diff --git a/CHANGELOG.md b/CHANGELOG.md index bc4934b..528bb63 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,10 @@ +# [0.1.0](https://github.com/ayZagen/secure-cookie/compare/v0.0.7...v0.1.0) (2021-09-23) + + +### Features + +* allow empty keystore constructor params ([1cfbf0a](https://github.com/ayZagen/secure-cookie/commit/1cfbf0a5ad5d85f4a81d290340cfc0efdb28beb8)) + ## [0.0.7](https://github.com/ayZagen/secure-cookie/compare/v0.0.6...v0.0.7) (2021-09-21) diff --git a/dist/index.cjs b/dist/index.cjs index d69defb..dee83c3 100644 --- a/dist/index.cjs +++ b/dist/index.cjs @@ -1,5 +1,5 @@ /*! - * secure-cookie v0.0.7 + * secure-cookie v0.1.0 * (c) Ismail H. Ayaz * Released under the MIT License. */ @@ -167,22 +167,17 @@ var AUTH_TAG_REQUIRED = /-(gcm|ccm)/; var KeyStore = /** @class */ (function () { function KeyStore(opts) { opts = opts || {}; - if (opts.encryption) { - if (!Array.isArray(opts.encryption.keys) || opts.encryption.keys.length === 0) { - throw new Error("keys are required for encryption"); - } - } - if (opts.signing) { - if (!Array.isArray(opts.signing.keys) || opts.signing.keys.length === 0) { - throw new Error("keys are required for signing"); - } - } this.encryption = Object.assign({ algorithm: 'aes-192-ccm', authTagLength: 16, - encoding: 'hex', keys: [] + encoding: 'hex', + keys: [] }, opts.encryption || {}); - this.signing = Object.assign({ encoding: 'base64', algorithm: 'sha1', keys: [] }, opts.signing || {}); + this.signing = Object.assign({ + encoding: 'base64', + algorithm: 'sha1', + keys: [] + }, opts.signing || {}); } KeyStore.prototype.encrypt = function (data, options) { if (!data) { diff --git a/dist/index.cjs.map b/dist/index.cjs.map index fef0b28..5f9e448 100644 --- a/dist/index.cjs.map +++ b/dist/index.cjs.map @@ -1 +1 @@ -{"version":3,"file":"index.cjs","sources":["../src/cookie.ts","../src/ciphers.ts","../src/keystore.ts","../src/cookies.ts"],"sourcesContent":["// eslint-disable-next-line no-control-regex\nconst fieldContentRegExp = /^[\\u0009\\u0020-\\u007e\\u0080-\\u00ff]+$/;\nconst SAME_SITE_REGEXP = /^(?:lax|none|strict)$/i;\n\nexport interface CookieAttrs {\n /**\n * a `Date` object indicating the cookie's expiration date (expires at the end of session by default).\n */\n expires?: Date;\n /**\n * a number representing the milliseconds from `Date.now()` for expiry\n */\n maxAge?: number | null;\n /**\n * a boolean or string indicating whether the cookie is a \"same site\" cookie (`false` by default). This can be set to `'strict'`, `'lax'`, `'none'`, or `true` (which maps to `'strict'`).\n */\n sameSite?: 'lax' | 'none' | 'strict' | boolean;\n /**\n * a string indicating the path of the cookie (`/` by default).\n */\n path?: string;\n /**\n * a string indicating the domain of the cookie (no default).\n */\n domain?: string;\n /**\n * a boolean indicating whether the cookie is only to be sent over HTTPS (`false` by default for HTTP, `true` by default for HTTPS).\n */\n secure?: boolean;\n /**\n * a boolean indicating whether the cookie is only to be sent over HTTP(S), and not made available to client JavaScript (`true` by default).\n */\n httpOnly?: boolean;\n /**\n * a boolean indicating whether to overwrite previously set cookies of the same name (`false` by default). If this is true, all cookies set during the same request with the same name (regardless of path or domain) are filtered out of the Set-Cookie header when setting this cookie.\n */\n overwrite?: boolean;\n}\n\nexport class Cookie implements CookieAttrs {\n name: string;\n value: string;\n domain?: string;\n path = '/';\n sameSite?: CookieAttrs['sameSite'] = false;\n secure = false;\n httpOnly = true;\n overwrite = false;\n expires?: Date;\n maxAge?: number | null;\n\n constructor(name: string, value?: string | null, attrs?: CookieAttrs) {\n if (!fieldContentRegExp.test(name)) {\n throw new TypeError('argument name is invalid');\n }\n\n if (value && !fieldContentRegExp.test(value)) {\n throw new TypeError('argument value is invalid');\n }\n\n this.name = name;\n this.value = value || '';\n\n Object.assign(this, attrs)\n\n if (!this.value) {\n this.expires = new Date(0);\n this.maxAge = null;\n }\n\n if (this.path && !fieldContentRegExp.test(this.path)) {\n throw new TypeError('option path is invalid');\n }\n\n if (this.domain && !fieldContentRegExp.test(this.domain)) {\n throw new TypeError('option domain is invalid');\n }\n\n if (this.sameSite && this.sameSite !== true && !SAME_SITE_REGEXP.test(this.sameSite)) {\n throw new TypeError('option sameSite is invalid');\n }\n }\n\n toString() {\n return `${this.name}=${this.value}`;\n }\n\n get header() {\n let header = this.toString();\n\n if (this.maxAge) {\n this.expires = new Date(Date.now() + this.maxAge);\n }\n\n if (this.path) {\n header += `; path=${this.path}`;\n }\n if (this.expires) {\n header += `; expires=${this.expires.toUTCString()}`;\n }\n if (this.domain) {\n header += `; domain=${this.domain}`;\n }\n if (this.sameSite) {\n header += `; samesite=${this.sameSite === true ? 'strict' : this.sameSite.toLowerCase()}`;\n }\n if (this.secure) {\n header += '; secure';\n }\n if (this.httpOnly) {\n header += '; httponly';\n }\n\n return header;\n }\n\n}\n","export const CIPHER_INFO = {\n 'aes-128-cbc': { ivLength: 16, keyLength: 16 },\n 'aes-128-cbc-hmac-sha1': { ivLength: 16, keyLength: 16 },\n 'aes-128-cbc-hmac-sha256': { ivLength: 16, keyLength: 16 },\n 'aes-128-cfb': { ivLength: 16, keyLength: 16 },\n 'aes-128-cfb1': { ivLength: 16, keyLength: 16 },\n 'aes-128-cfb8': { ivLength: 16, keyLength: 16 },\n 'aes-128-ctr': { ivLength: 16, keyLength: 16 },\n 'aes-128-ecb': { ivLength: undefined, keyLength: 16 },\n 'aes-128-ocb': { ivLength: 12, keyLength: 16 },\n 'aes-128-ofb': { ivLength: 16, keyLength: 16 },\n 'aes-128-xts': { ivLength: 16, keyLength: 32 },\n 'aes-192-cbc': { ivLength: 16, keyLength: 24 },\n 'aes-192-cfb': { ivLength: 16, keyLength: 24 },\n 'aes-192-cfb1': { ivLength: 16, keyLength: 24 },\n 'aes-192-cfb8': { ivLength: 16, keyLength: 24 },\n 'aes-192-ctr': { ivLength: 16, keyLength: 24 },\n 'aes-192-ecb': { ivLength: undefined, keyLength: 24 },\n 'aes-192-ocb': { ivLength: 12, keyLength: 24 },\n 'aes-192-ofb': { ivLength: 16, keyLength: 24 },\n 'aes-256-cbc': { ivLength: 16, keyLength: 32 },\n 'aes-256-cbc-hmac-sha1': { ivLength: 16, keyLength: 32 },\n 'aes-256-cbc-hmac-sha256': { ivLength: 16, keyLength: 32 },\n 'aes-256-cfb': { ivLength: 16, keyLength: 32 },\n 'aes-256-cfb1': { ivLength: 16, keyLength: 32 },\n 'aes-256-cfb8': { ivLength: 16, keyLength: 32 },\n 'aes-256-ctr': { ivLength: 16, keyLength: 32 },\n 'aes-256-ecb': { ivLength: undefined, keyLength: 32 },\n 'aes-256-ocb': { ivLength: 12, keyLength: 32 },\n 'aes-256-ofb': { ivLength: 16, keyLength: 32 },\n 'aes-256-xts': { ivLength: 16, keyLength: 64 },\n 'aes-128-ccm': { ivLength: 12, keyLength: 16 },\n 'aes-128-gcm': { ivLength: 12, keyLength: 16 },\n 'aes-192-ccm': { ivLength: 12, keyLength: 24 },\n 'aes-192-gcm': { ivLength: 12, keyLength: 24 },\n 'aes-256-ccm': { ivLength: 12, keyLength: 32 },\n 'aes-256-gcm': { ivLength: 12, keyLength: 32 },\n 'id-aes128-ccm': { ivLength: 12, keyLength: 16 },\n 'id-aes128-gcm': { ivLength: 12, keyLength: 16 },\n 'id-aes192-ccm': { ivLength: 12, keyLength: 24 },\n 'id-aes192-gcm': { ivLength: 12, keyLength: 24 },\n 'id-aes256-ccm': { ivLength: 12, keyLength: 32 },\n 'id-aes256-gcm': { ivLength: 12, keyLength: 32 },\n} as const\n","/* eslint-disable @typescript-eslint/ban-ts-comment */\nimport compare from 'tsscmp'\n\nimport crypto, {BinaryToTextEncoding, CipherKey, Encoding} from \"crypto\";\nimport {CIPHER_INFO} from \"./ciphers\";\n\nconst AUTH_TAG_REQUIRED = /-(gcm|ccm)/\n\nexport interface KeyStoreOpts {\n signing?: {\n keys: string[],\n algorithm?: string | 'blake2b512' | 'blake2s256' | 'gost' | 'md4' | 'md5' | 'rmd160' | 'sha1' | 'sha224'\n | 'sha256' | 'sha3-224' | 'sha3-256' | 'sha3-384' | 'sha3-512' | 'sha384' | 'sha512' | 'sha512-224'\n | 'sha512-256' | 'shake128' | 'shake256' | 'sm3';\n encoding?: BinaryToTextEncoding\n },\n encryption?: {\n keys: string[] | CipherKey[],\n algorithm?: keyof typeof CIPHER_INFO | string,\n encoding?: Encoding\n authTagLength?: number\n }\n}\n\nexport type EncryptOptions = Required & { key?: string | undefined }\nexport type DecryptOptions = Required & {\n key?: string | CipherKey | undefined,\n iv?: string | Buffer | undefined,\n authTag?: string | Buffer | undefined\n}\n\nexport class KeyStore {\n encryption: Required>;\n signing: Required>;\n\n static cipherInfo = CIPHER_INFO as Record\n\n constructor(opts?: KeyStoreOpts) {\n opts = opts || {}\n if (opts.encryption) {\n if (!Array.isArray(opts.encryption.keys) || opts.encryption.keys.length === 0) {\n throw new Error(\"keys are required for encryption\")\n }\n }\n if (opts.signing) {\n if (!Array.isArray(opts.signing.keys) || opts.signing.keys.length === 0) {\n throw new Error(\"keys are required for signing\")\n }\n }\n this.encryption = Object.assign({\n algorithm: 'aes-192-ccm',\n authTagLength: 16,\n encoding: 'hex', keys: []\n }, opts.encryption || {} as any)\n\n this.signing = Object.assign({encoding: 'base64', algorithm: 'sha1', keys: []}, opts.signing || {} as any)\n\n }\n\n encrypt(data?: null, options?: Partial): null\n encrypt(data: string | Buffer, options?: Partial): string\n encrypt(data?: string | Buffer | null, options?: Partial): string | null {\n if (!data) {\n return null\n }\n const {\n keys,\n algorithm,\n encoding,\n authTagLength,\n key\n }: EncryptOptions = options ? Object.assign({}, this.encryption, options) : this.encryption\n\n const secret = key || keys[0]\n\n if (!secret) {\n throw new Error(\"no key found\")\n }\n\n const cipherInfo = KeyStore.cipherInfo[algorithm]\n if (!cipherInfo) {\n throw new Error(\"unsupported cipher\")\n }\n\n const iv = cipherInfo.ivLength ? crypto.randomBytes(cipherInfo.ivLength) : null;\n const dataBuff = typeof data === \"string\" ? Buffer.from(data, 'utf-8') : data\n\n const cipher = crypto.createCipheriv(algorithm as any, secret, iv, {authTagLength})\n\n const text = cipher.update(dataBuff);\n const pad = cipher.final();\n let authTag: Buffer | undefined;\n if (AUTH_TAG_REQUIRED.test(algorithm)) {\n authTag = cipher.getAuthTag();\n }\n\n return Buffer.concat([\n ...iv ? [iv] : [],\n ...authTag ? [authTag] : [],\n text,\n pad\n ]).toString(encoding)\n }\n\n decrypt(data?: null, options?: Partial): null\n decrypt(data: string | Buffer, options?: Partial): string\n decrypt(data?: string | Buffer | null, options?: Partial): string | null {\n if (!data) {\n return null\n }\n\n const finalOptions: DecryptOptions = options ? Object.assign({}, this.encryption, options) : this.encryption\n\n const {\n encoding,\n key,\n keys: defaultKeys,\n algorithm,\n authTagLength,\n } = finalOptions\n\n const keys = key ? [key] : defaultKeys\n if (keys.length === 0) {\n throw new Error(\"keys required for encrypted cookies\")\n }\n\n let {\n iv,\n authTag\n } = finalOptions\n\n let dataBuff = typeof data === \"string\" ? Buffer.from(data, encoding) : data\n\n const cipherInfo = KeyStore.cipherInfo[algorithm]\n if (!cipherInfo) {\n throw new Error(\"unsupported cipher\")\n }\n\n if (typeof iv === \"string\") {\n iv = Buffer.from(iv, encoding)\n }\n\n if (typeof authTag === \"string\") {\n authTag = Buffer.from(authTag, encoding)\n }\n\n if (cipherInfo.ivLength !== undefined) {\n if (!iv) {\n iv = dataBuff.slice(0, cipherInfo.ivLength)\n }\n dataBuff = dataBuff.slice(cipherInfo.ivLength, dataBuff.length)\n }\n\n\n if (AUTH_TAG_REQUIRED.test(algorithm)) {\n if (!authTag) {\n authTag = dataBuff.slice(0, authTagLength)\n }\n dataBuff = dataBuff.slice(authTagLength, dataBuff.length)\n }\n\n for (let i = 0; i < keys.length; i++) {\n const message = KeyStore.doDecrypt(dataBuff, {...finalOptions, key: keys[i], iv, authTag,});\n if (message !== null) return message\n }\n return null\n }\n\n private static doDecrypt(data: Buffer, options: DecryptOptions): string | null {\n const {algorithm, key, iv, authTagLength, authTag} = options\n const decipher = crypto.createDecipheriv(algorithm as any, key!, iv as Buffer || null, {authTagLength});\n\n if (authTag) {\n decipher.setAuthTag(authTag as Buffer)\n }\n\n const plainText = decipher.update(data)\n let final: Buffer\n try {\n final = decipher.final()\n } catch(e:any) {\n // authentication failed\n return null\n }\n return Buffer.concat([plainText, final]).toString('utf-8')\n }\n\n //region: signing\n\n sign(data?: null, key?: string | CipherKey): null\n sign(data: string, key?: string | CipherKey): string\n sign(data?: string | null, key?: string | CipherKey): string | null {\n if (!data) {\n return null\n }\n const {algorithm, encoding, keys} = this.signing\n key = key || keys[0] as CipherKey\n return crypto\n .createHmac(algorithm, key)\n .update(data).digest(encoding)\n .replace(/\\/|\\+|=/g, function (x) {\n return ({\"/\": \"_\", \"+\": \"-\", \"=\": \"\"})[x] as string\n })\n }\n\n verify(data: string, digest: string): boolean {\n return this.indexOf(data, digest) > -1\n }\n\n indexOf(data: string, digest: string): number {\n const {keys} = this.signing\n\n if (keys.length === 0) {\n throw new Error(\"keys required for signed cookies\")\n }\n\n for (let i = 0; i < keys.length; i++) {\n if (compare(digest, this.sign(data, keys[i] as string))) return i\n }\n return -1\n }\n\n //end-region: signing\n\n}\n\n","import http, {IncomingMessage, ServerResponse} from 'http';\nimport {Cookie, CookieAttrs} from './cookie';\nimport {KeyStore} from \"./keystore\";\nimport type {Http2ServerRequest, Http2ServerResponse} from \"http2\";\n\nconst cache: { [key: string]: RegExp } = {} as any;\ntype SignIdentifier = string | ((name: string) => string)\nexport type CookiesOptions = {\n\n /**\n * KeyStore to be used for signing and encrypting\n */\n keyStore?: KeyStore;\n /**\n * a boolean indicating whether the cookie is to be signed (`false` by default). If this is true, another cookie of the same name with the `signIdentifier` will also be sent, with a 27-byte url-safe base64 SHA1 value representing the hash of _cookie-name_=_cookie-value_ against the first [KeyStore](keystore) key. This signature key is used to detect tampering the next time a cookie is received.\n * @default false\n */\n signed?: boolean;\n /**\n * Encrypt cookies by default and assume received cookies are encrypted.\n * @default false\n */\n encrypted?: boolean;\n /**\n * Mark cookies as secure by default.\n * @default `req.protocol`\n */\n secure?: boolean;\n /**\n * If string, provided value will be appended cookie name with dot. For example with given value `mysig`\n * signature cookie name will be `cookiename.mysig`\n *\n * @default `sig`\n */\n signIdentifier?: SignIdentifier\n}\n\nexport type SetCookieOptions = CookiesOptions & CookieAttrs\nexport type GetCookieOptions = CookiesOptions\n\nexport class Cookies {\n\n secure: CookiesOptions[\"secure\"];\n\n encrypted: boolean;\n\n signed: boolean;\n\n keyStore: KeyStore;\n\n signIdentifier?: SignIdentifier\n\n readonly request: IncomingMessage | Http2ServerRequest;\n readonly response: ServerResponse | Http2ServerResponse;\n\n constructor(request: IncomingMessage | Http2ServerRequest, response: ServerResponse | Http2ServerResponse, options: CookiesOptions = {}) {\n this.request = request;\n this.response = response;\n\n this.keyStore = options.keyStore || new KeyStore();\n this.secure = options.secure;\n this.signed = options.signed !== undefined ? options.signed : false;\n this.encrypted = options.encrypted !== undefined ? options.encrypted : false;\n this.signIdentifier = options.signIdentifier || 'sig';\n }\n\n /**\n * This extracts the cookie with the given name from the Set-Cookie header in the request. If such a cookie exists, its value is returned. Otherwise, nothing is returned.\n *\n * `{ signed: true }` can optionally be passed as the second parameter options. In this case, a signature cookie (a cookie of same name ending with the .sig suffix appended) is fetched. If no such cookie exists, nothing is returned.\n *\n * If the signature cookie does exist, the provided KeyStore is used to check whether the hash of cookie-name=cookie-value matches that of any registered key/s:\n *\n * - If the signature cookie hash matches the first key, the original cookie value is returned.\n * - If the signature cookie hash matches any other key, the original cookie value is returned AND an outbound header is set to update the signature cookie's value to the hash of the first key. This enables automatic freshening of signature cookies that have become stale due to key rotation.\n * - If the signature cookie hash does not match any key, nothing is returned, and an outbound header with an expired date is used to delete the cookie.\n *\n * `{ encrypted: true }` can optionally be passed as the second parameter options. In this case, the provided KeyStore will try to decrypt the cookie value with registered key/s.\n *\n * - If the decryption fails nothing is returned, and the cookie stays intact.\n * - If decryption succeeds, decrypted cookie value is returned.\n *\n * If both `signed` and `encrypted` options are provided, signature check will be applied with encrypted value. Than the decryption will be applied.\n * @param name\n * @param opts\n */\n get(name: string, opts?: GetCookieOptions): string | undefined {\n const sigId = opts?.signIdentifier || this.signIdentifier;\n\n const sigName = typeof sigId === 'function' ? sigId.call(null, name)\n : `${name + '.' + sigId}`;\n\n const signed = opts && opts.signed !== undefined ? opts.signed : this.keyStore.signing.keys.length > 0;\n\n const encrypted = opts && opts.encrypted !== undefined ? opts.encrypted : this.encrypted;\n\n const header = this.request.headers['cookie'];\n if (!header) {\n return undefined;\n }\n\n const match = header.match(getPattern(name));\n if (!match) {\n return undefined;\n }\n\n const value = match[1];\n if (!opts || !signed) {\n return encrypted ? this.keyStore.decrypt(value as string) : value;\n }\n\n const remote = this.get(sigName, {encrypted: false, signed: false});\n if (!remote) {\n return undefined;\n }\n\n const data = `${name}=${value}`;\n const index = this.keyStore.indexOf(data, remote);\n\n if (index < 0) {\n this.set(sigName, null, {path: '/', signed: false});\n return undefined\n } else {\n index && this.set(sigName, this.keyStore.sign(data), {signed: false});\n return encrypted ? this.keyStore.decrypt(value as string) : value;\n }\n }\n\n /**\n * This sets the given cookie in the response and returns the current context to allow chaining.\n *\n * @param name Cookie name\n * @param value Cookie value. If this is omitted, an outbound header with an expired date is used to delete the cookie.\n * @param opts Overridden options\n */\n set(name: string, value?: string | null, opts?: SetCookieOptions): Cookies {\n const res = this.response,\n req = this.request,\n secure = this.secure !== undefined ? !!this.secure : (req).protocol === 'https' || (req).connection['encrypted'],\n encrypted = opts && opts.encrypted !== undefined ? opts.encrypted : this.encrypted;\n\n let headers = (res.getHeader('Set-Cookie') || []) as string[];\n\n const cookie = new Cookie(name, encrypted ? this.keyStore.encrypt(value as string): value, opts);\n const signed = opts && opts.signed !== undefined ? opts.signed : this.signed;\n\n /* istanbul ignore next */\n if (typeof headers == 'string') {\n headers = [headers];\n }\n\n if (!secure && opts && opts.secure) {\n throw new Error('Cannot send secure cookie over unencrypted connection');\n }\n\n cookie.secure = opts && opts.secure !== undefined ? opts.secure : secure;\n\n pushCookie(headers, cookie);\n\n if (opts && signed) {\n cookie.value = this.keyStore.sign(cookie.toString());\n\n const sigId = opts.signIdentifier || this.signIdentifier;\n\n if (typeof sigId === 'function') {\n cookie.name = sigId.call(null, cookie.name);\n } else {\n cookie.name = `${cookie.name + '.' + sigId}`;\n }\n pushCookie(headers, cookie);\n }\n\n const setHeader = (res)[\"set\"] ? http.OutgoingMessage.prototype.setHeader : res.setHeader;\n setHeader.call(res, 'Set-Cookie', headers);\n return this;\n }\n\n static middleware = (options?: CookiesOptions) => (req: any, res: any, next: any) => {\n req.cookies = res.cookies = new Cookies(req, res, options);\n next();\n }\n\n static connect = Cookies.middleware\n static express = Cookies.middleware\n static koa = (options?: CookiesOptions) => (ctx: any, next: any) => {\n ctx.cookies\n = ctx.req.cookies\n = ctx.res.cookies\n = ctx.request.cookies\n = ctx.response.cookies = new Cookies(ctx.req, ctx.res, options);\n return next()\n }\n}\n\n\nfunction getPattern(name: string): RegExp {\n if (cache[name]) {\n return cache[name] as RegExp;\n }\n\n return cache[name] = new RegExp(\n `(?:^|;) *${name.replace(/[-[\\]{}()*+?.,\\\\^$|#\\s]/g, '\\\\$&')}=([^;]*)`\n );\n}\n\nfunction pushCookie(headers: string[], cookie: Cookie) {\n if (cookie.overwrite) {\n for (let i = headers.length - 1; i >= 0; i--) {\n if (headers[i]!.indexOf(`${cookie.name}=`) === 0) {\n headers.splice(i, 1);\n }\n }\n }\n\n headers.push(cookie.header);\n}\n"],"names":["crypto","compare","http"],"mappings":";;;;;;;;;;;;;;;;;;;;AAAA;AACA,IAAM,kBAAkB,GAAG,uCAAuC,CAAC;AACnE,IAAM,gBAAgB,GAAG,wBAAwB,CAAC;;IAiDhD,gBAAY,IAAY,EAAE,KAAqB,EAAE,KAAmB;QARpE,SAAI,GAAG,GAAG,CAAC;QACX,aAAQ,GAA6B,KAAK,CAAC;QAC3C,WAAM,GAAG,KAAK,CAAC;QACf,aAAQ,GAAG,IAAI,CAAC;QAChB,cAAS,GAAG,KAAK,CAAC;QAKhB,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;YAClC,MAAM,IAAI,SAAS,CAAC,0BAA0B,CAAC,CAAC;SACjD;QAED,IAAI,KAAK,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE;YAC5C,MAAM,IAAI,SAAS,CAAC,2BAA2B,CAAC,CAAC;SAClD;QAED,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;QACjB,IAAI,CAAC,KAAK,GAAG,KAAK,IAAI,EAAE,CAAC;QAEzB,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,CAAA;QAE1B,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE;YACf,IAAI,CAAC,OAAO,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC;YAC3B,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC;SACpB;QAED,IAAI,IAAI,CAAC,IAAI,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;YACpD,MAAM,IAAI,SAAS,CAAC,wBAAwB,CAAC,CAAC;SAC/C;QAED,IAAI,IAAI,CAAC,MAAM,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE;YACxD,MAAM,IAAI,SAAS,CAAC,0BAA0B,CAAC,CAAC;SACjD;QAED,IAAI,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,QAAQ,KAAK,IAAI,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE;YACpF,MAAM,IAAI,SAAS,CAAC,4BAA4B,CAAC,CAAC;SACnD;KACF;IAED,yBAAQ,GAAR;QACE,OAAU,IAAI,CAAC,IAAI,SAAI,IAAI,CAAC,KAAO,CAAC;KACrC;IAED,sBAAI,0BAAM;aAAV;YACE,IAAI,MAAM,GAAG,IAAI,CAAC,QAAQ,EAAE,CAAC;YAE7B,IAAI,IAAI,CAAC,MAAM,EAAE;gBACf,IAAI,CAAC,OAAO,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC;aACnD;YAED,IAAI,IAAI,CAAC,IAAI,EAAE;gBACb,MAAM,IAAI,YAAU,IAAI,CAAC,IAAM,CAAC;aACjC;YACD,IAAI,IAAI,CAAC,OAAO,EAAE;gBAChB,MAAM,IAAI,eAAa,IAAI,CAAC,OAAO,CAAC,WAAW,EAAI,CAAC;aACrD;YACD,IAAI,IAAI,CAAC,MAAM,EAAE;gBACf,MAAM,IAAI,cAAY,IAAI,CAAC,MAAQ,CAAC;aACrC;YACD,IAAI,IAAI,CAAC,QAAQ,EAAE;gBACjB,MAAM,IAAI,iBAAc,IAAI,CAAC,QAAQ,KAAK,IAAI,GAAG,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAE,CAAC;aAC3F;YACD,IAAI,IAAI,CAAC,MAAM,EAAE;gBACf,MAAM,IAAI,UAAU,CAAC;aACtB;YACD,IAAI,IAAI,CAAC,QAAQ,EAAE;gBACjB,MAAM,IAAI,YAAY,CAAC;aACxB;YAED,OAAO,MAAM,CAAC;SACf;;;OAAA;IAEH,aAAC;AAAD,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;ACpHM,IAAM,WAAW,GAAG;IACzB,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,uBAAuB,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IACxD,yBAAyB,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC1D,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,EAAE,EAAE,EAAE;IACrD,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,EAAE,EAAE,EAAE;IACrD,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,uBAAuB,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IACxD,yBAAyB,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC1D,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,EAAE,EAAE,EAAE;IACrD,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;CACxC;;ACrCV,IAAM,iBAAiB,GAAG,YAAY,CAAA;;IAkCpC,kBAAY,IAAmB;QAC7B,IAAI,GAAG,IAAI,IAAI,EAAE,CAAA;QACjB,IAAI,IAAI,CAAC,UAAU,EAAE;YACnB,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE;gBAC7E,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAA;aACpD;SACF;QACD,IAAI,IAAI,CAAC,OAAO,EAAE;YAChB,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE;gBACvE,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAA;aACjD;SACF;QACD,IAAI,CAAC,UAAU,GAAG,MAAM,CAAC,MAAM,CAAC;YAC9B,SAAS,EAAE,aAAa;YACxB,aAAa,EAAE,EAAE;YACjB,QAAQ,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE;SAC1B,EAAE,IAAI,CAAC,UAAU,IAAI,EAAS,CAAC,CAAA;QAEhC,IAAI,CAAC,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,EAAC,QAAQ,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,EAAE,IAAI,EAAE,EAAE,EAAC,EAAE,IAAI,CAAC,OAAO,IAAI,EAAS,CAAC,CAAA;KAE3G;IAID,0BAAO,GAAP,UAAQ,IAA6B,EAAE,OAAiC;QACtE,IAAI,CAAC,IAAI,EAAE;YACT,OAAO,IAAI,CAAA;SACZ;QACK,IAAA,KAMc,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,IAAI,CAAC,UAAU,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC,UAAU,EALzF,IAAI,UAAA,EACJ,SAAS,eAAA,EACT,QAAQ,cAAA,EACR,aAAa,mBAAA,EACb,GAAG,SACsF,CAAA;QAE3F,IAAM,MAAM,GAAG,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,CAAA;QAE7B,IAAI,CAAC,MAAM,EAAE;YACX,MAAM,IAAI,KAAK,CAAC,cAAc,CAAC,CAAA;SAChC;QAED,IAAM,UAAU,GAAG,QAAQ,CAAC,UAAU,CAAC,SAAS,CAAC,CAAA;QACjD,IAAI,CAAC,UAAU,EAAE;YACf,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAA;SACtC;QAED,IAAM,EAAE,GAAG,UAAU,CAAC,QAAQ,GAAGA,0BAAM,CAAC,WAAW,CAAC,UAAU,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC;QAChF,IAAM,QAAQ,GAAG,OAAO,IAAI,KAAK,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,EAAE,OAAO,CAAC,GAAG,IAAI,CAAA;QAE7E,IAAM,MAAM,GAAGA,0BAAM,CAAC,cAAc,CAAC,SAAgB,EAAE,MAAM,EAAE,EAAE,EAAE,EAAC,aAAa,eAAA,EAAC,CAAC,CAAA;QAEnF,IAAM,IAAI,GAAG,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QACrC,IAAM,GAAG,GAAG,MAAM,CAAC,KAAK,EAAE,CAAC;QAC3B,IAAI,OAA2B,CAAC;QAChC,IAAI,iBAAiB,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE;YACrC,OAAO,GAAG,MAAM,CAAC,UAAU,EAAE,CAAC;SAC/B;QAED,OAAO,MAAM,CAAC,MAAM,+CACf,EAAE,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,SACd,OAAO,GAAG,CAAC,OAAO,CAAC,GAAG,EAAE;YAC3B,IAAI;YACJ,GAAG;WACH,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAA;KACtB;IAID,0BAAO,GAAP,UAAQ,IAA6B,EAAE,OAAiC;QACtE,IAAI,CAAC,IAAI,EAAE;YACT,OAAO,IAAI,CAAA;SACZ;QAED,IAAM,YAAY,GAAmB,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,IAAI,CAAC,UAAU,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC,UAAU,CAAA;QAG1G,IAAA,QAAQ,GAKN,YAAY,SALN,EACR,GAAG,GAID,YAAY,IAJX,EACG,WAAW,GAGf,YAAY,KAHG,EACjB,SAAS,GAEP,YAAY,UAFL,EACT,aAAa,GACX,YAAY,cADD,CACC;QAEhB,IAAM,IAAI,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,WAAW,CAAA;QACtC,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE;YACrB,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAA;SACvD;QAGC,IAAA,EAAE,GAEA,YAAY,GAFZ,EACF,OAAO,GACL,YAAY,QADP,CACO;QAEhB,IAAI,QAAQ,GAAG,OAAO,IAAI,KAAK,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,EAAE,QAAQ,CAAC,GAAG,IAAI,CAAA;QAE5E,IAAM,UAAU,GAAG,QAAQ,CAAC,UAAU,CAAC,SAAS,CAAC,CAAA;QACjD,IAAI,CAAC,UAAU,EAAE;YACf,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAA;SACtC;QAED,IAAI,OAAO,EAAE,KAAK,QAAQ,EAAE;YAC1B,EAAE,GAAG,MAAM,CAAC,IAAI,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAA;SAC/B;QAED,IAAI,OAAO,OAAO,KAAK,QAAQ,EAAE;YAC/B,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAA;SACzC;QAED,IAAI,UAAU,CAAC,QAAQ,KAAK,SAAS,EAAE;YACrC,IAAI,CAAC,EAAE,EAAE;gBACP,EAAE,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,UAAU,CAAC,QAAQ,CAAC,CAAA;aAC5C;YACD,QAAQ,GAAG,QAAQ,CAAC,KAAK,CAAC,UAAU,CAAC,QAAQ,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAA;SAChE;QAGD,IAAI,iBAAiB,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE;YACrC,IAAI,CAAC,OAAO,EAAE;gBACZ,OAAO,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,aAAa,CAAC,CAAA;aAC3C;YACD,QAAQ,GAAG,QAAQ,CAAC,KAAK,CAAC,aAAa,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAA;SAC1D;QAED,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;YACpC,IAAM,OAAO,GAAG,QAAQ,CAAC,SAAS,CAAC,QAAQ,wBAAM,YAAY,KAAE,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,IAAA,EAAE,OAAO,SAAA,IAAG,CAAC;YAC5F,IAAI,OAAO,KAAK,IAAI;gBAAE,OAAO,OAAO,CAAA;SACrC;QACD,OAAO,IAAI,CAAA;KACZ;IAEc,kBAAS,GAAxB,UAAyB,IAAY,EAAE,OAAuB;QACrD,IAAA,SAAS,GAAqC,OAAO,UAA5C,EAAE,GAAG,GAAgC,OAAO,IAAvC,EAAE,EAAE,GAA4B,OAAO,GAAnC,EAAE,aAAa,GAAa,OAAO,cAApB,EAAE,OAAO,GAAI,OAAO,QAAX,CAAW;QAC5D,IAAM,QAAQ,GAAGA,0BAAM,CAAC,gBAAgB,CAAC,SAAgB,EAAE,GAAI,EAAE,EAAY,IAAI,IAAI,EAAE,EAAC,aAAa,eAAA,EAAC,CAAC,CAAC;QAExG,IAAI,OAAO,EAAE;YACX,QAAQ,CAAC,UAAU,CAAC,OAAiB,CAAC,CAAA;SACvC;QAED,IAAM,SAAS,GAAG,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,CAAA;QACvC,IAAI,KAAa,CAAA;QACjB,IAAI;YACF,KAAK,GAAG,QAAQ,CAAC,KAAK,EAAE,CAAA;SACzB;QAAC,OAAM,CAAK,EAAE;;YAEb,OAAO,IAAI,CAAA;SACZ;QACD,OAAO,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAA;KAC3D;IAMD,uBAAI,GAAJ,UAAK,IAAoB,EAAE,GAAwB;QACjD,IAAI,CAAC,IAAI,EAAE;YACT,OAAO,IAAI,CAAA;SACZ;QACK,IAAA,KAA8B,IAAI,CAAC,OAAO,EAAzC,SAAS,eAAA,EAAE,QAAQ,cAAA,EAAE,IAAI,UAAgB,CAAA;QAChD,GAAG,GAAG,GAAG,IAAI,IAAI,CAAC,CAAC,CAAc,CAAA;QACjC,OAAOA,0BAAM;aACV,UAAU,CAAC,SAAS,EAAE,GAAG,CAAC;aAC1B,MAAM,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC;aAC7B,OAAO,CAAC,UAAU,EAAE,UAAU,CAAC;YAC9B,OAAO,CAAC,EAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,EAAE,EAAC,EAAE,CAAC,CAAW,CAAA;SACpD,CAAC,CAAA;KACL;IAED,yBAAM,GAAN,UAAO,IAAY,EAAE,MAAc;QACjC,OAAO,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC,GAAG,CAAC,CAAC,CAAA;KACvC;IAED,0BAAO,GAAP,UAAQ,IAAY,EAAE,MAAc;QAC3B,IAAA,IAAI,GAAI,IAAI,CAAC,OAAO,KAAhB,CAAgB;QAE3B,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE;YACrB,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAA;SACpD;QAED,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;YACpC,IAAIC,2BAAO,CAAC,MAAM,EAAE,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC,CAAW,CAAC,CAAC;gBAAE,OAAO,CAAC,CAAA;SAClE;QACD,OAAO,CAAC,CAAC,CAAA;KACV;IA5LM,mBAAU,GAAG,WAGlB,CAAA;IA6LJ,eAAC;CApMD;;AC1BA,IAAM,KAAK,GAA8B,EAAS,CAAC;;IAkDjD,iBAAY,OAA6C,EAAE,QAA8C,EAAE,OAA4B;QAA5B,wBAAA,EAAA,YAA4B;QACrI,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;QACvB,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;QAEzB,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC,QAAQ,IAAI,IAAI,QAAQ,EAAE,CAAC;QACnD,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;QAC7B,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,KAAK,SAAS,GAAG,OAAO,CAAC,MAAM,GAAG,KAAK,CAAC;QACpE,IAAI,CAAC,SAAS,GAAG,OAAO,CAAC,SAAS,KAAK,SAAS,GAAG,OAAO,CAAC,SAAS,GAAG,KAAK,CAAC;QAC7E,IAAI,CAAC,cAAc,GAAG,OAAO,CAAC,cAAc,IAAI,KAAK,CAAC;KACvD;;;;;;;;;;;;;;;;;;;;;IAsBD,qBAAG,GAAH,UAAI,IAAY,EAAE,IAAuB;QACvC,IAAM,KAAK,GAAG,CAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,cAAc,KAAI,IAAI,CAAC,cAAc,CAAC;QAE1D,IAAM,OAAO,GAAG,OAAO,KAAK,KAAK,UAAU,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC;cAChE,MAAG,IAAI,GAAG,GAAG,GAAG,KAAK,CAAE,CAAC;QAE5B,IAAM,MAAM,GAAG,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,SAAS,GAAG,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC;QAEvG,IAAM,SAAS,GAAG,IAAI,IAAI,IAAI,CAAC,SAAS,KAAK,SAAS,GAAG,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC;QAEzF,IAAM,MAAM,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;QAC9C,IAAI,CAAC,MAAM,EAAE;YACX,OAAO,SAAS,CAAC;SAClB;QAED,IAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC;QAC7C,IAAI,CAAC,KAAK,EAAE;YACV,OAAO,SAAS,CAAC;SAClB;QAED,IAAM,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QACvB,IAAI,CAAC,IAAI,IAAI,CAAC,MAAM,EAAE;YACpB,OAAO,SAAS,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAe,CAAC,GAAG,KAAK,CAAC;SACnE;QAED,IAAM,MAAM,GAAG,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,EAAC,SAAS,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK,EAAC,CAAC,CAAC;QACpE,IAAI,CAAC,MAAM,EAAE;YACX,OAAO,SAAS,CAAC;SAClB;QAED,IAAM,IAAI,GAAM,IAAI,SAAI,KAAO,CAAC;QAChC,IAAM,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;QAElD,IAAI,KAAK,GAAG,CAAC,EAAE;YACb,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,IAAI,EAAE,EAAC,IAAI,EAAE,GAAG,EAAE,MAAM,EAAE,KAAK,EAAC,CAAC,CAAC;YACpD,OAAO,SAAS,CAAA;SACjB;aAAM;YACL,KAAK,IAAI,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,EAAC,MAAM,EAAE,KAAK,EAAC,CAAC,CAAC;YACtE,OAAO,SAAS,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAe,CAAC,GAAG,KAAK,CAAC;SACnE;KACF;;;;;;;;IASD,qBAAG,GAAH,UAAI,IAAY,EAAE,KAAqB,EAAE,IAAuB;QAC9D,IAAM,GAAG,GAAG,IAAI,CAAC,QAAQ,EACvB,GAAG,GAAG,IAAI,CAAC,OAAO,EAClB,MAAM,GAAG,IAAI,CAAC,MAAM,KAAK,SAAS,GAAG,CAAC,CAAC,IAAI,CAAC,MAAM,GAAS,GAAI,CAAC,QAAQ,KAAK,OAAO,IAAU,GAAI,CAAC,UAAU,CAAC,WAAW,CAAC,EAC1H,SAAS,GAAG,IAAI,IAAI,IAAI,CAAC,SAAS,KAAK,SAAS,GAAG,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC;QAErF,IAAI,OAAO,IAAI,GAAG,CAAC,SAAS,CAAC,YAAY,CAAC,IAAI,EAAE,CAAa,CAAC;QAE9D,IAAM,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,EAAE,SAAS,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAe,CAAC,GAAE,KAAK,EAAE,IAAI,CAAC,CAAC;QACjG,IAAM,MAAM,GAAG,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,SAAS,GAAG,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC;;QAG7E,IAAI,OAAO,OAAO,IAAI,QAAQ,EAAE;YAC9B,OAAO,GAAG,CAAC,OAAO,CAAC,CAAC;SACrB;QAED,IAAI,CAAC,MAAM,IAAI,IAAI,IAAI,IAAI,CAAC,MAAM,EAAE;YAClC,MAAM,IAAI,KAAK,CAAC,uDAAuD,CAAC,CAAC;SAC1E;QAED,MAAM,CAAC,MAAM,GAAG,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,SAAS,GAAG,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QAEzE,UAAU,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;QAE5B,IAAI,IAAI,IAAI,MAAM,EAAE;YAClB,MAAM,CAAC,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAC;YAErD,IAAM,KAAK,GAAG,IAAI,CAAC,cAAc,IAAI,IAAI,CAAC,cAAc,CAAC;YAEzD,IAAI,OAAO,KAAK,KAAK,UAAU,EAAE;gBAC/B,MAAM,CAAC,IAAI,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,CAAC;aAC7C;iBAAM;gBACL,MAAM,CAAC,IAAI,GAAG,MAAG,MAAM,CAAC,IAAI,GAAG,GAAG,GAAG,KAAK,CAAE,CAAC;aAC9C;YACD,UAAU,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;SAC7B;QAED,IAAM,SAAS,GAAS,GAAI,CAAC,KAAK,CAAC,GAAGC,wBAAI,CAAC,eAAe,CAAC,SAAS,CAAC,SAAS,GAAG,GAAG,CAAC,SAAS,CAAC;QAC/F,SAAS,CAAC,IAAI,CAAC,GAAG,EAAE,YAAY,EAAE,OAAO,CAAC,CAAC;QAC3C,OAAO,IAAI,CAAC;KACb;IAEM,kBAAU,GAAG,UAAC,OAAwB,IAAK,OAAA,UAAC,GAAQ,EAAE,GAAQ,EAAE,IAAS;QAC9E,GAAG,CAAC,OAAO,GAAG,GAAG,CAAC,OAAO,GAAG,IAAI,OAAO,CAAC,GAAG,EAAE,GAAG,EAAE,OAAO,CAAC,CAAC;QAC3D,IAAI,EAAE,CAAC;KACR,GAAA,CAAA;IAEM,eAAO,GAAG,OAAO,CAAC,UAAU,CAAA;IAC5B,eAAO,GAAG,OAAO,CAAC,UAAU,CAAA;IAC5B,WAAG,GAAG,UAAC,OAAwB,IAAK,OAAA,UAAC,GAAQ,EAAE,IAAS;QAC7D,GAAG,CAAC,OAAO;cACP,GAAG,CAAC,GAAG,CAAC,OAAO;kBACf,GAAG,CAAC,GAAG,CAAC,OAAO;sBACf,GAAG,CAAC,OAAO,CAAC,OAAO;0BACnB,GAAG,CAAC,QAAQ,CAAC,OAAO,GAAG,IAAI,OAAO,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;QAClE,OAAO,IAAI,EAAE,CAAA;KACd,GAAA,CAAA;IACH,cAAC;CAxJD,IAwJC;AAGD,SAAS,UAAU,CAAC,IAAY;IAC9B,IAAI,KAAK,CAAC,IAAI,CAAC,EAAE;QACf,OAAO,KAAK,CAAC,IAAI,CAAW,CAAC;KAC9B;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,GAAG,IAAI,MAAM,CAC7B,cAAY,IAAI,CAAC,OAAO,CAAC,0BAA0B,EAAE,MAAM,CAAC,aAAU,CACvE,CAAC;AACJ,CAAC;AAED,SAAS,UAAU,CAAC,OAAiB,EAAE,MAAc;IACnD,IAAI,MAAM,CAAC,SAAS,EAAE;QACpB,KAAK,IAAI,CAAC,GAAG,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE;YAC5C,IAAI,OAAO,CAAC,CAAC,CAAE,CAAC,OAAO,CAAI,MAAM,CAAC,IAAI,MAAG,CAAC,KAAK,CAAC,EAAE;gBAChD,OAAO,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;aACtB;SACF;KACF;IAED,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;AAC9B;;;;;;"} \ No newline at end of file +{"version":3,"file":"index.cjs","sources":["../src/cookie.ts","../src/ciphers.ts","../src/keystore.ts","../src/cookies.ts"],"sourcesContent":["// eslint-disable-next-line no-control-regex\nconst fieldContentRegExp = /^[\\u0009\\u0020-\\u007e\\u0080-\\u00ff]+$/;\nconst SAME_SITE_REGEXP = /^(?:lax|none|strict)$/i;\n\nexport interface CookieAttrs {\n /**\n * a `Date` object indicating the cookie's expiration date (expires at the end of session by default).\n */\n expires?: Date;\n /**\n * a number representing the milliseconds from `Date.now()` for expiry\n */\n maxAge?: number | null;\n /**\n * a boolean or string indicating whether the cookie is a \"same site\" cookie (`false` by default). This can be set to `'strict'`, `'lax'`, `'none'`, or `true` (which maps to `'strict'`).\n */\n sameSite?: 'lax' | 'none' | 'strict' | boolean;\n /**\n * a string indicating the path of the cookie (`/` by default).\n */\n path?: string;\n /**\n * a string indicating the domain of the cookie (no default).\n */\n domain?: string;\n /**\n * a boolean indicating whether the cookie is only to be sent over HTTPS (`false` by default for HTTP, `true` by default for HTTPS).\n */\n secure?: boolean;\n /**\n * a boolean indicating whether the cookie is only to be sent over HTTP(S), and not made available to client JavaScript (`true` by default).\n */\n httpOnly?: boolean;\n /**\n * a boolean indicating whether to overwrite previously set cookies of the same name (`false` by default). If this is true, all cookies set during the same request with the same name (regardless of path or domain) are filtered out of the Set-Cookie header when setting this cookie.\n */\n overwrite?: boolean;\n}\n\nexport class Cookie implements CookieAttrs {\n name: string;\n value: string;\n domain?: string;\n path = '/';\n sameSite?: CookieAttrs['sameSite'] = false;\n secure = false;\n httpOnly = true;\n overwrite = false;\n expires?: Date;\n maxAge?: number | null;\n\n constructor(name: string, value?: string | null, attrs?: CookieAttrs) {\n if (!fieldContentRegExp.test(name)) {\n throw new TypeError('argument name is invalid');\n }\n\n if (value && !fieldContentRegExp.test(value)) {\n throw new TypeError('argument value is invalid');\n }\n\n this.name = name;\n this.value = value || '';\n\n Object.assign(this, attrs)\n\n if (!this.value) {\n this.expires = new Date(0);\n this.maxAge = null;\n }\n\n if (this.path && !fieldContentRegExp.test(this.path)) {\n throw new TypeError('option path is invalid');\n }\n\n if (this.domain && !fieldContentRegExp.test(this.domain)) {\n throw new TypeError('option domain is invalid');\n }\n\n if (this.sameSite && this.sameSite !== true && !SAME_SITE_REGEXP.test(this.sameSite)) {\n throw new TypeError('option sameSite is invalid');\n }\n }\n\n toString() {\n return `${this.name}=${this.value}`;\n }\n\n get header() {\n let header = this.toString();\n\n if (this.maxAge) {\n this.expires = new Date(Date.now() + this.maxAge);\n }\n\n if (this.path) {\n header += `; path=${this.path}`;\n }\n if (this.expires) {\n header += `; expires=${this.expires.toUTCString()}`;\n }\n if (this.domain) {\n header += `; domain=${this.domain}`;\n }\n if (this.sameSite) {\n header += `; samesite=${this.sameSite === true ? 'strict' : this.sameSite.toLowerCase()}`;\n }\n if (this.secure) {\n header += '; secure';\n }\n if (this.httpOnly) {\n header += '; httponly';\n }\n\n return header;\n }\n\n}\n","export const CIPHER_INFO = {\n 'aes-128-cbc': { ivLength: 16, keyLength: 16 },\n 'aes-128-cbc-hmac-sha1': { ivLength: 16, keyLength: 16 },\n 'aes-128-cbc-hmac-sha256': { ivLength: 16, keyLength: 16 },\n 'aes-128-cfb': { ivLength: 16, keyLength: 16 },\n 'aes-128-cfb1': { ivLength: 16, keyLength: 16 },\n 'aes-128-cfb8': { ivLength: 16, keyLength: 16 },\n 'aes-128-ctr': { ivLength: 16, keyLength: 16 },\n 'aes-128-ecb': { ivLength: undefined, keyLength: 16 },\n 'aes-128-ocb': { ivLength: 12, keyLength: 16 },\n 'aes-128-ofb': { ivLength: 16, keyLength: 16 },\n 'aes-128-xts': { ivLength: 16, keyLength: 32 },\n 'aes-192-cbc': { ivLength: 16, keyLength: 24 },\n 'aes-192-cfb': { ivLength: 16, keyLength: 24 },\n 'aes-192-cfb1': { ivLength: 16, keyLength: 24 },\n 'aes-192-cfb8': { ivLength: 16, keyLength: 24 },\n 'aes-192-ctr': { ivLength: 16, keyLength: 24 },\n 'aes-192-ecb': { ivLength: undefined, keyLength: 24 },\n 'aes-192-ocb': { ivLength: 12, keyLength: 24 },\n 'aes-192-ofb': { ivLength: 16, keyLength: 24 },\n 'aes-256-cbc': { ivLength: 16, keyLength: 32 },\n 'aes-256-cbc-hmac-sha1': { ivLength: 16, keyLength: 32 },\n 'aes-256-cbc-hmac-sha256': { ivLength: 16, keyLength: 32 },\n 'aes-256-cfb': { ivLength: 16, keyLength: 32 },\n 'aes-256-cfb1': { ivLength: 16, keyLength: 32 },\n 'aes-256-cfb8': { ivLength: 16, keyLength: 32 },\n 'aes-256-ctr': { ivLength: 16, keyLength: 32 },\n 'aes-256-ecb': { ivLength: undefined, keyLength: 32 },\n 'aes-256-ocb': { ivLength: 12, keyLength: 32 },\n 'aes-256-ofb': { ivLength: 16, keyLength: 32 },\n 'aes-256-xts': { ivLength: 16, keyLength: 64 },\n 'aes-128-ccm': { ivLength: 12, keyLength: 16 },\n 'aes-128-gcm': { ivLength: 12, keyLength: 16 },\n 'aes-192-ccm': { ivLength: 12, keyLength: 24 },\n 'aes-192-gcm': { ivLength: 12, keyLength: 24 },\n 'aes-256-ccm': { ivLength: 12, keyLength: 32 },\n 'aes-256-gcm': { ivLength: 12, keyLength: 32 },\n 'id-aes128-ccm': { ivLength: 12, keyLength: 16 },\n 'id-aes128-gcm': { ivLength: 12, keyLength: 16 },\n 'id-aes192-ccm': { ivLength: 12, keyLength: 24 },\n 'id-aes192-gcm': { ivLength: 12, keyLength: 24 },\n 'id-aes256-ccm': { ivLength: 12, keyLength: 32 },\n 'id-aes256-gcm': { ivLength: 12, keyLength: 32 },\n} as const\n","/* eslint-disable @typescript-eslint/ban-ts-comment */\nimport compare from 'tsscmp'\n\nimport crypto, {BinaryToTextEncoding, CipherKey, Encoding} from \"crypto\";\nimport {CIPHER_INFO} from \"./ciphers\";\n\nconst AUTH_TAG_REQUIRED = /-(gcm|ccm)/\n\nexport interface KeyStoreOpts {\n signing?: {\n keys: string[],\n algorithm?: string | 'blake2b512' | 'blake2s256' | 'gost' | 'md4' | 'md5' | 'rmd160' | 'sha1' | 'sha224'\n | 'sha256' | 'sha3-224' | 'sha3-256' | 'sha3-384' | 'sha3-512' | 'sha384' | 'sha512' | 'sha512-224'\n | 'sha512-256' | 'shake128' | 'shake256' | 'sm3';\n encoding?: BinaryToTextEncoding\n },\n encryption?: {\n keys: string[] | CipherKey[],\n algorithm?: keyof typeof CIPHER_INFO | string,\n encoding?: Encoding\n authTagLength?: number\n }\n}\n\nexport type EncryptOptions = Required & { key?: string | undefined }\nexport type DecryptOptions = Required & {\n key?: string | CipherKey | undefined,\n iv?: string | Buffer | undefined,\n authTag?: string | Buffer | undefined\n}\n\nexport class KeyStore {\n encryption: Required>;\n signing: Required>;\n\n static cipherInfo = CIPHER_INFO as Record\n\n constructor(opts?: KeyStoreOpts) {\n opts = opts || {}\n\n this.encryption = Object.assign({\n algorithm: 'aes-192-ccm',\n authTagLength: 16,\n encoding: 'hex',\n keys: []\n }, opts.encryption || {} as any)\n\n this.signing = Object.assign({\n encoding: 'base64',\n algorithm: 'sha1',\n keys: []\n }, opts.signing || {} as any)\n\n }\n\n encrypt(data?: null, options?: Partial): null\n encrypt(data: string | Buffer, options?: Partial): string\n encrypt(data?: string | Buffer | null, options?: Partial): string | null {\n if (!data) {\n return null\n }\n const {\n keys,\n algorithm,\n encoding,\n authTagLength,\n key\n }: EncryptOptions = options ? Object.assign({}, this.encryption, options) : this.encryption\n\n const secret = key || keys[0]\n\n if (!secret) {\n throw new Error(\"no key found\")\n }\n\n const cipherInfo = KeyStore.cipherInfo[algorithm]\n if (!cipherInfo) {\n throw new Error(\"unsupported cipher\")\n }\n\n const iv = cipherInfo.ivLength ? crypto.randomBytes(cipherInfo.ivLength) : null;\n const dataBuff = typeof data === \"string\" ? Buffer.from(data, 'utf-8') : data\n\n const cipher = crypto.createCipheriv(algorithm as any, secret, iv, {authTagLength})\n\n const text = cipher.update(dataBuff);\n const pad = cipher.final();\n let authTag: Buffer | undefined;\n if (AUTH_TAG_REQUIRED.test(algorithm)) {\n authTag = cipher.getAuthTag();\n }\n\n return Buffer.concat([\n ...iv ? [iv] : [],\n ...authTag ? [authTag] : [],\n text,\n pad\n ]).toString(encoding)\n }\n\n decrypt(data?: null, options?: Partial): null\n decrypt(data: string | Buffer, options?: Partial): string\n decrypt(data?: string | Buffer | null, options?: Partial): string | null {\n if (!data) {\n return null\n }\n\n const finalOptions: DecryptOptions = options ? Object.assign({}, this.encryption, options) : this.encryption\n\n const {\n encoding,\n key,\n keys: defaultKeys,\n algorithm,\n authTagLength,\n } = finalOptions\n\n const keys = key ? [key] : defaultKeys\n if (keys.length === 0) {\n throw new Error(\"keys required for encrypted cookies\")\n }\n\n let {\n iv,\n authTag\n } = finalOptions\n\n let dataBuff = typeof data === \"string\" ? Buffer.from(data, encoding) : data\n\n const cipherInfo = KeyStore.cipherInfo[algorithm]\n if (!cipherInfo) {\n throw new Error(\"unsupported cipher\")\n }\n\n if (typeof iv === \"string\") {\n iv = Buffer.from(iv, encoding)\n }\n\n if (typeof authTag === \"string\") {\n authTag = Buffer.from(authTag, encoding)\n }\n\n if (cipherInfo.ivLength !== undefined) {\n if (!iv) {\n iv = dataBuff.slice(0, cipherInfo.ivLength)\n }\n dataBuff = dataBuff.slice(cipherInfo.ivLength, dataBuff.length)\n }\n\n\n if (AUTH_TAG_REQUIRED.test(algorithm)) {\n if (!authTag) {\n authTag = dataBuff.slice(0, authTagLength)\n }\n dataBuff = dataBuff.slice(authTagLength, dataBuff.length)\n }\n\n for (let i = 0; i < keys.length; i++) {\n const message = KeyStore.doDecrypt(dataBuff, {...finalOptions, key: keys[i], iv, authTag,});\n if (message !== null) return message\n }\n return null\n }\n\n private static doDecrypt(data: Buffer, options: DecryptOptions): string | null {\n const {algorithm, key, iv, authTagLength, authTag} = options\n const decipher = crypto.createDecipheriv(algorithm as any, key!, iv as Buffer || null, {authTagLength});\n\n if (authTag) {\n decipher.setAuthTag(authTag as Buffer)\n }\n\n const plainText = decipher.update(data)\n let final: Buffer\n try {\n final = decipher.final()\n } catch(e:any) {\n // authentication failed\n return null\n }\n return Buffer.concat([plainText, final]).toString('utf-8')\n }\n\n //region: signing\n\n sign(data?: null, key?: string | CipherKey): null\n sign(data: string, key?: string | CipherKey): string\n sign(data?: string | null, key?: string | CipherKey): string | null {\n if (!data) {\n return null\n }\n const {algorithm, encoding, keys} = this.signing\n key = key || keys[0] as CipherKey\n return crypto\n .createHmac(algorithm, key)\n .update(data).digest(encoding)\n .replace(/\\/|\\+|=/g, function (x) {\n return ({\"/\": \"_\", \"+\": \"-\", \"=\": \"\"})[x] as string\n })\n }\n\n verify(data: string, digest: string): boolean {\n return this.indexOf(data, digest) > -1\n }\n\n indexOf(data: string, digest: string): number {\n const {keys} = this.signing\n\n if (keys.length === 0) {\n throw new Error(\"keys required for signed cookies\")\n }\n\n for (let i = 0; i < keys.length; i++) {\n if (compare(digest, this.sign(data, keys[i] as string))) return i\n }\n return -1\n }\n\n //end-region: signing\n\n}\n\n","import http, {IncomingMessage, ServerResponse} from 'http';\nimport {Cookie, CookieAttrs} from './cookie';\nimport {KeyStore} from \"./keystore\";\nimport type {Http2ServerRequest, Http2ServerResponse} from \"http2\";\n\nconst cache: { [key: string]: RegExp } = {} as any;\ntype SignIdentifier = string | ((name: string) => string)\nexport type CookiesOptions = {\n\n /**\n * KeyStore to be used for signing and encrypting\n */\n keyStore?: KeyStore;\n /**\n * a boolean indicating whether the cookie is to be signed (`false` by default). If this is true, another cookie of the same name with the `signIdentifier` will also be sent, with a 27-byte url-safe base64 SHA1 value representing the hash of _cookie-name_=_cookie-value_ against the first [KeyStore](keystore) key. This signature key is used to detect tampering the next time a cookie is received.\n * @default false\n */\n signed?: boolean;\n /**\n * Encrypt cookies by default and assume received cookies are encrypted.\n * @default false\n */\n encrypted?: boolean;\n /**\n * Mark cookies as secure by default.\n * @default `req.protocol`\n */\n secure?: boolean;\n /**\n * If string, provided value will be appended cookie name with dot. For example with given value `mysig`\n * signature cookie name will be `cookiename.mysig`\n *\n * @default `sig`\n */\n signIdentifier?: SignIdentifier\n}\n\nexport type SetCookieOptions = CookiesOptions & CookieAttrs\nexport type GetCookieOptions = CookiesOptions\n\nexport class Cookies {\n\n secure: CookiesOptions[\"secure\"];\n\n encrypted: boolean;\n\n signed: boolean;\n\n keyStore: KeyStore;\n\n signIdentifier?: SignIdentifier\n\n readonly request: IncomingMessage | Http2ServerRequest;\n readonly response: ServerResponse | Http2ServerResponse;\n\n constructor(request: IncomingMessage | Http2ServerRequest, response: ServerResponse | Http2ServerResponse, options: CookiesOptions = {}) {\n this.request = request;\n this.response = response;\n\n this.keyStore = options.keyStore || new KeyStore();\n this.secure = options.secure;\n this.signed = options.signed !== undefined ? options.signed : false;\n this.encrypted = options.encrypted !== undefined ? options.encrypted : false;\n this.signIdentifier = options.signIdentifier || 'sig';\n }\n\n /**\n * This extracts the cookie with the given name from the Set-Cookie header in the request. If such a cookie exists, its value is returned. Otherwise, nothing is returned.\n *\n * `{ signed: true }` can optionally be passed as the second parameter options. In this case, a signature cookie (a cookie of same name ending with the .sig suffix appended) is fetched. If no such cookie exists, nothing is returned.\n *\n * If the signature cookie does exist, the provided KeyStore is used to check whether the hash of cookie-name=cookie-value matches that of any registered key/s:\n *\n * - If the signature cookie hash matches the first key, the original cookie value is returned.\n * - If the signature cookie hash matches any other key, the original cookie value is returned AND an outbound header is set to update the signature cookie's value to the hash of the first key. This enables automatic freshening of signature cookies that have become stale due to key rotation.\n * - If the signature cookie hash does not match any key, nothing is returned, and an outbound header with an expired date is used to delete the cookie.\n *\n * `{ encrypted: true }` can optionally be passed as the second parameter options. In this case, the provided KeyStore will try to decrypt the cookie value with registered key/s.\n *\n * - If the decryption fails nothing is returned, and the cookie stays intact.\n * - If decryption succeeds, decrypted cookie value is returned.\n *\n * If both `signed` and `encrypted` options are provided, signature check will be applied with encrypted value. Than the decryption will be applied.\n * @param name\n * @param opts\n */\n get(name: string, opts?: GetCookieOptions): string | undefined {\n const sigId = opts?.signIdentifier || this.signIdentifier;\n\n const sigName = typeof sigId === 'function' ? sigId.call(null, name)\n : `${name + '.' + sigId}`;\n\n const signed = opts && opts.signed !== undefined ? opts.signed : this.keyStore.signing.keys.length > 0;\n\n const encrypted = opts && opts.encrypted !== undefined ? opts.encrypted : this.encrypted;\n\n const header = this.request.headers['cookie'];\n if (!header) {\n return undefined;\n }\n\n const match = header.match(getPattern(name));\n if (!match) {\n return undefined;\n }\n\n const value = match[1];\n if (!opts || !signed) {\n return encrypted ? this.keyStore.decrypt(value as string) : value;\n }\n\n const remote = this.get(sigName, {encrypted: false, signed: false});\n if (!remote) {\n return undefined;\n }\n\n const data = `${name}=${value}`;\n const index = this.keyStore.indexOf(data, remote);\n\n if (index < 0) {\n this.set(sigName, null, {path: '/', signed: false});\n return undefined\n } else {\n index && this.set(sigName, this.keyStore.sign(data), {signed: false});\n return encrypted ? this.keyStore.decrypt(value as string) : value;\n }\n }\n\n /**\n * This sets the given cookie in the response and returns the current context to allow chaining.\n *\n * @param name Cookie name\n * @param value Cookie value. If this is omitted, an outbound header with an expired date is used to delete the cookie.\n * @param opts Overridden options\n */\n set(name: string, value?: string | null, opts?: SetCookieOptions): Cookies {\n const res = this.response,\n req = this.request,\n secure = this.secure !== undefined ? !!this.secure : (req).protocol === 'https' || (req).connection['encrypted'],\n encrypted = opts && opts.encrypted !== undefined ? opts.encrypted : this.encrypted;\n\n let headers = (res.getHeader('Set-Cookie') || []) as string[];\n\n const cookie = new Cookie(name, encrypted ? this.keyStore.encrypt(value as string): value, opts);\n const signed = opts && opts.signed !== undefined ? opts.signed : this.signed;\n\n /* istanbul ignore next */\n if (typeof headers == 'string') {\n headers = [headers];\n }\n\n if (!secure && opts && opts.secure) {\n throw new Error('Cannot send secure cookie over unencrypted connection');\n }\n\n cookie.secure = opts && opts.secure !== undefined ? opts.secure : secure;\n\n pushCookie(headers, cookie);\n\n if (opts && signed) {\n cookie.value = this.keyStore.sign(cookie.toString());\n\n const sigId = opts.signIdentifier || this.signIdentifier;\n\n if (typeof sigId === 'function') {\n cookie.name = sigId.call(null, cookie.name);\n } else {\n cookie.name = `${cookie.name + '.' + sigId}`;\n }\n pushCookie(headers, cookie);\n }\n\n const setHeader = (res)[\"set\"] ? http.OutgoingMessage.prototype.setHeader : res.setHeader;\n setHeader.call(res, 'Set-Cookie', headers);\n return this;\n }\n\n static middleware = (options?: CookiesOptions) => (req: any, res: any, next: any) => {\n req.cookies = res.cookies = new Cookies(req, res, options);\n next();\n }\n\n static connect = Cookies.middleware\n static express = Cookies.middleware\n static koa = (options?: CookiesOptions) => (ctx: any, next: any) => {\n ctx.cookies\n = ctx.req.cookies\n = ctx.res.cookies\n = ctx.request.cookies\n = ctx.response.cookies = new Cookies(ctx.req, ctx.res, options);\n return next()\n }\n}\n\n\nfunction getPattern(name: string): RegExp {\n if (cache[name]) {\n return cache[name] as RegExp;\n }\n\n return cache[name] = new RegExp(\n `(?:^|;) *${name.replace(/[-[\\]{}()*+?.,\\\\^$|#\\s]/g, '\\\\$&')}=([^;]*)`\n );\n}\n\nfunction pushCookie(headers: string[], cookie: Cookie) {\n if (cookie.overwrite) {\n for (let i = headers.length - 1; i >= 0; i--) {\n if (headers[i]!.indexOf(`${cookie.name}=`) === 0) {\n headers.splice(i, 1);\n }\n }\n }\n\n headers.push(cookie.header);\n}\n"],"names":["crypto","compare","http"],"mappings":";;;;;;;;;;;;;;;;;;;;AAAA;AACA,IAAM,kBAAkB,GAAG,uCAAuC,CAAC;AACnE,IAAM,gBAAgB,GAAG,wBAAwB,CAAC;;IAiDhD,gBAAY,IAAY,EAAE,KAAqB,EAAE,KAAmB;QARpE,SAAI,GAAG,GAAG,CAAC;QACX,aAAQ,GAA6B,KAAK,CAAC;QAC3C,WAAM,GAAG,KAAK,CAAC;QACf,aAAQ,GAAG,IAAI,CAAC;QAChB,cAAS,GAAG,KAAK,CAAC;QAKhB,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;YAClC,MAAM,IAAI,SAAS,CAAC,0BAA0B,CAAC,CAAC;SACjD;QAED,IAAI,KAAK,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE;YAC5C,MAAM,IAAI,SAAS,CAAC,2BAA2B,CAAC,CAAC;SAClD;QAED,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;QACjB,IAAI,CAAC,KAAK,GAAG,KAAK,IAAI,EAAE,CAAC;QAEzB,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,CAAA;QAE1B,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE;YACf,IAAI,CAAC,OAAO,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC;YAC3B,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC;SACpB;QAED,IAAI,IAAI,CAAC,IAAI,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;YACpD,MAAM,IAAI,SAAS,CAAC,wBAAwB,CAAC,CAAC;SAC/C;QAED,IAAI,IAAI,CAAC,MAAM,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE;YACxD,MAAM,IAAI,SAAS,CAAC,0BAA0B,CAAC,CAAC;SACjD;QAED,IAAI,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,QAAQ,KAAK,IAAI,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE;YACpF,MAAM,IAAI,SAAS,CAAC,4BAA4B,CAAC,CAAC;SACnD;KACF;IAED,yBAAQ,GAAR;QACE,OAAU,IAAI,CAAC,IAAI,SAAI,IAAI,CAAC,KAAO,CAAC;KACrC;IAED,sBAAI,0BAAM;aAAV;YACE,IAAI,MAAM,GAAG,IAAI,CAAC,QAAQ,EAAE,CAAC;YAE7B,IAAI,IAAI,CAAC,MAAM,EAAE;gBACf,IAAI,CAAC,OAAO,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC;aACnD;YAED,IAAI,IAAI,CAAC,IAAI,EAAE;gBACb,MAAM,IAAI,YAAU,IAAI,CAAC,IAAM,CAAC;aACjC;YACD,IAAI,IAAI,CAAC,OAAO,EAAE;gBAChB,MAAM,IAAI,eAAa,IAAI,CAAC,OAAO,CAAC,WAAW,EAAI,CAAC;aACrD;YACD,IAAI,IAAI,CAAC,MAAM,EAAE;gBACf,MAAM,IAAI,cAAY,IAAI,CAAC,MAAQ,CAAC;aACrC;YACD,IAAI,IAAI,CAAC,QAAQ,EAAE;gBACjB,MAAM,IAAI,iBAAc,IAAI,CAAC,QAAQ,KAAK,IAAI,GAAG,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAE,CAAC;aAC3F;YACD,IAAI,IAAI,CAAC,MAAM,EAAE;gBACf,MAAM,IAAI,UAAU,CAAC;aACtB;YACD,IAAI,IAAI,CAAC,QAAQ,EAAE;gBACjB,MAAM,IAAI,YAAY,CAAC;aACxB;YAED,OAAO,MAAM,CAAC;SACf;;;OAAA;IAEH,aAAC;AAAD,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;ACpHM,IAAM,WAAW,GAAG;IACzB,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,uBAAuB,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IACxD,yBAAyB,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC1D,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,EAAE,EAAE,EAAE;IACrD,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,EAAE,EAAE,EAAE;IACrD,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,uBAAuB,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IACxD,yBAAyB,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC1D,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,EAAE,EAAE,EAAE;IACrD,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;CACxC;;ACrCV,IAAM,iBAAiB,GAAG,YAAY,CAAA;;IAkCpC,kBAAY,IAAmB;QAC7B,IAAI,GAAG,IAAI,IAAI,EAAE,CAAA;QAEjB,IAAI,CAAC,UAAU,GAAG,MAAM,CAAC,MAAM,CAAC;YAC9B,SAAS,EAAE,aAAa;YACxB,aAAa,EAAE,EAAE;YACjB,QAAQ,EAAE,KAAK;YACf,IAAI,EAAE,EAAE;SACT,EAAE,IAAI,CAAC,UAAU,IAAI,EAAS,CAAC,CAAA;QAEhC,IAAI,CAAC,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC;YAC3B,QAAQ,EAAE,QAAQ;YAClB,SAAS,EAAE,MAAM;YACjB,IAAI,EAAE,EAAE;SACT,EAAE,IAAI,CAAC,OAAO,IAAI,EAAS,CAAC,CAAA;KAE9B;IAID,0BAAO,GAAP,UAAQ,IAA6B,EAAE,OAAiC;QACtE,IAAI,CAAC,IAAI,EAAE;YACT,OAAO,IAAI,CAAA;SACZ;QACK,IAAA,KAMc,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,IAAI,CAAC,UAAU,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC,UAAU,EALzF,IAAI,UAAA,EACJ,SAAS,eAAA,EACT,QAAQ,cAAA,EACR,aAAa,mBAAA,EACb,GAAG,SACsF,CAAA;QAE3F,IAAM,MAAM,GAAG,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,CAAA;QAE7B,IAAI,CAAC,MAAM,EAAE;YACX,MAAM,IAAI,KAAK,CAAC,cAAc,CAAC,CAAA;SAChC;QAED,IAAM,UAAU,GAAG,QAAQ,CAAC,UAAU,CAAC,SAAS,CAAC,CAAA;QACjD,IAAI,CAAC,UAAU,EAAE;YACf,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAA;SACtC;QAED,IAAM,EAAE,GAAG,UAAU,CAAC,QAAQ,GAAGA,0BAAM,CAAC,WAAW,CAAC,UAAU,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC;QAChF,IAAM,QAAQ,GAAG,OAAO,IAAI,KAAK,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,EAAE,OAAO,CAAC,GAAG,IAAI,CAAA;QAE7E,IAAM,MAAM,GAAGA,0BAAM,CAAC,cAAc,CAAC,SAAgB,EAAE,MAAM,EAAE,EAAE,EAAE,EAAC,aAAa,eAAA,EAAC,CAAC,CAAA;QAEnF,IAAM,IAAI,GAAG,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QACrC,IAAM,GAAG,GAAG,MAAM,CAAC,KAAK,EAAE,CAAC;QAC3B,IAAI,OAA2B,CAAC;QAChC,IAAI,iBAAiB,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE;YACrC,OAAO,GAAG,MAAM,CAAC,UAAU,EAAE,CAAC;SAC/B;QAED,OAAO,MAAM,CAAC,MAAM,+CACf,EAAE,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,SACd,OAAO,GAAG,CAAC,OAAO,CAAC,GAAG,EAAE;YAC3B,IAAI;YACJ,GAAG;WACH,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAA;KACtB;IAID,0BAAO,GAAP,UAAQ,IAA6B,EAAE,OAAiC;QACtE,IAAI,CAAC,IAAI,EAAE;YACT,OAAO,IAAI,CAAA;SACZ;QAED,IAAM,YAAY,GAAmB,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,IAAI,CAAC,UAAU,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC,UAAU,CAAA;QAG1G,IAAA,QAAQ,GAKN,YAAY,SALN,EACR,GAAG,GAID,YAAY,IAJX,EACG,WAAW,GAGf,YAAY,KAHG,EACjB,SAAS,GAEP,YAAY,UAFL,EACT,aAAa,GACX,YAAY,cADD,CACC;QAEhB,IAAM,IAAI,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,WAAW,CAAA;QACtC,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE;YACrB,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAA;SACvD;QAGC,IAAA,EAAE,GAEA,YAAY,GAFZ,EACF,OAAO,GACL,YAAY,QADP,CACO;QAEhB,IAAI,QAAQ,GAAG,OAAO,IAAI,KAAK,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,EAAE,QAAQ,CAAC,GAAG,IAAI,CAAA;QAE5E,IAAM,UAAU,GAAG,QAAQ,CAAC,UAAU,CAAC,SAAS,CAAC,CAAA;QACjD,IAAI,CAAC,UAAU,EAAE;YACf,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAA;SACtC;QAED,IAAI,OAAO,EAAE,KAAK,QAAQ,EAAE;YAC1B,EAAE,GAAG,MAAM,CAAC,IAAI,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAA;SAC/B;QAED,IAAI,OAAO,OAAO,KAAK,QAAQ,EAAE;YAC/B,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAA;SACzC;QAED,IAAI,UAAU,CAAC,QAAQ,KAAK,SAAS,EAAE;YACrC,IAAI,CAAC,EAAE,EAAE;gBACP,EAAE,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,UAAU,CAAC,QAAQ,CAAC,CAAA;aAC5C;YACD,QAAQ,GAAG,QAAQ,CAAC,KAAK,CAAC,UAAU,CAAC,QAAQ,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAA;SAChE;QAGD,IAAI,iBAAiB,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE;YACrC,IAAI,CAAC,OAAO,EAAE;gBACZ,OAAO,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,aAAa,CAAC,CAAA;aAC3C;YACD,QAAQ,GAAG,QAAQ,CAAC,KAAK,CAAC,aAAa,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAA;SAC1D;QAED,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;YACpC,IAAM,OAAO,GAAG,QAAQ,CAAC,SAAS,CAAC,QAAQ,wBAAM,YAAY,KAAE,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,IAAA,EAAE,OAAO,SAAA,IAAG,CAAC;YAC5F,IAAI,OAAO,KAAK,IAAI;gBAAE,OAAO,OAAO,CAAA;SACrC;QACD,OAAO,IAAI,CAAA;KACZ;IAEc,kBAAS,GAAxB,UAAyB,IAAY,EAAE,OAAuB;QACrD,IAAA,SAAS,GAAqC,OAAO,UAA5C,EAAE,GAAG,GAAgC,OAAO,IAAvC,EAAE,EAAE,GAA4B,OAAO,GAAnC,EAAE,aAAa,GAAa,OAAO,cAApB,EAAE,OAAO,GAAI,OAAO,QAAX,CAAW;QAC5D,IAAM,QAAQ,GAAGA,0BAAM,CAAC,gBAAgB,CAAC,SAAgB,EAAE,GAAI,EAAE,EAAY,IAAI,IAAI,EAAE,EAAC,aAAa,eAAA,EAAC,CAAC,CAAC;QAExG,IAAI,OAAO,EAAE;YACX,QAAQ,CAAC,UAAU,CAAC,OAAiB,CAAC,CAAA;SACvC;QAED,IAAM,SAAS,GAAG,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,CAAA;QACvC,IAAI,KAAa,CAAA;QACjB,IAAI;YACF,KAAK,GAAG,QAAQ,CAAC,KAAK,EAAE,CAAA;SACzB;QAAC,OAAM,CAAK,EAAE;;YAEb,OAAO,IAAI,CAAA;SACZ;QACD,OAAO,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAA;KAC3D;IAMD,uBAAI,GAAJ,UAAK,IAAoB,EAAE,GAAwB;QACjD,IAAI,CAAC,IAAI,EAAE;YACT,OAAO,IAAI,CAAA;SACZ;QACK,IAAA,KAA8B,IAAI,CAAC,OAAO,EAAzC,SAAS,eAAA,EAAE,QAAQ,cAAA,EAAE,IAAI,UAAgB,CAAA;QAChD,GAAG,GAAG,GAAG,IAAI,IAAI,CAAC,CAAC,CAAc,CAAA;QACjC,OAAOA,0BAAM;aACV,UAAU,CAAC,SAAS,EAAE,GAAG,CAAC;aAC1B,MAAM,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC;aAC7B,OAAO,CAAC,UAAU,EAAE,UAAU,CAAC;YAC9B,OAAO,CAAC,EAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,EAAE,EAAC,EAAE,CAAC,CAAW,CAAA;SACpD,CAAC,CAAA;KACL;IAED,yBAAM,GAAN,UAAO,IAAY,EAAE,MAAc;QACjC,OAAO,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC,GAAG,CAAC,CAAC,CAAA;KACvC;IAED,0BAAO,GAAP,UAAQ,IAAY,EAAE,MAAc;QAC3B,IAAA,IAAI,GAAI,IAAI,CAAC,OAAO,KAAhB,CAAgB;QAE3B,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE;YACrB,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAA;SACpD;QAED,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;YACpC,IAAIC,2BAAO,CAAC,MAAM,EAAE,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC,CAAW,CAAC,CAAC;gBAAE,OAAO,CAAC,CAAA;SAClE;QACD,OAAO,CAAC,CAAC,CAAA;KACV;IAxLM,mBAAU,GAAG,WAGlB,CAAA;IAyLJ,eAAC;CAhMD;;AC1BA,IAAM,KAAK,GAA8B,EAAS,CAAC;;IAkDjD,iBAAY,OAA6C,EAAE,QAA8C,EAAE,OAA4B;QAA5B,wBAAA,EAAA,YAA4B;QACrI,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;QACvB,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;QAEzB,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC,QAAQ,IAAI,IAAI,QAAQ,EAAE,CAAC;QACnD,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;QAC7B,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,KAAK,SAAS,GAAG,OAAO,CAAC,MAAM,GAAG,KAAK,CAAC;QACpE,IAAI,CAAC,SAAS,GAAG,OAAO,CAAC,SAAS,KAAK,SAAS,GAAG,OAAO,CAAC,SAAS,GAAG,KAAK,CAAC;QAC7E,IAAI,CAAC,cAAc,GAAG,OAAO,CAAC,cAAc,IAAI,KAAK,CAAC;KACvD;;;;;;;;;;;;;;;;;;;;;IAsBD,qBAAG,GAAH,UAAI,IAAY,EAAE,IAAuB;QACvC,IAAM,KAAK,GAAG,CAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,cAAc,KAAI,IAAI,CAAC,cAAc,CAAC;QAE1D,IAAM,OAAO,GAAG,OAAO,KAAK,KAAK,UAAU,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC;cAChE,MAAG,IAAI,GAAG,GAAG,GAAG,KAAK,CAAE,CAAC;QAE5B,IAAM,MAAM,GAAG,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,SAAS,GAAG,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC;QAEvG,IAAM,SAAS,GAAG,IAAI,IAAI,IAAI,CAAC,SAAS,KAAK,SAAS,GAAG,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC;QAEzF,IAAM,MAAM,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;QAC9C,IAAI,CAAC,MAAM,EAAE;YACX,OAAO,SAAS,CAAC;SAClB;QAED,IAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC;QAC7C,IAAI,CAAC,KAAK,EAAE;YACV,OAAO,SAAS,CAAC;SAClB;QAED,IAAM,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QACvB,IAAI,CAAC,IAAI,IAAI,CAAC,MAAM,EAAE;YACpB,OAAO,SAAS,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAe,CAAC,GAAG,KAAK,CAAC;SACnE;QAED,IAAM,MAAM,GAAG,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,EAAC,SAAS,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK,EAAC,CAAC,CAAC;QACpE,IAAI,CAAC,MAAM,EAAE;YACX,OAAO,SAAS,CAAC;SAClB;QAED,IAAM,IAAI,GAAM,IAAI,SAAI,KAAO,CAAC;QAChC,IAAM,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;QAElD,IAAI,KAAK,GAAG,CAAC,EAAE;YACb,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,IAAI,EAAE,EAAC,IAAI,EAAE,GAAG,EAAE,MAAM,EAAE,KAAK,EAAC,CAAC,CAAC;YACpD,OAAO,SAAS,CAAA;SACjB;aAAM;YACL,KAAK,IAAI,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,EAAC,MAAM,EAAE,KAAK,EAAC,CAAC,CAAC;YACtE,OAAO,SAAS,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAe,CAAC,GAAG,KAAK,CAAC;SACnE;KACF;;;;;;;;IASD,qBAAG,GAAH,UAAI,IAAY,EAAE,KAAqB,EAAE,IAAuB;QAC9D,IAAM,GAAG,GAAG,IAAI,CAAC,QAAQ,EACvB,GAAG,GAAG,IAAI,CAAC,OAAO,EAClB,MAAM,GAAG,IAAI,CAAC,MAAM,KAAK,SAAS,GAAG,CAAC,CAAC,IAAI,CAAC,MAAM,GAAS,GAAI,CAAC,QAAQ,KAAK,OAAO,IAAU,GAAI,CAAC,UAAU,CAAC,WAAW,CAAC,EAC1H,SAAS,GAAG,IAAI,IAAI,IAAI,CAAC,SAAS,KAAK,SAAS,GAAG,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC;QAErF,IAAI,OAAO,IAAI,GAAG,CAAC,SAAS,CAAC,YAAY,CAAC,IAAI,EAAE,CAAa,CAAC;QAE9D,IAAM,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,EAAE,SAAS,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAe,CAAC,GAAE,KAAK,EAAE,IAAI,CAAC,CAAC;QACjG,IAAM,MAAM,GAAG,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,SAAS,GAAG,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC;;QAG7E,IAAI,OAAO,OAAO,IAAI,QAAQ,EAAE;YAC9B,OAAO,GAAG,CAAC,OAAO,CAAC,CAAC;SACrB;QAED,IAAI,CAAC,MAAM,IAAI,IAAI,IAAI,IAAI,CAAC,MAAM,EAAE;YAClC,MAAM,IAAI,KAAK,CAAC,uDAAuD,CAAC,CAAC;SAC1E;QAED,MAAM,CAAC,MAAM,GAAG,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,SAAS,GAAG,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QAEzE,UAAU,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;QAE5B,IAAI,IAAI,IAAI,MAAM,EAAE;YAClB,MAAM,CAAC,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAC;YAErD,IAAM,KAAK,GAAG,IAAI,CAAC,cAAc,IAAI,IAAI,CAAC,cAAc,CAAC;YAEzD,IAAI,OAAO,KAAK,KAAK,UAAU,EAAE;gBAC/B,MAAM,CAAC,IAAI,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,CAAC;aAC7C;iBAAM;gBACL,MAAM,CAAC,IAAI,GAAG,MAAG,MAAM,CAAC,IAAI,GAAG,GAAG,GAAG,KAAK,CAAE,CAAC;aAC9C;YACD,UAAU,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;SAC7B;QAED,IAAM,SAAS,GAAS,GAAI,CAAC,KAAK,CAAC,GAAGC,wBAAI,CAAC,eAAe,CAAC,SAAS,CAAC,SAAS,GAAG,GAAG,CAAC,SAAS,CAAC;QAC/F,SAAS,CAAC,IAAI,CAAC,GAAG,EAAE,YAAY,EAAE,OAAO,CAAC,CAAC;QAC3C,OAAO,IAAI,CAAC;KACb;IAEM,kBAAU,GAAG,UAAC,OAAwB,IAAK,OAAA,UAAC,GAAQ,EAAE,GAAQ,EAAE,IAAS;QAC9E,GAAG,CAAC,OAAO,GAAG,GAAG,CAAC,OAAO,GAAG,IAAI,OAAO,CAAC,GAAG,EAAE,GAAG,EAAE,OAAO,CAAC,CAAC;QAC3D,IAAI,EAAE,CAAC;KACR,GAAA,CAAA;IAEM,eAAO,GAAG,OAAO,CAAC,UAAU,CAAA;IAC5B,eAAO,GAAG,OAAO,CAAC,UAAU,CAAA;IAC5B,WAAG,GAAG,UAAC,OAAwB,IAAK,OAAA,UAAC,GAAQ,EAAE,IAAS;QAC7D,GAAG,CAAC,OAAO;cACP,GAAG,CAAC,GAAG,CAAC,OAAO;kBACf,GAAG,CAAC,GAAG,CAAC,OAAO;sBACf,GAAG,CAAC,OAAO,CAAC,OAAO;0BACnB,GAAG,CAAC,QAAQ,CAAC,OAAO,GAAG,IAAI,OAAO,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;QAClE,OAAO,IAAI,EAAE,CAAA;KACd,GAAA,CAAA;IACH,cAAC;CAxJD,IAwJC;AAGD,SAAS,UAAU,CAAC,IAAY;IAC9B,IAAI,KAAK,CAAC,IAAI,CAAC,EAAE;QACf,OAAO,KAAK,CAAC,IAAI,CAAW,CAAC;KAC9B;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,GAAG,IAAI,MAAM,CAC7B,cAAY,IAAI,CAAC,OAAO,CAAC,0BAA0B,EAAE,MAAM,CAAC,aAAU,CACvE,CAAC;AACJ,CAAC;AAED,SAAS,UAAU,CAAC,OAAiB,EAAE,MAAc;IACnD,IAAI,MAAM,CAAC,SAAS,EAAE;QACpB,KAAK,IAAI,CAAC,GAAG,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE;YAC5C,IAAI,OAAO,CAAC,CAAC,CAAE,CAAC,OAAO,CAAI,MAAM,CAAC,IAAI,MAAG,CAAC,KAAK,CAAC,EAAE;gBAChD,OAAO,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;aACtB;SACF;KACF;IAED,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;AAC9B;;;;;;"} \ No newline at end of file diff --git a/dist/index.esm.js b/dist/index.esm.js index 3009e60..b0090bc 100644 --- a/dist/index.esm.js +++ b/dist/index.esm.js @@ -1,5 +1,5 @@ /*! - * secure-cookie v0.0.7 + * secure-cookie v0.1.0 * (c) Ismail H. Ayaz * Released under the MIT License. */ @@ -157,22 +157,17 @@ var AUTH_TAG_REQUIRED = /-(gcm|ccm)/; var KeyStore = /** @class */ (function () { function KeyStore(opts) { opts = opts || {}; - if (opts.encryption) { - if (!Array.isArray(opts.encryption.keys) || opts.encryption.keys.length === 0) { - throw new Error("keys are required for encryption"); - } - } - if (opts.signing) { - if (!Array.isArray(opts.signing.keys) || opts.signing.keys.length === 0) { - throw new Error("keys are required for signing"); - } - } this.encryption = Object.assign({ algorithm: 'aes-192-ccm', authTagLength: 16, - encoding: 'hex', keys: [] + encoding: 'hex', + keys: [] }, opts.encryption || {}); - this.signing = Object.assign({ encoding: 'base64', algorithm: 'sha1', keys: [] }, opts.signing || {}); + this.signing = Object.assign({ + encoding: 'base64', + algorithm: 'sha1', + keys: [] + }, opts.signing || {}); } KeyStore.prototype.encrypt = function (data, options) { if (!data) { diff --git a/dist/index.esm.js.map b/dist/index.esm.js.map index 24b65a2..923af6f 100644 --- a/dist/index.esm.js.map +++ b/dist/index.esm.js.map @@ -1 +1 @@ -{"version":3,"file":"index.esm.js","sources":["../src/cookie.ts","../src/ciphers.ts","../src/keystore.ts","../src/cookies.ts"],"sourcesContent":["// eslint-disable-next-line no-control-regex\nconst fieldContentRegExp = /^[\\u0009\\u0020-\\u007e\\u0080-\\u00ff]+$/;\nconst SAME_SITE_REGEXP = /^(?:lax|none|strict)$/i;\n\nexport interface CookieAttrs {\n /**\n * a `Date` object indicating the cookie's expiration date (expires at the end of session by default).\n */\n expires?: Date;\n /**\n * a number representing the milliseconds from `Date.now()` for expiry\n */\n maxAge?: number | null;\n /**\n * a boolean or string indicating whether the cookie is a \"same site\" cookie (`false` by default). This can be set to `'strict'`, `'lax'`, `'none'`, or `true` (which maps to `'strict'`).\n */\n sameSite?: 'lax' | 'none' | 'strict' | boolean;\n /**\n * a string indicating the path of the cookie (`/` by default).\n */\n path?: string;\n /**\n * a string indicating the domain of the cookie (no default).\n */\n domain?: string;\n /**\n * a boolean indicating whether the cookie is only to be sent over HTTPS (`false` by default for HTTP, `true` by default for HTTPS).\n */\n secure?: boolean;\n /**\n * a boolean indicating whether the cookie is only to be sent over HTTP(S), and not made available to client JavaScript (`true` by default).\n */\n httpOnly?: boolean;\n /**\n * a boolean indicating whether to overwrite previously set cookies of the same name (`false` by default). If this is true, all cookies set during the same request with the same name (regardless of path or domain) are filtered out of the Set-Cookie header when setting this cookie.\n */\n overwrite?: boolean;\n}\n\nexport class Cookie implements CookieAttrs {\n name: string;\n value: string;\n domain?: string;\n path = '/';\n sameSite?: CookieAttrs['sameSite'] = false;\n secure = false;\n httpOnly = true;\n overwrite = false;\n expires?: Date;\n maxAge?: number | null;\n\n constructor(name: string, value?: string | null, attrs?: CookieAttrs) {\n if (!fieldContentRegExp.test(name)) {\n throw new TypeError('argument name is invalid');\n }\n\n if (value && !fieldContentRegExp.test(value)) {\n throw new TypeError('argument value is invalid');\n }\n\n this.name = name;\n this.value = value || '';\n\n Object.assign(this, attrs)\n\n if (!this.value) {\n this.expires = new Date(0);\n this.maxAge = null;\n }\n\n if (this.path && !fieldContentRegExp.test(this.path)) {\n throw new TypeError('option path is invalid');\n }\n\n if (this.domain && !fieldContentRegExp.test(this.domain)) {\n throw new TypeError('option domain is invalid');\n }\n\n if (this.sameSite && this.sameSite !== true && !SAME_SITE_REGEXP.test(this.sameSite)) {\n throw new TypeError('option sameSite is invalid');\n }\n }\n\n toString() {\n return `${this.name}=${this.value}`;\n }\n\n get header() {\n let header = this.toString();\n\n if (this.maxAge) {\n this.expires = new Date(Date.now() + this.maxAge);\n }\n\n if (this.path) {\n header += `; path=${this.path}`;\n }\n if (this.expires) {\n header += `; expires=${this.expires.toUTCString()}`;\n }\n if (this.domain) {\n header += `; domain=${this.domain}`;\n }\n if (this.sameSite) {\n header += `; samesite=${this.sameSite === true ? 'strict' : this.sameSite.toLowerCase()}`;\n }\n if (this.secure) {\n header += '; secure';\n }\n if (this.httpOnly) {\n header += '; httponly';\n }\n\n return header;\n }\n\n}\n","export const CIPHER_INFO = {\n 'aes-128-cbc': { ivLength: 16, keyLength: 16 },\n 'aes-128-cbc-hmac-sha1': { ivLength: 16, keyLength: 16 },\n 'aes-128-cbc-hmac-sha256': { ivLength: 16, keyLength: 16 },\n 'aes-128-cfb': { ivLength: 16, keyLength: 16 },\n 'aes-128-cfb1': { ivLength: 16, keyLength: 16 },\n 'aes-128-cfb8': { ivLength: 16, keyLength: 16 },\n 'aes-128-ctr': { ivLength: 16, keyLength: 16 },\n 'aes-128-ecb': { ivLength: undefined, keyLength: 16 },\n 'aes-128-ocb': { ivLength: 12, keyLength: 16 },\n 'aes-128-ofb': { ivLength: 16, keyLength: 16 },\n 'aes-128-xts': { ivLength: 16, keyLength: 32 },\n 'aes-192-cbc': { ivLength: 16, keyLength: 24 },\n 'aes-192-cfb': { ivLength: 16, keyLength: 24 },\n 'aes-192-cfb1': { ivLength: 16, keyLength: 24 },\n 'aes-192-cfb8': { ivLength: 16, keyLength: 24 },\n 'aes-192-ctr': { ivLength: 16, keyLength: 24 },\n 'aes-192-ecb': { ivLength: undefined, keyLength: 24 },\n 'aes-192-ocb': { ivLength: 12, keyLength: 24 },\n 'aes-192-ofb': { ivLength: 16, keyLength: 24 },\n 'aes-256-cbc': { ivLength: 16, keyLength: 32 },\n 'aes-256-cbc-hmac-sha1': { ivLength: 16, keyLength: 32 },\n 'aes-256-cbc-hmac-sha256': { ivLength: 16, keyLength: 32 },\n 'aes-256-cfb': { ivLength: 16, keyLength: 32 },\n 'aes-256-cfb1': { ivLength: 16, keyLength: 32 },\n 'aes-256-cfb8': { ivLength: 16, keyLength: 32 },\n 'aes-256-ctr': { ivLength: 16, keyLength: 32 },\n 'aes-256-ecb': { ivLength: undefined, keyLength: 32 },\n 'aes-256-ocb': { ivLength: 12, keyLength: 32 },\n 'aes-256-ofb': { ivLength: 16, keyLength: 32 },\n 'aes-256-xts': { ivLength: 16, keyLength: 64 },\n 'aes-128-ccm': { ivLength: 12, keyLength: 16 },\n 'aes-128-gcm': { ivLength: 12, keyLength: 16 },\n 'aes-192-ccm': { ivLength: 12, keyLength: 24 },\n 'aes-192-gcm': { ivLength: 12, keyLength: 24 },\n 'aes-256-ccm': { ivLength: 12, keyLength: 32 },\n 'aes-256-gcm': { ivLength: 12, keyLength: 32 },\n 'id-aes128-ccm': { ivLength: 12, keyLength: 16 },\n 'id-aes128-gcm': { ivLength: 12, keyLength: 16 },\n 'id-aes192-ccm': { ivLength: 12, keyLength: 24 },\n 'id-aes192-gcm': { ivLength: 12, keyLength: 24 },\n 'id-aes256-ccm': { ivLength: 12, keyLength: 32 },\n 'id-aes256-gcm': { ivLength: 12, keyLength: 32 },\n} as const\n","/* eslint-disable @typescript-eslint/ban-ts-comment */\nimport compare from 'tsscmp'\n\nimport crypto, {BinaryToTextEncoding, CipherKey, Encoding} from \"crypto\";\nimport {CIPHER_INFO} from \"./ciphers\";\n\nconst AUTH_TAG_REQUIRED = /-(gcm|ccm)/\n\nexport interface KeyStoreOpts {\n signing?: {\n keys: string[],\n algorithm?: string | 'blake2b512' | 'blake2s256' | 'gost' | 'md4' | 'md5' | 'rmd160' | 'sha1' | 'sha224'\n | 'sha256' | 'sha3-224' | 'sha3-256' | 'sha3-384' | 'sha3-512' | 'sha384' | 'sha512' | 'sha512-224'\n | 'sha512-256' | 'shake128' | 'shake256' | 'sm3';\n encoding?: BinaryToTextEncoding\n },\n encryption?: {\n keys: string[] | CipherKey[],\n algorithm?: keyof typeof CIPHER_INFO | string,\n encoding?: Encoding\n authTagLength?: number\n }\n}\n\nexport type EncryptOptions = Required & { key?: string | undefined }\nexport type DecryptOptions = Required & {\n key?: string | CipherKey | undefined,\n iv?: string | Buffer | undefined,\n authTag?: string | Buffer | undefined\n}\n\nexport class KeyStore {\n encryption: Required>;\n signing: Required>;\n\n static cipherInfo = CIPHER_INFO as Record\n\n constructor(opts?: KeyStoreOpts) {\n opts = opts || {}\n if (opts.encryption) {\n if (!Array.isArray(opts.encryption.keys) || opts.encryption.keys.length === 0) {\n throw new Error(\"keys are required for encryption\")\n }\n }\n if (opts.signing) {\n if (!Array.isArray(opts.signing.keys) || opts.signing.keys.length === 0) {\n throw new Error(\"keys are required for signing\")\n }\n }\n this.encryption = Object.assign({\n algorithm: 'aes-192-ccm',\n authTagLength: 16,\n encoding: 'hex', keys: []\n }, opts.encryption || {} as any)\n\n this.signing = Object.assign({encoding: 'base64', algorithm: 'sha1', keys: []}, opts.signing || {} as any)\n\n }\n\n encrypt(data?: null, options?: Partial): null\n encrypt(data: string | Buffer, options?: Partial): string\n encrypt(data?: string | Buffer | null, options?: Partial): string | null {\n if (!data) {\n return null\n }\n const {\n keys,\n algorithm,\n encoding,\n authTagLength,\n key\n }: EncryptOptions = options ? Object.assign({}, this.encryption, options) : this.encryption\n\n const secret = key || keys[0]\n\n if (!secret) {\n throw new Error(\"no key found\")\n }\n\n const cipherInfo = KeyStore.cipherInfo[algorithm]\n if (!cipherInfo) {\n throw new Error(\"unsupported cipher\")\n }\n\n const iv = cipherInfo.ivLength ? crypto.randomBytes(cipherInfo.ivLength) : null;\n const dataBuff = typeof data === \"string\" ? Buffer.from(data, 'utf-8') : data\n\n const cipher = crypto.createCipheriv(algorithm as any, secret, iv, {authTagLength})\n\n const text = cipher.update(dataBuff);\n const pad = cipher.final();\n let authTag: Buffer | undefined;\n if (AUTH_TAG_REQUIRED.test(algorithm)) {\n authTag = cipher.getAuthTag();\n }\n\n return Buffer.concat([\n ...iv ? [iv] : [],\n ...authTag ? [authTag] : [],\n text,\n pad\n ]).toString(encoding)\n }\n\n decrypt(data?: null, options?: Partial): null\n decrypt(data: string | Buffer, options?: Partial): string\n decrypt(data?: string | Buffer | null, options?: Partial): string | null {\n if (!data) {\n return null\n }\n\n const finalOptions: DecryptOptions = options ? Object.assign({}, this.encryption, options) : this.encryption\n\n const {\n encoding,\n key,\n keys: defaultKeys,\n algorithm,\n authTagLength,\n } = finalOptions\n\n const keys = key ? [key] : defaultKeys\n if (keys.length === 0) {\n throw new Error(\"keys required for encrypted cookies\")\n }\n\n let {\n iv,\n authTag\n } = finalOptions\n\n let dataBuff = typeof data === \"string\" ? Buffer.from(data, encoding) : data\n\n const cipherInfo = KeyStore.cipherInfo[algorithm]\n if (!cipherInfo) {\n throw new Error(\"unsupported cipher\")\n }\n\n if (typeof iv === \"string\") {\n iv = Buffer.from(iv, encoding)\n }\n\n if (typeof authTag === \"string\") {\n authTag = Buffer.from(authTag, encoding)\n }\n\n if (cipherInfo.ivLength !== undefined) {\n if (!iv) {\n iv = dataBuff.slice(0, cipherInfo.ivLength)\n }\n dataBuff = dataBuff.slice(cipherInfo.ivLength, dataBuff.length)\n }\n\n\n if (AUTH_TAG_REQUIRED.test(algorithm)) {\n if (!authTag) {\n authTag = dataBuff.slice(0, authTagLength)\n }\n dataBuff = dataBuff.slice(authTagLength, dataBuff.length)\n }\n\n for (let i = 0; i < keys.length; i++) {\n const message = KeyStore.doDecrypt(dataBuff, {...finalOptions, key: keys[i], iv, authTag,});\n if (message !== null) return message\n }\n return null\n }\n\n private static doDecrypt(data: Buffer, options: DecryptOptions): string | null {\n const {algorithm, key, iv, authTagLength, authTag} = options\n const decipher = crypto.createDecipheriv(algorithm as any, key!, iv as Buffer || null, {authTagLength});\n\n if (authTag) {\n decipher.setAuthTag(authTag as Buffer)\n }\n\n const plainText = decipher.update(data)\n let final: Buffer\n try {\n final = decipher.final()\n } catch(e:any) {\n // authentication failed\n return null\n }\n return Buffer.concat([plainText, final]).toString('utf-8')\n }\n\n //region: signing\n\n sign(data?: null, key?: string | CipherKey): null\n sign(data: string, key?: string | CipherKey): string\n sign(data?: string | null, key?: string | CipherKey): string | null {\n if (!data) {\n return null\n }\n const {algorithm, encoding, keys} = this.signing\n key = key || keys[0] as CipherKey\n return crypto\n .createHmac(algorithm, key)\n .update(data).digest(encoding)\n .replace(/\\/|\\+|=/g, function (x) {\n return ({\"/\": \"_\", \"+\": \"-\", \"=\": \"\"})[x] as string\n })\n }\n\n verify(data: string, digest: string): boolean {\n return this.indexOf(data, digest) > -1\n }\n\n indexOf(data: string, digest: string): number {\n const {keys} = this.signing\n\n if (keys.length === 0) {\n throw new Error(\"keys required for signed cookies\")\n }\n\n for (let i = 0; i < keys.length; i++) {\n if (compare(digest, this.sign(data, keys[i] as string))) return i\n }\n return -1\n }\n\n //end-region: signing\n\n}\n\n","import http, {IncomingMessage, ServerResponse} from 'http';\nimport {Cookie, CookieAttrs} from './cookie';\nimport {KeyStore} from \"./keystore\";\nimport type {Http2ServerRequest, Http2ServerResponse} from \"http2\";\n\nconst cache: { [key: string]: RegExp } = {} as any;\ntype SignIdentifier = string | ((name: string) => string)\nexport type CookiesOptions = {\n\n /**\n * KeyStore to be used for signing and encrypting\n */\n keyStore?: KeyStore;\n /**\n * a boolean indicating whether the cookie is to be signed (`false` by default). If this is true, another cookie of the same name with the `signIdentifier` will also be sent, with a 27-byte url-safe base64 SHA1 value representing the hash of _cookie-name_=_cookie-value_ against the first [KeyStore](keystore) key. This signature key is used to detect tampering the next time a cookie is received.\n * @default false\n */\n signed?: boolean;\n /**\n * Encrypt cookies by default and assume received cookies are encrypted.\n * @default false\n */\n encrypted?: boolean;\n /**\n * Mark cookies as secure by default.\n * @default `req.protocol`\n */\n secure?: boolean;\n /**\n * If string, provided value will be appended cookie name with dot. For example with given value `mysig`\n * signature cookie name will be `cookiename.mysig`\n *\n * @default `sig`\n */\n signIdentifier?: SignIdentifier\n}\n\nexport type SetCookieOptions = CookiesOptions & CookieAttrs\nexport type GetCookieOptions = CookiesOptions\n\nexport class Cookies {\n\n secure: CookiesOptions[\"secure\"];\n\n encrypted: boolean;\n\n signed: boolean;\n\n keyStore: KeyStore;\n\n signIdentifier?: SignIdentifier\n\n readonly request: IncomingMessage | Http2ServerRequest;\n readonly response: ServerResponse | Http2ServerResponse;\n\n constructor(request: IncomingMessage | Http2ServerRequest, response: ServerResponse | Http2ServerResponse, options: CookiesOptions = {}) {\n this.request = request;\n this.response = response;\n\n this.keyStore = options.keyStore || new KeyStore();\n this.secure = options.secure;\n this.signed = options.signed !== undefined ? options.signed : false;\n this.encrypted = options.encrypted !== undefined ? options.encrypted : false;\n this.signIdentifier = options.signIdentifier || 'sig';\n }\n\n /**\n * This extracts the cookie with the given name from the Set-Cookie header in the request. If such a cookie exists, its value is returned. Otherwise, nothing is returned.\n *\n * `{ signed: true }` can optionally be passed as the second parameter options. In this case, a signature cookie (a cookie of same name ending with the .sig suffix appended) is fetched. If no such cookie exists, nothing is returned.\n *\n * If the signature cookie does exist, the provided KeyStore is used to check whether the hash of cookie-name=cookie-value matches that of any registered key/s:\n *\n * - If the signature cookie hash matches the first key, the original cookie value is returned.\n * - If the signature cookie hash matches any other key, the original cookie value is returned AND an outbound header is set to update the signature cookie's value to the hash of the first key. This enables automatic freshening of signature cookies that have become stale due to key rotation.\n * - If the signature cookie hash does not match any key, nothing is returned, and an outbound header with an expired date is used to delete the cookie.\n *\n * `{ encrypted: true }` can optionally be passed as the second parameter options. In this case, the provided KeyStore will try to decrypt the cookie value with registered key/s.\n *\n * - If the decryption fails nothing is returned, and the cookie stays intact.\n * - If decryption succeeds, decrypted cookie value is returned.\n *\n * If both `signed` and `encrypted` options are provided, signature check will be applied with encrypted value. Than the decryption will be applied.\n * @param name\n * @param opts\n */\n get(name: string, opts?: GetCookieOptions): string | undefined {\n const sigId = opts?.signIdentifier || this.signIdentifier;\n\n const sigName = typeof sigId === 'function' ? sigId.call(null, name)\n : `${name + '.' + sigId}`;\n\n const signed = opts && opts.signed !== undefined ? opts.signed : this.keyStore.signing.keys.length > 0;\n\n const encrypted = opts && opts.encrypted !== undefined ? opts.encrypted : this.encrypted;\n\n const header = this.request.headers['cookie'];\n if (!header) {\n return undefined;\n }\n\n const match = header.match(getPattern(name));\n if (!match) {\n return undefined;\n }\n\n const value = match[1];\n if (!opts || !signed) {\n return encrypted ? this.keyStore.decrypt(value as string) : value;\n }\n\n const remote = this.get(sigName, {encrypted: false, signed: false});\n if (!remote) {\n return undefined;\n }\n\n const data = `${name}=${value}`;\n const index = this.keyStore.indexOf(data, remote);\n\n if (index < 0) {\n this.set(sigName, null, {path: '/', signed: false});\n return undefined\n } else {\n index && this.set(sigName, this.keyStore.sign(data), {signed: false});\n return encrypted ? this.keyStore.decrypt(value as string) : value;\n }\n }\n\n /**\n * This sets the given cookie in the response and returns the current context to allow chaining.\n *\n * @param name Cookie name\n * @param value Cookie value. If this is omitted, an outbound header with an expired date is used to delete the cookie.\n * @param opts Overridden options\n */\n set(name: string, value?: string | null, opts?: SetCookieOptions): Cookies {\n const res = this.response,\n req = this.request,\n secure = this.secure !== undefined ? !!this.secure : (req).protocol === 'https' || (req).connection['encrypted'],\n encrypted = opts && opts.encrypted !== undefined ? opts.encrypted : this.encrypted;\n\n let headers = (res.getHeader('Set-Cookie') || []) as string[];\n\n const cookie = new Cookie(name, encrypted ? this.keyStore.encrypt(value as string): value, opts);\n const signed = opts && opts.signed !== undefined ? opts.signed : this.signed;\n\n /* istanbul ignore next */\n if (typeof headers == 'string') {\n headers = [headers];\n }\n\n if (!secure && opts && opts.secure) {\n throw new Error('Cannot send secure cookie over unencrypted connection');\n }\n\n cookie.secure = opts && opts.secure !== undefined ? opts.secure : secure;\n\n pushCookie(headers, cookie);\n\n if (opts && signed) {\n cookie.value = this.keyStore.sign(cookie.toString());\n\n const sigId = opts.signIdentifier || this.signIdentifier;\n\n if (typeof sigId === 'function') {\n cookie.name = sigId.call(null, cookie.name);\n } else {\n cookie.name = `${cookie.name + '.' + sigId}`;\n }\n pushCookie(headers, cookie);\n }\n\n const setHeader = (res)[\"set\"] ? http.OutgoingMessage.prototype.setHeader : res.setHeader;\n setHeader.call(res, 'Set-Cookie', headers);\n return this;\n }\n\n static middleware = (options?: CookiesOptions) => (req: any, res: any, next: any) => {\n req.cookies = res.cookies = new Cookies(req, res, options);\n next();\n }\n\n static connect = Cookies.middleware\n static express = Cookies.middleware\n static koa = (options?: CookiesOptions) => (ctx: any, next: any) => {\n ctx.cookies\n = ctx.req.cookies\n = ctx.res.cookies\n = ctx.request.cookies\n = ctx.response.cookies = new Cookies(ctx.req, ctx.res, options);\n return next()\n }\n}\n\n\nfunction getPattern(name: string): RegExp {\n if (cache[name]) {\n return cache[name] as RegExp;\n }\n\n return cache[name] = new RegExp(\n `(?:^|;) *${name.replace(/[-[\\]{}()*+?.,\\\\^$|#\\s]/g, '\\\\$&')}=([^;]*)`\n );\n}\n\nfunction pushCookie(headers: string[], cookie: Cookie) {\n if (cookie.overwrite) {\n for (let i = headers.length - 1; i >= 0; i--) {\n if (headers[i]!.indexOf(`${cookie.name}=`) === 0) {\n headers.splice(i, 1);\n }\n }\n }\n\n headers.push(cookie.header);\n}\n"],"names":[],"mappings":";;;;;;;;;;AAAA;AACA,IAAM,kBAAkB,GAAG,uCAAuC,CAAC;AACnE,IAAM,gBAAgB,GAAG,wBAAwB,CAAC;;IAiDhD,gBAAY,IAAY,EAAE,KAAqB,EAAE,KAAmB;QARpE,SAAI,GAAG,GAAG,CAAC;QACX,aAAQ,GAA6B,KAAK,CAAC;QAC3C,WAAM,GAAG,KAAK,CAAC;QACf,aAAQ,GAAG,IAAI,CAAC;QAChB,cAAS,GAAG,KAAK,CAAC;QAKhB,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;YAClC,MAAM,IAAI,SAAS,CAAC,0BAA0B,CAAC,CAAC;SACjD;QAED,IAAI,KAAK,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE;YAC5C,MAAM,IAAI,SAAS,CAAC,2BAA2B,CAAC,CAAC;SAClD;QAED,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;QACjB,IAAI,CAAC,KAAK,GAAG,KAAK,IAAI,EAAE,CAAC;QAEzB,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,CAAA;QAE1B,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE;YACf,IAAI,CAAC,OAAO,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC;YAC3B,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC;SACpB;QAED,IAAI,IAAI,CAAC,IAAI,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;YACpD,MAAM,IAAI,SAAS,CAAC,wBAAwB,CAAC,CAAC;SAC/C;QAED,IAAI,IAAI,CAAC,MAAM,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE;YACxD,MAAM,IAAI,SAAS,CAAC,0BAA0B,CAAC,CAAC;SACjD;QAED,IAAI,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,QAAQ,KAAK,IAAI,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE;YACpF,MAAM,IAAI,SAAS,CAAC,4BAA4B,CAAC,CAAC;SACnD;KACF;IAED,yBAAQ,GAAR;QACE,OAAU,IAAI,CAAC,IAAI,SAAI,IAAI,CAAC,KAAO,CAAC;KACrC;IAED,sBAAI,0BAAM;aAAV;YACE,IAAI,MAAM,GAAG,IAAI,CAAC,QAAQ,EAAE,CAAC;YAE7B,IAAI,IAAI,CAAC,MAAM,EAAE;gBACf,IAAI,CAAC,OAAO,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC;aACnD;YAED,IAAI,IAAI,CAAC,IAAI,EAAE;gBACb,MAAM,IAAI,YAAU,IAAI,CAAC,IAAM,CAAC;aACjC;YACD,IAAI,IAAI,CAAC,OAAO,EAAE;gBAChB,MAAM,IAAI,eAAa,IAAI,CAAC,OAAO,CAAC,WAAW,EAAI,CAAC;aACrD;YACD,IAAI,IAAI,CAAC,MAAM,EAAE;gBACf,MAAM,IAAI,cAAY,IAAI,CAAC,MAAQ,CAAC;aACrC;YACD,IAAI,IAAI,CAAC,QAAQ,EAAE;gBACjB,MAAM,IAAI,iBAAc,IAAI,CAAC,QAAQ,KAAK,IAAI,GAAG,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAE,CAAC;aAC3F;YACD,IAAI,IAAI,CAAC,MAAM,EAAE;gBACf,MAAM,IAAI,UAAU,CAAC;aACtB;YACD,IAAI,IAAI,CAAC,QAAQ,EAAE;gBACjB,MAAM,IAAI,YAAY,CAAC;aACxB;YAED,OAAO,MAAM,CAAC;SACf;;;OAAA;IAEH,aAAC;AAAD,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;ACpHM,IAAM,WAAW,GAAG;IACzB,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,uBAAuB,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IACxD,yBAAyB,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC1D,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,EAAE,EAAE,EAAE;IACrD,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,EAAE,EAAE,EAAE;IACrD,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,uBAAuB,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IACxD,yBAAyB,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC1D,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,EAAE,EAAE,EAAE;IACrD,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;CACxC;;ACrCV,IAAM,iBAAiB,GAAG,YAAY,CAAA;;IAkCpC,kBAAY,IAAmB;QAC7B,IAAI,GAAG,IAAI,IAAI,EAAE,CAAA;QACjB,IAAI,IAAI,CAAC,UAAU,EAAE;YACnB,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE;gBAC7E,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAA;aACpD;SACF;QACD,IAAI,IAAI,CAAC,OAAO,EAAE;YAChB,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE;gBACvE,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAA;aACjD;SACF;QACD,IAAI,CAAC,UAAU,GAAG,MAAM,CAAC,MAAM,CAAC;YAC9B,SAAS,EAAE,aAAa;YACxB,aAAa,EAAE,EAAE;YACjB,QAAQ,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE;SAC1B,EAAE,IAAI,CAAC,UAAU,IAAI,EAAS,CAAC,CAAA;QAEhC,IAAI,CAAC,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,EAAC,QAAQ,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,EAAE,IAAI,EAAE,EAAE,EAAC,EAAE,IAAI,CAAC,OAAO,IAAI,EAAS,CAAC,CAAA;KAE3G;IAID,0BAAO,GAAP,UAAQ,IAA6B,EAAE,OAAiC;QACtE,IAAI,CAAC,IAAI,EAAE;YACT,OAAO,IAAI,CAAA;SACZ;QACK,IAAA,KAMc,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,IAAI,CAAC,UAAU,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC,UAAU,EALzF,IAAI,UAAA,EACJ,SAAS,eAAA,EACT,QAAQ,cAAA,EACR,aAAa,mBAAA,EACb,GAAG,SACsF,CAAA;QAE3F,IAAM,MAAM,GAAG,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,CAAA;QAE7B,IAAI,CAAC,MAAM,EAAE;YACX,MAAM,IAAI,KAAK,CAAC,cAAc,CAAC,CAAA;SAChC;QAED,IAAM,UAAU,GAAG,QAAQ,CAAC,UAAU,CAAC,SAAS,CAAC,CAAA;QACjD,IAAI,CAAC,UAAU,EAAE;YACf,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAA;SACtC;QAED,IAAM,EAAE,GAAG,UAAU,CAAC,QAAQ,GAAG,MAAM,CAAC,WAAW,CAAC,UAAU,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC;QAChF,IAAM,QAAQ,GAAG,OAAO,IAAI,KAAK,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,EAAE,OAAO,CAAC,GAAG,IAAI,CAAA;QAE7E,IAAM,MAAM,GAAG,MAAM,CAAC,cAAc,CAAC,SAAgB,EAAE,MAAM,EAAE,EAAE,EAAE,EAAC,aAAa,eAAA,EAAC,CAAC,CAAA;QAEnF,IAAM,IAAI,GAAG,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QACrC,IAAM,GAAG,GAAG,MAAM,CAAC,KAAK,EAAE,CAAC;QAC3B,IAAI,OAA2B,CAAC;QAChC,IAAI,iBAAiB,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE;YACrC,OAAO,GAAG,MAAM,CAAC,UAAU,EAAE,CAAC;SAC/B;QAED,OAAO,MAAM,CAAC,MAAM,+CACf,EAAE,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,SACd,OAAO,GAAG,CAAC,OAAO,CAAC,GAAG,EAAE;YAC3B,IAAI;YACJ,GAAG;WACH,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAA;KACtB;IAID,0BAAO,GAAP,UAAQ,IAA6B,EAAE,OAAiC;QACtE,IAAI,CAAC,IAAI,EAAE;YACT,OAAO,IAAI,CAAA;SACZ;QAED,IAAM,YAAY,GAAmB,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,IAAI,CAAC,UAAU,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC,UAAU,CAAA;QAG1G,IAAA,QAAQ,GAKN,YAAY,SALN,EACR,GAAG,GAID,YAAY,IAJX,EACG,WAAW,GAGf,YAAY,KAHG,EACjB,SAAS,GAEP,YAAY,UAFL,EACT,aAAa,GACX,YAAY,cADD,CACC;QAEhB,IAAM,IAAI,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,WAAW,CAAA;QACtC,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE;YACrB,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAA;SACvD;QAGC,IAAA,EAAE,GAEA,YAAY,GAFZ,EACF,OAAO,GACL,YAAY,QADP,CACO;QAEhB,IAAI,QAAQ,GAAG,OAAO,IAAI,KAAK,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,EAAE,QAAQ,CAAC,GAAG,IAAI,CAAA;QAE5E,IAAM,UAAU,GAAG,QAAQ,CAAC,UAAU,CAAC,SAAS,CAAC,CAAA;QACjD,IAAI,CAAC,UAAU,EAAE;YACf,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAA;SACtC;QAED,IAAI,OAAO,EAAE,KAAK,QAAQ,EAAE;YAC1B,EAAE,GAAG,MAAM,CAAC,IAAI,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAA;SAC/B;QAED,IAAI,OAAO,OAAO,KAAK,QAAQ,EAAE;YAC/B,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAA;SACzC;QAED,IAAI,UAAU,CAAC,QAAQ,KAAK,SAAS,EAAE;YACrC,IAAI,CAAC,EAAE,EAAE;gBACP,EAAE,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,UAAU,CAAC,QAAQ,CAAC,CAAA;aAC5C;YACD,QAAQ,GAAG,QAAQ,CAAC,KAAK,CAAC,UAAU,CAAC,QAAQ,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAA;SAChE;QAGD,IAAI,iBAAiB,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE;YACrC,IAAI,CAAC,OAAO,EAAE;gBACZ,OAAO,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,aAAa,CAAC,CAAA;aAC3C;YACD,QAAQ,GAAG,QAAQ,CAAC,KAAK,CAAC,aAAa,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAA;SAC1D;QAED,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;YACpC,IAAM,OAAO,GAAG,QAAQ,CAAC,SAAS,CAAC,QAAQ,wBAAM,YAAY,KAAE,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,IAAA,EAAE,OAAO,SAAA,IAAG,CAAC;YAC5F,IAAI,OAAO,KAAK,IAAI;gBAAE,OAAO,OAAO,CAAA;SACrC;QACD,OAAO,IAAI,CAAA;KACZ;IAEc,kBAAS,GAAxB,UAAyB,IAAY,EAAE,OAAuB;QACrD,IAAA,SAAS,GAAqC,OAAO,UAA5C,EAAE,GAAG,GAAgC,OAAO,IAAvC,EAAE,EAAE,GAA4B,OAAO,GAAnC,EAAE,aAAa,GAAa,OAAO,cAApB,EAAE,OAAO,GAAI,OAAO,QAAX,CAAW;QAC5D,IAAM,QAAQ,GAAG,MAAM,CAAC,gBAAgB,CAAC,SAAgB,EAAE,GAAI,EAAE,EAAY,IAAI,IAAI,EAAE,EAAC,aAAa,eAAA,EAAC,CAAC,CAAC;QAExG,IAAI,OAAO,EAAE;YACX,QAAQ,CAAC,UAAU,CAAC,OAAiB,CAAC,CAAA;SACvC;QAED,IAAM,SAAS,GAAG,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,CAAA;QACvC,IAAI,KAAa,CAAA;QACjB,IAAI;YACF,KAAK,GAAG,QAAQ,CAAC,KAAK,EAAE,CAAA;SACzB;QAAC,OAAM,CAAK,EAAE;;YAEb,OAAO,IAAI,CAAA;SACZ;QACD,OAAO,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAA;KAC3D;IAMD,uBAAI,GAAJ,UAAK,IAAoB,EAAE,GAAwB;QACjD,IAAI,CAAC,IAAI,EAAE;YACT,OAAO,IAAI,CAAA;SACZ;QACK,IAAA,KAA8B,IAAI,CAAC,OAAO,EAAzC,SAAS,eAAA,EAAE,QAAQ,cAAA,EAAE,IAAI,UAAgB,CAAA;QAChD,GAAG,GAAG,GAAG,IAAI,IAAI,CAAC,CAAC,CAAc,CAAA;QACjC,OAAO,MAAM;aACV,UAAU,CAAC,SAAS,EAAE,GAAG,CAAC;aAC1B,MAAM,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC;aAC7B,OAAO,CAAC,UAAU,EAAE,UAAU,CAAC;YAC9B,OAAO,CAAC,EAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,EAAE,EAAC,EAAE,CAAC,CAAW,CAAA;SACpD,CAAC,CAAA;KACL;IAED,yBAAM,GAAN,UAAO,IAAY,EAAE,MAAc;QACjC,OAAO,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC,GAAG,CAAC,CAAC,CAAA;KACvC;IAED,0BAAO,GAAP,UAAQ,IAAY,EAAE,MAAc;QAC3B,IAAA,IAAI,GAAI,IAAI,CAAC,OAAO,KAAhB,CAAgB;QAE3B,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE;YACrB,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAA;SACpD;QAED,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;YACpC,IAAI,OAAO,CAAC,MAAM,EAAE,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC,CAAW,CAAC,CAAC;gBAAE,OAAO,CAAC,CAAA;SAClE;QACD,OAAO,CAAC,CAAC,CAAA;KACV;IA5LM,mBAAU,GAAG,WAGlB,CAAA;IA6LJ,eAAC;CApMD;;AC1BA,IAAM,KAAK,GAA8B,EAAS,CAAC;;IAkDjD,iBAAY,OAA6C,EAAE,QAA8C,EAAE,OAA4B;QAA5B,wBAAA,EAAA,YAA4B;QACrI,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;QACvB,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;QAEzB,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC,QAAQ,IAAI,IAAI,QAAQ,EAAE,CAAC;QACnD,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;QAC7B,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,KAAK,SAAS,GAAG,OAAO,CAAC,MAAM,GAAG,KAAK,CAAC;QACpE,IAAI,CAAC,SAAS,GAAG,OAAO,CAAC,SAAS,KAAK,SAAS,GAAG,OAAO,CAAC,SAAS,GAAG,KAAK,CAAC;QAC7E,IAAI,CAAC,cAAc,GAAG,OAAO,CAAC,cAAc,IAAI,KAAK,CAAC;KACvD;;;;;;;;;;;;;;;;;;;;;IAsBD,qBAAG,GAAH,UAAI,IAAY,EAAE,IAAuB;QACvC,IAAM,KAAK,GAAG,CAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,cAAc,KAAI,IAAI,CAAC,cAAc,CAAC;QAE1D,IAAM,OAAO,GAAG,OAAO,KAAK,KAAK,UAAU,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC;cAChE,MAAG,IAAI,GAAG,GAAG,GAAG,KAAK,CAAE,CAAC;QAE5B,IAAM,MAAM,GAAG,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,SAAS,GAAG,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC;QAEvG,IAAM,SAAS,GAAG,IAAI,IAAI,IAAI,CAAC,SAAS,KAAK,SAAS,GAAG,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC;QAEzF,IAAM,MAAM,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;QAC9C,IAAI,CAAC,MAAM,EAAE;YACX,OAAO,SAAS,CAAC;SAClB;QAED,IAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC;QAC7C,IAAI,CAAC,KAAK,EAAE;YACV,OAAO,SAAS,CAAC;SAClB;QAED,IAAM,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QACvB,IAAI,CAAC,IAAI,IAAI,CAAC,MAAM,EAAE;YACpB,OAAO,SAAS,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAe,CAAC,GAAG,KAAK,CAAC;SACnE;QAED,IAAM,MAAM,GAAG,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,EAAC,SAAS,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK,EAAC,CAAC,CAAC;QACpE,IAAI,CAAC,MAAM,EAAE;YACX,OAAO,SAAS,CAAC;SAClB;QAED,IAAM,IAAI,GAAM,IAAI,SAAI,KAAO,CAAC;QAChC,IAAM,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;QAElD,IAAI,KAAK,GAAG,CAAC,EAAE;YACb,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,IAAI,EAAE,EAAC,IAAI,EAAE,GAAG,EAAE,MAAM,EAAE,KAAK,EAAC,CAAC,CAAC;YACpD,OAAO,SAAS,CAAA;SACjB;aAAM;YACL,KAAK,IAAI,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,EAAC,MAAM,EAAE,KAAK,EAAC,CAAC,CAAC;YACtE,OAAO,SAAS,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAe,CAAC,GAAG,KAAK,CAAC;SACnE;KACF;;;;;;;;IASD,qBAAG,GAAH,UAAI,IAAY,EAAE,KAAqB,EAAE,IAAuB;QAC9D,IAAM,GAAG,GAAG,IAAI,CAAC,QAAQ,EACvB,GAAG,GAAG,IAAI,CAAC,OAAO,EAClB,MAAM,GAAG,IAAI,CAAC,MAAM,KAAK,SAAS,GAAG,CAAC,CAAC,IAAI,CAAC,MAAM,GAAS,GAAI,CAAC,QAAQ,KAAK,OAAO,IAAU,GAAI,CAAC,UAAU,CAAC,WAAW,CAAC,EAC1H,SAAS,GAAG,IAAI,IAAI,IAAI,CAAC,SAAS,KAAK,SAAS,GAAG,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC;QAErF,IAAI,OAAO,IAAI,GAAG,CAAC,SAAS,CAAC,YAAY,CAAC,IAAI,EAAE,CAAa,CAAC;QAE9D,IAAM,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,EAAE,SAAS,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAe,CAAC,GAAE,KAAK,EAAE,IAAI,CAAC,CAAC;QACjG,IAAM,MAAM,GAAG,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,SAAS,GAAG,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC;;QAG7E,IAAI,OAAO,OAAO,IAAI,QAAQ,EAAE;YAC9B,OAAO,GAAG,CAAC,OAAO,CAAC,CAAC;SACrB;QAED,IAAI,CAAC,MAAM,IAAI,IAAI,IAAI,IAAI,CAAC,MAAM,EAAE;YAClC,MAAM,IAAI,KAAK,CAAC,uDAAuD,CAAC,CAAC;SAC1E;QAED,MAAM,CAAC,MAAM,GAAG,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,SAAS,GAAG,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QAEzE,UAAU,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;QAE5B,IAAI,IAAI,IAAI,MAAM,EAAE;YAClB,MAAM,CAAC,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAC;YAErD,IAAM,KAAK,GAAG,IAAI,CAAC,cAAc,IAAI,IAAI,CAAC,cAAc,CAAC;YAEzD,IAAI,OAAO,KAAK,KAAK,UAAU,EAAE;gBAC/B,MAAM,CAAC,IAAI,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,CAAC;aAC7C;iBAAM;gBACL,MAAM,CAAC,IAAI,GAAG,MAAG,MAAM,CAAC,IAAI,GAAG,GAAG,GAAG,KAAK,CAAE,CAAC;aAC9C;YACD,UAAU,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;SAC7B;QAED,IAAM,SAAS,GAAS,GAAI,CAAC,KAAK,CAAC,GAAG,IAAI,CAAC,eAAe,CAAC,SAAS,CAAC,SAAS,GAAG,GAAG,CAAC,SAAS,CAAC;QAC/F,SAAS,CAAC,IAAI,CAAC,GAAG,EAAE,YAAY,EAAE,OAAO,CAAC,CAAC;QAC3C,OAAO,IAAI,CAAC;KACb;IAEM,kBAAU,GAAG,UAAC,OAAwB,IAAK,OAAA,UAAC,GAAQ,EAAE,GAAQ,EAAE,IAAS;QAC9E,GAAG,CAAC,OAAO,GAAG,GAAG,CAAC,OAAO,GAAG,IAAI,OAAO,CAAC,GAAG,EAAE,GAAG,EAAE,OAAO,CAAC,CAAC;QAC3D,IAAI,EAAE,CAAC;KACR,GAAA,CAAA;IAEM,eAAO,GAAG,OAAO,CAAC,UAAU,CAAA;IAC5B,eAAO,GAAG,OAAO,CAAC,UAAU,CAAA;IAC5B,WAAG,GAAG,UAAC,OAAwB,IAAK,OAAA,UAAC,GAAQ,EAAE,IAAS;QAC7D,GAAG,CAAC,OAAO;cACP,GAAG,CAAC,GAAG,CAAC,OAAO;kBACf,GAAG,CAAC,GAAG,CAAC,OAAO;sBACf,GAAG,CAAC,OAAO,CAAC,OAAO;0BACnB,GAAG,CAAC,QAAQ,CAAC,OAAO,GAAG,IAAI,OAAO,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;QAClE,OAAO,IAAI,EAAE,CAAA;KACd,GAAA,CAAA;IACH,cAAC;CAxJD,IAwJC;AAGD,SAAS,UAAU,CAAC,IAAY;IAC9B,IAAI,KAAK,CAAC,IAAI,CAAC,EAAE;QACf,OAAO,KAAK,CAAC,IAAI,CAAW,CAAC;KAC9B;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,GAAG,IAAI,MAAM,CAC7B,cAAY,IAAI,CAAC,OAAO,CAAC,0BAA0B,EAAE,MAAM,CAAC,aAAU,CACvE,CAAC;AACJ,CAAC;AAED,SAAS,UAAU,CAAC,OAAiB,EAAE,MAAc;IACnD,IAAI,MAAM,CAAC,SAAS,EAAE;QACpB,KAAK,IAAI,CAAC,GAAG,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE;YAC5C,IAAI,OAAO,CAAC,CAAC,CAAE,CAAC,OAAO,CAAI,MAAM,CAAC,IAAI,MAAG,CAAC,KAAK,CAAC,EAAE;gBAChD,OAAO,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;aACtB;SACF;KACF;IAED,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;AAC9B;;;;"} \ No newline at end of file +{"version":3,"file":"index.esm.js","sources":["../src/cookie.ts","../src/ciphers.ts","../src/keystore.ts","../src/cookies.ts"],"sourcesContent":["// eslint-disable-next-line no-control-regex\nconst fieldContentRegExp = /^[\\u0009\\u0020-\\u007e\\u0080-\\u00ff]+$/;\nconst SAME_SITE_REGEXP = /^(?:lax|none|strict)$/i;\n\nexport interface CookieAttrs {\n /**\n * a `Date` object indicating the cookie's expiration date (expires at the end of session by default).\n */\n expires?: Date;\n /**\n * a number representing the milliseconds from `Date.now()` for expiry\n */\n maxAge?: number | null;\n /**\n * a boolean or string indicating whether the cookie is a \"same site\" cookie (`false` by default). This can be set to `'strict'`, `'lax'`, `'none'`, or `true` (which maps to `'strict'`).\n */\n sameSite?: 'lax' | 'none' | 'strict' | boolean;\n /**\n * a string indicating the path of the cookie (`/` by default).\n */\n path?: string;\n /**\n * a string indicating the domain of the cookie (no default).\n */\n domain?: string;\n /**\n * a boolean indicating whether the cookie is only to be sent over HTTPS (`false` by default for HTTP, `true` by default for HTTPS).\n */\n secure?: boolean;\n /**\n * a boolean indicating whether the cookie is only to be sent over HTTP(S), and not made available to client JavaScript (`true` by default).\n */\n httpOnly?: boolean;\n /**\n * a boolean indicating whether to overwrite previously set cookies of the same name (`false` by default). If this is true, all cookies set during the same request with the same name (regardless of path or domain) are filtered out of the Set-Cookie header when setting this cookie.\n */\n overwrite?: boolean;\n}\n\nexport class Cookie implements CookieAttrs {\n name: string;\n value: string;\n domain?: string;\n path = '/';\n sameSite?: CookieAttrs['sameSite'] = false;\n secure = false;\n httpOnly = true;\n overwrite = false;\n expires?: Date;\n maxAge?: number | null;\n\n constructor(name: string, value?: string | null, attrs?: CookieAttrs) {\n if (!fieldContentRegExp.test(name)) {\n throw new TypeError('argument name is invalid');\n }\n\n if (value && !fieldContentRegExp.test(value)) {\n throw new TypeError('argument value is invalid');\n }\n\n this.name = name;\n this.value = value || '';\n\n Object.assign(this, attrs)\n\n if (!this.value) {\n this.expires = new Date(0);\n this.maxAge = null;\n }\n\n if (this.path && !fieldContentRegExp.test(this.path)) {\n throw new TypeError('option path is invalid');\n }\n\n if (this.domain && !fieldContentRegExp.test(this.domain)) {\n throw new TypeError('option domain is invalid');\n }\n\n if (this.sameSite && this.sameSite !== true && !SAME_SITE_REGEXP.test(this.sameSite)) {\n throw new TypeError('option sameSite is invalid');\n }\n }\n\n toString() {\n return `${this.name}=${this.value}`;\n }\n\n get header() {\n let header = this.toString();\n\n if (this.maxAge) {\n this.expires = new Date(Date.now() + this.maxAge);\n }\n\n if (this.path) {\n header += `; path=${this.path}`;\n }\n if (this.expires) {\n header += `; expires=${this.expires.toUTCString()}`;\n }\n if (this.domain) {\n header += `; domain=${this.domain}`;\n }\n if (this.sameSite) {\n header += `; samesite=${this.sameSite === true ? 'strict' : this.sameSite.toLowerCase()}`;\n }\n if (this.secure) {\n header += '; secure';\n }\n if (this.httpOnly) {\n header += '; httponly';\n }\n\n return header;\n }\n\n}\n","export const CIPHER_INFO = {\n 'aes-128-cbc': { ivLength: 16, keyLength: 16 },\n 'aes-128-cbc-hmac-sha1': { ivLength: 16, keyLength: 16 },\n 'aes-128-cbc-hmac-sha256': { ivLength: 16, keyLength: 16 },\n 'aes-128-cfb': { ivLength: 16, keyLength: 16 },\n 'aes-128-cfb1': { ivLength: 16, keyLength: 16 },\n 'aes-128-cfb8': { ivLength: 16, keyLength: 16 },\n 'aes-128-ctr': { ivLength: 16, keyLength: 16 },\n 'aes-128-ecb': { ivLength: undefined, keyLength: 16 },\n 'aes-128-ocb': { ivLength: 12, keyLength: 16 },\n 'aes-128-ofb': { ivLength: 16, keyLength: 16 },\n 'aes-128-xts': { ivLength: 16, keyLength: 32 },\n 'aes-192-cbc': { ivLength: 16, keyLength: 24 },\n 'aes-192-cfb': { ivLength: 16, keyLength: 24 },\n 'aes-192-cfb1': { ivLength: 16, keyLength: 24 },\n 'aes-192-cfb8': { ivLength: 16, keyLength: 24 },\n 'aes-192-ctr': { ivLength: 16, keyLength: 24 },\n 'aes-192-ecb': { ivLength: undefined, keyLength: 24 },\n 'aes-192-ocb': { ivLength: 12, keyLength: 24 },\n 'aes-192-ofb': { ivLength: 16, keyLength: 24 },\n 'aes-256-cbc': { ivLength: 16, keyLength: 32 },\n 'aes-256-cbc-hmac-sha1': { ivLength: 16, keyLength: 32 },\n 'aes-256-cbc-hmac-sha256': { ivLength: 16, keyLength: 32 },\n 'aes-256-cfb': { ivLength: 16, keyLength: 32 },\n 'aes-256-cfb1': { ivLength: 16, keyLength: 32 },\n 'aes-256-cfb8': { ivLength: 16, keyLength: 32 },\n 'aes-256-ctr': { ivLength: 16, keyLength: 32 },\n 'aes-256-ecb': { ivLength: undefined, keyLength: 32 },\n 'aes-256-ocb': { ivLength: 12, keyLength: 32 },\n 'aes-256-ofb': { ivLength: 16, keyLength: 32 },\n 'aes-256-xts': { ivLength: 16, keyLength: 64 },\n 'aes-128-ccm': { ivLength: 12, keyLength: 16 },\n 'aes-128-gcm': { ivLength: 12, keyLength: 16 },\n 'aes-192-ccm': { ivLength: 12, keyLength: 24 },\n 'aes-192-gcm': { ivLength: 12, keyLength: 24 },\n 'aes-256-ccm': { ivLength: 12, keyLength: 32 },\n 'aes-256-gcm': { ivLength: 12, keyLength: 32 },\n 'id-aes128-ccm': { ivLength: 12, keyLength: 16 },\n 'id-aes128-gcm': { ivLength: 12, keyLength: 16 },\n 'id-aes192-ccm': { ivLength: 12, keyLength: 24 },\n 'id-aes192-gcm': { ivLength: 12, keyLength: 24 },\n 'id-aes256-ccm': { ivLength: 12, keyLength: 32 },\n 'id-aes256-gcm': { ivLength: 12, keyLength: 32 },\n} as const\n","/* eslint-disable @typescript-eslint/ban-ts-comment */\nimport compare from 'tsscmp'\n\nimport crypto, {BinaryToTextEncoding, CipherKey, Encoding} from \"crypto\";\nimport {CIPHER_INFO} from \"./ciphers\";\n\nconst AUTH_TAG_REQUIRED = /-(gcm|ccm)/\n\nexport interface KeyStoreOpts {\n signing?: {\n keys: string[],\n algorithm?: string | 'blake2b512' | 'blake2s256' | 'gost' | 'md4' | 'md5' | 'rmd160' | 'sha1' | 'sha224'\n | 'sha256' | 'sha3-224' | 'sha3-256' | 'sha3-384' | 'sha3-512' | 'sha384' | 'sha512' | 'sha512-224'\n | 'sha512-256' | 'shake128' | 'shake256' | 'sm3';\n encoding?: BinaryToTextEncoding\n },\n encryption?: {\n keys: string[] | CipherKey[],\n algorithm?: keyof typeof CIPHER_INFO | string,\n encoding?: Encoding\n authTagLength?: number\n }\n}\n\nexport type EncryptOptions = Required & { key?: string | undefined }\nexport type DecryptOptions = Required & {\n key?: string | CipherKey | undefined,\n iv?: string | Buffer | undefined,\n authTag?: string | Buffer | undefined\n}\n\nexport class KeyStore {\n encryption: Required>;\n signing: Required>;\n\n static cipherInfo = CIPHER_INFO as Record\n\n constructor(opts?: KeyStoreOpts) {\n opts = opts || {}\n\n this.encryption = Object.assign({\n algorithm: 'aes-192-ccm',\n authTagLength: 16,\n encoding: 'hex',\n keys: []\n }, opts.encryption || {} as any)\n\n this.signing = Object.assign({\n encoding: 'base64',\n algorithm: 'sha1',\n keys: []\n }, opts.signing || {} as any)\n\n }\n\n encrypt(data?: null, options?: Partial): null\n encrypt(data: string | Buffer, options?: Partial): string\n encrypt(data?: string | Buffer | null, options?: Partial): string | null {\n if (!data) {\n return null\n }\n const {\n keys,\n algorithm,\n encoding,\n authTagLength,\n key\n }: EncryptOptions = options ? Object.assign({}, this.encryption, options) : this.encryption\n\n const secret = key || keys[0]\n\n if (!secret) {\n throw new Error(\"no key found\")\n }\n\n const cipherInfo = KeyStore.cipherInfo[algorithm]\n if (!cipherInfo) {\n throw new Error(\"unsupported cipher\")\n }\n\n const iv = cipherInfo.ivLength ? crypto.randomBytes(cipherInfo.ivLength) : null;\n const dataBuff = typeof data === \"string\" ? Buffer.from(data, 'utf-8') : data\n\n const cipher = crypto.createCipheriv(algorithm as any, secret, iv, {authTagLength})\n\n const text = cipher.update(dataBuff);\n const pad = cipher.final();\n let authTag: Buffer | undefined;\n if (AUTH_TAG_REQUIRED.test(algorithm)) {\n authTag = cipher.getAuthTag();\n }\n\n return Buffer.concat([\n ...iv ? [iv] : [],\n ...authTag ? [authTag] : [],\n text,\n pad\n ]).toString(encoding)\n }\n\n decrypt(data?: null, options?: Partial): null\n decrypt(data: string | Buffer, options?: Partial): string\n decrypt(data?: string | Buffer | null, options?: Partial): string | null {\n if (!data) {\n return null\n }\n\n const finalOptions: DecryptOptions = options ? Object.assign({}, this.encryption, options) : this.encryption\n\n const {\n encoding,\n key,\n keys: defaultKeys,\n algorithm,\n authTagLength,\n } = finalOptions\n\n const keys = key ? [key] : defaultKeys\n if (keys.length === 0) {\n throw new Error(\"keys required for encrypted cookies\")\n }\n\n let {\n iv,\n authTag\n } = finalOptions\n\n let dataBuff = typeof data === \"string\" ? Buffer.from(data, encoding) : data\n\n const cipherInfo = KeyStore.cipherInfo[algorithm]\n if (!cipherInfo) {\n throw new Error(\"unsupported cipher\")\n }\n\n if (typeof iv === \"string\") {\n iv = Buffer.from(iv, encoding)\n }\n\n if (typeof authTag === \"string\") {\n authTag = Buffer.from(authTag, encoding)\n }\n\n if (cipherInfo.ivLength !== undefined) {\n if (!iv) {\n iv = dataBuff.slice(0, cipherInfo.ivLength)\n }\n dataBuff = dataBuff.slice(cipherInfo.ivLength, dataBuff.length)\n }\n\n\n if (AUTH_TAG_REQUIRED.test(algorithm)) {\n if (!authTag) {\n authTag = dataBuff.slice(0, authTagLength)\n }\n dataBuff = dataBuff.slice(authTagLength, dataBuff.length)\n }\n\n for (let i = 0; i < keys.length; i++) {\n const message = KeyStore.doDecrypt(dataBuff, {...finalOptions, key: keys[i], iv, authTag,});\n if (message !== null) return message\n }\n return null\n }\n\n private static doDecrypt(data: Buffer, options: DecryptOptions): string | null {\n const {algorithm, key, iv, authTagLength, authTag} = options\n const decipher = crypto.createDecipheriv(algorithm as any, key!, iv as Buffer || null, {authTagLength});\n\n if (authTag) {\n decipher.setAuthTag(authTag as Buffer)\n }\n\n const plainText = decipher.update(data)\n let final: Buffer\n try {\n final = decipher.final()\n } catch(e:any) {\n // authentication failed\n return null\n }\n return Buffer.concat([plainText, final]).toString('utf-8')\n }\n\n //region: signing\n\n sign(data?: null, key?: string | CipherKey): null\n sign(data: string, key?: string | CipherKey): string\n sign(data?: string | null, key?: string | CipherKey): string | null {\n if (!data) {\n return null\n }\n const {algorithm, encoding, keys} = this.signing\n key = key || keys[0] as CipherKey\n return crypto\n .createHmac(algorithm, key)\n .update(data).digest(encoding)\n .replace(/\\/|\\+|=/g, function (x) {\n return ({\"/\": \"_\", \"+\": \"-\", \"=\": \"\"})[x] as string\n })\n }\n\n verify(data: string, digest: string): boolean {\n return this.indexOf(data, digest) > -1\n }\n\n indexOf(data: string, digest: string): number {\n const {keys} = this.signing\n\n if (keys.length === 0) {\n throw new Error(\"keys required for signed cookies\")\n }\n\n for (let i = 0; i < keys.length; i++) {\n if (compare(digest, this.sign(data, keys[i] as string))) return i\n }\n return -1\n }\n\n //end-region: signing\n\n}\n\n","import http, {IncomingMessage, ServerResponse} from 'http';\nimport {Cookie, CookieAttrs} from './cookie';\nimport {KeyStore} from \"./keystore\";\nimport type {Http2ServerRequest, Http2ServerResponse} from \"http2\";\n\nconst cache: { [key: string]: RegExp } = {} as any;\ntype SignIdentifier = string | ((name: string) => string)\nexport type CookiesOptions = {\n\n /**\n * KeyStore to be used for signing and encrypting\n */\n keyStore?: KeyStore;\n /**\n * a boolean indicating whether the cookie is to be signed (`false` by default). If this is true, another cookie of the same name with the `signIdentifier` will also be sent, with a 27-byte url-safe base64 SHA1 value representing the hash of _cookie-name_=_cookie-value_ against the first [KeyStore](keystore) key. This signature key is used to detect tampering the next time a cookie is received.\n * @default false\n */\n signed?: boolean;\n /**\n * Encrypt cookies by default and assume received cookies are encrypted.\n * @default false\n */\n encrypted?: boolean;\n /**\n * Mark cookies as secure by default.\n * @default `req.protocol`\n */\n secure?: boolean;\n /**\n * If string, provided value will be appended cookie name with dot. For example with given value `mysig`\n * signature cookie name will be `cookiename.mysig`\n *\n * @default `sig`\n */\n signIdentifier?: SignIdentifier\n}\n\nexport type SetCookieOptions = CookiesOptions & CookieAttrs\nexport type GetCookieOptions = CookiesOptions\n\nexport class Cookies {\n\n secure: CookiesOptions[\"secure\"];\n\n encrypted: boolean;\n\n signed: boolean;\n\n keyStore: KeyStore;\n\n signIdentifier?: SignIdentifier\n\n readonly request: IncomingMessage | Http2ServerRequest;\n readonly response: ServerResponse | Http2ServerResponse;\n\n constructor(request: IncomingMessage | Http2ServerRequest, response: ServerResponse | Http2ServerResponse, options: CookiesOptions = {}) {\n this.request = request;\n this.response = response;\n\n this.keyStore = options.keyStore || new KeyStore();\n this.secure = options.secure;\n this.signed = options.signed !== undefined ? options.signed : false;\n this.encrypted = options.encrypted !== undefined ? options.encrypted : false;\n this.signIdentifier = options.signIdentifier || 'sig';\n }\n\n /**\n * This extracts the cookie with the given name from the Set-Cookie header in the request. If such a cookie exists, its value is returned. Otherwise, nothing is returned.\n *\n * `{ signed: true }` can optionally be passed as the second parameter options. In this case, a signature cookie (a cookie of same name ending with the .sig suffix appended) is fetched. If no such cookie exists, nothing is returned.\n *\n * If the signature cookie does exist, the provided KeyStore is used to check whether the hash of cookie-name=cookie-value matches that of any registered key/s:\n *\n * - If the signature cookie hash matches the first key, the original cookie value is returned.\n * - If the signature cookie hash matches any other key, the original cookie value is returned AND an outbound header is set to update the signature cookie's value to the hash of the first key. This enables automatic freshening of signature cookies that have become stale due to key rotation.\n * - If the signature cookie hash does not match any key, nothing is returned, and an outbound header with an expired date is used to delete the cookie.\n *\n * `{ encrypted: true }` can optionally be passed as the second parameter options. In this case, the provided KeyStore will try to decrypt the cookie value with registered key/s.\n *\n * - If the decryption fails nothing is returned, and the cookie stays intact.\n * - If decryption succeeds, decrypted cookie value is returned.\n *\n * If both `signed` and `encrypted` options are provided, signature check will be applied with encrypted value. Than the decryption will be applied.\n * @param name\n * @param opts\n */\n get(name: string, opts?: GetCookieOptions): string | undefined {\n const sigId = opts?.signIdentifier || this.signIdentifier;\n\n const sigName = typeof sigId === 'function' ? sigId.call(null, name)\n : `${name + '.' + sigId}`;\n\n const signed = opts && opts.signed !== undefined ? opts.signed : this.keyStore.signing.keys.length > 0;\n\n const encrypted = opts && opts.encrypted !== undefined ? opts.encrypted : this.encrypted;\n\n const header = this.request.headers['cookie'];\n if (!header) {\n return undefined;\n }\n\n const match = header.match(getPattern(name));\n if (!match) {\n return undefined;\n }\n\n const value = match[1];\n if (!opts || !signed) {\n return encrypted ? this.keyStore.decrypt(value as string) : value;\n }\n\n const remote = this.get(sigName, {encrypted: false, signed: false});\n if (!remote) {\n return undefined;\n }\n\n const data = `${name}=${value}`;\n const index = this.keyStore.indexOf(data, remote);\n\n if (index < 0) {\n this.set(sigName, null, {path: '/', signed: false});\n return undefined\n } else {\n index && this.set(sigName, this.keyStore.sign(data), {signed: false});\n return encrypted ? this.keyStore.decrypt(value as string) : value;\n }\n }\n\n /**\n * This sets the given cookie in the response and returns the current context to allow chaining.\n *\n * @param name Cookie name\n * @param value Cookie value. If this is omitted, an outbound header with an expired date is used to delete the cookie.\n * @param opts Overridden options\n */\n set(name: string, value?: string | null, opts?: SetCookieOptions): Cookies {\n const res = this.response,\n req = this.request,\n secure = this.secure !== undefined ? !!this.secure : (req).protocol === 'https' || (req).connection['encrypted'],\n encrypted = opts && opts.encrypted !== undefined ? opts.encrypted : this.encrypted;\n\n let headers = (res.getHeader('Set-Cookie') || []) as string[];\n\n const cookie = new Cookie(name, encrypted ? this.keyStore.encrypt(value as string): value, opts);\n const signed = opts && opts.signed !== undefined ? opts.signed : this.signed;\n\n /* istanbul ignore next */\n if (typeof headers == 'string') {\n headers = [headers];\n }\n\n if (!secure && opts && opts.secure) {\n throw new Error('Cannot send secure cookie over unencrypted connection');\n }\n\n cookie.secure = opts && opts.secure !== undefined ? opts.secure : secure;\n\n pushCookie(headers, cookie);\n\n if (opts && signed) {\n cookie.value = this.keyStore.sign(cookie.toString());\n\n const sigId = opts.signIdentifier || this.signIdentifier;\n\n if (typeof sigId === 'function') {\n cookie.name = sigId.call(null, cookie.name);\n } else {\n cookie.name = `${cookie.name + '.' + sigId}`;\n }\n pushCookie(headers, cookie);\n }\n\n const setHeader = (res)[\"set\"] ? http.OutgoingMessage.prototype.setHeader : res.setHeader;\n setHeader.call(res, 'Set-Cookie', headers);\n return this;\n }\n\n static middleware = (options?: CookiesOptions) => (req: any, res: any, next: any) => {\n req.cookies = res.cookies = new Cookies(req, res, options);\n next();\n }\n\n static connect = Cookies.middleware\n static express = Cookies.middleware\n static koa = (options?: CookiesOptions) => (ctx: any, next: any) => {\n ctx.cookies\n = ctx.req.cookies\n = ctx.res.cookies\n = ctx.request.cookies\n = ctx.response.cookies = new Cookies(ctx.req, ctx.res, options);\n return next()\n }\n}\n\n\nfunction getPattern(name: string): RegExp {\n if (cache[name]) {\n return cache[name] as RegExp;\n }\n\n return cache[name] = new RegExp(\n `(?:^|;) *${name.replace(/[-[\\]{}()*+?.,\\\\^$|#\\s]/g, '\\\\$&')}=([^;]*)`\n );\n}\n\nfunction pushCookie(headers: string[], cookie: Cookie) {\n if (cookie.overwrite) {\n for (let i = headers.length - 1; i >= 0; i--) {\n if (headers[i]!.indexOf(`${cookie.name}=`) === 0) {\n headers.splice(i, 1);\n }\n }\n }\n\n headers.push(cookie.header);\n}\n"],"names":[],"mappings":";;;;;;;;;;AAAA;AACA,IAAM,kBAAkB,GAAG,uCAAuC,CAAC;AACnE,IAAM,gBAAgB,GAAG,wBAAwB,CAAC;;IAiDhD,gBAAY,IAAY,EAAE,KAAqB,EAAE,KAAmB;QARpE,SAAI,GAAG,GAAG,CAAC;QACX,aAAQ,GAA6B,KAAK,CAAC;QAC3C,WAAM,GAAG,KAAK,CAAC;QACf,aAAQ,GAAG,IAAI,CAAC;QAChB,cAAS,GAAG,KAAK,CAAC;QAKhB,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;YAClC,MAAM,IAAI,SAAS,CAAC,0BAA0B,CAAC,CAAC;SACjD;QAED,IAAI,KAAK,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE;YAC5C,MAAM,IAAI,SAAS,CAAC,2BAA2B,CAAC,CAAC;SAClD;QAED,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;QACjB,IAAI,CAAC,KAAK,GAAG,KAAK,IAAI,EAAE,CAAC;QAEzB,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,CAAA;QAE1B,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE;YACf,IAAI,CAAC,OAAO,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC;YAC3B,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC;SACpB;QAED,IAAI,IAAI,CAAC,IAAI,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;YACpD,MAAM,IAAI,SAAS,CAAC,wBAAwB,CAAC,CAAC;SAC/C;QAED,IAAI,IAAI,CAAC,MAAM,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE;YACxD,MAAM,IAAI,SAAS,CAAC,0BAA0B,CAAC,CAAC;SACjD;QAED,IAAI,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,QAAQ,KAAK,IAAI,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE;YACpF,MAAM,IAAI,SAAS,CAAC,4BAA4B,CAAC,CAAC;SACnD;KACF;IAED,yBAAQ,GAAR;QACE,OAAU,IAAI,CAAC,IAAI,SAAI,IAAI,CAAC,KAAO,CAAC;KACrC;IAED,sBAAI,0BAAM;aAAV;YACE,IAAI,MAAM,GAAG,IAAI,CAAC,QAAQ,EAAE,CAAC;YAE7B,IAAI,IAAI,CAAC,MAAM,EAAE;gBACf,IAAI,CAAC,OAAO,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC;aACnD;YAED,IAAI,IAAI,CAAC,IAAI,EAAE;gBACb,MAAM,IAAI,YAAU,IAAI,CAAC,IAAM,CAAC;aACjC;YACD,IAAI,IAAI,CAAC,OAAO,EAAE;gBAChB,MAAM,IAAI,eAAa,IAAI,CAAC,OAAO,CAAC,WAAW,EAAI,CAAC;aACrD;YACD,IAAI,IAAI,CAAC,MAAM,EAAE;gBACf,MAAM,IAAI,cAAY,IAAI,CAAC,MAAQ,CAAC;aACrC;YACD,IAAI,IAAI,CAAC,QAAQ,EAAE;gBACjB,MAAM,IAAI,iBAAc,IAAI,CAAC,QAAQ,KAAK,IAAI,GAAG,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAE,CAAC;aAC3F;YACD,IAAI,IAAI,CAAC,MAAM,EAAE;gBACf,MAAM,IAAI,UAAU,CAAC;aACtB;YACD,IAAI,IAAI,CAAC,QAAQ,EAAE;gBACjB,MAAM,IAAI,YAAY,CAAC;aACxB;YAED,OAAO,MAAM,CAAC;SACf;;;OAAA;IAEH,aAAC;AAAD,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;ACpHM,IAAM,WAAW,GAAG;IACzB,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,uBAAuB,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IACxD,yBAAyB,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC1D,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,EAAE,EAAE,EAAE;IACrD,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,EAAE,EAAE,EAAE;IACrD,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,uBAAuB,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IACxD,yBAAyB,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC1D,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,EAAE,EAAE,EAAE;IACrD,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;CACxC;;ACrCV,IAAM,iBAAiB,GAAG,YAAY,CAAA;;IAkCpC,kBAAY,IAAmB;QAC7B,IAAI,GAAG,IAAI,IAAI,EAAE,CAAA;QAEjB,IAAI,CAAC,UAAU,GAAG,MAAM,CAAC,MAAM,CAAC;YAC9B,SAAS,EAAE,aAAa;YACxB,aAAa,EAAE,EAAE;YACjB,QAAQ,EAAE,KAAK;YACf,IAAI,EAAE,EAAE;SACT,EAAE,IAAI,CAAC,UAAU,IAAI,EAAS,CAAC,CAAA;QAEhC,IAAI,CAAC,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC;YAC3B,QAAQ,EAAE,QAAQ;YAClB,SAAS,EAAE,MAAM;YACjB,IAAI,EAAE,EAAE;SACT,EAAE,IAAI,CAAC,OAAO,IAAI,EAAS,CAAC,CAAA;KAE9B;IAID,0BAAO,GAAP,UAAQ,IAA6B,EAAE,OAAiC;QACtE,IAAI,CAAC,IAAI,EAAE;YACT,OAAO,IAAI,CAAA;SACZ;QACK,IAAA,KAMc,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,IAAI,CAAC,UAAU,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC,UAAU,EALzF,IAAI,UAAA,EACJ,SAAS,eAAA,EACT,QAAQ,cAAA,EACR,aAAa,mBAAA,EACb,GAAG,SACsF,CAAA;QAE3F,IAAM,MAAM,GAAG,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,CAAA;QAE7B,IAAI,CAAC,MAAM,EAAE;YACX,MAAM,IAAI,KAAK,CAAC,cAAc,CAAC,CAAA;SAChC;QAED,IAAM,UAAU,GAAG,QAAQ,CAAC,UAAU,CAAC,SAAS,CAAC,CAAA;QACjD,IAAI,CAAC,UAAU,EAAE;YACf,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAA;SACtC;QAED,IAAM,EAAE,GAAG,UAAU,CAAC,QAAQ,GAAG,MAAM,CAAC,WAAW,CAAC,UAAU,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC;QAChF,IAAM,QAAQ,GAAG,OAAO,IAAI,KAAK,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,EAAE,OAAO,CAAC,GAAG,IAAI,CAAA;QAE7E,IAAM,MAAM,GAAG,MAAM,CAAC,cAAc,CAAC,SAAgB,EAAE,MAAM,EAAE,EAAE,EAAE,EAAC,aAAa,eAAA,EAAC,CAAC,CAAA;QAEnF,IAAM,IAAI,GAAG,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QACrC,IAAM,GAAG,GAAG,MAAM,CAAC,KAAK,EAAE,CAAC;QAC3B,IAAI,OAA2B,CAAC;QAChC,IAAI,iBAAiB,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE;YACrC,OAAO,GAAG,MAAM,CAAC,UAAU,EAAE,CAAC;SAC/B;QAED,OAAO,MAAM,CAAC,MAAM,+CACf,EAAE,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,SACd,OAAO,GAAG,CAAC,OAAO,CAAC,GAAG,EAAE;YAC3B,IAAI;YACJ,GAAG;WACH,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAA;KACtB;IAID,0BAAO,GAAP,UAAQ,IAA6B,EAAE,OAAiC;QACtE,IAAI,CAAC,IAAI,EAAE;YACT,OAAO,IAAI,CAAA;SACZ;QAED,IAAM,YAAY,GAAmB,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,IAAI,CAAC,UAAU,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC,UAAU,CAAA;QAG1G,IAAA,QAAQ,GAKN,YAAY,SALN,EACR,GAAG,GAID,YAAY,IAJX,EACG,WAAW,GAGf,YAAY,KAHG,EACjB,SAAS,GAEP,YAAY,UAFL,EACT,aAAa,GACX,YAAY,cADD,CACC;QAEhB,IAAM,IAAI,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,WAAW,CAAA;QACtC,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE;YACrB,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAA;SACvD;QAGC,IAAA,EAAE,GAEA,YAAY,GAFZ,EACF,OAAO,GACL,YAAY,QADP,CACO;QAEhB,IAAI,QAAQ,GAAG,OAAO,IAAI,KAAK,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,EAAE,QAAQ,CAAC,GAAG,IAAI,CAAA;QAE5E,IAAM,UAAU,GAAG,QAAQ,CAAC,UAAU,CAAC,SAAS,CAAC,CAAA;QACjD,IAAI,CAAC,UAAU,EAAE;YACf,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAA;SACtC;QAED,IAAI,OAAO,EAAE,KAAK,QAAQ,EAAE;YAC1B,EAAE,GAAG,MAAM,CAAC,IAAI,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAA;SAC/B;QAED,IAAI,OAAO,OAAO,KAAK,QAAQ,EAAE;YAC/B,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAA;SACzC;QAED,IAAI,UAAU,CAAC,QAAQ,KAAK,SAAS,EAAE;YACrC,IAAI,CAAC,EAAE,EAAE;gBACP,EAAE,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,UAAU,CAAC,QAAQ,CAAC,CAAA;aAC5C;YACD,QAAQ,GAAG,QAAQ,CAAC,KAAK,CAAC,UAAU,CAAC,QAAQ,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAA;SAChE;QAGD,IAAI,iBAAiB,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE;YACrC,IAAI,CAAC,OAAO,EAAE;gBACZ,OAAO,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,aAAa,CAAC,CAAA;aAC3C;YACD,QAAQ,GAAG,QAAQ,CAAC,KAAK,CAAC,aAAa,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAA;SAC1D;QAED,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;YACpC,IAAM,OAAO,GAAG,QAAQ,CAAC,SAAS,CAAC,QAAQ,wBAAM,YAAY,KAAE,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,IAAA,EAAE,OAAO,SAAA,IAAG,CAAC;YAC5F,IAAI,OAAO,KAAK,IAAI;gBAAE,OAAO,OAAO,CAAA;SACrC;QACD,OAAO,IAAI,CAAA;KACZ;IAEc,kBAAS,GAAxB,UAAyB,IAAY,EAAE,OAAuB;QACrD,IAAA,SAAS,GAAqC,OAAO,UAA5C,EAAE,GAAG,GAAgC,OAAO,IAAvC,EAAE,EAAE,GAA4B,OAAO,GAAnC,EAAE,aAAa,GAAa,OAAO,cAApB,EAAE,OAAO,GAAI,OAAO,QAAX,CAAW;QAC5D,IAAM,QAAQ,GAAG,MAAM,CAAC,gBAAgB,CAAC,SAAgB,EAAE,GAAI,EAAE,EAAY,IAAI,IAAI,EAAE,EAAC,aAAa,eAAA,EAAC,CAAC,CAAC;QAExG,IAAI,OAAO,EAAE;YACX,QAAQ,CAAC,UAAU,CAAC,OAAiB,CAAC,CAAA;SACvC;QAED,IAAM,SAAS,GAAG,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,CAAA;QACvC,IAAI,KAAa,CAAA;QACjB,IAAI;YACF,KAAK,GAAG,QAAQ,CAAC,KAAK,EAAE,CAAA;SACzB;QAAC,OAAM,CAAK,EAAE;;YAEb,OAAO,IAAI,CAAA;SACZ;QACD,OAAO,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAA;KAC3D;IAMD,uBAAI,GAAJ,UAAK,IAAoB,EAAE,GAAwB;QACjD,IAAI,CAAC,IAAI,EAAE;YACT,OAAO,IAAI,CAAA;SACZ;QACK,IAAA,KAA8B,IAAI,CAAC,OAAO,EAAzC,SAAS,eAAA,EAAE,QAAQ,cAAA,EAAE,IAAI,UAAgB,CAAA;QAChD,GAAG,GAAG,GAAG,IAAI,IAAI,CAAC,CAAC,CAAc,CAAA;QACjC,OAAO,MAAM;aACV,UAAU,CAAC,SAAS,EAAE,GAAG,CAAC;aAC1B,MAAM,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC;aAC7B,OAAO,CAAC,UAAU,EAAE,UAAU,CAAC;YAC9B,OAAO,CAAC,EAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,EAAE,EAAC,EAAE,CAAC,CAAW,CAAA;SACpD,CAAC,CAAA;KACL;IAED,yBAAM,GAAN,UAAO,IAAY,EAAE,MAAc;QACjC,OAAO,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC,GAAG,CAAC,CAAC,CAAA;KACvC;IAED,0BAAO,GAAP,UAAQ,IAAY,EAAE,MAAc;QAC3B,IAAA,IAAI,GAAI,IAAI,CAAC,OAAO,KAAhB,CAAgB;QAE3B,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE;YACrB,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAA;SACpD;QAED,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;YACpC,IAAI,OAAO,CAAC,MAAM,EAAE,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC,CAAW,CAAC,CAAC;gBAAE,OAAO,CAAC,CAAA;SAClE;QACD,OAAO,CAAC,CAAC,CAAA;KACV;IAxLM,mBAAU,GAAG,WAGlB,CAAA;IAyLJ,eAAC;CAhMD;;AC1BA,IAAM,KAAK,GAA8B,EAAS,CAAC;;IAkDjD,iBAAY,OAA6C,EAAE,QAA8C,EAAE,OAA4B;QAA5B,wBAAA,EAAA,YAA4B;QACrI,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;QACvB,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;QAEzB,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC,QAAQ,IAAI,IAAI,QAAQ,EAAE,CAAC;QACnD,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;QAC7B,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,KAAK,SAAS,GAAG,OAAO,CAAC,MAAM,GAAG,KAAK,CAAC;QACpE,IAAI,CAAC,SAAS,GAAG,OAAO,CAAC,SAAS,KAAK,SAAS,GAAG,OAAO,CAAC,SAAS,GAAG,KAAK,CAAC;QAC7E,IAAI,CAAC,cAAc,GAAG,OAAO,CAAC,cAAc,IAAI,KAAK,CAAC;KACvD;;;;;;;;;;;;;;;;;;;;;IAsBD,qBAAG,GAAH,UAAI,IAAY,EAAE,IAAuB;QACvC,IAAM,KAAK,GAAG,CAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,cAAc,KAAI,IAAI,CAAC,cAAc,CAAC;QAE1D,IAAM,OAAO,GAAG,OAAO,KAAK,KAAK,UAAU,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC;cAChE,MAAG,IAAI,GAAG,GAAG,GAAG,KAAK,CAAE,CAAC;QAE5B,IAAM,MAAM,GAAG,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,SAAS,GAAG,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC;QAEvG,IAAM,SAAS,GAAG,IAAI,IAAI,IAAI,CAAC,SAAS,KAAK,SAAS,GAAG,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC;QAEzF,IAAM,MAAM,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;QAC9C,IAAI,CAAC,MAAM,EAAE;YACX,OAAO,SAAS,CAAC;SAClB;QAED,IAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC;QAC7C,IAAI,CAAC,KAAK,EAAE;YACV,OAAO,SAAS,CAAC;SAClB;QAED,IAAM,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QACvB,IAAI,CAAC,IAAI,IAAI,CAAC,MAAM,EAAE;YACpB,OAAO,SAAS,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAe,CAAC,GAAG,KAAK,CAAC;SACnE;QAED,IAAM,MAAM,GAAG,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,EAAC,SAAS,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK,EAAC,CAAC,CAAC;QACpE,IAAI,CAAC,MAAM,EAAE;YACX,OAAO,SAAS,CAAC;SAClB;QAED,IAAM,IAAI,GAAM,IAAI,SAAI,KAAO,CAAC;QAChC,IAAM,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;QAElD,IAAI,KAAK,GAAG,CAAC,EAAE;YACb,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,IAAI,EAAE,EAAC,IAAI,EAAE,GAAG,EAAE,MAAM,EAAE,KAAK,EAAC,CAAC,CAAC;YACpD,OAAO,SAAS,CAAA;SACjB;aAAM;YACL,KAAK,IAAI,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,EAAC,MAAM,EAAE,KAAK,EAAC,CAAC,CAAC;YACtE,OAAO,SAAS,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAe,CAAC,GAAG,KAAK,CAAC;SACnE;KACF;;;;;;;;IASD,qBAAG,GAAH,UAAI,IAAY,EAAE,KAAqB,EAAE,IAAuB;QAC9D,IAAM,GAAG,GAAG,IAAI,CAAC,QAAQ,EACvB,GAAG,GAAG,IAAI,CAAC,OAAO,EAClB,MAAM,GAAG,IAAI,CAAC,MAAM,KAAK,SAAS,GAAG,CAAC,CAAC,IAAI,CAAC,MAAM,GAAS,GAAI,CAAC,QAAQ,KAAK,OAAO,IAAU,GAAI,CAAC,UAAU,CAAC,WAAW,CAAC,EAC1H,SAAS,GAAG,IAAI,IAAI,IAAI,CAAC,SAAS,KAAK,SAAS,GAAG,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC;QAErF,IAAI,OAAO,IAAI,GAAG,CAAC,SAAS,CAAC,YAAY,CAAC,IAAI,EAAE,CAAa,CAAC;QAE9D,IAAM,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,EAAE,SAAS,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAe,CAAC,GAAE,KAAK,EAAE,IAAI,CAAC,CAAC;QACjG,IAAM,MAAM,GAAG,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,SAAS,GAAG,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC;;QAG7E,IAAI,OAAO,OAAO,IAAI,QAAQ,EAAE;YAC9B,OAAO,GAAG,CAAC,OAAO,CAAC,CAAC;SACrB;QAED,IAAI,CAAC,MAAM,IAAI,IAAI,IAAI,IAAI,CAAC,MAAM,EAAE;YAClC,MAAM,IAAI,KAAK,CAAC,uDAAuD,CAAC,CAAC;SAC1E;QAED,MAAM,CAAC,MAAM,GAAG,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,SAAS,GAAG,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QAEzE,UAAU,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;QAE5B,IAAI,IAAI,IAAI,MAAM,EAAE;YAClB,MAAM,CAAC,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAC;YAErD,IAAM,KAAK,GAAG,IAAI,CAAC,cAAc,IAAI,IAAI,CAAC,cAAc,CAAC;YAEzD,IAAI,OAAO,KAAK,KAAK,UAAU,EAAE;gBAC/B,MAAM,CAAC,IAAI,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,CAAC;aAC7C;iBAAM;gBACL,MAAM,CAAC,IAAI,GAAG,MAAG,MAAM,CAAC,IAAI,GAAG,GAAG,GAAG,KAAK,CAAE,CAAC;aAC9C;YACD,UAAU,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;SAC7B;QAED,IAAM,SAAS,GAAS,GAAI,CAAC,KAAK,CAAC,GAAG,IAAI,CAAC,eAAe,CAAC,SAAS,CAAC,SAAS,GAAG,GAAG,CAAC,SAAS,CAAC;QAC/F,SAAS,CAAC,IAAI,CAAC,GAAG,EAAE,YAAY,EAAE,OAAO,CAAC,CAAC;QAC3C,OAAO,IAAI,CAAC;KACb;IAEM,kBAAU,GAAG,UAAC,OAAwB,IAAK,OAAA,UAAC,GAAQ,EAAE,GAAQ,EAAE,IAAS;QAC9E,GAAG,CAAC,OAAO,GAAG,GAAG,CAAC,OAAO,GAAG,IAAI,OAAO,CAAC,GAAG,EAAE,GAAG,EAAE,OAAO,CAAC,CAAC;QAC3D,IAAI,EAAE,CAAC;KACR,GAAA,CAAA;IAEM,eAAO,GAAG,OAAO,CAAC,UAAU,CAAA;IAC5B,eAAO,GAAG,OAAO,CAAC,UAAU,CAAA;IAC5B,WAAG,GAAG,UAAC,OAAwB,IAAK,OAAA,UAAC,GAAQ,EAAE,IAAS;QAC7D,GAAG,CAAC,OAAO;cACP,GAAG,CAAC,GAAG,CAAC,OAAO;kBACf,GAAG,CAAC,GAAG,CAAC,OAAO;sBACf,GAAG,CAAC,OAAO,CAAC,OAAO;0BACnB,GAAG,CAAC,QAAQ,CAAC,OAAO,GAAG,IAAI,OAAO,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;QAClE,OAAO,IAAI,EAAE,CAAA;KACd,GAAA,CAAA;IACH,cAAC;CAxJD,IAwJC;AAGD,SAAS,UAAU,CAAC,IAAY;IAC9B,IAAI,KAAK,CAAC,IAAI,CAAC,EAAE;QACf,OAAO,KAAK,CAAC,IAAI,CAAW,CAAC;KAC9B;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,GAAG,IAAI,MAAM,CAC7B,cAAY,IAAI,CAAC,OAAO,CAAC,0BAA0B,EAAE,MAAM,CAAC,aAAU,CACvE,CAAC;AACJ,CAAC;AAED,SAAS,UAAU,CAAC,OAAiB,EAAE,MAAc;IACnD,IAAI,MAAM,CAAC,SAAS,EAAE;QACpB,KAAK,IAAI,CAAC,GAAG,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE;YAC5C,IAAI,OAAO,CAAC,CAAC,CAAE,CAAC,OAAO,CAAI,MAAM,CAAC,IAAI,MAAG,CAAC,KAAK,CAAC,EAAE;gBAChD,OAAO,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;aACtB;SACF;KACF;IAED,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;AAC9B;;;;"} \ No newline at end of file diff --git a/dist/index.js b/dist/index.js index 34eb97f..549bf2c 100644 --- a/dist/index.js +++ b/dist/index.js @@ -1,5 +1,5 @@ /*! - * secure-cookie v0.0.7 + * secure-cookie v0.1.0 * (c) Ismail H. Ayaz * Released under the MIT License. */ @@ -167,22 +167,17 @@ var AUTH_TAG_REQUIRED = /-(gcm|ccm)/; var KeyStore = /** @class */ (function () { function KeyStore(opts) { opts = opts || {}; - if (opts.encryption) { - if (!Array.isArray(opts.encryption.keys) || opts.encryption.keys.length === 0) { - throw new Error("keys are required for encryption"); - } - } - if (opts.signing) { - if (!Array.isArray(opts.signing.keys) || opts.signing.keys.length === 0) { - throw new Error("keys are required for signing"); - } - } this.encryption = Object.assign({ algorithm: 'aes-192-ccm', authTagLength: 16, - encoding: 'hex', keys: [] + encoding: 'hex', + keys: [] }, opts.encryption || {}); - this.signing = Object.assign({ encoding: 'base64', algorithm: 'sha1', keys: [] }, opts.signing || {}); + this.signing = Object.assign({ + encoding: 'base64', + algorithm: 'sha1', + keys: [] + }, opts.signing || {}); } KeyStore.prototype.encrypt = function (data, options) { if (!data) { diff --git a/dist/index.js.map b/dist/index.js.map index ad86388..8ffaa13 100644 --- a/dist/index.js.map +++ b/dist/index.js.map @@ -1 +1 @@ -{"version":3,"file":"index.js","sources":["../src/cookie.ts","../src/ciphers.ts","../src/keystore.ts","../src/cookies.ts"],"sourcesContent":["// eslint-disable-next-line no-control-regex\nconst fieldContentRegExp = /^[\\u0009\\u0020-\\u007e\\u0080-\\u00ff]+$/;\nconst SAME_SITE_REGEXP = /^(?:lax|none|strict)$/i;\n\nexport interface CookieAttrs {\n /**\n * a `Date` object indicating the cookie's expiration date (expires at the end of session by default).\n */\n expires?: Date;\n /**\n * a number representing the milliseconds from `Date.now()` for expiry\n */\n maxAge?: number | null;\n /**\n * a boolean or string indicating whether the cookie is a \"same site\" cookie (`false` by default). This can be set to `'strict'`, `'lax'`, `'none'`, or `true` (which maps to `'strict'`).\n */\n sameSite?: 'lax' | 'none' | 'strict' | boolean;\n /**\n * a string indicating the path of the cookie (`/` by default).\n */\n path?: string;\n /**\n * a string indicating the domain of the cookie (no default).\n */\n domain?: string;\n /**\n * a boolean indicating whether the cookie is only to be sent over HTTPS (`false` by default for HTTP, `true` by default for HTTPS).\n */\n secure?: boolean;\n /**\n * a boolean indicating whether the cookie is only to be sent over HTTP(S), and not made available to client JavaScript (`true` by default).\n */\n httpOnly?: boolean;\n /**\n * a boolean indicating whether to overwrite previously set cookies of the same name (`false` by default). If this is true, all cookies set during the same request with the same name (regardless of path or domain) are filtered out of the Set-Cookie header when setting this cookie.\n */\n overwrite?: boolean;\n}\n\nexport class Cookie implements CookieAttrs {\n name: string;\n value: string;\n domain?: string;\n path = '/';\n sameSite?: CookieAttrs['sameSite'] = false;\n secure = false;\n httpOnly = true;\n overwrite = false;\n expires?: Date;\n maxAge?: number | null;\n\n constructor(name: string, value?: string | null, attrs?: CookieAttrs) {\n if (!fieldContentRegExp.test(name)) {\n throw new TypeError('argument name is invalid');\n }\n\n if (value && !fieldContentRegExp.test(value)) {\n throw new TypeError('argument value is invalid');\n }\n\n this.name = name;\n this.value = value || '';\n\n Object.assign(this, attrs)\n\n if (!this.value) {\n this.expires = new Date(0);\n this.maxAge = null;\n }\n\n if (this.path && !fieldContentRegExp.test(this.path)) {\n throw new TypeError('option path is invalid');\n }\n\n if (this.domain && !fieldContentRegExp.test(this.domain)) {\n throw new TypeError('option domain is invalid');\n }\n\n if (this.sameSite && this.sameSite !== true && !SAME_SITE_REGEXP.test(this.sameSite)) {\n throw new TypeError('option sameSite is invalid');\n }\n }\n\n toString() {\n return `${this.name}=${this.value}`;\n }\n\n get header() {\n let header = this.toString();\n\n if (this.maxAge) {\n this.expires = new Date(Date.now() + this.maxAge);\n }\n\n if (this.path) {\n header += `; path=${this.path}`;\n }\n if (this.expires) {\n header += `; expires=${this.expires.toUTCString()}`;\n }\n if (this.domain) {\n header += `; domain=${this.domain}`;\n }\n if (this.sameSite) {\n header += `; samesite=${this.sameSite === true ? 'strict' : this.sameSite.toLowerCase()}`;\n }\n if (this.secure) {\n header += '; secure';\n }\n if (this.httpOnly) {\n header += '; httponly';\n }\n\n return header;\n }\n\n}\n","export const CIPHER_INFO = {\n 'aes-128-cbc': { ivLength: 16, keyLength: 16 },\n 'aes-128-cbc-hmac-sha1': { ivLength: 16, keyLength: 16 },\n 'aes-128-cbc-hmac-sha256': { ivLength: 16, keyLength: 16 },\n 'aes-128-cfb': { ivLength: 16, keyLength: 16 },\n 'aes-128-cfb1': { ivLength: 16, keyLength: 16 },\n 'aes-128-cfb8': { ivLength: 16, keyLength: 16 },\n 'aes-128-ctr': { ivLength: 16, keyLength: 16 },\n 'aes-128-ecb': { ivLength: undefined, keyLength: 16 },\n 'aes-128-ocb': { ivLength: 12, keyLength: 16 },\n 'aes-128-ofb': { ivLength: 16, keyLength: 16 },\n 'aes-128-xts': { ivLength: 16, keyLength: 32 },\n 'aes-192-cbc': { ivLength: 16, keyLength: 24 },\n 'aes-192-cfb': { ivLength: 16, keyLength: 24 },\n 'aes-192-cfb1': { ivLength: 16, keyLength: 24 },\n 'aes-192-cfb8': { ivLength: 16, keyLength: 24 },\n 'aes-192-ctr': { ivLength: 16, keyLength: 24 },\n 'aes-192-ecb': { ivLength: undefined, keyLength: 24 },\n 'aes-192-ocb': { ivLength: 12, keyLength: 24 },\n 'aes-192-ofb': { ivLength: 16, keyLength: 24 },\n 'aes-256-cbc': { ivLength: 16, keyLength: 32 },\n 'aes-256-cbc-hmac-sha1': { ivLength: 16, keyLength: 32 },\n 'aes-256-cbc-hmac-sha256': { ivLength: 16, keyLength: 32 },\n 'aes-256-cfb': { ivLength: 16, keyLength: 32 },\n 'aes-256-cfb1': { ivLength: 16, keyLength: 32 },\n 'aes-256-cfb8': { ivLength: 16, keyLength: 32 },\n 'aes-256-ctr': { ivLength: 16, keyLength: 32 },\n 'aes-256-ecb': { ivLength: undefined, keyLength: 32 },\n 'aes-256-ocb': { ivLength: 12, keyLength: 32 },\n 'aes-256-ofb': { ivLength: 16, keyLength: 32 },\n 'aes-256-xts': { ivLength: 16, keyLength: 64 },\n 'aes-128-ccm': { ivLength: 12, keyLength: 16 },\n 'aes-128-gcm': { ivLength: 12, keyLength: 16 },\n 'aes-192-ccm': { ivLength: 12, keyLength: 24 },\n 'aes-192-gcm': { ivLength: 12, keyLength: 24 },\n 'aes-256-ccm': { ivLength: 12, keyLength: 32 },\n 'aes-256-gcm': { ivLength: 12, keyLength: 32 },\n 'id-aes128-ccm': { ivLength: 12, keyLength: 16 },\n 'id-aes128-gcm': { ivLength: 12, keyLength: 16 },\n 'id-aes192-ccm': { ivLength: 12, keyLength: 24 },\n 'id-aes192-gcm': { ivLength: 12, keyLength: 24 },\n 'id-aes256-ccm': { ivLength: 12, keyLength: 32 },\n 'id-aes256-gcm': { ivLength: 12, keyLength: 32 },\n} as const\n","/* eslint-disable @typescript-eslint/ban-ts-comment */\nimport compare from 'tsscmp'\n\nimport crypto, {BinaryToTextEncoding, CipherKey, Encoding} from \"crypto\";\nimport {CIPHER_INFO} from \"./ciphers\";\n\nconst AUTH_TAG_REQUIRED = /-(gcm|ccm)/\n\nexport interface KeyStoreOpts {\n signing?: {\n keys: string[],\n algorithm?: string | 'blake2b512' | 'blake2s256' | 'gost' | 'md4' | 'md5' | 'rmd160' | 'sha1' | 'sha224'\n | 'sha256' | 'sha3-224' | 'sha3-256' | 'sha3-384' | 'sha3-512' | 'sha384' | 'sha512' | 'sha512-224'\n | 'sha512-256' | 'shake128' | 'shake256' | 'sm3';\n encoding?: BinaryToTextEncoding\n },\n encryption?: {\n keys: string[] | CipherKey[],\n algorithm?: keyof typeof CIPHER_INFO | string,\n encoding?: Encoding\n authTagLength?: number\n }\n}\n\nexport type EncryptOptions = Required & { key?: string | undefined }\nexport type DecryptOptions = Required & {\n key?: string | CipherKey | undefined,\n iv?: string | Buffer | undefined,\n authTag?: string | Buffer | undefined\n}\n\nexport class KeyStore {\n encryption: Required>;\n signing: Required>;\n\n static cipherInfo = CIPHER_INFO as Record\n\n constructor(opts?: KeyStoreOpts) {\n opts = opts || {}\n if (opts.encryption) {\n if (!Array.isArray(opts.encryption.keys) || opts.encryption.keys.length === 0) {\n throw new Error(\"keys are required for encryption\")\n }\n }\n if (opts.signing) {\n if (!Array.isArray(opts.signing.keys) || opts.signing.keys.length === 0) {\n throw new Error(\"keys are required for signing\")\n }\n }\n this.encryption = Object.assign({\n algorithm: 'aes-192-ccm',\n authTagLength: 16,\n encoding: 'hex', keys: []\n }, opts.encryption || {} as any)\n\n this.signing = Object.assign({encoding: 'base64', algorithm: 'sha1', keys: []}, opts.signing || {} as any)\n\n }\n\n encrypt(data?: null, options?: Partial): null\n encrypt(data: string | Buffer, options?: Partial): string\n encrypt(data?: string | Buffer | null, options?: Partial): string | null {\n if (!data) {\n return null\n }\n const {\n keys,\n algorithm,\n encoding,\n authTagLength,\n key\n }: EncryptOptions = options ? Object.assign({}, this.encryption, options) : this.encryption\n\n const secret = key || keys[0]\n\n if (!secret) {\n throw new Error(\"no key found\")\n }\n\n const cipherInfo = KeyStore.cipherInfo[algorithm]\n if (!cipherInfo) {\n throw new Error(\"unsupported cipher\")\n }\n\n const iv = cipherInfo.ivLength ? crypto.randomBytes(cipherInfo.ivLength) : null;\n const dataBuff = typeof data === \"string\" ? Buffer.from(data, 'utf-8') : data\n\n const cipher = crypto.createCipheriv(algorithm as any, secret, iv, {authTagLength})\n\n const text = cipher.update(dataBuff);\n const pad = cipher.final();\n let authTag: Buffer | undefined;\n if (AUTH_TAG_REQUIRED.test(algorithm)) {\n authTag = cipher.getAuthTag();\n }\n\n return Buffer.concat([\n ...iv ? [iv] : [],\n ...authTag ? [authTag] : [],\n text,\n pad\n ]).toString(encoding)\n }\n\n decrypt(data?: null, options?: Partial): null\n decrypt(data: string | Buffer, options?: Partial): string\n decrypt(data?: string | Buffer | null, options?: Partial): string | null {\n if (!data) {\n return null\n }\n\n const finalOptions: DecryptOptions = options ? Object.assign({}, this.encryption, options) : this.encryption\n\n const {\n encoding,\n key,\n keys: defaultKeys,\n algorithm,\n authTagLength,\n } = finalOptions\n\n const keys = key ? [key] : defaultKeys\n if (keys.length === 0) {\n throw new Error(\"keys required for encrypted cookies\")\n }\n\n let {\n iv,\n authTag\n } = finalOptions\n\n let dataBuff = typeof data === \"string\" ? Buffer.from(data, encoding) : data\n\n const cipherInfo = KeyStore.cipherInfo[algorithm]\n if (!cipherInfo) {\n throw new Error(\"unsupported cipher\")\n }\n\n if (typeof iv === \"string\") {\n iv = Buffer.from(iv, encoding)\n }\n\n if (typeof authTag === \"string\") {\n authTag = Buffer.from(authTag, encoding)\n }\n\n if (cipherInfo.ivLength !== undefined) {\n if (!iv) {\n iv = dataBuff.slice(0, cipherInfo.ivLength)\n }\n dataBuff = dataBuff.slice(cipherInfo.ivLength, dataBuff.length)\n }\n\n\n if (AUTH_TAG_REQUIRED.test(algorithm)) {\n if (!authTag) {\n authTag = dataBuff.slice(0, authTagLength)\n }\n dataBuff = dataBuff.slice(authTagLength, dataBuff.length)\n }\n\n for (let i = 0; i < keys.length; i++) {\n const message = KeyStore.doDecrypt(dataBuff, {...finalOptions, key: keys[i], iv, authTag,});\n if (message !== null) return message\n }\n return null\n }\n\n private static doDecrypt(data: Buffer, options: DecryptOptions): string | null {\n const {algorithm, key, iv, authTagLength, authTag} = options\n const decipher = crypto.createDecipheriv(algorithm as any, key!, iv as Buffer || null, {authTagLength});\n\n if (authTag) {\n decipher.setAuthTag(authTag as Buffer)\n }\n\n const plainText = decipher.update(data)\n let final: Buffer\n try {\n final = decipher.final()\n } catch(e:any) {\n // authentication failed\n return null\n }\n return Buffer.concat([plainText, final]).toString('utf-8')\n }\n\n //region: signing\n\n sign(data?: null, key?: string | CipherKey): null\n sign(data: string, key?: string | CipherKey): string\n sign(data?: string | null, key?: string | CipherKey): string | null {\n if (!data) {\n return null\n }\n const {algorithm, encoding, keys} = this.signing\n key = key || keys[0] as CipherKey\n return crypto\n .createHmac(algorithm, key)\n .update(data).digest(encoding)\n .replace(/\\/|\\+|=/g, function (x) {\n return ({\"/\": \"_\", \"+\": \"-\", \"=\": \"\"})[x] as string\n })\n }\n\n verify(data: string, digest: string): boolean {\n return this.indexOf(data, digest) > -1\n }\n\n indexOf(data: string, digest: string): number {\n const {keys} = this.signing\n\n if (keys.length === 0) {\n throw new Error(\"keys required for signed cookies\")\n }\n\n for (let i = 0; i < keys.length; i++) {\n if (compare(digest, this.sign(data, keys[i] as string))) return i\n }\n return -1\n }\n\n //end-region: signing\n\n}\n\n","import http, {IncomingMessage, ServerResponse} from 'http';\nimport {Cookie, CookieAttrs} from './cookie';\nimport {KeyStore} from \"./keystore\";\nimport type {Http2ServerRequest, Http2ServerResponse} from \"http2\";\n\nconst cache: { [key: string]: RegExp } = {} as any;\ntype SignIdentifier = string | ((name: string) => string)\nexport type CookiesOptions = {\n\n /**\n * KeyStore to be used for signing and encrypting\n */\n keyStore?: KeyStore;\n /**\n * a boolean indicating whether the cookie is to be signed (`false` by default). If this is true, another cookie of the same name with the `signIdentifier` will also be sent, with a 27-byte url-safe base64 SHA1 value representing the hash of _cookie-name_=_cookie-value_ against the first [KeyStore](keystore) key. This signature key is used to detect tampering the next time a cookie is received.\n * @default false\n */\n signed?: boolean;\n /**\n * Encrypt cookies by default and assume received cookies are encrypted.\n * @default false\n */\n encrypted?: boolean;\n /**\n * Mark cookies as secure by default.\n * @default `req.protocol`\n */\n secure?: boolean;\n /**\n * If string, provided value will be appended cookie name with dot. For example with given value `mysig`\n * signature cookie name will be `cookiename.mysig`\n *\n * @default `sig`\n */\n signIdentifier?: SignIdentifier\n}\n\nexport type SetCookieOptions = CookiesOptions & CookieAttrs\nexport type GetCookieOptions = CookiesOptions\n\nexport class Cookies {\n\n secure: CookiesOptions[\"secure\"];\n\n encrypted: boolean;\n\n signed: boolean;\n\n keyStore: KeyStore;\n\n signIdentifier?: SignIdentifier\n\n readonly request: IncomingMessage | Http2ServerRequest;\n readonly response: ServerResponse | Http2ServerResponse;\n\n constructor(request: IncomingMessage | Http2ServerRequest, response: ServerResponse | Http2ServerResponse, options: CookiesOptions = {}) {\n this.request = request;\n this.response = response;\n\n this.keyStore = options.keyStore || new KeyStore();\n this.secure = options.secure;\n this.signed = options.signed !== undefined ? options.signed : false;\n this.encrypted = options.encrypted !== undefined ? options.encrypted : false;\n this.signIdentifier = options.signIdentifier || 'sig';\n }\n\n /**\n * This extracts the cookie with the given name from the Set-Cookie header in the request. If such a cookie exists, its value is returned. Otherwise, nothing is returned.\n *\n * `{ signed: true }` can optionally be passed as the second parameter options. In this case, a signature cookie (a cookie of same name ending with the .sig suffix appended) is fetched. If no such cookie exists, nothing is returned.\n *\n * If the signature cookie does exist, the provided KeyStore is used to check whether the hash of cookie-name=cookie-value matches that of any registered key/s:\n *\n * - If the signature cookie hash matches the first key, the original cookie value is returned.\n * - If the signature cookie hash matches any other key, the original cookie value is returned AND an outbound header is set to update the signature cookie's value to the hash of the first key. This enables automatic freshening of signature cookies that have become stale due to key rotation.\n * - If the signature cookie hash does not match any key, nothing is returned, and an outbound header with an expired date is used to delete the cookie.\n *\n * `{ encrypted: true }` can optionally be passed as the second parameter options. In this case, the provided KeyStore will try to decrypt the cookie value with registered key/s.\n *\n * - If the decryption fails nothing is returned, and the cookie stays intact.\n * - If decryption succeeds, decrypted cookie value is returned.\n *\n * If both `signed` and `encrypted` options are provided, signature check will be applied with encrypted value. Than the decryption will be applied.\n * @param name\n * @param opts\n */\n get(name: string, opts?: GetCookieOptions): string | undefined {\n const sigId = opts?.signIdentifier || this.signIdentifier;\n\n const sigName = typeof sigId === 'function' ? sigId.call(null, name)\n : `${name + '.' + sigId}`;\n\n const signed = opts && opts.signed !== undefined ? opts.signed : this.keyStore.signing.keys.length > 0;\n\n const encrypted = opts && opts.encrypted !== undefined ? opts.encrypted : this.encrypted;\n\n const header = this.request.headers['cookie'];\n if (!header) {\n return undefined;\n }\n\n const match = header.match(getPattern(name));\n if (!match) {\n return undefined;\n }\n\n const value = match[1];\n if (!opts || !signed) {\n return encrypted ? this.keyStore.decrypt(value as string) : value;\n }\n\n const remote = this.get(sigName, {encrypted: false, signed: false});\n if (!remote) {\n return undefined;\n }\n\n const data = `${name}=${value}`;\n const index = this.keyStore.indexOf(data, remote);\n\n if (index < 0) {\n this.set(sigName, null, {path: '/', signed: false});\n return undefined\n } else {\n index && this.set(sigName, this.keyStore.sign(data), {signed: false});\n return encrypted ? this.keyStore.decrypt(value as string) : value;\n }\n }\n\n /**\n * This sets the given cookie in the response and returns the current context to allow chaining.\n *\n * @param name Cookie name\n * @param value Cookie value. If this is omitted, an outbound header with an expired date is used to delete the cookie.\n * @param opts Overridden options\n */\n set(name: string, value?: string | null, opts?: SetCookieOptions): Cookies {\n const res = this.response,\n req = this.request,\n secure = this.secure !== undefined ? !!this.secure : (req).protocol === 'https' || (req).connection['encrypted'],\n encrypted = opts && opts.encrypted !== undefined ? opts.encrypted : this.encrypted;\n\n let headers = (res.getHeader('Set-Cookie') || []) as string[];\n\n const cookie = new Cookie(name, encrypted ? this.keyStore.encrypt(value as string): value, opts);\n const signed = opts && opts.signed !== undefined ? opts.signed : this.signed;\n\n /* istanbul ignore next */\n if (typeof headers == 'string') {\n headers = [headers];\n }\n\n if (!secure && opts && opts.secure) {\n throw new Error('Cannot send secure cookie over unencrypted connection');\n }\n\n cookie.secure = opts && opts.secure !== undefined ? opts.secure : secure;\n\n pushCookie(headers, cookie);\n\n if (opts && signed) {\n cookie.value = this.keyStore.sign(cookie.toString());\n\n const sigId = opts.signIdentifier || this.signIdentifier;\n\n if (typeof sigId === 'function') {\n cookie.name = sigId.call(null, cookie.name);\n } else {\n cookie.name = `${cookie.name + '.' + sigId}`;\n }\n pushCookie(headers, cookie);\n }\n\n const setHeader = (res)[\"set\"] ? http.OutgoingMessage.prototype.setHeader : res.setHeader;\n setHeader.call(res, 'Set-Cookie', headers);\n return this;\n }\n\n static middleware = (options?: CookiesOptions) => (req: any, res: any, next: any) => {\n req.cookies = res.cookies = new Cookies(req, res, options);\n next();\n }\n\n static connect = Cookies.middleware\n static express = Cookies.middleware\n static koa = (options?: CookiesOptions) => (ctx: any, next: any) => {\n ctx.cookies\n = ctx.req.cookies\n = ctx.res.cookies\n = ctx.request.cookies\n = ctx.response.cookies = new Cookies(ctx.req, ctx.res, options);\n return next()\n }\n}\n\n\nfunction getPattern(name: string): RegExp {\n if (cache[name]) {\n return cache[name] as RegExp;\n }\n\n return cache[name] = new RegExp(\n `(?:^|;) *${name.replace(/[-[\\]{}()*+?.,\\\\^$|#\\s]/g, '\\\\$&')}=([^;]*)`\n );\n}\n\nfunction pushCookie(headers: string[], cookie: Cookie) {\n if (cookie.overwrite) {\n for (let i = headers.length - 1; i >= 0; i--) {\n if (headers[i]!.indexOf(`${cookie.name}=`) === 0) {\n headers.splice(i, 1);\n }\n }\n }\n\n headers.push(cookie.header);\n}\n"],"names":["crypto","compare","http"],"mappings":";;;;;;;;;;;;;;;;;;;;AAAA;AACA,IAAM,kBAAkB,GAAG,uCAAuC,CAAC;AACnE,IAAM,gBAAgB,GAAG,wBAAwB,CAAC;;IAiDhD,gBAAY,IAAY,EAAE,KAAqB,EAAE,KAAmB;QARpE,SAAI,GAAG,GAAG,CAAC;QACX,aAAQ,GAA6B,KAAK,CAAC;QAC3C,WAAM,GAAG,KAAK,CAAC;QACf,aAAQ,GAAG,IAAI,CAAC;QAChB,cAAS,GAAG,KAAK,CAAC;QAKhB,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;YAClC,MAAM,IAAI,SAAS,CAAC,0BAA0B,CAAC,CAAC;SACjD;QAED,IAAI,KAAK,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE;YAC5C,MAAM,IAAI,SAAS,CAAC,2BAA2B,CAAC,CAAC;SAClD;QAED,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;QACjB,IAAI,CAAC,KAAK,GAAG,KAAK,IAAI,EAAE,CAAC;QAEzB,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,CAAA;QAE1B,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE;YACf,IAAI,CAAC,OAAO,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC;YAC3B,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC;SACpB;QAED,IAAI,IAAI,CAAC,IAAI,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;YACpD,MAAM,IAAI,SAAS,CAAC,wBAAwB,CAAC,CAAC;SAC/C;QAED,IAAI,IAAI,CAAC,MAAM,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE;YACxD,MAAM,IAAI,SAAS,CAAC,0BAA0B,CAAC,CAAC;SACjD;QAED,IAAI,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,QAAQ,KAAK,IAAI,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE;YACpF,MAAM,IAAI,SAAS,CAAC,4BAA4B,CAAC,CAAC;SACnD;KACF;IAED,yBAAQ,GAAR;QACE,OAAU,IAAI,CAAC,IAAI,SAAI,IAAI,CAAC,KAAO,CAAC;KACrC;IAED,sBAAI,0BAAM;aAAV;YACE,IAAI,MAAM,GAAG,IAAI,CAAC,QAAQ,EAAE,CAAC;YAE7B,IAAI,IAAI,CAAC,MAAM,EAAE;gBACf,IAAI,CAAC,OAAO,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC;aACnD;YAED,IAAI,IAAI,CAAC,IAAI,EAAE;gBACb,MAAM,IAAI,YAAU,IAAI,CAAC,IAAM,CAAC;aACjC;YACD,IAAI,IAAI,CAAC,OAAO,EAAE;gBAChB,MAAM,IAAI,eAAa,IAAI,CAAC,OAAO,CAAC,WAAW,EAAI,CAAC;aACrD;YACD,IAAI,IAAI,CAAC,MAAM,EAAE;gBACf,MAAM,IAAI,cAAY,IAAI,CAAC,MAAQ,CAAC;aACrC;YACD,IAAI,IAAI,CAAC,QAAQ,EAAE;gBACjB,MAAM,IAAI,iBAAc,IAAI,CAAC,QAAQ,KAAK,IAAI,GAAG,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAE,CAAC;aAC3F;YACD,IAAI,IAAI,CAAC,MAAM,EAAE;gBACf,MAAM,IAAI,UAAU,CAAC;aACtB;YACD,IAAI,IAAI,CAAC,QAAQ,EAAE;gBACjB,MAAM,IAAI,YAAY,CAAC;aACxB;YAED,OAAO,MAAM,CAAC;SACf;;;OAAA;IAEH,aAAC;AAAD,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;ACpHM,IAAM,WAAW,GAAG;IACzB,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,uBAAuB,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IACxD,yBAAyB,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC1D,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,EAAE,EAAE,EAAE;IACrD,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,EAAE,EAAE,EAAE;IACrD,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,uBAAuB,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IACxD,yBAAyB,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC1D,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,EAAE,EAAE,EAAE;IACrD,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;CACxC;;ACrCV,IAAM,iBAAiB,GAAG,YAAY,CAAA;;IAkCpC,kBAAY,IAAmB;QAC7B,IAAI,GAAG,IAAI,IAAI,EAAE,CAAA;QACjB,IAAI,IAAI,CAAC,UAAU,EAAE;YACnB,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE;gBAC7E,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAA;aACpD;SACF;QACD,IAAI,IAAI,CAAC,OAAO,EAAE;YAChB,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE;gBACvE,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAA;aACjD;SACF;QACD,IAAI,CAAC,UAAU,GAAG,MAAM,CAAC,MAAM,CAAC;YAC9B,SAAS,EAAE,aAAa;YACxB,aAAa,EAAE,EAAE;YACjB,QAAQ,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE;SAC1B,EAAE,IAAI,CAAC,UAAU,IAAI,EAAS,CAAC,CAAA;QAEhC,IAAI,CAAC,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,EAAC,QAAQ,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,EAAE,IAAI,EAAE,EAAE,EAAC,EAAE,IAAI,CAAC,OAAO,IAAI,EAAS,CAAC,CAAA;KAE3G;IAID,0BAAO,GAAP,UAAQ,IAA6B,EAAE,OAAiC;QACtE,IAAI,CAAC,IAAI,EAAE;YACT,OAAO,IAAI,CAAA;SACZ;QACK,IAAA,KAMc,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,IAAI,CAAC,UAAU,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC,UAAU,EALzF,IAAI,UAAA,EACJ,SAAS,eAAA,EACT,QAAQ,cAAA,EACR,aAAa,mBAAA,EACb,GAAG,SACsF,CAAA;QAE3F,IAAM,MAAM,GAAG,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,CAAA;QAE7B,IAAI,CAAC,MAAM,EAAE;YACX,MAAM,IAAI,KAAK,CAAC,cAAc,CAAC,CAAA;SAChC;QAED,IAAM,UAAU,GAAG,QAAQ,CAAC,UAAU,CAAC,SAAS,CAAC,CAAA;QACjD,IAAI,CAAC,UAAU,EAAE;YACf,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAA;SACtC;QAED,IAAM,EAAE,GAAG,UAAU,CAAC,QAAQ,GAAGA,0BAAM,CAAC,WAAW,CAAC,UAAU,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC;QAChF,IAAM,QAAQ,GAAG,OAAO,IAAI,KAAK,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,EAAE,OAAO,CAAC,GAAG,IAAI,CAAA;QAE7E,IAAM,MAAM,GAAGA,0BAAM,CAAC,cAAc,CAAC,SAAgB,EAAE,MAAM,EAAE,EAAE,EAAE,EAAC,aAAa,eAAA,EAAC,CAAC,CAAA;QAEnF,IAAM,IAAI,GAAG,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QACrC,IAAM,GAAG,GAAG,MAAM,CAAC,KAAK,EAAE,CAAC;QAC3B,IAAI,OAA2B,CAAC;QAChC,IAAI,iBAAiB,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE;YACrC,OAAO,GAAG,MAAM,CAAC,UAAU,EAAE,CAAC;SAC/B;QAED,OAAO,MAAM,CAAC,MAAM,+CACf,EAAE,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,SACd,OAAO,GAAG,CAAC,OAAO,CAAC,GAAG,EAAE;YAC3B,IAAI;YACJ,GAAG;WACH,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAA;KACtB;IAID,0BAAO,GAAP,UAAQ,IAA6B,EAAE,OAAiC;QACtE,IAAI,CAAC,IAAI,EAAE;YACT,OAAO,IAAI,CAAA;SACZ;QAED,IAAM,YAAY,GAAmB,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,IAAI,CAAC,UAAU,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC,UAAU,CAAA;QAG1G,IAAA,QAAQ,GAKN,YAAY,SALN,EACR,GAAG,GAID,YAAY,IAJX,EACG,WAAW,GAGf,YAAY,KAHG,EACjB,SAAS,GAEP,YAAY,UAFL,EACT,aAAa,GACX,YAAY,cADD,CACC;QAEhB,IAAM,IAAI,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,WAAW,CAAA;QACtC,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE;YACrB,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAA;SACvD;QAGC,IAAA,EAAE,GAEA,YAAY,GAFZ,EACF,OAAO,GACL,YAAY,QADP,CACO;QAEhB,IAAI,QAAQ,GAAG,OAAO,IAAI,KAAK,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,EAAE,QAAQ,CAAC,GAAG,IAAI,CAAA;QAE5E,IAAM,UAAU,GAAG,QAAQ,CAAC,UAAU,CAAC,SAAS,CAAC,CAAA;QACjD,IAAI,CAAC,UAAU,EAAE;YACf,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAA;SACtC;QAED,IAAI,OAAO,EAAE,KAAK,QAAQ,EAAE;YAC1B,EAAE,GAAG,MAAM,CAAC,IAAI,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAA;SAC/B;QAED,IAAI,OAAO,OAAO,KAAK,QAAQ,EAAE;YAC/B,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAA;SACzC;QAED,IAAI,UAAU,CAAC,QAAQ,KAAK,SAAS,EAAE;YACrC,IAAI,CAAC,EAAE,EAAE;gBACP,EAAE,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,UAAU,CAAC,QAAQ,CAAC,CAAA;aAC5C;YACD,QAAQ,GAAG,QAAQ,CAAC,KAAK,CAAC,UAAU,CAAC,QAAQ,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAA;SAChE;QAGD,IAAI,iBAAiB,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE;YACrC,IAAI,CAAC,OAAO,EAAE;gBACZ,OAAO,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,aAAa,CAAC,CAAA;aAC3C;YACD,QAAQ,GAAG,QAAQ,CAAC,KAAK,CAAC,aAAa,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAA;SAC1D;QAED,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;YACpC,IAAM,OAAO,GAAG,QAAQ,CAAC,SAAS,CAAC,QAAQ,wBAAM,YAAY,KAAE,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,IAAA,EAAE,OAAO,SAAA,IAAG,CAAC;YAC5F,IAAI,OAAO,KAAK,IAAI;gBAAE,OAAO,OAAO,CAAA;SACrC;QACD,OAAO,IAAI,CAAA;KACZ;IAEc,kBAAS,GAAxB,UAAyB,IAAY,EAAE,OAAuB;QACrD,IAAA,SAAS,GAAqC,OAAO,UAA5C,EAAE,GAAG,GAAgC,OAAO,IAAvC,EAAE,EAAE,GAA4B,OAAO,GAAnC,EAAE,aAAa,GAAa,OAAO,cAApB,EAAE,OAAO,GAAI,OAAO,QAAX,CAAW;QAC5D,IAAM,QAAQ,GAAGA,0BAAM,CAAC,gBAAgB,CAAC,SAAgB,EAAE,GAAI,EAAE,EAAY,IAAI,IAAI,EAAE,EAAC,aAAa,eAAA,EAAC,CAAC,CAAC;QAExG,IAAI,OAAO,EAAE;YACX,QAAQ,CAAC,UAAU,CAAC,OAAiB,CAAC,CAAA;SACvC;QAED,IAAM,SAAS,GAAG,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,CAAA;QACvC,IAAI,KAAa,CAAA;QACjB,IAAI;YACF,KAAK,GAAG,QAAQ,CAAC,KAAK,EAAE,CAAA;SACzB;QAAC,OAAM,CAAK,EAAE;;YAEb,OAAO,IAAI,CAAA;SACZ;QACD,OAAO,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAA;KAC3D;IAMD,uBAAI,GAAJ,UAAK,IAAoB,EAAE,GAAwB;QACjD,IAAI,CAAC,IAAI,EAAE;YACT,OAAO,IAAI,CAAA;SACZ;QACK,IAAA,KAA8B,IAAI,CAAC,OAAO,EAAzC,SAAS,eAAA,EAAE,QAAQ,cAAA,EAAE,IAAI,UAAgB,CAAA;QAChD,GAAG,GAAG,GAAG,IAAI,IAAI,CAAC,CAAC,CAAc,CAAA;QACjC,OAAOA,0BAAM;aACV,UAAU,CAAC,SAAS,EAAE,GAAG,CAAC;aAC1B,MAAM,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC;aAC7B,OAAO,CAAC,UAAU,EAAE,UAAU,CAAC;YAC9B,OAAO,CAAC,EAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,EAAE,EAAC,EAAE,CAAC,CAAW,CAAA;SACpD,CAAC,CAAA;KACL;IAED,yBAAM,GAAN,UAAO,IAAY,EAAE,MAAc;QACjC,OAAO,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC,GAAG,CAAC,CAAC,CAAA;KACvC;IAED,0BAAO,GAAP,UAAQ,IAAY,EAAE,MAAc;QAC3B,IAAA,IAAI,GAAI,IAAI,CAAC,OAAO,KAAhB,CAAgB;QAE3B,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE;YACrB,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAA;SACpD;QAED,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;YACpC,IAAIC,2BAAO,CAAC,MAAM,EAAE,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC,CAAW,CAAC,CAAC;gBAAE,OAAO,CAAC,CAAA;SAClE;QACD,OAAO,CAAC,CAAC,CAAA;KACV;IA5LM,mBAAU,GAAG,WAGlB,CAAA;IA6LJ,eAAC;CApMD;;AC1BA,IAAM,KAAK,GAA8B,EAAS,CAAC;;IAkDjD,iBAAY,OAA6C,EAAE,QAA8C,EAAE,OAA4B;QAA5B,wBAAA,EAAA,YAA4B;QACrI,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;QACvB,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;QAEzB,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC,QAAQ,IAAI,IAAI,QAAQ,EAAE,CAAC;QACnD,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;QAC7B,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,KAAK,SAAS,GAAG,OAAO,CAAC,MAAM,GAAG,KAAK,CAAC;QACpE,IAAI,CAAC,SAAS,GAAG,OAAO,CAAC,SAAS,KAAK,SAAS,GAAG,OAAO,CAAC,SAAS,GAAG,KAAK,CAAC;QAC7E,IAAI,CAAC,cAAc,GAAG,OAAO,CAAC,cAAc,IAAI,KAAK,CAAC;KACvD;;;;;;;;;;;;;;;;;;;;;IAsBD,qBAAG,GAAH,UAAI,IAAY,EAAE,IAAuB;QACvC,IAAM,KAAK,GAAG,CAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,cAAc,KAAI,IAAI,CAAC,cAAc,CAAC;QAE1D,IAAM,OAAO,GAAG,OAAO,KAAK,KAAK,UAAU,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC;cAChE,MAAG,IAAI,GAAG,GAAG,GAAG,KAAK,CAAE,CAAC;QAE5B,IAAM,MAAM,GAAG,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,SAAS,GAAG,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC;QAEvG,IAAM,SAAS,GAAG,IAAI,IAAI,IAAI,CAAC,SAAS,KAAK,SAAS,GAAG,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC;QAEzF,IAAM,MAAM,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;QAC9C,IAAI,CAAC,MAAM,EAAE;YACX,OAAO,SAAS,CAAC;SAClB;QAED,IAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC;QAC7C,IAAI,CAAC,KAAK,EAAE;YACV,OAAO,SAAS,CAAC;SAClB;QAED,IAAM,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QACvB,IAAI,CAAC,IAAI,IAAI,CAAC,MAAM,EAAE;YACpB,OAAO,SAAS,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAe,CAAC,GAAG,KAAK,CAAC;SACnE;QAED,IAAM,MAAM,GAAG,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,EAAC,SAAS,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK,EAAC,CAAC,CAAC;QACpE,IAAI,CAAC,MAAM,EAAE;YACX,OAAO,SAAS,CAAC;SAClB;QAED,IAAM,IAAI,GAAM,IAAI,SAAI,KAAO,CAAC;QAChC,IAAM,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;QAElD,IAAI,KAAK,GAAG,CAAC,EAAE;YACb,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,IAAI,EAAE,EAAC,IAAI,EAAE,GAAG,EAAE,MAAM,EAAE,KAAK,EAAC,CAAC,CAAC;YACpD,OAAO,SAAS,CAAA;SACjB;aAAM;YACL,KAAK,IAAI,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,EAAC,MAAM,EAAE,KAAK,EAAC,CAAC,CAAC;YACtE,OAAO,SAAS,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAe,CAAC,GAAG,KAAK,CAAC;SACnE;KACF;;;;;;;;IASD,qBAAG,GAAH,UAAI,IAAY,EAAE,KAAqB,EAAE,IAAuB;QAC9D,IAAM,GAAG,GAAG,IAAI,CAAC,QAAQ,EACvB,GAAG,GAAG,IAAI,CAAC,OAAO,EAClB,MAAM,GAAG,IAAI,CAAC,MAAM,KAAK,SAAS,GAAG,CAAC,CAAC,IAAI,CAAC,MAAM,GAAS,GAAI,CAAC,QAAQ,KAAK,OAAO,IAAU,GAAI,CAAC,UAAU,CAAC,WAAW,CAAC,EAC1H,SAAS,GAAG,IAAI,IAAI,IAAI,CAAC,SAAS,KAAK,SAAS,GAAG,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC;QAErF,IAAI,OAAO,IAAI,GAAG,CAAC,SAAS,CAAC,YAAY,CAAC,IAAI,EAAE,CAAa,CAAC;QAE9D,IAAM,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,EAAE,SAAS,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAe,CAAC,GAAE,KAAK,EAAE,IAAI,CAAC,CAAC;QACjG,IAAM,MAAM,GAAG,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,SAAS,GAAG,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC;;QAG7E,IAAI,OAAO,OAAO,IAAI,QAAQ,EAAE;YAC9B,OAAO,GAAG,CAAC,OAAO,CAAC,CAAC;SACrB;QAED,IAAI,CAAC,MAAM,IAAI,IAAI,IAAI,IAAI,CAAC,MAAM,EAAE;YAClC,MAAM,IAAI,KAAK,CAAC,uDAAuD,CAAC,CAAC;SAC1E;QAED,MAAM,CAAC,MAAM,GAAG,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,SAAS,GAAG,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QAEzE,UAAU,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;QAE5B,IAAI,IAAI,IAAI,MAAM,EAAE;YAClB,MAAM,CAAC,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAC;YAErD,IAAM,KAAK,GAAG,IAAI,CAAC,cAAc,IAAI,IAAI,CAAC,cAAc,CAAC;YAEzD,IAAI,OAAO,KAAK,KAAK,UAAU,EAAE;gBAC/B,MAAM,CAAC,IAAI,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,CAAC;aAC7C;iBAAM;gBACL,MAAM,CAAC,IAAI,GAAG,MAAG,MAAM,CAAC,IAAI,GAAG,GAAG,GAAG,KAAK,CAAE,CAAC;aAC9C;YACD,UAAU,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;SAC7B;QAED,IAAM,SAAS,GAAS,GAAI,CAAC,KAAK,CAAC,GAAGC,wBAAI,CAAC,eAAe,CAAC,SAAS,CAAC,SAAS,GAAG,GAAG,CAAC,SAAS,CAAC;QAC/F,SAAS,CAAC,IAAI,CAAC,GAAG,EAAE,YAAY,EAAE,OAAO,CAAC,CAAC;QAC3C,OAAO,IAAI,CAAC;KACb;IAEM,kBAAU,GAAG,UAAC,OAAwB,IAAK,OAAA,UAAC,GAAQ,EAAE,GAAQ,EAAE,IAAS;QAC9E,GAAG,CAAC,OAAO,GAAG,GAAG,CAAC,OAAO,GAAG,IAAI,OAAO,CAAC,GAAG,EAAE,GAAG,EAAE,OAAO,CAAC,CAAC;QAC3D,IAAI,EAAE,CAAC;KACR,GAAA,CAAA;IAEM,eAAO,GAAG,OAAO,CAAC,UAAU,CAAA;IAC5B,eAAO,GAAG,OAAO,CAAC,UAAU,CAAA;IAC5B,WAAG,GAAG,UAAC,OAAwB,IAAK,OAAA,UAAC,GAAQ,EAAE,IAAS;QAC7D,GAAG,CAAC,OAAO;cACP,GAAG,CAAC,GAAG,CAAC,OAAO;kBACf,GAAG,CAAC,GAAG,CAAC,OAAO;sBACf,GAAG,CAAC,OAAO,CAAC,OAAO;0BACnB,GAAG,CAAC,QAAQ,CAAC,OAAO,GAAG,IAAI,OAAO,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;QAClE,OAAO,IAAI,EAAE,CAAA;KACd,GAAA,CAAA;IACH,cAAC;CAxJD,IAwJC;AAGD,SAAS,UAAU,CAAC,IAAY;IAC9B,IAAI,KAAK,CAAC,IAAI,CAAC,EAAE;QACf,OAAO,KAAK,CAAC,IAAI,CAAW,CAAC;KAC9B;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,GAAG,IAAI,MAAM,CAC7B,cAAY,IAAI,CAAC,OAAO,CAAC,0BAA0B,EAAE,MAAM,CAAC,aAAU,CACvE,CAAC;AACJ,CAAC;AAED,SAAS,UAAU,CAAC,OAAiB,EAAE,MAAc;IACnD,IAAI,MAAM,CAAC,SAAS,EAAE;QACpB,KAAK,IAAI,CAAC,GAAG,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE;YAC5C,IAAI,OAAO,CAAC,CAAC,CAAE,CAAC,OAAO,CAAI,MAAM,CAAC,IAAI,MAAG,CAAC,KAAK,CAAC,EAAE;gBAChD,OAAO,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;aACtB;SACF;KACF;IAED,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;AAC9B;;;;;;"} \ No newline at end of file +{"version":3,"file":"index.js","sources":["../src/cookie.ts","../src/ciphers.ts","../src/keystore.ts","../src/cookies.ts"],"sourcesContent":["// eslint-disable-next-line no-control-regex\nconst fieldContentRegExp = /^[\\u0009\\u0020-\\u007e\\u0080-\\u00ff]+$/;\nconst SAME_SITE_REGEXP = /^(?:lax|none|strict)$/i;\n\nexport interface CookieAttrs {\n /**\n * a `Date` object indicating the cookie's expiration date (expires at the end of session by default).\n */\n expires?: Date;\n /**\n * a number representing the milliseconds from `Date.now()` for expiry\n */\n maxAge?: number | null;\n /**\n * a boolean or string indicating whether the cookie is a \"same site\" cookie (`false` by default). This can be set to `'strict'`, `'lax'`, `'none'`, or `true` (which maps to `'strict'`).\n */\n sameSite?: 'lax' | 'none' | 'strict' | boolean;\n /**\n * a string indicating the path of the cookie (`/` by default).\n */\n path?: string;\n /**\n * a string indicating the domain of the cookie (no default).\n */\n domain?: string;\n /**\n * a boolean indicating whether the cookie is only to be sent over HTTPS (`false` by default for HTTP, `true` by default for HTTPS).\n */\n secure?: boolean;\n /**\n * a boolean indicating whether the cookie is only to be sent over HTTP(S), and not made available to client JavaScript (`true` by default).\n */\n httpOnly?: boolean;\n /**\n * a boolean indicating whether to overwrite previously set cookies of the same name (`false` by default). If this is true, all cookies set during the same request with the same name (regardless of path or domain) are filtered out of the Set-Cookie header when setting this cookie.\n */\n overwrite?: boolean;\n}\n\nexport class Cookie implements CookieAttrs {\n name: string;\n value: string;\n domain?: string;\n path = '/';\n sameSite?: CookieAttrs['sameSite'] = false;\n secure = false;\n httpOnly = true;\n overwrite = false;\n expires?: Date;\n maxAge?: number | null;\n\n constructor(name: string, value?: string | null, attrs?: CookieAttrs) {\n if (!fieldContentRegExp.test(name)) {\n throw new TypeError('argument name is invalid');\n }\n\n if (value && !fieldContentRegExp.test(value)) {\n throw new TypeError('argument value is invalid');\n }\n\n this.name = name;\n this.value = value || '';\n\n Object.assign(this, attrs)\n\n if (!this.value) {\n this.expires = new Date(0);\n this.maxAge = null;\n }\n\n if (this.path && !fieldContentRegExp.test(this.path)) {\n throw new TypeError('option path is invalid');\n }\n\n if (this.domain && !fieldContentRegExp.test(this.domain)) {\n throw new TypeError('option domain is invalid');\n }\n\n if (this.sameSite && this.sameSite !== true && !SAME_SITE_REGEXP.test(this.sameSite)) {\n throw new TypeError('option sameSite is invalid');\n }\n }\n\n toString() {\n return `${this.name}=${this.value}`;\n }\n\n get header() {\n let header = this.toString();\n\n if (this.maxAge) {\n this.expires = new Date(Date.now() + this.maxAge);\n }\n\n if (this.path) {\n header += `; path=${this.path}`;\n }\n if (this.expires) {\n header += `; expires=${this.expires.toUTCString()}`;\n }\n if (this.domain) {\n header += `; domain=${this.domain}`;\n }\n if (this.sameSite) {\n header += `; samesite=${this.sameSite === true ? 'strict' : this.sameSite.toLowerCase()}`;\n }\n if (this.secure) {\n header += '; secure';\n }\n if (this.httpOnly) {\n header += '; httponly';\n }\n\n return header;\n }\n\n}\n","export const CIPHER_INFO = {\n 'aes-128-cbc': { ivLength: 16, keyLength: 16 },\n 'aes-128-cbc-hmac-sha1': { ivLength: 16, keyLength: 16 },\n 'aes-128-cbc-hmac-sha256': { ivLength: 16, keyLength: 16 },\n 'aes-128-cfb': { ivLength: 16, keyLength: 16 },\n 'aes-128-cfb1': { ivLength: 16, keyLength: 16 },\n 'aes-128-cfb8': { ivLength: 16, keyLength: 16 },\n 'aes-128-ctr': { ivLength: 16, keyLength: 16 },\n 'aes-128-ecb': { ivLength: undefined, keyLength: 16 },\n 'aes-128-ocb': { ivLength: 12, keyLength: 16 },\n 'aes-128-ofb': { ivLength: 16, keyLength: 16 },\n 'aes-128-xts': { ivLength: 16, keyLength: 32 },\n 'aes-192-cbc': { ivLength: 16, keyLength: 24 },\n 'aes-192-cfb': { ivLength: 16, keyLength: 24 },\n 'aes-192-cfb1': { ivLength: 16, keyLength: 24 },\n 'aes-192-cfb8': { ivLength: 16, keyLength: 24 },\n 'aes-192-ctr': { ivLength: 16, keyLength: 24 },\n 'aes-192-ecb': { ivLength: undefined, keyLength: 24 },\n 'aes-192-ocb': { ivLength: 12, keyLength: 24 },\n 'aes-192-ofb': { ivLength: 16, keyLength: 24 },\n 'aes-256-cbc': { ivLength: 16, keyLength: 32 },\n 'aes-256-cbc-hmac-sha1': { ivLength: 16, keyLength: 32 },\n 'aes-256-cbc-hmac-sha256': { ivLength: 16, keyLength: 32 },\n 'aes-256-cfb': { ivLength: 16, keyLength: 32 },\n 'aes-256-cfb1': { ivLength: 16, keyLength: 32 },\n 'aes-256-cfb8': { ivLength: 16, keyLength: 32 },\n 'aes-256-ctr': { ivLength: 16, keyLength: 32 },\n 'aes-256-ecb': { ivLength: undefined, keyLength: 32 },\n 'aes-256-ocb': { ivLength: 12, keyLength: 32 },\n 'aes-256-ofb': { ivLength: 16, keyLength: 32 },\n 'aes-256-xts': { ivLength: 16, keyLength: 64 },\n 'aes-128-ccm': { ivLength: 12, keyLength: 16 },\n 'aes-128-gcm': { ivLength: 12, keyLength: 16 },\n 'aes-192-ccm': { ivLength: 12, keyLength: 24 },\n 'aes-192-gcm': { ivLength: 12, keyLength: 24 },\n 'aes-256-ccm': { ivLength: 12, keyLength: 32 },\n 'aes-256-gcm': { ivLength: 12, keyLength: 32 },\n 'id-aes128-ccm': { ivLength: 12, keyLength: 16 },\n 'id-aes128-gcm': { ivLength: 12, keyLength: 16 },\n 'id-aes192-ccm': { ivLength: 12, keyLength: 24 },\n 'id-aes192-gcm': { ivLength: 12, keyLength: 24 },\n 'id-aes256-ccm': { ivLength: 12, keyLength: 32 },\n 'id-aes256-gcm': { ivLength: 12, keyLength: 32 },\n} as const\n","/* eslint-disable @typescript-eslint/ban-ts-comment */\nimport compare from 'tsscmp'\n\nimport crypto, {BinaryToTextEncoding, CipherKey, Encoding} from \"crypto\";\nimport {CIPHER_INFO} from \"./ciphers\";\n\nconst AUTH_TAG_REQUIRED = /-(gcm|ccm)/\n\nexport interface KeyStoreOpts {\n signing?: {\n keys: string[],\n algorithm?: string | 'blake2b512' | 'blake2s256' | 'gost' | 'md4' | 'md5' | 'rmd160' | 'sha1' | 'sha224'\n | 'sha256' | 'sha3-224' | 'sha3-256' | 'sha3-384' | 'sha3-512' | 'sha384' | 'sha512' | 'sha512-224'\n | 'sha512-256' | 'shake128' | 'shake256' | 'sm3';\n encoding?: BinaryToTextEncoding\n },\n encryption?: {\n keys: string[] | CipherKey[],\n algorithm?: keyof typeof CIPHER_INFO | string,\n encoding?: Encoding\n authTagLength?: number\n }\n}\n\nexport type EncryptOptions = Required & { key?: string | undefined }\nexport type DecryptOptions = Required & {\n key?: string | CipherKey | undefined,\n iv?: string | Buffer | undefined,\n authTag?: string | Buffer | undefined\n}\n\nexport class KeyStore {\n encryption: Required>;\n signing: Required>;\n\n static cipherInfo = CIPHER_INFO as Record\n\n constructor(opts?: KeyStoreOpts) {\n opts = opts || {}\n\n this.encryption = Object.assign({\n algorithm: 'aes-192-ccm',\n authTagLength: 16,\n encoding: 'hex',\n keys: []\n }, opts.encryption || {} as any)\n\n this.signing = Object.assign({\n encoding: 'base64',\n algorithm: 'sha1',\n keys: []\n }, opts.signing || {} as any)\n\n }\n\n encrypt(data?: null, options?: Partial): null\n encrypt(data: string | Buffer, options?: Partial): string\n encrypt(data?: string | Buffer | null, options?: Partial): string | null {\n if (!data) {\n return null\n }\n const {\n keys,\n algorithm,\n encoding,\n authTagLength,\n key\n }: EncryptOptions = options ? Object.assign({}, this.encryption, options) : this.encryption\n\n const secret = key || keys[0]\n\n if (!secret) {\n throw new Error(\"no key found\")\n }\n\n const cipherInfo = KeyStore.cipherInfo[algorithm]\n if (!cipherInfo) {\n throw new Error(\"unsupported cipher\")\n }\n\n const iv = cipherInfo.ivLength ? crypto.randomBytes(cipherInfo.ivLength) : null;\n const dataBuff = typeof data === \"string\" ? Buffer.from(data, 'utf-8') : data\n\n const cipher = crypto.createCipheriv(algorithm as any, secret, iv, {authTagLength})\n\n const text = cipher.update(dataBuff);\n const pad = cipher.final();\n let authTag: Buffer | undefined;\n if (AUTH_TAG_REQUIRED.test(algorithm)) {\n authTag = cipher.getAuthTag();\n }\n\n return Buffer.concat([\n ...iv ? [iv] : [],\n ...authTag ? [authTag] : [],\n text,\n pad\n ]).toString(encoding)\n }\n\n decrypt(data?: null, options?: Partial): null\n decrypt(data: string | Buffer, options?: Partial): string\n decrypt(data?: string | Buffer | null, options?: Partial): string | null {\n if (!data) {\n return null\n }\n\n const finalOptions: DecryptOptions = options ? Object.assign({}, this.encryption, options) : this.encryption\n\n const {\n encoding,\n key,\n keys: defaultKeys,\n algorithm,\n authTagLength,\n } = finalOptions\n\n const keys = key ? [key] : defaultKeys\n if (keys.length === 0) {\n throw new Error(\"keys required for encrypted cookies\")\n }\n\n let {\n iv,\n authTag\n } = finalOptions\n\n let dataBuff = typeof data === \"string\" ? Buffer.from(data, encoding) : data\n\n const cipherInfo = KeyStore.cipherInfo[algorithm]\n if (!cipherInfo) {\n throw new Error(\"unsupported cipher\")\n }\n\n if (typeof iv === \"string\") {\n iv = Buffer.from(iv, encoding)\n }\n\n if (typeof authTag === \"string\") {\n authTag = Buffer.from(authTag, encoding)\n }\n\n if (cipherInfo.ivLength !== undefined) {\n if (!iv) {\n iv = dataBuff.slice(0, cipherInfo.ivLength)\n }\n dataBuff = dataBuff.slice(cipherInfo.ivLength, dataBuff.length)\n }\n\n\n if (AUTH_TAG_REQUIRED.test(algorithm)) {\n if (!authTag) {\n authTag = dataBuff.slice(0, authTagLength)\n }\n dataBuff = dataBuff.slice(authTagLength, dataBuff.length)\n }\n\n for (let i = 0; i < keys.length; i++) {\n const message = KeyStore.doDecrypt(dataBuff, {...finalOptions, key: keys[i], iv, authTag,});\n if (message !== null) return message\n }\n return null\n }\n\n private static doDecrypt(data: Buffer, options: DecryptOptions): string | null {\n const {algorithm, key, iv, authTagLength, authTag} = options\n const decipher = crypto.createDecipheriv(algorithm as any, key!, iv as Buffer || null, {authTagLength});\n\n if (authTag) {\n decipher.setAuthTag(authTag as Buffer)\n }\n\n const plainText = decipher.update(data)\n let final: Buffer\n try {\n final = decipher.final()\n } catch(e:any) {\n // authentication failed\n return null\n }\n return Buffer.concat([plainText, final]).toString('utf-8')\n }\n\n //region: signing\n\n sign(data?: null, key?: string | CipherKey): null\n sign(data: string, key?: string | CipherKey): string\n sign(data?: string | null, key?: string | CipherKey): string | null {\n if (!data) {\n return null\n }\n const {algorithm, encoding, keys} = this.signing\n key = key || keys[0] as CipherKey\n return crypto\n .createHmac(algorithm, key)\n .update(data).digest(encoding)\n .replace(/\\/|\\+|=/g, function (x) {\n return ({\"/\": \"_\", \"+\": \"-\", \"=\": \"\"})[x] as string\n })\n }\n\n verify(data: string, digest: string): boolean {\n return this.indexOf(data, digest) > -1\n }\n\n indexOf(data: string, digest: string): number {\n const {keys} = this.signing\n\n if (keys.length === 0) {\n throw new Error(\"keys required for signed cookies\")\n }\n\n for (let i = 0; i < keys.length; i++) {\n if (compare(digest, this.sign(data, keys[i] as string))) return i\n }\n return -1\n }\n\n //end-region: signing\n\n}\n\n","import http, {IncomingMessage, ServerResponse} from 'http';\nimport {Cookie, CookieAttrs} from './cookie';\nimport {KeyStore} from \"./keystore\";\nimport type {Http2ServerRequest, Http2ServerResponse} from \"http2\";\n\nconst cache: { [key: string]: RegExp } = {} as any;\ntype SignIdentifier = string | ((name: string) => string)\nexport type CookiesOptions = {\n\n /**\n * KeyStore to be used for signing and encrypting\n */\n keyStore?: KeyStore;\n /**\n * a boolean indicating whether the cookie is to be signed (`false` by default). If this is true, another cookie of the same name with the `signIdentifier` will also be sent, with a 27-byte url-safe base64 SHA1 value representing the hash of _cookie-name_=_cookie-value_ against the first [KeyStore](keystore) key. This signature key is used to detect tampering the next time a cookie is received.\n * @default false\n */\n signed?: boolean;\n /**\n * Encrypt cookies by default and assume received cookies are encrypted.\n * @default false\n */\n encrypted?: boolean;\n /**\n * Mark cookies as secure by default.\n * @default `req.protocol`\n */\n secure?: boolean;\n /**\n * If string, provided value will be appended cookie name with dot. For example with given value `mysig`\n * signature cookie name will be `cookiename.mysig`\n *\n * @default `sig`\n */\n signIdentifier?: SignIdentifier\n}\n\nexport type SetCookieOptions = CookiesOptions & CookieAttrs\nexport type GetCookieOptions = CookiesOptions\n\nexport class Cookies {\n\n secure: CookiesOptions[\"secure\"];\n\n encrypted: boolean;\n\n signed: boolean;\n\n keyStore: KeyStore;\n\n signIdentifier?: SignIdentifier\n\n readonly request: IncomingMessage | Http2ServerRequest;\n readonly response: ServerResponse | Http2ServerResponse;\n\n constructor(request: IncomingMessage | Http2ServerRequest, response: ServerResponse | Http2ServerResponse, options: CookiesOptions = {}) {\n this.request = request;\n this.response = response;\n\n this.keyStore = options.keyStore || new KeyStore();\n this.secure = options.secure;\n this.signed = options.signed !== undefined ? options.signed : false;\n this.encrypted = options.encrypted !== undefined ? options.encrypted : false;\n this.signIdentifier = options.signIdentifier || 'sig';\n }\n\n /**\n * This extracts the cookie with the given name from the Set-Cookie header in the request. If such a cookie exists, its value is returned. Otherwise, nothing is returned.\n *\n * `{ signed: true }` can optionally be passed as the second parameter options. In this case, a signature cookie (a cookie of same name ending with the .sig suffix appended) is fetched. If no such cookie exists, nothing is returned.\n *\n * If the signature cookie does exist, the provided KeyStore is used to check whether the hash of cookie-name=cookie-value matches that of any registered key/s:\n *\n * - If the signature cookie hash matches the first key, the original cookie value is returned.\n * - If the signature cookie hash matches any other key, the original cookie value is returned AND an outbound header is set to update the signature cookie's value to the hash of the first key. This enables automatic freshening of signature cookies that have become stale due to key rotation.\n * - If the signature cookie hash does not match any key, nothing is returned, and an outbound header with an expired date is used to delete the cookie.\n *\n * `{ encrypted: true }` can optionally be passed as the second parameter options. In this case, the provided KeyStore will try to decrypt the cookie value with registered key/s.\n *\n * - If the decryption fails nothing is returned, and the cookie stays intact.\n * - If decryption succeeds, decrypted cookie value is returned.\n *\n * If both `signed` and `encrypted` options are provided, signature check will be applied with encrypted value. Than the decryption will be applied.\n * @param name\n * @param opts\n */\n get(name: string, opts?: GetCookieOptions): string | undefined {\n const sigId = opts?.signIdentifier || this.signIdentifier;\n\n const sigName = typeof sigId === 'function' ? sigId.call(null, name)\n : `${name + '.' + sigId}`;\n\n const signed = opts && opts.signed !== undefined ? opts.signed : this.keyStore.signing.keys.length > 0;\n\n const encrypted = opts && opts.encrypted !== undefined ? opts.encrypted : this.encrypted;\n\n const header = this.request.headers['cookie'];\n if (!header) {\n return undefined;\n }\n\n const match = header.match(getPattern(name));\n if (!match) {\n return undefined;\n }\n\n const value = match[1];\n if (!opts || !signed) {\n return encrypted ? this.keyStore.decrypt(value as string) : value;\n }\n\n const remote = this.get(sigName, {encrypted: false, signed: false});\n if (!remote) {\n return undefined;\n }\n\n const data = `${name}=${value}`;\n const index = this.keyStore.indexOf(data, remote);\n\n if (index < 0) {\n this.set(sigName, null, {path: '/', signed: false});\n return undefined\n } else {\n index && this.set(sigName, this.keyStore.sign(data), {signed: false});\n return encrypted ? this.keyStore.decrypt(value as string) : value;\n }\n }\n\n /**\n * This sets the given cookie in the response and returns the current context to allow chaining.\n *\n * @param name Cookie name\n * @param value Cookie value. If this is omitted, an outbound header with an expired date is used to delete the cookie.\n * @param opts Overridden options\n */\n set(name: string, value?: string | null, opts?: SetCookieOptions): Cookies {\n const res = this.response,\n req = this.request,\n secure = this.secure !== undefined ? !!this.secure : (req).protocol === 'https' || (req).connection['encrypted'],\n encrypted = opts && opts.encrypted !== undefined ? opts.encrypted : this.encrypted;\n\n let headers = (res.getHeader('Set-Cookie') || []) as string[];\n\n const cookie = new Cookie(name, encrypted ? this.keyStore.encrypt(value as string): value, opts);\n const signed = opts && opts.signed !== undefined ? opts.signed : this.signed;\n\n /* istanbul ignore next */\n if (typeof headers == 'string') {\n headers = [headers];\n }\n\n if (!secure && opts && opts.secure) {\n throw new Error('Cannot send secure cookie over unencrypted connection');\n }\n\n cookie.secure = opts && opts.secure !== undefined ? opts.secure : secure;\n\n pushCookie(headers, cookie);\n\n if (opts && signed) {\n cookie.value = this.keyStore.sign(cookie.toString());\n\n const sigId = opts.signIdentifier || this.signIdentifier;\n\n if (typeof sigId === 'function') {\n cookie.name = sigId.call(null, cookie.name);\n } else {\n cookie.name = `${cookie.name + '.' + sigId}`;\n }\n pushCookie(headers, cookie);\n }\n\n const setHeader = (res)[\"set\"] ? http.OutgoingMessage.prototype.setHeader : res.setHeader;\n setHeader.call(res, 'Set-Cookie', headers);\n return this;\n }\n\n static middleware = (options?: CookiesOptions) => (req: any, res: any, next: any) => {\n req.cookies = res.cookies = new Cookies(req, res, options);\n next();\n }\n\n static connect = Cookies.middleware\n static express = Cookies.middleware\n static koa = (options?: CookiesOptions) => (ctx: any, next: any) => {\n ctx.cookies\n = ctx.req.cookies\n = ctx.res.cookies\n = ctx.request.cookies\n = ctx.response.cookies = new Cookies(ctx.req, ctx.res, options);\n return next()\n }\n}\n\n\nfunction getPattern(name: string): RegExp {\n if (cache[name]) {\n return cache[name] as RegExp;\n }\n\n return cache[name] = new RegExp(\n `(?:^|;) *${name.replace(/[-[\\]{}()*+?.,\\\\^$|#\\s]/g, '\\\\$&')}=([^;]*)`\n );\n}\n\nfunction pushCookie(headers: string[], cookie: Cookie) {\n if (cookie.overwrite) {\n for (let i = headers.length - 1; i >= 0; i--) {\n if (headers[i]!.indexOf(`${cookie.name}=`) === 0) {\n headers.splice(i, 1);\n }\n }\n }\n\n headers.push(cookie.header);\n}\n"],"names":["crypto","compare","http"],"mappings":";;;;;;;;;;;;;;;;;;;;AAAA;AACA,IAAM,kBAAkB,GAAG,uCAAuC,CAAC;AACnE,IAAM,gBAAgB,GAAG,wBAAwB,CAAC;;IAiDhD,gBAAY,IAAY,EAAE,KAAqB,EAAE,KAAmB;QARpE,SAAI,GAAG,GAAG,CAAC;QACX,aAAQ,GAA6B,KAAK,CAAC;QAC3C,WAAM,GAAG,KAAK,CAAC;QACf,aAAQ,GAAG,IAAI,CAAC;QAChB,cAAS,GAAG,KAAK,CAAC;QAKhB,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;YAClC,MAAM,IAAI,SAAS,CAAC,0BAA0B,CAAC,CAAC;SACjD;QAED,IAAI,KAAK,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE;YAC5C,MAAM,IAAI,SAAS,CAAC,2BAA2B,CAAC,CAAC;SAClD;QAED,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;QACjB,IAAI,CAAC,KAAK,GAAG,KAAK,IAAI,EAAE,CAAC;QAEzB,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,CAAA;QAE1B,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE;YACf,IAAI,CAAC,OAAO,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC;YAC3B,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC;SACpB;QAED,IAAI,IAAI,CAAC,IAAI,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;YACpD,MAAM,IAAI,SAAS,CAAC,wBAAwB,CAAC,CAAC;SAC/C;QAED,IAAI,IAAI,CAAC,MAAM,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE;YACxD,MAAM,IAAI,SAAS,CAAC,0BAA0B,CAAC,CAAC;SACjD;QAED,IAAI,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,QAAQ,KAAK,IAAI,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE;YACpF,MAAM,IAAI,SAAS,CAAC,4BAA4B,CAAC,CAAC;SACnD;KACF;IAED,yBAAQ,GAAR;QACE,OAAU,IAAI,CAAC,IAAI,SAAI,IAAI,CAAC,KAAO,CAAC;KACrC;IAED,sBAAI,0BAAM;aAAV;YACE,IAAI,MAAM,GAAG,IAAI,CAAC,QAAQ,EAAE,CAAC;YAE7B,IAAI,IAAI,CAAC,MAAM,EAAE;gBACf,IAAI,CAAC,OAAO,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC;aACnD;YAED,IAAI,IAAI,CAAC,IAAI,EAAE;gBACb,MAAM,IAAI,YAAU,IAAI,CAAC,IAAM,CAAC;aACjC;YACD,IAAI,IAAI,CAAC,OAAO,EAAE;gBAChB,MAAM,IAAI,eAAa,IAAI,CAAC,OAAO,CAAC,WAAW,EAAI,CAAC;aACrD;YACD,IAAI,IAAI,CAAC,MAAM,EAAE;gBACf,MAAM,IAAI,cAAY,IAAI,CAAC,MAAQ,CAAC;aACrC;YACD,IAAI,IAAI,CAAC,QAAQ,EAAE;gBACjB,MAAM,IAAI,iBAAc,IAAI,CAAC,QAAQ,KAAK,IAAI,GAAG,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAE,CAAC;aAC3F;YACD,IAAI,IAAI,CAAC,MAAM,EAAE;gBACf,MAAM,IAAI,UAAU,CAAC;aACtB;YACD,IAAI,IAAI,CAAC,QAAQ,EAAE;gBACjB,MAAM,IAAI,YAAY,CAAC;aACxB;YAED,OAAO,MAAM,CAAC;SACf;;;OAAA;IAEH,aAAC;AAAD,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;ACpHM,IAAM,WAAW,GAAG;IACzB,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,uBAAuB,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IACxD,yBAAyB,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC1D,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,EAAE,EAAE,EAAE;IACrD,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,EAAE,EAAE,EAAE;IACrD,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,uBAAuB,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IACxD,yBAAyB,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC1D,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,EAAE,EAAE,EAAE;IACrD,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;CACxC;;ACrCV,IAAM,iBAAiB,GAAG,YAAY,CAAA;;IAkCpC,kBAAY,IAAmB;QAC7B,IAAI,GAAG,IAAI,IAAI,EAAE,CAAA;QAEjB,IAAI,CAAC,UAAU,GAAG,MAAM,CAAC,MAAM,CAAC;YAC9B,SAAS,EAAE,aAAa;YACxB,aAAa,EAAE,EAAE;YACjB,QAAQ,EAAE,KAAK;YACf,IAAI,EAAE,EAAE;SACT,EAAE,IAAI,CAAC,UAAU,IAAI,EAAS,CAAC,CAAA;QAEhC,IAAI,CAAC,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC;YAC3B,QAAQ,EAAE,QAAQ;YAClB,SAAS,EAAE,MAAM;YACjB,IAAI,EAAE,EAAE;SACT,EAAE,IAAI,CAAC,OAAO,IAAI,EAAS,CAAC,CAAA;KAE9B;IAID,0BAAO,GAAP,UAAQ,IAA6B,EAAE,OAAiC;QACtE,IAAI,CAAC,IAAI,EAAE;YACT,OAAO,IAAI,CAAA;SACZ;QACK,IAAA,KAMc,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,IAAI,CAAC,UAAU,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC,UAAU,EALzF,IAAI,UAAA,EACJ,SAAS,eAAA,EACT,QAAQ,cAAA,EACR,aAAa,mBAAA,EACb,GAAG,SACsF,CAAA;QAE3F,IAAM,MAAM,GAAG,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,CAAA;QAE7B,IAAI,CAAC,MAAM,EAAE;YACX,MAAM,IAAI,KAAK,CAAC,cAAc,CAAC,CAAA;SAChC;QAED,IAAM,UAAU,GAAG,QAAQ,CAAC,UAAU,CAAC,SAAS,CAAC,CAAA;QACjD,IAAI,CAAC,UAAU,EAAE;YACf,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAA;SACtC;QAED,IAAM,EAAE,GAAG,UAAU,CAAC,QAAQ,GAAGA,0BAAM,CAAC,WAAW,CAAC,UAAU,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC;QAChF,IAAM,QAAQ,GAAG,OAAO,IAAI,KAAK,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,EAAE,OAAO,CAAC,GAAG,IAAI,CAAA;QAE7E,IAAM,MAAM,GAAGA,0BAAM,CAAC,cAAc,CAAC,SAAgB,EAAE,MAAM,EAAE,EAAE,EAAE,EAAC,aAAa,eAAA,EAAC,CAAC,CAAA;QAEnF,IAAM,IAAI,GAAG,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QACrC,IAAM,GAAG,GAAG,MAAM,CAAC,KAAK,EAAE,CAAC;QAC3B,IAAI,OAA2B,CAAC;QAChC,IAAI,iBAAiB,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE;YACrC,OAAO,GAAG,MAAM,CAAC,UAAU,EAAE,CAAC;SAC/B;QAED,OAAO,MAAM,CAAC,MAAM,+CACf,EAAE,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,SACd,OAAO,GAAG,CAAC,OAAO,CAAC,GAAG,EAAE;YAC3B,IAAI;YACJ,GAAG;WACH,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAA;KACtB;IAID,0BAAO,GAAP,UAAQ,IAA6B,EAAE,OAAiC;QACtE,IAAI,CAAC,IAAI,EAAE;YACT,OAAO,IAAI,CAAA;SACZ;QAED,IAAM,YAAY,GAAmB,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,IAAI,CAAC,UAAU,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC,UAAU,CAAA;QAG1G,IAAA,QAAQ,GAKN,YAAY,SALN,EACR,GAAG,GAID,YAAY,IAJX,EACG,WAAW,GAGf,YAAY,KAHG,EACjB,SAAS,GAEP,YAAY,UAFL,EACT,aAAa,GACX,YAAY,cADD,CACC;QAEhB,IAAM,IAAI,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,WAAW,CAAA;QACtC,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE;YACrB,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAA;SACvD;QAGC,IAAA,EAAE,GAEA,YAAY,GAFZ,EACF,OAAO,GACL,YAAY,QADP,CACO;QAEhB,IAAI,QAAQ,GAAG,OAAO,IAAI,KAAK,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,EAAE,QAAQ,CAAC,GAAG,IAAI,CAAA;QAE5E,IAAM,UAAU,GAAG,QAAQ,CAAC,UAAU,CAAC,SAAS,CAAC,CAAA;QACjD,IAAI,CAAC,UAAU,EAAE;YACf,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAA;SACtC;QAED,IAAI,OAAO,EAAE,KAAK,QAAQ,EAAE;YAC1B,EAAE,GAAG,MAAM,CAAC,IAAI,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAA;SAC/B;QAED,IAAI,OAAO,OAAO,KAAK,QAAQ,EAAE;YAC/B,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAA;SACzC;QAED,IAAI,UAAU,CAAC,QAAQ,KAAK,SAAS,EAAE;YACrC,IAAI,CAAC,EAAE,EAAE;gBACP,EAAE,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,UAAU,CAAC,QAAQ,CAAC,CAAA;aAC5C;YACD,QAAQ,GAAG,QAAQ,CAAC,KAAK,CAAC,UAAU,CAAC,QAAQ,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAA;SAChE;QAGD,IAAI,iBAAiB,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE;YACrC,IAAI,CAAC,OAAO,EAAE;gBACZ,OAAO,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,aAAa,CAAC,CAAA;aAC3C;YACD,QAAQ,GAAG,QAAQ,CAAC,KAAK,CAAC,aAAa,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAA;SAC1D;QAED,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;YACpC,IAAM,OAAO,GAAG,QAAQ,CAAC,SAAS,CAAC,QAAQ,wBAAM,YAAY,KAAE,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,IAAA,EAAE,OAAO,SAAA,IAAG,CAAC;YAC5F,IAAI,OAAO,KAAK,IAAI;gBAAE,OAAO,OAAO,CAAA;SACrC;QACD,OAAO,IAAI,CAAA;KACZ;IAEc,kBAAS,GAAxB,UAAyB,IAAY,EAAE,OAAuB;QACrD,IAAA,SAAS,GAAqC,OAAO,UAA5C,EAAE,GAAG,GAAgC,OAAO,IAAvC,EAAE,EAAE,GAA4B,OAAO,GAAnC,EAAE,aAAa,GAAa,OAAO,cAApB,EAAE,OAAO,GAAI,OAAO,QAAX,CAAW;QAC5D,IAAM,QAAQ,GAAGA,0BAAM,CAAC,gBAAgB,CAAC,SAAgB,EAAE,GAAI,EAAE,EAAY,IAAI,IAAI,EAAE,EAAC,aAAa,eAAA,EAAC,CAAC,CAAC;QAExG,IAAI,OAAO,EAAE;YACX,QAAQ,CAAC,UAAU,CAAC,OAAiB,CAAC,CAAA;SACvC;QAED,IAAM,SAAS,GAAG,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,CAAA;QACvC,IAAI,KAAa,CAAA;QACjB,IAAI;YACF,KAAK,GAAG,QAAQ,CAAC,KAAK,EAAE,CAAA;SACzB;QAAC,OAAM,CAAK,EAAE;;YAEb,OAAO,IAAI,CAAA;SACZ;QACD,OAAO,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAA;KAC3D;IAMD,uBAAI,GAAJ,UAAK,IAAoB,EAAE,GAAwB;QACjD,IAAI,CAAC,IAAI,EAAE;YACT,OAAO,IAAI,CAAA;SACZ;QACK,IAAA,KAA8B,IAAI,CAAC,OAAO,EAAzC,SAAS,eAAA,EAAE,QAAQ,cAAA,EAAE,IAAI,UAAgB,CAAA;QAChD,GAAG,GAAG,GAAG,IAAI,IAAI,CAAC,CAAC,CAAc,CAAA;QACjC,OAAOA,0BAAM;aACV,UAAU,CAAC,SAAS,EAAE,GAAG,CAAC;aAC1B,MAAM,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC;aAC7B,OAAO,CAAC,UAAU,EAAE,UAAU,CAAC;YAC9B,OAAO,CAAC,EAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,EAAE,EAAC,EAAE,CAAC,CAAW,CAAA;SACpD,CAAC,CAAA;KACL;IAED,yBAAM,GAAN,UAAO,IAAY,EAAE,MAAc;QACjC,OAAO,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC,GAAG,CAAC,CAAC,CAAA;KACvC;IAED,0BAAO,GAAP,UAAQ,IAAY,EAAE,MAAc;QAC3B,IAAA,IAAI,GAAI,IAAI,CAAC,OAAO,KAAhB,CAAgB;QAE3B,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE;YACrB,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAA;SACpD;QAED,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;YACpC,IAAIC,2BAAO,CAAC,MAAM,EAAE,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC,CAAW,CAAC,CAAC;gBAAE,OAAO,CAAC,CAAA;SAClE;QACD,OAAO,CAAC,CAAC,CAAA;KACV;IAxLM,mBAAU,GAAG,WAGlB,CAAA;IAyLJ,eAAC;CAhMD;;AC1BA,IAAM,KAAK,GAA8B,EAAS,CAAC;;IAkDjD,iBAAY,OAA6C,EAAE,QAA8C,EAAE,OAA4B;QAA5B,wBAAA,EAAA,YAA4B;QACrI,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;QACvB,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;QAEzB,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC,QAAQ,IAAI,IAAI,QAAQ,EAAE,CAAC;QACnD,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;QAC7B,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,KAAK,SAAS,GAAG,OAAO,CAAC,MAAM,GAAG,KAAK,CAAC;QACpE,IAAI,CAAC,SAAS,GAAG,OAAO,CAAC,SAAS,KAAK,SAAS,GAAG,OAAO,CAAC,SAAS,GAAG,KAAK,CAAC;QAC7E,IAAI,CAAC,cAAc,GAAG,OAAO,CAAC,cAAc,IAAI,KAAK,CAAC;KACvD;;;;;;;;;;;;;;;;;;;;;IAsBD,qBAAG,GAAH,UAAI,IAAY,EAAE,IAAuB;QACvC,IAAM,KAAK,GAAG,CAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,cAAc,KAAI,IAAI,CAAC,cAAc,CAAC;QAE1D,IAAM,OAAO,GAAG,OAAO,KAAK,KAAK,UAAU,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC;cAChE,MAAG,IAAI,GAAG,GAAG,GAAG,KAAK,CAAE,CAAC;QAE5B,IAAM,MAAM,GAAG,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,SAAS,GAAG,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC;QAEvG,IAAM,SAAS,GAAG,IAAI,IAAI,IAAI,CAAC,SAAS,KAAK,SAAS,GAAG,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC;QAEzF,IAAM,MAAM,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;QAC9C,IAAI,CAAC,MAAM,EAAE;YACX,OAAO,SAAS,CAAC;SAClB;QAED,IAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC;QAC7C,IAAI,CAAC,KAAK,EAAE;YACV,OAAO,SAAS,CAAC;SAClB;QAED,IAAM,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QACvB,IAAI,CAAC,IAAI,IAAI,CAAC,MAAM,EAAE;YACpB,OAAO,SAAS,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAe,CAAC,GAAG,KAAK,CAAC;SACnE;QAED,IAAM,MAAM,GAAG,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,EAAC,SAAS,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK,EAAC,CAAC,CAAC;QACpE,IAAI,CAAC,MAAM,EAAE;YACX,OAAO,SAAS,CAAC;SAClB;QAED,IAAM,IAAI,GAAM,IAAI,SAAI,KAAO,CAAC;QAChC,IAAM,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;QAElD,IAAI,KAAK,GAAG,CAAC,EAAE;YACb,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,IAAI,EAAE,EAAC,IAAI,EAAE,GAAG,EAAE,MAAM,EAAE,KAAK,EAAC,CAAC,CAAC;YACpD,OAAO,SAAS,CAAA;SACjB;aAAM;YACL,KAAK,IAAI,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,EAAC,MAAM,EAAE,KAAK,EAAC,CAAC,CAAC;YACtE,OAAO,SAAS,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAe,CAAC,GAAG,KAAK,CAAC;SACnE;KACF;;;;;;;;IASD,qBAAG,GAAH,UAAI,IAAY,EAAE,KAAqB,EAAE,IAAuB;QAC9D,IAAM,GAAG,GAAG,IAAI,CAAC,QAAQ,EACvB,GAAG,GAAG,IAAI,CAAC,OAAO,EAClB,MAAM,GAAG,IAAI,CAAC,MAAM,KAAK,SAAS,GAAG,CAAC,CAAC,IAAI,CAAC,MAAM,GAAS,GAAI,CAAC,QAAQ,KAAK,OAAO,IAAU,GAAI,CAAC,UAAU,CAAC,WAAW,CAAC,EAC1H,SAAS,GAAG,IAAI,IAAI,IAAI,CAAC,SAAS,KAAK,SAAS,GAAG,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC;QAErF,IAAI,OAAO,IAAI,GAAG,CAAC,SAAS,CAAC,YAAY,CAAC,IAAI,EAAE,CAAa,CAAC;QAE9D,IAAM,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,EAAE,SAAS,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAe,CAAC,GAAE,KAAK,EAAE,IAAI,CAAC,CAAC;QACjG,IAAM,MAAM,GAAG,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,SAAS,GAAG,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC;;QAG7E,IAAI,OAAO,OAAO,IAAI,QAAQ,EAAE;YAC9B,OAAO,GAAG,CAAC,OAAO,CAAC,CAAC;SACrB;QAED,IAAI,CAAC,MAAM,IAAI,IAAI,IAAI,IAAI,CAAC,MAAM,EAAE;YAClC,MAAM,IAAI,KAAK,CAAC,uDAAuD,CAAC,CAAC;SAC1E;QAED,MAAM,CAAC,MAAM,GAAG,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,SAAS,GAAG,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QAEzE,UAAU,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;QAE5B,IAAI,IAAI,IAAI,MAAM,EAAE;YAClB,MAAM,CAAC,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAC;YAErD,IAAM,KAAK,GAAG,IAAI,CAAC,cAAc,IAAI,IAAI,CAAC,cAAc,CAAC;YAEzD,IAAI,OAAO,KAAK,KAAK,UAAU,EAAE;gBAC/B,MAAM,CAAC,IAAI,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,CAAC;aAC7C;iBAAM;gBACL,MAAM,CAAC,IAAI,GAAG,MAAG,MAAM,CAAC,IAAI,GAAG,GAAG,GAAG,KAAK,CAAE,CAAC;aAC9C;YACD,UAAU,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;SAC7B;QAED,IAAM,SAAS,GAAS,GAAI,CAAC,KAAK,CAAC,GAAGC,wBAAI,CAAC,eAAe,CAAC,SAAS,CAAC,SAAS,GAAG,GAAG,CAAC,SAAS,CAAC;QAC/F,SAAS,CAAC,IAAI,CAAC,GAAG,EAAE,YAAY,EAAE,OAAO,CAAC,CAAC;QAC3C,OAAO,IAAI,CAAC;KACb;IAEM,kBAAU,GAAG,UAAC,OAAwB,IAAK,OAAA,UAAC,GAAQ,EAAE,GAAQ,EAAE,IAAS;QAC9E,GAAG,CAAC,OAAO,GAAG,GAAG,CAAC,OAAO,GAAG,IAAI,OAAO,CAAC,GAAG,EAAE,GAAG,EAAE,OAAO,CAAC,CAAC;QAC3D,IAAI,EAAE,CAAC;KACR,GAAA,CAAA;IAEM,eAAO,GAAG,OAAO,CAAC,UAAU,CAAA;IAC5B,eAAO,GAAG,OAAO,CAAC,UAAU,CAAA;IAC5B,WAAG,GAAG,UAAC,OAAwB,IAAK,OAAA,UAAC,GAAQ,EAAE,IAAS;QAC7D,GAAG,CAAC,OAAO;cACP,GAAG,CAAC,GAAG,CAAC,OAAO;kBACf,GAAG,CAAC,GAAG,CAAC,OAAO;sBACf,GAAG,CAAC,OAAO,CAAC,OAAO;0BACnB,GAAG,CAAC,QAAQ,CAAC,OAAO,GAAG,IAAI,OAAO,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;QAClE,OAAO,IAAI,EAAE,CAAA;KACd,GAAA,CAAA;IACH,cAAC;CAxJD,IAwJC;AAGD,SAAS,UAAU,CAAC,IAAY;IAC9B,IAAI,KAAK,CAAC,IAAI,CAAC,EAAE;QACf,OAAO,KAAK,CAAC,IAAI,CAAW,CAAC;KAC9B;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,GAAG,IAAI,MAAM,CAC7B,cAAY,IAAI,CAAC,OAAO,CAAC,0BAA0B,EAAE,MAAM,CAAC,aAAU,CACvE,CAAC;AACJ,CAAC;AAED,SAAS,UAAU,CAAC,OAAiB,EAAE,MAAc;IACnD,IAAI,MAAM,CAAC,SAAS,EAAE;QACpB,KAAK,IAAI,CAAC,GAAG,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE;YAC5C,IAAI,OAAO,CAAC,CAAC,CAAE,CAAC,OAAO,CAAI,MAAM,CAAC,IAAI,MAAG,CAAC,KAAK,CAAC,EAAE;gBAChD,OAAO,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;aACtB;SACF;KACF;IAED,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;AAC9B;;;;;;"} \ No newline at end of file diff --git a/dist/index.mjs b/dist/index.mjs index f170adf..c7733af 100644 --- a/dist/index.mjs +++ b/dist/index.mjs @@ -1,5 +1,5 @@ /*! - * secure-cookie v0.0.7 + * secure-cookie v0.1.0 * (c) Ismail H. Ayaz * Released under the MIT License. */ @@ -157,22 +157,17 @@ var AUTH_TAG_REQUIRED = /-(gcm|ccm)/; var KeyStore = /** @class */ (function () { function KeyStore(opts) { opts = opts || {}; - if (opts.encryption) { - if (!Array.isArray(opts.encryption.keys) || opts.encryption.keys.length === 0) { - throw new Error("keys are required for encryption"); - } - } - if (opts.signing) { - if (!Array.isArray(opts.signing.keys) || opts.signing.keys.length === 0) { - throw new Error("keys are required for signing"); - } - } this.encryption = Object.assign({ algorithm: 'aes-192-ccm', authTagLength: 16, - encoding: 'hex', keys: [] + encoding: 'hex', + keys: [] }, opts.encryption || {}); - this.signing = Object.assign({ encoding: 'base64', algorithm: 'sha1', keys: [] }, opts.signing || {}); + this.signing = Object.assign({ + encoding: 'base64', + algorithm: 'sha1', + keys: [] + }, opts.signing || {}); } KeyStore.prototype.encrypt = function (data, options) { if (!data) { diff --git a/dist/index.mjs.map b/dist/index.mjs.map index 99fccdf..1f80f92 100644 --- a/dist/index.mjs.map +++ b/dist/index.mjs.map @@ -1 +1 @@ -{"version":3,"file":"index.mjs","sources":["../src/cookie.ts","../src/ciphers.ts","../src/keystore.ts","../src/cookies.ts"],"sourcesContent":["// eslint-disable-next-line no-control-regex\nconst fieldContentRegExp = /^[\\u0009\\u0020-\\u007e\\u0080-\\u00ff]+$/;\nconst SAME_SITE_REGEXP = /^(?:lax|none|strict)$/i;\n\nexport interface CookieAttrs {\n /**\n * a `Date` object indicating the cookie's expiration date (expires at the end of session by default).\n */\n expires?: Date;\n /**\n * a number representing the milliseconds from `Date.now()` for expiry\n */\n maxAge?: number | null;\n /**\n * a boolean or string indicating whether the cookie is a \"same site\" cookie (`false` by default). This can be set to `'strict'`, `'lax'`, `'none'`, or `true` (which maps to `'strict'`).\n */\n sameSite?: 'lax' | 'none' | 'strict' | boolean;\n /**\n * a string indicating the path of the cookie (`/` by default).\n */\n path?: string;\n /**\n * a string indicating the domain of the cookie (no default).\n */\n domain?: string;\n /**\n * a boolean indicating whether the cookie is only to be sent over HTTPS (`false` by default for HTTP, `true` by default for HTTPS).\n */\n secure?: boolean;\n /**\n * a boolean indicating whether the cookie is only to be sent over HTTP(S), and not made available to client JavaScript (`true` by default).\n */\n httpOnly?: boolean;\n /**\n * a boolean indicating whether to overwrite previously set cookies of the same name (`false` by default). If this is true, all cookies set during the same request with the same name (regardless of path or domain) are filtered out of the Set-Cookie header when setting this cookie.\n */\n overwrite?: boolean;\n}\n\nexport class Cookie implements CookieAttrs {\n name: string;\n value: string;\n domain?: string;\n path = '/';\n sameSite?: CookieAttrs['sameSite'] = false;\n secure = false;\n httpOnly = true;\n overwrite = false;\n expires?: Date;\n maxAge?: number | null;\n\n constructor(name: string, value?: string | null, attrs?: CookieAttrs) {\n if (!fieldContentRegExp.test(name)) {\n throw new TypeError('argument name is invalid');\n }\n\n if (value && !fieldContentRegExp.test(value)) {\n throw new TypeError('argument value is invalid');\n }\n\n this.name = name;\n this.value = value || '';\n\n Object.assign(this, attrs)\n\n if (!this.value) {\n this.expires = new Date(0);\n this.maxAge = null;\n }\n\n if (this.path && !fieldContentRegExp.test(this.path)) {\n throw new TypeError('option path is invalid');\n }\n\n if (this.domain && !fieldContentRegExp.test(this.domain)) {\n throw new TypeError('option domain is invalid');\n }\n\n if (this.sameSite && this.sameSite !== true && !SAME_SITE_REGEXP.test(this.sameSite)) {\n throw new TypeError('option sameSite is invalid');\n }\n }\n\n toString() {\n return `${this.name}=${this.value}`;\n }\n\n get header() {\n let header = this.toString();\n\n if (this.maxAge) {\n this.expires = new Date(Date.now() + this.maxAge);\n }\n\n if (this.path) {\n header += `; path=${this.path}`;\n }\n if (this.expires) {\n header += `; expires=${this.expires.toUTCString()}`;\n }\n if (this.domain) {\n header += `; domain=${this.domain}`;\n }\n if (this.sameSite) {\n header += `; samesite=${this.sameSite === true ? 'strict' : this.sameSite.toLowerCase()}`;\n }\n if (this.secure) {\n header += '; secure';\n }\n if (this.httpOnly) {\n header += '; httponly';\n }\n\n return header;\n }\n\n}\n","export const CIPHER_INFO = {\n 'aes-128-cbc': { ivLength: 16, keyLength: 16 },\n 'aes-128-cbc-hmac-sha1': { ivLength: 16, keyLength: 16 },\n 'aes-128-cbc-hmac-sha256': { ivLength: 16, keyLength: 16 },\n 'aes-128-cfb': { ivLength: 16, keyLength: 16 },\n 'aes-128-cfb1': { ivLength: 16, keyLength: 16 },\n 'aes-128-cfb8': { ivLength: 16, keyLength: 16 },\n 'aes-128-ctr': { ivLength: 16, keyLength: 16 },\n 'aes-128-ecb': { ivLength: undefined, keyLength: 16 },\n 'aes-128-ocb': { ivLength: 12, keyLength: 16 },\n 'aes-128-ofb': { ivLength: 16, keyLength: 16 },\n 'aes-128-xts': { ivLength: 16, keyLength: 32 },\n 'aes-192-cbc': { ivLength: 16, keyLength: 24 },\n 'aes-192-cfb': { ivLength: 16, keyLength: 24 },\n 'aes-192-cfb1': { ivLength: 16, keyLength: 24 },\n 'aes-192-cfb8': { ivLength: 16, keyLength: 24 },\n 'aes-192-ctr': { ivLength: 16, keyLength: 24 },\n 'aes-192-ecb': { ivLength: undefined, keyLength: 24 },\n 'aes-192-ocb': { ivLength: 12, keyLength: 24 },\n 'aes-192-ofb': { ivLength: 16, keyLength: 24 },\n 'aes-256-cbc': { ivLength: 16, keyLength: 32 },\n 'aes-256-cbc-hmac-sha1': { ivLength: 16, keyLength: 32 },\n 'aes-256-cbc-hmac-sha256': { ivLength: 16, keyLength: 32 },\n 'aes-256-cfb': { ivLength: 16, keyLength: 32 },\n 'aes-256-cfb1': { ivLength: 16, keyLength: 32 },\n 'aes-256-cfb8': { ivLength: 16, keyLength: 32 },\n 'aes-256-ctr': { ivLength: 16, keyLength: 32 },\n 'aes-256-ecb': { ivLength: undefined, keyLength: 32 },\n 'aes-256-ocb': { ivLength: 12, keyLength: 32 },\n 'aes-256-ofb': { ivLength: 16, keyLength: 32 },\n 'aes-256-xts': { ivLength: 16, keyLength: 64 },\n 'aes-128-ccm': { ivLength: 12, keyLength: 16 },\n 'aes-128-gcm': { ivLength: 12, keyLength: 16 },\n 'aes-192-ccm': { ivLength: 12, keyLength: 24 },\n 'aes-192-gcm': { ivLength: 12, keyLength: 24 },\n 'aes-256-ccm': { ivLength: 12, keyLength: 32 },\n 'aes-256-gcm': { ivLength: 12, keyLength: 32 },\n 'id-aes128-ccm': { ivLength: 12, keyLength: 16 },\n 'id-aes128-gcm': { ivLength: 12, keyLength: 16 },\n 'id-aes192-ccm': { ivLength: 12, keyLength: 24 },\n 'id-aes192-gcm': { ivLength: 12, keyLength: 24 },\n 'id-aes256-ccm': { ivLength: 12, keyLength: 32 },\n 'id-aes256-gcm': { ivLength: 12, keyLength: 32 },\n} as const\n","/* eslint-disable @typescript-eslint/ban-ts-comment */\nimport compare from 'tsscmp'\n\nimport crypto, {BinaryToTextEncoding, CipherKey, Encoding} from \"crypto\";\nimport {CIPHER_INFO} from \"./ciphers\";\n\nconst AUTH_TAG_REQUIRED = /-(gcm|ccm)/\n\nexport interface KeyStoreOpts {\n signing?: {\n keys: string[],\n algorithm?: string | 'blake2b512' | 'blake2s256' | 'gost' | 'md4' | 'md5' | 'rmd160' | 'sha1' | 'sha224'\n | 'sha256' | 'sha3-224' | 'sha3-256' | 'sha3-384' | 'sha3-512' | 'sha384' | 'sha512' | 'sha512-224'\n | 'sha512-256' | 'shake128' | 'shake256' | 'sm3';\n encoding?: BinaryToTextEncoding\n },\n encryption?: {\n keys: string[] | CipherKey[],\n algorithm?: keyof typeof CIPHER_INFO | string,\n encoding?: Encoding\n authTagLength?: number\n }\n}\n\nexport type EncryptOptions = Required & { key?: string | undefined }\nexport type DecryptOptions = Required & {\n key?: string | CipherKey | undefined,\n iv?: string | Buffer | undefined,\n authTag?: string | Buffer | undefined\n}\n\nexport class KeyStore {\n encryption: Required>;\n signing: Required>;\n\n static cipherInfo = CIPHER_INFO as Record\n\n constructor(opts?: KeyStoreOpts) {\n opts = opts || {}\n if (opts.encryption) {\n if (!Array.isArray(opts.encryption.keys) || opts.encryption.keys.length === 0) {\n throw new Error(\"keys are required for encryption\")\n }\n }\n if (opts.signing) {\n if (!Array.isArray(opts.signing.keys) || opts.signing.keys.length === 0) {\n throw new Error(\"keys are required for signing\")\n }\n }\n this.encryption = Object.assign({\n algorithm: 'aes-192-ccm',\n authTagLength: 16,\n encoding: 'hex', keys: []\n }, opts.encryption || {} as any)\n\n this.signing = Object.assign({encoding: 'base64', algorithm: 'sha1', keys: []}, opts.signing || {} as any)\n\n }\n\n encrypt(data?: null, options?: Partial): null\n encrypt(data: string | Buffer, options?: Partial): string\n encrypt(data?: string | Buffer | null, options?: Partial): string | null {\n if (!data) {\n return null\n }\n const {\n keys,\n algorithm,\n encoding,\n authTagLength,\n key\n }: EncryptOptions = options ? Object.assign({}, this.encryption, options) : this.encryption\n\n const secret = key || keys[0]\n\n if (!secret) {\n throw new Error(\"no key found\")\n }\n\n const cipherInfo = KeyStore.cipherInfo[algorithm]\n if (!cipherInfo) {\n throw new Error(\"unsupported cipher\")\n }\n\n const iv = cipherInfo.ivLength ? crypto.randomBytes(cipherInfo.ivLength) : null;\n const dataBuff = typeof data === \"string\" ? Buffer.from(data, 'utf-8') : data\n\n const cipher = crypto.createCipheriv(algorithm as any, secret, iv, {authTagLength})\n\n const text = cipher.update(dataBuff);\n const pad = cipher.final();\n let authTag: Buffer | undefined;\n if (AUTH_TAG_REQUIRED.test(algorithm)) {\n authTag = cipher.getAuthTag();\n }\n\n return Buffer.concat([\n ...iv ? [iv] : [],\n ...authTag ? [authTag] : [],\n text,\n pad\n ]).toString(encoding)\n }\n\n decrypt(data?: null, options?: Partial): null\n decrypt(data: string | Buffer, options?: Partial): string\n decrypt(data?: string | Buffer | null, options?: Partial): string | null {\n if (!data) {\n return null\n }\n\n const finalOptions: DecryptOptions = options ? Object.assign({}, this.encryption, options) : this.encryption\n\n const {\n encoding,\n key,\n keys: defaultKeys,\n algorithm,\n authTagLength,\n } = finalOptions\n\n const keys = key ? [key] : defaultKeys\n if (keys.length === 0) {\n throw new Error(\"keys required for encrypted cookies\")\n }\n\n let {\n iv,\n authTag\n } = finalOptions\n\n let dataBuff = typeof data === \"string\" ? Buffer.from(data, encoding) : data\n\n const cipherInfo = KeyStore.cipherInfo[algorithm]\n if (!cipherInfo) {\n throw new Error(\"unsupported cipher\")\n }\n\n if (typeof iv === \"string\") {\n iv = Buffer.from(iv, encoding)\n }\n\n if (typeof authTag === \"string\") {\n authTag = Buffer.from(authTag, encoding)\n }\n\n if (cipherInfo.ivLength !== undefined) {\n if (!iv) {\n iv = dataBuff.slice(0, cipherInfo.ivLength)\n }\n dataBuff = dataBuff.slice(cipherInfo.ivLength, dataBuff.length)\n }\n\n\n if (AUTH_TAG_REQUIRED.test(algorithm)) {\n if (!authTag) {\n authTag = dataBuff.slice(0, authTagLength)\n }\n dataBuff = dataBuff.slice(authTagLength, dataBuff.length)\n }\n\n for (let i = 0; i < keys.length; i++) {\n const message = KeyStore.doDecrypt(dataBuff, {...finalOptions, key: keys[i], iv, authTag,});\n if (message !== null) return message\n }\n return null\n }\n\n private static doDecrypt(data: Buffer, options: DecryptOptions): string | null {\n const {algorithm, key, iv, authTagLength, authTag} = options\n const decipher = crypto.createDecipheriv(algorithm as any, key!, iv as Buffer || null, {authTagLength});\n\n if (authTag) {\n decipher.setAuthTag(authTag as Buffer)\n }\n\n const plainText = decipher.update(data)\n let final: Buffer\n try {\n final = decipher.final()\n } catch(e:any) {\n // authentication failed\n return null\n }\n return Buffer.concat([plainText, final]).toString('utf-8')\n }\n\n //region: signing\n\n sign(data?: null, key?: string | CipherKey): null\n sign(data: string, key?: string | CipherKey): string\n sign(data?: string | null, key?: string | CipherKey): string | null {\n if (!data) {\n return null\n }\n const {algorithm, encoding, keys} = this.signing\n key = key || keys[0] as CipherKey\n return crypto\n .createHmac(algorithm, key)\n .update(data).digest(encoding)\n .replace(/\\/|\\+|=/g, function (x) {\n return ({\"/\": \"_\", \"+\": \"-\", \"=\": \"\"})[x] as string\n })\n }\n\n verify(data: string, digest: string): boolean {\n return this.indexOf(data, digest) > -1\n }\n\n indexOf(data: string, digest: string): number {\n const {keys} = this.signing\n\n if (keys.length === 0) {\n throw new Error(\"keys required for signed cookies\")\n }\n\n for (let i = 0; i < keys.length; i++) {\n if (compare(digest, this.sign(data, keys[i] as string))) return i\n }\n return -1\n }\n\n //end-region: signing\n\n}\n\n","import http, {IncomingMessage, ServerResponse} from 'http';\nimport {Cookie, CookieAttrs} from './cookie';\nimport {KeyStore} from \"./keystore\";\nimport type {Http2ServerRequest, Http2ServerResponse} from \"http2\";\n\nconst cache: { [key: string]: RegExp } = {} as any;\ntype SignIdentifier = string | ((name: string) => string)\nexport type CookiesOptions = {\n\n /**\n * KeyStore to be used for signing and encrypting\n */\n keyStore?: KeyStore;\n /**\n * a boolean indicating whether the cookie is to be signed (`false` by default). If this is true, another cookie of the same name with the `signIdentifier` will also be sent, with a 27-byte url-safe base64 SHA1 value representing the hash of _cookie-name_=_cookie-value_ against the first [KeyStore](keystore) key. This signature key is used to detect tampering the next time a cookie is received.\n * @default false\n */\n signed?: boolean;\n /**\n * Encrypt cookies by default and assume received cookies are encrypted.\n * @default false\n */\n encrypted?: boolean;\n /**\n * Mark cookies as secure by default.\n * @default `req.protocol`\n */\n secure?: boolean;\n /**\n * If string, provided value will be appended cookie name with dot. For example with given value `mysig`\n * signature cookie name will be `cookiename.mysig`\n *\n * @default `sig`\n */\n signIdentifier?: SignIdentifier\n}\n\nexport type SetCookieOptions = CookiesOptions & CookieAttrs\nexport type GetCookieOptions = CookiesOptions\n\nexport class Cookies {\n\n secure: CookiesOptions[\"secure\"];\n\n encrypted: boolean;\n\n signed: boolean;\n\n keyStore: KeyStore;\n\n signIdentifier?: SignIdentifier\n\n readonly request: IncomingMessage | Http2ServerRequest;\n readonly response: ServerResponse | Http2ServerResponse;\n\n constructor(request: IncomingMessage | Http2ServerRequest, response: ServerResponse | Http2ServerResponse, options: CookiesOptions = {}) {\n this.request = request;\n this.response = response;\n\n this.keyStore = options.keyStore || new KeyStore();\n this.secure = options.secure;\n this.signed = options.signed !== undefined ? options.signed : false;\n this.encrypted = options.encrypted !== undefined ? options.encrypted : false;\n this.signIdentifier = options.signIdentifier || 'sig';\n }\n\n /**\n * This extracts the cookie with the given name from the Set-Cookie header in the request. If such a cookie exists, its value is returned. Otherwise, nothing is returned.\n *\n * `{ signed: true }` can optionally be passed as the second parameter options. In this case, a signature cookie (a cookie of same name ending with the .sig suffix appended) is fetched. If no such cookie exists, nothing is returned.\n *\n * If the signature cookie does exist, the provided KeyStore is used to check whether the hash of cookie-name=cookie-value matches that of any registered key/s:\n *\n * - If the signature cookie hash matches the first key, the original cookie value is returned.\n * - If the signature cookie hash matches any other key, the original cookie value is returned AND an outbound header is set to update the signature cookie's value to the hash of the first key. This enables automatic freshening of signature cookies that have become stale due to key rotation.\n * - If the signature cookie hash does not match any key, nothing is returned, and an outbound header with an expired date is used to delete the cookie.\n *\n * `{ encrypted: true }` can optionally be passed as the second parameter options. In this case, the provided KeyStore will try to decrypt the cookie value with registered key/s.\n *\n * - If the decryption fails nothing is returned, and the cookie stays intact.\n * - If decryption succeeds, decrypted cookie value is returned.\n *\n * If both `signed` and `encrypted` options are provided, signature check will be applied with encrypted value. Than the decryption will be applied.\n * @param name\n * @param opts\n */\n get(name: string, opts?: GetCookieOptions): string | undefined {\n const sigId = opts?.signIdentifier || this.signIdentifier;\n\n const sigName = typeof sigId === 'function' ? sigId.call(null, name)\n : `${name + '.' + sigId}`;\n\n const signed = opts && opts.signed !== undefined ? opts.signed : this.keyStore.signing.keys.length > 0;\n\n const encrypted = opts && opts.encrypted !== undefined ? opts.encrypted : this.encrypted;\n\n const header = this.request.headers['cookie'];\n if (!header) {\n return undefined;\n }\n\n const match = header.match(getPattern(name));\n if (!match) {\n return undefined;\n }\n\n const value = match[1];\n if (!opts || !signed) {\n return encrypted ? this.keyStore.decrypt(value as string) : value;\n }\n\n const remote = this.get(sigName, {encrypted: false, signed: false});\n if (!remote) {\n return undefined;\n }\n\n const data = `${name}=${value}`;\n const index = this.keyStore.indexOf(data, remote);\n\n if (index < 0) {\n this.set(sigName, null, {path: '/', signed: false});\n return undefined\n } else {\n index && this.set(sigName, this.keyStore.sign(data), {signed: false});\n return encrypted ? this.keyStore.decrypt(value as string) : value;\n }\n }\n\n /**\n * This sets the given cookie in the response and returns the current context to allow chaining.\n *\n * @param name Cookie name\n * @param value Cookie value. If this is omitted, an outbound header with an expired date is used to delete the cookie.\n * @param opts Overridden options\n */\n set(name: string, value?: string | null, opts?: SetCookieOptions): Cookies {\n const res = this.response,\n req = this.request,\n secure = this.secure !== undefined ? !!this.secure : (req).protocol === 'https' || (req).connection['encrypted'],\n encrypted = opts && opts.encrypted !== undefined ? opts.encrypted : this.encrypted;\n\n let headers = (res.getHeader('Set-Cookie') || []) as string[];\n\n const cookie = new Cookie(name, encrypted ? this.keyStore.encrypt(value as string): value, opts);\n const signed = opts && opts.signed !== undefined ? opts.signed : this.signed;\n\n /* istanbul ignore next */\n if (typeof headers == 'string') {\n headers = [headers];\n }\n\n if (!secure && opts && opts.secure) {\n throw new Error('Cannot send secure cookie over unencrypted connection');\n }\n\n cookie.secure = opts && opts.secure !== undefined ? opts.secure : secure;\n\n pushCookie(headers, cookie);\n\n if (opts && signed) {\n cookie.value = this.keyStore.sign(cookie.toString());\n\n const sigId = opts.signIdentifier || this.signIdentifier;\n\n if (typeof sigId === 'function') {\n cookie.name = sigId.call(null, cookie.name);\n } else {\n cookie.name = `${cookie.name + '.' + sigId}`;\n }\n pushCookie(headers, cookie);\n }\n\n const setHeader = (res)[\"set\"] ? http.OutgoingMessage.prototype.setHeader : res.setHeader;\n setHeader.call(res, 'Set-Cookie', headers);\n return this;\n }\n\n static middleware = (options?: CookiesOptions) => (req: any, res: any, next: any) => {\n req.cookies = res.cookies = new Cookies(req, res, options);\n next();\n }\n\n static connect = Cookies.middleware\n static express = Cookies.middleware\n static koa = (options?: CookiesOptions) => (ctx: any, next: any) => {\n ctx.cookies\n = ctx.req.cookies\n = ctx.res.cookies\n = ctx.request.cookies\n = ctx.response.cookies = new Cookies(ctx.req, ctx.res, options);\n return next()\n }\n}\n\n\nfunction getPattern(name: string): RegExp {\n if (cache[name]) {\n return cache[name] as RegExp;\n }\n\n return cache[name] = new RegExp(\n `(?:^|;) *${name.replace(/[-[\\]{}()*+?.,\\\\^$|#\\s]/g, '\\\\$&')}=([^;]*)`\n );\n}\n\nfunction pushCookie(headers: string[], cookie: Cookie) {\n if (cookie.overwrite) {\n for (let i = headers.length - 1; i >= 0; i--) {\n if (headers[i]!.indexOf(`${cookie.name}=`) === 0) {\n headers.splice(i, 1);\n }\n }\n }\n\n headers.push(cookie.header);\n}\n"],"names":[],"mappings":";;;;;;;;;;AAAA;AACA,IAAM,kBAAkB,GAAG,uCAAuC,CAAC;AACnE,IAAM,gBAAgB,GAAG,wBAAwB,CAAC;;IAiDhD,gBAAY,IAAY,EAAE,KAAqB,EAAE,KAAmB;QARpE,SAAI,GAAG,GAAG,CAAC;QACX,aAAQ,GAA6B,KAAK,CAAC;QAC3C,WAAM,GAAG,KAAK,CAAC;QACf,aAAQ,GAAG,IAAI,CAAC;QAChB,cAAS,GAAG,KAAK,CAAC;QAKhB,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;YAClC,MAAM,IAAI,SAAS,CAAC,0BAA0B,CAAC,CAAC;SACjD;QAED,IAAI,KAAK,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE;YAC5C,MAAM,IAAI,SAAS,CAAC,2BAA2B,CAAC,CAAC;SAClD;QAED,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;QACjB,IAAI,CAAC,KAAK,GAAG,KAAK,IAAI,EAAE,CAAC;QAEzB,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,CAAA;QAE1B,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE;YACf,IAAI,CAAC,OAAO,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC;YAC3B,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC;SACpB;QAED,IAAI,IAAI,CAAC,IAAI,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;YACpD,MAAM,IAAI,SAAS,CAAC,wBAAwB,CAAC,CAAC;SAC/C;QAED,IAAI,IAAI,CAAC,MAAM,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE;YACxD,MAAM,IAAI,SAAS,CAAC,0BAA0B,CAAC,CAAC;SACjD;QAED,IAAI,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,QAAQ,KAAK,IAAI,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE;YACpF,MAAM,IAAI,SAAS,CAAC,4BAA4B,CAAC,CAAC;SACnD;KACF;IAED,yBAAQ,GAAR;QACE,OAAU,IAAI,CAAC,IAAI,SAAI,IAAI,CAAC,KAAO,CAAC;KACrC;IAED,sBAAI,0BAAM;aAAV;YACE,IAAI,MAAM,GAAG,IAAI,CAAC,QAAQ,EAAE,CAAC;YAE7B,IAAI,IAAI,CAAC,MAAM,EAAE;gBACf,IAAI,CAAC,OAAO,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC;aACnD;YAED,IAAI,IAAI,CAAC,IAAI,EAAE;gBACb,MAAM,IAAI,YAAU,IAAI,CAAC,IAAM,CAAC;aACjC;YACD,IAAI,IAAI,CAAC,OAAO,EAAE;gBAChB,MAAM,IAAI,eAAa,IAAI,CAAC,OAAO,CAAC,WAAW,EAAI,CAAC;aACrD;YACD,IAAI,IAAI,CAAC,MAAM,EAAE;gBACf,MAAM,IAAI,cAAY,IAAI,CAAC,MAAQ,CAAC;aACrC;YACD,IAAI,IAAI,CAAC,QAAQ,EAAE;gBACjB,MAAM,IAAI,iBAAc,IAAI,CAAC,QAAQ,KAAK,IAAI,GAAG,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAE,CAAC;aAC3F;YACD,IAAI,IAAI,CAAC,MAAM,EAAE;gBACf,MAAM,IAAI,UAAU,CAAC;aACtB;YACD,IAAI,IAAI,CAAC,QAAQ,EAAE;gBACjB,MAAM,IAAI,YAAY,CAAC;aACxB;YAED,OAAO,MAAM,CAAC;SACf;;;OAAA;IAEH,aAAC;AAAD,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;ACpHM,IAAM,WAAW,GAAG;IACzB,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,uBAAuB,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IACxD,yBAAyB,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC1D,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,EAAE,EAAE,EAAE;IACrD,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,EAAE,EAAE,EAAE;IACrD,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,uBAAuB,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IACxD,yBAAyB,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC1D,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,EAAE,EAAE,EAAE;IACrD,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;CACxC;;ACrCV,IAAM,iBAAiB,GAAG,YAAY,CAAA;;IAkCpC,kBAAY,IAAmB;QAC7B,IAAI,GAAG,IAAI,IAAI,EAAE,CAAA;QACjB,IAAI,IAAI,CAAC,UAAU,EAAE;YACnB,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE;gBAC7E,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAA;aACpD;SACF;QACD,IAAI,IAAI,CAAC,OAAO,EAAE;YAChB,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE;gBACvE,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAA;aACjD;SACF;QACD,IAAI,CAAC,UAAU,GAAG,MAAM,CAAC,MAAM,CAAC;YAC9B,SAAS,EAAE,aAAa;YACxB,aAAa,EAAE,EAAE;YACjB,QAAQ,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE;SAC1B,EAAE,IAAI,CAAC,UAAU,IAAI,EAAS,CAAC,CAAA;QAEhC,IAAI,CAAC,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,EAAC,QAAQ,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,EAAE,IAAI,EAAE,EAAE,EAAC,EAAE,IAAI,CAAC,OAAO,IAAI,EAAS,CAAC,CAAA;KAE3G;IAID,0BAAO,GAAP,UAAQ,IAA6B,EAAE,OAAiC;QACtE,IAAI,CAAC,IAAI,EAAE;YACT,OAAO,IAAI,CAAA;SACZ;QACK,IAAA,KAMc,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,IAAI,CAAC,UAAU,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC,UAAU,EALzF,IAAI,UAAA,EACJ,SAAS,eAAA,EACT,QAAQ,cAAA,EACR,aAAa,mBAAA,EACb,GAAG,SACsF,CAAA;QAE3F,IAAM,MAAM,GAAG,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,CAAA;QAE7B,IAAI,CAAC,MAAM,EAAE;YACX,MAAM,IAAI,KAAK,CAAC,cAAc,CAAC,CAAA;SAChC;QAED,IAAM,UAAU,GAAG,QAAQ,CAAC,UAAU,CAAC,SAAS,CAAC,CAAA;QACjD,IAAI,CAAC,UAAU,EAAE;YACf,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAA;SACtC;QAED,IAAM,EAAE,GAAG,UAAU,CAAC,QAAQ,GAAG,MAAM,CAAC,WAAW,CAAC,UAAU,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC;QAChF,IAAM,QAAQ,GAAG,OAAO,IAAI,KAAK,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,EAAE,OAAO,CAAC,GAAG,IAAI,CAAA;QAE7E,IAAM,MAAM,GAAG,MAAM,CAAC,cAAc,CAAC,SAAgB,EAAE,MAAM,EAAE,EAAE,EAAE,EAAC,aAAa,eAAA,EAAC,CAAC,CAAA;QAEnF,IAAM,IAAI,GAAG,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QACrC,IAAM,GAAG,GAAG,MAAM,CAAC,KAAK,EAAE,CAAC;QAC3B,IAAI,OAA2B,CAAC;QAChC,IAAI,iBAAiB,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE;YACrC,OAAO,GAAG,MAAM,CAAC,UAAU,EAAE,CAAC;SAC/B;QAED,OAAO,MAAM,CAAC,MAAM,+CACf,EAAE,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,SACd,OAAO,GAAG,CAAC,OAAO,CAAC,GAAG,EAAE;YAC3B,IAAI;YACJ,GAAG;WACH,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAA;KACtB;IAID,0BAAO,GAAP,UAAQ,IAA6B,EAAE,OAAiC;QACtE,IAAI,CAAC,IAAI,EAAE;YACT,OAAO,IAAI,CAAA;SACZ;QAED,IAAM,YAAY,GAAmB,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,IAAI,CAAC,UAAU,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC,UAAU,CAAA;QAG1G,IAAA,QAAQ,GAKN,YAAY,SALN,EACR,GAAG,GAID,YAAY,IAJX,EACG,WAAW,GAGf,YAAY,KAHG,EACjB,SAAS,GAEP,YAAY,UAFL,EACT,aAAa,GACX,YAAY,cADD,CACC;QAEhB,IAAM,IAAI,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,WAAW,CAAA;QACtC,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE;YACrB,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAA;SACvD;QAGC,IAAA,EAAE,GAEA,YAAY,GAFZ,EACF,OAAO,GACL,YAAY,QADP,CACO;QAEhB,IAAI,QAAQ,GAAG,OAAO,IAAI,KAAK,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,EAAE,QAAQ,CAAC,GAAG,IAAI,CAAA;QAE5E,IAAM,UAAU,GAAG,QAAQ,CAAC,UAAU,CAAC,SAAS,CAAC,CAAA;QACjD,IAAI,CAAC,UAAU,EAAE;YACf,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAA;SACtC;QAED,IAAI,OAAO,EAAE,KAAK,QAAQ,EAAE;YAC1B,EAAE,GAAG,MAAM,CAAC,IAAI,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAA;SAC/B;QAED,IAAI,OAAO,OAAO,KAAK,QAAQ,EAAE;YAC/B,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAA;SACzC;QAED,IAAI,UAAU,CAAC,QAAQ,KAAK,SAAS,EAAE;YACrC,IAAI,CAAC,EAAE,EAAE;gBACP,EAAE,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,UAAU,CAAC,QAAQ,CAAC,CAAA;aAC5C;YACD,QAAQ,GAAG,QAAQ,CAAC,KAAK,CAAC,UAAU,CAAC,QAAQ,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAA;SAChE;QAGD,IAAI,iBAAiB,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE;YACrC,IAAI,CAAC,OAAO,EAAE;gBACZ,OAAO,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,aAAa,CAAC,CAAA;aAC3C;YACD,QAAQ,GAAG,QAAQ,CAAC,KAAK,CAAC,aAAa,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAA;SAC1D;QAED,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;YACpC,IAAM,OAAO,GAAG,QAAQ,CAAC,SAAS,CAAC,QAAQ,wBAAM,YAAY,KAAE,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,IAAA,EAAE,OAAO,SAAA,IAAG,CAAC;YAC5F,IAAI,OAAO,KAAK,IAAI;gBAAE,OAAO,OAAO,CAAA;SACrC;QACD,OAAO,IAAI,CAAA;KACZ;IAEc,kBAAS,GAAxB,UAAyB,IAAY,EAAE,OAAuB;QACrD,IAAA,SAAS,GAAqC,OAAO,UAA5C,EAAE,GAAG,GAAgC,OAAO,IAAvC,EAAE,EAAE,GAA4B,OAAO,GAAnC,EAAE,aAAa,GAAa,OAAO,cAApB,EAAE,OAAO,GAAI,OAAO,QAAX,CAAW;QAC5D,IAAM,QAAQ,GAAG,MAAM,CAAC,gBAAgB,CAAC,SAAgB,EAAE,GAAI,EAAE,EAAY,IAAI,IAAI,EAAE,EAAC,aAAa,eAAA,EAAC,CAAC,CAAC;QAExG,IAAI,OAAO,EAAE;YACX,QAAQ,CAAC,UAAU,CAAC,OAAiB,CAAC,CAAA;SACvC;QAED,IAAM,SAAS,GAAG,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,CAAA;QACvC,IAAI,KAAa,CAAA;QACjB,IAAI;YACF,KAAK,GAAG,QAAQ,CAAC,KAAK,EAAE,CAAA;SACzB;QAAC,OAAM,CAAK,EAAE;;YAEb,OAAO,IAAI,CAAA;SACZ;QACD,OAAO,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAA;KAC3D;IAMD,uBAAI,GAAJ,UAAK,IAAoB,EAAE,GAAwB;QACjD,IAAI,CAAC,IAAI,EAAE;YACT,OAAO,IAAI,CAAA;SACZ;QACK,IAAA,KAA8B,IAAI,CAAC,OAAO,EAAzC,SAAS,eAAA,EAAE,QAAQ,cAAA,EAAE,IAAI,UAAgB,CAAA;QAChD,GAAG,GAAG,GAAG,IAAI,IAAI,CAAC,CAAC,CAAc,CAAA;QACjC,OAAO,MAAM;aACV,UAAU,CAAC,SAAS,EAAE,GAAG,CAAC;aAC1B,MAAM,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC;aAC7B,OAAO,CAAC,UAAU,EAAE,UAAU,CAAC;YAC9B,OAAO,CAAC,EAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,EAAE,EAAC,EAAE,CAAC,CAAW,CAAA;SACpD,CAAC,CAAA;KACL;IAED,yBAAM,GAAN,UAAO,IAAY,EAAE,MAAc;QACjC,OAAO,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC,GAAG,CAAC,CAAC,CAAA;KACvC;IAED,0BAAO,GAAP,UAAQ,IAAY,EAAE,MAAc;QAC3B,IAAA,IAAI,GAAI,IAAI,CAAC,OAAO,KAAhB,CAAgB;QAE3B,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE;YACrB,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAA;SACpD;QAED,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;YACpC,IAAI,OAAO,CAAC,MAAM,EAAE,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC,CAAW,CAAC,CAAC;gBAAE,OAAO,CAAC,CAAA;SAClE;QACD,OAAO,CAAC,CAAC,CAAA;KACV;IA5LM,mBAAU,GAAG,WAGlB,CAAA;IA6LJ,eAAC;CApMD;;AC1BA,IAAM,KAAK,GAA8B,EAAS,CAAC;;IAkDjD,iBAAY,OAA6C,EAAE,QAA8C,EAAE,OAA4B;QAA5B,wBAAA,EAAA,YAA4B;QACrI,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;QACvB,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;QAEzB,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC,QAAQ,IAAI,IAAI,QAAQ,EAAE,CAAC;QACnD,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;QAC7B,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,KAAK,SAAS,GAAG,OAAO,CAAC,MAAM,GAAG,KAAK,CAAC;QACpE,IAAI,CAAC,SAAS,GAAG,OAAO,CAAC,SAAS,KAAK,SAAS,GAAG,OAAO,CAAC,SAAS,GAAG,KAAK,CAAC;QAC7E,IAAI,CAAC,cAAc,GAAG,OAAO,CAAC,cAAc,IAAI,KAAK,CAAC;KACvD;;;;;;;;;;;;;;;;;;;;;IAsBD,qBAAG,GAAH,UAAI,IAAY,EAAE,IAAuB;QACvC,IAAM,KAAK,GAAG,CAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,cAAc,KAAI,IAAI,CAAC,cAAc,CAAC;QAE1D,IAAM,OAAO,GAAG,OAAO,KAAK,KAAK,UAAU,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC;cAChE,MAAG,IAAI,GAAG,GAAG,GAAG,KAAK,CAAE,CAAC;QAE5B,IAAM,MAAM,GAAG,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,SAAS,GAAG,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC;QAEvG,IAAM,SAAS,GAAG,IAAI,IAAI,IAAI,CAAC,SAAS,KAAK,SAAS,GAAG,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC;QAEzF,IAAM,MAAM,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;QAC9C,IAAI,CAAC,MAAM,EAAE;YACX,OAAO,SAAS,CAAC;SAClB;QAED,IAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC;QAC7C,IAAI,CAAC,KAAK,EAAE;YACV,OAAO,SAAS,CAAC;SAClB;QAED,IAAM,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QACvB,IAAI,CAAC,IAAI,IAAI,CAAC,MAAM,EAAE;YACpB,OAAO,SAAS,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAe,CAAC,GAAG,KAAK,CAAC;SACnE;QAED,IAAM,MAAM,GAAG,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,EAAC,SAAS,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK,EAAC,CAAC,CAAC;QACpE,IAAI,CAAC,MAAM,EAAE;YACX,OAAO,SAAS,CAAC;SAClB;QAED,IAAM,IAAI,GAAM,IAAI,SAAI,KAAO,CAAC;QAChC,IAAM,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;QAElD,IAAI,KAAK,GAAG,CAAC,EAAE;YACb,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,IAAI,EAAE,EAAC,IAAI,EAAE,GAAG,EAAE,MAAM,EAAE,KAAK,EAAC,CAAC,CAAC;YACpD,OAAO,SAAS,CAAA;SACjB;aAAM;YACL,KAAK,IAAI,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,EAAC,MAAM,EAAE,KAAK,EAAC,CAAC,CAAC;YACtE,OAAO,SAAS,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAe,CAAC,GAAG,KAAK,CAAC;SACnE;KACF;;;;;;;;IASD,qBAAG,GAAH,UAAI,IAAY,EAAE,KAAqB,EAAE,IAAuB;QAC9D,IAAM,GAAG,GAAG,IAAI,CAAC,QAAQ,EACvB,GAAG,GAAG,IAAI,CAAC,OAAO,EAClB,MAAM,GAAG,IAAI,CAAC,MAAM,KAAK,SAAS,GAAG,CAAC,CAAC,IAAI,CAAC,MAAM,GAAS,GAAI,CAAC,QAAQ,KAAK,OAAO,IAAU,GAAI,CAAC,UAAU,CAAC,WAAW,CAAC,EAC1H,SAAS,GAAG,IAAI,IAAI,IAAI,CAAC,SAAS,KAAK,SAAS,GAAG,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC;QAErF,IAAI,OAAO,IAAI,GAAG,CAAC,SAAS,CAAC,YAAY,CAAC,IAAI,EAAE,CAAa,CAAC;QAE9D,IAAM,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,EAAE,SAAS,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAe,CAAC,GAAE,KAAK,EAAE,IAAI,CAAC,CAAC;QACjG,IAAM,MAAM,GAAG,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,SAAS,GAAG,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC;;QAG7E,IAAI,OAAO,OAAO,IAAI,QAAQ,EAAE;YAC9B,OAAO,GAAG,CAAC,OAAO,CAAC,CAAC;SACrB;QAED,IAAI,CAAC,MAAM,IAAI,IAAI,IAAI,IAAI,CAAC,MAAM,EAAE;YAClC,MAAM,IAAI,KAAK,CAAC,uDAAuD,CAAC,CAAC;SAC1E;QAED,MAAM,CAAC,MAAM,GAAG,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,SAAS,GAAG,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QAEzE,UAAU,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;QAE5B,IAAI,IAAI,IAAI,MAAM,EAAE;YAClB,MAAM,CAAC,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAC;YAErD,IAAM,KAAK,GAAG,IAAI,CAAC,cAAc,IAAI,IAAI,CAAC,cAAc,CAAC;YAEzD,IAAI,OAAO,KAAK,KAAK,UAAU,EAAE;gBAC/B,MAAM,CAAC,IAAI,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,CAAC;aAC7C;iBAAM;gBACL,MAAM,CAAC,IAAI,GAAG,MAAG,MAAM,CAAC,IAAI,GAAG,GAAG,GAAG,KAAK,CAAE,CAAC;aAC9C;YACD,UAAU,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;SAC7B;QAED,IAAM,SAAS,GAAS,GAAI,CAAC,KAAK,CAAC,GAAG,IAAI,CAAC,eAAe,CAAC,SAAS,CAAC,SAAS,GAAG,GAAG,CAAC,SAAS,CAAC;QAC/F,SAAS,CAAC,IAAI,CAAC,GAAG,EAAE,YAAY,EAAE,OAAO,CAAC,CAAC;QAC3C,OAAO,IAAI,CAAC;KACb;IAEM,kBAAU,GAAG,UAAC,OAAwB,IAAK,OAAA,UAAC,GAAQ,EAAE,GAAQ,EAAE,IAAS;QAC9E,GAAG,CAAC,OAAO,GAAG,GAAG,CAAC,OAAO,GAAG,IAAI,OAAO,CAAC,GAAG,EAAE,GAAG,EAAE,OAAO,CAAC,CAAC;QAC3D,IAAI,EAAE,CAAC;KACR,GAAA,CAAA;IAEM,eAAO,GAAG,OAAO,CAAC,UAAU,CAAA;IAC5B,eAAO,GAAG,OAAO,CAAC,UAAU,CAAA;IAC5B,WAAG,GAAG,UAAC,OAAwB,IAAK,OAAA,UAAC,GAAQ,EAAE,IAAS;QAC7D,GAAG,CAAC,OAAO;cACP,GAAG,CAAC,GAAG,CAAC,OAAO;kBACf,GAAG,CAAC,GAAG,CAAC,OAAO;sBACf,GAAG,CAAC,OAAO,CAAC,OAAO;0BACnB,GAAG,CAAC,QAAQ,CAAC,OAAO,GAAG,IAAI,OAAO,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;QAClE,OAAO,IAAI,EAAE,CAAA;KACd,GAAA,CAAA;IACH,cAAC;CAxJD,IAwJC;AAGD,SAAS,UAAU,CAAC,IAAY;IAC9B,IAAI,KAAK,CAAC,IAAI,CAAC,EAAE;QACf,OAAO,KAAK,CAAC,IAAI,CAAW,CAAC;KAC9B;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,GAAG,IAAI,MAAM,CAC7B,cAAY,IAAI,CAAC,OAAO,CAAC,0BAA0B,EAAE,MAAM,CAAC,aAAU,CACvE,CAAC;AACJ,CAAC;AAED,SAAS,UAAU,CAAC,OAAiB,EAAE,MAAc;IACnD,IAAI,MAAM,CAAC,SAAS,EAAE;QACpB,KAAK,IAAI,CAAC,GAAG,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE;YAC5C,IAAI,OAAO,CAAC,CAAC,CAAE,CAAC,OAAO,CAAI,MAAM,CAAC,IAAI,MAAG,CAAC,KAAK,CAAC,EAAE;gBAChD,OAAO,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;aACtB;SACF;KACF;IAED,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;AAC9B;;;;"} \ No newline at end of file +{"version":3,"file":"index.mjs","sources":["../src/cookie.ts","../src/ciphers.ts","../src/keystore.ts","../src/cookies.ts"],"sourcesContent":["// eslint-disable-next-line no-control-regex\nconst fieldContentRegExp = /^[\\u0009\\u0020-\\u007e\\u0080-\\u00ff]+$/;\nconst SAME_SITE_REGEXP = /^(?:lax|none|strict)$/i;\n\nexport interface CookieAttrs {\n /**\n * a `Date` object indicating the cookie's expiration date (expires at the end of session by default).\n */\n expires?: Date;\n /**\n * a number representing the milliseconds from `Date.now()` for expiry\n */\n maxAge?: number | null;\n /**\n * a boolean or string indicating whether the cookie is a \"same site\" cookie (`false` by default). This can be set to `'strict'`, `'lax'`, `'none'`, or `true` (which maps to `'strict'`).\n */\n sameSite?: 'lax' | 'none' | 'strict' | boolean;\n /**\n * a string indicating the path of the cookie (`/` by default).\n */\n path?: string;\n /**\n * a string indicating the domain of the cookie (no default).\n */\n domain?: string;\n /**\n * a boolean indicating whether the cookie is only to be sent over HTTPS (`false` by default for HTTP, `true` by default for HTTPS).\n */\n secure?: boolean;\n /**\n * a boolean indicating whether the cookie is only to be sent over HTTP(S), and not made available to client JavaScript (`true` by default).\n */\n httpOnly?: boolean;\n /**\n * a boolean indicating whether to overwrite previously set cookies of the same name (`false` by default). If this is true, all cookies set during the same request with the same name (regardless of path or domain) are filtered out of the Set-Cookie header when setting this cookie.\n */\n overwrite?: boolean;\n}\n\nexport class Cookie implements CookieAttrs {\n name: string;\n value: string;\n domain?: string;\n path = '/';\n sameSite?: CookieAttrs['sameSite'] = false;\n secure = false;\n httpOnly = true;\n overwrite = false;\n expires?: Date;\n maxAge?: number | null;\n\n constructor(name: string, value?: string | null, attrs?: CookieAttrs) {\n if (!fieldContentRegExp.test(name)) {\n throw new TypeError('argument name is invalid');\n }\n\n if (value && !fieldContentRegExp.test(value)) {\n throw new TypeError('argument value is invalid');\n }\n\n this.name = name;\n this.value = value || '';\n\n Object.assign(this, attrs)\n\n if (!this.value) {\n this.expires = new Date(0);\n this.maxAge = null;\n }\n\n if (this.path && !fieldContentRegExp.test(this.path)) {\n throw new TypeError('option path is invalid');\n }\n\n if (this.domain && !fieldContentRegExp.test(this.domain)) {\n throw new TypeError('option domain is invalid');\n }\n\n if (this.sameSite && this.sameSite !== true && !SAME_SITE_REGEXP.test(this.sameSite)) {\n throw new TypeError('option sameSite is invalid');\n }\n }\n\n toString() {\n return `${this.name}=${this.value}`;\n }\n\n get header() {\n let header = this.toString();\n\n if (this.maxAge) {\n this.expires = new Date(Date.now() + this.maxAge);\n }\n\n if (this.path) {\n header += `; path=${this.path}`;\n }\n if (this.expires) {\n header += `; expires=${this.expires.toUTCString()}`;\n }\n if (this.domain) {\n header += `; domain=${this.domain}`;\n }\n if (this.sameSite) {\n header += `; samesite=${this.sameSite === true ? 'strict' : this.sameSite.toLowerCase()}`;\n }\n if (this.secure) {\n header += '; secure';\n }\n if (this.httpOnly) {\n header += '; httponly';\n }\n\n return header;\n }\n\n}\n","export const CIPHER_INFO = {\n 'aes-128-cbc': { ivLength: 16, keyLength: 16 },\n 'aes-128-cbc-hmac-sha1': { ivLength: 16, keyLength: 16 },\n 'aes-128-cbc-hmac-sha256': { ivLength: 16, keyLength: 16 },\n 'aes-128-cfb': { ivLength: 16, keyLength: 16 },\n 'aes-128-cfb1': { ivLength: 16, keyLength: 16 },\n 'aes-128-cfb8': { ivLength: 16, keyLength: 16 },\n 'aes-128-ctr': { ivLength: 16, keyLength: 16 },\n 'aes-128-ecb': { ivLength: undefined, keyLength: 16 },\n 'aes-128-ocb': { ivLength: 12, keyLength: 16 },\n 'aes-128-ofb': { ivLength: 16, keyLength: 16 },\n 'aes-128-xts': { ivLength: 16, keyLength: 32 },\n 'aes-192-cbc': { ivLength: 16, keyLength: 24 },\n 'aes-192-cfb': { ivLength: 16, keyLength: 24 },\n 'aes-192-cfb1': { ivLength: 16, keyLength: 24 },\n 'aes-192-cfb8': { ivLength: 16, keyLength: 24 },\n 'aes-192-ctr': { ivLength: 16, keyLength: 24 },\n 'aes-192-ecb': { ivLength: undefined, keyLength: 24 },\n 'aes-192-ocb': { ivLength: 12, keyLength: 24 },\n 'aes-192-ofb': { ivLength: 16, keyLength: 24 },\n 'aes-256-cbc': { ivLength: 16, keyLength: 32 },\n 'aes-256-cbc-hmac-sha1': { ivLength: 16, keyLength: 32 },\n 'aes-256-cbc-hmac-sha256': { ivLength: 16, keyLength: 32 },\n 'aes-256-cfb': { ivLength: 16, keyLength: 32 },\n 'aes-256-cfb1': { ivLength: 16, keyLength: 32 },\n 'aes-256-cfb8': { ivLength: 16, keyLength: 32 },\n 'aes-256-ctr': { ivLength: 16, keyLength: 32 },\n 'aes-256-ecb': { ivLength: undefined, keyLength: 32 },\n 'aes-256-ocb': { ivLength: 12, keyLength: 32 },\n 'aes-256-ofb': { ivLength: 16, keyLength: 32 },\n 'aes-256-xts': { ivLength: 16, keyLength: 64 },\n 'aes-128-ccm': { ivLength: 12, keyLength: 16 },\n 'aes-128-gcm': { ivLength: 12, keyLength: 16 },\n 'aes-192-ccm': { ivLength: 12, keyLength: 24 },\n 'aes-192-gcm': { ivLength: 12, keyLength: 24 },\n 'aes-256-ccm': { ivLength: 12, keyLength: 32 },\n 'aes-256-gcm': { ivLength: 12, keyLength: 32 },\n 'id-aes128-ccm': { ivLength: 12, keyLength: 16 },\n 'id-aes128-gcm': { ivLength: 12, keyLength: 16 },\n 'id-aes192-ccm': { ivLength: 12, keyLength: 24 },\n 'id-aes192-gcm': { ivLength: 12, keyLength: 24 },\n 'id-aes256-ccm': { ivLength: 12, keyLength: 32 },\n 'id-aes256-gcm': { ivLength: 12, keyLength: 32 },\n} as const\n","/* eslint-disable @typescript-eslint/ban-ts-comment */\nimport compare from 'tsscmp'\n\nimport crypto, {BinaryToTextEncoding, CipherKey, Encoding} from \"crypto\";\nimport {CIPHER_INFO} from \"./ciphers\";\n\nconst AUTH_TAG_REQUIRED = /-(gcm|ccm)/\n\nexport interface KeyStoreOpts {\n signing?: {\n keys: string[],\n algorithm?: string | 'blake2b512' | 'blake2s256' | 'gost' | 'md4' | 'md5' | 'rmd160' | 'sha1' | 'sha224'\n | 'sha256' | 'sha3-224' | 'sha3-256' | 'sha3-384' | 'sha3-512' | 'sha384' | 'sha512' | 'sha512-224'\n | 'sha512-256' | 'shake128' | 'shake256' | 'sm3';\n encoding?: BinaryToTextEncoding\n },\n encryption?: {\n keys: string[] | CipherKey[],\n algorithm?: keyof typeof CIPHER_INFO | string,\n encoding?: Encoding\n authTagLength?: number\n }\n}\n\nexport type EncryptOptions = Required & { key?: string | undefined }\nexport type DecryptOptions = Required & {\n key?: string | CipherKey | undefined,\n iv?: string | Buffer | undefined,\n authTag?: string | Buffer | undefined\n}\n\nexport class KeyStore {\n encryption: Required>;\n signing: Required>;\n\n static cipherInfo = CIPHER_INFO as Record\n\n constructor(opts?: KeyStoreOpts) {\n opts = opts || {}\n\n this.encryption = Object.assign({\n algorithm: 'aes-192-ccm',\n authTagLength: 16,\n encoding: 'hex',\n keys: []\n }, opts.encryption || {} as any)\n\n this.signing = Object.assign({\n encoding: 'base64',\n algorithm: 'sha1',\n keys: []\n }, opts.signing || {} as any)\n\n }\n\n encrypt(data?: null, options?: Partial): null\n encrypt(data: string | Buffer, options?: Partial): string\n encrypt(data?: string | Buffer | null, options?: Partial): string | null {\n if (!data) {\n return null\n }\n const {\n keys,\n algorithm,\n encoding,\n authTagLength,\n key\n }: EncryptOptions = options ? Object.assign({}, this.encryption, options) : this.encryption\n\n const secret = key || keys[0]\n\n if (!secret) {\n throw new Error(\"no key found\")\n }\n\n const cipherInfo = KeyStore.cipherInfo[algorithm]\n if (!cipherInfo) {\n throw new Error(\"unsupported cipher\")\n }\n\n const iv = cipherInfo.ivLength ? crypto.randomBytes(cipherInfo.ivLength) : null;\n const dataBuff = typeof data === \"string\" ? Buffer.from(data, 'utf-8') : data\n\n const cipher = crypto.createCipheriv(algorithm as any, secret, iv, {authTagLength})\n\n const text = cipher.update(dataBuff);\n const pad = cipher.final();\n let authTag: Buffer | undefined;\n if (AUTH_TAG_REQUIRED.test(algorithm)) {\n authTag = cipher.getAuthTag();\n }\n\n return Buffer.concat([\n ...iv ? [iv] : [],\n ...authTag ? [authTag] : [],\n text,\n pad\n ]).toString(encoding)\n }\n\n decrypt(data?: null, options?: Partial): null\n decrypt(data: string | Buffer, options?: Partial): string\n decrypt(data?: string | Buffer | null, options?: Partial): string | null {\n if (!data) {\n return null\n }\n\n const finalOptions: DecryptOptions = options ? Object.assign({}, this.encryption, options) : this.encryption\n\n const {\n encoding,\n key,\n keys: defaultKeys,\n algorithm,\n authTagLength,\n } = finalOptions\n\n const keys = key ? [key] : defaultKeys\n if (keys.length === 0) {\n throw new Error(\"keys required for encrypted cookies\")\n }\n\n let {\n iv,\n authTag\n } = finalOptions\n\n let dataBuff = typeof data === \"string\" ? Buffer.from(data, encoding) : data\n\n const cipherInfo = KeyStore.cipherInfo[algorithm]\n if (!cipherInfo) {\n throw new Error(\"unsupported cipher\")\n }\n\n if (typeof iv === \"string\") {\n iv = Buffer.from(iv, encoding)\n }\n\n if (typeof authTag === \"string\") {\n authTag = Buffer.from(authTag, encoding)\n }\n\n if (cipherInfo.ivLength !== undefined) {\n if (!iv) {\n iv = dataBuff.slice(0, cipherInfo.ivLength)\n }\n dataBuff = dataBuff.slice(cipherInfo.ivLength, dataBuff.length)\n }\n\n\n if (AUTH_TAG_REQUIRED.test(algorithm)) {\n if (!authTag) {\n authTag = dataBuff.slice(0, authTagLength)\n }\n dataBuff = dataBuff.slice(authTagLength, dataBuff.length)\n }\n\n for (let i = 0; i < keys.length; i++) {\n const message = KeyStore.doDecrypt(dataBuff, {...finalOptions, key: keys[i], iv, authTag,});\n if (message !== null) return message\n }\n return null\n }\n\n private static doDecrypt(data: Buffer, options: DecryptOptions): string | null {\n const {algorithm, key, iv, authTagLength, authTag} = options\n const decipher = crypto.createDecipheriv(algorithm as any, key!, iv as Buffer || null, {authTagLength});\n\n if (authTag) {\n decipher.setAuthTag(authTag as Buffer)\n }\n\n const plainText = decipher.update(data)\n let final: Buffer\n try {\n final = decipher.final()\n } catch(e:any) {\n // authentication failed\n return null\n }\n return Buffer.concat([plainText, final]).toString('utf-8')\n }\n\n //region: signing\n\n sign(data?: null, key?: string | CipherKey): null\n sign(data: string, key?: string | CipherKey): string\n sign(data?: string | null, key?: string | CipherKey): string | null {\n if (!data) {\n return null\n }\n const {algorithm, encoding, keys} = this.signing\n key = key || keys[0] as CipherKey\n return crypto\n .createHmac(algorithm, key)\n .update(data).digest(encoding)\n .replace(/\\/|\\+|=/g, function (x) {\n return ({\"/\": \"_\", \"+\": \"-\", \"=\": \"\"})[x] as string\n })\n }\n\n verify(data: string, digest: string): boolean {\n return this.indexOf(data, digest) > -1\n }\n\n indexOf(data: string, digest: string): number {\n const {keys} = this.signing\n\n if (keys.length === 0) {\n throw new Error(\"keys required for signed cookies\")\n }\n\n for (let i = 0; i < keys.length; i++) {\n if (compare(digest, this.sign(data, keys[i] as string))) return i\n }\n return -1\n }\n\n //end-region: signing\n\n}\n\n","import http, {IncomingMessage, ServerResponse} from 'http';\nimport {Cookie, CookieAttrs} from './cookie';\nimport {KeyStore} from \"./keystore\";\nimport type {Http2ServerRequest, Http2ServerResponse} from \"http2\";\n\nconst cache: { [key: string]: RegExp } = {} as any;\ntype SignIdentifier = string | ((name: string) => string)\nexport type CookiesOptions = {\n\n /**\n * KeyStore to be used for signing and encrypting\n */\n keyStore?: KeyStore;\n /**\n * a boolean indicating whether the cookie is to be signed (`false` by default). If this is true, another cookie of the same name with the `signIdentifier` will also be sent, with a 27-byte url-safe base64 SHA1 value representing the hash of _cookie-name_=_cookie-value_ against the first [KeyStore](keystore) key. This signature key is used to detect tampering the next time a cookie is received.\n * @default false\n */\n signed?: boolean;\n /**\n * Encrypt cookies by default and assume received cookies are encrypted.\n * @default false\n */\n encrypted?: boolean;\n /**\n * Mark cookies as secure by default.\n * @default `req.protocol`\n */\n secure?: boolean;\n /**\n * If string, provided value will be appended cookie name with dot. For example with given value `mysig`\n * signature cookie name will be `cookiename.mysig`\n *\n * @default `sig`\n */\n signIdentifier?: SignIdentifier\n}\n\nexport type SetCookieOptions = CookiesOptions & CookieAttrs\nexport type GetCookieOptions = CookiesOptions\n\nexport class Cookies {\n\n secure: CookiesOptions[\"secure\"];\n\n encrypted: boolean;\n\n signed: boolean;\n\n keyStore: KeyStore;\n\n signIdentifier?: SignIdentifier\n\n readonly request: IncomingMessage | Http2ServerRequest;\n readonly response: ServerResponse | Http2ServerResponse;\n\n constructor(request: IncomingMessage | Http2ServerRequest, response: ServerResponse | Http2ServerResponse, options: CookiesOptions = {}) {\n this.request = request;\n this.response = response;\n\n this.keyStore = options.keyStore || new KeyStore();\n this.secure = options.secure;\n this.signed = options.signed !== undefined ? options.signed : false;\n this.encrypted = options.encrypted !== undefined ? options.encrypted : false;\n this.signIdentifier = options.signIdentifier || 'sig';\n }\n\n /**\n * This extracts the cookie with the given name from the Set-Cookie header in the request. If such a cookie exists, its value is returned. Otherwise, nothing is returned.\n *\n * `{ signed: true }` can optionally be passed as the second parameter options. In this case, a signature cookie (a cookie of same name ending with the .sig suffix appended) is fetched. If no such cookie exists, nothing is returned.\n *\n * If the signature cookie does exist, the provided KeyStore is used to check whether the hash of cookie-name=cookie-value matches that of any registered key/s:\n *\n * - If the signature cookie hash matches the first key, the original cookie value is returned.\n * - If the signature cookie hash matches any other key, the original cookie value is returned AND an outbound header is set to update the signature cookie's value to the hash of the first key. This enables automatic freshening of signature cookies that have become stale due to key rotation.\n * - If the signature cookie hash does not match any key, nothing is returned, and an outbound header with an expired date is used to delete the cookie.\n *\n * `{ encrypted: true }` can optionally be passed as the second parameter options. In this case, the provided KeyStore will try to decrypt the cookie value with registered key/s.\n *\n * - If the decryption fails nothing is returned, and the cookie stays intact.\n * - If decryption succeeds, decrypted cookie value is returned.\n *\n * If both `signed` and `encrypted` options are provided, signature check will be applied with encrypted value. Than the decryption will be applied.\n * @param name\n * @param opts\n */\n get(name: string, opts?: GetCookieOptions): string | undefined {\n const sigId = opts?.signIdentifier || this.signIdentifier;\n\n const sigName = typeof sigId === 'function' ? sigId.call(null, name)\n : `${name + '.' + sigId}`;\n\n const signed = opts && opts.signed !== undefined ? opts.signed : this.keyStore.signing.keys.length > 0;\n\n const encrypted = opts && opts.encrypted !== undefined ? opts.encrypted : this.encrypted;\n\n const header = this.request.headers['cookie'];\n if (!header) {\n return undefined;\n }\n\n const match = header.match(getPattern(name));\n if (!match) {\n return undefined;\n }\n\n const value = match[1];\n if (!opts || !signed) {\n return encrypted ? this.keyStore.decrypt(value as string) : value;\n }\n\n const remote = this.get(sigName, {encrypted: false, signed: false});\n if (!remote) {\n return undefined;\n }\n\n const data = `${name}=${value}`;\n const index = this.keyStore.indexOf(data, remote);\n\n if (index < 0) {\n this.set(sigName, null, {path: '/', signed: false});\n return undefined\n } else {\n index && this.set(sigName, this.keyStore.sign(data), {signed: false});\n return encrypted ? this.keyStore.decrypt(value as string) : value;\n }\n }\n\n /**\n * This sets the given cookie in the response and returns the current context to allow chaining.\n *\n * @param name Cookie name\n * @param value Cookie value. If this is omitted, an outbound header with an expired date is used to delete the cookie.\n * @param opts Overridden options\n */\n set(name: string, value?: string | null, opts?: SetCookieOptions): Cookies {\n const res = this.response,\n req = this.request,\n secure = this.secure !== undefined ? !!this.secure : (req).protocol === 'https' || (req).connection['encrypted'],\n encrypted = opts && opts.encrypted !== undefined ? opts.encrypted : this.encrypted;\n\n let headers = (res.getHeader('Set-Cookie') || []) as string[];\n\n const cookie = new Cookie(name, encrypted ? this.keyStore.encrypt(value as string): value, opts);\n const signed = opts && opts.signed !== undefined ? opts.signed : this.signed;\n\n /* istanbul ignore next */\n if (typeof headers == 'string') {\n headers = [headers];\n }\n\n if (!secure && opts && opts.secure) {\n throw new Error('Cannot send secure cookie over unencrypted connection');\n }\n\n cookie.secure = opts && opts.secure !== undefined ? opts.secure : secure;\n\n pushCookie(headers, cookie);\n\n if (opts && signed) {\n cookie.value = this.keyStore.sign(cookie.toString());\n\n const sigId = opts.signIdentifier || this.signIdentifier;\n\n if (typeof sigId === 'function') {\n cookie.name = sigId.call(null, cookie.name);\n } else {\n cookie.name = `${cookie.name + '.' + sigId}`;\n }\n pushCookie(headers, cookie);\n }\n\n const setHeader = (res)[\"set\"] ? http.OutgoingMessage.prototype.setHeader : res.setHeader;\n setHeader.call(res, 'Set-Cookie', headers);\n return this;\n }\n\n static middleware = (options?: CookiesOptions) => (req: any, res: any, next: any) => {\n req.cookies = res.cookies = new Cookies(req, res, options);\n next();\n }\n\n static connect = Cookies.middleware\n static express = Cookies.middleware\n static koa = (options?: CookiesOptions) => (ctx: any, next: any) => {\n ctx.cookies\n = ctx.req.cookies\n = ctx.res.cookies\n = ctx.request.cookies\n = ctx.response.cookies = new Cookies(ctx.req, ctx.res, options);\n return next()\n }\n}\n\n\nfunction getPattern(name: string): RegExp {\n if (cache[name]) {\n return cache[name] as RegExp;\n }\n\n return cache[name] = new RegExp(\n `(?:^|;) *${name.replace(/[-[\\]{}()*+?.,\\\\^$|#\\s]/g, '\\\\$&')}=([^;]*)`\n );\n}\n\nfunction pushCookie(headers: string[], cookie: Cookie) {\n if (cookie.overwrite) {\n for (let i = headers.length - 1; i >= 0; i--) {\n if (headers[i]!.indexOf(`${cookie.name}=`) === 0) {\n headers.splice(i, 1);\n }\n }\n }\n\n headers.push(cookie.header);\n}\n"],"names":[],"mappings":";;;;;;;;;;AAAA;AACA,IAAM,kBAAkB,GAAG,uCAAuC,CAAC;AACnE,IAAM,gBAAgB,GAAG,wBAAwB,CAAC;;IAiDhD,gBAAY,IAAY,EAAE,KAAqB,EAAE,KAAmB;QARpE,SAAI,GAAG,GAAG,CAAC;QACX,aAAQ,GAA6B,KAAK,CAAC;QAC3C,WAAM,GAAG,KAAK,CAAC;QACf,aAAQ,GAAG,IAAI,CAAC;QAChB,cAAS,GAAG,KAAK,CAAC;QAKhB,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;YAClC,MAAM,IAAI,SAAS,CAAC,0BAA0B,CAAC,CAAC;SACjD;QAED,IAAI,KAAK,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE;YAC5C,MAAM,IAAI,SAAS,CAAC,2BAA2B,CAAC,CAAC;SAClD;QAED,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;QACjB,IAAI,CAAC,KAAK,GAAG,KAAK,IAAI,EAAE,CAAC;QAEzB,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,CAAA;QAE1B,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE;YACf,IAAI,CAAC,OAAO,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC;YAC3B,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC;SACpB;QAED,IAAI,IAAI,CAAC,IAAI,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;YACpD,MAAM,IAAI,SAAS,CAAC,wBAAwB,CAAC,CAAC;SAC/C;QAED,IAAI,IAAI,CAAC,MAAM,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE;YACxD,MAAM,IAAI,SAAS,CAAC,0BAA0B,CAAC,CAAC;SACjD;QAED,IAAI,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,QAAQ,KAAK,IAAI,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE;YACpF,MAAM,IAAI,SAAS,CAAC,4BAA4B,CAAC,CAAC;SACnD;KACF;IAED,yBAAQ,GAAR;QACE,OAAU,IAAI,CAAC,IAAI,SAAI,IAAI,CAAC,KAAO,CAAC;KACrC;IAED,sBAAI,0BAAM;aAAV;YACE,IAAI,MAAM,GAAG,IAAI,CAAC,QAAQ,EAAE,CAAC;YAE7B,IAAI,IAAI,CAAC,MAAM,EAAE;gBACf,IAAI,CAAC,OAAO,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC;aACnD;YAED,IAAI,IAAI,CAAC,IAAI,EAAE;gBACb,MAAM,IAAI,YAAU,IAAI,CAAC,IAAM,CAAC;aACjC;YACD,IAAI,IAAI,CAAC,OAAO,EAAE;gBAChB,MAAM,IAAI,eAAa,IAAI,CAAC,OAAO,CAAC,WAAW,EAAI,CAAC;aACrD;YACD,IAAI,IAAI,CAAC,MAAM,EAAE;gBACf,MAAM,IAAI,cAAY,IAAI,CAAC,MAAQ,CAAC;aACrC;YACD,IAAI,IAAI,CAAC,QAAQ,EAAE;gBACjB,MAAM,IAAI,iBAAc,IAAI,CAAC,QAAQ,KAAK,IAAI,GAAG,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAE,CAAC;aAC3F;YACD,IAAI,IAAI,CAAC,MAAM,EAAE;gBACf,MAAM,IAAI,UAAU,CAAC;aACtB;YACD,IAAI,IAAI,CAAC,QAAQ,EAAE;gBACjB,MAAM,IAAI,YAAY,CAAC;aACxB;YAED,OAAO,MAAM,CAAC;SACf;;;OAAA;IAEH,aAAC;AAAD,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;ACpHM,IAAM,WAAW,GAAG;IACzB,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,uBAAuB,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IACxD,yBAAyB,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC1D,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,EAAE,EAAE,EAAE;IACrD,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,EAAE,EAAE,EAAE;IACrD,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,uBAAuB,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IACxD,yBAAyB,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC1D,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC/C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,EAAE,EAAE,EAAE;IACrD,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAC9C,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;IAChD,eAAe,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE;CACxC;;ACrCV,IAAM,iBAAiB,GAAG,YAAY,CAAA;;IAkCpC,kBAAY,IAAmB;QAC7B,IAAI,GAAG,IAAI,IAAI,EAAE,CAAA;QAEjB,IAAI,CAAC,UAAU,GAAG,MAAM,CAAC,MAAM,CAAC;YAC9B,SAAS,EAAE,aAAa;YACxB,aAAa,EAAE,EAAE;YACjB,QAAQ,EAAE,KAAK;YACf,IAAI,EAAE,EAAE;SACT,EAAE,IAAI,CAAC,UAAU,IAAI,EAAS,CAAC,CAAA;QAEhC,IAAI,CAAC,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC;YAC3B,QAAQ,EAAE,QAAQ;YAClB,SAAS,EAAE,MAAM;YACjB,IAAI,EAAE,EAAE;SACT,EAAE,IAAI,CAAC,OAAO,IAAI,EAAS,CAAC,CAAA;KAE9B;IAID,0BAAO,GAAP,UAAQ,IAA6B,EAAE,OAAiC;QACtE,IAAI,CAAC,IAAI,EAAE;YACT,OAAO,IAAI,CAAA;SACZ;QACK,IAAA,KAMc,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,IAAI,CAAC,UAAU,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC,UAAU,EALzF,IAAI,UAAA,EACJ,SAAS,eAAA,EACT,QAAQ,cAAA,EACR,aAAa,mBAAA,EACb,GAAG,SACsF,CAAA;QAE3F,IAAM,MAAM,GAAG,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,CAAA;QAE7B,IAAI,CAAC,MAAM,EAAE;YACX,MAAM,IAAI,KAAK,CAAC,cAAc,CAAC,CAAA;SAChC;QAED,IAAM,UAAU,GAAG,QAAQ,CAAC,UAAU,CAAC,SAAS,CAAC,CAAA;QACjD,IAAI,CAAC,UAAU,EAAE;YACf,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAA;SACtC;QAED,IAAM,EAAE,GAAG,UAAU,CAAC,QAAQ,GAAG,MAAM,CAAC,WAAW,CAAC,UAAU,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC;QAChF,IAAM,QAAQ,GAAG,OAAO,IAAI,KAAK,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,EAAE,OAAO,CAAC,GAAG,IAAI,CAAA;QAE7E,IAAM,MAAM,GAAG,MAAM,CAAC,cAAc,CAAC,SAAgB,EAAE,MAAM,EAAE,EAAE,EAAE,EAAC,aAAa,eAAA,EAAC,CAAC,CAAA;QAEnF,IAAM,IAAI,GAAG,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QACrC,IAAM,GAAG,GAAG,MAAM,CAAC,KAAK,EAAE,CAAC;QAC3B,IAAI,OAA2B,CAAC;QAChC,IAAI,iBAAiB,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE;YACrC,OAAO,GAAG,MAAM,CAAC,UAAU,EAAE,CAAC;SAC/B;QAED,OAAO,MAAM,CAAC,MAAM,+CACf,EAAE,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,SACd,OAAO,GAAG,CAAC,OAAO,CAAC,GAAG,EAAE;YAC3B,IAAI;YACJ,GAAG;WACH,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAA;KACtB;IAID,0BAAO,GAAP,UAAQ,IAA6B,EAAE,OAAiC;QACtE,IAAI,CAAC,IAAI,EAAE;YACT,OAAO,IAAI,CAAA;SACZ;QAED,IAAM,YAAY,GAAmB,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,IAAI,CAAC,UAAU,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC,UAAU,CAAA;QAG1G,IAAA,QAAQ,GAKN,YAAY,SALN,EACR,GAAG,GAID,YAAY,IAJX,EACG,WAAW,GAGf,YAAY,KAHG,EACjB,SAAS,GAEP,YAAY,UAFL,EACT,aAAa,GACX,YAAY,cADD,CACC;QAEhB,IAAM,IAAI,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,WAAW,CAAA;QACtC,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE;YACrB,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAA;SACvD;QAGC,IAAA,EAAE,GAEA,YAAY,GAFZ,EACF,OAAO,GACL,YAAY,QADP,CACO;QAEhB,IAAI,QAAQ,GAAG,OAAO,IAAI,KAAK,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,EAAE,QAAQ,CAAC,GAAG,IAAI,CAAA;QAE5E,IAAM,UAAU,GAAG,QAAQ,CAAC,UAAU,CAAC,SAAS,CAAC,CAAA;QACjD,IAAI,CAAC,UAAU,EAAE;YACf,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAA;SACtC;QAED,IAAI,OAAO,EAAE,KAAK,QAAQ,EAAE;YAC1B,EAAE,GAAG,MAAM,CAAC,IAAI,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAA;SAC/B;QAED,IAAI,OAAO,OAAO,KAAK,QAAQ,EAAE;YAC/B,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAA;SACzC;QAED,IAAI,UAAU,CAAC,QAAQ,KAAK,SAAS,EAAE;YACrC,IAAI,CAAC,EAAE,EAAE;gBACP,EAAE,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,UAAU,CAAC,QAAQ,CAAC,CAAA;aAC5C;YACD,QAAQ,GAAG,QAAQ,CAAC,KAAK,CAAC,UAAU,CAAC,QAAQ,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAA;SAChE;QAGD,IAAI,iBAAiB,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE;YACrC,IAAI,CAAC,OAAO,EAAE;gBACZ,OAAO,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,aAAa,CAAC,CAAA;aAC3C;YACD,QAAQ,GAAG,QAAQ,CAAC,KAAK,CAAC,aAAa,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAA;SAC1D;QAED,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;YACpC,IAAM,OAAO,GAAG,QAAQ,CAAC,SAAS,CAAC,QAAQ,wBAAM,YAAY,KAAE,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,IAAA,EAAE,OAAO,SAAA,IAAG,CAAC;YAC5F,IAAI,OAAO,KAAK,IAAI;gBAAE,OAAO,OAAO,CAAA;SACrC;QACD,OAAO,IAAI,CAAA;KACZ;IAEc,kBAAS,GAAxB,UAAyB,IAAY,EAAE,OAAuB;QACrD,IAAA,SAAS,GAAqC,OAAO,UAA5C,EAAE,GAAG,GAAgC,OAAO,IAAvC,EAAE,EAAE,GAA4B,OAAO,GAAnC,EAAE,aAAa,GAAa,OAAO,cAApB,EAAE,OAAO,GAAI,OAAO,QAAX,CAAW;QAC5D,IAAM,QAAQ,GAAG,MAAM,CAAC,gBAAgB,CAAC,SAAgB,EAAE,GAAI,EAAE,EAAY,IAAI,IAAI,EAAE,EAAC,aAAa,eAAA,EAAC,CAAC,CAAC;QAExG,IAAI,OAAO,EAAE;YACX,QAAQ,CAAC,UAAU,CAAC,OAAiB,CAAC,CAAA;SACvC;QAED,IAAM,SAAS,GAAG,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,CAAA;QACvC,IAAI,KAAa,CAAA;QACjB,IAAI;YACF,KAAK,GAAG,QAAQ,CAAC,KAAK,EAAE,CAAA;SACzB;QAAC,OAAM,CAAK,EAAE;;YAEb,OAAO,IAAI,CAAA;SACZ;QACD,OAAO,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAA;KAC3D;IAMD,uBAAI,GAAJ,UAAK,IAAoB,EAAE,GAAwB;QACjD,IAAI,CAAC,IAAI,EAAE;YACT,OAAO,IAAI,CAAA;SACZ;QACK,IAAA,KAA8B,IAAI,CAAC,OAAO,EAAzC,SAAS,eAAA,EAAE,QAAQ,cAAA,EAAE,IAAI,UAAgB,CAAA;QAChD,GAAG,GAAG,GAAG,IAAI,IAAI,CAAC,CAAC,CAAc,CAAA;QACjC,OAAO,MAAM;aACV,UAAU,CAAC,SAAS,EAAE,GAAG,CAAC;aAC1B,MAAM,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC;aAC7B,OAAO,CAAC,UAAU,EAAE,UAAU,CAAC;YAC9B,OAAO,CAAC,EAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,EAAE,EAAC,EAAE,CAAC,CAAW,CAAA;SACpD,CAAC,CAAA;KACL;IAED,yBAAM,GAAN,UAAO,IAAY,EAAE,MAAc;QACjC,OAAO,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC,GAAG,CAAC,CAAC,CAAA;KACvC;IAED,0BAAO,GAAP,UAAQ,IAAY,EAAE,MAAc;QAC3B,IAAA,IAAI,GAAI,IAAI,CAAC,OAAO,KAAhB,CAAgB;QAE3B,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE;YACrB,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAA;SACpD;QAED,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;YACpC,IAAI,OAAO,CAAC,MAAM,EAAE,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC,CAAW,CAAC,CAAC;gBAAE,OAAO,CAAC,CAAA;SAClE;QACD,OAAO,CAAC,CAAC,CAAA;KACV;IAxLM,mBAAU,GAAG,WAGlB,CAAA;IAyLJ,eAAC;CAhMD;;AC1BA,IAAM,KAAK,GAA8B,EAAS,CAAC;;IAkDjD,iBAAY,OAA6C,EAAE,QAA8C,EAAE,OAA4B;QAA5B,wBAAA,EAAA,YAA4B;QACrI,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;QACvB,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;QAEzB,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC,QAAQ,IAAI,IAAI,QAAQ,EAAE,CAAC;QACnD,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;QAC7B,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,KAAK,SAAS,GAAG,OAAO,CAAC,MAAM,GAAG,KAAK,CAAC;QACpE,IAAI,CAAC,SAAS,GAAG,OAAO,CAAC,SAAS,KAAK,SAAS,GAAG,OAAO,CAAC,SAAS,GAAG,KAAK,CAAC;QAC7E,IAAI,CAAC,cAAc,GAAG,OAAO,CAAC,cAAc,IAAI,KAAK,CAAC;KACvD;;;;;;;;;;;;;;;;;;;;;IAsBD,qBAAG,GAAH,UAAI,IAAY,EAAE,IAAuB;QACvC,IAAM,KAAK,GAAG,CAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,cAAc,KAAI,IAAI,CAAC,cAAc,CAAC;QAE1D,IAAM,OAAO,GAAG,OAAO,KAAK,KAAK,UAAU,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC;cAChE,MAAG,IAAI,GAAG,GAAG,GAAG,KAAK,CAAE,CAAC;QAE5B,IAAM,MAAM,GAAG,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,SAAS,GAAG,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC;QAEvG,IAAM,SAAS,GAAG,IAAI,IAAI,IAAI,CAAC,SAAS,KAAK,SAAS,GAAG,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC;QAEzF,IAAM,MAAM,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;QAC9C,IAAI,CAAC,MAAM,EAAE;YACX,OAAO,SAAS,CAAC;SAClB;QAED,IAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC;QAC7C,IAAI,CAAC,KAAK,EAAE;YACV,OAAO,SAAS,CAAC;SAClB;QAED,IAAM,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QACvB,IAAI,CAAC,IAAI,IAAI,CAAC,MAAM,EAAE;YACpB,OAAO,SAAS,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAe,CAAC,GAAG,KAAK,CAAC;SACnE;QAED,IAAM,MAAM,GAAG,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,EAAC,SAAS,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK,EAAC,CAAC,CAAC;QACpE,IAAI,CAAC,MAAM,EAAE;YACX,OAAO,SAAS,CAAC;SAClB;QAED,IAAM,IAAI,GAAM,IAAI,SAAI,KAAO,CAAC;QAChC,IAAM,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;QAElD,IAAI,KAAK,GAAG,CAAC,EAAE;YACb,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,IAAI,EAAE,EAAC,IAAI,EAAE,GAAG,EAAE,MAAM,EAAE,KAAK,EAAC,CAAC,CAAC;YACpD,OAAO,SAAS,CAAA;SACjB;aAAM;YACL,KAAK,IAAI,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,EAAC,MAAM,EAAE,KAAK,EAAC,CAAC,CAAC;YACtE,OAAO,SAAS,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAe,CAAC,GAAG,KAAK,CAAC;SACnE;KACF;;;;;;;;IASD,qBAAG,GAAH,UAAI,IAAY,EAAE,KAAqB,EAAE,IAAuB;QAC9D,IAAM,GAAG,GAAG,IAAI,CAAC,QAAQ,EACvB,GAAG,GAAG,IAAI,CAAC,OAAO,EAClB,MAAM,GAAG,IAAI,CAAC,MAAM,KAAK,SAAS,GAAG,CAAC,CAAC,IAAI,CAAC,MAAM,GAAS,GAAI,CAAC,QAAQ,KAAK,OAAO,IAAU,GAAI,CAAC,UAAU,CAAC,WAAW,CAAC,EAC1H,SAAS,GAAG,IAAI,IAAI,IAAI,CAAC,SAAS,KAAK,SAAS,GAAG,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC;QAErF,IAAI,OAAO,IAAI,GAAG,CAAC,SAAS,CAAC,YAAY,CAAC,IAAI,EAAE,CAAa,CAAC;QAE9D,IAAM,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,EAAE,SAAS,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAe,CAAC,GAAE,KAAK,EAAE,IAAI,CAAC,CAAC;QACjG,IAAM,MAAM,GAAG,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,SAAS,GAAG,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC;;QAG7E,IAAI,OAAO,OAAO,IAAI,QAAQ,EAAE;YAC9B,OAAO,GAAG,CAAC,OAAO,CAAC,CAAC;SACrB;QAED,IAAI,CAAC,MAAM,IAAI,IAAI,IAAI,IAAI,CAAC,MAAM,EAAE;YAClC,MAAM,IAAI,KAAK,CAAC,uDAAuD,CAAC,CAAC;SAC1E;QAED,MAAM,CAAC,MAAM,GAAG,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,SAAS,GAAG,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QAEzE,UAAU,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;QAE5B,IAAI,IAAI,IAAI,MAAM,EAAE;YAClB,MAAM,CAAC,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAC;YAErD,IAAM,KAAK,GAAG,IAAI,CAAC,cAAc,IAAI,IAAI,CAAC,cAAc,CAAC;YAEzD,IAAI,OAAO,KAAK,KAAK,UAAU,EAAE;gBAC/B,MAAM,CAAC,IAAI,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,CAAC;aAC7C;iBAAM;gBACL,MAAM,CAAC,IAAI,GAAG,MAAG,MAAM,CAAC,IAAI,GAAG,GAAG,GAAG,KAAK,CAAE,CAAC;aAC9C;YACD,UAAU,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;SAC7B;QAED,IAAM,SAAS,GAAS,GAAI,CAAC,KAAK,CAAC,GAAG,IAAI,CAAC,eAAe,CAAC,SAAS,CAAC,SAAS,GAAG,GAAG,CAAC,SAAS,CAAC;QAC/F,SAAS,CAAC,IAAI,CAAC,GAAG,EAAE,YAAY,EAAE,OAAO,CAAC,CAAC;QAC3C,OAAO,IAAI,CAAC;KACb;IAEM,kBAAU,GAAG,UAAC,OAAwB,IAAK,OAAA,UAAC,GAAQ,EAAE,GAAQ,EAAE,IAAS;QAC9E,GAAG,CAAC,OAAO,GAAG,GAAG,CAAC,OAAO,GAAG,IAAI,OAAO,CAAC,GAAG,EAAE,GAAG,EAAE,OAAO,CAAC,CAAC;QAC3D,IAAI,EAAE,CAAC;KACR,GAAA,CAAA;IAEM,eAAO,GAAG,OAAO,CAAC,UAAU,CAAA;IAC5B,eAAO,GAAG,OAAO,CAAC,UAAU,CAAA;IAC5B,WAAG,GAAG,UAAC,OAAwB,IAAK,OAAA,UAAC,GAAQ,EAAE,IAAS;QAC7D,GAAG,CAAC,OAAO;cACP,GAAG,CAAC,GAAG,CAAC,OAAO;kBACf,GAAG,CAAC,GAAG,CAAC,OAAO;sBACf,GAAG,CAAC,OAAO,CAAC,OAAO;0BACnB,GAAG,CAAC,QAAQ,CAAC,OAAO,GAAG,IAAI,OAAO,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;QAClE,OAAO,IAAI,EAAE,CAAA;KACd,GAAA,CAAA;IACH,cAAC;CAxJD,IAwJC;AAGD,SAAS,UAAU,CAAC,IAAY;IAC9B,IAAI,KAAK,CAAC,IAAI,CAAC,EAAE;QACf,OAAO,KAAK,CAAC,IAAI,CAAW,CAAC;KAC9B;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,GAAG,IAAI,MAAM,CAC7B,cAAY,IAAI,CAAC,OAAO,CAAC,0BAA0B,EAAE,MAAM,CAAC,aAAU,CACvE,CAAC;AACJ,CAAC;AAED,SAAS,UAAU,CAAC,OAAiB,EAAE,MAAc;IACnD,IAAI,MAAM,CAAC,SAAS,EAAE;QACpB,KAAK,IAAI,CAAC,GAAG,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE;YAC5C,IAAI,OAAO,CAAC,CAAC,CAAE,CAAC,OAAO,CAAI,MAAM,CAAC,IAAI,MAAG,CAAC,KAAK,CAAC,EAAE;gBAChD,OAAO,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;aACtB;SACF;KACF;IAED,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;AAC9B;;;;"} \ No newline at end of file diff --git a/docs/README.md b/docs/README.md index 7c50403..45b9873 100644 --- a/docs/README.md +++ b/docs/README.md @@ -32,7 +32,7 @@ secure-cookie #### Defined in -[cookies.ts:8](https://github.com/ayZagen/secure-cookie/blob/e57275f/src/cookies.ts#L8) +[cookies.ts:8](https://github.com/ayZagen/secure-cookie/blob/1cfbf0a/src/cookies.ts#L8) ___ @@ -42,7 +42,7 @@ ___ #### Defined in -[cookies.ts:39](https://github.com/ayZagen/secure-cookie/blob/e57275f/src/cookies.ts#L39) +[cookies.ts:39](https://github.com/ayZagen/secure-cookie/blob/1cfbf0a/src/cookies.ts#L39) ___ @@ -52,4 +52,4 @@ ___ #### Defined in -[cookies.ts:38](https://github.com/ayZagen/secure-cookie/blob/e57275f/src/cookies.ts#L38) +[cookies.ts:38](https://github.com/ayZagen/secure-cookie/blob/1cfbf0a/src/cookies.ts#L38) diff --git a/docs/classes/Cookies.md b/docs/classes/Cookies.md index ecc55c7..3f442eb 100644 --- a/docs/classes/Cookies.md +++ b/docs/classes/Cookies.md @@ -43,7 +43,7 @@ #### Defined in -[cookies.ts:56](https://github.com/ayZagen/secure-cookie/blob/e57275f/src/cookies.ts#L56) +[cookies.ts:56](https://github.com/ayZagen/secure-cookie/blob/1cfbf0a/src/cookies.ts#L56) ## Properties @@ -53,7 +53,7 @@ #### Defined in -[cookies.ts:45](https://github.com/ayZagen/secure-cookie/blob/e57275f/src/cookies.ts#L45) +[cookies.ts:45](https://github.com/ayZagen/secure-cookie/blob/1cfbf0a/src/cookies.ts#L45) ___ @@ -63,7 +63,7 @@ ___ #### Defined in -[cookies.ts:49](https://github.com/ayZagen/secure-cookie/blob/e57275f/src/cookies.ts#L49) +[cookies.ts:49](https://github.com/ayZagen/secure-cookie/blob/1cfbf0a/src/cookies.ts#L49) ___ @@ -73,7 +73,7 @@ ___ #### Defined in -[cookies.ts:53](https://github.com/ayZagen/secure-cookie/blob/e57275f/src/cookies.ts#L53) +[cookies.ts:53](https://github.com/ayZagen/secure-cookie/blob/1cfbf0a/src/cookies.ts#L53) ___ @@ -83,7 +83,7 @@ ___ #### Defined in -[cookies.ts:54](https://github.com/ayZagen/secure-cookie/blob/e57275f/src/cookies.ts#L54) +[cookies.ts:54](https://github.com/ayZagen/secure-cookie/blob/1cfbf0a/src/cookies.ts#L54) ___ @@ -93,7 +93,7 @@ ___ #### Defined in -[cookies.ts:43](https://github.com/ayZagen/secure-cookie/blob/e57275f/src/cookies.ts#L43) +[cookies.ts:43](https://github.com/ayZagen/secure-cookie/blob/1cfbf0a/src/cookies.ts#L43) ___ @@ -103,7 +103,7 @@ ___ #### Defined in -[cookies.ts:51](https://github.com/ayZagen/secure-cookie/blob/e57275f/src/cookies.ts#L51) +[cookies.ts:51](https://github.com/ayZagen/secure-cookie/blob/1cfbf0a/src/cookies.ts#L51) ___ @@ -113,7 +113,7 @@ ___ #### Defined in -[cookies.ts:47](https://github.com/ayZagen/secure-cookie/blob/e57275f/src/cookies.ts#L47) +[cookies.ts:47](https://github.com/ayZagen/secure-cookie/blob/1cfbf0a/src/cookies.ts#L47) ___ @@ -151,7 +151,7 @@ ___ #### Defined in -[cookies.ts:183](https://github.com/ayZagen/secure-cookie/blob/e57275f/src/cookies.ts#L183) +[cookies.ts:183](https://github.com/ayZagen/secure-cookie/blob/1cfbf0a/src/cookies.ts#L183) ___ @@ -189,7 +189,7 @@ ___ #### Defined in -[cookies.ts:184](https://github.com/ayZagen/secure-cookie/blob/e57275f/src/cookies.ts#L184) +[cookies.ts:184](https://github.com/ayZagen/secure-cookie/blob/1cfbf0a/src/cookies.ts#L184) ## Methods @@ -227,7 +227,7 @@ If both `signed` and `encrypted` options are provided, signature check will be a #### Defined in -[cookies.ts:87](https://github.com/ayZagen/secure-cookie/blob/e57275f/src/cookies.ts#L87) +[cookies.ts:87](https://github.com/ayZagen/secure-cookie/blob/1cfbf0a/src/cookies.ts#L87) ___ @@ -251,7 +251,7 @@ This sets the given cookie in the response and returns the current context to al #### Defined in -[cookies.ts:136](https://github.com/ayZagen/secure-cookie/blob/e57275f/src/cookies.ts#L136) +[cookies.ts:136](https://github.com/ayZagen/secure-cookie/blob/1cfbf0a/src/cookies.ts#L136) ___ @@ -284,7 +284,7 @@ ___ #### Defined in -[cookies.ts:185](https://github.com/ayZagen/secure-cookie/blob/e57275f/src/cookies.ts#L185) +[cookies.ts:185](https://github.com/ayZagen/secure-cookie/blob/1cfbf0a/src/cookies.ts#L185) ___ @@ -318,4 +318,4 @@ ___ #### Defined in -[cookies.ts:178](https://github.com/ayZagen/secure-cookie/blob/e57275f/src/cookies.ts#L178) +[cookies.ts:178](https://github.com/ayZagen/secure-cookie/blob/1cfbf0a/src/cookies.ts#L178) diff --git a/package-lock.json b/package-lock.json index 432b801..472d740 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,6 +1,6 @@ { "name": "secure-cookie", - "version": "0.0.7", + "version": "0.1.0", "lockfileVersion": 1, "requires": true, "dependencies": { diff --git a/package.json b/package.json index 767dd13..3e46aeb 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "secure-cookie", - "version": "0.0.7", + "version": "0.1.0", "description": "Cookie library/middleware with signing and encryption support", "main": "dist/index.js", "types": "types/index.d.ts",