diff --git a/CHANGELOG.md b/CHANGELOG.md index e271f0d..159c006 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,2 +1,9 @@ +## [0.0.2](https://github.com/ayZagen/secure-cookie/compare/v0.0.1...v0.0.2) (2021-09-20) + + +### Bug Fixes + +* padding ignored for encryption without iv ([703af9a](https://github.com/ayZagen/secure-cookie/commit/703af9aa9e2aaa5d5df96a832a2360e4c3a738fd)) + ## 0.0.1 (2021-09-20) diff --git a/dist/index.cjs b/dist/index.cjs index 0f63a71..ea19867 100644 --- a/dist/index.cjs +++ b/dist/index.cjs @@ -1,5 +1,5 @@ /*! - * secure-cookie v0.0.1 + * secure-cookie v0.0.2 * (c) Ismail H. Ayaz * Released under the MIT License. */ @@ -233,10 +233,12 @@ var KeyStore = /** @class */ (function () { if (typeof authTag === "string") { authTag = Buffer.from(authTag, encoding); } - if (!iv) { - iv = dataBuff.slice(0, cipherInfo.ivLength); + if (cipherInfo.ivLength !== undefined) { + if (!iv) { + iv = dataBuff.slice(0, cipherInfo.ivLength); + } + dataBuff = dataBuff.slice(cipherInfo.ivLength, dataBuff.length); } - dataBuff = dataBuff.slice(cipherInfo.ivLength, dataBuff.length); if (AUTH_TAG_REQUIRED.test(algorithm)) { if (!authTag) { authTag = dataBuff.slice(0, authTagLength); @@ -252,19 +254,20 @@ var KeyStore = /** @class */ (function () { }; KeyStore.doDecrypt = function (data, options) { var algorithm = options.algorithm, key = options.key, iv = options.iv, authTagLength = options.authTagLength, authTag = options.authTag; - var decipher = crypto__default['default'].createDecipheriv(algorithm, key, iv, { authTagLength: authTagLength }); + var decipher = crypto__default['default'].createDecipheriv(algorithm, key, iv || null, { authTagLength: authTagLength }); if (authTag) { decipher.setAuthTag(authTag); } var plainText = decipher.update(data); + var final; try { - decipher.final(); + final = decipher.final(); } - catch (_a) { + catch (e) { // authentication failed return null; } - return plainText.toString('utf-8'); + return Buffer.concat([plainText, final]).toString('utf-8'); }; KeyStore.prototype.sign = function (data, key) { if (!data) { @@ -380,8 +383,8 @@ var Cookies = /** @class */ (function () { } var cookie = new Cookie(name, value, opts); var signed = opts && opts.signed !== undefined ? opts.signed : this.signed; + /* istanbul ignore next */ if (typeof headers == 'string') { - /* istanbul ignore next */ headers = [headers]; } if (!secure && opts && opts.secure) { diff --git a/dist/index.cjs.map b/dist/index.cjs.map index 5ce2092..dedbe4c 100644 --- a/dist/index.cjs.map +++ b/dist/index.cjs.map @@ -1 +1 @@ -{"version":3,"file":"index.cjs","sources":["../src/cookie.ts","../src/ciphers.ts","../src/keystore.ts","../src/cookies.ts"],"sourcesContent":["// eslint-disable-next-line no-control-regex\nconst fieldContentRegExp = /^[\\u0009\\u0020-\\u007e\\u0080-\\u00ff]+$/;\nconst SAME_SITE_REGEXP = /^(?:lax|none|strict)$/i;\n\nexport interface CookieAttrs {\n /**\n * a `Date` object indicating the cookie's expiration date (expires at the end of session by default).\n */\n expires?: Date;\n /**\n * a number representing the milliseconds from `Date.now()` for expiry\n */\n maxAge?: number | null;\n /**\n * a boolean or string indicating whether the cookie is a \"same site\" cookie (`false` by default). This can be set to `'strict'`, `'lax'`, `'none'`, or `true` (which maps to `'strict'`).\n */\n sameSite?: 'lax' | 'none' | 'strict' | boolean;\n /**\n * a string indicating the path of the cookie (`/` by default).\n */\n path?: string;\n /**\n * a string indicating the domain of the cookie (no default).\n */\n domain?: string;\n /**\n * a boolean indicating whether the cookie is only to be sent over HTTPS (`false` by default for HTTP, `true` by default for HTTPS).\n */\n secure?: boolean | undefined;\n /**\n * a boolean indicating whether the cookie is only to be sent over HTTP(S), and not made available to client JavaScript (`true` by default).\n */\n httpOnly?: boolean;\n /**\n * a boolean indicating whether to overwrite previously set cookies of the same name (`false` by default). If this is true, all cookies set during the same request with the same name (regardless of path or domain) are filtered out of the Set-Cookie header when setting this cookie.\n */\n overwrite?: boolean;\n}\n\nexport class Cookie implements CookieAttrs {\n name: string;\n value: string;\n domain?: string;\n path = '/';\n sameSite?: CookieAttrs['sameSite'] = false;\n secure = false;\n httpOnly = true;\n overwrite = false;\n expires?: Date;\n maxAge?: number | null;\n\n constructor(name: string, value: string | null, attrs?: CookieAttrs) {\n if (!fieldContentRegExp.test(name)) {\n throw new TypeError('argument name is invalid');\n }\n\n if (value && !fieldContentRegExp.test(value)) {\n throw new TypeError('argument value is invalid');\n }\n\n this.name = name;\n this.value = value || '';\n\n Object.assign(this, attrs)\n\n if (!this.value) {\n this.expires = new Date(0);\n this.maxAge = null;\n }\n\n if (this.path && !fieldContentRegExp.test(this.path)) {\n throw new TypeError('option path is invalid');\n }\n\n if (this.domain && !fieldContentRegExp.test(this.domain)) {\n throw new TypeError('option domain is invalid');\n }\n\n if (this.sameSite && this.sameSite !== true && !SAME_SITE_REGEXP.test(this.sameSite)) {\n throw new TypeError('option sameSite is invalid');\n }\n }\n\n toString() {\n return `${this.name}=${this.value}`;\n }\n\n get header() {\n let header = this.toString();\n\n if (this.maxAge) {\n this.expires = new Date(Date.now() + this.maxAge);\n }\n\n if (this.path) {\n header += `; path=${this.path}`;\n }\n if (this.expires) {\n header += `; expires=${this.expires.toUTCString()}`;\n }\n if (this.domain) {\n header += `; domain=${this.domain}`;\n }\n if (this.sameSite) {\n header += `; samesite=${this.sameSite === true ? 'strict' : this.sameSite.toLowerCase()}`;\n }\n if (this.secure) {\n header += '; secure';\n }\n if (this.httpOnly) {\n header += '; httponly';\n }\n\n return header;\n }\n\n}\n","export const CIPHER_INFO = {\n 'aes-128-cbc': { ivLength: 16, keyLength: 16 },\n 'aes-128-cbc-hmac-sha1': { ivLength: 16, keyLength: 16 },\n 'aes-128-cbc-hmac-sha256': { ivLength: 16, keyLength: 16 },\n 'aes-128-cfb': { ivLength: 16, keyLength: 16 },\n 'aes-128-cfb1': { ivLength: 16, keyLength: 16 },\n 'aes-128-cfb8': { ivLength: 16, keyLength: 16 },\n 'aes-128-ctr': { ivLength: 16, keyLength: 16 },\n 'aes-128-ecb': { ivLength: undefined, keyLength: 16 },\n 'aes-128-ocb': { ivLength: 12, keyLength: 16 },\n 'aes-128-ofb': { ivLength: 16, keyLength: 16 },\n 'aes-128-xts': { ivLength: 16, keyLength: 32 },\n 'aes-192-cbc': { ivLength: 16, keyLength: 24 },\n 'aes-192-cfb': { ivLength: 16, keyLength: 24 },\n 'aes-192-cfb1': { ivLength: 16, keyLength: 24 },\n 'aes-192-cfb8': { ivLength: 16, keyLength: 24 },\n 'aes-192-ctr': { ivLength: 16, keyLength: 24 },\n 'aes-192-ecb': { ivLength: undefined, keyLength: 24 },\n 'aes-192-ocb': { ivLength: 12, keyLength: 24 },\n 'aes-192-ofb': { ivLength: 16, keyLength: 24 },\n 'aes-256-cbc': { ivLength: 16, keyLength: 32 },\n 'aes-256-cbc-hmac-sha1': { ivLength: 16, keyLength: 32 },\n 'aes-256-cbc-hmac-sha256': { ivLength: 16, keyLength: 32 },\n 'aes-256-cfb': { ivLength: 16, keyLength: 32 },\n 'aes-256-cfb1': { ivLength: 16, keyLength: 32 },\n 'aes-256-cfb8': { ivLength: 16, keyLength: 32 },\n 'aes-256-ctr': { ivLength: 16, keyLength: 32 },\n 'aes-256-ecb': { ivLength: undefined, keyLength: 32 },\n 'aes-256-ocb': { ivLength: 12, keyLength: 32 },\n 'aes-256-ofb': { ivLength: 16, keyLength: 32 },\n 'aes-256-xts': { ivLength: 16, keyLength: 64 },\n 'aes-128-ccm': { ivLength: 12, keyLength: 16 },\n 'aes-128-gcm': { ivLength: 12, keyLength: 16 },\n 'aes-192-ccm': { ivLength: 12, keyLength: 24 },\n 'aes-192-gcm': { ivLength: 12, keyLength: 24 },\n 'aes-256-ccm': { ivLength: 12, keyLength: 32 },\n 'aes-256-gcm': { ivLength: 12, keyLength: 32 },\n 'id-aes128-ccm': { ivLength: 12, keyLength: 16 },\n 'id-aes128-gcm': { ivLength: 12, keyLength: 16 },\n 'id-aes192-ccm': { ivLength: 12, keyLength: 24 },\n 'id-aes192-gcm': { ivLength: 12, keyLength: 24 },\n 'id-aes256-ccm': { ivLength: 12, keyLength: 32 },\n 'id-aes256-gcm': { ivLength: 12, keyLength: 32 },\n} as const\n","/* eslint-disable @typescript-eslint/ban-ts-comment */\nimport compare from 'tsscmp'\n\nimport crypto, {BinaryToTextEncoding, CipherKey, Encoding} from \"crypto\";\nimport {CIPHER_INFO} from \"./ciphers\";\nimport type {Partial} from \"rollup-plugin-typescript2/dist/partial\";\n\nexport interface KeyStoreOpts {\n signing?: {\n keys: string[],\n algorithm?: string | 'blake2b512' | 'blake2s256' | 'gost' | 'md4' | 'md5' | 'rmd160' | 'sha1' | 'sha224'\n | 'sha256' | 'sha3-224' | 'sha3-256' | 'sha3-384' | 'sha3-512' | 'sha384' | 'sha512' | 'sha512-224'\n | 'sha512-256' | 'shake128' | 'shake256' | 'sm3';\n encoding?: BinaryToTextEncoding\n },\n encryption?: {\n keys: string[] | CipherKey[],\n algorithm?: keyof typeof CIPHER_INFO | string,\n encoding?: Encoding\n authTagLength?: number\n }\n}\n\ntype EncryptOptions = Required & { key?: string | undefined }\ntype DecryptOptions = Required & {\n key?: string | CipherKey | undefined,\n iv?: string | Buffer | undefined,\n authTag?: string | Buffer | undefined\n}\n\nconst AUTH_TAG_REQUIRED = /-(gcm|ccm)/\n\nexport class KeyStore {\n encryption: Required>;\n signing: Required>;\n\n static cipherInfo = CIPHER_INFO as Record\n\n constructor(opts?: KeyStoreOpts) {\n opts = opts || {}\n if (opts.encryption) {\n if (!Array.isArray(opts.encryption.keys) || opts.encryption.keys.length === 0) {\n throw new Error(\"keys are required for encryption\")\n }\n }\n if (opts.signing) {\n if (!Array.isArray(opts.signing.keys) || opts.signing.keys.length === 0) {\n throw new Error(\"keys are required for signing\")\n }\n }\n this.encryption = Object.assign({\n algorithm: 'aes-192-ccm',\n authTagLength: 16,\n encoding: 'hex', keys: []\n }, opts.encryption || {} as any)\n\n this.signing = Object.assign({encoding: 'base64', algorithm: 'sha1', keys: []}, opts.signing || {} as any)\n\n }\n\n encrypt(data?: null, options?: Partial): null\n encrypt(data: string | Buffer, options?: Partial): string\n encrypt(data?: string | Buffer | null, options?: Partial): string | null {\n if (!data) {\n return null\n }\n const {\n keys,\n algorithm,\n encoding,\n authTagLength,\n key\n }: EncryptOptions = options ? Object.assign({}, this.encryption, options) : this.encryption\n\n const secret = key || keys[0]\n\n if (!secret) {\n throw new Error(\"no key found\")\n }\n\n const cipherInfo = KeyStore.cipherInfo[algorithm]\n if (!cipherInfo) {\n throw new Error(\"unsupported cipher\")\n }\n\n const iv = cipherInfo.ivLength ? crypto.randomBytes(cipherInfo.ivLength) : null;\n const dataBuff = typeof data === \"string\" ? Buffer.from(data, 'utf-8') : data\n\n const cipher = crypto.createCipheriv(algorithm as any, secret, iv, {authTagLength})\n\n const text = cipher.update(dataBuff);\n const pad = cipher.final();\n let authTag: Buffer | undefined;\n if (AUTH_TAG_REQUIRED.test(algorithm)) {\n authTag = cipher.getAuthTag();\n }\n\n return Buffer.concat([\n ...iv ? [iv] : [],\n ...authTag ? [authTag] : [],\n text,\n pad\n ]).toString(encoding)\n }\n\n decrypt(data?: null, options?: Partial): null\n decrypt(data: string | Buffer, options?: Partial): string\n decrypt(data?: string | Buffer | null, options?: Partial): string | null {\n if (!data) {\n return null\n }\n\n const finalOptions: DecryptOptions = options ? Object.assign({}, this.encryption, options) : this.encryption\n\n const {\n encoding,\n key,\n keys: defaultKeys,\n algorithm,\n authTagLength,\n } = finalOptions\n\n const keys = key ? [ key ] : defaultKeys\n if (keys.length === 0) {\n throw new Error(\"keys required for encrypted cookies\")\n }\n\n let {\n iv,\n authTag\n } = finalOptions\n\n let dataBuff = typeof data === \"string\" ? Buffer.from(data, encoding) : data\n\n const cipherInfo = KeyStore.cipherInfo[algorithm]\n if (!cipherInfo) {\n throw new Error(\"unsupported cipher\")\n }\n\n if (typeof iv === \"string\") {\n iv = Buffer.from(iv, encoding)\n }\n\n if (typeof authTag === \"string\") {\n authTag = Buffer.from(authTag, encoding)\n }\n\n if (!iv) {\n iv = dataBuff.slice(0, cipherInfo.ivLength)\n }\n dataBuff = dataBuff.slice(cipherInfo.ivLength, dataBuff.length)\n\n\n if (AUTH_TAG_REQUIRED.test(algorithm)) {\n if (!authTag) {\n authTag = dataBuff.slice(0, authTagLength)\n }\n dataBuff = dataBuff.slice(authTagLength, dataBuff.length)\n }\n\n for (let i = 0; i < keys.length; i++) {\n const message = KeyStore.doDecrypt(dataBuff, {...finalOptions, key: keys[i], iv, authTag,});\n if (message !== null) return message\n }\n return null\n }\n\n private static doDecrypt(data: Buffer, options: DecryptOptions): string | null {\n const {algorithm, key, iv, authTagLength, authTag} = options\n const decipher = crypto.createDecipheriv(algorithm as any, key!, iv as Buffer, {authTagLength});\n\n if (authTag) {\n decipher.setAuthTag(authTag as Buffer)\n }\n\n const plainText = decipher.update(data)\n try {\n decipher.final()\n } catch {\n // authentication failed\n return null\n }\n return plainText.toString('utf-8')\n }\n\n //region: signing\n\n sign(data?: null, key?: string | CipherKey): null\n sign(data: string, key?: string | CipherKey): string\n sign(data?: string | null, key?: string | CipherKey): string | null {\n if (!data) {\n return null\n }\n const {algorithm, encoding, keys} = this.signing\n key = key || keys[0] as CipherKey\n return crypto\n .createHmac(algorithm, key)\n .update(data).digest(encoding)\n .replace(/\\/|\\+|=/g, function (x) {\n return ({\"/\": \"_\", \"+\": \"-\", \"=\": \"\"})[x] as string\n })\n }\n\n verify(data: string, digest: string): boolean {\n return this.indexOf(data, digest) > -1\n }\n\n indexOf(data: string, digest: string): number {\n const {keys} = this.signing\n\n if (keys.length === 0) {\n throw new Error(\"keys required for signed cookies\")\n }\n\n for (let i = 0; i < keys.length; i++) {\n if (compare(digest, this.sign(data, keys[i] as string))) return i\n }\n return -1\n }\n\n //end-region: signing\n\n}\n\n","import http, { IncomingMessage, ServerResponse } from 'http';\nimport { Cookie, CookieAttrs } from './cookie';\nimport {KeyStore} from \"./keystore\";\nimport type {Http2ServerRequest, Http2ServerResponse} from \"http2\";\n\nconst cache: { [key:string]: RegExp } = {} as any;\ntype SignIdentifier = string | ((name: string) => string)\nexport type CookiesOptions = {\n\n /**\n * KeyStore to be used for signing and encrypting\n */\n keyStore?: KeyStore;\n /**\n * a boolean indicating whether the cookie is to be signed (`false` by default). If this is true, another cookie of the same name with the `signIdentifier` will also be sent, with a 27-byte url-safe base64 SHA1 value representing the hash of _cookie-name_=_cookie-value_ against the first [KeyStore](keystore) key. This signature key is used to detect tampering the next time a cookie is received.\n * @default false\n */\n signed?: boolean;\n /**\n * Encrypt cookies by default and assume received cookies are encrypted.\n * @default false\n */\n encrypted?: boolean;\n /**\n * Mark cookies as secure by default.\n * @default `req.protocol`\n */\n secure?: boolean | undefined;\n /**\n * If string, provided value will be appended cookie name with dot. For example with given value `mysig`\n * signature cookie name will be `cookiename.mysig`\n *\n * @default `sig`\n */\n signIdentifier?: SignIdentifier\n}\n\nexport type SetCookies = CookiesOptions & CookieAttrs\nexport type GetCookies = CookiesOptions\n\nexport class Cookies {\n\n secure?: CookiesOptions[\"secure\"];\n\n encrypted: boolean;\n\n signed: boolean;\n\n keyStore: KeyStore;\n\n signIdentifier?: SignIdentifier\n\n readonly request: IncomingMessage | Http2ServerRequest;\n readonly response: ServerResponse | Http2ServerResponse;\n\n constructor(request: IncomingMessage | Http2ServerRequest, response: ServerResponse | Http2ServerResponse, options: CookiesOptions = {}) {\n this.request = request;\n this.response = response;\n\n this.keyStore = options.keyStore || new KeyStore();\n this.secure = options.secure;\n this.signed = options.signed !== undefined ? options.signed : false;\n this.encrypted = options.encrypted !== undefined ? options.encrypted : false;\n this.signIdentifier = options.signIdentifier || 'sig';\n }\n\n /**\n * This extracts the cookie with the given name from the Set-Cookie header in the request. If such a cookie exists, its value is returned. Otherwise, nothing is returned.\n *\n * `{ signed: true }` can optionally be passed as the second parameter options. In this case, a signature cookie (a cookie of same name ending with the .sig suffix appended) is fetched. If no such cookie exists, nothing is returned.\n *\n * If the signature cookie does exist, the provided KeyStore is used to check whether the hash of cookie-name=cookie-value matches that of any registered key/s:\n *\n * - If the signature cookie hash matches the first key, the original cookie value is returned.\n * - If the signature cookie hash matches any other key, the original cookie value is returned AND an outbound header is set to update the signature cookie's value to the hash of the first key. This enables automatic freshening of signature cookies that have become stale due to key rotation.\n * - If the signature cookie hash does not match any key, nothing is returned, and an outbound header with an expired date is used to delete the cookie.\n *\n * `{ encrypted: true }` can optionally be passed as the second parameter options. In this case, the provided KeyStore will try to decrypt the cookie value with registered key/s.\n *\n * - If the decryption fails nothing is returned, and the cookie stays intact.\n * - If decryption succeeds, decrypted cookie value is returned.\n *\n * If both `signed` and `encrypted` options are provided, signature check will be applied with encrypted value. Than the decryption will be applied.\n * @param name\n * @param opts\n */\n get(name: string, opts?: GetCookies) {\n const sigId = opts?.signIdentifier || this.signIdentifier;\n\n const sigName = typeof sigId === 'function' ? sigId.call(null, name)\n : `${name + '.'+ sigId}`;\n\n const signed = opts && opts.signed !== undefined ? opts.signed : this.keyStore.signing.keys.length > 0;\n\n const encrypted = opts && opts.encrypted !== undefined ? opts.encrypted : this.encrypted;\n\n const header = this.request.headers['cookie'];\n if (!header) {\n return undefined;\n }\n\n const match = header.match(getPattern(name));\n if (!match) {\n return undefined;\n }\n\n const value = match[1];\n if (!opts || !signed) {\n return encrypted ? this.keyStore.decrypt(value as string) : value;\n }\n\n const remote = this.get(sigName, { encrypted: false, signed: false });\n if (!remote) {\n return undefined;\n }\n\n const data = `${name}=${value}`;\n const index = this.keyStore.indexOf(data, remote);\n\n if (index < 0) {\n this.set(sigName, null, { path: '/', signed: false });\n return undefined\n } else {\n index && this.set(sigName, this.keyStore.sign(data), { signed: false });\n return encrypted ? this.keyStore.decrypt(value as string) : value;\n }\n }\n\n /**\n * This sets the given cookie in the response and returns the current context to allow chaining.\n *\n * @param name Cookie name\n * @param value Cookie value. If this is omitted, an outbound header with an expired date is used to delete the cookie.\n * @param opts Overridden options\n */\n set(name: string, value: string | null, opts: SetCookies) {\n const res = this.response;\n const req = this.request;\n let headers = (res.getHeader('Set-Cookie') || []) as string[];\n const secure = this.secure !== undefined ? !!this.secure : (req).protocol === 'https' || (req).connection['encrypted'];\n const encrypted = opts && opts.encrypted !== undefined ? opts.encrypted : this.encrypted;\n\n if(value !== null && encrypted){\n value = this.keyStore.encrypt(value as string);\n }\n\n const cookie = new Cookie(name, value, opts);\n const signed = opts && opts.signed !== undefined ? opts.signed : this.signed;\n\n if (typeof headers == 'string') {\n /* istanbul ignore next */\n headers = [headers];\n }\n\n if (!secure && opts && opts.secure) {\n throw new Error('Cannot send secure cookie over unencrypted connection');\n }\n\n cookie.secure = opts && opts.secure !== undefined\n ? opts.secure\n : secure;\n\n pushCookie(headers, cookie);\n\n if (opts && signed) {\n cookie.value = this.keyStore.sign(cookie.toString());\n\n const sigId = opts.signIdentifier || this.signIdentifier;\n\n cookie.name = typeof sigId === 'function' ? sigId.call(null, cookie.name)\n : `${cookie.name + '.'+ sigId}`;\n pushCookie(headers, cookie);\n }\n\n const setHeader = (res)[\"set\"] ? http.OutgoingMessage.prototype.setHeader : res.setHeader;\n setHeader.call(res, 'Set-Cookie', headers);\n return this;\n }\n\n static middleware = (options?: CookiesOptions) => (req: any, res: any, next: any) => {\n req.cookies = res.cookies = new Cookies(req, res, options);\n\n next();\n }\n static connect = Cookies.middleware\n static express = Cookies.middleware\n static koa = (options?: CookiesOptions) => (ctx: any, next: any) => {\n ctx.cookies = ctx.req.cookies = ctx.res.cookies = ctx.request.cookies = ctx.response.cookies = new Cookies(ctx.req, ctx.res, options)\n next()\n }\n}\n\n\nfunction getPattern(name: string): RegExp {\n if (cache[name]) {\n return cache[name] as RegExp;\n }\n\n return cache[name] = new RegExp(\n `(?:^|;) *${name.replace(/[-[\\]{}()*+?.,\\\\^$|#\\s]/g, '\\\\$&')}=([^;]*)`\n );\n}\n\nfunction pushCookie(headers: string[], cookie: Cookie) {\n if (cookie.overwrite) {\n for (let i = headers.length - 1; i >= 0; i--) {\n if (headers[i]!.indexOf(`${cookie.name}=`) === 0) {\n headers.splice(i, 1);\n }\n }\n }\n\n headers.push(cookie.header);\n}\n"],"names":["crypto","compare","http"],"mappings":";;;;;;;;;;;;;;;;;;;;AAAA;AACA,IAAM,kBAAkB,GAAG,uCAAuC,CAAC;AACnE,IAAM,gBAAgB,GAAG,wBAAwB,CAAC;;IAiDhD,gBAAY,IAAY,EAAE,KAAoB,EAAE,KAAmB;QARnE,SAAI,GAAG,GAAG,CAAC;QACX,aAAQ,GAA6B,KAAK,CAAC;QAC3C,WAAM,GAAG,KAAK,CAAC;QACf,aAAQ,GAAG,IAAI,CAAC;QAChB,cAAS,GAAG,KAAK,CAAC;QAKhB,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;YAClC,MAAM,IAAI,SAAS,CAAC,0BAA0B,CAAC,CAAC;SACjD;QAED,IAAI,KAAK,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE;YAC5C,MAAM,IAAI,SAAS,CAAC,2BAA2B,CAAC,CAAC;SAClD;QAED,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;QACjB,IAAI,CAAC,KAAK,GAAG,KAAK,IAAI,EAAE,CAAC;QAEzB,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,CAAA;QAE1B,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE;YACf,IAAI,CAAC,OAAO,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC;YAC3B,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC;SACpB;QAED,IAAI,IAAI,CAAC,IAAI,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;YACpD,MAAM,IAAI,SAAS,CAAC,wBAAwB,CAAC,CAAC;SAC/C;QAED,IAAI,IAAI,CAAC,MAAM,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE;YACxD,MAAM,IAAI,SAAS,CAAC,0BAA0B,CAAC,CAAC;SACjD;QAED,IAAI,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,QAAQ,KAAK,IAAI,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE;YACpF,MAAM,IAAI,SAAS,CAAC,4BAA4B,CAAC,CAAC;SACnD;KACF;IAED,yBAAQ,GAAR;QACE,OAAU,IAAI,CAAC,IAAI,SAAI,IAAI,CAAC,KAAO,CAAC;KACrC;IAED,sBAAI,0BAAM;aAAV;YACE,IAAI,MAAM,GAAG,IAAI,CAAC,QAAQ,EAAE,CAAC;YAE7B,IAAI,IAAI,CAAC,MAAM,EAAE;gBACf,IAAI,CAAC,OAAO,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC;aACnD;YAED,IAAI,IAAI,CAAC,IAAI,EAAE;gBACb,MAAM,IAAI,YAAU,IAAI,CAAC,IAAM,CAAC;aACjC;YACD,IAAI,IAAI,CAAC,OAAO,EAAE;gBAChB,MAAM,IAAI,eAAa,IAAI,CAAC,OAAO,CAAC,WAAW,EAAI,CAAC;aACrD;YACD,IAAI,IAAI,CAAC,MAAM,EAAE;gBACf,MAAM,IAAI,cAAY,IAAI,CAAC,MAAQ,CAAC;aACrC;YACD,IAAI,IAAI,CAAC,QAAQ,EAAE;gBACjB,MAAM,IAAI,iBAAc,IAAI,CAAC,QAAQ,KAAK,IAAI,GAAG,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAE,CAAC;aAC3F;YACD,IAAI,IAAI,CAAC,MAAM,EAAE;gBACf,MAAM,IAAI,UAAU,CAAC;aACtB;YACD,IAAI,IAAI,CAAC,QAAQ,EAAE;gBACjB,MAAM,IAAI,YAAY,CAAC;aACxB;YAED,OAAO,MAAM,CAAC;SACf;;;OAAA;IAEH,aAAC;AAAD,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;ACpHM,IAAM,WAAW,GAAG;IACzB,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,uBAAuB,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IACxD,yBAAyB,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC1D,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,EAAE,EAAE,EAAE;IACrD,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,EAAE,EAAE,EAAE;IACrD,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,uBAAuB,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IACxD,yBAAyB,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC1D,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,EAAE,EAAE,EAAE;IACrD,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;CACxC;;ACbV,IAAM,iBAAiB,GAAG,YAAY,CAAA;;IAWpC,kBAAY,IAAmB;QAC7B,IAAI,GAAG,IAAI,IAAI,EAAE,CAAA;QACjB,IAAI,IAAI,CAAC,UAAU,EAAE;YACnB,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE;gBAC7E,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAA;aACpD;SACF;QACD,IAAI,IAAI,CAAC,OAAO,EAAE;YAChB,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE;gBACvE,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAA;aACjD;SACF;QACD,IAAI,CAAC,UAAU,GAAG,MAAM,CAAC,MAAM,CAAC;YAC9B,SAAS,EAAE,aAAa;YACxB,aAAa,EAAE,EAAE;YACjB,QAAQ,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE;SAC1B,EAAE,IAAI,CAAC,UAAU,IAAI,EAAS,CAAC,CAAA;QAEhC,IAAI,CAAC,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,EAAC,QAAQ,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,EAAE,IAAI,EAAE,EAAE,EAAC,EAAE,IAAI,CAAC,OAAO,IAAI,EAAS,CAAC,CAAA;KAE3G;IAID,0BAAO,GAAP,UAAQ,IAA6B,EAAE,OAAiC;QACtE,IAAI,CAAC,IAAI,EAAE;YACT,OAAO,IAAI,CAAA;SACZ;QACK,IAAA,KAMc,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,IAAI,CAAC,UAAU,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC,UAAU,EALzF,IAAI,UAAA,EACJ,SAAS,eAAA,EACT,QAAQ,cAAA,EACR,aAAa,mBAAA,EACb,GAAG,SACsF,CAAA;QAE3F,IAAM,MAAM,GAAG,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,CAAA;QAE7B,IAAI,CAAC,MAAM,EAAE;YACX,MAAM,IAAI,KAAK,CAAC,cAAc,CAAC,CAAA;SAChC;QAED,IAAM,UAAU,GAAG,QAAQ,CAAC,UAAU,CAAC,SAAS,CAAC,CAAA;QACjD,IAAI,CAAC,UAAU,EAAE;YACf,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAA;SACtC;QAED,IAAM,EAAE,GAAG,UAAU,CAAC,QAAQ,GAAGA,0BAAM,CAAC,WAAW,CAAC,UAAU,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC;QAChF,IAAM,QAAQ,GAAG,OAAO,IAAI,KAAK,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,EAAE,OAAO,CAAC,GAAG,IAAI,CAAA;QAE7E,IAAM,MAAM,GAAGA,0BAAM,CAAC,cAAc,CAAC,SAAgB,EAAE,MAAM,EAAE,EAAE,EAAE,EAAC,aAAa,eAAA,EAAC,CAAC,CAAA;QAEnF,IAAM,IAAI,GAAG,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QACrC,IAAM,GAAG,GAAG,MAAM,CAAC,KAAK,EAAE,CAAC;QAC3B,IAAI,OAA2B,CAAC;QAChC,IAAI,iBAAiB,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE;YACrC,OAAO,GAAG,MAAM,CAAC,UAAU,EAAE,CAAC;SAC/B;QAED,OAAO,MAAM,CAAC,MAAM,+CACf,EAAE,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,SACd,OAAO,GAAG,CAAC,OAAO,CAAC,GAAG,EAAE;YAC3B,IAAI;YACJ,GAAG;WACH,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAA;KACtB;IAID,0BAAO,GAAP,UAAQ,IAA6B,EAAE,OAAiC;QACtE,IAAI,CAAC,IAAI,EAAE;YACT,OAAO,IAAI,CAAA;SACZ;QAED,IAAM,YAAY,GAAmB,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,IAAI,CAAC,UAAU,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC,UAAU,CAAA;QAG1G,IAAA,QAAQ,GAKN,YAAY,SALN,EACR,GAAG,GAID,YAAY,IAJX,EACG,WAAW,GAGf,YAAY,KAHG,EACjB,SAAS,GAEP,YAAY,UAFL,EACT,aAAa,GACX,YAAY,cADD,CACC;QAEhB,IAAM,IAAI,GAAG,GAAG,GAAG,CAAE,GAAG,CAAE,GAAG,WAAW,CAAA;QACxC,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE;YACrB,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAA;SACvD;QAGC,IAAA,EAAE,GAEA,YAAY,GAFZ,EACF,OAAO,GACL,YAAY,QADP,CACO;QAEhB,IAAI,QAAQ,GAAG,OAAO,IAAI,KAAK,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,EAAE,QAAQ,CAAC,GAAG,IAAI,CAAA;QAE5E,IAAM,UAAU,GAAG,QAAQ,CAAC,UAAU,CAAC,SAAS,CAAC,CAAA;QACjD,IAAI,CAAC,UAAU,EAAE;YACf,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAA;SACtC;QAED,IAAI,OAAO,EAAE,KAAK,QAAQ,EAAE;YAC1B,EAAE,GAAG,MAAM,CAAC,IAAI,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAA;SAC/B;QAED,IAAI,OAAO,OAAO,KAAK,QAAQ,EAAE;YAC/B,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAA;SACzC;QAED,IAAI,CAAC,EAAE,EAAE;YACP,EAAE,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,UAAU,CAAC,QAAQ,CAAC,CAAA;SAC5C;QACD,QAAQ,GAAG,QAAQ,CAAC,KAAK,CAAC,UAAU,CAAC,QAAQ,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAA;QAG/D,IAAI,iBAAiB,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE;YACrC,IAAI,CAAC,OAAO,EAAE;gBACZ,OAAO,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,aAAa,CAAC,CAAA;aAC3C;YACD,QAAQ,GAAG,QAAQ,CAAC,KAAK,CAAC,aAAa,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAA;SAC1D;QAED,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;YACpC,IAAM,OAAO,GAAG,QAAQ,CAAC,SAAS,CAAC,QAAQ,wBAAM,YAAY,KAAE,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,IAAA,EAAE,OAAO,SAAA,IAAG,CAAC;YAC5F,IAAI,OAAO,KAAK,IAAI;gBAAE,OAAO,OAAO,CAAA;SACrC;QACD,OAAO,IAAI,CAAA;KACZ;IAEc,kBAAS,GAAxB,UAAyB,IAAY,EAAE,OAAuB;QACrD,IAAA,SAAS,GAAqC,OAAO,UAA5C,EAAE,GAAG,GAAgC,OAAO,IAAvC,EAAE,EAAE,GAA4B,OAAO,GAAnC,EAAE,aAAa,GAAa,OAAO,cAApB,EAAE,OAAO,GAAI,OAAO,QAAX,CAAW;QAC5D,IAAM,QAAQ,GAAGA,0BAAM,CAAC,gBAAgB,CAAC,SAAgB,EAAE,GAAI,EAAE,EAAY,EAAE,EAAC,aAAa,eAAA,EAAC,CAAC,CAAC;QAEhG,IAAI,OAAO,EAAE;YACX,QAAQ,CAAC,UAAU,CAAC,OAAiB,CAAC,CAAA;SACvC;QAED,IAAM,SAAS,GAAG,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,CAAA;QACvC,IAAI;YACF,QAAQ,CAAC,KAAK,EAAE,CAAA;SACjB;QAAC,WAAM;;YAEN,OAAO,IAAI,CAAA;SACZ;QACD,OAAO,SAAS,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAA;KACnC;IAMD,uBAAI,GAAJ,UAAK,IAAoB,EAAE,GAAwB;QACjD,IAAI,CAAC,IAAI,EAAE;YACT,OAAO,IAAI,CAAA;SACZ;QACK,IAAA,KAA8B,IAAI,CAAC,OAAO,EAAzC,SAAS,eAAA,EAAE,QAAQ,cAAA,EAAE,IAAI,UAAgB,CAAA;QAChD,GAAG,GAAG,GAAG,IAAI,IAAI,CAAC,CAAC,CAAc,CAAA;QACjC,OAAOA,0BAAM;aACV,UAAU,CAAC,SAAS,EAAE,GAAG,CAAC;aAC1B,MAAM,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC;aAC7B,OAAO,CAAC,UAAU,EAAE,UAAU,CAAC;YAC9B,OAAO,CAAC,EAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,EAAE,EAAC,EAAE,CAAC,CAAW,CAAA;SACpD,CAAC,CAAA;KACL;IAED,yBAAM,GAAN,UAAO,IAAY,EAAE,MAAc;QACjC,OAAO,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC,GAAG,CAAC,CAAC,CAAA;KACvC;IAED,0BAAO,GAAP,UAAQ,IAAY,EAAE,MAAc;QAC3B,IAAA,IAAI,GAAI,IAAI,CAAC,OAAO,KAAhB,CAAgB;QAE3B,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE;YACrB,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAA;SACpD;QAED,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;YACpC,IAAIC,2BAAO,CAAC,MAAM,EAAE,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC,CAAW,CAAC,CAAC;gBAAE,OAAO,CAAC,CAAA;SAClE;QACD,OAAO,CAAC,CAAC,CAAA;KACV;IAzLM,mBAAU,GAAG,WAGlB,CAAA;IA0LJ,eAAC;CAjMD;;AC3BA,IAAM,KAAK,GAA6B,EAAS,CAAC;;IAkDhD,iBAAY,OAA6C,EAAE,QAA8C,EAAE,OAA4B;QAA5B,wBAAA,EAAA,YAA4B;QACrI,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;QACvB,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;QAEzB,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC,QAAQ,IAAI,IAAI,QAAQ,EAAE,CAAC;QACnD,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;QAC7B,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,KAAK,SAAS,GAAG,OAAO,CAAC,MAAM,GAAG,KAAK,CAAC;QACpE,IAAI,CAAC,SAAS,GAAG,OAAO,CAAC,SAAS,KAAK,SAAS,GAAG,OAAO,CAAC,SAAS,GAAG,KAAK,CAAC;QAC7E,IAAI,CAAC,cAAc,GAAG,OAAO,CAAC,cAAc,IAAI,KAAK,CAAC;KACvD;;;;;;;;;;;;;;;;;;;;;IAsBD,qBAAG,GAAH,UAAI,IAAY,EAAE,IAAiB;QACjC,IAAM,KAAK,GAAG,CAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,cAAc,KAAI,IAAI,CAAC,cAAc,CAAC;QAE1D,IAAM,OAAO,GAAI,OAAO,KAAK,KAAK,UAAU,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC;cACjE,MAAG,IAAI,GAAG,GAAG,GAAE,KAAK,CAAE,CAAC;QAE3B,IAAM,MAAM,GAAG,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,SAAS,GAAG,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC;QAEvG,IAAM,SAAS,GAAG,IAAI,IAAI,IAAI,CAAC,SAAS,KAAK,SAAS,GAAG,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC;QAEzF,IAAM,MAAM,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;QAC9C,IAAI,CAAC,MAAM,EAAE;YACX,OAAO,SAAS,CAAC;SAClB;QAED,IAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC;QAC7C,IAAI,CAAC,KAAK,EAAE;YACV,OAAO,SAAS,CAAC;SAClB;QAED,IAAM,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QACvB,IAAI,CAAC,IAAI,IAAI,CAAC,MAAM,EAAE;YACpB,OAAO,SAAS,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAe,CAAC,GAAG,KAAK,CAAC;SACnE;QAED,IAAM,MAAM,GAAG,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;QACtE,IAAI,CAAC,MAAM,EAAE;YACX,OAAO,SAAS,CAAC;SAClB;QAED,IAAM,IAAI,GAAM,IAAI,SAAI,KAAO,CAAC;QAChC,IAAM,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;QAElD,IAAI,KAAK,GAAG,CAAC,EAAE;YACb,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,IAAI,EAAE,EAAE,IAAI,EAAE,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;YACtD,OAAO,SAAS,CAAA;SACjB;aAAM;YACL,KAAK,IAAI,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;YACxE,OAAO,SAAS,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAe,CAAC,GAAG,KAAK,CAAC;SACnE;KACF;;;;;;;;IASD,qBAAG,GAAH,UAAI,IAAY,EAAE,KAAoB,EAAE,IAAgB;QACtD,IAAM,GAAG,GAAG,IAAI,CAAC,QAAQ,CAAC;QAC1B,IAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC;QACzB,IAAI,OAAO,IAAI,GAAG,CAAC,SAAS,CAAC,YAAY,CAAC,IAAI,EAAE,CAAa,CAAC;QAC9D,IAAM,MAAM,GAAG,IAAI,CAAC,MAAM,KAAK,SAAS,GAAG,CAAC,CAAC,IAAI,CAAC,MAAM,GAAS,GAAI,CAAC,QAAQ,KAAK,OAAO,IAAU,GAAI,CAAC,UAAU,CAAC,WAAW,CAAC,CAAC;QACjI,IAAM,SAAS,GAAG,IAAI,IAAI,IAAI,CAAC,SAAS,KAAK,SAAS,GAAG,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC;QAEzF,IAAG,KAAK,KAAK,IAAI,IAAI,SAAS,EAAC;YAC7B,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAe,CAAC,CAAC;SAChD;QAED,IAAM,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,EAAE,KAAK,EAAE,IAAI,CAAC,CAAC;QAC7C,IAAM,MAAM,GAAG,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,SAAS,GAAG,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC;QAE7E,IAAI,OAAO,OAAO,IAAI,QAAQ,EAAE;;YAE9B,OAAO,GAAG,CAAC,OAAO,CAAC,CAAC;SACrB;QAED,IAAI,CAAC,MAAM,IAAI,IAAI,IAAI,IAAI,CAAC,MAAM,EAAE;YAClC,MAAM,IAAI,KAAK,CAAC,uDAAuD,CAAC,CAAC;SAC1E;QAED,MAAM,CAAC,MAAM,GAAG,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,SAAS;cAC7C,IAAI,CAAC,MAAM;cACX,MAAM,CAAC;QAEX,UAAU,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;QAE5B,IAAI,IAAI,IAAI,MAAM,EAAE;YAClB,MAAM,CAAC,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAC;YAErD,IAAM,KAAK,GAAG,IAAI,CAAC,cAAc,IAAI,IAAI,CAAC,cAAc,CAAC;YAEzD,MAAM,CAAC,IAAI,GAAG,OAAO,KAAK,KAAK,UAAU,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC;kBACrE,MAAG,MAAM,CAAC,IAAI,GAAG,GAAG,GAAE,KAAK,CAAE,CAAC;YAClC,UAAU,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;SAC7B;QAED,IAAM,SAAS,GAAS,GAAI,CAAC,KAAK,CAAC,GAAGC,wBAAI,CAAC,eAAe,CAAC,SAAS,CAAC,SAAS,GAAG,GAAG,CAAC,SAAS,CAAC;QAC/F,SAAS,CAAC,IAAI,CAAC,GAAG,EAAE,YAAY,EAAE,OAAO,CAAC,CAAC;QAC3C,OAAO,IAAI,CAAC;KACb;IAEM,kBAAU,GAAG,UAAC,OAAwB,IAAK,OAAA,UAAC,GAAQ,EAAE,GAAQ,EAAE,IAAS;QAC9E,GAAG,CAAC,OAAO,GAAG,GAAG,CAAC,OAAO,GAAG,IAAI,OAAO,CAAC,GAAG,EAAE,GAAG,EAAE,OAAO,CAAC,CAAC;QAE3D,IAAI,EAAE,CAAC;KACR,GAAA,CAAA;IACM,eAAO,GAAG,OAAO,CAAC,UAAU,CAAA;IAC5B,eAAO,GAAG,OAAO,CAAC,UAAU,CAAA;IAC5B,WAAG,GAAG,UAAC,OAAwB,IAAK,OAAA,UAAC,GAAQ,EAAE,IAAS;QAC7D,GAAG,CAAC,OAAO,GAAG,GAAG,CAAC,GAAG,CAAC,OAAO,GAAG,GAAG,CAAC,GAAG,CAAC,OAAO,GAAG,GAAG,CAAC,OAAO,CAAC,OAAO,GAAG,GAAG,CAAC,QAAQ,CAAC,OAAO,GAAG,IAAI,OAAO,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAA;QACrI,IAAI,EAAE,CAAA;KACP,GAAA,CAAA;IACH,cAAC;CAtJD,IAsJC;AAGD,SAAS,UAAU,CAAC,IAAY;IAC9B,IAAI,KAAK,CAAC,IAAI,CAAC,EAAE;QACf,OAAO,KAAK,CAAC,IAAI,CAAW,CAAC;KAC9B;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,GAAG,IAAI,MAAM,CAC7B,cAAY,IAAI,CAAC,OAAO,CAAC,0BAA0B,EAAE,MAAM,CAAC,aAAU,CACvE,CAAC;AACJ,CAAC;AAED,SAAS,UAAU,CAAC,OAAiB,EAAE,MAAc;IACnD,IAAI,MAAM,CAAC,SAAS,EAAE;QACpB,KAAK,IAAI,CAAC,GAAG,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE;YAC5C,IAAI,OAAO,CAAC,CAAC,CAAE,CAAC,OAAO,CAAI,MAAM,CAAC,IAAI,MAAG,CAAC,KAAK,CAAC,EAAE;gBAChD,OAAO,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;aACtB;SACF;KACF;IAED,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;AAC9B;;;;;;"} \ No newline at end of file +{"version":3,"file":"index.cjs","sources":["../src/cookie.ts","../src/ciphers.ts","../src/keystore.ts","../src/cookies.ts"],"sourcesContent":["// eslint-disable-next-line no-control-regex\nconst fieldContentRegExp = /^[\\u0009\\u0020-\\u007e\\u0080-\\u00ff]+$/;\nconst SAME_SITE_REGEXP = /^(?:lax|none|strict)$/i;\n\nexport interface CookieAttrs {\n /**\n * a `Date` object indicating the cookie's expiration date (expires at the end of session by default).\n */\n expires?: Date;\n /**\n * a number representing the milliseconds from `Date.now()` for expiry\n */\n maxAge?: number | null;\n /**\n * a boolean or string indicating whether the cookie is a \"same site\" cookie (`false` by default). This can be set to `'strict'`, `'lax'`, `'none'`, or `true` (which maps to `'strict'`).\n */\n sameSite?: 'lax' | 'none' | 'strict' | boolean;\n /**\n * a string indicating the path of the cookie (`/` by default).\n */\n path?: string;\n /**\n * a string indicating the domain of the cookie (no default).\n */\n domain?: string;\n /**\n * a boolean indicating whether the cookie is only to be sent over HTTPS (`false` by default for HTTP, `true` by default for HTTPS).\n */\n secure?: boolean | undefined;\n /**\n * a boolean indicating whether the cookie is only to be sent over HTTP(S), and not made available to client JavaScript (`true` by default).\n */\n httpOnly?: boolean;\n /**\n * a boolean indicating whether to overwrite previously set cookies of the same name (`false` by default). If this is true, all cookies set during the same request with the same name (regardless of path or domain) are filtered out of the Set-Cookie header when setting this cookie.\n */\n overwrite?: boolean;\n}\n\nexport class Cookie implements CookieAttrs {\n name: string;\n value: string;\n domain?: string;\n path = '/';\n sameSite?: CookieAttrs['sameSite'] = false;\n secure = false;\n httpOnly = true;\n overwrite = false;\n expires?: Date;\n maxAge?: number | null;\n\n constructor(name: string, value: string | null, attrs?: CookieAttrs) {\n if (!fieldContentRegExp.test(name)) {\n throw new TypeError('argument name is invalid');\n }\n\n if (value && !fieldContentRegExp.test(value)) {\n throw new TypeError('argument value is invalid');\n }\n\n this.name = name;\n this.value = value || '';\n\n Object.assign(this, attrs)\n\n if (!this.value) {\n this.expires = new Date(0);\n this.maxAge = null;\n }\n\n if (this.path && !fieldContentRegExp.test(this.path)) {\n throw new TypeError('option path is invalid');\n }\n\n if (this.domain && !fieldContentRegExp.test(this.domain)) {\n throw new TypeError('option domain is invalid');\n }\n\n if (this.sameSite && this.sameSite !== true && !SAME_SITE_REGEXP.test(this.sameSite)) {\n throw new TypeError('option sameSite is invalid');\n }\n }\n\n toString() {\n return `${this.name}=${this.value}`;\n }\n\n get header() {\n let header = this.toString();\n\n if (this.maxAge) {\n this.expires = new Date(Date.now() + this.maxAge);\n }\n\n if (this.path) {\n header += `; path=${this.path}`;\n }\n if (this.expires) {\n header += `; expires=${this.expires.toUTCString()}`;\n }\n if (this.domain) {\n header += `; domain=${this.domain}`;\n }\n if (this.sameSite) {\n header += `; samesite=${this.sameSite === true ? 'strict' : this.sameSite.toLowerCase()}`;\n }\n if (this.secure) {\n header += '; secure';\n }\n if (this.httpOnly) {\n header += '; httponly';\n }\n\n return header;\n }\n\n}\n","export const CIPHER_INFO = {\n 'aes-128-cbc': { ivLength: 16, keyLength: 16 },\n 'aes-128-cbc-hmac-sha1': { ivLength: 16, keyLength: 16 },\n 'aes-128-cbc-hmac-sha256': { ivLength: 16, keyLength: 16 },\n 'aes-128-cfb': { ivLength: 16, keyLength: 16 },\n 'aes-128-cfb1': { ivLength: 16, keyLength: 16 },\n 'aes-128-cfb8': { ivLength: 16, keyLength: 16 },\n 'aes-128-ctr': { ivLength: 16, keyLength: 16 },\n 'aes-128-ecb': { ivLength: undefined, keyLength: 16 },\n 'aes-128-ocb': { ivLength: 12, keyLength: 16 },\n 'aes-128-ofb': { ivLength: 16, keyLength: 16 },\n 'aes-128-xts': { ivLength: 16, keyLength: 32 },\n 'aes-192-cbc': { ivLength: 16, keyLength: 24 },\n 'aes-192-cfb': { ivLength: 16, keyLength: 24 },\n 'aes-192-cfb1': { ivLength: 16, keyLength: 24 },\n 'aes-192-cfb8': { ivLength: 16, keyLength: 24 },\n 'aes-192-ctr': { ivLength: 16, keyLength: 24 },\n 'aes-192-ecb': { ivLength: undefined, keyLength: 24 },\n 'aes-192-ocb': { ivLength: 12, keyLength: 24 },\n 'aes-192-ofb': { ivLength: 16, keyLength: 24 },\n 'aes-256-cbc': { ivLength: 16, keyLength: 32 },\n 'aes-256-cbc-hmac-sha1': { ivLength: 16, keyLength: 32 },\n 'aes-256-cbc-hmac-sha256': { ivLength: 16, keyLength: 32 },\n 'aes-256-cfb': { ivLength: 16, keyLength: 32 },\n 'aes-256-cfb1': { ivLength: 16, keyLength: 32 },\n 'aes-256-cfb8': { ivLength: 16, keyLength: 32 },\n 'aes-256-ctr': { ivLength: 16, keyLength: 32 },\n 'aes-256-ecb': { ivLength: undefined, keyLength: 32 },\n 'aes-256-ocb': { ivLength: 12, keyLength: 32 },\n 'aes-256-ofb': { ivLength: 16, keyLength: 32 },\n 'aes-256-xts': { ivLength: 16, keyLength: 64 },\n 'aes-128-ccm': { ivLength: 12, keyLength: 16 },\n 'aes-128-gcm': { ivLength: 12, keyLength: 16 },\n 'aes-192-ccm': { ivLength: 12, keyLength: 24 },\n 'aes-192-gcm': { ivLength: 12, keyLength: 24 },\n 'aes-256-ccm': { ivLength: 12, keyLength: 32 },\n 'aes-256-gcm': { ivLength: 12, keyLength: 32 },\n 'id-aes128-ccm': { ivLength: 12, keyLength: 16 },\n 'id-aes128-gcm': { ivLength: 12, keyLength: 16 },\n 'id-aes192-ccm': { ivLength: 12, keyLength: 24 },\n 'id-aes192-gcm': { ivLength: 12, keyLength: 24 },\n 'id-aes256-ccm': { ivLength: 12, keyLength: 32 },\n 'id-aes256-gcm': { ivLength: 12, keyLength: 32 },\n} as const\n","/* eslint-disable @typescript-eslint/ban-ts-comment */\nimport compare from 'tsscmp'\n\nimport crypto, {BinaryToTextEncoding, CipherKey, Encoding} from \"crypto\";\nimport {CIPHER_INFO} from \"./ciphers\";\nimport type {Partial} from \"rollup-plugin-typescript2/dist/partial\";\n\nexport interface KeyStoreOpts {\n signing?: {\n keys: string[],\n algorithm?: string | 'blake2b512' | 'blake2s256' | 'gost' | 'md4' | 'md5' | 'rmd160' | 'sha1' | 'sha224'\n | 'sha256' | 'sha3-224' | 'sha3-256' | 'sha3-384' | 'sha3-512' | 'sha384' | 'sha512' | 'sha512-224'\n | 'sha512-256' | 'shake128' | 'shake256' | 'sm3';\n encoding?: BinaryToTextEncoding\n },\n encryption?: {\n keys: string[] | CipherKey[],\n algorithm?: keyof typeof CIPHER_INFO | string,\n encoding?: Encoding\n authTagLength?: number\n }\n}\n\ntype EncryptOptions = Required & { key?: string | undefined }\ntype DecryptOptions = Required & {\n key?: string | CipherKey | undefined,\n iv?: string | Buffer | undefined,\n authTag?: string | Buffer | undefined\n}\n\nconst AUTH_TAG_REQUIRED = /-(gcm|ccm)/\n\nexport class KeyStore {\n encryption: Required>;\n signing: Required>;\n\n static cipherInfo = CIPHER_INFO as Record\n\n constructor(opts?: KeyStoreOpts) {\n opts = opts || {}\n if (opts.encryption) {\n if (!Array.isArray(opts.encryption.keys) || opts.encryption.keys.length === 0) {\n throw new Error(\"keys are required for encryption\")\n }\n }\n if (opts.signing) {\n if (!Array.isArray(opts.signing.keys) || opts.signing.keys.length === 0) {\n throw new Error(\"keys are required for signing\")\n }\n }\n this.encryption = Object.assign({\n algorithm: 'aes-192-ccm',\n authTagLength: 16,\n encoding: 'hex', keys: []\n }, opts.encryption || {} as any)\n\n this.signing = Object.assign({encoding: 'base64', algorithm: 'sha1', keys: []}, opts.signing || {} as any)\n\n }\n\n encrypt(data?: null, options?: Partial): null\n encrypt(data: string | Buffer, options?: Partial): string\n encrypt(data?: string | Buffer | null, options?: Partial): string | null {\n if (!data) {\n return null\n }\n const {\n keys,\n algorithm,\n encoding,\n authTagLength,\n key\n }: EncryptOptions = options ? Object.assign({}, this.encryption, options) : this.encryption\n\n const secret = key || keys[0]\n\n if (!secret) {\n throw new Error(\"no key found\")\n }\n\n const cipherInfo = KeyStore.cipherInfo[algorithm]\n if (!cipherInfo) {\n throw new Error(\"unsupported cipher\")\n }\n\n const iv = cipherInfo.ivLength ? crypto.randomBytes(cipherInfo.ivLength) : null;\n const dataBuff = typeof data === \"string\" ? Buffer.from(data, 'utf-8') : data\n\n const cipher = crypto.createCipheriv(algorithm as any, secret, iv, {authTagLength})\n\n const text = cipher.update(dataBuff);\n const pad = cipher.final();\n let authTag: Buffer | undefined;\n if (AUTH_TAG_REQUIRED.test(algorithm)) {\n authTag = cipher.getAuthTag();\n }\n\n return Buffer.concat([\n ...iv ? [iv] : [],\n ...authTag ? [authTag] : [],\n text,\n pad\n ]).toString(encoding)\n }\n\n decrypt(data?: null, options?: Partial): null\n decrypt(data: string | Buffer, options?: Partial): string\n decrypt(data?: string | Buffer | null, options?: Partial): string | null {\n if (!data) {\n return null\n }\n\n const finalOptions: DecryptOptions = options ? Object.assign({}, this.encryption, options) : this.encryption\n\n const {\n encoding,\n key,\n keys: defaultKeys,\n algorithm,\n authTagLength,\n } = finalOptions\n\n const keys = key ? [key] : defaultKeys\n if (keys.length === 0) {\n throw new Error(\"keys required for encrypted cookies\")\n }\n\n let {\n iv,\n authTag\n } = finalOptions\n\n let dataBuff = typeof data === \"string\" ? Buffer.from(data, encoding) : data\n\n const cipherInfo = KeyStore.cipherInfo[algorithm]\n if (!cipherInfo) {\n throw new Error(\"unsupported cipher\")\n }\n\n if (typeof iv === \"string\") {\n iv = Buffer.from(iv, encoding)\n }\n\n if (typeof authTag === \"string\") {\n authTag = Buffer.from(authTag, encoding)\n }\n\n if (cipherInfo.ivLength !== undefined) {\n if (!iv) {\n iv = dataBuff.slice(0, cipherInfo.ivLength)\n }\n dataBuff = dataBuff.slice(cipherInfo.ivLength, dataBuff.length)\n }\n\n\n if (AUTH_TAG_REQUIRED.test(algorithm)) {\n if (!authTag) {\n authTag = dataBuff.slice(0, authTagLength)\n }\n dataBuff = dataBuff.slice(authTagLength, dataBuff.length)\n }\n\n for (let i = 0; i < keys.length; i++) {\n const message = KeyStore.doDecrypt(dataBuff, {...finalOptions, key: keys[i], iv, authTag,});\n if (message !== null) return message\n }\n return null\n }\n\n private static doDecrypt(data: Buffer, options: DecryptOptions): string | null {\n const {algorithm, key, iv, authTagLength, authTag} = options\n const decipher = crypto.createDecipheriv(algorithm as any, key!, iv as Buffer || null, {authTagLength});\n\n if (authTag) {\n decipher.setAuthTag(authTag as Buffer)\n }\n\n const plainText = decipher.update(data)\n let final: Buffer\n try {\n final = decipher.final()\n } catch(e:any) {\n // authentication failed\n return null\n }\n return Buffer.concat([plainText, final]).toString('utf-8')\n }\n\n //region: signing\n\n sign(data?: null, key?: string | CipherKey): null\n sign(data: string, key?: string | CipherKey): string\n sign(data?: string | null, key?: string | CipherKey): string | null {\n if (!data) {\n return null\n }\n const {algorithm, encoding, keys} = this.signing\n key = key || keys[0] as CipherKey\n return crypto\n .createHmac(algorithm, key)\n .update(data).digest(encoding)\n .replace(/\\/|\\+|=/g, function (x) {\n return ({\"/\": \"_\", \"+\": \"-\", \"=\": \"\"})[x] as string\n })\n }\n\n verify(data: string, digest: string): boolean {\n return this.indexOf(data, digest) > -1\n }\n\n indexOf(data: string, digest: string): number {\n const {keys} = this.signing\n\n if (keys.length === 0) {\n throw new Error(\"keys required for signed cookies\")\n }\n\n for (let i = 0; i < keys.length; i++) {\n if (compare(digest, this.sign(data, keys[i] as string))) return i\n }\n return -1\n }\n\n //end-region: signing\n\n}\n\n","import http, { IncomingMessage, ServerResponse } from 'http';\nimport { Cookie, CookieAttrs } from './cookie';\nimport {KeyStore} from \"./keystore\";\nimport type {Http2ServerRequest, Http2ServerResponse} from \"http2\";\n\nconst cache: { [key:string]: RegExp } = {} as any;\ntype SignIdentifier = string | ((name: string) => string)\nexport type CookiesOptions = {\n\n /**\n * KeyStore to be used for signing and encrypting\n */\n keyStore?: KeyStore;\n /**\n * a boolean indicating whether the cookie is to be signed (`false` by default). If this is true, another cookie of the same name with the `signIdentifier` will also be sent, with a 27-byte url-safe base64 SHA1 value representing the hash of _cookie-name_=_cookie-value_ against the first [KeyStore](keystore) key. This signature key is used to detect tampering the next time a cookie is received.\n * @default false\n */\n signed?: boolean;\n /**\n * Encrypt cookies by default and assume received cookies are encrypted.\n * @default false\n */\n encrypted?: boolean;\n /**\n * Mark cookies as secure by default.\n * @default `req.protocol`\n */\n secure?: boolean | undefined;\n /**\n * If string, provided value will be appended cookie name with dot. For example with given value `mysig`\n * signature cookie name will be `cookiename.mysig`\n *\n * @default `sig`\n */\n signIdentifier?: SignIdentifier\n}\n\nexport type SetCookies = CookiesOptions & CookieAttrs\nexport type GetCookies = CookiesOptions\n\nexport class Cookies {\n\n secure?: CookiesOptions[\"secure\"];\n\n encrypted: boolean;\n\n signed: boolean;\n\n keyStore: KeyStore;\n\n signIdentifier?: SignIdentifier\n\n readonly request: IncomingMessage | Http2ServerRequest;\n readonly response: ServerResponse | Http2ServerResponse;\n\n constructor(request: IncomingMessage | Http2ServerRequest, response: ServerResponse | Http2ServerResponse, options: CookiesOptions = {}) {\n this.request = request;\n this.response = response;\n\n this.keyStore = options.keyStore || new KeyStore();\n this.secure = options.secure;\n this.signed = options.signed !== undefined ? options.signed : false;\n this.encrypted = options.encrypted !== undefined ? options.encrypted : false;\n this.signIdentifier = options.signIdentifier || 'sig';\n }\n\n /**\n * This extracts the cookie with the given name from the Set-Cookie header in the request. If such a cookie exists, its value is returned. Otherwise, nothing is returned.\n *\n * `{ signed: true }` can optionally be passed as the second parameter options. In this case, a signature cookie (a cookie of same name ending with the .sig suffix appended) is fetched. If no such cookie exists, nothing is returned.\n *\n * If the signature cookie does exist, the provided KeyStore is used to check whether the hash of cookie-name=cookie-value matches that of any registered key/s:\n *\n * - If the signature cookie hash matches the first key, the original cookie value is returned.\n * - If the signature cookie hash matches any other key, the original cookie value is returned AND an outbound header is set to update the signature cookie's value to the hash of the first key. This enables automatic freshening of signature cookies that have become stale due to key rotation.\n * - If the signature cookie hash does not match any key, nothing is returned, and an outbound header with an expired date is used to delete the cookie.\n *\n * `{ encrypted: true }` can optionally be passed as the second parameter options. In this case, the provided KeyStore will try to decrypt the cookie value with registered key/s.\n *\n * - If the decryption fails nothing is returned, and the cookie stays intact.\n * - If decryption succeeds, decrypted cookie value is returned.\n *\n * If both `signed` and `encrypted` options are provided, signature check will be applied with encrypted value. Than the decryption will be applied.\n * @param name\n * @param opts\n */\n get(name: string, opts?: GetCookies) {\n const sigId = opts?.signIdentifier || this.signIdentifier;\n\n const sigName = typeof sigId === 'function' ? sigId.call(null, name)\n : `${name + '.'+ sigId}`;\n\n const signed = opts && opts.signed !== undefined ? opts.signed : this.keyStore.signing.keys.length > 0;\n\n const encrypted = opts && opts.encrypted !== undefined ? opts.encrypted : this.encrypted;\n\n const header = this.request.headers['cookie'];\n if (!header) {\n return undefined;\n }\n\n const match = header.match(getPattern(name));\n if (!match) {\n return undefined;\n }\n\n const value = match[1];\n if (!opts || !signed) {\n return encrypted ? this.keyStore.decrypt(value as string) : value;\n }\n\n const remote = this.get(sigName, { encrypted: false, signed: false });\n if (!remote) {\n return undefined;\n }\n\n const data = `${name}=${value}`;\n const index = this.keyStore.indexOf(data, remote);\n\n if (index < 0) {\n this.set(sigName, null, { path: '/', signed: false });\n return undefined\n } else {\n index && this.set(sigName, this.keyStore.sign(data), { signed: false });\n return encrypted ? this.keyStore.decrypt(value as string) : value;\n }\n }\n\n /**\n * This sets the given cookie in the response and returns the current context to allow chaining.\n *\n * @param name Cookie name\n * @param value Cookie value. If this is omitted, an outbound header with an expired date is used to delete the cookie.\n * @param opts Overridden options\n */\n set(name: string, value: string | null, opts: SetCookies) {\n const res = this.response;\n const req = this.request;\n let headers = (res.getHeader('Set-Cookie') || []) as string[];\n const secure = this.secure !== undefined ? !!this.secure : (req).protocol === 'https' || (req).connection['encrypted'];\n const encrypted = opts && opts.encrypted !== undefined ? opts.encrypted : this.encrypted;\n\n if(value !== null && encrypted){\n value = this.keyStore.encrypt(value as string);\n }\n\n const cookie = new Cookie(name, value, opts);\n const signed = opts && opts.signed !== undefined ? opts.signed : this.signed;\n\n /* istanbul ignore next */\n if (typeof headers == 'string') {\n headers = [headers];\n }\n\n if (!secure && opts && opts.secure) {\n throw new Error('Cannot send secure cookie over unencrypted connection');\n }\n\n cookie.secure = opts && opts.secure !== undefined\n ? opts.secure\n : secure;\n\n pushCookie(headers, cookie);\n\n if (opts && signed) {\n cookie.value = this.keyStore.sign(cookie.toString());\n\n const sigId = opts.signIdentifier || this.signIdentifier;\n\n cookie.name = typeof sigId === 'function' ? sigId.call(null, cookie.name)\n : `${cookie.name + '.'+ sigId}`;\n pushCookie(headers, cookie);\n }\n\n const setHeader = (res)[\"set\"] ? http.OutgoingMessage.prototype.setHeader : res.setHeader;\n setHeader.call(res, 'Set-Cookie', headers);\n return this;\n }\n\n static middleware = (options?: CookiesOptions) => (req: any, res: any, next: any) => {\n req.cookies = res.cookies = new Cookies(req, res, options);\n\n next();\n }\n static connect = Cookies.middleware\n static express = Cookies.middleware\n static koa = (options?: CookiesOptions) => (ctx: any, next: any) => {\n ctx.cookies = ctx.req.cookies = ctx.res.cookies = ctx.request.cookies = ctx.response.cookies = new Cookies(ctx.req, ctx.res, options)\n next()\n }\n}\n\n\nfunction getPattern(name: string): RegExp {\n if (cache[name]) {\n return cache[name] as RegExp;\n }\n\n return cache[name] = new RegExp(\n `(?:^|;) *${name.replace(/[-[\\]{}()*+?.,\\\\^$|#\\s]/g, '\\\\$&')}=([^;]*)`\n );\n}\n\nfunction pushCookie(headers: string[], cookie: Cookie) {\n if (cookie.overwrite) {\n for (let i = headers.length - 1; i >= 0; i--) {\n if (headers[i]!.indexOf(`${cookie.name}=`) === 0) {\n headers.splice(i, 1);\n }\n }\n }\n\n headers.push(cookie.header);\n}\n"],"names":["crypto","compare","http"],"mappings":";;;;;;;;;;;;;;;;;;;;AAAA;AACA,IAAM,kBAAkB,GAAG,uCAAuC,CAAC;AACnE,IAAM,gBAAgB,GAAG,wBAAwB,CAAC;;IAiDhD,gBAAY,IAAY,EAAE,KAAoB,EAAE,KAAmB;QARnE,SAAI,GAAG,GAAG,CAAC;QACX,aAAQ,GAA6B,KAAK,CAAC;QAC3C,WAAM,GAAG,KAAK,CAAC;QACf,aAAQ,GAAG,IAAI,CAAC;QAChB,cAAS,GAAG,KAAK,CAAC;QAKhB,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;YAClC,MAAM,IAAI,SAAS,CAAC,0BAA0B,CAAC,CAAC;SACjD;QAED,IAAI,KAAK,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE;YAC5C,MAAM,IAAI,SAAS,CAAC,2BAA2B,CAAC,CAAC;SAClD;QAED,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;QACjB,IAAI,CAAC,KAAK,GAAG,KAAK,IAAI,EAAE,CAAC;QAEzB,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,CAAA;QAE1B,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE;YACf,IAAI,CAAC,OAAO,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC;YAC3B,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC;SACpB;QAED,IAAI,IAAI,CAAC,IAAI,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;YACpD,MAAM,IAAI,SAAS,CAAC,wBAAwB,CAAC,CAAC;SAC/C;QAED,IAAI,IAAI,CAAC,MAAM,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE;YACxD,MAAM,IAAI,SAAS,CAAC,0BAA0B,CAAC,CAAC;SACjD;QAED,IAAI,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,QAAQ,KAAK,IAAI,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE;YACpF,MAAM,IAAI,SAAS,CAAC,4BAA4B,CAAC,CAAC;SACnD;KACF;IAED,yBAAQ,GAAR;QACE,OAAU,IAAI,CAAC,IAAI,SAAI,IAAI,CAAC,KAAO,CAAC;KACrC;IAED,sBAAI,0BAAM;aAAV;YACE,IAAI,MAAM,GAAG,IAAI,CAAC,QAAQ,EAAE,CAAC;YAE7B,IAAI,IAAI,CAAC,MAAM,EAAE;gBACf,IAAI,CAAC,OAAO,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC;aACnD;YAED,IAAI,IAAI,CAAC,IAAI,EAAE;gBACb,MAAM,IAAI,YAAU,IAAI,CAAC,IAAM,CAAC;aACjC;YACD,IAAI,IAAI,CAAC,OAAO,EAAE;gBAChB,MAAM,IAAI,eAAa,IAAI,CAAC,OAAO,CAAC,WAAW,EAAI,CAAC;aACrD;YACD,IAAI,IAAI,CAAC,MAAM,EAAE;gBACf,MAAM,IAAI,cAAY,IAAI,CAAC,MAAQ,CAAC;aACrC;YACD,IAAI,IAAI,CAAC,QAAQ,EAAE;gBACjB,MAAM,IAAI,iBAAc,IAAI,CAAC,QAAQ,KAAK,IAAI,GAAG,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAE,CAAC;aAC3F;YACD,IAAI,IAAI,CAAC,MAAM,EAAE;gBACf,MAAM,IAAI,UAAU,CAAC;aACtB;YACD,IAAI,IAAI,CAAC,QAAQ,EAAE;gBACjB,MAAM,IAAI,YAAY,CAAC;aACxB;YAED,OAAO,MAAM,CAAC;SACf;;;OAAA;IAEH,aAAC;AAAD,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;ACpHM,IAAM,WAAW,GAAG;IACzB,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,uBAAuB,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IACxD,yBAAyB,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC1D,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,EAAE,EAAE,EAAE;IACrD,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,EAAE,EAAE,EAAE;IACrD,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,uBAAuB,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IACxD,yBAAyB,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC1D,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,EAAE,EAAE,EAAE;IACrD,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;CACxC;;ACbV,IAAM,iBAAiB,GAAG,YAAY,CAAA;;IAWpC,kBAAY,IAAmB;QAC7B,IAAI,GAAG,IAAI,IAAI,EAAE,CAAA;QACjB,IAAI,IAAI,CAAC,UAAU,EAAE;YACnB,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE;gBAC7E,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAA;aACpD;SACF;QACD,IAAI,IAAI,CAAC,OAAO,EAAE;YAChB,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE;gBACvE,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAA;aACjD;SACF;QACD,IAAI,CAAC,UAAU,GAAG,MAAM,CAAC,MAAM,CAAC;YAC9B,SAAS,EAAE,aAAa;YACxB,aAAa,EAAE,EAAE;YACjB,QAAQ,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE;SAC1B,EAAE,IAAI,CAAC,UAAU,IAAI,EAAS,CAAC,CAAA;QAEhC,IAAI,CAAC,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,EAAC,QAAQ,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,EAAE,IAAI,EAAE,EAAE,EAAC,EAAE,IAAI,CAAC,OAAO,IAAI,EAAS,CAAC,CAAA;KAE3G;IAID,0BAAO,GAAP,UAAQ,IAA6B,EAAE,OAAiC;QACtE,IAAI,CAAC,IAAI,EAAE;YACT,OAAO,IAAI,CAAA;SACZ;QACK,IAAA,KAMc,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,IAAI,CAAC,UAAU,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC,UAAU,EALzF,IAAI,UAAA,EACJ,SAAS,eAAA,EACT,QAAQ,cAAA,EACR,aAAa,mBAAA,EACb,GAAG,SACsF,CAAA;QAE3F,IAAM,MAAM,GAAG,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,CAAA;QAE7B,IAAI,CAAC,MAAM,EAAE;YACX,MAAM,IAAI,KAAK,CAAC,cAAc,CAAC,CAAA;SAChC;QAED,IAAM,UAAU,GAAG,QAAQ,CAAC,UAAU,CAAC,SAAS,CAAC,CAAA;QACjD,IAAI,CAAC,UAAU,EAAE;YACf,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAA;SACtC;QAED,IAAM,EAAE,GAAG,UAAU,CAAC,QAAQ,GAAGA,0BAAM,CAAC,WAAW,CAAC,UAAU,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC;QAChF,IAAM,QAAQ,GAAG,OAAO,IAAI,KAAK,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,EAAE,OAAO,CAAC,GAAG,IAAI,CAAA;QAE7E,IAAM,MAAM,GAAGA,0BAAM,CAAC,cAAc,CAAC,SAAgB,EAAE,MAAM,EAAE,EAAE,EAAE,EAAC,aAAa,eAAA,EAAC,CAAC,CAAA;QAEnF,IAAM,IAAI,GAAG,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QACrC,IAAM,GAAG,GAAG,MAAM,CAAC,KAAK,EAAE,CAAC;QAC3B,IAAI,OAA2B,CAAC;QAChC,IAAI,iBAAiB,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE;YACrC,OAAO,GAAG,MAAM,CAAC,UAAU,EAAE,CAAC;SAC/B;QAED,OAAO,MAAM,CAAC,MAAM,+CACf,EAAE,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,SACd,OAAO,GAAG,CAAC,OAAO,CAAC,GAAG,EAAE;YAC3B,IAAI;YACJ,GAAG;WACH,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAA;KACtB;IAID,0BAAO,GAAP,UAAQ,IAA6B,EAAE,OAAiC;QACtE,IAAI,CAAC,IAAI,EAAE;YACT,OAAO,IAAI,CAAA;SACZ;QAED,IAAM,YAAY,GAAmB,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,IAAI,CAAC,UAAU,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC,UAAU,CAAA;QAG1G,IAAA,QAAQ,GAKN,YAAY,SALN,EACR,GAAG,GAID,YAAY,IAJX,EACG,WAAW,GAGf,YAAY,KAHG,EACjB,SAAS,GAEP,YAAY,UAFL,EACT,aAAa,GACX,YAAY,cADD,CACC;QAEhB,IAAM,IAAI,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,WAAW,CAAA;QACtC,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE;YACrB,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAA;SACvD;QAGC,IAAA,EAAE,GAEA,YAAY,GAFZ,EACF,OAAO,GACL,YAAY,QADP,CACO;QAEhB,IAAI,QAAQ,GAAG,OAAO,IAAI,KAAK,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,EAAE,QAAQ,CAAC,GAAG,IAAI,CAAA;QAE5E,IAAM,UAAU,GAAG,QAAQ,CAAC,UAAU,CAAC,SAAS,CAAC,CAAA;QACjD,IAAI,CAAC,UAAU,EAAE;YACf,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAA;SACtC;QAED,IAAI,OAAO,EAAE,KAAK,QAAQ,EAAE;YAC1B,EAAE,GAAG,MAAM,CAAC,IAAI,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAA;SAC/B;QAED,IAAI,OAAO,OAAO,KAAK,QAAQ,EAAE;YAC/B,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAA;SACzC;QAED,IAAI,UAAU,CAAC,QAAQ,KAAK,SAAS,EAAE;YACrC,IAAI,CAAC,EAAE,EAAE;gBACP,EAAE,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,UAAU,CAAC,QAAQ,CAAC,CAAA;aAC5C;YACD,QAAQ,GAAG,QAAQ,CAAC,KAAK,CAAC,UAAU,CAAC,QAAQ,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAA;SAChE;QAGD,IAAI,iBAAiB,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE;YACrC,IAAI,CAAC,OAAO,EAAE;gBACZ,OAAO,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,aAAa,CAAC,CAAA;aAC3C;YACD,QAAQ,GAAG,QAAQ,CAAC,KAAK,CAAC,aAAa,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAA;SAC1D;QAED,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;YACpC,IAAM,OAAO,GAAG,QAAQ,CAAC,SAAS,CAAC,QAAQ,wBAAM,YAAY,KAAE,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,IAAA,EAAE,OAAO,SAAA,IAAG,CAAC;YAC5F,IAAI,OAAO,KAAK,IAAI;gBAAE,OAAO,OAAO,CAAA;SACrC;QACD,OAAO,IAAI,CAAA;KACZ;IAEc,kBAAS,GAAxB,UAAyB,IAAY,EAAE,OAAuB;QACrD,IAAA,SAAS,GAAqC,OAAO,UAA5C,EAAE,GAAG,GAAgC,OAAO,IAAvC,EAAE,EAAE,GAA4B,OAAO,GAAnC,EAAE,aAAa,GAAa,OAAO,cAApB,EAAE,OAAO,GAAI,OAAO,QAAX,CAAW;QAC5D,IAAM,QAAQ,GAAGA,0BAAM,CAAC,gBAAgB,CAAC,SAAgB,EAAE,GAAI,EAAE,EAAY,IAAI,IAAI,EAAE,EAAC,aAAa,eAAA,EAAC,CAAC,CAAC;QAExG,IAAI,OAAO,EAAE;YACX,QAAQ,CAAC,UAAU,CAAC,OAAiB,CAAC,CAAA;SACvC;QAED,IAAM,SAAS,GAAG,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,CAAA;QACvC,IAAI,KAAa,CAAA;QACjB,IAAI;YACF,KAAK,GAAG,QAAQ,CAAC,KAAK,EAAE,CAAA;SACzB;QAAC,OAAM,CAAK,EAAE;;YAEb,OAAO,IAAI,CAAA;SACZ;QACD,OAAO,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAA;KAC3D;IAMD,uBAAI,GAAJ,UAAK,IAAoB,EAAE,GAAwB;QACjD,IAAI,CAAC,IAAI,EAAE;YACT,OAAO,IAAI,CAAA;SACZ;QACK,IAAA,KAA8B,IAAI,CAAC,OAAO,EAAzC,SAAS,eAAA,EAAE,QAAQ,cAAA,EAAE,IAAI,UAAgB,CAAA;QAChD,GAAG,GAAG,GAAG,IAAI,IAAI,CAAC,CAAC,CAAc,CAAA;QACjC,OAAOA,0BAAM;aACV,UAAU,CAAC,SAAS,EAAE,GAAG,CAAC;aAC1B,MAAM,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC;aAC7B,OAAO,CAAC,UAAU,EAAE,UAAU,CAAC;YAC9B,OAAO,CAAC,EAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,EAAE,EAAC,EAAE,CAAC,CAAW,CAAA;SACpD,CAAC,CAAA;KACL;IAED,yBAAM,GAAN,UAAO,IAAY,EAAE,MAAc;QACjC,OAAO,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC,GAAG,CAAC,CAAC,CAAA;KACvC;IAED,0BAAO,GAAP,UAAQ,IAAY,EAAE,MAAc;QAC3B,IAAA,IAAI,GAAI,IAAI,CAAC,OAAO,KAAhB,CAAgB;QAE3B,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE;YACrB,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAA;SACpD;QAED,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;YACpC,IAAIC,2BAAO,CAAC,MAAM,EAAE,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC,CAAW,CAAC,CAAC;gBAAE,OAAO,CAAC,CAAA;SAClE;QACD,OAAO,CAAC,CAAC,CAAA;KACV;IA5LM,mBAAU,GAAG,WAGlB,CAAA;IA6LJ,eAAC;CApMD;;AC3BA,IAAM,KAAK,GAA6B,EAAS,CAAC;;IAkDhD,iBAAY,OAA6C,EAAE,QAA8C,EAAE,OAA4B;QAA5B,wBAAA,EAAA,YAA4B;QACrI,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;QACvB,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;QAEzB,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC,QAAQ,IAAI,IAAI,QAAQ,EAAE,CAAC;QACnD,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;QAC7B,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,KAAK,SAAS,GAAG,OAAO,CAAC,MAAM,GAAG,KAAK,CAAC;QACpE,IAAI,CAAC,SAAS,GAAG,OAAO,CAAC,SAAS,KAAK,SAAS,GAAG,OAAO,CAAC,SAAS,GAAG,KAAK,CAAC;QAC7E,IAAI,CAAC,cAAc,GAAG,OAAO,CAAC,cAAc,IAAI,KAAK,CAAC;KACvD;;;;;;;;;;;;;;;;;;;;;IAsBD,qBAAG,GAAH,UAAI,IAAY,EAAE,IAAiB;QACjC,IAAM,KAAK,GAAG,CAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,cAAc,KAAI,IAAI,CAAC,cAAc,CAAC;QAE1D,IAAM,OAAO,GAAI,OAAO,KAAK,KAAK,UAAU,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC;cACjE,MAAG,IAAI,GAAG,GAAG,GAAE,KAAK,CAAE,CAAC;QAE3B,IAAM,MAAM,GAAG,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,SAAS,GAAG,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC;QAEvG,IAAM,SAAS,GAAG,IAAI,IAAI,IAAI,CAAC,SAAS,KAAK,SAAS,GAAG,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC;QAEzF,IAAM,MAAM,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;QAC9C,IAAI,CAAC,MAAM,EAAE;YACX,OAAO,SAAS,CAAC;SAClB;QAED,IAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC;QAC7C,IAAI,CAAC,KAAK,EAAE;YACV,OAAO,SAAS,CAAC;SAClB;QAED,IAAM,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QACvB,IAAI,CAAC,IAAI,IAAI,CAAC,MAAM,EAAE;YACpB,OAAO,SAAS,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAe,CAAC,GAAG,KAAK,CAAC;SACnE;QAED,IAAM,MAAM,GAAG,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;QACtE,IAAI,CAAC,MAAM,EAAE;YACX,OAAO,SAAS,CAAC;SAClB;QAED,IAAM,IAAI,GAAM,IAAI,SAAI,KAAO,CAAC;QAChC,IAAM,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;QAElD,IAAI,KAAK,GAAG,CAAC,EAAE;YACb,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,IAAI,EAAE,EAAE,IAAI,EAAE,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;YACtD,OAAO,SAAS,CAAA;SACjB;aAAM;YACL,KAAK,IAAI,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;YACxE,OAAO,SAAS,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAe,CAAC,GAAG,KAAK,CAAC;SACnE;KACF;;;;;;;;IASD,qBAAG,GAAH,UAAI,IAAY,EAAE,KAAoB,EAAE,IAAgB;QACtD,IAAM,GAAG,GAAG,IAAI,CAAC,QAAQ,CAAC;QAC1B,IAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC;QACzB,IAAI,OAAO,IAAI,GAAG,CAAC,SAAS,CAAC,YAAY,CAAC,IAAI,EAAE,CAAa,CAAC;QAC9D,IAAM,MAAM,GAAG,IAAI,CAAC,MAAM,KAAK,SAAS,GAAG,CAAC,CAAC,IAAI,CAAC,MAAM,GAAS,GAAI,CAAC,QAAQ,KAAK,OAAO,IAAU,GAAI,CAAC,UAAU,CAAC,WAAW,CAAC,CAAC;QACjI,IAAM,SAAS,GAAG,IAAI,IAAI,IAAI,CAAC,SAAS,KAAK,SAAS,GAAG,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC;QAEzF,IAAG,KAAK,KAAK,IAAI,IAAI,SAAS,EAAC;YAC7B,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAe,CAAC,CAAC;SAChD;QAED,IAAM,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,EAAE,KAAK,EAAE,IAAI,CAAC,CAAC;QAC7C,IAAM,MAAM,GAAG,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,SAAS,GAAG,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC;;QAG7E,IAAI,OAAO,OAAO,IAAI,QAAQ,EAAE;YAC9B,OAAO,GAAG,CAAC,OAAO,CAAC,CAAC;SACrB;QAED,IAAI,CAAC,MAAM,IAAI,IAAI,IAAI,IAAI,CAAC,MAAM,EAAE;YAClC,MAAM,IAAI,KAAK,CAAC,uDAAuD,CAAC,CAAC;SAC1E;QAED,MAAM,CAAC,MAAM,GAAG,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,SAAS;cAC7C,IAAI,CAAC,MAAM;cACX,MAAM,CAAC;QAEX,UAAU,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;QAE5B,IAAI,IAAI,IAAI,MAAM,EAAE;YAClB,MAAM,CAAC,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAC;YAErD,IAAM,KAAK,GAAG,IAAI,CAAC,cAAc,IAAI,IAAI,CAAC,cAAc,CAAC;YAEzD,MAAM,CAAC,IAAI,GAAG,OAAO,KAAK,KAAK,UAAU,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC;kBACrE,MAAG,MAAM,CAAC,IAAI,GAAG,GAAG,GAAE,KAAK,CAAE,CAAC;YAClC,UAAU,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;SAC7B;QAED,IAAM,SAAS,GAAS,GAAI,CAAC,KAAK,CAAC,GAAGC,wBAAI,CAAC,eAAe,CAAC,SAAS,CAAC,SAAS,GAAG,GAAG,CAAC,SAAS,CAAC;QAC/F,SAAS,CAAC,IAAI,CAAC,GAAG,EAAE,YAAY,EAAE,OAAO,CAAC,CAAC;QAC3C,OAAO,IAAI,CAAC;KACb;IAEM,kBAAU,GAAG,UAAC,OAAwB,IAAK,OAAA,UAAC,GAAQ,EAAE,GAAQ,EAAE,IAAS;QAC9E,GAAG,CAAC,OAAO,GAAG,GAAG,CAAC,OAAO,GAAG,IAAI,OAAO,CAAC,GAAG,EAAE,GAAG,EAAE,OAAO,CAAC,CAAC;QAE3D,IAAI,EAAE,CAAC;KACR,GAAA,CAAA;IACM,eAAO,GAAG,OAAO,CAAC,UAAU,CAAA;IAC5B,eAAO,GAAG,OAAO,CAAC,UAAU,CAAA;IAC5B,WAAG,GAAG,UAAC,OAAwB,IAAK,OAAA,UAAC,GAAQ,EAAE,IAAS;QAC7D,GAAG,CAAC,OAAO,GAAG,GAAG,CAAC,GAAG,CAAC,OAAO,GAAG,GAAG,CAAC,GAAG,CAAC,OAAO,GAAG,GAAG,CAAC,OAAO,CAAC,OAAO,GAAG,GAAG,CAAC,QAAQ,CAAC,OAAO,GAAG,IAAI,OAAO,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAA;QACrI,IAAI,EAAE,CAAA;KACP,GAAA,CAAA;IACH,cAAC;CAtJD,IAsJC;AAGD,SAAS,UAAU,CAAC,IAAY;IAC9B,IAAI,KAAK,CAAC,IAAI,CAAC,EAAE;QACf,OAAO,KAAK,CAAC,IAAI,CAAW,CAAC;KAC9B;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,GAAG,IAAI,MAAM,CAC7B,cAAY,IAAI,CAAC,OAAO,CAAC,0BAA0B,EAAE,MAAM,CAAC,aAAU,CACvE,CAAC;AACJ,CAAC;AAED,SAAS,UAAU,CAAC,OAAiB,EAAE,MAAc;IACnD,IAAI,MAAM,CAAC,SAAS,EAAE;QACpB,KAAK,IAAI,CAAC,GAAG,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE;YAC5C,IAAI,OAAO,CAAC,CAAC,CAAE,CAAC,OAAO,CAAI,MAAM,CAAC,IAAI,MAAG,CAAC,KAAK,CAAC,EAAE;gBAChD,OAAO,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;aACtB;SACF;KACF;IAED,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;AAC9B;;;;;;"} \ No newline at end of file diff --git a/dist/index.esm.js b/dist/index.esm.js index 193bcbe..b9d1102 100644 --- a/dist/index.esm.js +++ b/dist/index.esm.js @@ -1,5 +1,5 @@ /*! - * secure-cookie v0.0.1 + * secure-cookie v0.0.2 * (c) Ismail H. Ayaz * Released under the MIT License. */ @@ -223,10 +223,12 @@ var KeyStore = /** @class */ (function () { if (typeof authTag === "string") { authTag = Buffer.from(authTag, encoding); } - if (!iv) { - iv = dataBuff.slice(0, cipherInfo.ivLength); + if (cipherInfo.ivLength !== undefined) { + if (!iv) { + iv = dataBuff.slice(0, cipherInfo.ivLength); + } + dataBuff = dataBuff.slice(cipherInfo.ivLength, dataBuff.length); } - dataBuff = dataBuff.slice(cipherInfo.ivLength, dataBuff.length); if (AUTH_TAG_REQUIRED.test(algorithm)) { if (!authTag) { authTag = dataBuff.slice(0, authTagLength); @@ -242,19 +244,20 @@ var KeyStore = /** @class */ (function () { }; KeyStore.doDecrypt = function (data, options) { var algorithm = options.algorithm, key = options.key, iv = options.iv, authTagLength = options.authTagLength, authTag = options.authTag; - var decipher = crypto.createDecipheriv(algorithm, key, iv, { authTagLength: authTagLength }); + var decipher = crypto.createDecipheriv(algorithm, key, iv || null, { authTagLength: authTagLength }); if (authTag) { decipher.setAuthTag(authTag); } var plainText = decipher.update(data); + var final; try { - decipher.final(); + final = decipher.final(); } - catch (_a) { + catch (e) { // authentication failed return null; } - return plainText.toString('utf-8'); + return Buffer.concat([plainText, final]).toString('utf-8'); }; KeyStore.prototype.sign = function (data, key) { if (!data) { @@ -370,8 +373,8 @@ var Cookies = /** @class */ (function () { } var cookie = new Cookie(name, value, opts); var signed = opts && opts.signed !== undefined ? opts.signed : this.signed; + /* istanbul ignore next */ if (typeof headers == 'string') { - /* istanbul ignore next */ headers = [headers]; } if (!secure && opts && opts.secure) { diff --git a/dist/index.esm.js.map b/dist/index.esm.js.map index 4f3cf06..b6b0ca8 100644 --- a/dist/index.esm.js.map +++ b/dist/index.esm.js.map @@ -1 +1 @@ -{"version":3,"file":"index.esm.js","sources":["../src/cookie.ts","../src/ciphers.ts","../src/keystore.ts","../src/cookies.ts"],"sourcesContent":["// eslint-disable-next-line no-control-regex\nconst fieldContentRegExp = /^[\\u0009\\u0020-\\u007e\\u0080-\\u00ff]+$/;\nconst SAME_SITE_REGEXP = /^(?:lax|none|strict)$/i;\n\nexport interface CookieAttrs {\n /**\n * a `Date` object indicating the cookie's expiration date (expires at the end of session by default).\n */\n expires?: Date;\n /**\n * a number representing the milliseconds from `Date.now()` for expiry\n */\n maxAge?: number | null;\n /**\n * a boolean or string indicating whether the cookie is a \"same site\" cookie (`false` by default). This can be set to `'strict'`, `'lax'`, `'none'`, or `true` (which maps to `'strict'`).\n */\n sameSite?: 'lax' | 'none' | 'strict' | boolean;\n /**\n * a string indicating the path of the cookie (`/` by default).\n */\n path?: string;\n /**\n * a string indicating the domain of the cookie (no default).\n */\n domain?: string;\n /**\n * a boolean indicating whether the cookie is only to be sent over HTTPS (`false` by default for HTTP, `true` by default for HTTPS).\n */\n secure?: boolean | undefined;\n /**\n * a boolean indicating whether the cookie is only to be sent over HTTP(S), and not made available to client JavaScript (`true` by default).\n */\n httpOnly?: boolean;\n /**\n * a boolean indicating whether to overwrite previously set cookies of the same name (`false` by default). If this is true, all cookies set during the same request with the same name (regardless of path or domain) are filtered out of the Set-Cookie header when setting this cookie.\n */\n overwrite?: boolean;\n}\n\nexport class Cookie implements CookieAttrs {\n name: string;\n value: string;\n domain?: string;\n path = '/';\n sameSite?: CookieAttrs['sameSite'] = false;\n secure = false;\n httpOnly = true;\n overwrite = false;\n expires?: Date;\n maxAge?: number | null;\n\n constructor(name: string, value: string | null, attrs?: CookieAttrs) {\n if (!fieldContentRegExp.test(name)) {\n throw new TypeError('argument name is invalid');\n }\n\n if (value && !fieldContentRegExp.test(value)) {\n throw new TypeError('argument value is invalid');\n }\n\n this.name = name;\n this.value = value || '';\n\n Object.assign(this, attrs)\n\n if (!this.value) {\n this.expires = new Date(0);\n this.maxAge = null;\n }\n\n if (this.path && !fieldContentRegExp.test(this.path)) {\n throw new TypeError('option path is invalid');\n }\n\n if (this.domain && !fieldContentRegExp.test(this.domain)) {\n throw new TypeError('option domain is invalid');\n }\n\n if (this.sameSite && this.sameSite !== true && !SAME_SITE_REGEXP.test(this.sameSite)) {\n throw new TypeError('option sameSite is invalid');\n }\n }\n\n toString() {\n return `${this.name}=${this.value}`;\n }\n\n get header() {\n let header = this.toString();\n\n if (this.maxAge) {\n this.expires = new Date(Date.now() + this.maxAge);\n }\n\n if (this.path) {\n header += `; path=${this.path}`;\n }\n if (this.expires) {\n header += `; expires=${this.expires.toUTCString()}`;\n }\n if (this.domain) {\n header += `; domain=${this.domain}`;\n }\n if (this.sameSite) {\n header += `; samesite=${this.sameSite === true ? 'strict' : this.sameSite.toLowerCase()}`;\n }\n if (this.secure) {\n header += '; secure';\n }\n if (this.httpOnly) {\n header += '; httponly';\n }\n\n return header;\n }\n\n}\n","export const CIPHER_INFO = {\n 'aes-128-cbc': { ivLength: 16, keyLength: 16 },\n 'aes-128-cbc-hmac-sha1': { ivLength: 16, keyLength: 16 },\n 'aes-128-cbc-hmac-sha256': { ivLength: 16, keyLength: 16 },\n 'aes-128-cfb': { ivLength: 16, keyLength: 16 },\n 'aes-128-cfb1': { ivLength: 16, keyLength: 16 },\n 'aes-128-cfb8': { ivLength: 16, keyLength: 16 },\n 'aes-128-ctr': { ivLength: 16, keyLength: 16 },\n 'aes-128-ecb': { ivLength: undefined, keyLength: 16 },\n 'aes-128-ocb': { ivLength: 12, keyLength: 16 },\n 'aes-128-ofb': { ivLength: 16, keyLength: 16 },\n 'aes-128-xts': { ivLength: 16, keyLength: 32 },\n 'aes-192-cbc': { ivLength: 16, keyLength: 24 },\n 'aes-192-cfb': { ivLength: 16, keyLength: 24 },\n 'aes-192-cfb1': { ivLength: 16, keyLength: 24 },\n 'aes-192-cfb8': { ivLength: 16, keyLength: 24 },\n 'aes-192-ctr': { ivLength: 16, keyLength: 24 },\n 'aes-192-ecb': { ivLength: undefined, keyLength: 24 },\n 'aes-192-ocb': { ivLength: 12, keyLength: 24 },\n 'aes-192-ofb': { ivLength: 16, keyLength: 24 },\n 'aes-256-cbc': { ivLength: 16, keyLength: 32 },\n 'aes-256-cbc-hmac-sha1': { ivLength: 16, keyLength: 32 },\n 'aes-256-cbc-hmac-sha256': { ivLength: 16, keyLength: 32 },\n 'aes-256-cfb': { ivLength: 16, keyLength: 32 },\n 'aes-256-cfb1': { ivLength: 16, keyLength: 32 },\n 'aes-256-cfb8': { ivLength: 16, keyLength: 32 },\n 'aes-256-ctr': { ivLength: 16, keyLength: 32 },\n 'aes-256-ecb': { ivLength: undefined, keyLength: 32 },\n 'aes-256-ocb': { ivLength: 12, keyLength: 32 },\n 'aes-256-ofb': { ivLength: 16, keyLength: 32 },\n 'aes-256-xts': { ivLength: 16, keyLength: 64 },\n 'aes-128-ccm': { ivLength: 12, keyLength: 16 },\n 'aes-128-gcm': { ivLength: 12, keyLength: 16 },\n 'aes-192-ccm': { ivLength: 12, keyLength: 24 },\n 'aes-192-gcm': { ivLength: 12, keyLength: 24 },\n 'aes-256-ccm': { ivLength: 12, keyLength: 32 },\n 'aes-256-gcm': { ivLength: 12, keyLength: 32 },\n 'id-aes128-ccm': { ivLength: 12, keyLength: 16 },\n 'id-aes128-gcm': { ivLength: 12, keyLength: 16 },\n 'id-aes192-ccm': { ivLength: 12, keyLength: 24 },\n 'id-aes192-gcm': { ivLength: 12, keyLength: 24 },\n 'id-aes256-ccm': { ivLength: 12, keyLength: 32 },\n 'id-aes256-gcm': { ivLength: 12, keyLength: 32 },\n} as const\n","/* eslint-disable @typescript-eslint/ban-ts-comment */\nimport compare from 'tsscmp'\n\nimport crypto, {BinaryToTextEncoding, CipherKey, Encoding} from \"crypto\";\nimport {CIPHER_INFO} from \"./ciphers\";\nimport type {Partial} from \"rollup-plugin-typescript2/dist/partial\";\n\nexport interface KeyStoreOpts {\n signing?: {\n keys: string[],\n algorithm?: string | 'blake2b512' | 'blake2s256' | 'gost' | 'md4' | 'md5' | 'rmd160' | 'sha1' | 'sha224'\n | 'sha256' | 'sha3-224' | 'sha3-256' | 'sha3-384' | 'sha3-512' | 'sha384' | 'sha512' | 'sha512-224'\n | 'sha512-256' | 'shake128' | 'shake256' | 'sm3';\n encoding?: BinaryToTextEncoding\n },\n encryption?: {\n keys: string[] | CipherKey[],\n algorithm?: keyof typeof CIPHER_INFO | string,\n encoding?: Encoding\n authTagLength?: number\n }\n}\n\ntype EncryptOptions = Required & { key?: string | undefined }\ntype DecryptOptions = Required & {\n key?: string | CipherKey | undefined,\n iv?: string | Buffer | undefined,\n authTag?: string | Buffer | undefined\n}\n\nconst AUTH_TAG_REQUIRED = /-(gcm|ccm)/\n\nexport class KeyStore {\n encryption: Required>;\n signing: Required>;\n\n static cipherInfo = CIPHER_INFO as Record\n\n constructor(opts?: KeyStoreOpts) {\n opts = opts || {}\n if (opts.encryption) {\n if (!Array.isArray(opts.encryption.keys) || opts.encryption.keys.length === 0) {\n throw new Error(\"keys are required for encryption\")\n }\n }\n if (opts.signing) {\n if (!Array.isArray(opts.signing.keys) || opts.signing.keys.length === 0) {\n throw new Error(\"keys are required for signing\")\n }\n }\n this.encryption = Object.assign({\n algorithm: 'aes-192-ccm',\n authTagLength: 16,\n encoding: 'hex', keys: []\n }, opts.encryption || {} as any)\n\n this.signing = Object.assign({encoding: 'base64', algorithm: 'sha1', keys: []}, opts.signing || {} as any)\n\n }\n\n encrypt(data?: null, options?: Partial): null\n encrypt(data: string | Buffer, options?: Partial): string\n encrypt(data?: string | Buffer | null, options?: Partial): string | null {\n if (!data) {\n return null\n }\n const {\n keys,\n algorithm,\n encoding,\n authTagLength,\n key\n }: EncryptOptions = options ? Object.assign({}, this.encryption, options) : this.encryption\n\n const secret = key || keys[0]\n\n if (!secret) {\n throw new Error(\"no key found\")\n }\n\n const cipherInfo = KeyStore.cipherInfo[algorithm]\n if (!cipherInfo) {\n throw new Error(\"unsupported cipher\")\n }\n\n const iv = cipherInfo.ivLength ? crypto.randomBytes(cipherInfo.ivLength) : null;\n const dataBuff = typeof data === \"string\" ? Buffer.from(data, 'utf-8') : data\n\n const cipher = crypto.createCipheriv(algorithm as any, secret, iv, {authTagLength})\n\n const text = cipher.update(dataBuff);\n const pad = cipher.final();\n let authTag: Buffer | undefined;\n if (AUTH_TAG_REQUIRED.test(algorithm)) {\n authTag = cipher.getAuthTag();\n }\n\n return Buffer.concat([\n ...iv ? [iv] : [],\n ...authTag ? [authTag] : [],\n text,\n pad\n ]).toString(encoding)\n }\n\n decrypt(data?: null, options?: Partial): null\n decrypt(data: string | Buffer, options?: Partial): string\n decrypt(data?: string | Buffer | null, options?: Partial): string | null {\n if (!data) {\n return null\n }\n\n const finalOptions: DecryptOptions = options ? Object.assign({}, this.encryption, options) : this.encryption\n\n const {\n encoding,\n key,\n keys: defaultKeys,\n algorithm,\n authTagLength,\n } = finalOptions\n\n const keys = key ? [ key ] : defaultKeys\n if (keys.length === 0) {\n throw new Error(\"keys required for encrypted cookies\")\n }\n\n let {\n iv,\n authTag\n } = finalOptions\n\n let dataBuff = typeof data === \"string\" ? Buffer.from(data, encoding) : data\n\n const cipherInfo = KeyStore.cipherInfo[algorithm]\n if (!cipherInfo) {\n throw new Error(\"unsupported cipher\")\n }\n\n if (typeof iv === \"string\") {\n iv = Buffer.from(iv, encoding)\n }\n\n if (typeof authTag === \"string\") {\n authTag = Buffer.from(authTag, encoding)\n }\n\n if (!iv) {\n iv = dataBuff.slice(0, cipherInfo.ivLength)\n }\n dataBuff = dataBuff.slice(cipherInfo.ivLength, dataBuff.length)\n\n\n if (AUTH_TAG_REQUIRED.test(algorithm)) {\n if (!authTag) {\n authTag = dataBuff.slice(0, authTagLength)\n }\n dataBuff = dataBuff.slice(authTagLength, dataBuff.length)\n }\n\n for (let i = 0; i < keys.length; i++) {\n const message = KeyStore.doDecrypt(dataBuff, {...finalOptions, key: keys[i], iv, authTag,});\n if (message !== null) return message\n }\n return null\n }\n\n private static doDecrypt(data: Buffer, options: DecryptOptions): string | null {\n const {algorithm, key, iv, authTagLength, authTag} = options\n const decipher = crypto.createDecipheriv(algorithm as any, key!, iv as Buffer, {authTagLength});\n\n if (authTag) {\n decipher.setAuthTag(authTag as Buffer)\n }\n\n const plainText = decipher.update(data)\n try {\n decipher.final()\n } catch {\n // authentication failed\n return null\n }\n return plainText.toString('utf-8')\n }\n\n //region: signing\n\n sign(data?: null, key?: string | CipherKey): null\n sign(data: string, key?: string | CipherKey): string\n sign(data?: string | null, key?: string | CipherKey): string | null {\n if (!data) {\n return null\n }\n const {algorithm, encoding, keys} = this.signing\n key = key || keys[0] as CipherKey\n return crypto\n .createHmac(algorithm, key)\n .update(data).digest(encoding)\n .replace(/\\/|\\+|=/g, function (x) {\n return ({\"/\": \"_\", \"+\": \"-\", \"=\": \"\"})[x] as string\n })\n }\n\n verify(data: string, digest: string): boolean {\n return this.indexOf(data, digest) > -1\n }\n\n indexOf(data: string, digest: string): number {\n const {keys} = this.signing\n\n if (keys.length === 0) {\n throw new Error(\"keys required for signed cookies\")\n }\n\n for (let i = 0; i < keys.length; i++) {\n if (compare(digest, this.sign(data, keys[i] as string))) return i\n }\n return -1\n }\n\n //end-region: signing\n\n}\n\n","import http, { IncomingMessage, ServerResponse } from 'http';\nimport { Cookie, CookieAttrs } from './cookie';\nimport {KeyStore} from \"./keystore\";\nimport type {Http2ServerRequest, Http2ServerResponse} from \"http2\";\n\nconst cache: { [key:string]: RegExp } = {} as any;\ntype SignIdentifier = string | ((name: string) => string)\nexport type CookiesOptions = {\n\n /**\n * KeyStore to be used for signing and encrypting\n */\n keyStore?: KeyStore;\n /**\n * a boolean indicating whether the cookie is to be signed (`false` by default). If this is true, another cookie of the same name with the `signIdentifier` will also be sent, with a 27-byte url-safe base64 SHA1 value representing the hash of _cookie-name_=_cookie-value_ against the first [KeyStore](keystore) key. This signature key is used to detect tampering the next time a cookie is received.\n * @default false\n */\n signed?: boolean;\n /**\n * Encrypt cookies by default and assume received cookies are encrypted.\n * @default false\n */\n encrypted?: boolean;\n /**\n * Mark cookies as secure by default.\n * @default `req.protocol`\n */\n secure?: boolean | undefined;\n /**\n * If string, provided value will be appended cookie name with dot. For example with given value `mysig`\n * signature cookie name will be `cookiename.mysig`\n *\n * @default `sig`\n */\n signIdentifier?: SignIdentifier\n}\n\nexport type SetCookies = CookiesOptions & CookieAttrs\nexport type GetCookies = CookiesOptions\n\nexport class Cookies {\n\n secure?: CookiesOptions[\"secure\"];\n\n encrypted: boolean;\n\n signed: boolean;\n\n keyStore: KeyStore;\n\n signIdentifier?: SignIdentifier\n\n readonly request: IncomingMessage | Http2ServerRequest;\n readonly response: ServerResponse | Http2ServerResponse;\n\n constructor(request: IncomingMessage | Http2ServerRequest, response: ServerResponse | Http2ServerResponse, options: CookiesOptions = {}) {\n this.request = request;\n this.response = response;\n\n this.keyStore = options.keyStore || new KeyStore();\n this.secure = options.secure;\n this.signed = options.signed !== undefined ? options.signed : false;\n this.encrypted = options.encrypted !== undefined ? options.encrypted : false;\n this.signIdentifier = options.signIdentifier || 'sig';\n }\n\n /**\n * This extracts the cookie with the given name from the Set-Cookie header in the request. If such a cookie exists, its value is returned. Otherwise, nothing is returned.\n *\n * `{ signed: true }` can optionally be passed as the second parameter options. In this case, a signature cookie (a cookie of same name ending with the .sig suffix appended) is fetched. If no such cookie exists, nothing is returned.\n *\n * If the signature cookie does exist, the provided KeyStore is used to check whether the hash of cookie-name=cookie-value matches that of any registered key/s:\n *\n * - If the signature cookie hash matches the first key, the original cookie value is returned.\n * - If the signature cookie hash matches any other key, the original cookie value is returned AND an outbound header is set to update the signature cookie's value to the hash of the first key. This enables automatic freshening of signature cookies that have become stale due to key rotation.\n * - If the signature cookie hash does not match any key, nothing is returned, and an outbound header with an expired date is used to delete the cookie.\n *\n * `{ encrypted: true }` can optionally be passed as the second parameter options. In this case, the provided KeyStore will try to decrypt the cookie value with registered key/s.\n *\n * - If the decryption fails nothing is returned, and the cookie stays intact.\n * - If decryption succeeds, decrypted cookie value is returned.\n *\n * If both `signed` and `encrypted` options are provided, signature check will be applied with encrypted value. Than the decryption will be applied.\n * @param name\n * @param opts\n */\n get(name: string, opts?: GetCookies) {\n const sigId = opts?.signIdentifier || this.signIdentifier;\n\n const sigName = typeof sigId === 'function' ? sigId.call(null, name)\n : `${name + '.'+ sigId}`;\n\n const signed = opts && opts.signed !== undefined ? opts.signed : this.keyStore.signing.keys.length > 0;\n\n const encrypted = opts && opts.encrypted !== undefined ? opts.encrypted : this.encrypted;\n\n const header = this.request.headers['cookie'];\n if (!header) {\n return undefined;\n }\n\n const match = header.match(getPattern(name));\n if (!match) {\n return undefined;\n }\n\n const value = match[1];\n if (!opts || !signed) {\n return encrypted ? this.keyStore.decrypt(value as string) : value;\n }\n\n const remote = this.get(sigName, { encrypted: false, signed: false });\n if (!remote) {\n return undefined;\n }\n\n const data = `${name}=${value}`;\n const index = this.keyStore.indexOf(data, remote);\n\n if (index < 0) {\n this.set(sigName, null, { path: '/', signed: false });\n return undefined\n } else {\n index && this.set(sigName, this.keyStore.sign(data), { signed: false });\n return encrypted ? this.keyStore.decrypt(value as string) : value;\n }\n }\n\n /**\n * This sets the given cookie in the response and returns the current context to allow chaining.\n *\n * @param name Cookie name\n * @param value Cookie value. If this is omitted, an outbound header with an expired date is used to delete the cookie.\n * @param opts Overridden options\n */\n set(name: string, value: string | null, opts: SetCookies) {\n const res = this.response;\n const req = this.request;\n let headers = (res.getHeader('Set-Cookie') || []) as string[];\n const secure = this.secure !== undefined ? !!this.secure : (req).protocol === 'https' || (req).connection['encrypted'];\n const encrypted = opts && opts.encrypted !== undefined ? opts.encrypted : this.encrypted;\n\n if(value !== null && encrypted){\n value = this.keyStore.encrypt(value as string);\n }\n\n const cookie = new Cookie(name, value, opts);\n const signed = opts && opts.signed !== undefined ? opts.signed : this.signed;\n\n if (typeof headers == 'string') {\n /* istanbul ignore next */\n headers = [headers];\n }\n\n if (!secure && opts && opts.secure) {\n throw new Error('Cannot send secure cookie over unencrypted connection');\n }\n\n cookie.secure = opts && opts.secure !== undefined\n ? opts.secure\n : secure;\n\n pushCookie(headers, cookie);\n\n if (opts && signed) {\n cookie.value = this.keyStore.sign(cookie.toString());\n\n const sigId = opts.signIdentifier || this.signIdentifier;\n\n cookie.name = typeof sigId === 'function' ? sigId.call(null, cookie.name)\n : `${cookie.name + '.'+ sigId}`;\n pushCookie(headers, cookie);\n }\n\n const setHeader = (res)[\"set\"] ? http.OutgoingMessage.prototype.setHeader : res.setHeader;\n setHeader.call(res, 'Set-Cookie', headers);\n return this;\n }\n\n static middleware = (options?: CookiesOptions) => (req: any, res: any, next: any) => {\n req.cookies = res.cookies = new Cookies(req, res, options);\n\n next();\n }\n static connect = Cookies.middleware\n static express = Cookies.middleware\n static koa = (options?: CookiesOptions) => (ctx: any, next: any) => {\n ctx.cookies = ctx.req.cookies = ctx.res.cookies = ctx.request.cookies = ctx.response.cookies = new Cookies(ctx.req, ctx.res, options)\n next()\n }\n}\n\n\nfunction getPattern(name: string): RegExp {\n if (cache[name]) {\n return cache[name] as RegExp;\n }\n\n return cache[name] = new RegExp(\n `(?:^|;) *${name.replace(/[-[\\]{}()*+?.,\\\\^$|#\\s]/g, '\\\\$&')}=([^;]*)`\n );\n}\n\nfunction pushCookie(headers: string[], cookie: Cookie) {\n if (cookie.overwrite) {\n for (let i = headers.length - 1; i >= 0; i--) {\n if (headers[i]!.indexOf(`${cookie.name}=`) === 0) {\n headers.splice(i, 1);\n }\n }\n }\n\n headers.push(cookie.header);\n}\n"],"names":[],"mappings":";;;;;;;;;;AAAA;AACA,IAAM,kBAAkB,GAAG,uCAAuC,CAAC;AACnE,IAAM,gBAAgB,GAAG,wBAAwB,CAAC;;IAiDhD,gBAAY,IAAY,EAAE,KAAoB,EAAE,KAAmB;QARnE,SAAI,GAAG,GAAG,CAAC;QACX,aAAQ,GAA6B,KAAK,CAAC;QAC3C,WAAM,GAAG,KAAK,CAAC;QACf,aAAQ,GAAG,IAAI,CAAC;QAChB,cAAS,GAAG,KAAK,CAAC;QAKhB,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;YAClC,MAAM,IAAI,SAAS,CAAC,0BAA0B,CAAC,CAAC;SACjD;QAED,IAAI,KAAK,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE;YAC5C,MAAM,IAAI,SAAS,CAAC,2BAA2B,CAAC,CAAC;SAClD;QAED,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;QACjB,IAAI,CAAC,KAAK,GAAG,KAAK,IAAI,EAAE,CAAC;QAEzB,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,CAAA;QAE1B,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE;YACf,IAAI,CAAC,OAAO,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC;YAC3B,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC;SACpB;QAED,IAAI,IAAI,CAAC,IAAI,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;YACpD,MAAM,IAAI,SAAS,CAAC,wBAAwB,CAAC,CAAC;SAC/C;QAED,IAAI,IAAI,CAAC,MAAM,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE;YACxD,MAAM,IAAI,SAAS,CAAC,0BAA0B,CAAC,CAAC;SACjD;QAED,IAAI,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,QAAQ,KAAK,IAAI,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE;YACpF,MAAM,IAAI,SAAS,CAAC,4BAA4B,CAAC,CAAC;SACnD;KACF;IAED,yBAAQ,GAAR;QACE,OAAU,IAAI,CAAC,IAAI,SAAI,IAAI,CAAC,KAAO,CAAC;KACrC;IAED,sBAAI,0BAAM;aAAV;YACE,IAAI,MAAM,GAAG,IAAI,CAAC,QAAQ,EAAE,CAAC;YAE7B,IAAI,IAAI,CAAC,MAAM,EAAE;gBACf,IAAI,CAAC,OAAO,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC;aACnD;YAED,IAAI,IAAI,CAAC,IAAI,EAAE;gBACb,MAAM,IAAI,YAAU,IAAI,CAAC,IAAM,CAAC;aACjC;YACD,IAAI,IAAI,CAAC,OAAO,EAAE;gBAChB,MAAM,IAAI,eAAa,IAAI,CAAC,OAAO,CAAC,WAAW,EAAI,CAAC;aACrD;YACD,IAAI,IAAI,CAAC,MAAM,EAAE;gBACf,MAAM,IAAI,cAAY,IAAI,CAAC,MAAQ,CAAC;aACrC;YACD,IAAI,IAAI,CAAC,QAAQ,EAAE;gBACjB,MAAM,IAAI,iBAAc,IAAI,CAAC,QAAQ,KAAK,IAAI,GAAG,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAE,CAAC;aAC3F;YACD,IAAI,IAAI,CAAC,MAAM,EAAE;gBACf,MAAM,IAAI,UAAU,CAAC;aACtB;YACD,IAAI,IAAI,CAAC,QAAQ,EAAE;gBACjB,MAAM,IAAI,YAAY,CAAC;aACxB;YAED,OAAO,MAAM,CAAC;SACf;;;OAAA;IAEH,aAAC;AAAD,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;ACpHM,IAAM,WAAW,GAAG;IACzB,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,uBAAuB,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IACxD,yBAAyB,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC1D,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,EAAE,EAAE,EAAE;IACrD,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,EAAE,EAAE,EAAE;IACrD,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,uBAAuB,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IACxD,yBAAyB,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC1D,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,EAAE,EAAE,EAAE;IACrD,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;CACxC;;ACbV,IAAM,iBAAiB,GAAG,YAAY,CAAA;;IAWpC,kBAAY,IAAmB;QAC7B,IAAI,GAAG,IAAI,IAAI,EAAE,CAAA;QACjB,IAAI,IAAI,CAAC,UAAU,EAAE;YACnB,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE;gBAC7E,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAA;aACpD;SACF;QACD,IAAI,IAAI,CAAC,OAAO,EAAE;YAChB,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE;gBACvE,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAA;aACjD;SACF;QACD,IAAI,CAAC,UAAU,GAAG,MAAM,CAAC,MAAM,CAAC;YAC9B,SAAS,EAAE,aAAa;YACxB,aAAa,EAAE,EAAE;YACjB,QAAQ,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE;SAC1B,EAAE,IAAI,CAAC,UAAU,IAAI,EAAS,CAAC,CAAA;QAEhC,IAAI,CAAC,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,EAAC,QAAQ,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,EAAE,IAAI,EAAE,EAAE,EAAC,EAAE,IAAI,CAAC,OAAO,IAAI,EAAS,CAAC,CAAA;KAE3G;IAID,0BAAO,GAAP,UAAQ,IAA6B,EAAE,OAAiC;QACtE,IAAI,CAAC,IAAI,EAAE;YACT,OAAO,IAAI,CAAA;SACZ;QACK,IAAA,KAMc,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,IAAI,CAAC,UAAU,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC,UAAU,EALzF,IAAI,UAAA,EACJ,SAAS,eAAA,EACT,QAAQ,cAAA,EACR,aAAa,mBAAA,EACb,GAAG,SACsF,CAAA;QAE3F,IAAM,MAAM,GAAG,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,CAAA;QAE7B,IAAI,CAAC,MAAM,EAAE;YACX,MAAM,IAAI,KAAK,CAAC,cAAc,CAAC,CAAA;SAChC;QAED,IAAM,UAAU,GAAG,QAAQ,CAAC,UAAU,CAAC,SAAS,CAAC,CAAA;QACjD,IAAI,CAAC,UAAU,EAAE;YACf,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAA;SACtC;QAED,IAAM,EAAE,GAAG,UAAU,CAAC,QAAQ,GAAG,MAAM,CAAC,WAAW,CAAC,UAAU,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC;QAChF,IAAM,QAAQ,GAAG,OAAO,IAAI,KAAK,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,EAAE,OAAO,CAAC,GAAG,IAAI,CAAA;QAE7E,IAAM,MAAM,GAAG,MAAM,CAAC,cAAc,CAAC,SAAgB,EAAE,MAAM,EAAE,EAAE,EAAE,EAAC,aAAa,eAAA,EAAC,CAAC,CAAA;QAEnF,IAAM,IAAI,GAAG,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QACrC,IAAM,GAAG,GAAG,MAAM,CAAC,KAAK,EAAE,CAAC;QAC3B,IAAI,OAA2B,CAAC;QAChC,IAAI,iBAAiB,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE;YACrC,OAAO,GAAG,MAAM,CAAC,UAAU,EAAE,CAAC;SAC/B;QAED,OAAO,MAAM,CAAC,MAAM,+CACf,EAAE,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,SACd,OAAO,GAAG,CAAC,OAAO,CAAC,GAAG,EAAE;YAC3B,IAAI;YACJ,GAAG;WACH,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAA;KACtB;IAID,0BAAO,GAAP,UAAQ,IAA6B,EAAE,OAAiC;QACtE,IAAI,CAAC,IAAI,EAAE;YACT,OAAO,IAAI,CAAA;SACZ;QAED,IAAM,YAAY,GAAmB,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,IAAI,CAAC,UAAU,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC,UAAU,CAAA;QAG1G,IAAA,QAAQ,GAKN,YAAY,SALN,EACR,GAAG,GAID,YAAY,IAJX,EACG,WAAW,GAGf,YAAY,KAHG,EACjB,SAAS,GAEP,YAAY,UAFL,EACT,aAAa,GACX,YAAY,cADD,CACC;QAEhB,IAAM,IAAI,GAAG,GAAG,GAAG,CAAE,GAAG,CAAE,GAAG,WAAW,CAAA;QACxC,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE;YACrB,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAA;SACvD;QAGC,IAAA,EAAE,GAEA,YAAY,GAFZ,EACF,OAAO,GACL,YAAY,QADP,CACO;QAEhB,IAAI,QAAQ,GAAG,OAAO,IAAI,KAAK,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,EAAE,QAAQ,CAAC,GAAG,IAAI,CAAA;QAE5E,IAAM,UAAU,GAAG,QAAQ,CAAC,UAAU,CAAC,SAAS,CAAC,CAAA;QACjD,IAAI,CAAC,UAAU,EAAE;YACf,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAA;SACtC;QAED,IAAI,OAAO,EAAE,KAAK,QAAQ,EAAE;YAC1B,EAAE,GAAG,MAAM,CAAC,IAAI,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAA;SAC/B;QAED,IAAI,OAAO,OAAO,KAAK,QAAQ,EAAE;YAC/B,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAA;SACzC;QAED,IAAI,CAAC,EAAE,EAAE;YACP,EAAE,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,UAAU,CAAC,QAAQ,CAAC,CAAA;SAC5C;QACD,QAAQ,GAAG,QAAQ,CAAC,KAAK,CAAC,UAAU,CAAC,QAAQ,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAA;QAG/D,IAAI,iBAAiB,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE;YACrC,IAAI,CAAC,OAAO,EAAE;gBACZ,OAAO,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,aAAa,CAAC,CAAA;aAC3C;YACD,QAAQ,GAAG,QAAQ,CAAC,KAAK,CAAC,aAAa,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAA;SAC1D;QAED,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;YACpC,IAAM,OAAO,GAAG,QAAQ,CAAC,SAAS,CAAC,QAAQ,wBAAM,YAAY,KAAE,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,IAAA,EAAE,OAAO,SAAA,IAAG,CAAC;YAC5F,IAAI,OAAO,KAAK,IAAI;gBAAE,OAAO,OAAO,CAAA;SACrC;QACD,OAAO,IAAI,CAAA;KACZ;IAEc,kBAAS,GAAxB,UAAyB,IAAY,EAAE,OAAuB;QACrD,IAAA,SAAS,GAAqC,OAAO,UAA5C,EAAE,GAAG,GAAgC,OAAO,IAAvC,EAAE,EAAE,GAA4B,OAAO,GAAnC,EAAE,aAAa,GAAa,OAAO,cAApB,EAAE,OAAO,GAAI,OAAO,QAAX,CAAW;QAC5D,IAAM,QAAQ,GAAG,MAAM,CAAC,gBAAgB,CAAC,SAAgB,EAAE,GAAI,EAAE,EAAY,EAAE,EAAC,aAAa,eAAA,EAAC,CAAC,CAAC;QAEhG,IAAI,OAAO,EAAE;YACX,QAAQ,CAAC,UAAU,CAAC,OAAiB,CAAC,CAAA;SACvC;QAED,IAAM,SAAS,GAAG,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,CAAA;QACvC,IAAI;YACF,QAAQ,CAAC,KAAK,EAAE,CAAA;SACjB;QAAC,WAAM;;YAEN,OAAO,IAAI,CAAA;SACZ;QACD,OAAO,SAAS,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAA;KACnC;IAMD,uBAAI,GAAJ,UAAK,IAAoB,EAAE,GAAwB;QACjD,IAAI,CAAC,IAAI,EAAE;YACT,OAAO,IAAI,CAAA;SACZ;QACK,IAAA,KAA8B,IAAI,CAAC,OAAO,EAAzC,SAAS,eAAA,EAAE,QAAQ,cAAA,EAAE,IAAI,UAAgB,CAAA;QAChD,GAAG,GAAG,GAAG,IAAI,IAAI,CAAC,CAAC,CAAc,CAAA;QACjC,OAAO,MAAM;aACV,UAAU,CAAC,SAAS,EAAE,GAAG,CAAC;aAC1B,MAAM,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC;aAC7B,OAAO,CAAC,UAAU,EAAE,UAAU,CAAC;YAC9B,OAAO,CAAC,EAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,EAAE,EAAC,EAAE,CAAC,CAAW,CAAA;SACpD,CAAC,CAAA;KACL;IAED,yBAAM,GAAN,UAAO,IAAY,EAAE,MAAc;QACjC,OAAO,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC,GAAG,CAAC,CAAC,CAAA;KACvC;IAED,0BAAO,GAAP,UAAQ,IAAY,EAAE,MAAc;QAC3B,IAAA,IAAI,GAAI,IAAI,CAAC,OAAO,KAAhB,CAAgB;QAE3B,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE;YACrB,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAA;SACpD;QAED,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;YACpC,IAAI,OAAO,CAAC,MAAM,EAAE,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC,CAAW,CAAC,CAAC;gBAAE,OAAO,CAAC,CAAA;SAClE;QACD,OAAO,CAAC,CAAC,CAAA;KACV;IAzLM,mBAAU,GAAG,WAGlB,CAAA;IA0LJ,eAAC;CAjMD;;AC3BA,IAAM,KAAK,GAA6B,EAAS,CAAC;;IAkDhD,iBAAY,OAA6C,EAAE,QAA8C,EAAE,OAA4B;QAA5B,wBAAA,EAAA,YAA4B;QACrI,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;QACvB,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;QAEzB,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC,QAAQ,IAAI,IAAI,QAAQ,EAAE,CAAC;QACnD,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;QAC7B,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,KAAK,SAAS,GAAG,OAAO,CAAC,MAAM,GAAG,KAAK,CAAC;QACpE,IAAI,CAAC,SAAS,GAAG,OAAO,CAAC,SAAS,KAAK,SAAS,GAAG,OAAO,CAAC,SAAS,GAAG,KAAK,CAAC;QAC7E,IAAI,CAAC,cAAc,GAAG,OAAO,CAAC,cAAc,IAAI,KAAK,CAAC;KACvD;;;;;;;;;;;;;;;;;;;;;IAsBD,qBAAG,GAAH,UAAI,IAAY,EAAE,IAAiB;QACjC,IAAM,KAAK,GAAG,CAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,cAAc,KAAI,IAAI,CAAC,cAAc,CAAC;QAE1D,IAAM,OAAO,GAAI,OAAO,KAAK,KAAK,UAAU,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC;cACjE,MAAG,IAAI,GAAG,GAAG,GAAE,KAAK,CAAE,CAAC;QAE3B,IAAM,MAAM,GAAG,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,SAAS,GAAG,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC;QAEvG,IAAM,SAAS,GAAG,IAAI,IAAI,IAAI,CAAC,SAAS,KAAK,SAAS,GAAG,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC;QAEzF,IAAM,MAAM,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;QAC9C,IAAI,CAAC,MAAM,EAAE;YACX,OAAO,SAAS,CAAC;SAClB;QAED,IAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC;QAC7C,IAAI,CAAC,KAAK,EAAE;YACV,OAAO,SAAS,CAAC;SAClB;QAED,IAAM,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QACvB,IAAI,CAAC,IAAI,IAAI,CAAC,MAAM,EAAE;YACpB,OAAO,SAAS,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAe,CAAC,GAAG,KAAK,CAAC;SACnE;QAED,IAAM,MAAM,GAAG,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;QACtE,IAAI,CAAC,MAAM,EAAE;YACX,OAAO,SAAS,CAAC;SAClB;QAED,IAAM,IAAI,GAAM,IAAI,SAAI,KAAO,CAAC;QAChC,IAAM,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;QAElD,IAAI,KAAK,GAAG,CAAC,EAAE;YACb,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,IAAI,EAAE,EAAE,IAAI,EAAE,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;YACtD,OAAO,SAAS,CAAA;SACjB;aAAM;YACL,KAAK,IAAI,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;YACxE,OAAO,SAAS,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAe,CAAC,GAAG,KAAK,CAAC;SACnE;KACF;;;;;;;;IASD,qBAAG,GAAH,UAAI,IAAY,EAAE,KAAoB,EAAE,IAAgB;QACtD,IAAM,GAAG,GAAG,IAAI,CAAC,QAAQ,CAAC;QAC1B,IAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC;QACzB,IAAI,OAAO,IAAI,GAAG,CAAC,SAAS,CAAC,YAAY,CAAC,IAAI,EAAE,CAAa,CAAC;QAC9D,IAAM,MAAM,GAAG,IAAI,CAAC,MAAM,KAAK,SAAS,GAAG,CAAC,CAAC,IAAI,CAAC,MAAM,GAAS,GAAI,CAAC,QAAQ,KAAK,OAAO,IAAU,GAAI,CAAC,UAAU,CAAC,WAAW,CAAC,CAAC;QACjI,IAAM,SAAS,GAAG,IAAI,IAAI,IAAI,CAAC,SAAS,KAAK,SAAS,GAAG,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC;QAEzF,IAAG,KAAK,KAAK,IAAI,IAAI,SAAS,EAAC;YAC7B,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAe,CAAC,CAAC;SAChD;QAED,IAAM,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,EAAE,KAAK,EAAE,IAAI,CAAC,CAAC;QAC7C,IAAM,MAAM,GAAG,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,SAAS,GAAG,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC;QAE7E,IAAI,OAAO,OAAO,IAAI,QAAQ,EAAE;;YAE9B,OAAO,GAAG,CAAC,OAAO,CAAC,CAAC;SACrB;QAED,IAAI,CAAC,MAAM,IAAI,IAAI,IAAI,IAAI,CAAC,MAAM,EAAE;YAClC,MAAM,IAAI,KAAK,CAAC,uDAAuD,CAAC,CAAC;SAC1E;QAED,MAAM,CAAC,MAAM,GAAG,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,SAAS;cAC7C,IAAI,CAAC,MAAM;cACX,MAAM,CAAC;QAEX,UAAU,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;QAE5B,IAAI,IAAI,IAAI,MAAM,EAAE;YAClB,MAAM,CAAC,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAC;YAErD,IAAM,KAAK,GAAG,IAAI,CAAC,cAAc,IAAI,IAAI,CAAC,cAAc,CAAC;YAEzD,MAAM,CAAC,IAAI,GAAG,OAAO,KAAK,KAAK,UAAU,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC;kBACrE,MAAG,MAAM,CAAC,IAAI,GAAG,GAAG,GAAE,KAAK,CAAE,CAAC;YAClC,UAAU,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;SAC7B;QAED,IAAM,SAAS,GAAS,GAAI,CAAC,KAAK,CAAC,GAAG,IAAI,CAAC,eAAe,CAAC,SAAS,CAAC,SAAS,GAAG,GAAG,CAAC,SAAS,CAAC;QAC/F,SAAS,CAAC,IAAI,CAAC,GAAG,EAAE,YAAY,EAAE,OAAO,CAAC,CAAC;QAC3C,OAAO,IAAI,CAAC;KACb;IAEM,kBAAU,GAAG,UAAC,OAAwB,IAAK,OAAA,UAAC,GAAQ,EAAE,GAAQ,EAAE,IAAS;QAC9E,GAAG,CAAC,OAAO,GAAG,GAAG,CAAC,OAAO,GAAG,IAAI,OAAO,CAAC,GAAG,EAAE,GAAG,EAAE,OAAO,CAAC,CAAC;QAE3D,IAAI,EAAE,CAAC;KACR,GAAA,CAAA;IACM,eAAO,GAAG,OAAO,CAAC,UAAU,CAAA;IAC5B,eAAO,GAAG,OAAO,CAAC,UAAU,CAAA;IAC5B,WAAG,GAAG,UAAC,OAAwB,IAAK,OAAA,UAAC,GAAQ,EAAE,IAAS;QAC7D,GAAG,CAAC,OAAO,GAAG,GAAG,CAAC,GAAG,CAAC,OAAO,GAAG,GAAG,CAAC,GAAG,CAAC,OAAO,GAAG,GAAG,CAAC,OAAO,CAAC,OAAO,GAAG,GAAG,CAAC,QAAQ,CAAC,OAAO,GAAG,IAAI,OAAO,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAA;QACrI,IAAI,EAAE,CAAA;KACP,GAAA,CAAA;IACH,cAAC;CAtJD,IAsJC;AAGD,SAAS,UAAU,CAAC,IAAY;IAC9B,IAAI,KAAK,CAAC,IAAI,CAAC,EAAE;QACf,OAAO,KAAK,CAAC,IAAI,CAAW,CAAC;KAC9B;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,GAAG,IAAI,MAAM,CAC7B,cAAY,IAAI,CAAC,OAAO,CAAC,0BAA0B,EAAE,MAAM,CAAC,aAAU,CACvE,CAAC;AACJ,CAAC;AAED,SAAS,UAAU,CAAC,OAAiB,EAAE,MAAc;IACnD,IAAI,MAAM,CAAC,SAAS,EAAE;QACpB,KAAK,IAAI,CAAC,GAAG,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE;YAC5C,IAAI,OAAO,CAAC,CAAC,CAAE,CAAC,OAAO,CAAI,MAAM,CAAC,IAAI,MAAG,CAAC,KAAK,CAAC,EAAE;gBAChD,OAAO,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;aACtB;SACF;KACF;IAED,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;AAC9B;;;;"} \ No newline at end of file +{"version":3,"file":"index.esm.js","sources":["../src/cookie.ts","../src/ciphers.ts","../src/keystore.ts","../src/cookies.ts"],"sourcesContent":["// eslint-disable-next-line no-control-regex\nconst fieldContentRegExp = /^[\\u0009\\u0020-\\u007e\\u0080-\\u00ff]+$/;\nconst SAME_SITE_REGEXP = /^(?:lax|none|strict)$/i;\n\nexport interface CookieAttrs {\n /**\n * a `Date` object indicating the cookie's expiration date (expires at the end of session by default).\n */\n expires?: Date;\n /**\n * a number representing the milliseconds from `Date.now()` for expiry\n */\n maxAge?: number | null;\n /**\n * a boolean or string indicating whether the cookie is a \"same site\" cookie (`false` by default). This can be set to `'strict'`, `'lax'`, `'none'`, or `true` (which maps to `'strict'`).\n */\n sameSite?: 'lax' | 'none' | 'strict' | boolean;\n /**\n * a string indicating the path of the cookie (`/` by default).\n */\n path?: string;\n /**\n * a string indicating the domain of the cookie (no default).\n */\n domain?: string;\n /**\n * a boolean indicating whether the cookie is only to be sent over HTTPS (`false` by default for HTTP, `true` by default for HTTPS).\n */\n secure?: boolean | undefined;\n /**\n * a boolean indicating whether the cookie is only to be sent over HTTP(S), and not made available to client JavaScript (`true` by default).\n */\n httpOnly?: boolean;\n /**\n * a boolean indicating whether to overwrite previously set cookies of the same name (`false` by default). If this is true, all cookies set during the same request with the same name (regardless of path or domain) are filtered out of the Set-Cookie header when setting this cookie.\n */\n overwrite?: boolean;\n}\n\nexport class Cookie implements CookieAttrs {\n name: string;\n value: string;\n domain?: string;\n path = '/';\n sameSite?: CookieAttrs['sameSite'] = false;\n secure = false;\n httpOnly = true;\n overwrite = false;\n expires?: Date;\n maxAge?: number | null;\n\n constructor(name: string, value: string | null, attrs?: CookieAttrs) {\n if (!fieldContentRegExp.test(name)) {\n throw new TypeError('argument name is invalid');\n }\n\n if (value && !fieldContentRegExp.test(value)) {\n throw new TypeError('argument value is invalid');\n }\n\n this.name = name;\n this.value = value || '';\n\n Object.assign(this, attrs)\n\n if (!this.value) {\n this.expires = new Date(0);\n this.maxAge = null;\n }\n\n if (this.path && !fieldContentRegExp.test(this.path)) {\n throw new TypeError('option path is invalid');\n }\n\n if (this.domain && !fieldContentRegExp.test(this.domain)) {\n throw new TypeError('option domain is invalid');\n }\n\n if (this.sameSite && this.sameSite !== true && !SAME_SITE_REGEXP.test(this.sameSite)) {\n throw new TypeError('option sameSite is invalid');\n }\n }\n\n toString() {\n return `${this.name}=${this.value}`;\n }\n\n get header() {\n let header = this.toString();\n\n if (this.maxAge) {\n this.expires = new Date(Date.now() + this.maxAge);\n }\n\n if (this.path) {\n header += `; path=${this.path}`;\n }\n if (this.expires) {\n header += `; expires=${this.expires.toUTCString()}`;\n }\n if (this.domain) {\n header += `; domain=${this.domain}`;\n }\n if (this.sameSite) {\n header += `; samesite=${this.sameSite === true ? 'strict' : this.sameSite.toLowerCase()}`;\n }\n if (this.secure) {\n header += '; secure';\n }\n if (this.httpOnly) {\n header += '; httponly';\n }\n\n return header;\n }\n\n}\n","export const CIPHER_INFO = {\n 'aes-128-cbc': { ivLength: 16, keyLength: 16 },\n 'aes-128-cbc-hmac-sha1': { ivLength: 16, keyLength: 16 },\n 'aes-128-cbc-hmac-sha256': { ivLength: 16, keyLength: 16 },\n 'aes-128-cfb': { ivLength: 16, keyLength: 16 },\n 'aes-128-cfb1': { ivLength: 16, keyLength: 16 },\n 'aes-128-cfb8': { ivLength: 16, keyLength: 16 },\n 'aes-128-ctr': { ivLength: 16, keyLength: 16 },\n 'aes-128-ecb': { ivLength: undefined, keyLength: 16 },\n 'aes-128-ocb': { ivLength: 12, keyLength: 16 },\n 'aes-128-ofb': { ivLength: 16, keyLength: 16 },\n 'aes-128-xts': { ivLength: 16, keyLength: 32 },\n 'aes-192-cbc': { ivLength: 16, keyLength: 24 },\n 'aes-192-cfb': { ivLength: 16, keyLength: 24 },\n 'aes-192-cfb1': { ivLength: 16, keyLength: 24 },\n 'aes-192-cfb8': { ivLength: 16, keyLength: 24 },\n 'aes-192-ctr': { ivLength: 16, keyLength: 24 },\n 'aes-192-ecb': { ivLength: undefined, keyLength: 24 },\n 'aes-192-ocb': { ivLength: 12, keyLength: 24 },\n 'aes-192-ofb': { ivLength: 16, keyLength: 24 },\n 'aes-256-cbc': { ivLength: 16, keyLength: 32 },\n 'aes-256-cbc-hmac-sha1': { ivLength: 16, keyLength: 32 },\n 'aes-256-cbc-hmac-sha256': { ivLength: 16, keyLength: 32 },\n 'aes-256-cfb': { ivLength: 16, keyLength: 32 },\n 'aes-256-cfb1': { ivLength: 16, keyLength: 32 },\n 'aes-256-cfb8': { ivLength: 16, keyLength: 32 },\n 'aes-256-ctr': { ivLength: 16, keyLength: 32 },\n 'aes-256-ecb': { ivLength: undefined, keyLength: 32 },\n 'aes-256-ocb': { ivLength: 12, keyLength: 32 },\n 'aes-256-ofb': { ivLength: 16, keyLength: 32 },\n 'aes-256-xts': { ivLength: 16, keyLength: 64 },\n 'aes-128-ccm': { ivLength: 12, keyLength: 16 },\n 'aes-128-gcm': { ivLength: 12, keyLength: 16 },\n 'aes-192-ccm': { ivLength: 12, keyLength: 24 },\n 'aes-192-gcm': { ivLength: 12, keyLength: 24 },\n 'aes-256-ccm': { ivLength: 12, keyLength: 32 },\n 'aes-256-gcm': { ivLength: 12, keyLength: 32 },\n 'id-aes128-ccm': { ivLength: 12, keyLength: 16 },\n 'id-aes128-gcm': { ivLength: 12, keyLength: 16 },\n 'id-aes192-ccm': { ivLength: 12, keyLength: 24 },\n 'id-aes192-gcm': { ivLength: 12, keyLength: 24 },\n 'id-aes256-ccm': { ivLength: 12, keyLength: 32 },\n 'id-aes256-gcm': { ivLength: 12, keyLength: 32 },\n} as const\n","/* eslint-disable @typescript-eslint/ban-ts-comment */\nimport compare from 'tsscmp'\n\nimport crypto, {BinaryToTextEncoding, CipherKey, Encoding} from \"crypto\";\nimport {CIPHER_INFO} from \"./ciphers\";\nimport type {Partial} from \"rollup-plugin-typescript2/dist/partial\";\n\nexport interface KeyStoreOpts {\n signing?: {\n keys: string[],\n algorithm?: string | 'blake2b512' | 'blake2s256' | 'gost' | 'md4' | 'md5' | 'rmd160' | 'sha1' | 'sha224'\n | 'sha256' | 'sha3-224' | 'sha3-256' | 'sha3-384' | 'sha3-512' | 'sha384' | 'sha512' | 'sha512-224'\n | 'sha512-256' | 'shake128' | 'shake256' | 'sm3';\n encoding?: BinaryToTextEncoding\n },\n encryption?: {\n keys: string[] | CipherKey[],\n algorithm?: keyof typeof CIPHER_INFO | string,\n encoding?: Encoding\n authTagLength?: number\n }\n}\n\ntype EncryptOptions = Required & { key?: string | undefined }\ntype DecryptOptions = Required & {\n key?: string | CipherKey | undefined,\n iv?: string | Buffer | undefined,\n authTag?: string | Buffer | undefined\n}\n\nconst AUTH_TAG_REQUIRED = /-(gcm|ccm)/\n\nexport class KeyStore {\n encryption: Required>;\n signing: Required>;\n\n static cipherInfo = CIPHER_INFO as Record\n\n constructor(opts?: KeyStoreOpts) {\n opts = opts || {}\n if (opts.encryption) {\n if (!Array.isArray(opts.encryption.keys) || opts.encryption.keys.length === 0) {\n throw new Error(\"keys are required for encryption\")\n }\n }\n if (opts.signing) {\n if (!Array.isArray(opts.signing.keys) || opts.signing.keys.length === 0) {\n throw new Error(\"keys are required for signing\")\n }\n }\n this.encryption = Object.assign({\n algorithm: 'aes-192-ccm',\n authTagLength: 16,\n encoding: 'hex', keys: []\n }, opts.encryption || {} as any)\n\n this.signing = Object.assign({encoding: 'base64', algorithm: 'sha1', keys: []}, opts.signing || {} as any)\n\n }\n\n encrypt(data?: null, options?: Partial): null\n encrypt(data: string | Buffer, options?: Partial): string\n encrypt(data?: string | Buffer | null, options?: Partial): string | null {\n if (!data) {\n return null\n }\n const {\n keys,\n algorithm,\n encoding,\n authTagLength,\n key\n }: EncryptOptions = options ? Object.assign({}, this.encryption, options) : this.encryption\n\n const secret = key || keys[0]\n\n if (!secret) {\n throw new Error(\"no key found\")\n }\n\n const cipherInfo = KeyStore.cipherInfo[algorithm]\n if (!cipherInfo) {\n throw new Error(\"unsupported cipher\")\n }\n\n const iv = cipherInfo.ivLength ? crypto.randomBytes(cipherInfo.ivLength) : null;\n const dataBuff = typeof data === \"string\" ? Buffer.from(data, 'utf-8') : data\n\n const cipher = crypto.createCipheriv(algorithm as any, secret, iv, {authTagLength})\n\n const text = cipher.update(dataBuff);\n const pad = cipher.final();\n let authTag: Buffer | undefined;\n if (AUTH_TAG_REQUIRED.test(algorithm)) {\n authTag = cipher.getAuthTag();\n }\n\n return Buffer.concat([\n ...iv ? [iv] : [],\n ...authTag ? [authTag] : [],\n text,\n pad\n ]).toString(encoding)\n }\n\n decrypt(data?: null, options?: Partial): null\n decrypt(data: string | Buffer, options?: Partial): string\n decrypt(data?: string | Buffer | null, options?: Partial): string | null {\n if (!data) {\n return null\n }\n\n const finalOptions: DecryptOptions = options ? Object.assign({}, this.encryption, options) : this.encryption\n\n const {\n encoding,\n key,\n keys: defaultKeys,\n algorithm,\n authTagLength,\n } = finalOptions\n\n const keys = key ? [key] : defaultKeys\n if (keys.length === 0) {\n throw new Error(\"keys required for encrypted cookies\")\n }\n\n let {\n iv,\n authTag\n } = finalOptions\n\n let dataBuff = typeof data === \"string\" ? Buffer.from(data, encoding) : data\n\n const cipherInfo = KeyStore.cipherInfo[algorithm]\n if (!cipherInfo) {\n throw new Error(\"unsupported cipher\")\n }\n\n if (typeof iv === \"string\") {\n iv = Buffer.from(iv, encoding)\n }\n\n if (typeof authTag === \"string\") {\n authTag = Buffer.from(authTag, encoding)\n }\n\n if (cipherInfo.ivLength !== undefined) {\n if (!iv) {\n iv = dataBuff.slice(0, cipherInfo.ivLength)\n }\n dataBuff = dataBuff.slice(cipherInfo.ivLength, dataBuff.length)\n }\n\n\n if (AUTH_TAG_REQUIRED.test(algorithm)) {\n if (!authTag) {\n authTag = dataBuff.slice(0, authTagLength)\n }\n dataBuff = dataBuff.slice(authTagLength, dataBuff.length)\n }\n\n for (let i = 0; i < keys.length; i++) {\n const message = KeyStore.doDecrypt(dataBuff, {...finalOptions, key: keys[i], iv, authTag,});\n if (message !== null) return message\n }\n return null\n }\n\n private static doDecrypt(data: Buffer, options: DecryptOptions): string | null {\n const {algorithm, key, iv, authTagLength, authTag} = options\n const decipher = crypto.createDecipheriv(algorithm as any, key!, iv as Buffer || null, {authTagLength});\n\n if (authTag) {\n decipher.setAuthTag(authTag as Buffer)\n }\n\n const plainText = decipher.update(data)\n let final: Buffer\n try {\n final = decipher.final()\n } catch(e:any) {\n // authentication failed\n return null\n }\n return Buffer.concat([plainText, final]).toString('utf-8')\n }\n\n //region: signing\n\n sign(data?: null, key?: string | CipherKey): null\n sign(data: string, key?: string | CipherKey): string\n sign(data?: string | null, key?: string | CipherKey): string | null {\n if (!data) {\n return null\n }\n const {algorithm, encoding, keys} = this.signing\n key = key || keys[0] as CipherKey\n return crypto\n .createHmac(algorithm, key)\n .update(data).digest(encoding)\n .replace(/\\/|\\+|=/g, function (x) {\n return ({\"/\": \"_\", \"+\": \"-\", \"=\": \"\"})[x] as string\n })\n }\n\n verify(data: string, digest: string): boolean {\n return this.indexOf(data, digest) > -1\n }\n\n indexOf(data: string, digest: string): number {\n const {keys} = this.signing\n\n if (keys.length === 0) {\n throw new Error(\"keys required for signed cookies\")\n }\n\n for (let i = 0; i < keys.length; i++) {\n if (compare(digest, this.sign(data, keys[i] as string))) return i\n }\n return -1\n }\n\n //end-region: signing\n\n}\n\n","import http, { IncomingMessage, ServerResponse } from 'http';\nimport { Cookie, CookieAttrs } from './cookie';\nimport {KeyStore} from \"./keystore\";\nimport type {Http2ServerRequest, Http2ServerResponse} from \"http2\";\n\nconst cache: { [key:string]: RegExp } = {} as any;\ntype SignIdentifier = string | ((name: string) => string)\nexport type CookiesOptions = {\n\n /**\n * KeyStore to be used for signing and encrypting\n */\n keyStore?: KeyStore;\n /**\n * a boolean indicating whether the cookie is to be signed (`false` by default). If this is true, another cookie of the same name with the `signIdentifier` will also be sent, with a 27-byte url-safe base64 SHA1 value representing the hash of _cookie-name_=_cookie-value_ against the first [KeyStore](keystore) key. This signature key is used to detect tampering the next time a cookie is received.\n * @default false\n */\n signed?: boolean;\n /**\n * Encrypt cookies by default and assume received cookies are encrypted.\n * @default false\n */\n encrypted?: boolean;\n /**\n * Mark cookies as secure by default.\n * @default `req.protocol`\n */\n secure?: boolean | undefined;\n /**\n * If string, provided value will be appended cookie name with dot. For example with given value `mysig`\n * signature cookie name will be `cookiename.mysig`\n *\n * @default `sig`\n */\n signIdentifier?: SignIdentifier\n}\n\nexport type SetCookies = CookiesOptions & CookieAttrs\nexport type GetCookies = CookiesOptions\n\nexport class Cookies {\n\n secure?: CookiesOptions[\"secure\"];\n\n encrypted: boolean;\n\n signed: boolean;\n\n keyStore: KeyStore;\n\n signIdentifier?: SignIdentifier\n\n readonly request: IncomingMessage | Http2ServerRequest;\n readonly response: ServerResponse | Http2ServerResponse;\n\n constructor(request: IncomingMessage | Http2ServerRequest, response: ServerResponse | Http2ServerResponse, options: CookiesOptions = {}) {\n this.request = request;\n this.response = response;\n\n this.keyStore = options.keyStore || new KeyStore();\n this.secure = options.secure;\n this.signed = options.signed !== undefined ? options.signed : false;\n this.encrypted = options.encrypted !== undefined ? options.encrypted : false;\n this.signIdentifier = options.signIdentifier || 'sig';\n }\n\n /**\n * This extracts the cookie with the given name from the Set-Cookie header in the request. If such a cookie exists, its value is returned. Otherwise, nothing is returned.\n *\n * `{ signed: true }` can optionally be passed as the second parameter options. In this case, a signature cookie (a cookie of same name ending with the .sig suffix appended) is fetched. If no such cookie exists, nothing is returned.\n *\n * If the signature cookie does exist, the provided KeyStore is used to check whether the hash of cookie-name=cookie-value matches that of any registered key/s:\n *\n * - If the signature cookie hash matches the first key, the original cookie value is returned.\n * - If the signature cookie hash matches any other key, the original cookie value is returned AND an outbound header is set to update the signature cookie's value to the hash of the first key. This enables automatic freshening of signature cookies that have become stale due to key rotation.\n * - If the signature cookie hash does not match any key, nothing is returned, and an outbound header with an expired date is used to delete the cookie.\n *\n * `{ encrypted: true }` can optionally be passed as the second parameter options. In this case, the provided KeyStore will try to decrypt the cookie value with registered key/s.\n *\n * - If the decryption fails nothing is returned, and the cookie stays intact.\n * - If decryption succeeds, decrypted cookie value is returned.\n *\n * If both `signed` and `encrypted` options are provided, signature check will be applied with encrypted value. Than the decryption will be applied.\n * @param name\n * @param opts\n */\n get(name: string, opts?: GetCookies) {\n const sigId = opts?.signIdentifier || this.signIdentifier;\n\n const sigName = typeof sigId === 'function' ? sigId.call(null, name)\n : `${name + '.'+ sigId}`;\n\n const signed = opts && opts.signed !== undefined ? opts.signed : this.keyStore.signing.keys.length > 0;\n\n const encrypted = opts && opts.encrypted !== undefined ? opts.encrypted : this.encrypted;\n\n const header = this.request.headers['cookie'];\n if (!header) {\n return undefined;\n }\n\n const match = header.match(getPattern(name));\n if (!match) {\n return undefined;\n }\n\n const value = match[1];\n if (!opts || !signed) {\n return encrypted ? this.keyStore.decrypt(value as string) : value;\n }\n\n const remote = this.get(sigName, { encrypted: false, signed: false });\n if (!remote) {\n return undefined;\n }\n\n const data = `${name}=${value}`;\n const index = this.keyStore.indexOf(data, remote);\n\n if (index < 0) {\n this.set(sigName, null, { path: '/', signed: false });\n return undefined\n } else {\n index && this.set(sigName, this.keyStore.sign(data), { signed: false });\n return encrypted ? this.keyStore.decrypt(value as string) : value;\n }\n }\n\n /**\n * This sets the given cookie in the response and returns the current context to allow chaining.\n *\n * @param name Cookie name\n * @param value Cookie value. If this is omitted, an outbound header with an expired date is used to delete the cookie.\n * @param opts Overridden options\n */\n set(name: string, value: string | null, opts: SetCookies) {\n const res = this.response;\n const req = this.request;\n let headers = (res.getHeader('Set-Cookie') || []) as string[];\n const secure = this.secure !== undefined ? !!this.secure : (req).protocol === 'https' || (req).connection['encrypted'];\n const encrypted = opts && opts.encrypted !== undefined ? opts.encrypted : this.encrypted;\n\n if(value !== null && encrypted){\n value = this.keyStore.encrypt(value as string);\n }\n\n const cookie = new Cookie(name, value, opts);\n const signed = opts && opts.signed !== undefined ? opts.signed : this.signed;\n\n /* istanbul ignore next */\n if (typeof headers == 'string') {\n headers = [headers];\n }\n\n if (!secure && opts && opts.secure) {\n throw new Error('Cannot send secure cookie over unencrypted connection');\n }\n\n cookie.secure = opts && opts.secure !== undefined\n ? opts.secure\n : secure;\n\n pushCookie(headers, cookie);\n\n if (opts && signed) {\n cookie.value = this.keyStore.sign(cookie.toString());\n\n const sigId = opts.signIdentifier || this.signIdentifier;\n\n cookie.name = typeof sigId === 'function' ? sigId.call(null, cookie.name)\n : `${cookie.name + '.'+ sigId}`;\n pushCookie(headers, cookie);\n }\n\n const setHeader = (res)[\"set\"] ? http.OutgoingMessage.prototype.setHeader : res.setHeader;\n setHeader.call(res, 'Set-Cookie', headers);\n return this;\n }\n\n static middleware = (options?: CookiesOptions) => (req: any, res: any, next: any) => {\n req.cookies = res.cookies = new Cookies(req, res, options);\n\n next();\n }\n static connect = Cookies.middleware\n static express = Cookies.middleware\n static koa = (options?: CookiesOptions) => (ctx: any, next: any) => {\n ctx.cookies = ctx.req.cookies = ctx.res.cookies = ctx.request.cookies = ctx.response.cookies = new Cookies(ctx.req, ctx.res, options)\n next()\n }\n}\n\n\nfunction getPattern(name: string): RegExp {\n if (cache[name]) {\n return cache[name] as RegExp;\n }\n\n return cache[name] = new RegExp(\n `(?:^|;) *${name.replace(/[-[\\]{}()*+?.,\\\\^$|#\\s]/g, '\\\\$&')}=([^;]*)`\n );\n}\n\nfunction pushCookie(headers: string[], cookie: Cookie) {\n if (cookie.overwrite) {\n for (let i = headers.length - 1; i >= 0; i--) {\n if (headers[i]!.indexOf(`${cookie.name}=`) === 0) {\n headers.splice(i, 1);\n }\n }\n }\n\n headers.push(cookie.header);\n}\n"],"names":[],"mappings":";;;;;;;;;;AAAA;AACA,IAAM,kBAAkB,GAAG,uCAAuC,CAAC;AACnE,IAAM,gBAAgB,GAAG,wBAAwB,CAAC;;IAiDhD,gBAAY,IAAY,EAAE,KAAoB,EAAE,KAAmB;QARnE,SAAI,GAAG,GAAG,CAAC;QACX,aAAQ,GAA6B,KAAK,CAAC;QAC3C,WAAM,GAAG,KAAK,CAAC;QACf,aAAQ,GAAG,IAAI,CAAC;QAChB,cAAS,GAAG,KAAK,CAAC;QAKhB,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;YAClC,MAAM,IAAI,SAAS,CAAC,0BAA0B,CAAC,CAAC;SACjD;QAED,IAAI,KAAK,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE;YAC5C,MAAM,IAAI,SAAS,CAAC,2BAA2B,CAAC,CAAC;SAClD;QAED,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;QACjB,IAAI,CAAC,KAAK,GAAG,KAAK,IAAI,EAAE,CAAC;QAEzB,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,CAAA;QAE1B,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE;YACf,IAAI,CAAC,OAAO,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC;YAC3B,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC;SACpB;QAED,IAAI,IAAI,CAAC,IAAI,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;YACpD,MAAM,IAAI,SAAS,CAAC,wBAAwB,CAAC,CAAC;SAC/C;QAED,IAAI,IAAI,CAAC,MAAM,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE;YACxD,MAAM,IAAI,SAAS,CAAC,0BAA0B,CAAC,CAAC;SACjD;QAED,IAAI,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,QAAQ,KAAK,IAAI,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE;YACpF,MAAM,IAAI,SAAS,CAAC,4BAA4B,CAAC,CAAC;SACnD;KACF;IAED,yBAAQ,GAAR;QACE,OAAU,IAAI,CAAC,IAAI,SAAI,IAAI,CAAC,KAAO,CAAC;KACrC;IAED,sBAAI,0BAAM;aAAV;YACE,IAAI,MAAM,GAAG,IAAI,CAAC,QAAQ,EAAE,CAAC;YAE7B,IAAI,IAAI,CAAC,MAAM,EAAE;gBACf,IAAI,CAAC,OAAO,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC;aACnD;YAED,IAAI,IAAI,CAAC,IAAI,EAAE;gBACb,MAAM,IAAI,YAAU,IAAI,CAAC,IAAM,CAAC;aACjC;YACD,IAAI,IAAI,CAAC,OAAO,EAAE;gBAChB,MAAM,IAAI,eAAa,IAAI,CAAC,OAAO,CAAC,WAAW,EAAI,CAAC;aACrD;YACD,IAAI,IAAI,CAAC,MAAM,EAAE;gBACf,MAAM,IAAI,cAAY,IAAI,CAAC,MAAQ,CAAC;aACrC;YACD,IAAI,IAAI,CAAC,QAAQ,EAAE;gBACjB,MAAM,IAAI,iBAAc,IAAI,CAAC,QAAQ,KAAK,IAAI,GAAG,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAE,CAAC;aAC3F;YACD,IAAI,IAAI,CAAC,MAAM,EAAE;gBACf,MAAM,IAAI,UAAU,CAAC;aACtB;YACD,IAAI,IAAI,CAAC,QAAQ,EAAE;gBACjB,MAAM,IAAI,YAAY,CAAC;aACxB;YAED,OAAO,MAAM,CAAC;SACf;;;OAAA;IAEH,aAAC;AAAD,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;ACpHM,IAAM,WAAW,GAAG;IACzB,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,uBAAuB,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IACxD,yBAAyB,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC1D,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,EAAE,EAAE,EAAE;IACrD,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,EAAE,EAAE,EAAE;IACrD,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,uBAAuB,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IACxD,yBAAyB,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC1D,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,EAAE,EAAE,EAAE;IACrD,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;CACxC;;ACbV,IAAM,iBAAiB,GAAG,YAAY,CAAA;;IAWpC,kBAAY,IAAmB;QAC7B,IAAI,GAAG,IAAI,IAAI,EAAE,CAAA;QACjB,IAAI,IAAI,CAAC,UAAU,EAAE;YACnB,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE;gBAC7E,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAA;aACpD;SACF;QACD,IAAI,IAAI,CAAC,OAAO,EAAE;YAChB,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE;gBACvE,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAA;aACjD;SACF;QACD,IAAI,CAAC,UAAU,GAAG,MAAM,CAAC,MAAM,CAAC;YAC9B,SAAS,EAAE,aAAa;YACxB,aAAa,EAAE,EAAE;YACjB,QAAQ,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE;SAC1B,EAAE,IAAI,CAAC,UAAU,IAAI,EAAS,CAAC,CAAA;QAEhC,IAAI,CAAC,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,EAAC,QAAQ,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,EAAE,IAAI,EAAE,EAAE,EAAC,EAAE,IAAI,CAAC,OAAO,IAAI,EAAS,CAAC,CAAA;KAE3G;IAID,0BAAO,GAAP,UAAQ,IAA6B,EAAE,OAAiC;QACtE,IAAI,CAAC,IAAI,EAAE;YACT,OAAO,IAAI,CAAA;SACZ;QACK,IAAA,KAMc,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,IAAI,CAAC,UAAU,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC,UAAU,EALzF,IAAI,UAAA,EACJ,SAAS,eAAA,EACT,QAAQ,cAAA,EACR,aAAa,mBAAA,EACb,GAAG,SACsF,CAAA;QAE3F,IAAM,MAAM,GAAG,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,CAAA;QAE7B,IAAI,CAAC,MAAM,EAAE;YACX,MAAM,IAAI,KAAK,CAAC,cAAc,CAAC,CAAA;SAChC;QAED,IAAM,UAAU,GAAG,QAAQ,CAAC,UAAU,CAAC,SAAS,CAAC,CAAA;QACjD,IAAI,CAAC,UAAU,EAAE;YACf,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAA;SACtC;QAED,IAAM,EAAE,GAAG,UAAU,CAAC,QAAQ,GAAG,MAAM,CAAC,WAAW,CAAC,UAAU,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC;QAChF,IAAM,QAAQ,GAAG,OAAO,IAAI,KAAK,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,EAAE,OAAO,CAAC,GAAG,IAAI,CAAA;QAE7E,IAAM,MAAM,GAAG,MAAM,CAAC,cAAc,CAAC,SAAgB,EAAE,MAAM,EAAE,EAAE,EAAE,EAAC,aAAa,eAAA,EAAC,CAAC,CAAA;QAEnF,IAAM,IAAI,GAAG,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QACrC,IAAM,GAAG,GAAG,MAAM,CAAC,KAAK,EAAE,CAAC;QAC3B,IAAI,OAA2B,CAAC;QAChC,IAAI,iBAAiB,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE;YACrC,OAAO,GAAG,MAAM,CAAC,UAAU,EAAE,CAAC;SAC/B;QAED,OAAO,MAAM,CAAC,MAAM,+CACf,EAAE,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,SACd,OAAO,GAAG,CAAC,OAAO,CAAC,GAAG,EAAE;YAC3B,IAAI;YACJ,GAAG;WACH,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAA;KACtB;IAID,0BAAO,GAAP,UAAQ,IAA6B,EAAE,OAAiC;QACtE,IAAI,CAAC,IAAI,EAAE;YACT,OAAO,IAAI,CAAA;SACZ;QAED,IAAM,YAAY,GAAmB,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,IAAI,CAAC,UAAU,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC,UAAU,CAAA;QAG1G,IAAA,QAAQ,GAKN,YAAY,SALN,EACR,GAAG,GAID,YAAY,IAJX,EACG,WAAW,GAGf,YAAY,KAHG,EACjB,SAAS,GAEP,YAAY,UAFL,EACT,aAAa,GACX,YAAY,cADD,CACC;QAEhB,IAAM,IAAI,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,WAAW,CAAA;QACtC,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE;YACrB,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAA;SACvD;QAGC,IAAA,EAAE,GAEA,YAAY,GAFZ,EACF,OAAO,GACL,YAAY,QADP,CACO;QAEhB,IAAI,QAAQ,GAAG,OAAO,IAAI,KAAK,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,EAAE,QAAQ,CAAC,GAAG,IAAI,CAAA;QAE5E,IAAM,UAAU,GAAG,QAAQ,CAAC,UAAU,CAAC,SAAS,CAAC,CAAA;QACjD,IAAI,CAAC,UAAU,EAAE;YACf,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAA;SACtC;QAED,IAAI,OAAO,EAAE,KAAK,QAAQ,EAAE;YAC1B,EAAE,GAAG,MAAM,CAAC,IAAI,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAA;SAC/B;QAED,IAAI,OAAO,OAAO,KAAK,QAAQ,EAAE;YAC/B,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAA;SACzC;QAED,IAAI,UAAU,CAAC,QAAQ,KAAK,SAAS,EAAE;YACrC,IAAI,CAAC,EAAE,EAAE;gBACP,EAAE,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,UAAU,CAAC,QAAQ,CAAC,CAAA;aAC5C;YACD,QAAQ,GAAG,QAAQ,CAAC,KAAK,CAAC,UAAU,CAAC,QAAQ,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAA;SAChE;QAGD,IAAI,iBAAiB,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE;YACrC,IAAI,CAAC,OAAO,EAAE;gBACZ,OAAO,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,aAAa,CAAC,CAAA;aAC3C;YACD,QAAQ,GAAG,QAAQ,CAAC,KAAK,CAAC,aAAa,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAA;SAC1D;QAED,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;YACpC,IAAM,OAAO,GAAG,QAAQ,CAAC,SAAS,CAAC,QAAQ,wBAAM,YAAY,KAAE,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,IAAA,EAAE,OAAO,SAAA,IAAG,CAAC;YAC5F,IAAI,OAAO,KAAK,IAAI;gBAAE,OAAO,OAAO,CAAA;SACrC;QACD,OAAO,IAAI,CAAA;KACZ;IAEc,kBAAS,GAAxB,UAAyB,IAAY,EAAE,OAAuB;QACrD,IAAA,SAAS,GAAqC,OAAO,UAA5C,EAAE,GAAG,GAAgC,OAAO,IAAvC,EAAE,EAAE,GAA4B,OAAO,GAAnC,EAAE,aAAa,GAAa,OAAO,cAApB,EAAE,OAAO,GAAI,OAAO,QAAX,CAAW;QAC5D,IAAM,QAAQ,GAAG,MAAM,CAAC,gBAAgB,CAAC,SAAgB,EAAE,GAAI,EAAE,EAAY,IAAI,IAAI,EAAE,EAAC,aAAa,eAAA,EAAC,CAAC,CAAC;QAExG,IAAI,OAAO,EAAE;YACX,QAAQ,CAAC,UAAU,CAAC,OAAiB,CAAC,CAAA;SACvC;QAED,IAAM,SAAS,GAAG,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,CAAA;QACvC,IAAI,KAAa,CAAA;QACjB,IAAI;YACF,KAAK,GAAG,QAAQ,CAAC,KAAK,EAAE,CAAA;SACzB;QAAC,OAAM,CAAK,EAAE;;YAEb,OAAO,IAAI,CAAA;SACZ;QACD,OAAO,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAA;KAC3D;IAMD,uBAAI,GAAJ,UAAK,IAAoB,EAAE,GAAwB;QACjD,IAAI,CAAC,IAAI,EAAE;YACT,OAAO,IAAI,CAAA;SACZ;QACK,IAAA,KAA8B,IAAI,CAAC,OAAO,EAAzC,SAAS,eAAA,EAAE,QAAQ,cAAA,EAAE,IAAI,UAAgB,CAAA;QAChD,GAAG,GAAG,GAAG,IAAI,IAAI,CAAC,CAAC,CAAc,CAAA;QACjC,OAAO,MAAM;aACV,UAAU,CAAC,SAAS,EAAE,GAAG,CAAC;aAC1B,MAAM,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC;aAC7B,OAAO,CAAC,UAAU,EAAE,UAAU,CAAC;YAC9B,OAAO,CAAC,EAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,EAAE,EAAC,EAAE,CAAC,CAAW,CAAA;SACpD,CAAC,CAAA;KACL;IAED,yBAAM,GAAN,UAAO,IAAY,EAAE,MAAc;QACjC,OAAO,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC,GAAG,CAAC,CAAC,CAAA;KACvC;IAED,0BAAO,GAAP,UAAQ,IAAY,EAAE,MAAc;QAC3B,IAAA,IAAI,GAAI,IAAI,CAAC,OAAO,KAAhB,CAAgB;QAE3B,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE;YACrB,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAA;SACpD;QAED,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;YACpC,IAAI,OAAO,CAAC,MAAM,EAAE,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC,CAAW,CAAC,CAAC;gBAAE,OAAO,CAAC,CAAA;SAClE;QACD,OAAO,CAAC,CAAC,CAAA;KACV;IA5LM,mBAAU,GAAG,WAGlB,CAAA;IA6LJ,eAAC;CApMD;;AC3BA,IAAM,KAAK,GAA6B,EAAS,CAAC;;IAkDhD,iBAAY,OAA6C,EAAE,QAA8C,EAAE,OAA4B;QAA5B,wBAAA,EAAA,YAA4B;QACrI,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;QACvB,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;QAEzB,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC,QAAQ,IAAI,IAAI,QAAQ,EAAE,CAAC;QACnD,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;QAC7B,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,KAAK,SAAS,GAAG,OAAO,CAAC,MAAM,GAAG,KAAK,CAAC;QACpE,IAAI,CAAC,SAAS,GAAG,OAAO,CAAC,SAAS,KAAK,SAAS,GAAG,OAAO,CAAC,SAAS,GAAG,KAAK,CAAC;QAC7E,IAAI,CAAC,cAAc,GAAG,OAAO,CAAC,cAAc,IAAI,KAAK,CAAC;KACvD;;;;;;;;;;;;;;;;;;;;;IAsBD,qBAAG,GAAH,UAAI,IAAY,EAAE,IAAiB;QACjC,IAAM,KAAK,GAAG,CAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,cAAc,KAAI,IAAI,CAAC,cAAc,CAAC;QAE1D,IAAM,OAAO,GAAI,OAAO,KAAK,KAAK,UAAU,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC;cACjE,MAAG,IAAI,GAAG,GAAG,GAAE,KAAK,CAAE,CAAC;QAE3B,IAAM,MAAM,GAAG,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,SAAS,GAAG,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC;QAEvG,IAAM,SAAS,GAAG,IAAI,IAAI,IAAI,CAAC,SAAS,KAAK,SAAS,GAAG,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC;QAEzF,IAAM,MAAM,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;QAC9C,IAAI,CAAC,MAAM,EAAE;YACX,OAAO,SAAS,CAAC;SAClB;QAED,IAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC;QAC7C,IAAI,CAAC,KAAK,EAAE;YACV,OAAO,SAAS,CAAC;SAClB;QAED,IAAM,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QACvB,IAAI,CAAC,IAAI,IAAI,CAAC,MAAM,EAAE;YACpB,OAAO,SAAS,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAe,CAAC,GAAG,KAAK,CAAC;SACnE;QAED,IAAM,MAAM,GAAG,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;QACtE,IAAI,CAAC,MAAM,EAAE;YACX,OAAO,SAAS,CAAC;SAClB;QAED,IAAM,IAAI,GAAM,IAAI,SAAI,KAAO,CAAC;QAChC,IAAM,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;QAElD,IAAI,KAAK,GAAG,CAAC,EAAE;YACb,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,IAAI,EAAE,EAAE,IAAI,EAAE,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;YACtD,OAAO,SAAS,CAAA;SACjB;aAAM;YACL,KAAK,IAAI,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;YACxE,OAAO,SAAS,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAe,CAAC,GAAG,KAAK,CAAC;SACnE;KACF;;;;;;;;IASD,qBAAG,GAAH,UAAI,IAAY,EAAE,KAAoB,EAAE,IAAgB;QACtD,IAAM,GAAG,GAAG,IAAI,CAAC,QAAQ,CAAC;QAC1B,IAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC;QACzB,IAAI,OAAO,IAAI,GAAG,CAAC,SAAS,CAAC,YAAY,CAAC,IAAI,EAAE,CAAa,CAAC;QAC9D,IAAM,MAAM,GAAG,IAAI,CAAC,MAAM,KAAK,SAAS,GAAG,CAAC,CAAC,IAAI,CAAC,MAAM,GAAS,GAAI,CAAC,QAAQ,KAAK,OAAO,IAAU,GAAI,CAAC,UAAU,CAAC,WAAW,CAAC,CAAC;QACjI,IAAM,SAAS,GAAG,IAAI,IAAI,IAAI,CAAC,SAAS,KAAK,SAAS,GAAG,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC;QAEzF,IAAG,KAAK,KAAK,IAAI,IAAI,SAAS,EAAC;YAC7B,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAe,CAAC,CAAC;SAChD;QAED,IAAM,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,EAAE,KAAK,EAAE,IAAI,CAAC,CAAC;QAC7C,IAAM,MAAM,GAAG,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,SAAS,GAAG,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC;;QAG7E,IAAI,OAAO,OAAO,IAAI,QAAQ,EAAE;YAC9B,OAAO,GAAG,CAAC,OAAO,CAAC,CAAC;SACrB;QAED,IAAI,CAAC,MAAM,IAAI,IAAI,IAAI,IAAI,CAAC,MAAM,EAAE;YAClC,MAAM,IAAI,KAAK,CAAC,uDAAuD,CAAC,CAAC;SAC1E;QAED,MAAM,CAAC,MAAM,GAAG,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,SAAS;cAC7C,IAAI,CAAC,MAAM;cACX,MAAM,CAAC;QAEX,UAAU,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;QAE5B,IAAI,IAAI,IAAI,MAAM,EAAE;YAClB,MAAM,CAAC,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAC;YAErD,IAAM,KAAK,GAAG,IAAI,CAAC,cAAc,IAAI,IAAI,CAAC,cAAc,CAAC;YAEzD,MAAM,CAAC,IAAI,GAAG,OAAO,KAAK,KAAK,UAAU,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC;kBACrE,MAAG,MAAM,CAAC,IAAI,GAAG,GAAG,GAAE,KAAK,CAAE,CAAC;YAClC,UAAU,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;SAC7B;QAED,IAAM,SAAS,GAAS,GAAI,CAAC,KAAK,CAAC,GAAG,IAAI,CAAC,eAAe,CAAC,SAAS,CAAC,SAAS,GAAG,GAAG,CAAC,SAAS,CAAC;QAC/F,SAAS,CAAC,IAAI,CAAC,GAAG,EAAE,YAAY,EAAE,OAAO,CAAC,CAAC;QAC3C,OAAO,IAAI,CAAC;KACb;IAEM,kBAAU,GAAG,UAAC,OAAwB,IAAK,OAAA,UAAC,GAAQ,EAAE,GAAQ,EAAE,IAAS;QAC9E,GAAG,CAAC,OAAO,GAAG,GAAG,CAAC,OAAO,GAAG,IAAI,OAAO,CAAC,GAAG,EAAE,GAAG,EAAE,OAAO,CAAC,CAAC;QAE3D,IAAI,EAAE,CAAC;KACR,GAAA,CAAA;IACM,eAAO,GAAG,OAAO,CAAC,UAAU,CAAA;IAC5B,eAAO,GAAG,OAAO,CAAC,UAAU,CAAA;IAC5B,WAAG,GAAG,UAAC,OAAwB,IAAK,OAAA,UAAC,GAAQ,EAAE,IAAS;QAC7D,GAAG,CAAC,OAAO,GAAG,GAAG,CAAC,GAAG,CAAC,OAAO,GAAG,GAAG,CAAC,GAAG,CAAC,OAAO,GAAG,GAAG,CAAC,OAAO,CAAC,OAAO,GAAG,GAAG,CAAC,QAAQ,CAAC,OAAO,GAAG,IAAI,OAAO,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAA;QACrI,IAAI,EAAE,CAAA;KACP,GAAA,CAAA;IACH,cAAC;CAtJD,IAsJC;AAGD,SAAS,UAAU,CAAC,IAAY;IAC9B,IAAI,KAAK,CAAC,IAAI,CAAC,EAAE;QACf,OAAO,KAAK,CAAC,IAAI,CAAW,CAAC;KAC9B;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,GAAG,IAAI,MAAM,CAC7B,cAAY,IAAI,CAAC,OAAO,CAAC,0BAA0B,EAAE,MAAM,CAAC,aAAU,CACvE,CAAC;AACJ,CAAC;AAED,SAAS,UAAU,CAAC,OAAiB,EAAE,MAAc;IACnD,IAAI,MAAM,CAAC,SAAS,EAAE;QACpB,KAAK,IAAI,CAAC,GAAG,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE;YAC5C,IAAI,OAAO,CAAC,CAAC,CAAE,CAAC,OAAO,CAAI,MAAM,CAAC,IAAI,MAAG,CAAC,KAAK,CAAC,EAAE;gBAChD,OAAO,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;aACtB;SACF;KACF;IAED,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;AAC9B;;;;"} \ No newline at end of file diff --git a/dist/index.js b/dist/index.js index 5b4fc43..3f6fe50 100644 --- a/dist/index.js +++ b/dist/index.js @@ -1,5 +1,5 @@ /*! - * secure-cookie v0.0.1 + * secure-cookie v0.0.2 * (c) Ismail H. Ayaz * Released under the MIT License. */ @@ -233,10 +233,12 @@ var KeyStore = /** @class */ (function () { if (typeof authTag === "string") { authTag = Buffer.from(authTag, encoding); } - if (!iv) { - iv = dataBuff.slice(0, cipherInfo.ivLength); + if (cipherInfo.ivLength !== undefined) { + if (!iv) { + iv = dataBuff.slice(0, cipherInfo.ivLength); + } + dataBuff = dataBuff.slice(cipherInfo.ivLength, dataBuff.length); } - dataBuff = dataBuff.slice(cipherInfo.ivLength, dataBuff.length); if (AUTH_TAG_REQUIRED.test(algorithm)) { if (!authTag) { authTag = dataBuff.slice(0, authTagLength); @@ -252,19 +254,20 @@ var KeyStore = /** @class */ (function () { }; KeyStore.doDecrypt = function (data, options) { var algorithm = options.algorithm, key = options.key, iv = options.iv, authTagLength = options.authTagLength, authTag = options.authTag; - var decipher = crypto__default['default'].createDecipheriv(algorithm, key, iv, { authTagLength: authTagLength }); + var decipher = crypto__default['default'].createDecipheriv(algorithm, key, iv || null, { authTagLength: authTagLength }); if (authTag) { decipher.setAuthTag(authTag); } var plainText = decipher.update(data); + var final; try { - decipher.final(); + final = decipher.final(); } - catch (_a) { + catch (e) { // authentication failed return null; } - return plainText.toString('utf-8'); + return Buffer.concat([plainText, final]).toString('utf-8'); }; KeyStore.prototype.sign = function (data, key) { if (!data) { @@ -380,8 +383,8 @@ var Cookies = /** @class */ (function () { } var cookie = new Cookie(name, value, opts); var signed = opts && opts.signed !== undefined ? opts.signed : this.signed; + /* istanbul ignore next */ if (typeof headers == 'string') { - /* istanbul ignore next */ headers = [headers]; } if (!secure && opts && opts.secure) { diff --git a/dist/index.js.map b/dist/index.js.map index af584cc..1b2f3ab 100644 --- a/dist/index.js.map +++ b/dist/index.js.map @@ -1 +1 @@ -{"version":3,"file":"index.js","sources":["../src/cookie.ts","../src/ciphers.ts","../src/keystore.ts","../src/cookies.ts"],"sourcesContent":["// eslint-disable-next-line no-control-regex\nconst fieldContentRegExp = /^[\\u0009\\u0020-\\u007e\\u0080-\\u00ff]+$/;\nconst SAME_SITE_REGEXP = /^(?:lax|none|strict)$/i;\n\nexport interface CookieAttrs {\n /**\n * a `Date` object indicating the cookie's expiration date (expires at the end of session by default).\n */\n expires?: Date;\n /**\n * a number representing the milliseconds from `Date.now()` for expiry\n */\n maxAge?: number | null;\n /**\n * a boolean or string indicating whether the cookie is a \"same site\" cookie (`false` by default). This can be set to `'strict'`, `'lax'`, `'none'`, or `true` (which maps to `'strict'`).\n */\n sameSite?: 'lax' | 'none' | 'strict' | boolean;\n /**\n * a string indicating the path of the cookie (`/` by default).\n */\n path?: string;\n /**\n * a string indicating the domain of the cookie (no default).\n */\n domain?: string;\n /**\n * a boolean indicating whether the cookie is only to be sent over HTTPS (`false` by default for HTTP, `true` by default for HTTPS).\n */\n secure?: boolean | undefined;\n /**\n * a boolean indicating whether the cookie is only to be sent over HTTP(S), and not made available to client JavaScript (`true` by default).\n */\n httpOnly?: boolean;\n /**\n * a boolean indicating whether to overwrite previously set cookies of the same name (`false` by default). If this is true, all cookies set during the same request with the same name (regardless of path or domain) are filtered out of the Set-Cookie header when setting this cookie.\n */\n overwrite?: boolean;\n}\n\nexport class Cookie implements CookieAttrs {\n name: string;\n value: string;\n domain?: string;\n path = '/';\n sameSite?: CookieAttrs['sameSite'] = false;\n secure = false;\n httpOnly = true;\n overwrite = false;\n expires?: Date;\n maxAge?: number | null;\n\n constructor(name: string, value: string | null, attrs?: CookieAttrs) {\n if (!fieldContentRegExp.test(name)) {\n throw new TypeError('argument name is invalid');\n }\n\n if (value && !fieldContentRegExp.test(value)) {\n throw new TypeError('argument value is invalid');\n }\n\n this.name = name;\n this.value = value || '';\n\n Object.assign(this, attrs)\n\n if (!this.value) {\n this.expires = new Date(0);\n this.maxAge = null;\n }\n\n if (this.path && !fieldContentRegExp.test(this.path)) {\n throw new TypeError('option path is invalid');\n }\n\n if (this.domain && !fieldContentRegExp.test(this.domain)) {\n throw new TypeError('option domain is invalid');\n }\n\n if (this.sameSite && this.sameSite !== true && !SAME_SITE_REGEXP.test(this.sameSite)) {\n throw new TypeError('option sameSite is invalid');\n }\n }\n\n toString() {\n return `${this.name}=${this.value}`;\n }\n\n get header() {\n let header = this.toString();\n\n if (this.maxAge) {\n this.expires = new Date(Date.now() + this.maxAge);\n }\n\n if (this.path) {\n header += `; path=${this.path}`;\n }\n if (this.expires) {\n header += `; expires=${this.expires.toUTCString()}`;\n }\n if (this.domain) {\n header += `; domain=${this.domain}`;\n }\n if (this.sameSite) {\n header += `; samesite=${this.sameSite === true ? 'strict' : this.sameSite.toLowerCase()}`;\n }\n if (this.secure) {\n header += '; secure';\n }\n if (this.httpOnly) {\n header += '; httponly';\n }\n\n return header;\n }\n\n}\n","export const CIPHER_INFO = {\n 'aes-128-cbc': { ivLength: 16, keyLength: 16 },\n 'aes-128-cbc-hmac-sha1': { ivLength: 16, keyLength: 16 },\n 'aes-128-cbc-hmac-sha256': { ivLength: 16, keyLength: 16 },\n 'aes-128-cfb': { ivLength: 16, keyLength: 16 },\n 'aes-128-cfb1': { ivLength: 16, keyLength: 16 },\n 'aes-128-cfb8': { ivLength: 16, keyLength: 16 },\n 'aes-128-ctr': { ivLength: 16, keyLength: 16 },\n 'aes-128-ecb': { ivLength: undefined, keyLength: 16 },\n 'aes-128-ocb': { ivLength: 12, keyLength: 16 },\n 'aes-128-ofb': { ivLength: 16, keyLength: 16 },\n 'aes-128-xts': { ivLength: 16, keyLength: 32 },\n 'aes-192-cbc': { ivLength: 16, keyLength: 24 },\n 'aes-192-cfb': { ivLength: 16, keyLength: 24 },\n 'aes-192-cfb1': { ivLength: 16, keyLength: 24 },\n 'aes-192-cfb8': { ivLength: 16, keyLength: 24 },\n 'aes-192-ctr': { ivLength: 16, keyLength: 24 },\n 'aes-192-ecb': { ivLength: undefined, keyLength: 24 },\n 'aes-192-ocb': { ivLength: 12, keyLength: 24 },\n 'aes-192-ofb': { ivLength: 16, keyLength: 24 },\n 'aes-256-cbc': { ivLength: 16, keyLength: 32 },\n 'aes-256-cbc-hmac-sha1': { ivLength: 16, keyLength: 32 },\n 'aes-256-cbc-hmac-sha256': { ivLength: 16, keyLength: 32 },\n 'aes-256-cfb': { ivLength: 16, keyLength: 32 },\n 'aes-256-cfb1': { ivLength: 16, keyLength: 32 },\n 'aes-256-cfb8': { ivLength: 16, keyLength: 32 },\n 'aes-256-ctr': { ivLength: 16, keyLength: 32 },\n 'aes-256-ecb': { ivLength: undefined, keyLength: 32 },\n 'aes-256-ocb': { ivLength: 12, keyLength: 32 },\n 'aes-256-ofb': { ivLength: 16, keyLength: 32 },\n 'aes-256-xts': { ivLength: 16, keyLength: 64 },\n 'aes-128-ccm': { ivLength: 12, keyLength: 16 },\n 'aes-128-gcm': { ivLength: 12, keyLength: 16 },\n 'aes-192-ccm': { ivLength: 12, keyLength: 24 },\n 'aes-192-gcm': { ivLength: 12, keyLength: 24 },\n 'aes-256-ccm': { ivLength: 12, keyLength: 32 },\n 'aes-256-gcm': { ivLength: 12, keyLength: 32 },\n 'id-aes128-ccm': { ivLength: 12, keyLength: 16 },\n 'id-aes128-gcm': { ivLength: 12, keyLength: 16 },\n 'id-aes192-ccm': { ivLength: 12, keyLength: 24 },\n 'id-aes192-gcm': { ivLength: 12, keyLength: 24 },\n 'id-aes256-ccm': { ivLength: 12, keyLength: 32 },\n 'id-aes256-gcm': { ivLength: 12, keyLength: 32 },\n} as const\n","/* eslint-disable @typescript-eslint/ban-ts-comment */\nimport compare from 'tsscmp'\n\nimport crypto, {BinaryToTextEncoding, CipherKey, Encoding} from \"crypto\";\nimport {CIPHER_INFO} from \"./ciphers\";\nimport type {Partial} from \"rollup-plugin-typescript2/dist/partial\";\n\nexport interface KeyStoreOpts {\n signing?: {\n keys: string[],\n algorithm?: string | 'blake2b512' | 'blake2s256' | 'gost' | 'md4' | 'md5' | 'rmd160' | 'sha1' | 'sha224'\n | 'sha256' | 'sha3-224' | 'sha3-256' | 'sha3-384' | 'sha3-512' | 'sha384' | 'sha512' | 'sha512-224'\n | 'sha512-256' | 'shake128' | 'shake256' | 'sm3';\n encoding?: BinaryToTextEncoding\n },\n encryption?: {\n keys: string[] | CipherKey[],\n algorithm?: keyof typeof CIPHER_INFO | string,\n encoding?: Encoding\n authTagLength?: number\n }\n}\n\ntype EncryptOptions = Required & { key?: string | undefined }\ntype DecryptOptions = Required & {\n key?: string | CipherKey | undefined,\n iv?: string | Buffer | undefined,\n authTag?: string | Buffer | undefined\n}\n\nconst AUTH_TAG_REQUIRED = /-(gcm|ccm)/\n\nexport class KeyStore {\n encryption: Required>;\n signing: Required>;\n\n static cipherInfo = CIPHER_INFO as Record\n\n constructor(opts?: KeyStoreOpts) {\n opts = opts || {}\n if (opts.encryption) {\n if (!Array.isArray(opts.encryption.keys) || opts.encryption.keys.length === 0) {\n throw new Error(\"keys are required for encryption\")\n }\n }\n if (opts.signing) {\n if (!Array.isArray(opts.signing.keys) || opts.signing.keys.length === 0) {\n throw new Error(\"keys are required for signing\")\n }\n }\n this.encryption = Object.assign({\n algorithm: 'aes-192-ccm',\n authTagLength: 16,\n encoding: 'hex', keys: []\n }, opts.encryption || {} as any)\n\n this.signing = Object.assign({encoding: 'base64', algorithm: 'sha1', keys: []}, opts.signing || {} as any)\n\n }\n\n encrypt(data?: null, options?: Partial): null\n encrypt(data: string | Buffer, options?: Partial): string\n encrypt(data?: string | Buffer | null, options?: Partial): string | null {\n if (!data) {\n return null\n }\n const {\n keys,\n algorithm,\n encoding,\n authTagLength,\n key\n }: EncryptOptions = options ? Object.assign({}, this.encryption, options) : this.encryption\n\n const secret = key || keys[0]\n\n if (!secret) {\n throw new Error(\"no key found\")\n }\n\n const cipherInfo = KeyStore.cipherInfo[algorithm]\n if (!cipherInfo) {\n throw new Error(\"unsupported cipher\")\n }\n\n const iv = cipherInfo.ivLength ? crypto.randomBytes(cipherInfo.ivLength) : null;\n const dataBuff = typeof data === \"string\" ? Buffer.from(data, 'utf-8') : data\n\n const cipher = crypto.createCipheriv(algorithm as any, secret, iv, {authTagLength})\n\n const text = cipher.update(dataBuff);\n const pad = cipher.final();\n let authTag: Buffer | undefined;\n if (AUTH_TAG_REQUIRED.test(algorithm)) {\n authTag = cipher.getAuthTag();\n }\n\n return Buffer.concat([\n ...iv ? [iv] : [],\n ...authTag ? [authTag] : [],\n text,\n pad\n ]).toString(encoding)\n }\n\n decrypt(data?: null, options?: Partial): null\n decrypt(data: string | Buffer, options?: Partial): string\n decrypt(data?: string | Buffer | null, options?: Partial): string | null {\n if (!data) {\n return null\n }\n\n const finalOptions: DecryptOptions = options ? Object.assign({}, this.encryption, options) : this.encryption\n\n const {\n encoding,\n key,\n keys: defaultKeys,\n algorithm,\n authTagLength,\n } = finalOptions\n\n const keys = key ? [ key ] : defaultKeys\n if (keys.length === 0) {\n throw new Error(\"keys required for encrypted cookies\")\n }\n\n let {\n iv,\n authTag\n } = finalOptions\n\n let dataBuff = typeof data === \"string\" ? Buffer.from(data, encoding) : data\n\n const cipherInfo = KeyStore.cipherInfo[algorithm]\n if (!cipherInfo) {\n throw new Error(\"unsupported cipher\")\n }\n\n if (typeof iv === \"string\") {\n iv = Buffer.from(iv, encoding)\n }\n\n if (typeof authTag === \"string\") {\n authTag = Buffer.from(authTag, encoding)\n }\n\n if (!iv) {\n iv = dataBuff.slice(0, cipherInfo.ivLength)\n }\n dataBuff = dataBuff.slice(cipherInfo.ivLength, dataBuff.length)\n\n\n if (AUTH_TAG_REQUIRED.test(algorithm)) {\n if (!authTag) {\n authTag = dataBuff.slice(0, authTagLength)\n }\n dataBuff = dataBuff.slice(authTagLength, dataBuff.length)\n }\n\n for (let i = 0; i < keys.length; i++) {\n const message = KeyStore.doDecrypt(dataBuff, {...finalOptions, key: keys[i], iv, authTag,});\n if (message !== null) return message\n }\n return null\n }\n\n private static doDecrypt(data: Buffer, options: DecryptOptions): string | null {\n const {algorithm, key, iv, authTagLength, authTag} = options\n const decipher = crypto.createDecipheriv(algorithm as any, key!, iv as Buffer, {authTagLength});\n\n if (authTag) {\n decipher.setAuthTag(authTag as Buffer)\n }\n\n const plainText = decipher.update(data)\n try {\n decipher.final()\n } catch {\n // authentication failed\n return null\n }\n return plainText.toString('utf-8')\n }\n\n //region: signing\n\n sign(data?: null, key?: string | CipherKey): null\n sign(data: string, key?: string | CipherKey): string\n sign(data?: string | null, key?: string | CipherKey): string | null {\n if (!data) {\n return null\n }\n const {algorithm, encoding, keys} = this.signing\n key = key || keys[0] as CipherKey\n return crypto\n .createHmac(algorithm, key)\n .update(data).digest(encoding)\n .replace(/\\/|\\+|=/g, function (x) {\n return ({\"/\": \"_\", \"+\": \"-\", \"=\": \"\"})[x] as string\n })\n }\n\n verify(data: string, digest: string): boolean {\n return this.indexOf(data, digest) > -1\n }\n\n indexOf(data: string, digest: string): number {\n const {keys} = this.signing\n\n if (keys.length === 0) {\n throw new Error(\"keys required for signed cookies\")\n }\n\n for (let i = 0; i < keys.length; i++) {\n if (compare(digest, this.sign(data, keys[i] as string))) return i\n }\n return -1\n }\n\n //end-region: signing\n\n}\n\n","import http, { IncomingMessage, ServerResponse } from 'http';\nimport { Cookie, CookieAttrs } from './cookie';\nimport {KeyStore} from \"./keystore\";\nimport type {Http2ServerRequest, Http2ServerResponse} from \"http2\";\n\nconst cache: { [key:string]: RegExp } = {} as any;\ntype SignIdentifier = string | ((name: string) => string)\nexport type CookiesOptions = {\n\n /**\n * KeyStore to be used for signing and encrypting\n */\n keyStore?: KeyStore;\n /**\n * a boolean indicating whether the cookie is to be signed (`false` by default). If this is true, another cookie of the same name with the `signIdentifier` will also be sent, with a 27-byte url-safe base64 SHA1 value representing the hash of _cookie-name_=_cookie-value_ against the first [KeyStore](keystore) key. This signature key is used to detect tampering the next time a cookie is received.\n * @default false\n */\n signed?: boolean;\n /**\n * Encrypt cookies by default and assume received cookies are encrypted.\n * @default false\n */\n encrypted?: boolean;\n /**\n * Mark cookies as secure by default.\n * @default `req.protocol`\n */\n secure?: boolean | undefined;\n /**\n * If string, provided value will be appended cookie name with dot. For example with given value `mysig`\n * signature cookie name will be `cookiename.mysig`\n *\n * @default `sig`\n */\n signIdentifier?: SignIdentifier\n}\n\nexport type SetCookies = CookiesOptions & CookieAttrs\nexport type GetCookies = CookiesOptions\n\nexport class Cookies {\n\n secure?: CookiesOptions[\"secure\"];\n\n encrypted: boolean;\n\n signed: boolean;\n\n keyStore: KeyStore;\n\n signIdentifier?: SignIdentifier\n\n readonly request: IncomingMessage | Http2ServerRequest;\n readonly response: ServerResponse | Http2ServerResponse;\n\n constructor(request: IncomingMessage | Http2ServerRequest, response: ServerResponse | Http2ServerResponse, options: CookiesOptions = {}) {\n this.request = request;\n this.response = response;\n\n this.keyStore = options.keyStore || new KeyStore();\n this.secure = options.secure;\n this.signed = options.signed !== undefined ? options.signed : false;\n this.encrypted = options.encrypted !== undefined ? options.encrypted : false;\n this.signIdentifier = options.signIdentifier || 'sig';\n }\n\n /**\n * This extracts the cookie with the given name from the Set-Cookie header in the request. If such a cookie exists, its value is returned. Otherwise, nothing is returned.\n *\n * `{ signed: true }` can optionally be passed as the second parameter options. In this case, a signature cookie (a cookie of same name ending with the .sig suffix appended) is fetched. If no such cookie exists, nothing is returned.\n *\n * If the signature cookie does exist, the provided KeyStore is used to check whether the hash of cookie-name=cookie-value matches that of any registered key/s:\n *\n * - If the signature cookie hash matches the first key, the original cookie value is returned.\n * - If the signature cookie hash matches any other key, the original cookie value is returned AND an outbound header is set to update the signature cookie's value to the hash of the first key. This enables automatic freshening of signature cookies that have become stale due to key rotation.\n * - If the signature cookie hash does not match any key, nothing is returned, and an outbound header with an expired date is used to delete the cookie.\n *\n * `{ encrypted: true }` can optionally be passed as the second parameter options. In this case, the provided KeyStore will try to decrypt the cookie value with registered key/s.\n *\n * - If the decryption fails nothing is returned, and the cookie stays intact.\n * - If decryption succeeds, decrypted cookie value is returned.\n *\n * If both `signed` and `encrypted` options are provided, signature check will be applied with encrypted value. Than the decryption will be applied.\n * @param name\n * @param opts\n */\n get(name: string, opts?: GetCookies) {\n const sigId = opts?.signIdentifier || this.signIdentifier;\n\n const sigName = typeof sigId === 'function' ? sigId.call(null, name)\n : `${name + '.'+ sigId}`;\n\n const signed = opts && opts.signed !== undefined ? opts.signed : this.keyStore.signing.keys.length > 0;\n\n const encrypted = opts && opts.encrypted !== undefined ? opts.encrypted : this.encrypted;\n\n const header = this.request.headers['cookie'];\n if (!header) {\n return undefined;\n }\n\n const match = header.match(getPattern(name));\n if (!match) {\n return undefined;\n }\n\n const value = match[1];\n if (!opts || !signed) {\n return encrypted ? this.keyStore.decrypt(value as string) : value;\n }\n\n const remote = this.get(sigName, { encrypted: false, signed: false });\n if (!remote) {\n return undefined;\n }\n\n const data = `${name}=${value}`;\n const index = this.keyStore.indexOf(data, remote);\n\n if (index < 0) {\n this.set(sigName, null, { path: '/', signed: false });\n return undefined\n } else {\n index && this.set(sigName, this.keyStore.sign(data), { signed: false });\n return encrypted ? this.keyStore.decrypt(value as string) : value;\n }\n }\n\n /**\n * This sets the given cookie in the response and returns the current context to allow chaining.\n *\n * @param name Cookie name\n * @param value Cookie value. If this is omitted, an outbound header with an expired date is used to delete the cookie.\n * @param opts Overridden options\n */\n set(name: string, value: string | null, opts: SetCookies) {\n const res = this.response;\n const req = this.request;\n let headers = (res.getHeader('Set-Cookie') || []) as string[];\n const secure = this.secure !== undefined ? !!this.secure : (req).protocol === 'https' || (req).connection['encrypted'];\n const encrypted = opts && opts.encrypted !== undefined ? opts.encrypted : this.encrypted;\n\n if(value !== null && encrypted){\n value = this.keyStore.encrypt(value as string);\n }\n\n const cookie = new Cookie(name, value, opts);\n const signed = opts && opts.signed !== undefined ? opts.signed : this.signed;\n\n if (typeof headers == 'string') {\n /* istanbul ignore next */\n headers = [headers];\n }\n\n if (!secure && opts && opts.secure) {\n throw new Error('Cannot send secure cookie over unencrypted connection');\n }\n\n cookie.secure = opts && opts.secure !== undefined\n ? opts.secure\n : secure;\n\n pushCookie(headers, cookie);\n\n if (opts && signed) {\n cookie.value = this.keyStore.sign(cookie.toString());\n\n const sigId = opts.signIdentifier || this.signIdentifier;\n\n cookie.name = typeof sigId === 'function' ? sigId.call(null, cookie.name)\n : `${cookie.name + '.'+ sigId}`;\n pushCookie(headers, cookie);\n }\n\n const setHeader = (res)[\"set\"] ? http.OutgoingMessage.prototype.setHeader : res.setHeader;\n setHeader.call(res, 'Set-Cookie', headers);\n return this;\n }\n\n static middleware = (options?: CookiesOptions) => (req: any, res: any, next: any) => {\n req.cookies = res.cookies = new Cookies(req, res, options);\n\n next();\n }\n static connect = Cookies.middleware\n static express = Cookies.middleware\n static koa = (options?: CookiesOptions) => (ctx: any, next: any) => {\n ctx.cookies = ctx.req.cookies = ctx.res.cookies = ctx.request.cookies = ctx.response.cookies = new Cookies(ctx.req, ctx.res, options)\n next()\n }\n}\n\n\nfunction getPattern(name: string): RegExp {\n if (cache[name]) {\n return cache[name] as RegExp;\n }\n\n return cache[name] = new RegExp(\n `(?:^|;) *${name.replace(/[-[\\]{}()*+?.,\\\\^$|#\\s]/g, '\\\\$&')}=([^;]*)`\n );\n}\n\nfunction pushCookie(headers: string[], cookie: Cookie) {\n if (cookie.overwrite) {\n for (let i = headers.length - 1; i >= 0; i--) {\n if (headers[i]!.indexOf(`${cookie.name}=`) === 0) {\n headers.splice(i, 1);\n }\n }\n }\n\n headers.push(cookie.header);\n}\n"],"names":["crypto","compare","http"],"mappings":";;;;;;;;;;;;;;;;;;;;AAAA;AACA,IAAM,kBAAkB,GAAG,uCAAuC,CAAC;AACnE,IAAM,gBAAgB,GAAG,wBAAwB,CAAC;;IAiDhD,gBAAY,IAAY,EAAE,KAAoB,EAAE,KAAmB;QARnE,SAAI,GAAG,GAAG,CAAC;QACX,aAAQ,GAA6B,KAAK,CAAC;QAC3C,WAAM,GAAG,KAAK,CAAC;QACf,aAAQ,GAAG,IAAI,CAAC;QAChB,cAAS,GAAG,KAAK,CAAC;QAKhB,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;YAClC,MAAM,IAAI,SAAS,CAAC,0BAA0B,CAAC,CAAC;SACjD;QAED,IAAI,KAAK,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE;YAC5C,MAAM,IAAI,SAAS,CAAC,2BAA2B,CAAC,CAAC;SAClD;QAED,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;QACjB,IAAI,CAAC,KAAK,GAAG,KAAK,IAAI,EAAE,CAAC;QAEzB,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,CAAA;QAE1B,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE;YACf,IAAI,CAAC,OAAO,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC;YAC3B,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC;SACpB;QAED,IAAI,IAAI,CAAC,IAAI,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;YACpD,MAAM,IAAI,SAAS,CAAC,wBAAwB,CAAC,CAAC;SAC/C;QAED,IAAI,IAAI,CAAC,MAAM,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE;YACxD,MAAM,IAAI,SAAS,CAAC,0BAA0B,CAAC,CAAC;SACjD;QAED,IAAI,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,QAAQ,KAAK,IAAI,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE;YACpF,MAAM,IAAI,SAAS,CAAC,4BAA4B,CAAC,CAAC;SACnD;KACF;IAED,yBAAQ,GAAR;QACE,OAAU,IAAI,CAAC,IAAI,SAAI,IAAI,CAAC,KAAO,CAAC;KACrC;IAED,sBAAI,0BAAM;aAAV;YACE,IAAI,MAAM,GAAG,IAAI,CAAC,QAAQ,EAAE,CAAC;YAE7B,IAAI,IAAI,CAAC,MAAM,EAAE;gBACf,IAAI,CAAC,OAAO,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC;aACnD;YAED,IAAI,IAAI,CAAC,IAAI,EAAE;gBACb,MAAM,IAAI,YAAU,IAAI,CAAC,IAAM,CAAC;aACjC;YACD,IAAI,IAAI,CAAC,OAAO,EAAE;gBAChB,MAAM,IAAI,eAAa,IAAI,CAAC,OAAO,CAAC,WAAW,EAAI,CAAC;aACrD;YACD,IAAI,IAAI,CAAC,MAAM,EAAE;gBACf,MAAM,IAAI,cAAY,IAAI,CAAC,MAAQ,CAAC;aACrC;YACD,IAAI,IAAI,CAAC,QAAQ,EAAE;gBACjB,MAAM,IAAI,iBAAc,IAAI,CAAC,QAAQ,KAAK,IAAI,GAAG,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAE,CAAC;aAC3F;YACD,IAAI,IAAI,CAAC,MAAM,EAAE;gBACf,MAAM,IAAI,UAAU,CAAC;aACtB;YACD,IAAI,IAAI,CAAC,QAAQ,EAAE;gBACjB,MAAM,IAAI,YAAY,CAAC;aACxB;YAED,OAAO,MAAM,CAAC;SACf;;;OAAA;IAEH,aAAC;AAAD,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;ACpHM,IAAM,WAAW,GAAG;IACzB,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,uBAAuB,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IACxD,yBAAyB,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC1D,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,EAAE,EAAE,EAAE;IACrD,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,EAAE,EAAE,EAAE;IACrD,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,uBAAuB,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IACxD,yBAAyB,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC1D,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,EAAE,EAAE,EAAE;IACrD,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;CACxC;;ACbV,IAAM,iBAAiB,GAAG,YAAY,CAAA;;IAWpC,kBAAY,IAAmB;QAC7B,IAAI,GAAG,IAAI,IAAI,EAAE,CAAA;QACjB,IAAI,IAAI,CAAC,UAAU,EAAE;YACnB,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE;gBAC7E,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAA;aACpD;SACF;QACD,IAAI,IAAI,CAAC,OAAO,EAAE;YAChB,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE;gBACvE,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAA;aACjD;SACF;QACD,IAAI,CAAC,UAAU,GAAG,MAAM,CAAC,MAAM,CAAC;YAC9B,SAAS,EAAE,aAAa;YACxB,aAAa,EAAE,EAAE;YACjB,QAAQ,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE;SAC1B,EAAE,IAAI,CAAC,UAAU,IAAI,EAAS,CAAC,CAAA;QAEhC,IAAI,CAAC,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,EAAC,QAAQ,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,EAAE,IAAI,EAAE,EAAE,EAAC,EAAE,IAAI,CAAC,OAAO,IAAI,EAAS,CAAC,CAAA;KAE3G;IAID,0BAAO,GAAP,UAAQ,IAA6B,EAAE,OAAiC;QACtE,IAAI,CAAC,IAAI,EAAE;YACT,OAAO,IAAI,CAAA;SACZ;QACK,IAAA,KAMc,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,IAAI,CAAC,UAAU,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC,UAAU,EALzF,IAAI,UAAA,EACJ,SAAS,eAAA,EACT,QAAQ,cAAA,EACR,aAAa,mBAAA,EACb,GAAG,SACsF,CAAA;QAE3F,IAAM,MAAM,GAAG,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,CAAA;QAE7B,IAAI,CAAC,MAAM,EAAE;YACX,MAAM,IAAI,KAAK,CAAC,cAAc,CAAC,CAAA;SAChC;QAED,IAAM,UAAU,GAAG,QAAQ,CAAC,UAAU,CAAC,SAAS,CAAC,CAAA;QACjD,IAAI,CAAC,UAAU,EAAE;YACf,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAA;SACtC;QAED,IAAM,EAAE,GAAG,UAAU,CAAC,QAAQ,GAAGA,0BAAM,CAAC,WAAW,CAAC,UAAU,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC;QAChF,IAAM,QAAQ,GAAG,OAAO,IAAI,KAAK,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,EAAE,OAAO,CAAC,GAAG,IAAI,CAAA;QAE7E,IAAM,MAAM,GAAGA,0BAAM,CAAC,cAAc,CAAC,SAAgB,EAAE,MAAM,EAAE,EAAE,EAAE,EAAC,aAAa,eAAA,EAAC,CAAC,CAAA;QAEnF,IAAM,IAAI,GAAG,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QACrC,IAAM,GAAG,GAAG,MAAM,CAAC,KAAK,EAAE,CAAC;QAC3B,IAAI,OAA2B,CAAC;QAChC,IAAI,iBAAiB,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE;YACrC,OAAO,GAAG,MAAM,CAAC,UAAU,EAAE,CAAC;SAC/B;QAED,OAAO,MAAM,CAAC,MAAM,+CACf,EAAE,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,SACd,OAAO,GAAG,CAAC,OAAO,CAAC,GAAG,EAAE;YAC3B,IAAI;YACJ,GAAG;WACH,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAA;KACtB;IAID,0BAAO,GAAP,UAAQ,IAA6B,EAAE,OAAiC;QACtE,IAAI,CAAC,IAAI,EAAE;YACT,OAAO,IAAI,CAAA;SACZ;QAED,IAAM,YAAY,GAAmB,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,IAAI,CAAC,UAAU,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC,UAAU,CAAA;QAG1G,IAAA,QAAQ,GAKN,YAAY,SALN,EACR,GAAG,GAID,YAAY,IAJX,EACG,WAAW,GAGf,YAAY,KAHG,EACjB,SAAS,GAEP,YAAY,UAFL,EACT,aAAa,GACX,YAAY,cADD,CACC;QAEhB,IAAM,IAAI,GAAG,GAAG,GAAG,CAAE,GAAG,CAAE,GAAG,WAAW,CAAA;QACxC,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE;YACrB,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAA;SACvD;QAGC,IAAA,EAAE,GAEA,YAAY,GAFZ,EACF,OAAO,GACL,YAAY,QADP,CACO;QAEhB,IAAI,QAAQ,GAAG,OAAO,IAAI,KAAK,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,EAAE,QAAQ,CAAC,GAAG,IAAI,CAAA;QAE5E,IAAM,UAAU,GAAG,QAAQ,CAAC,UAAU,CAAC,SAAS,CAAC,CAAA;QACjD,IAAI,CAAC,UAAU,EAAE;YACf,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAA;SACtC;QAED,IAAI,OAAO,EAAE,KAAK,QAAQ,EAAE;YAC1B,EAAE,GAAG,MAAM,CAAC,IAAI,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAA;SAC/B;QAED,IAAI,OAAO,OAAO,KAAK,QAAQ,EAAE;YAC/B,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAA;SACzC;QAED,IAAI,CAAC,EAAE,EAAE;YACP,EAAE,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,UAAU,CAAC,QAAQ,CAAC,CAAA;SAC5C;QACD,QAAQ,GAAG,QAAQ,CAAC,KAAK,CAAC,UAAU,CAAC,QAAQ,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAA;QAG/D,IAAI,iBAAiB,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE;YACrC,IAAI,CAAC,OAAO,EAAE;gBACZ,OAAO,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,aAAa,CAAC,CAAA;aAC3C;YACD,QAAQ,GAAG,QAAQ,CAAC,KAAK,CAAC,aAAa,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAA;SAC1D;QAED,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;YACpC,IAAM,OAAO,GAAG,QAAQ,CAAC,SAAS,CAAC,QAAQ,wBAAM,YAAY,KAAE,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,IAAA,EAAE,OAAO,SAAA,IAAG,CAAC;YAC5F,IAAI,OAAO,KAAK,IAAI;gBAAE,OAAO,OAAO,CAAA;SACrC;QACD,OAAO,IAAI,CAAA;KACZ;IAEc,kBAAS,GAAxB,UAAyB,IAAY,EAAE,OAAuB;QACrD,IAAA,SAAS,GAAqC,OAAO,UAA5C,EAAE,GAAG,GAAgC,OAAO,IAAvC,EAAE,EAAE,GAA4B,OAAO,GAAnC,EAAE,aAAa,GAAa,OAAO,cAApB,EAAE,OAAO,GAAI,OAAO,QAAX,CAAW;QAC5D,IAAM,QAAQ,GAAGA,0BAAM,CAAC,gBAAgB,CAAC,SAAgB,EAAE,GAAI,EAAE,EAAY,EAAE,EAAC,aAAa,eAAA,EAAC,CAAC,CAAC;QAEhG,IAAI,OAAO,EAAE;YACX,QAAQ,CAAC,UAAU,CAAC,OAAiB,CAAC,CAAA;SACvC;QAED,IAAM,SAAS,GAAG,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,CAAA;QACvC,IAAI;YACF,QAAQ,CAAC,KAAK,EAAE,CAAA;SACjB;QAAC,WAAM;;YAEN,OAAO,IAAI,CAAA;SACZ;QACD,OAAO,SAAS,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAA;KACnC;IAMD,uBAAI,GAAJ,UAAK,IAAoB,EAAE,GAAwB;QACjD,IAAI,CAAC,IAAI,EAAE;YACT,OAAO,IAAI,CAAA;SACZ;QACK,IAAA,KAA8B,IAAI,CAAC,OAAO,EAAzC,SAAS,eAAA,EAAE,QAAQ,cAAA,EAAE,IAAI,UAAgB,CAAA;QAChD,GAAG,GAAG,GAAG,IAAI,IAAI,CAAC,CAAC,CAAc,CAAA;QACjC,OAAOA,0BAAM;aACV,UAAU,CAAC,SAAS,EAAE,GAAG,CAAC;aAC1B,MAAM,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC;aAC7B,OAAO,CAAC,UAAU,EAAE,UAAU,CAAC;YAC9B,OAAO,CAAC,EAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,EAAE,EAAC,EAAE,CAAC,CAAW,CAAA;SACpD,CAAC,CAAA;KACL;IAED,yBAAM,GAAN,UAAO,IAAY,EAAE,MAAc;QACjC,OAAO,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC,GAAG,CAAC,CAAC,CAAA;KACvC;IAED,0BAAO,GAAP,UAAQ,IAAY,EAAE,MAAc;QAC3B,IAAA,IAAI,GAAI,IAAI,CAAC,OAAO,KAAhB,CAAgB;QAE3B,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE;YACrB,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAA;SACpD;QAED,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;YACpC,IAAIC,2BAAO,CAAC,MAAM,EAAE,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC,CAAW,CAAC,CAAC;gBAAE,OAAO,CAAC,CAAA;SAClE;QACD,OAAO,CAAC,CAAC,CAAA;KACV;IAzLM,mBAAU,GAAG,WAGlB,CAAA;IA0LJ,eAAC;CAjMD;;AC3BA,IAAM,KAAK,GAA6B,EAAS,CAAC;;IAkDhD,iBAAY,OAA6C,EAAE,QAA8C,EAAE,OAA4B;QAA5B,wBAAA,EAAA,YAA4B;QACrI,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;QACvB,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;QAEzB,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC,QAAQ,IAAI,IAAI,QAAQ,EAAE,CAAC;QACnD,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;QAC7B,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,KAAK,SAAS,GAAG,OAAO,CAAC,MAAM,GAAG,KAAK,CAAC;QACpE,IAAI,CAAC,SAAS,GAAG,OAAO,CAAC,SAAS,KAAK,SAAS,GAAG,OAAO,CAAC,SAAS,GAAG,KAAK,CAAC;QAC7E,IAAI,CAAC,cAAc,GAAG,OAAO,CAAC,cAAc,IAAI,KAAK,CAAC;KACvD;;;;;;;;;;;;;;;;;;;;;IAsBD,qBAAG,GAAH,UAAI,IAAY,EAAE,IAAiB;QACjC,IAAM,KAAK,GAAG,CAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,cAAc,KAAI,IAAI,CAAC,cAAc,CAAC;QAE1D,IAAM,OAAO,GAAI,OAAO,KAAK,KAAK,UAAU,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC;cACjE,MAAG,IAAI,GAAG,GAAG,GAAE,KAAK,CAAE,CAAC;QAE3B,IAAM,MAAM,GAAG,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,SAAS,GAAG,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC;QAEvG,IAAM,SAAS,GAAG,IAAI,IAAI,IAAI,CAAC,SAAS,KAAK,SAAS,GAAG,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC;QAEzF,IAAM,MAAM,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;QAC9C,IAAI,CAAC,MAAM,EAAE;YACX,OAAO,SAAS,CAAC;SAClB;QAED,IAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC;QAC7C,IAAI,CAAC,KAAK,EAAE;YACV,OAAO,SAAS,CAAC;SAClB;QAED,IAAM,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QACvB,IAAI,CAAC,IAAI,IAAI,CAAC,MAAM,EAAE;YACpB,OAAO,SAAS,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAe,CAAC,GAAG,KAAK,CAAC;SACnE;QAED,IAAM,MAAM,GAAG,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;QACtE,IAAI,CAAC,MAAM,EAAE;YACX,OAAO,SAAS,CAAC;SAClB;QAED,IAAM,IAAI,GAAM,IAAI,SAAI,KAAO,CAAC;QAChC,IAAM,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;QAElD,IAAI,KAAK,GAAG,CAAC,EAAE;YACb,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,IAAI,EAAE,EAAE,IAAI,EAAE,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;YACtD,OAAO,SAAS,CAAA;SACjB;aAAM;YACL,KAAK,IAAI,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;YACxE,OAAO,SAAS,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAe,CAAC,GAAG,KAAK,CAAC;SACnE;KACF;;;;;;;;IASD,qBAAG,GAAH,UAAI,IAAY,EAAE,KAAoB,EAAE,IAAgB;QACtD,IAAM,GAAG,GAAG,IAAI,CAAC,QAAQ,CAAC;QAC1B,IAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC;QACzB,IAAI,OAAO,IAAI,GAAG,CAAC,SAAS,CAAC,YAAY,CAAC,IAAI,EAAE,CAAa,CAAC;QAC9D,IAAM,MAAM,GAAG,IAAI,CAAC,MAAM,KAAK,SAAS,GAAG,CAAC,CAAC,IAAI,CAAC,MAAM,GAAS,GAAI,CAAC,QAAQ,KAAK,OAAO,IAAU,GAAI,CAAC,UAAU,CAAC,WAAW,CAAC,CAAC;QACjI,IAAM,SAAS,GAAG,IAAI,IAAI,IAAI,CAAC,SAAS,KAAK,SAAS,GAAG,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC;QAEzF,IAAG,KAAK,KAAK,IAAI,IAAI,SAAS,EAAC;YAC7B,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAe,CAAC,CAAC;SAChD;QAED,IAAM,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,EAAE,KAAK,EAAE,IAAI,CAAC,CAAC;QAC7C,IAAM,MAAM,GAAG,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,SAAS,GAAG,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC;QAE7E,IAAI,OAAO,OAAO,IAAI,QAAQ,EAAE;;YAE9B,OAAO,GAAG,CAAC,OAAO,CAAC,CAAC;SACrB;QAED,IAAI,CAAC,MAAM,IAAI,IAAI,IAAI,IAAI,CAAC,MAAM,EAAE;YAClC,MAAM,IAAI,KAAK,CAAC,uDAAuD,CAAC,CAAC;SAC1E;QAED,MAAM,CAAC,MAAM,GAAG,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,SAAS;cAC7C,IAAI,CAAC,MAAM;cACX,MAAM,CAAC;QAEX,UAAU,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;QAE5B,IAAI,IAAI,IAAI,MAAM,EAAE;YAClB,MAAM,CAAC,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAC;YAErD,IAAM,KAAK,GAAG,IAAI,CAAC,cAAc,IAAI,IAAI,CAAC,cAAc,CAAC;YAEzD,MAAM,CAAC,IAAI,GAAG,OAAO,KAAK,KAAK,UAAU,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC;kBACrE,MAAG,MAAM,CAAC,IAAI,GAAG,GAAG,GAAE,KAAK,CAAE,CAAC;YAClC,UAAU,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;SAC7B;QAED,IAAM,SAAS,GAAS,GAAI,CAAC,KAAK,CAAC,GAAGC,wBAAI,CAAC,eAAe,CAAC,SAAS,CAAC,SAAS,GAAG,GAAG,CAAC,SAAS,CAAC;QAC/F,SAAS,CAAC,IAAI,CAAC,GAAG,EAAE,YAAY,EAAE,OAAO,CAAC,CAAC;QAC3C,OAAO,IAAI,CAAC;KACb;IAEM,kBAAU,GAAG,UAAC,OAAwB,IAAK,OAAA,UAAC,GAAQ,EAAE,GAAQ,EAAE,IAAS;QAC9E,GAAG,CAAC,OAAO,GAAG,GAAG,CAAC,OAAO,GAAG,IAAI,OAAO,CAAC,GAAG,EAAE,GAAG,EAAE,OAAO,CAAC,CAAC;QAE3D,IAAI,EAAE,CAAC;KACR,GAAA,CAAA;IACM,eAAO,GAAG,OAAO,CAAC,UAAU,CAAA;IAC5B,eAAO,GAAG,OAAO,CAAC,UAAU,CAAA;IAC5B,WAAG,GAAG,UAAC,OAAwB,IAAK,OAAA,UAAC,GAAQ,EAAE,IAAS;QAC7D,GAAG,CAAC,OAAO,GAAG,GAAG,CAAC,GAAG,CAAC,OAAO,GAAG,GAAG,CAAC,GAAG,CAAC,OAAO,GAAG,GAAG,CAAC,OAAO,CAAC,OAAO,GAAG,GAAG,CAAC,QAAQ,CAAC,OAAO,GAAG,IAAI,OAAO,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAA;QACrI,IAAI,EAAE,CAAA;KACP,GAAA,CAAA;IACH,cAAC;CAtJD,IAsJC;AAGD,SAAS,UAAU,CAAC,IAAY;IAC9B,IAAI,KAAK,CAAC,IAAI,CAAC,EAAE;QACf,OAAO,KAAK,CAAC,IAAI,CAAW,CAAC;KAC9B;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,GAAG,IAAI,MAAM,CAC7B,cAAY,IAAI,CAAC,OAAO,CAAC,0BAA0B,EAAE,MAAM,CAAC,aAAU,CACvE,CAAC;AACJ,CAAC;AAED,SAAS,UAAU,CAAC,OAAiB,EAAE,MAAc;IACnD,IAAI,MAAM,CAAC,SAAS,EAAE;QACpB,KAAK,IAAI,CAAC,GAAG,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE;YAC5C,IAAI,OAAO,CAAC,CAAC,CAAE,CAAC,OAAO,CAAI,MAAM,CAAC,IAAI,MAAG,CAAC,KAAK,CAAC,EAAE;gBAChD,OAAO,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;aACtB;SACF;KACF;IAED,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;AAC9B;;;;;;"} \ No newline at end of file +{"version":3,"file":"index.js","sources":["../src/cookie.ts","../src/ciphers.ts","../src/keystore.ts","../src/cookies.ts"],"sourcesContent":["// eslint-disable-next-line no-control-regex\nconst fieldContentRegExp = /^[\\u0009\\u0020-\\u007e\\u0080-\\u00ff]+$/;\nconst SAME_SITE_REGEXP = /^(?:lax|none|strict)$/i;\n\nexport interface CookieAttrs {\n /**\n * a `Date` object indicating the cookie's expiration date (expires at the end of session by default).\n */\n expires?: Date;\n /**\n * a number representing the milliseconds from `Date.now()` for expiry\n */\n maxAge?: number | null;\n /**\n * a boolean or string indicating whether the cookie is a \"same site\" cookie (`false` by default). This can be set to `'strict'`, `'lax'`, `'none'`, or `true` (which maps to `'strict'`).\n */\n sameSite?: 'lax' | 'none' | 'strict' | boolean;\n /**\n * a string indicating the path of the cookie (`/` by default).\n */\n path?: string;\n /**\n * a string indicating the domain of the cookie (no default).\n */\n domain?: string;\n /**\n * a boolean indicating whether the cookie is only to be sent over HTTPS (`false` by default for HTTP, `true` by default for HTTPS).\n */\n secure?: boolean | undefined;\n /**\n * a boolean indicating whether the cookie is only to be sent over HTTP(S), and not made available to client JavaScript (`true` by default).\n */\n httpOnly?: boolean;\n /**\n * a boolean indicating whether to overwrite previously set cookies of the same name (`false` by default). If this is true, all cookies set during the same request with the same name (regardless of path or domain) are filtered out of the Set-Cookie header when setting this cookie.\n */\n overwrite?: boolean;\n}\n\nexport class Cookie implements CookieAttrs {\n name: string;\n value: string;\n domain?: string;\n path = '/';\n sameSite?: CookieAttrs['sameSite'] = false;\n secure = false;\n httpOnly = true;\n overwrite = false;\n expires?: Date;\n maxAge?: number | null;\n\n constructor(name: string, value: string | null, attrs?: CookieAttrs) {\n if (!fieldContentRegExp.test(name)) {\n throw new TypeError('argument name is invalid');\n }\n\n if (value && !fieldContentRegExp.test(value)) {\n throw new TypeError('argument value is invalid');\n }\n\n this.name = name;\n this.value = value || '';\n\n Object.assign(this, attrs)\n\n if (!this.value) {\n this.expires = new Date(0);\n this.maxAge = null;\n }\n\n if (this.path && !fieldContentRegExp.test(this.path)) {\n throw new TypeError('option path is invalid');\n }\n\n if (this.domain && !fieldContentRegExp.test(this.domain)) {\n throw new TypeError('option domain is invalid');\n }\n\n if (this.sameSite && this.sameSite !== true && !SAME_SITE_REGEXP.test(this.sameSite)) {\n throw new TypeError('option sameSite is invalid');\n }\n }\n\n toString() {\n return `${this.name}=${this.value}`;\n }\n\n get header() {\n let header = this.toString();\n\n if (this.maxAge) {\n this.expires = new Date(Date.now() + this.maxAge);\n }\n\n if (this.path) {\n header += `; path=${this.path}`;\n }\n if (this.expires) {\n header += `; expires=${this.expires.toUTCString()}`;\n }\n if (this.domain) {\n header += `; domain=${this.domain}`;\n }\n if (this.sameSite) {\n header += `; samesite=${this.sameSite === true ? 'strict' : this.sameSite.toLowerCase()}`;\n }\n if (this.secure) {\n header += '; secure';\n }\n if (this.httpOnly) {\n header += '; httponly';\n }\n\n return header;\n }\n\n}\n","export const CIPHER_INFO = {\n 'aes-128-cbc': { ivLength: 16, keyLength: 16 },\n 'aes-128-cbc-hmac-sha1': { ivLength: 16, keyLength: 16 },\n 'aes-128-cbc-hmac-sha256': { ivLength: 16, keyLength: 16 },\n 'aes-128-cfb': { ivLength: 16, keyLength: 16 },\n 'aes-128-cfb1': { ivLength: 16, keyLength: 16 },\n 'aes-128-cfb8': { ivLength: 16, keyLength: 16 },\n 'aes-128-ctr': { ivLength: 16, keyLength: 16 },\n 'aes-128-ecb': { ivLength: undefined, keyLength: 16 },\n 'aes-128-ocb': { ivLength: 12, keyLength: 16 },\n 'aes-128-ofb': { ivLength: 16, keyLength: 16 },\n 'aes-128-xts': { ivLength: 16, keyLength: 32 },\n 'aes-192-cbc': { ivLength: 16, keyLength: 24 },\n 'aes-192-cfb': { ivLength: 16, keyLength: 24 },\n 'aes-192-cfb1': { ivLength: 16, keyLength: 24 },\n 'aes-192-cfb8': { ivLength: 16, keyLength: 24 },\n 'aes-192-ctr': { ivLength: 16, keyLength: 24 },\n 'aes-192-ecb': { ivLength: undefined, keyLength: 24 },\n 'aes-192-ocb': { ivLength: 12, keyLength: 24 },\n 'aes-192-ofb': { ivLength: 16, keyLength: 24 },\n 'aes-256-cbc': { ivLength: 16, keyLength: 32 },\n 'aes-256-cbc-hmac-sha1': { ivLength: 16, keyLength: 32 },\n 'aes-256-cbc-hmac-sha256': { ivLength: 16, keyLength: 32 },\n 'aes-256-cfb': { ivLength: 16, keyLength: 32 },\n 'aes-256-cfb1': { ivLength: 16, keyLength: 32 },\n 'aes-256-cfb8': { ivLength: 16, keyLength: 32 },\n 'aes-256-ctr': { ivLength: 16, keyLength: 32 },\n 'aes-256-ecb': { ivLength: undefined, keyLength: 32 },\n 'aes-256-ocb': { ivLength: 12, keyLength: 32 },\n 'aes-256-ofb': { ivLength: 16, keyLength: 32 },\n 'aes-256-xts': { ivLength: 16, keyLength: 64 },\n 'aes-128-ccm': { ivLength: 12, keyLength: 16 },\n 'aes-128-gcm': { ivLength: 12, keyLength: 16 },\n 'aes-192-ccm': { ivLength: 12, keyLength: 24 },\n 'aes-192-gcm': { ivLength: 12, keyLength: 24 },\n 'aes-256-ccm': { ivLength: 12, keyLength: 32 },\n 'aes-256-gcm': { ivLength: 12, keyLength: 32 },\n 'id-aes128-ccm': { ivLength: 12, keyLength: 16 },\n 'id-aes128-gcm': { ivLength: 12, keyLength: 16 },\n 'id-aes192-ccm': { ivLength: 12, keyLength: 24 },\n 'id-aes192-gcm': { ivLength: 12, keyLength: 24 },\n 'id-aes256-ccm': { ivLength: 12, keyLength: 32 },\n 'id-aes256-gcm': { ivLength: 12, keyLength: 32 },\n} as const\n","/* eslint-disable @typescript-eslint/ban-ts-comment */\nimport compare from 'tsscmp'\n\nimport crypto, {BinaryToTextEncoding, CipherKey, Encoding} from \"crypto\";\nimport {CIPHER_INFO} from \"./ciphers\";\nimport type {Partial} from \"rollup-plugin-typescript2/dist/partial\";\n\nexport interface KeyStoreOpts {\n signing?: {\n keys: string[],\n algorithm?: string | 'blake2b512' | 'blake2s256' | 'gost' | 'md4' | 'md5' | 'rmd160' | 'sha1' | 'sha224'\n | 'sha256' | 'sha3-224' | 'sha3-256' | 'sha3-384' | 'sha3-512' | 'sha384' | 'sha512' | 'sha512-224'\n | 'sha512-256' | 'shake128' | 'shake256' | 'sm3';\n encoding?: BinaryToTextEncoding\n },\n encryption?: {\n keys: string[] | CipherKey[],\n algorithm?: keyof typeof CIPHER_INFO | string,\n encoding?: Encoding\n authTagLength?: number\n }\n}\n\ntype EncryptOptions = Required & { key?: string | undefined }\ntype DecryptOptions = Required & {\n key?: string | CipherKey | undefined,\n iv?: string | Buffer | undefined,\n authTag?: string | Buffer | undefined\n}\n\nconst AUTH_TAG_REQUIRED = /-(gcm|ccm)/\n\nexport class KeyStore {\n encryption: Required>;\n signing: Required>;\n\n static cipherInfo = CIPHER_INFO as Record\n\n constructor(opts?: KeyStoreOpts) {\n opts = opts || {}\n if (opts.encryption) {\n if (!Array.isArray(opts.encryption.keys) || opts.encryption.keys.length === 0) {\n throw new Error(\"keys are required for encryption\")\n }\n }\n if (opts.signing) {\n if (!Array.isArray(opts.signing.keys) || opts.signing.keys.length === 0) {\n throw new Error(\"keys are required for signing\")\n }\n }\n this.encryption = Object.assign({\n algorithm: 'aes-192-ccm',\n authTagLength: 16,\n encoding: 'hex', keys: []\n }, opts.encryption || {} as any)\n\n this.signing = Object.assign({encoding: 'base64', algorithm: 'sha1', keys: []}, opts.signing || {} as any)\n\n }\n\n encrypt(data?: null, options?: Partial): null\n encrypt(data: string | Buffer, options?: Partial): string\n encrypt(data?: string | Buffer | null, options?: Partial): string | null {\n if (!data) {\n return null\n }\n const {\n keys,\n algorithm,\n encoding,\n authTagLength,\n key\n }: EncryptOptions = options ? Object.assign({}, this.encryption, options) : this.encryption\n\n const secret = key || keys[0]\n\n if (!secret) {\n throw new Error(\"no key found\")\n }\n\n const cipherInfo = KeyStore.cipherInfo[algorithm]\n if (!cipherInfo) {\n throw new Error(\"unsupported cipher\")\n }\n\n const iv = cipherInfo.ivLength ? crypto.randomBytes(cipherInfo.ivLength) : null;\n const dataBuff = typeof data === \"string\" ? Buffer.from(data, 'utf-8') : data\n\n const cipher = crypto.createCipheriv(algorithm as any, secret, iv, {authTagLength})\n\n const text = cipher.update(dataBuff);\n const pad = cipher.final();\n let authTag: Buffer | undefined;\n if (AUTH_TAG_REQUIRED.test(algorithm)) {\n authTag = cipher.getAuthTag();\n }\n\n return Buffer.concat([\n ...iv ? [iv] : [],\n ...authTag ? [authTag] : [],\n text,\n pad\n ]).toString(encoding)\n }\n\n decrypt(data?: null, options?: Partial): null\n decrypt(data: string | Buffer, options?: Partial): string\n decrypt(data?: string | Buffer | null, options?: Partial): string | null {\n if (!data) {\n return null\n }\n\n const finalOptions: DecryptOptions = options ? Object.assign({}, this.encryption, options) : this.encryption\n\n const {\n encoding,\n key,\n keys: defaultKeys,\n algorithm,\n authTagLength,\n } = finalOptions\n\n const keys = key ? [key] : defaultKeys\n if (keys.length === 0) {\n throw new Error(\"keys required for encrypted cookies\")\n }\n\n let {\n iv,\n authTag\n } = finalOptions\n\n let dataBuff = typeof data === \"string\" ? Buffer.from(data, encoding) : data\n\n const cipherInfo = KeyStore.cipherInfo[algorithm]\n if (!cipherInfo) {\n throw new Error(\"unsupported cipher\")\n }\n\n if (typeof iv === \"string\") {\n iv = Buffer.from(iv, encoding)\n }\n\n if (typeof authTag === \"string\") {\n authTag = Buffer.from(authTag, encoding)\n }\n\n if (cipherInfo.ivLength !== undefined) {\n if (!iv) {\n iv = dataBuff.slice(0, cipherInfo.ivLength)\n }\n dataBuff = dataBuff.slice(cipherInfo.ivLength, dataBuff.length)\n }\n\n\n if (AUTH_TAG_REQUIRED.test(algorithm)) {\n if (!authTag) {\n authTag = dataBuff.slice(0, authTagLength)\n }\n dataBuff = dataBuff.slice(authTagLength, dataBuff.length)\n }\n\n for (let i = 0; i < keys.length; i++) {\n const message = KeyStore.doDecrypt(dataBuff, {...finalOptions, key: keys[i], iv, authTag,});\n if (message !== null) return message\n }\n return null\n }\n\n private static doDecrypt(data: Buffer, options: DecryptOptions): string | null {\n const {algorithm, key, iv, authTagLength, authTag} = options\n const decipher = crypto.createDecipheriv(algorithm as any, key!, iv as Buffer || null, {authTagLength});\n\n if (authTag) {\n decipher.setAuthTag(authTag as Buffer)\n }\n\n const plainText = decipher.update(data)\n let final: Buffer\n try {\n final = decipher.final()\n } catch(e:any) {\n // authentication failed\n return null\n }\n return Buffer.concat([plainText, final]).toString('utf-8')\n }\n\n //region: signing\n\n sign(data?: null, key?: string | CipherKey): null\n sign(data: string, key?: string | CipherKey): string\n sign(data?: string | null, key?: string | CipherKey): string | null {\n if (!data) {\n return null\n }\n const {algorithm, encoding, keys} = this.signing\n key = key || keys[0] as CipherKey\n return crypto\n .createHmac(algorithm, key)\n .update(data).digest(encoding)\n .replace(/\\/|\\+|=/g, function (x) {\n return ({\"/\": \"_\", \"+\": \"-\", \"=\": \"\"})[x] as string\n })\n }\n\n verify(data: string, digest: string): boolean {\n return this.indexOf(data, digest) > -1\n }\n\n indexOf(data: string, digest: string): number {\n const {keys} = this.signing\n\n if (keys.length === 0) {\n throw new Error(\"keys required for signed cookies\")\n }\n\n for (let i = 0; i < keys.length; i++) {\n if (compare(digest, this.sign(data, keys[i] as string))) return i\n }\n return -1\n }\n\n //end-region: signing\n\n}\n\n","import http, { IncomingMessage, ServerResponse } from 'http';\nimport { Cookie, CookieAttrs } from './cookie';\nimport {KeyStore} from \"./keystore\";\nimport type {Http2ServerRequest, Http2ServerResponse} from \"http2\";\n\nconst cache: { [key:string]: RegExp } = {} as any;\ntype SignIdentifier = string | ((name: string) => string)\nexport type CookiesOptions = {\n\n /**\n * KeyStore to be used for signing and encrypting\n */\n keyStore?: KeyStore;\n /**\n * a boolean indicating whether the cookie is to be signed (`false` by default). If this is true, another cookie of the same name with the `signIdentifier` will also be sent, with a 27-byte url-safe base64 SHA1 value representing the hash of _cookie-name_=_cookie-value_ against the first [KeyStore](keystore) key. This signature key is used to detect tampering the next time a cookie is received.\n * @default false\n */\n signed?: boolean;\n /**\n * Encrypt cookies by default and assume received cookies are encrypted.\n * @default false\n */\n encrypted?: boolean;\n /**\n * Mark cookies as secure by default.\n * @default `req.protocol`\n */\n secure?: boolean | undefined;\n /**\n * If string, provided value will be appended cookie name with dot. For example with given value `mysig`\n * signature cookie name will be `cookiename.mysig`\n *\n * @default `sig`\n */\n signIdentifier?: SignIdentifier\n}\n\nexport type SetCookies = CookiesOptions & CookieAttrs\nexport type GetCookies = CookiesOptions\n\nexport class Cookies {\n\n secure?: CookiesOptions[\"secure\"];\n\n encrypted: boolean;\n\n signed: boolean;\n\n keyStore: KeyStore;\n\n signIdentifier?: SignIdentifier\n\n readonly request: IncomingMessage | Http2ServerRequest;\n readonly response: ServerResponse | Http2ServerResponse;\n\n constructor(request: IncomingMessage | Http2ServerRequest, response: ServerResponse | Http2ServerResponse, options: CookiesOptions = {}) {\n this.request = request;\n this.response = response;\n\n this.keyStore = options.keyStore || new KeyStore();\n this.secure = options.secure;\n this.signed = options.signed !== undefined ? options.signed : false;\n this.encrypted = options.encrypted !== undefined ? options.encrypted : false;\n this.signIdentifier = options.signIdentifier || 'sig';\n }\n\n /**\n * This extracts the cookie with the given name from the Set-Cookie header in the request. If such a cookie exists, its value is returned. Otherwise, nothing is returned.\n *\n * `{ signed: true }` can optionally be passed as the second parameter options. In this case, a signature cookie (a cookie of same name ending with the .sig suffix appended) is fetched. If no such cookie exists, nothing is returned.\n *\n * If the signature cookie does exist, the provided KeyStore is used to check whether the hash of cookie-name=cookie-value matches that of any registered key/s:\n *\n * - If the signature cookie hash matches the first key, the original cookie value is returned.\n * - If the signature cookie hash matches any other key, the original cookie value is returned AND an outbound header is set to update the signature cookie's value to the hash of the first key. This enables automatic freshening of signature cookies that have become stale due to key rotation.\n * - If the signature cookie hash does not match any key, nothing is returned, and an outbound header with an expired date is used to delete the cookie.\n *\n * `{ encrypted: true }` can optionally be passed as the second parameter options. In this case, the provided KeyStore will try to decrypt the cookie value with registered key/s.\n *\n * - If the decryption fails nothing is returned, and the cookie stays intact.\n * - If decryption succeeds, decrypted cookie value is returned.\n *\n * If both `signed` and `encrypted` options are provided, signature check will be applied with encrypted value. Than the decryption will be applied.\n * @param name\n * @param opts\n */\n get(name: string, opts?: GetCookies) {\n const sigId = opts?.signIdentifier || this.signIdentifier;\n\n const sigName = typeof sigId === 'function' ? sigId.call(null, name)\n : `${name + '.'+ sigId}`;\n\n const signed = opts && opts.signed !== undefined ? opts.signed : this.keyStore.signing.keys.length > 0;\n\n const encrypted = opts && opts.encrypted !== undefined ? opts.encrypted : this.encrypted;\n\n const header = this.request.headers['cookie'];\n if (!header) {\n return undefined;\n }\n\n const match = header.match(getPattern(name));\n if (!match) {\n return undefined;\n }\n\n const value = match[1];\n if (!opts || !signed) {\n return encrypted ? this.keyStore.decrypt(value as string) : value;\n }\n\n const remote = this.get(sigName, { encrypted: false, signed: false });\n if (!remote) {\n return undefined;\n }\n\n const data = `${name}=${value}`;\n const index = this.keyStore.indexOf(data, remote);\n\n if (index < 0) {\n this.set(sigName, null, { path: '/', signed: false });\n return undefined\n } else {\n index && this.set(sigName, this.keyStore.sign(data), { signed: false });\n return encrypted ? this.keyStore.decrypt(value as string) : value;\n }\n }\n\n /**\n * This sets the given cookie in the response and returns the current context to allow chaining.\n *\n * @param name Cookie name\n * @param value Cookie value. If this is omitted, an outbound header with an expired date is used to delete the cookie.\n * @param opts Overridden options\n */\n set(name: string, value: string | null, opts: SetCookies) {\n const res = this.response;\n const req = this.request;\n let headers = (res.getHeader('Set-Cookie') || []) as string[];\n const secure = this.secure !== undefined ? !!this.secure : (req).protocol === 'https' || (req).connection['encrypted'];\n const encrypted = opts && opts.encrypted !== undefined ? opts.encrypted : this.encrypted;\n\n if(value !== null && encrypted){\n value = this.keyStore.encrypt(value as string);\n }\n\n const cookie = new Cookie(name, value, opts);\n const signed = opts && opts.signed !== undefined ? opts.signed : this.signed;\n\n /* istanbul ignore next */\n if (typeof headers == 'string') {\n headers = [headers];\n }\n\n if (!secure && opts && opts.secure) {\n throw new Error('Cannot send secure cookie over unencrypted connection');\n }\n\n cookie.secure = opts && opts.secure !== undefined\n ? opts.secure\n : secure;\n\n pushCookie(headers, cookie);\n\n if (opts && signed) {\n cookie.value = this.keyStore.sign(cookie.toString());\n\n const sigId = opts.signIdentifier || this.signIdentifier;\n\n cookie.name = typeof sigId === 'function' ? sigId.call(null, cookie.name)\n : `${cookie.name + '.'+ sigId}`;\n pushCookie(headers, cookie);\n }\n\n const setHeader = (res)[\"set\"] ? http.OutgoingMessage.prototype.setHeader : res.setHeader;\n setHeader.call(res, 'Set-Cookie', headers);\n return this;\n }\n\n static middleware = (options?: CookiesOptions) => (req: any, res: any, next: any) => {\n req.cookies = res.cookies = new Cookies(req, res, options);\n\n next();\n }\n static connect = Cookies.middleware\n static express = Cookies.middleware\n static koa = (options?: CookiesOptions) => (ctx: any, next: any) => {\n ctx.cookies = ctx.req.cookies = ctx.res.cookies = ctx.request.cookies = ctx.response.cookies = new Cookies(ctx.req, ctx.res, options)\n next()\n }\n}\n\n\nfunction getPattern(name: string): RegExp {\n if (cache[name]) {\n return cache[name] as RegExp;\n }\n\n return cache[name] = new RegExp(\n `(?:^|;) *${name.replace(/[-[\\]{}()*+?.,\\\\^$|#\\s]/g, '\\\\$&')}=([^;]*)`\n );\n}\n\nfunction pushCookie(headers: string[], cookie: Cookie) {\n if (cookie.overwrite) {\n for (let i = headers.length - 1; i >= 0; i--) {\n if (headers[i]!.indexOf(`${cookie.name}=`) === 0) {\n headers.splice(i, 1);\n }\n }\n }\n\n headers.push(cookie.header);\n}\n"],"names":["crypto","compare","http"],"mappings":";;;;;;;;;;;;;;;;;;;;AAAA;AACA,IAAM,kBAAkB,GAAG,uCAAuC,CAAC;AACnE,IAAM,gBAAgB,GAAG,wBAAwB,CAAC;;IAiDhD,gBAAY,IAAY,EAAE,KAAoB,EAAE,KAAmB;QARnE,SAAI,GAAG,GAAG,CAAC;QACX,aAAQ,GAA6B,KAAK,CAAC;QAC3C,WAAM,GAAG,KAAK,CAAC;QACf,aAAQ,GAAG,IAAI,CAAC;QAChB,cAAS,GAAG,KAAK,CAAC;QAKhB,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;YAClC,MAAM,IAAI,SAAS,CAAC,0BAA0B,CAAC,CAAC;SACjD;QAED,IAAI,KAAK,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE;YAC5C,MAAM,IAAI,SAAS,CAAC,2BAA2B,CAAC,CAAC;SAClD;QAED,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;QACjB,IAAI,CAAC,KAAK,GAAG,KAAK,IAAI,EAAE,CAAC;QAEzB,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,CAAA;QAE1B,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE;YACf,IAAI,CAAC,OAAO,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC;YAC3B,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC;SACpB;QAED,IAAI,IAAI,CAAC,IAAI,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;YACpD,MAAM,IAAI,SAAS,CAAC,wBAAwB,CAAC,CAAC;SAC/C;QAED,IAAI,IAAI,CAAC,MAAM,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE;YACxD,MAAM,IAAI,SAAS,CAAC,0BAA0B,CAAC,CAAC;SACjD;QAED,IAAI,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,QAAQ,KAAK,IAAI,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE;YACpF,MAAM,IAAI,SAAS,CAAC,4BAA4B,CAAC,CAAC;SACnD;KACF;IAED,yBAAQ,GAAR;QACE,OAAU,IAAI,CAAC,IAAI,SAAI,IAAI,CAAC,KAAO,CAAC;KACrC;IAED,sBAAI,0BAAM;aAAV;YACE,IAAI,MAAM,GAAG,IAAI,CAAC,QAAQ,EAAE,CAAC;YAE7B,IAAI,IAAI,CAAC,MAAM,EAAE;gBACf,IAAI,CAAC,OAAO,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC;aACnD;YAED,IAAI,IAAI,CAAC,IAAI,EAAE;gBACb,MAAM,IAAI,YAAU,IAAI,CAAC,IAAM,CAAC;aACjC;YACD,IAAI,IAAI,CAAC,OAAO,EAAE;gBAChB,MAAM,IAAI,eAAa,IAAI,CAAC,OAAO,CAAC,WAAW,EAAI,CAAC;aACrD;YACD,IAAI,IAAI,CAAC,MAAM,EAAE;gBACf,MAAM,IAAI,cAAY,IAAI,CAAC,MAAQ,CAAC;aACrC;YACD,IAAI,IAAI,CAAC,QAAQ,EAAE;gBACjB,MAAM,IAAI,iBAAc,IAAI,CAAC,QAAQ,KAAK,IAAI,GAAG,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAE,CAAC;aAC3F;YACD,IAAI,IAAI,CAAC,MAAM,EAAE;gBACf,MAAM,IAAI,UAAU,CAAC;aACtB;YACD,IAAI,IAAI,CAAC,QAAQ,EAAE;gBACjB,MAAM,IAAI,YAAY,CAAC;aACxB;YAED,OAAO,MAAM,CAAC;SACf;;;OAAA;IAEH,aAAC;AAAD,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;ACpHM,IAAM,WAAW,GAAG;IACzB,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,uBAAuB,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IACxD,yBAAyB,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC1D,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,EAAE,EAAE,EAAE;IACrD,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,EAAE,EAAE,EAAE;IACrD,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,uBAAuB,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IACxD,yBAAyB,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC1D,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,EAAE,EAAE,EAAE;IACrD,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;CACxC;;ACbV,IAAM,iBAAiB,GAAG,YAAY,CAAA;;IAWpC,kBAAY,IAAmB;QAC7B,IAAI,GAAG,IAAI,IAAI,EAAE,CAAA;QACjB,IAAI,IAAI,CAAC,UAAU,EAAE;YACnB,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE;gBAC7E,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAA;aACpD;SACF;QACD,IAAI,IAAI,CAAC,OAAO,EAAE;YAChB,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE;gBACvE,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAA;aACjD;SACF;QACD,IAAI,CAAC,UAAU,GAAG,MAAM,CAAC,MAAM,CAAC;YAC9B,SAAS,EAAE,aAAa;YACxB,aAAa,EAAE,EAAE;YACjB,QAAQ,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE;SAC1B,EAAE,IAAI,CAAC,UAAU,IAAI,EAAS,CAAC,CAAA;QAEhC,IAAI,CAAC,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,EAAC,QAAQ,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,EAAE,IAAI,EAAE,EAAE,EAAC,EAAE,IAAI,CAAC,OAAO,IAAI,EAAS,CAAC,CAAA;KAE3G;IAID,0BAAO,GAAP,UAAQ,IAA6B,EAAE,OAAiC;QACtE,IAAI,CAAC,IAAI,EAAE;YACT,OAAO,IAAI,CAAA;SACZ;QACK,IAAA,KAMc,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,IAAI,CAAC,UAAU,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC,UAAU,EALzF,IAAI,UAAA,EACJ,SAAS,eAAA,EACT,QAAQ,cAAA,EACR,aAAa,mBAAA,EACb,GAAG,SACsF,CAAA;QAE3F,IAAM,MAAM,GAAG,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,CAAA;QAE7B,IAAI,CAAC,MAAM,EAAE;YACX,MAAM,IAAI,KAAK,CAAC,cAAc,CAAC,CAAA;SAChC;QAED,IAAM,UAAU,GAAG,QAAQ,CAAC,UAAU,CAAC,SAAS,CAAC,CAAA;QACjD,IAAI,CAAC,UAAU,EAAE;YACf,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAA;SACtC;QAED,IAAM,EAAE,GAAG,UAAU,CAAC,QAAQ,GAAGA,0BAAM,CAAC,WAAW,CAAC,UAAU,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC;QAChF,IAAM,QAAQ,GAAG,OAAO,IAAI,KAAK,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,EAAE,OAAO,CAAC,GAAG,IAAI,CAAA;QAE7E,IAAM,MAAM,GAAGA,0BAAM,CAAC,cAAc,CAAC,SAAgB,EAAE,MAAM,EAAE,EAAE,EAAE,EAAC,aAAa,eAAA,EAAC,CAAC,CAAA;QAEnF,IAAM,IAAI,GAAG,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QACrC,IAAM,GAAG,GAAG,MAAM,CAAC,KAAK,EAAE,CAAC;QAC3B,IAAI,OAA2B,CAAC;QAChC,IAAI,iBAAiB,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE;YACrC,OAAO,GAAG,MAAM,CAAC,UAAU,EAAE,CAAC;SAC/B;QAED,OAAO,MAAM,CAAC,MAAM,+CACf,EAAE,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,SACd,OAAO,GAAG,CAAC,OAAO,CAAC,GAAG,EAAE;YAC3B,IAAI;YACJ,GAAG;WACH,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAA;KACtB;IAID,0BAAO,GAAP,UAAQ,IAA6B,EAAE,OAAiC;QACtE,IAAI,CAAC,IAAI,EAAE;YACT,OAAO,IAAI,CAAA;SACZ;QAED,IAAM,YAAY,GAAmB,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,IAAI,CAAC,UAAU,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC,UAAU,CAAA;QAG1G,IAAA,QAAQ,GAKN,YAAY,SALN,EACR,GAAG,GAID,YAAY,IAJX,EACG,WAAW,GAGf,YAAY,KAHG,EACjB,SAAS,GAEP,YAAY,UAFL,EACT,aAAa,GACX,YAAY,cADD,CACC;QAEhB,IAAM,IAAI,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,WAAW,CAAA;QACtC,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE;YACrB,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAA;SACvD;QAGC,IAAA,EAAE,GAEA,YAAY,GAFZ,EACF,OAAO,GACL,YAAY,QADP,CACO;QAEhB,IAAI,QAAQ,GAAG,OAAO,IAAI,KAAK,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,EAAE,QAAQ,CAAC,GAAG,IAAI,CAAA;QAE5E,IAAM,UAAU,GAAG,QAAQ,CAAC,UAAU,CAAC,SAAS,CAAC,CAAA;QACjD,IAAI,CAAC,UAAU,EAAE;YACf,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAA;SACtC;QAED,IAAI,OAAO,EAAE,KAAK,QAAQ,EAAE;YAC1B,EAAE,GAAG,MAAM,CAAC,IAAI,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAA;SAC/B;QAED,IAAI,OAAO,OAAO,KAAK,QAAQ,EAAE;YAC/B,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAA;SACzC;QAED,IAAI,UAAU,CAAC,QAAQ,KAAK,SAAS,EAAE;YACrC,IAAI,CAAC,EAAE,EAAE;gBACP,EAAE,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,UAAU,CAAC,QAAQ,CAAC,CAAA;aAC5C;YACD,QAAQ,GAAG,QAAQ,CAAC,KAAK,CAAC,UAAU,CAAC,QAAQ,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAA;SAChE;QAGD,IAAI,iBAAiB,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE;YACrC,IAAI,CAAC,OAAO,EAAE;gBACZ,OAAO,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,aAAa,CAAC,CAAA;aAC3C;YACD,QAAQ,GAAG,QAAQ,CAAC,KAAK,CAAC,aAAa,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAA;SAC1D;QAED,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;YACpC,IAAM,OAAO,GAAG,QAAQ,CAAC,SAAS,CAAC,QAAQ,wBAAM,YAAY,KAAE,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,IAAA,EAAE,OAAO,SAAA,IAAG,CAAC;YAC5F,IAAI,OAAO,KAAK,IAAI;gBAAE,OAAO,OAAO,CAAA;SACrC;QACD,OAAO,IAAI,CAAA;KACZ;IAEc,kBAAS,GAAxB,UAAyB,IAAY,EAAE,OAAuB;QACrD,IAAA,SAAS,GAAqC,OAAO,UAA5C,EAAE,GAAG,GAAgC,OAAO,IAAvC,EAAE,EAAE,GAA4B,OAAO,GAAnC,EAAE,aAAa,GAAa,OAAO,cAApB,EAAE,OAAO,GAAI,OAAO,QAAX,CAAW;QAC5D,IAAM,QAAQ,GAAGA,0BAAM,CAAC,gBAAgB,CAAC,SAAgB,EAAE,GAAI,EAAE,EAAY,IAAI,IAAI,EAAE,EAAC,aAAa,eAAA,EAAC,CAAC,CAAC;QAExG,IAAI,OAAO,EAAE;YACX,QAAQ,CAAC,UAAU,CAAC,OAAiB,CAAC,CAAA;SACvC;QAED,IAAM,SAAS,GAAG,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,CAAA;QACvC,IAAI,KAAa,CAAA;QACjB,IAAI;YACF,KAAK,GAAG,QAAQ,CAAC,KAAK,EAAE,CAAA;SACzB;QAAC,OAAM,CAAK,EAAE;;YAEb,OAAO,IAAI,CAAA;SACZ;QACD,OAAO,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAA;KAC3D;IAMD,uBAAI,GAAJ,UAAK,IAAoB,EAAE,GAAwB;QACjD,IAAI,CAAC,IAAI,EAAE;YACT,OAAO,IAAI,CAAA;SACZ;QACK,IAAA,KAA8B,IAAI,CAAC,OAAO,EAAzC,SAAS,eAAA,EAAE,QAAQ,cAAA,EAAE,IAAI,UAAgB,CAAA;QAChD,GAAG,GAAG,GAAG,IAAI,IAAI,CAAC,CAAC,CAAc,CAAA;QACjC,OAAOA,0BAAM;aACV,UAAU,CAAC,SAAS,EAAE,GAAG,CAAC;aAC1B,MAAM,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC;aAC7B,OAAO,CAAC,UAAU,EAAE,UAAU,CAAC;YAC9B,OAAO,CAAC,EAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,EAAE,EAAC,EAAE,CAAC,CAAW,CAAA;SACpD,CAAC,CAAA;KACL;IAED,yBAAM,GAAN,UAAO,IAAY,EAAE,MAAc;QACjC,OAAO,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC,GAAG,CAAC,CAAC,CAAA;KACvC;IAED,0BAAO,GAAP,UAAQ,IAAY,EAAE,MAAc;QAC3B,IAAA,IAAI,GAAI,IAAI,CAAC,OAAO,KAAhB,CAAgB;QAE3B,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE;YACrB,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAA;SACpD;QAED,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;YACpC,IAAIC,2BAAO,CAAC,MAAM,EAAE,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC,CAAW,CAAC,CAAC;gBAAE,OAAO,CAAC,CAAA;SAClE;QACD,OAAO,CAAC,CAAC,CAAA;KACV;IA5LM,mBAAU,GAAG,WAGlB,CAAA;IA6LJ,eAAC;CApMD;;AC3BA,IAAM,KAAK,GAA6B,EAAS,CAAC;;IAkDhD,iBAAY,OAA6C,EAAE,QAA8C,EAAE,OAA4B;QAA5B,wBAAA,EAAA,YAA4B;QACrI,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;QACvB,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;QAEzB,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC,QAAQ,IAAI,IAAI,QAAQ,EAAE,CAAC;QACnD,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;QAC7B,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,KAAK,SAAS,GAAG,OAAO,CAAC,MAAM,GAAG,KAAK,CAAC;QACpE,IAAI,CAAC,SAAS,GAAG,OAAO,CAAC,SAAS,KAAK,SAAS,GAAG,OAAO,CAAC,SAAS,GAAG,KAAK,CAAC;QAC7E,IAAI,CAAC,cAAc,GAAG,OAAO,CAAC,cAAc,IAAI,KAAK,CAAC;KACvD;;;;;;;;;;;;;;;;;;;;;IAsBD,qBAAG,GAAH,UAAI,IAAY,EAAE,IAAiB;QACjC,IAAM,KAAK,GAAG,CAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,cAAc,KAAI,IAAI,CAAC,cAAc,CAAC;QAE1D,IAAM,OAAO,GAAI,OAAO,KAAK,KAAK,UAAU,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC;cACjE,MAAG,IAAI,GAAG,GAAG,GAAE,KAAK,CAAE,CAAC;QAE3B,IAAM,MAAM,GAAG,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,SAAS,GAAG,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC;QAEvG,IAAM,SAAS,GAAG,IAAI,IAAI,IAAI,CAAC,SAAS,KAAK,SAAS,GAAG,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC;QAEzF,IAAM,MAAM,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;QAC9C,IAAI,CAAC,MAAM,EAAE;YACX,OAAO,SAAS,CAAC;SAClB;QAED,IAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC;QAC7C,IAAI,CAAC,KAAK,EAAE;YACV,OAAO,SAAS,CAAC;SAClB;QAED,IAAM,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QACvB,IAAI,CAAC,IAAI,IAAI,CAAC,MAAM,EAAE;YACpB,OAAO,SAAS,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAe,CAAC,GAAG,KAAK,CAAC;SACnE;QAED,IAAM,MAAM,GAAG,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;QACtE,IAAI,CAAC,MAAM,EAAE;YACX,OAAO,SAAS,CAAC;SAClB;QAED,IAAM,IAAI,GAAM,IAAI,SAAI,KAAO,CAAC;QAChC,IAAM,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;QAElD,IAAI,KAAK,GAAG,CAAC,EAAE;YACb,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,IAAI,EAAE,EAAE,IAAI,EAAE,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;YACtD,OAAO,SAAS,CAAA;SACjB;aAAM;YACL,KAAK,IAAI,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;YACxE,OAAO,SAAS,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAe,CAAC,GAAG,KAAK,CAAC;SACnE;KACF;;;;;;;;IASD,qBAAG,GAAH,UAAI,IAAY,EAAE,KAAoB,EAAE,IAAgB;QACtD,IAAM,GAAG,GAAG,IAAI,CAAC,QAAQ,CAAC;QAC1B,IAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC;QACzB,IAAI,OAAO,IAAI,GAAG,CAAC,SAAS,CAAC,YAAY,CAAC,IAAI,EAAE,CAAa,CAAC;QAC9D,IAAM,MAAM,GAAG,IAAI,CAAC,MAAM,KAAK,SAAS,GAAG,CAAC,CAAC,IAAI,CAAC,MAAM,GAAS,GAAI,CAAC,QAAQ,KAAK,OAAO,IAAU,GAAI,CAAC,UAAU,CAAC,WAAW,CAAC,CAAC;QACjI,IAAM,SAAS,GAAG,IAAI,IAAI,IAAI,CAAC,SAAS,KAAK,SAAS,GAAG,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC;QAEzF,IAAG,KAAK,KAAK,IAAI,IAAI,SAAS,EAAC;YAC7B,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAe,CAAC,CAAC;SAChD;QAED,IAAM,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,EAAE,KAAK,EAAE,IAAI,CAAC,CAAC;QAC7C,IAAM,MAAM,GAAG,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,SAAS,GAAG,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC;;QAG7E,IAAI,OAAO,OAAO,IAAI,QAAQ,EAAE;YAC9B,OAAO,GAAG,CAAC,OAAO,CAAC,CAAC;SACrB;QAED,IAAI,CAAC,MAAM,IAAI,IAAI,IAAI,IAAI,CAAC,MAAM,EAAE;YAClC,MAAM,IAAI,KAAK,CAAC,uDAAuD,CAAC,CAAC;SAC1E;QAED,MAAM,CAAC,MAAM,GAAG,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,SAAS;cAC7C,IAAI,CAAC,MAAM;cACX,MAAM,CAAC;QAEX,UAAU,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;QAE5B,IAAI,IAAI,IAAI,MAAM,EAAE;YAClB,MAAM,CAAC,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAC;YAErD,IAAM,KAAK,GAAG,IAAI,CAAC,cAAc,IAAI,IAAI,CAAC,cAAc,CAAC;YAEzD,MAAM,CAAC,IAAI,GAAG,OAAO,KAAK,KAAK,UAAU,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC;kBACrE,MAAG,MAAM,CAAC,IAAI,GAAG,GAAG,GAAE,KAAK,CAAE,CAAC;YAClC,UAAU,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;SAC7B;QAED,IAAM,SAAS,GAAS,GAAI,CAAC,KAAK,CAAC,GAAGC,wBAAI,CAAC,eAAe,CAAC,SAAS,CAAC,SAAS,GAAG,GAAG,CAAC,SAAS,CAAC;QAC/F,SAAS,CAAC,IAAI,CAAC,GAAG,EAAE,YAAY,EAAE,OAAO,CAAC,CAAC;QAC3C,OAAO,IAAI,CAAC;KACb;IAEM,kBAAU,GAAG,UAAC,OAAwB,IAAK,OAAA,UAAC,GAAQ,EAAE,GAAQ,EAAE,IAAS;QAC9E,GAAG,CAAC,OAAO,GAAG,GAAG,CAAC,OAAO,GAAG,IAAI,OAAO,CAAC,GAAG,EAAE,GAAG,EAAE,OAAO,CAAC,CAAC;QAE3D,IAAI,EAAE,CAAC;KACR,GAAA,CAAA;IACM,eAAO,GAAG,OAAO,CAAC,UAAU,CAAA;IAC5B,eAAO,GAAG,OAAO,CAAC,UAAU,CAAA;IAC5B,WAAG,GAAG,UAAC,OAAwB,IAAK,OAAA,UAAC,GAAQ,EAAE,IAAS;QAC7D,GAAG,CAAC,OAAO,GAAG,GAAG,CAAC,GAAG,CAAC,OAAO,GAAG,GAAG,CAAC,GAAG,CAAC,OAAO,GAAG,GAAG,CAAC,OAAO,CAAC,OAAO,GAAG,GAAG,CAAC,QAAQ,CAAC,OAAO,GAAG,IAAI,OAAO,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAA;QACrI,IAAI,EAAE,CAAA;KACP,GAAA,CAAA;IACH,cAAC;CAtJD,IAsJC;AAGD,SAAS,UAAU,CAAC,IAAY;IAC9B,IAAI,KAAK,CAAC,IAAI,CAAC,EAAE;QACf,OAAO,KAAK,CAAC,IAAI,CAAW,CAAC;KAC9B;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,GAAG,IAAI,MAAM,CAC7B,cAAY,IAAI,CAAC,OAAO,CAAC,0BAA0B,EAAE,MAAM,CAAC,aAAU,CACvE,CAAC;AACJ,CAAC;AAED,SAAS,UAAU,CAAC,OAAiB,EAAE,MAAc;IACnD,IAAI,MAAM,CAAC,SAAS,EAAE;QACpB,KAAK,IAAI,CAAC,GAAG,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE;YAC5C,IAAI,OAAO,CAAC,CAAC,CAAE,CAAC,OAAO,CAAI,MAAM,CAAC,IAAI,MAAG,CAAC,KAAK,CAAC,EAAE;gBAChD,OAAO,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;aACtB;SACF;KACF;IAED,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;AAC9B;;;;;;"} \ No newline at end of file diff --git a/dist/index.mjs b/dist/index.mjs index a752b35..82f2698 100644 --- a/dist/index.mjs +++ b/dist/index.mjs @@ -1,5 +1,5 @@ /*! - * secure-cookie v0.0.1 + * secure-cookie v0.0.2 * (c) Ismail H. Ayaz * Released under the MIT License. */ @@ -223,10 +223,12 @@ var KeyStore = /** @class */ (function () { if (typeof authTag === "string") { authTag = Buffer.from(authTag, encoding); } - if (!iv) { - iv = dataBuff.slice(0, cipherInfo.ivLength); + if (cipherInfo.ivLength !== undefined) { + if (!iv) { + iv = dataBuff.slice(0, cipherInfo.ivLength); + } + dataBuff = dataBuff.slice(cipherInfo.ivLength, dataBuff.length); } - dataBuff = dataBuff.slice(cipherInfo.ivLength, dataBuff.length); if (AUTH_TAG_REQUIRED.test(algorithm)) { if (!authTag) { authTag = dataBuff.slice(0, authTagLength); @@ -242,19 +244,20 @@ var KeyStore = /** @class */ (function () { }; KeyStore.doDecrypt = function (data, options) { var algorithm = options.algorithm, key = options.key, iv = options.iv, authTagLength = options.authTagLength, authTag = options.authTag; - var decipher = crypto.createDecipheriv(algorithm, key, iv, { authTagLength: authTagLength }); + var decipher = crypto.createDecipheriv(algorithm, key, iv || null, { authTagLength: authTagLength }); if (authTag) { decipher.setAuthTag(authTag); } var plainText = decipher.update(data); + var final; try { - decipher.final(); + final = decipher.final(); } - catch (_a) { + catch (e) { // authentication failed return null; } - return plainText.toString('utf-8'); + return Buffer.concat([plainText, final]).toString('utf-8'); }; KeyStore.prototype.sign = function (data, key) { if (!data) { @@ -370,8 +373,8 @@ var Cookies = /** @class */ (function () { } var cookie = new Cookie(name, value, opts); var signed = opts && opts.signed !== undefined ? opts.signed : this.signed; + /* istanbul ignore next */ if (typeof headers == 'string') { - /* istanbul ignore next */ headers = [headers]; } if (!secure && opts && opts.secure) { diff --git a/dist/index.mjs.map b/dist/index.mjs.map index 0dc21f6..602da3a 100644 --- a/dist/index.mjs.map +++ b/dist/index.mjs.map @@ -1 +1 @@ -{"version":3,"file":"index.mjs","sources":["../src/cookie.ts","../src/ciphers.ts","../src/keystore.ts","../src/cookies.ts"],"sourcesContent":["// eslint-disable-next-line no-control-regex\nconst fieldContentRegExp = /^[\\u0009\\u0020-\\u007e\\u0080-\\u00ff]+$/;\nconst SAME_SITE_REGEXP = /^(?:lax|none|strict)$/i;\n\nexport interface CookieAttrs {\n /**\n * a `Date` object indicating the cookie's expiration date (expires at the end of session by default).\n */\n expires?: Date;\n /**\n * a number representing the milliseconds from `Date.now()` for expiry\n */\n maxAge?: number | null;\n /**\n * a boolean or string indicating whether the cookie is a \"same site\" cookie (`false` by default). This can be set to `'strict'`, `'lax'`, `'none'`, or `true` (which maps to `'strict'`).\n */\n sameSite?: 'lax' | 'none' | 'strict' | boolean;\n /**\n * a string indicating the path of the cookie (`/` by default).\n */\n path?: string;\n /**\n * a string indicating the domain of the cookie (no default).\n */\n domain?: string;\n /**\n * a boolean indicating whether the cookie is only to be sent over HTTPS (`false` by default for HTTP, `true` by default for HTTPS).\n */\n secure?: boolean | undefined;\n /**\n * a boolean indicating whether the cookie is only to be sent over HTTP(S), and not made available to client JavaScript (`true` by default).\n */\n httpOnly?: boolean;\n /**\n * a boolean indicating whether to overwrite previously set cookies of the same name (`false` by default). If this is true, all cookies set during the same request with the same name (regardless of path or domain) are filtered out of the Set-Cookie header when setting this cookie.\n */\n overwrite?: boolean;\n}\n\nexport class Cookie implements CookieAttrs {\n name: string;\n value: string;\n domain?: string;\n path = '/';\n sameSite?: CookieAttrs['sameSite'] = false;\n secure = false;\n httpOnly = true;\n overwrite = false;\n expires?: Date;\n maxAge?: number | null;\n\n constructor(name: string, value: string | null, attrs?: CookieAttrs) {\n if (!fieldContentRegExp.test(name)) {\n throw new TypeError('argument name is invalid');\n }\n\n if (value && !fieldContentRegExp.test(value)) {\n throw new TypeError('argument value is invalid');\n }\n\n this.name = name;\n this.value = value || '';\n\n Object.assign(this, attrs)\n\n if (!this.value) {\n this.expires = new Date(0);\n this.maxAge = null;\n }\n\n if (this.path && !fieldContentRegExp.test(this.path)) {\n throw new TypeError('option path is invalid');\n }\n\n if (this.domain && !fieldContentRegExp.test(this.domain)) {\n throw new TypeError('option domain is invalid');\n }\n\n if (this.sameSite && this.sameSite !== true && !SAME_SITE_REGEXP.test(this.sameSite)) {\n throw new TypeError('option sameSite is invalid');\n }\n }\n\n toString() {\n return `${this.name}=${this.value}`;\n }\n\n get header() {\n let header = this.toString();\n\n if (this.maxAge) {\n this.expires = new Date(Date.now() + this.maxAge);\n }\n\n if (this.path) {\n header += `; path=${this.path}`;\n }\n if (this.expires) {\n header += `; expires=${this.expires.toUTCString()}`;\n }\n if (this.domain) {\n header += `; domain=${this.domain}`;\n }\n if (this.sameSite) {\n header += `; samesite=${this.sameSite === true ? 'strict' : this.sameSite.toLowerCase()}`;\n }\n if (this.secure) {\n header += '; secure';\n }\n if (this.httpOnly) {\n header += '; httponly';\n }\n\n return header;\n }\n\n}\n","export const CIPHER_INFO = {\n 'aes-128-cbc': { ivLength: 16, keyLength: 16 },\n 'aes-128-cbc-hmac-sha1': { ivLength: 16, keyLength: 16 },\n 'aes-128-cbc-hmac-sha256': { ivLength: 16, keyLength: 16 },\n 'aes-128-cfb': { ivLength: 16, keyLength: 16 },\n 'aes-128-cfb1': { ivLength: 16, keyLength: 16 },\n 'aes-128-cfb8': { ivLength: 16, keyLength: 16 },\n 'aes-128-ctr': { ivLength: 16, keyLength: 16 },\n 'aes-128-ecb': { ivLength: undefined, keyLength: 16 },\n 'aes-128-ocb': { ivLength: 12, keyLength: 16 },\n 'aes-128-ofb': { ivLength: 16, keyLength: 16 },\n 'aes-128-xts': { ivLength: 16, keyLength: 32 },\n 'aes-192-cbc': { ivLength: 16, keyLength: 24 },\n 'aes-192-cfb': { ivLength: 16, keyLength: 24 },\n 'aes-192-cfb1': { ivLength: 16, keyLength: 24 },\n 'aes-192-cfb8': { ivLength: 16, keyLength: 24 },\n 'aes-192-ctr': { ivLength: 16, keyLength: 24 },\n 'aes-192-ecb': { ivLength: undefined, keyLength: 24 },\n 'aes-192-ocb': { ivLength: 12, keyLength: 24 },\n 'aes-192-ofb': { ivLength: 16, keyLength: 24 },\n 'aes-256-cbc': { ivLength: 16, keyLength: 32 },\n 'aes-256-cbc-hmac-sha1': { ivLength: 16, keyLength: 32 },\n 'aes-256-cbc-hmac-sha256': { ivLength: 16, keyLength: 32 },\n 'aes-256-cfb': { ivLength: 16, keyLength: 32 },\n 'aes-256-cfb1': { ivLength: 16, keyLength: 32 },\n 'aes-256-cfb8': { ivLength: 16, keyLength: 32 },\n 'aes-256-ctr': { ivLength: 16, keyLength: 32 },\n 'aes-256-ecb': { ivLength: undefined, keyLength: 32 },\n 'aes-256-ocb': { ivLength: 12, keyLength: 32 },\n 'aes-256-ofb': { ivLength: 16, keyLength: 32 },\n 'aes-256-xts': { ivLength: 16, keyLength: 64 },\n 'aes-128-ccm': { ivLength: 12, keyLength: 16 },\n 'aes-128-gcm': { ivLength: 12, keyLength: 16 },\n 'aes-192-ccm': { ivLength: 12, keyLength: 24 },\n 'aes-192-gcm': { ivLength: 12, keyLength: 24 },\n 'aes-256-ccm': { ivLength: 12, keyLength: 32 },\n 'aes-256-gcm': { ivLength: 12, keyLength: 32 },\n 'id-aes128-ccm': { ivLength: 12, keyLength: 16 },\n 'id-aes128-gcm': { ivLength: 12, keyLength: 16 },\n 'id-aes192-ccm': { ivLength: 12, keyLength: 24 },\n 'id-aes192-gcm': { ivLength: 12, keyLength: 24 },\n 'id-aes256-ccm': { ivLength: 12, keyLength: 32 },\n 'id-aes256-gcm': { ivLength: 12, keyLength: 32 },\n} as const\n","/* eslint-disable @typescript-eslint/ban-ts-comment */\nimport compare from 'tsscmp'\n\nimport crypto, {BinaryToTextEncoding, CipherKey, Encoding} from \"crypto\";\nimport {CIPHER_INFO} from \"./ciphers\";\nimport type {Partial} from \"rollup-plugin-typescript2/dist/partial\";\n\nexport interface KeyStoreOpts {\n signing?: {\n keys: string[],\n algorithm?: string | 'blake2b512' | 'blake2s256' | 'gost' | 'md4' | 'md5' | 'rmd160' | 'sha1' | 'sha224'\n | 'sha256' | 'sha3-224' | 'sha3-256' | 'sha3-384' | 'sha3-512' | 'sha384' | 'sha512' | 'sha512-224'\n | 'sha512-256' | 'shake128' | 'shake256' | 'sm3';\n encoding?: BinaryToTextEncoding\n },\n encryption?: {\n keys: string[] | CipherKey[],\n algorithm?: keyof typeof CIPHER_INFO | string,\n encoding?: Encoding\n authTagLength?: number\n }\n}\n\ntype EncryptOptions = Required & { key?: string | undefined }\ntype DecryptOptions = Required & {\n key?: string | CipherKey | undefined,\n iv?: string | Buffer | undefined,\n authTag?: string | Buffer | undefined\n}\n\nconst AUTH_TAG_REQUIRED = /-(gcm|ccm)/\n\nexport class KeyStore {\n encryption: Required>;\n signing: Required>;\n\n static cipherInfo = CIPHER_INFO as Record\n\n constructor(opts?: KeyStoreOpts) {\n opts = opts || {}\n if (opts.encryption) {\n if (!Array.isArray(opts.encryption.keys) || opts.encryption.keys.length === 0) {\n throw new Error(\"keys are required for encryption\")\n }\n }\n if (opts.signing) {\n if (!Array.isArray(opts.signing.keys) || opts.signing.keys.length === 0) {\n throw new Error(\"keys are required for signing\")\n }\n }\n this.encryption = Object.assign({\n algorithm: 'aes-192-ccm',\n authTagLength: 16,\n encoding: 'hex', keys: []\n }, opts.encryption || {} as any)\n\n this.signing = Object.assign({encoding: 'base64', algorithm: 'sha1', keys: []}, opts.signing || {} as any)\n\n }\n\n encrypt(data?: null, options?: Partial): null\n encrypt(data: string | Buffer, options?: Partial): string\n encrypt(data?: string | Buffer | null, options?: Partial): string | null {\n if (!data) {\n return null\n }\n const {\n keys,\n algorithm,\n encoding,\n authTagLength,\n key\n }: EncryptOptions = options ? Object.assign({}, this.encryption, options) : this.encryption\n\n const secret = key || keys[0]\n\n if (!secret) {\n throw new Error(\"no key found\")\n }\n\n const cipherInfo = KeyStore.cipherInfo[algorithm]\n if (!cipherInfo) {\n throw new Error(\"unsupported cipher\")\n }\n\n const iv = cipherInfo.ivLength ? crypto.randomBytes(cipherInfo.ivLength) : null;\n const dataBuff = typeof data === \"string\" ? Buffer.from(data, 'utf-8') : data\n\n const cipher = crypto.createCipheriv(algorithm as any, secret, iv, {authTagLength})\n\n const text = cipher.update(dataBuff);\n const pad = cipher.final();\n let authTag: Buffer | undefined;\n if (AUTH_TAG_REQUIRED.test(algorithm)) {\n authTag = cipher.getAuthTag();\n }\n\n return Buffer.concat([\n ...iv ? [iv] : [],\n ...authTag ? [authTag] : [],\n text,\n pad\n ]).toString(encoding)\n }\n\n decrypt(data?: null, options?: Partial): null\n decrypt(data: string | Buffer, options?: Partial): string\n decrypt(data?: string | Buffer | null, options?: Partial): string | null {\n if (!data) {\n return null\n }\n\n const finalOptions: DecryptOptions = options ? Object.assign({}, this.encryption, options) : this.encryption\n\n const {\n encoding,\n key,\n keys: defaultKeys,\n algorithm,\n authTagLength,\n } = finalOptions\n\n const keys = key ? [ key ] : defaultKeys\n if (keys.length === 0) {\n throw new Error(\"keys required for encrypted cookies\")\n }\n\n let {\n iv,\n authTag\n } = finalOptions\n\n let dataBuff = typeof data === \"string\" ? Buffer.from(data, encoding) : data\n\n const cipherInfo = KeyStore.cipherInfo[algorithm]\n if (!cipherInfo) {\n throw new Error(\"unsupported cipher\")\n }\n\n if (typeof iv === \"string\") {\n iv = Buffer.from(iv, encoding)\n }\n\n if (typeof authTag === \"string\") {\n authTag = Buffer.from(authTag, encoding)\n }\n\n if (!iv) {\n iv = dataBuff.slice(0, cipherInfo.ivLength)\n }\n dataBuff = dataBuff.slice(cipherInfo.ivLength, dataBuff.length)\n\n\n if (AUTH_TAG_REQUIRED.test(algorithm)) {\n if (!authTag) {\n authTag = dataBuff.slice(0, authTagLength)\n }\n dataBuff = dataBuff.slice(authTagLength, dataBuff.length)\n }\n\n for (let i = 0; i < keys.length; i++) {\n const message = KeyStore.doDecrypt(dataBuff, {...finalOptions, key: keys[i], iv, authTag,});\n if (message !== null) return message\n }\n return null\n }\n\n private static doDecrypt(data: Buffer, options: DecryptOptions): string | null {\n const {algorithm, key, iv, authTagLength, authTag} = options\n const decipher = crypto.createDecipheriv(algorithm as any, key!, iv as Buffer, {authTagLength});\n\n if (authTag) {\n decipher.setAuthTag(authTag as Buffer)\n }\n\n const plainText = decipher.update(data)\n try {\n decipher.final()\n } catch {\n // authentication failed\n return null\n }\n return plainText.toString('utf-8')\n }\n\n //region: signing\n\n sign(data?: null, key?: string | CipherKey): null\n sign(data: string, key?: string | CipherKey): string\n sign(data?: string | null, key?: string | CipherKey): string | null {\n if (!data) {\n return null\n }\n const {algorithm, encoding, keys} = this.signing\n key = key || keys[0] as CipherKey\n return crypto\n .createHmac(algorithm, key)\n .update(data).digest(encoding)\n .replace(/\\/|\\+|=/g, function (x) {\n return ({\"/\": \"_\", \"+\": \"-\", \"=\": \"\"})[x] as string\n })\n }\n\n verify(data: string, digest: string): boolean {\n return this.indexOf(data, digest) > -1\n }\n\n indexOf(data: string, digest: string): number {\n const {keys} = this.signing\n\n if (keys.length === 0) {\n throw new Error(\"keys required for signed cookies\")\n }\n\n for (let i = 0; i < keys.length; i++) {\n if (compare(digest, this.sign(data, keys[i] as string))) return i\n }\n return -1\n }\n\n //end-region: signing\n\n}\n\n","import http, { IncomingMessage, ServerResponse } from 'http';\nimport { Cookie, CookieAttrs } from './cookie';\nimport {KeyStore} from \"./keystore\";\nimport type {Http2ServerRequest, Http2ServerResponse} from \"http2\";\n\nconst cache: { [key:string]: RegExp } = {} as any;\ntype SignIdentifier = string | ((name: string) => string)\nexport type CookiesOptions = {\n\n /**\n * KeyStore to be used for signing and encrypting\n */\n keyStore?: KeyStore;\n /**\n * a boolean indicating whether the cookie is to be signed (`false` by default). If this is true, another cookie of the same name with the `signIdentifier` will also be sent, with a 27-byte url-safe base64 SHA1 value representing the hash of _cookie-name_=_cookie-value_ against the first [KeyStore](keystore) key. This signature key is used to detect tampering the next time a cookie is received.\n * @default false\n */\n signed?: boolean;\n /**\n * Encrypt cookies by default and assume received cookies are encrypted.\n * @default false\n */\n encrypted?: boolean;\n /**\n * Mark cookies as secure by default.\n * @default `req.protocol`\n */\n secure?: boolean | undefined;\n /**\n * If string, provided value will be appended cookie name with dot. For example with given value `mysig`\n * signature cookie name will be `cookiename.mysig`\n *\n * @default `sig`\n */\n signIdentifier?: SignIdentifier\n}\n\nexport type SetCookies = CookiesOptions & CookieAttrs\nexport type GetCookies = CookiesOptions\n\nexport class Cookies {\n\n secure?: CookiesOptions[\"secure\"];\n\n encrypted: boolean;\n\n signed: boolean;\n\n keyStore: KeyStore;\n\n signIdentifier?: SignIdentifier\n\n readonly request: IncomingMessage | Http2ServerRequest;\n readonly response: ServerResponse | Http2ServerResponse;\n\n constructor(request: IncomingMessage | Http2ServerRequest, response: ServerResponse | Http2ServerResponse, options: CookiesOptions = {}) {\n this.request = request;\n this.response = response;\n\n this.keyStore = options.keyStore || new KeyStore();\n this.secure = options.secure;\n this.signed = options.signed !== undefined ? options.signed : false;\n this.encrypted = options.encrypted !== undefined ? options.encrypted : false;\n this.signIdentifier = options.signIdentifier || 'sig';\n }\n\n /**\n * This extracts the cookie with the given name from the Set-Cookie header in the request. If such a cookie exists, its value is returned. Otherwise, nothing is returned.\n *\n * `{ signed: true }` can optionally be passed as the second parameter options. In this case, a signature cookie (a cookie of same name ending with the .sig suffix appended) is fetched. If no such cookie exists, nothing is returned.\n *\n * If the signature cookie does exist, the provided KeyStore is used to check whether the hash of cookie-name=cookie-value matches that of any registered key/s:\n *\n * - If the signature cookie hash matches the first key, the original cookie value is returned.\n * - If the signature cookie hash matches any other key, the original cookie value is returned AND an outbound header is set to update the signature cookie's value to the hash of the first key. This enables automatic freshening of signature cookies that have become stale due to key rotation.\n * - If the signature cookie hash does not match any key, nothing is returned, and an outbound header with an expired date is used to delete the cookie.\n *\n * `{ encrypted: true }` can optionally be passed as the second parameter options. In this case, the provided KeyStore will try to decrypt the cookie value with registered key/s.\n *\n * - If the decryption fails nothing is returned, and the cookie stays intact.\n * - If decryption succeeds, decrypted cookie value is returned.\n *\n * If both `signed` and `encrypted` options are provided, signature check will be applied with encrypted value. Than the decryption will be applied.\n * @param name\n * @param opts\n */\n get(name: string, opts?: GetCookies) {\n const sigId = opts?.signIdentifier || this.signIdentifier;\n\n const sigName = typeof sigId === 'function' ? sigId.call(null, name)\n : `${name + '.'+ sigId}`;\n\n const signed = opts && opts.signed !== undefined ? opts.signed : this.keyStore.signing.keys.length > 0;\n\n const encrypted = opts && opts.encrypted !== undefined ? opts.encrypted : this.encrypted;\n\n const header = this.request.headers['cookie'];\n if (!header) {\n return undefined;\n }\n\n const match = header.match(getPattern(name));\n if (!match) {\n return undefined;\n }\n\n const value = match[1];\n if (!opts || !signed) {\n return encrypted ? this.keyStore.decrypt(value as string) : value;\n }\n\n const remote = this.get(sigName, { encrypted: false, signed: false });\n if (!remote) {\n return undefined;\n }\n\n const data = `${name}=${value}`;\n const index = this.keyStore.indexOf(data, remote);\n\n if (index < 0) {\n this.set(sigName, null, { path: '/', signed: false });\n return undefined\n } else {\n index && this.set(sigName, this.keyStore.sign(data), { signed: false });\n return encrypted ? this.keyStore.decrypt(value as string) : value;\n }\n }\n\n /**\n * This sets the given cookie in the response and returns the current context to allow chaining.\n *\n * @param name Cookie name\n * @param value Cookie value. If this is omitted, an outbound header with an expired date is used to delete the cookie.\n * @param opts Overridden options\n */\n set(name: string, value: string | null, opts: SetCookies) {\n const res = this.response;\n const req = this.request;\n let headers = (res.getHeader('Set-Cookie') || []) as string[];\n const secure = this.secure !== undefined ? !!this.secure : (req).protocol === 'https' || (req).connection['encrypted'];\n const encrypted = opts && opts.encrypted !== undefined ? opts.encrypted : this.encrypted;\n\n if(value !== null && encrypted){\n value = this.keyStore.encrypt(value as string);\n }\n\n const cookie = new Cookie(name, value, opts);\n const signed = opts && opts.signed !== undefined ? opts.signed : this.signed;\n\n if (typeof headers == 'string') {\n /* istanbul ignore next */\n headers = [headers];\n }\n\n if (!secure && opts && opts.secure) {\n throw new Error('Cannot send secure cookie over unencrypted connection');\n }\n\n cookie.secure = opts && opts.secure !== undefined\n ? opts.secure\n : secure;\n\n pushCookie(headers, cookie);\n\n if (opts && signed) {\n cookie.value = this.keyStore.sign(cookie.toString());\n\n const sigId = opts.signIdentifier || this.signIdentifier;\n\n cookie.name = typeof sigId === 'function' ? sigId.call(null, cookie.name)\n : `${cookie.name + '.'+ sigId}`;\n pushCookie(headers, cookie);\n }\n\n const setHeader = (res)[\"set\"] ? http.OutgoingMessage.prototype.setHeader : res.setHeader;\n setHeader.call(res, 'Set-Cookie', headers);\n return this;\n }\n\n static middleware = (options?: CookiesOptions) => (req: any, res: any, next: any) => {\n req.cookies = res.cookies = new Cookies(req, res, options);\n\n next();\n }\n static connect = Cookies.middleware\n static express = Cookies.middleware\n static koa = (options?: CookiesOptions) => (ctx: any, next: any) => {\n ctx.cookies = ctx.req.cookies = ctx.res.cookies = ctx.request.cookies = ctx.response.cookies = new Cookies(ctx.req, ctx.res, options)\n next()\n }\n}\n\n\nfunction getPattern(name: string): RegExp {\n if (cache[name]) {\n return cache[name] as RegExp;\n }\n\n return cache[name] = new RegExp(\n `(?:^|;) *${name.replace(/[-[\\]{}()*+?.,\\\\^$|#\\s]/g, '\\\\$&')}=([^;]*)`\n );\n}\n\nfunction pushCookie(headers: string[], cookie: Cookie) {\n if (cookie.overwrite) {\n for (let i = headers.length - 1; i >= 0; i--) {\n if (headers[i]!.indexOf(`${cookie.name}=`) === 0) {\n headers.splice(i, 1);\n }\n }\n }\n\n headers.push(cookie.header);\n}\n"],"names":[],"mappings":";;;;;;;;;;AAAA;AACA,IAAM,kBAAkB,GAAG,uCAAuC,CAAC;AACnE,IAAM,gBAAgB,GAAG,wBAAwB,CAAC;;IAiDhD,gBAAY,IAAY,EAAE,KAAoB,EAAE,KAAmB;QARnE,SAAI,GAAG,GAAG,CAAC;QACX,aAAQ,GAA6B,KAAK,CAAC;QAC3C,WAAM,GAAG,KAAK,CAAC;QACf,aAAQ,GAAG,IAAI,CAAC;QAChB,cAAS,GAAG,KAAK,CAAC;QAKhB,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;YAClC,MAAM,IAAI,SAAS,CAAC,0BAA0B,CAAC,CAAC;SACjD;QAED,IAAI,KAAK,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE;YAC5C,MAAM,IAAI,SAAS,CAAC,2BAA2B,CAAC,CAAC;SAClD;QAED,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;QACjB,IAAI,CAAC,KAAK,GAAG,KAAK,IAAI,EAAE,CAAC;QAEzB,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,CAAA;QAE1B,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE;YACf,IAAI,CAAC,OAAO,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC;YAC3B,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC;SACpB;QAED,IAAI,IAAI,CAAC,IAAI,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;YACpD,MAAM,IAAI,SAAS,CAAC,wBAAwB,CAAC,CAAC;SAC/C;QAED,IAAI,IAAI,CAAC,MAAM,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE;YACxD,MAAM,IAAI,SAAS,CAAC,0BAA0B,CAAC,CAAC;SACjD;QAED,IAAI,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,QAAQ,KAAK,IAAI,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE;YACpF,MAAM,IAAI,SAAS,CAAC,4BAA4B,CAAC,CAAC;SACnD;KACF;IAED,yBAAQ,GAAR;QACE,OAAU,IAAI,CAAC,IAAI,SAAI,IAAI,CAAC,KAAO,CAAC;KACrC;IAED,sBAAI,0BAAM;aAAV;YACE,IAAI,MAAM,GAAG,IAAI,CAAC,QAAQ,EAAE,CAAC;YAE7B,IAAI,IAAI,CAAC,MAAM,EAAE;gBACf,IAAI,CAAC,OAAO,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC;aACnD;YAED,IAAI,IAAI,CAAC,IAAI,EAAE;gBACb,MAAM,IAAI,YAAU,IAAI,CAAC,IAAM,CAAC;aACjC;YACD,IAAI,IAAI,CAAC,OAAO,EAAE;gBAChB,MAAM,IAAI,eAAa,IAAI,CAAC,OAAO,CAAC,WAAW,EAAI,CAAC;aACrD;YACD,IAAI,IAAI,CAAC,MAAM,EAAE;gBACf,MAAM,IAAI,cAAY,IAAI,CAAC,MAAQ,CAAC;aACrC;YACD,IAAI,IAAI,CAAC,QAAQ,EAAE;gBACjB,MAAM,IAAI,iBAAc,IAAI,CAAC,QAAQ,KAAK,IAAI,GAAG,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAE,CAAC;aAC3F;YACD,IAAI,IAAI,CAAC,MAAM,EAAE;gBACf,MAAM,IAAI,UAAU,CAAC;aACtB;YACD,IAAI,IAAI,CAAC,QAAQ,EAAE;gBACjB,MAAM,IAAI,YAAY,CAAC;aACxB;YAED,OAAO,MAAM,CAAC;SACf;;;OAAA;IAEH,aAAC;AAAD,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;ACpHM,IAAM,WAAW,GAAG;IACzB,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,uBAAuB,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IACxD,yBAAyB,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC1D,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,EAAE,EAAE,EAAE;IACrD,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,EAAE,EAAE,EAAE;IACrD,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,uBAAuB,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IACxD,yBAAyB,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC1D,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,EAAE,EAAE,EAAE;IACrD,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;CACxC;;ACbV,IAAM,iBAAiB,GAAG,YAAY,CAAA;;IAWpC,kBAAY,IAAmB;QAC7B,IAAI,GAAG,IAAI,IAAI,EAAE,CAAA;QACjB,IAAI,IAAI,CAAC,UAAU,EAAE;YACnB,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE;gBAC7E,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAA;aACpD;SACF;QACD,IAAI,IAAI,CAAC,OAAO,EAAE;YAChB,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE;gBACvE,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAA;aACjD;SACF;QACD,IAAI,CAAC,UAAU,GAAG,MAAM,CAAC,MAAM,CAAC;YAC9B,SAAS,EAAE,aAAa;YACxB,aAAa,EAAE,EAAE;YACjB,QAAQ,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE;SAC1B,EAAE,IAAI,CAAC,UAAU,IAAI,EAAS,CAAC,CAAA;QAEhC,IAAI,CAAC,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,EAAC,QAAQ,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,EAAE,IAAI,EAAE,EAAE,EAAC,EAAE,IAAI,CAAC,OAAO,IAAI,EAAS,CAAC,CAAA;KAE3G;IAID,0BAAO,GAAP,UAAQ,IAA6B,EAAE,OAAiC;QACtE,IAAI,CAAC,IAAI,EAAE;YACT,OAAO,IAAI,CAAA;SACZ;QACK,IAAA,KAMc,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,IAAI,CAAC,UAAU,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC,UAAU,EALzF,IAAI,UAAA,EACJ,SAAS,eAAA,EACT,QAAQ,cAAA,EACR,aAAa,mBAAA,EACb,GAAG,SACsF,CAAA;QAE3F,IAAM,MAAM,GAAG,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,CAAA;QAE7B,IAAI,CAAC,MAAM,EAAE;YACX,MAAM,IAAI,KAAK,CAAC,cAAc,CAAC,CAAA;SAChC;QAED,IAAM,UAAU,GAAG,QAAQ,CAAC,UAAU,CAAC,SAAS,CAAC,CAAA;QACjD,IAAI,CAAC,UAAU,EAAE;YACf,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAA;SACtC;QAED,IAAM,EAAE,GAAG,UAAU,CAAC,QAAQ,GAAG,MAAM,CAAC,WAAW,CAAC,UAAU,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC;QAChF,IAAM,QAAQ,GAAG,OAAO,IAAI,KAAK,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,EAAE,OAAO,CAAC,GAAG,IAAI,CAAA;QAE7E,IAAM,MAAM,GAAG,MAAM,CAAC,cAAc,CAAC,SAAgB,EAAE,MAAM,EAAE,EAAE,EAAE,EAAC,aAAa,eAAA,EAAC,CAAC,CAAA;QAEnF,IAAM,IAAI,GAAG,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QACrC,IAAM,GAAG,GAAG,MAAM,CAAC,KAAK,EAAE,CAAC;QAC3B,IAAI,OAA2B,CAAC;QAChC,IAAI,iBAAiB,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE;YACrC,OAAO,GAAG,MAAM,CAAC,UAAU,EAAE,CAAC;SAC/B;QAED,OAAO,MAAM,CAAC,MAAM,+CACf,EAAE,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,SACd,OAAO,GAAG,CAAC,OAAO,CAAC,GAAG,EAAE;YAC3B,IAAI;YACJ,GAAG;WACH,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAA;KACtB;IAID,0BAAO,GAAP,UAAQ,IAA6B,EAAE,OAAiC;QACtE,IAAI,CAAC,IAAI,EAAE;YACT,OAAO,IAAI,CAAA;SACZ;QAED,IAAM,YAAY,GAAmB,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,IAAI,CAAC,UAAU,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC,UAAU,CAAA;QAG1G,IAAA,QAAQ,GAKN,YAAY,SALN,EACR,GAAG,GAID,YAAY,IAJX,EACG,WAAW,GAGf,YAAY,KAHG,EACjB,SAAS,GAEP,YAAY,UAFL,EACT,aAAa,GACX,YAAY,cADD,CACC;QAEhB,IAAM,IAAI,GAAG,GAAG,GAAG,CAAE,GAAG,CAAE,GAAG,WAAW,CAAA;QACxC,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE;YACrB,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAA;SACvD;QAGC,IAAA,EAAE,GAEA,YAAY,GAFZ,EACF,OAAO,GACL,YAAY,QADP,CACO;QAEhB,IAAI,QAAQ,GAAG,OAAO,IAAI,KAAK,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,EAAE,QAAQ,CAAC,GAAG,IAAI,CAAA;QAE5E,IAAM,UAAU,GAAG,QAAQ,CAAC,UAAU,CAAC,SAAS,CAAC,CAAA;QACjD,IAAI,CAAC,UAAU,EAAE;YACf,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAA;SACtC;QAED,IAAI,OAAO,EAAE,KAAK,QAAQ,EAAE;YAC1B,EAAE,GAAG,MAAM,CAAC,IAAI,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAA;SAC/B;QAED,IAAI,OAAO,OAAO,KAAK,QAAQ,EAAE;YAC/B,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAA;SACzC;QAED,IAAI,CAAC,EAAE,EAAE;YACP,EAAE,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,UAAU,CAAC,QAAQ,CAAC,CAAA;SAC5C;QACD,QAAQ,GAAG,QAAQ,CAAC,KAAK,CAAC,UAAU,CAAC,QAAQ,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAA;QAG/D,IAAI,iBAAiB,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE;YACrC,IAAI,CAAC,OAAO,EAAE;gBACZ,OAAO,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,aAAa,CAAC,CAAA;aAC3C;YACD,QAAQ,GAAG,QAAQ,CAAC,KAAK,CAAC,aAAa,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAA;SAC1D;QAED,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;YACpC,IAAM,OAAO,GAAG,QAAQ,CAAC,SAAS,CAAC,QAAQ,wBAAM,YAAY,KAAE,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,IAAA,EAAE,OAAO,SAAA,IAAG,CAAC;YAC5F,IAAI,OAAO,KAAK,IAAI;gBAAE,OAAO,OAAO,CAAA;SACrC;QACD,OAAO,IAAI,CAAA;KACZ;IAEc,kBAAS,GAAxB,UAAyB,IAAY,EAAE,OAAuB;QACrD,IAAA,SAAS,GAAqC,OAAO,UAA5C,EAAE,GAAG,GAAgC,OAAO,IAAvC,EAAE,EAAE,GAA4B,OAAO,GAAnC,EAAE,aAAa,GAAa,OAAO,cAApB,EAAE,OAAO,GAAI,OAAO,QAAX,CAAW;QAC5D,IAAM,QAAQ,GAAG,MAAM,CAAC,gBAAgB,CAAC,SAAgB,EAAE,GAAI,EAAE,EAAY,EAAE,EAAC,aAAa,eAAA,EAAC,CAAC,CAAC;QAEhG,IAAI,OAAO,EAAE;YACX,QAAQ,CAAC,UAAU,CAAC,OAAiB,CAAC,CAAA;SACvC;QAED,IAAM,SAAS,GAAG,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,CAAA;QACvC,IAAI;YACF,QAAQ,CAAC,KAAK,EAAE,CAAA;SACjB;QAAC,WAAM;;YAEN,OAAO,IAAI,CAAA;SACZ;QACD,OAAO,SAAS,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAA;KACnC;IAMD,uBAAI,GAAJ,UAAK,IAAoB,EAAE,GAAwB;QACjD,IAAI,CAAC,IAAI,EAAE;YACT,OAAO,IAAI,CAAA;SACZ;QACK,IAAA,KAA8B,IAAI,CAAC,OAAO,EAAzC,SAAS,eAAA,EAAE,QAAQ,cAAA,EAAE,IAAI,UAAgB,CAAA;QAChD,GAAG,GAAG,GAAG,IAAI,IAAI,CAAC,CAAC,CAAc,CAAA;QACjC,OAAO,MAAM;aACV,UAAU,CAAC,SAAS,EAAE,GAAG,CAAC;aAC1B,MAAM,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC;aAC7B,OAAO,CAAC,UAAU,EAAE,UAAU,CAAC;YAC9B,OAAO,CAAC,EAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,EAAE,EAAC,EAAE,CAAC,CAAW,CAAA;SACpD,CAAC,CAAA;KACL;IAED,yBAAM,GAAN,UAAO,IAAY,EAAE,MAAc;QACjC,OAAO,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC,GAAG,CAAC,CAAC,CAAA;KACvC;IAED,0BAAO,GAAP,UAAQ,IAAY,EAAE,MAAc;QAC3B,IAAA,IAAI,GAAI,IAAI,CAAC,OAAO,KAAhB,CAAgB;QAE3B,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE;YACrB,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAA;SACpD;QAED,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;YACpC,IAAI,OAAO,CAAC,MAAM,EAAE,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC,CAAW,CAAC,CAAC;gBAAE,OAAO,CAAC,CAAA;SAClE;QACD,OAAO,CAAC,CAAC,CAAA;KACV;IAzLM,mBAAU,GAAG,WAGlB,CAAA;IA0LJ,eAAC;CAjMD;;AC3BA,IAAM,KAAK,GAA6B,EAAS,CAAC;;IAkDhD,iBAAY,OAA6C,EAAE,QAA8C,EAAE,OAA4B;QAA5B,wBAAA,EAAA,YAA4B;QACrI,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;QACvB,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;QAEzB,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC,QAAQ,IAAI,IAAI,QAAQ,EAAE,CAAC;QACnD,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;QAC7B,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,KAAK,SAAS,GAAG,OAAO,CAAC,MAAM,GAAG,KAAK,CAAC;QACpE,IAAI,CAAC,SAAS,GAAG,OAAO,CAAC,SAAS,KAAK,SAAS,GAAG,OAAO,CAAC,SAAS,GAAG,KAAK,CAAC;QAC7E,IAAI,CAAC,cAAc,GAAG,OAAO,CAAC,cAAc,IAAI,KAAK,CAAC;KACvD;;;;;;;;;;;;;;;;;;;;;IAsBD,qBAAG,GAAH,UAAI,IAAY,EAAE,IAAiB;QACjC,IAAM,KAAK,GAAG,CAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,cAAc,KAAI,IAAI,CAAC,cAAc,CAAC;QAE1D,IAAM,OAAO,GAAI,OAAO,KAAK,KAAK,UAAU,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC;cACjE,MAAG,IAAI,GAAG,GAAG,GAAE,KAAK,CAAE,CAAC;QAE3B,IAAM,MAAM,GAAG,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,SAAS,GAAG,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC;QAEvG,IAAM,SAAS,GAAG,IAAI,IAAI,IAAI,CAAC,SAAS,KAAK,SAAS,GAAG,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC;QAEzF,IAAM,MAAM,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;QAC9C,IAAI,CAAC,MAAM,EAAE;YACX,OAAO,SAAS,CAAC;SAClB;QAED,IAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC;QAC7C,IAAI,CAAC,KAAK,EAAE;YACV,OAAO,SAAS,CAAC;SAClB;QAED,IAAM,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QACvB,IAAI,CAAC,IAAI,IAAI,CAAC,MAAM,EAAE;YACpB,OAAO,SAAS,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAe,CAAC,GAAG,KAAK,CAAC;SACnE;QAED,IAAM,MAAM,GAAG,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;QACtE,IAAI,CAAC,MAAM,EAAE;YACX,OAAO,SAAS,CAAC;SAClB;QAED,IAAM,IAAI,GAAM,IAAI,SAAI,KAAO,CAAC;QAChC,IAAM,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;QAElD,IAAI,KAAK,GAAG,CAAC,EAAE;YACb,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,IAAI,EAAE,EAAE,IAAI,EAAE,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;YACtD,OAAO,SAAS,CAAA;SACjB;aAAM;YACL,KAAK,IAAI,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;YACxE,OAAO,SAAS,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAe,CAAC,GAAG,KAAK,CAAC;SACnE;KACF;;;;;;;;IASD,qBAAG,GAAH,UAAI,IAAY,EAAE,KAAoB,EAAE,IAAgB;QACtD,IAAM,GAAG,GAAG,IAAI,CAAC,QAAQ,CAAC;QAC1B,IAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC;QACzB,IAAI,OAAO,IAAI,GAAG,CAAC,SAAS,CAAC,YAAY,CAAC,IAAI,EAAE,CAAa,CAAC;QAC9D,IAAM,MAAM,GAAG,IAAI,CAAC,MAAM,KAAK,SAAS,GAAG,CAAC,CAAC,IAAI,CAAC,MAAM,GAAS,GAAI,CAAC,QAAQ,KAAK,OAAO,IAAU,GAAI,CAAC,UAAU,CAAC,WAAW,CAAC,CAAC;QACjI,IAAM,SAAS,GAAG,IAAI,IAAI,IAAI,CAAC,SAAS,KAAK,SAAS,GAAG,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC;QAEzF,IAAG,KAAK,KAAK,IAAI,IAAI,SAAS,EAAC;YAC7B,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAe,CAAC,CAAC;SAChD;QAED,IAAM,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,EAAE,KAAK,EAAE,IAAI,CAAC,CAAC;QAC7C,IAAM,MAAM,GAAG,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,SAAS,GAAG,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC;QAE7E,IAAI,OAAO,OAAO,IAAI,QAAQ,EAAE;;YAE9B,OAAO,GAAG,CAAC,OAAO,CAAC,CAAC;SACrB;QAED,IAAI,CAAC,MAAM,IAAI,IAAI,IAAI,IAAI,CAAC,MAAM,EAAE;YAClC,MAAM,IAAI,KAAK,CAAC,uDAAuD,CAAC,CAAC;SAC1E;QAED,MAAM,CAAC,MAAM,GAAG,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,SAAS;cAC7C,IAAI,CAAC,MAAM;cACX,MAAM,CAAC;QAEX,UAAU,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;QAE5B,IAAI,IAAI,IAAI,MAAM,EAAE;YAClB,MAAM,CAAC,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAC;YAErD,IAAM,KAAK,GAAG,IAAI,CAAC,cAAc,IAAI,IAAI,CAAC,cAAc,CAAC;YAEzD,MAAM,CAAC,IAAI,GAAG,OAAO,KAAK,KAAK,UAAU,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC;kBACrE,MAAG,MAAM,CAAC,IAAI,GAAG,GAAG,GAAE,KAAK,CAAE,CAAC;YAClC,UAAU,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;SAC7B;QAED,IAAM,SAAS,GAAS,GAAI,CAAC,KAAK,CAAC,GAAG,IAAI,CAAC,eAAe,CAAC,SAAS,CAAC,SAAS,GAAG,GAAG,CAAC,SAAS,CAAC;QAC/F,SAAS,CAAC,IAAI,CAAC,GAAG,EAAE,YAAY,EAAE,OAAO,CAAC,CAAC;QAC3C,OAAO,IAAI,CAAC;KACb;IAEM,kBAAU,GAAG,UAAC,OAAwB,IAAK,OAAA,UAAC,GAAQ,EAAE,GAAQ,EAAE,IAAS;QAC9E,GAAG,CAAC,OAAO,GAAG,GAAG,CAAC,OAAO,GAAG,IAAI,OAAO,CAAC,GAAG,EAAE,GAAG,EAAE,OAAO,CAAC,CAAC;QAE3D,IAAI,EAAE,CAAC;KACR,GAAA,CAAA;IACM,eAAO,GAAG,OAAO,CAAC,UAAU,CAAA;IAC5B,eAAO,GAAG,OAAO,CAAC,UAAU,CAAA;IAC5B,WAAG,GAAG,UAAC,OAAwB,IAAK,OAAA,UAAC,GAAQ,EAAE,IAAS;QAC7D,GAAG,CAAC,OAAO,GAAG,GAAG,CAAC,GAAG,CAAC,OAAO,GAAG,GAAG,CAAC,GAAG,CAAC,OAAO,GAAG,GAAG,CAAC,OAAO,CAAC,OAAO,GAAG,GAAG,CAAC,QAAQ,CAAC,OAAO,GAAG,IAAI,OAAO,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAA;QACrI,IAAI,EAAE,CAAA;KACP,GAAA,CAAA;IACH,cAAC;CAtJD,IAsJC;AAGD,SAAS,UAAU,CAAC,IAAY;IAC9B,IAAI,KAAK,CAAC,IAAI,CAAC,EAAE;QACf,OAAO,KAAK,CAAC,IAAI,CAAW,CAAC;KAC9B;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,GAAG,IAAI,MAAM,CAC7B,cAAY,IAAI,CAAC,OAAO,CAAC,0BAA0B,EAAE,MAAM,CAAC,aAAU,CACvE,CAAC;AACJ,CAAC;AAED,SAAS,UAAU,CAAC,OAAiB,EAAE,MAAc;IACnD,IAAI,MAAM,CAAC,SAAS,EAAE;QACpB,KAAK,IAAI,CAAC,GAAG,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE;YAC5C,IAAI,OAAO,CAAC,CAAC,CAAE,CAAC,OAAO,CAAI,MAAM,CAAC,IAAI,MAAG,CAAC,KAAK,CAAC,EAAE;gBAChD,OAAO,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;aACtB;SACF;KACF;IAED,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;AAC9B;;;;"} \ No newline at end of file +{"version":3,"file":"index.mjs","sources":["../src/cookie.ts","../src/ciphers.ts","../src/keystore.ts","../src/cookies.ts"],"sourcesContent":["// eslint-disable-next-line no-control-regex\nconst fieldContentRegExp = /^[\\u0009\\u0020-\\u007e\\u0080-\\u00ff]+$/;\nconst SAME_SITE_REGEXP = /^(?:lax|none|strict)$/i;\n\nexport interface CookieAttrs {\n /**\n * a `Date` object indicating the cookie's expiration date (expires at the end of session by default).\n */\n expires?: Date;\n /**\n * a number representing the milliseconds from `Date.now()` for expiry\n */\n maxAge?: number | null;\n /**\n * a boolean or string indicating whether the cookie is a \"same site\" cookie (`false` by default). This can be set to `'strict'`, `'lax'`, `'none'`, or `true` (which maps to `'strict'`).\n */\n sameSite?: 'lax' | 'none' | 'strict' | boolean;\n /**\n * a string indicating the path of the cookie (`/` by default).\n */\n path?: string;\n /**\n * a string indicating the domain of the cookie (no default).\n */\n domain?: string;\n /**\n * a boolean indicating whether the cookie is only to be sent over HTTPS (`false` by default for HTTP, `true` by default for HTTPS).\n */\n secure?: boolean | undefined;\n /**\n * a boolean indicating whether the cookie is only to be sent over HTTP(S), and not made available to client JavaScript (`true` by default).\n */\n httpOnly?: boolean;\n /**\n * a boolean indicating whether to overwrite previously set cookies of the same name (`false` by default). If this is true, all cookies set during the same request with the same name (regardless of path or domain) are filtered out of the Set-Cookie header when setting this cookie.\n */\n overwrite?: boolean;\n}\n\nexport class Cookie implements CookieAttrs {\n name: string;\n value: string;\n domain?: string;\n path = '/';\n sameSite?: CookieAttrs['sameSite'] = false;\n secure = false;\n httpOnly = true;\n overwrite = false;\n expires?: Date;\n maxAge?: number | null;\n\n constructor(name: string, value: string | null, attrs?: CookieAttrs) {\n if (!fieldContentRegExp.test(name)) {\n throw new TypeError('argument name is invalid');\n }\n\n if (value && !fieldContentRegExp.test(value)) {\n throw new TypeError('argument value is invalid');\n }\n\n this.name = name;\n this.value = value || '';\n\n Object.assign(this, attrs)\n\n if (!this.value) {\n this.expires = new Date(0);\n this.maxAge = null;\n }\n\n if (this.path && !fieldContentRegExp.test(this.path)) {\n throw new TypeError('option path is invalid');\n }\n\n if (this.domain && !fieldContentRegExp.test(this.domain)) {\n throw new TypeError('option domain is invalid');\n }\n\n if (this.sameSite && this.sameSite !== true && !SAME_SITE_REGEXP.test(this.sameSite)) {\n throw new TypeError('option sameSite is invalid');\n }\n }\n\n toString() {\n return `${this.name}=${this.value}`;\n }\n\n get header() {\n let header = this.toString();\n\n if (this.maxAge) {\n this.expires = new Date(Date.now() + this.maxAge);\n }\n\n if (this.path) {\n header += `; path=${this.path}`;\n }\n if (this.expires) {\n header += `; expires=${this.expires.toUTCString()}`;\n }\n if (this.domain) {\n header += `; domain=${this.domain}`;\n }\n if (this.sameSite) {\n header += `; samesite=${this.sameSite === true ? 'strict' : this.sameSite.toLowerCase()}`;\n }\n if (this.secure) {\n header += '; secure';\n }\n if (this.httpOnly) {\n header += '; httponly';\n }\n\n return header;\n }\n\n}\n","export const CIPHER_INFO = {\n 'aes-128-cbc': { ivLength: 16, keyLength: 16 },\n 'aes-128-cbc-hmac-sha1': { ivLength: 16, keyLength: 16 },\n 'aes-128-cbc-hmac-sha256': { ivLength: 16, keyLength: 16 },\n 'aes-128-cfb': { ivLength: 16, keyLength: 16 },\n 'aes-128-cfb1': { ivLength: 16, keyLength: 16 },\n 'aes-128-cfb8': { ivLength: 16, keyLength: 16 },\n 'aes-128-ctr': { ivLength: 16, keyLength: 16 },\n 'aes-128-ecb': { ivLength: undefined, keyLength: 16 },\n 'aes-128-ocb': { ivLength: 12, keyLength: 16 },\n 'aes-128-ofb': { ivLength: 16, keyLength: 16 },\n 'aes-128-xts': { ivLength: 16, keyLength: 32 },\n 'aes-192-cbc': { ivLength: 16, keyLength: 24 },\n 'aes-192-cfb': { ivLength: 16, keyLength: 24 },\n 'aes-192-cfb1': { ivLength: 16, keyLength: 24 },\n 'aes-192-cfb8': { ivLength: 16, keyLength: 24 },\n 'aes-192-ctr': { ivLength: 16, keyLength: 24 },\n 'aes-192-ecb': { ivLength: undefined, keyLength: 24 },\n 'aes-192-ocb': { ivLength: 12, keyLength: 24 },\n 'aes-192-ofb': { ivLength: 16, keyLength: 24 },\n 'aes-256-cbc': { ivLength: 16, keyLength: 32 },\n 'aes-256-cbc-hmac-sha1': { ivLength: 16, keyLength: 32 },\n 'aes-256-cbc-hmac-sha256': { ivLength: 16, keyLength: 32 },\n 'aes-256-cfb': { ivLength: 16, keyLength: 32 },\n 'aes-256-cfb1': { ivLength: 16, keyLength: 32 },\n 'aes-256-cfb8': { ivLength: 16, keyLength: 32 },\n 'aes-256-ctr': { ivLength: 16, keyLength: 32 },\n 'aes-256-ecb': { ivLength: undefined, keyLength: 32 },\n 'aes-256-ocb': { ivLength: 12, keyLength: 32 },\n 'aes-256-ofb': { ivLength: 16, keyLength: 32 },\n 'aes-256-xts': { ivLength: 16, keyLength: 64 },\n 'aes-128-ccm': { ivLength: 12, keyLength: 16 },\n 'aes-128-gcm': { ivLength: 12, keyLength: 16 },\n 'aes-192-ccm': { ivLength: 12, keyLength: 24 },\n 'aes-192-gcm': { ivLength: 12, keyLength: 24 },\n 'aes-256-ccm': { ivLength: 12, keyLength: 32 },\n 'aes-256-gcm': { ivLength: 12, keyLength: 32 },\n 'id-aes128-ccm': { ivLength: 12, keyLength: 16 },\n 'id-aes128-gcm': { ivLength: 12, keyLength: 16 },\n 'id-aes192-ccm': { ivLength: 12, keyLength: 24 },\n 'id-aes192-gcm': { ivLength: 12, keyLength: 24 },\n 'id-aes256-ccm': { ivLength: 12, keyLength: 32 },\n 'id-aes256-gcm': { ivLength: 12, keyLength: 32 },\n} as const\n","/* eslint-disable @typescript-eslint/ban-ts-comment */\nimport compare from 'tsscmp'\n\nimport crypto, {BinaryToTextEncoding, CipherKey, Encoding} from \"crypto\";\nimport {CIPHER_INFO} from \"./ciphers\";\nimport type {Partial} from \"rollup-plugin-typescript2/dist/partial\";\n\nexport interface KeyStoreOpts {\n signing?: {\n keys: string[],\n algorithm?: string | 'blake2b512' | 'blake2s256' | 'gost' | 'md4' | 'md5' | 'rmd160' | 'sha1' | 'sha224'\n | 'sha256' | 'sha3-224' | 'sha3-256' | 'sha3-384' | 'sha3-512' | 'sha384' | 'sha512' | 'sha512-224'\n | 'sha512-256' | 'shake128' | 'shake256' | 'sm3';\n encoding?: BinaryToTextEncoding\n },\n encryption?: {\n keys: string[] | CipherKey[],\n algorithm?: keyof typeof CIPHER_INFO | string,\n encoding?: Encoding\n authTagLength?: number\n }\n}\n\ntype EncryptOptions = Required & { key?: string | undefined }\ntype DecryptOptions = Required & {\n key?: string | CipherKey | undefined,\n iv?: string | Buffer | undefined,\n authTag?: string | Buffer | undefined\n}\n\nconst AUTH_TAG_REQUIRED = /-(gcm|ccm)/\n\nexport class KeyStore {\n encryption: Required>;\n signing: Required>;\n\n static cipherInfo = CIPHER_INFO as Record\n\n constructor(opts?: KeyStoreOpts) {\n opts = opts || {}\n if (opts.encryption) {\n if (!Array.isArray(opts.encryption.keys) || opts.encryption.keys.length === 0) {\n throw new Error(\"keys are required for encryption\")\n }\n }\n if (opts.signing) {\n if (!Array.isArray(opts.signing.keys) || opts.signing.keys.length === 0) {\n throw new Error(\"keys are required for signing\")\n }\n }\n this.encryption = Object.assign({\n algorithm: 'aes-192-ccm',\n authTagLength: 16,\n encoding: 'hex', keys: []\n }, opts.encryption || {} as any)\n\n this.signing = Object.assign({encoding: 'base64', algorithm: 'sha1', keys: []}, opts.signing || {} as any)\n\n }\n\n encrypt(data?: null, options?: Partial): null\n encrypt(data: string | Buffer, options?: Partial): string\n encrypt(data?: string | Buffer | null, options?: Partial): string | null {\n if (!data) {\n return null\n }\n const {\n keys,\n algorithm,\n encoding,\n authTagLength,\n key\n }: EncryptOptions = options ? Object.assign({}, this.encryption, options) : this.encryption\n\n const secret = key || keys[0]\n\n if (!secret) {\n throw new Error(\"no key found\")\n }\n\n const cipherInfo = KeyStore.cipherInfo[algorithm]\n if (!cipherInfo) {\n throw new Error(\"unsupported cipher\")\n }\n\n const iv = cipherInfo.ivLength ? crypto.randomBytes(cipherInfo.ivLength) : null;\n const dataBuff = typeof data === \"string\" ? Buffer.from(data, 'utf-8') : data\n\n const cipher = crypto.createCipheriv(algorithm as any, secret, iv, {authTagLength})\n\n const text = cipher.update(dataBuff);\n const pad = cipher.final();\n let authTag: Buffer | undefined;\n if (AUTH_TAG_REQUIRED.test(algorithm)) {\n authTag = cipher.getAuthTag();\n }\n\n return Buffer.concat([\n ...iv ? [iv] : [],\n ...authTag ? [authTag] : [],\n text,\n pad\n ]).toString(encoding)\n }\n\n decrypt(data?: null, options?: Partial): null\n decrypt(data: string | Buffer, options?: Partial): string\n decrypt(data?: string | Buffer | null, options?: Partial): string | null {\n if (!data) {\n return null\n }\n\n const finalOptions: DecryptOptions = options ? Object.assign({}, this.encryption, options) : this.encryption\n\n const {\n encoding,\n key,\n keys: defaultKeys,\n algorithm,\n authTagLength,\n } = finalOptions\n\n const keys = key ? [key] : defaultKeys\n if (keys.length === 0) {\n throw new Error(\"keys required for encrypted cookies\")\n }\n\n let {\n iv,\n authTag\n } = finalOptions\n\n let dataBuff = typeof data === \"string\" ? Buffer.from(data, encoding) : data\n\n const cipherInfo = KeyStore.cipherInfo[algorithm]\n if (!cipherInfo) {\n throw new Error(\"unsupported cipher\")\n }\n\n if (typeof iv === \"string\") {\n iv = Buffer.from(iv, encoding)\n }\n\n if (typeof authTag === \"string\") {\n authTag = Buffer.from(authTag, encoding)\n }\n\n if (cipherInfo.ivLength !== undefined) {\n if (!iv) {\n iv = dataBuff.slice(0, cipherInfo.ivLength)\n }\n dataBuff = dataBuff.slice(cipherInfo.ivLength, dataBuff.length)\n }\n\n\n if (AUTH_TAG_REQUIRED.test(algorithm)) {\n if (!authTag) {\n authTag = dataBuff.slice(0, authTagLength)\n }\n dataBuff = dataBuff.slice(authTagLength, dataBuff.length)\n }\n\n for (let i = 0; i < keys.length; i++) {\n const message = KeyStore.doDecrypt(dataBuff, {...finalOptions, key: keys[i], iv, authTag,});\n if (message !== null) return message\n }\n return null\n }\n\n private static doDecrypt(data: Buffer, options: DecryptOptions): string | null {\n const {algorithm, key, iv, authTagLength, authTag} = options\n const decipher = crypto.createDecipheriv(algorithm as any, key!, iv as Buffer || null, {authTagLength});\n\n if (authTag) {\n decipher.setAuthTag(authTag as Buffer)\n }\n\n const plainText = decipher.update(data)\n let final: Buffer\n try {\n final = decipher.final()\n } catch(e:any) {\n // authentication failed\n return null\n }\n return Buffer.concat([plainText, final]).toString('utf-8')\n }\n\n //region: signing\n\n sign(data?: null, key?: string | CipherKey): null\n sign(data: string, key?: string | CipherKey): string\n sign(data?: string | null, key?: string | CipherKey): string | null {\n if (!data) {\n return null\n }\n const {algorithm, encoding, keys} = this.signing\n key = key || keys[0] as CipherKey\n return crypto\n .createHmac(algorithm, key)\n .update(data).digest(encoding)\n .replace(/\\/|\\+|=/g, function (x) {\n return ({\"/\": \"_\", \"+\": \"-\", \"=\": \"\"})[x] as string\n })\n }\n\n verify(data: string, digest: string): boolean {\n return this.indexOf(data, digest) > -1\n }\n\n indexOf(data: string, digest: string): number {\n const {keys} = this.signing\n\n if (keys.length === 0) {\n throw new Error(\"keys required for signed cookies\")\n }\n\n for (let i = 0; i < keys.length; i++) {\n if (compare(digest, this.sign(data, keys[i] as string))) return i\n }\n return -1\n }\n\n //end-region: signing\n\n}\n\n","import http, { IncomingMessage, ServerResponse } from 'http';\nimport { Cookie, CookieAttrs } from './cookie';\nimport {KeyStore} from \"./keystore\";\nimport type {Http2ServerRequest, Http2ServerResponse} from \"http2\";\n\nconst cache: { [key:string]: RegExp } = {} as any;\ntype SignIdentifier = string | ((name: string) => string)\nexport type CookiesOptions = {\n\n /**\n * KeyStore to be used for signing and encrypting\n */\n keyStore?: KeyStore;\n /**\n * a boolean indicating whether the cookie is to be signed (`false` by default). If this is true, another cookie of the same name with the `signIdentifier` will also be sent, with a 27-byte url-safe base64 SHA1 value representing the hash of _cookie-name_=_cookie-value_ against the first [KeyStore](keystore) key. This signature key is used to detect tampering the next time a cookie is received.\n * @default false\n */\n signed?: boolean;\n /**\n * Encrypt cookies by default and assume received cookies are encrypted.\n * @default false\n */\n encrypted?: boolean;\n /**\n * Mark cookies as secure by default.\n * @default `req.protocol`\n */\n secure?: boolean | undefined;\n /**\n * If string, provided value will be appended cookie name with dot. For example with given value `mysig`\n * signature cookie name will be `cookiename.mysig`\n *\n * @default `sig`\n */\n signIdentifier?: SignIdentifier\n}\n\nexport type SetCookies = CookiesOptions & CookieAttrs\nexport type GetCookies = CookiesOptions\n\nexport class Cookies {\n\n secure?: CookiesOptions[\"secure\"];\n\n encrypted: boolean;\n\n signed: boolean;\n\n keyStore: KeyStore;\n\n signIdentifier?: SignIdentifier\n\n readonly request: IncomingMessage | Http2ServerRequest;\n readonly response: ServerResponse | Http2ServerResponse;\n\n constructor(request: IncomingMessage | Http2ServerRequest, response: ServerResponse | Http2ServerResponse, options: CookiesOptions = {}) {\n this.request = request;\n this.response = response;\n\n this.keyStore = options.keyStore || new KeyStore();\n this.secure = options.secure;\n this.signed = options.signed !== undefined ? options.signed : false;\n this.encrypted = options.encrypted !== undefined ? options.encrypted : false;\n this.signIdentifier = options.signIdentifier || 'sig';\n }\n\n /**\n * This extracts the cookie with the given name from the Set-Cookie header in the request. If such a cookie exists, its value is returned. Otherwise, nothing is returned.\n *\n * `{ signed: true }` can optionally be passed as the second parameter options. In this case, a signature cookie (a cookie of same name ending with the .sig suffix appended) is fetched. If no such cookie exists, nothing is returned.\n *\n * If the signature cookie does exist, the provided KeyStore is used to check whether the hash of cookie-name=cookie-value matches that of any registered key/s:\n *\n * - If the signature cookie hash matches the first key, the original cookie value is returned.\n * - If the signature cookie hash matches any other key, the original cookie value is returned AND an outbound header is set to update the signature cookie's value to the hash of the first key. This enables automatic freshening of signature cookies that have become stale due to key rotation.\n * - If the signature cookie hash does not match any key, nothing is returned, and an outbound header with an expired date is used to delete the cookie.\n *\n * `{ encrypted: true }` can optionally be passed as the second parameter options. In this case, the provided KeyStore will try to decrypt the cookie value with registered key/s.\n *\n * - If the decryption fails nothing is returned, and the cookie stays intact.\n * - If decryption succeeds, decrypted cookie value is returned.\n *\n * If both `signed` and `encrypted` options are provided, signature check will be applied with encrypted value. Than the decryption will be applied.\n * @param name\n * @param opts\n */\n get(name: string, opts?: GetCookies) {\n const sigId = opts?.signIdentifier || this.signIdentifier;\n\n const sigName = typeof sigId === 'function' ? sigId.call(null, name)\n : `${name + '.'+ sigId}`;\n\n const signed = opts && opts.signed !== undefined ? opts.signed : this.keyStore.signing.keys.length > 0;\n\n const encrypted = opts && opts.encrypted !== undefined ? opts.encrypted : this.encrypted;\n\n const header = this.request.headers['cookie'];\n if (!header) {\n return undefined;\n }\n\n const match = header.match(getPattern(name));\n if (!match) {\n return undefined;\n }\n\n const value = match[1];\n if (!opts || !signed) {\n return encrypted ? this.keyStore.decrypt(value as string) : value;\n }\n\n const remote = this.get(sigName, { encrypted: false, signed: false });\n if (!remote) {\n return undefined;\n }\n\n const data = `${name}=${value}`;\n const index = this.keyStore.indexOf(data, remote);\n\n if (index < 0) {\n this.set(sigName, null, { path: '/', signed: false });\n return undefined\n } else {\n index && this.set(sigName, this.keyStore.sign(data), { signed: false });\n return encrypted ? this.keyStore.decrypt(value as string) : value;\n }\n }\n\n /**\n * This sets the given cookie in the response and returns the current context to allow chaining.\n *\n * @param name Cookie name\n * @param value Cookie value. If this is omitted, an outbound header with an expired date is used to delete the cookie.\n * @param opts Overridden options\n */\n set(name: string, value: string | null, opts: SetCookies) {\n const res = this.response;\n const req = this.request;\n let headers = (res.getHeader('Set-Cookie') || []) as string[];\n const secure = this.secure !== undefined ? !!this.secure : (req).protocol === 'https' || (req).connection['encrypted'];\n const encrypted = opts && opts.encrypted !== undefined ? opts.encrypted : this.encrypted;\n\n if(value !== null && encrypted){\n value = this.keyStore.encrypt(value as string);\n }\n\n const cookie = new Cookie(name, value, opts);\n const signed = opts && opts.signed !== undefined ? opts.signed : this.signed;\n\n /* istanbul ignore next */\n if (typeof headers == 'string') {\n headers = [headers];\n }\n\n if (!secure && opts && opts.secure) {\n throw new Error('Cannot send secure cookie over unencrypted connection');\n }\n\n cookie.secure = opts && opts.secure !== undefined\n ? opts.secure\n : secure;\n\n pushCookie(headers, cookie);\n\n if (opts && signed) {\n cookie.value = this.keyStore.sign(cookie.toString());\n\n const sigId = opts.signIdentifier || this.signIdentifier;\n\n cookie.name = typeof sigId === 'function' ? sigId.call(null, cookie.name)\n : `${cookie.name + '.'+ sigId}`;\n pushCookie(headers, cookie);\n }\n\n const setHeader = (res)[\"set\"] ? http.OutgoingMessage.prototype.setHeader : res.setHeader;\n setHeader.call(res, 'Set-Cookie', headers);\n return this;\n }\n\n static middleware = (options?: CookiesOptions) => (req: any, res: any, next: any) => {\n req.cookies = res.cookies = new Cookies(req, res, options);\n\n next();\n }\n static connect = Cookies.middleware\n static express = Cookies.middleware\n static koa = (options?: CookiesOptions) => (ctx: any, next: any) => {\n ctx.cookies = ctx.req.cookies = ctx.res.cookies = ctx.request.cookies = ctx.response.cookies = new Cookies(ctx.req, ctx.res, options)\n next()\n }\n}\n\n\nfunction getPattern(name: string): RegExp {\n if (cache[name]) {\n return cache[name] as RegExp;\n }\n\n return cache[name] = new RegExp(\n `(?:^|;) *${name.replace(/[-[\\]{}()*+?.,\\\\^$|#\\s]/g, '\\\\$&')}=([^;]*)`\n );\n}\n\nfunction pushCookie(headers: string[], cookie: Cookie) {\n if (cookie.overwrite) {\n for (let i = headers.length - 1; i >= 0; i--) {\n if (headers[i]!.indexOf(`${cookie.name}=`) === 0) {\n headers.splice(i, 1);\n }\n }\n }\n\n headers.push(cookie.header);\n}\n"],"names":[],"mappings":";;;;;;;;;;AAAA;AACA,IAAM,kBAAkB,GAAG,uCAAuC,CAAC;AACnE,IAAM,gBAAgB,GAAG,wBAAwB,CAAC;;IAiDhD,gBAAY,IAAY,EAAE,KAAoB,EAAE,KAAmB;QARnE,SAAI,GAAG,GAAG,CAAC;QACX,aAAQ,GAA6B,KAAK,CAAC;QAC3C,WAAM,GAAG,KAAK,CAAC;QACf,aAAQ,GAAG,IAAI,CAAC;QAChB,cAAS,GAAG,KAAK,CAAC;QAKhB,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;YAClC,MAAM,IAAI,SAAS,CAAC,0BAA0B,CAAC,CAAC;SACjD;QAED,IAAI,KAAK,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE;YAC5C,MAAM,IAAI,SAAS,CAAC,2BAA2B,CAAC,CAAC;SAClD;QAED,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;QACjB,IAAI,CAAC,KAAK,GAAG,KAAK,IAAI,EAAE,CAAC;QAEzB,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,CAAA;QAE1B,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE;YACf,IAAI,CAAC,OAAO,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC;YAC3B,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC;SACpB;QAED,IAAI,IAAI,CAAC,IAAI,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;YACpD,MAAM,IAAI,SAAS,CAAC,wBAAwB,CAAC,CAAC;SAC/C;QAED,IAAI,IAAI,CAAC,MAAM,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE;YACxD,MAAM,IAAI,SAAS,CAAC,0BAA0B,CAAC,CAAC;SACjD;QAED,IAAI,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,QAAQ,KAAK,IAAI,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE;YACpF,MAAM,IAAI,SAAS,CAAC,4BAA4B,CAAC,CAAC;SACnD;KACF;IAED,yBAAQ,GAAR;QACE,OAAU,IAAI,CAAC,IAAI,SAAI,IAAI,CAAC,KAAO,CAAC;KACrC;IAED,sBAAI,0BAAM;aAAV;YACE,IAAI,MAAM,GAAG,IAAI,CAAC,QAAQ,EAAE,CAAC;YAE7B,IAAI,IAAI,CAAC,MAAM,EAAE;gBACf,IAAI,CAAC,OAAO,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC;aACnD;YAED,IAAI,IAAI,CAAC,IAAI,EAAE;gBACb,MAAM,IAAI,YAAU,IAAI,CAAC,IAAM,CAAC;aACjC;YACD,IAAI,IAAI,CAAC,OAAO,EAAE;gBAChB,MAAM,IAAI,eAAa,IAAI,CAAC,OAAO,CAAC,WAAW,EAAI,CAAC;aACrD;YACD,IAAI,IAAI,CAAC,MAAM,EAAE;gBACf,MAAM,IAAI,cAAY,IAAI,CAAC,MAAQ,CAAC;aACrC;YACD,IAAI,IAAI,CAAC,QAAQ,EAAE;gBACjB,MAAM,IAAI,iBAAc,IAAI,CAAC,QAAQ,KAAK,IAAI,GAAG,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAE,CAAC;aAC3F;YACD,IAAI,IAAI,CAAC,MAAM,EAAE;gBACf,MAAM,IAAI,UAAU,CAAC;aACtB;YACD,IAAI,IAAI,CAAC,QAAQ,EAAE;gBACjB,MAAM,IAAI,YAAY,CAAC;aACxB;YAED,OAAO,MAAM,CAAC;SACf;;;OAAA;IAEH,aAAC;AAAD,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;ACpHM,IAAM,WAAW,GAAG;IACzB,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,uBAAuB,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IACxD,yBAAyB,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC1D,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,EAAE,EAAE,EAAE;IACrD,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,EAAE,EAAE,EAAE;IACrD,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,uBAAuB,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IACxD,yBAAyB,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC1D,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,EAAE,EAAE,EAAE;IACrD,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;CACxC;;ACbV,IAAM,iBAAiB,GAAG,YAAY,CAAA;;IAWpC,kBAAY,IAAmB;QAC7B,IAAI,GAAG,IAAI,IAAI,EAAE,CAAA;QACjB,IAAI,IAAI,CAAC,UAAU,EAAE;YACnB,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE;gBAC7E,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAA;aACpD;SACF;QACD,IAAI,IAAI,CAAC,OAAO,EAAE;YAChB,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE;gBACvE,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAA;aACjD;SACF;QACD,IAAI,CAAC,UAAU,GAAG,MAAM,CAAC,MAAM,CAAC;YAC9B,SAAS,EAAE,aAAa;YACxB,aAAa,EAAE,EAAE;YACjB,QAAQ,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE;SAC1B,EAAE,IAAI,CAAC,UAAU,IAAI,EAAS,CAAC,CAAA;QAEhC,IAAI,CAAC,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,EAAC,QAAQ,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,EAAE,IAAI,EAAE,EAAE,EAAC,EAAE,IAAI,CAAC,OAAO,IAAI,EAAS,CAAC,CAAA;KAE3G;IAID,0BAAO,GAAP,UAAQ,IAA6B,EAAE,OAAiC;QACtE,IAAI,CAAC,IAAI,EAAE;YACT,OAAO,IAAI,CAAA;SACZ;QACK,IAAA,KAMc,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,IAAI,CAAC,UAAU,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC,UAAU,EALzF,IAAI,UAAA,EACJ,SAAS,eAAA,EACT,QAAQ,cAAA,EACR,aAAa,mBAAA,EACb,GAAG,SACsF,CAAA;QAE3F,IAAM,MAAM,GAAG,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,CAAA;QAE7B,IAAI,CAAC,MAAM,EAAE;YACX,MAAM,IAAI,KAAK,CAAC,cAAc,CAAC,CAAA;SAChC;QAED,IAAM,UAAU,GAAG,QAAQ,CAAC,UAAU,CAAC,SAAS,CAAC,CAAA;QACjD,IAAI,CAAC,UAAU,EAAE;YACf,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAA;SACtC;QAED,IAAM,EAAE,GAAG,UAAU,CAAC,QAAQ,GAAG,MAAM,CAAC,WAAW,CAAC,UAAU,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC;QAChF,IAAM,QAAQ,GAAG,OAAO,IAAI,KAAK,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,EAAE,OAAO,CAAC,GAAG,IAAI,CAAA;QAE7E,IAAM,MAAM,GAAG,MAAM,CAAC,cAAc,CAAC,SAAgB,EAAE,MAAM,EAAE,EAAE,EAAE,EAAC,aAAa,eAAA,EAAC,CAAC,CAAA;QAEnF,IAAM,IAAI,GAAG,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QACrC,IAAM,GAAG,GAAG,MAAM,CAAC,KAAK,EAAE,CAAC;QAC3B,IAAI,OAA2B,CAAC;QAChC,IAAI,iBAAiB,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE;YACrC,OAAO,GAAG,MAAM,CAAC,UAAU,EAAE,CAAC;SAC/B;QAED,OAAO,MAAM,CAAC,MAAM,+CACf,EAAE,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,SACd,OAAO,GAAG,CAAC,OAAO,CAAC,GAAG,EAAE;YAC3B,IAAI;YACJ,GAAG;WACH,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAA;KACtB;IAID,0BAAO,GAAP,UAAQ,IAA6B,EAAE,OAAiC;QACtE,IAAI,CAAC,IAAI,EAAE;YACT,OAAO,IAAI,CAAA;SACZ;QAED,IAAM,YAAY,GAAmB,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,IAAI,CAAC,UAAU,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC,UAAU,CAAA;QAG1G,IAAA,QAAQ,GAKN,YAAY,SALN,EACR,GAAG,GAID,YAAY,IAJX,EACG,WAAW,GAGf,YAAY,KAHG,EACjB,SAAS,GAEP,YAAY,UAFL,EACT,aAAa,GACX,YAAY,cADD,CACC;QAEhB,IAAM,IAAI,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,WAAW,CAAA;QACtC,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE;YACrB,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAA;SACvD;QAGC,IAAA,EAAE,GAEA,YAAY,GAFZ,EACF,OAAO,GACL,YAAY,QADP,CACO;QAEhB,IAAI,QAAQ,GAAG,OAAO,IAAI,KAAK,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,EAAE,QAAQ,CAAC,GAAG,IAAI,CAAA;QAE5E,IAAM,UAAU,GAAG,QAAQ,CAAC,UAAU,CAAC,SAAS,CAAC,CAAA;QACjD,IAAI,CAAC,UAAU,EAAE;YACf,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAA;SACtC;QAED,IAAI,OAAO,EAAE,KAAK,QAAQ,EAAE;YAC1B,EAAE,GAAG,MAAM,CAAC,IAAI,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAA;SAC/B;QAED,IAAI,OAAO,OAAO,KAAK,QAAQ,EAAE;YAC/B,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAA;SACzC;QAED,IAAI,UAAU,CAAC,QAAQ,KAAK,SAAS,EAAE;YACrC,IAAI,CAAC,EAAE,EAAE;gBACP,EAAE,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,UAAU,CAAC,QAAQ,CAAC,CAAA;aAC5C;YACD,QAAQ,GAAG,QAAQ,CAAC,KAAK,CAAC,UAAU,CAAC,QAAQ,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAA;SAChE;QAGD,IAAI,iBAAiB,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE;YACrC,IAAI,CAAC,OAAO,EAAE;gBACZ,OAAO,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,aAAa,CAAC,CAAA;aAC3C;YACD,QAAQ,GAAG,QAAQ,CAAC,KAAK,CAAC,aAAa,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAA;SAC1D;QAED,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;YACpC,IAAM,OAAO,GAAG,QAAQ,CAAC,SAAS,CAAC,QAAQ,wBAAM,YAAY,KAAE,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,IAAA,EAAE,OAAO,SAAA,IAAG,CAAC;YAC5F,IAAI,OAAO,KAAK,IAAI;gBAAE,OAAO,OAAO,CAAA;SACrC;QACD,OAAO,IAAI,CAAA;KACZ;IAEc,kBAAS,GAAxB,UAAyB,IAAY,EAAE,OAAuB;QACrD,IAAA,SAAS,GAAqC,OAAO,UAA5C,EAAE,GAAG,GAAgC,OAAO,IAAvC,EAAE,EAAE,GAA4B,OAAO,GAAnC,EAAE,aAAa,GAAa,OAAO,cAApB,EAAE,OAAO,GAAI,OAAO,QAAX,CAAW;QAC5D,IAAM,QAAQ,GAAG,MAAM,CAAC,gBAAgB,CAAC,SAAgB,EAAE,GAAI,EAAE,EAAY,IAAI,IAAI,EAAE,EAAC,aAAa,eAAA,EAAC,CAAC,CAAC;QAExG,IAAI,OAAO,EAAE;YACX,QAAQ,CAAC,UAAU,CAAC,OAAiB,CAAC,CAAA;SACvC;QAED,IAAM,SAAS,GAAG,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,CAAA;QACvC,IAAI,KAAa,CAAA;QACjB,IAAI;YACF,KAAK,GAAG,QAAQ,CAAC,KAAK,EAAE,CAAA;SACzB;QAAC,OAAM,CAAK,EAAE;;YAEb,OAAO,IAAI,CAAA;SACZ;QACD,OAAO,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAA;KAC3D;IAMD,uBAAI,GAAJ,UAAK,IAAoB,EAAE,GAAwB;QACjD,IAAI,CAAC,IAAI,EAAE;YACT,OAAO,IAAI,CAAA;SACZ;QACK,IAAA,KAA8B,IAAI,CAAC,OAAO,EAAzC,SAAS,eAAA,EAAE,QAAQ,cAAA,EAAE,IAAI,UAAgB,CAAA;QAChD,GAAG,GAAG,GAAG,IAAI,IAAI,CAAC,CAAC,CAAc,CAAA;QACjC,OAAO,MAAM;aACV,UAAU,CAAC,SAAS,EAAE,GAAG,CAAC;aAC1B,MAAM,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC;aAC7B,OAAO,CAAC,UAAU,EAAE,UAAU,CAAC;YAC9B,OAAO,CAAC,EAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,EAAE,EAAC,EAAE,CAAC,CAAW,CAAA;SACpD,CAAC,CAAA;KACL;IAED,yBAAM,GAAN,UAAO,IAAY,EAAE,MAAc;QACjC,OAAO,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC,GAAG,CAAC,CAAC,CAAA;KACvC;IAED,0BAAO,GAAP,UAAQ,IAAY,EAAE,MAAc;QAC3B,IAAA,IAAI,GAAI,IAAI,CAAC,OAAO,KAAhB,CAAgB;QAE3B,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE;YACrB,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAA;SACpD;QAED,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;YACpC,IAAI,OAAO,CAAC,MAAM,EAAE,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC,CAAW,CAAC,CAAC;gBAAE,OAAO,CAAC,CAAA;SAClE;QACD,OAAO,CAAC,CAAC,CAAA;KACV;IA5LM,mBAAU,GAAG,WAGlB,CAAA;IA6LJ,eAAC;CApMD;;AC3BA,IAAM,KAAK,GAA6B,EAAS,CAAC;;IAkDhD,iBAAY,OAA6C,EAAE,QAA8C,EAAE,OAA4B;QAA5B,wBAAA,EAAA,YAA4B;QACrI,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;QACvB,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;QAEzB,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC,QAAQ,IAAI,IAAI,QAAQ,EAAE,CAAC;QACnD,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;QAC7B,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,KAAK,SAAS,GAAG,OAAO,CAAC,MAAM,GAAG,KAAK,CAAC;QACpE,IAAI,CAAC,SAAS,GAAG,OAAO,CAAC,SAAS,KAAK,SAAS,GAAG,OAAO,CAAC,SAAS,GAAG,KAAK,CAAC;QAC7E,IAAI,CAAC,cAAc,GAAG,OAAO,CAAC,cAAc,IAAI,KAAK,CAAC;KACvD;;;;;;;;;;;;;;;;;;;;;IAsBD,qBAAG,GAAH,UAAI,IAAY,EAAE,IAAiB;QACjC,IAAM,KAAK,GAAG,CAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,cAAc,KAAI,IAAI,CAAC,cAAc,CAAC;QAE1D,IAAM,OAAO,GAAI,OAAO,KAAK,KAAK,UAAU,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC;cACjE,MAAG,IAAI,GAAG,GAAG,GAAE,KAAK,CAAE,CAAC;QAE3B,IAAM,MAAM,GAAG,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,SAAS,GAAG,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC;QAEvG,IAAM,SAAS,GAAG,IAAI,IAAI,IAAI,CAAC,SAAS,KAAK,SAAS,GAAG,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC;QAEzF,IAAM,MAAM,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;QAC9C,IAAI,CAAC,MAAM,EAAE;YACX,OAAO,SAAS,CAAC;SAClB;QAED,IAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC;QAC7C,IAAI,CAAC,KAAK,EAAE;YACV,OAAO,SAAS,CAAC;SAClB;QAED,IAAM,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QACvB,IAAI,CAAC,IAAI,IAAI,CAAC,MAAM,EAAE;YACpB,OAAO,SAAS,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAe,CAAC,GAAG,KAAK,CAAC;SACnE;QAED,IAAM,MAAM,GAAG,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;QACtE,IAAI,CAAC,MAAM,EAAE;YACX,OAAO,SAAS,CAAC;SAClB;QAED,IAAM,IAAI,GAAM,IAAI,SAAI,KAAO,CAAC;QAChC,IAAM,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;QAElD,IAAI,KAAK,GAAG,CAAC,EAAE;YACb,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,IAAI,EAAE,EAAE,IAAI,EAAE,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;YACtD,OAAO,SAAS,CAAA;SACjB;aAAM;YACL,KAAK,IAAI,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;YACxE,OAAO,SAAS,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAe,CAAC,GAAG,KAAK,CAAC;SACnE;KACF;;;;;;;;IASD,qBAAG,GAAH,UAAI,IAAY,EAAE,KAAoB,EAAE,IAAgB;QACtD,IAAM,GAAG,GAAG,IAAI,CAAC,QAAQ,CAAC;QAC1B,IAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC;QACzB,IAAI,OAAO,IAAI,GAAG,CAAC,SAAS,CAAC,YAAY,CAAC,IAAI,EAAE,CAAa,CAAC;QAC9D,IAAM,MAAM,GAAG,IAAI,CAAC,MAAM,KAAK,SAAS,GAAG,CAAC,CAAC,IAAI,CAAC,MAAM,GAAS,GAAI,CAAC,QAAQ,KAAK,OAAO,IAAU,GAAI,CAAC,UAAU,CAAC,WAAW,CAAC,CAAC;QACjI,IAAM,SAAS,GAAG,IAAI,IAAI,IAAI,CAAC,SAAS,KAAK,SAAS,GAAG,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC;QAEzF,IAAG,KAAK,KAAK,IAAI,IAAI,SAAS,EAAC;YAC7B,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAe,CAAC,CAAC;SAChD;QAED,IAAM,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,EAAE,KAAK,EAAE,IAAI,CAAC,CAAC;QAC7C,IAAM,MAAM,GAAG,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,SAAS,GAAG,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC;;QAG7E,IAAI,OAAO,OAAO,IAAI,QAAQ,EAAE;YAC9B,OAAO,GAAG,CAAC,OAAO,CAAC,CAAC;SACrB;QAED,IAAI,CAAC,MAAM,IAAI,IAAI,IAAI,IAAI,CAAC,MAAM,EAAE;YAClC,MAAM,IAAI,KAAK,CAAC,uDAAuD,CAAC,CAAC;SAC1E;QAED,MAAM,CAAC,MAAM,GAAG,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,SAAS;cAC7C,IAAI,CAAC,MAAM;cACX,MAAM,CAAC;QAEX,UAAU,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;QAE5B,IAAI,IAAI,IAAI,MAAM,EAAE;YAClB,MAAM,CAAC,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAC;YAErD,IAAM,KAAK,GAAG,IAAI,CAAC,cAAc,IAAI,IAAI,CAAC,cAAc,CAAC;YAEzD,MAAM,CAAC,IAAI,GAAG,OAAO,KAAK,KAAK,UAAU,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC;kBACrE,MAAG,MAAM,CAAC,IAAI,GAAG,GAAG,GAAE,KAAK,CAAE,CAAC;YAClC,UAAU,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;SAC7B;QAED,IAAM,SAAS,GAAS,GAAI,CAAC,KAAK,CAAC,GAAG,IAAI,CAAC,eAAe,CAAC,SAAS,CAAC,SAAS,GAAG,GAAG,CAAC,SAAS,CAAC;QAC/F,SAAS,CAAC,IAAI,CAAC,GAAG,EAAE,YAAY,EAAE,OAAO,CAAC,CAAC;QAC3C,OAAO,IAAI,CAAC;KACb;IAEM,kBAAU,GAAG,UAAC,OAAwB,IAAK,OAAA,UAAC,GAAQ,EAAE,GAAQ,EAAE,IAAS;QAC9E,GAAG,CAAC,OAAO,GAAG,GAAG,CAAC,OAAO,GAAG,IAAI,OAAO,CAAC,GAAG,EAAE,GAAG,EAAE,OAAO,CAAC,CAAC;QAE3D,IAAI,EAAE,CAAC;KACR,GAAA,CAAA;IACM,eAAO,GAAG,OAAO,CAAC,UAAU,CAAA;IAC5B,eAAO,GAAG,OAAO,CAAC,UAAU,CAAA;IAC5B,WAAG,GAAG,UAAC,OAAwB,IAAK,OAAA,UAAC,GAAQ,EAAE,IAAS;QAC7D,GAAG,CAAC,OAAO,GAAG,GAAG,CAAC,GAAG,CAAC,OAAO,GAAG,GAAG,CAAC,GAAG,CAAC,OAAO,GAAG,GAAG,CAAC,OAAO,CAAC,OAAO,GAAG,GAAG,CAAC,QAAQ,CAAC,OAAO,GAAG,IAAI,OAAO,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAA;QACrI,IAAI,EAAE,CAAA;KACP,GAAA,CAAA;IACH,cAAC;CAtJD,IAsJC;AAGD,SAAS,UAAU,CAAC,IAAY;IAC9B,IAAI,KAAK,CAAC,IAAI,CAAC,EAAE;QACf,OAAO,KAAK,CAAC,IAAI,CAAW,CAAC;KAC9B;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,GAAG,IAAI,MAAM,CAC7B,cAAY,IAAI,CAAC,OAAO,CAAC,0BAA0B,EAAE,MAAM,CAAC,aAAU,CACvE,CAAC;AACJ,CAAC;AAED,SAAS,UAAU,CAAC,OAAiB,EAAE,MAAc;IACnD,IAAI,MAAM,CAAC,SAAS,EAAE;QACpB,KAAK,IAAI,CAAC,GAAG,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE;YAC5C,IAAI,OAAO,CAAC,CAAC,CAAE,CAAC,OAAO,CAAI,MAAM,CAAC,IAAI,MAAG,CAAC,KAAK,CAAC,EAAE;gBAChD,OAAO,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;aACtB;SACF;KACF;IAED,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;AAC9B;;;;"} \ No newline at end of file diff --git a/docs/README.md b/docs/README.md index 8b65862..e72362b 100644 --- a/docs/README.md +++ b/docs/README.md @@ -32,7 +32,7 @@ secure-cookie #### Defined in -[cookies.ts:8](https://github.com/ayZagen/secure-cookie/blob/bb7d3ba/src/cookies.ts#L8) +[cookies.ts:8](https://github.com/ayZagen/secure-cookie/blob/703af9a/src/cookies.ts#L8) ___ @@ -42,7 +42,7 @@ ___ #### Defined in -[cookies.ts:39](https://github.com/ayZagen/secure-cookie/blob/bb7d3ba/src/cookies.ts#L39) +[cookies.ts:39](https://github.com/ayZagen/secure-cookie/blob/703af9a/src/cookies.ts#L39) ___ @@ -52,4 +52,4 @@ ___ #### Defined in -[cookies.ts:38](https://github.com/ayZagen/secure-cookie/blob/bb7d3ba/src/cookies.ts#L38) +[cookies.ts:38](https://github.com/ayZagen/secure-cookie/blob/703af9a/src/cookies.ts#L38) diff --git a/docs/classes/Cookies.md b/docs/classes/Cookies.md index 049f454..aa435d5 100644 --- a/docs/classes/Cookies.md +++ b/docs/classes/Cookies.md @@ -43,7 +43,7 @@ #### Defined in -[cookies.ts:56](https://github.com/ayZagen/secure-cookie/blob/bb7d3ba/src/cookies.ts#L56) +[cookies.ts:56](https://github.com/ayZagen/secure-cookie/blob/703af9a/src/cookies.ts#L56) ## Properties @@ -53,7 +53,7 @@ #### Defined in -[cookies.ts:45](https://github.com/ayZagen/secure-cookie/blob/bb7d3ba/src/cookies.ts#L45) +[cookies.ts:45](https://github.com/ayZagen/secure-cookie/blob/703af9a/src/cookies.ts#L45) ___ @@ -63,7 +63,7 @@ ___ #### Defined in -[cookies.ts:49](https://github.com/ayZagen/secure-cookie/blob/bb7d3ba/src/cookies.ts#L49) +[cookies.ts:49](https://github.com/ayZagen/secure-cookie/blob/703af9a/src/cookies.ts#L49) ___ @@ -73,7 +73,7 @@ ___ #### Defined in -[cookies.ts:53](https://github.com/ayZagen/secure-cookie/blob/bb7d3ba/src/cookies.ts#L53) +[cookies.ts:53](https://github.com/ayZagen/secure-cookie/blob/703af9a/src/cookies.ts#L53) ___ @@ -83,7 +83,7 @@ ___ #### Defined in -[cookies.ts:54](https://github.com/ayZagen/secure-cookie/blob/bb7d3ba/src/cookies.ts#L54) +[cookies.ts:54](https://github.com/ayZagen/secure-cookie/blob/703af9a/src/cookies.ts#L54) ___ @@ -93,7 +93,7 @@ ___ #### Defined in -[cookies.ts:43](https://github.com/ayZagen/secure-cookie/blob/bb7d3ba/src/cookies.ts#L43) +[cookies.ts:43](https://github.com/ayZagen/secure-cookie/blob/703af9a/src/cookies.ts#L43) ___ @@ -103,7 +103,7 @@ ___ #### Defined in -[cookies.ts:51](https://github.com/ayZagen/secure-cookie/blob/bb7d3ba/src/cookies.ts#L51) +[cookies.ts:51](https://github.com/ayZagen/secure-cookie/blob/703af9a/src/cookies.ts#L51) ___ @@ -113,7 +113,7 @@ ___ #### Defined in -[cookies.ts:47](https://github.com/ayZagen/secure-cookie/blob/bb7d3ba/src/cookies.ts#L47) +[cookies.ts:47](https://github.com/ayZagen/secure-cookie/blob/703af9a/src/cookies.ts#L47) ___ @@ -151,7 +151,7 @@ ___ #### Defined in -[cookies.ts:185](https://github.com/ayZagen/secure-cookie/blob/bb7d3ba/src/cookies.ts#L185) +[cookies.ts:185](https://github.com/ayZagen/secure-cookie/blob/703af9a/src/cookies.ts#L185) ___ @@ -189,7 +189,7 @@ ___ #### Defined in -[cookies.ts:186](https://github.com/ayZagen/secure-cookie/blob/bb7d3ba/src/cookies.ts#L186) +[cookies.ts:186](https://github.com/ayZagen/secure-cookie/blob/703af9a/src/cookies.ts#L186) ## Methods @@ -227,7 +227,7 @@ If both `signed` and `encrypted` options are provided, signature check will be a #### Defined in -[cookies.ts:87](https://github.com/ayZagen/secure-cookie/blob/bb7d3ba/src/cookies.ts#L87) +[cookies.ts:87](https://github.com/ayZagen/secure-cookie/blob/703af9a/src/cookies.ts#L87) ___ @@ -251,7 +251,7 @@ This sets the given cookie in the response and returns the current context to al #### Defined in -[cookies.ts:136](https://github.com/ayZagen/secure-cookie/blob/bb7d3ba/src/cookies.ts#L136) +[cookies.ts:136](https://github.com/ayZagen/secure-cookie/blob/703af9a/src/cookies.ts#L136) ___ @@ -284,7 +284,7 @@ ___ #### Defined in -[cookies.ts:187](https://github.com/ayZagen/secure-cookie/blob/bb7d3ba/src/cookies.ts#L187) +[cookies.ts:187](https://github.com/ayZagen/secure-cookie/blob/703af9a/src/cookies.ts#L187) ___ @@ -318,4 +318,4 @@ ___ #### Defined in -[cookies.ts:180](https://github.com/ayZagen/secure-cookie/blob/bb7d3ba/src/cookies.ts#L180) +[cookies.ts:180](https://github.com/ayZagen/secure-cookie/blob/703af9a/src/cookies.ts#L180) diff --git a/package-lock.json b/package-lock.json index 29b7658..f519fda 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,6 +1,6 @@ { "name": "secure-cookie", - "version": "0.0.1", + "version": "0.0.2", "lockfileVersion": 1, "requires": true, "dependencies": { diff --git a/package.json b/package.json index a8a4c9b..0707a32 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "secure-cookie", - "version": "0.0.1", + "version": "0.0.2", "description": "", "main": "dist/index.js", "types": "types/index.d.ts",