@lifeready/core 1.0.1 → 1.0.3

package/esm2015/lib/auth/idle.service.js

@@ -0,0 +1,168 @@
+import { __awaiter } from "tslib";
+import { Inject, Injectable } from '@angular/core';
+import { Idle, DEFAULT_INTERRUPTSOURCES } from '@ng-idle/core';
+import { Keepalive } from '@ng-idle/keepalive';
+import { KeyService } from '../cryptography/key.service';
+import { LrBadArgumentException, LrBadStateException, } from '../_common/exceptions';
+import { LR_CONFIG } from '../life-ready.config';
+import { HttpClient } from '@angular/common/http';
+import { Config } from './idle.types';
+import { AuthClass } from '@aws-amplify/auth/lib-esm/Auth';
+import * as i0 from "@angular/core";
+import * as i1 from "../life-ready.config";
+import * as i2 from "@angular/common/http";
+import * as i3 from "@ng-idle/core";
+import * as i4 from "@ng-idle/keepalive";
+import * as i5 from "../cryptography/key.service";
+import * as i6 from "@aws-amplify/auth/lib-esm/Auth";
+export class IdleService {
+    constructor(config, http, idle, keepalive, keyService, auth) {
+        this.config = config;
+        this.http = http;
+        this.idle = idle;
+        this.keepalive = keepalive;
+        this.keyService = keyService;
+        this.auth = auth;
+        this.IDLE_EXPIRY_KEY = 'ng2Idle.main.expiry';
+        this.IDLING_KEY = 'ng2Idle.main.idling';
+        this.initCalled = false;
+    }
+    assertInit() {
+        if (!this.initCalled) {
+            throw new LrBadStateException('Call IdleService.init() first.');
+        }
+    }
+    init(params) {
+        return __awaiter(this, void 0, void 0, function* () {
+            if (this.initCalled) {
+                throw new LrBadStateException('IdleService.init() can only be called once. IdleService.start() calls init() with default values if init() has not been called yet.');
+            }
+            this.initCalled = true;
+            // Defaults
+            params = Object.assign({ onTimeout: null, onKeepalive: null, idleSec: Config.IDLE, timeoutSec: Config.TIMEOUT, keepAliveIntervalSec: Config.KEEP_ALIVE_INTERVAL }, params);
+            // If timeoutSec == 0 then the onTimeout() callback is never called.
+            if (params.timeoutSec < 0.01) {
+                throw new LrBadArgumentException('Minimum value for IdleService.init({ timeoutSec }) is 0.01');
+            }
+            this.onTimeout = params.onTimeout;
+            this.onKeepalive = params.onKeepalive;
+            // ------------------------------------------------------------------------
+            // Setup Idle
+            // ------------------------------------------------------------------------
+            // sets an idle timeout of 5 seconds, for testing purposes.
+            this.idle.setIdle(params.idleSec);
+            // sets a timeout period of 5 seconds. after 10 seconds of inactivity, the user will be considered timed out.
+            this.idle.setTimeout(params.timeoutSec);
+            // sets the default interrupts, in this case, things like clicks, scrolls, touches to the document
+            this.idle.setInterrupts(DEFAULT_INTERRUPTSOURCES);
+            this.idle.onIdleEnd.subscribe(() => console.log('Idle stopped'));
+            this.idle.onIdleStart.subscribe(() => console.log('Idle started'));
+            this.idle.onTimeout.subscribe(() => __awaiter(this, void 0, void 0, function* () {
+                console.log('Idle timed out');
+                this.reset();
+                yield Promise.resolve(this.onTimeout && this.onTimeout());
+            }));
+            this.idle.onTimeoutWarning.subscribe((countdown) => console.log(`Will timeout in ${countdown} seconds!`));
+            // ------------------------------------------------------------------------
+            // Setup Keepalive
+            // ------------------------------------------------------------------------
+            // Ref: https://github.com/moribvndvs/ng2-idle#readme
+            // ng-idle will instruct @ng-idle/keepalive to ping while the user is active, and stop once
+            // they go idle or time out. When the user resumes activity or the idle state is reset, it will
+            // ping immediately and then resume pinging.
+            this.keepalive.interval(params.keepAliveIntervalSec);
+            console.log(`Keep alive interval set at: ${Config.KEEP_ALIVE_INTERVAL} seconds`);
+            this.keepalive.onPing.subscribe(() => this.onPing());
+            // If the browser tab has been closed for a period longer thant the inactivity
+            // period, then we should logout right from the start.
+            const idleExpiry = localStorage.getItem(this.IDLE_EXPIRY_KEY);
+            if (idleExpiry &&
+                parseInt(idleExpiry, 10) + this.idle.getTimeout() * 1000 < Date.now()) {
+                this.reset();
+                yield Promise.resolve(this.onTimeout && this.onTimeout());
+            }
+        });
+    }
+    keepalivePost() {
+        return __awaiter(this, void 0, void 0, function* () {
+            // currentAuthenticatedUser() refreshes the access token if required.
+            const cognitoUser = yield this.auth.currentAuthenticatedUser();
+            const keepaliveResult = yield this.http
+                .post(`${this.config.authUrl}auth/keepalive/`, null, {
+                withCredentials: true,
+                headers: {
+                    Authorization: `Bearer ${cognitoUser
+                        .getSignInUserSession()
+                        .getAccessToken()
+                        .getJwtToken()}`,
+                },
+            })
+                .toPromise();
+            return {
+                keepaliveResult,
+                expiresAfterSeconds: this.idle.getIdle() +
+                    this.idle.getTimeout() +
+                    this.keepalive.interval(),
+            };
+        });
+    }
+    persistMasterKey(masterKey) {
+        return __awaiter(this, void 0, void 0, function* () {
+            // The keepalive API call extends the server-side session, the session cookie expiry, refresh key cookie
+            // expiry, and returns the session expiry.
+            // NOTE Use time delta rather than absolute time, since client clock and server clock maybe
+            // out of sync. We can't use the serverTime() functionality because the cookie expiry still
+            // run on local clock.
+            const { expiresAfterSeconds } = yield this.keepalivePost();
+            // Persist the derived passKey
+            yield this.keyService.persistMasterKey(masterKey, expiresAfterSeconds);
+            console.log('setMasterKey() done');
+        });
+    }
+    onPing() {
+        return __awaiter(this, void 0, void 0, function* () {
+            console.log(`Keep alive triggered at time: ${Date.now()}. Interval set at: ${this.keepalive.interval()} seconds`);
+            // Keepalive API will extend the session expiry.
+            const { expiresAfterSeconds } = yield this.keepalivePost();
+            // Extend the expiry of the persisted key
+            yield this.keyService.setMasterKeyExpiresAfterSeconds(expiresAfterSeconds);
+            yield Promise.resolve(this.onKeepalive && this.onKeepalive());
+        });
+    }
+    start() {
+        return __awaiter(this, void 0, void 0, function* () {
+            if (!this.initCalled) {
+                yield this.init();
+            }
+            if (this.idle.isRunning()) {
+                return;
+            }
+            // Ping does not seem to happen right at the start. So we call it explicitly
+            yield this.onPing();
+            this.idle.watch();
+        });
+    }
+    stop() {
+        this.idle.stop();
+        this.reset();
+    }
+    reset() {
+        localStorage.removeItem(this.IDLE_EXPIRY_KEY);
+        localStorage.removeItem(this.IDLING_KEY);
+    }
+}
+IdleService.ɵprov = i0.ɵɵdefineInjectable({ factory: function IdleService_Factory() { return new IdleService(i0.ɵɵinject(i1.LR_CONFIG), i0.ɵɵinject(i2.HttpClient), i0.ɵɵinject(i3.Idle), i0.ɵɵinject(i4.Keepalive), i0.ɵɵinject(i5.KeyService), i0.ɵɵinject(i6.AuthClass)); }, token: IdleService, providedIn: "root" });
+IdleService.decorators = [
+    { type: Injectable, args: [{
+                providedIn: 'root',
+            },] }
+];
+IdleService.ctorParameters = () => [
+    { type: undefined, decorators: [{ type: Inject, args: [LR_CONFIG,] }] },
+    { type: HttpClient },
+    { type: Idle },
+    { type: Keepalive },
+    { type: KeyService },
+    { type: AuthClass }
+];
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaWRsZS5zZXJ2aWNlLmpzIiwic291cmNlUm9vdCI6IkM6L1Byb2plY3RzL25ld3JlcG8va2MtY2xpZW50L3Byb2plY3RzL2NvcmUvc3JjLyIsInNvdXJjZXMiOlsibGliL2F1dGgvaWRsZS5zZXJ2aWNlLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7QUFBQSxPQUFPLEVBQUUsTUFBTSxFQUFFLFVBQVUsRUFBRSxNQUFNLGVBQWUsQ0FBQztBQUNuRCxPQUFPLEVBQUUsSUFBSSxFQUFFLHdCQUF3QixFQUFFLE1BQU0sZUFBZSxDQUFDO0FBQy9ELE9BQU8sRUFBRSxTQUFTLEVBQUUsTUFBTSxvQkFBb0IsQ0FBQztBQUMvQyxPQUFPLEVBQUUsVUFBVSxFQUFFLE1BQU0sNkJBQTZCLENBQUM7QUFDekQsT0FBTyxFQUNMLHNCQUFzQixFQUN0QixtQkFBbUIsR0FDcEIsTUFBTSx1QkFBdUIsQ0FBQztBQUMvQixPQUFPLEVBQW1CLFNBQVMsRUFBRSxNQUFNLHNCQUFzQixDQUFDO0FBQ2xFLE9BQU8sRUFBRSxVQUFVLEVBQUUsTUFBTSxzQkFBc0IsQ0FBQztBQUNsRCxPQUFPLEVBQUUsTUFBTSxFQUFtQixNQUFNLGNBQWMsQ0FBQztBQUd2RCxPQUFPLEVBQUUsU0FBUyxFQUFFLE1BQU0sZ0NBQWdDLENBQUM7Ozs7Ozs7O0FBYzNELE1BQU0sT0FBTyxXQUFXO0lBUXRCLFlBQzZCLE1BQXVCLEVBQzFDLElBQWdCLEVBQ2hCLElBQVUsRUFDVixTQUFvQixFQUNwQixVQUFzQixFQUN0QixJQUFlO1FBTEksV0FBTSxHQUFOLE1BQU0sQ0FBaUI7UUFDMUMsU0FBSSxHQUFKLElBQUksQ0FBWTtRQUNoQixTQUFJLEdBQUosSUFBSSxDQUFNO1FBQ1YsY0FBUyxHQUFULFNBQVMsQ0FBVztRQUNwQixlQUFVLEdBQVYsVUFBVSxDQUFZO1FBQ3RCLFNBQUksR0FBSixJQUFJLENBQVc7UUFiUixvQkFBZSxHQUFHLHFCQUFxQixDQUFDO1FBQ3hDLGVBQVUsR0FBRyxxQkFBcUIsQ0FBQztRQUU1QyxlQUFVLEdBQUcsS0FBSyxDQUFDO0lBV3hCLENBQUM7SUFFSSxVQUFVO1FBQ2hCLElBQUksQ0FBQyxJQUFJLENBQUMsVUFBVSxFQUFFO1lBQ3BCLE1BQU0sSUFBSSxtQkFBbUIsQ0FBQyxnQ0FBZ0MsQ0FBQyxDQUFDO1NBQ2pFO0lBQ0gsQ0FBQztJQUVZLElBQUksQ0FBQyxNQUF3Qjs7WUFDeEMsSUFBSSxJQUFJLENBQUMsVUFBVSxFQUFFO2dCQUNuQixNQUFNLElBQUksbUJBQW1CLENBQzNCLHFJQUFxSSxDQUN0SSxDQUFDO2FBQ0g7WUFFRCxJQUFJLENBQUMsVUFBVSxHQUFHLElBQUksQ0FBQztZQUV2QixXQUFXO1lBQ1gsTUFBTSxtQkFDSixTQUFTLEVBQUUsSUFBSSxFQUNmLFdBQVcsRUFBRSxJQUFJLEVBQ2pCLE9BQU8sRUFBRSxNQUFNLENBQUMsSUFBSSxFQUNwQixVQUFVLEVBQUUsTUFBTSxDQUFDLE9BQU8sRUFDMUIsb0JBQW9CLEVBQUUsTUFBTSxDQUFDLG1CQUFtQixJQUM3QyxNQUFNLENBQ1YsQ0FBQztZQUVGLG9FQUFvRTtZQUNwRSxJQUFJLE1BQU0sQ0FBQyxVQUFVLEdBQUcsSUFBSSxFQUFFO2dCQUM1QixNQUFNLElBQUksc0JBQXNCLENBQzlCLDREQUE0RCxDQUM3RCxDQUFDO2FBQ0g7WUFFRCxJQUFJLENBQUMsU0FBUyxHQUFHLE1BQU0sQ0FBQyxTQUFTLENBQUM7WUFDbEMsSUFBSSxDQUFDLFdBQVcsR0FBRyxNQUFNLENBQUMsV0FBVyxDQUFDO1lBRXRDLDJFQUEyRTtZQUMzRSxhQUFhO1lBQ2IsMkVBQTJFO1lBQzNFLDJEQUEyRDtZQUMzRCxJQUFJLENBQUMsSUFBSSxDQUFDLE9BQU8sQ0FBQyxNQUFNLENBQUMsT0FBTyxDQUFDLENBQUM7WUFDbEMsNkdBQTZHO1lBQzdHLElBQUksQ0FBQyxJQUFJLENBQUMsVUFBVSxDQUFDLE1BQU0sQ0FBQyxVQUFVLENBQUMsQ0FBQztZQUN4QyxrR0FBa0c7WUFDbEcsSUFBSSxDQUFDLElBQUksQ0FBQyxhQUFhLENBQUMsd0JBQXdCLENBQUMsQ0FBQztZQUVsRCxJQUFJLENBQUMsSUFBSSxDQUFDLFNBQVMsQ0FBQyxTQUFTLENBQUMsR0FBRyxFQUFFLENBQUMsT0FBTyxDQUFDLEdBQUcsQ0FBQyxjQUFjLENBQUMsQ0FBQyxDQUFDO1lBQ2pFLElBQUksQ0FBQyxJQUFJLENBQUMsV0FBVyxDQUFDLFNBQVMsQ0FBQyxHQUFHLEVBQUUsQ0FBQyxPQUFPLENBQUMsR0FBRyxDQUFDLGNBQWMsQ0FBQyxDQUFDLENBQUM7WUFFbkUsSUFBSSxDQUFDLElBQUksQ0FBQyxTQUFTLENBQUMsU0FBUyxDQUFDLEdBQVMsRUFBRTtnQkFDdkMsT0FBTyxDQUFDLEdBQUcsQ0FBQyxnQkFBZ0IsQ0FBQyxDQUFDO2dCQUM5QixJQUFJLENBQUMsS0FBSyxFQUFFLENBQUM7Z0JBQ2IsTUFBTSxPQUFPLENBQUMsT0FBTyxDQUFDLElBQUksQ0FBQyxTQUFTLElBQUksSUFBSSxDQUFDLFNBQVMsRUFBRSxDQUFDLENBQUM7WUFDNUQsQ0FBQyxDQUFBLENBQUMsQ0FBQztZQUNILElBQUksQ0FBQyxJQUFJLENBQUMsZ0JBQWdCLENBQUMsU0FBUyxDQUFDLENBQUMsU0FBYyxFQUFFLEVBQUUsQ0FDdEQsT0FBTyxDQUFDLEdBQUcsQ0FBQyxtQkFBbUIsU0FBUyxXQUFXLENBQUMsQ0FDckQsQ0FBQztZQUVGLDJFQUEyRTtZQUMzRSxrQkFBa0I7WUFDbEIsMkVBQTJFO1lBQzNFLHFEQUFxRDtZQUNyRCwyRkFBMkY7WUFDM0YsK0ZBQStGO1lBQy9GLDRDQUE0QztZQUM1QyxJQUFJLENBQUMsU0FBUyxDQUFDLFFBQVEsQ0FBQyxNQUFNLENBQUMsb0JBQW9CLENBQUMsQ0FBQztZQUNyRCxPQUFPLENBQUMsR0FBRyxDQUNULCtCQUErQixNQUFNLENBQUMsbUJBQW1CLFVBQVUsQ0FDcEUsQ0FBQztZQUVGLElBQUksQ0FBQyxTQUFTLENBQUMsTUFBTSxDQUFDLFNBQVMsQ0FBQyxHQUFHLEVBQUUsQ0FBQyxJQUFJLENBQUMsTUFBTSxFQUFFLENBQUMsQ0FBQztZQUVyRCw4RUFBOEU7WUFDOUUsc0RBQXNEO1lBQ3RELE1BQU0sVUFBVSxHQUFHLFlBQVksQ0FBQyxPQUFPLENBQUMsSUFBSSxDQUFDLGVBQWUsQ0FBQyxDQUFDO1lBQzlELElBQ0UsVUFBVTtnQkFDVixRQUFRLENBQUMsVUFBVSxFQUFFLEVBQUUsQ0FBQyxHQUFHLElBQUksQ0FBQyxJQUFJLENBQUMsVUFBVSxFQUFFLEdBQUcsSUFBSSxHQUFHLElBQUksQ0FBQyxHQUFHLEVBQUUsRUFDckU7Z0JBQ0EsSUFBSSxDQUFDLEtBQUssRUFBRSxDQUFDO2dCQUNiLE1BQU0sT0FBTyxDQUFDLE9BQU8sQ0FBQyxJQUFJLENBQUMsU0FBUyxJQUFJLElBQUksQ0FBQyxTQUFTLEVBQUUsQ0FBQyxDQUFDO2FBQzNEO1FBQ0gsQ0FBQztLQUFBO0lBRVksYUFBYTs7WUFJeEIscUVBQXFFO1lBQ3JFLE1BQU0sV0FBVyxHQUFnQixNQUFNLElBQUksQ0FBQyxJQUFJLENBQUMsd0JBQXdCLEVBQUUsQ0FBQztZQUU1RSxNQUFNLGVBQWUsR0FBRyxNQUFNLElBQUksQ0FBQyxJQUFJO2lCQUNwQyxJQUFJLENBQWtCLEdBQUcsSUFBSSxDQUFDLE1BQU0sQ0FBQyxPQUFPLGlCQUFpQixFQUFFLElBQUksRUFBRTtnQkFDcEUsZUFBZSxFQUFFLElBQUk7Z0JBQ3JCLE9BQU8sRUFBRTtvQkFDUCxhQUFhLEVBQUUsVUFBVSxXQUFXO3lCQUNqQyxvQkFBb0IsRUFBRTt5QkFDdEIsY0FBYyxFQUFFO3lCQUNoQixXQUFXLEVBQUUsRUFBRTtpQkFDbkI7YUFDRixDQUFDO2lCQUNELFNBQVMsRUFBRSxDQUFDO1lBRWYsT0FBTztnQkFDTCxlQUFlO2dCQUNmLG1CQUFtQixFQUNqQixJQUFJLENBQUMsSUFBSSxDQUFDLE9BQU8sRUFBRTtvQkFDbkIsSUFBSSxDQUFDLElBQUksQ0FBQyxVQUFVLEVBQUU7b0JBQ3RCLElBQUksQ0FBQyxTQUFTLENBQUMsUUFBUSxFQUFFO2FBQzVCLENBQUM7UUFDSixDQUFDO0tBQUE7SUFFWSxnQkFBZ0IsQ0FBQyxTQUFjOztZQUMxQyx3R0FBd0c7WUFDeEcsMENBQTBDO1lBQzFDLDJGQUEyRjtZQUMzRiwyRkFBMkY7WUFDM0Ysc0JBQXNCO1lBQ3RCLE1BQU0sRUFBRSxtQkFBbUIsRUFBRSxHQUFHLE1BQU0sSUFBSSxDQUFDLGFBQWEsRUFBRSxDQUFDO1lBRTNELDhCQUE4QjtZQUM5QixNQUFNLElBQUksQ0FBQyxVQUFVLENBQUMsZ0JBQWdCLENBQUMsU0FBUyxFQUFFLG1CQUFtQixDQUFDLENBQUM7WUFFdkUsT0FBTyxDQUFDLEdBQUcsQ0FBQyxxQkFBcUIsQ0FBQyxDQUFDO1FBQ3JDLENBQUM7S0FBQTtJQUVhLE1BQU07O1lBQ2xCLE9BQU8sQ0FBQyxHQUFHLENBQ1QsaUNBQWlDLElBQUksQ0FBQyxHQUFHLEVBQUUsc0JBQXNCLElBQUksQ0FBQyxTQUFTLENBQUMsUUFBUSxFQUFFLFVBQVUsQ0FDckcsQ0FBQztZQUVGLGdEQUFnRDtZQUNoRCxNQUFNLEVBQUUsbUJBQW1CLEVBQUUsR0FBRyxNQUFNLElBQUksQ0FBQyxhQUFhLEVBQUUsQ0FBQztZQUUzRCx5Q0FBeUM7WUFDekMsTUFBTSxJQUFJLENBQUMsVUFBVSxDQUFDLCtCQUErQixDQUFDLG1CQUFtQixDQUFDLENBQUM7WUFFM0UsTUFBTSxPQUFPLENBQUMsT0FBTyxDQUFDLElBQUksQ0FBQyxXQUFXLElBQUksSUFBSSxDQUFDLFdBQVcsRUFBRSxDQUFDLENBQUM7UUFDaEUsQ0FBQztLQUFBO0lBRVksS0FBSzs7WUFDaEIsSUFBSSxDQUFDLElBQUksQ0FBQyxVQUFVLEVBQUU7Z0JBQ3BCLE1BQU0sSUFBSSxDQUFDLElBQUksRUFBRSxDQUFDO2FBQ25CO1lBRUQsSUFBSSxJQUFJLENBQUMsSUFBSSxDQUFDLFNBQVMsRUFBRSxFQUFFO2dCQUN6QixPQUFPO2FBQ1I7WUFFRCw0RUFBNEU7WUFDNUUsTUFBTSxJQUFJLENBQUMsTUFBTSxFQUFFLENBQUM7WUFFcEIsSUFBSSxDQUFDLElBQUksQ0FBQyxLQUFLLEVBQUUsQ0FBQztRQUNwQixDQUFDO0tBQUE7SUFFTSxJQUFJO1FBQ1QsSUFBSSxDQUFDLElBQUksQ0FBQyxJQUFJLEVBQUUsQ0FBQztRQUNqQixJQUFJLENBQUMsS0FBSyxFQUFFLENBQUM7SUFDZixDQUFDO0lBRU8sS0FBSztRQUNYLFlBQVksQ0FBQyxVQUFVLENBQUMsSUFBSSxDQUFDLGVBQWUsQ0FBQyxDQUFDO1FBQzlDLFlBQVksQ0FBQyxVQUFVLENBQUMsSUFBSSxDQUFDLFVBQVUsQ0FBQyxDQUFDO0lBQzNDLENBQUM7Ozs7WUF0TEYsVUFBVSxTQUFDO2dCQUNWLFVBQVUsRUFBRSxNQUFNO2FBQ25COzs7NENBVUksTUFBTSxTQUFDLFNBQVM7WUEzQlosVUFBVTtZQVJWLElBQUk7WUFDSixTQUFTO1lBQ1QsVUFBVTtZQVVWLFNBQVMiLCJzb3VyY2VzQ29udGVudCI6WyJpbXBvcnQgeyBJbmplY3QsIEluamVjdGFibGUgfSBmcm9tICdAYW5ndWxhci9jb3JlJztcclxuaW1wb3J0IHsgSWRsZSwgREVGQVVMVF9JTlRFUlJVUFRTT1VSQ0VTIH0gZnJvbSAnQG5nLWlkbGUvY29yZSc7XHJcbmltcG9ydCB7IEtlZXBhbGl2ZSB9IGZyb20gJ0BuZy1pZGxlL2tlZXBhbGl2ZSc7XHJcbmltcG9ydCB7IEtleVNlcnZpY2UgfSBmcm9tICcuLi9jcnlwdG9ncmFwaHkva2V5LnNlcnZpY2UnO1xyXG5pbXBvcnQge1xyXG4gIExyQmFkQXJndW1lbnRFeGNlcHRpb24sXHJcbiAgTHJCYWRTdGF0ZUV4Y2VwdGlvbixcclxufSBmcm9tICcuLi9fY29tbW9uL2V4Y2VwdGlvbnMnO1xyXG5pbXBvcnQgeyBMaWZlUmVhZHlDb25maWcsIExSX0NPTkZJRyB9IGZyb20gJy4uL2xpZmUtcmVhZHkuY29uZmlnJztcclxuaW1wb3J0IHsgSHR0cENsaWVudCB9IGZyb20gJ0Bhbmd1bGFyL2NvbW1vbi9odHRwJztcclxuaW1wb3J0IHsgQ29uZmlnLCBLZWVwYWxpdmVSZXN1bHQgfSBmcm9tICcuL2lkbGUudHlwZXMnO1xyXG5pbXBvcnQgeyBLZXkgfSBmcm9tICcuLi9jcnlwdG9ncmFwaHkvY3J5cHRvZ3JhcGh5LnR5cGVzJztcclxuaW1wb3J0IHsgQ29nbml0b1VzZXIgfSBmcm9tICdAYXdzLWFtcGxpZnkvYXV0aCc7XHJcbmltcG9ydCB7IEF1dGhDbGFzcyB9IGZyb20gJ0Bhd3MtYW1wbGlmeS9hdXRoL2xpYi1lc20vQXV0aCc7XHJcblxyXG5leHBvcnQgaW50ZXJmYWNlIElkbGVTZXJ2aWNlSW5pdCB7XHJcbiAgLy8gVE9ETzogdGhpcyBzaG91bGQgYmUgRXZlbnRFbWl0dGVyIGluc3RlYWQgb2YgYSBjYWxsYmFjay5cclxuICBvblRpbWVvdXQ/OiAoKCkgPT4gYW55KSB8ICgoKSA9PiBQcm9taXNlPGFueT4pIHwgbnVsbDtcclxuICBvbktlZXBhbGl2ZT86ICgoKSA9PiBhbnkpIHwgKCgpID0+IFByb21pc2U8YW55PikgfCBudWxsO1xyXG4gIGlkbGVTZWM/OiBudW1iZXI7XHJcbiAgdGltZW91dFNlYz86IG51bWJlcjtcclxuICBrZWVwQWxpdmVJbnRlcnZhbFNlYz86IG51bWJlcjtcclxufVxyXG5cclxuQEluamVjdGFibGUoe1xyXG4gIHByb3ZpZGVkSW46ICdyb290JyxcclxufSlcclxuZXhwb3J0IGNsYXNzIElkbGVTZXJ2aWNlIHtcclxuICBwcml2YXRlIHJlYWRvbmx5IElETEVfRVhQSVJZX0tFWSA9ICduZzJJZGxlLm1haW4uZXhwaXJ5JztcclxuICBwcml2YXRlIHJlYWRvbmx5IElETElOR19LRVkgPSAnbmcySWRsZS5tYWluLmlkbGluZyc7XHJcblxyXG4gIHByaXZhdGUgaW5pdENhbGxlZCA9IGZhbHNlO1xyXG4gIHByaXZhdGUgb25UaW1lb3V0OiAoKCkgPT4gYW55KSB8ICgoKSA9PiBQcm9taXNlPGFueT4pIHwgbnVsbDtcclxuICBwcml2YXRlIG9uS2VlcGFsaXZlOiAoKCkgPT4gYW55KSB8ICgoKSA9PiBQcm9taXNlPGFueT4pIHwgbnVsbDtcclxuXHJcbiAgY29uc3RydWN0b3IoXHJcbiAgICBASW5qZWN0KExSX0NPTkZJRykgcHJpdmF0ZSBjb25maWc6IExpZmVSZWFkeUNvbmZpZyxcclxuICAgIHByaXZhdGUgaHR0cDogSHR0cENsaWVudCxcclxuICAgIHByaXZhdGUgaWRsZTogSWRsZSxcclxuICAgIHByaXZhdGUga2VlcGFsaXZlOiBLZWVwYWxpdmUsXHJcbiAgICBwcml2YXRlIGtleVNlcnZpY2U6IEtleVNlcnZpY2UsXHJcbiAgICBwcml2YXRlIGF1dGg6IEF1dGhDbGFzc1xyXG4gICkge31cclxuXHJcbiAgcHJpdmF0ZSBhc3NlcnRJbml0KCk6IHZvaWQge1xyXG4gICAgaWYgKCF0aGlzLmluaXRDYWxsZWQpIHtcclxuICAgICAgdGhyb3cgbmV3IExyQmFkU3RhdGVFeGNlcHRpb24oJ0NhbGwgSWRsZVNlcnZpY2UuaW5pdCgpIGZpcnN0LicpO1xyXG4gICAgfVxyXG4gIH1cclxuXHJcbiAgcHVibGljIGFzeW5jIGluaXQocGFyYW1zPzogSWRsZVNlcnZpY2VJbml0KTogUHJvbWlzZTx2b2lkPiB7XHJcbiAgICBpZiAodGhpcy5pbml0Q2FsbGVkKSB7XHJcbiAgICAgIHRocm93IG5ldyBMckJhZFN0YXRlRXhjZXB0aW9uKFxyXG4gICAgICAgICdJZGxlU2VydmljZS5pbml0KCkgY2FuIG9ubHkgYmUgY2FsbGVkIG9uY2UuIElkbGVTZXJ2aWNlLnN0YXJ0KCkgY2FsbHMgaW5pdCgpIHdpdGggZGVmYXVsdCB2YWx1ZXMgaWYgaW5pdCgpIGhhcyBub3QgYmVlbiBjYWxsZWQgeWV0LidcclxuICAgICAgKTtcclxuICAgIH1cclxuXHJcbiAgICB0aGlzLmluaXRDYWxsZWQgPSB0cnVlO1xyXG5cclxuICAgIC8vIERlZmF1bHRzXHJcbiAgICBwYXJhbXMgPSB7XHJcbiAgICAgIG9uVGltZW91dDogbnVsbCxcclxuICAgICAgb25LZWVwYWxpdmU6IG51bGwsXHJcbiAgICAgIGlkbGVTZWM6IENvbmZpZy5JRExFLFxyXG4gICAgICB0aW1lb3V0U2VjOiBDb25maWcuVElNRU9VVCxcclxuICAgICAga2VlcEFsaXZlSW50ZXJ2YWxTZWM6IENvbmZpZy5LRUVQX0FMSVZFX0lOVEVSVkFMLFxyXG4gICAgICAuLi5wYXJhbXMsXHJcbiAgICB9O1xyXG5cclxuICAgIC8vIElmIHRpbWVvdXRTZWMgPT0gMCB0aGVuIHRoZSBvblRpbWVvdXQoKSBjYWxsYmFjayBpcyBuZXZlciBjYWxsZWQuXHJcbiAgICBpZiAocGFyYW1zLnRpbWVvdXRTZWMgPCAwLjAxKSB7XHJcbiAgICAgIHRocm93IG5ldyBMckJhZEFyZ3VtZW50RXhjZXB0aW9uKFxyXG4gICAgICAgICdNaW5pbXVtIHZhbHVlIGZvciBJZGxlU2VydmljZS5pbml0KHsgdGltZW91dFNlYyB9KSBpcyAwLjAxJ1xyXG4gICAgICApO1xyXG4gICAgfVxyXG5cclxuICAgIHRoaXMub25UaW1lb3V0ID0gcGFyYW1zLm9uVGltZW91dDtcclxuICAgIHRoaXMub25LZWVwYWxpdmUgPSBwYXJhbXMub25LZWVwYWxpdmU7XHJcblxyXG4gICAgLy8gLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tXHJcbiAgICAvLyBTZXR1cCBJZGxlXHJcbiAgICAvLyAtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS1cclxuICAgIC8vIHNldHMgYW4gaWRsZSB0aW1lb3V0IG9mIDUgc2Vjb25kcywgZm9yIHRlc3RpbmcgcHVycG9zZXMuXHJcbiAgICB0aGlzLmlkbGUuc2V0SWRsZShwYXJhbXMuaWRsZVNlYyk7XHJcbiAgICAvLyBzZXRzIGEgdGltZW91dCBwZXJpb2Qgb2YgNSBzZWNvbmRzLiBhZnRlciAxMCBzZWNvbmRzIG9mIGluYWN0aXZpdHksIHRoZSB1c2VyIHdpbGwgYmUgY29uc2lkZXJlZCB0aW1lZCBvdXQuXHJcbiAgICB0aGlzLmlkbGUuc2V0VGltZW91dChwYXJhbXMudGltZW91dFNlYyk7XHJcbiAgICAvLyBzZXRzIHRoZSBkZWZhdWx0IGludGVycnVwdHMsIGluIHRoaXMgY2FzZSwgdGhpbmdzIGxpa2UgY2xpY2tzLCBzY3JvbGxzLCB0b3VjaGVzIHRvIHRoZSBkb2N1bWVudFxyXG4gICAgdGhpcy5pZGxlLnNldEludGVycnVwdHMoREVGQVVMVF9JTlRFUlJVUFRTT1VSQ0VTKTtcclxuXHJcbiAgICB0aGlzLmlkbGUub25JZGxlRW5kLnN1YnNjcmliZSgoKSA9PiBjb25zb2xlLmxvZygnSWRsZSBzdG9wcGVkJykpO1xyXG4gICAgdGhpcy5pZGxlLm9uSWRsZVN0YXJ0LnN1YnNjcmliZSgoKSA9PiBjb25zb2xlLmxvZygnSWRsZSBzdGFydGVkJykpO1xyXG5cclxuICAgIHRoaXMuaWRsZS5vblRpbWVvdXQuc3Vic2NyaWJlKGFzeW5jICgpID0+IHtcclxuICAgICAgY29uc29sZS5sb2coJ0lkbGUgdGltZWQgb3V0Jyk7XHJcbiAgICAgIHRoaXMucmVzZXQoKTtcclxuICAgICAgYXdhaXQgUHJvbWlzZS5yZXNvbHZlKHRoaXMub25UaW1lb3V0ICYmIHRoaXMub25UaW1lb3V0KCkpO1xyXG4gICAgfSk7XHJcbiAgICB0aGlzLmlkbGUub25UaW1lb3V0V2FybmluZy5zdWJzY3JpYmUoKGNvdW50ZG93bjogYW55KSA9PlxyXG4gICAgICBjb25zb2xlLmxvZyhgV2lsbCB0aW1lb3V0IGluICR7Y291bnRkb3dufSBzZWNvbmRzIWApXHJcbiAgICApO1xyXG5cclxuICAgIC8vIC0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLVxyXG4gICAgLy8gU2V0dXAgS2VlcGFsaXZlXHJcbiAgICAvLyAtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS1cclxuICAgIC8vIFJlZjogaHR0cHM6Ly9naXRodWIuY29tL21vcmlidm5kdnMvbmcyLWlkbGUjcmVhZG1lXHJcbiAgICAvLyBuZy1pZGxlIHdpbGwgaW5zdHJ1Y3QgQG5nLWlkbGUva2VlcGFsaXZlIHRvIHBpbmcgd2hpbGUgdGhlIHVzZXIgaXMgYWN0aXZlLCBhbmQgc3RvcCBvbmNlXHJcbiAgICAvLyB0aGV5IGdvIGlkbGUgb3IgdGltZSBvdXQuIFdoZW4gdGhlIHVzZXIgcmVzdW1lcyBhY3Rpdml0eSBvciB0aGUgaWRsZSBzdGF0ZSBpcyByZXNldCwgaXQgd2lsbFxyXG4gICAgLy8gcGluZyBpbW1lZGlhdGVseSBhbmQgdGhlbiByZXN1bWUgcGluZ2luZy5cclxuICAgIHRoaXMua2VlcGFsaXZlLmludGVydmFsKHBhcmFtcy5rZWVwQWxpdmVJbnRlcnZhbFNlYyk7XHJcbiAgICBjb25zb2xlLmxvZyhcclxuICAgICAgYEtlZXAgYWxpdmUgaW50ZXJ2YWwgc2V0IGF0OiAke0NvbmZpZy5LRUVQX0FMSVZFX0lOVEVSVkFMfSBzZWNvbmRzYFxyXG4gICAgKTtcclxuXHJcbiAgICB0aGlzLmtlZXBhbGl2ZS5vblBpbmcuc3Vic2NyaWJlKCgpID0+IHRoaXMub25QaW5nKCkpO1xyXG5cclxuICAgIC8vIElmIHRoZSBicm93c2VyIHRhYiBoYXMgYmVlbiBjbG9zZWQgZm9yIGEgcGVyaW9kIGxvbmdlciB0aGFudCB0aGUgaW5hY3Rpdml0eVxyXG4gICAgLy8gcGVyaW9kLCB0aGVuIHdlIHNob3VsZCBsb2dvdXQgcmlnaHQgZnJvbSB0aGUgc3RhcnQuXHJcbiAgICBjb25zdCBpZGxlRXhwaXJ5ID0gbG9jYWxTdG9yYWdlLmdldEl0ZW0odGhpcy5JRExFX0VYUElSWV9LRVkpO1xyXG4gICAgaWYgKFxyXG4gICAgICBpZGxlRXhwaXJ5ICYmXHJcbiAgICAgIHBhcnNlSW50KGlkbGVFeHBpcnksIDEwKSArIHRoaXMuaWRsZS5nZXRUaW1lb3V0KCkgKiAxMDAwIDwgRGF0ZS5ub3coKVxyXG4gICAgKSB7XHJcbiAgICAgIHRoaXMucmVzZXQoKTtcclxuICAgICAgYXdhaXQgUHJvbWlzZS5yZXNvbHZlKHRoaXMub25UaW1lb3V0ICYmIHRoaXMub25UaW1lb3V0KCkpO1xyXG4gICAgfVxyXG4gIH1cclxuXHJcbiAgcHVibGljIGFzeW5jIGtlZXBhbGl2ZVBvc3QoKTogUHJvbWlzZTx7XHJcbiAgICBleHBpcmVzQWZ0ZXJTZWNvbmRzOiBudW1iZXI7XHJcbiAgICBrZWVwYWxpdmVSZXN1bHQ6IEtlZXBhbGl2ZVJlc3VsdDtcclxuICB9PiB7XHJcbiAgICAvLyBjdXJyZW50QXV0aGVudGljYXRlZFVzZXIoKSByZWZyZXNoZXMgdGhlIGFjY2VzcyB0b2tlbiBpZiByZXF1aXJlZC5cclxuICAgIGNvbnN0IGNvZ25pdG9Vc2VyOiBDb2duaXRvVXNlciA9IGF3YWl0IHRoaXMuYXV0aC5jdXJyZW50QXV0aGVudGljYXRlZFVzZXIoKTtcclxuXHJcbiAgICBjb25zdCBrZWVwYWxpdmVSZXN1bHQgPSBhd2FpdCB0aGlzLmh0dHBcclxuICAgICAgLnBvc3Q8S2VlcGFsaXZlUmVzdWx0PihgJHt0aGlzLmNvbmZpZy5hdXRoVXJsfWF1dGgva2VlcGFsaXZlL2AsIG51bGwsIHtcclxuICAgICAgICB3aXRoQ3JlZGVudGlhbHM6IHRydWUsIC8vIC9hdXRoL2tlZXBhbGl2ZS8gd2lsbCBiZSBleHRlbmRpbmcgdGhlIHNlc3Npb25zIGNvb2tpZS5cclxuICAgICAgICBoZWFkZXJzOiB7XHJcbiAgICAgICAgICBBdXRob3JpemF0aW9uOiBgQmVhcmVyICR7Y29nbml0b1VzZXJcclxuICAgICAgICAgICAgLmdldFNpZ25JblVzZXJTZXNzaW9uKClcclxuICAgICAgICAgICAgLmdldEFjY2Vzc1Rva2VuKClcclxuICAgICAgICAgICAgLmdldEp3dFRva2VuKCl9YCxcclxuICAgICAgICB9LFxyXG4gICAgICB9KVxyXG4gICAgICAudG9Qcm9taXNlKCk7XHJcblxyXG4gICAgcmV0dXJuIHtcclxuICAgICAga2VlcGFsaXZlUmVzdWx0LFxyXG4gICAgICBleHBpcmVzQWZ0ZXJTZWNvbmRzOlxyXG4gICAgICAgIHRoaXMuaWRsZS5nZXRJZGxlKCkgK1xyXG4gICAgICAgIHRoaXMuaWRsZS5nZXRUaW1lb3V0KCkgK1xyXG4gICAgICAgIHRoaXMua2VlcGFsaXZlLmludGVydmFsKCksXHJcbiAgICB9O1xyXG4gIH1cclxuXHJcbiAgcHVibGljIGFzeW5jIHBlcnNpc3RNYXN0ZXJLZXkobWFzdGVyS2V5OiBLZXkpOiBQcm9taXNlPHZvaWQ+IHtcclxuICAgIC8vIFRoZSBrZWVwYWxpdmUgQVBJIGNhbGwgZXh0ZW5kcyB0aGUgc2VydmVyLXNpZGUgc2Vzc2lvbiwgdGhlIHNlc3Npb24gY29va2llIGV4cGlyeSwgcmVmcmVzaCBrZXkgY29va2llXHJcbiAgICAvLyBleHBpcnksIGFuZCByZXR1cm5zIHRoZSBzZXNzaW9uIGV4cGlyeS5cclxuICAgIC8vIE5PVEUgVXNlIHRpbWUgZGVsdGEgcmF0aGVyIHRoYW4gYWJzb2x1dGUgdGltZSwgc2luY2UgY2xpZW50IGNsb2NrIGFuZCBzZXJ2ZXIgY2xvY2sgbWF5YmVcclxuICAgIC8vIG91dCBvZiBzeW5jLiBXZSBjYW4ndCB1c2UgdGhlIHNlcnZlclRpbWUoKSBmdW5jdGlvbmFsaXR5IGJlY2F1c2UgdGhlIGNvb2tpZSBleHBpcnkgc3RpbGxcclxuICAgIC8vIHJ1biBvbiBsb2NhbCBjbG9jay5cclxuICAgIGNvbnN0IHsgZXhwaXJlc0FmdGVyU2Vjb25kcyB9ID0gYXdhaXQgdGhpcy5rZWVwYWxpdmVQb3N0KCk7XHJcblxyXG4gICAgLy8gUGVyc2lzdCB0aGUgZGVyaXZlZCBwYXNzS2V5XHJcbiAgICBhd2FpdCB0aGlzLmtleVNlcnZpY2UucGVyc2lzdE1hc3RlcktleShtYXN0ZXJLZXksIGV4cGlyZXNBZnRlclNlY29uZHMpO1xyXG5cclxuICAgIGNvbnNvbGUubG9nKCdzZXRNYXN0ZXJLZXkoKSBkb25lJyk7XHJcbiAgfVxyXG5cclxuICBwcml2YXRlIGFzeW5jIG9uUGluZygpOiBQcm9taXNlPHZvaWQ+IHtcclxuICAgIGNvbnNvbGUubG9nKFxyXG4gICAgICBgS2VlcCBhbGl2ZSB0cmlnZ2VyZWQgYXQgdGltZTogJHtEYXRlLm5vdygpfS4gSW50ZXJ2YWwgc2V0IGF0OiAke3RoaXMua2VlcGFsaXZlLmludGVydmFsKCl9IHNlY29uZHNgXHJcbiAgICApO1xyXG5cclxuICAgIC8vIEtlZXBhbGl2ZSBBUEkgd2lsbCBleHRlbmQgdGhlIHNlc3Npb24gZXhwaXJ5LlxyXG4gICAgY29uc3QgeyBleHBpcmVzQWZ0ZXJTZWNvbmRzIH0gPSBhd2FpdCB0aGlzLmtlZXBhbGl2ZVBvc3QoKTtcclxuXHJcbiAgICAvLyBFeHRlbmQgdGhlIGV4cGlyeSBvZiB0aGUgcGVyc2lzdGVkIGtleVxyXG4gICAgYXdhaXQgdGhpcy5rZXlTZXJ2aWNlLnNldE1hc3RlcktleUV4cGlyZXNBZnRlclNlY29uZHMoZXhwaXJlc0FmdGVyU2Vjb25kcyk7XHJcblxyXG4gICAgYXdhaXQgUHJvbWlzZS5yZXNvbHZlKHRoaXMub25LZWVwYWxpdmUgJiYgdGhpcy5vbktlZXBhbGl2ZSgpKTtcclxuICB9XHJcblxyXG4gIHB1YmxpYyBhc3luYyBzdGFydCgpOiBQcm9taXNlPHZvaWQ+IHtcclxuICAgIGlmICghdGhpcy5pbml0Q2FsbGVkKSB7XHJcbiAgICAgIGF3YWl0IHRoaXMuaW5pdCgpO1xyXG4gICAgfVxyXG5cclxuICAgIGlmICh0aGlzLmlkbGUuaXNSdW5uaW5nKCkpIHtcclxuICAgICAgcmV0dXJuO1xyXG4gICAgfVxyXG5cclxuICAgIC8vIFBpbmcgZG9lcyBub3Qgc2VlbSB0byBoYXBwZW4gcmlnaHQgYXQgdGhlIHN0YXJ0LiBTbyB3ZSBjYWxsIGl0IGV4cGxpY2l0bHlcclxuICAgIGF3YWl0IHRoaXMub25QaW5nKCk7XHJcblxyXG4gICAgdGhpcy5pZGxlLndhdGNoKCk7XHJcbiAgfVxyXG5cclxuICBwdWJsaWMgc3RvcCgpOiB2b2lkIHtcclxuICAgIHRoaXMuaWRsZS5zdG9wKCk7XHJcbiAgICB0aGlzLnJlc2V0KCk7XHJcbiAgfVxyXG5cclxuICBwcml2YXRlIHJlc2V0KCkge1xyXG4gICAgbG9jYWxTdG9yYWdlLnJlbW92ZUl0ZW0odGhpcy5JRExFX0VYUElSWV9LRVkpO1xyXG4gICAgbG9jYWxTdG9yYWdlLnJlbW92ZUl0ZW0odGhpcy5JRExJTkdfS0VZKTtcclxuICB9XHJcbn1cclxuIl19

package/esm2015/lib/auth/idle.types.js

@@ -0,0 +1,7 @@
+export var Config;
+(function (Config) {
+    Config[Config["TIMEOUT"] = 0.01] = "TIMEOUT";
+    Config[Config["IDLE"] = 1200] = "IDLE";
+    Config[Config["KEEP_ALIVE_INTERVAL"] = 60] = "KEEP_ALIVE_INTERVAL";
+})(Config || (Config = {}));
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaWRsZS50eXBlcy5qcyIsInNvdXJjZVJvb3QiOiJDOi9Qcm9qZWN0cy9uZXdyZXBvL2tjLWNsaWVudC9wcm9qZWN0cy9jb3JlL3NyYy8iLCJzb3VyY2VzIjpbImxpYi9hdXRoL2lkbGUudHlwZXMudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUEsTUFBTSxDQUFOLElBQVksTUFJWDtBQUpELFdBQVksTUFBTTtJQUNoQiw0Q0FBYyxDQUFBO0lBQ2Qsc0NBQWMsQ0FBQTtJQUNkLGtFQUE0QixDQUFBO0FBQzlCLENBQUMsRUFKVyxNQUFNLEtBQU4sTUFBTSxRQUlqQiIsInNvdXJjZXNDb250ZW50IjpbImV4cG9ydCBlbnVtIENvbmZpZyB7XHJcbiAgVElNRU9VVCA9IDAuMDEsIC8vIHNlY29uZHMsIG1pbiB2YWx1ZSAwLjAxLCBhZnRlciBzdGF0ZSBpcyBpZGxlLCB3YWl0IGZvciBUSU1FT1VUIHNlY29uZHMgYmVmb3JlIHRha2luZyBhY3Rpb25cclxuICBJRExFID0gNjAgKiAyMCwgLy8gc2Vjb25kcywgcGVyaW9kIG9mIGluYWN0aXZpdHkgdG8gY29uc2lkZXIgc3RhdGUgYXMgaWRsZVxyXG4gIEtFRVBfQUxJVkVfSU5URVJWQUwgPSA2MCAqIDEsIC8vIHNlY29uZHMsIHRyaWdnZXJlZCBvbiBhIHJlZ3VsYXIgYmFzaXMgd2hpbGUgYWN0aXZlIChpLmUuIHdoaWxlIG5vdCBpZGxpbmcpXHJcbn1cclxuXHJcbmV4cG9ydCBpbnRlcmZhY2UgS2VlcGFsaXZlUmVzdWx0IHtcclxuICBzZXNzaW9uOiB7XHJcbiAgICBleHBpcmVzX2FmdGVyX3NlY29uZHM6IG51bWJlcjtcclxuICB9O1xyXG59XHJcbiJdfQ==

package/esm2015/lib/auth/lbop.service.js

@@ -0,0 +1,355 @@
+import { __awaiter } from "tslib";
+import { LrApolloService } from '../api/lr-apollo.service';
+import { HttpClient } from '@angular/common/http';
+import { Inject, Injectable } from '@angular/core';
+import { AuthClass } from '@aws-amplify/auth/lib-esm/Auth';
+import gql from 'graphql-tag';
+import { EncryptionService } from '../cryptography/encryption.service';
+import { KeyGraphService } from '../cryptography/key-graph.service';
+import { KeyService } from '../cryptography/key.service';
+import { LR_CONFIG } from '../life-ready.config';
+import { LrException, LrBadLogicException, } from '../_common/exceptions';
+import { LifeReadyAuthService } from './life-ready-auth.service';
+import { PasswordService } from './password.service';
+import { Slip39Helper } from 'slip39';
+import { KeyFactoryService as KFS } from '../cryptography/key-factory.service';
+import * as i0 from "@angular/core";
+import * as i1 from "../life-ready.config";
+import * as i2 from "@angular/common/http";
+import * as i3 from "../api/lr-apollo.service";
+import * as i4 from "@aws-amplify/auth/lib-esm/Auth";
+import * as i5 from "./life-ready-auth.service";
+import * as i6 from "../cryptography/key-factory.service";
+import * as i7 from "../cryptography/key.service";
+import * as i8 from "../cryptography/encryption.service";
+import * as i9 from "../cryptography/key-graph.service";
+import * as i10 from "./password.service";
+export const CreateLbopQuery = gql `
+  mutation CreateLbop($input: CreateLbopInput!) {
+    createLbop(input: $input) {
+      lbop {
+        id
+      }
+    }
+  }
+`;
+export const DeleteLbopQuery = gql `
+  mutation DeleteLbop($input: DeleteLbopInput!) {
+    deleteLbop(input: $input) {
+      id
+    }
+  }
+`;
+export const UpdateLbopQuery = gql `
+  mutation UpdateLbop($input: UpdateLbopInput!) {
+    updateLbop(input: $input) {
+      lbop {
+        id
+      }
+    }
+  }
+`;
+export const LbopQuery = gql `
+  query Lbop($id: LrRelayIdInput!) {
+    lbop(id: $id) {
+      id
+      cipherMeta
+    }
+  }
+`;
+export const LbopsQuery = gql `
+  query Lbops {
+    lbops {
+      edges {
+        node {
+          id
+          cipherMeta
+        }
+      }
+    }
+  }
+`;
+export class LbopService {
+    constructor(config, http, lrApollo, auth, authService, keyFactory, keyService, encryptionService, keyGraph, passwordService) {
+        this.config = config;
+        this.http = http;
+        this.lrApollo = lrApollo;
+        this.auth = auth;
+        this.authService = authService;
+        this.keyFactory = keyFactory;
+        this.keyService = keyService;
+        this.encryptionService = encryptionService;
+        this.keyGraph = keyGraph;
+        this.passwordService = passwordService;
+        this.CLIENT_NONCE_LENGTH = 32;
+        // There are 1024 words (10 bits), so 25 words should give ~256 bits of entropy.
+        this.LBOP_WORDS = 25;
+    }
+    getPartial(lbopString) {
+        return lbopString.split(' ')[0];
+    }
+    remove(id) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const res = yield this.lrApollo.mutate({
+                mutation: DeleteLbopQuery,
+                variables: {
+                    input: {
+                        id,
+                    },
+                },
+            });
+            return res.deleteLbop.id;
+        });
+    }
+    update({ id, name }) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const lbop = yield this.get(id);
+            lbop.name = name;
+            const masterKey = yield this.keyService.getCurrentMasterKey();
+            const cipherMeta = yield this.encryptionService.encrypt(masterKey.jwk, lbop);
+            const res = yield this.lrApollo.mutate({
+                mutation: UpdateLbopQuery,
+                variables: {
+                    input: {
+                        id,
+                        cipherMeta: JSON.stringify(cipherMeta),
+                    },
+                },
+            });
+            return res.updateLbop;
+        });
+    }
+    get(id) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const res = yield this.lrApollo.query({
+                query: LbopQuery,
+                variables: {
+                    id,
+                },
+            });
+            const masterKey = yield this.keyService.getCurrentMasterKey();
+            const plainCipherMeta = yield this.encryptionService.decrypt(masterKey.jwk, JSON.parse(res.lbop.cipherMeta));
+            return Object.assign({ id: res.id }, plainCipherMeta);
+        });
+    }
+    list() {
+        return __awaiter(this, void 0, void 0, function* () {
+            const res = yield this.lrApollo.query({
+                query: LbopsQuery,
+            });
+            const masterKey = yield this.keyService.getCurrentMasterKey();
+            return Promise.all(res.lbops.edges.map((edge) => __awaiter(this, void 0, void 0, function* () {
+                const plainCipherMeta = yield this.encryptionService.decrypt(masterKey.jwk, JSON.parse(edge.node.cipherMeta));
+                return Object.assign({ id: edge.node.id }, plainCipherMeta);
+            })));
+        });
+    }
+    create({ name }) {
+        return __awaiter(this, void 0, void 0, function* () {
+            if (Slip39Helper.WORD_LIST.length !== 1024) {
+                throw new LrBadLogicException('Slip39Helper.WORD_LIST.length != 1024');
+            }
+            // Get existing to make sure there are not duplicate first words
+            const lbops = yield this.list();
+            // Generate new one
+            let lbopString;
+            while (true) {
+                lbopString = this.keyFactory
+                    .randomChoices(Slip39Helper.WORD_LIST, this.LBOP_WORDS)
+                    .join(' ');
+                const partial = this.getPartial(lbopString);
+                if (!lbops.some((lbop) => lbop.partial === partial)) {
+                    break;
+                }
+            }
+            const lbopKeyParams = yield this.keyFactory.createLbopKeyParams();
+            const lbopKey = (yield this.keyFactory.deriveLbopKey(Object.assign({ password: lbopString }, lbopKeyParams))).jwk;
+            const lbopKeyVerifier = yield this.keyFactory.createSignKey();
+            const wrappedLbopKeyVerifier = yield this.encryptionService.encrypt(lbopKey, lbopKeyVerifier.toJSON(true));
+            // Re-encrypt master key with new key
+            const currentUser = yield this.authService.getUser();
+            const masterKey = yield this.keyGraph.getKey(currentUser.currentUserKey.masterKey.id);
+            const wrappedMasterKey = yield this.encryptionService.encrypt(lbopKey, masterKey.jwk.toJSON(true));
+            const meta = Object.assign(Object.assign({}, (name && { name })), { partial: this.getPartial(lbopString) });
+            const cipherMeta = yield this.encryptionService.encrypt(masterKey.jwk, meta);
+            const res = yield this.lrApollo.mutate({
+                mutation: CreateLbopQuery,
+                variables: {
+                    input: {
+                        cipherMeta: JSON.stringify(cipherMeta),
+                        lbopKeyParams: JSON.stringify(lbopKeyParams),
+                        lbopKeyVerifier: JSON.stringify(lbopKeyVerifier.toJSON(true)),
+                        wrappedLbopKeyVerifier: JSON.stringify(wrappedLbopKeyVerifier),
+                        masterKeyId: currentUser.currentUserKey.masterKey.id,
+                        wrappedMasterKey: JSON.stringify(wrappedMasterKey),
+                    },
+                },
+            });
+            return Object.assign(Object.assign({}, res.createLbop.lbop), { lbopString });
+        });
+    }
+    // --------------------------------------------------------------------------------------------------------------------
+    // --------------------------------------------------------------------------------------------------------------------
+    // Flow below are for password reset via LBOP
+    //
+    // --Potential Failure Point xxx--
+    //
+    // Look for the above and you can test by interrupting at these points.
+    //
+    // The LBOP reset process can be restarted at any point before the call to "set-password/". Once "set-password/" has been
+    // called, we assume the client has a short period of time to change the Idp password to the one they've chosen. The "set-password/"
+    // will set the Idp password to a temporary random password. The user can no longer login using their current password. If the Idp
+    // password change process does not complete or takes longer than the lockout period, the account will not be accessible and a new
+    // LBOP password reset must be carried out.
+    // --------------------------------------------------------------------------------------------------------------------
+    // --------------------------------------------------------------------------------------------------------------------
+    verifyLbops(challengeResult, lbopString) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const clientNonce = this.keyFactory.randomString(this.CLIENT_NONCE_LENGTH);
+            for (const lbop of challengeResult.lbops) {
+                const lbopKey = (yield this.keyFactory.deriveLbopKey(Object.assign({ password: lbopString }, lbop.lbopKeyParams))).jwk;
+                // If decoding successful then it's the correct lbop
+                try {
+                    const lbopKeyVerifier = (yield this.encryptionService.decrypt(lbopKey, lbop.wrappedLbopKeyVerifier));
+                    // Force a bad signature.
+                    // const serverNonce = challengeResult.challenge.serverNonce + "1",
+                    const serverNonce = challengeResult.challenge.serverNonce;
+                    const signedChallenge = yield this.encryptionService.sign(lbopKeyVerifier, {
+                        serverNonce,
+                        clientNonce,
+                    });
+                    return {
+                        lbop,
+                        signedChallenge,
+                        lbopKey,
+                    };
+                }
+                catch (error) {
+                    continue;
+                }
+            }
+            throw new LrException({
+                source: 'LBOP',
+                code: 'INVALID_PASSPHRASE',
+                message: 'Invalid passphrase.',
+            });
+        });
+    }
+    verifyContact(params) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const ret = this.http
+                .post(`${this.config.authUrl}users/lbop-reset/verify-contact/`, params)
+                .toPromise();
+            // --Potential Failure Point 1 --
+            // The contact verifications are throttled. But otherwise harmless.
+            return ret;
+        });
+    }
+    confirmContact(params) {
+        return __awaiter(this, void 0, void 0, function* () {
+            return this.http
+                .post(`${this.config.authUrl}cove/respond/`, {
+                claim_id: params.claimId,
+                v_code: params.vCode,
+            })
+                .toPromise();
+            // --Potential Failure Point 2 --
+            // A verified claim for a contact does not prevent new ones from being generated. So it should be fine to just start again.
+        });
+    }
+    verify(params) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const challengeResult = yield this.http
+                .post(`${this.config.authUrl}users/lbop-reset/get-challenge/`, {
+                claimId: params.claimId,
+                claimToken: params.claimToken,
+            })
+                .toPromise();
+            // --Potential Failure Point 3 --
+            // This does not lock anything. A second call to "get-challenge/" will create a new challenge amd invalidate the first one.
+            const { signedChallenge, lbop, lbopKey } = yield this.verifyLbops(challengeResult, params.lbop);
+            const res = yield this.http
+                .post(`${this.config.authUrl}users/lbop-reset/verify-challenge/`, {
+                lbopId: lbop.lbopId,
+                signedChallenge,
+            })
+                .toPromise();
+            // --Potential Failure Point 4 --
+            // This does not lock anything. So ok to restart.
+            return {
+                lbopId: lbop.lbopId,
+                verifiedToken: res.verifiedToken,
+                masterKeyId: res.masterKeyId,
+                masterKey: yield KFS.asKey(yield this.encryptionService.decrypt(lbopKey, res.wrappedMasterKey)),
+            };
+        });
+    }
+    setPassword(params) {
+        return __awaiter(this, void 0, void 0, function* () {
+            // Generate the new password derived keys
+            const passKeyBundle = yield this.passwordService.createPassKeyBundle(params.newPassword);
+            // Re-encrypt master key with new key
+            const newWrappedMasterKey = yield this.encryptionService.encrypt(passKeyBundle.passKey, params.masterKey.toJSON(true));
+            const result = yield this.http
+                .post(`${this.config.authUrl}users/lbop-reset/set-password/`, {
+                lbopId: params.lbopId,
+                verifiedToken: params.verifiedToken,
+                masterKeyId: params.masterKeyId,
+                newWrappedMasterKey,
+                newPassKey: {
+                    passKeyParams: passKeyBundle.passKeyParams,
+                    passIdpParams: passKeyBundle.passIdpParams,
+                    passIdpVerifierPbk: passKeyBundle.passIdpVerifier.toJSON(),
+                    wrappedPassIdpVerifierPrk: passKeyBundle.wrappedPassIdpVerifierPrk,
+                },
+            })
+                .toPromise();
+            // --Potential Failure Point 5 --
+            // A timed mutex is locked. The Idp password change must occur within a period of time.
+            // If interrupted here, the user can not login with their old password again. They must
+            // start the whole LBOP password reset process again.
+            // This call will go through the LR proxy which is OK since the LR server knows
+            // the temporary password anyway.
+            let user = yield this.auth.signIn(result.username, result.idpPassword, {
+                noProxy: 'true',
+            });
+            if (user.challengeName !== 'NEW_PASSWORD_REQUIRED') {
+                throw new LrException({
+                    message: 'Internal error. Expecting Cognito to have done a password reset.',
+                });
+            }
+            // --Potential Failure Point 6 --
+            // Must restart the LBOP password reset process again.
+            // Set new password on Idp
+            user = yield this.auth.completeNewPassword(user, this.passwordService.getPassIdpString(passKeyBundle.passIdp), {});
+            // --Potential Failure Point 7 --
+            // Must restart the LBOP password reset process again.
+            yield this.auth.signOut();
+            return yield this.http
+                .post(`${this.config.authUrl}users/lbop-reset/complete/`, {
+                lbopId: params.lbopId,
+                setPasswordToken: result.setPasswordToken,
+            })
+                .toPromise();
+        });
+    }
+}
+LbopService.ɵprov = i0.ɵɵdefineInjectable({ factory: function LbopService_Factory() { return new LbopService(i0.ɵɵinject(i1.LR_CONFIG), i0.ɵɵinject(i2.HttpClient), i0.ɵɵinject(i3.LrApolloService), i0.ɵɵinject(i4.AuthClass), i0.ɵɵinject(i5.LifeReadyAuthService), i0.ɵɵinject(i6.KeyFactoryService), i0.ɵɵinject(i7.KeyService), i0.ɵɵinject(i8.EncryptionService), i0.ɵɵinject(i9.KeyGraphService), i0.ɵɵinject(i10.PasswordService)); }, token: LbopService, providedIn: "root" });
+LbopService.decorators = [
+    { type: Injectable, args: [{
+                providedIn: 'root',
+            },] }
+];
+LbopService.ctorParameters = () => [
+    { type: undefined, decorators: [{ type: Inject, args: [LR_CONFIG,] }] },
+    { type: HttpClient },
+    { type: LrApolloService },
+    { type: AuthClass },
+    { type: LifeReadyAuthService },
+    { type: KFS },
+    { type: KeyService },
+    { type: EncryptionService },
+    { type: KeyGraphService },
+    { type: PasswordService }
+];
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoibGJvcC5zZXJ2aWNlLmpzIiwic291cmNlUm9vdCI6IkM6L1Byb2plY3RzL25ld3JlcG8va2MtY2xpZW50L3Byb2plY3RzL2NvcmUvc3JjLyIsInNvdXJjZXMiOlsibGliL2F1dGgvbGJvcC5zZXJ2aWNlLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7QUFBQSxPQUFPLEVBQUUsZUFBZSxFQUFFLE1BQU0sMEJBQTBCLENBQUM7QUFDM0QsT0FBTyxFQUFFLFVBQVUsRUFBRSxNQUFNLHNCQUFzQixDQUFDO0FBQ2xELE9BQU8sRUFBRSxNQUFNLEVBQUUsVUFBVSxFQUFFLE1BQU0sZUFBZSxDQUFDO0FBQ25ELE9BQU8sRUFBRSxTQUFTLEVBQUUsTUFBTSxnQ0FBZ0MsQ0FBQztBQUMzRCxPQUFPLEdBQUcsTUFBTSxhQUFhLENBQUM7QUFFOUIsT0FBTyxFQUFFLGlCQUFpQixFQUFFLE1BQU0sb0NBQW9DLENBQUM7QUFDdkUsT0FBTyxFQUFFLGVBQWUsRUFBRSxNQUFNLG1DQUFtQyxDQUFDO0FBQ3BFLE9BQU8sRUFBRSxVQUFVLEVBQUUsTUFBTSw2QkFBNkIsQ0FBQztBQUN6RCxPQUFPLEVBQW1CLFNBQVMsRUFBRSxNQUFNLHNCQUFzQixDQUFDO0FBQ2xFLE9BQU8sRUFDTCxXQUFXLEVBRVgsbUJBQW1CLEdBQ3BCLE1BQU0sdUJBQXVCLENBQUM7QUFDL0IsT0FBTyxFQUFFLG9CQUFvQixFQUFFLE1BQU0sMkJBQTJCLENBQUM7QUFDakUsT0FBTyxFQUFFLGVBQWUsRUFBRSxNQUFNLG9CQUFvQixDQUFDO0FBQ3JELE9BQU8sRUFBRSxZQUFZLEVBQUUsTUFBTSxRQUFRLENBQUM7QUFDdEMsT0FBTyxFQUFFLGlCQUFpQixJQUFJLEdBQUcsRUFBRSxNQUFNLHFDQUFxQyxDQUFDOzs7Ozs7Ozs7Ozs7QUF5RS9FLE1BQU0sQ0FBQyxNQUFNLGVBQWUsR0FBRyxHQUFHLENBQUE7Ozs7Ozs7O0NBUWpDLENBQUM7QUFNRixNQUFNLENBQUMsTUFBTSxlQUFlLEdBQUcsR0FBRyxDQUFBOzs7Ozs7Q0FNakMsQ0FBQztBQVdGLE1BQU0sQ0FBQyxNQUFNLGVBQWUsR0FBRyxHQUFHLENBQUE7Ozs7Ozs7O0NBUWpDLENBQUM7QUFFRixNQUFNLENBQUMsTUFBTSxTQUFTLEdBQUcsR0FBRyxDQUFBOzs7Ozs7O0NBTzNCLENBQUM7QUFNRixNQUFNLENBQUMsTUFBTSxVQUFVLEdBQUcsR0FBRyxDQUFBOzs7Ozs7Ozs7OztDQVc1QixDQUFDO0FBS0YsTUFBTSxPQUFPLFdBQVc7SUFLdEIsWUFDNkIsTUFBdUIsRUFDMUMsSUFBZ0IsRUFDaEIsUUFBeUIsRUFDekIsSUFBZSxFQUNmLFdBQWlDLEVBQ2pDLFVBQWUsRUFDZixVQUFzQixFQUN0QixpQkFBb0MsRUFDcEMsUUFBeUIsRUFDekIsZUFBZ0M7UUFUYixXQUFNLEdBQU4sTUFBTSxDQUFpQjtRQUMxQyxTQUFJLEdBQUosSUFBSSxDQUFZO1FBQ2hCLGFBQVEsR0FBUixRQUFRLENBQWlCO1FBQ3pCLFNBQUksR0FBSixJQUFJLENBQVc7UUFDZixnQkFBVyxHQUFYLFdBQVcsQ0FBc0I7UUFDakMsZUFBVSxHQUFWLFVBQVUsQ0FBSztRQUNmLGVBQVUsR0FBVixVQUFVLENBQVk7UUFDdEIsc0JBQWlCLEdBQWpCLGlCQUFpQixDQUFtQjtRQUNwQyxhQUFRLEdBQVIsUUFBUSxDQUFpQjtRQUN6QixvQkFBZSxHQUFmLGVBQWUsQ0FBaUI7UUFkekIsd0JBQW1CLEdBQUcsRUFBRSxDQUFDO1FBQzFDLGdGQUFnRjtRQUMvRCxlQUFVLEdBQUcsRUFBRSxDQUFDO0lBYTlCLENBQUM7SUFFSSxVQUFVLENBQUMsVUFBa0I7UUFDbkMsT0FBTyxVQUFVLENBQUMsS0FBSyxDQUFDLEdBQUcsQ0FBQyxDQUFDLENBQUMsQ0FBQyxDQUFDO0lBQ2xDLENBQUM7SUFFWSxNQUFNLENBQUMsRUFBVTs7WUFDNUIsTUFBTSxHQUFHLEdBQUcsTUFBTSxJQUFJLENBQUMsUUFBUSxDQUFDLE1BQU0sQ0FBTTtnQkFDMUMsUUFBUSxFQUFFLGVBQWU7Z0JBQ3pCLFNBQVMsRUFBRTtvQkFDVCxLQUFLLEVBQUU7d0JBQ0wsRUFBRTtxQkFDSDtpQkFDRjthQUNGLENBQUMsQ0FBQztZQUVILE9BQU8sR0FBRyxDQUFDLFVBQVUsQ0FBQyxFQUFFLENBQUM7UUFDM0IsQ0FBQztLQUFBO0lBRVksTUFBTSxDQUFDLEVBQUUsRUFBRSxFQUFFLElBQUksRUFBb0I7O1lBQ2hELE1BQU0sSUFBSSxHQUFHLE1BQU0sSUFBSSxDQUFDLEdBQUcsQ0FBQyxFQUFFLENBQUMsQ0FBQztZQUNoQyxJQUFJLENBQUMsSUFBSSxHQUFHLElBQUksQ0FBQztZQUVqQixNQUFNLFNBQVMsR0FBRyxNQUFNLElBQUksQ0FBQyxVQUFVLENBQUMsbUJBQW1CLEVBQUUsQ0FBQztZQUM5RCxNQUFNLFVBQVUsR0FBRyxNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxPQUFPLENBQ3JELFNBQVMsQ0FBQyxHQUFHLEVBQ2IsSUFBSSxDQUNMLENBQUM7WUFFRixNQUFNLEdBQUcsR0FBRyxNQUFNLElBQUksQ0FBQyxRQUFRLENBQUMsTUFBTSxDQUFrQjtnQkFDdEQsUUFBUSxFQUFFLGVBQWU7Z0JBQ3pCLFNBQVMsRUFBRTtvQkFDVCxLQUFLLEVBQUU7d0JBQ0wsRUFBRTt3QkFDRixVQUFVLEVBQUUsSUFBSSxDQUFDLFNBQVMsQ0FBQyxVQUFVLENBQUM7cUJBQ3ZDO2lCQUNGO2FBQ0YsQ0FBQyxDQUFDO1lBRUgsT0FBTyxHQUFHLENBQUMsVUFBVSxDQUFDO1FBQ3hCLENBQUM7S0FBQTtJQUVZLEdBQUcsQ0FBQyxFQUFVOztZQUN6QixNQUFNLEdBQUcsR0FBRyxNQUFNLElBQUksQ0FBQyxRQUFRLENBQUMsS0FBSyxDQUFNO2dCQUN6QyxLQUFLLEVBQUUsU0FBUztnQkFDaEIsU0FBUyxFQUFFO29CQUNULEVBQUU7aUJBQ0g7YUFDRixDQUFDLENBQUM7WUFFSCxNQUFNLFNBQVMsR0FBRyxNQUFNLElBQUksQ0FBQyxVQUFVLENBQUMsbUJBQW1CLEVBQUUsQ0FBQztZQUU5RCxNQUFNLGVBQWUsR0FBRyxNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxPQUFPLENBQzFELFNBQVMsQ0FBQyxHQUFHLEVBQ2IsSUFBSSxDQUFDLEtBQUssQ0FBQyxHQUFHLENBQUMsSUFBSSxDQUFDLFVBQVUsQ0FBQyxDQUNoQyxDQUFDO1lBRUYsdUJBQ0UsRUFBRSxFQUFFLEdBQUcsQ0FBQyxFQUFFLElBQ1AsZUFBZSxFQUNsQjtRQUNKLENBQUM7S0FBQTtJQUVZLElBQUk7O1lBQ2YsTUFBTSxHQUFHLEdBQUcsTUFBTSxJQUFJLENBQUMsUUFBUSxDQUFDLEtBQUssQ0FBYTtnQkFDaEQsS0FBSyxFQUFFLFVBQVU7YUFDbEIsQ0FBQyxDQUFDO1lBRUgsTUFBTSxTQUFTLEdBQUcsTUFBTSxJQUFJLENBQUMsVUFBVSxDQUFDLG1CQUFtQixFQUFFLENBQUM7WUFFOUQsT0FBTyxPQUFPLENBQUMsR0FBRyxDQUNoQixHQUFHLENBQUMsS0FBSyxDQUFDLEtBQUssQ0FBQyxHQUFHLENBQUMsQ0FBTyxJQUFJLEVBQUUsRUFBRTtnQkFDakMsTUFBTSxlQUFlLEdBQUcsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsT0FBTyxDQUMxRCxTQUFTLENBQUMsR0FBRyxFQUNiLElBQUksQ0FBQyxLQUFLLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxVQUFVLENBQUMsQ0FDakMsQ0FBQztnQkFDRix1QkFDRSxFQUFFLEVBQUUsSUFBSSxDQUFDLElBQUksQ0FBQyxFQUFFLElBQ2IsZUFBZSxFQUNsQjtZQUNKLENBQUMsQ0FBQSxDQUFDLENBQ0gsQ0FBQztRQUNKLENBQUM7S0FBQTtJQUVZLE1BQU0sQ0FBQyxFQUFFLElBQUksRUFBb0I7O1lBQzVDLElBQUksWUFBWSxDQUFDLFNBQVMsQ0FBQyxNQUFNLEtBQUssSUFBSSxFQUFFO2dCQUMxQyxNQUFNLElBQUksbUJBQW1CLENBQUMsdUNBQXVDLENBQUMsQ0FBQzthQUN4RTtZQUVELGdFQUFnRTtZQUNoRSxNQUFNLEtBQUssR0FBRyxNQUFNLElBQUksQ0FBQyxJQUFJLEVBQUUsQ0FBQztZQUVoQyxtQkFBbUI7WUFDbkIsSUFBSSxVQUFVLENBQUM7WUFDZixPQUFPLElBQUksRUFBRTtnQkFDWCxVQUFVLEdBQUcsSUFBSSxDQUFDLFVBQVU7cUJBQ3pCLGFBQWEsQ0FBQyxZQUFZLENBQUMsU0FBUyxFQUFFLElBQUksQ0FBQyxVQUFVLENBQUM7cUJBQ3RELElBQUksQ0FBQyxHQUFHLENBQUMsQ0FBQztnQkFDYixNQUFNLE9BQU8sR0FBRyxJQUFJLENBQUMsVUFBVSxDQUFDLFVBQVUsQ0FBQyxDQUFDO2dCQUU1QyxJQUFJLENBQUMsS0FBSyxDQUFDLElBQUksQ0FBQyxDQUFDLElBQUksRUFBRSxFQUFFLENBQUMsSUFBSSxDQUFDLE9BQU8sS0FBSyxPQUFPLENBQUMsRUFBRTtvQkFDbkQsTUFBTTtpQkFDUDthQUNGO1lBRUQsTUFBTSxhQUFhLEdBQUcsTUFBTSxJQUFJLENBQUMsVUFBVSxDQUFDLG1CQUFtQixFQUFFLENBQUM7WUFDbEUsTUFBTSxPQUFPLEdBQUcsQ0FDZCxNQUFNLElBQUksQ0FBQyxVQUFVLENBQUMsYUFBYSxpQkFDakMsUUFBUSxFQUFFLFVBQVUsSUFDakIsYUFBYSxFQUNoQixDQUNILENBQUMsR0FBRyxDQUFDO1lBRU4sTUFBTSxlQUFlLEdBQUcsTUFBTSxJQUFJLENBQUMsVUFBVSxDQUFDLGFBQWEsRUFBRSxDQUFDO1lBQzlELE1BQU0sc0JBQXNCLEdBQUcsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsT0FBTyxDQUNqRSxPQUFPLEVBQ1AsZUFBZSxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsQ0FDN0IsQ0FBQztZQUVGLHFDQUFxQztZQUNyQyxNQUFNLFdBQVcsR0FBRyxNQUFNLElBQUksQ0FBQyxXQUFXLENBQUMsT0FBTyxFQUFFLENBQUM7WUFDckQsTUFBTSxTQUFTLEdBQUcsTUFBTSxJQUFJLENBQUMsUUFBUSxDQUFDLE1BQU0sQ0FDMUMsV0FBVyxDQUFDLGNBQWMsQ0FBQyxTQUFTLENBQUMsRUFBRSxDQUN4QyxDQUFDO1lBQ0YsTUFBTSxnQkFBZ0IsR0FBRyxNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxPQUFPLENBQzNELE9BQU8sRUFDUCxTQUFTLENBQUMsR0FBRyxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsQ0FDM0IsQ0FBQztZQUVGLE1BQU0sSUFBSSxtQ0FDTCxDQUFDLElBQUksSUFBSSxFQUFFLElBQUksRUFBRSxDQUFDLEtBQ3JCLE9BQU8sRUFBRSxJQUFJLENBQUMsVUFBVSxDQUFDLFVBQVUsQ0FBQyxHQUNyQyxDQUFDO1lBQ0YsTUFBTSxVQUFVLEdBQUcsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsT0FBTyxDQUNyRCxTQUFTLENBQUMsR0FBRyxFQUNiLElBQUksQ0FDTCxDQUFDO1lBRUYsTUFBTSxHQUFHLEdBQUcsTUFBTSxJQUFJLENBQUMsUUFBUSxDQUFDLE1BQU0sQ0FBa0I7Z0JBQ3RELFFBQVEsRUFBRSxlQUFlO2dCQUN6QixTQUFTLEVBQUU7b0JBQ1QsS0FBSyxFQUFFO3dCQUNMLFVBQVUsRUFBRSxJQUFJLENBQUMsU0FBUyxDQUFDLFVBQVUsQ0FBQzt3QkFDdEMsYUFBYSxFQUFFLElBQUksQ0FBQyxTQUFTLENBQUMsYUFBYSxDQUFDO3dCQUM1QyxlQUFlLEVBQUUsSUFBSSxDQUFDLFNBQVMsQ0FBQyxlQUFlLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxDQUFDO3dCQUM3RCxzQkFBc0IsRUFBRSxJQUFJLENBQUMsU0FBUyxDQUFDLHNCQUFzQixDQUFDO3dCQUM5RCxXQUFXLEVBQUUsV0FBVyxDQUFDLGNBQWMsQ0FBQyxTQUFTLENBQUMsRUFBRTt3QkFDcEQsZ0JBQWdCLEVBQUUsSUFBSSxDQUFDLFNBQVMsQ0FBQyxnQkFBZ0IsQ0FBQztxQkFDbkQ7aUJBQ0Y7YUFDRixDQUFDLENBQUM7WUFFSCx1Q0FDSyxHQUFHLENBQUMsVUFBVSxDQUFDLElBQUksS0FDdEIsVUFBVSxJQUNWO1FBQ0osQ0FBQztLQUFBO0lBRUQsdUhBQXVIO0lBQ3ZILHVIQUF1SDtJQUN2SCw2Q0FBNkM7SUFDN0MsRUFBRTtJQUNGLGtDQUFrQztJQUNsQyxFQUFFO0lBQ0YsdUVBQXVFO0lBQ3ZFLEVBQUU7SUFDRix5SEFBeUg7SUFDekgsb0lBQW9JO0lBQ3BJLGtJQUFrSTtJQUNsSSxrSUFBa0k7SUFDbEksMkNBQTJDO0lBQzNDLHVIQUF1SDtJQUN2SCx1SEFBdUg7SUFDekcsV0FBVyxDQUN2QixlQUFnQyxFQUNoQyxVQUFrQjs7WUFFbEIsTUFBTSxXQUFXLEdBQUcsSUFBSSxDQUFDLFVBQVUsQ0FBQyxZQUFZLENBQUMsSUFBSSxDQUFDLG1CQUFtQixDQUFDLENBQUM7WUFFM0UsS0FBSyxNQUFNLElBQUksSUFBSSxlQUFlLENBQUMsS0FBSyxFQUFFO2dCQUN4QyxNQUFNLE9BQU8sR0FBRyxDQUNkLE1BQU0sSUFBSSxDQUFDLFVBQVUsQ0FBQyxhQUFhLGlCQUNqQyxRQUFRLEVBQUUsVUFBVSxJQUNqQixJQUFJLENBQUMsYUFBYSxFQUNyQixDQUNILENBQUMsR0FBRyxDQUFDO2dCQUVOLG9EQUFvRDtnQkFDcEQsSUFBSTtvQkFDRixNQUFNLGVBQWUsR0FBRyxDQUFDLE1BQU0sSUFBSSxDQUFDLGlCQUFpQixDQUFDLE9BQU8sQ0FDM0QsT0FBTyxFQUNQLElBQUksQ0FBQyxzQkFBc0IsQ0FDNUIsQ0FBUSxDQUFDO29CQUVWLHlCQUF5QjtvQkFDekIsbUVBQW1FO29CQUVuRSxNQUFNLFdBQVcsR0FBRyxlQUFlLENBQUMsU0FBUyxDQUFDLFdBQVcsQ0FBQztvQkFFMUQsTUFBTSxlQUFlLEdBQUcsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsSUFBSSxDQUN2RCxlQUFlLEVBQ2Y7d0JBQ0UsV0FBVzt3QkFDWCxXQUFXO3FCQUNaLENBQ0YsQ0FBQztvQkFFRixPQUFPO3dCQUNMLElBQUk7d0JBQ0osZUFBZTt3QkFDZixPQUFPO3FCQUNSLENBQUM7aUJBQ0g7Z0JBQUMsT0FBTyxLQUFLLEVBQUU7b0JBQ2QsU0FBUztpQkFDVjthQUNGO1lBQ0QsTUFBTSxJQUFJLFdBQVcsQ0FBQztnQkFDcEIsTUFBTSxFQUFFLE1BQU07Z0JBQ2QsSUFBSSxFQUFFLG9CQUFvQjtnQkFDMUIsT0FBTyxFQUFFLHFCQUFxQjthQUMvQixDQUFDLENBQUM7UUFDTCxDQUFDO0tBQUE7SUFFWSxhQUFhLENBQ3hCLE1BQTJCOztZQUUzQixNQUFNLEdBQUcsR0FBRyxJQUFJLENBQUMsSUFBSTtpQkFDbEIsSUFBSSxDQUNILEdBQUcsSUFBSSxDQUFDLE1BQU0sQ0FBQyxPQUFPLGtDQUFrQyxFQUN4RCxNQUFNLENBQ1A7aUJBQ0EsU0FBUyxFQUFFLENBQUM7WUFFZixpQ0FBaUM7WUFDakMsbUVBQW1FO1lBRW5FLE9BQU8sR0FBRyxDQUFDO1FBQ2IsQ0FBQztLQUFBO0lBRVksY0FBYyxDQUN6QixNQUE0Qjs7WUFFNUIsT0FBTyxJQUFJLENBQUMsSUFBSTtpQkFDYixJQUFJLENBQXVCLEdBQUcsSUFBSSxDQUFDLE1BQU0sQ0FBQyxPQUFPLGVBQWUsRUFBRTtnQkFDakUsUUFBUSxFQUFFLE1BQU0sQ0FBQyxPQUFPO2dCQUN4QixNQUFNLEVBQUUsTUFBTSxDQUFDLEtBQUs7YUFDckIsQ0FBQztpQkFDRCxTQUFTLEVBQUUsQ0FBQztZQUVmLGlDQUFpQztZQUNqQywySEFBMkg7UUFDN0gsQ0FBQztLQUFBO0lBRVksTUFBTSxDQUFDLE1BQW9COztZQUN0QyxNQUFNLGVBQWUsR0FBRyxNQUFNLElBQUksQ0FBQyxJQUFJO2lCQUNwQyxJQUFJLENBQ0gsR0FBRyxJQUFJLENBQUMsTUFBTSxDQUFDLE9BQU8saUNBQWlDLEVBQ3ZEO2dCQUNFLE9BQU8sRUFBRSxNQUFNLENBQUMsT0FBTztnQkFDdkIsVUFBVSxFQUFFLE1BQU0sQ0FBQyxVQUFVO2FBQzlCLENBQ0Y7aUJBQ0EsU0FBUyxFQUFFLENBQUM7WUFFZixpQ0FBaUM7WUFDakMsMkhBQTJIO1lBQzNILE1BQU0sRUFBRSxlQUFlLEVBQUUsSUFBSSxFQUFFLE9BQU8sRUFBRSxHQUFHLE1BQU0sSUFBSSxDQUFDLFdBQVcsQ0FDL0QsZUFBZSxFQUNmLE1BQU0sQ0FBQyxJQUFJLENBQ1osQ0FBQztZQUVGLE1BQU0sR0FBRyxHQUFHLE1BQU0sSUFBSSxDQUFDLElBQUk7aUJBQ3hCLElBQUksQ0FBTSxHQUFHLElBQUksQ0FBQyxNQUFNLENBQUMsT0FBTyxvQ0FBb0MsRUFBRTtnQkFDckUsTUFBTSxFQUFFLElBQUksQ0FBQyxNQUFNO2dCQUNuQixlQUFlO2FBQ2hCLENBQUM7aUJBQ0QsU0FBUyxFQUFFLENBQUM7WUFFZixpQ0FBaUM7WUFDakMsaURBQWlEO1lBRWpELE9BQU87Z0JBQ0wsTUFBTSxFQUFFLElBQUksQ0FBQyxNQUFNO2dCQUNuQixhQUFhLEVBQUUsR0FBRyxDQUFDLGFBQWE7Z0JBQ2hDLFdBQVcsRUFBRSxHQUFHLENBQUMsV0FBVztnQkFDNUIsU0FBUyxFQUFFLE1BQU0sR0FBRyxDQUFDLEtBQUssQ0FDeEIsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsT0FBTyxDQUFDLE9BQU8sRUFBRSxHQUFHLENBQUMsZ0JBQWdCLENBQUMsQ0FDcEU7YUFDRixDQUFDO1FBQ0osQ0FBQztLQUFBO0lBRVksV0FBVyxDQUFDLE1BQXlCOztZQUNoRCx5Q0FBeUM7WUFDekMsTUFBTSxhQUFhLEdBQUcsTUFBTSxJQUFJLENBQUMsZUFBZSxDQUFDLG1CQUFtQixDQUNsRSxNQUFNLENBQUMsV0FBVyxDQUNuQixDQUFDO1lBRUYscUNBQXFDO1lBQ3JDLE1BQU0sbUJBQW1CLEdBQUcsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsT0FBTyxDQUM5RCxhQUFhLENBQUMsT0FBTyxFQUNyQixNQUFNLENBQUMsU0FBUyxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsQ0FDOUIsQ0FBQztZQUVGLE1BQU0sTUFBTSxHQUFHLE1BQU0sSUFBSSxDQUFDLElBQUk7aUJBQzNCLElBQUksQ0FDSCxHQUFHLElBQUksQ0FBQyxNQUFNLENBQUMsT0FBTyxnQ0FBZ0MsRUFDdEQ7Z0JBQ0UsTUFBTSxFQUFFLE1BQU0sQ0FBQyxNQUFNO2dCQUNyQixhQUFhLEVBQUUsTUFBTSxDQUFDLGFBQWE7Z0JBQ25DLFdBQVcsRUFBRSxNQUFNLENBQUMsV0FBVztnQkFDL0IsbUJBQW1CO2dCQUNuQixVQUFVLEVBQUU7b0JBQ1YsYUFBYSxFQUFFLGFBQWEsQ0FBQyxhQUFhO29CQUMxQyxhQUFhLEVBQUUsYUFBYSxDQUFDLGFBQWE7b0JBQzFDLGtCQUFrQixFQUFFLGFBQWEsQ0FBQyxlQUFlLENBQUMsTUFBTSxFQUFFO29CQUMxRCx5QkFBeUIsRUFBRSxhQUFhLENBQUMseUJBQXlCO2lCQUNuRTthQUNGLENBQ0Y7aUJBQ0EsU0FBUyxFQUFFLENBQUM7WUFFZixpQ0FBaUM7WUFDakMsdUZBQXVGO1lBQ3ZGLHVGQUF1RjtZQUN2RixxREFBcUQ7WUFFckQsK0VBQStFO1lBQy9FLGlDQUFpQztZQUNqQyxJQUFJLElBQUksR0FBRyxNQUFNLElBQUksQ0FBQyxJQUFJLENBQUMsTUFBTSxDQUFDLE1BQU0sQ0FBQyxRQUFRLEVBQUUsTUFBTSxDQUFDLFdBQVcsRUFBRTtnQkFDckUsT0FBTyxFQUFFLE1BQU07YUFDaEIsQ0FBQyxDQUFDO1lBRUgsSUFBSSxJQUFJLENBQUMsYUFBYSxLQUFLLHVCQUF1QixFQUFFO2dCQUNsRCxNQUFNLElBQUksV0FBVyxDQUFDO29CQUNwQixPQUFPLEVBQ0wsa0VBQWtFO2lCQUNyRSxDQUFDLENBQUM7YUFDSjtZQUVELGlDQUFpQztZQUNqQyxzREFBc0Q7WUFFdEQsMEJBQTBCO1lBQzFCLElBQUksR0FBRyxNQUFNLElBQUksQ0FBQyxJQUFJLENBQUMsbUJBQW1CLENBQ3hDLElBQUksRUFDSixJQUFJLENBQUMsZUFBZSxDQUFDLGdCQUFnQixDQUFDLGFBQWEsQ0FBQyxPQUFPLENBQUMsRUFDNUQsRUFBRSxDQUNILENBQUM7WUFFRixpQ0FBaUM7WUFDakMsc0RBQXNEO1lBRXRELE1BQU0sSUFBSSxDQUFDLElBQUksQ0FBQyxPQUFPLEVBQUUsQ0FBQztZQUUxQixPQUFPLE1BQU0sSUFBSSxDQUFDLElBQUk7aUJBQ25CLElBQUksQ0FBTSxHQUFHLElBQUksQ0FBQyxNQUFNLENBQUMsT0FBTyw0QkFBNEIsRUFBRTtnQkFDN0QsTUFBTSxFQUFFLE1BQU0sQ0FBQyxNQUFNO2dCQUNyQixnQkFBZ0IsRUFBRSxNQUFNLENBQUMsZ0JBQWdCO2FBQzFDLENBQUM7aUJBQ0QsU0FBUyxFQUFFLENBQUM7UUFDakIsQ0FBQztLQUFBOzs7O1lBM1hGLFVBQVUsU0FBQztnQkFDVixVQUFVLEVBQUUsTUFBTTthQUNuQjs7OzRDQU9JLE1BQU0sU0FBQyxTQUFTO1lBdEtaLFVBQVU7WUFEVixlQUFlO1lBR2YsU0FBUztZQVlULG9CQUFvQjtZQUdDLEdBQUc7WUFWeEIsVUFBVTtZQUZWLGlCQUFpQjtZQUNqQixlQUFlO1lBU2YsZUFBZSIsInNvdXJjZXNDb250ZW50IjpbImltcG9ydCB7IExyQXBvbGxvU2VydmljZSB9IGZyb20gJy4uL2FwaS9sci1hcG9sbG8uc2VydmljZSc7XHJcbmltcG9ydCB7IEh0dHBDbGllbnQgfSBmcm9tICdAYW5ndWxhci9jb21tb24vaHR0cCc7XHJcbmltcG9ydCB7IEluamVjdCwgSW5qZWN0YWJsZSB9IGZyb20gJ0Bhbmd1bGFyL2NvcmUnO1xyXG5pbXBvcnQgeyBBdXRoQ2xhc3MgfSBmcm9tICdAYXdzLWFtcGxpZnkvYXV0aC9saWItZXNtL0F1dGgnO1xyXG5pbXBvcnQgZ3FsIGZyb20gJ2dyYXBocWwtdGFnJztcclxuaW1wb3J0IHsgSldLIH0gZnJvbSAnbm9kZS1qb3NlJztcclxuaW1wb3J0IHsgRW5jcnlwdGlvblNlcnZpY2UgfSBmcm9tICcuLi9jcnlwdG9ncmFwaHkvZW5jcnlwdGlvbi5zZXJ2aWNlJztcclxuaW1wb3J0IHsgS2V5R3JhcGhTZXJ2aWNlIH0gZnJvbSAnLi4vY3J5cHRvZ3JhcGh5L2tleS1ncmFwaC5zZXJ2aWNlJztcclxuaW1wb3J0IHsgS2V5U2VydmljZSB9IGZyb20gJy4uL2NyeXB0b2dyYXBoeS9rZXkuc2VydmljZSc7XHJcbmltcG9ydCB7IExpZmVSZWFkeUNvbmZpZywgTFJfQ09ORklHIH0gZnJvbSAnLi4vbGlmZS1yZWFkeS5jb25maWcnO1xyXG5pbXBvcnQge1xyXG4gIExyRXhjZXB0aW9uLFxyXG4gIExyRXJyb3JDb2RlLFxyXG4gIExyQmFkTG9naWNFeGNlcHRpb24sXHJcbn0gZnJvbSAnLi4vX2NvbW1vbi9leGNlcHRpb25zJztcclxuaW1wb3J0IHsgTGlmZVJlYWR5QXV0aFNlcnZpY2UgfSBmcm9tICcuL2xpZmUtcmVhZHktYXV0aC5zZXJ2aWNlJztcclxuaW1wb3J0IHsgUGFzc3dvcmRTZXJ2aWNlIH0gZnJvbSAnLi9wYXNzd29yZC5zZXJ2aWNlJztcclxuaW1wb3J0IHsgU2xpcDM5SGVscGVyIH0gZnJvbSAnc2xpcDM5JztcclxuaW1wb3J0IHsgS2V5RmFjdG9yeVNlcnZpY2UgYXMgS0ZTIH0gZnJvbSAnLi4vY3J5cHRvZ3JhcGh5L2tleS1mYWN0b3J5LnNlcnZpY2UnO1xyXG5cclxuaW50ZXJmYWNlIFNldFBhc3N3b3JkQXBpUmVzdWx0IHtcclxuICB1c2VybmFtZTogc3RyaW5nO1xyXG4gIGlkcFBhc3N3b3JkOiBzdHJpbmc7XHJcbiAgc2V0UGFzc3dvcmRUb2tlbjogc3RyaW5nO1xyXG59XHJcblxyXG5leHBvcnQgaW50ZXJmYWNlIFNldFBhc3N3b3JkUGFyYW1zIHtcclxuICBsYm9wSWQ6IHN0cmluZztcclxuICBuZXdQYXNzd29yZDogc3RyaW5nO1xyXG4gIHZlcmlmaWVkVG9rZW46IHN0cmluZztcclxuICBtYXN0ZXJLZXlJZDogc3RyaW5nO1xyXG4gIG1hc3RlcktleTogSldLLktleTtcclxufVxyXG5cclxuZXhwb3J0IGludGVyZmFjZSBWZXJpZnlDb250YWN0UGFyYW1zIHtcclxuICBlbWFpbD86IHN0cmluZztcclxuICBwaG9uZT86IHN0cmluZztcclxufVxyXG5cclxuZXhwb3J0IGludGVyZmFjZSBWZXJpZnlDb250YWN0UmVzdWx0IHtcclxuICAvLyBUaGUgY2xhaW1faWQgaWRlbnRpZmllcyB0aGUgRW1haWwvU01TIGNvbmZpcm1hdGlvblxyXG4gIGNsYWltSWQ6IHN0cmluZztcclxufVxyXG5cclxuZXhwb3J0IGludGVyZmFjZSBDb25maXJtQ29udGFjdFBhcmFtcyB7XHJcbiAgY2xhaW1JZDogc3RyaW5nO1xyXG4gIHZDb2RlOiBzdHJpbmc7XHJcbn1cclxuXHJcbmV4cG9ydCBpbnRlcmZhY2UgQ29uZmlybUNvbnRhY3RSZXN1bHQge1xyXG4gIC8vIFRoZSB0b2tlbiB0byBwcm92ZSB0aGUgY2xpZW50IGhhZCB0aGUgY29ycmVjdCBjb25maXJtYXRpb24gY29kZS5cclxuICB0b2tlbjogc3RyaW5nO1xyXG59XHJcblxyXG5leHBvcnQgaW50ZXJmYWNlIFZlcmlmeVBhcmFtcyB7XHJcbiAgY2xhaW1JZDogc3RyaW5nO1xyXG4gIGNsYWltVG9rZW46IHN0cmluZztcclxuICBsYm9wOiBzdHJpbmc7XHJcbn1cclxuXHJcbmV4cG9ydCBpbnRlcmZhY2UgVmVyaWZ5UmVzdWx0IHtcclxuICAvLyB1c2VySWQ6IHN0cmluZztcclxuICBsYm9wSWQ6IHN0cmluZztcclxuICB2ZXJpZmllZFRva2VuOiBzdHJpbmc7XHJcbiAgbWFzdGVyS2V5SWQ6IHN0cmluZztcclxuICBtYXN0ZXJLZXk6IEpXSy5LZXk7XHJcbn1cclxuXHJcbmV4cG9ydCBpbnRlcmZhY2UgQ2hhbGxlbmdlUmVzdWx0IHtcclxuICBjaGFsbGVuZ2U6IGFueTtcclxuICBsYm9wczogYW55O1xyXG4gIC8vIHVzZXJJZDogc3RyaW5nO1xyXG59XHJcblxyXG5leHBvcnQgaW50ZXJmYWNlIExib3Age1xyXG4gIGlkOiBzdHJpbmc7XHJcbiAgcGFydGlhbD86IHN0cmluZztcclxuICBuYW1lPzogc3RyaW5nO1xyXG4gIGxib3BTdHJpbmc/OiBzdHJpbmc7XHJcbn1cclxuXHJcbmV4cG9ydCBpbnRlcmZhY2UgQ3JlYXRlTGJvcFBhcmFtcyB7XHJcbiAgbmFtZT86IHN0cmluZztcclxufVxyXG5cclxuaW50ZXJmYWNlIENyZWF0ZUxib3BRdWVyeSB7XHJcbiAgY3JlYXRlTGJvcDoge1xyXG4gICAgbGJvcDogTGJvcDtcclxuICB9O1xyXG59XHJcblxyXG5leHBvcnQgY29uc3QgQ3JlYXRlTGJvcFF1ZXJ5ID0gZ3FsYFxyXG4gIG11dGF0aW9uIENyZWF0ZUxib3AoJGlucHV0OiBDcmVhdGVMYm9wSW5wdXQhKSB7XHJcbiAgICBjcmVhdGVMYm9wKGlucHV0OiAkaW5wdXQpIHtcclxuICAgICAgbGJvcCB7XHJcbiAgICAgICAgaWRcclxuICAgICAgfVxyXG4gICAgfVxyXG4gIH1cclxuYDtcclxuXHJcbmludGVyZmFjZSBEZWxldGVMYm9wUXVlcnkge1xyXG4gIGRlbGV0ZUxib3A6IExib3A7XHJcbn1cclxuXHJcbmV4cG9ydCBjb25zdCBEZWxldGVMYm9wUXVlcnkgPSBncWxgXHJcbiAgbXV0YXRpb24gRGVsZXRlTGJvcCgkaW5wdXQ6IERlbGV0ZUxib3BJbnB1dCEpIHtcclxuICAgIGRlbGV0ZUxib3AoaW5wdXQ6ICRpbnB1dCkge1xyXG4gICAgICBpZFxyXG4gICAgfVxyXG4gIH1cclxuYDtcclxuXHJcbmV4cG9ydCBpbnRlcmZhY2UgVXBkYXRlTGJvcFBhcmFtcyB7XHJcbiAgaWQ6IHN0cmluZztcclxuICBuYW1lOiBzdHJpbmc7XHJcbn1cclxuXHJcbmludGVyZmFjZSBVcGRhdGVMYm9wUXVlcnkge1xyXG4gIHVwZGF0ZUxib3A6IExib3A7XHJcbn1cclxuXHJcbmV4cG9ydCBjb25zdCBVcGRhdGVMYm9wUXVlcnkgPSBncWxgXHJcbiAgbXV0YXRpb24gVXBkYXRlTGJvcCgkaW5wdXQ6IFVwZGF0ZUxib3BJbnB1dCEpIHtcclxuICAgIHVwZGF0ZUxib3AoaW5wdXQ6ICRpbnB1dCkge1xyXG4gICAgICBsYm9wIHtcclxuICAgICAgICBpZFxyXG4gICAgICB9XHJcbiAgICB9XHJcbiAgfVxyXG5gO1xyXG5cclxuZXhwb3J0IGNvbnN0IExib3BRdWVyeSA9IGdxbGBcclxuICBxdWVyeSBMYm9wKCRpZDogTHJSZWxheUlkSW5wdXQhKSB7XHJcbiAgICBsYm9wKGlkOiAkaWQpIHtcclxuICAgICAgaWRcclxuICAgICAgY2lwaGVyTWV0YVxyXG4gICAgfVxyXG4gIH1cclxuYDtcclxuXHJcbmludGVyZmFjZSBMYm9wc1F1ZXJ5IHtcclxuICBsYm9wczogYW55O1xyXG59XHJcblxyXG5leHBvcnQgY29uc3QgTGJvcHNRdWVyeSA9IGdxbGBcclxuICBxdWVyeSBMYm9wcyB7XHJcbiAgICBsYm9wcyB7XHJcbiAgICAgIGVkZ2VzIHtcclxuICAgICAgICBub2RlIHtcclxuICAgICAgICAgIGlkXHJcbiAgICAgICAgICBjaXBoZXJNZXRhXHJcbiAgICAgICAgfVxyXG4gICAgICB9XHJcbiAgICB9XHJcbiAgfVxyXG5gO1xyXG5cclxuQEluamVjdGFibGUoe1xyXG4gIHByb3ZpZGVkSW46ICdyb290JyxcclxufSlcclxuZXhwb3J0IGNsYXNzIExib3BTZXJ2aWNlIHtcclxuICBwcml2YXRlIHJlYWRvbmx5IENMSUVOVF9OT05DRV9MRU5HVEggPSAzMjtcclxuICAvLyBUaGVyZSBhcmUgMTAyNCB3b3JkcyAoMTAgYml0cyksIHNvIDI1IHdvcmRzIHNob3VsZCBnaXZlIH4yNTYgYml0cyBvZiBlbnRyb3B5LlxyXG4gIHByaXZhdGUgcmVhZG9ubHkgTEJPUF9XT1JEUyA9IDI1O1xyXG5cclxuICBjb25zdHJ1Y3RvcihcclxuICAgIEBJbmplY3QoTFJfQ09ORklHKSBwcml2YXRlIGNvbmZpZzogTGlmZVJlYWR5Q29uZmlnLFxyXG4gICAgcHJpdmF0ZSBodHRwOiBIdHRwQ2xpZW50LFxyXG4gICAgcHJpdmF0ZSBsckFwb2xsbzogTHJBcG9sbG9TZXJ2aWNlLFxyXG4gICAgcHJpdmF0ZSBhdXRoOiBBdXRoQ2xhc3MsXHJcbiAgICBwcml2YXRlIGF1dGhTZXJ2aWNlOiBMaWZlUmVhZHlBdXRoU2VydmljZSxcclxuICAgIHByaXZhdGUga2V5RmFjdG9yeTogS0ZTLFxyXG4gICAgcHJpdmF0ZSBrZXlTZXJ2aWNlOiBLZXlTZXJ2aWNlLFxyXG4gICAgcHJpdmF0ZSBlbmNyeXB0aW9uU2VydmljZTogRW5jcnlwdGlvblNlcnZpY2UsXHJcbiAgICBwcml2YXRlIGtleUdyYXBoOiBLZXlHcmFwaFNlcnZpY2UsXHJcbiAgICBwcml2YXRlIHBhc3N3b3JkU2VydmljZTogUGFzc3dvcmRTZXJ2aWNlXHJcbiAgKSB7fVxyXG5cclxuICBwcml2YXRlIGdldFBhcnRpYWwobGJvcFN0cmluZzogc3RyaW5nKTogc3RyaW5nIHtcclxuICAgIHJldHVybiBsYm9wU3RyaW5nLnNwbGl0KCcgJylbMF07XHJcbiAgfVxyXG5cclxuICBwdWJsaWMgYXN5bmMgcmVtb3ZlKGlkOiBzdHJpbmcpOiBQcm9taXNlPHN0cmluZz4ge1xyXG4gICAgY29uc3QgcmVzID0gYXdhaXQgdGhpcy5sckFwb2xsby5tdXRhdGU8YW55Pih7XHJcbiAgICAgIG11dGF0aW9uOiBEZWxldGVMYm9wUXVlcnksXHJcbiAgICAgIHZhcmlhYmxlczoge1xyXG4gICAgICAgIGlucHV0OiB7XHJcbiAgICAgICAgICBpZCxcclxuICAgICAgICB9LFxyXG4gICAgICB9LFxyXG4gICAgfSk7XHJcblxyXG4gICAgcmV0dXJuIHJlcy5kZWxldGVMYm9wLmlkO1xyXG4gIH1cclxuXHJcbiAgcHVibGljIGFzeW5jIHVwZGF0ZSh7IGlkLCBuYW1lIH06IFVwZGF0ZUxib3BQYXJhbXMpOiBQcm9taXNlPExib3A+IHtcclxuICAgIGNvbnN0IGxib3AgPSBhd2FpdCB0aGlzLmdldChpZCk7XHJcbiAgICBsYm9wLm5hbWUgPSBuYW1lO1xyXG5cclxuICAgIGNvbnN0IG1hc3RlcktleSA9IGF3YWl0IHRoaXMua2V5U2VydmljZS5nZXRDdXJyZW50TWFzdGVyS2V5KCk7XHJcbiAgICBjb25zdCBjaXBoZXJNZXRhID0gYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5lbmNyeXB0KFxyXG4gICAgICBtYXN0ZXJLZXkuandrLFxyXG4gICAgICBsYm9wXHJcbiAgICApO1xyXG5cclxuICAgIGNvbnN0IHJlcyA9IGF3YWl0IHRoaXMubHJBcG9sbG8ubXV0YXRlPFVwZGF0ZUxib3BRdWVyeT4oe1xyXG4gICAgICBtdXRhdGlvbjogVXBkYXRlTGJvcFF1ZXJ5LFxyXG4gICAgICB2YXJpYWJsZXM6IHtcclxuICAgICAgICBpbnB1dDoge1xyXG4gICAgICAgICAgaWQsXHJcbiAgICAgICAgICBjaXBoZXJNZXRhOiBKU09OLnN0cmluZ2lmeShjaXBoZXJNZXRhKSxcclxuICAgICAgICB9LFxyXG4gICAgICB9LFxyXG4gICAgfSk7XHJcblxyXG4gICAgcmV0dXJuIHJlcy51cGRhdGVMYm9wO1xyXG4gIH1cclxuXHJcbiAgcHVibGljIGFzeW5jIGdldChpZDogc3RyaW5nKTogUHJvbWlzZTxMYm9wPiB7XHJcbiAgICBjb25zdCByZXMgPSBhd2FpdCB0aGlzLmxyQXBvbGxvLnF1ZXJ5PGFueT4oe1xyXG4gICAgICBxdWVyeTogTGJvcFF1ZXJ5LFxyXG4gICAgICB2YXJpYWJsZXM6IHtcclxuICAgICAgICBpZCxcclxuICAgICAgfSxcclxuICAgIH0pO1xyXG5cclxuICAgIGNvbnN0IG1hc3RlcktleSA9IGF3YWl0IHRoaXMua2V5U2VydmljZS5nZXRDdXJyZW50TWFzdGVyS2V5KCk7XHJcblxyXG4gICAgY29uc3QgcGxhaW5DaXBoZXJNZXRhID0gYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5kZWNyeXB0KFxyXG4gICAgICBtYXN0ZXJLZXkuandrLFxyXG4gICAgICBKU09OLnBhcnNlKHJlcy5sYm9wLmNpcGhlck1ldGEpXHJcbiAgICApO1xyXG5cclxuICAgIHJldHVybiB7XHJcbiAgICAgIGlkOiByZXMuaWQsXHJcbiAgICAgIC4uLnBsYWluQ2lwaGVyTWV0YSxcclxuICAgIH07XHJcbiAgfVxyXG5cclxuICBwdWJsaWMgYXN5bmMgbGlzdCgpOiBQcm9taXNlPExib3BbXT4ge1xyXG4gICAgY29uc3QgcmVzID0gYXdhaXQgdGhpcy5sckFwb2xsby5xdWVyeTxMYm9wc1F1ZXJ5Pih7XHJcbiAgICAgIHF1ZXJ5OiBMYm9wc1F1ZXJ5LFxyXG4gICAgfSk7XHJcblxyXG4gICAgY29uc3QgbWFzdGVyS2V5ID0gYXdhaXQgdGhpcy5rZXlTZXJ2aWNlLmdldEN1cnJlbnRNYXN0ZXJLZXkoKTtcclxuXHJcbiAgICByZXR1cm4gUHJvbWlzZS5hbGwoXHJcbiAgICAgIHJlcy5sYm9wcy5lZGdlcy5tYXAoYXN5bmMgKGVkZ2UpID0+IHtcclxuICAgICAgICBjb25zdCBwbGFpbkNpcGhlck1ldGEgPSBhd2FpdCB0aGlzLmVuY3J5cHRpb25TZXJ2aWNlLmRlY3J5cHQoXHJcbiAgICAgICAgICBtYXN0ZXJLZXkuandrLFxyXG4gICAgICAgICAgSlNPTi5wYXJzZShlZGdlLm5vZGUuY2lwaGVyTWV0YSlcclxuICAgICAgICApO1xyXG4gICAgICAgIHJldHVybiB7XHJcbiAgICAgICAgICBpZDogZWRnZS5ub2RlLmlkLFxyXG4gICAgICAgICAgLi4ucGxhaW5DaXBoZXJNZXRhLFxyXG4gICAgICAgIH07XHJcbiAgICAgIH0pXHJcbiAgICApO1xyXG4gIH1cclxuXHJcbiAgcHVibGljIGFzeW5jIGNyZWF0ZSh7IG5hbWUgfTogQ3JlYXRlTGJvcFBhcmFtcyk6IFByb21pc2U8TGJvcD4ge1xyXG4gICAgaWYgKFNsaXAzOUhlbHBlci5XT1JEX0xJU1QubGVuZ3RoICE9PSAxMDI0KSB7XHJcbiAgICAgIHRocm93IG5ldyBMckJhZExvZ2ljRXhjZXB0aW9uKCdTbGlwMzlIZWxwZXIuV09SRF9MSVNULmxlbmd0aCAhPSAxMDI0Jyk7XHJcbiAgICB9XHJcblxyXG4gICAgLy8gR2V0IGV4aXN0aW5nIHRvIG1ha2Ugc3VyZSB0aGVyZSBhcmUgbm90IGR1cGxpY2F0ZSBmaXJzdCB3b3Jkc1xyXG4gICAgY29uc3QgbGJvcHMgPSBhd2FpdCB0aGlzLmxpc3QoKTtcclxuXHJcbiAgICAvLyBHZW5lcmF0ZSBuZXcgb25lXHJcbiAgICBsZXQgbGJvcFN0cmluZztcclxuICAgIHdoaWxlICh0cnVlKSB7XHJcbiAgICAgIGxib3BTdHJpbmcgPSB0aGlzLmtleUZhY3RvcnlcclxuICAgICAgICAucmFuZG9tQ2hvaWNlcyhTbGlwMzlIZWxwZXIuV09SRF9MSVNULCB0aGlzLkxCT1BfV09SRFMpXHJcbiAgICAgICAgLmpvaW4oJyAnKTtcclxuICAgICAgY29uc3QgcGFydGlhbCA9IHRoaXMuZ2V0UGFydGlhbChsYm9wU3RyaW5nKTtcclxuXHJcbiAgICAgIGlmICghbGJvcHMuc29tZSgobGJvcCkgPT4gbGJvcC5wYXJ0aWFsID09PSBwYXJ0aWFsKSkge1xyXG4gICAgICAgIGJyZWFrO1xyXG4gICAgICB9XHJcbiAgICB9XHJcblxyXG4gICAgY29uc3QgbGJvcEtleVBhcmFtcyA9IGF3YWl0IHRoaXMua2V5RmFjdG9yeS5jcmVhdGVMYm9wS2V5UGFyYW1zKCk7XHJcbiAgICBjb25zdCBsYm9wS2V5ID0gKFxyXG4gICAgICBhd2FpdCB0aGlzLmtleUZhY3RvcnkuZGVyaXZlTGJvcEtleSh7XHJcbiAgICAgICAgcGFzc3dvcmQ6IGxib3BTdHJpbmcsXHJcbiAgICAgICAgLi4ubGJvcEtleVBhcmFtcyxcclxuICAgICAgfSlcclxuICAgICkuandrO1xyXG5cclxuICAgIGNvbnN0IGxib3BLZXlWZXJpZmllciA9IGF3YWl0IHRoaXMua2V5RmFjdG9yeS5jcmVhdGVTaWduS2V5KCk7XHJcbiAgICBjb25zdCB3cmFwcGVkTGJvcEtleVZlcmlmaWVyID0gYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5lbmNyeXB0KFxyXG4gICAgICBsYm9wS2V5LFxyXG4gICAgICBsYm9wS2V5VmVyaWZpZXIudG9KU09OKHRydWUpXHJcbiAgICApO1xyXG5cclxuICAgIC8vIFJlLWVuY3J5cHQgbWFzdGVyIGtleSB3aXRoIG5ldyBrZXlcclxuICAgIGNvbnN0IGN1cnJlbnRVc2VyID0gYXdhaXQgdGhpcy5hdXRoU2VydmljZS5nZXRVc2VyKCk7XHJcbiAgICBjb25zdCBtYXN0ZXJLZXkgPSBhd2FpdCB0aGlzLmtleUdyYXBoLmdldEtleShcclxuICAgICAgY3VycmVudFVzZXIuY3VycmVudFVzZXJLZXkubWFzdGVyS2V5LmlkXHJcbiAgICApO1xyXG4gICAgY29uc3Qgd3JhcHBlZE1hc3RlcktleSA9IGF3YWl0IHRoaXMuZW5jcnlwdGlvblNlcnZpY2UuZW5jcnlwdChcclxuICAgICAgbGJvcEtleSxcclxuICAgICAgbWFzdGVyS2V5Lmp3ay50b0pTT04odHJ1ZSlcclxuICAgICk7XHJcblxyXG4gICAgY29uc3QgbWV0YSA9IHtcclxuICAgICAgLi4uKG5hbWUgJiYgeyBuYW1lIH0pLFxyXG4gICAgICBwYXJ0aWFsOiB0aGlzLmdldFBhcnRpYWwobGJvcFN0cmluZyksXHJcbiAgICB9O1xyXG4gICAgY29uc3QgY2lwaGVyTWV0YSA9IGF3YWl0IHRoaXMuZW5jcnlwdGlvblNlcnZpY2UuZW5jcnlwdChcclxuICAgICAgbWFzdGVyS2V5Lmp3ayxcclxuICAgICAgbWV0YVxyXG4gICAgKTtcclxuXHJcbiAgICBjb25zdCByZXMgPSBhd2FpdCB0aGlzLmxyQXBvbGxvLm11dGF0ZTxDcmVhdGVMYm9wUXVlcnk+KHtcclxuICAgICAgbXV0YXRpb246IENyZWF0ZUxib3BRdWVyeSxcclxuICAgICAgdmFyaWFibGVzOiB7XHJcbiAgICAgICAgaW5wdXQ6IHtcclxuICAgICAgICAgIGNpcGhlck1ldGE6IEpTT04uc3RyaW5naWZ5KGNpcGhlck1ldGEpLFxyXG4gICAgICAgICAgbGJvcEtleVBhcmFtczogSlNPTi5zdHJpbmdpZnkobGJvcEtleVBhcmFtcyksXHJcbiAgICAgICAgICBsYm9wS2V5VmVyaWZpZXI6IEpTT04uc3RyaW5naWZ5KGxib3BLZXlWZXJpZmllci50b0pTT04odHJ1ZSkpLFxyXG4gICAgICAgICAgd3JhcHBlZExib3BLZXlWZXJpZmllcjogSlNPTi5zdHJpbmdpZnkod3JhcHBlZExib3BLZXlWZXJpZmllciksXHJcbiAgICAgICAgICBtYXN0ZXJLZXlJZDogY3VycmVudFVzZXIuY3VycmVudFVzZXJLZXkubWFzdGVyS2V5LmlkLFxyXG4gICAgICAgICAgd3JhcHBlZE1hc3RlcktleTogSlNPTi5zdHJpbmdpZnkod3JhcHBlZE1hc3RlcktleSksXHJcbiAgICAgICAgfSxcclxuICAgICAgfSxcclxuICAgIH0pO1xyXG5cclxuICAgIHJldHVybiB7XHJcbiAgICAgIC4uLnJlcy5jcmVhdGVMYm9wLmxib3AsXHJcbiAgICAgIGxib3BTdHJpbmcsXHJcbiAgICB9O1xyXG4gIH1cclxuXHJcbiAgLy8gLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS1cclxuICAvLyAtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLVxyXG4gIC8vIEZsb3cgYmVsb3cgYXJlIGZvciBwYXNzd29yZCByZXNldCB2aWEgTEJPUFxyXG4gIC8vXHJcbiAgLy8gLS1Qb3RlbnRpYWwgRmFpbHVyZSBQb2ludCB4eHgtLVxyXG4gIC8vXHJcbiAgLy8gTG9vayBmb3IgdGhlIGFib3ZlIGFuZCB5b3UgY2FuIHRlc3QgYnkgaW50ZXJydXB0aW5nIGF0IHRoZXNlIHBvaW50cy5cclxuICAvL1xyXG4gIC8vIFRoZSBMQk9QIHJlc2V0IHByb2Nlc3MgY2FuIGJlIHJlc3RhcnRlZCBhdCBhbnkgcG9pbnQgYmVmb3JlIHRoZSBjYWxsIHRvIFwic2V0LXBhc3N3b3JkL1wiLiBPbmNlIFwic2V0LXBhc3N3b3JkL1wiIGhhcyBiZWVuXHJcbiAgLy8gY2FsbGVkLCB3ZSBhc3N1bWUgdGhlIGNsaWVudCBoYXMgYSBzaG9ydCBwZXJpb2Qgb2YgdGltZSB0byBjaGFuZ2UgdGhlIElkcCBwYXNzd29yZCB0byB0aGUgb25lIHRoZXkndmUgY2hvc2VuLiBUaGUgXCJzZXQtcGFzc3dvcmQvXCJcclxuICAvLyB3aWxsIHNldCB0aGUgSWRwIHBhc3N3b3JkIHRvIGEgdGVtcG9yYXJ5IHJhbmRvbSBwYXNzd29yZC4gVGhlIHVzZXIgY2FuIG5vIGxvbmdlciBsb2dpbiB1c2luZyB0aGVpciBjdXJyZW50IHBhc3N3b3JkLiBJZiB0aGUgSWRwXHJcbiAgLy8gcGFzc3dvcmQgY2hhbmdlIHByb2Nlc3MgZG9lcyBub3QgY29tcGxldGUgb3IgdGFrZXMgbG9uZ2VyIHRoYW4gdGhlIGxvY2tvdXQgcGVyaW9kLCB0aGUgYWNjb3VudCB3aWxsIG5vdCBiZSBhY2Nlc3NpYmxlIGFuZCBhIG5ld1xyXG4gIC8vIExCT1AgcGFzc3dvcmQgcmVzZXQgbXVzdCBiZSBjYXJyaWVkIG91dC5cclxuICAvLyAtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLVxyXG4gIC8vIC0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tXHJcbiAgcHJpdmF0ZSBhc3luYyB2ZXJpZnlMYm9wcyhcclxuICAgIGNoYWxsZW5nZVJlc3VsdDogQ2hhbGxlbmdlUmVzdWx0LFxyXG4gICAgbGJvcFN0cmluZzogc3RyaW5nXHJcbiAgKTogUHJvbWlzZTx7IGxib3A6IGFueTsgc2lnbmVkQ2hhbGxlbmdlOiBhbnk7IGxib3BLZXk6IEpXSy5LZXkgfT4ge1xyXG4gICAgY29uc3QgY2xpZW50Tm9uY2UgPSB0aGlzLmtleUZhY3RvcnkucmFuZG9tU3RyaW5nKHRoaXMuQ0xJRU5UX05PTkNFX0xFTkdUSCk7XHJcblxyXG4gICAgZm9yIChjb25zdCBsYm9wIG9mIGNoYWxsZW5nZVJlc3VsdC5sYm9wcykge1xyXG4gICAgICBjb25zdCBsYm9wS2V5ID0gKFxyXG4gICAgICAgIGF3YWl0IHRoaXMua2V5RmFjdG9yeS5kZXJpdmVMYm9wS2V5KHtcclxuICAgICAgICAgIHBhc3N3b3JkOiBsYm9wU3RyaW5nLFxyXG4gICAgICAgICAgLi4ubGJvcC5sYm9wS2V5UGFyYW1zLFxyXG4gICAgICAgIH0pXHJcbiAgICAgICkuandrO1xyXG5cclxuICAgICAgLy8gSWYgZGVjb2Rpbmcgc3VjY2Vzc2Z1bCB0aGVuIGl0J3MgdGhlIGNvcnJlY3QgbGJvcFxyXG4gICAgICB0cnkge1xyXG4gICAgICAgIGNvbnN0IGxib3BLZXlWZXJpZmllciA9IChhd2FpdCB0aGlzLmVuY3J5cHRpb25TZXJ2aWNlLmRlY3J5cHQoXHJcbiAgICAgICAgICBsYm9wS2V5LFxyXG4gICAgICAgICAgbGJvcC53cmFwcGVkTGJvcEtleVZlcmlmaWVyXHJcbiAgICAgICAgKSkgYXMgYW55O1xyXG5cclxuICAgICAgICAvLyBGb3JjZSBhIGJhZCBzaWduYXR1cmUuXHJcbiAgICAgICAgLy8gY29uc3Qgc2VydmVyTm9uY2UgPSBjaGFsbGVuZ2VSZXN1bHQuY2hhbGxlbmdlLnNlcnZlck5vbmNlICsgXCIxXCIsXHJcblxyXG4gICAgICAgIGNvbnN0IHNlcnZlck5vbmNlID0gY2hhbGxlbmdlUmVzdWx0LmNoYWxsZW5nZS5zZXJ2ZXJOb25jZTtcclxuXHJcbiAgICAgICAgY29uc3Qgc2lnbmVkQ2hhbGxlbmdlID0gYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5zaWduKFxyXG4gICAgICAgICAgbGJvcEtleVZlcmlmaWVyLFxyXG4gICAgICAgICAge1xyXG4gICAgICAgICAgICBzZXJ2ZXJOb25jZSxcclxuICAgICAgICAgICAgY2xpZW50Tm9uY2UsXHJcbiAgICAgICAgICB9XHJcbiAgICAgICAgKTtcclxuXHJcbiAgICAgICAgcmV0dXJuIHtcclxuICAgICAgICAgIGxib3AsXHJcbiAgICAgICAgICBzaWduZWRDaGFsbGVuZ2UsXHJcbiAgICAgICAgICBsYm9wS2V5LFxyXG4gICAgICAgIH07XHJcbiAgICAgIH0gY2F0Y2ggKGVycm9yKSB7XHJcbiAgICAgICAgY29udGludWU7XHJcbiAgICAgIH1cclxuICAgIH1cclxuICAgIHRocm93IG5ldyBMckV4Y2VwdGlvbih7XHJcbiAgICAgIHNvdXJjZTogJ0xCT1AnLFxyXG4gICAgICBjb2RlOiAnSU5WQUxJRF9QQVNTUEhSQVNFJyxcclxuICAgICAgbWVzc2FnZTogJ0ludmFsaWQgcGFzc3BocmFzZS4nLFxyXG4gICAgfSk7XHJcbiAgfVxyXG5cclxuICBwdWJsaWMgYXN5bmMgdmVyaWZ5Q29udGFjdChcclxuICAgIHBhcmFtczogVmVyaWZ5Q29udGFjdFBhcmFtc1xyXG4gICk6IFByb21pc2U8VmVyaWZ5Q29udGFjdFJlc3VsdD4ge1xyXG4gICAgY29uc3QgcmV0ID0gdGhpcy5odHRwXHJcbiAgICAgIC5wb3N0PFZlcmlmeUNvbnRhY3RSZXN1bHQ+KFxyXG4gICAgICAgIGAke3RoaXMuY29uZmlnLmF1dGhVcmx9dXNlcnMvbGJvcC1yZXNldC92ZXJpZnktY29udGFjdC9gLFxyXG4gICAgICAgIHBhcmFtc1xyXG4gICAgICApXHJcbiAgICAgIC50b1Byb21pc2UoKTtcclxuXHJcbiAgICAvLyAtLVBvdGVudGlhbCBGYWlsdXJlIFBvaW50IDEgLS1cclxuICAgIC8vIFRoZSBjb250YWN0IHZlcmlmaWNhdGlvbnMgYXJlIHRocm90dGxlZC4gQnV0IG90aGVyd2lzZSBoYXJtbGVzcy5cclxuXHJcbiAgICByZXR1cm4gcmV0O1xyXG4gIH1cclxuXHJcbiAgcHVibGljIGFzeW5jIGNvbmZpcm1Db250YWN0KFxyXG4gICAgcGFyYW1zOiBDb25maXJtQ29udGFjdFBhcmFtc1xyXG4gICk6IFByb21pc2U8Q29uZmlybUNvbnRhY3RSZXN1bHQ+IHtcclxuICAgIHJldHVybiB0aGlzLmh0dHBcclxuICAgICAgLnBvc3Q8Q29uZmlybUNvbnRhY3RSZXN1bHQ+KGAke3RoaXMuY29uZmlnLmF1dGhVcmx9Y292ZS9yZXNwb25kL2AsIHtcclxuICAgICAgICBjbGFpbV9pZDogcGFyYW1zLmNsYWltSWQsXHJcbiAgICAgICAgdl9jb2RlOiBwYXJhbXMudkNvZGUsXHJcbiAgICAgIH0pXHJcbiAgICAgIC50b1Byb21pc2UoKTtcclxuXHJcbiAgICAvLyAtLVBvdGVudGlhbCBGYWlsdXJlIFBvaW50IDIgLS1cclxuICAgIC8vIEEgdmVyaWZpZWQgY2xhaW0gZm9yIGEgY29udGFjdCBkb2VzIG5vdCBwcmV2ZW50IG5ldyBvbmVzIGZyb20gYmVpbmcgZ2VuZXJhdGVkLiBTbyBpdCBzaG91bGQgYmUgZmluZSB0byBqdXN0IHN0YXJ0IGFnYWluLlxyXG4gIH1cclxuXHJcbiAgcHVibGljIGFzeW5jIHZlcmlmeShwYXJhbXM6IFZlcmlmeVBhcmFtcyk6IFByb21pc2U8VmVyaWZ5UmVzdWx0PiB7XHJcbiAgICBjb25zdCBjaGFsbGVuZ2VSZXN1bHQgPSBhd2FpdCB0aGlzLmh0dHBcclxuICAgICAgLnBvc3Q8Q2hhbGxlbmdlUmVzdWx0PihcclxuICAgICAgICBgJHt0aGlzLmNvbmZpZy5hdXRoVXJsfXVzZXJzL2xib3AtcmVzZXQvZ2V0LWNoYWxsZW5nZS9gLFxyXG4gICAgICAgIHtcclxuICAgICAgICAgIGNsYWltSWQ6IHBhcmFtcy5jbGFpbUlkLFxyXG4gICAgICAgICAgY2xhaW1Ub2tlbjogcGFyYW1zLmNsYWltVG9rZW4sXHJcbiAgICAgICAgfVxyXG4gICAgICApXHJcbiAgICAgIC50b1Byb21pc2UoKTtcclxuXHJcbiAgICAvLyAtLVBvdGVudGlhbCBGYWlsdXJlIFBvaW50IDMgLS1cclxuICAgIC8vIFRoaXMgZG9lcyBub3QgbG9jayBhbnl0aGluZy4gQSBzZWNvbmQgY2FsbCB0byBcImdldC1jaGFsbGVuZ2UvXCIgd2lsbCBjcmVhdGUgYSBuZXcgY2hhbGxlbmdlIGFtZCBpbnZhbGlkYXRlIHRoZSBmaXJzdCBvbmUuXHJcbiAgICBjb25zdCB7IHNpZ25lZENoYWxsZW5nZSwgbGJvcCwgbGJvcEtleSB9ID0gYXdhaXQgdGhpcy52ZXJpZnlMYm9wcyhcclxuICAgICAgY2hhbGxlbmdlUmVzdWx0LFxyXG4gICAgICBwYXJhbXMubGJvcFxyXG4gICAgKTtcclxuXHJcbiAgICBjb25zdCByZXMgPSBhd2FpdCB0aGlzLmh0dHBcclxuICAgICAgLnBvc3Q8YW55PihgJHt0aGlzLmNvbmZpZy5hdXRoVXJsfXVzZXJzL2xib3AtcmVzZXQvdmVyaWZ5LWNoYWxsZW5nZS9gLCB7XHJcbiAgICAgICAgbGJvcElkOiBsYm9wLmxib3BJZCxcclxuICAgICAgICBzaWduZWRDaGFsbGVuZ2UsXHJcbiAgICAgIH0pXHJcbiAgICAgIC50b1Byb21pc2UoKTtcclxuXHJcbiAgICAvLyAtLVBvdGVudGlhbCBGYWlsdXJlIFBvaW50IDQgLS1cclxuICAgIC8vIFRoaXMgZG9lcyBub3QgbG9jayBhbnl0aGluZy4gU28gb2sgdG8gcmVzdGFydC5cclxuXHJcbiAgICByZXR1cm4ge1xyXG4gICAgICBsYm9wSWQ6IGxib3AubGJvcElkLFxyXG4gICAgICB2ZXJpZmllZFRva2VuOiByZXMudmVyaWZpZWRUb2tlbixcclxuICAgICAgbWFzdGVyS2V5SWQ6IHJlcy5tYXN0ZXJLZXlJZCxcclxuICAgICAgbWFzdGVyS2V5OiBhd2FpdCBLRlMuYXNLZXkoXHJcbiAgICAgICAgYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5kZWNyeXB0KGxib3BLZXksIHJlcy53cmFwcGVkTWFzdGVyS2V5KVxyXG4gICAgICApLFxyXG4gICAgfTtcclxuICB9XHJcblxyXG4gIHB1YmxpYyBhc3luYyBzZXRQYXNzd29yZChwYXJhbXM6IFNldFBhc3N3b3JkUGFyYW1zKTogUHJvbWlzZTxhbnk+IHtcclxuICAgIC8vIEdlbmVyYXRlIHRoZSBuZXcgcGFzc3dvcmQgZGVyaXZlZCBrZXlzXHJcbiAgICBjb25zdCBwYXNzS2V5QnVuZGxlID0gYXdhaXQgdGhpcy5wYXNzd29yZFNlcnZpY2UuY3JlYXRlUGFzc0tleUJ1bmRsZShcclxuICAgICAgcGFyYW1zLm5ld1Bhc3N3b3JkXHJcbiAgICApO1xyXG5cclxuICAgIC8vIFJlLWVuY3J5cHQgbWFzdGVyIGtleSB3aXRoIG5ldyBrZXlcclxuICAgIGNvbnN0IG5ld1dyYXBwZWRNYXN0ZXJLZXkgPSBhd2FpdCB0aGlzLmVuY3J5cHRpb25TZXJ2aWNlLmVuY3J5cHQoXHJcbiAgICAgIHBhc3NLZXlCdW5kbGUucGFzc0tleSxcclxuICAgICAgcGFyYW1zLm1hc3RlcktleS50b0pTT04odHJ1ZSlcclxuICAgICk7XHJcblxyXG4gICAgY29uc3QgcmVzdWx0ID0gYXdhaXQgdGhpcy5odHRwXHJcbiAgICAgIC5wb3N0PFNldFBhc3N3b3JkQXBpUmVzdWx0PihcclxuICAgICAgICBgJHt0aGlzLmNvbmZpZy5hdXRoVXJsfXVzZXJzL2xib3AtcmVzZXQvc2V0LXBhc3N3b3JkL2AsXHJcbiAgICAgICAge1xyXG4gICAgICAgICAgbGJvcElkOiBwYXJhbXMubGJvcElkLFxyXG4gICAgICAgICAgdmVyaWZpZWRUb2tlbjogcGFyYW1zLnZlcmlmaWVkVG9rZW4sXHJcbiAgICAgICAgICBtYXN0ZXJLZXlJZDogcGFyYW1zLm1hc3RlcktleUlkLFxyXG4gICAgICAgICAgbmV3V3JhcHBlZE1hc3RlcktleSxcclxuICAgICAgICAgIG5ld1Bhc3NLZXk6IHtcclxuICAgICAgICAgICAgcGFzc0tleVBhcmFtczogcGFzc0tleUJ1bmRsZS5wYXNzS2V5UGFyYW1zLFxyXG4gICAgICAgICAgICBwYXNzSWRwUGFyYW1zOiBwYXNzS2V5QnVuZGxlLnBhc3NJZHBQYXJhbXMsXHJcbiAgICAgICAgICAgIHBhc3NJZHBWZXJpZmllclBiazogcGFzc0tleUJ1bmRsZS5wYXNzSWRwVmVyaWZpZXIudG9KU09OKCksXHJcbiAgICAgICAgICAgIHdyYXBwZWRQYXNzSWRwVmVyaWZpZXJQcms6IHBhc3NLZXlCdW5kbGUud3JhcHBlZFBhc3NJZHBWZXJpZmllclByayxcclxuICAgICAgICAgIH0sXHJcbiAgICAgICAgfVxyXG4gICAgICApXHJcbiAgICAgIC50b1Byb21pc2UoKTtcclxuXHJcbiAgICAvLyAtLVBvdGVudGlhbCBGYWlsdXJlIFBvaW50IDUgLS1cclxuICAgIC8vIEEgdGltZWQgbXV0ZXggaXMgbG9ja2VkLiBUaGUgSWRwIHBhc3N3b3JkIGNoYW5nZSBtdXN0IG9jY3VyIHdpdGhpbiBhIHBlcmlvZCBvZiB0aW1lLlxyXG4gICAgLy8gSWYgaW50ZXJydXB0ZWQgaGVyZSwgdGhlIHVzZXIgY2FuIG5vdCBsb2dpbiB3aXRoIHRoZWlyIG9sZCBwYXNzd29yZCBhZ2Fpbi4gVGhleSBtdXN0XHJcbiAgICAvLyBzdGFydCB0aGUgd2hvbGUgTEJPUCBwYXNzd29yZCByZXNldCBwcm9jZXNzIGFnYWluLlxyXG5cclxuICAgIC8vIFRoaXMgY2FsbCB3aWxsIGdvIHRocm91Z2ggdGhlIExSIHByb3h5IHdoaWNoIGlzIE9LIHNpbmNlIHRoZSBMUiBzZXJ2ZXIga25vd3NcclxuICAgIC8vIHRoZSB0ZW1wb3JhcnkgcGFzc3dvcmQgYW55d2F5LlxyXG4gICAgbGV0IHVzZXIgPSBhd2FpdCB0aGlzLmF1dGguc2lnbkluKHJlc3VsdC51c2VybmFtZSwgcmVzdWx0LmlkcFBhc3N3b3JkLCB7XHJcbiAgICAgIG5vUHJveHk6ICd0cnVlJyxcclxuICAgIH0pO1xyXG5cclxuICAgIGlmICh1c2VyLmNoYWxsZW5nZU5hbWUgIT09ICdORVdfUEFTU1dPUkRfUkVRVUlSRUQnKSB7XHJcbiAgICAgIHRocm93IG5ldyBMckV4Y2VwdGlvbih7XHJcbiAgICAgICAgbWVzc2FnZTpcclxuICAgICAgICAgICdJbnRlcm5hbCBlcnJvci4gRXhwZWN0aW5nIENvZ25pdG8gdG8gaGF2ZSBkb25lIGEgcGFzc3dvcmQgcmVzZXQuJyxcclxuICAgICAgfSk7XHJcbiAgICB9XHJcblxyXG4gICAgLy8gLS1Qb3RlbnRpYWwgRmFpbHVyZSBQb2ludCA2IC0tXHJcbiAgICAvLyBNdXN0IHJlc3RhcnQgdGhlIExCT1AgcGFzc3dvcmQgcmVzZXQgcHJvY2VzcyBhZ2Fpbi5cclxuXHJcbiAgICAvLyBTZXQgbmV3IHBhc3N3b3JkIG9uIElkcFxyXG4gICAgdXNlciA9IGF3YWl0IHRoaXMuYXV0aC5jb21wbGV0ZU5ld1Bhc3N3b3JkKFxyXG4gICAgICB1c2VyLFxyXG4gICAgICB0aGlzLnBhc3N3b3JkU2VydmljZS5nZXRQYXNzSWRwU3RyaW5nKHBhc3NLZXlCdW5kbGUucGFzc0lkcCksXHJcbiAgICAgIHt9XHJcbiAgICApO1xyXG5cclxuICAgIC8vIC0tUG90ZW50aWFsIEZhaWx1cmUgUG9pbnQgNyAtLVxyXG4gICAgLy8gTXVzdCByZXN0YXJ0IHRoZSBMQk9QIHBhc3N3b3JkIHJlc2V0IHByb2Nlc3MgYWdhaW4uXHJcblxyXG4gICAgYXdhaXQgdGhpcy5hdXRoLnNpZ25PdXQoKTtcclxuXHJcbiAgICByZXR1cm4gYXdhaXQgdGhpcy5odHRwXHJcbiAgICAgIC5wb3N0PGFueT4oYCR7dGhpcy5jb25maWcuYXV0aFVybH11c2Vycy9sYm9wLXJlc2V0L2NvbXBsZXRlL2AsIHtcclxuICAgICAgICBsYm9wSWQ6IHBhcmFtcy5sYm9wSWQsXHJcbiAgICAgICAgc2V0UGFzc3dvcmRUb2tlbjogcmVzdWx0LnNldFBhc3N3b3JkVG9rZW4sXHJcbiAgICAgIH0pXHJcbiAgICAgIC50b1Byb21pc2UoKTtcclxuICB9XHJcbn1cclxuIl19