@lifeready/core 0.6.0-beta.1

package/esm2015/lib/auth/idle.service.js

@@ -0,0 +1,168 @@
+import { __awaiter } from "tslib";
+import { Inject, Injectable } from '@angular/core';
+import { Idle, DEFAULT_INTERRUPTSOURCES } from '@ng-idle/core';
+import { Keepalive } from '@ng-idle/keepalive';
+import { KeyService } from '../cryptography/key.service';
+import { LrBadArgumentException, LrBadStateException, } from '../_common/exceptions';
+import { LR_CONFIG } from '../life-ready.config';
+import { HttpClient } from '@angular/common/http';
+import { Config } from './idle.types';
+import { AuthClass } from '@aws-amplify/auth/lib-esm/Auth';
+import * as i0 from "@angular/core";
+import * as i1 from "../life-ready.config";
+import * as i2 from "@angular/common/http";
+import * as i3 from "@ng-idle/core";
+import * as i4 from "@ng-idle/keepalive";
+import * as i5 from "../cryptography/key.service";
+import * as i6 from "@aws-amplify/auth/lib-esm/Auth";
+export class IdleService {
+    constructor(config, http, idle, keepalive, keyService, auth) {
+        this.config = config;
+        this.http = http;
+        this.idle = idle;
+        this.keepalive = keepalive;
+        this.keyService = keyService;
+        this.auth = auth;
+        this.IDLE_EXPIRY_KEY = 'ng2Idle.main.expiry';
+        this.IDLING_KEY = 'ng2Idle.main.idling';
+        this.initCalled = false;
+    }
+    assertInit() {
+        if (!this.initCalled) {
+            throw new LrBadStateException('Call IdleService.init() first.');
+        }
+    }
+    init(params) {
+        return __awaiter(this, void 0, void 0, function* () {
+            if (this.initCalled) {
+                throw new LrBadStateException('IdleService.init() can only be called once. IdleService.start() calls init() with default values if init() has not been called yet.');
+            }
+            this.initCalled = true;
+            // Defaults
+            params = Object.assign({ onTimeout: null, onKeepalive: null, idleSec: Config.IDLE, timeoutSec: Config.TIMEOUT, keepAliveIntervalSec: Config.KEEP_ALIVE_INTERVAL }, params);
+            // If timeoutSec == 0 then the onTimeout() callback is never called.
+            if (params.timeoutSec < 0.01) {
+                throw new LrBadArgumentException('Minimum value for IdleService.init({ timeoutSec }) is 0.01');
+            }
+            this.onTimeout = params.onTimeout;
+            this.onKeepalive = params.onKeepalive;
+            // ------------------------------------------------------------------------
+            // Setup Idle
+            // ------------------------------------------------------------------------
+            // sets an idle timeout of 5 seconds, for testing purposes.
+            this.idle.setIdle(params.idleSec);
+            // sets a timeout period of 5 seconds. after 10 seconds of inactivity, the user will be considered timed out.
+            this.idle.setTimeout(params.timeoutSec);
+            // sets the default interrupts, in this case, things like clicks, scrolls, touches to the document
+            this.idle.setInterrupts(DEFAULT_INTERRUPTSOURCES);
+            this.idle.onIdleEnd.subscribe(() => console.log('Idle stopped'));
+            this.idle.onIdleStart.subscribe(() => console.log('Idle started'));
+            this.idle.onTimeout.subscribe(() => __awaiter(this, void 0, void 0, function* () {
+                console.log('Idle timed out');
+                this.reset();
+                yield Promise.resolve(this.onTimeout && this.onTimeout());
+            }));
+            this.idle.onTimeoutWarning.subscribe((countdown) => console.log(`Will timeout in ${countdown} seconds!`));
+            // ------------------------------------------------------------------------
+            // Setup Keepalive
+            // ------------------------------------------------------------------------
+            // Ref: https://github.com/moribvndvs/ng2-idle#readme
+            // ng-idle will instruct @ng-idle/keepalive to ping while the user is active, and stop once
+            // they go idle or time out. When the user resumes activity or the idle state is reset, it will
+            // ping immediately and then resume pinging.
+            this.keepalive.interval(params.keepAliveIntervalSec);
+            console.log(`Keep alive interval set at: ${Config.KEEP_ALIVE_INTERVAL} seconds`);
+            this.keepalive.onPing.subscribe(() => this.onPing());
+            // If the browser tab has been closed for a period longer thant the inactivity
+            // period, then we should logout right from the start.
+            const idleExpiry = localStorage.getItem(this.IDLE_EXPIRY_KEY);
+            if (idleExpiry &&
+                parseInt(idleExpiry, 10) + this.idle.getTimeout() * 1000 < Date.now()) {
+                this.reset();
+                yield Promise.resolve(this.onTimeout && this.onTimeout());
+            }
+        });
+    }
+    keepalivePost() {
+        return __awaiter(this, void 0, void 0, function* () {
+            // currentAuthenticatedUser() refreshes the access token if required.
+            const cognitoUser = yield this.auth.currentAuthenticatedUser();
+            const keepaliveResult = yield this.http
+                .post(`${this.config.authUrl}auth/keepalive/`, null, {
+                withCredentials: true,
+                headers: {
+                    Authorization: `Bearer ${cognitoUser
+                        .getSignInUserSession()
+                        .getAccessToken()
+                        .getJwtToken()}`,
+                },
+            })
+                .toPromise();
+            return {
+                keepaliveResult,
+                expiresAfterSeconds: this.idle.getIdle() +
+                    this.idle.getTimeout() +
+                    this.keepalive.interval(),
+            };
+        });
+    }
+    persistMasterKey(masterKey) {
+        return __awaiter(this, void 0, void 0, function* () {
+            // The keepalive API call extends the server-side session, the session cookie expiry, refresh key cookie
+            // expiry, and returns the session expiry.
+            // NOTE Use time delta rather than absolute time, since client clock and server clock maybe
+            // out of sync. We can't use the serverTime() functionality because the cookie expiry still
+            // run on local clock.
+            const { expiresAfterSeconds } = yield this.keepalivePost();
+            // Persist the derived passKey
+            yield this.keyService.persistMasterKey(masterKey, expiresAfterSeconds);
+            console.log('setMasterKey() done');
+        });
+    }
+    onPing() {
+        return __awaiter(this, void 0, void 0, function* () {
+            console.log(`Keep alive triggered at time: ${Date.now()}. Interval set at: ${this.keepalive.interval()} seconds`);
+            // Keepalive API will extend the session expiry.
+            const { expiresAfterSeconds } = yield this.keepalivePost();
+            // Extend the expiry of the persisted key
+            yield this.keyService.setMasterKeyExpiresAfterSeconds(expiresAfterSeconds);
+            yield Promise.resolve(this.onKeepalive && this.onKeepalive());
+        });
+    }
+    start() {
+        return __awaiter(this, void 0, void 0, function* () {
+            if (!this.initCalled) {
+                yield this.init();
+            }
+            if (this.idle.isRunning()) {
+                return;
+            }
+            // Ping does not seem to happen right at the start. So we call it explicitly
+            yield this.onPing();
+            this.idle.watch();
+        });
+    }
+    stop() {
+        this.idle.stop();
+        this.reset();
+    }
+    reset() {
+        localStorage.removeItem(this.IDLE_EXPIRY_KEY);
+        localStorage.removeItem(this.IDLING_KEY);
+    }
+}
+IdleService.ɵprov = i0.ɵɵdefineInjectable({ factory: function IdleService_Factory() { return new IdleService(i0.ɵɵinject(i1.LR_CONFIG), i0.ɵɵinject(i2.HttpClient), i0.ɵɵinject(i3.Idle), i0.ɵɵinject(i4.Keepalive), i0.ɵɵinject(i5.KeyService), i0.ɵɵinject(i6.AuthClass)); }, token: IdleService, providedIn: "root" });
+IdleService.decorators = [
+    { type: Injectable, args: [{
+                providedIn: 'root',
+            },] }
+];
+IdleService.ctorParameters = () => [
+    { type: undefined, decorators: [{ type: Inject, args: [LR_CONFIG,] }] },
+    { type: HttpClient },
+    { type: Idle },
+    { type: Keepalive },
+    { type: KeyService },
+    { type: AuthClass }
+];
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaWRsZS5zZXJ2aWNlLmpzIiwic291cmNlUm9vdCI6IkM6L1Byb2plY3RzL3Rlc3QvcHJvamVjdHMvY29yZS9zcmMvIiwic291cmNlcyI6WyJsaWIvYXV0aC9pZGxlLnNlcnZpY2UudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IjtBQUFBLE9BQU8sRUFBRSxNQUFNLEVBQUUsVUFBVSxFQUFFLE1BQU0sZUFBZSxDQUFDO0FBQ25ELE9BQU8sRUFBRSxJQUFJLEVBQUUsd0JBQXdCLEVBQUUsTUFBTSxlQUFlLENBQUM7QUFDL0QsT0FBTyxFQUFFLFNBQVMsRUFBRSxNQUFNLG9CQUFvQixDQUFDO0FBQy9DLE9BQU8sRUFBRSxVQUFVLEVBQUUsTUFBTSw2QkFBNkIsQ0FBQztBQUN6RCxPQUFPLEVBQ0wsc0JBQXNCLEVBQ3RCLG1CQUFtQixHQUNwQixNQUFNLHVCQUF1QixDQUFDO0FBQy9CLE9BQU8sRUFBbUIsU0FBUyxFQUFFLE1BQU0sc0JBQXNCLENBQUM7QUFDbEUsT0FBTyxFQUFFLFVBQVUsRUFBRSxNQUFNLHNCQUFzQixDQUFDO0FBQ2xELE9BQU8sRUFBRSxNQUFNLEVBQW1CLE1BQU0sY0FBYyxDQUFDO0FBR3ZELE9BQU8sRUFBRSxTQUFTLEVBQUUsTUFBTSxnQ0FBZ0MsQ0FBQzs7Ozs7Ozs7QUFjM0QsTUFBTSxPQUFPLFdBQVc7SUFRdEIsWUFDNkIsTUFBdUIsRUFDMUMsSUFBZ0IsRUFDaEIsSUFBVSxFQUNWLFNBQW9CLEVBQ3BCLFVBQXNCLEVBQ3RCLElBQWU7UUFMSSxXQUFNLEdBQU4sTUFBTSxDQUFpQjtRQUMxQyxTQUFJLEdBQUosSUFBSSxDQUFZO1FBQ2hCLFNBQUksR0FBSixJQUFJLENBQU07UUFDVixjQUFTLEdBQVQsU0FBUyxDQUFXO1FBQ3BCLGVBQVUsR0FBVixVQUFVLENBQVk7UUFDdEIsU0FBSSxHQUFKLElBQUksQ0FBVztRQWJSLG9CQUFlLEdBQUcscUJBQXFCLENBQUM7UUFDeEMsZUFBVSxHQUFHLHFCQUFxQixDQUFDO1FBRTVDLGVBQVUsR0FBRyxLQUFLLENBQUM7SUFXeEIsQ0FBQztJQUVJLFVBQVU7UUFDaEIsSUFBSSxDQUFDLElBQUksQ0FBQyxVQUFVLEVBQUU7WUFDcEIsTUFBTSxJQUFJLG1CQUFtQixDQUFDLGdDQUFnQyxDQUFDLENBQUM7U0FDakU7SUFDSCxDQUFDO0lBRVksSUFBSSxDQUFDLE1BQXdCOztZQUN4QyxJQUFJLElBQUksQ0FBQyxVQUFVLEVBQUU7Z0JBQ25CLE1BQU0sSUFBSSxtQkFBbUIsQ0FDM0IscUlBQXFJLENBQ3RJLENBQUM7YUFDSDtZQUVELElBQUksQ0FBQyxVQUFVLEdBQUcsSUFBSSxDQUFDO1lBRXZCLFdBQVc7WUFDWCxNQUFNLG1CQUNKLFNBQVMsRUFBRSxJQUFJLEVBQ2YsV0FBVyxFQUFFLElBQUksRUFDakIsT0FBTyxFQUFFLE1BQU0sQ0FBQyxJQUFJLEVBQ3BCLFVBQVUsRUFBRSxNQUFNLENBQUMsT0FBTyxFQUMxQixvQkFBb0IsRUFBRSxNQUFNLENBQUMsbUJBQW1CLElBQzdDLE1BQU0sQ0FDVixDQUFDO1lBRUYsb0VBQW9FO1lBQ3BFLElBQUksTUFBTSxDQUFDLFVBQVUsR0FBRyxJQUFJLEVBQUU7Z0JBQzVCLE1BQU0sSUFBSSxzQkFBc0IsQ0FDOUIsNERBQTRELENBQzdELENBQUM7YUFDSDtZQUVELElBQUksQ0FBQyxTQUFTLEdBQUcsTUFBTSxDQUFDLFNBQVMsQ0FBQztZQUNsQyxJQUFJLENBQUMsV0FBVyxHQUFHLE1BQU0sQ0FBQyxXQUFXLENBQUM7WUFFdEMsMkVBQTJFO1lBQzNFLGFBQWE7WUFDYiwyRUFBMkU7WUFDM0UsMkRBQTJEO1lBQzNELElBQUksQ0FBQyxJQUFJLENBQUMsT0FBTyxDQUFDLE1BQU0sQ0FBQyxPQUFPLENBQUMsQ0FBQztZQUNsQyw2R0FBNkc7WUFDN0csSUFBSSxDQUFDLElBQUksQ0FBQyxVQUFVLENBQUMsTUFBTSxDQUFDLFVBQVUsQ0FBQyxDQUFDO1lBQ3hDLGtHQUFrRztZQUNsRyxJQUFJLENBQUMsSUFBSSxDQUFDLGFBQWEsQ0FBQyx3QkFBd0IsQ0FBQyxDQUFDO1lBRWxELElBQUksQ0FBQyxJQUFJLENBQUMsU0FBUyxDQUFDLFNBQVMsQ0FBQyxHQUFHLEVBQUUsQ0FBQyxPQUFPLENBQUMsR0FBRyxDQUFDLGNBQWMsQ0FBQyxDQUFDLENBQUM7WUFDakUsSUFBSSxDQUFDLElBQUksQ0FBQyxXQUFXLENBQUMsU0FBUyxDQUFDLEdBQUcsRUFBRSxDQUFDLE9BQU8sQ0FBQyxHQUFHLENBQUMsY0FBYyxDQUFDLENBQUMsQ0FBQztZQUVuRSxJQUFJLENBQUMsSUFBSSxDQUFDLFNBQVMsQ0FBQyxTQUFTLENBQUMsR0FBUyxFQUFFO2dCQUN2QyxPQUFPLENBQUMsR0FBRyxDQUFDLGdCQUFnQixDQUFDLENBQUM7Z0JBQzlCLElBQUksQ0FBQyxLQUFLLEVBQUUsQ0FBQztnQkFDYixNQUFNLE9BQU8sQ0FBQyxPQUFPLENBQUMsSUFBSSxDQUFDLFNBQVMsSUFBSSxJQUFJLENBQUMsU0FBUyxFQUFFLENBQUMsQ0FBQztZQUM1RCxDQUFDLENBQUEsQ0FBQyxDQUFDO1lBQ0gsSUFBSSxDQUFDLElBQUksQ0FBQyxnQkFBZ0IsQ0FBQyxTQUFTLENBQUMsQ0FBQyxTQUFjLEVBQUUsRUFBRSxDQUN0RCxPQUFPLENBQUMsR0FBRyxDQUFDLG1CQUFtQixTQUFTLFdBQVcsQ0FBQyxDQUNyRCxDQUFDO1lBRUYsMkVBQTJFO1lBQzNFLGtCQUFrQjtZQUNsQiwyRUFBMkU7WUFDM0UscURBQXFEO1lBQ3JELDJGQUEyRjtZQUMzRiwrRkFBK0Y7WUFDL0YsNENBQTRDO1lBQzVDLElBQUksQ0FBQyxTQUFTLENBQUMsUUFBUSxDQUFDLE1BQU0sQ0FBQyxvQkFBb0IsQ0FBQyxDQUFDO1lBQ3JELE9BQU8sQ0FBQyxHQUFHLENBQ1QsK0JBQStCLE1BQU0sQ0FBQyxtQkFBbUIsVUFBVSxDQUNwRSxDQUFDO1lBRUYsSUFBSSxDQUFDLFNBQVMsQ0FBQyxNQUFNLENBQUMsU0FBUyxDQUFDLEdBQUcsRUFBRSxDQUFDLElBQUksQ0FBQyxNQUFNLEVBQUUsQ0FBQyxDQUFDO1lBRXJELDhFQUE4RTtZQUM5RSxzREFBc0Q7WUFDdEQsTUFBTSxVQUFVLEdBQUcsWUFBWSxDQUFDLE9BQU8sQ0FBQyxJQUFJLENBQUMsZUFBZSxDQUFDLENBQUM7WUFDOUQsSUFDRSxVQUFVO2dCQUNWLFFBQVEsQ0FBQyxVQUFVLEVBQUUsRUFBRSxDQUFDLEdBQUcsSUFBSSxDQUFDLElBQUksQ0FBQyxVQUFVLEVBQUUsR0FBRyxJQUFJLEdBQUcsSUFBSSxDQUFDLEdBQUcsRUFBRSxFQUNyRTtnQkFDQSxJQUFJLENBQUMsS0FBSyxFQUFFLENBQUM7Z0JBQ2IsTUFBTSxPQUFPLENBQUMsT0FBTyxDQUFDLElBQUksQ0FBQyxTQUFTLElBQUksSUFBSSxDQUFDLFNBQVMsRUFBRSxDQUFDLENBQUM7YUFDM0Q7UUFDSCxDQUFDO0tBQUE7SUFFWSxhQUFhOztZQUl4QixxRUFBcUU7WUFDckUsTUFBTSxXQUFXLEdBQWdCLE1BQU0sSUFBSSxDQUFDLElBQUksQ0FBQyx3QkFBd0IsRUFBRSxDQUFDO1lBRTVFLE1BQU0sZUFBZSxHQUFHLE1BQU0sSUFBSSxDQUFDLElBQUk7aUJBQ3BDLElBQUksQ0FBa0IsR0FBRyxJQUFJLENBQUMsTUFBTSxDQUFDLE9BQU8saUJBQWlCLEVBQUUsSUFBSSxFQUFFO2dCQUNwRSxlQUFlLEVBQUUsSUFBSTtnQkFDckIsT0FBTyxFQUFFO29CQUNQLGFBQWEsRUFBRSxVQUFVLFdBQVc7eUJBQ2pDLG9CQUFvQixFQUFFO3lCQUN0QixjQUFjLEVBQUU7eUJBQ2hCLFdBQVcsRUFBRSxFQUFFO2lCQUNuQjthQUNGLENBQUM7aUJBQ0QsU0FBUyxFQUFFLENBQUM7WUFFZixPQUFPO2dCQUNMLGVBQWU7Z0JBQ2YsbUJBQW1CLEVBQ2pCLElBQUksQ0FBQyxJQUFJLENBQUMsT0FBTyxFQUFFO29CQUNuQixJQUFJLENBQUMsSUFBSSxDQUFDLFVBQVUsRUFBRTtvQkFDdEIsSUFBSSxDQUFDLFNBQVMsQ0FBQyxRQUFRLEVBQUU7YUFDNUIsQ0FBQztRQUNKLENBQUM7S0FBQTtJQUVZLGdCQUFnQixDQUFDLFNBQWM7O1lBQzFDLHdHQUF3RztZQUN4RywwQ0FBMEM7WUFDMUMsMkZBQTJGO1lBQzNGLDJGQUEyRjtZQUMzRixzQkFBc0I7WUFDdEIsTUFBTSxFQUFFLG1CQUFtQixFQUFFLEdBQUcsTUFBTSxJQUFJLENBQUMsYUFBYSxFQUFFLENBQUM7WUFFM0QsOEJBQThCO1lBQzlCLE1BQU0sSUFBSSxDQUFDLFVBQVUsQ0FBQyxnQkFBZ0IsQ0FBQyxTQUFTLEVBQUUsbUJBQW1CLENBQUMsQ0FBQztZQUV2RSxPQUFPLENBQUMsR0FBRyxDQUFDLHFCQUFxQixDQUFDLENBQUM7UUFDckMsQ0FBQztLQUFBO0lBRWEsTUFBTTs7WUFDbEIsT0FBTyxDQUFDLEdBQUcsQ0FDVCxpQ0FBaUMsSUFBSSxDQUFDLEdBQUcsRUFBRSxzQkFBc0IsSUFBSSxDQUFDLFNBQVMsQ0FBQyxRQUFRLEVBQUUsVUFBVSxDQUNyRyxDQUFDO1lBRUYsZ0RBQWdEO1lBQ2hELE1BQU0sRUFBRSxtQkFBbUIsRUFBRSxHQUFHLE1BQU0sSUFBSSxDQUFDLGFBQWEsRUFBRSxDQUFDO1lBRTNELHlDQUF5QztZQUN6QyxNQUFNLElBQUksQ0FBQyxVQUFVLENBQUMsK0JBQStCLENBQUMsbUJBQW1CLENBQUMsQ0FBQztZQUUzRSxNQUFNLE9BQU8sQ0FBQyxPQUFPLENBQUMsSUFBSSxDQUFDLFdBQVcsSUFBSSxJQUFJLENBQUMsV0FBVyxFQUFFLENBQUMsQ0FBQztRQUNoRSxDQUFDO0tBQUE7SUFFWSxLQUFLOztZQUNoQixJQUFJLENBQUMsSUFBSSxDQUFDLFVBQVUsRUFBRTtnQkFDcEIsTUFBTSxJQUFJLENBQUMsSUFBSSxFQUFFLENBQUM7YUFDbkI7WUFFRCxJQUFJLElBQUksQ0FBQyxJQUFJLENBQUMsU0FBUyxFQUFFLEVBQUU7Z0JBQ3pCLE9BQU87YUFDUjtZQUVELDRFQUE0RTtZQUM1RSxNQUFNLElBQUksQ0FBQyxNQUFNLEVBQUUsQ0FBQztZQUVwQixJQUFJLENBQUMsSUFBSSxDQUFDLEtBQUssRUFBRSxDQUFDO1FBQ3BCLENBQUM7S0FBQTtJQUVNLElBQUk7UUFDVCxJQUFJLENBQUMsSUFBSSxDQUFDLElBQUksRUFBRSxDQUFDO1FBQ2pCLElBQUksQ0FBQyxLQUFLLEVBQUUsQ0FBQztJQUNmLENBQUM7SUFFTyxLQUFLO1FBQ1gsWUFBWSxDQUFDLFVBQVUsQ0FBQyxJQUFJLENBQUMsZUFBZSxDQUFDLENBQUM7UUFDOUMsWUFBWSxDQUFDLFVBQVUsQ0FBQyxJQUFJLENBQUMsVUFBVSxDQUFDLENBQUM7SUFDM0MsQ0FBQzs7OztZQXRMRixVQUFVLFNBQUM7Z0JBQ1YsVUFBVSxFQUFFLE1BQU07YUFDbkI7Ozs0Q0FVSSxNQUFNLFNBQUMsU0FBUztZQTNCWixVQUFVO1lBUlYsSUFBSTtZQUNKLFNBQVM7WUFDVCxVQUFVO1lBVVYsU0FBUyIsInNvdXJjZXNDb250ZW50IjpbImltcG9ydCB7IEluamVjdCwgSW5qZWN0YWJsZSB9IGZyb20gJ0Bhbmd1bGFyL2NvcmUnO1xyXG5pbXBvcnQgeyBJZGxlLCBERUZBVUxUX0lOVEVSUlVQVFNPVVJDRVMgfSBmcm9tICdAbmctaWRsZS9jb3JlJztcclxuaW1wb3J0IHsgS2VlcGFsaXZlIH0gZnJvbSAnQG5nLWlkbGUva2VlcGFsaXZlJztcclxuaW1wb3J0IHsgS2V5U2VydmljZSB9IGZyb20gJy4uL2NyeXB0b2dyYXBoeS9rZXkuc2VydmljZSc7XHJcbmltcG9ydCB7XHJcbiAgTHJCYWRBcmd1bWVudEV4Y2VwdGlvbixcclxuICBMckJhZFN0YXRlRXhjZXB0aW9uLFxyXG59IGZyb20gJy4uL19jb21tb24vZXhjZXB0aW9ucyc7XHJcbmltcG9ydCB7IExpZmVSZWFkeUNvbmZpZywgTFJfQ09ORklHIH0gZnJvbSAnLi4vbGlmZS1yZWFkeS5jb25maWcnO1xyXG5pbXBvcnQgeyBIdHRwQ2xpZW50IH0gZnJvbSAnQGFuZ3VsYXIvY29tbW9uL2h0dHAnO1xyXG5pbXBvcnQgeyBDb25maWcsIEtlZXBhbGl2ZVJlc3VsdCB9IGZyb20gJy4vaWRsZS50eXBlcyc7XHJcbmltcG9ydCB7IEtleSB9IGZyb20gJy4uL2NyeXB0b2dyYXBoeS9jcnlwdG9ncmFwaHkudHlwZXMnO1xyXG5pbXBvcnQgeyBDb2duaXRvVXNlciB9IGZyb20gJ0Bhd3MtYW1wbGlmeS9hdXRoJztcclxuaW1wb3J0IHsgQXV0aENsYXNzIH0gZnJvbSAnQGF3cy1hbXBsaWZ5L2F1dGgvbGliLWVzbS9BdXRoJztcclxuXHJcbmV4cG9ydCBpbnRlcmZhY2UgSWRsZVNlcnZpY2VJbml0IHtcclxuICAvLyBUT0RPOiB0aGlzIHNob3VsZCBiZSBFdmVudEVtaXR0ZXIgaW5zdGVhZCBvZiBhIGNhbGxiYWNrLlxyXG4gIG9uVGltZW91dD86ICgoKSA9PiBhbnkpIHwgKCgpID0+IFByb21pc2U8YW55PikgfCBudWxsO1xyXG4gIG9uS2VlcGFsaXZlPzogKCgpID0+IGFueSkgfCAoKCkgPT4gUHJvbWlzZTxhbnk+KSB8IG51bGw7XHJcbiAgaWRsZVNlYz86IG51bWJlcjtcclxuICB0aW1lb3V0U2VjPzogbnVtYmVyO1xyXG4gIGtlZXBBbGl2ZUludGVydmFsU2VjPzogbnVtYmVyO1xyXG59XHJcblxyXG5ASW5qZWN0YWJsZSh7XHJcbiAgcHJvdmlkZWRJbjogJ3Jvb3QnLFxyXG59KVxyXG5leHBvcnQgY2xhc3MgSWRsZVNlcnZpY2Uge1xyXG4gIHByaXZhdGUgcmVhZG9ubHkgSURMRV9FWFBJUllfS0VZID0gJ25nMklkbGUubWFpbi5leHBpcnknO1xyXG4gIHByaXZhdGUgcmVhZG9ubHkgSURMSU5HX0tFWSA9ICduZzJJZGxlLm1haW4uaWRsaW5nJztcclxuXHJcbiAgcHJpdmF0ZSBpbml0Q2FsbGVkID0gZmFsc2U7XHJcbiAgcHJpdmF0ZSBvblRpbWVvdXQ6ICgoKSA9PiBhbnkpIHwgKCgpID0+IFByb21pc2U8YW55PikgfCBudWxsO1xyXG4gIHByaXZhdGUgb25LZWVwYWxpdmU6ICgoKSA9PiBhbnkpIHwgKCgpID0+IFByb21pc2U8YW55PikgfCBudWxsO1xyXG5cclxuICBjb25zdHJ1Y3RvcihcclxuICAgIEBJbmplY3QoTFJfQ09ORklHKSBwcml2YXRlIGNvbmZpZzogTGlmZVJlYWR5Q29uZmlnLFxyXG4gICAgcHJpdmF0ZSBodHRwOiBIdHRwQ2xpZW50LFxyXG4gICAgcHJpdmF0ZSBpZGxlOiBJZGxlLFxyXG4gICAgcHJpdmF0ZSBrZWVwYWxpdmU6IEtlZXBhbGl2ZSxcclxuICAgIHByaXZhdGUga2V5U2VydmljZTogS2V5U2VydmljZSxcclxuICAgIHByaXZhdGUgYXV0aDogQXV0aENsYXNzXHJcbiAgKSB7fVxyXG5cclxuICBwcml2YXRlIGFzc2VydEluaXQoKTogdm9pZCB7XHJcbiAgICBpZiAoIXRoaXMuaW5pdENhbGxlZCkge1xyXG4gICAgICB0aHJvdyBuZXcgTHJCYWRTdGF0ZUV4Y2VwdGlvbignQ2FsbCBJZGxlU2VydmljZS5pbml0KCkgZmlyc3QuJyk7XHJcbiAgICB9XHJcbiAgfVxyXG5cclxuICBwdWJsaWMgYXN5bmMgaW5pdChwYXJhbXM/OiBJZGxlU2VydmljZUluaXQpOiBQcm9taXNlPHZvaWQ+IHtcclxuICAgIGlmICh0aGlzLmluaXRDYWxsZWQpIHtcclxuICAgICAgdGhyb3cgbmV3IExyQmFkU3RhdGVFeGNlcHRpb24oXHJcbiAgICAgICAgJ0lkbGVTZXJ2aWNlLmluaXQoKSBjYW4gb25seSBiZSBjYWxsZWQgb25jZS4gSWRsZVNlcnZpY2Uuc3RhcnQoKSBjYWxscyBpbml0KCkgd2l0aCBkZWZhdWx0IHZhbHVlcyBpZiBpbml0KCkgaGFzIG5vdCBiZWVuIGNhbGxlZCB5ZXQuJ1xyXG4gICAgICApO1xyXG4gICAgfVxyXG5cclxuICAgIHRoaXMuaW5pdENhbGxlZCA9IHRydWU7XHJcblxyXG4gICAgLy8gRGVmYXVsdHNcclxuICAgIHBhcmFtcyA9IHtcclxuICAgICAgb25UaW1lb3V0OiBudWxsLFxyXG4gICAgICBvbktlZXBhbGl2ZTogbnVsbCxcclxuICAgICAgaWRsZVNlYzogQ29uZmlnLklETEUsXHJcbiAgICAgIHRpbWVvdXRTZWM6IENvbmZpZy5USU1FT1VULFxyXG4gICAgICBrZWVwQWxpdmVJbnRlcnZhbFNlYzogQ29uZmlnLktFRVBfQUxJVkVfSU5URVJWQUwsXHJcbiAgICAgIC4uLnBhcmFtcyxcclxuICAgIH07XHJcblxyXG4gICAgLy8gSWYgdGltZW91dFNlYyA9PSAwIHRoZW4gdGhlIG9uVGltZW91dCgpIGNhbGxiYWNrIGlzIG5ldmVyIGNhbGxlZC5cclxuICAgIGlmIChwYXJhbXMudGltZW91dFNlYyA8IDAuMDEpIHtcclxuICAgICAgdGhyb3cgbmV3IExyQmFkQXJndW1lbnRFeGNlcHRpb24oXHJcbiAgICAgICAgJ01pbmltdW0gdmFsdWUgZm9yIElkbGVTZXJ2aWNlLmluaXQoeyB0aW1lb3V0U2VjIH0pIGlzIDAuMDEnXHJcbiAgICAgICk7XHJcbiAgICB9XHJcblxyXG4gICAgdGhpcy5vblRpbWVvdXQgPSBwYXJhbXMub25UaW1lb3V0O1xyXG4gICAgdGhpcy5vbktlZXBhbGl2ZSA9IHBhcmFtcy5vbktlZXBhbGl2ZTtcclxuXHJcbiAgICAvLyAtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS1cclxuICAgIC8vIFNldHVwIElkbGVcclxuICAgIC8vIC0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLVxyXG4gICAgLy8gc2V0cyBhbiBpZGxlIHRpbWVvdXQgb2YgNSBzZWNvbmRzLCBmb3IgdGVzdGluZyBwdXJwb3Nlcy5cclxuICAgIHRoaXMuaWRsZS5zZXRJZGxlKHBhcmFtcy5pZGxlU2VjKTtcclxuICAgIC8vIHNldHMgYSB0aW1lb3V0IHBlcmlvZCBvZiA1IHNlY29uZHMuIGFmdGVyIDEwIHNlY29uZHMgb2YgaW5hY3Rpdml0eSwgdGhlIHVzZXIgd2lsbCBiZSBjb25zaWRlcmVkIHRpbWVkIG91dC5cclxuICAgIHRoaXMuaWRsZS5zZXRUaW1lb3V0KHBhcmFtcy50aW1lb3V0U2VjKTtcclxuICAgIC8vIHNldHMgdGhlIGRlZmF1bHQgaW50ZXJydXB0cywgaW4gdGhpcyBjYXNlLCB0aGluZ3MgbGlrZSBjbGlja3MsIHNjcm9sbHMsIHRvdWNoZXMgdG8gdGhlIGRvY3VtZW50XHJcbiAgICB0aGlzLmlkbGUuc2V0SW50ZXJydXB0cyhERUZBVUxUX0lOVEVSUlVQVFNPVVJDRVMpO1xyXG5cclxuICAgIHRoaXMuaWRsZS5vbklkbGVFbmQuc3Vic2NyaWJlKCgpID0+IGNvbnNvbGUubG9nKCdJZGxlIHN0b3BwZWQnKSk7XHJcbiAgICB0aGlzLmlkbGUub25JZGxlU3RhcnQuc3Vic2NyaWJlKCgpID0+IGNvbnNvbGUubG9nKCdJZGxlIHN0YXJ0ZWQnKSk7XHJcblxyXG4gICAgdGhpcy5pZGxlLm9uVGltZW91dC5zdWJzY3JpYmUoYXN5bmMgKCkgPT4ge1xyXG4gICAgICBjb25zb2xlLmxvZygnSWRsZSB0aW1lZCBvdXQnKTtcclxuICAgICAgdGhpcy5yZXNldCgpO1xyXG4gICAgICBhd2FpdCBQcm9taXNlLnJlc29sdmUodGhpcy5vblRpbWVvdXQgJiYgdGhpcy5vblRpbWVvdXQoKSk7XHJcbiAgICB9KTtcclxuICAgIHRoaXMuaWRsZS5vblRpbWVvdXRXYXJuaW5nLnN1YnNjcmliZSgoY291bnRkb3duOiBhbnkpID0+XHJcbiAgICAgIGNvbnNvbGUubG9nKGBXaWxsIHRpbWVvdXQgaW4gJHtjb3VudGRvd259IHNlY29uZHMhYClcclxuICAgICk7XHJcblxyXG4gICAgLy8gLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tXHJcbiAgICAvLyBTZXR1cCBLZWVwYWxpdmVcclxuICAgIC8vIC0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLVxyXG4gICAgLy8gUmVmOiBodHRwczovL2dpdGh1Yi5jb20vbW9yaWJ2bmR2cy9uZzItaWRsZSNyZWFkbWVcclxuICAgIC8vIG5nLWlkbGUgd2lsbCBpbnN0cnVjdCBAbmctaWRsZS9rZWVwYWxpdmUgdG8gcGluZyB3aGlsZSB0aGUgdXNlciBpcyBhY3RpdmUsIGFuZCBzdG9wIG9uY2VcclxuICAgIC8vIHRoZXkgZ28gaWRsZSBvciB0aW1lIG91dC4gV2hlbiB0aGUgdXNlciByZXN1bWVzIGFjdGl2aXR5IG9yIHRoZSBpZGxlIHN0YXRlIGlzIHJlc2V0LCBpdCB3aWxsXHJcbiAgICAvLyBwaW5nIGltbWVkaWF0ZWx5IGFuZCB0aGVuIHJlc3VtZSBwaW5naW5nLlxyXG4gICAgdGhpcy5rZWVwYWxpdmUuaW50ZXJ2YWwocGFyYW1zLmtlZXBBbGl2ZUludGVydmFsU2VjKTtcclxuICAgIGNvbnNvbGUubG9nKFxyXG4gICAgICBgS2VlcCBhbGl2ZSBpbnRlcnZhbCBzZXQgYXQ6ICR7Q29uZmlnLktFRVBfQUxJVkVfSU5URVJWQUx9IHNlY29uZHNgXHJcbiAgICApO1xyXG5cclxuICAgIHRoaXMua2VlcGFsaXZlLm9uUGluZy5zdWJzY3JpYmUoKCkgPT4gdGhpcy5vblBpbmcoKSk7XHJcblxyXG4gICAgLy8gSWYgdGhlIGJyb3dzZXIgdGFiIGhhcyBiZWVuIGNsb3NlZCBmb3IgYSBwZXJpb2QgbG9uZ2VyIHRoYW50IHRoZSBpbmFjdGl2aXR5XHJcbiAgICAvLyBwZXJpb2QsIHRoZW4gd2Ugc2hvdWxkIGxvZ291dCByaWdodCBmcm9tIHRoZSBzdGFydC5cclxuICAgIGNvbnN0IGlkbGVFeHBpcnkgPSBsb2NhbFN0b3JhZ2UuZ2V0SXRlbSh0aGlzLklETEVfRVhQSVJZX0tFWSk7XHJcbiAgICBpZiAoXHJcbiAgICAgIGlkbGVFeHBpcnkgJiZcclxuICAgICAgcGFyc2VJbnQoaWRsZUV4cGlyeSwgMTApICsgdGhpcy5pZGxlLmdldFRpbWVvdXQoKSAqIDEwMDAgPCBEYXRlLm5vdygpXHJcbiAgICApIHtcclxuICAgICAgdGhpcy5yZXNldCgpO1xyXG4gICAgICBhd2FpdCBQcm9taXNlLnJlc29sdmUodGhpcy5vblRpbWVvdXQgJiYgdGhpcy5vblRpbWVvdXQoKSk7XHJcbiAgICB9XHJcbiAgfVxyXG5cclxuICBwdWJsaWMgYXN5bmMga2VlcGFsaXZlUG9zdCgpOiBQcm9taXNlPHtcclxuICAgIGV4cGlyZXNBZnRlclNlY29uZHM6IG51bWJlcjtcclxuICAgIGtlZXBhbGl2ZVJlc3VsdDogS2VlcGFsaXZlUmVzdWx0O1xyXG4gIH0+IHtcclxuICAgIC8vIGN1cnJlbnRBdXRoZW50aWNhdGVkVXNlcigpIHJlZnJlc2hlcyB0aGUgYWNjZXNzIHRva2VuIGlmIHJlcXVpcmVkLlxyXG4gICAgY29uc3QgY29nbml0b1VzZXI6IENvZ25pdG9Vc2VyID0gYXdhaXQgdGhpcy5hdXRoLmN1cnJlbnRBdXRoZW50aWNhdGVkVXNlcigpO1xyXG5cclxuICAgIGNvbnN0IGtlZXBhbGl2ZVJlc3VsdCA9IGF3YWl0IHRoaXMuaHR0cFxyXG4gICAgICAucG9zdDxLZWVwYWxpdmVSZXN1bHQ+KGAke3RoaXMuY29uZmlnLmF1dGhVcmx9YXV0aC9rZWVwYWxpdmUvYCwgbnVsbCwge1xyXG4gICAgICAgIHdpdGhDcmVkZW50aWFsczogdHJ1ZSwgLy8gL2F1dGgva2VlcGFsaXZlLyB3aWxsIGJlIGV4dGVuZGluZyB0aGUgc2Vzc2lvbnMgY29va2llLlxyXG4gICAgICAgIGhlYWRlcnM6IHtcclxuICAgICAgICAgIEF1dGhvcml6YXRpb246IGBCZWFyZXIgJHtjb2duaXRvVXNlclxyXG4gICAgICAgICAgICAuZ2V0U2lnbkluVXNlclNlc3Npb24oKVxyXG4gICAgICAgICAgICAuZ2V0QWNjZXNzVG9rZW4oKVxyXG4gICAgICAgICAgICAuZ2V0Snd0VG9rZW4oKX1gLFxyXG4gICAgICAgIH0sXHJcbiAgICAgIH0pXHJcbiAgICAgIC50b1Byb21pc2UoKTtcclxuXHJcbiAgICByZXR1cm4ge1xyXG4gICAgICBrZWVwYWxpdmVSZXN1bHQsXHJcbiAgICAgIGV4cGlyZXNBZnRlclNlY29uZHM6XHJcbiAgICAgICAgdGhpcy5pZGxlLmdldElkbGUoKSArXHJcbiAgICAgICAgdGhpcy5pZGxlLmdldFRpbWVvdXQoKSArXHJcbiAgICAgICAgdGhpcy5rZWVwYWxpdmUuaW50ZXJ2YWwoKSxcclxuICAgIH07XHJcbiAgfVxyXG5cclxuICBwdWJsaWMgYXN5bmMgcGVyc2lzdE1hc3RlcktleShtYXN0ZXJLZXk6IEtleSk6IFByb21pc2U8dm9pZD4ge1xyXG4gICAgLy8gVGhlIGtlZXBhbGl2ZSBBUEkgY2FsbCBleHRlbmRzIHRoZSBzZXJ2ZXItc2lkZSBzZXNzaW9uLCB0aGUgc2Vzc2lvbiBjb29raWUgZXhwaXJ5LCByZWZyZXNoIGtleSBjb29raWVcclxuICAgIC8vIGV4cGlyeSwgYW5kIHJldHVybnMgdGhlIHNlc3Npb24gZXhwaXJ5LlxyXG4gICAgLy8gTk9URSBVc2UgdGltZSBkZWx0YSByYXRoZXIgdGhhbiBhYnNvbHV0ZSB0aW1lLCBzaW5jZSBjbGllbnQgY2xvY2sgYW5kIHNlcnZlciBjbG9jayBtYXliZVxyXG4gICAgLy8gb3V0IG9mIHN5bmMuIFdlIGNhbid0IHVzZSB0aGUgc2VydmVyVGltZSgpIGZ1bmN0aW9uYWxpdHkgYmVjYXVzZSB0aGUgY29va2llIGV4cGlyeSBzdGlsbFxyXG4gICAgLy8gcnVuIG9uIGxvY2FsIGNsb2NrLlxyXG4gICAgY29uc3QgeyBleHBpcmVzQWZ0ZXJTZWNvbmRzIH0gPSBhd2FpdCB0aGlzLmtlZXBhbGl2ZVBvc3QoKTtcclxuXHJcbiAgICAvLyBQZXJzaXN0IHRoZSBkZXJpdmVkIHBhc3NLZXlcclxuICAgIGF3YWl0IHRoaXMua2V5U2VydmljZS5wZXJzaXN0TWFzdGVyS2V5KG1hc3RlcktleSwgZXhwaXJlc0FmdGVyU2Vjb25kcyk7XHJcblxyXG4gICAgY29uc29sZS5sb2coJ3NldE1hc3RlcktleSgpIGRvbmUnKTtcclxuICB9XHJcblxyXG4gIHByaXZhdGUgYXN5bmMgb25QaW5nKCk6IFByb21pc2U8dm9pZD4ge1xyXG4gICAgY29uc29sZS5sb2coXHJcbiAgICAgIGBLZWVwIGFsaXZlIHRyaWdnZXJlZCBhdCB0aW1lOiAke0RhdGUubm93KCl9LiBJbnRlcnZhbCBzZXQgYXQ6ICR7dGhpcy5rZWVwYWxpdmUuaW50ZXJ2YWwoKX0gc2Vjb25kc2BcclxuICAgICk7XHJcblxyXG4gICAgLy8gS2VlcGFsaXZlIEFQSSB3aWxsIGV4dGVuZCB0aGUgc2Vzc2lvbiBleHBpcnkuXHJcbiAgICBjb25zdCB7IGV4cGlyZXNBZnRlclNlY29uZHMgfSA9IGF3YWl0IHRoaXMua2VlcGFsaXZlUG9zdCgpO1xyXG5cclxuICAgIC8vIEV4dGVuZCB0aGUgZXhwaXJ5IG9mIHRoZSBwZXJzaXN0ZWQga2V5XHJcbiAgICBhd2FpdCB0aGlzLmtleVNlcnZpY2Uuc2V0TWFzdGVyS2V5RXhwaXJlc0FmdGVyU2Vjb25kcyhleHBpcmVzQWZ0ZXJTZWNvbmRzKTtcclxuXHJcbiAgICBhd2FpdCBQcm9taXNlLnJlc29sdmUodGhpcy5vbktlZXBhbGl2ZSAmJiB0aGlzLm9uS2VlcGFsaXZlKCkpO1xyXG4gIH1cclxuXHJcbiAgcHVibGljIGFzeW5jIHN0YXJ0KCk6IFByb21pc2U8dm9pZD4ge1xyXG4gICAgaWYgKCF0aGlzLmluaXRDYWxsZWQpIHtcclxuICAgICAgYXdhaXQgdGhpcy5pbml0KCk7XHJcbiAgICB9XHJcblxyXG4gICAgaWYgKHRoaXMuaWRsZS5pc1J1bm5pbmcoKSkge1xyXG4gICAgICByZXR1cm47XHJcbiAgICB9XHJcblxyXG4gICAgLy8gUGluZyBkb2VzIG5vdCBzZWVtIHRvIGhhcHBlbiByaWdodCBhdCB0aGUgc3RhcnQuIFNvIHdlIGNhbGwgaXQgZXhwbGljaXRseVxyXG4gICAgYXdhaXQgdGhpcy5vblBpbmcoKTtcclxuXHJcbiAgICB0aGlzLmlkbGUud2F0Y2goKTtcclxuICB9XHJcblxyXG4gIHB1YmxpYyBzdG9wKCk6IHZvaWQge1xyXG4gICAgdGhpcy5pZGxlLnN0b3AoKTtcclxuICAgIHRoaXMucmVzZXQoKTtcclxuICB9XHJcblxyXG4gIHByaXZhdGUgcmVzZXQoKSB7XHJcbiAgICBsb2NhbFN0b3JhZ2UucmVtb3ZlSXRlbSh0aGlzLklETEVfRVhQSVJZX0tFWSk7XHJcbiAgICBsb2NhbFN0b3JhZ2UucmVtb3ZlSXRlbSh0aGlzLklETElOR19LRVkpO1xyXG4gIH1cclxufVxyXG4iXX0=

package/esm2015/lib/auth/idle.types.js

@@ -0,0 +1,7 @@
+export var Config;
+(function (Config) {
+    Config[Config["TIMEOUT"] = 0.01] = "TIMEOUT";
+    Config[Config["IDLE"] = 1200] = "IDLE";
+    Config[Config["KEEP_ALIVE_INTERVAL"] = 60] = "KEEP_ALIVE_INTERVAL";
+})(Config || (Config = {}));
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaWRsZS50eXBlcy5qcyIsInNvdXJjZVJvb3QiOiJDOi9Qcm9qZWN0cy90ZXN0L3Byb2plY3RzL2NvcmUvc3JjLyIsInNvdXJjZXMiOlsibGliL2F1dGgvaWRsZS50eXBlcy50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFBQSxNQUFNLENBQU4sSUFBWSxNQUlYO0FBSkQsV0FBWSxNQUFNO0lBQ2hCLDRDQUFjLENBQUE7SUFDZCxzQ0FBYyxDQUFBO0lBQ2Qsa0VBQTRCLENBQUE7QUFDOUIsQ0FBQyxFQUpXLE1BQU0sS0FBTixNQUFNLFFBSWpCIiwic291cmNlc0NvbnRlbnQiOlsiZXhwb3J0IGVudW0gQ29uZmlnIHtcclxuICBUSU1FT1VUID0gMC4wMSwgLy8gc2Vjb25kcywgbWluIHZhbHVlIDAuMDEsIGFmdGVyIHN0YXRlIGlzIGlkbGUsIHdhaXQgZm9yIFRJTUVPVVQgc2Vjb25kcyBiZWZvcmUgdGFraW5nIGFjdGlvblxyXG4gIElETEUgPSA2MCAqIDIwLCAvLyBzZWNvbmRzLCBwZXJpb2Qgb2YgaW5hY3Rpdml0eSB0byBjb25zaWRlciBzdGF0ZSBhcyBpZGxlXHJcbiAgS0VFUF9BTElWRV9JTlRFUlZBTCA9IDYwICogMSwgLy8gc2Vjb25kcywgdHJpZ2dlcmVkIG9uIGEgcmVndWxhciBiYXNpcyB3aGlsZSBhY3RpdmUgKGkuZS4gd2hpbGUgbm90IGlkbGluZylcclxufVxyXG5cclxuZXhwb3J0IGludGVyZmFjZSBLZWVwYWxpdmVSZXN1bHQge1xyXG4gIHNlc3Npb246IHtcclxuICAgIGV4cGlyZXNfYWZ0ZXJfc2Vjb25kczogbnVtYmVyO1xyXG4gIH07XHJcbn1cclxuIl19

package/esm2015/lib/auth/lbop.service.js

@@ -0,0 +1,355 @@
+import { __awaiter } from "tslib";
+import { LrApolloService } from '../api/lr-apollo.service';
+import { HttpClient } from '@angular/common/http';
+import { Inject, Injectable } from '@angular/core';
+import { AuthClass } from '@aws-amplify/auth/lib-esm/Auth';
+import gql from 'graphql-tag';
+import { EncryptionService } from '../cryptography/encryption.service';
+import { KeyGraphService } from '../cryptography/key-graph.service';
+import { KeyService } from '../cryptography/key.service';
+import { LR_CONFIG } from '../life-ready.config';
+import { LrException, LrBadLogicException, } from '../_common/exceptions';
+import { LifeReadyAuthService } from './life-ready-auth.service';
+import { PasswordService } from './password.service';
+import { Slip39Helper } from 'slip39';
+import { KeyFactoryService as KFS } from '../cryptography/key-factory.service';
+import * as i0 from "@angular/core";
+import * as i1 from "../life-ready.config";
+import * as i2 from "@angular/common/http";
+import * as i3 from "../api/lr-apollo.service";
+import * as i4 from "@aws-amplify/auth/lib-esm/Auth";
+import * as i5 from "./life-ready-auth.service";
+import * as i6 from "../cryptography/key-factory.service";
+import * as i7 from "../cryptography/key.service";
+import * as i8 from "../cryptography/encryption.service";
+import * as i9 from "../cryptography/key-graph.service";
+import * as i10 from "./password.service";
+export const CreateLbopQuery = gql `
+  mutation CreateLbop($input: CreateLbopInput!) {
+    createLbop(input: $input) {
+      lbop {
+        id
+      }
+    }
+  }
+`;
+export const DeleteLbopQuery = gql `
+  mutation DeleteLbop($input: DeleteLbopInput!) {
+    deleteLbop(input: $input) {
+      id
+    }
+  }
+`;
+export const UpdateLbopQuery = gql `
+  mutation UpdateLbop($input: UpdateLbopInput!) {
+    updateLbop(input: $input) {
+      lbop {
+        id
+      }
+    }
+  }
+`;
+export const LbopQuery = gql `
+  query Lbop($id: LrRelayIdInput!) {
+    lbop(id: $id) {
+      id
+      cipherMeta
+    }
+  }
+`;
+export const LbopsQuery = gql `
+  query Lbops {
+    lbops {
+      edges {
+        node {
+          id
+          cipherMeta
+        }
+      }
+    }
+  }
+`;
+export class LbopService {
+    constructor(config, http, lrApollo, auth, authService, keyFactory, keyService, encryptionService, keyGraph, passwordService) {
+        this.config = config;
+        this.http = http;
+        this.lrApollo = lrApollo;
+        this.auth = auth;
+        this.authService = authService;
+        this.keyFactory = keyFactory;
+        this.keyService = keyService;
+        this.encryptionService = encryptionService;
+        this.keyGraph = keyGraph;
+        this.passwordService = passwordService;
+        this.CLIENT_NONCE_LENGTH = 32;
+        // There are 1024 words (10 bits), so 25 words should give ~256 bits of entropy.
+        this.LBOP_WORDS = 25;
+    }
+    getPartial(lbopString) {
+        return lbopString.split(' ')[0];
+    }
+    remove(id) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const res = yield this.lrApollo.mutate({
+                mutation: DeleteLbopQuery,
+                variables: {
+                    input: {
+                        id,
+                    },
+                },
+            });
+            return res.deleteLbop.id;
+        });
+    }
+    update({ id, name }) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const lbop = yield this.get(id);
+            lbop.name = name;
+            const masterKey = yield this.keyService.getCurrentMasterKey();
+            const cipherMeta = yield this.encryptionService.encrypt(masterKey.jwk, lbop);
+            const res = yield this.lrApollo.mutate({
+                mutation: UpdateLbopQuery,
+                variables: {
+                    input: {
+                        id,
+                        cipherMeta: JSON.stringify(cipherMeta),
+                    },
+                },
+            });
+            return res.updateLbop;
+        });
+    }
+    get(id) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const res = yield this.lrApollo.query({
+                query: LbopQuery,
+                variables: {
+                    id,
+                },
+            });
+            const masterKey = yield this.keyService.getCurrentMasterKey();
+            const plainCipherMeta = yield this.encryptionService.decrypt(masterKey.jwk, JSON.parse(res.lbop.cipherMeta));
+            return Object.assign({ id: res.id }, plainCipherMeta);
+        });
+    }
+    list() {
+        return __awaiter(this, void 0, void 0, function* () {
+            const res = yield this.lrApollo.query({
+                query: LbopsQuery,
+            });
+            const masterKey = yield this.keyService.getCurrentMasterKey();
+            return Promise.all(res.lbops.edges.map((edge) => __awaiter(this, void 0, void 0, function* () {
+                const plainCipherMeta = yield this.encryptionService.decrypt(masterKey.jwk, JSON.parse(edge.node.cipherMeta));
+                return Object.assign({ id: edge.node.id }, plainCipherMeta);
+            })));
+        });
+    }
+    create({ name }) {
+        return __awaiter(this, void 0, void 0, function* () {
+            if (Slip39Helper.WORD_LIST.length !== 1024) {
+                throw new LrBadLogicException('Slip39Helper.WORD_LIST.length != 1024');
+            }
+            // Get existing to make sure there are not duplicate first words
+            const lbops = yield this.list();
+            // Generate new one
+            let lbopString;
+            while (true) {
+                lbopString = this.keyFactory
+                    .randomChoices(Slip39Helper.WORD_LIST, this.LBOP_WORDS)
+                    .join(' ');
+                const partial = this.getPartial(lbopString);
+                if (!lbops.some((lbop) => lbop.partial === partial)) {
+                    break;
+                }
+            }
+            const lbopKeyParams = yield this.keyFactory.createLbopKeyParams();
+            const lbopKey = (yield this.keyFactory.deriveLbopKey(Object.assign({ password: lbopString }, lbopKeyParams))).jwk;
+            const lbopKeyVerifier = yield this.keyFactory.createSignKey();
+            const wrappedLbopKeyVerifier = yield this.encryptionService.encrypt(lbopKey, lbopKeyVerifier.toJSON(true));
+            // Re-encrypt master key with new key
+            const currentUser = yield this.authService.getUser();
+            const masterKey = yield this.keyGraph.getKey(currentUser.currentUserKey.masterKey.id);
+            const wrappedMasterKey = yield this.encryptionService.encrypt(lbopKey, masterKey.jwk.toJSON(true));
+            const meta = Object.assign(Object.assign({}, (name && { name })), { partial: this.getPartial(lbopString) });
+            const cipherMeta = yield this.encryptionService.encrypt(masterKey.jwk, meta);
+            const res = yield this.lrApollo.mutate({
+                mutation: CreateLbopQuery,
+                variables: {
+                    input: {
+                        cipherMeta: JSON.stringify(cipherMeta),
+                        lbopKeyParams: JSON.stringify(lbopKeyParams),
+                        lbopKeyVerifier: JSON.stringify(lbopKeyVerifier.toJSON(true)),
+                        wrappedLbopKeyVerifier: JSON.stringify(wrappedLbopKeyVerifier),
+                        masterKeyId: currentUser.currentUserKey.masterKey.id,
+                        wrappedMasterKey: JSON.stringify(wrappedMasterKey),
+                    },
+                },
+            });
+            return Object.assign(Object.assign({}, res.createLbop.lbop), { lbopString });
+        });
+    }
+    // --------------------------------------------------------------------------------------------------------------------
+    // --------------------------------------------------------------------------------------------------------------------
+    // Flow below are for password reset via LBOP
+    //
+    // --Potential Failure Point xxx--
+    //
+    // Look for the above and you can test by interrupting at these points.
+    //
+    // The LBOP reset process can be restarted at any point before the call to "set-password/". Once "set-password/" has been
+    // called, we assume the client has a short period of time to change the Idp password to the one they've chosen. The "set-password/"
+    // will set the Idp password to a temporary random password. The user can no longer login using their current password. If the Idp
+    // password change process does not complete or takes longer than the lockout period, the account will not be accessible and a new
+    // LBOP password reset must be carried out.
+    // --------------------------------------------------------------------------------------------------------------------
+    // --------------------------------------------------------------------------------------------------------------------
+    verifyLbops(challengeResult, lbopString) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const clientNonce = this.keyFactory.randomString(this.CLIENT_NONCE_LENGTH);
+            for (const lbop of challengeResult.lbops) {
+                const lbopKey = (yield this.keyFactory.deriveLbopKey(Object.assign({ password: lbopString }, lbop.lbopKeyParams))).jwk;
+                // If decoding successful then it's the correct lbop
+                try {
+                    const lbopKeyVerifier = (yield this.encryptionService.decrypt(lbopKey, lbop.wrappedLbopKeyVerifier));
+                    // Force a bad signature.
+                    // const serverNonce = challengeResult.challenge.serverNonce + "1",
+                    const serverNonce = challengeResult.challenge.serverNonce;
+                    const signedChallenge = yield this.encryptionService.sign(lbopKeyVerifier, {
+                        serverNonce,
+                        clientNonce,
+                    });
+                    return {
+                        lbop,
+                        signedChallenge,
+                        lbopKey,
+                    };
+                }
+                catch (error) {
+                    continue;
+                }
+            }
+            throw new LrException({
+                source: 'LBOP',
+                code: 'INVALID_PASSPHRASE',
+                message: 'Invalid passphrase.',
+            });
+        });
+    }
+    verifyContact(params) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const ret = this.http
+                .post(`${this.config.authUrl}users/lbop-reset/verify-contact/`, params)
+                .toPromise();
+            // --Potential Failure Point 1 --
+            // The contact verifications are throttled. But otherwise harmless.
+            return ret;
+        });
+    }
+    confirmContact(params) {
+        return __awaiter(this, void 0, void 0, function* () {
+            return this.http
+                .post(`${this.config.authUrl}cove/respond/`, {
+                claim_id: params.claimId,
+                v_code: params.vCode,
+            })
+                .toPromise();
+            // --Potential Failure Point 2 --
+            // A verified claim for a contact does not prevent new ones from being generated. So it should be fine to just start again.
+        });
+    }
+    verify(params) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const challengeResult = yield this.http
+                .post(`${this.config.authUrl}users/lbop-reset/get-challenge/`, {
+                claimId: params.claimId,
+                claimToken: params.claimToken,
+            })
+                .toPromise();
+            // --Potential Failure Point 3 --
+            // This does not lock anything. A second call to "get-challenge/" will create a new challenge amd invalidate the first one.
+            const { signedChallenge, lbop, lbopKey } = yield this.verifyLbops(challengeResult, params.lbop);
+            const res = yield this.http
+                .post(`${this.config.authUrl}users/lbop-reset/verify-challenge/`, {
+                lbopId: lbop.lbopId,
+                signedChallenge,
+            })
+                .toPromise();
+            // --Potential Failure Point 4 --
+            // This does not lock anything. So ok to restart.
+            return {
+                lbopId: lbop.lbopId,
+                verifiedToken: res.verifiedToken,
+                masterKeyId: res.masterKeyId,
+                masterKey: yield KFS.asKey(yield this.encryptionService.decrypt(lbopKey, res.wrappedMasterKey)),
+            };
+        });
+    }
+    setPassword(params) {
+        return __awaiter(this, void 0, void 0, function* () {
+            // Generate the new password derived keys
+            const passKeyBundle = yield this.passwordService.createPassKeyBundle(params.newPassword);
+            // Re-encrypt master key with new key
+            const newWrappedMasterKey = yield this.encryptionService.encrypt(passKeyBundle.passKey, params.masterKey.toJSON(true));
+            const result = yield this.http
+                .post(`${this.config.authUrl}users/lbop-reset/set-password/`, {
+                lbopId: params.lbopId,
+                verifiedToken: params.verifiedToken,
+                masterKeyId: params.masterKeyId,
+                newWrappedMasterKey,
+                newPassKey: {
+                    passKeyParams: passKeyBundle.passKeyParams,
+                    passIdpParams: passKeyBundle.passIdpParams,
+                    passIdpVerifierPbk: passKeyBundle.passIdpVerifier.toJSON(),
+                    wrappedPassIdpVerifierPrk: passKeyBundle.wrappedPassIdpVerifierPrk,
+                },
+            })
+                .toPromise();
+            // --Potential Failure Point 5 --
+            // A timed mutex is locked. The Idp password change must occur within a period of time.
+            // If interrupted here, the user can not login with their old password again. They must
+            // start the whole LBOP password reset process again.
+            // This call will go through the LR proxy which is OK since the LR server knows
+            // the temporary password anyway.
+            let user = yield this.auth.signIn(result.username, result.idpPassword, {
+                noProxy: 'true',
+            });
+            if (user.challengeName !== 'NEW_PASSWORD_REQUIRED') {
+                throw new LrException({
+                    message: 'Internal error. Expecting Cognito to have done a password reset.',
+                });
+            }
+            // --Potential Failure Point 6 --
+            // Must restart the LBOP password reset process again.
+            // Set new password on Idp
+            user = yield this.auth.completeNewPassword(user, this.passwordService.getPassIdpString(passKeyBundle.passIdp), {});
+            // --Potential Failure Point 7 --
+            // Must restart the LBOP password reset process again.
+            yield this.auth.signOut();
+            return yield this.http
+                .post(`${this.config.authUrl}users/lbop-reset/complete/`, {
+                lbopId: params.lbopId,
+                setPasswordToken: result.setPasswordToken,
+            })
+                .toPromise();
+        });
+    }
+}
+LbopService.ɵprov = i0.ɵɵdefineInjectable({ factory: function LbopService_Factory() { return new LbopService(i0.ɵɵinject(i1.LR_CONFIG), i0.ɵɵinject(i2.HttpClient), i0.ɵɵinject(i3.LrApolloService), i0.ɵɵinject(i4.AuthClass), i0.ɵɵinject(i5.LifeReadyAuthService), i0.ɵɵinject(i6.KeyFactoryService), i0.ɵɵinject(i7.KeyService), i0.ɵɵinject(i8.EncryptionService), i0.ɵɵinject(i9.KeyGraphService), i0.ɵɵinject(i10.PasswordService)); }, token: LbopService, providedIn: "root" });
+LbopService.decorators = [
+    { type: Injectable, args: [{
+                providedIn: 'root',
+            },] }
+];
+LbopService.ctorParameters = () => [
+    { type: undefined, decorators: [{ type: Inject, args: [LR_CONFIG,] }] },
+    { type: HttpClient },
+    { type: LrApolloService },
+    { type: AuthClass },
+    { type: LifeReadyAuthService },
+    { type: KFS },
+    { type: KeyService },
+    { type: EncryptionService },
+    { type: KeyGraphService },
+    { type: PasswordService }
+];
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoibGJvcC5zZXJ2aWNlLmpzIiwic291cmNlUm9vdCI6IkM6L1Byb2plY3RzL3Rlc3QvcHJvamVjdHMvY29yZS9zcmMvIiwic291cmNlcyI6WyJsaWIvYXV0aC9sYm9wLnNlcnZpY2UudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IjtBQUFBLE9BQU8sRUFBRSxlQUFlLEVBQUUsTUFBTSwwQkFBMEIsQ0FBQztBQUMzRCxPQUFPLEVBQUUsVUFBVSxFQUFFLE1BQU0sc0JBQXNCLENBQUM7QUFDbEQsT0FBTyxFQUFFLE1BQU0sRUFBRSxVQUFVLEVBQUUsTUFBTSxlQUFlLENBQUM7QUFDbkQsT0FBTyxFQUFFLFNBQVMsRUFBRSxNQUFNLGdDQUFnQyxDQUFDO0FBQzNELE9BQU8sR0FBRyxNQUFNLGFBQWEsQ0FBQztBQUU5QixPQUFPLEVBQUUsaUJBQWlCLEVBQUUsTUFBTSxvQ0FBb0MsQ0FBQztBQUN2RSxPQUFPLEVBQUUsZUFBZSxFQUFFLE1BQU0sbUNBQW1DLENBQUM7QUFDcEUsT0FBTyxFQUFFLFVBQVUsRUFBRSxNQUFNLDZCQUE2QixDQUFDO0FBQ3pELE9BQU8sRUFBbUIsU0FBUyxFQUFFLE1BQU0sc0JBQXNCLENBQUM7QUFDbEUsT0FBTyxFQUNMLFdBQVcsRUFFWCxtQkFBbUIsR0FDcEIsTUFBTSx1QkFBdUIsQ0FBQztBQUMvQixPQUFPLEVBQUUsb0JBQW9CLEVBQUUsTUFBTSwyQkFBMkIsQ0FBQztBQUNqRSxPQUFPLEVBQUUsZUFBZSxFQUFFLE1BQU0sb0JBQW9CLENBQUM7QUFDckQsT0FBTyxFQUFFLFlBQVksRUFBRSxNQUFNLFFBQVEsQ0FBQztBQUN0QyxPQUFPLEVBQUUsaUJBQWlCLElBQUksR0FBRyxFQUFFLE1BQU0scUNBQXFDLENBQUM7Ozs7Ozs7Ozs7OztBQXlFL0UsTUFBTSxDQUFDLE1BQU0sZUFBZSxHQUFHLEdBQUcsQ0FBQTs7Ozs7Ozs7Q0FRakMsQ0FBQztBQU1GLE1BQU0sQ0FBQyxNQUFNLGVBQWUsR0FBRyxHQUFHLENBQUE7Ozs7OztDQU1qQyxDQUFDO0FBV0YsTUFBTSxDQUFDLE1BQU0sZUFBZSxHQUFHLEdBQUcsQ0FBQTs7Ozs7Ozs7Q0FRakMsQ0FBQztBQUVGLE1BQU0sQ0FBQyxNQUFNLFNBQVMsR0FBRyxHQUFHLENBQUE7Ozs7Ozs7Q0FPM0IsQ0FBQztBQU1GLE1BQU0sQ0FBQyxNQUFNLFVBQVUsR0FBRyxHQUFHLENBQUE7Ozs7Ozs7Ozs7O0NBVzVCLENBQUM7QUFLRixNQUFNLE9BQU8sV0FBVztJQUt0QixZQUM2QixNQUF1QixFQUMxQyxJQUFnQixFQUNoQixRQUF5QixFQUN6QixJQUFlLEVBQ2YsV0FBaUMsRUFDakMsVUFBZSxFQUNmLFVBQXNCLEVBQ3RCLGlCQUFvQyxFQUNwQyxRQUF5QixFQUN6QixlQUFnQztRQVRiLFdBQU0sR0FBTixNQUFNLENBQWlCO1FBQzFDLFNBQUksR0FBSixJQUFJLENBQVk7UUFDaEIsYUFBUSxHQUFSLFFBQVEsQ0FBaUI7UUFDekIsU0FBSSxHQUFKLElBQUksQ0FBVztRQUNmLGdCQUFXLEdBQVgsV0FBVyxDQUFzQjtRQUNqQyxlQUFVLEdBQVYsVUFBVSxDQUFLO1FBQ2YsZUFBVSxHQUFWLFVBQVUsQ0FBWTtRQUN0QixzQkFBaUIsR0FBakIsaUJBQWlCLENBQW1CO1FBQ3BDLGFBQVEsR0FBUixRQUFRLENBQWlCO1FBQ3pCLG9CQUFlLEdBQWYsZUFBZSxDQUFpQjtRQWR6Qix3QkFBbUIsR0FBRyxFQUFFLENBQUM7UUFDMUMsZ0ZBQWdGO1FBQy9ELGVBQVUsR0FBRyxFQUFFLENBQUM7SUFhOUIsQ0FBQztJQUVJLFVBQVUsQ0FBQyxVQUFrQjtRQUNuQyxPQUFPLFVBQVUsQ0FBQyxLQUFLLENBQUMsR0FBRyxDQUFDLENBQUMsQ0FBQyxDQUFDLENBQUM7SUFDbEMsQ0FBQztJQUVZLE1BQU0sQ0FBQyxFQUFVOztZQUM1QixNQUFNLEdBQUcsR0FBRyxNQUFNLElBQUksQ0FBQyxRQUFRLENBQUMsTUFBTSxDQUFNO2dCQUMxQyxRQUFRLEVBQUUsZUFBZTtnQkFDekIsU0FBUyxFQUFFO29CQUNULEtBQUssRUFBRTt3QkFDTCxFQUFFO3FCQUNIO2lCQUNGO2FBQ0YsQ0FBQyxDQUFDO1lBRUgsT0FBTyxHQUFHLENBQUMsVUFBVSxDQUFDLEVBQUUsQ0FBQztRQUMzQixDQUFDO0tBQUE7SUFFWSxNQUFNLENBQUMsRUFBRSxFQUFFLEVBQUUsSUFBSSxFQUFvQjs7WUFDaEQsTUFBTSxJQUFJLEdBQUcsTUFBTSxJQUFJLENBQUMsR0FBRyxDQUFDLEVBQUUsQ0FBQyxDQUFDO1lBQ2hDLElBQUksQ0FBQyxJQUFJLEdBQUcsSUFBSSxDQUFDO1lBRWpCLE1BQU0sU0FBUyxHQUFHLE1BQU0sSUFBSSxDQUFDLFVBQVUsQ0FBQyxtQkFBbUIsRUFBRSxDQUFDO1lBQzlELE1BQU0sVUFBVSxHQUFHLE1BQU0sSUFBSSxDQUFDLGlCQUFpQixDQUFDLE9BQU8sQ0FDckQsU0FBUyxDQUFDLEdBQUcsRUFDYixJQUFJLENBQ0wsQ0FBQztZQUVGLE1BQU0sR0FBRyxHQUFHLE1BQU0sSUFBSSxDQUFDLFFBQVEsQ0FBQyxNQUFNLENBQWtCO2dCQUN0RCxRQUFRLEVBQUUsZUFBZTtnQkFDekIsU0FBUyxFQUFFO29CQUNULEtBQUssRUFBRTt3QkFDTCxFQUFFO3dCQUNGLFVBQVUsRUFBRSxJQUFJLENBQUMsU0FBUyxDQUFDLFVBQVUsQ0FBQztxQkFDdkM7aUJBQ0Y7YUFDRixDQUFDLENBQUM7WUFFSCxPQUFPLEdBQUcsQ0FBQyxVQUFVLENBQUM7UUFDeEIsQ0FBQztLQUFBO0lBRVksR0FBRyxDQUFDLEVBQVU7O1lBQ3pCLE1BQU0sR0FBRyxHQUFHLE1BQU0sSUFBSSxDQUFDLFFBQVEsQ0FBQyxLQUFLLENBQU07Z0JBQ3pDLEtBQUssRUFBRSxTQUFTO2dCQUNoQixTQUFTLEVBQUU7b0JBQ1QsRUFBRTtpQkFDSDthQUNGLENBQUMsQ0FBQztZQUVILE1BQU0sU0FBUyxHQUFHLE1BQU0sSUFBSSxDQUFDLFVBQVUsQ0FBQyxtQkFBbUIsRUFBRSxDQUFDO1lBRTlELE1BQU0sZUFBZSxHQUFHLE1BQU0sSUFBSSxDQUFDLGlCQUFpQixDQUFDLE9BQU8sQ0FDMUQsU0FBUyxDQUFDLEdBQUcsRUFDYixJQUFJLENBQUMsS0FBSyxDQUFDLEdBQUcsQ0FBQyxJQUFJLENBQUMsVUFBVSxDQUFDLENBQ2hDLENBQUM7WUFFRix1QkFDRSxFQUFFLEVBQUUsR0FBRyxDQUFDLEVBQUUsSUFDUCxlQUFlLEVBQ2xCO1FBQ0osQ0FBQztLQUFBO0lBRVksSUFBSTs7WUFDZixNQUFNLEdBQUcsR0FBRyxNQUFNLElBQUksQ0FBQyxRQUFRLENBQUMsS0FBSyxDQUFhO2dCQUNoRCxLQUFLLEVBQUUsVUFBVTthQUNsQixDQUFDLENBQUM7WUFFSCxNQUFNLFNBQVMsR0FBRyxNQUFNLElBQUksQ0FBQyxVQUFVLENBQUMsbUJBQW1CLEVBQUUsQ0FBQztZQUU5RCxPQUFPLE9BQU8sQ0FBQyxHQUFHLENBQ2hCLEdBQUcsQ0FBQyxLQUFLLENBQUMsS0FBSyxDQUFDLEdBQUcsQ0FBQyxDQUFPLElBQUksRUFBRSxFQUFFO2dCQUNqQyxNQUFNLGVBQWUsR0FBRyxNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxPQUFPLENBQzFELFNBQVMsQ0FBQyxHQUFHLEVBQ2IsSUFBSSxDQUFDLEtBQUssQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLFVBQVUsQ0FBQyxDQUNqQyxDQUFDO2dCQUNGLHVCQUNFLEVBQUUsRUFBRSxJQUFJLENBQUMsSUFBSSxDQUFDLEVBQUUsSUFDYixlQUFlLEVBQ2xCO1lBQ0osQ0FBQyxDQUFBLENBQUMsQ0FDSCxDQUFDO1FBQ0osQ0FBQztLQUFBO0lBRVksTUFBTSxDQUFDLEVBQUUsSUFBSSxFQUFvQjs7WUFDNUMsSUFBSSxZQUFZLENBQUMsU0FBUyxDQUFDLE1BQU0sS0FBSyxJQUFJLEVBQUU7Z0JBQzFDLE1BQU0sSUFBSSxtQkFBbUIsQ0FBQyx1Q0FBdUMsQ0FBQyxDQUFDO2FBQ3hFO1lBRUQsZ0VBQWdFO1lBQ2hFLE1BQU0sS0FBSyxHQUFHLE1BQU0sSUFBSSxDQUFDLElBQUksRUFBRSxDQUFDO1lBRWhDLG1CQUFtQjtZQUNuQixJQUFJLFVBQVUsQ0FBQztZQUNmLE9BQU8sSUFBSSxFQUFFO2dCQUNYLFVBQVUsR0FBRyxJQUFJLENBQUMsVUFBVTtxQkFDekIsYUFBYSxDQUFDLFlBQVksQ0FBQyxTQUFTLEVBQUUsSUFBSSxDQUFDLFVBQVUsQ0FBQztxQkFDdEQsSUFBSSxDQUFDLEdBQUcsQ0FBQyxDQUFDO2dCQUNiLE1BQU0sT0FBTyxHQUFHLElBQUksQ0FBQyxVQUFVLENBQUMsVUFBVSxDQUFDLENBQUM7Z0JBRTVDLElBQUksQ0FBQyxLQUFLLENBQUMsSUFBSSxDQUFDLENBQUMsSUFBSSxFQUFFLEVBQUUsQ0FBQyxJQUFJLENBQUMsT0FBTyxLQUFLLE9BQU8sQ0FBQyxFQUFFO29CQUNuRCxNQUFNO2lCQUNQO2FBQ0Y7WUFFRCxNQUFNLGFBQWEsR0FBRyxNQUFNLElBQUksQ0FBQyxVQUFVLENBQUMsbUJBQW1CLEVBQUUsQ0FBQztZQUNsRSxNQUFNLE9BQU8sR0FBRyxDQUNkLE1BQU0sSUFBSSxDQUFDLFVBQVUsQ0FBQyxhQUFhLGlCQUNqQyxRQUFRLEVBQUUsVUFBVSxJQUNqQixhQUFhLEVBQ2hCLENBQ0gsQ0FBQyxHQUFHLENBQUM7WUFFTixNQUFNLGVBQWUsR0FBRyxNQUFNLElBQUksQ0FBQyxVQUFVLENBQUMsYUFBYSxFQUFFLENBQUM7WUFDOUQsTUFBTSxzQkFBc0IsR0FBRyxNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxPQUFPLENBQ2pFLE9BQU8sRUFDUCxlQUFlLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxDQUM3QixDQUFDO1lBRUYscUNBQXFDO1lBQ3JDLE1BQU0sV0FBVyxHQUFHLE1BQU0sSUFBSSxDQUFDLFdBQVcsQ0FBQyxPQUFPLEVBQUUsQ0FBQztZQUNyRCxNQUFNLFNBQVMsR0FBRyxNQUFNLElBQUksQ0FBQyxRQUFRLENBQUMsTUFBTSxDQUMxQyxXQUFXLENBQUMsY0FBYyxDQUFDLFNBQVMsQ0FBQyxFQUFFLENBQ3hDLENBQUM7WUFDRixNQUFNLGdCQUFnQixHQUFHLE1BQU0sSUFBSSxDQUFDLGlCQUFpQixDQUFDLE9BQU8sQ0FDM0QsT0FBTyxFQUNQLFNBQVMsQ0FBQyxHQUFHLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxDQUMzQixDQUFDO1lBRUYsTUFBTSxJQUFJLG1DQUNMLENBQUMsSUFBSSxJQUFJLEVBQUUsSUFBSSxFQUFFLENBQUMsS0FDckIsT0FBTyxFQUFFLElBQUksQ0FBQyxVQUFVLENBQUMsVUFBVSxDQUFDLEdBQ3JDLENBQUM7WUFDRixNQUFNLFVBQVUsR0FBRyxNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxPQUFPLENBQ3JELFNBQVMsQ0FBQyxHQUFHLEVBQ2IsSUFBSSxDQUNMLENBQUM7WUFFRixNQUFNLEdBQUcsR0FBRyxNQUFNLElBQUksQ0FBQyxRQUFRLENBQUMsTUFBTSxDQUFrQjtnQkFDdEQsUUFBUSxFQUFFLGVBQWU7Z0JBQ3pCLFNBQVMsRUFBRTtvQkFDVCxLQUFLLEVBQUU7d0JBQ0wsVUFBVSxFQUFFLElBQUksQ0FBQyxTQUFTLENBQUMsVUFBVSxDQUFDO3dCQUN0QyxhQUFhLEVBQUUsSUFBSSxDQUFDLFNBQVMsQ0FBQyxhQUFhLENBQUM7d0JBQzVDLGVBQWUsRUFBRSxJQUFJLENBQUMsU0FBUyxDQUFDLGVBQWUsQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFDLENBQUM7d0JBQzdELHNCQUFzQixFQUFFLElBQUksQ0FBQyxTQUFTLENBQUMsc0JBQXNCLENBQUM7d0JBQzlELFdBQVcsRUFBRSxXQUFXLENBQUMsY0FBYyxDQUFDLFNBQVMsQ0FBQyxFQUFFO3dCQUNwRCxnQkFBZ0IsRUFBRSxJQUFJLENBQUMsU0FBUyxDQUFDLGdCQUFnQixDQUFDO3FCQUNuRDtpQkFDRjthQUNGLENBQUMsQ0FBQztZQUVILHVDQUNLLEdBQUcsQ0FBQyxVQUFVLENBQUMsSUFBSSxLQUN0QixVQUFVLElBQ1Y7UUFDSixDQUFDO0tBQUE7SUFFRCx1SEFBdUg7SUFDdkgsdUhBQXVIO0lBQ3ZILDZDQUE2QztJQUM3QyxFQUFFO0lBQ0Ysa0NBQWtDO0lBQ2xDLEVBQUU7SUFDRix1RUFBdUU7SUFDdkUsRUFBRTtJQUNGLHlIQUF5SDtJQUN6SCxvSUFBb0k7SUFDcEksa0lBQWtJO0lBQ2xJLGtJQUFrSTtJQUNsSSwyQ0FBMkM7SUFDM0MsdUhBQXVIO0lBQ3ZILHVIQUF1SDtJQUN6RyxXQUFXLENBQ3ZCLGVBQWdDLEVBQ2hDLFVBQWtCOztZQUVsQixNQUFNLFdBQVcsR0FBRyxJQUFJLENBQUMsVUFBVSxDQUFDLFlBQVksQ0FBQyxJQUFJLENBQUMsbUJBQW1CLENBQUMsQ0FBQztZQUUzRSxLQUFLLE1BQU0sSUFBSSxJQUFJLGVBQWUsQ0FBQyxLQUFLLEVBQUU7Z0JBQ3hDLE1BQU0sT0FBTyxHQUFHLENBQ2QsTUFBTSxJQUFJLENBQUMsVUFBVSxDQUFDLGFBQWEsaUJBQ2pDLFFBQVEsRUFBRSxVQUFVLElBQ2pCLElBQUksQ0FBQyxhQUFhLEVBQ3JCLENBQ0gsQ0FBQyxHQUFHLENBQUM7Z0JBRU4sb0RBQW9EO2dCQUNwRCxJQUFJO29CQUNGLE1BQU0sZUFBZSxHQUFHLENBQUMsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsT0FBTyxDQUMzRCxPQUFPLEVBQ1AsSUFBSSxDQUFDLHNCQUFzQixDQUM1QixDQUFRLENBQUM7b0JBRVYseUJBQXlCO29CQUN6QixtRUFBbUU7b0JBRW5FLE1BQU0sV0FBVyxHQUFHLGVBQWUsQ0FBQyxTQUFTLENBQUMsV0FBVyxDQUFDO29CQUUxRCxNQUFNLGVBQWUsR0FBRyxNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxJQUFJLENBQ3ZELGVBQWUsRUFDZjt3QkFDRSxXQUFXO3dCQUNYLFdBQVc7cUJBQ1osQ0FDRixDQUFDO29CQUVGLE9BQU87d0JBQ0wsSUFBSTt3QkFDSixlQUFlO3dCQUNmLE9BQU87cUJBQ1IsQ0FBQztpQkFDSDtnQkFBQyxPQUFPLEtBQUssRUFBRTtvQkFDZCxTQUFTO2lCQUNWO2FBQ0Y7WUFDRCxNQUFNLElBQUksV0FBVyxDQUFDO2dCQUNwQixNQUFNLEVBQUUsTUFBTTtnQkFDZCxJQUFJLEVBQUUsb0JBQW9CO2dCQUMxQixPQUFPLEVBQUUscUJBQXFCO2FBQy9CLENBQUMsQ0FBQztRQUNMLENBQUM7S0FBQTtJQUVZLGFBQWEsQ0FDeEIsTUFBMkI7O1lBRTNCLE1BQU0sR0FBRyxHQUFHLElBQUksQ0FBQyxJQUFJO2lCQUNsQixJQUFJLENBQ0gsR0FBRyxJQUFJLENBQUMsTUFBTSxDQUFDLE9BQU8sa0NBQWtDLEVBQ3hELE1BQU0sQ0FDUDtpQkFDQSxTQUFTLEVBQUUsQ0FBQztZQUVmLGlDQUFpQztZQUNqQyxtRUFBbUU7WUFFbkUsT0FBTyxHQUFHLENBQUM7UUFDYixDQUFDO0tBQUE7SUFFWSxjQUFjLENBQ3pCLE1BQTRCOztZQUU1QixPQUFPLElBQUksQ0FBQyxJQUFJO2lCQUNiLElBQUksQ0FBdUIsR0FBRyxJQUFJLENBQUMsTUFBTSxDQUFDLE9BQU8sZUFBZSxFQUFFO2dCQUNqRSxRQUFRLEVBQUUsTUFBTSxDQUFDLE9BQU87Z0JBQ3hCLE1BQU0sRUFBRSxNQUFNLENBQUMsS0FBSzthQUNyQixDQUFDO2lCQUNELFNBQVMsRUFBRSxDQUFDO1lBRWYsaUNBQWlDO1lBQ2pDLDJIQUEySDtRQUM3SCxDQUFDO0tBQUE7SUFFWSxNQUFNLENBQUMsTUFBb0I7O1lBQ3RDLE1BQU0sZUFBZSxHQUFHLE1BQU0sSUFBSSxDQUFDLElBQUk7aUJBQ3BDLElBQUksQ0FDSCxHQUFHLElBQUksQ0FBQyxNQUFNLENBQUMsT0FBTyxpQ0FBaUMsRUFDdkQ7Z0JBQ0UsT0FBTyxFQUFFLE1BQU0sQ0FBQyxPQUFPO2dCQUN2QixVQUFVLEVBQUUsTUFBTSxDQUFDLFVBQVU7YUFDOUIsQ0FDRjtpQkFDQSxTQUFTLEVBQUUsQ0FBQztZQUVmLGlDQUFpQztZQUNqQywySEFBMkg7WUFDM0gsTUFBTSxFQUFFLGVBQWUsRUFBRSxJQUFJLEVBQUUsT0FBTyxFQUFFLEdBQUcsTUFBTSxJQUFJLENBQUMsV0FBVyxDQUMvRCxlQUFlLEVBQ2YsTUFBTSxDQUFDLElBQUksQ0FDWixDQUFDO1lBRUYsTUFBTSxHQUFHLEdBQUcsTUFBTSxJQUFJLENBQUMsSUFBSTtpQkFDeEIsSUFBSSxDQUFNLEdBQUcsSUFBSSxDQUFDLE1BQU0sQ0FBQyxPQUFPLG9DQUFvQyxFQUFFO2dCQUNyRSxNQUFNLEVBQUUsSUFBSSxDQUFDLE1BQU07Z0JBQ25CLGVBQWU7YUFDaEIsQ0FBQztpQkFDRCxTQUFTLEVBQUUsQ0FBQztZQUVmLGlDQUFpQztZQUNqQyxpREFBaUQ7WUFFakQsT0FBTztnQkFDTCxNQUFNLEVBQUUsSUFBSSxDQUFDLE1BQU07Z0JBQ25CLGFBQWEsRUFBRSxHQUFHLENBQUMsYUFBYTtnQkFDaEMsV0FBVyxFQUFFLEdBQUcsQ0FBQyxXQUFXO2dCQUM1QixTQUFTLEVBQUUsTUFBTSxHQUFHLENBQUMsS0FBSyxDQUN4QixNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxPQUFPLENBQUMsT0FBTyxFQUFFLEdBQUcsQ0FBQyxnQkFBZ0IsQ0FBQyxDQUNwRTthQUNGLENBQUM7UUFDSixDQUFDO0tBQUE7SUFFWSxXQUFXLENBQUMsTUFBeUI7O1lBQ2hELHlDQUF5QztZQUN6QyxNQUFNLGFBQWEsR0FBRyxNQUFNLElBQUksQ0FBQyxlQUFlLENBQUMsbUJBQW1CLENBQ2xFLE1BQU0sQ0FBQyxXQUFXLENBQ25CLENBQUM7WUFFRixxQ0FBcUM7WUFDckMsTUFBTSxtQkFBbUIsR0FBRyxNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxPQUFPLENBQzlELGFBQWEsQ0FBQyxPQUFPLEVBQ3JCLE1BQU0sQ0FBQyxTQUFTLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxDQUM5QixDQUFDO1lBRUYsTUFBTSxNQUFNLEdBQUcsTUFBTSxJQUFJLENBQUMsSUFBSTtpQkFDM0IsSUFBSSxDQUNILEdBQUcsSUFBSSxDQUFDLE1BQU0sQ0FBQyxPQUFPLGdDQUFnQyxFQUN0RDtnQkFDRSxNQUFNLEVBQUUsTUFBTSxDQUFDLE1BQU07Z0JBQ3JCLGFBQWEsRUFBRSxNQUFNLENBQUMsYUFBYTtnQkFDbkMsV0FBVyxFQUFFLE1BQU0sQ0FBQyxXQUFXO2dCQUMvQixtQkFBbUI7Z0JBQ25CLFVBQVUsRUFBRTtvQkFDVixhQUFhLEVBQUUsYUFBYSxDQUFDLGFBQWE7b0JBQzFDLGFBQWEsRUFBRSxhQUFhLENBQUMsYUFBYTtvQkFDMUMsa0JBQWtCLEVBQUUsYUFBYSxDQUFDLGVBQWUsQ0FBQyxNQUFNLEVBQUU7b0JBQzFELHlCQUF5QixFQUFFLGFBQWEsQ0FBQyx5QkFBeUI7aUJBQ25FO2FBQ0YsQ0FDRjtpQkFDQSxTQUFTLEVBQUUsQ0FBQztZQUVmLGlDQUFpQztZQUNqQyx1RkFBdUY7WUFDdkYsdUZBQXVGO1lBQ3ZGLHFEQUFxRDtZQUVyRCwrRUFBK0U7WUFDL0UsaUNBQWlDO1lBQ2pDLElBQUksSUFBSSxHQUFHLE1BQU0sSUFBSSxDQUFDLElBQUksQ0FBQyxNQUFNLENBQUMsTUFBTSxDQUFDLFFBQVEsRUFBRSxNQUFNLENBQUMsV0FBVyxFQUFFO2dCQUNyRSxPQUFPLEVBQUUsTUFBTTthQUNoQixDQUFDLENBQUM7WUFFSCxJQUFJLElBQUksQ0FBQyxhQUFhLEtBQUssdUJBQXVCLEVBQUU7Z0JBQ2xELE1BQU0sSUFBSSxXQUFXLENBQUM7b0JBQ3BCLE9BQU8sRUFDTCxrRUFBa0U7aUJBQ3JFLENBQUMsQ0FBQzthQUNKO1lBRUQsaUNBQWlDO1lBQ2pDLHNEQUFzRDtZQUV0RCwwQkFBMEI7WUFDMUIsSUFBSSxHQUFHLE1BQU0sSUFBSSxDQUFDLElBQUksQ0FBQyxtQkFBbUIsQ0FDeEMsSUFBSSxFQUNKLElBQUksQ0FBQyxlQUFlLENBQUMsZ0JBQWdCLENBQUMsYUFBYSxDQUFDLE9BQU8sQ0FBQyxFQUM1RCxFQUFFLENBQ0gsQ0FBQztZQUVGLGlDQUFpQztZQUNqQyxzREFBc0Q7WUFFdEQsTUFBTSxJQUFJLENBQUMsSUFBSSxDQUFDLE9BQU8sRUFBRSxDQUFDO1lBRTFCLE9BQU8sTUFBTSxJQUFJLENBQUMsSUFBSTtpQkFDbkIsSUFBSSxDQUFNLEdBQUcsSUFBSSxDQUFDLE1BQU0sQ0FBQyxPQUFPLDRCQUE0QixFQUFFO2dCQUM3RCxNQUFNLEVBQUUsTUFBTSxDQUFDLE1BQU07Z0JBQ3JCLGdCQUFnQixFQUFFLE1BQU0sQ0FBQyxnQkFBZ0I7YUFDMUMsQ0FBQztpQkFDRCxTQUFTLEVBQUUsQ0FBQztRQUNqQixDQUFDO0tBQUE7Ozs7WUEzWEYsVUFBVSxTQUFDO2dCQUNWLFVBQVUsRUFBRSxNQUFNO2FBQ25COzs7NENBT0ksTUFBTSxTQUFDLFNBQVM7WUF0S1osVUFBVTtZQURWLGVBQWU7WUFHZixTQUFTO1lBWVQsb0JBQW9CO1lBR0MsR0FBRztZQVZ4QixVQUFVO1lBRlYsaUJBQWlCO1lBQ2pCLGVBQWU7WUFTZixlQUFlIiwic291cmNlc0NvbnRlbnQiOlsiaW1wb3J0IHsgTHJBcG9sbG9TZXJ2aWNlIH0gZnJvbSAnLi4vYXBpL2xyLWFwb2xsby5zZXJ2aWNlJztcclxuaW1wb3J0IHsgSHR0cENsaWVudCB9IGZyb20gJ0Bhbmd1bGFyL2NvbW1vbi9odHRwJztcclxuaW1wb3J0IHsgSW5qZWN0LCBJbmplY3RhYmxlIH0gZnJvbSAnQGFuZ3VsYXIvY29yZSc7XHJcbmltcG9ydCB7IEF1dGhDbGFzcyB9IGZyb20gJ0Bhd3MtYW1wbGlmeS9hdXRoL2xpYi1lc20vQXV0aCc7XHJcbmltcG9ydCBncWwgZnJvbSAnZ3JhcGhxbC10YWcnO1xyXG5pbXBvcnQgeyBKV0sgfSBmcm9tICdub2RlLWpvc2UnO1xyXG5pbXBvcnQgeyBFbmNyeXB0aW9uU2VydmljZSB9IGZyb20gJy4uL2NyeXB0b2dyYXBoeS9lbmNyeXB0aW9uLnNlcnZpY2UnO1xyXG5pbXBvcnQgeyBLZXlHcmFwaFNlcnZpY2UgfSBmcm9tICcuLi9jcnlwdG9ncmFwaHkva2V5LWdyYXBoLnNlcnZpY2UnO1xyXG5pbXBvcnQgeyBLZXlTZXJ2aWNlIH0gZnJvbSAnLi4vY3J5cHRvZ3JhcGh5L2tleS5zZXJ2aWNlJztcclxuaW1wb3J0IHsgTGlmZVJlYWR5Q29uZmlnLCBMUl9DT05GSUcgfSBmcm9tICcuLi9saWZlLXJlYWR5LmNvbmZpZyc7XHJcbmltcG9ydCB7XHJcbiAgTHJFeGNlcHRpb24sXHJcbiAgTHJFcnJvckNvZGUsXHJcbiAgTHJCYWRMb2dpY0V4Y2VwdGlvbixcclxufSBmcm9tICcuLi9fY29tbW9uL2V4Y2VwdGlvbnMnO1xyXG5pbXBvcnQgeyBMaWZlUmVhZHlBdXRoU2VydmljZSB9IGZyb20gJy4vbGlmZS1yZWFkeS1hdXRoLnNlcnZpY2UnO1xyXG5pbXBvcnQgeyBQYXNzd29yZFNlcnZpY2UgfSBmcm9tICcuL3Bhc3N3b3JkLnNlcnZpY2UnO1xyXG5pbXBvcnQgeyBTbGlwMzlIZWxwZXIgfSBmcm9tICdzbGlwMzknO1xyXG5pbXBvcnQgeyBLZXlGYWN0b3J5U2VydmljZSBhcyBLRlMgfSBmcm9tICcuLi9jcnlwdG9ncmFwaHkva2V5LWZhY3Rvcnkuc2VydmljZSc7XHJcblxyXG5pbnRlcmZhY2UgU2V0UGFzc3dvcmRBcGlSZXN1bHQge1xyXG4gIHVzZXJuYW1lOiBzdHJpbmc7XHJcbiAgaWRwUGFzc3dvcmQ6IHN0cmluZztcclxuICBzZXRQYXNzd29yZFRva2VuOiBzdHJpbmc7XHJcbn1cclxuXHJcbmV4cG9ydCBpbnRlcmZhY2UgU2V0UGFzc3dvcmRQYXJhbXMge1xyXG4gIGxib3BJZDogc3RyaW5nO1xyXG4gIG5ld1Bhc3N3b3JkOiBzdHJpbmc7XHJcbiAgdmVyaWZpZWRUb2tlbjogc3RyaW5nO1xyXG4gIG1hc3RlcktleUlkOiBzdHJpbmc7XHJcbiAgbWFzdGVyS2V5OiBKV0suS2V5O1xyXG59XHJcblxyXG5leHBvcnQgaW50ZXJmYWNlIFZlcmlmeUNvbnRhY3RQYXJhbXMge1xyXG4gIGVtYWlsPzogc3RyaW5nO1xyXG4gIHBob25lPzogc3RyaW5nO1xyXG59XHJcblxyXG5leHBvcnQgaW50ZXJmYWNlIFZlcmlmeUNvbnRhY3RSZXN1bHQge1xyXG4gIC8vIFRoZSBjbGFpbV9pZCBpZGVudGlmaWVzIHRoZSBFbWFpbC9TTVMgY29uZmlybWF0aW9uXHJcbiAgY2xhaW1JZDogc3RyaW5nO1xyXG59XHJcblxyXG5leHBvcnQgaW50ZXJmYWNlIENvbmZpcm1Db250YWN0UGFyYW1zIHtcclxuICBjbGFpbUlkOiBzdHJpbmc7XHJcbiAgdkNvZGU6IHN0cmluZztcclxufVxyXG5cclxuZXhwb3J0IGludGVyZmFjZSBDb25maXJtQ29udGFjdFJlc3VsdCB7XHJcbiAgLy8gVGhlIHRva2VuIHRvIHByb3ZlIHRoZSBjbGllbnQgaGFkIHRoZSBjb3JyZWN0IGNvbmZpcm1hdGlvbiBjb2RlLlxyXG4gIHRva2VuOiBzdHJpbmc7XHJcbn1cclxuXHJcbmV4cG9ydCBpbnRlcmZhY2UgVmVyaWZ5UGFyYW1zIHtcclxuICBjbGFpbUlkOiBzdHJpbmc7XHJcbiAgY2xhaW1Ub2tlbjogc3RyaW5nO1xyXG4gIGxib3A6IHN0cmluZztcclxufVxyXG5cclxuZXhwb3J0IGludGVyZmFjZSBWZXJpZnlSZXN1bHQge1xyXG4gIC8vIHVzZXJJZDogc3RyaW5nO1xyXG4gIGxib3BJZDogc3RyaW5nO1xyXG4gIHZlcmlmaWVkVG9rZW46IHN0cmluZztcclxuICBtYXN0ZXJLZXlJZDogc3RyaW5nO1xyXG4gIG1hc3RlcktleTogSldLLktleTtcclxufVxyXG5cclxuZXhwb3J0IGludGVyZmFjZSBDaGFsbGVuZ2VSZXN1bHQge1xyXG4gIGNoYWxsZW5nZTogYW55O1xyXG4gIGxib3BzOiBhbnk7XHJcbiAgLy8gdXNlcklkOiBzdHJpbmc7XHJcbn1cclxuXHJcbmV4cG9ydCBpbnRlcmZhY2UgTGJvcCB7XHJcbiAgaWQ6IHN0cmluZztcclxuICBwYXJ0aWFsPzogc3RyaW5nO1xyXG4gIG5hbWU/OiBzdHJpbmc7XHJcbiAgbGJvcFN0cmluZz86IHN0cmluZztcclxufVxyXG5cclxuZXhwb3J0IGludGVyZmFjZSBDcmVhdGVMYm9wUGFyYW1zIHtcclxuICBuYW1lPzogc3RyaW5nO1xyXG59XHJcblxyXG5pbnRlcmZhY2UgQ3JlYXRlTGJvcFF1ZXJ5IHtcclxuICBjcmVhdGVMYm9wOiB7XHJcbiAgICBsYm9wOiBMYm9wO1xyXG4gIH07XHJcbn1cclxuXHJcbmV4cG9ydCBjb25zdCBDcmVhdGVMYm9wUXVlcnkgPSBncWxgXHJcbiAgbXV0YXRpb24gQ3JlYXRlTGJvcCgkaW5wdXQ6IENyZWF0ZUxib3BJbnB1dCEpIHtcclxuICAgIGNyZWF0ZUxib3AoaW5wdXQ6ICRpbnB1dCkge1xyXG4gICAgICBsYm9wIHtcclxuICAgICAgICBpZFxyXG4gICAgICB9XHJcbiAgICB9XHJcbiAgfVxyXG5gO1xyXG5cclxuaW50ZXJmYWNlIERlbGV0ZUxib3BRdWVyeSB7XHJcbiAgZGVsZXRlTGJvcDogTGJvcDtcclxufVxyXG5cclxuZXhwb3J0IGNvbnN0IERlbGV0ZUxib3BRdWVyeSA9IGdxbGBcclxuICBtdXRhdGlvbiBEZWxldGVMYm9wKCRpbnB1dDogRGVsZXRlTGJvcElucHV0ISkge1xyXG4gICAgZGVsZXRlTGJvcChpbnB1dDogJGlucHV0KSB7XHJcbiAgICAgIGlkXHJcbiAgICB9XHJcbiAgfVxyXG5gO1xyXG5cclxuZXhwb3J0IGludGVyZmFjZSBVcGRhdGVMYm9wUGFyYW1zIHtcclxuICBpZDogc3RyaW5nO1xyXG4gIG5hbWU6IHN0cmluZztcclxufVxyXG5cclxuaW50ZXJmYWNlIFVwZGF0ZUxib3BRdWVyeSB7XHJcbiAgdXBkYXRlTGJvcDogTGJvcDtcclxufVxyXG5cclxuZXhwb3J0IGNvbnN0IFVwZGF0ZUxib3BRdWVyeSA9IGdxbGBcclxuICBtdXRhdGlvbiBVcGRhdGVMYm9wKCRpbnB1dDogVXBkYXRlTGJvcElucHV0ISkge1xyXG4gICAgdXBkYXRlTGJvcChpbnB1dDogJGlucHV0KSB7XHJcbiAgICAgIGxib3Age1xyXG4gICAgICAgIGlkXHJcbiAgICAgIH1cclxuICAgIH1cclxuICB9XHJcbmA7XHJcblxyXG5leHBvcnQgY29uc3QgTGJvcFF1ZXJ5ID0gZ3FsYFxyXG4gIHF1ZXJ5IExib3AoJGlkOiBMclJlbGF5SWRJbnB1dCEpIHtcclxuICAgIGxib3AoaWQ6ICRpZCkge1xyXG4gICAgICBpZFxyXG4gICAgICBjaXBoZXJNZXRhXHJcbiAgICB9XHJcbiAgfVxyXG5gO1xyXG5cclxuaW50ZXJmYWNlIExib3BzUXVlcnkge1xyXG4gIGxib3BzOiBhbnk7XHJcbn1cclxuXHJcbmV4cG9ydCBjb25zdCBMYm9wc1F1ZXJ5ID0gZ3FsYFxyXG4gIHF1ZXJ5IExib3BzIHtcclxuICAgIGxib3BzIHtcclxuICAgICAgZWRnZXMge1xyXG4gICAgICAgIG5vZGUge1xyXG4gICAgICAgICAgaWRcclxuICAgICAgICAgIGNpcGhlck1ldGFcclxuICAgICAgICB9XHJcbiAgICAgIH1cclxuICAgIH1cclxuICB9XHJcbmA7XHJcblxyXG5ASW5qZWN0YWJsZSh7XHJcbiAgcHJvdmlkZWRJbjogJ3Jvb3QnLFxyXG59KVxyXG5leHBvcnQgY2xhc3MgTGJvcFNlcnZpY2Uge1xyXG4gIHByaXZhdGUgcmVhZG9ubHkgQ0xJRU5UX05PTkNFX0xFTkdUSCA9IDMyO1xyXG4gIC8vIFRoZXJlIGFyZSAxMDI0IHdvcmRzICgxMCBiaXRzKSwgc28gMjUgd29yZHMgc2hvdWxkIGdpdmUgfjI1NiBiaXRzIG9mIGVudHJvcHkuXHJcbiAgcHJpdmF0ZSByZWFkb25seSBMQk9QX1dPUkRTID0gMjU7XHJcblxyXG4gIGNvbnN0cnVjdG9yKFxyXG4gICAgQEluamVjdChMUl9DT05GSUcpIHByaXZhdGUgY29uZmlnOiBMaWZlUmVhZHlDb25maWcsXHJcbiAgICBwcml2YXRlIGh0dHA6IEh0dHBDbGllbnQsXHJcbiAgICBwcml2YXRlIGxyQXBvbGxvOiBMckFwb2xsb1NlcnZpY2UsXHJcbiAgICBwcml2YXRlIGF1dGg6IEF1dGhDbGFzcyxcclxuICAgIHByaXZhdGUgYXV0aFNlcnZpY2U6IExpZmVSZWFkeUF1dGhTZXJ2aWNlLFxyXG4gICAgcHJpdmF0ZSBrZXlGYWN0b3J5OiBLRlMsXHJcbiAgICBwcml2YXRlIGtleVNlcnZpY2U6IEtleVNlcnZpY2UsXHJcbiAgICBwcml2YXRlIGVuY3J5cHRpb25TZXJ2aWNlOiBFbmNyeXB0aW9uU2VydmljZSxcclxuICAgIHByaXZhdGUga2V5R3JhcGg6IEtleUdyYXBoU2VydmljZSxcclxuICAgIHByaXZhdGUgcGFzc3dvcmRTZXJ2aWNlOiBQYXNzd29yZFNlcnZpY2VcclxuICApIHt9XHJcblxyXG4gIHByaXZhdGUgZ2V0UGFydGlhbChsYm9wU3RyaW5nOiBzdHJpbmcpOiBzdHJpbmcge1xyXG4gICAgcmV0dXJuIGxib3BTdHJpbmcuc3BsaXQoJyAnKVswXTtcclxuICB9XHJcblxyXG4gIHB1YmxpYyBhc3luYyByZW1vdmUoaWQ6IHN0cmluZyk6IFByb21pc2U8c3RyaW5nPiB7XHJcbiAgICBjb25zdCByZXMgPSBhd2FpdCB0aGlzLmxyQXBvbGxvLm11dGF0ZTxhbnk+KHtcclxuICAgICAgbXV0YXRpb246IERlbGV0ZUxib3BRdWVyeSxcclxuICAgICAgdmFyaWFibGVzOiB7XHJcbiAgICAgICAgaW5wdXQ6IHtcclxuICAgICAgICAgIGlkLFxyXG4gICAgICAgIH0sXHJcbiAgICAgIH0sXHJcbiAgICB9KTtcclxuXHJcbiAgICByZXR1cm4gcmVzLmRlbGV0ZUxib3AuaWQ7XHJcbiAgfVxyXG5cclxuICBwdWJsaWMgYXN5bmMgdXBkYXRlKHsgaWQsIG5hbWUgfTogVXBkYXRlTGJvcFBhcmFtcyk6IFByb21pc2U8TGJvcD4ge1xyXG4gICAgY29uc3QgbGJvcCA9IGF3YWl0IHRoaXMuZ2V0KGlkKTtcclxuICAgIGxib3AubmFtZSA9IG5hbWU7XHJcblxyXG4gICAgY29uc3QgbWFzdGVyS2V5ID0gYXdhaXQgdGhpcy5rZXlTZXJ2aWNlLmdldEN1cnJlbnRNYXN0ZXJLZXkoKTtcclxuICAgIGNvbnN0IGNpcGhlck1ldGEgPSBhd2FpdCB0aGlzLmVuY3J5cHRpb25TZXJ2aWNlLmVuY3J5cHQoXHJcbiAgICAgIG1hc3RlcktleS5qd2ssXHJcbiAgICAgIGxib3BcclxuICAgICk7XHJcblxyXG4gICAgY29uc3QgcmVzID0gYXdhaXQgdGhpcy5sckFwb2xsby5tdXRhdGU8VXBkYXRlTGJvcFF1ZXJ5Pih7XHJcbiAgICAgIG11dGF0aW9uOiBVcGRhdGVMYm9wUXVlcnksXHJcbiAgICAgIHZhcmlhYmxlczoge1xyXG4gICAgICAgIGlucHV0OiB7XHJcbiAgICAgICAgICBpZCxcclxuICAgICAgICAgIGNpcGhlck1ldGE6IEpTT04uc3RyaW5naWZ5KGNpcGhlck1ldGEpLFxyXG4gICAgICAgIH0sXHJcbiAgICAgIH0sXHJcbiAgICB9KTtcclxuXHJcbiAgICByZXR1cm4gcmVzLnVwZGF0ZUxib3A7XHJcbiAgfVxyXG5cclxuICBwdWJsaWMgYXN5bmMgZ2V0KGlkOiBzdHJpbmcpOiBQcm9taXNlPExib3A+IHtcclxuICAgIGNvbnN0IHJlcyA9IGF3YWl0IHRoaXMubHJBcG9sbG8ucXVlcnk8YW55Pih7XHJcbiAgICAgIHF1ZXJ5OiBMYm9wUXVlcnksXHJcbiAgICAgIHZhcmlhYmxlczoge1xyXG4gICAgICAgIGlkLFxyXG4gICAgICB9LFxyXG4gICAgfSk7XHJcblxyXG4gICAgY29uc3QgbWFzdGVyS2V5ID0gYXdhaXQgdGhpcy5rZXlTZXJ2aWNlLmdldEN1cnJlbnRNYXN0ZXJLZXkoKTtcclxuXHJcbiAgICBjb25zdCBwbGFpbkNpcGhlck1ldGEgPSBhd2FpdCB0aGlzLmVuY3J5cHRpb25TZXJ2aWNlLmRlY3J5cHQoXHJcbiAgICAgIG1hc3RlcktleS5qd2ssXHJcbiAgICAgIEpTT04ucGFyc2UocmVzLmxib3AuY2lwaGVyTWV0YSlcclxuICAgICk7XHJcblxyXG4gICAgcmV0dXJuIHtcclxuICAgICAgaWQ6IHJlcy5pZCxcclxuICAgICAgLi4ucGxhaW5DaXBoZXJNZXRhLFxyXG4gICAgfTtcclxuICB9XHJcblxyXG4gIHB1YmxpYyBhc3luYyBsaXN0KCk6IFByb21pc2U8TGJvcFtdPiB7XHJcbiAgICBjb25zdCByZXMgPSBhd2FpdCB0aGlzLmxyQXBvbGxvLnF1ZXJ5PExib3BzUXVlcnk+KHtcclxuICAgICAgcXVlcnk6IExib3BzUXVlcnksXHJcbiAgICB9KTtcclxuXHJcbiAgICBjb25zdCBtYXN0ZXJLZXkgPSBhd2FpdCB0aGlzLmtleVNlcnZpY2UuZ2V0Q3VycmVudE1hc3RlcktleSgpO1xyXG5cclxuICAgIHJldHVybiBQcm9taXNlLmFsbChcclxuICAgICAgcmVzLmxib3BzLmVkZ2VzLm1hcChhc3luYyAoZWRnZSkgPT4ge1xyXG4gICAgICAgIGNvbnN0IHBsYWluQ2lwaGVyTWV0YSA9IGF3YWl0IHRoaXMuZW5jcnlwdGlvblNlcnZpY2UuZGVjcnlwdChcclxuICAgICAgICAgIG1hc3RlcktleS5qd2ssXHJcbiAgICAgICAgICBKU09OLnBhcnNlKGVkZ2Uubm9kZS5jaXBoZXJNZXRhKVxyXG4gICAgICAgICk7XHJcbiAgICAgICAgcmV0dXJuIHtcclxuICAgICAgICAgIGlkOiBlZGdlLm5vZGUuaWQsXHJcbiAgICAgICAgICAuLi5wbGFpbkNpcGhlck1ldGEsXHJcbiAgICAgICAgfTtcclxuICAgICAgfSlcclxuICAgICk7XHJcbiAgfVxyXG5cclxuICBwdWJsaWMgYXN5bmMgY3JlYXRlKHsgbmFtZSB9OiBDcmVhdGVMYm9wUGFyYW1zKTogUHJvbWlzZTxMYm9wPiB7XHJcbiAgICBpZiAoU2xpcDM5SGVscGVyLldPUkRfTElTVC5sZW5ndGggIT09IDEwMjQpIHtcclxuICAgICAgdGhyb3cgbmV3IExyQmFkTG9naWNFeGNlcHRpb24oJ1NsaXAzOUhlbHBlci5XT1JEX0xJU1QubGVuZ3RoICE9IDEwMjQnKTtcclxuICAgIH1cclxuXHJcbiAgICAvLyBHZXQgZXhpc3RpbmcgdG8gbWFrZSBzdXJlIHRoZXJlIGFyZSBub3QgZHVwbGljYXRlIGZpcnN0IHdvcmRzXHJcbiAgICBjb25zdCBsYm9wcyA9IGF3YWl0IHRoaXMubGlzdCgpO1xyXG5cclxuICAgIC8vIEdlbmVyYXRlIG5ldyBvbmVcclxuICAgIGxldCBsYm9wU3RyaW5nO1xyXG4gICAgd2hpbGUgKHRydWUpIHtcclxuICAgICAgbGJvcFN0cmluZyA9IHRoaXMua2V5RmFjdG9yeVxyXG4gICAgICAgIC5yYW5kb21DaG9pY2VzKFNsaXAzOUhlbHBlci5XT1JEX0xJU1QsIHRoaXMuTEJPUF9XT1JEUylcclxuICAgICAgICAuam9pbignICcpO1xyXG4gICAgICBjb25zdCBwYXJ0aWFsID0gdGhpcy5nZXRQYXJ0aWFsKGxib3BTdHJpbmcpO1xyXG5cclxuICAgICAgaWYgKCFsYm9wcy5zb21lKChsYm9wKSA9PiBsYm9wLnBhcnRpYWwgPT09IHBhcnRpYWwpKSB7XHJcbiAgICAgICAgYnJlYWs7XHJcbiAgICAgIH1cclxuICAgIH1cclxuXHJcbiAgICBjb25zdCBsYm9wS2V5UGFyYW1zID0gYXdhaXQgdGhpcy5rZXlGYWN0b3J5LmNyZWF0ZUxib3BLZXlQYXJhbXMoKTtcclxuICAgIGNvbnN0IGxib3BLZXkgPSAoXHJcbiAgICAgIGF3YWl0IHRoaXMua2V5RmFjdG9yeS5kZXJpdmVMYm9wS2V5KHtcclxuICAgICAgICBwYXNzd29yZDogbGJvcFN0cmluZyxcclxuICAgICAgICAuLi5sYm9wS2V5UGFyYW1zLFxyXG4gICAgICB9KVxyXG4gICAgKS5qd2s7XHJcblxyXG4gICAgY29uc3QgbGJvcEtleVZlcmlmaWVyID0gYXdhaXQgdGhpcy5rZXlGYWN0b3J5LmNyZWF0ZVNpZ25LZXkoKTtcclxuICAgIGNvbnN0IHdyYXBwZWRMYm9wS2V5VmVyaWZpZXIgPSBhd2FpdCB0aGlzLmVuY3J5cHRpb25TZXJ2aWNlLmVuY3J5cHQoXHJcbiAgICAgIGxib3BLZXksXHJcbiAgICAgIGxib3BLZXlWZXJpZmllci50b0pTT04odHJ1ZSlcclxuICAgICk7XHJcblxyXG4gICAgLy8gUmUtZW5jcnlwdCBtYXN0ZXIga2V5IHdpdGggbmV3IGtleVxyXG4gICAgY29uc3QgY3VycmVudFVzZXIgPSBhd2FpdCB0aGlzLmF1dGhTZXJ2aWNlLmdldFVzZXIoKTtcclxuICAgIGNvbnN0IG1hc3RlcktleSA9IGF3YWl0IHRoaXMua2V5R3JhcGguZ2V0S2V5KFxyXG4gICAgICBjdXJyZW50VXNlci5jdXJyZW50VXNlcktleS5tYXN0ZXJLZXkuaWRcclxuICAgICk7XHJcbiAgICBjb25zdCB3cmFwcGVkTWFzdGVyS2V5ID0gYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5lbmNyeXB0KFxyXG4gICAgICBsYm9wS2V5LFxyXG4gICAgICBtYXN0ZXJLZXkuandrLnRvSlNPTih0cnVlKVxyXG4gICAgKTtcclxuXHJcbiAgICBjb25zdCBtZXRhID0ge1xyXG4gICAgICAuLi4obmFtZSAmJiB7IG5hbWUgfSksXHJcbiAgICAgIHBhcnRpYWw6IHRoaXMuZ2V0UGFydGlhbChsYm9wU3RyaW5nKSxcclxuICAgIH07XHJcbiAgICBjb25zdCBjaXBoZXJNZXRhID0gYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5lbmNyeXB0KFxyXG4gICAgICBtYXN0ZXJLZXkuandrLFxyXG4gICAgICBtZXRhXHJcbiAgICApO1xyXG5cclxuICAgIGNvbnN0IHJlcyA9IGF3YWl0IHRoaXMubHJBcG9sbG8ubXV0YXRlPENyZWF0ZUxib3BRdWVyeT4oe1xyXG4gICAgICBtdXRhdGlvbjogQ3JlYXRlTGJvcFF1ZXJ5LFxyXG4gICAgICB2YXJpYWJsZXM6IHtcclxuICAgICAgICBpbnB1dDoge1xyXG4gICAgICAgICAgY2lwaGVyTWV0YTogSlNPTi5zdHJpbmdpZnkoY2lwaGVyTWV0YSksXHJcbiAgICAgICAgICBsYm9wS2V5UGFyYW1zOiBKU09OLnN0cmluZ2lmeShsYm9wS2V5UGFyYW1zKSxcclxuICAgICAgICAgIGxib3BLZXlWZXJpZmllcjogSlNPTi5zdHJpbmdpZnkobGJvcEtleVZlcmlmaWVyLnRvSlNPTih0cnVlKSksXHJcbiAgICAgICAgICB3cmFwcGVkTGJvcEtleVZlcmlmaWVyOiBKU09OLnN0cmluZ2lmeSh3cmFwcGVkTGJvcEtleVZlcmlmaWVyKSxcclxuICAgICAgICAgIG1hc3RlcktleUlkOiBjdXJyZW50VXNlci5jdXJyZW50VXNlcktleS5tYXN0ZXJLZXkuaWQsXHJcbiAgICAgICAgICB3cmFwcGVkTWFzdGVyS2V5OiBKU09OLnN0cmluZ2lmeSh3cmFwcGVkTWFzdGVyS2V5KSxcclxuICAgICAgICB9LFxyXG4gICAgICB9LFxyXG4gICAgfSk7XHJcblxyXG4gICAgcmV0dXJuIHtcclxuICAgICAgLi4ucmVzLmNyZWF0ZUxib3AubGJvcCxcclxuICAgICAgbGJvcFN0cmluZyxcclxuICAgIH07XHJcbiAgfVxyXG5cclxuICAvLyAtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLVxyXG4gIC8vIC0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tXHJcbiAgLy8gRmxvdyBiZWxvdyBhcmUgZm9yIHBhc3N3b3JkIHJlc2V0IHZpYSBMQk9QXHJcbiAgLy9cclxuICAvLyAtLVBvdGVudGlhbCBGYWlsdXJlIFBvaW50IHh4eC0tXHJcbiAgLy9cclxuICAvLyBMb29rIGZvciB0aGUgYWJvdmUgYW5kIHlvdSBjYW4gdGVzdCBieSBpbnRlcnJ1cHRpbmcgYXQgdGhlc2UgcG9pbnRzLlxyXG4gIC8vXHJcbiAgLy8gVGhlIExCT1AgcmVzZXQgcHJvY2VzcyBjYW4gYmUgcmVzdGFydGVkIGF0IGFueSBwb2ludCBiZWZvcmUgdGhlIGNhbGwgdG8gXCJzZXQtcGFzc3dvcmQvXCIuIE9uY2UgXCJzZXQtcGFzc3dvcmQvXCIgaGFzIGJlZW5cclxuICAvLyBjYWxsZWQsIHdlIGFzc3VtZSB0aGUgY2xpZW50IGhhcyBhIHNob3J0IHBlcmlvZCBvZiB0aW1lIHRvIGNoYW5nZSB0aGUgSWRwIHBhc3N3b3JkIHRvIHRoZSBvbmUgdGhleSd2ZSBjaG9zZW4uIFRoZSBcInNldC1wYXNzd29yZC9cIlxyXG4gIC8vIHdpbGwgc2V0IHRoZSBJZHAgcGFzc3dvcmQgdG8gYSB0ZW1wb3JhcnkgcmFuZG9tIHBhc3N3b3JkLiBUaGUgdXNlciBjYW4gbm8gbG9uZ2VyIGxvZ2luIHVzaW5nIHRoZWlyIGN1cnJlbnQgcGFzc3dvcmQuIElmIHRoZSBJZHBcclxuICAvLyBwYXNzd29yZCBjaGFuZ2UgcHJvY2VzcyBkb2VzIG5vdCBjb21wbGV0ZSBvciB0YWtlcyBsb25nZXIgdGhhbiB0aGUgbG9ja291dCBwZXJpb2QsIHRoZSBhY2NvdW50IHdpbGwgbm90IGJlIGFjY2Vzc2libGUgYW5kIGEgbmV3XHJcbiAgLy8gTEJPUCBwYXNzd29yZCByZXNldCBtdXN0IGJlIGNhcnJpZWQgb3V0LlxyXG4gIC8vIC0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tXHJcbiAgLy8gLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS1cclxuICBwcml2YXRlIGFzeW5jIHZlcmlmeUxib3BzKFxyXG4gICAgY2hhbGxlbmdlUmVzdWx0OiBDaGFsbGVuZ2VSZXN1bHQsXHJcbiAgICBsYm9wU3RyaW5nOiBzdHJpbmdcclxuICApOiBQcm9taXNlPHsgbGJvcDogYW55OyBzaWduZWRDaGFsbGVuZ2U6IGFueTsgbGJvcEtleTogSldLLktleSB9PiB7XHJcbiAgICBjb25zdCBjbGllbnROb25jZSA9IHRoaXMua2V5RmFjdG9yeS5yYW5kb21TdHJpbmcodGhpcy5DTElFTlRfTk9OQ0VfTEVOR1RIKTtcclxuXHJcbiAgICBmb3IgKGNvbnN0IGxib3Agb2YgY2hhbGxlbmdlUmVzdWx0Lmxib3BzKSB7XHJcbiAgICAgIGNvbnN0IGxib3BLZXkgPSAoXHJcbiAgICAgICAgYXdhaXQgdGhpcy5rZXlGYWN0b3J5LmRlcml2ZUxib3BLZXkoe1xyXG4gICAgICAgICAgcGFzc3dvcmQ6IGxib3BTdHJpbmcsXHJcbiAgICAgICAgICAuLi5sYm9wLmxib3BLZXlQYXJhbXMsXHJcbiAgICAgICAgfSlcclxuICAgICAgKS5qd2s7XHJcblxyXG4gICAgICAvLyBJZiBkZWNvZGluZyBzdWNjZXNzZnVsIHRoZW4gaXQncyB0aGUgY29ycmVjdCBsYm9wXHJcbiAgICAgIHRyeSB7XHJcbiAgICAgICAgY29uc3QgbGJvcEtleVZlcmlmaWVyID0gKGF3YWl0IHRoaXMuZW5jcnlwdGlvblNlcnZpY2UuZGVjcnlwdChcclxuICAgICAgICAgIGxib3BLZXksXHJcbiAgICAgICAgICBsYm9wLndyYXBwZWRMYm9wS2V5VmVyaWZpZXJcclxuICAgICAgICApKSBhcyBhbnk7XHJcblxyXG4gICAgICAgIC8vIEZvcmNlIGEgYmFkIHNpZ25hdHVyZS5cclxuICAgICAgICAvLyBjb25zdCBzZXJ2ZXJOb25jZSA9IGNoYWxsZW5nZVJlc3VsdC5jaGFsbGVuZ2Uuc2VydmVyTm9uY2UgKyBcIjFcIixcclxuXHJcbiAgICAgICAgY29uc3Qgc2VydmVyTm9uY2UgPSBjaGFsbGVuZ2VSZXN1bHQuY2hhbGxlbmdlLnNlcnZlck5vbmNlO1xyXG5cclxuICAgICAgICBjb25zdCBzaWduZWRDaGFsbGVuZ2UgPSBhd2FpdCB0aGlzLmVuY3J5cHRpb25TZXJ2aWNlLnNpZ24oXHJcbiAgICAgICAgICBsYm9wS2V5VmVyaWZpZXIsXHJcbiAgICAgICAgICB7XHJcbiAgICAgICAgICAgIHNlcnZlck5vbmNlLFxyXG4gICAgICAgICAgICBjbGllbnROb25jZSxcclxuICAgICAgICAgIH1cclxuICAgICAgICApO1xyXG5cclxuICAgICAgICByZXR1cm4ge1xyXG4gICAgICAgICAgbGJvcCxcclxuICAgICAgICAgIHNpZ25lZENoYWxsZW5nZSxcclxuICAgICAgICAgIGxib3BLZXksXHJcbiAgICAgICAgfTtcclxuICAgICAgfSBjYXRjaCAoZXJyb3IpIHtcclxuICAgICAgICBjb250aW51ZTtcclxuICAgICAgfVxyXG4gICAgfVxyXG4gICAgdGhyb3cgbmV3IExyRXhjZXB0aW9uKHtcclxuICAgICAgc291cmNlOiAnTEJPUCcsXHJcbiAgICAgIGNvZGU6ICdJTlZBTElEX1BBU1NQSFJBU0UnLFxyXG4gICAgICBtZXNzYWdlOiAnSW52YWxpZCBwYXNzcGhyYXNlLicsXHJcbiAgICB9KTtcclxuICB9XHJcblxyXG4gIHB1YmxpYyBhc3luYyB2ZXJpZnlDb250YWN0KFxyXG4gICAgcGFyYW1zOiBWZXJpZnlDb250YWN0UGFyYW1zXHJcbiAgKTogUHJvbWlzZTxWZXJpZnlDb250YWN0UmVzdWx0PiB7XHJcbiAgICBjb25zdCByZXQgPSB0aGlzLmh0dHBcclxuICAgICAgLnBvc3Q8VmVyaWZ5Q29udGFjdFJlc3VsdD4oXHJcbiAgICAgICAgYCR7dGhpcy5jb25maWcuYXV0aFVybH11c2Vycy9sYm9wLXJlc2V0L3ZlcmlmeS1jb250YWN0L2AsXHJcbiAgICAgICAgcGFyYW1zXHJcbiAgICAgIClcclxuICAgICAgLnRvUHJvbWlzZSgpO1xyXG5cclxuICAgIC8vIC0tUG90ZW50aWFsIEZhaWx1cmUgUG9pbnQgMSAtLVxyXG4gICAgLy8gVGhlIGNvbnRhY3QgdmVyaWZpY2F0aW9ucyBhcmUgdGhyb3R0bGVkLiBCdXQgb3RoZXJ3aXNlIGhhcm1sZXNzLlxyXG5cclxuICAgIHJldHVybiByZXQ7XHJcbiAgfVxyXG5cclxuICBwdWJsaWMgYXN5bmMgY29uZmlybUNvbnRhY3QoXHJcbiAgICBwYXJhbXM6IENvbmZpcm1Db250YWN0UGFyYW1zXHJcbiAgKTogUHJvbWlzZTxDb25maXJtQ29udGFjdFJlc3VsdD4ge1xyXG4gICAgcmV0dXJuIHRoaXMuaHR0cFxyXG4gICAgICAucG9zdDxDb25maXJtQ29udGFjdFJlc3VsdD4oYCR7dGhpcy5jb25maWcuYXV0aFVybH1jb3ZlL3Jlc3BvbmQvYCwge1xyXG4gICAgICAgIGNsYWltX2lkOiBwYXJhbXMuY2xhaW1JZCxcclxuICAgICAgICB2X2NvZGU6IHBhcmFtcy52Q29kZSxcclxuICAgICAgfSlcclxuICAgICAgLnRvUHJvbWlzZSgpO1xyXG5cclxuICAgIC8vIC0tUG90ZW50aWFsIEZhaWx1cmUgUG9pbnQgMiAtLVxyXG4gICAgLy8gQSB2ZXJpZmllZCBjbGFpbSBmb3IgYSBjb250YWN0IGRvZXMgbm90IHByZXZlbnQgbmV3IG9uZXMgZnJvbSBiZWluZyBnZW5lcmF0ZWQuIFNvIGl0IHNob3VsZCBiZSBmaW5lIHRvIGp1c3Qgc3RhcnQgYWdhaW4uXHJcbiAgfVxyXG5cclxuICBwdWJsaWMgYXN5bmMgdmVyaWZ5KHBhcmFtczogVmVyaWZ5UGFyYW1zKTogUHJvbWlzZTxWZXJpZnlSZXN1bHQ+IHtcclxuICAgIGNvbnN0IGNoYWxsZW5nZVJlc3VsdCA9IGF3YWl0IHRoaXMuaHR0cFxyXG4gICAgICAucG9zdDxDaGFsbGVuZ2VSZXN1bHQ+KFxyXG4gICAgICAgIGAke3RoaXMuY29uZmlnLmF1dGhVcmx9dXNlcnMvbGJvcC1yZXNldC9nZXQtY2hhbGxlbmdlL2AsXHJcbiAgICAgICAge1xyXG4gICAgICAgICAgY2xhaW1JZDogcGFyYW1zLmNsYWltSWQsXHJcbiAgICAgICAgICBjbGFpbVRva2VuOiBwYXJhbXMuY2xhaW1Ub2tlbixcclxuICAgICAgICB9XHJcbiAgICAgIClcclxuICAgICAgLnRvUHJvbWlzZSgpO1xyXG5cclxuICAgIC8vIC0tUG90ZW50aWFsIEZhaWx1cmUgUG9pbnQgMyAtLVxyXG4gICAgLy8gVGhpcyBkb2VzIG5vdCBsb2NrIGFueXRoaW5nLiBBIHNlY29uZCBjYWxsIHRvIFwiZ2V0LWNoYWxsZW5nZS9cIiB3aWxsIGNyZWF0ZSBhIG5ldyBjaGFsbGVuZ2UgYW1kIGludmFsaWRhdGUgdGhlIGZpcnN0IG9uZS5cclxuICAgIGNvbnN0IHsgc2lnbmVkQ2hhbGxlbmdlLCBsYm9wLCBsYm9wS2V5IH0gPSBhd2FpdCB0aGlzLnZlcmlmeUxib3BzKFxyXG4gICAgICBjaGFsbGVuZ2VSZXN1bHQsXHJcbiAgICAgIHBhcmFtcy5sYm9wXHJcbiAgICApO1xyXG5cclxuICAgIGNvbnN0IHJlcyA9IGF3YWl0IHRoaXMuaHR0cFxyXG4gICAgICAucG9zdDxhbnk+KGAke3RoaXMuY29uZmlnLmF1dGhVcmx9dXNlcnMvbGJvcC1yZXNldC92ZXJpZnktY2hhbGxlbmdlL2AsIHtcclxuICAgICAgICBsYm9wSWQ6IGxib3AubGJvcElkLFxyXG4gICAgICAgIHNpZ25lZENoYWxsZW5nZSxcclxuICAgICAgfSlcclxuICAgICAgLnRvUHJvbWlzZSgpO1xyXG5cclxuICAgIC8vIC0tUG90ZW50aWFsIEZhaWx1cmUgUG9pbnQgNCAtLVxyXG4gICAgLy8gVGhpcyBkb2VzIG5vdCBsb2NrIGFueXRoaW5nLiBTbyBvayB0byByZXN0YXJ0LlxyXG5cclxuICAgIHJldHVybiB7XHJcbiAgICAgIGxib3BJZDogbGJvcC5sYm9wSWQsXHJcbiAgICAgIHZlcmlmaWVkVG9rZW46IHJlcy52ZXJpZmllZFRva2VuLFxyXG4gICAgICBtYXN0ZXJLZXlJZDogcmVzLm1hc3RlcktleUlkLFxyXG4gICAgICBtYXN0ZXJLZXk6IGF3YWl0IEtGUy5hc0tleShcclxuICAgICAgICBhd2FpdCB0aGlzLmVuY3J5cHRpb25TZXJ2aWNlLmRlY3J5cHQobGJvcEtleSwgcmVzLndyYXBwZWRNYXN0ZXJLZXkpXHJcbiAgICAgICksXHJcbiAgICB9O1xyXG4gIH1cclxuXHJcbiAgcHVibGljIGFzeW5jIHNldFBhc3N3b3JkKHBhcmFtczogU2V0UGFzc3dvcmRQYXJhbXMpOiBQcm9taXNlPGFueT4ge1xyXG4gICAgLy8gR2VuZXJhdGUgdGhlIG5ldyBwYXNzd29yZCBkZXJpdmVkIGtleXNcclxuICAgIGNvbnN0IHBhc3NLZXlCdW5kbGUgPSBhd2FpdCB0aGlzLnBhc3N3b3JkU2VydmljZS5jcmVhdGVQYXNzS2V5QnVuZGxlKFxyXG4gICAgICBwYXJhbXMubmV3UGFzc3dvcmRcclxuICAgICk7XHJcblxyXG4gICAgLy8gUmUtZW5jcnlwdCBtYXN0ZXIga2V5IHdpdGggbmV3IGtleVxyXG4gICAgY29uc3QgbmV3V3JhcHBlZE1hc3RlcktleSA9IGF3YWl0IHRoaXMuZW5jcnlwdGlvblNlcnZpY2UuZW5jcnlwdChcclxuICAgICAgcGFzc0tleUJ1bmRsZS5wYXNzS2V5LFxyXG4gICAgICBwYXJhbXMubWFzdGVyS2V5LnRvSlNPTih0cnVlKVxyXG4gICAgKTtcclxuXHJcbiAgICBjb25zdCByZXN1bHQgPSBhd2FpdCB0aGlzLmh0dHBcclxuICAgICAgLnBvc3Q8U2V0UGFzc3dvcmRBcGlSZXN1bHQ+KFxyXG4gICAgICAgIGAke3RoaXMuY29uZmlnLmF1dGhVcmx9dXNlcnMvbGJvcC1yZXNldC9zZXQtcGFzc3dvcmQvYCxcclxuICAgICAgICB7XHJcbiAgICAgICAgICBsYm9wSWQ6IHBhcmFtcy5sYm9wSWQsXHJcbiAgICAgICAgICB2ZXJpZmllZFRva2VuOiBwYXJhbXMudmVyaWZpZWRUb2tlbixcclxuICAgICAgICAgIG1hc3RlcktleUlkOiBwYXJhbXMubWFzdGVyS2V5SWQsXHJcbiAgICAgICAgICBuZXdXcmFwcGVkTWFzdGVyS2V5LFxyXG4gICAgICAgICAgbmV3UGFzc0tleToge1xyXG4gICAgICAgICAgICBwYXNzS2V5UGFyYW1zOiBwYXNzS2V5QnVuZGxlLnBhc3NLZXlQYXJhbXMsXHJcbiAgICAgICAgICAgIHBhc3NJZHBQYXJhbXM6IHBhc3NLZXlCdW5kbGUucGFzc0lkcFBhcmFtcyxcclxuICAgICAgICAgICAgcGFzc0lkcFZlcmlmaWVyUGJrOiBwYXNzS2V5QnVuZGxlLnBhc3NJZHBWZXJpZmllci50b0pTT04oKSxcclxuICAgICAgICAgICAgd3JhcHBlZFBhc3NJZHBWZXJpZmllclByazogcGFzc0tleUJ1bmRsZS53cmFwcGVkUGFzc0lkcFZlcmlmaWVyUHJrLFxyXG4gICAgICAgICAgfSxcclxuICAgICAgICB9XHJcbiAgICAgIClcclxuICAgICAgLnRvUHJvbWlzZSgpO1xyXG5cclxuICAgIC8vIC0tUG90ZW50aWFsIEZhaWx1cmUgUG9pbnQgNSAtLVxyXG4gICAgLy8gQSB0aW1lZCBtdXRleCBpcyBsb2NrZWQuIFRoZSBJZHAgcGFzc3dvcmQgY2hhbmdlIG11c3Qgb2NjdXIgd2l0aGluIGEgcGVyaW9kIG9mIHRpbWUuXHJcbiAgICAvLyBJZiBpbnRlcnJ1cHRlZCBoZXJlLCB0aGUgdXNlciBjYW4gbm90IGxvZ2luIHdpdGggdGhlaXIgb2xkIHBhc3N3b3JkIGFnYWluLiBUaGV5IG11c3RcclxuICAgIC8vIHN0YXJ0IHRoZSB3aG9sZSBMQk9QIHBhc3N3b3JkIHJlc2V0IHByb2Nlc3MgYWdhaW4uXHJcblxyXG4gICAgLy8gVGhpcyBjYWxsIHdpbGwgZ28gdGhyb3VnaCB0aGUgTFIgcHJveHkgd2hpY2ggaXMgT0sgc2luY2UgdGhlIExSIHNlcnZlciBrbm93c1xyXG4gICAgLy8gdGhlIHRlbXBvcmFyeSBwYXNzd29yZCBhbnl3YXkuXHJcbiAgICBsZXQgdXNlciA9IGF3YWl0IHRoaXMuYXV0aC5zaWduSW4ocmVzdWx0LnVzZXJuYW1lLCByZXN1bHQuaWRwUGFzc3dvcmQsIHtcclxuICAgICAgbm9Qcm94eTogJ3RydWUnLFxyXG4gICAgfSk7XHJcblxyXG4gICAgaWYgKHVzZXIuY2hhbGxlbmdlTmFtZSAhPT0gJ05FV19QQVNTV09SRF9SRVFVSVJFRCcpIHtcclxuICAgICAgdGhyb3cgbmV3IExyRXhjZXB0aW9uKHtcclxuICAgICAgICBtZXNzYWdlOlxyXG4gICAgICAgICAgJ0ludGVybmFsIGVycm9yLiBFeHBlY3RpbmcgQ29nbml0byB0byBoYXZlIGRvbmUgYSBwYXNzd29yZCByZXNldC4nLFxyXG4gICAgICB9KTtcclxuICAgIH1cclxuXHJcbiAgICAvLyAtLVBvdGVudGlhbCBGYWlsdXJlIFBvaW50IDYgLS1cclxuICAgIC8vIE11c3QgcmVzdGFydCB0aGUgTEJPUCBwYXNzd29yZCByZXNldCBwcm9jZXNzIGFnYWluLlxyXG5cclxuICAgIC8vIFNldCBuZXcgcGFzc3dvcmQgb24gSWRwXHJcbiAgICB1c2VyID0gYXdhaXQgdGhpcy5hdXRoLmNvbXBsZXRlTmV3UGFzc3dvcmQoXHJcbiAgICAgIHVzZXIsXHJcbiAgICAgIHRoaXMucGFzc3dvcmRTZXJ2aWNlLmdldFBhc3NJZHBTdHJpbmcocGFzc0tleUJ1bmRsZS5wYXNzSWRwKSxcclxuICAgICAge31cclxuICAgICk7XHJcblxyXG4gICAgLy8gLS1Qb3RlbnRpYWwgRmFpbHVyZSBQb2ludCA3IC0tXHJcbiAgICAvLyBNdXN0IHJlc3RhcnQgdGhlIExCT1AgcGFzc3dvcmQgcmVzZXQgcHJvY2VzcyBhZ2Fpbi5cclxuXHJcbiAgICBhd2FpdCB0aGlzLmF1dGguc2lnbk91dCgpO1xyXG5cclxuICAgIHJldHVybiBhd2FpdCB0aGlzLmh0dHBcclxuICAgICAgLnBvc3Q8YW55PihgJHt0aGlzLmNvbmZpZy5hdXRoVXJsfXVzZXJzL2xib3AtcmVzZXQvY29tcGxldGUvYCwge1xyXG4gICAgICAgIGxib3BJZDogcGFyYW1zLmxib3BJZCxcclxuICAgICAgICBzZXRQYXNzd29yZFRva2VuOiByZXN1bHQuc2V0UGFzc3dvcmRUb2tlbixcclxuICAgICAgfSlcclxuICAgICAgLnRvUHJvbWlzZSgpO1xyXG4gIH1cclxufVxyXG4iXX0=