No OneTemporary
Actions

Size

723 KB

Subscribers

None

View Options

This file is larger than 256 KB, so syntax highlighting was skipped.

	diff --git a/client/config.kcfg b/client/config.kcfg
	index 00f02ad..ab39986 100644
	--- a/client/config.kcfg
	+++ b/client/config.kcfg
	@@ -1,26 +1,31 @@
	<?xml version="1.0" encoding="utf-8"?>
	<kcfg xmlns="http://www.kde.org/standards/kcfg/1.0"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xsi:schemaLocation="http://www.kde.org/standards/kcfg/1.0 http://www.kde.org/standards/kcfg/1.0/kcfg.xsd">
	<!--
	SPDX-FileCopyrightText: 2024 g10 code Gmbh
	SPDX-Contributor: Carl Schwan <carl.schwan@gnupg.com>
	SPDX-License-Identifier: GPL-2.0-or-later
	-->
	<kcfgfile name="gpgol-clientrc" />
	<group name="FirstTimeLauncher">
	<entry name="ShowLauncher" type="Bool">
	<label>Whether to show the first time launcher</label>
	<default>true</default>
	</entry>
	</group>
	<group name="Server">
	<entry name="IsLocalServer" type="Bool">
	<default>true</default>
	</entry>
	<entry name="RemoteAddress" type="Url">
	<default></default>
	</entry>
	</group>
	+ <group name="Features">
	+ <entry name="Reencrypt" type="Bool">
	+ <default>true</default>
	+ </entry>
	+ </group>
	</kcfg>

	diff --git a/client/websocketclient.cpp b/client/websocketclient.cpp
	index ab16630..965b74f 100644
	--- a/client/websocketclient.cpp
	+++ b/client/websocketclient.cpp
	@@ -1,444 +1,451 @@
	// SPDX-FileCopyrightText: 2023 g10 code Gmbh
	// SPDX-Contributor: Carl Schwan <carl.schwan@gnupg.com>
	// SPDX-License-Identifier: GPL-2.0-or-later

	#include "websocketclient.h"

	// Qt headers
	#include <QFile>
	#include <QHostInfo>
	#include <QJsonArray>
	#include <QJsonDocument>
	#include <QJsonObject>
	#include <QStandardPaths>
	#include <QTimer>
	#include <QUuid>

	// KDE headers
	#include <KConfigGroup>
	#include <KLocalizedString>
	#include <KMime/Message>
	#include <KSharedConfig>
	#include <Libkleo/Formatting>
	#include <Libkleo/KeyCache>
	#include <MimeTreeParserCore/ObjectTreeParser>

	// gpgme headers
	#include <QGpgME/KeyListJob>
	#include <QGpgME/Protocol>
	#include <gpgme++/global.h>
	#include <gpgme++/key.h>
	#include <gpgme++/keylistresult.h>

	+#include "config.h"
	#include "draft/draftmanager.h"
	#include "editor/composerwindow.h"
	#include "editor/composerwindowfactory.h"
	#include "emailviewer.h"
	#include "ews/ewsclient.h"
	#include "ews/ewsgetitemrequest.h"
	#include "ews/ewsitemshape.h"
	#include "gpgol_client_debug.h"
	#include "gpgolweb_version.h"
	#include "protocol.h"
	#include "reencrypt/reencryptjob.h"
	#include "websocket_debug.h"

	using namespace Qt::Literals::StringLiterals;

	WebsocketClient &WebsocketClient::self(const QUrl &url, const QString &clientId)
	{
	static WebsocketClient *client = nullptr;
	if (!client && url.isEmpty()) {
	qFatal() << "Unable to create a client without an url";
	} else if (!client) {
	client = new WebsocketClient(url, clientId);
	}
	return *client;
	};

	WebsocketClient::WebsocketClient(const QUrl &url, const QString &clientId)
	: QObject(nullptr)
	, m_webSocket(QWebSocket(QStringLiteral("Client")))
	, m_url(url)
	, m_clientId(clientId)
	, m_state(NotConnected)
	, m_stateDisplay(i18nc("@info", "Loading..."))
	{
	auto job = QGpgME::openpgp()->keyListJob();
	connect(job, &QGpgME::KeyListJob::result, this, &WebsocketClient::slotKeyListingDone);
	job->start({}, true);

	qCWarning(GPGOL_CLIENT_LOG) << "Found the following trusted emails" << m_emails;

	connect(&m_webSocket, &QWebSocket::connected, this, &WebsocketClient::slotConnected);
	connect(&m_webSocket, &QWebSocket::disconnected, this, [this] {
	m_state = NotConnected;
	m_stateDisplay = i18nc("@info", "Connection to outlook lost due to a disconnection with the broker.");
	Q_EMIT stateChanged(m_stateDisplay);
	});
	connect(&m_webSocket, &QWebSocket::errorOccurred, this, &WebsocketClient::slotErrorOccurred);
	connect(&m_webSocket, &QWebSocket::textMessageReceived, this, &WebsocketClient::slotTextMessageReceived);
	connect(&m_webSocket, QOverload<const QList<QSslError> &>::of(&QWebSocket::sslErrors), this, [this](const QList<QSslError> &errors) {
	// TODO remove
	m_webSocket.ignoreSslErrors(errors);
	});

	QSslConfiguration sslConfiguration;
	auto certPath = QStandardPaths::locate(QStandardPaths::AppLocalDataLocation, QStringLiteral("certificate.pem"));
	Q_ASSERT(!certPath.isEmpty());

	QFile certFile(certPath);
	if (!certFile.open(QIODevice::ReadOnly)) {
	qFatal() << "Couldn't read certificate" << certPath;
	}
	QSslCertificate certificate(&certFile, QSsl::Pem);
	certFile.close();
	sslConfiguration.addCaCertificate(certificate);
	m_webSocket.setSslConfiguration(sslConfiguration);

	m_webSocket.open(url);
	}

	void WebsocketClient::slotKeyListingDone(const GpgME::KeyListResult &result, const std::vector<GpgME::Key> &keys, const QString &, const GpgME::Error &error)
	{
	Q_UNUSED(result);
	Q_UNUSED(error);

	if (error) {
	m_stateDisplay = i18nc("@info", "Connection to the Outlook extension lost. Make sure the extension pane is open.");
	Q_EMIT stateChanged(m_stateDisplay);
	return;
	}

	QStringList oldEmails = m_emails;

	for (const auto &key : keys) {
	for (const auto &userId : key.userIDs()) {
	const auto email = QString::fromLatin1(userId.email()).toLower();
	if (!m_emails.contains(email)) {
	m_emails << email;
	}
	}
	}
	if (m_emails == oldEmails) {
	return;
	}

	qCWarning(GPGOL_CLIENT_LOG) << "Found the following trusted emails" << m_emails;

	if (m_webSocket.state() == QAbstractSocket::ConnectedState) {
	slotConnected();
	}
	}

	void WebsocketClient::slotConnected()
	{
	qCInfo(WEBSOCKET_LOG) << "websocket connected";
	// clang-format off
	QJsonDocument doc(QJsonObject{
	{"command"_L1, Protocol::commandToString(Protocol::Register)},
	{"arguments"_L1, QJsonObject{
	{"emails"_L1, QJsonArray::fromStringList(m_emails)},
	{"type"_L1, "native"_L1},
	{"id"_L1, getId() },
	{"name"_L1, QString(QHostInfo::localHostName() + u" - GpgOL/Web ("_s + QStringLiteral(GPGOLWEB_VERSION_STRING) + u')') },
	}},
	});
	// clang-format on

	m_webSocket.sendTextMessage(QString::fromUtf8(doc.toJson()));

	m_state = NotConnected; /// We still need to connect to the web client
	m_stateDisplay = i18nc("@info", "Waiting for web client.");
	Q_EMIT stateChanged(m_stateDisplay);
	}

	void WebsocketClient::slotErrorOccurred(QAbstractSocket::SocketError error)
	{
	qCWarning(WEBSOCKET_LOG) << error << m_webSocket.errorString();
	m_state = NotConnected;
	m_stateDisplay = i18nc("@info", "Could not reach the Outlook extension.");
	Q_EMIT stateChanged(m_stateDisplay);
	reconnect();
	}

	bool WebsocketClient::sendEWSRequest(const QString &fromEmail, const QString &requestId, const QString &requestBody)
	{
	KMime::Types::Mailbox mailbox;
	mailbox.fromUnicodeString(fromEmail);

	const QJsonObject json{
	{"command"_L1, Protocol::commandToString(Protocol::Ews)},
	{"arguments"_L1,
	QJsonObject{
	{"body"_L1, requestBody},
	{"email"_L1, QString::fromUtf8(mailbox.address())},
	{"requestId"_L1, requestId},
	}},
	};

	m_webSocket.sendTextMessage(QString::fromUtf8(QJsonDocument(json).toJson()));
	return true;
	}

	void WebsocketClient::slotTextMessageReceived(QString message)
	{
	const auto doc = QJsonDocument::fromJson(message.toUtf8());
	if (!doc.isObject()) {
	qCWarning(WEBSOCKET_LOG) << "invalid text message received" << message;
	return;
	}

	const auto object = doc.object();
	const auto command = Protocol::commandFromString(object["command"_L1].toString());
	const auto args = object["arguments"_L1].toObject();

	switch (command) {
	case Protocol::Disconnection:
	// disconnection of the web client
	m_state = NotConnected;
	m_stateDisplay = i18nc("@info", "Connection to the Outlook extension lost. Make sure the extension pane is open.");
	Q_EMIT stateChanged(m_stateDisplay);
	return;
	case Protocol::Connection:
	// reconnection of the web client
	m_state = Connected;
	m_stateDisplay = i18nc("@info", "Connected.");
	Q_EMIT stateChanged(m_stateDisplay);
	return;
	case Protocol::View: {
	const auto email = args["email"_L1].toString();
	const auto displayName = args["displayName"_L1].toString();
	const EwsId id(args["itemId"_L1].toString());
	const auto content = m_cachedMime[id];
	if (content.isEmpty()) {
	return;
	}
	const auto ewsAccessToken = args["ewsAccessToken"_L1].toString().toUtf8();

	if (!m_emailViewer) {
	m_emailViewer = new EmailViewer(content, email, displayName, ewsAccessToken);
	m_emailViewer->setAttribute(Qt::WA_DeleteOnClose);
	} else {
	m_emailViewer->view(content, email, displayName, ewsAccessToken);
	}

	m_emailViewer->show();
	m_emailViewer->activateWindow();
	m_emailViewer->raise();
	return;
	}
	case Protocol::RestoreAutosave: {
	const auto email = args["email"_L1].toString();
	const auto displayName = args["displayName"_L1].toString();
	const auto ewsAccessToken = args["ewsAccessToken"_L1].toString().toUtf8();

	ComposerWindowFactory::self().restoreAutosave(email, displayName, ewsAccessToken);
	return;
	}
	case Protocol::EwsResponse: {
	// confirmation that the email was sent
	const auto args = object["arguments"_L1].toObject();
	Q_EMIT ewsResponseReceived(args["requestId"_L1].toString(), args["body"_L1].toString());
	return;
	}
	case Protocol::Composer:
	case Protocol::Reply:
	case Protocol::Forward:
	case Protocol::OpenDraft: {
	const auto email = args["email"_L1].toString();
	const auto displayName = args["displayName"_L1].toString();
	const auto ewsAccessToken = args["ewsAccessToken"_L1].toString().toUtf8();

	auto dialog = ComposerWindowFactory::self().create(email, displayName, ewsAccessToken);

	if (command == Protocol::Reply \|\| command == Protocol::Forward) {
	const EwsId id(args["itemId"_L1].toString());
	const auto content = m_cachedMime[id];
	if (content.isEmpty()) {
	return;
	}

	KMime::Message::Ptr message(new KMime::Message());
	message->setContent(KMime::CRLFtoLF(content.toUtf8()));
	message->parse();
	if (command == Protocol::Reply) {
	dialog->reply(message);
	} else {
	dialog->forward(message);
	}
	} else if (command == Protocol::OpenDraft) {
	const auto draftId = args["id"_L1].toString();
	if (draftId.isEmpty()) {
	return;
	}
	const auto draft = DraftManager::self().draftById(draftId.toUtf8());
	dialog->setMessage(draft.mime());
	}
	dialog->show();
	dialog->activateWindow();
	dialog->raise();
	return;
	}
	case Protocol::DeleteDraft: {
	const auto draftId = args["id"_L1].toString();
	if (draftId.isEmpty()) {
	qWarning() << "Draft not valid";
	return;
	}
	const auto draft = DraftManager::self().draftById(draftId.toUtf8());

	if (!draft.isValid()) {
	qWarning() << "Draft not valid";
	return;
	}

	if (!DraftManager::self().remove(draft)) {
	qCWarning(GPGOL_CLIENT_LOG) << "Could not delete draft";
	return;
	}
	return;
	}
	case Protocol::Reencrypt: {
	reencrypt(args);
	return;
	}
	case Protocol::Info: {
	info(args);
	return;
	}
	default:
	qCWarning(WEBSOCKET_LOG) << "Unhandled command" << command;
	}
	}

	void WebsocketClient::reencrypt(const QJsonObject &args)
	{
	const EwsId folderId(args["folderId"_L1].toString());

	EwsClient client(args["email"_L1].toString(), args["ewsAccessToken"_L1].toString().toUtf8());

	auto reencryptjob = new ReencryptJob(this, folderId, client);
	reencryptjob->start();
	}

	void WebsocketClient::reconnect()
	{
	QTimer::singleShot(1000ms, this, [this]() {
	m_webSocket.open(m_url);
	});
	}

	WebsocketClient::State WebsocketClient::state() const
	{
	return m_state;
	}

	QString WebsocketClient::stateDisplay() const
	{
	return m_stateDisplay;
	}

	void WebsocketClient::sendViewerClosed(const QString &email)
	{
	const QJsonObject json{
	{"command"_L1, Protocol::commandToString(Protocol::ViewerClosed)},
	{"arguments"_L1, QJsonObject{{"email"_L1, email}}},
	};

	m_webSocket.sendTextMessage(QString::fromUtf8(QJsonDocument(json).toJson()));
	}

	void WebsocketClient::sendViewerOpened(const QString &email)
	{
	const QJsonObject json{
	{"command"_L1, Protocol::commandToString(Protocol::ViewerOpened)},
	{"arguments"_L1, QJsonObject{{"email"_L1, email}}},
	};

	m_webSocket.sendTextMessage(QString::fromUtf8(QJsonDocument(json).toJson()));
	}

	void WebsocketClient::info(const QJsonObject &args)
	{
	const EwsId id(args["itemId"_L1].toString());

	if (m_cachedInfo.contains(id)) {
	m_webSocket.sendTextMessage(m_cachedInfo[id]);
	return;
	}

	EwsClient client(args["email"_L1].toString(), args["ewsAccessToken"_L1].toString().toUtf8());

	EwsItemShape itemShape(EwsShapeIdOnly);
	itemShape.setFlags(EwsItemShape::IncludeMimeContent);
	itemShape << EwsPropertyField(u"item:ParentFolderId"_s);

	auto request = new EwsGetItemRequest(client, this);
	request->setItemIds({id});
	request->setItemShape(itemShape);
	qCWarning(GPGOL_CLIENT_LOG) << "Info for" << id << "requested";
	connect(request, &EwsGetItemRequest::finished, this, [this, id, args, request]() {
	if (request->error() != KJob::NoError) {
	const QJsonObject json{{"command"_L1, Protocol::commandToString(Protocol::Error)},
	{"arguments"_L1,
	QJsonObject{
	{"error"_L1, request->errorString()},
	{"email"_L1, args["email"_L1]},
	}}};
	const auto result = QString::fromUtf8(QJsonDocument(json).toJson());
	m_webSocket.sendTextMessage(result);
	return;
	}

	qCWarning(GPGOL_CLIENT_LOG) << "Info for" << id << "fetched";
	const auto responses = request->responses();
	if (responses.isEmpty()) {
	return;
	}

	const auto item = responses.at(0).item();
	const auto mimeContent = item[EwsItemFieldMimeContent].toString();

	KMime::Message::Ptr message(new KMime::Message());
	message->setContent(KMime::CRLFtoLF(mimeContent.toUtf8()));
	message->parse();

	MimeTreeParser::ObjectTreeParser treeParser;
	treeParser.parseObjectTree(message.get());

	+ QJsonArray features;
	+ if (Config::self()->reencrypt()) {
	+ features << u"reencrypt"_s;
	+ }
	+
	const QJsonObject json{{"command"_L1, Protocol::commandToString(Protocol::InfoFetched)},
	{"arguments"_L1,
	QJsonObject{
	{"itemId"_L1, args["itemId"_L1]},
	{"folderId"_L1, item[EwsItemFieldParentFolderId].value<EwsId>().id()},
	{"email"_L1, args["email"_L1]},
	{"encrypted"_L1, treeParser.hasEncryptedParts()},
	{"signed"_L1, treeParser.hasSignedParts()},
	{"drafts"_L1, DraftManager::self().toJson()},
	{"viewerOpen"_L1, !m_emailViewer.isNull()},
	{"version"_L1, QStringLiteral(GPGOLWEB_VERSION_STRING)},
	+ {"features"_L1, features},
	}}};

	const auto result = QString::fromUtf8(QJsonDocument(json).toJson());
	m_cachedInfo[id] = result;
	m_cachedMime[id] = mimeContent;
	m_webSocket.sendTextMessage(result);
	});

	request->start();
	}

	QString WebsocketClient::getId() const
	{
	auto config = KSharedConfig::openStateConfig();
	auto machineGroup = config->group(u"Machine"_s);
	if (machineGroup.exists() && machineGroup.hasKey(u"Id"_s)) {
	return machineGroup.readEntry(u"Id"_s);
	}

	const auto id = QUuid::createUuid().toString(QUuid::WithoutBraces);
	machineGroup.writeEntry("Id", id);
	config->sync();
	return id;
	}
	diff --git a/doc/communication.md b/doc/communication.md
	index 2cde42f..9ccafec 100644
	--- a/doc/communication.md
	+++ b/doc/communication.md
	@@ -1,187 +1,188 @@
	# Communication Overview

	Every communication is encrypted via a self-signed TLS certificate.

	## Components involved

	* Exchange
	This is the Microsoft server, either an exchange instance or the
	MS-365 infrastructure.

	* Outlook
	The actual mail clients. Outlook may be used intwo forms:

	1. Outlook/Exe :: The installed outlook application

	2. Outlook/Web :: The outlook application running in a browser

	* GpgOL-Server
	This is the broker between Outlook and GpgOL-Client. It is
	responsible to manage several client instances and may also be
	installed as a central service within a corporate network. The
	server also delivers the Javascript used by Outlook. It provides
	the following services on the same port 5656:

	1. HTTP Server
	The HTTP server only serve static content, this includes HTML, CSS, JavaScript
	and some assets.

	2. Web Socket Server
	On the same port as the HTTP server, there is also a websocket server which both
	native and web clients connect to via a JSON based protocols:

	```json
	{
	"command": "<command-name>",
	"arguements": {
	"<key>": "<value>",
	}
	}
	```

	* GpgOL-Client
	The client is the actual crypt MUA part which extends Outlook. It
	communicates via GpgOL-Server and is respinsbile for the crypto
	operations and to show and compose messages.



	## Commands

	Here is an overview of the most important commands, they are all defined in the
	`common/protocol.h` class used by both gpgol-client and gpgol-server.

	### `register` and `connection`

	This creates a mapping from email address to sockets in the server which latter
	on is used to forward the messages.

	```json
	{
	"command": "register",
	"arguements": {
	"type": "webclient\|native",
	"emails": ["email1@example.org", "email2@example.org"]
	"id": "<unique-id>", // only for native
	"name": "<name of the computer>" // only for native
	}
	}
	```

	The list of emails for a web client is the result of
	`Office.context.mailbox.userProfile.emailAddress` which returns the email
	address of the current account.

	The list of emails for a native client is the list of GpgME::UserId with a
	private key in the keyring.

	If when registering a native client, the web clients with a matching email
	address will be notified with the following message. A similar message will
	be send to the web client when they connect.

	```JSON
	{
	"command": "connection",
	"arguments": {
	"type": "client",
	"id": "<unique-id>",
	"name": "<name of the computer>",
	}
	}
	```

	The user will be asked to authorize the new device and then the id will be
	added to the list of `verifiedNativeClients`. This is saved accross section in
	the web storage API, so that the device only needs to be verified the first time.

	### `info`

	This ask the native client to fetch the MIME content of the email and cache it locally.

	`ewsAccessToken` is the secret OAuth token used to authentificate the EWS requests made
	my the native client.

	`itemId` is the EWS item id which is used a unique identifier in EWS and in GpgOL/Web

	```json
	{
	"command": "info",
	"arguements": {
	"itemId": "the itemid of the email",
	"email": "email1@example.org",
	"ewsAccessToken": "TOKEN",
	"verifiedNativeClients": [ "<unique-id>" ]
	}
	}
	```

	### `info-fetched`

	Once the information is fetched, the native client will send the following back to gpgol-sever
	which is then forwarded to the web client.

	```json
	{
	"command": "info-fetched",
	"arguements": {
	"itemId": "the EWS id of the email",
	"folderId": "the EWS id of the folder",
	"encrypted": "whether the email is encrypted",
	"signed": "whether the email is signed",
	"version": "The version of the native client",
	"drafts": [ "draft 1", "draft 2" ],
	"viewerOpen": "whether the email viewer is open"
	"verifiedNativeClients": [ "<unique-id>" ]
	+ "features": [ "reencrypt" ]
	}
	}
	```

	### Other commands

	Most commands follow the same format and are simply forwarded to the native client:

	```json
	{
	"command": "view\|reencrypt\|reply\|forward\|composer",
	"arguements": {
	"itemId": "the itemid of the email",
	"folderId": "the EWS id of the folder",
	"email": "email1@example.org",
	"displayName": "Foo Bar",
	"ewsAccessToken": "TOKEN",
	"verifiedNativeClients": [ "<unique-id>" ]
	}
	}
	```

	### Special EWS commands

	In the normal case, we get an EWS access token via OAuth and then the EWS
	requests are directly done in the native client. To support legacy servers,
	we also support doing EWS in the web client. In which case the native client,
	send the following command:

	```json
	{
	"command": "ews",
	"arguements": {
	"body": "EWS request body, this is nested XML",
	"email": "email1@example.org",
	"requestId": "unique identifier for the request",
	}
	}
	```

	the web client will then run this EWS request in JavaScript and return the following,
	which is then send back to the native client.

	```json
	{
	"command": "ews-response",
	"arguements": {
	"body": "EWS response body, this is nested XML",
	"email": "email1@example.org",
	"requestId": "unique identifier for the request, same as before",
	}
	}
	```
	diff --git a/web/dist/assets/index-Cg7oNTya.js b/web/dist/assets/index-Drll8Pr4.js
	similarity index 70%
	rename from web/dist/assets/index-Cg7oNTya.js
	rename to web/dist/assets/index-Drll8Pr4.js
	index 25cdddb..32bcd08 100644
	--- a/web/dist/assets/index-Cg7oNTya.js
	+++ b/web/dist/assets/index-Drll8Pr4.js
	@@ -1,23 +1,23 @@
	-(function(){const e=document.createElement("link").relList;if(e&&e.supports&&e.supports("modulepreload"))return;for(const o of document.querySelectorAll('link[rel="modulepreload"]'))r(o);new MutationObserver(o=>{for(const i of o)if(i.type==="childList")for(const s of i.addedNodes)s.tagName==="LINK"&&s.rel==="modulepreload"&&r(s)}).observe(document,{childList:!0,subtree:!0});function t(o){const i={};return o.integrity&&(i.integrity=o.integrity),o.referrerPolicy&&(i.referrerPolicy=o.referrerPolicy),o.crossOrigin==="use-credentials"?i.credentials="include":o.crossOrigin==="anonymous"?i.credentials="omit":i.credentials="same-origin",i}function r(o){if(o.ep)return;o.ep=!0;const i=t(o);fetch(o.href,i)}})();const bn={"fr-FR":{"Loading...":"Chargement...","This mail is encrypted and signed.":"Ce email est encrypté et signé numériquement","This mail is encrypted.":"Ce email est encrypté"},"de-DE":{"Loading...":"Laden...","This mail is encrypted and signed.":"Diese E-Mail ist verschlüsselt und signiert","This mail is encrypted.":"Diese E-Mail ist verschlüsselt","This mail is signed":"Diese E-Mail ist signiert","This mail is not encrypted nor signed.":"Diese E-Mail ist nicht verschlüsselt und signiert",Decrypt:"Entschlüsseln","View email":"E-Mail anzeigen"}};/**
	+(function(){const e=document.createElement("link").relList;if(e&&e.supports&&e.supports("modulepreload"))return;for(const o of document.querySelectorAll('link[rel="modulepreload"]'))r(o);new MutationObserver(o=>{for(const i of o)if(i.type==="childList")for(const s of i.addedNodes)s.tagName==="LINK"&&s.rel==="modulepreload"&&r(s)}).observe(document,{childList:!0,subtree:!0});function t(o){const i={};return o.integrity&&(i.integrity=o.integrity),o.referrerPolicy&&(i.referrerPolicy=o.referrerPolicy),o.crossOrigin==="use-credentials"?i.credentials="include":o.crossOrigin==="anonymous"?i.credentials="omit":i.credentials="same-origin",i}function r(o){if(o.ep)return;o.ep=!0;const i=t(o);fetch(o.href,i)}})();const kn={"fr-FR":{"Loading...":"Chargement...","This mail is encrypted and signed.":"Ce email est encrypté et signé numériquement","This mail is encrypted.":"Ce email est encrypté"},"de-DE":{"Loading...":"Laden...","This mail is encrypted and signed.":"Diese E-Mail ist verschlüsselt und signiert","This mail is encrypted.":"Diese E-Mail ist verschlüsselt","This mail is signed":"Diese E-Mail ist signiert","This mail is not encrypted nor signed.":"Diese E-Mail ist nicht verschlüsselt und signiert",Decrypt:"Entschlüsseln","View email":"E-Mail anzeigen"}};/**
	* @vue/shared v3.5.13
	* (c) 2018-present Yuxi (Evan) You and Vue contributors
	* @license MIT
	-*//! #__NO_SIDE_EFFECTS__ /function Mi(n){const e=Object.create(null);for(const t of n.split(","))e[t]=1;return t=>t in e}const de={},kn=[],vt=()=>{},Nh=()=>!1,co=n=>n.charCodeAt(0)===111&&n.charCodeAt(1)===110&&(n.charCodeAt(2)>122\|\|n.charCodeAt(2)<97),xi=n=>n.startsWith("onUpdate:"),De=Object.assign,Hi=(n,e)=>{const t=n.indexOf(e);t>-1&&n.splice(t,1)},Mh=Object.prototype.hasOwnProperty,ne=(n,e)=>Mh.call(n,e),K=Array.isArray,Rn=n=>lo(n)==="[object Map]",ic=n=>lo(n)==="[object Set]",G=n=>typeof n=="function",pe=n=>typeof n=="string",Jt=n=>typeof n=="symbol",ue=n=>n!==null&&typeof n=="object",sc=n=>(ue(n)\|\|G(n))&&G(n.then)&&G(n.catch),ac=Object.prototype.toString,lo=n=>ac.call(n),xh=n=>lo(n).slice(8,-1),cc=n=>lo(n)==="[object Object]",Li=n=>pe(n)&&n!=="NaN"&&n[0]!=="-"&&""+parseInt(n,10)===n,Xn=Mi(",key,ref,ref_for,ref_key,onVnodeBeforeMount,onVnodeMounted,onVnodeBeforeUpdate,onVnodeUpdated,onVnodeBeforeUnmount,onVnodeUnmounted"),ho=n=>{const e=Object.create(null);return t=>e[t]\|\|(e[t]=n(t))},Hh=/-(\w)/g,Wt=ho(n=>n.replace(Hh,(e,t)=>t?t.toUpperCase():"")),Lh=/\B([A-Z])/g,Cn=ho(n=>n.replace(Lh,"-$1").toLowerCase()),lc=ho(n=>n.charAt(0).toUpperCase()+n.slice(1)),Bo=ho(n=>n?`on${lc(n)}`:""),zt=(n,e)=>!Object.is(n,e),Go=(n,...e)=>{for(let t=0;t<n.length;t++)n[t](...e)},dc=(n,e,t,r=!1)=>{Object.defineProperty(n,e,{configurable:!0,enumerable:!1,writable:r,value:t})},Uh=n=>{const e=parseFloat(n);return isNaN(e)?n:e};let ea;const uo=()=>ea\|\|(ea=typeof globalThis<"u"?globalThis:typeof self<"u"?self:typeof window<"u"?window:typeof global<"u"?global:{});function Ui(n){if(K(n)){const e={};for(let t=0;t<n.length;t++){const r=n[t],o=pe(r)?Bh(r):Ui(r);if(o)for(const i in o)e[i]=o[i]}return e}else if(pe(n)\|\|ue(n))return n}const Dh=/;(?![^(]\))/g,Fh=/:([^]+)/,Kh=/\/\[^]?\\//g;function Bh(n){const e={};return n.replace(Kh,"").split(Dh).forEach(t=>{if(t){const r=t.split(Fh);r.length>1&&(e[r[0].trim()]=r[1].trim())}}),e}function Di(n){let e="";if(pe(n))e=n;else if(K(n))for(let t=0;t<n.length;t++){const r=Di(n[t]);r&&(e+=r+" ")}else if(ue(n))for(const t in n)n[t]&&(e+=t+" ");return e.trim()}const Gh="itemscope,allowfullscreen,formnovalidate,ismap,nomodule,novalidate,readonly",$h=Mi(Gh);function hc(n){return!!n\|\|n===""}const uc=n=>!!(n&&n.__v_isRef===!0),we=n=>pe(n)?n:n==null?"":K(n)\|\|ue(n)&&(n.toString===ac\|\|!G(n.toString))?uc(n)?we(n.value):JSON.stringify(n,fc,2):String(n),fc=(n,e)=>uc(e)?fc(n,e.value):Rn(e)?{[`Map(${e.size})`]:[...e.entries()].reduce((t,[r,o],i)=>(t[$o(r,i)+" =>"]=o,t),{})}:ic(e)?{[`Set(${e.size})`]:[...e.values()].map(t=>$o(t))}:Jt(e)?$o(e):ue(e)&&!K(e)&&!cc(e)?String(e):e,$o=(n,e="")=>{var t;return Jt(n)?`Symbol(${(t=n.description)!=null?t:e})`:n};/*
	+*//! #__NO_SIDE_EFFECTS__ /function xi(n){const e=Object.create(null);for(const t of n.split(","))e[t]=1;return t=>t in e}const de={},Rn=[],vt=()=>{},Nh=()=>!1,lo=n=>n.charCodeAt(0)===111&&n.charCodeAt(1)===110&&(n.charCodeAt(2)>122\|\|n.charCodeAt(2)<97),Hi=n=>n.startsWith("onUpdate:"),De=Object.assign,Li=(n,e)=>{const t=n.indexOf(e);t>-1&&n.splice(t,1)},Mh=Object.prototype.hasOwnProperty,ne=(n,e)=>Mh.call(n,e),K=Array.isArray,On=n=>ho(n)==="[object Map]",sc=n=>ho(n)==="[object Set]",$=n=>typeof n=="function",pe=n=>typeof n=="string",Jt=n=>typeof n=="symbol",ue=n=>n!==null&&typeof n=="object",ac=n=>(ue(n)\|\|$(n))&&$(n.then)&&$(n.catch),cc=Object.prototype.toString,ho=n=>cc.call(n),xh=n=>ho(n).slice(8,-1),lc=n=>ho(n)==="[object Object]",Ui=n=>pe(n)&&n!=="NaN"&&n[0]!=="-"&&""+parseInt(n,10)===n,Jn=xi(",key,ref,ref_for,ref_key,onVnodeBeforeMount,onVnodeMounted,onVnodeBeforeUpdate,onVnodeUpdated,onVnodeBeforeUnmount,onVnodeUnmounted"),uo=n=>{const e=Object.create(null);return t=>e[t]\|\|(e[t]=n(t))},Hh=/-(\w)/g,Wt=uo(n=>n.replace(Hh,(e,t)=>t?t.toUpperCase():"")),Lh=/\B([A-Z])/g,Cn=uo(n=>n.replace(Lh,"-$1").toLowerCase()),dc=uo(n=>n.charAt(0).toUpperCase()+n.slice(1)),Go=uo(n=>n?`on${dc(n)}`:""),zt=(n,e)=>!Object.is(n,e),$o=(n,...e)=>{for(let t=0;t<n.length;t++)n[t](...e)},hc=(n,e,t,r=!1)=>{Object.defineProperty(n,e,{configurable:!0,enumerable:!1,writable:r,value:t})},Uh=n=>{const e=parseFloat(n);return isNaN(e)?n:e};let ta;const fo=()=>ta\|\|(ta=typeof globalThis<"u"?globalThis:typeof self<"u"?self:typeof window<"u"?window:typeof global<"u"?global:{});function Di(n){if(K(n)){const e={};for(let t=0;t<n.length;t++){const r=n[t],o=pe(r)?Bh(r):Di(r);if(o)for(const i in o)e[i]=o[i]}return e}else if(pe(n)\|\|ue(n))return n}const Dh=/;(?![^(]\))/g,Fh=/:([^]+)/,Kh=/\/\[^]?\\//g;function Bh(n){const e={};return n.replace(Kh,"").split(Dh).forEach(t=>{if(t){const r=t.split(Fh);r.length>1&&(e[r[0].trim()]=r[1].trim())}}),e}function Fi(n){let e="";if(pe(n))e=n;else if(K(n))for(let t=0;t<n.length;t++){const r=Fi(n[t]);r&&(e+=r+" ")}else if(ue(n))for(const t in n)n[t]&&(e+=t+" ");return e.trim()}const Gh="itemscope,allowfullscreen,formnovalidate,ismap,nomodule,novalidate,readonly",$h=xi(Gh);function uc(n){return!!n\|\|n===""}const fc=n=>!!(n&&n.__v_isRef===!0),Ee=n=>pe(n)?n:n==null?"":K(n)\|\|ue(n)&&(n.toString===cc\|\|!$(n.toString))?fc(n)?Ee(n.value):JSON.stringify(n,gc,2):String(n),gc=(n,e)=>fc(e)?gc(n,e.value):On(e)?{[`Map(${e.size})`]:[...e.entries()].reduce((t,[r,o],i)=>(t[zo(r,i)+" =>"]=o,t),{})}:sc(e)?{[`Set(${e.size})`]:[...e.values()].map(t=>zo(t))}:Jt(e)?zo(e):ue(e)&&!K(e)&&!lc(e)?String(e):e,zo=(n,e="")=>{var t;return Jt(n)?`Symbol(${(t=n.description)!=null?t:e})`:n};/*
	* @vue/reactivity v3.5.13
	* (c) 2018-present Yuxi (Evan) You and Vue contributors
	* @license MIT
	-/let Ve;class zh{constructor(e=!1){this.detached=e,this._active=!0,this.effects=[],this.cleanups=[],this._isPaused=!1,this.parent=Ve,!e&&Ve&&(this.index=(Ve.scopes\|\|(Ve.scopes=[])).push(this)-1)}get active(){return this._active}pause(){if(this._active){this._isPaused=!0;let e,t;if(this.scopes)for(e=0,t=this.scopes.length;e<t;e++)this.scopes[e].pause();for(e=0,t=this.effects.length;e<t;e++)this.effects[e].pause()}}resume(){if(this._active&&this._isPaused){this._isPaused=!1;let e,t;if(this.scopes)for(e=0,t=this.scopes.length;e<t;e++)this.scopes[e].resume();for(e=0,t=this.effects.length;e<t;e++)this.effects[e].resume()}}run(e){if(this._active){const t=Ve;try{return Ve=this,e()}finally{Ve=t}}}on(){Ve=this}off(){Ve=this.parent}stop(e){if(this._active){this._active=!1;let t,r;for(t=0,r=this.effects.length;t<r;t++)this.effects[t].stop();for(this.effects.length=0,t=0,r=this.cleanups.length;t<r;t++)this.cleanups[t]();if(this.cleanups.length=0,this.scopes){for(t=0,r=this.scopes.length;t<r;t++)this.scopes[t].stop(!0);this.scopes.length=0}if(!this.detached&&this.parent&&!e){const o=this.parent.scopes.pop();o&&o!==this&&(this.parent.scopes[this.index]=o,o.index=this.index)}this.parent=void 0}}}function qh(){return Ve}let le;const zo=new WeakSet;class gc{constructor(e){this.fn=e,this.deps=void 0,this.depsTail=void 0,this.flags=5,this.next=void 0,this.cleanup=void 0,this.scheduler=void 0,Ve&&Ve.active&&Ve.effects.push(this)}pause(){this.flags\|=64}resume(){this.flags&64&&(this.flags&=-65,zo.has(this)&&(zo.delete(this),this.trigger()))}notify(){this.flags&2&&!(this.flags&32)\|\|this.flags&8\|\|mc(this)}run(){if(!(this.flags&1))return this.fn();this.flags\|=2,ta(this),Cc(this);const e=le,t=st;le=this,st=!0;try{return this.fn()}finally{yc(this),le=e,st=t,this.flags&=-3}}stop(){if(this.flags&1){for(let e=this.deps;e;e=e.nextDep)Bi(e);this.deps=this.depsTail=void 0,ta(this),this.onStop&&this.onStop(),this.flags&=-2}}trigger(){this.flags&64?zo.add(this):this.scheduler?this.scheduler():this.runIfDirty()}runIfDirty(){oi(this)&&this.run()}get dirty(){return oi(this)}}let pc=0,Zn,er;function mc(n,e=!1){if(n.flags\|=8,e){n.next=er,er=n;return}n.next=Zn,Zn=n}function Fi(){pc++}function Ki(){if(--pc>0)return;if(er){let e=er;for(er=void 0;e;){const t=e.next;e.next=void 0,e.flags&=-9,e=t}}let n;for(;Zn;){let e=Zn;for(Zn=void 0;e;){const t=e.next;if(e.next=void 0,e.flags&=-9,e.flags&1)try{e.trigger()}catch(r){n\|\|(n=r)}e=t}}if(n)throw n}function Cc(n){for(let e=n.deps;e;e=e.nextDep)e.version=-1,e.prevActiveLink=e.dep.activeLink,e.dep.activeLink=e}function yc(n){let e,t=n.depsTail,r=t;for(;r;){const o=r.prevDep;r.version===-1?(r===t&&(t=o),Bi(r),Vh(r)):e=r,r.dep.activeLink=r.prevActiveLink,r.prevActiveLink=void 0,r=o}n.deps=e,n.depsTail=t}function oi(n){for(let e=n.deps;e;e=e.nextDep)if(e.dep.version!==e.version\|\|e.dep.computed&&(Tc(e.dep.computed)\|\|e.dep.version!==e.version))return!0;return!!n._dirty}function Tc(n){if(n.flags&4&&!(n.flags&16)\|\|(n.flags&=-17,n.globalVersion===cr))return;n.globalVersion=cr;const e=n.dep;if(n.flags\|=2,e.version>0&&!n.isSSR&&n.deps&&!oi(n)){n.flags&=-3;return}const t=le,r=st;le=n,st=!0;try{Cc(n);const o=n.fn(n._value);(e.version===0\|\|zt(o,n._value))&&(n._value=o,e.version++)}catch(o){throw e.version++,o}finally{le=t,st=r,yc(n),n.flags&=-3}}function Bi(n,e=!1){const{dep:t,prevSub:r,nextSub:o}=n;if(r&&(r.nextSub=o,n.prevSub=void 0),o&&(o.prevSub=r,n.nextSub=void 0),t.subs===n&&(t.subs=r,!r&&t.computed)){t.computed.flags&=-5;for(let i=t.computed.deps;i;i=i.nextDep)Bi(i,!0)}!e&&!--t.sc&&t.map&&t.map.delete(t.key)}function Vh(n){const{prevDep:e,nextDep:t}=n;e&&(e.nextDep=t,n.prevDep=void 0),t&&(t.prevDep=e,n.nextDep=void 0)}let st=!0;const Ac=[];function Xt(){Ac.push(st),st=!1}function Zt(){const n=Ac.pop();st=n===void 0?!0:n}function ta(n){const{cleanup:e}=n;if(n.cleanup=void 0,e){const t=le;le=void 0;try{e()}finally{le=t}}}let cr=0;class jh{constructor(e,t){this.sub=e,this.dep=t,this.version=t.version,this.nextDep=this.prevDep=this.nextSub=this.prevSub=this.prevActiveLink=void 0}}class Gi{constructor(e){this.computed=e,this.version=0,this.activeLink=void 0,this.subs=void 0,this.map=void 0,this.key=void 0,this.sc=0}track(e){if(!le\|\|!st\|\|le===this.computed)return;let t=this.activeLink;if(t===void 0\|\|t.sub!==le)t=this.activeLink=new jh(le,this),le.deps?(t.prevDep=le.depsTail,le.depsTail.nextDep=t,le.depsTail=t):le.deps=le.depsTail=t,vc(t);else if(t.version===-1&&(t.version=this.version,t.nextDep)){const r=t.nextDep;r.prevDep=t.prevDep,t.prevDep&&(t.prevDep.nextDep=r),t.prevDep=le.depsTail,t.nextDep=void 0,le.depsTail.nextDep=t,le.depsTail=t,le.deps===t&&(le.deps=r)}return t}trigger(e){this.version++,cr++,this.notify(e)}notify(e){Fi();try{for(let t=this.subs;t;t=t.prevSub)t.sub.notify()&&t.sub.dep.notify()}finally{Ki()}}}function vc(n){if(n.dep.sc++,n.sub.flags&4){const e=n.dep.computed;if(e&&!n.dep.subs){e.flags\|=20;for(let r=e.deps;r;r=r.nextDep)vc(r)}const t=n.dep.subs;t!==n&&(n.prevSub=t,t&&(t.nextSub=n)),n.dep.subs=n}}const ii=new WeakMap,dn=Symbol(""),si=Symbol(""),lr=Symbol("");function _e(n,e,t){if(st&&le){let r=ii.get(n);r\|\|ii.set(n,r=new Map);let o=r.get(t);o\|\|(r.set(t,o=new Gi),o.map=r,o.key=t),o.track()}}function Pt(n,e,t,r,o,i){const s=ii.get(n);if(!s){cr++;return}const a=c=>{c&&c.trigger()};if(Fi(),e==="clear")s.forEach(a);else{const c=K(n),d=c&&Li(t);if(c&&t==="length"){const l=Number(r);s.forEach((h,p)=>{(p==="length"\|\|p===lr\|\|!Jt(p)&&p>=l)&&a(h)})}else switch((t!==void 0\|\|s.has(void 0))&&a(s.get(t)),d&&a(s.get(lr)),e){case"add":c?d&&a(s.get("length")):(a(s.get(dn)),Rn(n)&&a(s.get(si)));break;case"delete":c\|\|(a(s.get(dn)),Rn(n)&&a(s.get(si)));break;case"set":Rn(n)&&a(s.get(dn));break}}Ki()}function vn(n){const e=te(n);return e===n?e:(_e(e,"iterate",lr),tt(n)?e:e.map(Se))}function fo(n){return _e(n=te(n),"iterate",lr),n}const Wh={__proto__:null,[Symbol.iterator](){return qo(this,Symbol.iterator,Se)},concat(...n){return vn(this).concat(...n.map(e=>K(e)?vn(e):e))},entries(){return qo(this,"entries",n=>(n[1]=Se(n[1]),n))},every(n,e){return St(this,"every",n,e,void 0,arguments)},filter(n,e){return St(this,"filter",n,e,t=>t.map(Se),arguments)},find(n,e){return St(this,"find",n,e,Se,arguments)},findIndex(n,e){return St(this,"findIndex",n,e,void 0,arguments)},findLast(n,e){return St(this,"findLast",n,e,Se,arguments)},findLastIndex(n,e){return St(this,"findLastIndex",n,e,void 0,arguments)},forEach(n,e){return St(this,"forEach",n,e,void 0,arguments)},includes(...n){return Vo(this,"includes",n)},indexOf(...n){return Vo(this,"indexOf",n)},join(n){return vn(this).join(n)},lastIndexOf(...n){return Vo(this,"lastIndexOf",n)},map(n,e){return St(this,"map",n,e,void 0,arguments)},pop(){return jn(this,"pop")},push(...n){return jn(this,"push",n)},reduce(n,...e){return na(this,"reduce",n,e)},reduceRight(n,...e){return na(this,"reduceRight",n,e)},shift(){return jn(this,"shift")},some(n,e){return St(this,"some",n,e,void 0,arguments)},splice(...n){return jn(this,"splice",n)},toReversed(){return vn(this).toReversed()},toSorted(n){return vn(this).toSorted(n)},toSpliced(...n){return vn(this).toSpliced(...n)},unshift(...n){return jn(this,"unshift",n)},values(){return qo(this,"values",Se)}};function qo(n,e,t){const r=fo(n),o=r[e]();return r!==n&&!tt(n)&&(o._next=o.next,o.next=()=>{const i=o._next();return i.value&&(i.value=t(i.value)),i}),o}const Yh=Array.prototype;function St(n,e,t,r,o,i){const s=fo(n),a=s!==n&&!tt(n),c=s[e];if(c!==Yh[e]){const h=c.apply(n,i);return a?Se(h):h}let d=t;s!==n&&(a?d=function(h,p){return t.call(this,Se(h),p,n)}:t.length>2&&(d=function(h,p){return t.call(this,h,p,n)}));const l=c.call(s,d,r);return a&&o?o(l):l}function na(n,e,t,r){const o=fo(n);let i=t;return o!==n&&(tt(n)?t.length>3&&(i=function(s,a,c){return t.call(this,s,a,c,n)}):i=function(s,a,c){return t.call(this,s,Se(a),c,n)}),o[e](i,...r)}function Vo(n,e,t){const r=te(n);_e(r,"iterate",lr);const o=r[e](...t);return(o===-1\|\|o===!1)&&Vi(t[0])?(t[0]=te(t[0]),r[e](...t)):o}function jn(n,e,t=[]){Xt(),Fi();const r=te(n)[e].apply(n,t);return Ki(),Zt(),r}const Qh=Mi("__proto__,__v_isRef,__isVue"),wc=new Set(Object.getOwnPropertyNames(Symbol).filter(n=>n!=="arguments"&&n!=="caller").map(n=>Symbol[n]).filter(Jt));function Jh(n){Jt(n)\|\|(n=String(n));const e=te(this);return _e(e,"has",n),e.hasOwnProperty(n)}class Ic{constructor(e=!1,t=!1){this._isReadonly=e,this._isShallow=t}get(e,t,r){if(t==="__v_skip")return e.__v_skip;const o=this._isReadonly,i=this._isShallow;if(t==="__v_isReactive")return!o;if(t==="__v_isReadonly")return o;if(t==="__v_isShallow")return i;if(t==="__v_raw")return r===(o?i?au:bc:i?Sc:_c).get(e)\|\|Object.getPrototypeOf(e)===Object.getPrototypeOf(r)?e:void 0;const s=K(e);if(!o){let c;if(s&&(c=Wh[t]))return c;if(t==="hasOwnProperty")return Jh}const a=Reflect.get(e,t,ke(e)?e:r);return(Jt(t)?wc.has(t):Qh(t))\|\|(o\|\|_e(e,"get",t),i)?a:ke(a)?s&&Li(t)?a:a.value:ue(a)?o?kc(a):zi(a):a}}class Ec extends Ic{constructor(e=!1){super(!1,e)}set(e,t,r,o){let i=e[t];if(!this._isShallow){const c=un(i);if(!tt(r)&&!un(r)&&(i=te(i),r=te(r)),!K(e)&&ke(i)&&!ke(r))return c?!1:(i.value=r,!0)}const s=K(e)&&Li(t)?Number(t)<e.length:ne(e,t),a=Reflect.set(e,t,r,ke(e)?e:o);return e===te(o)&&(s?zt(r,i)&&Pt(e,"set",t,r):Pt(e,"add",t,r)),a}deleteProperty(e,t){const r=ne(e,t);e[t];const o=Reflect.deleteProperty(e,t);return o&&r&&Pt(e,"delete",t,void 0),o}has(e,t){const r=Reflect.has(e,t);return(!Jt(t)\|\|!wc.has(t))&&_e(e,"has",t),r}ownKeys(e){return _e(e,"iterate",K(e)?"length":dn),Reflect.ownKeys(e)}}class Xh extends Ic{constructor(e=!1){super(!0,e)}set(e,t){return!0}deleteProperty(e,t){return!0}}const Zh=new Ec,eu=new Xh,tu=new Ec(!0);const ai=n=>n,wr=n=>Reflect.getPrototypeOf(n);function nu(n,e,t){return function(...r){const o=this.__v_raw,i=te(o),s=Rn(i),a=n==="entries"\|\|n===Symbol.iterator&&s,c=n==="keys"&&s,d=o[n](...r),l=t?ai:e?ci:Se;return!e&&_e(i,"iterate",c?si:dn),{next(){const{value:h,done:p}=d.next();return p?{value:h,done:p}:{value:a?[l(h[0]),l(h[1])]:l(h),done:p}},[Symbol.iterator](){return this}}}}function Ir(n){return function(...e){return n==="delete"?!1:n==="clear"?void 0:this}}function ru(n,e){const t={get(o){const i=this.__v_raw,s=te(i),a=te(o);n\|\|(zt(o,a)&&_e(s,"get",o),_e(s,"get",a));const{has:c}=wr(s),d=e?ai:n?ci:Se;if(c.call(s,o))return d(i.get(o));if(c.call(s,a))return d(i.get(a));i!==s&&i.get(o)},get size(){const o=this.__v_raw;return!n&&_e(te(o),"iterate",dn),Reflect.get(o,"size",o)},has(o){const i=this.__v_raw,s=te(i),a=te(o);return n\|\|(zt(o,a)&&_e(s,"has",o),_e(s,"has",a)),o===a?i.has(o):i.has(o)\|\|i.has(a)},forEach(o,i){const s=this,a=s.__v_raw,c=te(a),d=e?ai:n?ci:Se;return!n&&_e(c,"iterate",dn),a.forEach((l,h)=>o.call(i,d(l),d(h),s))}};return De(t,n?{add:Ir("add"),set:Ir("set"),delete:Ir("delete"),clear:Ir("clear")}:{add(o){!e&&!tt(o)&&!un(o)&&(o=te(o));const i=te(this);return wr(i).has.call(i,o)\|\|(i.add(o),Pt(i,"add",o,o)),this},set(o,i){!e&&!tt(i)&&!un(i)&&(i=te(i));const s=te(this),{has:a,get:c}=wr(s);let d=a.call(s,o);d\|\|(o=te(o),d=a.call(s,o));const l=c.call(s,o);return s.set(o,i),d?zt(i,l)&&Pt(s,"set",o,i):Pt(s,"add",o,i),this},delete(o){const i=te(this),{has:s,get:a}=wr(i);let c=s.call(i,o);c\|\|(o=te(o),c=s.call(i,o)),a&&a.call(i,o);const d=i.delete(o);return c&&Pt(i,"delete",o,void 0),d},clear(){const o=te(this),i=o.size!==0,s=o.clear();return i&&Pt(o,"clear",void 0,void 0),s}}),["keys","values","entries",Symbol.iterator].forEach(o=>{t[o]=nu(o,n,e)}),t}function $i(n,e){const t=ru(n,e);return(r,o,i)=>o==="__v_isReactive"?!n:o==="__v_isReadonly"?n:o==="__v_raw"?r:Reflect.get(ne(t,o)&&o in r?t:r,o,i)}const ou={get:$i(!1,!1)},iu={get:$i(!1,!0)},su={get:$i(!0,!1)};const _c=new WeakMap,Sc=new WeakMap,bc=new WeakMap,au=new WeakMap;function cu(n){switch(n){case"Object":case"Array":return 1;case"Map":case"Set":case"WeakMap":case"WeakSet":return 2;default:return 0}}function lu(n){return n.__v_skip\|\|!Object.isExtensible(n)?0:cu(xh(n))}function zi(n){return un(n)?n:qi(n,!1,Zh,ou,_c)}function du(n){return qi(n,!1,tu,iu,Sc)}function kc(n){return qi(n,!0,eu,su,bc)}function qi(n,e,t,r,o){if(!ue(n)\|\|n.__v_raw&&!(e&&n.__v_isReactive))return n;const i=o.get(n);if(i)return i;const s=lu(n);if(s===0)return n;const a=new Proxy(n,s===2?r:t);return o.set(n,a),a}function On(n){return un(n)?On(n.__v_raw):!!(n&&n.__v_isReactive)}function un(n){return!!(n&&n.__v_isReadonly)}function tt(n){return!!(n&&n.__v_isShallow)}function Vi(n){return n?!!n.__v_raw:!1}function te(n){const e=n&&n.__v_raw;return e?te(e):n}function hu(n){return!ne(n,"__v_skip")&&Object.isExtensible(n)&&dc(n,"__v_skip",!0),n}const Se=n=>ue(n)?zi(n):n,ci=n=>ue(n)?kc(n):n;function ke(n){return n?n.__v_isRef===!0:!1}function Dt(n){return uu(n,!1)}function uu(n,e){return ke(n)?n:new fu(n,e)}class fu{constructor(e,t){this.dep=new Gi,this.__v_isRef=!0,this.__v_isShallow=!1,this._rawValue=t?e:te(e),this._value=t?e:Se(e),this.__v_isShallow=t}get value(){return this.dep.track(),this._value}set value(e){const t=this._rawValue,r=this.__v_isShallow\|\|tt(e)\|\|un(e);e=r?e:te(e),zt(e,t)&&(this._rawValue=e,this._value=r?e:Se(e),this.dep.trigger())}}function et(n){return ke(n)?n.value:n}const gu={get:(n,e,t)=>e==="__v_raw"?n:et(Reflect.get(n,e,t)),set:(n,e,t,r)=>{const o=n[e];return ke(o)&&!ke(t)?(o.value=t,!0):Reflect.set(n,e,t,r)}};function Rc(n){return On(n)?n:new Proxy(n,gu)}class pu{constructor(e,t,r){this.fn=e,this.setter=t,this._value=void 0,this.dep=new Gi(this),this.__v_isRef=!0,this.deps=void 0,this.depsTail=void 0,this.flags=16,this.globalVersion=cr-1,this.next=void 0,this.effect=this,this.__v_isReadonly=!t,this.isSSR=r}notify(){if(this.flags\|=16,!(this.flags&8)&&le!==this)return mc(this,!0),!0}get value(){const e=this.dep.track();return Tc(this),e&&(e.version=this.dep.version),this._value}set value(e){this.setter&&this.setter(e)}}function mu(n,e,t=!1){let r,o;return G(n)?r=n:(r=n.get,o=n.set),new pu(r,o,t)}const Er={},Kr=new WeakMap;let sn;function Cu(n,e=!1,t=sn){if(t){let r=Kr.get(t);r\|\|Kr.set(t,r=[]),r.push(n)}}function yu(n,e,t=de){const{immediate:r,deep:o,once:i,scheduler:s,augmentJob:a,call:c}=t,d=H=>o?H:tt(H)\|\|o===!1\|\|o===0?Bt(H,1):Bt(H);let l,h,p,y,b=!1,S=!1;if(ke(n)?(h=()=>n.value,b=tt(n)):On(n)?(h=()=>d(n),b=!0):K(n)?(S=!0,b=n.some(H=>On(H)\|\|tt(H)),h=()=>n.map(H=>{if(ke(H))return H.value;if(On(H))return d(H);if(G(H))return c?c(H,2):H()})):G(n)?e?h=c?()=>c(n,2):n:h=()=>{if(p){Xt();try{p()}finally{Zt()}}const H=sn;sn=l;try{return c?c(n,3,[y]):n(y)}finally{sn=H}}:h=vt,e&&o){const H=h,ae=o===!0?1/0:o;h=()=>Bt(H(),ae)}const q=qh(),D=()=>{l.stop(),q&&q.active&&Hi(q.effects,l)};if(i&&e){const H=e;e=(...ae)=>{H(...ae),D()}}let V=S?new Array(n.length).fill(Er):Er;const J=H=>{if(!(!(l.flags&1)\|\|!l.dirty&&!H))if(e){const ae=l.run();if(o\|\|b\|\|(S?ae.some((Be,me)=>zt(Be,V[me])):zt(ae,V))){p&&p();const Be=sn;sn=l;try{const me=[ae,V===Er?void 0:S&&V[0]===Er?[]:V,y];c?c(e,3,me):e(...me),V=ae}finally{sn=Be}}}else l.run()};return a&&a(J),l=new gc(h),l.scheduler=s?()=>s(J,!1):J,y=H=>Cu(H,!1,l),p=l.onStop=()=>{const H=Kr.get(l);if(H){if(c)c(H,4);else for(const ae of H)ae();Kr.delete(l)}},e?r?J(!0):V=l.run():s?s(J.bind(null,!0),!0):l.run(),D.pause=l.pause.bind(l),D.resume=l.resume.bind(l),D.stop=D,D}function Bt(n,e=1/0,t){if(e<=0\|\|!ue(n)\|\|n.__v_skip\|\|(t=t\|\|new Set,t.has(n)))return n;if(t.add(n),e--,ke(n))Bt(n.value,e,t);else if(K(n))for(let r=0;r<n.length;r++)Bt(n[r],e,t);else if(ic(n)\|\|Rn(n))n.forEach(r=>{Bt(r,e,t)});else if(cc(n)){for(const r in n)Bt(n[r],e,t);for(const r of Object.getOwnPropertySymbols(n))Object.prototype.propertyIsEnumerable.call(n,r)&&Bt(n[r],e,t)}return n}/
	+/let Ve;class zh{constructor(e=!1){this.detached=e,this._active=!0,this.effects=[],this.cleanups=[],this._isPaused=!1,this.parent=Ve,!e&&Ve&&(this.index=(Ve.scopes\|\|(Ve.scopes=[])).push(this)-1)}get active(){return this._active}pause(){if(this._active){this._isPaused=!0;let e,t;if(this.scopes)for(e=0,t=this.scopes.length;e<t;e++)this.scopes[e].pause();for(e=0,t=this.effects.length;e<t;e++)this.effects[e].pause()}}resume(){if(this._active&&this._isPaused){this._isPaused=!1;let e,t;if(this.scopes)for(e=0,t=this.scopes.length;e<t;e++)this.scopes[e].resume();for(e=0,t=this.effects.length;e<t;e++)this.effects[e].resume()}}run(e){if(this._active){const t=Ve;try{return Ve=this,e()}finally{Ve=t}}}on(){Ve=this}off(){Ve=this.parent}stop(e){if(this._active){this._active=!1;let t,r;for(t=0,r=this.effects.length;t<r;t++)this.effects[t].stop();for(this.effects.length=0,t=0,r=this.cleanups.length;t<r;t++)this.cleanups[t]();if(this.cleanups.length=0,this.scopes){for(t=0,r=this.scopes.length;t<r;t++)this.scopes[t].stop(!0);this.scopes.length=0}if(!this.detached&&this.parent&&!e){const o=this.parent.scopes.pop();o&&o!==this&&(this.parent.scopes[this.index]=o,o.index=this.index)}this.parent=void 0}}}function qh(){return Ve}let le;const qo=new WeakSet;class pc{constructor(e){this.fn=e,this.deps=void 0,this.depsTail=void 0,this.flags=5,this.next=void 0,this.cleanup=void 0,this.scheduler=void 0,Ve&&Ve.active&&Ve.effects.push(this)}pause(){this.flags\|=64}resume(){this.flags&64&&(this.flags&=-65,qo.has(this)&&(qo.delete(this),this.trigger()))}notify(){this.flags&2&&!(this.flags&32)\|\|this.flags&8\|\|Cc(this)}run(){if(!(this.flags&1))return this.fn();this.flags\|=2,na(this),yc(this);const e=le,t=st;le=this,st=!0;try{return this.fn()}finally{Tc(this),le=e,st=t,this.flags&=-3}}stop(){if(this.flags&1){for(let e=this.deps;e;e=e.nextDep)Gi(e);this.deps=this.depsTail=void 0,na(this),this.onStop&&this.onStop(),this.flags&=-2}}trigger(){this.flags&64?qo.add(this):this.scheduler?this.scheduler():this.runIfDirty()}runIfDirty(){ii(this)&&this.run()}get dirty(){return ii(this)}}let mc=0,Xn,Zn;function Cc(n,e=!1){if(n.flags\|=8,e){n.next=Zn,Zn=n;return}n.next=Xn,Xn=n}function Ki(){mc++}function Bi(){if(--mc>0)return;if(Zn){let e=Zn;for(Zn=void 0;e;){const t=e.next;e.next=void 0,e.flags&=-9,e=t}}let n;for(;Xn;){let e=Xn;for(Xn=void 0;e;){const t=e.next;if(e.next=void 0,e.flags&=-9,e.flags&1)try{e.trigger()}catch(r){n\|\|(n=r)}e=t}}if(n)throw n}function yc(n){for(let e=n.deps;e;e=e.nextDep)e.version=-1,e.prevActiveLink=e.dep.activeLink,e.dep.activeLink=e}function Tc(n){let e,t=n.depsTail,r=t;for(;r;){const o=r.prevDep;r.version===-1?(r===t&&(t=o),Gi(r),Vh(r)):e=r,r.dep.activeLink=r.prevActiveLink,r.prevActiveLink=void 0,r=o}n.deps=e,n.depsTail=t}function ii(n){for(let e=n.deps;e;e=e.nextDep)if(e.dep.version!==e.version\|\|e.dep.computed&&(Ac(e.dep.computed)\|\|e.dep.version!==e.version))return!0;return!!n._dirty}function Ac(n){if(n.flags&4&&!(n.flags&16)\|\|(n.flags&=-17,n.globalVersion===ar))return;n.globalVersion=ar;const e=n.dep;if(n.flags\|=2,e.version>0&&!n.isSSR&&n.deps&&!ii(n)){n.flags&=-3;return}const t=le,r=st;le=n,st=!0;try{yc(n);const o=n.fn(n._value);(e.version===0\|\|zt(o,n._value))&&(n._value=o,e.version++)}catch(o){throw e.version++,o}finally{le=t,st=r,Tc(n),n.flags&=-3}}function Gi(n,e=!1){const{dep:t,prevSub:r,nextSub:o}=n;if(r&&(r.nextSub=o,n.prevSub=void 0),o&&(o.prevSub=r,n.nextSub=void 0),t.subs===n&&(t.subs=r,!r&&t.computed)){t.computed.flags&=-5;for(let i=t.computed.deps;i;i=i.nextDep)Gi(i,!0)}!e&&!--t.sc&&t.map&&t.map.delete(t.key)}function Vh(n){const{prevDep:e,nextDep:t}=n;e&&(e.nextDep=t,n.prevDep=void 0),t&&(t.prevDep=e,n.nextDep=void 0)}let st=!0;const vc=[];function Xt(){vc.push(st),st=!1}function Zt(){const n=vc.pop();st=n===void 0?!0:n}function na(n){const{cleanup:e}=n;if(n.cleanup=void 0,e){const t=le;le=void 0;try{e()}finally{le=t}}}let ar=0;class jh{constructor(e,t){this.sub=e,this.dep=t,this.version=t.version,this.nextDep=this.prevDep=this.nextSub=this.prevSub=this.prevActiveLink=void 0}}class $i{constructor(e){this.computed=e,this.version=0,this.activeLink=void 0,this.subs=void 0,this.map=void 0,this.key=void 0,this.sc=0}track(e){if(!le\|\|!st\|\|le===this.computed)return;let t=this.activeLink;if(t===void 0\|\|t.sub!==le)t=this.activeLink=new jh(le,this),le.deps?(t.prevDep=le.depsTail,le.depsTail.nextDep=t,le.depsTail=t):le.deps=le.depsTail=t,wc(t);else if(t.version===-1&&(t.version=this.version,t.nextDep)){const r=t.nextDep;r.prevDep=t.prevDep,t.prevDep&&(t.prevDep.nextDep=r),t.prevDep=le.depsTail,t.nextDep=void 0,le.depsTail.nextDep=t,le.depsTail=t,le.deps===t&&(le.deps=r)}return t}trigger(e){this.version++,ar++,this.notify(e)}notify(e){Ki();try{for(let t=this.subs;t;t=t.prevSub)t.sub.notify()&&t.sub.dep.notify()}finally{Bi()}}}function wc(n){if(n.dep.sc++,n.sub.flags&4){const e=n.dep.computed;if(e&&!n.dep.subs){e.flags\|=20;for(let r=e.deps;r;r=r.nextDep)wc(r)}const t=n.dep.subs;t!==n&&(n.prevSub=t,t&&(t.nextSub=n)),n.dep.subs=n}}const si=new WeakMap,dn=Symbol(""),ai=Symbol(""),cr=Symbol("");function Se(n,e,t){if(st&&le){let r=si.get(n);r\|\|si.set(n,r=new Map);let o=r.get(t);o\|\|(r.set(t,o=new $i),o.map=r,o.key=t),o.track()}}function Pt(n,e,t,r,o,i){const s=si.get(n);if(!s){ar++;return}const a=c=>{c&&c.trigger()};if(Ki(),e==="clear")s.forEach(a);else{const c=K(n),d=c&&Ui(t);if(c&&t==="length"){const l=Number(r);s.forEach((h,p)=>{(p==="length"\|\|p===cr\|\|!Jt(p)&&p>=l)&&a(h)})}else switch((t!==void 0\|\|s.has(void 0))&&a(s.get(t)),d&&a(s.get(cr)),e){case"add":c?d&&a(s.get("length")):(a(s.get(dn)),On(n)&&a(s.get(ai)));break;case"delete":c\|\|(a(s.get(dn)),On(n)&&a(s.get(ai)));break;case"set":On(n)&&a(s.get(dn));break}}Bi()}function vn(n){const e=te(n);return e===n?e:(Se(e,"iterate",cr),tt(n)?e:e.map(be))}function go(n){return Se(n=te(n),"iterate",cr),n}const Wh={__proto__:null,[Symbol.iterator](){return Vo(this,Symbol.iterator,be)},concat(...n){return vn(this).concat(...n.map(e=>K(e)?vn(e):e))},entries(){return Vo(this,"entries",n=>(n[1]=be(n[1]),n))},every(n,e){return St(this,"every",n,e,void 0,arguments)},filter(n,e){return St(this,"filter",n,e,t=>t.map(be),arguments)},find(n,e){return St(this,"find",n,e,be,arguments)},findIndex(n,e){return St(this,"findIndex",n,e,void 0,arguments)},findLast(n,e){return St(this,"findLast",n,e,be,arguments)},findLastIndex(n,e){return St(this,"findLastIndex",n,e,void 0,arguments)},forEach(n,e){return St(this,"forEach",n,e,void 0,arguments)},includes(...n){return jo(this,"includes",n)},indexOf(...n){return jo(this,"indexOf",n)},join(n){return vn(this).join(n)},lastIndexOf(...n){return jo(this,"lastIndexOf",n)},map(n,e){return St(this,"map",n,e,void 0,arguments)},pop(){return jn(this,"pop")},push(...n){return jn(this,"push",n)},reduce(n,...e){return ra(this,"reduce",n,e)},reduceRight(n,...e){return ra(this,"reduceRight",n,e)},shift(){return jn(this,"shift")},some(n,e){return St(this,"some",n,e,void 0,arguments)},splice(...n){return jn(this,"splice",n)},toReversed(){return vn(this).toReversed()},toSorted(n){return vn(this).toSorted(n)},toSpliced(...n){return vn(this).toSpliced(...n)},unshift(...n){return jn(this,"unshift",n)},values(){return Vo(this,"values",be)}};function Vo(n,e,t){const r=go(n),o=r[e]();return r!==n&&!tt(n)&&(o._next=o.next,o.next=()=>{const i=o._next();return i.value&&(i.value=t(i.value)),i}),o}const Yh=Array.prototype;function St(n,e,t,r,o,i){const s=go(n),a=s!==n&&!tt(n),c=s[e];if(c!==Yh[e]){const h=c.apply(n,i);return a?be(h):h}let d=t;s!==n&&(a?d=function(h,p){return t.call(this,be(h),p,n)}:t.length>2&&(d=function(h,p){return t.call(this,h,p,n)}));const l=c.call(s,d,r);return a&&o?o(l):l}function ra(n,e,t,r){const o=go(n);let i=t;return o!==n&&(tt(n)?t.length>3&&(i=function(s,a,c){return t.call(this,s,a,c,n)}):i=function(s,a,c){return t.call(this,s,be(a),c,n)}),o[e](i,...r)}function jo(n,e,t){const r=te(n);Se(r,"iterate",cr);const o=r[e](...t);return(o===-1\|\|o===!1)&&ji(t[0])?(t[0]=te(t[0]),r[e](...t)):o}function jn(n,e,t=[]){Xt(),Ki();const r=te(n)[e].apply(n,t);return Bi(),Zt(),r}const Qh=xi("__proto__,__v_isRef,__isVue"),Ic=new Set(Object.getOwnPropertyNames(Symbol).filter(n=>n!=="arguments"&&n!=="caller").map(n=>Symbol[n]).filter(Jt));function Jh(n){Jt(n)\|\|(n=String(n));const e=te(this);return Se(e,"has",n),e.hasOwnProperty(n)}class Ec{constructor(e=!1,t=!1){this._isReadonly=e,this._isShallow=t}get(e,t,r){if(t==="__v_skip")return e.__v_skip;const o=this._isReadonly,i=this._isShallow;if(t==="__v_isReactive")return!o;if(t==="__v_isReadonly")return o;if(t==="__v_isShallow")return i;if(t==="__v_raw")return r===(o?i?au:kc:i?bc:Sc).get(e)\|\|Object.getPrototypeOf(e)===Object.getPrototypeOf(r)?e:void 0;const s=K(e);if(!o){let c;if(s&&(c=Wh[t]))return c;if(t==="hasOwnProperty")return Jh}const a=Reflect.get(e,t,Re(e)?e:r);return(Jt(t)?Ic.has(t):Qh(t))\|\|(o\|\|Se(e,"get",t),i)?a:Re(a)?s&&Ui(t)?a:a.value:ue(a)?o?Rc(a):qi(a):a}}class _c extends Ec{constructor(e=!1){super(!1,e)}set(e,t,r,o){let i=e[t];if(!this._isShallow){const c=un(i);if(!tt(r)&&!un(r)&&(i=te(i),r=te(r)),!K(e)&&Re(i)&&!Re(r))return c?!1:(i.value=r,!0)}const s=K(e)&&Ui(t)?Number(t)<e.length:ne(e,t),a=Reflect.set(e,t,r,Re(e)?e:o);return e===te(o)&&(s?zt(r,i)&&Pt(e,"set",t,r):Pt(e,"add",t,r)),a}deleteProperty(e,t){const r=ne(e,t);e[t];const o=Reflect.deleteProperty(e,t);return o&&r&&Pt(e,"delete",t,void 0),o}has(e,t){const r=Reflect.has(e,t);return(!Jt(t)\|\|!Ic.has(t))&&Se(e,"has",t),r}ownKeys(e){return Se(e,"iterate",K(e)?"length":dn),Reflect.ownKeys(e)}}class Xh extends Ec{constructor(e=!1){super(!0,e)}set(e,t){return!0}deleteProperty(e,t){return!0}}const Zh=new _c,eu=new Xh,tu=new _c(!0);const ci=n=>n,Ir=n=>Reflect.getPrototypeOf(n);function nu(n,e,t){return function(...r){const o=this.__v_raw,i=te(o),s=On(i),a=n==="entries"\|\|n===Symbol.iterator&&s,c=n==="keys"&&s,d=o[n](...r),l=t?ci:e?li:be;return!e&&Se(i,"iterate",c?ai:dn),{next(){const{value:h,done:p}=d.next();return p?{value:h,done:p}:{value:a?[l(h[0]),l(h[1])]:l(h),done:p}},[Symbol.iterator](){return this}}}}function Er(n){return function(...e){return n==="delete"?!1:n==="clear"?void 0:this}}function ru(n,e){const t={get(o){const i=this.__v_raw,s=te(i),a=te(o);n\|\|(zt(o,a)&&Se(s,"get",o),Se(s,"get",a));const{has:c}=Ir(s),d=e?ci:n?li:be;if(c.call(s,o))return d(i.get(o));if(c.call(s,a))return d(i.get(a));i!==s&&i.get(o)},get size(){const o=this.__v_raw;return!n&&Se(te(o),"iterate",dn),Reflect.get(o,"size",o)},has(o){const i=this.__v_raw,s=te(i),a=te(o);return n\|\|(zt(o,a)&&Se(s,"has",o),Se(s,"has",a)),o===a?i.has(o):i.has(o)\|\|i.has(a)},forEach(o,i){const s=this,a=s.__v_raw,c=te(a),d=e?ci:n?li:be;return!n&&Se(c,"iterate",dn),a.forEach((l,h)=>o.call(i,d(l),d(h),s))}};return De(t,n?{add:Er("add"),set:Er("set"),delete:Er("delete"),clear:Er("clear")}:{add(o){!e&&!tt(o)&&!un(o)&&(o=te(o));const i=te(this);return Ir(i).has.call(i,o)\|\|(i.add(o),Pt(i,"add",o,o)),this},set(o,i){!e&&!tt(i)&&!un(i)&&(i=te(i));const s=te(this),{has:a,get:c}=Ir(s);let d=a.call(s,o);d\|\|(o=te(o),d=a.call(s,o));const l=c.call(s,o);return s.set(o,i),d?zt(i,l)&&Pt(s,"set",o,i):Pt(s,"add",o,i),this},delete(o){const i=te(this),{has:s,get:a}=Ir(i);let c=s.call(i,o);c\|\|(o=te(o),c=s.call(i,o)),a&&a.call(i,o);const d=i.delete(o);return c&&Pt(i,"delete",o,void 0),d},clear(){const o=te(this),i=o.size!==0,s=o.clear();return i&&Pt(o,"clear",void 0,void 0),s}}),["keys","values","entries",Symbol.iterator].forEach(o=>{t[o]=nu(o,n,e)}),t}function zi(n,e){const t=ru(n,e);return(r,o,i)=>o==="__v_isReactive"?!n:o==="__v_isReadonly"?n:o==="__v_raw"?r:Reflect.get(ne(t,o)&&o in r?t:r,o,i)}const ou={get:zi(!1,!1)},iu={get:zi(!1,!0)},su={get:zi(!0,!1)};const Sc=new WeakMap,bc=new WeakMap,kc=new WeakMap,au=new WeakMap;function cu(n){switch(n){case"Object":case"Array":return 1;case"Map":case"Set":case"WeakMap":case"WeakSet":return 2;default:return 0}}function lu(n){return n.__v_skip\|\|!Object.isExtensible(n)?0:cu(xh(n))}function qi(n){return un(n)?n:Vi(n,!1,Zh,ou,Sc)}function du(n){return Vi(n,!1,tu,iu,bc)}function Rc(n){return Vi(n,!0,eu,su,kc)}function Vi(n,e,t,r,o){if(!ue(n)\|\|n.__v_raw&&!(e&&n.__v_isReactive))return n;const i=o.get(n);if(i)return i;const s=lu(n);if(s===0)return n;const a=new Proxy(n,s===2?r:t);return o.set(n,a),a}function Pn(n){return un(n)?Pn(n.__v_raw):!!(n&&n.__v_isReactive)}function un(n){return!!(n&&n.__v_isReadonly)}function tt(n){return!!(n&&n.__v_isShallow)}function ji(n){return n?!!n.__v_raw:!1}function te(n){const e=n&&n.__v_raw;return e?te(e):n}function hu(n){return!ne(n,"__v_skip")&&Object.isExtensible(n)&&hc(n,"__v_skip",!0),n}const be=n=>ue(n)?qi(n):n,li=n=>ue(n)?Rc(n):n;function Re(n){return n?n.__v_isRef===!0:!1}function Dt(n){return uu(n,!1)}function uu(n,e){return Re(n)?n:new fu(n,e)}class fu{constructor(e,t){this.dep=new $i,this.__v_isRef=!0,this.__v_isShallow=!1,this._rawValue=t?e:te(e),this._value=t?e:be(e),this.__v_isShallow=t}get value(){return this.dep.track(),this._value}set value(e){const t=this._rawValue,r=this.__v_isShallow\|\|tt(e)\|\|un(e);e=r?e:te(e),zt(e,t)&&(this._rawValue=e,this._value=r?e:be(e),this.dep.trigger())}}function et(n){return Re(n)?n.value:n}const gu={get:(n,e,t)=>e==="__v_raw"?n:et(Reflect.get(n,e,t)),set:(n,e,t,r)=>{const o=n[e];return Re(o)&&!Re(t)?(o.value=t,!0):Reflect.set(n,e,t,r)}};function Oc(n){return Pn(n)?n:new Proxy(n,gu)}class pu{constructor(e,t,r){this.fn=e,this.setter=t,this._value=void 0,this.dep=new $i(this),this.__v_isRef=!0,this.deps=void 0,this.depsTail=void 0,this.flags=16,this.globalVersion=ar-1,this.next=void 0,this.effect=this,this.__v_isReadonly=!t,this.isSSR=r}notify(){if(this.flags\|=16,!(this.flags&8)&&le!==this)return Cc(this,!0),!0}get value(){const e=this.dep.track();return Ac(this),e&&(e.version=this.dep.version),this._value}set value(e){this.setter&&this.setter(e)}}function mu(n,e,t=!1){let r,o;return $(n)?r=n:(r=n.get,o=n.set),new pu(r,o,t)}const _r={},Br=new WeakMap;let sn;function Cu(n,e=!1,t=sn){if(t){let r=Br.get(t);r\|\|Br.set(t,r=[]),r.push(n)}}function yu(n,e,t=de){const{immediate:r,deep:o,once:i,scheduler:s,augmentJob:a,call:c}=t,d=H=>o?H:tt(H)\|\|o===!1\|\|o===0?Bt(H,1):Bt(H);let l,h,p,y,b=!1,S=!1;if(Re(n)?(h=()=>n.value,b=tt(n)):Pn(n)?(h=()=>d(n),b=!0):K(n)?(S=!0,b=n.some(H=>Pn(H)\|\|tt(H)),h=()=>n.map(H=>{if(Re(H))return H.value;if(Pn(H))return d(H);if($(H))return c?c(H,2):H()})):$(n)?e?h=c?()=>c(n,2):n:h=()=>{if(p){Xt();try{p()}finally{Zt()}}const H=sn;sn=l;try{return c?c(n,3,[y]):n(y)}finally{sn=H}}:h=vt,e&&o){const H=h,ae=o===!0?1/0:o;h=()=>Bt(H(),ae)}const q=qh(),D=()=>{l.stop(),q&&q.active&&Li(q.effects,l)};if(i&&e){const H=e;e=(...ae)=>{H(...ae),D()}}let V=S?new Array(n.length).fill(_r):_r;const J=H=>{if(!(!(l.flags&1)\|\|!l.dirty&&!H))if(e){const ae=l.run();if(o\|\|b\|\|(S?ae.some((Be,me)=>zt(Be,V[me])):zt(ae,V))){p&&p();const Be=sn;sn=l;try{const me=[ae,V===_r?void 0:S&&V[0]===_r?[]:V,y];c?c(e,3,me):e(...me),V=ae}finally{sn=Be}}}else l.run()};return a&&a(J),l=new pc(h),l.scheduler=s?()=>s(J,!1):J,y=H=>Cu(H,!1,l),p=l.onStop=()=>{const H=Br.get(l);if(H){if(c)c(H,4);else for(const ae of H)ae();Br.delete(l)}},e?r?J(!0):V=l.run():s?s(J.bind(null,!0),!0):l.run(),D.pause=l.pause.bind(l),D.resume=l.resume.bind(l),D.stop=D,D}function Bt(n,e=1/0,t){if(e<=0\|\|!ue(n)\|\|n.__v_skip\|\|(t=t\|\|new Set,t.has(n)))return n;if(t.add(n),e--,Re(n))Bt(n.value,e,t);else if(K(n))for(let r=0;r<n.length;r++)Bt(n[r],e,t);else if(sc(n)\|\|On(n))n.forEach(r=>{Bt(r,e,t)});else if(lc(n)){for(const r in n)Bt(n[r],e,t);for(const r of Object.getOwnPropertySymbols(n))Object.prototype.propertyIsEnumerable.call(n,r)&&Bt(n[r],e,t)}return n}/
	* @vue/runtime-core v3.5.13
	* (c) 2018-present Yuxi (Evan) You and Vue contributors
	* @license MIT
	-/function yr(n,e,t,r){try{return r?n(...r):n()}catch(o){go(o,e,t)}}function wt(n,e,t,r){if(G(n)){const o=yr(n,e,t,r);return o&&sc(o)&&o.catch(i=>{go(i,e,t)}),o}if(K(n)){const o=[];for(let i=0;i<n.length;i++)o.push(wt(n[i],e,t,r));return o}}function go(n,e,t,r=!0){const o=e?e.vnode:null,{errorHandler:i,throwUnhandledErrorInProduction:s}=e&&e.appContext.config\|\|de;if(e){let a=e.parent;const c=e.proxy,d=`https://vuejs.org/error-reference/#runtime-${t}`;for(;a;){const l=a.ec;if(l){for(let h=0;h<l.length;h++)if(l[h](n,c,d)===!1)return}a=a.parent}if(i){Xt(),yr(i,null,10,[n,c,d]),Zt();return}}Tu(n,t,o,r,s)}function Tu(n,e,t,r=!0,o=!1){if(o)throw n;console.error(n)}const xe=[];let pt=-1;const Pn=[];let Ft=null,In=0;const Oc=Promise.resolve();let Br=null;function Au(n){const e=Br\|\|Oc;return n?e.then(this?n.bind(this):n):e}function vu(n){let e=pt+1,t=xe.length;for(;e<t;){const r=e+t>>>1,o=xe[r],i=dr(o);i<n\|\|i===n&&o.flags&2?e=r+1:t=r}return e}function ji(n){if(!(n.flags&1)){const e=dr(n),t=xe[xe.length-1];!t\|\|!(n.flags&2)&&e>=dr(t)?xe.push(n):xe.splice(vu(e),0,n),n.flags\|=1,Pc()}}function Pc(){Br\|\|(Br=Oc.then(Mc))}function wu(n){K(n)?Pn.push(...n):Ft&&n.id===-1?Ft.splice(In+1,0,n):n.flags&1\|\|(Pn.push(n),n.flags\|=1),Pc()}function ra(n,e,t=pt+1){for(;t<xe.length;t++){const r=xe[t];if(r&&r.flags&2){if(n&&r.id!==n.uid)continue;xe.splice(t,1),t--,r.flags&4&&(r.flags&=-2),r(),r.flags&4\|\|(r.flags&=-2)}}}function Nc(n){if(Pn.length){const e=[...new Set(Pn)].sort((t,r)=>dr(t)-dr(r));if(Pn.length=0,Ft){Ft.push(...e);return}for(Ft=e,In=0;In<Ft.length;In++){const t=Ft[In];t.flags&4&&(t.flags&=-2),t.flags&8\|\|t(),t.flags&=-2}Ft=null,In=0}}const dr=n=>n.id==null?n.flags&2?-1:1/0:n.id;function Mc(n){try{for(pt=0;pt<xe.length;pt++){const e=xe[pt];e&&!(e.flags&8)&&(e.flags&4&&(e.flags&=-2),yr(e,e.i,e.i?15:14),e.flags&4\|\|(e.flags&=-2))}}finally{for(;pt<xe.length;pt++){const e=xe[pt];e&&(e.flags&=-2)}pt=-1,xe.length=0,Nc(),Br=null,(xe.length\|\|Pn.length)&&Mc()}}let Tt=null,xc=null;function Gr(n){const e=Tt;return Tt=n,xc=n&&n.type.__scopeId\|\|null,e}function Iu(n,e=Tt,t){if(!e\|\|n._n)return n;const r=(...o)=>{r._d&&fa(-1);const i=Gr(e);let s;try{s=n(...o)}finally{Gr(i),r._d&&fa(1)}return s};return r._n=!0,r._c=!0,r._d=!0,r}function rn(n,e,t,r){const o=n.dirs,i=e&&e.dirs;for(let s=0;s<o.length;s++){const a=o[s];i&&(a.oldValue=i[s].value);let c=a.dir[r];c&&(Xt(),wt(c,t,8,[n.el,a,n,e]),Zt())}}const Eu=Symbol("_vte"),_u=n=>n.__isTeleport;function Wi(n,e){n.shapeFlag&6&&n.component?(n.transition=e,Wi(n.component.subTree,e)):n.shapeFlag&128?(n.ssContent.transition=e.clone(n.ssContent),n.ssFallback.transition=e.clone(n.ssFallback)):n.transition=e}function Hc(n){n.ids=[n.ids[0]+n.ids[2]+++"-",0,0]}function $r(n,e,t,r,o=!1){if(K(n)){n.forEach((b,S)=>$r(b,e&&(K(e)?e[S]:e),t,r,o));return}if(tr(r)&&!o){r.shapeFlag&512&&r.type.__asyncResolved&&r.component.subTree.component&&$r(n,e,t,r.component.subTree);return}const i=r.shapeFlag&4?Ji(r.component):r.el,s=o?null:i,{i:a,r:c}=n,d=e&&e.r,l=a.refs===de?a.refs={}:a.refs,h=a.setupState,p=te(h),y=h===de?()=>!1:b=>ne(p,b);if(d!=null&&d!==c&&(pe(d)?(l[d]=null,y(d)&&(h[d]=null)):ke(d)&&(d.value=null)),G(c))yr(c,a,12,[s,l]);else{const b=pe(c),S=ke(c);if(b\|\|S){const q=()=>{if(n.f){const D=b?y(c)?h[c]:l[c]:c.value;o?K(D)&&Hi(D,i):K(D)?D.includes(i)\|\|D.push(i):b?(l[c]=[i],y(c)&&(h[c]=l[c])):(c.value=[i],n.k&&(l[n.k]=c.value))}else b?(l[c]=s,y(c)&&(h[c]=s)):S&&(c.value=s,n.k&&(l[n.k]=s))};s?(q.id=-1,ze(q,t)):q()}}}uo().requestIdleCallback;uo().cancelIdleCallback;const tr=n=>!!n.type.__asyncLoader,Lc=n=>n.type.__isKeepAlive;function Su(n,e){Uc(n,"a",e)}function bu(n,e){Uc(n,"da",e)}function Uc(n,e,t=Le){const r=n.__wdc\|\|(n.__wdc=()=>{let o=t;for(;o;){if(o.isDeactivated)return;o=o.parent}return n()});if(po(e,r,t),t){let o=t.parent;for(;o&&o.parent;)Lc(o.parent.vnode)&&ku(r,e,t,o),o=o.parent}}function ku(n,e,t,r){const o=po(e,n,r,!0);Fc(()=>{Hi(r[e],o)},t)}function po(n,e,t=Le,r=!1){if(t){const o=t[n]\|\|(t[n]=[]),i=e.__weh\|\|(e.__weh=(...s)=>{Xt();const a=Tr(t),c=wt(e,t,n,s);return a(),Zt(),c});return r?o.unshift(i):o.push(i),i}}const Lt=n=>(e,t=Le)=>{(!ur\|\|n==="sp")&&po(n,(...r)=>e(...r),t)},Ru=Lt("bm"),Dc=Lt("m"),Ou=Lt("bu"),Pu=Lt("u"),Nu=Lt("bum"),Fc=Lt("um"),Mu=Lt("sp"),xu=Lt("rtg"),Hu=Lt("rtc");function Lu(n,e=Le){po("ec",n,e)}const Uu=Symbol.for("v-ndc");function oa(n,e,t,r){let o;const i=t,s=K(n);if(s\|\|pe(n)){const a=s&&On(n);let c=!1;a&&(c=!tt(n),n=fo(n)),o=new Array(n.length);for(let d=0,l=n.length;d<l;d++)o[d]=e(c?Se(n[d]):n[d],d,void 0,i)}else if(typeof n=="number"){o=new Array(n);for(let a=0;a<n;a++)o[a]=e(a+1,a,void 0,i)}else if(ue(n))if(n[Symbol.iterator])o=Array.from(n,(a,c)=>e(a,c,void 0,i));else{const a=Object.keys(n);o=new Array(a.length);for(let c=0,d=a.length;c<d;c++){const l=a[c];o[c]=e(n[l],l,c,i)}}else o=[];return o}const li=n=>n?al(n)?Ji(n):li(n.parent):null,nr=De(Object.create(null),{$:n=>n,$el:n=>n.vnode.el,$data:n=>n.data,$props:n=>n.props,$attrs:n=>n.attrs,$slots:n=>n.slots,$refs:n=>n.refs,$parent:n=>li(n.parent),$root:n=>li(n.root),$host:n=>n.ce,$emit:n=>n.emit,$options:n=>Bc(n),$forceUpdate:n=>n.f\|\|(n.f=()=>{ji(n.update)}),$nextTick:n=>n.n\|\|(n.n=Au.bind(n.proxy)),$watch:n=>sf.bind(n)}),jo=(n,e)=>n!==de&&!n.__isScriptSetup&&ne(n,e),Du={get({_:n},e){if(e==="__v_skip")return!0;const{ctx:t,setupState:r,data:o,props:i,accessCache:s,type:a,appContext:c}=n;let d;if(e[0]!=="$"){const y=s[e];if(y!==void 0)switch(y){case 1:return r[e];case 2:return o[e];case 4:return t[e];case 3:return i[e]}else{if(jo(r,e))return s[e]=1,r[e];if(o!==de&&ne(o,e))return s[e]=2,o[e];if((d=n.propsOptions[0])&&ne(d,e))return s[e]=3,i[e];if(t!==de&&ne(t,e))return s[e]=4,t[e];di&&(s[e]=0)}}const l=nr[e];let h,p;if(l)return e==="$attrs"&&_e(n.attrs,"get",""),l(n);if((h=a.__cssModules)&&(h=h[e]))return h;if(t!==de&&ne(t,e))return s[e]=4,t[e];if(p=c.config.globalProperties,ne(p,e))return p[e]},set({_:n},e,t){const{data:r,setupState:o,ctx:i}=n;return jo(o,e)?(o[e]=t,!0):r!==de&&ne(r,e)?(r[e]=t,!0):ne(n.props,e)\|\|e[0]==="$"&&e.slice(1)in n?!1:(i[e]=t,!0)},has({_:{data:n,setupState:e,accessCache:t,ctx:r,appContext:o,propsOptions:i}},s){let a;return!!t[s]\|\|n!==de&&ne(n,s)\|\|jo(e,s)\|\|(a=i[0])&&ne(a,s)\|\|ne(r,s)\|\|ne(nr,s)\|\|ne(o.config.globalProperties,s)},defineProperty(n,e,t){return t.get!=null?n._.accessCache[e]=0:ne(t,"value")&&this.set(n,e,t.value,null),Reflect.defineProperty(n,e,t)}};function ia(n){return K(n)?n.reduce((e,t)=>(e[t]=null,e),{}):n}let di=!0;function Fu(n){const e=Bc(n),t=n.proxy,r=n.ctx;di=!1,e.beforeCreate&&sa(e.beforeCreate,n,"bc");const{data:o,computed:i,methods:s,watch:a,provide:c,inject:d,created:l,beforeMount:h,mounted:p,beforeUpdate:y,updated:b,activated:S,deactivated:q,beforeDestroy:D,beforeUnmount:V,destroyed:J,unmounted:H,render:ae,renderTracked:Be,renderTriggered:me,errorCaptured:Ye,serverPrefetch:Ut,expose:Qe,inheritAttrs:tn,components:nn,directives:Tn,filters:W}=e;if(d&&Ku(d,r,null),s)for(const ee in s){const ie=s[ee];G(ie)&&(r[ee]=ie.bind(t))}if(o){const ee=o.call(t,t);ue(ee)&&(n.data=zi(ee))}if(di=!0,i)for(const ee in i){const ie=i[ee],Et=G(ie)?ie.bind(t,t):G(ie.get)?ie.get.bind(t,t):vt,An=!G(ie)&&G(ie.set)?ie.set.bind(t):vt,_t=Lr({get:Et,set:An});Object.defineProperty(r,ee,{enumerable:!0,configurable:!0,get:()=>_t.value,set:Je=>_t.value=Je})}if(a)for(const ee in a)Kc(a[ee],r,t,ee);if(c){const ee=G(c)?c.call(t):c;Reflect.ownKeys(ee).forEach(ie=>{Vu(ie,ee[ie])})}l&&sa(l,n,"c");function $(ee,ie){K(ie)?ie.forEach(Et=>ee(Et.bind(t))):ie&&ee(ie.bind(t))}if($(Ru,h),$(Dc,p),$(Ou,y),$(Pu,b),$(Su,S),$(bu,q),$(Lu,Ye),$(Hu,Be),$(xu,me),$(Nu,V),$(Fc,H),$(Mu,Ut),K(Qe))if(Qe.length){const ee=n.exposed\|\|(n.exposed={});Qe.forEach(ie=>{Object.defineProperty(ee,ie,{get:()=>t[ie],set:Et=>t[ie]=Et})})}else n.exposed\|\|(n.exposed={});ae&&n.render===vt&&(n.render=ae),tn!=null&&(n.inheritAttrs=tn),nn&&(n.components=nn),Tn&&(n.directives=Tn),Ut&&Hc(n)}function Ku(n,e,t=vt){K(n)&&(n=hi(n));for(const r in n){const o=n[r];let i;ue(o)?"default"in o?i=xr(o.from\|\|r,o.default,!0):i=xr(o.from\|\|r):i=xr(o),ke(i)?Object.defineProperty(e,r,{enumerable:!0,configurable:!0,get:()=>i.value,set:s=>i.value=s}):e[r]=i}}function sa(n,e,t){wt(K(n)?n.map(r=>r.bind(e.proxy)):n.bind(e.proxy),e,t)}function Kc(n,e,t,r){let o=r.includes(".")?tl(t,r):()=>t[r];if(pe(n)){const i=e[n];G(i)&&Yo(o,i)}else if(G(n))Yo(o,n.bind(t));else if(ue(n))if(K(n))n.forEach(i=>Kc(i,e,t,r));else{const i=G(n.handler)?n.handler.bind(t):e[n.handler];G(i)&&Yo(o,i,n)}}function Bc(n){const e=n.type,{mixins:t,extends:r}=e,{mixins:o,optionsCache:i,config:{optionMergeStrategies:s}}=n.appContext,a=i.get(e);let c;return a?c=a:!o.length&&!t&&!r?c=e:(c={},o.length&&o.forEach(d=>zr(c,d,s,!0)),zr(c,e,s)),ue(e)&&i.set(e,c),c}function zr(n,e,t,r=!1){const{mixins:o,extends:i}=e;i&&zr(n,i,t,!0),o&&o.forEach(s=>zr(n,s,t,!0));for(const s in e)if(!(r&&s==="expose")){const a=Bu[s]\|\|t&&t[s];n[s]=a?a(n[s],e[s]):e[s]}return n}const Bu={data:aa,props:ca,emits:ca,methods:Qn,computed:Qn,beforeCreate:Pe,created:Pe,beforeMount:Pe,mounted:Pe,beforeUpdate:Pe,updated:Pe,beforeDestroy:Pe,beforeUnmount:Pe,destroyed:Pe,unmounted:Pe,activated:Pe,deactivated:Pe,errorCaptured:Pe,serverPrefetch:Pe,components:Qn,directives:Qn,watch:$u,provide:aa,inject:Gu};function aa(n,e){return e?n?function(){return De(G(n)?n.call(this,this):n,G(e)?e.call(this,this):e)}:e:n}function Gu(n,e){return Qn(hi(n),hi(e))}function hi(n){if(K(n)){const e={};for(let t=0;t<n.length;t++)e[n[t]]=n[t];return e}return n}function Pe(n,e){return n?[...new Set([].concat(n,e))]:e}function Qn(n,e){return n?De(Object.create(null),n,e):e}function ca(n,e){return n?K(n)&&K(e)?[...new Set([...n,...e])]:De(Object.create(null),ia(n),ia(e??{})):e}function $u(n,e){if(!n)return e;if(!e)return n;const t=De(Object.create(null),n);for(const r in e)t[r]=Pe(n[r],e[r]);return t}function Gc(){return{app:null,config:{isNativeTag:Nh,performance:!1,globalProperties:{},optionMergeStrategies:{},errorHandler:void 0,warnHandler:void 0,compilerOptions:{}},mixins:[],components:{},directives:{},provides:Object.create(null),optionsCache:new WeakMap,propsCache:new WeakMap,emitsCache:new WeakMap}}let zu=0;function qu(n,e){return function(r,o=null){G(r)\|\|(r=De({},r)),o!=null&&!ue(o)&&(o=null);const i=Gc(),s=new WeakSet,a=[];let c=!1;const d=i.app={_uid:zu++,_component:r,_props:o,_container:null,_context:i,_instance:null,version:bf,get config(){return i.config},set config(l){},use(l,...h){return s.has(l)\|\|(l&&G(l.install)?(s.add(l),l.install(d,...h)):G(l)&&(s.add(l),l(d,...h))),d},mixin(l){return i.mixins.includes(l)\|\|i.mixins.push(l),d},component(l,h){return h?(i.components[l]=h,d):i.components[l]},directive(l,h){return h?(i.directives[l]=h,d):i.directives[l]},mount(l,h,p){if(!c){const y=d._ceVNode\|\|Mt(r,o);return y.appContext=i,p===!0?p="svg":p===!1&&(p=void 0),n(y,l,p),c=!0,d._container=l,l.__vue_app__=d,Ji(y.component)}},onUnmount(l){a.push(l)},unmount(){c&&(wt(a,d._instance,16),n(null,d._container),delete d._container.__vue_app__)},provide(l,h){return i.provides[l]=h,d},runWithContext(l){const h=Nn;Nn=d;try{return l()}finally{Nn=h}}};return d}}let Nn=null;function Vu(n,e){if(Le){let t=Le.provides;const r=Le.parent&&Le.parent.provides;r===t&&(t=Le.provides=Object.create(r)),t[n]=e}}function xr(n,e,t=!1){const r=Le\|\|Tt;if(r\|\|Nn){const o=Nn?Nn._context.provides:r?r.parent==null?r.vnode.appContext&&r.vnode.appContext.provides:r.parent.provides:void 0;if(o&&n in o)return o[n];if(arguments.length>1)return t&&G(e)?e.call(r&&r.proxy):e}}const $c={},zc=()=>Object.create($c),qc=n=>Object.getPrototypeOf(n)===$c;function ju(n,e,t,r=!1){const o={},i=zc();n.propsDefaults=Object.create(null),Vc(n,e,o,i);for(const s in n.propsOptions[0])s in o\|\|(o[s]=void 0);t?n.props=r?o:du(o):n.type.props?n.props=o:n.props=i,n.attrs=i}function Wu(n,e,t,r){const{props:o,attrs:i,vnode:{patchFlag:s}}=n,a=te(o),[c]=n.propsOptions;let d=!1;if((r\|\|s>0)&&!(s&16)){if(s&8){const l=n.vnode.dynamicProps;for(let h=0;h<l.length;h++){let p=l[h];if(mo(n.emitsOptions,p))continue;const y=e[p];if(c)if(ne(i,p))y!==i[p]&&(i[p]=y,d=!0);else{const b=Wt(p);o[b]=ui(c,a,b,y,n,!1)}else y!==i[p]&&(i[p]=y,d=!0)}}}else{Vc(n,e,o,i)&&(d=!0);let l;for(const h in a)(!e\|\|!ne(e,h)&&((l=Cn(h))===h\|\|!ne(e,l)))&&(c?t&&(t[h]!==void 0\|\|t[l]!==void 0)&&(o[h]=ui(c,a,h,void 0,n,!0)):delete o[h]);if(i!==a)for(const h in i)(!e\|\|!ne(e,h))&&(delete i[h],d=!0)}d&&Pt(n.attrs,"set","")}function Vc(n,e,t,r){const[o,i]=n.propsOptions;let s=!1,a;if(e)for(let c in e){if(Xn(c))continue;const d=e[c];let l;o&&ne(o,l=Wt(c))?!i\|\|!i.includes(l)?t[l]=d:(a\|\|(a={}))[l]=d:mo(n.emitsOptions,c)\|\|(!(c in r)\|\|d!==r[c])&&(r[c]=d,s=!0)}if(i){const c=te(t),d=a\|\|de;for(let l=0;l<i.length;l++){const h=i[l];t[h]=ui(o,c,h,d[h],n,!ne(d,h))}}return s}function ui(n,e,t,r,o,i){const s=n[t];if(s!=null){const a=ne(s,"default");if(a&&r===void 0){const c=s.default;if(s.type!==Function&&!s.skipFactory&&G(c)){const{propsDefaults:d}=o;if(t in d)r=d[t];else{const l=Tr(o);r=d[t]=c.call(null,e),l()}}else r=c;o.ce&&o.ce._setProp(t,r)}s[0]&&(i&&!a?r=!1:s[1]&&(r===""\|\|r===Cn(t))&&(r=!0))}return r}const Yu=new WeakMap;function jc(n,e,t=!1){const r=t?Yu:e.propsCache,o=r.get(n);if(o)return o;const i=n.props,s={},a=[];let c=!1;if(!G(n)){const l=h=>{c=!0;const[p,y]=jc(h,e,!0);De(s,p),y&&a.push(...y)};!t&&e.mixins.length&&e.mixins.forEach(l),n.extends&&l(n.extends),n.mixins&&n.mixins.forEach(l)}if(!i&&!c)return ue(n)&&r.set(n,kn),kn;if(K(i))for(let l=0;l<i.length;l++){const h=Wt(i[l]);la(h)&&(s[h]=de)}else if(i)for(const l in i){const h=Wt(l);if(la(h)){const p=i[l],y=s[h]=K(p)\|\|G(p)?{type:p}:De({},p),b=y.type;let S=!1,q=!0;if(K(b))for(let D=0;D<b.length;++D){const V=b[D],J=G(V)&&V.name;if(J==="Boolean"){S=!0;break}else J==="String"&&(q=!1)}else S=G(b)&&b.name==="Boolean";y[0]=S,y[1]=q,(S\|\|ne(y,"default"))&&a.push(h)}}const d=[s,a];return ue(n)&&r.set(n,d),d}function la(n){return n[0]!=="$"&&!Xn(n)}const Wc=n=>n[0]==="_"\|\|n==="$stable",Yi=n=>K(n)?n.map(mt):[mt(n)],Qu=(n,e,t)=>{if(e._n)return e;const r=Iu((...o)=>Yi(e(...o)),t);return r._c=!1,r},Yc=(n,e,t)=>{const r=n._ctx;for(const o in n){if(Wc(o))continue;const i=n[o];if(G(i))e[o]=Qu(o,i,r);else if(i!=null){const s=Yi(i);e[o]=()=>s}}},Qc=(n,e)=>{const t=Yi(e);n.slots.default=()=>t},Jc=(n,e,t)=>{for(const r in e)(t\|\|r!=="_")&&(n[r]=e[r])},Ju=(n,e,t)=>{const r=n.slots=zc();if(n.vnode.shapeFlag&32){const o=e._;o?(Jc(r,e,t),t&&dc(r,"_",o,!0)):Yc(e,r)}else e&&Qc(n,e)},Xu=(n,e,t)=>{const{vnode:r,slots:o}=n;let i=!0,s=de;if(r.shapeFlag&32){const a=e._;a?t&&a===1?i=!1:Jc(o,e,t):(i=!e.$stable,Yc(e,o)),s=e}else e&&(Qc(n,e),s={default:1});if(i)for(const a in o)!Wc(a)&&s[a]==null&&delete o[a]},ze=ff;function Zu(n){return ef(n)}function ef(n,e){const t=uo();t.__VUE__=!0;const{insert:r,remove:o,patchProp:i,createElement:s,createText:a,createComment:c,setText:d,setElementText:l,parentNode:h,nextSibling:p,setScopeId:y=vt,insertStaticContent:b}=n,S=(u,g,m,I=null,A=null,w=null,R=void 0,k=null,_=!!g.dynamicChildren)=>{if(u===g)return;u&&!Wn(u,g)&&(I=vr(u),Je(u,A,w,!0),u=null),g.patchFlag===-2&&(_=!1,g.dynamicChildren=null);const{type:E,ref:U,shapeFlag:O}=g;switch(E){case Co:q(u,g,m,I);break;case fn:D(u,g,m,I);break;case Qo:u==null&&V(g,m,I,R);break;case ot:nn(u,g,m,I,A,w,R,k,_);break;default:O&1?ae(u,g,m,I,A,w,R,k,_):O&6?Tn(u,g,m,I,A,w,R,k,_):(O&64\|\|O&128)&&E.process(u,g,m,I,A,w,R,k,_,qn)}U!=null&&A&&$r(U,u&&u.ref,w,g\|\|u,!g)},q=(u,g,m,I)=>{if(u==null)r(g.el=a(g.children),m,I);else{const A=g.el=u.el;g.children!==u.children&&d(A,g.children)}},D=(u,g,m,I)=>{u==null?r(g.el=c(g.children\|\|""),m,I):g.el=u.el},V=(u,g,m,I)=>{[u.el,u.anchor]=b(u.children,g,m,I,u.el,u.anchor)},J=({el:u,anchor:g},m,I)=>{let A;for(;u&&u!==g;)A=p(u),r(u,m,I),u=A;r(g,m,I)},H=({el:u,anchor:g})=>{let m;for(;u&&u!==g;)m=p(u),o(u),u=m;o(g)},ae=(u,g,m,I,A,w,R,k,_)=>{g.type==="svg"?R="svg":g.type==="math"&&(R="mathml"),u==null?Be(g,m,I,A,w,R,k,_):Ut(u,g,A,w,R,k,_)},Be=(u,g,m,I,A,w,R,k)=>{let _,E;const{props:U,shapeFlag:O,transition:L,dirs:F}=u;if(_=u.el=s(u.type,w,U&&U.is,U),O&8?l(_,u.children):O&16&&Ye(u.children,_,null,I,A,Wo(u,w),R,k),F&&rn(u,null,I,"created"),me(_,u,u.scopeId,R,I),U){for(const ce in U)ce!=="value"&&!Xn(ce)&&i(_,ce,null,U[ce],w,I);"value"in U&&i(_,"value",null,U.value,w),(E=U.onVnodeBeforeMount)&&ft(E,I,u)}F&&rn(u,null,I,"beforeMount");const Y=tf(A,L);Y&&L.beforeEnter(_),r(_,g,m),((E=U&&U.onVnodeMounted)\|\|Y\|\|F)&&ze(()=>{E&&ft(E,I,u),Y&&L.enter(_),F&&rn(u,null,I,"mounted")},A)},me=(u,g,m,I,A)=>{if(m&&y(u,m),I)for(let w=0;w<I.length;w++)y(u,I[w]);if(A){let w=A.subTree;if(g===w\|\|rl(w.type)&&(w.ssContent===g\|\|w.ssFallback===g)){const R=A.vnode;me(u,R,R.scopeId,R.slotScopeIds,A.parent)}}},Ye=(u,g,m,I,A,w,R,k,_=0)=>{for(let E=_;E<u.length;E++){const U=u[E]=k?Kt(u[E]):mt(u[E]);S(null,U,g,m,I,A,w,R,k)}},Ut=(u,g,m,I,A,w,R)=>{const k=g.el=u.el;let{patchFlag:_,dynamicChildren:E,dirs:U}=g;_\|=u.patchFlag&16;const O=u.props\|\|de,L=g.props\|\|de;let F;if(m&&on(m,!1),(F=L.onVnodeBeforeUpdate)&&ft(F,m,g,u),U&&rn(g,u,m,"beforeUpdate"),m&&on(m,!0),(O.innerHTML&&L.innerHTML==null\|\|O.textContent&&L.textContent==null)&&l(k,""),E?Qe(u.dynamicChildren,E,k,m,I,Wo(g,A),w):R\|\|ie(u,g,k,null,m,I,Wo(g,A),w,!1),_>0){if(_&16)tn(k,O,L,m,A);else if(_&2&&O.class!==L.class&&i(k,"class",null,L.class,A),_&4&&i(k,"style",O.style,L.style,A),_&8){const Y=g.dynamicProps;for(let ce=0;ce<Y.length;ce++){const re=Y[ce],Ge=O[re],Ke=L[re];(Ke!==Ge\|\|re==="value")&&i(k,re,Ge,Ke,A,m)}}_&1&&u.children!==g.children&&l(k,g.children)}else!R&&E==null&&tn(k,O,L,m,A);((F=L.onVnodeUpdated)\|\|U)&&ze(()=>{F&&ft(F,m,g,u),U&&rn(g,u,m,"updated")},I)},Qe=(u,g,m,I,A,w,R)=>{for(let k=0;k<g.length;k++){const _=u[k],E=g[k],U=_.el&&(_.type===ot\|\|!Wn(_,E)\|\|_.shapeFlag&70)?h(_.el):m;S(_,E,U,null,I,A,w,R,!0)}},tn=(u,g,m,I,A)=>{if(g!==m){if(g!==de)for(const w in g)!Xn(w)&&!(w in m)&&i(u,w,g[w],null,A,I);for(const w in m){if(Xn(w))continue;const R=m[w],k=g[w];R!==k&&w!=="value"&&i(u,w,k,R,A,I)}"value"in m&&i(u,"value",g.value,m.value,A)}},nn=(u,g,m,I,A,w,R,k,_)=>{const E=g.el=u?u.el:a(""),U=g.anchor=u?u.anchor:a("");let{patchFlag:O,dynamicChildren:L,slotScopeIds:F}=g;F&&(k=k?k.concat(F):F),u==null?(r(E,m,I),r(U,m,I),Ye(g.children\|\|[],m,U,A,w,R,k,_)):O>0&&O&64&&L&&u.dynamicChildren?(Qe(u.dynamicChildren,L,m,A,w,R,k),(g.key!=null\|\|A&&g===A.subTree)&&Xc(u,g,!0)):ie(u,g,m,U,A,w,R,k,_)},Tn=(u,g,m,I,A,w,R,k,_)=>{g.slotScopeIds=k,u==null?g.shapeFlag&512?A.ctx.activate(g,m,I,R,_):W(g,m,I,A,w,R,_):x(u,g,_)},W=(u,g,m,I,A,w,R)=>{const k=u.component=vf(u,I,A);if(Lc(u)&&(k.ctx.renderer=qn),wf(k,!1,R),k.asyncDep){if(A&&A.registerDep(k,$,R),!u.el){const _=k.subTree=Mt(fn);D(null,_,g,m)}}else $(k,u,g,m,A,w,R)},x=(u,g,m)=>{const I=g.component=u.component;if(hf(u,g,m))if(I.asyncDep&&!I.asyncResolved){ee(I,g,m);return}else I.next=g,I.update();else g.el=u.el,I.vnode=g},$=(u,g,m,I,A,w,R)=>{const k=()=>{if(u.isMounted){let{next:O,bu:L,u:F,parent:Y,vnode:ce}=u;{const ht=Zc(u);if(ht){O&&(O.el=ce.el,ee(u,O,R)),ht.asyncDep.then(()=>{u.isUnmounted\|\|k()});return}}let re=O,Ge;on(u,!1),O?(O.el=ce.el,ee(u,O,R)):O=ce,L&&Go(L),(Ge=O.props&&O.props.onVnodeBeforeUpdate)&&ft(Ge,Y,O,ce),on(u,!0);const Ke=ha(u),dt=u.subTree;u.subTree=Ke,S(dt,Ke,h(dt.el),vr(dt),u,A,w),O.el=Ke.el,re===null&&uf(u,Ke.el),F&&ze(F,A),(Ge=O.props&&O.props.onVnodeUpdated)&&ze(()=>ft(Ge,Y,O,ce),A)}else{let O;const{el:L,props:F}=g,{bm:Y,m:ce,parent:re,root:Ge,type:Ke}=u,dt=tr(g);on(u,!1),Y&&Go(Y),!dt&&(O=F&&F.onVnodeBeforeMount)&&ft(O,re,g),on(u,!0);{Ge.ce&&Ge.ce._injectChildStyle(Ke);const ht=u.subTree=ha(u);S(null,ht,m,I,u,A,w),g.el=ht.el}if(ce&&ze(ce,A),!dt&&(O=F&&F.onVnodeMounted)){const ht=g;ze(()=>ft(O,re,ht),A)}(g.shapeFlag&256\|\|re&&tr(re.vnode)&&re.vnode.shapeFlag&256)&&u.a&&ze(u.a,A),u.isMounted=!0,g=m=I=null}};u.scope.on();const _=u.effect=new gc(k);u.scope.off();const E=u.update=_.run.bind(_),U=u.job=_.runIfDirty.bind(_);U.i=u,U.id=u.uid,_.scheduler=()=>ji(U),on(u,!0),E()},ee=(u,g,m)=>{g.component=u;const I=u.vnode.props;u.vnode=g,u.next=null,Wu(u,g.props,I,m),Xu(u,g.children,m),Xt(),ra(u),Zt()},ie=(u,g,m,I,A,w,R,k,_=!1)=>{const E=u&&u.children,U=u?u.shapeFlag:0,O=g.children,{patchFlag:L,shapeFlag:F}=g;if(L>0){if(L&128){An(E,O,m,I,A,w,R,k,_);return}else if(L&256){Et(E,O,m,I,A,w,R,k,_);return}}F&8?(U&16&&zn(E,A,w),O!==E&&l(m,O)):U&16?F&16?An(E,O,m,I,A,w,R,k,_):zn(E,A,w,!0):(U&8&&l(m,""),F&16&&Ye(O,m,I,A,w,R,k,_))},Et=(u,g,m,I,A,w,R,k,_)=>{u=u\|\|kn,g=g\|\|kn;const E=u.length,U=g.length,O=Math.min(E,U);let L;for(L=0;L<O;L++){const F=g[L]=_?Kt(g[L]):mt(g[L]);S(u[L],F,m,null,A,w,R,k,_)}E>U?zn(u,A,w,!0,!1,O):Ye(g,m,I,A,w,R,k,_,O)},An=(u,g,m,I,A,w,R,k,_)=>{let E=0;const U=g.length;let O=u.length-1,L=U-1;for(;E<=O&&E<=L;){const F=u[E],Y=g[E]=_?Kt(g[E]):mt(g[E]);if(Wn(F,Y))S(F,Y,m,null,A,w,R,k,_);else break;E++}for(;E<=O&&E<=L;){const F=u[O],Y=g[L]=_?Kt(g[L]):mt(g[L]);if(Wn(F,Y))S(F,Y,m,null,A,w,R,k,_);else break;O--,L--}if(E>O){if(E<=L){const F=L+1,Y=F<U?g[F].el:I;for(;E<=L;)S(null,g[E]=_?Kt(g[E]):mt(g[E]),m,Y,A,w,R,k,_),E++}}else if(E>L)for(;E<=O;)Je(u[E],A,w,!0),E++;else{const F=E,Y=E,ce=new Map;for(E=Y;E<=L;E++){const $e=g[E]=_?Kt(g[E]):mt(g[E]);$e.key!=null&&ce.set($e.key,E)}let re,Ge=0;const Ke=L-Y+1;let dt=!1,ht=0;const Vn=new Array(Ke);for(E=0;E<Ke;E++)Vn[E]=0;for(E=F;E<=O;E++){const $e=u[E];if(Ge>=Ke){Je($e,A,w,!0);continue}let ut;if($e.key!=null)ut=ce.get($e.key);else for(re=Y;re<=L;re++)if(Vn[re-Y]===0&&Wn($e,g[re])){ut=re;break}ut===void 0?Je($e,A,w,!0):(Vn[ut-Y]=E+1,ut>=ht?ht=ut:dt=!0,S($e,g[ut],m,null,A,w,R,k,_),Ge++)}const Xs=dt?nf(Vn):kn;for(re=Xs.length-1,E=Ke-1;E>=0;E--){const $e=Y+E,ut=g[$e],Zs=$e+1<U?g[$e+1].el:I;Vn[E]===0?S(null,ut,m,Zs,A,w,R,k,_):dt&&(re<0\|\|E!==Xs[re]?_t(ut,m,Zs,2):re--)}}},_t=(u,g,m,I,A=null)=>{const{el:w,type:R,transition:k,children:_,shapeFlag:E}=u;if(E&6){_t(u.component.subTree,g,m,I);return}if(E&128){u.suspense.move(g,m,I);return}if(E&64){R.move(u,g,m,qn);return}if(R===ot){r(w,g,m);for(let O=0;O<_.length;O++)_t(_[O],g,m,I);r(u.anchor,g,m);return}if(R===Qo){J(u,g,m);return}if(I!==2&&E&1&&k)if(I===0)k.beforeEnter(w),r(w,g,m),ze(()=>k.enter(w),A);else{const{leave:O,delayLeave:L,afterLeave:F}=k,Y=()=>r(w,g,m),ce=()=>{O(w,()=>{Y(),F&&F()})};L?L(w,Y,ce):ce()}else r(w,g,m)},Je=(u,g,m,I=!1,A=!1)=>{const{type:w,props:R,ref:k,children:_,dynamicChildren:E,shapeFlag:U,patchFlag:O,dirs:L,cacheIndex:F}=u;if(O===-2&&(A=!1),k!=null&&$r(k,null,m,u,!0),F!=null&&(g.renderCache[F]=void 0),U&256){g.ctx.deactivate(u);return}const Y=U&1&&L,ce=!tr(u);let re;if(ce&&(re=R&&R.onVnodeBeforeUnmount)&&ft(re,g,u),U&6)Ph(u.component,m,I);else{if(U&128){u.suspense.unmount(m,I);return}Y&&rn(u,null,g,"beforeUnmount"),U&64?u.type.remove(u,g,m,qn,I):E&&!E.hasOnce&&(w!==ot\|\|O>0&&O&64)?zn(E,g,m,!1,!0):(w===ot&&O&384\|\|!A&&U&16)&&zn(_,g,m),I&&$n(u)}(ce&&(re=R&&R.onVnodeUnmounted)\|\|Y)&&ze(()=>{re&&ft(re,g,u),Y&&rn(u,null,g,"unmounted")},m)},$n=u=>{const{type:g,el:m,anchor:I,transition:A}=u;if(g===ot){Fo(m,I);return}if(g===Qo){H(u);return}const w=()=>{o(m),A&&!A.persisted&&A.afterLeave&&A.afterLeave()};if(u.shapeFlag&1&&A&&!A.persisted){const{leave:R,delayLeave:k}=A,_=()=>R(m,w);k?k(u.el,w,_):_()}else w()},Fo=(u,g)=>{let m;for(;u!==g;)m=p(u),o(u),u=m;o(g)},Ph=(u,g,m)=>{const{bum:I,scope:A,job:w,subTree:R,um:k,m:_,a:E}=u;da(_),da(E),I&&Go(I),A.stop(),w&&(w.flags\|=8,Je(R,u,g,m)),k&&ze(k,g),ze(()=>{u.isUnmounted=!0},g),g&&g.pendingBranch&&!g.isUnmounted&&u.asyncDep&&!u.asyncResolved&&u.suspenseId===g.pendingId&&(g.deps--,g.deps===0&&g.resolve())},zn=(u,g,m,I=!1,A=!1,w=0)=>{for(let R=w;R<u.length;R++)Je(u[R],g,m,I,A)},vr=u=>{if(u.shapeFlag&6)return vr(u.component.subTree);if(u.shapeFlag&128)return u.suspense.next();const g=p(u.anchor\|\|u.el),m=g&&g[Eu];return m?p(m):g};let Ko=!1;const Js=(u,g,m)=>{u==null?g._vnode&&Je(g._vnode,null,null,!0):S(g._vnode\|\|null,u,g,null,null,null,m),g._vnode=u,Ko\|\|(Ko=!0,ra(),Nc(),Ko=!1)},qn={p:S,um:Je,m:_t,r:$n,mt:W,mc:Ye,pc:ie,pbc:Qe,n:vr,o:n};return{render:Js,hydrate:void 0,createApp:qu(Js)}}function Wo({type:n,props:e},t){return t==="svg"&&n==="foreignObject"\|\|t==="mathml"&&n==="annotation-xml"&&e&&e.encoding&&e.encoding.includes("html")?void 0:t}function on({effect:n,job:e},t){t?(n.flags\|=32,e.flags\|=4):(n.flags&=-33,e.flags&=-5)}function tf(n,e){return(!n\|\|n&&!n.pendingBranch)&&e&&!e.persisted}function Xc(n,e,t=!1){const r=n.children,o=e.children;if(K(r)&&K(o))for(let i=0;i<r.length;i++){const s=r[i];let a=o[i];a.shapeFlag&1&&!a.dynamicChildren&&((a.patchFlag<=0\|\|a.patchFlag===32)&&(a=o[i]=Kt(o[i]),a.el=s.el),!t&&a.patchFlag!==-2&&Xc(s,a)),a.type===Co&&(a.el=s.el)}}function nf(n){const e=n.slice(),t=[0];let r,o,i,s,a;const c=n.length;for(r=0;r<c;r++){const d=n[r];if(d!==0){if(o=t[t.length-1],n[o]<d){e[r]=o,t.push(r);continue}for(i=0,s=t.length-1;i<s;)a=i+s>>1,n[t[a]]<d?i=a+1:s=a;d<n[t[i]]&&(i>0&&(e[r]=t[i-1]),t[i]=r)}}for(i=t.length,s=t[i-1];i-- >0;)t[i]=s,s=e[s];return t}function Zc(n){const e=n.subTree.component;if(e)return e.asyncDep&&!e.asyncResolved?e:Zc(e)}function da(n){if(n)for(let e=0;e<n.length;e++)n[e].flags\|=8}const rf=Symbol.for("v-scx"),of=()=>xr(rf);function Yo(n,e,t){return el(n,e,t)}function el(n,e,t=de){const{immediate:r,deep:o,flush:i,once:s}=t,a=De({},t),c=e&&r\|\|!e&&i!=="post";let d;if(ur){if(i==="sync"){const y=of();d=y.__watcherHandles\|\|(y.__watcherHandles=[])}else if(!c){const y=()=>{};return y.stop=vt,y.resume=vt,y.pause=vt,y}}const l=Le;a.call=(y,b,S)=>wt(y,l,b,S);let h=!1;i==="post"?a.scheduler=y=>{ze(y,l&&l.suspense)}:i!=="sync"&&(h=!0,a.scheduler=(y,b)=>{b?y():ji(y)}),a.augmentJob=y=>{e&&(y.flags\|=4),h&&(y.flags\|=2,l&&(y.id=l.uid,y.i=l))};const p=yu(n,e,a);return ur&&(d?d.push(p):c&&p()),p}function sf(n,e,t){const r=this.proxy,o=pe(n)?n.includes(".")?tl(r,n):()=>r[n]:n.bind(r,r);let i;G(e)?i=e:(i=e.handler,t=e);const s=Tr(this),a=el(o,i.bind(r),t);return s(),a}function tl(n,e){const t=e.split(".");return()=>{let r=n;for(let o=0;o<t.length&&r;o++)r=r[t[o]];return r}}const af=(n,e)=>e==="modelValue"\|\|e==="model-value"?n.modelModifiers:n[`${e}Modifiers`]\|\|n[`${Wt(e)}Modifiers`]\|\|n[`${Cn(e)}Modifiers`];function cf(n,e,...t){if(n.isUnmounted)return;const r=n.vnode.props\|\|de;let o=t;const i=e.startsWith("update:"),s=i&&af(r,e.slice(7));s&&(s.trim&&(o=t.map(l=>pe(l)?l.trim():l)),s.number&&(o=t.map(Uh)));let a,c=r[a=Bo(e)]\|\|r[a=Bo(Wt(e))];!c&&i&&(c=r[a=Bo(Cn(e))]),c&&wt(c,n,6,o);const d=r[a+"Once"];if(d){if(!n.emitted)n.emitted={};else if(n.emitted[a])return;n.emitted[a]=!0,wt(d,n,6,o)}}function nl(n,e,t=!1){const r=e.emitsCache,o=r.get(n);if(o!==void 0)return o;const i=n.emits;let s={},a=!1;if(!G(n)){const c=d=>{const l=nl(d,e,!0);l&&(a=!0,De(s,l))};!t&&e.mixins.length&&e.mixins.forEach(c),n.extends&&c(n.extends),n.mixins&&n.mixins.forEach(c)}return!i&&!a?(ue(n)&&r.set(n,null),null):(K(i)?i.forEach(c=>s[c]=null):De(s,i),ue(n)&&r.set(n,s),s)}function mo(n,e){return!n\|\|!co(e)?!1:(e=e.slice(2).replace(/Once$/,""),ne(n,e[0].toLowerCase()+e.slice(1))\|\|ne(n,Cn(e))\|\|ne(n,e))}function ha(n){const{type:e,vnode:t,proxy:r,withProxy:o,propsOptions:[i],slots:s,attrs:a,emit:c,render:d,renderCache:l,props:h,data:p,setupState:y,ctx:b,inheritAttrs:S}=n,q=Gr(n);let D,V;try{if(t.shapeFlag&4){const H=o\|\|r,ae=H;D=mt(d.call(ae,H,l,h,y,p,b)),V=a}else{const H=e;D=mt(H.length>1?H(h,{attrs:a,slots:s,emit:c}):H(h,null)),V=e.props?a:lf(a)}}catch(H){rr.length=0,go(H,n,1),D=Mt(fn)}let J=D;if(V&&S!==!1){const H=Object.keys(V),{shapeFlag:ae}=J;H.length&&ae&7&&(i&&H.some(xi)&&(V=df(V,i)),J=Hn(J,V,!1,!0))}return t.dirs&&(J=Hn(J,null,!1,!0),J.dirs=J.dirs?J.dirs.concat(t.dirs):t.dirs),t.transition&&Wi(J,t.transition),D=J,Gr(q),D}const lf=n=>{let e;for(const t in n)(t==="class"\|\|t==="style"\|\|co(t))&&((e\|\|(e={}))[t]=n[t]);return e},df=(n,e)=>{const t={};for(const r in n)(!xi(r)\|\|!(r.slice(9)in e))&&(t[r]=n[r]);return t};function hf(n,e,t){const{props:r,children:o,component:i}=n,{props:s,children:a,patchFlag:c}=e,d=i.emitsOptions;if(e.dirs\|\|e.transition)return!0;if(t&&c>=0){if(c&1024)return!0;if(c&16)return r?ua(r,s,d):!!s;if(c&8){const l=e.dynamicProps;for(let h=0;h<l.length;h++){const p=l[h];if(s[p]!==r[p]&&!mo(d,p))return!0}}}else return(o\|\|a)&&(!a\|\|!a.$stable)?!0:r===s?!1:r?s?ua(r,s,d):!0:!!s;return!1}function ua(n,e,t){const r=Object.keys(e);if(r.length!==Object.keys(n).length)return!0;for(let o=0;o<r.length;o++){const i=r[o];if(e[i]!==n[i]&&!mo(t,i))return!0}return!1}function uf({vnode:n,parent:e},t){for(;e;){const r=e.subTree;if(r.suspense&&r.suspense.activeBranch===n&&(r.el=n.el),r===n)(n=e.vnode).el=t,e=e.parent;else break}}const rl=n=>n.__isSuspense;function ff(n,e){e&&e.pendingBranch?K(n)?e.effects.push(...n):e.effects.push(n):wu(n)}const ot=Symbol.for("v-fgt"),Co=Symbol.for("v-txt"),fn=Symbol.for("v-cmt"),Qo=Symbol.for("v-stc"),rr=[];let je=null;function Ie(n=!1){rr.push(je=n?null:[])}function gf(){rr.pop(),je=rr[rr.length-1]\|\|null}let hr=1;function fa(n,e=!1){hr+=n,n<0&&je&&e&&(je.hasOnce=!0)}function ol(n){return n.dynamicChildren=hr>0?je\|\|kn:null,gf(),hr>0&&je&&je.push(n),n}function Oe(n,e,t,r,o,i){return ol(j(n,e,t,r,o,i,!0))}function pf(n,e,t,r,o){return ol(Mt(n,e,t,r,o,!0))}function il(n){return n?n.__v_isVNode===!0:!1}function Wn(n,e){return n.type===e.type&&n.key===e.key}const sl=({key:n})=>n??null,Hr=({ref:n,ref_key:e,ref_for:t})=>(typeof n=="number"&&(n=""+n),n!=null?pe(n)\|\|ke(n)\|\|G(n)?{i:Tt,r:n,k:e,f:!!t}:n:null);function j(n,e=null,t=null,r=0,o=null,i=n===ot?0:1,s=!1,a=!1){const c={__v_isVNode:!0,__v_skip:!0,type:n,props:e,key:e&&sl(e),ref:e&&Hr(e),scopeId:xc,slotScopeIds:null,children:t,component:null,suspense:null,ssContent:null,ssFallback:null,dirs:null,transition:null,el:null,anchor:null,target:null,targetStart:null,targetAnchor:null,staticCount:0,shapeFlag:i,patchFlag:r,dynamicProps:o,dynamicChildren:null,appContext:null,ctx:Tt};return a?(Qi(c,t),i&128&&n.normalize(c)):t&&(c.shapeFlag\|=pe(t)?8:16),hr>0&&!s&&je&&(c.patchFlag>0\|\|i&6)&&c.patchFlag!==32&&je.push(c),c}const Mt=mf;function mf(n,e=null,t=null,r=0,o=null,i=!1){if((!n\|\|n===Uu)&&(n=fn),il(n)){const a=Hn(n,e,!0);return t&&Qi(a,t),hr>0&&!i&&je&&(a.shapeFlag&6?je[je.indexOf(n)]=a:je.push(a)),a.patchFlag=-2,a}if(Sf(n)&&(n=n.__vccOpts),e){e=Cf(e);let{class:a,style:c}=e;a&&!pe(a)&&(e.class=Di(a)),ue(c)&&(Vi(c)&&!K(c)&&(c=De({},c)),e.style=Ui(c))}const s=pe(n)?1:rl(n)?128:_u(n)?64:ue(n)?4:G(n)?2:0;return j(n,e,t,r,o,s,i,!0)}function Cf(n){return n?Vi(n)\|\|qc(n)?De({},n):n:null}function Hn(n,e,t=!1,r=!1){const{props:o,ref:i,patchFlag:s,children:a,transition:c}=n,d=e?yf(o\|\|{},e):o,l={__v_isVNode:!0,__v_skip:!0,type:n.type,props:d,key:d&&sl(d),ref:e&&e.ref?t&&i?K(i)?i.concat(Hr(e)):[i,Hr(e)]:Hr(e):i,scopeId:n.scopeId,slotScopeIds:n.slotScopeIds,children:a,target:n.target,targetStart:n.targetStart,targetAnchor:n.targetAnchor,staticCount:n.staticCount,shapeFlag:n.shapeFlag,patchFlag:e&&n.type!==ot?s===-1?16:s\|16:s,dynamicProps:n.dynamicProps,dynamicChildren:n.dynamicChildren,appContext:n.appContext,dirs:n.dirs,transition:c,component:n.component,suspense:n.suspense,ssContent:n.ssContent&&Hn(n.ssContent),ssFallback:n.ssFallback&&Hn(n.ssFallback),el:n.el,anchor:n.anchor,ctx:n.ctx,ce:n.ce};return c&&r&&Wi(l,c.clone(l)),l}function an(n=" ",e=0){return Mt(Co,null,n,e)}function Yn(n="",e=!1){return e?(Ie(),pf(fn,null,n)):Mt(fn,null,n)}function mt(n){return n==null\|\|typeof n=="boolean"?Mt(fn):K(n)?Mt(ot,null,n.slice()):il(n)?Kt(n):Mt(Co,null,String(n))}function Kt(n){return n.el===null&&n.patchFlag!==-1\|\|n.memo?n:Hn(n)}function Qi(n,e){let t=0;const{shapeFlag:r}=n;if(e==null)e=null;else if(K(e))t=16;else if(typeof e=="object")if(r&65){const o=e.default;o&&(o._c&&(o._d=!1),Qi(n,o()),o._c&&(o._d=!0));return}else{t=32;const o=e._;!o&&!qc(e)?e._ctx=Tt:o===3&&Tt&&(Tt.slots._===1?e._=1:(e._=2,n.patchFlag\|=1024))}else G(e)?(e={default:e,_ctx:Tt},t=32):(e=String(e),r&64?(t=16,e=[an(e)]):t=8);n.children=e,n.shapeFlag\|=t}function yf(...n){const e={};for(let t=0;t<n.length;t++){const r=n[t];for(const o in r)if(o==="class")e.class!==r.class&&(e.class=Di([e.class,r.class]));else if(o==="style")e.style=Ui([e.style,r.style]);else if(co(o)){const i=e[o],s=r[o];s&&i!==s&&!(K(i)&&i.includes(s))&&(e[o]=i?[].concat(i,s):s)}else o!==""&&(e[o]=r[o])}return e}function ft(n,e,t,r=null){wt(n,e,7,[t,r])}const Tf=Gc();let Af=0;function vf(n,e,t){const r=n.type,o=(e?e.appContext:n.appContext)\|\|Tf,i={uid:Af++,vnode:n,type:r,parent:e,appContext:o,root:null,next:null,subTree:null,effect:null,update:null,job:null,scope:new zh(!0),render:null,proxy:null,exposed:null,exposeProxy:null,withProxy:null,provides:e?e.provides:Object.create(o.provides),ids:e?e.ids:["",0,0],accessCache:null,renderCache:[],components:null,directives:null,propsOptions:jc(r,o),emitsOptions:nl(r,o),emit:null,emitted:null,propsDefaults:de,inheritAttrs:r.inheritAttrs,ctx:de,data:de,props:de,attrs:de,slots:de,refs:de,setupState:de,setupContext:null,suspense:t,suspenseId:t?t.pendingId:0,asyncDep:null,asyncResolved:!1,isMounted:!1,isUnmounted:!1,isDeactivated:!1,bc:null,c:null,bm:null,m:null,bu:null,u:null,um:null,bum:null,da:null,a:null,rtg:null,rtc:null,ec:null,sp:null};return i.ctx={_:i},i.root=e?e.root:i,i.emit=cf.bind(null,i),n.ce&&n.ce(i),i}let Le=null,qr,fi;{const n=uo(),e=(t,r)=>{let o;return(o=n[t])\|\|(o=n[t]=[]),o.push(r),i=>{o.length>1?o.forEach(s=>s(i)):o[0](i)}};qr=e("__VUE_INSTANCE_SETTERS__",t=>Le=t),fi=e("__VUE_SSR_SETTERS__",t=>ur=t)}const Tr=n=>{const e=Le;return qr(n),n.scope.on(),()=>{n.scope.off(),qr(e)}},ga=()=>{Le&&Le.scope.off(),qr(null)};function al(n){return n.vnode.shapeFlag&4}let ur=!1;function wf(n,e=!1,t=!1){e&&fi(e);const{props:r,children:o}=n.vnode,i=al(n);ju(n,r,i,e),Ju(n,o,t);const s=i?If(n,e):void 0;return e&&fi(!1),s}function If(n,e){const t=n.type;n.accessCache=Object.create(null),n.proxy=new Proxy(n.ctx,Du);const{setup:r}=t;if(r){Xt();const o=n.setupContext=r.length>1?_f(n):null,i=Tr(n),s=yr(r,n,0,[n.props,o]),a=sc(s);if(Zt(),i(),(a\|\|n.sp)&&!tr(n)&&Hc(n),a){if(s.then(ga,ga),e)return s.then(c=>{pa(n,c)}).catch(c=>{go(c,n,0)});n.asyncDep=s}else pa(n,s)}else cl(n)}function pa(n,e,t){G(e)?n.type.__ssrInlineRender?n.ssrRender=e:n.render=e:ue(e)&&(n.setupState=Rc(e)),cl(n)}function cl(n,e,t){const r=n.type;n.render\|\|(n.render=r.render\|\|vt);{const o=Tr(n);Xt();try{Fu(n)}finally{Zt(),o()}}}const Ef={get(n,e){return _e(n,"get",""),n[e]}};function _f(n){const e=t=>{n.exposed=t\|\|{}};return{attrs:new Proxy(n.attrs,Ef),slots:n.slots,emit:n.emit,expose:e}}function Ji(n){return n.exposed?n.exposeProxy\|\|(n.exposeProxy=new Proxy(Rc(hu(n.exposed)),{get(e,t){if(t in e)return e[t];if(t in nr)return nr[t](n)},has(e,t){return t in e\|\|t in nr}})):n.proxy}function Sf(n){return G(n)&&"__vccOpts"in n}const Lr=(n,e)=>mu(n,e,ur),bf="3.5.13";/
	+/function Cr(n,e,t,r){try{return r?n(...r):n()}catch(o){po(o,e,t)}}function wt(n,e,t,r){if($(n)){const o=Cr(n,e,t,r);return o&&ac(o)&&o.catch(i=>{po(i,e,t)}),o}if(K(n)){const o=[];for(let i=0;i<n.length;i++)o.push(wt(n[i],e,t,r));return o}}function po(n,e,t,r=!0){const o=e?e.vnode:null,{errorHandler:i,throwUnhandledErrorInProduction:s}=e&&e.appContext.config\|\|de;if(e){let a=e.parent;const c=e.proxy,d=`https://vuejs.org/error-reference/#runtime-${t}`;for(;a;){const l=a.ec;if(l){for(let h=0;h<l.length;h++)if(l[h](n,c,d)===!1)return}a=a.parent}if(i){Xt(),Cr(i,null,10,[n,c,d]),Zt();return}}Tu(n,t,o,r,s)}function Tu(n,e,t,r=!0,o=!1){if(o)throw n;console.error(n)}const xe=[];let pt=-1;const Nn=[];let Ft=null,En=0;const Pc=Promise.resolve();let Gr=null;function Au(n){const e=Gr\|\|Pc;return n?e.then(this?n.bind(this):n):e}function vu(n){let e=pt+1,t=xe.length;for(;e<t;){const r=e+t>>>1,o=xe[r],i=lr(o);i<n\|\|i===n&&o.flags&2?e=r+1:t=r}return e}function Wi(n){if(!(n.flags&1)){const e=lr(n),t=xe[xe.length-1];!t\|\|!(n.flags&2)&&e>=lr(t)?xe.push(n):xe.splice(vu(e),0,n),n.flags\|=1,Nc()}}function Nc(){Gr\|\|(Gr=Pc.then(xc))}function wu(n){K(n)?Nn.push(...n):Ft&&n.id===-1?Ft.splice(En+1,0,n):n.flags&1\|\|(Nn.push(n),n.flags\|=1),Nc()}function oa(n,e,t=pt+1){for(;t<xe.length;t++){const r=xe[t];if(r&&r.flags&2){if(n&&r.id!==n.uid)continue;xe.splice(t,1),t--,r.flags&4&&(r.flags&=-2),r(),r.flags&4\|\|(r.flags&=-2)}}}function Mc(n){if(Nn.length){const e=[...new Set(Nn)].sort((t,r)=>lr(t)-lr(r));if(Nn.length=0,Ft){Ft.push(...e);return}for(Ft=e,En=0;En<Ft.length;En++){const t=Ft[En];t.flags&4&&(t.flags&=-2),t.flags&8\|\|t(),t.flags&=-2}Ft=null,En=0}}const lr=n=>n.id==null?n.flags&2?-1:1/0:n.id;function xc(n){try{for(pt=0;pt<xe.length;pt++){const e=xe[pt];e&&!(e.flags&8)&&(e.flags&4&&(e.flags&=-2),Cr(e,e.i,e.i?15:14),e.flags&4\|\|(e.flags&=-2))}}finally{for(;pt<xe.length;pt++){const e=xe[pt];e&&(e.flags&=-2)}pt=-1,xe.length=0,Mc(),Gr=null,(xe.length\|\|Nn.length)&&xc()}}let Tt=null,Hc=null;function $r(n){const e=Tt;return Tt=n,Hc=n&&n.type.__scopeId\|\|null,e}function Iu(n,e=Tt,t){if(!e\|\|n._n)return n;const r=(...o)=>{r._d&&ga(-1);const i=$r(e);let s;try{s=n(...o)}finally{$r(i),r._d&&ga(1)}return s};return r._n=!0,r._c=!0,r._d=!0,r}function rn(n,e,t,r){const o=n.dirs,i=e&&e.dirs;for(let s=0;s<o.length;s++){const a=o[s];i&&(a.oldValue=i[s].value);let c=a.dir[r];c&&(Xt(),wt(c,t,8,[n.el,a,n,e]),Zt())}}const Eu=Symbol("_vte"),_u=n=>n.__isTeleport;function Yi(n,e){n.shapeFlag&6&&n.component?(n.transition=e,Yi(n.component.subTree,e)):n.shapeFlag&128?(n.ssContent.transition=e.clone(n.ssContent),n.ssFallback.transition=e.clone(n.ssFallback)):n.transition=e}function Lc(n){n.ids=[n.ids[0]+n.ids[2]+++"-",0,0]}function zr(n,e,t,r,o=!1){if(K(n)){n.forEach((b,S)=>zr(b,e&&(K(e)?e[S]:e),t,r,o));return}if(er(r)&&!o){r.shapeFlag&512&&r.type.__asyncResolved&&r.component.subTree.component&&zr(n,e,t,r.component.subTree);return}const i=r.shapeFlag&4?Xi(r.component):r.el,s=o?null:i,{i:a,r:c}=n,d=e&&e.r,l=a.refs===de?a.refs={}:a.refs,h=a.setupState,p=te(h),y=h===de?()=>!1:b=>ne(p,b);if(d!=null&&d!==c&&(pe(d)?(l[d]=null,y(d)&&(h[d]=null)):Re(d)&&(d.value=null)),$(c))Cr(c,a,12,[s,l]);else{const b=pe(c),S=Re(c);if(b\|\|S){const q=()=>{if(n.f){const D=b?y(c)?h[c]:l[c]:c.value;o?K(D)&&Li(D,i):K(D)?D.includes(i)\|\|D.push(i):b?(l[c]=[i],y(c)&&(h[c]=l[c])):(c.value=[i],n.k&&(l[n.k]=c.value))}else b?(l[c]=s,y(c)&&(h[c]=s)):S&&(c.value=s,n.k&&(l[n.k]=s))};s?(q.id=-1,ze(q,t)):q()}}}fo().requestIdleCallback;fo().cancelIdleCallback;const er=n=>!!n.type.__asyncLoader,Uc=n=>n.type.__isKeepAlive;function Su(n,e){Dc(n,"a",e)}function bu(n,e){Dc(n,"da",e)}function Dc(n,e,t=Le){const r=n.__wdc\|\|(n.__wdc=()=>{let o=t;for(;o;){if(o.isDeactivated)return;o=o.parent}return n()});if(mo(e,r,t),t){let o=t.parent;for(;o&&o.parent;)Uc(o.parent.vnode)&&ku(r,e,t,o),o=o.parent}}function ku(n,e,t,r){const o=mo(e,n,r,!0);Kc(()=>{Li(r[e],o)},t)}function mo(n,e,t=Le,r=!1){if(t){const o=t[n]\|\|(t[n]=[]),i=e.__weh\|\|(e.__weh=(...s)=>{Xt();const a=yr(t),c=wt(e,t,n,s);return a(),Zt(),c});return r?o.unshift(i):o.push(i),i}}const Lt=n=>(e,t=Le)=>{(!hr\|\|n==="sp")&&mo(n,(...r)=>e(...r),t)},Ru=Lt("bm"),Fc=Lt("m"),Ou=Lt("bu"),Pu=Lt("u"),Nu=Lt("bum"),Kc=Lt("um"),Mu=Lt("sp"),xu=Lt("rtg"),Hu=Lt("rtc");function Lu(n,e=Le){mo("ec",n,e)}const Uu=Symbol.for("v-ndc");function ia(n,e,t,r){let o;const i=t,s=K(n);if(s\|\|pe(n)){const a=s&&Pn(n);let c=!1;a&&(c=!tt(n),n=go(n)),o=new Array(n.length);for(let d=0,l=n.length;d<l;d++)o[d]=e(c?be(n[d]):n[d],d,void 0,i)}else if(typeof n=="number"){o=new Array(n);for(let a=0;a<n;a++)o[a]=e(a+1,a,void 0,i)}else if(ue(n))if(n[Symbol.iterator])o=Array.from(n,(a,c)=>e(a,c,void 0,i));else{const a=Object.keys(n);o=new Array(a.length);for(let c=0,d=a.length;c<d;c++){const l=a[c];o[c]=e(n[l],l,c,i)}}else o=[];return o}const di=n=>n?cl(n)?Xi(n):di(n.parent):null,tr=De(Object.create(null),{$:n=>n,$el:n=>n.vnode.el,$data:n=>n.data,$props:n=>n.props,$attrs:n=>n.attrs,$slots:n=>n.slots,$refs:n=>n.refs,$parent:n=>di(n.parent),$root:n=>di(n.root),$host:n=>n.ce,$emit:n=>n.emit,$options:n=>Gc(n),$forceUpdate:n=>n.f\|\|(n.f=()=>{Wi(n.update)}),$nextTick:n=>n.n\|\|(n.n=Au.bind(n.proxy)),$watch:n=>sf.bind(n)}),Wo=(n,e)=>n!==de&&!n.__isScriptSetup&&ne(n,e),Du={get({_:n},e){if(e==="__v_skip")return!0;const{ctx:t,setupState:r,data:o,props:i,accessCache:s,type:a,appContext:c}=n;let d;if(e[0]!=="$"){const y=s[e];if(y!==void 0)switch(y){case 1:return r[e];case 2:return o[e];case 4:return t[e];case 3:return i[e]}else{if(Wo(r,e))return s[e]=1,r[e];if(o!==de&&ne(o,e))return s[e]=2,o[e];if((d=n.propsOptions[0])&&ne(d,e))return s[e]=3,i[e];if(t!==de&&ne(t,e))return s[e]=4,t[e];hi&&(s[e]=0)}}const l=tr[e];let h,p;if(l)return e==="$attrs"&&Se(n.attrs,"get",""),l(n);if((h=a.__cssModules)&&(h=h[e]))return h;if(t!==de&&ne(t,e))return s[e]=4,t[e];if(p=c.config.globalProperties,ne(p,e))return p[e]},set({_:n},e,t){const{data:r,setupState:o,ctx:i}=n;return Wo(o,e)?(o[e]=t,!0):r!==de&&ne(r,e)?(r[e]=t,!0):ne(n.props,e)\|\|e[0]==="$"&&e.slice(1)in n?!1:(i[e]=t,!0)},has({_:{data:n,setupState:e,accessCache:t,ctx:r,appContext:o,propsOptions:i}},s){let a;return!!t[s]\|\|n!==de&&ne(n,s)\|\|Wo(e,s)\|\|(a=i[0])&&ne(a,s)\|\|ne(r,s)\|\|ne(tr,s)\|\|ne(o.config.globalProperties,s)},defineProperty(n,e,t){return t.get!=null?n._.accessCache[e]=0:ne(t,"value")&&this.set(n,e,t.value,null),Reflect.defineProperty(n,e,t)}};function sa(n){return K(n)?n.reduce((e,t)=>(e[t]=null,e),{}):n}let hi=!0;function Fu(n){const e=Gc(n),t=n.proxy,r=n.ctx;hi=!1,e.beforeCreate&&aa(e.beforeCreate,n,"bc");const{data:o,computed:i,methods:s,watch:a,provide:c,inject:d,created:l,beforeMount:h,mounted:p,beforeUpdate:y,updated:b,activated:S,deactivated:q,beforeDestroy:D,beforeUnmount:V,destroyed:J,unmounted:H,render:ae,renderTracked:Be,renderTriggered:me,errorCaptured:Ye,serverPrefetch:Ut,expose:Qe,inheritAttrs:tn,components:nn,directives:Tn,filters:W}=e;if(d&&Ku(d,r,null),s)for(const ee in s){const ie=s[ee];$(ie)&&(r[ee]=ie.bind(t))}if(o){const ee=o.call(t,t);ue(ee)&&(n.data=qi(ee))}if(hi=!0,i)for(const ee in i){const ie=i[ee],Et=$(ie)?ie.bind(t,t):$(ie.get)?ie.get.bind(t,t):vt,An=!$(ie)&&$(ie.set)?ie.set.bind(t):vt,_t=Ur({get:Et,set:An});Object.defineProperty(r,ee,{enumerable:!0,configurable:!0,get:()=>_t.value,set:Je=>_t.value=Je})}if(a)for(const ee in a)Bc(a[ee],r,t,ee);if(c){const ee=$(c)?c.call(t):c;Reflect.ownKeys(ee).forEach(ie=>{Vu(ie,ee[ie])})}l&&aa(l,n,"c");function G(ee,ie){K(ie)?ie.forEach(Et=>ee(Et.bind(t))):ie&&ee(ie.bind(t))}if(G(Ru,h),G(Fc,p),G(Ou,y),G(Pu,b),G(Su,S),G(bu,q),G(Lu,Ye),G(Hu,Be),G(xu,me),G(Nu,V),G(Kc,H),G(Mu,Ut),K(Qe))if(Qe.length){const ee=n.exposed\|\|(n.exposed={});Qe.forEach(ie=>{Object.defineProperty(ee,ie,{get:()=>t[ie],set:Et=>t[ie]=Et})})}else n.exposed\|\|(n.exposed={});ae&&n.render===vt&&(n.render=ae),tn!=null&&(n.inheritAttrs=tn),nn&&(n.components=nn),Tn&&(n.directives=Tn),Ut&&Lc(n)}function Ku(n,e,t=vt){K(n)&&(n=ui(n));for(const r in n){const o=n[r];let i;ue(o)?"default"in o?i=Hr(o.from\|\|r,o.default,!0):i=Hr(o.from\|\|r):i=Hr(o),Re(i)?Object.defineProperty(e,r,{enumerable:!0,configurable:!0,get:()=>i.value,set:s=>i.value=s}):e[r]=i}}function aa(n,e,t){wt(K(n)?n.map(r=>r.bind(e.proxy)):n.bind(e.proxy),e,t)}function Bc(n,e,t,r){let o=r.includes(".")?nl(t,r):()=>t[r];if(pe(n)){const i=e[n];$(i)&&Qo(o,i)}else if($(n))Qo(o,n.bind(t));else if(ue(n))if(K(n))n.forEach(i=>Bc(i,e,t,r));else{const i=$(n.handler)?n.handler.bind(t):e[n.handler];$(i)&&Qo(o,i,n)}}function Gc(n){const e=n.type,{mixins:t,extends:r}=e,{mixins:o,optionsCache:i,config:{optionMergeStrategies:s}}=n.appContext,a=i.get(e);let c;return a?c=a:!o.length&&!t&&!r?c=e:(c={},o.length&&o.forEach(d=>qr(c,d,s,!0)),qr(c,e,s)),ue(e)&&i.set(e,c),c}function qr(n,e,t,r=!1){const{mixins:o,extends:i}=e;i&&qr(n,i,t,!0),o&&o.forEach(s=>qr(n,s,t,!0));for(const s in e)if(!(r&&s==="expose")){const a=Bu[s]\|\|t&&t[s];n[s]=a?a(n[s],e[s]):e[s]}return n}const Bu={data:ca,props:la,emits:la,methods:Yn,computed:Yn,beforeCreate:Pe,created:Pe,beforeMount:Pe,mounted:Pe,beforeUpdate:Pe,updated:Pe,beforeDestroy:Pe,beforeUnmount:Pe,destroyed:Pe,unmounted:Pe,activated:Pe,deactivated:Pe,errorCaptured:Pe,serverPrefetch:Pe,components:Yn,directives:Yn,watch:$u,provide:ca,inject:Gu};function ca(n,e){return e?n?function(){return De($(n)?n.call(this,this):n,$(e)?e.call(this,this):e)}:e:n}function Gu(n,e){return Yn(ui(n),ui(e))}function ui(n){if(K(n)){const e={};for(let t=0;t<n.length;t++)e[n[t]]=n[t];return e}return n}function Pe(n,e){return n?[...new Set([].concat(n,e))]:e}function Yn(n,e){return n?De(Object.create(null),n,e):e}function la(n,e){return n?K(n)&&K(e)?[...new Set([...n,...e])]:De(Object.create(null),sa(n),sa(e??{})):e}function $u(n,e){if(!n)return e;if(!e)return n;const t=De(Object.create(null),n);for(const r in e)t[r]=Pe(n[r],e[r]);return t}function $c(){return{app:null,config:{isNativeTag:Nh,performance:!1,globalProperties:{},optionMergeStrategies:{},errorHandler:void 0,warnHandler:void 0,compilerOptions:{}},mixins:[],components:{},directives:{},provides:Object.create(null),optionsCache:new WeakMap,propsCache:new WeakMap,emitsCache:new WeakMap}}let zu=0;function qu(n,e){return function(r,o=null){$(r)\|\|(r=De({},r)),o!=null&&!ue(o)&&(o=null);const i=$c(),s=new WeakSet,a=[];let c=!1;const d=i.app={_uid:zu++,_component:r,_props:o,_container:null,_context:i,_instance:null,version:bf,get config(){return i.config},set config(l){},use(l,...h){return s.has(l)\|\|(l&&$(l.install)?(s.add(l),l.install(d,...h)):$(l)&&(s.add(l),l(d,...h))),d},mixin(l){return i.mixins.includes(l)\|\|i.mixins.push(l),d},component(l,h){return h?(i.components[l]=h,d):i.components[l]},directive(l,h){return h?(i.directives[l]=h,d):i.directives[l]},mount(l,h,p){if(!c){const y=d._ceVNode\|\|Mt(r,o);return y.appContext=i,p===!0?p="svg":p===!1&&(p=void 0),n(y,l,p),c=!0,d._container=l,l.__vue_app__=d,Xi(y.component)}},onUnmount(l){a.push(l)},unmount(){c&&(wt(a,d._instance,16),n(null,d._container),delete d._container.__vue_app__)},provide(l,h){return i.provides[l]=h,d},runWithContext(l){const h=Mn;Mn=d;try{return l()}finally{Mn=h}}};return d}}let Mn=null;function Vu(n,e){if(Le){let t=Le.provides;const r=Le.parent&&Le.parent.provides;r===t&&(t=Le.provides=Object.create(r)),t[n]=e}}function Hr(n,e,t=!1){const r=Le\|\|Tt;if(r\|\|Mn){const o=Mn?Mn._context.provides:r?r.parent==null?r.vnode.appContext&&r.vnode.appContext.provides:r.parent.provides:void 0;if(o&&n in o)return o[n];if(arguments.length>1)return t&&$(e)?e.call(r&&r.proxy):e}}const zc={},qc=()=>Object.create(zc),Vc=n=>Object.getPrototypeOf(n)===zc;function ju(n,e,t,r=!1){const o={},i=qc();n.propsDefaults=Object.create(null),jc(n,e,o,i);for(const s in n.propsOptions[0])s in o\|\|(o[s]=void 0);t?n.props=r?o:du(o):n.type.props?n.props=o:n.props=i,n.attrs=i}function Wu(n,e,t,r){const{props:o,attrs:i,vnode:{patchFlag:s}}=n,a=te(o),[c]=n.propsOptions;let d=!1;if((r\|\|s>0)&&!(s&16)){if(s&8){const l=n.vnode.dynamicProps;for(let h=0;h<l.length;h++){let p=l[h];if(Co(n.emitsOptions,p))continue;const y=e[p];if(c)if(ne(i,p))y!==i[p]&&(i[p]=y,d=!0);else{const b=Wt(p);o[b]=fi(c,a,b,y,n,!1)}else y!==i[p]&&(i[p]=y,d=!0)}}}else{jc(n,e,o,i)&&(d=!0);let l;for(const h in a)(!e\|\|!ne(e,h)&&((l=Cn(h))===h\|\|!ne(e,l)))&&(c?t&&(t[h]!==void 0\|\|t[l]!==void 0)&&(o[h]=fi(c,a,h,void 0,n,!0)):delete o[h]);if(i!==a)for(const h in i)(!e\|\|!ne(e,h))&&(delete i[h],d=!0)}d&&Pt(n.attrs,"set","")}function jc(n,e,t,r){const[o,i]=n.propsOptions;let s=!1,a;if(e)for(let c in e){if(Jn(c))continue;const d=e[c];let l;o&&ne(o,l=Wt(c))?!i\|\|!i.includes(l)?t[l]=d:(a\|\|(a={}))[l]=d:Co(n.emitsOptions,c)\|\|(!(c in r)\|\|d!==r[c])&&(r[c]=d,s=!0)}if(i){const c=te(t),d=a\|\|de;for(let l=0;l<i.length;l++){const h=i[l];t[h]=fi(o,c,h,d[h],n,!ne(d,h))}}return s}function fi(n,e,t,r,o,i){const s=n[t];if(s!=null){const a=ne(s,"default");if(a&&r===void 0){const c=s.default;if(s.type!==Function&&!s.skipFactory&&$(c)){const{propsDefaults:d}=o;if(t in d)r=d[t];else{const l=yr(o);r=d[t]=c.call(null,e),l()}}else r=c;o.ce&&o.ce._setProp(t,r)}s[0]&&(i&&!a?r=!1:s[1]&&(r===""\|\|r===Cn(t))&&(r=!0))}return r}const Yu=new WeakMap;function Wc(n,e,t=!1){const r=t?Yu:e.propsCache,o=r.get(n);if(o)return o;const i=n.props,s={},a=[];let c=!1;if(!$(n)){const l=h=>{c=!0;const[p,y]=Wc(h,e,!0);De(s,p),y&&a.push(...y)};!t&&e.mixins.length&&e.mixins.forEach(l),n.extends&&l(n.extends),n.mixins&&n.mixins.forEach(l)}if(!i&&!c)return ue(n)&&r.set(n,Rn),Rn;if(K(i))for(let l=0;l<i.length;l++){const h=Wt(i[l]);da(h)&&(s[h]=de)}else if(i)for(const l in i){const h=Wt(l);if(da(h)){const p=i[l],y=s[h]=K(p)\|\|$(p)?{type:p}:De({},p),b=y.type;let S=!1,q=!0;if(K(b))for(let D=0;D<b.length;++D){const V=b[D],J=$(V)&&V.name;if(J==="Boolean"){S=!0;break}else J==="String"&&(q=!1)}else S=$(b)&&b.name==="Boolean";y[0]=S,y[1]=q,(S\|\|ne(y,"default"))&&a.push(h)}}const d=[s,a];return ue(n)&&r.set(n,d),d}function da(n){return n[0]!=="$"&&!Jn(n)}const Yc=n=>n[0]==="_"\|\|n==="$stable",Qi=n=>K(n)?n.map(mt):[mt(n)],Qu=(n,e,t)=>{if(e._n)return e;const r=Iu((...o)=>Qi(e(...o)),t);return r._c=!1,r},Qc=(n,e,t)=>{const r=n._ctx;for(const o in n){if(Yc(o))continue;const i=n[o];if($(i))e[o]=Qu(o,i,r);else if(i!=null){const s=Qi(i);e[o]=()=>s}}},Jc=(n,e)=>{const t=Qi(e);n.slots.default=()=>t},Xc=(n,e,t)=>{for(const r in e)(t\|\|r!=="_")&&(n[r]=e[r])},Ju=(n,e,t)=>{const r=n.slots=qc();if(n.vnode.shapeFlag&32){const o=e._;o?(Xc(r,e,t),t&&hc(r,"_",o,!0)):Qc(e,r)}else e&&Jc(n,e)},Xu=(n,e,t)=>{const{vnode:r,slots:o}=n;let i=!0,s=de;if(r.shapeFlag&32){const a=e._;a?t&&a===1?i=!1:Xc(o,e,t):(i=!e.$stable,Qc(e,o)),s=e}else e&&(Jc(n,e),s={default:1});if(i)for(const a in o)!Yc(a)&&s[a]==null&&delete o[a]},ze=ff;function Zu(n){return ef(n)}function ef(n,e){const t=fo();t.__VUE__=!0;const{insert:r,remove:o,patchProp:i,createElement:s,createText:a,createComment:c,setText:d,setElementText:l,parentNode:h,nextSibling:p,setScopeId:y=vt,insertStaticContent:b}=n,S=(u,g,m,I=null,A=null,w=null,R=void 0,k=null,_=!!g.dynamicChildren)=>{if(u===g)return;u&&!Wn(u,g)&&(I=wr(u),Je(u,A,w,!0),u=null),g.patchFlag===-2&&(_=!1,g.dynamicChildren=null);const{type:E,ref:U,shapeFlag:O}=g;switch(E){case yo:q(u,g,m,I);break;case fn:D(u,g,m,I);break;case Jo:u==null&&V(g,m,I,R);break;case ot:nn(u,g,m,I,A,w,R,k,_);break;default:O&1?ae(u,g,m,I,A,w,R,k,_):O&6?Tn(u,g,m,I,A,w,R,k,_):(O&64\|\|O&128)&&E.process(u,g,m,I,A,w,R,k,_,qn)}U!=null&&A&&zr(U,u&&u.ref,w,g\|\|u,!g)},q=(u,g,m,I)=>{if(u==null)r(g.el=a(g.children),m,I);else{const A=g.el=u.el;g.children!==u.children&&d(A,g.children)}},D=(u,g,m,I)=>{u==null?r(g.el=c(g.children\|\|""),m,I):g.el=u.el},V=(u,g,m,I)=>{[u.el,u.anchor]=b(u.children,g,m,I,u.el,u.anchor)},J=({el:u,anchor:g},m,I)=>{let A;for(;u&&u!==g;)A=p(u),r(u,m,I),u=A;r(g,m,I)},H=({el:u,anchor:g})=>{let m;for(;u&&u!==g;)m=p(u),o(u),u=m;o(g)},ae=(u,g,m,I,A,w,R,k,_)=>{g.type==="svg"?R="svg":g.type==="math"&&(R="mathml"),u==null?Be(g,m,I,A,w,R,k,_):Ut(u,g,A,w,R,k,_)},Be=(u,g,m,I,A,w,R,k)=>{let _,E;const{props:U,shapeFlag:O,transition:L,dirs:F}=u;if(_=u.el=s(u.type,w,U&&U.is,U),O&8?l(_,u.children):O&16&&Ye(u.children,_,null,I,A,Yo(u,w),R,k),F&&rn(u,null,I,"created"),me(_,u,u.scopeId,R,I),U){for(const ce in U)ce!=="value"&&!Jn(ce)&&i(_,ce,null,U[ce],w,I);"value"in U&&i(_,"value",null,U.value,w),(E=U.onVnodeBeforeMount)&&ft(E,I,u)}F&&rn(u,null,I,"beforeMount");const Y=tf(A,L);Y&&L.beforeEnter(_),r(_,g,m),((E=U&&U.onVnodeMounted)\|\|Y\|\|F)&&ze(()=>{E&&ft(E,I,u),Y&&L.enter(_),F&&rn(u,null,I,"mounted")},A)},me=(u,g,m,I,A)=>{if(m&&y(u,m),I)for(let w=0;w<I.length;w++)y(u,I[w]);if(A){let w=A.subTree;if(g===w\|\|ol(w.type)&&(w.ssContent===g\|\|w.ssFallback===g)){const R=A.vnode;me(u,R,R.scopeId,R.slotScopeIds,A.parent)}}},Ye=(u,g,m,I,A,w,R,k,_=0)=>{for(let E=_;E<u.length;E++){const U=u[E]=k?Kt(u[E]):mt(u[E]);S(null,U,g,m,I,A,w,R,k)}},Ut=(u,g,m,I,A,w,R)=>{const k=g.el=u.el;let{patchFlag:_,dynamicChildren:E,dirs:U}=g;_\|=u.patchFlag&16;const O=u.props\|\|de,L=g.props\|\|de;let F;if(m&&on(m,!1),(F=L.onVnodeBeforeUpdate)&&ft(F,m,g,u),U&&rn(g,u,m,"beforeUpdate"),m&&on(m,!0),(O.innerHTML&&L.innerHTML==null\|\|O.textContent&&L.textContent==null)&&l(k,""),E?Qe(u.dynamicChildren,E,k,m,I,Yo(g,A),w):R\|\|ie(u,g,k,null,m,I,Yo(g,A),w,!1),_>0){if(_&16)tn(k,O,L,m,A);else if(_&2&&O.class!==L.class&&i(k,"class",null,L.class,A),_&4&&i(k,"style",O.style,L.style,A),_&8){const Y=g.dynamicProps;for(let ce=0;ce<Y.length;ce++){const re=Y[ce],Ge=O[re],Ke=L[re];(Ke!==Ge\|\|re==="value")&&i(k,re,Ge,Ke,A,m)}}_&1&&u.children!==g.children&&l(k,g.children)}else!R&&E==null&&tn(k,O,L,m,A);((F=L.onVnodeUpdated)\|\|U)&&ze(()=>{F&&ft(F,m,g,u),U&&rn(g,u,m,"updated")},I)},Qe=(u,g,m,I,A,w,R)=>{for(let k=0;k<g.length;k++){const _=u[k],E=g[k],U=_.el&&(_.type===ot\|\|!Wn(_,E)\|\|_.shapeFlag&70)?h(_.el):m;S(_,E,U,null,I,A,w,R,!0)}},tn=(u,g,m,I,A)=>{if(g!==m){if(g!==de)for(const w in g)!Jn(w)&&!(w in m)&&i(u,w,g[w],null,A,I);for(const w in m){if(Jn(w))continue;const R=m[w],k=g[w];R!==k&&w!=="value"&&i(u,w,k,R,A,I)}"value"in m&&i(u,"value",g.value,m.value,A)}},nn=(u,g,m,I,A,w,R,k,_)=>{const E=g.el=u?u.el:a(""),U=g.anchor=u?u.anchor:a("");let{patchFlag:O,dynamicChildren:L,slotScopeIds:F}=g;F&&(k=k?k.concat(F):F),u==null?(r(E,m,I),r(U,m,I),Ye(g.children\|\|[],m,U,A,w,R,k,_)):O>0&&O&64&&L&&u.dynamicChildren?(Qe(u.dynamicChildren,L,m,A,w,R,k),(g.key!=null\|\|A&&g===A.subTree)&&Zc(u,g,!0)):ie(u,g,m,U,A,w,R,k,_)},Tn=(u,g,m,I,A,w,R,k,_)=>{g.slotScopeIds=k,u==null?g.shapeFlag&512?A.ctx.activate(g,m,I,R,_):W(g,m,I,A,w,R,_):x(u,g,_)},W=(u,g,m,I,A,w,R)=>{const k=u.component=vf(u,I,A);if(Uc(u)&&(k.ctx.renderer=qn),wf(k,!1,R),k.asyncDep){if(A&&A.registerDep(k,G,R),!u.el){const _=k.subTree=Mt(fn);D(null,_,g,m)}}else G(k,u,g,m,A,w,R)},x=(u,g,m)=>{const I=g.component=u.component;if(hf(u,g,m))if(I.asyncDep&&!I.asyncResolved){ee(I,g,m);return}else I.next=g,I.update();else g.el=u.el,I.vnode=g},G=(u,g,m,I,A,w,R)=>{const k=()=>{if(u.isMounted){let{next:O,bu:L,u:F,parent:Y,vnode:ce}=u;{const ht=el(u);if(ht){O&&(O.el=ce.el,ee(u,O,R)),ht.asyncDep.then(()=>{u.isUnmounted\|\|k()});return}}let re=O,Ge;on(u,!1),O?(O.el=ce.el,ee(u,O,R)):O=ce,L&&$o(L),(Ge=O.props&&O.props.onVnodeBeforeUpdate)&&ft(Ge,Y,O,ce),on(u,!0);const Ke=ua(u),dt=u.subTree;u.subTree=Ke,S(dt,Ke,h(dt.el),wr(dt),u,A,w),O.el=Ke.el,re===null&&uf(u,Ke.el),F&&ze(F,A),(Ge=O.props&&O.props.onVnodeUpdated)&&ze(()=>ft(Ge,Y,O,ce),A)}else{let O;const{el:L,props:F}=g,{bm:Y,m:ce,parent:re,root:Ge,type:Ke}=u,dt=er(g);on(u,!1),Y&&$o(Y),!dt&&(O=F&&F.onVnodeBeforeMount)&&ft(O,re,g),on(u,!0);{Ge.ce&&Ge.ce._injectChildStyle(Ke);const ht=u.subTree=ua(u);S(null,ht,m,I,u,A,w),g.el=ht.el}if(ce&&ze(ce,A),!dt&&(O=F&&F.onVnodeMounted)){const ht=g;ze(()=>ft(O,re,ht),A)}(g.shapeFlag&256\|\|re&&er(re.vnode)&&re.vnode.shapeFlag&256)&&u.a&&ze(u.a,A),u.isMounted=!0,g=m=I=null}};u.scope.on();const _=u.effect=new pc(k);u.scope.off();const E=u.update=_.run.bind(_),U=u.job=_.runIfDirty.bind(_);U.i=u,U.id=u.uid,_.scheduler=()=>Wi(U),on(u,!0),E()},ee=(u,g,m)=>{g.component=u;const I=u.vnode.props;u.vnode=g,u.next=null,Wu(u,g.props,I,m),Xu(u,g.children,m),Xt(),oa(u),Zt()},ie=(u,g,m,I,A,w,R,k,_=!1)=>{const E=u&&u.children,U=u?u.shapeFlag:0,O=g.children,{patchFlag:L,shapeFlag:F}=g;if(L>0){if(L&128){An(E,O,m,I,A,w,R,k,_);return}else if(L&256){Et(E,O,m,I,A,w,R,k,_);return}}F&8?(U&16&&zn(E,A,w),O!==E&&l(m,O)):U&16?F&16?An(E,O,m,I,A,w,R,k,_):zn(E,A,w,!0):(U&8&&l(m,""),F&16&&Ye(O,m,I,A,w,R,k,_))},Et=(u,g,m,I,A,w,R,k,_)=>{u=u\|\|Rn,g=g\|\|Rn;const E=u.length,U=g.length,O=Math.min(E,U);let L;for(L=0;L<O;L++){const F=g[L]=_?Kt(g[L]):mt(g[L]);S(u[L],F,m,null,A,w,R,k,_)}E>U?zn(u,A,w,!0,!1,O):Ye(g,m,I,A,w,R,k,_,O)},An=(u,g,m,I,A,w,R,k,_)=>{let E=0;const U=g.length;let O=u.length-1,L=U-1;for(;E<=O&&E<=L;){const F=u[E],Y=g[E]=_?Kt(g[E]):mt(g[E]);if(Wn(F,Y))S(F,Y,m,null,A,w,R,k,_);else break;E++}for(;E<=O&&E<=L;){const F=u[O],Y=g[L]=_?Kt(g[L]):mt(g[L]);if(Wn(F,Y))S(F,Y,m,null,A,w,R,k,_);else break;O--,L--}if(E>O){if(E<=L){const F=L+1,Y=F<U?g[F].el:I;for(;E<=L;)S(null,g[E]=_?Kt(g[E]):mt(g[E]),m,Y,A,w,R,k,_),E++}}else if(E>L)for(;E<=O;)Je(u[E],A,w,!0),E++;else{const F=E,Y=E,ce=new Map;for(E=Y;E<=L;E++){const $e=g[E]=_?Kt(g[E]):mt(g[E]);$e.key!=null&&ce.set($e.key,E)}let re,Ge=0;const Ke=L-Y+1;let dt=!1,ht=0;const Vn=new Array(Ke);for(E=0;E<Ke;E++)Vn[E]=0;for(E=F;E<=O;E++){const $e=u[E];if(Ge>=Ke){Je($e,A,w,!0);continue}let ut;if($e.key!=null)ut=ce.get($e.key);else for(re=Y;re<=L;re++)if(Vn[re-Y]===0&&Wn($e,g[re])){ut=re;break}ut===void 0?Je($e,A,w,!0):(Vn[ut-Y]=E+1,ut>=ht?ht=ut:dt=!0,S($e,g[ut],m,null,A,w,R,k,_),Ge++)}const Zs=dt?nf(Vn):Rn;for(re=Zs.length-1,E=Ke-1;E>=0;E--){const $e=Y+E,ut=g[$e],ea=$e+1<U?g[$e+1].el:I;Vn[E]===0?S(null,ut,m,ea,A,w,R,k,_):dt&&(re<0\|\|E!==Zs[re]?_t(ut,m,ea,2):re--)}}},_t=(u,g,m,I,A=null)=>{const{el:w,type:R,transition:k,children:_,shapeFlag:E}=u;if(E&6){_t(u.component.subTree,g,m,I);return}if(E&128){u.suspense.move(g,m,I);return}if(E&64){R.move(u,g,m,qn);return}if(R===ot){r(w,g,m);for(let O=0;O<_.length;O++)_t(_[O],g,m,I);r(u.anchor,g,m);return}if(R===Jo){J(u,g,m);return}if(I!==2&&E&1&&k)if(I===0)k.beforeEnter(w),r(w,g,m),ze(()=>k.enter(w),A);else{const{leave:O,delayLeave:L,afterLeave:F}=k,Y=()=>r(w,g,m),ce=()=>{O(w,()=>{Y(),F&&F()})};L?L(w,Y,ce):ce()}else r(w,g,m)},Je=(u,g,m,I=!1,A=!1)=>{const{type:w,props:R,ref:k,children:_,dynamicChildren:E,shapeFlag:U,patchFlag:O,dirs:L,cacheIndex:F}=u;if(O===-2&&(A=!1),k!=null&&zr(k,null,m,u,!0),F!=null&&(g.renderCache[F]=void 0),U&256){g.ctx.deactivate(u);return}const Y=U&1&&L,ce=!er(u);let re;if(ce&&(re=R&&R.onVnodeBeforeUnmount)&&ft(re,g,u),U&6)Ko(u.component,m,I);else{if(U&128){u.suspense.unmount(m,I);return}Y&&rn(u,null,g,"beforeUnmount"),U&64?u.type.remove(u,g,m,qn,I):E&&!E.hasOnce&&(w!==ot\|\|O>0&&O&64)?zn(E,g,m,!1,!0):(w===ot&&O&384\|\|!A&&U&16)&&zn(_,g,m),I&&Ar(u)}(ce&&(re=R&&R.onVnodeUnmounted)\|\|Y)&&ze(()=>{re&&ft(re,g,u),Y&&rn(u,null,g,"unmounted")},m)},Ar=u=>{const{type:g,el:m,anchor:I,transition:A}=u;if(g===ot){vr(m,I);return}if(g===Jo){H(u);return}const w=()=>{o(m),A&&!A.persisted&&A.afterLeave&&A.afterLeave()};if(u.shapeFlag&1&&A&&!A.persisted){const{leave:R,delayLeave:k}=A,_=()=>R(m,w);k?k(u.el,w,_):_()}else w()},vr=(u,g)=>{let m;for(;u!==g;)m=p(u),o(u),u=m;o(g)},Ko=(u,g,m)=>{const{bum:I,scope:A,job:w,subTree:R,um:k,m:_,a:E}=u;ha(_),ha(E),I&&$o(I),A.stop(),w&&(w.flags\|=8,Je(R,u,g,m)),k&&ze(k,g),ze(()=>{u.isUnmounted=!0},g),g&&g.pendingBranch&&!g.isUnmounted&&u.asyncDep&&!u.asyncResolved&&u.suspenseId===g.pendingId&&(g.deps--,g.deps===0&&g.resolve())},zn=(u,g,m,I=!1,A=!1,w=0)=>{for(let R=w;R<u.length;R++)Je(u[R],g,m,I,A)},wr=u=>{if(u.shapeFlag&6)return wr(u.component.subTree);if(u.shapeFlag&128)return u.suspense.next();const g=p(u.anchor\|\|u.el),m=g&&g[Eu];return m?p(m):g};let Bo=!1;const Xs=(u,g,m)=>{u==null?g._vnode&&Je(g._vnode,null,null,!0):S(g._vnode\|\|null,u,g,null,null,null,m),g._vnode=u,Bo\|\|(Bo=!0,oa(),Mc(),Bo=!1)},qn={p:S,um:Je,m:_t,r:Ar,mt:W,mc:Ye,pc:ie,pbc:Qe,n:wr,o:n};return{render:Xs,hydrate:void 0,createApp:qu(Xs)}}function Yo({type:n,props:e},t){return t==="svg"&&n==="foreignObject"\|\|t==="mathml"&&n==="annotation-xml"&&e&&e.encoding&&e.encoding.includes("html")?void 0:t}function on({effect:n,job:e},t){t?(n.flags\|=32,e.flags\|=4):(n.flags&=-33,e.flags&=-5)}function tf(n,e){return(!n\|\|n&&!n.pendingBranch)&&e&&!e.persisted}function Zc(n,e,t=!1){const r=n.children,o=e.children;if(K(r)&&K(o))for(let i=0;i<r.length;i++){const s=r[i];let a=o[i];a.shapeFlag&1&&!a.dynamicChildren&&((a.patchFlag<=0\|\|a.patchFlag===32)&&(a=o[i]=Kt(o[i]),a.el=s.el),!t&&a.patchFlag!==-2&&Zc(s,a)),a.type===yo&&(a.el=s.el)}}function nf(n){const e=n.slice(),t=[0];let r,o,i,s,a;const c=n.length;for(r=0;r<c;r++){const d=n[r];if(d!==0){if(o=t[t.length-1],n[o]<d){e[r]=o,t.push(r);continue}for(i=0,s=t.length-1;i<s;)a=i+s>>1,n[t[a]]<d?i=a+1:s=a;d<n[t[i]]&&(i>0&&(e[r]=t[i-1]),t[i]=r)}}for(i=t.length,s=t[i-1];i-- >0;)t[i]=s,s=e[s];return t}function el(n){const e=n.subTree.component;if(e)return e.asyncDep&&!e.asyncResolved?e:el(e)}function ha(n){if(n)for(let e=0;e<n.length;e++)n[e].flags\|=8}const rf=Symbol.for("v-scx"),of=()=>Hr(rf);function Qo(n,e,t){return tl(n,e,t)}function tl(n,e,t=de){const{immediate:r,deep:o,flush:i,once:s}=t,a=De({},t),c=e&&r\|\|!e&&i!=="post";let d;if(hr){if(i==="sync"){const y=of();d=y.__watcherHandles\|\|(y.__watcherHandles=[])}else if(!c){const y=()=>{};return y.stop=vt,y.resume=vt,y.pause=vt,y}}const l=Le;a.call=(y,b,S)=>wt(y,l,b,S);let h=!1;i==="post"?a.scheduler=y=>{ze(y,l&&l.suspense)}:i!=="sync"&&(h=!0,a.scheduler=(y,b)=>{b?y():Wi(y)}),a.augmentJob=y=>{e&&(y.flags\|=4),h&&(y.flags\|=2,l&&(y.id=l.uid,y.i=l))};const p=yu(n,e,a);return hr&&(d?d.push(p):c&&p()),p}function sf(n,e,t){const r=this.proxy,o=pe(n)?n.includes(".")?nl(r,n):()=>r[n]:n.bind(r,r);let i;$(e)?i=e:(i=e.handler,t=e);const s=yr(this),a=tl(o,i.bind(r),t);return s(),a}function nl(n,e){const t=e.split(".");return()=>{let r=n;for(let o=0;o<t.length&&r;o++)r=r[t[o]];return r}}const af=(n,e)=>e==="modelValue"\|\|e==="model-value"?n.modelModifiers:n[`${e}Modifiers`]\|\|n[`${Wt(e)}Modifiers`]\|\|n[`${Cn(e)}Modifiers`];function cf(n,e,...t){if(n.isUnmounted)return;const r=n.vnode.props\|\|de;let o=t;const i=e.startsWith("update:"),s=i&&af(r,e.slice(7));s&&(s.trim&&(o=t.map(l=>pe(l)?l.trim():l)),s.number&&(o=t.map(Uh)));let a,c=r[a=Go(e)]\|\|r[a=Go(Wt(e))];!c&&i&&(c=r[a=Go(Cn(e))]),c&&wt(c,n,6,o);const d=r[a+"Once"];if(d){if(!n.emitted)n.emitted={};else if(n.emitted[a])return;n.emitted[a]=!0,wt(d,n,6,o)}}function rl(n,e,t=!1){const r=e.emitsCache,o=r.get(n);if(o!==void 0)return o;const i=n.emits;let s={},a=!1;if(!$(n)){const c=d=>{const l=rl(d,e,!0);l&&(a=!0,De(s,l))};!t&&e.mixins.length&&e.mixins.forEach(c),n.extends&&c(n.extends),n.mixins&&n.mixins.forEach(c)}return!i&&!a?(ue(n)&&r.set(n,null),null):(K(i)?i.forEach(c=>s[c]=null):De(s,i),ue(n)&&r.set(n,s),s)}function Co(n,e){return!n\|\|!lo(e)?!1:(e=e.slice(2).replace(/Once$/,""),ne(n,e[0].toLowerCase()+e.slice(1))\|\|ne(n,Cn(e))\|\|ne(n,e))}function ua(n){const{type:e,vnode:t,proxy:r,withProxy:o,propsOptions:[i],slots:s,attrs:a,emit:c,render:d,renderCache:l,props:h,data:p,setupState:y,ctx:b,inheritAttrs:S}=n,q=$r(n);let D,V;try{if(t.shapeFlag&4){const H=o\|\|r,ae=H;D=mt(d.call(ae,H,l,h,y,p,b)),V=a}else{const H=e;D=mt(H.length>1?H(h,{attrs:a,slots:s,emit:c}):H(h,null)),V=e.props?a:lf(a)}}catch(H){nr.length=0,po(H,n,1),D=Mt(fn)}let J=D;if(V&&S!==!1){const H=Object.keys(V),{shapeFlag:ae}=J;H.length&&ae&7&&(i&&H.some(Hi)&&(V=df(V,i)),J=Ln(J,V,!1,!0))}return t.dirs&&(J=Ln(J,null,!1,!0),J.dirs=J.dirs?J.dirs.concat(t.dirs):t.dirs),t.transition&&Yi(J,t.transition),D=J,$r(q),D}const lf=n=>{let e;for(const t in n)(t==="class"\|\|t==="style"\|\|lo(t))&&((e\|\|(e={}))[t]=n[t]);return e},df=(n,e)=>{const t={};for(const r in n)(!Hi(r)\|\|!(r.slice(9)in e))&&(t[r]=n[r]);return t};function hf(n,e,t){const{props:r,children:o,component:i}=n,{props:s,children:a,patchFlag:c}=e,d=i.emitsOptions;if(e.dirs\|\|e.transition)return!0;if(t&&c>=0){if(c&1024)return!0;if(c&16)return r?fa(r,s,d):!!s;if(c&8){const l=e.dynamicProps;for(let h=0;h<l.length;h++){const p=l[h];if(s[p]!==r[p]&&!Co(d,p))return!0}}}else return(o\|\|a)&&(!a\|\|!a.$stable)?!0:r===s?!1:r?s?fa(r,s,d):!0:!!s;return!1}function fa(n,e,t){const r=Object.keys(e);if(r.length!==Object.keys(n).length)return!0;for(let o=0;o<r.length;o++){const i=r[o];if(e[i]!==n[i]&&!Co(t,i))return!0}return!1}function uf({vnode:n,parent:e},t){for(;e;){const r=e.subTree;if(r.suspense&&r.suspense.activeBranch===n&&(r.el=n.el),r===n)(n=e.vnode).el=t,e=e.parent;else break}}const ol=n=>n.__isSuspense;function ff(n,e){e&&e.pendingBranch?K(n)?e.effects.push(...n):e.effects.push(n):wu(n)}const ot=Symbol.for("v-fgt"),yo=Symbol.for("v-txt"),fn=Symbol.for("v-cmt"),Jo=Symbol.for("v-stc"),nr=[];let je=null;function Te(n=!1){nr.push(je=n?null:[])}function gf(){nr.pop(),je=nr[nr.length-1]\|\|null}let dr=1;function ga(n,e=!1){dr+=n,n<0&&je&&e&&(je.hasOnce=!0)}function il(n){return n.dynamicChildren=dr>0?je\|\|Rn:null,gf(),dr>0&&je&&je.push(n),n}function Ie(n,e,t,r,o,i){return il(j(n,e,t,r,o,i,!0))}function pf(n,e,t,r,o){return il(Mt(n,e,t,r,o,!0))}function sl(n){return n?n.__v_isVNode===!0:!1}function Wn(n,e){return n.type===e.type&&n.key===e.key}const al=({key:n})=>n??null,Lr=({ref:n,ref_key:e,ref_for:t})=>(typeof n=="number"&&(n=""+n),n!=null?pe(n)\|\|Re(n)\|\|$(n)?{i:Tt,r:n,k:e,f:!!t}:n:null);function j(n,e=null,t=null,r=0,o=null,i=n===ot?0:1,s=!1,a=!1){const c={__v_isVNode:!0,__v_skip:!0,type:n,props:e,key:e&&al(e),ref:e&&Lr(e),scopeId:Hc,slotScopeIds:null,children:t,component:null,suspense:null,ssContent:null,ssFallback:null,dirs:null,transition:null,el:null,anchor:null,target:null,targetStart:null,targetAnchor:null,staticCount:0,shapeFlag:i,patchFlag:r,dynamicProps:o,dynamicChildren:null,appContext:null,ctx:Tt};return a?(Ji(c,t),i&128&&n.normalize(c)):t&&(c.shapeFlag\|=pe(t)?8:16),dr>0&&!s&&je&&(c.patchFlag>0\|\|i&6)&&c.patchFlag!==32&&je.push(c),c}const Mt=mf;function mf(n,e=null,t=null,r=0,o=null,i=!1){if((!n\|\|n===Uu)&&(n=fn),sl(n)){const a=Ln(n,e,!0);return t&&Ji(a,t),dr>0&&!i&&je&&(a.shapeFlag&6?je[je.indexOf(n)]=a:je.push(a)),a.patchFlag=-2,a}if(Sf(n)&&(n=n.__vccOpts),e){e=Cf(e);let{class:a,style:c}=e;a&&!pe(a)&&(e.class=Fi(a)),ue(c)&&(ji(c)&&!K(c)&&(c=De({},c)),e.style=Di(c))}const s=pe(n)?1:ol(n)?128:_u(n)?64:ue(n)?4:$(n)?2:0;return j(n,e,t,r,o,s,i,!0)}function Cf(n){return n?ji(n)\|\|Vc(n)?De({},n):n:null}function Ln(n,e,t=!1,r=!1){const{props:o,ref:i,patchFlag:s,children:a,transition:c}=n,d=e?yf(o\|\|{},e):o,l={__v_isVNode:!0,__v_skip:!0,type:n.type,props:d,key:d&&al(d),ref:e&&e.ref?t&&i?K(i)?i.concat(Lr(e)):[i,Lr(e)]:Lr(e):i,scopeId:n.scopeId,slotScopeIds:n.slotScopeIds,children:a,target:n.target,targetStart:n.targetStart,targetAnchor:n.targetAnchor,staticCount:n.staticCount,shapeFlag:n.shapeFlag,patchFlag:e&&n.type!==ot?s===-1?16:s\|16:s,dynamicProps:n.dynamicProps,dynamicChildren:n.dynamicChildren,appContext:n.appContext,dirs:n.dirs,transition:c,component:n.component,suspense:n.suspense,ssContent:n.ssContent&&Ln(n.ssContent),ssFallback:n.ssFallback&&Ln(n.ssFallback),el:n.el,anchor:n.anchor,ctx:n.ctx,ce:n.ce};return c&&r&&Yi(l,c.clone(l)),l}function an(n=" ",e=0){return Mt(yo,null,n,e)}function wn(n="",e=!1){return e?(Te(),pf(fn,null,n)):Mt(fn,null,n)}function mt(n){return n==null\|\|typeof n=="boolean"?Mt(fn):K(n)?Mt(ot,null,n.slice()):sl(n)?Kt(n):Mt(yo,null,String(n))}function Kt(n){return n.el===null&&n.patchFlag!==-1\|\|n.memo?n:Ln(n)}function Ji(n,e){let t=0;const{shapeFlag:r}=n;if(e==null)e=null;else if(K(e))t=16;else if(typeof e=="object")if(r&65){const o=e.default;o&&(o._c&&(o._d=!1),Ji(n,o()),o._c&&(o._d=!0));return}else{t=32;const o=e._;!o&&!Vc(e)?e._ctx=Tt:o===3&&Tt&&(Tt.slots._===1?e._=1:(e._=2,n.patchFlag\|=1024))}else $(e)?(e={default:e,_ctx:Tt},t=32):(e=String(e),r&64?(t=16,e=[an(e)]):t=8);n.children=e,n.shapeFlag\|=t}function yf(...n){const e={};for(let t=0;t<n.length;t++){const r=n[t];for(const o in r)if(o==="class")e.class!==r.class&&(e.class=Fi([e.class,r.class]));else if(o==="style")e.style=Di([e.style,r.style]);else if(lo(o)){const i=e[o],s=r[o];s&&i!==s&&!(K(i)&&i.includes(s))&&(e[o]=i?[].concat(i,s):s)}else o!==""&&(e[o]=r[o])}return e}function ft(n,e,t,r=null){wt(n,e,7,[t,r])}const Tf=$c();let Af=0;function vf(n,e,t){const r=n.type,o=(e?e.appContext:n.appContext)\|\|Tf,i={uid:Af++,vnode:n,type:r,parent:e,appContext:o,root:null,next:null,subTree:null,effect:null,update:null,job:null,scope:new zh(!0),render:null,proxy:null,exposed:null,exposeProxy:null,withProxy:null,provides:e?e.provides:Object.create(o.provides),ids:e?e.ids:["",0,0],accessCache:null,renderCache:[],components:null,directives:null,propsOptions:Wc(r,o),emitsOptions:rl(r,o),emit:null,emitted:null,propsDefaults:de,inheritAttrs:r.inheritAttrs,ctx:de,data:de,props:de,attrs:de,slots:de,refs:de,setupState:de,setupContext:null,suspense:t,suspenseId:t?t.pendingId:0,asyncDep:null,asyncResolved:!1,isMounted:!1,isUnmounted:!1,isDeactivated:!1,bc:null,c:null,bm:null,m:null,bu:null,u:null,um:null,bum:null,da:null,a:null,rtg:null,rtc:null,ec:null,sp:null};return i.ctx={_:i},i.root=e?e.root:i,i.emit=cf.bind(null,i),n.ce&&n.ce(i),i}let Le=null,Vr,gi;{const n=fo(),e=(t,r)=>{let o;return(o=n[t])\|\|(o=n[t]=[]),o.push(r),i=>{o.length>1?o.forEach(s=>s(i)):o[0](i)}};Vr=e("__VUE_INSTANCE_SETTERS__",t=>Le=t),gi=e("__VUE_SSR_SETTERS__",t=>hr=t)}const yr=n=>{const e=Le;return Vr(n),n.scope.on(),()=>{n.scope.off(),Vr(e)}},pa=()=>{Le&&Le.scope.off(),Vr(null)};function cl(n){return n.vnode.shapeFlag&4}let hr=!1;function wf(n,e=!1,t=!1){e&&gi(e);const{props:r,children:o}=n.vnode,i=cl(n);ju(n,r,i,e),Ju(n,o,t);const s=i?If(n,e):void 0;return e&&gi(!1),s}function If(n,e){const t=n.type;n.accessCache=Object.create(null),n.proxy=new Proxy(n.ctx,Du);const{setup:r}=t;if(r){Xt();const o=n.setupContext=r.length>1?_f(n):null,i=yr(n),s=Cr(r,n,0,[n.props,o]),a=ac(s);if(Zt(),i(),(a\|\|n.sp)&&!er(n)&&Lc(n),a){if(s.then(pa,pa),e)return s.then(c=>{ma(n,c)}).catch(c=>{po(c,n,0)});n.asyncDep=s}else ma(n,s)}else ll(n)}function ma(n,e,t){$(e)?n.type.__ssrInlineRender?n.ssrRender=e:n.render=e:ue(e)&&(n.setupState=Oc(e)),ll(n)}function ll(n,e,t){const r=n.type;n.render\|\|(n.render=r.render\|\|vt);{const o=yr(n);Xt();try{Fu(n)}finally{Zt(),o()}}}const Ef={get(n,e){return Se(n,"get",""),n[e]}};function _f(n){const e=t=>{n.exposed=t\|\|{}};return{attrs:new Proxy(n.attrs,Ef),slots:n.slots,emit:n.emit,expose:e}}function Xi(n){return n.exposed?n.exposeProxy\|\|(n.exposeProxy=new Proxy(Oc(hu(n.exposed)),{get(e,t){if(t in e)return e[t];if(t in tr)return tr[t](n)},has(e,t){return t in e\|\|t in tr}})):n.proxy}function Sf(n){return $(n)&&"__vccOpts"in n}const Ur=(n,e)=>mu(n,e,hr),bf="3.5.13";/
	* @vue/runtime-dom v3.5.13
	* (c) 2018-present Yuxi (Evan) You and Vue contributors
	* @license MIT
	-*/let gi;const ma=typeof window<"u"&&window.trustedTypes;if(ma)try{gi=ma.createPolicy("vue",{createHTML:n=>n})}catch{}const ll=gi?n=>gi.createHTML(n):n=>n,kf="http://www.w3.org/2000/svg",Rf="http://www.w3.org/1998/Math/MathML",Rt=typeof document<"u"?document:null,Ca=Rt&&Rt.createElement("template"),Of={insert:(n,e,t)=>{e.insertBefore(n,t\|\|null)},remove:n=>{const e=n.parentNode;e&&e.removeChild(n)},createElement:(n,e,t,r)=>{const o=e==="svg"?Rt.createElementNS(kf,n):e==="mathml"?Rt.createElementNS(Rf,n):t?Rt.createElement(n,{is:t}):Rt.createElement(n);return n==="select"&&r&&r.multiple!=null&&o.setAttribute("multiple",r.multiple),o},createText:n=>Rt.createTextNode(n),createComment:n=>Rt.createComment(n),setText:(n,e)=>{n.nodeValue=e},setElementText:(n,e)=>{n.textContent=e},parentNode:n=>n.parentNode,nextSibling:n=>n.nextSibling,querySelector:n=>Rt.querySelector(n),setScopeId(n,e){n.setAttribute(e,"")},insertStaticContent(n,e,t,r,o,i){const s=t?t.previousSibling:e.lastChild;if(o&&(o===i\|\|o.nextSibling))for(;e.insertBefore(o.cloneNode(!0),t),!(o===i\|\|!(o=o.nextSibling)););else{Ca.innerHTML=ll(r==="svg"?`<svg>${n}</svg>`:r==="mathml"?`<math>${n}</math>`:n);const a=Ca.content;if(r==="svg"\|\|r==="mathml"){const c=a.firstChild;for(;c.firstChild;)a.appendChild(c.firstChild);a.removeChild(c)}e.insertBefore(a,t)}return[s?s.nextSibling:e.firstChild,t?t.previousSibling:e.lastChild]}},Pf=Symbol("_vtc");function Nf(n,e,t){const r=n[Pf];r&&(e=(e?[e,...r]:[...r]).join(" ")),e==null?n.removeAttribute("class"):t?n.setAttribute("class",e):n.className=e}const ya=Symbol("_vod"),Mf=Symbol("_vsh"),xf=Symbol(""),Hf=/(^\|;)\sdisplay\s:/;function Lf(n,e,t){const r=n.style,o=pe(t);let i=!1;if(t&&!o){if(e)if(pe(e))for(const s of e.split(";")){const a=s.slice(0,s.indexOf(":")).trim();t[a]==null&&Ur(r,a,"")}else for(const s in e)t[s]==null&&Ur(r,s,"");for(const s in t)s==="display"&&(i=!0),Ur(r,s,t[s])}else if(o){if(e!==t){const s=r[xf];s&&(t+=";"+s),r.cssText=t,i=Hf.test(t)}}else e&&n.removeAttribute("style");ya in n&&(n[ya]=i?r.display:"",n[Mf]&&(r.display="none"))}const Ta=/\s!important$/;function Ur(n,e,t){if(K(t))t.forEach(r=>Ur(n,e,r));else if(t==null&&(t=""),e.startsWith("--"))n.setProperty(e,t);else{const r=Uf(n,e);Ta.test(t)?n.setProperty(Cn(r),t.replace(Ta,""),"important"):n[r]=t}}const Aa=["Webkit","Moz","ms"],Jo={};function Uf(n,e){const t=Jo[e];if(t)return t;let r=Wt(e);if(r!=="filter"&&r in n)return Jo[e]=r;r=lc(r);for(let o=0;o<Aa.length;o++){const i=Aa[o]+r;if(i in n)return Jo[e]=i}return e}const va="http://www.w3.org/1999/xlink";function wa(n,e,t,r,o,i=$h(e)){r&&e.startsWith("xlink:")?t==null?n.removeAttributeNS(va,e.slice(6,e.length)):n.setAttributeNS(va,e,t):t==null\|\|i&&!hc(t)?n.removeAttribute(e):n.setAttribute(e,i?"":Jt(t)?String(t):t)}function Ia(n,e,t,r,o){if(e==="innerHTML"\|\|e==="textContent"){t!=null&&(n[e]=e==="innerHTML"?ll(t):t);return}const i=n.tagName;if(e==="value"&&i!=="PROGRESS"&&!i.includes("-")){const a=i==="OPTION"?n.getAttribute("value")\|\|"":n.value,c=t==null?n.type==="checkbox"?"on":"":String(t);(a!==c\|\|!("_value"in n))&&(n.value=c),t==null&&n.removeAttribute(e),n._value=t;return}let s=!1;if(t===""\|\|t==null){const a=typeof n[e];a==="boolean"?t=hc(t):t==null&&a==="string"?(t="",s=!0):a==="number"&&(t=0,s=!0)}try{n[e]=t}catch{}s&&n.removeAttribute(o\|\|e)}function Df(n,e,t,r){n.addEventListener(e,t,r)}function Ff(n,e,t,r){n.removeEventListener(e,t,r)}const Ea=Symbol("_vei");function Kf(n,e,t,r,o=null){const i=n[Ea]\|\|(n[Ea]={}),s=i[e];if(r&&s)s.value=r;else{const[a,c]=Bf(e);if(r){const d=i[e]=zf(r,o);Df(n,a,d,c)}else s&&(Ff(n,a,s,c),i[e]=void 0)}}const _a=/(?:Once\|Passive\|Capture)$/;function Bf(n){let e;if(_a.test(n)){e={};let r;for(;r=n.match(_a);)n=n.slice(0,n.length-r[0].length),e[r[0].toLowerCase()]=!0}return[n[2]===":"?n.slice(3):Cn(n.slice(2)),e]}let Xo=0;const Gf=Promise.resolve(),$f=()=>Xo\|\|(Gf.then(()=>Xo=0),Xo=Date.now());function zf(n,e){const t=r=>{if(!r._vts)r._vts=Date.now();else if(r._vts<=t.attached)return;wt(qf(r,t.value),e,5,[r])};return t.value=n,t.attached=$f(),t}function qf(n,e){if(K(e)){const t=n.stopImmediatePropagation;return n.stopImmediatePropagation=()=>{t.call(n),n._stopped=!0},e.map(r=>o=>!o._stopped&&r&&r(o))}else return e}const Sa=n=>n.charCodeAt(0)===111&&n.charCodeAt(1)===110&&n.charCodeAt(2)>96&&n.charCodeAt(2)<123,Vf=(n,e,t,r,o,i)=>{const s=o==="svg";e==="class"?Nf(n,r,s):e==="style"?Lf(n,t,r):co(e)?xi(e)\|\|Kf(n,e,t,r,i):(e[0]==="."?(e=e.slice(1),!0):e[0]==="^"?(e=e.slice(1),!1):jf(n,e,r,s))?(Ia(n,e,r),!n.tagName.includes("-")&&(e==="value"\|\|e==="checked"\|\|e==="selected")&&wa(n,e,r,s,i,e!=="value")):n._isVueCE&&(/[A-Z]/.test(e)\|\|!pe(r))?Ia(n,Wt(e),r,i,e):(e==="true-value"?n._trueValue=r:e==="false-value"&&(n._falseValue=r),wa(n,e,r,s))};function jf(n,e,t,r){if(r)return!!(e==="innerHTML"\|\|e==="textContent"\|\|e in n&&Sa(e)&&G(t));if(e==="spellcheck"\|\|e==="draggable"\|\|e==="translate"\|\|e==="form"\|\|e==="list"&&n.tagName==="INPUT"\|\|e==="type"&&n.tagName==="TEXTAREA")return!1;if(e==="width"\|\|e==="height"){const o=n.tagName;if(o==="IMG"\|\|o==="VIDEO"\|\|o==="CANVAS"\|\|o==="SOURCE")return!1}return Sa(e)&&pe(t)?!1:e in n}const Wf=De({patchProp:Vf},Of);let ba;function Yf(){return ba\|\|(ba=Zu(Wf))}const Qf=(...n)=>{const e=Yf().createApp(...n),{mount:t}=e;return e.mount=r=>{const o=Xf(r);if(!o)return;const i=e._component;!G(i)&&!i.render&&!i.template&&(i.template=o.innerHTML),o.nodeType===1&&(o.textContent="");const s=t(o,!1,Jf(o));return o instanceof Element&&(o.removeAttribute("v-cloak"),o.setAttribute("data-v-app","")),s},e};function Jf(n){if(n instanceof SVGElement)return"svg";if(typeof MathMLElement=="function"&&n instanceof MathMLElement)return"mathml"}function Xf(n){return pe(n)?document.querySelector(n):n}function Xe(n){const e=Office.context.displayLanguage;let t="";e in bn&&n in bn[e]?t=bn[e][n]:t=n;for(let r=1;r<arguments.length;r++)t=t.replace("%"+r,arguments[r]);return t}function Ze(n,e){const t=Office.context.displayLanguage;let r="";t in bn&&e in bn[t]?r=bn[t][e]:r=e;for(let o=2;o<arguments.length;o++)r=r.replace("%"+o,arguments[o]);return e}/! @azure/msal-common v15.4.0 2025-03-25 /const C={LIBRARY_NAME:"MSAL.JS",SKU:"msal.js.common",CACHE_PREFIX:"msal",DEFAULT_AUTHORITY:"https://login.microsoftonline.com/common/",DEFAULT_AUTHORITY_HOST:"login.microsoftonline.com",DEFAULT_COMMON_TENANT:"common",ADFS:"adfs",DSTS:"dstsv2",AAD_INSTANCE_DISCOVERY_ENDPT:"https://login.microsoftonline.com/common/discovery/instance?api-version=1.1&authorization_endpoint=",CIAM_AUTH_URL:".ciamlogin.com",AAD_TENANT_DOMAIN_SUFFIX:".onmicrosoft.com",RESOURCE_DELIM:"\|",NO_ACCOUNT:"NO_ACCOUNT",CLAIMS:"claims",CONSUMER_UTID:"9188040d-6c67-4c5b-b112-36a304b66dad",OPENID_SCOPE:"openid",PROFILE_SCOPE:"profile",OFFLINE_ACCESS_SCOPE:"offline_access",EMAIL_SCOPE:"email",CODE_GRANT_TYPE:"authorization_code",RT_GRANT_TYPE:"refresh_token",S256_CODE_CHALLENGE_METHOD:"S256",URL_FORM_CONTENT_TYPE:"application/x-www-form-urlencoded;charset=utf-8",AUTHORIZATION_PENDING:"authorization_pending",NOT_DEFINED:"not_defined",EMPTY_STRING:"",NOT_APPLICABLE:"N/A",NOT_AVAILABLE:"Not Available",FORWARD_SLASH:"/",IMDS_ENDPOINT:"http://169.254.169.254/metadata/instance/compute/location",IMDS_VERSION:"2020-06-01",IMDS_TIMEOUT:2e3,AZURE_REGION_AUTO_DISCOVER_FLAG:"TryAutoDetect",REGIONAL_AUTH_PUBLIC_CLOUD_SUFFIX:"login.microsoft.com",KNOWN_PUBLIC_CLOUDS:["login.microsoftonline.com","login.windows.net","login.microsoft.com","sts.windows.net"],SHR_NONCE_VALIDITY:240,INVALID_INSTANCE:"invalid_instance"},_r={CLIENT_ERROR_RANGE_START:400,CLIENT_ERROR_RANGE_END:499,SERVER_ERROR_RANGE_START:500,SERVER_ERROR_RANGE_END:599},yn=[C.OPENID_SCOPE,C.PROFILE_SCOPE,C.OFFLINE_ACCESS_SCOPE],ka=[...yn,C.EMAIL_SCOPE],Me={CONTENT_TYPE:"Content-Type",CONTENT_LENGTH:"Content-Length",RETRY_AFTER:"Retry-After",CCS_HEADER:"X-AnchorMailbox",WWWAuthenticate:"WWW-Authenticate",AuthenticationInfo:"Authentication-Info",X_MS_REQUEST_ID:"x-ms-request-id",X_MS_HTTP_VERSION:"x-ms-httpver"},Ra={ACTIVE_ACCOUNT_FILTERS:"active-account-filters"},qt={COMMON:"common",ORGANIZATIONS:"organizations",CONSUMERS:"consumers"},Sr={ACCESS_TOKEN:"access_token",XMS_CC:"xms_cc"},Ae={LOGIN:"login",SELECT_ACCOUNT:"select_account",CONSENT:"consent",NONE:"none",CREATE:"create",NO_SESSION:"no_session"},Oa={PLAIN:"plain",S256:"S256"},dl={CODE:"code",IDTOKEN_TOKEN_REFRESHTOKEN:"id_token token refresh_token"},yo={QUERY:"query",FRAGMENT:"fragment"},Zf={QUERY:"query"},hl={AUTHORIZATION_CODE_GRANT:"authorization_code",REFRESH_TOKEN_GRANT:"refresh_token"},br={MSSTS_ACCOUNT_TYPE:"MSSTS",ADFS_ACCOUNT_TYPE:"ADFS",GENERIC_ACCOUNT_TYPE:"Generic"},be={CACHE_KEY_SEPARATOR:"-",CLIENT_INFO_SEPARATOR:"."},B={ID_TOKEN:"IdToken",ACCESS_TOKEN:"AccessToken",ACCESS_TOKEN_WITH_AUTH_SCHEME:"AccessToken_With_AuthScheme",REFRESH_TOKEN:"RefreshToken"},Xi="appmetadata",eg="client_info",or="1",Vr={CACHE_KEY:"authority-metadata",REFRESH_TIME_SECONDS:360024},qe={CONFIG:"config",CACHE:"cache",NETWORK:"network",HARDCODED_VALUES:"hardcoded_values"},Te={SCHEMA_VERSION:5,MAX_LAST_HEADER_BYTES:330,MAX_CACHED_ERRORS:50,CACHE_KEY:"server-telemetry",CATEGORY_SEPARATOR:"\|",VALUE_SEPARATOR:",",OVERFLOW_TRUE:"1",OVERFLOW_FALSE:"0",UNKNOWN_ERROR:"unknown_error"},X={BEARER:"Bearer",POP:"pop",SSH:"ssh-cert"},ir={DEFAULT_THROTTLE_TIME_SECONDS:60,DEFAULT_MAX_THROTTLE_TIME_SECONDS:3600,THROTTLING_PREFIX:"throttling",X_MS_LIB_CAPABILITY_VALUE:"retry-after, h429"},Pa={INVALID_GRANT_ERROR:"invalid_grant",CLIENT_MISMATCH_ERROR:"client_mismatch"},kr={httpSuccess:200,httpBadRequest:400},wn={FAILED_AUTO_DETECTION:"1",INTERNAL_CACHE:"2",ENVIRONMENT_VARIABLE:"3",IMDS:"4"},Zo={CONFIGURED_NO_AUTO_DETECTION:"2",AUTO_DETECTION_REQUESTED_SUCCESSFUL:"4",AUTO_DETECTION_REQUESTED_FAILED:"5"},cn={NOT_APPLICABLE:"0",FORCE_REFRESH_OR_CLAIMS:"1",NO_CACHED_ACCESS_TOKEN:"2",CACHED_ACCESS_TOKEN_EXPIRED:"3",PROACTIVELY_REFRESHED:"4"},tg={Pop:"pop"},ng=300;/! @azure/msal-common v15.4.0 2025-03-25 /const Zi="unexpected_error",rg="post_request_failed";/! @azure/msal-common v15.4.0 2025-03-25 /const Na={[Zi]:"Unexpected error in authentication.",[rg]:"Post request failed from the network, could be a 4xx/5xx or a network unavailability. Please check the exact error code for details."};class Z extends Error{constructor(e,t,r){const o=t?`${e}: ${t}`:e;super(o),Object.setPrototypeOf(this,Z.prototype),this.errorCode=e\|\|C.EMPTY_STRING,this.errorMessage=t\|\|C.EMPTY_STRING,this.subError=r\|\|C.EMPTY_STRING,this.name="AuthError"}setCorrelationId(e){this.correlationId=e}}function ul(n,e){return new Z(n,e?`${Na[n]} ${e}`:Na[n])}/! @azure/msal-common v15.4.0 2025-03-25 /const es="client_info_decoding_error",fl="client_info_empty_error",ts="token_parsing_error",jr="null_or_empty_token",Ot="endpoints_resolution_error",gl="network_error",pl="openid_config_error",ml="hash_not_deserialized",Ln="invalid_state",Cl="state_mismatch",pi="state_not_found",yl="nonce_mismatch",ns="auth_time_not_found",Tl="max_age_transpired",og="multiple_matching_tokens",ig="multiple_matching_accounts",Al="multiple_matching_appMetadata",vl="request_cannot_be_made",wl="cannot_remove_empty_scope",Il="cannot_append_scopeset",mi="empty_input_scopeset",sg="device_code_polling_cancelled",ag="device_code_expired",cg="device_code_unknown_error",rs="no_account_in_silent_request",El="invalid_cache_record",os="invalid_cache_environment",Wr="no_account_found",Ci="no_crypto_object",yi="unexpected_credential_type",lg="invalid_assertion",dg="invalid_client_credential",Vt="token_refresh_required",hg="user_timeout_reached",_l="token_claims_cnf_required_for_signedjwt",Sl="authorization_code_missing_from_server_response",bl="binding_key_not_removed",kl="end_session_endpoint_not_supported",is="key_id_missing",Rl="no_network_connectivity",Ol="user_canceled",ug="missing_tenant_id_error",z="method_not_implemented",Ti="nested_app_auth_bridge_disabled";/! @azure/msal-common v15.4.0 2025-03-25 /const Ma={[es]:"The client info could not be parsed/decoded correctly",[fl]:"The client info was empty",[ts]:"Token cannot be parsed",[jr]:"The token is null or empty",[Ot]:"Endpoints cannot be resolved",[gl]:"Network request failed",[pl]:"Could not retrieve endpoints. Check your authority and verify the .well-known/openid-configuration endpoint returns the required endpoints.",[ml]:"The hash parameters could not be deserialized",[Ln]:"State was not the expected format",[Cl]:"State mismatch error",[pi]:"State not found",[yl]:"Nonce mismatch error",[ns]:"Max Age was requested and the ID token is missing the auth_time variable. auth_time is an optional claim and is not enabled by default - it must be enabled. See https://aka.ms/msaljs/optional-claims for more information.",[Tl]:"Max Age is set to 0, or too much time has elapsed since the last end-user authentication.",[og]:"The cache contains multiple tokens satisfying the requirements. Call AcquireToken again providing more requirements such as authority or account.",[ig]:"The cache contains multiple accounts satisfying the given parameters. Please pass more info to obtain the correct account",[Al]:"The cache contains multiple appMetadata satisfying the given parameters. Please pass more info to obtain the correct appMetadata",[vl]:"Token request cannot be made without authorization code or refresh token.",[wl]:"Cannot remove null or empty scope from ScopeSet",[Il]:"Cannot append ScopeSet",[mi]:"Empty input ScopeSet cannot be processed",[sg]:"Caller has cancelled token endpoint polling during device code flow by setting DeviceCodeRequest.cancel = true.",[ag]:"Device code is expired.",[cg]:"Device code stopped polling for unknown reasons.",[rs]:"Please pass an account object, silent flow is not supported without account information",[El]:"Cache record object was null or undefined.",[os]:"Invalid environment when attempting to create cache entry",[Wr]:"No account found in cache for given key.",[Ci]:"No crypto object detected.",[yi]:"Unexpected credential type.",[lg]:"Client assertion must meet requirements described in https://tools.ietf.org/html/rfc7515",[dg]:"Client credential (secret, certificate, or assertion) must not be empty when creating a confidential client. An application should at most have one credential",[Vt]:"Cannot return token from cache because it must be refreshed. This may be due to one of the following reasons: forceRefresh parameter is set to true, claims have been requested, there is no cached access token or it is expired.",[hg]:"User defined timeout for device code polling reached",[_l]:"Cannot generate a POP jwt if the token_claims are not populated",[Sl]:"Server response does not contain an authorization code to proceed",[bl]:"Could not remove the credential's binding key from storage.",[kl]:"The provided authority does not support logout",[is]:"A keyId value is missing from the requested bound token's cache record and is required to match the token to it's stored binding key.",[Rl]:"No network connectivity. Check your internet connection.",[Ol]:"User cancelled the flow.",[ug]:"A tenant id - not common, organizations, or consumers - must be specified when using the client_credentials flow.",[z]:"This method has not been implemented",[Ti]:"The nested app auth bridge is disabled"};class Gt extends Z{constructor(e,t){super(e,t?`${Ma[e]}: ${t}`:Ma[e]),this.name="ClientAuthError",Object.setPrototypeOf(this,Gt.prototype)}}function v(n,e){return new Gt(n,e)}/! @azure/msal-common v15.4.0 2025-03-25 /const fr={createNewGuid:()=>{throw v(z)},base64Decode:()=>{throw v(z)},base64Encode:()=>{throw v(z)},base64UrlEncode:()=>{throw v(z)},encodeKid:()=>{throw v(z)},async getPublicKeyThumbprint(){throw v(z)},async removeTokenBindingKey(){throw v(z)},async clearKeystore(){throw v(z)},async signJwt(){throw v(z)},async hashString(){throw v(z)}};/! @azure/msal-common v15.4.0 2025-03-25 /var he;(function(n){n[n.Error=0]="Error",n[n.Warning=1]="Warning",n[n.Info=2]="Info",n[n.Verbose=3]="Verbose",n[n.Trace=4]="Trace"})(he\|\|(he={}));class Ht{constructor(e,t,r){this.level=he.Info;const o=()=>{},i=e\|\|Ht.createDefaultLoggerOptions();this.localCallback=i.loggerCallback\|\|o,this.piiLoggingEnabled=i.piiLoggingEnabled\|\|!1,this.level=typeof i.logLevel=="number"?i.logLevel:he.Info,this.correlationId=i.correlationId\|\|C.EMPTY_STRING,this.packageName=t\|\|C.EMPTY_STRING,this.packageVersion=r\|\|C.EMPTY_STRING}static createDefaultLoggerOptions(){return{loggerCallback:()=>{},piiLoggingEnabled:!1,logLevel:he.Info}}clone(e,t,r){return new Ht({loggerCallback:this.localCallback,piiLoggingEnabled:this.piiLoggingEnabled,logLevel:this.level,correlationId:r\|\|this.correlationId},e,t)}logMessage(e,t){if(t.logLevel>this.level\|\|!this.piiLoggingEnabled&&t.containsPii)return;const i=`${`[${new Date().toUTCString()}] : [${t.correlationId\|\|this.correlationId\|\|""}]`} : ${this.packageName}@${this.packageVersion} : ${he[t.logLevel]} - ${e}`;this.executeCallback(t.logLevel,i,t.containsPii\|\|!1)}executeCallback(e,t,r){this.localCallback&&this.localCallback(e,t,r)}error(e,t){this.logMessage(e,{logLevel:he.Error,containsPii:!1,correlationId:t\|\|C.EMPTY_STRING})}errorPii(e,t){this.logMessage(e,{logLevel:he.Error,containsPii:!0,correlationId:t\|\|C.EMPTY_STRING})}warning(e,t){this.logMessage(e,{logLevel:he.Warning,containsPii:!1,correlationId:t\|\|C.EMPTY_STRING})}warningPii(e,t){this.logMessage(e,{logLevel:he.Warning,containsPii:!0,correlationId:t\|\|C.EMPTY_STRING})}info(e,t){this.logMessage(e,{logLevel:he.Info,containsPii:!1,correlationId:t\|\|C.EMPTY_STRING})}infoPii(e,t){this.logMessage(e,{logLevel:he.Info,containsPii:!0,correlationId:t\|\|C.EMPTY_STRING})}verbose(e,t){this.logMessage(e,{logLevel:he.Verbose,containsPii:!1,correlationId:t\|\|C.EMPTY_STRING})}verbosePii(e,t){this.logMessage(e,{logLevel:he.Verbose,containsPii:!0,correlationId:t\|\|C.EMPTY_STRING})}trace(e,t){this.logMessage(e,{logLevel:he.Trace,containsPii:!1,correlationId:t\|\|C.EMPTY_STRING})}tracePii(e,t){this.logMessage(e,{logLevel:he.Trace,containsPii:!0,correlationId:t\|\|C.EMPTY_STRING})}isPiiLoggingEnabled(){return this.piiLoggingEnabled\|\|!1}}/! @azure/msal-common v15.4.0 2025-03-25 /const Pl="@azure/msal-common",ss="15.4.0";/! @azure/msal-common v15.4.0 2025-03-25 /const as={None:"none"};/! @azure/msal-common v15.4.0 2025-03-25 /function Yt(n,e){const t=fg(n);try{const r=e(t);return JSON.parse(r)}catch{throw v(ts)}}function fg(n){if(!n)throw v(jr);const t=/^([^\.\s])\.([^\.\s]+)\.([^\.\s])$/.exec(n);if(!t\|\|t.length<4)throw v(ts);return t[2]}function Nl(n,e){if(e===0\|\|Date.now()-3e5>n+e)throw v(Tl)}/! @azure/msal-common v15.4.0 2025-03-25 /function Fe(){return Math.round(new Date().getTime()/1e3)}function xa(n){return n.getTime()/1e3}function xt(n){return n?new Date(Number(n)1e3):new Date}function Yr(n,e){const t=Number(n)\|\|0;return Fe()+e>t}function Ml(n){return Number(n)>Fe()}/! @azure/msal-common v15.4.0 2025-03-25 /function sr(n){return[Cg(n),yg(n),Tg(n),Ag(n),vg(n)].join(be.CACHE_KEY_SEPARATOR).toLowerCase()}function To(n,e,t,r,o){return{credentialType:B.ID_TOKEN,homeAccountId:n,environment:e,clientId:r,secret:t,realm:o}}function Ao(n,e,t,r,o,i,s,a,c,d,l,h,p,y,b){var q,D;const S={homeAccountId:n,credentialType:B.ACCESS_TOKEN,secret:t,cachedAt:Fe().toString(),expiresOn:s.toString(),extendedExpiresOn:a.toString(),environment:e,clientId:r,realm:o,target:i,tokenType:l\|\|X.BEARER};if(h&&(S.userAssertionHash=h),d&&(S.refreshOn=d.toString()),y&&(S.requestedClaims=y,S.requestedClaimsHash=b),((q=S.tokenType)==null?void 0:q.toLowerCase())!==X.BEARER.toLowerCase())switch(S.credentialType=B.ACCESS_TOKEN_WITH_AUTH_SCHEME,S.tokenType){case X.POP:const V=Yt(t,c);if(!((D=V==null?void 0:V.cnf)!=null&&D.kid))throw v(_l);S.keyId=V.cnf.kid;break;case X.SSH:S.keyId=p}return S}function xl(n,e,t,r,o,i,s){const a={credentialType:B.REFRESH_TOKEN,homeAccountId:n,environment:e,clientId:r,secret:t};return i&&(a.userAssertionHash=i),o&&(a.familyId=o),s&&(a.expiresOn=s.toString()),a}function cs(n){return n.hasOwnProperty("homeAccountId")&&n.hasOwnProperty("environment")&&n.hasOwnProperty("credentialType")&&n.hasOwnProperty("clientId")&&n.hasOwnProperty("secret")}function gg(n){return n?cs(n)&&n.hasOwnProperty("realm")&&n.hasOwnProperty("target")&&(n.credentialType===B.ACCESS_TOKEN\|\|n.credentialType===B.ACCESS_TOKEN_WITH_AUTH_SCHEME):!1}function pg(n){return n?cs(n)&&n.hasOwnProperty("realm")&&n.credentialType===B.ID_TOKEN:!1}function mg(n){return n?cs(n)&&n.credentialType===B.REFRESH_TOKEN:!1}function Cg(n){return[n.homeAccountId,n.environment].join(be.CACHE_KEY_SEPARATOR).toLowerCase()}function yg(n){const e=n.credentialType===B.REFRESH_TOKEN&&n.familyId\|\|n.clientId;return[n.credentialType,e,n.realm\|\|""].join(be.CACHE_KEY_SEPARATOR).toLowerCase()}function Tg(n){return(n.target\|\|"").toLowerCase()}function Ag(n){return(n.requestedClaimsHash\|\|"").toLowerCase()}function vg(n){return n.tokenType&&n.tokenType.toLowerCase()!==X.BEARER.toLowerCase()?n.tokenType.toLowerCase():""}function wg(n,e){const t=n.indexOf(Te.CACHE_KEY)===0;let r=!0;return e&&(r=e.hasOwnProperty("failedRequests")&&e.hasOwnProperty("errors")&&e.hasOwnProperty("cacheHits")),t&&r}function Ig(n,e){let t=!1;n&&(t=n.indexOf(ir.THROTTLING_PREFIX)===0);let r=!0;return e&&(r=e.hasOwnProperty("throttleTime")),t&&r}function Eg({environment:n,clientId:e}){return[Xi,n,e].join(be.CACHE_KEY_SEPARATOR).toLowerCase()}function _g(n,e){return e?n.indexOf(Xi)===0&&e.hasOwnProperty("clientId")&&e.hasOwnProperty("environment"):!1}function Sg(n,e){return e?n.indexOf(Vr.CACHE_KEY)===0&&e.hasOwnProperty("aliases")&&e.hasOwnProperty("preferred_cache")&&e.hasOwnProperty("preferred_network")&&e.hasOwnProperty("canonical_authority")&&e.hasOwnProperty("authorization_endpoint")&&e.hasOwnProperty("token_endpoint")&&e.hasOwnProperty("issuer")&&e.hasOwnProperty("aliasesFromNetwork")&&e.hasOwnProperty("endpointsFromNetwork")&&e.hasOwnProperty("expiresAt")&&e.hasOwnProperty("jwks_uri"):!1}function Ha(){return Fe()+Vr.REFRESH_TIME_SECONDS}function Rr(n,e,t){n.authorization_endpoint=e.authorization_endpoint,n.token_endpoint=e.token_endpoint,n.end_session_endpoint=e.end_session_endpoint,n.issuer=e.issuer,n.endpointsFromNetwork=t,n.jwks_uri=e.jwks_uri}function ei(n,e,t){n.aliases=e.aliases,n.preferred_cache=e.preferred_cache,n.preferred_network=e.preferred_network,n.aliasesFromNetwork=t}function La(n){return n.expiresAt<=Fe()}/! @azure/msal-common v15.4.0 2025-03-25 /const Hl="redirect_uri_empty",bg="claims_request_parsing_error",Ll="authority_uri_insecure",Jn="url_parse_error",Ul="empty_url_error",Dl="empty_input_scopes_error",Fl="invalid_prompt_value",vo="invalid_claims",Kl="token_request_empty",Bl="logout_request_empty",Gl="invalid_code_challenge_method",wo="pkce_params_missing",ls="invalid_cloud_discovery_metadata",$l="invalid_authority_metadata",zl="untrusted_authority",Io="missing_ssh_jwk",ql="missing_ssh_kid",kg="missing_nonce_authentication_header",Rg="invalid_authentication_header",Vl="cannot_set_OIDCOptions",jl="cannot_allow_platform_broker",Wl="authority_mismatch";/! @azure/msal-common v15.4.0 2025-03-25 /const Og={[Hl]:"A redirect URI is required for all calls, and none has been set.",[bg]:"Could not parse the given claims request object.",[Ll]:"Authority URIs must use https. Please see here for valid authority configuration options: https://docs.microsoft.com/en-us/azure/active-directory/develop/msal-js-initializing-client-applications#configuration-options",[Jn]:"URL could not be parsed into appropriate segments.",[Ul]:"URL was empty or null.",[Dl]:"Scopes cannot be passed as null, undefined or empty array because they are required to obtain an access token.",[Fl]:"Please see here for valid configuration options: https://azuread.github.io/microsoft-authentication-library-for-js/ref/modules/_azure_msal_common.html#commonauthorizationurlrequest",[vo]:"Given claims parameter must be a stringified JSON object.",[Kl]:"Token request was empty and not found in cache.",[Bl]:"The logout request was null or undefined.",[Gl]:'code_challenge_method passed is invalid. Valid values are "plain" and "S256".',[wo]:"Both params: code_challenge and code_challenge_method are to be passed if to be sent in the request",[ls]:"Invalid cloudDiscoveryMetadata provided. Must be a stringified JSON object containing tenant_discovery_endpoint and metadata fields",[$l]:"Invalid authorityMetadata provided. Must by a stringified JSON object containing authorization_endpoint, token_endpoint, issuer fields.",[zl]:"The provided authority is not a trusted authority. Please include this authority in the knownAuthorities config parameter.",[Io]:"Missing sshJwk in SSH certificate request. A stringified JSON Web Key is required when using the SSH authentication scheme.",[ql]:"Missing sshKid in SSH certificate request. A string that uniquely identifies the public SSH key is required when using the SSH authentication scheme.",[kg]:"Unable to find an authentication header containing server nonce. Either the Authentication-Info or WWW-Authenticate headers must be present in order to obtain a server nonce.",[Rg]:"Invalid authentication header provided",[Vl]:"Cannot set OIDCOptions parameter. Please change the protocol mode to OIDC or use a non-Microsoft authority.",[jl]:"Cannot set allowPlatformBroker parameter to true when not in AAD protocol mode.",[Wl]:"Authority mismatch error. Authority provided in login request or PublicClientApplication config does not match the environment of the provided account. Please use a matching account or make an interactive request to login to this authority."};class ds extends Z{constructor(e){super(e,Og[e]),this.name="ClientConfigurationError",Object.setPrototypeOf(this,ds.prototype)}}function oe(n){return new ds(n)}/! @azure/msal-common v15.4.0 2025-03-25 /class at{static isEmptyObj(e){if(e)try{const t=JSON.parse(e);return Object.keys(t).length===0}catch{}return!0}static startsWith(e,t){return e.indexOf(t)===0}static endsWith(e,t){return e.length>=t.length&&e.lastIndexOf(t)===e.length-t.length}static queryStringToObject(e){const t={},r=e.split("&"),o=i=>decodeURIComponent(i.replace(/\+/g," "));return r.forEach(i=>{if(i.trim()){const[s,a]=i.split(/=(.+)/g,2);s&&a&&(t[o(s)]=o(a))}}),t}static trimArrayEntries(e){return e.map(t=>t.trim())}static removeEmptyStringsFromArray(e){return e.filter(t=>!!t)}static jsonParseHelper(e){try{return JSON.parse(e)}catch{return null}}static matchPattern(e,t){return new RegExp(e.replace(/\\/g,"\\\\").replace(/\/g,"[^ ]").replace(/\?/g,"\\?")).test(t)}}/! @azure/msal-common v15.4.0 2025-03-25 /class fe{constructor(e){const t=e?at.trimArrayEntries([...e]):[],r=t?at.removeEmptyStringsFromArray(t):[];if(!r\|\|!r.length)throw oe(Dl);this.scopes=new Set,r.forEach(o=>this.scopes.add(o))}static fromString(e){const r=(e\|\|C.EMPTY_STRING).split(" ");return new fe(r)}static createSearchScopes(e){const t=new fe(e);return t.containsOnlyOIDCScopes()?t.removeScope(C.OFFLINE_ACCESS_SCOPE):t.removeOIDCScopes(),t}containsScope(e){const t=this.printScopesLowerCase().split(" "),r=new fe(t);return e?r.scopes.has(e.toLowerCase()):!1}containsScopeSet(e){return!e\|\|e.scopes.size<=0?!1:this.scopes.size>=e.scopes.size&&e.asArray().every(t=>this.containsScope(t))}containsOnlyOIDCScopes(){let e=0;return ka.forEach(t=>{this.containsScope(t)&&(e+=1)}),this.scopes.size===e}appendScope(e){e&&this.scopes.add(e.trim())}appendScopes(e){try{e.forEach(t=>this.appendScope(t))}catch{throw v(Il)}}removeScope(e){if(!e)throw v(wl);this.scopes.delete(e.trim())}removeOIDCScopes(){ka.forEach(e=>{this.scopes.delete(e)})}unionScopeSets(e){if(!e)throw v(mi);const t=new Set;return e.scopes.forEach(r=>t.add(r.toLowerCase())),this.scopes.forEach(r=>t.add(r.toLowerCase())),t}intersectingScopeSets(e){if(!e)throw v(mi);e.containsOnlyOIDCScopes()\|\|e.removeOIDCScopes();const t=this.unionScopeSets(e),r=e.getScopeCount(),o=this.getScopeCount();return t.size<o+r}getScopeCount(){return this.scopes.size}asArray(){const e=[];return this.scopes.forEach(t=>e.push(t)),e}printScopes(){return this.scopes?this.asArray().join(" "):C.EMPTY_STRING}printScopesLowerCase(){return this.printScopes().toLowerCase()}}/! @azure/msal-common v15.4.0 2025-03-25 /function Qr(n,e){if(!n)throw v(fl);try{const t=e(n);return JSON.parse(t)}catch{throw v(es)}}function Mn(n){if(!n)throw v(es);const e=n.split(be.CLIENT_INFO_SEPARATOR,2);return{uid:e[0],utid:e.length<2?C.EMPTY_STRING:e[1]}}/! @azure/msal-common v15.4.0 2025-03-25 /function Ua(n,e){return!!n&&!!e&&n===e.split(".")[1]}function Eo(n,e,t,r){if(r){const{oid:o,sub:i,tid:s,name:a,tfp:c,acr:d}=r,l=s\|\|c\|\|d\|\|"";return{tenantId:l,localAccountId:o\|\|i\|\|"",name:a,isHomeTenant:Ua(l,n)}}else return{tenantId:t,localAccountId:e,isHomeTenant:Ua(t,n)}}function hs(n,e,t,r){let o=n;if(e){const{isHomeTenant:i,...s}=e;o={...n,...s}}if(t){const{isHomeTenant:i,...s}=Eo(n.homeAccountId,n.localAccountId,n.tenantId,t);return o={...o,...s,idTokenClaims:t,idToken:r},o}return o}/! @azure/msal-common v15.4.0 2025-03-25 /const rt={Default:0,Adfs:1,Dsts:2,Ciam:3};/! @azure/msal-common v15.4.0 2025-03-25 /function Yl(n){return n&&(n.tid\|\|n.tfp\|\|n.acr)\|\|null}/! @azure/msal-common v15.4.0 2025-03-25 /const Ue={AAD:"AAD",OIDC:"OIDC",EAR:"EAR"};/! @azure/msal-common v15.4.0 2025-03-25 /class Re{generateAccountId(){return[this.homeAccountId,this.environment].join(be.CACHE_KEY_SEPARATOR).toLowerCase()}generateAccountKey(){return Re.generateAccountCacheKey({homeAccountId:this.homeAccountId,environment:this.environment,tenantId:this.realm,username:this.username,localAccountId:this.localAccountId})}getAccountInfo(){return{homeAccountId:this.homeAccountId,environment:this.environment,tenantId:this.realm,username:this.username,localAccountId:this.localAccountId,name:this.name,nativeAccountId:this.nativeAccountId,authorityType:this.authorityType,tenantProfiles:new Map((this.tenantProfiles\|\|[]).map(e=>[e.tenantId,e]))}}isSingleTenant(){return!this.tenantProfiles}static generateAccountCacheKey(e){const t=e.homeAccountId.split(".")[1];return[e.homeAccountId,e.environment\|\|"",t\|\|e.tenantId\|\|""].join(be.CACHE_KEY_SEPARATOR).toLowerCase()}static createAccount(e,t,r){var d,l,h,p,y,b;const o=new Re;t.authorityType===rt.Adfs?o.authorityType=br.ADFS_ACCOUNT_TYPE:t.protocolMode===Ue.OIDC?o.authorityType=br.GENERIC_ACCOUNT_TYPE:o.authorityType=br.MSSTS_ACCOUNT_TYPE;let i;e.clientInfo&&r&&(i=Qr(e.clientInfo,r)),o.clientInfo=e.clientInfo,o.homeAccountId=e.homeAccountId,o.nativeAccountId=e.nativeAccountId;const s=e.environment\|\|t&&t.getPreferredCache();if(!s)throw v(os);o.environment=s,o.realm=(i==null?void 0:i.utid)\|\|Yl(e.idTokenClaims)\|\|"",o.localAccountId=(i==null?void 0:i.uid)\|\|((d=e.idTokenClaims)==null?void 0:d.oid)\|\|((l=e.idTokenClaims)==null?void 0:l.sub)\|\|"";const a=((h=e.idTokenClaims)==null?void 0:h.preferred_username)\|\|((p=e.idTokenClaims)==null?void 0:p.upn),c=(y=e.idTokenClaims)!=null&&y.emails?e.idTokenClaims.emails[0]:null;if(o.username=a\|\|c\|\|"",o.name=((b=e.idTokenClaims)==null?void 0:b.name)\|\|"",o.cloudGraphHostName=e.cloudGraphHostName,o.msGraphHost=e.msGraphHost,e.tenantProfiles)o.tenantProfiles=e.tenantProfiles;else{const S=Eo(e.homeAccountId,o.localAccountId,o.realm,e.idTokenClaims);o.tenantProfiles=[S]}return o}static createFromAccountInfo(e,t,r){var i;const o=new Re;return o.authorityType=e.authorityType\|\|br.GENERIC_ACCOUNT_TYPE,o.homeAccountId=e.homeAccountId,o.localAccountId=e.localAccountId,o.nativeAccountId=e.nativeAccountId,o.realm=e.tenantId,o.environment=e.environment,o.username=e.username,o.name=e.name,o.cloudGraphHostName=t,o.msGraphHost=r,o.tenantProfiles=Array.from(((i=e.tenantProfiles)==null?void 0:i.values())\|\|[]),o}static generateHomeAccountId(e,t,r,o,i){if(!(t===rt.Adfs\|\|t===rt.Dsts)){if(e)try{const s=Qr(e,o.base64Decode);if(s.uid&&s.utid)return`${s.uid}.${s.utid}`}catch{}r.warning("No client info in response")}return(i==null?void 0:i.sub)\|\|""}static isAccountEntity(e){return e?e.hasOwnProperty("homeAccountId")&&e.hasOwnProperty("environment")&&e.hasOwnProperty("realm")&&e.hasOwnProperty("localAccountId")&&e.hasOwnProperty("username")&&e.hasOwnProperty("authorityType"):!1}static accountInfoIsEqual(e,t,r){if(!e\|\|!t)return!1;let o=!0;if(r){const i=e.idTokenClaims\|\|{},s=t.idTokenClaims\|\|{};o=i.iat===s.iat&&i.nonce===s.nonce}return e.homeAccountId===t.homeAccountId&&e.localAccountId===t.localAccountId&&e.username===t.username&&e.tenantId===t.tenantId&&e.environment===t.environment&&e.nativeAccountId===t.nativeAccountId&&o}}/! @azure/msal-common v15.4.0 2025-03-25 /function Ql(n){return n.startsWith("#/")?n.substring(2):n.startsWith("#")\|\|n.startsWith("?")?n.substring(1):n}function Jr(n){if(!n\|\|n.indexOf("=")<0)return null;try{const e=Ql(n),t=Object.fromEntries(new URLSearchParams(e));if(t.code\|\|t.ear_jwe\|\|t.error\|\|t.error_description\|\|t.state)return t}catch{throw v(ml)}return null}function gr(n){const e=new Array;return n.forEach((t,r)=>{e.push(`${r}=${encodeURIComponent(t)}`)}),e.join("&")}/! @azure/msal-common v15.4.0 2025-03-25 /class Q{get urlString(){return this._urlString}constructor(e){if(this._urlString=e,!this._urlString)throw oe(Ul);e.includes("#")\|\|(this._urlString=Q.canonicalizeUri(e))}static canonicalizeUri(e){if(e){let t=e.toLowerCase();return at.endsWith(t,"?")?t=t.slice(0,-1):at.endsWith(t,"?/")&&(t=t.slice(0,-2)),at.endsWith(t,"/")\|\|(t+="/"),t}return e}validateAsUri(){let e;try{e=this.getUrlComponents()}catch{throw oe(Jn)}if(!e.HostNameAndPort\|\|!e.PathSegments)throw oe(Jn);if(!e.Protocol\|\|e.Protocol.toLowerCase()!=="https:")throw oe(Ll)}static appendQueryString(e,t){return t?e.indexOf("?")<0?`${e}?${t}`:`${e}&${t}`:e}static removeHashFromUrl(e){return Q.canonicalizeUri(e.split("#")[0])}replaceTenantPath(e){const t=this.getUrlComponents(),r=t.PathSegments;return e&&r.length!==0&&(r[0]===qt.COMMON\|\|r[0]===qt.ORGANIZATIONS)&&(r[0]=e),Q.constructAuthorityUriFromObject(t)}getUrlComponents(){const e=RegExp("^(([^:/?#]+):)?(//([^/?#]))?([^?#])(\\?([^#]))?(#(.))?"),t=this.urlString.match(e);if(!t)throw oe(Jn);const r={Protocol:t[1],HostNameAndPort:t[4],AbsolutePath:t[5],QueryString:t[7]};let o=r.AbsolutePath.split("/");return o=o.filter(i=>i&&i.length>0),r.PathSegments=o,r.QueryString&&r.QueryString.endsWith("/")&&(r.QueryString=r.QueryString.substring(0,r.QueryString.length-1)),r}static getDomainFromUrl(e){const t=RegExp("^([^:/?#]+://)?([^/?#])"),r=e.match(t);if(!r)throw oe(Jn);return r[2]}static getAbsoluteUrl(e,t){if(e[0]===C.FORWARD_SLASH){const o=new Q(t).getUrlComponents();return o.Protocol+"//"+o.HostNameAndPort+e}return e}static constructAuthorityUriFromObject(e){return new Q(e.Protocol+"//"+e.HostNameAndPort+"/"+e.PathSegments.join("/"))}static hashContainsKnownProperties(e){return!!Jr(e)}}/! @azure/msal-common v15.4.0 2025-03-25 /const Jl={endpointMetadata:{"login.microsoftonline.com":{token_endpoint:"https://login.microsoftonline.com/{tenantid}/oauth2/v2.0/token",jwks_uri:"https://login.microsoftonline.com/{tenantid}/discovery/v2.0/keys",issuer:"https://login.microsoftonline.com/{tenantid}/v2.0",authorization_endpoint:"https://login.microsoftonline.com/{tenantid}/oauth2/v2.0/authorize",end_session_endpoint:"https://login.microsoftonline.com/{tenantid}/oauth2/v2.0/logout"},"login.chinacloudapi.cn":{token_endpoint:"https://login.chinacloudapi.cn/{tenantid}/oauth2/v2.0/token",jwks_uri:"https://login.chinacloudapi.cn/{tenantid}/discovery/v2.0/keys",issuer:"https://login.partner.microsoftonline.cn/{tenantid}/v2.0",authorization_endpoint:"https://login.chinacloudapi.cn/{tenantid}/oauth2/v2.0/authorize",end_session_endpoint:"https://login.chinacloudapi.cn/{tenantid}/oauth2/v2.0/logout"},"login.microsoftonline.us":{token_endpoint:"https://login.microsoftonline.us/{tenantid}/oauth2/v2.0/token",jwks_uri:"https://login.microsoftonline.us/{tenantid}/discovery/v2.0/keys",issuer:"https://login.microsoftonline.us/{tenantid}/v2.0",authorization_endpoint:"https://login.microsoftonline.us/{tenantid}/oauth2/v2.0/authorize",end_session_endpoint:"https://login.microsoftonline.us/{tenantid}/oauth2/v2.0/logout"}},instanceDiscoveryMetadata:{metadata:[{preferred_network:"login.microsoftonline.com",preferred_cache:"login.windows.net",aliases:["login.microsoftonline.com","login.windows.net","login.microsoft.com","sts.windows.net"]},{preferred_network:"login.partner.microsoftonline.cn",preferred_cache:"login.partner.microsoftonline.cn",aliases:["login.partner.microsoftonline.cn","login.chinacloudapi.cn"]},{preferred_network:"login.microsoftonline.de",preferred_cache:"login.microsoftonline.de",aliases:["login.microsoftonline.de"]},{preferred_network:"login.microsoftonline.us",preferred_cache:"login.microsoftonline.us",aliases:["login.microsoftonline.us","login.usgovcloudapi.net"]},{preferred_network:"login-us.microsoftonline.com",preferred_cache:"login-us.microsoftonline.com",aliases:["login-us.microsoftonline.com"]}]}},Da=Jl.endpointMetadata,us=Jl.instanceDiscoveryMetadata,Xl=new Set;us.metadata.forEach(n=>{n.aliases.forEach(e=>{Xl.add(e)})});function Pg(n,e){var o;let t;const r=n.canonicalAuthority;if(r){const i=new Q(r).getUrlComponents().HostNameAndPort;t=Fa(i,(o=n.cloudDiscoveryMetadata)==null?void 0:o.metadata,qe.CONFIG,e)\|\|Fa(i,us.metadata,qe.HARDCODED_VALUES,e)\|\|n.knownAuthorities}return t\|\|[]}function Fa(n,e,t,r){if(r==null\|\|r.trace(`getAliasesFromMetadata called with source: ${t}`),n&&e){const o=Xr(e,n);if(o)return r==null\|\|r.trace(`getAliasesFromMetadata: found cloud discovery metadata in ${t}, returning aliases`),o.aliases;r==null\|\|r.trace(`getAliasesFromMetadata: did not find cloud discovery metadata in ${t}`)}return null}function Ng(n){return Xr(us.metadata,n)}function Xr(n,e){for(let t=0;t<n.length;t++){const r=n[t];if(r.aliases.includes(e))return r}return null}/! @azure/msal-common v15.4.0 2025-03-25 /const Zl="cache_quota_exceeded",fs="cache_error_unknown";/! @azure/msal-common v15.4.0 2025-03-25 /const ti={[Zl]:"Exceeded cache storage capacity.",[fs]:"Unexpected error occurred when using cache storage."};class xn extends Error{constructor(e,t){const r=t\|\|(ti[e]?ti[e]:ti[fs]);super(`${e}: ${r}`),Object.setPrototypeOf(this,xn.prototype),this.name="CacheError",this.errorCode=e,this.errorMessage=r}}/! @azure/msal-common v15.4.0 2025-03-25 /class Ai{constructor(e,t,r,o){this.clientId=e,this.cryptoImpl=t,this.commonLogger=r.clone(Pl,ss),this.staticAuthorityOptions=o}getAllAccounts(e){return this.buildTenantProfiles(this.getAccountsFilteredBy(e\|\|{}),e)}getAccountInfoFilteredBy(e){const t=this.getAllAccounts(e);return t.length>1?t.sort(o=>o.idTokenClaims?-1:1)[0]:t.length===1?t[0]:null}getBaseAccountInfo(e){const t=this.getAccountsFilteredBy(e);return t.length>0?t[0].getAccountInfo():null}buildTenantProfiles(e,t){return e.flatMap(r=>this.getTenantProfilesFromAccountEntity(r,t==null?void 0:t.tenantId,t))}getTenantedAccountInfoByFilter(e,t,r,o){let i=null,s;if(o&&!this.tenantProfileMatchesFilter(r,o))return null;const a=this.getIdToken(e,t,r.tenantId);return a&&(s=Yt(a.secret,this.cryptoImpl.base64Decode),!this.idTokenClaimsMatchTenantProfileFilter(s,o))?null:(i=hs(e,r,s,a==null?void 0:a.secret),i)}getTenantProfilesFromAccountEntity(e,t,r){const o=e.getAccountInfo();let i=o.tenantProfiles\|\|new Map;const s=this.getTokenKeys();if(t){const c=i.get(t);if(c)i=new Map([[t,c]]);else return[]}const a=[];return i.forEach(c=>{const d=this.getTenantedAccountInfoByFilter(o,s,c,r);d&&a.push(d)}),a}tenantProfileMatchesFilter(e,t){return!(t.localAccountId&&!this.matchLocalAccountIdFromTenantProfile(e,t.localAccountId)\|\|t.name&&e.name!==t.name\|\|t.isHomeTenant!==void 0&&e.isHomeTenant!==t.isHomeTenant)}idTokenClaimsMatchTenantProfileFilter(e,t){return!(t&&(t.localAccountId&&!this.matchLocalAccountIdFromTokenClaims(e,t.localAccountId)\|\|t.loginHint&&!this.matchLoginHintFromTokenClaims(e,t.loginHint)\|\|t.username&&!this.matchUsername(e.preferred_username,t.username)\|\|t.name&&!this.matchName(e,t.name)\|\|t.sid&&!this.matchSid(e,t.sid)))}async saveCacheRecord(e,t,r){var o,i,s,a;if(!e)throw v(El);try{e.account&&await this.setAccount(e.account,t),e.idToken&&(r==null?void 0:r.idToken)!==!1&&await this.setIdTokenCredential(e.idToken,t),e.accessToken&&(r==null?void 0:r.accessToken)!==!1&&await this.saveAccessToken(e.accessToken,t),e.refreshToken&&(r==null?void 0:r.refreshToken)!==!1&&await this.setRefreshTokenCredential(e.refreshToken,t),e.appMetadata&&this.setAppMetadata(e.appMetadata)}catch(c){throw(o=this.commonLogger)==null\|\|o.error("CacheManager.saveCacheRecord: failed"),c instanceof Error?((i=this.commonLogger)==null\|\|i.errorPii(`CacheManager.saveCacheRecord: ${c.message}`,t),c.name==="QuotaExceededError"\|\|c.name==="NS_ERROR_DOM_QUOTA_REACHED"\|\|c.message.includes("exceeded the quota")?((s=this.commonLogger)==null\|\|s.error("CacheManager.saveCacheRecord: exceeded storage quota",t),new xn(Zl)):new xn(c.name,c.message)):((a=this.commonLogger)==null\|\|a.errorPii(`CacheManager.saveCacheRecord: ${c}`,t),new xn(fs))}}async saveAccessToken(e,t){const r={clientId:e.clientId,credentialType:e.credentialType,environment:e.environment,homeAccountId:e.homeAccountId,realm:e.realm,tokenType:e.tokenType,requestedClaimsHash:e.requestedClaimsHash},o=this.getTokenKeys(),i=fe.fromString(e.target),s=[];o.accessToken.forEach(a=>{if(!this.accessTokenKeyMatchesFilter(a,r,!1))return;const c=this.getAccessTokenCredential(a);c&&this.credentialMatchesFilter(c,r)&&fe.fromString(c.target).intersectingScopeSets(i)&&s.push(this.removeAccessToken(a))}),await Promise.all(s),await this.setAccessTokenCredential(e,t)}getAccountsFilteredBy(e){const t=this.getAccountKeys(),r=[];return t.forEach(o=>{var c;if(!this.isAccountKey(o,e.homeAccountId))return;const i=this.getAccount(o,this.commonLogger);if(!i\|\|e.homeAccountId&&!this.matchHomeAccountId(i,e.homeAccountId)\|\|e.username&&!this.matchUsername(i.username,e.username)\|\|e.environment&&!this.matchEnvironment(i,e.environment)\|\|e.realm&&!this.matchRealm(i,e.realm)\|\|e.nativeAccountId&&!this.matchNativeAccountId(i,e.nativeAccountId)\|\|e.authorityType&&!this.matchAuthorityType(i,e.authorityType))return;const s={localAccountId:e==null?void 0:e.localAccountId,name:e==null?void 0:e.name},a=(c=i.tenantProfiles)==null?void 0:c.filter(d=>this.tenantProfileMatchesFilter(d,s));a&&a.length===0\|\|r.push(i)}),r}isAccountKey(e,t,r){return!(e.split(be.CACHE_KEY_SEPARATOR).length<3\|\|t&&!e.toLowerCase().includes(t.toLowerCase())\|\|r&&!e.toLowerCase().includes(r.toLowerCase()))}isCredentialKey(e){if(e.split(be.CACHE_KEY_SEPARATOR).length<6)return!1;const t=e.toLowerCase();if(t.indexOf(B.ID_TOKEN.toLowerCase())===-1&&t.indexOf(B.ACCESS_TOKEN.toLowerCase())===-1&&t.indexOf(B.ACCESS_TOKEN_WITH_AUTH_SCHEME.toLowerCase())===-1&&t.indexOf(B.REFRESH_TOKEN.toLowerCase())===-1)return!1;if(t.indexOf(B.REFRESH_TOKEN.toLowerCase())>-1){const r=`${B.REFRESH_TOKEN}${be.CACHE_KEY_SEPARATOR}${this.clientId}${be.CACHE_KEY_SEPARATOR}`,o=`${B.REFRESH_TOKEN}${be.CACHE_KEY_SEPARATOR}${or}${be.CACHE_KEY_SEPARATOR}`;if(t.indexOf(r.toLowerCase())===-1&&t.indexOf(o.toLowerCase())===-1)return!1}else if(t.indexOf(this.clientId.toLowerCase())===-1)return!1;return!0}credentialMatchesFilter(e,t){return!(t.clientId&&!this.matchClientId(e,t.clientId)\|\|t.userAssertionHash&&!this.matchUserAssertionHash(e,t.userAssertionHash)\|\|typeof t.homeAccountId=="string"&&!this.matchHomeAccountId(e,t.homeAccountId)\|\|t.environment&&!this.matchEnvironment(e,t.environment)\|\|t.realm&&!this.matchRealm(e,t.realm)\|\|t.credentialType&&!this.matchCredentialType(e,t.credentialType)\|\|t.familyId&&!this.matchFamilyId(e,t.familyId)\|\|t.target&&!this.matchTarget(e,t.target)\|\|(t.requestedClaimsHash\|\|e.requestedClaimsHash)&&e.requestedClaimsHash!==t.requestedClaimsHash\|\|e.credentialType===B.ACCESS_TOKEN_WITH_AUTH_SCHEME&&(t.tokenType&&!this.matchTokenType(e,t.tokenType)\|\|t.tokenType===X.SSH&&t.keyId&&!this.matchKeyId(e,t.keyId)))}getAppMetadataFilteredBy(e){const t=this.getKeys(),r={};return t.forEach(o=>{if(!this.isAppMetadata(o))return;const i=this.getAppMetadata(o);i&&(e.environment&&!this.matchEnvironment(i,e.environment)\|\|e.clientId&&!this.matchClientId(i,e.clientId)\|\|(r[o]=i))}),r}getAuthorityMetadataByAlias(e){const t=this.getAuthorityMetadataKeys();let r=null;return t.forEach(o=>{if(!this.isAuthorityMetadata(o)\|\|o.indexOf(this.clientId)===-1)return;const i=this.getAuthorityMetadata(o);i&&i.aliases.indexOf(e)!==-1&&(r=i)}),r}async removeAllAccounts(){const e=this.getAccountKeys(),t=[];e.forEach(r=>{t.push(this.removeAccount(r))}),await Promise.all(t)}async removeAccount(e){const t=this.getAccount(e,this.commonLogger);t&&(await this.removeAccountContext(t),this.removeItem(e))}async removeAccountContext(e){const t=this.getTokenKeys(),r=e.generateAccountId(),o=[];t.idToken.forEach(i=>{i.indexOf(r)===0&&this.removeIdToken(i)}),t.accessToken.forEach(i=>{i.indexOf(r)===0&&o.push(this.removeAccessToken(i))}),t.refreshToken.forEach(i=>{i.indexOf(r)===0&&this.removeRefreshToken(i)}),await Promise.all(o)}async removeAccessToken(e){const t=this.getAccessTokenCredential(e);if(t){if(t.credentialType.toLowerCase()===B.ACCESS_TOKEN_WITH_AUTH_SCHEME.toLowerCase()&&t.tokenType===X.POP){const o=t.keyId;if(o)try{await this.cryptoImpl.removeTokenBindingKey(o)}catch{throw v(bl)}}return this.removeItem(e)}}removeAppMetadata(){return this.getKeys().forEach(t=>{this.isAppMetadata(t)&&this.removeItem(t)}),!0}readAccountFromCache(e){const t=Re.generateAccountCacheKey(e);return this.getAccount(t,this.commonLogger)}getIdToken(e,t,r,o,i){this.commonLogger.trace("CacheManager - getIdToken called");const s={homeAccountId:e.homeAccountId,environment:e.environment,credentialType:B.ID_TOKEN,clientId:this.clientId,realm:r},a=this.getIdTokensByFilter(s,t),c=a.size;if(c<1)return this.commonLogger.info("CacheManager:getIdToken - No token found"),null;if(c>1){let d=a;if(!r){const l=new Map;a.forEach((p,y)=>{p.realm===e.tenantId&&l.set(y,p)});const h=l.size;if(h<1)return this.commonLogger.info("CacheManager:getIdToken - Multiple ID tokens found for account but none match account entity tenant id, returning first result"),a.values().next().value;if(h===1)return this.commonLogger.info("CacheManager:getIdToken - Multiple ID tokens found for account, defaulting to home tenant profile"),l.values().next().value;d=l}return this.commonLogger.info("CacheManager:getIdToken - Multiple matching ID tokens found, clearing them"),d.forEach((l,h)=>{this.removeIdToken(h)}),o&&i&&o.addFields({multiMatchedID:a.size},i),null}return this.commonLogger.info("CacheManager:getIdToken - Returning ID token"),a.values().next().value}getIdTokensByFilter(e,t){const r=t&&t.idToken\|\|this.getTokenKeys().idToken,o=new Map;return r.forEach(i=>{if(!this.idTokenKeyMatchesFilter(i,{clientId:this.clientId,...e}))return;const s=this.getIdTokenCredential(i);s&&this.credentialMatchesFilter(s,e)&&o.set(i,s)}),o}idTokenKeyMatchesFilter(e,t){const r=e.toLowerCase();return!(t.clientId&&r.indexOf(t.clientId.toLowerCase())===-1\|\|t.homeAccountId&&r.indexOf(t.homeAccountId.toLowerCase())===-1)}removeIdToken(e){this.removeItem(e)}removeRefreshToken(e){this.removeItem(e)}getAccessToken(e,t,r,o,i,s){this.commonLogger.trace("CacheManager - getAccessToken called");const a=fe.createSearchScopes(t.scopes),c=t.authenticationScheme\|\|X.BEARER,d=c.toLowerCase()!==X.BEARER.toLowerCase()?B.ACCESS_TOKEN_WITH_AUTH_SCHEME:B.ACCESS_TOKEN,l={homeAccountId:e.homeAccountId,environment:e.environment,credentialType:d,clientId:this.clientId,realm:o\|\|e.tenantId,target:a,tokenType:c,keyId:t.sshKid,requestedClaimsHash:t.requestedClaimsHash},h=r&&r.accessToken\|\|this.getTokenKeys().accessToken,p=[];h.forEach(b=>{if(this.accessTokenKeyMatchesFilter(b,l,!0)){const S=this.getAccessTokenCredential(b);S&&this.credentialMatchesFilter(S,l)&&p.push(S)}});const y=p.length;return y<1?(this.commonLogger.info("CacheManager:getAccessToken - No token found"),null):y>1?(this.commonLogger.info("CacheManager:getAccessToken - Multiple access tokens found, clearing them"),p.forEach(b=>{this.removeAccessToken(sr(b))}),i&&s&&i.addFields({multiMatchedAT:p.length},s),null):(this.commonLogger.info("CacheManager:getAccessToken - Returning access token"),p[0])}accessTokenKeyMatchesFilter(e,t,r){const o=e.toLowerCase();if(t.clientId&&o.indexOf(t.clientId.toLowerCase())===-1\|\|t.homeAccountId&&o.indexOf(t.homeAccountId.toLowerCase())===-1\|\|t.realm&&o.indexOf(t.realm.toLowerCase())===-1\|\|t.requestedClaimsHash&&o.indexOf(t.requestedClaimsHash.toLowerCase())===-1)return!1;if(t.target){const i=t.target.asArray();for(let s=0;s<i.length;s++){if(r&&!o.includes(i[s].toLowerCase()))return!1;if(!r&&o.includes(i[s].toLowerCase()))return!0}}return!0}getAccessTokensByFilter(e){const t=this.getTokenKeys(),r=[];return t.accessToken.forEach(o=>{if(!this.accessTokenKeyMatchesFilter(o,e,!0))return;const i=this.getAccessTokenCredential(o);i&&this.credentialMatchesFilter(i,e)&&r.push(i)}),r}getRefreshToken(e,t,r,o,i){this.commonLogger.trace("CacheManager - getRefreshToken called");const s=t?or:void 0,a={homeAccountId:e.homeAccountId,environment:e.environment,credentialType:B.REFRESH_TOKEN,clientId:this.clientId,familyId:s},c=r&&r.refreshToken\|\|this.getTokenKeys().refreshToken,d=[];c.forEach(h=>{if(this.refreshTokenKeyMatchesFilter(h,a)){const p=this.getRefreshTokenCredential(h);p&&this.credentialMatchesFilter(p,a)&&d.push(p)}});const l=d.length;return l<1?(this.commonLogger.info("CacheManager:getRefreshToken - No refresh token found."),null):(l>1&&o&&i&&o.addFields({multiMatchedRT:l},i),this.commonLogger.info("CacheManager:getRefreshToken - returning refresh token"),d[0])}refreshTokenKeyMatchesFilter(e,t){const r=e.toLowerCase();return!(t.familyId&&r.indexOf(t.familyId.toLowerCase())===-1\|\|!t.familyId&&t.clientId&&r.indexOf(t.clientId.toLowerCase())===-1\|\|t.homeAccountId&&r.indexOf(t.homeAccountId.toLowerCase())===-1)}readAppMetadataFromCache(e){const t={environment:e,clientId:this.clientId},r=this.getAppMetadataFilteredBy(t),o=Object.keys(r).map(s=>r[s]),i=o.length;if(i<1)return null;if(i>1)throw v(Al);return o[0]}isAppMetadataFOCI(e){const t=this.readAppMetadataFromCache(e);return!!(t&&t.familyId===or)}matchHomeAccountId(e,t){return typeof e.homeAccountId=="string"&&t===e.homeAccountId}matchLocalAccountIdFromTokenClaims(e,t){const r=e.oid\|\|e.sub;return t===r}matchLocalAccountIdFromTenantProfile(e,t){return e.localAccountId===t}matchName(e,t){var r;return t.toLowerCase()===((r=e.name)==null?void 0:r.toLowerCase())}matchUsername(e,t){return!!(e&&typeof e=="string"&&(t==null?void 0:t.toLowerCase())===e.toLowerCase())}matchUserAssertionHash(e,t){return!!(e.userAssertionHash&&t===e.userAssertionHash)}matchEnvironment(e,t){if(this.staticAuthorityOptions){const o=Pg(this.staticAuthorityOptions,this.commonLogger);if(o.includes(t)&&o.includes(e.environment))return!0}const r=this.getAuthorityMetadataByAlias(t);return!!(r&&r.aliases.indexOf(e.environment)>-1)}matchCredentialType(e,t){return e.credentialType&&t.toLowerCase()===e.credentialType.toLowerCase()}matchClientId(e,t){return!!(e.clientId&&t===e.clientId)}matchFamilyId(e,t){return!!(e.familyId&&t===e.familyId)}matchRealm(e,t){var r;return((r=e.realm)==null?void 0:r.toLowerCase())===t.toLowerCase()}matchNativeAccountId(e,t){return!!(e.nativeAccountId&&t===e.nativeAccountId)}matchLoginHintFromTokenClaims(e,t){return e.login_hint===t\|\|e.preferred_username===t\|\|e.upn===t}matchSid(e,t){return e.sid===t}matchAuthorityType(e,t){return!!(e.authorityType&&t.toLowerCase()===e.authorityType.toLowerCase())}matchTarget(e,t){return e.credentialType!==B.ACCESS_TOKEN&&e.credentialType!==B.ACCESS_TOKEN_WITH_AUTH_SCHEME\|\|!e.target?!1:fe.fromString(e.target).containsScopeSet(t)}matchTokenType(e,t){return!!(e.tokenType&&e.tokenType===t)}matchKeyId(e,t){return!!(e.keyId&&e.keyId===t)}isAppMetadata(e){return e.indexOf(Xi)!==-1}isAuthorityMetadata(e){return e.indexOf(Vr.CACHE_KEY)!==-1}generateAuthorityMetadataCacheKey(e){return`${Vr.CACHE_KEY}-${this.clientId}-${e}`}static toObject(e,t){for(const r in t)e[r]=t[r];return e}}class Mg extends Ai{async setAccount(){throw v(z)}getAccount(){throw v(z)}async setIdTokenCredential(){throw v(z)}getIdTokenCredential(){throw v(z)}async setAccessTokenCredential(){throw v(z)}getAccessTokenCredential(){throw v(z)}async setRefreshTokenCredential(){throw v(z)}getRefreshTokenCredential(){throw v(z)}setAppMetadata(){throw v(z)}getAppMetadata(){throw v(z)}setServerTelemetry(){throw v(z)}getServerTelemetry(){throw v(z)}setAuthorityMetadata(){throw v(z)}getAuthorityMetadata(){throw v(z)}getAuthorityMetadataKeys(){throw v(z)}setThrottlingCache(){throw v(z)}getThrottlingCache(){throw v(z)}removeItem(){throw v(z)}getKeys(){throw v(z)}getAccountKeys(){throw v(z)}getTokenKeys(){throw v(z)}}/! @azure/msal-common v15.4.0 2025-03-25 /const ed={tokenRenewalOffsetSeconds:ng,preventCorsPreflight:!1},xg={loggerCallback:()=>{},piiLoggingEnabled:!1,logLevel:he.Info,correlationId:C.EMPTY_STRING},Hg={claimsBasedCachingEnabled:!1},Lg={async sendGetRequestAsync(){throw v(z)},async sendPostRequestAsync(){throw v(z)}},Ug={sku:C.SKU,version:ss,cpu:C.EMPTY_STRING,os:C.EMPTY_STRING},Dg={clientSecret:C.EMPTY_STRING,clientAssertion:void 0},Fg={azureCloudInstance:as.None,tenant:`${C.DEFAULT_COMMON_TENANT}`},Kg={application:{appName:"",appVersion:""}};function Bg({authOptions:n,systemOptions:e,loggerOptions:t,cacheOptions:r,storageInterface:o,networkInterface:i,cryptoInterface:s,clientCredentials:a,libraryInfo:c,telemetry:d,serverTelemetryManager:l,persistencePlugin:h,serializableCache:p}){const y={...xg,...t};return{authOptions:Gg(n),systemOptions:{...ed,...e},loggerOptions:y,cacheOptions:{...Hg,...r},storageInterface:o\|\|new Mg(n.clientId,fr,new Ht(y)),networkInterface:i\|\|Lg,cryptoInterface:s\|\|fr,clientCredentials:a\|\|Dg,libraryInfo:{...Ug,...c},telemetry:{...Kg,...d},serverTelemetryManager:l\|\|null,persistencePlugin:h\|\|null,serializableCache:p\|\|null}}function Gg(n){return{clientCapabilities:[],azureCloudOptions:Fg,skipAuthorityMetadataCache:!1,instanceAware:!1,...n}}function td(n){return n.authOptions.authority.options.protocolMode===Ue.OIDC}/! @azure/msal-common v15.4.0 2025-03-25 /const it={HOME_ACCOUNT_ID:"home_account_id",UPN:"UPN"};/! @azure/msal-common v15.4.0 2025-03-25 /const gn="client_id",nd="redirect_uri",$g="response_type",zg="response_mode",qg="grant_type",Vg="claims",jg="scope",Wg="refresh_token",Yg="state",Qg="nonce",Jg="prompt",Xg="code",Zg="code_challenge",ep="code_challenge_method",tp="code_verifier",np="client-request-id",rp="x-client-SKU",op="x-client-VER",ip="x-client-OS",sp="x-client-CPU",ap="x-client-current-telemetry",cp="x-client-last-telemetry",lp="x-ms-lib-capability",dp="x-app-name",hp="x-app-ver",up="post_logout_redirect_uri",fp="id_token_hint",gp="client_secret",pp="client_assertion",mp="client_assertion_type",rd="token_type",od="req_cnf",Ka="return_spa_code",Cp="nativebroker",yp="logout_hint",Tp="sid",Ap="login_hint",vp="domain_hint",wp="x-client-xtra-sku",Zr="brk_client_id",eo="brk_redirect_uri",vi="instance_aware",Ip="ear_jwk",Ep="ear_jwe_crypto";/! @azure/msal-common v15.4.0 2025-03-25 /function _o(n,e,t){if(!e)return;const r=n.get(gn);r&&n.has(Zr)&&(t==null\|\|t.addFields({embeddedClientId:r,embeddedRedirectUri:n.get(nd)},e))}function id(n,e){n.set($g,e)}function _p(n,e){n.set(zg,e\|\|Zf.QUERY)}function Sp(n){n.set(Cp,"1")}function gs(n,e,t=!0,r=yn){t&&!r.includes("openid")&&!e.includes("openid")&&r.push("openid");const o=t?[...e\|\|[],...r]:e\|\|[],i=new fe(o);n.set(jg,i.printScopes())}function ps(n,e){n.set(gn,e)}function ms(n,e){n.set(nd,e)}function bp(n,e){n.set(up,e)}function kp(n,e){n.set(fp,e)}function Rp(n,e){n.set(vp,e)}function Or(n,e){n.set(Ap,e)}function to(n,e){n.set(Me.CCS_HEADER,`UPN:${e}`)}function ar(n,e){n.set(Me.CCS_HEADER,`Oid:${e.uid}@${e.utid}`)}function Ba(n,e){n.set(Tp,e)}function Cs(n,e,t){const r=ud(e,t);try{JSON.parse(r)}catch{throw oe(vo)}n.set(Vg,r)}function ys(n,e){n.set(np,e)}function Ts(n,e){n.set(rp,e.sku),n.set(op,e.version),e.os&&n.set(ip,e.os),e.cpu&&n.set(sp,e.cpu)}function As(n,e){e!=null&&e.appName&&n.set(dp,e.appName),e!=null&&e.appVersion&&n.set(hp,e.appVersion)}function Op(n,e){n.set(Jg,e)}function sd(n,e){e&&n.set(Yg,e)}function Pp(n,e){n.set(Qg,e)}function Np(n,e,t){if(e&&t)n.set(Zg,e),n.set(ep,t);else throw oe(wo)}function Mp(n,e){n.set(Xg,e)}function xp(n,e){n.set(Wg,e)}function Hp(n,e){n.set(tp,e)}function ad(n,e){n.set(gp,e)}function cd(n,e){e&&n.set(pp,e)}function ld(n,e){e&&n.set(mp,e)}function dd(n,e){n.set(qg,e)}function vs(n){n.set(eg,"1")}function hd(n){n.has(vi)\|\|n.set(vi,"true")}function hn(n,e){Object.entries(e).forEach(([t,r])=>{!n.has(t)&&r&&n.set(t,r)})}function ud(n,e){let t;if(!n)t={};else try{t=JSON.parse(n)}catch{throw oe(vo)}return e&&e.length>0&&(t.hasOwnProperty(Sr.ACCESS_TOKEN)\|\|(t[Sr.ACCESS_TOKEN]={}),t[Sr.ACCESS_TOKEN][Sr.XMS_CC]={values:e}),JSON.stringify(t)}function ws(n,e){e&&(n.set(rd,X.POP),n.set(od,e))}function fd(n,e){e&&(n.set(rd,X.SSH),n.set(od,e))}function gd(n,e){n.set(ap,e.generateCurrentRequestHeaderValue()),n.set(cp,e.generateLastRequestHeaderValue())}function pd(n){n.set(lp,ir.X_MS_LIB_CAPABILITY_VALUE)}function Lp(n,e){n.set(yp,e)}function So(n,e,t){n.has(Zr)\|\|n.set(Zr,e),n.has(eo)\|\|n.set(eo,t)}function Up(n,e){n.set(Ip,encodeURIComponent(e)),n.set(Ep,"eyJhbGciOiJkaXIiLCJlbmMiOiJBMjU2R0NNIn0")}/! @azure/msal-common v15.4.0 2025-03-25 /function Dp(n){return n.hasOwnProperty("authorization_endpoint")&&n.hasOwnProperty("token_endpoint")&&n.hasOwnProperty("issuer")&&n.hasOwnProperty("jwks_uri")}/! @azure/msal-common v15.4.0 2025-03-25 /function Fp(n){return n.hasOwnProperty("tenant_discovery_endpoint")&&n.hasOwnProperty("metadata")}/! @azure/msal-common v15.4.0 2025-03-25 /function Kp(n){return n.hasOwnProperty("error")&&n.hasOwnProperty("error_description")}/! @azure/msal-common v15.4.0 2025-03-25 /const f={AcquireTokenByCode:"acquireTokenByCode",AcquireTokenByRefreshToken:"acquireTokenByRefreshToken",AcquireTokenSilent:"acquireTokenSilent",AcquireTokenSilentAsync:"acquireTokenSilentAsync",AcquireTokenPopup:"acquireTokenPopup",AcquireTokenPreRedirect:"acquireTokenPreRedirect",AcquireTokenRedirect:"acquireTokenRedirect",CryptoOptsGetPublicKeyThumbprint:"cryptoOptsGetPublicKeyThumbprint",CryptoOptsSignJwt:"cryptoOptsSignJwt",SilentCacheClientAcquireToken:"silentCacheClientAcquireToken",SilentIframeClientAcquireToken:"silentIframeClientAcquireToken",AwaitConcurrentIframe:"awaitConcurrentIframe",SilentRefreshClientAcquireToken:"silentRefreshClientAcquireToken",SsoSilent:"ssoSilent",StandardInteractionClientGetDiscoveredAuthority:"standardInteractionClientGetDiscoveredAuthority",FetchAccountIdWithNativeBroker:"fetchAccountIdWithNativeBroker",NativeInteractionClientAcquireToken:"nativeInteractionClientAcquireToken",BaseClientCreateTokenRequestHeaders:"baseClientCreateTokenRequestHeaders",NetworkClientSendPostRequestAsync:"networkClientSendPostRequestAsync",RefreshTokenClientExecutePostToTokenEndpoint:"refreshTokenClientExecutePostToTokenEndpoint",AuthorizationCodeClientExecutePostToTokenEndpoint:"authorizationCodeClientExecutePostToTokenEndpoint",BrokerHandhshake:"brokerHandshake",AcquireTokenByRefreshTokenInBroker:"acquireTokenByRefreshTokenInBroker",AcquireTokenByBroker:"acquireTokenByBroker",RefreshTokenClientExecuteTokenRequest:"refreshTokenClientExecuteTokenRequest",RefreshTokenClientAcquireToken:"refreshTokenClientAcquireToken",RefreshTokenClientAcquireTokenWithCachedRefreshToken:"refreshTokenClientAcquireTokenWithCachedRefreshToken",RefreshTokenClientAcquireTokenByRefreshToken:"refreshTokenClientAcquireTokenByRefreshToken",RefreshTokenClientCreateTokenRequestBody:"refreshTokenClientCreateTokenRequestBody",AcquireTokenFromCache:"acquireTokenFromCache",SilentFlowClientAcquireCachedToken:"silentFlowClientAcquireCachedToken",SilentFlowClientGenerateResultFromCacheRecord:"silentFlowClientGenerateResultFromCacheRecord",AcquireTokenBySilentIframe:"acquireTokenBySilentIframe",InitializeBaseRequest:"initializeBaseRequest",InitializeSilentRequest:"initializeSilentRequest",InitializeClientApplication:"initializeClientApplication",InitializeCache:"initializeCache",SilentIframeClientTokenHelper:"silentIframeClientTokenHelper",SilentHandlerInitiateAuthRequest:"silentHandlerInitiateAuthRequest",SilentHandlerMonitorIframeForHash:"silentHandlerMonitorIframeForHash",SilentHandlerLoadFrame:"silentHandlerLoadFrame",SilentHandlerLoadFrameSync:"silentHandlerLoadFrameSync",StandardInteractionClientCreateAuthCodeClient:"standardInteractionClientCreateAuthCodeClient",StandardInteractionClientGetClientConfiguration:"standardInteractionClientGetClientConfiguration",StandardInteractionClientInitializeAuthorizationRequest:"standardInteractionClientInitializeAuthorizationRequest",GetAuthCodeUrl:"getAuthCodeUrl",GetStandardParams:"getStandardParams",HandleCodeResponseFromServer:"handleCodeResponseFromServer",HandleCodeResponse:"handleCodeResponse",HandleResponseEar:"handleResponseEar",HandleResponsePlatformBroker:"handleResponsePlatformBroker",HandleResponseCode:"handleResponseCode",UpdateTokenEndpointAuthority:"updateTokenEndpointAuthority",AuthClientAcquireToken:"authClientAcquireToken",AuthClientExecuteTokenRequest:"authClientExecuteTokenRequest",AuthClientCreateTokenRequestBody:"authClientCreateTokenRequestBody",PopTokenGenerateCnf:"popTokenGenerateCnf",PopTokenGenerateKid:"popTokenGenerateKid",HandleServerTokenResponse:"handleServerTokenResponse",DeserializeResponse:"deserializeResponse",AuthorityFactoryCreateDiscoveredInstance:"authorityFactoryCreateDiscoveredInstance",AuthorityResolveEndpointsAsync:"authorityResolveEndpointsAsync",AuthorityResolveEndpointsFromLocalSources:"authorityResolveEndpointsFromLocalSources",AuthorityGetCloudDiscoveryMetadataFromNetwork:"authorityGetCloudDiscoveryMetadataFromNetwork",AuthorityUpdateCloudDiscoveryMetadata:"authorityUpdateCloudDiscoveryMetadata",AuthorityGetEndpointMetadataFromNetwork:"authorityGetEndpointMetadataFromNetwork",AuthorityUpdateEndpointMetadata:"authorityUpdateEndpointMetadata",AuthorityUpdateMetadataWithRegionalInformation:"authorityUpdateMetadataWithRegionalInformation",RegionDiscoveryDetectRegion:"regionDiscoveryDetectRegion",RegionDiscoveryGetRegionFromIMDS:"regionDiscoveryGetRegionFromIMDS",RegionDiscoveryGetCurrentVersion:"regionDiscoveryGetCurrentVersion",AcquireTokenByCodeAsync:"acquireTokenByCodeAsync",GetEndpointMetadataFromNetwork:"getEndpointMetadataFromNetwork",GetCloudDiscoveryMetadataFromNetworkMeasurement:"getCloudDiscoveryMetadataFromNetworkMeasurement",HandleRedirectPromiseMeasurement:"handleRedirectPromise",HandleNativeRedirectPromiseMeasurement:"handleNativeRedirectPromise",UpdateCloudDiscoveryMetadataMeasurement:"updateCloudDiscoveryMetadataMeasurement",UsernamePasswordClientAcquireToken:"usernamePasswordClientAcquireToken",NativeMessageHandlerHandshake:"nativeMessageHandlerHandshake",NativeGenerateAuthResult:"nativeGenerateAuthResult",RemoveHiddenIframe:"removeHiddenIframe",ClearTokensAndKeysWithClaims:"clearTokensAndKeysWithClaims",CacheManagerGetRefreshToken:"cacheManagerGetRefreshToken",ImportExistingCache:"importExistingCache",SetUserData:"setUserData",LocalStorageUpdated:"localStorageUpdated",GeneratePkceCodes:"generatePkceCodes",GenerateCodeVerifier:"generateCodeVerifier",GenerateCodeChallengeFromVerifier:"generateCodeChallengeFromVerifier",Sha256Digest:"sha256Digest",GetRandomValues:"getRandomValues",GenerateHKDF:"generateHKDF",GenerateBaseKey:"generateBaseKey",Base64Decode:"base64Decode",UrlEncodeArr:"urlEncodeArr",Encrypt:"encrypt",Decrypt:"decrypt",GenerateEarKey:"generateEarKey",DecryptEarResponse:"decryptEarResponse"},Bp={InProgress:1};/! @azure/msal-common v15.4.0 2025-03-25 /const lt=(n,e,t,r,o)=>(...i)=>{t.trace(`Executing function ${e}`);const s=r==null?void 0:r.startMeasurement(e,o);if(o){const a=e+"CallCount";r==null\|\|r.incrementFields({[a]:1},o)}try{const a=n(...i);return s==null\|\|s.end({success:!0}),t.trace(`Returning result from ${e}`),a}catch(a){t.trace(`Error occurred in ${e}`);try{t.trace(JSON.stringify(a))}catch{t.trace("Unable to print error message.")}throw s==null\|\|s.end({success:!1},a),a}},T=(n,e,t,r,o)=>(...i)=>{t.trace(`Executing function ${e}`);const s=r==null?void 0:r.startMeasurement(e,o);if(o){const a=e+"CallCount";r==null\|\|r.incrementFields({[a]:1},o)}return r==null\|\|r.setPreQueueTime(e,o),n(...i).then(a=>(t.trace(`Returning result from ${e}`),s==null\|\|s.end({success:!0}),a)).catch(a=>{t.trace(`Error occurred in ${e}`);try{t.trace(JSON.stringify(a))}catch{t.trace("Unable to print error message.")}throw s==null\|\|s.end({success:!1},a),a})};/! @azure/msal-common v15.4.0 2025-03-25 /class bo{constructor(e,t,r,o){this.networkInterface=e,this.logger=t,this.performanceClient=r,this.correlationId=o}async detectRegion(e,t){var o;(o=this.performanceClient)==null\|\|o.addQueueMeasurement(f.RegionDiscoveryDetectRegion,this.correlationId);let r=e;if(r)t.region_source=wn.ENVIRONMENT_VARIABLE;else{const i=bo.IMDS_OPTIONS;try{const s=await T(this.getRegionFromIMDS.bind(this),f.RegionDiscoveryGetRegionFromIMDS,this.logger,this.performanceClient,this.correlationId)(C.IMDS_VERSION,i);if(s.status===kr.httpSuccess&&(r=s.body,t.region_source=wn.IMDS),s.status===kr.httpBadRequest){const a=await T(this.getCurrentVersion.bind(this),f.RegionDiscoveryGetCurrentVersion,this.logger,this.performanceClient,this.correlationId)(i);if(!a)return t.region_source=wn.FAILED_AUTO_DETECTION,null;const c=await T(this.getRegionFromIMDS.bind(this),f.RegionDiscoveryGetRegionFromIMDS,this.logger,this.performanceClient,this.correlationId)(a,i);c.status===kr.httpSuccess&&(r=c.body,t.region_source=wn.IMDS)}}catch{return t.region_source=wn.FAILED_AUTO_DETECTION,null}}return r\|\|(t.region_source=wn.FAILED_AUTO_DETECTION),r\|\|null}async getRegionFromIMDS(e,t){var r;return(r=this.performanceClient)==null\|\|r.addQueueMeasurement(f.RegionDiscoveryGetRegionFromIMDS,this.correlationId),this.networkInterface.sendGetRequestAsync(`${C.IMDS_ENDPOINT}?api-version=${e}&format=text`,t,C.IMDS_TIMEOUT)}async getCurrentVersion(e){var t;(t=this.performanceClient)==null\|\|t.addQueueMeasurement(f.RegionDiscoveryGetCurrentVersion,this.correlationId);try{const r=await this.networkInterface.sendGetRequestAsync(`${C.IMDS_ENDPOINT}?format=json`,e);return r.status===kr.httpBadRequest&&r.body&&r.body["newest-versions"]&&r.body["newest-versions"].length>0?r.body["newest-versions"][0]:null}catch{return null}}}bo.IMDS_OPTIONS={headers:{Metadata:"true"}};/! @azure/msal-common v15.4.0 2025-03-25 */class Ee{constructor(e,t,r,o,i,s,a,c){this.canonicalAuthority=e,this._canonicalAuthority.validateAsUri(),this.networkInterface=t,this.cacheManager=r,this.authorityOptions=o,this.regionDiscoveryMetadata={region_used:void 0,region_source:void 0,region_outcome:void 0},this.logger=i,this.performanceClient=a,this.correlationId=s,this.managedIdentity=c\|\|!1,this.regionDiscovery=new bo(t,this.logger,this.performanceClient,this.correlationId)}getAuthorityType(e){if(e.HostNameAndPort.endsWith(C.CIAM_AUTH_URL))return rt.Ciam;const t=e.PathSegments;if(t.length)switch(t[0].toLowerCase()){case C.ADFS:return rt.Adfs;case C.DSTS:return rt.Dsts}return rt.Default}get authorityType(){return this.getAuthorityType(this.canonicalAuthorityUrlComponents)}get protocolMode(){return this.authorityOptions.protocolMode}get options(){return this.authorityOptions}get canonicalAuthority(){return this._canonicalAuthority.urlString}set canonicalAuthority(e){this._canonicalAuthority=new Q(e),this._canonicalAuthority.validateAsUri(),this._canonicalAuthorityUrlComponents=null}get canonicalAuthorityUrlComponents(){return this._canonicalAuthorityUrlComponents\|\|(this._canonicalAuthorityUrlComponents=this._canonicalAuthority.getUrlComponents()),this._canonicalAuthorityUrlComponents}get hostnameAndPort(){return this.canonicalAuthorityUrlComponents.HostNameAndPort.toLowerCase()}get tenant(){return this.canonicalAuthorityUrlComponents.PathSegments[0]}get authorizationEndpoint(){if(this.discoveryComplete())return this.replacePath(this.metadata.authorization_endpoint);throw v(Ot)}get tokenEndpoint(){if(this.discoveryComplete())return this.replacePath(this.metadata.token_endpoint);throw v(Ot)}get deviceCodeEndpoint(){if(this.discoveryComplete())return this.replacePath(this.metadata.token_endpoint.replace("/token","/devicecode"));throw v(Ot)}get endSessionEndpoint(){if(this.discoveryComplete()){if(!this.metadata.end_session_endpoint)throw v(kl);return this.replacePath(this.metadata.end_session_endpoint)}else throw v(Ot)}get selfSignedJwtAudience(){if(this.discoveryComplete())return this.replacePath(this.metadata.issuer);throw v(Ot)}get jwksUri(){if(this.discoveryComplete())return this.replacePath(this.metadata.jwks_uri);throw v(Ot)}canReplaceTenant(e){return e.PathSegments.length===1&&!Ee.reservedTenantDomains.has(e.PathSegments[0])&&this.getAuthorityType(e)===rt.Default&&this.protocolMode!==Ue.OIDC}replaceTenant(e){return e.replace(/{tenant}\|{tenantid}/g,this.tenant)}replacePath(e){let t=e;const o=new Q(this.metadata.canonical_authority).getUrlComponents(),i=o.PathSegments;return this.canonicalAuthorityUrlComponents.PathSegments.forEach((a,c)=>{let d=i[c];if(c===0&&this.canReplaceTenant(o)){const l=new Q(this.metadata.authorization_endpoint).getUrlComponents().PathSegments[0];d!==l&&(this.logger.verbose(`Replacing tenant domain name ${d} with id ${l}`),d=l)}a!==d&&(t=t.replace(`/${d}/`,`/${a}/`))}),this.replaceTenant(t)}get defaultOpenIdConfigurationEndpoint(){const e=this.hostnameAndPort;return this.canonicalAuthority.endsWith("v2.0/")\|\|this.authorityType===rt.Adfs\|\|this.protocolMode===Ue.OIDC&&!this.isAliasOfKnownMicrosoftAuthority(e)?`${this.canonicalAuthority}.well-known/openid-configuration`:`${this.canonicalAuthority}v2.0/.well-known/openid-configuration`}discoveryComplete(){return!!this.metadata}async resolveEndpointsAsync(){var o,i;(o=this.performanceClient)==null\|\|o.addQueueMeasurement(f.AuthorityResolveEndpointsAsync,this.correlationId);const e=this.getCurrentMetadataEntity(),t=await T(this.updateCloudDiscoveryMetadata.bind(this),f.AuthorityUpdateCloudDiscoveryMetadata,this.logger,this.performanceClient,this.correlationId)(e);this.canonicalAuthority=this.canonicalAuthority.replace(this.hostnameAndPort,e.preferred_network);const r=await T(this.updateEndpointMetadata.bind(this),f.AuthorityUpdateEndpointMetadata,this.logger,this.performanceClient,this.correlationId)(e);this.updateCachedMetadata(e,t,{source:r}),(i=this.performanceClient)==null\|\|i.addFields({cloudDiscoverySource:t,authorityEndpointSource:r},this.correlationId)}getCurrentMetadataEntity(){let e=this.cacheManager.getAuthorityMetadataByAlias(this.hostnameAndPort);return e\|\|(e={aliases:[],preferred_cache:this.hostnameAndPort,preferred_network:this.hostnameAndPort,canonical_authority:this.canonicalAuthority,authorization_endpoint:"",token_endpoint:"",end_session_endpoint:"",issuer:"",aliasesFromNetwork:!1,endpointsFromNetwork:!1,expiresAt:Ha(),jwks_uri:""}),e}updateCachedMetadata(e,t,r){t!==qe.CACHE&&(r==null?void 0:r.source)!==qe.CACHE&&(e.expiresAt=Ha(),e.canonical_authority=this.canonicalAuthority);const o=this.cacheManager.generateAuthorityMetadataCacheKey(e.preferred_cache);this.cacheManager.setAuthorityMetadata(o,e),this.metadata=e}async updateEndpointMetadata(e){var o,i,s;(o=this.performanceClient)==null\|\|o.addQueueMeasurement(f.AuthorityUpdateEndpointMetadata,this.correlationId);const t=this.updateEndpointMetadataFromLocalSources(e);if(t){if(t.source===qe.HARDCODED_VALUES&&(i=this.authorityOptions.azureRegionConfiguration)!=null&&i.azureRegion&&t.metadata){const a=await T(this.updateMetadataWithRegionalInformation.bind(this),f.AuthorityUpdateMetadataWithRegionalInformation,this.logger,this.performanceClient,this.correlationId)(t.metadata);Rr(e,a,!1),e.canonical_authority=this.canonicalAuthority}return t.source}let r=await T(this.getEndpointMetadataFromNetwork.bind(this),f.AuthorityGetEndpointMetadataFromNetwork,this.logger,this.performanceClient,this.correlationId)();if(r)return(s=this.authorityOptions.azureRegionConfiguration)!=null&&s.azureRegion&&(r=await T(this.updateMetadataWithRegionalInformation.bind(this),f.AuthorityUpdateMetadataWithRegionalInformation,this.logger,this.performanceClient,this.correlationId)(r)),Rr(e,r,!0),qe.NETWORK;throw v(pl,this.defaultOpenIdConfigurationEndpoint)}updateEndpointMetadataFromLocalSources(e){this.logger.verbose("Attempting to get endpoint metadata from authority configuration");const t=this.getEndpointMetadataFromConfig();if(t)return this.logger.verbose("Found endpoint metadata in authority configuration"),Rr(e,t,!1),{source:qe.CONFIG};if(this.logger.verbose("Did not find endpoint metadata in the config... Attempting to get endpoint metadata from the hardcoded values."),this.authorityOptions.skipAuthorityMetadataCache)this.logger.verbose("Skipping hardcoded metadata cache since skipAuthorityMetadataCache is set to true. Attempting to get endpoint metadata from the network metadata cache.");else{const o=this.getEndpointMetadataFromHardcodedValues();if(o)return Rr(e,o,!1),{source:qe.HARDCODED_VALUES,metadata:o};this.logger.verbose("Did not find endpoint metadata in hardcoded values... Attempting to get endpoint metadata from the network metadata cache.")}const r=La(e);return this.isAuthoritySameType(e)&&e.endpointsFromNetwork&&!r?(this.logger.verbose("Found endpoint metadata in the cache."),{source:qe.CACHE}):(r&&this.logger.verbose("The metadata entity is expired."),null)}isAuthoritySameType(e){return new Q(e.canonical_authority).getUrlComponents().PathSegments.length===this.canonicalAuthorityUrlComponents.PathSegments.length}getEndpointMetadataFromConfig(){if(this.authorityOptions.authorityMetadata)try{return JSON.parse(this.authorityOptions.authorityMetadata)}catch{throw oe($l)}return null}async getEndpointMetadataFromNetwork(){var r;(r=this.performanceClient)==null\|\|r.addQueueMeasurement(f.AuthorityGetEndpointMetadataFromNetwork,this.correlationId);const e={},t=this.defaultOpenIdConfigurationEndpoint;this.logger.verbose(`Authority.getEndpointMetadataFromNetwork: attempting to retrieve OAuth endpoints from ${t}`);try{const o=await this.networkInterface.sendGetRequestAsync(t,e);return Dp(o.body)?o.body:(this.logger.verbose("Authority.getEndpointMetadataFromNetwork: could not parse response as OpenID configuration"),null)}catch(o){return this.logger.verbose(`Authority.getEndpointMetadataFromNetwork: ${o}`),null}}getEndpointMetadataFromHardcodedValues(){return this.hostnameAndPort in Da?Da[this.hostnameAndPort]:null}async updateMetadataWithRegionalInformation(e){var r,o,i;(r=this.performanceClient)==null\|\|r.addQueueMeasurement(f.AuthorityUpdateMetadataWithRegionalInformation,this.correlationId);const t=(o=this.authorityOptions.azureRegionConfiguration)==null?void 0:o.azureRegion;if(t){if(t!==C.AZURE_REGION_AUTO_DISCOVER_FLAG)return this.regionDiscoveryMetadata.region_outcome=Zo.CONFIGURED_NO_AUTO_DETECTION,this.regionDiscoveryMetadata.region_used=t,Ee.replaceWithRegionalInformation(e,t);const s=await T(this.regionDiscovery.detectRegion.bind(this.regionDiscovery),f.RegionDiscoveryDetectRegion,this.logger,this.performanceClient,this.correlationId)((i=this.authorityOptions.azureRegionConfiguration)==null?void 0:i.environmentRegion,this.regionDiscoveryMetadata);if(s)return this.regionDiscoveryMetadata.region_outcome=Zo.AUTO_DETECTION_REQUESTED_SUCCESSFUL,this.regionDiscoveryMetadata.region_used=s,Ee.replaceWithRegionalInformation(e,s);this.regionDiscoveryMetadata.region_outcome=Zo.AUTO_DETECTION_REQUESTED_FAILED}return e}async updateCloudDiscoveryMetadata(e){var o;(o=this.performanceClient)==null\|\|o.addQueueMeasurement(f.AuthorityUpdateCloudDiscoveryMetadata,this.correlationId);const t=this.updateCloudDiscoveryMetadataFromLocalSources(e);if(t)return t;const r=await T(this.getCloudDiscoveryMetadataFromNetwork.bind(this),f.AuthorityGetCloudDiscoveryMetadataFromNetwork,this.logger,this.performanceClient,this.correlationId)();if(r)return ei(e,r,!0),qe.NETWORK;throw oe(zl)}updateCloudDiscoveryMetadataFromLocalSources(e){this.logger.verbose("Attempting to get cloud discovery metadata from authority configuration"),this.logger.verbosePii(`Known Authorities: ${this.authorityOptions.knownAuthorities\|\|C.NOT_APPLICABLE}`),this.logger.verbosePii(`Authority Metadata: ${this.authorityOptions.authorityMetadata\|\|C.NOT_APPLICABLE}`),this.logger.verbosePii(`Canonical Authority: ${e.canonical_authority\|\|C.NOT_APPLICABLE}`);const t=this.getCloudDiscoveryMetadataFromConfig();if(t)return this.logger.verbose("Found cloud discovery metadata in authority configuration"),ei(e,t,!1),qe.CONFIG;if(this.logger.verbose("Did not find cloud discovery metadata in the config... Attempting to get cloud discovery metadata from the hardcoded values."),this.options.skipAuthorityMetadataCache)this.logger.verbose("Skipping hardcoded cloud discovery metadata cache since skipAuthorityMetadataCache is set to true. Attempting to get cloud discovery metadata from the network metadata cache.");else{const o=Ng(this.hostnameAndPort);if(o)return this.logger.verbose("Found cloud discovery metadata from hardcoded values."),ei(e,o,!1),qe.HARDCODED_VALUES;this.logger.verbose("Did not find cloud discovery metadata in hardcoded values... Attempting to get cloud discovery metadata from the network metadata cache.")}const r=La(e);return this.isAuthoritySameType(e)&&e.aliasesFromNetwork&&!r?(this.logger.verbose("Found cloud discovery metadata in the cache."),qe.CACHE):(r&&this.logger.verbose("The metadata entity is expired."),null)}getCloudDiscoveryMetadataFromConfig(){if(this.authorityType===rt.Ciam)return this.logger.verbose("CIAM authorities do not support cloud discovery metadata, generate the aliases from authority host."),Ee.createCloudDiscoveryMetadataFromHost(this.hostnameAndPort);if(this.authorityOptions.cloudDiscoveryMetadata){this.logger.verbose("The cloud discovery metadata has been provided as a network response, in the config.");try{this.logger.verbose("Attempting to parse the cloud discovery metadata.");const e=JSON.parse(this.authorityOptions.cloudDiscoveryMetadata),t=Xr(e.metadata,this.hostnameAndPort);if(this.logger.verbose("Parsed the cloud discovery metadata."),t)return this.logger.verbose("There is returnable metadata attached to the parsed cloud discovery metadata."),t;this.logger.verbose("There is no metadata attached to the parsed cloud discovery metadata.")}catch{throw this.logger.verbose("Unable to parse the cloud discovery metadata. Throwing Invalid Cloud Discovery Metadata Error."),oe(ls)}}return this.isInKnownAuthorities()?(this.logger.verbose("The host is included in knownAuthorities. Creating new cloud discovery metadata from the host."),Ee.createCloudDiscoveryMetadataFromHost(this.hostnameAndPort)):null}async getCloudDiscoveryMetadataFromNetwork(){var o;(o=this.performanceClient)==null\|\|o.addQueueMeasurement(f.AuthorityGetCloudDiscoveryMetadataFromNetwork,this.correlationId);const e=`${C.AAD_INSTANCE_DISCOVERY_ENDPT}${this.canonicalAuthority}oauth2/v2.0/authorize`,t={};let r=null;try{const i=await this.networkInterface.sendGetRequestAsync(e,t);let s,a;if(Fp(i.body))s=i.body,a=s.metadata,this.logger.verbosePii(`tenant_discovery_endpoint is: ${s.tenant_discovery_endpoint}`);else if(Kp(i.body)){if(this.logger.warning(`A CloudInstanceDiscoveryErrorResponse was returned. The cloud instance discovery network request's status code is: ${i.status}`),s=i.body,s.error===C.INVALID_INSTANCE)return this.logger.error("The CloudInstanceDiscoveryErrorResponse error is invalid_instance."),null;this.logger.warning(`The CloudInstanceDiscoveryErrorResponse error is ${s.error}`),this.logger.warning(`The CloudInstanceDiscoveryErrorResponse error description is ${s.error_description}`),this.logger.warning("Setting the value of the CloudInstanceDiscoveryMetadata (returned from the network) to []"),a=[]}else return this.logger.error("AAD did not return a CloudInstanceDiscoveryResponse or CloudInstanceDiscoveryErrorResponse"),null;this.logger.verbose("Attempting to find a match between the developer's authority and the CloudInstanceDiscoveryMetadata returned from the network request."),r=Xr(a,this.hostnameAndPort)}catch(i){if(i instanceof Z)this.logger.error(`There was a network error while attempting to get the cloud discovery instance metadata.
	+*/let pi;const Ca=typeof window<"u"&&window.trustedTypes;if(Ca)try{pi=Ca.createPolicy("vue",{createHTML:n=>n})}catch{}const dl=pi?n=>pi.createHTML(n):n=>n,kf="http://www.w3.org/2000/svg",Rf="http://www.w3.org/1998/Math/MathML",Rt=typeof document<"u"?document:null,ya=Rt&&Rt.createElement("template"),Of={insert:(n,e,t)=>{e.insertBefore(n,t\|\|null)},remove:n=>{const e=n.parentNode;e&&e.removeChild(n)},createElement:(n,e,t,r)=>{const o=e==="svg"?Rt.createElementNS(kf,n):e==="mathml"?Rt.createElementNS(Rf,n):t?Rt.createElement(n,{is:t}):Rt.createElement(n);return n==="select"&&r&&r.multiple!=null&&o.setAttribute("multiple",r.multiple),o},createText:n=>Rt.createTextNode(n),createComment:n=>Rt.createComment(n),setText:(n,e)=>{n.nodeValue=e},setElementText:(n,e)=>{n.textContent=e},parentNode:n=>n.parentNode,nextSibling:n=>n.nextSibling,querySelector:n=>Rt.querySelector(n),setScopeId(n,e){n.setAttribute(e,"")},insertStaticContent(n,e,t,r,o,i){const s=t?t.previousSibling:e.lastChild;if(o&&(o===i\|\|o.nextSibling))for(;e.insertBefore(o.cloneNode(!0),t),!(o===i\|\|!(o=o.nextSibling)););else{ya.innerHTML=dl(r==="svg"?`<svg>${n}</svg>`:r==="mathml"?`<math>${n}</math>`:n);const a=ya.content;if(r==="svg"\|\|r==="mathml"){const c=a.firstChild;for(;c.firstChild;)a.appendChild(c.firstChild);a.removeChild(c)}e.insertBefore(a,t)}return[s?s.nextSibling:e.firstChild,t?t.previousSibling:e.lastChild]}},Pf=Symbol("_vtc");function Nf(n,e,t){const r=n[Pf];r&&(e=(e?[e,...r]:[...r]).join(" ")),e==null?n.removeAttribute("class"):t?n.setAttribute("class",e):n.className=e}const Ta=Symbol("_vod"),Mf=Symbol("_vsh"),xf=Symbol(""),Hf=/(^\|;)\sdisplay\s:/;function Lf(n,e,t){const r=n.style,o=pe(t);let i=!1;if(t&&!o){if(e)if(pe(e))for(const s of e.split(";")){const a=s.slice(0,s.indexOf(":")).trim();t[a]==null&&Dr(r,a,"")}else for(const s in e)t[s]==null&&Dr(r,s,"");for(const s in t)s==="display"&&(i=!0),Dr(r,s,t[s])}else if(o){if(e!==t){const s=r[xf];s&&(t+=";"+s),r.cssText=t,i=Hf.test(t)}}else e&&n.removeAttribute("style");Ta in n&&(n[Ta]=i?r.display:"",n[Mf]&&(r.display="none"))}const Aa=/\s!important$/;function Dr(n,e,t){if(K(t))t.forEach(r=>Dr(n,e,r));else if(t==null&&(t=""),e.startsWith("--"))n.setProperty(e,t);else{const r=Uf(n,e);Aa.test(t)?n.setProperty(Cn(r),t.replace(Aa,""),"important"):n[r]=t}}const va=["Webkit","Moz","ms"],Xo={};function Uf(n,e){const t=Xo[e];if(t)return t;let r=Wt(e);if(r!=="filter"&&r in n)return Xo[e]=r;r=dc(r);for(let o=0;o<va.length;o++){const i=va[o]+r;if(i in n)return Xo[e]=i}return e}const wa="http://www.w3.org/1999/xlink";function Ia(n,e,t,r,o,i=$h(e)){r&&e.startsWith("xlink:")?t==null?n.removeAttributeNS(wa,e.slice(6,e.length)):n.setAttributeNS(wa,e,t):t==null\|\|i&&!uc(t)?n.removeAttribute(e):n.setAttribute(e,i?"":Jt(t)?String(t):t)}function Ea(n,e,t,r,o){if(e==="innerHTML"\|\|e==="textContent"){t!=null&&(n[e]=e==="innerHTML"?dl(t):t);return}const i=n.tagName;if(e==="value"&&i!=="PROGRESS"&&!i.includes("-")){const a=i==="OPTION"?n.getAttribute("value")\|\|"":n.value,c=t==null?n.type==="checkbox"?"on":"":String(t);(a!==c\|\|!("_value"in n))&&(n.value=c),t==null&&n.removeAttribute(e),n._value=t;return}let s=!1;if(t===""\|\|t==null){const a=typeof n[e];a==="boolean"?t=uc(t):t==null&&a==="string"?(t="",s=!0):a==="number"&&(t=0,s=!0)}try{n[e]=t}catch{}s&&n.removeAttribute(o\|\|e)}function Df(n,e,t,r){n.addEventListener(e,t,r)}function Ff(n,e,t,r){n.removeEventListener(e,t,r)}const _a=Symbol("_vei");function Kf(n,e,t,r,o=null){const i=n[_a]\|\|(n[_a]={}),s=i[e];if(r&&s)s.value=r;else{const[a,c]=Bf(e);if(r){const d=i[e]=zf(r,o);Df(n,a,d,c)}else s&&(Ff(n,a,s,c),i[e]=void 0)}}const Sa=/(?:Once\|Passive\|Capture)$/;function Bf(n){let e;if(Sa.test(n)){e={};let r;for(;r=n.match(Sa);)n=n.slice(0,n.length-r[0].length),e[r[0].toLowerCase()]=!0}return[n[2]===":"?n.slice(3):Cn(n.slice(2)),e]}let Zo=0;const Gf=Promise.resolve(),$f=()=>Zo\|\|(Gf.then(()=>Zo=0),Zo=Date.now());function zf(n,e){const t=r=>{if(!r._vts)r._vts=Date.now();else if(r._vts<=t.attached)return;wt(qf(r,t.value),e,5,[r])};return t.value=n,t.attached=$f(),t}function qf(n,e){if(K(e)){const t=n.stopImmediatePropagation;return n.stopImmediatePropagation=()=>{t.call(n),n._stopped=!0},e.map(r=>o=>!o._stopped&&r&&r(o))}else return e}const ba=n=>n.charCodeAt(0)===111&&n.charCodeAt(1)===110&&n.charCodeAt(2)>96&&n.charCodeAt(2)<123,Vf=(n,e,t,r,o,i)=>{const s=o==="svg";e==="class"?Nf(n,r,s):e==="style"?Lf(n,t,r):lo(e)?Hi(e)\|\|Kf(n,e,t,r,i):(e[0]==="."?(e=e.slice(1),!0):e[0]==="^"?(e=e.slice(1),!1):jf(n,e,r,s))?(Ea(n,e,r),!n.tagName.includes("-")&&(e==="value"\|\|e==="checked"\|\|e==="selected")&&Ia(n,e,r,s,i,e!=="value")):n._isVueCE&&(/[A-Z]/.test(e)\|\|!pe(r))?Ea(n,Wt(e),r,i,e):(e==="true-value"?n._trueValue=r:e==="false-value"&&(n._falseValue=r),Ia(n,e,r,s))};function jf(n,e,t,r){if(r)return!!(e==="innerHTML"\|\|e==="textContent"\|\|e in n&&ba(e)&&$(t));if(e==="spellcheck"\|\|e==="draggable"\|\|e==="translate"\|\|e==="form"\|\|e==="list"&&n.tagName==="INPUT"\|\|e==="type"&&n.tagName==="TEXTAREA")return!1;if(e==="width"\|\|e==="height"){const o=n.tagName;if(o==="IMG"\|\|o==="VIDEO"\|\|o==="CANVAS"\|\|o==="SOURCE")return!1}return ba(e)&&pe(t)?!1:e in n}const Wf=De({patchProp:Vf},Of);let ka;function Yf(){return ka\|\|(ka=Zu(Wf))}const Qf=(...n)=>{const e=Yf().createApp(...n),{mount:t}=e;return e.mount=r=>{const o=Xf(r);if(!o)return;const i=e._component;!$(i)&&!i.render&&!i.template&&(i.template=o.innerHTML),o.nodeType===1&&(o.textContent="");const s=t(o,!1,Jf(o));return o instanceof Element&&(o.removeAttribute("v-cloak"),o.setAttribute("data-v-app","")),s},e};function Jf(n){if(n instanceof SVGElement)return"svg";if(typeof MathMLElement=="function"&&n instanceof MathMLElement)return"mathml"}function Xf(n){return pe(n)?document.querySelector(n):n}function Xe(n){const e=Office.context.displayLanguage;let t="";e in kn&&n in kn[e]?t=kn[e][n]:t=n;for(let r=1;r<arguments.length;r++)t=t.replace("%"+r,arguments[r]);return t}function Ze(n,e){const t=Office.context.displayLanguage;let r="";t in kn&&e in kn[t]?r=kn[t][e]:r=e;for(let o=2;o<arguments.length;o++)r=r.replace("%"+o,arguments[o]);return e}/! @azure/msal-common v15.4.0 2025-03-25 /const C={LIBRARY_NAME:"MSAL.JS",SKU:"msal.js.common",CACHE_PREFIX:"msal",DEFAULT_AUTHORITY:"https://login.microsoftonline.com/common/",DEFAULT_AUTHORITY_HOST:"login.microsoftonline.com",DEFAULT_COMMON_TENANT:"common",ADFS:"adfs",DSTS:"dstsv2",AAD_INSTANCE_DISCOVERY_ENDPT:"https://login.microsoftonline.com/common/discovery/instance?api-version=1.1&authorization_endpoint=",CIAM_AUTH_URL:".ciamlogin.com",AAD_TENANT_DOMAIN_SUFFIX:".onmicrosoft.com",RESOURCE_DELIM:"\|",NO_ACCOUNT:"NO_ACCOUNT",CLAIMS:"claims",CONSUMER_UTID:"9188040d-6c67-4c5b-b112-36a304b66dad",OPENID_SCOPE:"openid",PROFILE_SCOPE:"profile",OFFLINE_ACCESS_SCOPE:"offline_access",EMAIL_SCOPE:"email",CODE_GRANT_TYPE:"authorization_code",RT_GRANT_TYPE:"refresh_token",S256_CODE_CHALLENGE_METHOD:"S256",URL_FORM_CONTENT_TYPE:"application/x-www-form-urlencoded;charset=utf-8",AUTHORIZATION_PENDING:"authorization_pending",NOT_DEFINED:"not_defined",EMPTY_STRING:"",NOT_APPLICABLE:"N/A",NOT_AVAILABLE:"Not Available",FORWARD_SLASH:"/",IMDS_ENDPOINT:"http://169.254.169.254/metadata/instance/compute/location",IMDS_VERSION:"2020-06-01",IMDS_TIMEOUT:2e3,AZURE_REGION_AUTO_DISCOVER_FLAG:"TryAutoDetect",REGIONAL_AUTH_PUBLIC_CLOUD_SUFFIX:"login.microsoft.com",KNOWN_PUBLIC_CLOUDS:["login.microsoftonline.com","login.windows.net","login.microsoft.com","sts.windows.net"],SHR_NONCE_VALIDITY:240,INVALID_INSTANCE:"invalid_instance"},Sr={CLIENT_ERROR_RANGE_START:400,CLIENT_ERROR_RANGE_END:499,SERVER_ERROR_RANGE_START:500,SERVER_ERROR_RANGE_END:599},yn=[C.OPENID_SCOPE,C.PROFILE_SCOPE,C.OFFLINE_ACCESS_SCOPE],Ra=[...yn,C.EMAIL_SCOPE],Me={CONTENT_TYPE:"Content-Type",CONTENT_LENGTH:"Content-Length",RETRY_AFTER:"Retry-After",CCS_HEADER:"X-AnchorMailbox",WWWAuthenticate:"WWW-Authenticate",AuthenticationInfo:"Authentication-Info",X_MS_REQUEST_ID:"x-ms-request-id",X_MS_HTTP_VERSION:"x-ms-httpver"},Oa={ACTIVE_ACCOUNT_FILTERS:"active-account-filters"},qt={COMMON:"common",ORGANIZATIONS:"organizations",CONSUMERS:"consumers"},br={ACCESS_TOKEN:"access_token",XMS_CC:"xms_cc"},ve={LOGIN:"login",SELECT_ACCOUNT:"select_account",CONSENT:"consent",NONE:"none",CREATE:"create",NO_SESSION:"no_session"},Pa={PLAIN:"plain",S256:"S256"},hl={CODE:"code",IDTOKEN_TOKEN_REFRESHTOKEN:"id_token token refresh_token"},To={QUERY:"query",FRAGMENT:"fragment"},Zf={QUERY:"query"},ul={AUTHORIZATION_CODE_GRANT:"authorization_code",REFRESH_TOKEN_GRANT:"refresh_token"},kr={MSSTS_ACCOUNT_TYPE:"MSSTS",ADFS_ACCOUNT_TYPE:"ADFS",GENERIC_ACCOUNT_TYPE:"Generic"},ke={CACHE_KEY_SEPARATOR:"-",CLIENT_INFO_SEPARATOR:"."},B={ID_TOKEN:"IdToken",ACCESS_TOKEN:"AccessToken",ACCESS_TOKEN_WITH_AUTH_SCHEME:"AccessToken_With_AuthScheme",REFRESH_TOKEN:"RefreshToken"},Zi="appmetadata",eg="client_info",rr="1",jr={CACHE_KEY:"authority-metadata",REFRESH_TIME_SECONDS:360024},qe={CONFIG:"config",CACHE:"cache",NETWORK:"network",HARDCODED_VALUES:"hardcoded_values"},Ae={SCHEMA_VERSION:5,MAX_LAST_HEADER_BYTES:330,MAX_CACHED_ERRORS:50,CACHE_KEY:"server-telemetry",CATEGORY_SEPARATOR:"\|",VALUE_SEPARATOR:",",OVERFLOW_TRUE:"1",OVERFLOW_FALSE:"0",UNKNOWN_ERROR:"unknown_error"},X={BEARER:"Bearer",POP:"pop",SSH:"ssh-cert"},or={DEFAULT_THROTTLE_TIME_SECONDS:60,DEFAULT_MAX_THROTTLE_TIME_SECONDS:3600,THROTTLING_PREFIX:"throttling",X_MS_LIB_CAPABILITY_VALUE:"retry-after, h429"},Na={INVALID_GRANT_ERROR:"invalid_grant",CLIENT_MISMATCH_ERROR:"client_mismatch"},Rr={httpSuccess:200,httpBadRequest:400},In={FAILED_AUTO_DETECTION:"1",INTERNAL_CACHE:"2",ENVIRONMENT_VARIABLE:"3",IMDS:"4"},ei={CONFIGURED_NO_AUTO_DETECTION:"2",AUTO_DETECTION_REQUESTED_SUCCESSFUL:"4",AUTO_DETECTION_REQUESTED_FAILED:"5"},cn={NOT_APPLICABLE:"0",FORCE_REFRESH_OR_CLAIMS:"1",NO_CACHED_ACCESS_TOKEN:"2",CACHED_ACCESS_TOKEN_EXPIRED:"3",PROACTIVELY_REFRESHED:"4"},tg={Pop:"pop"},ng=300;/! @azure/msal-common v15.4.0 2025-03-25 /const es="unexpected_error",rg="post_request_failed";/! @azure/msal-common v15.4.0 2025-03-25 /const Ma={[es]:"Unexpected error in authentication.",[rg]:"Post request failed from the network, could be a 4xx/5xx or a network unavailability. Please check the exact error code for details."};class Z extends Error{constructor(e,t,r){const o=t?`${e}: ${t}`:e;super(o),Object.setPrototypeOf(this,Z.prototype),this.errorCode=e\|\|C.EMPTY_STRING,this.errorMessage=t\|\|C.EMPTY_STRING,this.subError=r\|\|C.EMPTY_STRING,this.name="AuthError"}setCorrelationId(e){this.correlationId=e}}function fl(n,e){return new Z(n,e?`${Ma[n]} ${e}`:Ma[n])}/! @azure/msal-common v15.4.0 2025-03-25 /const ts="client_info_decoding_error",gl="client_info_empty_error",ns="token_parsing_error",Wr="null_or_empty_token",Ot="endpoints_resolution_error",pl="network_error",ml="openid_config_error",Cl="hash_not_deserialized",Un="invalid_state",yl="state_mismatch",mi="state_not_found",Tl="nonce_mismatch",rs="auth_time_not_found",Al="max_age_transpired",og="multiple_matching_tokens",ig="multiple_matching_accounts",vl="multiple_matching_appMetadata",wl="request_cannot_be_made",Il="cannot_remove_empty_scope",El="cannot_append_scopeset",Ci="empty_input_scopeset",sg="device_code_polling_cancelled",ag="device_code_expired",cg="device_code_unknown_error",os="no_account_in_silent_request",_l="invalid_cache_record",is="invalid_cache_environment",Yr="no_account_found",yi="no_crypto_object",Ti="unexpected_credential_type",lg="invalid_assertion",dg="invalid_client_credential",Vt="token_refresh_required",hg="user_timeout_reached",Sl="token_claims_cnf_required_for_signedjwt",bl="authorization_code_missing_from_server_response",kl="binding_key_not_removed",Rl="end_session_endpoint_not_supported",ss="key_id_missing",Ol="no_network_connectivity",Pl="user_canceled",ug="missing_tenant_id_error",z="method_not_implemented",Ai="nested_app_auth_bridge_disabled";/! @azure/msal-common v15.4.0 2025-03-25 /const xa={[ts]:"The client info could not be parsed/decoded correctly",[gl]:"The client info was empty",[ns]:"Token cannot be parsed",[Wr]:"The token is null or empty",[Ot]:"Endpoints cannot be resolved",[pl]:"Network request failed",[ml]:"Could not retrieve endpoints. Check your authority and verify the .well-known/openid-configuration endpoint returns the required endpoints.",[Cl]:"The hash parameters could not be deserialized",[Un]:"State was not the expected format",[yl]:"State mismatch error",[mi]:"State not found",[Tl]:"Nonce mismatch error",[rs]:"Max Age was requested and the ID token is missing the auth_time variable. auth_time is an optional claim and is not enabled by default - it must be enabled. See https://aka.ms/msaljs/optional-claims for more information.",[Al]:"Max Age is set to 0, or too much time has elapsed since the last end-user authentication.",[og]:"The cache contains multiple tokens satisfying the requirements. Call AcquireToken again providing more requirements such as authority or account.",[ig]:"The cache contains multiple accounts satisfying the given parameters. Please pass more info to obtain the correct account",[vl]:"The cache contains multiple appMetadata satisfying the given parameters. Please pass more info to obtain the correct appMetadata",[wl]:"Token request cannot be made without authorization code or refresh token.",[Il]:"Cannot remove null or empty scope from ScopeSet",[El]:"Cannot append ScopeSet",[Ci]:"Empty input ScopeSet cannot be processed",[sg]:"Caller has cancelled token endpoint polling during device code flow by setting DeviceCodeRequest.cancel = true.",[ag]:"Device code is expired.",[cg]:"Device code stopped polling for unknown reasons.",[os]:"Please pass an account object, silent flow is not supported without account information",[_l]:"Cache record object was null or undefined.",[is]:"Invalid environment when attempting to create cache entry",[Yr]:"No account found in cache for given key.",[yi]:"No crypto object detected.",[Ti]:"Unexpected credential type.",[lg]:"Client assertion must meet requirements described in https://tools.ietf.org/html/rfc7515",[dg]:"Client credential (secret, certificate, or assertion) must not be empty when creating a confidential client. An application should at most have one credential",[Vt]:"Cannot return token from cache because it must be refreshed. This may be due to one of the following reasons: forceRefresh parameter is set to true, claims have been requested, there is no cached access token or it is expired.",[hg]:"User defined timeout for device code polling reached",[Sl]:"Cannot generate a POP jwt if the token_claims are not populated",[bl]:"Server response does not contain an authorization code to proceed",[kl]:"Could not remove the credential's binding key from storage.",[Rl]:"The provided authority does not support logout",[ss]:"A keyId value is missing from the requested bound token's cache record and is required to match the token to it's stored binding key.",[Ol]:"No network connectivity. Check your internet connection.",[Pl]:"User cancelled the flow.",[ug]:"A tenant id - not common, organizations, or consumers - must be specified when using the client_credentials flow.",[z]:"This method has not been implemented",[Ai]:"The nested app auth bridge is disabled"};class Gt extends Z{constructor(e,t){super(e,t?`${xa[e]}: ${t}`:xa[e]),this.name="ClientAuthError",Object.setPrototypeOf(this,Gt.prototype)}}function v(n,e){return new Gt(n,e)}/! @azure/msal-common v15.4.0 2025-03-25 /const ur={createNewGuid:()=>{throw v(z)},base64Decode:()=>{throw v(z)},base64Encode:()=>{throw v(z)},base64UrlEncode:()=>{throw v(z)},encodeKid:()=>{throw v(z)},async getPublicKeyThumbprint(){throw v(z)},async removeTokenBindingKey(){throw v(z)},async clearKeystore(){throw v(z)},async signJwt(){throw v(z)},async hashString(){throw v(z)}};/! @azure/msal-common v15.4.0 2025-03-25 /var he;(function(n){n[n.Error=0]="Error",n[n.Warning=1]="Warning",n[n.Info=2]="Info",n[n.Verbose=3]="Verbose",n[n.Trace=4]="Trace"})(he\|\|(he={}));class Ht{constructor(e,t,r){this.level=he.Info;const o=()=>{},i=e\|\|Ht.createDefaultLoggerOptions();this.localCallback=i.loggerCallback\|\|o,this.piiLoggingEnabled=i.piiLoggingEnabled\|\|!1,this.level=typeof i.logLevel=="number"?i.logLevel:he.Info,this.correlationId=i.correlationId\|\|C.EMPTY_STRING,this.packageName=t\|\|C.EMPTY_STRING,this.packageVersion=r\|\|C.EMPTY_STRING}static createDefaultLoggerOptions(){return{loggerCallback:()=>{},piiLoggingEnabled:!1,logLevel:he.Info}}clone(e,t,r){return new Ht({loggerCallback:this.localCallback,piiLoggingEnabled:this.piiLoggingEnabled,logLevel:this.level,correlationId:r\|\|this.correlationId},e,t)}logMessage(e,t){if(t.logLevel>this.level\|\|!this.piiLoggingEnabled&&t.containsPii)return;const i=`${`[${new Date().toUTCString()}] : [${t.correlationId\|\|this.correlationId\|\|""}]`} : ${this.packageName}@${this.packageVersion} : ${he[t.logLevel]} - ${e}`;this.executeCallback(t.logLevel,i,t.containsPii\|\|!1)}executeCallback(e,t,r){this.localCallback&&this.localCallback(e,t,r)}error(e,t){this.logMessage(e,{logLevel:he.Error,containsPii:!1,correlationId:t\|\|C.EMPTY_STRING})}errorPii(e,t){this.logMessage(e,{logLevel:he.Error,containsPii:!0,correlationId:t\|\|C.EMPTY_STRING})}warning(e,t){this.logMessage(e,{logLevel:he.Warning,containsPii:!1,correlationId:t\|\|C.EMPTY_STRING})}warningPii(e,t){this.logMessage(e,{logLevel:he.Warning,containsPii:!0,correlationId:t\|\|C.EMPTY_STRING})}info(e,t){this.logMessage(e,{logLevel:he.Info,containsPii:!1,correlationId:t\|\|C.EMPTY_STRING})}infoPii(e,t){this.logMessage(e,{logLevel:he.Info,containsPii:!0,correlationId:t\|\|C.EMPTY_STRING})}verbose(e,t){this.logMessage(e,{logLevel:he.Verbose,containsPii:!1,correlationId:t\|\|C.EMPTY_STRING})}verbosePii(e,t){this.logMessage(e,{logLevel:he.Verbose,containsPii:!0,correlationId:t\|\|C.EMPTY_STRING})}trace(e,t){this.logMessage(e,{logLevel:he.Trace,containsPii:!1,correlationId:t\|\|C.EMPTY_STRING})}tracePii(e,t){this.logMessage(e,{logLevel:he.Trace,containsPii:!0,correlationId:t\|\|C.EMPTY_STRING})}isPiiLoggingEnabled(){return this.piiLoggingEnabled\|\|!1}}/! @azure/msal-common v15.4.0 2025-03-25 /const Nl="@azure/msal-common",as="15.4.0";/! @azure/msal-common v15.4.0 2025-03-25 /const cs={None:"none"};/! @azure/msal-common v15.4.0 2025-03-25 /function Yt(n,e){const t=fg(n);try{const r=e(t);return JSON.parse(r)}catch{throw v(ns)}}function fg(n){if(!n)throw v(Wr);const t=/^([^\.\s])\.([^\.\s]+)\.([^\.\s])$/.exec(n);if(!t\|\|t.length<4)throw v(ns);return t[2]}function Ml(n,e){if(e===0\|\|Date.now()-3e5>n+e)throw v(Al)}/! @azure/msal-common v15.4.0 2025-03-25 /function Fe(){return Math.round(new Date().getTime()/1e3)}function Ha(n){return n.getTime()/1e3}function xt(n){return n?new Date(Number(n)1e3):new Date}function Qr(n,e){const t=Number(n)\|\|0;return Fe()+e>t}function xl(n){return Number(n)>Fe()}/! @azure/msal-common v15.4.0 2025-03-25 /function ir(n){return[Cg(n),yg(n),Tg(n),Ag(n),vg(n)].join(ke.CACHE_KEY_SEPARATOR).toLowerCase()}function Ao(n,e,t,r,o){return{credentialType:B.ID_TOKEN,homeAccountId:n,environment:e,clientId:r,secret:t,realm:o}}function vo(n,e,t,r,o,i,s,a,c,d,l,h,p,y,b){var q,D;const S={homeAccountId:n,credentialType:B.ACCESS_TOKEN,secret:t,cachedAt:Fe().toString(),expiresOn:s.toString(),extendedExpiresOn:a.toString(),environment:e,clientId:r,realm:o,target:i,tokenType:l\|\|X.BEARER};if(h&&(S.userAssertionHash=h),d&&(S.refreshOn=d.toString()),y&&(S.requestedClaims=y,S.requestedClaimsHash=b),((q=S.tokenType)==null?void 0:q.toLowerCase())!==X.BEARER.toLowerCase())switch(S.credentialType=B.ACCESS_TOKEN_WITH_AUTH_SCHEME,S.tokenType){case X.POP:const V=Yt(t,c);if(!((D=V==null?void 0:V.cnf)!=null&&D.kid))throw v(Sl);S.keyId=V.cnf.kid;break;case X.SSH:S.keyId=p}return S}function Hl(n,e,t,r,o,i,s){const a={credentialType:B.REFRESH_TOKEN,homeAccountId:n,environment:e,clientId:r,secret:t};return i&&(a.userAssertionHash=i),o&&(a.familyId=o),s&&(a.expiresOn=s.toString()),a}function ls(n){return n.hasOwnProperty("homeAccountId")&&n.hasOwnProperty("environment")&&n.hasOwnProperty("credentialType")&&n.hasOwnProperty("clientId")&&n.hasOwnProperty("secret")}function gg(n){return n?ls(n)&&n.hasOwnProperty("realm")&&n.hasOwnProperty("target")&&(n.credentialType===B.ACCESS_TOKEN\|\|n.credentialType===B.ACCESS_TOKEN_WITH_AUTH_SCHEME):!1}function pg(n){return n?ls(n)&&n.hasOwnProperty("realm")&&n.credentialType===B.ID_TOKEN:!1}function mg(n){return n?ls(n)&&n.credentialType===B.REFRESH_TOKEN:!1}function Cg(n){return[n.homeAccountId,n.environment].join(ke.CACHE_KEY_SEPARATOR).toLowerCase()}function yg(n){const e=n.credentialType===B.REFRESH_TOKEN&&n.familyId\|\|n.clientId;return[n.credentialType,e,n.realm\|\|""].join(ke.CACHE_KEY_SEPARATOR).toLowerCase()}function Tg(n){return(n.target\|\|"").toLowerCase()}function Ag(n){return(n.requestedClaimsHash\|\|"").toLowerCase()}function vg(n){return n.tokenType&&n.tokenType.toLowerCase()!==X.BEARER.toLowerCase()?n.tokenType.toLowerCase():""}function wg(n,e){const t=n.indexOf(Ae.CACHE_KEY)===0;let r=!0;return e&&(r=e.hasOwnProperty("failedRequests")&&e.hasOwnProperty("errors")&&e.hasOwnProperty("cacheHits")),t&&r}function Ig(n,e){let t=!1;n&&(t=n.indexOf(or.THROTTLING_PREFIX)===0);let r=!0;return e&&(r=e.hasOwnProperty("throttleTime")),t&&r}function Eg({environment:n,clientId:e}){return[Zi,n,e].join(ke.CACHE_KEY_SEPARATOR).toLowerCase()}function _g(n,e){return e?n.indexOf(Zi)===0&&e.hasOwnProperty("clientId")&&e.hasOwnProperty("environment"):!1}function Sg(n,e){return e?n.indexOf(jr.CACHE_KEY)===0&&e.hasOwnProperty("aliases")&&e.hasOwnProperty("preferred_cache")&&e.hasOwnProperty("preferred_network")&&e.hasOwnProperty("canonical_authority")&&e.hasOwnProperty("authorization_endpoint")&&e.hasOwnProperty("token_endpoint")&&e.hasOwnProperty("issuer")&&e.hasOwnProperty("aliasesFromNetwork")&&e.hasOwnProperty("endpointsFromNetwork")&&e.hasOwnProperty("expiresAt")&&e.hasOwnProperty("jwks_uri"):!1}function La(){return Fe()+jr.REFRESH_TIME_SECONDS}function Or(n,e,t){n.authorization_endpoint=e.authorization_endpoint,n.token_endpoint=e.token_endpoint,n.end_session_endpoint=e.end_session_endpoint,n.issuer=e.issuer,n.endpointsFromNetwork=t,n.jwks_uri=e.jwks_uri}function ti(n,e,t){n.aliases=e.aliases,n.preferred_cache=e.preferred_cache,n.preferred_network=e.preferred_network,n.aliasesFromNetwork=t}function Ua(n){return n.expiresAt<=Fe()}/! @azure/msal-common v15.4.0 2025-03-25 /const Ll="redirect_uri_empty",bg="claims_request_parsing_error",Ul="authority_uri_insecure",Qn="url_parse_error",Dl="empty_url_error",Fl="empty_input_scopes_error",Kl="invalid_prompt_value",wo="invalid_claims",Bl="token_request_empty",Gl="logout_request_empty",$l="invalid_code_challenge_method",Io="pkce_params_missing",ds="invalid_cloud_discovery_metadata",zl="invalid_authority_metadata",ql="untrusted_authority",Eo="missing_ssh_jwk",Vl="missing_ssh_kid",kg="missing_nonce_authentication_header",Rg="invalid_authentication_header",jl="cannot_set_OIDCOptions",Wl="cannot_allow_platform_broker",Yl="authority_mismatch";/! @azure/msal-common v15.4.0 2025-03-25 /const Og={[Ll]:"A redirect URI is required for all calls, and none has been set.",[bg]:"Could not parse the given claims request object.",[Ul]:"Authority URIs must use https. Please see here for valid authority configuration options: https://docs.microsoft.com/en-us/azure/active-directory/develop/msal-js-initializing-client-applications#configuration-options",[Qn]:"URL could not be parsed into appropriate segments.",[Dl]:"URL was empty or null.",[Fl]:"Scopes cannot be passed as null, undefined or empty array because they are required to obtain an access token.",[Kl]:"Please see here for valid configuration options: https://azuread.github.io/microsoft-authentication-library-for-js/ref/modules/_azure_msal_common.html#commonauthorizationurlrequest",[wo]:"Given claims parameter must be a stringified JSON object.",[Bl]:"Token request was empty and not found in cache.",[Gl]:"The logout request was null or undefined.",[$l]:'code_challenge_method passed is invalid. Valid values are "plain" and "S256".',[Io]:"Both params: code_challenge and code_challenge_method are to be passed if to be sent in the request",[ds]:"Invalid cloudDiscoveryMetadata provided. Must be a stringified JSON object containing tenant_discovery_endpoint and metadata fields",[zl]:"Invalid authorityMetadata provided. Must by a stringified JSON object containing authorization_endpoint, token_endpoint, issuer fields.",[ql]:"The provided authority is not a trusted authority. Please include this authority in the knownAuthorities config parameter.",[Eo]:"Missing sshJwk in SSH certificate request. A stringified JSON Web Key is required when using the SSH authentication scheme.",[Vl]:"Missing sshKid in SSH certificate request. A string that uniquely identifies the public SSH key is required when using the SSH authentication scheme.",[kg]:"Unable to find an authentication header containing server nonce. Either the Authentication-Info or WWW-Authenticate headers must be present in order to obtain a server nonce.",[Rg]:"Invalid authentication header provided",[jl]:"Cannot set OIDCOptions parameter. Please change the protocol mode to OIDC or use a non-Microsoft authority.",[Wl]:"Cannot set allowPlatformBroker parameter to true when not in AAD protocol mode.",[Yl]:"Authority mismatch error. Authority provided in login request or PublicClientApplication config does not match the environment of the provided account. Please use a matching account or make an interactive request to login to this authority."};class hs extends Z{constructor(e){super(e,Og[e]),this.name="ClientConfigurationError",Object.setPrototypeOf(this,hs.prototype)}}function oe(n){return new hs(n)}/! @azure/msal-common v15.4.0 2025-03-25 /class at{static isEmptyObj(e){if(e)try{const t=JSON.parse(e);return Object.keys(t).length===0}catch{}return!0}static startsWith(e,t){return e.indexOf(t)===0}static endsWith(e,t){return e.length>=t.length&&e.lastIndexOf(t)===e.length-t.length}static queryStringToObject(e){const t={},r=e.split("&"),o=i=>decodeURIComponent(i.replace(/\+/g," "));return r.forEach(i=>{if(i.trim()){const[s,a]=i.split(/=(.+)/g,2);s&&a&&(t[o(s)]=o(a))}}),t}static trimArrayEntries(e){return e.map(t=>t.trim())}static removeEmptyStringsFromArray(e){return e.filter(t=>!!t)}static jsonParseHelper(e){try{return JSON.parse(e)}catch{return null}}static matchPattern(e,t){return new RegExp(e.replace(/\\/g,"\\\\").replace(/\/g,"[^ ]").replace(/\?/g,"\\?")).test(t)}}/! @azure/msal-common v15.4.0 2025-03-25 /class fe{constructor(e){const t=e?at.trimArrayEntries([...e]):[],r=t?at.removeEmptyStringsFromArray(t):[];if(!r\|\|!r.length)throw oe(Fl);this.scopes=new Set,r.forEach(o=>this.scopes.add(o))}static fromString(e){const r=(e\|\|C.EMPTY_STRING).split(" ");return new fe(r)}static createSearchScopes(e){const t=new fe(e);return t.containsOnlyOIDCScopes()?t.removeScope(C.OFFLINE_ACCESS_SCOPE):t.removeOIDCScopes(),t}containsScope(e){const t=this.printScopesLowerCase().split(" "),r=new fe(t);return e?r.scopes.has(e.toLowerCase()):!1}containsScopeSet(e){return!e\|\|e.scopes.size<=0?!1:this.scopes.size>=e.scopes.size&&e.asArray().every(t=>this.containsScope(t))}containsOnlyOIDCScopes(){let e=0;return Ra.forEach(t=>{this.containsScope(t)&&(e+=1)}),this.scopes.size===e}appendScope(e){e&&this.scopes.add(e.trim())}appendScopes(e){try{e.forEach(t=>this.appendScope(t))}catch{throw v(El)}}removeScope(e){if(!e)throw v(Il);this.scopes.delete(e.trim())}removeOIDCScopes(){Ra.forEach(e=>{this.scopes.delete(e)})}unionScopeSets(e){if(!e)throw v(Ci);const t=new Set;return e.scopes.forEach(r=>t.add(r.toLowerCase())),this.scopes.forEach(r=>t.add(r.toLowerCase())),t}intersectingScopeSets(e){if(!e)throw v(Ci);e.containsOnlyOIDCScopes()\|\|e.removeOIDCScopes();const t=this.unionScopeSets(e),r=e.getScopeCount(),o=this.getScopeCount();return t.size<o+r}getScopeCount(){return this.scopes.size}asArray(){const e=[];return this.scopes.forEach(t=>e.push(t)),e}printScopes(){return this.scopes?this.asArray().join(" "):C.EMPTY_STRING}printScopesLowerCase(){return this.printScopes().toLowerCase()}}/! @azure/msal-common v15.4.0 2025-03-25 /function Jr(n,e){if(!n)throw v(gl);try{const t=e(n);return JSON.parse(t)}catch{throw v(ts)}}function xn(n){if(!n)throw v(ts);const e=n.split(ke.CLIENT_INFO_SEPARATOR,2);return{uid:e[0],utid:e.length<2?C.EMPTY_STRING:e[1]}}/! @azure/msal-common v15.4.0 2025-03-25 /function Da(n,e){return!!n&&!!e&&n===e.split(".")[1]}function _o(n,e,t,r){if(r){const{oid:o,sub:i,tid:s,name:a,tfp:c,acr:d}=r,l=s\|\|c\|\|d\|\|"";return{tenantId:l,localAccountId:o\|\|i\|\|"",name:a,isHomeTenant:Da(l,n)}}else return{tenantId:t,localAccountId:e,isHomeTenant:Da(t,n)}}function us(n,e,t,r){let o=n;if(e){const{isHomeTenant:i,...s}=e;o={...n,...s}}if(t){const{isHomeTenant:i,...s}=_o(n.homeAccountId,n.localAccountId,n.tenantId,t);return o={...o,...s,idTokenClaims:t,idToken:r},o}return o}/! @azure/msal-common v15.4.0 2025-03-25 /const rt={Default:0,Adfs:1,Dsts:2,Ciam:3};/! @azure/msal-common v15.4.0 2025-03-25 /function Ql(n){return n&&(n.tid\|\|n.tfp\|\|n.acr)\|\|null}/! @azure/msal-common v15.4.0 2025-03-25 /const Ue={AAD:"AAD",OIDC:"OIDC",EAR:"EAR"};/! @azure/msal-common v15.4.0 2025-03-25 /class Oe{generateAccountId(){return[this.homeAccountId,this.environment].join(ke.CACHE_KEY_SEPARATOR).toLowerCase()}generateAccountKey(){return Oe.generateAccountCacheKey({homeAccountId:this.homeAccountId,environment:this.environment,tenantId:this.realm,username:this.username,localAccountId:this.localAccountId})}getAccountInfo(){return{homeAccountId:this.homeAccountId,environment:this.environment,tenantId:this.realm,username:this.username,localAccountId:this.localAccountId,name:this.name,nativeAccountId:this.nativeAccountId,authorityType:this.authorityType,tenantProfiles:new Map((this.tenantProfiles\|\|[]).map(e=>[e.tenantId,e]))}}isSingleTenant(){return!this.tenantProfiles}static generateAccountCacheKey(e){const t=e.homeAccountId.split(".")[1];return[e.homeAccountId,e.environment\|\|"",t\|\|e.tenantId\|\|""].join(ke.CACHE_KEY_SEPARATOR).toLowerCase()}static createAccount(e,t,r){var d,l,h,p,y,b;const o=new Oe;t.authorityType===rt.Adfs?o.authorityType=kr.ADFS_ACCOUNT_TYPE:t.protocolMode===Ue.OIDC?o.authorityType=kr.GENERIC_ACCOUNT_TYPE:o.authorityType=kr.MSSTS_ACCOUNT_TYPE;let i;e.clientInfo&&r&&(i=Jr(e.clientInfo,r)),o.clientInfo=e.clientInfo,o.homeAccountId=e.homeAccountId,o.nativeAccountId=e.nativeAccountId;const s=e.environment\|\|t&&t.getPreferredCache();if(!s)throw v(is);o.environment=s,o.realm=(i==null?void 0:i.utid)\|\|Ql(e.idTokenClaims)\|\|"",o.localAccountId=(i==null?void 0:i.uid)\|\|((d=e.idTokenClaims)==null?void 0:d.oid)\|\|((l=e.idTokenClaims)==null?void 0:l.sub)\|\|"";const a=((h=e.idTokenClaims)==null?void 0:h.preferred_username)\|\|((p=e.idTokenClaims)==null?void 0:p.upn),c=(y=e.idTokenClaims)!=null&&y.emails?e.idTokenClaims.emails[0]:null;if(o.username=a\|\|c\|\|"",o.name=((b=e.idTokenClaims)==null?void 0:b.name)\|\|"",o.cloudGraphHostName=e.cloudGraphHostName,o.msGraphHost=e.msGraphHost,e.tenantProfiles)o.tenantProfiles=e.tenantProfiles;else{const S=_o(e.homeAccountId,o.localAccountId,o.realm,e.idTokenClaims);o.tenantProfiles=[S]}return o}static createFromAccountInfo(e,t,r){var i;const o=new Oe;return o.authorityType=e.authorityType\|\|kr.GENERIC_ACCOUNT_TYPE,o.homeAccountId=e.homeAccountId,o.localAccountId=e.localAccountId,o.nativeAccountId=e.nativeAccountId,o.realm=e.tenantId,o.environment=e.environment,o.username=e.username,o.name=e.name,o.cloudGraphHostName=t,o.msGraphHost=r,o.tenantProfiles=Array.from(((i=e.tenantProfiles)==null?void 0:i.values())\|\|[]),o}static generateHomeAccountId(e,t,r,o,i){if(!(t===rt.Adfs\|\|t===rt.Dsts)){if(e)try{const s=Jr(e,o.base64Decode);if(s.uid&&s.utid)return`${s.uid}.${s.utid}`}catch{}r.warning("No client info in response")}return(i==null?void 0:i.sub)\|\|""}static isAccountEntity(e){return e?e.hasOwnProperty("homeAccountId")&&e.hasOwnProperty("environment")&&e.hasOwnProperty("realm")&&e.hasOwnProperty("localAccountId")&&e.hasOwnProperty("username")&&e.hasOwnProperty("authorityType"):!1}static accountInfoIsEqual(e,t,r){if(!e\|\|!t)return!1;let o=!0;if(r){const i=e.idTokenClaims\|\|{},s=t.idTokenClaims\|\|{};o=i.iat===s.iat&&i.nonce===s.nonce}return e.homeAccountId===t.homeAccountId&&e.localAccountId===t.localAccountId&&e.username===t.username&&e.tenantId===t.tenantId&&e.environment===t.environment&&e.nativeAccountId===t.nativeAccountId&&o}}/! @azure/msal-common v15.4.0 2025-03-25 /function Jl(n){return n.startsWith("#/")?n.substring(2):n.startsWith("#")\|\|n.startsWith("?")?n.substring(1):n}function Xr(n){if(!n\|\|n.indexOf("=")<0)return null;try{const e=Jl(n),t=Object.fromEntries(new URLSearchParams(e));if(t.code\|\|t.ear_jwe\|\|t.error\|\|t.error_description\|\|t.state)return t}catch{throw v(Cl)}return null}function fr(n){const e=new Array;return n.forEach((t,r)=>{e.push(`${r}=${encodeURIComponent(t)}`)}),e.join("&")}/! @azure/msal-common v15.4.0 2025-03-25 /class Q{get urlString(){return this._urlString}constructor(e){if(this._urlString=e,!this._urlString)throw oe(Dl);e.includes("#")\|\|(this._urlString=Q.canonicalizeUri(e))}static canonicalizeUri(e){if(e){let t=e.toLowerCase();return at.endsWith(t,"?")?t=t.slice(0,-1):at.endsWith(t,"?/")&&(t=t.slice(0,-2)),at.endsWith(t,"/")\|\|(t+="/"),t}return e}validateAsUri(){let e;try{e=this.getUrlComponents()}catch{throw oe(Qn)}if(!e.HostNameAndPort\|\|!e.PathSegments)throw oe(Qn);if(!e.Protocol\|\|e.Protocol.toLowerCase()!=="https:")throw oe(Ul)}static appendQueryString(e,t){return t?e.indexOf("?")<0?`${e}?${t}`:`${e}&${t}`:e}static removeHashFromUrl(e){return Q.canonicalizeUri(e.split("#")[0])}replaceTenantPath(e){const t=this.getUrlComponents(),r=t.PathSegments;return e&&r.length!==0&&(r[0]===qt.COMMON\|\|r[0]===qt.ORGANIZATIONS)&&(r[0]=e),Q.constructAuthorityUriFromObject(t)}getUrlComponents(){const e=RegExp("^(([^:/?#]+):)?(//([^/?#]))?([^?#])(\\?([^#]))?(#(.))?"),t=this.urlString.match(e);if(!t)throw oe(Qn);const r={Protocol:t[1],HostNameAndPort:t[4],AbsolutePath:t[5],QueryString:t[7]};let o=r.AbsolutePath.split("/");return o=o.filter(i=>i&&i.length>0),r.PathSegments=o,r.QueryString&&r.QueryString.endsWith("/")&&(r.QueryString=r.QueryString.substring(0,r.QueryString.length-1)),r}static getDomainFromUrl(e){const t=RegExp("^([^:/?#]+://)?([^/?#])"),r=e.match(t);if(!r)throw oe(Qn);return r[2]}static getAbsoluteUrl(e,t){if(e[0]===C.FORWARD_SLASH){const o=new Q(t).getUrlComponents();return o.Protocol+"//"+o.HostNameAndPort+e}return e}static constructAuthorityUriFromObject(e){return new Q(e.Protocol+"//"+e.HostNameAndPort+"/"+e.PathSegments.join("/"))}static hashContainsKnownProperties(e){return!!Xr(e)}}/! @azure/msal-common v15.4.0 2025-03-25 /const Xl={endpointMetadata:{"login.microsoftonline.com":{token_endpoint:"https://login.microsoftonline.com/{tenantid}/oauth2/v2.0/token",jwks_uri:"https://login.microsoftonline.com/{tenantid}/discovery/v2.0/keys",issuer:"https://login.microsoftonline.com/{tenantid}/v2.0",authorization_endpoint:"https://login.microsoftonline.com/{tenantid}/oauth2/v2.0/authorize",end_session_endpoint:"https://login.microsoftonline.com/{tenantid}/oauth2/v2.0/logout"},"login.chinacloudapi.cn":{token_endpoint:"https://login.chinacloudapi.cn/{tenantid}/oauth2/v2.0/token",jwks_uri:"https://login.chinacloudapi.cn/{tenantid}/discovery/v2.0/keys",issuer:"https://login.partner.microsoftonline.cn/{tenantid}/v2.0",authorization_endpoint:"https://login.chinacloudapi.cn/{tenantid}/oauth2/v2.0/authorize",end_session_endpoint:"https://login.chinacloudapi.cn/{tenantid}/oauth2/v2.0/logout"},"login.microsoftonline.us":{token_endpoint:"https://login.microsoftonline.us/{tenantid}/oauth2/v2.0/token",jwks_uri:"https://login.microsoftonline.us/{tenantid}/discovery/v2.0/keys",issuer:"https://login.microsoftonline.us/{tenantid}/v2.0",authorization_endpoint:"https://login.microsoftonline.us/{tenantid}/oauth2/v2.0/authorize",end_session_endpoint:"https://login.microsoftonline.us/{tenantid}/oauth2/v2.0/logout"}},instanceDiscoveryMetadata:{metadata:[{preferred_network:"login.microsoftonline.com",preferred_cache:"login.windows.net",aliases:["login.microsoftonline.com","login.windows.net","login.microsoft.com","sts.windows.net"]},{preferred_network:"login.partner.microsoftonline.cn",preferred_cache:"login.partner.microsoftonline.cn",aliases:["login.partner.microsoftonline.cn","login.chinacloudapi.cn"]},{preferred_network:"login.microsoftonline.de",preferred_cache:"login.microsoftonline.de",aliases:["login.microsoftonline.de"]},{preferred_network:"login.microsoftonline.us",preferred_cache:"login.microsoftonline.us",aliases:["login.microsoftonline.us","login.usgovcloudapi.net"]},{preferred_network:"login-us.microsoftonline.com",preferred_cache:"login-us.microsoftonline.com",aliases:["login-us.microsoftonline.com"]}]}},Fa=Xl.endpointMetadata,fs=Xl.instanceDiscoveryMetadata,Zl=new Set;fs.metadata.forEach(n=>{n.aliases.forEach(e=>{Zl.add(e)})});function Pg(n,e){var o;let t;const r=n.canonicalAuthority;if(r){const i=new Q(r).getUrlComponents().HostNameAndPort;t=Ka(i,(o=n.cloudDiscoveryMetadata)==null?void 0:o.metadata,qe.CONFIG,e)\|\|Ka(i,fs.metadata,qe.HARDCODED_VALUES,e)\|\|n.knownAuthorities}return t\|\|[]}function Ka(n,e,t,r){if(r==null\|\|r.trace(`getAliasesFromMetadata called with source: ${t}`),n&&e){const o=Zr(e,n);if(o)return r==null\|\|r.trace(`getAliasesFromMetadata: found cloud discovery metadata in ${t}, returning aliases`),o.aliases;r==null\|\|r.trace(`getAliasesFromMetadata: did not find cloud discovery metadata in ${t}`)}return null}function Ng(n){return Zr(fs.metadata,n)}function Zr(n,e){for(let t=0;t<n.length;t++){const r=n[t];if(r.aliases.includes(e))return r}return null}/! @azure/msal-common v15.4.0 2025-03-25 /const ed="cache_quota_exceeded",gs="cache_error_unknown";/! @azure/msal-common v15.4.0 2025-03-25 /const ni={[ed]:"Exceeded cache storage capacity.",[gs]:"Unexpected error occurred when using cache storage."};class Hn extends Error{constructor(e,t){const r=t\|\|(ni[e]?ni[e]:ni[gs]);super(`${e}: ${r}`),Object.setPrototypeOf(this,Hn.prototype),this.name="CacheError",this.errorCode=e,this.errorMessage=r}}/! @azure/msal-common v15.4.0 2025-03-25 /class vi{constructor(e,t,r,o){this.clientId=e,this.cryptoImpl=t,this.commonLogger=r.clone(Nl,as),this.staticAuthorityOptions=o}getAllAccounts(e){return this.buildTenantProfiles(this.getAccountsFilteredBy(e\|\|{}),e)}getAccountInfoFilteredBy(e){const t=this.getAllAccounts(e);return t.length>1?t.sort(o=>o.idTokenClaims?-1:1)[0]:t.length===1?t[0]:null}getBaseAccountInfo(e){const t=this.getAccountsFilteredBy(e);return t.length>0?t[0].getAccountInfo():null}buildTenantProfiles(e,t){return e.flatMap(r=>this.getTenantProfilesFromAccountEntity(r,t==null?void 0:t.tenantId,t))}getTenantedAccountInfoByFilter(e,t,r,o){let i=null,s;if(o&&!this.tenantProfileMatchesFilter(r,o))return null;const a=this.getIdToken(e,t,r.tenantId);return a&&(s=Yt(a.secret,this.cryptoImpl.base64Decode),!this.idTokenClaimsMatchTenantProfileFilter(s,o))?null:(i=us(e,r,s,a==null?void 0:a.secret),i)}getTenantProfilesFromAccountEntity(e,t,r){const o=e.getAccountInfo();let i=o.tenantProfiles\|\|new Map;const s=this.getTokenKeys();if(t){const c=i.get(t);if(c)i=new Map([[t,c]]);else return[]}const a=[];return i.forEach(c=>{const d=this.getTenantedAccountInfoByFilter(o,s,c,r);d&&a.push(d)}),a}tenantProfileMatchesFilter(e,t){return!(t.localAccountId&&!this.matchLocalAccountIdFromTenantProfile(e,t.localAccountId)\|\|t.name&&e.name!==t.name\|\|t.isHomeTenant!==void 0&&e.isHomeTenant!==t.isHomeTenant)}idTokenClaimsMatchTenantProfileFilter(e,t){return!(t&&(t.localAccountId&&!this.matchLocalAccountIdFromTokenClaims(e,t.localAccountId)\|\|t.loginHint&&!this.matchLoginHintFromTokenClaims(e,t.loginHint)\|\|t.username&&!this.matchUsername(e.preferred_username,t.username)\|\|t.name&&!this.matchName(e,t.name)\|\|t.sid&&!this.matchSid(e,t.sid)))}async saveCacheRecord(e,t,r){var o,i,s,a;if(!e)throw v(_l);try{e.account&&await this.setAccount(e.account,t),e.idToken&&(r==null?void 0:r.idToken)!==!1&&await this.setIdTokenCredential(e.idToken,t),e.accessToken&&(r==null?void 0:r.accessToken)!==!1&&await this.saveAccessToken(e.accessToken,t),e.refreshToken&&(r==null?void 0:r.refreshToken)!==!1&&await this.setRefreshTokenCredential(e.refreshToken,t),e.appMetadata&&this.setAppMetadata(e.appMetadata)}catch(c){throw(o=this.commonLogger)==null\|\|o.error("CacheManager.saveCacheRecord: failed"),c instanceof Error?((i=this.commonLogger)==null\|\|i.errorPii(`CacheManager.saveCacheRecord: ${c.message}`,t),c.name==="QuotaExceededError"\|\|c.name==="NS_ERROR_DOM_QUOTA_REACHED"\|\|c.message.includes("exceeded the quota")?((s=this.commonLogger)==null\|\|s.error("CacheManager.saveCacheRecord: exceeded storage quota",t),new Hn(ed)):new Hn(c.name,c.message)):((a=this.commonLogger)==null\|\|a.errorPii(`CacheManager.saveCacheRecord: ${c}`,t),new Hn(gs))}}async saveAccessToken(e,t){const r={clientId:e.clientId,credentialType:e.credentialType,environment:e.environment,homeAccountId:e.homeAccountId,realm:e.realm,tokenType:e.tokenType,requestedClaimsHash:e.requestedClaimsHash},o=this.getTokenKeys(),i=fe.fromString(e.target),s=[];o.accessToken.forEach(a=>{if(!this.accessTokenKeyMatchesFilter(a,r,!1))return;const c=this.getAccessTokenCredential(a);c&&this.credentialMatchesFilter(c,r)&&fe.fromString(c.target).intersectingScopeSets(i)&&s.push(this.removeAccessToken(a))}),await Promise.all(s),await this.setAccessTokenCredential(e,t)}getAccountsFilteredBy(e){const t=this.getAccountKeys(),r=[];return t.forEach(o=>{var c;if(!this.isAccountKey(o,e.homeAccountId))return;const i=this.getAccount(o,this.commonLogger);if(!i\|\|e.homeAccountId&&!this.matchHomeAccountId(i,e.homeAccountId)\|\|e.username&&!this.matchUsername(i.username,e.username)\|\|e.environment&&!this.matchEnvironment(i,e.environment)\|\|e.realm&&!this.matchRealm(i,e.realm)\|\|e.nativeAccountId&&!this.matchNativeAccountId(i,e.nativeAccountId)\|\|e.authorityType&&!this.matchAuthorityType(i,e.authorityType))return;const s={localAccountId:e==null?void 0:e.localAccountId,name:e==null?void 0:e.name},a=(c=i.tenantProfiles)==null?void 0:c.filter(d=>this.tenantProfileMatchesFilter(d,s));a&&a.length===0\|\|r.push(i)}),r}isAccountKey(e,t,r){return!(e.split(ke.CACHE_KEY_SEPARATOR).length<3\|\|t&&!e.toLowerCase().includes(t.toLowerCase())\|\|r&&!e.toLowerCase().includes(r.toLowerCase()))}isCredentialKey(e){if(e.split(ke.CACHE_KEY_SEPARATOR).length<6)return!1;const t=e.toLowerCase();if(t.indexOf(B.ID_TOKEN.toLowerCase())===-1&&t.indexOf(B.ACCESS_TOKEN.toLowerCase())===-1&&t.indexOf(B.ACCESS_TOKEN_WITH_AUTH_SCHEME.toLowerCase())===-1&&t.indexOf(B.REFRESH_TOKEN.toLowerCase())===-1)return!1;if(t.indexOf(B.REFRESH_TOKEN.toLowerCase())>-1){const r=`${B.REFRESH_TOKEN}${ke.CACHE_KEY_SEPARATOR}${this.clientId}${ke.CACHE_KEY_SEPARATOR}`,o=`${B.REFRESH_TOKEN}${ke.CACHE_KEY_SEPARATOR}${rr}${ke.CACHE_KEY_SEPARATOR}`;if(t.indexOf(r.toLowerCase())===-1&&t.indexOf(o.toLowerCase())===-1)return!1}else if(t.indexOf(this.clientId.toLowerCase())===-1)return!1;return!0}credentialMatchesFilter(e,t){return!(t.clientId&&!this.matchClientId(e,t.clientId)\|\|t.userAssertionHash&&!this.matchUserAssertionHash(e,t.userAssertionHash)\|\|typeof t.homeAccountId=="string"&&!this.matchHomeAccountId(e,t.homeAccountId)\|\|t.environment&&!this.matchEnvironment(e,t.environment)\|\|t.realm&&!this.matchRealm(e,t.realm)\|\|t.credentialType&&!this.matchCredentialType(e,t.credentialType)\|\|t.familyId&&!this.matchFamilyId(e,t.familyId)\|\|t.target&&!this.matchTarget(e,t.target)\|\|(t.requestedClaimsHash\|\|e.requestedClaimsHash)&&e.requestedClaimsHash!==t.requestedClaimsHash\|\|e.credentialType===B.ACCESS_TOKEN_WITH_AUTH_SCHEME&&(t.tokenType&&!this.matchTokenType(e,t.tokenType)\|\|t.tokenType===X.SSH&&t.keyId&&!this.matchKeyId(e,t.keyId)))}getAppMetadataFilteredBy(e){const t=this.getKeys(),r={};return t.forEach(o=>{if(!this.isAppMetadata(o))return;const i=this.getAppMetadata(o);i&&(e.environment&&!this.matchEnvironment(i,e.environment)\|\|e.clientId&&!this.matchClientId(i,e.clientId)\|\|(r[o]=i))}),r}getAuthorityMetadataByAlias(e){const t=this.getAuthorityMetadataKeys();let r=null;return t.forEach(o=>{if(!this.isAuthorityMetadata(o)\|\|o.indexOf(this.clientId)===-1)return;const i=this.getAuthorityMetadata(o);i&&i.aliases.indexOf(e)!==-1&&(r=i)}),r}async removeAllAccounts(){const e=this.getAccountKeys(),t=[];e.forEach(r=>{t.push(this.removeAccount(r))}),await Promise.all(t)}async removeAccount(e){const t=this.getAccount(e,this.commonLogger);t&&(await this.removeAccountContext(t),this.removeItem(e))}async removeAccountContext(e){const t=this.getTokenKeys(),r=e.generateAccountId(),o=[];t.idToken.forEach(i=>{i.indexOf(r)===0&&this.removeIdToken(i)}),t.accessToken.forEach(i=>{i.indexOf(r)===0&&o.push(this.removeAccessToken(i))}),t.refreshToken.forEach(i=>{i.indexOf(r)===0&&this.removeRefreshToken(i)}),await Promise.all(o)}async removeAccessToken(e){const t=this.getAccessTokenCredential(e);if(t){if(t.credentialType.toLowerCase()===B.ACCESS_TOKEN_WITH_AUTH_SCHEME.toLowerCase()&&t.tokenType===X.POP){const o=t.keyId;if(o)try{await this.cryptoImpl.removeTokenBindingKey(o)}catch{throw v(kl)}}return this.removeItem(e)}}removeAppMetadata(){return this.getKeys().forEach(t=>{this.isAppMetadata(t)&&this.removeItem(t)}),!0}readAccountFromCache(e){const t=Oe.generateAccountCacheKey(e);return this.getAccount(t,this.commonLogger)}getIdToken(e,t,r,o,i){this.commonLogger.trace("CacheManager - getIdToken called");const s={homeAccountId:e.homeAccountId,environment:e.environment,credentialType:B.ID_TOKEN,clientId:this.clientId,realm:r},a=this.getIdTokensByFilter(s,t),c=a.size;if(c<1)return this.commonLogger.info("CacheManager:getIdToken - No token found"),null;if(c>1){let d=a;if(!r){const l=new Map;a.forEach((p,y)=>{p.realm===e.tenantId&&l.set(y,p)});const h=l.size;if(h<1)return this.commonLogger.info("CacheManager:getIdToken - Multiple ID tokens found for account but none match account entity tenant id, returning first result"),a.values().next().value;if(h===1)return this.commonLogger.info("CacheManager:getIdToken - Multiple ID tokens found for account, defaulting to home tenant profile"),l.values().next().value;d=l}return this.commonLogger.info("CacheManager:getIdToken - Multiple matching ID tokens found, clearing them"),d.forEach((l,h)=>{this.removeIdToken(h)}),o&&i&&o.addFields({multiMatchedID:a.size},i),null}return this.commonLogger.info("CacheManager:getIdToken - Returning ID token"),a.values().next().value}getIdTokensByFilter(e,t){const r=t&&t.idToken\|\|this.getTokenKeys().idToken,o=new Map;return r.forEach(i=>{if(!this.idTokenKeyMatchesFilter(i,{clientId:this.clientId,...e}))return;const s=this.getIdTokenCredential(i);s&&this.credentialMatchesFilter(s,e)&&o.set(i,s)}),o}idTokenKeyMatchesFilter(e,t){const r=e.toLowerCase();return!(t.clientId&&r.indexOf(t.clientId.toLowerCase())===-1\|\|t.homeAccountId&&r.indexOf(t.homeAccountId.toLowerCase())===-1)}removeIdToken(e){this.removeItem(e)}removeRefreshToken(e){this.removeItem(e)}getAccessToken(e,t,r,o,i,s){this.commonLogger.trace("CacheManager - getAccessToken called");const a=fe.createSearchScopes(t.scopes),c=t.authenticationScheme\|\|X.BEARER,d=c.toLowerCase()!==X.BEARER.toLowerCase()?B.ACCESS_TOKEN_WITH_AUTH_SCHEME:B.ACCESS_TOKEN,l={homeAccountId:e.homeAccountId,environment:e.environment,credentialType:d,clientId:this.clientId,realm:o\|\|e.tenantId,target:a,tokenType:c,keyId:t.sshKid,requestedClaimsHash:t.requestedClaimsHash},h=r&&r.accessToken\|\|this.getTokenKeys().accessToken,p=[];h.forEach(b=>{if(this.accessTokenKeyMatchesFilter(b,l,!0)){const S=this.getAccessTokenCredential(b);S&&this.credentialMatchesFilter(S,l)&&p.push(S)}});const y=p.length;return y<1?(this.commonLogger.info("CacheManager:getAccessToken - No token found"),null):y>1?(this.commonLogger.info("CacheManager:getAccessToken - Multiple access tokens found, clearing them"),p.forEach(b=>{this.removeAccessToken(ir(b))}),i&&s&&i.addFields({multiMatchedAT:p.length},s),null):(this.commonLogger.info("CacheManager:getAccessToken - Returning access token"),p[0])}accessTokenKeyMatchesFilter(e,t,r){const o=e.toLowerCase();if(t.clientId&&o.indexOf(t.clientId.toLowerCase())===-1\|\|t.homeAccountId&&o.indexOf(t.homeAccountId.toLowerCase())===-1\|\|t.realm&&o.indexOf(t.realm.toLowerCase())===-1\|\|t.requestedClaimsHash&&o.indexOf(t.requestedClaimsHash.toLowerCase())===-1)return!1;if(t.target){const i=t.target.asArray();for(let s=0;s<i.length;s++){if(r&&!o.includes(i[s].toLowerCase()))return!1;if(!r&&o.includes(i[s].toLowerCase()))return!0}}return!0}getAccessTokensByFilter(e){const t=this.getTokenKeys(),r=[];return t.accessToken.forEach(o=>{if(!this.accessTokenKeyMatchesFilter(o,e,!0))return;const i=this.getAccessTokenCredential(o);i&&this.credentialMatchesFilter(i,e)&&r.push(i)}),r}getRefreshToken(e,t,r,o,i){this.commonLogger.trace("CacheManager - getRefreshToken called");const s=t?rr:void 0,a={homeAccountId:e.homeAccountId,environment:e.environment,credentialType:B.REFRESH_TOKEN,clientId:this.clientId,familyId:s},c=r&&r.refreshToken\|\|this.getTokenKeys().refreshToken,d=[];c.forEach(h=>{if(this.refreshTokenKeyMatchesFilter(h,a)){const p=this.getRefreshTokenCredential(h);p&&this.credentialMatchesFilter(p,a)&&d.push(p)}});const l=d.length;return l<1?(this.commonLogger.info("CacheManager:getRefreshToken - No refresh token found."),null):(l>1&&o&&i&&o.addFields({multiMatchedRT:l},i),this.commonLogger.info("CacheManager:getRefreshToken - returning refresh token"),d[0])}refreshTokenKeyMatchesFilter(e,t){const r=e.toLowerCase();return!(t.familyId&&r.indexOf(t.familyId.toLowerCase())===-1\|\|!t.familyId&&t.clientId&&r.indexOf(t.clientId.toLowerCase())===-1\|\|t.homeAccountId&&r.indexOf(t.homeAccountId.toLowerCase())===-1)}readAppMetadataFromCache(e){const t={environment:e,clientId:this.clientId},r=this.getAppMetadataFilteredBy(t),o=Object.keys(r).map(s=>r[s]),i=o.length;if(i<1)return null;if(i>1)throw v(vl);return o[0]}isAppMetadataFOCI(e){const t=this.readAppMetadataFromCache(e);return!!(t&&t.familyId===rr)}matchHomeAccountId(e,t){return typeof e.homeAccountId=="string"&&t===e.homeAccountId}matchLocalAccountIdFromTokenClaims(e,t){const r=e.oid\|\|e.sub;return t===r}matchLocalAccountIdFromTenantProfile(e,t){return e.localAccountId===t}matchName(e,t){var r;return t.toLowerCase()===((r=e.name)==null?void 0:r.toLowerCase())}matchUsername(e,t){return!!(e&&typeof e=="string"&&(t==null?void 0:t.toLowerCase())===e.toLowerCase())}matchUserAssertionHash(e,t){return!!(e.userAssertionHash&&t===e.userAssertionHash)}matchEnvironment(e,t){if(this.staticAuthorityOptions){const o=Pg(this.staticAuthorityOptions,this.commonLogger);if(o.includes(t)&&o.includes(e.environment))return!0}const r=this.getAuthorityMetadataByAlias(t);return!!(r&&r.aliases.indexOf(e.environment)>-1)}matchCredentialType(e,t){return e.credentialType&&t.toLowerCase()===e.credentialType.toLowerCase()}matchClientId(e,t){return!!(e.clientId&&t===e.clientId)}matchFamilyId(e,t){return!!(e.familyId&&t===e.familyId)}matchRealm(e,t){var r;return((r=e.realm)==null?void 0:r.toLowerCase())===t.toLowerCase()}matchNativeAccountId(e,t){return!!(e.nativeAccountId&&t===e.nativeAccountId)}matchLoginHintFromTokenClaims(e,t){return e.login_hint===t\|\|e.preferred_username===t\|\|e.upn===t}matchSid(e,t){return e.sid===t}matchAuthorityType(e,t){return!!(e.authorityType&&t.toLowerCase()===e.authorityType.toLowerCase())}matchTarget(e,t){return e.credentialType!==B.ACCESS_TOKEN&&e.credentialType!==B.ACCESS_TOKEN_WITH_AUTH_SCHEME\|\|!e.target?!1:fe.fromString(e.target).containsScopeSet(t)}matchTokenType(e,t){return!!(e.tokenType&&e.tokenType===t)}matchKeyId(e,t){return!!(e.keyId&&e.keyId===t)}isAppMetadata(e){return e.indexOf(Zi)!==-1}isAuthorityMetadata(e){return e.indexOf(jr.CACHE_KEY)!==-1}generateAuthorityMetadataCacheKey(e){return`${jr.CACHE_KEY}-${this.clientId}-${e}`}static toObject(e,t){for(const r in t)e[r]=t[r];return e}}class Mg extends vi{async setAccount(){throw v(z)}getAccount(){throw v(z)}async setIdTokenCredential(){throw v(z)}getIdTokenCredential(){throw v(z)}async setAccessTokenCredential(){throw v(z)}getAccessTokenCredential(){throw v(z)}async setRefreshTokenCredential(){throw v(z)}getRefreshTokenCredential(){throw v(z)}setAppMetadata(){throw v(z)}getAppMetadata(){throw v(z)}setServerTelemetry(){throw v(z)}getServerTelemetry(){throw v(z)}setAuthorityMetadata(){throw v(z)}getAuthorityMetadata(){throw v(z)}getAuthorityMetadataKeys(){throw v(z)}setThrottlingCache(){throw v(z)}getThrottlingCache(){throw v(z)}removeItem(){throw v(z)}getKeys(){throw v(z)}getAccountKeys(){throw v(z)}getTokenKeys(){throw v(z)}}/! @azure/msal-common v15.4.0 2025-03-25 /const td={tokenRenewalOffsetSeconds:ng,preventCorsPreflight:!1},xg={loggerCallback:()=>{},piiLoggingEnabled:!1,logLevel:he.Info,correlationId:C.EMPTY_STRING},Hg={claimsBasedCachingEnabled:!1},Lg={async sendGetRequestAsync(){throw v(z)},async sendPostRequestAsync(){throw v(z)}},Ug={sku:C.SKU,version:as,cpu:C.EMPTY_STRING,os:C.EMPTY_STRING},Dg={clientSecret:C.EMPTY_STRING,clientAssertion:void 0},Fg={azureCloudInstance:cs.None,tenant:`${C.DEFAULT_COMMON_TENANT}`},Kg={application:{appName:"",appVersion:""}};function Bg({authOptions:n,systemOptions:e,loggerOptions:t,cacheOptions:r,storageInterface:o,networkInterface:i,cryptoInterface:s,clientCredentials:a,libraryInfo:c,telemetry:d,serverTelemetryManager:l,persistencePlugin:h,serializableCache:p}){const y={...xg,...t};return{authOptions:Gg(n),systemOptions:{...td,...e},loggerOptions:y,cacheOptions:{...Hg,...r},storageInterface:o\|\|new Mg(n.clientId,ur,new Ht(y)),networkInterface:i\|\|Lg,cryptoInterface:s\|\|ur,clientCredentials:a\|\|Dg,libraryInfo:{...Ug,...c},telemetry:{...Kg,...d},serverTelemetryManager:l\|\|null,persistencePlugin:h\|\|null,serializableCache:p\|\|null}}function Gg(n){return{clientCapabilities:[],azureCloudOptions:Fg,skipAuthorityMetadataCache:!1,instanceAware:!1,...n}}function nd(n){return n.authOptions.authority.options.protocolMode===Ue.OIDC}/! @azure/msal-common v15.4.0 2025-03-25 /const it={HOME_ACCOUNT_ID:"home_account_id",UPN:"UPN"};/! @azure/msal-common v15.4.0 2025-03-25 /const gn="client_id",rd="redirect_uri",$g="response_type",zg="response_mode",qg="grant_type",Vg="claims",jg="scope",Wg="refresh_token",Yg="state",Qg="nonce",Jg="prompt",Xg="code",Zg="code_challenge",ep="code_challenge_method",tp="code_verifier",np="client-request-id",rp="x-client-SKU",op="x-client-VER",ip="x-client-OS",sp="x-client-CPU",ap="x-client-current-telemetry",cp="x-client-last-telemetry",lp="x-ms-lib-capability",dp="x-app-name",hp="x-app-ver",up="post_logout_redirect_uri",fp="id_token_hint",gp="client_secret",pp="client_assertion",mp="client_assertion_type",od="token_type",id="req_cnf",Ba="return_spa_code",Cp="nativebroker",yp="logout_hint",Tp="sid",Ap="login_hint",vp="domain_hint",wp="x-client-xtra-sku",eo="brk_client_id",to="brk_redirect_uri",wi="instance_aware",Ip="ear_jwk",Ep="ear_jwe_crypto";/! @azure/msal-common v15.4.0 2025-03-25 /function So(n,e,t){if(!e)return;const r=n.get(gn);r&&n.has(eo)&&(t==null\|\|t.addFields({embeddedClientId:r,embeddedRedirectUri:n.get(rd)},e))}function sd(n,e){n.set($g,e)}function _p(n,e){n.set(zg,e\|\|Zf.QUERY)}function Sp(n){n.set(Cp,"1")}function ps(n,e,t=!0,r=yn){t&&!r.includes("openid")&&!e.includes("openid")&&r.push("openid");const o=t?[...e\|\|[],...r]:e\|\|[],i=new fe(o);n.set(jg,i.printScopes())}function ms(n,e){n.set(gn,e)}function Cs(n,e){n.set(rd,e)}function bp(n,e){n.set(up,e)}function kp(n,e){n.set(fp,e)}function Rp(n,e){n.set(vp,e)}function Pr(n,e){n.set(Ap,e)}function no(n,e){n.set(Me.CCS_HEADER,`UPN:${e}`)}function sr(n,e){n.set(Me.CCS_HEADER,`Oid:${e.uid}@${e.utid}`)}function Ga(n,e){n.set(Tp,e)}function ys(n,e,t){const r=fd(e,t);try{JSON.parse(r)}catch{throw oe(wo)}n.set(Vg,r)}function Ts(n,e){n.set(np,e)}function As(n,e){n.set(rp,e.sku),n.set(op,e.version),e.os&&n.set(ip,e.os),e.cpu&&n.set(sp,e.cpu)}function vs(n,e){e!=null&&e.appName&&n.set(dp,e.appName),e!=null&&e.appVersion&&n.set(hp,e.appVersion)}function Op(n,e){n.set(Jg,e)}function ad(n,e){e&&n.set(Yg,e)}function Pp(n,e){n.set(Qg,e)}function Np(n,e,t){if(e&&t)n.set(Zg,e),n.set(ep,t);else throw oe(Io)}function Mp(n,e){n.set(Xg,e)}function xp(n,e){n.set(Wg,e)}function Hp(n,e){n.set(tp,e)}function cd(n,e){n.set(gp,e)}function ld(n,e){e&&n.set(pp,e)}function dd(n,e){e&&n.set(mp,e)}function hd(n,e){n.set(qg,e)}function ws(n){n.set(eg,"1")}function ud(n){n.has(wi)\|\|n.set(wi,"true")}function hn(n,e){Object.entries(e).forEach(([t,r])=>{!n.has(t)&&r&&n.set(t,r)})}function fd(n,e){let t;if(!n)t={};else try{t=JSON.parse(n)}catch{throw oe(wo)}return e&&e.length>0&&(t.hasOwnProperty(br.ACCESS_TOKEN)\|\|(t[br.ACCESS_TOKEN]={}),t[br.ACCESS_TOKEN][br.XMS_CC]={values:e}),JSON.stringify(t)}function Is(n,e){e&&(n.set(od,X.POP),n.set(id,e))}function gd(n,e){e&&(n.set(od,X.SSH),n.set(id,e))}function pd(n,e){n.set(ap,e.generateCurrentRequestHeaderValue()),n.set(cp,e.generateLastRequestHeaderValue())}function md(n){n.set(lp,or.X_MS_LIB_CAPABILITY_VALUE)}function Lp(n,e){n.set(yp,e)}function bo(n,e,t){n.has(eo)\|\|n.set(eo,e),n.has(to)\|\|n.set(to,t)}function Up(n,e){n.set(Ip,encodeURIComponent(e)),n.set(Ep,"eyJhbGciOiJkaXIiLCJlbmMiOiJBMjU2R0NNIn0")}/! @azure/msal-common v15.4.0 2025-03-25 /function Dp(n){return n.hasOwnProperty("authorization_endpoint")&&n.hasOwnProperty("token_endpoint")&&n.hasOwnProperty("issuer")&&n.hasOwnProperty("jwks_uri")}/! @azure/msal-common v15.4.0 2025-03-25 /function Fp(n){return n.hasOwnProperty("tenant_discovery_endpoint")&&n.hasOwnProperty("metadata")}/! @azure/msal-common v15.4.0 2025-03-25 /function Kp(n){return n.hasOwnProperty("error")&&n.hasOwnProperty("error_description")}/! @azure/msal-common v15.4.0 2025-03-25 /const f={AcquireTokenByCode:"acquireTokenByCode",AcquireTokenByRefreshToken:"acquireTokenByRefreshToken",AcquireTokenSilent:"acquireTokenSilent",AcquireTokenSilentAsync:"acquireTokenSilentAsync",AcquireTokenPopup:"acquireTokenPopup",AcquireTokenPreRedirect:"acquireTokenPreRedirect",AcquireTokenRedirect:"acquireTokenRedirect",CryptoOptsGetPublicKeyThumbprint:"cryptoOptsGetPublicKeyThumbprint",CryptoOptsSignJwt:"cryptoOptsSignJwt",SilentCacheClientAcquireToken:"silentCacheClientAcquireToken",SilentIframeClientAcquireToken:"silentIframeClientAcquireToken",AwaitConcurrentIframe:"awaitConcurrentIframe",SilentRefreshClientAcquireToken:"silentRefreshClientAcquireToken",SsoSilent:"ssoSilent",StandardInteractionClientGetDiscoveredAuthority:"standardInteractionClientGetDiscoveredAuthority",FetchAccountIdWithNativeBroker:"fetchAccountIdWithNativeBroker",NativeInteractionClientAcquireToken:"nativeInteractionClientAcquireToken",BaseClientCreateTokenRequestHeaders:"baseClientCreateTokenRequestHeaders",NetworkClientSendPostRequestAsync:"networkClientSendPostRequestAsync",RefreshTokenClientExecutePostToTokenEndpoint:"refreshTokenClientExecutePostToTokenEndpoint",AuthorizationCodeClientExecutePostToTokenEndpoint:"authorizationCodeClientExecutePostToTokenEndpoint",BrokerHandhshake:"brokerHandshake",AcquireTokenByRefreshTokenInBroker:"acquireTokenByRefreshTokenInBroker",AcquireTokenByBroker:"acquireTokenByBroker",RefreshTokenClientExecuteTokenRequest:"refreshTokenClientExecuteTokenRequest",RefreshTokenClientAcquireToken:"refreshTokenClientAcquireToken",RefreshTokenClientAcquireTokenWithCachedRefreshToken:"refreshTokenClientAcquireTokenWithCachedRefreshToken",RefreshTokenClientAcquireTokenByRefreshToken:"refreshTokenClientAcquireTokenByRefreshToken",RefreshTokenClientCreateTokenRequestBody:"refreshTokenClientCreateTokenRequestBody",AcquireTokenFromCache:"acquireTokenFromCache",SilentFlowClientAcquireCachedToken:"silentFlowClientAcquireCachedToken",SilentFlowClientGenerateResultFromCacheRecord:"silentFlowClientGenerateResultFromCacheRecord",AcquireTokenBySilentIframe:"acquireTokenBySilentIframe",InitializeBaseRequest:"initializeBaseRequest",InitializeSilentRequest:"initializeSilentRequest",InitializeClientApplication:"initializeClientApplication",InitializeCache:"initializeCache",SilentIframeClientTokenHelper:"silentIframeClientTokenHelper",SilentHandlerInitiateAuthRequest:"silentHandlerInitiateAuthRequest",SilentHandlerMonitorIframeForHash:"silentHandlerMonitorIframeForHash",SilentHandlerLoadFrame:"silentHandlerLoadFrame",SilentHandlerLoadFrameSync:"silentHandlerLoadFrameSync",StandardInteractionClientCreateAuthCodeClient:"standardInteractionClientCreateAuthCodeClient",StandardInteractionClientGetClientConfiguration:"standardInteractionClientGetClientConfiguration",StandardInteractionClientInitializeAuthorizationRequest:"standardInteractionClientInitializeAuthorizationRequest",GetAuthCodeUrl:"getAuthCodeUrl",GetStandardParams:"getStandardParams",HandleCodeResponseFromServer:"handleCodeResponseFromServer",HandleCodeResponse:"handleCodeResponse",HandleResponseEar:"handleResponseEar",HandleResponsePlatformBroker:"handleResponsePlatformBroker",HandleResponseCode:"handleResponseCode",UpdateTokenEndpointAuthority:"updateTokenEndpointAuthority",AuthClientAcquireToken:"authClientAcquireToken",AuthClientExecuteTokenRequest:"authClientExecuteTokenRequest",AuthClientCreateTokenRequestBody:"authClientCreateTokenRequestBody",PopTokenGenerateCnf:"popTokenGenerateCnf",PopTokenGenerateKid:"popTokenGenerateKid",HandleServerTokenResponse:"handleServerTokenResponse",DeserializeResponse:"deserializeResponse",AuthorityFactoryCreateDiscoveredInstance:"authorityFactoryCreateDiscoveredInstance",AuthorityResolveEndpointsAsync:"authorityResolveEndpointsAsync",AuthorityResolveEndpointsFromLocalSources:"authorityResolveEndpointsFromLocalSources",AuthorityGetCloudDiscoveryMetadataFromNetwork:"authorityGetCloudDiscoveryMetadataFromNetwork",AuthorityUpdateCloudDiscoveryMetadata:"authorityUpdateCloudDiscoveryMetadata",AuthorityGetEndpointMetadataFromNetwork:"authorityGetEndpointMetadataFromNetwork",AuthorityUpdateEndpointMetadata:"authorityUpdateEndpointMetadata",AuthorityUpdateMetadataWithRegionalInformation:"authorityUpdateMetadataWithRegionalInformation",RegionDiscoveryDetectRegion:"regionDiscoveryDetectRegion",RegionDiscoveryGetRegionFromIMDS:"regionDiscoveryGetRegionFromIMDS",RegionDiscoveryGetCurrentVersion:"regionDiscoveryGetCurrentVersion",AcquireTokenByCodeAsync:"acquireTokenByCodeAsync",GetEndpointMetadataFromNetwork:"getEndpointMetadataFromNetwork",GetCloudDiscoveryMetadataFromNetworkMeasurement:"getCloudDiscoveryMetadataFromNetworkMeasurement",HandleRedirectPromiseMeasurement:"handleRedirectPromise",HandleNativeRedirectPromiseMeasurement:"handleNativeRedirectPromise",UpdateCloudDiscoveryMetadataMeasurement:"updateCloudDiscoveryMetadataMeasurement",UsernamePasswordClientAcquireToken:"usernamePasswordClientAcquireToken",NativeMessageHandlerHandshake:"nativeMessageHandlerHandshake",NativeGenerateAuthResult:"nativeGenerateAuthResult",RemoveHiddenIframe:"removeHiddenIframe",ClearTokensAndKeysWithClaims:"clearTokensAndKeysWithClaims",CacheManagerGetRefreshToken:"cacheManagerGetRefreshToken",ImportExistingCache:"importExistingCache",SetUserData:"setUserData",LocalStorageUpdated:"localStorageUpdated",GeneratePkceCodes:"generatePkceCodes",GenerateCodeVerifier:"generateCodeVerifier",GenerateCodeChallengeFromVerifier:"generateCodeChallengeFromVerifier",Sha256Digest:"sha256Digest",GetRandomValues:"getRandomValues",GenerateHKDF:"generateHKDF",GenerateBaseKey:"generateBaseKey",Base64Decode:"base64Decode",UrlEncodeArr:"urlEncodeArr",Encrypt:"encrypt",Decrypt:"decrypt",GenerateEarKey:"generateEarKey",DecryptEarResponse:"decryptEarResponse"},Bp={InProgress:1};/! @azure/msal-common v15.4.0 2025-03-25 /const lt=(n,e,t,r,o)=>(...i)=>{t.trace(`Executing function ${e}`);const s=r==null?void 0:r.startMeasurement(e,o);if(o){const a=e+"CallCount";r==null\|\|r.incrementFields({[a]:1},o)}try{const a=n(...i);return s==null\|\|s.end({success:!0}),t.trace(`Returning result from ${e}`),a}catch(a){t.trace(`Error occurred in ${e}`);try{t.trace(JSON.stringify(a))}catch{t.trace("Unable to print error message.")}throw s==null\|\|s.end({success:!1},a),a}},T=(n,e,t,r,o)=>(...i)=>{t.trace(`Executing function ${e}`);const s=r==null?void 0:r.startMeasurement(e,o);if(o){const a=e+"CallCount";r==null\|\|r.incrementFields({[a]:1},o)}return r==null\|\|r.setPreQueueTime(e,o),n(...i).then(a=>(t.trace(`Returning result from ${e}`),s==null\|\|s.end({success:!0}),a)).catch(a=>{t.trace(`Error occurred in ${e}`);try{t.trace(JSON.stringify(a))}catch{t.trace("Unable to print error message.")}throw s==null\|\|s.end({success:!1},a),a})};/! @azure/msal-common v15.4.0 2025-03-25 /class ko{constructor(e,t,r,o){this.networkInterface=e,this.logger=t,this.performanceClient=r,this.correlationId=o}async detectRegion(e,t){var o;(o=this.performanceClient)==null\|\|o.addQueueMeasurement(f.RegionDiscoveryDetectRegion,this.correlationId);let r=e;if(r)t.region_source=In.ENVIRONMENT_VARIABLE;else{const i=ko.IMDS_OPTIONS;try{const s=await T(this.getRegionFromIMDS.bind(this),f.RegionDiscoveryGetRegionFromIMDS,this.logger,this.performanceClient,this.correlationId)(C.IMDS_VERSION,i);if(s.status===Rr.httpSuccess&&(r=s.body,t.region_source=In.IMDS),s.status===Rr.httpBadRequest){const a=await T(this.getCurrentVersion.bind(this),f.RegionDiscoveryGetCurrentVersion,this.logger,this.performanceClient,this.correlationId)(i);if(!a)return t.region_source=In.FAILED_AUTO_DETECTION,null;const c=await T(this.getRegionFromIMDS.bind(this),f.RegionDiscoveryGetRegionFromIMDS,this.logger,this.performanceClient,this.correlationId)(a,i);c.status===Rr.httpSuccess&&(r=c.body,t.region_source=In.IMDS)}}catch{return t.region_source=In.FAILED_AUTO_DETECTION,null}}return r\|\|(t.region_source=In.FAILED_AUTO_DETECTION),r\|\|null}async getRegionFromIMDS(e,t){var r;return(r=this.performanceClient)==null\|\|r.addQueueMeasurement(f.RegionDiscoveryGetRegionFromIMDS,this.correlationId),this.networkInterface.sendGetRequestAsync(`${C.IMDS_ENDPOINT}?api-version=${e}&format=text`,t,C.IMDS_TIMEOUT)}async getCurrentVersion(e){var t;(t=this.performanceClient)==null\|\|t.addQueueMeasurement(f.RegionDiscoveryGetCurrentVersion,this.correlationId);try{const r=await this.networkInterface.sendGetRequestAsync(`${C.IMDS_ENDPOINT}?format=json`,e);return r.status===Rr.httpBadRequest&&r.body&&r.body["newest-versions"]&&r.body["newest-versions"].length>0?r.body["newest-versions"][0]:null}catch{return null}}}ko.IMDS_OPTIONS={headers:{Metadata:"true"}};/! @azure/msal-common v15.4.0 2025-03-25 */class _e{constructor(e,t,r,o,i,s,a,c){this.canonicalAuthority=e,this._canonicalAuthority.validateAsUri(),this.networkInterface=t,this.cacheManager=r,this.authorityOptions=o,this.regionDiscoveryMetadata={region_used:void 0,region_source:void 0,region_outcome:void 0},this.logger=i,this.performanceClient=a,this.correlationId=s,this.managedIdentity=c\|\|!1,this.regionDiscovery=new ko(t,this.logger,this.performanceClient,this.correlationId)}getAuthorityType(e){if(e.HostNameAndPort.endsWith(C.CIAM_AUTH_URL))return rt.Ciam;const t=e.PathSegments;if(t.length)switch(t[0].toLowerCase()){case C.ADFS:return rt.Adfs;case C.DSTS:return rt.Dsts}return rt.Default}get authorityType(){return this.getAuthorityType(this.canonicalAuthorityUrlComponents)}get protocolMode(){return this.authorityOptions.protocolMode}get options(){return this.authorityOptions}get canonicalAuthority(){return this._canonicalAuthority.urlString}set canonicalAuthority(e){this._canonicalAuthority=new Q(e),this._canonicalAuthority.validateAsUri(),this._canonicalAuthorityUrlComponents=null}get canonicalAuthorityUrlComponents(){return this._canonicalAuthorityUrlComponents\|\|(this._canonicalAuthorityUrlComponents=this._canonicalAuthority.getUrlComponents()),this._canonicalAuthorityUrlComponents}get hostnameAndPort(){return this.canonicalAuthorityUrlComponents.HostNameAndPort.toLowerCase()}get tenant(){return this.canonicalAuthorityUrlComponents.PathSegments[0]}get authorizationEndpoint(){if(this.discoveryComplete())return this.replacePath(this.metadata.authorization_endpoint);throw v(Ot)}get tokenEndpoint(){if(this.discoveryComplete())return this.replacePath(this.metadata.token_endpoint);throw v(Ot)}get deviceCodeEndpoint(){if(this.discoveryComplete())return this.replacePath(this.metadata.token_endpoint.replace("/token","/devicecode"));throw v(Ot)}get endSessionEndpoint(){if(this.discoveryComplete()){if(!this.metadata.end_session_endpoint)throw v(Rl);return this.replacePath(this.metadata.end_session_endpoint)}else throw v(Ot)}get selfSignedJwtAudience(){if(this.discoveryComplete())return this.replacePath(this.metadata.issuer);throw v(Ot)}get jwksUri(){if(this.discoveryComplete())return this.replacePath(this.metadata.jwks_uri);throw v(Ot)}canReplaceTenant(e){return e.PathSegments.length===1&&!_e.reservedTenantDomains.has(e.PathSegments[0])&&this.getAuthorityType(e)===rt.Default&&this.protocolMode!==Ue.OIDC}replaceTenant(e){return e.replace(/{tenant}\|{tenantid}/g,this.tenant)}replacePath(e){let t=e;const o=new Q(this.metadata.canonical_authority).getUrlComponents(),i=o.PathSegments;return this.canonicalAuthorityUrlComponents.PathSegments.forEach((a,c)=>{let d=i[c];if(c===0&&this.canReplaceTenant(o)){const l=new Q(this.metadata.authorization_endpoint).getUrlComponents().PathSegments[0];d!==l&&(this.logger.verbose(`Replacing tenant domain name ${d} with id ${l}`),d=l)}a!==d&&(t=t.replace(`/${d}/`,`/${a}/`))}),this.replaceTenant(t)}get defaultOpenIdConfigurationEndpoint(){const e=this.hostnameAndPort;return this.canonicalAuthority.endsWith("v2.0/")\|\|this.authorityType===rt.Adfs\|\|this.protocolMode===Ue.OIDC&&!this.isAliasOfKnownMicrosoftAuthority(e)?`${this.canonicalAuthority}.well-known/openid-configuration`:`${this.canonicalAuthority}v2.0/.well-known/openid-configuration`}discoveryComplete(){return!!this.metadata}async resolveEndpointsAsync(){var o,i;(o=this.performanceClient)==null\|\|o.addQueueMeasurement(f.AuthorityResolveEndpointsAsync,this.correlationId);const e=this.getCurrentMetadataEntity(),t=await T(this.updateCloudDiscoveryMetadata.bind(this),f.AuthorityUpdateCloudDiscoveryMetadata,this.logger,this.performanceClient,this.correlationId)(e);this.canonicalAuthority=this.canonicalAuthority.replace(this.hostnameAndPort,e.preferred_network);const r=await T(this.updateEndpointMetadata.bind(this),f.AuthorityUpdateEndpointMetadata,this.logger,this.performanceClient,this.correlationId)(e);this.updateCachedMetadata(e,t,{source:r}),(i=this.performanceClient)==null\|\|i.addFields({cloudDiscoverySource:t,authorityEndpointSource:r},this.correlationId)}getCurrentMetadataEntity(){let e=this.cacheManager.getAuthorityMetadataByAlias(this.hostnameAndPort);return e\|\|(e={aliases:[],preferred_cache:this.hostnameAndPort,preferred_network:this.hostnameAndPort,canonical_authority:this.canonicalAuthority,authorization_endpoint:"",token_endpoint:"",end_session_endpoint:"",issuer:"",aliasesFromNetwork:!1,endpointsFromNetwork:!1,expiresAt:La(),jwks_uri:""}),e}updateCachedMetadata(e,t,r){t!==qe.CACHE&&(r==null?void 0:r.source)!==qe.CACHE&&(e.expiresAt=La(),e.canonical_authority=this.canonicalAuthority);const o=this.cacheManager.generateAuthorityMetadataCacheKey(e.preferred_cache);this.cacheManager.setAuthorityMetadata(o,e),this.metadata=e}async updateEndpointMetadata(e){var o,i,s;(o=this.performanceClient)==null\|\|o.addQueueMeasurement(f.AuthorityUpdateEndpointMetadata,this.correlationId);const t=this.updateEndpointMetadataFromLocalSources(e);if(t){if(t.source===qe.HARDCODED_VALUES&&(i=this.authorityOptions.azureRegionConfiguration)!=null&&i.azureRegion&&t.metadata){const a=await T(this.updateMetadataWithRegionalInformation.bind(this),f.AuthorityUpdateMetadataWithRegionalInformation,this.logger,this.performanceClient,this.correlationId)(t.metadata);Or(e,a,!1),e.canonical_authority=this.canonicalAuthority}return t.source}let r=await T(this.getEndpointMetadataFromNetwork.bind(this),f.AuthorityGetEndpointMetadataFromNetwork,this.logger,this.performanceClient,this.correlationId)();if(r)return(s=this.authorityOptions.azureRegionConfiguration)!=null&&s.azureRegion&&(r=await T(this.updateMetadataWithRegionalInformation.bind(this),f.AuthorityUpdateMetadataWithRegionalInformation,this.logger,this.performanceClient,this.correlationId)(r)),Or(e,r,!0),qe.NETWORK;throw v(ml,this.defaultOpenIdConfigurationEndpoint)}updateEndpointMetadataFromLocalSources(e){this.logger.verbose("Attempting to get endpoint metadata from authority configuration");const t=this.getEndpointMetadataFromConfig();if(t)return this.logger.verbose("Found endpoint metadata in authority configuration"),Or(e,t,!1),{source:qe.CONFIG};if(this.logger.verbose("Did not find endpoint metadata in the config... Attempting to get endpoint metadata from the hardcoded values."),this.authorityOptions.skipAuthorityMetadataCache)this.logger.verbose("Skipping hardcoded metadata cache since skipAuthorityMetadataCache is set to true. Attempting to get endpoint metadata from the network metadata cache.");else{const o=this.getEndpointMetadataFromHardcodedValues();if(o)return Or(e,o,!1),{source:qe.HARDCODED_VALUES,metadata:o};this.logger.verbose("Did not find endpoint metadata in hardcoded values... Attempting to get endpoint metadata from the network metadata cache.")}const r=Ua(e);return this.isAuthoritySameType(e)&&e.endpointsFromNetwork&&!r?(this.logger.verbose("Found endpoint metadata in the cache."),{source:qe.CACHE}):(r&&this.logger.verbose("The metadata entity is expired."),null)}isAuthoritySameType(e){return new Q(e.canonical_authority).getUrlComponents().PathSegments.length===this.canonicalAuthorityUrlComponents.PathSegments.length}getEndpointMetadataFromConfig(){if(this.authorityOptions.authorityMetadata)try{return JSON.parse(this.authorityOptions.authorityMetadata)}catch{throw oe(zl)}return null}async getEndpointMetadataFromNetwork(){var r;(r=this.performanceClient)==null\|\|r.addQueueMeasurement(f.AuthorityGetEndpointMetadataFromNetwork,this.correlationId);const e={},t=this.defaultOpenIdConfigurationEndpoint;this.logger.verbose(`Authority.getEndpointMetadataFromNetwork: attempting to retrieve OAuth endpoints from ${t}`);try{const o=await this.networkInterface.sendGetRequestAsync(t,e);return Dp(o.body)?o.body:(this.logger.verbose("Authority.getEndpointMetadataFromNetwork: could not parse response as OpenID configuration"),null)}catch(o){return this.logger.verbose(`Authority.getEndpointMetadataFromNetwork: ${o}`),null}}getEndpointMetadataFromHardcodedValues(){return this.hostnameAndPort in Fa?Fa[this.hostnameAndPort]:null}async updateMetadataWithRegionalInformation(e){var r,o,i;(r=this.performanceClient)==null\|\|r.addQueueMeasurement(f.AuthorityUpdateMetadataWithRegionalInformation,this.correlationId);const t=(o=this.authorityOptions.azureRegionConfiguration)==null?void 0:o.azureRegion;if(t){if(t!==C.AZURE_REGION_AUTO_DISCOVER_FLAG)return this.regionDiscoveryMetadata.region_outcome=ei.CONFIGURED_NO_AUTO_DETECTION,this.regionDiscoveryMetadata.region_used=t,_e.replaceWithRegionalInformation(e,t);const s=await T(this.regionDiscovery.detectRegion.bind(this.regionDiscovery),f.RegionDiscoveryDetectRegion,this.logger,this.performanceClient,this.correlationId)((i=this.authorityOptions.azureRegionConfiguration)==null?void 0:i.environmentRegion,this.regionDiscoveryMetadata);if(s)return this.regionDiscoveryMetadata.region_outcome=ei.AUTO_DETECTION_REQUESTED_SUCCESSFUL,this.regionDiscoveryMetadata.region_used=s,_e.replaceWithRegionalInformation(e,s);this.regionDiscoveryMetadata.region_outcome=ei.AUTO_DETECTION_REQUESTED_FAILED}return e}async updateCloudDiscoveryMetadata(e){var o;(o=this.performanceClient)==null\|\|o.addQueueMeasurement(f.AuthorityUpdateCloudDiscoveryMetadata,this.correlationId);const t=this.updateCloudDiscoveryMetadataFromLocalSources(e);if(t)return t;const r=await T(this.getCloudDiscoveryMetadataFromNetwork.bind(this),f.AuthorityGetCloudDiscoveryMetadataFromNetwork,this.logger,this.performanceClient,this.correlationId)();if(r)return ti(e,r,!0),qe.NETWORK;throw oe(ql)}updateCloudDiscoveryMetadataFromLocalSources(e){this.logger.verbose("Attempting to get cloud discovery metadata from authority configuration"),this.logger.verbosePii(`Known Authorities: ${this.authorityOptions.knownAuthorities\|\|C.NOT_APPLICABLE}`),this.logger.verbosePii(`Authority Metadata: ${this.authorityOptions.authorityMetadata\|\|C.NOT_APPLICABLE}`),this.logger.verbosePii(`Canonical Authority: ${e.canonical_authority\|\|C.NOT_APPLICABLE}`);const t=this.getCloudDiscoveryMetadataFromConfig();if(t)return this.logger.verbose("Found cloud discovery metadata in authority configuration"),ti(e,t,!1),qe.CONFIG;if(this.logger.verbose("Did not find cloud discovery metadata in the config... Attempting to get cloud discovery metadata from the hardcoded values."),this.options.skipAuthorityMetadataCache)this.logger.verbose("Skipping hardcoded cloud discovery metadata cache since skipAuthorityMetadataCache is set to true. Attempting to get cloud discovery metadata from the network metadata cache.");else{const o=Ng(this.hostnameAndPort);if(o)return this.logger.verbose("Found cloud discovery metadata from hardcoded values."),ti(e,o,!1),qe.HARDCODED_VALUES;this.logger.verbose("Did not find cloud discovery metadata in hardcoded values... Attempting to get cloud discovery metadata from the network metadata cache.")}const r=Ua(e);return this.isAuthoritySameType(e)&&e.aliasesFromNetwork&&!r?(this.logger.verbose("Found cloud discovery metadata in the cache."),qe.CACHE):(r&&this.logger.verbose("The metadata entity is expired."),null)}getCloudDiscoveryMetadataFromConfig(){if(this.authorityType===rt.Ciam)return this.logger.verbose("CIAM authorities do not support cloud discovery metadata, generate the aliases from authority host."),_e.createCloudDiscoveryMetadataFromHost(this.hostnameAndPort);if(this.authorityOptions.cloudDiscoveryMetadata){this.logger.verbose("The cloud discovery metadata has been provided as a network response, in the config.");try{this.logger.verbose("Attempting to parse the cloud discovery metadata.");const e=JSON.parse(this.authorityOptions.cloudDiscoveryMetadata),t=Zr(e.metadata,this.hostnameAndPort);if(this.logger.verbose("Parsed the cloud discovery metadata."),t)return this.logger.verbose("There is returnable metadata attached to the parsed cloud discovery metadata."),t;this.logger.verbose("There is no metadata attached to the parsed cloud discovery metadata.")}catch{throw this.logger.verbose("Unable to parse the cloud discovery metadata. Throwing Invalid Cloud Discovery Metadata Error."),oe(ds)}}return this.isInKnownAuthorities()?(this.logger.verbose("The host is included in knownAuthorities. Creating new cloud discovery metadata from the host."),_e.createCloudDiscoveryMetadataFromHost(this.hostnameAndPort)):null}async getCloudDiscoveryMetadataFromNetwork(){var o;(o=this.performanceClient)==null\|\|o.addQueueMeasurement(f.AuthorityGetCloudDiscoveryMetadataFromNetwork,this.correlationId);const e=`${C.AAD_INSTANCE_DISCOVERY_ENDPT}${this.canonicalAuthority}oauth2/v2.0/authorize`,t={};let r=null;try{const i=await this.networkInterface.sendGetRequestAsync(e,t);let s,a;if(Fp(i.body))s=i.body,a=s.metadata,this.logger.verbosePii(`tenant_discovery_endpoint is: ${s.tenant_discovery_endpoint}`);else if(Kp(i.body)){if(this.logger.warning(`A CloudInstanceDiscoveryErrorResponse was returned. The cloud instance discovery network request's status code is: ${i.status}`),s=i.body,s.error===C.INVALID_INSTANCE)return this.logger.error("The CloudInstanceDiscoveryErrorResponse error is invalid_instance."),null;this.logger.warning(`The CloudInstanceDiscoveryErrorResponse error is ${s.error}`),this.logger.warning(`The CloudInstanceDiscoveryErrorResponse error description is ${s.error_description}`),this.logger.warning("Setting the value of the CloudInstanceDiscoveryMetadata (returned from the network) to []"),a=[]}else return this.logger.error("AAD did not return a CloudInstanceDiscoveryResponse or CloudInstanceDiscoveryErrorResponse"),null;this.logger.verbose("Attempting to find a match between the developer's authority and the CloudInstanceDiscoveryMetadata returned from the network request."),r=Zr(a,this.hostnameAndPort)}catch(i){if(i instanceof Z)this.logger.error(`There was a network error while attempting to get the cloud discovery instance metadata.
	Error: ${i.errorCode}
	Error Description: ${i.errorMessage}`);else{const s=i;this.logger.error(`A non-MSALJS error was thrown while attempting to get the cloud instance discovery metadata.
	Error: ${s.name}
	-Error Description: ${s.message}`)}return null}return r\|\|(this.logger.warning("The developer's authority was not found within the CloudInstanceDiscoveryMetadata returned from the network request."),this.logger.verbose("Creating custom Authority for custom domain scenario."),r=Ee.createCloudDiscoveryMetadataFromHost(this.hostnameAndPort)),r}isInKnownAuthorities(){return this.authorityOptions.knownAuthorities.filter(t=>t&&Q.getDomainFromUrl(t).toLowerCase()===this.hostnameAndPort).length>0}static generateAuthority(e,t){let r;if(t&&t.azureCloudInstance!==as.None){const o=t.tenant?t.tenant:C.DEFAULT_COMMON_TENANT;r=`${t.azureCloudInstance}/${o}/`}return r\|\|e}static createCloudDiscoveryMetadataFromHost(e){return{preferred_network:e,preferred_cache:e,aliases:[e]}}getPreferredCache(){if(this.managedIdentity)return C.DEFAULT_AUTHORITY_HOST;if(this.discoveryComplete())return this.metadata.preferred_cache;throw v(Ot)}isAlias(e){return this.metadata.aliases.indexOf(e)>-1}isAliasOfKnownMicrosoftAuthority(e){return Xl.has(e)}static isPublicCloudAuthority(e){return C.KNOWN_PUBLIC_CLOUDS.indexOf(e)>=0}static buildRegionalAuthorityString(e,t,r){const o=new Q(e);o.validateAsUri();const i=o.getUrlComponents();let s=`${t}.${i.HostNameAndPort}`;this.isPublicCloudAuthority(i.HostNameAndPort)&&(s=`${t}.${C.REGIONAL_AUTH_PUBLIC_CLOUD_SUFFIX}`);const a=Q.constructAuthorityUriFromObject({...o.getUrlComponents(),HostNameAndPort:s}).urlString;return r?`${a}?${r}`:a}static replaceWithRegionalInformation(e,t){const r={...e};return r.authorization_endpoint=Ee.buildRegionalAuthorityString(r.authorization_endpoint,t),r.token_endpoint=Ee.buildRegionalAuthorityString(r.token_endpoint,t),r.end_session_endpoint&&(r.end_session_endpoint=Ee.buildRegionalAuthorityString(r.end_session_endpoint,t)),r}static transformCIAMAuthority(e){let t=e;const o=new Q(e).getUrlComponents();if(o.PathSegments.length===0&&o.HostNameAndPort.endsWith(C.CIAM_AUTH_URL)){const i=o.HostNameAndPort.split(".")[0];t=`${t}${i}${C.AAD_TENANT_DOMAIN_SUFFIX}`}return t}}Ee.reservedTenantDomains=new Set(["{tenant}","{tenantid}",qt.COMMON,qt.CONSUMERS,qt.ORGANIZATIONS]);function Gp(n){var o;const r=(o=new Q(n).getUrlComponents().PathSegments.slice(-1)[0])==null?void 0:o.toLowerCase();switch(r){case qt.COMMON:case qt.ORGANIZATIONS:case qt.CONSUMERS:return;default:return r}}function md(n){return n.endsWith(C.FORWARD_SLASH)?n:`${n}${C.FORWARD_SLASH}`}function Cd(n){const e=n.cloudDiscoveryMetadata;let t;if(e)try{t=JSON.parse(e)}catch{throw oe(ls)}return{canonicalAuthority:n.authority?md(n.authority):void 0,knownAuthorities:n.knownAuthorities,cloudDiscoveryMetadata:t}}/! @azure/msal-common v15.4.0 2025-03-25 /async function yd(n,e,t,r,o,i,s){s==null\|\|s.addQueueMeasurement(f.AuthorityFactoryCreateDiscoveredInstance,i);const a=Ee.transformCIAMAuthority(md(n)),c=new Ee(a,e,t,r,o,i,s);try{return await T(c.resolveEndpointsAsync.bind(c),f.AuthorityResolveEndpointsAsync,o,s,i)(),c}catch{throw v(Ot)}}/! @azure/msal-common v15.4.0 2025-03-25 /class en extends Z{constructor(e,t,r,o,i){super(e,t,r),this.name="ServerError",this.errorNo=o,this.status=i,Object.setPrototypeOf(this,en.prototype)}}/! @azure/msal-common v15.4.0 2025-03-25 /function ko(n,e,t){var r;return{clientId:n,authority:e.authority,scopes:e.scopes,homeAccountIdentifier:t,claims:e.claims,authenticationScheme:e.authenticationScheme,resourceRequestMethod:e.resourceRequestMethod,resourceRequestUri:e.resourceRequestUri,shrClaims:e.shrClaims,sshKid:e.sshKid,embeddedClientId:e.embeddedClientId\|\|((r=e.tokenBodyParameters)==null?void 0:r.clientId)}}/! @azure/msal-common v15.4.0 2025-03-25 /class Ct{static generateThrottlingStorageKey(e){return`${ir.THROTTLING_PREFIX}.${JSON.stringify(e)}`}static preProcess(e,t){var i;const r=Ct.generateThrottlingStorageKey(t),o=e.getThrottlingCache(r);if(o){if(o.throttleTime<Date.now()){e.removeItem(r);return}throw new en(((i=o.errorCodes)==null?void 0:i.join(" "))\|\|C.EMPTY_STRING,o.errorMessage,o.subError)}}static postProcess(e,t,r){if(Ct.checkResponseStatus(r)\|\|Ct.checkResponseForRetryAfter(r)){const o={throttleTime:Ct.calculateThrottleTime(parseInt(r.headers[Me.RETRY_AFTER])),error:r.body.error,errorCodes:r.body.error_codes,errorMessage:r.body.error_description,subError:r.body.suberror};e.setThrottlingCache(Ct.generateThrottlingStorageKey(t),o)}}static checkResponseStatus(e){return e.status===429\|\|e.status>=500&&e.status<600}static checkResponseForRetryAfter(e){return e.headers?e.headers.hasOwnProperty(Me.RETRY_AFTER)&&(e.status<200\|\|e.status>=300):!1}static calculateThrottleTime(e){const t=e<=0?0:e,r=Date.now()/1e3;return Math.floor(Math.min(r+(t\|\|ir.DEFAULT_THROTTLE_TIME_SECONDS),r+ir.DEFAULT_MAX_THROTTLE_TIME_SECONDS)1e3)}static removeThrottle(e,t,r,o){const i=ko(t,r,o),s=this.generateThrottlingStorageKey(i);e.removeItem(s)}}/! @azure/msal-common v15.4.0 2025-03-25 /class Ro extends Z{constructor(e,t,r){super(e.errorCode,e.errorMessage,e.subError),Object.setPrototypeOf(this,Ro.prototype),this.name="NetworkError",this.error=e,this.httpStatus=t,this.responseHeaders=r}}function Ga(n,e,t){return new Ro(n,e,t)}/! @azure/msal-common v15.4.0 2025-03-25 /class Is{constructor(e,t){this.config=Bg(e),this.logger=new Ht(this.config.loggerOptions,Pl,ss),this.cryptoUtils=this.config.cryptoInterface,this.cacheManager=this.config.storageInterface,this.networkClient=this.config.networkInterface,this.serverTelemetryManager=this.config.serverTelemetryManager,this.authority=this.config.authOptions.authority,this.performanceClient=t}createTokenRequestHeaders(e){const t={};if(t[Me.CONTENT_TYPE]=C.URL_FORM_CONTENT_TYPE,!this.config.systemOptions.preventCorsPreflight&&e)switch(e.type){case it.HOME_ACCOUNT_ID:try{const r=Mn(e.credential);t[Me.CCS_HEADER]=`Oid:${r.uid}@${r.utid}`}catch(r){this.logger.verbose("Could not parse home account ID for CCS Header: "+r)}break;case it.UPN:t[Me.CCS_HEADER]=`UPN: ${e.credential}`;break}return t}async executePostToTokenEndpoint(e,t,r,o,i,s){var c;s&&((c=this.performanceClient)==null\|\|c.addQueueMeasurement(s,i));const a=await this.sendPostRequest(o,e,{body:t,headers:r},i);return this.config.serverTelemetryManager&&a.status<500&&a.status!==429&&this.config.serverTelemetryManager.clearTelemetryCache(),a}async sendPostRequest(e,t,r,o){var s,a,c;Ct.preProcess(this.cacheManager,e);let i;try{i=await T(this.networkClient.sendPostRequestAsync.bind(this.networkClient),f.NetworkClientSendPostRequestAsync,this.logger,this.performanceClient,o)(t,r);const d=i.headers\|\|{};(a=this.performanceClient)==null\|\|a.addFields({refreshTokenSize:((s=i.body.refresh_token)==null?void 0:s.length)\|\|0,httpVerToken:d[Me.X_MS_HTTP_VERSION]\|\|"",requestId:d[Me.X_MS_REQUEST_ID]\|\|""},o)}catch(d){if(d instanceof Ro){const l=d.responseHeaders;throw l&&((c=this.performanceClient)==null\|\|c.addFields({httpVerToken:l[Me.X_MS_HTTP_VERSION]\|\|"",requestId:l[Me.X_MS_REQUEST_ID]\|\|"",contentTypeHeader:l[Me.CONTENT_TYPE]\|\|void 0,contentLengthHeader:l[Me.CONTENT_LENGTH]\|\|void 0,httpStatus:d.httpStatus},o)),d.error}throw d instanceof Z?d:v(gl)}return Ct.postProcess(this.cacheManager,e,i),i}async updateAuthority(e,t){var i;(i=this.performanceClient)==null\|\|i.addQueueMeasurement(f.UpdateTokenEndpointAuthority,t);const r=`https://${e}/${this.authority.tenant}/`,o=await yd(r,this.networkClient,this.cacheManager,this.authority.options,this.logger,t,this.performanceClient);this.authority=o}createTokenQueryParameters(e){const t=new Map;return e.embeddedClientId&&So(t,this.config.authOptions.clientId,this.config.authOptions.redirectUri),e.tokenQueryParameters&&hn(t,e.tokenQueryParameters),ys(t,e.correlationId),_o(t,e.correlationId,this.performanceClient),gr(t)}}/! @azure/msal-common v15.4.0 2025-03-25 /const no="no_tokens_found",Td="native_account_unavailable",Es="refresh_token_expired",$p="interaction_required",zp="consent_required",qp="login_required",Oo="bad_token";/! @azure/msal-common v15.4.0 2025-03-25 /const $a=[$p,zp,qp,Oo],Vp=["message_only","additional_action","basic_action","user_password_expired","consent_required","bad_token"],jp={[no]:"No refresh token found in the cache. Please sign-in.",[Td]:"The requested account is not available in the native broker. It may have been deleted or logged out. Please sign-in again using an interactive API.",[Es]:"Refresh token has expired.",[Oo]:"Identity provider returned bad_token due to an expired or invalid refresh token. Please invoke an interactive API to resolve."};class nt extends Z{constructor(e,t,r,o,i,s,a,c){super(e,t,r),Object.setPrototypeOf(this,nt.prototype),this.timestamp=o\|\|C.EMPTY_STRING,this.traceId=i\|\|C.EMPTY_STRING,this.correlationId=s\|\|C.EMPTY_STRING,this.claims=a\|\|C.EMPTY_STRING,this.name="InteractionRequiredAuthError",this.errorNo=c}}function Ad(n,e,t){const r=!!n&&$a.indexOf(n)>-1,o=!!t&&Vp.indexOf(t)>-1,i=!!e&&$a.some(s=>e.indexOf(s)>-1);return r\|\|i\|\|o}function wi(n){return new nt(n,jp[n])}/! @azure/msal-common v15.4.0 2025-03-25 /class Fn{static setRequestState(e,t,r){const o=Fn.generateLibraryState(e,r);return t?`${o}${C.RESOURCE_DELIM}${t}`:o}static generateLibraryState(e,t){if(!e)throw v(Ci);const r={id:e.createNewGuid()};t&&(r.meta=t);const o=JSON.stringify(r);return e.base64Encode(o)}static parseRequestState(e,t){if(!e)throw v(Ci);if(!t)throw v(Ln);try{const r=t.split(C.RESOURCE_DELIM),o=r[0],i=r.length>1?r.slice(1).join(C.RESOURCE_DELIM):C.EMPTY_STRING,s=e.base64Decode(o),a=JSON.parse(s);return{userRequestState:i\|\|C.EMPTY_STRING,libraryState:a}}catch{throw v(Ln)}}}/! @azure/msal-common v15.4.0 2025-03-25 /const Wp={SW:"sw"};class Un{constructor(e,t){this.cryptoUtils=e,this.performanceClient=t}async generateCnf(e,t){var i;(i=this.performanceClient)==null\|\|i.addQueueMeasurement(f.PopTokenGenerateCnf,e.correlationId);const r=await T(this.generateKid.bind(this),f.PopTokenGenerateCnf,t,this.performanceClient,e.correlationId)(e),o=this.cryptoUtils.base64UrlEncode(JSON.stringify(r));return{kid:r.kid,reqCnfString:o}}async generateKid(e){var r;return(r=this.performanceClient)==null\|\|r.addQueueMeasurement(f.PopTokenGenerateKid,e.correlationId),{kid:await this.cryptoUtils.getPublicKeyThumbprint(e),xms_ksl:Wp.SW}}async signPopToken(e,t,r){return this.signPayload(e,t,r)}async signPayload(e,t,r,o){const{resourceRequestMethod:i,resourceRequestUri:s,shrClaims:a,shrNonce:c,shrOptions:d}=r,l=s?new Q(s):void 0,h=l==null?void 0:l.getUrlComponents();return this.cryptoUtils.signJwt({at:e,ts:Fe(),m:i==null?void 0:i.toUpperCase(),u:h==null?void 0:h.HostNameAndPort,nonce:c\|\|this.cryptoUtils.createNewGuid(),p:h==null?void 0:h.AbsolutePath,q:h!=null&&h.QueryString?[[],h.QueryString]:void 0,client_claims:a\|\|void 0,...o},t,d,r.correlationId)}}/! @azure/msal-common v15.4.0 2025-03-25 /class Yp{constructor(e,t){this.cache=e,this.hasChanged=t}get cacheHasChanged(){return this.hasChanged}get tokenCache(){return this.cache}}/! @azure/msal-common v15.4.0 2025-03-25 */class pn{constructor(e,t,r,o,i,s,a){this.clientId=e,this.cacheStorage=t,this.cryptoObj=r,this.logger=o,this.serializableCache=i,this.persistencePlugin=s,this.performanceClient=a}validateTokenResponse(e,t){var r;if(e.error\|\|e.error_description\|\|e.suberror){const o=`Error(s): ${e.error_codes\|\|C.NOT_AVAILABLE} - Timestamp: ${e.timestamp\|\|C.NOT_AVAILABLE} - Description: ${e.error_description\|\|C.NOT_AVAILABLE} - Correlation ID: ${e.correlation_id\|\|C.NOT_AVAILABLE} - Trace ID: ${e.trace_id\|\|C.NOT_AVAILABLE}`,i=(r=e.error_codes)!=null&&r.length?e.error_codes[0]:void 0,s=new en(e.error,o,e.suberror,i,e.status);if(t&&e.status&&e.status>=_r.SERVER_ERROR_RANGE_START&&e.status<=_r.SERVER_ERROR_RANGE_END){this.logger.warning(`executeTokenRequest:validateTokenResponse - AAD is currently unavailable and the access token is unable to be refreshed.
	-${s}`);return}else if(t&&e.status&&e.status>=_r.CLIENT_ERROR_RANGE_START&&e.status<=_r.CLIENT_ERROR_RANGE_END){this.logger.warning(`executeTokenRequest:validateTokenResponse - AAD is currently available but is unable to refresh the access token.
	-${s}`);return}throw Ad(e.error,e.error_description,e.suberror)?new nt(e.error,e.error_description,e.suberror,e.timestamp\|\|C.EMPTY_STRING,e.trace_id\|\|C.EMPTY_STRING,e.correlation_id\|\|C.EMPTY_STRING,e.claims\|\|C.EMPTY_STRING,i):s}}async handleServerTokenResponse(e,t,r,o,i,s,a,c,d){var b;(b=this.performanceClient)==null\|\|b.addQueueMeasurement(f.HandleServerTokenResponse,e.correlation_id);let l;if(e.id_token){if(l=Yt(e.id_token\|\|C.EMPTY_STRING,this.cryptoObj.base64Decode),i&&i.nonce&&l.nonce!==i.nonce)throw v(yl);if(o.maxAge\|\|o.maxAge===0){const S=l.auth_time;if(!S)throw v(ns);Nl(S,o.maxAge)}}this.homeAccountIdentifier=Re.generateHomeAccountId(e.client_info\|\|C.EMPTY_STRING,t.authorityType,this.logger,this.cryptoObj,l);let h;i&&i.state&&(h=Fn.parseRequestState(this.cryptoObj,i.state)),e.key_id=e.key_id\|\|o.sshKid\|\|void 0;const p=this.generateCacheRecord(e,t,r,o,l,s,i);let y;try{if(this.persistencePlugin&&this.serializableCache&&(this.logger.verbose("Persistence enabled, calling beforeCacheAccess"),y=new Yp(this.serializableCache,!0),await this.persistencePlugin.beforeCacheAccess(y)),a&&!c&&p.account){const S=p.account.generateAccountKey();if(!this.cacheStorage.getAccount(S))return this.logger.warning("Account used to refresh tokens not in persistence, refreshed tokens will not be stored in the cache"),await pn.generateAuthenticationResult(this.cryptoObj,t,p,!1,o,l,h,void 0,d)}await this.cacheStorage.saveCacheRecord(p,o.correlationId,o.storeInCache)}finally{this.persistencePlugin&&this.serializableCache&&y&&(this.logger.verbose("Persistence enabled, calling afterCacheAccess"),await this.persistencePlugin.afterCacheAccess(y))}return pn.generateAuthenticationResult(this.cryptoObj,t,p,!1,o,l,h,e,d)}generateCacheRecord(e,t,r,o,i,s,a){const c=t.getPreferredCache();if(!c)throw v(os);const d=Yl(i);let l,h;e.id_token&&i&&(l=To(this.homeAccountIdentifier,c,e.id_token,this.clientId,d\|\|""),h=_s(this.cacheStorage,t,this.homeAccountIdentifier,this.cryptoObj.base64Decode,i,e.client_info,c,d,a,void 0,this.logger));let p=null;if(e.access_token){const S=e.scope?fe.fromString(e.scope):new fe(o.scopes\|\|[]),q=(typeof e.expires_in=="string"?parseInt(e.expires_in,10):e.expires_in)\|\|0,D=(typeof e.ext_expires_in=="string"?parseInt(e.ext_expires_in,10):e.ext_expires_in)\|\|0,V=(typeof e.refresh_in=="string"?parseInt(e.refresh_in,10):e.refresh_in)\|\|void 0,J=r+q,H=J+D,ae=V&&V>0?r+V:void 0;p=Ao(this.homeAccountIdentifier,c,e.access_token,this.clientId,d\|\|t.tenant\|\|"",S.printScopes(),J,H,this.cryptoObj.base64Decode,ae,e.token_type,s,e.key_id,o.claims,o.requestedClaimsHash)}let y=null;if(e.refresh_token){let S;if(e.refresh_token_expires_in){const q=typeof e.refresh_token_expires_in=="string"?parseInt(e.refresh_token_expires_in,10):e.refresh_token_expires_in;S=r+q}y=xl(this.homeAccountIdentifier,c,e.refresh_token,this.clientId,e.foci,s,S)}let b=null;return e.foci&&(b={clientId:this.clientId,environment:c,familyId:e.foci}),{account:h,idToken:l,accessToken:p,refreshToken:y,appMetadata:b}}static async generateAuthenticationResult(e,t,r,o,i,s,a,c,d){var J,H,ae,Be,me;let l=C.EMPTY_STRING,h=[],p=null,y,b,S=C.EMPTY_STRING;if(r.accessToken){if(r.accessToken.tokenType===X.POP&&!i.popKid){const Ye=new Un(e),{secret:Ut,keyId:Qe}=r.accessToken;if(!Qe)throw v(is);l=await Ye.signPopToken(Ut,Qe,i)}else l=r.accessToken.secret;h=fe.fromString(r.accessToken.target).asArray(),p=xt(r.accessToken.expiresOn),y=xt(r.accessToken.extendedExpiresOn),r.accessToken.refreshOn&&(b=xt(r.accessToken.refreshOn))}r.appMetadata&&(S=r.appMetadata.familyId===or?or:"");const q=(s==null?void 0:s.oid)\|\|(s==null?void 0:s.sub)\|\|"",D=(s==null?void 0:s.tid)\|\|"";c!=null&&c.spa_accountid&&r.account&&(r.account.nativeAccountId=c==null?void 0:c.spa_accountid);const V=r.account?hs(r.account.getAccountInfo(),void 0,s,(J=r.idToken)==null?void 0:J.secret):null;return{authority:t.canonicalAuthority,uniqueId:q,tenantId:D,scopes:h,account:V,idToken:((H=r==null?void 0:r.idToken)==null?void 0:H.secret)\|\|"",idTokenClaims:s\|\|{},accessToken:l,fromCache:o,expiresOn:p,extExpiresOn:y,refreshOn:b,correlationId:i.correlationId,requestId:d\|\|C.EMPTY_STRING,familyId:S,tokenType:((ae=r.accessToken)==null?void 0:ae.tokenType)\|\|C.EMPTY_STRING,state:a?a.userRequestState:C.EMPTY_STRING,cloudGraphHostName:((Be=r.account)==null?void 0:Be.cloudGraphHostName)\|\|C.EMPTY_STRING,msGraphHost:((me=r.account)==null?void 0:me.msGraphHost)\|\|C.EMPTY_STRING,code:c==null?void 0:c.spa_code,fromNativeBroker:!1}}}function _s(n,e,t,r,o,i,s,a,c,d,l){l==null\|\|l.verbose("setCachedAccount called");const p=n.getAccountKeys().find(D=>D.startsWith(t));let y=null;p&&(y=n.getAccount(p));const b=y\|\|Re.createAccount({homeAccountId:t,idTokenClaims:o,clientInfo:i,environment:s,cloudGraphHostName:c==null?void 0:c.cloud_graph_host_name,msGraphHost:c==null?void 0:c.msgraph_host,nativeAccountId:d},e,r),S=b.tenantProfiles\|\|[],q=a\|\|b.realm;if(q&&!S.find(D=>D.tenantId===q)){const D=Eo(t,b.localAccountId,q,o);S.push(D)}return b.tenantProfiles=S,b}/! @azure/msal-common v15.4.0 2025-03-25 /class Qp{static validateRedirectUri(e){if(!e)throw oe(Hl)}static validatePrompt(e){const t=[];for(const r in Ae)t.push(Ae[r]);if(t.indexOf(e)<0)throw oe(Fl)}static validateClaims(e){try{JSON.parse(e)}catch{throw oe(vo)}}static validateCodeChallengeParams(e,t){if(!e\|\|!t)throw oe(wo);this.validateCodeChallengeMethod(t)}static validateCodeChallengeMethod(e){if([Oa.PLAIN,Oa.S256].indexOf(e)<0)throw oe(Gl)}}/! @azure/msal-common v15.4.0 2025-03-25 /async function vd(n,e,t){return typeof n=="string"?n:n({clientId:e,tokenEndpoint:t})}/! @azure/msal-common v15.4.0 2025-03-25 /class wd extends Is{constructor(e,t){var r;super(e,t),this.includeRedirectUri=!0,this.oidcDefaultScopes=(r=this.config.authOptions.authority.options.OIDCOptions)==null?void 0:r.defaultScopes}async acquireToken(e,t){var a,c;if((a=this.performanceClient)==null\|\|a.addQueueMeasurement(f.AuthClientAcquireToken,e.correlationId),!e.code)throw v(vl);const r=Fe(),o=await T(this.executeTokenRequest.bind(this),f.AuthClientExecuteTokenRequest,this.logger,this.performanceClient,e.correlationId)(this.authority,e),i=(c=o.headers)==null?void 0:c[Me.X_MS_REQUEST_ID],s=new pn(this.config.authOptions.clientId,this.cacheManager,this.cryptoUtils,this.logger,this.config.serializableCache,this.config.persistencePlugin,this.performanceClient);return s.validateTokenResponse(o.body),T(s.handleServerTokenResponse.bind(s),f.HandleServerTokenResponse,this.logger,this.performanceClient,e.correlationId)(o.body,this.authority,r,e,t,void 0,void 0,void 0,i)}getLogoutUri(e){if(!e)throw oe(Bl);const t=this.createLogoutUrlQueryString(e);return Q.appendQueryString(this.authority.endSessionEndpoint,t)}async executeTokenRequest(e,t){var d;(d=this.performanceClient)==null\|\|d.addQueueMeasurement(f.AuthClientExecuteTokenRequest,t.correlationId);const r=this.createTokenQueryParameters(t),o=Q.appendQueryString(e.tokenEndpoint,r),i=await T(this.createTokenRequestBody.bind(this),f.AuthClientCreateTokenRequestBody,this.logger,this.performanceClient,t.correlationId)(t);let s;if(t.clientInfo)try{const l=Qr(t.clientInfo,this.cryptoUtils.base64Decode);s={credential:`${l.uid}${be.CLIENT_INFO_SEPARATOR}${l.utid}`,type:it.HOME_ACCOUNT_ID}}catch(l){this.logger.verbose("Could not parse client info for CCS Header: "+l)}const a=this.createTokenRequestHeaders(s\|\|t.ccsCredential),c=ko(this.config.authOptions.clientId,t);return T(this.executePostToTokenEndpoint.bind(this),f.AuthorizationCodeClientExecutePostToTokenEndpoint,this.logger,this.performanceClient,t.correlationId)(o,i,a,c,t.correlationId,f.AuthorizationCodeClientExecutePostToTokenEndpoint)}async createTokenRequestBody(e){var o,i;(o=this.performanceClient)==null\|\|o.addQueueMeasurement(f.AuthClientCreateTokenRequestBody,e.correlationId);const t=new Map;if(ps(t,e.embeddedClientId\|\|((i=e.tokenBodyParameters)==null?void 0:i[gn])\|\|this.config.authOptions.clientId),this.includeRedirectUri?ms(t,e.redirectUri):Qp.validateRedirectUri(e.redirectUri),gs(t,e.scopes,!0,this.oidcDefaultScopes),Mp(t,e.code),Ts(t,this.config.libraryInfo),As(t,this.config.telemetry.application),pd(t),this.serverTelemetryManager&&!td(this.config)&&gd(t,this.serverTelemetryManager),e.codeVerifier&&Hp(t,e.codeVerifier),this.config.clientCredentials.clientSecret&&ad(t,this.config.clientCredentials.clientSecret),this.config.clientCredentials.clientAssertion){const s=this.config.clientCredentials.clientAssertion;cd(t,await vd(s.assertion,this.config.authOptions.clientId,e.resourceRequestUri)),ld(t,s.assertionType)}if(dd(t,hl.AUTHORIZATION_CODE_GRANT),vs(t),e.authenticationScheme===X.POP){const s=new Un(this.cryptoUtils,this.performanceClient);let a;e.popKid?a=this.cryptoUtils.encodeKid(e.popKid):a=(await T(s.generateCnf.bind(s),f.PopTokenGenerateCnf,this.logger,this.performanceClient,e.correlationId)(e,this.logger)).reqCnfString,ws(t,a)}else if(e.authenticationScheme===X.SSH)if(e.sshJwk)fd(t,e.sshJwk);else throw oe(Io);(!at.isEmptyObj(e.claims)\|\|this.config.authOptions.clientCapabilities&&this.config.authOptions.clientCapabilities.length>0)&&Cs(t,e.claims,this.config.authOptions.clientCapabilities);let r;if(e.clientInfo)try{const s=Qr(e.clientInfo,this.cryptoUtils.base64Decode);r={credential:`${s.uid}${be.CLIENT_INFO_SEPARATOR}${s.utid}`,type:it.HOME_ACCOUNT_ID}}catch(s){this.logger.verbose("Could not parse client info for CCS Header: "+s)}else r=e.ccsCredential;if(this.config.systemOptions.preventCorsPreflight&&r)switch(r.type){case it.HOME_ACCOUNT_ID:try{const s=Mn(r.credential);ar(t,s)}catch(s){this.logger.verbose("Could not parse home account ID for CCS Header: "+s)}break;case it.UPN:to(t,r.credential);break}return e.embeddedClientId&&So(t,this.config.authOptions.clientId,this.config.authOptions.redirectUri),e.tokenBodyParameters&&hn(t,e.tokenBodyParameters),e.enableSpaAuthorizationCode&&(!e.tokenBodyParameters\|\|!e.tokenBodyParameters[Ka])&&hn(t,{[Ka]:"1"}),_o(t,e.correlationId,this.performanceClient),gr(t)}createLogoutUrlQueryString(e){const t=new Map;return e.postLogoutRedirectUri&&bp(t,e.postLogoutRedirectUri),e.correlationId&&ys(t,e.correlationId),e.idTokenHint&&kp(t,e.idTokenHint),e.state&&sd(t,e.state),e.logoutHint&&Lp(t,e.logoutHint),e.extraQueryParameters&&hn(t,e.extraQueryParameters),this.config.authOptions.instanceAware&&hd(t),gr(t)}}/! @azure/msal-common v15.4.0 2025-03-25 /const Jp=300;class Xp extends Is{constructor(e,t){super(e,t)}async acquireToken(e){var s,a;(s=this.performanceClient)==null\|\|s.addQueueMeasurement(f.RefreshTokenClientAcquireToken,e.correlationId);const t=Fe(),r=await T(this.executeTokenRequest.bind(this),f.RefreshTokenClientExecuteTokenRequest,this.logger,this.performanceClient,e.correlationId)(e,this.authority),o=(a=r.headers)==null?void 0:a[Me.X_MS_REQUEST_ID],i=new pn(this.config.authOptions.clientId,this.cacheManager,this.cryptoUtils,this.logger,this.config.serializableCache,this.config.persistencePlugin);return i.validateTokenResponse(r.body),T(i.handleServerTokenResponse.bind(i),f.HandleServerTokenResponse,this.logger,this.performanceClient,e.correlationId)(r.body,this.authority,t,e,void 0,void 0,!0,e.forceCache,o)}async acquireTokenByRefreshToken(e){var r;if(!e)throw oe(Kl);if((r=this.performanceClient)==null\|\|r.addQueueMeasurement(f.RefreshTokenClientAcquireTokenByRefreshToken,e.correlationId),!e.account)throw v(rs);if(this.cacheManager.isAppMetadataFOCI(e.account.environment))try{return await T(this.acquireTokenWithCachedRefreshToken.bind(this),f.RefreshTokenClientAcquireTokenWithCachedRefreshToken,this.logger,this.performanceClient,e.correlationId)(e,!0)}catch(o){const i=o instanceof nt&&o.errorCode===no,s=o instanceof en&&o.errorCode===Pa.INVALID_GRANT_ERROR&&o.subError===Pa.CLIENT_MISMATCH_ERROR;if(i\|\|s)return T(this.acquireTokenWithCachedRefreshToken.bind(this),f.RefreshTokenClientAcquireTokenWithCachedRefreshToken,this.logger,this.performanceClient,e.correlationId)(e,!1);throw o}return T(this.acquireTokenWithCachedRefreshToken.bind(this),f.RefreshTokenClientAcquireTokenWithCachedRefreshToken,this.logger,this.performanceClient,e.correlationId)(e,!1)}async acquireTokenWithCachedRefreshToken(e,t){var i,s,a;(i=this.performanceClient)==null\|\|i.addQueueMeasurement(f.RefreshTokenClientAcquireTokenWithCachedRefreshToken,e.correlationId);const r=lt(this.cacheManager.getRefreshToken.bind(this.cacheManager),f.CacheManagerGetRefreshToken,this.logger,this.performanceClient,e.correlationId)(e.account,t,void 0,this.performanceClient,e.correlationId);if(!r)throw wi(no);if(r.expiresOn&&Yr(r.expiresOn,e.refreshTokenExpirationOffsetSeconds\|\|Jp))throw(s=this.performanceClient)==null\|\|s.addFields({rtExpiresOnMs:Number(r.expiresOn)},e.correlationId),wi(Es);const o={...e,refreshToken:r.secret,authenticationScheme:e.authenticationScheme\|\|X.BEARER,ccsCredential:{credential:e.account.homeAccountId,type:it.HOME_ACCOUNT_ID}};try{return await T(this.acquireToken.bind(this),f.RefreshTokenClientAcquireToken,this.logger,this.performanceClient,e.correlationId)(o)}catch(c){if(c instanceof nt&&((a=this.performanceClient)==null\|\|a.addFields({rtExpiresOnMs:Number(r.expiresOn)},e.correlationId),c.subError===Oo)){this.logger.verbose("acquireTokenWithRefreshToken: bad refresh token, removing from cache");const d=sr(r);this.cacheManager.removeRefreshToken(d)}throw c}}async executeTokenRequest(e,t){var c;(c=this.performanceClient)==null\|\|c.addQueueMeasurement(f.RefreshTokenClientExecuteTokenRequest,e.correlationId);const r=this.createTokenQueryParameters(e),o=Q.appendQueryString(t.tokenEndpoint,r),i=await T(this.createTokenRequestBody.bind(this),f.RefreshTokenClientCreateTokenRequestBody,this.logger,this.performanceClient,e.correlationId)(e),s=this.createTokenRequestHeaders(e.ccsCredential),a=ko(this.config.authOptions.clientId,e);return T(this.executePostToTokenEndpoint.bind(this),f.RefreshTokenClientExecutePostToTokenEndpoint,this.logger,this.performanceClient,e.correlationId)(o,i,s,a,e.correlationId,f.RefreshTokenClientExecutePostToTokenEndpoint)}async createTokenRequestBody(e){var r,o,i;(r=this.performanceClient)==null\|\|r.addQueueMeasurement(f.RefreshTokenClientCreateTokenRequestBody,e.correlationId);const t=new Map;if(ps(t,e.embeddedClientId\|\|((o=e.tokenBodyParameters)==null?void 0:o[gn])\|\|this.config.authOptions.clientId),e.redirectUri&&ms(t,e.redirectUri),gs(t,e.scopes,!0,(i=this.config.authOptions.authority.options.OIDCOptions)==null?void 0:i.defaultScopes),dd(t,hl.REFRESH_TOKEN_GRANT),vs(t),Ts(t,this.config.libraryInfo),As(t,this.config.telemetry.application),pd(t),this.serverTelemetryManager&&!td(this.config)&&gd(t,this.serverTelemetryManager),xp(t,e.refreshToken),this.config.clientCredentials.clientSecret&&ad(t,this.config.clientCredentials.clientSecret),this.config.clientCredentials.clientAssertion){const s=this.config.clientCredentials.clientAssertion;cd(t,await vd(s.assertion,this.config.authOptions.clientId,e.resourceRequestUri)),ld(t,s.assertionType)}if(e.authenticationScheme===X.POP){const s=new Un(this.cryptoUtils,this.performanceClient);let a;e.popKid?a=this.cryptoUtils.encodeKid(e.popKid):a=(await T(s.generateCnf.bind(s),f.PopTokenGenerateCnf,this.logger,this.performanceClient,e.correlationId)(e,this.logger)).reqCnfString,ws(t,a)}else if(e.authenticationScheme===X.SSH)if(e.sshJwk)fd(t,e.sshJwk);else throw oe(Io);if((!at.isEmptyObj(e.claims)\|\|this.config.authOptions.clientCapabilities&&this.config.authOptions.clientCapabilities.length>0)&&Cs(t,e.claims,this.config.authOptions.clientCapabilities),this.config.systemOptions.preventCorsPreflight&&e.ccsCredential)switch(e.ccsCredential.type){case it.HOME_ACCOUNT_ID:try{const s=Mn(e.ccsCredential.credential);ar(t,s)}catch(s){this.logger.verbose("Could not parse home account ID for CCS Header: "+s)}break;case it.UPN:to(t,e.ccsCredential.credential);break}return e.embeddedClientId&&So(t,this.config.authOptions.clientId,this.config.authOptions.redirectUri),e.tokenBodyParameters&&hn(t,e.tokenBodyParameters),_o(t,e.correlationId,this.performanceClient),gr(t)}}/! @azure/msal-common v15.4.0 2025-03-25 /class Zp extends Is{constructor(e,t){super(e,t)}async acquireCachedToken(e){var c;(c=this.performanceClient)==null\|\|c.addQueueMeasurement(f.SilentFlowClientAcquireCachedToken,e.correlationId);let t=cn.NOT_APPLICABLE;if(e.forceRefresh\|\|!this.config.cacheOptions.claimsBasedCachingEnabled&&!at.isEmptyObj(e.claims))throw this.setCacheOutcome(cn.FORCE_REFRESH_OR_CLAIMS,e.correlationId),v(Vt);if(!e.account)throw v(rs);const r=e.account.tenantId\|\|Gp(e.authority),o=this.cacheManager.getTokenKeys(),i=this.cacheManager.getAccessToken(e.account,e,o,r,this.performanceClient,e.correlationId);if(i){if(Ml(i.cachedAt)\|\|Yr(i.expiresOn,this.config.systemOptions.tokenRenewalOffsetSeconds))throw this.setCacheOutcome(cn.CACHED_ACCESS_TOKEN_EXPIRED,e.correlationId),v(Vt);i.refreshOn&&Yr(i.refreshOn,0)&&(t=cn.PROACTIVELY_REFRESHED)}else throw this.setCacheOutcome(cn.NO_CACHED_ACCESS_TOKEN,e.correlationId),v(Vt);const s=e.authority\|\|this.authority.getPreferredCache(),a={account:this.cacheManager.readAccountFromCache(e.account),accessToken:i,idToken:this.cacheManager.getIdToken(e.account,o,r,this.performanceClient,e.correlationId),refreshToken:null,appMetadata:this.cacheManager.readAppMetadataFromCache(s)};return this.setCacheOutcome(t,e.correlationId),this.config.serverTelemetryManager&&this.config.serverTelemetryManager.incrementCacheHits(),[await T(this.generateResultFromCacheRecord.bind(this),f.SilentFlowClientGenerateResultFromCacheRecord,this.logger,this.performanceClient,e.correlationId)(a,e),t]}setCacheOutcome(e,t){var r,o;(r=this.serverTelemetryManager)==null\|\|r.setCacheOutcome(e),(o=this.performanceClient)==null\|\|o.addFields({cacheOutcome:e},t),e!==cn.NOT_APPLICABLE&&this.logger.info(`Token refresh is required due to cache outcome: ${e}`)}async generateResultFromCacheRecord(e,t){var o;(o=this.performanceClient)==null\|\|o.addQueueMeasurement(f.SilentFlowClientGenerateResultFromCacheRecord,t.correlationId);let r;if(e.idToken&&(r=Yt(e.idToken.secret,this.config.cryptoInterface.base64Decode)),t.maxAge\|\|t.maxAge===0){const i=r==null?void 0:r.auth_time;if(!i)throw v(ns);Nl(i,t.maxAge)}return pn.generateAuthenticationResult(this.cryptoUtils,this.authority,e,!0,t,r)}}/! @azure/msal-common v15.4.0 2025-03-25 /const em={sendGetRequestAsync:()=>Promise.reject(v(z)),sendPostRequestAsync:()=>Promise.reject(v(z))};/! @azure/msal-common v15.4.0 2025-03-25 /function tm(n,e,t,r){var a,c;const o=e.correlationId,i=new Map;ps(i,e.embeddedClientId\|\|((a=e.extraQueryParameters)==null?void 0:a[gn])\|\|n.clientId);const s=[...e.scopes\|\|[],...e.extraScopesToConsent\|\|[]];if(gs(i,s,!0,(c=n.authority.options.OIDCOptions)==null?void 0:c.defaultScopes),ms(i,e.redirectUri),ys(i,o),_p(i,e.responseMode),vs(i),e.prompt&&(Op(i,e.prompt),r==null\|\|r.addFields({prompt:e.prompt},o)),e.domainHint&&(Rp(i,e.domainHint),r==null\|\|r.addFields({domainHintFromRequest:!0},o)),e.prompt!==Ae.SELECT_ACCOUNT)if(e.sid&&e.prompt===Ae.NONE)t.verbose("createAuthCodeUrlQueryString: Prompt is none, adding sid from request"),Ba(i,e.sid),r==null\|\|r.addFields({sidFromRequest:!0},o);else if(e.account){const d=om(e.account);let l=im(e.account);if(l&&e.domainHint&&(t.warning('AuthorizationCodeClient.createAuthCodeUrlQueryString: "domainHint" param is set, skipping opaque "login_hint" claim. Please consider not passing domainHint'),l=null),l){t.verbose("createAuthCodeUrlQueryString: login_hint claim present on account"),Or(i,l),r==null\|\|r.addFields({loginHintFromClaim:!0},o);try{const h=Mn(e.account.homeAccountId);ar(i,h)}catch{t.verbose("createAuthCodeUrlQueryString: Could not parse home account ID for CCS Header")}}else if(d&&e.prompt===Ae.NONE){t.verbose("createAuthCodeUrlQueryString: Prompt is none, adding sid from account"),Ba(i,d),r==null\|\|r.addFields({sidFromClaim:!0},o);try{const h=Mn(e.account.homeAccountId);ar(i,h)}catch{t.verbose("createAuthCodeUrlQueryString: Could not parse home account ID for CCS Header")}}else if(e.loginHint)t.verbose("createAuthCodeUrlQueryString: Adding login_hint from request"),Or(i,e.loginHint),to(i,e.loginHint),r==null\|\|r.addFields({loginHintFromRequest:!0},o);else if(e.account.username){t.verbose("createAuthCodeUrlQueryString: Adding login_hint from account"),Or(i,e.account.username),r==null\|\|r.addFields({loginHintFromUpn:!0},o);try{const h=Mn(e.account.homeAccountId);ar(i,h)}catch{t.verbose("createAuthCodeUrlQueryString: Could not parse home account ID for CCS Header")}}}else e.loginHint&&(t.verbose("createAuthCodeUrlQueryString: No account, adding login_hint from request"),Or(i,e.loginHint),to(i,e.loginHint),r==null\|\|r.addFields({loginHintFromRequest:!0},o));else t.verbose("createAuthCodeUrlQueryString: Prompt is select_account, ignoring account hints");return e.nonce&&Pp(i,e.nonce),e.state&&sd(i,e.state),(e.claims\|\|n.clientCapabilities&&n.clientCapabilities.length>0)&&Cs(i,e.claims,n.clientCapabilities),e.embeddedClientId&&So(i,n.clientId,n.redirectUri),n.instanceAware&&(!e.extraQueryParameters\|\|!Object.keys(e.extraQueryParameters).includes(vi))&&hd(i),i}function Id(n,e){const t=gr(e);return Q.appendQueryString(n.authorizationEndpoint,t)}function nm(n,e){if(Ed(n,e),!n.code)throw v(Sl);return n}function Ed(n,e){if(!n.state\|\|!e)throw n.state?v(pi,"Cached State"):v(pi,"Server State");let t,r;try{t=decodeURIComponent(n.state)}catch{throw v(Ln,n.state)}try{r=decodeURIComponent(e)}catch{throw v(Ln,n.state)}if(t!==r)throw v(Cl);if(n.error\|\|n.error_description\|\|n.suberror){const o=rm(n);throw Ad(n.error,n.error_description,n.suberror)?new nt(n.error\|\|"",n.error_description,n.suberror,n.timestamp\|\|"",n.trace_id\|\|"",n.correlation_id\|\|"",n.claims\|\|"",o):new en(n.error\|\|"",n.error_description,n.suberror,o)}}function rm(n){var r,o;const e="code=",t=(r=n.error_uri)==null?void 0:r.lastIndexOf(e);return t&&t>=0?(o=n.error_uri)==null?void 0:o.substring(t+e.length):void 0}function om(n){var e;return((e=n.idTokenClaims)==null?void 0:e.sid)\|\|null}function im(n){var e;return((e=n.idTokenClaims)==null?void 0:e.login_hint)\|\|null}/! @azure/msal-common v15.4.0 2025-03-25 /const za=",",_d="\|";function sm(n){const{skus:e,libraryName:t,libraryVersion:r,extensionName:o,extensionVersion:i}=n,s=new Map([[0,[t,r]],[2,[o,i]]]);let a=[];if(e!=null&&e.length){if(a=e.split(za),a.length<4)return e}else a=Array.from({length:4},()=>_d);return s.forEach((c,d)=>{var l,h;c.length===2&&((l=c[0])!=null&&l.length)&&((h=c[1])!=null&&h.length)&&am({skuArr:a,index:d,skuName:c[0],skuVersion:c[1]})}),a.join(za)}function am(n){const{skuArr:e,index:t,skuName:r,skuVersion:o}=n;t>=e.length\|\|(e[t]=[r,o].join(_d))}class pr{constructor(e,t){this.cacheOutcome=cn.NOT_APPLICABLE,this.cacheManager=t,this.apiId=e.apiId,this.correlationId=e.correlationId,this.wrapperSKU=e.wrapperSKU\|\|C.EMPTY_STRING,this.wrapperVer=e.wrapperVer\|\|C.EMPTY_STRING,this.telemetryCacheKey=Te.CACHE_KEY+be.CACHE_KEY_SEPARATOR+e.clientId}generateCurrentRequestHeaderValue(){const e=`${this.apiId}${Te.VALUE_SEPARATOR}${this.cacheOutcome}`,t=[this.wrapperSKU,this.wrapperVer],r=this.getNativeBrokerErrorCode();r!=null&&r.length&&t.push(`broker_error=${r}`);const o=t.join(Te.VALUE_SEPARATOR),i=this.getRegionDiscoveryFields(),s=[e,i].join(Te.VALUE_SEPARATOR);return[Te.SCHEMA_VERSION,s,o].join(Te.CATEGORY_SEPARATOR)}generateLastRequestHeaderValue(){const e=this.getLastRequests(),t=pr.maxErrorsToSend(e),r=e.failedRequests.slice(0,2t).join(Te.VALUE_SEPARATOR),o=e.errors.slice(0,t).join(Te.VALUE_SEPARATOR),i=e.errors.length,s=t<i?Te.OVERFLOW_TRUE:Te.OVERFLOW_FALSE,a=[i,s].join(Te.VALUE_SEPARATOR);return[Te.SCHEMA_VERSION,e.cacheHits,r,o,a].join(Te.CATEGORY_SEPARATOR)}cacheFailedRequest(e){const t=this.getLastRequests();t.errors.length>=Te.MAX_CACHED_ERRORS&&(t.failedRequests.shift(),t.failedRequests.shift(),t.errors.shift()),t.failedRequests.push(this.apiId,this.correlationId),e instanceof Error&&e&&e.toString()?e instanceof Z?e.subError?t.errors.push(e.subError):e.errorCode?t.errors.push(e.errorCode):t.errors.push(e.toString()):t.errors.push(e.toString()):t.errors.push(Te.UNKNOWN_ERROR),this.cacheManager.setServerTelemetry(this.telemetryCacheKey,t)}incrementCacheHits(){const e=this.getLastRequests();return e.cacheHits+=1,this.cacheManager.setServerTelemetry(this.telemetryCacheKey,e),e.cacheHits}getLastRequests(){const e={failedRequests:[],errors:[],cacheHits:0};return this.cacheManager.getServerTelemetry(this.telemetryCacheKey)\|\|e}clearTelemetryCache(){const e=this.getLastRequests(),t=pr.maxErrorsToSend(e),r=e.errors.length;if(t===r)this.cacheManager.removeItem(this.telemetryCacheKey);else{const o={failedRequests:e.failedRequests.slice(t2),errors:e.errors.slice(t),cacheHits:0};this.cacheManager.setServerTelemetry(this.telemetryCacheKey,o)}}static maxErrorsToSend(e){let t,r=0,o=0;const i=e.errors.length;for(t=0;t<i;t++){const s=e.failedRequests[2t]\|\|C.EMPTY_STRING,a=e.failedRequests[2t+1]\|\|C.EMPTY_STRING,c=e.errors[t]\|\|C.EMPTY_STRING;if(o+=s.toString().length+a.toString().length+c.length+3,o<Te.MAX_LAST_HEADER_BYTES)r+=1;else break}return r}getRegionDiscoveryFields(){const e=[];return e.push(this.regionUsed\|\|C.EMPTY_STRING),e.push(this.regionSource\|\|C.EMPTY_STRING),e.push(this.regionOutcome\|\|C.EMPTY_STRING),e.join(",")}updateRegionDiscoveryMetadata(e){this.regionUsed=e.region_used,this.regionSource=e.region_source,this.regionOutcome=e.region_outcome}setCacheOutcome(e){this.cacheOutcome=e}setNativeBrokerErrorCode(e){const t=this.getLastRequests();t.nativeBrokerErrorCode=e,this.cacheManager.setServerTelemetry(this.telemetryCacheKey,t)}getNativeBrokerErrorCode(){return this.getLastRequests().nativeBrokerErrorCode}clearNativeBrokerErrorCode(){const e=this.getLastRequests();delete e.nativeBrokerErrorCode,this.cacheManager.setServerTelemetry(this.telemetryCacheKey,e)}static makeExtraSkuString(e){return sm(e)}}/! @azure/msal-common v15.4.0 2025-03-25 /const Sd="missing_kid_error",bd="missing_alg_error";/! @azure/msal-common v15.4.0 2025-03-25 /const cm={[Sd]:"The JOSE Header for the requested JWT, JWS or JWK object requires a keyId to be configured as the 'kid' header claim. No 'kid' value was provided.",[bd]:"The JOSE Header for the requested JWT, JWS or JWK object requires an algorithm to be specified as the 'alg' header claim. No 'alg' value was provided."};class Ss extends Z{constructor(e,t){super(e,t),this.name="JoseHeaderError",Object.setPrototypeOf(this,Ss.prototype)}}function qa(n){return new Ss(n,cm[n])}/! @azure/msal-common v15.4.0 2025-03-25 /class bs{constructor(e){this.typ=e.typ,this.alg=e.alg,this.kid=e.kid}static getShrHeaderString(e){if(!e.kid)throw qa(Sd);if(!e.alg)throw qa(bd);const t=new bs({typ:e.typ\|\|tg.Pop,kid:e.kid,alg:e.alg});return JSON.stringify(t)}}/! @azure/msal-common v15.4.0 2025-03-25 /class Va{startMeasurement(){}endMeasurement(){}flushMeasurement(){return null}}class lm{generateId(){return"callback-id"}startMeasurement(e,t){return{end:()=>null,discard:()=>{},add:()=>{},increment:()=>{},event:{eventId:this.generateId(),status:Bp.InProgress,authority:"",libraryName:"",libraryVersion:"",clientId:"",name:e,startTimeMs:Date.now(),correlationId:t\|\|""},measurement:new Va}}startPerformanceMeasurement(){return new Va}calculateQueuedTime(){return 0}addQueueMeasurement(){}setPreQueueTime(){}endMeasurement(){return null}discardMeasurements(){}removePerformanceCallback(){return!0}addPerformanceCallback(){return""}emitEvents(){}addFields(){}incrementFields(){}cacheEventByCorrelationId(){}}/! @azure/msal-browser v4.9.0 2025-03-25 /const ks="pkce_not_created",Rs="ear_jwk_empty",kd="ear_jwe_empty",Ii="crypto_nonexistent",Po="empty_navigate_uri",Rd="hash_empty_error",Os="no_state_in_hash",Od="hash_does_not_contain_known_properties",Pd="unable_to_parse_state",Nd="state_interaction_type_mismatch",Md="interaction_in_progress",xd="popup_window_error",Hd="empty_window_error",mr="user_cancelled",dm="monitor_popup_timeout",Ld="monitor_window_timeout",Ud="redirect_in_iframe",Dd="block_iframe_reload",Fd="block_nested_popups",hm="iframe_closed_prematurely",No="silent_logout_unsupported",Kd="no_account_error",um="silent_prompt_value_error",Bd="no_token_request_cache_error",Gd="unable_to_parse_token_request_cache_error",fm="auth_request_not_set_error",gm="invalid_cache_type",Mo="non_browser_environment",En="database_not_open",ro="no_network_connectivity",$d="post_request_failed",zd="get_request_failed",Ei="failed_to_parse_response",qd="unable_to_load_token",Ps="crypto_key_not_found",Vd="auth_code_required",jd="auth_code_or_nativeAccountId_required",Wd="spa_code_and_nativeAccountId_present",Ns="database_unavailable",Yd="unable_to_acquire_token_from_native_platform",Qd="native_handshake_timeout",Jd="native_extension_not_installed",Ms="native_connection_not_established",oo="uninitialized_public_client_application",Xd="native_prompt_not_supported",Zd="invalid_base64_string",eh="invalid_pop_token_request",th="failed_to_build_headers",nh="failed_to_parse_headers",Dr="failed_to_decrypt_ear_response";/! @azure/msal-browser v4.9.0 2025-03-25 /const bt="For more visit: aka.ms/msaljs/browser-errors",pm={[ks]:"The PKCE code challenge and verifier could not be generated.",[Rs]:"No EAR encryption key provided. This is unexpected.",[kd]:"Server response does not contain ear_jwe property. This is unexpected.",[Ii]:"The crypto object or function is not available.",[Po]:"Navigation URI is empty. Please check stack trace for more info.",[Rd]:`Hash value cannot be processed because it is empty. Please verify that your redirectUri is not clearing the hash. ${bt}`,[Os]:"Hash does not contain state. Please verify that the request originated from msal.",[Od]:`Hash does not contain known properites. Please verify that your redirectUri is not changing the hash. ${bt}`,[Pd]:"Unable to parse state. Please verify that the request originated from msal.",[Nd]:"Hash contains state but the interaction type does not match the caller.",[Md]:`Interaction is currently in progress. Please ensure that this interaction has been completed before calling an interactive API. ${bt}`,[xd]:"Error opening popup window. This can happen if you are using IE or if popups are blocked in the browser.",[Hd]:"window.open returned null or undefined window object.",[mr]:"User cancelled the flow.",[dm]:`Token acquisition in popup failed due to timeout. ${bt}`,[Ld]:`Token acquisition in iframe failed due to timeout. ${bt}`,[Ud]:"Redirects are not supported for iframed or brokered applications. Please ensure you are using MSAL.js in a top frame of the window if using the redirect APIs, or use the popup APIs.",[Dd]:`Request was blocked inside an iframe because MSAL detected an authentication response. ${bt}`,[Fd]:"Request was blocked inside a popup because MSAL detected it was running in a popup.",[hm]:"The iframe being monitored was closed prematurely.",[No]:"Silent logout not supported. Please call logoutRedirect or logoutPopup instead.",[Kd]:"No account object provided to acquireTokenSilent and no active account has been set. Please call setActiveAccount or provide an account on the request.",[um]:"The value given for the prompt value is not valid for silent requests - must be set to 'none' or 'no_session'.",[Bd]:"No token request found in cache.",[Gd]:"The cached token request could not be parsed.",[fm]:"Auth Request not set. Please ensure initiateAuthRequest was called from the InteractionHandler",[gm]:"Invalid cache type",[Mo]:"Login and token requests are not supported in non-browser environments.",[En]:"Database is not open!",[ro]:"No network connectivity. Check your internet connection.",[$d]:"Network request failed: If the browser threw a CORS error, check that the redirectUri is registered in the Azure App Portal as type 'SPA'",[zd]:"Network request failed. Please check the network trace to determine root cause.",[Ei]:"Failed to parse network response. Check network trace.",[qd]:"Error loading token to cache.",[Ps]:"Cryptographic Key or Keypair not found in browser storage.",[Vd]:"An authorization code must be provided (as the `code` property on the request) to this flow.",[jd]:"An authorization code or nativeAccountId must be provided to this flow.",[Wd]:"Request cannot contain both spa code and native account id.",[Ns]:"IndexedDB, which is required for persistent cryptographic key storage, is unavailable. This may be caused by browser privacy features which block persistent storage in third-party contexts.",[Yd]:`Unable to acquire token from native platform. ${bt}`,[Qd]:"Timed out while attempting to establish connection to browser extension",[Jd]:"Native extension is not installed. If you think this is a mistake call the initialize function.",[Ms]:`Connection to native platform has not been established. Please install a compatible browser extension and run initialize(). ${bt}`,[oo]:`You must call and await the initialize function before attempting to call any other MSAL API. ${bt}`,[Xd]:"The provided prompt is not supported by the native platform. This request should be routed to the web based flow.",[Zd]:"Invalid base64 encoded string.",[eh]:"Invalid PoP token request. The request should not have both a popKid value and signPopToken set to true.",[th]:"Failed to build request headers object.",[nh]:"Failed to parse response headers",[Dr]:"Failed to decrypt ear response"};class Ar extends Z{constructor(e,t){super(e,pm[e],t),Object.setPrototypeOf(this,Ar.prototype),this.name="BrowserAuthError"}}function P(n,e){return new Ar(n,e)}/! @azure/msal-browser v4.9.0 2025-03-25 /const He={INVALID_GRANT_ERROR:"invalid_grant",POPUP_WIDTH:483,POPUP_HEIGHT:600,POPUP_NAME_PREFIX:"msal",DEFAULT_POLL_INTERVAL_MS:30,MSAL_SKU:"msal.js.browser"},Sn={CHANNEL_ID:"53ee284d-920a-4b59-9d30-a60315b26836",PREFERRED_EXTENSION_ID:"ppnbnpeolgkicgegkbkbjmhlideopiji",MATS_TELEMETRY:"MATS"},ln={HandshakeRequest:"Handshake",HandshakeResponse:"HandshakeResponse",GetToken:"GetToken",Response:"Response"},ve={LocalStorage:"localStorage",SessionStorage:"sessionStorage",MemoryStorage:"memoryStorage"},ja={GET:"GET",POST:"POST"},ge={ORIGIN_URI:"request.origin",URL_HASH:"urlHash",REQUEST_PARAMS:"request.params",VERIFIER:"code.verifier",INTERACTION_STATUS_KEY:"interaction.status",NATIVE_REQUEST:"request.native"},$t={ACCOUNT_KEYS:"msal.account.keys",TOKEN_KEYS:"msal.token.keys"},Pr={WRAPPER_SKU:"wrapper.sku",WRAPPER_VER:"wrapper.version"},se={acquireTokenRedirect:861,acquireTokenPopup:862,ssoSilent:863,acquireTokenSilent_authCode:864,handleRedirectPromise:865,acquireTokenByCode:866,acquireTokenSilent_silentFlow:61,logout:961,logoutPopup:962};var M;(function(n){n.Redirect="redirect",n.Popup="popup",n.Silent="silent",n.None="none"})(M\|\|(M={}));const _i={scopes:yn},rh="jwk",Si="msal.db",mm=1,Cm=`${Si}.keys`,ye={Default:0,AccessToken:1,AccessTokenAndRefreshToken:2,RefreshToken:3,RefreshTokenAndNetwork:4,Skip:5},ym=[ye.Default,ye.Skip,ye.RefreshTokenAndNetwork],Tm="msal.browser.log.level",Am="msal.browser.log.pii";/! @azure/msal-browser v4.9.0 2025-03-25 /function Nr(n){return encodeURIComponent(Cr(n).replace(/=/g,"").replace(/\+/g,"-").replace(/\//g,"_"))}function Qt(n){return oh(n).replace(/=/g,"").replace(/\+/g,"-").replace(/\//g,"_")}function Cr(n){return oh(new TextEncoder().encode(n))}function oh(n){const e=Array.from(n,t=>String.fromCodePoint(t)).join("");return btoa(e)}/! @azure/msal-browser v4.9.0 2025-03-25 /function ct(n){return new TextDecoder().decode(jt(n))}function jt(n){let e=n.replace(/-/g,"+").replace(/_/g,"/");switch(e.length%4){case 0:break;case 2:e+="==";break;case 3:e+="=";break;default:throw P(Zd)}const t=atob(e);return Uint8Array.from(t,r=>r.codePointAt(0)\|\|0)}/! @azure/msal-browser v4.9.0 2025-03-25 /const vm="RSASSA-PKCS1-v1_5",Kn="AES-GCM",ih="HKDF",xs="SHA-256",wm=2048,Im=new Uint8Array([1,0,1]),Wa="0123456789abcdef",Ya=new Uint32Array(1),Hs="raw",sh="encrypt",Ls="decrypt",Em="deriveKey",_m="crypto_subtle_undefined",Us={name:vm,hash:xs,modulusLength:wm,publicExponent:Im};function Sm(n){if(!window)throw P(Mo);if(!window.crypto)throw P(Ii);if(!n&&!window.crypto.subtle)throw P(Ii,_m)}async function ah(n,e,t){e==null\|\|e.addQueueMeasurement(f.Sha256Digest,t);const o=new TextEncoder().encode(n);return window.crypto.subtle.digest(xs,o)}function bm(n){return window.crypto.getRandomValues(n)}function ni(){return window.crypto.getRandomValues(Ya),Ya[0]}function We(){const n=Date.now(),e=ni()1024+(ni()&1023),t=new Uint8Array(16),r=Math.trunc(e/230),o=e&230-1,i=ni();t[0]=n/240,t[1]=n/232,t[2]=n/224,t[3]=n/216,t[4]=n/28,t[5]=n,t[6]=112\|r>>>8,t[7]=r,t[8]=128\|o>>>24,t[9]=o>>>16,t[10]=o>>>8,t[11]=o,t[12]=i>>>24,t[13]=i>>>16,t[14]=i>>>8,t[15]=i;let s="";for(let a=0;a<t.length;a++)s+=Wa.charAt(t[a]>>>4),s+=Wa.charAt(t[a]&15),(a===3\|\|a===5\|\|a===7\|\|a===9)&&(s+="-");return s}async function km(n,e){return window.crypto.subtle.generateKey(Us,n,e)}async function ri(n){return window.crypto.subtle.exportKey(rh,n)}async function Rm(n,e,t){return window.crypto.subtle.importKey(rh,n,Us,e,t)}async function Om(n,e){return window.crypto.subtle.sign(Us,n,e)}async function Ds(){const n=await ch(),t={alg:"dir",kty:"oct",k:Qt(new Uint8Array(n))};return Cr(JSON.stringify(t))}async function Pm(n){const e=ct(n),r=JSON.parse(e).k,o=jt(r);return window.crypto.subtle.importKey(Hs,o,Kn,!1,[Ls])}async function Nm(n,e){const t=e.split(".");if(t.length!==5)throw P(Dr,"jwe_length");const r=await Pm(n).catch(()=>{throw P(Dr,"import_key")});try{const o=new TextEncoder().encode(t[0]),i=jt(t[2]),s=jt(t[3]),a=jt(t[4]),c=a.byteLength8,d=new Uint8Array(s.length+a.length);d.set(s),d.set(a,s.length);const l=await window.crypto.subtle.decrypt({name:Kn,iv:i,tagLength:c,additionalData:o},r,d);return new TextDecoder().decode(l)}catch{throw P(Dr,"decrypt")}}async function ch(){const n=await window.crypto.subtle.generateKey({name:Kn,length:256},!0,[sh,Ls]);return window.crypto.subtle.exportKey(Hs,n)}async function Qa(n){return window.crypto.subtle.importKey(Hs,n,ih,!1,[Em])}async function lh(n,e,t){return window.crypto.subtle.deriveKey({name:ih,salt:e,hash:xs,info:new TextEncoder().encode(t)},n,{name:Kn,length:256},!1,[sh,Ls])}async function Mm(n,e,t){const r=new TextEncoder().encode(e),o=window.crypto.getRandomValues(new Uint8Array(16)),i=await lh(n,o,t),s=await window.crypto.subtle.encrypt({name:Kn,iv:new Uint8Array(12)},i,r);return{data:Qt(new Uint8Array(s)),nonce:Qt(o)}}async function xm(n,e,t,r){const o=jt(r),i=await lh(n,jt(e),t),s=await window.crypto.subtle.decrypt({name:Kn,iv:new Uint8Array(12)},i,o);return new TextDecoder().decode(s)}async function dh(n){const e=await ah(n),t=new Uint8Array(e);return Qt(t)}/! @azure/msal-browser v4.9.0 2025-03-25 /const Fs="storage_not_supported",Hm="stubbed_public_client_application_called",hh="in_mem_redirect_unavailable";/! @azure/msal-browser v4.9.0 2025-03-25 /const Lm={[Fs]:"Given storage configuration option was not supported.",[Hm]:"Stub instance of Public Client Application was called. If using msal-react, please ensure context is not used without a provider. For more visit: aka.ms/msaljs/browser-errors",[hh]:"Redirect cannot be supported. In-memory storage was selected and storeAuthStateInCookie=false, which would cause the library to be unable to handle the incoming hash. If you would like to use the redirect API, please use session/localStorage or set storeAuthStateInCookie=true."};class Ks extends Z{constructor(e,t){super(e,t),this.name="BrowserConfigurationAuthError",Object.setPrototypeOf(this,Ks.prototype)}}function Bs(n){return new Ks(n,Lm[n])}/! @azure/msal-browser v4.9.0 2025-03-25 /function Um(n){n.location.hash="",typeof n.history.replaceState=="function"&&n.history.replaceState(null,"",`${n.location.origin}${n.location.pathname}${n.location.search}`)}function Dm(n){const e=n.split("#");e.shift(),window.location.hash=e.length>0?e.join("#"):""}function Gs(){return window.parent!==window}function Fm(){return typeof window<"u"&&!!window.opener&&window.opener!==window&&typeof window.name=="string"&&window.name.indexOf(`${He.POPUP_NAME_PREFIX}.`)===0}function Nt(){return typeof window<"u"&&window.location?window.location.href.split("?")[0].split("#")[0]:""}function Km(){const e=new Q(window.location.href).getUrlComponents();return`${e.Protocol}//${e.HostNameAndPort}/`}function Bm(){if(Q.hashContainsKnownProperties(window.location.hash)&&Gs())throw P(Dd)}function Gm(n){if(Gs()&&!n)throw P(Ud)}function $m(){if(Fm())throw P(Fd)}function uh(){if(typeof window>"u")throw P(Mo)}function fh(n){if(!n)throw P(oo)}function $s(n){uh(),Bm(),$m(),fh(n)}function Ja(n,e){if($s(n),Gm(e.system.allowRedirectInIframe),e.cache.cacheLocation===ve.MemoryStorage&&!e.cache.storeAuthStateInCookie)throw Bs(hh)}function gh(n){const e=document.createElement("link");e.rel="preconnect",e.href=new URL(n).origin,e.crossOrigin="anonymous",document.head.appendChild(e),window.setTimeout(()=>{try{document.head.removeChild(e)}catch{}},1e4)}function zm(){return We()}/! @azure/msal-browser v4.9.0 2025-03-25 /class io{navigateInternal(e,t){return io.defaultNavigateWindow(e,t)}navigateExternal(e,t){return io.defaultNavigateWindow(e,t)}static defaultNavigateWindow(e,t){return t.noHistory?window.location.replace(e):window.location.assign(e),new Promise(r=>{setTimeout(()=>{r(!0)},t.timeout)})}}/! @azure/msal-browser v4.9.0 2025-03-25 /class qm{async sendGetRequestAsync(e,t){let r,o={},i=0;const s=Xa(t);try{r=await fetch(e,{method:ja.GET,headers:s})}catch{throw P(window.navigator.onLine?zd:ro)}o=Za(r.headers);try{return i=r.status,{headers:o,body:await r.json(),status:i}}catch{throw Ga(P(Ei),i,o)}}async sendPostRequestAsync(e,t){const r=t&&t.body\|\|"",o=Xa(t);let i,s=0,a={};try{i=await fetch(e,{method:ja.POST,headers:o,body:r})}catch{throw P(window.navigator.onLine?$d:ro)}a=Za(i.headers);try{return s=i.status,{headers:a,body:await i.json(),status:s}}catch{throw Ga(P(Ei),s,a)}}}function Xa(n){try{const e=new Headers;if(!(n&&n.headers))return e;const t=n.headers;return Object.entries(t).forEach(([r,o])=>{e.append(r,o)}),e}catch{throw P(th)}}function Za(n){try{const e={};return n.forEach((t,r)=>{e[r]=t}),e}catch{throw P(nh)}}/! @azure/msal-browser v4.9.0 2025-03-25 /const Vm=6e4,bi=1e4,jm=3e4,Wm=2e3;function Ym({auth:n,cache:e,system:t,telemetry:r},o){const i={clientId:C.EMPTY_STRING,authority:`${C.DEFAULT_AUTHORITY}`,knownAuthorities:[],cloudDiscoveryMetadata:C.EMPTY_STRING,authorityMetadata:C.EMPTY_STRING,redirectUri:typeof window<"u"?Nt():"",postLogoutRedirectUri:C.EMPTY_STRING,navigateToLoginRequestUrl:!0,clientCapabilities:[],protocolMode:Ue.AAD,OIDCOptions:{serverResponseType:yo.FRAGMENT,defaultScopes:[C.OPENID_SCOPE,C.PROFILE_SCOPE,C.OFFLINE_ACCESS_SCOPE]},azureCloudOptions:{azureCloudInstance:as.None,tenant:C.EMPTY_STRING},skipAuthorityMetadataCache:!1,supportsNestedAppAuth:!1,instanceAware:!1},s={cacheLocation:ve.SessionStorage,temporaryCacheLocation:ve.SessionStorage,storeAuthStateInCookie:!1,secureCookies:!1,cacheMigrationEnabled:!!(e&&e.cacheLocation===ve.LocalStorage),claimsBasedCachingEnabled:!1},a={loggerCallback:()=>{},logLevel:he.Info,piiLoggingEnabled:!1},d={...{...ed,loggerOptions:a,networkClient:o?new qm:em,navigationClient:new io,loadFrameTimeout:0,windowHashTimeout:(t==null?void 0:t.loadFrameTimeout)\|\|Vm,iframeHashTimeout:(t==null?void 0:t.loadFrameTimeout)\|\|bi,navigateFrameWait:0,redirectNavigationTimeout:jm,asyncPopups:!1,allowRedirectInIframe:!1,allowPlatformBroker:!1,nativeBrokerHandshakeTimeout:(t==null?void 0:t.nativeBrokerHandshakeTimeout)\|\|Wm,pollIntervalMilliseconds:He.DEFAULT_POLL_INTERVAL_MS},...t,loggerOptions:(t==null?void 0:t.loggerOptions)\|\|a},l={application:{appName:C.EMPTY_STRING,appVersion:C.EMPTY_STRING},client:new lm};if((n==null?void 0:n.protocolMode)!==Ue.OIDC&&(n!=null&&n.OIDCOptions)&&new Ht(d.loggerOptions).warning(JSON.stringify(oe(Vl))),n!=null&&n.protocolMode&&n.protocolMode===Ue.OIDC&&(d!=null&&d.allowPlatformBroker))throw oe(jl);const h={auth:{...i,...n,OIDCOptions:{...i.OIDCOptions,...n==null?void 0:n.OIDCOptions}},cache:{...s,...e},system:d,telemetry:{...l,...r}};return h.auth.protocolMode===Ue.EAR&&(new Ht(d.loggerOptions).warning("EAR Protocol Mode is not yet supported. Overriding to use PKCE auth"),h.auth.protocolMode=Ue.AAD),h}/! @azure/msal-browser v4.9.0 2025-03-25 /const Qm="@azure/msal-browser",Bn="4.9.0";/! @azure/msal-browser v4.9.0 2025-03-25 /class xo{static loggerCallback(e,t){switch(e){case he.Error:console.error(t);return;case he.Info:console.info(t);return;case he.Verbose:console.debug(t);return;case he.Warning:console.warn(t);return;default:console.log(t);return}}constructor(e){var c;this.browserEnvironment=typeof window<"u",this.config=Ym(e,this.browserEnvironment);let t;try{t=window[ve.SessionStorage]}catch{}const r=t==null?void 0:t.getItem(Tm),o=(c=t==null?void 0:t.getItem(Am))==null?void 0:c.toLowerCase(),i=o==="true"?!0:o==="false"?!1:void 0,s={...this.config.system.loggerOptions},a=r&&Object.keys(he).includes(r)?he[r]:void 0;a&&(s.loggerCallback=xo.loggerCallback,s.logLevel=a),i!==void 0&&(s.piiLoggingEnabled=i),this.logger=new Ht(s,Qm,Bn),this.available=!1}getConfig(){return this.config}getLogger(){return this.logger}isAvailable(){return this.available}isBrowserEnvironment(){return this.browserEnvironment}}/! @azure/msal-browser v4.9.0 2025-03-25 /const kt={UserInteractionRequired:"USER_INTERACTION_REQUIRED",UserCancel:"USER_CANCEL",NoNetwork:"NO_NETWORK",TransientError:"TRANSIENT_ERROR",PersistentError:"PERSISTENT_ERROR",Disabled:"DISABLED",AccountUnavailable:"ACCOUNT_UNAVAILABLE",NestedAppAuthUnavailable:"NESTED_APP_AUTH_UNAVAILABLE"};/! @azure/msal-browser v4.9.0 2025-03-25 /class Ne{static async initializeNestedAppAuthBridge(){if(window===void 0)throw new Error("window is undefined");if(window.nestedAppAuthBridge===void 0)throw new Error("window.nestedAppAuthBridge is undefined");try{window.nestedAppAuthBridge.addEventListener("message",t=>{const r=typeof t=="string"?t:t.data,o=JSON.parse(r),i=Ne.bridgeRequests.find(s=>s.requestId===o.requestId);i!==void 0&&(Ne.bridgeRequests.splice(Ne.bridgeRequests.indexOf(i),1),o.success?i.resolve(o):i.reject(o.error))});const e=await new Promise((t,r)=>{const o=Ne.buildRequest("GetInitContext"),i={requestId:o.requestId,method:o.method,resolve:t,reject:r};Ne.bridgeRequests.push(i),window.nestedAppAuthBridge.postMessage(JSON.stringify(o))});return Ne.validateBridgeResultOrThrow(e.initContext)}catch(e){throw window.console.log(e),e}}getTokenInteractive(e){return this.getToken("GetTokenPopup",e)}getTokenSilent(e){return this.getToken("GetToken",e)}async getToken(e,t){const r=await this.sendRequest(e,{tokenParams:t});return{token:Ne.validateBridgeResultOrThrow(r.token),account:Ne.validateBridgeResultOrThrow(r.account)}}getHostCapabilities(){return this.capabilities??null}getAccountContext(){return this.accountContext?this.accountContext:null}static buildRequest(e,t){return{messageType:"NestedAppAuthRequest",method:e,requestId:We(),sendTime:Date.now(),clientLibrary:He.MSAL_SKU,clientLibraryVersion:Bn,...t}}sendRequest(e,t){const r=Ne.buildRequest(e,t);return new Promise((i,s)=>{const a={requestId:r.requestId,method:r.method,resolve:i,reject:s};Ne.bridgeRequests.push(a),window.nestedAppAuthBridge.postMessage(JSON.stringify(r))})}static validateBridgeResultOrThrow(e){if(e===void 0)throw{status:kt.NestedAppAuthUnavailable};return e}constructor(e,t,r,o){this.sdkName=e,this.sdkVersion=t,this.accountContext=r,this.capabilities=o}static async create(){const e=await Ne.initializeNestedAppAuthBridge();return new Ne(e.sdkName,e.sdkVersion,e.accountContext,e.capabilities)}}Ne.bridgeRequests=[];/! @azure/msal-browser v4.9.0 2025-03-25 /class Dn extends xo{constructor(){super(...arguments),this.bridgeProxy=void 0,this.accountContext=null}getModuleName(){return Dn.MODULE_NAME}getId(){return Dn.ID}getBridgeProxy(){return this.bridgeProxy}async initialize(){try{if(typeof window<"u"){typeof window.__initializeNestedAppAuth=="function"&&await window.__initializeNestedAppAuth();const e=await Ne.create();this.accountContext=e.getAccountContext(),this.bridgeProxy=e,this.available=e!==void 0}}catch(e){this.logger.infoPii(`Could not initialize Nested App Auth bridge (${e})`)}return this.logger.info(`Nested App Auth Bridge available: ${this.available}`),this.available}}Dn.MODULE_NAME="";Dn.ID="NestedAppOperatingContext";/! @azure/msal-browser v4.9.0 2025-03-25 /class mn extends xo{getModuleName(){return mn.MODULE_NAME}getId(){return mn.ID}async initialize(){return this.available=typeof window<"u",this.available}}mn.MODULE_NAME="";mn.ID="StandardOperatingContext";/! @azure/msal-browser v4.9.0 2025-03-25 /class Jm{constructor(){this.dbName=Si,this.version=mm,this.tableName=Cm,this.dbOpen=!1}async open(){return new Promise((e,t)=>{const r=window.indexedDB.open(this.dbName,this.version);r.addEventListener("upgradeneeded",o=>{o.target.result.createObjectStore(this.tableName)}),r.addEventListener("success",o=>{const i=o;this.db=i.target.result,this.dbOpen=!0,e()}),r.addEventListener("error",()=>t(P(Ns)))})}closeConnection(){const e=this.db;e&&this.dbOpen&&(e.close(),this.dbOpen=!1)}async validateDbIsOpen(){if(!this.dbOpen)return this.open()}async getItem(e){return await this.validateDbIsOpen(),new Promise((t,r)=>{if(!this.db)return r(P(En));const s=this.db.transaction([this.tableName],"readonly").objectStore(this.tableName).get(e);s.addEventListener("success",a=>{const c=a;this.closeConnection(),t(c.target.result)}),s.addEventListener("error",a=>{this.closeConnection(),r(a)})})}async setItem(e,t){return await this.validateDbIsOpen(),new Promise((r,o)=>{if(!this.db)return o(P(En));const a=this.db.transaction([this.tableName],"readwrite").objectStore(this.tableName).put(t,e);a.addEventListener("success",()=>{this.closeConnection(),r()}),a.addEventListener("error",c=>{this.closeConnection(),o(c)})})}async removeItem(e){return await this.validateDbIsOpen(),new Promise((t,r)=>{if(!this.db)return r(P(En));const s=this.db.transaction([this.tableName],"readwrite").objectStore(this.tableName).delete(e);s.addEventListener("success",()=>{this.closeConnection(),t()}),s.addEventListener("error",a=>{this.closeConnection(),r(a)})})}async getKeys(){return await this.validateDbIsOpen(),new Promise((e,t)=>{if(!this.db)return t(P(En));const i=this.db.transaction([this.tableName],"readonly").objectStore(this.tableName).getAllKeys();i.addEventListener("success",s=>{const a=s;this.closeConnection(),e(a.target.result)}),i.addEventListener("error",s=>{this.closeConnection(),t(s)})})}async containsKey(e){return await this.validateDbIsOpen(),new Promise((t,r)=>{if(!this.db)return r(P(En));const s=this.db.transaction([this.tableName],"readonly").objectStore(this.tableName).count(e);s.addEventListener("success",a=>{const c=a;this.closeConnection(),t(c.target.result===1)}),s.addEventListener("error",a=>{this.closeConnection(),r(a)})})}async deleteDatabase(){return this.db&&this.dbOpen&&this.closeConnection(),new Promise((e,t)=>{const r=window.indexedDB.deleteDatabase(Si),o=setTimeout(()=>t(!1),200);r.addEventListener("success",()=>(clearTimeout(o),e(!0))),r.addEventListener("blocked",()=>(clearTimeout(o),e(!0))),r.addEventListener("error",()=>(clearTimeout(o),t(!1)))})}}/! @azure/msal-browser v4.9.0 2025-03-25 /class Ho{constructor(){this.cache=new Map}async initialize(){}getItem(e){return this.cache.get(e)\|\|null}getUserData(e){return this.getItem(e)}setItem(e,t){this.cache.set(e,t)}async setUserData(e,t){this.setItem(e,t)}removeItem(e){this.cache.delete(e)}getKeys(){const e=[];return this.cache.forEach((t,r)=>{e.push(r)}),e}containsKey(e){return this.cache.has(e)}clear(){this.cache.clear()}}/! @azure/msal-browser v4.9.0 2025-03-25 /class Xm{constructor(e){this.inMemoryCache=new Ho,this.indexedDBCache=new Jm,this.logger=e}handleDatabaseAccessError(e){if(e instanceof Ar&&e.errorCode===Ns)this.logger.error("Could not access persistent storage. This may be caused by browser privacy features which block persistent storage in third-party contexts.");else throw e}async getItem(e){const t=this.inMemoryCache.getItem(e);if(!t)try{return this.logger.verbose("Queried item not found in in-memory cache, now querying persistent storage."),await this.indexedDBCache.getItem(e)}catch(r){this.handleDatabaseAccessError(r)}return t}async setItem(e,t){this.inMemoryCache.setItem(e,t);try{await this.indexedDBCache.setItem(e,t)}catch(r){this.handleDatabaseAccessError(r)}}async removeItem(e){this.inMemoryCache.removeItem(e);try{await this.indexedDBCache.removeItem(e)}catch(t){this.handleDatabaseAccessError(t)}}async getKeys(){const e=this.inMemoryCache.getKeys();if(e.length===0)try{return this.logger.verbose("In-memory cache is empty, now querying persistent storage."),await this.indexedDBCache.getKeys()}catch(t){this.handleDatabaseAccessError(t)}return e}async containsKey(e){const t=this.inMemoryCache.containsKey(e);if(!t)try{return this.logger.verbose("Key not found in in-memory cache, now querying persistent storage."),await this.indexedDBCache.containsKey(e)}catch(r){this.handleDatabaseAccessError(r)}return t}clearInMemory(){this.logger.verbose("Deleting in-memory keystore"),this.inMemoryCache.clear(),this.logger.verbose("In-memory keystore deleted")}async clearPersistent(){try{this.logger.verbose("Deleting persistent keystore");const e=await this.indexedDBCache.deleteDatabase();return e&&this.logger.verbose("Persistent keystore deleted"),e}catch(e){return this.handleDatabaseAccessError(e),!1}}}/! @azure/msal-browser v4.9.0 2025-03-25 /class It{constructor(e,t,r){this.logger=e,Sm(r??!1),this.cache=new Xm(this.logger),this.performanceClient=t}createNewGuid(){return We()}base64Encode(e){return Cr(e)}base64Decode(e){return ct(e)}base64UrlEncode(e){return Nr(e)}encodeKid(e){return this.base64UrlEncode(JSON.stringify({kid:e}))}async getPublicKeyThumbprint(e){var l;const t=(l=this.performanceClient)==null?void 0:l.startMeasurement(f.CryptoOptsGetPublicKeyThumbprint,e.correlationId),r=await km(It.EXTRACTABLE,It.POP_KEY_USAGES),o=await ri(r.publicKey),i={e:o.e,kty:o.kty,n:o.n},s=ec(i),a=await this.hashString(s),c=await ri(r.privateKey),d=await Rm(c,!1,["sign"]);return await this.cache.setItem(a,{privateKey:d,publicKey:r.publicKey,requestMethod:e.resourceRequestMethod,requestUri:e.resourceRequestUri}),t&&t.end({success:!0}),a}async removeTokenBindingKey(e){return await this.cache.removeItem(e),!await this.cache.containsKey(e)}async clearKeystore(){this.cache.clearInMemory();try{return await this.cache.clearPersistent(),!0}catch(e){return e instanceof Error?this.logger.error(`Clearing keystore failed with error: ${e.message}`):this.logger.error("Clearing keystore failed with unknown error"),!1}}async signJwt(e,t,r,o){var J;const i=(J=this.performanceClient)==null?void 0:J.startMeasurement(f.CryptoOptsSignJwt,o),s=await this.cache.getItem(t);if(!s)throw P(Ps);const a=await ri(s.publicKey),c=ec(a),d=Nr(JSON.stringify({kid:t})),l=bs.getShrHeaderString({...r==null?void 0:r.header,alg:a.alg,kid:d}),h=Nr(l);e.cnf={jwk:JSON.parse(c)};const p=Nr(JSON.stringify(e)),y=`${h}.${p}`,S=new TextEncoder().encode(y),q=await Om(s.privateKey,S),D=Qt(new Uint8Array(q)),V=`${y}.${D}`;return i&&i.end({success:!0}),V}async hashString(e){return dh(e)}}It.POP_KEY_USAGES=["sign","verify"];It.EXTRACTABLE=!0;function ec(n){return JSON.stringify(n,Object.keys(n).sort())}/! @azure/msal-browser v4.9.0 2025-03-25 /const Zm=2460601e3,ki={Lax:"Lax",None:"None"};class ph{initialize(){return Promise.resolve()}getItem(e){const t=`${encodeURIComponent(e)}`,r=document.cookie.split(";");for(let o=0;o<r.length;o++){const i=r[o],[s,...a]=decodeURIComponent(i).trim().split("="),c=a.join("=");if(s===t)return c}return""}getUserData(){throw v(z)}setItem(e,t,r,o=!0,i=ki.Lax){let s=`${encodeURIComponent(e)}=${encodeURIComponent(t)};path=/;SameSite=${i};`;if(r){const a=eC(r);s+=`expires=${a};`}(o\|\|i===ki.None)&&(s+="Secure;"),document.cookie=s}async setUserData(){return Promise.reject(v(z))}removeItem(e){this.setItem(e,"",-1)}getKeys(){const e=document.cookie.split(";"),t=[];return e.forEach(r=>{const o=decodeURIComponent(r).trim().split("=");t.push(o[0])}),t}containsKey(e){return this.getKeys().includes(e)}}function eC(n){const e=new Date;return new Date(e.getTime()+nZm).toUTCString()}/! @azure/msal-browser v4.9.0 2025-03-25 /function Ri(n){const e=n.getItem($t.ACCOUNT_KEYS);return e?JSON.parse(e):[]}function Oi(n,e){const t=e.getItem(`${$t.TOKEN_KEYS}.${n}`);if(t){const r=JSON.parse(t);if(r&&r.hasOwnProperty("idToken")&&r.hasOwnProperty("accessToken")&&r.hasOwnProperty("refreshToken"))return r}return{idToken:[],accessToken:[],refreshToken:[]}}/! @azure/msal-browser v4.9.0 2025-03-25 /const tc="msal.cache.encryption",tC="msal.broadcast.cache";class nC{constructor(e,t,r){if(!window.localStorage)throw Bs(Fs);this.memoryStorage=new Ho,this.initialized=!1,this.clientId=e,this.logger=t,this.performanceClient=r,this.broadcast=new BroadcastChannel(tC)}async initialize(e){this.initialized=!0;const t=new ph,r=t.getItem(tc);let o={key:"",id:""};if(r)try{o=JSON.parse(r)}catch{}if(o.key&&o.id){const i=lt(jt,f.Base64Decode,this.logger,this.performanceClient,e)(o.key);this.encryptionCookie={id:o.id,key:await T(Qa,f.GenerateHKDF,this.logger,this.performanceClient,e)(i)},await T(this.importExistingCache.bind(this),f.ImportExistingCache,this.logger,this.performanceClient,e)(e)}else{this.clear();const i=We(),s=await T(ch,f.GenerateBaseKey,this.logger,this.performanceClient,e)(),a=lt(Qt,f.UrlEncodeArr,this.logger,this.performanceClient,e)(new Uint8Array(s));this.encryptionCookie={id:i,key:await T(Qa,f.GenerateHKDF,this.logger,this.performanceClient,e)(s)};const c={id:i,key:a};t.setItem(tc,JSON.stringify(c),0,!0,ki.None)}this.broadcast.addEventListener("message",this.updateCache.bind(this))}getItem(e){return window.localStorage.getItem(e)}getUserData(e){if(!this.initialized)throw P(oo);return this.memoryStorage.getItem(e)}setItem(e,t){window.localStorage.setItem(e,t)}async setUserData(e,t,r){if(!this.initialized\|\|!this.encryptionCookie)throw P(oo);const{data:o,nonce:i}=await T(Mm,f.Encrypt,this.logger,this.performanceClient,r)(this.encryptionCookie.key,t,this.getContext(e)),s={id:this.encryptionCookie.id,nonce:i,data:o};this.memoryStorage.setItem(e,t),this.setItem(e,JSON.stringify(s)),this.broadcast.postMessage({key:e,value:t,context:this.getContext(e)})}removeItem(e){this.memoryStorage.containsKey(e)&&(this.memoryStorage.removeItem(e),this.broadcast.postMessage({key:e,value:null,context:this.getContext(e)})),window.localStorage.removeItem(e)}getKeys(){return Object.keys(window.localStorage)}containsKey(e){return window.localStorage.hasOwnProperty(e)}clear(){this.memoryStorage.clear(),Ri(this).forEach(r=>this.removeItem(r));const t=Oi(this.clientId,this);t.idToken.forEach(r=>this.removeItem(r)),t.accessToken.forEach(r=>this.removeItem(r)),t.refreshToken.forEach(r=>this.removeItem(r)),this.getKeys().forEach(r=>{(r.startsWith(C.CACHE_PREFIX)\|\|r.indexOf(this.clientId)!==-1)&&this.removeItem(r)})}async importExistingCache(e){if(!this.encryptionCookie)return;let t=Ri(this);t=await this.importArray(t,e),this.setItem($t.ACCOUNT_KEYS,JSON.stringify(t));const r=Oi(this.clientId,this);r.idToken=await this.importArray(r.idToken,e),r.accessToken=await this.importArray(r.accessToken,e),r.refreshToken=await this.importArray(r.refreshToken,e),this.setItem(`${$t.TOKEN_KEYS}.${this.clientId}`,JSON.stringify(r))}async getItemFromEncryptedCache(e,t){if(!this.encryptionCookie)return null;const r=this.getItem(e);if(!r)return null;let o;try{o=JSON.parse(r)}catch{return null}return!o.id\|\|!o.nonce\|\|!o.data?(this.performanceClient.incrementFields({unencryptedCacheCount:1},t),null):o.id!==this.encryptionCookie.id?(this.performanceClient.incrementFields({encryptedCacheExpiredCount:1},t),null):T(xm,f.Decrypt,this.logger,this.performanceClient,t)(this.encryptionCookie.key,o.nonce,this.getContext(e),o.data)}async importArray(e,t){const r=[],o=[];return e.forEach(i=>{const s=this.getItemFromEncryptedCache(i,t).then(a=>{a?(this.memoryStorage.setItem(i,a),r.push(i)):this.removeItem(i)});o.push(s)}),await Promise.all(o),r}getContext(e){let t="";return e.includes(this.clientId)&&(t=this.clientId),t}updateCache(e){this.logger.trace("Updating internal cache from broadcast event");const t=this.performanceClient.startMeasurement(f.LocalStorageUpdated);t.add({isBackground:!0});const{key:r,value:o,context:i}=e.data;if(!r){this.logger.error("Broadcast event missing key"),t.end({success:!1,errorCode:"noKey"});return}if(i&&i!==this.clientId){this.logger.trace(`Ignoring broadcast event from clientId: ${i}`),t.end({success:!1,errorCode:"contextMismatch"});return}o?(this.memoryStorage.setItem(r,o),this.logger.verbose("Updated item in internal cache")):(this.memoryStorage.removeItem(r),this.logger.verbose("Removed item from internal cache")),t.end({success:!0})}}/! @azure/msal-browser v4.9.0 2025-03-25 /class rC{constructor(){if(!window.sessionStorage)throw Bs(Fs)}async initialize(){}getItem(e){return window.sessionStorage.getItem(e)}getUserData(e){return this.getItem(e)}setItem(e,t){window.sessionStorage.setItem(e,t)}async setUserData(e,t){this.setItem(e,t)}removeItem(e){window.sessionStorage.removeItem(e)}getKeys(){return Object.keys(window.sessionStorage)}containsKey(e){return window.sessionStorage.hasOwnProperty(e)}}/! @azure/msal-browser v4.9.0 2025-03-25 /const N={INITIALIZE_START:"msal:initializeStart",INITIALIZE_END:"msal:initializeEnd",ACCOUNT_ADDED:"msal:accountAdded",ACCOUNT_REMOVED:"msal:accountRemoved",ACTIVE_ACCOUNT_CHANGED:"msal:activeAccountChanged",LOGIN_START:"msal:loginStart",LOGIN_SUCCESS:"msal:loginSuccess",LOGIN_FAILURE:"msal:loginFailure",ACQUIRE_TOKEN_START:"msal:acquireTokenStart",ACQUIRE_TOKEN_SUCCESS:"msal:acquireTokenSuccess",ACQUIRE_TOKEN_FAILURE:"msal:acquireTokenFailure",ACQUIRE_TOKEN_NETWORK_START:"msal:acquireTokenFromNetworkStart",SSO_SILENT_START:"msal:ssoSilentStart",SSO_SILENT_SUCCESS:"msal:ssoSilentSuccess",SSO_SILENT_FAILURE:"msal:ssoSilentFailure",ACQUIRE_TOKEN_BY_CODE_START:"msal:acquireTokenByCodeStart",ACQUIRE_TOKEN_BY_CODE_SUCCESS:"msal:acquireTokenByCodeSuccess",ACQUIRE_TOKEN_BY_CODE_FAILURE:"msal:acquireTokenByCodeFailure",HANDLE_REDIRECT_START:"msal:handleRedirectStart",HANDLE_REDIRECT_END:"msal:handleRedirectEnd",POPUP_OPENED:"msal:popupOpened",LOGOUT_START:"msal:logoutStart",LOGOUT_SUCCESS:"msal:logoutSuccess",LOGOUT_FAILURE:"msal:logoutFailure",LOGOUT_END:"msal:logoutEnd",RESTORE_FROM_BFCACHE:"msal:restoreFromBFCache"};/! @azure/msal-browser v4.9.0 2025-03-25 /class so extends Ai{constructor(e,t,r,o,i,s,a){super(e,r,o,a),this.cacheConfig=t,this.logger=o,this.internalStorage=new Ho,this.browserStorage=nc(e,t.cacheLocation,o,i),this.temporaryCacheStorage=nc(e,t.temporaryCacheLocation,o,i),this.cookieStorage=new ph,this.performanceClient=i,this.eventHandler=s}async initialize(e){await this.browserStorage.initialize(e)}validateAndParseJson(e){try{const t=JSON.parse(e);return t&&typeof t=="object"?t:null}catch{return null}}getAccount(e){this.logger.trace("BrowserCacheManager.getAccount called");const t=this.browserStorage.getUserData(e);if(!t)return this.removeAccountKeyFromMap(e),null;const r=this.validateAndParseJson(t);return!r\|\|!Re.isAccountEntity(r)?(this.removeAccountKeyFromMap(e),null):Ai.toObject(new Re,r)}async setAccount(e,t){this.logger.trace("BrowserCacheManager.setAccount called");const r=e.generateAccountKey();await T(this.browserStorage.setUserData.bind(this.browserStorage),f.SetUserData,this.logger,this.performanceClient)(r,JSON.stringify(e),t);const o=this.addAccountKeyToMap(r);this.cacheConfig.cacheLocation===ve.LocalStorage&&o&&this.eventHandler.emitEvent(N.ACCOUNT_ADDED,void 0,e.getAccountInfo())}getAccountKeys(){return Ri(this.browserStorage)}addAccountKeyToMap(e){this.logger.trace("BrowserCacheManager.addAccountKeyToMap called"),this.logger.tracePii(`BrowserCacheManager.addAccountKeyToMap called with key: ${e}`);const t=this.getAccountKeys();return t.indexOf(e)===-1?(t.push(e),this.browserStorage.setItem($t.ACCOUNT_KEYS,JSON.stringify(t)),this.logger.verbose("BrowserCacheManager.addAccountKeyToMap account key added"),!0):(this.logger.verbose("BrowserCacheManager.addAccountKeyToMap account key already exists in map"),!1)}removeAccountKeyFromMap(e){this.logger.trace("BrowserCacheManager.removeAccountKeyFromMap called"),this.logger.tracePii(`BrowserCacheManager.removeAccountKeyFromMap called with key: ${e}`);const t=this.getAccountKeys(),r=t.indexOf(e);r>-1?(t.splice(r,1),this.browserStorage.setItem($t.ACCOUNT_KEYS,JSON.stringify(t)),this.logger.trace("BrowserCacheManager.removeAccountKeyFromMap account key removed")):this.logger.trace("BrowserCacheManager.removeAccountKeyFromMap key not found in existing map")}async removeAccount(e){super.removeAccount(e),this.removeAccountKeyFromMap(e)}async removeAccountContext(e){await super.removeAccountContext(e),this.cacheConfig.cacheLocation===ve.LocalStorage&&this.eventHandler.emitEvent(N.ACCOUNT_REMOVED,void 0,e.getAccountInfo())}removeIdToken(e){super.removeIdToken(e),this.removeTokenKey(e,B.ID_TOKEN)}async removeAccessToken(e){super.removeAccessToken(e),this.removeTokenKey(e,B.ACCESS_TOKEN)}removeRefreshToken(e){super.removeRefreshToken(e),this.removeTokenKey(e,B.REFRESH_TOKEN)}getTokenKeys(){return Oi(this.clientId,this.browserStorage)}addTokenKey(e,t){this.logger.trace("BrowserCacheManager addTokenKey called");const r=this.getTokenKeys();switch(t){case B.ID_TOKEN:r.idToken.indexOf(e)===-1&&(this.logger.info("BrowserCacheManager: addTokenKey - idToken added to map"),r.idToken.push(e));break;case B.ACCESS_TOKEN:r.accessToken.indexOf(e)===-1&&(this.logger.info("BrowserCacheManager: addTokenKey - accessToken added to map"),r.accessToken.push(e));break;case B.REFRESH_TOKEN:r.refreshToken.indexOf(e)===-1&&(this.logger.info("BrowserCacheManager: addTokenKey - refreshToken added to map"),r.refreshToken.push(e));break;default:throw this.logger.error(`BrowserCacheManager:addTokenKey - CredentialType provided invalid. CredentialType: ${t}`),v(yi)}this.browserStorage.setItem(`${$t.TOKEN_KEYS}.${this.clientId}`,JSON.stringify(r))}removeTokenKey(e,t){this.logger.trace("BrowserCacheManager removeTokenKey called");const r=this.getTokenKeys();switch(t){case B.ID_TOKEN:this.logger.infoPii(`BrowserCacheManager: removeTokenKey - attempting to remove idToken with key: ${e} from map`);const o=r.idToken.indexOf(e);o>-1?(this.logger.info("BrowserCacheManager: removeTokenKey - idToken removed from map"),r.idToken.splice(o,1)):this.logger.info("BrowserCacheManager: removeTokenKey - idToken does not exist in map. Either it was previously removed or it was never added.");break;case B.ACCESS_TOKEN:this.logger.infoPii(`BrowserCacheManager: removeTokenKey - attempting to remove accessToken with key: ${e} from map`);const i=r.accessToken.indexOf(e);i>-1?(this.logger.info("BrowserCacheManager: removeTokenKey - accessToken removed from map"),r.accessToken.splice(i,1)):this.logger.info("BrowserCacheManager: removeTokenKey - accessToken does not exist in map. Either it was previously removed or it was never added.");break;case B.REFRESH_TOKEN:this.logger.infoPii(`BrowserCacheManager: removeTokenKey - attempting to remove refreshToken with key: ${e} from map`);const s=r.refreshToken.indexOf(e);s>-1?(this.logger.info("BrowserCacheManager: removeTokenKey - refreshToken removed from map"),r.refreshToken.splice(s,1)):this.logger.info("BrowserCacheManager: removeTokenKey - refreshToken does not exist in map. Either it was previously removed or it was never added.");break;default:throw this.logger.error(`BrowserCacheManager:removeTokenKey - CredentialType provided invalid. CredentialType: ${t}`),v(yi)}this.browserStorage.setItem(`${$t.TOKEN_KEYS}.${this.clientId}`,JSON.stringify(r))}getIdTokenCredential(e){const t=this.browserStorage.getUserData(e);if(!t)return this.logger.trace("BrowserCacheManager.getIdTokenCredential: called, no cache hit"),this.removeTokenKey(e,B.ID_TOKEN),null;const r=this.validateAndParseJson(t);return!r\|\|!pg(r)?(this.logger.trace("BrowserCacheManager.getIdTokenCredential: called, no cache hit"),this.removeTokenKey(e,B.ID_TOKEN),null):(this.logger.trace("BrowserCacheManager.getIdTokenCredential: cache hit"),r)}async setIdTokenCredential(e,t){this.logger.trace("BrowserCacheManager.setIdTokenCredential called");const r=sr(e);await T(this.browserStorage.setUserData.bind(this.browserStorage),f.SetUserData,this.logger,this.performanceClient)(r,JSON.stringify(e),t),this.addTokenKey(r,B.ID_TOKEN)}getAccessTokenCredential(e){const t=this.browserStorage.getUserData(e);if(!t)return this.logger.trace("BrowserCacheManager.getAccessTokenCredential: called, no cache hit"),this.removeTokenKey(e,B.ACCESS_TOKEN),null;const r=this.validateAndParseJson(t);return!r\|\|!gg(r)?(this.logger.trace("BrowserCacheManager.getAccessTokenCredential: called, no cache hit"),this.removeTokenKey(e,B.ACCESS_TOKEN),null):(this.logger.trace("BrowserCacheManager.getAccessTokenCredential: cache hit"),r)}async setAccessTokenCredential(e,t){this.logger.trace("BrowserCacheManager.setAccessTokenCredential called");const r=sr(e);await T(this.browserStorage.setUserData.bind(this.browserStorage),f.SetUserData,this.logger,this.performanceClient)(r,JSON.stringify(e),t),this.addTokenKey(r,B.ACCESS_TOKEN)}getRefreshTokenCredential(e){const t=this.browserStorage.getUserData(e);if(!t)return this.logger.trace("BrowserCacheManager.getRefreshTokenCredential: called, no cache hit"),this.removeTokenKey(e,B.REFRESH_TOKEN),null;const r=this.validateAndParseJson(t);return!r\|\|!mg(r)?(this.logger.trace("BrowserCacheManager.getRefreshTokenCredential: called, no cache hit"),this.removeTokenKey(e,B.REFRESH_TOKEN),null):(this.logger.trace("BrowserCacheManager.getRefreshTokenCredential: cache hit"),r)}async setRefreshTokenCredential(e,t){this.logger.trace("BrowserCacheManager.setRefreshTokenCredential called");const r=sr(e);await T(this.browserStorage.setUserData.bind(this.browserStorage),f.SetUserData,this.logger,this.performanceClient)(r,JSON.stringify(e),t),this.addTokenKey(r,B.REFRESH_TOKEN)}getAppMetadata(e){const t=this.browserStorage.getItem(e);if(!t)return this.logger.trace("BrowserCacheManager.getAppMetadata: called, no cache hit"),null;const r=this.validateAndParseJson(t);return!r\|\|!_g(e,r)?(this.logger.trace("BrowserCacheManager.getAppMetadata: called, no cache hit"),null):(this.logger.trace("BrowserCacheManager.getAppMetadata: cache hit"),r)}setAppMetadata(e){this.logger.trace("BrowserCacheManager.setAppMetadata called");const t=Eg(e);this.browserStorage.setItem(t,JSON.stringify(e))}getServerTelemetry(e){const t=this.browserStorage.getItem(e);if(!t)return this.logger.trace("BrowserCacheManager.getServerTelemetry: called, no cache hit"),null;const r=this.validateAndParseJson(t);return!r\|\|!wg(e,r)?(this.logger.trace("BrowserCacheManager.getServerTelemetry: called, no cache hit"),null):(this.logger.trace("BrowserCacheManager.getServerTelemetry: cache hit"),r)}setServerTelemetry(e,t){this.logger.trace("BrowserCacheManager.setServerTelemetry called"),this.browserStorage.setItem(e,JSON.stringify(t))}getAuthorityMetadata(e){const t=this.internalStorage.getItem(e);if(!t)return this.logger.trace("BrowserCacheManager.getAuthorityMetadata: called, no cache hit"),null;const r=this.validateAndParseJson(t);return r&&Sg(e,r)?(this.logger.trace("BrowserCacheManager.getAuthorityMetadata: cache hit"),r):null}getAuthorityMetadataKeys(){return this.internalStorage.getKeys().filter(t=>this.isAuthorityMetadata(t))}setWrapperMetadata(e,t){this.internalStorage.setItem(Pr.WRAPPER_SKU,e),this.internalStorage.setItem(Pr.WRAPPER_VER,t)}getWrapperMetadata(){const e=this.internalStorage.getItem(Pr.WRAPPER_SKU)\|\|C.EMPTY_STRING,t=this.internalStorage.getItem(Pr.WRAPPER_VER)\|\|C.EMPTY_STRING;return[e,t]}setAuthorityMetadata(e,t){this.logger.trace("BrowserCacheManager.setAuthorityMetadata called"),this.internalStorage.setItem(e,JSON.stringify(t))}getActiveAccount(){const e=this.generateCacheKey(Ra.ACTIVE_ACCOUNT_FILTERS),t=this.browserStorage.getItem(e);if(!t)return this.logger.trace("BrowserCacheManager.getActiveAccount: No active account filters found"),null;const r=this.validateAndParseJson(t);return r?(this.logger.trace("BrowserCacheManager.getActiveAccount: Active account filters schema found"),this.getAccountInfoFilteredBy({homeAccountId:r.homeAccountId,localAccountId:r.localAccountId,tenantId:r.tenantId})):(this.logger.trace("BrowserCacheManager.getActiveAccount: No active account found"),null)}setActiveAccount(e){const t=this.generateCacheKey(Ra.ACTIVE_ACCOUNT_FILTERS);if(e){this.logger.verbose("setActiveAccount: Active account set");const r={homeAccountId:e.homeAccountId,localAccountId:e.localAccountId,tenantId:e.tenantId};this.browserStorage.setItem(t,JSON.stringify(r))}else this.logger.verbose("setActiveAccount: No account passed, active account not set"),this.browserStorage.removeItem(t);this.eventHandler.emitEvent(N.ACTIVE_ACCOUNT_CHANGED)}getThrottlingCache(e){const t=this.browserStorage.getItem(e);if(!t)return this.logger.trace("BrowserCacheManager.getThrottlingCache: called, no cache hit"),null;const r=this.validateAndParseJson(t);return!r\|\|!Ig(e,r)?(this.logger.trace("BrowserCacheManager.getThrottlingCache: called, no cache hit"),null):(this.logger.trace("BrowserCacheManager.getThrottlingCache: cache hit"),r)}setThrottlingCache(e,t){this.logger.trace("BrowserCacheManager.setThrottlingCache called"),this.browserStorage.setItem(e,JSON.stringify(t))}getTemporaryCache(e,t){const r=t?this.generateCacheKey(e):e;if(this.cacheConfig.storeAuthStateInCookie){const i=this.cookieStorage.getItem(r);if(i)return this.logger.trace("BrowserCacheManager.getTemporaryCache: storeAuthStateInCookies set to true, retrieving from cookies"),i}const o=this.temporaryCacheStorage.getItem(r);if(!o){if(this.cacheConfig.cacheLocation===ve.LocalStorage){const i=this.browserStorage.getItem(r);if(i)return this.logger.trace("BrowserCacheManager.getTemporaryCache: Temporary cache item found in local storage"),i}return this.logger.trace("BrowserCacheManager.getTemporaryCache: No cache item found in local storage"),null}return this.logger.trace("BrowserCacheManager.getTemporaryCache: Temporary cache item returned"),o}setTemporaryCache(e,t,r){const o=r?this.generateCacheKey(e):e;this.temporaryCacheStorage.setItem(o,t),this.cacheConfig.storeAuthStateInCookie&&(this.logger.trace("BrowserCacheManager.setTemporaryCache: storeAuthStateInCookie set to true, setting item cookie"),this.cookieStorage.setItem(o,t,void 0,this.cacheConfig.secureCookies))}removeItem(e){this.browserStorage.removeItem(e)}removeTemporaryItem(e){this.temporaryCacheStorage.removeItem(e),this.cacheConfig.storeAuthStateInCookie&&(this.logger.trace("BrowserCacheManager.removeItem: storeAuthStateInCookie is true, clearing item cookie"),this.cookieStorage.removeItem(e))}getKeys(){return this.browserStorage.getKeys()}async clear(){await this.removeAllAccounts(),this.removeAppMetadata(),this.temporaryCacheStorage.getKeys().forEach(e=>{(e.indexOf(C.CACHE_PREFIX)!==-1\|\|e.indexOf(this.clientId)!==-1)&&this.removeTemporaryItem(e)}),this.browserStorage.getKeys().forEach(e=>{(e.indexOf(C.CACHE_PREFIX)!==-1\|\|e.indexOf(this.clientId)!==-1)&&this.browserStorage.removeItem(e)}),this.internalStorage.clear()}async clearTokensAndKeysWithClaims(e,t){e.addQueueMeasurement(f.ClearTokensAndKeysWithClaims,t);const r=this.getTokenKeys(),o=[];r.accessToken.forEach(i=>{const s=this.getAccessTokenCredential(i);s!=null&&s.requestedClaimsHash&&i.includes(s.requestedClaimsHash.toLowerCase())&&o.push(this.removeAccessToken(i))}),await Promise.all(o),o.length>0&&this.logger.warning(`${o.length} access tokens with claims in the cache keys have been removed from the cache.`)}generateCacheKey(e){return this.validateAndParseJson(e)?JSON.stringify(e):at.startsWith(e,C.CACHE_PREFIX)?e:`${C.CACHE_PREFIX}.${this.clientId}.${e}`}resetRequestCache(){this.logger.trace("BrowserCacheManager.resetRequestCache called"),this.removeTemporaryItem(this.generateCacheKey(ge.REQUEST_PARAMS)),this.removeTemporaryItem(this.generateCacheKey(ge.VERIFIER)),this.removeTemporaryItem(this.generateCacheKey(ge.ORIGIN_URI)),this.removeTemporaryItem(this.generateCacheKey(ge.URL_HASH)),this.removeTemporaryItem(this.generateCacheKey(ge.NATIVE_REQUEST)),this.setInteractionInProgress(!1)}cacheAuthorizeRequest(e,t){this.logger.trace("BrowserCacheManager.cacheAuthorizeRequest called");const r=Cr(JSON.stringify(e));if(this.setTemporaryCache(ge.REQUEST_PARAMS,r,!0),t){const o=Cr(t);this.setTemporaryCache(ge.VERIFIER,o,!0)}}getCachedRequest(){this.logger.trace("BrowserCacheManager.getCachedRequest called");const e=this.getTemporaryCache(ge.REQUEST_PARAMS,!0);if(!e)throw P(Bd);const t=this.getTemporaryCache(ge.VERIFIER,!0);let r,o="";try{r=JSON.parse(ct(e)),t&&(o=ct(t))}catch(i){throw this.logger.errorPii(`Attempted to parse: ${e}`),this.logger.error(`Parsing cached token request threw with error: ${i}`),P(Gd)}return[r,o]}getCachedNativeRequest(){this.logger.trace("BrowserCacheManager.getCachedNativeRequest called");const e=this.getTemporaryCache(ge.NATIVE_REQUEST,!0);if(!e)return this.logger.trace("BrowserCacheManager.getCachedNativeRequest: No cached native request found"),null;const t=this.validateAndParseJson(e);return t\|\|(this.logger.error("BrowserCacheManager.getCachedNativeRequest: Unable to parse native request"),null)}isInteractionInProgress(e){const t=this.getInteractionInProgress();return e?t===this.clientId:!!t}getInteractionInProgress(){const e=`${C.CACHE_PREFIX}.${ge.INTERACTION_STATUS_KEY}`;return this.getTemporaryCache(e,!1)}setInteractionInProgress(e){const t=`${C.CACHE_PREFIX}.${ge.INTERACTION_STATUS_KEY}`;if(e){if(this.getInteractionInProgress())throw P(Md);this.setTemporaryCache(t,this.clientId,!1)}else!e&&this.getInteractionInProgress()===this.clientId&&this.removeTemporaryItem(t)}async hydrateCache(e,t){var a,c,d;const r=To((a=e.account)==null?void 0:a.homeAccountId,(c=e.account)==null?void 0:c.environment,e.idToken,this.clientId,e.tenantId);let o;t.claims&&(o=await this.cryptoImpl.hashString(t.claims));const i=Ao((d=e.account)==null?void 0:d.homeAccountId,e.account.environment,e.accessToken,this.clientId,e.tenantId,e.scopes.join(" "),e.expiresOn?xa(e.expiresOn):0,e.extExpiresOn?xa(e.extExpiresOn):0,ct,void 0,e.tokenType,void 0,t.sshKid,t.claims,o),s={idToken:r,accessToken:i};return this.saveCacheRecord(s,e.correlationId)}async saveCacheRecord(e,t,r){try{await super.saveCacheRecord(e,t,r)}catch(o){if(o instanceof xn&&this.performanceClient&&t)try{const i=this.getTokenKeys();this.performanceClient.addFields({cacheRtCount:i.refreshToken.length,cacheIdCount:i.idToken.length,cacheAtCount:i.accessToken.length},t)}catch{}throw o}}}function nc(n,e,t,r){try{switch(e){case ve.LocalStorage:return new nC(n,t,r);case ve.SessionStorage:return new rC;case ve.MemoryStorage:default:break}}catch(o){t.error(o)}return new Ho}const mh=(n,e,t,r)=>{const o={cacheLocation:ve.MemoryStorage,temporaryCacheLocation:ve.MemoryStorage,storeAuthStateInCookie:!1,secureCookies:!1,cacheMigrationEnabled:!1,claimsBasedCachingEnabled:!1};return new so(n,o,fr,e,t,r)};/! @azure/msal-browser v4.9.0 2025-03-25 /function Ch(n,e,t,r){return n.verbose("getAllAccounts called"),t?e.getAllAccounts(r):[]}function Pi(n,e,t){if(e.trace("getAccount called"),Object.keys(n).length===0)return e.warning("getAccount: No accountFilter provided"),null;const r=t.getAccountInfoFilteredBy(n);return r?(e.verbose("getAccount: Account matching provided filter found, returning"),r):(e.verbose("getAccount: No matching account found, returning null"),null)}function yh(n,e,t){if(e.trace("getAccountByUsername called"),!n)return e.warning("getAccountByUsername: No username provided"),null;const r=t.getAccountInfoFilteredBy({username:n});return r?(e.verbose("getAccountByUsername: Account matching username found, returning"),e.verbosePii(`getAccountByUsername: Returning signed-in accounts matching username: ${n}`),r):(e.verbose("getAccountByUsername: No matching account found, returning null"),null)}function Th(n,e,t){if(e.trace("getAccountByHomeId called"),!n)return e.warning("getAccountByHomeId: No homeAccountId provided"),null;const r=t.getAccountInfoFilteredBy({homeAccountId:n});return r?(e.verbose("getAccountByHomeId: Account matching homeAccountId found, returning"),e.verbosePii(`getAccountByHomeId: Returning signed-in accounts matching homeAccountId: ${n}`),r):(e.verbose("getAccountByHomeId: No matching account found, returning null"),null)}function Ah(n,e,t){if(e.trace("getAccountByLocalId called"),!n)return e.warning("getAccountByLocalId: No localAccountId provided"),null;const r=t.getAccountInfoFilteredBy({localAccountId:n});return r?(e.verbose("getAccountByLocalId: Account matching localAccountId found, returning"),e.verbosePii(`getAccountByLocalId: Returning signed-in accounts matching localAccountId: ${n}`),r):(e.verbose("getAccountByLocalId: No matching account found, returning null"),null)}function vh(n,e){e.setActiveAccount(n)}function wh(n){return n.getActiveAccount()}/! @azure/msal-browser v4.9.0 2025-03-25 /const oC="msal.broadcast.event";class Ih{constructor(e){this.eventCallbacks=new Map,this.logger=e\|\|new Ht({}),typeof BroadcastChannel<"u"&&(this.broadcastChannel=new BroadcastChannel(oC)),this.invokeCrossTabCallbacks=this.invokeCrossTabCallbacks.bind(this)}addEventCallback(e,t,r){if(typeof window<"u"){const o=r\|\|zm();return this.eventCallbacks.has(o)?(this.logger.error(`Event callback with id: ${o} is already registered. Please provide a unique id or remove the existing callback and try again.`),null):(this.eventCallbacks.set(o,[e,t\|\|[]]),this.logger.verbose(`Event callback registered with id: ${o}`),o)}return null}removeEventCallback(e){this.eventCallbacks.delete(e),this.logger.verbose(`Event callback ${e} removed.`)}emitEvent(e,t,r,o){var s;const i={eventType:e,interactionType:t\|\|null,payload:r\|\|null,error:o\|\|null,timestamp:Date.now()};switch(e){case N.ACCOUNT_ADDED:case N.ACCOUNT_REMOVED:case N.ACTIVE_ACCOUNT_CHANGED:(s=this.broadcastChannel)==null\|\|s.postMessage(i);break;default:this.invokeCallbacks(i);break}}invokeCallbacks(e){this.eventCallbacks.forEach(([t,r],o)=>{(r.length===0\|\|r.includes(e.eventType))&&(this.logger.verbose(`Emitting event to callback ${o}: ${e.eventType}`),t.apply(null,[e]))})}invokeCrossTabCallbacks(e){const t=e.data;this.invokeCallbacks(t)}subscribeCrossTab(){var e;(e=this.broadcastChannel)==null\|\|e.addEventListener("message",this.invokeCrossTabCallbacks)}unsubscribeCrossTab(){var e;(e=this.broadcastChannel)==null\|\|e.removeEventListener("message",this.invokeCrossTabCallbacks)}}/! @azure/msal-browser v4.9.0 2025-03-25 /class Eh{constructor(e,t,r,o,i,s,a,c,d){this.config=e,this.browserStorage=t,this.browserCrypto=r,this.networkClient=this.config.system.networkClient,this.eventHandler=i,this.navigationClient=s,this.nativeMessageHandler=c,this.correlationId=d\|\|We(),this.logger=o.clone(He.MSAL_SKU,Bn,this.correlationId),this.performanceClient=a}async clearCacheOnLogout(e){if(e){Re.accountInfoIsEqual(e,this.browserStorage.getActiveAccount(),!1)&&(this.logger.verbose("Setting active account to null"),this.browserStorage.setActiveAccount(null));try{await this.browserStorage.removeAccount(Re.generateAccountCacheKey(e)),this.logger.verbose("Cleared cache items belonging to the account provided in the logout request.")}catch{this.logger.error("Account provided in logout request was not found. Local cache unchanged.")}}else try{this.logger.verbose("No account provided in logout request, clearing all cache items.",this.correlationId),await this.browserStorage.clear(),await this.browserCrypto.clearKeystore()}catch{this.logger.error("Attempted to clear all MSAL cache items and failed. Local cache unchanged.")}}getRedirectUri(e){this.logger.verbose("getRedirectUri called");const t=e\|\|this.config.auth.redirectUri;return Q.getAbsoluteUrl(t,Nt())}initializeServerTelemetryManager(e,t){this.logger.verbose("initializeServerTelemetryManager called");const r={clientId:this.config.auth.clientId,correlationId:this.correlationId,apiId:e,forceRefresh:t\|\|!1,wrapperSKU:this.browserStorage.getWrapperMetadata()[0],wrapperVer:this.browserStorage.getWrapperMetadata()[1]};return new pr(r,this.browserStorage)}async getDiscoveredAuthority(e){const{account:t}=e,r=e.requestExtraQueryParameters&&e.requestExtraQueryParameters.hasOwnProperty("instance_aware")?e.requestExtraQueryParameters.instance_aware:void 0;this.performanceClient.addQueueMeasurement(f.StandardInteractionClientGetDiscoveredAuthority,this.correlationId);const o={protocolMode:this.config.auth.protocolMode,OIDCOptions:this.config.auth.OIDCOptions,knownAuthorities:this.config.auth.knownAuthorities,cloudDiscoveryMetadata:this.config.auth.cloudDiscoveryMetadata,authorityMetadata:this.config.auth.authorityMetadata,skipAuthorityMetadataCache:this.config.auth.skipAuthorityMetadataCache},i=e.requestAuthority\|\|this.config.auth.authority,s=r!=null&&r.length?r==="true":this.config.auth.instanceAware,a=t&&s?this.config.auth.authority.replace(Q.getDomainFromUrl(i),t.environment):i,c=Ee.generateAuthority(a,e.requestAzureCloudOptions\|\|this.config.auth.azureCloudOptions),d=await T(yd,f.AuthorityFactoryCreateDiscoveredInstance,this.logger,this.performanceClient,this.correlationId)(c,this.config.system.networkClient,this.browserStorage,o,this.logger,this.correlationId,this.performanceClient);if(t&&!d.isAlias(t.environment))throw oe(Wl);return d}}/! @azure/msal-browser v4.9.0 2025-03-25 /async function zs(n,e,t,r){t.addQueueMeasurement(f.InitializeBaseRequest,n.correlationId);const o=n.authority\|\|e.auth.authority,i=[...n&&n.scopes\|\|[]],s={...n,correlationId:n.correlationId,authority:o,scopes:i};if(!s.authenticationScheme)s.authenticationScheme=X.BEARER,r.verbose(`Authentication Scheme wasn't explicitly set in request, defaulting to "Bearer" request`);else{if(s.authenticationScheme===X.SSH){if(!n.sshJwk)throw oe(Io);if(!n.sshKid)throw oe(ql)}r.verbose(`Authentication Scheme set to "${s.authenticationScheme}" as configured in Auth request`)}return e.cache.claimsBasedCachingEnabled&&n.claims&&!at.isEmptyObj(n.claims)&&(s.requestedClaimsHash=await dh(n.claims)),s}async function iC(n,e,t,r,o){r.addQueueMeasurement(f.InitializeSilentRequest,n.correlationId);const i=await T(zs,f.InitializeBaseRequest,o,r,n.correlationId)(n,t,r,o);return{...n,...i,account:e,forceRefresh:n.forceRefresh\|\|!1}}/! @azure/msal-browser v4.9.0 2025-03-25 /class Gn extends Eh{initializeLogoutRequest(e){this.logger.verbose("initializeLogoutRequest called",e==null?void 0:e.correlationId);const t={correlationId:this.correlationId\|\|We(),...e};if(e)if(e.logoutHint)this.logger.verbose("logoutHint has already been set in logoutRequest");else if(e.account){const r=this.getLogoutHintFromIdTokenClaims(e.account);r&&(this.logger.verbose("Setting logoutHint to login_hint ID Token Claim value for the account provided"),t.logoutHint=r)}else this.logger.verbose("logoutHint was not set and account was not passed into logout request, logoutHint will not be set");else this.logger.verbose("logoutHint will not be set since no logout request was configured");return!e\|\|e.postLogoutRedirectUri!==null?e&&e.postLogoutRedirectUri?(this.logger.verbose("Setting postLogoutRedirectUri to uri set on logout request",t.correlationId),t.postLogoutRedirectUri=Q.getAbsoluteUrl(e.postLogoutRedirectUri,Nt())):this.config.auth.postLogoutRedirectUri===null?this.logger.verbose("postLogoutRedirectUri configured as null and no uri set on request, not passing post logout redirect",t.correlationId):this.config.auth.postLogoutRedirectUri?(this.logger.verbose("Setting postLogoutRedirectUri to configured uri",t.correlationId),t.postLogoutRedirectUri=Q.getAbsoluteUrl(this.config.auth.postLogoutRedirectUri,Nt())):(this.logger.verbose("Setting postLogoutRedirectUri to current page",t.correlationId),t.postLogoutRedirectUri=Q.getAbsoluteUrl(Nt(),Nt())):this.logger.verbose("postLogoutRedirectUri passed as null, not setting post logout redirect uri",t.correlationId),t}getLogoutHintFromIdTokenClaims(e){const t=e.idTokenClaims;if(t){if(t.login_hint)return t.login_hint;this.logger.verbose("The ID Token Claims tied to the provided account do not contain a login_hint claim, logoutHint will not be added to logout request")}else this.logger.verbose("The provided account does not contain ID Token Claims, logoutHint will not be added to logout request");return null}async createAuthCodeClient(e){this.performanceClient.addQueueMeasurement(f.StandardInteractionClientCreateAuthCodeClient,this.correlationId);const t=await T(this.getClientConfiguration.bind(this),f.StandardInteractionClientGetClientConfiguration,this.logger,this.performanceClient,this.correlationId)(e);return new wd(t,this.performanceClient)}async getClientConfiguration(e){const{serverTelemetryManager:t,requestAuthority:r,requestAzureCloudOptions:o,requestExtraQueryParameters:i,account:s}=e;this.performanceClient.addQueueMeasurement(f.StandardInteractionClientGetClientConfiguration,this.correlationId);const a=await T(this.getDiscoveredAuthority.bind(this),f.StandardInteractionClientGetDiscoveredAuthority,this.logger,this.performanceClient,this.correlationId)({requestAuthority:r,requestAzureCloudOptions:o,requestExtraQueryParameters:i,account:s}),c=this.config.system.loggerOptions;return{authOptions:{clientId:this.config.auth.clientId,authority:a,clientCapabilities:this.config.auth.clientCapabilities,redirectUri:this.config.auth.redirectUri},systemOptions:{tokenRenewalOffsetSeconds:this.config.system.tokenRenewalOffsetSeconds,preventCorsPreflight:!0},loggerOptions:{loggerCallback:c.loggerCallback,piiLoggingEnabled:c.piiLoggingEnabled,logLevel:c.logLevel,correlationId:this.correlationId},cacheOptions:{claimsBasedCachingEnabled:this.config.cache.claimsBasedCachingEnabled},cryptoInterface:this.browserCrypto,networkInterface:this.networkClient,storageInterface:this.browserStorage,serverTelemetryManager:t,libraryInfo:{sku:He.MSAL_SKU,version:Bn,cpu:C.EMPTY_STRING,os:C.EMPTY_STRING},telemetry:this.config.telemetry}}async initializeAuthorizationRequest(e,t){this.performanceClient.addQueueMeasurement(f.StandardInteractionClientInitializeAuthorizationRequest,this.correlationId);const r=this.getRedirectUri(e.redirectUri),o={interactionType:t},i=Fn.setRequestState(this.browserCrypto,e&&e.state\|\|C.EMPTY_STRING,o),a={...await T(zs,f.InitializeBaseRequest,this.logger,this.performanceClient,this.correlationId)({...e,correlationId:this.correlationId},this.config,this.performanceClient,this.logger),redirectUri:r,state:i,nonce:e.nonce\|\|We(),responseMode:this.config.auth.OIDCOptions.serverResponseType};if(e.loginHint\|\|e.sid)return a;const c=e.account\|\|this.browserStorage.getActiveAccount();return c&&(this.logger.verbose("Setting validated request account",this.correlationId),this.logger.verbosePii(`Setting validated request account: ${c.homeAccountId}`,this.correlationId),a.account=c),a}}/! @azure/msal-browser v4.9.0 2025-03-25 /const sC="ContentError",_h="user_switch";/! @azure/msal-browser v4.9.0 2025-03-25 /const aC="USER_INTERACTION_REQUIRED",cC="USER_CANCEL",lC="NO_NETWORK",dC="PERSISTENT_ERROR",hC="DISABLED",uC="ACCOUNT_UNAVAILABLE";/! @azure/msal-browser v4.9.0 2025-03-25 /const fC=-2147186943,gC={[_h]:"User attempted to switch accounts in the native broker, which is not allowed. All new accounts must sign-in through the standard web flow first, please try again."};class yt extends Z{constructor(e,t,r){super(e,t),Object.setPrototypeOf(this,yt.prototype),this.name="NativeAuthError",this.ext=r}}function _n(n){if(n.ext&&n.ext.status&&(n.ext.status===dC\|\|n.ext.status===hC)\|\|n.ext&&n.ext.error&&n.ext.error===fC)return!0;switch(n.errorCode){case sC:return!0;default:return!1}}function Ni(n,e,t){if(t&&t.status)switch(t.status){case uC:return wi(Td);case aC:return new nt(n,e);case cC:return P(mr);case lC:return P(ro)}return new yt(n,gC[n]\|\|e,t)}/! @azure/msal-browser v4.9.0 2025-03-25 /class At{constructor(e,t,r,o){this.logger=e,this.handshakeTimeoutMs=t,this.extensionId=o,this.resolvers=new Map,this.handshakeResolvers=new Map,this.messageChannel=new MessageChannel,this.windowListener=this.onWindowMessage.bind(this),this.performanceClient=r,this.handshakeEvent=r.startMeasurement(f.NativeMessageHandlerHandshake)}async sendMessage(e){this.logger.trace("NativeMessageHandler - sendMessage called.");const t={channel:Sn.CHANNEL_ID,extensionId:this.extensionId,responseId:We(),body:e};return this.logger.trace("NativeMessageHandler - Sending request to browser extension"),this.logger.tracePii(`NativeMessageHandler - Sending request to browser extension: ${JSON.stringify(t)}`),this.messageChannel.port1.postMessage(t),new Promise((r,o)=>{this.resolvers.set(t.responseId,{resolve:r,reject:o})})}static async createProvider(e,t,r){e.trace("NativeMessageHandler - createProvider called.");try{const o=new At(e,t,r,Sn.PREFERRED_EXTENSION_ID);return await o.sendHandshakeRequest(),o}catch{const i=new At(e,t,r);return await i.sendHandshakeRequest(),i}}async sendHandshakeRequest(){this.logger.trace("NativeMessageHandler - sendHandshakeRequest called."),window.addEventListener("message",this.windowListener,!1);const e={channel:Sn.CHANNEL_ID,extensionId:this.extensionId,responseId:We(),body:{method:ln.HandshakeRequest}};return this.handshakeEvent.add({extensionId:this.extensionId,extensionHandshakeTimeoutMs:this.handshakeTimeoutMs}),this.messageChannel.port1.onmessage=t=>{this.onChannelMessage(t)},window.postMessage(e,window.origin,[this.messageChannel.port2]),new Promise((t,r)=>{this.handshakeResolvers.set(e.responseId,{resolve:t,reject:r}),this.timeoutId=window.setTimeout(()=>{window.removeEventListener("message",this.windowListener,!1),this.messageChannel.port1.close(),this.messageChannel.port2.close(),this.handshakeEvent.end({extensionHandshakeTimedOut:!0,success:!1}),r(P(Qd)),this.handshakeResolvers.delete(e.responseId)},this.handshakeTimeoutMs)})}onWindowMessage(e){if(this.logger.trace("NativeMessageHandler - onWindowMessage called"),e.source!==window)return;const t=e.data;if(!(!t.channel\|\|t.channel!==Sn.CHANNEL_ID)&&!(t.extensionId&&t.extensionId!==this.extensionId)&&t.body.method===ln.HandshakeRequest){const r=this.handshakeResolvers.get(t.responseId);if(!r){this.logger.trace(`NativeMessageHandler.onWindowMessage - resolver can't be found for request ${t.responseId}`);return}this.logger.verbose(t.extensionId?`Extension with id: ${t.extensionId} not installed`:"No extension installed"),clearTimeout(this.timeoutId),this.messageChannel.port1.close(),this.messageChannel.port2.close(),window.removeEventListener("message",this.windowListener,!1),this.handshakeEvent.end({success:!1,extensionInstalled:!1}),r.reject(P(Jd))}}onChannelMessage(e){this.logger.trace("NativeMessageHandler - onChannelMessage called.");const t=e.data,r=this.resolvers.get(t.responseId),o=this.handshakeResolvers.get(t.responseId);try{const i=t.body.method;if(i===ln.Response){if(!r)return;const s=t.body.response;if(this.logger.trace("NativeMessageHandler - Received response from browser extension"),this.logger.tracePii(`NativeMessageHandler - Received response from browser extension: ${JSON.stringify(s)}`),s.status!=="Success")r.reject(Ni(s.code,s.description,s.ext));else if(s.result)s.result.code&&s.result.description?r.reject(Ni(s.result.code,s.result.description,s.result.ext)):r.resolve(s.result);else throw ul(Zi,"Event does not contain result.");this.resolvers.delete(t.responseId)}else if(i===ln.HandshakeResponse){if(!o){this.logger.trace(`NativeMessageHandler.onChannelMessage - resolver can't be found for request ${t.responseId}`);return}clearTimeout(this.timeoutId),window.removeEventListener("message",this.windowListener,!1),this.extensionId=t.extensionId,this.extensionVersion=t.body.version,this.logger.verbose(`NativeMessageHandler - Received HandshakeResponse from extension: ${this.extensionId}`),this.handshakeEvent.end({extensionInstalled:!0,success:!0}),o.resolve(),this.handshakeResolvers.delete(t.responseId)}}catch(i){this.logger.error("Error parsing response from WAM Extension"),this.logger.errorPii(`Error parsing response from WAM Extension: ${i}`),this.logger.errorPii(`Unable to parse ${e}`),r?r.reject(i):o&&o.reject(i)}}getExtensionId(){return this.extensionId}getExtensionVersion(){return this.extensionVersion}static isPlatformBrokerAvailable(e,t,r,o){if(t.trace("isPlatformBrokerAvailable called"),!e.system.allowPlatformBroker)return t.trace("isPlatformBrokerAvailable: allowPlatformBroker is not enabled, returning false"),!1;if(!r)return t.trace("isPlatformBrokerAvailable: Platform extension provider is not initialized, returning false"),!1;if(o)switch(o){case X.BEARER:case X.POP:return t.trace("isPlatformBrokerAvailable: authenticationScheme is supported, returning true"),!0;default:return t.trace("isPlatformBrokerAvailable: authenticationScheme is not supported, returning false"),!1}return!0}}/! @azure/msal-browser v4.9.0 2025-03-25 /function pC(n,e){if(!e)return null;try{return Fn.parseRequestState(n,e).libraryState.meta}catch{throw v(Ln)}}/! @azure/msal-browser v4.9.0 2025-03-25 /function ao(n,e,t){const r=Jr(n);if(!r)throw Ql(n)?(t.error(`A ${e} is present in the iframe but it does not contain known properties. It's likely that the ${e} has been replaced by code running on the redirectUri page.`),t.errorPii(`The ${e} detected is: ${n}`),P(Od)):(t.error(`The request has returned to the redirectUri but a ${e} is not present. It's likely that the ${e} has been removed or the page has been redirected by code running on the redirectUri page.`),P(Rd));return r}function mC(n,e,t){if(!n.state)throw P(Os);const r=pC(e,n.state);if(!r)throw P(Pd);if(r.interactionType!==t)throw P(Nd)}/! @azure/msal-browser v4.9.0 2025-03-25 /class Sh{constructor(e,t,r,o,i){this.authModule=e,this.browserStorage=t,this.authCodeRequest=r,this.logger=o,this.performanceClient=i}async handleCodeResponse(e,t){this.performanceClient.addQueueMeasurement(f.HandleCodeResponse,t.correlationId);let r;try{r=nm(e,t.state)}catch(o){throw o instanceof en&&o.subError===mr?P(mr):o}return T(this.handleCodeResponseFromServer.bind(this),f.HandleCodeResponseFromServer,this.logger,this.performanceClient,t.correlationId)(r,t)}async handleCodeResponseFromServer(e,t,r=!0){if(this.performanceClient.addQueueMeasurement(f.HandleCodeResponseFromServer,t.correlationId),this.logger.trace("InteractionHandler.handleCodeResponseFromServer called"),this.authCodeRequest.code=e.code,e.cloud_instance_host_name&&await T(this.authModule.updateAuthority.bind(this.authModule),f.UpdateTokenEndpointAuthority,this.logger,this.performanceClient,t.correlationId)(e.cloud_instance_host_name,t.correlationId),r&&(e.nonce=t.nonce\|\|void 0),e.state=t.state,e.client_info)this.authCodeRequest.clientInfo=e.client_info;else{const i=this.createCcsCredentials(t);i&&(this.authCodeRequest.ccsCredential=i)}return await T(this.authModule.acquireToken.bind(this.authModule),f.AuthClientAcquireToken,this.logger,this.performanceClient,t.correlationId)(this.authCodeRequest,e)}createCcsCredentials(e){return e.account?{credential:e.account.homeAccountId,type:it.HOME_ACCOUNT_ID}:e.loginHint?{credential:e.loginHint,type:it.UPN}:null}}/! @azure/msal-browser v4.9.0 2025-03-25 /class bh extends Gn{async acquireToken(e){this.performanceClient.addQueueMeasurement(f.SilentCacheClientAcquireToken,e.correlationId);const t=this.initializeServerTelemetryManager(se.acquireTokenSilent_silentFlow),r=await T(this.getClientConfiguration.bind(this),f.StandardInteractionClientGetClientConfiguration,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:t,requestAuthority:e.authority,requestAzureCloudOptions:e.azureCloudOptions,account:e.account}),o=new Zp(r,this.performanceClient);this.logger.verbose("Silent auth client created");try{const s=(await T(o.acquireCachedToken.bind(o),f.SilentFlowClientAcquireCachedToken,this.logger,this.performanceClient,e.correlationId)(e))[0];return this.performanceClient.addFields({fromCache:!0},e.correlationId),s}catch(i){throw i instanceof Ar&&i.errorCode===Ps&&this.logger.verbose("Signing keypair for bound access token not found. Refreshing bound access token and generating a new crypto keypair."),i}}logout(e){this.logger.verbose("logoutRedirect called");const t=this.initializeLogoutRequest(e);return this.clearCacheOnLogout(t==null?void 0:t.account)}}/! @azure/msal-browser v4.9.0 2025-03-25 /class Fr extends Eh{constructor(e,t,r,o,i,s,a,c,d,l,h,p){var b;super(e,t,r,o,i,s,c,d,p),this.apiId=a,this.accountId=l,this.nativeMessageHandler=d,this.nativeStorageManager=h,this.silentCacheClient=new bh(e,this.nativeStorageManager,r,o,i,s,c,d,p);const y=this.nativeMessageHandler.getExtensionId()===Sn.PREFERRED_EXTENSION_ID?"chrome":(b=this.nativeMessageHandler.getExtensionId())!=null&&b.length?"unknown":void 0;this.skus=pr.makeExtraSkuString({libraryName:He.MSAL_SKU,libraryVersion:Bn,extensionName:y,extensionVersion:this.nativeMessageHandler.getExtensionVersion()})}addRequestSKUs(e){e.extraParameters={...e.extraParameters,[wp]:this.skus}}async acquireToken(e,t){this.performanceClient.addQueueMeasurement(f.NativeInteractionClientAcquireToken,e.correlationId),this.logger.trace("NativeInteractionClient - acquireToken called.");const r=this.performanceClient.startMeasurement(f.NativeInteractionClientAcquireToken,e.correlationId),o=Fe(),i=this.initializeServerTelemetryManager(this.apiId);try{const s=await this.initializeNativeRequest(e);try{const h=await this.acquireTokensFromCache(this.accountId,s);return r.end({success:!0,isNativeBroker:!1,fromCache:!0}),h}catch(h){if(t===ye.AccessToken)throw this.logger.info("MSAL internal Cache does not contain tokens, return error as per cache policy"),h;this.logger.info("MSAL internal Cache does not contain tokens, proceed to make a native call")}const{...a}=s,c={method:ln.GetToken,request:a},d=await this.nativeMessageHandler.sendMessage(c),l=this.validateNativeResponse(d);return await this.handleNativeResponse(l,s,o).then(h=>(r.end({success:!0,isNativeBroker:!0,requestId:h.requestId}),i.clearNativeBrokerErrorCode(),h)).catch(h=>{throw r.end({success:!1,errorCode:h.errorCode,subErrorCode:h.subError,isNativeBroker:!0}),h})}catch(s){throw s instanceof yt&&i.setNativeBrokerErrorCode(s.errorCode),s}}createSilentCacheRequest(e,t){return{authority:e.authority,correlationId:this.correlationId,scopes:fe.fromString(e.scope).asArray(),account:t,forceRefresh:!1}}async acquireTokensFromCache(e,t){if(!e)throw this.logger.warning("NativeInteractionClient:acquireTokensFromCache - No nativeAccountId provided"),v(Wr);const r=this.browserStorage.getBaseAccountInfo({nativeAccountId:e});if(!r)throw v(Wr);try{const o=this.createSilentCacheRequest(t,r),i=await this.silentCacheClient.acquireToken(o),s={...r,idTokenClaims:i==null?void 0:i.idTokenClaims,idToken:i==null?void 0:i.idToken};return{...i,account:s}}catch(o){throw o}}async acquireTokenRedirect(e,t){this.logger.trace("NativeInteractionClient - acquireTokenRedirect called.");const{...r}=e;delete r.onRedirectNavigate;const o=await this.initializeNativeRequest(r),i={method:ln.GetToken,request:o};try{const c=await this.nativeMessageHandler.sendMessage(i);this.validateNativeResponse(c)}catch(c){if(c instanceof yt&&(this.initializeServerTelemetryManager(this.apiId).setNativeBrokerErrorCode(c.errorCode),_n(c)))throw c}this.browserStorage.setTemporaryCache(ge.NATIVE_REQUEST,JSON.stringify(o),!0);const s={apiId:se.acquireTokenRedirect,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},a=this.config.auth.navigateToLoginRequestUrl?window.location.href:this.getRedirectUri(e.redirectUri);t.end({success:!0}),await this.navigationClient.navigateExternal(a,s)}async handleRedirectPromise(e,t){if(this.logger.trace("NativeInteractionClient - handleRedirectPromise called."),!this.browserStorage.isInteractionInProgress(!0))return this.logger.info("handleRedirectPromise called but there is no interaction in progress, returning null."),null;const r=this.browserStorage.getCachedNativeRequest();if(!r)return this.logger.verbose("NativeInteractionClient - handleRedirectPromise called but there is no cached request, returning null."),e&&t&&(e==null\|\|e.addFields({errorCode:"no_cached_request"},t)),null;const{prompt:o,...i}=r;o&&this.logger.verbose("NativeInteractionClient - handleRedirectPromise called and prompt was included in the original request, removing prompt from cached request to prevent second interaction with native broker window."),this.browserStorage.removeItem(this.browserStorage.generateCacheKey(ge.NATIVE_REQUEST));const s={method:ln.GetToken,request:i},a=Fe();try{this.logger.verbose("NativeInteractionClient - handleRedirectPromise sending message to native broker.");const c=await this.nativeMessageHandler.sendMessage(s);this.validateNativeResponse(c);const l=await this.handleNativeResponse(c,i,a);return this.initializeServerTelemetryManager(this.apiId).clearNativeBrokerErrorCode(),l}catch(c){throw c}}logout(){return this.logger.trace("NativeInteractionClient - logout called."),Promise.reject("Logout not implemented yet")}async handleNativeResponse(e,t,r){var l,h;this.logger.trace("NativeInteractionClient - handleNativeResponse called.");const o=Yt(e.id_token,ct),i=this.createHomeAccountIdentifier(e,o),s=(l=this.browserStorage.getAccountInfoFilteredBy({nativeAccountId:t.accountId}))==null?void 0:l.homeAccountId;if((h=t.extraParameters)!=null&&h.child_client_id&&e.account.id!==t.accountId)this.logger.info("handleNativeServerResponse: Double broker flow detected, ignoring accountId mismatch");else if(i!==s&&e.account.id!==t.accountId)throw Ni(_h);const a=await this.getDiscoveredAuthority({requestAuthority:t.authority}),c=_s(this.browserStorage,a,i,ct,o,e.client_info,void 0,o.tid,void 0,e.account.id,this.logger);e.expires_in=Number(e.expires_in);const d=await this.generateAuthenticationResult(e,t,o,c,a.canonicalAuthority,r);return await this.cacheAccount(c),await this.cacheNativeTokens(e,t,i,o,e.access_token,d.tenantId,r),d}createHomeAccountIdentifier(e,t){return Re.generateHomeAccountId(e.client_info\|\|C.EMPTY_STRING,rt.Default,this.logger,this.browserCrypto,t)}generateScopes(e,t){return e.scope?fe.fromString(e.scope):fe.fromString(t.scope)}async generatePopAccessToken(e,t){if(t.tokenType===X.POP&&t.signPopToken){if(e.shr)return this.logger.trace("handleNativeServerResponse: SHR is enabled in native layer"),e.shr;const r=new Un(this.browserCrypto),o={resourceRequestMethod:t.resourceRequestMethod,resourceRequestUri:t.resourceRequestUri,shrClaims:t.shrClaims,shrNonce:t.shrNonce};if(!t.keyId)throw v(is);return r.signPopToken(e.access_token,t.keyId,o)}else return e.access_token}async generateAuthenticationResult(e,t,r,o,i,s){const a=this.addTelemetryFromNativeResponse(e),c=e.scope?fe.fromString(e.scope):fe.fromString(t.scope),d=e.account.properties\|\|{},l=d.UID\|\|r.oid\|\|r.sub\|\|C.EMPTY_STRING,h=d.TenantId\|\|r.tid\|\|C.EMPTY_STRING,p=hs(o.getAccountInfo(),void 0,r,e.id_token);p.nativeAccountId!==e.account.id&&(p.nativeAccountId=e.account.id);const y=await this.generatePopAccessToken(e,t),b=t.tokenType===X.POP?X.POP:X.BEARER;return{authority:i,uniqueId:l,tenantId:h,scopes:c.asArray(),account:p,idToken:e.id_token,idTokenClaims:r,accessToken:y,fromCache:a?this.isResponseFromCache(a):!1,expiresOn:xt(s+e.expires_in),tokenType:b,correlationId:this.correlationId,state:e.state,fromNativeBroker:!0}}async cacheAccount(e){await this.browserStorage.setAccount(e,this.correlationId),this.browserStorage.removeAccountContext(e).catch(t=>{this.logger.error(`Error occurred while removing account context from browser storage. ${t}`)})}cacheNativeTokens(e,t,r,o,i,s,a){const c=To(r,t.authority,e.id_token\|\|"",t.clientId,o.tid\|\|""),d=t.tokenType===X.POP?C.SHR_NONCE_VALIDITY:(typeof e.expires_in=="string"?parseInt(e.expires_in,10):e.expires_in)\|\|0,l=a+d,h=this.generateScopes(e,t),p=Ao(r,t.authority,i,t.clientId,o.tid\|\|s,h.printScopes(),l,0,ct,void 0,t.tokenType,void 0,t.keyId),y={idToken:c,accessToken:p};return this.nativeStorageManager.saveCacheRecord(y,this.correlationId,t.storeInCache)}addTelemetryFromNativeResponse(e){const t=this.getMATSFromResponse(e);return t?(this.performanceClient.addFields({extensionId:this.nativeMessageHandler.getExtensionId(),extensionVersion:this.nativeMessageHandler.getExtensionVersion(),matsBrokerVersion:t.broker_version,matsAccountJoinOnStart:t.account_join_on_start,matsAccountJoinOnEnd:t.account_join_on_end,matsDeviceJoin:t.device_join,matsPromptBehavior:t.prompt_behavior,matsApiErrorCode:t.api_error_code,matsUiVisible:t.ui_visible,matsSilentCode:t.silent_code,matsSilentBiSubCode:t.silent_bi_sub_code,matsSilentMessage:t.silent_message,matsSilentStatus:t.silent_status,matsHttpStatus:t.http_status,matsHttpEventCount:t.http_event_count},this.correlationId),t):null}validateNativeResponse(e){if(e.hasOwnProperty("access_token")&&e.hasOwnProperty("id_token")&&e.hasOwnProperty("client_info")&&e.hasOwnProperty("account")&&e.hasOwnProperty("scope")&&e.hasOwnProperty("expires_in"))return e;throw ul(Zi,"Response missing expected properties.")}getMATSFromResponse(e){if(e.properties.MATS)try{return JSON.parse(e.properties.MATS)}catch{this.logger.error("NativeInteractionClient - Error parsing MATS telemetry, returning null instead")}return null}isResponseFromCache(e){return typeof e.is_cached>"u"?(this.logger.verbose("NativeInteractionClient - MATS telemetry does not contain field indicating if response was served from cache. Returning false."),!1):!!e.is_cached}async initializeNativeRequest(e){this.logger.trace("NativeInteractionClient - initializeNativeRequest called");const t=e.authority\|\|this.config.auth.authority;e.account&&await this.getDiscoveredAuthority({requestAuthority:t,requestAzureCloudOptions:e.azureCloudOptions,account:e.account});const r=new Q(t);r.validateAsUri();const{scopes:o,...i}=e,s=new fe(o\|\|[]);s.appendScopes(yn);const a=()=>{switch(this.apiId){case se.ssoSilent:case se.acquireTokenSilent_silentFlow:return this.logger.trace("initializeNativeRequest: silent request sets prompt to none"),Ae.NONE}if(!e.prompt){this.logger.trace("initializeNativeRequest: prompt was not provided");return}switch(e.prompt){case Ae.NONE:case Ae.CONSENT:case Ae.LOGIN:return this.logger.trace("initializeNativeRequest: prompt is compatible with native flow"),e.prompt;default:throw this.logger.trace(`initializeNativeRequest: prompt = ${e.prompt} is not compatible with native flow`),P(Xd)}},c={...i,accountId:this.accountId,clientId:this.config.auth.clientId,authority:r.urlString,scope:s.printScopes(),redirectUri:this.getRedirectUri(e.redirectUri),prompt:a(),correlationId:this.correlationId,tokenType:e.authenticationScheme,windowTitleSubstring:document.title,extraParameters:{...e.extraQueryParameters,...e.tokenQueryParameters},extendedExpiryToken:!1,keyId:e.popKid};if(c.signPopToken&&e.popKid)throw P(eh);if(this.handleExtraBrokerParams(c),c.extraParameters=c.extraParameters\|\|{},c.extraParameters.telemetry=Sn.MATS_TELEMETRY,e.authenticationScheme===X.POP){const d={resourceRequestUri:e.resourceRequestUri,resourceRequestMethod:e.resourceRequestMethod,shrClaims:e.shrClaims,shrNonce:e.shrNonce},l=new Un(this.browserCrypto);let h;if(c.keyId)h=this.browserCrypto.base64UrlEncode(JSON.stringify({kid:c.keyId})),c.signPopToken=!1;else{const p=await T(l.generateCnf.bind(l),f.PopTokenGenerateCnf,this.logger,this.performanceClient,e.correlationId)(d,this.logger);h=p.reqCnfString,c.keyId=p.kid,c.signPopToken=!0}c.reqCnf=h}return this.addRequestSKUs(c),c}handleExtraBrokerParams(e){var i;const t=e.extraParameters&&e.extraParameters.hasOwnProperty(Zr)&&e.extraParameters.hasOwnProperty(eo)&&e.extraParameters.hasOwnProperty(gn);if(!e.embeddedClientId&&!t)return;let r="";const o=e.redirectUri;e.embeddedClientId?(e.redirectUri=this.config.auth.redirectUri,r=e.embeddedClientId):e.extraParameters&&(e.redirectUri=e.extraParameters[eo],r=e.extraParameters[gn]),e.extraParameters={child_client_id:r,child_redirect_uri:o},(i=this.performanceClient)==null\|\|i.addFields({embeddedClientId:r,embeddedRedirectUri:o},e.correlationId)}}/! @azure/msal-browser v4.9.0 2025-03-25 /async function kh(n,e,t,r,o){const i=tm({...n.auth,authority:e},t,r,o);if(Ts(i,{sku:He.MSAL_SKU,version:Bn,os:"",cpu:""}),n.auth.protocolMode!==Ue.OIDC&&As(i,n.telemetry.application),t.platformBroker&&(Sp(i),t.authenticationScheme===X.POP)){const s=new It(r,o),a=new Un(s);let c;t.popKid?c=s.encodeKid(t.popKid):c=(await T(a.generateCnf.bind(a),f.PopTokenGenerateCnf,r,o,t.correlationId)(t,r)).reqCnfString,ws(i,c)}return _o(i,t.correlationId,o),i}async function qs(n,e,t,r,o){if(!t.codeChallenge)throw oe(wo);const i=await T(kh,f.GetStandardParams,r,o,t.correlationId)(n,e,t,r,o);return id(i,dl.CODE),Np(i,t.codeChallenge,C.S256_CODE_CHALLENGE_METHOD),hn(i,t.extraQueryParameters\|\|{}),Id(e,i)}async function Vs(n,e,t,r,o,i){if(!r.earJwk)throw P(Rs);const s=await kh(e,t,r,o,i);id(s,dl.IDTOKEN_TOKEN_REFRESHTOKEN),Up(s,r.earJwk);const a=new Map;hn(a,r.extraQueryParameters\|\|{});const c=Id(t,a);return CC(n,c,s)}function CC(n,e,t){const r=n.createElement("form");return r.method="post",r.action=e,t.forEach((o,i)=>{const s=n.createElement("input");s.hidden=!0,s.name=i,s.value=o,r.appendChild(s)}),n.body.appendChild(r),r}async function Rh(n,e,t,r,o,i,s,a,c,d){if(!d)throw P(Ms);const l=new It(a,c),h=new Fr(r,o,l,a,s,r.system.navigationClient,t,c,d,e,i,n.correlationId),{userRequestState:p}=Fn.parseRequestState(l,n.state);return T(h.acquireToken.bind(h),f.NativeInteractionClientAcquireToken,a,c,n.correlationId)({...n,state:p,prompt:void 0})}async function js(n,e,t,r,o,i,s,a,c,d,l,h){if(Ct.removeThrottle(s,o.auth.clientId,n),e.accountId)return T(Rh,f.HandleResponsePlatformBroker,d,l,n.correlationId)(n,e.accountId,r,o,s,a,c,d,l,h);const p={...n,code:e.code\|\|"",codeVerifier:t},y=new Sh(i,s,p,d,l);return await T(y.handleCodeResponse.bind(y),f.HandleCodeResponse,d,l,n.correlationId)(e,n)}async function Ws(n,e,t,r,o,i,s,a,c,d,l){if(Ct.removeThrottle(i,r.auth.clientId,n),Ed(e,n.state),!e.ear_jwe)throw P(kd);if(!n.earJwk)throw P(Rs);const h=JSON.parse(await T(Nm,f.DecryptEarResponse,c,d,n.correlationId)(n.earJwk,e.ear_jwe));if(h.accountId)return T(Rh,f.HandleResponsePlatformBroker,c,d,n.correlationId)(n,h.accountId,t,r,i,s,a,c,d,l);const p=new pn(r.auth.clientId,i,new It(c,d),c,null,null,d);p.validateTokenResponse(h);const y={code:"",state:n.state,nonce:n.nonce,client_info:h.client_info,cloud_graph_host_name:h.cloud_graph_host_name,cloud_instance_host_name:h.cloud_instance_host_name,cloud_instance_name:h.cloud_instance_name,msgraph_host:h.msgraph_host};return await T(p.handleServerTokenResponse.bind(p),f.HandleServerTokenResponse,c,d,n.correlationId)(h,o,Fe(),n,y,void 0,void 0,void 0,void 0)}/! @azure/msal-browser v4.9.0 2025-03-25 /const yC=32;async function Lo(n,e,t){n.addQueueMeasurement(f.GeneratePkceCodes,t);const r=lt(TC,f.GenerateCodeVerifier,e,n,t)(n,e,t),o=await T(AC,f.GenerateCodeChallengeFromVerifier,e,n,t)(r,n,e,t);return{verifier:r,challenge:o}}function TC(n,e,t){try{const r=new Uint8Array(yC);return lt(bm,f.GetRandomValues,e,n,t)(r),Qt(r)}catch{throw P(ks)}}async function AC(n,e,t,r){e.addQueueMeasurement(f.GenerateCodeChallengeFromVerifier,r);try{const o=await T(ah,f.Sha256Digest,t,e,r)(n,e,r);return Qt(new Uint8Array(o))}catch{throw P(ks)}}/! @azure/msal-browser v4.9.0 2025-03-25 /class vC extends Gn{constructor(e,t,r,o,i,s,a,c,d,l){super(e,t,r,o,i,s,a,d,l),this.unloadWindow=this.unloadWindow.bind(this),this.nativeStorage=c,this.eventHandler=i}acquireToken(e,t){try{const o={popupName:this.generatePopupName(e.scopes\|\|yn,e.authority\|\|this.config.auth.authority),popupWindowAttributes:e.popupWindowAttributes\|\|{},popupWindowParent:e.popupWindowParent??window};return this.performanceClient.addFields({isAsyncPopup:this.config.system.asyncPopups},this.correlationId),this.config.system.asyncPopups?(this.logger.verbose("asyncPopups set to true, acquiring token"),this.acquireTokenPopupAsync(e,o,t)):(this.logger.verbose("asyncPopup set to false, opening popup before acquiring token"),o.popup=this.openSizedPopup("about:blank",o),this.acquireTokenPopupAsync(e,o,t))}catch(r){return Promise.reject(r)}}logout(e){try{this.logger.verbose("logoutPopup called");const t=this.initializeLogoutRequest(e),r={popupName:this.generateLogoutPopupName(t),popupWindowAttributes:(e==null?void 0:e.popupWindowAttributes)\|\|{},popupWindowParent:(e==null?void 0:e.popupWindowParent)??window},o=e&&e.authority,i=e&&e.mainWindowRedirectUri;return this.config.system.asyncPopups?(this.logger.verbose("asyncPopups set to true"),this.logoutPopupAsync(t,r,o,i)):(this.logger.verbose("asyncPopup set to false, opening popup"),r.popup=this.openSizedPopup("about:blank",r),this.logoutPopupAsync(t,r,o,i))}catch(t){return Promise.reject(t)}}async acquireTokenPopupAsync(e,t,r){this.logger.verbose("acquireTokenPopupAsync called");const o=await T(this.initializeAuthorizationRequest.bind(this),f.StandardInteractionClientInitializeAuthorizationRequest,this.logger,this.performanceClient,this.correlationId)(e,M.Popup);t.popup&&gh(o.authority);const i=At.isPlatformBrokerAvailable(this.config,this.logger,this.nativeMessageHandler,e.authenticationScheme);return o.platformBroker=i,this.config.auth.protocolMode===Ue.EAR?this.executeEarFlow(o,t):this.executeCodeFlow(o,t,r)}async executeCodeFlow(e,t,r){var c;const o=e.correlationId,i=this.initializeServerTelemetryManager(se.acquireTokenPopup),s=r\|\|await T(Lo,f.GeneratePkceCodes,this.logger,this.performanceClient,o)(this.performanceClient,this.logger,o),a={...e,codeChallenge:s.challenge};try{const d=await T(this.createAuthCodeClient.bind(this),f.StandardInteractionClientCreateAuthCodeClient,this.logger,this.performanceClient,o)({serverTelemetryManager:i,requestAuthority:a.authority,requestAzureCloudOptions:a.azureCloudOptions,requestExtraQueryParameters:a.extraQueryParameters,account:a.account}),l=await T(qs,f.GetAuthCodeUrl,this.logger,this.performanceClient,o)(this.config,d.authority,a,this.logger,this.performanceClient),h=this.initiateAuthRequest(l,t);this.eventHandler.emitEvent(N.POPUP_OPENED,M.Popup,{popupWindow:h},null);const p=await this.monitorPopupForHash(h,t.popupWindowParent),y=lt(ao,f.DeserializeResponse,this.logger,this.performanceClient,this.correlationId)(p,this.config.auth.OIDCOptions.serverResponseType,this.logger);return await T(js,f.HandleResponseCode,this.logger,this.performanceClient,o)(e,y,s.verifier,se.acquireTokenPopup,this.config,d,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.nativeMessageHandler)}catch(d){throw(c=t.popup)==null\|\|c.close(),d instanceof Z&&(d.setCorrelationId(this.correlationId),i.cacheFailedRequest(d)),d}}async executeEarFlow(e,t){const r=e.correlationId,o=await T(this.getDiscoveredAuthority.bind(this),f.StandardInteractionClientGetDiscoveredAuthority,this.logger,this.performanceClient,r)({requestAuthority:e.authority,requestAzureCloudOptions:e.azureCloudOptions,requestExtraQueryParameters:e.extraQueryParameters,account:e.account}),i=await T(Ds,f.GenerateEarKey,this.logger,this.performanceClient,r)(),s={...e,earJwk:i},a=t.popup\|\|this.openPopup("about:blank",t);(await Vs(a.document,this.config,o,s,this.logger,this.performanceClient)).submit();const d=await T(this.monitorPopupForHash.bind(this),f.SilentHandlerMonitorIframeForHash,this.logger,this.performanceClient,r)(a,t.popupWindowParent),l=lt(ao,f.DeserializeResponse,this.logger,this.performanceClient,this.correlationId)(d,this.config.auth.OIDCOptions.serverResponseType,this.logger);return T(Ws,f.HandleResponseEar,this.logger,this.performanceClient,r)(s,l,se.acquireTokenPopup,this.config,o,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.nativeMessageHandler)}async logoutPopupAsync(e,t,r,o){var s,a,c,d;this.logger.verbose("logoutPopupAsync called"),this.eventHandler.emitEvent(N.LOGOUT_START,M.Popup,e);const i=this.initializeServerTelemetryManager(se.logoutPopup);try{await this.clearCacheOnLogout(e.account);const l=await T(this.createAuthCodeClient.bind(this),f.StandardInteractionClientCreateAuthCodeClient,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:i,requestAuthority:r,account:e.account\|\|void 0});try{l.authority.endSessionEndpoint}catch{if((s=e.account)!=null&&s.homeAccountId&&e.postLogoutRedirectUri&&l.authority.protocolMode===Ue.OIDC){if(this.browserStorage.removeAccount((a=e.account)==null?void 0:a.homeAccountId),this.eventHandler.emitEvent(N.LOGOUT_SUCCESS,M.Popup,e),o){const y={apiId:se.logoutPopup,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},b=Q.getAbsoluteUrl(o,Nt());await this.navigationClient.navigateInternal(b,y)}(c=t.popup)==null\|\|c.close();return}}const h=l.getLogoutUri(e);this.eventHandler.emitEvent(N.LOGOUT_SUCCESS,M.Popup,e);const p=this.openPopup(h,t);if(this.eventHandler.emitEvent(N.POPUP_OPENED,M.Popup,{popupWindow:p},null),await this.monitorPopupForHash(p,t.popupWindowParent).catch(()=>{}),o){const y={apiId:se.logoutPopup,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},b=Q.getAbsoluteUrl(o,Nt());this.logger.verbose("Redirecting main window to url specified in the request"),this.logger.verbosePii(`Redirecting main window to: ${b}`),await this.navigationClient.navigateInternal(b,y)}else this.logger.verbose("No main window navigation requested")}catch(l){throw(d=t.popup)==null\|\|d.close(),l instanceof Z&&(l.setCorrelationId(this.correlationId),i.cacheFailedRequest(l)),this.eventHandler.emitEvent(N.LOGOUT_FAILURE,M.Popup,null,l),this.eventHandler.emitEvent(N.LOGOUT_END,M.Popup),l}this.eventHandler.emitEvent(N.LOGOUT_END,M.Popup)}initiateAuthRequest(e,t){if(e)return this.logger.infoPii(`Navigate to: ${e}`),this.openPopup(e,t);throw this.logger.error("Navigate url is empty"),P(Po)}monitorPopupForHash(e,t){return new Promise((r,o)=>{this.logger.verbose("PopupHandler.monitorPopupForHash - polling started");const i=setInterval(()=>{if(e.closed){this.logger.error("PopupHandler.monitorPopupForHash - window closed"),clearInterval(i),o(P(mr));return}let s="";try{s=e.location.href}catch{}if(!s\|\|s==="about:blank")return;clearInterval(i);let a="";const c=this.config.auth.OIDCOptions.serverResponseType;e&&(c===yo.QUERY?a=e.location.search:a=e.location.hash),this.logger.verbose("PopupHandler.monitorPopupForHash - popup window is on same origin as caller"),r(a)},this.config.system.pollIntervalMilliseconds)}).finally(()=>{this.cleanPopup(e,t)})}openPopup(e,t){try{let r;if(t.popup?(r=t.popup,this.logger.verbosePii(`Navigating popup window to: ${e}`),r.location.assign(e)):typeof t.popup>"u"&&(this.logger.verbosePii(`Opening popup window to: ${e}`),r=this.openSizedPopup(e,t)),!r)throw P(Hd);return r.focus&&r.focus(),this.currentWindow=r,t.popupWindowParent.addEventListener("beforeunload",this.unloadWindow),r}catch(r){throw this.logger.error("error opening popup "+r.message),P(xd)}}openSizedPopup(e,{popupName:t,popupWindowAttributes:r,popupWindowParent:o}){var y,b,S,q;const i=o.screenLeft?o.screenLeft:o.screenX,s=o.screenTop?o.screenTop:o.screenY,a=o.innerWidth\|\|document.documentElement.clientWidth\|\|document.body.clientWidth,c=o.innerHeight\|\|document.documentElement.clientHeight\|\|document.body.clientHeight;let d=(y=r.popupSize)==null?void 0:y.width,l=(b=r.popupSize)==null?void 0:b.height,h=(S=r.popupPosition)==null?void 0:S.top,p=(q=r.popupPosition)==null?void 0:q.left;return(!d\|\|d<0\|\|d>a)&&(this.logger.verbose("Default popup window width used. Window width not configured or invalid."),d=He.POPUP_WIDTH),(!l\|\|l<0\|\|l>c)&&(this.logger.verbose("Default popup window height used. Window height not configured or invalid."),l=He.POPUP_HEIGHT),(!h\|\|h<0\|\|h>c)&&(this.logger.verbose("Default popup window top position used. Window top not configured or invalid."),h=Math.max(0,c/2-He.POPUP_HEIGHT/2+s)),(!p\|\|p<0\|\|p>a)&&(this.logger.verbose("Default popup window left position used. Window left not configured or invalid."),p=Math.max(0,a/2-He.POPUP_WIDTH/2+i)),o.open(e,t,`width=${d}, height=${l}, top=${h}, left=${p}, scrollbars=yes`)}unloadWindow(e){this.currentWindow&&this.currentWindow.close(),e.preventDefault()}cleanPopup(e,t){e.close(),t.removeEventListener("beforeunload",this.unloadWindow)}generatePopupName(e,t){return`${He.POPUP_NAME_PREFIX}.${this.config.auth.clientId}.${e.join("-")}.${t}.${this.correlationId}`}generateLogoutPopupName(e){const t=e.account&&e.account.homeAccountId;return`${He.POPUP_NAME_PREFIX}.${this.config.auth.clientId}.${t}.${this.correlationId}`}}/! @azure/msal-browser v4.9.0 2025-03-25 /function wC(){if(typeof window>"u"\|\|typeof window.performance>"u"\|\|typeof window.performance.getEntriesByType!="function")return;const n=window.performance.getEntriesByType("navigation"),e=n.length?n[0]:void 0;return e==null?void 0:e.type}class IC extends Gn{constructor(e,t,r,o,i,s,a,c,d,l){super(e,t,r,o,i,s,a,d,l),this.nativeStorage=c}async acquireToken(e){const t=await T(this.initializeAuthorizationRequest.bind(this),f.StandardInteractionClientInitializeAuthorizationRequest,this.logger,this.performanceClient,this.correlationId)(e,M.Redirect);t.platformBroker=At.isPlatformBrokerAvailable(this.config,this.logger,this.nativeMessageHandler,e.authenticationScheme);const r=i=>{i.persisted&&(this.logger.verbose("Page was restored from back/forward cache. Clearing temporary cache."),this.browserStorage.resetRequestCache(),this.eventHandler.emitEvent(N.RESTORE_FROM_BFCACHE,M.Redirect))},o=this.getRedirectStartPage(e.redirectStartPage);this.logger.verbosePii(`Redirect start page: ${o}`),this.browserStorage.setTemporaryCache(ge.ORIGIN_URI,o,!0),window.addEventListener("pageshow",r);try{this.config.auth.protocolMode===Ue.EAR?await this.executeEarFlow(t):await this.executeCodeFlow(t,e.onRedirectNavigate)}catch(i){throw i instanceof Z&&i.setCorrelationId(this.correlationId),window.removeEventListener("pageshow",r),i}}async executeCodeFlow(e,t){const r=e.correlationId,o=this.initializeServerTelemetryManager(se.acquireTokenRedirect),i=await T(Lo,f.GeneratePkceCodes,this.logger,this.performanceClient,r)(this.performanceClient,this.logger,r),s={...e,codeChallenge:i.challenge};this.browserStorage.cacheAuthorizeRequest(s,i.verifier);try{const a=await T(this.createAuthCodeClient.bind(this),f.StandardInteractionClientCreateAuthCodeClient,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:o,requestAuthority:s.authority,requestAzureCloudOptions:s.azureCloudOptions,requestExtraQueryParameters:s.extraQueryParameters,account:s.account}),c=await T(qs,f.GetAuthCodeUrl,this.logger,this.performanceClient,e.correlationId)(this.config,a.authority,s,this.logger,this.performanceClient);return await this.initiateAuthRequest(c,t)}catch(a){throw a instanceof Z&&(a.setCorrelationId(this.correlationId),o.cacheFailedRequest(a)),a}}async executeEarFlow(e){const t=e.correlationId,r=await T(this.getDiscoveredAuthority.bind(this),f.StandardInteractionClientGetDiscoveredAuthority,this.logger,this.performanceClient,t)({requestAuthority:e.authority,requestAzureCloudOptions:e.azureCloudOptions,requestExtraQueryParameters:e.extraQueryParameters,account:e.account}),o=await T(Ds,f.GenerateEarKey,this.logger,this.performanceClient,t)(),i={...e,earJwk:o};this.browserStorage.cacheAuthorizeRequest(i),(await Vs(document,this.config,r,i,this.logger,this.performanceClient)).submit()}async handleRedirectPromise(e="",t,r,o){const i=this.initializeServerTelemetryManager(se.handleRedirectPromise);try{const[s,a]=this.getRedirectResponse(e\|\|"");if(!s)return this.logger.info("handleRedirectPromise did not detect a response as a result of a redirect. Cleaning temporary cache."),this.browserStorage.resetRequestCache(),wC()!=="back_forward"?o.event.errorCode="no_server_response":this.logger.verbose("Back navigation event detected. Muting no_server_response error"),null;const c=this.browserStorage.getTemporaryCache(ge.ORIGIN_URI,!0)\|\|C.EMPTY_STRING,d=Q.removeHashFromUrl(c),l=Q.removeHashFromUrl(window.location.href);if(d===l&&this.config.auth.navigateToLoginRequestUrl)return this.logger.verbose("Current page is loginRequestUrl, handling response"),c.indexOf("#")>-1&&Dm(c),await this.handleResponse(s,t,r,i);if(this.config.auth.navigateToLoginRequestUrl){if(!Gs()\|\|this.config.system.allowRedirectInIframe){this.browserStorage.setTemporaryCache(ge.URL_HASH,a,!0);const h={apiId:se.handleRedirectPromise,timeout:this.config.system.redirectNavigationTimeout,noHistory:!0};let p=!0;if(!c\|\|c==="null"){const y=Km();this.browserStorage.setTemporaryCache(ge.ORIGIN_URI,y,!0),this.logger.warning("Unable to get valid login request url from cache, redirecting to home page"),p=await this.navigationClient.navigateInternal(y,h)}else this.logger.verbose(`Navigating to loginRequestUrl: ${c}`),p=await this.navigationClient.navigateInternal(c,h);if(!p)return await this.handleResponse(s,t,r,i)}}else return this.logger.verbose("NavigateToLoginRequestUrl set to false, handling response"),await this.handleResponse(s,t,r,i);return null}catch(s){throw s instanceof Z&&(s.setCorrelationId(this.correlationId),i.cacheFailedRequest(s)),s}}getRedirectResponse(e){this.logger.verbose("getRedirectResponseHash called");let t=e;t\|\|(this.config.auth.OIDCOptions.serverResponseType===yo.QUERY?t=window.location.search:t=window.location.hash);let r=Jr(t);if(r){try{mC(r,this.browserCrypto,M.Redirect)}catch(i){return i instanceof Z&&this.logger.error(`Interaction type validation failed due to ${i.errorCode}: ${i.errorMessage}`),[null,""]}return Um(window),this.logger.verbose("Hash contains known properties, returning response hash"),[r,t]}const o=this.browserStorage.getTemporaryCache(ge.URL_HASH,!0);return this.browserStorage.removeItem(this.browserStorage.generateCacheKey(ge.URL_HASH)),o&&(r=Jr(o),r)?(this.logger.verbose("Hash does not contain known properties, returning cached hash"),[r,o]):[null,""]}async handleResponse(e,t,r,o){if(!e.state)throw P(Os);if(e.ear_jwe){const a=await T(this.getDiscoveredAuthority.bind(this),f.StandardInteractionClientGetDiscoveredAuthority,this.logger,this.performanceClient,t.correlationId)({requestAuthority:t.authority,requestAzureCloudOptions:t.azureCloudOptions,requestExtraQueryParameters:t.extraQueryParameters,account:t.account});return T(Ws,f.HandleResponseEar,this.logger,this.performanceClient,t.correlationId)(t,e,se.acquireTokenRedirect,this.config,a,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.nativeMessageHandler)}const s=await T(this.createAuthCodeClient.bind(this),f.StandardInteractionClientCreateAuthCodeClient,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:o,requestAuthority:t.authority});return T(js,f.HandleResponseCode,this.logger,this.performanceClient,t.correlationId)(t,e,r,se.acquireTokenRedirect,this.config,s,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.nativeMessageHandler)}async initiateAuthRequest(e,t){if(this.logger.verbose("RedirectHandler.initiateAuthRequest called"),e){this.logger.infoPii(`RedirectHandler.initiateAuthRequest: Navigate to: ${e}`);const r={apiId:se.acquireTokenRedirect,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},o=t\|\|this.config.auth.onRedirectNavigate;if(typeof o=="function")if(this.logger.verbose("RedirectHandler.initiateAuthRequest: Invoking onRedirectNavigate callback"),o(e)!==!1){this.logger.verbose("RedirectHandler.initiateAuthRequest: onRedirectNavigate did not return false, navigating"),await this.navigationClient.navigateExternal(e,r);return}else{this.logger.verbose("RedirectHandler.initiateAuthRequest: onRedirectNavigate returned false, stopping navigation");return}else{this.logger.verbose("RedirectHandler.initiateAuthRequest: Navigating window to navigate url"),await this.navigationClient.navigateExternal(e,r);return}}else throw this.logger.info("RedirectHandler.initiateAuthRequest: Navigate url is empty"),P(Po)}async logout(e){var o,i;this.logger.verbose("logoutRedirect called");const t=this.initializeLogoutRequest(e),r=this.initializeServerTelemetryManager(se.logout);try{this.eventHandler.emitEvent(N.LOGOUT_START,M.Redirect,e),await this.clearCacheOnLogout(t.account);const s={apiId:se.logout,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},a=await T(this.createAuthCodeClient.bind(this),f.StandardInteractionClientCreateAuthCodeClient,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:r,requestAuthority:e&&e.authority,requestExtraQueryParameters:e==null?void 0:e.extraQueryParameters,account:e&&e.account\|\|void 0});if(a.authority.protocolMode===Ue.OIDC)try{a.authority.endSessionEndpoint}catch{if((o=t.account)!=null&&o.homeAccountId){this.browserStorage.removeAccount((i=t.account)==null?void 0:i.homeAccountId),this.eventHandler.emitEvent(N.LOGOUT_SUCCESS,M.Redirect,t);return}}const c=a.getLogoutUri(t);if(this.eventHandler.emitEvent(N.LOGOUT_SUCCESS,M.Redirect,t),e&&typeof e.onRedirectNavigate=="function")if(e.onRedirectNavigate(c)!==!1){this.logger.verbose("Logout onRedirectNavigate did not return false, navigating"),this.browserStorage.getInteractionInProgress()\|\|this.browserStorage.setInteractionInProgress(!0),await this.navigationClient.navigateExternal(c,s);return}else this.browserStorage.setInteractionInProgress(!1),this.logger.verbose("Logout onRedirectNavigate returned false, stopping navigation");else{this.browserStorage.getInteractionInProgress()\|\|this.browserStorage.setInteractionInProgress(!0),await this.navigationClient.navigateExternal(c,s);return}}catch(s){throw s instanceof Z&&(s.setCorrelationId(this.correlationId),r.cacheFailedRequest(s)),this.eventHandler.emitEvent(N.LOGOUT_FAILURE,M.Redirect,null,s),this.eventHandler.emitEvent(N.LOGOUT_END,M.Redirect),s}this.eventHandler.emitEvent(N.LOGOUT_END,M.Redirect)}getRedirectStartPage(e){const t=e\|\|window.location.href;return Q.getAbsoluteUrl(t,Nt())}}/! @azure/msal-browser v4.9.0 2025-03-25 /async function EC(n,e,t,r,o){if(e.addQueueMeasurement(f.SilentHandlerInitiateAuthRequest,r),!n)throw t.info("Navigate url is empty"),P(Po);return o?T(SC,f.SilentHandlerLoadFrame,t,e,r)(n,o,e,r):lt(bC,f.SilentHandlerLoadFrameSync,t,e,r)(n)}async function _C(n,e,t,r,o){const i=Ys();if(!i.contentDocument)throw"No document associated with iframe!";return(await Vs(i.contentDocument,n,e,t,r,o)).submit(),i}async function rc(n,e,t,r,o,i,s){return r.addQueueMeasurement(f.SilentHandlerMonitorIframeForHash,i),new Promise((a,c)=>{e<bi&&o.warning(`system.loadFrameTimeout or system.iframeHashTimeout set to lower (${e}ms) than the default (${bi}ms). This may result in timeouts.`);const d=window.setTimeout(()=>{window.clearInterval(l),c(P(Ld))},e),l=window.setInterval(()=>{let h="";const p=n.contentWindow;try{h=p?p.location.href:""}catch{}if(!h\|\|h==="about:blank")return;let y="";p&&(s===yo.QUERY?y=p.location.search:y=p.location.hash),window.clearTimeout(d),window.clearInterval(l),a(y)},t)}).finally(()=>{lt(kC,f.RemoveHiddenIframe,o,r,i)(n)})}function SC(n,e,t,r){return t.addQueueMeasurement(f.SilentHandlerLoadFrame,r),new Promise((o,i)=>{const s=Ys();window.setTimeout(()=>{if(!s){i("Unable to load iframe");return}s.src=n,o(s)},e)})}function bC(n){const e=Ys();return e.src=n,e}function Ys(){const n=document.createElement("iframe");return n.className="msalSilentIframe",n.style.visibility="hidden",n.style.position="absolute",n.style.width=n.style.height="0",n.style.border="0",n.setAttribute("sandbox","allow-scripts allow-same-origin allow-forms"),document.body.appendChild(n),n}function kC(n){document.body===n.parentNode&&document.body.removeChild(n)}/! @azure/msal-browser v4.9.0 2025-03-25 /class RC extends Gn{constructor(e,t,r,o,i,s,a,c,d,l,h){super(e,t,r,o,i,s,c,l,h),this.apiId=a,this.nativeStorage=d}async acquireToken(e){this.performanceClient.addQueueMeasurement(f.SilentIframeClientAcquireToken,e.correlationId),!e.loginHint&&!e.sid&&(!e.account\|\|!e.account.username)&&this.logger.warning("No user hint provided. The authorization server may need more information to complete this request.");const t={...e};t.prompt?t.prompt!==Ae.NONE&&t.prompt!==Ae.NO_SESSION&&(this.logger.warning(`SilentIframeClient. Replacing invalid prompt ${t.prompt} with ${Ae.NONE}`),t.prompt=Ae.NONE):t.prompt=Ae.NONE;const r=await T(this.initializeAuthorizationRequest.bind(this),f.StandardInteractionClientInitializeAuthorizationRequest,this.logger,this.performanceClient,e.correlationId)(t,M.Silent);return r.platformBroker=At.isPlatformBrokerAvailable(this.config,this.logger,this.nativeMessageHandler,r.authenticationScheme),gh(r.authority),this.config.auth.protocolMode===Ue.EAR?this.executeEarFlow(r):this.executeCodeFlow(r)}async executeCodeFlow(e){let t;const r=this.initializeServerTelemetryManager(this.apiId);try{return t=await T(this.createAuthCodeClient.bind(this),f.StandardInteractionClientCreateAuthCodeClient,this.logger,this.performanceClient,e.correlationId)({serverTelemetryManager:r,requestAuthority:e.authority,requestAzureCloudOptions:e.azureCloudOptions,requestExtraQueryParameters:e.extraQueryParameters,account:e.account}),await T(this.silentTokenHelper.bind(this),f.SilentIframeClientTokenHelper,this.logger,this.performanceClient,e.correlationId)(t,e)}catch(o){if(o instanceof Z&&(o.setCorrelationId(this.correlationId),r.cacheFailedRequest(o)),!t\|\|!(o instanceof Z)\|\|o.errorCode!==He.INVALID_GRANT_ERROR)throw o;return this.performanceClient.addFields({retryError:o.errorCode},this.correlationId),await T(this.silentTokenHelper.bind(this),f.SilentIframeClientTokenHelper,this.logger,this.performanceClient,this.correlationId)(t,e)}}async executeEarFlow(e){const t=e.correlationId,r=await T(this.getDiscoveredAuthority.bind(this),f.StandardInteractionClientGetDiscoveredAuthority,this.logger,this.performanceClient,t)({requestAuthority:e.authority,requestAzureCloudOptions:e.azureCloudOptions,requestExtraQueryParameters:e.extraQueryParameters,account:e.account}),o=await T(Ds,f.GenerateEarKey,this.logger,this.performanceClient,t)(),i={...e,earJwk:o},s=await T(_C,f.SilentHandlerInitiateAuthRequest,this.logger,this.performanceClient,t)(this.config,r,i,this.logger,this.performanceClient),a=this.config.auth.OIDCOptions.serverResponseType,c=await T(rc,f.SilentHandlerMonitorIframeForHash,this.logger,this.performanceClient,t)(s,this.config.system.iframeHashTimeout,this.config.system.pollIntervalMilliseconds,this.performanceClient,this.logger,t,a),d=lt(ao,f.DeserializeResponse,this.logger,this.performanceClient,t)(c,a,this.logger);return T(Ws,f.HandleResponseEar,this.logger,this.performanceClient,t)(i,d,this.apiId,this.config,r,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.nativeMessageHandler)}logout(){return Promise.reject(P(No))}async silentTokenHelper(e,t){const r=t.correlationId;this.performanceClient.addQueueMeasurement(f.SilentIframeClientTokenHelper,r);const o=await T(Lo,f.GeneratePkceCodes,this.logger,this.performanceClient,r)(this.performanceClient,this.logger,r),i={...t,codeChallenge:o.challenge},s=await T(qs,f.GetAuthCodeUrl,this.logger,this.performanceClient,r)(this.config,e.authority,i,this.logger,this.performanceClient),a=await T(EC,f.SilentHandlerInitiateAuthRequest,this.logger,this.performanceClient,r)(s,this.performanceClient,this.logger,r,this.config.system.navigateFrameWait),c=this.config.auth.OIDCOptions.serverResponseType,d=await T(rc,f.SilentHandlerMonitorIframeForHash,this.logger,this.performanceClient,r)(a,this.config.system.iframeHashTimeout,this.config.system.pollIntervalMilliseconds,this.performanceClient,this.logger,r,c),l=lt(ao,f.DeserializeResponse,this.logger,this.performanceClient,r)(d,c,this.logger);return T(js,f.HandleResponseCode,this.logger,this.performanceClient,r)(t,l,o.verifier,this.apiId,this.config,e,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.nativeMessageHandler)}}/! @azure/msal-browser v4.9.0 2025-03-25 /class OC extends Gn{async acquireToken(e){this.performanceClient.addQueueMeasurement(f.SilentRefreshClientAcquireToken,e.correlationId);const t=await T(zs,f.InitializeBaseRequest,this.logger,this.performanceClient,e.correlationId)(e,this.config,this.performanceClient,this.logger),r={...e,...t};e.redirectUri&&(r.redirectUri=this.getRedirectUri(e.redirectUri));const o=this.initializeServerTelemetryManager(se.acquireTokenSilent_silentFlow),i=await this.createRefreshTokenClient({serverTelemetryManager:o,authorityUrl:r.authority,azureCloudOptions:r.azureCloudOptions,account:r.account});return T(i.acquireTokenByRefreshToken.bind(i),f.RefreshTokenClientAcquireTokenByRefreshToken,this.logger,this.performanceClient,e.correlationId)(r).catch(s=>{throw s.setCorrelationId(this.correlationId),o.cacheFailedRequest(s),s})}logout(){return Promise.reject(P(No))}async createRefreshTokenClient(e){const t=await T(this.getClientConfiguration.bind(this),f.StandardInteractionClientGetClientConfiguration,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:e.serverTelemetryManager,requestAuthority:e.authorityUrl,requestAzureCloudOptions:e.azureCloudOptions,requestExtraQueryParameters:e.extraQueryParameters,account:e.account});return new Xp(t,this.performanceClient)}}/! @azure/msal-browser v4.9.0 2025-03-25 /class PC{constructor(e,t,r,o){this.isBrowserEnvironment=typeof window<"u",this.config=e,this.storage=t,this.logger=r,this.cryptoObj=o}async loadExternalTokens(e,t,r){if(!this.isBrowserEnvironment)throw P(Mo);const o=e.correlationId\|\|We(),i=t.id_token?Yt(t.id_token,ct):void 0,s={protocolMode:this.config.auth.protocolMode,knownAuthorities:this.config.auth.knownAuthorities,cloudDiscoveryMetadata:this.config.auth.cloudDiscoveryMetadata,authorityMetadata:this.config.auth.authorityMetadata,skipAuthorityMetadataCache:this.config.auth.skipAuthorityMetadataCache},a=e.authority?new Ee(Ee.generateAuthority(e.authority,e.azureCloudOptions),this.config.system.networkClient,this.storage,s,this.logger,e.correlationId\|\|We()):void 0,c=await this.loadAccount(e,r.clientInfo\|\|t.client_info\|\|"",o,i,a),d=await this.loadIdToken(t,c.homeAccountId,c.environment,c.realm,o),l=await this.loadAccessToken(e,t,c.homeAccountId,c.environment,c.realm,r,o),h=await this.loadRefreshToken(t,c.homeAccountId,c.environment,o);return this.generateAuthenticationResult(e,{account:c,idToken:d,accessToken:l,refreshToken:h},i,a)}async loadAccount(e,t,r,o,i){if(this.logger.verbose("TokenCache - loading account"),e.account){const d=Re.createFromAccountInfo(e.account);return await this.storage.setAccount(d,r),d}else if(!i\|\|!t&&!o)throw this.logger.error("TokenCache - if an account is not provided on the request, authority and either clientInfo or idToken must be provided instead."),P(qd);const s=Re.generateHomeAccountId(t,i.authorityType,this.logger,this.cryptoObj,o),a=o==null?void 0:o.tid,c=_s(this.storage,i,s,ct,o,t,i.hostnameAndPort,a,void 0,void 0,this.logger);return await this.storage.setAccount(c,r),c}async loadIdToken(e,t,r,o,i){if(!e.id_token)return this.logger.verbose("TokenCache - no id token found in response"),null;this.logger.verbose("TokenCache - loading id token");const s=To(t,r,e.id_token,this.config.auth.clientId,o);return await this.storage.setIdTokenCredential(s,i),s}async loadAccessToken(e,t,r,o,i,s,a){if(t.access_token)if(t.expires_in){if(!t.scope&&(!e.scopes\|\|!e.scopes.length))return this.logger.error("TokenCache - scopes not specified in the request or response. Cannot add token to the cache."),null}else return this.logger.error("TokenCache - no expiration set on the access token. Cannot add it to the cache."),null;else return this.logger.verbose("TokenCache - no access token found in response"),null;this.logger.verbose("TokenCache - loading access token");const c=t.scope?fe.fromString(t.scope):new fe(e.scopes),d=s.expiresOn\|\|t.expires_in+Fe(),l=s.extendedExpiresOn\|\|(t.ext_expires_in\|\|t.expires_in)+Fe(),h=Ao(r,o,t.access_token,this.config.auth.clientId,i,c.printScopes(),d,l,ct);return await this.storage.setAccessTokenCredential(h,a),h}async loadRefreshToken(e,t,r,o){if(!e.refresh_token)return this.logger.verbose("TokenCache - no refresh token found in response"),null;this.logger.verbose("TokenCache - loading refresh token");const i=xl(t,r,e.refresh_token,this.config.auth.clientId,e.foci,void 0,e.refresh_token_expires_in);return await this.storage.setRefreshTokenCredential(i,o),i}generateAuthenticationResult(e,t,r,o){var l,h,p;let i="",s=[],a=null,c;t!=null&&t.accessToken&&(i=t.accessToken.secret,s=fe.fromString(t.accessToken.target).asArray(),a=xt(t.accessToken.expiresOn),c=xt(t.accessToken.extendedExpiresOn));const d=t.account;return{authority:o?o.canonicalAuthority:"",uniqueId:t.account.localAccountId,tenantId:t.account.realm,scopes:s,account:d.getAccountInfo(),idToken:((l=t.idToken)==null?void 0:l.secret)\|\|"",idTokenClaims:r\|\|{},accessToken:i,fromCache:!0,expiresOn:a,correlationId:e.correlationId\|\|"",requestId:"",extExpiresOn:c,familyId:((h=t.refreshToken)==null?void 0:h.familyId)\|\|"",tokenType:((p=t==null?void 0:t.accessToken)==null?void 0:p.tokenType)\|\|"",state:e.state\|\|"",cloudGraphHostName:d.cloudGraphHostName\|\|"",msGraphHost:d.msGraphHost\|\|"",fromNativeBroker:!1}}}/! @azure/msal-browser v4.9.0 2025-03-25 /class NC extends wd{constructor(e){super(e),this.includeRedirectUri=!1}}/! @azure/msal-browser v4.9.0 2025-03-25 /class MC extends Gn{constructor(e,t,r,o,i,s,a,c,d,l){super(e,t,r,o,i,s,c,d,l),this.apiId=a}async acquireToken(e){if(!e.code)throw P(Vd);const t=await T(this.initializeAuthorizationRequest.bind(this),f.StandardInteractionClientInitializeAuthorizationRequest,this.logger,this.performanceClient,e.correlationId)(e,M.Silent),r=this.initializeServerTelemetryManager(this.apiId);try{const o={...t,code:e.code},i=await T(this.getClientConfiguration.bind(this),f.StandardInteractionClientGetClientConfiguration,this.logger,this.performanceClient,e.correlationId)({serverTelemetryManager:r,requestAuthority:t.authority,requestAzureCloudOptions:t.azureCloudOptions,requestExtraQueryParameters:t.extraQueryParameters,account:t.account}),s=new NC(i);this.logger.verbose("Auth code client created");const a=new Sh(s,this.browserStorage,o,this.logger,this.performanceClient);return await T(a.handleCodeResponseFromServer.bind(a),f.HandleCodeResponseFromServer,this.logger,this.performanceClient,e.correlationId)({code:e.code,msgraph_host:e.msGraphHost,cloud_graph_host_name:e.cloudGraphHostName,cloud_instance_host_name:e.cloudInstanceHostName},t,!1)}catch(o){throw o instanceof Z&&(o.setCorrelationId(this.correlationId),r.cacheFailedRequest(o)),o}}logout(){return Promise.reject(P(No))}}/! @azure/msal-browser v4.9.0 2025-03-25 /function gt(n){const e=n==null?void 0:n.idTokenClaims;if(e!=null&&e.tfp\|\|e!=null&&e.acr)return"B2C";if(e!=null&&e.tid){if((e==null?void 0:e.tid)==="9188040d-6c67-4c5b-b112-36a304b66dad")return"MSA"}else return;return"AAD"}function Mr(n,e){try{$s(n)}catch(t){throw e.end({success:!1},t),t}}class Uo{constructor(e){this.operatingContext=e,this.isBrowserEnvironment=this.operatingContext.isBrowserEnvironment(),this.config=e.getConfig(),this.initialized=!1,this.logger=this.operatingContext.getLogger(),this.networkClient=this.config.system.networkClient,this.navigationClient=this.config.system.navigationClient,this.redirectResponse=new Map,this.hybridAuthCodeResponses=new Map,this.performanceClient=this.config.telemetry.client,this.browserCrypto=this.isBrowserEnvironment?new It(this.logger,this.performanceClient):fr,this.eventHandler=new Ih(this.logger),this.browserStorage=this.isBrowserEnvironment?new so(this.config.auth.clientId,this.config.cache,this.browserCrypto,this.logger,this.performanceClient,this.eventHandler,Cd(this.config.auth)):mh(this.config.auth.clientId,this.logger,this.performanceClient,this.eventHandler);const t={cacheLocation:ve.MemoryStorage,temporaryCacheLocation:ve.MemoryStorage,storeAuthStateInCookie:!1,secureCookies:!1,cacheMigrationEnabled:!1,claimsBasedCachingEnabled:!1};this.nativeInternalStorage=new so(this.config.auth.clientId,t,this.browserCrypto,this.logger,this.performanceClient,this.eventHandler),this.tokenCache=new PC(this.config,this.browserStorage,this.logger,this.browserCrypto),this.activeSilentTokenRequests=new Map,this.trackPageVisibility=this.trackPageVisibility.bind(this),this.trackPageVisibilityWithMeasurement=this.trackPageVisibilityWithMeasurement.bind(this)}static async createController(e,t){const r=new Uo(e);return await r.initialize(t),r}trackPageVisibility(e){e&&(this.logger.info("Perf: Visibility change detected"),this.performanceClient.incrementFields({visibilityChangeCount:1},e))}async initialize(e){if(this.logger.trace("initialize called"),this.initialized){this.logger.info("initialize has already been called, exiting early.");return}if(!this.isBrowserEnvironment){this.logger.info("in non-browser environment, exiting early."),this.initialized=!0,this.eventHandler.emitEvent(N.INITIALIZE_END);return}const t=(e==null?void 0:e.correlationId)\|\|this.getRequestCorrelationId(),r=this.config.system.allowPlatformBroker,o=this.performanceClient.startMeasurement(f.InitializeClientApplication,t);if(this.eventHandler.emitEvent(N.INITIALIZE_START),await T(this.browserStorage.initialize.bind(this.browserStorage),f.InitializeCache,this.logger,this.performanceClient,t)(t),r)try{this.nativeExtensionProvider=await At.createProvider(this.logger,this.config.system.nativeBrokerHandshakeTimeout,this.performanceClient)}catch(i){this.logger.verbose(i)}this.config.cache.claimsBasedCachingEnabled\|\|(this.logger.verbose("Claims-based caching is disabled. Clearing the previous cache with claims"),await T(this.browserStorage.clearTokensAndKeysWithClaims.bind(this.browserStorage),f.ClearTokensAndKeysWithClaims,this.logger,this.performanceClient,t)(this.performanceClient,t)),this.config.system.asyncPopups&&await this.preGeneratePkceCodes(t),this.initialized=!0,this.eventHandler.emitEvent(N.INITIALIZE_END),o.end({allowPlatformBroker:r,success:!0})}async handleRedirectPromise(e){if(this.logger.verbose("handleRedirectPromise called"),fh(this.initialized),this.isBrowserEnvironment){const t=e\|\|"";let r=this.redirectResponse.get(t);return typeof r>"u"?(r=this.handleRedirectPromiseInternal(e),this.redirectResponse.set(t,r),this.logger.verbose("handleRedirectPromise has been called for the first time, storing the promise")):this.logger.verbose("handleRedirectPromise has been called previously, returning the result from the first call"),r}return this.logger.verbose("handleRedirectPromise returns null, not browser environment"),null}async handleRedirectPromiseInternal(e){if(!this.browserStorage.isInteractionInProgress(!0))return this.logger.info("handleRedirectPromise called but there is no interaction in progress, returning null."),null;const t=this.getAllAccounts(),r=this.browserStorage.getCachedNativeRequest(),o=r&&At.isPlatformBrokerAvailable(this.config,this.logger,this.nativeExtensionProvider)&&this.nativeExtensionProvider&&!e;let i=this.performanceClient.startMeasurement(f.AcquireTokenRedirect,(r==null?void 0:r.correlationId)\|\|"");this.eventHandler.emitEvent(N.HANDLE_REDIRECT_START,M.Redirect);let s;if(o&&this.nativeExtensionProvider){this.logger.trace("handleRedirectPromise - acquiring token from native platform");const a=new Fr(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,se.handleRedirectPromise,this.performanceClient,this.nativeExtensionProvider,r.accountId,this.nativeInternalStorage,r.correlationId);s=T(a.handleRedirectPromise.bind(a),f.HandleNativeRedirectPromiseMeasurement,this.logger,this.performanceClient,i.event.correlationId)(this.performanceClient,i.event.correlationId)}else{const[a,c]=this.browserStorage.getCachedRequest(),d=a.correlationId;i.discard(),i=this.performanceClient.startMeasurement(f.AcquireTokenRedirect,d),this.logger.trace("handleRedirectPromise - acquiring token from web flow");const l=this.createRedirectClient(d);s=T(l.handleRedirectPromise.bind(l),f.HandleRedirectPromiseMeasurement,this.logger,this.performanceClient,i.event.correlationId)(e,a,c,i)}return s.then(a=>(a?(this.browserStorage.resetRequestCache(),t.length<this.getAllAccounts().length?(this.eventHandler.emitEvent(N.LOGIN_SUCCESS,M.Redirect,a),this.logger.verbose("handleRedirectResponse returned result, login success")):(this.eventHandler.emitEvent(N.ACQUIRE_TOKEN_SUCCESS,M.Redirect,a),this.logger.verbose("handleRedirectResponse returned result, acquire token success")),i.end({success:!0,accountType:gt(a.account)})):i.event.errorCode?i.end({success:!1}):i.discard(),this.eventHandler.emitEvent(N.HANDLE_REDIRECT_END,M.Redirect),a)).catch(a=>{this.browserStorage.resetRequestCache();const c=a;throw t.length>0?this.eventHandler.emitEvent(N.ACQUIRE_TOKEN_FAILURE,M.Redirect,null,c):this.eventHandler.emitEvent(N.LOGIN_FAILURE,M.Redirect,null,c),this.eventHandler.emitEvent(N.HANDLE_REDIRECT_END,M.Redirect),i.end({success:!1},c),a})}async acquireTokenRedirect(e){const t=this.getRequestCorrelationId(e);this.logger.verbose("acquireTokenRedirect called",t);const r=this.performanceClient.startMeasurement(f.AcquireTokenPreRedirect,t);r.add({accountType:gt(e.account),scenarioId:e.scenarioId});const o=e.onRedirectNavigate;if(o)e.onRedirectNavigate=s=>{const a=typeof o=="function"?o(s):void 0;return a!==!1?r.end({success:!0}):r.discard(),a};else{const s=this.config.auth.onRedirectNavigate;this.config.auth.onRedirectNavigate=a=>{const c=typeof s=="function"?s(a):void 0;return c!==!1?r.end({success:!0}):r.discard(),c}}const i=this.getAllAccounts().length>0;try{Ja(this.initialized,this.config),this.browserStorage.setInteractionInProgress(!0),i?this.eventHandler.emitEvent(N.ACQUIRE_TOKEN_START,M.Redirect,e):this.eventHandler.emitEvent(N.LOGIN_START,M.Redirect,e);let s;return this.nativeExtensionProvider&&this.canUsePlatformBroker(e)?s=new Fr(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,se.acquireTokenRedirect,this.performanceClient,this.nativeExtensionProvider,this.getNativeAccountId(e),this.nativeInternalStorage,t).acquireTokenRedirect(e,r).catch(c=>{if(c instanceof yt&&_n(c))return this.nativeExtensionProvider=void 0,this.createRedirectClient(t).acquireToken(e);if(c instanceof nt)return this.logger.verbose("acquireTokenRedirect - Resolving interaction required error thrown by native broker by falling back to web flow"),this.createRedirectClient(t).acquireToken(e);throw c}):s=this.createRedirectClient(t).acquireToken(e),await s}catch(s){throw this.browserStorage.resetRequestCache(),r.end({success:!1},s),i?this.eventHandler.emitEvent(N.ACQUIRE_TOKEN_FAILURE,M.Redirect,null,s):this.eventHandler.emitEvent(N.LOGIN_FAILURE,M.Redirect,null,s),s}}acquireTokenPopup(e){const t=this.getRequestCorrelationId(e),r=this.performanceClient.startMeasurement(f.AcquireTokenPopup,t);r.add({scenarioId:e.scenarioId,accountType:gt(e.account)});try{this.logger.verbose("acquireTokenPopup called",t),Mr(this.initialized,r),this.browserStorage.setInteractionInProgress(!0)}catch(a){return Promise.reject(a)}const o=this.getAllAccounts();o.length>0?this.eventHandler.emitEvent(N.ACQUIRE_TOKEN_START,M.Popup,e):this.eventHandler.emitEvent(N.LOGIN_START,M.Popup,e);let i;const s=this.getPreGeneratedPkceCodes(t);return this.canUsePlatformBroker(e)?i=this.acquireTokenNative({...e,correlationId:t},se.acquireTokenPopup).then(a=>(r.end({success:!0,isNativeBroker:!0,accountType:gt(a.account)}),a)).catch(a=>{if(a instanceof yt&&_n(a))return this.nativeExtensionProvider=void 0,this.createPopupClient(t).acquireToken(e,s);if(a instanceof nt)return this.logger.verbose("acquireTokenPopup - Resolving interaction required error thrown by native broker by falling back to web flow"),this.createPopupClient(t).acquireToken(e,s);throw a}):i=this.createPopupClient(t).acquireToken(e,s),i.then(a=>(o.length<this.getAllAccounts().length?this.eventHandler.emitEvent(N.LOGIN_SUCCESS,M.Popup,a):this.eventHandler.emitEvent(N.ACQUIRE_TOKEN_SUCCESS,M.Popup,a),r.end({success:!0,accessTokenSize:a.accessToken.length,idTokenSize:a.idToken.length,accountType:gt(a.account)}),a)).catch(a=>(o.length>0?this.eventHandler.emitEvent(N.ACQUIRE_TOKEN_FAILURE,M.Popup,null,a):this.eventHandler.emitEvent(N.LOGIN_FAILURE,M.Popup,null,a),r.end({success:!1},a),Promise.reject(a))).finally(async()=>{this.browserStorage.setInteractionInProgress(!1),this.config.system.asyncPopups&&await this.preGeneratePkceCodes(t)})}trackPageVisibilityWithMeasurement(){const e=this.ssoSilentMeasurement\|\|this.acquireTokenByCodeAsyncMeasurement;e&&(this.logger.info("Perf: Visibility change detected in ",e.event.name),e.increment({visibilityChangeCount:1}))}async ssoSilent(e){var i,s;const t=this.getRequestCorrelationId(e),r={...e,prompt:e.prompt,correlationId:t};this.ssoSilentMeasurement=this.performanceClient.startMeasurement(f.SsoSilent,t),(i=this.ssoSilentMeasurement)==null\|\|i.add({scenarioId:e.scenarioId,accountType:gt(e.account)}),Mr(this.initialized,this.ssoSilentMeasurement),(s=this.ssoSilentMeasurement)==null\|\|s.increment({visibilityChangeCount:0}),document.addEventListener("visibilitychange",this.trackPageVisibilityWithMeasurement),this.logger.verbose("ssoSilent called",t),this.eventHandler.emitEvent(N.SSO_SILENT_START,M.Silent,r);let o;return this.canUsePlatformBroker(r)?o=this.acquireTokenNative(r,se.ssoSilent).catch(a=>{if(a instanceof yt&&_n(a))return this.nativeExtensionProvider=void 0,this.createSilentIframeClient(r.correlationId).acquireToken(r);throw a}):o=this.createSilentIframeClient(r.correlationId).acquireToken(r),o.then(a=>{var c;return this.eventHandler.emitEvent(N.SSO_SILENT_SUCCESS,M.Silent,a),(c=this.ssoSilentMeasurement)==null\|\|c.end({success:!0,isNativeBroker:a.fromNativeBroker,accessTokenSize:a.accessToken.length,idTokenSize:a.idToken.length,accountType:gt(a.account)}),a}).catch(a=>{var c;throw this.eventHandler.emitEvent(N.SSO_SILENT_FAILURE,M.Silent,null,a),(c=this.ssoSilentMeasurement)==null\|\|c.end({success:!1},a),a}).finally(()=>{document.removeEventListener("visibilitychange",this.trackPageVisibilityWithMeasurement)})}async acquireTokenByCode(e){const t=this.getRequestCorrelationId(e);this.logger.trace("acquireTokenByCode called",t);const r=this.performanceClient.startMeasurement(f.AcquireTokenByCode,t);Mr(this.initialized,r),this.eventHandler.emitEvent(N.ACQUIRE_TOKEN_BY_CODE_START,M.Silent,e),r.add({scenarioId:e.scenarioId});try{if(e.code&&e.nativeAccountId)throw P(Wd);if(e.code){const o=e.code;let i=this.hybridAuthCodeResponses.get(o);return i?(this.logger.verbose("Existing acquireTokenByCode request found",t),r.discard()):(this.logger.verbose("Initiating new acquireTokenByCode request",t),i=this.acquireTokenByCodeAsync({...e,correlationId:t}).then(s=>(this.eventHandler.emitEvent(N.ACQUIRE_TOKEN_BY_CODE_SUCCESS,M.Silent,s),this.hybridAuthCodeResponses.delete(o),r.end({success:!0,isNativeBroker:s.fromNativeBroker,accessTokenSize:s.accessToken.length,idTokenSize:s.idToken.length,accountType:gt(s.account)}),s)).catch(s=>{throw this.hybridAuthCodeResponses.delete(o),this.eventHandler.emitEvent(N.ACQUIRE_TOKEN_BY_CODE_FAILURE,M.Silent,null,s),r.end({success:!1},s),s}),this.hybridAuthCodeResponses.set(o,i)),await i}else if(e.nativeAccountId)if(this.canUsePlatformBroker(e,e.nativeAccountId)){const o=await this.acquireTokenNative({...e,correlationId:t},se.acquireTokenByCode,e.nativeAccountId).catch(i=>{throw i instanceof yt&&_n(i)&&(this.nativeExtensionProvider=void 0),i});return r.end({accountType:gt(o.account),success:!0}),o}else throw P(Yd);else throw P(jd)}catch(o){throw this.eventHandler.emitEvent(N.ACQUIRE_TOKEN_BY_CODE_FAILURE,M.Silent,null,o),r.end({success:!1},o),o}}async acquireTokenByCodeAsync(e){var o;return this.logger.trace("acquireTokenByCodeAsync called",e.correlationId),this.acquireTokenByCodeAsyncMeasurement=this.performanceClient.startMeasurement(f.AcquireTokenByCodeAsync,e.correlationId),(o=this.acquireTokenByCodeAsyncMeasurement)==null\|\|o.increment({visibilityChangeCount:0}),document.addEventListener("visibilitychange",this.trackPageVisibilityWithMeasurement),await this.createSilentAuthCodeClient(e.correlationId).acquireToken(e).then(i=>{var s;return(s=this.acquireTokenByCodeAsyncMeasurement)==null\|\|s.end({success:!0,fromCache:i.fromCache,isNativeBroker:i.fromNativeBroker}),i}).catch(i=>{var s;throw(s=this.acquireTokenByCodeAsyncMeasurement)==null\|\|s.end({success:!1},i),i}).finally(()=>{document.removeEventListener("visibilitychange",this.trackPageVisibilityWithMeasurement)})}async acquireTokenFromCache(e,t){switch(this.performanceClient.addQueueMeasurement(f.AcquireTokenFromCache,e.correlationId),t){case ye.Default:case ye.AccessToken:case ye.AccessTokenAndRefreshToken:const r=this.createSilentCacheClient(e.correlationId);return T(r.acquireToken.bind(r),f.SilentCacheClientAcquireToken,this.logger,this.performanceClient,e.correlationId)(e);default:throw v(Vt)}}async acquireTokenByRefreshToken(e,t){switch(this.performanceClient.addQueueMeasurement(f.AcquireTokenByRefreshToken,e.correlationId),t){case ye.Default:case ye.AccessTokenAndRefreshToken:case ye.RefreshToken:case ye.RefreshTokenAndNetwork:const r=this.createSilentRefreshClient(e.correlationId);return T(r.acquireToken.bind(r),f.SilentRefreshClientAcquireToken,this.logger,this.performanceClient,e.correlationId)(e);default:throw v(Vt)}}async acquireTokenBySilentIframe(e){this.performanceClient.addQueueMeasurement(f.AcquireTokenBySilentIframe,e.correlationId);const t=this.createSilentIframeClient(e.correlationId);return T(t.acquireToken.bind(t),f.SilentIframeClientAcquireToken,this.logger,this.performanceClient,e.correlationId)(e)}async logout(e){const t=this.getRequestCorrelationId(e);return this.logger.warning("logout API is deprecated and will be removed in msal-browser v3.0.0. Use logoutRedirect instead.",t),this.logoutRedirect({correlationId:t,...e})}async logoutRedirect(e){const t=this.getRequestCorrelationId(e);return Ja(this.initialized,this.config),this.browserStorage.setInteractionInProgress(!0),this.createRedirectClient(t).logout(e)}logoutPopup(e){try{const t=this.getRequestCorrelationId(e);return $s(this.initialized),this.browserStorage.setInteractionInProgress(!0),this.createPopupClient(t).logout(e).finally(()=>{this.browserStorage.setInteractionInProgress(!1)})}catch(t){return Promise.reject(t)}}async clearCache(e){if(!this.isBrowserEnvironment){this.logger.info("in non-browser environment, returning early.");return}const t=this.getRequestCorrelationId(e);return this.createSilentCacheClient(t).logout(e)}getAllAccounts(e){return Ch(this.logger,this.browserStorage,this.isBrowserEnvironment,e)}getAccount(e){return Pi(e,this.logger,this.browserStorage)}getAccountByUsername(e){return yh(e,this.logger,this.browserStorage)}getAccountByHomeId(e){return Th(e,this.logger,this.browserStorage)}getAccountByLocalId(e){return Ah(e,this.logger,this.browserStorage)}setActiveAccount(e){vh(e,this.browserStorage)}getActiveAccount(){return wh(this.browserStorage)}async hydrateCache(e,t){this.logger.verbose("hydrateCache called");const r=Re.createFromAccountInfo(e.account,e.cloudGraphHostName,e.msGraphHost);return await this.browserStorage.setAccount(r,e.correlationId),e.fromNativeBroker?(this.logger.verbose("Response was from native broker, storing in-memory"),this.nativeInternalStorage.hydrateCache(e,t)):this.browserStorage.hydrateCache(e,t)}async acquireTokenNative(e,t,r,o){if(this.logger.trace("acquireTokenNative called"),!this.nativeExtensionProvider)throw P(Ms);return new Fr(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,t,this.performanceClient,this.nativeExtensionProvider,r\|\|this.getNativeAccountId(e),this.nativeInternalStorage,e.correlationId).acquireToken(e,o)}canUsePlatformBroker(e,t){if(this.logger.trace("canUsePlatformBroker called"),!At.isPlatformBrokerAvailable(this.config,this.logger,this.nativeExtensionProvider,e.authenticationScheme))return this.logger.trace("canUsePlatformBroker: isPlatformBrokerAvailable returned false, returning false"),!1;if(e.prompt)switch(e.prompt){case Ae.NONE:case Ae.CONSENT:case Ae.LOGIN:this.logger.trace("canUsePlatformBroker: prompt is compatible with platform broker flow");break;default:return this.logger.trace(`canUsePlatformBroker: prompt = ${e.prompt} is not compatible with platform broker flow, returning false`),!1}return!t&&!this.getNativeAccountId(e)?(this.logger.trace("canUsePlatformBroker: nativeAccountId is not available, returning false"),!1):!0}getNativeAccountId(e){const t=e.account\|\|this.getAccount({loginHint:e.loginHint,sid:e.sid})\|\|this.getActiveAccount();return t&&t.nativeAccountId\|\|""}createPopupClient(e){return new vC(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.performanceClient,this.nativeInternalStorage,this.nativeExtensionProvider,e)}createRedirectClient(e){return new IC(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.performanceClient,this.nativeInternalStorage,this.nativeExtensionProvider,e)}createSilentIframeClient(e){return new RC(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,se.ssoSilent,this.performanceClient,this.nativeInternalStorage,this.nativeExtensionProvider,e)}createSilentCacheClient(e){return new bh(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.performanceClient,this.nativeExtensionProvider,e)}createSilentRefreshClient(e){return new OC(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.performanceClient,this.nativeExtensionProvider,e)}createSilentAuthCodeClient(e){return new MC(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,se.acquireTokenByCode,this.performanceClient,this.nativeExtensionProvider,e)}addEventCallback(e,t){return this.eventHandler.addEventCallback(e,t)}removeEventCallback(e){this.eventHandler.removeEventCallback(e)}addPerformanceCallback(e){return uh(),this.performanceClient.addPerformanceCallback(e)}removePerformanceCallback(e){return this.performanceClient.removePerformanceCallback(e)}enableAccountStorageEvents(){if(this.config.cache.cacheLocation!==ve.LocalStorage){this.logger.info("Account storage events are only available when cacheLocation is set to localStorage");return}this.eventHandler.subscribeCrossTab()}disableAccountStorageEvents(){if(this.config.cache.cacheLocation!==ve.LocalStorage){this.logger.info("Account storage events are only available when cacheLocation is set to localStorage");return}this.eventHandler.unsubscribeCrossTab()}getTokenCache(){return this.tokenCache}getLogger(){return this.logger}setLogger(e){this.logger=e}initializeWrapperLibrary(e,t){this.browserStorage.setWrapperMetadata(e,t)}setNavigationClient(e){this.navigationClient=e}getConfiguration(){return this.config}getPerformanceClient(){return this.performanceClient}isBrowserEnv(){return this.isBrowserEnvironment}getRequestCorrelationId(e){return e!=null&&e.correlationId?e.correlationId:this.isBrowserEnvironment?We():C.EMPTY_STRING}async loginRedirect(e){const t=this.getRequestCorrelationId(e);return this.logger.verbose("loginRedirect called",t),this.acquireTokenRedirect({correlationId:t,...e\|\|_i})}loginPopup(e){const t=this.getRequestCorrelationId(e);return this.logger.verbose("loginPopup called",t),this.acquireTokenPopup({correlationId:t,...e\|\|_i})}async acquireTokenSilent(e){const t=this.getRequestCorrelationId(e),r=this.performanceClient.startMeasurement(f.AcquireTokenSilent,t);r.add({cacheLookupPolicy:e.cacheLookupPolicy,scenarioId:e.scenarioId}),Mr(this.initialized,r),this.logger.verbose("acquireTokenSilent called",t);const o=e.account\|\|this.getActiveAccount();if(!o)throw P(Kd);return r.add({accountType:gt(o)}),this.acquireTokenSilentDeduped(e,o,t).then(i=>(r.end({success:!0,fromCache:i.fromCache,isNativeBroker:i.fromNativeBroker,accessTokenSize:i.accessToken.length,idTokenSize:i.idToken.length}),{...i,state:e.state,correlationId:t})).catch(i=>{throw i instanceof Z&&i.setCorrelationId(t),r.end({success:!1},i),i})}async acquireTokenSilentDeduped(e,t,r){const o=ko(this.config.auth.clientId,{...e,authority:e.authority\|\|this.config.auth.authority},t.homeAccountId),i=JSON.stringify(o),s=this.activeSilentTokenRequests.get(i);if(typeof s>"u"){this.logger.verbose("acquireTokenSilent called for the first time, storing active request",r),this.performanceClient.addFields({deduped:!1},r);const a=T(this.acquireTokenSilentAsync.bind(this),f.AcquireTokenSilentAsync,this.logger,this.performanceClient,r)({...e,correlationId:r},t);return this.activeSilentTokenRequests.set(i,a),a.finally(()=>{this.activeSilentTokenRequests.delete(i)})}else return this.logger.verbose("acquireTokenSilent has been called previously, returning the result from the first call",r),this.performanceClient.addFields({deduped:!0},r),s}async acquireTokenSilentAsync(e,t){const r=()=>this.trackPageVisibility(e.correlationId);this.performanceClient.addQueueMeasurement(f.AcquireTokenSilentAsync,e.correlationId),this.eventHandler.emitEvent(N.ACQUIRE_TOKEN_START,M.Silent,e),e.correlationId&&this.performanceClient.incrementFields({visibilityChangeCount:0},e.correlationId),document.addEventListener("visibilitychange",r);const o=await T(iC,f.InitializeSilentRequest,this.logger,this.performanceClient,e.correlationId)(e,t,this.config,this.performanceClient,this.logger),i=e.cacheLookupPolicy\|\|ye.Default;return this.acquireTokenSilentNoIframe(o,i).catch(async a=>{if(xC(a,i))if(this.activeIframeRequest)if(i!==ye.Skip){const[d,l]=this.activeIframeRequest;this.logger.verbose(`Iframe request is already in progress, awaiting resolution for request with correlationId: ${l}`,o.correlationId);const h=this.performanceClient.startMeasurement(f.AwaitConcurrentIframe,o.correlationId);h.add({awaitIframeCorrelationId:l});const p=await d;if(h.end({success:p}),p)return this.logger.verbose(`Parallel iframe request with correlationId: ${l} succeeded. Retrying cache and/or RT redemption`,o.correlationId),this.acquireTokenSilentNoIframe(o,i);throw this.logger.info(`Iframe request with correlationId: ${l} failed. Interaction is required.`),a}else return this.logger.warning("Another iframe request is currently in progress and CacheLookupPolicy is set to Skip. This may result in degraded performance and/or reliability for both calls. Please consider changing the CacheLookupPolicy to take advantage of request queuing and token cache.",o.correlationId),T(this.acquireTokenBySilentIframe.bind(this),f.AcquireTokenBySilentIframe,this.logger,this.performanceClient,o.correlationId)(o);else{let d;return this.activeIframeRequest=[new Promise(l=>{d=l}),o.correlationId],this.logger.verbose("Refresh token expired/invalid or CacheLookupPolicy is set to Skip, attempting acquire token by iframe.",o.correlationId),T(this.acquireTokenBySilentIframe.bind(this),f.AcquireTokenBySilentIframe,this.logger,this.performanceClient,o.correlationId)(o).then(l=>(d(!0),l)).catch(l=>{throw d(!1),l}).finally(()=>{this.activeIframeRequest=void 0})}else throw a}).then(a=>(this.eventHandler.emitEvent(N.ACQUIRE_TOKEN_SUCCESS,M.Silent,a),e.correlationId&&this.performanceClient.addFields({fromCache:a.fromCache,isNativeBroker:a.fromNativeBroker},e.correlationId),a)).catch(a=>{throw this.eventHandler.emitEvent(N.ACQUIRE_TOKEN_FAILURE,M.Silent,null,a),a}).finally(()=>{document.removeEventListener("visibilitychange",r)})}async acquireTokenSilentNoIframe(e,t){return At.isPlatformBrokerAvailable(this.config,this.logger,this.nativeExtensionProvider,e.authenticationScheme)&&e.account.nativeAccountId?(this.logger.verbose("acquireTokenSilent - attempting to acquire token from native platform"),this.acquireTokenNative(e,se.acquireTokenSilent_silentFlow,e.account.nativeAccountId,t).catch(async r=>{throw r instanceof yt&&_n(r)?(this.logger.verbose("acquireTokenSilent - native platform unavailable, falling back to web flow"),this.nativeExtensionProvider=void 0,v(Vt)):r})):(this.logger.verbose("acquireTokenSilent - attempting to acquire token from web flow"),t===ye.AccessToken&&this.logger.verbose("acquireTokenSilent - cache lookup policy set to AccessToken, attempting to acquire token from local cache"),T(this.acquireTokenFromCache.bind(this),f.AcquireTokenFromCache,this.logger,this.performanceClient,e.correlationId)(e,t).catch(r=>{if(t===ye.AccessToken)throw r;return this.eventHandler.emitEvent(N.ACQUIRE_TOKEN_NETWORK_START,M.Silent,e),T(this.acquireTokenByRefreshToken.bind(this),f.AcquireTokenByRefreshToken,this.logger,this.performanceClient,e.correlationId)(e,t)}))}async preGeneratePkceCodes(e){return this.logger.verbose("Generating new PKCE codes"),this.pkceCode=await T(Lo,f.GeneratePkceCodes,this.logger,this.performanceClient,e)(this.performanceClient,this.logger,e),Promise.resolve()}getPreGeneratedPkceCodes(e){this.logger.verbose("Attempting to pick up pre-generated PKCE codes");const t=this.pkceCode?{...this.pkceCode}:void 0;return this.pkceCode=void 0,this.logger.verbose(`${t?"Found":"Did not find"} pre-generated PKCE codes`),this.performanceClient.addFields({usePreGeneratedPkce:!!t},e),t}}function xC(n,e){const t=!(n instanceof nt&&n.subError!==Oo),r=n.errorCode===He.INVALID_GRANT_ERROR\|\|n.errorCode===Vt,o=t&&r\|\|n.errorCode===no\|\|n.errorCode===Es,i=ym.includes(e);return o&&i}/! @azure/msal-browser v4.9.0 2025-03-25 /function HC(n){return n.status!==void 0}/! @azure/msal-browser v4.9.0 2025-03-25 /class LC{constructor(e,t,r,o){this.clientId=e,this.clientCapabilities=t,this.crypto=r,this.logger=o}toNaaTokenRequest(e){var a;let t;e.extraQueryParameters===void 0?t=new Map:t=new Map(Object.entries(e.extraQueryParameters));const r=e.correlationId\|\|this.crypto.createNewGuid(),o=ud(e.claims,this.clientCapabilities),i=e.scopes\|\|yn;return{platformBrokerId:(a=e.account)==null?void 0:a.homeAccountId,clientId:this.clientId,authority:e.authority,scope:i.join(" "),correlationId:r,claims:at.isEmptyObj(o)?void 0:o,state:e.state,authenticationScheme:e.authenticationScheme\|\|X.BEARER,extraParameters:t}}fromNaaTokenResponse(e,t,r){if(!t.token.id_token\|\|!t.token.access_token)throw v(jr);const o=xt(r+(t.token.expires_in\|\|0)),i=Yt(t.token.id_token,this.crypto.base64Decode),s=this.fromNaaAccountInfo(t.account,t.token.id_token,i),a=t.token.scope\|\|e.scope;return{authority:t.token.authority\|\|s.environment,uniqueId:s.localAccountId,tenantId:s.tenantId,scopes:a.split(" "),account:s,idToken:t.token.id_token,idTokenClaims:i,accessToken:t.token.access_token,fromCache:!1,expiresOn:o,tokenType:e.authenticationScheme\|\|X.BEARER,correlationId:e.correlationId,extExpiresOn:o,state:e.state}}fromNaaAccountInfo(e,t,r){const o=r\|\|e.idTokenClaims,i=e.localAccountId\|\|(o==null?void 0:o.oid)\|\|(o==null?void 0:o.sub)\|\|"",s=e.tenantId\|\|(o==null?void 0:o.tid)\|\|"",a=e.homeAccountId\|\|`${i}.${s}`,c=e.username\|\|(o==null?void 0:o.preferred_username)\|\|"",d=e.name\|\|(o==null?void 0:o.name),l=new Map,h=Eo(a,i,s,o);return l.set(s,h),{homeAccountId:a,environment:e.environment,tenantId:s,username:c,localAccountId:i,name:d,idToken:t,idTokenClaims:o,tenantProfiles:l}}fromBridgeError(e){if(HC(e))switch(e.status){case kt.UserCancel:return new Gt(Ol);case kt.NoNetwork:return new Gt(Rl);case kt.AccountUnavailable:return new Gt(Wr);case kt.Disabled:return new Gt(Ti);case kt.NestedAppAuthUnavailable:return new Gt(e.code\|\|Ti,e.description);case kt.TransientError:case kt.PersistentError:return new en(e.code,e.description);case kt.UserInteractionRequired:return new nt(e.code,e.description);default:return new Z(e.code,e.description)}else return new Z("unknown_error","An unknown error occurred")}toAuthenticationResultFromCache(e,t,r,o,i){if(!t\|\|!r)throw v(jr);const s=Yt(t.secret,this.crypto.base64Decode),a=r.target\|\|o.scopes.join(" ");return{authority:r.environment\|\|e.environment,uniqueId:e.localAccountId,tenantId:e.tenantId,scopes:a.split(" "),account:e,idToken:t.secret,idTokenClaims:s\|\|{},accessToken:r.secret,fromCache:!0,expiresOn:xt(r.expiresOn),extExpiresOn:xt(r.extendedExpiresOn),tokenType:o.authenticationScheme\|\|X.BEARER,correlationId:i,state:o.state}}}/! @azure/msal-browser v4.9.0 2025-03-25 /const oc={unsupportedMethod:{code:"unsupported_method",desc:"This method is not supported in nested app environment."}};class Ce extends Z{constructor(e,t){super(e,t),Object.setPrototypeOf(this,Ce.prototype),this.name="NestedAppAuthError"}static createUnsupportedError(){return new Ce(oc.unsupportedMethod.code,oc.unsupportedMethod.desc)}}/! @azure/msal-browser v4.9.0 2025-03-25 /class Qs{constructor(e){this.operatingContext=e;const t=this.operatingContext.getBridgeProxy();if(t!==void 0)this.bridgeProxy=t;else throw new Error("unexpected: bridgeProxy is undefined");this.config=e.getConfig(),this.logger=this.operatingContext.getLogger(),this.performanceClient=this.config.telemetry.client,this.browserCrypto=e.isBrowserEnvironment()?new It(this.logger,this.performanceClient,!0):fr,this.eventHandler=new Ih(this.logger),this.browserStorage=this.operatingContext.isBrowserEnvironment()?new so(this.config.auth.clientId,this.config.cache,this.browserCrypto,this.logger,this.performanceClient,this.eventHandler,Cd(this.config.auth)):mh(this.config.auth.clientId,this.logger,this.performanceClient,this.eventHandler),this.nestedAppAuthAdapter=new LC(this.config.auth.clientId,this.config.auth.clientCapabilities,this.browserCrypto,this.logger);const r=this.bridgeProxy.getAccountContext();this.currentAccountContext=r\|\|null}static async createController(e){const t=new Qs(e);return Promise.resolve(t)}async initialize(e){const t=(e==null?void 0:e.correlationId)\|\|We();return await this.browserStorage.initialize(t),Promise.resolve()}ensureValidRequest(e){return e!=null&&e.correlationId?e:{...e,correlationId:this.browserCrypto.createNewGuid()}}async acquireTokenInteractive(e){const t=this.ensureValidRequest(e);this.eventHandler.emitEvent(N.ACQUIRE_TOKEN_START,M.Popup,t);const r=this.performanceClient.startMeasurement(f.AcquireTokenPopup,t.correlationId);r==null\|\|r.add({nestedAppAuthRequest:!0});try{const o=this.nestedAppAuthAdapter.toNaaTokenRequest(t),i=Fe(),s=await this.bridgeProxy.getTokenInteractive(o),a={...this.nestedAppAuthAdapter.fromNaaTokenResponse(o,s,i)};return await this.hydrateCache(a,e),this.currentAccountContext={homeAccountId:a.account.homeAccountId,environment:a.account.environment,tenantId:a.account.tenantId},this.eventHandler.emitEvent(N.ACQUIRE_TOKEN_SUCCESS,M.Popup,a),r.add({accessTokenSize:a.accessToken.length,idTokenSize:a.idToken.length}),r.end({success:!0,requestId:a.requestId}),a}catch(o){const i=o instanceof Z?o:this.nestedAppAuthAdapter.fromBridgeError(o);throw this.eventHandler.emitEvent(N.ACQUIRE_TOKEN_FAILURE,M.Popup,null,o),r.end({success:!1},o),i}}async acquireTokenSilentInternal(e){const t=this.ensureValidRequest(e);this.eventHandler.emitEvent(N.ACQUIRE_TOKEN_START,M.Silent,t);const r=await this.acquireTokenFromCache(t);if(r)return this.eventHandler.emitEvent(N.ACQUIRE_TOKEN_SUCCESS,M.Silent,r),r;const o=this.performanceClient.startMeasurement(f.SsoSilent,t.correlationId);o==null\|\|o.increment({visibilityChangeCount:0}),o==null\|\|o.add({nestedAppAuthRequest:!0});try{const i=this.nestedAppAuthAdapter.toNaaTokenRequest(t),s=Fe(),a=await this.bridgeProxy.getTokenSilent(i),c=this.nestedAppAuthAdapter.fromNaaTokenResponse(i,a,s);return await this.hydrateCache(c,e),this.currentAccountContext={homeAccountId:c.account.homeAccountId,environment:c.account.environment,tenantId:c.account.tenantId},this.eventHandler.emitEvent(N.ACQUIRE_TOKEN_SUCCESS,M.Silent,c),o==null\|\|o.add({accessTokenSize:c.accessToken.length,idTokenSize:c.idToken.length}),o==null\|\|o.end({success:!0,requestId:c.requestId}),c}catch(i){const s=i instanceof Z?i:this.nestedAppAuthAdapter.fromBridgeError(i);throw this.eventHandler.emitEvent(N.ACQUIRE_TOKEN_FAILURE,M.Silent,null,i),o==null\|\|o.end({success:!1},i),s}}async acquireTokenFromCache(e){const t=this.performanceClient.startMeasurement(f.AcquireTokenSilent,e.correlationId);if(t==null\|\|t.add({nestedAppAuthRequest:!0}),e.claims)return this.logger.verbose("Claims are present in the request, skipping cache lookup"),null;if(e.forceRefresh)return this.logger.verbose("forceRefresh is set to true, skipping cache lookup"),null;let r=null;switch(e.cacheLookupPolicy\|\|(e.cacheLookupPolicy=ye.Default),e.cacheLookupPolicy){case ye.Default:case ye.AccessToken:case ye.AccessTokenAndRefreshToken:r=await this.acquireTokenFromCacheInternal(e);break;default:return null}return r?(this.eventHandler.emitEvent(N.ACQUIRE_TOKEN_SUCCESS,M.Silent,r),t==null\|\|t.add({accessTokenSize:r==null?void 0:r.accessToken.length,idTokenSize:r==null?void 0:r.idToken.length}),t==null\|\|t.end({success:!0}),r):(this.logger.error("Cached tokens are not found for the account, proceeding with silent token request."),this.eventHandler.emitEvent(N.ACQUIRE_TOKEN_FAILURE,M.Silent,null),t==null\|\|t.end({success:!1}),null)}async acquireTokenFromCacheInternal(e){var c;const t=this.bridgeProxy.getAccountContext()\|\|this.currentAccountContext;let r=null;if(t&&(r=Pi(t,this.logger,this.browserStorage)),!r)return this.logger.verbose("No active account found, falling back to the host"),Promise.resolve(null);this.logger.verbose("active account found, attempting to acquire token silently");const o={...e,correlationId:e.correlationId\|\|this.browserCrypto.createNewGuid(),authority:e.authority\|\|r.environment,scopes:(c=e.scopes)!=null&&c.length?e.scopes:[...yn]},i=this.browserStorage.getTokenKeys(),s=this.browserStorage.getAccessToken(r,o,i,r.tenantId,this.performanceClient,o.correlationId);if(s){if(Ml(s.cachedAt)\|\|Yr(s.expiresOn,this.config.system.tokenRenewalOffsetSeconds))return this.logger.verbose("Cached access token has expired"),Promise.resolve(null)}else return this.logger.verbose("No cached access token found"),Promise.resolve(null);const a=this.browserStorage.getIdToken(r,i,r.tenantId,this.performanceClient,o.correlationId);return a?this.nestedAppAuthAdapter.toAuthenticationResultFromCache(r,a,s,o,o.correlationId):(this.logger.verbose("No cached id token found"),Promise.resolve(null))}async acquireTokenPopup(e){return this.acquireTokenInteractive(e)}acquireTokenRedirect(e){throw Ce.createUnsupportedError()}async acquireTokenSilent(e){return this.acquireTokenSilentInternal(e)}acquireTokenByCode(e){throw Ce.createUnsupportedError()}acquireTokenNative(e,t,r){throw Ce.createUnsupportedError()}acquireTokenByRefreshToken(e,t){throw Ce.createUnsupportedError()}addEventCallback(e,t){return this.eventHandler.addEventCallback(e,t)}removeEventCallback(e){this.eventHandler.removeEventCallback(e)}addPerformanceCallback(e){throw Ce.createUnsupportedError()}removePerformanceCallback(e){throw Ce.createUnsupportedError()}enableAccountStorageEvents(){throw Ce.createUnsupportedError()}disableAccountStorageEvents(){throw Ce.createUnsupportedError()}getAllAccounts(e){return Ch(this.logger,this.browserStorage,this.isBrowserEnv(),e)}getAccount(e){return Pi(e,this.logger,this.browserStorage)}getAccountByUsername(e){return yh(e,this.logger,this.browserStorage)}getAccountByHomeId(e){return Th(e,this.logger,this.browserStorage)}getAccountByLocalId(e){return Ah(e,this.logger,this.browserStorage)}setActiveAccount(e){return vh(e,this.browserStorage)}getActiveAccount(){return wh(this.browserStorage)}handleRedirectPromise(e){return Promise.resolve(null)}loginPopup(e){return this.acquireTokenInteractive(e\|\|_i)}loginRedirect(e){throw Ce.createUnsupportedError()}logout(e){throw Ce.createUnsupportedError()}logoutRedirect(e){throw Ce.createUnsupportedError()}logoutPopup(e){throw Ce.createUnsupportedError()}ssoSilent(e){return this.acquireTokenSilentInternal(e)}getTokenCache(){throw Ce.createUnsupportedError()}getLogger(){return this.logger}setLogger(e){this.logger=e}initializeWrapperLibrary(e,t){}setNavigationClient(e){this.logger.warning("setNavigationClient is not supported in nested app auth")}getConfiguration(){return this.config}isBrowserEnv(){return this.operatingContext.isBrowserEnvironment()}getBrowserCrypto(){return this.browserCrypto}getPerformanceClient(){throw Ce.createUnsupportedError()}getRedirectResponse(){throw Ce.createUnsupportedError()}async clearCache(e){throw Ce.createUnsupportedError()}async hydrateCache(e,t){this.logger.verbose("hydrateCache called");const r=Re.createFromAccountInfo(e.account,e.cloudGraphHostName,e.msGraphHost);return await this.browserStorage.setAccount(r,e.correlationId),this.browserStorage.hydrateCache(e,t)}}/! @azure/msal-browser v4.9.0 2025-03-25 /async function UC(n,e){const t=new mn(n);return await t.initialize(),Uo.createController(t,e)}/! @azure/msal-browser v4.9.0 2025-03-25 /class Do{static async createPublicClientApplication(e){const t=await UC(e);return new Do(e,t)}constructor(e,t){this.controller=t\|\|new Uo(new mn(e))}async initialize(e){return this.controller.initialize(e)}async acquireTokenPopup(e){return this.controller.acquireTokenPopup(e)}acquireTokenRedirect(e){return this.controller.acquireTokenRedirect(e)}acquireTokenSilent(e){return this.controller.acquireTokenSilent(e)}acquireTokenByCode(e){return this.controller.acquireTokenByCode(e)}addEventCallback(e,t){return this.controller.addEventCallback(e,t)}removeEventCallback(e){return this.controller.removeEventCallback(e)}addPerformanceCallback(e){return this.controller.addPerformanceCallback(e)}removePerformanceCallback(e){return this.controller.removePerformanceCallback(e)}enableAccountStorageEvents(){this.controller.enableAccountStorageEvents()}disableAccountStorageEvents(){this.controller.disableAccountStorageEvents()}getAccount(e){return this.controller.getAccount(e)}getAccountByHomeId(e){return this.controller.getAccountByHomeId(e)}getAccountByLocalId(e){return this.controller.getAccountByLocalId(e)}getAccountByUsername(e){return this.controller.getAccountByUsername(e)}getAllAccounts(e){return this.controller.getAllAccounts(e)}handleRedirectPromise(e){return this.controller.handleRedirectPromise(e)}loginPopup(e){return this.controller.loginPopup(e)}loginRedirect(e){return this.controller.loginRedirect(e)}logout(e){return this.controller.logout(e)}logoutRedirect(e){return this.controller.logoutRedirect(e)}logoutPopup(e){return this.controller.logoutPopup(e)}ssoSilent(e){return this.controller.ssoSilent(e)}getTokenCache(){return this.controller.getTokenCache()}getLogger(){return this.controller.getLogger()}setLogger(e){this.controller.setLogger(e)}setActiveAccount(e){this.controller.setActiveAccount(e)}getActiveAccount(){return this.controller.getActiveAccount()}initializeWrapperLibrary(e,t){return this.controller.initializeWrapperLibrary(e,t)}setNavigationClient(e){this.controller.setNavigationClient(e)}getConfiguration(){return this.controller.getConfiguration()}async hydrateCache(e,t){return this.controller.hydrateCache(e,t)}clearCache(e){return this.controller.clearCache(e)}}async function DC(n){const e=new Dn(n);if(await e.initialize(),e.isAvailable()){const t=new Qs(e),r=new Do(n,t);return await r.initialize(),r}return FC(n)}async function FC(n){const e=new Do(n);return await e.initialize(),e}const KC={class:"d-flex gap",id:"app"},BC={key:0,class:"alert alert-error rounded-md p-2 d-flex flex-row gap"},GC={width:"24",height:"24",fill:"none",viewBox:"0 0 24 24",xmlns:"http://www.w3.org/2000/svg",class:"h-32 w-32",style:{color:"rgb(33, 33, 33)"}},$C={key:1,class:"alert alert-warning rounded-md p-2 d-flex flex-row gap"},zC={width:"24",height:"24",fill:"none",viewBox:"0 0 24 24",xmlns:"http://www.w3.org/2000/svg",class:"h-32 w-32",style:{color:"rgb(33, 33, 33)"}},qC={class:"alert alert-warning rounded-md p-2 d-flex flex-column gap"},VC={width:"24",height:"24",fill:"none",viewBox:"0 0 24 24",xmlns:"http://www.w3.org/2000/svg",class:"h-32 w-32",style:{color:"rgb(33, 33, 33)"}},jC={class:"d-flex flex-row gap"},WC=["onClick"],YC=["onClick"],QC={class:"mt-3"},JC=["disabled"],XC={key:1},ZC={key:2,class:"draft-container"},ey={key:0,id:"drafts",class:"my-0 list-unstyled gap d-flex"},ty=["onClick"],ny=["onClick"],ry={class:"sr-only"},oy={key:1},iy={__name:"App",setup(n){const e=Dt(""),t=Dt(""),r=Dt(!1),o=Dt(!1),i=Dt([]),s=Dt([]),a=Dt({encrypted:!1,signed:!1,drafts:[],fetched:!1,fetching:!1,folderId:""}),c=Dt(null);let d,l=null;const h=Lr(()=>a.value.fetched),p=Lr(()=>h.value?a.value.encrypted?a.value.signed?Xe("This mail is encrypted and signed."):Xe("This mail is encrypted."):a.value.signed?Xe("This mail is signed"):Xe("This mail is not encrypted nor signed."):i.value.length>0?Ze("Loading placeholder","Waiting for authorization"):e.value.length>0?e.value:Ze("Loading placeholder","Loading…")),y=Lr(()=>h.value?a.value.encrypted?Ze("@action:button","Decrypt"):Ze("@action:button","View email"):"");function b(W,x){console.log(W,x),c.value&&c.value.send(JSON.stringify({command:"log",arguments:{message:W,args:JSON.stringify(x)}}))}function S(W){c.value.send(JSON.stringify({command:W,arguments:{email:Office.context.mailbox.userProfile.emailAddress,displayName:Office.context.mailbox.userProfile.displayName,folderId:a.value.folderId,itemId:Office.context.mailbox.convertToEwsId(Office.context.mailbox.item.itemId,Office.MailboxEnums.RestVersion.v2_0),ewsAccessToken:l,verifiedNativeClients:s.value}}))}function q(){S("reencrypt")}function D(){S("view")}function V(){S("reply")}function J(){S("forward")}function H(){S("composer")}function ae(W){c.value.send(JSON.stringify({command:"open-draft",arguments:{id:W,email:Office.context.mailbox.userProfile.emailAddress,displayName:Office.context.mailbox.userProfile.displayName,ewsAccessToken:l,verifiedNativeClients:s.value}}))}function Be(W){c.value.send(JSON.stringify({command:"delete-draft",arguments:{id:W,email:Office.context.mailbox.userProfile.emailAddress,displayName:Office.context.mailbox.userProfile.displayName,ewsAccessToken:l,verifiedNativeClients:s.value}}))}function me(){a.value.fetching\|\|s.value.length===0\|\|(a.value.fetched=!1,a.value.fetching=!0,c.value.send(JSON.stringify({command:"info",arguments:{itemId:Office.context.mailbox.convertToEwsId(Office.context.mailbox.item.itemId,Office.MailboxEnums.RestVersion.v2_0),email:Office.context.mailbox.userProfile.emailAddress,ewsAccessToken:l,verifiedNativeClients:s.value}})))}function Ye(W){i.value.splice(i.value.findIndex(x=>x.id===W),1),s.value.push(W),localStorage.setItem("verifiedNativeClients",s.value.join(";")),me()}function Ut(W){i.value.splice(i.value.findIndex(x=>x.id===W),1)}function Qe(W){const x=new Date(W*1e3);let $=new Date;return new Date(x).setHours(0,0,0,0)===$.setHours(0,0,0,0)?x.toLocaleTimeString([],{hour:"numeric",minute:"numeric"}):x.toLocaleDateString()}async function tn(W){Office.context.mailbox.makeEwsRequestAsync(W.arguments.body,x=>{if(x.error){b("Error while trying to send email via EWS",{error:x.error,value:x.value});return}b("Email sent",{value:x.value}),c.value.send(JSON.stringify({command:"ews-response",arguments:{requestId:W.arguments.requestId,email:Office.context.mailbox.userProfile.emailAddress,body:x.value}}))})}function nn(){console.log("Set socket",c.value),!(c.value&&c.value.readyState===WebSocket.OPEN)&&(console.log("Set socket"),c.value=new WebSocket("wss://"+window.location.host+"/websocket"),c.value.addEventListener("open",W=>{e.value="",c.value.send(JSON.stringify({command:"register",arguments:{emails:[Office.context.mailbox.userProfile.emailAddress],type:"webclient"}})),c.value.send(JSON.stringify({command:"restore-autosave",arguments:{email:Office.context.mailbox.userProfile.emailAddress,displayName:Office.context.mailbox.userProfile.displayName,ewsAccessToken:l}})),me()}),c.value.addEventListener("close",W=>{e.value=Xe("Native client was disconnected, reconnecting in 1 second."),console.log(W.reason),setTimeout(function(){nn()},1e3)}),c.value.addEventListener("error",W=>{e.value=Xe("Native client received an error"),c.value.close()}),c.value.addEventListener("message",function(W){const{data:x}=W,$=JSON.parse(x);switch(b("Received message from server",{command:$.command}),$.command){case"ews":tn($);break;case"error":e.value=$.arguments.error;break;case"viewer-closed":case"viewer-opened":o.value=$.command==="viewer-opened";break;case"disconnection":e.value=Xe("Native client was disconnected");break;case"connection":if(e.value="",s.value.includes($.arguments.id))me();else{if(i.value.findIndex($n=>$n.id===$.arguments.id)>=0)break;i.value.push({id:$.arguments.id,name:$.arguments.name})}break;case"info-fetched":const{itemId:ee,folderId:ie,encrypted:Et,signed:An,drafts:_t,version:Je}=$.arguments;if(a.value.fetching=!1,a.value.drafts=_t,ee===Office.context.mailbox.convertToEwsId(Office.context.mailbox.item.itemId,Office.MailboxEnums.RestVersion.v2_0)){a.value.fetched=!0,a.value.encrypted=Et,a.value.signed=An,a.value.folderId=ie,o.value=$.arguments.viewerOpen,o.value&&D();let Fo=new URLSearchParams(document.location.search).get("version");Je!==Fo&&(t.value=Ze("@info","Version mismatch. Make sure you installed the last manifest.xml."))}else a.value.fetched=!1,b("Received info for wrong email",{itemId:ee,currentItemId:Office.context.mailbox.convertToEwsId(Office.context.mailbox.item.itemId,Office.MailboxEnums.RestVersion.v2_0)}),me()}}))}async function Tn(){d=await DC({auth:{clientId:"1d6f4a59-be04-4274-8793-71b4c081eb72",authority:"https://login.microsoftonline.com/common"}});{const W={scopes:["https://outlook.office365.com/EWS.AccessAsUser.All"]};try{console.log("Trying to acquire token silently...");const x=await d.acquireTokenSilent(W);console.log("Acquired token silently."),l=x.accessToken}catch(x){console.log(`Unable to acquire token silently: ${x}`)}if(l===null)try{console.log("Trying to acquire token interactively...");const x=await d.acquireTokenPopup(W);console.log("Acquired token interactively."),l=x.accessToken}catch(x){console.error(`Unable to acquire token interactively: ${x}`)}l===null&&(e.value=Xe("Unable to acquire access token."))}}return Dc(async()=>{var W;s.value=((W=localStorage.getItem("verifiedNativeClients"))==null?void 0:W.split(";"))??[],Office.context.requirements.isSetSupported("NestedAppAuth","1.1")&&await Tn(),nn(),Office.context.mailbox.addHandlerAsync(Office.EventType.ItemChanged,x=>{a.value.fetching=!1,a.value.fetched=!1,Office.context.mailbox.item?me():(content.value="",r.value=!1)})}),(W,x)=>(Ie(),Oe("div",KC,[e.value.length>0?(Ie(),Oe("div",BC,[(Ie(),Oe("svg",GC,x[1]\|\|(x[1]=[j("path",{d:"M12 2c5.523 0 10 4.478 10 10s-4.477 10-10 10S2 17.522 2 12 6.477 2 12 2Zm0 1.667c-4.595 0-8.333 3.738-8.333 8.333 0 4.595 3.738 8.333 8.333 8.333 4.595 0 8.333-3.738 8.333-8.333 0-4.595-3.738-8.333-8.333-8.333Zm-.001 10.835a.999.999 0 1 1 0 1.998.999.999 0 0 1 0-1.998ZM11.994 7a.75.75 0 0 1 .744.648l.007.101.004 4.502a.75.75 0 0 1-1.493.103l-.007-.102-.004-4.501a.75.75 0 0 1 .75-.751Z",fill:"currentColor","fill-opacity":"1"},null,-1)]))),j("div",null,we(e.value),1)])):Yn("",!0),t.value.length>0?(Ie(),Oe("div",$C,[(Ie(),Oe("svg",zC,x[2]\|\|(x[2]=[j("path",{d:"M10.91 2.782a2.25 2.25 0 0 1 2.975.74l.083.138 7.759 14.009a2.25 2.25 0 0 1-1.814 3.334l-.154.006H4.243a2.25 2.25 0 0 1-2.041-3.197l.072-.143L10.031 3.66a2.25 2.25 0 0 1 .878-.878Zm9.505 15.613-7.76-14.008a.75.75 0 0 0-1.254-.088l-.057.088-7.757 14.008a.75.75 0 0 0 .561 1.108l.095.006h15.516a.75.75 0 0 0 .696-1.028l-.04-.086-7.76-14.008 7.76 14.008ZM12 16.002a.999.999 0 1 1 0 1.997.999.999 0 0 1 0-1.997ZM11.995 8.5a.75.75 0 0 1 .744.647l.007.102.004 4.502a.75.75 0 0 1-1.494.103l-.006-.102-.004-4.502a.75.75 0 0 1 .75-.75Z",fill:"currentColor","fill-opacity":"1"},null,-1)]))),j("div",null,we(t.value),1)])):Yn("",!0),(Ie(!0),Oe(ot,null,oa(i.value,$=>(Ie(),Oe("div",qC,[(Ie(),Oe("svg",VC,x[3]\|\|(x[3]=[j("path",{d:"M10.91 2.782a2.25 2.25 0 0 1 2.975.74l.083.138 7.759 14.009a2.25 2.25 0 0 1-1.814 3.334l-.154.006H4.243a2.25 2.25 0 0 1-2.041-3.197l.072-.143L10.031 3.66a2.25 2.25 0 0 1 .878-.878Zm9.505 15.613-7.76-14.008a.75.75 0 0 0-1.254-.088l-.057.088-7.757 14.008a.75.75 0 0 0 .561 1.108l.095.006h15.516a.75.75 0 0 0 .696-1.028l-.04-.086-7.76-14.008 7.76 14.008ZM12 16.002a.999.999 0 1 1 0 1.997.999.999 0 0 1 0-1.997ZM11.995 8.5a.75.75 0 0 1 .744.647l.007.102.004 4.502a.75.75 0 0 1-1.494.103l-.006-.102-.004-4.502a.75.75 0 0 1 .75-.75Z",fill:"currentColor","fill-opacity":"1"},null,-1)]))),j("div",null,we(et(Xe)("Unknow device: %1. Do you trust this device?",$.name)),1),j("div",jC,[j("button",{class:"w-100 btn rounded-md fa mt-3",onClick:ee=>Ut($.id)},we(et(Xe)("Don't Trust")),9,WC),j("button",{class:"w-100 btn rounded-md fa mt-3",onClick:ee=>Ye($.id)},we(et(Xe)("Trust")),9,YC)])]))),256)),j("div",null,[j("div",QC,we(p.value),1),h.value?(Ie(),Oe("button",{key:0,class:"w-100 btn rounded-md fa mt-3",onClick:D,disabled:o.value},[x[4]\|\|(x[4]=j("svg",{xmlns:"http://www.w3.org/2000/svg",width:"1.5em",height:"1.5em",viewBox:"0 0 20 20"},[j("path",{fill:"currentColor",d:"M18 5.95a2.5 2.5 0 1 0-1.002-4.9A2.5 2.5 0 0 0 18 5.95M4.5 3h9.535a3.5 3.5 0 0 0 0 1H4.5A1.5 1.5 0 0 0 3 5.5v.302l7 4.118l5.754-3.386c.375.217.795.365 1.241.43l-6.741 3.967a.5.5 0 0 1-.426.038l-.082-.038L3 6.963V13.5A1.5 1.5 0 0 0 4.5 15h11a1.5 1.5 0 0 0 1.5-1.5V6.965a3.5 3.5 0 0 0 1 0V13.5a2.5 2.5 0 0 1-2.5 2.5h-11A2.5 2.5 0 0 1 2 13.5v-8A2.5 2.5 0 0 1 4.5 3"})],-1)),an(" "+we(y.value),1)],8,JC)):Yn("",!0),o.value?(Ie(),Oe("div",XC,[j("small",null,we(et(Ze)("@info","Viewer already open.")),1)])):Yn("",!0)]),x[12]\|\|(x[12]=j("hr",{class:"w-100 my-0"},null,-1)),j("button",{class:"w-100 btn rounded-md",onClick:x[0]\|\|(x[0]=$=>H())},[x[5]\|\|(x[5]=j("svg",{xmlns:"http://www.w3.org/2000/svg",width:"1.5em",height:"1.5em",viewBox:"0 0 20 20"},[j("path",{fill:"currentColor",d:"M15.5 4A2.5 2.5 0 0 1 18 6.5v8a2.5 2.5 0 0 1-2.5 2.5h-11A2.5 2.5 0 0 1 2 14.5v-8A2.5 2.5 0 0 1 4.5 4zM17 7.961l-6.746 3.97a.5.5 0 0 1-.426.038l-.082-.038L3 7.963V14.5A1.5 1.5 0 0 0 4.5 16h11a1.5 1.5 0 0 0 1.5-1.5zM15.5 5h-11A1.5 1.5 0 0 0 3 6.5v.302l7 4.118l7-4.12v-.3A1.5 1.5 0 0 0 15.5 5"})],-1)),an(" "+we(et(Ze)("@action:button","New secure email")),1)]),j("button",{class:"w-100 btn rounded-md",onClick:V},[x[6]\|\|(x[6]=j("svg",{xmlns:"http://www.w3.org/2000/svg",width:"1.5em",height:"1.5em",viewBox:"0 0 20 20"},[j("path",{fill:"currentColor",d:"M7.354 3.646a.5.5 0 0 1 0 .708L3.707 8H10.5a7.5 7.5 0 0 1 7.5 7.5a.5.5 0 0 1-1 0A6.5 6.5 0 0 0 10.5 9H3.707l3.647 3.646a.5.5 0 0 1-.708.708l-4.5-4.5a.5.5 0 0 1 0-.708l4.5-4.5a.5.5 0 0 1 .708 0"})],-1)),an(" "+we(et(Ze)("@action:button","Reply securely")),1)]),j("button",{class:"w-100 btn rounded-md",onClick:J},[x[7]\|\|(x[7]=j("svg",{xmlns:"http://www.w3.org/2000/svg",width:"1.5em",height:"1.5em",viewBox:"0 0 20 20"},[j("path",{fill:"currentColor",d:"m16.293 9l-3.39 3.39a.5.5 0 0 0 .639.765l.069-.058l4.243-4.243a.5.5 0 0 0 .057-.638l-.057-.07l-4.243-4.242a.5.5 0 0 0-.765.638l.058.07L16.293 8H10a7.5 7.5 0 0 0-7.496 7.258L2.5 15.5a.5.5 0 0 0 1 0a6.5 6.5 0 0 1 6.267-6.496L10 9z"})],-1)),an(" "+we(et(Ze)("@action:button","Forward securely")),1)]),j("button",{class:"w-100 btn rounded-md d-none",onClick:q},[x[8]\|\|(x[8]=j("svg",{xmlns:"http://www.w3.org/2000/svg",width:"1.5em",height:"1.5em",viewBox:"0 0 20 20"},[j("path",{fill:"currentColor",d:"m16.293 9l-3.39 3.39a.5.5 0 0 0 .639.765l.069-.058l4.243-4.243a.5.5 0 0 0 .057-.638l-.057-.07l-4.243-4.242a.5.5 0 0 0-.765.638l.058.07L16.293 8H10a7.5 7.5 0 0 0-7.496 7.258L2.5 15.5a.5.5 0 0 0 1 0a6.5 6.5 0 0 1 6.267-6.496L10 9z"})],-1)),an(" "+we(et(Ze)("@action:button","Reencrypt")),1)]),h.value?(Ie(),Oe("div",ZC,[x[11]\|\|(x[11]=j("h2",{class:"mb-0"},"Drafts",-1)),a.value.drafts.length>0?(Ie(),Oe("ul",ey,[(Ie(!0),Oe(ot,null,oa(a.value.drafts,$=>(Ie(),Oe("li",{key:$.id,class:"d-flex flex-row"},[j("button",{class:"btn w-100 d-flex flex-row align-items-center rounded-e-md",onClick:ee=>ae($.id)},[x[9]\|\|(x[9]=j("svg",{xmlns:"http://www.w3.org/2000/svg",width:"1.5em",height:"1.5em",viewBox:"0 0 20 20"},[j("path",{fill:"currentColor",d:"M15.5 3.001a2.5 2.5 0 0 1 2.5 2.5v3.633a2.9 2.9 0 0 0-1-.131V6.962l-6.746 3.97a.5.5 0 0 1-.426.038l-.082-.038L3 6.964v6.537a1.5 1.5 0 0 0 1.5 1.5h5.484c-.227.3-.4.639-.51 1H4.5a2.5 2.5 0 0 1-2.5-2.5v-8a2.5 2.5 0 0 1 2.5-2.5zm0 1h-11a1.5 1.5 0 0 0-1.5 1.5v.302l7 4.118l7-4.119v-.301a1.5 1.5 0 0 0-1.5-1.5m-4.52 11.376l4.83-4.83a1.87 1.87 0 1 1 2.644 2.646l-4.83 4.829a2.2 2.2 0 0 1-1.02.578l-1.498.374a.89.89 0 0 1-1.079-1.078l.375-1.498a2.2 2.2 0 0 1 .578-1.02"})],-1)),an(" "+we(et(Xe)("Last Modified: ")+Qe($.last_modification)),1)],8,ty),j("button",{class:"btn btn-danger ms-auto py-1 rounded-e-md",onClick:ee=>Be($.id)},[j("span",ry,we(et(Ze)("@action:button","Delete")),1),x[10]\|\|(x[10]=j("svg",{xmlns:"http://www.w3.org/2000/svg",width:"1em",height:"1em",viewBox:"0 0 24 24"},[j("path",{fill:"currentColor",d:"M10 5h4a2 2 0 1 0-4 0M8.5 5a3.5 3.5 0 1 1 7 0h5.75a.75.75 0 0 1 0 1.5h-1.32l-1.17 12.111A3.75 3.75 0 0 1 15.026 22H8.974a3.75 3.75 0 0 1-3.733-3.389L4.07 6.5H2.75a.75.75 0 0 1 0-1.5zm2 4.75a.75.75 0 0 0-1.5 0v7.5a.75.75 0 0 0 1.5 0zM14.25 9a.75.75 0 0 1 .75.75v7.5a.75.75 0 0 1-1.5 0v-7.5a.75.75 0 0 1 .75-.75m-7.516 9.467a2.25 2.25 0 0 0 2.24 2.033h6.052a2.25 2.25 0 0 0 2.24-2.033L18.424 6.5H5.576z"})],-1))],8,ny)]))),128))])):(Ie(),Oe("p",oy,we(et(Ze)("Placeholder","No draft found")),1))])):Yn("",!0)]))}},Oh=(0,eval)("this"),sy=Oh.Office;Oh.messages;sy.onReady(()=>{Qf(iy).mount("#app")});
	+Error Description: ${s.message}`)}return null}return r\|\|(this.logger.warning("The developer's authority was not found within the CloudInstanceDiscoveryMetadata returned from the network request."),this.logger.verbose("Creating custom Authority for custom domain scenario."),r=_e.createCloudDiscoveryMetadataFromHost(this.hostnameAndPort)),r}isInKnownAuthorities(){return this.authorityOptions.knownAuthorities.filter(t=>t&&Q.getDomainFromUrl(t).toLowerCase()===this.hostnameAndPort).length>0}static generateAuthority(e,t){let r;if(t&&t.azureCloudInstance!==cs.None){const o=t.tenant?t.tenant:C.DEFAULT_COMMON_TENANT;r=`${t.azureCloudInstance}/${o}/`}return r\|\|e}static createCloudDiscoveryMetadataFromHost(e){return{preferred_network:e,preferred_cache:e,aliases:[e]}}getPreferredCache(){if(this.managedIdentity)return C.DEFAULT_AUTHORITY_HOST;if(this.discoveryComplete())return this.metadata.preferred_cache;throw v(Ot)}isAlias(e){return this.metadata.aliases.indexOf(e)>-1}isAliasOfKnownMicrosoftAuthority(e){return Zl.has(e)}static isPublicCloudAuthority(e){return C.KNOWN_PUBLIC_CLOUDS.indexOf(e)>=0}static buildRegionalAuthorityString(e,t,r){const o=new Q(e);o.validateAsUri();const i=o.getUrlComponents();let s=`${t}.${i.HostNameAndPort}`;this.isPublicCloudAuthority(i.HostNameAndPort)&&(s=`${t}.${C.REGIONAL_AUTH_PUBLIC_CLOUD_SUFFIX}`);const a=Q.constructAuthorityUriFromObject({...o.getUrlComponents(),HostNameAndPort:s}).urlString;return r?`${a}?${r}`:a}static replaceWithRegionalInformation(e,t){const r={...e};return r.authorization_endpoint=_e.buildRegionalAuthorityString(r.authorization_endpoint,t),r.token_endpoint=_e.buildRegionalAuthorityString(r.token_endpoint,t),r.end_session_endpoint&&(r.end_session_endpoint=_e.buildRegionalAuthorityString(r.end_session_endpoint,t)),r}static transformCIAMAuthority(e){let t=e;const o=new Q(e).getUrlComponents();if(o.PathSegments.length===0&&o.HostNameAndPort.endsWith(C.CIAM_AUTH_URL)){const i=o.HostNameAndPort.split(".")[0];t=`${t}${i}${C.AAD_TENANT_DOMAIN_SUFFIX}`}return t}}_e.reservedTenantDomains=new Set(["{tenant}","{tenantid}",qt.COMMON,qt.CONSUMERS,qt.ORGANIZATIONS]);function Gp(n){var o;const r=(o=new Q(n).getUrlComponents().PathSegments.slice(-1)[0])==null?void 0:o.toLowerCase();switch(r){case qt.COMMON:case qt.ORGANIZATIONS:case qt.CONSUMERS:return;default:return r}}function Cd(n){return n.endsWith(C.FORWARD_SLASH)?n:`${n}${C.FORWARD_SLASH}`}function yd(n){const e=n.cloudDiscoveryMetadata;let t;if(e)try{t=JSON.parse(e)}catch{throw oe(ds)}return{canonicalAuthority:n.authority?Cd(n.authority):void 0,knownAuthorities:n.knownAuthorities,cloudDiscoveryMetadata:t}}/! @azure/msal-common v15.4.0 2025-03-25 /async function Td(n,e,t,r,o,i,s){s==null\|\|s.addQueueMeasurement(f.AuthorityFactoryCreateDiscoveredInstance,i);const a=_e.transformCIAMAuthority(Cd(n)),c=new _e(a,e,t,r,o,i,s);try{return await T(c.resolveEndpointsAsync.bind(c),f.AuthorityResolveEndpointsAsync,o,s,i)(),c}catch{throw v(Ot)}}/! @azure/msal-common v15.4.0 2025-03-25 /class en extends Z{constructor(e,t,r,o,i){super(e,t,r),this.name="ServerError",this.errorNo=o,this.status=i,Object.setPrototypeOf(this,en.prototype)}}/! @azure/msal-common v15.4.0 2025-03-25 /function Ro(n,e,t){var r;return{clientId:n,authority:e.authority,scopes:e.scopes,homeAccountIdentifier:t,claims:e.claims,authenticationScheme:e.authenticationScheme,resourceRequestMethod:e.resourceRequestMethod,resourceRequestUri:e.resourceRequestUri,shrClaims:e.shrClaims,sshKid:e.sshKid,embeddedClientId:e.embeddedClientId\|\|((r=e.tokenBodyParameters)==null?void 0:r.clientId)}}/! @azure/msal-common v15.4.0 2025-03-25 /class Ct{static generateThrottlingStorageKey(e){return`${or.THROTTLING_PREFIX}.${JSON.stringify(e)}`}static preProcess(e,t){var i;const r=Ct.generateThrottlingStorageKey(t),o=e.getThrottlingCache(r);if(o){if(o.throttleTime<Date.now()){e.removeItem(r);return}throw new en(((i=o.errorCodes)==null?void 0:i.join(" "))\|\|C.EMPTY_STRING,o.errorMessage,o.subError)}}static postProcess(e,t,r){if(Ct.checkResponseStatus(r)\|\|Ct.checkResponseForRetryAfter(r)){const o={throttleTime:Ct.calculateThrottleTime(parseInt(r.headers[Me.RETRY_AFTER])),error:r.body.error,errorCodes:r.body.error_codes,errorMessage:r.body.error_description,subError:r.body.suberror};e.setThrottlingCache(Ct.generateThrottlingStorageKey(t),o)}}static checkResponseStatus(e){return e.status===429\|\|e.status>=500&&e.status<600}static checkResponseForRetryAfter(e){return e.headers?e.headers.hasOwnProperty(Me.RETRY_AFTER)&&(e.status<200\|\|e.status>=300):!1}static calculateThrottleTime(e){const t=e<=0?0:e,r=Date.now()/1e3;return Math.floor(Math.min(r+(t\|\|or.DEFAULT_THROTTLE_TIME_SECONDS),r+or.DEFAULT_MAX_THROTTLE_TIME_SECONDS)1e3)}static removeThrottle(e,t,r,o){const i=Ro(t,r,o),s=this.generateThrottlingStorageKey(i);e.removeItem(s)}}/! @azure/msal-common v15.4.0 2025-03-25 /class Oo extends Z{constructor(e,t,r){super(e.errorCode,e.errorMessage,e.subError),Object.setPrototypeOf(this,Oo.prototype),this.name="NetworkError",this.error=e,this.httpStatus=t,this.responseHeaders=r}}function $a(n,e,t){return new Oo(n,e,t)}/! @azure/msal-common v15.4.0 2025-03-25 /class Es{constructor(e,t){this.config=Bg(e),this.logger=new Ht(this.config.loggerOptions,Nl,as),this.cryptoUtils=this.config.cryptoInterface,this.cacheManager=this.config.storageInterface,this.networkClient=this.config.networkInterface,this.serverTelemetryManager=this.config.serverTelemetryManager,this.authority=this.config.authOptions.authority,this.performanceClient=t}createTokenRequestHeaders(e){const t={};if(t[Me.CONTENT_TYPE]=C.URL_FORM_CONTENT_TYPE,!this.config.systemOptions.preventCorsPreflight&&e)switch(e.type){case it.HOME_ACCOUNT_ID:try{const r=xn(e.credential);t[Me.CCS_HEADER]=`Oid:${r.uid}@${r.utid}`}catch(r){this.logger.verbose("Could not parse home account ID for CCS Header: "+r)}break;case it.UPN:t[Me.CCS_HEADER]=`UPN: ${e.credential}`;break}return t}async executePostToTokenEndpoint(e,t,r,o,i,s){var c;s&&((c=this.performanceClient)==null\|\|c.addQueueMeasurement(s,i));const a=await this.sendPostRequest(o,e,{body:t,headers:r},i);return this.config.serverTelemetryManager&&a.status<500&&a.status!==429&&this.config.serverTelemetryManager.clearTelemetryCache(),a}async sendPostRequest(e,t,r,o){var s,a,c;Ct.preProcess(this.cacheManager,e);let i;try{i=await T(this.networkClient.sendPostRequestAsync.bind(this.networkClient),f.NetworkClientSendPostRequestAsync,this.logger,this.performanceClient,o)(t,r);const d=i.headers\|\|{};(a=this.performanceClient)==null\|\|a.addFields({refreshTokenSize:((s=i.body.refresh_token)==null?void 0:s.length)\|\|0,httpVerToken:d[Me.X_MS_HTTP_VERSION]\|\|"",requestId:d[Me.X_MS_REQUEST_ID]\|\|""},o)}catch(d){if(d instanceof Oo){const l=d.responseHeaders;throw l&&((c=this.performanceClient)==null\|\|c.addFields({httpVerToken:l[Me.X_MS_HTTP_VERSION]\|\|"",requestId:l[Me.X_MS_REQUEST_ID]\|\|"",contentTypeHeader:l[Me.CONTENT_TYPE]\|\|void 0,contentLengthHeader:l[Me.CONTENT_LENGTH]\|\|void 0,httpStatus:d.httpStatus},o)),d.error}throw d instanceof Z?d:v(pl)}return Ct.postProcess(this.cacheManager,e,i),i}async updateAuthority(e,t){var i;(i=this.performanceClient)==null\|\|i.addQueueMeasurement(f.UpdateTokenEndpointAuthority,t);const r=`https://${e}/${this.authority.tenant}/`,o=await Td(r,this.networkClient,this.cacheManager,this.authority.options,this.logger,t,this.performanceClient);this.authority=o}createTokenQueryParameters(e){const t=new Map;return e.embeddedClientId&&bo(t,this.config.authOptions.clientId,this.config.authOptions.redirectUri),e.tokenQueryParameters&&hn(t,e.tokenQueryParameters),Ts(t,e.correlationId),So(t,e.correlationId,this.performanceClient),fr(t)}}/! @azure/msal-common v15.4.0 2025-03-25 /const ro="no_tokens_found",Ad="native_account_unavailable",_s="refresh_token_expired",$p="interaction_required",zp="consent_required",qp="login_required",Po="bad_token";/! @azure/msal-common v15.4.0 2025-03-25 /const za=[$p,zp,qp,Po],Vp=["message_only","additional_action","basic_action","user_password_expired","consent_required","bad_token"],jp={[ro]:"No refresh token found in the cache. Please sign-in.",[Ad]:"The requested account is not available in the native broker. It may have been deleted or logged out. Please sign-in again using an interactive API.",[_s]:"Refresh token has expired.",[Po]:"Identity provider returned bad_token due to an expired or invalid refresh token. Please invoke an interactive API to resolve."};class nt extends Z{constructor(e,t,r,o,i,s,a,c){super(e,t,r),Object.setPrototypeOf(this,nt.prototype),this.timestamp=o\|\|C.EMPTY_STRING,this.traceId=i\|\|C.EMPTY_STRING,this.correlationId=s\|\|C.EMPTY_STRING,this.claims=a\|\|C.EMPTY_STRING,this.name="InteractionRequiredAuthError",this.errorNo=c}}function vd(n,e,t){const r=!!n&&za.indexOf(n)>-1,o=!!t&&Vp.indexOf(t)>-1,i=!!e&&za.some(s=>e.indexOf(s)>-1);return r\|\|i\|\|o}function Ii(n){return new nt(n,jp[n])}/! @azure/msal-common v15.4.0 2025-03-25 /class Kn{static setRequestState(e,t,r){const o=Kn.generateLibraryState(e,r);return t?`${o}${C.RESOURCE_DELIM}${t}`:o}static generateLibraryState(e,t){if(!e)throw v(yi);const r={id:e.createNewGuid()};t&&(r.meta=t);const o=JSON.stringify(r);return e.base64Encode(o)}static parseRequestState(e,t){if(!e)throw v(yi);if(!t)throw v(Un);try{const r=t.split(C.RESOURCE_DELIM),o=r[0],i=r.length>1?r.slice(1).join(C.RESOURCE_DELIM):C.EMPTY_STRING,s=e.base64Decode(o),a=JSON.parse(s);return{userRequestState:i\|\|C.EMPTY_STRING,libraryState:a}}catch{throw v(Un)}}}/! @azure/msal-common v15.4.0 2025-03-25 /const Wp={SW:"sw"};class Dn{constructor(e,t){this.cryptoUtils=e,this.performanceClient=t}async generateCnf(e,t){var i;(i=this.performanceClient)==null\|\|i.addQueueMeasurement(f.PopTokenGenerateCnf,e.correlationId);const r=await T(this.generateKid.bind(this),f.PopTokenGenerateCnf,t,this.performanceClient,e.correlationId)(e),o=this.cryptoUtils.base64UrlEncode(JSON.stringify(r));return{kid:r.kid,reqCnfString:o}}async generateKid(e){var r;return(r=this.performanceClient)==null\|\|r.addQueueMeasurement(f.PopTokenGenerateKid,e.correlationId),{kid:await this.cryptoUtils.getPublicKeyThumbprint(e),xms_ksl:Wp.SW}}async signPopToken(e,t,r){return this.signPayload(e,t,r)}async signPayload(e,t,r,o){const{resourceRequestMethod:i,resourceRequestUri:s,shrClaims:a,shrNonce:c,shrOptions:d}=r,l=s?new Q(s):void 0,h=l==null?void 0:l.getUrlComponents();return this.cryptoUtils.signJwt({at:e,ts:Fe(),m:i==null?void 0:i.toUpperCase(),u:h==null?void 0:h.HostNameAndPort,nonce:c\|\|this.cryptoUtils.createNewGuid(),p:h==null?void 0:h.AbsolutePath,q:h!=null&&h.QueryString?[[],h.QueryString]:void 0,client_claims:a\|\|void 0,...o},t,d,r.correlationId)}}/! @azure/msal-common v15.4.0 2025-03-25 /class Yp{constructor(e,t){this.cache=e,this.hasChanged=t}get cacheHasChanged(){return this.hasChanged}get tokenCache(){return this.cache}}/! @azure/msal-common v15.4.0 2025-03-25 */class pn{constructor(e,t,r,o,i,s,a){this.clientId=e,this.cacheStorage=t,this.cryptoObj=r,this.logger=o,this.serializableCache=i,this.persistencePlugin=s,this.performanceClient=a}validateTokenResponse(e,t){var r;if(e.error\|\|e.error_description\|\|e.suberror){const o=`Error(s): ${e.error_codes\|\|C.NOT_AVAILABLE} - Timestamp: ${e.timestamp\|\|C.NOT_AVAILABLE} - Description: ${e.error_description\|\|C.NOT_AVAILABLE} - Correlation ID: ${e.correlation_id\|\|C.NOT_AVAILABLE} - Trace ID: ${e.trace_id\|\|C.NOT_AVAILABLE}`,i=(r=e.error_codes)!=null&&r.length?e.error_codes[0]:void 0,s=new en(e.error,o,e.suberror,i,e.status);if(t&&e.status&&e.status>=Sr.SERVER_ERROR_RANGE_START&&e.status<=Sr.SERVER_ERROR_RANGE_END){this.logger.warning(`executeTokenRequest:validateTokenResponse - AAD is currently unavailable and the access token is unable to be refreshed.
	+${s}`);return}else if(t&&e.status&&e.status>=Sr.CLIENT_ERROR_RANGE_START&&e.status<=Sr.CLIENT_ERROR_RANGE_END){this.logger.warning(`executeTokenRequest:validateTokenResponse - AAD is currently available but is unable to refresh the access token.
	+${s}`);return}throw vd(e.error,e.error_description,e.suberror)?new nt(e.error,e.error_description,e.suberror,e.timestamp\|\|C.EMPTY_STRING,e.trace_id\|\|C.EMPTY_STRING,e.correlation_id\|\|C.EMPTY_STRING,e.claims\|\|C.EMPTY_STRING,i):s}}async handleServerTokenResponse(e,t,r,o,i,s,a,c,d){var b;(b=this.performanceClient)==null\|\|b.addQueueMeasurement(f.HandleServerTokenResponse,e.correlation_id);let l;if(e.id_token){if(l=Yt(e.id_token\|\|C.EMPTY_STRING,this.cryptoObj.base64Decode),i&&i.nonce&&l.nonce!==i.nonce)throw v(Tl);if(o.maxAge\|\|o.maxAge===0){const S=l.auth_time;if(!S)throw v(rs);Ml(S,o.maxAge)}}this.homeAccountIdentifier=Oe.generateHomeAccountId(e.client_info\|\|C.EMPTY_STRING,t.authorityType,this.logger,this.cryptoObj,l);let h;i&&i.state&&(h=Kn.parseRequestState(this.cryptoObj,i.state)),e.key_id=e.key_id\|\|o.sshKid\|\|void 0;const p=this.generateCacheRecord(e,t,r,o,l,s,i);let y;try{if(this.persistencePlugin&&this.serializableCache&&(this.logger.verbose("Persistence enabled, calling beforeCacheAccess"),y=new Yp(this.serializableCache,!0),await this.persistencePlugin.beforeCacheAccess(y)),a&&!c&&p.account){const S=p.account.generateAccountKey();if(!this.cacheStorage.getAccount(S))return this.logger.warning("Account used to refresh tokens not in persistence, refreshed tokens will not be stored in the cache"),await pn.generateAuthenticationResult(this.cryptoObj,t,p,!1,o,l,h,void 0,d)}await this.cacheStorage.saveCacheRecord(p,o.correlationId,o.storeInCache)}finally{this.persistencePlugin&&this.serializableCache&&y&&(this.logger.verbose("Persistence enabled, calling afterCacheAccess"),await this.persistencePlugin.afterCacheAccess(y))}return pn.generateAuthenticationResult(this.cryptoObj,t,p,!1,o,l,h,e,d)}generateCacheRecord(e,t,r,o,i,s,a){const c=t.getPreferredCache();if(!c)throw v(is);const d=Ql(i);let l,h;e.id_token&&i&&(l=Ao(this.homeAccountIdentifier,c,e.id_token,this.clientId,d\|\|""),h=Ss(this.cacheStorage,t,this.homeAccountIdentifier,this.cryptoObj.base64Decode,i,e.client_info,c,d,a,void 0,this.logger));let p=null;if(e.access_token){const S=e.scope?fe.fromString(e.scope):new fe(o.scopes\|\|[]),q=(typeof e.expires_in=="string"?parseInt(e.expires_in,10):e.expires_in)\|\|0,D=(typeof e.ext_expires_in=="string"?parseInt(e.ext_expires_in,10):e.ext_expires_in)\|\|0,V=(typeof e.refresh_in=="string"?parseInt(e.refresh_in,10):e.refresh_in)\|\|void 0,J=r+q,H=J+D,ae=V&&V>0?r+V:void 0;p=vo(this.homeAccountIdentifier,c,e.access_token,this.clientId,d\|\|t.tenant\|\|"",S.printScopes(),J,H,this.cryptoObj.base64Decode,ae,e.token_type,s,e.key_id,o.claims,o.requestedClaimsHash)}let y=null;if(e.refresh_token){let S;if(e.refresh_token_expires_in){const q=typeof e.refresh_token_expires_in=="string"?parseInt(e.refresh_token_expires_in,10):e.refresh_token_expires_in;S=r+q}y=Hl(this.homeAccountIdentifier,c,e.refresh_token,this.clientId,e.foci,s,S)}let b=null;return e.foci&&(b={clientId:this.clientId,environment:c,familyId:e.foci}),{account:h,idToken:l,accessToken:p,refreshToken:y,appMetadata:b}}static async generateAuthenticationResult(e,t,r,o,i,s,a,c,d){var J,H,ae,Be,me;let l=C.EMPTY_STRING,h=[],p=null,y,b,S=C.EMPTY_STRING;if(r.accessToken){if(r.accessToken.tokenType===X.POP&&!i.popKid){const Ye=new Dn(e),{secret:Ut,keyId:Qe}=r.accessToken;if(!Qe)throw v(ss);l=await Ye.signPopToken(Ut,Qe,i)}else l=r.accessToken.secret;h=fe.fromString(r.accessToken.target).asArray(),p=xt(r.accessToken.expiresOn),y=xt(r.accessToken.extendedExpiresOn),r.accessToken.refreshOn&&(b=xt(r.accessToken.refreshOn))}r.appMetadata&&(S=r.appMetadata.familyId===rr?rr:"");const q=(s==null?void 0:s.oid)\|\|(s==null?void 0:s.sub)\|\|"",D=(s==null?void 0:s.tid)\|\|"";c!=null&&c.spa_accountid&&r.account&&(r.account.nativeAccountId=c==null?void 0:c.spa_accountid);const V=r.account?us(r.account.getAccountInfo(),void 0,s,(J=r.idToken)==null?void 0:J.secret):null;return{authority:t.canonicalAuthority,uniqueId:q,tenantId:D,scopes:h,account:V,idToken:((H=r==null?void 0:r.idToken)==null?void 0:H.secret)\|\|"",idTokenClaims:s\|\|{},accessToken:l,fromCache:o,expiresOn:p,extExpiresOn:y,refreshOn:b,correlationId:i.correlationId,requestId:d\|\|C.EMPTY_STRING,familyId:S,tokenType:((ae=r.accessToken)==null?void 0:ae.tokenType)\|\|C.EMPTY_STRING,state:a?a.userRequestState:C.EMPTY_STRING,cloudGraphHostName:((Be=r.account)==null?void 0:Be.cloudGraphHostName)\|\|C.EMPTY_STRING,msGraphHost:((me=r.account)==null?void 0:me.msGraphHost)\|\|C.EMPTY_STRING,code:c==null?void 0:c.spa_code,fromNativeBroker:!1}}}function Ss(n,e,t,r,o,i,s,a,c,d,l){l==null\|\|l.verbose("setCachedAccount called");const p=n.getAccountKeys().find(D=>D.startsWith(t));let y=null;p&&(y=n.getAccount(p));const b=y\|\|Oe.createAccount({homeAccountId:t,idTokenClaims:o,clientInfo:i,environment:s,cloudGraphHostName:c==null?void 0:c.cloud_graph_host_name,msGraphHost:c==null?void 0:c.msgraph_host,nativeAccountId:d},e,r),S=b.tenantProfiles\|\|[],q=a\|\|b.realm;if(q&&!S.find(D=>D.tenantId===q)){const D=_o(t,b.localAccountId,q,o);S.push(D)}return b.tenantProfiles=S,b}/! @azure/msal-common v15.4.0 2025-03-25 /class Qp{static validateRedirectUri(e){if(!e)throw oe(Ll)}static validatePrompt(e){const t=[];for(const r in ve)t.push(ve[r]);if(t.indexOf(e)<0)throw oe(Kl)}static validateClaims(e){try{JSON.parse(e)}catch{throw oe(wo)}}static validateCodeChallengeParams(e,t){if(!e\|\|!t)throw oe(Io);this.validateCodeChallengeMethod(t)}static validateCodeChallengeMethod(e){if([Pa.PLAIN,Pa.S256].indexOf(e)<0)throw oe($l)}}/! @azure/msal-common v15.4.0 2025-03-25 /async function wd(n,e,t){return typeof n=="string"?n:n({clientId:e,tokenEndpoint:t})}/! @azure/msal-common v15.4.0 2025-03-25 /class Id extends Es{constructor(e,t){var r;super(e,t),this.includeRedirectUri=!0,this.oidcDefaultScopes=(r=this.config.authOptions.authority.options.OIDCOptions)==null?void 0:r.defaultScopes}async acquireToken(e,t){var a,c;if((a=this.performanceClient)==null\|\|a.addQueueMeasurement(f.AuthClientAcquireToken,e.correlationId),!e.code)throw v(wl);const r=Fe(),o=await T(this.executeTokenRequest.bind(this),f.AuthClientExecuteTokenRequest,this.logger,this.performanceClient,e.correlationId)(this.authority,e),i=(c=o.headers)==null?void 0:c[Me.X_MS_REQUEST_ID],s=new pn(this.config.authOptions.clientId,this.cacheManager,this.cryptoUtils,this.logger,this.config.serializableCache,this.config.persistencePlugin,this.performanceClient);return s.validateTokenResponse(o.body),T(s.handleServerTokenResponse.bind(s),f.HandleServerTokenResponse,this.logger,this.performanceClient,e.correlationId)(o.body,this.authority,r,e,t,void 0,void 0,void 0,i)}getLogoutUri(e){if(!e)throw oe(Gl);const t=this.createLogoutUrlQueryString(e);return Q.appendQueryString(this.authority.endSessionEndpoint,t)}async executeTokenRequest(e,t){var d;(d=this.performanceClient)==null\|\|d.addQueueMeasurement(f.AuthClientExecuteTokenRequest,t.correlationId);const r=this.createTokenQueryParameters(t),o=Q.appendQueryString(e.tokenEndpoint,r),i=await T(this.createTokenRequestBody.bind(this),f.AuthClientCreateTokenRequestBody,this.logger,this.performanceClient,t.correlationId)(t);let s;if(t.clientInfo)try{const l=Jr(t.clientInfo,this.cryptoUtils.base64Decode);s={credential:`${l.uid}${ke.CLIENT_INFO_SEPARATOR}${l.utid}`,type:it.HOME_ACCOUNT_ID}}catch(l){this.logger.verbose("Could not parse client info for CCS Header: "+l)}const a=this.createTokenRequestHeaders(s\|\|t.ccsCredential),c=Ro(this.config.authOptions.clientId,t);return T(this.executePostToTokenEndpoint.bind(this),f.AuthorizationCodeClientExecutePostToTokenEndpoint,this.logger,this.performanceClient,t.correlationId)(o,i,a,c,t.correlationId,f.AuthorizationCodeClientExecutePostToTokenEndpoint)}async createTokenRequestBody(e){var o,i;(o=this.performanceClient)==null\|\|o.addQueueMeasurement(f.AuthClientCreateTokenRequestBody,e.correlationId);const t=new Map;if(ms(t,e.embeddedClientId\|\|((i=e.tokenBodyParameters)==null?void 0:i[gn])\|\|this.config.authOptions.clientId),this.includeRedirectUri?Cs(t,e.redirectUri):Qp.validateRedirectUri(e.redirectUri),ps(t,e.scopes,!0,this.oidcDefaultScopes),Mp(t,e.code),As(t,this.config.libraryInfo),vs(t,this.config.telemetry.application),md(t),this.serverTelemetryManager&&!nd(this.config)&&pd(t,this.serverTelemetryManager),e.codeVerifier&&Hp(t,e.codeVerifier),this.config.clientCredentials.clientSecret&&cd(t,this.config.clientCredentials.clientSecret),this.config.clientCredentials.clientAssertion){const s=this.config.clientCredentials.clientAssertion;ld(t,await wd(s.assertion,this.config.authOptions.clientId,e.resourceRequestUri)),dd(t,s.assertionType)}if(hd(t,ul.AUTHORIZATION_CODE_GRANT),ws(t),e.authenticationScheme===X.POP){const s=new Dn(this.cryptoUtils,this.performanceClient);let a;e.popKid?a=this.cryptoUtils.encodeKid(e.popKid):a=(await T(s.generateCnf.bind(s),f.PopTokenGenerateCnf,this.logger,this.performanceClient,e.correlationId)(e,this.logger)).reqCnfString,Is(t,a)}else if(e.authenticationScheme===X.SSH)if(e.sshJwk)gd(t,e.sshJwk);else throw oe(Eo);(!at.isEmptyObj(e.claims)\|\|this.config.authOptions.clientCapabilities&&this.config.authOptions.clientCapabilities.length>0)&&ys(t,e.claims,this.config.authOptions.clientCapabilities);let r;if(e.clientInfo)try{const s=Jr(e.clientInfo,this.cryptoUtils.base64Decode);r={credential:`${s.uid}${ke.CLIENT_INFO_SEPARATOR}${s.utid}`,type:it.HOME_ACCOUNT_ID}}catch(s){this.logger.verbose("Could not parse client info for CCS Header: "+s)}else r=e.ccsCredential;if(this.config.systemOptions.preventCorsPreflight&&r)switch(r.type){case it.HOME_ACCOUNT_ID:try{const s=xn(r.credential);sr(t,s)}catch(s){this.logger.verbose("Could not parse home account ID for CCS Header: "+s)}break;case it.UPN:no(t,r.credential);break}return e.embeddedClientId&&bo(t,this.config.authOptions.clientId,this.config.authOptions.redirectUri),e.tokenBodyParameters&&hn(t,e.tokenBodyParameters),e.enableSpaAuthorizationCode&&(!e.tokenBodyParameters\|\|!e.tokenBodyParameters[Ba])&&hn(t,{[Ba]:"1"}),So(t,e.correlationId,this.performanceClient),fr(t)}createLogoutUrlQueryString(e){const t=new Map;return e.postLogoutRedirectUri&&bp(t,e.postLogoutRedirectUri),e.correlationId&&Ts(t,e.correlationId),e.idTokenHint&&kp(t,e.idTokenHint),e.state&&ad(t,e.state),e.logoutHint&&Lp(t,e.logoutHint),e.extraQueryParameters&&hn(t,e.extraQueryParameters),this.config.authOptions.instanceAware&&ud(t),fr(t)}}/! @azure/msal-common v15.4.0 2025-03-25 /const Jp=300;class Xp extends Es{constructor(e,t){super(e,t)}async acquireToken(e){var s,a;(s=this.performanceClient)==null\|\|s.addQueueMeasurement(f.RefreshTokenClientAcquireToken,e.correlationId);const t=Fe(),r=await T(this.executeTokenRequest.bind(this),f.RefreshTokenClientExecuteTokenRequest,this.logger,this.performanceClient,e.correlationId)(e,this.authority),o=(a=r.headers)==null?void 0:a[Me.X_MS_REQUEST_ID],i=new pn(this.config.authOptions.clientId,this.cacheManager,this.cryptoUtils,this.logger,this.config.serializableCache,this.config.persistencePlugin);return i.validateTokenResponse(r.body),T(i.handleServerTokenResponse.bind(i),f.HandleServerTokenResponse,this.logger,this.performanceClient,e.correlationId)(r.body,this.authority,t,e,void 0,void 0,!0,e.forceCache,o)}async acquireTokenByRefreshToken(e){var r;if(!e)throw oe(Bl);if((r=this.performanceClient)==null\|\|r.addQueueMeasurement(f.RefreshTokenClientAcquireTokenByRefreshToken,e.correlationId),!e.account)throw v(os);if(this.cacheManager.isAppMetadataFOCI(e.account.environment))try{return await T(this.acquireTokenWithCachedRefreshToken.bind(this),f.RefreshTokenClientAcquireTokenWithCachedRefreshToken,this.logger,this.performanceClient,e.correlationId)(e,!0)}catch(o){const i=o instanceof nt&&o.errorCode===ro,s=o instanceof en&&o.errorCode===Na.INVALID_GRANT_ERROR&&o.subError===Na.CLIENT_MISMATCH_ERROR;if(i\|\|s)return T(this.acquireTokenWithCachedRefreshToken.bind(this),f.RefreshTokenClientAcquireTokenWithCachedRefreshToken,this.logger,this.performanceClient,e.correlationId)(e,!1);throw o}return T(this.acquireTokenWithCachedRefreshToken.bind(this),f.RefreshTokenClientAcquireTokenWithCachedRefreshToken,this.logger,this.performanceClient,e.correlationId)(e,!1)}async acquireTokenWithCachedRefreshToken(e,t){var i,s,a;(i=this.performanceClient)==null\|\|i.addQueueMeasurement(f.RefreshTokenClientAcquireTokenWithCachedRefreshToken,e.correlationId);const r=lt(this.cacheManager.getRefreshToken.bind(this.cacheManager),f.CacheManagerGetRefreshToken,this.logger,this.performanceClient,e.correlationId)(e.account,t,void 0,this.performanceClient,e.correlationId);if(!r)throw Ii(ro);if(r.expiresOn&&Qr(r.expiresOn,e.refreshTokenExpirationOffsetSeconds\|\|Jp))throw(s=this.performanceClient)==null\|\|s.addFields({rtExpiresOnMs:Number(r.expiresOn)},e.correlationId),Ii(_s);const o={...e,refreshToken:r.secret,authenticationScheme:e.authenticationScheme\|\|X.BEARER,ccsCredential:{credential:e.account.homeAccountId,type:it.HOME_ACCOUNT_ID}};try{return await T(this.acquireToken.bind(this),f.RefreshTokenClientAcquireToken,this.logger,this.performanceClient,e.correlationId)(o)}catch(c){if(c instanceof nt&&((a=this.performanceClient)==null\|\|a.addFields({rtExpiresOnMs:Number(r.expiresOn)},e.correlationId),c.subError===Po)){this.logger.verbose("acquireTokenWithRefreshToken: bad refresh token, removing from cache");const d=ir(r);this.cacheManager.removeRefreshToken(d)}throw c}}async executeTokenRequest(e,t){var c;(c=this.performanceClient)==null\|\|c.addQueueMeasurement(f.RefreshTokenClientExecuteTokenRequest,e.correlationId);const r=this.createTokenQueryParameters(e),o=Q.appendQueryString(t.tokenEndpoint,r),i=await T(this.createTokenRequestBody.bind(this),f.RefreshTokenClientCreateTokenRequestBody,this.logger,this.performanceClient,e.correlationId)(e),s=this.createTokenRequestHeaders(e.ccsCredential),a=Ro(this.config.authOptions.clientId,e);return T(this.executePostToTokenEndpoint.bind(this),f.RefreshTokenClientExecutePostToTokenEndpoint,this.logger,this.performanceClient,e.correlationId)(o,i,s,a,e.correlationId,f.RefreshTokenClientExecutePostToTokenEndpoint)}async createTokenRequestBody(e){var r,o,i;(r=this.performanceClient)==null\|\|r.addQueueMeasurement(f.RefreshTokenClientCreateTokenRequestBody,e.correlationId);const t=new Map;if(ms(t,e.embeddedClientId\|\|((o=e.tokenBodyParameters)==null?void 0:o[gn])\|\|this.config.authOptions.clientId),e.redirectUri&&Cs(t,e.redirectUri),ps(t,e.scopes,!0,(i=this.config.authOptions.authority.options.OIDCOptions)==null?void 0:i.defaultScopes),hd(t,ul.REFRESH_TOKEN_GRANT),ws(t),As(t,this.config.libraryInfo),vs(t,this.config.telemetry.application),md(t),this.serverTelemetryManager&&!nd(this.config)&&pd(t,this.serverTelemetryManager),xp(t,e.refreshToken),this.config.clientCredentials.clientSecret&&cd(t,this.config.clientCredentials.clientSecret),this.config.clientCredentials.clientAssertion){const s=this.config.clientCredentials.clientAssertion;ld(t,await wd(s.assertion,this.config.authOptions.clientId,e.resourceRequestUri)),dd(t,s.assertionType)}if(e.authenticationScheme===X.POP){const s=new Dn(this.cryptoUtils,this.performanceClient);let a;e.popKid?a=this.cryptoUtils.encodeKid(e.popKid):a=(await T(s.generateCnf.bind(s),f.PopTokenGenerateCnf,this.logger,this.performanceClient,e.correlationId)(e,this.logger)).reqCnfString,Is(t,a)}else if(e.authenticationScheme===X.SSH)if(e.sshJwk)gd(t,e.sshJwk);else throw oe(Eo);if((!at.isEmptyObj(e.claims)\|\|this.config.authOptions.clientCapabilities&&this.config.authOptions.clientCapabilities.length>0)&&ys(t,e.claims,this.config.authOptions.clientCapabilities),this.config.systemOptions.preventCorsPreflight&&e.ccsCredential)switch(e.ccsCredential.type){case it.HOME_ACCOUNT_ID:try{const s=xn(e.ccsCredential.credential);sr(t,s)}catch(s){this.logger.verbose("Could not parse home account ID for CCS Header: "+s)}break;case it.UPN:no(t,e.ccsCredential.credential);break}return e.embeddedClientId&&bo(t,this.config.authOptions.clientId,this.config.authOptions.redirectUri),e.tokenBodyParameters&&hn(t,e.tokenBodyParameters),So(t,e.correlationId,this.performanceClient),fr(t)}}/! @azure/msal-common v15.4.0 2025-03-25 /class Zp extends Es{constructor(e,t){super(e,t)}async acquireCachedToken(e){var c;(c=this.performanceClient)==null\|\|c.addQueueMeasurement(f.SilentFlowClientAcquireCachedToken,e.correlationId);let t=cn.NOT_APPLICABLE;if(e.forceRefresh\|\|!this.config.cacheOptions.claimsBasedCachingEnabled&&!at.isEmptyObj(e.claims))throw this.setCacheOutcome(cn.FORCE_REFRESH_OR_CLAIMS,e.correlationId),v(Vt);if(!e.account)throw v(os);const r=e.account.tenantId\|\|Gp(e.authority),o=this.cacheManager.getTokenKeys(),i=this.cacheManager.getAccessToken(e.account,e,o,r,this.performanceClient,e.correlationId);if(i){if(xl(i.cachedAt)\|\|Qr(i.expiresOn,this.config.systemOptions.tokenRenewalOffsetSeconds))throw this.setCacheOutcome(cn.CACHED_ACCESS_TOKEN_EXPIRED,e.correlationId),v(Vt);i.refreshOn&&Qr(i.refreshOn,0)&&(t=cn.PROACTIVELY_REFRESHED)}else throw this.setCacheOutcome(cn.NO_CACHED_ACCESS_TOKEN,e.correlationId),v(Vt);const s=e.authority\|\|this.authority.getPreferredCache(),a={account:this.cacheManager.readAccountFromCache(e.account),accessToken:i,idToken:this.cacheManager.getIdToken(e.account,o,r,this.performanceClient,e.correlationId),refreshToken:null,appMetadata:this.cacheManager.readAppMetadataFromCache(s)};return this.setCacheOutcome(t,e.correlationId),this.config.serverTelemetryManager&&this.config.serverTelemetryManager.incrementCacheHits(),[await T(this.generateResultFromCacheRecord.bind(this),f.SilentFlowClientGenerateResultFromCacheRecord,this.logger,this.performanceClient,e.correlationId)(a,e),t]}setCacheOutcome(e,t){var r,o;(r=this.serverTelemetryManager)==null\|\|r.setCacheOutcome(e),(o=this.performanceClient)==null\|\|o.addFields({cacheOutcome:e},t),e!==cn.NOT_APPLICABLE&&this.logger.info(`Token refresh is required due to cache outcome: ${e}`)}async generateResultFromCacheRecord(e,t){var o;(o=this.performanceClient)==null\|\|o.addQueueMeasurement(f.SilentFlowClientGenerateResultFromCacheRecord,t.correlationId);let r;if(e.idToken&&(r=Yt(e.idToken.secret,this.config.cryptoInterface.base64Decode)),t.maxAge\|\|t.maxAge===0){const i=r==null?void 0:r.auth_time;if(!i)throw v(rs);Ml(i,t.maxAge)}return pn.generateAuthenticationResult(this.cryptoUtils,this.authority,e,!0,t,r)}}/! @azure/msal-common v15.4.0 2025-03-25 /const em={sendGetRequestAsync:()=>Promise.reject(v(z)),sendPostRequestAsync:()=>Promise.reject(v(z))};/! @azure/msal-common v15.4.0 2025-03-25 /function tm(n,e,t,r){var a,c;const o=e.correlationId,i=new Map;ms(i,e.embeddedClientId\|\|((a=e.extraQueryParameters)==null?void 0:a[gn])\|\|n.clientId);const s=[...e.scopes\|\|[],...e.extraScopesToConsent\|\|[]];if(ps(i,s,!0,(c=n.authority.options.OIDCOptions)==null?void 0:c.defaultScopes),Cs(i,e.redirectUri),Ts(i,o),_p(i,e.responseMode),ws(i),e.prompt&&(Op(i,e.prompt),r==null\|\|r.addFields({prompt:e.prompt},o)),e.domainHint&&(Rp(i,e.domainHint),r==null\|\|r.addFields({domainHintFromRequest:!0},o)),e.prompt!==ve.SELECT_ACCOUNT)if(e.sid&&e.prompt===ve.NONE)t.verbose("createAuthCodeUrlQueryString: Prompt is none, adding sid from request"),Ga(i,e.sid),r==null\|\|r.addFields({sidFromRequest:!0},o);else if(e.account){const d=om(e.account);let l=im(e.account);if(l&&e.domainHint&&(t.warning('AuthorizationCodeClient.createAuthCodeUrlQueryString: "domainHint" param is set, skipping opaque "login_hint" claim. Please consider not passing domainHint'),l=null),l){t.verbose("createAuthCodeUrlQueryString: login_hint claim present on account"),Pr(i,l),r==null\|\|r.addFields({loginHintFromClaim:!0},o);try{const h=xn(e.account.homeAccountId);sr(i,h)}catch{t.verbose("createAuthCodeUrlQueryString: Could not parse home account ID for CCS Header")}}else if(d&&e.prompt===ve.NONE){t.verbose("createAuthCodeUrlQueryString: Prompt is none, adding sid from account"),Ga(i,d),r==null\|\|r.addFields({sidFromClaim:!0},o);try{const h=xn(e.account.homeAccountId);sr(i,h)}catch{t.verbose("createAuthCodeUrlQueryString: Could not parse home account ID for CCS Header")}}else if(e.loginHint)t.verbose("createAuthCodeUrlQueryString: Adding login_hint from request"),Pr(i,e.loginHint),no(i,e.loginHint),r==null\|\|r.addFields({loginHintFromRequest:!0},o);else if(e.account.username){t.verbose("createAuthCodeUrlQueryString: Adding login_hint from account"),Pr(i,e.account.username),r==null\|\|r.addFields({loginHintFromUpn:!0},o);try{const h=xn(e.account.homeAccountId);sr(i,h)}catch{t.verbose("createAuthCodeUrlQueryString: Could not parse home account ID for CCS Header")}}}else e.loginHint&&(t.verbose("createAuthCodeUrlQueryString: No account, adding login_hint from request"),Pr(i,e.loginHint),no(i,e.loginHint),r==null\|\|r.addFields({loginHintFromRequest:!0},o));else t.verbose("createAuthCodeUrlQueryString: Prompt is select_account, ignoring account hints");return e.nonce&&Pp(i,e.nonce),e.state&&ad(i,e.state),(e.claims\|\|n.clientCapabilities&&n.clientCapabilities.length>0)&&ys(i,e.claims,n.clientCapabilities),e.embeddedClientId&&bo(i,n.clientId,n.redirectUri),n.instanceAware&&(!e.extraQueryParameters\|\|!Object.keys(e.extraQueryParameters).includes(wi))&&ud(i),i}function Ed(n,e){const t=fr(e);return Q.appendQueryString(n.authorizationEndpoint,t)}function nm(n,e){if(_d(n,e),!n.code)throw v(bl);return n}function _d(n,e){if(!n.state\|\|!e)throw n.state?v(mi,"Cached State"):v(mi,"Server State");let t,r;try{t=decodeURIComponent(n.state)}catch{throw v(Un,n.state)}try{r=decodeURIComponent(e)}catch{throw v(Un,n.state)}if(t!==r)throw v(yl);if(n.error\|\|n.error_description\|\|n.suberror){const o=rm(n);throw vd(n.error,n.error_description,n.suberror)?new nt(n.error\|\|"",n.error_description,n.suberror,n.timestamp\|\|"",n.trace_id\|\|"",n.correlation_id\|\|"",n.claims\|\|"",o):new en(n.error\|\|"",n.error_description,n.suberror,o)}}function rm(n){var r,o;const e="code=",t=(r=n.error_uri)==null?void 0:r.lastIndexOf(e);return t&&t>=0?(o=n.error_uri)==null?void 0:o.substring(t+e.length):void 0}function om(n){var e;return((e=n.idTokenClaims)==null?void 0:e.sid)\|\|null}function im(n){var e;return((e=n.idTokenClaims)==null?void 0:e.login_hint)\|\|null}/! @azure/msal-common v15.4.0 2025-03-25 /const qa=",",Sd="\|";function sm(n){const{skus:e,libraryName:t,libraryVersion:r,extensionName:o,extensionVersion:i}=n,s=new Map([[0,[t,r]],[2,[o,i]]]);let a=[];if(e!=null&&e.length){if(a=e.split(qa),a.length<4)return e}else a=Array.from({length:4},()=>Sd);return s.forEach((c,d)=>{var l,h;c.length===2&&((l=c[0])!=null&&l.length)&&((h=c[1])!=null&&h.length)&&am({skuArr:a,index:d,skuName:c[0],skuVersion:c[1]})}),a.join(qa)}function am(n){const{skuArr:e,index:t,skuName:r,skuVersion:o}=n;t>=e.length\|\|(e[t]=[r,o].join(Sd))}class gr{constructor(e,t){this.cacheOutcome=cn.NOT_APPLICABLE,this.cacheManager=t,this.apiId=e.apiId,this.correlationId=e.correlationId,this.wrapperSKU=e.wrapperSKU\|\|C.EMPTY_STRING,this.wrapperVer=e.wrapperVer\|\|C.EMPTY_STRING,this.telemetryCacheKey=Ae.CACHE_KEY+ke.CACHE_KEY_SEPARATOR+e.clientId}generateCurrentRequestHeaderValue(){const e=`${this.apiId}${Ae.VALUE_SEPARATOR}${this.cacheOutcome}`,t=[this.wrapperSKU,this.wrapperVer],r=this.getNativeBrokerErrorCode();r!=null&&r.length&&t.push(`broker_error=${r}`);const o=t.join(Ae.VALUE_SEPARATOR),i=this.getRegionDiscoveryFields(),s=[e,i].join(Ae.VALUE_SEPARATOR);return[Ae.SCHEMA_VERSION,s,o].join(Ae.CATEGORY_SEPARATOR)}generateLastRequestHeaderValue(){const e=this.getLastRequests(),t=gr.maxErrorsToSend(e),r=e.failedRequests.slice(0,2t).join(Ae.VALUE_SEPARATOR),o=e.errors.slice(0,t).join(Ae.VALUE_SEPARATOR),i=e.errors.length,s=t<i?Ae.OVERFLOW_TRUE:Ae.OVERFLOW_FALSE,a=[i,s].join(Ae.VALUE_SEPARATOR);return[Ae.SCHEMA_VERSION,e.cacheHits,r,o,a].join(Ae.CATEGORY_SEPARATOR)}cacheFailedRequest(e){const t=this.getLastRequests();t.errors.length>=Ae.MAX_CACHED_ERRORS&&(t.failedRequests.shift(),t.failedRequests.shift(),t.errors.shift()),t.failedRequests.push(this.apiId,this.correlationId),e instanceof Error&&e&&e.toString()?e instanceof Z?e.subError?t.errors.push(e.subError):e.errorCode?t.errors.push(e.errorCode):t.errors.push(e.toString()):t.errors.push(e.toString()):t.errors.push(Ae.UNKNOWN_ERROR),this.cacheManager.setServerTelemetry(this.telemetryCacheKey,t)}incrementCacheHits(){const e=this.getLastRequests();return e.cacheHits+=1,this.cacheManager.setServerTelemetry(this.telemetryCacheKey,e),e.cacheHits}getLastRequests(){const e={failedRequests:[],errors:[],cacheHits:0};return this.cacheManager.getServerTelemetry(this.telemetryCacheKey)\|\|e}clearTelemetryCache(){const e=this.getLastRequests(),t=gr.maxErrorsToSend(e),r=e.errors.length;if(t===r)this.cacheManager.removeItem(this.telemetryCacheKey);else{const o={failedRequests:e.failedRequests.slice(t2),errors:e.errors.slice(t),cacheHits:0};this.cacheManager.setServerTelemetry(this.telemetryCacheKey,o)}}static maxErrorsToSend(e){let t,r=0,o=0;const i=e.errors.length;for(t=0;t<i;t++){const s=e.failedRequests[2t]\|\|C.EMPTY_STRING,a=e.failedRequests[2t+1]\|\|C.EMPTY_STRING,c=e.errors[t]\|\|C.EMPTY_STRING;if(o+=s.toString().length+a.toString().length+c.length+3,o<Ae.MAX_LAST_HEADER_BYTES)r+=1;else break}return r}getRegionDiscoveryFields(){const e=[];return e.push(this.regionUsed\|\|C.EMPTY_STRING),e.push(this.regionSource\|\|C.EMPTY_STRING),e.push(this.regionOutcome\|\|C.EMPTY_STRING),e.join(",")}updateRegionDiscoveryMetadata(e){this.regionUsed=e.region_used,this.regionSource=e.region_source,this.regionOutcome=e.region_outcome}setCacheOutcome(e){this.cacheOutcome=e}setNativeBrokerErrorCode(e){const t=this.getLastRequests();t.nativeBrokerErrorCode=e,this.cacheManager.setServerTelemetry(this.telemetryCacheKey,t)}getNativeBrokerErrorCode(){return this.getLastRequests().nativeBrokerErrorCode}clearNativeBrokerErrorCode(){const e=this.getLastRequests();delete e.nativeBrokerErrorCode,this.cacheManager.setServerTelemetry(this.telemetryCacheKey,e)}static makeExtraSkuString(e){return sm(e)}}/! @azure/msal-common v15.4.0 2025-03-25 /const bd="missing_kid_error",kd="missing_alg_error";/! @azure/msal-common v15.4.0 2025-03-25 /const cm={[bd]:"The JOSE Header for the requested JWT, JWS or JWK object requires a keyId to be configured as the 'kid' header claim. No 'kid' value was provided.",[kd]:"The JOSE Header for the requested JWT, JWS or JWK object requires an algorithm to be specified as the 'alg' header claim. No 'alg' value was provided."};class bs extends Z{constructor(e,t){super(e,t),this.name="JoseHeaderError",Object.setPrototypeOf(this,bs.prototype)}}function Va(n){return new bs(n,cm[n])}/! @azure/msal-common v15.4.0 2025-03-25 /class ks{constructor(e){this.typ=e.typ,this.alg=e.alg,this.kid=e.kid}static getShrHeaderString(e){if(!e.kid)throw Va(bd);if(!e.alg)throw Va(kd);const t=new ks({typ:e.typ\|\|tg.Pop,kid:e.kid,alg:e.alg});return JSON.stringify(t)}}/! @azure/msal-common v15.4.0 2025-03-25 /class ja{startMeasurement(){}endMeasurement(){}flushMeasurement(){return null}}class lm{generateId(){return"callback-id"}startMeasurement(e,t){return{end:()=>null,discard:()=>{},add:()=>{},increment:()=>{},event:{eventId:this.generateId(),status:Bp.InProgress,authority:"",libraryName:"",libraryVersion:"",clientId:"",name:e,startTimeMs:Date.now(),correlationId:t\|\|""},measurement:new ja}}startPerformanceMeasurement(){return new ja}calculateQueuedTime(){return 0}addQueueMeasurement(){}setPreQueueTime(){}endMeasurement(){return null}discardMeasurements(){}removePerformanceCallback(){return!0}addPerformanceCallback(){return""}emitEvents(){}addFields(){}incrementFields(){}cacheEventByCorrelationId(){}}/! @azure/msal-browser v4.9.0 2025-03-25 /const Rs="pkce_not_created",Os="ear_jwk_empty",Rd="ear_jwe_empty",Ei="crypto_nonexistent",No="empty_navigate_uri",Od="hash_empty_error",Ps="no_state_in_hash",Pd="hash_does_not_contain_known_properties",Nd="unable_to_parse_state",Md="state_interaction_type_mismatch",xd="interaction_in_progress",Hd="popup_window_error",Ld="empty_window_error",pr="user_cancelled",dm="monitor_popup_timeout",Ud="monitor_window_timeout",Dd="redirect_in_iframe",Fd="block_iframe_reload",Kd="block_nested_popups",hm="iframe_closed_prematurely",Mo="silent_logout_unsupported",Bd="no_account_error",um="silent_prompt_value_error",Gd="no_token_request_cache_error",$d="unable_to_parse_token_request_cache_error",fm="auth_request_not_set_error",gm="invalid_cache_type",xo="non_browser_environment",_n="database_not_open",oo="no_network_connectivity",zd="post_request_failed",qd="get_request_failed",_i="failed_to_parse_response",Vd="unable_to_load_token",Ns="crypto_key_not_found",jd="auth_code_required",Wd="auth_code_or_nativeAccountId_required",Yd="spa_code_and_nativeAccountId_present",Ms="database_unavailable",Qd="unable_to_acquire_token_from_native_platform",Jd="native_handshake_timeout",Xd="native_extension_not_installed",xs="native_connection_not_established",io="uninitialized_public_client_application",Zd="native_prompt_not_supported",eh="invalid_base64_string",th="invalid_pop_token_request",nh="failed_to_build_headers",rh="failed_to_parse_headers",Fr="failed_to_decrypt_ear_response";/! @azure/msal-browser v4.9.0 2025-03-25 /const bt="For more visit: aka.ms/msaljs/browser-errors",pm={[Rs]:"The PKCE code challenge and verifier could not be generated.",[Os]:"No EAR encryption key provided. This is unexpected.",[Rd]:"Server response does not contain ear_jwe property. This is unexpected.",[Ei]:"The crypto object or function is not available.",[No]:"Navigation URI is empty. Please check stack trace for more info.",[Od]:`Hash value cannot be processed because it is empty. Please verify that your redirectUri is not clearing the hash. ${bt}`,[Ps]:"Hash does not contain state. Please verify that the request originated from msal.",[Pd]:`Hash does not contain known properites. Please verify that your redirectUri is not changing the hash. ${bt}`,[Nd]:"Unable to parse state. Please verify that the request originated from msal.",[Md]:"Hash contains state but the interaction type does not match the caller.",[xd]:`Interaction is currently in progress. Please ensure that this interaction has been completed before calling an interactive API. ${bt}`,[Hd]:"Error opening popup window. This can happen if you are using IE or if popups are blocked in the browser.",[Ld]:"window.open returned null or undefined window object.",[pr]:"User cancelled the flow.",[dm]:`Token acquisition in popup failed due to timeout. ${bt}`,[Ud]:`Token acquisition in iframe failed due to timeout. ${bt}`,[Dd]:"Redirects are not supported for iframed or brokered applications. Please ensure you are using MSAL.js in a top frame of the window if using the redirect APIs, or use the popup APIs.",[Fd]:`Request was blocked inside an iframe because MSAL detected an authentication response. ${bt}`,[Kd]:"Request was blocked inside a popup because MSAL detected it was running in a popup.",[hm]:"The iframe being monitored was closed prematurely.",[Mo]:"Silent logout not supported. Please call logoutRedirect or logoutPopup instead.",[Bd]:"No account object provided to acquireTokenSilent and no active account has been set. Please call setActiveAccount or provide an account on the request.",[um]:"The value given for the prompt value is not valid for silent requests - must be set to 'none' or 'no_session'.",[Gd]:"No token request found in cache.",[$d]:"The cached token request could not be parsed.",[fm]:"Auth Request not set. Please ensure initiateAuthRequest was called from the InteractionHandler",[gm]:"Invalid cache type",[xo]:"Login and token requests are not supported in non-browser environments.",[_n]:"Database is not open!",[oo]:"No network connectivity. Check your internet connection.",[zd]:"Network request failed: If the browser threw a CORS error, check that the redirectUri is registered in the Azure App Portal as type 'SPA'",[qd]:"Network request failed. Please check the network trace to determine root cause.",[_i]:"Failed to parse network response. Check network trace.",[Vd]:"Error loading token to cache.",[Ns]:"Cryptographic Key or Keypair not found in browser storage.",[jd]:"An authorization code must be provided (as the `code` property on the request) to this flow.",[Wd]:"An authorization code or nativeAccountId must be provided to this flow.",[Yd]:"Request cannot contain both spa code and native account id.",[Ms]:"IndexedDB, which is required for persistent cryptographic key storage, is unavailable. This may be caused by browser privacy features which block persistent storage in third-party contexts.",[Qd]:`Unable to acquire token from native platform. ${bt}`,[Jd]:"Timed out while attempting to establish connection to browser extension",[Xd]:"Native extension is not installed. If you think this is a mistake call the initialize function.",[xs]:`Connection to native platform has not been established. Please install a compatible browser extension and run initialize(). ${bt}`,[io]:`You must call and await the initialize function before attempting to call any other MSAL API. ${bt}`,[Zd]:"The provided prompt is not supported by the native platform. This request should be routed to the web based flow.",[eh]:"Invalid base64 encoded string.",[th]:"Invalid PoP token request. The request should not have both a popKid value and signPopToken set to true.",[nh]:"Failed to build request headers object.",[rh]:"Failed to parse response headers",[Fr]:"Failed to decrypt ear response"};class Tr extends Z{constructor(e,t){super(e,pm[e],t),Object.setPrototypeOf(this,Tr.prototype),this.name="BrowserAuthError"}}function P(n,e){return new Tr(n,e)}/! @azure/msal-browser v4.9.0 2025-03-25 /const He={INVALID_GRANT_ERROR:"invalid_grant",POPUP_WIDTH:483,POPUP_HEIGHT:600,POPUP_NAME_PREFIX:"msal",DEFAULT_POLL_INTERVAL_MS:30,MSAL_SKU:"msal.js.browser"},bn={CHANNEL_ID:"53ee284d-920a-4b59-9d30-a60315b26836",PREFERRED_EXTENSION_ID:"ppnbnpeolgkicgegkbkbjmhlideopiji",MATS_TELEMETRY:"MATS"},ln={HandshakeRequest:"Handshake",HandshakeResponse:"HandshakeResponse",GetToken:"GetToken",Response:"Response"},we={LocalStorage:"localStorage",SessionStorage:"sessionStorage",MemoryStorage:"memoryStorage"},Wa={GET:"GET",POST:"POST"},ge={ORIGIN_URI:"request.origin",URL_HASH:"urlHash",REQUEST_PARAMS:"request.params",VERIFIER:"code.verifier",INTERACTION_STATUS_KEY:"interaction.status",NATIVE_REQUEST:"request.native"},$t={ACCOUNT_KEYS:"msal.account.keys",TOKEN_KEYS:"msal.token.keys"},Nr={WRAPPER_SKU:"wrapper.sku",WRAPPER_VER:"wrapper.version"},se={acquireTokenRedirect:861,acquireTokenPopup:862,ssoSilent:863,acquireTokenSilent_authCode:864,handleRedirectPromise:865,acquireTokenByCode:866,acquireTokenSilent_silentFlow:61,logout:961,logoutPopup:962};var M;(function(n){n.Redirect="redirect",n.Popup="popup",n.Silent="silent",n.None="none"})(M\|\|(M={}));const Si={scopes:yn},oh="jwk",bi="msal.db",mm=1,Cm=`${bi}.keys`,ye={Default:0,AccessToken:1,AccessTokenAndRefreshToken:2,RefreshToken:3,RefreshTokenAndNetwork:4,Skip:5},ym=[ye.Default,ye.Skip,ye.RefreshTokenAndNetwork],Tm="msal.browser.log.level",Am="msal.browser.log.pii";/! @azure/msal-browser v4.9.0 2025-03-25 /function Mr(n){return encodeURIComponent(mr(n).replace(/=/g,"").replace(/\+/g,"-").replace(/\//g,"_"))}function Qt(n){return ih(n).replace(/=/g,"").replace(/\+/g,"-").replace(/\//g,"_")}function mr(n){return ih(new TextEncoder().encode(n))}function ih(n){const e=Array.from(n,t=>String.fromCodePoint(t)).join("");return btoa(e)}/! @azure/msal-browser v4.9.0 2025-03-25 /function ct(n){return new TextDecoder().decode(jt(n))}function jt(n){let e=n.replace(/-/g,"+").replace(/_/g,"/");switch(e.length%4){case 0:break;case 2:e+="==";break;case 3:e+="=";break;default:throw P(eh)}const t=atob(e);return Uint8Array.from(t,r=>r.codePointAt(0)\|\|0)}/! @azure/msal-browser v4.9.0 2025-03-25 /const vm="RSASSA-PKCS1-v1_5",Bn="AES-GCM",sh="HKDF",Hs="SHA-256",wm=2048,Im=new Uint8Array([1,0,1]),Ya="0123456789abcdef",Qa=new Uint32Array(1),Ls="raw",ah="encrypt",Us="decrypt",Em="deriveKey",_m="crypto_subtle_undefined",Ds={name:vm,hash:Hs,modulusLength:wm,publicExponent:Im};function Sm(n){if(!window)throw P(xo);if(!window.crypto)throw P(Ei);if(!n&&!window.crypto.subtle)throw P(Ei,_m)}async function ch(n,e,t){e==null\|\|e.addQueueMeasurement(f.Sha256Digest,t);const o=new TextEncoder().encode(n);return window.crypto.subtle.digest(Hs,o)}function bm(n){return window.crypto.getRandomValues(n)}function ri(){return window.crypto.getRandomValues(Qa),Qa[0]}function We(){const n=Date.now(),e=ri()1024+(ri()&1023),t=new Uint8Array(16),r=Math.trunc(e/230),o=e&230-1,i=ri();t[0]=n/240,t[1]=n/232,t[2]=n/224,t[3]=n/216,t[4]=n/28,t[5]=n,t[6]=112\|r>>>8,t[7]=r,t[8]=128\|o>>>24,t[9]=o>>>16,t[10]=o>>>8,t[11]=o,t[12]=i>>>24,t[13]=i>>>16,t[14]=i>>>8,t[15]=i;let s="";for(let a=0;a<t.length;a++)s+=Ya.charAt(t[a]>>>4),s+=Ya.charAt(t[a]&15),(a===3\|\|a===5\|\|a===7\|\|a===9)&&(s+="-");return s}async function km(n,e){return window.crypto.subtle.generateKey(Ds,n,e)}async function oi(n){return window.crypto.subtle.exportKey(oh,n)}async function Rm(n,e,t){return window.crypto.subtle.importKey(oh,n,Ds,e,t)}async function Om(n,e){return window.crypto.subtle.sign(Ds,n,e)}async function Fs(){const n=await lh(),t={alg:"dir",kty:"oct",k:Qt(new Uint8Array(n))};return mr(JSON.stringify(t))}async function Pm(n){const e=ct(n),r=JSON.parse(e).k,o=jt(r);return window.crypto.subtle.importKey(Ls,o,Bn,!1,[Us])}async function Nm(n,e){const t=e.split(".");if(t.length!==5)throw P(Fr,"jwe_length");const r=await Pm(n).catch(()=>{throw P(Fr,"import_key")});try{const o=new TextEncoder().encode(t[0]),i=jt(t[2]),s=jt(t[3]),a=jt(t[4]),c=a.byteLength8,d=new Uint8Array(s.length+a.length);d.set(s),d.set(a,s.length);const l=await window.crypto.subtle.decrypt({name:Bn,iv:i,tagLength:c,additionalData:o},r,d);return new TextDecoder().decode(l)}catch{throw P(Fr,"decrypt")}}async function lh(){const n=await window.crypto.subtle.generateKey({name:Bn,length:256},!0,[ah,Us]);return window.crypto.subtle.exportKey(Ls,n)}async function Ja(n){return window.crypto.subtle.importKey(Ls,n,sh,!1,[Em])}async function dh(n,e,t){return window.crypto.subtle.deriveKey({name:sh,salt:e,hash:Hs,info:new TextEncoder().encode(t)},n,{name:Bn,length:256},!1,[ah,Us])}async function Mm(n,e,t){const r=new TextEncoder().encode(e),o=window.crypto.getRandomValues(new Uint8Array(16)),i=await dh(n,o,t),s=await window.crypto.subtle.encrypt({name:Bn,iv:new Uint8Array(12)},i,r);return{data:Qt(new Uint8Array(s)),nonce:Qt(o)}}async function xm(n,e,t,r){const o=jt(r),i=await dh(n,jt(e),t),s=await window.crypto.subtle.decrypt({name:Bn,iv:new Uint8Array(12)},i,o);return new TextDecoder().decode(s)}async function hh(n){const e=await ch(n),t=new Uint8Array(e);return Qt(t)}/! @azure/msal-browser v4.9.0 2025-03-25 /const Ks="storage_not_supported",Hm="stubbed_public_client_application_called",uh="in_mem_redirect_unavailable";/! @azure/msal-browser v4.9.0 2025-03-25 /const Lm={[Ks]:"Given storage configuration option was not supported.",[Hm]:"Stub instance of Public Client Application was called. If using msal-react, please ensure context is not used without a provider. For more visit: aka.ms/msaljs/browser-errors",[uh]:"Redirect cannot be supported. In-memory storage was selected and storeAuthStateInCookie=false, which would cause the library to be unable to handle the incoming hash. If you would like to use the redirect API, please use session/localStorage or set storeAuthStateInCookie=true."};class Bs extends Z{constructor(e,t){super(e,t),this.name="BrowserConfigurationAuthError",Object.setPrototypeOf(this,Bs.prototype)}}function Gs(n){return new Bs(n,Lm[n])}/! @azure/msal-browser v4.9.0 2025-03-25 /function Um(n){n.location.hash="",typeof n.history.replaceState=="function"&&n.history.replaceState(null,"",`${n.location.origin}${n.location.pathname}${n.location.search}`)}function Dm(n){const e=n.split("#");e.shift(),window.location.hash=e.length>0?e.join("#"):""}function $s(){return window.parent!==window}function Fm(){return typeof window<"u"&&!!window.opener&&window.opener!==window&&typeof window.name=="string"&&window.name.indexOf(`${He.POPUP_NAME_PREFIX}.`)===0}function Nt(){return typeof window<"u"&&window.location?window.location.href.split("?")[0].split("#")[0]:""}function Km(){const e=new Q(window.location.href).getUrlComponents();return`${e.Protocol}//${e.HostNameAndPort}/`}function Bm(){if(Q.hashContainsKnownProperties(window.location.hash)&&$s())throw P(Fd)}function Gm(n){if($s()&&!n)throw P(Dd)}function $m(){if(Fm())throw P(Kd)}function fh(){if(typeof window>"u")throw P(xo)}function gh(n){if(!n)throw P(io)}function zs(n){fh(),Bm(),$m(),gh(n)}function Xa(n,e){if(zs(n),Gm(e.system.allowRedirectInIframe),e.cache.cacheLocation===we.MemoryStorage&&!e.cache.storeAuthStateInCookie)throw Gs(uh)}function ph(n){const e=document.createElement("link");e.rel="preconnect",e.href=new URL(n).origin,e.crossOrigin="anonymous",document.head.appendChild(e),window.setTimeout(()=>{try{document.head.removeChild(e)}catch{}},1e4)}function zm(){return We()}/! @azure/msal-browser v4.9.0 2025-03-25 /class so{navigateInternal(e,t){return so.defaultNavigateWindow(e,t)}navigateExternal(e,t){return so.defaultNavigateWindow(e,t)}static defaultNavigateWindow(e,t){return t.noHistory?window.location.replace(e):window.location.assign(e),new Promise(r=>{setTimeout(()=>{r(!0)},t.timeout)})}}/! @azure/msal-browser v4.9.0 2025-03-25 /class qm{async sendGetRequestAsync(e,t){let r,o={},i=0;const s=Za(t);try{r=await fetch(e,{method:Wa.GET,headers:s})}catch{throw P(window.navigator.onLine?qd:oo)}o=ec(r.headers);try{return i=r.status,{headers:o,body:await r.json(),status:i}}catch{throw $a(P(_i),i,o)}}async sendPostRequestAsync(e,t){const r=t&&t.body\|\|"",o=Za(t);let i,s=0,a={};try{i=await fetch(e,{method:Wa.POST,headers:o,body:r})}catch{throw P(window.navigator.onLine?zd:oo)}a=ec(i.headers);try{return s=i.status,{headers:a,body:await i.json(),status:s}}catch{throw $a(P(_i),s,a)}}}function Za(n){try{const e=new Headers;if(!(n&&n.headers))return e;const t=n.headers;return Object.entries(t).forEach(([r,o])=>{e.append(r,o)}),e}catch{throw P(nh)}}function ec(n){try{const e={};return n.forEach((t,r)=>{e[r]=t}),e}catch{throw P(rh)}}/! @azure/msal-browser v4.9.0 2025-03-25 /const Vm=6e4,ki=1e4,jm=3e4,Wm=2e3;function Ym({auth:n,cache:e,system:t,telemetry:r},o){const i={clientId:C.EMPTY_STRING,authority:`${C.DEFAULT_AUTHORITY}`,knownAuthorities:[],cloudDiscoveryMetadata:C.EMPTY_STRING,authorityMetadata:C.EMPTY_STRING,redirectUri:typeof window<"u"?Nt():"",postLogoutRedirectUri:C.EMPTY_STRING,navigateToLoginRequestUrl:!0,clientCapabilities:[],protocolMode:Ue.AAD,OIDCOptions:{serverResponseType:To.FRAGMENT,defaultScopes:[C.OPENID_SCOPE,C.PROFILE_SCOPE,C.OFFLINE_ACCESS_SCOPE]},azureCloudOptions:{azureCloudInstance:cs.None,tenant:C.EMPTY_STRING},skipAuthorityMetadataCache:!1,supportsNestedAppAuth:!1,instanceAware:!1},s={cacheLocation:we.SessionStorage,temporaryCacheLocation:we.SessionStorage,storeAuthStateInCookie:!1,secureCookies:!1,cacheMigrationEnabled:!!(e&&e.cacheLocation===we.LocalStorage),claimsBasedCachingEnabled:!1},a={loggerCallback:()=>{},logLevel:he.Info,piiLoggingEnabled:!1},d={...{...td,loggerOptions:a,networkClient:o?new qm:em,navigationClient:new so,loadFrameTimeout:0,windowHashTimeout:(t==null?void 0:t.loadFrameTimeout)\|\|Vm,iframeHashTimeout:(t==null?void 0:t.loadFrameTimeout)\|\|ki,navigateFrameWait:0,redirectNavigationTimeout:jm,asyncPopups:!1,allowRedirectInIframe:!1,allowPlatformBroker:!1,nativeBrokerHandshakeTimeout:(t==null?void 0:t.nativeBrokerHandshakeTimeout)\|\|Wm,pollIntervalMilliseconds:He.DEFAULT_POLL_INTERVAL_MS},...t,loggerOptions:(t==null?void 0:t.loggerOptions)\|\|a},l={application:{appName:C.EMPTY_STRING,appVersion:C.EMPTY_STRING},client:new lm};if((n==null?void 0:n.protocolMode)!==Ue.OIDC&&(n!=null&&n.OIDCOptions)&&new Ht(d.loggerOptions).warning(JSON.stringify(oe(jl))),n!=null&&n.protocolMode&&n.protocolMode===Ue.OIDC&&(d!=null&&d.allowPlatformBroker))throw oe(Wl);const h={auth:{...i,...n,OIDCOptions:{...i.OIDCOptions,...n==null?void 0:n.OIDCOptions}},cache:{...s,...e},system:d,telemetry:{...l,...r}};return h.auth.protocolMode===Ue.EAR&&(new Ht(d.loggerOptions).warning("EAR Protocol Mode is not yet supported. Overriding to use PKCE auth"),h.auth.protocolMode=Ue.AAD),h}/! @azure/msal-browser v4.9.0 2025-03-25 /const Qm="@azure/msal-browser",Gn="4.9.0";/! @azure/msal-browser v4.9.0 2025-03-25 /class Ho{static loggerCallback(e,t){switch(e){case he.Error:console.error(t);return;case he.Info:console.info(t);return;case he.Verbose:console.debug(t);return;case he.Warning:console.warn(t);return;default:console.log(t);return}}constructor(e){var c;this.browserEnvironment=typeof window<"u",this.config=Ym(e,this.browserEnvironment);let t;try{t=window[we.SessionStorage]}catch{}const r=t==null?void 0:t.getItem(Tm),o=(c=t==null?void 0:t.getItem(Am))==null?void 0:c.toLowerCase(),i=o==="true"?!0:o==="false"?!1:void 0,s={...this.config.system.loggerOptions},a=r&&Object.keys(he).includes(r)?he[r]:void 0;a&&(s.loggerCallback=Ho.loggerCallback,s.logLevel=a),i!==void 0&&(s.piiLoggingEnabled=i),this.logger=new Ht(s,Qm,Gn),this.available=!1}getConfig(){return this.config}getLogger(){return this.logger}isAvailable(){return this.available}isBrowserEnvironment(){return this.browserEnvironment}}/! @azure/msal-browser v4.9.0 2025-03-25 /const kt={UserInteractionRequired:"USER_INTERACTION_REQUIRED",UserCancel:"USER_CANCEL",NoNetwork:"NO_NETWORK",TransientError:"TRANSIENT_ERROR",PersistentError:"PERSISTENT_ERROR",Disabled:"DISABLED",AccountUnavailable:"ACCOUNT_UNAVAILABLE",NestedAppAuthUnavailable:"NESTED_APP_AUTH_UNAVAILABLE"};/! @azure/msal-browser v4.9.0 2025-03-25 /class Ne{static async initializeNestedAppAuthBridge(){if(window===void 0)throw new Error("window is undefined");if(window.nestedAppAuthBridge===void 0)throw new Error("window.nestedAppAuthBridge is undefined");try{window.nestedAppAuthBridge.addEventListener("message",t=>{const r=typeof t=="string"?t:t.data,o=JSON.parse(r),i=Ne.bridgeRequests.find(s=>s.requestId===o.requestId);i!==void 0&&(Ne.bridgeRequests.splice(Ne.bridgeRequests.indexOf(i),1),o.success?i.resolve(o):i.reject(o.error))});const e=await new Promise((t,r)=>{const o=Ne.buildRequest("GetInitContext"),i={requestId:o.requestId,method:o.method,resolve:t,reject:r};Ne.bridgeRequests.push(i),window.nestedAppAuthBridge.postMessage(JSON.stringify(o))});return Ne.validateBridgeResultOrThrow(e.initContext)}catch(e){throw window.console.log(e),e}}getTokenInteractive(e){return this.getToken("GetTokenPopup",e)}getTokenSilent(e){return this.getToken("GetToken",e)}async getToken(e,t){const r=await this.sendRequest(e,{tokenParams:t});return{token:Ne.validateBridgeResultOrThrow(r.token),account:Ne.validateBridgeResultOrThrow(r.account)}}getHostCapabilities(){return this.capabilities??null}getAccountContext(){return this.accountContext?this.accountContext:null}static buildRequest(e,t){return{messageType:"NestedAppAuthRequest",method:e,requestId:We(),sendTime:Date.now(),clientLibrary:He.MSAL_SKU,clientLibraryVersion:Gn,...t}}sendRequest(e,t){const r=Ne.buildRequest(e,t);return new Promise((i,s)=>{const a={requestId:r.requestId,method:r.method,resolve:i,reject:s};Ne.bridgeRequests.push(a),window.nestedAppAuthBridge.postMessage(JSON.stringify(r))})}static validateBridgeResultOrThrow(e){if(e===void 0)throw{status:kt.NestedAppAuthUnavailable};return e}constructor(e,t,r,o){this.sdkName=e,this.sdkVersion=t,this.accountContext=r,this.capabilities=o}static async create(){const e=await Ne.initializeNestedAppAuthBridge();return new Ne(e.sdkName,e.sdkVersion,e.accountContext,e.capabilities)}}Ne.bridgeRequests=[];/! @azure/msal-browser v4.9.0 2025-03-25 /class Fn extends Ho{constructor(){super(...arguments),this.bridgeProxy=void 0,this.accountContext=null}getModuleName(){return Fn.MODULE_NAME}getId(){return Fn.ID}getBridgeProxy(){return this.bridgeProxy}async initialize(){try{if(typeof window<"u"){typeof window.__initializeNestedAppAuth=="function"&&await window.__initializeNestedAppAuth();const e=await Ne.create();this.accountContext=e.getAccountContext(),this.bridgeProxy=e,this.available=e!==void 0}}catch(e){this.logger.infoPii(`Could not initialize Nested App Auth bridge (${e})`)}return this.logger.info(`Nested App Auth Bridge available: ${this.available}`),this.available}}Fn.MODULE_NAME="";Fn.ID="NestedAppOperatingContext";/! @azure/msal-browser v4.9.0 2025-03-25 /class mn extends Ho{getModuleName(){return mn.MODULE_NAME}getId(){return mn.ID}async initialize(){return this.available=typeof window<"u",this.available}}mn.MODULE_NAME="";mn.ID="StandardOperatingContext";/! @azure/msal-browser v4.9.0 2025-03-25 /class Jm{constructor(){this.dbName=bi,this.version=mm,this.tableName=Cm,this.dbOpen=!1}async open(){return new Promise((e,t)=>{const r=window.indexedDB.open(this.dbName,this.version);r.addEventListener("upgradeneeded",o=>{o.target.result.createObjectStore(this.tableName)}),r.addEventListener("success",o=>{const i=o;this.db=i.target.result,this.dbOpen=!0,e()}),r.addEventListener("error",()=>t(P(Ms)))})}closeConnection(){const e=this.db;e&&this.dbOpen&&(e.close(),this.dbOpen=!1)}async validateDbIsOpen(){if(!this.dbOpen)return this.open()}async getItem(e){return await this.validateDbIsOpen(),new Promise((t,r)=>{if(!this.db)return r(P(_n));const s=this.db.transaction([this.tableName],"readonly").objectStore(this.tableName).get(e);s.addEventListener("success",a=>{const c=a;this.closeConnection(),t(c.target.result)}),s.addEventListener("error",a=>{this.closeConnection(),r(a)})})}async setItem(e,t){return await this.validateDbIsOpen(),new Promise((r,o)=>{if(!this.db)return o(P(_n));const a=this.db.transaction([this.tableName],"readwrite").objectStore(this.tableName).put(t,e);a.addEventListener("success",()=>{this.closeConnection(),r()}),a.addEventListener("error",c=>{this.closeConnection(),o(c)})})}async removeItem(e){return await this.validateDbIsOpen(),new Promise((t,r)=>{if(!this.db)return r(P(_n));const s=this.db.transaction([this.tableName],"readwrite").objectStore(this.tableName).delete(e);s.addEventListener("success",()=>{this.closeConnection(),t()}),s.addEventListener("error",a=>{this.closeConnection(),r(a)})})}async getKeys(){return await this.validateDbIsOpen(),new Promise((e,t)=>{if(!this.db)return t(P(_n));const i=this.db.transaction([this.tableName],"readonly").objectStore(this.tableName).getAllKeys();i.addEventListener("success",s=>{const a=s;this.closeConnection(),e(a.target.result)}),i.addEventListener("error",s=>{this.closeConnection(),t(s)})})}async containsKey(e){return await this.validateDbIsOpen(),new Promise((t,r)=>{if(!this.db)return r(P(_n));const s=this.db.transaction([this.tableName],"readonly").objectStore(this.tableName).count(e);s.addEventListener("success",a=>{const c=a;this.closeConnection(),t(c.target.result===1)}),s.addEventListener("error",a=>{this.closeConnection(),r(a)})})}async deleteDatabase(){return this.db&&this.dbOpen&&this.closeConnection(),new Promise((e,t)=>{const r=window.indexedDB.deleteDatabase(bi),o=setTimeout(()=>t(!1),200);r.addEventListener("success",()=>(clearTimeout(o),e(!0))),r.addEventListener("blocked",()=>(clearTimeout(o),e(!0))),r.addEventListener("error",()=>(clearTimeout(o),t(!1)))})}}/! @azure/msal-browser v4.9.0 2025-03-25 /class Lo{constructor(){this.cache=new Map}async initialize(){}getItem(e){return this.cache.get(e)\|\|null}getUserData(e){return this.getItem(e)}setItem(e,t){this.cache.set(e,t)}async setUserData(e,t){this.setItem(e,t)}removeItem(e){this.cache.delete(e)}getKeys(){const e=[];return this.cache.forEach((t,r)=>{e.push(r)}),e}containsKey(e){return this.cache.has(e)}clear(){this.cache.clear()}}/! @azure/msal-browser v4.9.0 2025-03-25 /class Xm{constructor(e){this.inMemoryCache=new Lo,this.indexedDBCache=new Jm,this.logger=e}handleDatabaseAccessError(e){if(e instanceof Tr&&e.errorCode===Ms)this.logger.error("Could not access persistent storage. This may be caused by browser privacy features which block persistent storage in third-party contexts.");else throw e}async getItem(e){const t=this.inMemoryCache.getItem(e);if(!t)try{return this.logger.verbose("Queried item not found in in-memory cache, now querying persistent storage."),await this.indexedDBCache.getItem(e)}catch(r){this.handleDatabaseAccessError(r)}return t}async setItem(e,t){this.inMemoryCache.setItem(e,t);try{await this.indexedDBCache.setItem(e,t)}catch(r){this.handleDatabaseAccessError(r)}}async removeItem(e){this.inMemoryCache.removeItem(e);try{await this.indexedDBCache.removeItem(e)}catch(t){this.handleDatabaseAccessError(t)}}async getKeys(){const e=this.inMemoryCache.getKeys();if(e.length===0)try{return this.logger.verbose("In-memory cache is empty, now querying persistent storage."),await this.indexedDBCache.getKeys()}catch(t){this.handleDatabaseAccessError(t)}return e}async containsKey(e){const t=this.inMemoryCache.containsKey(e);if(!t)try{return this.logger.verbose("Key not found in in-memory cache, now querying persistent storage."),await this.indexedDBCache.containsKey(e)}catch(r){this.handleDatabaseAccessError(r)}return t}clearInMemory(){this.logger.verbose("Deleting in-memory keystore"),this.inMemoryCache.clear(),this.logger.verbose("In-memory keystore deleted")}async clearPersistent(){try{this.logger.verbose("Deleting persistent keystore");const e=await this.indexedDBCache.deleteDatabase();return e&&this.logger.verbose("Persistent keystore deleted"),e}catch(e){return this.handleDatabaseAccessError(e),!1}}}/! @azure/msal-browser v4.9.0 2025-03-25 /class It{constructor(e,t,r){this.logger=e,Sm(r??!1),this.cache=new Xm(this.logger),this.performanceClient=t}createNewGuid(){return We()}base64Encode(e){return mr(e)}base64Decode(e){return ct(e)}base64UrlEncode(e){return Mr(e)}encodeKid(e){return this.base64UrlEncode(JSON.stringify({kid:e}))}async getPublicKeyThumbprint(e){var l;const t=(l=this.performanceClient)==null?void 0:l.startMeasurement(f.CryptoOptsGetPublicKeyThumbprint,e.correlationId),r=await km(It.EXTRACTABLE,It.POP_KEY_USAGES),o=await oi(r.publicKey),i={e:o.e,kty:o.kty,n:o.n},s=tc(i),a=await this.hashString(s),c=await oi(r.privateKey),d=await Rm(c,!1,["sign"]);return await this.cache.setItem(a,{privateKey:d,publicKey:r.publicKey,requestMethod:e.resourceRequestMethod,requestUri:e.resourceRequestUri}),t&&t.end({success:!0}),a}async removeTokenBindingKey(e){return await this.cache.removeItem(e),!await this.cache.containsKey(e)}async clearKeystore(){this.cache.clearInMemory();try{return await this.cache.clearPersistent(),!0}catch(e){return e instanceof Error?this.logger.error(`Clearing keystore failed with error: ${e.message}`):this.logger.error("Clearing keystore failed with unknown error"),!1}}async signJwt(e,t,r,o){var J;const i=(J=this.performanceClient)==null?void 0:J.startMeasurement(f.CryptoOptsSignJwt,o),s=await this.cache.getItem(t);if(!s)throw P(Ns);const a=await oi(s.publicKey),c=tc(a),d=Mr(JSON.stringify({kid:t})),l=ks.getShrHeaderString({...r==null?void 0:r.header,alg:a.alg,kid:d}),h=Mr(l);e.cnf={jwk:JSON.parse(c)};const p=Mr(JSON.stringify(e)),y=`${h}.${p}`,S=new TextEncoder().encode(y),q=await Om(s.privateKey,S),D=Qt(new Uint8Array(q)),V=`${y}.${D}`;return i&&i.end({success:!0}),V}async hashString(e){return hh(e)}}It.POP_KEY_USAGES=["sign","verify"];It.EXTRACTABLE=!0;function tc(n){return JSON.stringify(n,Object.keys(n).sort())}/! @azure/msal-browser v4.9.0 2025-03-25 /const Zm=2460601e3,Ri={Lax:"Lax",None:"None"};class mh{initialize(){return Promise.resolve()}getItem(e){const t=`${encodeURIComponent(e)}`,r=document.cookie.split(";");for(let o=0;o<r.length;o++){const i=r[o],[s,...a]=decodeURIComponent(i).trim().split("="),c=a.join("=");if(s===t)return c}return""}getUserData(){throw v(z)}setItem(e,t,r,o=!0,i=Ri.Lax){let s=`${encodeURIComponent(e)}=${encodeURIComponent(t)};path=/;SameSite=${i};`;if(r){const a=eC(r);s+=`expires=${a};`}(o\|\|i===Ri.None)&&(s+="Secure;"),document.cookie=s}async setUserData(){return Promise.reject(v(z))}removeItem(e){this.setItem(e,"",-1)}getKeys(){const e=document.cookie.split(";"),t=[];return e.forEach(r=>{const o=decodeURIComponent(r).trim().split("=");t.push(o[0])}),t}containsKey(e){return this.getKeys().includes(e)}}function eC(n){const e=new Date;return new Date(e.getTime()+nZm).toUTCString()}/! @azure/msal-browser v4.9.0 2025-03-25 /function Oi(n){const e=n.getItem($t.ACCOUNT_KEYS);return e?JSON.parse(e):[]}function Pi(n,e){const t=e.getItem(`${$t.TOKEN_KEYS}.${n}`);if(t){const r=JSON.parse(t);if(r&&r.hasOwnProperty("idToken")&&r.hasOwnProperty("accessToken")&&r.hasOwnProperty("refreshToken"))return r}return{idToken:[],accessToken:[],refreshToken:[]}}/! @azure/msal-browser v4.9.0 2025-03-25 /const nc="msal.cache.encryption",tC="msal.broadcast.cache";class nC{constructor(e,t,r){if(!window.localStorage)throw Gs(Ks);this.memoryStorage=new Lo,this.initialized=!1,this.clientId=e,this.logger=t,this.performanceClient=r,this.broadcast=new BroadcastChannel(tC)}async initialize(e){this.initialized=!0;const t=new mh,r=t.getItem(nc);let o={key:"",id:""};if(r)try{o=JSON.parse(r)}catch{}if(o.key&&o.id){const i=lt(jt,f.Base64Decode,this.logger,this.performanceClient,e)(o.key);this.encryptionCookie={id:o.id,key:await T(Ja,f.GenerateHKDF,this.logger,this.performanceClient,e)(i)},await T(this.importExistingCache.bind(this),f.ImportExistingCache,this.logger,this.performanceClient,e)(e)}else{this.clear();const i=We(),s=await T(lh,f.GenerateBaseKey,this.logger,this.performanceClient,e)(),a=lt(Qt,f.UrlEncodeArr,this.logger,this.performanceClient,e)(new Uint8Array(s));this.encryptionCookie={id:i,key:await T(Ja,f.GenerateHKDF,this.logger,this.performanceClient,e)(s)};const c={id:i,key:a};t.setItem(nc,JSON.stringify(c),0,!0,Ri.None)}this.broadcast.addEventListener("message",this.updateCache.bind(this))}getItem(e){return window.localStorage.getItem(e)}getUserData(e){if(!this.initialized)throw P(io);return this.memoryStorage.getItem(e)}setItem(e,t){window.localStorage.setItem(e,t)}async setUserData(e,t,r){if(!this.initialized\|\|!this.encryptionCookie)throw P(io);const{data:o,nonce:i}=await T(Mm,f.Encrypt,this.logger,this.performanceClient,r)(this.encryptionCookie.key,t,this.getContext(e)),s={id:this.encryptionCookie.id,nonce:i,data:o};this.memoryStorage.setItem(e,t),this.setItem(e,JSON.stringify(s)),this.broadcast.postMessage({key:e,value:t,context:this.getContext(e)})}removeItem(e){this.memoryStorage.containsKey(e)&&(this.memoryStorage.removeItem(e),this.broadcast.postMessage({key:e,value:null,context:this.getContext(e)})),window.localStorage.removeItem(e)}getKeys(){return Object.keys(window.localStorage)}containsKey(e){return window.localStorage.hasOwnProperty(e)}clear(){this.memoryStorage.clear(),Oi(this).forEach(r=>this.removeItem(r));const t=Pi(this.clientId,this);t.idToken.forEach(r=>this.removeItem(r)),t.accessToken.forEach(r=>this.removeItem(r)),t.refreshToken.forEach(r=>this.removeItem(r)),this.getKeys().forEach(r=>{(r.startsWith(C.CACHE_PREFIX)\|\|r.indexOf(this.clientId)!==-1)&&this.removeItem(r)})}async importExistingCache(e){if(!this.encryptionCookie)return;let t=Oi(this);t=await this.importArray(t,e),this.setItem($t.ACCOUNT_KEYS,JSON.stringify(t));const r=Pi(this.clientId,this);r.idToken=await this.importArray(r.idToken,e),r.accessToken=await this.importArray(r.accessToken,e),r.refreshToken=await this.importArray(r.refreshToken,e),this.setItem(`${$t.TOKEN_KEYS}.${this.clientId}`,JSON.stringify(r))}async getItemFromEncryptedCache(e,t){if(!this.encryptionCookie)return null;const r=this.getItem(e);if(!r)return null;let o;try{o=JSON.parse(r)}catch{return null}return!o.id\|\|!o.nonce\|\|!o.data?(this.performanceClient.incrementFields({unencryptedCacheCount:1},t),null):o.id!==this.encryptionCookie.id?(this.performanceClient.incrementFields({encryptedCacheExpiredCount:1},t),null):T(xm,f.Decrypt,this.logger,this.performanceClient,t)(this.encryptionCookie.key,o.nonce,this.getContext(e),o.data)}async importArray(e,t){const r=[],o=[];return e.forEach(i=>{const s=this.getItemFromEncryptedCache(i,t).then(a=>{a?(this.memoryStorage.setItem(i,a),r.push(i)):this.removeItem(i)});o.push(s)}),await Promise.all(o),r}getContext(e){let t="";return e.includes(this.clientId)&&(t=this.clientId),t}updateCache(e){this.logger.trace("Updating internal cache from broadcast event");const t=this.performanceClient.startMeasurement(f.LocalStorageUpdated);t.add({isBackground:!0});const{key:r,value:o,context:i}=e.data;if(!r){this.logger.error("Broadcast event missing key"),t.end({success:!1,errorCode:"noKey"});return}if(i&&i!==this.clientId){this.logger.trace(`Ignoring broadcast event from clientId: ${i}`),t.end({success:!1,errorCode:"contextMismatch"});return}o?(this.memoryStorage.setItem(r,o),this.logger.verbose("Updated item in internal cache")):(this.memoryStorage.removeItem(r),this.logger.verbose("Removed item from internal cache")),t.end({success:!0})}}/! @azure/msal-browser v4.9.0 2025-03-25 /class rC{constructor(){if(!window.sessionStorage)throw Gs(Ks)}async initialize(){}getItem(e){return window.sessionStorage.getItem(e)}getUserData(e){return this.getItem(e)}setItem(e,t){window.sessionStorage.setItem(e,t)}async setUserData(e,t){this.setItem(e,t)}removeItem(e){window.sessionStorage.removeItem(e)}getKeys(){return Object.keys(window.sessionStorage)}containsKey(e){return window.sessionStorage.hasOwnProperty(e)}}/! @azure/msal-browser v4.9.0 2025-03-25 /const N={INITIALIZE_START:"msal:initializeStart",INITIALIZE_END:"msal:initializeEnd",ACCOUNT_ADDED:"msal:accountAdded",ACCOUNT_REMOVED:"msal:accountRemoved",ACTIVE_ACCOUNT_CHANGED:"msal:activeAccountChanged",LOGIN_START:"msal:loginStart",LOGIN_SUCCESS:"msal:loginSuccess",LOGIN_FAILURE:"msal:loginFailure",ACQUIRE_TOKEN_START:"msal:acquireTokenStart",ACQUIRE_TOKEN_SUCCESS:"msal:acquireTokenSuccess",ACQUIRE_TOKEN_FAILURE:"msal:acquireTokenFailure",ACQUIRE_TOKEN_NETWORK_START:"msal:acquireTokenFromNetworkStart",SSO_SILENT_START:"msal:ssoSilentStart",SSO_SILENT_SUCCESS:"msal:ssoSilentSuccess",SSO_SILENT_FAILURE:"msal:ssoSilentFailure",ACQUIRE_TOKEN_BY_CODE_START:"msal:acquireTokenByCodeStart",ACQUIRE_TOKEN_BY_CODE_SUCCESS:"msal:acquireTokenByCodeSuccess",ACQUIRE_TOKEN_BY_CODE_FAILURE:"msal:acquireTokenByCodeFailure",HANDLE_REDIRECT_START:"msal:handleRedirectStart",HANDLE_REDIRECT_END:"msal:handleRedirectEnd",POPUP_OPENED:"msal:popupOpened",LOGOUT_START:"msal:logoutStart",LOGOUT_SUCCESS:"msal:logoutSuccess",LOGOUT_FAILURE:"msal:logoutFailure",LOGOUT_END:"msal:logoutEnd",RESTORE_FROM_BFCACHE:"msal:restoreFromBFCache"};/! @azure/msal-browser v4.9.0 2025-03-25 /class ao extends vi{constructor(e,t,r,o,i,s,a){super(e,r,o,a),this.cacheConfig=t,this.logger=o,this.internalStorage=new Lo,this.browserStorage=rc(e,t.cacheLocation,o,i),this.temporaryCacheStorage=rc(e,t.temporaryCacheLocation,o,i),this.cookieStorage=new mh,this.performanceClient=i,this.eventHandler=s}async initialize(e){await this.browserStorage.initialize(e)}validateAndParseJson(e){try{const t=JSON.parse(e);return t&&typeof t=="object"?t:null}catch{return null}}getAccount(e){this.logger.trace("BrowserCacheManager.getAccount called");const t=this.browserStorage.getUserData(e);if(!t)return this.removeAccountKeyFromMap(e),null;const r=this.validateAndParseJson(t);return!r\|\|!Oe.isAccountEntity(r)?(this.removeAccountKeyFromMap(e),null):vi.toObject(new Oe,r)}async setAccount(e,t){this.logger.trace("BrowserCacheManager.setAccount called");const r=e.generateAccountKey();await T(this.browserStorage.setUserData.bind(this.browserStorage),f.SetUserData,this.logger,this.performanceClient)(r,JSON.stringify(e),t);const o=this.addAccountKeyToMap(r);this.cacheConfig.cacheLocation===we.LocalStorage&&o&&this.eventHandler.emitEvent(N.ACCOUNT_ADDED,void 0,e.getAccountInfo())}getAccountKeys(){return Oi(this.browserStorage)}addAccountKeyToMap(e){this.logger.trace("BrowserCacheManager.addAccountKeyToMap called"),this.logger.tracePii(`BrowserCacheManager.addAccountKeyToMap called with key: ${e}`);const t=this.getAccountKeys();return t.indexOf(e)===-1?(t.push(e),this.browserStorage.setItem($t.ACCOUNT_KEYS,JSON.stringify(t)),this.logger.verbose("BrowserCacheManager.addAccountKeyToMap account key added"),!0):(this.logger.verbose("BrowserCacheManager.addAccountKeyToMap account key already exists in map"),!1)}removeAccountKeyFromMap(e){this.logger.trace("BrowserCacheManager.removeAccountKeyFromMap called"),this.logger.tracePii(`BrowserCacheManager.removeAccountKeyFromMap called with key: ${e}`);const t=this.getAccountKeys(),r=t.indexOf(e);r>-1?(t.splice(r,1),this.browserStorage.setItem($t.ACCOUNT_KEYS,JSON.stringify(t)),this.logger.trace("BrowserCacheManager.removeAccountKeyFromMap account key removed")):this.logger.trace("BrowserCacheManager.removeAccountKeyFromMap key not found in existing map")}async removeAccount(e){super.removeAccount(e),this.removeAccountKeyFromMap(e)}async removeAccountContext(e){await super.removeAccountContext(e),this.cacheConfig.cacheLocation===we.LocalStorage&&this.eventHandler.emitEvent(N.ACCOUNT_REMOVED,void 0,e.getAccountInfo())}removeIdToken(e){super.removeIdToken(e),this.removeTokenKey(e,B.ID_TOKEN)}async removeAccessToken(e){super.removeAccessToken(e),this.removeTokenKey(e,B.ACCESS_TOKEN)}removeRefreshToken(e){super.removeRefreshToken(e),this.removeTokenKey(e,B.REFRESH_TOKEN)}getTokenKeys(){return Pi(this.clientId,this.browserStorage)}addTokenKey(e,t){this.logger.trace("BrowserCacheManager addTokenKey called");const r=this.getTokenKeys();switch(t){case B.ID_TOKEN:r.idToken.indexOf(e)===-1&&(this.logger.info("BrowserCacheManager: addTokenKey - idToken added to map"),r.idToken.push(e));break;case B.ACCESS_TOKEN:r.accessToken.indexOf(e)===-1&&(this.logger.info("BrowserCacheManager: addTokenKey - accessToken added to map"),r.accessToken.push(e));break;case B.REFRESH_TOKEN:r.refreshToken.indexOf(e)===-1&&(this.logger.info("BrowserCacheManager: addTokenKey - refreshToken added to map"),r.refreshToken.push(e));break;default:throw this.logger.error(`BrowserCacheManager:addTokenKey - CredentialType provided invalid. CredentialType: ${t}`),v(Ti)}this.browserStorage.setItem(`${$t.TOKEN_KEYS}.${this.clientId}`,JSON.stringify(r))}removeTokenKey(e,t){this.logger.trace("BrowserCacheManager removeTokenKey called");const r=this.getTokenKeys();switch(t){case B.ID_TOKEN:this.logger.infoPii(`BrowserCacheManager: removeTokenKey - attempting to remove idToken with key: ${e} from map`);const o=r.idToken.indexOf(e);o>-1?(this.logger.info("BrowserCacheManager: removeTokenKey - idToken removed from map"),r.idToken.splice(o,1)):this.logger.info("BrowserCacheManager: removeTokenKey - idToken does not exist in map. Either it was previously removed or it was never added.");break;case B.ACCESS_TOKEN:this.logger.infoPii(`BrowserCacheManager: removeTokenKey - attempting to remove accessToken with key: ${e} from map`);const i=r.accessToken.indexOf(e);i>-1?(this.logger.info("BrowserCacheManager: removeTokenKey - accessToken removed from map"),r.accessToken.splice(i,1)):this.logger.info("BrowserCacheManager: removeTokenKey - accessToken does not exist in map. Either it was previously removed or it was never added.");break;case B.REFRESH_TOKEN:this.logger.infoPii(`BrowserCacheManager: removeTokenKey - attempting to remove refreshToken with key: ${e} from map`);const s=r.refreshToken.indexOf(e);s>-1?(this.logger.info("BrowserCacheManager: removeTokenKey - refreshToken removed from map"),r.refreshToken.splice(s,1)):this.logger.info("BrowserCacheManager: removeTokenKey - refreshToken does not exist in map. Either it was previously removed or it was never added.");break;default:throw this.logger.error(`BrowserCacheManager:removeTokenKey - CredentialType provided invalid. CredentialType: ${t}`),v(Ti)}this.browserStorage.setItem(`${$t.TOKEN_KEYS}.${this.clientId}`,JSON.stringify(r))}getIdTokenCredential(e){const t=this.browserStorage.getUserData(e);if(!t)return this.logger.trace("BrowserCacheManager.getIdTokenCredential: called, no cache hit"),this.removeTokenKey(e,B.ID_TOKEN),null;const r=this.validateAndParseJson(t);return!r\|\|!pg(r)?(this.logger.trace("BrowserCacheManager.getIdTokenCredential: called, no cache hit"),this.removeTokenKey(e,B.ID_TOKEN),null):(this.logger.trace("BrowserCacheManager.getIdTokenCredential: cache hit"),r)}async setIdTokenCredential(e,t){this.logger.trace("BrowserCacheManager.setIdTokenCredential called");const r=ir(e);await T(this.browserStorage.setUserData.bind(this.browserStorage),f.SetUserData,this.logger,this.performanceClient)(r,JSON.stringify(e),t),this.addTokenKey(r,B.ID_TOKEN)}getAccessTokenCredential(e){const t=this.browserStorage.getUserData(e);if(!t)return this.logger.trace("BrowserCacheManager.getAccessTokenCredential: called, no cache hit"),this.removeTokenKey(e,B.ACCESS_TOKEN),null;const r=this.validateAndParseJson(t);return!r\|\|!gg(r)?(this.logger.trace("BrowserCacheManager.getAccessTokenCredential: called, no cache hit"),this.removeTokenKey(e,B.ACCESS_TOKEN),null):(this.logger.trace("BrowserCacheManager.getAccessTokenCredential: cache hit"),r)}async setAccessTokenCredential(e,t){this.logger.trace("BrowserCacheManager.setAccessTokenCredential called");const r=ir(e);await T(this.browserStorage.setUserData.bind(this.browserStorage),f.SetUserData,this.logger,this.performanceClient)(r,JSON.stringify(e),t),this.addTokenKey(r,B.ACCESS_TOKEN)}getRefreshTokenCredential(e){const t=this.browserStorage.getUserData(e);if(!t)return this.logger.trace("BrowserCacheManager.getRefreshTokenCredential: called, no cache hit"),this.removeTokenKey(e,B.REFRESH_TOKEN),null;const r=this.validateAndParseJson(t);return!r\|\|!mg(r)?(this.logger.trace("BrowserCacheManager.getRefreshTokenCredential: called, no cache hit"),this.removeTokenKey(e,B.REFRESH_TOKEN),null):(this.logger.trace("BrowserCacheManager.getRefreshTokenCredential: cache hit"),r)}async setRefreshTokenCredential(e,t){this.logger.trace("BrowserCacheManager.setRefreshTokenCredential called");const r=ir(e);await T(this.browserStorage.setUserData.bind(this.browserStorage),f.SetUserData,this.logger,this.performanceClient)(r,JSON.stringify(e),t),this.addTokenKey(r,B.REFRESH_TOKEN)}getAppMetadata(e){const t=this.browserStorage.getItem(e);if(!t)return this.logger.trace("BrowserCacheManager.getAppMetadata: called, no cache hit"),null;const r=this.validateAndParseJson(t);return!r\|\|!_g(e,r)?(this.logger.trace("BrowserCacheManager.getAppMetadata: called, no cache hit"),null):(this.logger.trace("BrowserCacheManager.getAppMetadata: cache hit"),r)}setAppMetadata(e){this.logger.trace("BrowserCacheManager.setAppMetadata called");const t=Eg(e);this.browserStorage.setItem(t,JSON.stringify(e))}getServerTelemetry(e){const t=this.browserStorage.getItem(e);if(!t)return this.logger.trace("BrowserCacheManager.getServerTelemetry: called, no cache hit"),null;const r=this.validateAndParseJson(t);return!r\|\|!wg(e,r)?(this.logger.trace("BrowserCacheManager.getServerTelemetry: called, no cache hit"),null):(this.logger.trace("BrowserCacheManager.getServerTelemetry: cache hit"),r)}setServerTelemetry(e,t){this.logger.trace("BrowserCacheManager.setServerTelemetry called"),this.browserStorage.setItem(e,JSON.stringify(t))}getAuthorityMetadata(e){const t=this.internalStorage.getItem(e);if(!t)return this.logger.trace("BrowserCacheManager.getAuthorityMetadata: called, no cache hit"),null;const r=this.validateAndParseJson(t);return r&&Sg(e,r)?(this.logger.trace("BrowserCacheManager.getAuthorityMetadata: cache hit"),r):null}getAuthorityMetadataKeys(){return this.internalStorage.getKeys().filter(t=>this.isAuthorityMetadata(t))}setWrapperMetadata(e,t){this.internalStorage.setItem(Nr.WRAPPER_SKU,e),this.internalStorage.setItem(Nr.WRAPPER_VER,t)}getWrapperMetadata(){const e=this.internalStorage.getItem(Nr.WRAPPER_SKU)\|\|C.EMPTY_STRING,t=this.internalStorage.getItem(Nr.WRAPPER_VER)\|\|C.EMPTY_STRING;return[e,t]}setAuthorityMetadata(e,t){this.logger.trace("BrowserCacheManager.setAuthorityMetadata called"),this.internalStorage.setItem(e,JSON.stringify(t))}getActiveAccount(){const e=this.generateCacheKey(Oa.ACTIVE_ACCOUNT_FILTERS),t=this.browserStorage.getItem(e);if(!t)return this.logger.trace("BrowserCacheManager.getActiveAccount: No active account filters found"),null;const r=this.validateAndParseJson(t);return r?(this.logger.trace("BrowserCacheManager.getActiveAccount: Active account filters schema found"),this.getAccountInfoFilteredBy({homeAccountId:r.homeAccountId,localAccountId:r.localAccountId,tenantId:r.tenantId})):(this.logger.trace("BrowserCacheManager.getActiveAccount: No active account found"),null)}setActiveAccount(e){const t=this.generateCacheKey(Oa.ACTIVE_ACCOUNT_FILTERS);if(e){this.logger.verbose("setActiveAccount: Active account set");const r={homeAccountId:e.homeAccountId,localAccountId:e.localAccountId,tenantId:e.tenantId};this.browserStorage.setItem(t,JSON.stringify(r))}else this.logger.verbose("setActiveAccount: No account passed, active account not set"),this.browserStorage.removeItem(t);this.eventHandler.emitEvent(N.ACTIVE_ACCOUNT_CHANGED)}getThrottlingCache(e){const t=this.browserStorage.getItem(e);if(!t)return this.logger.trace("BrowserCacheManager.getThrottlingCache: called, no cache hit"),null;const r=this.validateAndParseJson(t);return!r\|\|!Ig(e,r)?(this.logger.trace("BrowserCacheManager.getThrottlingCache: called, no cache hit"),null):(this.logger.trace("BrowserCacheManager.getThrottlingCache: cache hit"),r)}setThrottlingCache(e,t){this.logger.trace("BrowserCacheManager.setThrottlingCache called"),this.browserStorage.setItem(e,JSON.stringify(t))}getTemporaryCache(e,t){const r=t?this.generateCacheKey(e):e;if(this.cacheConfig.storeAuthStateInCookie){const i=this.cookieStorage.getItem(r);if(i)return this.logger.trace("BrowserCacheManager.getTemporaryCache: storeAuthStateInCookies set to true, retrieving from cookies"),i}const o=this.temporaryCacheStorage.getItem(r);if(!o){if(this.cacheConfig.cacheLocation===we.LocalStorage){const i=this.browserStorage.getItem(r);if(i)return this.logger.trace("BrowserCacheManager.getTemporaryCache: Temporary cache item found in local storage"),i}return this.logger.trace("BrowserCacheManager.getTemporaryCache: No cache item found in local storage"),null}return this.logger.trace("BrowserCacheManager.getTemporaryCache: Temporary cache item returned"),o}setTemporaryCache(e,t,r){const o=r?this.generateCacheKey(e):e;this.temporaryCacheStorage.setItem(o,t),this.cacheConfig.storeAuthStateInCookie&&(this.logger.trace("BrowserCacheManager.setTemporaryCache: storeAuthStateInCookie set to true, setting item cookie"),this.cookieStorage.setItem(o,t,void 0,this.cacheConfig.secureCookies))}removeItem(e){this.browserStorage.removeItem(e)}removeTemporaryItem(e){this.temporaryCacheStorage.removeItem(e),this.cacheConfig.storeAuthStateInCookie&&(this.logger.trace("BrowserCacheManager.removeItem: storeAuthStateInCookie is true, clearing item cookie"),this.cookieStorage.removeItem(e))}getKeys(){return this.browserStorage.getKeys()}async clear(){await this.removeAllAccounts(),this.removeAppMetadata(),this.temporaryCacheStorage.getKeys().forEach(e=>{(e.indexOf(C.CACHE_PREFIX)!==-1\|\|e.indexOf(this.clientId)!==-1)&&this.removeTemporaryItem(e)}),this.browserStorage.getKeys().forEach(e=>{(e.indexOf(C.CACHE_PREFIX)!==-1\|\|e.indexOf(this.clientId)!==-1)&&this.browserStorage.removeItem(e)}),this.internalStorage.clear()}async clearTokensAndKeysWithClaims(e,t){e.addQueueMeasurement(f.ClearTokensAndKeysWithClaims,t);const r=this.getTokenKeys(),o=[];r.accessToken.forEach(i=>{const s=this.getAccessTokenCredential(i);s!=null&&s.requestedClaimsHash&&i.includes(s.requestedClaimsHash.toLowerCase())&&o.push(this.removeAccessToken(i))}),await Promise.all(o),o.length>0&&this.logger.warning(`${o.length} access tokens with claims in the cache keys have been removed from the cache.`)}generateCacheKey(e){return this.validateAndParseJson(e)?JSON.stringify(e):at.startsWith(e,C.CACHE_PREFIX)?e:`${C.CACHE_PREFIX}.${this.clientId}.${e}`}resetRequestCache(){this.logger.trace("BrowserCacheManager.resetRequestCache called"),this.removeTemporaryItem(this.generateCacheKey(ge.REQUEST_PARAMS)),this.removeTemporaryItem(this.generateCacheKey(ge.VERIFIER)),this.removeTemporaryItem(this.generateCacheKey(ge.ORIGIN_URI)),this.removeTemporaryItem(this.generateCacheKey(ge.URL_HASH)),this.removeTemporaryItem(this.generateCacheKey(ge.NATIVE_REQUEST)),this.setInteractionInProgress(!1)}cacheAuthorizeRequest(e,t){this.logger.trace("BrowserCacheManager.cacheAuthorizeRequest called");const r=mr(JSON.stringify(e));if(this.setTemporaryCache(ge.REQUEST_PARAMS,r,!0),t){const o=mr(t);this.setTemporaryCache(ge.VERIFIER,o,!0)}}getCachedRequest(){this.logger.trace("BrowserCacheManager.getCachedRequest called");const e=this.getTemporaryCache(ge.REQUEST_PARAMS,!0);if(!e)throw P(Gd);const t=this.getTemporaryCache(ge.VERIFIER,!0);let r,o="";try{r=JSON.parse(ct(e)),t&&(o=ct(t))}catch(i){throw this.logger.errorPii(`Attempted to parse: ${e}`),this.logger.error(`Parsing cached token request threw with error: ${i}`),P($d)}return[r,o]}getCachedNativeRequest(){this.logger.trace("BrowserCacheManager.getCachedNativeRequest called");const e=this.getTemporaryCache(ge.NATIVE_REQUEST,!0);if(!e)return this.logger.trace("BrowserCacheManager.getCachedNativeRequest: No cached native request found"),null;const t=this.validateAndParseJson(e);return t\|\|(this.logger.error("BrowserCacheManager.getCachedNativeRequest: Unable to parse native request"),null)}isInteractionInProgress(e){const t=this.getInteractionInProgress();return e?t===this.clientId:!!t}getInteractionInProgress(){const e=`${C.CACHE_PREFIX}.${ge.INTERACTION_STATUS_KEY}`;return this.getTemporaryCache(e,!1)}setInteractionInProgress(e){const t=`${C.CACHE_PREFIX}.${ge.INTERACTION_STATUS_KEY}`;if(e){if(this.getInteractionInProgress())throw P(xd);this.setTemporaryCache(t,this.clientId,!1)}else!e&&this.getInteractionInProgress()===this.clientId&&this.removeTemporaryItem(t)}async hydrateCache(e,t){var a,c,d;const r=Ao((a=e.account)==null?void 0:a.homeAccountId,(c=e.account)==null?void 0:c.environment,e.idToken,this.clientId,e.tenantId);let o;t.claims&&(o=await this.cryptoImpl.hashString(t.claims));const i=vo((d=e.account)==null?void 0:d.homeAccountId,e.account.environment,e.accessToken,this.clientId,e.tenantId,e.scopes.join(" "),e.expiresOn?Ha(e.expiresOn):0,e.extExpiresOn?Ha(e.extExpiresOn):0,ct,void 0,e.tokenType,void 0,t.sshKid,t.claims,o),s={idToken:r,accessToken:i};return this.saveCacheRecord(s,e.correlationId)}async saveCacheRecord(e,t,r){try{await super.saveCacheRecord(e,t,r)}catch(o){if(o instanceof Hn&&this.performanceClient&&t)try{const i=this.getTokenKeys();this.performanceClient.addFields({cacheRtCount:i.refreshToken.length,cacheIdCount:i.idToken.length,cacheAtCount:i.accessToken.length},t)}catch{}throw o}}}function rc(n,e,t,r){try{switch(e){case we.LocalStorage:return new nC(n,t,r);case we.SessionStorage:return new rC;case we.MemoryStorage:default:break}}catch(o){t.error(o)}return new Lo}const Ch=(n,e,t,r)=>{const o={cacheLocation:we.MemoryStorage,temporaryCacheLocation:we.MemoryStorage,storeAuthStateInCookie:!1,secureCookies:!1,cacheMigrationEnabled:!1,claimsBasedCachingEnabled:!1};return new ao(n,o,ur,e,t,r)};/! @azure/msal-browser v4.9.0 2025-03-25 /function yh(n,e,t,r){return n.verbose("getAllAccounts called"),t?e.getAllAccounts(r):[]}function Ni(n,e,t){if(e.trace("getAccount called"),Object.keys(n).length===0)return e.warning("getAccount: No accountFilter provided"),null;const r=t.getAccountInfoFilteredBy(n);return r?(e.verbose("getAccount: Account matching provided filter found, returning"),r):(e.verbose("getAccount: No matching account found, returning null"),null)}function Th(n,e,t){if(e.trace("getAccountByUsername called"),!n)return e.warning("getAccountByUsername: No username provided"),null;const r=t.getAccountInfoFilteredBy({username:n});return r?(e.verbose("getAccountByUsername: Account matching username found, returning"),e.verbosePii(`getAccountByUsername: Returning signed-in accounts matching username: ${n}`),r):(e.verbose("getAccountByUsername: No matching account found, returning null"),null)}function Ah(n,e,t){if(e.trace("getAccountByHomeId called"),!n)return e.warning("getAccountByHomeId: No homeAccountId provided"),null;const r=t.getAccountInfoFilteredBy({homeAccountId:n});return r?(e.verbose("getAccountByHomeId: Account matching homeAccountId found, returning"),e.verbosePii(`getAccountByHomeId: Returning signed-in accounts matching homeAccountId: ${n}`),r):(e.verbose("getAccountByHomeId: No matching account found, returning null"),null)}function vh(n,e,t){if(e.trace("getAccountByLocalId called"),!n)return e.warning("getAccountByLocalId: No localAccountId provided"),null;const r=t.getAccountInfoFilteredBy({localAccountId:n});return r?(e.verbose("getAccountByLocalId: Account matching localAccountId found, returning"),e.verbosePii(`getAccountByLocalId: Returning signed-in accounts matching localAccountId: ${n}`),r):(e.verbose("getAccountByLocalId: No matching account found, returning null"),null)}function wh(n,e){e.setActiveAccount(n)}function Ih(n){return n.getActiveAccount()}/! @azure/msal-browser v4.9.0 2025-03-25 /const oC="msal.broadcast.event";class Eh{constructor(e){this.eventCallbacks=new Map,this.logger=e\|\|new Ht({}),typeof BroadcastChannel<"u"&&(this.broadcastChannel=new BroadcastChannel(oC)),this.invokeCrossTabCallbacks=this.invokeCrossTabCallbacks.bind(this)}addEventCallback(e,t,r){if(typeof window<"u"){const o=r\|\|zm();return this.eventCallbacks.has(o)?(this.logger.error(`Event callback with id: ${o} is already registered. Please provide a unique id or remove the existing callback and try again.`),null):(this.eventCallbacks.set(o,[e,t\|\|[]]),this.logger.verbose(`Event callback registered with id: ${o}`),o)}return null}removeEventCallback(e){this.eventCallbacks.delete(e),this.logger.verbose(`Event callback ${e} removed.`)}emitEvent(e,t,r,o){var s;const i={eventType:e,interactionType:t\|\|null,payload:r\|\|null,error:o\|\|null,timestamp:Date.now()};switch(e){case N.ACCOUNT_ADDED:case N.ACCOUNT_REMOVED:case N.ACTIVE_ACCOUNT_CHANGED:(s=this.broadcastChannel)==null\|\|s.postMessage(i);break;default:this.invokeCallbacks(i);break}}invokeCallbacks(e){this.eventCallbacks.forEach(([t,r],o)=>{(r.length===0\|\|r.includes(e.eventType))&&(this.logger.verbose(`Emitting event to callback ${o}: ${e.eventType}`),t.apply(null,[e]))})}invokeCrossTabCallbacks(e){const t=e.data;this.invokeCallbacks(t)}subscribeCrossTab(){var e;(e=this.broadcastChannel)==null\|\|e.addEventListener("message",this.invokeCrossTabCallbacks)}unsubscribeCrossTab(){var e;(e=this.broadcastChannel)==null\|\|e.removeEventListener("message",this.invokeCrossTabCallbacks)}}/! @azure/msal-browser v4.9.0 2025-03-25 /class _h{constructor(e,t,r,o,i,s,a,c,d){this.config=e,this.browserStorage=t,this.browserCrypto=r,this.networkClient=this.config.system.networkClient,this.eventHandler=i,this.navigationClient=s,this.nativeMessageHandler=c,this.correlationId=d\|\|We(),this.logger=o.clone(He.MSAL_SKU,Gn,this.correlationId),this.performanceClient=a}async clearCacheOnLogout(e){if(e){Oe.accountInfoIsEqual(e,this.browserStorage.getActiveAccount(),!1)&&(this.logger.verbose("Setting active account to null"),this.browserStorage.setActiveAccount(null));try{await this.browserStorage.removeAccount(Oe.generateAccountCacheKey(e)),this.logger.verbose("Cleared cache items belonging to the account provided in the logout request.")}catch{this.logger.error("Account provided in logout request was not found. Local cache unchanged.")}}else try{this.logger.verbose("No account provided in logout request, clearing all cache items.",this.correlationId),await this.browserStorage.clear(),await this.browserCrypto.clearKeystore()}catch{this.logger.error("Attempted to clear all MSAL cache items and failed. Local cache unchanged.")}}getRedirectUri(e){this.logger.verbose("getRedirectUri called");const t=e\|\|this.config.auth.redirectUri;return Q.getAbsoluteUrl(t,Nt())}initializeServerTelemetryManager(e,t){this.logger.verbose("initializeServerTelemetryManager called");const r={clientId:this.config.auth.clientId,correlationId:this.correlationId,apiId:e,forceRefresh:t\|\|!1,wrapperSKU:this.browserStorage.getWrapperMetadata()[0],wrapperVer:this.browserStorage.getWrapperMetadata()[1]};return new gr(r,this.browserStorage)}async getDiscoveredAuthority(e){const{account:t}=e,r=e.requestExtraQueryParameters&&e.requestExtraQueryParameters.hasOwnProperty("instance_aware")?e.requestExtraQueryParameters.instance_aware:void 0;this.performanceClient.addQueueMeasurement(f.StandardInteractionClientGetDiscoveredAuthority,this.correlationId);const o={protocolMode:this.config.auth.protocolMode,OIDCOptions:this.config.auth.OIDCOptions,knownAuthorities:this.config.auth.knownAuthorities,cloudDiscoveryMetadata:this.config.auth.cloudDiscoveryMetadata,authorityMetadata:this.config.auth.authorityMetadata,skipAuthorityMetadataCache:this.config.auth.skipAuthorityMetadataCache},i=e.requestAuthority\|\|this.config.auth.authority,s=r!=null&&r.length?r==="true":this.config.auth.instanceAware,a=t&&s?this.config.auth.authority.replace(Q.getDomainFromUrl(i),t.environment):i,c=_e.generateAuthority(a,e.requestAzureCloudOptions\|\|this.config.auth.azureCloudOptions),d=await T(Td,f.AuthorityFactoryCreateDiscoveredInstance,this.logger,this.performanceClient,this.correlationId)(c,this.config.system.networkClient,this.browserStorage,o,this.logger,this.correlationId,this.performanceClient);if(t&&!d.isAlias(t.environment))throw oe(Yl);return d}}/! @azure/msal-browser v4.9.0 2025-03-25 /async function qs(n,e,t,r){t.addQueueMeasurement(f.InitializeBaseRequest,n.correlationId);const o=n.authority\|\|e.auth.authority,i=[...n&&n.scopes\|\|[]],s={...n,correlationId:n.correlationId,authority:o,scopes:i};if(!s.authenticationScheme)s.authenticationScheme=X.BEARER,r.verbose(`Authentication Scheme wasn't explicitly set in request, defaulting to "Bearer" request`);else{if(s.authenticationScheme===X.SSH){if(!n.sshJwk)throw oe(Eo);if(!n.sshKid)throw oe(Vl)}r.verbose(`Authentication Scheme set to "${s.authenticationScheme}" as configured in Auth request`)}return e.cache.claimsBasedCachingEnabled&&n.claims&&!at.isEmptyObj(n.claims)&&(s.requestedClaimsHash=await hh(n.claims)),s}async function iC(n,e,t,r,o){r.addQueueMeasurement(f.InitializeSilentRequest,n.correlationId);const i=await T(qs,f.InitializeBaseRequest,o,r,n.correlationId)(n,t,r,o);return{...n,...i,account:e,forceRefresh:n.forceRefresh\|\|!1}}/! @azure/msal-browser v4.9.0 2025-03-25 /class $n extends _h{initializeLogoutRequest(e){this.logger.verbose("initializeLogoutRequest called",e==null?void 0:e.correlationId);const t={correlationId:this.correlationId\|\|We(),...e};if(e)if(e.logoutHint)this.logger.verbose("logoutHint has already been set in logoutRequest");else if(e.account){const r=this.getLogoutHintFromIdTokenClaims(e.account);r&&(this.logger.verbose("Setting logoutHint to login_hint ID Token Claim value for the account provided"),t.logoutHint=r)}else this.logger.verbose("logoutHint was not set and account was not passed into logout request, logoutHint will not be set");else this.logger.verbose("logoutHint will not be set since no logout request was configured");return!e\|\|e.postLogoutRedirectUri!==null?e&&e.postLogoutRedirectUri?(this.logger.verbose("Setting postLogoutRedirectUri to uri set on logout request",t.correlationId),t.postLogoutRedirectUri=Q.getAbsoluteUrl(e.postLogoutRedirectUri,Nt())):this.config.auth.postLogoutRedirectUri===null?this.logger.verbose("postLogoutRedirectUri configured as null and no uri set on request, not passing post logout redirect",t.correlationId):this.config.auth.postLogoutRedirectUri?(this.logger.verbose("Setting postLogoutRedirectUri to configured uri",t.correlationId),t.postLogoutRedirectUri=Q.getAbsoluteUrl(this.config.auth.postLogoutRedirectUri,Nt())):(this.logger.verbose("Setting postLogoutRedirectUri to current page",t.correlationId),t.postLogoutRedirectUri=Q.getAbsoluteUrl(Nt(),Nt())):this.logger.verbose("postLogoutRedirectUri passed as null, not setting post logout redirect uri",t.correlationId),t}getLogoutHintFromIdTokenClaims(e){const t=e.idTokenClaims;if(t){if(t.login_hint)return t.login_hint;this.logger.verbose("The ID Token Claims tied to the provided account do not contain a login_hint claim, logoutHint will not be added to logout request")}else this.logger.verbose("The provided account does not contain ID Token Claims, logoutHint will not be added to logout request");return null}async createAuthCodeClient(e){this.performanceClient.addQueueMeasurement(f.StandardInteractionClientCreateAuthCodeClient,this.correlationId);const t=await T(this.getClientConfiguration.bind(this),f.StandardInteractionClientGetClientConfiguration,this.logger,this.performanceClient,this.correlationId)(e);return new Id(t,this.performanceClient)}async getClientConfiguration(e){const{serverTelemetryManager:t,requestAuthority:r,requestAzureCloudOptions:o,requestExtraQueryParameters:i,account:s}=e;this.performanceClient.addQueueMeasurement(f.StandardInteractionClientGetClientConfiguration,this.correlationId);const a=await T(this.getDiscoveredAuthority.bind(this),f.StandardInteractionClientGetDiscoveredAuthority,this.logger,this.performanceClient,this.correlationId)({requestAuthority:r,requestAzureCloudOptions:o,requestExtraQueryParameters:i,account:s}),c=this.config.system.loggerOptions;return{authOptions:{clientId:this.config.auth.clientId,authority:a,clientCapabilities:this.config.auth.clientCapabilities,redirectUri:this.config.auth.redirectUri},systemOptions:{tokenRenewalOffsetSeconds:this.config.system.tokenRenewalOffsetSeconds,preventCorsPreflight:!0},loggerOptions:{loggerCallback:c.loggerCallback,piiLoggingEnabled:c.piiLoggingEnabled,logLevel:c.logLevel,correlationId:this.correlationId},cacheOptions:{claimsBasedCachingEnabled:this.config.cache.claimsBasedCachingEnabled},cryptoInterface:this.browserCrypto,networkInterface:this.networkClient,storageInterface:this.browserStorage,serverTelemetryManager:t,libraryInfo:{sku:He.MSAL_SKU,version:Gn,cpu:C.EMPTY_STRING,os:C.EMPTY_STRING},telemetry:this.config.telemetry}}async initializeAuthorizationRequest(e,t){this.performanceClient.addQueueMeasurement(f.StandardInteractionClientInitializeAuthorizationRequest,this.correlationId);const r=this.getRedirectUri(e.redirectUri),o={interactionType:t},i=Kn.setRequestState(this.browserCrypto,e&&e.state\|\|C.EMPTY_STRING,o),a={...await T(qs,f.InitializeBaseRequest,this.logger,this.performanceClient,this.correlationId)({...e,correlationId:this.correlationId},this.config,this.performanceClient,this.logger),redirectUri:r,state:i,nonce:e.nonce\|\|We(),responseMode:this.config.auth.OIDCOptions.serverResponseType};if(e.loginHint\|\|e.sid)return a;const c=e.account\|\|this.browserStorage.getActiveAccount();return c&&(this.logger.verbose("Setting validated request account",this.correlationId),this.logger.verbosePii(`Setting validated request account: ${c.homeAccountId}`,this.correlationId),a.account=c),a}}/! @azure/msal-browser v4.9.0 2025-03-25 /const sC="ContentError",Sh="user_switch";/! @azure/msal-browser v4.9.0 2025-03-25 /const aC="USER_INTERACTION_REQUIRED",cC="USER_CANCEL",lC="NO_NETWORK",dC="PERSISTENT_ERROR",hC="DISABLED",uC="ACCOUNT_UNAVAILABLE";/! @azure/msal-browser v4.9.0 2025-03-25 /const fC=-2147186943,gC={[Sh]:"User attempted to switch accounts in the native broker, which is not allowed. All new accounts must sign-in through the standard web flow first, please try again."};class yt extends Z{constructor(e,t,r){super(e,t),Object.setPrototypeOf(this,yt.prototype),this.name="NativeAuthError",this.ext=r}}function Sn(n){if(n.ext&&n.ext.status&&(n.ext.status===dC\|\|n.ext.status===hC)\|\|n.ext&&n.ext.error&&n.ext.error===fC)return!0;switch(n.errorCode){case sC:return!0;default:return!1}}function Mi(n,e,t){if(t&&t.status)switch(t.status){case uC:return Ii(Ad);case aC:return new nt(n,e);case cC:return P(pr);case lC:return P(oo)}return new yt(n,gC[n]\|\|e,t)}/! @azure/msal-browser v4.9.0 2025-03-25 /class At{constructor(e,t,r,o){this.logger=e,this.handshakeTimeoutMs=t,this.extensionId=o,this.resolvers=new Map,this.handshakeResolvers=new Map,this.messageChannel=new MessageChannel,this.windowListener=this.onWindowMessage.bind(this),this.performanceClient=r,this.handshakeEvent=r.startMeasurement(f.NativeMessageHandlerHandshake)}async sendMessage(e){this.logger.trace("NativeMessageHandler - sendMessage called.");const t={channel:bn.CHANNEL_ID,extensionId:this.extensionId,responseId:We(),body:e};return this.logger.trace("NativeMessageHandler - Sending request to browser extension"),this.logger.tracePii(`NativeMessageHandler - Sending request to browser extension: ${JSON.stringify(t)}`),this.messageChannel.port1.postMessage(t),new Promise((r,o)=>{this.resolvers.set(t.responseId,{resolve:r,reject:o})})}static async createProvider(e,t,r){e.trace("NativeMessageHandler - createProvider called.");try{const o=new At(e,t,r,bn.PREFERRED_EXTENSION_ID);return await o.sendHandshakeRequest(),o}catch{const i=new At(e,t,r);return await i.sendHandshakeRequest(),i}}async sendHandshakeRequest(){this.logger.trace("NativeMessageHandler - sendHandshakeRequest called."),window.addEventListener("message",this.windowListener,!1);const e={channel:bn.CHANNEL_ID,extensionId:this.extensionId,responseId:We(),body:{method:ln.HandshakeRequest}};return this.handshakeEvent.add({extensionId:this.extensionId,extensionHandshakeTimeoutMs:this.handshakeTimeoutMs}),this.messageChannel.port1.onmessage=t=>{this.onChannelMessage(t)},window.postMessage(e,window.origin,[this.messageChannel.port2]),new Promise((t,r)=>{this.handshakeResolvers.set(e.responseId,{resolve:t,reject:r}),this.timeoutId=window.setTimeout(()=>{window.removeEventListener("message",this.windowListener,!1),this.messageChannel.port1.close(),this.messageChannel.port2.close(),this.handshakeEvent.end({extensionHandshakeTimedOut:!0,success:!1}),r(P(Jd)),this.handshakeResolvers.delete(e.responseId)},this.handshakeTimeoutMs)})}onWindowMessage(e){if(this.logger.trace("NativeMessageHandler - onWindowMessage called"),e.source!==window)return;const t=e.data;if(!(!t.channel\|\|t.channel!==bn.CHANNEL_ID)&&!(t.extensionId&&t.extensionId!==this.extensionId)&&t.body.method===ln.HandshakeRequest){const r=this.handshakeResolvers.get(t.responseId);if(!r){this.logger.trace(`NativeMessageHandler.onWindowMessage - resolver can't be found for request ${t.responseId}`);return}this.logger.verbose(t.extensionId?`Extension with id: ${t.extensionId} not installed`:"No extension installed"),clearTimeout(this.timeoutId),this.messageChannel.port1.close(),this.messageChannel.port2.close(),window.removeEventListener("message",this.windowListener,!1),this.handshakeEvent.end({success:!1,extensionInstalled:!1}),r.reject(P(Xd))}}onChannelMessage(e){this.logger.trace("NativeMessageHandler - onChannelMessage called.");const t=e.data,r=this.resolvers.get(t.responseId),o=this.handshakeResolvers.get(t.responseId);try{const i=t.body.method;if(i===ln.Response){if(!r)return;const s=t.body.response;if(this.logger.trace("NativeMessageHandler - Received response from browser extension"),this.logger.tracePii(`NativeMessageHandler - Received response from browser extension: ${JSON.stringify(s)}`),s.status!=="Success")r.reject(Mi(s.code,s.description,s.ext));else if(s.result)s.result.code&&s.result.description?r.reject(Mi(s.result.code,s.result.description,s.result.ext)):r.resolve(s.result);else throw fl(es,"Event does not contain result.");this.resolvers.delete(t.responseId)}else if(i===ln.HandshakeResponse){if(!o){this.logger.trace(`NativeMessageHandler.onChannelMessage - resolver can't be found for request ${t.responseId}`);return}clearTimeout(this.timeoutId),window.removeEventListener("message",this.windowListener,!1),this.extensionId=t.extensionId,this.extensionVersion=t.body.version,this.logger.verbose(`NativeMessageHandler - Received HandshakeResponse from extension: ${this.extensionId}`),this.handshakeEvent.end({extensionInstalled:!0,success:!0}),o.resolve(),this.handshakeResolvers.delete(t.responseId)}}catch(i){this.logger.error("Error parsing response from WAM Extension"),this.logger.errorPii(`Error parsing response from WAM Extension: ${i}`),this.logger.errorPii(`Unable to parse ${e}`),r?r.reject(i):o&&o.reject(i)}}getExtensionId(){return this.extensionId}getExtensionVersion(){return this.extensionVersion}static isPlatformBrokerAvailable(e,t,r,o){if(t.trace("isPlatformBrokerAvailable called"),!e.system.allowPlatformBroker)return t.trace("isPlatformBrokerAvailable: allowPlatformBroker is not enabled, returning false"),!1;if(!r)return t.trace("isPlatformBrokerAvailable: Platform extension provider is not initialized, returning false"),!1;if(o)switch(o){case X.BEARER:case X.POP:return t.trace("isPlatformBrokerAvailable: authenticationScheme is supported, returning true"),!0;default:return t.trace("isPlatformBrokerAvailable: authenticationScheme is not supported, returning false"),!1}return!0}}/! @azure/msal-browser v4.9.0 2025-03-25 /function pC(n,e){if(!e)return null;try{return Kn.parseRequestState(n,e).libraryState.meta}catch{throw v(Un)}}/! @azure/msal-browser v4.9.0 2025-03-25 /function co(n,e,t){const r=Xr(n);if(!r)throw Jl(n)?(t.error(`A ${e} is present in the iframe but it does not contain known properties. It's likely that the ${e} has been replaced by code running on the redirectUri page.`),t.errorPii(`The ${e} detected is: ${n}`),P(Pd)):(t.error(`The request has returned to the redirectUri but a ${e} is not present. It's likely that the ${e} has been removed or the page has been redirected by code running on the redirectUri page.`),P(Od));return r}function mC(n,e,t){if(!n.state)throw P(Ps);const r=pC(e,n.state);if(!r)throw P(Nd);if(r.interactionType!==t)throw P(Md)}/! @azure/msal-browser v4.9.0 2025-03-25 /class bh{constructor(e,t,r,o,i){this.authModule=e,this.browserStorage=t,this.authCodeRequest=r,this.logger=o,this.performanceClient=i}async handleCodeResponse(e,t){this.performanceClient.addQueueMeasurement(f.HandleCodeResponse,t.correlationId);let r;try{r=nm(e,t.state)}catch(o){throw o instanceof en&&o.subError===pr?P(pr):o}return T(this.handleCodeResponseFromServer.bind(this),f.HandleCodeResponseFromServer,this.logger,this.performanceClient,t.correlationId)(r,t)}async handleCodeResponseFromServer(e,t,r=!0){if(this.performanceClient.addQueueMeasurement(f.HandleCodeResponseFromServer,t.correlationId),this.logger.trace("InteractionHandler.handleCodeResponseFromServer called"),this.authCodeRequest.code=e.code,e.cloud_instance_host_name&&await T(this.authModule.updateAuthority.bind(this.authModule),f.UpdateTokenEndpointAuthority,this.logger,this.performanceClient,t.correlationId)(e.cloud_instance_host_name,t.correlationId),r&&(e.nonce=t.nonce\|\|void 0),e.state=t.state,e.client_info)this.authCodeRequest.clientInfo=e.client_info;else{const i=this.createCcsCredentials(t);i&&(this.authCodeRequest.ccsCredential=i)}return await T(this.authModule.acquireToken.bind(this.authModule),f.AuthClientAcquireToken,this.logger,this.performanceClient,t.correlationId)(this.authCodeRequest,e)}createCcsCredentials(e){return e.account?{credential:e.account.homeAccountId,type:it.HOME_ACCOUNT_ID}:e.loginHint?{credential:e.loginHint,type:it.UPN}:null}}/! @azure/msal-browser v4.9.0 2025-03-25 /class kh extends $n{async acquireToken(e){this.performanceClient.addQueueMeasurement(f.SilentCacheClientAcquireToken,e.correlationId);const t=this.initializeServerTelemetryManager(se.acquireTokenSilent_silentFlow),r=await T(this.getClientConfiguration.bind(this),f.StandardInteractionClientGetClientConfiguration,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:t,requestAuthority:e.authority,requestAzureCloudOptions:e.azureCloudOptions,account:e.account}),o=new Zp(r,this.performanceClient);this.logger.verbose("Silent auth client created");try{const s=(await T(o.acquireCachedToken.bind(o),f.SilentFlowClientAcquireCachedToken,this.logger,this.performanceClient,e.correlationId)(e))[0];return this.performanceClient.addFields({fromCache:!0},e.correlationId),s}catch(i){throw i instanceof Tr&&i.errorCode===Ns&&this.logger.verbose("Signing keypair for bound access token not found. Refreshing bound access token and generating a new crypto keypair."),i}}logout(e){this.logger.verbose("logoutRedirect called");const t=this.initializeLogoutRequest(e);return this.clearCacheOnLogout(t==null?void 0:t.account)}}/! @azure/msal-browser v4.9.0 2025-03-25 /class Kr extends _h{constructor(e,t,r,o,i,s,a,c,d,l,h,p){var b;super(e,t,r,o,i,s,c,d,p),this.apiId=a,this.accountId=l,this.nativeMessageHandler=d,this.nativeStorageManager=h,this.silentCacheClient=new kh(e,this.nativeStorageManager,r,o,i,s,c,d,p);const y=this.nativeMessageHandler.getExtensionId()===bn.PREFERRED_EXTENSION_ID?"chrome":(b=this.nativeMessageHandler.getExtensionId())!=null&&b.length?"unknown":void 0;this.skus=gr.makeExtraSkuString({libraryName:He.MSAL_SKU,libraryVersion:Gn,extensionName:y,extensionVersion:this.nativeMessageHandler.getExtensionVersion()})}addRequestSKUs(e){e.extraParameters={...e.extraParameters,[wp]:this.skus}}async acquireToken(e,t){this.performanceClient.addQueueMeasurement(f.NativeInteractionClientAcquireToken,e.correlationId),this.logger.trace("NativeInteractionClient - acquireToken called.");const r=this.performanceClient.startMeasurement(f.NativeInteractionClientAcquireToken,e.correlationId),o=Fe(),i=this.initializeServerTelemetryManager(this.apiId);try{const s=await this.initializeNativeRequest(e);try{const h=await this.acquireTokensFromCache(this.accountId,s);return r.end({success:!0,isNativeBroker:!1,fromCache:!0}),h}catch(h){if(t===ye.AccessToken)throw this.logger.info("MSAL internal Cache does not contain tokens, return error as per cache policy"),h;this.logger.info("MSAL internal Cache does not contain tokens, proceed to make a native call")}const{...a}=s,c={method:ln.GetToken,request:a},d=await this.nativeMessageHandler.sendMessage(c),l=this.validateNativeResponse(d);return await this.handleNativeResponse(l,s,o).then(h=>(r.end({success:!0,isNativeBroker:!0,requestId:h.requestId}),i.clearNativeBrokerErrorCode(),h)).catch(h=>{throw r.end({success:!1,errorCode:h.errorCode,subErrorCode:h.subError,isNativeBroker:!0}),h})}catch(s){throw s instanceof yt&&i.setNativeBrokerErrorCode(s.errorCode),s}}createSilentCacheRequest(e,t){return{authority:e.authority,correlationId:this.correlationId,scopes:fe.fromString(e.scope).asArray(),account:t,forceRefresh:!1}}async acquireTokensFromCache(e,t){if(!e)throw this.logger.warning("NativeInteractionClient:acquireTokensFromCache - No nativeAccountId provided"),v(Yr);const r=this.browserStorage.getBaseAccountInfo({nativeAccountId:e});if(!r)throw v(Yr);try{const o=this.createSilentCacheRequest(t,r),i=await this.silentCacheClient.acquireToken(o),s={...r,idTokenClaims:i==null?void 0:i.idTokenClaims,idToken:i==null?void 0:i.idToken};return{...i,account:s}}catch(o){throw o}}async acquireTokenRedirect(e,t){this.logger.trace("NativeInteractionClient - acquireTokenRedirect called.");const{...r}=e;delete r.onRedirectNavigate;const o=await this.initializeNativeRequest(r),i={method:ln.GetToken,request:o};try{const c=await this.nativeMessageHandler.sendMessage(i);this.validateNativeResponse(c)}catch(c){if(c instanceof yt&&(this.initializeServerTelemetryManager(this.apiId).setNativeBrokerErrorCode(c.errorCode),Sn(c)))throw c}this.browserStorage.setTemporaryCache(ge.NATIVE_REQUEST,JSON.stringify(o),!0);const s={apiId:se.acquireTokenRedirect,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},a=this.config.auth.navigateToLoginRequestUrl?window.location.href:this.getRedirectUri(e.redirectUri);t.end({success:!0}),await this.navigationClient.navigateExternal(a,s)}async handleRedirectPromise(e,t){if(this.logger.trace("NativeInteractionClient - handleRedirectPromise called."),!this.browserStorage.isInteractionInProgress(!0))return this.logger.info("handleRedirectPromise called but there is no interaction in progress, returning null."),null;const r=this.browserStorage.getCachedNativeRequest();if(!r)return this.logger.verbose("NativeInteractionClient - handleRedirectPromise called but there is no cached request, returning null."),e&&t&&(e==null\|\|e.addFields({errorCode:"no_cached_request"},t)),null;const{prompt:o,...i}=r;o&&this.logger.verbose("NativeInteractionClient - handleRedirectPromise called and prompt was included in the original request, removing prompt from cached request to prevent second interaction with native broker window."),this.browserStorage.removeItem(this.browserStorage.generateCacheKey(ge.NATIVE_REQUEST));const s={method:ln.GetToken,request:i},a=Fe();try{this.logger.verbose("NativeInteractionClient - handleRedirectPromise sending message to native broker.");const c=await this.nativeMessageHandler.sendMessage(s);this.validateNativeResponse(c);const l=await this.handleNativeResponse(c,i,a);return this.initializeServerTelemetryManager(this.apiId).clearNativeBrokerErrorCode(),l}catch(c){throw c}}logout(){return this.logger.trace("NativeInteractionClient - logout called."),Promise.reject("Logout not implemented yet")}async handleNativeResponse(e,t,r){var l,h;this.logger.trace("NativeInteractionClient - handleNativeResponse called.");const o=Yt(e.id_token,ct),i=this.createHomeAccountIdentifier(e,o),s=(l=this.browserStorage.getAccountInfoFilteredBy({nativeAccountId:t.accountId}))==null?void 0:l.homeAccountId;if((h=t.extraParameters)!=null&&h.child_client_id&&e.account.id!==t.accountId)this.logger.info("handleNativeServerResponse: Double broker flow detected, ignoring accountId mismatch");else if(i!==s&&e.account.id!==t.accountId)throw Mi(Sh);const a=await this.getDiscoveredAuthority({requestAuthority:t.authority}),c=Ss(this.browserStorage,a,i,ct,o,e.client_info,void 0,o.tid,void 0,e.account.id,this.logger);e.expires_in=Number(e.expires_in);const d=await this.generateAuthenticationResult(e,t,o,c,a.canonicalAuthority,r);return await this.cacheAccount(c),await this.cacheNativeTokens(e,t,i,o,e.access_token,d.tenantId,r),d}createHomeAccountIdentifier(e,t){return Oe.generateHomeAccountId(e.client_info\|\|C.EMPTY_STRING,rt.Default,this.logger,this.browserCrypto,t)}generateScopes(e,t){return e.scope?fe.fromString(e.scope):fe.fromString(t.scope)}async generatePopAccessToken(e,t){if(t.tokenType===X.POP&&t.signPopToken){if(e.shr)return this.logger.trace("handleNativeServerResponse: SHR is enabled in native layer"),e.shr;const r=new Dn(this.browserCrypto),o={resourceRequestMethod:t.resourceRequestMethod,resourceRequestUri:t.resourceRequestUri,shrClaims:t.shrClaims,shrNonce:t.shrNonce};if(!t.keyId)throw v(ss);return r.signPopToken(e.access_token,t.keyId,o)}else return e.access_token}async generateAuthenticationResult(e,t,r,o,i,s){const a=this.addTelemetryFromNativeResponse(e),c=e.scope?fe.fromString(e.scope):fe.fromString(t.scope),d=e.account.properties\|\|{},l=d.UID\|\|r.oid\|\|r.sub\|\|C.EMPTY_STRING,h=d.TenantId\|\|r.tid\|\|C.EMPTY_STRING,p=us(o.getAccountInfo(),void 0,r,e.id_token);p.nativeAccountId!==e.account.id&&(p.nativeAccountId=e.account.id);const y=await this.generatePopAccessToken(e,t),b=t.tokenType===X.POP?X.POP:X.BEARER;return{authority:i,uniqueId:l,tenantId:h,scopes:c.asArray(),account:p,idToken:e.id_token,idTokenClaims:r,accessToken:y,fromCache:a?this.isResponseFromCache(a):!1,expiresOn:xt(s+e.expires_in),tokenType:b,correlationId:this.correlationId,state:e.state,fromNativeBroker:!0}}async cacheAccount(e){await this.browserStorage.setAccount(e,this.correlationId),this.browserStorage.removeAccountContext(e).catch(t=>{this.logger.error(`Error occurred while removing account context from browser storage. ${t}`)})}cacheNativeTokens(e,t,r,o,i,s,a){const c=Ao(r,t.authority,e.id_token\|\|"",t.clientId,o.tid\|\|""),d=t.tokenType===X.POP?C.SHR_NONCE_VALIDITY:(typeof e.expires_in=="string"?parseInt(e.expires_in,10):e.expires_in)\|\|0,l=a+d,h=this.generateScopes(e,t),p=vo(r,t.authority,i,t.clientId,o.tid\|\|s,h.printScopes(),l,0,ct,void 0,t.tokenType,void 0,t.keyId),y={idToken:c,accessToken:p};return this.nativeStorageManager.saveCacheRecord(y,this.correlationId,t.storeInCache)}addTelemetryFromNativeResponse(e){const t=this.getMATSFromResponse(e);return t?(this.performanceClient.addFields({extensionId:this.nativeMessageHandler.getExtensionId(),extensionVersion:this.nativeMessageHandler.getExtensionVersion(),matsBrokerVersion:t.broker_version,matsAccountJoinOnStart:t.account_join_on_start,matsAccountJoinOnEnd:t.account_join_on_end,matsDeviceJoin:t.device_join,matsPromptBehavior:t.prompt_behavior,matsApiErrorCode:t.api_error_code,matsUiVisible:t.ui_visible,matsSilentCode:t.silent_code,matsSilentBiSubCode:t.silent_bi_sub_code,matsSilentMessage:t.silent_message,matsSilentStatus:t.silent_status,matsHttpStatus:t.http_status,matsHttpEventCount:t.http_event_count},this.correlationId),t):null}validateNativeResponse(e){if(e.hasOwnProperty("access_token")&&e.hasOwnProperty("id_token")&&e.hasOwnProperty("client_info")&&e.hasOwnProperty("account")&&e.hasOwnProperty("scope")&&e.hasOwnProperty("expires_in"))return e;throw fl(es,"Response missing expected properties.")}getMATSFromResponse(e){if(e.properties.MATS)try{return JSON.parse(e.properties.MATS)}catch{this.logger.error("NativeInteractionClient - Error parsing MATS telemetry, returning null instead")}return null}isResponseFromCache(e){return typeof e.is_cached>"u"?(this.logger.verbose("NativeInteractionClient - MATS telemetry does not contain field indicating if response was served from cache. Returning false."),!1):!!e.is_cached}async initializeNativeRequest(e){this.logger.trace("NativeInteractionClient - initializeNativeRequest called");const t=e.authority\|\|this.config.auth.authority;e.account&&await this.getDiscoveredAuthority({requestAuthority:t,requestAzureCloudOptions:e.azureCloudOptions,account:e.account});const r=new Q(t);r.validateAsUri();const{scopes:o,...i}=e,s=new fe(o\|\|[]);s.appendScopes(yn);const a=()=>{switch(this.apiId){case se.ssoSilent:case se.acquireTokenSilent_silentFlow:return this.logger.trace("initializeNativeRequest: silent request sets prompt to none"),ve.NONE}if(!e.prompt){this.logger.trace("initializeNativeRequest: prompt was not provided");return}switch(e.prompt){case ve.NONE:case ve.CONSENT:case ve.LOGIN:return this.logger.trace("initializeNativeRequest: prompt is compatible with native flow"),e.prompt;default:throw this.logger.trace(`initializeNativeRequest: prompt = ${e.prompt} is not compatible with native flow`),P(Zd)}},c={...i,accountId:this.accountId,clientId:this.config.auth.clientId,authority:r.urlString,scope:s.printScopes(),redirectUri:this.getRedirectUri(e.redirectUri),prompt:a(),correlationId:this.correlationId,tokenType:e.authenticationScheme,windowTitleSubstring:document.title,extraParameters:{...e.extraQueryParameters,...e.tokenQueryParameters},extendedExpiryToken:!1,keyId:e.popKid};if(c.signPopToken&&e.popKid)throw P(th);if(this.handleExtraBrokerParams(c),c.extraParameters=c.extraParameters\|\|{},c.extraParameters.telemetry=bn.MATS_TELEMETRY,e.authenticationScheme===X.POP){const d={resourceRequestUri:e.resourceRequestUri,resourceRequestMethod:e.resourceRequestMethod,shrClaims:e.shrClaims,shrNonce:e.shrNonce},l=new Dn(this.browserCrypto);let h;if(c.keyId)h=this.browserCrypto.base64UrlEncode(JSON.stringify({kid:c.keyId})),c.signPopToken=!1;else{const p=await T(l.generateCnf.bind(l),f.PopTokenGenerateCnf,this.logger,this.performanceClient,e.correlationId)(d,this.logger);h=p.reqCnfString,c.keyId=p.kid,c.signPopToken=!0}c.reqCnf=h}return this.addRequestSKUs(c),c}handleExtraBrokerParams(e){var i;const t=e.extraParameters&&e.extraParameters.hasOwnProperty(eo)&&e.extraParameters.hasOwnProperty(to)&&e.extraParameters.hasOwnProperty(gn);if(!e.embeddedClientId&&!t)return;let r="";const o=e.redirectUri;e.embeddedClientId?(e.redirectUri=this.config.auth.redirectUri,r=e.embeddedClientId):e.extraParameters&&(e.redirectUri=e.extraParameters[to],r=e.extraParameters[gn]),e.extraParameters={child_client_id:r,child_redirect_uri:o},(i=this.performanceClient)==null\|\|i.addFields({embeddedClientId:r,embeddedRedirectUri:o},e.correlationId)}}/! @azure/msal-browser v4.9.0 2025-03-25 /async function Rh(n,e,t,r,o){const i=tm({...n.auth,authority:e},t,r,o);if(As(i,{sku:He.MSAL_SKU,version:Gn,os:"",cpu:""}),n.auth.protocolMode!==Ue.OIDC&&vs(i,n.telemetry.application),t.platformBroker&&(Sp(i),t.authenticationScheme===X.POP)){const s=new It(r,o),a=new Dn(s);let c;t.popKid?c=s.encodeKid(t.popKid):c=(await T(a.generateCnf.bind(a),f.PopTokenGenerateCnf,r,o,t.correlationId)(t,r)).reqCnfString,Is(i,c)}return So(i,t.correlationId,o),i}async function Vs(n,e,t,r,o){if(!t.codeChallenge)throw oe(Io);const i=await T(Rh,f.GetStandardParams,r,o,t.correlationId)(n,e,t,r,o);return sd(i,hl.CODE),Np(i,t.codeChallenge,C.S256_CODE_CHALLENGE_METHOD),hn(i,t.extraQueryParameters\|\|{}),Ed(e,i)}async function js(n,e,t,r,o,i){if(!r.earJwk)throw P(Os);const s=await Rh(e,t,r,o,i);sd(s,hl.IDTOKEN_TOKEN_REFRESHTOKEN),Up(s,r.earJwk);const a=new Map;hn(a,r.extraQueryParameters\|\|{});const c=Ed(t,a);return CC(n,c,s)}function CC(n,e,t){const r=n.createElement("form");return r.method="post",r.action=e,t.forEach((o,i)=>{const s=n.createElement("input");s.hidden=!0,s.name=i,s.value=o,r.appendChild(s)}),n.body.appendChild(r),r}async function Oh(n,e,t,r,o,i,s,a,c,d){if(!d)throw P(xs);const l=new It(a,c),h=new Kr(r,o,l,a,s,r.system.navigationClient,t,c,d,e,i,n.correlationId),{userRequestState:p}=Kn.parseRequestState(l,n.state);return T(h.acquireToken.bind(h),f.NativeInteractionClientAcquireToken,a,c,n.correlationId)({...n,state:p,prompt:void 0})}async function Ws(n,e,t,r,o,i,s,a,c,d,l,h){if(Ct.removeThrottle(s,o.auth.clientId,n),e.accountId)return T(Oh,f.HandleResponsePlatformBroker,d,l,n.correlationId)(n,e.accountId,r,o,s,a,c,d,l,h);const p={...n,code:e.code\|\|"",codeVerifier:t},y=new bh(i,s,p,d,l);return await T(y.handleCodeResponse.bind(y),f.HandleCodeResponse,d,l,n.correlationId)(e,n)}async function Ys(n,e,t,r,o,i,s,a,c,d,l){if(Ct.removeThrottle(i,r.auth.clientId,n),_d(e,n.state),!e.ear_jwe)throw P(Rd);if(!n.earJwk)throw P(Os);const h=JSON.parse(await T(Nm,f.DecryptEarResponse,c,d,n.correlationId)(n.earJwk,e.ear_jwe));if(h.accountId)return T(Oh,f.HandleResponsePlatformBroker,c,d,n.correlationId)(n,h.accountId,t,r,i,s,a,c,d,l);const p=new pn(r.auth.clientId,i,new It(c,d),c,null,null,d);p.validateTokenResponse(h);const y={code:"",state:n.state,nonce:n.nonce,client_info:h.client_info,cloud_graph_host_name:h.cloud_graph_host_name,cloud_instance_host_name:h.cloud_instance_host_name,cloud_instance_name:h.cloud_instance_name,msgraph_host:h.msgraph_host};return await T(p.handleServerTokenResponse.bind(p),f.HandleServerTokenResponse,c,d,n.correlationId)(h,o,Fe(),n,y,void 0,void 0,void 0,void 0)}/! @azure/msal-browser v4.9.0 2025-03-25 /const yC=32;async function Uo(n,e,t){n.addQueueMeasurement(f.GeneratePkceCodes,t);const r=lt(TC,f.GenerateCodeVerifier,e,n,t)(n,e,t),o=await T(AC,f.GenerateCodeChallengeFromVerifier,e,n,t)(r,n,e,t);return{verifier:r,challenge:o}}function TC(n,e,t){try{const r=new Uint8Array(yC);return lt(bm,f.GetRandomValues,e,n,t)(r),Qt(r)}catch{throw P(Rs)}}async function AC(n,e,t,r){e.addQueueMeasurement(f.GenerateCodeChallengeFromVerifier,r);try{const o=await T(ch,f.Sha256Digest,t,e,r)(n,e,r);return Qt(new Uint8Array(o))}catch{throw P(Rs)}}/! @azure/msal-browser v4.9.0 2025-03-25 /class vC extends $n{constructor(e,t,r,o,i,s,a,c,d,l){super(e,t,r,o,i,s,a,d,l),this.unloadWindow=this.unloadWindow.bind(this),this.nativeStorage=c,this.eventHandler=i}acquireToken(e,t){try{const o={popupName:this.generatePopupName(e.scopes\|\|yn,e.authority\|\|this.config.auth.authority),popupWindowAttributes:e.popupWindowAttributes\|\|{},popupWindowParent:e.popupWindowParent??window};return this.performanceClient.addFields({isAsyncPopup:this.config.system.asyncPopups},this.correlationId),this.config.system.asyncPopups?(this.logger.verbose("asyncPopups set to true, acquiring token"),this.acquireTokenPopupAsync(e,o,t)):(this.logger.verbose("asyncPopup set to false, opening popup before acquiring token"),o.popup=this.openSizedPopup("about:blank",o),this.acquireTokenPopupAsync(e,o,t))}catch(r){return Promise.reject(r)}}logout(e){try{this.logger.verbose("logoutPopup called");const t=this.initializeLogoutRequest(e),r={popupName:this.generateLogoutPopupName(t),popupWindowAttributes:(e==null?void 0:e.popupWindowAttributes)\|\|{},popupWindowParent:(e==null?void 0:e.popupWindowParent)??window},o=e&&e.authority,i=e&&e.mainWindowRedirectUri;return this.config.system.asyncPopups?(this.logger.verbose("asyncPopups set to true"),this.logoutPopupAsync(t,r,o,i)):(this.logger.verbose("asyncPopup set to false, opening popup"),r.popup=this.openSizedPopup("about:blank",r),this.logoutPopupAsync(t,r,o,i))}catch(t){return Promise.reject(t)}}async acquireTokenPopupAsync(e,t,r){this.logger.verbose("acquireTokenPopupAsync called");const o=await T(this.initializeAuthorizationRequest.bind(this),f.StandardInteractionClientInitializeAuthorizationRequest,this.logger,this.performanceClient,this.correlationId)(e,M.Popup);t.popup&&ph(o.authority);const i=At.isPlatformBrokerAvailable(this.config,this.logger,this.nativeMessageHandler,e.authenticationScheme);return o.platformBroker=i,this.config.auth.protocolMode===Ue.EAR?this.executeEarFlow(o,t):this.executeCodeFlow(o,t,r)}async executeCodeFlow(e,t,r){var c;const o=e.correlationId,i=this.initializeServerTelemetryManager(se.acquireTokenPopup),s=r\|\|await T(Uo,f.GeneratePkceCodes,this.logger,this.performanceClient,o)(this.performanceClient,this.logger,o),a={...e,codeChallenge:s.challenge};try{const d=await T(this.createAuthCodeClient.bind(this),f.StandardInteractionClientCreateAuthCodeClient,this.logger,this.performanceClient,o)({serverTelemetryManager:i,requestAuthority:a.authority,requestAzureCloudOptions:a.azureCloudOptions,requestExtraQueryParameters:a.extraQueryParameters,account:a.account}),l=await T(Vs,f.GetAuthCodeUrl,this.logger,this.performanceClient,o)(this.config,d.authority,a,this.logger,this.performanceClient),h=this.initiateAuthRequest(l,t);this.eventHandler.emitEvent(N.POPUP_OPENED,M.Popup,{popupWindow:h},null);const p=await this.monitorPopupForHash(h,t.popupWindowParent),y=lt(co,f.DeserializeResponse,this.logger,this.performanceClient,this.correlationId)(p,this.config.auth.OIDCOptions.serverResponseType,this.logger);return await T(Ws,f.HandleResponseCode,this.logger,this.performanceClient,o)(e,y,s.verifier,se.acquireTokenPopup,this.config,d,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.nativeMessageHandler)}catch(d){throw(c=t.popup)==null\|\|c.close(),d instanceof Z&&(d.setCorrelationId(this.correlationId),i.cacheFailedRequest(d)),d}}async executeEarFlow(e,t){const r=e.correlationId,o=await T(this.getDiscoveredAuthority.bind(this),f.StandardInteractionClientGetDiscoveredAuthority,this.logger,this.performanceClient,r)({requestAuthority:e.authority,requestAzureCloudOptions:e.azureCloudOptions,requestExtraQueryParameters:e.extraQueryParameters,account:e.account}),i=await T(Fs,f.GenerateEarKey,this.logger,this.performanceClient,r)(),s={...e,earJwk:i},a=t.popup\|\|this.openPopup("about:blank",t);(await js(a.document,this.config,o,s,this.logger,this.performanceClient)).submit();const d=await T(this.monitorPopupForHash.bind(this),f.SilentHandlerMonitorIframeForHash,this.logger,this.performanceClient,r)(a,t.popupWindowParent),l=lt(co,f.DeserializeResponse,this.logger,this.performanceClient,this.correlationId)(d,this.config.auth.OIDCOptions.serverResponseType,this.logger);return T(Ys,f.HandleResponseEar,this.logger,this.performanceClient,r)(s,l,se.acquireTokenPopup,this.config,o,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.nativeMessageHandler)}async logoutPopupAsync(e,t,r,o){var s,a,c,d;this.logger.verbose("logoutPopupAsync called"),this.eventHandler.emitEvent(N.LOGOUT_START,M.Popup,e);const i=this.initializeServerTelemetryManager(se.logoutPopup);try{await this.clearCacheOnLogout(e.account);const l=await T(this.createAuthCodeClient.bind(this),f.StandardInteractionClientCreateAuthCodeClient,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:i,requestAuthority:r,account:e.account\|\|void 0});try{l.authority.endSessionEndpoint}catch{if((s=e.account)!=null&&s.homeAccountId&&e.postLogoutRedirectUri&&l.authority.protocolMode===Ue.OIDC){if(this.browserStorage.removeAccount((a=e.account)==null?void 0:a.homeAccountId),this.eventHandler.emitEvent(N.LOGOUT_SUCCESS,M.Popup,e),o){const y={apiId:se.logoutPopup,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},b=Q.getAbsoluteUrl(o,Nt());await this.navigationClient.navigateInternal(b,y)}(c=t.popup)==null\|\|c.close();return}}const h=l.getLogoutUri(e);this.eventHandler.emitEvent(N.LOGOUT_SUCCESS,M.Popup,e);const p=this.openPopup(h,t);if(this.eventHandler.emitEvent(N.POPUP_OPENED,M.Popup,{popupWindow:p},null),await this.monitorPopupForHash(p,t.popupWindowParent).catch(()=>{}),o){const y={apiId:se.logoutPopup,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},b=Q.getAbsoluteUrl(o,Nt());this.logger.verbose("Redirecting main window to url specified in the request"),this.logger.verbosePii(`Redirecting main window to: ${b}`),await this.navigationClient.navigateInternal(b,y)}else this.logger.verbose("No main window navigation requested")}catch(l){throw(d=t.popup)==null\|\|d.close(),l instanceof Z&&(l.setCorrelationId(this.correlationId),i.cacheFailedRequest(l)),this.eventHandler.emitEvent(N.LOGOUT_FAILURE,M.Popup,null,l),this.eventHandler.emitEvent(N.LOGOUT_END,M.Popup),l}this.eventHandler.emitEvent(N.LOGOUT_END,M.Popup)}initiateAuthRequest(e,t){if(e)return this.logger.infoPii(`Navigate to: ${e}`),this.openPopup(e,t);throw this.logger.error("Navigate url is empty"),P(No)}monitorPopupForHash(e,t){return new Promise((r,o)=>{this.logger.verbose("PopupHandler.monitorPopupForHash - polling started");const i=setInterval(()=>{if(e.closed){this.logger.error("PopupHandler.monitorPopupForHash - window closed"),clearInterval(i),o(P(pr));return}let s="";try{s=e.location.href}catch{}if(!s\|\|s==="about:blank")return;clearInterval(i);let a="";const c=this.config.auth.OIDCOptions.serverResponseType;e&&(c===To.QUERY?a=e.location.search:a=e.location.hash),this.logger.verbose("PopupHandler.monitorPopupForHash - popup window is on same origin as caller"),r(a)},this.config.system.pollIntervalMilliseconds)}).finally(()=>{this.cleanPopup(e,t)})}openPopup(e,t){try{let r;if(t.popup?(r=t.popup,this.logger.verbosePii(`Navigating popup window to: ${e}`),r.location.assign(e)):typeof t.popup>"u"&&(this.logger.verbosePii(`Opening popup window to: ${e}`),r=this.openSizedPopup(e,t)),!r)throw P(Ld);return r.focus&&r.focus(),this.currentWindow=r,t.popupWindowParent.addEventListener("beforeunload",this.unloadWindow),r}catch(r){throw this.logger.error("error opening popup "+r.message),P(Hd)}}openSizedPopup(e,{popupName:t,popupWindowAttributes:r,popupWindowParent:o}){var y,b,S,q;const i=o.screenLeft?o.screenLeft:o.screenX,s=o.screenTop?o.screenTop:o.screenY,a=o.innerWidth\|\|document.documentElement.clientWidth\|\|document.body.clientWidth,c=o.innerHeight\|\|document.documentElement.clientHeight\|\|document.body.clientHeight;let d=(y=r.popupSize)==null?void 0:y.width,l=(b=r.popupSize)==null?void 0:b.height,h=(S=r.popupPosition)==null?void 0:S.top,p=(q=r.popupPosition)==null?void 0:q.left;return(!d\|\|d<0\|\|d>a)&&(this.logger.verbose("Default popup window width used. Window width not configured or invalid."),d=He.POPUP_WIDTH),(!l\|\|l<0\|\|l>c)&&(this.logger.verbose("Default popup window height used. Window height not configured or invalid."),l=He.POPUP_HEIGHT),(!h\|\|h<0\|\|h>c)&&(this.logger.verbose("Default popup window top position used. Window top not configured or invalid."),h=Math.max(0,c/2-He.POPUP_HEIGHT/2+s)),(!p\|\|p<0\|\|p>a)&&(this.logger.verbose("Default popup window left position used. Window left not configured or invalid."),p=Math.max(0,a/2-He.POPUP_WIDTH/2+i)),o.open(e,t,`width=${d}, height=${l}, top=${h}, left=${p}, scrollbars=yes`)}unloadWindow(e){this.currentWindow&&this.currentWindow.close(),e.preventDefault()}cleanPopup(e,t){e.close(),t.removeEventListener("beforeunload",this.unloadWindow)}generatePopupName(e,t){return`${He.POPUP_NAME_PREFIX}.${this.config.auth.clientId}.${e.join("-")}.${t}.${this.correlationId}`}generateLogoutPopupName(e){const t=e.account&&e.account.homeAccountId;return`${He.POPUP_NAME_PREFIX}.${this.config.auth.clientId}.${t}.${this.correlationId}`}}/! @azure/msal-browser v4.9.0 2025-03-25 /function wC(){if(typeof window>"u"\|\|typeof window.performance>"u"\|\|typeof window.performance.getEntriesByType!="function")return;const n=window.performance.getEntriesByType("navigation"),e=n.length?n[0]:void 0;return e==null?void 0:e.type}class IC extends $n{constructor(e,t,r,o,i,s,a,c,d,l){super(e,t,r,o,i,s,a,d,l),this.nativeStorage=c}async acquireToken(e){const t=await T(this.initializeAuthorizationRequest.bind(this),f.StandardInteractionClientInitializeAuthorizationRequest,this.logger,this.performanceClient,this.correlationId)(e,M.Redirect);t.platformBroker=At.isPlatformBrokerAvailable(this.config,this.logger,this.nativeMessageHandler,e.authenticationScheme);const r=i=>{i.persisted&&(this.logger.verbose("Page was restored from back/forward cache. Clearing temporary cache."),this.browserStorage.resetRequestCache(),this.eventHandler.emitEvent(N.RESTORE_FROM_BFCACHE,M.Redirect))},o=this.getRedirectStartPage(e.redirectStartPage);this.logger.verbosePii(`Redirect start page: ${o}`),this.browserStorage.setTemporaryCache(ge.ORIGIN_URI,o,!0),window.addEventListener("pageshow",r);try{this.config.auth.protocolMode===Ue.EAR?await this.executeEarFlow(t):await this.executeCodeFlow(t,e.onRedirectNavigate)}catch(i){throw i instanceof Z&&i.setCorrelationId(this.correlationId),window.removeEventListener("pageshow",r),i}}async executeCodeFlow(e,t){const r=e.correlationId,o=this.initializeServerTelemetryManager(se.acquireTokenRedirect),i=await T(Uo,f.GeneratePkceCodes,this.logger,this.performanceClient,r)(this.performanceClient,this.logger,r),s={...e,codeChallenge:i.challenge};this.browserStorage.cacheAuthorizeRequest(s,i.verifier);try{const a=await T(this.createAuthCodeClient.bind(this),f.StandardInteractionClientCreateAuthCodeClient,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:o,requestAuthority:s.authority,requestAzureCloudOptions:s.azureCloudOptions,requestExtraQueryParameters:s.extraQueryParameters,account:s.account}),c=await T(Vs,f.GetAuthCodeUrl,this.logger,this.performanceClient,e.correlationId)(this.config,a.authority,s,this.logger,this.performanceClient);return await this.initiateAuthRequest(c,t)}catch(a){throw a instanceof Z&&(a.setCorrelationId(this.correlationId),o.cacheFailedRequest(a)),a}}async executeEarFlow(e){const t=e.correlationId,r=await T(this.getDiscoveredAuthority.bind(this),f.StandardInteractionClientGetDiscoveredAuthority,this.logger,this.performanceClient,t)({requestAuthority:e.authority,requestAzureCloudOptions:e.azureCloudOptions,requestExtraQueryParameters:e.extraQueryParameters,account:e.account}),o=await T(Fs,f.GenerateEarKey,this.logger,this.performanceClient,t)(),i={...e,earJwk:o};this.browserStorage.cacheAuthorizeRequest(i),(await js(document,this.config,r,i,this.logger,this.performanceClient)).submit()}async handleRedirectPromise(e="",t,r,o){const i=this.initializeServerTelemetryManager(se.handleRedirectPromise);try{const[s,a]=this.getRedirectResponse(e\|\|"");if(!s)return this.logger.info("handleRedirectPromise did not detect a response as a result of a redirect. Cleaning temporary cache."),this.browserStorage.resetRequestCache(),wC()!=="back_forward"?o.event.errorCode="no_server_response":this.logger.verbose("Back navigation event detected. Muting no_server_response error"),null;const c=this.browserStorage.getTemporaryCache(ge.ORIGIN_URI,!0)\|\|C.EMPTY_STRING,d=Q.removeHashFromUrl(c),l=Q.removeHashFromUrl(window.location.href);if(d===l&&this.config.auth.navigateToLoginRequestUrl)return this.logger.verbose("Current page is loginRequestUrl, handling response"),c.indexOf("#")>-1&&Dm(c),await this.handleResponse(s,t,r,i);if(this.config.auth.navigateToLoginRequestUrl){if(!$s()\|\|this.config.system.allowRedirectInIframe){this.browserStorage.setTemporaryCache(ge.URL_HASH,a,!0);const h={apiId:se.handleRedirectPromise,timeout:this.config.system.redirectNavigationTimeout,noHistory:!0};let p=!0;if(!c\|\|c==="null"){const y=Km();this.browserStorage.setTemporaryCache(ge.ORIGIN_URI,y,!0),this.logger.warning("Unable to get valid login request url from cache, redirecting to home page"),p=await this.navigationClient.navigateInternal(y,h)}else this.logger.verbose(`Navigating to loginRequestUrl: ${c}`),p=await this.navigationClient.navigateInternal(c,h);if(!p)return await this.handleResponse(s,t,r,i)}}else return this.logger.verbose("NavigateToLoginRequestUrl set to false, handling response"),await this.handleResponse(s,t,r,i);return null}catch(s){throw s instanceof Z&&(s.setCorrelationId(this.correlationId),i.cacheFailedRequest(s)),s}}getRedirectResponse(e){this.logger.verbose("getRedirectResponseHash called");let t=e;t\|\|(this.config.auth.OIDCOptions.serverResponseType===To.QUERY?t=window.location.search:t=window.location.hash);let r=Xr(t);if(r){try{mC(r,this.browserCrypto,M.Redirect)}catch(i){return i instanceof Z&&this.logger.error(`Interaction type validation failed due to ${i.errorCode}: ${i.errorMessage}`),[null,""]}return Um(window),this.logger.verbose("Hash contains known properties, returning response hash"),[r,t]}const o=this.browserStorage.getTemporaryCache(ge.URL_HASH,!0);return this.browserStorage.removeItem(this.browserStorage.generateCacheKey(ge.URL_HASH)),o&&(r=Xr(o),r)?(this.logger.verbose("Hash does not contain known properties, returning cached hash"),[r,o]):[null,""]}async handleResponse(e,t,r,o){if(!e.state)throw P(Ps);if(e.ear_jwe){const a=await T(this.getDiscoveredAuthority.bind(this),f.StandardInteractionClientGetDiscoveredAuthority,this.logger,this.performanceClient,t.correlationId)({requestAuthority:t.authority,requestAzureCloudOptions:t.azureCloudOptions,requestExtraQueryParameters:t.extraQueryParameters,account:t.account});return T(Ys,f.HandleResponseEar,this.logger,this.performanceClient,t.correlationId)(t,e,se.acquireTokenRedirect,this.config,a,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.nativeMessageHandler)}const s=await T(this.createAuthCodeClient.bind(this),f.StandardInteractionClientCreateAuthCodeClient,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:o,requestAuthority:t.authority});return T(Ws,f.HandleResponseCode,this.logger,this.performanceClient,t.correlationId)(t,e,r,se.acquireTokenRedirect,this.config,s,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.nativeMessageHandler)}async initiateAuthRequest(e,t){if(this.logger.verbose("RedirectHandler.initiateAuthRequest called"),e){this.logger.infoPii(`RedirectHandler.initiateAuthRequest: Navigate to: ${e}`);const r={apiId:se.acquireTokenRedirect,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},o=t\|\|this.config.auth.onRedirectNavigate;if(typeof o=="function")if(this.logger.verbose("RedirectHandler.initiateAuthRequest: Invoking onRedirectNavigate callback"),o(e)!==!1){this.logger.verbose("RedirectHandler.initiateAuthRequest: onRedirectNavigate did not return false, navigating"),await this.navigationClient.navigateExternal(e,r);return}else{this.logger.verbose("RedirectHandler.initiateAuthRequest: onRedirectNavigate returned false, stopping navigation");return}else{this.logger.verbose("RedirectHandler.initiateAuthRequest: Navigating window to navigate url"),await this.navigationClient.navigateExternal(e,r);return}}else throw this.logger.info("RedirectHandler.initiateAuthRequest: Navigate url is empty"),P(No)}async logout(e){var o,i;this.logger.verbose("logoutRedirect called");const t=this.initializeLogoutRequest(e),r=this.initializeServerTelemetryManager(se.logout);try{this.eventHandler.emitEvent(N.LOGOUT_START,M.Redirect,e),await this.clearCacheOnLogout(t.account);const s={apiId:se.logout,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},a=await T(this.createAuthCodeClient.bind(this),f.StandardInteractionClientCreateAuthCodeClient,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:r,requestAuthority:e&&e.authority,requestExtraQueryParameters:e==null?void 0:e.extraQueryParameters,account:e&&e.account\|\|void 0});if(a.authority.protocolMode===Ue.OIDC)try{a.authority.endSessionEndpoint}catch{if((o=t.account)!=null&&o.homeAccountId){this.browserStorage.removeAccount((i=t.account)==null?void 0:i.homeAccountId),this.eventHandler.emitEvent(N.LOGOUT_SUCCESS,M.Redirect,t);return}}const c=a.getLogoutUri(t);if(this.eventHandler.emitEvent(N.LOGOUT_SUCCESS,M.Redirect,t),e&&typeof e.onRedirectNavigate=="function")if(e.onRedirectNavigate(c)!==!1){this.logger.verbose("Logout onRedirectNavigate did not return false, navigating"),this.browserStorage.getInteractionInProgress()\|\|this.browserStorage.setInteractionInProgress(!0),await this.navigationClient.navigateExternal(c,s);return}else this.browserStorage.setInteractionInProgress(!1),this.logger.verbose("Logout onRedirectNavigate returned false, stopping navigation");else{this.browserStorage.getInteractionInProgress()\|\|this.browserStorage.setInteractionInProgress(!0),await this.navigationClient.navigateExternal(c,s);return}}catch(s){throw s instanceof Z&&(s.setCorrelationId(this.correlationId),r.cacheFailedRequest(s)),this.eventHandler.emitEvent(N.LOGOUT_FAILURE,M.Redirect,null,s),this.eventHandler.emitEvent(N.LOGOUT_END,M.Redirect),s}this.eventHandler.emitEvent(N.LOGOUT_END,M.Redirect)}getRedirectStartPage(e){const t=e\|\|window.location.href;return Q.getAbsoluteUrl(t,Nt())}}/! @azure/msal-browser v4.9.0 2025-03-25 /async function EC(n,e,t,r,o){if(e.addQueueMeasurement(f.SilentHandlerInitiateAuthRequest,r),!n)throw t.info("Navigate url is empty"),P(No);return o?T(SC,f.SilentHandlerLoadFrame,t,e,r)(n,o,e,r):lt(bC,f.SilentHandlerLoadFrameSync,t,e,r)(n)}async function _C(n,e,t,r,o){const i=Qs();if(!i.contentDocument)throw"No document associated with iframe!";return(await js(i.contentDocument,n,e,t,r,o)).submit(),i}async function oc(n,e,t,r,o,i,s){return r.addQueueMeasurement(f.SilentHandlerMonitorIframeForHash,i),new Promise((a,c)=>{e<ki&&o.warning(`system.loadFrameTimeout or system.iframeHashTimeout set to lower (${e}ms) than the default (${ki}ms). This may result in timeouts.`);const d=window.setTimeout(()=>{window.clearInterval(l),c(P(Ud))},e),l=window.setInterval(()=>{let h="";const p=n.contentWindow;try{h=p?p.location.href:""}catch{}if(!h\|\|h==="about:blank")return;let y="";p&&(s===To.QUERY?y=p.location.search:y=p.location.hash),window.clearTimeout(d),window.clearInterval(l),a(y)},t)}).finally(()=>{lt(kC,f.RemoveHiddenIframe,o,r,i)(n)})}function SC(n,e,t,r){return t.addQueueMeasurement(f.SilentHandlerLoadFrame,r),new Promise((o,i)=>{const s=Qs();window.setTimeout(()=>{if(!s){i("Unable to load iframe");return}s.src=n,o(s)},e)})}function bC(n){const e=Qs();return e.src=n,e}function Qs(){const n=document.createElement("iframe");return n.className="msalSilentIframe",n.style.visibility="hidden",n.style.position="absolute",n.style.width=n.style.height="0",n.style.border="0",n.setAttribute("sandbox","allow-scripts allow-same-origin allow-forms"),document.body.appendChild(n),n}function kC(n){document.body===n.parentNode&&document.body.removeChild(n)}/! @azure/msal-browser v4.9.0 2025-03-25 /class RC extends $n{constructor(e,t,r,o,i,s,a,c,d,l,h){super(e,t,r,o,i,s,c,l,h),this.apiId=a,this.nativeStorage=d}async acquireToken(e){this.performanceClient.addQueueMeasurement(f.SilentIframeClientAcquireToken,e.correlationId),!e.loginHint&&!e.sid&&(!e.account\|\|!e.account.username)&&this.logger.warning("No user hint provided. The authorization server may need more information to complete this request.");const t={...e};t.prompt?t.prompt!==ve.NONE&&t.prompt!==ve.NO_SESSION&&(this.logger.warning(`SilentIframeClient. Replacing invalid prompt ${t.prompt} with ${ve.NONE}`),t.prompt=ve.NONE):t.prompt=ve.NONE;const r=await T(this.initializeAuthorizationRequest.bind(this),f.StandardInteractionClientInitializeAuthorizationRequest,this.logger,this.performanceClient,e.correlationId)(t,M.Silent);return r.platformBroker=At.isPlatformBrokerAvailable(this.config,this.logger,this.nativeMessageHandler,r.authenticationScheme),ph(r.authority),this.config.auth.protocolMode===Ue.EAR?this.executeEarFlow(r):this.executeCodeFlow(r)}async executeCodeFlow(e){let t;const r=this.initializeServerTelemetryManager(this.apiId);try{return t=await T(this.createAuthCodeClient.bind(this),f.StandardInteractionClientCreateAuthCodeClient,this.logger,this.performanceClient,e.correlationId)({serverTelemetryManager:r,requestAuthority:e.authority,requestAzureCloudOptions:e.azureCloudOptions,requestExtraQueryParameters:e.extraQueryParameters,account:e.account}),await T(this.silentTokenHelper.bind(this),f.SilentIframeClientTokenHelper,this.logger,this.performanceClient,e.correlationId)(t,e)}catch(o){if(o instanceof Z&&(o.setCorrelationId(this.correlationId),r.cacheFailedRequest(o)),!t\|\|!(o instanceof Z)\|\|o.errorCode!==He.INVALID_GRANT_ERROR)throw o;return this.performanceClient.addFields({retryError:o.errorCode},this.correlationId),await T(this.silentTokenHelper.bind(this),f.SilentIframeClientTokenHelper,this.logger,this.performanceClient,this.correlationId)(t,e)}}async executeEarFlow(e){const t=e.correlationId,r=await T(this.getDiscoveredAuthority.bind(this),f.StandardInteractionClientGetDiscoveredAuthority,this.logger,this.performanceClient,t)({requestAuthority:e.authority,requestAzureCloudOptions:e.azureCloudOptions,requestExtraQueryParameters:e.extraQueryParameters,account:e.account}),o=await T(Fs,f.GenerateEarKey,this.logger,this.performanceClient,t)(),i={...e,earJwk:o},s=await T(_C,f.SilentHandlerInitiateAuthRequest,this.logger,this.performanceClient,t)(this.config,r,i,this.logger,this.performanceClient),a=this.config.auth.OIDCOptions.serverResponseType,c=await T(oc,f.SilentHandlerMonitorIframeForHash,this.logger,this.performanceClient,t)(s,this.config.system.iframeHashTimeout,this.config.system.pollIntervalMilliseconds,this.performanceClient,this.logger,t,a),d=lt(co,f.DeserializeResponse,this.logger,this.performanceClient,t)(c,a,this.logger);return T(Ys,f.HandleResponseEar,this.logger,this.performanceClient,t)(i,d,this.apiId,this.config,r,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.nativeMessageHandler)}logout(){return Promise.reject(P(Mo))}async silentTokenHelper(e,t){const r=t.correlationId;this.performanceClient.addQueueMeasurement(f.SilentIframeClientTokenHelper,r);const o=await T(Uo,f.GeneratePkceCodes,this.logger,this.performanceClient,r)(this.performanceClient,this.logger,r),i={...t,codeChallenge:o.challenge},s=await T(Vs,f.GetAuthCodeUrl,this.logger,this.performanceClient,r)(this.config,e.authority,i,this.logger,this.performanceClient),a=await T(EC,f.SilentHandlerInitiateAuthRequest,this.logger,this.performanceClient,r)(s,this.performanceClient,this.logger,r,this.config.system.navigateFrameWait),c=this.config.auth.OIDCOptions.serverResponseType,d=await T(oc,f.SilentHandlerMonitorIframeForHash,this.logger,this.performanceClient,r)(a,this.config.system.iframeHashTimeout,this.config.system.pollIntervalMilliseconds,this.performanceClient,this.logger,r,c),l=lt(co,f.DeserializeResponse,this.logger,this.performanceClient,r)(d,c,this.logger);return T(Ws,f.HandleResponseCode,this.logger,this.performanceClient,r)(t,l,o.verifier,this.apiId,this.config,e,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.nativeMessageHandler)}}/! @azure/msal-browser v4.9.0 2025-03-25 /class OC extends $n{async acquireToken(e){this.performanceClient.addQueueMeasurement(f.SilentRefreshClientAcquireToken,e.correlationId);const t=await T(qs,f.InitializeBaseRequest,this.logger,this.performanceClient,e.correlationId)(e,this.config,this.performanceClient,this.logger),r={...e,...t};e.redirectUri&&(r.redirectUri=this.getRedirectUri(e.redirectUri));const o=this.initializeServerTelemetryManager(se.acquireTokenSilent_silentFlow),i=await this.createRefreshTokenClient({serverTelemetryManager:o,authorityUrl:r.authority,azureCloudOptions:r.azureCloudOptions,account:r.account});return T(i.acquireTokenByRefreshToken.bind(i),f.RefreshTokenClientAcquireTokenByRefreshToken,this.logger,this.performanceClient,e.correlationId)(r).catch(s=>{throw s.setCorrelationId(this.correlationId),o.cacheFailedRequest(s),s})}logout(){return Promise.reject(P(Mo))}async createRefreshTokenClient(e){const t=await T(this.getClientConfiguration.bind(this),f.StandardInteractionClientGetClientConfiguration,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:e.serverTelemetryManager,requestAuthority:e.authorityUrl,requestAzureCloudOptions:e.azureCloudOptions,requestExtraQueryParameters:e.extraQueryParameters,account:e.account});return new Xp(t,this.performanceClient)}}/! @azure/msal-browser v4.9.0 2025-03-25 /class PC{constructor(e,t,r,o){this.isBrowserEnvironment=typeof window<"u",this.config=e,this.storage=t,this.logger=r,this.cryptoObj=o}async loadExternalTokens(e,t,r){if(!this.isBrowserEnvironment)throw P(xo);const o=e.correlationId\|\|We(),i=t.id_token?Yt(t.id_token,ct):void 0,s={protocolMode:this.config.auth.protocolMode,knownAuthorities:this.config.auth.knownAuthorities,cloudDiscoveryMetadata:this.config.auth.cloudDiscoveryMetadata,authorityMetadata:this.config.auth.authorityMetadata,skipAuthorityMetadataCache:this.config.auth.skipAuthorityMetadataCache},a=e.authority?new _e(_e.generateAuthority(e.authority,e.azureCloudOptions),this.config.system.networkClient,this.storage,s,this.logger,e.correlationId\|\|We()):void 0,c=await this.loadAccount(e,r.clientInfo\|\|t.client_info\|\|"",o,i,a),d=await this.loadIdToken(t,c.homeAccountId,c.environment,c.realm,o),l=await this.loadAccessToken(e,t,c.homeAccountId,c.environment,c.realm,r,o),h=await this.loadRefreshToken(t,c.homeAccountId,c.environment,o);return this.generateAuthenticationResult(e,{account:c,idToken:d,accessToken:l,refreshToken:h},i,a)}async loadAccount(e,t,r,o,i){if(this.logger.verbose("TokenCache - loading account"),e.account){const d=Oe.createFromAccountInfo(e.account);return await this.storage.setAccount(d,r),d}else if(!i\|\|!t&&!o)throw this.logger.error("TokenCache - if an account is not provided on the request, authority and either clientInfo or idToken must be provided instead."),P(Vd);const s=Oe.generateHomeAccountId(t,i.authorityType,this.logger,this.cryptoObj,o),a=o==null?void 0:o.tid,c=Ss(this.storage,i,s,ct,o,t,i.hostnameAndPort,a,void 0,void 0,this.logger);return await this.storage.setAccount(c,r),c}async loadIdToken(e,t,r,o,i){if(!e.id_token)return this.logger.verbose("TokenCache - no id token found in response"),null;this.logger.verbose("TokenCache - loading id token");const s=Ao(t,r,e.id_token,this.config.auth.clientId,o);return await this.storage.setIdTokenCredential(s,i),s}async loadAccessToken(e,t,r,o,i,s,a){if(t.access_token)if(t.expires_in){if(!t.scope&&(!e.scopes\|\|!e.scopes.length))return this.logger.error("TokenCache - scopes not specified in the request or response. Cannot add token to the cache."),null}else return this.logger.error("TokenCache - no expiration set on the access token. Cannot add it to the cache."),null;else return this.logger.verbose("TokenCache - no access token found in response"),null;this.logger.verbose("TokenCache - loading access token");const c=t.scope?fe.fromString(t.scope):new fe(e.scopes),d=s.expiresOn\|\|t.expires_in+Fe(),l=s.extendedExpiresOn\|\|(t.ext_expires_in\|\|t.expires_in)+Fe(),h=vo(r,o,t.access_token,this.config.auth.clientId,i,c.printScopes(),d,l,ct);return await this.storage.setAccessTokenCredential(h,a),h}async loadRefreshToken(e,t,r,o){if(!e.refresh_token)return this.logger.verbose("TokenCache - no refresh token found in response"),null;this.logger.verbose("TokenCache - loading refresh token");const i=Hl(t,r,e.refresh_token,this.config.auth.clientId,e.foci,void 0,e.refresh_token_expires_in);return await this.storage.setRefreshTokenCredential(i,o),i}generateAuthenticationResult(e,t,r,o){var l,h,p;let i="",s=[],a=null,c;t!=null&&t.accessToken&&(i=t.accessToken.secret,s=fe.fromString(t.accessToken.target).asArray(),a=xt(t.accessToken.expiresOn),c=xt(t.accessToken.extendedExpiresOn));const d=t.account;return{authority:o?o.canonicalAuthority:"",uniqueId:t.account.localAccountId,tenantId:t.account.realm,scopes:s,account:d.getAccountInfo(),idToken:((l=t.idToken)==null?void 0:l.secret)\|\|"",idTokenClaims:r\|\|{},accessToken:i,fromCache:!0,expiresOn:a,correlationId:e.correlationId\|\|"",requestId:"",extExpiresOn:c,familyId:((h=t.refreshToken)==null?void 0:h.familyId)\|\|"",tokenType:((p=t==null?void 0:t.accessToken)==null?void 0:p.tokenType)\|\|"",state:e.state\|\|"",cloudGraphHostName:d.cloudGraphHostName\|\|"",msGraphHost:d.msGraphHost\|\|"",fromNativeBroker:!1}}}/! @azure/msal-browser v4.9.0 2025-03-25 /class NC extends Id{constructor(e){super(e),this.includeRedirectUri=!1}}/! @azure/msal-browser v4.9.0 2025-03-25 /class MC extends $n{constructor(e,t,r,o,i,s,a,c,d,l){super(e,t,r,o,i,s,c,d,l),this.apiId=a}async acquireToken(e){if(!e.code)throw P(jd);const t=await T(this.initializeAuthorizationRequest.bind(this),f.StandardInteractionClientInitializeAuthorizationRequest,this.logger,this.performanceClient,e.correlationId)(e,M.Silent),r=this.initializeServerTelemetryManager(this.apiId);try{const o={...t,code:e.code},i=await T(this.getClientConfiguration.bind(this),f.StandardInteractionClientGetClientConfiguration,this.logger,this.performanceClient,e.correlationId)({serverTelemetryManager:r,requestAuthority:t.authority,requestAzureCloudOptions:t.azureCloudOptions,requestExtraQueryParameters:t.extraQueryParameters,account:t.account}),s=new NC(i);this.logger.verbose("Auth code client created");const a=new bh(s,this.browserStorage,o,this.logger,this.performanceClient);return await T(a.handleCodeResponseFromServer.bind(a),f.HandleCodeResponseFromServer,this.logger,this.performanceClient,e.correlationId)({code:e.code,msgraph_host:e.msGraphHost,cloud_graph_host_name:e.cloudGraphHostName,cloud_instance_host_name:e.cloudInstanceHostName},t,!1)}catch(o){throw o instanceof Z&&(o.setCorrelationId(this.correlationId),r.cacheFailedRequest(o)),o}}logout(){return Promise.reject(P(Mo))}}/! @azure/msal-browser v4.9.0 2025-03-25 /function gt(n){const e=n==null?void 0:n.idTokenClaims;if(e!=null&&e.tfp\|\|e!=null&&e.acr)return"B2C";if(e!=null&&e.tid){if((e==null?void 0:e.tid)==="9188040d-6c67-4c5b-b112-36a304b66dad")return"MSA"}else return;return"AAD"}function xr(n,e){try{zs(n)}catch(t){throw e.end({success:!1},t),t}}class Do{constructor(e){this.operatingContext=e,this.isBrowserEnvironment=this.operatingContext.isBrowserEnvironment(),this.config=e.getConfig(),this.initialized=!1,this.logger=this.operatingContext.getLogger(),this.networkClient=this.config.system.networkClient,this.navigationClient=this.config.system.navigationClient,this.redirectResponse=new Map,this.hybridAuthCodeResponses=new Map,this.performanceClient=this.config.telemetry.client,this.browserCrypto=this.isBrowserEnvironment?new It(this.logger,this.performanceClient):ur,this.eventHandler=new Eh(this.logger),this.browserStorage=this.isBrowserEnvironment?new ao(this.config.auth.clientId,this.config.cache,this.browserCrypto,this.logger,this.performanceClient,this.eventHandler,yd(this.config.auth)):Ch(this.config.auth.clientId,this.logger,this.performanceClient,this.eventHandler);const t={cacheLocation:we.MemoryStorage,temporaryCacheLocation:we.MemoryStorage,storeAuthStateInCookie:!1,secureCookies:!1,cacheMigrationEnabled:!1,claimsBasedCachingEnabled:!1};this.nativeInternalStorage=new ao(this.config.auth.clientId,t,this.browserCrypto,this.logger,this.performanceClient,this.eventHandler),this.tokenCache=new PC(this.config,this.browserStorage,this.logger,this.browserCrypto),this.activeSilentTokenRequests=new Map,this.trackPageVisibility=this.trackPageVisibility.bind(this),this.trackPageVisibilityWithMeasurement=this.trackPageVisibilityWithMeasurement.bind(this)}static async createController(e,t){const r=new Do(e);return await r.initialize(t),r}trackPageVisibility(e){e&&(this.logger.info("Perf: Visibility change detected"),this.performanceClient.incrementFields({visibilityChangeCount:1},e))}async initialize(e){if(this.logger.trace("initialize called"),this.initialized){this.logger.info("initialize has already been called, exiting early.");return}if(!this.isBrowserEnvironment){this.logger.info("in non-browser environment, exiting early."),this.initialized=!0,this.eventHandler.emitEvent(N.INITIALIZE_END);return}const t=(e==null?void 0:e.correlationId)\|\|this.getRequestCorrelationId(),r=this.config.system.allowPlatformBroker,o=this.performanceClient.startMeasurement(f.InitializeClientApplication,t);if(this.eventHandler.emitEvent(N.INITIALIZE_START),await T(this.browserStorage.initialize.bind(this.browserStorage),f.InitializeCache,this.logger,this.performanceClient,t)(t),r)try{this.nativeExtensionProvider=await At.createProvider(this.logger,this.config.system.nativeBrokerHandshakeTimeout,this.performanceClient)}catch(i){this.logger.verbose(i)}this.config.cache.claimsBasedCachingEnabled\|\|(this.logger.verbose("Claims-based caching is disabled. Clearing the previous cache with claims"),await T(this.browserStorage.clearTokensAndKeysWithClaims.bind(this.browserStorage),f.ClearTokensAndKeysWithClaims,this.logger,this.performanceClient,t)(this.performanceClient,t)),this.config.system.asyncPopups&&await this.preGeneratePkceCodes(t),this.initialized=!0,this.eventHandler.emitEvent(N.INITIALIZE_END),o.end({allowPlatformBroker:r,success:!0})}async handleRedirectPromise(e){if(this.logger.verbose("handleRedirectPromise called"),gh(this.initialized),this.isBrowserEnvironment){const t=e\|\|"";let r=this.redirectResponse.get(t);return typeof r>"u"?(r=this.handleRedirectPromiseInternal(e),this.redirectResponse.set(t,r),this.logger.verbose("handleRedirectPromise has been called for the first time, storing the promise")):this.logger.verbose("handleRedirectPromise has been called previously, returning the result from the first call"),r}return this.logger.verbose("handleRedirectPromise returns null, not browser environment"),null}async handleRedirectPromiseInternal(e){if(!this.browserStorage.isInteractionInProgress(!0))return this.logger.info("handleRedirectPromise called but there is no interaction in progress, returning null."),null;const t=this.getAllAccounts(),r=this.browserStorage.getCachedNativeRequest(),o=r&&At.isPlatformBrokerAvailable(this.config,this.logger,this.nativeExtensionProvider)&&this.nativeExtensionProvider&&!e;let i=this.performanceClient.startMeasurement(f.AcquireTokenRedirect,(r==null?void 0:r.correlationId)\|\|"");this.eventHandler.emitEvent(N.HANDLE_REDIRECT_START,M.Redirect);let s;if(o&&this.nativeExtensionProvider){this.logger.trace("handleRedirectPromise - acquiring token from native platform");const a=new Kr(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,se.handleRedirectPromise,this.performanceClient,this.nativeExtensionProvider,r.accountId,this.nativeInternalStorage,r.correlationId);s=T(a.handleRedirectPromise.bind(a),f.HandleNativeRedirectPromiseMeasurement,this.logger,this.performanceClient,i.event.correlationId)(this.performanceClient,i.event.correlationId)}else{const[a,c]=this.browserStorage.getCachedRequest(),d=a.correlationId;i.discard(),i=this.performanceClient.startMeasurement(f.AcquireTokenRedirect,d),this.logger.trace("handleRedirectPromise - acquiring token from web flow");const l=this.createRedirectClient(d);s=T(l.handleRedirectPromise.bind(l),f.HandleRedirectPromiseMeasurement,this.logger,this.performanceClient,i.event.correlationId)(e,a,c,i)}return s.then(a=>(a?(this.browserStorage.resetRequestCache(),t.length<this.getAllAccounts().length?(this.eventHandler.emitEvent(N.LOGIN_SUCCESS,M.Redirect,a),this.logger.verbose("handleRedirectResponse returned result, login success")):(this.eventHandler.emitEvent(N.ACQUIRE_TOKEN_SUCCESS,M.Redirect,a),this.logger.verbose("handleRedirectResponse returned result, acquire token success")),i.end({success:!0,accountType:gt(a.account)})):i.event.errorCode?i.end({success:!1}):i.discard(),this.eventHandler.emitEvent(N.HANDLE_REDIRECT_END,M.Redirect),a)).catch(a=>{this.browserStorage.resetRequestCache();const c=a;throw t.length>0?this.eventHandler.emitEvent(N.ACQUIRE_TOKEN_FAILURE,M.Redirect,null,c):this.eventHandler.emitEvent(N.LOGIN_FAILURE,M.Redirect,null,c),this.eventHandler.emitEvent(N.HANDLE_REDIRECT_END,M.Redirect),i.end({success:!1},c),a})}async acquireTokenRedirect(e){const t=this.getRequestCorrelationId(e);this.logger.verbose("acquireTokenRedirect called",t);const r=this.performanceClient.startMeasurement(f.AcquireTokenPreRedirect,t);r.add({accountType:gt(e.account),scenarioId:e.scenarioId});const o=e.onRedirectNavigate;if(o)e.onRedirectNavigate=s=>{const a=typeof o=="function"?o(s):void 0;return a!==!1?r.end({success:!0}):r.discard(),a};else{const s=this.config.auth.onRedirectNavigate;this.config.auth.onRedirectNavigate=a=>{const c=typeof s=="function"?s(a):void 0;return c!==!1?r.end({success:!0}):r.discard(),c}}const i=this.getAllAccounts().length>0;try{Xa(this.initialized,this.config),this.browserStorage.setInteractionInProgress(!0),i?this.eventHandler.emitEvent(N.ACQUIRE_TOKEN_START,M.Redirect,e):this.eventHandler.emitEvent(N.LOGIN_START,M.Redirect,e);let s;return this.nativeExtensionProvider&&this.canUsePlatformBroker(e)?s=new Kr(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,se.acquireTokenRedirect,this.performanceClient,this.nativeExtensionProvider,this.getNativeAccountId(e),this.nativeInternalStorage,t).acquireTokenRedirect(e,r).catch(c=>{if(c instanceof yt&&Sn(c))return this.nativeExtensionProvider=void 0,this.createRedirectClient(t).acquireToken(e);if(c instanceof nt)return this.logger.verbose("acquireTokenRedirect - Resolving interaction required error thrown by native broker by falling back to web flow"),this.createRedirectClient(t).acquireToken(e);throw c}):s=this.createRedirectClient(t).acquireToken(e),await s}catch(s){throw this.browserStorage.resetRequestCache(),r.end({success:!1},s),i?this.eventHandler.emitEvent(N.ACQUIRE_TOKEN_FAILURE,M.Redirect,null,s):this.eventHandler.emitEvent(N.LOGIN_FAILURE,M.Redirect,null,s),s}}acquireTokenPopup(e){const t=this.getRequestCorrelationId(e),r=this.performanceClient.startMeasurement(f.AcquireTokenPopup,t);r.add({scenarioId:e.scenarioId,accountType:gt(e.account)});try{this.logger.verbose("acquireTokenPopup called",t),xr(this.initialized,r),this.browserStorage.setInteractionInProgress(!0)}catch(a){return Promise.reject(a)}const o=this.getAllAccounts();o.length>0?this.eventHandler.emitEvent(N.ACQUIRE_TOKEN_START,M.Popup,e):this.eventHandler.emitEvent(N.LOGIN_START,M.Popup,e);let i;const s=this.getPreGeneratedPkceCodes(t);return this.canUsePlatformBroker(e)?i=this.acquireTokenNative({...e,correlationId:t},se.acquireTokenPopup).then(a=>(r.end({success:!0,isNativeBroker:!0,accountType:gt(a.account)}),a)).catch(a=>{if(a instanceof yt&&Sn(a))return this.nativeExtensionProvider=void 0,this.createPopupClient(t).acquireToken(e,s);if(a instanceof nt)return this.logger.verbose("acquireTokenPopup - Resolving interaction required error thrown by native broker by falling back to web flow"),this.createPopupClient(t).acquireToken(e,s);throw a}):i=this.createPopupClient(t).acquireToken(e,s),i.then(a=>(o.length<this.getAllAccounts().length?this.eventHandler.emitEvent(N.LOGIN_SUCCESS,M.Popup,a):this.eventHandler.emitEvent(N.ACQUIRE_TOKEN_SUCCESS,M.Popup,a),r.end({success:!0,accessTokenSize:a.accessToken.length,idTokenSize:a.idToken.length,accountType:gt(a.account)}),a)).catch(a=>(o.length>0?this.eventHandler.emitEvent(N.ACQUIRE_TOKEN_FAILURE,M.Popup,null,a):this.eventHandler.emitEvent(N.LOGIN_FAILURE,M.Popup,null,a),r.end({success:!1},a),Promise.reject(a))).finally(async()=>{this.browserStorage.setInteractionInProgress(!1),this.config.system.asyncPopups&&await this.preGeneratePkceCodes(t)})}trackPageVisibilityWithMeasurement(){const e=this.ssoSilentMeasurement\|\|this.acquireTokenByCodeAsyncMeasurement;e&&(this.logger.info("Perf: Visibility change detected in ",e.event.name),e.increment({visibilityChangeCount:1}))}async ssoSilent(e){var i,s;const t=this.getRequestCorrelationId(e),r={...e,prompt:e.prompt,correlationId:t};this.ssoSilentMeasurement=this.performanceClient.startMeasurement(f.SsoSilent,t),(i=this.ssoSilentMeasurement)==null\|\|i.add({scenarioId:e.scenarioId,accountType:gt(e.account)}),xr(this.initialized,this.ssoSilentMeasurement),(s=this.ssoSilentMeasurement)==null\|\|s.increment({visibilityChangeCount:0}),document.addEventListener("visibilitychange",this.trackPageVisibilityWithMeasurement),this.logger.verbose("ssoSilent called",t),this.eventHandler.emitEvent(N.SSO_SILENT_START,M.Silent,r);let o;return this.canUsePlatformBroker(r)?o=this.acquireTokenNative(r,se.ssoSilent).catch(a=>{if(a instanceof yt&&Sn(a))return this.nativeExtensionProvider=void 0,this.createSilentIframeClient(r.correlationId).acquireToken(r);throw a}):o=this.createSilentIframeClient(r.correlationId).acquireToken(r),o.then(a=>{var c;return this.eventHandler.emitEvent(N.SSO_SILENT_SUCCESS,M.Silent,a),(c=this.ssoSilentMeasurement)==null\|\|c.end({success:!0,isNativeBroker:a.fromNativeBroker,accessTokenSize:a.accessToken.length,idTokenSize:a.idToken.length,accountType:gt(a.account)}),a}).catch(a=>{var c;throw this.eventHandler.emitEvent(N.SSO_SILENT_FAILURE,M.Silent,null,a),(c=this.ssoSilentMeasurement)==null\|\|c.end({success:!1},a),a}).finally(()=>{document.removeEventListener("visibilitychange",this.trackPageVisibilityWithMeasurement)})}async acquireTokenByCode(e){const t=this.getRequestCorrelationId(e);this.logger.trace("acquireTokenByCode called",t);const r=this.performanceClient.startMeasurement(f.AcquireTokenByCode,t);xr(this.initialized,r),this.eventHandler.emitEvent(N.ACQUIRE_TOKEN_BY_CODE_START,M.Silent,e),r.add({scenarioId:e.scenarioId});try{if(e.code&&e.nativeAccountId)throw P(Yd);if(e.code){const o=e.code;let i=this.hybridAuthCodeResponses.get(o);return i?(this.logger.verbose("Existing acquireTokenByCode request found",t),r.discard()):(this.logger.verbose("Initiating new acquireTokenByCode request",t),i=this.acquireTokenByCodeAsync({...e,correlationId:t}).then(s=>(this.eventHandler.emitEvent(N.ACQUIRE_TOKEN_BY_CODE_SUCCESS,M.Silent,s),this.hybridAuthCodeResponses.delete(o),r.end({success:!0,isNativeBroker:s.fromNativeBroker,accessTokenSize:s.accessToken.length,idTokenSize:s.idToken.length,accountType:gt(s.account)}),s)).catch(s=>{throw this.hybridAuthCodeResponses.delete(o),this.eventHandler.emitEvent(N.ACQUIRE_TOKEN_BY_CODE_FAILURE,M.Silent,null,s),r.end({success:!1},s),s}),this.hybridAuthCodeResponses.set(o,i)),await i}else if(e.nativeAccountId)if(this.canUsePlatformBroker(e,e.nativeAccountId)){const o=await this.acquireTokenNative({...e,correlationId:t},se.acquireTokenByCode,e.nativeAccountId).catch(i=>{throw i instanceof yt&&Sn(i)&&(this.nativeExtensionProvider=void 0),i});return r.end({accountType:gt(o.account),success:!0}),o}else throw P(Qd);else throw P(Wd)}catch(o){throw this.eventHandler.emitEvent(N.ACQUIRE_TOKEN_BY_CODE_FAILURE,M.Silent,null,o),r.end({success:!1},o),o}}async acquireTokenByCodeAsync(e){var o;return this.logger.trace("acquireTokenByCodeAsync called",e.correlationId),this.acquireTokenByCodeAsyncMeasurement=this.performanceClient.startMeasurement(f.AcquireTokenByCodeAsync,e.correlationId),(o=this.acquireTokenByCodeAsyncMeasurement)==null\|\|o.increment({visibilityChangeCount:0}),document.addEventListener("visibilitychange",this.trackPageVisibilityWithMeasurement),await this.createSilentAuthCodeClient(e.correlationId).acquireToken(e).then(i=>{var s;return(s=this.acquireTokenByCodeAsyncMeasurement)==null\|\|s.end({success:!0,fromCache:i.fromCache,isNativeBroker:i.fromNativeBroker}),i}).catch(i=>{var s;throw(s=this.acquireTokenByCodeAsyncMeasurement)==null\|\|s.end({success:!1},i),i}).finally(()=>{document.removeEventListener("visibilitychange",this.trackPageVisibilityWithMeasurement)})}async acquireTokenFromCache(e,t){switch(this.performanceClient.addQueueMeasurement(f.AcquireTokenFromCache,e.correlationId),t){case ye.Default:case ye.AccessToken:case ye.AccessTokenAndRefreshToken:const r=this.createSilentCacheClient(e.correlationId);return T(r.acquireToken.bind(r),f.SilentCacheClientAcquireToken,this.logger,this.performanceClient,e.correlationId)(e);default:throw v(Vt)}}async acquireTokenByRefreshToken(e,t){switch(this.performanceClient.addQueueMeasurement(f.AcquireTokenByRefreshToken,e.correlationId),t){case ye.Default:case ye.AccessTokenAndRefreshToken:case ye.RefreshToken:case ye.RefreshTokenAndNetwork:const r=this.createSilentRefreshClient(e.correlationId);return T(r.acquireToken.bind(r),f.SilentRefreshClientAcquireToken,this.logger,this.performanceClient,e.correlationId)(e);default:throw v(Vt)}}async acquireTokenBySilentIframe(e){this.performanceClient.addQueueMeasurement(f.AcquireTokenBySilentIframe,e.correlationId);const t=this.createSilentIframeClient(e.correlationId);return T(t.acquireToken.bind(t),f.SilentIframeClientAcquireToken,this.logger,this.performanceClient,e.correlationId)(e)}async logout(e){const t=this.getRequestCorrelationId(e);return this.logger.warning("logout API is deprecated and will be removed in msal-browser v3.0.0. Use logoutRedirect instead.",t),this.logoutRedirect({correlationId:t,...e})}async logoutRedirect(e){const t=this.getRequestCorrelationId(e);return Xa(this.initialized,this.config),this.browserStorage.setInteractionInProgress(!0),this.createRedirectClient(t).logout(e)}logoutPopup(e){try{const t=this.getRequestCorrelationId(e);return zs(this.initialized),this.browserStorage.setInteractionInProgress(!0),this.createPopupClient(t).logout(e).finally(()=>{this.browserStorage.setInteractionInProgress(!1)})}catch(t){return Promise.reject(t)}}async clearCache(e){if(!this.isBrowserEnvironment){this.logger.info("in non-browser environment, returning early.");return}const t=this.getRequestCorrelationId(e);return this.createSilentCacheClient(t).logout(e)}getAllAccounts(e){return yh(this.logger,this.browserStorage,this.isBrowserEnvironment,e)}getAccount(e){return Ni(e,this.logger,this.browserStorage)}getAccountByUsername(e){return Th(e,this.logger,this.browserStorage)}getAccountByHomeId(e){return Ah(e,this.logger,this.browserStorage)}getAccountByLocalId(e){return vh(e,this.logger,this.browserStorage)}setActiveAccount(e){wh(e,this.browserStorage)}getActiveAccount(){return Ih(this.browserStorage)}async hydrateCache(e,t){this.logger.verbose("hydrateCache called");const r=Oe.createFromAccountInfo(e.account,e.cloudGraphHostName,e.msGraphHost);return await this.browserStorage.setAccount(r,e.correlationId),e.fromNativeBroker?(this.logger.verbose("Response was from native broker, storing in-memory"),this.nativeInternalStorage.hydrateCache(e,t)):this.browserStorage.hydrateCache(e,t)}async acquireTokenNative(e,t,r,o){if(this.logger.trace("acquireTokenNative called"),!this.nativeExtensionProvider)throw P(xs);return new Kr(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,t,this.performanceClient,this.nativeExtensionProvider,r\|\|this.getNativeAccountId(e),this.nativeInternalStorage,e.correlationId).acquireToken(e,o)}canUsePlatformBroker(e,t){if(this.logger.trace("canUsePlatformBroker called"),!At.isPlatformBrokerAvailable(this.config,this.logger,this.nativeExtensionProvider,e.authenticationScheme))return this.logger.trace("canUsePlatformBroker: isPlatformBrokerAvailable returned false, returning false"),!1;if(e.prompt)switch(e.prompt){case ve.NONE:case ve.CONSENT:case ve.LOGIN:this.logger.trace("canUsePlatformBroker: prompt is compatible with platform broker flow");break;default:return this.logger.trace(`canUsePlatformBroker: prompt = ${e.prompt} is not compatible with platform broker flow, returning false`),!1}return!t&&!this.getNativeAccountId(e)?(this.logger.trace("canUsePlatformBroker: nativeAccountId is not available, returning false"),!1):!0}getNativeAccountId(e){const t=e.account\|\|this.getAccount({loginHint:e.loginHint,sid:e.sid})\|\|this.getActiveAccount();return t&&t.nativeAccountId\|\|""}createPopupClient(e){return new vC(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.performanceClient,this.nativeInternalStorage,this.nativeExtensionProvider,e)}createRedirectClient(e){return new IC(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.performanceClient,this.nativeInternalStorage,this.nativeExtensionProvider,e)}createSilentIframeClient(e){return new RC(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,se.ssoSilent,this.performanceClient,this.nativeInternalStorage,this.nativeExtensionProvider,e)}createSilentCacheClient(e){return new kh(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.performanceClient,this.nativeExtensionProvider,e)}createSilentRefreshClient(e){return new OC(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.performanceClient,this.nativeExtensionProvider,e)}createSilentAuthCodeClient(e){return new MC(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,se.acquireTokenByCode,this.performanceClient,this.nativeExtensionProvider,e)}addEventCallback(e,t){return this.eventHandler.addEventCallback(e,t)}removeEventCallback(e){this.eventHandler.removeEventCallback(e)}addPerformanceCallback(e){return fh(),this.performanceClient.addPerformanceCallback(e)}removePerformanceCallback(e){return this.performanceClient.removePerformanceCallback(e)}enableAccountStorageEvents(){if(this.config.cache.cacheLocation!==we.LocalStorage){this.logger.info("Account storage events are only available when cacheLocation is set to localStorage");return}this.eventHandler.subscribeCrossTab()}disableAccountStorageEvents(){if(this.config.cache.cacheLocation!==we.LocalStorage){this.logger.info("Account storage events are only available when cacheLocation is set to localStorage");return}this.eventHandler.unsubscribeCrossTab()}getTokenCache(){return this.tokenCache}getLogger(){return this.logger}setLogger(e){this.logger=e}initializeWrapperLibrary(e,t){this.browserStorage.setWrapperMetadata(e,t)}setNavigationClient(e){this.navigationClient=e}getConfiguration(){return this.config}getPerformanceClient(){return this.performanceClient}isBrowserEnv(){return this.isBrowserEnvironment}getRequestCorrelationId(e){return e!=null&&e.correlationId?e.correlationId:this.isBrowserEnvironment?We():C.EMPTY_STRING}async loginRedirect(e){const t=this.getRequestCorrelationId(e);return this.logger.verbose("loginRedirect called",t),this.acquireTokenRedirect({correlationId:t,...e\|\|Si})}loginPopup(e){const t=this.getRequestCorrelationId(e);return this.logger.verbose("loginPopup called",t),this.acquireTokenPopup({correlationId:t,...e\|\|Si})}async acquireTokenSilent(e){const t=this.getRequestCorrelationId(e),r=this.performanceClient.startMeasurement(f.AcquireTokenSilent,t);r.add({cacheLookupPolicy:e.cacheLookupPolicy,scenarioId:e.scenarioId}),xr(this.initialized,r),this.logger.verbose("acquireTokenSilent called",t);const o=e.account\|\|this.getActiveAccount();if(!o)throw P(Bd);return r.add({accountType:gt(o)}),this.acquireTokenSilentDeduped(e,o,t).then(i=>(r.end({success:!0,fromCache:i.fromCache,isNativeBroker:i.fromNativeBroker,accessTokenSize:i.accessToken.length,idTokenSize:i.idToken.length}),{...i,state:e.state,correlationId:t})).catch(i=>{throw i instanceof Z&&i.setCorrelationId(t),r.end({success:!1},i),i})}async acquireTokenSilentDeduped(e,t,r){const o=Ro(this.config.auth.clientId,{...e,authority:e.authority\|\|this.config.auth.authority},t.homeAccountId),i=JSON.stringify(o),s=this.activeSilentTokenRequests.get(i);if(typeof s>"u"){this.logger.verbose("acquireTokenSilent called for the first time, storing active request",r),this.performanceClient.addFields({deduped:!1},r);const a=T(this.acquireTokenSilentAsync.bind(this),f.AcquireTokenSilentAsync,this.logger,this.performanceClient,r)({...e,correlationId:r},t);return this.activeSilentTokenRequests.set(i,a),a.finally(()=>{this.activeSilentTokenRequests.delete(i)})}else return this.logger.verbose("acquireTokenSilent has been called previously, returning the result from the first call",r),this.performanceClient.addFields({deduped:!0},r),s}async acquireTokenSilentAsync(e,t){const r=()=>this.trackPageVisibility(e.correlationId);this.performanceClient.addQueueMeasurement(f.AcquireTokenSilentAsync,e.correlationId),this.eventHandler.emitEvent(N.ACQUIRE_TOKEN_START,M.Silent,e),e.correlationId&&this.performanceClient.incrementFields({visibilityChangeCount:0},e.correlationId),document.addEventListener("visibilitychange",r);const o=await T(iC,f.InitializeSilentRequest,this.logger,this.performanceClient,e.correlationId)(e,t,this.config,this.performanceClient,this.logger),i=e.cacheLookupPolicy\|\|ye.Default;return this.acquireTokenSilentNoIframe(o,i).catch(async a=>{if(xC(a,i))if(this.activeIframeRequest)if(i!==ye.Skip){const[d,l]=this.activeIframeRequest;this.logger.verbose(`Iframe request is already in progress, awaiting resolution for request with correlationId: ${l}`,o.correlationId);const h=this.performanceClient.startMeasurement(f.AwaitConcurrentIframe,o.correlationId);h.add({awaitIframeCorrelationId:l});const p=await d;if(h.end({success:p}),p)return this.logger.verbose(`Parallel iframe request with correlationId: ${l} succeeded. Retrying cache and/or RT redemption`,o.correlationId),this.acquireTokenSilentNoIframe(o,i);throw this.logger.info(`Iframe request with correlationId: ${l} failed. Interaction is required.`),a}else return this.logger.warning("Another iframe request is currently in progress and CacheLookupPolicy is set to Skip. This may result in degraded performance and/or reliability for both calls. Please consider changing the CacheLookupPolicy to take advantage of request queuing and token cache.",o.correlationId),T(this.acquireTokenBySilentIframe.bind(this),f.AcquireTokenBySilentIframe,this.logger,this.performanceClient,o.correlationId)(o);else{let d;return this.activeIframeRequest=[new Promise(l=>{d=l}),o.correlationId],this.logger.verbose("Refresh token expired/invalid or CacheLookupPolicy is set to Skip, attempting acquire token by iframe.",o.correlationId),T(this.acquireTokenBySilentIframe.bind(this),f.AcquireTokenBySilentIframe,this.logger,this.performanceClient,o.correlationId)(o).then(l=>(d(!0),l)).catch(l=>{throw d(!1),l}).finally(()=>{this.activeIframeRequest=void 0})}else throw a}).then(a=>(this.eventHandler.emitEvent(N.ACQUIRE_TOKEN_SUCCESS,M.Silent,a),e.correlationId&&this.performanceClient.addFields({fromCache:a.fromCache,isNativeBroker:a.fromNativeBroker},e.correlationId),a)).catch(a=>{throw this.eventHandler.emitEvent(N.ACQUIRE_TOKEN_FAILURE,M.Silent,null,a),a}).finally(()=>{document.removeEventListener("visibilitychange",r)})}async acquireTokenSilentNoIframe(e,t){return At.isPlatformBrokerAvailable(this.config,this.logger,this.nativeExtensionProvider,e.authenticationScheme)&&e.account.nativeAccountId?(this.logger.verbose("acquireTokenSilent - attempting to acquire token from native platform"),this.acquireTokenNative(e,se.acquireTokenSilent_silentFlow,e.account.nativeAccountId,t).catch(async r=>{throw r instanceof yt&&Sn(r)?(this.logger.verbose("acquireTokenSilent - native platform unavailable, falling back to web flow"),this.nativeExtensionProvider=void 0,v(Vt)):r})):(this.logger.verbose("acquireTokenSilent - attempting to acquire token from web flow"),t===ye.AccessToken&&this.logger.verbose("acquireTokenSilent - cache lookup policy set to AccessToken, attempting to acquire token from local cache"),T(this.acquireTokenFromCache.bind(this),f.AcquireTokenFromCache,this.logger,this.performanceClient,e.correlationId)(e,t).catch(r=>{if(t===ye.AccessToken)throw r;return this.eventHandler.emitEvent(N.ACQUIRE_TOKEN_NETWORK_START,M.Silent,e),T(this.acquireTokenByRefreshToken.bind(this),f.AcquireTokenByRefreshToken,this.logger,this.performanceClient,e.correlationId)(e,t)}))}async preGeneratePkceCodes(e){return this.logger.verbose("Generating new PKCE codes"),this.pkceCode=await T(Uo,f.GeneratePkceCodes,this.logger,this.performanceClient,e)(this.performanceClient,this.logger,e),Promise.resolve()}getPreGeneratedPkceCodes(e){this.logger.verbose("Attempting to pick up pre-generated PKCE codes");const t=this.pkceCode?{...this.pkceCode}:void 0;return this.pkceCode=void 0,this.logger.verbose(`${t?"Found":"Did not find"} pre-generated PKCE codes`),this.performanceClient.addFields({usePreGeneratedPkce:!!t},e),t}}function xC(n,e){const t=!(n instanceof nt&&n.subError!==Po),r=n.errorCode===He.INVALID_GRANT_ERROR\|\|n.errorCode===Vt,o=t&&r\|\|n.errorCode===ro\|\|n.errorCode===_s,i=ym.includes(e);return o&&i}/! @azure/msal-browser v4.9.0 2025-03-25 /function HC(n){return n.status!==void 0}/! @azure/msal-browser v4.9.0 2025-03-25 /class LC{constructor(e,t,r,o){this.clientId=e,this.clientCapabilities=t,this.crypto=r,this.logger=o}toNaaTokenRequest(e){var a;let t;e.extraQueryParameters===void 0?t=new Map:t=new Map(Object.entries(e.extraQueryParameters));const r=e.correlationId\|\|this.crypto.createNewGuid(),o=fd(e.claims,this.clientCapabilities),i=e.scopes\|\|yn;return{platformBrokerId:(a=e.account)==null?void 0:a.homeAccountId,clientId:this.clientId,authority:e.authority,scope:i.join(" "),correlationId:r,claims:at.isEmptyObj(o)?void 0:o,state:e.state,authenticationScheme:e.authenticationScheme\|\|X.BEARER,extraParameters:t}}fromNaaTokenResponse(e,t,r){if(!t.token.id_token\|\|!t.token.access_token)throw v(Wr);const o=xt(r+(t.token.expires_in\|\|0)),i=Yt(t.token.id_token,this.crypto.base64Decode),s=this.fromNaaAccountInfo(t.account,t.token.id_token,i),a=t.token.scope\|\|e.scope;return{authority:t.token.authority\|\|s.environment,uniqueId:s.localAccountId,tenantId:s.tenantId,scopes:a.split(" "),account:s,idToken:t.token.id_token,idTokenClaims:i,accessToken:t.token.access_token,fromCache:!1,expiresOn:o,tokenType:e.authenticationScheme\|\|X.BEARER,correlationId:e.correlationId,extExpiresOn:o,state:e.state}}fromNaaAccountInfo(e,t,r){const o=r\|\|e.idTokenClaims,i=e.localAccountId\|\|(o==null?void 0:o.oid)\|\|(o==null?void 0:o.sub)\|\|"",s=e.tenantId\|\|(o==null?void 0:o.tid)\|\|"",a=e.homeAccountId\|\|`${i}.${s}`,c=e.username\|\|(o==null?void 0:o.preferred_username)\|\|"",d=e.name\|\|(o==null?void 0:o.name),l=new Map,h=_o(a,i,s,o);return l.set(s,h),{homeAccountId:a,environment:e.environment,tenantId:s,username:c,localAccountId:i,name:d,idToken:t,idTokenClaims:o,tenantProfiles:l}}fromBridgeError(e){if(HC(e))switch(e.status){case kt.UserCancel:return new Gt(Pl);case kt.NoNetwork:return new Gt(Ol);case kt.AccountUnavailable:return new Gt(Yr);case kt.Disabled:return new Gt(Ai);case kt.NestedAppAuthUnavailable:return new Gt(e.code\|\|Ai,e.description);case kt.TransientError:case kt.PersistentError:return new en(e.code,e.description);case kt.UserInteractionRequired:return new nt(e.code,e.description);default:return new Z(e.code,e.description)}else return new Z("unknown_error","An unknown error occurred")}toAuthenticationResultFromCache(e,t,r,o,i){if(!t\|\|!r)throw v(Wr);const s=Yt(t.secret,this.crypto.base64Decode),a=r.target\|\|o.scopes.join(" ");return{authority:r.environment\|\|e.environment,uniqueId:e.localAccountId,tenantId:e.tenantId,scopes:a.split(" "),account:e,idToken:t.secret,idTokenClaims:s\|\|{},accessToken:r.secret,fromCache:!0,expiresOn:xt(r.expiresOn),extExpiresOn:xt(r.extendedExpiresOn),tokenType:o.authenticationScheme\|\|X.BEARER,correlationId:i,state:o.state}}}/! @azure/msal-browser v4.9.0 2025-03-25 /const ic={unsupportedMethod:{code:"unsupported_method",desc:"This method is not supported in nested app environment."}};class Ce extends Z{constructor(e,t){super(e,t),Object.setPrototypeOf(this,Ce.prototype),this.name="NestedAppAuthError"}static createUnsupportedError(){return new Ce(ic.unsupportedMethod.code,ic.unsupportedMethod.desc)}}/! @azure/msal-browser v4.9.0 2025-03-25 /class Js{constructor(e){this.operatingContext=e;const t=this.operatingContext.getBridgeProxy();if(t!==void 0)this.bridgeProxy=t;else throw new Error("unexpected: bridgeProxy is undefined");this.config=e.getConfig(),this.logger=this.operatingContext.getLogger(),this.performanceClient=this.config.telemetry.client,this.browserCrypto=e.isBrowserEnvironment()?new It(this.logger,this.performanceClient,!0):ur,this.eventHandler=new Eh(this.logger),this.browserStorage=this.operatingContext.isBrowserEnvironment()?new ao(this.config.auth.clientId,this.config.cache,this.browserCrypto,this.logger,this.performanceClient,this.eventHandler,yd(this.config.auth)):Ch(this.config.auth.clientId,this.logger,this.performanceClient,this.eventHandler),this.nestedAppAuthAdapter=new LC(this.config.auth.clientId,this.config.auth.clientCapabilities,this.browserCrypto,this.logger);const r=this.bridgeProxy.getAccountContext();this.currentAccountContext=r\|\|null}static async createController(e){const t=new Js(e);return Promise.resolve(t)}async initialize(e){const t=(e==null?void 0:e.correlationId)\|\|We();return await this.browserStorage.initialize(t),Promise.resolve()}ensureValidRequest(e){return e!=null&&e.correlationId?e:{...e,correlationId:this.browserCrypto.createNewGuid()}}async acquireTokenInteractive(e){const t=this.ensureValidRequest(e);this.eventHandler.emitEvent(N.ACQUIRE_TOKEN_START,M.Popup,t);const r=this.performanceClient.startMeasurement(f.AcquireTokenPopup,t.correlationId);r==null\|\|r.add({nestedAppAuthRequest:!0});try{const o=this.nestedAppAuthAdapter.toNaaTokenRequest(t),i=Fe(),s=await this.bridgeProxy.getTokenInteractive(o),a={...this.nestedAppAuthAdapter.fromNaaTokenResponse(o,s,i)};return await this.hydrateCache(a,e),this.currentAccountContext={homeAccountId:a.account.homeAccountId,environment:a.account.environment,tenantId:a.account.tenantId},this.eventHandler.emitEvent(N.ACQUIRE_TOKEN_SUCCESS,M.Popup,a),r.add({accessTokenSize:a.accessToken.length,idTokenSize:a.idToken.length}),r.end({success:!0,requestId:a.requestId}),a}catch(o){const i=o instanceof Z?o:this.nestedAppAuthAdapter.fromBridgeError(o);throw this.eventHandler.emitEvent(N.ACQUIRE_TOKEN_FAILURE,M.Popup,null,o),r.end({success:!1},o),i}}async acquireTokenSilentInternal(e){const t=this.ensureValidRequest(e);this.eventHandler.emitEvent(N.ACQUIRE_TOKEN_START,M.Silent,t);const r=await this.acquireTokenFromCache(t);if(r)return this.eventHandler.emitEvent(N.ACQUIRE_TOKEN_SUCCESS,M.Silent,r),r;const o=this.performanceClient.startMeasurement(f.SsoSilent,t.correlationId);o==null\|\|o.increment({visibilityChangeCount:0}),o==null\|\|o.add({nestedAppAuthRequest:!0});try{const i=this.nestedAppAuthAdapter.toNaaTokenRequest(t),s=Fe(),a=await this.bridgeProxy.getTokenSilent(i),c=this.nestedAppAuthAdapter.fromNaaTokenResponse(i,a,s);return await this.hydrateCache(c,e),this.currentAccountContext={homeAccountId:c.account.homeAccountId,environment:c.account.environment,tenantId:c.account.tenantId},this.eventHandler.emitEvent(N.ACQUIRE_TOKEN_SUCCESS,M.Silent,c),o==null\|\|o.add({accessTokenSize:c.accessToken.length,idTokenSize:c.idToken.length}),o==null\|\|o.end({success:!0,requestId:c.requestId}),c}catch(i){const s=i instanceof Z?i:this.nestedAppAuthAdapter.fromBridgeError(i);throw this.eventHandler.emitEvent(N.ACQUIRE_TOKEN_FAILURE,M.Silent,null,i),o==null\|\|o.end({success:!1},i),s}}async acquireTokenFromCache(e){const t=this.performanceClient.startMeasurement(f.AcquireTokenSilent,e.correlationId);if(t==null\|\|t.add({nestedAppAuthRequest:!0}),e.claims)return this.logger.verbose("Claims are present in the request, skipping cache lookup"),null;if(e.forceRefresh)return this.logger.verbose("forceRefresh is set to true, skipping cache lookup"),null;let r=null;switch(e.cacheLookupPolicy\|\|(e.cacheLookupPolicy=ye.Default),e.cacheLookupPolicy){case ye.Default:case ye.AccessToken:case ye.AccessTokenAndRefreshToken:r=await this.acquireTokenFromCacheInternal(e);break;default:return null}return r?(this.eventHandler.emitEvent(N.ACQUIRE_TOKEN_SUCCESS,M.Silent,r),t==null\|\|t.add({accessTokenSize:r==null?void 0:r.accessToken.length,idTokenSize:r==null?void 0:r.idToken.length}),t==null\|\|t.end({success:!0}),r):(this.logger.error("Cached tokens are not found for the account, proceeding with silent token request."),this.eventHandler.emitEvent(N.ACQUIRE_TOKEN_FAILURE,M.Silent,null),t==null\|\|t.end({success:!1}),null)}async acquireTokenFromCacheInternal(e){var c;const t=this.bridgeProxy.getAccountContext()\|\|this.currentAccountContext;let r=null;if(t&&(r=Ni(t,this.logger,this.browserStorage)),!r)return this.logger.verbose("No active account found, falling back to the host"),Promise.resolve(null);this.logger.verbose("active account found, attempting to acquire token silently");const o={...e,correlationId:e.correlationId\|\|this.browserCrypto.createNewGuid(),authority:e.authority\|\|r.environment,scopes:(c=e.scopes)!=null&&c.length?e.scopes:[...yn]},i=this.browserStorage.getTokenKeys(),s=this.browserStorage.getAccessToken(r,o,i,r.tenantId,this.performanceClient,o.correlationId);if(s){if(xl(s.cachedAt)\|\|Qr(s.expiresOn,this.config.system.tokenRenewalOffsetSeconds))return this.logger.verbose("Cached access token has expired"),Promise.resolve(null)}else return this.logger.verbose("No cached access token found"),Promise.resolve(null);const a=this.browserStorage.getIdToken(r,i,r.tenantId,this.performanceClient,o.correlationId);return a?this.nestedAppAuthAdapter.toAuthenticationResultFromCache(r,a,s,o,o.correlationId):(this.logger.verbose("No cached id token found"),Promise.resolve(null))}async acquireTokenPopup(e){return this.acquireTokenInteractive(e)}acquireTokenRedirect(e){throw Ce.createUnsupportedError()}async acquireTokenSilent(e){return this.acquireTokenSilentInternal(e)}acquireTokenByCode(e){throw Ce.createUnsupportedError()}acquireTokenNative(e,t,r){throw Ce.createUnsupportedError()}acquireTokenByRefreshToken(e,t){throw Ce.createUnsupportedError()}addEventCallback(e,t){return this.eventHandler.addEventCallback(e,t)}removeEventCallback(e){this.eventHandler.removeEventCallback(e)}addPerformanceCallback(e){throw Ce.createUnsupportedError()}removePerformanceCallback(e){throw Ce.createUnsupportedError()}enableAccountStorageEvents(){throw Ce.createUnsupportedError()}disableAccountStorageEvents(){throw Ce.createUnsupportedError()}getAllAccounts(e){return yh(this.logger,this.browserStorage,this.isBrowserEnv(),e)}getAccount(e){return Ni(e,this.logger,this.browserStorage)}getAccountByUsername(e){return Th(e,this.logger,this.browserStorage)}getAccountByHomeId(e){return Ah(e,this.logger,this.browserStorage)}getAccountByLocalId(e){return vh(e,this.logger,this.browserStorage)}setActiveAccount(e){return wh(e,this.browserStorage)}getActiveAccount(){return Ih(this.browserStorage)}handleRedirectPromise(e){return Promise.resolve(null)}loginPopup(e){return this.acquireTokenInteractive(e\|\|Si)}loginRedirect(e){throw Ce.createUnsupportedError()}logout(e){throw Ce.createUnsupportedError()}logoutRedirect(e){throw Ce.createUnsupportedError()}logoutPopup(e){throw Ce.createUnsupportedError()}ssoSilent(e){return this.acquireTokenSilentInternal(e)}getTokenCache(){throw Ce.createUnsupportedError()}getLogger(){return this.logger}setLogger(e){this.logger=e}initializeWrapperLibrary(e,t){}setNavigationClient(e){this.logger.warning("setNavigationClient is not supported in nested app auth")}getConfiguration(){return this.config}isBrowserEnv(){return this.operatingContext.isBrowserEnvironment()}getBrowserCrypto(){return this.browserCrypto}getPerformanceClient(){throw Ce.createUnsupportedError()}getRedirectResponse(){throw Ce.createUnsupportedError()}async clearCache(e){throw Ce.createUnsupportedError()}async hydrateCache(e,t){this.logger.verbose("hydrateCache called");const r=Oe.createFromAccountInfo(e.account,e.cloudGraphHostName,e.msGraphHost);return await this.browserStorage.setAccount(r,e.correlationId),this.browserStorage.hydrateCache(e,t)}}/! @azure/msal-browser v4.9.0 2025-03-25 /async function UC(n,e){const t=new mn(n);return await t.initialize(),Do.createController(t,e)}/! @azure/msal-browser v4.9.0 2025-03-25 /class Fo{static async createPublicClientApplication(e){const t=await UC(e);return new Fo(e,t)}constructor(e,t){this.controller=t\|\|new Do(new mn(e))}async initialize(e){return this.controller.initialize(e)}async acquireTokenPopup(e){return this.controller.acquireTokenPopup(e)}acquireTokenRedirect(e){return this.controller.acquireTokenRedirect(e)}acquireTokenSilent(e){return this.controller.acquireTokenSilent(e)}acquireTokenByCode(e){return this.controller.acquireTokenByCode(e)}addEventCallback(e,t){return this.controller.addEventCallback(e,t)}removeEventCallback(e){return this.controller.removeEventCallback(e)}addPerformanceCallback(e){return this.controller.addPerformanceCallback(e)}removePerformanceCallback(e){return this.controller.removePerformanceCallback(e)}enableAccountStorageEvents(){this.controller.enableAccountStorageEvents()}disableAccountStorageEvents(){this.controller.disableAccountStorageEvents()}getAccount(e){return this.controller.getAccount(e)}getAccountByHomeId(e){return this.controller.getAccountByHomeId(e)}getAccountByLocalId(e){return this.controller.getAccountByLocalId(e)}getAccountByUsername(e){return this.controller.getAccountByUsername(e)}getAllAccounts(e){return this.controller.getAllAccounts(e)}handleRedirectPromise(e){return this.controller.handleRedirectPromise(e)}loginPopup(e){return this.controller.loginPopup(e)}loginRedirect(e){return this.controller.loginRedirect(e)}logout(e){return this.controller.logout(e)}logoutRedirect(e){return this.controller.logoutRedirect(e)}logoutPopup(e){return this.controller.logoutPopup(e)}ssoSilent(e){return this.controller.ssoSilent(e)}getTokenCache(){return this.controller.getTokenCache()}getLogger(){return this.controller.getLogger()}setLogger(e){this.controller.setLogger(e)}setActiveAccount(e){this.controller.setActiveAccount(e)}getActiveAccount(){return this.controller.getActiveAccount()}initializeWrapperLibrary(e,t){return this.controller.initializeWrapperLibrary(e,t)}setNavigationClient(e){this.controller.setNavigationClient(e)}getConfiguration(){return this.controller.getConfiguration()}async hydrateCache(e,t){return this.controller.hydrateCache(e,t)}clearCache(e){return this.controller.clearCache(e)}}async function DC(n){const e=new Fn(n);if(await e.initialize(),e.isAvailable()){const t=new Js(e),r=new Fo(n,t);return await r.initialize(),r}return FC(n)}async function FC(n){const e=new Fo(n);return await e.initialize(),e}const KC={class:"d-flex gap",id:"app"},BC={key:0,class:"alert alert-error rounded-md p-2 d-flex flex-row gap"},GC={width:"24",height:"24",fill:"none",viewBox:"0 0 24 24",xmlns:"http://www.w3.org/2000/svg",class:"h-32 w-32",style:{color:"rgb(33, 33, 33)"}},$C={key:1,class:"alert alert-warning rounded-md p-2 d-flex flex-row gap"},zC={width:"24",height:"24",fill:"none",viewBox:"0 0 24 24",xmlns:"http://www.w3.org/2000/svg",class:"h-32 w-32",style:{color:"rgb(33, 33, 33)"}},qC={class:"alert alert-warning rounded-md p-2 d-flex flex-column gap"},VC={width:"24",height:"24",fill:"none",viewBox:"0 0 24 24",xmlns:"http://www.w3.org/2000/svg",class:"h-32 w-32",style:{color:"rgb(33, 33, 33)"}},jC={class:"d-flex flex-row gap"},WC=["onClick"],YC=["onClick"],QC={class:"mt-3"},JC=["disabled"],XC={key:1},ZC=["disabled"],ey=["disabled"],ty=["disabled"],ny=["disabled"],ry={key:3,class:"draft-container"},oy={key:0,id:"drafts",class:"my-0 list-unstyled gap d-flex"},iy=["onClick"],sy=["onClick"],ay={class:"sr-only"},cy={key:1},ly={__name:"App",setup(n){const e=Dt(""),t=Dt(""),r=Dt(!1),o=Dt(!1),i=Dt([]),s=Dt([]),a=Dt({encrypted:!1,signed:!1,drafts:[],fetched:!1,fetching:!1,folderId:"",features:[]}),c=Dt(null);let d,l=null;const h=Ur(()=>a.value.fetched),p=Ur(()=>h.value?a.value.encrypted?a.value.signed?Xe("This mail is encrypted and signed."):Xe("This mail is encrypted."):a.value.signed?Xe("This mail is signed"):Xe("This mail is not encrypted nor signed."):i.value.length>0?Ze("Loading placeholder","Waiting for authorization"):e.value.length>0?e.value:Ze("Loading placeholder","Loading…")),y=Ur(()=>h.value?a.value.encrypted?Ze("@action:button","Decrypt"):Ze("@action:button","View email"):"");function b(W,x){console.log(W,x),c.value&&c.value.send(JSON.stringify({command:"log",arguments:{message:W,args:JSON.stringify(x)}}))}function S(W){c.value.send(JSON.stringify({command:W,arguments:{email:Office.context.mailbox.userProfile.emailAddress,displayName:Office.context.mailbox.userProfile.displayName,folderId:a.value.folderId,itemId:Office.context.mailbox.convertToEwsId(Office.context.mailbox.item.itemId,Office.MailboxEnums.RestVersion.v2_0),ewsAccessToken:l,verifiedNativeClients:s.value}}))}function q(){S("reencrypt")}function D(){S("view")}function V(){S("reply")}function J(){S("forward")}function H(){S("composer")}function ae(W){c.value.send(JSON.stringify({command:"open-draft",arguments:{id:W,email:Office.context.mailbox.userProfile.emailAddress,displayName:Office.context.mailbox.userProfile.displayName,ewsAccessToken:l,verifiedNativeClients:s.value}}))}function Be(W){c.value.send(JSON.stringify({command:"delete-draft",arguments:{id:W,email:Office.context.mailbox.userProfile.emailAddress,displayName:Office.context.mailbox.userProfile.displayName,ewsAccessToken:l,verifiedNativeClients:s.value}}))}function me(){a.value.fetching\|\|s.value.length===0\|\|(a.value.fetched=!1,a.value.fetching=!0,c.value.send(JSON.stringify({command:"info",arguments:{itemId:Office.context.mailbox.convertToEwsId(Office.context.mailbox.item.itemId,Office.MailboxEnums.RestVersion.v2_0),email:Office.context.mailbox.userProfile.emailAddress,ewsAccessToken:l,verifiedNativeClients:s.value}})))}function Ye(W){i.value.splice(i.value.findIndex(x=>x.id===W),1),s.value.push(W),localStorage.setItem("verifiedNativeClients",s.value.join(";")),me()}function Ut(W){i.value.splice(i.value.findIndex(x=>x.id===W),1)}function Qe(W){const x=new Date(W*1e3);let G=new Date;return new Date(x).setHours(0,0,0,0)===G.setHours(0,0,0,0)?x.toLocaleTimeString([],{hour:"numeric",minute:"numeric"}):x.toLocaleDateString()}async function tn(W){Office.context.mailbox.makeEwsRequestAsync(W.arguments.body,x=>{if(x.error){b("Error while trying to send email via EWS",{error:x.error,value:x.value});return}b("Email sent",{value:x.value}),c.value.send(JSON.stringify({command:"ews-response",arguments:{requestId:W.arguments.requestId,email:Office.context.mailbox.userProfile.emailAddress,body:x.value}}))})}function nn(){console.log("Set socket",c.value),!(c.value&&c.value.readyState===WebSocket.OPEN)&&(console.log("Set socket"),c.value=new WebSocket("wss://"+window.location.host+"/websocket"),c.value.addEventListener("open",W=>{e.value="",c.value.send(JSON.stringify({command:"register",arguments:{emails:[Office.context.mailbox.userProfile.emailAddress],type:"webclient"}})),c.value.send(JSON.stringify({command:"restore-autosave",arguments:{email:Office.context.mailbox.userProfile.emailAddress,displayName:Office.context.mailbox.userProfile.displayName,ewsAccessToken:l}})),me()}),c.value.addEventListener("close",W=>{e.value=Xe("Native client was disconnected, reconnecting in 1 second."),console.log(W.reason),setTimeout(function(){nn()},1e3)}),c.value.addEventListener("error",W=>{e.value=Xe("Native client received an error"),c.value.close()}),c.value.addEventListener("message",function(W){const{data:x}=W,G=JSON.parse(x);switch(b("Received message from server",{command:G.command}),G.command){case"ews":tn(G);break;case"error":e.value=G.arguments.error;break;case"viewer-closed":case"viewer-opened":o.value=G.command==="viewer-opened";break;case"disconnection":e.value=Xe("Native client was disconnected");break;case"connection":if(e.value="",s.value.includes(G.arguments.id))me();else{if(i.value.findIndex(vr=>vr.id===G.arguments.id)>=0)break;i.value.push({id:G.arguments.id,name:G.arguments.name})}break;case"info-fetched":console.log(G.arguments);const{itemId:ee,folderId:ie,encrypted:Et,signed:An,drafts:_t,version:Je,features:Ar}=G.arguments;if(a.value.fetching=!1,a.value.drafts=_t,ee===Office.context.mailbox.convertToEwsId(Office.context.mailbox.item.itemId,Office.MailboxEnums.RestVersion.v2_0)){a.value.fetched=!0,a.value.encrypted=Et,a.value.signed=An,a.value.folderId=ie,a.value.features=Ar,o.value=G.arguments.viewerOpen,o.value&&D();let Ko=new URLSearchParams(document.location.search).get("version");Je!==Ko&&(t.value=Ze("@info","Version mismatch. Make sure you installed the last manifest.xml."))}else a.value.fetched=!1,b("Received info for wrong email",{itemId:ee,currentItemId:Office.context.mailbox.convertToEwsId(Office.context.mailbox.item.itemId,Office.MailboxEnums.RestVersion.v2_0)}),me()}}))}async function Tn(){d=await DC({auth:{clientId:"1d6f4a59-be04-4274-8793-71b4c081eb72",authority:"https://login.microsoftonline.com/common"}});{const W={scopes:["https://outlook.office365.com/EWS.AccessAsUser.All"]};try{console.log("Trying to acquire token silently...");const x=await d.acquireTokenSilent(W);console.log("Acquired token silently."),l=x.accessToken}catch(x){console.log(`Unable to acquire token silently: ${x}`)}if(l===null)try{console.log("Trying to acquire token interactively...");const x=await d.acquireTokenPopup(W);console.log("Acquired token interactively."),l=x.accessToken}catch(x){console.error(`Unable to acquire token interactively: ${x}`)}l===null&&(e.value=Xe("Unable to acquire access token."))}}return Fc(async()=>{var W;s.value=((W=localStorage.getItem("verifiedNativeClients"))==null?void 0:W.split(";"))??[],Office.context.requirements.isSetSupported("NestedAppAuth","1.1")&&await Tn(),nn(),Office.context.mailbox.addHandlerAsync(Office.EventType.ItemChanged,x=>{a.value.fetching=!1,a.value.fetched=!1,Office.context.mailbox.item?me():(content.value="",r.value=!1)})}),(W,x)=>(Te(),Ie("div",KC,[e.value.length>0?(Te(),Ie("div",BC,[(Te(),Ie("svg",GC,x[1]\|\|(x[1]=[j("path",{d:"M12 2c5.523 0 10 4.478 10 10s-4.477 10-10 10S2 17.522 2 12 6.477 2 12 2Zm0 1.667c-4.595 0-8.333 3.738-8.333 8.333 0 4.595 3.738 8.333 8.333 8.333 4.595 0 8.333-3.738 8.333-8.333 0-4.595-3.738-8.333-8.333-8.333Zm-.001 10.835a.999.999 0 1 1 0 1.998.999.999 0 0 1 0-1.998ZM11.994 7a.75.75 0 0 1 .744.648l.007.101.004 4.502a.75.75 0 0 1-1.493.103l-.007-.102-.004-4.501a.75.75 0 0 1 .75-.751Z",fill:"currentColor","fill-opacity":"1"},null,-1)]))),j("div",null,Ee(e.value),1)])):wn("",!0),t.value.length>0?(Te(),Ie("div",$C,[(Te(),Ie("svg",zC,x[2]\|\|(x[2]=[j("path",{d:"M10.91 2.782a2.25 2.25 0 0 1 2.975.74l.083.138 7.759 14.009a2.25 2.25 0 0 1-1.814 3.334l-.154.006H4.243a2.25 2.25 0 0 1-2.041-3.197l.072-.143L10.031 3.66a2.25 2.25 0 0 1 .878-.878Zm9.505 15.613-7.76-14.008a.75.75 0 0 0-1.254-.088l-.057.088-7.757 14.008a.75.75 0 0 0 .561 1.108l.095.006h15.516a.75.75 0 0 0 .696-1.028l-.04-.086-7.76-14.008 7.76 14.008ZM12 16.002a.999.999 0 1 1 0 1.997.999.999 0 0 1 0-1.997ZM11.995 8.5a.75.75 0 0 1 .744.647l.007.102.004 4.502a.75.75 0 0 1-1.494.103l-.006-.102-.004-4.502a.75.75 0 0 1 .75-.75Z",fill:"currentColor","fill-opacity":"1"},null,-1)]))),j("div",null,Ee(t.value),1)])):wn("",!0),(Te(!0),Ie(ot,null,ia(i.value,G=>(Te(),Ie("div",qC,[(Te(),Ie("svg",VC,x[3]\|\|(x[3]=[j("path",{d:"M10.91 2.782a2.25 2.25 0 0 1 2.975.74l.083.138 7.759 14.009a2.25 2.25 0 0 1-1.814 3.334l-.154.006H4.243a2.25 2.25 0 0 1-2.041-3.197l.072-.143L10.031 3.66a2.25 2.25 0 0 1 .878-.878Zm9.505 15.613-7.76-14.008a.75.75 0 0 0-1.254-.088l-.057.088-7.757 14.008a.75.75 0 0 0 .561 1.108l.095.006h15.516a.75.75 0 0 0 .696-1.028l-.04-.086-7.76-14.008 7.76 14.008ZM12 16.002a.999.999 0 1 1 0 1.997.999.999 0 0 1 0-1.997ZM11.995 8.5a.75.75 0 0 1 .744.647l.007.102.004 4.502a.75.75 0 0 1-1.494.103l-.006-.102-.004-4.502a.75.75 0 0 1 .75-.75Z",fill:"currentColor","fill-opacity":"1"},null,-1)]))),j("div",null,Ee(et(Xe)("Unknow device: %1. Do you trust this device?",G.name)),1),j("div",jC,[j("button",{class:"w-100 btn rounded-md fa mt-3",onClick:ee=>Ut(G.id)},Ee(et(Xe)("Don't Trust")),9,WC),j("button",{class:"w-100 btn rounded-md fa mt-3",onClick:ee=>Ye(G.id)},Ee(et(Xe)("Trust")),9,YC)])]))),256)),j("div",null,[j("div",QC,Ee(p.value),1),h.value?(Te(),Ie("button",{key:0,class:"w-100 btn rounded-md fa mt-3",onClick:D,disabled:o.value},[x[4]\|\|(x[4]=j("svg",{xmlns:"http://www.w3.org/2000/svg",width:"1.5em",height:"1.5em",viewBox:"0 0 20 20"},[j("path",{fill:"currentColor",d:"M18 5.95a2.5 2.5 0 1 0-1.002-4.9A2.5 2.5 0 0 0 18 5.95M4.5 3h9.535a3.5 3.5 0 0 0 0 1H4.5A1.5 1.5 0 0 0 3 5.5v.302l7 4.118l5.754-3.386c.375.217.795.365 1.241.43l-6.741 3.967a.5.5 0 0 1-.426.038l-.082-.038L3 6.963V13.5A1.5 1.5 0 0 0 4.5 15h11a1.5 1.5 0 0 0 1.5-1.5V6.965a3.5 3.5 0 0 0 1 0V13.5a2.5 2.5 0 0 1-2.5 2.5h-11A2.5 2.5 0 0 1 2 13.5v-8A2.5 2.5 0 0 1 4.5 3"})],-1)),an(" "+Ee(y.value),1)],8,JC)):wn("",!0),o.value?(Te(),Ie("div",XC,[j("small",null,Ee(et(Ze)("@info","Viewer already open.")),1)])):wn("",!0)]),x[12]\|\|(x[12]=j("hr",{class:"w-100 my-0"},null,-1)),j("button",{class:"w-100 btn rounded-md",onClick:x[0]\|\|(x[0]=G=>H()),disabled:!h.value},[x[5]\|\|(x[5]=j("svg",{xmlns:"http://www.w3.org/2000/svg",width:"1.5em",height:"1.5em",viewBox:"0 0 20 20"},[j("path",{fill:"currentColor",d:"M15.5 4A2.5 2.5 0 0 1 18 6.5v8a2.5 2.5 0 0 1-2.5 2.5h-11A2.5 2.5 0 0 1 2 14.5v-8A2.5 2.5 0 0 1 4.5 4zM17 7.961l-6.746 3.97a.5.5 0 0 1-.426.038l-.082-.038L3 7.963V14.5A1.5 1.5 0 0 0 4.5 16h11a1.5 1.5 0 0 0 1.5-1.5zM15.5 5h-11A1.5 1.5 0 0 0 3 6.5v.302l7 4.118l7-4.12v-.3A1.5 1.5 0 0 0 15.5 5"})],-1)),an(" "+Ee(et(Ze)("@action:button","New secure email")),1)],8,ZC),j("button",{class:"w-100 btn rounded-md",onClick:V,disabled:!h.value},[x[6]\|\|(x[6]=j("svg",{xmlns:"http://www.w3.org/2000/svg",width:"1.5em",height:"1.5em",viewBox:"0 0 20 20"},[j("path",{fill:"currentColor",d:"M7.354 3.646a.5.5 0 0 1 0 .708L3.707 8H10.5a7.5 7.5 0 0 1 7.5 7.5a.5.5 0 0 1-1 0A6.5 6.5 0 0 0 10.5 9H3.707l3.647 3.646a.5.5 0 0 1-.708.708l-4.5-4.5a.5.5 0 0 1 0-.708l4.5-4.5a.5.5 0 0 1 .708 0"})],-1)),an(" "+Ee(et(Ze)("@action:button","Reply securely")),1)],8,ey),j("button",{class:"w-100 btn rounded-md",onClick:J,disabled:!h.value},[x[7]\|\|(x[7]=j("svg",{xmlns:"http://www.w3.org/2000/svg",width:"1.5em",height:"1.5em",viewBox:"0 0 20 20"},[j("path",{fill:"currentColor",d:"m16.293 9l-3.39 3.39a.5.5 0 0 0 .639.765l.069-.058l4.243-4.243a.5.5 0 0 0 .057-.638l-.057-.07l-4.243-4.242a.5.5 0 0 0-.765.638l.058.07L16.293 8H10a7.5 7.5 0 0 0-7.496 7.258L2.5 15.5a.5.5 0 0 0 1 0a6.5 6.5 0 0 1 6.267-6.496L10 9z"})],-1)),an(" "+Ee(et(Ze)("@action:button","Forward securely")),1)],8,ty),a.value.features.includes("reencrypt")?(Te(),Ie("button",{key:2,class:"w-100 btn rounded-md d-none",onClick:q,disabled:!h.value},[x[8]\|\|(x[8]=j("svg",{xmlns:"http://www.w3.org/2000/svg",width:"1.5em",height:"1.5em",viewBox:"0 0 20 20"},[j("path",{fill:"currentColor",d:"m16.293 9l-3.39 3.39a.5.5 0 0 0 .639.765l.069-.058l4.243-4.243a.5.5 0 0 0 .057-.638l-.057-.07l-4.243-4.242a.5.5 0 0 0-.765.638l.058.07L16.293 8H10a7.5 7.5 0 0 0-7.496 7.258L2.5 15.5a.5.5 0 0 0 1 0a6.5 6.5 0 0 1 6.267-6.496L10 9z"})],-1)),an(" "+Ee(et(Ze)("@action:button","Reencrypt")),1)],8,ny)):wn("",!0),h.value?(Te(),Ie("div",ry,[x[11]\|\|(x[11]=j("h2",{class:"mb-0"},"Drafts",-1)),a.value.drafts.length>0?(Te(),Ie("ul",oy,[(Te(!0),Ie(ot,null,ia(a.value.drafts,G=>(Te(),Ie("li",{key:G.id,class:"d-flex flex-row"},[j("button",{class:"btn w-100 d-flex flex-row align-items-center rounded-e-md",onClick:ee=>ae(G.id)},[x[9]\|\|(x[9]=j("svg",{xmlns:"http://www.w3.org/2000/svg",width:"1.5em",height:"1.5em",viewBox:"0 0 20 20"},[j("path",{fill:"currentColor",d:"M15.5 3.001a2.5 2.5 0 0 1 2.5 2.5v3.633a2.9 2.9 0 0 0-1-.131V6.962l-6.746 3.97a.5.5 0 0 1-.426.038l-.082-.038L3 6.964v6.537a1.5 1.5 0 0 0 1.5 1.5h5.484c-.227.3-.4.639-.51 1H4.5a2.5 2.5 0 0 1-2.5-2.5v-8a2.5 2.5 0 0 1 2.5-2.5zm0 1h-11a1.5 1.5 0 0 0-1.5 1.5v.302l7 4.118l7-4.119v-.301a1.5 1.5 0 0 0-1.5-1.5m-4.52 11.376l4.83-4.83a1.87 1.87 0 1 1 2.644 2.646l-4.83 4.829a2.2 2.2 0 0 1-1.02.578l-1.498.374a.89.89 0 0 1-1.079-1.078l.375-1.498a2.2 2.2 0 0 1 .578-1.02"})],-1)),an(" "+Ee(et(Xe)("Last Modified: %1",Qe(G.last_modification))),1)],8,iy),j("button",{class:"btn btn-danger ms-auto py-1 rounded-e-md",onClick:ee=>Be(G.id)},[j("span",ay,Ee(et(Ze)("@action:button","Delete")),1),x[10]\|\|(x[10]=j("svg",{xmlns:"http://www.w3.org/2000/svg",width:"1em",height:"1em",viewBox:"0 0 24 24"},[j("path",{fill:"currentColor",d:"M10 5h4a2 2 0 1 0-4 0M8.5 5a3.5 3.5 0 1 1 7 0h5.75a.75.75 0 0 1 0 1.5h-1.32l-1.17 12.111A3.75 3.75 0 0 1 15.026 22H8.974a3.75 3.75 0 0 1-3.733-3.389L4.07 6.5H2.75a.75.75 0 0 1 0-1.5zm2 4.75a.75.75 0 0 0-1.5 0v7.5a.75.75 0 0 0 1.5 0zM14.25 9a.75.75 0 0 1 .75.75v7.5a.75.75 0 0 1-1.5 0v-7.5a.75.75 0 0 1 .75-.75m-7.516 9.467a2.25 2.25 0 0 0 2.24 2.033h6.052a2.25 2.25 0 0 0 2.24-2.033L18.424 6.5H5.576z"})],-1))],8,sy)]))),128))])):(Te(),Ie("p",cy,Ee(et(Ze)("Placeholder","No draft found")),1))])):wn("",!0)]))}},Ph=(0,eval)("this"),dy=Ph.Office;Ph.messages;dy.onReady(()=>{Qf(ly).mount("#app")});
	diff --git a/web/dist/index.html b/web/dist/index.html
	index 0e183ef..4b10b78 100644
	--- a/web/dist/index.html
	+++ b/web/dist/index.html
	@@ -1,12 +1,12 @@
	<!doctype html>
	<html>
	<head>
	<meta charset="utf-8" />
	<title>Encryption information</title>
	<script type="text/javascript" src="https://appsforoffice.microsoft.com/lib/beta/hosted/office.js"></script>
	- <script type="module" crossorigin src="/assets/index-Cg7oNTya.js"></script>
	+ <script type="module" crossorigin src="/assets/index-Drll8Pr4.js"></script>
	<link rel="stylesheet" crossorigin href="/assets/index-C8C8AKuF.css">
	</head>
	<body id="app">
	</body>
	</html>
	\ No newline at end of file
	diff --git a/web/src/App.vue b/web/src/App.vue
	index 76ae9bb..c04a012 100644
	--- a/web/src/App.vue
	+++ b/web/src/App.vue
	@@ -1,471 +1,474 @@
	<!--
	SPDX-FileCopyrightText: 2025 g10 code GmbH
	SPDX-Contributor: Carl Schwan <carl.schwan@gnupg.com>
	SPDX-License-Identifier: GPL-2.0-or-later
	-->

	<script setup>
	import {computed, onMounted, ref} from "vue"
	import {i18n, i18nc} from './services/i18n.js'
	import {createNestablePublicClientApplication} from "@azure/msal-browser";

	/* global Office */

	const error = ref('')
	const versionWarning = ref('')
	const hasSelection = ref(false)
	const viewerOpen = ref(false)
	const devicesToVerify = ref([])
	const verifiedNativeClients = ref([])
	const status = ref({
	encrypted: false,
	signed: false,
	drafts: [],
	fetched: false,
	fetching: false,
	folderId: '',
	+ features: [],
	})
	const socket = ref(null)
	let pca = undefined;
	let ewsAccessToken = null;

	const loaded = computed(() => {
	return status.value.fetched;
	})

	const statusText = computed(() => {
	if (!loaded.value) {
	if (devicesToVerify.value.length > 0) {
	return i18nc("Loading placeholder", "Waiting for authorization");
	}
	return error.value.length > 0 ? error.value : i18nc("Loading placeholder", "Loading…");
	}
	if (status.value.encrypted) {
	return status.value.signed ? i18n("This mail is encrypted and signed.") : i18n("This mail is encrypted.");
	}
	if (status.value.signed) {
	return i18n("This mail is signed")
	}
	return i18n("This mail is not encrypted nor signed.");
	})
	const decryptButtonText = computed(() => {
	if (!loaded.value) {
	return '';
	}
	if (status.value.encrypted) {
	return i18nc("@action:button", "Decrypt")
	}

	return i18nc("@action:button", "View email")
	})

	function gpgolLog(message, args) {
	console.log(message, args);
	if (socket.value) {
	socket.value.send(JSON.stringify({
	command: "log",
	arguments: {
	message,
	args: JSON.stringify(args),
	},
	}));
	}
	}

	function genericMailAction(command) {
	socket.value.send(JSON.stringify({
	command,
	arguments: {
	email: Office.context.mailbox.userProfile.emailAddress,
	displayName: Office.context.mailbox.userProfile.displayName,
	folderId: status.value.folderId,
	itemId: Office.context.mailbox.convertToEwsId(Office.context.mailbox.item.itemId, Office.MailboxEnums.RestVersion.v2_0),
	ewsAccessToken,
	verifiedNativeClients: verifiedNativeClients.value,
	}
	}));
	}

	function reencrypt() {
	genericMailAction('reencrypt');
	}

	function view() {
	genericMailAction('view');
	}

	function reply() {
	genericMailAction('reply');
	}

	function forward() {
	genericMailAction('forward');
	}

	function newEmail() {
	genericMailAction('composer');
	}

	function openDraft(id) {
	socket.value.send(JSON.stringify({
	command: 'open-draft',
	arguments: {
	id,
	email: Office.context.mailbox.userProfile.emailAddress,
	displayName: Office.context.mailbox.userProfile.displayName,
	ewsAccessToken,
	verifiedNativeClients: verifiedNativeClients.value,
	}
	}));
	}

	function deleteDraft(id) {
	socket.value.send(JSON.stringify({
	command: 'delete-draft',
	arguments: {
	id: id,
	email: Office.context.mailbox.userProfile.emailAddress,
	displayName: Office.context.mailbox.userProfile.displayName,
	ewsAccessToken,
	verifiedNativeClients: verifiedNativeClients.value,
	}
	}));
	// TODO this.status.drafts.splice(this.status.drafts.findIndex((draft) => draft.id === id), 1);
	}


	function info() {
	if (status.value.fetching \|\| verifiedNativeClients.value.length === 0) {
	return;
	}
	status.value.fetched = false;
	status.value.fetching = true;
	socket.value.send(JSON.stringify({
	command: 'info',
	arguments: {
	itemId: Office.context.mailbox.convertToEwsId(Office.context.mailbox.item.itemId, Office.MailboxEnums.RestVersion.v2_0),
	email: Office.context.mailbox.userProfile.emailAddress,
	ewsAccessToken,
	verifiedNativeClients: verifiedNativeClients.value,
	}
	}));
	}

	function trust(deviceId) {
	devicesToVerify.value.splice(devicesToVerify.value.findIndex((device) => device.id === deviceId), 1);
	verifiedNativeClients.value.push(deviceId);
	localStorage.setItem("verifiedNativeClients", verifiedNativeClients.value.join(';'));
	info();
	}

	function ignore(deviceId) {
	devicesToVerify.value.splice(devicesToVerify.value.findIndex((device) => device.id === deviceId), 1);
	}

	function displayDate(timestamp) {
	const date = new Date(timestamp * 1000);
	let todayDate = new Date();
	if ((new Date(date)).setHours(0, 0, 0, 0) === todayDate.setHours(0, 0, 0, 0)) {
	return date.toLocaleTimeString([], {
	hour: 'numeric',
	minute: 'numeric',
	});
	} else {
	return date.toLocaleDateString();
	}
	}

	/// Only called when not using Office365
	async function executeEws(message) {
	Office.context.mailbox.makeEwsRequestAsync(message.arguments.body, (asyncResult) => {
	if (asyncResult.error) {
	gpgolLog("Error while trying to send email via EWS", {error: asyncResult.error, value: asyncResult.value,});
	return;
	}

	gpgolLog("Email sent", {value: asyncResult.value});
	// let the client known that the email was sent
	socket.value.send(JSON.stringify({
	command: 'ews-response',
	arguments: {
	requestId: message.arguments.requestId,
	email: Office.context.mailbox.userProfile.emailAddress,
	body: asyncResult.value,
	}
	}));
	});
	}

	function webSocketConnect() {
	console.log("Set socket", socket.value)
	if (socket.value && socket.value.readyState === WebSocket.OPEN) {
	return;
	}
	console.log("Set socket")
	socket.value = new WebSocket("wss://" + window.location.host + '/websocket');

	// Connection opened
	socket.value.addEventListener("open", (event) => {
	error.value = '';
	socket.value.send(JSON.stringify({
	command: "register",
	arguments: {
	emails: [Office.context.mailbox.userProfile.emailAddress],
	type: 'webclient',
	},
	}));

	socket.value.send(JSON.stringify({
	command: 'restore-autosave',
	arguments: {
	email: Office.context.mailbox.userProfile.emailAddress,
	displayName: Office.context.mailbox.userProfile.displayName,
	ewsAccessToken,
	}
	}));

	info()
	});

	socket.value.addEventListener("close", (event) => {
	error.value = i18n("Native client was disconnected, reconnecting in 1 second.");
	console.log(event.reason)
	setTimeout(function () {
	webSocketConnect();
	}, 1000);
	});

	socket.value.addEventListener("error", (event) => {
	error.value = i18n("Native client received an error");
	socket.value.close();
	});

	// Listen for messages
	socket.value.addEventListener("message", function (result) {
	const {data} = result;
	const message = JSON.parse(data);
	gpgolLog("Received message from server", {command: message.command});
	switch (message.command) {
	case 'ews':
	executeEws(message);
	break;
	case 'error':
	error.value = message.arguments.error;
	break;
	case 'viewer-closed':
	case 'viewer-opened':
	viewerOpen.value = message.command === 'viewer-opened';
	break;
	case 'disconnection':
	error.value = i18n("Native client was disconnected")
	break;
	case 'connection':
	error.value = '';
	if (!verifiedNativeClients.value.includes(message.arguments.id)) {
	if (devicesToVerify.value.findIndex(device => device.id === message.arguments.id) >= 0) {
	break;
	}
	devicesToVerify.value.push({
	id: message.arguments.id,
	name: message.arguments.name,
	})
	} else {
	info();
	}
	break;
	case 'info-fetched':
	- const {itemId, folderId, encrypted, signed, drafts, version} = message.arguments;
	+ console.log(message.arguments)
	+ const {itemId, folderId, encrypted, signed, drafts, version, features} = message.arguments;
	status.value.fetching = false;
	status.value.drafts = drafts;
	if (itemId === Office.context.mailbox.convertToEwsId(Office.context.mailbox.item.itemId, Office.MailboxEnums.RestVersion.v2_0)) {
	status.value.fetched = true;
	status.value.encrypted = encrypted;
	status.value.signed = signed;
	status.value.folderId = folderId;
	+ status.value.features = features;
	viewerOpen.value = message.arguments.viewerOpen;

	if (viewerOpen.value) {
	view();
	}
	let params = new URLSearchParams(document.location.search);
	let manifestVersion = params.get("version");
	if (version !== manifestVersion) {
	versionWarning.value = i18nc("@info", "Version mismatch. Make sure you installed the last manifest.xml.")
	}
	} else {
	status.value.fetched = false;
	gpgolLog("Received info for wrong email", {itemId, currentItemId: Office.context.mailbox.convertToEwsId(Office.context.mailbox.item.itemId, Office.MailboxEnums.RestVersion.v2_0) });
	info();
	}
	}
	});
	}

	async function auth() {
	pca = await createNestablePublicClientApplication({
	auth: {
	clientId: "1d6f4a59-be04-4274-8793-71b4c081eb72",
	authority: "https://login.microsoftonline.com/common"
	},
	});

	{
	const tokenRequest = {
	scopes: ["https://outlook.office365.com/EWS.AccessAsUser.All"]
	}
	try {
	console.log("Trying to acquire token silently...");
	const userAccount = await pca.acquireTokenSilent(tokenRequest);
	console.log("Acquired token silently.");
	ewsAccessToken = userAccount.accessToken;
	} catch (error) {
	console.log(`Unable to acquire token silently: ${error}`);
	}
	if (ewsAccessToken === null) {
	// Acquire token silent failure. Send an interactive request via popup.
	try {
	console.log("Trying to acquire token interactively...");
	const userAccount = await pca.acquireTokenPopup(tokenRequest);
	console.log("Acquired token interactively.");
	ewsAccessToken = userAccount.accessToken;
	} catch (popupError) {
	// Acquire token interactive failure.
	console.error( `Unable to acquire token interactively: ${popupError}`);
	}
	}
	// Log error if both silent and popup requests failed.
	if (ewsAccessToken === null) {
	error.value = i18n("Unable to acquire access token.");
	}
	}
	}

	onMounted(async () => {
	verifiedNativeClients.value = localStorage.getItem("verifiedNativeClients")?.split(';') ?? []
	if (Office.context.requirements.isSetSupported("NestedAppAuth", "1.1")) {
	await auth();
	}

	webSocketConnect();
	Office.context.mailbox.addHandlerAsync(Office.EventType.ItemChanged, (eventArgs) => {
	status.value.fetching = false;
	status.value.fetched = false;
	if (Office.context.mailbox.item) {
	info();
	} else {
	content.value = '';
	hasSelection.value = false;
	}
	});

	})
	</script>

	<template>
	<div class="d-flex gap" id="app">
	<div class="alert alert-error rounded-md p-2 d-flex flex-row gap" v-if="error.length > 0">
	<svg width="24" height="24" fill="none" viewBox="0 0 24 24" xmlns="http://www.w3.org/2000/svg" class="h-32 w-32"
	style="color: rgb(33, 33, 33);"><!----> <!---->
	<path
	d="M12 2c5.523 0 10 4.478 10 10s-4.477 10-10 10S2 17.522 2 12 6.477 2 12 2Zm0 1.667c-4.595 0-8.333 3.738-8.333 8.333 0 4.595 3.738 8.333 8.333 8.333 4.595 0 8.333-3.738 8.333-8.333 0-4.595-3.738-8.333-8.333-8.333Zm-.001 10.835a.999.999 0 1 1 0 1.998.999.999 0 0 1 0-1.998ZM11.994 7a.75.75 0 0 1 .744.648l.007.101.004 4.502a.75.75 0 0 1-1.493.103l-.007-.102-.004-4.501a.75.75 0 0 1 .75-.751Z"
	fill="currentColor" fill-opacity="1"></path>
	</svg>
	<div>{{ error }}</div>
	</div>
	<div class="alert alert-warning rounded-md p-2 d-flex flex-row gap" v-if="versionWarning.length > 0">
	<svg width="24" height="24" fill="none" viewBox="0 0 24 24" xmlns="http://www.w3.org/2000/svg" class="h-32 w-32" style="color: rgb(33, 33, 33);">
	<path
	d="M10.91 2.782a2.25 2.25 0 0 1 2.975.74l.083.138 7.759 14.009a2.25 2.25 0 0 1-1.814 3.334l-.154.006H4.243a2.25 2.25 0 0 1-2.041-3.197l.072-.143L10.031 3.66a2.25 2.25 0 0 1 .878-.878Zm9.505 15.613-7.76-14.008a.75.75 0 0 0-1.254-.088l-.057.088-7.757 14.008a.75.75 0 0 0 .561 1.108l.095.006h15.516a.75.75 0 0 0 .696-1.028l-.04-.086-7.76-14.008 7.76 14.008ZM12 16.002a.999.999 0 1 1 0 1.997.999.999 0 0 1 0-1.997ZM11.995 8.5a.75.75 0 0 1 .744.647l.007.102.004 4.502a.75.75 0 0 1-1.494.103l-.006-.102-.004-4.502a.75.75 0 0 1 .75-.75Z"
	fill="currentColor" fill-opacity="1"></path>
	</svg>
	<div>{{ versionWarning }}</div>
	</div>

	<div class="alert alert-warning rounded-md p-2 d-flex flex-column gap" v-for="device in devicesToVerify">
	<svg width="24" height="24" fill="none" viewBox="0 0 24 24" xmlns="http://www.w3.org/2000/svg" class="h-32 w-32" style="color: rgb(33, 33, 33);">
	<path
	d="M10.91 2.782a2.25 2.25 0 0 1 2.975.74l.083.138 7.759 14.009a2.25 2.25 0 0 1-1.814 3.334l-.154.006H4.243a2.25 2.25 0 0 1-2.041-3.197l.072-.143L10.031 3.66a2.25 2.25 0 0 1 .878-.878Zm9.505 15.613-7.76-14.008a.75.75 0 0 0-1.254-.088l-.057.088-7.757 14.008a.75.75 0 0 0 .561 1.108l.095.006h15.516a.75.75 0 0 0 .696-1.028l-.04-.086-7.76-14.008 7.76 14.008ZM12 16.002a.999.999 0 1 1 0 1.997.999.999 0 0 1 0-1.997ZM11.995 8.5a.75.75 0 0 1 .744.647l.007.102.004 4.502a.75.75 0 0 1-1.494.103l-.006-.102-.004-4.502a.75.75 0 0 1 .75-.75Z"
	fill="currentColor" fill-opacity="1"></path>
	</svg>
	<div>{{ i18n("Unknow device: %1. Do you trust this device?", device.name ) }}</div>

	<div class="d-flex flex-row gap">
	<button class="w-100 btn rounded-md fa mt-3" @click="ignore(device.id)">
	{{ i18n("Don't Trust") }}
	</button>
	<button class="w-100 btn rounded-md fa mt-3" @click="trust(device.id)">
	{{ i18n("Trust") }}
	</button>
	</div>
	</div>

	<div>
	<div class="mt-3">
	{{ statusText }}
	</div>
	<button v-if="loaded" class="w-100 btn rounded-md fa mt-3" @click="view" :disabled="viewerOpen">
	<svg xmlns="http://www.w3.org/2000/svg" width="1.5em" height="1.5em" viewBox="0 0 20 20">
	<path fill="currentColor"
	d="M18 5.95a2.5 2.5 0 1 0-1.002-4.9A2.5 2.5 0 0 0 18 5.95M4.5 3h9.535a3.5 3.5 0 0 0 0 1H4.5A1.5 1.5 0 0 0 3 5.5v.302l7 4.118l5.754-3.386c.375.217.795.365 1.241.43l-6.741 3.967a.5.5 0 0 1-.426.038l-.082-.038L3 6.963V13.5A1.5 1.5 0 0 0 4.5 15h11a1.5 1.5 0 0 0 1.5-1.5V6.965a3.5 3.5 0 0 0 1 0V13.5a2.5 2.5 0 0 1-2.5 2.5h-11A2.5 2.5 0 0 1 2 13.5v-8A2.5 2.5 0 0 1 4.5 3"/>
	</svg>
	{{ decryptButtonText }}
	</button>
	<div v-if="viewerOpen"><small>{{ i18nc("@info", "Viewer already open.") }}</small></div>
	</div>
	<hr class="w-100 my-0"/>
	<button class="w-100 btn rounded-md" @click="newEmail()" :disabled="!loaded">
	<svg xmlns="http://www.w3.org/2000/svg" width="1.5em" height="1.5em" viewBox="0 0 20 20">
	<path fill="currentColor"
	d="M15.5 4A2.5 2.5 0 0 1 18 6.5v8a2.5 2.5 0 0 1-2.5 2.5h-11A2.5 2.5 0 0 1 2 14.5v-8A2.5 2.5 0 0 1 4.5 4zM17 7.961l-6.746 3.97a.5.5 0 0 1-.426.038l-.082-.038L3 7.963V14.5A1.5 1.5 0 0 0 4.5 16h11a1.5 1.5 0 0 0 1.5-1.5zM15.5 5h-11A1.5 1.5 0 0 0 3 6.5v.302l7 4.118l7-4.12v-.3A1.5 1.5 0 0 0 15.5 5"/>
	</svg>
	{{ i18nc("@action:button", "New secure email") }}
	</button>
	<button class="w-100 btn rounded-md" @click="reply" :disabled="!loaded">
	<svg xmlns="http://www.w3.org/2000/svg" width="1.5em" height="1.5em" viewBox="0 0 20 20">
	<path fill="currentColor"
	d="M7.354 3.646a.5.5 0 0 1 0 .708L3.707 8H10.5a7.5 7.5 0 0 1 7.5 7.5a.5.5 0 0 1-1 0A6.5 6.5 0 0 0 10.5 9H3.707l3.647 3.646a.5.5 0 0 1-.708.708l-4.5-4.5a.5.5 0 0 1 0-.708l4.5-4.5a.5.5 0 0 1 .708 0"/>
	</svg>
	{{ i18nc("@action:button", "Reply securely") }}
	</button>
	<button class="w-100 btn rounded-md" @click="forward" :disabled="!loaded">
	<svg xmlns="http://www.w3.org/2000/svg" width="1.5em" height="1.5em" viewBox="0 0 20 20">
	<path fill="currentColor"
	d="m16.293 9l-3.39 3.39a.5.5 0 0 0 .639.765l.069-.058l4.243-4.243a.5.5 0 0 0 .057-.638l-.057-.07l-4.243-4.242a.5.5 0 0 0-.765.638l.058.07L16.293 8H10a7.5 7.5 0 0 0-7.496 7.258L2.5 15.5a.5.5 0 0 0 1 0a6.5 6.5 0 0 1 6.267-6.496L10 9z"/>
	</svg>
	{{ i18nc("@action:button", "Forward securely") }}
	</button>
	- <button class="w-100 btn rounded-md d-none" @click="reencrypt" :disabled="!loaded">
	+ <button v-if="status.features.includes('reencrypt')" class="w-100 btn rounded-md d-none" @click="reencrypt" :disabled="!loaded" >
	<svg xmlns="http://www.w3.org/2000/svg" width="1.5em" height="1.5em" viewBox="0 0 20 20">
	<path fill="currentColor"
	d="m16.293 9l-3.39 3.39a.5.5 0 0 0 .639.765l.069-.058l4.243-4.243a.5.5 0 0 0 .057-.638l-.057-.07l-4.243-4.242a.5.5 0 0 0-.765.638l.058.07L16.293 8H10a7.5 7.5 0 0 0-7.496 7.258L2.5 15.5a.5.5 0 0 0 1 0a6.5 6.5 0 0 1 6.267-6.496L10 9z"/>
	</svg>
	{{ i18nc("@action:button", "Reencrypt") }}
	</button>
	<div class="draft-container" v-if="loaded">
	<h2 class="mb-0">Drafts</h2>
	<ul v-if="status.drafts.length > 0" id="drafts" class="my-0 list-unstyled gap d-flex">
	<li v-for="draft in status.drafts" :key="draft.id" class="d-flex flex-row">
	<button class="btn w-100 d-flex flex-row align-items-center rounded-e-md" @click="openDraft(draft.id)">
	<svg xmlns="http://www.w3.org/2000/svg" width="1.5em" height="1.5em" viewBox="0 0 20 20">
	<path fill="currentColor"
	d="M15.5 3.001a2.5 2.5 0 0 1 2.5 2.5v3.633a2.9 2.9 0 0 0-1-.131V6.962l-6.746 3.97a.5.5 0 0 1-.426.038l-.082-.038L3 6.964v6.537a1.5 1.5 0 0 0 1.5 1.5h5.484c-.227.3-.4.639-.51 1H4.5a2.5 2.5 0 0 1-2.5-2.5v-8a2.5 2.5 0 0 1 2.5-2.5zm0 1h-11a1.5 1.5 0 0 0-1.5 1.5v.302l7 4.118l7-4.119v-.301a1.5 1.5 0 0 0-1.5-1.5m-4.52 11.376l4.83-4.83a1.87 1.87 0 1 1 2.644 2.646l-4.83 4.829a2.2 2.2 0 0 1-1.02.578l-1.498.374a.89.89 0 0 1-1.079-1.078l.375-1.498a2.2 2.2 0 0 1 .578-1.02"/>
	</svg>
	{{ i18n("Last Modified: %1", displayDate(draft.last_modification)) }}
	</button>
	<button class="btn btn-danger ms-auto py-1 rounded-e-md" @click="deleteDraft(draft.id)">
	<span class="sr-only">{{ i18nc("@action:button", "Delete") }}</span>
	<svg xmlns="http://www.w3.org/2000/svg" width="1em" height="1em" viewBox="0 0 24 24">
	<path fill="currentColor"
	d="M10 5h4a2 2 0 1 0-4 0M8.5 5a3.5 3.5 0 1 1 7 0h5.75a.75.75 0 0 1 0 1.5h-1.32l-1.17 12.111A3.75 3.75 0 0 1 15.026 22H8.974a3.75 3.75 0 0 1-3.733-3.389L4.07 6.5H2.75a.75.75 0 0 1 0-1.5zm2 4.75a.75.75 0 0 0-1.5 0v7.5a.75.75 0 0 0 1.5 0zM14.25 9a.75.75 0 0 1 .75.75v7.5a.75.75 0 0 1-1.5 0v-7.5a.75.75 0 0 1 .75-.75m-7.516 9.467a2.25 2.25 0 0 0 2.24 2.033h6.052a2.25 2.25 0 0 0 2.24-2.033L18.424 6.5H5.576z"/>
	</svg>
	</button>
	</li>
	</ul>
	<p v-else>{{ i18nc("Placeholder", "No draft found") }}</p>
	</div>
	</div>
	</template>

	<style scoped>

	</style>
	\ No newline at end of file

File Metadata

Mime Type: text/x-diff
Expires: Tue, Jul 8, 12:38 PM (4 h, 44 m)
Storage Engine: local-disk
Storage Format: Raw Data
Storage Handle: c8/5e/07c4582616b9bdac2daf9760816f

No OneTemporaryActions

View Options

File Metadata

Event Timeline

No OneTemporary
Actions