@lifeready/core 0.6.0-beta.1

package/esm2015/lib/trusted-parties/tp-password-reset-user.service.js

@@ -0,0 +1,266 @@
+import { __awaiter, __decorate } from "tslib";
+import { Hub } from '@aws-amplify/core';
+import { Inject, Injectable, Injector, NgZone } from '@angular/core';
+import { EncryptionService } from '../cryptography/encryption.service';
+import { KeyGraphService } from '../cryptography/key-graph.service';
+import { LR_CONFIG } from '../life-ready.config';
+import * as slip from '../cryptography/slip39.service';
+import { JWK } from 'node-jose';
+import { LrBadStateException, LrException } from '../_common/exceptions';
+import { CompleteTpPasswordResetRequestMutation, CreateTpAssemblyKeyChallengeMutation, PreCompleteTpPasswordResetRequestMutation, } from './tp-password-reset.gql';
+import { PasswordService } from '../auth/password.service';
+import { HttpClient } from '@angular/common/http';
+import { AuthClass } from '@aws-amplify/auth/lib-esm/Auth';
+import { TpPasswordResetService, } from './tp-password-reset.service';
+import { LifeReadyAuthService } from '../auth/life-ready-auth.service';
+import { KeyFactoryService } from '../cryptography/key-factory.service';
+import { TpClaimState } from '../api/types';
+import { LrMutation, LrService } from '../api/lr-graphql';
+import { RunOutsideAngular } from '../_common/run-outside-angular';
+import * as i0 from "@angular/core";
+import * as i1 from "../life-ready.config";
+import * as i2 from "../cryptography/key-factory.service";
+import * as i3 from "../cryptography/encryption.service";
+import * as i4 from "../cryptography/key-graph.service";
+import * as i5 from "../cryptography/slip39.service";
+import * as i6 from "../auth/password.service";
+import * as i7 from "@angular/common/http";
+import * as i8 from "@aws-amplify/auth/lib-esm/Auth";
+import * as i9 from "../auth/life-ready-auth.service";
+let TpPasswordResetUserService = class TpPasswordResetUserService extends LrService {
+    constructor(ngZone, injector, config, keyFactory, encryptionService, keyGraphService, slip39Service, passwordService, http, auth, lrAuth) {
+        super(injector);
+        this.ngZone = ngZone;
+        this.injector = injector;
+        this.config = config;
+        this.keyFactory = keyFactory;
+        this.encryptionService = encryptionService;
+        this.keyGraphService = keyGraphService;
+        this.slip39Service = slip39Service;
+        this.passwordService = passwordService;
+        this.http = http;
+        this.auth = auth;
+        this.lrAuth = lrAuth;
+        this.CLIENT_NONCE_LENGTH = 32;
+    }
+    verifyEmailContact(email) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const params = {
+                email,
+            };
+            return this.http
+                .post(`${this.config.authUrl}tp/password-reset/verify-contact/`, params)
+                .toPromise();
+        });
+    }
+    verifyContactRespond(claimId, claimCode) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const { token } = yield this.http
+                .post(`${this.config.authUrl}cove/respond/`, {
+                claim_id: claimId,
+                v_code: claimCode,
+            })
+                .toPromise();
+            return token;
+        });
+    }
+    requestReset(password, claimId, claimToken) {
+        return __awaiter(this, void 0, void 0, function* () {
+            // Generate the key materials
+            const passKeyBundle = yield this.passwordService.createPassKeyBundle(password);
+            const masterKey = yield this.keyFactory.createKey();
+            const wrappedMasterKey = yield this.encryptionService.encrypt(passKeyBundle.passKey, masterKey.toJSON(true));
+            // Ephemeral PKC key
+            const prk = yield this.keyFactory.createPkcKey();
+            const masterKeyWrappedPrk = yield this.encryptionService.encrypt(masterKey, prk.toJSON(true));
+            // API call to setup reset request
+            const requestResetResult = yield this.http
+                .post(`${this.config.authUrl}tp/password-reset/request/`, {
+                claimId,
+                claimToken,
+                pass_key_params: passKeyBundle.passKeyParams,
+                pass_idp_params: passKeyBundle.passIdpParams,
+                pass_idp_verifier_pbk: passKeyBundle.passIdpVerifier.toJSON(),
+                wrapped_pass_idp_verifier_prk: passKeyBundle.wrappedPassIdpVerifierPrk,
+                wrapped_master_key: wrappedMasterKey,
+                pbk: prk.toJSON(),
+                master_key_wrapped_prk: masterKeyWrappedPrk,
+            })
+                .toPromise();
+            console.log(requestResetResult);
+            console.log('Using new password: ', this.passwordService.getPassIdpString(passKeyBundle.passIdp));
+            // API call to create user on cognito
+            const signUpResult = yield this.auth.signUp({
+                username: requestResetResult.reset_username,
+                password: this.passwordService.getPassIdpString(passKeyBundle.passIdp),
+                clientMetadata: {
+                    tp_password_reset_request: JSON.stringify({
+                        id: requestResetResult.id,
+                        associate_reset_user_token: requestResetResult.associate_reset_user_token,
+                    }),
+                },
+            });
+            console.log('requestRest done: ', signUpResult);
+            return {
+                requestResetResult,
+                signUpResult,
+            };
+        });
+    }
+    getResetUser(reload = false) {
+        return __awaiter(this, void 0, void 0, function* () {
+            if (!reload && this.resetUser) {
+                return this.resetUser;
+            }
+            this.resetUser = yield this.lrAuth.loadResetUser();
+            return this.resetUser;
+        });
+    }
+    recoverAssemblyKey(resetUser) {
+        return __awaiter(this, void 0, void 0, function* () {
+            // Recover the assembly key.
+            let assemblyKeyParams;
+            const prk = yield this.keyGraphService.getKey(resetUser.pxk.id);
+            const shares = yield Promise.all(resetUser.approvals.map((approval) => __awaiter(this, void 0, void 0, function* () {
+                const partialAssemblyKey = yield this.encryptionService.decrypt(prk, approval.receiverCipherPartialAssemblyKey);
+                if (assemblyKeyParams) {
+                    if (JSON.stringify(assemblyKeyParams) !==
+                        JSON.stringify(partialAssemblyKey.assemblyKeyParams)) {
+                        throw new LrBadStateException('The assembly key parameters are different between the approvals.');
+                    }
+                }
+                else {
+                    assemblyKeyParams = partialAssemblyKey.assemblyKeyParams;
+                }
+                return partialAssemblyKey.slip39.share.mnemonics;
+            })));
+            console.log('recoverAssemblyKey()', shares);
+            const rawAssemblyKey = yield this.slip39Service.recoverSecret(shares, TpPasswordResetService.SLIP39_PASSPHRASE);
+            return JWK.asKey(Object.assign(Object.assign({}, assemblyKeyParams), { k: rawAssemblyKey }));
+        });
+    }
+    completeRequest(newPassword) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const resetUser = yield this.getResetUser(true);
+            if (resetUser.state !== TpClaimState.APPROVED) {
+                throw new LrBadStateException('Password reset request has not been approved.');
+            }
+            // --------------------------------------------------------------
+            // Prepare all materials to ensure there are no errors.
+            // --------------------------------------------------------------
+            const assemblyKey = yield this.recoverAssemblyKey(resetUser);
+            const { rootKey } = yield this.encryptionService.decrypt(assemblyKey, resetUser.assemblyCipherData);
+            console.log(rootKey);
+            // Making sure it's a valid key.
+            const rootKeyJwk = yield JWK.asKey(rootKey);
+            const masterKey = yield this.keyGraphService.getKey(resetUser.masterKey.id);
+            const masterKeyWrappedRootKey = yield this.encryptionService.encryptToString(masterKey.jwk, rootKeyJwk.toJSON(true));
+            // The new password
+            const newPassIdpResult = yield this.keyFactory.derivePassIdp(Object.assign({ password: newPassword }, resetUser.passKey.passIdpParams));
+            const newIdpPassword = this.passwordService.getPassIdpString(newPassIdpResult.jwk);
+            // --------------------------------------------------------------
+            // Get assembly key challenge
+            // --------------------------------------------------------------
+            const challenge = (yield this.mutate(new LrMutation({
+                mutation: CreateTpAssemblyKeyChallengeMutation,
+                variables: {
+                    input: {},
+                },
+            }), {
+                includeKeyGraph: false,
+            })).createTpAssemblyKeyChallenge.challenge;
+            console.log(challenge);
+            // Sign the challenge
+            // Generate a client side nonce that's no in the server's control.
+            challenge.clientNonce = this.keyFactory.randomString(this.CLIENT_NONCE_LENGTH);
+            console.log(challenge);
+            const assemblyKeyVerifierPrk = yield this.encryptionService.decrypt(assemblyKey, resetUser.wrappedAssemblyKeyVerifierPrk);
+            const signedChallenge = yield this.encryptionService.sign(assemblyKeyVerifierPrk, challenge);
+            // --------------------------------------------------------------
+            // Change password for the original user
+            // --------------------------------------------------------------
+            const tempIdpPassword = (yield this.mutate(new LrMutation({
+                mutation: PreCompleteTpPasswordResetRequestMutation,
+                variables: {
+                    input: {
+                        signedChallenge: JSON.stringify(signedChallenge),
+                    },
+                },
+            }), {
+                includeKeyGraph: false,
+            })).preCompleteTpPasswordResetRequest.idpPassword;
+            // --------------------------------------------------------------
+            // Login as the original user using new temporary password
+            // --------------------------------------------------------------
+            // At this point, the original account's password has been changed
+            // to a temporary password. It is no longer possible for the user
+            // to use the original password to login. Any successful login
+            // can only be using the temporary password. So it's safe to assume
+            // that we want to "complete" the password reset.
+            // The maybe 2FA so we listen for the auth event from Amplify.
+            const retPromise = new Promise((resolve) => {
+                const listener = (data) => __awaiter(this, void 0, void 0, function* () {
+                    if (data.payload.event !== 'signIn') {
+                        return;
+                    }
+                    Hub.remove('auth', listener);
+                    console.log(data.payload);
+                    yield this.auth.signIn(resetUser.username, newIdpPassword);
+                    // Switch over to the new set of keys
+                    yield this.mutate(new LrMutation({
+                        mutation: CompleteTpPasswordResetRequestMutation,
+                        variables: {
+                            input: {
+                                masterKeyWrappedRootKey,
+                                masterKeyId: masterKey.id,
+                            },
+                        },
+                    }));
+                    resolve();
+                });
+                Hub.listen('auth', listener);
+            });
+            // Signin as the original user. Password has been reset to temporary one. It should return
+            // with NEW_PASSWORD_REQUIRED
+            let user = yield this.auth.signIn(resetUser.username, tempIdpPassword, {
+                noProxy: 'true',
+            });
+            if (user.challengeName !== 'NEW_PASSWORD_REQUIRED') {
+                throw new LrException({
+                    message: 'Internal error. Expecting Cognito to have done a password reset after call to PreCompleteTpPasswordResetRequestMutation.',
+                });
+            }
+            // Set new password on Idp
+            // the awsFetch() function passes NEW_PASSWORD_REQUIRED directly to AWS without
+            // going through the proxy.
+            user = yield this.auth.completeNewPassword(user, newIdpPassword, {});
+            return retPromise;
+        });
+    }
+};
+TpPasswordResetUserService.ɵprov = i0.ɵɵdefineInjectable({ factory: function TpPasswordResetUserService_Factory() { return new TpPasswordResetUserService(i0.ɵɵinject(i0.NgZone), i0.ɵɵinject(i0.INJECTOR), i0.ɵɵinject(i1.LR_CONFIG), i0.ɵɵinject(i2.KeyFactoryService), i0.ɵɵinject(i3.EncryptionService), i0.ɵɵinject(i4.KeyGraphService), i0.ɵɵinject(i5.Slip39Service), i0.ɵɵinject(i6.PasswordService), i0.ɵɵinject(i7.HttpClient), i0.ɵɵinject(i8.AuthClass), i0.ɵɵinject(i9.LifeReadyAuthService)); }, token: TpPasswordResetUserService, providedIn: "root" });
+TpPasswordResetUserService.decorators = [
+    { type: Injectable, args: [{
+                providedIn: 'root',
+            },] }
+];
+TpPasswordResetUserService.ctorParameters = () => [
+    { type: NgZone },
+    { type: Injector },
+    { type: undefined, decorators: [{ type: Inject, args: [LR_CONFIG,] }] },
+    { type: KeyFactoryService },
+    { type: EncryptionService },
+    { type: KeyGraphService },
+    { type: slip.Slip39Service },
+    { type: PasswordService },
+    { type: HttpClient },
+    { type: AuthClass },
+    { type: LifeReadyAuthService }
+];
+TpPasswordResetUserService = __decorate([
+    RunOutsideAngular({
+        ngZoneName: 'ngZone',
+    })
+], TpPasswordResetUserService);
+export { TpPasswordResetUserService };
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidHAtcGFzc3dvcmQtcmVzZXQtdXNlci5zZXJ2aWNlLmpzIiwic291cmNlUm9vdCI6IkM6L1Byb2plY3RzL3Rlc3QvcHJvamVjdHMvY29yZS9zcmMvIiwic291cmNlcyI6WyJsaWIvdHJ1c3RlZC1wYXJ0aWVzL3RwLXBhc3N3b3JkLXJlc2V0LXVzZXIuc2VydmljZS50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiO0FBQUEsT0FBTyxFQUFFLEdBQUcsRUFBRSxNQUFNLG1CQUFtQixDQUFDO0FBQ3hDLE9BQU8sRUFBRSxNQUFNLEVBQUUsVUFBVSxFQUFFLFFBQVEsRUFBRSxNQUFNLEVBQUUsTUFBTSxlQUFlLENBQUM7QUFDckUsT0FBTyxFQUFFLGlCQUFpQixFQUFFLE1BQU0sb0NBQW9DLENBQUM7QUFDdkUsT0FBTyxFQUFFLGVBQWUsRUFBRSxNQUFNLG1DQUFtQyxDQUFDO0FBQ3BFLE9BQU8sRUFBbUIsU0FBUyxFQUFFLE1BQU0sc0JBQXNCLENBQUM7QUFDbEUsT0FBTyxLQUFLLElBQUksTUFBTSxnQ0FBZ0MsQ0FBQztBQUN2RCxPQUFPLEVBQUUsR0FBRyxFQUFFLE1BQU0sV0FBVyxDQUFDO0FBQ2hDLE9BQU8sRUFBRSxtQkFBbUIsRUFBRSxXQUFXLEVBQUUsTUFBTSx1QkFBdUIsQ0FBQztBQUN6RSxPQUFPLEVBQ0wsc0NBQXNDLEVBQ3RDLG9DQUFvQyxFQUNwQyx5Q0FBeUMsR0FDMUMsTUFBTSx5QkFBeUIsQ0FBQztBQUNqQyxPQUFPLEVBQUUsZUFBZSxFQUFFLE1BQU0sMEJBQTBCLENBQUM7QUFDM0QsT0FBTyxFQUFFLFVBQVUsRUFBRSxNQUFNLHNCQUFzQixDQUFDO0FBQ2xELE9BQU8sRUFBRSxTQUFTLEVBQUUsTUFBTSxnQ0FBZ0MsQ0FBQztBQUMzRCxPQUFPLEVBRUwsc0JBQXNCLEdBQ3ZCLE1BQU0sNkJBQTZCLENBQUM7QUFFckMsT0FBTyxFQUFFLG9CQUFvQixFQUFFLE1BQU0saUNBQWlDLENBQUM7QUFDdkUsT0FBTyxFQUFFLGlCQUFpQixFQUFFLE1BQU0scUNBQXFDLENBQUM7QUFDeEUsT0FBTyxFQUFFLFlBQVksRUFBMkIsTUFBTSxjQUFjLENBQUM7QUFDckUsT0FBTyxFQUFFLFVBQVUsRUFBRSxTQUFTLEVBQUUsTUFBTSxtQkFBbUIsQ0FBQztBQUMxRCxPQUFPLEVBQUUsaUJBQWlCLEVBQUUsTUFBTSxnQ0FBZ0MsQ0FBQzs7Ozs7Ozs7Ozs7SUFRdEQsMEJBQTBCLFNBQTFCLDBCQUEyQixTQUFRLFNBQVM7SUFJdkQsWUFDVSxNQUFjLEVBQ2QsUUFBa0IsRUFDQyxNQUF1QixFQUMxQyxVQUE2QixFQUM3QixpQkFBb0MsRUFDcEMsZUFBZ0MsRUFDaEMsYUFBaUMsRUFDakMsZUFBZ0MsRUFDaEMsSUFBZ0IsRUFDaEIsSUFBZSxFQUNmLE1BQTRCO1FBRXBDLEtBQUssQ0FBQyxRQUFRLENBQUMsQ0FBQztRQVpSLFdBQU0sR0FBTixNQUFNLENBQVE7UUFDZCxhQUFRLEdBQVIsUUFBUSxDQUFVO1FBQ0MsV0FBTSxHQUFOLE1BQU0sQ0FBaUI7UUFDMUMsZUFBVSxHQUFWLFVBQVUsQ0FBbUI7UUFDN0Isc0JBQWlCLEdBQWpCLGlCQUFpQixDQUFtQjtRQUNwQyxvQkFBZSxHQUFmLGVBQWUsQ0FBaUI7UUFDaEMsa0JBQWEsR0FBYixhQUFhLENBQW9CO1FBQ2pDLG9CQUFlLEdBQWYsZUFBZSxDQUFpQjtRQUNoQyxTQUFJLEdBQUosSUFBSSxDQUFZO1FBQ2hCLFNBQUksR0FBSixJQUFJLENBQVc7UUFDZixXQUFNLEdBQU4sTUFBTSxDQUFzQjtRQWRyQix3QkFBbUIsR0FBRyxFQUFFLENBQUM7SUFpQjFDLENBQUM7SUFFSyxrQkFBa0IsQ0FBQyxLQUFLOztZQUM1QixNQUFNLE1BQU0sR0FBRztnQkFDYixLQUFLO2FBQ04sQ0FBQztZQUNGLE9BQU8sSUFBSSxDQUFDLElBQUk7aUJBQ2IsSUFBSSxDQUNILEdBQUcsSUFBSSxDQUFDLE1BQU0sQ0FBQyxPQUFPLG1DQUFtQyxFQUN6RCxNQUFNLENBQ1A7aUJBQ0EsU0FBUyxFQUFFLENBQUM7UUFDakIsQ0FBQztLQUFBO0lBRUssb0JBQW9CLENBQ3hCLE9BQWUsRUFDZixTQUFpQjs7WUFFakIsTUFBTSxFQUFFLEtBQUssRUFBRSxHQUFHLE1BQU0sSUFBSSxDQUFDLElBQUk7aUJBQzlCLElBQUksQ0FBWSxHQUFHLElBQUksQ0FBQyxNQUFNLENBQUMsT0FBTyxlQUFlLEVBQUU7Z0JBQ3RELFFBQVEsRUFBRSxPQUFPO2dCQUNqQixNQUFNLEVBQUUsU0FBUzthQUNsQixDQUFDO2lCQUNELFNBQVMsRUFBRSxDQUFDO1lBQ2YsT0FBTyxLQUFLLENBQUM7UUFDZixDQUFDO0tBQUE7SUFFSyxZQUFZLENBQ2hCLFFBQWdCLEVBQ2hCLE9BQWUsRUFDZixVQUFrQjs7WUFLbEIsNkJBQTZCO1lBQzdCLE1BQU0sYUFBYSxHQUFHLE1BQU0sSUFBSSxDQUFDLGVBQWUsQ0FBQyxtQkFBbUIsQ0FDbEUsUUFBUSxDQUNULENBQUM7WUFFRixNQUFNLFNBQVMsR0FBRyxNQUFNLElBQUksQ0FBQyxVQUFVLENBQUMsU0FBUyxFQUFFLENBQUM7WUFDcEQsTUFBTSxnQkFBZ0IsR0FBRyxNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxPQUFPLENBQzNELGFBQWEsQ0FBQyxPQUFPLEVBQ3JCLFNBQVMsQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFDLENBQ3ZCLENBQUM7WUFFRixvQkFBb0I7WUFDcEIsTUFBTSxHQUFHLEdBQUcsTUFBTSxJQUFJLENBQUMsVUFBVSxDQUFDLFlBQVksRUFBRSxDQUFDO1lBQ2pELE1BQU0sbUJBQW1CLEdBQUcsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsT0FBTyxDQUM5RCxTQUFTLEVBQ1QsR0FBRyxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsQ0FDakIsQ0FBQztZQUVGLGtDQUFrQztZQUNsQyxNQUFNLGtCQUFrQixHQUFHLE1BQU0sSUFBSSxDQUFDLElBQUk7aUJBQ3ZDLElBQUksQ0FDSCxHQUFHLElBQUksQ0FBQyxNQUFNLENBQUMsT0FBTyw0QkFBNEIsRUFDbEQ7Z0JBQ0UsT0FBTztnQkFDUCxVQUFVO2dCQUNWLGVBQWUsRUFBRSxhQUFhLENBQUMsYUFBYTtnQkFDNUMsZUFBZSxFQUFFLGFBQWEsQ0FBQyxhQUFhO2dCQUM1QyxxQkFBcUIsRUFBRSxhQUFhLENBQUMsZUFBZSxDQUFDLE1BQU0sRUFBRTtnQkFDN0QsNkJBQTZCLEVBQzNCLGFBQWEsQ0FBQyx5QkFBeUI7Z0JBQ3pDLGtCQUFrQixFQUFFLGdCQUFnQjtnQkFDcEMsR0FBRyxFQUFFLEdBQUcsQ0FBQyxNQUFNLEVBQUU7Z0JBQ2pCLHNCQUFzQixFQUFFLG1CQUFtQjthQUM1QyxDQUNGO2lCQUNBLFNBQVMsRUFBRSxDQUFDO1lBRWYsT0FBTyxDQUFDLEdBQUcsQ0FBQyxrQkFBa0IsQ0FBQyxDQUFDO1lBQ2hDLE9BQU8sQ0FBQyxHQUFHLENBQ1Qsc0JBQXNCLEVBQ3RCLElBQUksQ0FBQyxlQUFlLENBQUMsZ0JBQWdCLENBQUMsYUFBYSxDQUFDLE9BQU8sQ0FBQyxDQUM3RCxDQUFDO1lBRUYscUNBQXFDO1lBQ3JDLE1BQU0sWUFBWSxHQUFHLE1BQU0sSUFBSSxDQUFDLElBQUksQ0FBQyxNQUFNLENBQUM7Z0JBQzFDLFFBQVEsRUFBRSxrQkFBa0IsQ0FBQyxjQUFjO2dCQUMzQyxRQUFRLEVBQUUsSUFBSSxDQUFDLGVBQWUsQ0FBQyxnQkFBZ0IsQ0FBQyxhQUFhLENBQUMsT0FBTyxDQUFDO2dCQUN0RSxjQUFjLEVBQUU7b0JBQ2QseUJBQXlCLEVBQUUsSUFBSSxDQUFDLFNBQVMsQ0FBQzt3QkFDeEMsRUFBRSxFQUFFLGtCQUFrQixDQUFDLEVBQUU7d0JBQ3pCLDBCQUEwQixFQUN4QixrQkFBa0IsQ0FBQywwQkFBMEI7cUJBQ2hELENBQUM7aUJBQ0g7YUFDRixDQUFDLENBQUM7WUFFSCxPQUFPLENBQUMsR0FBRyxDQUFDLG9CQUFvQixFQUFFLFlBQVksQ0FBQyxDQUFDO1lBRWhELE9BQU87Z0JBQ0wsa0JBQWtCO2dCQUNsQixZQUFZO2FBQ2IsQ0FBQztRQUNKLENBQUM7S0FBQTtJQUVLLFlBQVksQ0FDaEIsU0FBa0IsS0FBSzs7WUFFdkIsSUFBSSxDQUFDLE1BQU0sSUFBSSxJQUFJLENBQUMsU0FBUyxFQUFFO2dCQUM3QixPQUFPLElBQUksQ0FBQyxTQUFTLENBQUM7YUFDdkI7WUFDRCxJQUFJLENBQUMsU0FBUyxHQUFHLE1BQU0sSUFBSSxDQUFDLE1BQU0sQ0FBQyxhQUFhLEVBQUUsQ0FBQztZQUNuRCxPQUFPLElBQUksQ0FBQyxTQUFTLENBQUM7UUFDeEIsQ0FBQztLQUFBO0lBRWEsa0JBQWtCLENBQzlCLFNBQWtDOztZQUVsQyw0QkFBNEI7WUFDNUIsSUFBSSxpQkFBeUIsQ0FBQztZQUU5QixNQUFNLEdBQUcsR0FBRyxNQUFNLElBQUksQ0FBQyxlQUFlLENBQUMsTUFBTSxDQUFDLFNBQVMsQ0FBQyxHQUFHLENBQUMsRUFBRSxDQUFDLENBQUM7WUFFaEUsTUFBTSxNQUFNLEdBQUcsTUFBTSxPQUFPLENBQUMsR0FBRyxDQUM5QixTQUFTLENBQUMsU0FBUyxDQUFDLEdBQUcsQ0FBQyxDQUFPLFFBQVEsRUFBRSxFQUFFO2dCQUN6QyxNQUFNLGtCQUFrQixHQUFHLE1BQU0sSUFBSSxDQUFDLGlCQUFpQixDQUFDLE9BQU8sQ0FDN0QsR0FBRyxFQUNILFFBQVEsQ0FBQyxnQ0FBZ0MsQ0FDMUMsQ0FBQztnQkFFRixJQUFJLGlCQUFpQixFQUFFO29CQUNyQixJQUNFLElBQUksQ0FBQyxTQUFTLENBQUMsaUJBQWlCLENBQUM7d0JBQ2pDLElBQUksQ0FBQyxTQUFTLENBQUMsa0JBQWtCLENBQUMsaUJBQWlCLENBQUMsRUFDcEQ7d0JBQ0EsTUFBTSxJQUFJLG1CQUFtQixDQUMzQixrRUFBa0UsQ0FDbkUsQ0FBQztxQkFDSDtpQkFDRjtxQkFBTTtvQkFDTCxpQkFBaUIsR0FBRyxrQkFBa0IsQ0FBQyxpQkFBaUIsQ0FBQztpQkFDMUQ7Z0JBQ0QsT0FBTyxrQkFBa0IsQ0FBQyxNQUFNLENBQUMsS0FBSyxDQUFDLFNBQVMsQ0FBQztZQUNuRCxDQUFDLENBQUEsQ0FBQyxDQUNILENBQUM7WUFFRixPQUFPLENBQUMsR0FBRyxDQUFDLHNCQUFzQixFQUFFLE1BQU0sQ0FBQyxDQUFDO1lBRTVDLE1BQU0sY0FBYyxHQUFHLE1BQU0sSUFBSSxDQUFDLGFBQWEsQ0FBQyxhQUFhLENBQzNELE1BQU0sRUFDTixzQkFBc0IsQ0FBQyxpQkFBaUIsQ0FDekMsQ0FBQztZQUVGLE9BQU8sR0FBRyxDQUFDLEtBQUssaUNBQ1gsaUJBQWlCLEtBQ3BCLENBQUMsRUFBRSxjQUFjLElBQ2pCLENBQUM7UUFDTCxDQUFDO0tBQUE7SUFFSyxlQUFlLENBQUMsV0FBbUI7O1lBQ3ZDLE1BQU0sU0FBUyxHQUFHLE1BQU0sSUFBSSxDQUFDLFlBQVksQ0FBQyxJQUFJLENBQUMsQ0FBQztZQUNoRCxJQUFJLFNBQVMsQ0FBQyxLQUFLLEtBQUssWUFBWSxDQUFDLFFBQVEsRUFBRTtnQkFDN0MsTUFBTSxJQUFJLG1CQUFtQixDQUMzQiwrQ0FBK0MsQ0FDaEQsQ0FBQzthQUNIO1lBRUQsaUVBQWlFO1lBQ2pFLHVEQUF1RDtZQUN2RCxpRUFBaUU7WUFDakUsTUFBTSxXQUFXLEdBQUcsTUFBTSxJQUFJLENBQUMsa0JBQWtCLENBQUMsU0FBUyxDQUFDLENBQUM7WUFFN0QsTUFBTSxFQUFFLE9BQU8sRUFBRSxHQUFHLE1BQU0sSUFBSSxDQUFDLGlCQUFpQixDQUFDLE9BQU8sQ0FDdEQsV0FBVyxFQUNYLFNBQVMsQ0FBQyxrQkFBa0IsQ0FDN0IsQ0FBQztZQUNGLE9BQU8sQ0FBQyxHQUFHLENBQUMsT0FBTyxDQUFDLENBQUM7WUFFckIsZ0NBQWdDO1lBQ2hDLE1BQU0sVUFBVSxHQUFHLE1BQU0sR0FBRyxDQUFDLEtBQUssQ0FBQyxPQUFPLENBQUMsQ0FBQztZQUU1QyxNQUFNLFNBQVMsR0FBRyxNQUFNLElBQUksQ0FBQyxlQUFlLENBQUMsTUFBTSxDQUFDLFNBQVMsQ0FBQyxTQUFTLENBQUMsRUFBRSxDQUFDLENBQUM7WUFFNUUsTUFBTSx1QkFBdUIsR0FBRyxNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxlQUFlLENBQzFFLFNBQVMsQ0FBQyxHQUFHLEVBQ2IsVUFBVSxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsQ0FDeEIsQ0FBQztZQUVGLG1CQUFtQjtZQUNuQixNQUFNLGdCQUFnQixHQUFHLE1BQU0sSUFBSSxDQUFDLFVBQVUsQ0FBQyxhQUFhLGlCQUMxRCxRQUFRLEVBQUUsV0FBVyxJQUNsQixTQUFTLENBQUMsT0FBTyxDQUFDLGFBQWEsRUFDbEMsQ0FBQztZQUVILE1BQU0sY0FBYyxHQUFHLElBQUksQ0FBQyxlQUFlLENBQUMsZ0JBQWdCLENBQzFELGdCQUFnQixDQUFDLEdBQUcsQ0FDckIsQ0FBQztZQUVGLGlFQUFpRTtZQUNqRSw2QkFBNkI7WUFDN0IsaUVBQWlFO1lBQ2pFLE1BQU0sU0FBUyxHQUFHLENBQ2hCLE1BQU0sSUFBSSxDQUFDLE1BQU0sQ0FDZixJQUFJLFVBQVUsQ0FBQztnQkFDYixRQUFRLEVBQUUsb0NBQW9DO2dCQUM5QyxTQUFTLEVBQUU7b0JBQ1QsS0FBSyxFQUFFLEVBQUU7aUJBQ1Y7YUFDRixDQUFDLEVBQ0Y7Z0JBQ0UsZUFBZSxFQUFFLEtBQUs7YUFDdkIsQ0FDRixDQUNGLENBQUMsNEJBQTRCLENBQUMsU0FBUyxDQUFDO1lBRXpDLE9BQU8sQ0FBQyxHQUFHLENBQUMsU0FBUyxDQUFDLENBQUM7WUFFdkIscUJBQXFCO1lBQ3JCLGtFQUFrRTtZQUNsRSxTQUFTLENBQUMsV0FBVyxHQUFHLElBQUksQ0FBQyxVQUFVLENBQUMsWUFBWSxDQUNsRCxJQUFJLENBQUMsbUJBQW1CLENBQ3pCLENBQUM7WUFDRixPQUFPLENBQUMsR0FBRyxDQUFDLFNBQVMsQ0FBQyxDQUFDO1lBRXZCLE1BQU0sc0JBQXNCLEdBQUcsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsT0FBTyxDQUNqRSxXQUFXLEVBQ1gsU0FBUyxDQUFDLDZCQUE2QixDQUN4QyxDQUFDO1lBQ0YsTUFBTSxlQUFlLEdBQUcsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsSUFBSSxDQUN2RCxzQkFBc0IsRUFDdEIsU0FBUyxDQUNWLENBQUM7WUFFRixpRUFBaUU7WUFDakUsd0NBQXdDO1lBQ3hDLGlFQUFpRTtZQUNqRSxNQUFNLGVBQWUsR0FBRyxDQUN0QixNQUFNLElBQUksQ0FBQyxNQUFNLENBQ2YsSUFBSSxVQUFVLENBQUM7Z0JBQ2IsUUFBUSxFQUFFLHlDQUF5QztnQkFDbkQsU0FBUyxFQUFFO29CQUNULEtBQUssRUFBRTt3QkFDTCxlQUFlLEVBQUUsSUFBSSxDQUFDLFNBQVMsQ0FBQyxlQUFlLENBQUM7cUJBQ2pEO2lCQUNGO2FBQ0YsQ0FBQyxFQUNGO2dCQUNFLGVBQWUsRUFBRSxLQUFLO2FBQ3ZCLENBQ0YsQ0FDRixDQUFDLGlDQUFpQyxDQUFDLFdBQVcsQ0FBQztZQUVoRCxpRUFBaUU7WUFDakUsMERBQTBEO1lBQzFELGlFQUFpRTtZQUNqRSxrRUFBa0U7WUFDbEUsaUVBQWlFO1lBQ2pFLDhEQUE4RDtZQUM5RCxtRUFBbUU7WUFDbkUsaURBQWlEO1lBRWpELDhEQUE4RDtZQUM5RCxNQUFNLFVBQVUsR0FBRyxJQUFJLE9BQU8sQ0FBTyxDQUFDLE9BQU8sRUFBRSxFQUFFO2dCQUMvQyxNQUFNLFFBQVEsR0FBRyxDQUFPLElBQUksRUFBRSxFQUFFO29CQUM5QixJQUFJLElBQUksQ0FBQyxPQUFPLENBQUMsS0FBSyxLQUFLLFFBQVEsRUFBRTt3QkFDbkMsT0FBTztxQkFDUjtvQkFFRCxHQUFHLENBQUMsTUFBTSxDQUFDLE1BQU0sRUFBRSxRQUFRLENBQUMsQ0FBQztvQkFFN0IsT0FBTyxDQUFDLEdBQUcsQ0FBQyxJQUFJLENBQUMsT0FBTyxDQUFDLENBQUM7b0JBRTFCLE1BQU0sSUFBSSxDQUFDLElBQUksQ0FBQyxNQUFNLENBQUMsU0FBUyxDQUFDLFFBQVEsRUFBRSxjQUFjLENBQUMsQ0FBQztvQkFFM0QscUNBQXFDO29CQUNyQyxNQUFNLElBQUksQ0FBQyxNQUFNLENBQ2YsSUFBSSxVQUFVLENBQUM7d0JBQ2IsUUFBUSxFQUFFLHNDQUFzQzt3QkFDaEQsU0FBUyxFQUFFOzRCQUNULEtBQUssRUFBRTtnQ0FDTCx1QkFBdUI7Z0NBQ3ZCLFdBQVcsRUFBRSxTQUFTLENBQUMsRUFBRTs2QkFDMUI7eUJBQ0Y7cUJBQ0YsQ0FBQyxDQUNILENBQUM7b0JBRUYsT0FBTyxFQUFFLENBQUM7Z0JBQ1osQ0FBQyxDQUFBLENBQUM7Z0JBRUYsR0FBRyxDQUFDLE1BQU0sQ0FBQyxNQUFNLEVBQUUsUUFBUSxDQUFDLENBQUM7WUFDL0IsQ0FBQyxDQUFDLENBQUM7WUFFSCwwRkFBMEY7WUFDMUYsNkJBQTZCO1lBQzdCLElBQUksSUFBSSxHQUFHLE1BQU0sSUFBSSxDQUFDLElBQUksQ0FBQyxNQUFNLENBQUMsU0FBUyxDQUFDLFFBQVEsRUFBRSxlQUFlLEVBQUU7Z0JBQ3JFLE9BQU8sRUFBRSxNQUFNO2FBQ2hCLENBQUMsQ0FBQztZQUVILElBQUksSUFBSSxDQUFDLGFBQWEsS0FBSyx1QkFBdUIsRUFBRTtnQkFDbEQsTUFBTSxJQUFJLFdBQVcsQ0FBQztvQkFDcEIsT0FBTyxFQUNMLDBIQUEwSDtpQkFDN0gsQ0FBQyxDQUFDO2FBQ0o7WUFFRCwwQkFBMEI7WUFDMUIsK0VBQStFO1lBQy9FLDJCQUEyQjtZQUMzQixJQUFJLEdBQUcsTUFBTSxJQUFJLENBQUMsSUFBSSxDQUFDLG1CQUFtQixDQUFDLElBQUksRUFBRSxjQUFjLEVBQUUsRUFBRSxDQUFDLENBQUM7WUFFckUsT0FBTyxVQUFVLENBQUM7UUFDcEIsQ0FBQztLQUFBO0NBQ0YsQ0FBQTs7O1lBeFVBLFVBQVUsU0FBQztnQkFDVixVQUFVLEVBQUUsTUFBTTthQUNuQjs7O1lBL0JzQyxNQUFNO1lBQWhCLFFBQVE7NENBdUNoQyxNQUFNLFNBQUMsU0FBUztZQWxCWixpQkFBaUI7WUFwQmpCLGlCQUFpQjtZQUNqQixlQUFlO1lBRVosSUFBSSxDQXVDZ0IsYUFBYTtZQS9CcEMsZUFBZTtZQUNmLFVBQVU7WUFDVixTQUFTO1lBTVQsb0JBQW9COztBQVloQiwwQkFBMEI7SUFOdEMsaUJBQWlCLENBQUM7UUFDakIsVUFBVSxFQUFFLFFBQVE7S0FDckIsQ0FBQztHQUlXLDBCQUEwQixDQXFVdEM7U0FyVVksMEJBQTBCIiwic291cmNlc0NvbnRlbnQiOlsiaW1wb3J0IHsgSHViIH0gZnJvbSAnQGF3cy1hbXBsaWZ5L2NvcmUnO1xyXG5pbXBvcnQgeyBJbmplY3QsIEluamVjdGFibGUsIEluamVjdG9yLCBOZ1pvbmUgfSBmcm9tICdAYW5ndWxhci9jb3JlJztcclxuaW1wb3J0IHsgRW5jcnlwdGlvblNlcnZpY2UgfSBmcm9tICcuLi9jcnlwdG9ncmFwaHkvZW5jcnlwdGlvbi5zZXJ2aWNlJztcclxuaW1wb3J0IHsgS2V5R3JhcGhTZXJ2aWNlIH0gZnJvbSAnLi4vY3J5cHRvZ3JhcGh5L2tleS1ncmFwaC5zZXJ2aWNlJztcclxuaW1wb3J0IHsgTGlmZVJlYWR5Q29uZmlnLCBMUl9DT05GSUcgfSBmcm9tICcuLi9saWZlLXJlYWR5LmNvbmZpZyc7XHJcbmltcG9ydCAqIGFzIHNsaXAgZnJvbSAnLi4vY3J5cHRvZ3JhcGh5L3NsaXAzOS5zZXJ2aWNlJztcclxuaW1wb3J0IHsgSldLIH0gZnJvbSAnbm9kZS1qb3NlJztcclxuaW1wb3J0IHsgTHJCYWRTdGF0ZUV4Y2VwdGlvbiwgTHJFeGNlcHRpb24gfSBmcm9tICcuLi9fY29tbW9uL2V4Y2VwdGlvbnMnO1xyXG5pbXBvcnQge1xyXG4gIENvbXBsZXRlVHBQYXNzd29yZFJlc2V0UmVxdWVzdE11dGF0aW9uLFxyXG4gIENyZWF0ZVRwQXNzZW1ibHlLZXlDaGFsbGVuZ2VNdXRhdGlvbixcclxuICBQcmVDb21wbGV0ZVRwUGFzc3dvcmRSZXNldFJlcXVlc3RNdXRhdGlvbixcclxufSBmcm9tICcuL3RwLXBhc3N3b3JkLXJlc2V0LmdxbCc7XHJcbmltcG9ydCB7IFBhc3N3b3JkU2VydmljZSB9IGZyb20gJy4uL2F1dGgvcGFzc3dvcmQuc2VydmljZSc7XHJcbmltcG9ydCB7IEh0dHBDbGllbnQgfSBmcm9tICdAYW5ndWxhci9jb21tb24vaHR0cCc7XHJcbmltcG9ydCB7IEF1dGhDbGFzcyB9IGZyb20gJ0Bhd3MtYW1wbGlmeS9hdXRoL2xpYi1lc20vQXV0aCc7XHJcbmltcG9ydCB7XHJcbiAgUmVxdWVzdFJlc2V0UmVzdWx0LFxyXG4gIFRwUGFzc3dvcmRSZXNldFNlcnZpY2UsXHJcbn0gZnJvbSAnLi90cC1wYXNzd29yZC1yZXNldC5zZXJ2aWNlJztcclxuaW1wb3J0IHsgSVNpZ25VcFJlc3VsdCB9IGZyb20gJ2FtYXpvbi1jb2duaXRvLWlkZW50aXR5LWpzJztcclxuaW1wb3J0IHsgTGlmZVJlYWR5QXV0aFNlcnZpY2UgfSBmcm9tICcuLi9hdXRoL2xpZmUtcmVhZHktYXV0aC5zZXJ2aWNlJztcclxuaW1wb3J0IHsgS2V5RmFjdG9yeVNlcnZpY2UgfSBmcm9tICcuLi9jcnlwdG9ncmFwaHkva2V5LWZhY3Rvcnkuc2VydmljZSc7XHJcbmltcG9ydCB7IFRwQ2xhaW1TdGF0ZSwgVHBQYXNzd29yZFJlc2V0VXNlck5vZGUgfSBmcm9tICcuLi9hcGkvdHlwZXMnO1xyXG5pbXBvcnQgeyBMck11dGF0aW9uLCBMclNlcnZpY2UgfSBmcm9tICcuLi9hcGkvbHItZ3JhcGhxbCc7XHJcbmltcG9ydCB7IFJ1bk91dHNpZGVBbmd1bGFyIH0gZnJvbSAnLi4vX2NvbW1vbi9ydW4tb3V0c2lkZS1hbmd1bGFyJztcclxuXHJcbkBSdW5PdXRzaWRlQW5ndWxhcih7XHJcbiAgbmdab25lTmFtZTogJ25nWm9uZScsXHJcbn0pXHJcbkBJbmplY3RhYmxlKHtcclxuICBwcm92aWRlZEluOiAncm9vdCcsXHJcbn0pXHJcbmV4cG9ydCBjbGFzcyBUcFBhc3N3b3JkUmVzZXRVc2VyU2VydmljZSBleHRlbmRzIExyU2VydmljZSB7XHJcbiAgcHJpdmF0ZSByZWFkb25seSBDTElFTlRfTk9OQ0VfTEVOR1RIID0gMzI7XHJcbiAgcHJpdmF0ZSByZXNldFVzZXI6IFRwUGFzc3dvcmRSZXNldFVzZXJOb2RlO1xyXG5cclxuICBjb25zdHJ1Y3RvcihcclxuICAgIHByaXZhdGUgbmdab25lOiBOZ1pvbmUsXHJcbiAgICBwcml2YXRlIGluamVjdG9yOiBJbmplY3RvcixcclxuICAgIEBJbmplY3QoTFJfQ09ORklHKSBwcml2YXRlIGNvbmZpZzogTGlmZVJlYWR5Q29uZmlnLFxyXG4gICAgcHJpdmF0ZSBrZXlGYWN0b3J5OiBLZXlGYWN0b3J5U2VydmljZSxcclxuICAgIHByaXZhdGUgZW5jcnlwdGlvblNlcnZpY2U6IEVuY3J5cHRpb25TZXJ2aWNlLFxyXG4gICAgcHJpdmF0ZSBrZXlHcmFwaFNlcnZpY2U6IEtleUdyYXBoU2VydmljZSxcclxuICAgIHByaXZhdGUgc2xpcDM5U2VydmljZTogc2xpcC5TbGlwMzlTZXJ2aWNlLFxyXG4gICAgcHJpdmF0ZSBwYXNzd29yZFNlcnZpY2U6IFBhc3N3b3JkU2VydmljZSxcclxuICAgIHByaXZhdGUgaHR0cDogSHR0cENsaWVudCxcclxuICAgIHByaXZhdGUgYXV0aDogQXV0aENsYXNzLFxyXG4gICAgcHJpdmF0ZSBsckF1dGg6IExpZmVSZWFkeUF1dGhTZXJ2aWNlXHJcbiAgKSB7XHJcbiAgICBzdXBlcihpbmplY3Rvcik7XHJcbiAgfVxyXG5cclxuICBhc3luYyB2ZXJpZnlFbWFpbENvbnRhY3QoZW1haWwpOiBQcm9taXNlPHsgY2xhaW1JZDogc3RyaW5nIH0+IHtcclxuICAgIGNvbnN0IHBhcmFtcyA9IHtcclxuICAgICAgZW1haWwsXHJcbiAgICB9O1xyXG4gICAgcmV0dXJuIHRoaXMuaHR0cFxyXG4gICAgICAucG9zdDxhbnk+KFxyXG4gICAgICAgIGAke3RoaXMuY29uZmlnLmF1dGhVcmx9dHAvcGFzc3dvcmQtcmVzZXQvdmVyaWZ5LWNvbnRhY3QvYCxcclxuICAgICAgICBwYXJhbXNcclxuICAgICAgKVxyXG4gICAgICAudG9Qcm9taXNlKCk7XHJcbiAgfVxyXG5cclxuICBhc3luYyB2ZXJpZnlDb250YWN0UmVzcG9uZChcclxuICAgIGNsYWltSWQ6IHN0cmluZyxcclxuICAgIGNsYWltQ29kZTogc3RyaW5nXHJcbiAgKTogUHJvbWlzZTxzdHJpbmc+IHtcclxuICAgIGNvbnN0IHsgdG9rZW4gfSA9IGF3YWl0IHRoaXMuaHR0cFxyXG4gICAgICAucG9zdDx7IHRva2VuIH0+KGAke3RoaXMuY29uZmlnLmF1dGhVcmx9Y292ZS9yZXNwb25kL2AsIHtcclxuICAgICAgICBjbGFpbV9pZDogY2xhaW1JZCxcclxuICAgICAgICB2X2NvZGU6IGNsYWltQ29kZSxcclxuICAgICAgfSlcclxuICAgICAgLnRvUHJvbWlzZSgpO1xyXG4gICAgcmV0dXJuIHRva2VuO1xyXG4gIH1cclxuXHJcbiAgYXN5bmMgcmVxdWVzdFJlc2V0KFxyXG4gICAgcGFzc3dvcmQ6IHN0cmluZyxcclxuICAgIGNsYWltSWQ6IHN0cmluZyxcclxuICAgIGNsYWltVG9rZW46IHN0cmluZ1xyXG4gICk6IFByb21pc2U8e1xyXG4gICAgcmVxdWVzdFJlc2V0UmVzdWx0OiBSZXF1ZXN0UmVzZXRSZXN1bHQ7XHJcbiAgICBzaWduVXBSZXN1bHQ6IElTaWduVXBSZXN1bHQ7XHJcbiAgfT4ge1xyXG4gICAgLy8gR2VuZXJhdGUgdGhlIGtleSBtYXRlcmlhbHNcclxuICAgIGNvbnN0IHBhc3NLZXlCdW5kbGUgPSBhd2FpdCB0aGlzLnBhc3N3b3JkU2VydmljZS5jcmVhdGVQYXNzS2V5QnVuZGxlKFxyXG4gICAgICBwYXNzd29yZFxyXG4gICAgKTtcclxuXHJcbiAgICBjb25zdCBtYXN0ZXJLZXkgPSBhd2FpdCB0aGlzLmtleUZhY3RvcnkuY3JlYXRlS2V5KCk7XHJcbiAgICBjb25zdCB3cmFwcGVkTWFzdGVyS2V5ID0gYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5lbmNyeXB0KFxyXG4gICAgICBwYXNzS2V5QnVuZGxlLnBhc3NLZXksXHJcbiAgICAgIG1hc3RlcktleS50b0pTT04odHJ1ZSlcclxuICAgICk7XHJcblxyXG4gICAgLy8gRXBoZW1lcmFsIFBLQyBrZXlcclxuICAgIGNvbnN0IHByayA9IGF3YWl0IHRoaXMua2V5RmFjdG9yeS5jcmVhdGVQa2NLZXkoKTtcclxuICAgIGNvbnN0IG1hc3RlcktleVdyYXBwZWRQcmsgPSBhd2FpdCB0aGlzLmVuY3J5cHRpb25TZXJ2aWNlLmVuY3J5cHQoXHJcbiAgICAgIG1hc3RlcktleSxcclxuICAgICAgcHJrLnRvSlNPTih0cnVlKVxyXG4gICAgKTtcclxuXHJcbiAgICAvLyBBUEkgY2FsbCB0byBzZXR1cCByZXNldCByZXF1ZXN0XHJcbiAgICBjb25zdCByZXF1ZXN0UmVzZXRSZXN1bHQgPSBhd2FpdCB0aGlzLmh0dHBcclxuICAgICAgLnBvc3Q8UmVxdWVzdFJlc2V0UmVzdWx0PihcclxuICAgICAgICBgJHt0aGlzLmNvbmZpZy5hdXRoVXJsfXRwL3Bhc3N3b3JkLXJlc2V0L3JlcXVlc3QvYCxcclxuICAgICAgICB7XHJcbiAgICAgICAgICBjbGFpbUlkLFxyXG4gICAgICAgICAgY2xhaW1Ub2tlbixcclxuICAgICAgICAgIHBhc3Nfa2V5X3BhcmFtczogcGFzc0tleUJ1bmRsZS5wYXNzS2V5UGFyYW1zLFxyXG4gICAgICAgICAgcGFzc19pZHBfcGFyYW1zOiBwYXNzS2V5QnVuZGxlLnBhc3NJZHBQYXJhbXMsXHJcbiAgICAgICAgICBwYXNzX2lkcF92ZXJpZmllcl9wYms6IHBhc3NLZXlCdW5kbGUucGFzc0lkcFZlcmlmaWVyLnRvSlNPTigpLCAvLyBwdWJsaWMga2V5XHJcbiAgICAgICAgICB3cmFwcGVkX3Bhc3NfaWRwX3ZlcmlmaWVyX3ByazpcclxuICAgICAgICAgICAgcGFzc0tleUJ1bmRsZS53cmFwcGVkUGFzc0lkcFZlcmlmaWVyUHJrLFxyXG4gICAgICAgICAgd3JhcHBlZF9tYXN0ZXJfa2V5OiB3cmFwcGVkTWFzdGVyS2V5LFxyXG4gICAgICAgICAgcGJrOiBwcmsudG9KU09OKCksIC8vIGVwaGVtZXJhbCBwdWJsaWMga2V5XHJcbiAgICAgICAgICBtYXN0ZXJfa2V5X3dyYXBwZWRfcHJrOiBtYXN0ZXJLZXlXcmFwcGVkUHJrLFxyXG4gICAgICAgIH1cclxuICAgICAgKVxyXG4gICAgICAudG9Qcm9taXNlKCk7XHJcblxyXG4gICAgY29uc29sZS5sb2cocmVxdWVzdFJlc2V0UmVzdWx0KTtcclxuICAgIGNvbnNvbGUubG9nKFxyXG4gICAgICAnVXNpbmcgbmV3IHBhc3N3b3JkOiAnLFxyXG4gICAgICB0aGlzLnBhc3N3b3JkU2VydmljZS5nZXRQYXNzSWRwU3RyaW5nKHBhc3NLZXlCdW5kbGUucGFzc0lkcClcclxuICAgICk7XHJcblxyXG4gICAgLy8gQVBJIGNhbGwgdG8gY3JlYXRlIHVzZXIgb24gY29nbml0b1xyXG4gICAgY29uc3Qgc2lnblVwUmVzdWx0ID0gYXdhaXQgdGhpcy5hdXRoLnNpZ25VcCh7XHJcbiAgICAgIHVzZXJuYW1lOiByZXF1ZXN0UmVzZXRSZXN1bHQucmVzZXRfdXNlcm5hbWUsXHJcbiAgICAgIHBhc3N3b3JkOiB0aGlzLnBhc3N3b3JkU2VydmljZS5nZXRQYXNzSWRwU3RyaW5nKHBhc3NLZXlCdW5kbGUucGFzc0lkcCksXHJcbiAgICAgIGNsaWVudE1ldGFkYXRhOiB7XHJcbiAgICAgICAgdHBfcGFzc3dvcmRfcmVzZXRfcmVxdWVzdDogSlNPTi5zdHJpbmdpZnkoe1xyXG4gICAgICAgICAgaWQ6IHJlcXVlc3RSZXNldFJlc3VsdC5pZCxcclxuICAgICAgICAgIGFzc29jaWF0ZV9yZXNldF91c2VyX3Rva2VuOlxyXG4gICAgICAgICAgICByZXF1ZXN0UmVzZXRSZXN1bHQuYXNzb2NpYXRlX3Jlc2V0X3VzZXJfdG9rZW4sXHJcbiAgICAgICAgfSksXHJcbiAgICAgIH0sXHJcbiAgICB9KTtcclxuXHJcbiAgICBjb25zb2xlLmxvZygncmVxdWVzdFJlc3QgZG9uZTogJywgc2lnblVwUmVzdWx0KTtcclxuXHJcbiAgICByZXR1cm4ge1xyXG4gICAgICByZXF1ZXN0UmVzZXRSZXN1bHQsXHJcbiAgICAgIHNpZ25VcFJlc3VsdCxcclxuICAgIH07XHJcbiAgfVxyXG5cclxuICBhc3luYyBnZXRSZXNldFVzZXIoXHJcbiAgICByZWxvYWQ6IGJvb2xlYW4gPSBmYWxzZVxyXG4gICk6IFByb21pc2U8VHBQYXNzd29yZFJlc2V0VXNlck5vZGU+IHtcclxuICAgIGlmICghcmVsb2FkICYmIHRoaXMucmVzZXRVc2VyKSB7XHJcbiAgICAgIHJldHVybiB0aGlzLnJlc2V0VXNlcjtcclxuICAgIH1cclxuICAgIHRoaXMucmVzZXRVc2VyID0gYXdhaXQgdGhpcy5sckF1dGgubG9hZFJlc2V0VXNlcigpO1xyXG4gICAgcmV0dXJuIHRoaXMucmVzZXRVc2VyO1xyXG4gIH1cclxuXHJcbiAgcHJpdmF0ZSBhc3luYyByZWNvdmVyQXNzZW1ibHlLZXkoXHJcbiAgICByZXNldFVzZXI6IFRwUGFzc3dvcmRSZXNldFVzZXJOb2RlXHJcbiAgKTogUHJvbWlzZTxKV0suS2V5PiB7XHJcbiAgICAvLyBSZWNvdmVyIHRoZSBhc3NlbWJseSBrZXkuXHJcbiAgICBsZXQgYXNzZW1ibHlLZXlQYXJhbXM6IG9iamVjdDtcclxuXHJcbiAgICBjb25zdCBwcmsgPSBhd2FpdCB0aGlzLmtleUdyYXBoU2VydmljZS5nZXRLZXkocmVzZXRVc2VyLnB4ay5pZCk7XHJcblxyXG4gICAgY29uc3Qgc2hhcmVzID0gYXdhaXQgUHJvbWlzZS5hbGwoXHJcbiAgICAgIHJlc2V0VXNlci5hcHByb3ZhbHMubWFwKGFzeW5jIChhcHByb3ZhbCkgPT4ge1xyXG4gICAgICAgIGNvbnN0IHBhcnRpYWxBc3NlbWJseUtleSA9IGF3YWl0IHRoaXMuZW5jcnlwdGlvblNlcnZpY2UuZGVjcnlwdChcclxuICAgICAgICAgIHByayxcclxuICAgICAgICAgIGFwcHJvdmFsLnJlY2VpdmVyQ2lwaGVyUGFydGlhbEFzc2VtYmx5S2V5XHJcbiAgICAgICAgKTtcclxuXHJcbiAgICAgICAgaWYgKGFzc2VtYmx5S2V5UGFyYW1zKSB7XHJcbiAgICAgICAgICBpZiAoXHJcbiAgICAgICAgICAgIEpTT04uc3RyaW5naWZ5KGFzc2VtYmx5S2V5UGFyYW1zKSAhPT1cclxuICAgICAgICAgICAgSlNPTi5zdHJpbmdpZnkocGFydGlhbEFzc2VtYmx5S2V5LmFzc2VtYmx5S2V5UGFyYW1zKVxyXG4gICAgICAgICAgKSB7XHJcbiAgICAgICAgICAgIHRocm93IG5ldyBMckJhZFN0YXRlRXhjZXB0aW9uKFxyXG4gICAgICAgICAgICAgICdUaGUgYXNzZW1ibHkga2V5IHBhcmFtZXRlcnMgYXJlIGRpZmZlcmVudCBiZXR3ZWVuIHRoZSBhcHByb3ZhbHMuJ1xyXG4gICAgICAgICAgICApO1xyXG4gICAgICAgICAgfVxyXG4gICAgICAgIH0gZWxzZSB7XHJcbiAgICAgICAgICBhc3NlbWJseUtleVBhcmFtcyA9IHBhcnRpYWxBc3NlbWJseUtleS5hc3NlbWJseUtleVBhcmFtcztcclxuICAgICAgICB9XHJcbiAgICAgICAgcmV0dXJuIHBhcnRpYWxBc3NlbWJseUtleS5zbGlwMzkuc2hhcmUubW5lbW9uaWNzO1xyXG4gICAgICB9KVxyXG4gICAgKTtcclxuXHJcbiAgICBjb25zb2xlLmxvZygncmVjb3ZlckFzc2VtYmx5S2V5KCknLCBzaGFyZXMpO1xyXG5cclxuICAgIGNvbnN0IHJhd0Fzc2VtYmx5S2V5ID0gYXdhaXQgdGhpcy5zbGlwMzlTZXJ2aWNlLnJlY292ZXJTZWNyZXQoXHJcbiAgICAgIHNoYXJlcyxcclxuICAgICAgVHBQYXNzd29yZFJlc2V0U2VydmljZS5TTElQMzlfUEFTU1BIUkFTRVxyXG4gICAgKTtcclxuXHJcbiAgICByZXR1cm4gSldLLmFzS2V5KHtcclxuICAgICAgLi4uYXNzZW1ibHlLZXlQYXJhbXMsXHJcbiAgICAgIGs6IHJhd0Fzc2VtYmx5S2V5LFxyXG4gICAgfSk7XHJcbiAgfVxyXG5cclxuICBhc3luYyBjb21wbGV0ZVJlcXVlc3QobmV3UGFzc3dvcmQ6IHN0cmluZyk6IFByb21pc2U8dm9pZD4ge1xyXG4gICAgY29uc3QgcmVzZXRVc2VyID0gYXdhaXQgdGhpcy5nZXRSZXNldFVzZXIodHJ1ZSk7XHJcbiAgICBpZiAocmVzZXRVc2VyLnN0YXRlICE9PSBUcENsYWltU3RhdGUuQVBQUk9WRUQpIHtcclxuICAgICAgdGhyb3cgbmV3IExyQmFkU3RhdGVFeGNlcHRpb24oXHJcbiAgICAgICAgJ1Bhc3N3b3JkIHJlc2V0IHJlcXVlc3QgaGFzIG5vdCBiZWVuIGFwcHJvdmVkLidcclxuICAgICAgKTtcclxuICAgIH1cclxuXHJcbiAgICAvLyAtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLVxyXG4gICAgLy8gUHJlcGFyZSBhbGwgbWF0ZXJpYWxzIHRvIGVuc3VyZSB0aGVyZSBhcmUgbm8gZXJyb3JzLlxyXG4gICAgLy8gLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS1cclxuICAgIGNvbnN0IGFzc2VtYmx5S2V5ID0gYXdhaXQgdGhpcy5yZWNvdmVyQXNzZW1ibHlLZXkocmVzZXRVc2VyKTtcclxuXHJcbiAgICBjb25zdCB7IHJvb3RLZXkgfSA9IGF3YWl0IHRoaXMuZW5jcnlwdGlvblNlcnZpY2UuZGVjcnlwdChcclxuICAgICAgYXNzZW1ibHlLZXksXHJcbiAgICAgIHJlc2V0VXNlci5hc3NlbWJseUNpcGhlckRhdGFcclxuICAgICk7XHJcbiAgICBjb25zb2xlLmxvZyhyb290S2V5KTtcclxuXHJcbiAgICAvLyBNYWtpbmcgc3VyZSBpdCdzIGEgdmFsaWQga2V5LlxyXG4gICAgY29uc3Qgcm9vdEtleUp3ayA9IGF3YWl0IEpXSy5hc0tleShyb290S2V5KTtcclxuXHJcbiAgICBjb25zdCBtYXN0ZXJLZXkgPSBhd2FpdCB0aGlzLmtleUdyYXBoU2VydmljZS5nZXRLZXkocmVzZXRVc2VyLm1hc3RlcktleS5pZCk7XHJcblxyXG4gICAgY29uc3QgbWFzdGVyS2V5V3JhcHBlZFJvb3RLZXkgPSBhd2FpdCB0aGlzLmVuY3J5cHRpb25TZXJ2aWNlLmVuY3J5cHRUb1N0cmluZyhcclxuICAgICAgbWFzdGVyS2V5Lmp3ayxcclxuICAgICAgcm9vdEtleUp3ay50b0pTT04odHJ1ZSlcclxuICAgICk7XHJcblxyXG4gICAgLy8gVGhlIG5ldyBwYXNzd29yZFxyXG4gICAgY29uc3QgbmV3UGFzc0lkcFJlc3VsdCA9IGF3YWl0IHRoaXMua2V5RmFjdG9yeS5kZXJpdmVQYXNzSWRwKHtcclxuICAgICAgcGFzc3dvcmQ6IG5ld1Bhc3N3b3JkLFxyXG4gICAgICAuLi5yZXNldFVzZXIucGFzc0tleS5wYXNzSWRwUGFyYW1zLFxyXG4gICAgfSk7XHJcblxyXG4gICAgY29uc3QgbmV3SWRwUGFzc3dvcmQgPSB0aGlzLnBhc3N3b3JkU2VydmljZS5nZXRQYXNzSWRwU3RyaW5nKFxyXG4gICAgICBuZXdQYXNzSWRwUmVzdWx0Lmp3a1xyXG4gICAgKTtcclxuXHJcbiAgICAvLyAtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLVxyXG4gICAgLy8gR2V0IGFzc2VtYmx5IGtleSBjaGFsbGVuZ2VcclxuICAgIC8vIC0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tXHJcbiAgICBjb25zdCBjaGFsbGVuZ2UgPSAoXHJcbiAgICAgIGF3YWl0IHRoaXMubXV0YXRlKFxyXG4gICAgICAgIG5ldyBMck11dGF0aW9uKHtcclxuICAgICAgICAgIG11dGF0aW9uOiBDcmVhdGVUcEFzc2VtYmx5S2V5Q2hhbGxlbmdlTXV0YXRpb24sXHJcbiAgICAgICAgICB2YXJpYWJsZXM6IHtcclxuICAgICAgICAgICAgaW5wdXQ6IHt9LFxyXG4gICAgICAgICAgfSxcclxuICAgICAgICB9KSxcclxuICAgICAgICB7XHJcbiAgICAgICAgICBpbmNsdWRlS2V5R3JhcGg6IGZhbHNlLFxyXG4gICAgICAgIH1cclxuICAgICAgKVxyXG4gICAgKS5jcmVhdGVUcEFzc2VtYmx5S2V5Q2hhbGxlbmdlLmNoYWxsZW5nZTtcclxuXHJcbiAgICBjb25zb2xlLmxvZyhjaGFsbGVuZ2UpO1xyXG5cclxuICAgIC8vIFNpZ24gdGhlIGNoYWxsZW5nZVxyXG4gICAgLy8gR2VuZXJhdGUgYSBjbGllbnQgc2lkZSBub25jZSB0aGF0J3Mgbm8gaW4gdGhlIHNlcnZlcidzIGNvbnRyb2wuXHJcbiAgICBjaGFsbGVuZ2UuY2xpZW50Tm9uY2UgPSB0aGlzLmtleUZhY3RvcnkucmFuZG9tU3RyaW5nKFxyXG4gICAgICB0aGlzLkNMSUVOVF9OT05DRV9MRU5HVEhcclxuICAgICk7XHJcbiAgICBjb25zb2xlLmxvZyhjaGFsbGVuZ2UpO1xyXG5cclxuICAgIGNvbnN0IGFzc2VtYmx5S2V5VmVyaWZpZXJQcmsgPSBhd2FpdCB0aGlzLmVuY3J5cHRpb25TZXJ2aWNlLmRlY3J5cHQoXHJcbiAgICAgIGFzc2VtYmx5S2V5LFxyXG4gICAgICByZXNldFVzZXIud3JhcHBlZEFzc2VtYmx5S2V5VmVyaWZpZXJQcmtcclxuICAgICk7XHJcbiAgICBjb25zdCBzaWduZWRDaGFsbGVuZ2UgPSBhd2FpdCB0aGlzLmVuY3J5cHRpb25TZXJ2aWNlLnNpZ24oXHJcbiAgICAgIGFzc2VtYmx5S2V5VmVyaWZpZXJQcmssXHJcbiAgICAgIGNoYWxsZW5nZVxyXG4gICAgKTtcclxuXHJcbiAgICAvLyAtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLVxyXG4gICAgLy8gQ2hhbmdlIHBhc3N3b3JkIGZvciB0aGUgb3JpZ2luYWwgdXNlclxyXG4gICAgLy8gLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS1cclxuICAgIGNvbnN0IHRlbXBJZHBQYXNzd29yZCA9IChcclxuICAgICAgYXdhaXQgdGhpcy5tdXRhdGUoXHJcbiAgICAgICAgbmV3IExyTXV0YXRpb24oe1xyXG4gICAgICAgICAgbXV0YXRpb246IFByZUNvbXBsZXRlVHBQYXNzd29yZFJlc2V0UmVxdWVzdE11dGF0aW9uLFxyXG4gICAgICAgICAgdmFyaWFibGVzOiB7XHJcbiAgICAgICAgICAgIGlucHV0OiB7XHJcbiAgICAgICAgICAgICAgc2lnbmVkQ2hhbGxlbmdlOiBKU09OLnN0cmluZ2lmeShzaWduZWRDaGFsbGVuZ2UpLFxyXG4gICAgICAgICAgICB9LFxyXG4gICAgICAgICAgfSxcclxuICAgICAgICB9KSxcclxuICAgICAgICB7XHJcbiAgICAgICAgICBpbmNsdWRlS2V5R3JhcGg6IGZhbHNlLFxyXG4gICAgICAgIH1cclxuICAgICAgKVxyXG4gICAgKS5wcmVDb21wbGV0ZVRwUGFzc3dvcmRSZXNldFJlcXVlc3QuaWRwUGFzc3dvcmQ7XHJcblxyXG4gICAgLy8gLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS1cclxuICAgIC8vIExvZ2luIGFzIHRoZSBvcmlnaW5hbCB1c2VyIHVzaW5nIG5ldyB0ZW1wb3JhcnkgcGFzc3dvcmRcclxuICAgIC8vIC0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tXHJcbiAgICAvLyBBdCB0aGlzIHBvaW50LCB0aGUgb3JpZ2luYWwgYWNjb3VudCdzIHBhc3N3b3JkIGhhcyBiZWVuIGNoYW5nZWRcclxuICAgIC8vIHRvIGEgdGVtcG9yYXJ5IHBhc3N3b3JkLiBJdCBpcyBubyBsb25nZXIgcG9zc2libGUgZm9yIHRoZSB1c2VyXHJcbiAgICAvLyB0byB1c2UgdGhlIG9yaWdpbmFsIHBhc3N3b3JkIHRvIGxvZ2luLiBBbnkgc3VjY2Vzc2Z1bCBsb2dpblxyXG4gICAgLy8gY2FuIG9ubHkgYmUgdXNpbmcgdGhlIHRlbXBvcmFyeSBwYXNzd29yZC4gU28gaXQncyBzYWZlIHRvIGFzc3VtZVxyXG4gICAgLy8gdGhhdCB3ZSB3YW50IHRvIFwiY29tcGxldGVcIiB0aGUgcGFzc3dvcmQgcmVzZXQuXHJcblxyXG4gICAgLy8gVGhlIG1heWJlIDJGQSBzbyB3ZSBsaXN0ZW4gZm9yIHRoZSBhdXRoIGV2ZW50IGZyb20gQW1wbGlmeS5cclxuICAgIGNvbnN0IHJldFByb21pc2UgPSBuZXcgUHJvbWlzZTx2b2lkPigocmVzb2x2ZSkgPT4ge1xyXG4gICAgICBjb25zdCBsaXN0ZW5lciA9IGFzeW5jIChkYXRhKSA9PiB7XHJcbiAgICAgICAgaWYgKGRhdGEucGF5bG9hZC5ldmVudCAhPT0gJ3NpZ25JbicpIHtcclxuICAgICAgICAgIHJldHVybjtcclxuICAgICAgICB9XHJcblxyXG4gICAgICAgIEh1Yi5yZW1vdmUoJ2F1dGgnLCBsaXN0ZW5lcik7XHJcblxyXG4gICAgICAgIGNvbnNvbGUubG9nKGRhdGEucGF5bG9hZCk7XHJcblxyXG4gICAgICAgIGF3YWl0IHRoaXMuYXV0aC5zaWduSW4ocmVzZXRVc2VyLnVzZXJuYW1lLCBuZXdJZHBQYXNzd29yZCk7XHJcblxyXG4gICAgICAgIC8vIFN3aXRjaCBvdmVyIHRvIHRoZSBuZXcgc2V0IG9mIGtleXNcclxuICAgICAgICBhd2FpdCB0aGlzLm11dGF0ZShcclxuICAgICAgICAgIG5ldyBMck11dGF0aW9uKHtcclxuICAgICAgICAgICAgbXV0YXRpb246IENvbXBsZXRlVHBQYXNzd29yZFJlc2V0UmVxdWVzdE11dGF0aW9uLFxyXG4gICAgICAgICAgICB2YXJpYWJsZXM6IHtcclxuICAgICAgICAgICAgICBpbnB1dDoge1xyXG4gICAgICAgICAgICAgICAgbWFzdGVyS2V5V3JhcHBlZFJvb3RLZXksXHJcbiAgICAgICAgICAgICAgICBtYXN0ZXJLZXlJZDogbWFzdGVyS2V5LmlkLFxyXG4gICAgICAgICAgICAgIH0sXHJcbiAgICAgICAgICAgIH0sXHJcbiAgICAgICAgICB9KVxyXG4gICAgICAgICk7XHJcblxyXG4gICAgICAgIHJlc29sdmUoKTtcclxuICAgICAgfTtcclxuXHJcbiAgICAgIEh1Yi5saXN0ZW4oJ2F1dGgnLCBsaXN0ZW5lcik7XHJcbiAgICB9KTtcclxuXHJcbiAgICAvLyBTaWduaW4gYXMgdGhlIG9yaWdpbmFsIHVzZXIuIFBhc3N3b3JkIGhhcyBiZWVuIHJlc2V0IHRvIHRlbXBvcmFyeSBvbmUuIEl0IHNob3VsZCByZXR1cm5cclxuICAgIC8vIHdpdGggTkVXX1BBU1NXT1JEX1JFUVVJUkVEXHJcbiAgICBsZXQgdXNlciA9IGF3YWl0IHRoaXMuYXV0aC5zaWduSW4ocmVzZXRVc2VyLnVzZXJuYW1lLCB0ZW1wSWRwUGFzc3dvcmQsIHtcclxuICAgICAgbm9Qcm94eTogJ3RydWUnLFxyXG4gICAgfSk7XHJcblxyXG4gICAgaWYgKHVzZXIuY2hhbGxlbmdlTmFtZSAhPT0gJ05FV19QQVNTV09SRF9SRVFVSVJFRCcpIHtcclxuICAgICAgdGhyb3cgbmV3IExyRXhjZXB0aW9uKHtcclxuICAgICAgICBtZXNzYWdlOlxyXG4gICAgICAgICAgJ0ludGVybmFsIGVycm9yLiBFeHBlY3RpbmcgQ29nbml0byB0byBoYXZlIGRvbmUgYSBwYXNzd29yZCByZXNldCBhZnRlciBjYWxsIHRvIFByZUNvbXBsZXRlVHBQYXNzd29yZFJlc2V0UmVxdWVzdE11dGF0aW9uLicsXHJcbiAgICAgIH0pO1xyXG4gICAgfVxyXG5cclxuICAgIC8vIFNldCBuZXcgcGFzc3dvcmQgb24gSWRwXHJcbiAgICAvLyB0aGUgYXdzRmV0Y2goKSBmdW5jdGlvbiBwYXNzZXMgTkVXX1BBU1NXT1JEX1JFUVVJUkVEIGRpcmVjdGx5IHRvIEFXUyB3aXRob3V0XHJcbiAgICAvLyBnb2luZyB0aHJvdWdoIHRoZSBwcm94eS5cclxuICAgIHVzZXIgPSBhd2FpdCB0aGlzLmF1dGguY29tcGxldGVOZXdQYXNzd29yZCh1c2VyLCBuZXdJZHBQYXNzd29yZCwge30pO1xyXG5cclxuICAgIHJldHVybiByZXRQcm9taXNlO1xyXG4gIH1cclxufVxyXG4iXX0=

package/esm2015/lib/trusted-parties/tp-password-reset.gql.js

@@ -0,0 +1,232 @@
+import { gqlTyped } from '../_common/ast';
+const SharedTpPasswordResetFragment = gqlTyped `
+fragment SharedTpPasswordResetFragment on SharedTpPasswordResetNode {
+  id
+  tp {
+    id
+    other {
+      username
+    }
+  }
+  assembly {
+    asApprovers {
+      edges {
+        node {
+          id
+          sharedKey {
+            id
+          }
+          sharedCipherData
+        }
+      }
+    }
+  }
+  sharedRequest {
+    id
+    pxk {
+      id
+      pbk
+    }
+    claim {
+      id
+      state
+      asClaimApprovers {
+        edges {
+          node {
+            id
+            state
+            sharedKey {
+              id
+            }
+            sharedCipherApprovalData
+            sharedCipherPartialAssemblyKey
+            receiverApprovals {
+              edges {
+                node {
+                  id
+                }
+              }
+            }
+          }
+        }
+      }
+    }
+  }
+}`;
+export const SharedTpPasswordResetsQuery = gqlTyped `
+query SharedTpPasswordResetsQuery {
+  sharedTpPasswordResets {
+    edges {
+      node {
+        ...SharedTpPasswordResetFragment
+      }
+    }
+  }
+}
+${SharedTpPasswordResetFragment}
+`;
+export const SharedTpPasswordResetQuery = gqlTyped `
+query SharedTpPasswordResetQuery($id: LrRelayIdInput!) {
+  sharedTpPasswordReset(id: $id) {
+    ...SharedTpPasswordResetFragment
+  }
+}
+${SharedTpPasswordResetFragment}
+`;
+export const CancelTpPasswordResetRequestMutation = gqlTyped `
+mutation CancelTpPasswordResetRequestMutation {
+  cancelTpPasswordResetRequest(input: {}) {
+    id
+  }
+}`;
+export const CreateTpAssemblyKeyChallengeMutation = gqlTyped `
+mutation CreateTpAssemblyKeyChallengeMutation(
+  $input: CreateTpAssemblyKeyChallengeInput!
+) {
+  createTpAssemblyKeyChallenge(input: $input) {
+    challenge
+  }
+}`;
+export const PreCompleteTpPasswordResetRequestMutation = gqlTyped `
+mutation PreCompleteTpPasswordResetRequestMutation(
+  $input: PreCompleteTpPasswordResetRequestInput!
+) {
+  preCompleteTpPasswordResetRequest(input: $input) {
+    idpPassword
+  }
+}`;
+export const CompleteTpPasswordResetRequestMutation = gqlTyped `
+mutation CompleteTpPasswordResetRequestMutation(
+  $input: CompleteTpPasswordResetRequestInput!
+) {
+  completeTpPasswordResetRequest(input: $input) {
+    id
+  }
+}`;
+export const ApproveTpPasswordResetRequestMutation = gqlTyped `
+mutation ApproveTpPasswordResetRequestMutation(
+  $input: ApproveTpPasswordResetRequestInput!
+) {
+  approveTpPasswordResetRequest(input: $input) {
+    claimApprover {
+      id
+    }
+  }
+}`;
+export const RejectTpPasswordResetRequestMutation = gqlTyped `
+mutation RejectTpPasswordResetRequestMutation(
+  $input: RejectTpPasswordResetRequestInput!
+) {
+  rejectTpPasswordResetRequest(input: $input) {
+    claimApprover {
+      id
+    }
+  }
+}`;
+export const TpPasswordResetUserQuery = gqlTyped `
+query TpPasswordResetUserQuery {
+  tpPasswordResetUser {
+    username
+    resetUsername
+    state
+    passKey {
+      id
+      passKeyParams
+      passIdpParams
+    }
+    masterKey {
+      id
+    }
+    pxk {
+      id
+    }
+    sessionEncryptionKey
+    assembly {
+      singleReject
+      quorum
+      subAssemblies {
+        singleReject
+        quorum
+        approvers {
+          name
+          email
+          state
+        }
+      }
+    }
+    approvals {
+      id
+      modified
+      approverEmail
+      receiverCipher
+      receiverCipherPartialAssemblyKey
+    }
+    assemblyCipherData
+    wrappedAssemblyKeyVerifierPrk
+  }
+}`;
+export const TpPasswordResetQuery = gqlTyped `
+query TpPasswordResetQuery {
+  tpPasswordReset {
+    id
+    applied
+    assembly {
+      singleReject
+      quorum
+      subjectKey {
+        id
+      }
+      assemblyKey {
+        id
+      }
+      assemblyCipherData
+      subAssemblies {
+        edges {
+          node {
+            id
+            singleReject
+            quorum
+            subjectCipherData
+            approvers {
+              edges {
+                node {
+                  id
+                  tp {
+                    id
+                  }
+                  sharedKey {
+                    id
+                  }
+                  sharedCipherData
+                }
+              }
+            }
+          }
+        }
+      }
+    }
+  }
+}`;
+export const CreateTpPasswordResetMutation = gqlTyped `
+mutation CreateTpPasswordResetMutation($input: CreateTpPasswordResetInput!) {
+  createTpPasswordReset(input: $input) {
+    tpPasswordReset {
+      id
+    }
+  }
+}`;
+export const DeleteTpPasswordResetMutation = gqlTyped `
+mutation DeleteTpPasswordResetMutation {
+  deleteTpPasswordReset(input: {}) {
+    id
+  }
+}`;
+export const UpdateTpPasswordResetMutation = gqlTyped `
+mutation UpdateTpPasswordResetMutation($input: UpdateTpPasswordResetInput!) {
+  updateTpPasswordReset(input: $input) {
+    tpPasswordReset {
+      id
+    }
+  }
+}`;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidHAtcGFzc3dvcmQtcmVzZXQuZ3FsLmpzIiwic291cmNlUm9vdCI6IkM6L1Byb2plY3RzL3Rlc3QvcHJvamVjdHMvY29yZS9zcmMvIiwic291cmNlcyI6WyJsaWIvdHJ1c3RlZC1wYXJ0aWVzL3RwLXBhc3N3b3JkLXJlc2V0LmdxbC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFDQSxPQUFPLEVBQUUsUUFBUSxFQUFFLE1BQU0sZ0JBQWdCLENBQUM7QUErRDFDLE1BQU0sNkJBQTZCLEdBQUcsUUFBUSxDQUFxQzs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7RUFxRGpGLENBQUM7QUFTSCxNQUFNLENBQUMsTUFBTSwyQkFBMkIsR0FBRyxRQUFRLENBQW1DOzs7Ozs7Ozs7O0VBVXBGLDZCQUE2QjtDQUM5QixDQUFDO0FBS0YsTUFBTSxDQUFDLE1BQU0sMEJBQTBCLEdBQUcsUUFBUSxDQUFrQzs7Ozs7O0VBTWxGLDZCQUE2QjtDQUM5QixDQUFDO0FBT0YsTUFBTSxDQUFDLE1BQU0sb0NBQW9DLEdBQUcsUUFBUSxDQUE0Qzs7Ozs7RUFLdEcsQ0FBQztBQU9ILE1BQU0sQ0FBQyxNQUFNLG9DQUFvQyxHQUFHLFFBQVEsQ0FBNEM7Ozs7Ozs7RUFPdEcsQ0FBQztBQU9ILE1BQU0sQ0FBQyxNQUFNLHlDQUF5QyxHQUFHLFFBQVEsQ0FBaUQ7Ozs7Ozs7RUFPaEgsQ0FBQztBQU9ILE1BQU0sQ0FBQyxNQUFNLHNDQUFzQyxHQUFHLFFBQVEsQ0FBOEM7Ozs7Ozs7RUFPMUcsQ0FBQztBQVNILE1BQU0sQ0FBQyxNQUFNLHFDQUFxQyxHQUFHLFFBQVEsQ0FBNkM7Ozs7Ozs7OztFQVN4RyxDQUFDO0FBU0gsTUFBTSxDQUFDLE1BQU0sb0NBQW9DLEdBQUcsUUFBUSxDQUE0Qzs7Ozs7Ozs7O0VBU3RHLENBQUM7QUEyQ0gsTUFBTSxDQUFDLE1BQU0sd0JBQXdCLEdBQUcsUUFBUSxDQUFnQzs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7RUF5QzlFLENBQUM7QUE0Q0gsTUFBTSxDQUFDLE1BQU0sb0JBQW9CLEdBQUcsUUFBUSxDQUE0Qjs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7RUF5Q3RFLENBQUM7QUFTSCxNQUFNLENBQUMsTUFBTSw2QkFBNkIsR0FBRyxRQUFRLENBQXFDOzs7Ozs7O0VBT3hGLENBQUM7QUFPSCxNQUFNLENBQUMsTUFBTSw2QkFBNkIsR0FBRyxRQUFRLENBQXFDOzs7OztFQUt4RixDQUFDO0FBU0gsTUFBTSxDQUFDLE1BQU0sNkJBQTZCLEdBQUcsUUFBUSxDQUFxQzs7Ozs7OztFQU94RixDQUFDIiwic291cmNlc0NvbnRlbnQiOlsiaW1wb3J0IHsgR2VuZXJpY1NjYWxhciwgSUQgfSBmcm9tICcuLi9hcGkvdHlwZXMnO1xyXG5pbXBvcnQgeyBncWxUeXBlZCB9IGZyb20gJy4uL19jb21tb24vYXN0JztcclxuaW1wb3J0IHtcclxuICBUcENsYWltU3RhdGUsXHJcbiAgVHBDbGFpbUFwcHJvdmVyU3RhdGUsXHJcbn0gZnJvbSAnLi4vYXBpL3R5cGVzL2xyLWdyYXBocWwudHlwZXMnO1xyXG5pbXBvcnQgeyBEYXRlVGltZSB9IGZyb20gJy4uL2FwaS90eXBlcy9ncmFwaHFsLnR5cGVzJztcclxuXHJcbmV4cG9ydCBpbnRlcmZhY2UgU2hhcmVkVHBQYXNzd29yZFJlc2V0RnJhZ21lbnRSZXN1bHQge1xyXG4gIGlkOiBJRDtcclxuICB0cDoge1xyXG4gICAgaWQ6IElEO1xyXG4gICAgb3RoZXI6IHtcclxuICAgICAgdXNlcm5hbWU6IHN0cmluZztcclxuICAgIH07XHJcbiAgfTtcclxuICBhc3NlbWJseToge1xyXG4gICAgYXNBcHByb3ZlcnM6IHtcclxuICAgICAgZWRnZXM6IHtcclxuICAgICAgICBub2RlOiB7XHJcbiAgICAgICAgICBpZDogSUQ7XHJcbiAgICAgICAgICBzaGFyZWRLZXk6IHtcclxuICAgICAgICAgICAgaWQ6IElEO1xyXG4gICAgICAgICAgfTtcclxuICAgICAgICAgIHNoYXJlZENpcGhlckRhdGE6IHN0cmluZztcclxuICAgICAgICAgIHNoYXJlZENpcGhlckRhdGFDbGVhckpzb246IGFueTtcclxuICAgICAgICB9O1xyXG4gICAgICB9W107XHJcbiAgICB9O1xyXG4gIH07XHJcbiAgc2hhcmVkUmVxdWVzdDoge1xyXG4gICAgaWQ6IElEO1xyXG4gICAgcHhrOiB7XHJcbiAgICAgIGlkOiBJRDtcclxuICAgICAgcGJrOiBzdHJpbmc7XHJcbiAgICB9O1xyXG4gICAgY2xhaW06IHtcclxuICAgICAgaWQ6IElEO1xyXG4gICAgICBzdGF0ZTogVHBDbGFpbVN0YXRlO1xyXG4gICAgICBhc0NsYWltQXBwcm92ZXJzOiB7XHJcbiAgICAgICAgZWRnZXM6IHtcclxuICAgICAgICAgIG5vZGU6IHtcclxuICAgICAgICAgICAgaWQ6IElEO1xyXG4gICAgICAgICAgICBzdGF0ZTogVHBDbGFpbUFwcHJvdmVyU3RhdGU7XHJcbiAgICAgICAgICAgIHNoYXJlZEtleToge1xyXG4gICAgICAgICAgICAgIGlkOiBJRDtcclxuICAgICAgICAgICAgfTtcclxuICAgICAgICAgICAgc2hhcmVkQ2lwaGVyQXBwcm92YWxEYXRhOiBzdHJpbmc7XHJcbiAgICAgICAgICAgIHNoYXJlZENpcGhlckFwcHJvdmFsRGF0YUNsZWFySnNvbjogYW55O1xyXG4gICAgICAgICAgICBzaGFyZWRDaXBoZXJQYXJ0aWFsQXNzZW1ibHlLZXk6IHN0cmluZztcclxuICAgICAgICAgICAgc2hhcmVkQ2lwaGVyUGFydGlhbEFzc2VtYmx5S2V5Q2xlYXJKc29uOiBhbnk7XHJcbiAgICAgICAgICAgIHJlY2VpdmVyQXBwcm92YWxzOiB7XHJcbiAgICAgICAgICAgICAgZWRnZXM6IHtcclxuICAgICAgICAgICAgICAgIG5vZGU6IHtcclxuICAgICAgICAgICAgICAgICAgaWQ6IElEO1xyXG4gICAgICAgICAgICAgICAgfTtcclxuICAgICAgICAgICAgICB9W107XHJcbiAgICAgICAgICAgIH07XHJcbiAgICAgICAgICB9O1xyXG4gICAgICAgIH1bXTtcclxuICAgICAgfTtcclxuICAgIH07XHJcbiAgfTtcclxufVxyXG5jb25zdCBTaGFyZWRUcFBhc3N3b3JkUmVzZXRGcmFnbWVudCA9IGdxbFR5cGVkPFNoYXJlZFRwUGFzc3dvcmRSZXNldEZyYWdtZW50UmVzdWx0PmBcclxuZnJhZ21lbnQgU2hhcmVkVHBQYXNzd29yZFJlc2V0RnJhZ21lbnQgb24gU2hhcmVkVHBQYXNzd29yZFJlc2V0Tm9kZSB7XHJcbiAgaWRcclxuICB0cCB7XHJcbiAgICBpZFxyXG4gICAgb3RoZXIge1xyXG4gICAgICB1c2VybmFtZVxyXG4gICAgfVxyXG4gIH1cclxuICBhc3NlbWJseSB7XHJcbiAgICBhc0FwcHJvdmVycyB7XHJcbiAgICAgIGVkZ2VzIHtcclxuICAgICAgICBub2RlIHtcclxuICAgICAgICAgIGlkXHJcbiAgICAgICAgICBzaGFyZWRLZXkge1xyXG4gICAgICAgICAgICBpZFxyXG4gICAgICAgICAgfVxyXG4gICAgICAgICAgc2hhcmVkQ2lwaGVyRGF0YVxyXG4gICAgICAgIH1cclxuICAgICAgfVxyXG4gICAgfVxyXG4gIH1cclxuICBzaGFyZWRSZXF1ZXN0IHtcclxuICAgIGlkXHJcbiAgICBweGsge1xyXG4gICAgICBpZFxyXG4gICAgICBwYmtcclxuICAgIH1cclxuICAgIGNsYWltIHtcclxuICAgICAgaWRcclxuICAgICAgc3RhdGVcclxuICAgICAgYXNDbGFpbUFwcHJvdmVycyB7XHJcbiAgICAgICAgZWRnZXMge1xyXG4gICAgICAgICAgbm9kZSB7XHJcbiAgICAgICAgICAgIGlkXHJcbiAgICAgICAgICAgIHN0YXRlXHJcbiAgICAgICAgICAgIHNoYXJlZEtleSB7XHJcbiAgICAgICAgICAgICAgaWRcclxuICAgICAgICAgICAgfVxyXG4gICAgICAgICAgICBzaGFyZWRDaXBoZXJBcHByb3ZhbERhdGFcclxuICAgICAgICAgICAgc2hhcmVkQ2lwaGVyUGFydGlhbEFzc2VtYmx5S2V5XHJcbiAgICAgICAgICAgIHJlY2VpdmVyQXBwcm92YWxzIHtcclxuICAgICAgICAgICAgICBlZGdlcyB7XHJcbiAgICAgICAgICAgICAgICBub2RlIHtcclxuICAgICAgICAgICAgICAgICAgaWRcclxuICAgICAgICAgICAgICAgIH1cclxuICAgICAgICAgICAgICB9XHJcbiAgICAgICAgICAgIH1cclxuICAgICAgICAgIH1cclxuICAgICAgICB9XHJcbiAgICAgIH1cclxuICAgIH1cclxuICB9XHJcbn1gO1xyXG5cclxuZXhwb3J0IGludGVyZmFjZSBTaGFyZWRUcFBhc3N3b3JkUmVzZXRzUXVlcnlSZXN1bHQge1xyXG4gIHNoYXJlZFRwUGFzc3dvcmRSZXNldHM6IHtcclxuICAgIGVkZ2VzOiB7XHJcbiAgICAgIG5vZGU6IFNoYXJlZFRwUGFzc3dvcmRSZXNldEZyYWdtZW50UmVzdWx0O1xyXG4gICAgfVtdO1xyXG4gIH07XHJcbn1cclxuZXhwb3J0IGNvbnN0IFNoYXJlZFRwUGFzc3dvcmRSZXNldHNRdWVyeSA9IGdxbFR5cGVkPFNoYXJlZFRwUGFzc3dvcmRSZXNldHNRdWVyeVJlc3VsdD5gXHJcbnF1ZXJ5IFNoYXJlZFRwUGFzc3dvcmRSZXNldHNRdWVyeSB7XHJcbiAgc2hhcmVkVHBQYXNzd29yZFJlc2V0cyB7XHJcbiAgICBlZGdlcyB7XHJcbiAgICAgIG5vZGUge1xyXG4gICAgICAgIC4uLlNoYXJlZFRwUGFzc3dvcmRSZXNldEZyYWdtZW50XHJcbiAgICAgIH1cclxuICAgIH1cclxuICB9XHJcbn1cclxuJHtTaGFyZWRUcFBhc3N3b3JkUmVzZXRGcmFnbWVudH1cclxuYDtcclxuXHJcbmV4cG9ydCBpbnRlcmZhY2UgU2hhcmVkVHBQYXNzd29yZFJlc2V0UXVlcnlSZXN1bHQge1xyXG4gIHNoYXJlZFRwUGFzc3dvcmRSZXNldDogU2hhcmVkVHBQYXNzd29yZFJlc2V0RnJhZ21lbnRSZXN1bHQ7XHJcbn1cclxuZXhwb3J0IGNvbnN0IFNoYXJlZFRwUGFzc3dvcmRSZXNldFF1ZXJ5ID0gZ3FsVHlwZWQ8U2hhcmVkVHBQYXNzd29yZFJlc2V0UXVlcnlSZXN1bHQ+YFxyXG5xdWVyeSBTaGFyZWRUcFBhc3N3b3JkUmVzZXRRdWVyeSgkaWQ6IExyUmVsYXlJZElucHV0ISkge1xyXG4gIHNoYXJlZFRwUGFzc3dvcmRSZXNldChpZDogJGlkKSB7XHJcbiAgICAuLi5TaGFyZWRUcFBhc3N3b3JkUmVzZXRGcmFnbWVudFxyXG4gIH1cclxufVxyXG4ke1NoYXJlZFRwUGFzc3dvcmRSZXNldEZyYWdtZW50fVxyXG5gO1xyXG5cclxuZXhwb3J0IGludGVyZmFjZSBDYW5jZWxUcFBhc3N3b3JkUmVzZXRSZXF1ZXN0TXV0YXRpb25SZXN1bHQge1xyXG4gIGNhbmNlbFRwUGFzc3dvcmRSZXNldFJlcXVlc3Q6IHtcclxuICAgIGlkOiBJRDtcclxuICB9O1xyXG59XHJcbmV4cG9ydCBjb25zdCBDYW5jZWxUcFBhc3N3b3JkUmVzZXRSZXF1ZXN0TXV0YXRpb24gPSBncWxUeXBlZDxDYW5jZWxUcFBhc3N3b3JkUmVzZXRSZXF1ZXN0TXV0YXRpb25SZXN1bHQ+YFxyXG5tdXRhdGlvbiBDYW5jZWxUcFBhc3N3b3JkUmVzZXRSZXF1ZXN0TXV0YXRpb24ge1xyXG4gIGNhbmNlbFRwUGFzc3dvcmRSZXNldFJlcXVlc3QoaW5wdXQ6IHt9KSB7XHJcbiAgICBpZFxyXG4gIH1cclxufWA7XHJcblxyXG5leHBvcnQgaW50ZXJmYWNlIENyZWF0ZVRwQXNzZW1ibHlLZXlDaGFsbGVuZ2VNdXRhdGlvblJlc3VsdCB7XHJcbiAgY3JlYXRlVHBBc3NlbWJseUtleUNoYWxsZW5nZToge1xyXG4gICAgY2hhbGxlbmdlOiBhbnk7XHJcbiAgfTtcclxufVxyXG5leHBvcnQgY29uc3QgQ3JlYXRlVHBBc3NlbWJseUtleUNoYWxsZW5nZU11dGF0aW9uID0gZ3FsVHlwZWQ8Q3JlYXRlVHBBc3NlbWJseUtleUNoYWxsZW5nZU11dGF0aW9uUmVzdWx0PmBcclxubXV0YXRpb24gQ3JlYXRlVHBBc3NlbWJseUtleUNoYWxsZW5nZU11dGF0aW9uKFxyXG4gICRpbnB1dDogQ3JlYXRlVHBBc3NlbWJseUtleUNoYWxsZW5nZUlucHV0IVxyXG4pIHtcclxuICBjcmVhdGVUcEFzc2VtYmx5S2V5Q2hhbGxlbmdlKGlucHV0OiAkaW5wdXQpIHtcclxuICAgIGNoYWxsZW5nZVxyXG4gIH1cclxufWA7XHJcblxyXG5leHBvcnQgaW50ZXJmYWNlIFByZUNvbXBsZXRlVHBQYXNzd29yZFJlc2V0UmVxdWVzdE11dGF0aW9uUmVzdWx0IHtcclxuICBwcmVDb21wbGV0ZVRwUGFzc3dvcmRSZXNldFJlcXVlc3Q6IHtcclxuICAgIGlkcFBhc3N3b3JkOiBzdHJpbmc7XHJcbiAgfTtcclxufVxyXG5leHBvcnQgY29uc3QgUHJlQ29tcGxldGVUcFBhc3N3b3JkUmVzZXRSZXF1ZXN0TXV0YXRpb24gPSBncWxUeXBlZDxQcmVDb21wbGV0ZVRwUGFzc3dvcmRSZXNldFJlcXVlc3RNdXRhdGlvblJlc3VsdD5gXHJcbm11dGF0aW9uIFByZUNvbXBsZXRlVHBQYXNzd29yZFJlc2V0UmVxdWVzdE11dGF0aW9uKFxyXG4gICRpbnB1dDogUHJlQ29tcGxldGVUcFBhc3N3b3JkUmVzZXRSZXF1ZXN0SW5wdXQhXHJcbikge1xyXG4gIHByZUNvbXBsZXRlVHBQYXNzd29yZFJlc2V0UmVxdWVzdChpbnB1dDogJGlucHV0KSB7XHJcbiAgICBpZHBQYXNzd29yZFxyXG4gIH1cclxufWA7XHJcblxyXG5leHBvcnQgaW50ZXJmYWNlIENvbXBsZXRlVHBQYXNzd29yZFJlc2V0UmVxdWVzdE11dGF0aW9uUmVzdWx0IHtcclxuICBjb21wbGV0ZVRwUGFzc3dvcmRSZXNldFJlcXVlc3Q6IHtcclxuICAgIGlkOiBJRDtcclxuICB9O1xyXG59XHJcbmV4cG9ydCBjb25zdCBDb21wbGV0ZVRwUGFzc3dvcmRSZXNldFJlcXVlc3RNdXRhdGlvbiA9IGdxbFR5cGVkPENvbXBsZXRlVHBQYXNzd29yZFJlc2V0UmVxdWVzdE11dGF0aW9uUmVzdWx0PmBcclxubXV0YXRpb24gQ29tcGxldGVUcFBhc3N3b3JkUmVzZXRSZXF1ZXN0TXV0YXRpb24oXHJcbiAgJGlucHV0OiBDb21wbGV0ZVRwUGFzc3dvcmRSZXNldFJlcXVlc3RJbnB1dCFcclxuKSB7XHJcbiAgY29tcGxldGVUcFBhc3N3b3JkUmVzZXRSZXF1ZXN0KGlucHV0OiAkaW5wdXQpIHtcclxuICAgIGlkXHJcbiAgfVxyXG59YDtcclxuXHJcbmV4cG9ydCBpbnRlcmZhY2UgQXBwcm92ZVRwUGFzc3dvcmRSZXNldFJlcXVlc3RNdXRhdGlvblJlc3VsdCB7XHJcbiAgYXBwcm92ZVRwUGFzc3dvcmRSZXNldFJlcXVlc3Q6IHtcclxuICAgIGNsYWltQXBwcm92ZXI6IHtcclxuICAgICAgaWQ6IElEO1xyXG4gICAgfTtcclxuICB9O1xyXG59XHJcbmV4cG9ydCBjb25zdCBBcHByb3ZlVHBQYXNzd29yZFJlc2V0UmVxdWVzdE11dGF0aW9uID0gZ3FsVHlwZWQ8QXBwcm92ZVRwUGFzc3dvcmRSZXNldFJlcXVlc3RNdXRhdGlvblJlc3VsdD5gXHJcbm11dGF0aW9uIEFwcHJvdmVUcFBhc3N3b3JkUmVzZXRSZXF1ZXN0TXV0YXRpb24oXHJcbiAgJGlucHV0OiBBcHByb3ZlVHBQYXNzd29yZFJlc2V0UmVxdWVzdElucHV0IVxyXG4pIHtcclxuICBhcHByb3ZlVHBQYXNzd29yZFJlc2V0UmVxdWVzdChpbnB1dDogJGlucHV0KSB7XHJcbiAgICBjbGFpbUFwcHJvdmVyIHtcclxuICAgICAgaWRcclxuICAgIH1cclxuICB9XHJcbn1gO1xyXG5cclxuZXhwb3J0IGludGVyZmFjZSBSZWplY3RUcFBhc3N3b3JkUmVzZXRSZXF1ZXN0TXV0YXRpb25SZXN1bHQge1xyXG4gIHJlamVjdFRwUGFzc3dvcmRSZXNldFJlcXVlc3Q6IHtcclxuICAgIGNsYWltQXBwcm92ZXI6IHtcclxuICAgICAgaWQ6IElEO1xyXG4gICAgfTtcclxuICB9O1xyXG59XHJcbmV4cG9ydCBjb25zdCBSZWplY3RUcFBhc3N3b3JkUmVzZXRSZXF1ZXN0TXV0YXRpb24gPSBncWxUeXBlZDxSZWplY3RUcFBhc3N3b3JkUmVzZXRSZXF1ZXN0TXV0YXRpb25SZXN1bHQ+YFxyXG5tdXRhdGlvbiBSZWplY3RUcFBhc3N3b3JkUmVzZXRSZXF1ZXN0TXV0YXRpb24oXHJcbiAgJGlucHV0OiBSZWplY3RUcFBhc3N3b3JkUmVzZXRSZXF1ZXN0SW5wdXQhXHJcbikge1xyXG4gIHJlamVjdFRwUGFzc3dvcmRSZXNldFJlcXVlc3QoaW5wdXQ6ICRpbnB1dCkge1xyXG4gICAgY2xhaW1BcHByb3ZlciB7XHJcbiAgICAgIGlkXHJcbiAgICB9XHJcbiAgfVxyXG59YDtcclxuXHJcbmV4cG9ydCBpbnRlcmZhY2UgVHBQYXNzd29yZFJlc2V0VXNlclF1ZXJ5UmVzdWx0IHtcclxuICB0cFBhc3N3b3JkUmVzZXRVc2VyOiB7XHJcbiAgICB1c2VybmFtZTogc3RyaW5nO1xyXG4gICAgcmVzZXRVc2VybmFtZTogc3RyaW5nO1xyXG4gICAgc3RhdGU6IFRwQ2xhaW1TdGF0ZTtcclxuICAgIHBhc3NLZXk6IHtcclxuICAgICAgaWQ6IElEO1xyXG4gICAgICBwYXNzS2V5UGFyYW1zOiBHZW5lcmljU2NhbGFyO1xyXG4gICAgICBwYXNzSWRwUGFyYW1zOiBHZW5lcmljU2NhbGFyO1xyXG4gICAgfTtcclxuICAgIG1hc3RlcktleToge1xyXG4gICAgICBpZDogSUQ7XHJcbiAgICB9O1xyXG4gICAgcHhrOiB7XHJcbiAgICAgIGlkOiBJRDtcclxuICAgIH07XHJcbiAgICBzZXNzaW9uRW5jcnlwdGlvbktleTogc3RyaW5nO1xyXG4gICAgYXNzZW1ibHk6IHtcclxuICAgICAgc2luZ2xlUmVqZWN0OiBib29sZWFuO1xyXG4gICAgICBxdW9ydW06IG51bWJlcjtcclxuICAgICAgc3ViQXNzZW1ibGllczoge1xyXG4gICAgICAgIHNpbmdsZVJlamVjdDogYm9vbGVhbjtcclxuICAgICAgICBxdW9ydW06IG51bWJlcjtcclxuICAgICAgICBhcHByb3ZlcnM6IHtcclxuICAgICAgICAgIG5hbWU6IHN0cmluZztcclxuICAgICAgICAgIGVtYWlsOiBzdHJpbmc7XHJcbiAgICAgICAgICBzdGF0ZTogVHBDbGFpbUFwcHJvdmVyU3RhdGU7XHJcbiAgICAgICAgfVtdO1xyXG4gICAgICB9W107XHJcbiAgICB9O1xyXG4gICAgYXBwcm92YWxzOiB7XHJcbiAgICAgIGlkOiBJRDtcclxuICAgICAgbW9kaWZpZWQ6IERhdGVUaW1lO1xyXG4gICAgICBhcHByb3ZlckVtYWlsOiBzdHJpbmc7XHJcbiAgICAgIHJlY2VpdmVyQ2lwaGVyOiBzdHJpbmc7XHJcbiAgICAgIHJlY2VpdmVyQ2lwaGVyUGFydGlhbEFzc2VtYmx5S2V5OiBzdHJpbmc7XHJcbiAgICB9W107XHJcbiAgICBhc3NlbWJseUNpcGhlckRhdGE6IHN0cmluZztcclxuICAgIHdyYXBwZWRBc3NlbWJseUtleVZlcmlmaWVyUHJrOiBzdHJpbmc7XHJcbiAgfTtcclxufVxyXG5leHBvcnQgY29uc3QgVHBQYXNzd29yZFJlc2V0VXNlclF1ZXJ5ID0gZ3FsVHlwZWQ8VHBQYXNzd29yZFJlc2V0VXNlclF1ZXJ5UmVzdWx0PmBcclxucXVlcnkgVHBQYXNzd29yZFJlc2V0VXNlclF1ZXJ5IHtcclxuICB0cFBhc3N3b3JkUmVzZXRVc2VyIHtcclxuICAgIHVzZXJuYW1lXHJcbiAgICByZXNldFVzZXJuYW1lXHJcbiAgICBzdGF0ZVxyXG4gICAgcGFzc0tleSB7XHJcbiAgICAgIGlkXHJcbiAgICAgIHBhc3NLZXlQYXJhbXNcclxuICAgICAgcGFzc0lkcFBhcmFtc1xyXG4gICAgfVxyXG4gICAgbWFzdGVyS2V5IHtcclxuICAgICAgaWRcclxuICAgIH1cclxuICAgIHB4ayB7XHJcbiAgICAgIGlkXHJcbiAgICB9XHJcbiAgICBzZXNzaW9uRW5jcnlwdGlvbktleVxyXG4gICAgYXNzZW1ibHkge1xyXG4gICAgICBzaW5nbGVSZWplY3RcclxuICAgICAgcXVvcnVtXHJcbiAgICAgIHN1YkFzc2VtYmxpZXMge1xyXG4gICAgICAgIHNpbmdsZVJlamVjdFxyXG4gICAgICAgIHF1b3J1bVxyXG4gICAgICAgIGFwcHJvdmVycyB7XHJcbiAgICAgICAgICBuYW1lXHJcbiAgICAgICAgICBlbWFpbFxyXG4gICAgICAgICAgc3RhdGVcclxuICAgICAgICB9XHJcbiAgICAgIH1cclxuICAgIH1cclxuICAgIGFwcHJvdmFscyB7XHJcbiAgICAgIGlkXHJcbiAgICAgIG1vZGlmaWVkXHJcbiAgICAgIGFwcHJvdmVyRW1haWxcclxuICAgICAgcmVjZWl2ZXJDaXBoZXJcclxuICAgICAgcmVjZWl2ZXJDaXBoZXJQYXJ0aWFsQXNzZW1ibHlLZXlcclxuICAgIH1cclxuICAgIGFzc2VtYmx5Q2lwaGVyRGF0YVxyXG4gICAgd3JhcHBlZEFzc2VtYmx5S2V5VmVyaWZpZXJQcmtcclxuICB9XHJcbn1gO1xyXG5cclxuZXhwb3J0IGludGVyZmFjZSBUcFBhc3N3b3JkUmVzZXRRdWVyeVJlc3VsdCB7XHJcbiAgdHBQYXNzd29yZFJlc2V0OiB7XHJcbiAgICBpZDogSUQ7XHJcbiAgICBhcHBsaWVkOiBib29sZWFuO1xyXG4gICAgYXNzZW1ibHk6IHtcclxuICAgICAgc2luZ2xlUmVqZWN0OiBib29sZWFuO1xyXG4gICAgICBxdW9ydW06IG51bWJlcjtcclxuICAgICAgc3ViamVjdEtleToge1xyXG4gICAgICAgIGlkOiBJRDtcclxuICAgICAgfTtcclxuICAgICAgYXNzZW1ibHlLZXk6IHtcclxuICAgICAgICBpZDogSUQ7XHJcbiAgICAgIH07XHJcbiAgICAgIGFzc2VtYmx5Q2lwaGVyRGF0YTogc3RyaW5nO1xyXG4gICAgICBzdWJBc3NlbWJsaWVzOiB7XHJcbiAgICAgICAgZWRnZXM6IHtcclxuICAgICAgICAgIG5vZGU6IHtcclxuICAgICAgICAgICAgaWQ6IElEO1xyXG4gICAgICAgICAgICBzaW5nbGVSZWplY3Q6IGJvb2xlYW47XHJcbiAgICAgICAgICAgIHF1b3J1bTogbnVtYmVyO1xyXG4gICAgICAgICAgICBzdWJqZWN0Q2lwaGVyRGF0YTogc3RyaW5nO1xyXG4gICAgICAgICAgICBzdWJqZWN0Q2lwaGVyRGF0YUNsZWFySnNvbjogYW55O1xyXG4gICAgICAgICAgICBhcHByb3ZlcnM6IHtcclxuICAgICAgICAgICAgICBlZGdlczoge1xyXG4gICAgICAgICAgICAgICAgbm9kZToge1xyXG4gICAgICAgICAgICAgICAgICBpZDogSUQ7XHJcbiAgICAgICAgICAgICAgICAgIHRwOiB7XHJcbiAgICAgICAgICAgICAgICAgICAgaWQ6IElEO1xyXG4gICAgICAgICAgICAgICAgICB9O1xyXG4gICAgICAgICAgICAgICAgICBzaGFyZWRLZXk6IHtcclxuICAgICAgICAgICAgICAgICAgICBpZDogSUQ7XHJcbiAgICAgICAgICAgICAgICAgIH07XHJcbiAgICAgICAgICAgICAgICAgIHNoYXJlZENpcGhlckRhdGE6IHN0cmluZztcclxuICAgICAgICAgICAgICAgIH07XHJcbiAgICAgICAgICAgICAgfVtdO1xyXG4gICAgICAgICAgICB9O1xyXG4gICAgICAgICAgfTtcclxuICAgICAgICB9W107XHJcbiAgICAgIH07XHJcbiAgICB9O1xyXG4gIH07XHJcbn1cclxuZXhwb3J0IGNvbnN0IFRwUGFzc3dvcmRSZXNldFF1ZXJ5ID0gZ3FsVHlwZWQ8VHBQYXNzd29yZFJlc2V0UXVlcnlSZXN1bHQ+YFxyXG5xdWVyeSBUcFBhc3N3b3JkUmVzZXRRdWVyeSB7XHJcbiAgdHBQYXNzd29yZFJlc2V0IHtcclxuICAgIGlkXHJcbiAgICBhcHBsaWVkXHJcbiAgICBhc3NlbWJseSB7XHJcbiAgICAgIHNpbmdsZVJlamVjdFxyXG4gICAgICBxdW9ydW1cclxuICAgICAgc3ViamVjdEtleSB7XHJcbiAgICAgICAgaWRcclxuICAgICAgfVxyXG4gICAgICBhc3NlbWJseUtleSB7XHJcbiAgICAgICAgaWRcclxuICAgICAgfVxyXG4gICAgICBhc3NlbWJseUNpcGhlckRhdGFcclxuICAgICAgc3ViQXNzZW1ibGllcyB7XHJcbiAgICAgICAgZWRnZXMge1xyXG4gICAgICAgICAgbm9kZSB7XHJcbiAgICAgICAgICAgIGlkXHJcbiAgICAgICAgICAgIHNpbmdsZVJlamVjdFxyXG4gICAgICAgICAgICBxdW9ydW1cclxuICAgICAgICAgICAgc3ViamVjdENpcGhlckRhdGFcclxuICAgICAgICAgICAgYXBwcm92ZXJzIHtcclxuICAgICAgICAgICAgICBlZGdlcyB7XHJcbiAgICAgICAgICAgICAgICBub2RlIHtcclxuICAgICAgICAgICAgICAgICAgaWRcclxuICAgICAgICAgICAgICAgICAgdHAge1xyXG4gICAgICAgICAgICAgICAgICAgIGlkXHJcbiAgICAgICAgICAgICAgICAgIH1cclxuICAgICAgICAgICAgICAgICAgc2hhcmVkS2V5IHtcclxuICAgICAgICAgICAgICAgICAgICBpZFxyXG4gICAgICAgICAgICAgICAgICB9XHJcbiAgICAgICAgICAgICAgICAgIHNoYXJlZENpcGhlckRhdGFcclxuICAgICAgICAgICAgICAgIH1cclxuICAgICAgICAgICAgICB9XHJcbiAgICAgICAgICAgIH1cclxuICAgICAgICAgIH1cclxuICAgICAgICB9XHJcbiAgICAgIH1cclxuICAgIH1cclxuICB9XHJcbn1gO1xyXG5cclxuZXhwb3J0IGludGVyZmFjZSBDcmVhdGVUcFBhc3N3b3JkUmVzZXRNdXRhdGlvblJlc3VsdCB7XHJcbiAgY3JlYXRlVHBQYXNzd29yZFJlc2V0OiB7XHJcbiAgICB0cFBhc3N3b3JkUmVzZXQ6IHtcclxuICAgICAgaWQ6IElEO1xyXG4gICAgfTtcclxuICB9O1xyXG59XHJcbmV4cG9ydCBjb25zdCBDcmVhdGVUcFBhc3N3b3JkUmVzZXRNdXRhdGlvbiA9IGdxbFR5cGVkPENyZWF0ZVRwUGFzc3dvcmRSZXNldE11dGF0aW9uUmVzdWx0PmBcclxubXV0YXRpb24gQ3JlYXRlVHBQYXNzd29yZFJlc2V0TXV0YXRpb24oJGlucHV0OiBDcmVhdGVUcFBhc3N3b3JkUmVzZXRJbnB1dCEpIHtcclxuICBjcmVhdGVUcFBhc3N3b3JkUmVzZXQoaW5wdXQ6ICRpbnB1dCkge1xyXG4gICAgdHBQYXNzd29yZFJlc2V0IHtcclxuICAgICAgaWRcclxuICAgIH1cclxuICB9XHJcbn1gO1xyXG5cclxuZXhwb3J0IGludGVyZmFjZSBEZWxldGVUcFBhc3N3b3JkUmVzZXRNdXRhdGlvblJlc3VsdCB7XHJcbiAgZGVsZXRlVHBQYXNzd29yZFJlc2V0OiB7XHJcbiAgICBpZDogSUQ7XHJcbiAgfTtcclxufVxyXG5leHBvcnQgY29uc3QgRGVsZXRlVHBQYXNzd29yZFJlc2V0TXV0YXRpb24gPSBncWxUeXBlZDxEZWxldGVUcFBhc3N3b3JkUmVzZXRNdXRhdGlvblJlc3VsdD5gXHJcbm11dGF0aW9uIERlbGV0ZVRwUGFzc3dvcmRSZXNldE11dGF0aW9uIHtcclxuICBkZWxldGVUcFBhc3N3b3JkUmVzZXQoaW5wdXQ6IHt9KSB7XHJcbiAgICBpZFxyXG4gIH1cclxufWA7XHJcblxyXG5leHBvcnQgaW50ZXJmYWNlIFVwZGF0ZVRwUGFzc3dvcmRSZXNldE11dGF0aW9uUmVzdWx0IHtcclxuICB1cGRhdGVUcFBhc3N3b3JkUmVzZXQ6IHtcclxuICAgIHRwUGFzc3dvcmRSZXNldDoge1xyXG4gICAgICBpZDogSUQ7XHJcbiAgICB9O1xyXG4gIH07XHJcbn1cclxuZXhwb3J0IGNvbnN0IFVwZGF0ZVRwUGFzc3dvcmRSZXNldE11dGF0aW9uID0gZ3FsVHlwZWQ8VXBkYXRlVHBQYXNzd29yZFJlc2V0TXV0YXRpb25SZXN1bHQ+YFxyXG5tdXRhdGlvbiBVcGRhdGVUcFBhc3N3b3JkUmVzZXRNdXRhdGlvbigkaW5wdXQ6IFVwZGF0ZVRwUGFzc3dvcmRSZXNldElucHV0ISkge1xyXG4gIHVwZGF0ZVRwUGFzc3dvcmRSZXNldChpbnB1dDogJGlucHV0KSB7XHJcbiAgICB0cFBhc3N3b3JkUmVzZXQge1xyXG4gICAgICBpZFxyXG4gICAgfVxyXG4gIH1cclxufWA7XHJcbiJdfQ==