npm - @lifeready/core - Versions diffs - 1.0.1 → 1.0.2 - Mend

@lifeready/core 1.0.1 → 1.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (380) hide show

package/README.md +62 -62
package/bundles/lifeready-core.umd.js +15939 -0
package/bundles/lifeready-core.umd.js.map +1 -0
package/bundles/lifeready-core.umd.min.js +16 -0
package/bundles/lifeready-core.umd.min.js.map +1 -0
package/esm2015/lib/_common/ast.js +40 -0
package/esm2015/lib/_common/deferred-promise.js +24 -0
package/esm2015/lib/_common/exceptions.js +157 -0
package/esm2015/lib/_common/queries.gql.js +190 -0
package/esm2015/lib/_common/run-outside-angular.js +79 -0
package/esm2015/lib/_common/types.js +1 -0
package/esm2015/lib/_common/utils.js +44 -0
package/esm2015/lib/api/contact-card.gql.js +79 -0
package/esm2015/lib/api/contact-card.service.js +154 -0
package/esm2015/lib/api/contact-card2.gql.js +60 -0
package/esm2015/lib/api/contact-card2.service.js +103 -0
package/esm2015/lib/api/file.service.js +74 -0
package/esm2015/lib/api/item2.gql.js +110 -0
package/esm2015/lib/api/item2.service.js +311 -0
package/esm2015/lib/api/key-exchange.gql.js +188 -0
package/esm2015/lib/api/key-exchange.service.js +442 -0
package/esm2015/lib/api/key-exchange.types.js +18 -0
package/esm2015/lib/api/key-exchange2.gql.js +171 -0
package/esm2015/lib/api/key-exchange2.service.js +479 -0
package/esm2015/lib/api/lock.gql.js +40 -0
package/esm2015/lib/api/lock.service.js +64 -0
package/esm2015/lib/api/lr-apollo.service.js +46 -0
package/esm2015/lib/api/lr-graphql/index.js +6 -0
package/esm2015/lib/api/lr-graphql/lr-graphql.service.js +155 -0
package/esm2015/lib/api/lr-graphql/lr-merged-mutation.js +213 -0
package/esm2015/lib/api/lr-graphql/lr-mutation-base.js +51 -0
package/esm2015/lib/api/lr-graphql/lr-mutation.js +48 -0
package/esm2015/lib/api/lr-graphql/lr.service.js +18 -0
package/esm2015/lib/api/message.service.js +138 -0
package/esm2015/lib/api/persist.service.js +181 -0
package/esm2015/lib/api/query-processor/common-processors.service.js +93 -0
package/esm2015/lib/api/query-processor/index.js +3 -0
package/esm2015/lib/api/query-processor/query-processor.service.js +192 -0
package/esm2015/lib/api/query-processor/tp-password-reset-processor.service.js +109 -0
package/esm2015/lib/api/shared-contact-card.service.js +119 -0
package/esm2015/lib/api/shared-contact-card2.gql.js +41 -0
package/esm2015/lib/api/shared-contact-card2.service.js +117 -0
package/esm2015/lib/api/time.service.js +146 -0
package/esm2015/lib/api/types/graphql.types.js +7 -0
package/esm2015/lib/api/types/index.js +3 -0
package/esm2015/lib/api/types/lr-graphql.types.js +71 -0
package/esm2015/lib/auth/auth.config.js +57 -0
package/esm2015/lib/auth/auth.gql.js +48 -0
package/esm2015/lib/auth/auth.types.js +27 -0
package/esm2015/lib/auth/idle.service.js +168 -0
package/esm2015/lib/auth/idle.types.js +7 -0
package/esm2015/lib/auth/lbop.service.js +355 -0
package/esm2015/lib/auth/life-ready-auth.service.js +500 -0
package/esm2015/lib/auth/password.service.js +320 -0
package/esm2015/lib/auth/register.service.js +172 -0
package/esm2015/lib/auth/two-factor.service.js +74 -0
package/esm2015/lib/category/category-meta.service.js +99 -0
package/esm2015/lib/category/category.gql.js +406 -0
package/esm2015/lib/category/category.service.js +390 -0
package/esm2015/lib/category/category.types.js +29 -0
package/esm2015/lib/cryptography/cryptography.types.js +11 -0
package/esm2015/lib/cryptography/encryption.service.js +189 -0
package/esm2015/lib/cryptography/key-factory.service.js +237 -0
package/esm2015/lib/cryptography/key-graph.service.js +280 -0
package/esm2015/lib/cryptography/key-meta.service.js +200 -0
package/esm2015/lib/cryptography/key.service.js +124 -0
package/esm2015/lib/cryptography/slip39.service.js +169 -0
package/esm2015/lib/cryptography/web-crypto.service.js +29 -0
package/esm2015/lib/life-ready.config.js +84 -0
package/esm2015/lib/life-ready.module.js +74 -0
package/esm2015/lib/plan/plan.gql.js +123 -0
package/esm2015/lib/plan/plan.service.js +149 -0
package/esm2015/lib/plan/plan.types.js +11 -0
package/esm2015/lib/record/record-attachment.service.js +101 -0
package/esm2015/lib/record/record.gql.js +179 -0
package/esm2015/lib/record/record.service.js +206 -0
package/esm2015/lib/record/record.types.js +15 -0
package/esm2015/lib/record-type/record-type.service.js +75 -0
package/esm2015/lib/record-type/record-type.types.js +28 -0
package/esm2015/lib/scenario/approvals/scenario-approval.gql.js +105 -0
package/esm2015/lib/scenario/approvals/scenario-approval.types.js +1 -0
package/esm2015/lib/scenario/approvals/scenario-approver.service.js +300 -0
package/esm2015/lib/scenario/claimants/scenario-claimant.gql.js +52 -0
package/esm2015/lib/scenario/claimants/scenario-claimant.service.js +97 -0
package/esm2015/lib/scenario/claimants/scenario-claimant.types.js +1 -0
package/esm2015/lib/scenario/receivers/scenario-receiver.gql.js +150 -0
package/esm2015/lib/scenario/receivers/scenario-receiver.service.js +229 -0
package/esm2015/lib/scenario/receivers/scenario-receiver.types.js +1 -0
package/esm2015/lib/scenario/scenario-setup.service.js +269 -0
package/esm2015/lib/scenario/scenario.gql.js +368 -0
package/esm2015/lib/scenario/scenario.service.js +611 -0
package/esm2015/lib/scenario/scenario.types.js +64 -0
package/esm2015/lib/search/search.gql.js +62 -0
package/esm2015/lib/search/search.service.js +156 -0
package/esm2015/lib/search/search.types.js +6 -0
package/esm2015/lib/trusted-parties/tp-password-reset-request.service.js +112 -0
package/esm2015/lib/trusted-parties/tp-password-reset-user.service.js +129 -0
package/esm2015/lib/trusted-parties/tp-password-reset.constants.js +4 -0
package/esm2015/lib/trusted-parties/tp-password-reset.gql.js +232 -0
package/esm2015/lib/trusted-parties/tp-password-reset.service.js +299 -0
package/esm2015/lib/trusted-parties/trusted-party.gql.js +148 -0
package/esm2015/lib/trusted-parties/trusted-party.service.js +326 -0
package/esm2015/lib/trusted-parties/trusted-party.types.js +41 -0
package/esm2015/lib/trusted-parties/trusted-party2.gql.js +87 -0
package/esm2015/lib/trusted-parties/trusted-party2.service.js +215 -0
package/esm2015/lib/users/profile-details.service.js +214 -0
package/esm2015/lib/users/profile.gql.js +97 -0
package/esm2015/lib/users/profile.service.js +169 -0
package/esm2015/lib/users/profile.types.js +34 -0
package/esm2015/lib/users/user.gql.js +60 -0
package/esm2015/lib/users/user.service.js +79 -0
package/esm2015/lib/users/user.types.js +5 -0
package/esm2015/lifeready-core.js +10 -0
package/esm2015/public-api.js +81 -0
package/fesm2015/lifeready-core.js +13314 -0
package/fesm2015/lifeready-core.js.map +1 -0
package/lib/_common/ast.d.ts +11 -0
package/lib/_common/deferred-promise.d.ts +12 -0
package/lib/_common/exceptions.d.ts +109 -0
package/lib/_common/queries.gql.d.ts +10 -0
package/lib/_common/run-outside-angular.d.ts +14 -0
package/{src/lib/_common/types.ts → lib/_common/types.d.ts} +10 -13
package/lib/_common/utils.d.ts +3 -0
package/lib/api/contact-card.gql.d.ts +7 -0
package/lib/api/contact-card.service.d.ts +52 -0
package/lib/api/contact-card2.gql.d.ts +34 -0
package/lib/api/contact-card2.service.d.ts +49 -0
package/lib/api/file.service.d.ts +18 -0
package/lib/api/item2.gql.d.ts +96 -0
package/lib/api/item2.service.d.ts +177 -0
package/lib/api/key-exchange.gql.d.ts +9 -0
package/lib/api/key-exchange.service.d.ts +39 -0
package/lib/api/key-exchange.types.d.ts +196 -0
package/lib/api/key-exchange2.gql.d.ts +125 -0
package/lib/api/key-exchange2.service.d.ts +187 -0
package/lib/api/lock.gql.d.ts +27 -0
package/lib/api/lock.service.d.ts +25 -0
package/lib/api/lr-apollo.service.d.ts +15 -0
package/{src/lib/api/lr-graphql/index.ts → lib/api/lr-graphql/index.d.ts} +5 -5
package/lib/api/lr-graphql/lr-graphql.service.d.ts +60 -0
package/lib/api/lr-graphql/lr-merged-mutation.d.ts +27 -0
package/lib/api/lr-graphql/lr-mutation-base.d.ts +28 -0
package/lib/api/lr-graphql/lr-mutation.d.ts +8 -0
package/lib/api/lr-graphql/lr.service.d.ts +9 -0
package/lib/api/message.service.d.ts +58 -0
package/lib/api/persist.service.d.ts +31 -0
package/lib/api/query-processor/common-processors.service.d.ts +36 -0
package/{src/lib/api/query-processor/index.ts → lib/api/query-processor/index.d.ts} +2 -2
package/lib/api/query-processor/query-processor.service.d.ts +18 -0
package/lib/api/query-processor/tp-password-reset-processor.service.d.ts +15 -0
package/lib/api/shared-contact-card.service.d.ts +33 -0
package/lib/api/shared-contact-card2.gql.d.ts +36 -0
package/lib/api/shared-contact-card2.service.d.ts +45 -0
package/lib/api/time.service.d.ts +16 -0
package/lib/api/types/graphql.types.d.ts +29 -0
package/{src/lib/api/types/index.ts → lib/api/types/index.d.ts} +2 -2
package/lib/api/types/lr-graphql.types.d.ts +385 -0
package/lib/auth/auth.config.d.ts +5 -0
package/lib/auth/auth.gql.d.ts +15 -0
package/lib/auth/auth.types.d.ts +66 -0
package/lib/auth/idle.service.d.ts +40 -0
package/lib/auth/idle.types.d.ts +10 -0
package/lib/auth/lbop.service.d.ts +91 -0
package/lib/auth/life-ready-auth.service.d.ts +59 -0
package/lib/auth/password.service.d.ts +78 -0
package/lib/auth/register.service.d.ts +25 -0
package/lib/auth/two-factor.service.d.ts +15 -0
package/lib/category/category-meta.service.d.ts +23 -0
package/lib/category/category.gql.d.ts +45 -0
package/lib/category/category.service.d.ts +67 -0
package/lib/category/category.types.d.ts +79 -0
package/lib/cryptography/cryptography.types.d.ts +83 -0
package/lib/cryptography/encryption.service.d.ts +41 -0
package/lib/cryptography/key-factory.service.d.ts +38 -0
package/lib/cryptography/key-graph.service.d.ts +33 -0
package/lib/cryptography/key-meta.service.d.ts +44 -0
package/lib/cryptography/key.service.d.ts +36 -0
package/lib/cryptography/slip39.service.d.ts +43 -0
package/lib/cryptography/web-crypto.service.d.ts +5 -0
package/lib/life-ready.config.d.ts +14 -0
package/lib/life-ready.module.d.ts +5 -0
package/lib/plan/plan.gql.d.ts +11 -0
package/lib/plan/plan.service.d.ts +33 -0
package/lib/plan/plan.types.d.ts +31 -0
package/lib/record/record-attachment.service.d.ts +16 -0
package/lib/record/record.gql.d.ts +14 -0
package/lib/record/record.service.d.ts +25 -0
package/lib/record/record.types.d.ts +57 -0
package/lib/record-type/record-type.service.d.ts +11 -0
package/lib/record-type/record-type.types.d.ts +50 -0
package/lib/scenario/approvals/scenario-approval.gql.d.ts +7 -0
package/lib/scenario/approvals/scenario-approval.types.d.ts +63 -0
package/lib/scenario/approvals/scenario-approver.service.d.ts +32 -0
package/lib/scenario/claimants/scenario-claimant.gql.d.ts +5 -0
package/lib/scenario/claimants/scenario-claimant.service.d.ts +17 -0
package/lib/scenario/claimants/scenario-claimant.types.d.ts +18 -0
package/lib/scenario/receivers/scenario-receiver.gql.d.ts +8 -0
package/lib/scenario/receivers/scenario-receiver.service.d.ts +30 -0
package/lib/scenario/receivers/scenario-receiver.types.d.ts +54 -0
package/lib/scenario/scenario-setup.service.d.ts +22 -0
package/lib/scenario/scenario.gql.d.ts +34 -0
package/lib/scenario/scenario.service.d.ts +58 -0
package/lib/scenario/scenario.types.d.ts +217 -0
package/lib/search/search.gql.d.ts +1 -0
package/lib/search/search.service.d.ts +25 -0
package/lib/search/search.types.d.ts +20 -0
package/lib/trusted-parties/tp-password-reset-request.service.d.ts +20 -0
package/lib/trusted-parties/tp-password-reset-user.service.d.ts +35 -0
package/lib/trusted-parties/tp-password-reset.constants.d.ts +3 -0
package/lib/trusted-parties/tp-password-reset.gql.d.ts +218 -0
package/lib/trusted-parties/tp-password-reset.service.d.ts +130 -0
package/lib/trusted-parties/trusted-party.gql.d.ts +9 -0
package/lib/trusted-parties/trusted-party.service.d.ts +44 -0
package/lib/trusted-parties/trusted-party.types.d.ts +102 -0
package/lib/trusted-parties/trusted-party2.gql.d.ts +79 -0
package/lib/trusted-parties/trusted-party2.service.d.ts +114 -0
package/lib/users/profile-details.service.d.ts +21 -0
package/lib/users/profile.gql.d.ts +11 -0
package/lib/users/profile.service.d.ts +35 -0
package/lib/users/profile.types.d.ts +96 -0
package/lib/users/user.gql.d.ts +9 -0
package/lib/users/user.service.d.ts +12 -0
package/lib/users/user.types.d.ts +23 -0
package/lifeready-core.d.ts +9 -0
package/lifeready-core.metadata.json +1 -0
package/package.json +29 -21
package/{src/public-api.ts → public-api.d.ts} +77 -96
package/karma.conf.js +0 -32
package/ng-package.json +0 -26
package/src/lib/_common/ast.ts +0 -75
package/src/lib/_common/deferred-promise.ts +0 -35
package/src/lib/_common/exceptions.ts +0 -189
package/src/lib/_common/queries.gql.ts +0 -200
package/src/lib/_common/run-outside-angular.ts +0 -125
package/src/lib/_common/tests.ts +0 -82
package/src/lib/_common/utils.ts +0 -57
package/src/lib/api/api-mutation.spec.ts +0 -547
package/src/lib/api/api-query.spec.ts +0 -40
package/src/lib/api/contact-card.gql.ts +0 -85
package/src/lib/api/contact-card.service.spec.ts +0 -249
package/src/lib/api/contact-card.service.ts +0 -228
package/src/lib/api/contact-card2.gql.ts +0 -93
package/src/lib/api/contact-card2.service.spec.ts +0 -297
package/src/lib/api/contact-card2.service.ts +0 -139
package/src/lib/api/file.service.spec.ts +0 -14
package/src/lib/api/file.service.ts +0 -81
package/src/lib/api/item2.gql.ts +0 -211
package/src/lib/api/item2.service.spec.ts +0 -1043
package/src/lib/api/item2.service.ts +0 -481
package/src/lib/api/key-exchange.gql.ts +0 -196
package/src/lib/api/key-exchange.service.spec.ts +0 -470
package/src/lib/api/key-exchange.service.ts +0 -731
package/src/lib/api/key-exchange.types.ts +0 -235
package/src/lib/api/key-exchange2.gql.ts +0 -310
package/src/lib/api/key-exchange2.service.spec.ts +0 -892
package/src/lib/api/key-exchange2.service.ts +0 -875
package/src/lib/api/lock.gql.ts +0 -67
package/src/lib/api/lock.service.spec.ts +0 -549
package/src/lib/api/lock.service.ts +0 -57
package/src/lib/api/lr-apollo.service.spec.ts +0 -27
package/src/lib/api/lr-apollo.service.ts +0 -43
package/src/lib/api/lr-graphql/lr-graphql.service.ts +0 -313
package/src/lib/api/lr-graphql/lr-merged-mutation.ts +0 -377
package/src/lib/api/lr-graphql/lr-mutation-base.ts +0 -67
package/src/lib/api/lr-graphql/lr-mutation.ts +0 -74
package/src/lib/api/lr-graphql/lr.service.ts +0 -28
package/src/lib/api/message.service.spec.ts +0 -20
package/src/lib/api/message.service.ts +0 -210
package/src/lib/api/persist.service.spec.ts +0 -209
package/src/lib/api/persist.service.ts +0 -220
package/src/lib/api/query-processor/common-processors.service.ts +0 -148
package/src/lib/api/query-processor/query-processor.service.ts +0 -240
package/src/lib/api/query-processor/tp-password-reset-processor.service.ts +0 -177
package/src/lib/api/shared-contact-card.service.ts +0 -156
package/src/lib/api/shared-contact-card2.gql.ts +0 -76
package/src/lib/api/shared-contact-card2.service.ts +0 -154
package/src/lib/api/time.service.spec.ts +0 -48
package/src/lib/api/time.service.ts +0 -155
package/src/lib/api/types/graphql.types.ts +0 -48
package/src/lib/api/types/lr-graphql.types.ts +0 -467
package/src/lib/auth/auth.config.ts +0 -83
package/src/lib/auth/auth.gql.ts +0 -62
package/src/lib/auth/auth.types.ts +0 -79
package/src/lib/auth/idle.service.spec.ts +0 -119
package/src/lib/auth/idle.service.ts +0 -208
package/src/lib/auth/idle.types.ts +0 -11
package/src/lib/auth/lbop.service.spec.ts +0 -56
package/src/lib/auth/lbop.service.ts +0 -539
package/src/lib/auth/life-ready-auth.service.spec.ts +0 -70
package/src/lib/auth/life-ready-auth.service.ts +0 -454
package/src/lib/auth/password.service.spec.ts +0 -51
package/src/lib/auth/password.service.ts +0 -438
package/src/lib/auth/register.service.spec.ts +0 -31
package/src/lib/auth/register.service.ts +0 -181
package/src/lib/auth/two-factor.service.spec.ts +0 -21
package/src/lib/auth/two-factor.service.ts +0 -69
package/src/lib/category/category-meta.service.spec.ts +0 -28
package/src/lib/category/category-meta.service.ts +0 -125
package/src/lib/category/category.gql.ts +0 -449
package/src/lib/category/category.service.spec.ts +0 -26
package/src/lib/category/category.service.ts +0 -498
package/src/lib/category/category.types.ts +0 -89
package/src/lib/cryptography/cryptography.types.ts +0 -108
package/src/lib/cryptography/encryption.service.spec.ts +0 -125
package/src/lib/cryptography/encryption.service.ts +0 -243
package/src/lib/cryptography/key-factory.service.spec.ts +0 -15
package/src/lib/cryptography/key-factory.service.ts +0 -303
package/src/lib/cryptography/key-graph.service.spec.ts +0 -16
package/src/lib/cryptography/key-graph.service.ts +0 -354
package/src/lib/cryptography/key-meta.service.spec.ts +0 -40
package/src/lib/cryptography/key-meta.service.ts +0 -254
package/src/lib/cryptography/key.service.spec.ts +0 -16
package/src/lib/cryptography/key.service.ts +0 -154
package/src/lib/cryptography/slip39.service.spec.ts +0 -44
package/src/lib/cryptography/slip39.service.ts +0 -204
package/src/lib/cryptography/web-crypto.service.ts +0 -22
package/src/lib/life-ready.config.ts +0 -127
package/src/lib/life-ready.module.ts +0 -81
package/src/lib/plan/plan.gql.ts +0 -133
package/src/lib/plan/plan.service.spec.ts +0 -294
package/src/lib/plan/plan.service.ts +0 -198
package/src/lib/plan/plan.types.ts +0 -37
package/src/lib/record/record-attachment.service.spec.ts +0 -31
package/src/lib/record/record-attachment.service.ts +0 -101
package/src/lib/record/record.gql.ts +0 -192
package/src/lib/record/record.service.spec.ts +0 -598
package/src/lib/record/record.service.ts +0 -236
package/src/lib/record/record.types.ts +0 -86
package/src/lib/record-type/record-type.service.spec.ts +0 -16
package/src/lib/record-type/record-type.service.ts +0 -71
package/src/lib/record-type/record-type.types.ts +0 -58
package/src/lib/scenario/approvals/scenario-approval.gql.ts +0 -112
package/src/lib/scenario/approvals/scenario-approval.types.ts +0 -85
package/src/lib/scenario/approvals/scenario-approver.service.spec.ts +0 -16
package/src/lib/scenario/approvals/scenario-approver.service.ts +0 -422
package/src/lib/scenario/claimants/scenario-claimant.gql.ts +0 -56
package/src/lib/scenario/claimants/scenario-claimant.service.spec.ts +0 -16
package/src/lib/scenario/claimants/scenario-claimant.service.ts +0 -100
package/src/lib/scenario/claimants/scenario-claimant.types.ts +0 -21
package/src/lib/scenario/receivers/scenario-receiver.gql.ts +0 -157
package/src/lib/scenario/receivers/scenario-receiver.service.spec.ts +0 -16
package/src/lib/scenario/receivers/scenario-receiver.service.ts +0 -278
package/src/lib/scenario/receivers/scenario-receiver.types.ts +0 -66
package/src/lib/scenario/scenario-setup.service.spec.ts +0 -22
package/src/lib/scenario/scenario-setup.service.ts +0 -369
package/src/lib/scenario/scenario.gql.ts +0 -404
package/src/lib/scenario/scenario.service.spec.ts +0 -1586
package/src/lib/scenario/scenario.service.ts +0 -811
package/src/lib/scenario/scenario.types.ts +0 -258
package/src/lib/search/search.gql.ts +0 -62
package/src/lib/search/search.service.spec.ts +0 -57
package/src/lib/search/search.service.ts +0 -174
package/src/lib/search/search.types.ts +0 -24
package/src/lib/trusted-parties/tp-password-reset-request.service.ts +0 -140
package/src/lib/trusted-parties/tp-password-reset-user.service.ts +0 -359
package/src/lib/trusted-parties/tp-password-reset.gql.ts +0 -453
package/src/lib/trusted-parties/tp-password-reset.service.spec.ts +0 -602
package/src/lib/trusted-parties/tp-password-reset.service.ts +0 -482
package/src/lib/trusted-parties/trusted-party.gql.ts +0 -159
package/src/lib/trusted-parties/trusted-party.service.spec.ts +0 -1008
package/src/lib/trusted-parties/trusted-party.service.ts +0 -394
package/src/lib/trusted-parties/trusted-party.types.ts +0 -119
package/src/lib/trusted-parties/trusted-party2.gql.ts +0 -165
package/src/lib/trusted-parties/trusted-party2.service.spec.ts +0 -1782
package/src/lib/trusted-parties/trusted-party2.service.ts +0 -272
package/src/lib/users/profile-details.service.spec.ts +0 -45
package/src/lib/users/profile-details.service.ts +0 -278
package/src/lib/users/profile.gql.ts +0 -108
package/src/lib/users/profile.service.spec.ts +0 -97
package/src/lib/users/profile.service.ts +0 -224
package/src/lib/users/profile.types.ts +0 -101
package/src/lib/users/user.gql.ts +0 -69
package/src/lib/users/user.service.spec.ts +0 -161
package/src/lib/users/user.service.ts +0 -72
package/src/lib/users/user.types.ts +0 -27
package/src/test.ts +0 -21
package/tsconfig.lib.json +0 -21
package/tsconfig.lib.prod.json +0 -6
package/tsconfig.spec.json +0 -10
package/tslint.json +0 -17

package/esm2015/lib/auth/life-ready-auth.service.js ADDED Viewed

@@ -0,0 +1,500 @@
+import { __awaiter } from "tslib";
+import { Inject, Injectable, isDevMode } from '@angular/core';
+import { Hub } from '@aws-amplify/core';
+import { ReplaySubject } from 'rxjs';
+import { KeyGraphService } from '../cryptography/key-graph.service';
+import { KeyService } from '../cryptography/key.service';
+import { ProfileService } from '../users/profile.service';
+import { PasswordChangeStatus } from '../users/profile.types';
+import { LrConcurrentAccessException, LrBadRequestException, LrBadStateException, LrException, } from '../_common/exceptions';
+import { RecoveryStatus, } from './auth.types';
+import { PasswordService } from './password.service';
+import { AuthClass } from '@aws-amplify/auth/lib-esm/Auth';
+import { CompleteTpPasswordResetRequestMutation, CreateTpAssemblyKeyChallengeMutation, PreCompleteTpPasswordResetRequestMutation, TpPasswordResetUserQuery, } from '../trusted-parties/tp-password-reset.gql';
+import { IdleService } from './idle.service';
+import { KeyFactoryService } from '../cryptography/key-factory.service';
+import { LrGraphQLService, LrMutation } from '../api/lr-graphql';
+import { TpClaimState } from '../api/types';
+import { TpPasswordResetProcessorService } from '../api/query-processor/tp-password-reset-processor.service';
+import { SetSessionEncryptionKeyMutation } from './auth.gql';
+import { PersistService } from '../api/persist.service';
+import { JWK } from 'node-jose';
+import { LR_CONFIG } from '../life-ready.config';
+import { EncryptionService } from '../cryptography/encryption.service';
+import { Slip39Service } from '../cryptography/slip39.service';
+import { TP_PASSWORD_RESET_CLIENT_NONCE_LENGTH, TP_PASSWORD_RESET_SLIP39_PASSPHRASE, TP_PASSWORD_RESET_USERNAME_SUFFIX, } from '../trusted-parties/tp-password-reset.constants';
+import * as i0 from "@angular/core";
+import * as i1 from "../life-ready.config";
+import * as i2 from "@aws-amplify/auth/lib-esm/Auth";
+import * as i3 from "../cryptography/key-factory.service";
+import * as i4 from "../cryptography/key.service";
+import * as i5 from "../users/profile.service";
+import * as i6 from "../cryptography/key-graph.service";
+import * as i7 from "./password.service";
+import * as i8 from "./idle.service";
+import * as i9 from "../api/lr-graphql/lr-graphql.service";
+import * as i10 from "../api/query-processor/tp-password-reset-processor.service";
+import * as i11 from "../api/persist.service";
+import * as i12 from "../cryptography/encryption.service";
+import * as i13 from "../cryptography/slip39.service";
+export const initialiseAuth = (authService) => {
+    return () => authService.initialise();
+};
+export class LifeReadyAuthService {
+    constructor(config, auth, keyFactory, keyService, profileService, keyGraphService, passwordService, idleService, lrGraphQL, tpPasswordResetProcessorService, persistService, encryptionService, slip39Service) {
+        this.config = config;
+        this.auth = auth;
+        this.keyFactory = keyFactory;
+        this.keyService = keyService;
+        this.profileService = profileService;
+        this.keyGraphService = keyGraphService;
+        this.passwordService = passwordService;
+        this.idleService = idleService;
+        this.lrGraphQL = lrGraphQL;
+        this.tpPasswordResetProcessorService = tpPasswordResetProcessorService;
+        this.persistService = persistService;
+        this.encryptionService = encryptionService;
+        this.slip39Service = slip39Service;
+        this.hubSubject = new ReplaySubject(1);
+    }
+    initialise() {
+        return __awaiter(this, void 0, void 0, function* () {
+            Hub.listen('auth', (data) => this.hubSubject.next(data.payload));
+        });
+    }
+    loginIdpImpl(emailOrPhone, password, passIdpParams, recoveryStatus) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const passIdpResult = yield this.keyFactory.derivePassIdp(Object.assign({ password }, passIdpParams));
+            // Use the derived password to signin with cognito
+            const user = yield this.auth.signIn(emailOrPhone, this.passwordService.getPassIdpString(passIdpResult.jwk));
+            user.recoveryStatus = recoveryStatus;
+            return user;
+        });
+    }
+    loginIdp(emailOrPhone, password) {
+        return __awaiter(this, void 0, void 0, function* () {
+            // Download the salt needed to derive the PassIdp
+            const passIdpApiResult = yield this.profileService.getPassIdpParams(emailOrPhone);
+            if (passIdpApiResult.passwordChangeStatus === PasswordChangeStatus.InProgress) {
+                throw new LrConcurrentAccessException('A password change is in progress');
+            }
+            if (passIdpApiResult.passwordChangeStatus === PasswordChangeStatus.Recovery) {
+                console.log('In recovery mode.');
+                // Let's say we don't know if the password is the new one or the old one. We just have to try both.
+                try {
+                    const user = yield this.loginIdpImpl(emailOrPhone, password, passIdpApiResult.newPassIdpParams, RecoveryStatus.NEW_PASSWORD);
+                    // New password worked. Let's set to the current password
+                    // --Potential Failure Point 1--
+                    // if changePasswordComplete() doesn't get called, then it should remain
+                    console.log('New password works!');
+                    return user;
+                }
+                catch (error) {
+                    // Just bubble up any other type of error.
+                    if (error.code !== 'NotAuthorizedException') {
+                        throw error;
+                    }
+                    // pass, try again assuming it's the old password
+                }
+                // Now assume it's the previous password. Any exception is allowed to bubble up.
+                try {
+                    const user = yield this.loginIdpImpl(emailOrPhone, password, passIdpApiResult.currentPassIdpParams, RecoveryStatus.OLD_PASSWORD);
+                    // Old password worked.
+                    console.log('Old password works!');
+                    return user;
+                }
+                catch (error) {
+                    // Just bubble up any other type of error.
+                    throw error.code === 'NotAuthorizedException'
+                        ? new LrBadRequestException('The password change request was interrupted, please try to login with both your new and old password')
+                        : error;
+                }
+            }
+            // Try against as the TP password reset account
+            if (passIdpApiResult.tpPasswordReset) {
+                try {
+                    // TP password reset is in process. We need to try the password against both
+                    // original account and the new reset account.
+                    const reset = passIdpApiResult.tpPasswordReset;
+                    const ret = yield this.loginIdpImpl(reset.resetUsername, password, reset.passIdpParams, RecoveryStatus.NONE);
+                    ret.isTpPasswordResetUser = true;
+                    return ret;
+                }
+                catch (err) {
+                    // continue, try again as regular user.
+                }
+            }
+            // Login as regular user
+            return yield this.loginIdpImpl(emailOrPhone, password, passIdpApiResult.currentPassIdpParams, RecoveryStatus.NONE);
+        });
+    }
+    handleSessionEncryptionKey() {
+        return __awaiter(this, void 0, void 0, function* () {
+            if (this.config.disableSessionEncryptionKey) {
+                if (!isDevMode()) {
+                    const msg = 'You should not set disableSessionEncryptionKey=True in mode prod. It defaults to false.';
+                    console.error(msg);
+                    throw new Error(msg);
+                }
+                else {
+                    console.warn('You have set disableSessionEncryptionKey=True. Make sure not to do this in prod mode.');
+                }
+            }
+            else {
+                // Set the session key to a new encryption key for this session
+                const sessionEncryptionKey = yield this.keyFactory.createKey();
+                yield this.lrGraphQL.lrMutate(new LrMutation({
+                    mutation: SetSessionEncryptionKeyMutation,
+                    variables: {
+                        input: {
+                            sessionEncryptionKey: JSON.stringify(sessionEncryptionKey.toJSON(true)),
+                        },
+                    },
+                }), {
+                    includeKeyGraph: false,
+                });
+                this.persistService.setServerSessionEncryptionKey(sessionEncryptionKey);
+            }
+        });
+    }
+    handlePostAuth(cognitoUser) {
+        return __awaiter(this, void 0, void 0, function* () {
+            yield this.handlePasswordRecovery(cognitoUser);
+            yield this.handleSessionEncryptionKey();
+        });
+    }
+    login(emailOrPhone, password, { tpPasswordResetAutoComplete = true } = {}) {
+        var _a;
+        return __awaiter(this, void 0, void 0, function* () {
+            let loginResult = yield this.loginImpl(emailOrPhone, password);
+            if (tpPasswordResetAutoComplete &&
+                ((_a = loginResult.resetUser) === null || _a === void 0 ? void 0 : _a.state) === TpClaimState.APPROVED) {
+                yield this.completeRequest(password);
+                loginResult = yield this.loginImpl(emailOrPhone, password);
+            }
+            return loginResult;
+        });
+    }
+    loginImpl(emailOrPhone, password) {
+        return __awaiter(this, void 0, void 0, function* () {
+            yield this.logout();
+            const cognitoUser = yield this.loginIdp(emailOrPhone, password);
+            // todo: Meet MFA challenges.
+            if (['SMS_MFA', 'SOFTWARE_TOKEN_MFA'].includes(cognitoUser.challengeName)) {
+                return { hasChallenge: true, challenge: cognitoUser };
+            }
+            yield this.handlePostAuth(cognitoUser);
+            if (cognitoUser.isTpPasswordResetUser) {
+                // Assuming there is no MFA on the TP reset user.
+                const resetUser = yield this.loadResetUser(password);
+                return { hasChallenge: false, resetUser };
+            }
+            else {
+                const user = yield this.loadUser(cognitoUser, password);
+                yield this.idleService.start(); // Run idleService whenever user is logged in.
+                return { hasChallenge: false, user };
+            }
+        });
+    }
+    // TODO <AZ> We need to handle the isTpPasswordResetUser=True case here after MFA as well.
+    verifyLogin(challenge, password, rememberMe, code) {
+        return __awaiter(this, void 0, void 0, function* () {
+            yield this.auth.confirmSignIn(challenge, code, challenge.challengeName);
+            // TODO: this.auth.confirmSignIn() could return another challenge.
+            const cognitoUser = yield this.auth.currentAuthenticatedUser();
+            yield this.handlePostAuth(challenge);
+            const user = yield this.loadUser(cognitoUser, password);
+            if (rememberMe) {
+                cognitoUser.setDeviceStatusRemembered({
+                    onSuccess: () => { },
+                    onFailure: (e) => console.error(e),
+                });
+            }
+            return user;
+        });
+    }
+    handlePasswordRecovery(user) {
+        return __awaiter(this, void 0, void 0, function* () {
+            if (user.recoveryStatus !== RecoveryStatus.NONE) {
+                const jwtToken = user
+                    .getSignInUserSession()
+                    .getAccessToken()
+                    .getJwtToken();
+                yield this.passwordService.changePasswordComplete(jwtToken, user.recoveryStatus === RecoveryStatus.NEW_PASSWORD);
+            }
+        });
+    }
+    getUserOrResetUser(reload = false) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const cognitoUser = yield this.auth.currentAuthenticatedUser();
+            if (cognitoUser.getUsername().endsWith(TP_PASSWORD_RESET_USERNAME_SUFFIX)) {
+                return this.getResetUser(reload);
+            }
+            else {
+                return this.getUser(reload);
+            }
+        });
+    }
+    getResetUser(reload = false) {
+        return __awaiter(this, void 0, void 0, function* () {
+            if (!reload && this.currentResetUser) {
+                return this.currentResetUser;
+            }
+            this.currentResetUser = yield this.loadResetUser();
+            yield this.idleService.start(); // Run idleService whenever user is logged in.
+            return this.currentResetUser;
+        });
+    }
+    getUser(reload = false) {
+        return __awaiter(this, void 0, void 0, function* () {
+            if (!reload && this.currentUser) {
+                return this.currentUser;
+            }
+            this.currentUser = yield this.loadUser(yield this.auth.currentAuthenticatedUser());
+            console.log('Starting idle service.');
+            yield this.idleService.start(); // Run idleService whenever user is logged in.
+            return this.currentUser;
+        });
+    }
+    mapTPVaultAccess(features) {
+        const tpVaultFeature = features === null || features === void 0 ? void 0 : features.tpVault;
+        return ((tpVaultFeature === null || tpVaultFeature === void 0 ? void 0 : tpVaultFeature.length) > 0 &&
+            tpVaultFeature.some((feature) => feature.toUpperCase() === 'ACCESS'));
+    }
+    loadUser(cognitoUser, password) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const { currentUser, contactCard, userPlans, } = yield this.profileService.getCurrentUser();
+            if (currentUser.sessionEncryptionKey) {
+                this.persistService.setServerSessionEncryptionKey(yield JWK.asKey(currentUser.sessionEncryptionKey));
+            }
+            const userAttributes = yield this.auth.userAttributes(cognitoUser);
+            if (password) {
+                const passKey = (yield this.keyFactory.derivePassKey(Object.assign({ password }, currentUser.currentUserKey.passKey.passKeyParams))).jwk;
+                yield this.idleService.persistMasterKey(yield this.keyGraphService.unwrapWithPassKey(currentUser.currentUserKey.passKey.id, passKey, currentUser.currentUserKey.masterKey.id));
+            }
+            yield this.keyGraphService.populateKeys(currentUser.currentUserKey);
+            return {
+                id: currentUser.id,
+                sub: this.getUserAttribute('sub', userAttributes),
+                username: currentUser.username,
+                currentUserKey: currentUser.currentUserKey,
+                getAccessJwtToken: () => cognitoUser.getSignInUserSession().getAccessToken().getJwtToken(),
+                email: this.getUserAttribute('email', userAttributes),
+                emailVerified: this.getUserAttribute('email_verified', userAttributes) === 'true',
+                phone: this.getUserAttribute('phone_number', userAttributes),
+                phoneVerified: this.getUserAttribute('phone_number_verified', userAttributes) ===
+                    'true',
+                contactCard: Object.assign({}, (yield this.profileService.decryptContactCard(contactCard))),
+                userDelete: currentUser.userDelete,
+                userPlans,
+                hasTPVaultAccess: this.mapTPVaultAccess(currentUser.features),
+                features: currentUser.features,
+                sessionEncryptionKey: currentUser.sessionEncryptionKey,
+            };
+        });
+    }
+    watchAuth() {
+        return this.hubSubject;
+    }
+    logout() {
+        return __awaiter(this, void 0, void 0, function* () {
+            this.currentUser = null;
+            this.keyService.purgeKeys();
+            this.keyGraphService.purgeKeys();
+            yield Promise.all([this.auth.signOut(), this.profileService.signOut()]);
+        });
+    }
+    getUserAttribute(attributeName, userAttributes) {
+        const userAttribute = userAttributes.find((x) => x.getName() === attributeName);
+        return userAttribute ? userAttribute.getValue() : null;
+    }
+    loadResetUser(password) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const { tpPasswordResetUser: resetUser } = yield this.lrGraphQL.query({
+                query: TpPasswordResetUserQuery,
+            });
+            if (resetUser.sessionEncryptionKey) {
+                this.persistService.setServerSessionEncryptionKey(yield JWK.asKey(resetUser.sessionEncryptionKey));
+            }
+            // Update the keys
+            if (password) {
+                const passKey = (yield this.keyFactory.derivePassKey(Object.assign({ password }, resetUser.passKey.passKeyParams))).jwk;
+                yield this.idleService.persistMasterKey(yield this.keyGraphService.unwrapWithPassKey(resetUser.passKey.id, passKey, resetUser.masterKey.id));
+            }
+            this.keyService.populateKeys({
+                passKey: {
+                    id: resetUser.passKey.id,
+                },
+                masterKey: {
+                    id: resetUser.masterKey.id,
+                },
+            });
+            const userAttributes = yield this.auth.userAttributes(yield this.auth.currentAuthenticatedUser());
+            const sub = this.getUserAttribute('sub', userAttributes);
+            return Object.assign(Object.assign({}, (yield this.tpPasswordResetProcessorService.processTpPasswordResetUserNode(resetUser))), { sub });
+        });
+    }
+    refreshAccessToken() {
+        return __awaiter(this, void 0, void 0, function* () {
+            const cognitoUser = yield this.auth.currentAuthenticatedUser();
+            const refreshToken = cognitoUser.getSignInUserSession().getRefreshToken();
+            return new Promise((resolve, reject) => {
+                cognitoUser.refreshSession(refreshToken, (err, data) => {
+                    if (err) {
+                        console.error('Error refreshing token: ', err);
+                        reject(err);
+                    }
+                    else {
+                        console.log('Token refresh complete: ', data);
+                        resolve(0);
+                    }
+                });
+            });
+        });
+    }
+    completeRequest(newPassword) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const resetUser = yield this.getResetUser(true);
+            if (resetUser.state !== TpClaimState.APPROVED) {
+                throw new LrBadStateException('Password reset request has not been approved.');
+            }
+            // --------------------------------------------------------------
+            // Prepare all materials to ensure there are no errors.
+            // --------------------------------------------------------------
+            const assemblyKey = yield this.recoverAssemblyKey(resetUser);
+            const { rootKey } = yield this.encryptionService.decrypt(assemblyKey, resetUser.assemblyCipherData);
+            console.log(rootKey);
+            // Making sure it's a valid key.
+            const rootKeyJwk = yield JWK.asKey(rootKey);
+            const masterKey = yield this.keyGraphService.getKey(resetUser.masterKey.id);
+            const masterKeyWrappedRootKey = yield this.encryptionService.encryptToString(masterKey.jwk, rootKeyJwk.toJSON(true));
+            // The new password
+            const newPassIdpResult = yield this.keyFactory.derivePassIdp(Object.assign({ password: newPassword }, resetUser.passKey.passIdpParams));
+            const newIdpPassword = this.passwordService.getPassIdpString(newPassIdpResult.jwk);
+            // --------------------------------------------------------------
+            // Get assembly key challenge
+            // --------------------------------------------------------------
+            const challenge = (yield this.lrGraphQL.lrMutate(new LrMutation({
+                mutation: CreateTpAssemblyKeyChallengeMutation,
+                variables: {
+                    input: {},
+                },
+            }), {
+                includeKeyGraph: false,
+            })).createTpAssemblyKeyChallenge.challenge;
+            console.log(challenge);
+            // Sign the challenge
+            // Generate a client side nonce that's no in the server's control.
+            challenge.clientNonce = this.keyFactory.randomString(TP_PASSWORD_RESET_CLIENT_NONCE_LENGTH);
+            console.log(challenge);
+            const assemblyKeyVerifierPrk = yield this.encryptionService.decrypt(assemblyKey, resetUser.wrappedAssemblyKeyVerifierPrk);
+            const signedChallenge = yield this.encryptionService.sign(assemblyKeyVerifierPrk, challenge);
+            // --------------------------------------------------------------
+            // Change password for the original user
+            // --------------------------------------------------------------
+            const tempIdpPassword = (yield this.lrGraphQL.lrMutate(new LrMutation({
+                mutation: PreCompleteTpPasswordResetRequestMutation,
+                variables: {
+                    input: {
+                        signedChallenge: JSON.stringify(signedChallenge),
+                    },
+                },
+            }), {
+                includeKeyGraph: false,
+            })).preCompleteTpPasswordResetRequest.idpPassword;
+            // --------------------------------------------------------------
+            // Login as the original user using new temporary password
+            // --------------------------------------------------------------
+            // At this point, the original account's password has been changed
+            // to a temporary password. It is no longer possible for the user
+            // to use the original password to login. Any successful login
+            // can only be using the temporary password. So it's safe to assume
+            // that we want to "complete" the password reset.
+            // The maybe 2FA so we listen for the auth event from Amplify.
+            const retPromise = new Promise((resolve) => {
+                const listener = (data) => __awaiter(this, void 0, void 0, function* () {
+                    if (data.payload.event !== 'signIn') {
+                        return;
+                    }
+                    Hub.remove('auth', listener);
+                    console.log(data.payload);
+                    yield this.auth.signIn(resetUser.username, newIdpPassword);
+                    // Switch over to the new set of keys
+                    yield this.lrGraphQL.lrMutate(new LrMutation({
+                        mutation: CompleteTpPasswordResetRequestMutation,
+                        variables: {
+                            input: {
+                                masterKeyWrappedRootKey,
+                                masterKeyId: masterKey.id,
+                            },
+                        },
+                    }));
+                    resolve();
+                });
+                Hub.listen('auth', listener);
+            });
+            // Signin as the original user. Password has been reset to temporary one. It should return
+            // with NEW_PASSWORD_REQUIRED
+            let user = yield this.auth.signIn(resetUser.username, tempIdpPassword, {
+                noProxy: 'true',
+            });
+            if (user.challengeName !== 'NEW_PASSWORD_REQUIRED') {
+                throw new LrException({
+                    message: 'Internal error. Expecting Cognito to have done a password reset after call to PreCompleteTpPasswordResetRequestMutation.',
+                });
+            }
+            // Set new password on Idp
+            // the awsFetch() function passes NEW_PASSWORD_REQUIRED directly to AWS without
+            // going through the proxy.
+            user = yield this.auth.completeNewPassword(user, newIdpPassword, {});
+            return retPromise;
+        });
+    }
+    recoverAssemblyKey(resetUser) {
+        return __awaiter(this, void 0, void 0, function* () {
+            // Recover the assembly key.
+            let assemblyKeyParams;
+            const prk = yield this.keyGraphService.getKey(resetUser.pxk.id);
+            const shares = yield Promise.all(resetUser.approvals
+                .filter((approval) => !!approval.receiverCipherPartialAssemblyKey)
+                .map((approval) => __awaiter(this, void 0, void 0, function* () {
+                const partialAssemblyKey = yield this.encryptionService.decrypt(prk, approval.receiverCipherPartialAssemblyKey);
+                if (assemblyKeyParams) {
+                    if (JSON.stringify(assemblyKeyParams) !==
+                        JSON.stringify(partialAssemblyKey.assemblyKeyParams)) {
+                        throw new LrBadStateException('The assembly key parameters are different between the approvals.');
+                    }
+                }
+                else {
+                    assemblyKeyParams = partialAssemblyKey.assemblyKeyParams;
+                }
+                return partialAssemblyKey.slip39.share.mnemonics;
+            })));
+            console.log('recoverAssemblyKey()', shares);
+            const rawAssemblyKey = yield this.slip39Service.recoverSecret(shares, TP_PASSWORD_RESET_SLIP39_PASSPHRASE);
+            return JWK.asKey(Object.assign(Object.assign({}, assemblyKeyParams), { k: rawAssemblyKey }));
+        });
+    }
+}
+LifeReadyAuthService.ɵprov = i0.ɵɵdefineInjectable({ factory: function LifeReadyAuthService_Factory() { return new LifeReadyAuthService(i0.ɵɵinject(i1.LR_CONFIG), i0.ɵɵinject(i2.AuthClass), i0.ɵɵinject(i3.KeyFactoryService), i0.ɵɵinject(i4.KeyService), i0.ɵɵinject(i5.ProfileService), i0.ɵɵinject(i6.KeyGraphService), i0.ɵɵinject(i7.PasswordService), i0.ɵɵinject(i8.IdleService), i0.ɵɵinject(i9.LrGraphQLService), i0.ɵɵinject(i10.TpPasswordResetProcessorService), i0.ɵɵinject(i11.PersistService), i0.ɵɵinject(i12.EncryptionService), i0.ɵɵinject(i13.Slip39Service)); }, token: LifeReadyAuthService, providedIn: "root" });
+LifeReadyAuthService.decorators = [
+    { type: Injectable, args: [{
+                providedIn: 'root',
+            },] }
+];
+LifeReadyAuthService.ctorParameters = () => [
+    { type: undefined, decorators: [{ type: Inject, args: [LR_CONFIG,] }] },
+    { type: AuthClass },
+    { type: KeyFactoryService },
+    { type: KeyService },
+    { type: ProfileService },
+    { type: KeyGraphService },
+    { type: PasswordService },
+    { type: IdleService },
+    { type: LrGraphQLService },
+    { type: TpPasswordResetProcessorService },
+    { type: PersistService },
+    { type: EncryptionService },
+    { type: Slip39Service }
+];
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoibGlmZS1yZWFkeS1hdXRoLnNlcnZpY2UuanMiLCJzb3VyY2VSb290IjoiL29wdC9hdGxhc3NpYW4vcGlwZWxpbmVzL2FnZW50L2J1aWxkL3Byb2plY3RzL2NvcmUvc3JjLyIsInNvdXJjZXMiOlsibGliL2F1dGgvbGlmZS1yZWFkeS1hdXRoLnNlcnZpY2UudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IjtBQUFBLE9BQU8sRUFBRSxNQUFNLEVBQUUsVUFBVSxFQUFFLFNBQVMsRUFBRSxNQUFNLGVBQWUsQ0FBQztBQUU5RCxPQUFPLEVBQUUsR0FBRyxFQUFFLE1BQU0sbUJBQW1CLENBQUM7QUFFeEMsT0FBTyxFQUFjLGFBQWEsRUFBRSxNQUFNLE1BQU0sQ0FBQztBQUVqRCxPQUFPLEVBQUUsZUFBZSxFQUFFLE1BQU0sbUNBQW1DLENBQUM7QUFDcEUsT0FBTyxFQUFFLFVBQVUsRUFBRSxNQUFNLDZCQUE2QixDQUFDO0FBQ3pELE9BQU8sRUFBRSxjQUFjLEVBQUUsTUFBTSwwQkFBMEIsQ0FBQztBQUMxRCxPQUFPLEVBQUUsb0JBQW9CLEVBQUUsTUFBTSx3QkFBd0IsQ0FBQztBQUM5RCxPQUFPLEVBQ0wsMkJBQTJCLEVBQzNCLHFCQUFxQixFQUNyQixtQkFBbUIsRUFDbkIsV0FBVyxHQUNaLE1BQU0sdUJBQXVCLENBQUM7QUFDL0IsT0FBTyxFQUtMLGNBQWMsR0FDZixNQUFNLGNBQWMsQ0FBQztBQUN0QixPQUFPLEVBQUUsZUFBZSxFQUFFLE1BQU0sb0JBQW9CLENBQUM7QUFDckQsT0FBTyxFQUFFLFNBQVMsRUFBRSxNQUFNLGdDQUFnQyxDQUFDO0FBQzNELE9BQU8sRUFDTCxzQ0FBc0MsRUFDdEMsb0NBQW9DLEVBQ3BDLHlDQUF5QyxFQUN6Qyx3QkFBd0IsR0FDekIsTUFBTSwwQ0FBMEMsQ0FBQztBQUNsRCxPQUFPLEVBQUUsV0FBVyxFQUFFLE1BQU0sZ0JBQWdCLENBQUM7QUFDN0MsT0FBTyxFQUFFLGlCQUFpQixFQUFFLE1BQU0scUNBQXFDLENBQUM7QUFDeEUsT0FBTyxFQUFFLGdCQUFnQixFQUFFLFVBQVUsRUFBRSxNQUFNLG1CQUFtQixDQUFDO0FBQ2pFLE9BQU8sRUFBRSxZQUFZLEVBQTJCLE1BQU0sY0FBYyxDQUFDO0FBQ3JFLE9BQU8sRUFBRSwrQkFBK0IsRUFBRSxNQUFNLDREQUE0RCxDQUFDO0FBQzdHLE9BQU8sRUFBRSwrQkFBK0IsRUFBRSxNQUFNLFlBQVksQ0FBQztBQUM3RCxPQUFPLEVBQUUsY0FBYyxFQUFFLE1BQU0sd0JBQXdCLENBQUM7QUFDeEQsT0FBTyxFQUFFLEdBQUcsRUFBRSxNQUFNLFdBQVcsQ0FBQztBQUNoQyxPQUFPLEVBQW1CLFNBQVMsRUFBRSxNQUFNLHNCQUFzQixDQUFDO0FBQ2xFLE9BQU8sRUFBRSxpQkFBaUIsRUFBRSxNQUFNLG9DQUFvQyxDQUFDO0FBQ3ZFLE9BQU8sRUFBRSxhQUFhLEVBQUUsTUFBTSxnQ0FBZ0MsQ0FBQztBQUMvRCxPQUFPLEVBQ0wscUNBQXFDLEVBQ3JDLG1DQUFtQyxFQUNuQyxpQ0FBaUMsR0FDbEMsTUFBTSxnREFBZ0QsQ0FBQzs7Ozs7Ozs7Ozs7Ozs7O0FBRXhELE1BQU0sQ0FBQyxNQUFNLGNBQWMsR0FBRyxDQUFDLFdBQWlDLEVBQUUsRUFBRTtJQUNsRSxPQUFPLEdBQUcsRUFBRSxDQUFDLFdBQVcsQ0FBQyxVQUFVLEVBQUUsQ0FBQztBQUN4QyxDQUFDLENBQUM7QUFTRixNQUFNLE9BQU8sb0JBQW9CO0lBSy9CLFlBQzZCLE1BQXVCLEVBQzFDLElBQWUsRUFDZixVQUE2QixFQUM3QixVQUFzQixFQUN0QixjQUE4QixFQUM5QixlQUFnQyxFQUNoQyxlQUFnQyxFQUNoQyxXQUF3QixFQUN4QixTQUEyQixFQUMzQiwrQkFBZ0UsRUFDaEUsY0FBOEIsRUFDOUIsaUJBQW9DLEVBQ3BDLGFBQTRCO1FBWlQsV0FBTSxHQUFOLE1BQU0sQ0FBaUI7UUFDMUMsU0FBSSxHQUFKLElBQUksQ0FBVztRQUNmLGVBQVUsR0FBVixVQUFVLENBQW1CO1FBQzdCLGVBQVUsR0FBVixVQUFVLENBQVk7UUFDdEIsbUJBQWMsR0FBZCxjQUFjLENBQWdCO1FBQzlCLG9CQUFlLEdBQWYsZUFBZSxDQUFpQjtRQUNoQyxvQkFBZSxHQUFmLGVBQWUsQ0FBaUI7UUFDaEMsZ0JBQVcsR0FBWCxXQUFXLENBQWE7UUFDeEIsY0FBUyxHQUFULFNBQVMsQ0FBa0I7UUFDM0Isb0NBQStCLEdBQS9CLCtCQUErQixDQUFpQztRQUNoRSxtQkFBYyxHQUFkLGNBQWMsQ0FBZ0I7UUFDOUIsc0JBQWlCLEdBQWpCLGlCQUFpQixDQUFtQjtRQUNwQyxrQkFBYSxHQUFiLGFBQWEsQ0FBZTtRQWpCOUIsZUFBVSxHQUF1QixJQUFJLGFBQWEsQ0FBTSxDQUFDLENBQUMsQ0FBQztJQWtCaEUsQ0FBQztJQUVTLFVBQVU7O1lBQ3JCLEdBQUcsQ0FBQyxNQUFNLENBQUMsTUFBTSxFQUFFLENBQUMsSUFBSSxFQUFFLEVBQUUsQ0FBQyxJQUFJLENBQUMsVUFBVSxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsT0FBTyxDQUFDLENBQUMsQ0FBQztRQUNuRSxDQUFDO0tBQUE7SUFFYSxZQUFZLENBQ3hCLFlBQW9CLEVBQ3BCLFFBQWdCLEVBQ2hCLGFBQTRCLEVBQzVCLGNBQThCOztZQUU5QixNQUFNLGFBQWEsR0FBRyxNQUFNLElBQUksQ0FBQyxVQUFVLENBQUMsYUFBYSxpQkFDdkQsUUFBUSxJQUNMLGFBQWEsRUFDaEIsQ0FBQztZQUNILGtEQUFrRDtZQUNsRCxNQUFNLElBQUksR0FBRyxNQUFNLElBQUksQ0FBQyxJQUFJLENBQUMsTUFBTSxDQUNqQyxZQUFZLEVBQ1osSUFBSSxDQUFDLGVBQWUsQ0FBQyxnQkFBZ0IsQ0FBQyxhQUFhLENBQUMsR0FBRyxDQUFDLENBQ3pELENBQUM7WUFFRixJQUFJLENBQUMsY0FBYyxHQUFHLGNBQWMsQ0FBQztZQUVyQyxPQUFPLElBQUksQ0FBQztRQUNkLENBQUM7S0FBQTtJQUVhLFFBQVEsQ0FDcEIsWUFBb0IsRUFDcEIsUUFBZ0I7O1lBRWhCLGlEQUFpRDtZQUNqRCxNQUFNLGdCQUFnQixHQUFHLE1BQU0sSUFBSSxDQUFDLGNBQWMsQ0FBQyxnQkFBZ0IsQ0FDakUsWUFBWSxDQUNiLENBQUM7WUFFRixJQUNFLGdCQUFnQixDQUFDLG9CQUFvQixLQUFLLG9CQUFvQixDQUFDLFVBQVUsRUFDekU7Z0JBQ0EsTUFBTSxJQUFJLDJCQUEyQixDQUFDLGtDQUFrQyxDQUFDLENBQUM7YUFDM0U7WUFFRCxJQUNFLGdCQUFnQixDQUFDLG9CQUFvQixLQUFLLG9CQUFvQixDQUFDLFFBQVEsRUFDdkU7Z0JBQ0EsT0FBTyxDQUFDLEdBQUcsQ0FBQyxtQkFBbUIsQ0FBQyxDQUFDO2dCQUNqQyxtR0FBbUc7Z0JBQ25HLElBQUk7b0JBQ0YsTUFBTSxJQUFJLEdBQUcsTUFBTSxJQUFJLENBQUMsWUFBWSxDQUNsQyxZQUFZLEVBQ1osUUFBUSxFQUNSLGdCQUFnQixDQUFDLGdCQUFnQixFQUNqQyxjQUFjLENBQUMsWUFBWSxDQUM1QixDQUFDO29CQUNGLHlEQUF5RDtvQkFFekQsZ0NBQWdDO29CQUNoQyx3RUFBd0U7b0JBRXhFLE9BQU8sQ0FBQyxHQUFHLENBQUMscUJBQXFCLENBQUMsQ0FBQztvQkFFbkMsT0FBTyxJQUFJLENBQUM7aUJBQ2I7Z0JBQUMsT0FBTyxLQUFLLEVBQUU7b0JBQ2QsMENBQTBDO29CQUMxQyxJQUFJLEtBQUssQ0FBQyxJQUFJLEtBQUssd0JBQXdCLEVBQUU7d0JBQzNDLE1BQU0sS0FBSyxDQUFDO3FCQUNiO29CQUNELGlEQUFpRDtpQkFDbEQ7Z0JBRUQsZ0ZBQWdGO2dCQUNoRixJQUFJO29CQUNGLE1BQU0sSUFBSSxHQUFHLE1BQU0sSUFBSSxDQUFDLFlBQVksQ0FDbEMsWUFBWSxFQUNaLFFBQVEsRUFDUixnQkFBZ0IsQ0FBQyxvQkFBb0IsRUFDckMsY0FBYyxDQUFDLFlBQVksQ0FDNUIsQ0FBQztvQkFDRix1QkFBdUI7b0JBQ3ZCLE9BQU8sQ0FBQyxHQUFHLENBQUMscUJBQXFCLENBQUMsQ0FBQztvQkFFbkMsT0FBTyxJQUFJLENBQUM7aUJBQ2I7Z0JBQUMsT0FBTyxLQUFLLEVBQUU7b0JBQ2QsMENBQTBDO29CQUMxQyxNQUFNLEtBQUssQ0FBQyxJQUFJLEtBQUssd0JBQXdCO3dCQUMzQyxDQUFDLENBQUMsSUFBSSxxQkFBcUIsQ0FDdkIsc0dBQXNHLENBQ3ZHO3dCQUNILENBQUMsQ0FBQyxLQUFLLENBQUM7aUJBQ1g7YUFDRjtZQUVELCtDQUErQztZQUMvQyxJQUFJLGdCQUFnQixDQUFDLGVBQWUsRUFBRTtnQkFDcEMsSUFBSTtvQkFDRiw0RUFBNEU7b0JBQzVFLDhDQUE4QztvQkFDOUMsTUFBTSxLQUFLLEdBQUcsZ0JBQWdCLENBQUMsZUFBZSxDQUFDO29CQUMvQyxNQUFNLEdBQUcsR0FBRyxNQUFNLElBQUksQ0FBQyxZQUFZLENBQ2pDLEtBQUssQ0FBQyxhQUFhLEVBQ25CLFFBQVEsRUFDUixLQUFLLENBQUMsYUFBYSxFQUNuQixjQUFjLENBQUMsSUFBSSxDQUNwQixDQUFDO29CQUNGLEdBQUcsQ0FBQyxxQkFBcUIsR0FBRyxJQUFJLENBQUM7b0JBRWpDLE9BQU8sR0FBRyxDQUFDO2lCQUNaO2dCQUFDLE9BQU8sR0FBRyxFQUFFO29CQUNaLHVDQUF1QztpQkFDeEM7YUFDRjtZQUVELHdCQUF3QjtZQUN4QixPQUFPLE1BQU0sSUFBSSxDQUFDLFlBQVksQ0FDNUIsWUFBWSxFQUNaLFFBQVEsRUFDUixnQkFBZ0IsQ0FBQyxvQkFBb0IsRUFDckMsY0FBYyxDQUFDLElBQUksQ0FDcEIsQ0FBQztRQUNKLENBQUM7S0FBQTtJQUVlLDBCQUEwQjs7WUFDeEMsSUFBSSxJQUFJLENBQUMsTUFBTSxDQUFDLDJCQUEyQixFQUFFO2dCQUMzQyxJQUFJLENBQUMsU0FBUyxFQUFFLEVBQUU7b0JBQ2hCLE1BQU0sR0FBRyxHQUNQLHlGQUF5RixDQUFDO29CQUM1RixPQUFPLENBQUMsS0FBSyxDQUFDLEdBQUcsQ0FBQyxDQUFDO29CQUNuQixNQUFNLElBQUksS0FBSyxDQUFDLEdBQUcsQ0FBQyxDQUFDO2lCQUN0QjtxQkFBTTtvQkFDTCxPQUFPLENBQUMsSUFBSSxDQUNWLHVGQUF1RixDQUN4RixDQUFDO2lCQUNIO2FBQ0Y7aUJBQU07Z0JBQ0wsK0RBQStEO2dCQUMvRCxNQUFNLG9CQUFvQixHQUFHLE1BQU0sSUFBSSxDQUFDLFVBQVUsQ0FBQyxTQUFTLEVBQUUsQ0FBQztnQkFDL0QsTUFBTSxJQUFJLENBQUMsU0FBUyxDQUFDLFFBQVEsQ0FDM0IsSUFBSSxVQUFVLENBQUM7b0JBQ2IsUUFBUSxFQUFFLCtCQUErQjtvQkFDekMsU0FBUyxFQUFFO3dCQUNULEtBQUssRUFBRTs0QkFDTCxvQkFBb0IsRUFBRSxJQUFJLENBQUMsU0FBUyxDQUNsQyxvQkFBb0IsQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFDLENBQ2xDO3lCQUNGO3FCQUNGO2lCQUNGLENBQUMsRUFDRjtvQkFDRSxlQUFlLEVBQUUsS0FBSztpQkFDdkIsQ0FDRixDQUFDO2dCQUVGLElBQUksQ0FBQyxjQUFjLENBQUMsNkJBQTZCLENBQUMsb0JBQW9CLENBQUMsQ0FBQzthQUN6RTtRQUNILENBQUM7S0FBQTtJQUVlLGNBQWMsQ0FBQyxXQUFpQzs7WUFDOUQsTUFBTSxJQUFJLENBQUMsc0JBQXNCLENBQUMsV0FBVyxDQUFDLENBQUM7WUFDL0MsTUFBTSxJQUFJLENBQUMsMEJBQTBCLEVBQUUsQ0FBQztRQUMxQyxDQUFDO0tBQUE7SUFFWSxLQUFLLENBQ2hCLFlBQW9CLEVBQ3BCLFFBQWdCLEVBQ2hCLEVBQUUsMkJBQTJCLEdBQUcsSUFBSSxLQUFtQixFQUFFOzs7WUFFekQsSUFBSSxXQUFXLEdBQUcsTUFBTSxJQUFJLENBQUMsU0FBUyxDQUFDLFlBQVksRUFBRSxRQUFRLENBQUMsQ0FBQztZQUUvRCxJQUNFLDJCQUEyQjtnQkFDM0IsT0FBQSxXQUFXLENBQUMsU0FBUywwQ0FBRSxLQUFLLE1BQUssWUFBWSxDQUFDLFFBQVEsRUFDdEQ7Z0JBQ0EsTUFBTSxJQUFJLENBQUMsZUFBZSxDQUFDLFFBQVEsQ0FBQyxDQUFDO2dCQUNyQyxXQUFXLEdBQUcsTUFBTSxJQUFJLENBQUMsU0FBUyxDQUFDLFlBQVksRUFBRSxRQUFRLENBQUMsQ0FBQzthQUM1RDtZQUVELE9BQU8sV0FBVyxDQUFDOztLQUNwQjtJQUVZLFNBQVMsQ0FDcEIsWUFBb0IsRUFDcEIsUUFBZ0I7O1lBRWhCLE1BQU0sSUFBSSxDQUFDLE1BQU0sRUFBRSxDQUFDO1lBQ3BCLE1BQU0sV0FBVyxHQUFHLE1BQU0sSUFBSSxDQUFDLFFBQVEsQ0FBQyxZQUFZLEVBQUUsUUFBUSxDQUFDLENBQUM7WUFFaEUsNkJBQTZCO1lBQzdCLElBQUksQ0FBQyxTQUFTLEVBQUUsb0JBQW9CLENBQUMsQ0FBQyxRQUFRLENBQUMsV0FBVyxDQUFDLGFBQWEsQ0FBQyxFQUFFO2dCQUN6RSxPQUFPLEVBQUUsWUFBWSxFQUFFLElBQUksRUFBRSxTQUFTLEVBQUUsV0FBVyxFQUFFLENBQUM7YUFDdkQ7WUFFRCxNQUFNLElBQUksQ0FBQyxjQUFjLENBQUMsV0FBVyxDQUFDLENBQUM7WUFFdkMsSUFBSSxXQUFXLENBQUMscUJBQXFCLEVBQUU7Z0JBQ3JDLGlEQUFpRDtnQkFDakQsTUFBTSxTQUFTLEdBQUcsTUFBTSxJQUFJLENBQUMsYUFBYSxDQUFDLFFBQVEsQ0FBQyxDQUFDO2dCQUNyRCxPQUFPLEVBQUUsWUFBWSxFQUFFLEtBQUssRUFBRSxTQUFTLEVBQUUsQ0FBQzthQUMzQztpQkFBTTtnQkFDTCxNQUFNLElBQUksR0FBRyxNQUFNLElBQUksQ0FBQyxRQUFRLENBQUMsV0FBVyxFQUFFLFFBQVEsQ0FBQyxDQUFDO2dCQUN4RCxNQUFNLElBQUksQ0FBQyxXQUFXLENBQUMsS0FBSyxFQUFFLENBQUMsQ0FBQyw4Q0FBOEM7Z0JBQzlFLE9BQU8sRUFBRSxZQUFZLEVBQUUsS0FBSyxFQUFFLElBQUksRUFBRSxDQUFDO2FBQ3RDO1FBQ0gsQ0FBQztLQUFBO0lBRUQsMEZBQTBGO0lBQzdFLFdBQVcsQ0FDdEIsU0FBK0IsRUFDL0IsUUFBZ0IsRUFDaEIsVUFBbUIsRUFDbkIsSUFBWTs7WUFFWixNQUFNLElBQUksQ0FBQyxJQUFJLENBQUMsYUFBYSxDQUFDLFNBQVMsRUFBRSxJQUFJLEVBQUUsU0FBUyxDQUFDLGFBQWEsQ0FBQyxDQUFDO1lBRXhFLGtFQUFrRTtZQUVsRSxNQUFNLFdBQVcsR0FBZ0IsTUFBTSxJQUFJLENBQUMsSUFBSSxDQUFDLHdCQUF3QixFQUFFLENBQUM7WUFFNUUsTUFBTSxJQUFJLENBQUMsY0FBYyxDQUFDLFNBQVMsQ0FBQyxDQUFDO1lBRXJDLE1BQU0sSUFBSSxHQUFHLE1BQU0sSUFBSSxDQUFDLFFBQVEsQ0FBQyxXQUFXLEVBQUUsUUFBUSxDQUFDLENBQUM7WUFFeEQsSUFBSSxVQUFVLEVBQUU7Z0JBQ2QsV0FBVyxDQUFDLHlCQUF5QixDQUFDO29CQUNwQyxTQUFTLEVBQUUsR0FBRyxFQUFFLEdBQUUsQ0FBQztvQkFDbkIsU0FBUyxFQUFFLENBQUMsQ0FBQyxFQUFFLEVBQUUsQ0FBQyxPQUFPLENBQUMsS0FBSyxDQUFDLENBQUMsQ0FBQztpQkFDbkMsQ0FBQyxDQUFDO2FBQ0o7WUFFRCxPQUFPLElBQUksQ0FBQztRQUNkLENBQUM7S0FBQTtJQUVLLHNCQUFzQixDQUFDLElBQTBCOztZQUNyRCxJQUFJLElBQUksQ0FBQyxjQUFjLEtBQUssY0FBYyxDQUFDLElBQUksRUFBRTtnQkFDL0MsTUFBTSxRQUFRLEdBQUcsSUFBSTtxQkFDbEIsb0JBQW9CLEVBQUU7cUJBQ3RCLGNBQWMsRUFBRTtxQkFDaEIsV0FBVyxFQUFFLENBQUM7Z0JBQ2pCLE1BQU0sSUFBSSxDQUFDLGVBQWUsQ0FBQyxzQkFBc0IsQ0FDL0MsUUFBUSxFQUNSLElBQUksQ0FBQyxjQUFjLEtBQUssY0FBYyxDQUFDLFlBQVksQ0FDcEQsQ0FBQzthQUNIO1FBQ0gsQ0FBQztLQUFBO0lBRUssa0JBQWtCLENBQ3RCLFNBQWtCLEtBQUs7O1lBRXZCLE1BQU0sV0FBVyxHQUFHLE1BQU0sSUFBSSxDQUFDLElBQUksQ0FBQyx3QkFBd0IsRUFBRSxDQUFDO1lBRS9ELElBQUksV0FBVyxDQUFDLFdBQVcsRUFBRSxDQUFDLFFBQVEsQ0FBQyxpQ0FBaUMsQ0FBQyxFQUFFO2dCQUN6RSxPQUFPLElBQUksQ0FBQyxZQUFZLENBQUMsTUFBTSxDQUFDLENBQUM7YUFDbEM7aUJBQU07Z0JBQ0wsT0FBTyxJQUFJLENBQUMsT0FBTyxDQUFDLE1BQU0sQ0FBQyxDQUFDO2FBQzdCO1FBQ0gsQ0FBQztLQUFBO0lBRUssWUFBWSxDQUFDLFNBQWtCLEtBQUs7O1lBQ3hDLElBQUksQ0FBQyxNQUFNLElBQUksSUFBSSxDQUFDLGdCQUFnQixFQUFFO2dCQUNwQyxPQUFPLElBQUksQ0FBQyxnQkFBZ0IsQ0FBQzthQUM5QjtZQUVELElBQUksQ0FBQyxnQkFBZ0IsR0FBRyxNQUFNLElBQUksQ0FBQyxhQUFhLEVBQUUsQ0FBQztZQUVuRCxNQUFNLElBQUksQ0FBQyxXQUFXLENBQUMsS0FBSyxFQUFFLENBQUMsQ0FBQyw4Q0FBOEM7WUFFOUUsT0FBTyxJQUFJLENBQUMsZ0JBQWdCLENBQUM7UUFDL0IsQ0FBQztLQUFBO0lBRUssT0FBTyxDQUFDLFNBQWtCLEtBQUs7O1lBQ25DLElBQUksQ0FBQyxNQUFNLElBQUksSUFBSSxDQUFDLFdBQVcsRUFBRTtnQkFDL0IsT0FBTyxJQUFJLENBQUMsV0FBVyxDQUFDO2FBQ3pCO1lBQ0QsSUFBSSxDQUFDLFdBQVcsR0FBRyxNQUFNLElBQUksQ0FBQyxRQUFRLENBQ3BDLE1BQU0sSUFBSSxDQUFDLElBQUksQ0FBQyx3QkFBd0IsRUFBRSxDQUMzQyxDQUFDO1lBQ0YsT0FBTyxDQUFDLEdBQUcsQ0FBQyx3QkFBd0IsQ0FBQyxDQUFDO1lBQ3RDLE1BQU0sSUFBSSxDQUFDLFdBQVcsQ0FBQyxLQUFLLEVBQUUsQ0FBQyxDQUFDLDhDQUE4QztZQUM5RSxPQUFPLElBQUksQ0FBQyxXQUFXLENBQUM7UUFDMUIsQ0FBQztLQUFBO0lBRU8sZ0JBQWdCLENBQUMsUUFBYztRQUNyQyxNQUFNLGNBQWMsR0FBRyxRQUFRLGFBQVIsUUFBUSx1QkFBUixRQUFRLENBQUUsT0FBTyxDQUFDO1FBQ3pDLE9BQU8sQ0FDTCxDQUFBLGNBQWMsYUFBZCxjQUFjLHVCQUFkLGNBQWMsQ0FBRSxNQUFNLElBQUcsQ0FBQztZQUMxQixjQUFjLENBQUMsSUFBSSxDQUFDLENBQUMsT0FBTyxFQUFFLEVBQUUsQ0FBQyxPQUFPLENBQUMsV0FBVyxFQUFFLEtBQUssUUFBUSxDQUFDLENBQ3JFLENBQUM7SUFDSixDQUFDO0lBRWEsUUFBUSxDQUNwQixXQUF3QixFQUN4QixRQUFpQjs7WUFFakIsTUFBTSxFQUNKLFdBQVcsRUFDWCxXQUFXLEVBQ1gsU0FBUyxHQUNWLEdBQUcsTUFBTSxJQUFJLENBQUMsY0FBYyxDQUFDLGNBQWMsRUFBRSxDQUFDO1lBRS9DLElBQUksV0FBVyxDQUFDLG9CQUFvQixFQUFFO2dCQUNwQyxJQUFJLENBQUMsY0FBYyxDQUFDLDZCQUE2QixDQUMvQyxNQUFNLEdBQUcsQ0FBQyxLQUFLLENBQUMsV0FBVyxDQUFDLG9CQUFvQixDQUFDLENBQ2xELENBQUM7YUFDSDtZQUVELE1BQU0sY0FBYyxHQUFHLE1BQU0sSUFBSSxDQUFDLElBQUksQ0FBQyxjQUFjLENBQUMsV0FBVyxDQUFDLENBQUM7WUFFbkUsSUFBSSxRQUFRLEVBQUU7Z0JBQ1osTUFBTSxPQUFPLEdBQUcsQ0FDZCxNQUFNLElBQUksQ0FBQyxVQUFVLENBQUMsYUFBYSxpQkFDakMsUUFBUSxJQUNMLFdBQVcsQ0FBQyxjQUFjLENBQUMsT0FBTyxDQUFDLGFBQWEsRUFDbkQsQ0FDSCxDQUFDLEdBQUcsQ0FBQztnQkFFTixNQUFNLElBQUksQ0FBQyxXQUFXLENBQUMsZ0JBQWdCLENBQ3JDLE1BQU0sSUFBSSxDQUFDLGVBQWUsQ0FBQyxpQkFBaUIsQ0FDMUMsV0FBVyxDQUFDLGNBQWMsQ0FBQyxPQUFPLENBQUMsRUFBRSxFQUNyQyxPQUFPLEVBQ1AsV0FBVyxDQUFDLGNBQWMsQ0FBQyxTQUFTLENBQUMsRUFBRSxDQUN4QyxDQUNGLENBQUM7YUFDSDtZQUNELE1BQU0sSUFBSSxDQUFDLGVBQWUsQ0FBQyxZQUFZLENBQUMsV0FBVyxDQUFDLGNBQWMsQ0FBQyxDQUFDO1lBRXBFLE9BQU87Z0JBQ0wsRUFBRSxFQUFFLFdBQVcsQ0FBQyxFQUFFO2dCQUNsQixHQUFHLEVBQUUsSUFBSSxDQUFDLGdCQUFnQixDQUFDLEtBQUssRUFBRSxjQUFjLENBQUM7Z0JBQ2pELFFBQVEsRUFBRSxXQUFXLENBQUMsUUFBUTtnQkFDOUIsY0FBYyxFQUFFLFdBQVcsQ0FBQyxjQUFjO2dCQUMxQyxpQkFBaUIsRUFBRSxHQUFHLEVBQUUsQ0FDdEIsV0FBVyxDQUFDLG9CQUFvQixFQUFFLENBQUMsY0FBYyxFQUFFLENBQUMsV0FBVyxFQUFFO2dCQUNuRSxLQUFLLEVBQUUsSUFBSSxDQUFDLGdCQUFnQixDQUFDLE9BQU8sRUFBRSxjQUFjLENBQUM7Z0JBQ3JELGFBQWEsRUFDWCxJQUFJLENBQUMsZ0JBQWdCLENBQUMsZ0JBQWdCLEVBQUUsY0FBYyxDQUFDLEtBQUssTUFBTTtnQkFDcEUsS0FBSyxFQUFFLElBQUksQ0FBQyxnQkFBZ0IsQ0FBQyxjQUFjLEVBQUUsY0FBYyxDQUFDO2dCQUM1RCxhQUFhLEVBQ1gsSUFBSSxDQUFDLGdCQUFnQixDQUFDLHVCQUF1QixFQUFFLGNBQWMsQ0FBQztvQkFDOUQsTUFBTTtnQkFDUixXQUFXLG9CQUNOLENBQUMsTUFBTSxJQUFJLENBQUMsY0FBYyxDQUFDLGtCQUFrQixDQUFDLFdBQVcsQ0FBQyxDQUFDLENBQy9EO2dCQUNELFVBQVUsRUFBRSxXQUFXLENBQUMsVUFBVTtnQkFDbEMsU0FBUztnQkFDVCxnQkFBZ0IsRUFBRSxJQUFJLENBQUMsZ0JBQWdCLENBQUMsV0FBVyxDQUFDLFFBQVEsQ0FBQztnQkFDN0QsUUFBUSxFQUFFLFdBQVcsQ0FBQyxRQUFRO2dCQUM5QixvQkFBb0IsRUFBRSxXQUFXLENBQUMsb0JBQW9CO2FBQ3ZELENBQUM7UUFDSixDQUFDO0tBQUE7SUFFTSxTQUFTO1FBQ2QsT0FBTyxJQUFJLENBQUMsVUFBVSxDQUFDO0lBQ3pCLENBQUM7SUFFWSxNQUFNOztZQUNqQixJQUFJLENBQUMsV0FBVyxHQUFHLElBQUksQ0FBQztZQUN4QixJQUFJLENBQUMsVUFBVSxDQUFDLFNBQVMsRUFBRSxDQUFDO1lBQzVCLElBQUksQ0FBQyxlQUFlLENBQUMsU0FBUyxFQUFFLENBQUM7WUFFakMsTUFBTSxPQUFPLENBQUMsR0FBRyxDQUFDLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxPQUFPLEVBQUUsRUFBRSxJQUFJLENBQUMsY0FBYyxDQUFDLE9BQU8sRUFBRSxDQUFDLENBQUMsQ0FBQztRQUMxRSxDQUFDO0tBQUE7SUFFTyxnQkFBZ0IsQ0FDdEIsYUFBcUIsRUFDckIsY0FBc0M7UUFFdEMsTUFBTSxhQUFhLEdBQUcsY0FBYyxDQUFDLElBQUksQ0FDdkMsQ0FBQyxDQUFDLEVBQUUsRUFBRSxDQUFDLENBQUMsQ0FBQyxPQUFPLEVBQUUsS0FBSyxhQUFhLENBQ3JDLENBQUM7UUFFRixPQUFPLGFBQWEsQ0FBQyxDQUFDLENBQUMsYUFBYSxDQUFDLFFBQVEsRUFBRSxDQUFDLENBQUMsQ0FBQyxJQUFJLENBQUM7SUFDekQsQ0FBQztJQUVZLGFBQWEsQ0FBQyxRQUFpQjs7WUFDMUMsTUFBTSxFQUFFLG1CQUFtQixFQUFFLFNBQVMsRUFBRSxHQUFHLE1BQU0sSUFBSSxDQUFDLFNBQVMsQ0FBQyxLQUFLLENBQUM7Z0JBQ3BFLEtBQUssRUFBRSx3QkFBd0I7YUFDaEMsQ0FBQyxDQUFDO1lBRUgsSUFBSSxTQUFTLENBQUMsb0JBQW9CLEVBQUU7Z0JBQ2xDLElBQUksQ0FBQyxjQUFjLENBQUMsNkJBQTZCLENBQy9DLE1BQU0sR0FBRyxDQUFDLEtBQUssQ0FBQyxTQUFTLENBQUMsb0JBQW9CLENBQUMsQ0FDaEQsQ0FBQzthQUNIO1lBRUQsa0JBQWtCO1lBQ2xCLElBQUksUUFBUSxFQUFFO2dCQUNaLE1BQU0sT0FBTyxHQUFHLENBQ2QsTUFBTSxJQUFJLENBQUMsVUFBVSxDQUFDLGFBQWEsaUJBQ2pDLFFBQVEsSUFDTCxTQUFTLENBQUMsT0FBTyxDQUFDLGFBQWEsRUFDbEMsQ0FDSCxDQUFDLEdBQUcsQ0FBQztnQkFFTixNQUFNLElBQUksQ0FBQyxXQUFXLENBQUMsZ0JBQWdCLENBQ3JDLE1BQU0sSUFBSSxDQUFDLGVBQWUsQ0FBQyxpQkFBaUIsQ0FDMUMsU0FBUyxDQUFDLE9BQU8sQ0FBQyxFQUFFLEVBQ3BCLE9BQU8sRUFDUCxTQUFTLENBQUMsU0FBUyxDQUFDLEVBQUUsQ0FDdkIsQ0FDRixDQUFDO2FBQ0g7WUFFRCxJQUFJLENBQUMsVUFBVSxDQUFDLFlBQVksQ0FBQztnQkFDM0IsT0FBTyxFQUFFO29CQUNQLEVBQUUsRUFBRSxTQUFTLENBQUMsT0FBTyxDQUFDLEVBQUU7aUJBQ3pCO2dCQUNELFNBQVMsRUFBRTtvQkFDVCxFQUFFLEVBQUUsU0FBUyxDQUFDLFNBQVMsQ0FBQyxFQUFFO2lCQUMzQjthQUNGLENBQUMsQ0FBQztZQUVILE1BQU0sY0FBYyxHQUFHLE1BQU0sSUFBSSxDQUFDLElBQUksQ0FBQyxjQUFjLENBQ25ELE1BQU0sSUFBSSxDQUFDLElBQUksQ0FBQyx3QkFBd0IsRUFBRSxDQUMzQyxDQUFDO1lBQ0YsTUFBTSxHQUFHLEdBQUcsSUFBSSxDQUFDLGdCQUFnQixDQUFDLEtBQUssRUFBRSxjQUFjLENBQUMsQ0FBQztZQUV6RCx1Q0FDSyxDQUFDLE1BQU0sSUFBSSxDQUFDLCtCQUErQixDQUFDLDhCQUE4QixDQUMzRSxTQUFTLENBQ1YsQ0FBQyxLQUNGLEdBQUcsSUFDSDtRQUNKLENBQUM7S0FBQTtJQUVZLGtCQUFrQjs7WUFDN0IsTUFBTSxXQUFXLEdBQWdCLE1BQU0sSUFBSSxDQUFDLElBQUksQ0FBQyx3QkFBd0IsRUFBRSxDQUFDO1lBQzVFLE1BQU0sWUFBWSxHQUFHLFdBQVcsQ0FBQyxvQkFBb0IsRUFBRSxDQUFDLGVBQWUsRUFBRSxDQUFDO1lBRTFFLE9BQU8sSUFBSSxPQUFPLENBQUMsQ0FBQyxPQUFPLEVBQUUsTUFBTSxFQUFFLEVBQUU7Z0JBQ3JDLFdBQVcsQ0FBQyxjQUFjLENBQUMsWUFBWSxFQUFFLENBQUMsR0FBRyxFQUFFLElBQUksRUFBRSxFQUFFO29CQUNyRCxJQUFJLEdBQUcsRUFBRTt3QkFDUCxPQUFPLENBQUMsS0FBSyxDQUFDLDBCQUEwQixFQUFFLEdBQUcsQ0FBQyxDQUFDO3dCQUMvQyxNQUFNLENBQUMsR0FBRyxDQUFDLENBQUM7cUJBQ2I7eUJBQU07d0JBQ0wsT0FBTyxDQUFDLEdBQUcsQ0FBQywwQkFBMEIsRUFBRSxJQUFJLENBQUMsQ0FBQzt3QkFDOUMsT0FBTyxDQUFDLENBQUMsQ0FBQyxDQUFDO3FCQUNaO2dCQUNILENBQUMsQ0FBQyxDQUFDO1lBQ0wsQ0FBQyxDQUFDLENBQUM7UUFDTCxDQUFDO0tBQUE7SUFFSyxlQUFlLENBQUMsV0FBbUI7O1lBQ3ZDLE1BQU0sU0FBUyxHQUFHLE1BQU0sSUFBSSxDQUFDLFlBQVksQ0FBQyxJQUFJLENBQUMsQ0FBQztZQUVoRCxJQUFJLFNBQVMsQ0FBQyxLQUFLLEtBQUssWUFBWSxDQUFDLFFBQVEsRUFBRTtnQkFDN0MsTUFBTSxJQUFJLG1CQUFtQixDQUMzQiwrQ0FBK0MsQ0FDaEQsQ0FBQzthQUNIO1lBRUQsaUVBQWlFO1lBQ2pFLHVEQUF1RDtZQUN2RCxpRUFBaUU7WUFDakUsTUFBTSxXQUFXLEdBQUcsTUFBTSxJQUFJLENBQUMsa0JBQWtCLENBQUMsU0FBUyxDQUFDLENBQUM7WUFFN0QsTUFBTSxFQUFFLE9BQU8sRUFBRSxHQUFHLE1BQU0sSUFBSSxDQUFDLGlCQUFpQixDQUFDLE9BQU8sQ0FDdEQsV0FBVyxFQUNYLFNBQVMsQ0FBQyxrQkFBa0IsQ0FDN0IsQ0FBQztZQUNGLE9BQU8sQ0FBQyxHQUFHLENBQUMsT0FBTyxDQUFDLENBQUM7WUFFckIsZ0NBQWdDO1lBQ2hDLE1BQU0sVUFBVSxHQUFHLE1BQU0sR0FBRyxDQUFDLEtBQUssQ0FBQyxPQUFPLENBQUMsQ0FBQztZQUU1QyxNQUFNLFNBQVMsR0FBRyxNQUFNLElBQUksQ0FBQyxlQUFlLENBQUMsTUFBTSxDQUFDLFNBQVMsQ0FBQyxTQUFTLENBQUMsRUFBRSxDQUFDLENBQUM7WUFFNUUsTUFBTSx1QkFBdUIsR0FBRyxNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxlQUFlLENBQzFFLFNBQVMsQ0FBQyxHQUFHLEVBQ2IsVUFBVSxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsQ0FDeEIsQ0FBQztZQUVGLG1CQUFtQjtZQUNuQixNQUFNLGdCQUFnQixHQUFHLE1BQU0sSUFBSSxDQUFDLFVBQVUsQ0FBQyxhQUFhLGlCQUMxRCxRQUFRLEVBQUUsV0FBVyxJQUNsQixTQUFTLENBQUMsT0FBTyxDQUFDLGFBQWEsRUFDbEMsQ0FBQztZQUVILE1BQU0sY0FBYyxHQUFHLElBQUksQ0FBQyxlQUFlLENBQUMsZ0JBQWdCLENBQzFELGdCQUFnQixDQUFDLEdBQUcsQ0FDckIsQ0FBQztZQUVGLGlFQUFpRTtZQUNqRSw2QkFBNkI7WUFDN0IsaUVBQWlFO1lBQ2pFLE1BQU0sU0FBUyxHQUFHLENBQ2hCLE1BQU0sSUFBSSxDQUFDLFNBQVMsQ0FBQyxRQUFRLENBQzNCLElBQUksVUFBVSxDQUFDO2dCQUNiLFFBQVEsRUFBRSxvQ0FBb0M7Z0JBQzlDLFNBQVMsRUFBRTtvQkFDVCxLQUFLLEVBQUUsRUFBRTtpQkFDVjthQUNGLENBQUMsRUFDRjtnQkFDRSxlQUFlLEVBQUUsS0FBSzthQUN2QixDQUNGLENBQ0YsQ0FBQyw0QkFBNEIsQ0FBQyxTQUFTLENBQUM7WUFFekMsT0FBTyxDQUFDLEdBQUcsQ0FBQyxTQUFTLENBQUMsQ0FBQztZQUV2QixxQkFBcUI7WUFDckIsa0VBQWtFO1lBQ2xFLFNBQVMsQ0FBQyxXQUFXLEdBQUcsSUFBSSxDQUFDLFVBQVUsQ0FBQyxZQUFZLENBQ2xELHFDQUFxQyxDQUN0QyxDQUFDO1lBQ0YsT0FBTyxDQUFDLEdBQUcsQ0FBQyxTQUFTLENBQUMsQ0FBQztZQUV2QixNQUFNLHNCQUFzQixHQUFHLE1BQU0sSUFBSSxDQUFDLGlCQUFpQixDQUFDLE9BQU8sQ0FDakUsV0FBVyxFQUNYLFNBQVMsQ0FBQyw2QkFBNkIsQ0FDeEMsQ0FBQztZQUNGLE1BQU0sZUFBZSxHQUFHLE1BQU0sSUFBSSxDQUFDLGlCQUFpQixDQUFDLElBQUksQ0FDdkQsc0JBQXNCLEVBQ3RCLFNBQVMsQ0FDVixDQUFDO1lBRUYsaUVBQWlFO1lBQ2pFLHdDQUF3QztZQUN4QyxpRUFBaUU7WUFDakUsTUFBTSxlQUFlLEdBQUcsQ0FDdEIsTUFBTSxJQUFJLENBQUMsU0FBUyxDQUFDLFFBQVEsQ0FDM0IsSUFBSSxVQUFVLENBQUM7Z0JBQ2IsUUFBUSxFQUFFLHlDQUF5QztnQkFDbkQsU0FBUyxFQUFFO29CQUNULEtBQUssRUFBRTt3QkFDTCxlQUFlLEVBQUUsSUFBSSxDQUFDLFNBQVMsQ0FBQyxlQUFlLENBQUM7cUJBQ2pEO2lCQUNGO2FBQ0YsQ0FBQyxFQUNGO2dCQUNFLGVBQWUsRUFBRSxLQUFLO2FBQ3ZCLENBQ0YsQ0FDRixDQUFDLGlDQUFpQyxDQUFDLFdBQVcsQ0FBQztZQUVoRCxpRUFBaUU7WUFDakUsMERBQTBEO1lBQzFELGlFQUFpRTtZQUNqRSxrRUFBa0U7WUFDbEUsaUVBQWlFO1lBQ2pFLDhEQUE4RDtZQUM5RCxtRUFBbUU7WUFDbkUsaURBQWlEO1lBRWpELDhEQUE4RDtZQUM5RCxNQUFNLFVBQVUsR0FBRyxJQUFJLE9BQU8sQ0FBTyxDQUFDLE9BQU8sRUFBRSxFQUFFO2dCQUMvQyxNQUFNLFFBQVEsR0FBRyxDQUFPLElBQUksRUFBRSxFQUFFO29CQUM5QixJQUFJLElBQUksQ0FBQyxPQUFPLENBQUMsS0FBSyxLQUFLLFFBQVEsRUFBRTt3QkFDbkMsT0FBTztxQkFDUjtvQkFFRCxHQUFHLENBQUMsTUFBTSxDQUFDLE1BQU0sRUFBRSxRQUFRLENBQUMsQ0FBQztvQkFFN0IsT0FBTyxDQUFDLEdBQUcsQ0FBQyxJQUFJLENBQUMsT0FBTyxDQUFDLENBQUM7b0JBRTFCLE1BQU0sSUFBSSxDQUFDLElBQUksQ0FBQyxNQUFNLENBQUMsU0FBUyxDQUFDLFFBQVEsRUFBRSxjQUFjLENBQUMsQ0FBQztvQkFFM0QscUNBQXFDO29CQUNyQyxNQUFNLElBQUksQ0FBQyxTQUFTLENBQUMsUUFBUSxDQUMzQixJQUFJLFVBQVUsQ0FBQzt3QkFDYixRQUFRLEVBQUUsc0NBQXNDO3dCQUNoRCxTQUFTLEVBQUU7NEJBQ1QsS0FBSyxFQUFFO2dDQUNMLHVCQUF1QjtnQ0FDdkIsV0FBVyxFQUFFLFNBQVMsQ0FBQyxFQUFFOzZCQUMxQjt5QkFDRjtxQkFDRixDQUFDLENBQ0gsQ0FBQztvQkFFRixPQUFPLEVBQUUsQ0FBQztnQkFDWixDQUFDLENBQUEsQ0FBQztnQkFFRixHQUFHLENBQUMsTUFBTSxDQUFDLE1BQU0sRUFBRSxRQUFRLENBQUMsQ0FBQztZQUMvQixDQUFDLENBQUMsQ0FBQztZQUVILDBGQUEwRjtZQUMxRiw2QkFBNkI7WUFDN0IsSUFBSSxJQUFJLEdBQUcsTUFBTSxJQUFJLENBQUMsSUFBSSxDQUFDLE1BQU0sQ0FBQyxTQUFTLENBQUMsUUFBUSxFQUFFLGVBQWUsRUFBRTtnQkFDckUsT0FBTyxFQUFFLE1BQU07YUFDaEIsQ0FBQyxDQUFDO1lBRUgsSUFBSSxJQUFJLENBQUMsYUFBYSxLQUFLLHVCQUF1QixFQUFFO2dCQUNsRCxNQUFNLElBQUksV0FBVyxDQUFDO29CQUNwQixPQUFPLEVBQ0wsMEhBQTBIO2lCQUM3SCxDQUFDLENBQUM7YUFDSjtZQUVELDBCQUEwQjtZQUMxQiwrRUFBK0U7WUFDL0UsMkJBQTJCO1lBQzNCLElBQUksR0FBRyxNQUFNLElBQUksQ0FBQyxJQUFJLENBQUMsbUJBQW1CLENBQUMsSUFBSSxFQUFFLGNBQWMsRUFBRSxFQUFFLENBQUMsQ0FBQztZQUVyRSxPQUFPLFVBQVUsQ0FBQztRQUNwQixDQUFDO0tBQUE7SUFFYSxrQkFBa0IsQ0FDOUIsU0FBa0M7O1lBRWxDLDRCQUE0QjtZQUM1QixJQUFJLGlCQUF5QixDQUFDO1lBRTlCLE1BQU0sR0FBRyxHQUFHLE1BQU0sSUFBSSxDQUFDLGVBQWUsQ0FBQyxNQUFNLENBQUMsU0FBUyxDQUFDLEdBQUcsQ0FBQyxFQUFFLENBQUMsQ0FBQztZQUVoRSxNQUFNLE1BQU0sR0FBRyxNQUFNLE9BQU8sQ0FBQyxHQUFHLENBQzlCLFNBQVMsQ0FBQyxTQUFTO2lCQUNoQixNQUFNLENBQUMsQ0FBQyxRQUFRLEVBQUUsRUFBRSxDQUFDLENBQUMsQ0FBQyxRQUFRLENBQUMsZ0NBQWdDLENBQUM7aUJBQ2pFLEdBQUcsQ0FBQyxDQUFPLFFBQVEsRUFBRSxFQUFFO2dCQUN0QixNQUFNLGtCQUFrQixHQUFHLE1BQU0sSUFBSSxDQUFDLGlCQUFpQixDQUFDLE9BQU8sQ0FDN0QsR0FBRyxFQUNILFFBQVEsQ0FBQyxnQ0FBZ0MsQ0FDMUMsQ0FBQztnQkFFRixJQUFJLGlCQUFpQixFQUFFO29CQUNyQixJQUNFLElBQUksQ0FBQyxTQUFTLENBQUMsaUJBQWlCLENBQUM7d0JBQ2pDLElBQUksQ0FBQyxTQUFTLENBQUMsa0JBQWtCLENBQUMsaUJBQWlCLENBQUMsRUFDcEQ7d0JBQ0EsTUFBTSxJQUFJLG1CQUFtQixDQUMzQixrRUFBa0UsQ0FDbkUsQ0FBQztxQkFDSDtpQkFDRjtxQkFBTTtvQkFDTCxpQkFBaUIsR0FBRyxrQkFBa0IsQ0FBQyxpQkFBaUIsQ0FBQztpQkFDMUQ7Z0JBQ0QsT0FBTyxrQkFBa0IsQ0FBQyxNQUFNLENBQUMsS0FBSyxDQUFDLFNBQVMsQ0FBQztZQUNuRCxDQUFDLENBQUEsQ0FBQyxDQUNMLENBQUM7WUFFRixPQUFPLENBQUMsR0FBRyxDQUFDLHNCQUFzQixFQUFFLE1BQU0sQ0FBQyxDQUFDO1lBRTVDLE1BQU0sY0FBYyxHQUFHLE1BQU0sSUFBSSxDQUFDLGFBQWEsQ0FBQyxhQUFhLENBQzNELE1BQU0sRUFDTixtQ0FBbUMsQ0FDcEMsQ0FBQztZQUVGLE9BQU8sR0FBRyxDQUFDLEtBQUssaUNBQ1gsaUJBQWlCLEtBQ3BCLENBQUMsRUFBRSxjQUFjLElBQ2pCLENBQUM7UUFDTCxDQUFDO0tBQUE7Ozs7WUF0cEJGLFVBQVUsU0FBQztnQkFDVixVQUFVLEVBQUUsTUFBTTthQUNuQjs7OzRDQU9JLE1BQU0sU0FBQyxTQUFTO1lBekNaLFNBQVM7WUFRVCxpQkFBaUI7WUF6QmpCLFVBQVU7WUFDVixjQUFjO1lBRmQsZUFBZTtZQWlCZixlQUFlO1lBUWYsV0FBVztZQUVYLGdCQUFnQjtZQUVoQiwrQkFBK0I7WUFFL0IsY0FBYztZQUdkLGlCQUFpQjtZQUNqQixhQUFhIiwic291cmNlc0NvbnRlbnQiOlsiaW1wb3J0IHsgSW5qZWN0LCBJbmplY3RhYmxlLCBpc0Rldk1vZGUgfSBmcm9tICdAYW5ndWxhci9jb3JlJztcbmltcG9ydCB7IENvZ25pdG9Vc2VyIH0gZnJvbSAnQGF3cy1hbXBsaWZ5L2F1dGgnO1xuaW1wb3J0IHsgSHViIH0gZnJvbSAnQGF3cy1hbXBsaWZ5L2NvcmUnO1xuaW1wb3J0IHsgQ29nbml0b1VzZXJBdHRyaWJ1dGUgfSBmcm9tICdhbWF6b24tY29nbml0by1pZGVudGl0eS1qcyc7XG5pbXBvcnQgeyBPYnNlcnZhYmxlLCBSZXBsYXlTdWJqZWN0IH0gZnJvbSAncnhqcyc7XG5pbXBvcnQgeyBQYXNzSWRwUGFyYW1zIH0gZnJvbSAnLi4vY3J5cHRvZ3JhcGh5L2NyeXB0b2dyYXBoeS50eXBlcyc7XG5pbXBvcnQgeyBLZXlHcmFwaFNlcnZpY2UgfSBmcm9tICcuLi9jcnlwdG9ncmFwaHkva2V5LWdyYXBoLnNlcnZpY2UnO1xuaW1wb3J0IHsgS2V5U2VydmljZSB9IGZyb20gJy4uL2NyeXB0b2dyYXBoeS9rZXkuc2VydmljZSc7XG5pbXBvcnQgeyBQcm9maWxlU2VydmljZSB9IGZyb20gJy4uL3VzZXJzL3Byb2ZpbGUuc2VydmljZSc7XG5pbXBvcnQgeyBQYXNzd29yZENoYW5nZVN0YXR1cyB9IGZyb20gJy4uL3VzZXJzL3Byb2ZpbGUudHlwZXMnO1xuaW1wb3J0IHtcbiAgTHJDb25jdXJyZW50QWNjZXNzRXhjZXB0aW9uLFxuICBMckJhZFJlcXVlc3RFeGNlcHRpb24sXG4gIExyQmFkU3RhdGVFeGNlcHRpb24sXG4gIExyRXhjZXB0aW9uLFxufSBmcm9tICcuLi9fY29tbW9uL2V4Y2VwdGlvbnMnO1xuaW1wb3J0IHtcbiAgQ29nbml0b0NoYWxsZW5nZVVzZXIsXG4gIEN1cnJlbnRVc2VyLFxuICBUcFBhc3N3b3JkUmVzZXRVc2VyLFxuICBMb2dpblJlc3VsdCxcbiAgUmVjb3ZlcnlTdGF0dXMsXG59IGZyb20gJy4vYXV0aC50eXBlcyc7XG5pbXBvcnQgeyBQYXNzd29yZFNlcnZpY2UgfSBmcm9tICcuL3Bhc3N3b3JkLnNlcnZpY2UnO1xuaW1wb3J0IHsgQXV0aENsYXNzIH0gZnJvbSAnQGF3cy1hbXBsaWZ5L2F1dGgvbGliLWVzbS9BdXRoJztcbmltcG9ydCB7XG4gIENvbXBsZXRlVHBQYXNzd29yZFJlc2V0UmVxdWVzdE11dGF0aW9uLFxuICBDcmVhdGVUcEFzc2VtYmx5S2V5Q2hhbGxlbmdlTXV0YXRpb24sXG4gIFByZUNvbXBsZXRlVHBQYXNzd29yZFJlc2V0UmVxdWVzdE11dGF0aW9uLFxuICBUcFBhc3N3b3JkUmVzZXRVc2VyUXVlcnksXG59IGZyb20gJy4uL3RydXN0ZWQtcGFydGllcy90cC1wYXNzd29yZC1yZXNldC5ncWwnO1xuaW1wb3J0IHsgSWRsZVNlcnZpY2UgfSBmcm9tICcuL2lkbGUuc2VydmljZSc7XG5pbXBvcnQgeyBLZXlGYWN0b3J5U2VydmljZSB9IGZyb20gJy4uL2NyeXB0b2dyYXBoeS9rZXktZmFjdG9yeS5zZXJ2aWNlJztcbmltcG9ydCB7IExyR3JhcGhRTFNlcnZpY2UsIExyTXV0YXRpb24gfSBmcm9tICcuLi9hcGkvbHItZ3JhcGhxbCc7XG5pbXBvcnQgeyBUcENsYWltU3RhdGUsIFRwUGFzc3dvcmRSZXNldFVzZXJOb2RlIH0gZnJvbSAnLi4vYXBpL3R5cGVzJztcbmltcG9ydCB7IFRwUGFzc3dvcmRSZXNldFByb2Nlc3NvclNlcnZpY2UgfSBmcm9tICcuLi9hcGkvcXVlcnktcHJvY2Vzc29yL3RwLXBhc3N3b3JkLXJlc2V0LXByb2Nlc3Nvci5zZXJ2aWNlJztcbmltcG9ydCB7IFNldFNlc3Npb25FbmNyeXB0aW9uS2V5TXV0YXRpb24gfSBmcm9tICcuL2F1dGguZ3FsJztcbmltcG9ydCB7IFBlcnNpc3RTZXJ2aWNlIH0gZnJvbSAnLi4vYXBpL3BlcnNpc3Quc2VydmljZSc7XG5pbXBvcnQgeyBKV0sgfSBmcm9tICdub2RlLWpvc2UnO1xuaW1wb3J0IHsgTGlmZVJlYWR5Q29uZmlnLCBMUl9DT05GSUcgfSBmcm9tICcuLi9saWZlLXJlYWR5LmNvbmZpZyc7XG5pbXBvcnQgeyBFbmNyeXB0aW9uU2VydmljZSB9IGZyb20gJy4uL2NyeXB0b2dyYXBoeS9lbmNyeXB0aW9uLnNlcnZpY2UnO1xuaW1wb3J0IHsgU2xpcDM5U2VydmljZSB9IGZyb20gJy4uL2NyeXB0b2dyYXBoeS9zbGlwMzkuc2VydmljZSc7XG5pbXBvcnQge1xuICBUUF9QQVNTV09SRF9SRVNFVF9DTElFTlRfTk9OQ0VfTEVOR1RILFxuICBUUF9QQVNTV09SRF9SRVNFVF9TTElQMzlfUEFTU1BIUkFTRSxcbiAgVFBfUEFTU1dPUkRfUkVTRVRfVVNFUk5BTUVfU1VGRklYLFxufSBmcm9tICcuLi90cnVzdGVkLXBhcnRpZXMvdHAtcGFzc3dvcmQtcmVzZXQuY29uc3RhbnRzJztcblxuZXhwb3J0IGNvbnN0IGluaXRpYWxpc2VBdXRoID0gKGF1dGhTZXJ2aWNlOiBMaWZlUmVhZHlBdXRoU2VydmljZSkgPT4ge1xuICByZXR1cm4gKCkgPT4gYXV0aFNlcnZpY2UuaW5pdGlhbGlzZSgpO1xufTtcblxuZXhwb3J0IGludGVyZmFjZSBMb2dpbk9wdGlvbnMge1xuICB0cFBhc3N3b3JkUmVzZXRBdXRvQ29tcGxldGU/OiBib29sZWFuO1xufVxuXG5ASW5qZWN0YWJsZSh7XG4gIHByb3ZpZGVkSW46ICdyb290Jyxcbn0pXG5leHBvcnQgY2xhc3MgTGlmZVJlYWR5QXV0aFNlcnZpY2Uge1xuICBwcml2YXRlIGh1YlN1YmplY3Q6IFJlcGxheVN1YmplY3Q8YW55PiA9IG5ldyBSZXBsYXlTdWJqZWN0PGFueT4oMSk7XG4gIHByaXZhdGUgY3VycmVudFVzZXI6IEN1cnJlbnRVc2VyO1xuICBwcml2YXRlIGN1cnJlbnRSZXNldFVzZXI6IFRwUGFzc3dvcmRSZXNldFVzZXI7XG5cbiAgY29uc3RydWN0b3IoXG4gICAgQEluamVjdChMUl9DT05GSUcpIHByaXZhdGUgY29uZmlnOiBMaWZlUmVhZHlDb25maWcsXG4gICAgcHJpdmF0ZSBhdXRoOiBBdXRoQ2xhc3MsXG4gICAgcHJpdmF0ZSBrZXlGYWN0b3J5OiBLZXlGYWN0b3J5U2VydmljZSxcbiAgICBwcml2YXRlIGtleVNlcnZpY2U6IEtleVNlcnZpY2UsXG4gICAgcHJpdmF0ZSBwcm9maWxlU2VydmljZTogUHJvZmlsZVNlcnZpY2UsXG4gICAgcHJpdmF0ZSBrZXlHcmFwaFNlcnZpY2U6IEtleUdyYXBoU2VydmljZSxcbiAgICBwcml2YXRlIHBhc3N3b3JkU2VydmljZTogUGFzc3dvcmRTZXJ2aWNlLFxuICAgIHByaXZhdGUgaWRsZVNlcnZpY2U6IElkbGVTZXJ2aWNlLFxuICAgIHByaXZhdGUgbHJHcmFwaFFMOiBMckdyYXBoUUxTZXJ2aWNlLFxuICAgIHByaXZhdGUgdHBQYXNzd29yZFJlc2V0UHJvY2Vzc29yU2VydmljZTogVHBQYXNzd29yZFJlc2V0UHJvY2Vzc29yU2VydmljZSxcbiAgICBwcml2YXRlIHBlcnNpc3RTZXJ2aWNlOiBQZXJzaXN0U2VydmljZSxcbiAgICBwcml2YXRlIGVuY3J5cHRpb25TZXJ2aWNlOiBFbmNyeXB0aW9uU2VydmljZSxcbiAgICBwcml2YXRlIHNsaXAzOVNlcnZpY2U6IFNsaXAzOVNlcnZpY2VcbiAgKSB7fVxuXG4gIHB1YmxpYyBhc3luYyBpbml0aWFsaXNlKCkge1xuICAgIEh1Yi5saXN0ZW4oJ2F1dGgnLCAoZGF0YSkgPT4gdGhpcy5odWJTdWJqZWN0Lm5leHQoZGF0YS5wYXlsb2FkKSk7XG4gIH1cblxuICBwcml2YXRlIGFzeW5jIGxvZ2luSWRwSW1wbChcbiAgICBlbWFpbE9yUGhvbmU6IHN0cmluZyxcbiAgICBwYXNzd29yZDogc3RyaW5nLFxuICAgIHBhc3NJZHBQYXJhbXM6IFBhc3NJZHBQYXJhbXMsXG4gICAgcmVjb3ZlcnlTdGF0dXM6IFJlY292ZXJ5U3RhdHVzXG4gICk6IFByb21pc2U8Q29nbml0b0NoYWxsZW5nZVVzZXI+IHtcbiAgICBjb25zdCBwYXNzSWRwUmVzdWx0ID0gYXdhaXQgdGhpcy5rZXlGYWN0b3J5LmRlcml2ZVBhc3NJZHAoe1xuICAgICAgcGFzc3dvcmQsXG4gICAgICAuLi5wYXNzSWRwUGFyYW1zLFxuICAgIH0pO1xuICAgIC8vIFVzZSB0aGUgZGVyaXZlZCBwYXNzd29yZCB0byBzaWduaW4gd2l0aCBjb2duaXRvXG4gICAgY29uc3QgdXNlciA9IGF3YWl0IHRoaXMuYXV0aC5zaWduSW4oXG4gICAgICBlbWFpbE9yUGhvbmUsXG4gICAgICB0aGlzLnBhc3N3b3JkU2VydmljZS5nZXRQYXNzSWRwU3RyaW5nKHBhc3NJZHBSZXN1bHQuandrKVxuICAgICk7XG5cbiAgICB1c2VyLnJlY292ZXJ5U3RhdHVzID0gcmVjb3ZlcnlTdGF0dXM7XG5cbiAgICByZXR1cm4gdXNlcjtcbiAgfVxuXG4gIHByaXZhdGUgYXN5bmMgbG9naW5JZHAoXG4gICAgZW1haWxPclBob25lOiBzdHJpbmcsXG4gICAgcGFzc3dvcmQ6IHN0cmluZ1xuICApOiBQcm9taXNlPENvZ25pdG9DaGFsbGVuZ2VVc2VyPiB7XG4gICAgLy8gRG93bmxvYWQgdGhlIHNhbHQgbmVlZGVkIHRvIGRlcml2ZSB0aGUgUGFzc0lkcFxuICAgIGNvbnN0IHBhc3NJZHBBcGlSZXN1bHQgPSBhd2FpdCB0aGlzLnByb2ZpbGVTZXJ2aWNlLmdldFBhc3NJZHBQYXJhbXMoXG4gICAgICBlbWFpbE9yUGhvbmVcbiAgICApO1xuXG4gICAgaWYgKFxuICAgICAgcGFzc0lkcEFwaVJlc3VsdC5wYXNzd29yZENoYW5nZVN0YXR1cyA9PT0gUGFzc3dvcmRDaGFuZ2VTdGF0dXMuSW5Qcm9ncmVzc1xuICAgICkge1xuICAgICAgdGhyb3cgbmV3IExyQ29uY3VycmVudEFjY2Vzc0V4Y2VwdGlvbignQSBwYXNzd29yZCBjaGFuZ2UgaXMgaW4gcHJvZ3Jlc3MnKTtcbiAgICB9XG5cbiAgICBpZiAoXG4gICAgICBwYXNzSWRwQXBpUmVzdWx0LnBhc3N3b3JkQ2hhbmdlU3RhdHVzID09PSBQYXNzd29yZENoYW5nZVN0YXR1cy5SZWNvdmVyeVxuICAgICkge1xuICAgICAgY29uc29sZS5sb2coJ0luIHJlY292ZXJ5IG1vZGUuJyk7XG4gICAgICAvLyBMZXQncyBzYXkgd2UgZG9uJ3Qga25vdyBpZiB0aGUgcGFzc3dvcmQgaXMgdGhlIG5ldyBvbmUgb3IgdGhlIG9sZCBvbmUuIFdlIGp1c3QgaGF2ZSB0byB0cnkgYm90aC5cbiAgICAgIHRyeSB7XG4gICAgICAgIGNvbnN0IHVzZXIgPSBhd2FpdCB0aGlzLmxvZ2luSWRwSW1wbChcbiAgICAgICAgICBlbWFpbE9yUGhvbmUsXG4gICAgICAgICAgcGFzc3dvcmQsXG4gICAgICAgICAgcGFzc0lkcEFwaVJlc3VsdC5uZXdQYXNzSWRwUGFyYW1zLFxuICAgICAgICAgIFJlY292ZXJ5U3RhdHVzLk5FV19QQVNTV09SRFxuICAgICAgICApO1xuICAgICAgICAvLyBOZXcgcGFzc3dvcmQgd29ya2VkLiBMZXQncyBzZXQgdG8gdGhlIGN1cnJlbnQgcGFzc3dvcmRcblxuICAgICAgICAvLyAtLVBvdGVudGlhbCBGYWlsdXJlIFBvaW50IDEtLVxuICAgICAgICAvLyBpZiBjaGFuZ2VQYXNzd29yZENvbXBsZXRlKCkgZG9lc24ndCBnZXQgY2FsbGVkLCB0aGVuIGl0IHNob3VsZCByZW1haW5cblxuICAgICAgICBjb25zb2xlLmxvZygnTmV3IHBhc3N3b3JkIHdvcmtzIScpO1xuXG4gICAgICAgIHJldHVybiB1c2VyO1xuICAgICAgfSBjYXRjaCAoZXJyb3IpIHtcbiAgICAgICAgLy8gSnVzdCBidWJibGUgdXAgYW55IG90aGVyIHR5cGUgb2YgZXJyb3IuXG4gICAgICAgIGlmIChlcnJvci5jb2RlICE9PSAnTm90QXV0aG9yaXplZEV4Y2VwdGlvbicpIHtcbiAgICAgICAgICB0aHJvdyBlcnJvcjtcbiAgICAgICAgfVxuICAgICAgICAvLyBwYXNzLCB0cnkgYWdhaW4gYXNzdW1pbmcgaXQncyB0aGUgb2xkIHBhc3N3b3JkXG4gICAgICB9XG5cbiAgICAgIC8vIE5vdyBhc3N1bWUgaXQncyB0aGUgcHJldmlvdXMgcGFzc3dvcmQuIEFueSBleGNlcHRpb24gaXMgYWxsb3dlZCB0byBidWJibGUgdXAuXG4gICAgICB0cnkge1xuICAgICAgICBjb25zdCB1c2VyID0gYXdhaXQgdGhpcy5sb2dpbklkcEltcGwoXG4gICAgICAgICAgZW1haWxPclBob25lLFxuICAgICAgICAgIHBhc3N3b3JkLFxuICAgICAgICAgIHBhc3NJZHBBcGlSZXN1bHQuY3VycmVudFBhc3NJZHBQYXJhbXMsXG4gICAgICAgICAgUmVjb3ZlcnlTdGF0dXMuT0xEX1BBU1NXT1JEXG4gICAgICAgICk7XG4gICAgICAgIC8vIE9sZCBwYXNzd29yZCB3b3JrZWQuXG4gICAgICAgIGNvbnNvbGUubG9nKCdPbGQgcGFzc3dvcmQgd29ya3MhJyk7XG5cbiAgICAgICAgcmV0dXJuIHVzZXI7XG4gICAgICB9IGNhdGNoIChlcnJvcikge1xuICAgICAgICAvLyBKdXN0IGJ1YmJsZSB1cCBhbnkgb3RoZXIgdHlwZSBvZiBlcnJvci5cbiAgICAgICAgdGhyb3cgZXJyb3IuY29kZSA9PT0gJ05vdEF1dGhvcml6ZWRFeGNlcHRpb24nXG4gICAgICAgICAgPyBuZXcgTHJCYWRSZXF1ZXN0RXhjZXB0aW9uKFxuICAgICAgICAgICAgICAnVGhlIHBhc3N3b3JkIGNoYW5nZSByZXF1ZXN0IHdhcyBpbnRlcnJ1cHRlZCwgcGxlYXNlIHRyeSB0byBsb2dpbiB3aXRoIGJvdGggeW91ciBuZXcgYW5kIG9sZCBwYXNzd29yZCdcbiAgICAgICAgICAgIClcbiAgICAgICAgICA6IGVycm9yO1xuICAgICAgfVxuICAgIH1cblxuICAgIC8vIFRyeSBhZ2FpbnN0IGFzIHRoZSBUUCBwYXNzd29yZCByZXNldCBhY2NvdW50XG4gICAgaWYgKHBhc3NJZHBBcGlSZXN1bHQudHBQYXNzd29yZFJlc2V0KSB7XG4gICAgICB0cnkge1xuICAgICAgICAvLyBUUCBwYXNzd29yZCByZXNldCBpcyBpbiBwcm9jZXNzLiBXZSBuZWVkIHRvIHRyeSB0aGUgcGFzc3dvcmQgYWdhaW5zdCBib3RoXG4gICAgICAgIC8vIG9yaWdpbmFsIGFjY291bnQgYW5kIHRoZSBuZXcgcmVzZXQgYWNjb3VudC5cbiAgICAgICAgY29uc3QgcmVzZXQgPSBwYXNzSWRwQXBpUmVzdWx0LnRwUGFzc3dvcmRSZXNldDtcbiAgICAgICAgY29uc3QgcmV0ID0gYXdhaXQgdGhpcy5sb2dpbklkcEltcGwoXG4gICAgICAgICAgcmVzZXQucmVzZXRVc2VybmFtZSxcbiAgICAgICAgICBwYXNzd29yZCxcbiAgICAgICAgICByZXNldC5wYXNzSWRwUGFyYW1zLFxuICAgICAgICAgIFJlY292ZXJ5U3RhdHVzLk5PTkVcbiAgICAgICAgKTtcbiAgICAgICAgcmV0LmlzVHBQYXNzd29yZFJlc2V0VXNlciA9IHRydWU7XG5cbiAgICAgICAgcmV0dXJuIHJldDtcbiAgICAgIH0gY2F0Y2ggKGVycikge1xuICAgICAgICAvLyBjb250aW51ZSwgdHJ5IGFnYWluIGFzIHJlZ3VsYXIgdXNlci5cbiAgICAgIH1cbiAgICB9XG5cbiAgICAvLyBMb2dpbiBhcyByZWd1bGFyIHVzZXJcbiAgICByZXR1cm4gYXdhaXQgdGhpcy5sb2dpbklkcEltcGwoXG4gICAgICBlbWFpbE9yUGhvbmUsXG4gICAgICBwYXNzd29yZCxcbiAgICAgIHBhc3NJZHBBcGlSZXN1bHQuY3VycmVudFBhc3NJZHBQYXJhbXMsXG4gICAgICBSZWNvdmVyeVN0YXR1cy5OT05FXG4gICAgKTtcbiAgfVxuXG4gIHByb3RlY3RlZCBhc3luYyBoYW5kbGVTZXNzaW9uRW5jcnlwdGlvbktleSgpIHtcbiAgICBpZiAodGhpcy5jb25maWcuZGlzYWJsZVNlc3Npb25FbmNyeXB0aW9uS2V5KSB7XG4gICAgICBpZiAoIWlzRGV2TW9kZSgpKSB7XG4gICAgICAgIGNvbnN0IG1zZyA9XG4gICAgICAgICAgJ1lvdSBzaG91bGQgbm90IHNldCBkaXNhYmxlU2Vzc2lvbkVuY3J5cHRpb25LZXk9VHJ1ZSBpbiBtb2RlIHByb2QuIEl0IGRlZmF1bHRzIHRvIGZhbHNlLic7XG4gICAgICAgIGNvbnNvbGUuZXJyb3IobXNnKTtcbiAgICAgICAgdGhyb3cgbmV3IEVycm9yKG1zZyk7XG4gICAgICB9IGVsc2Uge1xuICAgICAgICBjb25zb2xlLndhcm4oXG4gICAgICAgICAgJ1lvdSBoYXZlIHNldCBkaXNhYmxlU2Vzc2lvbkVuY3J5cHRpb25LZXk9VHJ1ZS4gTWFrZSBzdXJlIG5vdCB0byBkbyB0aGlzIGluIHByb2QgbW9kZS4nXG4gICAgICAgICk7XG4gICAgICB9XG4gICAgfSBlbHNlIHtcbiAgICAgIC8vIFNldCB0aGUgc2Vzc2lvbiBrZXkgdG8gYSBuZXcgZW5jcnlwdGlvbiBrZXkgZm9yIHRoaXMgc2Vzc2lvblxuICAgICAgY29uc3Qgc2Vzc2lvbkVuY3J5cHRpb25LZXkgPSBhd2FpdCB0aGlzLmtleUZhY3RvcnkuY3JlYXRlS2V5KCk7XG4gICAgICBhd2FpdCB0aGlzLmxyR3JhcGhRTC5sck11dGF0ZShcbiAgICAgICAgbmV3IExyTXV0YXRpb24oe1xuICAgICAgICAgIG11dGF0aW9uOiBTZXRTZXNzaW9uRW5jcnlwdGlvbktleU11dGF0aW9uLFxuICAgICAgICAgIHZhcmlhYmxlczoge1xuICAgICAgICAgICAgaW5wdXQ6IHtcbiAgICAgICAgICAgICAgc2Vzc2lvbkVuY3J5cHRpb25LZXk6IEpTT04uc3RyaW5naWZ5KFxuICAgICAgICAgICAgICAgIHNlc3Npb25FbmNyeXB0aW9uS2V5LnRvSlNPTih0cnVlKVxuICAgICAgICAgICAgICApLFxuICAgICAgICAgICAgfSxcbiAgICAgICAgICB9LFxuICAgICAgICB9KSxcbiAgICAgICAge1xuICAgICAgICAgIGluY2x1ZGVLZXlHcmFwaDogZmFsc2UsXG4gICAgICAgIH1cbiAgICAgICk7XG5cbiAgICAgIHRoaXMucGVyc2lzdFNlcnZpY2Uuc2V0U2VydmVyU2Vzc2lvbkVuY3J5cHRpb25LZXkoc2Vzc2lvbkVuY3J5cHRpb25LZXkpO1xuICAgIH1cbiAgfVxuXG4gIHByb3RlY3RlZCBhc3luYyBoYW5kbGVQb3N0QXV0aChjb2duaXRvVXNlcjogQ29nbml0b0NoYWxsZW5nZVVzZXIpIHtcbiAgICBhd2FpdCB0aGlzLmhhbmRsZVBhc3N3b3JkUmVjb3ZlcnkoY29nbml0b1VzZXIpO1xuICAgIGF3YWl0IHRoaXMuaGFuZGxlU2Vzc2lvbkVuY3J5cHRpb25LZXkoKTtcbiAgfVxuXG4gIHB1YmxpYyBhc3luYyBsb2dpbihcbiAgICBlbWFpbE9yUGhvbmU6IHN0cmluZyxcbiAgICBwYXNzd29yZDogc3RyaW5nLFxuICAgIHsgdHBQYXNzd29yZFJlc2V0QXV0b0NvbXBsZXRlID0gdHJ1ZSB9OiBMb2dpbk9wdGlvbnMgPSB7fVxuICApIHtcbiAgICBsZXQgbG9naW5SZXN1bHQgPSBhd2FpdCB0aGlzLmxvZ2luSW1wbChlbWFpbE9yUGhvbmUsIHBhc3N3b3JkKTtcblxuICAgIGlmIChcbiAgICAgIHRwUGFzc3dvcmRSZXNldEF1dG9Db21wbGV0ZSAmJlxuICAgICAgbG9naW5SZXN1bHQucmVzZXRVc2VyPy5zdGF0ZSA9PT0gVHBDbGFpbVN0YXRlLkFQUFJPVkVEXG4gICAgKSB7XG4gICAgICBhd2FpdCB0aGlzLmNvbXBsZXRlUmVxdWVzdChwYXNzd29yZCk7XG4gICAgICBsb2dpblJlc3VsdCA9IGF3YWl0IHRoaXMubG9naW5JbXBsKGVtYWlsT3JQaG9uZSwgcGFzc3dvcmQpO1xuICAgIH1cblxuICAgIHJldHVybiBsb2dpblJlc3VsdDtcbiAgfVxuXG4gIHB1YmxpYyBhc3luYyBsb2dpbkltcGwoXG4gICAgZW1haWxPclBob25lOiBzdHJpbmcsXG4gICAgcGFzc3dvcmQ6IHN0cmluZ1xuICApOiBQcm9taXNlPExvZ2luUmVzdWx0PiB7XG4gICAgYXdhaXQgdGhpcy5sb2dvdXQoKTtcbiAgICBjb25zdCBjb2duaXRvVXNlciA9IGF3YWl0IHRoaXMubG9naW5JZHAoZW1haWxPclBob25lLCBwYXNzd29yZCk7XG5cbiAgICAvLyB0b2RvOiBNZWV0IE1GQSBjaGFsbGVuZ2VzLlxuICAgIGlmIChbJ1NNU19NRkEnLCAnU09GVFdBUkVfVE9LRU5fTUZBJ10uaW5jbHVkZXMoY29nbml0b1VzZXIuY2hhbGxlbmdlTmFtZSkpIHtcbiAgICAgIHJldHVybiB7IGhhc0NoYWxsZW5nZTogdHJ1ZSwgY2hhbGxlbmdlOiBjb2duaXRvVXNlciB9O1xuICAgIH1cblxuICAgIGF3YWl0IHRoaXMuaGFuZGxlUG9zdEF1dGgoY29nbml0b1VzZXIpO1xuXG4gICAgaWYgKGNvZ25pdG9Vc2VyLmlzVHBQYXNzd29yZFJlc2V0VXNlcikge1xuICAgICAgLy8gQXNzdW1pbmcgdGhlcmUgaXMgbm8gTUZBIG9uIHRoZSBUUCByZXNldCB1c2VyLlxuICAgICAgY29uc3QgcmVzZXRVc2VyID0gYXdhaXQgdGhpcy5sb2FkUmVzZXRVc2VyKHBhc3N3b3JkKTtcbiAgICAgIHJldHVybiB7IGhhc0NoYWxsZW5nZTogZmFsc2UsIHJlc2V0VXNlciB9O1xuICAgIH0gZWxzZSB7XG4gICAgICBjb25zdCB1c2VyID0gYXdhaXQgdGhpcy5sb2FkVXNlcihjb2duaXRvVXNlciwgcGFzc3dvcmQpO1xuICAgICAgYXdhaXQgdGhpcy5pZGxlU2VydmljZS5zdGFydCgpOyAvLyBSdW4gaWRsZVNlcnZpY2Ugd2hlbmV2ZXIgdXNlciBpcyBsb2dnZWQgaW4uXG4gICAgICByZXR1cm4geyBoYXNDaGFsbGVuZ2U6IGZhbHNlLCB1c2VyIH07XG4gICAgfVxuICB9XG5cbiAgLy8gVE9ETyA8QVo+IFdlIG5lZWQgdG8gaGFuZGxlIHRoZSBpc1RwUGFzc3dvcmRSZXNldFVzZXI9VHJ1ZSBjYXNlIGhlcmUgYWZ0ZXIgTUZBIGFzIHdlbGwuXG4gIHB1YmxpYyBhc3luYyB2ZXJpZnlMb2dpbihcbiAgICBjaGFsbGVuZ2U6IENvZ25pdG9DaGFsbGVuZ2VVc2VyLFxuICAgIHBhc3N3b3JkOiBzdHJpbmcsXG4gICAgcmVtZW1iZXJNZTogYm9vbGVhbixcbiAgICBjb2RlOiBzdHJpbmdcbiAgKTogUHJvbWlzZTxDdXJyZW50VXNlcj4ge1xuICAgIGF3YWl0IHRoaXMuYXV0aC5jb25maXJtU2lnbkluKGNoYWxsZW5nZSwgY29kZSwgY2hhbGxlbmdlLmNoYWxsZW5nZU5hbWUpO1xuXG4gICAgLy8gVE9ETzogdGhpcy5hdXRoLmNvbmZpcm1TaWduSW4oKSBjb3VsZCByZXR1cm4gYW5vdGhlciBjaGFsbGVuZ2UuXG5cbiAgICBjb25zdCBjb2duaXRvVXNlcjogQ29nbml0b1VzZXIgPSBhd2FpdCB0aGlzLmF1dGguY3VycmVudEF1dGhlbnRpY2F0ZWRVc2VyKCk7XG5cbiAgICBhd2FpdCB0aGlzLmhhbmRsZVBvc3RBdXRoKGNoYWxsZW5nZSk7XG5cbiAgICBjb25zdCB1c2VyID0gYXdhaXQgdGhpcy5sb2FkVXNlcihjb2duaXRvVXNlciwgcGFzc3dvcmQpO1xuXG4gICAgaWYgKHJlbWVtYmVyTWUpIHtcbiAgICAgIGNvZ25pdG9Vc2VyLnNldERldmljZVN0YXR1c1JlbWVtYmVyZWQoe1xuICAgICAgICBvblN1Y2Nlc3M6ICgpID0+IHt9LFxuICAgICAgICBvbkZhaWx1cmU6IChlKSA9PiBjb25zb2xlLmVycm9yKGUpLFxuICAgICAgfSk7XG4gICAgfVxuXG4gICAgcmV0dXJuIHVzZXI7XG4gIH1cblxuICBhc3luYyBoYW5kbGVQYXNzd29yZFJlY292ZXJ5KHVzZXI6IENvZ25pdG9DaGFsbGVuZ2VVc2VyKSB7XG4gICAgaWYgKHVzZXIucmVjb3ZlcnlTdGF0dXMgIT09IFJlY292ZXJ5U3RhdHVzLk5PTkUpIHtcbiAgICAgIGNvbnN0IGp3dFRva2VuID0gdXNlclxuICAgICAgICAuZ2V0U2lnbkluVXNlclNlc3Npb24oKVxuICAgICAgICAuZ2V0QWNjZXNzVG9rZW4oKVxuICAgICAgICAuZ2V0Snd0VG9rZW4oKTtcbiAgICAgIGF3YWl0IHRoaXMucGFzc3dvcmRTZXJ2aWNlLmNoYW5nZVBhc3N3b3JkQ29tcGxldGUoXG4gICAgICAgIGp3dFRva2VuLFxuICAgICAgICB1c2VyLnJlY292ZXJ5U3RhdHVzID09PSBSZWNvdmVyeVN0YXR1cy5ORVdfUEFTU1dPUkRcbiAgICAgICk7XG4gICAgfVxuICB9XG5cbiAgYXN5bmMgZ2V0VXNlck9yUmVzZXRVc2VyKFxuICAgIHJlbG9hZDogYm9vbGVhbiA9IGZhbHNlXG4gICk6IFByb21pc2U8Q3VycmVudFVzZXIgfCBUcFBhc3N3b3JkUmVzZXRVc2VyPiB7XG4gICAgY29uc3QgY29nbml0b1VzZXIgPSBhd2FpdCB0aGlzLmF1dGguY3VycmVudEF1dGhlbnRpY2F0ZWRVc2VyKCk7XG5cbiAgICBpZiAoY29nbml0b1VzZXIuZ2V0VXNlcm5hbWUoKS5lbmRzV2l0aChUUF9QQVNTV09SRF9SRVNFVF9VU0VSTkFNRV9TVUZGSVgpKSB7XG4gICAgICByZXR1cm4gdGhpcy5nZXRSZXNldFVzZXIocmVsb2FkKTtcbiAgICB9IGVsc2Uge1xuICAgICAgcmV0dXJuIHRoaXMuZ2V0VXNlcihyZWxvYWQpO1xuICAgIH1cbiAgfVxuXG4gIGFzeW5jIGdldFJlc2V0VXNlcihyZWxvYWQ6IGJvb2xlYW4gPSBmYWxzZSk6IFByb21pc2U8VHBQYXNzd29yZFJlc2V0VXNlcj4ge1xuICAgIGlmICghcmVsb2FkICYmIHRoaXMuY3VycmVudFJlc2V0VXNlcikge1xuICAgICAgcmV0dXJuIHRoaXMuY3VycmVudFJlc2V0VXNlcjtcbiAgICB9XG5cbiAgICB0aGlzLmN1cnJlbnRSZXNldFVzZXIgPSBhd2FpdCB0aGlzLmxvYWRSZXNldFVzZXIoKTtcblxuICAgIGF3YWl0IHRoaXMuaWRsZVNlcnZpY2Uuc3RhcnQoKTsgLy8gUnVuIGlkbGVTZXJ2aWNlIHdoZW5ldmVyIHVzZXIgaXMgbG9nZ2VkIGluLlxuXG4gICAgcmV0dXJuIHRoaXMuY3VycmVudFJlc2V0VXNlcjtcbiAgfVxuXG4gIGFzeW5jIGdldFVzZXIocmVsb2FkOiBib29sZWFuID0gZmFsc2UpOiBQcm9taXNlPEN1cnJlbnRVc2VyPiB7XG4gICAgaWYgKCFyZWxvYWQgJiYgdGhpcy5jdXJyZW50VXNlcikge1xuICAgICAgcmV0dXJuIHRoaXMuY3VycmVudFVzZXI7XG4gICAgfVxuICAgIHRoaXMuY3VycmVudFVzZXIgPSBhd2FpdCB0aGlzLmxvYWRVc2VyKFxuICAgICAgYXdhaXQgdGhpcy5hdXRoLmN1cnJlbnRBdXRoZW50aWNhdGVkVXNlcigpXG4gICAgKTtcbiAgICBjb25zb2xlLmxvZygnU3RhcnRpbmcgaWRsZSBzZXJ2aWNlLicpO1xuICAgIGF3YWl0IHRoaXMuaWRsZVNlcnZpY2Uuc3RhcnQoKTsgLy8gUnVuIGlkbGVTZXJ2aWNlIHdoZW5ldmVyIHVzZXIgaXMgbG9nZ2VkIGluLlxuICAgIHJldHVybiB0aGlzLmN1cnJlbnRVc2VyO1xuICB9XG5cbiAgcHJpdmF0ZSBtYXBUUFZhdWx0QWNjZXNzKGZlYXR1cmVzPzogYW55KTogYm9vbGVhbiB7XG4gICAgY29uc3QgdHBWYXVsdEZlYXR1cmUgPSBmZWF0dXJlcz8udHBWYXVsdDtcbiAgICByZXR1cm4gKFxuICAgICAgdHBWYXVsdEZlYXR1cmU/Lmxlbmd0aCA+IDAgJiZcbiAgICAgIHRwVmF1bHRGZWF0dXJlLnNvbWUoKGZlYXR1cmUpID0+IGZlYXR1cmUudG9VcHBlckNhc2UoKSA9PT0gJ0FDQ0VTUycpXG4gICAgKTtcbiAgfVxuXG4gIHByaXZhdGUgYXN5bmMgbG9hZFVzZXIoXG4gICAgY29nbml0b1VzZXI6IENvZ25pdG9Vc2VyLFxuICAgIHBhc3N3b3JkPzogc3RyaW5nXG4gICk6IFByb21pc2U8Q3VycmVudFVzZXI+IHtcbiAgICBjb25zdCB7XG4gICAgICBjdXJyZW50VXNlcixcbiAgICAgIGNvbnRhY3RDYXJkLFxuICAgICAgdXNlclBsYW5zLFxuICAgIH0gPSBhd2FpdCB0aGlzLnByb2ZpbGVTZXJ2aWNlLmdldEN1cnJlbnRVc2VyKCk7XG5cbiAgICBpZiAoY3VycmVudFVzZXIuc2Vzc2lvbkVuY3J5cHRpb25LZXkpIHtcbiAgICAgIHRoaXMucGVyc2lzdFNlcnZpY2Uuc2V0U2VydmVyU2Vzc2lvbkVuY3J5cHRpb25LZXkoXG4gICAgICAgIGF3YWl0IEpXSy5hc0tleShjdXJyZW50VXNlci5zZXNzaW9uRW5jcnlwdGlvbktleSlcbiAgICAgICk7XG4gICAgfVxuXG4gICAgY29uc3QgdXNlckF0dHJpYnV0ZXMgPSBhd2FpdCB0aGlzLmF1dGgudXNlckF0dHJpYnV0ZXMoY29nbml0b1VzZXIpO1xuXG4gICAgaWYgKHBhc3N3b3JkKSB7XG4gICAgICBjb25zdCBwYXNzS2V5ID0gKFxuICAgICAgICBhd2FpdCB0aGlzLmtleUZhY3RvcnkuZGVyaXZlUGFzc0tleSh7XG4gICAgICAgICAgcGFzc3dvcmQsXG4gICAgICAgICAgLi4uY3VycmVudFVzZXIuY3VycmVudFVzZXJLZXkucGFzc0tleS5wYXNzS2V5UGFyYW1zLFxuICAgICAgICB9KVxuICAgICAgKS5qd2s7XG5cbiAgICAgIGF3YWl0IHRoaXMuaWRsZVNlcnZpY2UucGVyc2lzdE1hc3RlcktleShcbiAgICAgICAgYXdhaXQgdGhpcy5rZXlHcmFwaFNlcnZpY2UudW53cmFwV2l0aFBhc3NLZXkoXG4gICAgICAgICAgY3VycmVudFVzZXIuY3VycmVudFVzZXJLZXkucGFzc0tleS5pZCxcbiAgICAgICAgICBwYXNzS2V5LFxuICAgICAgICAgIGN1cnJlbnRVc2VyLmN1cnJlbnRVc2VyS2V5Lm1hc3RlcktleS5pZFxuICAgICAgICApXG4gICAgICApO1xuICAgIH1cbiAgICBhd2FpdCB0aGlzLmtleUdyYXBoU2VydmljZS5wb3B1bGF0ZUtleXMoY3VycmVudFVzZXIuY3VycmVudFVzZXJLZXkpO1xuXG4gICAgcmV0dXJuIHtcbiAgICAgIGlkOiBjdXJyZW50VXNlci5pZCxcbiAgICAgIHN1YjogdGhpcy5nZXRVc2VyQXR0cmlidXRlKCdzdWInLCB1c2VyQXR0cmlidXRlcyksXG4gICAgICB1c2VybmFtZTogY3VycmVudFVzZXIudXNlcm5hbWUsXG4gICAgICBjdXJyZW50VXNlcktleTogY3VycmVudFVzZXIuY3VycmVudFVzZXJLZXksXG4gICAgICBnZXRBY2Nlc3NKd3RUb2tlbjogKCkgPT5cbiAgICAgICAgY29nbml0b1VzZXIuZ2V0U2lnbkluVXNlclNlc3Npb24oKS5nZXRBY2Nlc3NUb2tlbigpLmdldEp3dFRva2VuKCksXG4gICAgICBlbWFpbDogdGhpcy5nZXRVc2VyQXR0cmlidXRlKCdlbWFpbCcsIHVzZXJBdHRyaWJ1dGVzKSxcbiAgICAgIGVtYWlsVmVyaWZpZWQ6XG4gICAgICAgIHRoaXMuZ2V0VXNlckF0dHJpYnV0ZSgnZW1haWxfdmVyaWZpZWQnLCB1c2VyQXR0cmlidXRlcykgPT09ICd0cnVlJyxcbiAgICAgIHBob25lOiB0aGlzLmdldFVzZXJBdHRyaWJ1dGUoJ3Bob25lX251bWJlcicsIHVzZXJBdHRyaWJ1dGVzKSxcbiAgICAgIHBob25lVmVyaWZpZWQ6XG4gICAgICAgIHRoaXMuZ2V0VXNlckF0dHJpYnV0ZSgncGhvbmVfbnVtYmVyX3ZlcmlmaWVkJywgdXNlckF0dHJpYnV0ZXMpID09PVxuICAgICAgICAndHJ1ZScsXG4gICAgICBjb250YWN0Q2FyZDoge1xuICAgICAgICAuLi4oYXdhaXQgdGhpcy5wcm9maWxlU2VydmljZS5kZWNyeXB0Q29udGFjdENhcmQoY29udGFjdENhcmQpKSxcbiAgICAgIH0sXG4gICAgICB1c2VyRGVsZXRlOiBjdXJyZW50VXNlci51c2VyRGVsZXRlLFxuICAgICAgdXNlclBsYW5zLFxuICAgICAgaGFzVFBWYXVsdEFjY2VzczogdGhpcy5tYXBUUFZhdWx0QWNjZXNzKGN1cnJlbnRVc2VyLmZlYXR1cmVzKSxcbiAgICAgIGZlYXR1cmVzOiBjdXJyZW50VXNlci5mZWF0dXJlcyxcbiAgICAgIHNlc3Npb25FbmNyeXB0aW9uS2V5OiBjdXJyZW50VXNlci5zZXNzaW9uRW5jcnlwdGlvbktleSxcbiAgICB9O1xuICB9XG5cbiAgcHVibGljIHdhdGNoQXV0aCgpOiBPYnNlcnZhYmxlPGFueT4ge1xuICAgIHJldHVybiB0aGlzLmh1YlN1YmplY3Q7XG4gIH1cblxuICBwdWJsaWMgYXN5bmMgbG9nb3V0KCk6IFByb21pc2U8dm9pZD4ge1xuICAgIHRoaXMuY3VycmVudFVzZXIgPSBudWxsO1xuICAgIHRoaXMua2V5U2VydmljZS5wdXJnZUtleXMoKTtcbiAgICB0aGlzLmtleUdyYXBoU2VydmljZS5wdXJnZUtleXMoKTtcblxuICAgIGF3YWl0IFByb21pc2UuYWxsKFt0aGlzLmF1dGguc2lnbk91dCgpLCB0aGlzLnByb2ZpbGVTZXJ2aWNlLnNpZ25PdXQoKV0pO1xuICB9XG5cbiAgcHJpdmF0ZSBnZXRVc2VyQXR0cmlidXRlKFxuICAgIGF0dHJpYnV0ZU5hbWU6IHN0cmluZyxcbiAgICB1c2VyQXR0cmlidXRlczogQ29nbml0b1VzZXJBdHRyaWJ1dGVbXVxuICApIHtcbiAgICBjb25zdCB1c2VyQXR0cmlidXRlID0gdXNlckF0dHJpYnV0ZXMuZmluZChcbiAgICAgICh4KSA9PiB4LmdldE5hbWUoKSA9PT0gYXR0cmlidXRlTmFtZVxuICAgICk7XG5cbiAgICByZXR1cm4gdXNlckF0dHJpYnV0ZSA/IHVzZXJBdHRyaWJ1dGUuZ2V0VmFsdWUoKSA6IG51bGw7XG4gIH1cblxuICBwdWJsaWMgYXN5bmMgbG9hZFJlc2V0VXNlcihwYXNzd29yZD86IHN0cmluZyk6IFByb21pc2U8VHBQYXNzd29yZFJlc2V0VXNlcj4ge1xuICAgIGNvbnN0IHsgdHBQYXNzd29yZFJlc2V0VXNlcjogcmVzZXRVc2VyIH0gPSBhd2FpdCB0aGlzLmxyR3JhcGhRTC5xdWVyeSh7XG4gICAgICBxdWVyeTogVHBQYXNzd29yZFJlc2V0VXNlclF1ZXJ5LFxuICAgIH0pO1xuXG4gICAgaWYgKHJlc2V0VXNlci5zZXNzaW9uRW5jcnlwdGlvbktleSkge1xuICAgICAgdGhpcy5wZXJzaXN0U2VydmljZS5zZXRTZXJ2ZXJTZXNzaW9uRW5jcnlwdGlvbktleShcbiAgICAgICAgYXdhaXQgSldLLmFzS2V5KHJlc2V0VXNlci5zZXNzaW9uRW5jcnlwdGlvbktleSlcbiAgICAgICk7XG4gICAgfVxuXG4gICAgLy8gVXBkYXRlIHRoZSBrZXlzXG4gICAgaWYgKHBhc3N3b3JkKSB7XG4gICAgICBjb25zdCBwYXNzS2V5ID0gKFxuICAgICAgICBhd2FpdCB0aGlzLmtleUZhY3RvcnkuZGVyaXZlUGFzc0tleSh7XG4gICAgICAgICAgcGFzc3dvcmQsXG4gICAgICAgICAgLi4ucmVzZXRVc2VyLnBhc3NLZXkucGFzc0tleVBhcmFtcyxcbiAgICAgICAgfSlcbiAgICAgICkuandrO1xuXG4gICAgICBhd2FpdCB0aGlzLmlkbGVTZXJ2aWNlLnBlcnNpc3RNYXN0ZXJLZXkoXG4gICAgICAgIGF3YWl0IHRoaXMua2V5R3JhcGhTZXJ2aWNlLnVud3JhcFdpdGhQYXNzS2V5KFxuICAgICAgICAgIHJlc2V0VXNlci5wYXNzS2V5LmlkLFxuICAgICAgICAgIHBhc3NLZXksXG4gICAgICAgICAgcmVzZXRVc2VyLm1hc3RlcktleS5pZFxuICAgICAgICApXG4gICAgICApO1xuICAgIH1cblxuICAgIHRoaXMua2V5U2VydmljZS5wb3B1bGF0ZUtleXMoe1xuICAgICAgcGFzc0tleToge1xuICAgICAgICBpZDogcmVzZXRVc2VyLnBhc3NLZXkuaWQsXG4gICAgICB9LFxuICAgICAgbWFzdGVyS2V5OiB7XG4gICAgICAgIGlkOiByZXNldFVzZXIubWFzdGVyS2V5LmlkLFxuICAgICAgfSxcbiAgICB9KTtcblxuICAgIGNvbnN0IHVzZXJBdHRyaWJ1dGVzID0gYXdhaXQgdGhpcy5hdXRoLnVzZXJBdHRyaWJ1dGVzKFxuICAgICAgYXdhaXQgdGhpcy5hdXRoLmN1cnJlbnRBdXRoZW50aWNhdGVkVXNlcigpXG4gICAgKTtcbiAgICBjb25zdCBzdWIgPSB0aGlzLmdldFVzZXJBdHRyaWJ1dGUoJ3N1YicsIHVzZXJBdHRyaWJ1dGVzKTtcblxuICAgIHJldHVybiB7XG4gICAgICAuLi4oYXdhaXQgdGhpcy50cFBhc3N3b3JkUmVzZXRQcm9jZXNzb3JTZXJ2aWNlLnByb2Nlc3NUcFBhc3N3b3JkUmVzZXRVc2VyTm9kZShcbiAgICAgICAgcmVzZXRVc2VyXG4gICAgICApKSxcbiAgICAgIHN1YixcbiAgICB9O1xuICB9XG5cbiAgcHVibGljIGFzeW5jIHJlZnJlc2hBY2Nlc3NUb2tlbigpIHtcbiAgICBjb25zdCBjb2duaXRvVXNlcjogQ29nbml0b1VzZXIgPSBhd2FpdCB0aGlzLmF1dGguY3VycmVudEF1dGhlbnRpY2F0ZWRVc2VyKCk7XG4gICAgY29uc3QgcmVmcmVzaFRva2VuID0gY29nbml0b1VzZXIuZ2V0U2lnbkluVXNlclNlc3Npb24oKS5nZXRSZWZyZXNoVG9rZW4oKTtcblxuICAgIHJldHVybiBuZXcgUHJvbWlzZSgocmVzb2x2ZSwgcmVqZWN0KSA9PiB7XG4gICAgICBjb2duaXRvVXNlci5yZWZyZXNoU2Vzc2lvbihyZWZyZXNoVG9rZW4sIChlcnIsIGRhdGEpID0+IHtcbiAgICAgICAgaWYgKGVycikge1xuICAgICAgICAgIGNvbnNvbGUuZXJyb3IoJ0Vycm9yIHJlZnJlc2hpbmcgdG9rZW46ICcsIGVycik7XG4gICAgICAgICAgcmVqZWN0KGVycik7XG4gICAgICAgIH0gZWxzZSB7XG4gICAgICAgICAgY29uc29sZS5sb2coJ1Rva2VuIHJlZnJlc2ggY29tcGxldGU6ICcsIGRhdGEpO1xuICAgICAgICAgIHJlc29sdmUoMCk7XG4gICAgICAgIH1cbiAgICAgIH0pO1xuICAgIH0pO1xuICB9XG5cbiAgYXN5bmMgY29tcGxldGVSZXF1ZXN0KG5ld1Bhc3N3b3JkOiBzdHJpbmcpOiBQcm9taXNlPHZvaWQ+IHtcbiAgICBjb25zdCByZXNldFVzZXIgPSBhd2FpdCB0aGlzLmdldFJlc2V0VXNlcih0cnVlKTtcblxuICAgIGlmIChyZXNldFVzZXIuc3RhdGUgIT09IFRwQ2xhaW1TdGF0ZS5BUFBST1ZFRCkge1xuICAgICAgdGhyb3cgbmV3IExyQmFkU3RhdGVFeGNlcHRpb24oXG4gICAgICAgICdQYXNzd29yZCByZXNldCByZXF1ZXN0IGhhcyBub3QgYmVlbiBhcHByb3ZlZC4nXG4gICAgICApO1xuICAgIH1cblxuICAgIC8vIC0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tXG4gICAgLy8gUHJlcGFyZSBhbGwgbWF0ZXJpYWxzIHRvIGVuc3VyZSB0aGVyZSBhcmUgbm8gZXJyb3JzLlxuICAgIC8vIC0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tXG4gICAgY29uc3QgYXNzZW1ibHlLZXkgPSBhd2FpdCB0aGlzLnJlY292ZXJBc3NlbWJseUtleShyZXNldFVzZXIpO1xuXG4gICAgY29uc3QgeyByb290S2V5IH0gPSBhd2FpdCB0aGlzLmVuY3J5cHRpb25TZXJ2aWNlLmRlY3J5cHQoXG4gICAgICBhc3NlbWJseUtleSxcbiAgICAgIHJlc2V0VXNlci5hc3NlbWJseUNpcGhlckRhdGFcbiAgICApO1xuICAgIGNvbnNvbGUubG9nKHJvb3RLZXkpO1xuXG4gICAgLy8gTWFraW5nIHN1cmUgaXQncyBhIHZhbGlkIGtleS5cbiAgICBjb25zdCByb290S2V5SndrID0gYXdhaXQgSldLLmFzS2V5KHJvb3RLZXkpO1xuXG4gICAgY29uc3QgbWFzdGVyS2V5ID0gYXdhaXQgdGhpcy5rZXlHcmFwaFNlcnZpY2UuZ2V0S2V5KHJlc2V0VXNlci5tYXN0ZXJLZXkuaWQpO1xuXG4gICAgY29uc3QgbWFzdGVyS2V5V3JhcHBlZFJvb3RLZXkgPSBhd2FpdCB0aGlzLmVuY3J5cHRpb25TZXJ2aWNlLmVuY3J5cHRUb1N0cmluZyhcbiAgICAgIG1hc3RlcktleS5qd2ssXG4gICAgICByb290S2V5SndrLnRvSlNPTih0cnVlKVxuICAgICk7XG5cbiAgICAvLyBUaGUgbmV3IHBhc3N3b3JkXG4gICAgY29uc3QgbmV3UGFzc0lkcFJlc3VsdCA9IGF3YWl0IHRoaXMua2V5RmFjdG9yeS5kZXJpdmVQYXNzSWRwKHtcbiAgICAgIHBhc3N3b3JkOiBuZXdQYXNzd29yZCxcbiAgICAgIC4uLnJlc2V0VXNlci5wYXNzS2V5LnBhc3NJZHBQYXJhbXMsXG4gICAgfSk7XG5cbiAgICBjb25zdCBuZXdJZHBQYXNzd29yZCA9IHRoaXMucGFzc3dvcmRTZXJ2aWNlLmdldFBhc3NJZHBTdHJpbmcoXG4gICAgICBuZXdQYXNzSWRwUmVzdWx0Lmp3a1xuICAgICk7XG5cbiAgICAvLyAtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLVxuICAgIC8vIEdldCBhc3NlbWJseSBrZXkgY2hhbGxlbmdlXG4gICAgLy8gLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS1cbiAgICBjb25zdCBjaGFsbGVuZ2UgPSAoXG4gICAgICBhd2FpdCB0aGlzLmxyR3JhcGhRTC5sck11dGF0ZShcbiAgICAgICAgbmV3IExyTXV0YXRpb24oe1xuICAgICAgICAgIG11dGF0aW9uOiBDcmVhdGVUcEFzc2VtYmx5S2V5Q2hhbGxlbmdlTXV0YXRpb24sXG4gICAgICAgICAgdmFyaWFibGVzOiB7XG4gICAgICAgICAgICBpbnB1dDoge30sXG4gICAgICAgICAgfSxcbiAgICAgICAgfSksXG4gICAgICAgIHtcbiAgICAgICAgICBpbmNsdWRlS2V5R3JhcGg6IGZhbHNlLFxuICAgICAgICB9XG4gICAgICApXG4gICAgKS5jcmVhdGVUcEFzc2VtYmx5S2V5Q2hhbGxlbmdlLmNoYWxsZW5nZTtcblxuICAgIGNvbnNvbGUubG9nKGNoYWxsZW5nZSk7XG5cbiAgICAvLyBTaWduIHRoZSBjaGFsbGVuZ2VcbiAgICAvLyBHZW5lcmF0ZSBhIGNsaWVudCBzaWRlIG5vbmNlIHRoYXQncyBubyBpbiB0aGUgc2VydmVyJ3MgY29udHJvbC5cbiAgICBjaGFsbGVuZ2UuY2xpZW50Tm9uY2UgPSB0aGlzLmtleUZhY3RvcnkucmFuZG9tU3RyaW5nKFxuICAgICAgVFBfUEFTU1dPUkRfUkVTRVRfQ0xJRU5UX05PTkNFX0xFTkdUSFxuICAgICk7XG4gICAgY29uc29sZS5sb2coY2hhbGxlbmdlKTtcblxuICAgIGNvbnN0IGFzc2VtYmx5S2V5VmVyaWZpZXJQcmsgPSBhd2FpdCB0aGlzLmVuY3J5cHRpb25TZXJ2aWNlLmRlY3J5cHQoXG4gICAgICBhc3NlbWJseUtleSxcbiAgICAgIHJlc2V0VXNlci53cmFwcGVkQXNzZW1ibHlLZXlWZXJpZmllclBya1xuICAgICk7XG4gICAgY29uc3Qgc2lnbmVkQ2hhbGxlbmdlID0gYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5zaWduKFxuICAgICAgYXNzZW1ibHlLZXlWZXJpZmllclByayxcbiAgICAgIGNoYWxsZW5nZVxuICAgICk7XG5cbiAgICAvLyAtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLVxuICAgIC8vIENoYW5nZSBwYXNzd29yZCBmb3IgdGhlIG9yaWdpbmFsIHVzZXJcbiAgICAvLyAtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLVxuICAgIGNvbnN0IHRlbXBJZHBQYXNzd29yZCA9IChcbiAgICAgIGF3YWl0IHRoaXMubHJHcmFwaFFMLmxyTXV0YXRlKFxuICAgICAgICBuZXcgTHJNdXRhdGlvbih7XG4gICAgICAgICAgbXV0YXRpb246IFByZUNvbXBsZXRlVHBQYXNzd29yZFJlc2V0UmVxdWVzdE11dGF0aW9uLFxuICAgICAgICAgIHZhcmlhYmxlczoge1xuICAgICAgICAgICAgaW5wdXQ6IHtcbiAgICAgICAgICAgICAgc2lnbmVkQ2hhbGxlbmdlOiBKU09OLnN0cmluZ2lmeShzaWduZWRDaGFsbGVuZ2UpLFxuICAgICAgICAgICAgfSxcbiAgICAgICAgICB9LFxuICAgICAgICB9KSxcbiAgICAgICAge1xuICAgICAgICAgIGluY2x1ZGVLZXlHcmFwaDogZmFsc2UsXG4gICAgICAgIH1cbiAgICAgIClcbiAgICApLnByZUNvbXBsZXRlVHBQYXNzd29yZFJlc2V0UmVxdWVzdC5pZHBQYXNzd29yZDtcblxuICAgIC8vIC0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tXG4gICAgLy8gTG9naW4gYXMgdGhlIG9yaWdpbmFsIHVzZXIgdXNpbmcgbmV3IHRlbXBvcmFyeSBwYXNzd29yZFxuICAgIC8vIC0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tXG4gICAgLy8gQXQgdGhpcyBwb2ludCwgdGhlIG9yaWdpbmFsIGFjY291bnQncyBwYXNzd29yZCBoYXMgYmVlbiBjaGFuZ2VkXG4gICAgLy8gdG8gYSB0ZW1wb3JhcnkgcGFzc3dvcmQuIEl0IGlzIG5vIGxvbmdlciBwb3NzaWJsZSBmb3IgdGhlIHVzZXJcbiAgICAvLyB0byB1c2UgdGhlIG9yaWdpbmFsIHBhc3N3b3JkIHRvIGxvZ2luLiBBbnkgc3VjY2Vzc2Z1bCBsb2dpblxuICAgIC8vIGNhbiBvbmx5IGJlIHVzaW5nIHRoZSB0ZW1wb3JhcnkgcGFzc3dvcmQuIFNvIGl0J3Mgc2FmZSB0byBhc3N1bWVcbiAgICAvLyB0aGF0IHdlIHdhbnQgdG8gXCJjb21wbGV0ZVwiIHRoZSBwYXNzd29yZCByZXNldC5cblxuICAgIC8vIFRoZSBtYXliZSAyRkEgc28gd2UgbGlzdGVuIGZvciB0aGUgYXV0aCBldmVudCBmcm9tIEFtcGxpZnkuXG4gICAgY29uc3QgcmV0UHJvbWlzZSA9IG5ldyBQcm9taXNlPHZvaWQ+KChyZXNvbHZlKSA9PiB7XG4gICAgICBjb25zdCBsaXN0ZW5lciA9IGFzeW5jIChkYXRhKSA9PiB7XG4gICAgICAgIGlmIChkYXRhLnBheWxvYWQuZXZlbnQgIT09ICdzaWduSW4nKSB7XG4gICAgICAgICAgcmV0dXJuO1xuICAgICAgICB9XG5cbiAgICAgICAgSHViLnJlbW92ZSgnYXV0aCcsIGxpc3RlbmVyKTtcblxuICAgICAgICBjb25zb2xlLmxvZyhkYXRhLnBheWxvYWQpO1xuXG4gICAgICAgIGF3YWl0IHRoaXMuYXV0aC5zaWduSW4ocmVzZXRVc2VyLnVzZXJuYW1lLCBuZXdJZHBQYXNzd29yZCk7XG5cbiAgICAgICAgLy8gU3dpdGNoIG92ZXIgdG8gdGhlIG5ldyBzZXQgb2Yga2V5c1xuICAgICAgICBhd2FpdCB0aGlzLmxyR3JhcGhRTC5sck11dGF0ZShcbiAgICAgICAgICBuZXcgTHJNdXRhdGlvbih7XG4gICAgICAgICAgICBtdXRhdGlvbjogQ29tcGxldGVUcFBhc3N3b3JkUmVzZXRSZXF1ZXN0TXV0YXRpb24sXG4gICAgICAgICAgICB2YXJpYWJsZXM6IHtcbiAgICAgICAgICAgICAgaW5wdXQ6IHtcbiAgICAgICAgICAgICAgICBtYXN0ZXJLZXlXcmFwcGVkUm9vdEtleSxcbiAgICAgICAgICAgICAgICBtYXN0ZXJLZXlJZDogbWFzdGVyS2V5LmlkLFxuICAgICAgICAgICAgICB9LFxuICAgICAgICAgICAgfSxcbiAgICAgICAgICB9KVxuICAgICAgICApO1xuXG4gICAgICAgIHJlc29sdmUoKTtcbiAgICAgIH07XG5cbiAgICAgIEh1Yi5saXN0ZW4oJ2F1dGgnLCBsaXN0ZW5lcik7XG4gICAgfSk7XG5cbiAgICAvLyBTaWduaW4gYXMgdGhlIG9yaWdpbmFsIHVzZXIuIFBhc3N3b3JkIGhhcyBiZWVuIHJlc2V0IHRvIHRlbXBvcmFyeSBvbmUuIEl0IHNob3VsZCByZXR1cm5cbiAgICAvLyB3aXRoIE5FV19QQVNTV09SRF9SRVFVSVJFRFxuICAgIGxldCB1c2VyID0gYXdhaXQgdGhpcy5hdXRoLnNpZ25JbihyZXNldFVzZXIudXNlcm5hbWUsIHRlbXBJZHBQYXNzd29yZCwge1xuICAgICAgbm9Qcm94eTogJ3RydWUnLFxuICAgIH0pO1xuXG4gICAgaWYgKHVzZXIuY2hhbGxlbmdlTmFtZSAhPT0gJ05FV19QQVNTV09SRF9SRVFVSVJFRCcpIHtcbiAgICAgIHRocm93IG5ldyBMckV4Y2VwdGlvbih7XG4gICAgICAgIG1lc3NhZ2U6XG4gICAgICAgICAgJ0ludGVybmFsIGVycm9yLiBFeHBlY3RpbmcgQ29nbml0byB0byBoYXZlIGRvbmUgYSBwYXNzd29yZCByZXNldCBhZnRlciBjYWxsIHRvIFByZUNvbXBsZXRlVHBQYXNzd29yZFJlc2V0UmVxdWVzdE11dGF0aW9uLicsXG4gICAgICB9KTtcbiAgICB9XG5cbiAgICAvLyBTZXQgbmV3IHBhc3N3b3JkIG9uIElkcFxuICAgIC8vIHRoZSBhd3NGZXRjaCgpIGZ1bmN0aW9uIHBhc3NlcyBORVdfUEFTU1dPUkRfUkVRVUlSRUQgZGlyZWN0bHkgdG8gQVdTIHdpdGhvdXRcbiAgICAvLyBnb2luZyB0aHJvdWdoIHRoZSBwcm94eS5cbiAgICB1c2VyID0gYXdhaXQgdGhpcy5hdXRoLmNvbXBsZXRlTmV3UGFzc3dvcmQodXNlciwgbmV3SWRwUGFzc3dvcmQsIHt9KTtcblxuICAgIHJldHVybiByZXRQcm9taXNlO1xuICB9XG5cbiAgcHJpdmF0ZSBhc3luYyByZWNvdmVyQXNzZW1ibHlLZXkoXG4gICAgcmVzZXRVc2VyOiBUcFBhc3N3b3JkUmVzZXRVc2VyTm9kZVxuICApOiBQcm9taXNlPEpXSy5LZXk+IHtcbiAgICAvLyBSZWNvdmVyIHRoZSBhc3NlbWJseSBrZXkuXG4gICAgbGV0IGFzc2VtYmx5S2V5UGFyYW1zOiBvYmplY3Q7XG5cbiAgICBjb25zdCBwcmsgPSBhd2FpdCB0aGlzLmtleUdyYXBoU2VydmljZS5nZXRLZXkocmVzZXRVc2VyLnB4ay5pZCk7XG5cbiAgICBjb25zdCBzaGFyZXMgPSBhd2FpdCBQcm9taXNlLmFsbChcbiAgICAgIHJlc2V0VXNlci5hcHByb3ZhbHNcbiAgICAgICAgLmZpbHRlcigoYXBwcm92YWwpID0+ICEhYXBwcm92YWwucmVjZWl2ZXJDaXBoZXJQYXJ0aWFsQXNzZW1ibHlLZXkpXG4gICAgICAgIC5tYXAoYXN5bmMgKGFwcHJvdmFsKSA9PiB7XG4gICAgICAgICAgY29uc3QgcGFydGlhbEFzc2VtYmx5S2V5ID0gYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5kZWNyeXB0KFxuICAgICAgICAgICAgcHJrLFxuICAgICAgICAgICAgYXBwcm92YWwucmVjZWl2ZXJDaXBoZXJQYXJ0aWFsQXNzZW1ibHlLZXlcbiAgICAgICAgICApO1xuXG4gICAgICAgICAgaWYgKGFzc2VtYmx5S2V5UGFyYW1zKSB7XG4gICAgICAgICAgICBpZiAoXG4gICAgICAgICAgICAgIEpTT04uc3RyaW5naWZ5KGFzc2VtYmx5S2V5UGFyYW1zKSAhPT1cbiAgICAgICAgICAgICAgSlNPTi5zdHJpbmdpZnkocGFydGlhbEFzc2VtYmx5S2V5LmFzc2VtYmx5S2V5UGFyYW1zKVxuICAgICAgICAgICAgKSB7XG4gICAgICAgICAgICAgIHRocm93IG5ldyBMckJhZFN0YXRlRXhjZXB0aW9uKFxuICAgICAgICAgICAgICAgICdUaGUgYXNzZW1ibHkga2V5IHBhcmFtZXRlcnMgYXJlIGRpZmZlcmVudCBiZXR3ZWVuIHRoZSBhcHByb3ZhbHMuJ1xuICAgICAgICAgICAgICApO1xuICAgICAgICAgICAgfVxuICAgICAgICAgIH0gZWxzZSB7XG4gICAgICAgICAgICBhc3NlbWJseUtleVBhcmFtcyA9IHBhcnRpYWxBc3NlbWJseUtleS5hc3NlbWJseUtleVBhcmFtcztcbiAgICAgICAgICB9XG4gICAgICAgICAgcmV0dXJuIHBhcnRpYWxBc3NlbWJseUtleS5zbGlwMzkuc2hhcmUubW5lbW9uaWNzO1xuICAgICAgICB9KVxuICAgICk7XG5cbiAgICBjb25zb2xlLmxvZygncmVjb3ZlckFzc2VtYmx5S2V5KCknLCBzaGFyZXMpO1xuXG4gICAgY29uc3QgcmF3QXNzZW1ibHlLZXkgPSBhd2FpdCB0aGlzLnNsaXAzOVNlcnZpY2UucmVjb3ZlclNlY3JldChcbiAgICAgIHNoYXJlcyxcbiAgICAgIFRQX1BBU1NXT1JEX1JFU0VUX1NMSVAzOV9QQVNTUEhSQVNFXG4gICAgKTtcblxuICAgIHJldHVybiBKV0suYXNLZXkoe1xuICAgICAgLi4uYXNzZW1ibHlLZXlQYXJhbXMsXG4gICAgICBrOiByYXdBc3NlbWJseUtleSxcbiAgICB9KTtcbiAgfVxufVxuIl19