqB,EAAejB,GAAY,MAAM,GAAG,EAAE,CAAC,GAAK,GAC5CkB,EAAuB,MAAMC,GAAwBF,CAAY,EACjEf,EAAiB,CACrB,SAAUT,EACV,MAAOyB,EAAqB,EAAE,SAAS,EAAE,EACzC,eAAgB,OAClB,EACMd,EAAkBC,EAAmB,CACzC,SAAAZ,EACA,WAAAO,EACA,iBAAAD,CACF,CAAC,EACKO,EAAU,CACd,SAAU,cACV,eAAgBJ,EAChB,eAAgBP,EAChB,SAAUI,EACV,gBAAAK,CACF,EACMwB,EAAepB,GAAyB,CAC5C,iBAAkBC,EAAsC,CACtD,iBAAkBR,CACpB,CAAC,CACH,CAAC,EACK,CACJ,oBAAqBoB,EACrB,QAASC,CACX,EAAI,MAAMM,EAAa,CACrB,OAAQlB,EAAwBV,CAAU,EAC1C,eAAgBW,EAAsBC,EAAW,MAAM,CACzD,EAAGN,CAAO,EACJO,EAAiBQ,GAAqB,UAAY5B,EACxD,OAAAqB,GAAwBD,CAAc,EAC/BU,GAAiCC,GAAiC,CAAC9B,EAAU2B,EAAqB1B,EAAgB2B,EAASJ,EAAsBtB,EAAQC,CAAiB,EAAGgB,EAAgBhB,CAAiB,CACvN,GACA,SAAekB,GAAoBc,EAMhC,QAAA/B,EAAA,yBANgC,CACjC,SAAAL,EACA,OAAAG,EACA,eAAAD,EACA,QAAA2B,EACA,kBAAAzB,CACF,EAAG,CACD,GAAM,CACJ,WAAAG,EACA,iBAAAC,CACF,EAAIL,EACEkC,EAAWlC,EAAO,iBAClBO,EAAiB,MAAMN,GAAmB,kBAAkBJ,CAAQ,EAC1EsC,GAAqB5B,CAAc,EACnC,IAAMe,EAAuB,MAAMC,GAAwBhB,EAAe,cAAc,EAClF6B,EAAqB,CACzB,SAAUvC,EACV,MAAOyB,EAAqB,EAAE,SAAS,EAAE,EACzC,WAAYf,EAAe,SAC7B,EACM8B,EAA2B,CAC/B,cAAe,kBACf,SAAUH,EACV,mBAAoBE,EACpB,eAAgBrC,EAChB,QAAS2B,CACX,EACMY,EAAyBC,GAAmC,CAChE,iBAAkB1B,EAAsC,CACtD,iBAAkBR,CACpB,CAAC,CACH,CAAC,EACK,CACJ,oBAAqBmC,EACrB,QAAAC,CACF,EAAI,MAAMH,EAAuB,CAC/B,OAAQxB,EAAwBV,CAAU,CAC5C,EAAGiC,CAAwB,EAC3B,OAAOK,GAA6B7C,EAAU2C,EAA8BzC,EAAgB0C,EAASnB,EAAsBtB,EAAQC,CAAiB,CACtJ,GACA,SAAeyC,GAA6BT,EAAUU,EAAqBC,EAAgBC,EAASC,EAAsBC,EAIvHC,EAAmB,QAAA9C,EAAA,yBAJsBL,EAAU4B,EAAqB1B,EAAgB2B,EAASJ,EAAsB,CACxH,WAAAlB,EACA,iBAAAD,EACA,iBAAAE,CACF,EAAGJ,EAAmB,CACpB,IAAMM,EAAiB,MAAMN,GAAmB,kBAAkBJ,CAAQ,EAC1EsC,GAAqB5B,CAAc,EACnC,IAAM0C,EAAe,IAAIC,EAAWzB,GAAqB,MAAO,EAAE,EAC5D0B,EAAO,IAAID,EAAWzB,GAAqB,KAAM,EAAE,EACnD,CACJ,UAAA2B,EACF,EAAI7C,EACE,CACJ,eAAA8C,EACF,EAAI9C,EACE+C,EAAO,MAAMhC,EAAqB,6BAA6B,CACnE,SAAUf,EAAe,UACzB,SAAUA,EAAe,eACzB,aAAA0C,EACA,KAAAE,CACF,CAAC,EACKI,GAAUC,GAAa,EACvBpB,GAAqB,CACzB,SAAUX,GAAqB,UAAY5B,EAC3C,4BAA6B4B,GAAqB,aAClD,UAAW8B,GACX,yBAA0BE,GAAmB,CAC3C,SAAUL,GACV,aAAcC,GACd,oBAAA5B,EACA,QAAA8B,GACA,KAAAD,CACF,CAAC,EACD,WAAYF,EACd,EACM5C,GAAkBC,EAAmB,CACzC,SAAAZ,EACA,WAAAO,EACA,iBAAAD,CACF,CAAC,EACKkC,GAA2B,CAC/B,cAAe,2BACf,SAAUlC,EACV,mBAAoBiC,GACpB,QAASV,EACT,eAAgB3B,EAChB,gBAAAS,EACF,EAMA,OAL+B+B,GAAmC,CAChE,iBAAkB1B,EAAsC,CACtD,iBAAkBR,CACpB,CAAC,CACH,CAAC,EAC6B,CAC5B,OAAQS,EAAwBV,CAAU,CAC5C,EAAGiC,EAAwB,CAC7B,GACA,SAAeT,GAAgC9B,EAAU2B,EAAqB1B,EAAgB2B,EAASJ,EAAsBtB,EAAQC,EAAmB,QAAAC,EAAA,sBACtJ,GAAM,CACJ,WAAAE,EACA,iBAAAD,EACA,iBAAAE,CACF,EAAIL,EACEqB,EAAejB,GAAY,MAAM,GAAG,EAAE,CAAC,GAAK,GAC5C6C,EAAe,IAAIC,EAAWzB,GAAqB,MAAO,EAAE,EAC5D0B,EAAO,IAAID,EAAWzB,GAAqB,KAAM,EAAE,EACnD5B,EAAW4B,GAAqB,gBACtC,GAAI,CAAC5B,EAAU,MAAM,IAAI6D,EAAU,CACjC,KAAM,6BACN,QAAS,sDACX,CAAC,EACD,IAAMJ,EAAO,MAAMhC,EAAqB,6BAA6B,CACnE,SAAAzB,EACA,SAAAC,EACA,aAAAmD,EACA,KAAAE,CACF,CAAC,EACKI,EAAUC,GAAa,EACvBpB,EAAqB,CACzB,SAAUvC,EACV,4BAA6B4B,GAAqB,aAClD,UAAW8B,EACX,yBAA0BE,GAAmB,CAC3C,SAAA5D,EACA,aAAAwB,EACA,oBAAAI,EACA,QAAA8B,EACA,KAAAD,CACF,CAAC,CACH,EACM/C,EAAiB,MAAMN,EAAkB,kBAAkBJ,CAAQ,EACrEU,GAAkBA,EAAe,YACnC6B,EAAmB,WAAa7B,EAAe,WAEjD,IAAMC,EAAkBC,EAAmB,CACzC,SAAAZ,EACA,WAAAO,EACA,iBAAAD,CACF,CAAC,EACKkC,GAA2B,CAC/B,cAAe,oBACf,mBAAoBD,EACpB,eAAgBrC,EAChB,QAAS2B,EACT,SAAUvB,EACV,gBAAAK,CACF,EAMMG,EAAW,MALc4B,GAAmC,CAChE,iBAAkB1B,EAAsC,CACtD,iBAAkBR,CACpB,CAAC,CACH,CAAC,EAC6C,CAC5C,OAAQS,EAAwBV,CAAU,CAC5C,EAAGiC,EAAwB,EAC3B,OAAI1B,EAAS,gBAAkB,kBAA0BQ,GAAoB,CAC3E,SAAAtB,EACA,OAAAG,EACA,eAAAD,EACA,QAASY,EAAS,QAClB,kBAAAV,CACF,CAAC,EACMU,CACT,GACA,SAAegD,GAAgBC,EAAQ,QAAA1D,EAAA,sBACrC,GAAM,CACJ,cAAA2D,EACA,oBAAApC,CACF,EAAImC,EACEE,EAAaC,EAAQ,UAAU,EAAE,MAAM,QAE7C,OADAhC,EAA0B+B,CAAU,EAC5BD,EAAe,CACrB,IAAK,mBACH,MAAO,CACL,WAAY,GACZ,SAAU,CACR,WAAY,wCACZ,eAAgBpC,CAClB,CACF,EACF,IAAK,YACH,CACE,GAAM,CACJ,cAAAuC,EACA,SAAAnE,CACF,EAAIoE,GAAY,SAAS,EACzB,GAAI,CAACC,GAAiBzC,EAAqB,MAAM,EAAG,MAAM,IAAIiC,EAAU,CACtE,KAAMS,GAAe,gBACrB,QAAS,mDAAmDC,GAAYC,GAAc5C,EAAoB,cAAc,CAAC,CAAC,EAC5H,CAAC,EACD,IAAM6C,EAAyBC,GAAmC,CAChE,iBAAkB1D,EAAsC,CACtD,iBAAkBiD,EAAW,gBAC/B,CAAC,CACH,CAAC,EACK,CACJ,QAAArB,EACA,WAAY+B,CACd,EAAI,MAAMF,EAAuB,CAC/B,OAAQxD,EAAwBgD,EAAW,UAAU,CACvD,EAAG,CACD,QAASE,CACX,CAAC,EACD,OAAAC,GAAY,SAAS,CACnB,KAAM,sBACN,MAAOxB,CACT,CAAC,EACM,CACL,WAAY,GACZ,SAAU,CACR,WAAY,mCACZ,iBAAkBgC,GAAoBD,EAAY3E,CAAQ,CAC5D,CACF,CACF,CACF,IAAK,wBACH,MAAO,CACL,WAAY,GACZ,SAAU,CACR,WAAY,6CACZ,kBAAmB6E,GAAgBjD,EAAoB,kBAAkB,CAC3E,CACF,EACF,IAAK,kBACH,MAAO,CACL,WAAY,GACZ,SAAU,CACR,WAAY,sCACZ,gBAAiB2C,GAAYC,GAAc5C,EAAoB,eAAe,CAAC,CACjF,CACF,EACF,IAAK,UACH,MAAO,CACL,WAAY,GACZ,SAAU,CACR,WAAY,gCACZ,oBAAqB,CACnB,eAAgBA,EAAoB,8BACpC,YAAaA,EAAoB,yBACnC,CACF,CACF,EACF,IAAK,qBACH,MAAO,CACL,WAAY,GACZ,SAAU,CACR,WAAY,gCACd,CACF,CACJ,CAEA,MAAM,IAAIiC,EAAU,CAClB,KAAMS,GAAe,gBACrB,QAAS,iDAAsDN,CAAa,sEAC9E,CAAC,CACH,GACA,SAASY,GAAoBD,EAAY3E,EAAU,CACjD,MAAO,CACL,aAAc2E,EACd,YAAa,CAACG,EAASC,IAAgB,CACrC,IAAMC,EAAU,kBAAkBF,CAAO,IAAIC,GAAe/E,CAAQ,WAAW2E,CAAU,WAAWG,CAAO,GAC3G,OAAO,IAAIG,EAAWD,CAAO,CAC/B,CACF,CACF,CACA,SAASE,GAAyBC,EAAW,CAC3C,GAAIA,IAAcC,GAAsB,+BACtC,MAAO,CACL,WAAY,GACZ,SAAU,CACR,WAAY,gBACd,CACF,EACK,GAAID,IAAcC,GAAsB,0BAC7C,MAAO,CACL,WAAY,GACZ,SAAU,CACR,WAAY,iBACd,CACF,CAEJ,CACA,SAASP,GAAgBQ,EAAY,CACnC,OAAKA,EACoB,KAAK,MAAMA,CAAU,EAAE,IAAIC,GAAOA,EAAI,SAASC,EAAe,EAAID,EAAI,QAAQC,GAAiB,EAAE,EAAID,CAAG,EADzG,CAAC,CAG3B,CA6EA,SAASE,GAAWC,EAAM,CACxB,GAAIA,IAAS,UAAW,MAAO,MAC/B,GAAIA,IAAS,qBAAsB,MAAO,MAE5C,CACA,SAASC,GAAYC,EAAO,CAC1B,GAAKA,EACL,OAAOA,EAAM,IAAIH,EAAU,EAAE,OAAO,OAAO,CAC7C,CACA,SAASI,GAAcC,EAAK,CAC1B,OAAKA,EACE,KAAK,MAAMA,CAAG,EADJ,CAAC,CAEpB,CACA,SAASC,GAAiBC,EAAiBC,EAAS,CAClD,GAAM,CACJ,eAAAC,CACF,EAAIF,EACEG,EAAWR,GAAYE,GAAcK,CAAc,CAAC,EAC1D,OAAKC,EACEA,EAAS,SAASF,CAAO,EADV,EAExB,CACA,SAAeG,IAA6B,QAAAC,EAAA,sBAC1C,IAAIC,EACJ,GAAI,CACFA,EAAW,MAAMC,GAAe,CAClC,MAAgB,CAAC,CACjB,GAAID,GAAYA,EAAS,QAAUA,EAAS,SAC1C,MAAM,IAAIE,EAAU,CAClB,KAAMC,GACN,QAAS,qCACT,mBAAoB,2CACtB,CAAC,CAEL,GAUA,SAAeC,GAAqBC,EAKjC,QAAAN,EAAA,yBALiC,CAClC,WAAAO,EACA,iBAAAC,EACA,kBAAAC,EACA,YAAAC,CACF,EAAG,CACD,GAAI,CAACD,EAAmB,OACxB,IAAME,EAAeJ,EAAW,MAAM,GAAG,EAAE,CAAC,GAAK,GAC3CK,EAAuB,MAAMC,GAAwBF,CAAY,EACjEG,EAAYL,GAAmB,UAC/BM,EAAiBN,GAAmB,eAC1C,GAAI,CACF,MAAMG,EAAqB,mBAAmBG,GAAkB,GAAID,GAAa,EAAE,CACrF,MAAqB,CAEnB,MACF,CACA,IAAME,EAA6B,CACjC,KAAMC,GAAc,QAAQC,GAAgBN,EAAqB,qBAAqB,CAAC,CAAC,EACxF,iBAAkBK,GAAc,QAAQC,GAAgBN,EAAqB,mBAAmB,CAAC,CAAC,CACpG,EACMO,EAAiBP,EAAqB,kBAAkB,EAC9D,GAAI,CAMF,aALsBQ,GAA0B,CAC9C,iBAAkBC,EAAsC,CACtD,iBAAkBb,CACpB,CAAC,CACH,CAAC,EACmB,CAClB,OAAQc,EAAwBf,CAAU,CAC5C,EAAG,CACD,YAAaG,EACb,WAAY,MAAMa,GAAc,EAChC,UAAWd,GAAmB,UAC9B,2BAA4BO,CAC9B,CAAC,EACM,CACL,UAAAF,EACA,eAAAC,EACA,eAAAI,CACF,CACF,MAAgB,CAEd,MACF,CACF,GAMA,SAAeK,GAAiCC,EAAMC,EAAMC,EAAUC,EAAmB,QAAA5B,EAAA,sBACvF,GAAI,CACF,OAAO,MAAMyB,EAAK,GAAGC,CAAI,CAC3B,OAASG,EAAO,CACd,GAAIA,aAAiB1B,GAAa0B,EAAM,OAAS,6BAA+BA,EAAM,QAAQ,SAAS,wBAAwB,EAC7H,aAAMD,EAAkB,oBAAoBD,CAAQ,EAC7CF,EAAK,GAAGC,CAAI,EAErB,MAAMG,CACR,CACF,GACA,SAASC,GAAwBH,EAAU,CACzC,GAAM,CACJ,SAAAI,CACF,EAAIC,GACJD,EAAS,CACP,KAAM,eACN,MAAOJ,CACT,CAAC,CACH,CACA,SAASM,GAAwBN,EAAU,CAEzC,OADcK,GAAY,SAAS,EACtB,UAAYL,CAC3B,CCl7BA,IAAMO,GAAwB,iEAYxBC,GAAuBC,GAAU,CACrC,IAAMC,EAAc,IAAI,WAAWD,CAAM,EACzCE,GAAU,EAAE,gBAAgBD,CAAW,EACvC,IAAIE,EAAQ,GACRC,EACJ,QAAWC,KAAQJ,EACjBE,GAASL,GAAsB,OAAOO,EAAOP,GAAsB,MAAM,EAE3E,MAAO,CACL,MAAAK,EACA,OAAQ,OACR,iBAAkB,CAChB,OAAIC,IAGJA,EAAgBE,GAAsBH,CAAK,EACpCC,EACT,CACF,CACF,EACA,SAASE,GAAsBC,EAAc,CAC3C,IAAMC,EAAgB,IAAIC,GAC1B,OAAAD,EAAc,OAAOD,CAAY,EACXG,GAAkBC,GAAc,QAAQH,EAAc,WAAW,EAAG,CACxF,QAAS,EACX,CAAC,CAAC,CAEJ,CACA,SAASE,GAAkBE,EAAe,CACxC,OAAOA,EAAc,QAAQ,KAAM,EAAE,CACvC,CC3CA,IAAMC,GAAgB,IACbC,GAAqB,EAAE,ECAhC,IAAMC,GAAiCC,GAAS,CAC9C,SAAeC,EAAsBC,EAAO,QAAAC,EAAA,sBAE1C,GADkBD,EAAM,YACN,MAAMF,EAAM,kBAAkB,GAAI,CAClD,IAAMI,EAAQC,GAAiB,4BAA4B,EAC3D,MAAMC,GAAcF,CAAK,CAC3B,CACA,OAAO,oBAAoB,WAAYH,CAAqB,CAC9D,GACA,OAAO,iBAAiB,WAAYA,CAAqB,CAC3D,ECcA,SAAeM,GAAmBC,EAAO,QAAAC,EAAA,sBACvC,IAAMC,EAAaC,EAAQ,UAAU,EAAE,MAAM,QAC7CC,EAA0BF,CAAU,EACpCG,GAAkBH,CAAU,EAC5BI,EAAW,cAAcJ,CAAU,EACnC,MAAMK,GAA2B,EACjC,IAAIC,EAAW,UACf,OAAI,OAAOR,GAAO,UAAa,SAC7BQ,EAAWC,GAAmCT,EAAM,QAAQ,EACnDA,GAAO,UAAU,SAC1BQ,EAAWR,EAAM,SAAS,QAErBU,GAAY,CACjB,YAAaR,EAAW,UAAU,MAClC,SAAUA,EAAW,iBACrB,SAAAM,EACA,YAAaR,GAAO,YACpB,qBAAsBA,GAAO,SAAS,oBACxC,CAAC,CACH,GACA,IAAMU,GAAqBC,GAMrBV,EAAA,QANqBU,GAMrB,UANqB,CACzB,YAAAC,EACA,SAAAJ,EACA,SAAAK,EACA,YAAAC,EACA,qBAAAC,CACF,EAAM,CACJ,GAAM,CACJ,OAAAC,EACA,eAAAC,EACA,aAAAC,EACA,OAAAC,CACF,EAAIP,EACEQ,EAAcC,GAAc,EAO5BC,EAAQR,EAAc,GAAGM,CAAW,IAAIG,GAAcT,CAAW,CAAC,GAAKM,EACvE,CACJ,MAAAI,EACA,OAAAC,EACA,gBAAAC,CACF,EAAIC,GAAqB,GAAG,EACtBC,EAAcC,GAAejB,EAAY,cAAc,EACzDkB,GAAU,GAAGxB,EAAW,mBAAmB,EAAI,EACnDA,EAAW,gBAAgBgB,CAAK,EAChChB,EAAW,UAAUkB,CAAK,EAC1B,IAAMO,EAAc,OAAO,QAAQC,EAAA,CACjC,aAAcJ,EACd,cAAeV,EACf,UAAWL,EACX,kBAAmBL,EACnB,MAAOW,EAAO,KAAK,GAAG,EACtB,MAAAG,GACIJ,IAAiB,QAAU,CAC7B,eAAgBQ,EAAgB,EAChC,sBAAuBD,CACzB,EACD,EAAE,IAAI,CAAC,CAACQ,EAAGC,EAAC,IAAM,GAAG,mBAAmBD,CAAC,CAAC,IAAI,mBAAmBC,EAAC,CAAC,EAAE,EAAE,KAAK,GAAG,EAE1EC,EAAW,WAAWnB,CAAM,qBAAqBe,CAAW,GAIlEK,GAA+B9B,CAAU,EAEzC,GAAM,CACJ,KAAA+B,EACA,MAAAC,GACA,IAAAC,EACF,GAAK,MAAMC,GAAgBL,CAAQ,IAAM,CAAC,EAC1C,GAAI,CACF,GAAIE,IAAS,QACX,MAAMI,GAAiB,OAAOH,EAAK,CAAC,EAElCD,IAAS,WAAaE,KACxB,MAAMG,GAAkB,CACtB,WAAYH,GACZ,SAAA1B,EACA,OAAAG,EACA,YAAAY,EACA,aAAAV,EACA,eAAgByB,EAAsBC,EAAW,kBAAkB,EACnE,qBAAA7B,CACF,CAAC,EAEL,OAAS8B,EAAK,CACZ,YAAMC,GAAcD,CAAG,EAEjBA,CACR,CACF,GCpHA,SAASE,GAAgBC,EAAY,CACnC,OAAO,OAAO,QAAQA,CAAU,EAAE,IAAI,CAAC,CAACC,EAAKC,CAAK,KAAO,CACvD,KAAMD,EACN,MAAOC,CACT,EAAE,CACJ,CAOA,SAASC,GAAoBH,EAAY,CACvC,IAAMI,EAAiB,CAAC,EACxB,OAAAJ,GAAY,QAAQK,GAAa,CAC3BA,EAAU,OAAMD,EAAeC,EAAU,IAAI,EAAIA,EAAU,MACjE,CAAC,EACMD,CACT,CCCA,SAAeE,GAAqBC,EAAO,QAAAC,EAAA,sBACzC,IAAMC,EAAaC,EAAQ,UAAU,EAAE,MAAM,QAC7CC,EAA0BF,CAAU,EACpC,GAAM,CACJ,SAAAG,EACA,SAAAC,EACA,QAAAC,CACF,EAAIP,EACEQ,EAAgB,CACpB,QAASH,EACT,aAAc,oBAChB,EACMI,EAAWF,GAAS,eAC1BG,EAAsB,CAAC,CAACL,EAAUM,EAAwB,mBAAmB,EAC7ED,EAAsB,CAACJ,EAAUK,EAAwB,wBAAwB,EACjF,GAAI,CACF,GAAM,CACJ,cAAeC,EACf,oBAAqBC,EACrB,qBAAAC,EACA,QAAAC,CACF,EAAI,MAAMC,GAAiCC,GAAgC,CAACZ,EAAUI,EAAUP,EAAYgB,CAAiB,EAAGb,EAAUa,CAAiB,EACrJC,EAAiBC,GAAwBf,CAAQ,EAQvD,OANAgB,GAAqB,CACnB,cAAeN,EACf,SAAUI,EACV,cAAeP,EACf,cAAAJ,CACF,CAAC,EACGM,GACFQ,EAAuB,EACvB,MAAMC,EAAmBC,EAAAC,EAAA,CACvB,SAAUN,GACPL,GAFoB,CAGvB,kBAAmB,MAAMY,GAAqB,CAC5C,WAAYxB,EAAW,WACvB,iBAAkBA,EAAW,iBAC7B,kBAAmBY,EAAqB,kBACxC,YAAaA,EAAqB,WACpC,CAAC,EACD,cAAAN,CACF,EAAC,EACD,MAAMmB,GAAyB,EACxB,CACL,WAAY,GACZ,SAAU,CACR,WAAY,MACd,CACF,GAEKC,GAAgB,CACrB,cAAehB,EACf,oBAAqBC,CACvB,CAAC,CACH,OAASgB,EAAO,CACdP,EAAuB,EACvBQ,EAAmBD,CAAK,EACxB,IAAME,EAASC,GAAyBH,EAAM,IAAI,EAClD,GAAIE,EAAQ,OAAOA,EACnB,MAAMF,CACR,CACF,GC7DA,SAAeI,GAAwBC,EAAO,QAAAC,EAAA,sBAC5C,GAAM,CACJ,SAAAC,EACA,SAAAC,EACA,QAAAC,CACF,EAAIJ,EACEK,EAAgB,CACpB,QAASH,EACT,aAAc,iBAChB,EACMI,EAAaC,EAAQ,UAAU,EAAE,MAAM,QAC7CC,EAA0BF,CAAU,EACpC,IAAMG,EAAWL,GAAS,eAC1BM,EAAsB,CAAC,CAACR,EAAUS,EAAwB,mBAAmB,EAC7ED,EAAsB,CAAC,CAACP,EAAUQ,EAAwB,mBAAmB,EAC7E,GAAI,CACF,GAAM,CACJ,cAAeC,EACf,oBAAqBC,EACrB,qBAAAC,EACA,QAAAC,CACF,EAAI,MAAMC,GAAwBd,EAAUC,EAAUM,EAAUH,EAAYW,CAAiB,EACvFC,EAAiBC,GAAwBjB,CAAQ,EAQvD,OANAkB,GAAqB,CACnB,cAAeL,EACf,SAAUG,EACV,cAAeN,EACf,cAAAP,CACF,CAAC,EACGS,GACF,MAAMO,EAAmBC,EAAAC,EAAA,CACvB,SAAUL,GACPJ,GAFoB,CAGvB,kBAAmB,MAAMU,GAAqB,CAC5C,WAAYlB,EAAW,WACvB,iBAAkBA,EAAW,iBAC7B,kBAAmBQ,EAAqB,kBACxC,YAAaA,EAAqB,WACpC,CAAC,EACD,cAAAT,CACF,EAAC,EACDoB,EAAuB,EACvB,MAAMC,GAAyB,EACxB,CACL,WAAY,GACZ,SAAU,CACR,WAAY,MACd,CACF,GAEKC,GAAgB,CACrB,cAAef,EACf,oBAAqBC,CACvB,CAAC,CACH,OAASe,EAAO,CACdH,EAAuB,EACvBI,EAAmBD,CAAK,EACxB,IAAME,EAASC,GAAyBH,EAAM,IAAI,EAClD,GAAIE,EAAQ,OAAOA,EACnB,MAAMF,CACR,CACF,GC9DA,SAAeI,GAAcC,EAAO,QAAAC,EAAA,sBAClC,GAAM,CACJ,SAAAC,EACA,SAAAC,CACF,EAAIH,EACEI,EAAaC,EAAQ,UAAU,EAAE,MAAM,QACvCC,EAAgB,CACpB,QAASJ,EACT,aAAc,eAChB,EACAK,EAA0BH,CAAU,EACpC,IAAMI,EAAiBR,EAAM,SAAS,eACtCS,EAAsB,CAAC,CAACP,EAAUQ,EAAwB,mBAAmB,EAC7ED,EAAsB,CAAC,CAACN,EAAUO,EAAwB,mBAAmB,EAC7E,GAAI,CACF,GAAM,CACJ,cAAeC,EACf,oBAAqBC,EACrB,qBAAAC,EACA,QAAAC,CACF,EAAI,MAAMC,GAAsBb,EAAUC,EAAUK,EAAgBJ,EAAYY,CAAiB,EAC3FC,EAAiBC,GAAwBhB,CAAQ,EAQvD,OANAiB,GAAqB,CACnB,cAAeL,EACf,SAAUG,EACV,cAAeN,EACf,cAAAL,CACF,CAAC,EACGO,GACFO,EAAuB,EACvB,MAAMC,EAAmBC,EAAAC,EAAA,CACvB,SAAUN,GACPJ,GAFoB,CAGvB,kBAAmB,MAAMW,GAAqB,CAC5C,WAAYpB,EAAW,WACvB,iBAAkBA,EAAW,iBAC7B,kBAAmBS,EAAqB,kBACxC,YAAaA,EAAqB,WACpC,CAAC,EACD,cAAAP,CACF,EAAC,EACD,MAAMmB,GAAyB,EACxB,CACL,WAAY,GACZ,SAAU,CACR,WAAY,MACd,CACF,GAEKC,GAAgB,CACrB,cAAef,EACf,oBAAqBC,CACvB,CAAC,CACH,OAASe,EAAO,CACdP,EAAuB,EACvBQ,EAAmBD,CAAK,EACxB,IAAME,EAASC,GAAyBH,EAAM,IAAI,EAClD,GAAIE,EAAQ,OAAOA,EACnB,MAAMF,CACR,CACF,GC9DA,SAAeI,GAAuBC,EAAO,QAAAC,EAAA,sBAC3C,GAAM,CACJ,SAAAC,EACA,SAAAC,EACA,QAAAC,CACF,EAAIJ,EACEK,EAAaC,EAAQ,UAAU,EAAE,MAAM,QACvCC,EAAgB,CACpB,QAASL,EACT,aAAc,oBAChB,EACAM,EAA0BH,CAAU,EACpC,IAAMI,EAAWL,GAAS,eAC1BM,EAAsB,CAAC,CAACR,EAAUS,EAAwB,mBAAmB,EAC7ED,EAAsB,CAAC,CAACP,EAAUQ,EAAwB,mBAAmB,EAC7E,GAAI,CACF,GAAM,CACJ,cAAeC,EACf,oBAAqBC,EACrB,qBAAAC,EACA,QAAAC,CACF,EAAI,MAAMC,GAAiCC,GAA4B,CAACf,EAAUC,EAAUM,EAAUJ,EAAYa,CAAiB,EAAGhB,EAAUgB,CAAiB,EAC3JC,EAAiBC,GAAwBlB,CAAQ,EAQvD,OANAmB,GAAqB,CACnB,cAAeN,EACf,SAAUI,EACV,cAAeP,EACf,cAAAL,CACF,CAAC,EACGO,GACF,MAAMQ,EAAmBC,EAAAC,EAAA,GACpBV,GADoB,CAEvB,SAAUK,EACV,kBAAmB,MAAMM,GAAqB,CAC5C,WAAYpB,EAAW,WACvB,iBAAkBA,EAAW,iBAC7B,kBAAmBS,EAAqB,kBACxC,YAAaA,EAAqB,WACpC,CAAC,EACD,cAAAP,CACF,EAAC,EACDmB,EAAuB,EACvB,MAAMC,GAAyB,EACxB,CACL,WAAY,GACZ,SAAU,CACR,WAAY,MACd,CACF,GAEKC,GAAgB,CACrB,cAAehB,EACf,oBAAqBC,CACvB,CAAC,CACH,OAASgB,EAAO,CACdH,EAAuB,EACvBI,EAAmBD,CAAK,EACxB,IAAME,EAASC,GAAyBH,EAAM,IAAI,EAClD,GAAIE,EAAQ,OAAOA,EACnB,MAAMF,CACR,CACF,GCrEA,SAAeI,GAAOC,EAAO,QAAAC,EAAA,sBAC3B,IAAMC,EAAeF,EAAM,SAAS,aAEpC,OADA,MAAMG,GAA2B,EACzBD,EAAc,CACpB,IAAK,gBACH,OAAOE,GAAcJ,CAAK,EAC5B,IAAK,qBACH,OAAOK,GAAuBL,CAAK,EACrC,IAAK,qBACH,OAAOM,GAAqBN,CAAK,EACnC,IAAK,kBACH,OAAOO,GAAwBP,CAAK,EACtC,QACE,OAAOI,GAAcJ,CAAK,CAC9B,CACF,GC7BA,IAAMQ,GAAoB,IAAYC,EAAA,wBACpC,MAAM,IAAIC,EAAU,CAClB,KAAMC,GACN,QAAS,wEACT,mBAAoB,oFACtB,CAAC,CACH,GAmFIC,GAAaJ,GAKjB,SAASK,GAAcC,EAAU,CAC/BF,GAAaE,CACf,CAMA,SAASC,IAAkB,CACzBH,GAAaJ,EACf,CCrGA,IAAMQ,GAA4B,EAAI,GAAK,IAC3C,SAASC,GAAqBC,EAAa,CACzC,IAAMC,EAAkBC,GAAY,OAAO,gBAAwBC,GAE7DC,EAAA,MAF6DD,GAE7D,UAF6D,CACjE,QAAAE,CACF,EAAM,CACJ,OAAQA,EAAQ,MAAO,CACrB,IAAK,gBAEgBA,EAAQ,MACX,mBACZH,GAAY,SAAS,gBAAiB,CACpC,MAAO,YACT,CAAC,EACDI,GAAcC,GAAmBP,CAAW,CAAC,EAC7CC,EAAgB,EAGxB,CACF,EAAC,EAEKO,EAAY,WAAW,IAAM,CACjCP,EAAgB,EAChBQ,GAAqB,EAAK,EAC1B,aAAaD,CAAS,EACtBE,GAAgB,CAClB,EAAGZ,EAAyB,CAC9B,CACA,SAASa,GAASC,EAAKC,EAAO,CAC5B,IAAIC,EACJ,OAAOC,GAAQ,CACRD,GACHF,EAAI,GAAGG,CAAI,EAEb,aAAaD,CAAK,EAClBA,EAAQ,WAAW,IAAM,CACvBA,EAAQ,MACV,EAAGD,CAAK,CACV,CACF,CACA,SAASG,GAAyBhB,EAAaiB,EAASC,EAAQ,CAC9D,IAAMC,EAAQ,KAAK,IAAI,EACjBC,EAA8B,YAAY,IAAYhB,EAAA,sBAG1D,GAFoB,KAAK,IAAI,EAAIe,EACjBrB,GAEd,cAAcsB,CAA2B,EACzCX,GAAqB,EAAK,EAC1BS,EAAO,IAAIG,EAAU,CACnB,KAAMC,GACN,QAAS,yCACT,mBAAoB,mGACtB,CAAC,CAAC,EACFZ,GAAgB,MAEhB,IAAI,CACF,IAAMa,EAAe,MAAMC,GAAOxB,CAAW,EACzCuB,EAAa,SAAS,aAAe,oBACvCN,EAAQM,CAAY,EACpB,cAAcH,CAA2B,EACzCX,GAAqB,EAAK,EAC1BC,GAAgB,EAEpB,OAASe,EAAO,CACd,cAAcL,CAA2B,EACzCX,GAAqB,EAAK,EAC1BS,EAAOO,CAAK,EACZf,GAAgB,CAClB,CAEJ,GAAG,GAAI,CACT,CACA,IAAMgB,GAA8Bf,GAASK,GAA0B,GAAG,EACpEW,GAA2ChB,GAASiB,GAAyC,GAAG,EAClGC,GAAoB,GACpBC,GACJ,SAASC,GAA6BC,EAAU,CAC9CF,GAA4BE,CAC9B,CACA,SAASC,GAAmCD,EAAU,CACpD,OAAOF,KAA8BE,CACvC,CACA,SAASE,IAAsB,CAC7B,OAAOL,EACT,CACA,SAASpB,GAAqB0B,EAAO,CAC/BA,IAAU,IACZJ,GAA6B,MAAS,EAExCF,GAAoBM,CACtB,CACA,SAASC,GAAiBC,EAAQ,CAChC,MAAO,CAAC,CAACA,EAAO,aAClB,CACA,SAASC,GAAsCtC,EAAa,CAC1D,MAAO,IAAYI,EAAA,sBACjB,OAAO,IAAI,QAAQ,CAACa,EAASC,IAAW,CACtCQ,GAA4B,CAAC1B,EAAaiB,EAASC,CAAM,CAAC,CAC5D,CAAC,CACH,EACF,CACA,SAAeU,GAAwC5B,EAAaiB,EAASC,EAAQ,QAAAd,EAAA,sBACnF,GAAI,CACF,IAAMiC,EAAS,MAAMb,GAAOxB,CAAW,EACvCiB,EAAQoB,CAAM,EACd3B,GAAgB,CAClB,OAASe,EAAO,CACdP,EAAOO,CAAK,EACZf,GAAgB,CAClB,CACF,GACA,SAASH,GAAmBP,EAAa,CACvC,MAAO,IAAYI,EAAA,sBACjB,OAAO,IAAI,QAAQ,CAACa,EAASC,IAAW,CACtCS,GAAyC,CAAC3B,EAAaiB,EAASC,CAAM,CAAC,CACzE,CAAC,CACH,EACF,CACA,IAAMqB,GAA0BhC,GCnHhC,IAAMiC,GAAqBC,GAAUC,EAAkBC,EAAgCC,EAAyB,QAAQ,EAAGC,EAA2B,EAAGC,IAAA,GACpJC,GACAN,EACJ,ECgBD,SAAeO,GAAOC,EAAO,QAAAC,EAAA,sBAC3B,GAAM,CACJ,SAAAC,EACA,SAAAC,EACA,QAAAC,CACF,EAAIJ,EACEK,EAAaC,EAAQ,UAAU,EAAE,MAAM,QACvCC,EAA2BF,GAAY,0BAA4B,OACnE,CACJ,eAAAG,EACA,eAAAC,EACA,WAAAC,CACF,EAAIV,EAAM,SAAW,CAAC,EACtBW,EAA0BN,CAAU,EACpCO,EAAsB,CAAC,CAACV,EAAUW,EAAwB,mBAAmB,EAC7ED,EAAsB,CAAC,CAACT,EAAUU,EAAwB,mBAAmB,EAC7E,IAAMC,EAAuB,OAAOJ,GAAe,UAAYA,EAAa,OACtEK,EAAc,CAClB,SAAAb,EACA,QAASY,CACX,EAEIA,GAAsB,eAAiB,uBACzCC,EAAY,SAAWZ,IAErBW,GAAwBJ,IAAe,MACzCM,GAA6Bd,CAAQ,EACrCe,GAAqB,EAAI,GAE3B,GAAM,CACJ,WAAAC,EACA,iBAAAC,EACA,iBAAAC,CACF,EAAIf,EAMEgB,EAAe,MALAC,GAAmB,CACtC,iBAAkBC,EAAsC,CACtD,iBAAkBH,CACpB,CAAC,CACH,CAAC,EACuC,CACtC,OAAQI,EAAwBN,CAAU,EAC1C,eAAgBO,EAAsBC,EAAW,MAAM,CACzD,EAAG,CACD,SAAUxB,EACV,SAAUC,EACV,eAAgBC,GAAS,gBAAkBuB,GAAgBvB,GAAS,cAAc,EAClF,eAAgBI,EAChB,eAAgBC,GAAkBkB,GAAgBlB,CAAc,EAChE,SAAUU,EACV,gBAAiBS,EAAmB,CAClC,SAAA1B,EACA,WAAAgB,EACA,iBAAAC,CACF,CAAC,CACH,CAAC,EACK,CACJ,QAAAU,EACA,oBAAAC,CACF,EAAIT,EACJ,GAAIU,GAAiBV,CAAY,GAAKW,GAAoB,EACxD,OAAAC,GAAcC,GAAwBnB,CAAW,CAAC,EAC3C,CACL,iBAAkB,GAClB,SAAU,CACR,WAAY,uBACd,EACA,OAAQc,CACV,EACK,GAAIE,GAAiBV,CAAY,GAAK,CAACW,GAAoB,EAChE,MAAO,CACL,iBAAkB,GAClB,SAAU,CACR,WAAY,MACd,EACA,OAAQH,CACV,EACK,GAAI,CAACE,GAAiBV,CAAY,GAAKW,GAAoB,GAAKzB,IAA6B,OAClG4B,GAAqBpB,CAAW,UACvB,CAACgB,GAAiBV,CAAY,GAAKW,GAAoB,GAAKzB,IAA6B,OAClG,OAAA0B,GAAcG,GAAsCrB,CAAW,CAAC,EACzD,CACL,iBAAkB,GAClB,SAAU,CACR,WAAY,wBACZ,oBAAqB,CACnB,eAAgBe,GAAqB,eACrC,YAAaA,GAAqB,YAClC,cAAeA,GAAqB,aACtC,CACF,EACA,OAAQD,CACV,EAEF,MAAO,CACL,iBAAkB,GAClB,SAAU,CACR,WAAY,kBACZ,oBAAqB,CACnB,eAAgBC,GAAqB,eACrC,YAAaA,GAAqB,YAClC,cAAeA,GAAqB,aACtC,CACF,EACA,OAAQD,CACV,CACF,GC5HA,IAAMQ,GAA6BC,GAAUC,EAAkBC,EAAgCC,EAAyB,gBAAgB,EAAGC,EAA2B,EAAGC,IAAA,GACpKC,GACAN,EACJ,ECcD,SAAeO,GAAcC,EAAO,QAAAC,EAAA,sBAClC,GAAM,CACJ,SAAAC,CACF,EAAIF,EACJG,EAAsB,CAAC,CAACD,EAAUE,EAAwB,0BAA0B,EACpF,IAAMC,EAAaC,EAAQ,UAAU,EAAE,MAAM,QAC7CC,EAA0BF,CAAU,EACpC,GAAM,CACJ,iBAAAG,EACA,WAAAC,EACA,iBAAAC,CACF,EAAIL,EACEM,EAAiBX,EAAM,SAAS,eAChCY,EAAkBC,EAAmB,CACzC,SAAAX,EACA,WAAAO,EACA,iBAAAD,CACF,CAAC,EAeKM,GATM,MALWC,GAA2B,CAChD,iBAAkBC,EAAsC,CACtD,iBAAkBN,CACpB,CAAC,CACH,CAAC,EACgC,CAC/B,OAAQO,EAAwBR,CAAU,EAC1C,eAAgBS,EAAsBC,EAAW,aAAa,CAChE,EAAG,CACD,SAAUjB,EACV,eAAgBS,EAChB,SAAUH,EACV,gBAAAI,CACF,CAAC,GAC+B,oBAChC,MAAO,CACL,gBAAiB,GACjB,SAAU,CACR,kBAAmB,mCACnB,oBAAqB,CACnB,eAAgBE,GAAqB,eACrC,YAAaA,GAAqB,YAClC,cAAeA,GAAqB,aACtC,CACF,CACF,CACF,GC7DA,IAAMM,GAAoCC,GAAUC,EAAkBC,EAAgCC,EAAyB,uBAAuB,EAAGC,EAA2B,EAAGC,IAAA,GAClLC,GACAN,EACJ,ECaD,SAAeO,GAAqBC,EAAO,QAAAC,EAAA,sBACzC,IAAMC,EAAaC,EAAQ,UAAU,EAAE,MAAM,QAC7CC,EAA0BF,CAAU,EACpC,GAAM,CACJ,iBAAAG,EACA,WAAAC,EACA,iBAAAC,CACF,EAAIL,EACE,CACJ,SAAAM,EACA,YAAAC,CACF,EAAIT,EACJU,EAAsB,CAAC,CAACF,EAAUG,EAAwB,iCAAiC,EAC3FD,EAAsB,CAAC,CAACD,EAAaE,EAAwB,oCAAoC,EACjG,IAAMC,EAAOZ,EAAM,iBACnBU,EAAsB,CAAC,CAACE,EAAMD,EAAwB,yCAAyC,EAC/F,IAAME,EAAWb,EAAM,SAAS,eAC1Bc,EAAkBC,EAAmB,CACzC,SAAAP,EACA,WAAAF,EACA,iBAAAD,CACF,CAAC,EAMD,MAL8BW,GAAkC,CAC9D,iBAAkBC,EAAsC,CACtD,iBAAkBV,CACpB,CAAC,CACH,CAAC,EAC2B,CAC1B,OAAQW,EAAwBhB,EAAW,UAAU,EACrD,eAAgBiB,EAAsBC,EAAW,oBAAoB,CACvE,EAAG,CACD,SAAUZ,EACV,iBAAkBI,EAClB,SAAUH,EACV,eAAgBI,EAChB,SAAUX,EAAW,iBACrB,gBAAAY,CACF,CAAC,CACH,GCtDA,IAAMO,GAAqCC,GAAUC,EAAkBC,EAAgCC,EAAyB,wBAAwB,EAAGC,EAA2B,EAAGC,IAAA,GACpLC,GACAN,EACJ,ECYD,SAAeO,GAAiBC,EAAO,QAAAC,EAAA,sBACrC,GAAM,CACJ,SAAAC,CACF,EAAIF,EACJG,EAAsB,CAAC,CAACD,EAAUE,EAAwB,mBAAmB,EAC7E,IAAMC,EAAaC,EAAQ,UAAU,EAAE,MAAM,QAC7CC,EAA0BF,CAAU,EACpC,GAAM,CACJ,iBAAAG,EACA,WAAAC,EACA,iBAAAC,CACF,EAAIL,EACEM,EAAiBX,EAAM,SAAS,eAChCY,EAAkBC,EAAmB,CACzC,SAAAX,EACA,WAAAO,EACA,iBAAAD,CACF,CAAC,EACKM,EAAyBC,GAAmC,CAChE,iBAAkBC,EAAsC,CACtD,iBAAkBN,CACpB,CAAC,CACH,CAAC,EACK,CACJ,oBAAAO,CACF,EAAI,MAAMH,EAAuB,CAC/B,OAAQI,EAAwBb,EAAW,UAAU,EACrD,eAAgBc,EAAsBC,EAAW,gBAAgB,CACnE,EAAG,CACD,SAAUlB,EACV,eAAgBS,EAChB,SAAUN,EAAW,iBACrB,gBAAAO,CACF,CAAC,EACK,CACJ,eAAAS,EACA,cAAAC,EACA,YAAAC,CACF,EAAIC,EAAA,GACCP,GAEL,MAAO,CACL,YAAaM,EACb,eAAgBF,EAChB,cAAeC,GAAgC,MACjD,CACF,GC7DA,IAAMG,GAA4BC,GAAUC,EAAkBC,EAAgCC,EAAyB,eAAe,EAAGC,EAA2B,EAAGC,IAAA,GAClKC,GACAN,EACJ,ECeD,SAAeO,GAAcC,EAAO,QAAAC,EAAA,sBAClC,GAAM,CACJ,SAAAC,EACA,iBAAAC,EACA,QAAAC,CACF,EAAIJ,EACEK,EAAaC,EAAQ,UAAU,EAAE,MAAM,QAC7CC,EAA0BF,CAAU,EACpC,GAAM,CACJ,WAAAG,EACA,iBAAAC,EACA,iBAAAC,CACF,EAAIL,EACEM,EAAiBP,GAAS,eAChCQ,EAAsB,CAAC,CAACV,EAAUW,EAAwB,0BAA0B,EACpFD,EAAsB,CAAC,CAACT,EAAkBU,EAAwB,sBAAsB,EACxF,IAAMC,EAAkBC,EAAmB,CACzC,SAAAb,EACA,WAAAM,EACA,iBAAAC,CACF,CAAC,EAMD,aAL4BO,GAA0B,CACpD,iBAAkBC,EAAsC,CACtD,iBAAkBP,CACpB,CAAC,CACH,CAAC,EACyB,CACxB,OAAQQ,EAAwBb,EAAW,UAAU,EACrD,eAAgBc,EAAsBC,EAAW,aAAa,CAChE,EAAG,CACD,SAAUlB,EACV,iBAAkBC,EAClB,eAAgBQ,EAChB,mBAAoBP,GAAS,mBAC7B,SAAUC,EAAW,iBACrB,gBAAAS,CACF,CAAC,EACM,IAAI,QAAQ,CAACO,EAASC,IAAW,CACtC,GAAI,CACF,IAAMC,EAAY,CAChB,iBAAkB,GAClB,SAAU,CACR,WAAY,MACd,CACF,EACA,GAAI,CAACC,GAAoB,GAAK,CAACC,GAAmCvB,CAAQ,EAAG,CAC3EmB,EAAQE,CAAS,EACjB,MACF,CACA,IAAMG,EAAeC,GAAY,OAAO,gBAAiB,CAAC,CACxD,QAAAC,CACF,IAAM,CACJ,OAAQA,EAAQ,MAAO,CACrB,IAAK,aACHP,EAAQ,CACN,iBAAkB,GAClB,SAAU,CACR,WAAY,uBACd,CACF,CAAC,EACDQ,GAAqB,EAAK,EAC1BH,EAAa,CACjB,CACF,CAAC,EACDC,GAAY,SAAS,gBAAiB,CACpC,MAAO,gBACP,KAAMJ,CACR,CAAC,CACH,OAASO,EAAO,CACdR,EAAOQ,CAAK,CACd,CACF,CAAC,CACH,GC1FA,IAAMC,GAAsBC,GAAUC,EAAkBC,EAAgCC,EAAyB,SAAS,EAAGC,EAA2B,EAAGC,IAAA,GACtJC,GACAN,EACJ,ECCD,IAAMO,GAA4BC,GAAWC,EAAA,wBAC3C,IAAMC,EAAaF,EAAQ,UAAU,EAAE,MAAM,QAC7CG,EAA0BD,CAAU,EACpC,GAAM,CACJ,iBAAAE,EACA,WAAAC,CACF,EAAIH,EACE,CACJ,OAAAI,CACF,EAAI,MAAMC,GAAiBP,EAAS,CAClC,aAAc,EAChB,CAAC,EACDQ,GAAiBF,CAAM,EACvB,IAAMG,EAAUC,GAAoB,CAClC,iBAAkBC,EAAsC,CACtD,iBAAkBP,CACpB,CAAC,CACH,CAAC,EACK,CACJ,eAAAQ,CACF,EAAI,MAAMH,EAAQ,CAChB,OAAQI,EAAwBR,CAAU,EAC1C,eAAgBS,EAAsBC,EAAW,mBAAmB,CACtE,EAAG,CACD,YAAaT,EAAO,YAAY,SAAS,CAC3C,CAAC,EACD,OAAOU,GAAoBJ,CAAc,CAC3C,GC9BA,IAAMK,GAAsB,IACnBA,GAAsBC,CAAO,ECHtC,IAAMC,GAA6BC,GAASC,EAAA,wBAC1C,MAAMD,EAAM,eAAe,EAC3BE,EAAkB,YAAY,EAC9B,MAAMC,GAAiB,EACvBC,EAAI,SAAS,OAAQ,CACnB,MAAO,WACT,EAAG,OAAQC,CAAc,CAC3B,GCVA,IAAMC,GAAuB,CAAOC,EAAYC,EAAuB,GAAOC,IAAgBC,EAAA,wBAC5FC,GAAkBJ,CAAU,EAC5B,GAAM,CACJ,UAAAK,EACA,iBAAAC,CACF,EAAIN,EACE,CACJ,OAAAO,EACA,gBAAAC,CACF,EAAIH,EAAU,MACRI,EAAaC,GAAeF,EAAiBN,CAAW,EACxDS,EAAsB,WAAWJ,CAAM,WAAW,OAAO,QAAQ,CACrE,UAAWD,EACX,WAAY,mBAAmBG,CAAU,CAC3C,CAAC,EAAE,IAAI,CAAC,CAACG,EAAGC,CAAC,IAAM,GAAGD,CAAC,IAAIC,CAAC,EAAE,EAAE,KAAK,GAAG,CAAC,GACzC,OAAOC,GAAgBH,CAAmB,CAC5C,GCjBA,IAAMI,GAAqB,CAAOC,EAAeC,EAAOC,EAAmBC,IAAgBC,EAAA,wBACzF,GAAM,CACJ,cAAAC,CACF,EAAI,MAAMJ,EAAM,gBAAgB,EAC1BK,EAAgB,MAAMJ,EAAkB,iBAAiB,EAU/D,GAPA,MAAMK,GAAqBN,CAAK,EAO5BI,GAAiBC,GAAe,YAElC,OAAOE,GAAqBR,EAAe,GAAOG,CAAW,CAEjE,GCbA,IAAMM,GAA0BC,GAAUC,EAAkBC,EAAgCC,EAAyB,aAAa,EAAGC,EAA2B,EAAGC,IAAA,GAC9JC,GACAN,EACJ,ECHD,IAAMO,GAA4BC,GAAUC,EAAkBC,EAAgCC,EAAyB,eAAe,EAAGC,EAA2B,EAAGC,IAAA,GAClKC,GACAN,EACJ,ECaD,IAAMO,GAAS,IAAIC,EAAc,MAAM,EAOvC,SAAeC,GAAQC,EAAO,QAAAC,EAAA,sBAC5B,IAAMC,EAAgBC,EAAQ,UAAU,EAAE,MAAM,QAChDC,EAA0BF,CAAa,EACnCF,GAAO,OACT,MAAMK,GAAcH,CAAa,EAEjC,MAAMI,GAAcJ,CAAa,EAEnC,IAAIK,EACJ,GAAI,CACFC,GAAkBN,CAAa,EAC/BK,EAAiB,EACnB,MAAc,CACZA,EAAiB,EACnB,CACA,GAAIA,EAAgB,CAClB,IAAME,EAAa,IAAIC,GAAkBC,EAAc,EACvDF,EAAW,cAAcP,CAAa,EACtC,GAAM,CACJ,KAAAU,CACF,GAAK,MAAMC,GAAmBX,EAAeO,EAAYK,EAAmBd,GAAO,OAAO,WAAW,IAAM,CAAC,EAC5G,GAAIY,IAAS,QACX,MAAM,IAAIG,EAAU,CAClB,KAAMC,GACN,QAAS,mEACX,CAAC,CAEL,MAEEF,EAAkB,YAAY,EAC9B,MAAMG,GAAiB,EACvBC,EAAI,SAAS,OAAQ,CACnB,MAAO,WACT,EAAG,OAAQC,CAAc,CAE7B,GACA,SAAeb,GAAcJ,EAAe,QAAAD,EAAA,sBAC1C,GAAI,CACF,GAAM,CACJ,iBAAAmB,EACA,WAAAC,EACA,iBAAAC,CACF,EAAIpB,EACEqB,EAAa,MAAMT,EAAkB,cAAc,EAAE,WAAW,EACtEU,GAAiCD,CAAU,EACvCE,GAAmBF,EAAW,WAAW,IAM3C,MALoBG,GAAwB,CAC1C,iBAAkBC,EAAsC,CACtD,iBAAkBP,CACpB,CAAC,CACH,CAAC,EACiB,CAChB,OAAQQ,EAAwBP,CAAU,EAC1C,eAAgBQ,EAAsBC,EAAW,OAAO,CAC1D,EAAG,CACD,SAAUR,EACV,MAAOC,EAAW,YACpB,CAAC,EAEL,MAAc,CAEZ1B,GAAO,MAAM,iEAAiE,CAChF,CACF,GACA,SAAeQ,GAAcH,EAAe,QAAAD,EAAA,sBAC1C,GAAI,CACF,GAAM,CACJ,iBAAAmB,EACA,WAAAC,CACF,EAAInB,EACEqB,EAAa,MAAMT,EAAkB,cAAc,EAAE,WAAW,EACtEiB,GAAiBR,CAAU,EAM3B,MAL4BS,GAA0B,CACpD,iBAAkBL,EAAsC,CACtD,iBAAkBP,CACpB,CAAC,CACH,CAAC,EACyB,CACxB,OAAQQ,EAAwBP,CAAU,EAC1C,eAAgBQ,EAAsBC,EAAW,OAAO,CAC1D,EAAG,CACD,YAAaP,EAAW,YAAY,SAAS,CAC/C,CAAC,CACH,MAAc,CAEZ1B,GAAO,MAAM,iEAAiE,CAChF,CACF,GACA,IAAM4B,GAAqBQ,GAAS,CAAC,CAACA,GAAO,SAAS,WCnHtD,IAAMC,GAAkC,IAAYC,GAAYC,EAAA,wBAC9D,GAAID,EAAS,YAAc,IAAK,CAC9B,IAAME,EAAQ,MAAMC,GAAeH,CAAQ,EAC3C,MAAAI,EAAmBF,CAAK,EAClB,IAAIG,EAAU,CAClB,KAAMH,EAAM,KACZ,QAASA,EAAM,OACjB,CAAC,CACH,KACE,OAEJ,GCPA,IAAMI,GAAyBC,GAAUC,EAAkBC,EAAgCC,EAAyB,YAAY,EAAGC,GAAgC,EAAGC,IAAA,GACjKC,GACAN,EACJ,ECWD,SAAeO,IAAa,QAAAC,EAAA,sBAC1B,IAAMC,EAAaC,EAAQ,UAAU,EAAE,MAAM,QAC7CC,EAA0BF,CAAU,EACpC,GAAM,CACJ,iBAAAG,EACA,WAAAC,CACF,EAAIJ,EACE,CACJ,OAAAK,CACF,EAAI,MAAMC,GAAiB,EAC3BC,GAAiBF,CAAM,EAMvB,MAL0BG,GAAuB,CAC/C,iBAAkBC,EAAsC,CACtD,iBAAkBN,CACpB,CAAC,CACH,CAAC,EACuB,CACtB,OAAQO,EAAwBN,CAAU,EAC1C,eAAgBO,EAAsBC,EAAW,UAAU,CAC7D,EAAG,CACD,YAAaP,EAAO,YAAY,SAAS,CAC3C,CAAC,EACD,MAAMQ,EAAkB,oBAAoB,EAC5C,MAAMC,GAAQ,CAChB,GC9CA,IAAMC,GAAwB,CAC5B,WAAY,YACd,ECGA,IAAMC,GAAS,IAAIC,EAAc,wBAAwB,EACnDC,GAAN,KAA6B,CAC3B,cAAcC,EAAiB,CAC7BC,GAA2BD,EAAgB,OAAO,EAClD,KAAK,WAAaA,EAClB,KAAK,UAAYE,GAAyB,UAAWF,EAAgB,QAAQ,cAAc,CAC7F,CACA,YAAYG,EAAiB,CAC3B,KAAK,UAAY,CAAC,EAClB,KAAK,gBAAkBA,CACzB,CACM,gBAAiB,QAAAC,EAAA,sBACrBH,GAA2B,KAAK,YAAY,OAAO,EACnD,GAAI,CACF,GAAI,KAAK,mBACP,MAAO,CACL,GAAI,KAAK,mBACT,KAAM,SACR,EACK,CACL,IAAMI,EAAmB,MAAM,KAAK,gBAAgB,QAAQ,KAAK,UAAU,UAAU,EACrF,OAAIA,EACK,CACL,GAAIA,EACJ,KAAM,OACR,EAEK,IACT,CACF,OAASC,EAAK,CACZ,OAAAT,GAAO,IAAI,mCAAoCS,CAAG,EAC3C,IACT,CACF,GACM,gBAAgBC,EAAU,QAAAH,EAAA,sBAC9BH,GAA2B,KAAK,YAAY,OAAO,EAC/CM,EAAS,OAAS,SACpB,KAAK,gBAAgB,QAAQ,KAAK,UAAU,WAAYA,EAAS,EAAE,EAEnE,KAAK,mBAAqB,SAE1B,KAAK,mBAAqBA,EAAS,GAEnC,KAAK,gBAAgB,WAAW,KAAK,UAAU,UAAU,EAE7D,GACM,iBAAkB,QAAAH,EAAA,sBACtB,KAAK,mBAAqB,OAC1B,MAAM,KAAK,gBAAgB,WAAW,KAAK,UAAU,UAAU,CACjE,GACF,EACMF,GAA2B,CAACM,EAAUC,IACnCC,GAAmBC,EAAqB,EAAE,eAAeH,CAAQ,GAAIC,CAAU,ECtDxF,SAASG,GAAcC,EAAS,CAC9B,IAAMC,EAASC,EAAUF,CAAO,EAAE,QAAQ,IACpCG,EAAM,CAAC,EACb,GAAI,CAACF,EACH,MAAM,IAAIG,EAAU,CAClB,KAAM,0BACN,QAAS,kBACX,CAAC,EAEH,IAAMC,EAAaJ,EAAO,QAAQ,gBAAiB,EAAE,EACrD,OAAAE,EAAIE,CAAU,EAAIL,EACXG,CACT,CCVA,IAAMG,GAAS,IAAIC,EAAc,2BAA2B,EAU5D,SAAeC,GAA0BC,EAItC,QAAAC,EAAA,yBAJsC,CACvC,OAAAC,EACA,WAAAC,EACA,gBAAAC,CACF,EAAG,CACDA,EAAgB,cAAc,CAC5B,QAASD,CACX,CAAC,EAED,IAAIE,EAAa,MAAMD,EAAgB,eAAe,EAEtD,GAAIF,EAAQ,CAEV,GAAIG,GAAcA,EAAW,OAAS,UACpC,OAAOA,EAAW,GACb,CACL,IAAMC,EAASJ,EAAO,QAAUK,GAAcL,EAAO,QAAQ,SAAS,CAAC,EAAI,CAAC,EACtEM,EAAsB,MAAMC,GAAmBH,EAAQH,CAAU,EACnEE,GAAcA,EAAW,KAAOG,GAClCX,GAAO,MAAM,sBAAsBQ,EAAW,EAAE,mCAAmC,EAErFA,EAAa,CACX,GAAIG,EACJ,KAAM,SACR,CACF,CACF,KAAO,CAEL,GAAIH,GAAcA,EAAW,OAAS,QACpC,OAAOA,EAAW,GAElBA,EAAa,CACX,GAAI,MAAMI,GAAmB,CAAC,EAAGN,CAAU,EAC3C,KAAM,OACR,CAEJ,CAEA,OAAAC,EAAgB,gBAAgBC,CAAU,EACnCA,EAAW,EACpB,GACA,SAAeI,GAAmBH,EAAQH,EAAY,QAAAF,EAAA,sBACpD,IAAMS,EAAiBP,GAAY,eAC7BQ,EAASC,GAA4BF,CAAc,EAEnDG,GAGL,MAAMC,GAAM,CACX,OAAAH,CACF,EAAG,CACD,eAAgBD,EAChB,OAAQJ,CACV,CAAC,GAAG,WACJ,GAAI,CAACO,EACH,MAAM,IAAIE,EAAU,CAClB,KAAM,yBACN,QAAS,mDACT,mBAAoB,gEACtB,CAAC,EAEH,OAAOF,CACT,GCrEA,IAAMG,GAAS,IAAIC,EAAc,4BAA4B,EACvDC,GAAkB,GAAK,GAAK,IAC5BC,GAAN,KAAiD,CAC/C,YAAYC,EAAiB,CAC3B,KAAK,wBAA0B,EAC/B,KAAK,iBAAmBA,CAC1B,CACM,+BAAgC,QAAAC,EAAA,sBACpCL,GAAO,MAAM,yCAAyC,EACtD,KAAK,0BAA4B,OACjC,MAAM,KAAK,iBAAiB,gBAAgB,CAC9C,GACM,kBAAmB,QAAAK,EAAA,sBACvBL,GAAO,MAAM,oCAAoC,EACjD,KAAK,0BAA4B,MACnC,GACM,4BAA4BM,EAAuB,QAAAD,EAAA,sBACvD,IAAME,EAAkBD,EAAsB,cACxC,CACJ,OAAAE,CACF,EAAIF,EACE,CACJ,WAAAG,CACF,EAAIH,EACJ,GAAI,CACFI,GAA2BD,GAAY,OAAO,CAChD,MAAQ,CAEN,MACF,CACA,GAAI,CAACF,GAAmB,CAACE,EAAW,QAAQ,iBAE1C,OAEF,GAAM,CACJ,aAAAE,CACF,EAAIL,EACEM,EAAkB,KAAK,gBAAgBJ,CAAM,EAC7CK,EAAa,MAAMC,GAA0B,CACjD,OAAAN,EACA,WAAYC,EAAW,QACvB,gBAAiB,KAAK,gBACxB,CAAC,EAKD,OAHIE,GAAgBC,IAClB,KAAK,iBAAiB,EAEnBL,GAGHQ,GAA0BP,CAAM,EACzB,KAAK,mBAAmBC,EAAW,QAASD,EAAQK,CAAU,GAH9D,KAAK,oBAAoBA,EAAYJ,EAAW,OAAO,CAKlE,GACM,oBAAoBI,EAAYJ,EAAY,QAAAJ,EAAA,sBAEhD,GAAI,KAAK,2BAA6B,CAAC,KAAK,UAAU,GAAK,KAAK,0BAA0B,uBAAyB,GACjH,OAAAL,GAAO,KAAK,oEAAoE,EACzE,KAAK,0BAGd,KAAK,iBAAiB,EACtB,IAAMgB,EAASC,GAA4BR,EAAW,cAAc,EAK9DS,EAAe,MAAMC,GAA0B,CACnD,OAAAH,CACF,EAAG,CACD,WAAYH,CACd,CAAC,EACD,GAAIK,EAAa,aAAeA,EAAa,YAAY,aAAeA,EAAa,YAAY,UAAW,CAC1G,KAAK,wBAA0B,IAAI,KAAK,EAAE,QAAQ,EAAIhB,GACtD,IAAMkB,EAAM,CACV,YAAa,CACX,YAAaF,EAAa,YAAY,YACtC,gBAAiBA,EAAa,YAAY,UAC1C,aAAcA,EAAa,YAAY,aACvC,WAAYA,EAAa,YAAY,UACvC,EACA,WAAAL,CACF,EACMQ,EAAgBH,EAAa,WACnC,OAAIG,IACFD,EAAI,WAAaC,EACjB,KAAK,iBAAiB,gBAAgB,CACpC,GAAIA,EACJ,KAAM,OACR,CAAC,GAEH,KAAK,0BAA4BC,EAAAC,EAAA,GAC5BH,GAD4B,CAE/B,qBAAsB,EACxB,GACOA,CACT,KACE,OAAM,IAAII,EAAU,CAClB,KAAM,+BACN,QAAS,4EACX,CAAC,CAEL,GACM,mBAAmBf,EAAYgB,EAAYZ,EAAY,QAAAR,EAAA,sBAC3D,GAAI,KAAK,2BAA6B,CAAC,KAAK,UAAU,GAAK,KAAK,0BAA0B,uBAAyB,GACjH,OAAAL,GAAO,MAAM,oEAAoE,EAC1E,KAAK,0BAGd,KAAK,iBAAiB,EACtB,IAAM0B,EAASD,EAAW,QAAUE,GAAcF,EAAW,QAAQ,SAAS,CAAC,EAAI,CAAC,EAC9ET,EAASC,GAA4BR,EAAW,cAAc,EAC9DS,EAAe,MAAMC,GAA0B,CACnD,OAAAH,CACF,EAAG,CACD,WAAYH,EACZ,OAAQa,CACV,CAAC,EACD,GAAIR,EAAa,aAAeA,EAAa,YAAY,aAAeA,EAAa,YAAY,UAAW,CAC1G,IAAME,EAAM,CACV,YAAa,CACX,YAAaF,EAAa,YAAY,YACtC,gBAAiBA,EAAa,YAAY,UAC1C,aAAcA,EAAa,YAAY,aACvC,WAAYA,EAAa,YAAY,UACvC,EACA,WAAAL,CACF,EAEA,KAAK,0BAA4BS,EAAAC,EAAA,GAC5BH,GAD4B,CAE/B,qBAAsB,GACtB,kBAAmBK,EAAW,SAAS,SAAS,CAClD,GACA,KAAK,wBAA0B,IAAI,KAAK,EAAE,QAAQ,EAAIvB,GACtD,IAAMmB,EAAgBH,EAAa,WACnC,OAAIG,IACFD,EAAI,WAAaC,EACjB,KAAK,iBAAiB,gBAAgB,CACpC,GAAIA,EACJ,KAAM,SACR,CAAC,GAEID,CACT,KACE,OAAM,IAAII,EAAU,CAClB,KAAM,uBACN,QAAS,4EACX,CAAC,CAEL,GACA,WAAY,CACV,OAAO,KAAK,0BAA4B,OAAY,GAAO,KAAK,yBAA2B,KAAK,IAAI,CACtG,CACA,gBAAgBhB,EAAQ,CACtB,MAAO,CAAC,CAACA,GAAU,CAAC,CAAC,KAAK,2BAA2B,mBAAqBA,EAAO,SAAS,SAAS,IAAM,KAAK,0BAA0B,iBAC1I,CACF,EC7JA,IAAaoB,IAAW,IAAA,CAAlB,MAAOA,CAAW,CAWpBC,aAAA,CAVQ,KAAAC,eAA0B,GAC1B,KAAAC,aAAeC,GAAOC,EAAW,EACjC,KAAAC,aAAeF,GAAOG,EAAgB,EACtC,KAAAC,MAAgB,GAChB,KAAAC,SAAmB,GA2C3B,KAAAC,YAAc,GApCVC,EAAIC,OAAO,OAAeC,GAAeC,EAAA,MAAfD,GAAe,UAAf,CAAEE,QAAAA,CAAO,EAAM,CAErC,OADAC,QAAQC,IAAI,kCAAmCF,CAAO,EAC9CA,EAAQG,MAAK,CACjB,IAAK,WACD,MAAM,KAAKC,QAAO,EAClB,MACJ,IAAK,YACD,KAAKhB,aAAaiB,KAAO,KACzBJ,QAAQC,IAAI,uCAAuC,EACnD,MACJ,IAAK,eACDD,QAAQC,IAAI,kCAAkC,EAC9C,MACJ,IAAK,uBACDD,QAAQC,IAAI,uCAAuC,EACnD,MACJ,IAAK,qBACD,MACJ,IAAK,6BACDD,QAAQC,IAAI,4BAA4B,EACxC,MACJ,IAAK,mBACD,IAAMI,EAAQN,EAAQO,KACtB,KAER,CACJ,EAAC,EAEDC,GAAgB,EAAGC,KAAMC,GAAW,CAC3BA,EAAQC,QAAQC,aACrB,KAAKR,QAAO,CAEhB,CAAC,CAEL,CAIMA,SAAO,QAAAL,EAAA,sBAET,GAAI,MAAKJ,YACT,MAAKA,YAAc,GACnB,GAAG,CACH,IAAMkB,EAAa,MAAMC,GAAmB,EAC5C,MAAM,KAAK1B,aAAa2B,MAAMF,CAAU,CACxC,QAAC,CAEG,KAAKlB,YAAc,EACvB,EAGJ,GAMA,IAAIiB,YAAYI,EAAa,CACzBC,aAAaC,QAAQ,cAAeF,CAAK,CAC7C,CAEA,IAAIJ,aAAW,CACX,OAAOK,aAAaE,QAAQ,aAAa,GAAK,EAClD,CAEA,IAAId,MAAI,CACJ,OAAO,KAAKjB,aAAaiB,IAC7B,CAWMe,eAAe3B,EAAa,QAAAM,EAAA,sBAC9B,KAAKN,MAAQA,EACb,MAAM4B,GAAc,CAAEC,SAAU7B,CAAK,CAAE,CAC3C,GAEM8B,QAAM,QAAAxB,EAAA,sBACR,MAAMyB,GAAU,CACpB,GAGMC,wBAAsB,QAAA1B,EAAA,sBACxB,GAAI,CAAC,KAAKN,MAAO,KAAO,CAAEiC,QAAS,KAAKnC,aAAaoC,UAAU,qBAAqB,CAAC,EACrF,MAAMC,GAAiB,CAAEN,SAAU,KAAK7B,KAAK,CAAE,CACnD,GAOMoC,sBAAsBC,EAAcpC,EAAgB,QAAAK,EAAA,sBACtD,GAAI,CAAC,KAAKN,MAAO,KAAO,CAAEiC,QAAQ,KAAKnC,aAAaoC,UAAU,qBAAqB,CAAC,EACpF,KAAKjC,SAAWA,EAEhB,MAAMqC,GAAqB,CAAET,SAAU,KAAK7B,MAAOuC,YAAatC,EAAUuC,iBAAkBH,CAAI,CAAE,EAC9F,KAAKrC,OAAS,KAAKC,WACnB,MAAMwC,GAAO,CAAEZ,SAAU,KAAK7B,MAAOC,SAAU,KAAKA,QAAQ,CAAE,EAC9D,KAAKD,MAAQ,GACb,KAAKC,SAAW,GAExB,GAOMwC,OAAOzC,EAAeC,EAAgB,QAAAK,EAAA,sBACxC,GAAI,KAAKZ,eAAgB,OACzB,KAAKM,MAAQA,EACb,IAAM0C,EAAS,MAAMD,GAAO,CAAEZ,SAAU7B,EAAOC,SAAUA,CAAQ,CAAE,EACnE,YAAKP,eAAiBgD,EAAOC,WACtBD,EAAOC,UAClB,GAMMC,SAAO,QAAAtC,EAAA,sBACT,KAAKZ,eAAiB,GACtB,MAAMkD,GAAO,CACjB,GAOMC,OAAO7C,EAAeC,EAAkBsB,EAAOuB,EAAY,QAAAxC,EAAA,sBAC7D,GAAM,CAAEyC,iBAAAA,CAAgB,EAAK,MAAMF,GAAO,CACtChB,SAAU7B,EACVC,SAAUA,EACV+C,QAAS,CACLC,eAAgB,CACZjD,MAAOA,EACP,cAAe8C,GAEnBI,eAAgB,CAAEC,eAAgB5B,CAAK,GAE9C,EACD,YAAKvB,MAAQA,EACb,KAAKC,SAAWA,EACT8C,CAEX,GAEMK,cAAcf,EAAY,QAAA/B,EAAA,sBAC5B,GAAI,CAAC,KAAKN,MAAO,KAAO,CAAEiC,QAAS,KAAKnC,aAAaoC,UAAU,qBAAqB,CAAC,EACrF,MAAMkB,GAAc,CAAEvB,SAAU,KAAK7B,MAAOwC,iBAAkBH,CAAI,CAAE,EAChE,KAAKrC,OAAS,KAAKC,WACnB,MAAMwC,GAAO,CAAEZ,SAAU,KAAK7B,MAAOC,SAAU,KAAKA,QAAQ,CAAE,EAC9D,KAAKD,MAAQ,GACb,KAAKC,SAAW,GAExB,GAKMoD,OAAK,QAAA/C,EAAA,sBACP,IAAMW,EAAuB,MAAMF,GAAgB,EACnD,YAAKrB,eAAiBuB,EAAAA,EAAQC,QAAQC,YAC/B,OAAKzB,cAChB,mDAxLSF,EAAW,CAAA,kCAAXA,EAAW8D,QAAX9D,EAAW+D,UAAAC,WADE,MAAM,CAAA,CAAA,SACnBhE,CAAW,GAAA","names":["getAuthUserAgentValue","action","customUserAgentDetails","getAmplifyUserAgent","__spreadValues","Category","AuthError","_AuthError","AmplifyError","params","AuthTokenStorageKeys","TokenProviderErrorCode","tokenValidationErrorMap","assert","createAssertionFunction","DefaultTokenStore","AuthError","keyValueStorage","authConfig","__async","authKeys","accessTokenString","accessToken","decodeJWT","itString","idToken","refreshToken","clockDriftString","clockDrift","signInDetails","tokens","assert","TokenProviderErrorCode","lastAuthUser","username","deviceKey","deviceGroupKey","randomPassword","assertTokenProviderConfig","createKeysForAuthStorage","identifier","metadata","oauthMetadataKey","oauthMetadata","provider","getAuthStorageKeys","AuthTokenStorageKeys","keys","__spreadValues","prefix","acc","authKey","__spreadProps","USER_UNAUTHENTICATED_EXCEPTION","USER_ALREADY_AUTHENTICATED_EXCEPTION","DEVICE_METADATA_NOT_FOUND_EXCEPTION","AUTO_SIGN_IN_EXCEPTION","INVALID_REDIRECT_EXCEPTION","INVALID_APP_SCHEME_EXCEPTION","INVALID_PREFERRED_REDIRECT_EXCEPTION","invalidRedirectException","AuthError","invalidAppSchemeException","invalidPreferredRedirectUrlException","INVALID_ORIGIN_EXCEPTION","invalidOriginException","OAUTH_SIGNOUT_EXCEPTION","TOKEN_REFRESH_EXCEPTION","UNEXPECTED_SIGN_IN_INTERRUPTION_EXCEPTION","assertAuthTokens","tokens","AuthError","USER_UNAUTHENTICATED_EXCEPTION","assertIdTokenInAuthTokens","oAuthTokenRefreshException","TOKEN_REFRESH_EXCEPTION","tokenRefreshException","assertAuthTokensWithRefreshToken","isAuthenticatedWithImplicitOauthFlow","isAuthenticatedWithRefreshToken","assertDeviceMetadata","deviceMetadata","DEVICE_METADATA_NOT_FOUND_EXCEPTION","OAuthStorageKeys","isAuthenticated","V5_HOSTED_UI_KEY","name","DefaultOAuthStore","keyValueStorage","__async","assertTokenProviderConfig","authKeys","createKeysForAuthStorage","state","pkce","authConfigParam","inflight","isLegacyHostedUISignIn","isOAuthSignIn","preferPrivateSession","oauthSignIn","provider","identifier","getAuthStorageKeys","OAuthStorageKeys","oAuthStore","DefaultOAuthStore","defaultStorage","getRegionFromUserPoolId","userPoolId","region","AuthError","getRegionFromIdentityPoolId","identityPoolId","createUserPoolSerializer","operation","input","endpoint","headers","getSharedHeaders","body","buildHttpRpcRequest","url","assertServiceError","error","AuthError","AmplifyErrorCode","createUserPoolDeserializer","response","__async","error","parseJsonError","assertServiceError","AuthError","parseJsonBody","disableCacheMiddlewareFactory","next","_","request","__async","cognitoUserPoolTransferHandler","composeTransferHandler","unauthenticatedHandler","COGNITO_IDP_SERVICE_NAME","DEFAULT_SERVICE_CLIENT_API_CONFIG","COGNITO_IDP_SERVICE_NAME","getRetryDecider","parseJsonError","jitteredBackoff","getAmplifyUserAgent","createInitiateAuthClient","config","composeServiceApi","cognitoUserPoolTransferHandler","createUserPoolSerializer","createUserPoolDeserializer","__spreadValues","DEFAULT_SERVICE_CLIENT_API_CONFIG","cognitoUserPoolEndpointResolver","region","AmplifyUrl","COGNITO_IDP_SERVICE_NAME","getDnsSuffix","createCognitoUserPoolEndpointResolver","endpointOverride","input","AmplifyUrl","cognitoUserPoolEndpointResolver","getUserContextData","username","userPoolId","userPoolClientId","amazonCognitoAdvancedSecurityData","advancedSecurityData","refreshAuthTokensFunction","_0","__async","tokens","authConfig","username","assertTokenProviderConfig","userPoolId","userPoolClientId","userPoolEndpoint","region","getRegionFromUserPoolId","assertAuthTokensWithRefreshToken","refreshTokenString","AuthParameters","UserContextData","getUserContextData","initiateAuth","createInitiateAuthClient","createCognitoUserPoolEndpointResolver","AuthenticationResult","accessToken","decodeJWT","idToken","iat","AuthError","clockDrift","refreshAuthTokens","deDupeAsyncFunction","inflightPromises","addInflightPromise","resolver","resolveAndClearInflightPromises","TokenOrchestrator","isBrowser","__async","oAuthStore","resolve","_reject","addInflightPromise","authConfig","tokenRefresher","tokenStore","AuthError","options","tokens","assertTokenProviderConfig","username","idTokenExpired","isTokenExpired","accessTokenExpired","_0","signInDetails","newTokens","Hub","AMPLIFY_SYMBOL","err","assertServiceError","metadata","CognitoUserPoolsTokenProvider","DefaultTokenStore","defaultStorage","TokenOrchestrator","refreshAuthTokens","forceRefresh","keyValueStorage","authConfig","cognitoUserPoolsTokenProvider","CognitoUserPoolsTokenProvider","tokenOrchestrator","cacheCognitoTokens","AuthenticationResult","__async","accessToken","decodeJWT","accessTokenIssuedAtInMillis","currentTime","clockDrift","idToken","refreshToken","deviceMetadata","tokens","tokenOrchestrator","AmplifyError","getCurrentUser","amplify","__async","authConfig","assertTokenProviderConfig","tokens","assertAuthTokens","username","sub","authUser","signInDetails","getSignInDetailsFromTokens","getCurrentUser","__async","Amplify","ERROR_MESSAGE","dispatchSignedInHubEvent","__async","Hub","getCurrentUser","AMPLIFY_SYMBOL","error","USER_UNAUTHENTICATED_EXCEPTION","AuthError","UNEXPECTED_SIGN_IN_INTERRUPTION_EXCEPTION","AuthValidationErrorCode","validationErrorMap","AuthValidationErrorCode","AuthErrorStrings","AuthErrorCodes","logger","ConsoleLogger","authErrorMessages","AuthErrorStrings","createOAuthError","message","recoverySuggestion","AuthError","AuthErrorCodes","authErrorMessages","AuthErrorTypes","flowCancelledMessage","validationFailedMessage","validationRecoverySuggestion","validateState","state","__async","savedState","oAuthStore","validatedState","AuthError","AuthErrorTypes","completeOAuthFlow","_0","__async","currentUrl","userAgentValue","clientId","redirectUri","responseType","domain","preferPrivateSession","urlParams","AmplifyUrl","error","errorMessage","createOAuthError","handleCodeFlow","handleImplicitFlow","url","code","state","validatedState","validateState","oAuthTokenEndpoint","codeVerifier","oAuthStore","oAuthTokenBody","__spreadValues","body","k","v","access_token","refreshToken","id_token","token_type","expires_in","USER_AGENT_HEADER","username","decodeJWT","cacheCognitoTokens","completeFlow","error_description","pairings","accum","__spreadProps","tokenOrchestrator","resolveAndClearInflightPromises","isCustomState","Hub","urlSafeDecode","getCustomState","AMPLIFY_SYMBOL","dispatchSignedInHubEvent","clearHistory","getRedirectUrl","redirects","preferredRedirectUrl","redirectUrl","redirect","invalidPreferredRedirectUrlException","redirectUrlFromTheSameOrigin","isSameOriginAndPathName","isTheSameDomain","redirectUrlFromDifferentOrigin","isHttps","isHttp","invalidOriginException","invalidRedirectException","handleFailure","error","__async","resolveAndClearInflightPromises","oAuthStore","Hub","AMPLIFY_SYMBOL","attemptCompleteOAuthFlow","authConfig","__async","assertTokenProviderConfig","assertOAuthConfig","oAuthStore","currentUrl","loginWith","userPoolClientId","domain","redirectSignIn","responseType","redirectUri","getRedirectUrl","completeOAuthFlow","getAuthUserAgentValue","AuthAction","err","handleFailure","isBrowser","Amplify","ADD_OAUTH_LISTENER","attemptCompleteOAuthFlow","cognitoHostedUIIdentityProviderMap","openAuthSession","url","__async","InitiateAuthException","assertValidationError","assertion","name","message","recoverySuggestion","validationErrorMap","AuthError","createRespondToAuthChallengeClient","config","composeServiceApi","cognitoUserPoolTransferHandler","createUserPoolSerializer","createUserPoolDeserializer","__spreadValues","DEFAULT_SERVICE_CLIENT_API_CONFIG","createAssociateSoftwareTokenClient","config","composeServiceApi","cognitoUserPoolTransferHandler","createUserPoolSerializer","createUserPoolDeserializer","__spreadValues","DEFAULT_SERVICE_CLIENT_API_CONFIG","createConfirmDeviceClient","config","composeServiceApi","cognitoUserPoolTransferHandler","createUserPoolSerializer","createUserPoolDeserializer","__spreadValues","DEFAULT_SERVICE_CLIENT_API_CONFIG","signInReducer","state","action","__spreadProps","__spreadValues","defaultState","createStore","reducer","currentState","signInStore","setActiveSignInState","cleanActiveSignInState","textEncoder","input","BigInteger","a","b","nbi","dbits","canary","j_lm","am1","i","x","w","j","c","n","v","am2","xl","xh","l","h","am3","inBrowser","BI_FP","BI_RM","BI_RC","rr","vv","int2char","intAt","s","bnpCopyTo","r","bnpFromInt","nbv","bnpFromString","k","mi","sh","bnpClamp","bnToString","km","d","m","p","bnNegate","bnAbs","bnCompareTo","nbits","t","bnBitLength","bnpDLShiftTo","bnpDRShiftTo","bnpLShiftTo","bs","cbs","bm","ds","bnpRShiftTo","bnpSubTo","bnpMultiplyTo","y","bnpSquareTo","bnpDivRemTo","q","pm","pt","ts","ms","nsh","ys","y0","yt","d1","d2","e","qd","bnMod","bnpInvDigit","bnEquals","bnpAddTo","bnAdd","bnSubtract","bnMultiply","bnDivide","Montgomery","montConvert","montRevert","montReduce","u0","montSqrTo","montMulTo","bnModPow","callback","z","g","k1","g2","is1","r2","result","calculateS","_0","__async","a","g","k","x","B","N","U","resolve","reject","outerErr","outerResult","innerErr","innerResult","INIT_N","SHORT_TO_HEX","HEX_TO_SHORT","i","encodedByte","getBytesFromHex","encoded","out","i","encodedByte","HEX_TO_SHORT","getHexFromBytes","bytes","out","i","SHORT_TO_HEX","getHashFromData","data","sha256","Sha256","hashedData","hashHexFromUint8","getHexFromBytes","getHashFromHex","hexStr","getHashFromData","getBytesFromHex","HEX_MSB_REGEX","getPaddedHex","bigInt","BigInteger","isNegative","hexStr","invertedNibbles","x","invertedNibble","calculateU","A","B","U","BigInteger","getHashFromHex","getPaddedHex","getHkdfKey","ikm","salt","info","awsCryptoHash","Sha256","resultFromAWSCryptoPrk","awsCryptoHashHmac","getRandomBytes","nBytes","str","WordArray","getBytesFromHex","getRandomString","base64Encoder","getRandomBytes","AuthenticationHelper","userPoolName","a","g","A","N","textEncoder","BigInteger","getHashFromHex","getPaddedHex","AuthError","deviceGroupKey","username","__async","getRandomString","combinedString","hashedString","getHashFromData","hexRandom","getHexFromBytes","getRandomBytes","resolve","reject","err","result","_0","password","serverBValue","salt","U","calculateU","usernamePassword","usernamePasswordHash","x","S","calculateS","context","spacer","info","getHkdfKey","getBytesFromHex","calculateA","_0","__async","a","g","N","resolve","reject","err","A","BigInteger","getAuthenticationHelper","userPoolName","__async","N","BigInteger","INIT_N","g","a","generateRandomBigInteger","A","calculateA","AuthenticationHelper","hexRandom","getHexFromBytes","getRandomBytes","MONTH_NAMES","WEEK_NAMES","getNowString","now","weekDay","month","day","hours","minutes","seconds","year","getSignatureString","userPoolName","username","challengeParameters","dateNow","hkdf","bufUPIDaToB","textEncoder","bufUNaToB","bufSBaToB","urlB64ToUint8Array","bufDNaToB","bufConcat","awsCryptoHash","Sha256","resultFromAWSCrypto","base64Encoder","base64String","padding","base64","rawData","base64Decoder","outputArray","USER_ATTRIBUTES","handleUserPasswordAuthFlow","username","password","clientMetadata","config","tokenOrchestrator","__async","userPoolClientId","userPoolId","userPoolEndpoint","authParameters","deviceMetadata","UserContextData","getUserContextData","jsonReq","response","createInitiateAuthClient","createCognitoUserPoolEndpointResolver","getRegionFromUserPoolId","getAuthUserAgentValue","AuthAction","activeUsername","setActiveSignInUsername","handleDeviceSRPAuth","handleUserSRPAuthFlow","userPoolName","authenticationHelper","getAuthenticationHelper","resp","challengeParameters","session","retryOnResourceNotFoundException","handlePasswordVerifierChallenge","handleCustomAuthFlowWithoutSRP","handleCustomSRPAuthFlow","assertTokenProviderConfig","initiateAuth","_0","clientId","assertDeviceMetadata","challengeResponses","jsonReqResponseChallenge","respondToAuthChallenge","createRespondToAuthChallengeClient","respondedChallengeParameters","Session","handleDevicePasswordVerifier","_1","_2","_3","_4","_5","_6","serverBValue","BigInteger","salt","deviceKey","deviceGroupKey","hkdf","dateNow","getNowString","getSignatureString","AuthError","getSignInResult","params","challengeName","authConfig","Amplify","signInSession","signInStore","isMFATypeEnabled","AuthErrorCodes","getMFATypes","parseMFATypes","associateSoftwareToken","createAssociateSoftwareTokenClient","secretCode","getTOTPSetupDetails","parseAttributes","appName","accountName","totpUri","AmplifyUrl","getSignInResultFromError","errorName","InitiateAuthException","attributes","att","USER_ATTRIBUTES","getMFAType","type","getMFATypes","types","parseMFATypes","mfa","isMFATypeEnabled","challengeParams","mfaType","MFAS_CAN_SETUP","mfaTypes","assertUserNotAuthenticated","__async","authUser","getCurrentUser","AuthError","USER_ALREADY_AUTHENTICATED_EXCEPTION","getNewDeviceMetadata","_0","userPoolId","userPoolEndpoint","newDeviceMetadata","accessToken","userPoolName","authenticationHelper","getAuthenticationHelper","deviceKey","deviceGroupKey","deviceSecretVerifierConfig","base64Encoder","getBytesFromHex","randomPassword","createConfirmDeviceClient","createCognitoUserPoolEndpointResolver","getRegionFromUserPoolId","getDeviceName","retryOnResourceNotFoundException","func","args","username","tokenOrchestrator","error","setActiveSignInUsername","dispatch","signInStore","getActiveSignInUsername","CODE_VERIFIER_CHARSET","generateCodeVerifier","length","randomBytes","getCrypto","value","codeChallenge","byte","generateCodeChallenge","codeVerifier","awsCryptoHash","Sha256","removePaddingChar","base64Encoder","base64Encoded","generateState","generateRandomString","listenForOAuthFlowCancellation","store","handleCancelOAuthFlow","event","__async","error","createOAuthError","handleFailure","signInWithRedirect","input","__async","authConfig","Amplify","assertTokenProviderConfig","assertOAuthConfig","oAuthStore","assertUserNotAuthenticated","provider","cognitoHostedUIIdentityProviderMap","oauthSignIn","_0","oauthConfig","clientId","customState","preferPrivateSession","domain","redirectSignIn","responseType","scopes","randomState","generateState","state","urlSafeEncode","value","method","toCodeChallenge","generateCodeVerifier","redirectUri","getRedirectUrl","isBrowser","queryString","__spreadValues","k","v","oAuthUrl","listenForOAuthFlowCancellation","type","error","url","openAuthSession","createOAuthError","completeOAuthFlow","getAuthUserAgentValue","AuthAction","err","handleFailure","toAttributeType","attributes","key","value","toAuthUserAttribute","userAttributes","attribute","signInWithCustomAuth","input","__async","authConfig","Amplify","assertTokenProviderConfig","username","password","options","signInDetails","metadata","assertValidationError","AuthValidationErrorCode","retriedChallengeName","retiredChallengeParameters","AuthenticationResult","Session","retryOnResourceNotFoundException","handleCustomAuthFlowWithoutSRP","tokenOrchestrator","activeUsername","getActiveSignInUsername","setActiveSignInState","cleanActiveSignInState","cacheCognitoTokens","__spreadProps","__spreadValues","getNewDeviceMetadata","dispatchSignedInHubEvent","getSignInResult","error","assertServiceError","result","getSignInResultFromError","signInWithCustomSRPAuth","input","__async","username","password","options","signInDetails","authConfig","Amplify","assertTokenProviderConfig","metadata","assertValidationError","AuthValidationErrorCode","handledChallengeName","handledChallengeParameters","AuthenticationResult","Session","handleCustomSRPAuthFlow","tokenOrchestrator","activeUsername","getActiveSignInUsername","setActiveSignInState","cacheCognitoTokens","__spreadProps","__spreadValues","getNewDeviceMetadata","cleanActiveSignInState","dispatchSignedInHubEvent","getSignInResult","error","assertServiceError","result","getSignInResultFromError","signInWithSRP","input","__async","username","password","authConfig","Amplify","signInDetails","assertTokenProviderConfig","clientMetaData","assertValidationError","AuthValidationErrorCode","handledChallengeName","handledChallengeParameters","AuthenticationResult","Session","handleUserSRPAuthFlow","tokenOrchestrator","activeUsername","getActiveSignInUsername","setActiveSignInState","cleanActiveSignInState","cacheCognitoTokens","__spreadProps","__spreadValues","getNewDeviceMetadata","dispatchSignedInHubEvent","getSignInResult","error","assertServiceError","result","getSignInResultFromError","signInWithUserPassword","input","__async","username","password","options","authConfig","Amplify","signInDetails","assertTokenProviderConfig","metadata","assertValidationError","AuthValidationErrorCode","retiredChallengeName","retriedChallengeParameters","AuthenticationResult","Session","retryOnResourceNotFoundException","handleUserPasswordAuthFlow","tokenOrchestrator","activeUsername","getActiveSignInUsername","setActiveSignInState","cacheCognitoTokens","__spreadProps","__spreadValues","getNewDeviceMetadata","cleanActiveSignInState","dispatchSignedInHubEvent","getSignInResult","error","assertServiceError","result","getSignInResultFromError","signIn","input","__async","authFlowType","assertUserNotAuthenticated","signInWithSRP","signInWithUserPassword","signInWithCustomAuth","signInWithCustomSRPAuth","initialAutoSignIn","__async","AuthError","AUTO_SIGN_IN_EXCEPTION","autoSignIn","setAutoSignIn","callback","resetAutoSignIn","MAX_AUTOSIGNIN_POLLING_MS","handleCodeAutoSignIn","signInInput","stopHubListener","HubInternal","_0","__async","payload","setAutoSignIn","autoSignInWithCode","timeOutId","setAutoSignInStarted","resetAutoSignIn","debounce","fun","delay","timer","args","handleAutoSignInWithLink","resolve","reject","start","autoSignInPollingIntervalId","AuthError","AUTO_SIGN_IN_EXCEPTION","signInOutput","signIn","error","debouncedAutoSignInWithLink","debouncedAutoSignWithCodeOrUserConfirmed","handleAutoSignInWithCodeOrUserConfirmed","autoSignInStarted","usernameUsedForAutoSignIn","setUsernameUsedForAutoSignIn","username","isAutoSignInUserUsingConfirmSignUp","isAutoSignInStarted","value","isSignUpComplete","output","autoSignInWhenUserIsConfirmedWithLink","autoSignInUserConfirmed","createSignUpClient","config","composeServiceApi","cognitoUserPoolTransferHandler","createUserPoolSerializer","createUserPoolDeserializer","__spreadValues","DEFAULT_SERVICE_CLIENT_API_CONFIG","signUp","input","__async","username","password","options","authConfig","Amplify","signUpVerificationMethod","clientMetadata","validationData","autoSignIn","assertTokenProviderConfig","assertValidationError","AuthValidationErrorCode","signInServiceOptions","signInInput","setUsernameUsedForAutoSignIn","setAutoSignInStarted","userPoolId","userPoolClientId","userPoolEndpoint","clientOutput","createSignUpClient","createCognitoUserPoolEndpointResolver","getRegionFromUserPoolId","getAuthUserAgentValue","AuthAction","toAttributeType","getUserContextData","UserSub","CodeDeliveryDetails","isSignUpComplete","isAutoSignInStarted","setAutoSignIn","autoSignInUserConfirmed","handleCodeAutoSignIn","autoSignInWhenUserIsConfirmedWithLink","createForgotPasswordClient","config","composeServiceApi","cognitoUserPoolTransferHandler","createUserPoolSerializer","createUserPoolDeserializer","__spreadValues","DEFAULT_SERVICE_CLIENT_API_CONFIG","resetPassword","input","__async","username","assertValidationError","AuthValidationErrorCode","authConfig","Amplify","assertTokenProviderConfig","userPoolClientId","userPoolId","userPoolEndpoint","clientMetadata","UserContextData","getUserContextData","codeDeliveryDetails","createForgotPasswordClient","createCognitoUserPoolEndpointResolver","getRegionFromUserPoolId","getAuthUserAgentValue","AuthAction","createConfirmForgotPasswordClient","config","composeServiceApi","cognitoUserPoolTransferHandler","createUserPoolSerializer","createUserPoolDeserializer","__spreadValues","DEFAULT_SERVICE_CLIENT_API_CONFIG","confirmResetPassword","input","__async","authConfig","Amplify","assertTokenProviderConfig","userPoolClientId","userPoolId","userPoolEndpoint","username","newPassword","assertValidationError","AuthValidationErrorCode","code","metadata","UserContextData","getUserContextData","createConfirmForgotPasswordClient","createCognitoUserPoolEndpointResolver","getRegionFromUserPoolId","getAuthUserAgentValue","AuthAction","createResendConfirmationCodeClient","config","composeServiceApi","cognitoUserPoolTransferHandler","createUserPoolSerializer","createUserPoolDeserializer","__spreadValues","DEFAULT_SERVICE_CLIENT_API_CONFIG","resendSignUpCode","input","__async","username","assertValidationError","AuthValidationErrorCode","authConfig","Amplify","assertTokenProviderConfig","userPoolClientId","userPoolId","userPoolEndpoint","clientMetadata","UserContextData","getUserContextData","resendConfirmationCode","createResendConfirmationCodeClient","createCognitoUserPoolEndpointResolver","CodeDeliveryDetails","getRegionFromUserPoolId","getAuthUserAgentValue","AuthAction","DeliveryMedium","AttributeName","Destination","__spreadValues","createConfirmSignUpClient","config","composeServiceApi","cognitoUserPoolTransferHandler","createUserPoolSerializer","createUserPoolDeserializer","__spreadValues","DEFAULT_SERVICE_CLIENT_API_CONFIG","confirmSignUp","input","__async","username","confirmationCode","options","authConfig","Amplify","assertTokenProviderConfig","userPoolId","userPoolClientId","userPoolEndpoint","clientMetadata","assertValidationError","AuthValidationErrorCode","UserContextData","getUserContextData","createConfirmSignUpClient","createCognitoUserPoolEndpointResolver","getRegionFromUserPoolId","getAuthUserAgentValue","AuthAction","resolve","reject","signUpOut","isAutoSignInStarted","isAutoSignInUserUsingConfirmSignUp","stopListener","HubInternal","payload","setAutoSignInStarted","error","createGetUserClient","config","composeServiceApi","cognitoUserPoolTransferHandler","createUserPoolSerializer","createUserPoolDeserializer","__spreadValues","DEFAULT_SERVICE_CLIENT_API_CONFIG","fetchUserAttributes","amplify","__async","authConfig","assertTokenProviderConfig","userPoolEndpoint","userPoolId","tokens","fetchAuthSession","assertAuthTokens","getUser","createGetUserClient","createCognitoUserPoolEndpointResolver","UserAttributes","getRegionFromUserPoolId","getAuthUserAgentValue","AuthAction","toAuthUserAttribute","fetchUserAttributes","Amplify","completeOAuthSignOut","store","__async","tokenOrchestrator","clearCredentials","Hub","AMPLIFY_SYMBOL","oAuthSignOutRedirect","authConfig","preferPrivateSession","redirectUrl","__async","assertOAuthConfig","loginWith","userPoolClientId","domain","redirectSignOut","signoutUri","getRedirectUrl","oAuthLogoutEndpoint","k","v","openAuthSession","handleOAuthSignOut","cognitoConfig","store","tokenOrchestrator","redirectUrl","__async","isOAuthSignIn","oauthMetadata","completeOAuthSignOut","oAuthSignOutRedirect","createRevokeTokenClient","config","composeServiceApi","cognitoUserPoolTransferHandler","createUserPoolSerializer","createUserPoolDeserializer","__spreadValues","DEFAULT_SERVICE_CLIENT_API_CONFIG","createGlobalSignOutClient","config","composeServiceApi","cognitoUserPoolTransferHandler","createUserPoolSerializer","createUserPoolDeserializer","__spreadValues","DEFAULT_SERVICE_CLIENT_API_CONFIG","logger","ConsoleLogger","signOut","input","__async","cognitoConfig","Amplify","assertTokenProviderConfig","globalSignOut","clientSignOut","hasOAuthConfig","assertOAuthConfig","oAuthStore","DefaultOAuthStore","defaultStorage","type","handleOAuthSignOut","tokenOrchestrator","AuthError","OAUTH_SIGNOUT_EXCEPTION","clearCredentials","Hub","AMPLIFY_SYMBOL","userPoolEndpoint","userPoolId","userPoolClientId","authTokens","assertAuthTokensWithRefreshToken","isSessionRevocable","createRevokeTokenClient","createCognitoUserPoolEndpointResolver","getRegionFromUserPoolId","getAuthUserAgentValue","AuthAction","assertAuthTokens","createGlobalSignOutClient","token","createEmptyResponseDeserializer","response","__async","error","parseJsonError","assertServiceError","AuthError","createDeleteUserClient","config","composeServiceApi","cognitoUserPoolTransferHandler","createUserPoolSerializer","createEmptyResponseDeserializer","__spreadValues","DEFAULT_SERVICE_CLIENT_API_CONFIG","deleteUser","__async","authConfig","Amplify","assertTokenProviderConfig","userPoolEndpoint","userPoolId","tokens","fetchAuthSession","assertAuthTokens","createDeleteUserClient","createCognitoUserPoolEndpointResolver","getRegionFromUserPoolId","getAuthUserAgentValue","AuthAction","tokenOrchestrator","signOut","IdentityIdStorageKeys","logger","ConsoleLogger","DefaultIdentityIdStore","authConfigParam","assertIdentityPoolIdConfig","createKeysForAuthStorage","keyValueStorage","__async","storedIdentityId","err","identity","provider","identifier","getAuthStorageKeys","IdentityIdStorageKeys","formLoginsMap","idToken","issuer","decodeJWT","res","AuthError","domainName","logger","ConsoleLogger","cognitoIdentityIdProvider","_0","__async","tokens","authConfig","identityIdStore","identityId","logins","formLoginsMap","generatedIdentityId","generateIdentityId","identityPoolId","region","getRegionFromIdentityPoolId","idResult","getId","AuthError","logger","ConsoleLogger","CREDENTIALS_TTL","CognitoAWSCredentialsAndIdentityIdProvider","identityIdStore","__async","getCredentialsOptions","isAuthenticated","tokens","authConfig","assertIdentityPoolIdConfig","forceRefresh","tokenHasChanged","identityId","cognitoIdentityIdProvider","assertIdTokenInAuthTokens","region","getRegionFromIdentityPoolId","clientResult","getCredentialsForIdentity","res","identityIdRes","__spreadProps","__spreadValues","AuthError","authTokens","logins","formLoginsMap","AuthService","constructor","_authenticated","_userService","inject","UserService","_translation","TranslocoService","email","password","gettingUser","Hub","listen","_0","__async","payload","console","log","event","getUser","user","state","data","fetchAuthSession","then","session","tokens","accessToken","attributes","fetchUserAttributes","setup","token","localStorage","setItem","getItem","forgotPassword","resetPassword","username","delete","deleteUser","resendConfirmationCode","message","translate","resendSignUpCode","confirmForgotPassword","code","confirmResetPassword","newPassword","confirmationCode","signIn","result","isSignedIn","signOut","signUp","gdpr","isSignUpComplete","options","userAttributes","validationData","recaptchaToken","confirmSignUp","check","factory","ɵfac","providedIn"],"x_google_ignoreList":[0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91,92,93,94,95,96,97,98,99,100,101,102,103,104,105]}