diff --git a/doc/sources/admin/idpopenidconnect.rst b/doc/sources/admin/idpopenidconnect.rst index 3f7aae4f8d81ca976157052b5c16c85a3673ecba..c9274b6d89482e9b509bfe6890f7a56481012ddf 100644 --- a/doc/sources/admin/idpopenidconnect.rst +++ b/doc/sources/admin/idpopenidconnect.rst @@ -251,6 +251,9 @@ Options return it as a JWT, using one of the available signature algorithms. - **Require PKCE** (since version ``2.0.4``): A code challenge is required at Tokens endpoint (see :rfc:`7636`) + - **Invalidate refresh tokens after use** (since version ``2.20.0``): Use + this option to prevent Refresh Tokens from being re-used. A new refresh + token will be generated every time. - **Allow offline access** (since version ``2.0.7``): After enabling this feature, an application may request the **offline_access** scope, and will obtain a Refresh Token that persists even after diff --git a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/Constants.pm b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/Constants.pm index 57f7e26e882a7ecae047e08cfdd19bb1bfcb9c81..8c1973e5e909fc6713e47492aeac13749a3cf0c2 100644 --- a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/Constants.pm +++ b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/Constants.pm @@ -26,20 +26,23 @@ use constant APPLYSECTION => "apply"; # Default configuration backend use constant DEFAULTCONFBACKEND => "File"; -use constant DEFAULTCONFBACKENDOPTIONS => ( - dirName => '/usr/local/lemonldap-ng/data/conf', -); -our $hashParameters = qr/^(?:(?:r(?:e(?:moteGlobalStorageOption|st2f(?:Verify|Init)Arg|loadUrl)|adius(?:(?:2f)?RequestAttribute|ExportedVar))|l(?:o(?:ca(?:lSessionStorageOption|tionRule)|goutService)|dapExportedVar|wp(?:Ssl)?Opt)|(?:(?:d(?:emo|bi)|webID)ExportedVa|exported(?:Heade|Va)|issuerDBGetParamete)r|f(?:indUser(?:Exclud|Search)ingAttribute|acebookExportedVar)|g(?:r(?:antSessionRule|oup)|lobalStorageOption)|n(?:otificationStorageOption|ginxCustomHandler)|macro)s|o(?:idc(?:S(?:ervice(?:DynamicRegistrationEx(?:portedVar|traClaim)s|MetaDataAuthnContext)|torageOptions)|RPMetaData(?:(?:Option(?:sExtraClaim)?|ExportedVar|ScopeRule|Macro)s|Node)|OPMetaData(?:(?:ExportedVar|Option)s|J(?:SON|WKS)|Node))|penIdExportedVars)|c(?:a(?:s(?:A(?:ppMetaData(?:(?:ExportedVar|Option|Macro)s|Node)|ttributes)|S(?:rvMetaData(?:(?:ExportedVar|Option)s|Node)|torageOptions))|ptchaOptions)|(?:ustom(?:Plugins|Add)Param|heckUserHiddenHeader|ombModule)s)|s(?:aml(?:S(?:PMetaData(?:(?:ExportedAttribute|Option|Macro)s|Node|XML)|torageOptions)|IDPMetaData(?:(?:ExportedAttribute|Option)s|Node|XML))|essionDataToRemember|laveExportedVars|fExtra)|a(?:(?:daptativeAuthenticationLevelR|ut(?:hChoiceMod|oSigninR))ules|pplicationList)|p(?:ersistentStorageOptions|o(?:rtalSkinRules|st))|v(?:hostOptions|irtualHost)|S(?:MTPTLSOpts|SLVarIf))$/; +use constant DEFAULTCONFBACKENDOPTIONS => + ( dirName => '/usr/local/lemonldap-ng/data/conf', ); +our $hashParameters = +qr/^(?:(?:r(?:e(?:moteGlobalStorageOption|st2f(?:Verify|Init)Arg|loadUrl)|adius(?:(?:2f)?RequestAttribute|ExportedVar))|l(?:o(?:ca(?:lSessionStorageOption|tionRule)|goutService)|dapExportedVar|wp(?:Ssl)?Opt)|(?:(?:d(?:emo|bi)|webID)ExportedVa|exported(?:Heade|Va)|issuerDBGetParamete)r|f(?:indUser(?:Exclud|Search)ingAttribute|acebookExportedVar)|g(?:r(?:antSessionRule|oup)|lobalStorageOption)|n(?:otificationStorageOption|ginxCustomHandler)|macro)s|o(?:idc(?:S(?:ervice(?:DynamicRegistrationEx(?:portedVar|traClaim)s|MetaDataAuthnContext)|torageOptions)|RPMetaData(?:(?:Option(?:sExtraClaim)?|ExportedVar|ScopeRule|Macro)s|Node)|OPMetaData(?:(?:ExportedVar|Option)s|J(?:SON|WKS)|Node))|penIdExportedVars)|c(?:a(?:s(?:A(?:ppMetaData(?:(?:ExportedVar|Option|Macro)s|Node)|ttributes)|S(?:rvMetaData(?:(?:ExportedVar|Option)s|Node)|torageOptions))|ptchaOptions)|(?:ustom(?:Plugins|Add)Param|heckUserHiddenHeader|ombModule)s)|s(?:aml(?:S(?:PMetaData(?:(?:ExportedAttribute|Option|Macro)s|Node|XML)|torageOptions)|IDPMetaData(?:(?:ExportedAttribute|Option)s|Node|XML))|essionDataToRemember|laveExportedVars|fExtra)|a(?:(?:daptativeAuthenticationLevelR|ut(?:hChoiceMod|oSigninR))ules|pplicationList)|p(?:ersistentStorageOptions|o(?:rtalSkinRules|st))|v(?:hostOptions|irtualHost)|S(?:MTPTLSOpts|SLVarIf))$/; our $arrayParameters = qr/^mySessionAuthorizedRWKeys$/; -our $boolKeys = qr/^(?:s(?:aml(?:IDP(?:MetaDataOptions(?:(?:Check(?:S[LS]OMessageSignatur|Audienc|Tim)|IsPassiv)e|A(?:daptSessionUtime|llowLoginFromIDP)|Force(?:Authn|UTF8)|StoreSAMLToken|RelayStateURL)|SSODescriptorWantAuthnRequestsSigned)|S(?:P(?:MetaDataOptions(?:(?:CheckS[LS]OMessageSignatur|OneTimeUs)e|EnableIDPInitiatedURL|ForceUTF8)|SSODescriptor(?:WantAssertion|AuthnRequest)sSigned)|erviceUseCertificateInResponse)|DiscoveryProtocol(?:Activation|IsPassive)|CommonDomainCookieActivation|UseQueryStringSpecific|MetadataForceUTF8)|t(?:ayConnected(?:SingleSession|BypassFG)|orePasswor(?:dEncrypte)?d)|f(?:RemovedUseNotif|OnlyUpgrade)|kip(?:Upgrade|Renew)Confirmation|oap(?:Session|Config)Server|laveDisplayLogo|howLanguages|slByAjax)|o(?:idc(?:RPMetaDataOptions(?:A(?:llow(?:(?:ClientCredentials|Password)Grant|Offline)|uth(?:nRequire(?:Nonc|Stat)|RequiredForAuthoriz)e|ccessToken(?:Claims|JWT))|Logout(?:SessionRequired|BypassConfirm)|Re(?:freshToken|quirePKCE)|UserinfoRequireHeaderToken|IDTokenForceClaims|BypassConsent|Public)|Service(?:Allow(?:(?:AuthorizationCode|Implicit|Hybrid)Flow|DynamicRegistration|OnlyDeclaredScopes)|IgnoreScopeForClaims|HideMetadata)|OPMetaDataOptions(?:(?:(?:RequirePk|UseNon)c|CheckJWTSignatur)e|StoreIDToken)|DropCspHeaders)|ldNotifFormat)|c(?:heck(?:DevOps(?:D(?:isplayNormalizedHeaders|ownload)|CheckSessionAttributes)?|Entropy(?:Required)?|HIBP(?:Required)?|State|User|XSS)|a(?:s(?:S(?:rvMetaDataOptions(?:Gateway|Renew)|trictMatching)|BackChannelSingleLogout)|ptcha_(?:register|login|mail)_enabled)|o(?:ntextSwitching(?:Allowed2fModifications|StopWithLogout)|mpactConf|rsEnabled)|rowdsec|da)|p(?:ortal(?:Display(?:Re(?:freshMyRights|setPassword|gister)|CertificateResetByMail|GeneratePassword|PasswordPolicy)|E(?:rrorOn(?:ExpiredSession|MailNotFound)|nablePasswordDisplay)|(?:CheckLogin|Statu)s|OpenLinkInNewWindow|ForceAuthn|AntiFrame)|roxy(?:AuthServiceImpersonation|UseSoap)|assword2fUserCanRemoveKey)|l(?:dap(?:(?:G(?:roup(?:DecodeSearchedValu|Recursiv)|etUserBeforePasswordChang)|UsePasswordResetAttribut)e|(?:AllowResetExpired|Set)Password|ChangePasswordAsUser|PpolicyControl|ITDS)|o(?:ginHistoryEnabled|cationDetect))|r(?:e(?:st(?:(?:Password|Session|Config|Auth)Server|ExportSecretKeys)|memberDefaultChecked|freshSessions)|adius2fSendInitialRequest)|i(?:ssuerDB(?:OpenID(?:Connect)?|JitsiMeetTokens|SAML|CAS|Get)Activation|mpersonationSkipEmptyValues|nitializePasswordReset)|n(?:o(?:tif(?:ication(?:Server(?:(?:POS|GE)T|DELETE)?|sExplorer)?|y(?:Deleted|Other))|AjaxHook)|ewLocationWarning)|br(?:uteForceProtection(?:IncrementalTempo)?|owsersDontStorePassword)|d(?:is(?:ablePersistentStorage|playSessionId)|biDynamicHashEnabled)|to(?:tp2f(?:UserCanRemoveKey|EncryptSecret)|kenUseGlobalStorage)|u(?:se(?:RedirectOn(?:Forbidden|Error)|SafeJail)|pgradeSession)|(?:mai(?:lOnPasswordChang|ntenanc)|vhostMaintenanc)e|w(?:ebauthn(?:2fUserCanRemoveKey|AppId)|sdlServer)|h(?:ashedSessionStore|ideOldPassword|ttpOnly)|g(?:roupsBeforeMacros|lobalLogoutTimer)|a(?:voidAssignment|ctiveTimer)|yubikey2fUserCanRemoveKey|krb(?:RemoveDomain|ByJs)|findUser)$/; +our $boolKeys = +qr/^(?:s(?:aml(?:IDP(?:MetaDataOptions(?:(?:Check(?:S[LS]OMessageSignatur|Audienc|Tim)|IsPassiv)e|A(?:daptSessionUtime|llowLoginFromIDP)|Force(?:Authn|UTF8)|StoreSAMLToken|RelayStateURL)|SSODescriptorWantAuthnRequestsSigned)|S(?:P(?:MetaDataOptions(?:(?:CheckS[LS]OMessageSignatur|OneTimeUs)e|EnableIDPInitiatedURL|ForceUTF8)|SSODescriptor(?:WantAssertion|AuthnRequest)sSigned)|erviceUseCertificateInResponse)|DiscoveryProtocol(?:Activation|IsPassive)|CommonDomainCookieActivation|UseQueryStringSpecific|MetadataForceUTF8)|t(?:ayConnected(?:SingleSession|BypassFG)|orePasswor(?:dEncrypte)?d)|f(?:RemovedUseNotif|OnlyUpgrade)|kip(?:Upgrade|Renew)Confirmation|oap(?:Session|Config)Server|laveDisplayLogo|howLanguages|slByAjax)|o(?:idc(?:RPMetaDataOptions(?:A(?:llow(?:(?:ClientCredentials|Password)Grant|Offline)|uth(?:nRequire(?:Nonc|Stat)|RequiredForAuthoriz)e|ccessToken(?:Claims|JWT))|Logout(?:SessionRequired|BypassConfirm)|Re(?:freshToke(?:nRotatio)?n|quirePKCE)|UserinfoRequireHeaderToken|IDTokenForceClaims|BypassConsent|Public)|Service(?:Allow(?:(?:AuthorizationCode|Implicit|Hybrid)Flow|DynamicRegistration|OnlyDeclaredScopes)|IgnoreScopeForClaims|HideMetadata)|OPMetaDataOptions(?:(?:(?:RequirePk|UseNon)c|CheckJWTSignatur)e|StoreIDToken)|DropCspHeaders)|ldNotifFormat)|c(?:heck(?:DevOps(?:D(?:isplayNormalizedHeaders|ownload)|CheckSessionAttributes)?|Entropy(?:Required)?|HIBP(?:Required)?|State|User|XSS)|a(?:s(?:S(?:rvMetaDataOptions(?:Gateway|Renew)|trictMatching)|BackChannelSingleLogout)|ptcha_(?:register|login|mail)_enabled)|o(?:ntextSwitching(?:Allowed2fModifications|StopWithLogout)|mpactConf|rsEnabled)|rowdsec|da)|p(?:ortal(?:Display(?:Re(?:freshMyRights|setPassword|gister)|CertificateResetByMail|GeneratePassword|PasswordPolicy)|E(?:rrorOn(?:ExpiredSession|MailNotFound)|nablePasswordDisplay)|(?:CheckLogin|Statu)s|OpenLinkInNewWindow|ForceAuthn|AntiFrame)|roxy(?:AuthServiceImpersonation|UseSoap)|assword2fUserCanRemoveKey)|l(?:dap(?:(?:G(?:roup(?:DecodeSearchedValu|Recursiv)|etUserBeforePasswordChang)|UsePasswordResetAttribut)e|(?:AllowResetExpired|Set)Password|ChangePasswordAsUser|PpolicyControl|ITDS)|o(?:ginHistoryEnabled|cationDetect))|r(?:e(?:st(?:(?:Password|Session|Config|Auth)Server|ExportSecretKeys)|memberDefaultChecked|freshSessions)|adius2fSendInitialRequest)|i(?:ssuerDB(?:OpenID(?:Connect)?|JitsiMeetTokens|SAML|CAS|Get)Activation|mpersonationSkipEmptyValues|nitializePasswordReset)|n(?:o(?:tif(?:ication(?:Server(?:(?:POS|GE)T|DELETE)?|sExplorer)?|y(?:Deleted|Other))|AjaxHook)|ewLocationWarning)|br(?:uteForceProtection(?:IncrementalTempo)?|owsersDontStorePassword)|d(?:is(?:ablePersistentStorage|playSessionId)|biDynamicHashEnabled)|to(?:tp2f(?:UserCanRemoveKey|EncryptSecret)|kenUseGlobalStorage)|u(?:se(?:RedirectOn(?:Forbidden|Error)|SafeJail)|pgradeSession)|(?:mai(?:lOnPasswordChang|ntenanc)|vhostMaintenanc)e|w(?:ebauthn(?:2fUserCanRemoveKey|AppId)|sdlServer)|h(?:ashedSessionStore|ideOldPassword|ttpOnly)|g(?:roupsBeforeMacros|lobalLogoutTimer)|a(?:voidAssignment|ctiveTimer)|yubikey2fUserCanRemoveKey|krb(?:RemoveDomain|ByJs)|findUser)$/; -our @sessionTypes = ( 'remoteGlobal', 'global', 'localSession', 'persistent', 'saml', 'oidc', 'cas' ); +our @sessionTypes = ( + 'remoteGlobal', 'global', 'localSession', 'persistent', + 'saml', 'oidc', 'cas' +); -sub NO {qr/^(?:off|no|0)?$/i} +sub NO { qr/^(?:off|no|0)?$/i } our %EXPORT_TAGS = ( - 'all' => [ - qw( + 'all' => [ qw( CONFIG_WAS_CHANGED UNKNOWN_ERROR DATABASE_LOCKED @@ -61,10 +64,10 @@ our %EXPORT_TAGS = ( $arrayParameters @sessionTypes $boolKeys - ) + ) ] ); -our @EXPORT_OK = ( @{ $EXPORT_TAGS{'all'} } ); -our @EXPORT = ( @{ $EXPORT_TAGS{'all'} } ); +our @EXPORT_OK = ( @{ $EXPORT_TAGS{'all'} } ); +our @EXPORT = ( @{ $EXPORT_TAGS{'all'} } ); 1; diff --git a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/DefaultValues.pm b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/DefaultValues.pm index c74826d74bf3dbd0f7904def0dd6c14d50b62810..f6f280e83d897c7d9675de8280b0251729f26459 100644 --- a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/DefaultValues.pm +++ b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/DefaultValues.pm @@ -17,7 +17,7 @@ sub defaultValues { }, 'authChoiceParam' => 'lmAuth', 'authentication' => 'Demo', - 'available2F' => + 'available2F' => 'TOTP,REST,Mail2F,Ext2F,WebAuthn,Yubikey,Radius,Password,Okta', 'available2FSelfRegistration' => 'Password,TOTP,WebAuthn,Yubikey', 'bruteForceProtectionLockTimes' => '15, 30, 60, 300, 600', @@ -31,7 +31,7 @@ sub defaultValues { 'casAccessControlPolicy' => 'none', 'casAuthnLevel' => 1, 'casTicketExpiration' => 0, - 'certificateResetByMailCeaAttribute' => 'description', + 'certificateResetByMailCeaAttribute' => 'description', 'certificateResetByMailCertificateAttribute' => 'userCertificate;binary', 'certificateResetByMailValidityDelay' => 0, @@ -103,7 +103,7 @@ sub defaultValues { 'globalLogoutTimer' => 1, 'globalStorage' => 'Apache::Session::File', 'globalStorageOptions' => { - 'Directory' => '/var/lib/lemonldap-ng/sessions/', + 'Directory' => '/var/lib/lemonldap-ng/sessions/', 'generateModule' => 'Lemonldap::NG::Common::Apache::Session::Generate::SHA256', 'LockDirectory' => '/var/lib/lemonldap-ng/sessions/lock/' @@ -206,7 +206,7 @@ sub defaultValues { 'newLocationWarningMaxValues' => '0', 'notificationDefaultCond' => '', 'notificationServerPOST' => 1, - 'notificationServerSentAttributes' => + 'notificationServerSentAttributes' => 'uid reference date title subtitle text check', 'notificationsMaxRetrieve' => 3, 'notificationStorage' => 'File', @@ -272,7 +272,7 @@ sub defaultValues { 'passwordPolicyMinUpper' => 0, 'passwordPolicySpecialChar' => '__ALL__', 'passwordResetAllowedRetries' => 3, - 'persistentSessionAttributes' => + 'persistentSessionAttributes' => '_loginHistory _2fDevices _oidcConsents notification_', 'port' => -1, 'portal' => 'http://auth.example.com/', @@ -283,7 +283,7 @@ sub defaultValues { 'portalDisplayGeneratePassword' => 1, 'portalDisplayLoginHistory' => 1, 'portalDisplayLogout' => 1, - 'portalDisplayOidcConsents' => + 'portalDisplayOidcConsents' => '$_oidcConsents && $_oidcConsents =~ /\\w+/', 'portalDisplayOrder' => 'Appslist ChangePassword LoginHistory OidcConsents Logout', @@ -320,11 +320,11 @@ sub defaultValues { 'http://auth.example.com/Lemonldap/NG/Common/PSGI/SOAPService', 'proxy' => 'http://auth.example.com/sessions' }, - 'requireToken' => 1, - 'rest2fActivation' => 0, - 'restAuthnLevel' => 2, - 'restClockTolerance' => 15, - 'sameSite' => '', + 'requireToken' => 1, + 'rest2fActivation' => 0, + 'restAuthnLevel' => 2, + 'restClockTolerance' => 15, + 'sameSite' => '', 'samlAttributeAuthorityDescriptorAttributeServiceSOAP' => 'urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/AA/SOAP;', 'samlAuthnContextMapKerberos' => 4, @@ -364,7 +364,7 @@ sub defaultValues { '0;1;urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact;#PORTAL#/saml/proxySingleSignOnArtifact', 'samlSPSSODescriptorAssertionConsumerServiceHTTPPost' => '1;0;urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/proxySingleSignOnPost', - 'samlSPSSODescriptorAuthnRequestsSigned' => 1, + 'samlSPSSODescriptorAuthnRequestsSigned' => 1, 'samlSPSSODescriptorSingleLogoutServiceHTTPPost' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/proxySingleLogout;#PORTAL#/saml/proxySingleLogoutReturn', 'samlSPSSODescriptorSingleLogoutServiceHTTPRedirect' => @@ -377,7 +377,7 @@ sub defaultValues { 'sfEngine' => '::2F::Engines::Default', 'sfManagerRule' => 1, 'sfRemovedMsgRule' => 0, - 'sfRemovedNotifMsg' => + 'sfRemovedNotifMsg' => '_removedSF_ expired second factor(s) has/have been removed (_nameSF_)!', 'sfRemovedNotifRef' => 'RemoveSF', 'sfRemovedNotifTitle' => 'Second factor notification', diff --git a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/ReConstants.pm b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/ReConstants.pm index 5a9ab00cc87c5334278d6aa5ae5647996738c8e7..4d6c2863eedf6be2fa65ed8cade27359ffa361c4 100644 --- a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/ReConstants.pm +++ b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/ReConstants.pm @@ -7,69 +7,136 @@ use base qw(Exporter); our $VERSION = '2.20.0'; -our %EXPORT_TAGS = ( 'all' => [qw($simpleHashKeys $doubleHashKeys $specialNodeKeys $casAppMetaDataNodeKeys $casSrvMetaDataNodeKeys $oidcOPMetaDataNodeKeys $oidcRPMetaDataNodeKeys $samlIDPMetaDataNodeKeys $samlSPMetaDataNodeKeys $virtualHostKeys $specialNodeHash $authParameters $issuerParameters $samlServiceParameters $oidcServiceParameters $casServiceParameters)] ); -our @EXPORT_OK = ( @{ $EXPORT_TAGS{'all'} } ); -our @EXPORT = ( @{ $EXPORT_TAGS{'all'} } ); +our %EXPORT_TAGS = ( + 'all' => [ + qw($simpleHashKeys $doubleHashKeys $specialNodeKeys $casAppMetaDataNodeKeys $casSrvMetaDataNodeKeys $oidcOPMetaDataNodeKeys $oidcRPMetaDataNodeKeys $samlIDPMetaDataNodeKeys $samlSPMetaDataNodeKeys $virtualHostKeys $specialNodeHash $authParameters $issuerParameters $samlServiceParameters $oidcServiceParameters $casServiceParameters) + ] +); +our @EXPORT_OK = ( @{ $EXPORT_TAGS{'all'} } ); +our @EXPORT = ( @{ $EXPORT_TAGS{'all'} } ); our $specialNodeHash = { - virtualHosts => [qw(exportedHeaders locationRules post vhostOptions)], - samlIDPMetaDataNodes => [qw(samlIDPMetaDataXML samlIDPMetaDataExportedAttributes samlIDPMetaDataOptions)], - samlSPMetaDataNodes => [qw(samlSPMetaDataXML samlSPMetaDataExportedAttributes samlSPMetaDataOptions samlSPMetaDataMacros)], - oidcOPMetaDataNodes => [qw(oidcOPMetaDataJSON oidcOPMetaDataJWKS oidcOPMetaDataOptions oidcOPMetaDataExportedVars)], - oidcRPMetaDataNodes => [qw(oidcRPMetaDataOptions oidcRPMetaDataExportedVars oidcRPMetaDataOptionsExtraClaims oidcRPMetaDataMacros oidcRPMetaDataScopeRules)], - casSrvMetaDataNodes => [qw(casSrvMetaDataOptions casSrvMetaDataExportedVars)], - casAppMetaDataNodes => [qw(casAppMetaDataOptions casAppMetaDataExportedVars casAppMetaDataMacros)], + virtualHosts => [qw(exportedHeaders locationRules post vhostOptions)], + samlIDPMetaDataNodes => [ + qw(samlIDPMetaDataXML samlIDPMetaDataExportedAttributes samlIDPMetaDataOptions) + ], + samlSPMetaDataNodes => [ + qw(samlSPMetaDataXML samlSPMetaDataExportedAttributes samlSPMetaDataOptions samlSPMetaDataMacros) + ], + oidcOPMetaDataNodes => [ + qw(oidcOPMetaDataJSON oidcOPMetaDataJWKS oidcOPMetaDataOptions oidcOPMetaDataExportedVars) + ], + oidcRPMetaDataNodes => [ + qw(oidcRPMetaDataOptions oidcRPMetaDataExportedVars oidcRPMetaDataOptionsExtraClaims oidcRPMetaDataMacros oidcRPMetaDataScopeRules) + ], + casSrvMetaDataNodes => + [qw(casSrvMetaDataOptions casSrvMetaDataExportedVars)], + casAppMetaDataNodes => [ + qw(casAppMetaDataOptions casAppMetaDataExportedVars casAppMetaDataMacros) + ], }; our $doubleHashKeys = 'issuerDBGetParameters'; -our $simpleHashKeys = '(?:(?:r(?:e(?:moteGlobalStorageOption|st2f(?:Verify|Init)Arg|loadUrl)|adius(?:(?:2f)?RequestAttribute|ExportedVar))|c(?:a(?:s(?:StorageOption|Attribute)|ptchaOption)|ustom(?:Plugins|Add)Param|heckUserHiddenHeader|ombModule)|l(?:o(?:calSessionStorageOption|goutService)|dapExportedVar|wp(?:Ssl)?Opt)|f(?:indUser(?:Exclud|Search)ingAttribute|acebookExportedVar)|g(?:r(?:antSessionRule|oup)|lobalStorageOption)|n(?:otificationStorageOption|ginxCustomHandler)|p(?:ersistentStorageOption|ortalSkinRule)|(?:(?:d(?:emo|bi)|webID)E|e)xportedVar|macro)s|o(?:idc(?:S(?:ervice(?:DynamicRegistrationEx(?:portedVar|traClaim)s|MetaDataAuthnContext)|torageOptions)|OPMetaDataJ(?:SON|WKS))|penIdExportedVars)|a(?:(?:daptativeAuthenticationLevelR|ut(?:hChoiceMod|oSigninR))ules|pplicationList)|s(?:(?:amlStorageOption|laveExportedVar)s|essionDataToRemember|fExtra)|S(?:MTPTLSOpts|SLVarIf))'; -our $specialNodeKeys = '(?:(?:(?:saml(?:ID|S)|oidc[OR])P|cas(?:App|Srv))MetaDataNode|virtualHost)s'; -our $casAppMetaDataNodeKeys = 'casAppMetaData(?:Options(?:(?:UserAttribut|DisplayNam|Servic|Rul)e|(?:Commen|Logou)t|AuthnLevel)|(?:ExportedVar|Macro)s)'; -our $casSrvMetaDataNodeKeys = 'casSrvMetaData(?:Options(?:Re(?:solutionRule|new)|ProxiedServices|DisplayName|SortNumber|Comment|Gateway|Tooltip|Icon|Url)|ExportedVars)'; -our $oidcOPMetaDataNodeKeys = 'oidcOPMetaData(?:Options(?:C(?:o(?:nfigurationURI|mment)|lient(?:Secret|ID)|heckJWTSignature)|A(?:uthnEndpointAuth(?:Method|SigAlg)|crValues)|(?:Re(?:solutionRul|quirePkc)|MaxAg)e|U(?:se(?:rAttribut|Nonc)e|iLocales)|To(?:kenEndpointAuthMethod|oltip)|S(?:toreIDToken|ortNumber|cope)|(?:JWKSTimeou|Promp)t|I(?:DTokenMaxAge|con)|Display(?:Name)?)|ExportedVars|J(?:SON|WKS))'; -our $oidcRPMetaDataNodeKeys = 'oidcRPMetaData(?:Options(?:A(?:uth(?:n(?:Require(?:Nonc|Stat)e|Level)|orizationCodeExpiration|RequiredForAuthorize|Method)|ccessToken(?:E(?:nc(?:ContentEnc|KeyMgt)Alg|xpiration)|SignAlg|Claims|JWT)|llow(?:(?:ClientCredentials|Password)Grant|Offline)|dditionalAudiences)|I(?:DToken(?:ForceClaims|Expiration|SignAlg)|dTokenEnc(?:ContentEnc|KeyMgt)Alg|con)|User(?:I(?:nfo(?:Enc(?:ContentEnc|KeyMgt)|Sign)Alg|DAttr)|infoRequireHeaderToken)|Logout(?:Enc(?:ContentEnc|KeyMgt)Alg|SessionRequired|BypassConfirm|Type|Url)|R(?:e(?:qu(?:estUris|irePKCE)|directUris|freshToken)|ule)|P(?:ostLogoutRedirectUris|ublic)|C(?:lient(?:Secret|ID)|omment)|OfflineSessionExpiration|TokenXAuthorizedRP|BypassConsent|Jwks(?:Uri)?|DisplayName|ExtraClaims)|(?:ExportedVar|ScopeRule|Macro)s)'; -our $samlIDPMetaDataNodeKeys = 'samlIDPMetaData(?:Options(?:S(?:ign(?:S[LS]OMessage|atureMethod)|toreSAMLToken|[LS]OBinding|ortNumber)|C(?:heck(?:S[LS]OMessageSignatur|Audienc|Tim)e|omment)|Re(?:questedAuthnContext|solutionRule|layStateURL)|(?:EncryptionMod|UserAttribut|DisplayNam)e|F(?:orce(?:Authn|UTF8)|ederationEntityID)|A(?:daptSessionUtime|llowLoginFromIDP)|I(?:sPassive|con)|NameIDFormat|Tooltip)|ExportedAttributes|XML)'; -our $samlSPMetaDataNodeKeys = 'samlSPMetaData(?:Options(?:F(?:ederation(?:(?:Optional|Required)Attributes|EntityID)|orceUTF8)|S(?:ign(?:S[LS]OMessage|atureMethod)|essionNotOnOrAfterTimeout)|N(?:ameID(?:SessionKey|Format)|otOnOrAfterTimeout)|C(?:heckS[LS]OMessageSignature|omment)|En(?:ableIDPInitiatedURL|cryptionMode)|(?:OneTimeUs|Rul)e|AuthnLevel)|(?:ExportedAttribute|Macro)s|XML)'; -our $virtualHostKeys = '(?:vhost(?:A(?:ccessToTrace|uthnLevel|liases)|(?:Maintenanc|Typ)e|(?:Commen|Por)t|ServiceTokenTTL|DevOpsRulesUrl|Https)|(?:exportedHeader|locationRule)s|post)'; +our $simpleHashKeys = +'(?:(?:r(?:e(?:moteGlobalStorageOption|st2f(?:Verify|Init)Arg|loadUrl)|adius(?:(?:2f)?RequestAttribute|ExportedVar))|c(?:a(?:s(?:StorageOption|Attribute)|ptchaOption)|ustom(?:Plugins|Add)Param|heckUserHiddenHeader|ombModule)|l(?:o(?:calSessionStorageOption|goutService)|dapExportedVar|wp(?:Ssl)?Opt)|f(?:indUser(?:Exclud|Search)ingAttribute|acebookExportedVar)|g(?:r(?:antSessionRule|oup)|lobalStorageOption)|n(?:otificationStorageOption|ginxCustomHandler)|p(?:ersistentStorageOption|ortalSkinRule)|(?:(?:d(?:emo|bi)|webID)E|e)xportedVar|macro)s|o(?:idc(?:S(?:ervice(?:DynamicRegistrationEx(?:portedVar|traClaim)s|MetaDataAuthnContext)|torageOptions)|OPMetaDataJ(?:SON|WKS))|penIdExportedVars)|a(?:(?:daptativeAuthenticationLevelR|ut(?:hChoiceMod|oSigninR))ules|pplicationList)|s(?:(?:amlStorageOption|laveExportedVar)s|essionDataToRemember|fExtra)|S(?:MTPTLSOpts|SLVarIf))'; +our $specialNodeKeys = + '(?:(?:(?:saml(?:ID|S)|oidc[OR])P|cas(?:App|Srv))MetaDataNode|virtualHost)s'; +our $casAppMetaDataNodeKeys = +'casAppMetaData(?:Options(?:(?:UserAttribut|DisplayNam|Servic|Rul)e|(?:Commen|Logou)t|AuthnLevel)|(?:ExportedVar|Macro)s)'; +our $casSrvMetaDataNodeKeys = +'casSrvMetaData(?:Options(?:Re(?:solutionRule|new)|ProxiedServices|DisplayName|SortNumber|Comment|Gateway|Tooltip|Icon|Url)|ExportedVars)'; +our $oidcOPMetaDataNodeKeys = +'oidcOPMetaData(?:Options(?:C(?:o(?:nfigurationURI|mment)|lient(?:Secret|ID)|heckJWTSignature)|A(?:uthnEndpointAuth(?:Method|SigAlg)|crValues)|(?:Re(?:solutionRul|quirePkc)|MaxAg)e|U(?:se(?:rAttribut|Nonc)e|iLocales)|To(?:kenEndpointAuthMethod|oltip)|S(?:toreIDToken|ortNumber|cope)|(?:JWKSTimeou|Promp)t|I(?:DTokenMaxAge|con)|Display(?:Name)?)|ExportedVars|J(?:SON|WKS))'; +our $oidcRPMetaDataNodeKeys = +'oidcRPMetaData(?:Options(?:A(?:uth(?:n(?:Require(?:Nonc|Stat)e|Level)|orizationCodeExpiration|RequiredForAuthorize|Method)|ccessToken(?:E(?:nc(?:ContentEnc|KeyMgt)Alg|xpiration)|SignAlg|Claims|JWT)|llow(?:(?:ClientCredentials|Password)Grant|Offline)|dditionalAudiences)|I(?:DToken(?:ForceClaims|Expiration|SignAlg)|dTokenEnc(?:ContentEnc|KeyMgt)Alg|con)|User(?:I(?:nfo(?:Enc(?:ContentEnc|KeyMgt)|Sign)Alg|DAttr)|infoRequireHeaderToken)|Logout(?:Enc(?:ContentEnc|KeyMgt)Alg|SessionRequired|BypassConfirm|Type|Url)|R(?:e(?:freshToke(?:nRotatio)?n|qu(?:estUris|irePKCE)|directUris)|ule)|P(?:ostLogoutRedirectUris|ublic)|C(?:lient(?:Secret|ID)|omment)|OfflineSessionExpiration|TokenXAuthorizedRP|BypassConsent|Jwks(?:Uri)?|DisplayName|ExtraClaims)|(?:ExportedVar|ScopeRule|Macro)s)'; +our $samlIDPMetaDataNodeKeys = +'samlIDPMetaData(?:Options(?:S(?:ign(?:S[LS]OMessage|atureMethod)|toreSAMLToken|[LS]OBinding|ortNumber)|C(?:heck(?:S[LS]OMessageSignatur|Audienc|Tim)e|omment)|Re(?:questedAuthnContext|solutionRule|layStateURL)|(?:EncryptionMod|UserAttribut|DisplayNam)e|F(?:orce(?:Authn|UTF8)|ederationEntityID)|A(?:daptSessionUtime|llowLoginFromIDP)|I(?:sPassive|con)|NameIDFormat|Tooltip)|ExportedAttributes|XML)'; +our $samlSPMetaDataNodeKeys = +'samlSPMetaData(?:Options(?:F(?:ederation(?:(?:Optional|Required)Attributes|EntityID)|orceUTF8)|S(?:ign(?:S[LS]OMessage|atureMethod)|essionNotOnOrAfterTimeout)|N(?:ameID(?:SessionKey|Format)|otOnOrAfterTimeout)|C(?:heckS[LS]OMessageSignature|omment)|En(?:ableIDPInitiatedURL|cryptionMode)|(?:OneTimeUs|Rul)e|AuthnLevel)|(?:ExportedAttribute|Macro)s|XML)'; +our $virtualHostKeys = +'(?:vhost(?:A(?:ccessToTrace|uthnLevel|liases)|(?:Maintenanc|Typ)e|(?:Commen|Por)t|ServiceTokenTTL|DevOpsRulesUrl|Https)|(?:exportedHeader|locationRule)s|post)'; our $authParameters = { - adParams => [qw(ADPwdMaxAge ADPwdExpireWarning)], - apacheParams => [qw(apacheAuthnLevel)], - casParams => [qw(casAuthnLevel)], - choiceParams => [qw(authChoiceParam authChoiceModules authChoiceAuthBasic authChoiceFindUser)], - combinationParams => [qw(combination combModules)], - customParams => [qw(customAuth customUserDB customPassword customRegister customResetCertByMail customAddParams)], - dbiParams => [qw(dbiAuthnLevel dbiExportedVars dbiAuthChain dbiAuthUser dbiAuthPassword dbiUserChain dbiUserUser dbiUserPassword dbiAuthTable dbiUserTable dbiAuthLoginCol dbiAuthPasswordCol dbiPasswordMailCol userPivot dbiAuthPasswordHash dbiDynamicHashEnabled dbiDynamicHashValidSchemes dbiDynamicHashValidSaltedSchemes dbiDynamicHashNewPasswordScheme)], - demoParams => [qw(demoExportedVars)], - facebookParams => [qw(facebookAuthnLevel facebookExportedVars facebookAppId facebookAppSecret facebookUserField)], - githubParams => [qw(githubAuthnLevel githubClientID githubClientSecret githubUserField githubScope)], - gpgParams => [qw(gpgAuthnLevel gpgDb)], - kerberosParams => [qw(krbAuthnLevel krbKeytab krbByJs krbRemoveDomain krbAllowedDomains)], - ldapParams => [qw(ldapAuthnLevel ldapExportedVars ldapServer ldapPort ldapVerify ldapBase managerDn managerPassword ldapTimeout ldapIOTimeout ldapVersion ldapRaw ldapCAFile ldapCAPath LDAPFilter AuthLDAPFilter mailLDAPFilter ldapSearchDeref ldapGroupBase groupLDAPFilter ldapGroupObjectClass ldapGroupAttributeName ldapGroupAttributeNameUser ldapGroupAttributeNameSearch ldapGroupDecodeSearchedValue ldapGroupRecursive ldapGroupAttributeNameGroup ldapPpolicyControl ldapSetPassword ldapChangePasswordAsUser ldapPwdEnc ldapUsePasswordResetAttribute ldapPasswordResetAttribute ldapPasswordResetAttributeValue ldapAllowResetExpiredPassword ldapGetUserBeforePasswordChange ldapITDS)], - linkedinParams => [qw(linkedInAuthnLevel linkedInClientID linkedInClientSecret linkedInFields linkedInUserField linkedInScope)], - nullParams => [qw(nullAuthnLevel)], - oidcParams => [qw(oidcAuthnLevel oidcRPCallbackGetParam oidcRPStateTimeout)], - openidParams => [qw(openIdAuthnLevel openIdExportedVars openIdSecret openIdIDPList)], - pamParams => [qw(pamAuthnLevel pamService)], - proxyParams => [qw(proxyAuthnLevel proxyUseSoap proxyAuthService proxySessionService proxyAuthServiceChoiceParam proxyAuthServiceChoiceValue proxyCookieName proxyAuthServiceImpersonation)], - radiusParams => [qw(radiusAuthnLevel radiusSecret radiusServer radiusTimeout radiusExportedVars radiusDictionaryFile radiusRequestAttributes)], - remoteParams => [qw(remotePortal remoteCookieName remoteGlobalStorage remoteGlobalStorageOptions)], - restParams => [qw(restAuthnLevel restAuthUrl restUserDBUrl restPwdConfirmUrl restPwdModifyUrl)], - slaveParams => [qw(slaveAuthnLevel slaveUserHeader slaveMasterIP slaveHeaderName slaveHeaderContent slaveDisplayLogo slaveExportedVars)], - sslParams => [qw(SSLAuthnLevel SSLVar SSLIssuerVar SSLVarIf sslByAjax sslHost)], - twitterParams => [qw(twitterAuthnLevel twitterKey twitterSecret twitterAppName twitterUserField)], - webidParams => [qw(webIDAuthnLevel webIDExportedVars webIDWhitelist)], + adParams => [qw(ADPwdMaxAge ADPwdExpireWarning)], + apacheParams => [qw(apacheAuthnLevel)], + casParams => [qw(casAuthnLevel)], + choiceParams => [ + qw(authChoiceParam authChoiceModules authChoiceAuthBasic authChoiceFindUser) + ], + combinationParams => [qw(combination combModules)], + customParams => [ + qw(customAuth customUserDB customPassword customRegister customResetCertByMail customAddParams) + ], + dbiParams => [ + qw(dbiAuthnLevel dbiExportedVars dbiAuthChain dbiAuthUser dbiAuthPassword dbiUserChain dbiUserUser dbiUserPassword dbiAuthTable dbiUserTable dbiAuthLoginCol dbiAuthPasswordCol dbiPasswordMailCol userPivot dbiAuthPasswordHash dbiDynamicHashEnabled dbiDynamicHashValidSchemes dbiDynamicHashValidSaltedSchemes dbiDynamicHashNewPasswordScheme) + ], + demoParams => [qw(demoExportedVars)], + facebookParams => [ + qw(facebookAuthnLevel facebookExportedVars facebookAppId facebookAppSecret facebookUserField) + ], + githubParams => [ + qw(githubAuthnLevel githubClientID githubClientSecret githubUserField githubScope) + ], + gpgParams => [qw(gpgAuthnLevel gpgDb)], + kerberosParams => + [qw(krbAuthnLevel krbKeytab krbByJs krbRemoveDomain krbAllowedDomains)], + ldapParams => [ + qw(ldapAuthnLevel ldapExportedVars ldapServer ldapPort ldapVerify ldapBase managerDn managerPassword ldapTimeout ldapIOTimeout ldapVersion ldapRaw ldapCAFile ldapCAPath LDAPFilter AuthLDAPFilter mailLDAPFilter ldapSearchDeref ldapGroupBase groupLDAPFilter ldapGroupObjectClass ldapGroupAttributeName ldapGroupAttributeNameUser ldapGroupAttributeNameSearch ldapGroupDecodeSearchedValue ldapGroupRecursive ldapGroupAttributeNameGroup ldapPpolicyControl ldapSetPassword ldapChangePasswordAsUser ldapPwdEnc ldapUsePasswordResetAttribute ldapPasswordResetAttribute ldapPasswordResetAttributeValue ldapAllowResetExpiredPassword ldapGetUserBeforePasswordChange ldapITDS) + ], + linkedinParams => [ + qw(linkedInAuthnLevel linkedInClientID linkedInClientSecret linkedInFields linkedInUserField linkedInScope) + ], + nullParams => [qw(nullAuthnLevel)], + oidcParams => + [qw(oidcAuthnLevel oidcRPCallbackGetParam oidcRPStateTimeout)], + openidParams => + [qw(openIdAuthnLevel openIdExportedVars openIdSecret openIdIDPList)], + pamParams => [qw(pamAuthnLevel pamService)], + proxyParams => [ + qw(proxyAuthnLevel proxyUseSoap proxyAuthService proxySessionService proxyAuthServiceChoiceParam proxyAuthServiceChoiceValue proxyCookieName proxyAuthServiceImpersonation) + ], + radiusParams => [ + qw(radiusAuthnLevel radiusSecret radiusServer radiusTimeout radiusExportedVars radiusDictionaryFile radiusRequestAttributes) + ], + remoteParams => [ + qw(remotePortal remoteCookieName remoteGlobalStorage remoteGlobalStorageOptions) + ], + restParams => [ + qw(restAuthnLevel restAuthUrl restUserDBUrl restPwdConfirmUrl restPwdModifyUrl) + ], + slaveParams => [ + qw(slaveAuthnLevel slaveUserHeader slaveMasterIP slaveHeaderName slaveHeaderContent slaveDisplayLogo slaveExportedVars) + ], + sslParams => + [qw(SSLAuthnLevel SSLVar SSLIssuerVar SSLVarIf sslByAjax sslHost)], + twitterParams => [ + qw(twitterAuthnLevel twitterKey twitterSecret twitterAppName twitterUserField) + ], + webidParams => [qw(webIDAuthnLevel webIDExportedVars webIDWhitelist)], }; our $issuerParameters = { - issuerDBCAS => [qw(issuerDBCASActivation issuerDBCASPath issuerDBCASRule)], - issuerDBGet => [qw(issuerDBGetActivation issuerDBGetPath issuerDBGetRule issuerDBGetParameters)], - issuerDBJitsiMeetTokens => [qw(issuerDBJitsiMeetTokensActivation issuerDBJitsiMeetTokensPath issuerDBJitsiMeetTokensRule jitsiDefaultServer jitsiAppId jitsiAppSecret jitsiSigningAlg jitsiExpiration jitsiIdAttribute jitsiNameAttribute jitsiMailAttribute)], - issuerDBOpenID => [qw(issuerDBOpenIDActivation issuerDBOpenIDPath issuerDBOpenIDRule openIdIssuerSecret openIdAttr openIdSPList openIdSreg_fullname openIdSreg_nickname openIdSreg_language openIdSreg_postcode openIdSreg_timezone openIdSreg_country openIdSreg_gender openIdSreg_email openIdSreg_dob)], - issuerDBOpenIDConnect => [qw(issuerDBOpenIDConnectActivation issuerDBOpenIDConnectPath issuerDBOpenIDConnectRule)], - issuerDBSAML => [qw(issuerDBSAMLActivation issuerDBSAMLPath issuerDBSAMLRule)], - issuerOptions => [qw(issuersTimeout)], + issuerDBCAS => [qw(issuerDBCASActivation issuerDBCASPath issuerDBCASRule)], + issuerDBGet => [ + qw(issuerDBGetActivation issuerDBGetPath issuerDBGetRule issuerDBGetParameters) + ], + issuerDBJitsiMeetTokens => [ + qw(issuerDBJitsiMeetTokensActivation issuerDBJitsiMeetTokensPath issuerDBJitsiMeetTokensRule jitsiDefaultServer jitsiAppId jitsiAppSecret jitsiSigningAlg jitsiExpiration jitsiIdAttribute jitsiNameAttribute jitsiMailAttribute) + ], + issuerDBOpenID => [ + qw(issuerDBOpenIDActivation issuerDBOpenIDPath issuerDBOpenIDRule openIdIssuerSecret openIdAttr openIdSPList openIdSreg_fullname openIdSreg_nickname openIdSreg_language openIdSreg_postcode openIdSreg_timezone openIdSreg_country openIdSreg_gender openIdSreg_email openIdSreg_dob) + ], + issuerDBOpenIDConnect => [ + qw(issuerDBOpenIDConnectActivation issuerDBOpenIDConnectPath issuerDBOpenIDConnectRule) + ], + issuerDBSAML => + [qw(issuerDBSAMLActivation issuerDBSAMLPath issuerDBSAMLRule)], + issuerOptions => [qw(issuersTimeout)], }; -our $samlServiceParameters = [qw(samlEntityID samlServicePrivateKeySig samlServicePrivateKeySigPwd samlServicePublicKeySig samlServicePrivateKeyEnc samlServicePrivateKeyEncPwd samlServicePublicKeyEnc samlServiceUseCertificateInResponse samlServiceSignatureMethod samlNameIDFormatMapEmail samlNameIDFormatMapX509 samlNameIDFormatMapWindows samlNameIDFormatMapKerberos samlAuthnContextMapPassword samlAuthnContextMapPasswordProtectedTransport samlAuthnContextMapKerberos samlAuthnContextMapTLSClient samlOrganizationDisplayName samlOrganizationName samlOrganizationURL samlSPSSODescriptorAuthnRequestsSigned samlSPSSODescriptorWantAssertionsSigned samlSPSSODescriptorSingleLogoutServiceHTTPRedirect samlSPSSODescriptorSingleLogoutServiceHTTPPost samlSPSSODescriptorSingleLogoutServiceSOAP samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact samlSPSSODescriptorAssertionConsumerServiceHTTPPost samlSPSSODescriptorArtifactResolutionServiceArtifact samlIDPSSODescriptorWantAuthnRequestsSigned samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect samlIDPSSODescriptorSingleSignOnServiceHTTPPost samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect samlIDPSSODescriptorSingleLogoutServiceHTTPPost samlIDPSSODescriptorSingleLogoutServiceSOAP samlIDPSSODescriptorArtifactResolutionServiceArtifact samlAttributeAuthorityDescriptorAttributeServiceSOAP samlMetadataForceUTF8 samlRelayStateTimeout samlUseQueryStringSpecific samlOverrideIDPEntityID samlStorage samlStorageOptions samlCommonDomainCookieActivation samlCommonDomainCookieDomain samlCommonDomainCookieReader samlCommonDomainCookieWriter samlFederationFiles samlDiscoveryProtocolActivation samlDiscoveryProtocolURL samlDiscoveryProtocolPolicy samlDiscoveryProtocolIsPassive)]; -our $oidcServiceParameters = [qw(oidcServiceMetaDataIssuer oidcServiceMetaDataAuthorizeURI oidcServiceMetaDataTokenURI oidcServiceMetaDataUserInfoURI oidcServiceMetaDataJWKSURI oidcServiceMetaDataRegistrationURI oidcServiceMetaDataIntrospectionURI oidcServiceMetaDataEndSessionURI oidcServiceMetaDataCheckSessionURI oidcServiceMetaDataFrontChannelURI oidcServiceMetaDataBackChannelURI oidcServiceMetaDataAuthnContext oidcServiceAllowDynamicRegistration oidcServiceDynamicRegistrationExportedVars oidcServiceDynamicRegistrationExtraClaims oidcServicePrivateKeySig oidcServicePublicKeySig oidcServiceKeyIdSig oidcServiceKeyTypeSig oidcServiceOldPrivateKeySig oidcServiceOldPublicKeySig oidcServiceOldKeyIdSig oidcServiceOldKeyTypeSig oidcServiceNewPrivateKeySig oidcServiceNewPublicKeySig oidcServiceNewKeyIdSig oidcServiceNewKeyTypeSig oidcServicePrivateKeyEnc oidcServicePublicKeyEnc oidcServiceKeyIdEnc oidcServiceKeyTypeEnc oidcServiceOldPrivateKeyEnc oidcServiceOldPublicKeyEnc oidcServiceOldKeyIdEnc oidcServiceOldKeyTypeEnc oidcServiceAllowAuthorizationCodeFlow oidcServiceAllowImplicitFlow oidcServiceAllowHybridFlow oidcServiceIgnoreScopeForClaims oidcServiceAllowOnlyDeclaredScopes oidcDropCspHeaders oidcServiceEncAlgorithmAlg oidcServiceEncAlgorithmEnc oidcServiceHideMetadata oidcServiceAuthorizationCodeExpiration oidcServiceIDTokenExpiration oidcServiceAccessTokenExpiration oidcServiceOfflineSessionExpiration oidcStorage oidcStorageOptions)]; +our $samlServiceParameters = [ + qw(samlEntityID samlServicePrivateKeySig samlServicePrivateKeySigPwd samlServicePublicKeySig samlServicePrivateKeyEnc samlServicePrivateKeyEncPwd samlServicePublicKeyEnc samlServiceUseCertificateInResponse samlServiceSignatureMethod samlNameIDFormatMapEmail samlNameIDFormatMapX509 samlNameIDFormatMapWindows samlNameIDFormatMapKerberos samlAuthnContextMapPassword samlAuthnContextMapPasswordProtectedTransport samlAuthnContextMapKerberos samlAuthnContextMapTLSClient samlOrganizationDisplayName samlOrganizationName samlOrganizationURL samlSPSSODescriptorAuthnRequestsSigned samlSPSSODescriptorWantAssertionsSigned samlSPSSODescriptorSingleLogoutServiceHTTPRedirect samlSPSSODescriptorSingleLogoutServiceHTTPPost samlSPSSODescriptorSingleLogoutServiceSOAP samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact samlSPSSODescriptorAssertionConsumerServiceHTTPPost samlSPSSODescriptorArtifactResolutionServiceArtifact samlIDPSSODescriptorWantAuthnRequestsSigned samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect samlIDPSSODescriptorSingleSignOnServiceHTTPPost samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect samlIDPSSODescriptorSingleLogoutServiceHTTPPost samlIDPSSODescriptorSingleLogoutServiceSOAP samlIDPSSODescriptorArtifactResolutionServiceArtifact samlAttributeAuthorityDescriptorAttributeServiceSOAP samlMetadataForceUTF8 samlRelayStateTimeout samlUseQueryStringSpecific samlOverrideIDPEntityID samlStorage samlStorageOptions samlCommonDomainCookieActivation samlCommonDomainCookieDomain samlCommonDomainCookieReader samlCommonDomainCookieWriter samlFederationFiles samlDiscoveryProtocolActivation samlDiscoveryProtocolURL samlDiscoveryProtocolPolicy samlDiscoveryProtocolIsPassive) +]; +our $oidcServiceParameters = [ + qw(oidcServiceMetaDataIssuer oidcServiceMetaDataAuthorizeURI oidcServiceMetaDataTokenURI oidcServiceMetaDataUserInfoURI oidcServiceMetaDataJWKSURI oidcServiceMetaDataRegistrationURI oidcServiceMetaDataIntrospectionURI oidcServiceMetaDataEndSessionURI oidcServiceMetaDataCheckSessionURI oidcServiceMetaDataFrontChannelURI oidcServiceMetaDataBackChannelURI oidcServiceMetaDataAuthnContext oidcServiceAllowDynamicRegistration oidcServiceDynamicRegistrationExportedVars oidcServiceDynamicRegistrationExtraClaims oidcServicePrivateKeySig oidcServicePublicKeySig oidcServiceKeyIdSig oidcServiceKeyTypeSig oidcServiceOldPrivateKeySig oidcServiceOldPublicKeySig oidcServiceOldKeyIdSig oidcServiceOldKeyTypeSig oidcServiceNewPrivateKeySig oidcServiceNewPublicKeySig oidcServiceNewKeyIdSig oidcServiceNewKeyTypeSig oidcServicePrivateKeyEnc oidcServicePublicKeyEnc oidcServiceKeyIdEnc oidcServiceKeyTypeEnc oidcServiceOldPrivateKeyEnc oidcServiceOldPublicKeyEnc oidcServiceOldKeyIdEnc oidcServiceOldKeyTypeEnc oidcServiceAllowAuthorizationCodeFlow oidcServiceAllowImplicitFlow oidcServiceAllowHybridFlow oidcServiceIgnoreScopeForClaims oidcServiceAllowOnlyDeclaredScopes oidcDropCspHeaders oidcServiceEncAlgorithmAlg oidcServiceEncAlgorithmEnc oidcServiceHideMetadata oidcServiceAuthorizationCodeExpiration oidcServiceIDTokenExpiration oidcServiceAccessTokenExpiration oidcServiceOfflineSessionExpiration oidcStorage oidcStorageOptions) +]; 1; diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm index 9ec1541b10b67edda3b7843327b533c1403518f7..8f26d3251caefb02fc4464be6693cb3044e0d0f8 100644 --- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm +++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm @@ -83,7 +83,7 @@ m[^(?:(?:\-+\s*BEGIN\s+(?:PUBLIC\s+KEY|CERTIFICATE)\s*\-+\r?\n)?[a-zA-Z0-9/\+\r\ 'hostname' => { 'form' => 'text', 'msgFail' => '__badHostname__', - 'test' => + 'test' => qr/^(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+)))?$/ }, 'int' => { @@ -277,7 +277,7 @@ m[^(?:(?:\-+\s*BEGIN\s+(?:PUBLIC\s+KEY|CERTIFICATE)\s*\-+\r?\n)?[a-zA-Z0-9/\+\r\ 'url' => { 'form' => 'text', 'msgFail' => '__badUrl__', - 'test' => + 'test' => qr/(?:^$|(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+)))(?::(?:(?:[0-9]*)))?(?:\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*)(?:\/(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*))*))(?:[?](?:(?:(?:[;\/?:@&=+\$,a-zA-Z0-9\-_.!~*'()]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)))?))?))/ } }; @@ -855,7 +855,7 @@ sub attributes { }, 'casSrvMetaDataOptionsUrl' => { 'msgFail' => '__badUrl__', - 'test' => + 'test' => qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+)))(?::(?:(?:[0-9]*)))?(?:\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*)(?:\/(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*))*))(?:[?](?:(?:(?:[;\/?:@&=+\$,a-zA-Z0-9\-_.!~*'()]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)))?))?)/, 'type' => 'text' }, @@ -1420,7 +1420,7 @@ qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.] 'domain' => { 'default' => 'example.com', 'msgFail' => '__badDomainName__', - 'test' => + 'test' => qr/^(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|#\w+#))?$/, 'type' => 'text' }, @@ -1566,7 +1566,7 @@ qr/^(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a- }, 'globalStorageOptions' => { 'default' => { - 'Directory' => '/var/lib/lemonldap-ng/sessions/', + 'Directory' => '/var/lib/lemonldap-ng/sessions/', 'generateModule' => 'Lemonldap::NG::Common::Apache::Session::Generate::SHA256', 'LockDirectory' => '/var/lib/lemonldap-ng/sessions/lock/' @@ -1705,7 +1705,7 @@ qr/^(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a- 'issuerDBGetParameters' => { 'default' => {}, 'keyMsgFail' => '__badHostname__', - 'keyTest' => + 'keyTest' => qr/^(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)$/, 'test' => { 'keyMsgFail' => '__badKeyName__', @@ -3106,6 +3106,10 @@ m[^(?:ldapi://[^/]*/?|\w[\w\-\.]*(?::\d{1,5})?|ldap(?:s|\+tls)?://\w[\w\-\.]*(?: 'default' => 0, 'type' => 'bool' }, + 'oidcRPMetaDataOptionsRefreshTokenRotation' => { + 'default' => 0, + 'type' => 'bool' + }, 'oidcRPMetaDataOptionsRequestUris' => { 'type' => 'text' }, @@ -3754,7 +3758,7 @@ m[^(?:ldapi://[^/]*/?|\w[\w\-\.]*(?::\d{1,5})?|ldap(?:s|\+tls)?://\w[\w\-\.]*(?: 'pdataDomain' => { 'default' => '', 'msgFail' => '__badDomainName__', - 'test' => + 'test' => qr/^(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?))?$/, 'type' => 'text' }, @@ -3775,7 +3779,7 @@ qr/^(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA- 'portal' => { 'default' => 'http://auth.example.com/', 'msgFail' => '__badUrl__', - 'test' => + 'test' => qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+)))(?::(?:(?:[0-9]*)))?(?:\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*)(?:\/(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*))*))(?:[?](?:(?:(?:[;\/?:@&=+\$,a-zA-Z0-9\-_.!~*'()]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)))?))?)/, 'type' => 'url' }, @@ -4128,7 +4132,7 @@ qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.] 'keyTest' => qr/^(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+))(?::\d+)?$/, 'msgFail' => '__badUrl__', - 'test' => + 'test' => qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+)))(?::(?:(?:[0-9]*)))?(?:\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*)(?:\/(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*))*))(?:[?](?:(?:(?:[;\/?:@&=+\$,a-zA-Z0-9\-_.!~*'()]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)))?))?)/, 'type' => 'keyTextContainer' }, @@ -4308,19 +4312,19 @@ qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.] }, 'samlCommonDomainCookieDomain' => { 'msgFail' => '__badDomainName__', - 'test' => + 'test' => qr/^(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)$/, 'type' => 'text' }, 'samlCommonDomainCookieReader' => { 'msgFail' => '__badUrl__', - 'test' => + 'test' => qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+)))(?::(?:(?:[0-9]*)))?(?:\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*)(?:\/(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*))*))(?:[?](?:(?:(?:[;\/?:@&=+\$,a-zA-Z0-9\-_.!~*'()]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)))?))?)/, 'type' => 'text' }, 'samlCommonDomainCookieWriter' => { 'msgFail' => '__badUrl__', - 'test' => + 'test' => qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+)))(?::(?:(?:[0-9]*)))?(?:\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*)(?:\/(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*))*))(?:[?](?:(?:(?:[;\/?:@&=+\$,a-zA-Z0-9\-_.!~*'()]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)))?))?)/, 'type' => 'text' }, @@ -4337,7 +4341,7 @@ qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.] }, 'samlDiscoveryProtocolURL' => { 'msgFail' => '__badUrl__', - 'test' => + 'test' => qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+)))(?::(?:(?:[0-9]*)))?(?:\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*)(?:\/(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*))*))(?:[?](?:(?:(?:[;\/?:@&=+\$,a-zA-Z0-9\-_.!~*'()]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)))?))?)/, 'type' => 'text' }, @@ -5159,7 +5163,7 @@ qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.] }, 'SMTPServer' => { 'default' => '', - 'test' => + 'test' => qr/^(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+))(?::\d+)?)?$/, 'type' => 'text' }, diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm index 64d2cecef1118837e359b4128b840a939d1c178a..c3f4492d474a6934aa4a0947b30400433e52fcec 100644 --- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm +++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm @@ -3771,8 +3771,8 @@ sub attributes { documentation => 'Available second factor modules', }, available2FSelfRegistration => { - type => 'text', - default => join( ',', qw/Password TOTP WebAuthn Yubikey/ ), + type => 'text', + default => join( ',', qw/Password TOTP WebAuthn Yubikey/ ), documentation => 'Available self-registration modules for second factor', }, @@ -5088,6 +5088,11 @@ m{^(?:ldapi://[^/]*/?|\w[\w\-\.]*(?::\d{1,5})?|ldap(?:s|\+tls)?://\w[\w\-\.]*(?: default => 0, documentation => 'Issue refresh tokens', }, + oidcRPMetaDataOptionsRefreshTokenRotation => { + type => 'bool', + default => 0, + documentation => 'Invalidate refresh token after use', + }, oidcRPMetaDataOptionsAuthnLevel => { type => 'intOrNull', documentation => diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/CTrees.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/CTrees.pm index 6b214483f50f51a2d5923fae7933ee13136d7656..d75e691331b843b0e2f94bb1268e4481d0d91695 100644 --- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/CTrees.pm +++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/CTrees.pm @@ -260,6 +260,7 @@ sub cTrees { form => 'simpleInputContainer', nodes => [ 'oidcRPMetaDataOptionsRequirePKCE', + 'oidcRPMetaDataOptionsRefreshTokenRotation', 'oidcRPMetaDataOptionsAllowOffline', 'oidcRPMetaDataOptionsAllowPasswordGrant', 'oidcRPMetaDataOptionsAllowClientCredentialsGrant', diff --git a/lemonldap-ng-manager/site/htdocs/static/js/conftree.js b/lemonldap-ng-manager/site/htdocs/static/js/conftree.js index 68a573dc87d9b9a33910654adedeb4d8aa988880..7c3b220fd85d69c723046908f2dde1c59f32bb5e 100644 --- a/lemonldap-ng-manager/site/htdocs/static/js/conftree.js +++ b/lemonldap-ng-manager/site/htdocs/static/js/conftree.js @@ -697,6 +697,13 @@ function templates(tpl,key) { "title" : "oidcRPMetaDataOptionsRequirePKCE", "type" : "bool" }, + { + "default" : 0, + "get" : tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsRefreshTokenRotation", + "id" : tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsRefreshTokenRotation", + "title" : "oidcRPMetaDataOptionsRefreshTokenRotation", + "type" : "bool" + }, { "default" : 0, "get" : tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsAllowOffline", diff --git a/lemonldap-ng-manager/site/htdocs/static/js/conftree.min.js b/lemonldap-ng-manager/site/htdocs/static/js/conftree.min.js index 188c96bb6c055dd6ee562e570cfa1bd6ae17c02b..042161476ecb67a66efe390d795d26745a550e3c 100644 --- a/lemonldap-ng-manager/site/htdocs/static/js/conftree.min.js +++ b/lemonldap-ng-manager/site/htdocs/static/js/conftree.min.js @@ -1 +1 @@ -function templates(t,e){switch(t){case"casAppMetaDataNode":return[{cnodes:t+"s/"+e+"/casAppMetaDataExportedVars",default:[{data:"cn",id:t+"s/"+e+"/casAppMetaDataExportedVars/cn",title:"cn",type:"keyText"},{data:"mail",id:t+"s/"+e+"/casAppMetaDataExportedVars/mail",title:"mail",type:"keyText"},{data:"uid",id:t+"s/"+e+"/casAppMetaDataExportedVars/uid",title:"uid",type:"keyText"}],id:t+"s/"+e+"/casAppMetaDataExportedVars",title:"casAppMetaDataExportedVars",type:"keyTextContainer"},{_nodes:[{get:t+"s/"+e+"/casAppMetaDataOptionsService",id:t+"s/"+e+"/casAppMetaDataOptionsService",title:"casAppMetaDataOptionsService"},{get:t+"s/"+e+"/casAppMetaDataOptionsUserAttribute",id:t+"s/"+e+"/casAppMetaDataOptionsUserAttribute",title:"casAppMetaDataOptionsUserAttribute"},{default:-1,get:t+"s/"+e+"/casAppMetaDataOptionsLogout",id:t+"s/"+e+"/casAppMetaDataOptionsLogout",title:"casAppMetaDataOptionsLogout",type:"trool"},{get:t+"s/"+e+"/casAppMetaDataOptionsAuthnLevel",id:t+"s/"+e+"/casAppMetaDataOptionsAuthnLevel",title:"casAppMetaDataOptionsAuthnLevel",type:"intOrNull"},{get:t+"s/"+e+"/casAppMetaDataOptionsRule",id:t+"s/"+e+"/casAppMetaDataOptionsRule",title:"casAppMetaDataOptionsRule"},{get:t+"s/"+e+"/casAppMetaDataOptionsComment",id:t+"s/"+e+"/casAppMetaDataOptionsComment",title:"casAppMetaDataOptionsComment",type:"longtext"}],id:"casAppMetaDataOptions",title:"casAppMetaDataOptions",type:"simpleInputContainer"},{_nodes:[{get:t+"s/"+e+"/casAppMetaDataOptionsDisplayName",id:t+"s/"+e+"/casAppMetaDataOptionsDisplayName",title:"casAppMetaDataOptionsDisplayName"}],id:"casAppMetaDataOptionsDisplay",title:"casAppMetaDataOptionsDisplay",type:"simpleInputContainer"},{cnodes:t+"s/"+e+"/casAppMetaDataMacros",default:[],help:"exportedvars.html#extend-variables-using-macros-and-groups",id:t+"s/"+e+"/casAppMetaDataMacros",title:"casAppMetaDataMacros",type:"keyTextContainer"}];case"casSrvMetaDataNode":return[{cnodes:t+"s/"+e+"/casSrvMetaDataExportedVars",default:[{data:"cn",id:t+"s/"+e+"/casSrvMetaDataExportedVars/cn",title:"cn",type:"keyText"},{data:"mail",id:t+"s/"+e+"/casSrvMetaDataExportedVars/mail",title:"mail",type:"keyText"},{data:"uid",id:t+"s/"+e+"/casSrvMetaDataExportedVars/uid",title:"uid",type:"keyText"}],id:t+"s/"+e+"/casSrvMetaDataExportedVars",title:"casSrvMetaDataExportedVars",type:"keyTextContainer"},{cnodes:t+"s/"+e+"/casSrvMetaDataOptionsProxiedServices",id:t+"s/"+e+"/casSrvMetaDataOptionsProxiedServices",title:"casSrvMetaDataOptionsProxiedServices",type:"keyTextContainer"},{_nodes:[{get:t+"s/"+e+"/casSrvMetaDataOptionsUrl",id:t+"s/"+e+"/casSrvMetaDataOptionsUrl",title:"casSrvMetaDataOptionsUrl"},{default:0,get:t+"s/"+e+"/casSrvMetaDataOptionsRenew",id:t+"s/"+e+"/casSrvMetaDataOptionsRenew",title:"casSrvMetaDataOptionsRenew",type:"bool"},{default:0,get:t+"s/"+e+"/casSrvMetaDataOptionsGateway",id:t+"s/"+e+"/casSrvMetaDataOptionsGateway",title:"casSrvMetaDataOptionsGateway",type:"bool"},{get:t+"s/"+e+"/casSrvMetaDataOptionsComment",id:t+"s/"+e+"/casSrvMetaDataOptionsComment",title:"casSrvMetaDataOptionsComment",type:"longtext"}],id:"casSrvMetaDataOptions",title:"casSrvMetaDataOptions",type:"simpleInputContainer"},{_nodes:[{get:t+"s/"+e+"/casSrvMetaDataOptionsDisplayName",id:t+"s/"+e+"/casSrvMetaDataOptionsDisplayName",title:"casSrvMetaDataOptionsDisplayName"},{get:t+"s/"+e+"/casSrvMetaDataOptionsIcon",id:t+"s/"+e+"/casSrvMetaDataOptionsIcon",title:"casSrvMetaDataOptionsIcon"},{get:t+"s/"+e+"/casSrvMetaDataOptionsTooltip",id:t+"s/"+e+"/casSrvMetaDataOptionsTooltip",title:"casSrvMetaDataOptionsTooltip"},{default:"",get:t+"s/"+e+"/casSrvMetaDataOptionsResolutionRule",id:t+"s/"+e+"/casSrvMetaDataOptionsResolutionRule",title:"casSrvMetaDataOptionsResolutionRule",type:"longtext"},{get:t+"s/"+e+"/casSrvMetaDataOptionsSortNumber",id:t+"s/"+e+"/casSrvMetaDataOptionsSortNumber",title:"casSrvMetaDataOptionsSortNumber",type:"intOrNull"}],id:"casSrvMetaDataOptionsDisplay",title:"casSrvMetaDataOptionsDisplay",type:"simpleInputContainer"}];case"oidcOPMetaDataNode":return[{get:t+"s/"+e+"/oidcOPMetaDataJSON",id:t+"s/"+e+"/oidcOPMetaDataJSON",title:"oidcOPMetaDataJSON",type:"file"},{get:t+"s/"+e+"/oidcOPMetaDataJWKS",id:t+"s/"+e+"/oidcOPMetaDataJWKS",title:"oidcOPMetaDataJWKS",type:"file"},{cnodes:t+"s/"+e+"/oidcOPMetaDataExportedVars",default:[{data:"name",id:t+"s/"+e+"/oidcOPMetaDataExportedVars/cn",title:"cn",type:"keyText"},{data:"email",id:t+"s/"+e+"/oidcOPMetaDataExportedVars/mail",title:"mail",type:"keyText"},{data:"family_name",id:t+"s/"+e+"/oidcOPMetaDataExportedVars/sn",title:"sn",type:"keyText"},{data:"sub",id:t+"s/"+e+"/oidcOPMetaDataExportedVars/uid",title:"uid",type:"keyText"}],id:t+"s/"+e+"/oidcOPMetaDataExportedVars",title:"oidcOPMetaDataExportedVars",type:"keyTextContainer"},{_nodes:[{_nodes:[{get:t+"s/"+e+"/oidcOPMetaDataOptionsConfigurationURI",id:t+"s/"+e+"/oidcOPMetaDataOptionsConfigurationURI",title:"oidcOPMetaDataOptionsConfigurationURI"},{default:0,get:t+"s/"+e+"/oidcOPMetaDataOptionsJWKSTimeout",id:t+"s/"+e+"/oidcOPMetaDataOptionsJWKSTimeout",title:"oidcOPMetaDataOptionsJWKSTimeout",type:"int"},{get:t+"s/"+e+"/oidcOPMetaDataOptionsClientID",id:t+"s/"+e+"/oidcOPMetaDataOptionsClientID",title:"oidcOPMetaDataOptionsClientID"},{get:t+"s/"+e+"/oidcOPMetaDataOptionsClientSecret",id:t+"s/"+e+"/oidcOPMetaDataOptionsClientSecret",title:"oidcOPMetaDataOptionsClientSecret",type:"password"},{default:0,get:t+"s/"+e+"/oidcOPMetaDataOptionsStoreIDToken",id:t+"s/"+e+"/oidcOPMetaDataOptionsStoreIDToken",title:"oidcOPMetaDataOptionsStoreIDToken",type:"bool"},{get:t+"s/"+e+"/oidcOPMetaDataOptionsUserAttribute",id:t+"s/"+e+"/oidcOPMetaDataOptionsUserAttribute",title:"oidcOPMetaDataOptionsUserAttribute"},{get:t+"s/"+e+"/oidcOPMetaDataOptionsRequirePkce",id:t+"s/"+e+"/oidcOPMetaDataOptionsRequirePkce",title:"oidcOPMetaDataOptionsRequirePkce",type:"bool"}],id:"oidcOPMetaDataOptionsConfiguration",title:"oidcOPMetaDataOptionsConfiguration",type:"simpleInputContainer"},{_nodes:[{default:"openid profile",get:t+"s/"+e+"/oidcOPMetaDataOptionsScope",id:t+"s/"+e+"/oidcOPMetaDataOptionsScope",title:"oidcOPMetaDataOptionsScope"},{default:"",get:t+"s/"+e+"/oidcOPMetaDataOptionsDisplay",id:t+"s/"+e+"/oidcOPMetaDataOptionsDisplay",select:[{k:"",v:""},{k:"page",v:"page"},{k:"popup",v:"popup"},{k:"touch",v:"touch"},{k:"wap",v:"wap"}],title:"oidcOPMetaDataOptionsDisplay",type:"select"},{get:t+"s/"+e+"/oidcOPMetaDataOptionsPrompt",id:t+"s/"+e+"/oidcOPMetaDataOptionsPrompt",title:"oidcOPMetaDataOptionsPrompt"},{default:0,get:t+"s/"+e+"/oidcOPMetaDataOptionsMaxAge",id:t+"s/"+e+"/oidcOPMetaDataOptionsMaxAge",title:"oidcOPMetaDataOptionsMaxAge",type:"int"},{get:t+"s/"+e+"/oidcOPMetaDataOptionsUiLocales",id:t+"s/"+e+"/oidcOPMetaDataOptionsUiLocales",title:"oidcOPMetaDataOptionsUiLocales"},{get:t+"s/"+e+"/oidcOPMetaDataOptionsAcrValues",id:t+"s/"+e+"/oidcOPMetaDataOptionsAcrValues",title:"oidcOPMetaDataOptionsAcrValues"},{default:"get",get:t+"s/"+e+"/oidcOPMetaDataOptionsAuthnEndpointAuthMethod",id:t+"s/"+e+"/oidcOPMetaDataOptionsAuthnEndpointAuthMethod",select:[{k:"",v:"None"},{k:"jws",v:"Signed JWT"}],title:"oidcOPMetaDataOptionsAuthnEndpointAuthMethod",type:"select"},{default:"RS256",get:t+"s/"+e+"/oidcOPMetaDataOptionsAuthnEndpointAuthSigAlg",id:t+"s/"+e+"/oidcOPMetaDataOptionsAuthnEndpointAuthSigAlg",select:[{k:"HS256",v:"HS256"},{k:"HS384",v:"HS384"},{k:"HS512",v:"HS512"},{k:"RS256",v:"RS256"},{k:"RS384",v:"RS384"},{k:"RS512",v:"RS512"},{k:"PS256",v:"PS256"},{k:"PS384",v:"PS384"},{k:"PS512",v:"PS512"},{k:"ES256",v:"ES256"},{k:"ES384",v:"ES384"},{k:"ES512",v:"ES512"},{k:"EdDSA",v:"EdDSA"}],title:"oidcOPMetaDataOptionsAuthnEndpointAuthSigAlg",type:"select"},{default:"client_secret_post",get:t+"s/"+e+"/oidcOPMetaDataOptionsTokenEndpointAuthMethod",id:t+"s/"+e+"/oidcOPMetaDataOptionsTokenEndpointAuthMethod",select:[{k:"client_secret_post",v:"client_secret_post"},{k:"client_secret_basic",v:"client_secret_basic"},{k:"client_secret_jwt",v:"client_secret_jwt"},{k:"private_key_jwt",v:"private_key_jwt"}],title:"oidcOPMetaDataOptionsTokenEndpointAuthMethod",type:"select"},{default:1,get:t+"s/"+e+"/oidcOPMetaDataOptionsCheckJWTSignature",id:t+"s/"+e+"/oidcOPMetaDataOptionsCheckJWTSignature",title:"oidcOPMetaDataOptionsCheckJWTSignature",type:"bool"},{default:30,get:t+"s/"+e+"/oidcOPMetaDataOptionsIDTokenMaxAge",id:t+"s/"+e+"/oidcOPMetaDataOptionsIDTokenMaxAge",title:"oidcOPMetaDataOptionsIDTokenMaxAge",type:"int"},{default:1,get:t+"s/"+e+"/oidcOPMetaDataOptionsUseNonce",id:t+"s/"+e+"/oidcOPMetaDataOptionsUseNonce",title:"oidcOPMetaDataOptionsUseNonce",type:"bool"}],id:"oidcOPMetaDataOptionsProtocol",title:"oidcOPMetaDataOptionsProtocol",type:"simpleInputContainer"},{get:t+"s/"+e+"/oidcOPMetaDataOptionsComment",id:t+"s/"+e+"/oidcOPMetaDataOptionsComment",title:"oidcOPMetaDataOptionsComment",type:"longtext"}],help:"authopenidconnect.html#options",id:"oidcOPMetaDataOptions",title:"oidcOPMetaDataOptions"},{_nodes:[{get:t+"s/"+e+"/oidcOPMetaDataOptionsDisplayName",id:t+"s/"+e+"/oidcOPMetaDataOptionsDisplayName",title:"oidcOPMetaDataOptionsDisplayName"},{get:t+"s/"+e+"/oidcOPMetaDataOptionsIcon",id:t+"s/"+e+"/oidcOPMetaDataOptionsIcon",title:"oidcOPMetaDataOptionsIcon"},{get:t+"s/"+e+"/oidcOPMetaDataOptionsTooltip",id:t+"s/"+e+"/oidcOPMetaDataOptionsTooltip",title:"oidcOPMetaDataOptionsTooltip"},{default:"",get:t+"s/"+e+"/oidcOPMetaDataOptionsResolutionRule",id:t+"s/"+e+"/oidcOPMetaDataOptionsResolutionRule",title:"oidcOPMetaDataOptionsResolutionRule",type:"longtext"},{get:t+"s/"+e+"/oidcOPMetaDataOptionsSortNumber",id:t+"s/"+e+"/oidcOPMetaDataOptionsSortNumber",title:"oidcOPMetaDataOptionsSortNumber",type:"intOrNull"}],help:"authopenidconnect.html#display",id:"oidcOPMetaDataOptionsDisplayParams",title:"oidcOPMetaDataOptionsDisplayParams",type:"simpleInputContainer"}];case"oidcRPMetaDataNode":return[{_nodes:[{default:0,get:t+"s/"+e+"/oidcRPMetaDataOptionsPublic",id:t+"s/"+e+"/oidcRPMetaDataOptionsPublic",title:"oidcRPMetaDataOptionsPublic",type:"bool"},{get:t+"s/"+e+"/oidcRPMetaDataOptionsClientID",id:t+"s/"+e+"/oidcRPMetaDataOptionsClientID",title:"oidcRPMetaDataOptionsClientID"},{get:t+"s/"+e+"/oidcRPMetaDataOptionsClientSecret",id:t+"s/"+e+"/oidcRPMetaDataOptionsClientSecret",title:"oidcRPMetaDataOptionsClientSecret",type:"password"},{get:t+"s/"+e+"/oidcRPMetaDataOptionsRedirectUris",id:t+"s/"+e+"/oidcRPMetaDataOptionsRedirectUris",title:"oidcRPMetaDataOptionsRedirectUris"}],help:"idpopenidconnect.html#basic-options",id:"oidcRPMetaDataOptionsBasic",title:"oidcRPMetaDataOptionsBasic",type:"simpleInputContainer"},{cnodes:t+"s/"+e+"/oidcRPMetaDataExportedVars",default:[{data:["mail","string","auto"],id:t+"s/"+e+"/oidcRPMetaDataExportedVars/email",title:"email",type:"oidcAttribute"},{data:["cn","string","auto"],id:t+"s/"+e+"/oidcRPMetaDataExportedVars/name",title:"name",type:"oidcAttribute"},{data:["uid","string","auto"],id:t+"s/"+e+"/oidcRPMetaDataExportedVars/preferred_username",title:"preferred_username",type:"oidcAttribute"}],help:"idpopenidconnect.html#exported-attributes",id:t+"s/"+e+"/oidcRPMetaDataExportedVars",title:"oidcRPMetaDataExportedVars",type:"oidcAttributeContainer"},{_nodes:[{_nodes:[{default:0,get:t+"s/"+e+"/oidcRPMetaDataOptionsBypassConsent",id:t+"s/"+e+"/oidcRPMetaDataOptionsBypassConsent",title:"oidcRPMetaDataOptionsBypassConsent",type:"bool"},{default:0,get:t+"s/"+e+"/oidcRPMetaDataOptionsIDTokenForceClaims",id:t+"s/"+e+"/oidcRPMetaDataOptionsIDTokenForceClaims",title:"oidcRPMetaDataOptionsIDTokenForceClaims",type:"bool"},{default:0,get:t+"s/"+e+"/oidcRPMetaDataOptionsAccessTokenJWT",id:t+"s/"+e+"/oidcRPMetaDataOptionsAccessTokenJWT",title:"oidcRPMetaDataOptionsAccessTokenJWT",type:"bool"},{default:0,get:t+"s/"+e+"/oidcRPMetaDataOptionsAccessTokenClaims",id:t+"s/"+e+"/oidcRPMetaDataOptionsAccessTokenClaims",title:"oidcRPMetaDataOptionsAccessTokenClaims",type:"bool"},{default:0,get:t+"s/"+e+"/oidcRPMetaDataOptionsRefreshToken",id:t+"s/"+e+"/oidcRPMetaDataOptionsRefreshToken",title:"oidcRPMetaDataOptionsRefreshToken",type:"bool"},{get:t+"s/"+e+"/oidcRPMetaDataOptionsUserIDAttr",id:t+"s/"+e+"/oidcRPMetaDataOptionsUserIDAttr",title:"oidcRPMetaDataOptionsUserIDAttr"},{get:t+"s/"+e+"/oidcRPMetaDataOptionsAdditionalAudiences",id:t+"s/"+e+"/oidcRPMetaDataOptionsAdditionalAudiences",title:"oidcRPMetaDataOptionsAdditionalAudiences"},{get:t+"s/"+e+"/oidcRPMetaDataOptionsTokenXAuthorizedRP",id:t+"s/"+e+"/oidcRPMetaDataOptionsTokenXAuthorizedRP",title:"oidcRPMetaDataOptionsTokenXAuthorizedRP"}],id:"oidcRPMetaDataOptionsAdvanced",title:"oidcRPMetaDataOptionsAdvanced",type:"simpleInputContainer"},{_nodes:[{cnodes:t+"s/"+e+"/oidcRPMetaDataOptionsExtraClaims",default:[],help:"idpopenidconnect.html#oidcextraclaims",id:t+"s/"+e+"/oidcRPMetaDataOptionsExtraClaims",title:"oidcRPMetaDataOptionsExtraClaims",type:"keyTextContainer"},{cnodes:t+"s/"+e+"/oidcRPMetaDataScopeRules",default:[],help:"idpopenidconnect.html#scope-rules",id:t+"s/"+e+"/oidcRPMetaDataScopeRules",title:"oidcRPMetaDataScopeRules",type:"keyTextContainer"}],id:"oidcRPMetaDataOptionsScopes",title:"oidcRPMetaDataOptionsScopes"},{_nodes:[{default:0,get:t+"s/"+e+"/oidcRPMetaDataOptionsRequirePKCE",id:t+"s/"+e+"/oidcRPMetaDataOptionsRequirePKCE",title:"oidcRPMetaDataOptionsRequirePKCE",type:"bool"},{default:0,get:t+"s/"+e+"/oidcRPMetaDataOptionsAllowOffline",id:t+"s/"+e+"/oidcRPMetaDataOptionsAllowOffline",title:"oidcRPMetaDataOptionsAllowOffline",type:"bool"},{default:0,get:t+"s/"+e+"/oidcRPMetaDataOptionsAllowPasswordGrant",id:t+"s/"+e+"/oidcRPMetaDataOptionsAllowPasswordGrant",title:"oidcRPMetaDataOptionsAllowPasswordGrant",type:"bool"},{default:0,get:t+"s/"+e+"/oidcRPMetaDataOptionsAllowClientCredentialsGrant",id:t+"s/"+e+"/oidcRPMetaDataOptionsAllowClientCredentialsGrant",title:"oidcRPMetaDataOptionsAllowClientCredentialsGrant",type:"bool"},{get:t+"s/"+e+"/oidcRPMetaDataOptionsRequestUris",id:t+"s/"+e+"/oidcRPMetaDataOptionsRequestUris",title:"oidcRPMetaDataOptionsRequestUris"},{get:t+"s/"+e+"/oidcRPMetaDataOptionsAuthnLevel",id:t+"s/"+e+"/oidcRPMetaDataOptionsAuthnLevel",title:"oidcRPMetaDataOptionsAuthnLevel",type:"intOrNull"},{get:t+"s/"+e+"/oidcRPMetaDataOptionsRule",id:t+"s/"+e+"/oidcRPMetaDataOptionsRule",title:"oidcRPMetaDataOptionsRule"},{get:t+"s/"+e+"/oidcRPMetaDataOptionsAuthMethod",id:t+"s/"+e+"/oidcRPMetaDataOptionsAuthMethod",select:[{k:"",v:"Any"},{k:"client_secret_post",v:"client_secret_post"},{k:"client_secret_basic",v:"client_secret_basic"},{k:"client_secret_jwt",v:"client_secret_jwt"},{k:"private_key_jwt",v:"private_key_jwt"}],title:"oidcRPMetaDataOptionsAuthMethod",type:"select"},{get:t+"s/"+e+"/oidcRPMetaDataOptionsAuthRequiredForAuthorize",id:t+"s/"+e+"/oidcRPMetaDataOptionsAuthRequiredForAuthorize",title:"oidcRPMetaDataOptionsAuthRequiredForAuthorize",type:"bool"},{get:t+"s/"+e+"/oidcRPMetaDataOptionsAuthnRequireState",id:t+"s/"+e+"/oidcRPMetaDataOptionsAuthnRequireState",title:"oidcRPMetaDataOptionsAuthnRequireState",type:"bool"},{get:t+"s/"+e+"/oidcRPMetaDataOptionsAuthnRequireNonce",id:t+"s/"+e+"/oidcRPMetaDataOptionsAuthnRequireNonce",title:"oidcRPMetaDataOptionsAuthnRequireNonce",type:"bool"},{get:t+"s/"+e+"/oidcRPMetaDataOptionsUserinfoRequireHeaderToken",id:t+"s/"+e+"/oidcRPMetaDataOptionsUserinfoRequireHeaderToken",title:"oidcRPMetaDataOptionsUserinfoRequireHeaderToken",type:"bool"}],id:"security",title:"security",type:"simpleInputContainer"},{_nodes:[{default:"RS256",get:t+"s/"+e+"/oidcRPMetaDataOptionsIDTokenSignAlg",id:t+"s/"+e+"/oidcRPMetaDataOptionsIDTokenSignAlg",select:[{k:"none",v:"None"},{k:"HS256",v:"HS256"},{k:"HS384",v:"HS384"},{k:"HS512",v:"HS512"},{k:"RS256",v:"RS256"},{k:"RS384",v:"RS384"},{k:"RS512",v:"RS512"},{k:"PS256",v:"PS256"},{k:"PS384",v:"PS384"},{k:"PS512",v:"PS512"},{k:"ES256",v:"ES256"},{k:"ES384",v:"ES384"},{k:"ES512",v:"ES512"},{k:"EdDSA",v:"EdDSA"}],title:"oidcRPMetaDataOptionsIDTokenSignAlg",type:"select"},{default:"RS256",get:t+"s/"+e+"/oidcRPMetaDataOptionsAccessTokenSignAlg",id:t+"s/"+e+"/oidcRPMetaDataOptionsAccessTokenSignAlg",select:[{k:"HS256",v:"HS256"},{k:"HS384",v:"HS384"},{k:"HS512",v:"HS512"},{k:"RS256",v:"RS256"},{k:"RS384",v:"RS384"},{k:"RS512",v:"RS512"},{k:"PS256",v:"PS256"},{k:"PS384",v:"PS384"},{k:"PS512",v:"PS512"},{k:"ES256",v:"ES256"},{k:"ES384",v:"ES384"},{k:"ES512",v:"ES512"},{k:"EdDSA",v:"EdDSA"}],title:"oidcRPMetaDataOptionsAccessTokenSignAlg",type:"select"},{default:"",get:t+"s/"+e+"/oidcRPMetaDataOptionsUserInfoSignAlg",id:t+"s/"+e+"/oidcRPMetaDataOptionsUserInfoSignAlg",select:[{k:"",v:"JSON"},{k:"none",v:"JWT/None"},{k:"HS256",v:"JWT/HS256"},{k:"HS384",v:"JWT/HS384"},{k:"HS512",v:"JWT/HS512"},{k:"RS256",v:"JWT/RS256"},{k:"RS384",v:"JWT/RS384"},{k:"RS512",v:"JWT/RS512"},{k:"PS256",v:"JWT/PS256"},{k:"PS384",v:"JWT/PS384"},{k:"PS512",v:"JWT/PS512"},{k:"ES256",v:"JWT/ES256"},{k:"ES384",v:"JWT/ES384"},{k:"ES512",v:"JWT/ES512"},{k:"EdDSA",v:"JWT/EdDSA"}],title:"oidcRPMetaDataOptionsUserInfoSignAlg",type:"select"},{get:t+"s/"+e+"/oidcRPMetaDataOptionsAccessTokenEncKeyMgtAlg",id:t+"s/"+e+"/oidcRPMetaDataOptionsAccessTokenEncKeyMgtAlg",select:[{k:"",v:"None"},{k:"RSA-OAEP",v:"RSA-OAEP"},{k:"RSA-OAEP-256",v:"RSA-OAEP-256"},{k:"RSA1_5",v:"RSA1_5"},{k:"ECDH-ES",v:"ECDH-ES"},{k:"ECDH-ES+A128KW",v:"ECDH-ES+A128KW"},{k:"ECDH-ES+A192KW",v:"ECDH-ES+A192KW"},{k:"ECDH-ES+A256KW",v:"ECDH-ES+A256KW"}],title:"oidcRPMetaDataOptionsAccessTokenEncKeyMgtAlg",type:"select"},{default:"A256GCM",get:t+"s/"+e+"/oidcRPMetaDataOptionsAccessTokenEncContentEncAlg",id:t+"s/"+e+"/oidcRPMetaDataOptionsAccessTokenEncContentEncAlg",select:[{k:"A256CBC-HS512",v:"A256CBC-HS512"},{k:"A256GCM",v:"A256GCM"},{k:"A192CBC-HS384",v:"A192CBC-HS384"},{k:"A192GCM",v:"A192GCM"},{k:"A128CBC-HS256",v:"A128CBC-HS256"},{k:"A128GCM",v:"A128GCM"}],title:"oidcRPMetaDataOptionsAccessTokenEncContentEncAlg",type:"select"},{get:t+"s/"+e+"/oidcRPMetaDataOptionsIdTokenEncKeyMgtAlg",id:t+"s/"+e+"/oidcRPMetaDataOptionsIdTokenEncKeyMgtAlg",select:[{k:"",v:"None"},{k:"RSA-OAEP",v:"RSA-OAEP"},{k:"RSA-OAEP-256",v:"RSA-OAEP-256"},{k:"RSA1_5",v:"RSA1_5"},{k:"ECDH-ES",v:"ECDH-ES"},{k:"ECDH-ES+A128KW",v:"ECDH-ES+A128KW"},{k:"ECDH-ES+A192KW",v:"ECDH-ES+A192KW"},{k:"ECDH-ES+A256KW",v:"ECDH-ES+A256KW"}],title:"oidcRPMetaDataOptionsIdTokenEncKeyMgtAlg",type:"select"},{default:"A256GCM",get:t+"s/"+e+"/oidcRPMetaDataOptionsIdTokenEncContentEncAlg",id:t+"s/"+e+"/oidcRPMetaDataOptionsIdTokenEncContentEncAlg",select:[{k:"A256CBC-HS512",v:"A256CBC-HS512"},{k:"A256GCM",v:"A256GCM"},{k:"A192CBC-HS384",v:"A192CBC-HS384"},{k:"A192GCM",v:"A192GCM"},{k:"A128CBC-HS256",v:"A128CBC-HS256"},{k:"A128GCM",v:"A128GCM"}],title:"oidcRPMetaDataOptionsIdTokenEncContentEncAlg",type:"select"},{get:t+"s/"+e+"/oidcRPMetaDataOptionsUserInfoEncKeyMgtAlg",id:t+"s/"+e+"/oidcRPMetaDataOptionsUserInfoEncKeyMgtAlg",select:[{k:"",v:"None"},{k:"RSA-OAEP",v:"RSA-OAEP"},{k:"RSA-OAEP-256",v:"RSA-OAEP-256"},{k:"RSA1_5",v:"RSA1_5"},{k:"ECDH-ES",v:"ECDH-ES"},{k:"ECDH-ES+A128KW",v:"ECDH-ES+A128KW"},{k:"ECDH-ES+A192KW",v:"ECDH-ES+A192KW"},{k:"ECDH-ES+A256KW",v:"ECDH-ES+A256KW"}],title:"oidcRPMetaDataOptionsUserInfoEncKeyMgtAlg",type:"select"},{default:"A256GCM",get:t+"s/"+e+"/oidcRPMetaDataOptionsUserInfoEncContentEncAlg",id:t+"s/"+e+"/oidcRPMetaDataOptionsUserInfoEncContentEncAlg",select:[{k:"A256CBC-HS512",v:"A256CBC-HS512"},{k:"A256GCM",v:"A256GCM"},{k:"A192CBC-HS384",v:"A192CBC-HS384"},{k:"A192GCM",v:"A192GCM"},{k:"A128CBC-HS256",v:"A128CBC-HS256"},{k:"A128GCM",v:"A128GCM"}],title:"oidcRPMetaDataOptionsUserInfoEncContentEncAlg",type:"select"},{get:t+"s/"+e+"/oidcRPMetaDataOptionsLogoutEncKeyMgtAlg",id:t+"s/"+e+"/oidcRPMetaDataOptionsLogoutEncKeyMgtAlg",select:[{k:"",v:"None"},{k:"RSA-OAEP",v:"RSA-OAEP"},{k:"RSA-OAEP-256",v:"RSA-OAEP-256"},{k:"RSA1_5",v:"RSA1_5"},{k:"ECDH-ES",v:"ECDH-ES"},{k:"ECDH-ES+A128KW",v:"ECDH-ES+A128KW"},{k:"ECDH-ES+A192KW",v:"ECDH-ES+A192KW"},{k:"ECDH-ES+A256KW",v:"ECDH-ES+A256KW"}],title:"oidcRPMetaDataOptionsLogoutEncKeyMgtAlg",type:"select"},{default:"A256GCM",get:t+"s/"+e+"/oidcRPMetaDataOptionsLogoutEncContentEncAlg",id:t+"s/"+e+"/oidcRPMetaDataOptionsLogoutEncContentEncAlg",select:[{k:"A256CBC-HS512",v:"A256CBC-HS512"},{k:"A256GCM",v:"A256GCM"},{k:"A192CBC-HS384",v:"A192CBC-HS384"},{k:"A192GCM",v:"A192GCM"},{k:"A128CBC-HS256",v:"A128CBC-HS256"},{k:"A128GCM",v:"A128GCM"}],title:"oidcRPMetaDataOptionsLogoutEncContentEncAlg",type:"select"}],id:"algorithms",title:"algorithms",type:"simpleInputContainer"},{_nodes:[{get:t+"s/"+e+"/oidcRPMetaDataOptionsJwksUri",help:"idpopenidconnect.html",id:t+"s/"+e+"/oidcRPMetaDataOptionsJwksUri",title:"oidcRPMetaDataOptionsJwksUri"},{get:t+"s/"+e+"/oidcRPMetaDataOptionsJwks",id:t+"s/"+e+"/oidcRPMetaDataOptionsJwks",title:"oidcRPMetaDataOptionsJwks",type:"file"}],id:"keys",title:"keys"},{_nodes:[{get:t+"s/"+e+"/oidcRPMetaDataOptionsAuthorizationCodeExpiration",id:t+"s/"+e+"/oidcRPMetaDataOptionsAuthorizationCodeExpiration",title:"oidcRPMetaDataOptionsAuthorizationCodeExpiration",type:"intOrNull"},{get:t+"s/"+e+"/oidcRPMetaDataOptionsIDTokenExpiration",id:t+"s/"+e+"/oidcRPMetaDataOptionsIDTokenExpiration",title:"oidcRPMetaDataOptionsIDTokenExpiration",type:"intOrNull"},{get:t+"s/"+e+"/oidcRPMetaDataOptionsAccessTokenExpiration",id:t+"s/"+e+"/oidcRPMetaDataOptionsAccessTokenExpiration",title:"oidcRPMetaDataOptionsAccessTokenExpiration",type:"intOrNull"},{get:t+"s/"+e+"/oidcRPMetaDataOptionsOfflineSessionExpiration",id:t+"s/"+e+"/oidcRPMetaDataOptionsOfflineSessionExpiration",title:"oidcRPMetaDataOptionsOfflineSessionExpiration",type:"intOrNull"}],id:"oidcRPMetaDataOptionsTimeouts",title:"oidcRPMetaDataOptionsTimeouts",type:"simpleInputContainer"},{_nodes:[{default:0,get:t+"s/"+e+"/oidcRPMetaDataOptionsLogoutBypassConfirm",id:t+"s/"+e+"/oidcRPMetaDataOptionsLogoutBypassConfirm",title:"oidcRPMetaDataOptionsLogoutBypassConfirm",type:"bool"},{default:0,get:t+"s/"+e+"/oidcRPMetaDataOptionsLogoutSessionRequired",id:t+"s/"+e+"/oidcRPMetaDataOptionsLogoutSessionRequired",title:"oidcRPMetaDataOptionsLogoutSessionRequired",type:"bool"},{default:"front",get:t+"s/"+e+"/oidcRPMetaDataOptionsLogoutType",id:t+"s/"+e+"/oidcRPMetaDataOptionsLogoutType",select:[{k:"front",v:"Front Channel"},{k:"back",v:"Back Channel"}],title:"oidcRPMetaDataOptionsLogoutType",type:"select"},{get:t+"s/"+e+"/oidcRPMetaDataOptionsLogoutUrl",id:t+"s/"+e+"/oidcRPMetaDataOptionsLogoutUrl",title:"oidcRPMetaDataOptionsLogoutUrl"},{get:t+"s/"+e+"/oidcRPMetaDataOptionsPostLogoutRedirectUris",id:t+"s/"+e+"/oidcRPMetaDataOptionsPostLogoutRedirectUris",title:"oidcRPMetaDataOptionsPostLogoutRedirectUris"}],id:"logout",title:"logout",type:"simpleInputContainer"},{get:t+"s/"+e+"/oidcRPMetaDataOptionsComment",id:t+"s/"+e+"/oidcRPMetaDataOptionsComment",title:"oidcRPMetaDataOptionsComment",type:"longtext"}],help:"idpopenidconnect.html#options",id:"oidcRPMetaDataOptions",title:"oidcRPMetaDataOptions"},{cnodes:t+"s/"+e+"/oidcRPMetaDataMacros",default:[],help:"exportedvars.html#extend-variables-using-macros-and-groups",id:t+"s/"+e+"/oidcRPMetaDataMacros",title:"oidcRPMetaDataMacros",type:"keyTextContainer"},{_nodes:[{get:t+"s/"+e+"/oidcRPMetaDataOptionsDisplayName",id:t+"s/"+e+"/oidcRPMetaDataOptionsDisplayName",title:"oidcRPMetaDataOptionsDisplayName"},{get:t+"s/"+e+"/oidcRPMetaDataOptionsIcon",id:t+"s/"+e+"/oidcRPMetaDataOptionsIcon",title:"oidcRPMetaDataOptionsIcon"}],help:"idpopenidconnect.html#display",id:"oidcRPMetaDataOptionsDisplay",title:"oidcRPMetaDataOptionsDisplay",type:"simpleInputContainer"}];case"samlIDPMetaDataNode":return[{get:t+"s/"+e+"/samlIDPMetaDataXML",id:t+"s/"+e+"/samlIDPMetaDataXML",title:"samlIDPMetaDataXML",type:"file"},{cnodes:t+"s/"+e+"/samlIDPMetaDataExportedAttributes",default:[],help:"authsaml.html#exported-attributes",id:t+"s/"+e+"/samlIDPMetaDataExportedAttributes",title:"samlIDPMetaDataExportedAttributes",type:"samlAttributeContainer"},{_nodes:[{default:0,get:t+"s/"+e+"/samlIDPMetaDataOptionsAdaptSessionUtime",id:t+"s/"+e+"/samlIDPMetaDataOptionsAdaptSessionUtime",title:"samlIDPMetaDataOptionsAdaptSessionUtime",type:"bool"},{default:0,get:t+"s/"+e+"/samlIDPMetaDataOptionsForceUTF8",id:t+"s/"+e+"/samlIDPMetaDataOptionsForceUTF8",title:"samlIDPMetaDataOptionsForceUTF8",type:"bool"},{default:0,get:t+"s/"+e+"/samlIDPMetaDataOptionsStoreSAMLToken",id:t+"s/"+e+"/samlIDPMetaDataOptionsStoreSAMLToken",title:"samlIDPMetaDataOptionsStoreSAMLToken",type:"bool"},{get:t+"s/"+e+"/samlIDPMetaDataOptionsUserAttribute",id:t+"s/"+e+"/samlIDPMetaDataOptionsUserAttribute",title:"samlIDPMetaDataOptionsUserAttribute"}],help:"authsaml.html#session",id:"samlIDPMetaDataOptionsSession",title:"samlIDPMetaDataOptionsSession",type:"simpleInputContainer"},{_nodes:[{default:"",get:t+"s/"+e+"/samlIDPMetaDataOptionsSignatureMethod",id:t+"s/"+e+"/samlIDPMetaDataOptionsSignatureMethod",select:[{k:"",v:"default"},{k:"RSA_SHA1",v:"RSA SHA1"},{k:"RSA_SHA256",v:"RSA SHA256"},{k:"RSA_SHA384",v:"RSA SHA384"},{k:"RSA_SHA512",v:"RSA SHA512"}],title:"samlIDPMetaDataOptionsSignatureMethod",type:"select"},{default:-1,get:t+"s/"+e+"/samlIDPMetaDataOptionsSignSSOMessage",id:t+"s/"+e+"/samlIDPMetaDataOptionsSignSSOMessage",title:"samlIDPMetaDataOptionsSignSSOMessage",type:"trool"},{default:1,get:t+"s/"+e+"/samlIDPMetaDataOptionsCheckSSOMessageSignature",id:t+"s/"+e+"/samlIDPMetaDataOptionsCheckSSOMessageSignature",title:"samlIDPMetaDataOptionsCheckSSOMessageSignature",type:"bool"},{default:-1,get:t+"s/"+e+"/samlIDPMetaDataOptionsSignSLOMessage",id:t+"s/"+e+"/samlIDPMetaDataOptionsSignSLOMessage",title:"samlIDPMetaDataOptionsSignSLOMessage",type:"trool"},{default:1,get:t+"s/"+e+"/samlIDPMetaDataOptionsCheckSLOMessageSignature",id:t+"s/"+e+"/samlIDPMetaDataOptionsCheckSLOMessageSignature",title:"samlIDPMetaDataOptionsCheckSLOMessageSignature",type:"bool"}],help:"authsaml.html#signature",id:"samlIDPMetaDataOptionsSignature",title:"samlIDPMetaDataOptionsSignature",type:"simpleInputContainer"},{_nodes:[{default:"",get:t+"s/"+e+"/samlIDPMetaDataOptionsSSOBinding",id:t+"s/"+e+"/samlIDPMetaDataOptionsSSOBinding",select:[{k:"",v:""},{k:"http-post",v:"POST"},{k:"http-redirect",v:"Redirect"},{k:"artifact-get",v:"Artifact GET"}],title:"samlIDPMetaDataOptionsSSOBinding",type:"select"},{default:"",get:t+"s/"+e+"/samlIDPMetaDataOptionsSLOBinding",id:t+"s/"+e+"/samlIDPMetaDataOptionsSLOBinding",select:[{k:"",v:""},{k:"http-post",v:"POST"},{k:"http-redirect",v:"Redirect"},{k:"http-soap",v:"SOAP"}],title:"samlIDPMetaDataOptionsSLOBinding",type:"select"}],help:"authsaml.html#binding",id:"samlIDPMetaDataOptionsBinding",title:"samlIDPMetaDataOptionsBinding",type:"simpleInputContainer"},{_nodes:[{default:"none",get:t+"s/"+e+"/samlIDPMetaDataOptionsEncryptionMode",id:t+"s/"+e+"/samlIDPMetaDataOptionsEncryptionMode",select:[{k:"none",v:"None"},{k:"nameid",v:"Name ID"},{k:"assertion",v:"Assertion"}],title:"samlIDPMetaDataOptionsEncryptionMode",type:"select"},{default:1,get:t+"s/"+e+"/samlIDPMetaDataOptionsCheckTime",id:t+"s/"+e+"/samlIDPMetaDataOptionsCheckTime",title:"samlIDPMetaDataOptionsCheckTime",type:"bool"},{default:1,get:t+"s/"+e+"/samlIDPMetaDataOptionsCheckAudience",id:t+"s/"+e+"/samlIDPMetaDataOptionsCheckAudience",title:"samlIDPMetaDataOptionsCheckAudience",type:"bool"}],help:"authsaml.html#security",id:"samlIDPMetaDataOptionsSecurity",title:"samlIDPMetaDataOptionsSecurity",type:"simpleInputContainer"},{_nodes:[{default:"",get:t+"s/"+e+"/samlIDPMetaDataOptionsNameIDFormat",id:t+"s/"+e+"/samlIDPMetaDataOptionsNameIDFormat",select:[{k:"",v:""},{k:"unspecified",v:"Unspecified"},{k:"email",v:"Email"},{k:"x509",v:"X509 certificate"},{k:"windows",v:"Windows"},{k:"kerberos",v:"Kerberos"},{k:"entity",v:"Entity"},{k:"persistent",v:"Persistent"},{k:"transient",v:"Transient"},{k:"encrypted",v:"Encrypted"}],title:"samlIDPMetaDataOptionsNameIDFormat",type:"select"},{default:0,get:t+"s/"+e+"/samlIDPMetaDataOptionsForceAuthn",id:t+"s/"+e+"/samlIDPMetaDataOptionsForceAuthn",title:"samlIDPMetaDataOptionsForceAuthn",type:"bool"},{default:0,get:t+"s/"+e+"/samlIDPMetaDataOptionsIsPassive",id:t+"s/"+e+"/samlIDPMetaDataOptionsIsPassive",title:"samlIDPMetaDataOptionsIsPassive",type:"bool"},{default:0,get:t+"s/"+e+"/samlIDPMetaDataOptionsAllowLoginFromIDP",id:t+"s/"+e+"/samlIDPMetaDataOptionsAllowLoginFromIDP",title:"samlIDPMetaDataOptionsAllowLoginFromIDP",type:"bool"},{default:"",get:t+"s/"+e+"/samlIDPMetaDataOptionsRequestedAuthnContext",id:t+"s/"+e+"/samlIDPMetaDataOptionsRequestedAuthnContext",select:[{k:"",v:""},{k:"kerberos",v:"Kerberos"},{k:"password-protected-transport",v:"Password protected transport"},{k:"password",v:"Password"},{k:"tls-client",v:"TLS client certificate"}],title:"samlIDPMetaDataOptionsRequestedAuthnContext",type:"select"},{default:0,get:t+"s/"+e+"/samlIDPMetaDataOptionsRelayStateURL",id:t+"s/"+e+"/samlIDPMetaDataOptionsRelayStateURL",title:"samlIDPMetaDataOptionsRelayStateURL",type:"bool"},{_nodes:[{get:t+"s/"+e+"/samlIDPMetaDataOptionsFederationEntityID",id:t+"s/"+e+"/samlIDPMetaDataOptionsFederationEntityID",title:"samlIDPMetaDataOptionsFederationEntityID"}],id:"samlIDPMetaDataOptionsFederation",title:"samlIDPMetaDataOptionsFederation",type:"simpleInputContainer"},{get:t+"s/"+e+"/samlIDPMetaDataOptionsComment",id:t+"s/"+e+"/samlIDPMetaDataOptionsComment",title:"samlIDPMetaDataOptionsComment",type:"longtext"}],help:"authsaml.html#options",id:"samlIDPMetaDataOptions",title:"samlIDPMetaDataOptions"},{_nodes:[{get:t+"s/"+e+"/samlIDPMetaDataOptionsDisplayName",id:t+"s/"+e+"/samlIDPMetaDataOptionsDisplayName",title:"samlIDPMetaDataOptionsDisplayName"},{get:t+"s/"+e+"/samlIDPMetaDataOptionsIcon",id:t+"s/"+e+"/samlIDPMetaDataOptionsIcon",title:"samlIDPMetaDataOptionsIcon"},{get:t+"s/"+e+"/samlIDPMetaDataOptionsTooltip",id:t+"s/"+e+"/samlIDPMetaDataOptionsTooltip",title:"samlIDPMetaDataOptionsTooltip"},{default:"",get:t+"s/"+e+"/samlIDPMetaDataOptionsResolutionRule",id:t+"s/"+e+"/samlIDPMetaDataOptionsResolutionRule",title:"samlIDPMetaDataOptionsResolutionRule",type:"longtext"},{get:t+"s/"+e+"/samlIDPMetaDataOptionsSortNumber",id:t+"s/"+e+"/samlIDPMetaDataOptionsSortNumber",title:"samlIDPMetaDataOptionsSortNumber",type:"intOrNull"}],help:"authsaml.html#display",id:"samlIDPMetaDataOptionsDisplay",title:"samlIDPMetaDataOptionsDisplay",type:"simpleInputContainer"}];case"samlSPMetaDataNode":return[{get:t+"s/"+e+"/samlSPMetaDataXML",id:t+"s/"+e+"/samlSPMetaDataXML",title:"samlSPMetaDataXML",type:"file"},{cnodes:t+"s/"+e+"/samlSPMetaDataExportedAttributes",default:[],help:"idpsaml.html#exported-attributes",id:t+"s/"+e+"/samlSPMetaDataExportedAttributes",title:"samlSPMetaDataExportedAttributes",type:"samlAttributeContainer"},{_nodes:[{_nodes:[{default:"",get:t+"s/"+e+"/samlSPMetaDataOptionsNameIDFormat",id:t+"s/"+e+"/samlSPMetaDataOptionsNameIDFormat",select:[{k:"",v:""},{k:"unspecified",v:"Unspecified"},{k:"email",v:"Email"},{k:"x509",v:"X509 certificate"},{k:"windows",v:"Windows"},{k:"kerberos",v:"Kerberos"},{k:"entity",v:"Entity"},{k:"persistent",v:"Persistent"},{k:"transient",v:"Transient"},{k:"encrypted",v:"Encrypted"}],title:"samlSPMetaDataOptionsNameIDFormat",type:"select"},{get:t+"s/"+e+"/samlSPMetaDataOptionsNameIDSessionKey",id:t+"s/"+e+"/samlSPMetaDataOptionsNameIDSessionKey",title:"samlSPMetaDataOptionsNameIDSessionKey"},{default:0,get:t+"s/"+e+"/samlSPMetaDataOptionsOneTimeUse",id:t+"s/"+e+"/samlSPMetaDataOptionsOneTimeUse",title:"samlSPMetaDataOptionsOneTimeUse",type:"bool"},{default:72e3,get:t+"s/"+e+"/samlSPMetaDataOptionsSessionNotOnOrAfterTimeout",id:t+"s/"+e+"/samlSPMetaDataOptionsSessionNotOnOrAfterTimeout",title:"samlSPMetaDataOptionsSessionNotOnOrAfterTimeout",type:"int"},{default:72e3,get:t+"s/"+e+"/samlSPMetaDataOptionsNotOnOrAfterTimeout",id:t+"s/"+e+"/samlSPMetaDataOptionsNotOnOrAfterTimeout",title:"samlSPMetaDataOptionsNotOnOrAfterTimeout",type:"int"},{default:1,get:t+"s/"+e+"/samlSPMetaDataOptionsForceUTF8",id:t+"s/"+e+"/samlSPMetaDataOptionsForceUTF8",title:"samlSPMetaDataOptionsForceUTF8",type:"bool"}],id:"samlSPMetaDataOptionsAuthnResponse",title:"samlSPMetaDataOptionsAuthnResponse",type:"simpleInputContainer"},{_nodes:[{default:"",get:t+"s/"+e+"/samlSPMetaDataOptionsSignatureMethod",id:t+"s/"+e+"/samlSPMetaDataOptionsSignatureMethod",select:[{k:"",v:"default"},{k:"RSA_SHA1",v:"RSA SHA1"},{k:"RSA_SHA256",v:"RSA SHA256"},{k:"RSA_SHA384",v:"RSA SHA384"},{k:"RSA_SHA512",v:"RSA SHA512"}],title:"samlSPMetaDataOptionsSignatureMethod",type:"select"},{default:-1,get:t+"s/"+e+"/samlSPMetaDataOptionsSignSSOMessage",id:t+"s/"+e+"/samlSPMetaDataOptionsSignSSOMessage",title:"samlSPMetaDataOptionsSignSSOMessage",type:"trool"},{default:1,get:t+"s/"+e+"/samlSPMetaDataOptionsCheckSSOMessageSignature",id:t+"s/"+e+"/samlSPMetaDataOptionsCheckSSOMessageSignature",title:"samlSPMetaDataOptionsCheckSSOMessageSignature",type:"bool"},{default:-1,get:t+"s/"+e+"/samlSPMetaDataOptionsSignSLOMessage",id:t+"s/"+e+"/samlSPMetaDataOptionsSignSLOMessage",title:"samlSPMetaDataOptionsSignSLOMessage",type:"trool"},{default:1,get:t+"s/"+e+"/samlSPMetaDataOptionsCheckSLOMessageSignature",id:t+"s/"+e+"/samlSPMetaDataOptionsCheckSLOMessageSignature",title:"samlSPMetaDataOptionsCheckSLOMessageSignature",type:"bool"}],id:"samlSPMetaDataOptionsSignature",title:"samlSPMetaDataOptionsSignature",type:"simpleInputContainer"},{_nodes:[{default:"none",get:t+"s/"+e+"/samlSPMetaDataOptionsEncryptionMode",id:t+"s/"+e+"/samlSPMetaDataOptionsEncryptionMode",select:[{k:"none",v:"None"},{k:"nameid",v:"Name ID"},{k:"assertion",v:"Assertion"}],title:"samlSPMetaDataOptionsEncryptionMode",type:"select"},{default:0,get:t+"s/"+e+"/samlSPMetaDataOptionsEnableIDPInitiatedURL",id:t+"s/"+e+"/samlSPMetaDataOptionsEnableIDPInitiatedURL",title:"samlSPMetaDataOptionsEnableIDPInitiatedURL",type:"bool"},{get:t+"s/"+e+"/samlSPMetaDataOptionsAuthnLevel",id:t+"s/"+e+"/samlSPMetaDataOptionsAuthnLevel",title:"samlSPMetaDataOptionsAuthnLevel",type:"intOrNull"},{get:t+"s/"+e+"/samlSPMetaDataOptionsRule",id:t+"s/"+e+"/samlSPMetaDataOptionsRule",title:"samlSPMetaDataOptionsRule"}],id:"samlSPMetaDataOptionsSecurity",title:"samlSPMetaDataOptionsSecurity",type:"simpleInputContainer"},{_nodes:[{get:t+"s/"+e+"/samlSPMetaDataOptionsFederationEntityID",id:t+"s/"+e+"/samlSPMetaDataOptionsFederationEntityID",title:"samlSPMetaDataOptionsFederationEntityID"},{default:"",get:t+"s/"+e+"/samlSPMetaDataOptionsFederationOptionalAttributes",id:t+"s/"+e+"/samlSPMetaDataOptionsFederationOptionalAttributes",select:[{k:"",v:"keep"},{k:"ignore",v:"ignore"}],title:"samlSPMetaDataOptionsFederationOptionalAttributes",type:"select"},{default:"",get:t+"s/"+e+"/samlSPMetaDataOptionsFederationRequiredAttributes",id:t+"s/"+e+"/samlSPMetaDataOptionsFederationRequiredAttributes",select:[{k:"",v:"keep"},{k:"optional",v:"makeoptional"},{k:"ignore",v:"ignore"}],title:"samlSPMetaDataOptionsFederationRequiredAttributes",type:"select"}],id:"samlSPMetaDataOptionsFederation",title:"samlSPMetaDataOptionsFederation",type:"simpleInputContainer"},{get:t+"s/"+e+"/samlSPMetaDataOptionsComment",id:t+"s/"+e+"/samlSPMetaDataOptionsComment",title:"samlSPMetaDataOptionsComment",type:"longtext"}],help:"idpsaml.html#options",id:"samlSPMetaDataOptions",title:"samlSPMetaDataOptions"},{cnodes:t+"s/"+e+"/samlSPMetaDataMacros",default:[],help:"exportedvars.html#extend-variables-using-macros-and-groups",id:t+"s/"+e+"/samlSPMetaDataMacros",title:"samlSPMetaDataMacros",type:"keyTextContainer"}];case"virtualHost":return[{cnodes:t+"s/"+e+"/locationRules",default:[{data:"deny",id:t+"s/"+e+"/locationRules/default",re:"default",title:"default",type:"rule"}],help:"writingrulesand_headers.html#rules",id:t+"s/"+e+"/locationRules",title:"locationRules",type:"ruleContainer"},{cnodes:t+"s/"+e+"/exportedHeaders",help:"writingrulesand_headers.html#headers",id:t+"s/"+e+"/exportedHeaders",title:"exportedHeaders",type:"keyTextContainer"},{cnodes:t+"s/"+e+"/post",help:"formreplay.html",id:t+"s/"+e+"/post",title:"post",type:"postContainer"},{_nodes:[{default:-1,get:t+"s/"+e+"/vhostPort",id:t+"s/"+e+"/vhostPort",title:"vhostPort",type:"int"},{default:-1,get:t+"s/"+e+"/vhostHttps",id:t+"s/"+e+"/vhostHttps",title:"vhostHttps",type:"trool"},{default:0,get:t+"s/"+e+"/vhostMaintenance",id:t+"s/"+e+"/vhostMaintenance",title:"vhostMaintenance",type:"bool"},{default:"",get:t+"s/"+e+"/vhostAliases",id:t+"s/"+e+"/vhostAliases",title:"vhostAliases"},{default:"",get:t+"s/"+e+"/vhostAccessToTrace",id:t+"s/"+e+"/vhostAccessToTrace",title:"vhostAccessToTrace"},{get:t+"s/"+e+"/vhostAuthnLevel",id:t+"s/"+e+"/vhostAuthnLevel",title:"vhostAuthnLevel",type:"intOrNull"},{default:"Main",get:t+"s/"+e+"/vhostType",id:t+"s/"+e+"/vhostType",select:[{k:"AuthBasic",v:"AuthBasic"},{k:"CDA",v:"CDA"},{k:"DevOps",v:"DevOps"},{k:"DevOpsST",v:"DevOpsST"},{k:"DevOpsCDA",v:"DevOpsCDA"},{k:"Main",v:"Main"},{k:"OAuth2",v:"OAuth2"},{k:"SecureToken",v:"SecureToken"},{k:"ServiceToken",v:"ServiceToken"},{k:"ZimbraPreAuth",v:"ZimbraPreAuth"}],title:"vhostType",type:"select"},{get:t+"s/"+e+"/vhostDevOpsRulesUrl",id:t+"s/"+e+"/vhostDevOpsRulesUrl",title:"vhostDevOpsRulesUrl"},{default:-1,get:t+"s/"+e+"/vhostServiceTokenTTL",id:t+"s/"+e+"/vhostServiceTokenTTL",title:"vhostServiceTokenTTL",type:"int"},{default:"",get:t+"s/"+e+"/vhostComment",id:t+"s/"+e+"/vhostComment",title:"vhostComment",type:"longtext"}],help:"configvhost.html#options",id:"vhostOptions",title:"vhostOptions",type:"simpleInputContainer"}];default:return[]}}function setScopeVars(t){t.portal=t.data[0]._nodes[0]._nodes[0],t.getKey(t.portal),t.domain=t.data[0]._nodes[4]._nodes[1],t.getKey(t.domain)} \ No newline at end of file +function templates(t,e){switch(t){case"casAppMetaDataNode":return[{cnodes:t+"s/"+e+"/casAppMetaDataExportedVars",default:[{data:"cn",id:t+"s/"+e+"/casAppMetaDataExportedVars/cn",title:"cn",type:"keyText"},{data:"mail",id:t+"s/"+e+"/casAppMetaDataExportedVars/mail",title:"mail",type:"keyText"},{data:"uid",id:t+"s/"+e+"/casAppMetaDataExportedVars/uid",title:"uid",type:"keyText"}],id:t+"s/"+e+"/casAppMetaDataExportedVars",title:"casAppMetaDataExportedVars",type:"keyTextContainer"},{_nodes:[{get:t+"s/"+e+"/casAppMetaDataOptionsService",id:t+"s/"+e+"/casAppMetaDataOptionsService",title:"casAppMetaDataOptionsService"},{get:t+"s/"+e+"/casAppMetaDataOptionsUserAttribute",id:t+"s/"+e+"/casAppMetaDataOptionsUserAttribute",title:"casAppMetaDataOptionsUserAttribute"},{default:-1,get:t+"s/"+e+"/casAppMetaDataOptionsLogout",id:t+"s/"+e+"/casAppMetaDataOptionsLogout",title:"casAppMetaDataOptionsLogout",type:"trool"},{get:t+"s/"+e+"/casAppMetaDataOptionsAuthnLevel",id:t+"s/"+e+"/casAppMetaDataOptionsAuthnLevel",title:"casAppMetaDataOptionsAuthnLevel",type:"intOrNull"},{get:t+"s/"+e+"/casAppMetaDataOptionsRule",id:t+"s/"+e+"/casAppMetaDataOptionsRule",title:"casAppMetaDataOptionsRule"},{get:t+"s/"+e+"/casAppMetaDataOptionsComment",id:t+"s/"+e+"/casAppMetaDataOptionsComment",title:"casAppMetaDataOptionsComment",type:"longtext"}],id:"casAppMetaDataOptions",title:"casAppMetaDataOptions",type:"simpleInputContainer"},{_nodes:[{get:t+"s/"+e+"/casAppMetaDataOptionsDisplayName",id:t+"s/"+e+"/casAppMetaDataOptionsDisplayName",title:"casAppMetaDataOptionsDisplayName"}],id:"casAppMetaDataOptionsDisplay",title:"casAppMetaDataOptionsDisplay",type:"simpleInputContainer"},{cnodes:t+"s/"+e+"/casAppMetaDataMacros",default:[],help:"exportedvars.html#extend-variables-using-macros-and-groups",id:t+"s/"+e+"/casAppMetaDataMacros",title:"casAppMetaDataMacros",type:"keyTextContainer"}];case"casSrvMetaDataNode":return[{cnodes:t+"s/"+e+"/casSrvMetaDataExportedVars",default:[{data:"cn",id:t+"s/"+e+"/casSrvMetaDataExportedVars/cn",title:"cn",type:"keyText"},{data:"mail",id:t+"s/"+e+"/casSrvMetaDataExportedVars/mail",title:"mail",type:"keyText"},{data:"uid",id:t+"s/"+e+"/casSrvMetaDataExportedVars/uid",title:"uid",type:"keyText"}],id:t+"s/"+e+"/casSrvMetaDataExportedVars",title:"casSrvMetaDataExportedVars",type:"keyTextContainer"},{cnodes:t+"s/"+e+"/casSrvMetaDataOptionsProxiedServices",id:t+"s/"+e+"/casSrvMetaDataOptionsProxiedServices",title:"casSrvMetaDataOptionsProxiedServices",type:"keyTextContainer"},{_nodes:[{get:t+"s/"+e+"/casSrvMetaDataOptionsUrl",id:t+"s/"+e+"/casSrvMetaDataOptionsUrl",title:"casSrvMetaDataOptionsUrl"},{default:0,get:t+"s/"+e+"/casSrvMetaDataOptionsRenew",id:t+"s/"+e+"/casSrvMetaDataOptionsRenew",title:"casSrvMetaDataOptionsRenew",type:"bool"},{default:0,get:t+"s/"+e+"/casSrvMetaDataOptionsGateway",id:t+"s/"+e+"/casSrvMetaDataOptionsGateway",title:"casSrvMetaDataOptionsGateway",type:"bool"},{get:t+"s/"+e+"/casSrvMetaDataOptionsComment",id:t+"s/"+e+"/casSrvMetaDataOptionsComment",title:"casSrvMetaDataOptionsComment",type:"longtext"}],id:"casSrvMetaDataOptions",title:"casSrvMetaDataOptions",type:"simpleInputContainer"},{_nodes:[{get:t+"s/"+e+"/casSrvMetaDataOptionsDisplayName",id:t+"s/"+e+"/casSrvMetaDataOptionsDisplayName",title:"casSrvMetaDataOptionsDisplayName"},{get:t+"s/"+e+"/casSrvMetaDataOptionsIcon",id:t+"s/"+e+"/casSrvMetaDataOptionsIcon",title:"casSrvMetaDataOptionsIcon"},{get:t+"s/"+e+"/casSrvMetaDataOptionsTooltip",id:t+"s/"+e+"/casSrvMetaDataOptionsTooltip",title:"casSrvMetaDataOptionsTooltip"},{default:"",get:t+"s/"+e+"/casSrvMetaDataOptionsResolutionRule",id:t+"s/"+e+"/casSrvMetaDataOptionsResolutionRule",title:"casSrvMetaDataOptionsResolutionRule",type:"longtext"},{get:t+"s/"+e+"/casSrvMetaDataOptionsSortNumber",id:t+"s/"+e+"/casSrvMetaDataOptionsSortNumber",title:"casSrvMetaDataOptionsSortNumber",type:"intOrNull"}],id:"casSrvMetaDataOptionsDisplay",title:"casSrvMetaDataOptionsDisplay",type:"simpleInputContainer"}];case"oidcOPMetaDataNode":return[{get:t+"s/"+e+"/oidcOPMetaDataJSON",id:t+"s/"+e+"/oidcOPMetaDataJSON",title:"oidcOPMetaDataJSON",type:"file"},{get:t+"s/"+e+"/oidcOPMetaDataJWKS",id:t+"s/"+e+"/oidcOPMetaDataJWKS",title:"oidcOPMetaDataJWKS",type:"file"},{cnodes:t+"s/"+e+"/oidcOPMetaDataExportedVars",default:[{data:"name",id:t+"s/"+e+"/oidcOPMetaDataExportedVars/cn",title:"cn",type:"keyText"},{data:"email",id:t+"s/"+e+"/oidcOPMetaDataExportedVars/mail",title:"mail",type:"keyText"},{data:"family_name",id:t+"s/"+e+"/oidcOPMetaDataExportedVars/sn",title:"sn",type:"keyText"},{data:"sub",id:t+"s/"+e+"/oidcOPMetaDataExportedVars/uid",title:"uid",type:"keyText"}],id:t+"s/"+e+"/oidcOPMetaDataExportedVars",title:"oidcOPMetaDataExportedVars",type:"keyTextContainer"},{_nodes:[{_nodes:[{get:t+"s/"+e+"/oidcOPMetaDataOptionsConfigurationURI",id:t+"s/"+e+"/oidcOPMetaDataOptionsConfigurationURI",title:"oidcOPMetaDataOptionsConfigurationURI"},{default:0,get:t+"s/"+e+"/oidcOPMetaDataOptionsJWKSTimeout",id:t+"s/"+e+"/oidcOPMetaDataOptionsJWKSTimeout",title:"oidcOPMetaDataOptionsJWKSTimeout",type:"int"},{get:t+"s/"+e+"/oidcOPMetaDataOptionsClientID",id:t+"s/"+e+"/oidcOPMetaDataOptionsClientID",title:"oidcOPMetaDataOptionsClientID"},{get:t+"s/"+e+"/oidcOPMetaDataOptionsClientSecret",id:t+"s/"+e+"/oidcOPMetaDataOptionsClientSecret",title:"oidcOPMetaDataOptionsClientSecret",type:"password"},{default:0,get:t+"s/"+e+"/oidcOPMetaDataOptionsStoreIDToken",id:t+"s/"+e+"/oidcOPMetaDataOptionsStoreIDToken",title:"oidcOPMetaDataOptionsStoreIDToken",type:"bool"},{get:t+"s/"+e+"/oidcOPMetaDataOptionsUserAttribute",id:t+"s/"+e+"/oidcOPMetaDataOptionsUserAttribute",title:"oidcOPMetaDataOptionsUserAttribute"},{get:t+"s/"+e+"/oidcOPMetaDataOptionsRequirePkce",id:t+"s/"+e+"/oidcOPMetaDataOptionsRequirePkce",title:"oidcOPMetaDataOptionsRequirePkce",type:"bool"}],id:"oidcOPMetaDataOptionsConfiguration",title:"oidcOPMetaDataOptionsConfiguration",type:"simpleInputContainer"},{_nodes:[{default:"openid profile",get:t+"s/"+e+"/oidcOPMetaDataOptionsScope",id:t+"s/"+e+"/oidcOPMetaDataOptionsScope",title:"oidcOPMetaDataOptionsScope"},{default:"",get:t+"s/"+e+"/oidcOPMetaDataOptionsDisplay",id:t+"s/"+e+"/oidcOPMetaDataOptionsDisplay",select:[{k:"",v:""},{k:"page",v:"page"},{k:"popup",v:"popup"},{k:"touch",v:"touch"},{k:"wap",v:"wap"}],title:"oidcOPMetaDataOptionsDisplay",type:"select"},{get:t+"s/"+e+"/oidcOPMetaDataOptionsPrompt",id:t+"s/"+e+"/oidcOPMetaDataOptionsPrompt",title:"oidcOPMetaDataOptionsPrompt"},{default:0,get:t+"s/"+e+"/oidcOPMetaDataOptionsMaxAge",id:t+"s/"+e+"/oidcOPMetaDataOptionsMaxAge",title:"oidcOPMetaDataOptionsMaxAge",type:"int"},{get:t+"s/"+e+"/oidcOPMetaDataOptionsUiLocales",id:t+"s/"+e+"/oidcOPMetaDataOptionsUiLocales",title:"oidcOPMetaDataOptionsUiLocales"},{get:t+"s/"+e+"/oidcOPMetaDataOptionsAcrValues",id:t+"s/"+e+"/oidcOPMetaDataOptionsAcrValues",title:"oidcOPMetaDataOptionsAcrValues"},{default:"get",get:t+"s/"+e+"/oidcOPMetaDataOptionsAuthnEndpointAuthMethod",id:t+"s/"+e+"/oidcOPMetaDataOptionsAuthnEndpointAuthMethod",select:[{k:"",v:"None"},{k:"jws",v:"Signed JWT"}],title:"oidcOPMetaDataOptionsAuthnEndpointAuthMethod",type:"select"},{default:"RS256",get:t+"s/"+e+"/oidcOPMetaDataOptionsAuthnEndpointAuthSigAlg",id:t+"s/"+e+"/oidcOPMetaDataOptionsAuthnEndpointAuthSigAlg",select:[{k:"HS256",v:"HS256"},{k:"HS384",v:"HS384"},{k:"HS512",v:"HS512"},{k:"RS256",v:"RS256"},{k:"RS384",v:"RS384"},{k:"RS512",v:"RS512"},{k:"PS256",v:"PS256"},{k:"PS384",v:"PS384"},{k:"PS512",v:"PS512"},{k:"ES256",v:"ES256"},{k:"ES384",v:"ES384"},{k:"ES512",v:"ES512"},{k:"EdDSA",v:"EdDSA"}],title:"oidcOPMetaDataOptionsAuthnEndpointAuthSigAlg",type:"select"},{default:"client_secret_post",get:t+"s/"+e+"/oidcOPMetaDataOptionsTokenEndpointAuthMethod",id:t+"s/"+e+"/oidcOPMetaDataOptionsTokenEndpointAuthMethod",select:[{k:"client_secret_post",v:"client_secret_post"},{k:"client_secret_basic",v:"client_secret_basic"},{k:"client_secret_jwt",v:"client_secret_jwt"},{k:"private_key_jwt",v:"private_key_jwt"}],title:"oidcOPMetaDataOptionsTokenEndpointAuthMethod",type:"select"},{default:1,get:t+"s/"+e+"/oidcOPMetaDataOptionsCheckJWTSignature",id:t+"s/"+e+"/oidcOPMetaDataOptionsCheckJWTSignature",title:"oidcOPMetaDataOptionsCheckJWTSignature",type:"bool"},{default:30,get:t+"s/"+e+"/oidcOPMetaDataOptionsIDTokenMaxAge",id:t+"s/"+e+"/oidcOPMetaDataOptionsIDTokenMaxAge",title:"oidcOPMetaDataOptionsIDTokenMaxAge",type:"int"},{default:1,get:t+"s/"+e+"/oidcOPMetaDataOptionsUseNonce",id:t+"s/"+e+"/oidcOPMetaDataOptionsUseNonce",title:"oidcOPMetaDataOptionsUseNonce",type:"bool"}],id:"oidcOPMetaDataOptionsProtocol",title:"oidcOPMetaDataOptionsProtocol",type:"simpleInputContainer"},{get:t+"s/"+e+"/oidcOPMetaDataOptionsComment",id:t+"s/"+e+"/oidcOPMetaDataOptionsComment",title:"oidcOPMetaDataOptionsComment",type:"longtext"}],help:"authopenidconnect.html#options",id:"oidcOPMetaDataOptions",title:"oidcOPMetaDataOptions"},{_nodes:[{get:t+"s/"+e+"/oidcOPMetaDataOptionsDisplayName",id:t+"s/"+e+"/oidcOPMetaDataOptionsDisplayName",title:"oidcOPMetaDataOptionsDisplayName"},{get:t+"s/"+e+"/oidcOPMetaDataOptionsIcon",id:t+"s/"+e+"/oidcOPMetaDataOptionsIcon",title:"oidcOPMetaDataOptionsIcon"},{get:t+"s/"+e+"/oidcOPMetaDataOptionsTooltip",id:t+"s/"+e+"/oidcOPMetaDataOptionsTooltip",title:"oidcOPMetaDataOptionsTooltip"},{default:"",get:t+"s/"+e+"/oidcOPMetaDataOptionsResolutionRule",id:t+"s/"+e+"/oidcOPMetaDataOptionsResolutionRule",title:"oidcOPMetaDataOptionsResolutionRule",type:"longtext"},{get:t+"s/"+e+"/oidcOPMetaDataOptionsSortNumber",id:t+"s/"+e+"/oidcOPMetaDataOptionsSortNumber",title:"oidcOPMetaDataOptionsSortNumber",type:"intOrNull"}],help:"authopenidconnect.html#display",id:"oidcOPMetaDataOptionsDisplayParams",title:"oidcOPMetaDataOptionsDisplayParams",type:"simpleInputContainer"}];case"oidcRPMetaDataNode":return[{_nodes:[{default:0,get:t+"s/"+e+"/oidcRPMetaDataOptionsPublic",id:t+"s/"+e+"/oidcRPMetaDataOptionsPublic",title:"oidcRPMetaDataOptionsPublic",type:"bool"},{get:t+"s/"+e+"/oidcRPMetaDataOptionsClientID",id:t+"s/"+e+"/oidcRPMetaDataOptionsClientID",title:"oidcRPMetaDataOptionsClientID"},{get:t+"s/"+e+"/oidcRPMetaDataOptionsClientSecret",id:t+"s/"+e+"/oidcRPMetaDataOptionsClientSecret",title:"oidcRPMetaDataOptionsClientSecret",type:"password"},{get:t+"s/"+e+"/oidcRPMetaDataOptionsRedirectUris",id:t+"s/"+e+"/oidcRPMetaDataOptionsRedirectUris",title:"oidcRPMetaDataOptionsRedirectUris"}],help:"idpopenidconnect.html#basic-options",id:"oidcRPMetaDataOptionsBasic",title:"oidcRPMetaDataOptionsBasic",type:"simpleInputContainer"},{cnodes:t+"s/"+e+"/oidcRPMetaDataExportedVars",default:[{data:["mail","string","auto"],id:t+"s/"+e+"/oidcRPMetaDataExportedVars/email",title:"email",type:"oidcAttribute"},{data:["cn","string","auto"],id:t+"s/"+e+"/oidcRPMetaDataExportedVars/name",title:"name",type:"oidcAttribute"},{data:["uid","string","auto"],id:t+"s/"+e+"/oidcRPMetaDataExportedVars/preferred_username",title:"preferred_username",type:"oidcAttribute"}],help:"idpopenidconnect.html#exported-attributes",id:t+"s/"+e+"/oidcRPMetaDataExportedVars",title:"oidcRPMetaDataExportedVars",type:"oidcAttributeContainer"},{_nodes:[{_nodes:[{default:0,get:t+"s/"+e+"/oidcRPMetaDataOptionsBypassConsent",id:t+"s/"+e+"/oidcRPMetaDataOptionsBypassConsent",title:"oidcRPMetaDataOptionsBypassConsent",type:"bool"},{default:0,get:t+"s/"+e+"/oidcRPMetaDataOptionsIDTokenForceClaims",id:t+"s/"+e+"/oidcRPMetaDataOptionsIDTokenForceClaims",title:"oidcRPMetaDataOptionsIDTokenForceClaims",type:"bool"},{default:0,get:t+"s/"+e+"/oidcRPMetaDataOptionsAccessTokenJWT",id:t+"s/"+e+"/oidcRPMetaDataOptionsAccessTokenJWT",title:"oidcRPMetaDataOptionsAccessTokenJWT",type:"bool"},{default:0,get:t+"s/"+e+"/oidcRPMetaDataOptionsAccessTokenClaims",id:t+"s/"+e+"/oidcRPMetaDataOptionsAccessTokenClaims",title:"oidcRPMetaDataOptionsAccessTokenClaims",type:"bool"},{default:0,get:t+"s/"+e+"/oidcRPMetaDataOptionsRefreshToken",id:t+"s/"+e+"/oidcRPMetaDataOptionsRefreshToken",title:"oidcRPMetaDataOptionsRefreshToken",type:"bool"},{get:t+"s/"+e+"/oidcRPMetaDataOptionsUserIDAttr",id:t+"s/"+e+"/oidcRPMetaDataOptionsUserIDAttr",title:"oidcRPMetaDataOptionsUserIDAttr"},{get:t+"s/"+e+"/oidcRPMetaDataOptionsAdditionalAudiences",id:t+"s/"+e+"/oidcRPMetaDataOptionsAdditionalAudiences",title:"oidcRPMetaDataOptionsAdditionalAudiences"},{get:t+"s/"+e+"/oidcRPMetaDataOptionsTokenXAuthorizedRP",id:t+"s/"+e+"/oidcRPMetaDataOptionsTokenXAuthorizedRP",title:"oidcRPMetaDataOptionsTokenXAuthorizedRP"}],id:"oidcRPMetaDataOptionsAdvanced",title:"oidcRPMetaDataOptionsAdvanced",type:"simpleInputContainer"},{_nodes:[{cnodes:t+"s/"+e+"/oidcRPMetaDataOptionsExtraClaims",default:[],help:"idpopenidconnect.html#oidcextraclaims",id:t+"s/"+e+"/oidcRPMetaDataOptionsExtraClaims",title:"oidcRPMetaDataOptionsExtraClaims",type:"keyTextContainer"},{cnodes:t+"s/"+e+"/oidcRPMetaDataScopeRules",default:[],help:"idpopenidconnect.html#scope-rules",id:t+"s/"+e+"/oidcRPMetaDataScopeRules",title:"oidcRPMetaDataScopeRules",type:"keyTextContainer"}],id:"oidcRPMetaDataOptionsScopes",title:"oidcRPMetaDataOptionsScopes"},{_nodes:[{default:0,get:t+"s/"+e+"/oidcRPMetaDataOptionsRequirePKCE",id:t+"s/"+e+"/oidcRPMetaDataOptionsRequirePKCE",title:"oidcRPMetaDataOptionsRequirePKCE",type:"bool"},{default:0,get:t+"s/"+e+"/oidcRPMetaDataOptionsRefreshTokenRotation",id:t+"s/"+e+"/oidcRPMetaDataOptionsRefreshTokenRotation",title:"oidcRPMetaDataOptionsRefreshTokenRotation",type:"bool"},{default:0,get:t+"s/"+e+"/oidcRPMetaDataOptionsAllowOffline",id:t+"s/"+e+"/oidcRPMetaDataOptionsAllowOffline",title:"oidcRPMetaDataOptionsAllowOffline",type:"bool"},{default:0,get:t+"s/"+e+"/oidcRPMetaDataOptionsAllowPasswordGrant",id:t+"s/"+e+"/oidcRPMetaDataOptionsAllowPasswordGrant",title:"oidcRPMetaDataOptionsAllowPasswordGrant",type:"bool"},{default:0,get:t+"s/"+e+"/oidcRPMetaDataOptionsAllowClientCredentialsGrant",id:t+"s/"+e+"/oidcRPMetaDataOptionsAllowClientCredentialsGrant",title:"oidcRPMetaDataOptionsAllowClientCredentialsGrant",type:"bool"},{get:t+"s/"+e+"/oidcRPMetaDataOptionsRequestUris",id:t+"s/"+e+"/oidcRPMetaDataOptionsRequestUris",title:"oidcRPMetaDataOptionsRequestUris"},{get:t+"s/"+e+"/oidcRPMetaDataOptionsAuthnLevel",id:t+"s/"+e+"/oidcRPMetaDataOptionsAuthnLevel",title:"oidcRPMetaDataOptionsAuthnLevel",type:"intOrNull"},{get:t+"s/"+e+"/oidcRPMetaDataOptionsRule",id:t+"s/"+e+"/oidcRPMetaDataOptionsRule",title:"oidcRPMetaDataOptionsRule"},{get:t+"s/"+e+"/oidcRPMetaDataOptionsAuthMethod",id:t+"s/"+e+"/oidcRPMetaDataOptionsAuthMethod",select:[{k:"",v:"Any"},{k:"client_secret_post",v:"client_secret_post"},{k:"client_secret_basic",v:"client_secret_basic"},{k:"client_secret_jwt",v:"client_secret_jwt"},{k:"private_key_jwt",v:"private_key_jwt"}],title:"oidcRPMetaDataOptionsAuthMethod",type:"select"},{get:t+"s/"+e+"/oidcRPMetaDataOptionsAuthRequiredForAuthorize",id:t+"s/"+e+"/oidcRPMetaDataOptionsAuthRequiredForAuthorize",title:"oidcRPMetaDataOptionsAuthRequiredForAuthorize",type:"bool"},{get:t+"s/"+e+"/oidcRPMetaDataOptionsAuthnRequireState",id:t+"s/"+e+"/oidcRPMetaDataOptionsAuthnRequireState",title:"oidcRPMetaDataOptionsAuthnRequireState",type:"bool"},{get:t+"s/"+e+"/oidcRPMetaDataOptionsAuthnRequireNonce",id:t+"s/"+e+"/oidcRPMetaDataOptionsAuthnRequireNonce",title:"oidcRPMetaDataOptionsAuthnRequireNonce",type:"bool"},{get:t+"s/"+e+"/oidcRPMetaDataOptionsUserinfoRequireHeaderToken",id:t+"s/"+e+"/oidcRPMetaDataOptionsUserinfoRequireHeaderToken",title:"oidcRPMetaDataOptionsUserinfoRequireHeaderToken",type:"bool"}],id:"security",title:"security",type:"simpleInputContainer"},{_nodes:[{default:"RS256",get:t+"s/"+e+"/oidcRPMetaDataOptionsIDTokenSignAlg",id:t+"s/"+e+"/oidcRPMetaDataOptionsIDTokenSignAlg",select:[{k:"none",v:"None"},{k:"HS256",v:"HS256"},{k:"HS384",v:"HS384"},{k:"HS512",v:"HS512"},{k:"RS256",v:"RS256"},{k:"RS384",v:"RS384"},{k:"RS512",v:"RS512"},{k:"PS256",v:"PS256"},{k:"PS384",v:"PS384"},{k:"PS512",v:"PS512"},{k:"ES256",v:"ES256"},{k:"ES384",v:"ES384"},{k:"ES512",v:"ES512"},{k:"EdDSA",v:"EdDSA"}],title:"oidcRPMetaDataOptionsIDTokenSignAlg",type:"select"},{default:"RS256",get:t+"s/"+e+"/oidcRPMetaDataOptionsAccessTokenSignAlg",id:t+"s/"+e+"/oidcRPMetaDataOptionsAccessTokenSignAlg",select:[{k:"HS256",v:"HS256"},{k:"HS384",v:"HS384"},{k:"HS512",v:"HS512"},{k:"RS256",v:"RS256"},{k:"RS384",v:"RS384"},{k:"RS512",v:"RS512"},{k:"PS256",v:"PS256"},{k:"PS384",v:"PS384"},{k:"PS512",v:"PS512"},{k:"ES256",v:"ES256"},{k:"ES384",v:"ES384"},{k:"ES512",v:"ES512"},{k:"EdDSA",v:"EdDSA"}],title:"oidcRPMetaDataOptionsAccessTokenSignAlg",type:"select"},{default:"",get:t+"s/"+e+"/oidcRPMetaDataOptionsUserInfoSignAlg",id:t+"s/"+e+"/oidcRPMetaDataOptionsUserInfoSignAlg",select:[{k:"",v:"JSON"},{k:"none",v:"JWT/None"},{k:"HS256",v:"JWT/HS256"},{k:"HS384",v:"JWT/HS384"},{k:"HS512",v:"JWT/HS512"},{k:"RS256",v:"JWT/RS256"},{k:"RS384",v:"JWT/RS384"},{k:"RS512",v:"JWT/RS512"},{k:"PS256",v:"JWT/PS256"},{k:"PS384",v:"JWT/PS384"},{k:"PS512",v:"JWT/PS512"},{k:"ES256",v:"JWT/ES256"},{k:"ES384",v:"JWT/ES384"},{k:"ES512",v:"JWT/ES512"},{k:"EdDSA",v:"JWT/EdDSA"}],title:"oidcRPMetaDataOptionsUserInfoSignAlg",type:"select"},{get:t+"s/"+e+"/oidcRPMetaDataOptionsAccessTokenEncKeyMgtAlg",id:t+"s/"+e+"/oidcRPMetaDataOptionsAccessTokenEncKeyMgtAlg",select:[{k:"",v:"None"},{k:"RSA-OAEP",v:"RSA-OAEP"},{k:"RSA-OAEP-256",v:"RSA-OAEP-256"},{k:"RSA1_5",v:"RSA1_5"},{k:"ECDH-ES",v:"ECDH-ES"},{k:"ECDH-ES+A128KW",v:"ECDH-ES+A128KW"},{k:"ECDH-ES+A192KW",v:"ECDH-ES+A192KW"},{k:"ECDH-ES+A256KW",v:"ECDH-ES+A256KW"}],title:"oidcRPMetaDataOptionsAccessTokenEncKeyMgtAlg",type:"select"},{default:"A256GCM",get:t+"s/"+e+"/oidcRPMetaDataOptionsAccessTokenEncContentEncAlg",id:t+"s/"+e+"/oidcRPMetaDataOptionsAccessTokenEncContentEncAlg",select:[{k:"A256CBC-HS512",v:"A256CBC-HS512"},{k:"A256GCM",v:"A256GCM"},{k:"A192CBC-HS384",v:"A192CBC-HS384"},{k:"A192GCM",v:"A192GCM"},{k:"A128CBC-HS256",v:"A128CBC-HS256"},{k:"A128GCM",v:"A128GCM"}],title:"oidcRPMetaDataOptionsAccessTokenEncContentEncAlg",type:"select"},{get:t+"s/"+e+"/oidcRPMetaDataOptionsIdTokenEncKeyMgtAlg",id:t+"s/"+e+"/oidcRPMetaDataOptionsIdTokenEncKeyMgtAlg",select:[{k:"",v:"None"},{k:"RSA-OAEP",v:"RSA-OAEP"},{k:"RSA-OAEP-256",v:"RSA-OAEP-256"},{k:"RSA1_5",v:"RSA1_5"},{k:"ECDH-ES",v:"ECDH-ES"},{k:"ECDH-ES+A128KW",v:"ECDH-ES+A128KW"},{k:"ECDH-ES+A192KW",v:"ECDH-ES+A192KW"},{k:"ECDH-ES+A256KW",v:"ECDH-ES+A256KW"}],title:"oidcRPMetaDataOptionsIdTokenEncKeyMgtAlg",type:"select"},{default:"A256GCM",get:t+"s/"+e+"/oidcRPMetaDataOptionsIdTokenEncContentEncAlg",id:t+"s/"+e+"/oidcRPMetaDataOptionsIdTokenEncContentEncAlg",select:[{k:"A256CBC-HS512",v:"A256CBC-HS512"},{k:"A256GCM",v:"A256GCM"},{k:"A192CBC-HS384",v:"A192CBC-HS384"},{k:"A192GCM",v:"A192GCM"},{k:"A128CBC-HS256",v:"A128CBC-HS256"},{k:"A128GCM",v:"A128GCM"}],title:"oidcRPMetaDataOptionsIdTokenEncContentEncAlg",type:"select"},{get:t+"s/"+e+"/oidcRPMetaDataOptionsUserInfoEncKeyMgtAlg",id:t+"s/"+e+"/oidcRPMetaDataOptionsUserInfoEncKeyMgtAlg",select:[{k:"",v:"None"},{k:"RSA-OAEP",v:"RSA-OAEP"},{k:"RSA-OAEP-256",v:"RSA-OAEP-256"},{k:"RSA1_5",v:"RSA1_5"},{k:"ECDH-ES",v:"ECDH-ES"},{k:"ECDH-ES+A128KW",v:"ECDH-ES+A128KW"},{k:"ECDH-ES+A192KW",v:"ECDH-ES+A192KW"},{k:"ECDH-ES+A256KW",v:"ECDH-ES+A256KW"}],title:"oidcRPMetaDataOptionsUserInfoEncKeyMgtAlg",type:"select"},{default:"A256GCM",get:t+"s/"+e+"/oidcRPMetaDataOptionsUserInfoEncContentEncAlg",id:t+"s/"+e+"/oidcRPMetaDataOptionsUserInfoEncContentEncAlg",select:[{k:"A256CBC-HS512",v:"A256CBC-HS512"},{k:"A256GCM",v:"A256GCM"},{k:"A192CBC-HS384",v:"A192CBC-HS384"},{k:"A192GCM",v:"A192GCM"},{k:"A128CBC-HS256",v:"A128CBC-HS256"},{k:"A128GCM",v:"A128GCM"}],title:"oidcRPMetaDataOptionsUserInfoEncContentEncAlg",type:"select"},{get:t+"s/"+e+"/oidcRPMetaDataOptionsLogoutEncKeyMgtAlg",id:t+"s/"+e+"/oidcRPMetaDataOptionsLogoutEncKeyMgtAlg",select:[{k:"",v:"None"},{k:"RSA-OAEP",v:"RSA-OAEP"},{k:"RSA-OAEP-256",v:"RSA-OAEP-256"},{k:"RSA1_5",v:"RSA1_5"},{k:"ECDH-ES",v:"ECDH-ES"},{k:"ECDH-ES+A128KW",v:"ECDH-ES+A128KW"},{k:"ECDH-ES+A192KW",v:"ECDH-ES+A192KW"},{k:"ECDH-ES+A256KW",v:"ECDH-ES+A256KW"}],title:"oidcRPMetaDataOptionsLogoutEncKeyMgtAlg",type:"select"},{default:"A256GCM",get:t+"s/"+e+"/oidcRPMetaDataOptionsLogoutEncContentEncAlg",id:t+"s/"+e+"/oidcRPMetaDataOptionsLogoutEncContentEncAlg",select:[{k:"A256CBC-HS512",v:"A256CBC-HS512"},{k:"A256GCM",v:"A256GCM"},{k:"A192CBC-HS384",v:"A192CBC-HS384"},{k:"A192GCM",v:"A192GCM"},{k:"A128CBC-HS256",v:"A128CBC-HS256"},{k:"A128GCM",v:"A128GCM"}],title:"oidcRPMetaDataOptionsLogoutEncContentEncAlg",type:"select"}],id:"algorithms",title:"algorithms",type:"simpleInputContainer"},{_nodes:[{get:t+"s/"+e+"/oidcRPMetaDataOptionsJwksUri",help:"idpopenidconnect.html",id:t+"s/"+e+"/oidcRPMetaDataOptionsJwksUri",title:"oidcRPMetaDataOptionsJwksUri"},{get:t+"s/"+e+"/oidcRPMetaDataOptionsJwks",id:t+"s/"+e+"/oidcRPMetaDataOptionsJwks",title:"oidcRPMetaDataOptionsJwks",type:"file"}],id:"keys",title:"keys"},{_nodes:[{get:t+"s/"+e+"/oidcRPMetaDataOptionsAuthorizationCodeExpiration",id:t+"s/"+e+"/oidcRPMetaDataOptionsAuthorizationCodeExpiration",title:"oidcRPMetaDataOptionsAuthorizationCodeExpiration",type:"intOrNull"},{get:t+"s/"+e+"/oidcRPMetaDataOptionsIDTokenExpiration",id:t+"s/"+e+"/oidcRPMetaDataOptionsIDTokenExpiration",title:"oidcRPMetaDataOptionsIDTokenExpiration",type:"intOrNull"},{get:t+"s/"+e+"/oidcRPMetaDataOptionsAccessTokenExpiration",id:t+"s/"+e+"/oidcRPMetaDataOptionsAccessTokenExpiration",title:"oidcRPMetaDataOptionsAccessTokenExpiration",type:"intOrNull"},{get:t+"s/"+e+"/oidcRPMetaDataOptionsOfflineSessionExpiration",id:t+"s/"+e+"/oidcRPMetaDataOptionsOfflineSessionExpiration",title:"oidcRPMetaDataOptionsOfflineSessionExpiration",type:"intOrNull"}],id:"oidcRPMetaDataOptionsTimeouts",title:"oidcRPMetaDataOptionsTimeouts",type:"simpleInputContainer"},{_nodes:[{default:0,get:t+"s/"+e+"/oidcRPMetaDataOptionsLogoutBypassConfirm",id:t+"s/"+e+"/oidcRPMetaDataOptionsLogoutBypassConfirm",title:"oidcRPMetaDataOptionsLogoutBypassConfirm",type:"bool"},{default:0,get:t+"s/"+e+"/oidcRPMetaDataOptionsLogoutSessionRequired",id:t+"s/"+e+"/oidcRPMetaDataOptionsLogoutSessionRequired",title:"oidcRPMetaDataOptionsLogoutSessionRequired",type:"bool"},{default:"front",get:t+"s/"+e+"/oidcRPMetaDataOptionsLogoutType",id:t+"s/"+e+"/oidcRPMetaDataOptionsLogoutType",select:[{k:"front",v:"Front Channel"},{k:"back",v:"Back Channel"}],title:"oidcRPMetaDataOptionsLogoutType",type:"select"},{get:t+"s/"+e+"/oidcRPMetaDataOptionsLogoutUrl",id:t+"s/"+e+"/oidcRPMetaDataOptionsLogoutUrl",title:"oidcRPMetaDataOptionsLogoutUrl"},{get:t+"s/"+e+"/oidcRPMetaDataOptionsPostLogoutRedirectUris",id:t+"s/"+e+"/oidcRPMetaDataOptionsPostLogoutRedirectUris",title:"oidcRPMetaDataOptionsPostLogoutRedirectUris"}],id:"logout",title:"logout",type:"simpleInputContainer"},{get:t+"s/"+e+"/oidcRPMetaDataOptionsComment",id:t+"s/"+e+"/oidcRPMetaDataOptionsComment",title:"oidcRPMetaDataOptionsComment",type:"longtext"}],help:"idpopenidconnect.html#options",id:"oidcRPMetaDataOptions",title:"oidcRPMetaDataOptions"},{cnodes:t+"s/"+e+"/oidcRPMetaDataMacros",default:[],help:"exportedvars.html#extend-variables-using-macros-and-groups",id:t+"s/"+e+"/oidcRPMetaDataMacros",title:"oidcRPMetaDataMacros",type:"keyTextContainer"},{_nodes:[{get:t+"s/"+e+"/oidcRPMetaDataOptionsDisplayName",id:t+"s/"+e+"/oidcRPMetaDataOptionsDisplayName",title:"oidcRPMetaDataOptionsDisplayName"},{get:t+"s/"+e+"/oidcRPMetaDataOptionsIcon",id:t+"s/"+e+"/oidcRPMetaDataOptionsIcon",title:"oidcRPMetaDataOptionsIcon"}],help:"idpopenidconnect.html#display",id:"oidcRPMetaDataOptionsDisplay",title:"oidcRPMetaDataOptionsDisplay",type:"simpleInputContainer"}];case"samlIDPMetaDataNode":return[{get:t+"s/"+e+"/samlIDPMetaDataXML",id:t+"s/"+e+"/samlIDPMetaDataXML",title:"samlIDPMetaDataXML",type:"file"},{cnodes:t+"s/"+e+"/samlIDPMetaDataExportedAttributes",default:[],help:"authsaml.html#exported-attributes",id:t+"s/"+e+"/samlIDPMetaDataExportedAttributes",title:"samlIDPMetaDataExportedAttributes",type:"samlAttributeContainer"},{_nodes:[{default:0,get:t+"s/"+e+"/samlIDPMetaDataOptionsAdaptSessionUtime",id:t+"s/"+e+"/samlIDPMetaDataOptionsAdaptSessionUtime",title:"samlIDPMetaDataOptionsAdaptSessionUtime",type:"bool"},{default:0,get:t+"s/"+e+"/samlIDPMetaDataOptionsForceUTF8",id:t+"s/"+e+"/samlIDPMetaDataOptionsForceUTF8",title:"samlIDPMetaDataOptionsForceUTF8",type:"bool"},{default:0,get:t+"s/"+e+"/samlIDPMetaDataOptionsStoreSAMLToken",id:t+"s/"+e+"/samlIDPMetaDataOptionsStoreSAMLToken",title:"samlIDPMetaDataOptionsStoreSAMLToken",type:"bool"},{get:t+"s/"+e+"/samlIDPMetaDataOptionsUserAttribute",id:t+"s/"+e+"/samlIDPMetaDataOptionsUserAttribute",title:"samlIDPMetaDataOptionsUserAttribute"}],help:"authsaml.html#session",id:"samlIDPMetaDataOptionsSession",title:"samlIDPMetaDataOptionsSession",type:"simpleInputContainer"},{_nodes:[{default:"",get:t+"s/"+e+"/samlIDPMetaDataOptionsSignatureMethod",id:t+"s/"+e+"/samlIDPMetaDataOptionsSignatureMethod",select:[{k:"",v:"default"},{k:"RSA_SHA1",v:"RSA SHA1"},{k:"RSA_SHA256",v:"RSA SHA256"},{k:"RSA_SHA384",v:"RSA SHA384"},{k:"RSA_SHA512",v:"RSA SHA512"}],title:"samlIDPMetaDataOptionsSignatureMethod",type:"select"},{default:-1,get:t+"s/"+e+"/samlIDPMetaDataOptionsSignSSOMessage",id:t+"s/"+e+"/samlIDPMetaDataOptionsSignSSOMessage",title:"samlIDPMetaDataOptionsSignSSOMessage",type:"trool"},{default:1,get:t+"s/"+e+"/samlIDPMetaDataOptionsCheckSSOMessageSignature",id:t+"s/"+e+"/samlIDPMetaDataOptionsCheckSSOMessageSignature",title:"samlIDPMetaDataOptionsCheckSSOMessageSignature",type:"bool"},{default:-1,get:t+"s/"+e+"/samlIDPMetaDataOptionsSignSLOMessage",id:t+"s/"+e+"/samlIDPMetaDataOptionsSignSLOMessage",title:"samlIDPMetaDataOptionsSignSLOMessage",type:"trool"},{default:1,get:t+"s/"+e+"/samlIDPMetaDataOptionsCheckSLOMessageSignature",id:t+"s/"+e+"/samlIDPMetaDataOptionsCheckSLOMessageSignature",title:"samlIDPMetaDataOptionsCheckSLOMessageSignature",type:"bool"}],help:"authsaml.html#signature",id:"samlIDPMetaDataOptionsSignature",title:"samlIDPMetaDataOptionsSignature",type:"simpleInputContainer"},{_nodes:[{default:"",get:t+"s/"+e+"/samlIDPMetaDataOptionsSSOBinding",id:t+"s/"+e+"/samlIDPMetaDataOptionsSSOBinding",select:[{k:"",v:""},{k:"http-post",v:"POST"},{k:"http-redirect",v:"Redirect"},{k:"artifact-get",v:"Artifact GET"}],title:"samlIDPMetaDataOptionsSSOBinding",type:"select"},{default:"",get:t+"s/"+e+"/samlIDPMetaDataOptionsSLOBinding",id:t+"s/"+e+"/samlIDPMetaDataOptionsSLOBinding",select:[{k:"",v:""},{k:"http-post",v:"POST"},{k:"http-redirect",v:"Redirect"},{k:"http-soap",v:"SOAP"}],title:"samlIDPMetaDataOptionsSLOBinding",type:"select"}],help:"authsaml.html#binding",id:"samlIDPMetaDataOptionsBinding",title:"samlIDPMetaDataOptionsBinding",type:"simpleInputContainer"},{_nodes:[{default:"none",get:t+"s/"+e+"/samlIDPMetaDataOptionsEncryptionMode",id:t+"s/"+e+"/samlIDPMetaDataOptionsEncryptionMode",select:[{k:"none",v:"None"},{k:"nameid",v:"Name ID"},{k:"assertion",v:"Assertion"}],title:"samlIDPMetaDataOptionsEncryptionMode",type:"select"},{default:1,get:t+"s/"+e+"/samlIDPMetaDataOptionsCheckTime",id:t+"s/"+e+"/samlIDPMetaDataOptionsCheckTime",title:"samlIDPMetaDataOptionsCheckTime",type:"bool"},{default:1,get:t+"s/"+e+"/samlIDPMetaDataOptionsCheckAudience",id:t+"s/"+e+"/samlIDPMetaDataOptionsCheckAudience",title:"samlIDPMetaDataOptionsCheckAudience",type:"bool"}],help:"authsaml.html#security",id:"samlIDPMetaDataOptionsSecurity",title:"samlIDPMetaDataOptionsSecurity",type:"simpleInputContainer"},{_nodes:[{default:"",get:t+"s/"+e+"/samlIDPMetaDataOptionsNameIDFormat",id:t+"s/"+e+"/samlIDPMetaDataOptionsNameIDFormat",select:[{k:"",v:""},{k:"unspecified",v:"Unspecified"},{k:"email",v:"Email"},{k:"x509",v:"X509 certificate"},{k:"windows",v:"Windows"},{k:"kerberos",v:"Kerberos"},{k:"entity",v:"Entity"},{k:"persistent",v:"Persistent"},{k:"transient",v:"Transient"},{k:"encrypted",v:"Encrypted"}],title:"samlIDPMetaDataOptionsNameIDFormat",type:"select"},{default:0,get:t+"s/"+e+"/samlIDPMetaDataOptionsForceAuthn",id:t+"s/"+e+"/samlIDPMetaDataOptionsForceAuthn",title:"samlIDPMetaDataOptionsForceAuthn",type:"bool"},{default:0,get:t+"s/"+e+"/samlIDPMetaDataOptionsIsPassive",id:t+"s/"+e+"/samlIDPMetaDataOptionsIsPassive",title:"samlIDPMetaDataOptionsIsPassive",type:"bool"},{default:0,get:t+"s/"+e+"/samlIDPMetaDataOptionsAllowLoginFromIDP",id:t+"s/"+e+"/samlIDPMetaDataOptionsAllowLoginFromIDP",title:"samlIDPMetaDataOptionsAllowLoginFromIDP",type:"bool"},{default:"",get:t+"s/"+e+"/samlIDPMetaDataOptionsRequestedAuthnContext",id:t+"s/"+e+"/samlIDPMetaDataOptionsRequestedAuthnContext",select:[{k:"",v:""},{k:"kerberos",v:"Kerberos"},{k:"password-protected-transport",v:"Password protected transport"},{k:"password",v:"Password"},{k:"tls-client",v:"TLS client certificate"}],title:"samlIDPMetaDataOptionsRequestedAuthnContext",type:"select"},{default:0,get:t+"s/"+e+"/samlIDPMetaDataOptionsRelayStateURL",id:t+"s/"+e+"/samlIDPMetaDataOptionsRelayStateURL",title:"samlIDPMetaDataOptionsRelayStateURL",type:"bool"},{_nodes:[{get:t+"s/"+e+"/samlIDPMetaDataOptionsFederationEntityID",id:t+"s/"+e+"/samlIDPMetaDataOptionsFederationEntityID",title:"samlIDPMetaDataOptionsFederationEntityID"}],id:"samlIDPMetaDataOptionsFederation",title:"samlIDPMetaDataOptionsFederation",type:"simpleInputContainer"},{get:t+"s/"+e+"/samlIDPMetaDataOptionsComment",id:t+"s/"+e+"/samlIDPMetaDataOptionsComment",title:"samlIDPMetaDataOptionsComment",type:"longtext"}],help:"authsaml.html#options",id:"samlIDPMetaDataOptions",title:"samlIDPMetaDataOptions"},{_nodes:[{get:t+"s/"+e+"/samlIDPMetaDataOptionsDisplayName",id:t+"s/"+e+"/samlIDPMetaDataOptionsDisplayName",title:"samlIDPMetaDataOptionsDisplayName"},{get:t+"s/"+e+"/samlIDPMetaDataOptionsIcon",id:t+"s/"+e+"/samlIDPMetaDataOptionsIcon",title:"samlIDPMetaDataOptionsIcon"},{get:t+"s/"+e+"/samlIDPMetaDataOptionsTooltip",id:t+"s/"+e+"/samlIDPMetaDataOptionsTooltip",title:"samlIDPMetaDataOptionsTooltip"},{default:"",get:t+"s/"+e+"/samlIDPMetaDataOptionsResolutionRule",id:t+"s/"+e+"/samlIDPMetaDataOptionsResolutionRule",title:"samlIDPMetaDataOptionsResolutionRule",type:"longtext"},{get:t+"s/"+e+"/samlIDPMetaDataOptionsSortNumber",id:t+"s/"+e+"/samlIDPMetaDataOptionsSortNumber",title:"samlIDPMetaDataOptionsSortNumber",type:"intOrNull"}],help:"authsaml.html#display",id:"samlIDPMetaDataOptionsDisplay",title:"samlIDPMetaDataOptionsDisplay",type:"simpleInputContainer"}];case"samlSPMetaDataNode":return[{get:t+"s/"+e+"/samlSPMetaDataXML",id:t+"s/"+e+"/samlSPMetaDataXML",title:"samlSPMetaDataXML",type:"file"},{cnodes:t+"s/"+e+"/samlSPMetaDataExportedAttributes",default:[],help:"idpsaml.html#exported-attributes",id:t+"s/"+e+"/samlSPMetaDataExportedAttributes",title:"samlSPMetaDataExportedAttributes",type:"samlAttributeContainer"},{_nodes:[{_nodes:[{default:"",get:t+"s/"+e+"/samlSPMetaDataOptionsNameIDFormat",id:t+"s/"+e+"/samlSPMetaDataOptionsNameIDFormat",select:[{k:"",v:""},{k:"unspecified",v:"Unspecified"},{k:"email",v:"Email"},{k:"x509",v:"X509 certificate"},{k:"windows",v:"Windows"},{k:"kerberos",v:"Kerberos"},{k:"entity",v:"Entity"},{k:"persistent",v:"Persistent"},{k:"transient",v:"Transient"},{k:"encrypted",v:"Encrypted"}],title:"samlSPMetaDataOptionsNameIDFormat",type:"select"},{get:t+"s/"+e+"/samlSPMetaDataOptionsNameIDSessionKey",id:t+"s/"+e+"/samlSPMetaDataOptionsNameIDSessionKey",title:"samlSPMetaDataOptionsNameIDSessionKey"},{default:0,get:t+"s/"+e+"/samlSPMetaDataOptionsOneTimeUse",id:t+"s/"+e+"/samlSPMetaDataOptionsOneTimeUse",title:"samlSPMetaDataOptionsOneTimeUse",type:"bool"},{default:72e3,get:t+"s/"+e+"/samlSPMetaDataOptionsSessionNotOnOrAfterTimeout",id:t+"s/"+e+"/samlSPMetaDataOptionsSessionNotOnOrAfterTimeout",title:"samlSPMetaDataOptionsSessionNotOnOrAfterTimeout",type:"int"},{default:72e3,get:t+"s/"+e+"/samlSPMetaDataOptionsNotOnOrAfterTimeout",id:t+"s/"+e+"/samlSPMetaDataOptionsNotOnOrAfterTimeout",title:"samlSPMetaDataOptionsNotOnOrAfterTimeout",type:"int"},{default:1,get:t+"s/"+e+"/samlSPMetaDataOptionsForceUTF8",id:t+"s/"+e+"/samlSPMetaDataOptionsForceUTF8",title:"samlSPMetaDataOptionsForceUTF8",type:"bool"}],id:"samlSPMetaDataOptionsAuthnResponse",title:"samlSPMetaDataOptionsAuthnResponse",type:"simpleInputContainer"},{_nodes:[{default:"",get:t+"s/"+e+"/samlSPMetaDataOptionsSignatureMethod",id:t+"s/"+e+"/samlSPMetaDataOptionsSignatureMethod",select:[{k:"",v:"default"},{k:"RSA_SHA1",v:"RSA SHA1"},{k:"RSA_SHA256",v:"RSA SHA256"},{k:"RSA_SHA384",v:"RSA SHA384"},{k:"RSA_SHA512",v:"RSA SHA512"}],title:"samlSPMetaDataOptionsSignatureMethod",type:"select"},{default:-1,get:t+"s/"+e+"/samlSPMetaDataOptionsSignSSOMessage",id:t+"s/"+e+"/samlSPMetaDataOptionsSignSSOMessage",title:"samlSPMetaDataOptionsSignSSOMessage",type:"trool"},{default:1,get:t+"s/"+e+"/samlSPMetaDataOptionsCheckSSOMessageSignature",id:t+"s/"+e+"/samlSPMetaDataOptionsCheckSSOMessageSignature",title:"samlSPMetaDataOptionsCheckSSOMessageSignature",type:"bool"},{default:-1,get:t+"s/"+e+"/samlSPMetaDataOptionsSignSLOMessage",id:t+"s/"+e+"/samlSPMetaDataOptionsSignSLOMessage",title:"samlSPMetaDataOptionsSignSLOMessage",type:"trool"},{default:1,get:t+"s/"+e+"/samlSPMetaDataOptionsCheckSLOMessageSignature",id:t+"s/"+e+"/samlSPMetaDataOptionsCheckSLOMessageSignature",title:"samlSPMetaDataOptionsCheckSLOMessageSignature",type:"bool"}],id:"samlSPMetaDataOptionsSignature",title:"samlSPMetaDataOptionsSignature",type:"simpleInputContainer"},{_nodes:[{default:"none",get:t+"s/"+e+"/samlSPMetaDataOptionsEncryptionMode",id:t+"s/"+e+"/samlSPMetaDataOptionsEncryptionMode",select:[{k:"none",v:"None"},{k:"nameid",v:"Name ID"},{k:"assertion",v:"Assertion"}],title:"samlSPMetaDataOptionsEncryptionMode",type:"select"},{default:0,get:t+"s/"+e+"/samlSPMetaDataOptionsEnableIDPInitiatedURL",id:t+"s/"+e+"/samlSPMetaDataOptionsEnableIDPInitiatedURL",title:"samlSPMetaDataOptionsEnableIDPInitiatedURL",type:"bool"},{get:t+"s/"+e+"/samlSPMetaDataOptionsAuthnLevel",id:t+"s/"+e+"/samlSPMetaDataOptionsAuthnLevel",title:"samlSPMetaDataOptionsAuthnLevel",type:"intOrNull"},{get:t+"s/"+e+"/samlSPMetaDataOptionsRule",id:t+"s/"+e+"/samlSPMetaDataOptionsRule",title:"samlSPMetaDataOptionsRule"}],id:"samlSPMetaDataOptionsSecurity",title:"samlSPMetaDataOptionsSecurity",type:"simpleInputContainer"},{_nodes:[{get:t+"s/"+e+"/samlSPMetaDataOptionsFederationEntityID",id:t+"s/"+e+"/samlSPMetaDataOptionsFederationEntityID",title:"samlSPMetaDataOptionsFederationEntityID"},{default:"",get:t+"s/"+e+"/samlSPMetaDataOptionsFederationOptionalAttributes",id:t+"s/"+e+"/samlSPMetaDataOptionsFederationOptionalAttributes",select:[{k:"",v:"keep"},{k:"ignore",v:"ignore"}],title:"samlSPMetaDataOptionsFederationOptionalAttributes",type:"select"},{default:"",get:t+"s/"+e+"/samlSPMetaDataOptionsFederationRequiredAttributes",id:t+"s/"+e+"/samlSPMetaDataOptionsFederationRequiredAttributes",select:[{k:"",v:"keep"},{k:"optional",v:"makeoptional"},{k:"ignore",v:"ignore"}],title:"samlSPMetaDataOptionsFederationRequiredAttributes",type:"select"}],id:"samlSPMetaDataOptionsFederation",title:"samlSPMetaDataOptionsFederation",type:"simpleInputContainer"},{get:t+"s/"+e+"/samlSPMetaDataOptionsComment",id:t+"s/"+e+"/samlSPMetaDataOptionsComment",title:"samlSPMetaDataOptionsComment",type:"longtext"}],help:"idpsaml.html#options",id:"samlSPMetaDataOptions",title:"samlSPMetaDataOptions"},{cnodes:t+"s/"+e+"/samlSPMetaDataMacros",default:[],help:"exportedvars.html#extend-variables-using-macros-and-groups",id:t+"s/"+e+"/samlSPMetaDataMacros",title:"samlSPMetaDataMacros",type:"keyTextContainer"}];case"virtualHost":return[{cnodes:t+"s/"+e+"/locationRules",default:[{data:"deny",id:t+"s/"+e+"/locationRules/default",re:"default",title:"default",type:"rule"}],help:"writingrulesand_headers.html#rules",id:t+"s/"+e+"/locationRules",title:"locationRules",type:"ruleContainer"},{cnodes:t+"s/"+e+"/exportedHeaders",help:"writingrulesand_headers.html#headers",id:t+"s/"+e+"/exportedHeaders",title:"exportedHeaders",type:"keyTextContainer"},{cnodes:t+"s/"+e+"/post",help:"formreplay.html",id:t+"s/"+e+"/post",title:"post",type:"postContainer"},{_nodes:[{default:-1,get:t+"s/"+e+"/vhostPort",id:t+"s/"+e+"/vhostPort",title:"vhostPort",type:"int"},{default:-1,get:t+"s/"+e+"/vhostHttps",id:t+"s/"+e+"/vhostHttps",title:"vhostHttps",type:"trool"},{default:0,get:t+"s/"+e+"/vhostMaintenance",id:t+"s/"+e+"/vhostMaintenance",title:"vhostMaintenance",type:"bool"},{default:"",get:t+"s/"+e+"/vhostAliases",id:t+"s/"+e+"/vhostAliases",title:"vhostAliases"},{default:"",get:t+"s/"+e+"/vhostAccessToTrace",id:t+"s/"+e+"/vhostAccessToTrace",title:"vhostAccessToTrace"},{get:t+"s/"+e+"/vhostAuthnLevel",id:t+"s/"+e+"/vhostAuthnLevel",title:"vhostAuthnLevel",type:"intOrNull"},{default:"Main",get:t+"s/"+e+"/vhostType",id:t+"s/"+e+"/vhostType",select:[{k:"AuthBasic",v:"AuthBasic"},{k:"CDA",v:"CDA"},{k:"DevOps",v:"DevOps"},{k:"DevOpsST",v:"DevOpsST"},{k:"DevOpsCDA",v:"DevOpsCDA"},{k:"Main",v:"Main"},{k:"OAuth2",v:"OAuth2"},{k:"SecureToken",v:"SecureToken"},{k:"ServiceToken",v:"ServiceToken"},{k:"ZimbraPreAuth",v:"ZimbraPreAuth"}],title:"vhostType",type:"select"},{get:t+"s/"+e+"/vhostDevOpsRulesUrl",id:t+"s/"+e+"/vhostDevOpsRulesUrl",title:"vhostDevOpsRulesUrl"},{default:-1,get:t+"s/"+e+"/vhostServiceTokenTTL",id:t+"s/"+e+"/vhostServiceTokenTTL",title:"vhostServiceTokenTTL",type:"int"},{default:"",get:t+"s/"+e+"/vhostComment",id:t+"s/"+e+"/vhostComment",title:"vhostComment",type:"longtext"}],help:"configvhost.html#options",id:"vhostOptions",title:"vhostOptions",type:"simpleInputContainer"}];default:return[]}}function setScopeVars(t){t.portal=t.data[0]._nodes[0]._nodes[0],t.getKey(t.portal),t.domain=t.data[0]._nodes[4]._nodes[1],t.getKey(t.domain)} \ No newline at end of file diff --git a/lemonldap-ng-manager/site/htdocs/static/js/conftree.min.js.map b/lemonldap-ng-manager/site/htdocs/static/js/conftree.min.js.map index 9d1eb03ee066c677a9405afdd8bad5cde9e60149..a3e49c09a6b76f6cc85664ed300cb317ab41bf33 100644 --- a/lemonldap-ng-manager/site/htdocs/static/js/conftree.min.js.map +++ b/lemonldap-ng-manager/site/htdocs/static/js/conftree.min.js.map @@ -1 +1 @@ -{"version":3,"sources":["conftree.js"],"names":["templates","tpl","key","cnodes","default","data","id","title","type","_nodes","get","help","select","k","v","re","setScopeVars","scope","portal","getKey","domain"],"mappings":"AAAA,SAASA,UAAUC,EAAIC,GASrB,OAAOD,GACP,IAAK,qBACH,MAAO,CACR,CACGE,OAAWF,EAAI,KAAKC,EAAI,8BACxBE,QAAY,CACT,CACGC,KAAS,KACTC,GAAOL,EAAI,KAAKC,EAAI,iCACpBK,MAAU,KACVC,KAAS,WAEZ,CACGH,KAAS,OACTC,GAAOL,EAAI,KAAKC,EAAI,mCACpBK,MAAU,OACVC,KAAS,WAEZ,CACGH,KAAS,MACTC,GAAOL,EAAI,KAAKC,EAAI,kCACpBK,MAAU,MACVC,KAAS,YAGfF,GAAOL,EAAI,KAAKC,EAAI,8BACpBK,MAAU,6BACVC,KAAS,oBAEZ,CACGC,OAAW,CACR,CACGC,IAAQT,EAAI,KAAKC,EAAI,gCACrBI,GAAOL,EAAI,KAAKC,EAAI,gCACpBK,MAAU,gCAEb,CACGG,IAAQT,EAAI,KAAKC,EAAI,sCACrBI,GAAOL,EAAI,KAAKC,EAAI,sCACpBK,MAAU,sCAEb,CACGH,SAAa,EACbM,IAAQT,EAAI,KAAKC,EAAI,+BACrBI,GAAOL,EAAI,KAAKC,EAAI,+BACpBK,MAAU,8BACVC,KAAS,SAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,mCACrBI,GAAOL,EAAI,KAAKC,EAAI,mCACpBK,MAAU,kCACVC,KAAS,aAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,6BACrBI,GAAOL,EAAI,KAAKC,EAAI,6BACpBK,MAAU,6BAEb,CACGG,IAAQT,EAAI,KAAKC,EAAI,gCACrBI,GAAOL,EAAI,KAAKC,EAAI,gCACpBK,MAAU,+BACVC,KAAS,aAGfF,GAAO,wBACPC,MAAU,wBACVC,KAAS,wBAEZ,CACGC,OAAW,CACR,CACGC,IAAQT,EAAI,KAAKC,EAAI,oCACrBI,GAAOL,EAAI,KAAKC,EAAI,oCACpBK,MAAU,qCAGhBD,GAAO,+BACPC,MAAU,+BACVC,KAAS,wBAEZ,CACGL,OAAWF,EAAI,KAAKC,EAAI,wBACxBE,QAAY,GACZO,KAAS,6DACTL,GAAOL,EAAI,KAAKC,EAAI,wBACpBK,MAAU,uBACVC,KAAS,qBAIb,IAAK,qBACH,MAAO,CACR,CACGL,OAAWF,EAAI,KAAKC,EAAI,8BACxBE,QAAY,CACT,CACGC,KAAS,KACTC,GAAOL,EAAI,KAAKC,EAAI,iCACpBK,MAAU,KACVC,KAAS,WAEZ,CACGH,KAAS,OACTC,GAAOL,EAAI,KAAKC,EAAI,mCACpBK,MAAU,OACVC,KAAS,WAEZ,CACGH,KAAS,MACTC,GAAOL,EAAI,KAAKC,EAAI,kCACpBK,MAAU,MACVC,KAAS,YAGfF,GAAOL,EAAI,KAAKC,EAAI,8BACpBK,MAAU,6BACVC,KAAS,oBAEZ,CACGL,OAAWF,EAAI,KAAKC,EAAI,wCACxBI,GAAOL,EAAI,KAAKC,EAAI,wCACpBK,MAAU,uCACVC,KAAS,oBAEZ,CACGC,OAAW,CACR,CACGC,IAAQT,EAAI,KAAKC,EAAI,4BACrBI,GAAOL,EAAI,KAAKC,EAAI,4BACpBK,MAAU,4BAEb,CACGH,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,8BACrBI,GAAOL,EAAI,KAAKC,EAAI,8BACpBK,MAAU,6BACVC,KAAS,QAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,gCACrBI,GAAOL,EAAI,KAAKC,EAAI,gCACpBK,MAAU,+BACVC,KAAS,QAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,gCACrBI,GAAOL,EAAI,KAAKC,EAAI,gCACpBK,MAAU,+BACVC,KAAS,aAGfF,GAAO,wBACPC,MAAU,wBACVC,KAAS,wBAEZ,CACGC,OAAW,CACR,CACGC,IAAQT,EAAI,KAAKC,EAAI,oCACrBI,GAAOL,EAAI,KAAKC,EAAI,oCACpBK,MAAU,oCAEb,CACGG,IAAQT,EAAI,KAAKC,EAAI,6BACrBI,GAAOL,EAAI,KAAKC,EAAI,6BACpBK,MAAU,6BAEb,CACGG,IAAQT,EAAI,KAAKC,EAAI,gCACrBI,GAAOL,EAAI,KAAKC,EAAI,gCACpBK,MAAU,gCAEb,CACGH,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAI,uCACrBI,GAAOL,EAAI,KAAKC,EAAI,uCACpBK,MAAU,sCACVC,KAAS,YAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,mCACrBI,GAAOL,EAAI,KAAKC,EAAI,mCACpBK,MAAU,kCACVC,KAAS,cAGfF,GAAO,+BACPC,MAAU,+BACVC,KAAS,yBAIb,IAAK,qBACH,MAAO,CACR,CACGE,IAAQT,EAAI,KAAKC,EAAI,sBACrBI,GAAOL,EAAI,KAAKC,EAAI,sBACpBK,MAAU,qBACVC,KAAS,QAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,sBACrBI,GAAOL,EAAI,KAAKC,EAAI,sBACpBK,MAAU,qBACVC,KAAS,QAEZ,CACGL,OAAWF,EAAI,KAAKC,EAAI,8BACxBE,QAAY,CACT,CACGC,KAAS,OACTC,GAAOL,EAAI,KAAKC,EAAI,iCACpBK,MAAU,KACVC,KAAS,WAEZ,CACGH,KAAS,QACTC,GAAOL,EAAI,KAAKC,EAAI,mCACpBK,MAAU,OACVC,KAAS,WAEZ,CACGH,KAAS,cACTC,GAAOL,EAAI,KAAKC,EAAI,iCACpBK,MAAU,KACVC,KAAS,WAEZ,CACGH,KAAS,MACTC,GAAOL,EAAI,KAAKC,EAAI,kCACpBK,MAAU,MACVC,KAAS,YAGfF,GAAOL,EAAI,KAAKC,EAAI,8BACpBK,MAAU,6BACVC,KAAS,oBAEZ,CACGC,OAAW,CACR,CACGA,OAAW,CACR,CACGC,IAAQT,EAAI,KAAKC,EAAI,yCACrBI,GAAOL,EAAI,KAAKC,EAAI,yCACpBK,MAAU,yCAEb,CACGH,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,oCACrBI,GAAOL,EAAI,KAAKC,EAAI,oCACpBK,MAAU,mCACVC,KAAS,OAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,iCACrBI,GAAOL,EAAI,KAAKC,EAAI,iCACpBK,MAAU,iCAEb,CACGG,IAAQT,EAAI,KAAKC,EAAI,qCACrBI,GAAOL,EAAI,KAAKC,EAAI,qCACpBK,MAAU,oCACVC,KAAS,YAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,qCACrBI,GAAOL,EAAI,KAAKC,EAAI,qCACpBK,MAAU,oCACVC,KAAS,QAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,sCACrBI,GAAOL,EAAI,KAAKC,EAAI,sCACpBK,MAAU,sCAEb,CACGG,IAAQT,EAAI,KAAKC,EAAI,oCACrBI,GAAOL,EAAI,KAAKC,EAAI,oCACpBK,MAAU,mCACVC,KAAS,SAGfF,GAAO,qCACPC,MAAU,qCACVC,KAAS,wBAEZ,CACGC,OAAW,CACR,CACGL,QAAY,iBACZM,IAAQT,EAAI,KAAKC,EAAI,8BACrBI,GAAOL,EAAI,KAAKC,EAAI,8BACpBK,MAAU,8BAEb,CACGH,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAI,gCACrBI,GAAOL,EAAI,KAAKC,EAAI,gCACpBU,OAAW,CACR,CACGC,EAAM,GACNC,EAAM,IAET,CACGD,EAAM,OACNC,EAAM,QAET,CACGD,EAAM,QACNC,EAAM,SAET,CACGD,EAAM,QACNC,EAAM,SAET,CACGD,EAAM,MACNC,EAAM,QAGZP,MAAU,+BACVC,KAAS,UAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,+BACrBI,GAAOL,EAAI,KAAKC,EAAI,+BACpBK,MAAU,+BAEb,CACGH,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,+BACrBI,GAAOL,EAAI,KAAKC,EAAI,+BACpBK,MAAU,8BACVC,KAAS,OAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,kCACrBI,GAAOL,EAAI,KAAKC,EAAI,kCACpBK,MAAU,kCAEb,CACGG,IAAQT,EAAI,KAAKC,EAAI,kCACrBI,GAAOL,EAAI,KAAKC,EAAI,kCACpBK,MAAU,kCAEb,CACGH,QAAY,MACZM,IAAQT,EAAI,KAAKC,EAAI,gDACrBI,GAAOL,EAAI,KAAKC,EAAI,gDACpBU,OAAW,CACR,CACGC,EAAM,GACNC,EAAM,QAET,CACGD,EAAM,MACNC,EAAM,eAGZP,MAAU,+CACVC,KAAS,UAEZ,CACGJ,QAAY,QACZM,IAAQT,EAAI,KAAKC,EAAI,gDACrBI,GAAOL,EAAI,KAAKC,EAAI,gDACpBU,OAAW,CACR,CACGC,EAAM,QACNC,EAAM,SAET,CACGD,EAAM,QACNC,EAAM,SAET,CACGD,EAAM,QACNC,EAAM,SAET,CACGD,EAAM,QACNC,EAAM,SAET,CACGD,EAAM,QACNC,EAAM,SAET,CACGD,EAAM,QACNC,EAAM,SAET,CACGD,EAAM,QACNC,EAAM,SAET,CACGD,EAAM,QACNC,EAAM,SAET,CACGD,EAAM,QACNC,EAAM,SAET,CACGD,EAAM,QACNC,EAAM,SAET,CACGD,EAAM,QACNC,EAAM,SAET,CACGD,EAAM,QACNC,EAAM,SAET,CACGD,EAAM,QACNC,EAAM,UAGZP,MAAU,+CACVC,KAAS,UAEZ,CACGJ,QAAY,qBACZM,IAAQT,EAAI,KAAKC,EAAI,gDACrBI,GAAOL,EAAI,KAAKC,EAAI,gDACpBU,OAAW,CACR,CACGC,EAAM,qBACNC,EAAM,sBAET,CACGD,EAAM,sBACNC,EAAM,uBAET,CACGD,EAAM,oBACNC,EAAM,qBAET,CACGD,EAAM,kBACNC,EAAM,oBAGZP,MAAU,+CACVC,KAAS,UAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,0CACrBI,GAAOL,EAAI,KAAKC,EAAI,0CACpBK,MAAU,yCACVC,KAAS,QAEZ,CACGJ,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAI,sCACrBI,GAAOL,EAAI,KAAKC,EAAI,sCACpBK,MAAU,qCACVC,KAAS,OAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,iCACrBI,GAAOL,EAAI,KAAKC,EAAI,iCACpBK,MAAU,gCACVC,KAAS,SAGfF,GAAO,gCACPC,MAAU,gCACVC,KAAS,wBAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,gCACrBI,GAAOL,EAAI,KAAKC,EAAI,gCACpBK,MAAU,+BACVC,KAAS,aAGfG,KAAS,iCACTL,GAAO,wBACPC,MAAU,yBAEb,CACGE,OAAW,CACR,CACGC,IAAQT,EAAI,KAAKC,EAAI,oCACrBI,GAAOL,EAAI,KAAKC,EAAI,oCACpBK,MAAU,oCAEb,CACGG,IAAQT,EAAI,KAAKC,EAAI,6BACrBI,GAAOL,EAAI,KAAKC,EAAI,6BACpBK,MAAU,6BAEb,CACGG,IAAQT,EAAI,KAAKC,EAAI,gCACrBI,GAAOL,EAAI,KAAKC,EAAI,gCACpBK,MAAU,gCAEb,CACGH,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAI,uCACrBI,GAAOL,EAAI,KAAKC,EAAI,uCACpBK,MAAU,sCACVC,KAAS,YAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,mCACrBI,GAAOL,EAAI,KAAKC,EAAI,mCACpBK,MAAU,kCACVC,KAAS,cAGfG,KAAS,iCACTL,GAAO,qCACPC,MAAU,qCACVC,KAAS,yBAIb,IAAK,qBACH,MAAO,CACR,CACGC,OAAW,CACR,CACGL,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,+BACrBI,GAAOL,EAAI,KAAKC,EAAI,+BACpBK,MAAU,8BACVC,KAAS,QAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,iCACrBI,GAAOL,EAAI,KAAKC,EAAI,iCACpBK,MAAU,iCAEb,CACGG,IAAQT,EAAI,KAAKC,EAAI,qCACrBI,GAAOL,EAAI,KAAKC,EAAI,qCACpBK,MAAU,oCACVC,KAAS,YAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,qCACrBI,GAAOL,EAAI,KAAKC,EAAI,qCACpBK,MAAU,sCAGhBI,KAAS,sCACTL,GAAO,6BACPC,MAAU,6BACVC,KAAS,wBAEZ,CACGL,OAAWF,EAAI,KAAKC,EAAI,8BACxBE,QAAY,CACT,CACGC,KAAS,CACN,OACA,SACA,QAEHC,GAAOL,EAAI,KAAKC,EAAI,oCACpBK,MAAU,QACVC,KAAS,iBAEZ,CACGH,KAAS,CACN,KACA,SACA,QAEHC,GAAOL,EAAI,KAAKC,EAAI,mCACpBK,MAAU,OACVC,KAAS,iBAEZ,CACGH,KAAS,CACN,MACA,SACA,QAEHC,GAAOL,EAAI,KAAKC,EAAI,iDACpBK,MAAU,qBACVC,KAAS,kBAGfG,KAAS,4CACTL,GAAOL,EAAI,KAAKC,EAAI,8BACpBK,MAAU,6BACVC,KAAS,0BAEZ,CACGC,OAAW,CACR,CACGA,OAAW,CACR,CACGL,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,sCACrBI,GAAOL,EAAI,KAAKC,EAAI,sCACpBK,MAAU,qCACVC,KAAS,QAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,2CACrBI,GAAOL,EAAI,KAAKC,EAAI,2CACpBK,MAAU,0CACVC,KAAS,QAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,uCACrBI,GAAOL,EAAI,KAAKC,EAAI,uCACpBK,MAAU,sCACVC,KAAS,QAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,0CACrBI,GAAOL,EAAI,KAAKC,EAAI,0CACpBK,MAAU,yCACVC,KAAS,QAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,qCACrBI,GAAOL,EAAI,KAAKC,EAAI,qCACpBK,MAAU,oCACVC,KAAS,QAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,mCACrBI,GAAOL,EAAI,KAAKC,EAAI,mCACpBK,MAAU,mCAEb,CACGG,IAAQT,EAAI,KAAKC,EAAI,4CACrBI,GAAOL,EAAI,KAAKC,EAAI,4CACpBK,MAAU,4CAEb,CACGG,IAAQT,EAAI,KAAKC,EAAI,2CACrBI,GAAOL,EAAI,KAAKC,EAAI,2CACpBK,MAAU,4CAGhBD,GAAO,gCACPC,MAAU,gCACVC,KAAS,wBAEZ,CACGC,OAAW,CACR,CACGN,OAAWF,EAAI,KAAKC,EAAI,oCACxBE,QAAY,GACZO,KAAS,wCACTL,GAAOL,EAAI,KAAKC,EAAI,oCACpBK,MAAU,mCACVC,KAAS,oBAEZ,CACGL,OAAWF,EAAI,KAAKC,EAAI,4BACxBE,QAAY,GACZO,KAAS,oCACTL,GAAOL,EAAI,KAAKC,EAAI,4BACpBK,MAAU,2BACVC,KAAS,qBAGfF,GAAO,8BACPC,MAAU,+BAEb,CACGE,OAAW,CACR,CACGL,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,oCACrBI,GAAOL,EAAI,KAAKC,EAAI,oCACpBK,MAAU,mCACVC,KAAS,QAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,qCACrBI,GAAOL,EAAI,KAAKC,EAAI,qCACpBK,MAAU,oCACVC,KAAS,QAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,2CACrBI,GAAOL,EAAI,KAAKC,EAAI,2CACpBK,MAAU,0CACVC,KAAS,QAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,oDACrBI,GAAOL,EAAI,KAAKC,EAAI,oDACpBK,MAAU,mDACVC,KAAS,QAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,oCACrBI,GAAOL,EAAI,KAAKC,EAAI,oCACpBK,MAAU,oCAEb,CACGG,IAAQT,EAAI,KAAKC,EAAI,mCACrBI,GAAOL,EAAI,KAAKC,EAAI,mCACpBK,MAAU,kCACVC,KAAS,aAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,6BACrBI,GAAOL,EAAI,KAAKC,EAAI,6BACpBK,MAAU,6BAEb,CACGG,IAAQT,EAAI,KAAKC,EAAI,mCACrBI,GAAOL,EAAI,KAAKC,EAAI,mCACpBU,OAAW,CACR,CACGC,EAAM,GACNC,EAAM,OAET,CACGD,EAAM,qBACNC,EAAM,sBAET,CACGD,EAAM,sBACNC,EAAM,uBAET,CACGD,EAAM,oBACNC,EAAM,qBAET,CACGD,EAAM,kBACNC,EAAM,oBAGZP,MAAU,kCACVC,KAAS,UAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,iDACrBI,GAAOL,EAAI,KAAKC,EAAI,iDACpBK,MAAU,gDACVC,KAAS,QAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,0CACrBI,GAAOL,EAAI,KAAKC,EAAI,0CACpBK,MAAU,yCACVC,KAAS,QAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,0CACrBI,GAAOL,EAAI,KAAKC,EAAI,0CACpBK,MAAU,yCACVC,KAAS,QAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,mDACrBI,GAAOL,EAAI,KAAKC,EAAI,mDACpBK,MAAU,kDACVC,KAAS,SAGfF,GAAO,WACPC,MAAU,WACVC,KAAS,wBAEZ,CACGC,OAAW,CACR,CACGL,QAAY,QACZM,IAAQT,EAAI,KAAKC,EAAI,uCACrBI,GAAOL,EAAI,KAAKC,EAAI,uCACpBU,OAAW,CACR,CACGC,EAAM,OACNC,EAAM,QAET,CACGD,EAAM,QACNC,EAAM,SAET,CACGD,EAAM,QACNC,EAAM,SAET,CACGD,EAAM,QACNC,EAAM,SAET,CACGD,EAAM,QACNC,EAAM,SAET,CACGD,EAAM,QACNC,EAAM,SAET,CACGD,EAAM,QACNC,EAAM,SAET,CACGD,EAAM,QACNC,EAAM,SAET,CACGD,EAAM,QACNC,EAAM,SAET,CACGD,EAAM,QACNC,EAAM,SAET,CACGD,EAAM,QACNC,EAAM,SAET,CACGD,EAAM,QACNC,EAAM,SAET,CACGD,EAAM,QACNC,EAAM,SAET,CACGD,EAAM,QACNC,EAAM,UAGZP,MAAU,sCACVC,KAAS,UAEZ,CACGJ,QAAY,QACZM,IAAQT,EAAI,KAAKC,EAAI,2CACrBI,GAAOL,EAAI,KAAKC,EAAI,2CACpBU,OAAW,CACR,CACGC,EAAM,QACNC,EAAM,SAET,CACGD,EAAM,QACNC,EAAM,SAET,CACGD,EAAM,QACNC,EAAM,SAET,CACGD,EAAM,QACNC,EAAM,SAET,CACGD,EAAM,QACNC,EAAM,SAET,CACGD,EAAM,QACNC,EAAM,SAET,CACGD,EAAM,QACNC,EAAM,SAET,CACGD,EAAM,QACNC,EAAM,SAET,CACGD,EAAM,QACNC,EAAM,SAET,CACGD,EAAM,QACNC,EAAM,SAET,CACGD,EAAM,QACNC,EAAM,SAET,CACGD,EAAM,QACNC,EAAM,SAET,CACGD,EAAM,QACNC,EAAM,UAGZP,MAAU,0CACVC,KAAS,UAEZ,CACGJ,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAI,wCACrBI,GAAOL,EAAI,KAAKC,EAAI,wCACpBU,OAAW,CACR,CACGC,EAAM,GACNC,EAAM,QAET,CACGD,EAAM,OACNC,EAAM,YAET,CACGD,EAAM,QACNC,EAAM,aAET,CACGD,EAAM,QACNC,EAAM,aAET,CACGD,EAAM,QACNC,EAAM,aAET,CACGD,EAAM,QACNC,EAAM,aAET,CACGD,EAAM,QACNC,EAAM,aAET,CACGD,EAAM,QACNC,EAAM,aAET,CACGD,EAAM,QACNC,EAAM,aAET,CACGD,EAAM,QACNC,EAAM,aAET,CACGD,EAAM,QACNC,EAAM,aAET,CACGD,EAAM,QACNC,EAAM,aAET,CACGD,EAAM,QACNC,EAAM,aAET,CACGD,EAAM,QACNC,EAAM,aAET,CACGD,EAAM,QACNC,EAAM,cAGZP,MAAU,uCACVC,KAAS,UAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,gDACrBI,GAAOL,EAAI,KAAKC,EAAI,gDACpBU,OAAW,CACR,CACGC,EAAM,GACNC,EAAM,QAET,CACGD,EAAM,WACNC,EAAM,YAET,CACGD,EAAM,eACNC,EAAM,gBAET,CACGD,EAAM,SACNC,EAAM,UAET,CACGD,EAAM,UACNC,EAAM,WAET,CACGD,EAAM,iBACNC,EAAM,kBAET,CACGD,EAAM,iBACNC,EAAM,kBAET,CACGD,EAAM,iBACNC,EAAM,mBAGZP,MAAU,+CACVC,KAAS,UAEZ,CACGJ,QAAY,UACZM,IAAQT,EAAI,KAAKC,EAAI,oDACrBI,GAAOL,EAAI,KAAKC,EAAI,oDACpBU,OAAW,CACR,CACGC,EAAM,gBACNC,EAAM,iBAET,CACGD,EAAM,UACNC,EAAM,WAET,CACGD,EAAM,gBACNC,EAAM,iBAET,CACGD,EAAM,UACNC,EAAM,WAET,CACGD,EAAM,gBACNC,EAAM,iBAET,CACGD,EAAM,UACNC,EAAM,YAGZP,MAAU,mDACVC,KAAS,UAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,4CACrBI,GAAOL,EAAI,KAAKC,EAAI,4CACpBU,OAAW,CACR,CACGC,EAAM,GACNC,EAAM,QAET,CACGD,EAAM,WACNC,EAAM,YAET,CACGD,EAAM,eACNC,EAAM,gBAET,CACGD,EAAM,SACNC,EAAM,UAET,CACGD,EAAM,UACNC,EAAM,WAET,CACGD,EAAM,iBACNC,EAAM,kBAET,CACGD,EAAM,iBACNC,EAAM,kBAET,CACGD,EAAM,iBACNC,EAAM,mBAGZP,MAAU,2CACVC,KAAS,UAEZ,CACGJ,QAAY,UACZM,IAAQT,EAAI,KAAKC,EAAI,gDACrBI,GAAOL,EAAI,KAAKC,EAAI,gDACpBU,OAAW,CACR,CACGC,EAAM,gBACNC,EAAM,iBAET,CACGD,EAAM,UACNC,EAAM,WAET,CACGD,EAAM,gBACNC,EAAM,iBAET,CACGD,EAAM,UACNC,EAAM,WAET,CACGD,EAAM,gBACNC,EAAM,iBAET,CACGD,EAAM,UACNC,EAAM,YAGZP,MAAU,+CACVC,KAAS,UAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,6CACrBI,GAAOL,EAAI,KAAKC,EAAI,6CACpBU,OAAW,CACR,CACGC,EAAM,GACNC,EAAM,QAET,CACGD,EAAM,WACNC,EAAM,YAET,CACGD,EAAM,eACNC,EAAM,gBAET,CACGD,EAAM,SACNC,EAAM,UAET,CACGD,EAAM,UACNC,EAAM,WAET,CACGD,EAAM,iBACNC,EAAM,kBAET,CACGD,EAAM,iBACNC,EAAM,kBAET,CACGD,EAAM,iBACNC,EAAM,mBAGZP,MAAU,4CACVC,KAAS,UAEZ,CACGJ,QAAY,UACZM,IAAQT,EAAI,KAAKC,EAAI,iDACrBI,GAAOL,EAAI,KAAKC,EAAI,iDACpBU,OAAW,CACR,CACGC,EAAM,gBACNC,EAAM,iBAET,CACGD,EAAM,UACNC,EAAM,WAET,CACGD,EAAM,gBACNC,EAAM,iBAET,CACGD,EAAM,UACNC,EAAM,WAET,CACGD,EAAM,gBACNC,EAAM,iBAET,CACGD,EAAM,UACNC,EAAM,YAGZP,MAAU,gDACVC,KAAS,UAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,2CACrBI,GAAOL,EAAI,KAAKC,EAAI,2CACpBU,OAAW,CACR,CACGC,EAAM,GACNC,EAAM,QAET,CACGD,EAAM,WACNC,EAAM,YAET,CACGD,EAAM,eACNC,EAAM,gBAET,CACGD,EAAM,SACNC,EAAM,UAET,CACGD,EAAM,UACNC,EAAM,WAET,CACGD,EAAM,iBACNC,EAAM,kBAET,CACGD,EAAM,iBACNC,EAAM,kBAET,CACGD,EAAM,iBACNC,EAAM,mBAGZP,MAAU,0CACVC,KAAS,UAEZ,CACGJ,QAAY,UACZM,IAAQT,EAAI,KAAKC,EAAI,+CACrBI,GAAOL,EAAI,KAAKC,EAAI,+CACpBU,OAAW,CACR,CACGC,EAAM,gBACNC,EAAM,iBAET,CACGD,EAAM,UACNC,EAAM,WAET,CACGD,EAAM,gBACNC,EAAM,iBAET,CACGD,EAAM,UACNC,EAAM,WAET,CACGD,EAAM,gBACNC,EAAM,iBAET,CACGD,EAAM,UACNC,EAAM,YAGZP,MAAU,8CACVC,KAAS,WAGfF,GAAO,aACPC,MAAU,aACVC,KAAS,wBAEZ,CACGC,OAAW,CACR,CACGC,IAAQT,EAAI,KAAKC,EAAI,gCACrBS,KAAS,wBACTL,GAAOL,EAAI,KAAKC,EAAI,gCACpBK,MAAU,gCAEb,CACGG,IAAQT,EAAI,KAAKC,EAAI,6BACrBI,GAAOL,EAAI,KAAKC,EAAI,6BACpBK,MAAU,4BACVC,KAAS,SAGfF,GAAO,OACPC,MAAU,QAEb,CACGE,OAAW,CACR,CACGC,IAAQT,EAAI,KAAKC,EAAI,oDACrBI,GAAOL,EAAI,KAAKC,EAAI,oDACpBK,MAAU,mDACVC,KAAS,aAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,0CACrBI,GAAOL,EAAI,KAAKC,EAAI,0CACpBK,MAAU,yCACVC,KAAS,aAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,8CACrBI,GAAOL,EAAI,KAAKC,EAAI,8CACpBK,MAAU,6CACVC,KAAS,aAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,iDACrBI,GAAOL,EAAI,KAAKC,EAAI,iDACpBK,MAAU,gDACVC,KAAS,cAGfF,GAAO,gCACPC,MAAU,gCACVC,KAAS,wBAEZ,CACGC,OAAW,CACR,CACGL,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,4CACrBI,GAAOL,EAAI,KAAKC,EAAI,4CACpBK,MAAU,2CACVC,KAAS,QAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,8CACrBI,GAAOL,EAAI,KAAKC,EAAI,8CACpBK,MAAU,6CACVC,KAAS,QAEZ,CACGJ,QAAY,QACZM,IAAQT,EAAI,KAAKC,EAAI,mCACrBI,GAAOL,EAAI,KAAKC,EAAI,mCACpBU,OAAW,CACR,CACGC,EAAM,QACNC,EAAM,iBAET,CACGD,EAAM,OACNC,EAAM,iBAGZP,MAAU,kCACVC,KAAS,UAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,kCACrBI,GAAOL,EAAI,KAAKC,EAAI,kCACpBK,MAAU,kCAEb,CACGG,IAAQT,EAAI,KAAKC,EAAI,+CACrBI,GAAOL,EAAI,KAAKC,EAAI,+CACpBK,MAAU,gDAGhBD,GAAO,SACPC,MAAU,SACVC,KAAS,wBAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,gCACrBI,GAAOL,EAAI,KAAKC,EAAI,gCACpBK,MAAU,+BACVC,KAAS,aAGfG,KAAS,gCACTL,GAAO,wBACPC,MAAU,yBAEb,CACGJ,OAAWF,EAAI,KAAKC,EAAI,wBACxBE,QAAY,GACZO,KAAS,6DACTL,GAAOL,EAAI,KAAKC,EAAI,wBACpBK,MAAU,uBACVC,KAAS,oBAEZ,CACGC,OAAW,CACR,CACGC,IAAQT,EAAI,KAAKC,EAAI,oCACrBI,GAAOL,EAAI,KAAKC,EAAI,oCACpBK,MAAU,oCAEb,CACGG,IAAQT,EAAI,KAAKC,EAAI,6BACrBI,GAAOL,EAAI,KAAKC,EAAI,6BACpBK,MAAU,8BAGhBI,KAAS,gCACTL,GAAO,+BACPC,MAAU,+BACVC,KAAS,yBAIb,IAAK,sBACH,MAAO,CACR,CACGE,IAAQT,EAAI,KAAKC,EAAI,sBACrBI,GAAOL,EAAI,KAAKC,EAAI,sBACpBK,MAAU,qBACVC,KAAS,QAEZ,CACGL,OAAWF,EAAI,KAAKC,EAAI,qCACxBE,QAAY,GACZO,KAAS,oCACTL,GAAOL,EAAI,KAAKC,EAAI,qCACpBK,MAAU,oCACVC,KAAS,0BAEZ,CACGC,OAAW,CACR,CACGL,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,2CACrBI,GAAOL,EAAI,KAAKC,EAAI,2CACpBK,MAAU,0CACVC,KAAS,QAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,mCACrBI,GAAOL,EAAI,KAAKC,EAAI,mCACpBK,MAAU,kCACVC,KAAS,QAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,wCACrBI,GAAOL,EAAI,KAAKC,EAAI,wCACpBK,MAAU,uCACVC,KAAS,QAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,uCACrBI,GAAOL,EAAI,KAAKC,EAAI,uCACpBK,MAAU,wCAGhBI,KAAS,wBACTL,GAAO,gCACPC,MAAU,gCACVC,KAAS,wBAEZ,CACGC,OAAW,CACR,CACGL,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAI,yCACrBI,GAAOL,EAAI,KAAKC,EAAI,yCACpBU,OAAW,CACR,CACGC,EAAM,GACNC,EAAM,WAET,CACGD,EAAM,WACNC,EAAM,YAET,CACGD,EAAM,aACNC,EAAM,cAET,CACGD,EAAM,aACNC,EAAM,cAET,CACGD,EAAM,aACNC,EAAM,eAGZP,MAAU,wCACVC,KAAS,UAEZ,CACGJ,SAAa,EACbM,IAAQT,EAAI,KAAKC,EAAI,wCACrBI,GAAOL,EAAI,KAAKC,EAAI,wCACpBK,MAAU,uCACVC,KAAS,SAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,kDACrBI,GAAOL,EAAI,KAAKC,EAAI,kDACpBK,MAAU,iDACVC,KAAS,QAEZ,CACGJ,SAAa,EACbM,IAAQT,EAAI,KAAKC,EAAI,wCACrBI,GAAOL,EAAI,KAAKC,EAAI,wCACpBK,MAAU,uCACVC,KAAS,SAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,kDACrBI,GAAOL,EAAI,KAAKC,EAAI,kDACpBK,MAAU,iDACVC,KAAS,SAGfG,KAAS,0BACTL,GAAO,kCACPC,MAAU,kCACVC,KAAS,wBAEZ,CACGC,OAAW,CACR,CACGL,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAI,oCACrBI,GAAOL,EAAI,KAAKC,EAAI,oCACpBU,OAAW,CACR,CACGC,EAAM,GACNC,EAAM,IAET,CACGD,EAAM,YACNC,EAAM,QAET,CACGD,EAAM,gBACNC,EAAM,YAET,CACGD,EAAM,eACNC,EAAM,iBAGZP,MAAU,mCACVC,KAAS,UAEZ,CACGJ,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAI,oCACrBI,GAAOL,EAAI,KAAKC,EAAI,oCACpBU,OAAW,CACR,CACGC,EAAM,GACNC,EAAM,IAET,CACGD,EAAM,YACNC,EAAM,QAET,CACGD,EAAM,gBACNC,EAAM,YAET,CACGD,EAAM,YACNC,EAAM,SAGZP,MAAU,mCACVC,KAAS,WAGfG,KAAS,wBACTL,GAAO,gCACPC,MAAU,gCACVC,KAAS,wBAEZ,CACGC,OAAW,CACR,CACGL,QAAY,OACZM,IAAQT,EAAI,KAAKC,EAAI,wCACrBI,GAAOL,EAAI,KAAKC,EAAI,wCACpBU,OAAW,CACR,CACGC,EAAM,OACNC,EAAM,QAET,CACGD,EAAM,SACNC,EAAM,WAET,CACGD,EAAM,YACNC,EAAM,cAGZP,MAAU,uCACVC,KAAS,UAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,mCACrBI,GAAOL,EAAI,KAAKC,EAAI,mCACpBK,MAAU,kCACVC,KAAS,QAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,uCACrBI,GAAOL,EAAI,KAAKC,EAAI,uCACpBK,MAAU,sCACVC,KAAS,SAGfG,KAAS,yBACTL,GAAO,iCACPC,MAAU,iCACVC,KAAS,wBAEZ,CACGC,OAAW,CACR,CACGL,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAI,sCACrBI,GAAOL,EAAI,KAAKC,EAAI,sCACpBU,OAAW,CACR,CACGC,EAAM,GACNC,EAAM,IAET,CACGD,EAAM,cACNC,EAAM,eAET,CACGD,EAAM,QACNC,EAAM,SAET,CACGD,EAAM,OACNC,EAAM,oBAET,CACGD,EAAM,UACNC,EAAM,WAET,CACGD,EAAM,WACNC,EAAM,YAET,CACGD,EAAM,SACNC,EAAM,UAET,CACGD,EAAM,aACNC,EAAM,cAET,CACGD,EAAM,YACNC,EAAM,aAET,CACGD,EAAM,YACNC,EAAM,cAGZP,MAAU,qCACVC,KAAS,UAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,oCACrBI,GAAOL,EAAI,KAAKC,EAAI,oCACpBK,MAAU,mCACVC,KAAS,QAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,mCACrBI,GAAOL,EAAI,KAAKC,EAAI,mCACpBK,MAAU,kCACVC,KAAS,QAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,2CACrBI,GAAOL,EAAI,KAAKC,EAAI,2CACpBK,MAAU,0CACVC,KAAS,QAEZ,CACGJ,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAI,+CACrBI,GAAOL,EAAI,KAAKC,EAAI,+CACpBU,OAAW,CACR,CACGC,EAAM,GACNC,EAAM,IAET,CACGD,EAAM,WACNC,EAAM,YAET,CACGD,EAAM,+BACNC,EAAM,gCAET,CACGD,EAAM,WACNC,EAAM,YAET,CACGD,EAAM,aACNC,EAAM,2BAGZP,MAAU,8CACVC,KAAS,UAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,uCACrBI,GAAOL,EAAI,KAAKC,EAAI,uCACpBK,MAAU,sCACVC,KAAS,QAEZ,CACGC,OAAW,CACR,CACGC,IAAQT,EAAI,KAAKC,EAAI,4CACrBI,GAAOL,EAAI,KAAKC,EAAI,4CACpBK,MAAU,6CAGhBD,GAAO,mCACPC,MAAU,mCACVC,KAAS,wBAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,iCACrBI,GAAOL,EAAI,KAAKC,EAAI,iCACpBK,MAAU,gCACVC,KAAS,aAGfG,KAAS,wBACTL,GAAO,yBACPC,MAAU,0BAEb,CACGE,OAAW,CACR,CACGC,IAAQT,EAAI,KAAKC,EAAI,qCACrBI,GAAOL,EAAI,KAAKC,EAAI,qCACpBK,MAAU,qCAEb,CACGG,IAAQT,EAAI,KAAKC,EAAI,8BACrBI,GAAOL,EAAI,KAAKC,EAAI,8BACpBK,MAAU,8BAEb,CACGG,IAAQT,EAAI,KAAKC,EAAI,iCACrBI,GAAOL,EAAI,KAAKC,EAAI,iCACpBK,MAAU,iCAEb,CACGH,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAI,wCACrBI,GAAOL,EAAI,KAAKC,EAAI,wCACpBK,MAAU,uCACVC,KAAS,YAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,oCACrBI,GAAOL,EAAI,KAAKC,EAAI,oCACpBK,MAAU,mCACVC,KAAS,cAGfG,KAAS,wBACTL,GAAO,gCACPC,MAAU,gCACVC,KAAS,yBAIb,IAAK,qBACH,MAAO,CACR,CACGE,IAAQT,EAAI,KAAKC,EAAI,qBACrBI,GAAOL,EAAI,KAAKC,EAAI,qBACpBK,MAAU,oBACVC,KAAS,QAEZ,CACGL,OAAWF,EAAI,KAAKC,EAAI,oCACxBE,QAAY,GACZO,KAAS,mCACTL,GAAOL,EAAI,KAAKC,EAAI,oCACpBK,MAAU,mCACVC,KAAS,0BAEZ,CACGC,OAAW,CACR,CACGA,OAAW,CACR,CACGL,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAI,qCACrBI,GAAOL,EAAI,KAAKC,EAAI,qCACpBU,OAAW,CACR,CACGC,EAAM,GACNC,EAAM,IAET,CACGD,EAAM,cACNC,EAAM,eAET,CACGD,EAAM,QACNC,EAAM,SAET,CACGD,EAAM,OACNC,EAAM,oBAET,CACGD,EAAM,UACNC,EAAM,WAET,CACGD,EAAM,WACNC,EAAM,YAET,CACGD,EAAM,SACNC,EAAM,UAET,CACGD,EAAM,aACNC,EAAM,cAET,CACGD,EAAM,YACNC,EAAM,aAET,CACGD,EAAM,YACNC,EAAM,cAGZP,MAAU,oCACVC,KAAS,UAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,yCACrBI,GAAOL,EAAI,KAAKC,EAAI,yCACpBK,MAAU,yCAEb,CACGH,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,mCACrBI,GAAOL,EAAI,KAAKC,EAAI,mCACpBK,MAAU,kCACVC,KAAS,QAEZ,CACGJ,QAAY,KACZM,IAAQT,EAAI,KAAKC,EAAI,mDACrBI,GAAOL,EAAI,KAAKC,EAAI,mDACpBK,MAAU,kDACVC,KAAS,OAEZ,CACGJ,QAAY,KACZM,IAAQT,EAAI,KAAKC,EAAI,4CACrBI,GAAOL,EAAI,KAAKC,EAAI,4CACpBK,MAAU,2CACVC,KAAS,OAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,kCACrBI,GAAOL,EAAI,KAAKC,EAAI,kCACpBK,MAAU,iCACVC,KAAS,SAGfF,GAAO,qCACPC,MAAU,qCACVC,KAAS,wBAEZ,CACGC,OAAW,CACR,CACGL,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAI,wCACrBI,GAAOL,EAAI,KAAKC,EAAI,wCACpBU,OAAW,CACR,CACGC,EAAM,GACNC,EAAM,WAET,CACGD,EAAM,WACNC,EAAM,YAET,CACGD,EAAM,aACNC,EAAM,cAET,CACGD,EAAM,aACNC,EAAM,cAET,CACGD,EAAM,aACNC,EAAM,eAGZP,MAAU,uCACVC,KAAS,UAEZ,CACGJ,SAAa,EACbM,IAAQT,EAAI,KAAKC,EAAI,uCACrBI,GAAOL,EAAI,KAAKC,EAAI,uCACpBK,MAAU,sCACVC,KAAS,SAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,iDACrBI,GAAOL,EAAI,KAAKC,EAAI,iDACpBK,MAAU,gDACVC,KAAS,QAEZ,CACGJ,SAAa,EACbM,IAAQT,EAAI,KAAKC,EAAI,uCACrBI,GAAOL,EAAI,KAAKC,EAAI,uCACpBK,MAAU,sCACVC,KAAS,SAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,iDACrBI,GAAOL,EAAI,KAAKC,EAAI,iDACpBK,MAAU,gDACVC,KAAS,SAGfF,GAAO,iCACPC,MAAU,iCACVC,KAAS,wBAEZ,CACGC,OAAW,CACR,CACGL,QAAY,OACZM,IAAQT,EAAI,KAAKC,EAAI,uCACrBI,GAAOL,EAAI,KAAKC,EAAI,uCACpBU,OAAW,CACR,CACGC,EAAM,OACNC,EAAM,QAET,CACGD,EAAM,SACNC,EAAM,WAET,CACGD,EAAM,YACNC,EAAM,cAGZP,MAAU,sCACVC,KAAS,UAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,8CACrBI,GAAOL,EAAI,KAAKC,EAAI,8CACpBK,MAAU,6CACVC,KAAS,QAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,mCACrBI,GAAOL,EAAI,KAAKC,EAAI,mCACpBK,MAAU,kCACVC,KAAS,aAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,6BACrBI,GAAOL,EAAI,KAAKC,EAAI,6BACpBK,MAAU,8BAGhBD,GAAO,gCACPC,MAAU,gCACVC,KAAS,wBAEZ,CACGC,OAAW,CACR,CACGC,IAAQT,EAAI,KAAKC,EAAI,2CACrBI,GAAOL,EAAI,KAAKC,EAAI,2CACpBK,MAAU,2CAEb,CACGH,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAI,qDACrBI,GAAOL,EAAI,KAAKC,EAAI,qDACpBU,OAAW,CACR,CACGC,EAAM,GACNC,EAAM,QAET,CACGD,EAAM,SACNC,EAAM,WAGZP,MAAU,oDACVC,KAAS,UAEZ,CACGJ,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAI,qDACrBI,GAAOL,EAAI,KAAKC,EAAI,qDACpBU,OAAW,CACR,CACGC,EAAM,GACNC,EAAM,QAET,CACGD,EAAM,WACNC,EAAM,gBAET,CACGD,EAAM,SACNC,EAAM,WAGZP,MAAU,oDACVC,KAAS,WAGfF,GAAO,kCACPC,MAAU,kCACVC,KAAS,wBAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,gCACrBI,GAAOL,EAAI,KAAKC,EAAI,gCACpBK,MAAU,+BACVC,KAAS,aAGfG,KAAS,uBACTL,GAAO,wBACPC,MAAU,yBAEb,CACGJ,OAAWF,EAAI,KAAKC,EAAI,wBACxBE,QAAY,GACZO,KAAS,6DACTL,GAAOL,EAAI,KAAKC,EAAI,wBACpBK,MAAU,uBACVC,KAAS,qBAIb,IAAK,cACH,MAAO,CACR,CACGL,OAAWF,EAAI,KAAKC,EAAI,iBACxBE,QAAY,CACT,CACGC,KAAS,OACTC,GAAOL,EAAI,KAAKC,EAAI,yBACpBa,GAAO,UACPR,MAAU,UACVC,KAAS,SAGfG,KAAS,qCACTL,GAAOL,EAAI,KAAKC,EAAI,iBACpBK,MAAU,gBACVC,KAAS,iBAEZ,CACGL,OAAWF,EAAI,KAAKC,EAAI,mBACxBS,KAAS,uCACTL,GAAOL,EAAI,KAAKC,EAAI,mBACpBK,MAAU,kBACVC,KAAS,oBAEZ,CACGL,OAAWF,EAAI,KAAKC,EAAI,QACxBS,KAAS,kBACTL,GAAOL,EAAI,KAAKC,EAAI,QACpBK,MAAU,OACVC,KAAS,iBAEZ,CACGC,OAAW,CACR,CACGL,SAAa,EACbM,IAAQT,EAAI,KAAKC,EAAI,aACrBI,GAAOL,EAAI,KAAKC,EAAI,aACpBK,MAAU,YACVC,KAAS,OAEZ,CACGJ,SAAa,EACbM,IAAQT,EAAI,KAAKC,EAAI,cACrBI,GAAOL,EAAI,KAAKC,EAAI,cACpBK,MAAU,aACVC,KAAS,SAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,oBACrBI,GAAOL,EAAI,KAAKC,EAAI,oBACpBK,MAAU,mBACVC,KAAS,QAEZ,CACGJ,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAI,gBACrBI,GAAOL,EAAI,KAAKC,EAAI,gBACpBK,MAAU,gBAEb,CACGH,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAI,sBACrBI,GAAOL,EAAI,KAAKC,EAAI,sBACpBK,MAAU,sBAEb,CACGG,IAAQT,EAAI,KAAKC,EAAI,mBACrBI,GAAOL,EAAI,KAAKC,EAAI,mBACpBK,MAAU,kBACVC,KAAS,aAEZ,CACGJ,QAAY,OACZM,IAAQT,EAAI,KAAKC,EAAI,aACrBI,GAAOL,EAAI,KAAKC,EAAI,aACpBU,OAAW,CACR,CACGC,EAAM,YACNC,EAAM,aAET,CACGD,EAAM,MACNC,EAAM,OAET,CACGD,EAAM,SACNC,EAAM,UAET,CACGD,EAAM,WACNC,EAAM,YAET,CACGD,EAAM,YACNC,EAAM,aAET,CACGD,EAAM,OACNC,EAAM,QAET,CACGD,EAAM,SACNC,EAAM,UAET,CACGD,EAAM,cACNC,EAAM,eAET,CACGD,EAAM,eACNC,EAAM,gBAET,CACGD,EAAM,gBACNC,EAAM,kBAGZP,MAAU,YACVC,KAAS,UAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,uBACrBI,GAAOL,EAAI,KAAKC,EAAI,uBACpBK,MAAU,uBAEb,CACGH,SAAa,EACbM,IAAQT,EAAI,KAAKC,EAAI,wBACrBI,GAAOL,EAAI,KAAKC,EAAI,wBACpBK,MAAU,uBACVC,KAAS,OAEZ,CACGJ,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAI,gBACrBI,GAAOL,EAAI,KAAKC,EAAI,gBACpBK,MAAU,eACVC,KAAS,aAGfG,KAAS,2BACTL,GAAO,eACPC,MAAU,eACVC,KAAS,yBAIb,QACE,MAAO,IAIX,SAASQ,aAAaC,GACpBA,EAAMC,OAASD,EAAMZ,KAAK,GAAGI,OAAO,GAAGA,OAAO,GAC9CQ,EAAME,OAAOF,EAAMC,QACnBD,EAAMG,OAASH,EAAMZ,KAAK,GAAGI,OAAO,GAAGA,OAAO,GAC9CQ,EAAME,OAAOF,EAAMG"} \ No newline at end of file +{"version":3,"sources":["conftree.js"],"names":["templates","tpl","key","cnodes","default","data","id","title","type","_nodes","get","help","select","k","v","re","setScopeVars","scope","portal","getKey","domain"],"mappings":"AAAA,SAASA,UAAUC,EAAIC,GASrB,OAAOD,GACP,IAAK,qBACH,MAAO,CACR,CACGE,OAAWF,EAAI,KAAKC,EAAQ,8BAC5BE,QAAY,CACT,CACGC,KAAS,KACTC,GAAOL,EAAI,KAAKC,EAAQ,iCACxBK,MAAU,KACVC,KAAS,SACZ,EACA,CACGH,KAAS,OACTC,GAAOL,EAAI,KAAKC,EAAQ,mCACxBK,MAAU,OACVC,KAAS,SACZ,EACA,CACGH,KAAS,MACTC,GAAOL,EAAI,KAAKC,EAAQ,kCACxBK,MAAU,MACVC,KAAS,SACZ,GAEHF,GAAOL,EAAI,KAAKC,EAAQ,8BACxBK,MAAU,6BACVC,KAAS,kBACZ,EACA,CACGC,OAAW,CACR,CACGC,IAAQT,EAAI,KAAKC,EAAQ,gCACzBI,GAAOL,EAAI,KAAKC,EAAQ,gCACxBK,MAAU,8BACb,EACA,CACGG,IAAQT,EAAI,KAAKC,EAAQ,sCACzBI,GAAOL,EAAI,KAAKC,EAAQ,sCACxBK,MAAU,oCACb,EACA,CACGH,QAAY,CAAC,EACbM,IAAQT,EAAI,KAAKC,EAAQ,+BACzBI,GAAOL,EAAI,KAAKC,EAAQ,+BACxBK,MAAU,8BACVC,KAAS,OACZ,EACA,CACGE,IAAQT,EAAI,KAAKC,EAAQ,mCACzBI,GAAOL,EAAI,KAAKC,EAAQ,mCACxBK,MAAU,kCACVC,KAAS,WACZ,EACA,CACGE,IAAQT,EAAI,KAAKC,EAAQ,6BACzBI,GAAOL,EAAI,KAAKC,EAAQ,6BACxBK,MAAU,2BACb,EACA,CACGG,IAAQT,EAAI,KAAKC,EAAQ,gCACzBI,GAAOL,EAAI,KAAKC,EAAQ,gCACxBK,MAAU,+BACVC,KAAS,UACZ,GAEHF,GAAO,wBACPC,MAAU,wBACVC,KAAS,sBACZ,EACA,CACGC,OAAW,CACR,CACGC,IAAQT,EAAI,KAAKC,EAAQ,oCACzBI,GAAOL,EAAI,KAAKC,EAAQ,oCACxBK,MAAU,kCACb,GAEHD,GAAO,+BACPC,MAAU,+BACVC,KAAS,sBACZ,EACA,CACGL,OAAWF,EAAI,KAAKC,EAAQ,wBAC5BE,QAAY,GACZO,KAAS,6DACTL,GAAOL,EAAI,KAAKC,EAAQ,wBACxBK,MAAU,uBACVC,KAAS,kBACZ,GAGD,IAAK,qBACH,MAAO,CACR,CACGL,OAAWF,EAAI,KAAKC,EAAQ,8BAC5BE,QAAY,CACT,CACGC,KAAS,KACTC,GAAOL,EAAI,KAAKC,EAAQ,iCACxBK,MAAU,KACVC,KAAS,SACZ,EACA,CACGH,KAAS,OACTC,GAAOL,EAAI,KAAKC,EAAQ,mCACxBK,MAAU,OACVC,KAAS,SACZ,EACA,CACGH,KAAS,MACTC,GAAOL,EAAI,KAAKC,EAAQ,kCACxBK,MAAU,MACVC,KAAS,SACZ,GAEHF,GAAOL,EAAI,KAAKC,EAAQ,8BACxBK,MAAU,6BACVC,KAAS,kBACZ,EACA,CACGL,OAAWF,EAAI,KAAKC,EAAQ,wCAC5BI,GAAOL,EAAI,KAAKC,EAAQ,wCACxBK,MAAU,uCACVC,KAAS,kBACZ,EACA,CACGC,OAAW,CACR,CACGC,IAAQT,EAAI,KAAKC,EAAQ,4BACzBI,GAAOL,EAAI,KAAKC,EAAQ,4BACxBK,MAAU,0BACb,EACA,CACGH,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAQ,8BACzBI,GAAOL,EAAI,KAAKC,EAAQ,8BACxBK,MAAU,6BACVC,KAAS,MACZ,EACA,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAQ,gCACzBI,GAAOL,EAAI,KAAKC,EAAQ,gCACxBK,MAAU,+BACVC,KAAS,MACZ,EACA,CACGE,IAAQT,EAAI,KAAKC,EAAQ,gCACzBI,GAAOL,EAAI,KAAKC,EAAQ,gCACxBK,MAAU,+BACVC,KAAS,UACZ,GAEHF,GAAO,wBACPC,MAAU,wBACVC,KAAS,sBACZ,EACA,CACGC,OAAW,CACR,CACGC,IAAQT,EAAI,KAAKC,EAAQ,oCACzBI,GAAOL,EAAI,KAAKC,EAAQ,oCACxBK,MAAU,kCACb,EACA,CACGG,IAAQT,EAAI,KAAKC,EAAQ,6BACzBI,GAAOL,EAAI,KAAKC,EAAQ,6BACxBK,MAAU,2BACb,EACA,CACGG,IAAQT,EAAI,KAAKC,EAAQ,gCACzBI,GAAOL,EAAI,KAAKC,EAAQ,gCACxBK,MAAU,8BACb,EACA,CACGH,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAQ,uCACzBI,GAAOL,EAAI,KAAKC,EAAQ,uCACxBK,MAAU,sCACVC,KAAS,UACZ,EACA,CACGE,IAAQT,EAAI,KAAKC,EAAQ,mCACzBI,GAAOL,EAAI,KAAKC,EAAQ,mCACxBK,MAAU,kCACVC,KAAS,WACZ,GAEHF,GAAO,+BACPC,MAAU,+BACVC,KAAS,sBACZ,GAGD,IAAK,qBACH,MAAO,CACR,CACGE,IAAQT,EAAI,KAAKC,EAAQ,sBACzBI,GAAOL,EAAI,KAAKC,EAAQ,sBACxBK,MAAU,qBACVC,KAAS,MACZ,EACA,CACGE,IAAQT,EAAI,KAAKC,EAAQ,sBACzBI,GAAOL,EAAI,KAAKC,EAAQ,sBACxBK,MAAU,qBACVC,KAAS,MACZ,EACA,CACGL,OAAWF,EAAI,KAAKC,EAAQ,8BAC5BE,QAAY,CACT,CACGC,KAAS,OACTC,GAAOL,EAAI,KAAKC,EAAQ,iCACxBK,MAAU,KACVC,KAAS,SACZ,EACA,CACGH,KAAS,QACTC,GAAOL,EAAI,KAAKC,EAAQ,mCACxBK,MAAU,OACVC,KAAS,SACZ,EACA,CACGH,KAAS,cACTC,GAAOL,EAAI,KAAKC,EAAQ,iCACxBK,MAAU,KACVC,KAAS,SACZ,EACA,CACGH,KAAS,MACTC,GAAOL,EAAI,KAAKC,EAAQ,kCACxBK,MAAU,MACVC,KAAS,SACZ,GAEHF,GAAOL,EAAI,KAAKC,EAAQ,8BACxBK,MAAU,6BACVC,KAAS,kBACZ,EACA,CACGC,OAAW,CACR,CACGA,OAAW,CACR,CACGC,IAAQT,EAAI,KAAKC,EAAQ,yCACzBI,GAAOL,EAAI,KAAKC,EAAQ,yCACxBK,MAAU,uCACb,EACA,CACGH,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAQ,oCACzBI,GAAOL,EAAI,KAAKC,EAAQ,oCACxBK,MAAU,mCACVC,KAAS,KACZ,EACA,CACGE,IAAQT,EAAI,KAAKC,EAAQ,iCACzBI,GAAOL,EAAI,KAAKC,EAAQ,iCACxBK,MAAU,+BACb,EACA,CACGG,IAAQT,EAAI,KAAKC,EAAQ,qCACzBI,GAAOL,EAAI,KAAKC,EAAQ,qCACxBK,MAAU,oCACVC,KAAS,UACZ,EACA,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAQ,qCACzBI,GAAOL,EAAI,KAAKC,EAAQ,qCACxBK,MAAU,oCACVC,KAAS,MACZ,EACA,CACGE,IAAQT,EAAI,KAAKC,EAAQ,sCACzBI,GAAOL,EAAI,KAAKC,EAAQ,sCACxBK,MAAU,oCACb,EACA,CACGG,IAAQT,EAAI,KAAKC,EAAQ,oCACzBI,GAAOL,EAAI,KAAKC,EAAQ,oCACxBK,MAAU,mCACVC,KAAS,MACZ,GAEHF,GAAO,qCACPC,MAAU,qCACVC,KAAS,sBACZ,EACA,CACGC,OAAW,CACR,CACGL,QAAY,iBACZM,IAAQT,EAAI,KAAKC,EAAQ,8BACzBI,GAAOL,EAAI,KAAKC,EAAQ,8BACxBK,MAAU,4BACb,EACA,CACGH,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAQ,gCACzBI,GAAOL,EAAI,KAAKC,EAAQ,gCACxBU,OAAW,CACR,CACGC,EAAM,GACNC,EAAM,EACT,EACA,CACGD,EAAM,OACNC,EAAM,MACT,EACA,CACGD,EAAM,QACNC,EAAM,OACT,EACA,CACGD,EAAM,QACNC,EAAM,OACT,EACA,CACGD,EAAM,MACNC,EAAM,KACT,GAEHP,MAAU,+BACVC,KAAS,QACZ,EACA,CACGE,IAAQT,EAAI,KAAKC,EAAQ,+BACzBI,GAAOL,EAAI,KAAKC,EAAQ,+BACxBK,MAAU,6BACb,EACA,CACGH,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAQ,+BACzBI,GAAOL,EAAI,KAAKC,EAAQ,+BACxBK,MAAU,8BACVC,KAAS,KACZ,EACA,CACGE,IAAQT,EAAI,KAAKC,EAAQ,kCACzBI,GAAOL,EAAI,KAAKC,EAAQ,kCACxBK,MAAU,gCACb,EACA,CACGG,IAAQT,EAAI,KAAKC,EAAQ,kCACzBI,GAAOL,EAAI,KAAKC,EAAQ,kCACxBK,MAAU,gCACb,EACA,CACGH,QAAY,MACZM,IAAQT,EAAI,KAAKC,EAAQ,gDACzBI,GAAOL,EAAI,KAAKC,EAAQ,gDACxBU,OAAW,CACR,CACGC,EAAM,GACNC,EAAM,MACT,EACA,CACGD,EAAM,MACNC,EAAM,YACT,GAEHP,MAAU,+CACVC,KAAS,QACZ,EACA,CACGJ,QAAY,QACZM,IAAQT,EAAI,KAAKC,EAAQ,gDACzBI,GAAOL,EAAI,KAAKC,EAAQ,gDACxBU,OAAW,CACR,CACGC,EAAM,QACNC,EAAM,OACT,EACA,CACGD,EAAM,QACNC,EAAM,OACT,EACA,CACGD,EAAM,QACNC,EAAM,OACT,EACA,CACGD,EAAM,QACNC,EAAM,OACT,EACA,CACGD,EAAM,QACNC,EAAM,OACT,EACA,CACGD,EAAM,QACNC,EAAM,OACT,EACA,CACGD,EAAM,QACNC,EAAM,OACT,EACA,CACGD,EAAM,QACNC,EAAM,OACT,EACA,CACGD,EAAM,QACNC,EAAM,OACT,EACA,CACGD,EAAM,QACNC,EAAM,OACT,EACA,CACGD,EAAM,QACNC,EAAM,OACT,EACA,CACGD,EAAM,QACNC,EAAM,OACT,EACA,CACGD,EAAM,QACNC,EAAM,OACT,GAEHP,MAAU,+CACVC,KAAS,QACZ,EACA,CACGJ,QAAY,qBACZM,IAAQT,EAAI,KAAKC,EAAQ,gDACzBI,GAAOL,EAAI,KAAKC,EAAQ,gDACxBU,OAAW,CACR,CACGC,EAAM,qBACNC,EAAM,oBACT,EACA,CACGD,EAAM,sBACNC,EAAM,qBACT,EACA,CACGD,EAAM,oBACNC,EAAM,mBACT,EACA,CACGD,EAAM,kBACNC,EAAM,iBACT,GAEHP,MAAU,+CACVC,KAAS,QACZ,EACA,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAQ,0CACzBI,GAAOL,EAAI,KAAKC,EAAQ,0CACxBK,MAAU,yCACVC,KAAS,MACZ,EACA,CACGJ,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAQ,sCACzBI,GAAOL,EAAI,KAAKC,EAAQ,sCACxBK,MAAU,qCACVC,KAAS,KACZ,EACA,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAQ,iCACzBI,GAAOL,EAAI,KAAKC,EAAQ,iCACxBK,MAAU,gCACVC,KAAS,MACZ,GAEHF,GAAO,gCACPC,MAAU,gCACVC,KAAS,sBACZ,EACA,CACGE,IAAQT,EAAI,KAAKC,EAAQ,gCACzBI,GAAOL,EAAI,KAAKC,EAAQ,gCACxBK,MAAU,+BACVC,KAAS,UACZ,GAEHG,KAAS,iCACTL,GAAO,wBACPC,MAAU,uBACb,EACA,CACGE,OAAW,CACR,CACGC,IAAQT,EAAI,KAAKC,EAAQ,oCACzBI,GAAOL,EAAI,KAAKC,EAAQ,oCACxBK,MAAU,kCACb,EACA,CACGG,IAAQT,EAAI,KAAKC,EAAQ,6BACzBI,GAAOL,EAAI,KAAKC,EAAQ,6BACxBK,MAAU,2BACb,EACA,CACGG,IAAQT,EAAI,KAAKC,EAAQ,gCACzBI,GAAOL,EAAI,KAAKC,EAAQ,gCACxBK,MAAU,8BACb,EACA,CACGH,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAQ,uCACzBI,GAAOL,EAAI,KAAKC,EAAQ,uCACxBK,MAAU,sCACVC,KAAS,UACZ,EACA,CACGE,IAAQT,EAAI,KAAKC,EAAQ,mCACzBI,GAAOL,EAAI,KAAKC,EAAQ,mCACxBK,MAAU,kCACVC,KAAS,WACZ,GAEHG,KAAS,iCACTL,GAAO,qCACPC,MAAU,qCACVC,KAAS,sBACZ,GAGD,IAAK,qBACH,MAAO,CACR,CACGC,OAAW,CACR,CACGL,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAQ,+BACzBI,GAAOL,EAAI,KAAKC,EAAQ,+BACxBK,MAAU,8BACVC,KAAS,MACZ,EACA,CACGE,IAAQT,EAAI,KAAKC,EAAQ,iCACzBI,GAAOL,EAAI,KAAKC,EAAQ,iCACxBK,MAAU,+BACb,EACA,CACGG,IAAQT,EAAI,KAAKC,EAAQ,qCACzBI,GAAOL,EAAI,KAAKC,EAAQ,qCACxBK,MAAU,oCACVC,KAAS,UACZ,EACA,CACGE,IAAQT,EAAI,KAAKC,EAAQ,qCACzBI,GAAOL,EAAI,KAAKC,EAAQ,qCACxBK,MAAU,mCACb,GAEHI,KAAS,sCACTL,GAAO,6BACPC,MAAU,6BACVC,KAAS,sBACZ,EACA,CACGL,OAAWF,EAAI,KAAKC,EAAQ,8BAC5BE,QAAY,CACT,CACGC,KAAS,CACN,OACA,SACA,QAEHC,GAAOL,EAAI,KAAKC,EAAQ,oCACxBK,MAAU,QACVC,KAAS,eACZ,EACA,CACGH,KAAS,CACN,KACA,SACA,QAEHC,GAAOL,EAAI,KAAKC,EAAQ,mCACxBK,MAAU,OACVC,KAAS,eACZ,EACA,CACGH,KAAS,CACN,MACA,SACA,QAEHC,GAAOL,EAAI,KAAKC,EAAQ,iDACxBK,MAAU,qBACVC,KAAS,eACZ,GAEHG,KAAS,4CACTL,GAAOL,EAAI,KAAKC,EAAQ,8BACxBK,MAAU,6BACVC,KAAS,wBACZ,EACA,CACGC,OAAW,CACR,CACGA,OAAW,CACR,CACGL,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAQ,sCACzBI,GAAOL,EAAI,KAAKC,EAAQ,sCACxBK,MAAU,qCACVC,KAAS,MACZ,EACA,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAQ,2CACzBI,GAAOL,EAAI,KAAKC,EAAQ,2CACxBK,MAAU,0CACVC,KAAS,MACZ,EACA,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAQ,uCACzBI,GAAOL,EAAI,KAAKC,EAAQ,uCACxBK,MAAU,sCACVC,KAAS,MACZ,EACA,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAQ,0CACzBI,GAAOL,EAAI,KAAKC,EAAQ,0CACxBK,MAAU,yCACVC,KAAS,MACZ,EACA,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAQ,qCACzBI,GAAOL,EAAI,KAAKC,EAAQ,qCACxBK,MAAU,oCACVC,KAAS,MACZ,EACA,CACGE,IAAQT,EAAI,KAAKC,EAAQ,mCACzBI,GAAOL,EAAI,KAAKC,EAAQ,mCACxBK,MAAU,iCACb,EACA,CACGG,IAAQT,EAAI,KAAKC,EAAQ,4CACzBI,GAAOL,EAAI,KAAKC,EAAQ,4CACxBK,MAAU,0CACb,EACA,CACGG,IAAQT,EAAI,KAAKC,EAAQ,2CACzBI,GAAOL,EAAI,KAAKC,EAAQ,2CACxBK,MAAU,yCACb,GAEHD,GAAO,gCACPC,MAAU,gCACVC,KAAS,sBACZ,EACA,CACGC,OAAW,CACR,CACGN,OAAWF,EAAI,KAAKC,EAAQ,oCAC5BE,QAAY,GACZO,KAAS,wCACTL,GAAOL,EAAI,KAAKC,EAAQ,oCACxBK,MAAU,mCACVC,KAAS,kBACZ,EACA,CACGL,OAAWF,EAAI,KAAKC,EAAQ,4BAC5BE,QAAY,GACZO,KAAS,oCACTL,GAAOL,EAAI,KAAKC,EAAQ,4BACxBK,MAAU,2BACVC,KAAS,kBACZ,GAEHF,GAAO,8BACPC,MAAU,6BACb,EACA,CACGE,OAAW,CACR,CACGL,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAQ,oCACzBI,GAAOL,EAAI,KAAKC,EAAQ,oCACxBK,MAAU,mCACVC,KAAS,MACZ,EACA,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAQ,6CACzBI,GAAOL,EAAI,KAAKC,EAAQ,6CACxBK,MAAU,4CACVC,KAAS,MACZ,EACA,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAQ,qCACzBI,GAAOL,EAAI,KAAKC,EAAQ,qCACxBK,MAAU,oCACVC,KAAS,MACZ,EACA,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAQ,2CACzBI,GAAOL,EAAI,KAAKC,EAAQ,2CACxBK,MAAU,0CACVC,KAAS,MACZ,EACA,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAQ,oDACzBI,GAAOL,EAAI,KAAKC,EAAQ,oDACxBK,MAAU,mDACVC,KAAS,MACZ,EACA,CACGE,IAAQT,EAAI,KAAKC,EAAQ,oCACzBI,GAAOL,EAAI,KAAKC,EAAQ,oCACxBK,MAAU,kCACb,EACA,CACGG,IAAQT,EAAI,KAAKC,EAAQ,mCACzBI,GAAOL,EAAI,KAAKC,EAAQ,mCACxBK,MAAU,kCACVC,KAAS,WACZ,EACA,CACGE,IAAQT,EAAI,KAAKC,EAAQ,6BACzBI,GAAOL,EAAI,KAAKC,EAAQ,6BACxBK,MAAU,2BACb,EACA,CACGG,IAAQT,EAAI,KAAKC,EAAQ,mCACzBI,GAAOL,EAAI,KAAKC,EAAQ,mCACxBU,OAAW,CACR,CACGC,EAAM,GACNC,EAAM,KACT,EACA,CACGD,EAAM,qBACNC,EAAM,oBACT,EACA,CACGD,EAAM,sBACNC,EAAM,qBACT,EACA,CACGD,EAAM,oBACNC,EAAM,mBACT,EACA,CACGD,EAAM,kBACNC,EAAM,iBACT,GAEHP,MAAU,kCACVC,KAAS,QACZ,EACA,CACGE,IAAQT,EAAI,KAAKC,EAAQ,iDACzBI,GAAOL,EAAI,KAAKC,EAAQ,iDACxBK,MAAU,gDACVC,KAAS,MACZ,EACA,CACGE,IAAQT,EAAI,KAAKC,EAAQ,0CACzBI,GAAOL,EAAI,KAAKC,EAAQ,0CACxBK,MAAU,yCACVC,KAAS,MACZ,EACA,CACGE,IAAQT,EAAI,KAAKC,EAAQ,0CACzBI,GAAOL,EAAI,KAAKC,EAAQ,0CACxBK,MAAU,yCACVC,KAAS,MACZ,EACA,CACGE,IAAQT,EAAI,KAAKC,EAAQ,mDACzBI,GAAOL,EAAI,KAAKC,EAAQ,mDACxBK,MAAU,kDACVC,KAAS,MACZ,GAEHF,GAAO,WACPC,MAAU,WACVC,KAAS,sBACZ,EACA,CACGC,OAAW,CACR,CACGL,QAAY,QACZM,IAAQT,EAAI,KAAKC,EAAQ,uCACzBI,GAAOL,EAAI,KAAKC,EAAQ,uCACxBU,OAAW,CACR,CACGC,EAAM,OACNC,EAAM,MACT,EACA,CACGD,EAAM,QACNC,EAAM,OACT,EACA,CACGD,EAAM,QACNC,EAAM,OACT,EACA,CACGD,EAAM,QACNC,EAAM,OACT,EACA,CACGD,EAAM,QACNC,EAAM,OACT,EACA,CACGD,EAAM,QACNC,EAAM,OACT,EACA,CACGD,EAAM,QACNC,EAAM,OACT,EACA,CACGD,EAAM,QACNC,EAAM,OACT,EACA,CACGD,EAAM,QACNC,EAAM,OACT,EACA,CACGD,EAAM,QACNC,EAAM,OACT,EACA,CACGD,EAAM,QACNC,EAAM,OACT,EACA,CACGD,EAAM,QACNC,EAAM,OACT,EACA,CACGD,EAAM,QACNC,EAAM,OACT,EACA,CACGD,EAAM,QACNC,EAAM,OACT,GAEHP,MAAU,sCACVC,KAAS,QACZ,EACA,CACGJ,QAAY,QACZM,IAAQT,EAAI,KAAKC,EAAQ,2CACzBI,GAAOL,EAAI,KAAKC,EAAQ,2CACxBU,OAAW,CACR,CACGC,EAAM,QACNC,EAAM,OACT,EACA,CACGD,EAAM,QACNC,EAAM,OACT,EACA,CACGD,EAAM,QACNC,EAAM,OACT,EACA,CACGD,EAAM,QACNC,EAAM,OACT,EACA,CACGD,EAAM,QACNC,EAAM,OACT,EACA,CACGD,EAAM,QACNC,EAAM,OACT,EACA,CACGD,EAAM,QACNC,EAAM,OACT,EACA,CACGD,EAAM,QACNC,EAAM,OACT,EACA,CACGD,EAAM,QACNC,EAAM,OACT,EACA,CACGD,EAAM,QACNC,EAAM,OACT,EACA,CACGD,EAAM,QACNC,EAAM,OACT,EACA,CACGD,EAAM,QACNC,EAAM,OACT,EACA,CACGD,EAAM,QACNC,EAAM,OACT,GAEHP,MAAU,0CACVC,KAAS,QACZ,EACA,CACGJ,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAQ,wCACzBI,GAAOL,EAAI,KAAKC,EAAQ,wCACxBU,OAAW,CACR,CACGC,EAAM,GACNC,EAAM,MACT,EACA,CACGD,EAAM,OACNC,EAAM,UACT,EACA,CACGD,EAAM,QACNC,EAAM,WACT,EACA,CACGD,EAAM,QACNC,EAAM,WACT,EACA,CACGD,EAAM,QACNC,EAAM,WACT,EACA,CACGD,EAAM,QACNC,EAAM,WACT,EACA,CACGD,EAAM,QACNC,EAAM,WACT,EACA,CACGD,EAAM,QACNC,EAAM,WACT,EACA,CACGD,EAAM,QACNC,EAAM,WACT,EACA,CACGD,EAAM,QACNC,EAAM,WACT,EACA,CACGD,EAAM,QACNC,EAAM,WACT,EACA,CACGD,EAAM,QACNC,EAAM,WACT,EACA,CACGD,EAAM,QACNC,EAAM,WACT,EACA,CACGD,EAAM,QACNC,EAAM,WACT,EACA,CACGD,EAAM,QACNC,EAAM,WACT,GAEHP,MAAU,uCACVC,KAAS,QACZ,EACA,CACGE,IAAQT,EAAI,KAAKC,EAAQ,gDACzBI,GAAOL,EAAI,KAAKC,EAAQ,gDACxBU,OAAW,CACR,CACGC,EAAM,GACNC,EAAM,MACT,EACA,CACGD,EAAM,WACNC,EAAM,UACT,EACA,CACGD,EAAM,eACNC,EAAM,cACT,EACA,CACGD,EAAM,SACNC,EAAM,QACT,EACA,CACGD,EAAM,UACNC,EAAM,SACT,EACA,CACGD,EAAM,iBACNC,EAAM,gBACT,EACA,CACGD,EAAM,iBACNC,EAAM,gBACT,EACA,CACGD,EAAM,iBACNC,EAAM,gBACT,GAEHP,MAAU,+CACVC,KAAS,QACZ,EACA,CACGJ,QAAY,UACZM,IAAQT,EAAI,KAAKC,EAAQ,oDACzBI,GAAOL,EAAI,KAAKC,EAAQ,oDACxBU,OAAW,CACR,CACGC,EAAM,gBACNC,EAAM,eACT,EACA,CACGD,EAAM,UACNC,EAAM,SACT,EACA,CACGD,EAAM,gBACNC,EAAM,eACT,EACA,CACGD,EAAM,UACNC,EAAM,SACT,EACA,CACGD,EAAM,gBACNC,EAAM,eACT,EACA,CACGD,EAAM,UACNC,EAAM,SACT,GAEHP,MAAU,mDACVC,KAAS,QACZ,EACA,CACGE,IAAQT,EAAI,KAAKC,EAAQ,4CACzBI,GAAOL,EAAI,KAAKC,EAAQ,4CACxBU,OAAW,CACR,CACGC,EAAM,GACNC,EAAM,MACT,EACA,CACGD,EAAM,WACNC,EAAM,UACT,EACA,CACGD,EAAM,eACNC,EAAM,cACT,EACA,CACGD,EAAM,SACNC,EAAM,QACT,EACA,CACGD,EAAM,UACNC,EAAM,SACT,EACA,CACGD,EAAM,iBACNC,EAAM,gBACT,EACA,CACGD,EAAM,iBACNC,EAAM,gBACT,EACA,CACGD,EAAM,iBACNC,EAAM,gBACT,GAEHP,MAAU,2CACVC,KAAS,QACZ,EACA,CACGJ,QAAY,UACZM,IAAQT,EAAI,KAAKC,EAAQ,gDACzBI,GAAOL,EAAI,KAAKC,EAAQ,gDACxBU,OAAW,CACR,CACGC,EAAM,gBACNC,EAAM,eACT,EACA,CACGD,EAAM,UACNC,EAAM,SACT,EACA,CACGD,EAAM,gBACNC,EAAM,eACT,EACA,CACGD,EAAM,UACNC,EAAM,SACT,EACA,CACGD,EAAM,gBACNC,EAAM,eACT,EACA,CACGD,EAAM,UACNC,EAAM,SACT,GAEHP,MAAU,+CACVC,KAAS,QACZ,EACA,CACGE,IAAQT,EAAI,KAAKC,EAAQ,6CACzBI,GAAOL,EAAI,KAAKC,EAAQ,6CACxBU,OAAW,CACR,CACGC,EAAM,GACNC,EAAM,MACT,EACA,CACGD,EAAM,WACNC,EAAM,UACT,EACA,CACGD,EAAM,eACNC,EAAM,cACT,EACA,CACGD,EAAM,SACNC,EAAM,QACT,EACA,CACGD,EAAM,UACNC,EAAM,SACT,EACA,CACGD,EAAM,iBACNC,EAAM,gBACT,EACA,CACGD,EAAM,iBACNC,EAAM,gBACT,EACA,CACGD,EAAM,iBACNC,EAAM,gBACT,GAEHP,MAAU,4CACVC,KAAS,QACZ,EACA,CACGJ,QAAY,UACZM,IAAQT,EAAI,KAAKC,EAAQ,iDACzBI,GAAOL,EAAI,KAAKC,EAAQ,iDACxBU,OAAW,CACR,CACGC,EAAM,gBACNC,EAAM,eACT,EACA,CACGD,EAAM,UACNC,EAAM,SACT,EACA,CACGD,EAAM,gBACNC,EAAM,eACT,EACA,CACGD,EAAM,UACNC,EAAM,SACT,EACA,CACGD,EAAM,gBACNC,EAAM,eACT,EACA,CACGD,EAAM,UACNC,EAAM,SACT,GAEHP,MAAU,gDACVC,KAAS,QACZ,EACA,CACGE,IAAQT,EAAI,KAAKC,EAAQ,2CACzBI,GAAOL,EAAI,KAAKC,EAAQ,2CACxBU,OAAW,CACR,CACGC,EAAM,GACNC,EAAM,MACT,EACA,CACGD,EAAM,WACNC,EAAM,UACT,EACA,CACGD,EAAM,eACNC,EAAM,cACT,EACA,CACGD,EAAM,SACNC,EAAM,QACT,EACA,CACGD,EAAM,UACNC,EAAM,SACT,EACA,CACGD,EAAM,iBACNC,EAAM,gBACT,EACA,CACGD,EAAM,iBACNC,EAAM,gBACT,EACA,CACGD,EAAM,iBACNC,EAAM,gBACT,GAEHP,MAAU,0CACVC,KAAS,QACZ,EACA,CACGJ,QAAY,UACZM,IAAQT,EAAI,KAAKC,EAAQ,+CACzBI,GAAOL,EAAI,KAAKC,EAAQ,+CACxBU,OAAW,CACR,CACGC,EAAM,gBACNC,EAAM,eACT,EACA,CACGD,EAAM,UACNC,EAAM,SACT,EACA,CACGD,EAAM,gBACNC,EAAM,eACT,EACA,CACGD,EAAM,UACNC,EAAM,SACT,EACA,CACGD,EAAM,gBACNC,EAAM,eACT,EACA,CACGD,EAAM,UACNC,EAAM,SACT,GAEHP,MAAU,8CACVC,KAAS,QACZ,GAEHF,GAAO,aACPC,MAAU,aACVC,KAAS,sBACZ,EACA,CACGC,OAAW,CACR,CACGC,IAAQT,EAAI,KAAKC,EAAQ,gCACzBS,KAAS,wBACTL,GAAOL,EAAI,KAAKC,EAAQ,gCACxBK,MAAU,8BACb,EACA,CACGG,IAAQT,EAAI,KAAKC,EAAQ,6BACzBI,GAAOL,EAAI,KAAKC,EAAQ,6BACxBK,MAAU,4BACVC,KAAS,MACZ,GAEHF,GAAO,OACPC,MAAU,MACb,EACA,CACGE,OAAW,CACR,CACGC,IAAQT,EAAI,KAAKC,EAAQ,oDACzBI,GAAOL,EAAI,KAAKC,EAAQ,oDACxBK,MAAU,mDACVC,KAAS,WACZ,EACA,CACGE,IAAQT,EAAI,KAAKC,EAAQ,0CACzBI,GAAOL,EAAI,KAAKC,EAAQ,0CACxBK,MAAU,yCACVC,KAAS,WACZ,EACA,CACGE,IAAQT,EAAI,KAAKC,EAAQ,8CACzBI,GAAOL,EAAI,KAAKC,EAAQ,8CACxBK,MAAU,6CACVC,KAAS,WACZ,EACA,CACGE,IAAQT,EAAI,KAAKC,EAAQ,iDACzBI,GAAOL,EAAI,KAAKC,EAAQ,iDACxBK,MAAU,gDACVC,KAAS,WACZ,GAEHF,GAAO,gCACPC,MAAU,gCACVC,KAAS,sBACZ,EACA,CACGC,OAAW,CACR,CACGL,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAQ,4CACzBI,GAAOL,EAAI,KAAKC,EAAQ,4CACxBK,MAAU,2CACVC,KAAS,MACZ,EACA,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAQ,8CACzBI,GAAOL,EAAI,KAAKC,EAAQ,8CACxBK,MAAU,6CACVC,KAAS,MACZ,EACA,CACGJ,QAAY,QACZM,IAAQT,EAAI,KAAKC,EAAQ,mCACzBI,GAAOL,EAAI,KAAKC,EAAQ,mCACxBU,OAAW,CACR,CACGC,EAAM,QACNC,EAAM,eACT,EACA,CACGD,EAAM,OACNC,EAAM,cACT,GAEHP,MAAU,kCACVC,KAAS,QACZ,EACA,CACGE,IAAQT,EAAI,KAAKC,EAAQ,kCACzBI,GAAOL,EAAI,KAAKC,EAAQ,kCACxBK,MAAU,gCACb,EACA,CACGG,IAAQT,EAAI,KAAKC,EAAQ,+CACzBI,GAAOL,EAAI,KAAKC,EAAQ,+CACxBK,MAAU,6CACb,GAEHD,GAAO,SACPC,MAAU,SACVC,KAAS,sBACZ,EACA,CACGE,IAAQT,EAAI,KAAKC,EAAQ,gCACzBI,GAAOL,EAAI,KAAKC,EAAQ,gCACxBK,MAAU,+BACVC,KAAS,UACZ,GAEHG,KAAS,gCACTL,GAAO,wBACPC,MAAU,uBACb,EACA,CACGJ,OAAWF,EAAI,KAAKC,EAAQ,wBAC5BE,QAAY,GACZO,KAAS,6DACTL,GAAOL,EAAI,KAAKC,EAAQ,wBACxBK,MAAU,uBACVC,KAAS,kBACZ,EACA,CACGC,OAAW,CACR,CACGC,IAAQT,EAAI,KAAKC,EAAQ,oCACzBI,GAAOL,EAAI,KAAKC,EAAQ,oCACxBK,MAAU,kCACb,EACA,CACGG,IAAQT,EAAI,KAAKC,EAAQ,6BACzBI,GAAOL,EAAI,KAAKC,EAAQ,6BACxBK,MAAU,2BACb,GAEHI,KAAS,gCACTL,GAAO,+BACPC,MAAU,+BACVC,KAAS,sBACZ,GAGD,IAAK,sBACH,MAAO,CACR,CACGE,IAAQT,EAAI,KAAKC,EAAQ,sBACzBI,GAAOL,EAAI,KAAKC,EAAQ,sBACxBK,MAAU,qBACVC,KAAS,MACZ,EACA,CACGL,OAAWF,EAAI,KAAKC,EAAQ,qCAC5BE,QAAY,GACZO,KAAS,oCACTL,GAAOL,EAAI,KAAKC,EAAQ,qCACxBK,MAAU,oCACVC,KAAS,wBACZ,EACA,CACGC,OAAW,CACR,CACGL,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAQ,2CACzBI,GAAOL,EAAI,KAAKC,EAAQ,2CACxBK,MAAU,0CACVC,KAAS,MACZ,EACA,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAQ,mCACzBI,GAAOL,EAAI,KAAKC,EAAQ,mCACxBK,MAAU,kCACVC,KAAS,MACZ,EACA,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAQ,wCACzBI,GAAOL,EAAI,KAAKC,EAAQ,wCACxBK,MAAU,uCACVC,KAAS,MACZ,EACA,CACGE,IAAQT,EAAI,KAAKC,EAAQ,uCACzBI,GAAOL,EAAI,KAAKC,EAAQ,uCACxBK,MAAU,qCACb,GAEHI,KAAS,wBACTL,GAAO,gCACPC,MAAU,gCACVC,KAAS,sBACZ,EACA,CACGC,OAAW,CACR,CACGL,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAQ,yCACzBI,GAAOL,EAAI,KAAKC,EAAQ,yCACxBU,OAAW,CACR,CACGC,EAAM,GACNC,EAAM,SACT,EACA,CACGD,EAAM,WACNC,EAAM,UACT,EACA,CACGD,EAAM,aACNC,EAAM,YACT,EACA,CACGD,EAAM,aACNC,EAAM,YACT,EACA,CACGD,EAAM,aACNC,EAAM,YACT,GAEHP,MAAU,wCACVC,KAAS,QACZ,EACA,CACGJ,QAAY,CAAC,EACbM,IAAQT,EAAI,KAAKC,EAAQ,wCACzBI,GAAOL,EAAI,KAAKC,EAAQ,wCACxBK,MAAU,uCACVC,KAAS,OACZ,EACA,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAQ,kDACzBI,GAAOL,EAAI,KAAKC,EAAQ,kDACxBK,MAAU,iDACVC,KAAS,MACZ,EACA,CACGJ,QAAY,CAAC,EACbM,IAAQT,EAAI,KAAKC,EAAQ,wCACzBI,GAAOL,EAAI,KAAKC,EAAQ,wCACxBK,MAAU,uCACVC,KAAS,OACZ,EACA,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAQ,kDACzBI,GAAOL,EAAI,KAAKC,EAAQ,kDACxBK,MAAU,iDACVC,KAAS,MACZ,GAEHG,KAAS,0BACTL,GAAO,kCACPC,MAAU,kCACVC,KAAS,sBACZ,EACA,CACGC,OAAW,CACR,CACGL,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAQ,oCACzBI,GAAOL,EAAI,KAAKC,EAAQ,oCACxBU,OAAW,CACR,CACGC,EAAM,GACNC,EAAM,EACT,EACA,CACGD,EAAM,YACNC,EAAM,MACT,EACA,CACGD,EAAM,gBACNC,EAAM,UACT,EACA,CACGD,EAAM,eACNC,EAAM,cACT,GAEHP,MAAU,mCACVC,KAAS,QACZ,EACA,CACGJ,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAQ,oCACzBI,GAAOL,EAAI,KAAKC,EAAQ,oCACxBU,OAAW,CACR,CACGC,EAAM,GACNC,EAAM,EACT,EACA,CACGD,EAAM,YACNC,EAAM,MACT,EACA,CACGD,EAAM,gBACNC,EAAM,UACT,EACA,CACGD,EAAM,YACNC,EAAM,MACT,GAEHP,MAAU,mCACVC,KAAS,QACZ,GAEHG,KAAS,wBACTL,GAAO,gCACPC,MAAU,gCACVC,KAAS,sBACZ,EACA,CACGC,OAAW,CACR,CACGL,QAAY,OACZM,IAAQT,EAAI,KAAKC,EAAQ,wCACzBI,GAAOL,EAAI,KAAKC,EAAQ,wCACxBU,OAAW,CACR,CACGC,EAAM,OACNC,EAAM,MACT,EACA,CACGD,EAAM,SACNC,EAAM,SACT,EACA,CACGD,EAAM,YACNC,EAAM,WACT,GAEHP,MAAU,uCACVC,KAAS,QACZ,EACA,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAQ,mCACzBI,GAAOL,EAAI,KAAKC,EAAQ,mCACxBK,MAAU,kCACVC,KAAS,MACZ,EACA,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAQ,uCACzBI,GAAOL,EAAI,KAAKC,EAAQ,uCACxBK,MAAU,sCACVC,KAAS,MACZ,GAEHG,KAAS,yBACTL,GAAO,iCACPC,MAAU,iCACVC,KAAS,sBACZ,EACA,CACGC,OAAW,CACR,CACGL,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAQ,sCACzBI,GAAOL,EAAI,KAAKC,EAAQ,sCACxBU,OAAW,CACR,CACGC,EAAM,GACNC,EAAM,EACT,EACA,CACGD,EAAM,cACNC,EAAM,aACT,EACA,CACGD,EAAM,QACNC,EAAM,OACT,EACA,CACGD,EAAM,OACNC,EAAM,kBACT,EACA,CACGD,EAAM,UACNC,EAAM,SACT,EACA,CACGD,EAAM,WACNC,EAAM,UACT,EACA,CACGD,EAAM,SACNC,EAAM,QACT,EACA,CACGD,EAAM,aACNC,EAAM,YACT,EACA,CACGD,EAAM,YACNC,EAAM,WACT,EACA,CACGD,EAAM,YACNC,EAAM,WACT,GAEHP,MAAU,qCACVC,KAAS,QACZ,EACA,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAQ,oCACzBI,GAAOL,EAAI,KAAKC,EAAQ,oCACxBK,MAAU,mCACVC,KAAS,MACZ,EACA,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAQ,mCACzBI,GAAOL,EAAI,KAAKC,EAAQ,mCACxBK,MAAU,kCACVC,KAAS,MACZ,EACA,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAQ,2CACzBI,GAAOL,EAAI,KAAKC,EAAQ,2CACxBK,MAAU,0CACVC,KAAS,MACZ,EACA,CACGJ,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAQ,+CACzBI,GAAOL,EAAI,KAAKC,EAAQ,+CACxBU,OAAW,CACR,CACGC,EAAM,GACNC,EAAM,EACT,EACA,CACGD,EAAM,WACNC,EAAM,UACT,EACA,CACGD,EAAM,+BACNC,EAAM,8BACT,EACA,CACGD,EAAM,WACNC,EAAM,UACT,EACA,CACGD,EAAM,aACNC,EAAM,wBACT,GAEHP,MAAU,8CACVC,KAAS,QACZ,EACA,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAQ,uCACzBI,GAAOL,EAAI,KAAKC,EAAQ,uCACxBK,MAAU,sCACVC,KAAS,MACZ,EACA,CACGC,OAAW,CACR,CACGC,IAAQT,EAAI,KAAKC,EAAQ,4CACzBI,GAAOL,EAAI,KAAKC,EAAQ,4CACxBK,MAAU,0CACb,GAEHD,GAAO,mCACPC,MAAU,mCACVC,KAAS,sBACZ,EACA,CACGE,IAAQT,EAAI,KAAKC,EAAQ,iCACzBI,GAAOL,EAAI,KAAKC,EAAQ,iCACxBK,MAAU,gCACVC,KAAS,UACZ,GAEHG,KAAS,wBACTL,GAAO,yBACPC,MAAU,wBACb,EACA,CACGE,OAAW,CACR,CACGC,IAAQT,EAAI,KAAKC,EAAQ,qCACzBI,GAAOL,EAAI,KAAKC,EAAQ,qCACxBK,MAAU,mCACb,EACA,CACGG,IAAQT,EAAI,KAAKC,EAAQ,8BACzBI,GAAOL,EAAI,KAAKC,EAAQ,8BACxBK,MAAU,4BACb,EACA,CACGG,IAAQT,EAAI,KAAKC,EAAQ,iCACzBI,GAAOL,EAAI,KAAKC,EAAQ,iCACxBK,MAAU,+BACb,EACA,CACGH,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAQ,wCACzBI,GAAOL,EAAI,KAAKC,EAAQ,wCACxBK,MAAU,uCACVC,KAAS,UACZ,EACA,CACGE,IAAQT,EAAI,KAAKC,EAAQ,oCACzBI,GAAOL,EAAI,KAAKC,EAAQ,oCACxBK,MAAU,mCACVC,KAAS,WACZ,GAEHG,KAAS,wBACTL,GAAO,gCACPC,MAAU,gCACVC,KAAS,sBACZ,GAGD,IAAK,qBACH,MAAO,CACR,CACGE,IAAQT,EAAI,KAAKC,EAAQ,qBACzBI,GAAOL,EAAI,KAAKC,EAAQ,qBACxBK,MAAU,oBACVC,KAAS,MACZ,EACA,CACGL,OAAWF,EAAI,KAAKC,EAAQ,oCAC5BE,QAAY,GACZO,KAAS,mCACTL,GAAOL,EAAI,KAAKC,EAAQ,oCACxBK,MAAU,mCACVC,KAAS,wBACZ,EACA,CACGC,OAAW,CACR,CACGA,OAAW,CACR,CACGL,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAQ,qCACzBI,GAAOL,EAAI,KAAKC,EAAQ,qCACxBU,OAAW,CACR,CACGC,EAAM,GACNC,EAAM,EACT,EACA,CACGD,EAAM,cACNC,EAAM,aACT,EACA,CACGD,EAAM,QACNC,EAAM,OACT,EACA,CACGD,EAAM,OACNC,EAAM,kBACT,EACA,CACGD,EAAM,UACNC,EAAM,SACT,EACA,CACGD,EAAM,WACNC,EAAM,UACT,EACA,CACGD,EAAM,SACNC,EAAM,QACT,EACA,CACGD,EAAM,aACNC,EAAM,YACT,EACA,CACGD,EAAM,YACNC,EAAM,WACT,EACA,CACGD,EAAM,YACNC,EAAM,WACT,GAEHP,MAAU,oCACVC,KAAS,QACZ,EACA,CACGE,IAAQT,EAAI,KAAKC,EAAQ,yCACzBI,GAAOL,EAAI,KAAKC,EAAQ,yCACxBK,MAAU,uCACb,EACA,CACGH,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAQ,mCACzBI,GAAOL,EAAI,KAAKC,EAAQ,mCACxBK,MAAU,kCACVC,KAAS,MACZ,EACA,CACGJ,QAAY,KACZM,IAAQT,EAAI,KAAKC,EAAQ,mDACzBI,GAAOL,EAAI,KAAKC,EAAQ,mDACxBK,MAAU,kDACVC,KAAS,KACZ,EACA,CACGJ,QAAY,KACZM,IAAQT,EAAI,KAAKC,EAAQ,4CACzBI,GAAOL,EAAI,KAAKC,EAAQ,4CACxBK,MAAU,2CACVC,KAAS,KACZ,EACA,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAQ,kCACzBI,GAAOL,EAAI,KAAKC,EAAQ,kCACxBK,MAAU,iCACVC,KAAS,MACZ,GAEHF,GAAO,qCACPC,MAAU,qCACVC,KAAS,sBACZ,EACA,CACGC,OAAW,CACR,CACGL,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAQ,wCACzBI,GAAOL,EAAI,KAAKC,EAAQ,wCACxBU,OAAW,CACR,CACGC,EAAM,GACNC,EAAM,SACT,EACA,CACGD,EAAM,WACNC,EAAM,UACT,EACA,CACGD,EAAM,aACNC,EAAM,YACT,EACA,CACGD,EAAM,aACNC,EAAM,YACT,EACA,CACGD,EAAM,aACNC,EAAM,YACT,GAEHP,MAAU,uCACVC,KAAS,QACZ,EACA,CACGJ,QAAY,CAAC,EACbM,IAAQT,EAAI,KAAKC,EAAQ,uCACzBI,GAAOL,EAAI,KAAKC,EAAQ,uCACxBK,MAAU,sCACVC,KAAS,OACZ,EACA,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAQ,iDACzBI,GAAOL,EAAI,KAAKC,EAAQ,iDACxBK,MAAU,gDACVC,KAAS,MACZ,EACA,CACGJ,QAAY,CAAC,EACbM,IAAQT,EAAI,KAAKC,EAAQ,uCACzBI,GAAOL,EAAI,KAAKC,EAAQ,uCACxBK,MAAU,sCACVC,KAAS,OACZ,EACA,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAQ,iDACzBI,GAAOL,EAAI,KAAKC,EAAQ,iDACxBK,MAAU,gDACVC,KAAS,MACZ,GAEHF,GAAO,iCACPC,MAAU,iCACVC,KAAS,sBACZ,EACA,CACGC,OAAW,CACR,CACGL,QAAY,OACZM,IAAQT,EAAI,KAAKC,EAAQ,uCACzBI,GAAOL,EAAI,KAAKC,EAAQ,uCACxBU,OAAW,CACR,CACGC,EAAM,OACNC,EAAM,MACT,EACA,CACGD,EAAM,SACNC,EAAM,SACT,EACA,CACGD,EAAM,YACNC,EAAM,WACT,GAEHP,MAAU,sCACVC,KAAS,QACZ,EACA,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAQ,8CACzBI,GAAOL,EAAI,KAAKC,EAAQ,8CACxBK,MAAU,6CACVC,KAAS,MACZ,EACA,CACGE,IAAQT,EAAI,KAAKC,EAAQ,mCACzBI,GAAOL,EAAI,KAAKC,EAAQ,mCACxBK,MAAU,kCACVC,KAAS,WACZ,EACA,CACGE,IAAQT,EAAI,KAAKC,EAAQ,6BACzBI,GAAOL,EAAI,KAAKC,EAAQ,6BACxBK,MAAU,2BACb,GAEHD,GAAO,gCACPC,MAAU,gCACVC,KAAS,sBACZ,EACA,CACGC,OAAW,CACR,CACGC,IAAQT,EAAI,KAAKC,EAAQ,2CACzBI,GAAOL,EAAI,KAAKC,EAAQ,2CACxBK,MAAU,yCACb,EACA,CACGH,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAQ,qDACzBI,GAAOL,EAAI,KAAKC,EAAQ,qDACxBU,OAAW,CACR,CACGC,EAAM,GACNC,EAAM,MACT,EACA,CACGD,EAAM,SACNC,EAAM,QACT,GAEHP,MAAU,oDACVC,KAAS,QACZ,EACA,CACGJ,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAQ,qDACzBI,GAAOL,EAAI,KAAKC,EAAQ,qDACxBU,OAAW,CACR,CACGC,EAAM,GACNC,EAAM,MACT,EACA,CACGD,EAAM,WACNC,EAAM,cACT,EACA,CACGD,EAAM,SACNC,EAAM,QACT,GAEHP,MAAU,oDACVC,KAAS,QACZ,GAEHF,GAAO,kCACPC,MAAU,kCACVC,KAAS,sBACZ,EACA,CACGE,IAAQT,EAAI,KAAKC,EAAQ,gCACzBI,GAAOL,EAAI,KAAKC,EAAQ,gCACxBK,MAAU,+BACVC,KAAS,UACZ,GAEHG,KAAS,uBACTL,GAAO,wBACPC,MAAU,uBACb,EACA,CACGJ,OAAWF,EAAI,KAAKC,EAAQ,wBAC5BE,QAAY,GACZO,KAAS,6DACTL,GAAOL,EAAI,KAAKC,EAAQ,wBACxBK,MAAU,uBACVC,KAAS,kBACZ,GAGD,IAAK,cACH,MAAO,CACR,CACGL,OAAWF,EAAI,KAAKC,EAAQ,iBAC5BE,QAAY,CACT,CACGC,KAAS,OACTC,GAAOL,EAAI,KAAKC,EAAQ,yBACxBa,GAAO,UACPR,MAAU,UACVC,KAAS,MACZ,GAEHG,KAAS,qCACTL,GAAOL,EAAI,KAAKC,EAAQ,iBACxBK,MAAU,gBACVC,KAAS,eACZ,EACA,CACGL,OAAWF,EAAI,KAAKC,EAAQ,mBAC5BS,KAAS,uCACTL,GAAOL,EAAI,KAAKC,EAAQ,mBACxBK,MAAU,kBACVC,KAAS,kBACZ,EACA,CACGL,OAAWF,EAAI,KAAKC,EAAQ,QAC5BS,KAAS,kBACTL,GAAOL,EAAI,KAAKC,EAAQ,QACxBK,MAAU,OACVC,KAAS,eACZ,EACA,CACGC,OAAW,CACR,CACGL,QAAY,CAAC,EACbM,IAAQT,EAAI,KAAKC,EAAQ,aACzBI,GAAOL,EAAI,KAAKC,EAAQ,aACxBK,MAAU,YACVC,KAAS,KACZ,EACA,CACGJ,QAAY,CAAC,EACbM,IAAQT,EAAI,KAAKC,EAAQ,cACzBI,GAAOL,EAAI,KAAKC,EAAQ,cACxBK,MAAU,aACVC,KAAS,OACZ,EACA,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAQ,oBACzBI,GAAOL,EAAI,KAAKC,EAAQ,oBACxBK,MAAU,mBACVC,KAAS,MACZ,EACA,CACGJ,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAQ,gBACzBI,GAAOL,EAAI,KAAKC,EAAQ,gBACxBK,MAAU,cACb,EACA,CACGH,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAQ,sBACzBI,GAAOL,EAAI,KAAKC,EAAQ,sBACxBK,MAAU,oBACb,EACA,CACGG,IAAQT,EAAI,KAAKC,EAAQ,mBACzBI,GAAOL,EAAI,KAAKC,EAAQ,mBACxBK,MAAU,kBACVC,KAAS,WACZ,EACA,CACGJ,QAAY,OACZM,IAAQT,EAAI,KAAKC,EAAQ,aACzBI,GAAOL,EAAI,KAAKC,EAAQ,aACxBU,OAAW,CACR,CACGC,EAAM,YACNC,EAAM,WACT,EACA,CACGD,EAAM,MACNC,EAAM,KACT,EACA,CACGD,EAAM,SACNC,EAAM,QACT,EACA,CACGD,EAAM,WACNC,EAAM,UACT,EACA,CACGD,EAAM,YACNC,EAAM,WACT,EACA,CACGD,EAAM,OACNC,EAAM,MACT,EACA,CACGD,EAAM,SACNC,EAAM,QACT,EACA,CACGD,EAAM,cACNC,EAAM,aACT,EACA,CACGD,EAAM,eACNC,EAAM,cACT,EACA,CACGD,EAAM,gBACNC,EAAM,eACT,GAEHP,MAAU,YACVC,KAAS,QACZ,EACA,CACGE,IAAQT,EAAI,KAAKC,EAAQ,uBACzBI,GAAOL,EAAI,KAAKC,EAAQ,uBACxBK,MAAU,qBACb,EACA,CACGH,QAAY,CAAC,EACbM,IAAQT,EAAI,KAAKC,EAAQ,wBACzBI,GAAOL,EAAI,KAAKC,EAAQ,wBACxBK,MAAU,uBACVC,KAAS,KACZ,EACA,CACGJ,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAQ,gBACzBI,GAAOL,EAAI,KAAKC,EAAQ,gBACxBK,MAAU,eACVC,KAAS,UACZ,GAEHG,KAAS,2BACTL,GAAO,eACPC,MAAU,eACVC,KAAS,sBACZ,GAGD,QACE,MAAO,EACT,CACF,CAEA,SAASQ,aAAaC,GACpBA,EAAMC,OAASD,EAAMZ,KAAK,GAAGI,OAAO,GAAGA,OAAO,GAC9CQ,EAAME,OAAOF,EAAMC,MAAM,EACzBD,EAAMG,OAASH,EAAMZ,KAAK,GAAGI,OAAO,GAAGA,OAAO,GAC9CQ,EAAME,OAAOF,EAAMG,MAAM,CAC3B"} \ No newline at end of file diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/ar.json b/lemonldap-ng-manager/site/htdocs/static/languages/ar.json index f2f19978f6b3f129be300c2832d46b7c7b5be617..6893f2e50d3fcf9d87b3cd7f5d9145a2b0386e90 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/ar.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/ar.json @@ -771,6 +771,7 @@ "oidcRPMetaDataOptionsPublic":"Public client", "oidcRPMetaDataOptionsRedirectUris":"عناوين إعادة التوجيه المسموح بها لتسجيل الدخول", "oidcRPMetaDataOptionsRefreshToken":"Use refresh tokens", +"oidcRPMetaDataOptionsRefreshTokenRotation":"Invalidate refresh tokens after use", "oidcRPMetaDataOptionsRequestUris":"Allowed URLs for fetching Request Object", "oidcRPMetaDataOptionsRequirePKCE":"Require PKCE", "oidcRPMetaDataOptionsRule":"قاعدة الدخول", diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/en.json b/lemonldap-ng-manager/site/htdocs/static/languages/en.json index 755deac381e1f890265cebc684a2e5419782209b..df757dff00e9ed491812e527e8be2ced79badf51 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/en.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/en.json @@ -771,6 +771,7 @@ "oidcRPMetaDataOptionsPublic":"Public client", "oidcRPMetaDataOptionsRedirectUris":"Allowed redirection addresses for login", "oidcRPMetaDataOptionsRefreshToken":"Use refresh tokens", +"oidcRPMetaDataOptionsRefreshTokenRotation":"Invalidate refresh tokens after use", "oidcRPMetaDataOptionsRequestUris":"Allowed URLs for fetching Request Object", "oidcRPMetaDataOptionsRequirePKCE":"Require PKCE", "oidcRPMetaDataOptionsRule":"Access rule", diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/es.json b/lemonldap-ng-manager/site/htdocs/static/languages/es.json index 65f9602101c010f072b45b221513431da0dcfc2f..d910f1fec34317ded65a9a069a4373693d82ee41 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/es.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/es.json @@ -771,6 +771,7 @@ "oidcRPMetaDataOptionsPublic":"Cliente público", "oidcRPMetaDataOptionsRedirectUris":"Allowed redirection addresses for login", "oidcRPMetaDataOptionsRefreshToken":"Use refresh tokens", +"oidcRPMetaDataOptionsRefreshTokenRotation":"Invalidate refresh tokens after use", "oidcRPMetaDataOptionsRequestUris":"Allowed URLs for fetching Request Object", "oidcRPMetaDataOptionsRequirePKCE":"Se requiere PKCE", "oidcRPMetaDataOptionsRule":"Regla de acceso", diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/fr.json b/lemonldap-ng-manager/site/htdocs/static/languages/fr.json index e679eea454a15edfea55d6a053ebc2cbf1cfc67f..07d88f409aee8cef08db776eac5c30bcf1e64634 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/fr.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/fr.json @@ -771,6 +771,7 @@ "oidcRPMetaDataOptionsPublic":"Client public", "oidcRPMetaDataOptionsRedirectUris":"Adresses de redirection autorisées pour la connexion", "oidcRPMetaDataOptionsRefreshToken":"Utiliser les jetons de renouvellement", +"oidcRPMetaDataOptionsRefreshTokenRotation":"Invalider les jetons de rafraichissement après utilisation", "oidcRPMetaDataOptionsRequestUris":"URLs autorisées pour récupérer les paramètres de la requête", "oidcRPMetaDataOptionsRequirePKCE":"PKCE requis", "oidcRPMetaDataOptionsRule":"Règle d'accès", diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/he.json b/lemonldap-ng-manager/site/htdocs/static/languages/he.json index be1a4fd83995d6f111abcd93017410f577fb3f6b..20a483a935a5dc852a43eb8ba66fb643b1be7abd 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/he.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/he.json @@ -771,6 +771,7 @@ "oidcRPMetaDataOptionsPublic":"לקוח ציבורי", "oidcRPMetaDataOptionsRedirectUris":"Allowed redirection addresses for login", "oidcRPMetaDataOptionsRefreshToken":"להשתמש באסימוני רענון", +"oidcRPMetaDataOptionsRefreshTokenRotation":"Invalidate refresh tokens after use", "oidcRPMetaDataOptionsRequestUris":"Allowed URLs for fetching Request Object", "oidcRPMetaDataOptionsRequirePKCE":"לדרוש PKCE", "oidcRPMetaDataOptionsRule":"כלל גישה", diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/it.json b/lemonldap-ng-manager/site/htdocs/static/languages/it.json index 84cdbe1c10dae908e68ef365445177f587f1d91e..8a4d511fa043795462273f446358fce39a1571f4 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/it.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/it.json @@ -771,6 +771,7 @@ "oidcRPMetaDataOptionsPublic":"Cliente pubblico", "oidcRPMetaDataOptionsRedirectUris":"Indirizzi di reindirizzazione consentiti per l'accesso", "oidcRPMetaDataOptionsRefreshToken":"Use refresh tokens", +"oidcRPMetaDataOptionsRefreshTokenRotation":"Invalidate refresh tokens after use", "oidcRPMetaDataOptionsRequestUris":"Allowed URLs for fetching Request Object", "oidcRPMetaDataOptionsRequirePKCE":"Richiedi PKCE", "oidcRPMetaDataOptionsRule":"Regola di accesso", diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/pl.json b/lemonldap-ng-manager/site/htdocs/static/languages/pl.json index 48e2c15599597358ae0013f41e5797acb6f72d57..0eba2a477060d739cddf5214ef7089bbc9802562 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/pl.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/pl.json @@ -771,6 +771,7 @@ "oidcRPMetaDataOptionsPublic":"Klient publiczny", "oidcRPMetaDataOptionsRedirectUris":"Dozwolone adresy przekierowań dla logowania", "oidcRPMetaDataOptionsRefreshToken":"Użyj tokenów odświeżających", +"oidcRPMetaDataOptionsRefreshTokenRotation":"Invalidate refresh tokens after use", "oidcRPMetaDataOptionsRequestUris":"Allowed URLs for fetching Request Object", "oidcRPMetaDataOptionsRequirePKCE":"Wymagaj PKCE", "oidcRPMetaDataOptionsRule":"Reguła dostępu", diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/pt.json b/lemonldap-ng-manager/site/htdocs/static/languages/pt.json index cf9dbe69f80806f23049ecb6eb4db323dd39e72a..56bcabe74dd8ba0065b959e1514f930af66da0bb 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/pt.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/pt.json @@ -771,6 +771,7 @@ "oidcRPMetaDataOptionsPublic":"Cliente público", "oidcRPMetaDataOptionsRedirectUris":"Endereços de redirecionamento permitidos para o login", "oidcRPMetaDataOptionsRefreshToken":"Usar tokens renovados", +"oidcRPMetaDataOptionsRefreshTokenRotation":"Invalidate refresh tokens after use", "oidcRPMetaDataOptionsRequestUris":"URL's permitidas para buscar Request Object", "oidcRPMetaDataOptionsRequirePKCE":"Exigir PKCE", "oidcRPMetaDataOptionsRule":"Regra de acesso", diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/pt_BR.json b/lemonldap-ng-manager/site/htdocs/static/languages/pt_BR.json index 04dfeb72d394f47b9a3aa4e71f9af1c445fac4d9..035bc918fc61f617ebae38126b3a49888e12e488 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/pt_BR.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/pt_BR.json @@ -771,6 +771,7 @@ "oidcRPMetaDataOptionsPublic":"Cliente público", "oidcRPMetaDataOptionsRedirectUris":"Endereços de redirecionamento permitidos para o login", "oidcRPMetaDataOptionsRefreshToken":"Usar tokens renovados", +"oidcRPMetaDataOptionsRefreshTokenRotation":"Invalidate refresh tokens after use", "oidcRPMetaDataOptionsRequestUris":"URL's permitidas para buscar Request Object", "oidcRPMetaDataOptionsRequirePKCE":"Exigir PKCE", "oidcRPMetaDataOptionsRule":"Regra de acesso", diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/ru.json b/lemonldap-ng-manager/site/htdocs/static/languages/ru.json index 80ba8effd34f5e71147d63805dbcc26b55312e1d..50341a6ac389e94d563174f5b16cb6a8acbdbc53 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/ru.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/ru.json @@ -771,6 +771,7 @@ "oidcRPMetaDataOptionsPublic":"Публичный клиент", "oidcRPMetaDataOptionsRedirectUris":"Разрешенные адреса перенаправления для входа", "oidcRPMetaDataOptionsRefreshToken":"Использовать токены обновления", +"oidcRPMetaDataOptionsRefreshTokenRotation":"Invalidate refresh tokens after use", "oidcRPMetaDataOptionsRequestUris":"Allowed URLs for fetching Request Object", "oidcRPMetaDataOptionsRequirePKCE":"Требовать PKCE", "oidcRPMetaDataOptionsRule":"Правило доступа", diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/tr.json b/lemonldap-ng-manager/site/htdocs/static/languages/tr.json index 5bb9a353a64fb178449e2332cec5763776247dd4..0f32e720b515376196e74b4bd043ce6d4ae8495f 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/tr.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/tr.json @@ -771,6 +771,7 @@ "oidcRPMetaDataOptionsPublic":"Açık istemci", "oidcRPMetaDataOptionsRedirectUris":"Giriş için izin verilen yönlendirme adresleri", "oidcRPMetaDataOptionsRefreshToken":"Yeni jetonları kullan", +"oidcRPMetaDataOptionsRefreshTokenRotation":"Invalidate refresh tokens after use", "oidcRPMetaDataOptionsRequestUris":"İstek Nesnesini getirmek için izin verilen URL'ler", "oidcRPMetaDataOptionsRequirePKCE":"PKCE gerektir", "oidcRPMetaDataOptionsRule":"Erişim kuralı", diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/vi.json b/lemonldap-ng-manager/site/htdocs/static/languages/vi.json index 13d20eb320dd7270cc28520ec187864d027d87df..808c3bde0014be7035fefcf0699f39c25f3dd9a4 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/vi.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/vi.json @@ -771,6 +771,7 @@ "oidcRPMetaDataOptionsPublic":"Khách hàng công khai", "oidcRPMetaDataOptionsRedirectUris":"Các địa chỉ chuyển hướng được phép để đăng nhập", "oidcRPMetaDataOptionsRefreshToken":"Sử dụng mã thông báo làm mới", +"oidcRPMetaDataOptionsRefreshTokenRotation":"Invalidate refresh tokens after use", "oidcRPMetaDataOptionsRequestUris":"Allowed URLs for fetching Request Object", "oidcRPMetaDataOptionsRequirePKCE":"Yêu cầu PKCE", "oidcRPMetaDataOptionsRule":"Quy tắc truy cập", diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/zh.json b/lemonldap-ng-manager/site/htdocs/static/languages/zh.json index c750d5d133308ef23e25a872f51b5c384c36e8eb..b5e3b9e0bdf41f03c1947a3cb1b40db4c52ac1e2 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/zh.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/zh.json @@ -771,6 +771,7 @@ "oidcRPMetaDataOptionsPublic":"公開客戶端", "oidcRPMetaDataOptionsRedirectUris":"允許登入的重新導向地址", "oidcRPMetaDataOptionsRefreshToken":"使用重新整理權杖", +"oidcRPMetaDataOptionsRefreshTokenRotation":"Invalidate refresh tokens after use", "oidcRPMetaDataOptionsRequestUris":"Allowed URLs for fetching Request Object", "oidcRPMetaDataOptionsRequirePKCE":"需要 PKCE", "oidcRPMetaDataOptionsRule":"存取規則", diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/zh_TW.json b/lemonldap-ng-manager/site/htdocs/static/languages/zh_TW.json index 4762cc46c356c77db3d9735f004827adce4df0ea..67fceed03e45b2a7741c44ef093ec529c745bdcc 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/zh_TW.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/zh_TW.json @@ -771,6 +771,7 @@ "oidcRPMetaDataOptionsPublic":"公開客戶端", "oidcRPMetaDataOptionsRedirectUris":"允許登入的重新導向地址", "oidcRPMetaDataOptionsRefreshToken":"使用重新整理權杖", +"oidcRPMetaDataOptionsRefreshTokenRotation":"Invalidate refresh tokens after use", "oidcRPMetaDataOptionsRequestUris":"Allowed URLs for fetching Request Object", "oidcRPMetaDataOptionsRequirePKCE":"需要 PKCE", "oidcRPMetaDataOptionsRule":"存取規則", diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm index b1b862529483fdad77d4792f493f75dc6fea918d..920e6849f930b81095c9ecefa0af167402aa71b7 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm @@ -1924,7 +1924,7 @@ sub _handleAuthorizationCodeGrant { sub _handleRefreshTokenGrant { my ( $self, $req, $rp, $refresh_token, $client_id ) = @_; - $client_id ||= $self->rpOptions->{$rp}->{oidcRPMetaDataOptionsClientID}; + $client_id ||= $self->rpOptions->{$rp}->{oidcRPMetaDataOptionsClientID}; $refresh_token ||= $req->param('refresh_token'); unless ($refresh_token) { @@ -1941,6 +1941,8 @@ sub _handleRefreshTokenGrant { return $self->sendOIDCError( $req, 'invalid_request', 400 ); } + $refreshSession = $self->_rotateRefreshSession( $rp, $refreshSession ); + # Check we have the same client_id value unless ( $client_id eq $refreshSession->data->{client_id} ) { $self->userLogger->error( "Provided client_id does not match " @@ -2082,17 +2084,61 @@ sub _handleRefreshTokenGrant { $self->rpOptions->{$rp}->{oidcRPMetaDataOptionsAccessTokenExpiration} || $self->conf->{oidcServiceAccessTokenExpiration}; + my $need_to_update_refresh_token = + ( $refresh_token ne $refreshSession->id ); + my $token_response = { access_token => "$access_token", token_type => 'Bearer', expires_in => $expires_in + 0, + ( + $need_to_update_refresh_token + ? ( refresh_token => $refreshSession->id ) + : () + ), ( $id_token ? ( id_token => "$id_token" ) : () ), }; $self->logger->debug("Send token response"); return $self->p->sendJSONresponse( $req, $token_response ); +} + +sub _rotateRefreshSession { + my ( $self, $rp, $refreshSession ) = @_; + + if ( $self->rpOptions->{$rp}->{oidcRPMetaDataOptionsRefreshTokenRotation} ) + { + $self->logger->debug("Creating new refresh token for $rp"); + + my $newRefreshSession = + $self->newRefreshToken( $rp, $refreshSession->data ); + + if ($newRefreshSession) { + $self->logger->debug( + "Generated new refresh token: " . $newRefreshSession->id ); + + my $old_refresh_token = $refreshSession->id; + if ( $refreshSession->remove ) { + $self->logger->debug( + "Removed old refresh token: $old_refresh_token"); + } + else { + $self->logger->error( + "Failed to remove old refresh token $old_refresh_token: " + . $refreshSession->error ); + } + + return $newRefreshSession; + } + else { + $self->logger->error( + "Unable to create OIDC session for refresh_token"); + return $refreshSession; + } + } + return $refreshSession; } # Handle userinfo endpoint diff --git a/lemonldap-ng-portal/t/32-OIDC-Offline-Session.t b/lemonldap-ng-portal/t/32-OIDC-Offline-Session.t index fc1f277bc32580653aeabe9eb3e1415d09769ec4..db2af930e17e1d7cb5f4e2e3ec3fcf018e22478f 100644 --- a/lemonldap-ng-portal/t/32-OIDC-Offline-Session.t +++ b/lemonldap-ng-portal/t/32-OIDC-Offline-Session.t @@ -14,7 +14,7 @@ BEGIN { my $debug = "error"; sub runTest { - my ( $op, $jwt ) = @_; + my ( $op, $jwt, $refresh_rotation ) = @_; Time::Fake->reset; my $query; @@ -79,6 +79,17 @@ sub runTest { $json = expectJSON( refreshGrant( $op, 'rpid', $refresh_token ) ); + if ($refresh_rotation) { + my $old_refresh_token = $refresh_token; + ok( $refresh_token = $json->{refresh_token}, + "Refresh token was updated" ); + expectReject( refreshGrant( $op, "rpid", $old_refresh_token ), + 400, "invalid_request" ); + } + else { + ok( !defined $json->{refresh_token}, "Refresh token not present" ); + } + # Make sure refresh token session has no _lastSeen to avoid purge ok( !getSamlSession($refresh_token)->{data}->{_lastSeen} ); @@ -90,11 +101,9 @@ sub runTest { sub => "customfrench" ); } - my $refresh_token2 = $json->{refresh_token}; $id_token = $json->{id_token}; - ok( $access_token, "Got refreshed Access token" ); - ok( $id_token, "Got refreshed ID token" ); - ok( !defined $refresh_token2, "Refresh token not present" ); + ok( $access_token, "Got refreshed Access token" ); + ok( $id_token, "Got refreshed ID token" ); $id_token_payload = id_token_payload($id_token); is( @@ -120,6 +129,17 @@ sub runTest { $json = expectJSON( refreshGrant( $op, 'rpid', $refresh_token ) ); + if ($refresh_rotation) { + my $old_refresh_token = $refresh_token; + ok( $refresh_token = $json->{refresh_token}, + "Refresh token was updated" ); + expectReject( refreshGrant( $op, "rpid", $old_refresh_token ), + 400, "invalid_request" ); + } + else { + ok( !defined $json->{refresh_token}, "Refresh token not present" ); + } + # Make sure refresh token session has no _lastSeen to avoid purge ok( !getSamlSession($refresh_token)->{data}->{_lastSeen} ); @@ -131,11 +151,9 @@ sub runTest { sub => "customfrench" ); } - $refresh_token2 = $json->{refresh_token}; - $id_token = $json->{id_token}; - ok( $access_token, "Got refreshed Access token" ); - ok( $id_token, "Got refreshed ID token" ); - ok( !defined $refresh_token2, "Refresh token not present" ); + $id_token = $json->{id_token}; + ok( $access_token, "Got refreshed Access token" ); + ok( $id_token, "Got refreshed ID token" ); $id_token_payload = id_token_payload($id_token); is( $id_token_payload->{auth_time}, @@ -176,7 +194,7 @@ sub runTest { } sub runTestRemoveUser { - my ($op) = @_; + my ( $op, $refresh_rotation ) = @_; Time::Fake->reset; my $query; @@ -212,6 +230,17 @@ sub runTestRemoveUser { $json = expectJSON( refreshGrant( $op, 'rpid', $refresh_token ) ); ok( $json->{access_token}, "Found access token" ); + if ($refresh_rotation) { + my $old_refresh_token = $refresh_token; + ok( $refresh_token = $json->{refresh_token}, + "Refresh token was updated" ); + expectReject( refreshGrant( $op, "rpid", $old_refresh_token ), + 400, "invalid_request" ); + } + else { + ok( !defined $json->{refresh_token}, "Refresh token not present" ); + } + # Remove user from storage delete $Lemonldap::NG::Portal::UserDB::Demo::demoAccounts{goner}; $json = expectReject( refreshGrant( $op, 'rpid', $refresh_token ), @@ -278,12 +307,18 @@ subtest "Run tests with JWT access tokens" => sub { runTest( $op, 1 ); }; -# Re-run tests with Choice +subtest "Run tests with refresh token rotation" => sub { + $baseConfig->{ini}->{oidcRPMetaDataOptions}->{rp} + ->{oidcRPMetaDataOptionsRefreshTokenRotation} = 1; + my $op = LLNG::Manager::Test->new($baseConfig); + runTest( $op, 1, 1 ); +}; + subtest "Using choice authentication method" => sub { $baseConfig->{ini}->{authentication} = "Choice"; $baseConfig->{ini}->{authChoiceModules}->{'1_Demo'} = 'Demo;Demo;Null'; my $op = LLNG::Manager::Test->new($baseConfig); - runTest( $op, 1 ); + runTest( $op, 1, 1 ); }; clean_sessions(); diff --git a/lemonldap-ng-portal/t/32-OIDC-Refresh-Token.t b/lemonldap-ng-portal/t/32-OIDC-Refresh-Token.t index e88693a4d0d1fe41dc029ef621b3273b995e5a0b..233c5e7f8815f26cf13c966cee1cd644318bc3b8 100644 --- a/lemonldap-ng-portal/t/32-OIDC-Refresh-Token.t +++ b/lemonldap-ng-portal/t/32-OIDC-Refresh-Token.t @@ -34,7 +34,7 @@ sub checkJWT { # Full test case sub runTest { - my ( $op, $jwt ) = @_; + my ( $op, $jwt, $refresh_rotation ) = @_; Time::Fake->reset; my ( $res, $query ); @@ -69,8 +69,7 @@ sub runTest { ); ok( ( grep { $_ eq "rpid" } @{ $id_token_payload->{aud} } ), 'Check that clientid is in audience' ); - ok( - ( + ok( ( grep { $_ eq "http://my.extra.audience/test" } @{ $id_token_payload->{aud} } ), @@ -96,9 +95,19 @@ sub runTest { $access_token = $json->{access_token}; checkJWT($access_token) if ($jwt); $id_token = $json->{id_token}; - ok( $access_token, "Got refreshed Access token" ); - ok( $id_token, "Got refreshed ID token" ); - ok( !defined $json->{refresh_token}, "Refresh token not present" ); + ok( $access_token, "Got refreshed Access token" ); + ok( $id_token, "Got refreshed ID token" ); + + if ($refresh_rotation) { + my $old_refresh_token = $refresh_token; + ok( $refresh_token = $json->{refresh_token}, + "Refresh token was updated" ); + expectReject( refreshGrant( $op, "rpid", $old_refresh_token ), + 400, "invalid_request" ); + } + else { + ok( !defined $json->{refresh_token}, "Refresh token not present" ); + } $id_token_payload = id_token_payload($id_token); is( $id_token_payload->{sub}, 'french', 'Found sub in ID token' ); @@ -124,7 +133,19 @@ sub runTest { # Refresh access token a second time $json = expectJSON( refreshGrant( $op, "rpid", $refresh_token ) ); $access_token = $json->{access_token}; - $json = expectJSON( getUserinfo( $op, $access_token ) ); + + if ($refresh_rotation) { + my $old_refresh_token = $refresh_token; + ok( $refresh_token = $json->{refresh_token}, + "Refresh token was updated" ); + expectReject( refreshGrant( $op, "rpid", $old_refresh_token ), + 400, "invalid_request" ); + } + else { + ok( !defined $json->{refresh_token}, "Refresh token not present" ); + } + + $json = expectJSON( getUserinfo( $op, $access_token ) ); ok( $json->{'sub'} eq "french", 'Got User Info' ); ok( $json->{'name'} eq "Frédéric Accents", 'Got User Info' ); @@ -180,19 +201,31 @@ my $baseConfig = { }; my $op = LLNG::Manager::Test->new($baseConfig); -runTest($op); -# Re-run tests with JWT access tokens -$baseConfig->{ini}->{oidcRPMetaDataOptions}->{rp} - ->{oidcRPMetaDataOptionsAccessTokenJWT} = 1; -$op = LLNG::Manager::Test->new($baseConfig); -runTest( $op, 1 ); +subtest "Run test with basic configuration" => sub { + runTest($op); +}; + +subtest "Run test with JWT access tokens" => sub { + $baseConfig->{ini}->{oidcRPMetaDataOptions}->{rp} + ->{oidcRPMetaDataOptionsAccessTokenJWT} = 1; + $op = LLNG::Manager::Test->new($baseConfig); + runTest( $op, 1 ); +}; -# Re-run tests with activity timeout. # Make sure Refresh tokens extend session activity -$baseConfig->{ini}->{timeoutActivity} = 7500; -$op = LLNG::Manager::Test->new($baseConfig); -runTest( $op, 1 ); +subtest "Run test with activity timeout" => sub { + $baseConfig->{ini}->{timeoutActivity} = 7500; + $op = LLNG::Manager::Test->new($baseConfig); + runTest( $op, 1 ); +}; + +subtest "Run test with refresh token rotation" => sub { + $baseConfig->{ini}->{oidcRPMetaDataOptions}->{rp} + ->{oidcRPMetaDataOptionsRefreshTokenRotation} = 1; + $op = LLNG::Manager::Test->new($baseConfig); + runTest( $op, 1, 1 ); +}; clean_sessions(); done_testing();