{"version":3,"file":"otpauth.node.min.mjs","sources":["../src/internal/encoding/uint.js","../src/internal/global-scope.js","../src/internal/crypto/hmac-digest.js","../src/internal/encoding/base32.js","../src/internal/encoding/hex.js","../src/internal/encoding/latin1.js","../src/internal/encoding/utf8.js","../src/secret.js","../src/internal/crypto/random-bytes.js","../src/hotp.js","../src/internal/crypto/timing-safe-equal.js","../src/totp.js","../src/uri.js","../src/version.js"],"sourcesContent":["/**\n * Converts an integer to an Uint8Array.\n * @param {number} num Integer.\n * @returns {Uint8Array} Uint8Array.\n */\nconst uintDecode = (num) => {\n const buf = new ArrayBuffer(8);\n const arr = new Uint8Array(buf);\n let acc = num;\n\n for (let i = 7; i >= 0; i--) {\n if (acc === 0) break;\n arr[i] = acc & 255;\n acc -= arr[i];\n acc /= 256;\n }\n\n return arr;\n};\n\n/**\n * Converts an Uint8Array to an integer.\n * @param {Uint8Array} arr Uint8Array.\n * @returns {number} Integer.\n */\nconst uintEncode = (arr) => {\n let num = 0;\n\n for (let i = 0; i < arr.length; i++) {\n num *= 256;\n num += arr[i];\n }\n\n return num;\n};\n\nexport { uintDecode, uintEncode };\n","/**\n * \"globalThis\" ponyfill.\n * @see [A horrifying globalThis polyfill in universal JavaScript](https://mathiasbynens.be/notes/globalthis)\n * @type {Object.}\n */\nconst globalScope = (() => {\n if (typeof globalThis === \"object\") return globalThis;\n else {\n Object.defineProperty(Object.prototype, \"__GLOBALTHIS__\", {\n get() {\n return this;\n },\n configurable: true,\n });\n try {\n // @ts-expect-error\n // eslint-disable-next-line no-undef\n if (typeof __GLOBALTHIS__ !== \"undefined\") return __GLOBALTHIS__;\n } finally {\n // @ts-expect-error\n delete Object.prototype.__GLOBALTHIS__;\n }\n }\n\n // Still unable to determine \"globalThis\", fall back to a naive method.\n if (typeof self !== \"undefined\") return self;\n else if (typeof window !== \"undefined\") return window;\n else if (typeof global !== \"undefined\") return global;\n\n return undefined;\n})();\n\nexport { globalScope };\n","import * as crypto from \"node:crypto\";\nimport { hmac } from \"@noble/hashes/hmac.js\";\nimport { sha1 } from \"@noble/hashes/legacy.js\";\nimport { sha224, sha256, sha384, sha512 } from \"@noble/hashes/sha2.js\";\nimport { sha3_224, sha3_256, sha3_384, sha3_512 } from \"@noble/hashes/sha3.js\";\nimport { globalScope } from \"../global-scope.js\";\n\n/**\n * @noble/hashes hash functions.\n * @type {Object.}\n */\nconst nobleHashes = {\n SHA1: sha1,\n SHA224: sha224,\n SHA256: sha256,\n SHA384: sha384,\n SHA512: sha512,\n \"SHA3-224\": sha3_224,\n \"SHA3-256\": sha3_256,\n \"SHA3-384\": sha3_384,\n \"SHA3-512\": sha3_512,\n};\n\n/**\n * Canonicalizes a hash algorithm name.\n * @param {string} algorithm Hash algorithm name.\n * @returns {\"SHA1\"|\"SHA224\"|\"SHA256\"|\"SHA384\"|\"SHA512\"|\"SHA3-224\"|\"SHA3-256\"|\"SHA3-384\"|\"SHA3-512\"} Canonicalized hash algorithm name.\n */\nconst canonicalizeAlgorithm = (algorithm) => {\n switch (true) {\n case /^(?:SHA-?1|SSL3-SHA1)$/i.test(algorithm):\n return \"SHA1\";\n case /^SHA(?:2?-)?224$/i.test(algorithm):\n return \"SHA224\";\n case /^SHA(?:2?-)?256$/i.test(algorithm):\n return \"SHA256\";\n case /^SHA(?:2?-)?384$/i.test(algorithm):\n return \"SHA384\";\n case /^SHA(?:2?-)?512$/i.test(algorithm):\n return \"SHA512\";\n case /^SHA3-224$/i.test(algorithm):\n return \"SHA3-224\";\n case /^SHA3-256$/i.test(algorithm):\n return \"SHA3-256\";\n case /^SHA3-384$/i.test(algorithm):\n return \"SHA3-384\";\n case /^SHA3-512$/i.test(algorithm):\n return \"SHA3-512\";\n default:\n throw new TypeError(`Unknown hash algorithm: ${algorithm}`);\n }\n};\n\n/**\n * Calculates an HMAC digest.\n * @param {string} algorithm Algorithm.\n * @param {Uint8Array} key Key.\n * @param {Uint8Array} message Message.\n * @returns {Uint8Array} Digest.\n */\nconst hmacDigest = (algorithm, key, message) => {\n if (crypto?.createHmac) {\n const hmac = crypto.createHmac(algorithm, globalScope.Buffer.from(key));\n hmac.update(globalScope.Buffer.from(message));\n return hmac.digest();\n } else if (hmac) {\n const hash = nobleHashes[algorithm] ?? nobleHashes[canonicalizeAlgorithm(algorithm)];\n return hmac(hash, key, message);\n } else {\n throw new Error(\"Missing HMAC function\");\n }\n};\n\nexport { canonicalizeAlgorithm, hmacDigest };\n","/**\n * RFC 4648 base32 alphabet without pad.\n * @type {string}\n */\nconst ALPHABET = \"ABCDEFGHIJKLMNOPQRSTUVWXYZ234567\";\n\n/**\n * Converts a base32 string to an Uint8Array (RFC 4648).\n * @see [LinusU/base32-decode](https://github.com/LinusU/base32-decode)\n * @param {string} str Base32 string.\n * @returns {Uint8Array} Uint8Array.\n */\nconst base32Decode = (str) => {\n // Remove spaces (although they are not allowed by the spec, some issuers add them for readability).\n str = str.replace(/ /g, \"\");\n\n // Canonicalize to all upper case and remove padding if it exists.\n let end = str.length;\n while (str[end - 1] === \"=\") --end;\n str = (end < str.length ? str.substring(0, end) : str).toUpperCase();\n\n const buf = new ArrayBuffer(((str.length * 5) / 8) | 0);\n const arr = new Uint8Array(buf);\n let bits = 0;\n let value = 0;\n let index = 0;\n\n for (let i = 0; i < str.length; i++) {\n const idx = ALPHABET.indexOf(str[i]);\n if (idx === -1) throw new TypeError(`Invalid character found: ${str[i]}`);\n\n value = (value << 5) | idx;\n bits += 5;\n\n if (bits >= 8) {\n bits -= 8;\n arr[index++] = value >>> bits;\n }\n }\n\n return arr;\n};\n\n/**\n * Converts an Uint8Array to a base32 string (RFC 4648).\n * @see [LinusU/base32-encode](https://github.com/LinusU/base32-encode)\n * @param {Uint8Array} arr Uint8Array.\n * @returns {string} Base32 string.\n */\nconst base32Encode = (arr) => {\n let bits = 0;\n let value = 0;\n let str = \"\";\n\n for (let i = 0; i < arr.length; i++) {\n value = (value << 8) | arr[i];\n bits += 8;\n\n while (bits >= 5) {\n str += ALPHABET[(value >>> (bits - 5)) & 31];\n bits -= 5;\n }\n }\n\n if (bits > 0) {\n str += ALPHABET[(value << (5 - bits)) & 31];\n }\n\n return str;\n};\n\nexport { base32Decode, base32Encode };\n","/**\n * Converts a hexadecimal string to an Uint8Array.\n * @param {string} str Hexadecimal string.\n * @returns {Uint8Array} Uint8Array.\n */\nconst hexDecode = (str) => {\n // Remove spaces (although they are not allowed by the spec, some issuers add them for readability).\n str = str.replace(/ /g, \"\");\n\n const buf = new ArrayBuffer(str.length / 2);\n const arr = new Uint8Array(buf);\n\n for (let i = 0; i < str.length; i += 2) {\n arr[i / 2] = parseInt(str.substring(i, i + 2), 16);\n }\n\n return arr;\n};\n\n/**\n * Converts an Uint8Array to a hexadecimal string.\n * @param {Uint8Array} arr Uint8Array.\n * @returns {string} Hexadecimal string.\n */\nconst hexEncode = (arr) => {\n let str = \"\";\n\n for (let i = 0; i < arr.length; i++) {\n const hex = arr[i].toString(16);\n if (hex.length === 1) str += \"0\";\n str += hex;\n }\n\n return str.toUpperCase();\n};\n\nexport { hexDecode, hexEncode };\n","/**\n * Converts a Latin-1 string to an Uint8Array.\n * @param {string} str Latin-1 string.\n * @returns {Uint8Array} Uint8Array.\n */\nconst latin1Decode = (str) => {\n const buf = new ArrayBuffer(str.length);\n const arr = new Uint8Array(buf);\n\n for (let i = 0; i < str.length; i++) {\n arr[i] = str.charCodeAt(i) & 0xff;\n }\n\n return arr;\n};\n\n/**\n * Converts an Uint8Array to a Latin-1 string.\n * @param {Uint8Array} arr Uint8Array.\n * @returns {string} Latin-1 string.\n */\nconst latin1Encode = (arr) => {\n let str = \"\";\n\n for (let i = 0; i < arr.length; i++) {\n str += String.fromCharCode(arr[i]);\n }\n\n return str;\n};\n\nexport { latin1Decode, latin1Encode };\n","import { globalScope } from \"../global-scope.js\";\n\n/**\n * TextEncoder instance.\n * @type {TextEncoder|null}\n */\nconst ENCODER = globalScope.TextEncoder ? new globalScope.TextEncoder() : null;\n\n/**\n * TextDecoder instance.\n * @type {TextDecoder|null}\n */\nconst DECODER = globalScope.TextDecoder ? new globalScope.TextDecoder() : null;\n\n/**\n * Converts an UTF-8 string to an Uint8Array.\n * @param {string} str String.\n * @returns {Uint8Array} Uint8Array.\n */\nconst utf8Decode = (str) => {\n if (!ENCODER) {\n throw new Error(\"Encoding API not available\");\n }\n\n return ENCODER.encode(str);\n};\n\n/**\n * Converts an Uint8Array to an UTF-8 string.\n * @param {Uint8Array} arr Uint8Array.\n * @returns {string} String.\n */\nconst utf8Encode = (arr) => {\n if (!DECODER) {\n throw new Error(\"Encoding API not available\");\n }\n\n return DECODER.decode(arr);\n};\n\nexport { utf8Decode, utf8Encode };\n","import { base32Decode, base32Encode } from \"./internal/encoding/base32.js\";\nimport { hexDecode, hexEncode } from \"./internal/encoding/hex.js\";\nimport { latin1Decode, latin1Encode } from \"./internal/encoding/latin1.js\";\nimport { utf8Decode, utf8Encode } from \"./internal/encoding/utf8.js\";\nimport { randomBytes } from \"./internal/crypto/random-bytes.js\";\n\n/**\n * OTP secret key.\n */\nclass Secret {\n /**\n * Creates a secret key object.\n * @param {Object} [config] Configuration options.\n * @param {ArrayBufferLike} [config.buffer] Secret key buffer.\n * @param {number} [config.size=20] Number of random bytes to generate, ignored if 'buffer' is provided.\n */\n constructor({ buffer, size = 20 } = {}) {\n /**\n * Secret key.\n * @type {Uint8Array}\n * @readonly\n */\n this.bytes = typeof buffer === \"undefined\" ? randomBytes(size) : new Uint8Array(buffer);\n\n // Prevent the \"bytes\" property from being modified.\n Object.defineProperty(this, \"bytes\", {\n enumerable: true,\n writable: false,\n configurable: false,\n value: this.bytes,\n });\n }\n\n /**\n * Converts a Latin-1 string to a Secret object.\n * @param {string} str Latin-1 string.\n * @returns {Secret} Secret object.\n */\n static fromLatin1(str) {\n return new Secret({ buffer: latin1Decode(str).buffer });\n }\n\n /**\n * Converts an UTF-8 string to a Secret object.\n * @param {string} str UTF-8 string.\n * @returns {Secret} Secret object.\n */\n static fromUTF8(str) {\n return new Secret({ buffer: utf8Decode(str).buffer });\n }\n\n /**\n * Converts a base32 string to a Secret object.\n * @param {string} str Base32 string.\n * @returns {Secret} Secret object.\n */\n static fromBase32(str) {\n return new Secret({ buffer: base32Decode(str).buffer });\n }\n\n /**\n * Converts a hexadecimal string to a Secret object.\n * @param {string} str Hexadecimal string.\n * @returns {Secret} Secret object.\n */\n static fromHex(str) {\n return new Secret({ buffer: hexDecode(str).buffer });\n }\n\n /**\n * Secret key buffer.\n * @deprecated For backward compatibility, the \"bytes\" property should be used instead.\n * @type {ArrayBufferLike}\n */\n get buffer() {\n return this.bytes.buffer;\n }\n\n /**\n * Latin-1 string representation of secret key.\n * @type {string}\n */\n get latin1() {\n Object.defineProperty(this, \"latin1\", {\n enumerable: true,\n writable: false,\n configurable: false,\n value: latin1Encode(this.bytes),\n });\n\n return this.latin1;\n }\n\n /**\n * UTF-8 string representation of secret key.\n * @type {string}\n */\n get utf8() {\n Object.defineProperty(this, \"utf8\", {\n enumerable: true,\n writable: false,\n configurable: false,\n value: utf8Encode(this.bytes),\n });\n\n return this.utf8;\n }\n\n /**\n * Base32 string representation of secret key.\n * @type {string}\n */\n get base32() {\n Object.defineProperty(this, \"base32\", {\n enumerable: true,\n writable: false,\n configurable: false,\n value: base32Encode(this.bytes),\n });\n\n return this.base32;\n }\n\n /**\n * Hexadecimal string representation of secret key.\n * @type {string}\n */\n get hex() {\n Object.defineProperty(this, \"hex\", {\n enumerable: true,\n writable: false,\n configurable: false,\n value: hexEncode(this.bytes),\n });\n\n return this.hex;\n }\n}\n\nexport { Secret };\n","import * as crypto from \"node:crypto\";\n\nimport { globalScope } from \"../global-scope.js\";\n\n/**\n * Returns random bytes.\n * @param {number} size Size.\n * @returns {Uint8Array} Random bytes.\n */\nconst randomBytes = (size) => {\n if (crypto?.randomBytes) {\n return crypto.randomBytes(size);\n } else if (globalScope.crypto?.getRandomValues) {\n return globalScope.crypto.getRandomValues(new Uint8Array(size));\n } else {\n throw new Error(\"Cryptography API not available\");\n }\n};\n\nexport { randomBytes };\n","import { uintDecode } from \"./internal/encoding/uint.js\";\nimport { canonicalizeAlgorithm, hmacDigest } from \"./internal/crypto/hmac-digest.js\";\nimport { Secret } from \"./secret.js\";\nimport { timingSafeEqual } from \"./internal/crypto/timing-safe-equal.js\";\n\n/**\n * HOTP: An HMAC-based One-time Password Algorithm.\n * @see [RFC 4226](https://datatracker.ietf.org/doc/html/rfc4226)\n */\nclass HOTP {\n /**\n * Default configuration.\n * @type {{\n * issuer: string,\n * label: string,\n * issuerInLabel: boolean,\n * algorithm: string,\n * digits: number,\n * counter: number\n * window: number\n * }}\n */\n static get defaults() {\n return {\n issuer: \"\",\n label: \"OTPAuth\",\n issuerInLabel: true,\n algorithm: \"SHA1\",\n digits: 6,\n counter: 0,\n window: 1,\n };\n }\n\n /**\n * Creates an HOTP object.\n * @param {Object} [config] Configuration options.\n * @param {string} [config.issuer=''] Account provider.\n * @param {string} [config.label='OTPAuth'] Account label.\n * @param {boolean} [config.issuerInLabel=true] Include issuer prefix in label.\n * @param {Secret|string} [config.secret=Secret] Secret key.\n * @param {string} [config.algorithm='SHA1'] HMAC hashing algorithm.\n * @param {number} [config.digits=6] Token length.\n * @param {number} [config.counter=0] Initial counter value.\n * @param {(algorithm: string, key: Uint8Array, message: Uint8Array) => Uint8Array} [config.hmac] Custom HMAC function.\n */\n constructor({\n issuer = HOTP.defaults.issuer,\n label = HOTP.defaults.label,\n issuerInLabel = HOTP.defaults.issuerInLabel,\n secret = new Secret(),\n algorithm = HOTP.defaults.algorithm,\n digits = HOTP.defaults.digits,\n counter = HOTP.defaults.counter,\n hmac,\n } = {}) {\n /**\n * Account provider.\n * @type {string}\n */\n this.issuer = issuer;\n /**\n * Account label.\n * @type {string}\n */\n this.label = label;\n /**\n * Include issuer prefix in label.\n * @type {boolean}\n */\n this.issuerInLabel = issuerInLabel;\n /**\n * Secret key.\n * @type {Secret}\n */\n this.secret = typeof secret === \"string\" ? Secret.fromBase32(secret) : secret;\n /**\n * HMAC hashing algorithm.\n * @type {string}\n */\n this.algorithm = hmac ? algorithm : canonicalizeAlgorithm(algorithm);\n /**\n * Token length.\n * @type {number}\n */\n this.digits = digits;\n /**\n * Initial counter value.\n * @type {number}\n */\n this.counter = counter;\n /**\n * Custom HMAC function.\n * @type {((algorithm: string, key: Uint8Array, message: Uint8Array) => Uint8Array)|undefined}\n */\n this.hmac = hmac;\n }\n\n /**\n * Generates an HOTP token.\n * @param {Object} config Configuration options.\n * @param {Secret} config.secret Secret key.\n * @param {string} [config.algorithm='SHA1'] HMAC hashing algorithm.\n * @param {number} [config.digits=6] Token length.\n * @param {number} [config.counter=0] Counter value.\n * @param {(algorithm: string, key: Uint8Array, message: Uint8Array) => Uint8Array} [config.hmac] Custom HMAC function.\n * @returns {string} Token.\n */\n static generate({\n secret,\n algorithm = HOTP.defaults.algorithm,\n digits = HOTP.defaults.digits,\n counter = HOTP.defaults.counter,\n hmac = hmacDigest,\n }) {\n const message = uintDecode(counter);\n const digest = hmac(algorithm, secret.bytes, message);\n if (!digest?.byteLength || digest.byteLength < 19) {\n throw new TypeError(\"Return value must be at least 19 bytes\");\n }\n const offset = digest[digest.byteLength - 1] & 15;\n const otp =\n (((digest[offset] & 127) << 24) |\n ((digest[offset + 1] & 255) << 16) |\n ((digest[offset + 2] & 255) << 8) |\n (digest[offset + 3] & 255)) %\n 10 ** digits;\n\n return otp.toString().padStart(digits, \"0\");\n }\n\n /**\n * Generates an HOTP token.\n * @param {Object} [config] Configuration options.\n * @param {number} [config.counter=this.counter++] Counter value.\n * @returns {string} Token.\n */\n generate({ counter = this.counter++ } = {}) {\n return HOTP.generate({\n secret: this.secret,\n algorithm: this.algorithm,\n digits: this.digits,\n counter,\n hmac: this.hmac,\n });\n }\n\n /**\n * Validates an HOTP token.\n * @param {Object} config Configuration options.\n * @param {string} config.token Token value.\n * @param {Secret} config.secret Secret key.\n * @param {string} [config.algorithm='SHA1'] HMAC hashing algorithm.\n * @param {number} [config.digits=6] Token length.\n * @param {number} [config.counter=0] Counter value.\n * @param {number} [config.window=1] Window of counter values to test.\n * @param {(algorithm: string, key: Uint8Array, message: Uint8Array) => Uint8Array} [config.hmac] Custom HMAC function.\n * @returns {number|null} Token delta or null if it is not found in the search window, in which case it should be considered invalid.\n */\n static validate({\n token,\n secret,\n algorithm,\n digits = HOTP.defaults.digits,\n counter = HOTP.defaults.counter,\n window = HOTP.defaults.window,\n hmac = hmacDigest,\n }) {\n // Return early if the token length does not match the digit number.\n if (token.length !== digits) return null;\n\n let delta = null;\n\n const check = (/** @type {number} */ i) => {\n const generatedToken = HOTP.generate({\n secret,\n algorithm,\n digits,\n counter: i,\n hmac,\n });\n if (timingSafeEqual(token, generatedToken)) {\n delta = i - counter;\n }\n };\n\n check(counter);\n for (let i = 1; i <= window && delta === null; ++i) {\n check(counter - i);\n if (delta !== null) break;\n check(counter + i);\n if (delta !== null) break;\n }\n\n return delta;\n }\n\n /**\n * Validates an HOTP token.\n * @param {Object} config Configuration options.\n * @param {string} config.token Token value.\n * @param {number} [config.counter=this.counter] Counter value.\n * @param {number} [config.window=1] Window of counter values to test.\n * @returns {number|null} Token delta or null if it is not found in the search window, in which case it should be considered invalid.\n */\n validate({ token, counter = this.counter, window }) {\n return HOTP.validate({\n token,\n secret: this.secret,\n algorithm: this.algorithm,\n digits: this.digits,\n counter,\n window,\n hmac: this.hmac,\n });\n }\n\n /**\n * Returns a Google Authenticator key URI.\n * @returns {string} URI.\n */\n toString() {\n const e = encodeURIComponent;\n return (\n \"otpauth://hotp/\" +\n `${\n this.issuer.length > 0\n ? this.issuerInLabel\n ? `${e(this.issuer)}:${e(this.label)}?issuer=${e(this.issuer)}&`\n : `${e(this.label)}?issuer=${e(this.issuer)}&`\n : `${e(this.label)}?`\n }` +\n `secret=${e(this.secret.base32)}&` +\n `algorithm=${e(this.algorithm)}&` +\n `digits=${e(this.digits)}&` +\n `counter=${e(this.counter)}`\n );\n }\n}\n\nexport { HOTP };\n","import * as crypto from \"node:crypto\";\n\nimport { globalScope } from \"../global-scope.js\";\n\n/**\n * Returns true if a is equal to b, without leaking timing information that would allow an attacker to guess one of the values.\n * @param {string} a String a.\n * @param {string} b String b.\n * @returns {boolean} Equality result.\n */\nconst timingSafeEqual = (a, b) => {\n if (crypto?.timingSafeEqual) {\n return crypto.timingSafeEqual(globalScope.Buffer.from(a), globalScope.Buffer.from(b));\n } else {\n if (a.length !== b.length) {\n throw new TypeError(\"Input strings must have the same length\");\n }\n let i = -1;\n let out = 0;\n while (++i < a.length) {\n out |= a.charCodeAt(i) ^ b.charCodeAt(i);\n }\n return out === 0;\n }\n};\n\nexport { timingSafeEqual };\n","import { canonicalizeAlgorithm } from \"./internal/crypto/hmac-digest.js\";\nimport { HOTP } from \"./hotp.js\";\nimport { Secret } from \"./secret.js\";\n\n/**\n * TOTP: Time-Based One-Time Password Algorithm.\n * @see [RFC 6238](https://datatracker.ietf.org/doc/html/rfc6238)\n */\nclass TOTP {\n /**\n * Default configuration.\n * @type {{\n * issuer: string,\n * label: string,\n * issuerInLabel: boolean,\n * algorithm: string,\n * digits: number,\n * period: number\n * window: number\n * }}\n */\n static get defaults() {\n return {\n issuer: \"\",\n label: \"OTPAuth\",\n issuerInLabel: true,\n algorithm: \"SHA1\",\n digits: 6,\n period: 30,\n window: 1,\n };\n }\n\n /**\n * Creates a TOTP object.\n * @param {Object} [config] Configuration options.\n * @param {string} [config.issuer=''] Account provider.\n * @param {string} [config.label='OTPAuth'] Account label.\n * @param {boolean} [config.issuerInLabel=true] Include issuer prefix in label.\n * @param {Secret|string} [config.secret=Secret] Secret key.\n * @param {string} [config.algorithm='SHA1'] HMAC hashing algorithm.\n * @param {number} [config.digits=6] Token length.\n * @param {number} [config.period=30] Token time-step duration.\n * @param {(algorithm: string, key: Uint8Array, message: Uint8Array) => Uint8Array} [config.hmac] Custom HMAC function.\n */\n constructor({\n issuer = TOTP.defaults.issuer,\n label = TOTP.defaults.label,\n issuerInLabel = TOTP.defaults.issuerInLabel,\n secret = new Secret(),\n algorithm = TOTP.defaults.algorithm,\n digits = TOTP.defaults.digits,\n period = TOTP.defaults.period,\n hmac,\n } = {}) {\n /**\n * Account provider.\n * @type {string}\n */\n this.issuer = issuer;\n /**\n * Account label.\n * @type {string}\n */\n this.label = label;\n /**\n * Include issuer prefix in label.\n * @type {boolean}\n */\n this.issuerInLabel = issuerInLabel;\n /**\n * Secret key.\n * @type {Secret}\n */\n this.secret = typeof secret === \"string\" ? Secret.fromBase32(secret) : secret;\n /**\n * HMAC hashing algorithm.\n * @type {string}\n */\n this.algorithm = hmac ? algorithm : canonicalizeAlgorithm(algorithm);\n /**\n * Token length.\n * @type {number}\n */\n this.digits = digits;\n /**\n * Token time-step duration.\n * @type {number}\n */\n this.period = period;\n /**\n * Custom HMAC function.\n * @type {((algorithm: string, key: Uint8Array, message: Uint8Array) => Uint8Array)|undefined}\n */\n this.hmac = hmac;\n }\n\n /**\n * Calculates the counter. i.e. the number of periods since timestamp 0.\n * @param {Object} [config] Configuration options.\n * @param {number} [config.period=30] Token time-step duration.\n * @param {number} [config.timestamp=Date.now] Timestamp value in milliseconds.\n * @returns {number} Counter.\n */\n static counter({ period = TOTP.defaults.period, timestamp = Date.now() } = {}) {\n return Math.floor(timestamp / 1000 / period);\n }\n\n /**\n * Calculates the counter. i.e. the number of periods since timestamp 0.\n * @param {Object} [config] Configuration options.\n * @param {number} [config.timestamp=Date.now] Timestamp value in milliseconds.\n * @returns {number} Counter.\n */\n counter({ timestamp = Date.now() } = {}) {\n return TOTP.counter({\n period: this.period,\n timestamp,\n });\n }\n\n /**\n * Calculates the remaining time in milliseconds until the next token is generated.\n * @param {Object} [config] Configuration options.\n * @param {number} [config.period=30] Token time-step duration.\n * @param {number} [config.timestamp=Date.now] Timestamp value in milliseconds.\n * @returns {number} counter.\n */\n static remaining({ period = TOTP.defaults.period, timestamp = Date.now() } = {}) {\n return period * 1000 - (timestamp % (period * 1000));\n }\n\n /**\n * Calculates the remaining time in milliseconds until the next token is generated.\n * @param {Object} [config] Configuration options.\n * @param {number} [config.timestamp=Date.now] Timestamp value in milliseconds.\n * @returns {number} counter.\n */\n remaining({ timestamp = Date.now() } = {}) {\n return TOTP.remaining({\n period: this.period,\n timestamp,\n });\n }\n\n /**\n * Generates a TOTP token.\n * @param {Object} config Configuration options.\n * @param {Secret} config.secret Secret key.\n * @param {string} [config.algorithm='SHA1'] HMAC hashing algorithm.\n * @param {number} [config.digits=6] Token length.\n * @param {number} [config.period=30] Token time-step duration.\n * @param {number} [config.timestamp=Date.now] Timestamp value in milliseconds.\n * @param {(algorithm: string, key: Uint8Array, message: Uint8Array) => Uint8Array} [config.hmac] Custom HMAC function.\n * @returns {string} Token.\n */\n static generate({ secret, algorithm, digits, period = TOTP.defaults.period, timestamp = Date.now(), hmac }) {\n return HOTP.generate({\n secret,\n algorithm,\n digits,\n counter: TOTP.counter({ period, timestamp }),\n hmac,\n });\n }\n\n /**\n * Generates a TOTP token.\n * @param {Object} [config] Configuration options.\n * @param {number} [config.timestamp=Date.now] Timestamp value in milliseconds.\n * @returns {string} Token.\n */\n generate({ timestamp = Date.now() } = {}) {\n return TOTP.generate({\n secret: this.secret,\n algorithm: this.algorithm,\n digits: this.digits,\n period: this.period,\n timestamp,\n hmac: this.hmac,\n });\n }\n\n /**\n * Validates a TOTP token.\n * @param {Object} config Configuration options.\n * @param {string} config.token Token value.\n * @param {Secret} config.secret Secret key.\n * @param {string} [config.algorithm='SHA1'] HMAC hashing algorithm.\n * @param {number} [config.digits=6] Token length.\n * @param {number} [config.period=30] Token time-step duration.\n * @param {number} [config.timestamp=Date.now] Timestamp value in milliseconds.\n * @param {number} [config.window=1] Window of counter values to test.\n * @param {(algorithm: string, key: Uint8Array, message: Uint8Array) => Uint8Array} [config.hmac] Custom HMAC function.\n * @returns {number|null} Token delta or null if it is not found in the search window, in which case it should be considered invalid.\n */\n static validate({\n token,\n secret,\n algorithm,\n digits,\n period = TOTP.defaults.period,\n timestamp = Date.now(),\n window,\n hmac,\n }) {\n return HOTP.validate({\n token,\n secret,\n algorithm,\n digits,\n counter: TOTP.counter({ period, timestamp }),\n window,\n hmac,\n });\n }\n\n /**\n * Validates a TOTP token.\n * @param {Object} config Configuration options.\n * @param {string} config.token Token value.\n * @param {number} [config.timestamp=Date.now] Timestamp value in milliseconds.\n * @param {number} [config.window=1] Window of counter values to test.\n * @returns {number|null} Token delta or null if it is not found in the search window, in which case it should be considered invalid.\n */\n validate({ token, timestamp, window }) {\n return TOTP.validate({\n token,\n secret: this.secret,\n algorithm: this.algorithm,\n digits: this.digits,\n period: this.period,\n timestamp,\n window,\n hmac: this.hmac,\n });\n }\n\n /**\n * Returns a Google Authenticator key URI.\n * @returns {string} URI.\n */\n toString() {\n const e = encodeURIComponent;\n return (\n \"otpauth://totp/\" +\n `${\n this.issuer.length > 0\n ? this.issuerInLabel\n ? `${e(this.issuer)}:${e(this.label)}?issuer=${e(this.issuer)}&`\n : `${e(this.label)}?issuer=${e(this.issuer)}&`\n : `${e(this.label)}?`\n }` +\n `secret=${e(this.secret.base32)}&` +\n `algorithm=${e(this.algorithm)}&` +\n `digits=${e(this.digits)}&` +\n `period=${e(this.period)}`\n );\n }\n}\n\nexport { TOTP };\n","import { HOTP } from \"./hotp.js\";\nimport { TOTP } from \"./totp.js\";\n\n/**\n * Key URI regex (otpauth://TYPE/[ISSUER:]LABEL?PARAMETERS).\n * @type {RegExp}\n */\nconst OTPURI_REGEX = /^otpauth:\\/\\/([ht]otp)\\/(.+)\\?([A-Z0-9.~_-]+=[^?&]*(?:&[A-Z0-9.~_-]+=[^?&]*)*)$/i;\n\n/**\n * RFC 4648 base32 alphabet with pad.\n * @type {RegExp}\n */\nconst SECRET_REGEX = /^[2-7A-Z]+=*$/i;\n\n/**\n * Regex for supported algorithms in built-in HMAC function.\n * @type {RegExp}\n */\nconst ALGORITHM_REGEX = /^SHA(?:1|224|256|384|512|3-224|3-256|3-384|3-512)$/i;\n\n/**\n * Regex for custom algorithms in user-defined HMAC function.\n * @type {RegExp}\n */\nconst ALGORITHM_CUSTOM_REGEX = /^[A-Z0-9]+(?:[_-][A-Z0-9]+)*$/i;\n\n/**\n * Integer regex.\n * @type {RegExp}\n */\nconst INTEGER_REGEX = /^[+-]?\\d+$/;\n\n/**\n * Positive integer regex.\n * @type {RegExp}\n */\nconst POSITIVE_INTEGER_REGEX = /^\\+?[1-9]\\d*$/;\n\n/**\n * HOTP/TOTP object/string conversion.\n * @see [Key URI Format](https://github.com/google/google-authenticator/wiki/Key-Uri-Format)\n */\nclass URI {\n /**\n * Parses a Google Authenticator key URI and returns an HOTP/TOTP object.\n * @param {string} uri Google Authenticator Key URI.\n * @param {Object} [config] Configuration options.\n * @param {(algorithm: string, key: Uint8Array, message: Uint8Array) => Uint8Array} [config.hmac] Custom HMAC function.\n * @returns {HOTP|TOTP} HOTP/TOTP object.\n */\n static parse(uri, { hmac } = {}) {\n let uriGroups;\n\n try {\n uriGroups = uri.match(OTPURI_REGEX);\n // eslint-disable-next-line no-unused-vars\n } catch (_) {\n /* Handled below */\n }\n\n if (!Array.isArray(uriGroups)) {\n throw new URIError(\"Invalid URI format\");\n }\n\n // Extract URI groups.\n const uriType = uriGroups[1].toLowerCase();\n const uriLabel = uriGroups[2].split(/(?::|%3A) *(.+)/i, 2).map(decodeURIComponent);\n /** @type {Object.} */\n const uriParams = uriGroups[3].split(\"&\").reduce((acc, cur) => {\n const pairArr = cur.split(/=(.*)/, 2).map(decodeURIComponent);\n const pairKey = pairArr[0].toLowerCase();\n const pairVal = pairArr[1];\n /** @type {Object.} */\n const pairAcc = acc;\n\n pairAcc[pairKey] = pairVal;\n return pairAcc;\n }, {});\n\n // 'OTP' will be instantiated with 'config' argument.\n let OTP;\n const config = {};\n\n if (uriType === \"hotp\") {\n OTP = HOTP;\n\n // Counter: required\n if (typeof uriParams.counter !== \"undefined\" && INTEGER_REGEX.test(uriParams.counter)) {\n config.counter = parseInt(uriParams.counter, 10);\n } else {\n throw new TypeError(\"Missing or invalid 'counter' parameter\");\n }\n } else if (uriType === \"totp\") {\n OTP = TOTP;\n\n // Period: optional\n if (typeof uriParams.period !== \"undefined\") {\n if (POSITIVE_INTEGER_REGEX.test(uriParams.period)) {\n config.period = parseInt(uriParams.period, 10);\n } else {\n throw new TypeError(\"Invalid 'period' parameter\");\n }\n }\n } else {\n throw new TypeError(\"Unknown OTP type\");\n }\n\n // Label: required\n // Issuer: optional\n if (typeof uriParams.issuer !== \"undefined\") {\n config.issuer = uriParams.issuer;\n }\n if (uriLabel.length === 2) {\n config.label = uriLabel[1];\n if (typeof config.issuer === \"undefined\" || config.issuer === \"\") {\n config.issuer = uriLabel[0];\n } else if (uriLabel[0] === \"\") {\n config.issuerInLabel = false;\n }\n } else {\n config.label = uriLabel[0];\n if (typeof config.issuer !== \"undefined\" && config.issuer !== \"\") {\n config.issuerInLabel = false;\n }\n }\n\n // Secret: required\n if (typeof uriParams.secret !== \"undefined\" && SECRET_REGEX.test(uriParams.secret)) {\n config.secret = uriParams.secret;\n } else {\n throw new TypeError(\"Missing or invalid 'secret' parameter\");\n }\n\n // Algorithm: optional\n if (typeof uriParams.algorithm !== \"undefined\") {\n if ((hmac ? ALGORITHM_CUSTOM_REGEX : ALGORITHM_REGEX).test(uriParams.algorithm)) {\n config.algorithm = uriParams.algorithm;\n } else {\n throw new TypeError(\"Invalid 'algorithm' parameter\");\n }\n }\n\n // Digits: optional\n if (typeof uriParams.digits !== \"undefined\") {\n if (POSITIVE_INTEGER_REGEX.test(uriParams.digits)) {\n config.digits = parseInt(uriParams.digits, 10);\n } else {\n throw new TypeError(\"Invalid 'digits' parameter\");\n }\n }\n\n // HMAC: optional\n if (typeof hmac !== \"undefined\") {\n config.hmac = hmac;\n }\n\n return new OTP(config);\n }\n\n /**\n * Converts an HOTP/TOTP object to a Google Authenticator key URI.\n * @param {HOTP|TOTP} otp HOTP/TOTP object.\n * @returns {string} Google Authenticator Key URI.\n */\n static stringify(otp) {\n if (otp instanceof HOTP || otp instanceof TOTP) {\n return otp.toString();\n }\n\n throw new TypeError(\"Invalid 'HOTP/TOTP' object\");\n }\n}\n\nexport { URI };\n","/**\n * Library version.\n * @type {string}\n */\nconst version = \"__OTPAUTH_VERSION__\";\n\nexport { version };\n"],"names":["globalScope","globalThis","Object","defineProperty","prototype","get","this","configurable","__GLOBALTHIS__","self","window","global","canonicalizeAlgorithm","algorithm","test","TypeError","hmacDigest","key","message","crypto","createHmac","hmac","Buffer","from","update","digest","Error","ALPHABET","base32Decode","str","end","replace","length","substring","toUpperCase","buf","ArrayBuffer","arr","Uint8Array","bits","value","index","i","idx","indexOf","base32Encode","hexDecode","parseInt","hexEncode","hex","toString","latin1Decode","charCodeAt","latin1Encode","String","fromCharCode","ENCODER","TextEncoder","DECODER","TextDecoder","utf8Decode","encode","utf8Encode","decode","Secret","fromLatin1","buffer","fromUTF8","fromBase32","fromHex","bytes","latin1","enumerable","writable","utf8","base32","constructor","size","randomBytes","getRandomValues","HOTP","defaults","issuer","label","issuerInLabel","digits","counter","generate","secret","num","acc","uintDecode","byteLength","offset","padStart","validate","token","delta","check","generatedToken","a","b","timingSafeEqual","out","e","encodeURIComponent","TOTP","period","timestamp","Date","now","Math","floor","remaining","OTPURI_REGEX","SECRET_REGEX","ALGORITHM_REGEX","ALGORITHM_CUSTOM_REGEX","INTEGER_REGEX","POSITIVE_INTEGER_REGEX","URI","parse","uri","uriGroups","match","_","Array","isArray","URIError","uriType","toLowerCase","uriLabel","split","map","decodeURIComponent","uriParams","reduce","cur","pairArr","pairKey","pairVal","pairAcc","OTP","config","stringify","otp","version"],"mappings":";;;8BAKA,MCAMA,EAAe,MACnB,GAA0B,iBAAfC,WAAyB,OAAOA,WAEzCC,OAAOC,eAAeD,OAAOE,UAAW,iBAAkB,CACxDC,GAAAA,GACE,OAAOC,IACT,EACAC,cAAc,IAEhB,IAGE,GAA8B,oBAAnBC,eAAgC,OAAOA,cACpD,CAAA,eAESN,OAAOE,UAAUI,cAC1B,CAIF,MAAoB,oBAATC,KAA6BA,KACb,oBAAXC,OAA+BA,OACpB,oBAAXC,OAA+BA,YAA1C,CAGP,EAzBqB,GCuBfC,EAAyBC,IAC7B,QAAQ,GACN,IAAK,0BAA0BC,KAAKD,GAClC,MAAO,OACT,IAAK,oBAAoBC,KAAKD,GAC5B,MAAO,SACT,IAAK,oBAAoBC,KAAKD,GAC5B,MAAO,SACT,IAAK,oBAAoBC,KAAKD,GAC5B,MAAO,SACT,IAAK,oBAAoBC,KAAKD,GAC5B,MAAO,SACT,IAAK,cAAcC,KAAKD,GACtB,MAAO,WACT,IAAK,cAAcC,KAAKD,GACtB,MAAO,WACT,IAAK,cAAcC,KAAKD,GACtB,MAAO,WACT,IAAK,cAAcC,KAAKD,GACtB,MAAO,WACT,QACE,MAAM,IAAIE,UAAU,2BAA2BF,OAW/CG,EAAa,CAACH,EAAWI,EAAKC,KAClC,GAAIC,GAAQC,WAAY,CACtB,MAAMC,EAAOF,EAAOC,WAAWP,EAAWb,EAAYsB,OAAOC,KAAKN,IAElE,OADAI,EAAKG,OAAOxB,EAAYsB,OAAOC,KAAKL,IAC7BG,EAAKI,QACd,CAIE,MAAM,IAAIC,MAAM,0BCjEdC,EAAW,mCAQXC,EAAgBC,IAKpB,IAAIC,GAHJD,EAAMA,EAAIE,QAAQ,KAAM,KAGVC,OACd,KAAwB,MAAjBH,EAAIC,EAAM,MAAcA,EAC/BD,GAAOC,EAAMD,EAAIG,OAASH,EAAII,UAAU,EAAGH,GAAOD,GAAKK,cAEvD,MAAMC,EAAM,IAAIC,YAA2B,EAAbP,EAAIG,OAAc,EAAK,GAC/CK,EAAM,IAAIC,WAAWH,GAC3B,IAAII,EAAO,EACPC,EAAQ,EACRC,EAAQ,EAEZ,IAAK,IAAIC,EAAI,EAAGA,EAAIb,EAAIG,OAAQU,IAAK,CACnC,MAAMC,EAAMhB,EAASiB,QAAQf,EAAIa,IACjC,QAAIC,EAAY,MAAM,IAAI5B,UAAU,4BAA4Bc,EAAIa,MAEpEF,EAASA,GAAS,EAAKG,EACvBJ,GAAQ,EAEJA,GAAQ,IACVA,GAAQ,EACRF,EAAII,KAAWD,IAAUD,EAE7B,CAEA,OAAOF,GASHQ,EAAgBR,IACpB,IAAIE,EAAO,EACPC,EAAQ,EACRX,EAAM,GAEV,IAAK,IAAIa,EAAI,EAAGA,EAAIL,EAAIL,OAAQU,IAI9B,IAHAF,EAAQA,GAAU,EAAKH,EAAIK,GAC3BH,GAAQ,EAEDA,GAAQ,GACbV,GAAOF,EAAUa,IAAWD,EAAO,EAAM,IACzCA,GAAQ,EAQZ,OAJIA,EAAO,IACTV,GAAOF,EAAUa,GAAU,EAAID,EAAS,KAGnCV,GC/DHiB,EAAajB,IAEjBA,EAAMA,EAAIE,QAAQ,KAAM,IAExB,MAAMI,EAAM,IAAIC,YAAYP,EAAIG,OAAS,GACnCK,EAAM,IAAIC,WAAWH,GAE3B,IAAK,IAAIO,EAAI,EAAGA,EAAIb,EAAIG,OAAQU,GAAK,EACnCL,EAAIK,EAAI,GAAKK,SAASlB,EAAII,UAAUS,EAAGA,EAAI,GAAI,IAGjD,OAAOL,GAQHW,EAAaX,IACjB,IAAIR,EAAM,GAEV,IAAK,IAAIa,EAAI,EAAGA,EAAIL,EAAIL,OAAQU,IAAK,CACnC,MAAMO,EAAMZ,EAAIK,GAAGQ,SAAS,IACT,IAAfD,EAAIjB,SAAcH,GAAO,KAC7BA,GAAOoB,CACT,CAEA,OAAOpB,EAAIK,eC5BPiB,EAAgBtB,IACpB,MAAMM,EAAM,IAAIC,YAAYP,EAAIG,QAC1BK,EAAM,IAAIC,WAAWH,GAE3B,IAAK,IAAIO,EAAI,EAAGA,EAAIb,EAAIG,OAAQU,IAC9BL,EAAIK,GAAyB,IAApBb,EAAIuB,WAAWV,GAG1B,OAAOL,GAQHgB,EAAgBhB,IACpB,IAAIR,EAAM;CAEV,IAAK,IAAIa,EAAI,EAAGA,EAAIL,EAAIL,OAAQU,IAC9Bb,GAAOyB,OAAOC,aAAalB,EAAIK,IAGjC,OAAOb,GCtBH2B,EAAUxD,EAAYyD,YAAc,IAAIzD,EAAYyD,YAAgB,KAMpEC,EAAU1D,EAAY2D,YAAc,IAAI3D,EAAY2D,YAAgB,KAOpEC,EAAc/B,IAClB,IAAK2B,EACH,MAAM,IAAI9B,MAAM,8BAGlB,OAAO8B,EAAQK,OAAOhC,IAQlBiC,EAAczB,IAClB,IAAKqB,EACH,MAAM,IAAIhC,MAAM,8BAGlB,OAAOgC,EAAQK,OAAO1B,IC5BxB,MAAM2B,EA6BJ,iBAAOC,CAAWpC,GAChB,OAAO,IAAImC,EAAO,CAAEE,OAAQf,EAAatB,GAAKqC,QAChD,CAOA,eAAOC,CAAStC,GACd,OAAO,IAAImC,EAAO,CAAEE,OAAQN,EAAW/B,GAAKqC,QAC9C,CAOA,iBAAOE,CAAWvC,GAChB,OAAO,IAAImC,EAAO,CAAEE,OAAQtC,EAAaC,GAAKqC,QAChD,CAOA,cAAOG,CAAQxC,GACb,OAAO,IAAImC,EAAO,CAAEE,OAAQpB,EAAUjB,GAAKqC,QAC7C,CAOA,UAAIA,GACF,OAAO5D,KAAKgE,MAAMJ,MACpB,CAMA,UAAIK,GAQF,OAPArE,OAAOC,eAAeG,KAAM,SAAU,CACpCkE,YAAY,EACZC,UAAU,EACVlE,cAAc,EACdiC,MAAOa,EAAa/C,KAAKgE,SAGpBhE,KAAKiE,MACd,CAMA,QAAIG,GAQF,OAPAxE,OAAOC,eAAeG,KAAM,OAAQ,CAClCkE,YAAY,EACZC,UAAU,EACVlE,cAAc,EACdiC,MAAOsB,EAAWxD,KAAKgE,SAGlBhE,KAAKoE,IACd,CAMA,UAAIC,GAQF,OAPAzE,OAAOC,eAAeG,KAAM,SAAU,CACpCkE,YAAY,EACZC,UAAU,EACVlE,cAAc,EACdiC,MAAOK,EAAavC,KAAKgE,SAGpBhE,KAAKqE,MACd,CAMA,OAAI1B,GAQF,OAPA/C,OAAOC,eAAeG,KAAM,MAAO,CACjCkE,YAAY,EACZC,UAAU,EACVlE,cAAc,EACdiC,MAAOQ,EAAU1C,KAAKgE,SAGjBhE,KAAK2C,GACd,CAxHA,WAAA2B,EAAYV,OAAEA,EAAMW,KAAEA,EAAO,IAAO,CAAA,GAMlCvE,KAAKgE,WAA0B,IAAXJ,ECbJ,CAACW,IACnB,GAAI1D,GAAQ2D,YACV,OAAO3D,EAAO2D,YAAYD,GACrB,GAAI7E,EAAYmB,QAAQ4D,gBAC7B,OAAO/E,EAAYmB,OAAO4D,gBAAgB,IAAIzC,WAAWuC,IAEzD,MAAM,IAAInD,MAAM,mCDO6BoD,CAAYD,GAAQ,IAAIvC,WAAW4B,GAGhFhE,OAAOC,eAAeG,KAAM,QAAS,CACnCkE,YAAY,EACZC,UAAU,EACVlE,cAAc,EACdiC,MAAOlC,KAAKgE,OAEhB,EEtBF,MAAMU,EAaJ,mBAAWC,GACT,MAAO,CACLC,OAAQ,GACRC,MAAO,UACPC,eAAe,EACfvE,UAAW,OACXwE,OAAQ,EACRC,QAAS,EACT5E,OAAQ,EAEZ,CA4EA,eAAO6E,EAASC,OACdA,EAAM3E,UACNA,EAAYmE,EAAKC,SAASpE,UAASwE,OACnCA,EAASL,EAAKC,SAASI,OAAMC,QAC7BA,EAAUN,EAAKC,SAASK,QAAOjE,KAC/BA,EAAOL,IAEP,MAAME,ET9GS,CAACuE,IAClB,MAAMtD,EAAM,IAAIC,YAAY,GACtBC,EAAM,IAAIC,WAAWH,GAC3B,IAAIuD,EAAMD,EAEV,IAAK,IAAI/C,EAAI,EAAGA,GAAK,GACP,IAARgD,EADkBhD,IAEtBL,EAAIK,GAAW,IAANgD,EACTA,GAAOrD,EAAIK,GACXgD,GAAO,IAGT,OAAOrD,GSkGWsD,CAAWL,GACrB7D,EAASJ,EAAKR,EAAW2E,EAAOlB,MAAOpD,GAC7C,IAAKO,GAAQmE,YAAcnE,EAAOmE,WAAa,GAC7C,MAAM,IAAI7E,UAAU,0CAEtB,MAAM8E,EAAyC,GAAhCpE,EAAOA,EAAOmE,WAAa;CAQ1C,SANsB,IAAjBnE,EAAOoE,KAAkB,IACH,IAArBpE,EAAOoE,EAAS,KAAa,IACR,IAArBpE,EAAOoE,EAAS,KAAa,EACT,IAArBpE,EAAOoE,EAAS,IACnB,IAAMR,GAEGnC,WAAW4C,SAAST,EAAQ,IACzC,CAQAE,QAAAA,EAASD,QAAEA,EAAUhF,KAAKgF,WAAc,CAAA,GACtC,OAAON,EAAKO,SAAS,CACnBC,OAAQlF,KAAKkF,OACb3E,UAAWP,KAAKO,UAChBwE,OAAQ/E,KAAK+E,OACbC,UACAjE,KAAMf,KAAKe,MAEf,CAcA,eAAO0E,EAASC,MACdA,EAAKR,OACLA,EAAM3E,UACNA,EAASwE,OACTA,EAASL,EAAKC,SAASI,OAAMC,QAC7BA,EAAUN,EAAKC,SAASK,QAAO5E,OAC/BA,EAASsE,EAAKC,SAASvE,OAAMW,KAC7BA,EAAOL,IAGP,GAAIgF,EAAMhE,SAAWqD,EAAQ,OAAO,KAEpC,IAAIY,EAAQ,KAEZ,MAAMC,EAA+BxD,IACnC,MAAMyD,EAAiBnB,EAAKO,SAAS,CACnCC,SACA3E,YACAwE,SACAC,QAAS5C,EACTrB,SCzKgB,EAAC+E,EAAGC,KAC1B,GAAIlF,GAAQmF,gBACV,OAAOnF,EAAOmF,gBAAgBtG,EAAYsB,OAAOC,KAAK6E,GAAIpG,EAAYsB,OAAOC,KAAK8E,IAC7E,CACL,GAAID,EAAEpE,SAAWqE,EAAErE,OACjB,MAAM,IAAIjB,UAAU,2CAEtB,IAAI2B,GAAI,EACJ6D,EAAM,EACV,OAAS7D,EAAI0D,EAAEpE,QACbuE,GAAOH,EAAEhD,WAAWV,GAAK2D,EAAEjD,WAAWV,GAExC,OAAe,IAAR6D,CACT,GD8JQD,CAAgBN,EAAOG,KACzBF,EAAQvD,EAAI4C,IAIhBY,EAAMZ,GACN,IAAK,IAAI5C,EAAI,EAAGA,GAAKhC,GAAoB,OAAVuF,IAC7BC,EAAMZ,EAAU5C,GACF,OAAVuD,KACJC,EAAMZ,EAAU5C,GACF,OAAVuD,KAJ2CvD,GAOjD,OAAOuD,CACT,CAUAF,QAAAA,EAASC,MAAEA,EAAKV,QAAEA,EAAUhF,KAAKgF,QAAO5E,OAAEA,IACxC,OAAOsE,EAAKe,SAAS,CACnBC,QACAR,OAAQlF,KAAKkF,OACb3E,UAAWP,KAAKO,UAChBwE,OAAQ/E,KAAK+E,OACbC,UACA5E,SACAW,KAAMf,KAAKe,MAEf,CAMA6B,QAAAA,GACE,MAAMsD,EAAIC,mBACV,MACE,mBAEEnG,KAAK4E,OAAOlD,OAAS,EACjB1B,KAAK8E,cACH,GAAGoB,EAAElG,KAAK4E,WAAWsB,EAAElG,KAAK6E,iBAAiBqB,EAAElG,KAAK4E,WACpD,GAAGsB,EAAElG,KAAK6E,iBAAiBqB,EAAElG,KAAK4E,WACpC,GAAGsB,EAAElG,KAAK6E,WAEhB,UAAUqB,EAAElG,KAAKkF,OAAOb,WACxB,aAAa6B,EAAElG,KAAKO,cACpB,UAAU2F,EAAElG,KAAK+E,WACjB,WAAWmB,EAAElG,KAAKgF,UAEtB,CA/LA,WAAAV,EAAYM,OACVA,EAASF,EAAKC,SAASC,OAAMC,MAC7BA,EAAQH,EAAKC,SAASE,MAAKC,cAC3BA,EAAgBJ,EAAKC,SAASG,cAAaI,OAC3CA,EAAS,IAAIxB,EAAQnD,UACrBA,EAAYmE,EAAKC,SAASpE,UAASwE,OACnCA,EAASL,EAAKC,SAASI,OAAMC,QAC7BA,EAAUN,EAAKC,SAASK,QAAOjE,KAC/BA,GACE,IAKFf,KAAK4E,OAASA,EAKd5E,KAAK6E,MAAQA,EAKb7E,KAAK8E,cAAgBA,EAKrB9E,KAAKkF,OAA2B,iBAAXA,EAAsBxB,EAAOI,WAAWoB,GAAUA,EAKvElF,KAAKO,UAAYQ,EAAOR,EAAYD,EAAsBC,GAK1DP,KAAK+E,OAASA,EAKd/E,KAAKgF,QAAUA,EAKfhF,KAAKe,KAAOA,CACd,EExFF,MAAMqF,EAaJ,mBAAWzB,GACT,MAAO,CACLC,OAAQ,GACRC,MAAO,UACPC,eAAe,EACfvE,UAAW,OACXwE,OAAQ,EACRsB,OAAQ,GACRjG,OAAQ,EAEZ,CAyEA,cAAO4E,EAAQqB,OAAEA,EAASD,EAAKzB,SAAS0B,OAAMC,UAAEA,EAAYC,KAAKC,OAAU,CAAA,GACzE,OAAOC,KAAKC,MAAMJ,EAAY,IAAOD,EACvC;AAQArB,OAAAA,EAAQsB,UAAEA,EAAYC,KAAKC,OAAU,CAAA,GACnC,OAAOJ,EAAKpB,QAAQ,CAClBqB,OAAQrG,KAAKqG,OACbC,aAEJ,CASA,gBAAOK,EAAUN,OAAEA,EAASD,EAAKzB,SAAS0B,OAAMC,UAAEA,EAAYC,KAAKC,OAAU,CAAA,GAC3E,OAAgB,IAATH,EAAiBC,GAAsB,IAATD,EACvC,CAQAM,SAAAA,EAAUL,UAAEA,EAAYC,KAAKC,OAAU,CAAA,GACrC,OAAOJ,EAAKO,UAAU,CACpBN,OAAQrG,KAAKqG,OACbC,aAEJ,CAaA,eAAOrB,EAASC,OAAEA,EAAM3E,UAAEA,EAASwE,OAAEA,EAAMsB,OAAEA,EAASD,EAAKzB,SAAS0B,OAAMC,UAAEA,EAAYC,KAAKC,MAAKzF,KAAEA,IAClG,OAAO2D,EAAKO,SAAS,CACnBC,SACA3E,YACAwE,SACAC,QAASoB,EAAKpB,QAAQ,CAAEqB,SAAQC,cAChCvF,QAEJ,CAQAkE,QAAAA,EAASqB,UAAEA,EAAYC,KAAKC,OAAU,CAAA,GACpC,OAAOJ,EAAKnB,SAAS,CACnBC,OAAQlF,KAAKkF,OACb3E,UAAWP,KAAKO,UAChBwE,OAAQ/E,KAAK+E,OACbsB,OAAQrG,KAAKqG,OACbC,YACAvF,KAAMf,KAAKe,MAEf,CAeA,eAAO0E,EAASC,MACdA,EAAKR,OACLA,EAAM3E,UACNA,EAASwE,OACTA,EAAMsB,OACNA,EAASD,EAAKzB,SAAS0B,OAAMC,UAC7BA,EAAYC,KAAKC,MAAKpG,OACtBA,EAAMW,KACNA,IAEA,OAAO2D,EAAKe,SAAS,CACnBC,QACAR,SACA3E,YACAwE,SACAC,QAASoB,EAAKpB,QAAQ,CAAEqB,SAAQC,cAChClG,SACAW,QAEJ,CAUA0E,QAAAA,EAASC,MAAEA,EAAKY,UAAEA,EAASlG,OAAEA,IAC3B,OAAOgG,EAAKX,SAAS,CACnBC,QACAR,OAAQlF,KAAKkF,OACb3E,UAAWP,KAAKO,UAChBwE,OAAQ/E,KAAK+E,OACbsB,OAAQrG,KAAKqG,OACbC,YACAlG,SACAW,KAAMf,KAAKe,MAEf,CAMA6B,QAAAA,GACE,MAAMsD,EAAIC,mBACV,MACE,mBAEEnG,KAAK4E,OAAOlD,OAAS,EACjB1B,KAAK8E,cACH,GAAGoB,EAAElG,KAAK4E,WAAWsB,EAAElG,KAAK6E,iBAAiBqB,EAAElG,KAAK4E,WACpD,GAAGsB,EAAElG,KAAK6E,iBAAiBqB,EAAElG,KAAK4E,WACpC,GAAGsB,EAAElG,KAAK6E,WAEhB,UAAUqB,EAAElG,KAAKkF,OAAOb,WACxB,aAAa6B,EAAElG,KAAKO,cACpB,UAAU2F,EAAElG,KAAK+E,WACjB,UAAUmB,EAAElG,KAAKqG,SAErB,CArNA,WAAA/B,EAAYM,OACVA,EAASwB,EAAKzB,SAASC,OAAMC,MAC7BA,EAAQuB,EAAKzB,SAASE,MAAKC,cAC3BA,EAAgBsB,EAAKzB,SAASG,cAAaI,OAC3CA,EAAS,IAAIxB,EAAQnD,UACrBA,EAAY6F,EAAKzB,SAASpE,UAASwE,OACnCA,EAASqB,EAAKzB,SAASI,OAAMsB,OAC7BA,EAASD,EAAKzB,SAAS0B,OAAMtF,KAC7BA,GACE,IAKFf,KAAK4E,OAASA,EAKd5E,KAAK6E,MAAQA,EAKb7E,KAAK8E,cAAgBA,EAKrB9E,KAAKkF,OAA2B,iBAAXA,EAAsBxB,EAAOI,WAAWoB,GAAUA,EAKvElF,KAAKO,UAAYQ,EAAOR,EAAYD,EAAsBC,GAK1DP,KAAK+E,OAASA,EAKd/E,KAAKqG,OAASA,EAKdrG,KAAKe,KAAOA,CACd;ACxFF,MAAM6F,EAAe,mFAMfC,EAAe,iBAMfC,EAAkB,sDAMlBC,EAAyB,iCAMzBC,EAAgB,aAMhBC,EAAyB,gBAM/B,MAAMC,EAQJ,YAAOC,CAAMC,GAAKrG,KAAEA,GAAS,CAAA,GAC3B,IAAIsG,EAEJ,IACEA,EAAYD,EAAIE,MAAMV,EAExB,CAAE,MAAOW,GAET,CAEA,IAAKC,MAAMC,QAAQJ,GACjB,MAAM,IAAIK,SAAS,sBAIrB,MAAMC,EAAUN,EAAU,GAAGO,cACvBC,EAAWR,EAAU,GAAGS,MAAM,mBAAoB,GAAGC,IAAIC,oBAEzDC,EAAYZ,EAAU,GAAGS,MAAM,KAAKI,OAAO,CAAC9C,EAAK+C,KACrD,MAAMC,EAAUD,EAAIL,MAAM,QAAS,GAAGC,IAAIC,oBACpCK,EAAUD,EAAQ,GAAGR,cACrBU,EAAUF,EAAQ,GAElBG,EAAUnD,EAGhB,OADAmD,EAAQF,GAAWC,EACZC,GACN,CAAA,GAGH,IAAIC,EACJ,MAAMC,EAAS,CAAA,EAEf,GAAgB,SAAZd,EAAoB,CAItB,GAHAa,EAAM9D,OAG2B,IAAtBuD,EAAUjD,UAA2BgC,EAAcxG,KAAKyH,EAAUjD,SAG3E,MAAM,IAAIvE,UAAU,0CAFpBgI,EAAOzD,QAAUvC,SAASwF,EAAUjD,QAAS,GAIjD,KAAO,IAAgB,SAAZ2C,EAYT,MAAM,IAAIlH,UAAU,oBARpB,GAHA+H,EAAMpC,OAG0B,IAArB6B,EAAU5B,OAAwB,CAC3C,IAAIY,EAAuBzG,KAAKyH,EAAU5B,QAGxC,MAAM,IAAI5F,UAAU,8BAFpBgI,EAAOpC,OAAS5D,SAASwF,EAAU5B,OAAQ,GAI/C,CAGF,CAsBA,QAlBgC,IAArB4B,EAAUrD,SACnB6D,EAAO7D,OAASqD,EAAUrD,QAEJ,IAApBiD,EAASnG,QACX+G,EAAO5D,MAAQgD,EAAS,QACK,IAAlBY,EAAO7D,QAA4C,KAAlB6D,EAAO7D,OACjD6D,EAAO7D,OAASiD,EAAS,GACA,KAAhBA,EAAS,KAClBY,EAAO3D,eAAgB,KAGzB2D,EAAO5D,MAAQgD,EAAS,QACK,IAAlBY,EAAO7D,QAA4C,KAAlB6D,EAAO7D,SACjD6D,EAAO3D,eAAgB,SAKK,IAArBmD,EAAU/C,SAA0B2B,EAAarG,KAAKyH,EAAU/C,QAGzE,MAAM,IAAIzE,UAAU,yCAItB,GANEgI,EAAOvD,OAAS+C,EAAU/C,YAMO,IAAxB+C,EAAU1H,UAA2B,CAC9C,KAAKQ,EAAOgG,EAAyBD,GAAiBtG,KAAKyH,EAAU1H,WAGnE,MAAM,IAAIE,UAAU,iCAFpBgI,EAAOlI,UAAY0H,EAAU1H,SAIjC,CAGA,QAAgC,IAArB0H,EAAUlD,OAAwB,CAC3C,IAAIkC,EAAuBzG,KAAKyH,EAAUlD,QAGxC,MAAM,IAAItE,UAAU,8BAFpBgI,EAAO1D,OAAStC,SAASwF,EAAUlD,OAAQ,GAI/C,CAOA,YAJoB,IAAThE,IACT0H,EAAO1H,KAAOA,GAGT,IAAIyH,EAAIC,EACjB,CAOA,gBAAOC,CAAUC,GACf,GAAIA,aAAejE,GAAQiE,aAAevC,EACxC,OAAOuC,EAAI/F,WAGb,MAAM,IAAInC,UAAU,6BACtB,QCvKImI,EAAU"}