{"version":3,"file":"static/js/vendors-f605a059.93138dc7.js","mappings":"iIACO,MAAMA,EAAO,qBACPC,EAAU,S,oKCsDVC,EAKTC,WAAAA,CACIC,EACAC,GAEAC,KAAKC,WAAa,IAAIC,IACtBF,KAAKD,kBAAoBA,EACzBC,KAAKF,cAAgBA,C,CAMzBK,mBAAAA,GACIH,KAAKC,WAAWG,IACZC,EAAAA,GACAC,mBAAmBC,EAAAA,GAAUC,oB,CAOrCC,iCAAAA,GACIT,KAAKC,WAAWG,IACZC,EAAAA,GACAC,mBAAmB,GAADI,OACXH,EAAAA,GAAUI,oBAAmB,KAAAD,OAAIH,EAAAA,GAAUK,yB,CAS1DC,eAAAA,CAAgBC,GACZd,KAAKC,WAAWG,IACZW,EAAAA,GACAT,mBAAmBQ,GAA8BE,EAAAA,EAAaC,O,CAOtEC,eAAAA,GACIlB,KAAKC,WAAWG,IACZe,EAAAA,GACAb,mBAAmB,K,CAS3Bc,SAAAA,CACIC,GAEkD,IADlDC,IAAAC,UAAAC,OAAA,QAAAC,IAAAF,UAAA,KAAAA,UAAA,GACAG,EAAAH,UAAAC,OAAA,QAAAC,IAAAF,UAAA,GAAAA,UAAA,GAA+BI,EAAAA,IAI3BL,GACCI,EAAcE,SAAS,WACvBP,EAAOO,SAAS,WAEjBF,EAAcG,KAAK,UAEvB,MAAMC,EAAgBR,EAChB,IAAKD,GAAU,MAAQK,GACvBL,GAAU,GACVU,EAAW,IAAIC,EAAAA,EAASF,GAC9B9B,KAAKC,WAAWG,IACZ6B,EAAAA,GACA3B,mBAAmByB,EAASG,e,CAQpCC,WAAAA,CAAYC,GACRpC,KAAKC,WAAWG,IACZiC,EAAAA,GACA/B,mBAAmB8B,G,CAQ3BE,cAAAA,CAAeC,GACXC,EAAAA,EAAiBC,oBAAoBF,GACrCvC,KAAKC,WAAWG,IACZsC,EAAAA,GACApC,mBAAmBiC,G,CAQ3BI,wBAAAA,CAAyBJ,GACrBC,EAAAA,EAAiBC,oBAAoBF,GACrCvC,KAAKC,WAAWG,IACZwC,EAAAA,GACAtC,mBAAmBiC,G,CAQ3BM,cAAAA,CAAeC,GACX9C,KAAKC,WAAWG,IACZ2C,EAAAA,GACAzC,mBAAmBwC,G,CAQ3BE,aAAAA,CAAcC,GACVjD,KAAKC,WAAWG,IACZ8C,EAAAA,GACA5C,mBAAmB2C,G,CAQ3BE,YAAAA,CAAaC,GACTpD,KAAKC,WAAWG,IACZiD,EAAAA,GACA/C,mBAAmB8C,G,CAQ3BE,SAAAA,CAAUF,GACNpD,KAAKC,WAAWG,IACZmD,EAAAA,GAAYC,WACZlD,mBAAmB,OAADI,OAAQ0C,I,CAQlCK,SAAAA,CAAUC,GACN1D,KAAKC,WAAWG,IACZmD,EAAAA,GAAYC,WACZlD,mBAAmB,OAADI,OAAQgD,EAAWC,IAAG,KAAAjD,OAAIgD,EAAWE,O,CAQ/DC,MAAAA,CAAOC,GACH9D,KAAKC,WAAWG,IAAI2D,EAAAA,GAAwBzD,mBAAmBwD,G,CAOnEE,SAAAA,CAAUC,EAAiBC,GACvB,MAAMC,EAAenE,KAAKoE,8BACtBH,EACAC,GAEJ1B,EAAAA,EAAiB6B,eAAeF,GAChCnE,KAAKC,WAAWG,IACZkE,EAAAA,GACAhE,mBAAmB6D,G,CAQ3BI,gBAAAA,CAAiBzE,GACbE,KAAKC,WAAWG,IACZoE,EAAAA,GACAlE,mBAAmBR,G,CAQ3B2E,cAAAA,CAAeC,GAEX1E,KAAKC,WAAWG,IAAIuE,EAAAA,GAAiCD,EAAYE,KACjE5E,KAAKC,WAAWG,IACZyE,EAAAA,GACAH,EAAY/E,SAEZ+E,EAAYI,IACZ9E,KAAKC,WAAWG,IAAI2E,EAAAA,GAAgCL,EAAYI,IAEhEJ,EAAYM,KACZhF,KAAKC,WAAWG,IACZ6E,EAAAA,GACAP,EAAYM,I,CASxBE,uBAAAA,CAAwBC,GAChBA,SAAAA,EAAcC,SACdpF,KAAKC,WAAWG,IACZiF,EAAAA,GACAF,EAAaC,SAIjBD,SAAAA,EAAcG,YACdtF,KAAKC,WAAWG,IACZmF,EAAAA,GACAJ,EAAaG,W,CASzBE,SAAAA,CAAUC,GACNjD,EAAAA,EAAiBkD,eAAeD,GAChCzF,KAAKC,WAAWG,IAAI,GAADM,OACZiF,EAAAA,IACHrF,mBAAmBmF,G,CAQ3BG,QAAAA,CAASC,GACDA,GACA7F,KAAKC,WAAWG,IACZ0F,EAAAA,GACAxF,mBAAmBuF,G,CAS/BE,QAAAA,CAASC,GACLhG,KAAKC,WAAWG,IACZ6F,EAAAA,GACA3F,mBAAmB0F,G,CAU3BE,sBAAAA,CACIC,EACAC,GAMA,GAJA5D,EAAAA,EAAiB6D,4BACbF,EACAC,IAEAD,IAAiBC,EAUjB,MAAME,EAAAA,EAAAA,IACFC,EAAAA,IAVJvG,KAAKC,WAAWG,IACZoG,EAAAA,GACAlG,mBAAmB6F,IAEvBnG,KAAKC,WAAWG,IACZqG,EAAAA,GACAnG,mBAAmB8F,G,CAa/BM,oBAAAA,CAAqBC,GACjB3G,KAAKC,WAAWG,IAAIwG,EAAAA,GAAyBtG,mBAAmBqG,G,CAOpEE,aAAAA,CAAcF,GACV3G,KAAKC,WAAWG,IACZ0G,EAAAA,GACAxG,mBAAmBqG,G,CAQ3BI,eAAAA,CAAgBC,GACZhH,KAAKC,WAAWG,IACZ6G,EAAAA,GACA3G,mBAAmB0G,G,CAQ3BE,eAAAA,CAAgBC,GACZnH,KAAKC,WAAWG,IACZgH,EAAAA,GACA9G,mBAAmB6G,G,CAQ3BE,eAAAA,CAAgBC,GACZtH,KAAKC,WAAWG,IACZmH,EAAAA,GACAjH,mBAAmBgH,G,CAQ3BE,kBAAAA,CAAmBC,GACXA,GACAzH,KAAKC,WAAWG,IACZsH,EAAAA,GACApH,mBAAmBmH,G,CAS/BE,sBAAAA,CAAuBC,GACfA,GACA5H,KAAKC,WAAWG,IACZyH,EAAAA,GACAvH,mBAAmBsH,G,CAS/BE,eAAAA,CAAgBC,GACZ/H,KAAKC,WAAWG,IACZ4H,EAAAA,GACA1H,mBAAmByH,G,CAQ3BE,kBAAAA,CAAmBC,GACflI,KAAKC,WAAWG,IACZ+H,EAAAA,GACA7H,mBAAmB4H,G,CAQ3BE,YAAAA,CAAaC,GACTrI,KAAKC,WAAWG,IACZkI,EAAAA,GACAhI,mBAAmB+H,G,CAQ3BE,aAAAA,GACIvI,KAAKC,WAAWG,IAAIoI,EAAAA,GAAa,I,CAOrCC,uBAAAA,CAAwBC,GACpBC,OAAOC,QAAQF,GAAUG,SAAQC,IAAiB,IAAfC,EAAKC,GAAMF,GACrC9I,KAAKC,WAAWgJ,IAAIF,IAAQC,GAC7BhJ,KAAKC,WAAWG,IAAI2I,EAAKC,EAC5B,G,CAIT5E,6BAAAA,CACIH,EACAC,GAEA,IAAIC,EAGJ,GAAKF,EAGD,IACIE,EAAe+E,KAAKC,MAAMlF,EAC7B,CAAC,MAAOmF,GACL,MAAM9C,EAAAA,EAAAA,IACF+C,EAAAA,GAEP,MARDlF,EAAe,CAAC,EAyBpB,OAdID,GAAsBA,EAAmB1C,OAAS,IAC7C2C,EAAamF,eAAeC,EAAAA,GAAkBC,gBAE/CrF,EAAaoF,EAAAA,GAAkBC,cAAgB,CAAC,GAIpDrF,EAAaoF,EAAAA,GAAkBC,cAC3BD,EAAAA,GAAkBE,QAClB,CACAC,OAAQxF,IAITgF,KAAKS,UAAUxF,E,CAO1ByF,WAAAA,CAAYC,GACR7J,KAAKC,WAAWG,IACZ0J,EAAAA,GAAuBD,SACvBvJ,mBAAmBuJ,G,CAQ3BE,WAAAA,CAAYC,GACRhK,KAAKC,WAAWG,IACZ0J,EAAAA,GAAuBE,SACvB1J,mBAAmB0J,G,CAQ3BC,WAAAA,CAAYC,GACJA,IACAlK,KAAKC,WAAWG,IACZ+J,EAAAA,GACAC,EAAAA,GAAqBC,KAEzBrK,KAAKC,WAAWG,IACZkK,EAAAA,GACAhK,mBAAmB4J,I,CAQ/BK,SAAAA,CAAUC,GACFA,IACAxK,KAAKC,WAAWG,IACZ+J,EAAAA,GACAC,EAAAA,GAAqBK,KAEzBzK,KAAKC,WAAWG,IACZkK,EAAAA,GACAhK,mBAAmBkK,I,CAS/BE,kBAAAA,CAAmBC,GACf3K,KAAKC,WAAWG,IACZwK,EAAAA,GACAD,EAAuBE,qCAE3B7K,KAAKC,WAAWG,IACZ0K,EAAAA,GACAH,EAAuBI,iC,CAO/BC,aAAAA,GACIhL,KAAKC,WAAWG,IACZ6K,EAAAA,GACAC,EAAAA,GAAoBC,0B,CAO5BC,aAAAA,CAAcC,GACVrL,KAAKC,WAAWG,IACZkL,EAAAA,GACAhL,mBAAmB+K,G,CAI3BE,mBAAAA,CAAoBC,GAIhB,MAAMC,EAA2B,CAAC,EAClCA,EAAaC,EAAAA,IACTF,EAAOG,eACXF,EAAaG,EAAAA,IACTJ,EAAOK,kBAEX7L,KAAKyI,wBAAwBgD,E,CAMjCK,iBAAAA,GACI,MAAMC,EAAqC,IAAIC,MAY/C,OAVAhM,KAAKC,WAAW4I,SAAQ,CAACG,EAAOD,KAC5BgD,EAAoBlK,KAAK,GAADnB,OAAIqI,EAAG,KAAArI,OAAIsI,GAAQ,IA3mBvD,SACI/I,EACAH,EACAC,GAEA,IAAKD,EACD,OAGJ,MAAMsC,EAAWnC,EAAWgM,IAAI5J,EAAAA,IAC5BD,GAAYnC,EAAWgJ,IAAIyC,EAAAA,MAC3B3L,SAAAA,EAAmBmM,UACf,CACIC,iBAAkB/J,EAClBgK,oBAAqBnM,EAAWgM,IAC5BvJ,EAAAA,KAGR5C,GAGZ,CAylBQuM,CACIrM,KAAKC,WACLD,KAAKF,cACLE,KAAKD,mBAGFgM,EAAoBO,KAAK,I,mFCtoB3B9J,EAKT,0BAAOC,CAAoBF,GACvB,IAAKA,EACD,MAAM+D,EAAAA,EAAAA,IACFiG,EAAAA,G,CASZ,qBAAO7G,CAAeD,GAClB,MAAM+G,EAAe,GAErB,IAAK,MAAMxD,KAASyD,EAAAA,GAChBD,EAAa3K,KAAK4K,EAAAA,GAAYzD,IAGlC,GAAIwD,EAAaE,QAAQjH,GAAU,EAC/B,MAAMa,EAAAA,EAAAA,IACFqG,EAAAA,G,CAKZ,qBAAOtI,CAAeJ,GAClB,IACIiF,KAAKC,MAAMlF,EACd,CAAC,MAAOmF,GACL,MAAM9C,EAAAA,EAAAA,IACF+C,EAAAA,GAEP,C,CAQL,kCAAOhD,CACHF,EACAC,GAEA,IAAKD,IAAkBC,EACnB,MAAME,EAAAA,EAAAA,IACFC,EAAAA,IAGJvG,KAAK4M,4BAA4BxG,E,CAQzC,kCAAOwG,CAA4BxG,GAC/B,GACI,CACIyG,EAAAA,GAA0BC,MAC1BD,EAAAA,GAA0BE,MAC5BL,QAAQtG,GAAuB,EAEjC,MAAME,EAAAA,EAAAA,IACF0G,EAAAA,G,uHChEHhL,EAITnC,WAAAA,CAAYoN,GAER,MAAMC,EAAWD,EACXE,EAAAA,EAAYC,iBAAiB,IAAIH,IACjC,GACAI,EAAgBH,EAChBC,EAAAA,EAAYG,4BAA4BJ,GACxC,GAGNlN,KAAKuN,oBAAoBF,GAEzBrN,KAAKqB,OAAS,IAAImM,IAClBH,EAAcxE,SAAS4E,GAAUzN,KAAKqB,OAAOqM,IAAID,I,CASrD,iBAAOE,CAAWC,GACd,MACMX,GADcW,GAAoBrN,EAAAA,GAAUsN,cACHC,MAAM,KACrD,OAAO,IAAI9L,EAASiL,E,CAQxB,yBAAOc,CAAmBH,GACtB,MAAM7L,EAAW,IAAIC,EAAS4L,GAO9B,OANK7L,EAASiM,yBAGVjM,EAASkM,YAAY1N,EAAAA,GAAU2N,sBAF/BnM,EAASoM,mBAKNpM,C,CAQHwL,mBAAAA,CAAoBN,GAExB,IAAKA,GAAeA,EAAYzL,OAAS,EACrC,MAAM8E,EAAAA,EAAAA,IACF8H,EAAAA,G,CASZC,aAAAA,CAAcZ,GACV,MAAMa,EAAkBtO,KAAKuO,uBAAuBT,MAAM,KACpDU,EAAqB,IAAIxM,EAASsM,GAExC,QAAOb,GACDe,EAAmBnN,OAAO4H,IAAIwE,EAAMgB,c,CAQ9CC,gBAAAA,CAAiB3M,GACb,SAAKA,GAAYA,EAASV,OAAOsN,MAAQ,KAKrC3O,KAAKqB,OAAOsN,MAAQ5M,EAASV,OAAOsN,MACpC5M,EAAS6M,UAAUC,OAAOpB,GAAUzN,KAAKqO,cAAcZ,K,CAO/DO,sBAAAA,GACI,IAAIc,EAAoB,EAOxB,OANAC,EAAAA,GAAYlG,SAASmG,IACbhP,KAAKqO,cAAcW,KACnBF,GAAqB,EACxB,IAGE9O,KAAKqB,OAAOsN,OAASG,C,CAOhCG,WAAAA,CAAYC,GACJA,GACAlP,KAAKqB,OAAOqM,IAAIwB,EAASC,O,CAQjCC,YAAAA,CAAaC,GACT,IACIA,EAAUxG,SAASqG,GAAalP,KAAKiP,YAAYC,IACpD,CAAC,MAAO9F,GACL,MAAMkG,EAAAA,EAAAA,IACFC,EAAAA,GAEP,C,CAOLtB,WAAAA,CAAYR,GACR,IAAKA,EACD,MAAM6B,EAAAA,EAAAA,IACFE,EAAAA,IAGRxP,KAAKqB,OAAOoO,OAAOhC,EAAM0B,O,CAO7BhB,gBAAAA,GACIY,EAAAA,GAAYlG,SAASmG,IACjBhP,KAAKqB,OAAOoO,OAAOT,EAAa,G,CAQxCU,cAAAA,CAAeC,GACX,IAAKA,EACD,MAAML,EAAAA,EAAAA,IACFM,EAAAA,IAGR,MAAMC,EAAc,IAAIrC,IAKxB,OAJAmC,EAAYtO,OAAOwH,SAAS4E,GACxBoC,EAAYnC,IAAID,EAAMgB,iBAE1BzO,KAAKqB,OAAOwH,SAAS4E,GAAUoC,EAAYnC,IAAID,EAAMgB,iBAC9CoB,C,CAOXC,qBAAAA,CAAsBH,GAClB,IAAKA,EACD,MAAML,EAAAA,EAAAA,IACFM,EAAAA,IAKHD,EAAY3B,0BACb2B,EAAYxB,mBAEhB,MAAM0B,EAAc7P,KAAK0P,eAAeC,GAClCI,EAAkBJ,EAAYK,gBAC9BC,EAAiBjQ,KAAKgQ,gBAE5B,OADwBH,EAAYlB,KACXsB,EAAiBF,C,CAM9CC,aAAAA,GACI,OAAOhQ,KAAKqB,OAAOsN,I,CAMvBC,OAAAA,GACI,MAAMsB,EAAuB,GAE7B,OADAlQ,KAAKqB,OAAOwH,SAASsH,GAAQD,EAAMrO,KAAKsO,KACjCD,C,CAMXhO,WAAAA,GACI,GAAIlC,KAAKqB,OAAQ,CAEb,OADiBrB,KAAK4O,UACNtC,KAAK,IACxB,CACD,OAAO/L,EAAAA,GAAUsN,Y,CAMrBU,oBAAAA,GACI,OAAOvO,KAAKkC,cAAcuM,a,4OC3KrB2B,EAUTvQ,WAAAA,CACIuC,EACAiO,EACAC,EACAC,EACAC,EACAC,EACA1Q,GAEAC,KAAKoC,SAAWA,EAChBpC,KAAKqQ,aAAeA,EACpBrQ,KAAKsQ,UAAYA,EACjBtQ,KAAKuQ,OAASA,EACdvQ,KAAKwQ,kBAAoBA,EACzBxQ,KAAKyQ,kBAAoBA,EACzBzQ,KAAKD,kBAAoBA,C,CAS7B2Q,uCAAAA,CACIC,EACAC,GAEA,IAAKD,EAAe9K,QAAU+K,EAC1B,MAAMD,EAAe9K,OACfyJ,EAAAA,EAAAA,IACIuB,EAAAA,GACA,iBAEJvB,EAAAA,EAAAA,IACIuB,EAAAA,GACA,gBAId,IAAIC,EACAC,EAEJ,IACID,EAA6BE,mBACzBL,EAAe9K,MAEtB,CAAC,MAAOuD,GACL,MAAMkG,EAAAA,EAAAA,IACF2B,EAAAA,GACAN,EAAe9K,MAEtB,CAED,IACIkL,EAAsBC,mBAAmBJ,EAC5C,CAAC,MAAOxH,GACL,MAAMkG,EAAAA,EAAAA,IACF2B,EAAAA,GACAN,EAAe9K,MAEtB,CAED,GAAIiL,IAA+BC,EAC/B,MAAMzB,EAAAA,EAAAA,IAAsB4B,EAAAA,IAIhC,GACIP,EAAeQ,OACfR,EAAeS,mBACfT,EAAeU,SACjB,CACE,MAAMC,EApGlB,SACIX,GAA+C,IAAAY,EAAAC,EAE/C,MAAMC,EAAkB,QAClBC,EACsB,QADFH,EACtBZ,EAAegB,iBAAS,IAAAJ,OAAA,EAAxBA,EAA0BK,YAAYH,GAC1C,OAAOC,GAAwBA,GAAwB,EACzB,QAD0BF,EAClDb,EAAegB,iBAAS,IAAAH,OAAA,EAAxBA,EAA0BK,UACtBH,EAAuBD,QAE3BhQ,CACV,CAyFkCqQ,CAAmBnB,GACzC,IACIoB,EAAAA,EAAAA,GACIpB,EAAeQ,MACfR,EAAeS,kBACfT,EAAeU,UAGnB,MAAM,IAAIW,EAAAA,GACNrB,EAAeQ,OAAS,GACxBR,EAAeS,kBACfT,EAAeU,SACfV,EAAesB,WAAa,GAC5BtB,EAAeuB,UAAY,GAC3BvB,EAAewB,gBAAkB,GACjCxB,EAAe1M,QAAU,GACzBqN,GAIR,MAAM,IAAIc,EAAAA,EACNzB,EAAeQ,OAAS,GACxBR,EAAeS,kBACfT,EAAeU,SACfC,EAEP,C,CAQLe,qBAAAA,CACI1B,EACA2B,GAGA,GACI3B,EAAeQ,OACfR,EAAeS,mBACfT,EAAeU,SACjB,KAAAkB,EACE,MAAMC,EAAY,aAAH9R,OACXiQ,EAAe8B,aAAelS,EAAAA,GAAUmS,cAC5C,kBAAAhS,OACIiQ,EAAesB,WAAa1R,EAAAA,GAAUmS,cAC1C,oBAAAhS,OACIiQ,EAAeS,mBAAqB7Q,EAAAA,GAAUmS,cAClD,uBAAAhS,OACIiQ,EAAewB,gBAAkB5R,EAAAA,GAAUmS,cAC/C,iBAAAhS,OACIiQ,EAAeuB,UAAY3R,EAAAA,GAAUmS,eAEnCpB,EAA0C,QAA1BiB,EAAA5B,EAAe8B,mBAAW,IAAAF,GAA1BA,EAA4B/Q,OAC5CmP,EAAe8B,YAAY,QAC3BhR,EACAkR,EAAc,IAAIP,EAAAA,EACpBzB,EAAeQ,MACfqB,EACA7B,EAAeU,SACfC,EACAX,EAAeiC,QAInB,GACIN,GACA3B,EAAeiC,QACfjC,EAAeiC,QAAUC,EAAAA,GAAWC,0BACpCnC,EAAeiC,QAAUC,EAAAA,GAAWE,uBAOpC,YALA/S,KAAKuQ,OAAOyC,QAAQ,6HAADtS,OAC8GiS,IAM9H,GACHL,GACA3B,EAAeiC,QACfjC,EAAeiC,QAAUC,EAAAA,GAAWI,0BACpCtC,EAAeiC,QAAUC,EAAAA,GAAWK,uBAOpC,YALAlT,KAAKuQ,OAAOyC,QAAQ,sHAADtS,OACuGiS,IAO9H,IACIZ,EAAAA,EAAAA,GACIpB,EAAeQ,MACfR,EAAeS,kBACfT,EAAeU,UAGnB,MAAM,IAAIW,EAAAA,GACNrB,EAAeQ,MACfR,EAAeS,kBACfT,EAAeU,SACfV,EAAesB,WAAa1R,EAAAA,GAAUsN,aACtC8C,EAAeuB,UAAY3R,EAAAA,GAAUsN,aACrC8C,EAAewB,gBAAkB5R,EAAAA,GAAUsN,aAC3C8C,EAAe1M,QAAU1D,EAAAA,GAAUsN,aACnCyD,GAIR,MAAMqB,CACT,C,CAQL,+BAAMQ,CACFC,EACAC,EACAC,EACAC,EACAC,EACAC,EACAC,EACAC,EACAC,GAAwB,IAAAC,EAQxB,IAAIC,EAuCAC,EAtCJ,GAPsB,QAAtBF,EAAA7T,KAAKD,yBAAiB,IAAA8T,GAAtBA,EAAwBG,oBACpBC,EAAAA,GAAkBC,0BAClBd,EAAoBjB,gBAKpBiB,EAAoBe,SAAU,CAO9B,GANAL,GAAgBM,EAAAA,EAAAA,oBACZhB,EAAoBe,UAAY5T,EAAAA,GAAUsN,aAC1C7N,KAAKsQ,UAAU+D,cAIfb,GAAmBA,EAAgBxN,OAC/B8N,EAAc9N,QAAUwN,EAAgBxN,MACxC,MAAMsJ,EAAAA,EAAAA,IACFgF,EAAAA,IAMZ,GAAIf,EAAQgB,QAA6B,IAAnBhB,EAAQgB,OAAc,CACxC,MAAMC,EAAWV,EAAcW,UAC/B,IAAKD,EACD,MAAMlF,EAAAA,EAAAA,IACFoF,EAAAA,KAIRC,EAAAA,EAAAA,aAAYH,EAAUjB,EAAQgB,OACjC,CACJ,CAGDvU,KAAK4U,sBAAwBC,EAAAA,EAAcC,sBACvC1B,EAAoB2B,aAAexU,EAAAA,GAAUsN,aAC7CwF,EAAU2B,cACVhV,KAAKuQ,OACLvQ,KAAKsQ,UACLwD,GAKEN,GAAqBA,EAAgB3N,QACvCkO,EAAkBkB,EAAAA,EAAcC,kBAC5BlV,KAAKsQ,UACLkD,EAAgB3N,QAKxBuN,EAAoB+B,OAChB/B,EAAoB+B,QAAU5B,EAAQ6B,aAAU3T,EAEpD,MAAM4T,EAAcrV,KAAKsV,oBACrBlC,EACAC,EACAC,EACAC,EACAO,EACAL,EACAD,GAEJ,IAAI+B,EACJ,IAiBI,GAhBIvV,KAAKyQ,mBAAqBzQ,KAAKwQ,oBAC/BxQ,KAAKuQ,OAAOiF,QACR,kDAEJD,EAAe,IAAIE,EAAAA,EACfzV,KAAKwQ,mBACL,SAEExQ,KAAKyQ,kBAAkBiF,kBAAkBH,IAS/C7B,IACCC,GACD0B,EAAYM,QACd,CACE,MAAM5M,EAAMsM,EAAYM,QAAQC,qBAEhC,IADgB5V,KAAKqQ,aAAawF,WAAW9M,EAAK/I,KAAKuQ,QAKnD,OAHAvQ,KAAKuQ,OAAOyC,QACR,6GAES5C,EAAgB0F,6BACzB9V,KAAKsQ,UACL+C,EACAgC,GACA,EACA9B,EACAO,EACAC,OACAtS,EACAmS,EAGX,OACK5T,KAAKqQ,aAAa0F,gBACpBV,EACA9B,EAAQyC,aACRzC,EAAQzT,cAEf,SAEOE,KAAKyQ,mBACLzQ,KAAKwQ,mBACL+E,IAEAvV,KAAKuQ,OAAOiF,QACR,uDAEExV,KAAKyQ,kBAAkBwF,iBAAiBV,GAErD,CAED,OAAOnF,EAAgB0F,6BACnB9V,KAAKsQ,UACL+C,EACAgC,GACA,EACA9B,EACAO,EACAC,EACAX,EACAQ,E,CAUA0B,mBAAAA,CACJlC,EACAC,EACAC,EACAC,EACAO,EACAL,EACAD,GAEA,MAAM0C,EAAM7C,EAAU8C,oBACtB,IAAKD,EACD,MAAM5G,EAAAA,EAAAA,IACF8G,EAAAA,IAIR,MAAMC,GAAiBC,EAAAA,EAAAA,GAA6BxC,GAGpD,IAAIyC,EACAC,EACApD,EAAoBe,UAAcL,IAClCyC,GAAgBE,EAAAA,EAAAA,qBACZzW,KAAK4U,sBACLsB,EACA9C,EAAoBe,SACpBnU,KAAKoC,SACLiU,GAAkB,IAGtBG,EAAgBE,EACZ1W,KAAKqQ,aACLgD,EACArT,KAAK4U,sBACL5U,KAAKsQ,UAAU+D,aACfP,EACAV,EAAoB2B,YACpBmB,EACAG,EACA7C,OACA/R,EACAzB,KAAKuQ,SAKb,IAAIoG,EAA8C,KAClD,GAAIvD,EAAoBwD,aAAc,CAElC,MAAMC,EAAiBzD,EAAoB3F,MACrCzL,EAAAA,EAAS2L,WAAWyF,EAAoB3F,OACxC,IAAIzL,EAAAA,EAASuR,EAAQlS,QAAU,IAM/ByV,GACyC,iBAAnC1D,EAAoB2D,WACtBC,SAAS5D,EAAoB2D,WAAY,IACzC3D,EAAoB2D,aAAe,EACvCE,GAC6C,iBAAvC7D,EAAoB8D,eACtBF,SAAS5D,EAAoB8D,eAAgB,IAC7C9D,EAAoB8D,iBAAmB,EAC3CC,GACyC,iBAAnC/D,EAAoBgE,WACtBJ,SAAS5D,EAAoBgE,WAAY,IACzChE,EAAoBgE,kBAAe3V,EACvC4V,EAAyB/D,EAAewD,EACxCQ,EACFD,EAAyBJ,EACvBM,EACFJ,GAAaA,EAAY,EACnB7D,EAAe6D,OACf1V,EAGVkV,GAAoBa,EAAAA,EAAAA,yBAChBxX,KAAK4U,sBACLsB,EACA9C,EAAoBwD,aACpB5W,KAAKoC,SACLiU,GAAkBhD,EAAUoE,QAAU,GACtCZ,EAAe3U,cACfmV,EACAC,EACAtX,KAAKsQ,UAAU+D,aACfkD,EACAnE,EAAoBsE,WACpBjE,EACAL,EAAoB+B,OACpB5B,EAAQtP,OACRsP,EAAQoE,oBAEf,CAGD,IAAIC,EAAgD,KACpD,GAAIxE,EAAoByE,cAAe,CACnC,IAAIC,EACJ,GAAI1E,EAAoB2E,yBAA0B,CAS9CD,EAAcxE,GANV,iBADOF,EAAoB2E,yBAErBf,SACI5D,EAAoB2E,yBACpB,IAEJ3E,EAAoB2E,yBAEjC,CACDH,GAAqBI,EAAAA,EAAAA,0BACjBhY,KAAK4U,sBACLsB,EACA9C,EAAoByE,cACpB7X,KAAKoC,SACLgR,EAAoB6E,KACpBxE,EACAqE,EAEP,CAGD,IAAII,EAA8C,KASlD,OARI9E,EAAoB6E,OACpBC,EAAoB,CAChB9V,SAAUpC,KAAKoC,SACf+V,YAAajC,EACbkC,SAAUhF,EAAoB6E,OAI/B,CACHtC,QAASa,EACT6B,QAAS9B,EACT+B,YAAa3B,EACb3P,aAAc4Q,EACdW,YAAaL,E,CAcrB,yCAAapC,CACTxF,EACA+C,EACAgC,EACAmD,EACAjF,EACAO,EACAlD,EACAwC,EACAqF,GAAkB,IAAAC,EAAAC,EAAAC,EAAAC,EAAAC,EAElB,IAGIC,EACAC,EAJAV,EAAsB/X,EAAAA,GAAUsN,aAChCgJ,EAAgC,GAChCoC,EAAyB,KAGzBb,EAAmB7X,EAAAA,GAAUsN,aAEjC,GAAIwH,EAAYiD,YAAa,CAKzB,GACIjD,EAAYiD,YAAYY,YACpB9O,EAAAA,GAAqBC,KACxBkJ,EAAQ4F,OAkBTb,EAAcjD,EAAYiD,YAAYc,WAjBxC,CACE,MAAMC,EACF,IAAIC,EAAAA,EAAkBhJ,IACpB,OAAE8I,EAAM,MAAEG,GAAUlE,EAAYiD,YAEtC,IAAKiB,EACD,MAAMjK,EAAAA,EAAAA,IACFkK,EAAAA,IAIRlB,QAAoBe,EAAkBI,aAClCL,EACAG,EACAhG,EAEP,CAGDsD,EAAiB7U,EAAAA,EAAS2L,WACtB0H,EAAYiD,YAAYoB,QAC1B9K,UACFqK,EAAY,IAAIU,KACgC,IAA5CC,OAAOvE,EAAYiD,YAAYW,YAEnCF,EAAe,IAAIY,KACqC,IAApDC,OAAOvE,EAAYiD,YAAYuB,oBAE/BxE,EAAYiD,YAAYU,YACxBA,EAAY,IAAIW,KACgC,IAA5CC,OAAOvE,EAAYiD,YAAYU,YAG1C,CAEG3D,EAAYkD,cACZH,EACI/C,EAAYkD,YAAYH,WAAa0B,EAAAA,GAC/BA,EAAAA,GACA,IAEd,MAAMnW,GAAMmQ,aAAa,EAAbA,EAAeiG,OAAOjG,aAAa,EAAbA,EAAekG,MAAO,GAClDC,GAAMnG,aAAa,EAAbA,EAAemG,MAAO,GAG9B7G,SAAAA,EAAqB8G,eAAmB7E,EAAYM,UACpDN,EAAYM,QAAQwE,gBAChB/G,aAAmB,EAAnBA,EAAqB8G,eAG7B,MAAME,EAAkC/E,EAAYM,SAC9C0E,EAAAA,EAAAA,IACIhF,EAAYM,QAAQ2E,sBACpB7Y,EACAqS,EACmB,QADN4E,EACbrD,EAAYgD,eAAO,IAAAK,OAAA,EAAnBA,EAAqBU,QAEzB,KAEN,MAAO,CACH/F,UAAWA,EAAUkH,mBACrBC,SAAU7W,EACV8W,SAAUR,EACV5Y,OAAQwV,EACRlB,QAASyE,EACT/B,SAAShD,SAAoB,QAATsD,EAAXtD,EAAagD,eAAO,IAAAM,OAAA,EAApBA,EAAsBS,SAAU,GACzCtF,cAAeA,GAAiB,CAAC,EACjCwE,YAAaA,EACboC,UAAWlC,EACXS,UAAWA,EACXF,aAAcA,EACdC,UAAWA,EACXlZ,cAAeyT,EAAQzT,cACvB2Y,UAAWA,GAAalY,EAAAA,GAAUsN,aAClCuK,SAAUA,EACVc,WAC2B,QAAvBN,EAAAvD,EAAYiD,mBAAW,IAAAM,OAAA,EAAvBA,EAAyBM,YAAa3Y,EAAAA,GAAUsN,aACpDhI,MAAO+K,EACDA,EAAa+J,iBACbpa,EAAAA,GAAUsN,aAChB+M,oBACuB,QAAnB/B,EAAAxD,EAAYM,eAAO,IAAAkD,OAAA,EAAnBA,EAAqB+B,qBACrBra,EAAAA,GAAUsN,aACdgN,aACuB,QAAnB/B,EAAAzD,EAAYM,eAAO,IAAAmD,OAAA,EAAnBA,EAAqB+B,cAAeta,EAAAA,GAAUsN,aAClDlH,KAAMyM,aAAmB,EAAnBA,EAAqB0H,SAC3BC,kBAAkB,E,EAKxB,SAAUrE,EACZrG,EACAgD,EACA2H,EACA3G,EACAP,EACApQ,EACAyU,EACA9B,EACA7C,EACA2G,EACA5J,GAEAA,SAAAA,EAAQiF,QAAQ,2BAGhB,MACMyF,EADc5K,EAAa6K,iBACEC,MAAMC,GAC9BA,EAAWC,WAAWL,KAGjC,IAAIxE,EAAsC,KACtCyE,IACAzE,EAAgBnG,EAAawF,WAAWoF,EAAgB1K,IAG5D,MAAM+K,EACF9E,GACA3B,EAAAA,EAAc0G,cACV,CACIP,gBACAlH,gBACApQ,aACAyU,cACAyC,mBAAoBpH,aAAe,EAAfA,EAAiBgI,sBACrCX,YAAarH,aAAe,EAAfA,EAAiBiI,aAC9BtB,gBAAiBA,GAErB9G,EACAgB,GAGFqH,EAAiBJ,EAAYI,gBAAkB,GAC/CjB,EAAWpE,GAAkBiF,EAAYK,MAC/C,GACIlB,IACCiB,EAAeP,MAAMS,GACXA,EAAcnB,WAAaA,IAExC,CACE,MAAMoB,GAAmBC,EAAAA,EAAAA,IACrBd,EACAM,EAAYS,eACZtB,EACA3G,GAEJ4H,EAAe7Z,KAAKga,EACvB,CAGD,OAFAP,EAAYI,eAAiBA,EAEtBJ,CACX,C,6HC7mBM,SAAUU,EACZ7K,EACAZ,EACA0L,GACwB,IAAAC,EAAAC,EAAA,IAAxBC,EAAA7a,UAAAC,OAAA,QAAAC,IAAAF,UAAA,GAAAA,UAAA,GAAuB,EAEvB,GAAM4P,aAAiBkL,MAMhB,OAAIlL,aAAiBmL,EAAAA,IACxBL,EAAMM,UAAYpL,EAAMoL,UACxBN,EAAMO,aAAerL,EAAMsL,eAEvBtL,aAAiBiB,EAAAA,GACjBjB,aAAiBa,EAAAA,MAEjBiK,EAAM3K,cAAgBH,EAAMuL,gBAGzBvL,aAAiBwL,EAAAA,GACxBV,EAAMM,UAAYpL,EAAMoL,UAED,QAApBL,EAAID,EAAMW,kBAAU,IAAAV,GAAhBA,EAAkB1a,OACzB+O,EAAOsM,MACH,uDACAZ,EAAMnc,eAGS,QAAZqc,EAAChL,EAAM2L,aAAK,IAAAX,GAAXA,EAAa3a,QAQrB2P,EAAM2L,QACNb,EAAMW,WAWE,SAAaE,EAAeV,GACxC,GAAIA,EAAe,EACf,MAAO,GAGX,MAAMW,EAAWD,EAAMhP,MAAM,OAAS,GAEhCkP,EAAM,GAGNC,EAAYF,EAAS,GAEvBE,EAAU5B,WAAW,oCACrB4B,EAAU5B,WAAW,yCACrB4B,EAAU5B,WAAW,mCACrB4B,EAAU5B,WAAW,wCACrB4B,EAAUC,SAAS,qBAGnBF,EAAInb,KAAKsb,EAAiBF,KAE1BA,EAAU5B,WAAW,gBACrB4B,EAAU5B,WAAW,eAGrB2B,EAAInb,KACAsb,EAEIF,EAAUG,QAAQ,qBAAsB,gBAMpD,IAAK,IAAIC,EAAK,EAAGA,EAAKN,EAASvb,UACvBwb,EAAIxb,QAAU4a,GADiBiB,IAAM,CAIzC,MAAMC,EAAOP,EAASM,GACtBL,EAAInb,KAAKsb,EAAiBG,GAC7B,CACD,OAAON,CACX,CArD2BO,CAAapM,EAAM2L,MAAOV,IAEjDH,EAAMuB,UAAYrM,EAAMzR,MAVpB6Q,EAAOsM,MACH,wDACAZ,EAAMnc,gBA3BVyQ,EAAOsM,MACH,wEACAZ,EAAMnc,cAkClB,CA0DM,SAAUqd,EAAiBG,GAC7B,MAAMG,EAAaH,EAAK1L,YAAY,KAAO,EAC3C,GAAI6L,EAAa,EACb,OAAOH,EAEX,MAAMI,EAAWJ,EAAKzL,UAAU4L,GAEhC,IAAIE,EAAaD,EAAS9L,YAAY,KAGtC,OAFA+L,EAAaA,EAAa,EAAID,EAAS9L,YAAY,MAAQ+L,EAEvDA,GAAc,GAEVL,EAAKzL,UAAU,EAAG4L,GAClB,IACAC,EAAS7L,UAAU8L,EAAa,IACU,MAAzCD,EAASE,OAAOF,EAASlc,OAAS,GAAa,GAAK,MACvDqc,YAGCP,EAAKO,WAChB,C,MAEsBC,EA8DlBje,WAAAA,CACIuC,EACAiR,EACA9C,EACAwN,EACAC,EACAC,EACAC,EACAC,GAEAne,KAAKqT,UAAYA,EACjBrT,KAAK+d,YAAcA,EACnB/d,KAAKge,eAAiBA,EACtBhe,KAAKie,qBAAuBA,EAC5Bje,KAAKoC,SAAWA,EAChBpC,KAAKuQ,OAASA,EACdvQ,KAAKoe,UAAY,IAAIle,IACrBF,KAAKqe,sBAAwB,IAAIne,IACjCF,KAAKse,WAAa,IAAIpe,IACtBF,KAAKue,kBAAoB,IAAIre,IAC7BF,KAAKwe,4BAA8B,IAAIte,IACvCF,KAAKke,UAAYA,GAAa,IAAI1Q,IAClC,IAAK,MAAMiR,KAAQC,EAAAA,GACf1e,KAAKke,UAAUxQ,IAAI+Q,GAEvBze,KAAKme,cAAgBA,GAAiB,IAAIje,IAC1C,IAAK,MAAO6I,EAAKC,KAAU2V,EAAAA,GACvB3e,KAAKme,cAAc/d,IAAI2I,EAAKC,E,CAqBpC4V,2BAAAA,CACIC,EACA/e,GAEA,MAAO,CAAC,C,CAuBZgf,eAAAA,CAAgBC,EAAmBjf,GAC/B,MAAMkf,EACFhf,KAAKwe,4BAA4BvS,IAAInM,GAEzC,GAAKkf,EAAL,CAKO,GAAIA,EAActf,OAASqf,EAOlC,OAAOC,EAAcC,KANjBjf,KAAKuQ,OAAOsM,MAAM,kEAADnc,OACqDqe,EAAS,qCAGlF,MATG/e,KAAKuQ,OAAOsM,MAAM,kFAADnc,OACqEZ,EAAa,qC,CAqB3Gof,mBAAAA,CAAoBC,EAAsBC,GACtC,OAAID,EAAe,GACfnf,KAAKuQ,OAAOsM,MAAM,wEAADnc,OAC2Dye,IAErE,GAGPC,EAAc,GACdpf,KAAKuQ,OAAOsM,MAAM,uEAADnc,OAC0D0e,IAEpE,GAGPA,EAAcD,GACdnf,KAAKuQ,OAAOsM,MACR,+FAEG,GAGJuC,EAAcD,C,CAYzBnL,mBAAAA,CACI+K,EACAjf,EACAuf,EACAC,GAEA,IAAKxf,EAID,YAHAE,KAAKuQ,OAAOsM,MAAM,yEAADnc,OAC4Dqe,EAAS,mCAK1F,GAAkB,IAAdM,EAEArf,KAAKuQ,OAAOsM,MAAM,kEAADnc,OACqDqe,EAAS,QAAAre,OAAO2e,SAEnF,IAAKA,EAIR,YAHArf,KAAKuQ,OAAOsM,MAAM,qEAADnc,OACwDqe,IAK7E,MAAMQ,EAAqC,CACvCR,YAEAM,UAAWC,EAAoB,EAAID,EACnCC,qBAIEE,EAAuBxf,KAAKue,kBAAkBtS,IAAInM,GACxD,GAAI0f,EACAA,EAAqB3d,KAAK0d,GAC1Bvf,KAAKue,kBAAkBne,IAAIN,EAAe0f,OACvC,CAEHxf,KAAKuQ,OAAOsM,MAAM,+DAADnc,OACkDZ,EAAa,2BAEhF,MAAM2f,EAAmB,CAACF,GAC1Bvf,KAAKue,kBAAkBne,IAAIN,EAAe2f,EAC7C,CAEDzf,KAAKwe,4BAA4B/O,OAAO3P,E,CAU5C4f,gBAAAA,CACIb,EACA/e,GAAsB,IAAA6f,EAAAC,EAGtB,MAAMC,EAAqB/f,GAAiBE,KAAK8f,aAC5ChgB,GACDE,KAAKuQ,OAAOwP,KAAK,qDAADrf,OACyCme,EAAW,gBAChEgB,GAIR7f,KAAKuQ,OAAOsM,MAAM,0DAADnc,OAC6Cme,GAC1DgB,GAGJ,MAAMG,EAAoC,CACtCC,QAASjgB,KAAK8f,aACdlN,OAAQsN,EAAAA,GAAuBC,WAC/B9M,UAAWrT,KAAKqT,UAChB0K,YAAa/d,KAAK+d,YAClBC,eAAgBhe,KAAKge,eACrB5b,SAAUpC,KAAKoC,SACf1C,KAAMmf,EACNuB,YAAazG,KAAK0G,MAClBvgB,cAAe+f,EACfza,QAAkC,QAA3Bua,EAAE3f,KAAKie,4BAAoB,IAAA0B,OAAA,EAAzBA,EAA2Bva,QACpCE,WAAqC,QAA3Bsa,EAAE5f,KAAKie,4BAAoB,IAAA2B,OAAA,EAAzBA,EAA2Bta,Y,IA5f/C2W,EACAkC,EACArB,EAsgBI,OARA9c,KAAKsgB,0BAA0BN,GAhgBnC/D,EAkgBQ+D,EAjgBR7B,EAkgBQne,KAAKme,eAjgBbrB,EAkgBQ9c,KAAKse,WAAWrS,IAAI4T,KA5f5B/C,EAAMjb,KAAK,CACPnC,KAAMye,EAAclS,IAAIgQ,EAAMvc,OAASuc,EAAMvc,OA+ftC,CACH6gB,IAAKA,CACDtE,EACA9K,IAEOnR,KAAKwgB,gBAAcC,EAAAA,EAAAA,IAAAA,EAAAA,EAAAA,GAAC,CAAD,EAGfT,GAEA/D,GAEP9K,GAGRuP,QAASA,IACE1gB,KAAK2gB,oBAAoBX,EAAgBlgB,eAEpD4N,IAAMkT,GACK5gB,KAAKkM,UAAU0U,EAAQZ,EAAgBlgB,eAElD+gB,UAAYD,GACD5gB,KAAK8gB,gBACRF,EACAZ,EAAgBlgB,eAGxBmc,MAAO+D,EACPe,YAAa,IAAIC,EAAAA,E,CAczBR,cAAAA,CACIvE,EACA9K,GAAe,IAAA8P,EAEf,MAAMC,EACFlhB,KAAKqe,sBAAsBpS,IAAIgQ,EAAMnc,eACzC,IAAKohB,EAKD,OAJAlhB,KAAKuQ,OAAOsM,MAAM,gDAADnc,OACmCub,EAAMgE,SACtDhE,EAAMnc,eAEH,KAGX,MAAMqhB,EAASlF,EAAMgE,UAAYiB,EAAUjB,QAC3C,IAAImB,EAAY,CACZC,eAAgB,EAChBC,gBAAiB,EACjBC,uBAAwB,GAG5BtF,EAAMuF,WAAaC,KAAKC,MACpBzF,EAAMuF,YAAcxhB,KAAK2hB,cAAc1F,EAAMmE,cAGjD,MAAMwB,EAAU1Y,KAAKS,UAtjBvB,SACFsS,EACAkC,EACArB,EACA3L,GAEA,GAAK2L,UAAAA,EAAOtb,OACR,OAGJ,MAAMqgB,EAAQ/E,GACHA,EAAMtb,OAASsb,EAAMA,EAAMtb,OAAS,QAAKC,EAG9CqgB,EAAgB3D,EAAclS,IAAIgQ,EAAMvc,OAASuc,EAAMvc,KACvDqiB,EAAMF,EAAK/E,GACjB,IAAIiF,aAAG,EAAHA,EAAKriB,QAASoiB,EACd,OAGJ,MAAME,EAAUlF,aAAK,EAALA,EAAOmF,MACvB,IAAKD,EACD,OAGJ,MAAMzF,EACFpL,aAAiBmL,EAAAA,GACXnL,EAAMoL,UACNpL,aAAiBkL,MACjBlL,EAAMzR,UACN+B,EACJygB,EAAS/Q,aAAiBmL,EAAAA,GAAYnL,EAAMsL,cAAWhb,EAEzD8a,GAAayF,EAAQG,WAAa5F,IAClCyF,EAAQI,IAAM7F,EACV2F,IACAF,EAAQE,OAASA,WAIlBF,EAAQtiB,YACRsiB,EAAQG,SAEf,MAAMP,GAAOnB,EAAAA,EAAAA,IAAAA,EAAAA,EAAAA,GAAA,GACNuB,GAAO,IACVK,IAAKpG,EAAMuF,aAGVvF,EAAMqG,UACPV,EAAQW,KAAO,GAGnB,MAAMC,EAASX,EAAK/E,GACpB,IAAK0F,EACD,MAAO,CAAE,CAACV,GAAgBF,GAO9B,IAAIa,EACJ,GALIlG,IACAiG,EAAOL,SAAW5F,GAIjBiG,EAAOV,GAEL,CACH,MAAMY,EAAW/Z,OAAOga,KAAKH,GAAQI,QAAQ7Z,GACzCA,EAAIsS,WAAWyG,KACjBtgB,OACFihB,EAAY,GAAH/hB,OAAMohB,EAAa,KAAAphB,OAAIgiB,EAAW,EAC9C,MANGD,EAAYX,EAQhB,OADAU,EAAOC,GAAab,EACbY,CACX,CA+eYK,CACI5G,EACAjc,KAAKme,cACLne,KAAKse,WAAWrS,IAAIiV,EAAUphB,eAC9BqR,IAOD,IAAA2R,EAHH3B,GACAC,EAAYphB,KAAK+iB,aAAa9G,EAAMnc,eACpCE,KAAK2gB,oBAAoBO,EAAUphB,gBAEA,QAAnCgjB,EAAA5B,EAAU8B,iCAAyB,IAAAF,GAAnCA,EAAqCrT,OAAOwM,EAAMgE,SAatD,GAVAjgB,KAAKuQ,OAAOsM,MAAM,wDAADnc,OAC2Cub,EAAMvc,KAAI,MAAAgB,OAAKub,EAAMuF,WAAU,OACvFvF,EAAMnc,eAGNqR,GACA6K,EAAS7K,EAAOnR,KAAKuQ,OAAQ2Q,IAI5BC,EAED,OADAD,EAAUjF,EAAMvc,KAAO,cAAgB+hB,KAAKwB,MAAMhH,EAAMuF,aACxDf,EAAAA,EAAAA,GAAA,GAAYS,GAIZC,IACChQ,IACA+P,EAAU3E,WAAa2E,EAAU1E,gBAElCxc,KAAKuQ,OAAOsM,MAAM,sEAADnc,OACyDub,EAAMvc,KAAI,mDAChFuc,EAAMnc,eAEVohB,EAAU3E,eAAY9a,EACtByf,EAAU1E,kBAAe/a,GAG7B,IAAIyhB,GAAUzC,EAAAA,EAAAA,IAAAA,EAAAA,EAAAA,GAAA,GAA0BS,GAAcjF,GAClDkH,EAA8B,EAuBlC,OArBoC,QAApClC,EAAAiC,EAAWF,iCAAyB,IAAA/B,GAApCA,EAAsCpY,SAASua,IAC3CpjB,KAAKuQ,OAAOsM,MAAM,gDAADnc,OACmC0iB,EAAe1jB,KAAI,eAAAgB,OAAcub,EAAMvc,MACvFwjB,EAAWpjB,eAEfqjB,GAAqB,IAEzBD,EAAWF,+BAA4BvhB,EAEvCyhB,GAAUzC,EAAAA,EAAAA,IAAAA,EAAAA,EAAAA,GAAA,GACHyC,GAAU,IACbG,aAAcjC,EAAUC,eACxBiC,YAAalC,EAAUE,gBACvBiC,6BAA8BnC,EAAUG,uBACxC3O,OAAQsN,EAAAA,GAAuBsD,UAC/BL,sBACAvB,YAEJ5hB,KAAKyjB,uBAAuBP,GAC5BljB,KAAK0jB,WAAW,CAACR,GAAajH,EAAMnc,eAE7BojB,C,CAQXhX,SAAAA,CACI0U,EACA9gB,GAEAE,KAAKuQ,OAAOsM,MAAM,6CAClB,MAAMZ,EAAQjc,KAAKqe,sBAAsBpS,IAAInM,GACzCmc,EACAjc,KAAKqe,sBAAsBje,IAAIN,GAAa2gB,EAAAA,EAAAA,IAAAA,EAAAA,EAAAA,GAAA,GACrCxE,GACA2E,IAGP5gB,KAAKuQ,OAAOsM,MACR,yCACA/c,E,CAUZghB,eAAAA,CACIF,EACA9gB,GAEAE,KAAKuQ,OAAOsM,MAAM,wCAClB,MAAMZ,EAAQjc,KAAKqe,sBAAsBpS,IAAInM,GAC7C,GAAImc,EACA,IAAK,MAAM0H,KAAW/C,EAAQ,CAC1B,GAAK3E,EAAM3S,eAAeqa,IAEnB,GAAIC,MAAMhK,OAAOqC,EAAM0H,KAC1B,YAFA1H,EAAM0H,GAAW,EAIrB1H,EAAM0H,IAAY/C,EAAO+C,EAC5B,MAED3jB,KAAKuQ,OAAOsM,MACR,yCACA/c,E,CAcFwgB,yBAAAA,CAA0BrE,GAChC,MAAMiF,EAAYlhB,KAAKqe,sBAAsBpS,IAAIgQ,EAAMnc,eACnDohB,GACAlhB,KAAKuQ,OAAOsM,MAAM,kDAADnc,OACqCub,EAAMvc,KAAI,kBAC5Duc,EAAMnc,eAEVohB,EAAU8B,0BACN9B,EAAU8B,2BAA6B,IAAI9iB,IAC/CghB,EAAU8B,0BAA0B5iB,IAAI6b,EAAMgE,QAAS,CACnDvgB,KAAMuc,EAAMvc,KACZ0gB,YAAanE,EAAMmE,gBAGvBpgB,KAAKuQ,OAAOsM,MAAM,kDAADnc,OACqCub,EAAMvc,KAAI,YAC5Duc,EAAMnc,eAEVE,KAAKqe,sBAAsBje,IAAI6b,EAAMnc,eAAa2gB,EAAAA,EAAAA,GAAA,GAAOxE,IACzDjc,KAAKse,WAAWle,IAAI6b,EAAMnc,cAAe,I,CAIzCijB,YAAAA,CAAajjB,GAKjB,MAAM+jB,EACF7jB,KAAKue,kBAAkBtS,IAAInM,GAC1B+jB,GACD7jB,KAAKuQ,OAAOsM,MAAM,yEAADnc,OAC4DZ,IAIjF,IAAIuhB,EAAiB,EACjBC,EAAkB,EAClBC,EAAyB,EAO7B,OANAsC,SAAAA,EAAkChb,SAASkY,IACvCM,GAAkBN,EAAY1B,UAC9BiC,IACAC,GAA0BR,EAAYzB,kBAAoB,EAAI,CAAC,IAG5D,CACH+B,iBACAC,kBACAC,yB,CASRZ,mBAAAA,CAAoB7gB,GAChBE,KAAKuQ,OAAOsM,MACR,wDACA/c,GAEJE,KAAKqe,sBAAsB5O,OAAO3P,GAElCE,KAAKuQ,OAAOsM,MACR,iDACA/c,GAEJE,KAAKue,kBAAkB9O,OAAO3P,GAE9BE,KAAKuQ,OAAOsM,MACR,+CACA/c,GAEJE,KAAKwe,4BAA4B/O,OAAO3P,GAExCE,KAAKuQ,OAAOsM,MACR,2CACA/c,GAEJE,KAAKse,WAAW7O,OAAO3P,E,CAS3BgkB,sBAAAA,CAAuBC,GACnB,IAAK,MAAOC,EAAIC,KAAOjkB,KAAKoe,UACxB,GAAI6F,EAAGC,aAAeH,EAASG,WAI3B,OAHAlkB,KAAKuQ,OAAOyC,QAAQ,0EAADtS,OAC2DsjB,IAEvEA,EAIf,MAAMG,EAAankB,KAAK8f,aAMxB,OALA9f,KAAKoe,UAAUhe,IAAI+jB,EAAYJ,GAC/B/jB,KAAKuQ,OAAOiF,QAAQ,+DAAD9U,OACgDyjB,IAG5DA,C,CASXC,yBAAAA,CAA0BD,GACtB,MAAME,EAASrkB,KAAKoe,UAAU3O,OAAO0U,GAYrC,OAVIE,EACArkB,KAAKuQ,OAAOiF,QAAQ,2CAAD9U,OAC4ByjB,EAAU,cAGzDnkB,KAAKuQ,OAAOiF,QAAQ,2CAAD9U,OAC4ByjB,EAAU,kBAItDE,C,CASXX,UAAAA,CAAWY,EAA4BxkB,GACnCE,KAAKuQ,OAAOiF,QACR,iDACA1V,GAGJE,KAAKoe,UAAUvV,SACX,CAACkb,EAAuCI,KACpCnkB,KAAKuQ,OAAOsM,MAAM,iDAADnc,OACoCyjB,GACjDrkB,GAEJikB,EAASQ,MAAM,KAAM,CAACD,GAAQ,G,CASlCb,sBAAAA,CAAuBxH,GAC3Bjc,KAAKke,UAAUrV,SAASE,IAChBA,KAAOkT,GAA+B,iBAAfA,EAAMlT,KAC7BkT,EAAMlT,GAAO0Y,KAAKwB,MAAMhH,EAAMlT,IACjC,G,CASD4Y,aAAAA,CAAcvB,GAClB,MAAMoB,EAAa7H,KAAK0G,MAAQD,EAEhC,OAAOoB,EAAa,EAAIA,EAAa,C,kEC15BhC,MAAAvN,EAAoB,CAK7BuQ,mBAAoB,qBAMpBC,2BAA4B,6BAM5BC,mBAAoB,qBAMpBC,wBAAyB,0BAMzBC,kBAAmB,oBAOnBC,wBAAyB,0BAOzBC,qBAAsB,uBAMtBC,iCAAkC,mCAMlCC,kBAAmB,oBAMnBC,8BAA+B,gCAM/BC,+BAAgC,iCAChCC,sBAAuB,wBAMvBC,gCAAiC,kCAMjCC,UAAW,YAMXC,gDACI,kDAMJC,+BAAgC,iCAMhCC,oCAAqC,sCAIrCC,oCAAqC,sCAIrCC,kCAAmC,oCACnCC,6CACI,+CACJC,kDACI,oDAIJC,iBAAkB,kBAIlBC,mCAAoC,qCAIpCC,qBAAsB,uBAKtBC,sCACI,wCAKJC,+BAAgC,iCAKhCC,qDACI,uDAKJC,6CACI,+CAKJC,yCACI,2CAMJC,sBAAuB,wBACvBC,mCAAoC,qCACpCC,8CACI,gDAMJC,2BAA4B,6BAK5BC,sBAAuB,wBAKvBC,wBAAyB,0BAEzBC,4BAA6B,8BAK7BC,8BAA+B,gCAK/BC,iCAAkC,mCAClCC,kCAAmC,oCACnCC,uBAAwB,yBACxBC,2BAA4B,6BAK5BC,8CACI,gDACJC,gDACI,kDACJC,wDACI,0DACJC,4DACI,8DAKJC,eAAgB,iBAKhBC,6BAA8B,+BAC9BC,mBAAoB,qBACpBC,6BAA8B,+BAK9BC,uBAAwB,yBACxBC,8BAA+B,gCAC/BC,iCAAkC,mCAClCC,4BAA6B,8BAK7BC,oBAAqB,sBACrBC,oBAAqB,sBAKrB5T,0BAA2B,4BAC3B6T,oBAAqB,sBAKrBC,yCACI,2CACJC,+BAAgC,iCAChCC,0CACI,4CACJC,8CACI,gDACJC,sCACI,wCACJC,wCACI,0CACJC,gCAAiC,kCACjCC,+CACI,iDAKJC,4BAA6B,8BAC7BC,iCAAkC,mCAClCC,iCAAkC,mCAElCC,wBAAyB,0BAEzBC,+BAAgC,iCAChCC,gDACI,kDAEJC,iCAAkC,wBAClCC,uCAAwC,8BAExCC,wCACI,0CAEJC,mCAAoC,qCAEpCC,8BAA+B,gCAE/BC,yBAA0B,2BAE1BC,mBAAoB,qBAKpBC,6BAA8B,+BAC9BC,4BAA6B,8BAK7BC,kBAAmB,oBACnBC,qBAAsB,uBACtBC,kCAAmC,oCACnCC,aAAc,eACdC,gBAAiB,mBAKRhL,EACT,IAAIze,IAAI,CACJ,CAAC+T,EAAkBuQ,mBAAoB,YACvC,CAACvQ,EAAkBwQ,2BAA4B,UAC/C,CAACxQ,EAAkByQ,mBAAoB,OACvC,CAACzQ,EAAkB0Q,wBAAyB,YAC5C,CAAC1Q,EAAkB2Q,kBAAmB,WACtC,CAAC3Q,EAAkB6Q,qBAAsB,cACzC,CACI7Q,EAAkB8Q,iCAClB,oBAEJ,CAAC9Q,EAAkB+Q,kBAAmB,iBACtC,CAAC/Q,EAAkBgR,8BAA+B,oBAClD,CAAChR,EAAkBiR,+BAAgC,qBACnD,CAACjR,EAAkBmR,gCAAiC,gBACpD,CAACnR,EAAkBoR,UAAW,UAC9B,CACIpR,EAAkBqR,gDAClB,2BAEJ,CACIrR,EAAkBsR,+BAClB,2BAEJ,CACItR,EAAkBuR,oCAClB,kBAEJ,CACIvR,EAAkBwR,oCAClB,4BAEJ,CACIxR,EAAkByR,kCAClB,qBAEJ,CACIzR,EAAkB0R,6CAClB,oBAEJ,CACI1R,EAAkB2R,kDAClB,0BAEJ,CAAC3R,EAAkB4R,iBAAkB,mBACrC,CACI5R,EAAkB6R,mCAClB,kBAEJ,CAAC7R,EAAkB8R,qBAAsB,cACzC,CACI9R,EAAkB+R,sCAClB,oBAEJ,CAAC/R,EAAkBgS,+BAAgC,cACnD,CACIhS,EAAkBiS,qDAClB,0BAEJ,CACIjS,EAAkBkS,6CAClB,kBAEJ,CACIlS,EAAkBmS,yCAClB,0BAEJ,CAACnS,EAAkBoS,sBAAuB,eAC1C,CACIpS,EAAkBqS,mCAClB,yBAEJ,CACIrS,EAAkBsS,8CAClB,gCAEJ,CAACtS,EAAkBuS,2BAA4B,iBAC/C,CAACvS,EAAkBwS,sBAAuB,eAC1C,CAACxS,EAAkByS,wBAAyB,cAC5C,CACIzS,EAAkB0S,4BAClB,yBAEJ,CAAC1S,EAAkB2S,8BAA+B,mBAClD,CACI3S,EAAkB4S,iCAClB,uBAEJ,CACI5S,EAAkB6S,kCAClB,kCAEJ,CAAC7S,EAAkB8S,uBAAwB,qBAC3C,CAAC9S,EAAkB+S,2BAA4B,yBAE/C,CACI/S,EAAkBgT,8CAClB,oCAEJ,CACIhT,EAAkBiT,gDAClB,6BAEJ,CACIjT,EAAkBkT,wDAClB,2BAEJ,CACIlT,EAAkBmT,4DAClB,+BAGJ,CAACnT,EAAkBoT,eAAgB,kBAEnC,CACIpT,EAAkBqT,6BAClB,2BAEJ,CAACrT,EAAkBsT,mBAAoB,kBACvC,CAACtT,EAAkBuT,6BAA8B,oBAEjD,CAACvT,EAAkBwT,uBAAwB,gBAC3C,CAACxT,EAAkByT,8BAA+B,sBAClD,CACIzT,EAAkB0T,iCAClB,4BAEJ,CACI1T,EAAkB2T,4BAClB,4BAEJ,CAAC3T,EAAkB4T,oBAAqB,cACxC,CAAC5T,EAAkB6T,oBAAqB,cACxC,CAAC7T,EAAkBC,0BAA2B,oBAC9C,CAACD,EAAkB8T,oBAAqB,kBACxC,CACI9T,EAAkB+T,yCAClB,0BAEJ,CACI/T,EAAkBgU,+BAClB,6BAEJ,CACIhU,EAAkBiU,0CAClB,iCAEJ,CACIjU,EAAkBkU,8CAClB,wBAEJ,CACIlU,EAAkBmU,sCAClB,iBAEJ,CACInU,EAAkBoU,wCAClB,wBAEJ,CACIpU,EAAkBqU,gCAClB,uBAEJ,CACIrU,EAAkBsU,+CAClB,0BAEJ,CAACtU,EAAkBuU,4BAA6B,oBAChD,CACIvU,EAAkBwU,iCAClB,yBAEJ,CACIxU,EAAkByU,iCAClB,wBAEJ,CAACzU,EAAkB0U,wBAAyB,iBAC5C,CACI1U,EAAkB2U,+BAClB,0BAEJ,CACI3U,EAAkB4U,gDAClB,oBAEJ,CACI5U,EAAkB6U,iCAClB,yBAEJ,CACI7U,EAAkB8U,uCAClB,4BAEJ,CACI9U,EAAkB+U,wCAClB,gBAEJ,CACI/U,EAAkBgV,mCAClB,oBAEJ,CACIhV,EAAkBiV,8BAClB,0BAEJ,CAACjV,EAAkBkV,yBAA0B,iBAC7C,CAAClV,EAAkBmV,mBAAoB,sBACvC,CACInV,EAAkBoV,6BAClB,2BAEJ,CAACpV,EAAkBqV,4BAA6B,qBAChD,CAACrV,EAAkBsV,kBAAmB,gBACtC,CAACtV,EAAkBuV,qBAAsB,mBACzC,CACIvV,EAAkBwV,kCAClB,gCAEJ,CAACxV,EAAkByV,aAAc,gBACjC,CAACzV,EAAkB0V,gBAAiB,qBAS/BzJ,EAAyB,CAClC0J,WAAY,EACZzJ,WAAY,EACZqD,UAAW,GAiUF9E,EAAiC,IAAIlR,IAAI,CAClD,kBACA,aACA,cACA,mBACA,iBACA,mBACA,eACA,cACA,SACA,iBACA,iBACA,kB,kEC91BSwT,EACTtB,gBAAAA,G,CAGAc,cAAAA,G,CAGAqJ,gBAAAA,GACI,OAAO,I,QAIFC,EACThK,UAAAA,GACI,MAAO,a,CAGXJ,gBAAAA,CACIb,EACA/e,GAEA,MAAO,CACHygB,IAAKA,IAAM,KACXG,QAASA,OACThT,IAAKA,OACLmT,UAAWA,OACX5E,MAAO,CACHgE,QAASjgB,KAAK8f,aACdlN,OAAQsN,EAAAA,GAAuBC,WAC/B9M,UAAW,GACX0K,YAAa,GACbC,eAAgB,GAChB5b,SAAU,GACV1C,KAAMmf,EACNuB,YAAazG,KAAK0G,MAClBvgB,cAAeA,GAAiB,IAEpCihB,YAAa,IAAIC,E,CAIzBpC,2BAAAA,GACI,OAAO,IAAIoC,C,CAEf9B,mBAAAA,GACI,OAAO,C,CAGXlL,mBAAAA,G,CAIA+V,eAAAA,G,CAIAvJ,cAAAA,GACI,OAAO,I,CAGXG,mBAAAA,G,CAIAyD,yBAAAA,GACI,OAAO,C,CAGXN,sBAAAA,GACI,MAAO,E,CAGXJ,UAAAA,G,CAIAxX,SAAAA,G,CAIA4U,eAAAA,G,CAIAR,yBAAAA,G,kECrEJ,SAAS0J,EAAmBxe,GACxB,MAAM,KACFye,EAAI,YACJlM,EAAW,eACXC,EAAc,cACdkM,EAAa,iBACbC,GACA3e,EACE4e,EAA8C,IAAIlqB,IAAI,CACxD,CAAC,EAAG,CAAC6d,EAAaC,IAClB,CAAC,EAAG,CAACkM,EAAeC,MAExB,IAAIE,EAAmB,GAEvB,GAAIJ,SAAAA,EAAMzoB,QAIN,GAHA6oB,EAASJ,EAAKnc,MA1BI,KA6Bduc,EAAO7oB,OAAS,EAChB,OAAOyoB,OAGXI,EAASre,MAAMse,KAAK,CAAE9oB,OAAQ,IAAK,IAhCjB,MA8CtB,OAXA4oB,EAAOvhB,SAAQ,CAACG,EAAOD,KAAO,IAAAwhB,EAAAC,EACL,IAAjBxhB,EAAMxH,QAAwB,QAAZ+oB,EAAIvhB,EAAM,UAAE,IAAAuhB,GAARA,EAAU/oB,QAAkB,QAAZgpB,EAAIxhB,EAAM,UAAE,IAAAwhB,GAARA,EAAUhpB,QAahE,SAAgBgK,GAMZ,MAAM,OAAE6e,EAAM,MAAEI,EAAK,QAAEC,EAAO,WAAEC,GAAenf,EAC/C,GAAIif,GAASJ,EAAO7oB,OAChB,OAEJ6oB,EAAOI,GAAS,CAACC,EAASC,GAAYre,KA3DhB,IA4D1B,CAvBYse,CAAO,CACHP,SACAI,MAAO1hB,EACP2hB,QAAS1hB,EAAM,GACf2hB,WAAY3hB,EAAM,IAEzB,IAGEqhB,EAAO/d,KA/CQ,IAgD1B,C,MAgBaue,EAYThrB,WAAAA,CACIirB,EACAC,GAJI,KAAAC,aAA6BC,EAAAA,GAAaC,eAM9ClrB,KAAK+qB,aAAeA,EACpB/qB,KAAKmrB,MAAQL,EAAiBK,MAC9BnrB,KAAKF,cAAgBgrB,EAAiBhrB,cACtCE,KAAKorB,WAAaN,EAAiBM,YAAc7qB,EAAAA,GAAUsN,aAC3D7N,KAAKqrB,WAAaP,EAAiBO,YAAc9qB,EAAAA,GAAUsN,aAE3D7N,KAAKsrB,kBACDC,EAAAA,GAAuBC,UACvBC,EAAAA,GAAWC,oBACXZ,EAAiB1oB,Q,CAMzByI,iCAAAA,GACI,MAAM0I,EAAU,GAAH7S,OAAMV,KAAKmrB,OAAKzqB,OAAG6qB,EAAAA,GAAuBI,iBAAejrB,OAAGV,KAAKgrB,cACxEY,EAAoB,CAAC5rB,KAAKorB,WAAYprB,KAAKqrB,YAC3CQ,EAAwB7rB,KAAK8rB,2BAC/BD,SAAAA,EAAuBrqB,QACvBoqB,EAAkB/pB,KAAK,gBAADnB,OAAiBmrB,IAE3C,MAAME,EAAiBH,EAAkBtf,KACrCif,EAAAA,GAAuBI,iBAGrBK,EAAmC,CACrCzY,EAF0BvT,KAAKisB,4BAIjC3f,KAAKif,EAAAA,GAAuBI,iBAE9B,MAAO,CACHJ,EAAAA,GAAuBW,eACvBF,EACAD,GACFzf,KAAKif,EAAAA,GAAuBY,mB,CAMlCphB,8BAAAA,GACI,MAAMqhB,EAAepsB,KAAKqsB,kBAEpBC,EAAYzB,EAAuB0B,gBAAgBH,GACnDI,EAAiBJ,EAAaI,eAC/BC,MAAM,EAAG,EAAIH,GACbhgB,KAAKif,EAAAA,GAAuBI,iBAC3Be,EAASN,EAAaM,OACvBD,MAAM,EAAGH,GACThgB,KAAKif,EAAAA,GAAuBI,iBAC3BgB,EAAaP,EAAaM,OAAOlrB,OAOjCuqB,EAAiB,CAACY,EAHpBL,EAAYK,EACNpB,EAAAA,GAAuBqB,cACvBrB,EAAAA,GAAuBsB,gBACavgB,KAC1Cif,EAAAA,GAAuBI,iBAG3B,MAAO,CACHJ,EAAAA,GAAuBW,eACvBE,EAAaU,UACbN,EACAE,EACAX,GACFzf,KAAKif,EAAAA,GAAuBY,mB,CAOlCY,kBAAAA,CAAmB5b,GACf,MAAMib,EAAepsB,KAAKqsB,kBAEtBD,EAAaM,OAAOlrB,QACpB+pB,EAAAA,GAAuByB,oBAGvBZ,EAAaI,eAAeS,QAC5Bb,EAAaI,eAAeS,QAC5Bb,EAAaM,OAAOO,SAGxBb,EAAaI,eAAe3qB,KAAK7B,KAAKmrB,MAAOnrB,KAAKF,eAE9CqR,aAAiBkL,OAAWlL,GAASA,EAAM+S,WACvC/S,aAAiBmL,EAAAA,GACbnL,EAAMsL,SACN2P,EAAaM,OAAO7qB,KAAKsP,EAAMsL,UACxBtL,EAAMoL,UACb6P,EAAaM,OAAO7qB,KAAKsP,EAAMoL,WAE/B6P,EAAaM,OAAO7qB,KAAKsP,EAAM+S,YAGnCkI,EAAaM,OAAO7qB,KAAKsP,EAAM+S,YAGnCkI,EAAaM,OAAO7qB,KAAK0pB,EAAAA,GAAuB2B,eAGpDltB,KAAK+qB,aAAaoC,mBACdntB,KAAKsrB,kBACLc,E,CASRgB,kBAAAA,GACI,MAAMhB,EAAepsB,KAAKqsB,kBAO1B,OANAD,EAAaU,WAAa,EAE1B9sB,KAAK+qB,aAAaoC,mBACdntB,KAAKsrB,kBACLc,GAEGA,EAAaU,S,CAMxBT,eAAAA,GAUI,OAJqBrsB,KAAK+qB,aAAasC,mBACnCrtB,KAAKsrB,oBANmC,CACxCkB,eAAgB,GAChBE,OAAQ,GACRI,UAAW,E,CAYnBQ,mBAAAA,GACI,MAAMlB,EAAepsB,KAAKqsB,kBACpBkB,EACF1C,EAAuB0B,gBAAgBH,GAE3C,GAAImB,IADenB,EAAaM,OAAOlrB,OAGnCxB,KAAK+qB,aAAayC,WAAWxtB,KAAKsrB,uBAC/B,CAEH,MAAMmC,EAA2C,CAC7CjB,eAAgBJ,EAAaI,eAAeC,MACrB,EAAnBc,GAEJb,OAAQN,EAAaM,OAAOD,MAAMc,GAClCT,UAAW,GAGf9sB,KAAK+qB,aAAaoC,mBACdntB,KAAKsrB,kBACLmC,EAEP,C,CAOL,sBAAOlB,CACHmB,GAEA,IAAIC,EACArB,EAAY,EACZsB,EAAW,EACf,MAAMjB,EAAae,EAAsBhB,OAAOlrB,OAChD,IAAKmsB,EAAI,EAAGA,EAAIhB,EAAYgB,IAAK,CAE7B,MAAMxC,EACFuC,EAAsBlB,eAAe,EAAImB,IACzCptB,EAAAA,GAAUsN,aACR/N,EACF4tB,EAAsBlB,eAAe,EAAImB,EAAI,IAC7CptB,EAAAA,GAAUsN,aACR0O,EACFmR,EAAsBhB,OAAOiB,IAAMptB,EAAAA,GAAUsN,aASjD,GANA+f,GACIzC,EAAMjH,WAAW1iB,OACjB1B,EAAcokB,WAAW1iB,OACzB+a,EAAU/a,OACV,IAEAosB,EAAWrC,EAAAA,GAAuBsC,uBAIlC,MAFAvB,GAAa,CAIpB,CAED,OAAOA,C,CAQXL,wBAAAA,GACI,MAAM6B,EAAkC,GAQxC,OANAA,EAAsBjsB,KAAK7B,KAAK+tB,YAAcxtB,EAAAA,GAAUsN,cACxDigB,EAAsBjsB,KAAK7B,KAAKguB,cAAgBztB,EAAAA,GAAUsN,cAC1DigB,EAAsBjsB,KAClB7B,KAAKiuB,eAAiB1tB,EAAAA,GAAUsN,cAG7BigB,EAAsBxhB,KAAK,I,CAStC4hB,6BAAAA,CACIC,GAEAnuB,KAAK+tB,WAAaI,EAAwBC,YAC1CpuB,KAAKguB,aAAeG,EAAwBE,cAC5CruB,KAAKiuB,cAAgBE,EAAwBG,c,CAMjDC,eAAAA,CAAgBvD,GACZhrB,KAAKgrB,aAAeA,C,CAGxBwD,wBAAAA,CAAyBjS,GACrB,MAAM6P,EAAepsB,KAAKqsB,kBAC1BD,EAAaP,sBAAwBtP,EACrCvc,KAAK+qB,aAAaoC,mBACdntB,KAAKsrB,kBACLc,E,CAIRN,wBAAAA,GACI,OAAO9rB,KAAKqsB,kBAAkBR,qB,CAGlC4C,0BAAAA,GACI,MAAMrC,EAAepsB,KAAKqsB,yBACnBD,EAAaP,sBACpB7rB,KAAK+qB,aAAaoC,mBACdntB,KAAKsrB,kBACLc,E,CAIR,yBAAOpC,CAAmBxe,GACtB,OAAOwe,EAAmBxe,E,2GClWrBkjB,EAGT,aAAWC,GACP,OAAO3uB,KAAK4uB,U,CAGhB/uB,WAAAA,CAAYgvB,GAER,GADA7uB,KAAK4uB,WAAaC,GACb7uB,KAAK4uB,WAEN,MAAMtoB,EAAAA,EAAAA,IACFwoB,EAAAA,IAIHD,EAAIjtB,SAAS,OACd5B,KAAK4uB,WAAaF,EAAUK,gBAAgBF,G,CAQpD,sBAAOE,CAAgBF,GACnB,GAAIA,EAAK,CACL,IAAIG,EAAeH,EAAIpgB,cAYvB,OAVItB,EAAAA,EAAY+P,SAAS8R,EAAc,KACnCA,EAAeA,EAAavC,MAAM,GAAI,GAC/Btf,EAAAA,EAAY+P,SAAS8R,EAAc,QAC1CA,EAAeA,EAAavC,MAAM,GAAI,IAGrCtf,EAAAA,EAAY+P,SAAS8R,EAAc,OACpCA,GAAgB,KAGbA,CACV,CAED,OAAOH,C,CAMXI,aAAAA,GAEI,IAAIC,EACJ,IACIA,EAAalvB,KAAKmvB,kBACrB,CAAC,MAAO/lB,GACL,MAAM9C,EAAAA,EAAAA,IACF8oB,EAAAA,GAEP,CAGD,IAAKF,EAAWG,kBAAoBH,EAAWI,aAC3C,MAAMhpB,EAAAA,EAAAA,IACF8oB,EAAAA,IAKR,IACKF,EAAWK,UAC0B,WAAtCL,EAAWK,SAAS9gB,cAEpB,MAAMnI,EAAAA,EAAAA,IACFkpB,EAAAA,G,CAUZ,wBAAOC,CAAkBZ,EAAaa,GAClC,OAAKA,EAIEb,EAAIniB,QAAQ,KAAO,EAAC,GAAAhM,OAClBmuB,EAAG,KAAAnuB,OAAIgvB,GAAW,GAAAhvB,OAClBmuB,EAAG,KAAAnuB,OAAIgvB,GALLb,C,CAYf,wBAAOc,CAAkBd,GACrB,OAAOH,EAAUK,gBAAgBF,EAAI/gB,MAAM,KAAK,G,CAQpD8hB,iBAAAA,CAAkBnV,GACd,MAAMoV,EAAY7vB,KAAKmvB,mBACjBW,EAAYD,EAAUP,aAS5B,OAPI7U,GACqB,IAArBqV,EAAUtuB,QACTsuB,EAAU,KAAOC,EAAAA,GAAsBC,QACpCF,EAAU,KAAOC,EAAAA,GAAsBE,gBAE3CH,EAAU,GAAKrV,GAEZiU,EAAUwB,gCAAgCL,E,CAOrDV,gBAAAA,GAEI,MAAMgB,EAAQC,OACV,8DAIEC,EAAQrwB,KAAK2uB,UAAU0B,MAAMF,GACnC,IAAKE,EACD,MAAM/pB,EAAAA,EAAAA,IACF8oB,EAAAA,IAKR,MAAMkB,EAAgB,CAClBf,SAAUc,EAAM,GAChBhB,gBAAiBgB,EAAM,GACvBE,aAAcF,EAAM,GACpBG,YAAaH,EAAM,IAGvB,IAAII,EAAeH,EAAcC,aAAaziB,MAAM,KAapD,OAZA2iB,EAAeA,EAAa7N,QAAQzS,GAAQA,GAAOA,EAAI3O,OAAS,IAChE8uB,EAAchB,aAAemB,EAGzBH,EAAcE,aACdF,EAAcE,YAAYtT,SAAS,OAEnCoT,EAAcE,YAAcF,EAAcE,YAAY3e,UAClD,EACAye,EAAcE,YAAYhvB,OAAS,IAGpC8uB,C,CAGX,uBAAOI,CAAiB7B,GACpB,MAAMsB,EAAQC,OAAO,4BAEfC,EAAQxB,EAAIwB,MAAMF,GAExB,IAAKE,EACD,MAAM/pB,EAAAA,EAAAA,IACF8oB,EAAAA,IAIR,OAAOiB,EAAM,E,CAGjB,qBAAOM,CAAeC,EAAqBC,GACvC,GAAID,EAAY,KAAOrwB,EAAAA,GAAUuwB,cAAe,CAC5C,MACMC,EADM,IAAIrC,EAAUmC,GACC1B,mBAE3B,OACI4B,EAAexB,SACf,KACAwB,EAAe1B,gBACfuB,CAEP,CAED,OAAOA,C,CAGX,sCAAOV,CAAgCL,GACnC,OAAO,IAAInB,EACPmB,EAAUN,SACN,KACAM,EAAUR,gBACV,IACAQ,EAAUP,aAAahjB,KAAK,K,CAQxC,kCAAO0kB,CAA4BC,GAC/B,SAASC,EAAAA,EAAAA,yBAAiCD,E,qBCrN3CE,eAAeC,EAClB3pB,EACArF,EACAivB,GAEA,GAA+B,iBAApB5pB,EACP,OAAOA,EAMP,OAAOA,EAJ+B,CAClCrF,SAAUA,EACVivB,cAAeA,GAI3B,C,0VCnBa,MAAA9wB,EAAY,CACrB+wB,aAAc,UACdC,IAAK,iBAELC,aAAc,OAEdC,kBAAmB,4CACnBC,uBAAwB,4BACxBC,sBAAuB,SAEvBC,KAAM,OACNC,KAAM,SAENC,6BACI,sGAEJC,cAAe,iBACfC,yBAA0B,mBAE1BC,eAAgB,IAEhBC,WAAY,aAEZ5tB,OAAQ,SAER6tB,cAAe,uCAEfC,aAAc,SACdC,cAAe,UACfnkB,qBAAsB,iBACtBokB,YAAa,QAEb9xB,mBAAoB,OACpB+xB,gBAAiB,qBACjBC,cAAe,gBACfC,uBAAwB,WACxBC,2BAA4B,OAC5BC,sBAAuB,kDACvBC,sBAAuB,wBACvBC,YAAa,cACbhlB,aAAc,GACdqd,eAAgB,MAChBxY,cAAe,gBACfoe,cAAe,IACfgC,cAAe,4DACfC,aAAc,aACdC,aAAc,IACdC,gCAAiC,gBACjCC,kCAAmC,sBACnCC,oBAAqB,CACjB,4BACA,oBACA,sBACA,mBAEJxyB,oBAAqB,QACrBC,uBAAwB,WACxBwyB,mBAAoB,IACpBC,iBAAkB,oBAGTxgB,EAAa,CACtBygB,QAAS,IACTC,oBAAqB,IACrBC,kBAAmB,IACnBC,SAAU,IACVC,aAAc,IACdzgB,yBAA0B,IAC1B0gB,YAAa,IACbC,aAAc,IACdC,UAAW,IACXC,gBAAiB,IACjBC,kBAAmB,IACnB7gB,uBAAwB,IACxB8gB,aAAc,IACdlhB,yBAA0B,IAC1BmhB,oBAAqB,IACrBC,gBAAiB,IACjBnhB,uBAAwB,IACxBohB,kBAAmB,KAIVxyB,EAAsB,CAC/BpB,EAAU6xB,aACV7xB,EAAU8xB,cACV9xB,EAAU2N,sBAGDa,EAAc,IAAIpN,EAAqBpB,EAAU+xB,aAKjD/uB,EAAc,CACvB6wB,aAAc,eACdC,eAAgB,iBAChBC,YAAa,cACb9wB,WAAY,kBACZ+wB,gBAAiB,mBACjBC,mBAAoB,sBACpBC,gBAAiB,kBACjBC,kBAAmB,gBAOVC,EAAsB,CAC/BC,SAAU,UACVpsB,YAAa,cACbqsB,cAAe,eACfC,MAAO,QACPC,WAAY,oBACZC,eAAgB,iBAChBC,uBAAwB,0BAQflF,EAAwB,CACjCC,OAAQ,SACRC,cAAe,gBACfiF,UAAW,aAQF3rB,EAAoB,CAC7BC,aAAc,eACdC,OAAQ,UAUCgD,EAAc,CACvB0oB,MAAO,QACPC,eAAgB,iBAChBC,QAAS,UACTC,KAAM,OACNC,OAAQ,SACRC,WAAY,cAMH3oB,EAA4B,CACrCC,MAAO,QACPC,KAAM,QAMG0oB,EAAqB,CAC9Bx0B,MAAO,QACPy0B,SAAU,YAQD10B,GAAYyf,EAAAA,EAAAA,IAAAA,EAAAA,EAAAA,GAAA,GAClBgV,GAAkB,IACrBE,UAAW,cAOFC,EAAY,CACrBC,eAAgB,WAChBC,yBAA0B,qBAC1BC,yBAA0B,qBAC1BC,8BAA+B,WAC/BC,oBAAqB,gBACrBC,kBAAmB,cACnBC,WAAY,+CAOHC,EAAmB,CAC5BC,mBAAoB,QACpBC,kBAAmB,OACnBC,mBAAoB,MACpBC,qBAAsB,WAQb/K,EAAa,CACtBC,oBAAqB,IACrB+K,sBAAuB,KAOdC,EAAiB,CAC1B9B,SAAU,UACVprB,aAAc,cACdmtB,8BAA+B,8BAC/B1vB,cAAe,gBAwBN2vB,EAAe,cACfpuB,EAAc,cACdsR,EAAgB,IAEhB+c,EAA+B,CACxCrL,UAAW,qBACXsL,qBAAsB,OAGbC,EAA0B,CACnCC,OAAQ,SACRC,MAAO,QACPC,QAAS,UACTC,iBAAkB,oBAKT5L,EAAyB,CAClCW,eAAgB,EAChBkL,qBAAsB,GACtBvJ,sBAAuB,IACvBb,kBAAmB,GACnBxB,UAAW,mBACXW,mBAAoB,IACpBR,gBAAiB,IACjBiB,cAAe,IACfC,eAAgB,IAChBK,cAAe,iBAMN9iB,EAAuB,CAChCitB,OAAQ,SACRhtB,IAAK,MACLI,IAAK,YAQIS,EAAsB,CAE/BosB,8BAA+B,GAE/BC,kCAAmC,KAEnCC,kBAAmB,aAEnBrsB,0BAA2B,qBAGlBssB,EAAS,CAClBC,oBAAqB,gBACrBC,sBAAuB,mBAMd7tB,EAAyB,CAClCD,SAAU,WACVG,SAAU,YAQD4tB,EAAgB,CACzBC,YAAa,IACbC,eAAgB,KAOPC,EAAyB,CAClCC,sBAAuB,IACvBC,eAAgB,IAChBC,qBAAsB,IACtBC,KAAM,KAQGC,EAA0B,CACnCC,4BAA6B,IAC7BC,6BAA8B,IAC9BC,wBAAyB,IACzBC,oCAAqC,IACrCC,gCAAiC,KAQxBxN,EAAe,CAExBC,eAAgB,IAEhBwN,wBAAyB,IAEzBC,uBAAwB,IAExBC,4BAA6B,IAE7BC,sBAAuB,KAIdC,EAAoB,CAC7BC,IAAK,MACLC,IAAK,MACLC,IAAK,OAQIC,EAAmC,G,4CC/WzC,MAAMC,EAASA,CAClBpV,EACAhF,EACAxO,EACA6oB,EACAt5B,IAEO,WACHyQ,EAAOsM,MAAM,sBAADnc,OAAuBqe,IACnC,MAAMiB,EAAkBoZ,aAAe,EAAfA,EAAiB1Z,iBACrCX,EACAjf,GAEJ,GAAIA,EAAe,CAEf,MAAMu5B,EAAata,EAAY,YAC/Bqa,SAAAA,EAAiBtY,gBACb,CAAE,CAACuY,GAAa,GAChBv5B,EAEP,CACD,IACI,MAAMukB,EAASN,KAASxiB,WAKxB,OAJAye,SAAAA,EAAiBO,IAAI,CACjB+B,SAAS,IAEb/R,EAAOsM,MAAM,yBAADnc,OAA0Bqe,IAC/BsF,CACV,CAAC,MAAOjb,GACLmH,EAAOsM,MAAM,qBAADnc,OAAsBqe,IAClC,IACIxO,EAAOsM,MAAM3T,KAAKS,UAAUP,GAC/B,CAAC,MAAOA,GACLmH,EAAOsM,MAAM,iCAChB,CAOD,MANAmD,SAAAA,EAAiBO,IACb,CACI+B,SAAS,GAEblZ,GAEEA,CACT,CACL,EAgBSkwB,EAAcA,CACvBvV,EACAhF,EACAxO,EACA6oB,EACAt5B,IAEO,WACHyQ,EAAOsM,MAAM,sBAADnc,OAAuBqe,IACnC,MAAMiB,EAAkBoZ,aAAe,EAAfA,EAAiB1Z,iBACrCX,EACAjf,GAEJ,GAAIA,EAAe,CAEf,MAAMu5B,EAAata,EAAY,YAC/Bqa,SAAAA,EAAiBtY,gBACb,CAAE,CAACuY,GAAa,GAChBv5B,EAEP,CAED,OADAs5B,SAAAA,EAAiBrP,gBAAgBhL,EAAWjf,GACrCikB,KAASxiB,WACXg4B,MAAMtI,IACH1gB,EAAOsM,MAAM,yBAADnc,OAA0Bqe,IACtCiB,SAAAA,EAAiBO,IAAI,CACjB+B,SAAS,IAEN2O,KAEVuI,OAAOpwB,IACJmH,EAAOsM,MAAM,qBAADnc,OAAsBqe,IAClC,IACIxO,EAAOsM,MAAM3T,KAAKS,UAAUP,GAC/B,CAAC,MAAOA,GACLmH,EAAOsM,MAAM,iCAChB,CAOD,MANAmD,SAAAA,EAAiBO,IACb,CACI+B,SAAS,GAEblZ,GAEEA,CAAC,GAEnB,C,kFCzFS6L,EAMT,sBAAOwkB,CACHnpB,EACAopB,EACAC,GAEA,MAAMC,EAAe3kB,EAAc4kB,qBAC/BvpB,EACAqpB,GAEJ,OAAOD,EAAS,GAAAh5B,OACPk5B,GAAYl5B,OAAGH,EAAAA,GAAU0xB,gBAAcvxB,OAAGg5B,GAC7CE,C,CAQV,2BAAOC,CACHvpB,EACAqpB,GAEA,IAAKrpB,EACD,MAAMhB,EAAAA,EAAAA,IAAsBwqB,EAAAA,IAIhC,MAAMC,EAA+B,CACjC/V,GAAI1T,EAAU0pB,iBAGdL,IACAI,EAASJ,KAAOA,GAGpB,MAAMM,EAAc/wB,KAAKS,UAAUowB,GAEnC,OAAOzpB,EAAU4pB,aAAaD,E,CAQlC,wBAAO/kB,CACH5E,EACAzK,GAEA,IAAKyK,EACD,MAAMhB,EAAAA,EAAAA,IAAsBwqB,EAAAA,IAGhC,IAAKj0B,EACD,MAAMyJ,EAAAA,EAAAA,IAAsB2B,EAAAA,IAGhC,IAEI,MAAMkpB,EAAat0B,EAAMiI,MAAMvN,EAAAA,GAAU0xB,gBACnC2H,EAAeO,EAAW,GAC1BT,EACFS,EAAW34B,OAAS,EACd24B,EAAW1N,MAAM,GAAGngB,KAAK/L,EAAAA,GAAU0xB,gBACnC1xB,EAAAA,GAAUsN,aACdusB,EAAqB9pB,EAAU+D,aAAaulB,GAC5CS,EAAkBnxB,KAAKC,MACzBixB,GAEJ,MAAO,CACHzf,iBAAkB+e,GAAan5B,EAAAA,GAAUsN,aACzC+rB,aAAcS,EAErB,CAAC,MAAOjxB,GACL,MAAMkG,EAAAA,EAAAA,IAAsB2B,EAAAA,GAC/B,C,4CC7GI9D,EAKT,iBAAOmtB,CAAWC,GACd,GAAIA,EACA,IACI,MAAMC,EAAMtxB,KAAKC,MAAMoxB,GACvB,OAAmC,IAA5B5xB,OAAOga,KAAK6X,GAAKh5B,MAC3B,CAAC,MAAO4H,GAAI,CAEjB,OAAO,C,CAGX,iBAAOiS,CAAWof,EAAaC,GAC3B,OAA+B,IAAxBD,EAAI/tB,QAAQguB,E,CAGvB,eAAOxd,CAASud,EAAaC,GACzB,OACID,EAAIj5B,QAAUk5B,EAAOl5B,QACrBi5B,EAAI7oB,YAAY8oB,KAAYD,EAAIj5B,OAASk5B,EAAOl5B,M,CASxD,0BAAOm5B,CAAuBC,GAC1B,MAAMJ,EAAU,CAAC,EACXhvB,EAASovB,EAAM9sB,MAAM,KACrB+sB,EAAUC,GAAc9pB,mBAAmB8pB,EAAE1d,QAAQ,MAAO,MASlE,OARA5R,EAAO3C,SAASkyB,IACZ,GAAIA,EAAK5rB,OAAQ,CACb,MAAOpG,EAAKC,GAAS+xB,EAAKjtB,MAAM,SAAU,GACtC/E,GAAOC,IACPwxB,EAAIK,EAAO9xB,IAAQ8xB,EAAO7xB,GAEjC,KAEEwxB,C,CAQX,uBAAOptB,CAAiB4tB,GACpB,OAAOA,EAAIC,KAAKC,GAAUA,EAAM/rB,Q,CAOpC,kCAAO7B,CAA4B0tB,GAC/B,OAAOA,EAAIpY,QAAQsY,KACNA,G,CAQjB,sBAAOC,CAAmBV,GACtB,IACI,OAAOvxB,KAAKC,MAAMsxB,EACrB,CAAC,MAAOrxB,GACL,OAAO,IACV,C,CAQL,mBAAOgyB,CAAaC,EAAiBC,GAajC,OAPsB,IAAIlL,OACtBiL,EACKje,QAAQ,MAAO,QACfA,QAAQ,MAAO,SACfA,QAAQ,MAAO,QAGXme,KAAKD,E,8BC3FVE,IAEZ,OAAO/Z,KAAKC,OAAM,IAAI/H,MAAO8hB,UAAY,IAC7C,CAMgB,SAAAC,EAAeziB,EAAmB0iB,GAE9C,MAAMC,EAAgBhiB,OAAOX,IAAc,EAI3C,OAH6BuiB,IAAeG,EAGdC,CAClC,CAQM,SAAUC,EAAmBC,GAG/B,OAFoBliB,OAAOkiB,GAENN,GACzB,CAOgB,SAAAO,EAASC,EAAWhzB,GAChC,OAAO,IAAIizB,SAASC,GAAYC,YAAW,IAAMD,EAAQlzB,IAAQgzB,IACrE,C,qNClCM,SAAUI,EAAwBC,GACpC,OAAIA,EAAehhB,WAAW,MACnBghB,EAAexqB,UAAU,GAEhCwqB,EAAehhB,WAAW,MAC1BghB,EAAehhB,WAAW,KAEnBghB,EAAexqB,UAAU,GAG7BwqB,CACX,CAKM,SAAUnL,EACZmL,GAGA,IAAKA,GAAkBA,EAAe3vB,QAAQ,KAAO,EACjD,OAAO,KAEX,IAEI,MAAM4vB,EAAqBF,EAAwBC,GAE7CE,EACF5zB,OAAO6zB,YAAY,IAAIC,gBAAgBH,IAG3C,GACIC,EAAiB51B,MACjB41B,EAAiBprB,OACjBorB,EAAiBnrB,mBACjBmrB,EAAiB12B,MAEjB,OAAO02B,CAEd,CAAC,MAAOnzB,GACL,MAAMkG,EAAAA,EAAAA,IAAsBotB,EAAAA,GAC/B,CAED,OAAO,IACX,C","sources":["../node_modules/@azure/msal-common/src/packageMetadata.ts","../node_modules/@azure/msal-common/src/request/RequestParameterBuilder.ts","../node_modules/@azure/msal-common/src/request/RequestValidator.ts","../node_modules/@azure/msal-common/src/request/ScopeSet.ts","../node_modules/@azure/msal-common/src/response/ResponseHandler.ts","../node_modules/@azure/msal-common/src/telemetry/performance/PerformanceClient.ts","../node_modules/@azure/msal-common/src/telemetry/performance/PerformanceEvent.ts","../node_modules/@azure/msal-common/src/telemetry/performance/StubPerformanceClient.ts","../node_modules/@azure/msal-common/src/telemetry/server/ServerTelemetryManager.ts","../node_modules/@azure/msal-common/src/url/UrlString.ts","../node_modules/@azure/msal-common/src/utils/ClientAssertionUtils.ts","../node_modules/@azure/msal-common/src/utils/Constants.ts","../node_modules/@azure/msal-common/src/utils/FunctionWrappers.ts","../node_modules/@azure/msal-common/src/utils/ProtocolUtils.ts","../node_modules/@azure/msal-common/src/utils/StringUtils.ts","../node_modules/@azure/msal-common/src/utils/TimeUtils.ts","../node_modules/@azure/msal-common/src/utils/UrlUtils.ts"],"sourcesContent":["/* eslint-disable header/header */\nexport const name = \"@azure/msal-common\";\nexport const version = \"14.16.0\";\n","/*\n * Copyright (c) Microsoft Corporation. All rights reserved.\n * Licensed under the MIT License.\n */\n\nimport {\n Constants,\n ResponseMode,\n CLIENT_INFO,\n AuthenticationScheme,\n ClaimsRequestKeys,\n PasswordGrantConstants,\n OIDC_DEFAULT_SCOPES,\n ThrottlingConstants,\n HeaderNames,\n} from \"../utils/Constants.js\";\nimport * as AADServerParamKeys from \"../constants/AADServerParamKeys.js\";\nimport { ScopeSet } from \"./ScopeSet.js\";\nimport {\n createClientConfigurationError,\n ClientConfigurationErrorCodes,\n} from \"../error/ClientConfigurationError.js\";\nimport { StringDict } from \"../utils/MsalTypes.js\";\nimport { RequestValidator } from \"./RequestValidator.js\";\nimport {\n ApplicationTelemetry,\n LibraryInfo,\n} from \"../config/ClientConfiguration.js\";\nimport { ServerTelemetryManager } from \"../telemetry/server/ServerTelemetryManager.js\";\nimport { ClientInfo } from \"../account/ClientInfo.js\";\nimport { IPerformanceClient } from \"../telemetry/performance/IPerformanceClient.js\";\n\nfunction instrumentBrokerParams(\n parameters: Map,\n correlationId?: string,\n performanceClient?: IPerformanceClient\n) {\n if (!correlationId) {\n return;\n }\n\n const clientId = parameters.get(AADServerParamKeys.CLIENT_ID);\n if (clientId && parameters.has(AADServerParamKeys.BROKER_CLIENT_ID)) {\n performanceClient?.addFields(\n {\n embeddedClientId: clientId,\n embeddedRedirectUri: parameters.get(\n AADServerParamKeys.REDIRECT_URI\n ),\n },\n correlationId\n );\n }\n}\n\n/** @internal */\nexport class RequestParameterBuilder {\n private parameters: Map;\n private readonly performanceClient?: IPerformanceClient;\n private readonly correlationId?: string;\n\n constructor(\n correlationId?: string,\n performanceClient?: IPerformanceClient\n ) {\n this.parameters = new Map();\n this.performanceClient = performanceClient;\n this.correlationId = correlationId;\n }\n\n /**\n * add response_type = code\n */\n addResponseTypeCode(): void {\n this.parameters.set(\n AADServerParamKeys.RESPONSE_TYPE,\n encodeURIComponent(Constants.CODE_RESPONSE_TYPE)\n );\n }\n\n /**\n * add response_type = token id_token\n */\n addResponseTypeForTokenAndIdToken(): void {\n this.parameters.set(\n AADServerParamKeys.RESPONSE_TYPE,\n encodeURIComponent(\n `${Constants.TOKEN_RESPONSE_TYPE} ${Constants.ID_TOKEN_RESPONSE_TYPE}`\n )\n );\n }\n\n /**\n * add response_mode. defaults to query.\n * @param responseMode\n */\n addResponseMode(responseMode?: ResponseMode): void {\n this.parameters.set(\n AADServerParamKeys.RESPONSE_MODE,\n encodeURIComponent(responseMode ? responseMode : ResponseMode.QUERY)\n );\n }\n\n /**\n * Add flag to indicate STS should attempt to use WAM if available\n */\n addNativeBroker(): void {\n this.parameters.set(\n AADServerParamKeys.NATIVE_BROKER,\n encodeURIComponent(\"1\")\n );\n }\n\n /**\n * add scopes. set addOidcScopes to false to prevent default scopes in non-user scenarios\n * @param scopeSet\n * @param addOidcScopes\n */\n addScopes(\n scopes: string[],\n addOidcScopes: boolean = true,\n defaultScopes: Array = OIDC_DEFAULT_SCOPES\n ): void {\n // Always add openid to the scopes when adding OIDC scopes\n if (\n addOidcScopes &&\n !defaultScopes.includes(\"openid\") &&\n !scopes.includes(\"openid\")\n ) {\n defaultScopes.push(\"openid\");\n }\n const requestScopes = addOidcScopes\n ? [...(scopes || []), ...defaultScopes]\n : scopes || [];\n const scopeSet = new ScopeSet(requestScopes);\n this.parameters.set(\n AADServerParamKeys.SCOPE,\n encodeURIComponent(scopeSet.printScopes())\n );\n }\n\n /**\n * add clientId\n * @param clientId\n */\n addClientId(clientId: string): void {\n this.parameters.set(\n AADServerParamKeys.CLIENT_ID,\n encodeURIComponent(clientId)\n );\n }\n\n /**\n * add redirect_uri\n * @param redirectUri\n */\n addRedirectUri(redirectUri: string): void {\n RequestValidator.validateRedirectUri(redirectUri);\n this.parameters.set(\n AADServerParamKeys.REDIRECT_URI,\n encodeURIComponent(redirectUri)\n );\n }\n\n /**\n * add post logout redirectUri\n * @param redirectUri\n */\n addPostLogoutRedirectUri(redirectUri: string): void {\n RequestValidator.validateRedirectUri(redirectUri);\n this.parameters.set(\n AADServerParamKeys.POST_LOGOUT_URI,\n encodeURIComponent(redirectUri)\n );\n }\n\n /**\n * add id_token_hint to logout request\n * @param idTokenHint\n */\n addIdTokenHint(idTokenHint: string): void {\n this.parameters.set(\n AADServerParamKeys.ID_TOKEN_HINT,\n encodeURIComponent(idTokenHint)\n );\n }\n\n /**\n * add domain_hint\n * @param domainHint\n */\n addDomainHint(domainHint: string): void {\n this.parameters.set(\n AADServerParamKeys.DOMAIN_HINT,\n encodeURIComponent(domainHint)\n );\n }\n\n /**\n * add login_hint\n * @param loginHint\n */\n addLoginHint(loginHint: string): void {\n this.parameters.set(\n AADServerParamKeys.LOGIN_HINT,\n encodeURIComponent(loginHint)\n );\n }\n\n /**\n * Adds the CCS (Cache Credential Service) query parameter for login_hint\n * @param loginHint\n */\n addCcsUpn(loginHint: string): void {\n this.parameters.set(\n HeaderNames.CCS_HEADER,\n encodeURIComponent(`UPN:${loginHint}`)\n );\n }\n\n /**\n * Adds the CCS (Cache Credential Service) query parameter for account object\n * @param loginHint\n */\n addCcsOid(clientInfo: ClientInfo): void {\n this.parameters.set(\n HeaderNames.CCS_HEADER,\n encodeURIComponent(`Oid:${clientInfo.uid}@${clientInfo.utid}`)\n );\n }\n\n /**\n * add sid\n * @param sid\n */\n addSid(sid: string): void {\n this.parameters.set(AADServerParamKeys.SID, encodeURIComponent(sid));\n }\n\n /**\n * add claims\n * @param claims\n */\n addClaims(claims?: string, clientCapabilities?: Array): void {\n const mergedClaims = this.addClientCapabilitiesToClaims(\n claims,\n clientCapabilities\n );\n RequestValidator.validateClaims(mergedClaims);\n this.parameters.set(\n AADServerParamKeys.CLAIMS,\n encodeURIComponent(mergedClaims)\n );\n }\n\n /**\n * add correlationId\n * @param correlationId\n */\n addCorrelationId(correlationId: string): void {\n this.parameters.set(\n AADServerParamKeys.CLIENT_REQUEST_ID,\n encodeURIComponent(correlationId)\n );\n }\n\n /**\n * add library info query params\n * @param libraryInfo\n */\n addLibraryInfo(libraryInfo: LibraryInfo): void {\n // Telemetry Info\n this.parameters.set(AADServerParamKeys.X_CLIENT_SKU, libraryInfo.sku);\n this.parameters.set(\n AADServerParamKeys.X_CLIENT_VER,\n libraryInfo.version\n );\n if (libraryInfo.os) {\n this.parameters.set(AADServerParamKeys.X_CLIENT_OS, libraryInfo.os);\n }\n if (libraryInfo.cpu) {\n this.parameters.set(\n AADServerParamKeys.X_CLIENT_CPU,\n libraryInfo.cpu\n );\n }\n }\n\n /**\n * Add client telemetry parameters\n * @param appTelemetry\n */\n addApplicationTelemetry(appTelemetry: ApplicationTelemetry): void {\n if (appTelemetry?.appName) {\n this.parameters.set(\n AADServerParamKeys.X_APP_NAME,\n appTelemetry.appName\n );\n }\n\n if (appTelemetry?.appVersion) {\n this.parameters.set(\n AADServerParamKeys.X_APP_VER,\n appTelemetry.appVersion\n );\n }\n }\n\n /**\n * add prompt\n * @param prompt\n */\n addPrompt(prompt: string): void {\n RequestValidator.validatePrompt(prompt);\n this.parameters.set(\n `${AADServerParamKeys.PROMPT}`,\n encodeURIComponent(prompt)\n );\n }\n\n /**\n * add state\n * @param state\n */\n addState(state: string): void {\n if (state) {\n this.parameters.set(\n AADServerParamKeys.STATE,\n encodeURIComponent(state)\n );\n }\n }\n\n /**\n * add nonce\n * @param nonce\n */\n addNonce(nonce: string): void {\n this.parameters.set(\n AADServerParamKeys.NONCE,\n encodeURIComponent(nonce)\n );\n }\n\n /**\n * add code_challenge and code_challenge_method\n * - throw if either of them are not passed\n * @param codeChallenge\n * @param codeChallengeMethod\n */\n addCodeChallengeParams(\n codeChallenge: string,\n codeChallengeMethod: string\n ): void {\n RequestValidator.validateCodeChallengeParams(\n codeChallenge,\n codeChallengeMethod\n );\n if (codeChallenge && codeChallengeMethod) {\n this.parameters.set(\n AADServerParamKeys.CODE_CHALLENGE,\n encodeURIComponent(codeChallenge)\n );\n this.parameters.set(\n AADServerParamKeys.CODE_CHALLENGE_METHOD,\n encodeURIComponent(codeChallengeMethod)\n );\n } else {\n throw createClientConfigurationError(\n ClientConfigurationErrorCodes.pkceParamsMissing\n );\n }\n }\n\n /**\n * add the `authorization_code` passed by the user to exchange for a token\n * @param code\n */\n addAuthorizationCode(code: string): void {\n this.parameters.set(AADServerParamKeys.CODE, encodeURIComponent(code));\n }\n\n /**\n * add the `authorization_code` passed by the user to exchange for a token\n * @param code\n */\n addDeviceCode(code: string): void {\n this.parameters.set(\n AADServerParamKeys.DEVICE_CODE,\n encodeURIComponent(code)\n );\n }\n\n /**\n * add the `refreshToken` passed by the user\n * @param refreshToken\n */\n addRefreshToken(refreshToken: string): void {\n this.parameters.set(\n AADServerParamKeys.REFRESH_TOKEN,\n encodeURIComponent(refreshToken)\n );\n }\n\n /**\n * add the `code_verifier` passed by the user to exchange for a token\n * @param codeVerifier\n */\n addCodeVerifier(codeVerifier: string): void {\n this.parameters.set(\n AADServerParamKeys.CODE_VERIFIER,\n encodeURIComponent(codeVerifier)\n );\n }\n\n /**\n * add client_secret\n * @param clientSecret\n */\n addClientSecret(clientSecret: string): void {\n this.parameters.set(\n AADServerParamKeys.CLIENT_SECRET,\n encodeURIComponent(clientSecret)\n );\n }\n\n /**\n * add clientAssertion for confidential client flows\n * @param clientAssertion\n */\n addClientAssertion(clientAssertion: string): void {\n if (clientAssertion) {\n this.parameters.set(\n AADServerParamKeys.CLIENT_ASSERTION,\n encodeURIComponent(clientAssertion)\n );\n }\n }\n\n /**\n * add clientAssertionType for confidential client flows\n * @param clientAssertionType\n */\n addClientAssertionType(clientAssertionType: string): void {\n if (clientAssertionType) {\n this.parameters.set(\n AADServerParamKeys.CLIENT_ASSERTION_TYPE,\n encodeURIComponent(clientAssertionType)\n );\n }\n }\n\n /**\n * add OBO assertion for confidential client flows\n * @param clientAssertion\n */\n addOboAssertion(oboAssertion: string): void {\n this.parameters.set(\n AADServerParamKeys.OBO_ASSERTION,\n encodeURIComponent(oboAssertion)\n );\n }\n\n /**\n * add grant type\n * @param grantType\n */\n addRequestTokenUse(tokenUse: string): void {\n this.parameters.set(\n AADServerParamKeys.REQUESTED_TOKEN_USE,\n encodeURIComponent(tokenUse)\n );\n }\n\n /**\n * add grant type\n * @param grantType\n */\n addGrantType(grantType: string): void {\n this.parameters.set(\n AADServerParamKeys.GRANT_TYPE,\n encodeURIComponent(grantType)\n );\n }\n\n /**\n * add client info\n *\n */\n addClientInfo(): void {\n this.parameters.set(CLIENT_INFO, \"1\");\n }\n\n /**\n * add extraQueryParams\n * @param eQParams\n */\n addExtraQueryParameters(eQParams: StringDict): void {\n Object.entries(eQParams).forEach(([key, value]) => {\n if (!this.parameters.has(key) && value) {\n this.parameters.set(key, value);\n }\n });\n }\n\n addClientCapabilitiesToClaims(\n claims?: string,\n clientCapabilities?: Array\n ): string {\n let mergedClaims: object;\n\n // Parse provided claims into JSON object or initialize empty object\n if (!claims) {\n mergedClaims = {};\n } else {\n try {\n mergedClaims = JSON.parse(claims);\n } catch (e) {\n throw createClientConfigurationError(\n ClientConfigurationErrorCodes.invalidClaims\n );\n }\n }\n\n if (clientCapabilities && clientCapabilities.length > 0) {\n if (!mergedClaims.hasOwnProperty(ClaimsRequestKeys.ACCESS_TOKEN)) {\n // Add access_token key to claims object\n mergedClaims[ClaimsRequestKeys.ACCESS_TOKEN] = {};\n }\n\n // Add xms_cc claim with provided clientCapabilities to access_token key\n mergedClaims[ClaimsRequestKeys.ACCESS_TOKEN][\n ClaimsRequestKeys.XMS_CC\n ] = {\n values: clientCapabilities,\n };\n }\n\n return JSON.stringify(mergedClaims);\n }\n\n /**\n * adds `username` for Password Grant flow\n * @param username\n */\n addUsername(username: string): void {\n this.parameters.set(\n PasswordGrantConstants.username,\n encodeURIComponent(username)\n );\n }\n\n /**\n * adds `password` for Password Grant flow\n * @param password\n */\n addPassword(password: string): void {\n this.parameters.set(\n PasswordGrantConstants.password,\n encodeURIComponent(password)\n );\n }\n\n /**\n * add pop_jwk to query params\n * @param cnfString\n */\n addPopToken(cnfString: string): void {\n if (cnfString) {\n this.parameters.set(\n AADServerParamKeys.TOKEN_TYPE,\n AuthenticationScheme.POP\n );\n this.parameters.set(\n AADServerParamKeys.REQ_CNF,\n encodeURIComponent(cnfString)\n );\n }\n }\n\n /**\n * add SSH JWK and key ID to query params\n */\n addSshJwk(sshJwkString: string): void {\n if (sshJwkString) {\n this.parameters.set(\n AADServerParamKeys.TOKEN_TYPE,\n AuthenticationScheme.SSH\n );\n this.parameters.set(\n AADServerParamKeys.REQ_CNF,\n encodeURIComponent(sshJwkString)\n );\n }\n }\n\n /**\n * add server telemetry fields\n * @param serverTelemetryManager\n */\n addServerTelemetry(serverTelemetryManager: ServerTelemetryManager): void {\n this.parameters.set(\n AADServerParamKeys.X_CLIENT_CURR_TELEM,\n serverTelemetryManager.generateCurrentRequestHeaderValue()\n );\n this.parameters.set(\n AADServerParamKeys.X_CLIENT_LAST_TELEM,\n serverTelemetryManager.generateLastRequestHeaderValue()\n );\n }\n\n /**\n * Adds parameter that indicates to the server that throttling is supported\n */\n addThrottling(): void {\n this.parameters.set(\n AADServerParamKeys.X_MS_LIB_CAPABILITY,\n ThrottlingConstants.X_MS_LIB_CAPABILITY_VALUE\n );\n }\n\n /**\n * Adds logout_hint parameter for \"silent\" logout which prevent server account picker\n */\n addLogoutHint(logoutHint: string): void {\n this.parameters.set(\n AADServerParamKeys.LOGOUT_HINT,\n encodeURIComponent(logoutHint)\n );\n }\n\n addBrokerParameters(params: {\n brokerClientId: string;\n brokerRedirectUri: string;\n }): void {\n const brokerParams: StringDict = {};\n brokerParams[AADServerParamKeys.BROKER_CLIENT_ID] =\n params.brokerClientId;\n brokerParams[AADServerParamKeys.BROKER_REDIRECT_URI] =\n params.brokerRedirectUri;\n\n this.addExtraQueryParameters(brokerParams);\n }\n\n /**\n * Utility to create a URL from the params map\n */\n createQueryString(): string {\n const queryParameterArray: Array = new Array();\n\n this.parameters.forEach((value, key) => {\n queryParameterArray.push(`${key}=${value}`);\n });\n\n instrumentBrokerParams(\n this.parameters,\n this.correlationId,\n this.performanceClient\n );\n\n return queryParameterArray.join(\"&\");\n }\n}\n","/*\n * Copyright (c) Microsoft Corporation. All rights reserved.\n * Licensed under the MIT License.\n */\n\nimport {\n createClientConfigurationError,\n ClientConfigurationErrorCodes,\n} from \"../error/ClientConfigurationError.js\";\nimport { PromptValue, CodeChallengeMethodValues } from \"../utils/Constants.js\";\n\n/**\n * Validates server consumable params from the \"request\" objects\n */\nexport class RequestValidator {\n /**\n * Utility to check if the `redirectUri` in the request is a non-null value\n * @param redirectUri\n */\n static validateRedirectUri(redirectUri: string): void {\n if (!redirectUri) {\n throw createClientConfigurationError(\n ClientConfigurationErrorCodes.redirectUriEmpty\n );\n }\n }\n\n /**\n * Utility to validate prompt sent by the user in the request\n * @param prompt\n */\n static validatePrompt(prompt: string): void {\n const promptValues = [];\n\n for (const value in PromptValue) {\n promptValues.push(PromptValue[value]);\n }\n\n if (promptValues.indexOf(prompt) < 0) {\n throw createClientConfigurationError(\n ClientConfigurationErrorCodes.invalidPromptValue\n );\n }\n }\n\n static validateClaims(claims: string): void {\n try {\n JSON.parse(claims);\n } catch (e) {\n throw createClientConfigurationError(\n ClientConfigurationErrorCodes.invalidClaims\n );\n }\n }\n\n /**\n * Utility to validate code_challenge and code_challenge_method\n * @param codeChallenge\n * @param codeChallengeMethod\n */\n static validateCodeChallengeParams(\n codeChallenge: string,\n codeChallengeMethod: string\n ): void {\n if (!codeChallenge || !codeChallengeMethod) {\n throw createClientConfigurationError(\n ClientConfigurationErrorCodes.pkceParamsMissing\n );\n } else {\n this.validateCodeChallengeMethod(codeChallengeMethod);\n }\n }\n\n /**\n * Utility to validate code_challenge_method\n * @param codeChallengeMethod\n */\n static validateCodeChallengeMethod(codeChallengeMethod: string): void {\n if (\n [\n CodeChallengeMethodValues.PLAIN,\n CodeChallengeMethodValues.S256,\n ].indexOf(codeChallengeMethod) < 0\n ) {\n throw createClientConfigurationError(\n ClientConfigurationErrorCodes.invalidCodeChallengeMethod\n );\n }\n }\n}\n","/*\n * Copyright (c) Microsoft Corporation. All rights reserved.\n * Licensed under the MIT License.\n */\n\nimport {\n createClientConfigurationError,\n ClientConfigurationErrorCodes,\n} from \"../error/ClientConfigurationError.js\";\nimport { StringUtils } from \"../utils/StringUtils.js\";\nimport {\n ClientAuthErrorCodes,\n createClientAuthError,\n} from \"../error/ClientAuthError.js\";\nimport { Constants, OIDC_SCOPES } from \"../utils/Constants.js\";\n\n/**\n * The ScopeSet class creates a set of scopes. Scopes are case-insensitive, unique values, so the Set object in JS makes\n * the most sense to implement for this class. All scopes are trimmed and converted to lower case strings in intersection and union functions\n * to ensure uniqueness of strings.\n */\nexport class ScopeSet {\n // Scopes as a Set of strings\n private scopes: Set;\n\n constructor(inputScopes: Array) {\n // Filter empty string and null/undefined array items\n const scopeArr = inputScopes\n ? StringUtils.trimArrayEntries([...inputScopes])\n : [];\n const filteredInput = scopeArr\n ? StringUtils.removeEmptyStringsFromArray(scopeArr)\n : [];\n\n // Validate and filter scopes (validate function throws if validation fails)\n this.validateInputScopes(filteredInput);\n\n this.scopes = new Set(); // Iterator in constructor not supported by IE11\n filteredInput.forEach((scope) => this.scopes.add(scope));\n }\n\n /**\n * Factory method to create ScopeSet from space-delimited string\n * @param inputScopeString\n * @param appClientId\n * @param scopesRequired\n */\n static fromString(inputScopeString: string): ScopeSet {\n const scopeString = inputScopeString || Constants.EMPTY_STRING;\n const inputScopes: Array = scopeString.split(\" \");\n return new ScopeSet(inputScopes);\n }\n\n /**\n * Creates the set of scopes to search for in cache lookups\n * @param inputScopeString\n * @returns\n */\n static createSearchScopes(inputScopeString: Array): ScopeSet {\n const scopeSet = new ScopeSet(inputScopeString);\n if (!scopeSet.containsOnlyOIDCScopes()) {\n scopeSet.removeOIDCScopes();\n } else {\n scopeSet.removeScope(Constants.OFFLINE_ACCESS_SCOPE);\n }\n\n return scopeSet;\n }\n\n /**\n * Used to validate the scopes input parameter requested by the developer.\n * @param {Array} inputScopes - Developer requested permissions. Not all scopes are guaranteed to be included in the access token returned.\n * @param {boolean} scopesRequired - Boolean indicating whether the scopes array is required or not\n */\n private validateInputScopes(inputScopes: Array): void {\n // Check if scopes are required but not given or is an empty array\n if (!inputScopes || inputScopes.length < 1) {\n throw createClientConfigurationError(\n ClientConfigurationErrorCodes.emptyInputScopesError\n );\n }\n }\n\n /**\n * Check if a given scope is present in this set of scopes.\n * @param scope\n */\n containsScope(scope: string): boolean {\n const lowerCaseScopes = this.printScopesLowerCase().split(\" \");\n const lowerCaseScopesSet = new ScopeSet(lowerCaseScopes);\n // compare lowercase scopes\n return scope\n ? lowerCaseScopesSet.scopes.has(scope.toLowerCase())\n : false;\n }\n\n /**\n * Check if a set of scopes is present in this set of scopes.\n * @param scopeSet\n */\n containsScopeSet(scopeSet: ScopeSet): boolean {\n if (!scopeSet || scopeSet.scopes.size <= 0) {\n return false;\n }\n\n return (\n this.scopes.size >= scopeSet.scopes.size &&\n scopeSet.asArray().every((scope) => this.containsScope(scope))\n );\n }\n\n /**\n * Check if set of scopes contains only the defaults\n */\n containsOnlyOIDCScopes(): boolean {\n let defaultScopeCount = 0;\n OIDC_SCOPES.forEach((defaultScope: string) => {\n if (this.containsScope(defaultScope)) {\n defaultScopeCount += 1;\n }\n });\n\n return this.scopes.size === defaultScopeCount;\n }\n\n /**\n * Appends single scope if passed\n * @param newScope\n */\n appendScope(newScope: string): void {\n if (newScope) {\n this.scopes.add(newScope.trim());\n }\n }\n\n /**\n * Appends multiple scopes if passed\n * @param newScopes\n */\n appendScopes(newScopes: Array): void {\n try {\n newScopes.forEach((newScope) => this.appendScope(newScope));\n } catch (e) {\n throw createClientAuthError(\n ClientAuthErrorCodes.cannotAppendScopeSet\n );\n }\n }\n\n /**\n * Removes element from set of scopes.\n * @param scope\n */\n removeScope(scope: string): void {\n if (!scope) {\n throw createClientAuthError(\n ClientAuthErrorCodes.cannotRemoveEmptyScope\n );\n }\n this.scopes.delete(scope.trim());\n }\n\n /**\n * Removes default scopes from set of scopes\n * Primarily used to prevent cache misses if the default scopes are not returned from the server\n */\n removeOIDCScopes(): void {\n OIDC_SCOPES.forEach((defaultScope: string) => {\n this.scopes.delete(defaultScope);\n });\n }\n\n /**\n * Combines an array of scopes with the current set of scopes.\n * @param otherScopes\n */\n unionScopeSets(otherScopes: ScopeSet): Set {\n if (!otherScopes) {\n throw createClientAuthError(\n ClientAuthErrorCodes.emptyInputScopeSet\n );\n }\n const unionScopes = new Set(); // Iterator in constructor not supported in IE11\n otherScopes.scopes.forEach((scope) =>\n unionScopes.add(scope.toLowerCase())\n );\n this.scopes.forEach((scope) => unionScopes.add(scope.toLowerCase()));\n return unionScopes;\n }\n\n /**\n * Check if scopes intersect between this set and another.\n * @param otherScopes\n */\n intersectingScopeSets(otherScopes: ScopeSet): boolean {\n if (!otherScopes) {\n throw createClientAuthError(\n ClientAuthErrorCodes.emptyInputScopeSet\n );\n }\n\n // Do not allow OIDC scopes to be the only intersecting scopes\n if (!otherScopes.containsOnlyOIDCScopes()) {\n otherScopes.removeOIDCScopes();\n }\n const unionScopes = this.unionScopeSets(otherScopes);\n const sizeOtherScopes = otherScopes.getScopeCount();\n const sizeThisScopes = this.getScopeCount();\n const sizeUnionScopes = unionScopes.size;\n return sizeUnionScopes < sizeThisScopes + sizeOtherScopes;\n }\n\n /**\n * Returns size of set of scopes.\n */\n getScopeCount(): number {\n return this.scopes.size;\n }\n\n /**\n * Returns the scopes as an array of string values\n */\n asArray(): Array {\n const array: Array = [];\n this.scopes.forEach((val) => array.push(val));\n return array;\n }\n\n /**\n * Prints scopes into a space-delimited string\n */\n printScopes(): string {\n if (this.scopes) {\n const scopeArr = this.asArray();\n return scopeArr.join(\" \");\n }\n return Constants.EMPTY_STRING;\n }\n\n /**\n * Prints scopes into a space-delimited lower-case string (used for caching)\n */\n printScopesLowerCase(): string {\n return this.printScopes().toLowerCase();\n }\n}\n","/*\n * Copyright (c) Microsoft Corporation. All rights reserved.\n * Licensed under the MIT License.\n */\n\nimport { ServerAuthorizationTokenResponse } from \"./ServerAuthorizationTokenResponse.js\";\nimport { ICrypto } from \"../crypto/ICrypto.js\";\nimport {\n ClientAuthErrorCodes,\n createClientAuthError,\n} from \"../error/ClientAuthError.js\";\nimport { ServerAuthorizationCodeResponse } from \"./ServerAuthorizationCodeResponse.js\";\nimport { Logger } from \"../logger/Logger.js\";\nimport { ServerError } from \"../error/ServerError.js\";\nimport { ScopeSet } from \"../request/ScopeSet.js\";\nimport { AuthenticationResult } from \"./AuthenticationResult.js\";\nimport { AccountEntity } from \"../cache/entities/AccountEntity.js\";\nimport { Authority } from \"../authority/Authority.js\";\nimport { IdTokenEntity } from \"../cache/entities/IdTokenEntity.js\";\nimport { AccessTokenEntity } from \"../cache/entities/AccessTokenEntity.js\";\nimport { RefreshTokenEntity } from \"../cache/entities/RefreshTokenEntity.js\";\nimport {\n InteractionRequiredAuthError,\n isInteractionRequiredError,\n} from \"../error/InteractionRequiredAuthError.js\";\nimport { CacheRecord } from \"../cache/entities/CacheRecord.js\";\nimport { CacheManager } from \"../cache/CacheManager.js\";\nimport { ProtocolUtils, RequestStateObject } from \"../utils/ProtocolUtils.js\";\nimport {\n AuthenticationScheme,\n Constants,\n THE_FAMILY_ID,\n HttpStatus,\n} from \"../utils/Constants.js\";\nimport { PopTokenGenerator } from \"../crypto/PopTokenGenerator.js\";\nimport { AppMetadataEntity } from \"../cache/entities/AppMetadataEntity.js\";\nimport { ICachePlugin } from \"../cache/interface/ICachePlugin.js\";\nimport { TokenCacheContext } from \"../cache/persistence/TokenCacheContext.js\";\nimport { ISerializableTokenCache } from \"../cache/interface/ISerializableTokenCache.js\";\nimport { AuthorizationCodePayload } from \"./AuthorizationCodePayload.js\";\nimport { BaseAuthRequest } from \"../request/BaseAuthRequest.js\";\nimport { IPerformanceClient } from \"../telemetry/performance/IPerformanceClient.js\";\nimport { PerformanceEvents } from \"../telemetry/performance/PerformanceEvent.js\";\nimport { checkMaxAge, extractTokenClaims } from \"../account/AuthToken.js\";\nimport {\n TokenClaims,\n getTenantIdFromIdTokenClaims,\n} from \"../account/TokenClaims.js\";\nimport {\n AccountInfo,\n buildTenantProfile,\n updateAccountTenantProfileData,\n} from \"../account/AccountInfo.js\";\nimport * as CacheHelpers from \"../cache/utils/CacheHelpers.js\";\n\nfunction parseServerErrorNo(\n serverResponse: ServerAuthorizationCodeResponse\n): string | undefined {\n const errorCodePrefix = \"code=\";\n const errorCodePrefixIndex =\n serverResponse.error_uri?.lastIndexOf(errorCodePrefix);\n return errorCodePrefixIndex && errorCodePrefixIndex >= 0\n ? serverResponse.error_uri?.substring(\n errorCodePrefixIndex + errorCodePrefix.length\n )\n : undefined;\n}\n\n/**\n * Class that handles response parsing.\n * @internal\n */\nexport class ResponseHandler {\n private clientId: string;\n private cacheStorage: CacheManager;\n private cryptoObj: ICrypto;\n private logger: Logger;\n private homeAccountIdentifier: string;\n private serializableCache: ISerializableTokenCache | null;\n private persistencePlugin: ICachePlugin | null;\n private performanceClient?: IPerformanceClient;\n\n constructor(\n clientId: string,\n cacheStorage: CacheManager,\n cryptoObj: ICrypto,\n logger: Logger,\n serializableCache: ISerializableTokenCache | null,\n persistencePlugin: ICachePlugin | null,\n performanceClient?: IPerformanceClient\n ) {\n this.clientId = clientId;\n this.cacheStorage = cacheStorage;\n this.cryptoObj = cryptoObj;\n this.logger = logger;\n this.serializableCache = serializableCache;\n this.persistencePlugin = persistencePlugin;\n this.performanceClient = performanceClient;\n }\n\n /**\n * Function which validates server authorization code response.\n * @param serverResponseHash\n * @param requestState\n * @param cryptoObj\n */\n validateServerAuthorizationCodeResponse(\n serverResponse: ServerAuthorizationCodeResponse,\n requestState: string\n ): void {\n if (!serverResponse.state || !requestState) {\n throw serverResponse.state\n ? createClientAuthError(\n ClientAuthErrorCodes.stateNotFound,\n \"Cached State\"\n )\n : createClientAuthError(\n ClientAuthErrorCodes.stateNotFound,\n \"Server State\"\n );\n }\n\n let decodedServerResponseState: string;\n let decodedRequestState: string;\n\n try {\n decodedServerResponseState = decodeURIComponent(\n serverResponse.state\n );\n } catch (e) {\n throw createClientAuthError(\n ClientAuthErrorCodes.invalidState,\n serverResponse.state\n );\n }\n\n try {\n decodedRequestState = decodeURIComponent(requestState);\n } catch (e) {\n throw createClientAuthError(\n ClientAuthErrorCodes.invalidState,\n serverResponse.state\n );\n }\n\n if (decodedServerResponseState !== decodedRequestState) {\n throw createClientAuthError(ClientAuthErrorCodes.stateMismatch);\n }\n\n // Check for error\n if (\n serverResponse.error ||\n serverResponse.error_description ||\n serverResponse.suberror\n ) {\n const serverErrorNo = parseServerErrorNo(serverResponse);\n if (\n isInteractionRequiredError(\n serverResponse.error,\n serverResponse.error_description,\n serverResponse.suberror\n )\n ) {\n throw new InteractionRequiredAuthError(\n serverResponse.error || \"\",\n serverResponse.error_description,\n serverResponse.suberror,\n serverResponse.timestamp || \"\",\n serverResponse.trace_id || \"\",\n serverResponse.correlation_id || \"\",\n serverResponse.claims || \"\",\n serverErrorNo\n );\n }\n\n throw new ServerError(\n serverResponse.error || \"\",\n serverResponse.error_description,\n serverResponse.suberror,\n serverErrorNo\n );\n }\n }\n\n /**\n * Function which validates server authorization token response.\n * @param serverResponse\n * @param refreshAccessToken\n */\n validateTokenResponse(\n serverResponse: ServerAuthorizationTokenResponse,\n refreshAccessToken?: boolean\n ): void {\n // Check for error\n if (\n serverResponse.error ||\n serverResponse.error_description ||\n serverResponse.suberror\n ) {\n const errString = `Error(s): ${\n serverResponse.error_codes || Constants.NOT_AVAILABLE\n } - Timestamp: ${\n serverResponse.timestamp || Constants.NOT_AVAILABLE\n } - Description: ${\n serverResponse.error_description || Constants.NOT_AVAILABLE\n } - Correlation ID: ${\n serverResponse.correlation_id || Constants.NOT_AVAILABLE\n } - Trace ID: ${\n serverResponse.trace_id || Constants.NOT_AVAILABLE\n }`;\n const serverErrorNo = serverResponse.error_codes?.length\n ? serverResponse.error_codes[0]\n : undefined;\n const serverError = new ServerError(\n serverResponse.error,\n errString,\n serverResponse.suberror,\n serverErrorNo,\n serverResponse.status\n );\n\n // check if 500 error\n if (\n refreshAccessToken &&\n serverResponse.status &&\n serverResponse.status >= HttpStatus.SERVER_ERROR_RANGE_START &&\n serverResponse.status <= HttpStatus.SERVER_ERROR_RANGE_END\n ) {\n this.logger.warning(\n `executeTokenRequest:validateTokenResponse - AAD is currently unavailable and the access token is unable to be refreshed.\\n${serverError}`\n );\n\n // don't throw an exception, but alert the user via a log that the token was unable to be refreshed\n return;\n // check if 400 error\n } else if (\n refreshAccessToken &&\n serverResponse.status &&\n serverResponse.status >= HttpStatus.CLIENT_ERROR_RANGE_START &&\n serverResponse.status <= HttpStatus.CLIENT_ERROR_RANGE_END\n ) {\n this.logger.warning(\n `executeTokenRequest:validateTokenResponse - AAD is currently available but is unable to refresh the access token.\\n${serverError}`\n );\n\n // don't throw an exception, but alert the user via a log that the token was unable to be refreshed\n return;\n }\n\n if (\n isInteractionRequiredError(\n serverResponse.error,\n serverResponse.error_description,\n serverResponse.suberror\n )\n ) {\n throw new InteractionRequiredAuthError(\n serverResponse.error,\n serverResponse.error_description,\n serverResponse.suberror,\n serverResponse.timestamp || Constants.EMPTY_STRING,\n serverResponse.trace_id || Constants.EMPTY_STRING,\n serverResponse.correlation_id || Constants.EMPTY_STRING,\n serverResponse.claims || Constants.EMPTY_STRING,\n serverErrorNo\n );\n }\n\n throw serverError;\n }\n }\n\n /**\n * Returns a constructed token response based on given string. Also manages the cache updates and cleanups.\n * @param serverTokenResponse\n * @param authority\n */\n async handleServerTokenResponse(\n serverTokenResponse: ServerAuthorizationTokenResponse,\n authority: Authority,\n reqTimestamp: number,\n request: BaseAuthRequest,\n authCodePayload?: AuthorizationCodePayload,\n userAssertionHash?: string,\n handlingRefreshTokenResponse?: boolean,\n forceCacheRefreshTokenResponse?: boolean,\n serverRequestId?: string\n ): Promise {\n this.performanceClient?.addQueueMeasurement(\n PerformanceEvents.HandleServerTokenResponse,\n serverTokenResponse.correlation_id\n );\n\n // create an idToken object (not entity)\n let idTokenClaims: TokenClaims | undefined;\n if (serverTokenResponse.id_token) {\n idTokenClaims = extractTokenClaims(\n serverTokenResponse.id_token || Constants.EMPTY_STRING,\n this.cryptoObj.base64Decode\n );\n\n // token nonce check (TODO: Add a warning if no nonce is given?)\n if (authCodePayload && authCodePayload.nonce) {\n if (idTokenClaims.nonce !== authCodePayload.nonce) {\n throw createClientAuthError(\n ClientAuthErrorCodes.nonceMismatch\n );\n }\n }\n\n // token max_age check\n if (request.maxAge || request.maxAge === 0) {\n const authTime = idTokenClaims.auth_time;\n if (!authTime) {\n throw createClientAuthError(\n ClientAuthErrorCodes.authTimeNotFound\n );\n }\n\n checkMaxAge(authTime, request.maxAge);\n }\n }\n\n // generate homeAccountId\n this.homeAccountIdentifier = AccountEntity.generateHomeAccountId(\n serverTokenResponse.client_info || Constants.EMPTY_STRING,\n authority.authorityType,\n this.logger,\n this.cryptoObj,\n idTokenClaims\n );\n\n // save the response tokens\n let requestStateObj: RequestStateObject | undefined;\n if (!!authCodePayload && !!authCodePayload.state) {\n requestStateObj = ProtocolUtils.parseRequestState(\n this.cryptoObj,\n authCodePayload.state\n );\n }\n\n // Add keyId from request to serverTokenResponse if defined\n serverTokenResponse.key_id =\n serverTokenResponse.key_id || request.sshKid || undefined;\n\n const cacheRecord = this.generateCacheRecord(\n serverTokenResponse,\n authority,\n reqTimestamp,\n request,\n idTokenClaims,\n userAssertionHash,\n authCodePayload\n );\n let cacheContext;\n try {\n if (this.persistencePlugin && this.serializableCache) {\n this.logger.verbose(\n \"Persistence enabled, calling beforeCacheAccess\"\n );\n cacheContext = new TokenCacheContext(\n this.serializableCache,\n true\n );\n await this.persistencePlugin.beforeCacheAccess(cacheContext);\n }\n /*\n * When saving a refreshed tokens to the cache, it is expected that the account that was used is present in the cache.\n * If not present, we should return null, as it's the case that another application called removeAccount in between\n * the calls to getAllAccounts and acquireTokenSilent. We should not overwrite that removal, unless explicitly flagged by\n * the developer, as in the case of refresh token flow used in ADAL Node to MSAL Node migration.\n */\n if (\n handlingRefreshTokenResponse &&\n !forceCacheRefreshTokenResponse &&\n cacheRecord.account\n ) {\n const key = cacheRecord.account.generateAccountKey();\n const account = this.cacheStorage.getAccount(key, this.logger);\n if (!account) {\n this.logger.warning(\n \"Account used to refresh tokens not in persistence, refreshed tokens will not be stored in the cache\"\n );\n return await ResponseHandler.generateAuthenticationResult(\n this.cryptoObj,\n authority,\n cacheRecord,\n false,\n request,\n idTokenClaims,\n requestStateObj,\n undefined,\n serverRequestId\n );\n }\n }\n await this.cacheStorage.saveCacheRecord(\n cacheRecord,\n request.storeInCache,\n request.correlationId\n );\n } finally {\n if (\n this.persistencePlugin &&\n this.serializableCache &&\n cacheContext\n ) {\n this.logger.verbose(\n \"Persistence enabled, calling afterCacheAccess\"\n );\n await this.persistencePlugin.afterCacheAccess(cacheContext);\n }\n }\n\n return ResponseHandler.generateAuthenticationResult(\n this.cryptoObj,\n authority,\n cacheRecord,\n false,\n request,\n idTokenClaims,\n requestStateObj,\n serverTokenResponse,\n serverRequestId\n );\n }\n\n /**\n * Generates CacheRecord\n * @param serverTokenResponse\n * @param idTokenObj\n * @param authority\n */\n private generateCacheRecord(\n serverTokenResponse: ServerAuthorizationTokenResponse,\n authority: Authority,\n reqTimestamp: number,\n request: BaseAuthRequest,\n idTokenClaims?: TokenClaims,\n userAssertionHash?: string,\n authCodePayload?: AuthorizationCodePayload\n ): CacheRecord {\n const env = authority.getPreferredCache();\n if (!env) {\n throw createClientAuthError(\n ClientAuthErrorCodes.invalidCacheEnvironment\n );\n }\n\n const claimsTenantId = getTenantIdFromIdTokenClaims(idTokenClaims);\n\n // IdToken: non AAD scenarios can have empty realm\n let cachedIdToken: IdTokenEntity | undefined;\n let cachedAccount: AccountEntity | undefined;\n if (serverTokenResponse.id_token && !!idTokenClaims) {\n cachedIdToken = CacheHelpers.createIdTokenEntity(\n this.homeAccountIdentifier,\n env,\n serverTokenResponse.id_token,\n this.clientId,\n claimsTenantId || \"\"\n );\n\n cachedAccount = buildAccountToCache(\n this.cacheStorage,\n authority,\n this.homeAccountIdentifier,\n this.cryptoObj.base64Decode,\n idTokenClaims,\n serverTokenResponse.client_info,\n env,\n claimsTenantId,\n authCodePayload,\n undefined, // nativeAccountId\n this.logger\n );\n }\n\n // AccessToken\n let cachedAccessToken: AccessTokenEntity | null = null;\n if (serverTokenResponse.access_token) {\n // If scopes not returned in server response, use request scopes\n const responseScopes = serverTokenResponse.scope\n ? ScopeSet.fromString(serverTokenResponse.scope)\n : new ScopeSet(request.scopes || []);\n\n /*\n * Use timestamp calculated before request\n * Server may return timestamps as strings, parse to numbers if so.\n */\n const expiresIn: number =\n (typeof serverTokenResponse.expires_in === \"string\"\n ? parseInt(serverTokenResponse.expires_in, 10)\n : serverTokenResponse.expires_in) || 0;\n const extExpiresIn: number =\n (typeof serverTokenResponse.ext_expires_in === \"string\"\n ? parseInt(serverTokenResponse.ext_expires_in, 10)\n : serverTokenResponse.ext_expires_in) || 0;\n const refreshIn: number | undefined =\n (typeof serverTokenResponse.refresh_in === \"string\"\n ? parseInt(serverTokenResponse.refresh_in, 10)\n : serverTokenResponse.refresh_in) || undefined;\n const tokenExpirationSeconds = reqTimestamp + expiresIn;\n const extendedTokenExpirationSeconds =\n tokenExpirationSeconds + extExpiresIn;\n const refreshOnSeconds =\n refreshIn && refreshIn > 0\n ? reqTimestamp + refreshIn\n : undefined;\n\n // non AAD scenarios can have empty realm\n cachedAccessToken = CacheHelpers.createAccessTokenEntity(\n this.homeAccountIdentifier,\n env,\n serverTokenResponse.access_token,\n this.clientId,\n claimsTenantId || authority.tenant || \"\",\n responseScopes.printScopes(),\n tokenExpirationSeconds,\n extendedTokenExpirationSeconds,\n this.cryptoObj.base64Decode,\n refreshOnSeconds,\n serverTokenResponse.token_type,\n userAssertionHash,\n serverTokenResponse.key_id,\n request.claims,\n request.requestedClaimsHash\n );\n }\n\n // refreshToken\n let cachedRefreshToken: RefreshTokenEntity | null = null;\n if (serverTokenResponse.refresh_token) {\n let rtExpiresOn: number | undefined;\n if (serverTokenResponse.refresh_token_expires_in) {\n const rtExpiresIn: number =\n typeof serverTokenResponse.refresh_token_expires_in ===\n \"string\"\n ? parseInt(\n serverTokenResponse.refresh_token_expires_in,\n 10\n )\n : serverTokenResponse.refresh_token_expires_in;\n rtExpiresOn = reqTimestamp + rtExpiresIn;\n }\n cachedRefreshToken = CacheHelpers.createRefreshTokenEntity(\n this.homeAccountIdentifier,\n env,\n serverTokenResponse.refresh_token,\n this.clientId,\n serverTokenResponse.foci,\n userAssertionHash,\n rtExpiresOn\n );\n }\n\n // appMetadata\n let cachedAppMetadata: AppMetadataEntity | null = null;\n if (serverTokenResponse.foci) {\n cachedAppMetadata = {\n clientId: this.clientId,\n environment: env,\n familyId: serverTokenResponse.foci,\n };\n }\n\n return {\n account: cachedAccount,\n idToken: cachedIdToken,\n accessToken: cachedAccessToken,\n refreshToken: cachedRefreshToken,\n appMetadata: cachedAppMetadata,\n };\n }\n\n /**\n * Creates an @AuthenticationResult from @CacheRecord , @IdToken , and a boolean that states whether or not the result is from cache.\n *\n * Optionally takes a state string that is set as-is in the response.\n *\n * @param cacheRecord\n * @param idTokenObj\n * @param fromTokenCache\n * @param stateString\n */\n static async generateAuthenticationResult(\n cryptoObj: ICrypto,\n authority: Authority,\n cacheRecord: CacheRecord,\n fromTokenCache: boolean,\n request: BaseAuthRequest,\n idTokenClaims?: TokenClaims,\n requestState?: RequestStateObject,\n serverTokenResponse?: ServerAuthorizationTokenResponse,\n requestId?: string\n ): Promise {\n let accessToken: string = Constants.EMPTY_STRING;\n let responseScopes: Array = [];\n let expiresOn: Date | null = null;\n let extExpiresOn: Date | undefined;\n let refreshOn: Date | undefined;\n let familyId: string = Constants.EMPTY_STRING;\n\n if (cacheRecord.accessToken) {\n /*\n * if the request object has `popKid` property, `signPopToken` will be set to false and\n * the token will be returned unsigned\n */\n if (\n cacheRecord.accessToken.tokenType ===\n AuthenticationScheme.POP &&\n !request.popKid\n ) {\n const popTokenGenerator: PopTokenGenerator =\n new PopTokenGenerator(cryptoObj);\n const { secret, keyId } = cacheRecord.accessToken;\n\n if (!keyId) {\n throw createClientAuthError(\n ClientAuthErrorCodes.keyIdMissing\n );\n }\n\n accessToken = await popTokenGenerator.signPopToken(\n secret,\n keyId,\n request\n );\n } else {\n accessToken = cacheRecord.accessToken.secret;\n }\n responseScopes = ScopeSet.fromString(\n cacheRecord.accessToken.target\n ).asArray();\n expiresOn = new Date(\n Number(cacheRecord.accessToken.expiresOn) * 1000\n );\n extExpiresOn = new Date(\n Number(cacheRecord.accessToken.extendedExpiresOn) * 1000\n );\n if (cacheRecord.accessToken.refreshOn) {\n refreshOn = new Date(\n Number(cacheRecord.accessToken.refreshOn) * 1000\n );\n }\n }\n\n if (cacheRecord.appMetadata) {\n familyId =\n cacheRecord.appMetadata.familyId === THE_FAMILY_ID\n ? THE_FAMILY_ID\n : \"\";\n }\n const uid = idTokenClaims?.oid || idTokenClaims?.sub || \"\";\n const tid = idTokenClaims?.tid || \"\";\n\n // for hybrid + native bridge enablement, send back the native account Id\n if (serverTokenResponse?.spa_accountid && !!cacheRecord.account) {\n cacheRecord.account.nativeAccountId =\n serverTokenResponse?.spa_accountid;\n }\n\n const accountInfo: AccountInfo | null = cacheRecord.account\n ? updateAccountTenantProfileData(\n cacheRecord.account.getAccountInfo(),\n undefined, // tenantProfile optional\n idTokenClaims,\n cacheRecord.idToken?.secret\n )\n : null;\n\n return {\n authority: authority.canonicalAuthority,\n uniqueId: uid,\n tenantId: tid,\n scopes: responseScopes,\n account: accountInfo,\n idToken: cacheRecord?.idToken?.secret || \"\",\n idTokenClaims: idTokenClaims || {},\n accessToken: accessToken,\n fromCache: fromTokenCache,\n expiresOn: expiresOn,\n extExpiresOn: extExpiresOn,\n refreshOn: refreshOn,\n correlationId: request.correlationId,\n requestId: requestId || Constants.EMPTY_STRING,\n familyId: familyId,\n tokenType:\n cacheRecord.accessToken?.tokenType || Constants.EMPTY_STRING,\n state: requestState\n ? requestState.userRequestState\n : Constants.EMPTY_STRING,\n cloudGraphHostName:\n cacheRecord.account?.cloudGraphHostName ||\n Constants.EMPTY_STRING,\n msGraphHost:\n cacheRecord.account?.msGraphHost || Constants.EMPTY_STRING,\n code: serverTokenResponse?.spa_code,\n fromNativeBroker: false,\n };\n }\n}\n\nexport function buildAccountToCache(\n cacheStorage: CacheManager,\n authority: Authority,\n homeAccountId: string,\n base64Decode: (input: string) => string,\n idTokenClaims?: TokenClaims,\n clientInfo?: string,\n environment?: string,\n claimsTenantId?: string | null,\n authCodePayload?: AuthorizationCodePayload,\n nativeAccountId?: string,\n logger?: Logger\n): AccountEntity {\n logger?.verbose(\"setCachedAccount called\");\n\n // Check if base account is already cached\n const accountKeys = cacheStorage.getAccountKeys();\n const baseAccountKey = accountKeys.find((accountKey: string) => {\n return accountKey.startsWith(homeAccountId);\n });\n\n let cachedAccount: AccountEntity | null = null;\n if (baseAccountKey) {\n cachedAccount = cacheStorage.getAccount(baseAccountKey, logger);\n }\n\n const baseAccount =\n cachedAccount ||\n AccountEntity.createAccount(\n {\n homeAccountId,\n idTokenClaims,\n clientInfo,\n environment,\n cloudGraphHostName: authCodePayload?.cloud_graph_host_name,\n msGraphHost: authCodePayload?.msgraph_host,\n nativeAccountId: nativeAccountId,\n },\n authority,\n base64Decode\n );\n\n const tenantProfiles = baseAccount.tenantProfiles || [];\n const tenantId = claimsTenantId || baseAccount.realm;\n if (\n tenantId &&\n !tenantProfiles.find((tenantProfile) => {\n return tenantProfile.tenantId === tenantId;\n })\n ) {\n const newTenantProfile = buildTenantProfile(\n homeAccountId,\n baseAccount.localAccountId,\n tenantId,\n idTokenClaims\n );\n tenantProfiles.push(newTenantProfile);\n }\n baseAccount.tenantProfiles = tenantProfiles;\n\n return baseAccount;\n}\n","/*\n * Copyright (c) Microsoft Corporation. All rights reserved.\n * Licensed under the MIT License.\n */\n\nimport { ApplicationTelemetry } from \"../../config/ClientConfiguration.js\";\nimport { Logger } from \"../../logger/Logger.js\";\nimport {\n InProgressPerformanceEvent,\n IPerformanceClient,\n PerformanceCallbackFunction,\n QueueMeasurement,\n} from \"./IPerformanceClient.js\";\nimport {\n IntFields,\n PerformanceEvent,\n PerformanceEventAbbreviations,\n PerformanceEventContext,\n PerformanceEvents,\n PerformanceEventStackedContext,\n PerformanceEventStatus,\n} from \"./PerformanceEvent.js\";\nimport { IPerformanceMeasurement } from \"./IPerformanceMeasurement.js\";\nimport { StubPerformanceMeasurement } from \"./StubPerformanceClient.js\";\nimport { AuthError } from \"../../error/AuthError.js\";\nimport { CacheError } from \"../../error/CacheError.js\";\nimport { ServerError } from \"../../error/ServerError.js\";\nimport { InteractionRequiredAuthError } from \"../../error/InteractionRequiredAuthError.js\";\n\nexport interface PreQueueEvent {\n name: PerformanceEvents;\n time: number;\n}\n\n/**\n * Starts context by adding payload to the stack\n * @param event {PerformanceEvent}\n * @param abbreviations {Map} event name abbreviations\n * @param stack {?PerformanceEventStackedContext[]} stack\n */\nexport function startContext(\n event: PerformanceEvent,\n abbreviations: Map,\n stack?: PerformanceEventStackedContext[]\n): void {\n if (!stack) {\n return;\n }\n\n stack.push({\n name: abbreviations.get(event.name) || event.name,\n });\n}\n\n/**\n * Ends context by removing payload from the stack and returning parent or self, if stack is empty, payload\n *\n * @param event {PerformanceEvent}\n * @param abbreviations {Map} event name abbreviations\n * @param stack {?PerformanceEventStackedContext[]} stack\n * @param error {?unknown} error\n */\nexport function endContext(\n event: PerformanceEvent,\n abbreviations: Map,\n stack?: PerformanceEventStackedContext[],\n error?: unknown\n): PerformanceEventContext | undefined {\n if (!stack?.length) {\n return;\n }\n\n const peek = (stack: PerformanceEventStackedContext[]) => {\n return stack.length ? stack[stack.length - 1] : undefined;\n };\n\n const abbrEventName = abbreviations.get(event.name) || event.name;\n const top = peek(stack);\n if (top?.name !== abbrEventName) {\n return;\n }\n\n const current = stack?.pop();\n if (!current) {\n return;\n }\n\n const errorCode =\n error instanceof AuthError\n ? error.errorCode\n : error instanceof Error\n ? error.name\n : undefined;\n const subErr = error instanceof AuthError ? error.subError : undefined;\n\n if (errorCode && current.childErr !== errorCode) {\n current.err = errorCode;\n if (subErr) {\n current.subErr = subErr;\n }\n }\n\n delete current.name;\n delete current.childErr;\n\n const context: PerformanceEventContext = {\n ...current,\n dur: event.durationMs,\n };\n\n if (!event.success) {\n context.fail = 1;\n }\n\n const parent = peek(stack);\n if (!parent) {\n return { [abbrEventName]: context };\n }\n\n if (errorCode) {\n parent.childErr = errorCode;\n }\n\n let childName: string;\n if (!parent[abbrEventName]) {\n childName = abbrEventName;\n } else {\n const siblings = Object.keys(parent).filter((key) =>\n key.startsWith(abbrEventName)\n ).length;\n childName = `${abbrEventName}_${siblings + 1}`;\n }\n parent[childName] = context;\n return parent;\n}\n\n/**\n * Adds error name and stack trace to the telemetry event\n * @param error {Error}\n * @param logger {Logger}\n * @param event {PerformanceEvent}\n * @param stackMaxSize {number} max error stack size to capture\n */\nexport function addError(\n error: unknown,\n logger: Logger,\n event: PerformanceEvent,\n stackMaxSize: number = 5\n): void {\n if (!(error instanceof Error)) {\n logger.trace(\n \"PerformanceClient.addErrorStack: Input error is not instance of Error\",\n event.correlationId\n );\n return;\n } else if (error instanceof AuthError) {\n event.errorCode = error.errorCode;\n event.subErrorCode = error.subError;\n if (\n error instanceof ServerError ||\n error instanceof InteractionRequiredAuthError\n ) {\n event.serverErrorNo = error.errorNo;\n }\n return;\n } else if (error instanceof CacheError) {\n event.errorCode = error.errorCode;\n return;\n } else if (event.errorStack?.length) {\n logger.trace(\n \"PerformanceClient.addErrorStack: Stack already exist\",\n event.correlationId\n );\n return;\n } else if (!error.stack?.length) {\n logger.trace(\n \"PerformanceClient.addErrorStack: Input stack is empty\",\n event.correlationId\n );\n return;\n }\n\n if (error.stack) {\n event.errorStack = compactStack(error.stack, stackMaxSize);\n }\n event.errorName = error.name;\n}\n\n/**\n * Compacts error stack into array by fetching N first entries\n * @param stack {string} error stack\n * @param stackMaxSize {number} max error stack size to capture\n * @returns {string[]}\n */\nexport function compactStack(stack: string, stackMaxSize: number): string[] {\n if (stackMaxSize < 0) {\n return [];\n }\n\n const stackArr = stack.split(\"\\n\") || [];\n\n const res = [];\n\n // Check for a handful of known, common runtime errors and log them (with redaction where applicable).\n const firstLine = stackArr[0];\n if (\n firstLine.startsWith(\"TypeError: Cannot read property\") ||\n firstLine.startsWith(\"TypeError: Cannot read properties of\") ||\n firstLine.startsWith(\"TypeError: Cannot set property\") ||\n firstLine.startsWith(\"TypeError: Cannot set properties of\") ||\n firstLine.endsWith(\"is not a function\")\n ) {\n // These types of errors are not at risk of leaking PII. They will indicate unavailable APIs\n res.push(compactStackLine(firstLine));\n } else if (\n firstLine.startsWith(\"SyntaxError\") ||\n firstLine.startsWith(\"TypeError\")\n ) {\n // Prevent unintentional leaking of arbitrary info by redacting contents between both single and double quotes\n res.push(\n compactStackLine(\n // Example: SyntaxError: Unexpected token 'e', \"test\" is not valid JSON -> SyntaxError: Unexpected token , is not valid JSON\n firstLine.replace(/['].*[']|[\"].*[\"]/g, \"\")\n )\n );\n }\n\n // Get top N stack lines\n for (let ix = 1; ix < stackArr.length; ix++) {\n if (res.length >= stackMaxSize) {\n break;\n }\n const line = stackArr[ix];\n res.push(compactStackLine(line));\n }\n return res;\n}\n\n/**\n * Compacts error stack line by shortening file path\n * Example: https://localhost/msal-common/src/authority/Authority.js:100:1 -> Authority.js:100:1\n * @param line {string} stack line\n * @returns {string}\n */\nexport function compactStackLine(line: string): string {\n const filePathIx = line.lastIndexOf(\" \") + 1;\n if (filePathIx < 1) {\n return line;\n }\n const filePath = line.substring(filePathIx);\n\n let fileNameIx = filePath.lastIndexOf(\"/\");\n fileNameIx = fileNameIx < 0 ? filePath.lastIndexOf(\"\\\\\") : fileNameIx;\n\n if (fileNameIx >= 0) {\n return (\n line.substring(0, filePathIx) +\n \"(\" +\n filePath.substring(fileNameIx + 1) +\n (filePath.charAt(filePath.length - 1) === \")\" ? \"\" : \")\")\n ).trimStart();\n }\n\n return line.trimStart();\n}\n\nexport abstract class PerformanceClient implements IPerformanceClient {\n protected authority: string;\n protected libraryName: string;\n protected libraryVersion: string;\n protected applicationTelemetry: ApplicationTelemetry;\n protected clientId: string;\n protected logger: Logger;\n protected callbacks: Map;\n\n /**\n * Multiple events with the same correlation id.\n * @protected\n * @type {Map}\n */\n protected eventsByCorrelationId: Map;\n\n /**\n * Map of pre-queue times by correlation Id\n *\n * @protected\n * @type {Map}\n */\n protected preQueueTimeByCorrelationId: Map;\n\n /**\n * Map of queue measurements by correlation Id\n *\n * @protected\n * @type {Map>}\n */\n protected queueMeasurements: Map>;\n\n protected intFields: Set;\n\n /**\n * Map of stacked events by correlation id.\n *\n * @protected\n */\n protected eventStack: Map;\n\n /**\n * Event name abbreviations\n *\n * @protected\n */\n protected abbreviations: Map;\n\n /**\n * Creates an instance of PerformanceClient,\n * an abstract class containing core performance telemetry logic.\n *\n * @constructor\n * @param {string} clientId Client ID of the application\n * @param {string} authority Authority used by the application\n * @param {Logger} logger Logger used by the application\n * @param {string} libraryName Name of the library\n * @param {string} libraryVersion Version of the library\n * @param {ApplicationTelemetry} applicationTelemetry application name and version\n * @param {Set} intFields integer fields to be truncated\n * @param {Map} abbreviations event name abbreviations\n */\n constructor(\n clientId: string,\n authority: string,\n logger: Logger,\n libraryName: string,\n libraryVersion: string,\n applicationTelemetry: ApplicationTelemetry,\n intFields?: Set,\n abbreviations?: Map\n ) {\n this.authority = authority;\n this.libraryName = libraryName;\n this.libraryVersion = libraryVersion;\n this.applicationTelemetry = applicationTelemetry;\n this.clientId = clientId;\n this.logger = logger;\n this.callbacks = new Map();\n this.eventsByCorrelationId = new Map();\n this.eventStack = new Map();\n this.queueMeasurements = new Map();\n this.preQueueTimeByCorrelationId = new Map();\n this.intFields = intFields || new Set();\n for (const item of IntFields) {\n this.intFields.add(item);\n }\n this.abbreviations = abbreviations || new Map();\n for (const [key, value] of PerformanceEventAbbreviations) {\n this.abbreviations.set(key, value);\n }\n }\n\n /**\n * Generates and returns a unique id, typically a guid.\n *\n * @abstract\n * @returns {string}\n */\n abstract generateId(): string;\n\n /**\n * Starts and returns an platform-specific implementation of IPerformanceMeasurement.\n * Note: this function can be changed to abstract at the next major version bump.\n *\n * @param {string} measureName\n * @param {string} correlationId\n * @returns {IPerformanceMeasurement}\n * @deprecated This method will be removed in the next major version\n */\n startPerformanceMeasurement(\n measureName: string, // eslint-disable-line @typescript-eslint/no-unused-vars\n correlationId: string // eslint-disable-line @typescript-eslint/no-unused-vars\n ): IPerformanceMeasurement {\n return {} as IPerformanceMeasurement;\n }\n\n /**\n * Sets pre-queue time by correlation Id\n *\n * @abstract\n * @param {PerformanceEvents} eventName\n * @param {string} correlationId\n * @returns\n */\n abstract setPreQueueTime(\n eventName: PerformanceEvents,\n correlationId?: string\n ): void;\n\n /**\n * Gets map of pre-queue times by correlation Id\n *\n * @param {PerformanceEvents} eventName\n * @param {string} correlationId\n * @returns {number}\n */\n getPreQueueTime(eventName: string, correlationId: string): number | void {\n const preQueueEvent: PreQueueEvent | undefined =\n this.preQueueTimeByCorrelationId.get(correlationId);\n\n if (!preQueueEvent) {\n this.logger.trace(\n `PerformanceClient.getPreQueueTime: no pre-queue times found for correlationId: ${correlationId}, unable to add queue measurement`\n );\n return;\n } else if (preQueueEvent.name !== eventName) {\n this.logger.trace(\n `PerformanceClient.getPreQueueTime: no pre-queue time found for ${eventName}, unable to add queue measurement`\n );\n return;\n }\n\n return preQueueEvent.time;\n }\n\n /**\n * Calculates the difference between current time and time when function was queued.\n * Note: It is possible to have 0 as the queue time if the current time and the queued time was the same.\n *\n * @param {number} preQueueTime\n * @param {number} currentTime\n * @returns {number}\n */\n calculateQueuedTime(preQueueTime: number, currentTime: number): number {\n if (preQueueTime < 1) {\n this.logger.trace(\n `PerformanceClient: preQueueTime should be a positive integer and not ${preQueueTime}`\n );\n return 0;\n }\n\n if (currentTime < 1) {\n this.logger.trace(\n `PerformanceClient: currentTime should be a positive integer and not ${currentTime}`\n );\n return 0;\n }\n\n if (currentTime < preQueueTime) {\n this.logger.trace(\n \"PerformanceClient: currentTime is less than preQueueTime, check how time is being retrieved\"\n );\n return 0;\n }\n\n return currentTime - preQueueTime;\n }\n\n /**\n * Adds queue measurement time to QueueMeasurements array for given correlation ID.\n *\n * @param {PerformanceEvents} eventName\n * @param {?string} correlationId\n * @param {?number} queueTime\n * @param {?boolean} manuallyCompleted - indicator for manually completed queue measurements\n * @returns\n */\n addQueueMeasurement(\n eventName: string,\n correlationId?: string,\n queueTime?: number,\n manuallyCompleted?: boolean\n ): void {\n if (!correlationId) {\n this.logger.trace(\n `PerformanceClient.addQueueMeasurement: correlationId not provided for ${eventName}, cannot add queue measurement`\n );\n return;\n }\n\n if (queueTime === 0) {\n // Possible for there to be no queue time after calculation\n this.logger.trace(\n `PerformanceClient.addQueueMeasurement: queue time provided for ${eventName} is ${queueTime}`\n );\n } else if (!queueTime) {\n this.logger.trace(\n `PerformanceClient.addQueueMeasurement: no queue time provided for ${eventName}`\n );\n return;\n }\n\n const queueMeasurement: QueueMeasurement = {\n eventName,\n // Always default queue time to 0 for manually completed (improperly instrumented)\n queueTime: manuallyCompleted ? 0 : queueTime,\n manuallyCompleted,\n };\n\n // Adds to existing correlation Id if present in queueMeasurements\n const existingMeasurements = this.queueMeasurements.get(correlationId);\n if (existingMeasurements) {\n existingMeasurements.push(queueMeasurement);\n this.queueMeasurements.set(correlationId, existingMeasurements);\n } else {\n // Sets new correlation Id if not present in queueMeasurements\n this.logger.trace(\n `PerformanceClient.addQueueMeasurement: adding correlationId ${correlationId} to queue measurements`\n );\n const measurementArray = [queueMeasurement];\n this.queueMeasurements.set(correlationId, measurementArray);\n }\n // Delete processed pre-queue event.\n this.preQueueTimeByCorrelationId.delete(correlationId);\n }\n\n /**\n * Starts measuring performance for a given operation. Returns a function that should be used to end the measurement.\n *\n * @param {PerformanceEvents} measureName\n * @param {?string} [correlationId]\n * @returns {InProgressPerformanceEvent}\n */\n startMeasurement(\n measureName: string,\n correlationId?: string\n ): InProgressPerformanceEvent {\n // Generate a placeholder correlation if the request does not provide one\n const eventCorrelationId = correlationId || this.generateId();\n if (!correlationId) {\n this.logger.info(\n `PerformanceClient: No correlation id provided for ${measureName}, generating`,\n eventCorrelationId\n );\n }\n\n this.logger.trace(\n `PerformanceClient: Performance measurement started for ${measureName}`,\n eventCorrelationId\n );\n\n const inProgressEvent: PerformanceEvent = {\n eventId: this.generateId(),\n status: PerformanceEventStatus.InProgress,\n authority: this.authority,\n libraryName: this.libraryName,\n libraryVersion: this.libraryVersion,\n clientId: this.clientId,\n name: measureName,\n startTimeMs: Date.now(),\n correlationId: eventCorrelationId,\n appName: this.applicationTelemetry?.appName,\n appVersion: this.applicationTelemetry?.appVersion,\n };\n\n // Store in progress events so they can be discarded if not ended properly\n this.cacheEventByCorrelationId(inProgressEvent);\n startContext(\n inProgressEvent,\n this.abbreviations,\n this.eventStack.get(eventCorrelationId)\n );\n\n // Return the event and functions the caller can use to properly end/flush the measurement\n return {\n end: (\n event?: Partial,\n error?: unknown\n ): PerformanceEvent | null => {\n return this.endMeasurement(\n {\n // Initial set of event properties\n ...inProgressEvent,\n // Properties set when event ends\n ...event,\n },\n error\n );\n },\n discard: () => {\n return this.discardMeasurements(inProgressEvent.correlationId);\n },\n add: (fields: { [key: string]: {} | undefined }) => {\n return this.addFields(fields, inProgressEvent.correlationId);\n },\n increment: (fields: { [key: string]: number | undefined }) => {\n return this.incrementFields(\n fields,\n inProgressEvent.correlationId\n );\n },\n event: inProgressEvent,\n measurement: new StubPerformanceMeasurement(),\n };\n }\n\n /**\n * Stops measuring the performance for an operation. Should only be called directly by PerformanceClient classes,\n * as consumers should instead use the function returned by startMeasurement.\n * Adds a new field named as \"[event name]DurationMs\" for sub-measurements, completes and emits an event\n * otherwise.\n *\n * @param {PerformanceEvent} event\n * @param {unknown} error\n * @returns {(PerformanceEvent | null)}\n */\n endMeasurement(\n event: PerformanceEvent,\n error?: unknown\n ): PerformanceEvent | null {\n const rootEvent: PerformanceEvent | undefined =\n this.eventsByCorrelationId.get(event.correlationId);\n if (!rootEvent) {\n this.logger.trace(\n `PerformanceClient: Measurement not found for ${event.eventId}`,\n event.correlationId\n );\n return null;\n }\n\n const isRoot = event.eventId === rootEvent.eventId;\n let queueInfo = {\n totalQueueTime: 0,\n totalQueueCount: 0,\n manuallyCompletedCount: 0,\n };\n\n event.durationMs = Math.round(\n event.durationMs || this.getDurationMs(event.startTimeMs)\n );\n\n const context = JSON.stringify(\n endContext(\n event,\n this.abbreviations,\n this.eventStack.get(rootEvent.correlationId),\n error\n )\n );\n\n if (isRoot) {\n queueInfo = this.getQueueInfo(event.correlationId);\n this.discardMeasurements(rootEvent.correlationId);\n } else {\n rootEvent.incompleteSubMeasurements?.delete(event.eventId);\n }\n\n this.logger.trace(\n `PerformanceClient: Performance measurement ended for ${event.name}: ${event.durationMs} ms`,\n event.correlationId\n );\n\n if (error) {\n addError(error, this.logger, rootEvent);\n }\n\n // Add sub-measurement attribute to root event.\n if (!isRoot) {\n rootEvent[event.name + \"DurationMs\"] = Math.floor(event.durationMs);\n return { ...rootEvent };\n }\n\n if (\n isRoot &&\n !error &&\n (rootEvent.errorCode || rootEvent.subErrorCode)\n ) {\n this.logger.trace(\n `PerformanceClient: Remove error and sub-error codes for root event ${event.name} as intermediate error was successfully handled`,\n event.correlationId\n );\n rootEvent.errorCode = undefined;\n rootEvent.subErrorCode = undefined;\n }\n\n let finalEvent: PerformanceEvent = { ...rootEvent, ...event };\n let incompleteSubsCount: number = 0;\n // Incomplete sub-measurements are discarded. They are likely an instrumentation bug that should be fixed.\n finalEvent.incompleteSubMeasurements?.forEach((subMeasurement) => {\n this.logger.trace(\n `PerformanceClient: Incomplete submeasurement ${subMeasurement.name} found for ${event.name}`,\n finalEvent.correlationId\n );\n incompleteSubsCount++;\n });\n finalEvent.incompleteSubMeasurements = undefined;\n\n finalEvent = {\n ...finalEvent,\n queuedTimeMs: queueInfo.totalQueueTime,\n queuedCount: queueInfo.totalQueueCount,\n queuedManuallyCompletedCount: queueInfo.manuallyCompletedCount,\n status: PerformanceEventStatus.Completed,\n incompleteSubsCount,\n context,\n };\n this.truncateIntegralFields(finalEvent);\n this.emitEvents([finalEvent], event.correlationId);\n\n return finalEvent;\n }\n\n /**\n * Saves extra information to be emitted when the measurements are flushed\n * @param fields\n * @param correlationId\n */\n addFields(\n fields: { [key: string]: {} | undefined },\n correlationId: string\n ): void {\n this.logger.trace(\"PerformanceClient: Updating static fields\");\n const event = this.eventsByCorrelationId.get(correlationId);\n if (event) {\n this.eventsByCorrelationId.set(correlationId, {\n ...event,\n ...fields,\n });\n } else {\n this.logger.trace(\n \"PerformanceClient: Event not found for\",\n correlationId\n );\n }\n }\n\n /**\n * Increment counters to be emitted when the measurements are flushed\n * @param fields {string[]}\n * @param correlationId {string} correlation identifier\n */\n incrementFields(\n fields: { [key: string]: number | undefined },\n correlationId: string\n ): void {\n this.logger.trace(\"PerformanceClient: Updating counters\");\n const event = this.eventsByCorrelationId.get(correlationId);\n if (event) {\n for (const counter in fields) {\n if (!event.hasOwnProperty(counter)) {\n event[counter] = 0;\n } else if (isNaN(Number(event[counter]))) {\n return;\n }\n event[counter] += fields[counter];\n }\n } else {\n this.logger.trace(\n \"PerformanceClient: Event not found for\",\n correlationId\n );\n }\n }\n\n /**\n * Upserts event into event cache.\n * First key is the correlation id, second key is the event id.\n * Allows for events to be grouped by correlation id,\n * and to easily allow for properties on them to be updated.\n *\n * @private\n * @param {PerformanceEvent} event\n */\n protected cacheEventByCorrelationId(event: PerformanceEvent): void {\n const rootEvent = this.eventsByCorrelationId.get(event.correlationId);\n if (rootEvent) {\n this.logger.trace(\n `PerformanceClient: Performance measurement for ${event.name} added/updated`,\n event.correlationId\n );\n rootEvent.incompleteSubMeasurements =\n rootEvent.incompleteSubMeasurements || new Map();\n rootEvent.incompleteSubMeasurements.set(event.eventId, {\n name: event.name,\n startTimeMs: event.startTimeMs,\n });\n } else {\n this.logger.trace(\n `PerformanceClient: Performance measurement for ${event.name} started`,\n event.correlationId\n );\n this.eventsByCorrelationId.set(event.correlationId, { ...event });\n this.eventStack.set(event.correlationId, []);\n }\n }\n\n private getQueueInfo(correlationId: string): {\n totalQueueTime: number;\n totalQueueCount: number;\n manuallyCompletedCount: number;\n } {\n const queueMeasurementForCorrelationId =\n this.queueMeasurements.get(correlationId);\n if (!queueMeasurementForCorrelationId) {\n this.logger.trace(\n `PerformanceClient: no queue measurements found for for correlationId: ${correlationId}`\n );\n }\n\n let totalQueueTime = 0;\n let totalQueueCount = 0;\n let manuallyCompletedCount = 0;\n queueMeasurementForCorrelationId?.forEach((measurement) => {\n totalQueueTime += measurement.queueTime;\n totalQueueCount++;\n manuallyCompletedCount += measurement.manuallyCompleted ? 1 : 0;\n });\n\n return {\n totalQueueTime,\n totalQueueCount,\n manuallyCompletedCount,\n };\n }\n\n /**\n * Removes measurements and aux data for a given correlation id.\n *\n * @param {string} correlationId\n */\n discardMeasurements(correlationId: string): void {\n this.logger.trace(\n \"PerformanceClient: Performance measurements discarded\",\n correlationId\n );\n this.eventsByCorrelationId.delete(correlationId);\n\n this.logger.trace(\n \"PerformanceClient: QueueMeasurements discarded\",\n correlationId\n );\n this.queueMeasurements.delete(correlationId);\n\n this.logger.trace(\n \"PerformanceClient: Pre-queue times discarded\",\n correlationId\n );\n this.preQueueTimeByCorrelationId.delete(correlationId);\n\n this.logger.trace(\n \"PerformanceClient: Event stack discarded\",\n correlationId\n );\n this.eventStack.delete(correlationId);\n }\n\n /**\n * Registers a callback function to receive performance events.\n *\n * @param {PerformanceCallbackFunction} callback\n * @returns {string}\n */\n addPerformanceCallback(callback: PerformanceCallbackFunction): string {\n for (const [id, cb] of this.callbacks) {\n if (cb.toString() === callback.toString()) {\n this.logger.warning(\n `PerformanceClient: Performance callback is already registered with id: ${id}`\n );\n return id;\n }\n }\n\n const callbackId = this.generateId();\n this.callbacks.set(callbackId, callback);\n this.logger.verbose(\n `PerformanceClient: Performance callback registered with id: ${callbackId}`\n );\n\n return callbackId;\n }\n\n /**\n * Removes a callback registered with addPerformanceCallback.\n *\n * @param {string} callbackId\n * @returns {boolean}\n */\n removePerformanceCallback(callbackId: string): boolean {\n const result = this.callbacks.delete(callbackId);\n\n if (result) {\n this.logger.verbose(\n `PerformanceClient: Performance callback ${callbackId} removed.`\n );\n } else {\n this.logger.verbose(\n `PerformanceClient: Performance callback ${callbackId} not removed.`\n );\n }\n\n return result;\n }\n\n /**\n * Emits events to all registered callbacks.\n *\n * @param {PerformanceEvent[]} events\n * @param {?string} [correlationId]\n */\n emitEvents(events: PerformanceEvent[], correlationId: string): void {\n this.logger.verbose(\n \"PerformanceClient: Emitting performance events\",\n correlationId\n );\n\n this.callbacks.forEach(\n (callback: PerformanceCallbackFunction, callbackId: string) => {\n this.logger.trace(\n `PerformanceClient: Emitting event to callback ${callbackId}`,\n correlationId\n );\n callback.apply(null, [events]);\n }\n );\n }\n\n /**\n * Enforce truncation of integral fields in performance event.\n * @param {PerformanceEvent} event performance event to update.\n */\n private truncateIntegralFields(event: PerformanceEvent): void {\n this.intFields.forEach((key) => {\n if (key in event && typeof event[key] === \"number\") {\n event[key] = Math.floor(event[key]);\n }\n });\n }\n\n /**\n * Returns event duration in milliseconds\n * @param startTimeMs {number}\n * @returns {number}\n */\n private getDurationMs(startTimeMs: number): number {\n const durationMs = Date.now() - startTimeMs;\n // Handle clock skew\n return durationMs < 0 ? durationMs : 0;\n }\n}\n","/*\n * Copyright (c) Microsoft Corporation. All rights reserved.\n * Licensed under the MIT License.\n */\n\n/**\n * Enumeration of operations that are instrumented by have their performance measured by the PerformanceClient.\n *\n * @export\n * @enum {number}\n */\nexport const PerformanceEvents = {\n /**\n * acquireTokenByCode API (msal-browser and msal-node).\n * Used to acquire tokens by trading an authorization code against the token endpoint.\n */\n AcquireTokenByCode: \"acquireTokenByCode\",\n\n /**\n * acquireTokenByRefreshToken API (msal-browser and msal-node).\n * Used to renew an access token using a refresh token against the token endpoint.\n */\n AcquireTokenByRefreshToken: \"acquireTokenByRefreshToken\",\n\n /**\n * acquireTokenSilent API (msal-browser and msal-node).\n * Used to silently acquire a new access token (from the cache or the network).\n */\n AcquireTokenSilent: \"acquireTokenSilent\",\n\n /**\n * acquireTokenSilentAsync (msal-browser).\n * Internal API for acquireTokenSilent.\n */\n AcquireTokenSilentAsync: \"acquireTokenSilentAsync\",\n\n /**\n * acquireTokenPopup (msal-browser).\n * Used to acquire a new access token interactively through pop ups\n */\n AcquireTokenPopup: \"acquireTokenPopup\",\n\n /**\n * acquireTokenPreRedirect (msal-browser).\n * First part of the redirect flow.\n * Used to acquire a new access token interactively through redirects.\n */\n AcquireTokenPreRedirect: \"acquireTokenPreRedirect\",\n\n /**\n * acquireTokenRedirect (msal-browser).\n * Second part of the redirect flow.\n * Used to acquire a new access token interactively through redirects.\n */\n AcquireTokenRedirect: \"acquireTokenRedirect\",\n\n /**\n * getPublicKeyThumbprint API in CryptoOpts class (msal-browser).\n * Used to generate a public/private keypair and generate a public key thumbprint for pop requests.\n */\n CryptoOptsGetPublicKeyThumbprint: \"cryptoOptsGetPublicKeyThumbprint\",\n\n /**\n * signJwt API in CryptoOpts class (msal-browser).\n * Used to signed a pop token.\n */\n CryptoOptsSignJwt: \"cryptoOptsSignJwt\",\n\n /**\n * acquireToken API in the SilentCacheClient class (msal-browser).\n * Used to read access tokens from the cache.\n */\n SilentCacheClientAcquireToken: \"silentCacheClientAcquireToken\",\n\n /**\n * acquireToken API in the SilentIframeClient class (msal-browser).\n * Used to acquire a new set of tokens from the authorize endpoint in a hidden iframe.\n */\n SilentIframeClientAcquireToken: \"silentIframeClientAcquireToken\",\n AwaitConcurrentIframe: \"awaitConcurrentIframe\", // Time spent waiting for a concurrent iframe to complete\n\n /**\n * acquireToken API in SilentRereshClient (msal-browser).\n * Used to acquire a new set of tokens from the token endpoint using a refresh token.\n */\n SilentRefreshClientAcquireToken: \"silentRefreshClientAcquireToken\",\n\n /**\n * ssoSilent API (msal-browser).\n * Used to silently acquire an authorization code and set of tokens using a hidden iframe.\n */\n SsoSilent: \"ssoSilent\",\n\n /**\n * getDiscoveredAuthority API in StandardInteractionClient class (msal-browser).\n * Used to load authority metadata for a request.\n */\n StandardInteractionClientGetDiscoveredAuthority:\n \"standardInteractionClientGetDiscoveredAuthority\",\n\n /**\n * acquireToken APIs in msal-browser.\n * Used to make an /authorize endpoint call with native brokering enabled.\n */\n FetchAccountIdWithNativeBroker: \"fetchAccountIdWithNativeBroker\",\n\n /**\n * acquireToken API in NativeInteractionClient class (msal-browser).\n * Used to acquire a token from Native component when native brokering is enabled.\n */\n NativeInteractionClientAcquireToken: \"nativeInteractionClientAcquireToken\",\n /**\n * Time spent creating default headers for requests to token endpoint\n */\n BaseClientCreateTokenRequestHeaders: \"baseClientCreateTokenRequestHeaders\",\n /**\n * Time spent sending/waiting for the response of a request to the token endpoint\n */\n NetworkClientSendPostRequestAsync: \"networkClientSendPostRequestAsync\",\n RefreshTokenClientExecutePostToTokenEndpoint:\n \"refreshTokenClientExecutePostToTokenEndpoint\",\n AuthorizationCodeClientExecutePostToTokenEndpoint:\n \"authorizationCodeClientExecutePostToTokenEndpoint\",\n /**\n * Used to measure the time taken for completing embedded-broker handshake (PW-Broker).\n */\n BrokerHandhshake: \"brokerHandshake\",\n /**\n * acquireTokenByRefreshToken API in BrokerClientApplication (PW-Broker) .\n */\n AcquireTokenByRefreshTokenInBroker: \"acquireTokenByRefreshTokenInBroker\",\n /**\n * Time taken for token acquisition by broker\n */\n AcquireTokenByBroker: \"acquireTokenByBroker\",\n\n /**\n * Time spent on the network for refresh token acquisition\n */\n RefreshTokenClientExecuteTokenRequest:\n \"refreshTokenClientExecuteTokenRequest\",\n\n /**\n * Time taken for acquiring refresh token , records RT size\n */\n RefreshTokenClientAcquireToken: \"refreshTokenClientAcquireToken\",\n\n /**\n * Time taken for acquiring cached refresh token\n */\n RefreshTokenClientAcquireTokenWithCachedRefreshToken:\n \"refreshTokenClientAcquireTokenWithCachedRefreshToken\",\n\n /**\n * acquireTokenByRefreshToken API in RefreshTokenClient (msal-common).\n */\n RefreshTokenClientAcquireTokenByRefreshToken:\n \"refreshTokenClientAcquireTokenByRefreshToken\",\n\n /**\n * Helper function to create token request body in RefreshTokenClient (msal-common).\n */\n RefreshTokenClientCreateTokenRequestBody:\n \"refreshTokenClientCreateTokenRequestBody\",\n\n /**\n * acquireTokenFromCache (msal-browser).\n * Internal API for acquiring token from cache\n */\n AcquireTokenFromCache: \"acquireTokenFromCache\",\n SilentFlowClientAcquireCachedToken: \"silentFlowClientAcquireCachedToken\",\n SilentFlowClientGenerateResultFromCacheRecord:\n \"silentFlowClientGenerateResultFromCacheRecord\",\n\n /**\n * acquireTokenBySilentIframe (msal-browser).\n * Internal API for acquiring token by silent Iframe\n */\n AcquireTokenBySilentIframe: \"acquireTokenBySilentIframe\",\n\n /**\n * Internal API for initializing base request in BaseInteractionClient (msal-browser)\n */\n InitializeBaseRequest: \"initializeBaseRequest\",\n\n /**\n * Internal API for initializing silent request in SilentCacheClient (msal-browser)\n */\n InitializeSilentRequest: \"initializeSilentRequest\",\n\n InitializeClientApplication: \"initializeClientApplication\",\n\n /**\n * Helper function in SilentIframeClient class (msal-browser).\n */\n SilentIframeClientTokenHelper: \"silentIframeClientTokenHelper\",\n\n /**\n * SilentHandler\n */\n SilentHandlerInitiateAuthRequest: \"silentHandlerInitiateAuthRequest\",\n SilentHandlerMonitorIframeForHash: \"silentHandlerMonitorIframeForHash\",\n SilentHandlerLoadFrame: \"silentHandlerLoadFrame\",\n SilentHandlerLoadFrameSync: \"silentHandlerLoadFrameSync\",\n\n /**\n * Helper functions in StandardInteractionClient class (msal-browser)\n */\n StandardInteractionClientCreateAuthCodeClient:\n \"standardInteractionClientCreateAuthCodeClient\",\n StandardInteractionClientGetClientConfiguration:\n \"standardInteractionClientGetClientConfiguration\",\n StandardInteractionClientInitializeAuthorizationRequest:\n \"standardInteractionClientInitializeAuthorizationRequest\",\n StandardInteractionClientInitializeAuthorizationCodeRequest:\n \"standardInteractionClientInitializeAuthorizationCodeRequest\",\n\n /**\n * getAuthCodeUrl API (msal-browser and msal-node).\n */\n GetAuthCodeUrl: \"getAuthCodeUrl\",\n\n /**\n * Functions from InteractionHandler (msal-browser)\n */\n HandleCodeResponseFromServer: \"handleCodeResponseFromServer\",\n HandleCodeResponse: \"handleCodeResponse\",\n UpdateTokenEndpointAuthority: \"updateTokenEndpointAuthority\",\n\n /**\n * APIs in Authorization Code Client (msal-common)\n */\n AuthClientAcquireToken: \"authClientAcquireToken\",\n AuthClientExecuteTokenRequest: \"authClientExecuteTokenRequest\",\n AuthClientCreateTokenRequestBody: \"authClientCreateTokenRequestBody\",\n AuthClientCreateQueryString: \"authClientCreateQueryString\",\n\n /**\n * Generate functions in PopTokenGenerator (msal-common)\n */\n PopTokenGenerateCnf: \"popTokenGenerateCnf\",\n PopTokenGenerateKid: \"popTokenGenerateKid\",\n\n /**\n * handleServerTokenResponse API in ResponseHandler (msal-common)\n */\n HandleServerTokenResponse: \"handleServerTokenResponse\",\n DeserializeResponse: \"deserializeResponse\",\n\n /**\n * Authority functions\n */\n AuthorityFactoryCreateDiscoveredInstance:\n \"authorityFactoryCreateDiscoveredInstance\",\n AuthorityResolveEndpointsAsync: \"authorityResolveEndpointsAsync\",\n AuthorityResolveEndpointsFromLocalSources:\n \"authorityResolveEndpointsFromLocalSources\",\n AuthorityGetCloudDiscoveryMetadataFromNetwork:\n \"authorityGetCloudDiscoveryMetadataFromNetwork\",\n AuthorityUpdateCloudDiscoveryMetadata:\n \"authorityUpdateCloudDiscoveryMetadata\",\n AuthorityGetEndpointMetadataFromNetwork:\n \"authorityGetEndpointMetadataFromNetwork\",\n AuthorityUpdateEndpointMetadata: \"authorityUpdateEndpointMetadata\",\n AuthorityUpdateMetadataWithRegionalInformation:\n \"authorityUpdateMetadataWithRegionalInformation\",\n\n /**\n * Region Discovery functions\n */\n RegionDiscoveryDetectRegion: \"regionDiscoveryDetectRegion\",\n RegionDiscoveryGetRegionFromIMDS: \"regionDiscoveryGetRegionFromIMDS\",\n RegionDiscoveryGetCurrentVersion: \"regionDiscoveryGetCurrentVersion\",\n\n AcquireTokenByCodeAsync: \"acquireTokenByCodeAsync\",\n\n GetEndpointMetadataFromNetwork: \"getEndpointMetadataFromNetwork\",\n GetCloudDiscoveryMetadataFromNetworkMeasurement:\n \"getCloudDiscoveryMetadataFromNetworkMeasurement\",\n\n HandleRedirectPromiseMeasurement: \"handleRedirectPromise\",\n HandleNativeRedirectPromiseMeasurement: \"handleNativeRedirectPromise\",\n\n UpdateCloudDiscoveryMetadataMeasurement:\n \"updateCloudDiscoveryMetadataMeasurement\",\n\n UsernamePasswordClientAcquireToken: \"usernamePasswordClientAcquireToken\",\n\n NativeMessageHandlerHandshake: \"nativeMessageHandlerHandshake\",\n\n NativeGenerateAuthResult: \"nativeGenerateAuthResult\",\n\n RemoveHiddenIframe: \"removeHiddenIframe\",\n\n /**\n * Cache operations\n */\n ClearTokensAndKeysWithClaims: \"clearTokensAndKeysWithClaims\",\n CacheManagerGetRefreshToken: \"cacheManagerGetRefreshToken\",\n\n /**\n * Crypto Operations\n */\n GeneratePkceCodes: \"generatePkceCodes\",\n GenerateCodeVerifier: \"generateCodeVerifier\",\n GenerateCodeChallengeFromVerifier: \"generateCodeChallengeFromVerifier\",\n Sha256Digest: \"sha256Digest\",\n GetRandomValues: \"getRandomValues\",\n} as const;\nexport type PerformanceEvents =\n (typeof PerformanceEvents)[keyof typeof PerformanceEvents];\n\nexport const PerformanceEventAbbreviations: ReadonlyMap =\n new Map([\n [PerformanceEvents.AcquireTokenByCode, \"ATByCode\"],\n [PerformanceEvents.AcquireTokenByRefreshToken, \"ATByRT\"],\n [PerformanceEvents.AcquireTokenSilent, \"ATS\"],\n [PerformanceEvents.AcquireTokenSilentAsync, \"ATSAsync\"],\n [PerformanceEvents.AcquireTokenPopup, \"ATPopup\"],\n [PerformanceEvents.AcquireTokenRedirect, \"ATRedirect\"],\n [\n PerformanceEvents.CryptoOptsGetPublicKeyThumbprint,\n \"CryptoGetPKThumb\",\n ],\n [PerformanceEvents.CryptoOptsSignJwt, \"CryptoSignJwt\"],\n [PerformanceEvents.SilentCacheClientAcquireToken, \"SltCacheClientAT\"],\n [PerformanceEvents.SilentIframeClientAcquireToken, \"SltIframeClientAT\"],\n [PerformanceEvents.SilentRefreshClientAcquireToken, \"SltRClientAT\"],\n [PerformanceEvents.SsoSilent, \"SsoSlt\"],\n [\n PerformanceEvents.StandardInteractionClientGetDiscoveredAuthority,\n \"StdIntClientGetDiscAuth\",\n ],\n [\n PerformanceEvents.FetchAccountIdWithNativeBroker,\n \"FetchAccIdWithNtvBroker\",\n ],\n [\n PerformanceEvents.NativeInteractionClientAcquireToken,\n \"NtvIntClientAT\",\n ],\n [\n PerformanceEvents.BaseClientCreateTokenRequestHeaders,\n \"BaseClientCreateTReqHead\",\n ],\n [\n PerformanceEvents.NetworkClientSendPostRequestAsync,\n \"NetClientSendPost\",\n ],\n [\n PerformanceEvents.RefreshTokenClientExecutePostToTokenEndpoint,\n \"RTClientExecPost\",\n ],\n [\n PerformanceEvents.AuthorizationCodeClientExecutePostToTokenEndpoint,\n \"AuthCodeClientExecPost\",\n ],\n [PerformanceEvents.BrokerHandhshake, \"BrokerHandshake\"],\n [\n PerformanceEvents.AcquireTokenByRefreshTokenInBroker,\n \"ATByRTInBroker\",\n ],\n [PerformanceEvents.AcquireTokenByBroker, \"ATByBroker\"],\n [\n PerformanceEvents.RefreshTokenClientExecuteTokenRequest,\n \"RTClientExecTReq\",\n ],\n [PerformanceEvents.RefreshTokenClientAcquireToken, \"RTClientAT\"],\n [\n PerformanceEvents.RefreshTokenClientAcquireTokenWithCachedRefreshToken,\n \"RTClientATWithCachedRT\",\n ],\n [\n PerformanceEvents.RefreshTokenClientAcquireTokenByRefreshToken,\n \"RTClientATByRT\",\n ],\n [\n PerformanceEvents.RefreshTokenClientCreateTokenRequestBody,\n \"RTClientCreateTReqBody\",\n ],\n [PerformanceEvents.AcquireTokenFromCache, \"ATFromCache\"],\n [\n PerformanceEvents.SilentFlowClientAcquireCachedToken,\n \"SltFlowClientATCached\",\n ],\n [\n PerformanceEvents.SilentFlowClientGenerateResultFromCacheRecord,\n \"SltFlowClientGenResFromCache\",\n ],\n [PerformanceEvents.AcquireTokenBySilentIframe, \"ATBySltIframe\"],\n [PerformanceEvents.InitializeBaseRequest, \"InitBaseReq\"],\n [PerformanceEvents.InitializeSilentRequest, \"InitSltReq\"],\n [\n PerformanceEvents.InitializeClientApplication,\n \"InitClientApplication\",\n ],\n [PerformanceEvents.SilentIframeClientTokenHelper, \"SIClientTHelper\"],\n [\n PerformanceEvents.SilentHandlerInitiateAuthRequest,\n \"SHandlerInitAuthReq\",\n ],\n [\n PerformanceEvents.SilentHandlerMonitorIframeForHash,\n \"SltHandlerMonitorIframeForHash\",\n ],\n [PerformanceEvents.SilentHandlerLoadFrame, \"SHandlerLoadFrame\"],\n [PerformanceEvents.SilentHandlerLoadFrameSync, \"SHandlerLoadFrameSync\"],\n\n [\n PerformanceEvents.StandardInteractionClientCreateAuthCodeClient,\n \"StdIntClientCreateAuthCodeClient\",\n ],\n [\n PerformanceEvents.StandardInteractionClientGetClientConfiguration,\n \"StdIntClientGetClientConf\",\n ],\n [\n PerformanceEvents.StandardInteractionClientInitializeAuthorizationRequest,\n \"StdIntClientInitAuthReq\",\n ],\n [\n PerformanceEvents.StandardInteractionClientInitializeAuthorizationCodeRequest,\n \"StdIntClientInitAuthCodeReq\",\n ],\n\n [PerformanceEvents.GetAuthCodeUrl, \"GetAuthCodeUrl\"],\n\n [\n PerformanceEvents.HandleCodeResponseFromServer,\n \"HandleCodeResFromServer\",\n ],\n [PerformanceEvents.HandleCodeResponse, \"HandleCodeResp\"],\n [PerformanceEvents.UpdateTokenEndpointAuthority, \"UpdTEndpointAuth\"],\n\n [PerformanceEvents.AuthClientAcquireToken, \"AuthClientAT\"],\n [PerformanceEvents.AuthClientExecuteTokenRequest, \"AuthClientExecTReq\"],\n [\n PerformanceEvents.AuthClientCreateTokenRequestBody,\n \"AuthClientCreateTReqBody\",\n ],\n [\n PerformanceEvents.AuthClientCreateQueryString,\n \"AuthClientCreateQueryStr\",\n ],\n [PerformanceEvents.PopTokenGenerateCnf, \"PopTGenCnf\"],\n [PerformanceEvents.PopTokenGenerateKid, \"PopTGenKid\"],\n [PerformanceEvents.HandleServerTokenResponse, \"HandleServerTRes\"],\n [PerformanceEvents.DeserializeResponse, \"DeserializeRes\"],\n [\n PerformanceEvents.AuthorityFactoryCreateDiscoveredInstance,\n \"AuthFactCreateDiscInst\",\n ],\n [\n PerformanceEvents.AuthorityResolveEndpointsAsync,\n \"AuthResolveEndpointsAsync\",\n ],\n [\n PerformanceEvents.AuthorityResolveEndpointsFromLocalSources,\n \"AuthResolveEndpointsFromLocal\",\n ],\n [\n PerformanceEvents.AuthorityGetCloudDiscoveryMetadataFromNetwork,\n \"AuthGetCDMetaFromNet\",\n ],\n [\n PerformanceEvents.AuthorityUpdateCloudDiscoveryMetadata,\n \"AuthUpdCDMeta\",\n ],\n [\n PerformanceEvents.AuthorityGetEndpointMetadataFromNetwork,\n \"AuthUpdCDMetaFromNet\",\n ],\n [\n PerformanceEvents.AuthorityUpdateEndpointMetadata,\n \"AuthUpdEndpointMeta\",\n ],\n [\n PerformanceEvents.AuthorityUpdateMetadataWithRegionalInformation,\n \"AuthUpdMetaWithRegInfo\",\n ],\n [PerformanceEvents.RegionDiscoveryDetectRegion, \"RegDiscDetectReg\"],\n [\n PerformanceEvents.RegionDiscoveryGetRegionFromIMDS,\n \"RegDiscGetRegFromIMDS\",\n ],\n [\n PerformanceEvents.RegionDiscoveryGetCurrentVersion,\n \"RegDiscGetCurrentVer\",\n ],\n [PerformanceEvents.AcquireTokenByCodeAsync, \"ATByCodeAsync\"],\n [\n PerformanceEvents.GetEndpointMetadataFromNetwork,\n \"GetEndpointMetaFromNet\",\n ],\n [\n PerformanceEvents.GetCloudDiscoveryMetadataFromNetworkMeasurement,\n \"GetCDMetaFromNet\",\n ],\n [\n PerformanceEvents.HandleRedirectPromiseMeasurement,\n \"HandleRedirectPromise\",\n ],\n [\n PerformanceEvents.HandleNativeRedirectPromiseMeasurement,\n \"HandleNtvRedirectPromise\",\n ],\n [\n PerformanceEvents.UpdateCloudDiscoveryMetadataMeasurement,\n \"UpdateCDMeta\",\n ],\n [\n PerformanceEvents.UsernamePasswordClientAcquireToken,\n \"UserPassClientAT\",\n ],\n [\n PerformanceEvents.NativeMessageHandlerHandshake,\n \"NtvMsgHandlerHandshake\",\n ],\n [PerformanceEvents.NativeGenerateAuthResult, \"NtvGenAuthRes\"],\n [PerformanceEvents.RemoveHiddenIframe, \"RemoveHiddenIframe\"],\n [\n PerformanceEvents.ClearTokensAndKeysWithClaims,\n \"ClearTAndKeysWithClaims\",\n ],\n [PerformanceEvents.CacheManagerGetRefreshToken, \"CacheManagerGetRT\"],\n [PerformanceEvents.GeneratePkceCodes, \"GenPkceCodes\"],\n [PerformanceEvents.GenerateCodeVerifier, \"GenCodeVerifier\"],\n [\n PerformanceEvents.GenerateCodeChallengeFromVerifier,\n \"GenCodeChallengeFromVerifier\",\n ],\n [PerformanceEvents.Sha256Digest, \"Sha256Digest\"],\n [PerformanceEvents.GetRandomValues, \"GetRandomValues\"],\n ]);\n\n/**\n * State of the performance event.\n *\n * @export\n * @enum {number}\n */\nexport const PerformanceEventStatus = {\n NotStarted: 0,\n InProgress: 1,\n Completed: 2,\n} as const;\nexport type PerformanceEventStatus =\n (typeof PerformanceEventStatus)[keyof typeof PerformanceEventStatus];\n\nexport type SubMeasurement = {\n name: string;\n startTimeMs: number;\n};\n\n/**\n * Performance measurement taken by the library, including metadata about the request and application.\n *\n * @export\n * @typedef {PerformanceEvent}\n */\nexport type PerformanceEvent = {\n /**\n * Unique id for the event\n *\n * @type {string}\n */\n eventId: string;\n\n /**\n * State of the perforance measure.\n *\n * @type {PerformanceEventStatus}\n */\n status: PerformanceEventStatus;\n\n /**\n * Login authority used for the request\n *\n * @type {string}\n */\n authority: string;\n\n /**\n * Client id for the application\n *\n * @type {string}\n */\n clientId: string;\n\n /**\n * Correlation ID used for the request\n *\n * @type {string}\n */\n correlationId: string;\n\n /**\n * End-to-end duration in milliseconds.\n * @date 3/22/2022 - 3:40:05 PM\n *\n * @type {number}\n */\n durationMs?: number;\n\n /**\n * Visibility of the page when the event completed.\n * Read from: https://developer.mozilla.org/docs/Web/API/Page_Visibility_API\n *\n * @type {?(string | null)}\n */\n endPageVisibility?: string | null;\n\n /**\n * Whether the result was retrieved from the cache.\n *\n * @type {(boolean | null)}\n */\n fromCache?: boolean | null;\n\n /**\n * Event name (usually in the form of classNameFunctionName)\n *\n * @type {string}\n */\n name: string;\n\n /**\n * Visibility of the page when the event completed.\n * Read from: https://developer.mozilla.org/docs/Web/API/Page_Visibility_API\n *\n * @type {?(string | null)}\n */\n startPageVisibility?: string | null;\n\n /**\n * Unix millisecond timestamp when the event was initiated.\n *\n * @type {number}\n */\n startTimeMs: number;\n\n /**\n * Whether or the operation completed successfully.\n *\n * @type {(boolean | null)}\n */\n success?: boolean | null;\n\n /**\n * Add specific error code in case of failure\n *\n * @type {string}\n */\n errorCode?: string;\n\n /**\n * Add specific sub error code in case of failure\n *\n * @type {string}\n */\n subErrorCode?: string;\n\n /**\n * Server error number\n */\n serverErrorNo?: string;\n\n /**\n * Name of the library used for the operation.\n *\n * @type {string}\n */\n libraryName: string;\n\n /**\n * Version of the library used for the operation.\n *\n * @type {string}\n */\n libraryVersion: string;\n\n /**\n * Whether the response is from a native component (e.g., WAM)\n *\n * @type {?boolean}\n */\n isNativeBroker?: boolean;\n\n /**\n * Request ID returned from the response\n *\n * @type {?string}\n */\n requestId?: string;\n\n /**\n * Cache lookup policy\n *\n * @type {?number}\n */\n cacheLookupPolicy?: number | undefined;\n\n /**\n * Cache Outcome\n * @type {?number}\n */\n cacheOutcome?: number;\n\n /**\n * Amount of time spent in the JS queue in milliseconds.\n *\n * @type {?number}\n */\n queuedTimeMs?: number;\n\n /**\n * Sub-measurements for internal use. To be deleted before flushing.\n */\n incompleteSubMeasurements?: Map;\n\n visibilityChangeCount?: number;\n incompleteSubsCount?: number;\n\n /**\n * CorrelationId of the in progress iframe request that was awaited\n */\n awaitIframeCorrelationId?: string;\n /**\n * Amount of times queued in the JS event queue.\n *\n * @type {?number}\n */\n queuedCount?: number;\n /**\n * Amount of manually completed queue events.\n *\n * @type {?number}\n */\n queuedManuallyCompletedCount?: number;\n\n /**\n * Size of the id token\n *\n * @type {number}\n */\n idTokenSize?: number;\n\n /**\n *\n * Size of the access token\n *\n * @type {number}\n */\n\n accessTokenSize?: number;\n\n /**\n *\n * Size of the refresh token\n *\n * @type {number}\n */\n\n refreshTokenSize?: number | undefined;\n\n /**\n * Application name as specified by the app.\n *\n * @type {?string}\n */\n appName?: string;\n\n /**\n * Application version as specified by the app.\n *\n * @type {?string}\n */\n appVersion?: string;\n\n /**\n * The following are fields that may be emitted in native broker scenarios\n */\n extensionId?: string;\n extensionVersion?: string;\n matsBrokerVersion?: string;\n matsAccountJoinOnStart?: string;\n matsAccountJoinOnEnd?: string;\n matsDeviceJoin?: string;\n matsPromptBehavior?: string;\n matsApiErrorCode?: number;\n matsUiVisible?: boolean;\n matsSilentCode?: number;\n matsSilentBiSubCode?: number;\n matsSilentMessage?: string;\n matsSilentStatus?: number;\n matsHttpStatus?: number;\n matsHttpEventCount?: number;\n\n /**\n * Http POST metadata\n */\n httpVerToken?: string;\n httpStatus?: number;\n contentTypeHeader?: string;\n contentLengthHeader?: string;\n\n /**\n * Native broker fields\n */\n allowNativeBroker?: boolean;\n extensionInstalled?: boolean;\n extensionHandshakeTimeoutMs?: number;\n extensionHandshakeTimedOut?: boolean;\n\n /**\n * Nested App Auth Fields\n */\n nestedAppAuthRequest?: boolean;\n\n /**\n * Multiple matched access/id/refresh tokens in the cache\n */\n multiMatchedAT?: number;\n multiMatchedID?: number;\n multiMatchedRT?: number;\n\n errorName?: string;\n errorStack?: string[];\n\n // Event context as JSON string\n context?: string;\n\n // Number of tokens in the cache to be reported when cache quota is exceeded\n cacheRtCount?: number;\n cacheIdCount?: number;\n cacheAtCount?: number;\n\n // Scenario id to track custom user prompts\n scenarioId?: string;\n\n accountType?: \"AAD\" | \"MSA\" | \"B2C\";\n\n /**\n * Server error that triggers a request retry\n *\n * @type {string}\n */\n retryError?: string;\n\n embeddedClientId?: string;\n embeddedRedirectUri?: string;\n};\n\nexport type PerformanceEventContext = {\n dur?: number;\n err?: string;\n subErr?: string;\n fail?: number;\n};\n\nexport type PerformanceEventStackedContext = PerformanceEventContext & {\n name?: string;\n childErr?: string;\n};\n\nexport const IntFields: ReadonlySet = new Set([\n \"accessTokenSize\",\n \"durationMs\",\n \"idTokenSize\",\n \"matsSilentStatus\",\n \"matsHttpStatus\",\n \"refreshTokenSize\",\n \"queuedTimeMs\",\n \"startTimeMs\",\n \"status\",\n \"multiMatchedAT\",\n \"multiMatchedID\",\n \"multiMatchedRT\",\n]);\n","/*\n * Copyright (c) Microsoft Corporation. All rights reserved.\n * Licensed under the MIT License.\n */\n\nimport {\n IPerformanceClient,\n InProgressPerformanceEvent,\n} from \"./IPerformanceClient.js\";\nimport { IPerformanceMeasurement } from \"./IPerformanceMeasurement.js\";\nimport {\n PerformanceEvent,\n PerformanceEventStatus,\n} from \"./PerformanceEvent.js\";\n\nexport class StubPerformanceMeasurement implements IPerformanceMeasurement {\n startMeasurement(): void {\n return;\n }\n endMeasurement(): void {\n return;\n }\n flushMeasurement(): number | null {\n return null;\n }\n}\n\nexport class StubPerformanceClient implements IPerformanceClient {\n generateId(): string {\n return \"callback-id\";\n }\n\n startMeasurement(\n measureName: string,\n correlationId?: string | undefined\n ): InProgressPerformanceEvent {\n return {\n end: () => null,\n discard: () => {},\n add: () => {},\n increment: () => {},\n event: {\n eventId: this.generateId(),\n status: PerformanceEventStatus.InProgress,\n authority: \"\",\n libraryName: \"\",\n libraryVersion: \"\",\n clientId: \"\",\n name: measureName,\n startTimeMs: Date.now(),\n correlationId: correlationId || \"\",\n },\n measurement: new StubPerformanceMeasurement(),\n };\n }\n\n startPerformanceMeasurement(): IPerformanceMeasurement {\n return new StubPerformanceMeasurement();\n }\n calculateQueuedTime(): number {\n return 0;\n }\n\n addQueueMeasurement(): void {\n return;\n }\n\n setPreQueueTime(): void {\n return;\n }\n\n endMeasurement(): PerformanceEvent | null {\n return null;\n }\n\n discardMeasurements(): void {\n return;\n }\n\n removePerformanceCallback(): boolean {\n return true;\n }\n\n addPerformanceCallback(): string {\n return \"\";\n }\n\n emitEvents(): void {\n return;\n }\n\n addFields(): void {\n return;\n }\n\n incrementFields(): void {\n return;\n }\n\n cacheEventByCorrelationId(): void {\n return;\n }\n}\n","/*\n * Copyright (c) Microsoft Corporation. All rights reserved.\n * Licensed under the MIT License.\n */\n\nimport {\n SERVER_TELEM_CONSTANTS,\n Separators,\n CacheOutcome,\n Constants,\n RegionDiscoverySources,\n RegionDiscoveryOutcomes,\n} from \"../../utils/Constants.js\";\nimport { CacheManager } from \"../../cache/CacheManager.js\";\nimport { AuthError } from \"../../error/AuthError.js\";\nimport { ServerTelemetryRequest } from \"./ServerTelemetryRequest.js\";\nimport { ServerTelemetryEntity } from \"../../cache/entities/ServerTelemetryEntity.js\";\nimport { RegionDiscoveryMetadata } from \"../../authority/RegionDiscoveryMetadata.js\";\n\nconst skuGroupSeparator = \",\";\nconst skuValueSeparator = \"|\";\n\ntype SkuParams = {\n libraryName?: string;\n libraryVersion?: string;\n extensionName?: string;\n extensionVersion?: string;\n skus?: string;\n};\n\nfunction makeExtraSkuString(params: SkuParams): string {\n const {\n skus,\n libraryName,\n libraryVersion,\n extensionName,\n extensionVersion,\n } = params;\n const skuMap: Map = new Map([\n [0, [libraryName, libraryVersion]],\n [2, [extensionName, extensionVersion]],\n ]);\n let skuArr: string[] = [];\n\n if (skus?.length) {\n skuArr = skus.split(skuGroupSeparator);\n\n // Ignore invalid input sku param\n if (skuArr.length < 4) {\n return skus;\n }\n } else {\n skuArr = Array.from({ length: 4 }, () => skuValueSeparator);\n }\n\n skuMap.forEach((value, key) => {\n if (value.length === 2 && value[0]?.length && value[1]?.length) {\n setSku({\n skuArr,\n index: key,\n skuName: value[0],\n skuVersion: value[1],\n });\n }\n });\n\n return skuArr.join(skuGroupSeparator);\n}\n\nfunction setSku(params: {\n skuArr: string[];\n index: number;\n skuName: string;\n skuVersion: string;\n}): void {\n const { skuArr, index, skuName, skuVersion } = params;\n if (index >= skuArr.length) {\n return;\n }\n skuArr[index] = [skuName, skuVersion].join(skuValueSeparator);\n}\n\n/** @internal */\nexport class ServerTelemetryManager {\n private cacheManager: CacheManager;\n private apiId: number;\n private correlationId: string;\n private telemetryCacheKey: string;\n private wrapperSKU: String;\n private wrapperVer: String;\n private regionUsed: string | undefined;\n private regionSource: RegionDiscoverySources | undefined;\n private regionOutcome: RegionDiscoveryOutcomes | undefined;\n private cacheOutcome: CacheOutcome = CacheOutcome.NOT_APPLICABLE;\n\n constructor(\n telemetryRequest: ServerTelemetryRequest,\n cacheManager: CacheManager\n ) {\n this.cacheManager = cacheManager;\n this.apiId = telemetryRequest.apiId;\n this.correlationId = telemetryRequest.correlationId;\n this.wrapperSKU = telemetryRequest.wrapperSKU || Constants.EMPTY_STRING;\n this.wrapperVer = telemetryRequest.wrapperVer || Constants.EMPTY_STRING;\n\n this.telemetryCacheKey =\n SERVER_TELEM_CONSTANTS.CACHE_KEY +\n Separators.CACHE_KEY_SEPARATOR +\n telemetryRequest.clientId;\n }\n\n /**\n * API to add MSER Telemetry to request\n */\n generateCurrentRequestHeaderValue(): string {\n const request = `${this.apiId}${SERVER_TELEM_CONSTANTS.VALUE_SEPARATOR}${this.cacheOutcome}`;\n const platformFieldsArr = [this.wrapperSKU, this.wrapperVer];\n const nativeBrokerErrorCode = this.getNativeBrokerErrorCode();\n if (nativeBrokerErrorCode?.length) {\n platformFieldsArr.push(`broker_error=${nativeBrokerErrorCode}`);\n }\n const platformFields = platformFieldsArr.join(\n SERVER_TELEM_CONSTANTS.VALUE_SEPARATOR\n );\n const regionDiscoveryFields = this.getRegionDiscoveryFields();\n const requestWithRegionDiscoveryFields = [\n request,\n regionDiscoveryFields,\n ].join(SERVER_TELEM_CONSTANTS.VALUE_SEPARATOR);\n\n return [\n SERVER_TELEM_CONSTANTS.SCHEMA_VERSION,\n requestWithRegionDiscoveryFields,\n platformFields,\n ].join(SERVER_TELEM_CONSTANTS.CATEGORY_SEPARATOR);\n }\n\n /**\n * API to add MSER Telemetry for the last failed request\n */\n generateLastRequestHeaderValue(): string {\n const lastRequests = this.getLastRequests();\n\n const maxErrors = ServerTelemetryManager.maxErrorsToSend(lastRequests);\n const failedRequests = lastRequests.failedRequests\n .slice(0, 2 * maxErrors)\n .join(SERVER_TELEM_CONSTANTS.VALUE_SEPARATOR);\n const errors = lastRequests.errors\n .slice(0, maxErrors)\n .join(SERVER_TELEM_CONSTANTS.VALUE_SEPARATOR);\n const errorCount = lastRequests.errors.length;\n\n // Indicate whether this header contains all data or partial data\n const overflow =\n maxErrors < errorCount\n ? SERVER_TELEM_CONSTANTS.OVERFLOW_TRUE\n : SERVER_TELEM_CONSTANTS.OVERFLOW_FALSE;\n const platformFields = [errorCount, overflow].join(\n SERVER_TELEM_CONSTANTS.VALUE_SEPARATOR\n );\n\n return [\n SERVER_TELEM_CONSTANTS.SCHEMA_VERSION,\n lastRequests.cacheHits,\n failedRequests,\n errors,\n platformFields,\n ].join(SERVER_TELEM_CONSTANTS.CATEGORY_SEPARATOR);\n }\n\n /**\n * API to cache token failures for MSER data capture\n * @param error\n */\n cacheFailedRequest(error: unknown): void {\n const lastRequests = this.getLastRequests();\n if (\n lastRequests.errors.length >=\n SERVER_TELEM_CONSTANTS.MAX_CACHED_ERRORS\n ) {\n // Remove a cached error to make room, first in first out\n lastRequests.failedRequests.shift(); // apiId\n lastRequests.failedRequests.shift(); // correlationId\n lastRequests.errors.shift();\n }\n\n lastRequests.failedRequests.push(this.apiId, this.correlationId);\n\n if (error instanceof Error && !!error && error.toString()) {\n if (error instanceof AuthError) {\n if (error.subError) {\n lastRequests.errors.push(error.subError);\n } else if (error.errorCode) {\n lastRequests.errors.push(error.errorCode);\n } else {\n lastRequests.errors.push(error.toString());\n }\n } else {\n lastRequests.errors.push(error.toString());\n }\n } else {\n lastRequests.errors.push(SERVER_TELEM_CONSTANTS.UNKNOWN_ERROR);\n }\n\n this.cacheManager.setServerTelemetry(\n this.telemetryCacheKey,\n lastRequests\n );\n\n return;\n }\n\n /**\n * Update server telemetry cache entry by incrementing cache hit counter\n */\n incrementCacheHits(): number {\n const lastRequests = this.getLastRequests();\n lastRequests.cacheHits += 1;\n\n this.cacheManager.setServerTelemetry(\n this.telemetryCacheKey,\n lastRequests\n );\n return lastRequests.cacheHits;\n }\n\n /**\n * Get the server telemetry entity from cache or initialize a new one\n */\n getLastRequests(): ServerTelemetryEntity {\n const initialValue: ServerTelemetryEntity = {\n failedRequests: [],\n errors: [],\n cacheHits: 0,\n };\n const lastRequests = this.cacheManager.getServerTelemetry(\n this.telemetryCacheKey\n ) as ServerTelemetryEntity;\n\n return lastRequests || initialValue;\n }\n\n /**\n * Remove server telemetry cache entry\n */\n clearTelemetryCache(): void {\n const lastRequests = this.getLastRequests();\n const numErrorsFlushed =\n ServerTelemetryManager.maxErrorsToSend(lastRequests);\n const errorCount = lastRequests.errors.length;\n if (numErrorsFlushed === errorCount) {\n // All errors were sent on last request, clear Telemetry cache\n this.cacheManager.removeItem(this.telemetryCacheKey);\n } else {\n // Partial data was flushed to server, construct a new telemetry cache item with errors that were not flushed\n const serverTelemEntity: ServerTelemetryEntity = {\n failedRequests: lastRequests.failedRequests.slice(\n numErrorsFlushed * 2\n ), // failedRequests contains 2 items for each error\n errors: lastRequests.errors.slice(numErrorsFlushed),\n cacheHits: 0,\n };\n\n this.cacheManager.setServerTelemetry(\n this.telemetryCacheKey,\n serverTelemEntity\n );\n }\n }\n\n /**\n * Returns the maximum number of errors that can be flushed to the server in the next network request\n * @param serverTelemetryEntity\n */\n static maxErrorsToSend(\n serverTelemetryEntity: ServerTelemetryEntity\n ): number {\n let i;\n let maxErrors = 0;\n let dataSize = 0;\n const errorCount = serverTelemetryEntity.errors.length;\n for (i = 0; i < errorCount; i++) {\n // failedRequests parameter contains pairs of apiId and correlationId, multiply index by 2 to preserve pairs\n const apiId =\n serverTelemetryEntity.failedRequests[2 * i] ||\n Constants.EMPTY_STRING;\n const correlationId =\n serverTelemetryEntity.failedRequests[2 * i + 1] ||\n Constants.EMPTY_STRING;\n const errorCode =\n serverTelemetryEntity.errors[i] || Constants.EMPTY_STRING;\n\n // Count number of characters that would be added to header, each character is 1 byte. Add 3 at the end to account for separators\n dataSize +=\n apiId.toString().length +\n correlationId.toString().length +\n errorCode.length +\n 3;\n\n if (dataSize < SERVER_TELEM_CONSTANTS.MAX_LAST_HEADER_BYTES) {\n // Adding this entry to the header would still keep header size below the limit\n maxErrors += 1;\n } else {\n break;\n }\n }\n\n return maxErrors;\n }\n\n /**\n * Get the region discovery fields\n *\n * @returns string\n */\n getRegionDiscoveryFields(): string {\n const regionDiscoveryFields: string[] = [];\n\n regionDiscoveryFields.push(this.regionUsed || Constants.EMPTY_STRING);\n regionDiscoveryFields.push(this.regionSource || Constants.EMPTY_STRING);\n regionDiscoveryFields.push(\n this.regionOutcome || Constants.EMPTY_STRING\n );\n\n return regionDiscoveryFields.join(\",\");\n }\n\n /**\n * Update the region discovery metadata\n *\n * @param regionDiscoveryMetadata\n * @returns void\n */\n updateRegionDiscoveryMetadata(\n regionDiscoveryMetadata: RegionDiscoveryMetadata\n ): void {\n this.regionUsed = regionDiscoveryMetadata.region_used;\n this.regionSource = regionDiscoveryMetadata.region_source;\n this.regionOutcome = regionDiscoveryMetadata.region_outcome;\n }\n\n /**\n * Set cache outcome\n */\n setCacheOutcome(cacheOutcome: CacheOutcome): void {\n this.cacheOutcome = cacheOutcome;\n }\n\n setNativeBrokerErrorCode(errorCode: string): void {\n const lastRequests = this.getLastRequests();\n lastRequests.nativeBrokerErrorCode = errorCode;\n this.cacheManager.setServerTelemetry(\n this.telemetryCacheKey,\n lastRequests\n );\n }\n\n getNativeBrokerErrorCode(): string | undefined {\n return this.getLastRequests().nativeBrokerErrorCode;\n }\n\n clearNativeBrokerErrorCode(): void {\n const lastRequests = this.getLastRequests();\n delete lastRequests.nativeBrokerErrorCode;\n this.cacheManager.setServerTelemetry(\n this.telemetryCacheKey,\n lastRequests\n );\n }\n\n static makeExtraSkuString(params: SkuParams): string {\n return makeExtraSkuString(params);\n }\n}\n","/*\n * Copyright (c) Microsoft Corporation. All rights reserved.\n * Licensed under the MIT License.\n */\n\nimport {\n createClientConfigurationError,\n ClientConfigurationErrorCodes,\n} from \"../error/ClientConfigurationError.js\";\nimport { StringUtils } from \"../utils/StringUtils.js\";\nimport { IUri } from \"./IUri.js\";\nimport { AADAuthorityConstants, Constants } from \"../utils/Constants.js\";\nimport * as UrlUtils from \"../utils/UrlUtils.js\";\n\n/**\n * Url object class which can perform various transformations on url strings.\n */\nexport class UrlString {\n // internal url string field\n private _urlString: string;\n public get urlString(): string {\n return this._urlString;\n }\n\n constructor(url: string) {\n this._urlString = url;\n if (!this._urlString) {\n // Throws error if url is empty\n throw createClientConfigurationError(\n ClientConfigurationErrorCodes.urlEmptyError\n );\n }\n\n if (!url.includes(\"#\")) {\n this._urlString = UrlString.canonicalizeUri(url);\n }\n }\n\n /**\n * Ensure urls are lower case and end with a / character.\n * @param url\n */\n static canonicalizeUri(url: string): string {\n if (url) {\n let lowerCaseUrl = url.toLowerCase();\n\n if (StringUtils.endsWith(lowerCaseUrl, \"?\")) {\n lowerCaseUrl = lowerCaseUrl.slice(0, -1);\n } else if (StringUtils.endsWith(lowerCaseUrl, \"?/\")) {\n lowerCaseUrl = lowerCaseUrl.slice(0, -2);\n }\n\n if (!StringUtils.endsWith(lowerCaseUrl, \"/\")) {\n lowerCaseUrl += \"/\";\n }\n\n return lowerCaseUrl;\n }\n\n return url;\n }\n\n /**\n * Throws if urlString passed is not a valid authority URI string.\n */\n validateAsUri(): void {\n // Attempts to parse url for uri components\n let components;\n try {\n components = this.getUrlComponents();\n } catch (e) {\n throw createClientConfigurationError(\n ClientConfigurationErrorCodes.urlParseError\n );\n }\n\n // Throw error if URI or path segments are not parseable.\n if (!components.HostNameAndPort || !components.PathSegments) {\n throw createClientConfigurationError(\n ClientConfigurationErrorCodes.urlParseError\n );\n }\n\n // Throw error if uri is insecure.\n if (\n !components.Protocol ||\n components.Protocol.toLowerCase() !== \"https:\"\n ) {\n throw createClientConfigurationError(\n ClientConfigurationErrorCodes.authorityUriInsecure\n );\n }\n }\n\n /**\n * Given a url and a query string return the url with provided query string appended\n * @param url\n * @param queryString\n */\n static appendQueryString(url: string, queryString: string): string {\n if (!queryString) {\n return url;\n }\n\n return url.indexOf(\"?\") < 0\n ? `${url}?${queryString}`\n : `${url}&${queryString}`;\n }\n\n /**\n * Returns a url with the hash removed\n * @param url\n */\n static removeHashFromUrl(url: string): string {\n return UrlString.canonicalizeUri(url.split(\"#\")[0]);\n }\n\n /**\n * Given a url like https://a:b/common/d?e=f#g, and a tenantId, returns https://a:b/tenantId/d\n * @param href The url\n * @param tenantId The tenant id to replace\n */\n replaceTenantPath(tenantId: string): UrlString {\n const urlObject = this.getUrlComponents();\n const pathArray = urlObject.PathSegments;\n if (\n tenantId &&\n pathArray.length !== 0 &&\n (pathArray[0] === AADAuthorityConstants.COMMON ||\n pathArray[0] === AADAuthorityConstants.ORGANIZATIONS)\n ) {\n pathArray[0] = tenantId;\n }\n return UrlString.constructAuthorityUriFromObject(urlObject);\n }\n\n /**\n * Parses out the components from a url string.\n * @returns An object with the various components. Please cache this value insted of calling this multiple times on the same url.\n */\n getUrlComponents(): IUri {\n // https://gist.github.com/curtisz/11139b2cfcaef4a261e0\n const regEx = RegExp(\n \"^(([^:/?#]+):)?(//([^/?#]*))?([^?#]*)(\\\\?([^#]*))?(#(.*))?\"\n );\n\n // If url string does not match regEx, we throw an error\n const match = this.urlString.match(regEx);\n if (!match) {\n throw createClientConfigurationError(\n ClientConfigurationErrorCodes.urlParseError\n );\n }\n\n // Url component object\n const urlComponents = {\n Protocol: match[1],\n HostNameAndPort: match[4],\n AbsolutePath: match[5],\n QueryString: match[7],\n } as IUri;\n\n let pathSegments = urlComponents.AbsolutePath.split(\"/\");\n pathSegments = pathSegments.filter((val) => val && val.length > 0); // remove empty elements\n urlComponents.PathSegments = pathSegments;\n\n if (\n urlComponents.QueryString &&\n urlComponents.QueryString.endsWith(\"/\")\n ) {\n urlComponents.QueryString = urlComponents.QueryString.substring(\n 0,\n urlComponents.QueryString.length - 1\n );\n }\n return urlComponents;\n }\n\n static getDomainFromUrl(url: string): string {\n const regEx = RegExp(\"^([^:/?#]+://)?([^/?#]*)\");\n\n const match = url.match(regEx);\n\n if (!match) {\n throw createClientConfigurationError(\n ClientConfigurationErrorCodes.urlParseError\n );\n }\n\n return match[2];\n }\n\n static getAbsoluteUrl(relativeUrl: string, baseUrl: string): string {\n if (relativeUrl[0] === Constants.FORWARD_SLASH) {\n const url = new UrlString(baseUrl);\n const baseComponents = url.getUrlComponents();\n\n return (\n baseComponents.Protocol +\n \"//\" +\n baseComponents.HostNameAndPort +\n relativeUrl\n );\n }\n\n return relativeUrl;\n }\n\n static constructAuthorityUriFromObject(urlObject: IUri): UrlString {\n return new UrlString(\n urlObject.Protocol +\n \"//\" +\n urlObject.HostNameAndPort +\n \"/\" +\n urlObject.PathSegments.join(\"/\")\n );\n }\n\n /**\n * Check if the hash of the URL string contains known properties\n * @deprecated This API will be removed in a future version\n */\n static hashContainsKnownProperties(response: string): boolean {\n return !!UrlUtils.getDeserializedResponse(response);\n }\n}\n","/*\n * Copyright (c) Microsoft Corporation. All rights reserved.\n * Licensed under the MIT License.\n */\n\nimport {\n ClientAssertionCallback,\n ClientAssertionConfig,\n} from \"../account/ClientCredentials.js\";\n\nexport async function getClientAssertion(\n clientAssertion: string | ClientAssertionCallback,\n clientId: string,\n tokenEndpoint?: string\n): Promise {\n if (typeof clientAssertion === \"string\") {\n return clientAssertion;\n } else {\n const config: ClientAssertionConfig = {\n clientId: clientId,\n tokenEndpoint: tokenEndpoint,\n };\n return clientAssertion(config);\n }\n}\n","/*\n * Copyright (c) Microsoft Corporation. All rights reserved.\n * Licensed under the MIT License.\n */\n\nexport const Constants = {\n LIBRARY_NAME: \"MSAL.JS\",\n SKU: \"msal.js.common\",\n // Prefix for all library cache entries\n CACHE_PREFIX: \"msal\",\n // default authority\n DEFAULT_AUTHORITY: \"https://login.microsoftonline.com/common/\",\n DEFAULT_AUTHORITY_HOST: \"login.microsoftonline.com\",\n DEFAULT_COMMON_TENANT: \"common\",\n // ADFS String\n ADFS: \"adfs\",\n DSTS: \"dstsv2\",\n // Default AAD Instance Discovery Endpoint\n AAD_INSTANCE_DISCOVERY_ENDPT:\n \"https://login.microsoftonline.com/common/discovery/instance?api-version=1.1&authorization_endpoint=\",\n // CIAM URL\n CIAM_AUTH_URL: \".ciamlogin.com\",\n AAD_TENANT_DOMAIN_SUFFIX: \".onmicrosoft.com\",\n // Resource delimiter - used for certain cache entries\n RESOURCE_DELIM: \"|\",\n // Placeholder for non-existent account ids/objects\n NO_ACCOUNT: \"NO_ACCOUNT\",\n // Claims\n CLAIMS: \"claims\",\n // Consumer UTID\n CONSUMER_UTID: \"9188040d-6c67-4c5b-b112-36a304b66dad\",\n // Default scopes\n OPENID_SCOPE: \"openid\",\n PROFILE_SCOPE: \"profile\",\n OFFLINE_ACCESS_SCOPE: \"offline_access\",\n EMAIL_SCOPE: \"email\",\n // Default response type for authorization code flow\n CODE_RESPONSE_TYPE: \"code\",\n CODE_GRANT_TYPE: \"authorization_code\",\n RT_GRANT_TYPE: \"refresh_token\",\n FRAGMENT_RESPONSE_MODE: \"fragment\",\n S256_CODE_CHALLENGE_METHOD: \"S256\",\n URL_FORM_CONTENT_TYPE: \"application/x-www-form-urlencoded;charset=utf-8\",\n AUTHORIZATION_PENDING: \"authorization_pending\",\n NOT_DEFINED: \"not_defined\",\n EMPTY_STRING: \"\",\n NOT_APPLICABLE: \"N/A\",\n NOT_AVAILABLE: \"Not Available\",\n FORWARD_SLASH: \"/\",\n IMDS_ENDPOINT: \"http://169.254.169.254/metadata/instance/compute/location\",\n IMDS_VERSION: \"2020-06-01\",\n IMDS_TIMEOUT: 2000,\n AZURE_REGION_AUTO_DISCOVER_FLAG: \"TryAutoDetect\",\n REGIONAL_AUTH_PUBLIC_CLOUD_SUFFIX: \"login.microsoft.com\",\n KNOWN_PUBLIC_CLOUDS: [\n \"login.microsoftonline.com\",\n \"login.windows.net\",\n \"login.microsoft.com\",\n \"sts.windows.net\",\n ],\n TOKEN_RESPONSE_TYPE: \"token\",\n ID_TOKEN_RESPONSE_TYPE: \"id_token\",\n SHR_NONCE_VALIDITY: 240,\n INVALID_INSTANCE: \"invalid_instance\",\n};\n\nexport const HttpStatus = {\n SUCCESS: 200,\n SUCCESS_RANGE_START: 200,\n SUCCESS_RANGE_END: 299,\n REDIRECT: 302,\n CLIENT_ERROR: 400,\n CLIENT_ERROR_RANGE_START: 400,\n BAD_REQUEST: 400,\n UNAUTHORIZED: 401,\n NOT_FOUND: 404,\n REQUEST_TIMEOUT: 408,\n TOO_MANY_REQUESTS: 429,\n CLIENT_ERROR_RANGE_END: 499,\n SERVER_ERROR: 500,\n SERVER_ERROR_RANGE_START: 500,\n SERVICE_UNAVAILABLE: 503,\n GATEWAY_TIMEOUT: 504,\n SERVER_ERROR_RANGE_END: 599,\n MULTI_SIDED_ERROR: 600,\n} as const;\nexport type HttpStatus = (typeof HttpStatus)[keyof typeof HttpStatus];\n\nexport const OIDC_DEFAULT_SCOPES = [\n Constants.OPENID_SCOPE,\n Constants.PROFILE_SCOPE,\n Constants.OFFLINE_ACCESS_SCOPE,\n];\n\nexport const OIDC_SCOPES = [...OIDC_DEFAULT_SCOPES, Constants.EMAIL_SCOPE];\n\n/**\n * Request header names\n */\nexport const HeaderNames = {\n CONTENT_TYPE: \"Content-Type\",\n CONTENT_LENGTH: \"Content-Length\",\n RETRY_AFTER: \"Retry-After\",\n CCS_HEADER: \"X-AnchorMailbox\",\n WWWAuthenticate: \"WWW-Authenticate\",\n AuthenticationInfo: \"Authentication-Info\",\n X_MS_REQUEST_ID: \"x-ms-request-id\",\n X_MS_HTTP_VERSION: \"x-ms-httpver\",\n} as const;\nexport type HeaderNames = (typeof HeaderNames)[keyof typeof HeaderNames];\n\n/**\n * Persistent cache keys MSAL which stay while user is logged in.\n */\nexport const PersistentCacheKeys = {\n ID_TOKEN: \"idtoken\",\n CLIENT_INFO: \"client.info\",\n ADAL_ID_TOKEN: \"adal.idtoken\",\n ERROR: \"error\",\n ERROR_DESC: \"error.description\",\n ACTIVE_ACCOUNT: \"active-account\", // Legacy active-account cache key, use new key instead\n ACTIVE_ACCOUNT_FILTERS: \"active-account-filters\", // new cache entry for active_account for a more robust version for browser\n} as const;\nexport type PersistentCacheKeys =\n (typeof PersistentCacheKeys)[keyof typeof PersistentCacheKeys];\n\n/**\n * String constants related to AAD Authority\n */\nexport const AADAuthorityConstants = {\n COMMON: \"common\",\n ORGANIZATIONS: \"organizations\",\n CONSUMERS: \"consumers\",\n} as const;\nexport type AADAuthorityConstants =\n (typeof AADAuthorityConstants)[keyof typeof AADAuthorityConstants];\n\n/**\n * Claims request keys\n */\nexport const ClaimsRequestKeys = {\n ACCESS_TOKEN: \"access_token\",\n XMS_CC: \"xms_cc\",\n} as const;\nexport type ClaimsRequestKeys =\n (typeof ClaimsRequestKeys)[keyof typeof ClaimsRequestKeys];\n\n/**\n * we considered making this \"enum\" in the request instead of string, however it looks like the allowed list of\n * prompt values kept changing over past couple of years. There are some undocumented prompt values for some\n * internal partners too, hence the choice of generic \"string\" type instead of the \"enum\"\n */\nexport const PromptValue = {\n LOGIN: \"login\",\n SELECT_ACCOUNT: \"select_account\",\n CONSENT: \"consent\",\n NONE: \"none\",\n CREATE: \"create\",\n NO_SESSION: \"no_session\",\n};\n\n/**\n * allowed values for codeVerifier\n */\nexport const CodeChallengeMethodValues = {\n PLAIN: \"plain\",\n S256: \"S256\",\n};\n\n/**\n * allowed values for server response type\n */\nexport const ServerResponseType = {\n QUERY: \"query\",\n FRAGMENT: \"fragment\",\n} as const;\nexport type ServerResponseType =\n (typeof ServerResponseType)[keyof typeof ServerResponseType];\n\n/**\n * allowed values for response_mode\n */\nexport const ResponseMode = {\n ...ServerResponseType,\n FORM_POST: \"form_post\",\n} as const;\nexport type ResponseMode = (typeof ResponseMode)[keyof typeof ResponseMode];\n\n/**\n * allowed grant_type\n */\nexport const GrantType = {\n IMPLICIT_GRANT: \"implicit\",\n AUTHORIZATION_CODE_GRANT: \"authorization_code\",\n CLIENT_CREDENTIALS_GRANT: \"client_credentials\",\n RESOURCE_OWNER_PASSWORD_GRANT: \"password\",\n REFRESH_TOKEN_GRANT: \"refresh_token\",\n DEVICE_CODE_GRANT: \"device_code\",\n JWT_BEARER: \"urn:ietf:params:oauth:grant-type:jwt-bearer\",\n} as const;\nexport type GrantType = (typeof GrantType)[keyof typeof GrantType];\n\n/**\n * Account types in Cache\n */\nexport const CacheAccountType = {\n MSSTS_ACCOUNT_TYPE: \"MSSTS\",\n ADFS_ACCOUNT_TYPE: \"ADFS\",\n MSAV1_ACCOUNT_TYPE: \"MSA\",\n GENERIC_ACCOUNT_TYPE: \"Generic\", // NTLM, Kerberos, FBA, Basic etc\n} as const;\nexport type CacheAccountType =\n (typeof CacheAccountType)[keyof typeof CacheAccountType];\n\n/**\n * Separators used in cache\n */\nexport const Separators = {\n CACHE_KEY_SEPARATOR: \"-\",\n CLIENT_INFO_SEPARATOR: \".\",\n} as const;\nexport type Separators = (typeof Separators)[keyof typeof Separators];\n\n/**\n * Credential Type stored in the cache\n */\nexport const CredentialType = {\n ID_TOKEN: \"IdToken\",\n ACCESS_TOKEN: \"AccessToken\",\n ACCESS_TOKEN_WITH_AUTH_SCHEME: \"AccessToken_With_AuthScheme\",\n REFRESH_TOKEN: \"RefreshToken\",\n} as const;\nexport type CredentialType =\n (typeof CredentialType)[keyof typeof CredentialType];\n\n/**\n * Combine all cache types\n */\nexport const CacheType = {\n ADFS: 1001,\n MSA: 1002,\n MSSTS: 1003,\n GENERIC: 1004,\n ACCESS_TOKEN: 2001,\n REFRESH_TOKEN: 2002,\n ID_TOKEN: 2003,\n APP_METADATA: 3001,\n UNDEFINED: 9999,\n} as const;\nexport type CacheType = (typeof CacheType)[keyof typeof CacheType];\n\n/**\n * More Cache related constants\n */\nexport const APP_METADATA = \"appmetadata\";\nexport const CLIENT_INFO = \"client_info\";\nexport const THE_FAMILY_ID = \"1\";\n\nexport const AUTHORITY_METADATA_CONSTANTS = {\n CACHE_KEY: \"authority-metadata\",\n REFRESH_TIME_SECONDS: 3600 * 24, // 24 Hours\n};\n\nexport const AuthorityMetadataSource = {\n CONFIG: \"config\",\n CACHE: \"cache\",\n NETWORK: \"network\",\n HARDCODED_VALUES: \"hardcoded_values\",\n} as const;\nexport type AuthorityMetadataSource =\n (typeof AuthorityMetadataSource)[keyof typeof AuthorityMetadataSource];\n\nexport const SERVER_TELEM_CONSTANTS = {\n SCHEMA_VERSION: 5,\n MAX_CUR_HEADER_BYTES: 80, // ESTS limit is 100B, set to 80 to provide a 20B buffer\n MAX_LAST_HEADER_BYTES: 330, // ESTS limit is 350B, set to 330 to provide a 20B buffer,\n MAX_CACHED_ERRORS: 50, // Limit the number of errors that can be stored to prevent uncontrolled size gains\n CACHE_KEY: \"server-telemetry\",\n CATEGORY_SEPARATOR: \"|\",\n VALUE_SEPARATOR: \",\",\n OVERFLOW_TRUE: \"1\",\n OVERFLOW_FALSE: \"0\",\n UNKNOWN_ERROR: \"unknown_error\",\n};\n\n/**\n * Type of the authentication request\n */\nexport const AuthenticationScheme = {\n BEARER: \"Bearer\",\n POP: \"pop\",\n SSH: \"ssh-cert\",\n} as const;\nexport type AuthenticationScheme =\n (typeof AuthenticationScheme)[keyof typeof AuthenticationScheme];\n\n/**\n * Constants related to throttling\n */\nexport const ThrottlingConstants = {\n // Default time to throttle RequestThumbprint in seconds\n DEFAULT_THROTTLE_TIME_SECONDS: 60,\n // Default maximum time to throttle in seconds, overrides what the server sends back\n DEFAULT_MAX_THROTTLE_TIME_SECONDS: 3600,\n // Prefix for storing throttling entries\n THROTTLING_PREFIX: \"throttling\",\n // Value assigned to the x-ms-lib-capability header to indicate to the server the library supports throttling\n X_MS_LIB_CAPABILITY_VALUE: \"retry-after, h429\",\n};\n\nexport const Errors = {\n INVALID_GRANT_ERROR: \"invalid_grant\",\n CLIENT_MISMATCH_ERROR: \"client_mismatch\",\n};\n\n/**\n * Password grant parameters\n */\nexport const PasswordGrantConstants = {\n username: \"username\",\n password: \"password\",\n} as const;\nexport type PasswordGrantConstants =\n (typeof PasswordGrantConstants)[keyof typeof PasswordGrantConstants];\n\n/**\n * Response codes\n */\nexport const ResponseCodes = {\n httpSuccess: 200,\n httpBadRequest: 400,\n} as const;\nexport type ResponseCodes = (typeof ResponseCodes)[keyof typeof ResponseCodes];\n\n/**\n * Region Discovery Sources\n */\nexport const RegionDiscoverySources = {\n FAILED_AUTO_DETECTION: \"1\",\n INTERNAL_CACHE: \"2\",\n ENVIRONMENT_VARIABLE: \"3\",\n IMDS: \"4\",\n} as const;\nexport type RegionDiscoverySources =\n (typeof RegionDiscoverySources)[keyof typeof RegionDiscoverySources];\n\n/**\n * Region Discovery Outcomes\n */\nexport const RegionDiscoveryOutcomes = {\n CONFIGURED_MATCHES_DETECTED: \"1\",\n CONFIGURED_NO_AUTO_DETECTION: \"2\",\n CONFIGURED_NOT_DETECTED: \"3\",\n AUTO_DETECTION_REQUESTED_SUCCESSFUL: \"4\",\n AUTO_DETECTION_REQUESTED_FAILED: \"5\",\n} as const;\nexport type RegionDiscoveryOutcomes =\n (typeof RegionDiscoveryOutcomes)[keyof typeof RegionDiscoveryOutcomes];\n\n/**\n * Specifies the reason for fetching the access token from the identity provider\n */\nexport const CacheOutcome = {\n // When a token is found in the cache or the cache is not supposed to be hit when making the request\n NOT_APPLICABLE: \"0\",\n // When the token request goes to the identity provider because force_refresh was set to true. Also occurs if claims were requested\n FORCE_REFRESH_OR_CLAIMS: \"1\",\n // When the token request goes to the identity provider because no cached access token exists\n NO_CACHED_ACCESS_TOKEN: \"2\",\n // When the token request goes to the identity provider because cached access token expired\n CACHED_ACCESS_TOKEN_EXPIRED: \"3\",\n // When the token request goes to the identity provider because refresh_in was used and the existing token needs to be refreshed\n PROACTIVELY_REFRESHED: \"4\",\n} as const;\nexport type CacheOutcome = (typeof CacheOutcome)[keyof typeof CacheOutcome];\n\nexport const JsonWebTokenTypes = {\n Jwt: \"JWT\",\n Jwk: \"JWK\",\n Pop: \"pop\",\n} as const;\nexport type JsonWebTokenTypes =\n (typeof JsonWebTokenTypes)[keyof typeof JsonWebTokenTypes];\n\nexport const ONE_DAY_IN_MS = 86400000;\n\n// Token renewal offset default in seconds\nexport const DEFAULT_TOKEN_RENEWAL_OFFSET_SEC = 300;\n","/*\n * Copyright (c) Microsoft Corporation. All rights reserved.\n * Licensed under the MIT License.\n */\n\nimport { Logger } from \"../logger/Logger.js\";\nimport { IPerformanceClient } from \"../telemetry/performance/IPerformanceClient.js\";\n\n/**\n * Wraps a function with a performance measurement.\n * Usage: invoke(functionToCall, performanceClient, \"EventName\", \"correlationId\")(...argsToPassToFunction)\n * @param callback\n * @param eventName\n * @param logger\n * @param telemetryClient\n * @param correlationId\n * @returns\n * @internal\n */\n// eslint-disable-next-line @typescript-eslint/no-explicit-any\nexport const invoke = , U>(\n callback: (...args: T) => U,\n eventName: string,\n logger: Logger,\n telemetryClient?: IPerformanceClient,\n correlationId?: string\n) => {\n return (...args: T): U => {\n logger.trace(`Executing function ${eventName}`);\n const inProgressEvent = telemetryClient?.startMeasurement(\n eventName,\n correlationId\n );\n if (correlationId) {\n // Track number of times this API is called in a single request\n const eventCount = eventName + \"CallCount\";\n telemetryClient?.incrementFields(\n { [eventCount]: 1 },\n correlationId\n );\n }\n try {\n const result = callback(...args);\n inProgressEvent?.end({\n success: true,\n });\n logger.trace(`Returning result from ${eventName}`);\n return result;\n } catch (e) {\n logger.trace(`Error occurred in ${eventName}`);\n try {\n logger.trace(JSON.stringify(e));\n } catch (e) {\n logger.trace(\"Unable to print error message.\");\n }\n inProgressEvent?.end(\n {\n success: false,\n },\n e\n );\n throw e;\n }\n };\n};\n\n/**\n * Wraps an async function with a performance measurement.\n * Usage: invokeAsync(functionToCall, performanceClient, \"EventName\", \"correlationId\")(...argsToPassToFunction)\n * @param callback\n * @param eventName\n * @param logger\n * @param telemetryClient\n * @param correlationId\n * @returns\n * @internal\n *\n */\n// eslint-disable-next-line @typescript-eslint/no-explicit-any\nexport const invokeAsync = , U>(\n callback: (...args: T) => Promise,\n eventName: string,\n logger: Logger,\n telemetryClient?: IPerformanceClient,\n correlationId?: string\n) => {\n return (...args: T): Promise => {\n logger.trace(`Executing function ${eventName}`);\n const inProgressEvent = telemetryClient?.startMeasurement(\n eventName,\n correlationId\n );\n if (correlationId) {\n // Track number of times this API is called in a single request\n const eventCount = eventName + \"CallCount\";\n telemetryClient?.incrementFields(\n { [eventCount]: 1 },\n correlationId\n );\n }\n telemetryClient?.setPreQueueTime(eventName, correlationId);\n return callback(...args)\n .then((response) => {\n logger.trace(`Returning result from ${eventName}`);\n inProgressEvent?.end({\n success: true,\n });\n return response;\n })\n .catch((e) => {\n logger.trace(`Error occurred in ${eventName}`);\n try {\n logger.trace(JSON.stringify(e));\n } catch (e) {\n logger.trace(\"Unable to print error message.\");\n }\n inProgressEvent?.end(\n {\n success: false,\n },\n e\n );\n throw e;\n });\n };\n};\n","/*\n * Copyright (c) Microsoft Corporation. All rights reserved.\n * Licensed under the MIT License.\n */\n\nimport { Constants } from \"./Constants.js\";\nimport { ICrypto } from \"../crypto/ICrypto.js\";\nimport {\n ClientAuthErrorCodes,\n createClientAuthError,\n} from \"../error/ClientAuthError.js\";\n\n/**\n * Type which defines the object that is stringified, encoded and sent in the state value.\n * Contains the following:\n * - id - unique identifier for this request\n * - ts - timestamp for the time the request was made. Used to ensure that token expiration is not calculated incorrectly.\n * - platformState - string value sent from the platform.\n */\nexport type LibraryStateObject = {\n id: string;\n meta?: Record;\n};\n\n/**\n * Type which defines the stringified and encoded object sent to the service in the authorize request.\n */\nexport type RequestStateObject = {\n userRequestState: string;\n libraryState: LibraryStateObject;\n};\n\n/**\n * Class which provides helpers for OAuth 2.0 protocol specific values\n */\nexport class ProtocolUtils {\n /**\n * Appends user state with random guid, or returns random guid.\n * @param userState\n * @param randomGuid\n */\n static setRequestState(\n cryptoObj: ICrypto,\n userState?: string,\n meta?: Record\n ): string {\n const libraryState = ProtocolUtils.generateLibraryState(\n cryptoObj,\n meta\n );\n return userState\n ? `${libraryState}${Constants.RESOURCE_DELIM}${userState}`\n : libraryState;\n }\n\n /**\n * Generates the state value used by the common library.\n * @param randomGuid\n * @param cryptoObj\n */\n static generateLibraryState(\n cryptoObj: ICrypto,\n meta?: Record\n ): string {\n if (!cryptoObj) {\n throw createClientAuthError(ClientAuthErrorCodes.noCryptoObject);\n }\n\n // Create a state object containing a unique id and the timestamp of the request creation\n const stateObj: LibraryStateObject = {\n id: cryptoObj.createNewGuid(),\n };\n\n if (meta) {\n stateObj.meta = meta;\n }\n\n const stateString = JSON.stringify(stateObj);\n\n return cryptoObj.base64Encode(stateString);\n }\n\n /**\n * Parses the state into the RequestStateObject, which contains the LibraryState info and the state passed by the user.\n * @param state\n * @param cryptoObj\n */\n static parseRequestState(\n cryptoObj: ICrypto,\n state: string\n ): RequestStateObject {\n if (!cryptoObj) {\n throw createClientAuthError(ClientAuthErrorCodes.noCryptoObject);\n }\n\n if (!state) {\n throw createClientAuthError(ClientAuthErrorCodes.invalidState);\n }\n\n try {\n // Split the state between library state and user passed state and decode them separately\n const splitState = state.split(Constants.RESOURCE_DELIM);\n const libraryState = splitState[0];\n const userState =\n splitState.length > 1\n ? splitState.slice(1).join(Constants.RESOURCE_DELIM)\n : Constants.EMPTY_STRING;\n const libraryStateString = cryptoObj.base64Decode(libraryState);\n const libraryStateObj = JSON.parse(\n libraryStateString\n ) as LibraryStateObject;\n return {\n userRequestState: userState || Constants.EMPTY_STRING,\n libraryState: libraryStateObj,\n };\n } catch (e) {\n throw createClientAuthError(ClientAuthErrorCodes.invalidState);\n }\n }\n}\n","/*\n * Copyright (c) Microsoft Corporation. All rights reserved.\n * Licensed under the MIT License.\n */\n\n/**\n * @hidden\n */\nexport class StringUtils {\n /**\n * Check if stringified object is empty\n * @param strObj\n */\n static isEmptyObj(strObj?: string): boolean {\n if (strObj) {\n try {\n const obj = JSON.parse(strObj);\n return Object.keys(obj).length === 0;\n } catch (e) {}\n }\n return true;\n }\n\n static startsWith(str: string, search: string): boolean {\n return str.indexOf(search) === 0;\n }\n\n static endsWith(str: string, search: string): boolean {\n return (\n str.length >= search.length &&\n str.lastIndexOf(search) === str.length - search.length\n );\n }\n\n /**\n * Parses string into an object.\n *\n * @param query\n */\n static queryStringToObject(query: string): T {\n const obj: {} = {};\n const params = query.split(\"&\");\n const decode = (s: string) => decodeURIComponent(s.replace(/\\+/g, \" \"));\n params.forEach((pair) => {\n if (pair.trim()) {\n const [key, value] = pair.split(/=(.+)/g, 2); // Split on the first occurence of the '=' character\n if (key && value) {\n obj[decode(key)] = decode(value);\n }\n }\n });\n return obj as T;\n }\n\n /**\n * Trims entries in an array.\n *\n * @param arr\n */\n static trimArrayEntries(arr: Array): Array {\n return arr.map((entry) => entry.trim());\n }\n\n /**\n * Removes empty strings from array\n * @param arr\n */\n static removeEmptyStringsFromArray(arr: Array): Array {\n return arr.filter((entry) => {\n return !!entry;\n });\n }\n\n /**\n * Attempts to parse a string into JSON\n * @param str\n */\n static jsonParseHelper(str: string): T | null {\n try {\n return JSON.parse(str) as T;\n } catch (e) {\n return null;\n }\n }\n\n /**\n * Tests if a given string matches a given pattern, with support for wildcards and queries.\n * @param pattern Wildcard pattern to string match. Supports \"*\" for wildcards and \"?\" for queries\n * @param input String to match against\n */\n static matchPattern(pattern: string, input: string): boolean {\n /**\n * Wildcard support: https://stackoverflow.com/a/3117248/4888559\n * Queries: replaces \"?\" in string with escaped \"\\?\" for regex test\n */\n // eslint-disable-next-line security/detect-non-literal-regexp\n const regex: RegExp = new RegExp(\n pattern\n .replace(/\\\\/g, \"\\\\\\\\\")\n .replace(/\\*/g, \"[^ ]*\")\n .replace(/\\?/g, \"\\\\?\")\n );\n\n return regex.test(input);\n }\n}\n","/*\n * Copyright (c) Microsoft Corporation. All rights reserved.\n * Licensed under the MIT License.\n */\n\n/**\n * Utility functions for managing date and time operations.\n */\n\n/**\n * return the current time in Unix time (seconds).\n */\nexport function nowSeconds(): number {\n // Date.getTime() returns in milliseconds.\n return Math.round(new Date().getTime() / 1000.0);\n}\n\n/**\n * check if a token is expired based on given UTC time in seconds.\n * @param expiresOn\n */\nexport function isTokenExpired(expiresOn: string, offset: number): boolean {\n // check for access token expiry\n const expirationSec = Number(expiresOn) || 0;\n const offsetCurrentTimeSec = nowSeconds() + offset;\n\n // If current time + offset is greater than token expiration time, then token is expired.\n return offsetCurrentTimeSec > expirationSec;\n}\n\n/**\n * If the current time is earlier than the time that a token was cached at, we must discard the token\n * i.e. The system clock was turned back after acquiring the cached token\n * @param cachedAt\n * @param offset\n */\nexport function wasClockTurnedBack(cachedAt: string): boolean {\n const cachedAtSec = Number(cachedAt);\n\n return cachedAtSec > nowSeconds();\n}\n\n/**\n * Waits for t number of milliseconds\n * @param t number\n * @param value T\n */\nexport function delay(t: number, value?: T): Promise {\n return new Promise((resolve) => setTimeout(() => resolve(value), t));\n}\n","/*\n * Copyright (c) Microsoft Corporation. All rights reserved.\n * Licensed under the MIT License.\n */\n\nimport { ServerAuthorizationCodeResponse } from \"../response/ServerAuthorizationCodeResponse.js\";\nimport {\n ClientAuthErrorCodes,\n createClientAuthError,\n} from \"../error/ClientAuthError.js\";\n\n/**\n * Parses hash string from given string. Returns empty string if no hash symbol is found.\n * @param hashString\n */\nexport function stripLeadingHashOrQuery(responseString: string): string {\n if (responseString.startsWith(\"#/\")) {\n return responseString.substring(2);\n } else if (\n responseString.startsWith(\"#\") ||\n responseString.startsWith(\"?\")\n ) {\n return responseString.substring(1);\n }\n\n return responseString;\n}\n\n/**\n * Returns URL hash as server auth code response object.\n */\nexport function getDeserializedResponse(\n responseString: string\n): ServerAuthorizationCodeResponse | null {\n // Check if given hash is empty\n if (!responseString || responseString.indexOf(\"=\") < 0) {\n return null;\n }\n try {\n // Strip the # or ? symbol if present\n const normalizedResponse = stripLeadingHashOrQuery(responseString);\n // If # symbol was not present, above will return empty string, so give original hash value\n const deserializedHash: ServerAuthorizationCodeResponse =\n Object.fromEntries(new URLSearchParams(normalizedResponse));\n\n // Check for known response properties\n if (\n deserializedHash.code ||\n deserializedHash.error ||\n deserializedHash.error_description ||\n deserializedHash.state\n ) {\n return deserializedHash;\n }\n } catch (e) {\n throw createClientAuthError(ClientAuthErrorCodes.hashNotDeserialized);\n }\n\n return null;\n}\n"],"names":["name","version","RequestParameterBuilder","constructor","correlationId","performanceClient","this","parameters","Map","addResponseTypeCode","set","RESPONSE_TYPE","encodeURIComponent","Constants","CODE_RESPONSE_TYPE","addResponseTypeForTokenAndIdToken","concat","TOKEN_RESPONSE_TYPE","ID_TOKEN_RESPONSE_TYPE","addResponseMode","responseMode","RESPONSE_MODE","ResponseMode","QUERY","addNativeBroker","NATIVE_BROKER","addScopes","scopes","addOidcScopes","arguments","length","undefined","defaultScopes","OIDC_DEFAULT_SCOPES","includes","push","requestScopes","scopeSet","ScopeSet","SCOPE","printScopes","addClientId","clientId","CLIENT_ID","addRedirectUri","redirectUri","RequestValidator","validateRedirectUri","REDIRECT_URI","addPostLogoutRedirectUri","POST_LOGOUT_URI","addIdTokenHint","idTokenHint","ID_TOKEN_HINT","addDomainHint","domainHint","DOMAIN_HINT","addLoginHint","loginHint","LOGIN_HINT","addCcsUpn","HeaderNames","CCS_HEADER","addCcsOid","clientInfo","uid","utid","addSid","sid","SID","addClaims","claims","clientCapabilities","mergedClaims","addClientCapabilitiesToClaims","validateClaims","CLAIMS","addCorrelationId","CLIENT_REQUEST_ID","addLibraryInfo","libraryInfo","X_CLIENT_SKU","sku","X_CLIENT_VER","os","X_CLIENT_OS","cpu","X_CLIENT_CPU","addApplicationTelemetry","appTelemetry","appName","X_APP_NAME","appVersion","X_APP_VER","addPrompt","prompt","validatePrompt","PROMPT","addState","state","STATE","addNonce","nonce","NONCE","addCodeChallengeParams","codeChallenge","codeChallengeMethod","validateCodeChallengeParams","createClientConfigurationError","pkceParamsMissing","CODE_CHALLENGE","CODE_CHALLENGE_METHOD","addAuthorizationCode","code","CODE","addDeviceCode","DEVICE_CODE","addRefreshToken","refreshToken","REFRESH_TOKEN","addCodeVerifier","codeVerifier","CODE_VERIFIER","addClientSecret","clientSecret","CLIENT_SECRET","addClientAssertion","clientAssertion","CLIENT_ASSERTION","addClientAssertionType","clientAssertionType","CLIENT_ASSERTION_TYPE","addOboAssertion","oboAssertion","OBO_ASSERTION","addRequestTokenUse","tokenUse","REQUESTED_TOKEN_USE","addGrantType","grantType","GRANT_TYPE","addClientInfo","CLIENT_INFO","addExtraQueryParameters","eQParams","Object","entries","forEach","_ref","key","value","has","JSON","parse","e","invalidClaims","hasOwnProperty","ClaimsRequestKeys","ACCESS_TOKEN","XMS_CC","values","stringify","addUsername","username","PasswordGrantConstants","addPassword","password","addPopToken","cnfString","TOKEN_TYPE","AuthenticationScheme","POP","REQ_CNF","addSshJwk","sshJwkString","SSH","addServerTelemetry","serverTelemetryManager","X_CLIENT_CURR_TELEM","generateCurrentRequestHeaderValue","X_CLIENT_LAST_TELEM","generateLastRequestHeaderValue","addThrottling","X_MS_LIB_CAPABILITY","ThrottlingConstants","X_MS_LIB_CAPABILITY_VALUE","addLogoutHint","logoutHint","LOGOUT_HINT","addBrokerParameters","params","brokerParams","BROKER_CLIENT_ID","brokerClientId","BROKER_REDIRECT_URI","brokerRedirectUri","createQueryString","queryParameterArray","Array","get","addFields","embeddedClientId","embeddedRedirectUri","instrumentBrokerParams","join","redirectUriEmpty","promptValues","PromptValue","indexOf","invalidPromptValue","validateCodeChallengeMethod","CodeChallengeMethodValues","PLAIN","S256","invalidCodeChallengeMethod","inputScopes","scopeArr","StringUtils","trimArrayEntries","filteredInput","removeEmptyStringsFromArray","validateInputScopes","Set","scope","add","fromString","inputScopeString","EMPTY_STRING","split","createSearchScopes","containsOnlyOIDCScopes","removeScope","OFFLINE_ACCESS_SCOPE","removeOIDCScopes","emptyInputScopesError","containsScope","lowerCaseScopes","printScopesLowerCase","lowerCaseScopesSet","toLowerCase","containsScopeSet","size","asArray","every","defaultScopeCount","OIDC_SCOPES","defaultScope","appendScope","newScope","trim","appendScopes","newScopes","createClientAuthError","cannotAppendScopeSet","cannotRemoveEmptyScope","delete","unionScopeSets","otherScopes","emptyInputScopeSet","unionScopes","intersectingScopeSets","sizeOtherScopes","getScopeCount","sizeThisScopes","array","val","ResponseHandler","cacheStorage","cryptoObj","logger","serializableCache","persistencePlugin","validateServerAuthorizationCodeResponse","serverResponse","requestState","stateNotFound","decodedServerResponseState","decodedRequestState","decodeURIComponent","invalidState","stateMismatch","error","error_description","suberror","serverErrorNo","_serverResponse$error","_serverResponse$error2","errorCodePrefix","errorCodePrefixIndex","error_uri","lastIndexOf","substring","parseServerErrorNo","isInteractionRequiredError","InteractionRequiredAuthError","timestamp","trace_id","correlation_id","ServerError","validateTokenResponse","refreshAccessToken","_serverResponse$error3","errString","error_codes","NOT_AVAILABLE","serverError","status","HttpStatus","SERVER_ERROR_RANGE_START","SERVER_ERROR_RANGE_END","warning","CLIENT_ERROR_RANGE_START","CLIENT_ERROR_RANGE_END","handleServerTokenResponse","serverTokenResponse","authority","reqTimestamp","request","authCodePayload","userAssertionHash","handlingRefreshTokenResponse","forceCacheRefreshTokenResponse","serverRequestId","_this$performanceClie","idTokenClaims","requestStateObj","addQueueMeasurement","PerformanceEvents","HandleServerTokenResponse","id_token","extractTokenClaims","base64Decode","nonceMismatch","maxAge","authTime","auth_time","authTimeNotFound","checkMaxAge","homeAccountIdentifier","AccountEntity","generateHomeAccountId","client_info","authorityType","ProtocolUtils","parseRequestState","key_id","sshKid","cacheRecord","generateCacheRecord","cacheContext","verbose","TokenCacheContext","beforeCacheAccess","account","generateAccountKey","getAccount","generateAuthenticationResult","saveCacheRecord","storeInCache","afterCacheAccess","env","getPreferredCache","invalidCacheEnvironment","claimsTenantId","getTenantIdFromIdTokenClaims","cachedIdToken","cachedAccount","createIdTokenEntity","buildAccountToCache","cachedAccessToken","access_token","responseScopes","expiresIn","expires_in","parseInt","extExpiresIn","ext_expires_in","refreshIn","refresh_in","tokenExpirationSeconds","extendedTokenExpirationSeconds","refreshOnSeconds","createAccessTokenEntity","tenant","token_type","requestedClaimsHash","cachedRefreshToken","refresh_token","rtExpiresOn","refresh_token_expires_in","createRefreshTokenEntity","foci","cachedAppMetadata","environment","familyId","idToken","accessToken","appMetadata","fromTokenCache","requestId","_cacheRecord$idToken","_cacheRecord$idToken2","_cacheRecord$accessTo","_cacheRecord$account","_cacheRecord$account2","extExpiresOn","refreshOn","expiresOn","tokenType","popKid","secret","popTokenGenerator","PopTokenGenerator","keyId","keyIdMissing","signPopToken","target","Date","Number","extendedExpiresOn","THE_FAMILY_ID","oid","sub","tid","spa_accountid","nativeAccountId","accountInfo","updateAccountTenantProfileData","getAccountInfo","canonicalAuthority","uniqueId","tenantId","fromCache","userRequestState","cloudGraphHostName","msGraphHost","spa_code","fromNativeBroker","homeAccountId","baseAccountKey","getAccountKeys","find","accountKey","startsWith","baseAccount","createAccount","cloud_graph_host_name","msgraph_host","tenantProfiles","realm","tenantProfile","newTenantProfile","buildTenantProfile","localAccountId","addError","event","_event$errorStack","_error$stack","stackMaxSize","Error","AuthError","errorCode","subErrorCode","subError","errorNo","CacheError","errorStack","trace","stack","stackArr","res","firstLine","endsWith","compactStackLine","replace","ix","line","compactStack","errorName","filePathIx","filePath","fileNameIx","charAt","trimStart","PerformanceClient","libraryName","libraryVersion","applicationTelemetry","intFields","abbreviations","callbacks","eventsByCorrelationId","eventStack","queueMeasurements","preQueueTimeByCorrelationId","item","IntFields","PerformanceEventAbbreviations","startPerformanceMeasurement","measureName","getPreQueueTime","eventName","preQueueEvent","time","calculateQueuedTime","preQueueTime","currentTime","queueTime","manuallyCompleted","queueMeasurement","existingMeasurements","measurementArray","startMeasurement","_this$applicationTele","_this$applicationTele2","eventCorrelationId","generateId","info","inProgressEvent","eventId","PerformanceEventStatus","InProgress","startTimeMs","now","cacheEventByCorrelationId","end","endMeasurement","_objectSpread","discard","discardMeasurements","fields","increment","incrementFields","measurement","StubPerformanceMeasurement","_finalEvent$incomplet","rootEvent","isRoot","queueInfo","totalQueueTime","totalQueueCount","manuallyCompletedCount","durationMs","Math","round","getDurationMs","context","peek","abbrEventName","top","current","pop","subErr","childErr","err","dur","success","fail","parent","childName","siblings","keys","filter","endContext","_rootEvent$incomplete","getQueueInfo","incompleteSubMeasurements","floor","finalEvent","incompleteSubsCount","subMeasurement","queuedTimeMs","queuedCount","queuedManuallyCompletedCount","Completed","truncateIntegralFields","emitEvents","counter","isNaN","queueMeasurementForCorrelationId","addPerformanceCallback","callback","id","cb","toString","callbackId","removePerformanceCallback","result","events","apply","AcquireTokenByCode","AcquireTokenByRefreshToken","AcquireTokenSilent","AcquireTokenSilentAsync","AcquireTokenPopup","AcquireTokenPreRedirect","AcquireTokenRedirect","CryptoOptsGetPublicKeyThumbprint","CryptoOptsSignJwt","SilentCacheClientAcquireToken","SilentIframeClientAcquireToken","AwaitConcurrentIframe","SilentRefreshClientAcquireToken","SsoSilent","StandardInteractionClientGetDiscoveredAuthority","FetchAccountIdWithNativeBroker","NativeInteractionClientAcquireToken","BaseClientCreateTokenRequestHeaders","NetworkClientSendPostRequestAsync","RefreshTokenClientExecutePostToTokenEndpoint","AuthorizationCodeClientExecutePostToTokenEndpoint","BrokerHandhshake","AcquireTokenByRefreshTokenInBroker","AcquireTokenByBroker","RefreshTokenClientExecuteTokenRequest","RefreshTokenClientAcquireToken","RefreshTokenClientAcquireTokenWithCachedRefreshToken","RefreshTokenClientAcquireTokenByRefreshToken","RefreshTokenClientCreateTokenRequestBody","AcquireTokenFromCache","SilentFlowClientAcquireCachedToken","SilentFlowClientGenerateResultFromCacheRecord","AcquireTokenBySilentIframe","InitializeBaseRequest","InitializeSilentRequest","InitializeClientApplication","SilentIframeClientTokenHelper","SilentHandlerInitiateAuthRequest","SilentHandlerMonitorIframeForHash","SilentHandlerLoadFrame","SilentHandlerLoadFrameSync","StandardInteractionClientCreateAuthCodeClient","StandardInteractionClientGetClientConfiguration","StandardInteractionClientInitializeAuthorizationRequest","StandardInteractionClientInitializeAuthorizationCodeRequest","GetAuthCodeUrl","HandleCodeResponseFromServer","HandleCodeResponse","UpdateTokenEndpointAuthority","AuthClientAcquireToken","AuthClientExecuteTokenRequest","AuthClientCreateTokenRequestBody","AuthClientCreateQueryString","PopTokenGenerateCnf","PopTokenGenerateKid","DeserializeResponse","AuthorityFactoryCreateDiscoveredInstance","AuthorityResolveEndpointsAsync","AuthorityResolveEndpointsFromLocalSources","AuthorityGetCloudDiscoveryMetadataFromNetwork","AuthorityUpdateCloudDiscoveryMetadata","AuthorityGetEndpointMetadataFromNetwork","AuthorityUpdateEndpointMetadata","AuthorityUpdateMetadataWithRegionalInformation","RegionDiscoveryDetectRegion","RegionDiscoveryGetRegionFromIMDS","RegionDiscoveryGetCurrentVersion","AcquireTokenByCodeAsync","GetEndpointMetadataFromNetwork","GetCloudDiscoveryMetadataFromNetworkMeasurement","HandleRedirectPromiseMeasurement","HandleNativeRedirectPromiseMeasurement","UpdateCloudDiscoveryMetadataMeasurement","UsernamePasswordClientAcquireToken","NativeMessageHandlerHandshake","NativeGenerateAuthResult","RemoveHiddenIframe","ClearTokensAndKeysWithClaims","CacheManagerGetRefreshToken","GeneratePkceCodes","GenerateCodeVerifier","GenerateCodeChallengeFromVerifier","Sha256Digest","GetRandomValues","NotStarted","flushMeasurement","StubPerformanceClient","setPreQueueTime","makeExtraSkuString","skus","extensionName","extensionVersion","skuMap","skuArr","from","_value$","_value$2","index","skuName","skuVersion","setSku","ServerTelemetryManager","telemetryRequest","cacheManager","cacheOutcome","CacheOutcome","NOT_APPLICABLE","apiId","wrapperSKU","wrapperVer","telemetryCacheKey","SERVER_TELEM_CONSTANTS","CACHE_KEY","Separators","CACHE_KEY_SEPARATOR","VALUE_SEPARATOR","platformFieldsArr","nativeBrokerErrorCode","getNativeBrokerErrorCode","platformFields","requestWithRegionDiscoveryFields","getRegionDiscoveryFields","SCHEMA_VERSION","CATEGORY_SEPARATOR","lastRequests","getLastRequests","maxErrors","maxErrorsToSend","failedRequests","slice","errors","errorCount","OVERFLOW_TRUE","OVERFLOW_FALSE","cacheHits","cacheFailedRequest","MAX_CACHED_ERRORS","shift","UNKNOWN_ERROR","setServerTelemetry","incrementCacheHits","getServerTelemetry","clearTelemetryCache","numErrorsFlushed","removeItem","serverTelemEntity","serverTelemetryEntity","i","dataSize","MAX_LAST_HEADER_BYTES","regionDiscoveryFields","regionUsed","regionSource","regionOutcome","updateRegionDiscoveryMetadata","regionDiscoveryMetadata","region_used","region_source","region_outcome","setCacheOutcome","setNativeBrokerErrorCode","clearNativeBrokerErrorCode","UrlString","urlString","_urlString","url","urlEmptyError","canonicalizeUri","lowerCaseUrl","validateAsUri","components","getUrlComponents","urlParseError","HostNameAndPort","PathSegments","Protocol","authorityUriInsecure","appendQueryString","queryString","removeHashFromUrl","replaceTenantPath","urlObject","pathArray","AADAuthorityConstants","COMMON","ORGANIZATIONS","constructAuthorityUriFromObject","regEx","RegExp","match","urlComponents","AbsolutePath","QueryString","pathSegments","getDomainFromUrl","getAbsoluteUrl","relativeUrl","baseUrl","FORWARD_SLASH","baseComponents","hashContainsKnownProperties","response","getDeserializedResponse","async","getClientAssertion","tokenEndpoint","LIBRARY_NAME","SKU","CACHE_PREFIX","DEFAULT_AUTHORITY","DEFAULT_AUTHORITY_HOST","DEFAULT_COMMON_TENANT","ADFS","DSTS","AAD_INSTANCE_DISCOVERY_ENDPT","CIAM_AUTH_URL","AAD_TENANT_DOMAIN_SUFFIX","RESOURCE_DELIM","NO_ACCOUNT","CONSUMER_UTID","OPENID_SCOPE","PROFILE_SCOPE","EMAIL_SCOPE","CODE_GRANT_TYPE","RT_GRANT_TYPE","FRAGMENT_RESPONSE_MODE","S256_CODE_CHALLENGE_METHOD","URL_FORM_CONTENT_TYPE","AUTHORIZATION_PENDING","NOT_DEFINED","IMDS_ENDPOINT","IMDS_VERSION","IMDS_TIMEOUT","AZURE_REGION_AUTO_DISCOVER_FLAG","REGIONAL_AUTH_PUBLIC_CLOUD_SUFFIX","KNOWN_PUBLIC_CLOUDS","SHR_NONCE_VALIDITY","INVALID_INSTANCE","SUCCESS","SUCCESS_RANGE_START","SUCCESS_RANGE_END","REDIRECT","CLIENT_ERROR","BAD_REQUEST","UNAUTHORIZED","NOT_FOUND","REQUEST_TIMEOUT","TOO_MANY_REQUESTS","SERVER_ERROR","SERVICE_UNAVAILABLE","GATEWAY_TIMEOUT","MULTI_SIDED_ERROR","CONTENT_TYPE","CONTENT_LENGTH","RETRY_AFTER","WWWAuthenticate","AuthenticationInfo","X_MS_REQUEST_ID","X_MS_HTTP_VERSION","PersistentCacheKeys","ID_TOKEN","ADAL_ID_TOKEN","ERROR","ERROR_DESC","ACTIVE_ACCOUNT","ACTIVE_ACCOUNT_FILTERS","CONSUMERS","LOGIN","SELECT_ACCOUNT","CONSENT","NONE","CREATE","NO_SESSION","ServerResponseType","FRAGMENT","FORM_POST","GrantType","IMPLICIT_GRANT","AUTHORIZATION_CODE_GRANT","CLIENT_CREDENTIALS_GRANT","RESOURCE_OWNER_PASSWORD_GRANT","REFRESH_TOKEN_GRANT","DEVICE_CODE_GRANT","JWT_BEARER","CacheAccountType","MSSTS_ACCOUNT_TYPE","ADFS_ACCOUNT_TYPE","MSAV1_ACCOUNT_TYPE","GENERIC_ACCOUNT_TYPE","CLIENT_INFO_SEPARATOR","CredentialType","ACCESS_TOKEN_WITH_AUTH_SCHEME","APP_METADATA","AUTHORITY_METADATA_CONSTANTS","REFRESH_TIME_SECONDS","AuthorityMetadataSource","CONFIG","CACHE","NETWORK","HARDCODED_VALUES","MAX_CUR_HEADER_BYTES","BEARER","DEFAULT_THROTTLE_TIME_SECONDS","DEFAULT_MAX_THROTTLE_TIME_SECONDS","THROTTLING_PREFIX","Errors","INVALID_GRANT_ERROR","CLIENT_MISMATCH_ERROR","ResponseCodes","httpSuccess","httpBadRequest","RegionDiscoverySources","FAILED_AUTO_DETECTION","INTERNAL_CACHE","ENVIRONMENT_VARIABLE","IMDS","RegionDiscoveryOutcomes","CONFIGURED_MATCHES_DETECTED","CONFIGURED_NO_AUTO_DETECTION","CONFIGURED_NOT_DETECTED","AUTO_DETECTION_REQUESTED_SUCCESSFUL","AUTO_DETECTION_REQUESTED_FAILED","FORCE_REFRESH_OR_CLAIMS","NO_CACHED_ACCESS_TOKEN","CACHED_ACCESS_TOKEN_EXPIRED","PROACTIVELY_REFRESHED","JsonWebTokenTypes","Jwt","Jwk","Pop","DEFAULT_TOKEN_RENEWAL_OFFSET_SEC","invoke","telemetryClient","eventCount","invokeAsync","then","catch","setRequestState","userState","meta","libraryState","generateLibraryState","noCryptoObject","stateObj","createNewGuid","stateString","base64Encode","splitState","libraryStateString","libraryStateObj","isEmptyObj","strObj","obj","str","search","queryStringToObject","query","decode","s","pair","arr","map","entry","jsonParseHelper","matchPattern","pattern","input","test","nowSeconds","getTime","isTokenExpired","offset","expirationSec","wasClockTurnedBack","cachedAt","delay","t","Promise","resolve","setTimeout","stripLeadingHashOrQuery","responseString","normalizedResponse","deserializedHash","fromEntries","URLSearchParams","hashNotDeserialized"],"sourceRoot":""}