{"version":3,"sources":["../../src/identity-oauth-v1-refresh-token-oauth.http.ts","../../src/identity-oauth-v1-refresh-token-oauth.types.ts","../../src/identity-oauth-v1-refresh-token-oauth.meta.ts"],"sourcesContent":["import { transformSDKBytesToRESTBytes } from '@wix/sdk-runtime/transformations/bytes';\nimport { transformRESTBytesToSDKBytes } from '@wix/sdk-runtime/transformations/bytes';\nimport { transformPaths } from '@wix/sdk-runtime/transformations/transform-paths';\nimport { resolveUrl } from '@wix/sdk-runtime/rest-modules';\nimport { ResolveUrlOpts } from '@wix/sdk-runtime/rest-modules';\nimport { RequestOptionsFactory } from '@wix/sdk-types';\n\nfunction resolveWixIdentityOauth2V1Oauth2NgUrl(\n  opts: Omit<ResolveUrlOpts, 'domainToMappings'>\n) {\n  const domainToMappings = {\n    'manage._base_domain_': [\n      {\n        srcPath: '/oauth2',\n        destPath: '/v1/oauth',\n      },\n    ],\n    'www.wixapis.com': [\n      {\n        srcPath: '/oauth2',\n        destPath: '/v1/oauth',\n      },\n      {\n        srcPath: '/oauth2/token_info',\n        destPath: '/v1/token_info',\n      },\n    ],\n    'users._base_domain_': [\n      {\n        srcPath: '/v1/oauth/device/verify',\n        destPath: '/v1/oauth/device/verify',\n      },\n      {\n        srcPath: '/v1/oauth/manage/user-code',\n        destPath: '/v1/oauth/manage/user-code',\n      },\n      {\n        srcPath: '/v2/oauth/device/verify',\n        destPath: '/v2/oauth/device/verify',\n      },\n      {\n        srcPath: '/v1/oauth/authorize',\n        destPath: '/v1/oauth/authorize',\n      },\n      {\n        srcPath: '/v1/oauth/user-info',\n        destPath: '/v1/oauth/user-info',\n      },\n      {\n        srcPath: '/iam/wix-idp/v1/oauth/token',\n        destPath: '/v1/oauth/token',\n      },\n      {\n        srcPath: '/iam/wix-idp/v1/oauth/user-info',\n        destPath: '/v1/oauth/user-info',\n      },\n    ],\n    _: [\n      {\n        srcPath: '/_api/oauth2',\n        destPath: '/v1/oauth',\n      },\n    ],\n    'platform.rise.ai': [\n      {\n        srcPath: '/oauth2',\n        destPath: '/v1/oauth',\n      },\n    ],\n    'api._api_base_domain_': [\n      {\n        srcPath: '/oauth2-ng',\n        destPath: '',\n      },\n    ],\n    'apps._base_domain_': [\n      {\n        srcPath: '/oauth2/callback',\n        destPath: '/oauth2/callback',\n      },\n      {\n        srcPath: '/oauth2',\n        destPath: '/v1/oauth',\n      },\n    ],\n    'editor._base_domain_': [\n      {\n        srcPath: '/oauth2/callback',\n        destPath: '/oauth2/callback',\n      },\n      {\n        srcPath: '/oauth2/user-authorized',\n        destPath: '/oauth2/user-authorized',\n      },\n    ],\n    'blocks._base_domain_': [\n      {\n        srcPath: '/oauth2/callback',\n        destPath: '/oauth2/callback',\n      },\n      {\n        srcPath: '/oauth2/user-authorized',\n        destPath: '/oauth2/user-authorized',\n      },\n    ],\n    'create.editorx': [\n      {\n        srcPath: '/oauth2/callback',\n        destPath: '/oauth2/callback',\n      },\n      {\n        srcPath: '/oauth2/user-authorized',\n        destPath: '/oauth2/user-authorized',\n      },\n    ],\n  };\n\n  return resolveUrl(Object.assign(opts, { domainToMappings }));\n}\n\nconst PACKAGE_NAME = '@wix/auto_sdk_identity_oauth';\n\n/**\n * Creates an access token.\n *\n *\n * The endpoint accepts raw HTTP requests. You must pass the request's body\n * parameters formatted as bytes in the raw HTTP request's `body` field,\n * following this template:\n * `{\"grantType\": \"client_credentials\", \"client_id\": \"<APP_ID>\", \"client_secret\": \"<APP_SECRET_KEY>\", \"instance_id\": \"<INSTANCE_ID>\"}`.\n *\n * When the call succeeds, Wix returns `{\"statusCode\": 200}` and the created access\n * token in the `body` field of the raw HTTP response.\n *\n * In case the call fails, Wix returns the relevant `4XX` error code in the raw\n * HTTP response's `statusCode` field and details\n * about the error in `body`. Error details follow the\n * [conventions of the Internet Engineering Task Force (IETF)](https://datatracker.ietf.org/doc/html/rfc6749#appendix-A.7).\n */\nexport function token(payload: object): RequestOptionsFactory<any> {\n  function __token({ host }: any) {\n    const serializedData = transformPaths(payload, [\n      { transformFn: transformSDKBytesToRESTBytes, paths: [{ path: 'body' }] },\n    ]);\n    const metadata = {\n      entityFqdn: 'wix.identity.oauth.v1.refresh_token',\n      method: 'POST' as any,\n      methodFqn: 'wix.identity.oauth2.v1.Oauth2Ng.Token',\n      packageName: PACKAGE_NAME,\n      migrationOptions: {\n        optInTransformResponse: true,\n      },\n      url: resolveWixIdentityOauth2V1Oauth2NgUrl({\n        protoPath: '/v1/oauth/token',\n        data: serializedData,\n        host,\n      }),\n      data: serializedData,\n      transformResponse: (payload: any) =>\n        transformPaths(payload, [\n          {\n            transformFn: transformRESTBytesToSDKBytes,\n            paths: [{ path: 'body' }],\n          },\n        ]),\n    };\n\n    return metadata;\n  }\n\n  return __token;\n}\n\n/** Token Introspection Endpoint. */\nexport function tokenInfo(payload: object): RequestOptionsFactory<any> {\n  function __tokenInfo({ host }: any) {\n    const serializedData = transformPaths(payload, [\n      { transformFn: transformSDKBytesToRESTBytes, paths: [{ path: 'body' }] },\n    ]);\n    const metadata = {\n      entityFqdn: 'wix.identity.oauth.v1.refresh_token',\n      method: 'POST' as any,\n      methodFqn: 'wix.identity.oauth2.v1.Oauth2Ng.TokenInfo',\n      packageName: PACKAGE_NAME,\n      migrationOptions: {\n        optInTransformResponse: true,\n      },\n      url: resolveWixIdentityOauth2V1Oauth2NgUrl({\n        protoPath: '/v1/oauth/token-info',\n        data: serializedData,\n        host,\n      }),\n      data: serializedData,\n    };\n\n    return metadata;\n  }\n\n  return __tokenInfo;\n}\n","export interface RefreshToken {\n  token?: string;\n}\n\n/**\n * AuthorizeRequest is sent by the client to the authorization server to initiate\n * the authorization process.\n */\nexport interface AuthorizeRequest {\n  /**\n   * ID of the Wix OAuth app requesting authorization.\n   * @format GUID\n   */\n  clientId?: string;\n  /**\n   * Desired authorization [grant type](https://auth0.com/docs/authenticate/protocols/oauth#grant-types).\n   *\n   * Supported values:\n   * + `code`: The endpoint returns an authorization code that can be used to obtain an access token.\n   * @minLength 1\n   */\n  responseType?: string;\n  /**\n   * URI to redirect the browser to after authentication and authorization. The browser is redirected to this URI whether the authentication and authorization process is successful or not.\n   * @minLength 1\n   */\n  redirectUri?: string | null;\n  /**\n   * Desired scope of access. If this field is left empty, only an access token is granted.\n   * To received a refresh token, pass `offline_access` as the value of this field.\n   */\n  scope?: string | null;\n  /**\n   * A value used to confirm the state of an application before and after it makes an authorization\n   * request. If a value for this field is set in the request, it's added to the `redirectUri` when the browser\n   * is redirected there.\n   * Learn more about [using the state parameter](https://auth0.com/docs/secure/attack-protection/state-parameters).\n   * @minLength 1\n   */\n  state?: string;\n  /**\n   * esired response format.\n   *\n   * Supported values:\n   * + `query`: The response parameters are encoded as query string parameters and added to the `redirectUri` when redirecting.\n   * + `fragment`: The response parameters are encoded as URI fragment parameters and added to the `redirectUri` when redirecting.\n   * + `web_message`: The response parameters are encoded as a JSON object and added to the body of a [web message response](https://datatracker.ietf.org/doc/html/draft-sakimura-oauth-wmrm-00).\n   *\n   * Default value: `query`\n   */\n  responseMode?: string | null;\n  /**\n   * Code challenge to use for PKCE verification.\n   * This field is only used if `responseType` is set to `code`.\n   */\n  codeChallenge?: string | null;\n  /**\n   * Code challenge method to use for PKCE verification.\n   * This field is only used if `responseType` is set to `code`.\n   *\n   * Supported values:\n   * + `S256`: The code challenge is transformed using SHA-256 encyption.\n   * + `S512`: The code challenge is transformed using SHA-512 encyption.\n   */\n  codeChallengeMethod?: string | null;\n  /** Session token of the site visitor to authorize. */\n  sessionToken?: string | null;\n  /**\n   * URL to redirect user to sign in\n   * @format SECURE_WEB_URL\n   */\n  signInUrl?: string | null;\n  /** Indicates whether the user has consented to the requested scopes */\n  userConsented?: boolean | null;\n  /** Indicates whether login is optional. If true, will not redirect to the sign_in_url if user is not logged in. */\n  optionalLogin?: boolean | null;\n  /**\n   * The site id the authorization is requested for.\n   * @format GUID\n   */\n  metaSiteId?: string | null;\n}\n\nexport interface RawHttpResponse {\n  body?: Uint8Array;\n  statusCode?: number | null;\n  headers?: HeadersEntry[];\n}\n\nexport interface HeadersEntry {\n  key?: string;\n  value?: string;\n}\n\nexport interface RawHttpRequest {\n  body?: Uint8Array;\n  pathParams?: PathParametersEntry[];\n  queryParams?: QueryParametersEntry[];\n  headers?: HeadersEntry[];\n  method?: string;\n  rawPath?: string;\n  rawQuery?: string;\n}\n\nexport interface PathParametersEntry {\n  key?: string;\n  value?: string;\n}\n\nexport interface QueryParametersEntry {\n  key?: string;\n  value?: string;\n}\n\nexport interface DeviceCodeRequest {\n  /** The ID of the application that asks for authorization. */\n  clientId?: string;\n  /**\n   * scope is a space-delimited string that specifies the requested scope of the\n   * access request.\n   */\n  scope?: string | null;\n}\n\nexport interface DeviceCodeResponse {\n  /** is the unique code for the device. When the user goes to the verification_uri in their browser-based device, this code will be bound to their session. */\n  deviceCode?: string;\n  /** contains the code that should be input at the verification_uri to authorize the device. */\n  userCode?: string;\n  /** contains the URL the user should visit to authorize the device. */\n  verificationUri?: string;\n  /** indicates the lifetime (in seconds) of the device_code and user_code. */\n  expiresIn?: number;\n  /** indicates the interval (in seconds) at which the app should poll the token URL to request a token. clients MUST use 5 as the default */\n  interval?: number | null;\n}\n\nexport interface DeviceVerifyRequest {\n  /** User code representing a currently authorizing device. */\n  userCode?: string;\n}\n\nexport interface DeviceVerifyResponse {}\n\nexport interface DeviceVerifyV2Request {\n  /**\n   * User code representing a currently authorizing device.\n   * @minLength 8\n   * @maxLength 8\n   */\n  userCode?: string;\n}\n\nexport interface DeviceVerifyV2Response {}\n\nexport interface InvalidateUserCodeRequest {\n  /** user code to invalidate. Only the authorizing identity is able to invalidate it. */\n  userCode?: string;\n}\n\nexport interface InvalidateUserCodeResponse {}\n\nexport interface RevokeRefreshTokenRequest {\n  /** The refresh token itself. Anyone with the token itself is able to revoke it. */\n  token?: string;\n  /** The client id that issued the refresh token. */\n  clientId?: string | null;\n}\n\nexport interface RevokeRefreshTokenResponse {}\n\nexport interface TokenInfoResponse {\n  active?: boolean;\n  /** subject type. */\n  subjectType?: SubjectTypeWithLiterals;\n  /** subject id */\n  subjectId?: string;\n  /** Expiration time of the token */\n  exp?: string | null;\n  /** Issued time of the token */\n  iat?: string | null;\n  /** Client id */\n  clientId?: string;\n  /** Account id */\n  accountId?: string | null;\n  /** Site id */\n  siteId?: string | null;\n  /** Instance Id */\n  instanceId?: string | null;\n  /**\n   * Vendor Product Id\n   * @maxLength 100\n   */\n  vendorProductId?: string | null;\n}\n\nexport enum SubjectType {\n  /** unknown subject type */\n  UNKNOWN = 'UNKNOWN',\n  /** user subject type */\n  USER = 'USER',\n  /** visitor subject type */\n  VISITOR = 'VISITOR',\n  /** member subject type */\n  MEMBER = 'MEMBER',\n  /** app subject type */\n  APP = 'APP',\n}\n\n/** @enumType */\nexport type SubjectTypeWithLiterals =\n  | SubjectType\n  | 'UNKNOWN'\n  | 'USER'\n  | 'VISITOR'\n  | 'MEMBER'\n  | 'APP';\n\nexport interface Empty {}\n\nexport interface DomainEvent extends DomainEventBodyOneOf {\n  createdEvent?: EntityCreatedEvent;\n  updatedEvent?: EntityUpdatedEvent;\n  deletedEvent?: EntityDeletedEvent;\n  actionEvent?: ActionEvent;\n  /** Event ID. With this ID you can easily spot duplicated events and ignore them. */\n  id?: string;\n  /**\n   * Fully Qualified Domain Name of an entity. This is a unique identifier assigned to the API main business entities.\n   * For example, `wix.stores.catalog.product`, `wix.bookings.session`, `wix.payments.transaction`.\n   */\n  entityFqdn?: string;\n  /**\n   * Event action name, placed at the top level to make it easier for users to dispatch messages.\n   * For example: `created`/`updated`/`deleted`/`started`/`completed`/`email_opened`.\n   */\n  slug?: string;\n  /** ID of the entity associated with the event. */\n  entityId?: string;\n  /** Event timestamp in [ISO-8601](https://en.wikipedia.org/wiki/ISO_8601) format and UTC time. For example, `2020-04-26T13:57:50.699Z`. */\n  eventTime?: Date | null;\n  /**\n   * Whether the event was triggered as a result of a privacy regulation application\n   * (for example, GDPR).\n   */\n  triggeredByAnonymizeRequest?: boolean | null;\n  /** If present, indicates the action that triggered the event. */\n  originatedFrom?: string | null;\n  /**\n   * A sequence number that indicates the order of updates to an entity. For example, if an entity was updated at 16:00 and then again at 16:01, the second update will always have a higher sequence number.\n   * You can use this number to make sure you're handling updates in the right order. Just save the latest sequence number on your end and compare it to the one in each new message. If the new message has an older (lower) number, you can safely ignore it.\n   */\n  entityEventSequence?: string | null;\n}\n\n/** @oneof */\nexport interface DomainEventBodyOneOf {\n  createdEvent?: EntityCreatedEvent;\n  updatedEvent?: EntityUpdatedEvent;\n  deletedEvent?: EntityDeletedEvent;\n  actionEvent?: ActionEvent;\n}\n\nexport interface EntityCreatedEvent {\n  entityAsJson?: string;\n  /** Indicates the event was triggered by a restore-from-trashbin operation for a previously deleted entity */\n  restoreInfo?: RestoreInfo;\n}\n\nexport interface RestoreInfo {\n  deletedDate?: Date | null;\n}\n\nexport interface EntityUpdatedEvent {\n  /**\n   * Since platformized APIs only expose PATCH and not PUT we can't assume that the fields sent from the client are the actual diff.\n   * This means that to generate a list of changed fields (as opposed to sent fields) one needs to traverse both objects.\n   * We don't want to impose this on all developers and so we leave this traversal to the notification recipients which need it.\n   */\n  currentEntityAsJson?: string;\n}\n\nexport interface EntityDeletedEvent {\n  /** Entity that was deleted. */\n  deletedEntityAsJson?: string | null;\n}\n\nexport interface ActionEvent {\n  bodyAsJson?: string;\n}\n\nexport interface UserDeletedEvent {\n  /**\n   * User ID from the deletion event.\n   * @format GUID\n   */\n  userId?: string;\n}\n\nexport interface UserBlockedEvent {\n  /**\n   * User ID from the deletion event.\n   * @format GUID\n   */\n  userId?: string;\n}\n\nexport interface UserInfoRequest {}\n\n/** UserInfo endpoint response for OpenID Connect */\nexport interface UserInfoResponse {\n  /**\n   * The unique identifier for the user.\n   * @format GUID\n   */\n  id?: string;\n  /**\n   * The user's given name.\n   * @maxLength 20\n   */\n  givenName?: string | null;\n  /**\n   * The user's family name.\n   * @maxLength 20\n   */\n  familyName?: string | null;\n  /**\n   * The user's email address.\n   * @format EMAIL\n   */\n  email?: string | null;\n  /** Indicates whether the user's email address has been verified. */\n  emailVerified?: boolean | null;\n  /**\n   * The URL of the user's profile picture.\n   * @format WEB_URL\n   */\n  picture?: string | null;\n  /**\n   * The user's preferred language, if available.\n   * @format LANGUAGE\n   */\n  language?: string | null;\n}\n","import * as ambassadorWixIdentityOauthV1RefreshToken from './identity-oauth-v1-refresh-token-oauth.http.js';\nimport * as ambassadorWixIdentityOauthV1RefreshTokenTypes from './identity-oauth-v1-refresh-token-oauth.types.js';\nimport * as ambassadorWixIdentityOauthV1RefreshTokenUniversalTypes from './identity-oauth-v1-refresh-token-oauth.universal.js';\n\nexport type __PublicMethodMetaInfo<\n  K = string,\n  M = unknown,\n  T = unknown,\n  S = unknown,\n  Q = unknown,\n  R = unknown\n> = {\n  getUrl: (context: any) => string;\n  httpMethod: K;\n  path: string;\n  pathParams: M;\n  __requestType: T;\n  __originalRequestType: S;\n  __responseType: Q;\n  __originalResponseType: R;\n};\n\nexport function token(): __PublicMethodMetaInfo<\n  'POST',\n  {},\n  ambassadorWixIdentityOauthV1RefreshTokenUniversalTypes.RawHttpRequest,\n  ambassadorWixIdentityOauthV1RefreshTokenTypes.RawHttpRequest,\n  ambassadorWixIdentityOauthV1RefreshTokenUniversalTypes.RawHttpResponse,\n  ambassadorWixIdentityOauthV1RefreshTokenTypes.RawHttpResponse\n> {\n  const payload = {} as any;\n\n  const getRequestOptions =\n    ambassadorWixIdentityOauthV1RefreshToken.token(payload);\n\n  const getUrl = (context: any): string => {\n    const { url } = getRequestOptions(context);\n    return url!;\n  };\n\n  return {\n    getUrl,\n    httpMethod: 'POST',\n    path: '/v1/oauth/token',\n    pathParams: {},\n    __requestType: null as any,\n    __originalRequestType: null as any,\n    __responseType: null as any,\n    __originalResponseType: null as any,\n  };\n}\n\nexport function tokenInfo(): __PublicMethodMetaInfo<\n  'POST',\n  {},\n  ambassadorWixIdentityOauthV1RefreshTokenUniversalTypes.RawHttpRequest,\n  ambassadorWixIdentityOauthV1RefreshTokenTypes.RawHttpRequest,\n  ambassadorWixIdentityOauthV1RefreshTokenUniversalTypes.TokenInfoResponse,\n  ambassadorWixIdentityOauthV1RefreshTokenTypes.TokenInfoResponse\n> {\n  const payload = {} as any;\n\n  const getRequestOptions =\n    ambassadorWixIdentityOauthV1RefreshToken.tokenInfo(payload);\n\n  const getUrl = (context: any): string => {\n    const { url } = getRequestOptions(context);\n    return url!;\n  };\n\n  return {\n    getUrl,\n    httpMethod: 'POST',\n    path: '/v1/oauth/token-info',\n    pathParams: {},\n    __requestType: null as any,\n    __originalRequestType: null as any,\n    __responseType: null as any,\n    __originalResponseType: null as any,\n  };\n}\n\nexport {\n  RefreshToken as RefreshTokenOriginal,\n  AuthorizeRequest as AuthorizeRequestOriginal,\n  RawHttpResponse as RawHttpResponseOriginal,\n  HeadersEntry as HeadersEntryOriginal,\n  RawHttpRequest as RawHttpRequestOriginal,\n  PathParametersEntry as PathParametersEntryOriginal,\n  QueryParametersEntry as QueryParametersEntryOriginal,\n  DeviceCodeRequest as DeviceCodeRequestOriginal,\n  DeviceCodeResponse as DeviceCodeResponseOriginal,\n  DeviceVerifyRequest as DeviceVerifyRequestOriginal,\n  DeviceVerifyResponse as DeviceVerifyResponseOriginal,\n  DeviceVerifyV2Request as DeviceVerifyV2RequestOriginal,\n  DeviceVerifyV2Response as DeviceVerifyV2ResponseOriginal,\n  InvalidateUserCodeRequest as InvalidateUserCodeRequestOriginal,\n  InvalidateUserCodeResponse as InvalidateUserCodeResponseOriginal,\n  RevokeRefreshTokenRequest as RevokeRefreshTokenRequestOriginal,\n  RevokeRefreshTokenResponse as RevokeRefreshTokenResponseOriginal,\n  TokenInfoResponse as TokenInfoResponseOriginal,\n  SubjectType as SubjectTypeOriginal,\n  SubjectTypeWithLiterals as SubjectTypeWithLiteralsOriginal,\n  Empty as EmptyOriginal,\n  DomainEvent as DomainEventOriginal,\n  DomainEventBodyOneOf as DomainEventBodyOneOfOriginal,\n  EntityCreatedEvent as EntityCreatedEventOriginal,\n  RestoreInfo as RestoreInfoOriginal,\n  EntityUpdatedEvent as EntityUpdatedEventOriginal,\n  EntityDeletedEvent as EntityDeletedEventOriginal,\n  ActionEvent as ActionEventOriginal,\n  UserDeletedEvent as UserDeletedEventOriginal,\n  UserBlockedEvent as UserBlockedEventOriginal,\n  UserInfoRequest as UserInfoRequestOriginal,\n  UserInfoResponse as UserInfoResponseOriginal,\n} from './identity-oauth-v1-refresh-token-oauth.types.js';\n"],"mappings":";AAAA,SAAS,oCAAoC;AAC7C,SAAS,oCAAoC;AAC7C,SAAS,sBAAsB;AAC/B,SAAS,kBAAkB;AAI3B,SAAS,sCACP,MACA;AACA,QAAM,mBAAmB;AAAA,IACvB,wBAAwB;AAAA,MACtB;AAAA,QACE,SAAS;AAAA,QACT,UAAU;AAAA,MACZ;AAAA,IACF;AAAA,IACA,mBAAmB;AAAA,MACjB;AAAA,QACE,SAAS;AAAA,QACT,UAAU;AAAA,MACZ;AAAA,MACA;AAAA,QACE,SAAS;AAAA,QACT,UAAU;AAAA,MACZ;AAAA,IACF;AAAA,IACA,uBAAuB;AAAA,MACrB;AAAA,QACE,SAAS;AAAA,QACT,UAAU;AAAA,MACZ;AAAA,MACA;AAAA,QACE,SAAS;AAAA,QACT,UAAU;AAAA,MACZ;AAAA,MACA;AAAA,QACE,SAAS;AAAA,QACT,UAAU;AAAA,MACZ;AAAA,MACA;AAAA,QACE,SAAS;AAAA,QACT,UAAU;AAAA,MACZ;AAAA,MACA;AAAA,QACE,SAAS;AAAA,QACT,UAAU;AAAA,MACZ;AAAA,MACA;AAAA,QACE,SAAS;AAAA,QACT,UAAU;AAAA,MACZ;AAAA,MACA;AAAA,QACE,SAAS;AAAA,QACT,UAAU;AAAA,MACZ;AAAA,IACF;AAAA,IACA,GAAG;AAAA,MACD;AAAA,QACE,SAAS;AAAA,QACT,UAAU;AAAA,MACZ;AAAA,IACF;AAAA,IACA,oBAAoB;AAAA,MAClB;AAAA,QACE,SAAS;AAAA,QACT,UAAU;AAAA,MACZ;AAAA,IACF;AAAA,IACA,yBAAyB;AAAA,MACvB;AAAA,QACE,SAAS;AAAA,QACT,UAAU;AAAA,MACZ;AAAA,IACF;AAAA,IACA,sBAAsB;AAAA,MACpB;AAAA,QACE,SAAS;AAAA,QACT,UAAU;AAAA,MACZ;AAAA,MACA;AAAA,QACE,SAAS;AAAA,QACT,UAAU;AAAA,MACZ;AAAA,IACF;AAAA,IACA,wBAAwB;AAAA,MACtB;AAAA,QACE,SAAS;AAAA,QACT,UAAU;AAAA,MACZ;AAAA,MACA;AAAA,QACE,SAAS;AAAA,QACT,UAAU;AAAA,MACZ;AAAA,IACF;AAAA,IACA,wBAAwB;AAAA,MACtB;AAAA,QACE,SAAS;AAAA,QACT,UAAU;AAAA,MACZ;AAAA,MACA;AAAA,QACE,SAAS;AAAA,QACT,UAAU;AAAA,MACZ;AAAA,IACF;AAAA,IACA,kBAAkB;AAAA,MAChB;AAAA,QACE,SAAS;AAAA,QACT,UAAU;AAAA,MACZ;AAAA,MACA;AAAA,QACE,SAAS;AAAA,QACT,UAAU;AAAA,MACZ;AAAA,IACF;AAAA,EACF;AAEA,SAAO,WAAW,OAAO,OAAO,MAAM,EAAE,iBAAiB,CAAC,CAAC;AAC7D;AAEA,IAAM,eAAe;AAmBd,SAAS,MAAM,SAA6C;AACjE,WAAS,QAAQ,EAAE,KAAK,GAAQ;AAC9B,UAAM,iBAAiB,eAAe,SAAS;AAAA,MAC7C,EAAE,aAAa,8BAA8B,OAAO,CAAC,EAAE,MAAM,OAAO,CAAC,EAAE;AAAA,IACzE,CAAC;AACD,UAAM,WAAW;AAAA,MACf,YAAY;AAAA,MACZ,QAAQ;AAAA,MACR,WAAW;AAAA,MACX,aAAa;AAAA,MACb,kBAAkB;AAAA,QAChB,wBAAwB;AAAA,MAC1B;AAAA,MACA,KAAK,sCAAsC;AAAA,QACzC,WAAW;AAAA,QACX,MAAM;AAAA,QACN;AAAA,MACF,CAAC;AAAA,MACD,MAAM;AAAA,MACN,mBAAmB,CAACA,aAClB,eAAeA,UAAS;AAAA,QACtB;AAAA,UACE,aAAa;AAAA,UACb,OAAO,CAAC,EAAE,MAAM,OAAO,CAAC;AAAA,QAC1B;AAAA,MACF,CAAC;AAAA,IACL;AAEA,WAAO;AAAA,EACT;AAEA,SAAO;AACT;AAGO,SAAS,UAAU,SAA6C;AACrE,WAAS,YAAY,EAAE,KAAK,GAAQ;AAClC,UAAM,iBAAiB,eAAe,SAAS;AAAA,MAC7C,EAAE,aAAa,8BAA8B,OAAO,CAAC,EAAE,MAAM,OAAO,CAAC,EAAE;AAAA,IACzE,CAAC;AACD,UAAM,WAAW;AAAA,MACf,YAAY;AAAA,MACZ,QAAQ;AAAA,MACR,WAAW;AAAA,MACX,aAAa;AAAA,MACb,kBAAkB;AAAA,QAChB,wBAAwB;AAAA,MAC1B;AAAA,MACA,KAAK,sCAAsC;AAAA,QACzC,WAAW;AAAA,QACX,MAAM;AAAA,QACN;AAAA,MACF,CAAC;AAAA,MACD,MAAM;AAAA,IACR;AAEA,WAAO;AAAA,EACT;AAEA,SAAO;AACT;;;ACHO,IAAK,cAAL,kBAAKC,iBAAL;AAEL,EAAAA,aAAA,aAAU;AAEV,EAAAA,aAAA,UAAO;AAEP,EAAAA,aAAA,aAAU;AAEV,EAAAA,aAAA,YAAS;AAET,EAAAA,aAAA,SAAM;AAVI,SAAAA;AAAA,GAAA;;;AC9KL,SAASC,SAOd;AACA,QAAM,UAAU,CAAC;AAEjB,QAAM,oBACqC,MAAM,OAAO;AAExD,QAAM,SAAS,CAAC,YAAyB;AACvC,UAAM,EAAE,IAAI,IAAI,kBAAkB,OAAO;AACzC,WAAO;AAAA,EACT;AAEA,SAAO;AAAA,IACL;AAAA,IACA,YAAY;AAAA,IACZ,MAAM;AAAA,IACN,YAAY,CAAC;AAAA,IACb,eAAe;AAAA,IACf,uBAAuB;AAAA,IACvB,gBAAgB;AAAA,IAChB,wBAAwB;AAAA,EAC1B;AACF;AAEO,SAASC,aAOd;AACA,QAAM,UAAU,CAAC;AAEjB,QAAM,oBACqC,UAAU,OAAO;AAE5D,QAAM,SAAS,CAAC,YAAyB;AACvC,UAAM,EAAE,IAAI,IAAI,kBAAkB,OAAO;AACzC,WAAO;AAAA,EACT;AAEA,SAAO;AAAA,IACL;AAAA,IACA,YAAY;AAAA,IACZ,MAAM;AAAA,IACN,YAAY,CAAC;AAAA,IACb,eAAe;AAAA,IACf,uBAAuB;AAAA,IACvB,gBAAgB;AAAA,IAChB,wBAAwB;AAAA,EAC1B;AACF;","names":["payload","SubjectType","token","tokenInfo"]}