{"version":3,"sources":["webpack:///./node_modules/@azure/msal-common/dist/url/UrlString.js","webpack:///./node_modules/@azure/msal-common/dist/utils/ProtocolUtils.js","webpack:///./node_modules/@azure/msal-common/dist/request/ScopeSet.js","webpack:///./node_modules/@azure/msal-common/dist/utils/Constants.js","webpack:///./node_modules/@azure/msal-common/dist/network/ThrottlingUtils.js","webpack:///./node_modules/@azure/msal-common/dist/packageMetadata.js","webpack:///./node_modules/@azure/msal-common/dist/telemetry/server/ServerTelemetryManager.js","webpack:///./node_modules/@azure/msal-common/dist/network/NetworkManager.js","webpack:///./node_modules/@azure/msal-common/dist/logger/Logger.js","webpack:///./node_modules/@azure/msal-common/dist/response/ResponseHandler.js","webpack:///./node_modules/@azure/msal-common/dist/utils/StringUtils.js","webpack:///./node_modules/@azure/msal-common/dist/network/INetworkModule.js","webpack:///./node_modules/@azure/msal-common/dist/request/RequestValidator.js","webpack:///./node_modules/@azure/msal-common/dist/request/RequestParameterBuilder.js","webpack:///./node_modules/@azure/msal-common/dist/utils/TimeUtils.js"],"names":["UrlString","url","this","_urlString","isEmpty","createUrlEmptyError","getHash","canonicalizeUri","Object","defineProperty","prototype","get","enumerable","configurable","lowerCaseUrl","toLowerCase","endsWith","slice","validateAsUri","components","getUrlComponents","e","createUrlParseError","HostNameAndPort","PathSegments","urlString","Protocol","createInsecureAuthorityUriError","appendQueryString","queryString","indexOf","removeHashFromUrl","split","replaceTenantPath","tenantId","urlObject","pathArray","length","COMMON","ORGANIZATIONS","constructAuthorityUriFromObject","parseHash","regEx","RegExp","match","urlComponents","AbsolutePath","QueryString","pathSegments","filter","val","substring","getDomainFromUrl","getAbsoluteUrl","relativeUrl","baseUrl","FORWARD_SLASH","baseComponents","hashString","hashIndex1","hashIndex2","join","getDeserializedHash","hash","parsedHash","deserializedHash","queryStringToObject","createHashNotDeserializedError","JSON","stringify","hashContainsKnownProperties","parameters","code","error_description","error","state","ProtocolUtils","setRequestState","cryptoObj","userState","meta","libraryState","generateLibraryState","RESOURCE_DELIM","createNoCryptoObjectError","stateObj","id","createNewGuid","stateString","base64Encode","parseRequestState","createInvalidStateError","splitState","libraryStateString","base64Decode","libraryStateObj","parse","userRequestState","ScopeSet","inputScopes","_this","scopeArr","trimArrayEntries","filteredInput","removeEmptyStringsFromArray","validateInputScopes","scopes","Set","forEach","scope","add","fromString","inputScopeString","scopeString","createEmptyScopesArrayError","containsScope","lowerCaseScopes","printScopesLowerCase","lowerCaseScopesSet","has","containsScopeSet","scopeSet","size","asArray","every","containsOnlyOIDCScopes","defaultScopeCount","defaultScope","appendScope","newScope","trim","appendScopes","newScopes","createAppendScopeSetError","removeScope","createRemoveEmptyScopeFromSetError","delete","removeOIDCScopes","unionScopeSets","otherScopes","createEmptyInputScopeSetError","unionScopes","intersectingScopeSets","sizeOtherScopes","getScopeCount","sizeThisScopes","sizeUnionScopes","array","push","printScopes","HeaderNames","PersistentCacheKeys","AADAuthorityConstants","AADServerParamKeys","ClaimsRequestKeys","Constants","LIBRARY_NAME","SKU","CACHE_PREFIX","DEFAULT_AUTHORITY","DEFAULT_AUTHORITY_HOST","ADFS","AAD_INSTANCE_DISCOVERY_ENDPT","NO_ACCOUNT","CLAIMS","CONSUMER_UTID","OPENID_SCOPE","PROFILE_SCOPE","OFFLINE_ACCESS_SCOPE","EMAIL_SCOPE","CODE_RESPONSE_TYPE","CODE_GRANT_TYPE","RT_GRANT_TYPE","FRAGMENT_RESPONSE_MODE","S256_CODE_CHALLENGE_METHOD","URL_FORM_CONTENT_TYPE","AUTHORIZATION_PENDING","NOT_DEFINED","EMPTY_STRING","IMDS_ENDPOINT","IMDS_VERSION","IMDS_TIMEOUT","AZURE_REGION_AUTO_DISCOVER_FLAG","REGIONAL_AUTH_PUBLIC_CLOUD_SUFFIX","KNOWN_PUBLIC_CLOUDS","OIDC_DEFAULT_SCOPES","OIDC_SCOPES","SSOTypes","PromptValue","LOGIN","SELECT_ACCOUNT","CONSENT","NONE","CREATE","ResponseMode","GrantType","CacheAccountType","Separators","CredentialType","CacheSchemaType","CacheType","CodeChallengeMethodValues","PLAIN","S256","AuthorityMetadataSource","APP_METADATA","CLIENT_INFO","THE_FAMILY_ID","AUTHORITY_METADATA_CONSTANTS","CACHE_KEY","REFRESH_TIME_SECONDS","AuthenticationScheme","SERVER_TELEM_CONSTANTS","SCHEMA_VERSION","MAX_CUR_HEADER_BYTES","MAX_LAST_HEADER_BYTES","MAX_CACHED_ERRORS","CATEGORY_SEPARATOR","VALUE_SEPARATOR","OVERFLOW_TRUE","OVERFLOW_FALSE","UNKNOWN_ERROR","PasswordGrantConstants","ResponseCodes","RegionDiscoverySources","RegionDiscoveryOutcomes","CacheOutcome","ThrottlingConstants","DEFAULT_THROTTLE_TIME_SECONDS","DEFAULT_MAX_THROTTLE_TIME_SECONDS","THROTTLING_PREFIX","X_MS_LIB_CAPABILITY_VALUE","Errors","INVALID_GRANT_ERROR","CLIENT_MISMATCH_ERROR","ThrottlingUtils","generateThrottlingStorageKey","thumbprint","preProcess","cacheManager","_a","key","value","getThrottlingCache","throttleTime","Date","now","removeItem","THROTTLING","errorCodes","errorMessage","subError","postProcess","response","checkResponseStatus","checkResponseForRetryAfter","thumbprintValue","calculateThrottleTime","parseInt","headers","RETRY_AFTER","body","error_codes","suberror","setThrottlingCache","status","hasOwnProperty","time","currentSeconds","Math","floor","min","removeThrottle","clientId","request","homeAccountIdentifier","authority","authenticationScheme","resourceRequestMethod","resourceRequestUri","shrClaims","name","version","ServerTelemetryManager","telemetryRequest","cacheOutcome","NO_CACHE_HIT","apiId","correlationId","wrapperSKU","wrapperVer","telemetryCacheKey","CACHE_KEY_SEPARATOR","generateCurrentRequestHeaderValue","platformFields","regionDiscoveryFields","getRegionDiscoveryFields","requestWithRegionDiscoveryFields","generateLastRequestHeaderValue","lastRequests","getLastRequests","maxErrors","maxErrorsToSend","failedRequests","errors","errorCount","overflow","cacheHits","cacheFailedRequest","shift","errorCode","toString","setServerTelemetry","incrementCacheHits","initialValue","getServerTelemetry","clearTelemetryCache","numErrorsFlushed","serverTelemEntity","serverTelemetryEntity","i","dataSize","regionUsed","regionSource","regionOutcome","updateRegionDiscoveryMetadata","regionDiscoveryMetadata","region_used","region_source","region_outcome","setCacheOutcome","NetworkManager","networkClient","sendPostRequest","tokenEndpoint","options","e_1","label","trys","sendPostRequestAsync","sent","createNetworkError","LogLevel","Logger","loggerOptions","packageName","packageVersion","level","Info","defaultLoggerCallback","localCallback","loggerCallback","piiLoggingEnabled","logLevel","clone","logMessage","containsPii","logHeader","timestamp","toUTCString","log","executeCallback","message","Error","errorPii","warning","Warning","warningPii","info","infoPii","verbose","Verbose","verbosePii","trace","Trace","tracePii","isPiiLoggingEnabled","ResponseHandler","cacheStorage","logger","serializableCache","persistencePlugin","validateServerAuthorizationCodeResponse","serverResponseHash","cachedState","createStateNotFoundError","decodeURIComponent","createStateMismatchError","isInteractionRequiredError","client_info","validateTokenResponse","serverResponse","errString","correlation_id","trace_id","handleServerTokenResponse","serverTokenResponse","reqTimestamp","authCodePayload","oboAssertion","handlingRefreshTokenResponse","idTokenObj","requestStateObj","cacheRecord","cacheContext","account","id_token","nonce","claims","createNonceMismatchError","generateHomeAccountId","authorityType","generateCacheRecord","beforeCacheAccess","generateAccountKey","getAccount","generateAuthenticationResult","saveCacheRecord","afterCacheAccess","requestScopes","cachedIdToken","cachedAccount","env","getPreferredCache","createInvalidCacheEnvironmentError","createIdTokenEntity","tid","generateAccountEntity","cachedAccessToken","access_token","responseScopes","expiresIn","expires_in","extExpiresIn","ext_expires_in","refreshIn","refresh_in","undefined","tokenExpirationSeconds","extendedTokenExpirationSeconds","refreshOnSeconds","createAccessTokenEntity","tenant","token_type","cachedRefreshToken","refresh_token","createRefreshTokenEntity","foci","cachedAppMetadata","createAppMetadataEntity","idToken","cloudGraphHostName","cloud_graph_host_name","msGraphhost","msgraph_host","Adfs","createGenericAccount","protocolMode","createClientInfoEmptyError","createAccount","fromTokenCache","requestState","_b","_c","accessToken","expiresOn","extExpiresOn","familyId","popTokenGenerator","uid","_d","tokenType","POP","signPopToken","secret","target","Number","extendedExpiresOn","appMetadata","oid","sub","canonicalAuthority","uniqueId","getAccountInfo","rawToken","idTokenClaims","fromCache","msGraphHost","StringUtils","decodeAuthToken","authToken","createTokenNullOrEmptyError","tokenPartsRegex","matches","exec","createTokenParsingError","crackedToken","header","JWSPayload","JWSSig","str","isEmptyObj","strObj","obj","keys","startsWith","search","lastIndexOf","query","params","decode","s","replace","pair","arr","map","entry","jsonParseHelper","matchPattern","pattern","input","regex","test","StubbedNetworkModule","sendGetRequestAsync","notImplErr","Promise","reject","createUnexpectedError","RequestValidator","validateRedirectUri","redirectUri","ClientConfigurationError","createRedirectUriEmptyError","validatePrompt","prompt","promptValues","createInvalidPromptError","validateClaims","createInvalidClaimsRequestError","validateCodeChallengeParams","codeChallenge","codeChallengeMethod","createInvalidCodeChallengeParamsError","validateCodeChallengeMethod","createInvalidCodeChallengeMethodError","sanitizeEQParams","eQParams","queryParams","RequestParameterBuilder","Map","addResponseTypeCode","set","RESPONSE_TYPE","encodeURIComponent","addResponseMode","responseMode","RESPONSE_MODE","QUERY","addScopes","addOidcScopes","SCOPE","addClientId","CLIENT_ID","addRedirectUri","REDIRECT_URI","addPostLogoutRedirectUri","POST_LOGOUT_URI","addIdTokenHint","idTokenHint","ID_TOKEN_HINT","addDomainHint","domainHint","DOMAIN_HINT","addLoginHint","loginHint","LOGIN_HINT","addCcsUpn","CCS_HEADER","addCcsOid","clientInfo","utid","addSid","sid","SID","addClaims","clientCapabilities","mergedClaims","addClientCapabilitiesToClaims","addCorrelationId","CLIENT_REQUEST_ID","addLibraryInfo","libraryInfo","X_CLIENT_SKU","sku","X_CLIENT_VER","X_CLIENT_OS","os","X_CLIENT_CPU","cpu","addPrompt","PROMPT","addState","STATE","addNonce","NONCE","addCodeChallengeParams","CODE_CHALLENGE","CODE_CHALLENGE_METHOD","addAuthorizationCode","CODE","addDeviceCode","DEVICE_CODE","addRefreshToken","refreshToken","REFRESH_TOKEN","addCodeVerifier","codeVerifier","CODE_VERIFIER","addClientSecret","clientSecret","CLIENT_SECRET","addClientAssertion","clientAssertion","CLIENT_ASSERTION","addClientAssertionType","clientAssertionType","CLIENT_ASSERTION_TYPE","addOboAssertion","OBO_ASSERTION","addRequestTokenUse","tokenUse","REQUESTED_TOKEN_USE","addGrantType","grantType","GRANT_TYPE","addClientInfo","addExtraQueryParameters","eQparams","ACCESS_TOKEN","XMS_CC","values","addUsername","username","addPassword","password","addPopToken","cnfString","TOKEN_TYPE","REQ_CNF","addServerTelemetry","serverTelemetryManager","X_CLIENT_CURR_TELEM","X_CLIENT_LAST_TELEM","addThrottling","X_MS_LIB_CAPABILITY","createQueryString","queryParameterArray","Array","TimeUtils","nowSeconds","round","getTime","isTokenExpired","offset","expirationSec","offsetCurrentTimeSec","wasClockTurnedBack","cachedAt","cachedAtSec","delay","t","resolve","setTimeout"],"mappings":"0HAAA,sFAcIA,EAA2B,WAC3B,SAASA,EAAUC,GAEf,GADAC,KAAKC,WAAaF,EACd,OAAYG,QAAQF,KAAKC,YAEzB,MAAM,OAAyBE,sBAE/B,OAAYD,QAAQF,KAAKI,aACzBJ,KAAKC,WAAaH,EAAUO,gBAAgBN,IAqLpD,OAlLAO,OAAOC,eAAeT,EAAUU,UAAW,YAAa,CACpDC,IAAK,WACD,OAAOT,KAAKC,YAEhBS,YAAY,EACZC,cAAc,IAMlBb,EAAUO,gBAAkB,SAAUN,GAClC,GAAIA,EAAK,CACL,IAAIa,EAAeb,EAAIc,cAUvB,OATI,OAAYC,SAASF,EAAc,KACnCA,EAAeA,EAAaG,MAAM,GAAI,GAEjC,OAAYD,SAASF,EAAc,QACxCA,EAAeA,EAAaG,MAAM,GAAI,IAErC,OAAYD,SAASF,EAAc,OACpCA,GAAgB,KAEbA,EAEX,OAAOb,GAKXD,EAAUU,UAAUQ,cAAgB,WAEhC,IAAIC,EACJ,IACIA,EAAajB,KAAKkB,mBAEtB,MAAOC,GACH,MAAM,OAAyBC,oBAAoBD,GAGvD,IAAKF,EAAWI,kBAAoBJ,EAAWK,aAC3C,MAAM,OAAyBF,oBAAoB,qBAAuBpB,KAAKuB,WAGnF,IAAKN,EAAWO,UAAkD,WAAtCP,EAAWO,SAASX,cAC5C,MAAM,OAAyBY,gCAAgCzB,KAAKuB,YAQ5EzB,EAAU4B,kBAAoB,SAAU3B,EAAK4B,GACzC,OAAI,OAAYzB,QAAQyB,GACb5B,EAEJA,EAAI6B,QAAQ,KAAO,EAAI7B,EAAM,IAAM4B,EAAc5B,EAAM,IAAM4B,GAMxE7B,EAAU+B,kBAAoB,SAAU9B,GACpC,OAAOD,EAAUO,gBAAgBN,EAAI+B,MAAM,KAAK,KAOpDhC,EAAUU,UAAUuB,kBAAoB,SAAUC,GAC9C,IAAIC,EAAYjC,KAAKkB,mBACjBgB,EAAYD,EAAUX,aAI1B,OAHIU,GAAkC,IAArBE,EAAUC,QAAiBD,EAAU,KAAO,OAAsBE,QAAUF,EAAU,KAAO,OAAsBG,gBAChIH,EAAU,GAAKF,GAEZlC,EAAUwC,gCAAgCL,IAKrDnC,EAAUU,UAAUJ,QAAU,WAC1B,OAAON,EAAUyC,UAAUvC,KAAKuB,YAMpCzB,EAAUU,UAAUU,iBAAmB,WAEnC,IAAIsB,EAAQC,OAAO,8DAEfC,EAAQ1C,KAAKuB,UAAUmB,MAAMF,GACjC,IAAKE,EACD,MAAM,OAAyBtB,oBAAoB,qBAAuBpB,KAAKuB,WAGnF,IAAIoB,EAAgB,CAChBnB,SAAUkB,EAAM,GAChBrB,gBAAiBqB,EAAM,GACvBE,aAAcF,EAAM,GACpBG,YAAaH,EAAM,IAEnBI,EAAeH,EAAcC,aAAad,MAAM,KAMpD,OALAgB,EAAeA,EAAaC,QAAO,SAAUC,GAAO,OAAOA,GAAOA,EAAIb,OAAS,KAC/EQ,EAAcrB,aAAewB,GACxB,OAAY5C,QAAQyC,EAAcE,cAAgBF,EAAcE,YAAY/B,SAAS,OACtF6B,EAAcE,YAAcF,EAAcE,YAAYI,UAAU,EAAGN,EAAcE,YAAYV,OAAS,IAEnGQ,GAEX7C,EAAUoD,iBAAmB,SAAUnD,GACnC,IAAIyC,EAAQC,OAAO,4BACfC,EAAQ3C,EAAI2C,MAAMF,GACtB,IAAKE,EACD,MAAM,OAAyBtB,oBAAoB,qBAAuBrB,GAE9E,OAAO2C,EAAM,IAEjB5C,EAAUqD,eAAiB,SAAUC,EAAaC,GAC9C,GAAID,EAAY,KAAO,OAAUE,cAAe,CAC5C,IAAIvD,EAAM,IAAID,EAAUuD,GACpBE,EAAiBxD,EAAImB,mBACzB,OAAOqC,EAAe/B,SAAW,KAAO+B,EAAelC,gBAAkB+B,EAE7E,OAAOA,GAMXtD,EAAUyC,UAAY,SAAUiB,GAC5B,IAAIC,EAAaD,EAAW5B,QAAQ,KAChC8B,EAAaF,EAAW5B,QAAQ,MACpC,OAAI8B,GAAc,EACPF,EAAWP,UAAUS,EAAa,GAEpCD,GAAc,EACZD,EAAWP,UAAUQ,EAAa,GAEtC,IAEX3D,EAAUwC,gCAAkC,SAAUL,GAClD,OAAO,IAAInC,EAAUmC,EAAUT,SAAW,KAAOS,EAAUZ,gBAAkB,IAAMY,EAAUX,aAAaqC,KAAK,OAKnH7D,EAAU8D,oBAAsB,SAAUC,GAEtC,GAAI,OAAY3D,QAAQ2D,GACpB,MAAO,GAGX,IAAIC,EAAahE,EAAUyC,UAAUsB,GAEjCE,EAAmB,OAAYC,oBAAoB,OAAY9D,QAAQ4D,GAAcD,EAAOC,GAEhG,IAAKC,EACD,MAAM,OAAgBE,+BAA+BC,KAAKC,UAAUJ,IAExE,OAAOA,GAKXjE,EAAUsE,4BAA8B,SAAUP,GAC9C,GAAI,OAAY3D,QAAQ2D,IAASA,EAAKjC,QAAQ,KAAO,EAEjD,OAAO,EAEX,IAAIyC,EAAavE,EAAU8D,oBAAoBC,GAC/C,SAAUQ,EAAWC,MACjBD,EAAWE,mBACXF,EAAWG,OACXH,EAAWI,QAEZ3E,EA7LmB,I,kCCd9B,0EAaI4E,EAA+B,WAC/B,SAASA,KA0DT,OAnDAA,EAAcC,gBAAkB,SAAUC,EAAWC,EAAWC,GAC5D,IAAIC,EAAeL,EAAcM,qBAAqBJ,EAAWE,GACjE,OAAQ,OAAY5E,QAAQ2E,GAAwEE,EAA3D,GAAKA,EAAe,OAAUE,eAAiBJ,GAO5FH,EAAcM,qBAAuB,SAAUJ,EAAWE,GACtD,IAAKF,EACD,MAAM,OAAgBM,0BAA0B,wBAGpD,IAAIC,EAAW,CACXC,GAAIR,EAAUS,iBAEdP,IACAK,EAASL,KAAOA,GAEpB,IAAIQ,EAAcpB,KAAKC,UAAUgB,GACjC,OAAOP,EAAUW,aAAaD,IAOlCZ,EAAcc,kBAAoB,SAAUZ,EAAWH,GACnD,IAAKG,EACD,MAAM,OAAgBM,0BAA0B,qBAEpD,GAAI,OAAYhF,QAAQuE,GACpB,MAAM,OAAgBgB,wBAAwBhB,EAAO,kCAEzD,IAEI,IAAIiB,EAAajB,EAAM3C,MAAM,OAAUmD,gBACnCF,EAAeW,EAAW,GAC1Bb,EAAYa,EAAWvD,OAAS,EAAIuD,EAAW3E,MAAM,GAAG4C,KAAK,OAAUsB,gBAAkB,GACzFU,EAAqBf,EAAUgB,aAAab,GAC5Cc,EAAkB3B,KAAK4B,MAAMH,GACjC,MAAO,CACHI,iBAAmB,OAAY7F,QAAQ2E,GAAyB,GAAZA,EACpDE,aAAcc,GAGtB,MAAO1E,GACH,MAAM,OAAgBsE,wBAAwBhB,EAAOtD,KAGtDuD,EA3DuB,I,oCCblC,kGAiBIsB,EAA0B,WAC1B,SAASA,EAASC,GACd,IAAIC,EAAQlG,KAERmG,EAAWF,EAAc,OAAYG,iBAAiB,eAAeH,IAAgB,GACrFI,EAAgBF,EAAW,OAAYG,4BAA4BH,GAAY,GAEnFnG,KAAKuG,oBAAoBF,GACzBrG,KAAKwG,OAAS,IAAIC,IAClBJ,EAAcK,SAAQ,SAAUC,GAAS,OAAOT,EAAMM,OAAOI,IAAID,MAiKrE,OAzJAX,EAASa,WAAa,SAAUC,GAC5B,IAAIC,EAAcD,GAAoB,GAClCb,EAAcc,EAAYjF,MAAM,KACpC,OAAO,IAAIkE,EAASC,IAOxBD,EAASxF,UAAU+F,oBAAsB,SAAUN,GAE/C,IAAKA,GAAeA,EAAY9D,OAAS,EACrC,MAAM,OAAyB6E,+BAOvChB,EAASxF,UAAUyG,cAAgB,SAAUN,GACzC,IAAIO,EAAkBlH,KAAKmH,uBAAuBrF,MAAM,KACpDsF,EAAqB,IAAIpB,EAASkB,GAEtC,OAAQ,OAAYhH,QAAQyG,IAASS,EAAmBZ,OAAOa,IAAIV,EAAM9F,gBAM7EmF,EAASxF,UAAU8G,iBAAmB,SAAUC,GAC5C,IAAIrB,EAAQlG,KACZ,SAAKuH,GAAYA,EAASf,OAAOgB,MAAQ,KAGjCxH,KAAKwG,OAAOgB,MAAQD,EAASf,OAAOgB,MAAQD,EAASE,UAAUC,OAAM,SAAUf,GAAS,OAAOT,EAAMe,cAAcN,QAK/HX,EAASxF,UAAUmH,uBAAyB,WACxC,IAAIzB,EAAQlG,KACR4H,EAAoB,EAMxB,OALA,OAAYlB,SAAQ,SAAUmB,GACtB3B,EAAMe,cAAcY,KACpBD,GAAqB,MAGtB5H,KAAKwG,OAAOgB,OAASI,GAMhC5B,EAASxF,UAAUsH,YAAc,SAAUC,GAClC,OAAY7H,QAAQ6H,IACrB/H,KAAKwG,OAAOI,IAAImB,EAASC,SAOjChC,EAASxF,UAAUyH,aAAe,SAAUC,GACxC,IAAIhC,EAAQlG,KACZ,IACIkI,EAAUxB,SAAQ,SAAUqB,GAAY,OAAO7B,EAAM4B,YAAYC,MAErE,MAAO5G,GACH,MAAM,OAAgBgH,0BAA0BhH,KAOxD6E,EAASxF,UAAU4H,YAAc,SAAUzB,GACvC,GAAI,OAAYzG,QAAQyG,GACpB,MAAM,OAAgB0B,mCAAmC1B,GAE7D3G,KAAKwG,OAAO8B,OAAO3B,EAAMqB,SAM7BhC,EAASxF,UAAU+H,iBAAmB,WAClC,IAAIrC,EAAQlG,KACZ,OAAY0G,SAAQ,SAAUmB,GAC1B3B,EAAMM,OAAO8B,OAAOT,OAO5B7B,EAASxF,UAAUgI,eAAiB,SAAUC,GAC1C,IAAKA,EACD,MAAM,OAAgBC,gCAE1B,IAAIC,EAAc,IAAIlC,IAGtB,OAFAgC,EAAYjC,OAAOE,SAAQ,SAAUC,GAAS,OAAOgC,EAAY/B,IAAID,EAAM9F,kBAC3Eb,KAAKwG,OAAOE,SAAQ,SAAUC,GAAS,OAAOgC,EAAY/B,IAAID,EAAM9F,kBAC7D8H,GAMX3C,EAASxF,UAAUoI,sBAAwB,SAAUH,GACjD,IAAKA,EACD,MAAM,OAAgBC,gCAGrBD,EAAYd,0BACbc,EAAYF,mBAEhB,IAAII,EAAc3I,KAAKwI,eAAeC,GAClCI,EAAkBJ,EAAYK,gBAC9BC,EAAiB/I,KAAK8I,gBACtBE,EAAkBL,EAAYnB,KAClC,OAAOwB,EAAmBD,EAAiBF,GAK/C7C,EAASxF,UAAUsI,cAAgB,WAC/B,OAAO9I,KAAKwG,OAAOgB,MAKvBxB,EAASxF,UAAUiH,QAAU,WACzB,IAAIwB,EAAQ,GAEZ,OADAjJ,KAAKwG,OAAOE,SAAQ,SAAU1D,GAAO,OAAOiG,EAAMC,KAAKlG,MAChDiG,GAKXjD,EAASxF,UAAU2I,YAAc,WAC7B,GAAInJ,KAAKwG,OAAQ,CACb,IAAIL,EAAWnG,KAAKyH,UACpB,OAAOtB,EAASxC,KAAK,KAEzB,MAAO,IAKXqC,EAASxF,UAAU2G,qBAAuB,WACtC,OAAOnH,KAAKmJ,cAActI,eAEvBmF,EA1KkB,I,oCCjB7B,okCA8DIoD,EASAC,EAYAC,EASAC,EAiDAC,EA7IJ,YAQIC,EAAY,CACZC,aAAc,UACdC,IAAK,iBAELC,aAAc,OAEdC,kBAAmB,4CACnBC,uBAAwB,4BAExBC,KAAM,OAENC,6BAA8B,sGAE9B/E,eAAgB,IAEhBgF,WAAY,aAEZC,OAAQ,SAERC,cAAe,uCAEfC,aAAc,SACdC,cAAe,UACfC,qBAAsB,iBACtBC,YAAa,QAEbC,mBAAoB,OACpBC,gBAAiB,qBACjBC,cAAe,gBACfC,uBAAwB,WACxBC,2BAA4B,OAC5BC,sBAAuB,kDACvBC,sBAAuB,wBACvBC,YAAa,cACbC,aAAc,GACd1H,cAAe,IACf2H,cAAe,4DACfC,aAAc,aACdC,aAAc,IACdC,gCAAiC,gBACjCC,kCAAmC,sBACnCC,oBAAqB,CAAC,4BAA6B,oBAAqB,sBAAuB,oBAE/FC,EAAsB,CACtB9B,EAAUW,aACVX,EAAUY,cACVZ,EAAUa,sBAEVkB,EAAc,eAAeD,EAAqB,CAClD9B,EAAUc;4CAMd,SAAWnB,GACPA,EAAY,gBAAkB,eAC9BA,EAAY,eAAiB,cAC7BA,EAAY,cAAgB,mBAHhC,CAIGA,IAAgBA,EAAc,KAKjC,SAAWC,GACPA,EAAoB,YAAc,UAClCA,EAAoB,eAAiB,cACrCA,EAAoB,iBAAmB,eACvCA,EAAoB,SAAW,QAC/BA,EAAoB,cAAgB,oBACpCA,EAAoB,kBAAoB,iBAN5C,CAOGA,IAAwBA,EAAsB,KAKjD,SAAWC,GACPA,EAAsB,UAAY,SAClCA,EAAsB,iBAAmB,gBACzCA,EAAsB,aAAe,YAHzC,CAIGA,IAA0BA,EAAwB,KAKrD,SAAWC,GACPA,EAAmB,aAAe,YAClCA,EAAmB,gBAAkB,eACrCA,EAAmB,iBAAmB,gBACtCA,EAAmB,iBAAmB,gBACtCA,EAAmB,cAAgB,aACnCA,EAAmB,UAAY,SAC/BA,EAAmB,SAAW,QAC9BA,EAAmB,SAAW,QAC9BA,EAAmB,qBAAuB,oBAC1CA,EAAmB,gBAAkB,eACrCA,EAAmB,YAAc,WACjCA,EAAmB,iBAAmB,gBACtCA,EAAmB,cAAgB,aACnCA,EAAmB,SAAW,QAC9BA,EAAmB,SAAW,QAC9BA,EAAmB,UAAY,SAC/BA,EAAmB,iBAAmB,gBACtCA,EAAmB,eAAiB,cACpCA,EAAmB,QAAU,OAC7BA,EAAmB,kBAAoB,iBACvCA,EAAmB,yBAA2B,wBAC9CA,EAAmB,iBAAmB,gBACtCA,EAAmB,qBAAuB,oBAC1CA,EAAmB,gBAAkB,eACrCA,EAAmB,gBAAkB,eACrCA,EAAmB,eAAiB,cACpCA,EAAmB,gBAAkB,eACrCA,EAAmB,uBAAyB,6BAC5CA,EAAmB,uBAAyB,0BAC5CA,EAAmB,uBAAyB,sBAC5CA,EAAmB,mBAAqB,2BACxCA,EAAmB,iBAAmB,gBACtCA,EAAmB,eAAiB,cACpCA,EAAmB,iBAAmB,gBACtCA,EAAmB,oBAAsB,mBACzCA,EAAmB,yBAA2B,wBAC9CA,EAAmB,cAAgB,aACnCA,EAAmB,WAAa,UAChCA,EAAmB,iBAAmB,YACtCA,EAAmB,uBAAyB,sBAC5CA,EAAmB,gBAAkB,eACrCA,EAAmB,QAAU,OAC7BA,EAAmB,cAAgB,kBA3CvC,CA4CGA,IAAuBA,EAAqB,KAK/C,SAAWC,GACPA,EAAkB,gBAAkB,eACpCA,EAAkB,UAAY,SAFlC,CAGGA,IAAsBA,EAAoB,KAM7C,IAUIiC,EAVAC,EAAc,CACdC,MAAO,QACPC,eAAgB,iBAChBC,QAAS,UACTC,KAAM,OACNC,OAAQ,WAMZ,SAAWN,GACPA,EAAS,WAAa,UACtBA,EAAS,OAAS,MAClBA,EAAS,cAAgB,aACzBA,EAAS,YAAc,WACvBA,EAAS,eAAiB,cAC1BA,EAAS,iBAAmB,gBAC5BA,EAAS,aAAe,YACxBA,EAAS,cAAgB,oBACzBA,EAAS,kBAAoB,yBATjC,CAUGA,IAAaA,EAAW,KAI3B,IAOIO,EASAC,EAaAC,EAUAC,EAQAC,EAUAC,EAgBAC,EAzEAC,EAA4B,CAC5BC,MAAO,QACPC,KAAM,SAMV,SAAWT,GACPA,EAAa,SAAW,QACxBA,EAAa,YAAc,WAC3BA,EAAa,aAAe,aAHhC,CAIGA,IAAiBA,EAAe,KAKnC,SAAWC,GACPA,EAAU,kBAAoB,WAC9BA,EAAU,4BAA8B,qBACxCA,EAAU,4BAA8B,qBACxCA,EAAU,iCAAmC,WAC7CA,EAAU,uBAAyB,gBACnCA,EAAU,qBAAuB,cACjCA,EAAU,cAAgB,8CAP9B,CAQGA,IAAcA,EAAY,KAK7B,SAAWC,GACPA,EAAiB,sBAAwB,QACzCA,EAAiB,qBAAuB,OACxCA,EAAiB,sBAAwB,MACzCA,EAAiB,wBAA0B,UAJ/C,CAKGA,IAAqBA,EAAmB,KAK3C,SAAWC,GACPA,EAAW,uBAAyB,IACpCA,EAAW,yBAA2B,IAF1C,CAGGA,IAAeA,EAAa,KAK/B,SAAWC,GACPA,EAAe,YAAc,UAC7BA,EAAe,gBAAkB,cACjCA,EAAe,iCAAmC,8BAClDA,EAAe,iBAAmB,eAJtC,CAKGA,IAAmBA,EAAiB,KAKvC,SAAWC,GACPA,EAAgB,WAAa,UAC7BA,EAAgB,cAAgB,aAChCA,EAAgB,YAAc,UAC9BA,EAAgB,gBAAkB,cAClCA,EAAgB,iBAAmB,eACnCA,EAAgB,gBAAkB,cAClCA,EAAgB,aAAe,YAC/BA,EAAgB,aAAe,YAC/BA,EAAgB,aAAe,YAC/BA,EAAgB,cAAgB,aAVpC,CAWGA,IAAoBA,EAAkB,KAKzC,SAAWC,GACPA,EAAUA,EAAU,QAAU,MAAQ,OACtCA,EAAUA,EAAU,OAAS,MAAQ,MACrCA,EAAUA,EAAU,SAAW,MAAQ,QACvCA,EAAUA,EAAU,WAAa,MAAQ,UACzCA,EAAUA,EAAU,gBAAkB,MAAQ,eAC9CA,EAAUA,EAAU,iBAAmB,MAAQ,gBAC/CA,EAAUA,EAAU,YAAc,MAAQ,WAC1CA,EAAUA,EAAU,gBAAkB,MAAQ,eAC9CA,EAAUA,EAAU,aAAe,MAAQ,YAT/C,CAUGA,IAAcA,EAAY,KAI7B,IAOII,EAPAC,EAAe,cACfC,EAAc,cACdC,EAAgB,IAChBC,EAA+B,CAC/BC,UAAW,qBACXC,qBAAsB,QAG1B,SAAWN,GACPA,EAAwB,UAAY,SACpCA,EAAwB,SAAW,QACnCA,EAAwB,WAAa,WAHzC,CAIGA,IAA4BA,EAA0B,KACzD,IAeIO,EAfAC,EAAyB,CACzBC,eAAgB,EAChBC,qBAAsB,GACtBC,sBAAuB,IACvBC,kBAAmB,GACnBP,UAAW,mBACXQ,mBAAoB,IACpBC,gBAAiB,IACjBC,cAAe,IACfC,eAAgB,IAChBC,cAAe,kBAMnB,SAAWV,GACPA,EAAqB,OAAS,MAC9BA,EAAqB,UAAY,UAFrC,CAGGA,IAAyBA,EAAuB,KAInD,IAiBIW,EAQAC,EAQAC,EAUAC,EAQAC,EAnDAC,EAAsB,CAEtBC,8BAA+B,GAE/BC,kCAAmC,KAEnCC,kBAAmB,aAEnBC,0BAA2B,qBAE3BC,EAAS,CACTC,oBAAqB,gBACrBC,sBAAuB,oBAM3B,SAAWZ,GACPA,EAAuB,YAAc,WACrCA,EAAuB,YAAc,YAFzC,CAGGA,IAA2BA,EAAyB,KAKvD,SAAWC,GACPA,EAAcA,EAAc,eAAiB,KAAO,cACpDA,EAAcA,EAAc,kBAAoB,KAAO,iBAF3D,CAGGA,IAAkBA,EAAgB,KAKrC,SAAWC,GACPA,EAAuB,yBAA2B,IAClDA,EAAuB,kBAAoB,IAC3CA,EAAuB,wBAA0B,IACjDA,EAAuB,QAAU,IAJrC,CAKGA,IAA2BA,EAAyB,KAKvD,SAAWC,GACPA,EAAwB,+BAAiC,IACzDA,EAAwB,gCAAkC,IAC1DA,EAAwB,2BAA6B,IACrDA,EAAwB,uCAAyC,IACjEA,EAAwB,mCAAqC,IALjE,CAMGA,IAA4BA,EAA0B,KAEzD,SAAWC,GACPA,EAAa,gBAAkB,IAC/BA,EAAa,iBAAmB,IAChCA,EAAa,0BAA4B,IACzCA,EAAa,+BAAiC,IAC9CA,EAAa,+BAAiC,IALlD,CAMGA,IAAiBA,EAAe,M,kCCtWnC,8DASIS,EAAiC,WACjC,SAASA,KAoFT,OA9EAA,EAAgBC,6BAA+B,SAAUC,GACrD,OAAO,OAAoBP,kBAAoB,IAAMlK,KAAKC,UAAUwK,IAOxEF,EAAgBG,WAAa,SAAUC,EAAcF,GACjD,IAAIG,EACAC,EAAMN,EAAgBC,6BAA6BC,GACnDK,EAAQH,EAAaI,mBAAmBF,GAC5C,GAAIC,EAAO,CACP,GAAIA,EAAME,aAAeC,KAAKC,MAE1B,YADAP,EAAaQ,WAAWN,EAAK,OAAgBO,YAGjD,MAAM,IAAI,QAAyC,QAA3BR,EAAKE,EAAMO,kBAA+B,IAAPT,OAAgB,EAASA,EAAGnL,KAAK,OAAS,OAAUqH,aAAcgE,EAAMQ,aAAcR,EAAMS,YAS/JhB,EAAgBiB,YAAc,SAAUb,EAAcF,EAAYgB,GAC9D,GAAIlB,EAAgBmB,oBAAoBD,IAAalB,EAAgBoB,2BAA2BF,GAAW,CACvG,IAAIG,EAAkB,CAClBZ,aAAcT,EAAgBsB,sBAAsBC,SAASL,EAASM,QAAQ,OAAYC,eAC1F1L,MAAOmL,EAASQ,KAAK3L,MACrB+K,WAAYI,EAASQ,KAAKC,YAC1BZ,aAAcG,EAASQ,KAAK5L,kBAC5BkL,SAAUE,EAASQ,KAAKE,UAE5BxB,EAAayB,mBAAmB7B,EAAgBC,6BAA6BC,GAAamB,KAOlGrB,EAAgBmB,oBAAsB,SAAUD,GAC5C,OAA2B,MAApBA,EAASY,QAAkBZ,EAASY,QAAU,KAAOZ,EAASY,OAAS,KAMlF9B,EAAgBoB,2BAA6B,SAAUF,GACnD,QAAIA,EAASM,UACFN,EAASM,QAAQO,eAAe,OAAYN,eAAiBP,EAASY,OAAS,KAAOZ,EAASY,QAAU,OAQxH9B,EAAgBsB,sBAAwB,SAAUb,GAC9C,IAAIuB,EAAOvB,GAAgB,EAAI,EAAIA,EAC/BwB,EAAiBvB,KAAKC,MAAQ,IAClC,OAAOuB,KAAKC,MAAuK,IAAjKD,KAAKE,IAAIH,GAAkBD,GAAQ,OAAoBvC,+BAAgCwC,EAAiB,OAAoBvC,qCAElJM,EAAgBqC,eAAiB,SAAUjC,EAAckC,EAAUC,EAASC,GACxE,IAAItC,EAAa,CACboC,SAAUA,EACVG,UAAWF,EAAQE,UACnB1K,OAAQwK,EAAQxK,OAChByK,sBAAuBA,EACvBE,qBAAsBH,EAAQG,qBAC9BC,sBAAuBJ,EAAQI,sBAC/BC,mBAAoBL,EAAQK,mBAC5BC,UAAWN,EAAQM,WAEnBvC,EAAM/O,KAAK0O,6BAA6BC,GAC5C,OAAOE,EAAaQ,WAAWN,EAAK,OAAgBO,aAEjDb,EArFyB,I,oCCTpC;;AAGA,IAAI8C,EAAO,qBACPC,EAAU,S,oCCJd,0EAUIC,EAAwC,WACxC,SAASA,EAAuBC,EAAkB7C,GAC9C7O,KAAK2R,aAAe,OAAaC,aACjC5R,KAAK6O,aAAeA,EACpB7O,KAAK6R,MAAQH,EAAiBG,MAC9B7R,KAAK8R,cAAgBJ,EAAiBI,cACtC9R,KAAK+R,WAAaL,EAAiBK,YAAc,OAAU/G,aAC3DhL,KAAKgS,WAAaN,EAAiBM,YAAc,OAAUhH,aAC3DhL,KAAKiS,kBAAoB,OAAuBlF,UAAY,OAAWmF,oBAAsBR,EAAiBX,SAiJlH,OA5IAU,EAAuBjR,UAAU2R,kCAAoC,WACjE,IAAInB,EAAU,GAAKhR,KAAK6R,MAAQ,OAAuBrE,gBAAkBxN,KAAK2R,aAC1ES,EAAiB,CAACpS,KAAK+R,WAAY/R,KAAKgS,YAAYrO,KAAK,OAAuB6J,iBAChF6E,EAAwBrS,KAAKsS,2BAC7BC,EAAmC,CAACvB,EAASqB,GAAuB1O,KAAK,OAAuB6J,iBACpG,MAAO,CAAC,OAAuBL,eAAgBoF,EAAkCH,GAAgBzO,KAAK,OAAuB4J,qBAKjIkE,EAAuBjR,UAAUgS,+BAAiC,WAC9D,IAAIC,EAAezS,KAAK0S,kBACpBC,EAAYlB,EAAuBmB,gBAAgBH,GACnDI,EAAiBJ,EAAaI,eAAe9R,MAAM,EAAG,EAAI4R,GAAWhP,KAAK,OAAuB6J,iBACjGsF,EAASL,EAAaK,OAAO/R,MAAM,EAAG4R,GAAWhP,KAAK,OAAuB6J,iBAC7EuF,EAAaN,EAAaK,OAAO3Q,OAEjC6Q,EAAWL,EAAYI,EAAa,OAAuBtF,cAAgB,OAAuBC,eAClG0E,EAAiB,CAACW,EAAYC,GAAUrP,KAAK,OAAuB6J,iBACxE,MAAO,CAAC,OAAuBL,eAAgBsF,EAAaQ,UAAWJ,EAAgBC,EAAQV,GAAgBzO,KAAK,OAAuB4J,qBAM/IkE,EAAuBjR,UAAU0S,mBAAqB,SAAU1O,GAC5D,IAAIiO,EAAezS,KAAK0S,kBACpBD,EAAaK,OAAO3Q,QAAU,OAAuBmL,oBAErDmF,EAAaI,eAAeM,QAC5BV,EAAaI,eAAeM,QAC5BV,EAAaK,OAAOK,SAExBV,EAAaI,eAAe3J,KAAKlJ,KAAK6R,MAAO7R,KAAK8R,eAC7C,OAAY5R,QAAQsE,EAAMiL,UAGrB,OAAYvP,QAAQsE,EAAM4O,WAGzB5O,GAASA,EAAM6O,WACtBZ,EAAaK,OAAO5J,KAAK1E,EAAM6O,YAG/BZ,EAAaK,OAAO5J,KAAK,OAAuByE,eANhD8E,EAAaK,OAAO5J,KAAK1E,EAAM4O,WAH/BX,EAAaK,OAAO5J,KAAK1E,EAAMiL,UAWnCzP,KAAK6O,aAAayE,mBAAmBtT,KAAKiS,kBAAmBQ,IAMjEhB,EAAuBjR,UAAU+S,mBAAqB,WAClD,IAAId,EAAezS,KAAK0S,kBAGxB,OAFAD,EAAaQ,WAAa,EAC1BjT,KAAK6O,aAAayE,mBAAmBtT,KAAKiS,kBAAmBQ,GACtDA,EAAaQ,WAKxBxB,EAAuBjR,UAAUkS,gBAAkB,WAC/C,IAAIc,EAAe,IAAI,OACnBf,EAAezS,KAAK6O,aAAa4E,mBAAmBzT,KAAKiS,mBAC7D,OAAOQ,GAAgBe,GAK3B/B,EAAuBjR,UAAUkT,oBAAsB,WACnD,IAAIjB,EAAezS,KAAK0S,kBACpBiB,EAAmBlC,EAAuBmB,gBAAgBH,GAC1DM,EAAaN,EAAaK,OAAO3Q,OACrC,GAAIwR,IAAqBZ,EAErB/S,KAAK6O,aAAaQ,WAAWrP,KAAKiS,uBAEjC,CAED,IAAI2B,EAAoB,IAAI,OAC5BA,EAAkBf,eAAiBJ,EAAaI,eAAe9R,MAAyB,EAAnB4S,GACrEC,EAAkBd,OAASL,EAAaK,OAAO/R,MAAM4S,GACrD3T,KAAK6O,aAAayE,mBAAmBtT,KAAKiS,kBAAmB2B,KAOrEnC,EAAuBmB,gBAAkB,SAAUiB,GAC/C,IAAIC,EACAnB,EAAY,EACZoB,EAAW,EACXhB,EAAac,EAAsBf,OAAO3Q,OAC9C,IAAK2R,EAAI,EAAGA,EAAIf,EAAYe,IAAK,CAE7B,IAAIjC,EAAQgC,EAAsBhB,eAAe,EAAIiB,IAAM,OAAU9I,aACjE8G,EAAgB+B,EAAsBhB,eAAe,EAAIiB,EAAI,IAAM,OAAU9I,aAC7EoI,EAAYS,EAAsBf,OAAOgB,IAAM,OAAU9I,aAG7D,GADA+I,GAAYlC,EAAMwB,WAAWlR,OAAS2P,EAAcuB,WAAWlR,OAASiR,EAAUjR,OAAS,IACvF4R,EAAW,OAAuB1G,uBAKlC,MAHAsF,GAAa,EAMrB,OAAOA,GAOXlB,EAAuBjR,UAAU8R,yBAA2B,WACxD,IAAID,EAAwB,GAI5B,OAHAA,EAAsBnJ,KAAKlJ,KAAKgU,YAAc,IAC9C3B,EAAsBnJ,KAAKlJ,KAAKiU,cAAgB,IAChD5B,EAAsBnJ,KAAKlJ,KAAKkU,eAAiB,IAC1C7B,EAAsB1O,KAAK,MAQtC8N,EAAuBjR,UAAU2T,8BAAgC,SAAUC,GACvEpU,KAAKgU,WAAaI,EAAwBC,YAC1CrU,KAAKiU,aAAeG,EAAwBE,cAC5CtU,KAAKkU,cAAgBE,EAAwBG,gBAKjD9C,EAAuBjR,UAAUgU,gBAAkB,SAAU7C,GACzD3R,KAAK2R,aAAeA,GAEjBF,EAzJgC,I,kCCV3C,sFAWIgD,EAAgC,WAChC,SAASA,EAAeC,EAAe7F,GACnC7O,KAAK0U,cAAgBA,EACrB1U,KAAK6O,aAAeA,EAqCxB,OA7BA4F,EAAejU,UAAUmU,gBAAkB,SAAUhG,EAAYiG,EAAeC,GAC5E,OAAO,eAAU7U,UAAM,OAAQ,GAAQ,WACnC,IAAI2P,EAAUmF,EACd,OAAO,eAAY9U,MAAM,SAAU8O,GAC/B,OAAQA,EAAGiG,OACP,KAAK,EACD,OAAgBnG,WAAW5O,KAAK6O,aAAcF,GAC9CG,EAAGiG,MAAQ,EACf,KAAK,EAED,OADAjG,EAAGkG,KAAK9L,KAAK,CAAC,EAAG,EAAG,CAAE,IACf,CAAC,EAAalJ,KAAK0U,cAAcO,qBAAqBL,EAAeC,IAChF,KAAK,EAED,OADAlF,EAAWb,EAAGoG,OACP,CAAC,EAAa,GACzB,KAAK,EAED,MADAJ,EAAMhG,EAAGoG,OACLJ,aAAe,OACTA,EAGA,OAAgBK,mBAAmBP,EAAeE,GAEhE,KAAK,EAED,OADA,OAAgBpF,YAAY1P,KAAK6O,aAAcF,EAAYgB,GACpD,CAAC,EAAcA,WAKnC8E,EAxCwB,I,kCCXnC,wEAYIW,EAZJ,yBAaA,SAAWA,GACPA,EAASA,EAAS,SAAW,GAAK,QAClCA,EAASA,EAAS,WAAa,GAAK,UACpCA,EAASA,EAAS,QAAU,GAAK,OACjCA,EAASA,EAAS,WAAa,GAAK,UACpCA,EAASA,EAAS,SAAW,GAAK,SALtC,CAMGA,IAAaA,EAAW,KAI3B,IAAIC,EAAwB,WACxB,SAASA,EAAOC,EAAeC,EAAaC,GAExCxV,KAAKyV,MAAQL,EAASM,KACtB,IAAIC,EAAwB,aAG5B3V,KAAK4V,cAAgBN,EAAcO,gBAAkBF,EACrD3V,KAAK8V,kBAAoBR,EAAcQ,oBAAqB,EAC5D9V,KAAKyV,MAA4C,kBAA5BH,EAAsB,SAAiBA,EAAcS,SAAWX,EAASM,KAC9F1V,KAAK8R,cAAgBwD,EAAcxD,eAAiB,GACpD9R,KAAKuV,YAAcA,GAAe,OAAUvK,aAC5ChL,KAAKwV,eAAiBA,GAAkB,OAAUxK,aAiJtD,OA5IAqK,EAAO7U,UAAUwV,MAAQ,SAAUT,EAAaC,EAAgB1D,GAC5D,OAAO,IAAIuD,EAAO,CAAEQ,eAAgB7V,KAAK4V,cAAeE,kBAAmB9V,KAAK8V,kBAAmBC,SAAU/V,KAAKyV,MAAO3D,cAAeA,GAAiB9R,KAAK8R,eAAiByD,EAAaC,IAKhMH,EAAO7U,UAAUyV,WAAa,SAAUA,EAAYpB,GAChD,KAAKA,EAAQkB,SAAW/V,KAAKyV,QAAYzV,KAAK8V,mBAAqBjB,EAAQqB,aAA3E,CAGA,IAEIC,EAFAC,GAAY,IAAIjH,MAAOkH,cAUvBF,EAPC,OAAYjW,QAAQ2U,EAAQ/C,eAGvB,OAAY5R,QAAQF,KAAK8R,eAInB,IAAMsE,EAAY,IAHlB,IAAMA,EAAY,QAAUpW,KAAK8R,cAAgB,IAHjD,IAAMsE,EAAY,QAAUvB,EAAQ/C,cAAgB,IAQpE,IAAIwE,EAAMH,EAAY,MAAQnW,KAAKuV,YAAc,IAAMvV,KAAKwV,eAAiB,MAAQJ,EAASP,EAAQkB,UAAY,MAAQE,EAE1HjW,KAAKuW,gBAAgB1B,EAAQkB,SAAUO,EAAKzB,EAAQqB,cAAe,KAKvEb,EAAO7U,UAAU+V,gBAAkB,SAAUd,EAAOe,EAASN,GACrDlW,KAAK4V,eACL5V,KAAK4V,cAAcH,EAAOe,EAASN,IAM3Cb,EAAO7U,UAAUgE,MAAQ,SAAUgS,EAAS1E,GACxC9R,KAAKiW,WAAWO,EAAS,CACrBT,SAAUX,EAASqB,MACnBP,aAAa,EACbpE,cAAeA,GAAiB,MAMxCuD,EAAO7U,UAAUkW,SAAW,SAAUF,EAAS1E,GAC3C9R,KAAKiW,WAAWO,EAAS,CACrBT,SAAUX,EAASqB,MACnBP,aAAa,EACbpE,cAAeA,GAAiB,MAMxCuD,EAAO7U,UAAUmW,QAAU,SAAUH,EAAS1E,GAC1C9R,KAAKiW,WAAWO,EAAS,CACrBT,SAAUX,EAASwB,QACnBV,aAAa,EACbpE,cAAeA,GAAiB,MAMxCuD,EAAO7U,UAAUqW,WAAa,SAAUL,EAAS1E,GAC7C9R,KAAKiW,WAAWO,EAAS,CACrBT,SAAUX,EAASwB,QACnBV,aAAa,EACbpE,cAAeA,GAAiB,MAMxCuD,EAAO7U,UAAUsW,KAAO,SAAUN,EAAS1E,GACvC9R,KAAKiW,WAAWO,EAAS,CACrBT,SAAUX,EAASM,KACnBQ,aAAa,EACbpE,cAAeA,GAAiB,MAMxCuD,EAAO7U,UAAUuW,QAAU,SAAUP,EAAS1E,GAC1C9R,KAAKiW,WAAWO,EAAS,CACrBT,SAAUX,EAASM,KACnBQ,aAAa,EACbpE,cAAeA,GAAiB,MAMxCuD,EAAO7U,UAAUwW,QAAU,SAAUR,EAAS1E,GAC1C9R,KAAKiW,WAAWO,EAAS,CACrBT,SAAUX,EAAS6B,QACnBf,aAAa,EACbpE,cAAeA,GAAiB,MAMxCuD,EAAO7U,UAAU0W,WAAa,SAAUV,EAAS1E,GAC7C9R,KAAKiW,WAAWO,EAAS,CACrBT,SAAUX,EAAS6B,QACnBf,aAAa,EACbpE,cAAeA,GAAiB,MAMxCuD,EAAO7U,UAAU2W,MAAQ,SAAUX,EAAS1E,GACxC9R,KAAKiW,WAAWO,EAAS,CACrBT,SAAUX,EAASgC,MACnBlB,aAAa,EACbpE,cAAeA,GAAiB,MAMxCuD,EAAO7U,UAAU6W,SAAW,SAAUb,EAAS1E,GAC3C9R,KAAKiW,WAAWO,EAAS,CACrBT,SAAUX,EAASgC,MACnBlB,aAAa,EACbpE,cAAeA,GAAiB,MAMxCuD,EAAO7U,UAAU8W,oBAAsB,WACnC,OAAOtX,KAAK8V,oBAAqB,GAE9BT,EA7JgB,I,kCCvB3B,0QA6BIkC,EAAiC,WACjC,SAASA,EAAgBxG,EAAUyG,EAAc5S,EAAW6S,EAAQC,EAAmBC,GACnF3X,KAAK+Q,SAAWA,EAChB/Q,KAAKwX,aAAeA,EACpBxX,KAAK4E,UAAYA,EACjB5E,KAAKyX,OAASA,EACdzX,KAAK0X,kBAAoBA,EACzB1X,KAAK2X,kBAAoBA,EAmP7B,OA3OAJ,EAAgB/W,UAAUoX,wCAA0C,SAAUC,EAAoBC,EAAalT,GAC3G,IAAKiT,EAAmBpT,QAAUqT,EAC9B,MAAOD,EAAmBpT,MAAmE,OAAgBsT,yBAAyB,gBAApG,OAAgBA,yBAAyB,gBAE/E,GAAIC,mBAAmBH,EAAmBpT,SAAWuT,mBAAmBF,GACpE,MAAM,OAAgBG,2BAG1B,GAAIJ,EAAmBrT,OAASqT,EAAmBtT,mBAAqBsT,EAAmBxH,SAAU,CACjG,GAAI,OAA6B6H,2BAA2BL,EAAmBrT,MAAOqT,EAAmBtT,kBAAmBsT,EAAmBxH,UAC3I,MAAM,IAAI,OAA6BwH,EAAmBrT,OAAS,OAAUwG,aAAc6M,EAAmBtT,kBAAmBsT,EAAmBxH,UAExJ,MAAM,IAAI,OAAYwH,EAAmBrT,OAAS,OAAUwG,aAAc6M,EAAmBtT,kBAAmBsT,EAAmBxH,UAEnIwH,EAAmBM,aACnB,eAAgBN,EAAmBM,YAAavT,IAOxD2S,EAAgB/W,UAAU4X,sBAAwB,SAAUC,GAExD,GAAIA,EAAe7T,OAAS6T,EAAe9T,mBAAqB8T,EAAehI,SAAU,CACrF,GAAI,OAA6B6H,2BAA2BG,EAAe7T,MAAO6T,EAAe9T,kBAAmB8T,EAAehI,UAC/H,MAAM,IAAI,OAA6BgI,EAAe7T,MAAO6T,EAAe9T,kBAAmB8T,EAAehI,UAElH,IAAIiI,EAAYD,EAAejI,YAAc,OAASiI,EAAejC,UAAY,MAAQiC,EAAe9T,kBAAoB,sBAAwB8T,EAAeE,eAAiB,gBAAkBF,EAAeG,SACrN,MAAM,IAAI,OAAYH,EAAe7T,MAAO8T,EAAWD,EAAehI,YAQ9EkH,EAAgB/W,UAAUiY,0BAA4B,SAAUC,EAAqBxH,EAAWyH,EAAc3H,EAAS4H,EAAiBC,EAAcC,GAClJ,OAAO,eAAU9Y,UAAM,OAAQ,GAAQ,WACnC,IAAI+Y,EAAYC,EAAiBC,EAAaC,EAAcnK,EAAKoK,EACjE,OAAO,eAAYnZ,MAAM,SAAU8O,GAC/B,OAAQA,EAAGiG,OACP,KAAK,EACD,GAAI2D,EAAoBU,WACpBL,EAAa,IAAI,OAAUL,EAAoBU,UAAY,OAAUpO,aAAchL,KAAK4E,WAEpFgU,IAAoB,OAAY1Y,QAAQ0Y,EAAgBS,QACpDN,EAAWO,OAAOD,QAAUT,EAAgBS,OAC5C,MAAM,OAAgBE,2BAKlCvZ,KAAKiR,sBAAwB,OAAcuI,sBAAsBd,EAAoBP,aAAe,OAAUnN,aAAckG,EAAUuI,cAAezZ,KAAKyX,OAAQzX,KAAK4E,UAAWmU,GAC5KH,GAAqBA,EAAgBnU,QACvCuU,EAAkB,OAAcxT,kBAAkBxF,KAAK4E,UAAWgU,EAAgBnU,QAEtFwU,EAAcjZ,KAAK0Z,oBAAoBhB,EAAqBxH,EAAWyH,EAAcI,EAAY/H,EAAQxK,OAAQqS,EAAcD,GAC/H9J,EAAGiG,MAAQ,EACf,KAAK,EAED,OADAjG,EAAGkG,KAAK9L,KAAK,CAAC,EAAG,CAAE,EAAG,IAChBlJ,KAAK2X,mBAAqB3X,KAAK0X,mBACrC1X,KAAKyX,OAAOT,QAAQ,kDACpBkC,EAAe,IAAI,OAAkBlZ,KAAK0X,mBAAmB,GACtD,CAAC,EAAa1X,KAAK2X,kBAAkBgC,kBAAkBT,KAHE,CAAC,EAAa,GAIlF,KAAK,EACDpK,EAAGoG,OACHpG,EAAGiG,MAAQ,EACf,KAAK,EAMD,OAAI+D,GAAgCG,EAAYE,UAC5CpK,EAAMkK,EAAYE,QAAQS,qBAC1BT,EAAUnZ,KAAKwX,aAAaqC,WAAW9K,IAClCoK,IACDnZ,KAAKyX,OAAOd,QAAQ,uGACb,CAAC,EAAcY,EAAgBuC,6BAA6B9Z,KAAK4E,UAAWsM,EAAW+H,GAAa,EAAOjI,EAAS+H,EAAYC,KAGxI,CAAC,EAAahZ,KAAKwX,aAAauC,gBAAgBd,IAC3D,KAAK,EAED,OADAnK,EAAGoG,OACI,CAAC,EAAa,GACzB,KAAK,EACD,OAAMlV,KAAK2X,mBAAqB3X,KAAK0X,mBAAqBwB,GAC1DlZ,KAAKyX,OAAOT,QAAQ,iDACb,CAAC,EAAahX,KAAK2X,kBAAkBqC,iBAAiBd,KAFmB,CAAC,EAAa,GAGlG,KAAK,EACDpK,EAAGoG,OACHpG,EAAGiG,MAAQ,EACf,KAAK,EAAG,MAAO,CAAC,GAChB,KAAK,EAAG,MAAO,CAAC,EAAcwC,EAAgBuC,6BAA6B9Z,KAAK4E,UAAWsM,EAAW+H,GAAa,EAAOjI,EAAS+H,EAAYC,YAW/JzB,EAAgB/W,UAAUkZ,oBAAsB,SAAUhB,EAAqBxH,EAAWyH,EAAcI,EAAYkB,EAAepB,EAAcD,GAC7I,IAKIsB,EACAC,EANAC,EAAMlJ,EAAUmJ,oBACpB,GAAI,OAAYna,QAAQka,GACpB,MAAM,OAAgBE,sCAKrB,OAAYpa,QAAQwY,EAAoBU,WAAeL,IACxDmB,EAAgB,OAAcK,oBAAoBva,KAAKiR,sBAAuBmJ,EAAK1B,EAAoBU,UAAY,OAAUpO,aAAchL,KAAK+Q,SAAUgI,EAAWO,OAAOkB,KAAO,OAAUxP,aAAc6N,GAC3MsB,EAAgBna,KAAKya,sBAAsB/B,EAAqBK,EAAY7H,EAAW2H,EAAcD,IAGzG,IAAI8B,EAAoB,KACxB,IAAK,OAAYxa,QAAQwY,EAAoBiC,cAAe,CAExD,IAAIC,EAAiBlC,EAAoB/R,MAAQ,OAASE,WAAW6R,EAAoB/R,OAAS,IAAI,OAASsT,GAAiB,IAK5HY,GAAuD,kBAAnCnC,EAAoBoC,WAA0B9K,SAAS0I,EAAoBoC,WAAY,IAAMpC,EAAoBoC,aAAe,EACpJC,GAA8D,kBAAvCrC,EAAoBsC,eAA8BhL,SAAS0I,EAAoBsC,eAAgB,IAAMtC,EAAoBsC,iBAAmB,EACnKC,GAAuD,kBAAnCvC,EAAoBwC,WAA0BlL,SAAS0I,EAAoBwC,WAAY,IAAMxC,EAAoBwC,kBAAeC,EACpJC,EAAyBzC,EAAekC,EACxCQ,EAAiCD,EAAyBL,EAC1DO,EAAmBL,GAAaA,EAAY,EAAItC,EAAesC,OAAYE,EAE/ET,EAAoB,OAAkBa,wBAAwBvb,KAAKiR,sBAAuBmJ,EAAK1B,EAAoBiC,cAAgB,OAAU3P,aAAchL,KAAK+Q,SAAUgI,EAAaA,EAAWO,OAAOkB,KAAO,OAAUxP,aAAekG,EAAUsK,OAAQZ,EAAezR,cAAeiS,EAAwBC,EAAgCrb,KAAK4E,UAAW0W,EAAkB5C,EAAoB+C,WAAY5C,GAGvZ,IAAI6C,EAAqB,KACpB,OAAYxb,QAAQwY,EAAoBiD,iBACzCD,EAAqB,OAAmBE,yBAAyB5b,KAAKiR,sBAAuBmJ,EAAK1B,EAAoBiD,eAAiB,OAAU3Q,aAAchL,KAAK+Q,SAAU2H,EAAoBmD,KAAMhD,IAG5M,IAAIiD,EAAoB,KAIxB,OAHK,OAAY5b,QAAQwY,EAAoBmD,QACzCC,EAAoB,OAAkBC,wBAAwB/b,KAAK+Q,SAAUqJ,EAAK1B,EAAoBmD,OAEnG,IAAI,OAAY1B,EAAeD,EAAeQ,EAAmBgB,EAAoBI,IAQhGvE,EAAgB/W,UAAUia,sBAAwB,SAAU/B,EAAqBsD,EAAS9K,EAAW2H,EAAcD,GAC/G,IAAIa,EAAgBvI,EAAUuI,cAC1BwC,EAAqBrD,EAAkBA,EAAgBsD,sBAAwB,GAC/EC,EAAcvD,EAAkBA,EAAgBwD,aAAe,GAEnE,GAAI3C,IAAkB,OAAc4C,KAEhC,OADArc,KAAKyX,OAAOT,QAAQ,iDACb,OAAcsF,qBAAqBtc,KAAKiR,sBAAuB+K,EAAS9K,EAAW2H,EAAcoD,EAAoBE,GAGhI,GAAI,OAAYjc,QAAQwY,EAAoBP,cAA2C,QAA3BjH,EAAUqL,aAClE,MAAM,OAAgBC,6BAE1B,OAAO9D,EAAoBP,YACvB,OAAcsE,cAAc/D,EAAoBP,YAAanY,KAAKiR,sBAAuB+K,EAAS9K,EAAW2H,EAAcoD,EAAoBE,GAC/I,OAAcG,qBAAqBtc,KAAKiR,sBAAuB+K,EAAS9K,EAAW2H,EAAcoD,EAAoBE,IAY7H5E,EAAgBuC,6BAA+B,SAAUlV,EAAWsM,EAAW+H,EAAayD,EAAgB1L,EAAS+H,EAAY4D,GAC7H,IAAI7N,EAAI8N,EAAIC,EACZ,OAAO,eAAU7c,UAAM,OAAQ,GAAQ,WACnC,IAAI8c,EAAalC,EAAgBmC,EAAWC,EAAcC,EAAUC,EAAmBC,EAAK3C,EAC5F,OAAO,eAAYxa,MAAM,SAAUod,GAC/B,OAAQA,EAAGrI,OACP,KAAK,EAKD,OAJA+H,EAAc,GACdlC,EAAiB,GACjBmC,EAAY,KACZE,EAAW,OAAUjS,aAChBiO,EAAY6D,YACX7D,EAAY6D,YAAYO,YAAc,OAAqBC,IAAa,CAAC,EAAa,IAC5FJ,EAAoB,IAAI,OAAkBtY,GACnC,CAAC,EAAasY,EAAkBK,aAAatE,EAAY6D,YAAYU,OAAQxM,KAH/C,CAAC,EAAa,GAIvD,KAAK,EAED,OADA8L,EAAcM,EAAGlI,OACV,CAAC,EAAa,GACzB,KAAK,EACD4H,EAAc7D,EAAY6D,YAAYU,OACtCJ,EAAGrI,MAAQ,EACf,KAAK,EACD6F,EAAiB,OAAS/T,WAAWoS,EAAY6D,YAAYW,QAAQhW,UACrEsV,EAAY,IAAI5N,KAAiD,IAA5CuO,OAAOzE,EAAY6D,YAAYC,YACpDC,EAAe,IAAI7N,KAAyD,IAApDuO,OAAOzE,EAAY6D,YAAYa,oBACvDP,EAAGrI,MAAQ,EACf,KAAK,EAMD,OALIkE,EAAY2E,cACZX,EAAWhE,EAAY2E,YAAYX,WAAa,OAAgB,OAAgB,OAAUjS,cAE9FmS,GAAsB,OAAfpE,QAAsC,IAAfA,OAAwB,EAASA,EAAWO,OAAOuE,OAAwB,OAAf9E,QAAsC,IAAfA,OAAwB,EAASA,EAAWO,OAAOwE,MAAQ,OAAU9S,aACtLwP,GAAsB,OAAfzB,QAAsC,IAAfA,OAAwB,EAASA,EAAWO,OAAOkB,MAAQ,OAAUxP,aAC5F,CAAC,EAAc,CACdkG,UAAWA,EAAU6M,mBACrBC,SAAUb,EACVnb,SAAUwY,EACVhU,OAAQoU,EACRzB,QAASF,EAAYE,QAAUF,EAAYE,QAAQ8E,iBAAmB,KACtEjC,QAASjD,EAAaA,EAAWmF,SAAW,OAAUlT,aACtDmT,cAAepF,EAAaA,EAAWO,OAAS,GAChDwD,YAAaA,EACbsB,UAAW1B,EACXK,UAAWA,EACXjL,cAAed,EAAQc,cACvBkL,aAAcA,EACdC,SAAUA,EACVI,WAA+C,QAAlCvO,EAAKmK,EAAY6D,mBAAgC,IAAPhO,OAAgB,EAASA,EAAGuO,YAAc,OAAUrS,aAC3GvG,MAAOkY,EAAeA,EAAa5W,iBAAmB,OAAUiF,aAChEiR,oBAAoD,QAA9BW,EAAK3D,EAAYE,eAA4B,IAAPyD,OAAgB,EAASA,EAAGX,qBAAuB,OAAUjR,aACzHqT,aAA6C,QAA9BxB,EAAK5D,EAAYE,eAA4B,IAAP0D,OAAgB,EAASA,EAAGwB,cAAgB,OAAUrT,uBAMhIuM,EA1PyB,I,kCC7BpC,kDAWI+G,EAA6B,WAC7B,SAASA,KAgHT,OAzGAA,EAAYC,gBAAkB,SAAUC,GACpC,GAAIF,EAAYpe,QAAQse,GACpB,MAAM,OAAgBC,4BAA4BD,GAEtD,IAAIE,EAAkB,uCAClBC,EAAUD,EAAgBE,KAAKJ,GACnC,IAAKG,GAAWA,EAAQxc,OAAS,EAC7B,MAAM,OAAgB0c,wBAAwB,6BAA+B3a,KAAKC,UAAUqa,IAEhG,IAAIM,EAAe,CACfC,OAAQJ,EAAQ,GAChBK,WAAYL,EAAQ,GACpBM,OAAQN,EAAQ,IAEpB,OAAOG,GAOXR,EAAYpe,QAAU,SAAUgf,GAC5B,MAAuB,qBAARA,IAAwBA,GAAO,IAAMA,EAAI/c,QAM5Dmc,EAAYa,WAAa,SAAUC,GAC/B,GAAIA,IAAWd,EAAYpe,QAAQkf,GAC/B,IACI,IAAIC,EAAMnb,KAAK4B,MAAMsZ,GACrB,OAAmC,IAA5B9e,OAAOgf,KAAKD,GAAKld,OAE5B,MAAOhB,IAEX,OAAO,GAEXmd,EAAYiB,WAAa,SAAUL,EAAKM,GACpC,OAA+B,IAAxBN,EAAItd,QAAQ4d,IAEvBlB,EAAYxd,SAAW,SAAUoe,EAAKM,GAClC,OAAQN,EAAI/c,QAAUqd,EAAOrd,QAAY+c,EAAIO,YAAYD,KAAaN,EAAI/c,OAASqd,EAAOrd,QAO9Fmc,EAAYta,oBAAsB,SAAU0b,GACxC,IAAIL,EAAM,GACNM,EAASD,EAAM5d,MAAM,KACrB8d,EAAS,SAAUC,GAAK,OAAO7H,mBAAmB6H,EAAEC,QAAQ,MAAO,OASvE,OARAH,EAAOjZ,SAAQ,SAAUqZ,GACrB,GAAIA,EAAK/X,OAAQ,CACb,IAAI8G,EAAKiR,EAAKje,MAAM,SAAU,GAAIiN,EAAMD,EAAG,GAAIE,EAAQF,EAAG,GACtDC,GAAOC,IACPqQ,EAAIO,EAAO7Q,IAAQ6Q,EAAO5Q,QAI/BqQ,GAOXf,EAAYlY,iBAAmB,SAAU4Z,GACrC,OAAOA,EAAIC,KAAI,SAAUC,GAAS,OAAOA,EAAMlY,WAMnDsW,EAAYhY,4BAA8B,SAAU0Z,GAChD,OAAOA,EAAIjd,QAAO,SAAUmd,GACxB,OAAQ5B,EAAYpe,QAAQggB,OAOpC5B,EAAY6B,gBAAkB,SAAUjB,GACpC,IACI,OAAOhb,KAAK4B,MAAMoZ,GAEtB,MAAO/d,GACH,OAAO,OAQfmd,EAAY8B,aAAe,SAAUC,EAASC,GAK1C,IAAIC,EAAQ,IAAI9d,OAAO4d,EAAQP,QAAQ,MAAO,QAAQA,QAAQ,MAAO,SAASA,QAAQ,MAAO,QAC7F,OAAOS,EAAMC,KAAKF,IAEfhC,EAjHqB;+ECXhC,kDAQImC,EAAuB,CACvBC,oBAAqB,WACjB,IAAIC,EAAa,gGACjB,OAAOC,QAAQC,OAAO,OAAUC,sBAAsBH,KAE1D1L,qBAAsB,WAClB,IAAI0L,EAAa,iGACjB,OAAOC,QAAQC,OAAO,OAAUC,sBAAsBH;iLCF1D,EAAkC,WAClC,SAASI,KAyET,OAnEAA,EAAiBC,oBAAsB,SAAUC,GAC7C,GAAI3C,EAAA,KAAYpe,QAAQ+gB,GACpB,MAAMC,EAAA,KAAyBC,+BAOvCJ,EAAiBK,eAAiB,SAAUC,GACxC,IAAIC,EAAe,GACnB,IAAK,IAAItS,KAAS,OACdsS,EAAapY,KAAK,OAAY8F,IAElC,GAAIsS,EAAa1f,QAAQyf,GAAU,EAC/B,MAAMH,EAAA,KAAyBK,yBAAyBF,IAGhEN,EAAiBS,eAAiB,SAAUlI,GACxC,IACIpV,KAAK4B,MAAMwT,GAEf,MAAOnY,GACH,MAAM+f,EAAA,KAAyBO,oCAQvCV,EAAiBW,4BAA8B,SAAUC,EAAeC,GACpE,GAAItD,EAAA,KAAYpe,QAAQyhB,IAAkBrD,EAAA,KAAYpe,QAAQ0hB,GAC1D,MAAMV,EAAA,KAAyBW,wCAG/B7hB,KAAK8hB,4BAA4BF,IAOzCb,EAAiBe,4BAA8B,SAAUF,GACrD,GAAI,CACA,OAA0BpV,MAC1B,OAA0BC,MAC5B7K,QAAQggB,GAAuB,EAC7B,MAAMV,EAAA,KAAyBa,yCAOvChB,EAAiBiB,iBAAmB,SAAUC,EAAUC,GACpD,OAAKD,GAILC,EAAYxb,SAAQ,SAAUsI,EAAOD,GAC7BkT,EAASlT,WACFkT,EAASlT,MAGjBkT,GARI,IAURlB,EA1E0B,GCAjC,EAAyC,WACzC,SAASoB,IACLniB,KAAKqE,WAAa,IAAI+d,IAgU1B,OA3TAD,EAAwB3hB,UAAU6hB,oBAAsB,WACpDriB,KAAKqE,WAAWie,IAAI,OAAmBC,cAAeC,mBAAmB/Y,EAAA,KAAUe,sBAMvF2X,EAAwB3hB,UAAUiiB,gBAAkB,SAAUC,GAC1D1iB,KAAKqE,WAAWie,IAAI,OAAmBK,cAAeH,mBAAmB,GAAgC,OAAaI,SAO1HT,EAAwB3hB,UAAUqiB,UAAY,SAAUrc,EAAQsc,QACtC,IAAlBA,IAA4BA,GAAgB,GAChD,IAAI7I,EAAgB6I,EAAgB,eAAetc,GAAU,GAAI,QAAuBA,GAAU,GAC9Fe,EAAW,IAAIvB,EAAA,KAASiU,GAC5Bja,KAAKqE,WAAWie,IAAI,OAAmBS,MAAOP,mBAAmBjb,EAAS4B,iBAM9EgZ,EAAwB3hB,UAAUwiB,YAAc,SAAUjS,GACtD/Q,KAAKqE,WAAWie,IAAI,OAAmBW,UAAWT,mBAAmBzR,KAMzEoR,EAAwB3hB,UAAU0iB,eAAiB,SAAUjC,GACzD,EAAiBD,oBAAoBC,GACrCjhB,KAAKqE,WAAWie,IAAI,OAAmBa,aAAcX,mBAAmBvB,KAM5EkB,EAAwB3hB,UAAU4iB,yBAA2B,SAAUnC,GACnE,EAAiBD,oBAAoBC,GACrCjhB,KAAKqE,WAAWie,IAAI,OAAmBe,gBAAiBb,mBAAmBvB,KAM/EkB,EAAwB3hB,UAAU8iB,eAAiB,SAAUC,GACzDvjB,KAAKqE,WAAWie,IAAI,OAAmBkB,cAAehB,mBAAmBe,KAM7EpB,EAAwB3hB,UAAUijB,cAAgB,SAAUC,GACxD1jB,KAAKqE,WAAWie,IAAI,OAASqB,YAAanB,mBAAmBkB,KAMjEvB,EAAwB3hB,UAAUojB,aAAe,SAAUC,GACvD7jB,KAAKqE,WAAWie,IAAI,OAASwB,WAAYtB,mBAAmBqB,KAMhE1B,EAAwB3hB,UAAUujB,UAAY,SAAUF,GACpD7jB,KAAKqE,WAAWie,IAAI,OAAY0B,WAAYxB,mBAAmB,OAASqB,KAM5E1B,EAAwB3hB,UAAUyjB,UAAY,SAAUC,GACpDlkB,KAAKqE,WAAWie,IAAI,OAAY0B,WAAYxB,mBAAmB,OAAS0B,EAAW/G,IAAM,IAAM+G,EAAWC,QAM9GhC,EAAwB3hB,UAAU4jB,OAAS,SAAUC,GACjDrkB,KAAKqE,WAAWie,IAAI,OAASgC,IAAK9B,mBAAmB6B,KAMzDlC,EAAwB3hB,UAAU+jB,UAAY,SAAUjL,EAAQkL,GAC5D,IAAIC,EAAezkB,KAAK0kB,8BAA8BpL,EAAQkL,GAC9D,EAAiBhD,eAAeiD,GAChCzkB,KAAKqE,WAAWie,IAAI,OAAmBpY,OAAQsY,mBAAmBiC,KAMtEtC,EAAwB3hB,UAAUmkB,iBAAmB,SAAU7S,GAC3D9R,KAAKqE,WAAWie,IAAI,OAAmBsC,kBAAmBpC,mBAAmB1Q,KAMjFqQ,EAAwB3hB,UAAUqkB,eAAiB,SAAUC,GAEzD9kB,KAAKqE,WAAWie,IAAI,OAAmByC,aAAcD,EAAYE,KACjEhlB,KAAKqE,WAAWie,IAAI,OAAmB2C,aAAcH,EAAYtT,SACjExR,KAAKqE,WAAWie,IAAI,OAAmB4C,YAAaJ,EAAYK,IAChEnlB,KAAKqE,WAAWie,IAAI,OAAmB8C,aAAcN,EAAYO,MAMrElD,EAAwB3hB,UAAU8kB,UAAY,SAAUjE,GACpD,EAAiBD,eAAeC,GAChCrhB,KAAKqE,WAAWie,IAAI,GAAK,OAAmBiD,OAAQ/C,mBAAmBnB,KAM3Ec,EAAwB3hB,UAAUglB,SAAW,SAAU/gB,GAC9C6Z,EAAA,KAAYpe,QAAQuE,IACrBzE,KAAKqE,WAAWie,IAAI,OAAmBmD,MAAOjD,mBAAmB/d,KAOzE0d,EAAwB3hB,UAAUklB,SAAW,SAAUrM,GACnDrZ,KAAKqE,WAAWie,IAAI,OAAmBqD,MAAOnD,mBAAmBnJ,KAQrE8I,EAAwB3hB,UAAUolB,uBAAyB,SAAUjE,EAAeC,GAEhF,GADA,EAAiBF,4BAA4BC,EAAeC,IACxDD,IAAiBC,EAKjB,MAAMV,EAAA,KAAyBW,wCAJ/B7hB,KAAKqE,WAAWie,IAAI,OAAmBuD,eAAgBrD,mBAAmBb,IAC1E3hB,KAAKqE,WAAWie,IAAI,OAAmBwD,sBAAuBtD,mBAAmBZ,KAUzFO,EAAwB3hB,UAAUulB,qBAAuB,SAAUzhB,GAC/DtE,KAAKqE,WAAWie,IAAI,OAAmB0D,KAAMxD,mBAAmBle,KAMpE6d,EAAwB3hB,UAAUylB,cAAgB,SAAU3hB,GACxDtE,KAAKqE,WAAWie,IAAI,OAAmB4D,YAAa1D,mBAAmBle,KAM3E6d,EAAwB3hB,UAAU2lB,gBAAkB,SAAUC,GAC1DpmB,KAAKqE,WAAWie,IAAI,OAAmB+D,cAAe7D,mBAAmB4D,KAM7EjE,EAAwB3hB,UAAU8lB,gBAAkB,SAAUC,GAC1DvmB,KAAKqE,WAAWie,IAAI,OAAmBkE,cAAehE,mBAAmB+D,KAM7EpE,EAAwB3hB,UAAUimB,gBAAkB,SAAUC,GAC1D1mB,KAAKqE,WAAWie,IAAI,OAAmBqE,cAAenE,mBAAmBkE,KAM7EvE,EAAwB3hB,UAAUomB,mBAAqB,SAAUC,GAC7D7mB,KAAKqE,WAAWie,IAAI,OAAmBwE,iBAAkBtE,mBAAmBqE,KAMhF1E,EAAwB3hB,UAAUumB,uBAAyB,SAAUC,GACjEhnB,KAAKqE,WAAWie,IAAI,OAAmB2E,sBAAuBzE,mBAAmBwE,KAMrF7E,EAAwB3hB,UAAU0mB,gBAAkB,SAAUrO,GAC1D7Y,KAAKqE,WAAWie,IAAI,OAAmB6E,cAAe3E,mBAAmB3J,KAM7EsJ,EAAwB3hB,UAAU4mB,mBAAqB,SAAUC,GAC7DrnB,KAAKqE,WAAWie,IAAI,OAAmBgF,oBAAqB9E,mBAAmB6E,KAMnFlF,EAAwB3hB,UAAU+mB,aAAe,SAAUC,GACvDxnB,KAAKqE,WAAWie,IAAI,OAAmBmF,WAAYjF,mBAAmBgF,KAM1ErF,EAAwB3hB,UAAUknB,cAAgB,WAC9C1nB,KAAKqE,WAAWie,IAAI,OAAa,MAMrCH,EAAwB3hB,UAAUmnB,wBAA0B,SAAUC,GAClE,IAAI1hB,EAAQlG,KACZ,EAAiBgiB,iBAAiB4F,EAAU5nB,KAAKqE,YACjD/D,OAAOgf,KAAKsI,GAAUlhB,SAAQ,SAAUqI,GACpC7I,EAAM7B,WAAWie,IAAIvT,EAAK6Y,EAAS7Y,QAG3CoT,EAAwB3hB,UAAUkkB,8BAAgC,SAAUpL,EAAQkL,GAChF,IAAIC,EAEJ,GAAKnL,EAID,IACImL,EAAevgB,KAAK4B,MAAMwT,GAE9B,MAAOnY,GACH,MAAM+f,EAAA,KAAyBO,uCAPnCgD,EAAe,GAoBnB,OAVID,GAAsBA,EAAmBriB,OAAS,IAC7CsiB,EAAajU,eAAe,OAAkBqX,gBAE/CpD,EAAa,OAAkBoD,cAAgB,IAGnDpD,EAAa,OAAkBoD,cAAc,OAAkBC,QAAU,CACrEC,OAAQvD,IAGTtgB,KAAKC,UAAUsgB,IAM1BtC,EAAwB3hB,UAAUwnB,YAAc,SAAUC,GACtDjoB,KAAKqE,WAAWie,IAAI,OAAuB2F,SAAUA,IAMzD9F,EAAwB3hB,UAAU0nB,YAAc,SAAUC,GACtDnoB,KAAKqE,WAAWie,IAAI,OAAuB6F,SAAUA,IAMzDhG,EAAwB3hB,UAAU4nB,YAAc,SAAUC,GACjD/J,EAAA,KAAYpe,QAAQmoB,KACrBroB,KAAKqE,WAAWie,IAAI,OAAmBgG,WAAY,OAAqBhL,KACxEtd,KAAKqE,WAAWie,IAAI,OAAmBiG,QAAS/F,mBAAmB6F,MAO3ElG,EAAwB3hB,UAAUgoB,mBAAqB,SAAUC,GAC7DzoB,KAAKqE,WAAWie,IAAI,OAAmBoG,oBAAqBD,EAAuBtW,qCACnFnS,KAAKqE,WAAWie,IAAI,OAAmBqG,oBAAqBF,EAAuBjW,mCAKvF2P,EAAwB3hB,UAAUooB,cAAgB,WAC9C5oB,KAAKqE,WAAWie,IAAI,OAAmBuG,oBAAqB,OAAoBxa,4BAKpF8T,EAAwB3hB,UAAUsoB,kBAAoB,WAClD,IAAIC,EAAsB,IAAIC,MAI9B,OAHAhpB,KAAKqE,WAAWqC,SAAQ,SAAUsI,EAAOD,GACrCga,EAAoB7f,KAAK6F,EAAM,IAAMC,MAElC+Z,EAAoBplB,KAAK,MAE7Bwe,EAlUiC,I,kCCb5C;;AASA,IAAI8G,EAA2B,WAC3B,SAASA,KAsCT,OAjCAA,EAAUC,WAAa,WAEnB,OAAOvY,KAAKwY,OAAM,IAAIha,MAAOia,UAAY,MAM7CH,EAAUI,eAAiB,SAAUtM,EAAWuM,GAE5C,IAAIC,EAAgB7L,OAAOX,IAAc,EACrCyM,EAAuBP,EAAUC,aAAeI,EAEpD,OAAQE,EAAuBD,GAQnCN,EAAUQ,mBAAqB,SAAUC,GACrC,IAAIC,EAAcjM,OAAOgM,GACzB,OAAOC,EAAcV,EAAUC,cAOnCD,EAAUW,MAAQ,SAAUC,EAAG7a,GAC3B,OAAO,IAAI4R,SAAQ,SAAUkJ,GAAW,OAAOC,YAAW,WAAc,OAAOD,EAAQ9a,KAAW6a,OAE/FZ,EAvCmB","file":"js/chunk-vendors~8a5f784e.4ac7faac.js","sourcesContent":["/*! @azure/msal-common v5.0.0 2021-09-08 */\n'use strict';\nimport { ClientConfigurationError } from '../error/ClientConfigurationError.js';\nimport { ClientAuthError } from '../error/ClientAuthError.js';\nimport { StringUtils } from '../utils/StringUtils.js';\nimport { AADAuthorityConstants, Constants } from '../utils/Constants.js';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\n/**\r\n * Url object class which can perform various transformations on url strings.\r\n */\r\nvar UrlString = /** @class */ (function () {\r\n function UrlString(url) {\r\n this._urlString = url;\r\n if (StringUtils.isEmpty(this._urlString)) {\r\n // Throws error if url is empty\r\n throw ClientConfigurationError.createUrlEmptyError();\r\n }\r\n if (StringUtils.isEmpty(this.getHash())) {\r\n this._urlString = UrlString.canonicalizeUri(url);\r\n }\r\n }\r\n Object.defineProperty(UrlString.prototype, \"urlString\", {\r\n get: function () {\r\n return this._urlString;\r\n },\r\n enumerable: false,\r\n configurable: true\r\n });\r\n /**\r\n * Ensure urls are lower case and end with a / character.\r\n * @param url\r\n */\r\n UrlString.canonicalizeUri = function (url) {\r\n if (url) {\r\n var lowerCaseUrl = url.toLowerCase();\r\n if (StringUtils.endsWith(lowerCaseUrl, \"?\")) {\r\n lowerCaseUrl = lowerCaseUrl.slice(0, -1);\r\n }\r\n else if (StringUtils.endsWith(lowerCaseUrl, \"?/\")) {\r\n lowerCaseUrl = lowerCaseUrl.slice(0, -2);\r\n }\r\n if (!StringUtils.endsWith(lowerCaseUrl, \"/\")) {\r\n lowerCaseUrl += \"/\";\r\n }\r\n return lowerCaseUrl;\r\n }\r\n return url;\r\n };\r\n /**\r\n * Throws if urlString passed is not a valid authority URI string.\r\n */\r\n UrlString.prototype.validateAsUri = function () {\r\n // Attempts to parse url for uri components\r\n var components;\r\n try {\r\n components = this.getUrlComponents();\r\n }\r\n catch (e) {\r\n throw ClientConfigurationError.createUrlParseError(e);\r\n }\r\n // Throw error if URI or path segments are not parseable.\r\n if (!components.HostNameAndPort || !components.PathSegments) {\r\n throw ClientConfigurationError.createUrlParseError(\"Given url string: \" + this.urlString);\r\n }\r\n // Throw error if uri is insecure.\r\n if (!components.Protocol || components.Protocol.toLowerCase() !== \"https:\") {\r\n throw ClientConfigurationError.createInsecureAuthorityUriError(this.urlString);\r\n }\r\n };\r\n /**\r\n * Given a url and a query string return the url with provided query string appended\r\n * @param url\r\n * @param queryString\r\n */\r\n UrlString.appendQueryString = function (url, queryString) {\r\n if (StringUtils.isEmpty(queryString)) {\r\n return url;\r\n }\r\n return url.indexOf(\"?\") < 0 ? url + \"?\" + queryString : url + \"&\" + queryString;\r\n };\r\n /**\r\n * Returns a url with the hash removed\r\n * @param url\r\n */\r\n UrlString.removeHashFromUrl = function (url) {\r\n return UrlString.canonicalizeUri(url.split(\"#\")[0]);\r\n };\r\n /**\r\n * Given a url like https://a:b/common/d?e=f#g, and a tenantId, returns https://a:b/tenantId/d\r\n * @param href The url\r\n * @param tenantId The tenant id to replace\r\n */\r\n UrlString.prototype.replaceTenantPath = function (tenantId) {\r\n var urlObject = this.getUrlComponents();\r\n var pathArray = urlObject.PathSegments;\r\n if (tenantId && (pathArray.length !== 0 && (pathArray[0] === AADAuthorityConstants.COMMON || pathArray[0] === AADAuthorityConstants.ORGANIZATIONS))) {\r\n pathArray[0] = tenantId;\r\n }\r\n return UrlString.constructAuthorityUriFromObject(urlObject);\r\n };\r\n /**\r\n * Returns the anchor part(#) of the URL\r\n */\r\n UrlString.prototype.getHash = function () {\r\n return UrlString.parseHash(this.urlString);\r\n };\r\n /**\r\n * Parses out the components from a url string.\r\n * @returns An object with the various components. Please cache this value insted of calling this multiple times on the same url.\r\n */\r\n UrlString.prototype.getUrlComponents = function () {\r\n // https://gist.github.com/curtisz/11139b2cfcaef4a261e0\r\n var regEx = RegExp(\"^(([^:/?#]+):)?(//([^/?#]*))?([^?#]*)(\\\\?([^#]*))?(#(.*))?\");\r\n // If url string does not match regEx, we throw an error\r\n var match = this.urlString.match(regEx);\r\n if (!match) {\r\n throw ClientConfigurationError.createUrlParseError(\"Given url string: \" + this.urlString);\r\n }\r\n // Url component object\r\n var urlComponents = {\r\n Protocol: match[1],\r\n HostNameAndPort: match[4],\r\n AbsolutePath: match[5],\r\n QueryString: match[7]\r\n };\r\n var pathSegments = urlComponents.AbsolutePath.split(\"/\");\r\n pathSegments = pathSegments.filter(function (val) { return val && val.length > 0; }); // remove empty elements\r\n urlComponents.PathSegments = pathSegments;\r\n if (!StringUtils.isEmpty(urlComponents.QueryString) && urlComponents.QueryString.endsWith(\"/\")) {\r\n urlComponents.QueryString = urlComponents.QueryString.substring(0, urlComponents.QueryString.length - 1);\r\n }\r\n return urlComponents;\r\n };\r\n UrlString.getDomainFromUrl = function (url) {\r\n var regEx = RegExp(\"^([^:/?#]+://)?([^/?#]*)\");\r\n var match = url.match(regEx);\r\n if (!match) {\r\n throw ClientConfigurationError.createUrlParseError(\"Given url string: \" + url);\r\n }\r\n return match[2];\r\n };\r\n UrlString.getAbsoluteUrl = function (relativeUrl, baseUrl) {\r\n if (relativeUrl[0] === Constants.FORWARD_SLASH) {\r\n var url = new UrlString(baseUrl);\r\n var baseComponents = url.getUrlComponents();\r\n return baseComponents.Protocol + \"//\" + baseComponents.HostNameAndPort + relativeUrl;\r\n }\r\n return relativeUrl;\r\n };\r\n /**\r\n * Parses hash string from given string. Returns empty string if no hash symbol is found.\r\n * @param hashString\r\n */\r\n UrlString.parseHash = function (hashString) {\r\n var hashIndex1 = hashString.indexOf(\"#\");\r\n var hashIndex2 = hashString.indexOf(\"#/\");\r\n if (hashIndex2 > -1) {\r\n return hashString.substring(hashIndex2 + 2);\r\n }\r\n else if (hashIndex1 > -1) {\r\n return hashString.substring(hashIndex1 + 1);\r\n }\r\n return \"\";\r\n };\r\n UrlString.constructAuthorityUriFromObject = function (urlObject) {\r\n return new UrlString(urlObject.Protocol + \"//\" + urlObject.HostNameAndPort + \"/\" + urlObject.PathSegments.join(\"/\"));\r\n };\r\n /**\r\n * Returns URL hash as server auth code response object.\r\n */\r\n UrlString.getDeserializedHash = function (hash) {\r\n // Check if given hash is empty\r\n if (StringUtils.isEmpty(hash)) {\r\n return {};\r\n }\r\n // Strip the # symbol if present\r\n var parsedHash = UrlString.parseHash(hash);\r\n // If # symbol was not present, above will return empty string, so give original hash value\r\n var deserializedHash = StringUtils.queryStringToObject(StringUtils.isEmpty(parsedHash) ? hash : parsedHash);\r\n // Check if deserialization didn't work\r\n if (!deserializedHash) {\r\n throw ClientAuthError.createHashNotDeserializedError(JSON.stringify(deserializedHash));\r\n }\r\n return deserializedHash;\r\n };\r\n /**\r\n * Check if the hash of the URL string contains known properties\r\n */\r\n UrlString.hashContainsKnownProperties = function (hash) {\r\n if (StringUtils.isEmpty(hash) || hash.indexOf(\"=\") < 0) {\r\n // Hash doesn't contain key/value pairs\r\n return false;\r\n }\r\n var parameters = UrlString.getDeserializedHash(hash);\r\n return !!(parameters.code ||\r\n parameters.error_description ||\r\n parameters.error ||\r\n parameters.state);\r\n };\r\n return UrlString;\r\n}());\n\nexport { UrlString };\n//# sourceMappingURL=UrlString.js.map\n","/*! @azure/msal-common v5.0.0 2021-09-08 */\n'use strict';\nimport { StringUtils } from './StringUtils.js';\nimport { Constants } from './Constants.js';\nimport { ClientAuthError } from '../error/ClientAuthError.js';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\n/**\r\n * Class which provides helpers for OAuth 2.0 protocol specific values\r\n */\r\nvar ProtocolUtils = /** @class */ (function () {\r\n function ProtocolUtils() {\r\n }\r\n /**\r\n * Appends user state with random guid, or returns random guid.\r\n * @param userState\r\n * @param randomGuid\r\n */\r\n ProtocolUtils.setRequestState = function (cryptoObj, userState, meta) {\r\n var libraryState = ProtocolUtils.generateLibraryState(cryptoObj, meta);\r\n return !StringUtils.isEmpty(userState) ? \"\" + libraryState + Constants.RESOURCE_DELIM + userState : libraryState;\r\n };\r\n /**\r\n * Generates the state value used by the common library.\r\n * @param randomGuid\r\n * @param cryptoObj\r\n */\r\n ProtocolUtils.generateLibraryState = function (cryptoObj, meta) {\r\n if (!cryptoObj) {\r\n throw ClientAuthError.createNoCryptoObjectError(\"generateLibraryState\");\r\n }\r\n // Create a state object containing a unique id and the timestamp of the request creation\r\n var stateObj = {\r\n id: cryptoObj.createNewGuid()\r\n };\r\n if (meta) {\r\n stateObj.meta = meta;\r\n }\r\n var stateString = JSON.stringify(stateObj);\r\n return cryptoObj.base64Encode(stateString);\r\n };\r\n /**\r\n * Parses the state into the RequestStateObject, which contains the LibraryState info and the state passed by the user.\r\n * @param state\r\n * @param cryptoObj\r\n */\r\n ProtocolUtils.parseRequestState = function (cryptoObj, state) {\r\n if (!cryptoObj) {\r\n throw ClientAuthError.createNoCryptoObjectError(\"parseRequestState\");\r\n }\r\n if (StringUtils.isEmpty(state)) {\r\n throw ClientAuthError.createInvalidStateError(state, \"Null, undefined or empty state\");\r\n }\r\n try {\r\n // Split the state between library state and user passed state and decode them separately\r\n var splitState = state.split(Constants.RESOURCE_DELIM);\r\n var libraryState = splitState[0];\r\n var userState = splitState.length > 1 ? splitState.slice(1).join(Constants.RESOURCE_DELIM) : \"\";\r\n var libraryStateString = cryptoObj.base64Decode(libraryState);\r\n var libraryStateObj = JSON.parse(libraryStateString);\r\n return {\r\n userRequestState: !StringUtils.isEmpty(userState) ? userState : \"\",\r\n libraryState: libraryStateObj\r\n };\r\n }\r\n catch (e) {\r\n throw ClientAuthError.createInvalidStateError(state, e);\r\n }\r\n };\r\n return ProtocolUtils;\r\n}());\n\nexport { ProtocolUtils };\n//# sourceMappingURL=ProtocolUtils.js.map\n","/*! @azure/msal-common v5.0.0 2021-09-08 */\n'use strict';\nimport { __spreadArrays } from '../_virtual/_tslib.js';\nimport { ClientConfigurationError } from '../error/ClientConfigurationError.js';\nimport { StringUtils } from '../utils/StringUtils.js';\nimport { ClientAuthError } from '../error/ClientAuthError.js';\nimport { OIDC_SCOPES } from '../utils/Constants.js';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\n/**\r\n * The ScopeSet class creates a set of scopes. Scopes are case-insensitive, unique values, so the Set object in JS makes\r\n * the most sense to implement for this class. All scopes are trimmed and converted to lower case strings in intersection and union functions\r\n * to ensure uniqueness of strings.\r\n */\r\nvar ScopeSet = /** @class */ (function () {\r\n function ScopeSet(inputScopes) {\r\n var _this = this;\r\n // Filter empty string and null/undefined array items\r\n var scopeArr = inputScopes ? StringUtils.trimArrayEntries(__spreadArrays(inputScopes)) : [];\r\n var filteredInput = scopeArr ? StringUtils.removeEmptyStringsFromArray(scopeArr) : [];\r\n // Validate and filter scopes (validate function throws if validation fails)\r\n this.validateInputScopes(filteredInput);\r\n this.scopes = new Set(); // Iterator in constructor not supported by IE11\r\n filteredInput.forEach(function (scope) { return _this.scopes.add(scope); });\r\n }\r\n /**\r\n * Factory method to create ScopeSet from space-delimited string\r\n * @param inputScopeString\r\n * @param appClientId\r\n * @param scopesRequired\r\n */\r\n ScopeSet.fromString = function (inputScopeString) {\r\n var scopeString = inputScopeString || \"\";\r\n var inputScopes = scopeString.split(\" \");\r\n return new ScopeSet(inputScopes);\r\n };\r\n /**\r\n * Used to validate the scopes input parameter requested by the developer.\r\n * @param {Array<string>} inputScopes - Developer requested permissions. Not all scopes are guaranteed to be included in the access token returned.\r\n * @param {boolean} scopesRequired - Boolean indicating whether the scopes array is required or not\r\n */\r\n ScopeSet.prototype.validateInputScopes = function (inputScopes) {\r\n // Check if scopes are required but not given or is an empty array\r\n if (!inputScopes || inputScopes.length < 1) {\r\n throw ClientConfigurationError.createEmptyScopesArrayError();\r\n }\r\n };\r\n /**\r\n * Check if a given scope is present in this set of scopes.\r\n * @param scope\r\n */\r\n ScopeSet.prototype.containsScope = function (scope) {\r\n var lowerCaseScopes = this.printScopesLowerCase().split(\" \");\r\n var lowerCaseScopesSet = new ScopeSet(lowerCaseScopes);\r\n // compare lowercase scopes\r\n return !StringUtils.isEmpty(scope) ? lowerCaseScopesSet.scopes.has(scope.toLowerCase()) : false;\r\n };\r\n /**\r\n * Check if a set of scopes is present in this set of scopes.\r\n * @param scopeSet\r\n */\r\n ScopeSet.prototype.containsScopeSet = function (scopeSet) {\r\n var _this = this;\r\n if (!scopeSet || scopeSet.scopes.size <= 0) {\r\n return false;\r\n }\r\n return (this.scopes.size >= scopeSet.scopes.size && scopeSet.asArray().every(function (scope) { return _this.containsScope(scope); }));\r\n };\r\n /**\r\n * Check if set of scopes contains only the defaults\r\n */\r\n ScopeSet.prototype.containsOnlyOIDCScopes = function () {\r\n var _this = this;\r\n var defaultScopeCount = 0;\r\n OIDC_SCOPES.forEach(function (defaultScope) {\r\n if (_this.containsScope(defaultScope)) {\r\n defaultScopeCount += 1;\r\n }\r\n });\r\n return this.scopes.size === defaultScopeCount;\r\n };\r\n /**\r\n * Appends single scope if passed\r\n * @param newScope\r\n */\r\n ScopeSet.prototype.appendScope = function (newScope) {\r\n if (!StringUtils.isEmpty(newScope)) {\r\n this.scopes.add(newScope.trim());\r\n }\r\n };\r\n /**\r\n * Appends multiple scopes if passed\r\n * @param newScopes\r\n */\r\n ScopeSet.prototype.appendScopes = function (newScopes) {\r\n var _this = this;\r\n try {\r\n newScopes.forEach(function (newScope) { return _this.appendScope(newScope); });\r\n }\r\n catch (e) {\r\n throw ClientAuthError.createAppendScopeSetError(e);\r\n }\r\n };\r\n /**\r\n * Removes element from set of scopes.\r\n * @param scope\r\n */\r\n ScopeSet.prototype.removeScope = function (scope) {\r\n if (StringUtils.isEmpty(scope)) {\r\n throw ClientAuthError.createRemoveEmptyScopeFromSetError(scope);\r\n }\r\n this.scopes.delete(scope.trim());\r\n };\r\n /**\r\n * Removes default scopes from set of scopes\r\n * Primarily used to prevent cache misses if the default scopes are not returned from the server\r\n */\r\n ScopeSet.prototype.removeOIDCScopes = function () {\r\n var _this = this;\r\n OIDC_SCOPES.forEach(function (defaultScope) {\r\n _this.scopes.delete(defaultScope);\r\n });\r\n };\r\n /**\r\n * Combines an array of scopes with the current set of scopes.\r\n * @param otherScopes\r\n */\r\n ScopeSet.prototype.unionScopeSets = function (otherScopes) {\r\n if (!otherScopes) {\r\n throw ClientAuthError.createEmptyInputScopeSetError();\r\n }\r\n var unionScopes = new Set(); // Iterator in constructor not supported in IE11\r\n otherScopes.scopes.forEach(function (scope) { return unionScopes.add(scope.toLowerCase()); });\r\n this.scopes.forEach(function (scope) { return unionScopes.add(scope.toLowerCase()); });\r\n return unionScopes;\r\n };\r\n /**\r\n * Check if scopes intersect between this set and another.\r\n * @param otherScopes\r\n */\r\n ScopeSet.prototype.intersectingScopeSets = function (otherScopes) {\r\n if (!otherScopes) {\r\n throw ClientAuthError.createEmptyInputScopeSetError();\r\n }\r\n // Do not allow OIDC scopes to be the only intersecting scopes\r\n if (!otherScopes.containsOnlyOIDCScopes()) {\r\n otherScopes.removeOIDCScopes();\r\n }\r\n var unionScopes = this.unionScopeSets(otherScopes);\r\n var sizeOtherScopes = otherScopes.getScopeCount();\r\n var sizeThisScopes = this.getScopeCount();\r\n var sizeUnionScopes = unionScopes.size;\r\n return sizeUnionScopes < (sizeThisScopes + sizeOtherScopes);\r\n };\r\n /**\r\n * Returns size of set of scopes.\r\n */\r\n ScopeSet.prototype.getScopeCount = function () {\r\n return this.scopes.size;\r\n };\r\n /**\r\n * Returns the scopes as an array of string values\r\n */\r\n ScopeSet.prototype.asArray = function () {\r\n var array = [];\r\n this.scopes.forEach(function (val) { return array.push(val); });\r\n return array;\r\n };\r\n /**\r\n * Prints scopes into a space-delimited string\r\n */\r\n ScopeSet.prototype.printScopes = function () {\r\n if (this.scopes) {\r\n var scopeArr = this.asArray();\r\n return scopeArr.join(\" \");\r\n }\r\n return \"\";\r\n };\r\n /**\r\n * Prints scopes into a space-delimited lower-case string (used for caching)\r\n */\r\n ScopeSet.prototype.printScopesLowerCase = function () {\r\n return this.printScopes().toLowerCase();\r\n };\r\n return ScopeSet;\r\n}());\n\nexport { ScopeSet };\n//# sourceMappingURL=ScopeSet.js.map\n","/*! @azure/msal-common v5.0.0 2021-09-08 */\n'use strict';\nimport { __spreadArrays } from '../_virtual/_tslib.js';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\nvar Constants = {\r\n LIBRARY_NAME: \"MSAL.JS\",\r\n SKU: \"msal.js.common\",\r\n // Prefix for all library cache entries\r\n CACHE_PREFIX: \"msal\",\r\n // default authority\r\n DEFAULT_AUTHORITY: \"https://login.microsoftonline.com/common/\",\r\n DEFAULT_AUTHORITY_HOST: \"login.microsoftonline.com\",\r\n // ADFS String\r\n ADFS: \"adfs\",\r\n // Default AAD Instance Discovery Endpoint\r\n AAD_INSTANCE_DISCOVERY_ENDPT: \"https://login.microsoftonline.com/common/discovery/instance?api-version=1.1&authorization_endpoint=\",\r\n // Resource delimiter - used for certain cache entries\r\n RESOURCE_DELIM: \"|\",\r\n // Placeholder for non-existent account ids/objects\r\n NO_ACCOUNT: \"NO_ACCOUNT\",\r\n // Claims\r\n CLAIMS: \"claims\",\r\n // Consumer UTID\r\n CONSUMER_UTID: \"9188040d-6c67-4c5b-b112-36a304b66dad\",\r\n // Default scopes\r\n OPENID_SCOPE: \"openid\",\r\n PROFILE_SCOPE: \"profile\",\r\n OFFLINE_ACCESS_SCOPE: \"offline_access\",\r\n EMAIL_SCOPE: \"email\",\r\n // Default response type for authorization code flow\r\n CODE_RESPONSE_TYPE: \"code\",\r\n CODE_GRANT_TYPE: \"authorization_code\",\r\n RT_GRANT_TYPE: \"refresh_token\",\r\n FRAGMENT_RESPONSE_MODE: \"fragment\",\r\n S256_CODE_CHALLENGE_METHOD: \"S256\",\r\n URL_FORM_CONTENT_TYPE: \"application/x-www-form-urlencoded;charset=utf-8\",\r\n AUTHORIZATION_PENDING: \"authorization_pending\",\r\n NOT_DEFINED: \"not_defined\",\r\n EMPTY_STRING: \"\",\r\n FORWARD_SLASH: \"/\",\r\n IMDS_ENDPOINT: \"http://169.254.169.254/metadata/instance/compute/location\",\r\n IMDS_VERSION: \"2020-06-01\",\r\n IMDS_TIMEOUT: 2000,\r\n AZURE_REGION_AUTO_DISCOVER_FLAG: \"TryAutoDetect\",\r\n REGIONAL_AUTH_PUBLIC_CLOUD_SUFFIX: \"login.microsoft.com\",\r\n KNOWN_PUBLIC_CLOUDS: [\"login.microsoftonline.com\", \"login.windows.net\", \"login.microsoft.com\", \"sts.windows.net\"]\r\n};\r\nvar OIDC_DEFAULT_SCOPES = [\r\n Constants.OPENID_SCOPE,\r\n Constants.PROFILE_SCOPE,\r\n Constants.OFFLINE_ACCESS_SCOPE\r\n];\r\nvar OIDC_SCOPES = __spreadArrays(OIDC_DEFAULT_SCOPES, [\r\n Constants.EMAIL_SCOPE\r\n]);\r\n/**\r\n * Request header names\r\n */\r\nvar HeaderNames;\r\n(function (HeaderNames) {\r\n HeaderNames[\"CONTENT_TYPE\"] = \"Content-Type\";\r\n HeaderNames[\"RETRY_AFTER\"] = \"Retry-After\";\r\n HeaderNames[\"CCS_HEADER\"] = \"X-AnchorMailbox\";\r\n})(HeaderNames || (HeaderNames = {}));\r\n/**\r\n * Persistent cache keys MSAL which stay while user is logged in.\r\n */\r\nvar PersistentCacheKeys;\r\n(function (PersistentCacheKeys) {\r\n PersistentCacheKeys[\"ID_TOKEN\"] = \"idtoken\";\r\n PersistentCacheKeys[\"CLIENT_INFO\"] = \"client.info\";\r\n PersistentCacheKeys[\"ADAL_ID_TOKEN\"] = \"adal.idtoken\";\r\n PersistentCacheKeys[\"ERROR\"] = \"error\";\r\n PersistentCacheKeys[\"ERROR_DESC\"] = \"error.description\";\r\n PersistentCacheKeys[\"ACTIVE_ACCOUNT\"] = \"active-account\";\r\n})(PersistentCacheKeys || (PersistentCacheKeys = {}));\r\n/**\r\n * String constants related to AAD Authority\r\n */\r\nvar AADAuthorityConstants;\r\n(function (AADAuthorityConstants) {\r\n AADAuthorityConstants[\"COMMON\"] = \"common\";\r\n AADAuthorityConstants[\"ORGANIZATIONS\"] = \"organizations\";\r\n AADAuthorityConstants[\"CONSUMERS\"] = \"consumers\";\r\n})(AADAuthorityConstants || (AADAuthorityConstants = {}));\r\n/**\r\n * Keys in the hashParams sent by AAD Server\r\n */\r\nvar AADServerParamKeys;\r\n(function (AADServerParamKeys) {\r\n AADServerParamKeys[\"CLIENT_ID\"] = \"client_id\";\r\n AADServerParamKeys[\"REDIRECT_URI\"] = \"redirect_uri\";\r\n AADServerParamKeys[\"RESPONSE_TYPE\"] = \"response_type\";\r\n AADServerParamKeys[\"RESPONSE_MODE\"] = \"response_mode\";\r\n AADServerParamKeys[\"GRANT_TYPE\"] = \"grant_type\";\r\n AADServerParamKeys[\"CLAIMS\"] = \"claims\";\r\n AADServerParamKeys[\"SCOPE\"] = \"scope\";\r\n AADServerParamKeys[\"ERROR\"] = \"error\";\r\n AADServerParamKeys[\"ERROR_DESCRIPTION\"] = \"error_description\";\r\n AADServerParamKeys[\"ACCESS_TOKEN\"] = \"access_token\";\r\n AADServerParamKeys[\"ID_TOKEN\"] = \"id_token\";\r\n AADServerParamKeys[\"REFRESH_TOKEN\"] = \"refresh_token\";\r\n AADServerParamKeys[\"EXPIRES_IN\"] = \"expires_in\";\r\n AADServerParamKeys[\"STATE\"] = \"state\";\r\n AADServerParamKeys[\"NONCE\"] = \"nonce\";\r\n AADServerParamKeys[\"PROMPT\"] = \"prompt\";\r\n AADServerParamKeys[\"SESSION_STATE\"] = \"session_state\";\r\n AADServerParamKeys[\"CLIENT_INFO\"] = \"client_info\";\r\n AADServerParamKeys[\"CODE\"] = \"code\";\r\n AADServerParamKeys[\"CODE_CHALLENGE\"] = \"code_challenge\";\r\n AADServerParamKeys[\"CODE_CHALLENGE_METHOD\"] = \"code_challenge_method\";\r\n AADServerParamKeys[\"CODE_VERIFIER\"] = \"code_verifier\";\r\n AADServerParamKeys[\"CLIENT_REQUEST_ID\"] = \"client-request-id\";\r\n AADServerParamKeys[\"X_CLIENT_SKU\"] = \"x-client-SKU\";\r\n AADServerParamKeys[\"X_CLIENT_VER\"] = \"x-client-VER\";\r\n AADServerParamKeys[\"X_CLIENT_OS\"] = \"x-client-OS\";\r\n AADServerParamKeys[\"X_CLIENT_CPU\"] = \"x-client-CPU\";\r\n AADServerParamKeys[\"X_CLIENT_CURR_TELEM\"] = \"x-client-current-telemetry\";\r\n AADServerParamKeys[\"X_CLIENT_LAST_TELEM\"] = \"x-client-last-telemetry\";\r\n AADServerParamKeys[\"X_MS_LIB_CAPABILITY\"] = \"x-ms-lib-capability\";\r\n AADServerParamKeys[\"POST_LOGOUT_URI\"] = \"post_logout_redirect_uri\";\r\n AADServerParamKeys[\"ID_TOKEN_HINT\"] = \"id_token_hint\";\r\n AADServerParamKeys[\"DEVICE_CODE\"] = \"device_code\";\r\n AADServerParamKeys[\"CLIENT_SECRET\"] = \"client_secret\";\r\n AADServerParamKeys[\"CLIENT_ASSERTION\"] = \"client_assertion\";\r\n AADServerParamKeys[\"CLIENT_ASSERTION_TYPE\"] = \"client_assertion_type\";\r\n AADServerParamKeys[\"TOKEN_TYPE\"] = \"token_type\";\r\n AADServerParamKeys[\"REQ_CNF\"] = \"req_cnf\";\r\n AADServerParamKeys[\"OBO_ASSERTION\"] = \"assertion\";\r\n AADServerParamKeys[\"REQUESTED_TOKEN_USE\"] = \"requested_token_use\";\r\n AADServerParamKeys[\"ON_BEHALF_OF\"] = \"on_behalf_of\";\r\n AADServerParamKeys[\"FOCI\"] = \"foci\";\r\n AADServerParamKeys[\"CCS_HEADER\"] = \"X-AnchorMailbox\";\r\n})(AADServerParamKeys || (AADServerParamKeys = {}));\r\n/**\r\n * Claims request keys\r\n */\r\nvar ClaimsRequestKeys;\r\n(function (ClaimsRequestKeys) {\r\n ClaimsRequestKeys[\"ACCESS_TOKEN\"] = \"access_token\";\r\n ClaimsRequestKeys[\"XMS_CC\"] = \"xms_cc\";\r\n})(ClaimsRequestKeys || (ClaimsRequestKeys = {}));\r\n/**\r\n * we considered making this \"enum\" in the request instead of string, however it looks like the allowed list of\r\n * prompt values kept changing over past couple of years. There are some undocumented prompt values for some\r\n * internal partners too, hence the choice of generic \"string\" type instead of the \"enum\"\r\n */\r\nvar PromptValue = {\r\n LOGIN: \"login\",\r\n SELECT_ACCOUNT: \"select_account\",\r\n CONSENT: \"consent\",\r\n NONE: \"none\",\r\n CREATE: \"create\"\r\n};\r\n/**\r\n * SSO Types - generated to populate hints\r\n */\r\nvar SSOTypes;\r\n(function (SSOTypes) {\r\n SSOTypes[\"ACCOUNT\"] = \"account\";\r\n SSOTypes[\"SID\"] = \"sid\";\r\n SSOTypes[\"LOGIN_HINT\"] = \"login_hint\";\r\n SSOTypes[\"ID_TOKEN\"] = \"id_token\";\r\n SSOTypes[\"DOMAIN_HINT\"] = \"domain_hint\";\r\n SSOTypes[\"ORGANIZATIONS\"] = \"organizations\";\r\n SSOTypes[\"CONSUMERS\"] = \"consumers\";\r\n SSOTypes[\"ACCOUNT_ID\"] = \"accountIdentifier\";\r\n SSOTypes[\"HOMEACCOUNT_ID\"] = \"homeAccountIdentifier\";\r\n})(SSOTypes || (SSOTypes = {}));\r\n/**\r\n * allowed values for codeVerifier\r\n */\r\nvar CodeChallengeMethodValues = {\r\n PLAIN: \"plain\",\r\n S256: \"S256\"\r\n};\r\n/**\r\n * allowed values for response_mode\r\n */\r\nvar ResponseMode;\r\n(function (ResponseMode) {\r\n ResponseMode[\"QUERY\"] = \"query\";\r\n ResponseMode[\"FRAGMENT\"] = \"fragment\";\r\n ResponseMode[\"FORM_POST\"] = \"form_post\";\r\n})(ResponseMode || (ResponseMode = {}));\r\n/**\r\n * allowed grant_type\r\n */\r\nvar GrantType;\r\n(function (GrantType) {\r\n GrantType[\"IMPLICIT_GRANT\"] = \"implicit\";\r\n GrantType[\"AUTHORIZATION_CODE_GRANT\"] = \"authorization_code\";\r\n GrantType[\"CLIENT_CREDENTIALS_GRANT\"] = \"client_credentials\";\r\n GrantType[\"RESOURCE_OWNER_PASSWORD_GRANT\"] = \"password\";\r\n GrantType[\"REFRESH_TOKEN_GRANT\"] = \"refresh_token\";\r\n GrantType[\"DEVICE_CODE_GRANT\"] = \"device_code\";\r\n GrantType[\"JWT_BEARER\"] = \"urn:ietf:params:oauth:grant-type:jwt-bearer\";\r\n})(GrantType || (GrantType = {}));\r\n/**\r\n * Account types in Cache\r\n */\r\nvar CacheAccountType;\r\n(function (CacheAccountType) {\r\n CacheAccountType[\"MSSTS_ACCOUNT_TYPE\"] = \"MSSTS\";\r\n CacheAccountType[\"ADFS_ACCOUNT_TYPE\"] = \"ADFS\";\r\n CacheAccountType[\"MSAV1_ACCOUNT_TYPE\"] = \"MSA\";\r\n CacheAccountType[\"GENERIC_ACCOUNT_TYPE\"] = \"Generic\"; // NTLM, Kerberos, FBA, Basic etc\r\n})(CacheAccountType || (CacheAccountType = {}));\r\n/**\r\n * Separators used in cache\r\n */\r\nvar Separators;\r\n(function (Separators) {\r\n Separators[\"CACHE_KEY_SEPARATOR\"] = \"-\";\r\n Separators[\"CLIENT_INFO_SEPARATOR\"] = \".\";\r\n})(Separators || (Separators = {}));\r\n/**\r\n * Credential Type stored in the cache\r\n */\r\nvar CredentialType;\r\n(function (CredentialType) {\r\n CredentialType[\"ID_TOKEN\"] = \"IdToken\";\r\n CredentialType[\"ACCESS_TOKEN\"] = \"AccessToken\";\r\n CredentialType[\"ACCESS_TOKEN_WITH_AUTH_SCHEME\"] = \"AccessToken_With_AuthScheme\";\r\n CredentialType[\"REFRESH_TOKEN\"] = \"RefreshToken\";\r\n})(CredentialType || (CredentialType = {}));\r\n/**\r\n * Credential Type stored in the cache\r\n */\r\nvar CacheSchemaType;\r\n(function (CacheSchemaType) {\r\n CacheSchemaType[\"ACCOUNT\"] = \"Account\";\r\n CacheSchemaType[\"CREDENTIAL\"] = \"Credential\";\r\n CacheSchemaType[\"ID_TOKEN\"] = \"IdToken\";\r\n CacheSchemaType[\"ACCESS_TOKEN\"] = \"AccessToken\";\r\n CacheSchemaType[\"REFRESH_TOKEN\"] = \"RefreshToken\";\r\n CacheSchemaType[\"APP_METADATA\"] = \"AppMetadata\";\r\n CacheSchemaType[\"TEMPORARY\"] = \"TempCache\";\r\n CacheSchemaType[\"TELEMETRY\"] = \"Telemetry\";\r\n CacheSchemaType[\"UNDEFINED\"] = \"Undefined\";\r\n CacheSchemaType[\"THROTTLING\"] = \"Throttling\";\r\n})(CacheSchemaType || (CacheSchemaType = {}));\r\n/**\r\n * Combine all cache types\r\n */\r\nvar CacheType;\r\n(function (CacheType) {\r\n CacheType[CacheType[\"ADFS\"] = 1001] = \"ADFS\";\r\n CacheType[CacheType[\"MSA\"] = 1002] = \"MSA\";\r\n CacheType[CacheType[\"MSSTS\"] = 1003] = \"MSSTS\";\r\n CacheType[CacheType[\"GENERIC\"] = 1004] = \"GENERIC\";\r\n CacheType[CacheType[\"ACCESS_TOKEN\"] = 2001] = \"ACCESS_TOKEN\";\r\n CacheType[CacheType[\"REFRESH_TOKEN\"] = 2002] = \"REFRESH_TOKEN\";\r\n CacheType[CacheType[\"ID_TOKEN\"] = 2003] = \"ID_TOKEN\";\r\n CacheType[CacheType[\"APP_METADATA\"] = 3001] = \"APP_METADATA\";\r\n CacheType[CacheType[\"UNDEFINED\"] = 9999] = \"UNDEFINED\";\r\n})(CacheType || (CacheType = {}));\r\n/**\r\n * More Cache related constants\r\n */\r\nvar APP_METADATA = \"appmetadata\";\r\nvar CLIENT_INFO = \"client_info\";\r\nvar THE_FAMILY_ID = \"1\";\r\nvar AUTHORITY_METADATA_CONSTANTS = {\r\n CACHE_KEY: \"authority-metadata\",\r\n REFRESH_TIME_SECONDS: 3600 * 24 // 24 Hours\r\n};\r\nvar AuthorityMetadataSource;\r\n(function (AuthorityMetadataSource) {\r\n AuthorityMetadataSource[\"CONFIG\"] = \"config\";\r\n AuthorityMetadataSource[\"CACHE\"] = \"cache\";\r\n AuthorityMetadataSource[\"NETWORK\"] = \"network\";\r\n})(AuthorityMetadataSource || (AuthorityMetadataSource = {}));\r\nvar SERVER_TELEM_CONSTANTS = {\r\n SCHEMA_VERSION: 5,\r\n MAX_CUR_HEADER_BYTES: 80,\r\n MAX_LAST_HEADER_BYTES: 330,\r\n MAX_CACHED_ERRORS: 50,\r\n CACHE_KEY: \"server-telemetry\",\r\n CATEGORY_SEPARATOR: \"|\",\r\n VALUE_SEPARATOR: \",\",\r\n OVERFLOW_TRUE: \"1\",\r\n OVERFLOW_FALSE: \"0\",\r\n UNKNOWN_ERROR: \"unknown_error\"\r\n};\r\n/**\r\n * Type of the authentication request\r\n */\r\nvar AuthenticationScheme;\r\n(function (AuthenticationScheme) {\r\n AuthenticationScheme[\"POP\"] = \"pop\";\r\n AuthenticationScheme[\"BEARER\"] = \"Bearer\";\r\n})(AuthenticationScheme || (AuthenticationScheme = {}));\r\n/**\r\n * Constants related to throttling\r\n */\r\nvar ThrottlingConstants = {\r\n // Default time to throttle RequestThumbprint in seconds\r\n DEFAULT_THROTTLE_TIME_SECONDS: 60,\r\n // Default maximum time to throttle in seconds, overrides what the server sends back\r\n DEFAULT_MAX_THROTTLE_TIME_SECONDS: 3600,\r\n // Prefix for storing throttling entries\r\n THROTTLING_PREFIX: \"throttling\",\r\n // Value assigned to the x-ms-lib-capability header to indicate to the server the library supports throttling\r\n X_MS_LIB_CAPABILITY_VALUE: \"retry-after, h429\"\r\n};\r\nvar Errors = {\r\n INVALID_GRANT_ERROR: \"invalid_grant\",\r\n CLIENT_MISMATCH_ERROR: \"client_mismatch\",\r\n};\r\n/**\r\n * Password grant parameters\r\n */\r\nvar PasswordGrantConstants;\r\n(function (PasswordGrantConstants) {\r\n PasswordGrantConstants[\"username\"] = \"username\";\r\n PasswordGrantConstants[\"password\"] = \"password\";\r\n})(PasswordGrantConstants || (PasswordGrantConstants = {}));\r\n/**\r\n * Response codes\r\n */\r\nvar ResponseCodes;\r\n(function (ResponseCodes) {\r\n ResponseCodes[ResponseCodes[\"httpSuccess\"] = 200] = \"httpSuccess\";\r\n ResponseCodes[ResponseCodes[\"httpBadRequest\"] = 400] = \"httpBadRequest\";\r\n})(ResponseCodes || (ResponseCodes = {}));\r\n/**\r\n * Region Discovery Sources\r\n */\r\nvar RegionDiscoverySources;\r\n(function (RegionDiscoverySources) {\r\n RegionDiscoverySources[\"FAILED_AUTO_DETECTION\"] = \"1\";\r\n RegionDiscoverySources[\"INTERNAL_CACHE\"] = \"2\";\r\n RegionDiscoverySources[\"ENVIRONMENT_VARIABLE\"] = \"3\";\r\n RegionDiscoverySources[\"IMDS\"] = \"4\";\r\n})(RegionDiscoverySources || (RegionDiscoverySources = {}));\r\n/**\r\n * Region Discovery Outcomes\r\n */\r\nvar RegionDiscoveryOutcomes;\r\n(function (RegionDiscoveryOutcomes) {\r\n RegionDiscoveryOutcomes[\"CONFIGURED_MATCHES_DETECTED\"] = \"1\";\r\n RegionDiscoveryOutcomes[\"CONFIGURED_NO_AUTO_DETECTION\"] = \"2\";\r\n RegionDiscoveryOutcomes[\"CONFIGURED_NOT_DETECTED\"] = \"3\";\r\n RegionDiscoveryOutcomes[\"AUTO_DETECTION_REQUESTED_SUCCESSFUL\"] = \"4\";\r\n RegionDiscoveryOutcomes[\"AUTO_DETECTION_REQUESTED_FAILED\"] = \"5\";\r\n})(RegionDiscoveryOutcomes || (RegionDiscoveryOutcomes = {}));\r\nvar CacheOutcome;\r\n(function (CacheOutcome) {\r\n CacheOutcome[\"NO_CACHE_HIT\"] = \"0\";\r\n CacheOutcome[\"FORCE_REFRESH\"] = \"1\";\r\n CacheOutcome[\"NO_CACHED_ACCESS_TOKEN\"] = \"2\";\r\n CacheOutcome[\"CACHED_ACCESS_TOKEN_EXPIRED\"] = \"3\";\r\n CacheOutcome[\"REFRESH_CACHED_ACCESS_TOKEN\"] = \"4\";\r\n})(CacheOutcome || (CacheOutcome = {}));\n\nexport { AADAuthorityConstants, AADServerParamKeys, APP_METADATA, AUTHORITY_METADATA_CONSTANTS, AuthenticationScheme, AuthorityMetadataSource, CLIENT_INFO, CacheAccountType, CacheOutcome, CacheSchemaType, CacheType, ClaimsRequestKeys, CodeChallengeMethodValues, Constants, CredentialType, Errors, GrantType, HeaderNames, OIDC_DEFAULT_SCOPES, OIDC_SCOPES, PasswordGrantConstants, PersistentCacheKeys, PromptValue, RegionDiscoveryOutcomes, RegionDiscoverySources, ResponseCodes, ResponseMode, SERVER_TELEM_CONSTANTS, SSOTypes, Separators, THE_FAMILY_ID, ThrottlingConstants };\n//# sourceMappingURL=Constants.js.map\n","/*! @azure/msal-common v5.0.0 2021-09-08 */\n'use strict';\nimport { ThrottlingConstants, CacheSchemaType, Constants, HeaderNames } from '../utils/Constants.js';\nimport { ServerError } from '../error/ServerError.js';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\nvar ThrottlingUtils = /** @class */ (function () {\r\n function ThrottlingUtils() {\r\n }\r\n /**\r\n * Prepares a RequestThumbprint to be stored as a key.\r\n * @param thumbprint\r\n */\r\n ThrottlingUtils.generateThrottlingStorageKey = function (thumbprint) {\r\n return ThrottlingConstants.THROTTLING_PREFIX + \".\" + JSON.stringify(thumbprint);\r\n };\r\n /**\r\n * Performs necessary throttling checks before a network request.\r\n * @param cacheManager\r\n * @param thumbprint\r\n */\r\n ThrottlingUtils.preProcess = function (cacheManager, thumbprint) {\r\n var _a;\r\n var key = ThrottlingUtils.generateThrottlingStorageKey(thumbprint);\r\n var value = cacheManager.getThrottlingCache(key);\r\n if (value) {\r\n if (value.throttleTime < Date.now()) {\r\n cacheManager.removeItem(key, CacheSchemaType.THROTTLING);\r\n return;\r\n }\r\n throw new ServerError(((_a = value.errorCodes) === null || _a === void 0 ? void 0 : _a.join(\" \")) || Constants.EMPTY_STRING, value.errorMessage, value.subError);\r\n }\r\n };\r\n /**\r\n * Performs necessary throttling checks after a network request.\r\n * @param cacheManager\r\n * @param thumbprint\r\n * @param response\r\n */\r\n ThrottlingUtils.postProcess = function (cacheManager, thumbprint, response) {\r\n if (ThrottlingUtils.checkResponseStatus(response) || ThrottlingUtils.checkResponseForRetryAfter(response)) {\r\n var thumbprintValue = {\r\n throttleTime: ThrottlingUtils.calculateThrottleTime(parseInt(response.headers[HeaderNames.RETRY_AFTER])),\r\n error: response.body.error,\r\n errorCodes: response.body.error_codes,\r\n errorMessage: response.body.error_description,\r\n subError: response.body.suberror\r\n };\r\n cacheManager.setThrottlingCache(ThrottlingUtils.generateThrottlingStorageKey(thumbprint), thumbprintValue);\r\n }\r\n };\r\n /**\r\n * Checks a NetworkResponse object's status codes against 429 or 5xx\r\n * @param response\r\n */\r\n ThrottlingUtils.checkResponseStatus = function (response) {\r\n return response.status === 429 || response.status >= 500 && response.status < 600;\r\n };\r\n /**\r\n * Checks a NetworkResponse object's RetryAfter header\r\n * @param response\r\n */\r\n ThrottlingUtils.checkResponseForRetryAfter = function (response) {\r\n if (response.headers) {\r\n return response.headers.hasOwnProperty(HeaderNames.RETRY_AFTER) && (response.status < 200 || response.status >= 300);\r\n }\r\n return false;\r\n };\r\n /**\r\n * Calculates the Unix-time value for a throttle to expire given throttleTime in seconds.\r\n * @param throttleTime\r\n */\r\n ThrottlingUtils.calculateThrottleTime = function (throttleTime) {\r\n var time = throttleTime <= 0 ? 0 : throttleTime;\r\n var currentSeconds = Date.now() / 1000;\r\n return Math.floor(Math.min(currentSeconds + (time || ThrottlingConstants.DEFAULT_THROTTLE_TIME_SECONDS), currentSeconds + ThrottlingConstants.DEFAULT_MAX_THROTTLE_TIME_SECONDS) * 1000);\r\n };\r\n ThrottlingUtils.removeThrottle = function (cacheManager, clientId, request, homeAccountIdentifier) {\r\n var thumbprint = {\r\n clientId: clientId,\r\n authority: request.authority,\r\n scopes: request.scopes,\r\n homeAccountIdentifier: homeAccountIdentifier,\r\n authenticationScheme: request.authenticationScheme,\r\n resourceRequestMethod: request.resourceRequestMethod,\r\n resourceRequestUri: request.resourceRequestUri,\r\n shrClaims: request.shrClaims\r\n };\r\n var key = this.generateThrottlingStorageKey(thumbprint);\r\n return cacheManager.removeItem(key, CacheSchemaType.THROTTLING);\r\n };\r\n return ThrottlingUtils;\r\n}());\n\nexport { ThrottlingUtils };\n//# sourceMappingURL=ThrottlingUtils.js.map\n","/*! @azure/msal-common v5.0.0 2021-09-08 */\n'use strict';\n/* eslint-disable header/header */\r\nvar name = \"@azure/msal-common\";\r\nvar version = \"5.0.0\";\n\nexport { name, version };\n//# sourceMappingURL=packageMetadata.js.map\n","/*! @azure/msal-common v5.0.0 2021-09-08 */\n'use strict';\nimport { SERVER_TELEM_CONSTANTS, CacheOutcome, Constants, Separators } from '../../utils/Constants.js';\nimport { ServerTelemetryEntity } from '../../cache/entities/ServerTelemetryEntity.js';\nimport { StringUtils } from '../../utils/StringUtils.js';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\nvar ServerTelemetryManager = /** @class */ (function () {\r\n function ServerTelemetryManager(telemetryRequest, cacheManager) {\r\n this.cacheOutcome = CacheOutcome.NO_CACHE_HIT;\r\n this.cacheManager = cacheManager;\r\n this.apiId = telemetryRequest.apiId;\r\n this.correlationId = telemetryRequest.correlationId;\r\n this.wrapperSKU = telemetryRequest.wrapperSKU || Constants.EMPTY_STRING;\r\n this.wrapperVer = telemetryRequest.wrapperVer || Constants.EMPTY_STRING;\r\n this.telemetryCacheKey = SERVER_TELEM_CONSTANTS.CACHE_KEY + Separators.CACHE_KEY_SEPARATOR + telemetryRequest.clientId;\r\n }\r\n /**\r\n * API to add MSER Telemetry to request\r\n */\r\n ServerTelemetryManager.prototype.generateCurrentRequestHeaderValue = function () {\r\n var request = \"\" + this.apiId + SERVER_TELEM_CONSTANTS.VALUE_SEPARATOR + this.cacheOutcome;\r\n var platformFields = [this.wrapperSKU, this.wrapperVer].join(SERVER_TELEM_CONSTANTS.VALUE_SEPARATOR);\r\n var regionDiscoveryFields = this.getRegionDiscoveryFields();\r\n var requestWithRegionDiscoveryFields = [request, regionDiscoveryFields].join(SERVER_TELEM_CONSTANTS.VALUE_SEPARATOR);\r\n return [SERVER_TELEM_CONSTANTS.SCHEMA_VERSION, requestWithRegionDiscoveryFields, platformFields].join(SERVER_TELEM_CONSTANTS.CATEGORY_SEPARATOR);\r\n };\r\n /**\r\n * API to add MSER Telemetry for the last failed request\r\n */\r\n ServerTelemetryManager.prototype.generateLastRequestHeaderValue = function () {\r\n var lastRequests = this.getLastRequests();\r\n var maxErrors = ServerTelemetryManager.maxErrorsToSend(lastRequests);\r\n var failedRequests = lastRequests.failedRequests.slice(0, 2 * maxErrors).join(SERVER_TELEM_CONSTANTS.VALUE_SEPARATOR);\r\n var errors = lastRequests.errors.slice(0, maxErrors).join(SERVER_TELEM_CONSTANTS.VALUE_SEPARATOR);\r\n var errorCount = lastRequests.errors.length;\r\n // Indicate whether this header contains all data or partial data\r\n var overflow = maxErrors < errorCount ? SERVER_TELEM_CONSTANTS.OVERFLOW_TRUE : SERVER_TELEM_CONSTANTS.OVERFLOW_FALSE;\r\n var platformFields = [errorCount, overflow].join(SERVER_TELEM_CONSTANTS.VALUE_SEPARATOR);\r\n return [SERVER_TELEM_CONSTANTS.SCHEMA_VERSION, lastRequests.cacheHits, failedRequests, errors, platformFields].join(SERVER_TELEM_CONSTANTS.CATEGORY_SEPARATOR);\r\n };\r\n /**\r\n * API to cache token failures for MSER data capture\r\n * @param error\r\n */\r\n ServerTelemetryManager.prototype.cacheFailedRequest = function (error) {\r\n var lastRequests = this.getLastRequests();\r\n if (lastRequests.errors.length >= SERVER_TELEM_CONSTANTS.MAX_CACHED_ERRORS) {\r\n // Remove a cached error to make room, first in first out\r\n lastRequests.failedRequests.shift(); // apiId\r\n lastRequests.failedRequests.shift(); // correlationId\r\n lastRequests.errors.shift();\r\n }\r\n lastRequests.failedRequests.push(this.apiId, this.correlationId);\r\n if (!StringUtils.isEmpty(error.subError)) {\r\n lastRequests.errors.push(error.subError);\r\n }\r\n else if (!StringUtils.isEmpty(error.errorCode)) {\r\n lastRequests.errors.push(error.errorCode);\r\n }\r\n else if (!!error && error.toString()) {\r\n lastRequests.errors.push(error.toString());\r\n }\r\n else {\r\n lastRequests.errors.push(SERVER_TELEM_CONSTANTS.UNKNOWN_ERROR);\r\n }\r\n this.cacheManager.setServerTelemetry(this.telemetryCacheKey, lastRequests);\r\n return;\r\n };\r\n /**\r\n * Update server telemetry cache entry by incrementing cache hit counter\r\n */\r\n ServerTelemetryManager.prototype.incrementCacheHits = function () {\r\n var lastRequests = this.getLastRequests();\r\n lastRequests.cacheHits += 1;\r\n this.cacheManager.setServerTelemetry(this.telemetryCacheKey, lastRequests);\r\n return lastRequests.cacheHits;\r\n };\r\n /**\r\n * Get the server telemetry entity from cache or initialize a new one\r\n */\r\n ServerTelemetryManager.prototype.getLastRequests = function () {\r\n var initialValue = new ServerTelemetryEntity();\r\n var lastRequests = this.cacheManager.getServerTelemetry(this.telemetryCacheKey);\r\n return lastRequests || initialValue;\r\n };\r\n /**\r\n * Remove server telemetry cache entry\r\n */\r\n ServerTelemetryManager.prototype.clearTelemetryCache = function () {\r\n var lastRequests = this.getLastRequests();\r\n var numErrorsFlushed = ServerTelemetryManager.maxErrorsToSend(lastRequests);\r\n var errorCount = lastRequests.errors.length;\r\n if (numErrorsFlushed === errorCount) {\r\n // All errors were sent on last request, clear Telemetry cache\r\n this.cacheManager.removeItem(this.telemetryCacheKey);\r\n }\r\n else {\r\n // Partial data was flushed to server, construct a new telemetry cache item with errors that were not flushed\r\n var serverTelemEntity = new ServerTelemetryEntity();\r\n serverTelemEntity.failedRequests = lastRequests.failedRequests.slice(numErrorsFlushed * 2); // failedRequests contains 2 items for each error\r\n serverTelemEntity.errors = lastRequests.errors.slice(numErrorsFlushed);\r\n this.cacheManager.setServerTelemetry(this.telemetryCacheKey, serverTelemEntity);\r\n }\r\n };\r\n /**\r\n * Returns the maximum number of errors that can be flushed to the server in the next network request\r\n * @param serverTelemetryEntity\r\n */\r\n ServerTelemetryManager.maxErrorsToSend = function (serverTelemetryEntity) {\r\n var i;\r\n var maxErrors = 0;\r\n var dataSize = 0;\r\n var errorCount = serverTelemetryEntity.errors.length;\r\n for (i = 0; i < errorCount; i++) {\r\n // failedRequests parameter contains pairs of apiId and correlationId, multiply index by 2 to preserve pairs\r\n var apiId = serverTelemetryEntity.failedRequests[2 * i] || Constants.EMPTY_STRING;\r\n var correlationId = serverTelemetryEntity.failedRequests[2 * i + 1] || Constants.EMPTY_STRING;\r\n var errorCode = serverTelemetryEntity.errors[i] || Constants.EMPTY_STRING;\r\n // Count number of characters that would be added to header, each character is 1 byte. Add 3 at the end to account for separators\r\n dataSize += apiId.toString().length + correlationId.toString().length + errorCode.length + 3;\r\n if (dataSize < SERVER_TELEM_CONSTANTS.MAX_LAST_HEADER_BYTES) {\r\n // Adding this entry to the header would still keep header size below the limit\r\n maxErrors += 1;\r\n }\r\n else {\r\n break;\r\n }\r\n }\r\n return maxErrors;\r\n };\r\n /**\r\n * Get the region discovery fields\r\n *\r\n * @returns string\r\n */\r\n ServerTelemetryManager.prototype.getRegionDiscoveryFields = function () {\r\n var regionDiscoveryFields = [];\r\n regionDiscoveryFields.push(this.regionUsed || \"\");\r\n regionDiscoveryFields.push(this.regionSource || \"\");\r\n regionDiscoveryFields.push(this.regionOutcome || \"\");\r\n return regionDiscoveryFields.join(\",\");\r\n };\r\n /**\r\n * Update the region discovery metadata\r\n *\r\n * @param regionDiscoveryMetadata\r\n * @returns void\r\n */\r\n ServerTelemetryManager.prototype.updateRegionDiscoveryMetadata = function (regionDiscoveryMetadata) {\r\n this.regionUsed = regionDiscoveryMetadata.region_used;\r\n this.regionSource = regionDiscoveryMetadata.region_source;\r\n this.regionOutcome = regionDiscoveryMetadata.region_outcome;\r\n };\r\n /**\r\n * Set cache outcome\r\n */\r\n ServerTelemetryManager.prototype.setCacheOutcome = function (cacheOutcome) {\r\n this.cacheOutcome = cacheOutcome;\r\n };\r\n return ServerTelemetryManager;\r\n}());\n\nexport { ServerTelemetryManager };\n//# sourceMappingURL=ServerTelemetryManager.js.map\n","/*! @azure/msal-common v5.0.0 2021-09-08 */\n'use strict';\nimport { __awaiter, __generator } from '../_virtual/_tslib.js';\nimport { ThrottlingUtils } from './ThrottlingUtils.js';\nimport { ClientAuthError } from '../error/ClientAuthError.js';\nimport { AuthError } from '../error/AuthError.js';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\nvar NetworkManager = /** @class */ (function () {\r\n function NetworkManager(networkClient, cacheManager) {\r\n this.networkClient = networkClient;\r\n this.cacheManager = cacheManager;\r\n }\r\n /**\r\n * Wraps sendPostRequestAsync with necessary preflight and postflight logic\r\n * @param thumbprint\r\n * @param tokenEndpoint\r\n * @param options\r\n */\r\n NetworkManager.prototype.sendPostRequest = function (thumbprint, tokenEndpoint, options) {\r\n return __awaiter(this, void 0, void 0, function () {\r\n var response, e_1;\r\n return __generator(this, function (_a) {\r\n switch (_a.label) {\r\n case 0:\r\n ThrottlingUtils.preProcess(this.cacheManager, thumbprint);\r\n _a.label = 1;\r\n case 1:\r\n _a.trys.push([1, 3, , 4]);\r\n return [4 /*yield*/, this.networkClient.sendPostRequestAsync(tokenEndpoint, options)];\r\n case 2:\r\n response = _a.sent();\r\n return [3 /*break*/, 4];\r\n case 3:\r\n e_1 = _a.sent();\r\n if (e_1 instanceof AuthError) {\r\n throw e_1;\r\n }\r\n else {\r\n throw ClientAuthError.createNetworkError(tokenEndpoint, e_1);\r\n }\r\n case 4:\r\n ThrottlingUtils.postProcess(this.cacheManager, thumbprint, response);\r\n return [2 /*return*/, response];\r\n }\r\n });\r\n });\r\n };\r\n return NetworkManager;\r\n}());\n\nexport { NetworkManager };\n//# sourceMappingURL=NetworkManager.js.map\n","/*! @azure/msal-common v5.0.0 2021-09-08 */\n'use strict';\nimport { StringUtils } from '../utils/StringUtils.js';\nimport { Constants } from '../utils/Constants.js';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\n/**\r\n * Log message level.\r\n */\r\nvar LogLevel;\r\n(function (LogLevel) {\r\n LogLevel[LogLevel[\"Error\"] = 0] = \"Error\";\r\n LogLevel[LogLevel[\"Warning\"] = 1] = \"Warning\";\r\n LogLevel[LogLevel[\"Info\"] = 2] = \"Info\";\r\n LogLevel[LogLevel[\"Verbose\"] = 3] = \"Verbose\";\r\n LogLevel[LogLevel[\"Trace\"] = 4] = \"Trace\";\r\n})(LogLevel || (LogLevel = {}));\r\n/**\r\n * Class which facilitates logging of messages to a specific place.\r\n */\r\nvar Logger = /** @class */ (function () {\r\n function Logger(loggerOptions, packageName, packageVersion) {\r\n // Current log level, defaults to info.\r\n this.level = LogLevel.Info;\r\n var defaultLoggerCallback = function () {\r\n return;\r\n };\r\n this.localCallback = loggerOptions.loggerCallback || defaultLoggerCallback;\r\n this.piiLoggingEnabled = loggerOptions.piiLoggingEnabled || false;\r\n this.level = typeof (loggerOptions.logLevel) === \"number\" ? loggerOptions.logLevel : LogLevel.Info;\r\n this.correlationId = loggerOptions.correlationId || \"\";\r\n this.packageName = packageName || Constants.EMPTY_STRING;\r\n this.packageVersion = packageVersion || Constants.EMPTY_STRING;\r\n }\r\n /**\r\n * Create new Logger with existing configurations.\r\n */\r\n Logger.prototype.clone = function (packageName, packageVersion, correlationId) {\r\n return new Logger({ loggerCallback: this.localCallback, piiLoggingEnabled: this.piiLoggingEnabled, logLevel: this.level, correlationId: correlationId || this.correlationId }, packageName, packageVersion);\r\n };\r\n /**\r\n * Log message with required options.\r\n */\r\n Logger.prototype.logMessage = function (logMessage, options) {\r\n if ((options.logLevel > this.level) || (!this.piiLoggingEnabled && options.containsPii)) {\r\n return;\r\n }\r\n var timestamp = new Date().toUTCString();\r\n // Add correlationId to logs if set, correlationId provided on log messages take precedence\r\n var logHeader;\r\n if (!StringUtils.isEmpty(options.correlationId)) {\r\n logHeader = \"[\" + timestamp + \"] : [\" + options.correlationId + \"]\";\r\n }\r\n else if (!StringUtils.isEmpty(this.correlationId)) {\r\n logHeader = \"[\" + timestamp + \"] : [\" + this.correlationId + \"]\";\r\n }\r\n else {\r\n logHeader = \"[\" + timestamp + \"]\";\r\n }\r\n var log = logHeader + \" : \" + this.packageName + \"@\" + this.packageVersion + \" : \" + LogLevel[options.logLevel] + \" - \" + logMessage;\r\n // debug(`msal:${LogLevel[options.logLevel]}${options.containsPii ? \"-Pii\": \"\"}${options.context ? `:${options.context}` : \"\"}`)(logMessage);\r\n this.executeCallback(options.logLevel, log, options.containsPii || false);\r\n };\r\n /**\r\n * Execute callback with message.\r\n */\r\n Logger.prototype.executeCallback = function (level, message, containsPii) {\r\n if (this.localCallback) {\r\n this.localCallback(level, message, containsPii);\r\n }\r\n };\r\n /**\r\n * Logs error messages.\r\n */\r\n Logger.prototype.error = function (message, correlationId) {\r\n this.logMessage(message, {\r\n logLevel: LogLevel.Error,\r\n containsPii: false,\r\n correlationId: correlationId || \"\"\r\n });\r\n };\r\n /**\r\n * Logs error messages with PII.\r\n */\r\n Logger.prototype.errorPii = function (message, correlationId) {\r\n this.logMessage(message, {\r\n logLevel: LogLevel.Error,\r\n containsPii: true,\r\n correlationId: correlationId || \"\"\r\n });\r\n };\r\n /**\r\n * Logs warning messages.\r\n */\r\n Logger.prototype.warning = function (message, correlationId) {\r\n this.logMessage(message, {\r\n logLevel: LogLevel.Warning,\r\n containsPii: false,\r\n correlationId: correlationId || \"\"\r\n });\r\n };\r\n /**\r\n * Logs warning messages with PII.\r\n */\r\n Logger.prototype.warningPii = function (message, correlationId) {\r\n this.logMessage(message, {\r\n logLevel: LogLevel.Warning,\r\n containsPii: true,\r\n correlationId: correlationId || \"\"\r\n });\r\n };\r\n /**\r\n * Logs info messages.\r\n */\r\n Logger.prototype.info = function (message, correlationId) {\r\n this.logMessage(message, {\r\n logLevel: LogLevel.Info,\r\n containsPii: false,\r\n correlationId: correlationId || \"\"\r\n });\r\n };\r\n /**\r\n * Logs info messages with PII.\r\n */\r\n Logger.prototype.infoPii = function (message, correlationId) {\r\n this.logMessage(message, {\r\n logLevel: LogLevel.Info,\r\n containsPii: true,\r\n correlationId: correlationId || \"\"\r\n });\r\n };\r\n /**\r\n * Logs verbose messages.\r\n */\r\n Logger.prototype.verbose = function (message, correlationId) {\r\n this.logMessage(message, {\r\n logLevel: LogLevel.Verbose,\r\n containsPii: false,\r\n correlationId: correlationId || \"\"\r\n });\r\n };\r\n /**\r\n * Logs verbose messages with PII.\r\n */\r\n Logger.prototype.verbosePii = function (message, correlationId) {\r\n this.logMessage(message, {\r\n logLevel: LogLevel.Verbose,\r\n containsPii: true,\r\n correlationId: correlationId || \"\"\r\n });\r\n };\r\n /**\r\n * Logs trace messages.\r\n */\r\n Logger.prototype.trace = function (message, correlationId) {\r\n this.logMessage(message, {\r\n logLevel: LogLevel.Trace,\r\n containsPii: false,\r\n correlationId: correlationId || \"\"\r\n });\r\n };\r\n /**\r\n * Logs trace messages with PII.\r\n */\r\n Logger.prototype.tracePii = function (message, correlationId) {\r\n this.logMessage(message, {\r\n logLevel: LogLevel.Trace,\r\n containsPii: true,\r\n correlationId: correlationId || \"\"\r\n });\r\n };\r\n /**\r\n * Returns whether PII Logging is enabled or not.\r\n */\r\n Logger.prototype.isPiiLoggingEnabled = function () {\r\n return this.piiLoggingEnabled || false;\r\n };\r\n return Logger;\r\n}());\n\nexport { LogLevel, Logger };\n//# sourceMappingURL=Logger.js.map\n","/*! @azure/msal-common v5.0.0 2021-09-08 */\n'use strict';\nimport { __awaiter, __generator } from '../_virtual/_tslib.js';\nimport { buildClientInfo } from '../account/ClientInfo.js';\nimport { ClientAuthError } from '../error/ClientAuthError.js';\nimport { StringUtils } from '../utils/StringUtils.js';\nimport { ServerError } from '../error/ServerError.js';\nimport { AuthToken } from '../account/AuthToken.js';\nimport { ScopeSet } from '../request/ScopeSet.js';\nimport { AccountEntity } from '../cache/entities/AccountEntity.js';\nimport { AuthorityType } from '../authority/AuthorityType.js';\nimport { IdTokenEntity } from '../cache/entities/IdTokenEntity.js';\nimport { AccessTokenEntity } from '../cache/entities/AccessTokenEntity.js';\nimport { RefreshTokenEntity } from '../cache/entities/RefreshTokenEntity.js';\nimport { InteractionRequiredAuthError } from '../error/InteractionRequiredAuthError.js';\nimport { CacheRecord } from '../cache/entities/CacheRecord.js';\nimport { ProtocolUtils } from '../utils/ProtocolUtils.js';\nimport { Constants, AuthenticationScheme, THE_FAMILY_ID } from '../utils/Constants.js';\nimport { PopTokenGenerator } from '../crypto/PopTokenGenerator.js';\nimport { AppMetadataEntity } from '../cache/entities/AppMetadataEntity.js';\nimport { TokenCacheContext } from '../cache/persistence/TokenCacheContext.js';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\n/**\r\n * Class that handles response parsing.\r\n */\r\nvar ResponseHandler = /** @class */ (function () {\r\n function ResponseHandler(clientId, cacheStorage, cryptoObj, logger, serializableCache, persistencePlugin) {\r\n this.clientId = clientId;\r\n this.cacheStorage = cacheStorage;\r\n this.cryptoObj = cryptoObj;\r\n this.logger = logger;\r\n this.serializableCache = serializableCache;\r\n this.persistencePlugin = persistencePlugin;\r\n }\r\n /**\r\n * Function which validates server authorization code response.\r\n * @param serverResponseHash\r\n * @param cachedState\r\n * @param cryptoObj\r\n */\r\n ResponseHandler.prototype.validateServerAuthorizationCodeResponse = function (serverResponseHash, cachedState, cryptoObj) {\r\n if (!serverResponseHash.state || !cachedState) {\r\n throw !serverResponseHash.state ? ClientAuthError.createStateNotFoundError(\"Server State\") : ClientAuthError.createStateNotFoundError(\"Cached State\");\r\n }\r\n if (decodeURIComponent(serverResponseHash.state) !== decodeURIComponent(cachedState)) {\r\n throw ClientAuthError.createStateMismatchError();\r\n }\r\n // Check for error\r\n if (serverResponseHash.error || serverResponseHash.error_description || serverResponseHash.suberror) {\r\n if (InteractionRequiredAuthError.isInteractionRequiredError(serverResponseHash.error, serverResponseHash.error_description, serverResponseHash.suberror)) {\r\n throw new InteractionRequiredAuthError(serverResponseHash.error || Constants.EMPTY_STRING, serverResponseHash.error_description, serverResponseHash.suberror);\r\n }\r\n throw new ServerError(serverResponseHash.error || Constants.EMPTY_STRING, serverResponseHash.error_description, serverResponseHash.suberror);\r\n }\r\n if (serverResponseHash.client_info) {\r\n buildClientInfo(serverResponseHash.client_info, cryptoObj);\r\n }\r\n };\r\n /**\r\n * Function which validates server authorization token response.\r\n * @param serverResponse\r\n */\r\n ResponseHandler.prototype.validateTokenResponse = function (serverResponse) {\r\n // Check for error\r\n if (serverResponse.error || serverResponse.error_description || serverResponse.suberror) {\r\n if (InteractionRequiredAuthError.isInteractionRequiredError(serverResponse.error, serverResponse.error_description, serverResponse.suberror)) {\r\n throw new InteractionRequiredAuthError(serverResponse.error, serverResponse.error_description, serverResponse.suberror);\r\n }\r\n var errString = serverResponse.error_codes + \" - [\" + serverResponse.timestamp + \"]: \" + serverResponse.error_description + \" - Correlation ID: \" + serverResponse.correlation_id + \" - Trace ID: \" + serverResponse.trace_id;\r\n throw new ServerError(serverResponse.error, errString, serverResponse.suberror);\r\n }\r\n };\r\n /**\r\n * Returns a constructed token response based on given string. Also manages the cache updates and cleanups.\r\n * @param serverTokenResponse\r\n * @param authority\r\n */\r\n ResponseHandler.prototype.handleServerTokenResponse = function (serverTokenResponse, authority, reqTimestamp, request, authCodePayload, oboAssertion, handlingRefreshTokenResponse) {\r\n return __awaiter(this, void 0, void 0, function () {\r\n var idTokenObj, requestStateObj, cacheRecord, cacheContext, key, account;\r\n return __generator(this, function (_a) {\r\n switch (_a.label) {\r\n case 0:\r\n if (serverTokenResponse.id_token) {\r\n idTokenObj = new AuthToken(serverTokenResponse.id_token || Constants.EMPTY_STRING, this.cryptoObj);\r\n // token nonce check (TODO: Add a warning if no nonce is given?)\r\n if (authCodePayload && !StringUtils.isEmpty(authCodePayload.nonce)) {\r\n if (idTokenObj.claims.nonce !== authCodePayload.nonce) {\r\n throw ClientAuthError.createNonceMismatchError();\r\n }\r\n }\r\n }\r\n // generate homeAccountId\r\n this.homeAccountIdentifier = AccountEntity.generateHomeAccountId(serverTokenResponse.client_info || Constants.EMPTY_STRING, authority.authorityType, this.logger, this.cryptoObj, idTokenObj);\r\n if (!!authCodePayload && !!authCodePayload.state) {\r\n requestStateObj = ProtocolUtils.parseRequestState(this.cryptoObj, authCodePayload.state);\r\n }\r\n cacheRecord = this.generateCacheRecord(serverTokenResponse, authority, reqTimestamp, idTokenObj, request.scopes, oboAssertion, authCodePayload);\r\n _a.label = 1;\r\n case 1:\r\n _a.trys.push([1, , 5, 8]);\r\n if (!(this.persistencePlugin && this.serializableCache)) return [3 /*break*/, 3];\r\n this.logger.verbose(\"Persistence enabled, calling beforeCacheAccess\");\r\n cacheContext = new TokenCacheContext(this.serializableCache, true);\r\n return [4 /*yield*/, this.persistencePlugin.beforeCacheAccess(cacheContext)];\r\n case 2:\r\n _a.sent();\r\n _a.label = 3;\r\n case 3:\r\n /*\r\n * When saving a refreshed tokens to the cache, it is expected that the account that was used is present in the cache.\r\n * If not present, we should return null, as it's the case that another application called removeAccount in between\r\n * the calls to getAllAccounts and acquireTokenSilent. We should not overwrite that removal.\r\n */\r\n if (handlingRefreshTokenResponse && cacheRecord.account) {\r\n key = cacheRecord.account.generateAccountKey();\r\n account = this.cacheStorage.getAccount(key);\r\n if (!account) {\r\n this.logger.warning(\"Account used to refresh tokens not in persistence, refreshed tokens will not be stored in the cache\");\r\n return [2 /*return*/, ResponseHandler.generateAuthenticationResult(this.cryptoObj, authority, cacheRecord, false, request, idTokenObj, requestStateObj)];\r\n }\r\n }\r\n return [4 /*yield*/, this.cacheStorage.saveCacheRecord(cacheRecord)];\r\n case 4:\r\n _a.sent();\r\n return [3 /*break*/, 8];\r\n case 5:\r\n if (!(this.persistencePlugin && this.serializableCache && cacheContext)) return [3 /*break*/, 7];\r\n this.logger.verbose(\"Persistence enabled, calling afterCacheAccess\");\r\n return [4 /*yield*/, this.persistencePlugin.afterCacheAccess(cacheContext)];\r\n case 6:\r\n _a.sent();\r\n _a.label = 7;\r\n case 7: return [7 /*endfinally*/];\r\n case 8: return [2 /*return*/, ResponseHandler.generateAuthenticationResult(this.cryptoObj, authority, cacheRecord, false, request, idTokenObj, requestStateObj)];\r\n }\r\n });\r\n });\r\n };\r\n /**\r\n * Generates CacheRecord\r\n * @param serverTokenResponse\r\n * @param idTokenObj\r\n * @param authority\r\n */\r\n ResponseHandler.prototype.generateCacheRecord = function (serverTokenResponse, authority, reqTimestamp, idTokenObj, requestScopes, oboAssertion, authCodePayload) {\r\n var env = authority.getPreferredCache();\r\n if (StringUtils.isEmpty(env)) {\r\n throw ClientAuthError.createInvalidCacheEnvironmentError();\r\n }\r\n // IdToken: non AAD scenarios can have empty realm\r\n var cachedIdToken;\r\n var cachedAccount;\r\n if (!StringUtils.isEmpty(serverTokenResponse.id_token) && !!idTokenObj) {\r\n cachedIdToken = IdTokenEntity.createIdTokenEntity(this.homeAccountIdentifier, env, serverTokenResponse.id_token || Constants.EMPTY_STRING, this.clientId, idTokenObj.claims.tid || Constants.EMPTY_STRING, oboAssertion);\r\n cachedAccount = this.generateAccountEntity(serverTokenResponse, idTokenObj, authority, oboAssertion, authCodePayload);\r\n }\r\n // AccessToken\r\n var cachedAccessToken = null;\r\n if (!StringUtils.isEmpty(serverTokenResponse.access_token)) {\r\n // If scopes not returned in server response, use request scopes\r\n var responseScopes = serverTokenResponse.scope ? ScopeSet.fromString(serverTokenResponse.scope) : new ScopeSet(requestScopes || []);\r\n /*\r\n * Use timestamp calculated before request\r\n * Server may return timestamps as strings, parse to numbers if so.\r\n */\r\n var expiresIn = (typeof serverTokenResponse.expires_in === \"string\" ? parseInt(serverTokenResponse.expires_in, 10) : serverTokenResponse.expires_in) || 0;\r\n var extExpiresIn = (typeof serverTokenResponse.ext_expires_in === \"string\" ? parseInt(serverTokenResponse.ext_expires_in, 10) : serverTokenResponse.ext_expires_in) || 0;\r\n var refreshIn = (typeof serverTokenResponse.refresh_in === \"string\" ? parseInt(serverTokenResponse.refresh_in, 10) : serverTokenResponse.refresh_in) || undefined;\r\n var tokenExpirationSeconds = reqTimestamp + expiresIn;\r\n var extendedTokenExpirationSeconds = tokenExpirationSeconds + extExpiresIn;\r\n var refreshOnSeconds = refreshIn && refreshIn > 0 ? reqTimestamp + refreshIn : undefined;\r\n // non AAD scenarios can have empty realm\r\n cachedAccessToken = AccessTokenEntity.createAccessTokenEntity(this.homeAccountIdentifier, env, serverTokenResponse.access_token || Constants.EMPTY_STRING, this.clientId, idTokenObj ? idTokenObj.claims.tid || Constants.EMPTY_STRING : authority.tenant, responseScopes.printScopes(), tokenExpirationSeconds, extendedTokenExpirationSeconds, this.cryptoObj, refreshOnSeconds, serverTokenResponse.token_type, oboAssertion);\r\n }\r\n // refreshToken\r\n var cachedRefreshToken = null;\r\n if (!StringUtils.isEmpty(serverTokenResponse.refresh_token)) {\r\n cachedRefreshToken = RefreshTokenEntity.createRefreshTokenEntity(this.homeAccountIdentifier, env, serverTokenResponse.refresh_token || Constants.EMPTY_STRING, this.clientId, serverTokenResponse.foci, oboAssertion);\r\n }\r\n // appMetadata\r\n var cachedAppMetadata = null;\r\n if (!StringUtils.isEmpty(serverTokenResponse.foci)) {\r\n cachedAppMetadata = AppMetadataEntity.createAppMetadataEntity(this.clientId, env, serverTokenResponse.foci);\r\n }\r\n return new CacheRecord(cachedAccount, cachedIdToken, cachedAccessToken, cachedRefreshToken, cachedAppMetadata);\r\n };\r\n /**\r\n * Generate Account\r\n * @param serverTokenResponse\r\n * @param idToken\r\n * @param authority\r\n */\r\n ResponseHandler.prototype.generateAccountEntity = function (serverTokenResponse, idToken, authority, oboAssertion, authCodePayload) {\r\n var authorityType = authority.authorityType;\r\n var cloudGraphHostName = authCodePayload ? authCodePayload.cloud_graph_host_name : \"\";\r\n var msGraphhost = authCodePayload ? authCodePayload.msgraph_host : \"\";\r\n // ADFS does not require client_info in the response\r\n if (authorityType === AuthorityType.Adfs) {\r\n this.logger.verbose(\"Authority type is ADFS, creating ADFS account\");\r\n return AccountEntity.createGenericAccount(this.homeAccountIdentifier, idToken, authority, oboAssertion, cloudGraphHostName, msGraphhost);\r\n }\r\n // This fallback applies to B2C as well as they fall under an AAD account type.\r\n if (StringUtils.isEmpty(serverTokenResponse.client_info) && authority.protocolMode === \"AAD\") {\r\n throw ClientAuthError.createClientInfoEmptyError();\r\n }\r\n return serverTokenResponse.client_info ?\r\n AccountEntity.createAccount(serverTokenResponse.client_info, this.homeAccountIdentifier, idToken, authority, oboAssertion, cloudGraphHostName, msGraphhost) :\r\n AccountEntity.createGenericAccount(this.homeAccountIdentifier, idToken, authority, oboAssertion, cloudGraphHostName, msGraphhost);\r\n };\r\n /**\r\n * Creates an @AuthenticationResult from @CacheRecord , @IdToken , and a boolean that states whether or not the result is from cache.\r\n *\r\n * Optionally takes a state string that is set as-is in the response.\r\n *\r\n * @param cacheRecord\r\n * @param idTokenObj\r\n * @param fromTokenCache\r\n * @param stateString\r\n */\r\n ResponseHandler.generateAuthenticationResult = function (cryptoObj, authority, cacheRecord, fromTokenCache, request, idTokenObj, requestState) {\r\n var _a, _b, _c;\r\n return __awaiter(this, void 0, void 0, function () {\r\n var accessToken, responseScopes, expiresOn, extExpiresOn, familyId, popTokenGenerator, uid, tid;\r\n return __generator(this, function (_d) {\r\n switch (_d.label) {\r\n case 0:\r\n accessToken = \"\";\r\n responseScopes = [];\r\n expiresOn = null;\r\n familyId = Constants.EMPTY_STRING;\r\n if (!cacheRecord.accessToken) return [3 /*break*/, 4];\r\n if (!(cacheRecord.accessToken.tokenType === AuthenticationScheme.POP)) return [3 /*break*/, 2];\r\n popTokenGenerator = new PopTokenGenerator(cryptoObj);\r\n return [4 /*yield*/, popTokenGenerator.signPopToken(cacheRecord.accessToken.secret, request)];\r\n case 1:\r\n accessToken = _d.sent();\r\n return [3 /*break*/, 3];\r\n case 2:\r\n accessToken = cacheRecord.accessToken.secret;\r\n _d.label = 3;\r\n case 3:\r\n responseScopes = ScopeSet.fromString(cacheRecord.accessToken.target).asArray();\r\n expiresOn = new Date(Number(cacheRecord.accessToken.expiresOn) * 1000);\r\n extExpiresOn = new Date(Number(cacheRecord.accessToken.extendedExpiresOn) * 1000);\r\n _d.label = 4;\r\n case 4:\r\n if (cacheRecord.appMetadata) {\r\n familyId = cacheRecord.appMetadata.familyId === THE_FAMILY_ID ? THE_FAMILY_ID : Constants.EMPTY_STRING;\r\n }\r\n uid = (idTokenObj === null || idTokenObj === void 0 ? void 0 : idTokenObj.claims.oid) || (idTokenObj === null || idTokenObj === void 0 ? void 0 : idTokenObj.claims.sub) || Constants.EMPTY_STRING;\r\n tid = (idTokenObj === null || idTokenObj === void 0 ? void 0 : idTokenObj.claims.tid) || Constants.EMPTY_STRING;\r\n return [2 /*return*/, {\r\n authority: authority.canonicalAuthority,\r\n uniqueId: uid,\r\n tenantId: tid,\r\n scopes: responseScopes,\r\n account: cacheRecord.account ? cacheRecord.account.getAccountInfo() : null,\r\n idToken: idTokenObj ? idTokenObj.rawToken : Constants.EMPTY_STRING,\r\n idTokenClaims: idTokenObj ? idTokenObj.claims : {},\r\n accessToken: accessToken,\r\n fromCache: fromTokenCache,\r\n expiresOn: expiresOn,\r\n correlationId: request.correlationId,\r\n extExpiresOn: extExpiresOn,\r\n familyId: familyId,\r\n tokenType: ((_a = cacheRecord.accessToken) === null || _a === void 0 ? void 0 : _a.tokenType) || Constants.EMPTY_STRING,\r\n state: requestState ? requestState.userRequestState : Constants.EMPTY_STRING,\r\n cloudGraphHostName: ((_b = cacheRecord.account) === null || _b === void 0 ? void 0 : _b.cloudGraphHostName) || Constants.EMPTY_STRING,\r\n msGraphHost: ((_c = cacheRecord.account) === null || _c === void 0 ? void 0 : _c.msGraphHost) || Constants.EMPTY_STRING\r\n }];\r\n }\r\n });\r\n });\r\n };\r\n return ResponseHandler;\r\n}());\n\nexport { ResponseHandler };\n//# sourceMappingURL=ResponseHandler.js.map\n","/*! @azure/msal-common v5.0.0 2021-09-08 */\n'use strict';\nimport { ClientAuthError } from '../error/ClientAuthError.js';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\n/**\r\n * @hidden\r\n */\r\nvar StringUtils = /** @class */ (function () {\r\n function StringUtils() {\r\n }\r\n /**\r\n * decode a JWT\r\n *\r\n * @param authToken\r\n */\r\n StringUtils.decodeAuthToken = function (authToken) {\r\n if (StringUtils.isEmpty(authToken)) {\r\n throw ClientAuthError.createTokenNullOrEmptyError(authToken);\r\n }\r\n var tokenPartsRegex = /^([^\\.\\s]*)\\.([^\\.\\s]+)\\.([^\\.\\s]*)$/;\r\n var matches = tokenPartsRegex.exec(authToken);\r\n if (!matches || matches.length < 4) {\r\n throw ClientAuthError.createTokenParsingError(\"Given token is malformed: \" + JSON.stringify(authToken));\r\n }\r\n var crackedToken = {\r\n header: matches[1],\r\n JWSPayload: matches[2],\r\n JWSSig: matches[3]\r\n };\r\n return crackedToken;\r\n };\r\n /**\r\n * Check if a string is empty.\r\n *\r\n * @param str\r\n */\r\n StringUtils.isEmpty = function (str) {\r\n return (typeof str === \"undefined\" || !str || 0 === str.length);\r\n };\r\n /**\r\n * Check if stringified object is empty\r\n * @param strObj\r\n */\r\n StringUtils.isEmptyObj = function (strObj) {\r\n if (strObj && !StringUtils.isEmpty(strObj)) {\r\n try {\r\n var obj = JSON.parse(strObj);\r\n return Object.keys(obj).length === 0;\r\n }\r\n catch (e) { }\r\n }\r\n return true;\r\n };\r\n StringUtils.startsWith = function (str, search) {\r\n return str.indexOf(search) === 0;\r\n };\r\n StringUtils.endsWith = function (str, search) {\r\n return (str.length >= search.length) && (str.lastIndexOf(search) === (str.length - search.length));\r\n };\r\n /**\r\n * Parses string into an object.\r\n *\r\n * @param query\r\n */\r\n StringUtils.queryStringToObject = function (query) {\r\n var obj = {};\r\n var params = query.split(\"&\");\r\n var decode = function (s) { return decodeURIComponent(s.replace(/\\+/g, \" \")); };\r\n params.forEach(function (pair) {\r\n if (pair.trim()) {\r\n var _a = pair.split(/=(.+)/g, 2), key = _a[0], value = _a[1]; // Split on the first occurence of the '=' character\r\n if (key && value) {\r\n obj[decode(key)] = decode(value);\r\n }\r\n }\r\n });\r\n return obj;\r\n };\r\n /**\r\n * Trims entries in an array.\r\n *\r\n * @param arr\r\n */\r\n StringUtils.trimArrayEntries = function (arr) {\r\n return arr.map(function (entry) { return entry.trim(); });\r\n };\r\n /**\r\n * Removes empty strings from array\r\n * @param arr\r\n */\r\n StringUtils.removeEmptyStringsFromArray = function (arr) {\r\n return arr.filter(function (entry) {\r\n return !StringUtils.isEmpty(entry);\r\n });\r\n };\r\n /**\r\n * Attempts to parse a string into JSON\r\n * @param str\r\n */\r\n StringUtils.jsonParseHelper = function (str) {\r\n try {\r\n return JSON.parse(str);\r\n }\r\n catch (e) {\r\n return null;\r\n }\r\n };\r\n /**\r\n * Tests if a given string matches a given pattern, with support for wildcards and queries.\r\n * @param pattern Wildcard pattern to string match. Supports \"*\" for wildcards and \"?\" for queries\r\n * @param input String to match against\r\n */\r\n StringUtils.matchPattern = function (pattern, input) {\r\n /**\r\n * Wildcard support: https://stackoverflow.com/a/3117248/4888559\r\n * Queries: replaces \"?\" in string with escaped \"\\?\" for regex test\r\n */\r\n var regex = new RegExp(pattern.replace(/\\\\/g, \"\\\\\\\\\").replace(/\\*/g, \"[^ ]*\").replace(/\\?/g, \"\\\\\\?\")); // eslint-disable-line security/detect-non-literal-regexp\r\n return regex.test(input);\r\n };\r\n return StringUtils;\r\n}());\n\nexport { StringUtils };\n//# sourceMappingURL=StringUtils.js.map\n","/*! @azure/msal-common v5.0.0 2021-09-08 */\n'use strict';\nimport { AuthError } from '../error/AuthError.js';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\nvar StubbedNetworkModule = {\r\n sendGetRequestAsync: function () {\r\n var notImplErr = \"Network interface - sendGetRequestAsync() has not been implemented for the Network interface.\";\r\n return Promise.reject(AuthError.createUnexpectedError(notImplErr));\r\n },\r\n sendPostRequestAsync: function () {\r\n var notImplErr = \"Network interface - sendPostRequestAsync() has not been implemented for the Network interface.\";\r\n return Promise.reject(AuthError.createUnexpectedError(notImplErr));\r\n }\r\n};\n\nexport { StubbedNetworkModule };\n//# sourceMappingURL=INetworkModule.js.map\n","/*! @azure/msal-common v5.0.0 2021-09-08 */\n'use strict';\nimport { StringUtils } from '../utils/StringUtils.js';\nimport { ClientConfigurationError } from '../error/ClientConfigurationError.js';\nimport { CodeChallengeMethodValues, PromptValue } from '../utils/Constants.js';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\n/**\r\n * Validates server consumable params from the \"request\" objects\r\n */\r\nvar RequestValidator = /** @class */ (function () {\r\n function RequestValidator() {\r\n }\r\n /**\r\n * Utility to check if the `redirectUri` in the request is a non-null value\r\n * @param redirectUri\r\n */\r\n RequestValidator.validateRedirectUri = function (redirectUri) {\r\n if (StringUtils.isEmpty(redirectUri)) {\r\n throw ClientConfigurationError.createRedirectUriEmptyError();\r\n }\r\n };\r\n /**\r\n * Utility to validate prompt sent by the user in the request\r\n * @param prompt\r\n */\r\n RequestValidator.validatePrompt = function (prompt) {\r\n var promptValues = [];\r\n for (var value in PromptValue) {\r\n promptValues.push(PromptValue[value]);\r\n }\r\n if (promptValues.indexOf(prompt) < 0) {\r\n throw ClientConfigurationError.createInvalidPromptError(prompt);\r\n }\r\n };\r\n RequestValidator.validateClaims = function (claims) {\r\n try {\r\n JSON.parse(claims);\r\n }\r\n catch (e) {\r\n throw ClientConfigurationError.createInvalidClaimsRequestError();\r\n }\r\n };\r\n /**\r\n * Utility to validate code_challenge and code_challenge_method\r\n * @param codeChallenge\r\n * @param codeChallengeMethod\r\n */\r\n RequestValidator.validateCodeChallengeParams = function (codeChallenge, codeChallengeMethod) {\r\n if (StringUtils.isEmpty(codeChallenge) || StringUtils.isEmpty(codeChallengeMethod)) {\r\n throw ClientConfigurationError.createInvalidCodeChallengeParamsError();\r\n }\r\n else {\r\n this.validateCodeChallengeMethod(codeChallengeMethod);\r\n }\r\n };\r\n /**\r\n * Utility to validate code_challenge_method\r\n * @param codeChallengeMethod\r\n */\r\n RequestValidator.validateCodeChallengeMethod = function (codeChallengeMethod) {\r\n if ([\r\n CodeChallengeMethodValues.PLAIN,\r\n CodeChallengeMethodValues.S256\r\n ].indexOf(codeChallengeMethod) < 0) {\r\n throw ClientConfigurationError.createInvalidCodeChallengeMethodError();\r\n }\r\n };\r\n /**\r\n * Removes unnecessary or duplicate query parameters from extraQueryParameters\r\n * @param request\r\n */\r\n RequestValidator.sanitizeEQParams = function (eQParams, queryParams) {\r\n if (!eQParams) {\r\n return {};\r\n }\r\n // Remove any query parameters already included in SSO params\r\n queryParams.forEach(function (value, key) {\r\n if (eQParams[key]) {\r\n delete eQParams[key];\r\n }\r\n });\r\n return eQParams;\r\n };\r\n return RequestValidator;\r\n}());\n\nexport { RequestValidator };\n//# sourceMappingURL=RequestValidator.js.map\n","/*! @azure/msal-common v5.0.0 2021-09-08 */\n'use strict';\nimport { __spreadArrays } from '../_virtual/_tslib.js';\nimport { AADServerParamKeys, Constants, ResponseMode, OIDC_DEFAULT_SCOPES, SSOTypes, HeaderNames, CLIENT_INFO, ClaimsRequestKeys, PasswordGrantConstants, AuthenticationScheme, ThrottlingConstants } from '../utils/Constants.js';\nimport { ScopeSet } from './ScopeSet.js';\nimport { ClientConfigurationError } from '../error/ClientConfigurationError.js';\nimport { RequestValidator } from './RequestValidator.js';\nimport { StringUtils } from '../utils/StringUtils.js';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\nvar RequestParameterBuilder = /** @class */ (function () {\r\n function RequestParameterBuilder() {\r\n this.parameters = new Map();\r\n }\r\n /**\r\n * add response_type = code\r\n */\r\n RequestParameterBuilder.prototype.addResponseTypeCode = function () {\r\n this.parameters.set(AADServerParamKeys.RESPONSE_TYPE, encodeURIComponent(Constants.CODE_RESPONSE_TYPE));\r\n };\r\n /**\r\n * add response_mode. defaults to query.\r\n * @param responseMode\r\n */\r\n RequestParameterBuilder.prototype.addResponseMode = function (responseMode) {\r\n this.parameters.set(AADServerParamKeys.RESPONSE_MODE, encodeURIComponent((responseMode) ? responseMode : ResponseMode.QUERY));\r\n };\r\n /**\r\n * add scopes. set addOidcScopes to false to prevent default scopes in non-user scenarios\r\n * @param scopeSet\r\n * @param addOidcScopes\r\n */\r\n RequestParameterBuilder.prototype.addScopes = function (scopes, addOidcScopes) {\r\n if (addOidcScopes === void 0) { addOidcScopes = true; }\r\n var requestScopes = addOidcScopes ? __spreadArrays(scopes || [], OIDC_DEFAULT_SCOPES) : scopes || [];\r\n var scopeSet = new ScopeSet(requestScopes);\r\n this.parameters.set(AADServerParamKeys.SCOPE, encodeURIComponent(scopeSet.printScopes()));\r\n };\r\n /**\r\n * add clientId\r\n * @param clientId\r\n */\r\n RequestParameterBuilder.prototype.addClientId = function (clientId) {\r\n this.parameters.set(AADServerParamKeys.CLIENT_ID, encodeURIComponent(clientId));\r\n };\r\n /**\r\n * add redirect_uri\r\n * @param redirectUri\r\n */\r\n RequestParameterBuilder.prototype.addRedirectUri = function (redirectUri) {\r\n RequestValidator.validateRedirectUri(redirectUri);\r\n this.parameters.set(AADServerParamKeys.REDIRECT_URI, encodeURIComponent(redirectUri));\r\n };\r\n /**\r\n * add post logout redirectUri\r\n * @param redirectUri\r\n */\r\n RequestParameterBuilder.prototype.addPostLogoutRedirectUri = function (redirectUri) {\r\n RequestValidator.validateRedirectUri(redirectUri);\r\n this.parameters.set(AADServerParamKeys.POST_LOGOUT_URI, encodeURIComponent(redirectUri));\r\n };\r\n /**\r\n * add id_token_hint to logout request\r\n * @param idTokenHint\r\n */\r\n RequestParameterBuilder.prototype.addIdTokenHint = function (idTokenHint) {\r\n this.parameters.set(AADServerParamKeys.ID_TOKEN_HINT, encodeURIComponent(idTokenHint));\r\n };\r\n /**\r\n * add domain_hint\r\n * @param domainHint\r\n */\r\n RequestParameterBuilder.prototype.addDomainHint = function (domainHint) {\r\n this.parameters.set(SSOTypes.DOMAIN_HINT, encodeURIComponent(domainHint));\r\n };\r\n /**\r\n * add login_hint\r\n * @param loginHint\r\n */\r\n RequestParameterBuilder.prototype.addLoginHint = function (loginHint) {\r\n this.parameters.set(SSOTypes.LOGIN_HINT, encodeURIComponent(loginHint));\r\n };\r\n /**\r\n * Adds the CCS (Cache Credential Service) query parameter for login_hint\r\n * @param loginHint\r\n */\r\n RequestParameterBuilder.prototype.addCcsUpn = function (loginHint) {\r\n this.parameters.set(HeaderNames.CCS_HEADER, encodeURIComponent(\"UPN:\" + loginHint));\r\n };\r\n /**\r\n * Adds the CCS (Cache Credential Service) query parameter for account object\r\n * @param loginHint\r\n */\r\n RequestParameterBuilder.prototype.addCcsOid = function (clientInfo) {\r\n this.parameters.set(HeaderNames.CCS_HEADER, encodeURIComponent(\"Oid:\" + clientInfo.uid + \"@\" + clientInfo.utid));\r\n };\r\n /**\r\n * add sid\r\n * @param sid\r\n */\r\n RequestParameterBuilder.prototype.addSid = function (sid) {\r\n this.parameters.set(SSOTypes.SID, encodeURIComponent(sid));\r\n };\r\n /**\r\n * add claims\r\n * @param claims\r\n */\r\n RequestParameterBuilder.prototype.addClaims = function (claims, clientCapabilities) {\r\n var mergedClaims = this.addClientCapabilitiesToClaims(claims, clientCapabilities);\r\n RequestValidator.validateClaims(mergedClaims);\r\n this.parameters.set(AADServerParamKeys.CLAIMS, encodeURIComponent(mergedClaims));\r\n };\r\n /**\r\n * add correlationId\r\n * @param correlationId\r\n */\r\n RequestParameterBuilder.prototype.addCorrelationId = function (correlationId) {\r\n this.parameters.set(AADServerParamKeys.CLIENT_REQUEST_ID, encodeURIComponent(correlationId));\r\n };\r\n /**\r\n * add library info query params\r\n * @param libraryInfo\r\n */\r\n RequestParameterBuilder.prototype.addLibraryInfo = function (libraryInfo) {\r\n // Telemetry Info\r\n this.parameters.set(AADServerParamKeys.X_CLIENT_SKU, libraryInfo.sku);\r\n this.parameters.set(AADServerParamKeys.X_CLIENT_VER, libraryInfo.version);\r\n this.parameters.set(AADServerParamKeys.X_CLIENT_OS, libraryInfo.os);\r\n this.parameters.set(AADServerParamKeys.X_CLIENT_CPU, libraryInfo.cpu);\r\n };\r\n /**\r\n * add prompt\r\n * @param prompt\r\n */\r\n RequestParameterBuilder.prototype.addPrompt = function (prompt) {\r\n RequestValidator.validatePrompt(prompt);\r\n this.parameters.set(\"\" + AADServerParamKeys.PROMPT, encodeURIComponent(prompt));\r\n };\r\n /**\r\n * add state\r\n * @param state\r\n */\r\n RequestParameterBuilder.prototype.addState = function (state) {\r\n if (!StringUtils.isEmpty(state)) {\r\n this.parameters.set(AADServerParamKeys.STATE, encodeURIComponent(state));\r\n }\r\n };\r\n /**\r\n * add nonce\r\n * @param nonce\r\n */\r\n RequestParameterBuilder.prototype.addNonce = function (nonce) {\r\n this.parameters.set(AADServerParamKeys.NONCE, encodeURIComponent(nonce));\r\n };\r\n /**\r\n * add code_challenge and code_challenge_method\r\n * - throw if either of them are not passed\r\n * @param codeChallenge\r\n * @param codeChallengeMethod\r\n */\r\n RequestParameterBuilder.prototype.addCodeChallengeParams = function (codeChallenge, codeChallengeMethod) {\r\n RequestValidator.validateCodeChallengeParams(codeChallenge, codeChallengeMethod);\r\n if (codeChallenge && codeChallengeMethod) {\r\n this.parameters.set(AADServerParamKeys.CODE_CHALLENGE, encodeURIComponent(codeChallenge));\r\n this.parameters.set(AADServerParamKeys.CODE_CHALLENGE_METHOD, encodeURIComponent(codeChallengeMethod));\r\n }\r\n else {\r\n throw ClientConfigurationError.createInvalidCodeChallengeParamsError();\r\n }\r\n };\r\n /**\r\n * add the `authorization_code` passed by the user to exchange for a token\r\n * @param code\r\n */\r\n RequestParameterBuilder.prototype.addAuthorizationCode = function (code) {\r\n this.parameters.set(AADServerParamKeys.CODE, encodeURIComponent(code));\r\n };\r\n /**\r\n * add the `authorization_code` passed by the user to exchange for a token\r\n * @param code\r\n */\r\n RequestParameterBuilder.prototype.addDeviceCode = function (code) {\r\n this.parameters.set(AADServerParamKeys.DEVICE_CODE, encodeURIComponent(code));\r\n };\r\n /**\r\n * add the `refreshToken` passed by the user\r\n * @param refreshToken\r\n */\r\n RequestParameterBuilder.prototype.addRefreshToken = function (refreshToken) {\r\n this.parameters.set(AADServerParamKeys.REFRESH_TOKEN, encodeURIComponent(refreshToken));\r\n };\r\n /**\r\n * add the `code_verifier` passed by the user to exchange for a token\r\n * @param codeVerifier\r\n */\r\n RequestParameterBuilder.prototype.addCodeVerifier = function (codeVerifier) {\r\n this.parameters.set(AADServerParamKeys.CODE_VERIFIER, encodeURIComponent(codeVerifier));\r\n };\r\n /**\r\n * add client_secret\r\n * @param clientSecret\r\n */\r\n RequestParameterBuilder.prototype.addClientSecret = function (clientSecret) {\r\n this.parameters.set(AADServerParamKeys.CLIENT_SECRET, encodeURIComponent(clientSecret));\r\n };\r\n /**\r\n * add clientAssertion for confidential client flows\r\n * @param clientAssertion\r\n */\r\n RequestParameterBuilder.prototype.addClientAssertion = function (clientAssertion) {\r\n this.parameters.set(AADServerParamKeys.CLIENT_ASSERTION, encodeURIComponent(clientAssertion));\r\n };\r\n /**\r\n * add clientAssertionType for confidential client flows\r\n * @param clientAssertionType\r\n */\r\n RequestParameterBuilder.prototype.addClientAssertionType = function (clientAssertionType) {\r\n this.parameters.set(AADServerParamKeys.CLIENT_ASSERTION_TYPE, encodeURIComponent(clientAssertionType));\r\n };\r\n /**\r\n * add OBO assertion for confidential client flows\r\n * @param clientAssertion\r\n */\r\n RequestParameterBuilder.prototype.addOboAssertion = function (oboAssertion) {\r\n this.parameters.set(AADServerParamKeys.OBO_ASSERTION, encodeURIComponent(oboAssertion));\r\n };\r\n /**\r\n * add grant type\r\n * @param grantType\r\n */\r\n RequestParameterBuilder.prototype.addRequestTokenUse = function (tokenUse) {\r\n this.parameters.set(AADServerParamKeys.REQUESTED_TOKEN_USE, encodeURIComponent(tokenUse));\r\n };\r\n /**\r\n * add grant type\r\n * @param grantType\r\n */\r\n RequestParameterBuilder.prototype.addGrantType = function (grantType) {\r\n this.parameters.set(AADServerParamKeys.GRANT_TYPE, encodeURIComponent(grantType));\r\n };\r\n /**\r\n * add client info\r\n *\r\n */\r\n RequestParameterBuilder.prototype.addClientInfo = function () {\r\n this.parameters.set(CLIENT_INFO, \"1\");\r\n };\r\n /**\r\n * add extraQueryParams\r\n * @param eQparams\r\n */\r\n RequestParameterBuilder.prototype.addExtraQueryParameters = function (eQparams) {\r\n var _this = this;\r\n RequestValidator.sanitizeEQParams(eQparams, this.parameters);\r\n Object.keys(eQparams).forEach(function (key) {\r\n _this.parameters.set(key, eQparams[key]);\r\n });\r\n };\r\n RequestParameterBuilder.prototype.addClientCapabilitiesToClaims = function (claims, clientCapabilities) {\r\n var mergedClaims;\r\n // Parse provided claims into JSON object or initialize empty object\r\n if (!claims) {\r\n mergedClaims = {};\r\n }\r\n else {\r\n try {\r\n mergedClaims = JSON.parse(claims);\r\n }\r\n catch (e) {\r\n throw ClientConfigurationError.createInvalidClaimsRequestError();\r\n }\r\n }\r\n if (clientCapabilities && clientCapabilities.length > 0) {\r\n if (!mergedClaims.hasOwnProperty(ClaimsRequestKeys.ACCESS_TOKEN)) {\r\n // Add access_token key to claims object\r\n mergedClaims[ClaimsRequestKeys.ACCESS_TOKEN] = {};\r\n }\r\n // Add xms_cc claim with provided clientCapabilities to access_token key\r\n mergedClaims[ClaimsRequestKeys.ACCESS_TOKEN][ClaimsRequestKeys.XMS_CC] = {\r\n values: clientCapabilities\r\n };\r\n }\r\n return JSON.stringify(mergedClaims);\r\n };\r\n /**\r\n * adds `username` for Password Grant flow\r\n * @param username\r\n */\r\n RequestParameterBuilder.prototype.addUsername = function (username) {\r\n this.parameters.set(PasswordGrantConstants.username, username);\r\n };\r\n /**\r\n * adds `password` for Password Grant flow\r\n * @param password\r\n */\r\n RequestParameterBuilder.prototype.addPassword = function (password) {\r\n this.parameters.set(PasswordGrantConstants.password, password);\r\n };\r\n /**\r\n * add pop_jwk to query params\r\n * @param cnfString\r\n */\r\n RequestParameterBuilder.prototype.addPopToken = function (cnfString) {\r\n if (!StringUtils.isEmpty(cnfString)) {\r\n this.parameters.set(AADServerParamKeys.TOKEN_TYPE, AuthenticationScheme.POP);\r\n this.parameters.set(AADServerParamKeys.REQ_CNF, encodeURIComponent(cnfString));\r\n }\r\n };\r\n /**\r\n * add server telemetry fields\r\n * @param serverTelemetryManager\r\n */\r\n RequestParameterBuilder.prototype.addServerTelemetry = function (serverTelemetryManager) {\r\n this.parameters.set(AADServerParamKeys.X_CLIENT_CURR_TELEM, serverTelemetryManager.generateCurrentRequestHeaderValue());\r\n this.parameters.set(AADServerParamKeys.X_CLIENT_LAST_TELEM, serverTelemetryManager.generateLastRequestHeaderValue());\r\n };\r\n /**\r\n * Adds parameter that indicates to the server that throttling is supported\r\n */\r\n RequestParameterBuilder.prototype.addThrottling = function () {\r\n this.parameters.set(AADServerParamKeys.X_MS_LIB_CAPABILITY, ThrottlingConstants.X_MS_LIB_CAPABILITY_VALUE);\r\n };\r\n /**\r\n * Utility to create a URL from the params map\r\n */\r\n RequestParameterBuilder.prototype.createQueryString = function () {\r\n var queryParameterArray = new Array();\r\n this.parameters.forEach(function (value, key) {\r\n queryParameterArray.push(key + \"=\" + value);\r\n });\r\n return queryParameterArray.join(\"&\");\r\n };\r\n return RequestParameterBuilder;\r\n}());\n\nexport { RequestParameterBuilder };\n//# sourceMappingURL=RequestParameterBuilder.js.map\n","/*! @azure/msal-common v5.0.0 2021-09-08 */\n'use strict';\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\n/**\r\n * Utility class which exposes functions for managing date and time operations.\r\n */\r\nvar TimeUtils = /** @class */ (function () {\r\n function TimeUtils() {\r\n }\r\n /**\r\n * return the current time in Unix time (seconds).\r\n */\r\n TimeUtils.nowSeconds = function () {\r\n // Date.getTime() returns in milliseconds.\r\n return Math.round(new Date().getTime() / 1000.0);\r\n };\r\n /**\r\n * check if a token is expired based on given UTC time in seconds.\r\n * @param expiresOn\r\n */\r\n TimeUtils.isTokenExpired = function (expiresOn, offset) {\r\n // check for access token expiry\r\n var expirationSec = Number(expiresOn) || 0;\r\n var offsetCurrentTimeSec = TimeUtils.nowSeconds() + offset;\r\n // If current time + offset is greater than token expiration time, then token is expired.\r\n return (offsetCurrentTimeSec > expirationSec);\r\n };\r\n /**\r\n * If the current time is earlier than the time that a token was cached at, we must discard the token\r\n * i.e. The system clock was turned back after acquiring the cached token\r\n * @param cachedAt\r\n * @param offset\r\n */\r\n TimeUtils.wasClockTurnedBack = function (cachedAt) {\r\n var cachedAtSec = Number(cachedAt);\r\n return cachedAtSec > TimeUtils.nowSeconds();\r\n };\r\n /**\r\n * Waits for t number of milliseconds\r\n * @param t number\r\n * @param value T\r\n */\r\n TimeUtils.delay = function (t, value) {\r\n return new Promise(function (resolve) { return setTimeout(function () { return resolve(value); }, t); });\r\n };\r\n return TimeUtils;\r\n}());\n\nexport { TimeUtils };\n//# sourceMappingURL=TimeUtils.js.map\n"],"sourceRoot":""}