npm - @lifeready/core - Versions diffs - 1.0.1 → 1.0.3 - Mend

@lifeready/core 1.0.1 → 1.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (379) hide show

package/bundles/lifeready-core.umd.js +15939 -0
package/bundles/lifeready-core.umd.js.map +1 -0
package/bundles/lifeready-core.umd.min.js +16 -0
package/bundles/lifeready-core.umd.min.js.map +1 -0
package/esm2015/lib/_common/ast.js +40 -0
package/esm2015/lib/_common/deferred-promise.js +24 -0
package/esm2015/lib/_common/exceptions.js +157 -0
package/esm2015/lib/_common/queries.gql.js +190 -0
package/esm2015/lib/_common/run-outside-angular.js +79 -0
package/esm2015/lib/_common/types.js +1 -0
package/esm2015/lib/_common/utils.js +44 -0
package/esm2015/lib/api/contact-card.gql.js +79 -0
package/esm2015/lib/api/contact-card.service.js +154 -0
package/esm2015/lib/api/contact-card2.gql.js +60 -0
package/esm2015/lib/api/contact-card2.service.js +103 -0
package/esm2015/lib/api/file.service.js +74 -0
package/esm2015/lib/api/item2.gql.js +110 -0
package/esm2015/lib/api/item2.service.js +311 -0
package/esm2015/lib/api/key-exchange.gql.js +188 -0
package/esm2015/lib/api/key-exchange.service.js +442 -0
package/esm2015/lib/api/key-exchange.types.js +18 -0
package/esm2015/lib/api/key-exchange2.gql.js +171 -0
package/esm2015/lib/api/key-exchange2.service.js +479 -0
package/esm2015/lib/api/lock.gql.js +40 -0
package/esm2015/lib/api/lock.service.js +64 -0
package/esm2015/lib/api/lr-apollo.service.js +46 -0
package/esm2015/lib/api/lr-graphql/index.js +6 -0
package/esm2015/lib/api/lr-graphql/lr-graphql.service.js +155 -0
package/esm2015/lib/api/lr-graphql/lr-merged-mutation.js +213 -0
package/esm2015/lib/api/lr-graphql/lr-mutation-base.js +51 -0
package/esm2015/lib/api/lr-graphql/lr-mutation.js +48 -0
package/esm2015/lib/api/lr-graphql/lr.service.js +18 -0
package/esm2015/lib/api/message.service.js +138 -0
package/esm2015/lib/api/persist.service.js +181 -0
package/esm2015/lib/api/query-processor/common-processors.service.js +93 -0
package/esm2015/lib/api/query-processor/index.js +3 -0
package/esm2015/lib/api/query-processor/query-processor.service.js +192 -0
package/esm2015/lib/api/query-processor/tp-password-reset-processor.service.js +109 -0
package/esm2015/lib/api/shared-contact-card.service.js +119 -0
package/esm2015/lib/api/shared-contact-card2.gql.js +41 -0
package/esm2015/lib/api/shared-contact-card2.service.js +117 -0
package/esm2015/lib/api/time.service.js +146 -0
package/esm2015/lib/api/types/graphql.types.js +7 -0
package/esm2015/lib/api/types/index.js +3 -0
package/esm2015/lib/api/types/lr-graphql.types.js +71 -0
package/esm2015/lib/auth/auth.config.js +57 -0
package/esm2015/lib/auth/auth.gql.js +48 -0
package/esm2015/lib/auth/auth.types.js +27 -0
package/esm2015/lib/auth/idle.service.js +168 -0
package/esm2015/lib/auth/idle.types.js +7 -0
package/esm2015/lib/auth/lbop.service.js +355 -0
package/esm2015/lib/auth/life-ready-auth.service.js +500 -0
package/esm2015/lib/auth/password.service.js +320 -0
package/esm2015/lib/auth/register.service.js +172 -0
package/esm2015/lib/auth/two-factor.service.js +74 -0
package/esm2015/lib/category/category-meta.service.js +99 -0
package/esm2015/lib/category/category.gql.js +406 -0
package/esm2015/lib/category/category.service.js +390 -0
package/esm2015/lib/category/category.types.js +29 -0
package/esm2015/lib/cryptography/cryptography.types.js +11 -0
package/esm2015/lib/cryptography/encryption.service.js +189 -0
package/esm2015/lib/cryptography/key-factory.service.js +237 -0
package/esm2015/lib/cryptography/key-graph.service.js +280 -0
package/esm2015/lib/cryptography/key-meta.service.js +200 -0
package/esm2015/lib/cryptography/key.service.js +124 -0
package/esm2015/lib/cryptography/slip39.service.js +169 -0
package/esm2015/lib/cryptography/web-crypto.service.js +29 -0
package/esm2015/lib/life-ready.config.js +84 -0
package/esm2015/lib/life-ready.module.js +74 -0
package/esm2015/lib/plan/plan.gql.js +123 -0
package/esm2015/lib/plan/plan.service.js +149 -0
package/esm2015/lib/plan/plan.types.js +11 -0
package/esm2015/lib/record/record-attachment.service.js +101 -0
package/esm2015/lib/record/record.gql.js +179 -0
package/esm2015/lib/record/record.service.js +206 -0
package/esm2015/lib/record/record.types.js +15 -0
package/esm2015/lib/record-type/record-type.service.js +75 -0
package/esm2015/lib/record-type/record-type.types.js +28 -0
package/esm2015/lib/scenario/approvals/scenario-approval.gql.js +105 -0
package/esm2015/lib/scenario/approvals/scenario-approval.types.js +1 -0
package/esm2015/lib/scenario/approvals/scenario-approver.service.js +300 -0
package/esm2015/lib/scenario/claimants/scenario-claimant.gql.js +52 -0
package/esm2015/lib/scenario/claimants/scenario-claimant.service.js +97 -0
package/esm2015/lib/scenario/claimants/scenario-claimant.types.js +1 -0
package/esm2015/lib/scenario/receivers/scenario-receiver.gql.js +150 -0
package/esm2015/lib/scenario/receivers/scenario-receiver.service.js +229 -0
package/esm2015/lib/scenario/receivers/scenario-receiver.types.js +1 -0
package/esm2015/lib/scenario/scenario-setup.service.js +269 -0
package/esm2015/lib/scenario/scenario.gql.js +368 -0
package/esm2015/lib/scenario/scenario.service.js +611 -0
package/esm2015/lib/scenario/scenario.types.js +64 -0
package/esm2015/lib/search/search.gql.js +62 -0
package/esm2015/lib/search/search.service.js +156 -0
package/esm2015/lib/search/search.types.js +6 -0
package/esm2015/lib/trusted-parties/tp-password-reset-request.service.js +112 -0
package/esm2015/lib/trusted-parties/tp-password-reset-user.service.js +129 -0
package/esm2015/lib/trusted-parties/tp-password-reset.constants.js +4 -0
package/esm2015/lib/trusted-parties/tp-password-reset.gql.js +232 -0
package/esm2015/lib/trusted-parties/tp-password-reset.service.js +299 -0
package/esm2015/lib/trusted-parties/trusted-party.gql.js +148 -0
package/esm2015/lib/trusted-parties/trusted-party.service.js +326 -0
package/esm2015/lib/trusted-parties/trusted-party.types.js +41 -0
package/esm2015/lib/trusted-parties/trusted-party2.gql.js +87 -0
package/esm2015/lib/trusted-parties/trusted-party2.service.js +215 -0
package/esm2015/lib/users/profile-details.service.js +214 -0
package/esm2015/lib/users/profile.gql.js +97 -0
package/esm2015/lib/users/profile.service.js +169 -0
package/esm2015/lib/users/profile.types.js +34 -0
package/esm2015/lib/users/user.gql.js +60 -0
package/esm2015/lib/users/user.service.js +79 -0
package/esm2015/lib/users/user.types.js +5 -0
package/esm2015/lifeready-core.js +10 -0
package/esm2015/public-api.js +81 -0
package/fesm2015/lifeready-core.js +13314 -0
package/fesm2015/lifeready-core.js.map +1 -0
package/lib/_common/ast.d.ts +11 -0
package/lib/_common/deferred-promise.d.ts +12 -0
package/lib/_common/exceptions.d.ts +109 -0
package/lib/_common/queries.gql.d.ts +10 -0
package/lib/_common/run-outside-angular.d.ts +14 -0
package/{src/lib/_common/types.ts → lib/_common/types.d.ts} +3 -6
package/lib/_common/utils.d.ts +3 -0
package/lib/api/contact-card.gql.d.ts +7 -0
package/lib/api/contact-card.service.d.ts +52 -0
package/lib/api/contact-card2.gql.d.ts +34 -0
package/lib/api/contact-card2.service.d.ts +49 -0
package/lib/api/file.service.d.ts +18 -0
package/lib/api/item2.gql.d.ts +96 -0
package/lib/api/item2.service.d.ts +177 -0
package/lib/api/key-exchange.gql.d.ts +9 -0
package/lib/api/key-exchange.service.d.ts +39 -0
package/lib/api/key-exchange.types.d.ts +196 -0
package/lib/api/key-exchange2.gql.d.ts +125 -0
package/lib/api/key-exchange2.service.d.ts +187 -0
package/lib/api/lock.gql.d.ts +27 -0
package/lib/api/lock.service.d.ts +25 -0
package/lib/api/lr-apollo.service.d.ts +15 -0
package/lib/api/lr-graphql/lr-graphql.service.d.ts +60 -0
package/lib/api/lr-graphql/lr-merged-mutation.d.ts +27 -0
package/lib/api/lr-graphql/lr-mutation-base.d.ts +28 -0
package/lib/api/lr-graphql/lr-mutation.d.ts +8 -0
package/lib/api/lr-graphql/lr.service.d.ts +9 -0
package/lib/api/message.service.d.ts +58 -0
package/lib/api/persist.service.d.ts +31 -0
package/lib/api/query-processor/common-processors.service.d.ts +36 -0
package/lib/api/query-processor/query-processor.service.d.ts +18 -0
package/lib/api/query-processor/tp-password-reset-processor.service.d.ts +15 -0
package/lib/api/shared-contact-card.service.d.ts +33 -0
package/lib/api/shared-contact-card2.gql.d.ts +36 -0
package/lib/api/shared-contact-card2.service.d.ts +45 -0
package/lib/api/time.service.d.ts +16 -0
package/lib/api/types/graphql.types.d.ts +29 -0
package/lib/api/types/lr-graphql.types.d.ts +385 -0
package/lib/auth/auth.config.d.ts +5 -0
package/lib/auth/auth.gql.d.ts +15 -0
package/lib/auth/auth.types.d.ts +66 -0
package/lib/auth/idle.service.d.ts +40 -0
package/lib/auth/idle.types.d.ts +10 -0
package/lib/auth/lbop.service.d.ts +91 -0
package/lib/auth/life-ready-auth.service.d.ts +59 -0
package/lib/auth/password.service.d.ts +78 -0
package/lib/auth/register.service.d.ts +25 -0
package/lib/auth/two-factor.service.d.ts +15 -0
package/lib/category/category-meta.service.d.ts +23 -0
package/lib/category/category.gql.d.ts +45 -0
package/lib/category/category.service.d.ts +67 -0
package/lib/category/category.types.d.ts +79 -0
package/lib/cryptography/cryptography.types.d.ts +83 -0
package/lib/cryptography/encryption.service.d.ts +41 -0
package/lib/cryptography/key-factory.service.d.ts +38 -0
package/lib/cryptography/key-graph.service.d.ts +33 -0
package/lib/cryptography/key-meta.service.d.ts +44 -0
package/lib/cryptography/key.service.d.ts +36 -0
package/lib/cryptography/slip39.service.d.ts +43 -0
package/lib/cryptography/web-crypto.service.d.ts +5 -0
package/lib/life-ready.config.d.ts +14 -0
package/lib/life-ready.module.d.ts +5 -0
package/lib/plan/plan.gql.d.ts +11 -0
package/lib/plan/plan.service.d.ts +33 -0
package/lib/plan/plan.types.d.ts +31 -0
package/lib/record/record-attachment.service.d.ts +16 -0
package/lib/record/record.gql.d.ts +14 -0
package/lib/record/record.service.d.ts +25 -0
package/lib/record/record.types.d.ts +57 -0
package/lib/record-type/record-type.service.d.ts +11 -0
package/lib/record-type/record-type.types.d.ts +50 -0
package/lib/scenario/approvals/scenario-approval.gql.d.ts +7 -0
package/lib/scenario/approvals/scenario-approval.types.d.ts +63 -0
package/lib/scenario/approvals/scenario-approver.service.d.ts +32 -0
package/lib/scenario/claimants/scenario-claimant.gql.d.ts +5 -0
package/lib/scenario/claimants/scenario-claimant.service.d.ts +17 -0
package/lib/scenario/claimants/scenario-claimant.types.d.ts +18 -0
package/lib/scenario/receivers/scenario-receiver.gql.d.ts +8 -0
package/lib/scenario/receivers/scenario-receiver.service.d.ts +30 -0
package/lib/scenario/receivers/scenario-receiver.types.d.ts +54 -0
package/lib/scenario/scenario-setup.service.d.ts +22 -0
package/lib/scenario/scenario.gql.d.ts +34 -0
package/lib/scenario/scenario.service.d.ts +58 -0
package/lib/scenario/scenario.types.d.ts +217 -0
package/lib/search/search.gql.d.ts +1 -0
package/lib/search/search.service.d.ts +25 -0
package/lib/search/search.types.d.ts +20 -0
package/lib/trusted-parties/tp-password-reset-request.service.d.ts +20 -0
package/lib/trusted-parties/tp-password-reset-user.service.d.ts +35 -0
package/lib/trusted-parties/tp-password-reset.constants.d.ts +3 -0
package/lib/trusted-parties/tp-password-reset.gql.d.ts +218 -0
package/lib/trusted-parties/tp-password-reset.service.d.ts +130 -0
package/lib/trusted-parties/trusted-party.gql.d.ts +9 -0
package/lib/trusted-parties/trusted-party.service.d.ts +44 -0
package/lib/trusted-parties/trusted-party.types.d.ts +102 -0
package/lib/trusted-parties/trusted-party2.gql.d.ts +79 -0
package/lib/trusted-parties/trusted-party2.service.d.ts +114 -0
package/lib/users/profile-details.service.d.ts +21 -0
package/lib/users/profile.gql.d.ts +11 -0
package/lib/users/profile.service.d.ts +35 -0
package/lib/users/profile.types.d.ts +96 -0
package/lib/users/user.gql.d.ts +9 -0
package/lib/users/user.service.d.ts +12 -0
package/lib/users/user.types.d.ts +23 -0
package/lifeready-core.d.ts +9 -0
package/lifeready-core.metadata.json +1 -0
package/package.json +29 -21
package/{src/public-api.ts → public-api.d.ts} +0 -19
package/karma.conf.js +0 -32
package/ng-package.json +0 -26
package/src/lib/_common/ast.ts +0 -75
package/src/lib/_common/deferred-promise.ts +0 -35
package/src/lib/_common/exceptions.ts +0 -189
package/src/lib/_common/queries.gql.ts +0 -200
package/src/lib/_common/run-outside-angular.ts +0 -125
package/src/lib/_common/tests.ts +0 -82
package/src/lib/_common/utils.ts +0 -57
package/src/lib/api/api-mutation.spec.ts +0 -547
package/src/lib/api/api-query.spec.ts +0 -40
package/src/lib/api/contact-card.gql.ts +0 -85
package/src/lib/api/contact-card.service.spec.ts +0 -249
package/src/lib/api/contact-card.service.ts +0 -228
package/src/lib/api/contact-card2.gql.ts +0 -93
package/src/lib/api/contact-card2.service.spec.ts +0 -297
package/src/lib/api/contact-card2.service.ts +0 -139
package/src/lib/api/file.service.spec.ts +0 -14
package/src/lib/api/file.service.ts +0 -81
package/src/lib/api/item2.gql.ts +0 -211
package/src/lib/api/item2.service.spec.ts +0 -1043
package/src/lib/api/item2.service.ts +0 -481
package/src/lib/api/key-exchange.gql.ts +0 -196
package/src/lib/api/key-exchange.service.spec.ts +0 -470
package/src/lib/api/key-exchange.service.ts +0 -731
package/src/lib/api/key-exchange.types.ts +0 -235
package/src/lib/api/key-exchange2.gql.ts +0 -310
package/src/lib/api/key-exchange2.service.spec.ts +0 -892
package/src/lib/api/key-exchange2.service.ts +0 -875
package/src/lib/api/lock.gql.ts +0 -67
package/src/lib/api/lock.service.spec.ts +0 -549
package/src/lib/api/lock.service.ts +0 -57
package/src/lib/api/lr-apollo.service.spec.ts +0 -27
package/src/lib/api/lr-apollo.service.ts +0 -43
package/src/lib/api/lr-graphql/lr-graphql.service.ts +0 -313
package/src/lib/api/lr-graphql/lr-merged-mutation.ts +0 -377
package/src/lib/api/lr-graphql/lr-mutation-base.ts +0 -67
package/src/lib/api/lr-graphql/lr-mutation.ts +0 -74
package/src/lib/api/lr-graphql/lr.service.ts +0 -28
package/src/lib/api/message.service.spec.ts +0 -20
package/src/lib/api/message.service.ts +0 -210
package/src/lib/api/persist.service.spec.ts +0 -209
package/src/lib/api/persist.service.ts +0 -220
package/src/lib/api/query-processor/common-processors.service.ts +0 -148
package/src/lib/api/query-processor/query-processor.service.ts +0 -240
package/src/lib/api/query-processor/tp-password-reset-processor.service.ts +0 -177
package/src/lib/api/shared-contact-card.service.ts +0 -156
package/src/lib/api/shared-contact-card2.gql.ts +0 -76
package/src/lib/api/shared-contact-card2.service.ts +0 -154
package/src/lib/api/time.service.spec.ts +0 -48
package/src/lib/api/time.service.ts +0 -155
package/src/lib/api/types/graphql.types.ts +0 -48
package/src/lib/api/types/lr-graphql.types.ts +0 -467
package/src/lib/auth/auth.config.ts +0 -83
package/src/lib/auth/auth.gql.ts +0 -62
package/src/lib/auth/auth.types.ts +0 -79
package/src/lib/auth/idle.service.spec.ts +0 -119
package/src/lib/auth/idle.service.ts +0 -208
package/src/lib/auth/idle.types.ts +0 -11
package/src/lib/auth/lbop.service.spec.ts +0 -56
package/src/lib/auth/lbop.service.ts +0 -539
package/src/lib/auth/life-ready-auth.service.spec.ts +0 -70
package/src/lib/auth/life-ready-auth.service.ts +0 -454
package/src/lib/auth/password.service.spec.ts +0 -51
package/src/lib/auth/password.service.ts +0 -438
package/src/lib/auth/register.service.spec.ts +0 -31
package/src/lib/auth/register.service.ts +0 -181
package/src/lib/auth/two-factor.service.spec.ts +0 -21
package/src/lib/auth/two-factor.service.ts +0 -69
package/src/lib/category/category-meta.service.spec.ts +0 -28
package/src/lib/category/category-meta.service.ts +0 -125
package/src/lib/category/category.gql.ts +0 -449
package/src/lib/category/category.service.spec.ts +0 -26
package/src/lib/category/category.service.ts +0 -498
package/src/lib/category/category.types.ts +0 -89
package/src/lib/cryptography/cryptography.types.ts +0 -108
package/src/lib/cryptography/encryption.service.spec.ts +0 -125
package/src/lib/cryptography/encryption.service.ts +0 -243
package/src/lib/cryptography/key-factory.service.spec.ts +0 -15
package/src/lib/cryptography/key-factory.service.ts +0 -303
package/src/lib/cryptography/key-graph.service.spec.ts +0 -16
package/src/lib/cryptography/key-graph.service.ts +0 -354
package/src/lib/cryptography/key-meta.service.spec.ts +0 -40
package/src/lib/cryptography/key-meta.service.ts +0 -254
package/src/lib/cryptography/key.service.spec.ts +0 -16
package/src/lib/cryptography/key.service.ts +0 -154
package/src/lib/cryptography/slip39.service.spec.ts +0 -44
package/src/lib/cryptography/slip39.service.ts +0 -204
package/src/lib/cryptography/web-crypto.service.ts +0 -22
package/src/lib/life-ready.config.ts +0 -127
package/src/lib/life-ready.module.ts +0 -81
package/src/lib/plan/plan.gql.ts +0 -133
package/src/lib/plan/plan.service.spec.ts +0 -294
package/src/lib/plan/plan.service.ts +0 -198
package/src/lib/plan/plan.types.ts +0 -37
package/src/lib/record/record-attachment.service.spec.ts +0 -31
package/src/lib/record/record-attachment.service.ts +0 -101
package/src/lib/record/record.gql.ts +0 -192
package/src/lib/record/record.service.spec.ts +0 -598
package/src/lib/record/record.service.ts +0 -236
package/src/lib/record/record.types.ts +0 -86
package/src/lib/record-type/record-type.service.spec.ts +0 -16
package/src/lib/record-type/record-type.service.ts +0 -71
package/src/lib/record-type/record-type.types.ts +0 -58
package/src/lib/scenario/approvals/scenario-approval.gql.ts +0 -112
package/src/lib/scenario/approvals/scenario-approval.types.ts +0 -85
package/src/lib/scenario/approvals/scenario-approver.service.spec.ts +0 -16
package/src/lib/scenario/approvals/scenario-approver.service.ts +0 -422
package/src/lib/scenario/claimants/scenario-claimant.gql.ts +0 -56
package/src/lib/scenario/claimants/scenario-claimant.service.spec.ts +0 -16
package/src/lib/scenario/claimants/scenario-claimant.service.ts +0 -100
package/src/lib/scenario/claimants/scenario-claimant.types.ts +0 -21
package/src/lib/scenario/receivers/scenario-receiver.gql.ts +0 -157
package/src/lib/scenario/receivers/scenario-receiver.service.spec.ts +0 -16
package/src/lib/scenario/receivers/scenario-receiver.service.ts +0 -278
package/src/lib/scenario/receivers/scenario-receiver.types.ts +0 -66
package/src/lib/scenario/scenario-setup.service.spec.ts +0 -22
package/src/lib/scenario/scenario-setup.service.ts +0 -369
package/src/lib/scenario/scenario.gql.ts +0 -404
package/src/lib/scenario/scenario.service.spec.ts +0 -1586
package/src/lib/scenario/scenario.service.ts +0 -811
package/src/lib/scenario/scenario.types.ts +0 -258
package/src/lib/search/search.gql.ts +0 -62
package/src/lib/search/search.service.spec.ts +0 -57
package/src/lib/search/search.service.ts +0 -174
package/src/lib/search/search.types.ts +0 -24
package/src/lib/trusted-parties/tp-password-reset-request.service.ts +0 -140
package/src/lib/trusted-parties/tp-password-reset-user.service.ts +0 -359
package/src/lib/trusted-parties/tp-password-reset.gql.ts +0 -453
package/src/lib/trusted-parties/tp-password-reset.service.spec.ts +0 -602
package/src/lib/trusted-parties/tp-password-reset.service.ts +0 -482
package/src/lib/trusted-parties/trusted-party.gql.ts +0 -159
package/src/lib/trusted-parties/trusted-party.service.spec.ts +0 -1008
package/src/lib/trusted-parties/trusted-party.service.ts +0 -394
package/src/lib/trusted-parties/trusted-party.types.ts +0 -119
package/src/lib/trusted-parties/trusted-party2.gql.ts +0 -165
package/src/lib/trusted-parties/trusted-party2.service.spec.ts +0 -1782
package/src/lib/trusted-parties/trusted-party2.service.ts +0 -272
package/src/lib/users/profile-details.service.spec.ts +0 -45
package/src/lib/users/profile-details.service.ts +0 -278
package/src/lib/users/profile.gql.ts +0 -108
package/src/lib/users/profile.service.spec.ts +0 -97
package/src/lib/users/profile.service.ts +0 -224
package/src/lib/users/profile.types.ts +0 -101
package/src/lib/users/user.gql.ts +0 -69
package/src/lib/users/user.service.spec.ts +0 -161
package/src/lib/users/user.service.ts +0 -72
package/src/lib/users/user.types.ts +0 -27
package/src/test.ts +0 -21
package/tsconfig.lib.json +0 -21
package/tsconfig.lib.prod.json +0 -6
package/tsconfig.spec.json +0 -10
package/tslint.json +0 -17
/package/{src/lib/api/lr-graphql/index.ts → lib/api/lr-graphql/index.d.ts} +0 -0
/package/{src/lib/api/query-processor/index.ts → lib/api/query-processor/index.d.ts} +0 -0
/package/{src/lib/api/types/index.ts → lib/api/types/index.d.ts} +0 -0

package/esm2015/lib/auth/life-ready-auth.service.js ADDED Viewed

@@ -0,0 +1,500 @@
+import { __awaiter } from "tslib";
+import { Inject, Injectable, isDevMode } from '@angular/core';
+import { Hub } from '@aws-amplify/core';
+import { ReplaySubject } from 'rxjs';
+import { KeyGraphService } from '../cryptography/key-graph.service';
+import { KeyService } from '../cryptography/key.service';
+import { ProfileService } from '../users/profile.service';
+import { PasswordChangeStatus } from '../users/profile.types';
+import { LrConcurrentAccessException, LrBadRequestException, LrBadStateException, LrException, } from '../_common/exceptions';
+import { RecoveryStatus, } from './auth.types';
+import { PasswordService } from './password.service';
+import { AuthClass } from '@aws-amplify/auth/lib-esm/Auth';
+import { CompleteTpPasswordResetRequestMutation, CreateTpAssemblyKeyChallengeMutation, PreCompleteTpPasswordResetRequestMutation, TpPasswordResetUserQuery, } from '../trusted-parties/tp-password-reset.gql';
+import { IdleService } from './idle.service';
+import { KeyFactoryService } from '../cryptography/key-factory.service';
+import { LrGraphQLService, LrMutation } from '../api/lr-graphql';
+import { TpClaimState } from '../api/types';
+import { TpPasswordResetProcessorService } from '../api/query-processor/tp-password-reset-processor.service';
+import { SetSessionEncryptionKeyMutation } from './auth.gql';
+import { PersistService } from '../api/persist.service';
+import { JWK } from 'node-jose';
+import { LR_CONFIG } from '../life-ready.config';
+import { EncryptionService } from '../cryptography/encryption.service';
+import { Slip39Service } from '../cryptography/slip39.service';
+import { TP_PASSWORD_RESET_CLIENT_NONCE_LENGTH, TP_PASSWORD_RESET_SLIP39_PASSPHRASE, TP_PASSWORD_RESET_USERNAME_SUFFIX, } from '../trusted-parties/tp-password-reset.constants';
+import * as i0 from "@angular/core";
+import * as i1 from "../life-ready.config";
+import * as i2 from "@aws-amplify/auth/lib-esm/Auth";
+import * as i3 from "../cryptography/key-factory.service";
+import * as i4 from "../cryptography/key.service";
+import * as i5 from "../users/profile.service";
+import * as i6 from "../cryptography/key-graph.service";
+import * as i7 from "./password.service";
+import * as i8 from "./idle.service";
+import * as i9 from "../api/lr-graphql/lr-graphql.service";
+import * as i10 from "../api/query-processor/tp-password-reset-processor.service";
+import * as i11 from "../api/persist.service";
+import * as i12 from "../cryptography/encryption.service";
+import * as i13 from "../cryptography/slip39.service";
+export const initialiseAuth = (authService) => {
+    return () => authService.initialise();
+};
+export class LifeReadyAuthService {
+    constructor(config, auth, keyFactory, keyService, profileService, keyGraphService, passwordService, idleService, lrGraphQL, tpPasswordResetProcessorService, persistService, encryptionService, slip39Service) {
+        this.config = config;
+        this.auth = auth;
+        this.keyFactory = keyFactory;
+        this.keyService = keyService;
+        this.profileService = profileService;
+        this.keyGraphService = keyGraphService;
+        this.passwordService = passwordService;
+        this.idleService = idleService;
+        this.lrGraphQL = lrGraphQL;
+        this.tpPasswordResetProcessorService = tpPasswordResetProcessorService;
+        this.persistService = persistService;
+        this.encryptionService = encryptionService;
+        this.slip39Service = slip39Service;
+        this.hubSubject = new ReplaySubject(1);
+    }
+    initialise() {
+        return __awaiter(this, void 0, void 0, function* () {
+            Hub.listen('auth', (data) => this.hubSubject.next(data.payload));
+        });
+    }
+    loginIdpImpl(emailOrPhone, password, passIdpParams, recoveryStatus) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const passIdpResult = yield this.keyFactory.derivePassIdp(Object.assign({ password }, passIdpParams));
+            // Use the derived password to signin with cognito
+            const user = yield this.auth.signIn(emailOrPhone, this.passwordService.getPassIdpString(passIdpResult.jwk));
+            user.recoveryStatus = recoveryStatus;
+            return user;
+        });
+    }
+    loginIdp(emailOrPhone, password) {
+        return __awaiter(this, void 0, void 0, function* () {
+            // Download the salt needed to derive the PassIdp
+            const passIdpApiResult = yield this.profileService.getPassIdpParams(emailOrPhone);
+            if (passIdpApiResult.passwordChangeStatus === PasswordChangeStatus.InProgress) {
+                throw new LrConcurrentAccessException('A password change is in progress');
+            }
+            if (passIdpApiResult.passwordChangeStatus === PasswordChangeStatus.Recovery) {
+                console.log('In recovery mode.');
+                // Let's say we don't know if the password is the new one or the old one. We just have to try both.
+                try {
+                    const user = yield this.loginIdpImpl(emailOrPhone, password, passIdpApiResult.newPassIdpParams, RecoveryStatus.NEW_PASSWORD);
+                    // New password worked. Let's set to the current password
+                    // --Potential Failure Point 1--
+                    // if changePasswordComplete() doesn't get called, then it should remain
+                    console.log('New password works!');
+                    return user;
+                }
+                catch (error) {
+                    // Just bubble up any other type of error.
+                    if (error.code !== 'NotAuthorizedException') {
+                        throw error;
+                    }
+                    // pass, try again assuming it's the old password
+                }
+                // Now assume it's the previous password. Any exception is allowed to bubble up.
+                try {
+                    const user = yield this.loginIdpImpl(emailOrPhone, password, passIdpApiResult.currentPassIdpParams, RecoveryStatus.OLD_PASSWORD);
+                    // Old password worked.
+                    console.log('Old password works!');
+                    return user;
+                }
+                catch (error) {
+                    // Just bubble up any other type of error.
+                    throw error.code === 'NotAuthorizedException'
+                        ? new LrBadRequestException('The password change request was interrupted, please try to login with both your new and old password')
+                        : error;
+                }
+            }
+            // Try against as the TP password reset account
+            if (passIdpApiResult.tpPasswordReset) {
+                try {
+                    // TP password reset is in process. We need to try the password against both
+                    // original account and the new reset account.
+                    const reset = passIdpApiResult.tpPasswordReset;
+                    const ret = yield this.loginIdpImpl(reset.resetUsername, password, reset.passIdpParams, RecoveryStatus.NONE);
+                    ret.isTpPasswordResetUser = true;
+                    return ret;
+                }
+                catch (err) {
+                    // continue, try again as regular user.
+                }
+            }
+            // Login as regular user
+            return yield this.loginIdpImpl(emailOrPhone, password, passIdpApiResult.currentPassIdpParams, RecoveryStatus.NONE);
+        });
+    }
+    handleSessionEncryptionKey() {
+        return __awaiter(this, void 0, void 0, function* () {
+            if (this.config.disableSessionEncryptionKey) {
+                if (!isDevMode()) {
+                    const msg = 'You should not set disableSessionEncryptionKey=True in mode prod. It defaults to false.';
+                    console.error(msg);
+                    throw new Error(msg);
+                }
+                else {
+                    console.warn('You have set disableSessionEncryptionKey=True. Make sure not to do this in prod mode.');
+                }
+            }
+            else {
+                // Set the session key to a new encryption key for this session
+                const sessionEncryptionKey = yield this.keyFactory.createKey();
+                yield this.lrGraphQL.lrMutate(new LrMutation({
+                    mutation: SetSessionEncryptionKeyMutation,
+                    variables: {
+                        input: {
+                            sessionEncryptionKey: JSON.stringify(sessionEncryptionKey.toJSON(true)),
+                        },
+                    },
+                }), {
+                    includeKeyGraph: false,
+                });
+                this.persistService.setServerSessionEncryptionKey(sessionEncryptionKey);
+            }
+        });
+    }
+    handlePostAuth(cognitoUser) {
+        return __awaiter(this, void 0, void 0, function* () {
+            yield this.handlePasswordRecovery(cognitoUser);
+            yield this.handleSessionEncryptionKey();
+        });
+    }
+    login(emailOrPhone, password, { tpPasswordResetAutoComplete = true } = {}) {
+        var _a;
+        return __awaiter(this, void 0, void 0, function* () {
+            let loginResult = yield this.loginImpl(emailOrPhone, password);
+            if (tpPasswordResetAutoComplete &&
+                ((_a = loginResult.resetUser) === null || _a === void 0 ? void 0 : _a.state) === TpClaimState.APPROVED) {
+                yield this.completeRequest(password);
+                loginResult = yield this.loginImpl(emailOrPhone, password);
+            }
+            return loginResult;
+        });
+    }
+    loginImpl(emailOrPhone, password) {
+        return __awaiter(this, void 0, void 0, function* () {
+            yield this.logout();
+            const cognitoUser = yield this.loginIdp(emailOrPhone, password);
+            // todo: Meet MFA challenges.
+            if (['SMS_MFA', 'SOFTWARE_TOKEN_MFA'].includes(cognitoUser.challengeName)) {
+                return { hasChallenge: true, challenge: cognitoUser };
+            }
+            yield this.handlePostAuth(cognitoUser);
+            if (cognitoUser.isTpPasswordResetUser) {
+                // Assuming there is no MFA on the TP reset user.
+                const resetUser = yield this.loadResetUser(password);
+                return { hasChallenge: false, resetUser };
+            }
+            else {
+                const user = yield this.loadUser(cognitoUser, password);
+                yield this.idleService.start(); // Run idleService whenever user is logged in.
+                return { hasChallenge: false, user };
+            }
+        });
+    }
+    // TODO <AZ> We need to handle the isTpPasswordResetUser=True case here after MFA as well.
+    verifyLogin(challenge, password, rememberMe, code) {
+        return __awaiter(this, void 0, void 0, function* () {
+            yield this.auth.confirmSignIn(challenge, code, challenge.challengeName);
+            // TODO: this.auth.confirmSignIn() could return another challenge.
+            const cognitoUser = yield this.auth.currentAuthenticatedUser();
+            yield this.handlePostAuth(challenge);
+            const user = yield this.loadUser(cognitoUser, password);
+            if (rememberMe) {
+                cognitoUser.setDeviceStatusRemembered({
+                    onSuccess: () => { },
+                    onFailure: (e) => console.error(e),
+                });
+            }
+            return user;
+        });
+    }
+    handlePasswordRecovery(user) {
+        return __awaiter(this, void 0, void 0, function* () {
+            if (user.recoveryStatus !== RecoveryStatus.NONE) {
+                const jwtToken = user
+                    .getSignInUserSession()
+                    .getAccessToken()
+                    .getJwtToken();
+                yield this.passwordService.changePasswordComplete(jwtToken, user.recoveryStatus === RecoveryStatus.NEW_PASSWORD);
+            }
+        });
+    }
+    getUserOrResetUser(reload = false) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const cognitoUser = yield this.auth.currentAuthenticatedUser();
+            if (cognitoUser.getUsername().endsWith(TP_PASSWORD_RESET_USERNAME_SUFFIX)) {
+                return this.getResetUser(reload);
+            }
+            else {
+                return this.getUser(reload);
+            }
+        });
+    }
+    getResetUser(reload = false) {
+        return __awaiter(this, void 0, void 0, function* () {
+            if (!reload && this.currentResetUser) {
+                return this.currentResetUser;
+            }
+            this.currentResetUser = yield this.loadResetUser();
+            yield this.idleService.start(); // Run idleService whenever user is logged in.
+            return this.currentResetUser;
+        });
+    }
+    getUser(reload = false) {
+        return __awaiter(this, void 0, void 0, function* () {
+            if (!reload && this.currentUser) {
+                return this.currentUser;
+            }
+            this.currentUser = yield this.loadUser(yield this.auth.currentAuthenticatedUser());
+            console.log('Starting idle service.');
+            yield this.idleService.start(); // Run idleService whenever user is logged in.
+            return this.currentUser;
+        });
+    }
+    mapTPVaultAccess(features) {
+        const tpVaultFeature = features === null || features === void 0 ? void 0 : features.tpVault;
+        return ((tpVaultFeature === null || tpVaultFeature === void 0 ? void 0 : tpVaultFeature.length) > 0 &&
+            tpVaultFeature.some((feature) => feature.toUpperCase() === 'ACCESS'));
+    }
+    loadUser(cognitoUser, password) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const { currentUser, contactCard, userPlans, } = yield this.profileService.getCurrentUser();
+            if (currentUser.sessionEncryptionKey) {
+                this.persistService.setServerSessionEncryptionKey(yield JWK.asKey(currentUser.sessionEncryptionKey));
+            }
+            const userAttributes = yield this.auth.userAttributes(cognitoUser);
+            if (password) {
+                const passKey = (yield this.keyFactory.derivePassKey(Object.assign({ password }, currentUser.currentUserKey.passKey.passKeyParams))).jwk;
+                yield this.idleService.persistMasterKey(yield this.keyGraphService.unwrapWithPassKey(currentUser.currentUserKey.passKey.id, passKey, currentUser.currentUserKey.masterKey.id));
+            }
+            yield this.keyGraphService.populateKeys(currentUser.currentUserKey);
+            return {
+                id: currentUser.id,
+                sub: this.getUserAttribute('sub', userAttributes),
+                username: currentUser.username,
+                currentUserKey: currentUser.currentUserKey,
+                getAccessJwtToken: () => cognitoUser.getSignInUserSession().getAccessToken().getJwtToken(),
+                email: this.getUserAttribute('email', userAttributes),
+                emailVerified: this.getUserAttribute('email_verified', userAttributes) === 'true',
+                phone: this.getUserAttribute('phone_number', userAttributes),
+                phoneVerified: this.getUserAttribute('phone_number_verified', userAttributes) ===
+                    'true',
+                contactCard: Object.assign({}, (yield this.profileService.decryptContactCard(contactCard))),
+                userDelete: currentUser.userDelete,
+                userPlans,
+                hasTPVaultAccess: this.mapTPVaultAccess(currentUser.features),
+                features: currentUser.features,
+                sessionEncryptionKey: currentUser.sessionEncryptionKey,
+            };
+        });
+    }
+    watchAuth() {
+        return this.hubSubject;
+    }
+    logout() {
+        return __awaiter(this, void 0, void 0, function* () {
+            this.currentUser = null;
+            this.keyService.purgeKeys();
+            this.keyGraphService.purgeKeys();
+            yield Promise.all([this.auth.signOut(), this.profileService.signOut()]);
+        });
+    }
+    getUserAttribute(attributeName, userAttributes) {
+        const userAttribute = userAttributes.find((x) => x.getName() === attributeName);
+        return userAttribute ? userAttribute.getValue() : null;
+    }
+    loadResetUser(password) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const { tpPasswordResetUser: resetUser } = yield this.lrGraphQL.query({
+                query: TpPasswordResetUserQuery,
+            });
+            if (resetUser.sessionEncryptionKey) {
+                this.persistService.setServerSessionEncryptionKey(yield JWK.asKey(resetUser.sessionEncryptionKey));
+            }
+            // Update the keys
+            if (password) {
+                const passKey = (yield this.keyFactory.derivePassKey(Object.assign({ password }, resetUser.passKey.passKeyParams))).jwk;
+                yield this.idleService.persistMasterKey(yield this.keyGraphService.unwrapWithPassKey(resetUser.passKey.id, passKey, resetUser.masterKey.id));
+            }
+            this.keyService.populateKeys({
+                passKey: {
+                    id: resetUser.passKey.id,
+                },
+                masterKey: {
+                    id: resetUser.masterKey.id,
+                },
+            });
+            const userAttributes = yield this.auth.userAttributes(yield this.auth.currentAuthenticatedUser());
+            const sub = this.getUserAttribute('sub', userAttributes);
+            return Object.assign(Object.assign({}, (yield this.tpPasswordResetProcessorService.processTpPasswordResetUserNode(resetUser))), { sub });
+        });
+    }
+    refreshAccessToken() {
+        return __awaiter(this, void 0, void 0, function* () {
+            const cognitoUser = yield this.auth.currentAuthenticatedUser();
+            const refreshToken = cognitoUser.getSignInUserSession().getRefreshToken();
+            return new Promise((resolve, reject) => {
+                cognitoUser.refreshSession(refreshToken, (err, data) => {
+                    if (err) {
+                        console.error('Error refreshing token: ', err);
+                        reject(err);
+                    }
+                    else {
+                        console.log('Token refresh complete: ', data);
+                        resolve(0);
+                    }
+                });
+            });
+        });
+    }
+    completeRequest(newPassword) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const resetUser = yield this.getResetUser(true);
+            if (resetUser.state !== TpClaimState.APPROVED) {
+                throw new LrBadStateException('Password reset request has not been approved.');
+            }
+            // --------------------------------------------------------------
+            // Prepare all materials to ensure there are no errors.
+            // --------------------------------------------------------------
+            const assemblyKey = yield this.recoverAssemblyKey(resetUser);
+            const { rootKey } = yield this.encryptionService.decrypt(assemblyKey, resetUser.assemblyCipherData);
+            console.log(rootKey);
+            // Making sure it's a valid key.
+            const rootKeyJwk = yield JWK.asKey(rootKey);
+            const masterKey = yield this.keyGraphService.getKey(resetUser.masterKey.id);
+            const masterKeyWrappedRootKey = yield this.encryptionService.encryptToString(masterKey.jwk, rootKeyJwk.toJSON(true));
+            // The new password
+            const newPassIdpResult = yield this.keyFactory.derivePassIdp(Object.assign({ password: newPassword }, resetUser.passKey.passIdpParams));
+            const newIdpPassword = this.passwordService.getPassIdpString(newPassIdpResult.jwk);
+            // --------------------------------------------------------------
+            // Get assembly key challenge
+            // --------------------------------------------------------------
+            const challenge = (yield this.lrGraphQL.lrMutate(new LrMutation({
+                mutation: CreateTpAssemblyKeyChallengeMutation,
+                variables: {
+                    input: {},
+                },
+            }), {
+                includeKeyGraph: false,
+            })).createTpAssemblyKeyChallenge.challenge;
+            console.log(challenge);
+            // Sign the challenge
+            // Generate a client side nonce that's no in the server's control.
+            challenge.clientNonce = this.keyFactory.randomString(TP_PASSWORD_RESET_CLIENT_NONCE_LENGTH);
+            console.log(challenge);
+            const assemblyKeyVerifierPrk = yield this.encryptionService.decrypt(assemblyKey, resetUser.wrappedAssemblyKeyVerifierPrk);
+            const signedChallenge = yield this.encryptionService.sign(assemblyKeyVerifierPrk, challenge);
+            // --------------------------------------------------------------
+            // Change password for the original user
+            // --------------------------------------------------------------
+            const tempIdpPassword = (yield this.lrGraphQL.lrMutate(new LrMutation({
+                mutation: PreCompleteTpPasswordResetRequestMutation,
+                variables: {
+                    input: {
+                        signedChallenge: JSON.stringify(signedChallenge),
+                    },
+                },
+            }), {
+                includeKeyGraph: false,
+            })).preCompleteTpPasswordResetRequest.idpPassword;
+            // --------------------------------------------------------------
+            // Login as the original user using new temporary password
+            // --------------------------------------------------------------
+            // At this point, the original account's password has been changed
+            // to a temporary password. It is no longer possible for the user
+            // to use the original password to login. Any successful login
+            // can only be using the temporary password. So it's safe to assume
+            // that we want to "complete" the password reset.
+            // The maybe 2FA so we listen for the auth event from Amplify.
+            const retPromise = new Promise((resolve) => {
+                const listener = (data) => __awaiter(this, void 0, void 0, function* () {
+                    if (data.payload.event !== 'signIn') {
+                        return;
+                    }
+                    Hub.remove('auth', listener);
+                    console.log(data.payload);
+                    yield this.auth.signIn(resetUser.username, newIdpPassword);
+                    // Switch over to the new set of keys
+                    yield this.lrGraphQL.lrMutate(new LrMutation({
+                        mutation: CompleteTpPasswordResetRequestMutation,
+                        variables: {
+                            input: {
+                                masterKeyWrappedRootKey,
+                                masterKeyId: masterKey.id,
+                            },
+                        },
+                    }));
+                    resolve();
+                });
+                Hub.listen('auth', listener);
+            });
+            // Signin as the original user. Password has been reset to temporary one. It should return
+            // with NEW_PASSWORD_REQUIRED
+            let user = yield this.auth.signIn(resetUser.username, tempIdpPassword, {
+                noProxy: 'true',
+            });
+            if (user.challengeName !== 'NEW_PASSWORD_REQUIRED') {
+                throw new LrException({
+                    message: 'Internal error. Expecting Cognito to have done a password reset after call to PreCompleteTpPasswordResetRequestMutation.',
+                });
+            }
+            // Set new password on Idp
+            // the awsFetch() function passes NEW_PASSWORD_REQUIRED directly to AWS without
+            // going through the proxy.
+            user = yield this.auth.completeNewPassword(user, newIdpPassword, {});
+            return retPromise;
+        });
+    }
+    recoverAssemblyKey(resetUser) {
+        return __awaiter(this, void 0, void 0, function* () {
+            // Recover the assembly key.
+            let assemblyKeyParams;
+            const prk = yield this.keyGraphService.getKey(resetUser.pxk.id);
+            const shares = yield Promise.all(resetUser.approvals
+                .filter((approval) => !!approval.receiverCipherPartialAssemblyKey)
+                .map((approval) => __awaiter(this, void 0, void 0, function* () {
+                const partialAssemblyKey = yield this.encryptionService.decrypt(prk, approval.receiverCipherPartialAssemblyKey);
+                if (assemblyKeyParams) {
+                    if (JSON.stringify(assemblyKeyParams) !==
+                        JSON.stringify(partialAssemblyKey.assemblyKeyParams)) {
+                        throw new LrBadStateException('The assembly key parameters are different between the approvals.');
+                    }
+                }
+                else {
+                    assemblyKeyParams = partialAssemblyKey.assemblyKeyParams;
+                }
+                return partialAssemblyKey.slip39.share.mnemonics;
+            })));
+            console.log('recoverAssemblyKey()', shares);
+            const rawAssemblyKey = yield this.slip39Service.recoverSecret(shares, TP_PASSWORD_RESET_SLIP39_PASSPHRASE);
+            return JWK.asKey(Object.assign(Object.assign({}, assemblyKeyParams), { k: rawAssemblyKey }));
+        });
+    }
+}
+LifeReadyAuthService.ɵprov = i0.ɵɵdefineInjectable({ factory: function LifeReadyAuthService_Factory() { return new LifeReadyAuthService(i0.ɵɵinject(i1.LR_CONFIG), i0.ɵɵinject(i2.AuthClass), i0.ɵɵinject(i3.KeyFactoryService), i0.ɵɵinject(i4.KeyService), i0.ɵɵinject(i5.ProfileService), i0.ɵɵinject(i6.KeyGraphService), i0.ɵɵinject(i7.PasswordService), i0.ɵɵinject(i8.IdleService), i0.ɵɵinject(i9.LrGraphQLService), i0.ɵɵinject(i10.TpPasswordResetProcessorService), i0.ɵɵinject(i11.PersistService), i0.ɵɵinject(i12.EncryptionService), i0.ɵɵinject(i13.Slip39Service)); }, token: LifeReadyAuthService, providedIn: "root" });
+LifeReadyAuthService.decorators = [
+    { type: Injectable, args: [{
+                providedIn: 'root',
+            },] }
+];
+LifeReadyAuthService.ctorParameters = () => [
+    { type: undefined, decorators: [{ type: Inject, args: [LR_CONFIG,] }] },
+    { type: AuthClass },
+    { type: KeyFactoryService },
+    { type: KeyService },
+    { type: ProfileService },
+    { type: KeyGraphService },
+    { type: PasswordService },
+    { type: IdleService },
+    { type: LrGraphQLService },
+    { type: TpPasswordResetProcessorService },
+    { type: PersistService },
+    { type: EncryptionService },
+    { type: Slip39Service }
+];
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoibGlmZS1yZWFkeS1hdXRoLnNlcnZpY2UuanMiLCJzb3VyY2VSb290IjoiQzovUHJvamVjdHMvbmV3cmVwby9rYy1jbGllbnQvcHJvamVjdHMvY29yZS9zcmMvIiwic291cmNlcyI6WyJsaWIvYXV0aC9saWZlLXJlYWR5LWF1dGguc2VydmljZS50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiO0FBQUEsT0FBTyxFQUFFLE1BQU0sRUFBRSxVQUFVLEVBQUUsU0FBUyxFQUFFLE1BQU0sZUFBZSxDQUFDO0FBRTlELE9BQU8sRUFBRSxHQUFHLEVBQUUsTUFBTSxtQkFBbUIsQ0FBQztBQUV4QyxPQUFPLEVBQWMsYUFBYSxFQUFFLE1BQU0sTUFBTSxDQUFDO0FBRWpELE9BQU8sRUFBRSxlQUFlLEVBQUUsTUFBTSxtQ0FBbUMsQ0FBQztBQUNwRSxPQUFPLEVBQUUsVUFBVSxFQUFFLE1BQU0sNkJBQTZCLENBQUM7QUFDekQsT0FBTyxFQUFFLGNBQWMsRUFBRSxNQUFNLDBCQUEwQixDQUFDO0FBQzFELE9BQU8sRUFBRSxvQkFBb0IsRUFBRSxNQUFNLHdCQUF3QixDQUFDO0FBQzlELE9BQU8sRUFDTCwyQkFBMkIsRUFDM0IscUJBQXFCLEVBQ3JCLG1CQUFtQixFQUNuQixXQUFXLEdBQ1osTUFBTSx1QkFBdUIsQ0FBQztBQUMvQixPQUFPLEVBS0wsY0FBYyxHQUNmLE1BQU0sY0FBYyxDQUFDO0FBQ3RCLE9BQU8sRUFBRSxlQUFlLEVBQUUsTUFBTSxvQkFBb0IsQ0FBQztBQUNyRCxPQUFPLEVBQUUsU0FBUyxFQUFFLE1BQU0sZ0NBQWdDLENBQUM7QUFDM0QsT0FBTyxFQUNMLHNDQUFzQyxFQUN0QyxvQ0FBb0MsRUFDcEMseUNBQXlDLEVBQ3pDLHdCQUF3QixHQUN6QixNQUFNLDBDQUEwQyxDQUFDO0FBQ2xELE9BQU8sRUFBRSxXQUFXLEVBQUUsTUFBTSxnQkFBZ0IsQ0FBQztBQUM3QyxPQUFPLEVBQUUsaUJBQWlCLEVBQUUsTUFBTSxxQ0FBcUMsQ0FBQztBQUN4RSxPQUFPLEVBQUUsZ0JBQWdCLEVBQUUsVUFBVSxFQUFFLE1BQU0sbUJBQW1CLENBQUM7QUFDakUsT0FBTyxFQUFFLFlBQVksRUFBMkIsTUFBTSxjQUFjLENBQUM7QUFDckUsT0FBTyxFQUFFLCtCQUErQixFQUFFLE1BQU0sNERBQTRELENBQUM7QUFDN0csT0FBTyxFQUFFLCtCQUErQixFQUFFLE1BQU0sWUFBWSxDQUFDO0FBQzdELE9BQU8sRUFBRSxjQUFjLEVBQUUsTUFBTSx3QkFBd0IsQ0FBQztBQUN4RCxPQUFPLEVBQUUsR0FBRyxFQUFFLE1BQU0sV0FBVyxDQUFDO0FBQ2hDLE9BQU8sRUFBbUIsU0FBUyxFQUFFLE1BQU0sc0JBQXNCLENBQUM7QUFDbEUsT0FBTyxFQUFFLGlCQUFpQixFQUFFLE1BQU0sb0NBQW9DLENBQUM7QUFDdkUsT0FBTyxFQUFFLGFBQWEsRUFBRSxNQUFNLGdDQUFnQyxDQUFDO0FBQy9ELE9BQU8sRUFDTCxxQ0FBcUMsRUFDckMsbUNBQW1DLEVBQ25DLGlDQUFpQyxHQUNsQyxNQUFNLGdEQUFnRCxDQUFDOzs7Ozs7Ozs7Ozs7Ozs7QUFFeEQsTUFBTSxDQUFDLE1BQU0sY0FBYyxHQUFHLENBQUMsV0FBaUMsRUFBRSxFQUFFO0lBQ2xFLE9BQU8sR0FBRyxFQUFFLENBQUMsV0FBVyxDQUFDLFVBQVUsRUFBRSxDQUFDO0FBQ3hDLENBQUMsQ0FBQztBQVNGLE1BQU0sT0FBTyxvQkFBb0I7SUFLL0IsWUFDNkIsTUFBdUIsRUFDMUMsSUFBZSxFQUNmLFVBQTZCLEVBQzdCLFVBQXNCLEVBQ3RCLGNBQThCLEVBQzlCLGVBQWdDLEVBQ2hDLGVBQWdDLEVBQ2hDLFdBQXdCLEVBQ3hCLFNBQTJCLEVBQzNCLCtCQUFnRSxFQUNoRSxjQUE4QixFQUM5QixpQkFBb0MsRUFDcEMsYUFBNEI7UUFaVCxXQUFNLEdBQU4sTUFBTSxDQUFpQjtRQUMxQyxTQUFJLEdBQUosSUFBSSxDQUFXO1FBQ2YsZUFBVSxHQUFWLFVBQVUsQ0FBbUI7UUFDN0IsZUFBVSxHQUFWLFVBQVUsQ0FBWTtRQUN0QixtQkFBYyxHQUFkLGNBQWMsQ0FBZ0I7UUFDOUIsb0JBQWUsR0FBZixlQUFlLENBQWlCO1FBQ2hDLG9CQUFlLEdBQWYsZUFBZSxDQUFpQjtRQUNoQyxnQkFBVyxHQUFYLFdBQVcsQ0FBYTtRQUN4QixjQUFTLEdBQVQsU0FBUyxDQUFrQjtRQUMzQixvQ0FBK0IsR0FBL0IsK0JBQStCLENBQWlDO1FBQ2hFLG1CQUFjLEdBQWQsY0FBYyxDQUFnQjtRQUM5QixzQkFBaUIsR0FBakIsaUJBQWlCLENBQW1CO1FBQ3BDLGtCQUFhLEdBQWIsYUFBYSxDQUFlO1FBakI5QixlQUFVLEdBQXVCLElBQUksYUFBYSxDQUFNLENBQUMsQ0FBQyxDQUFDO0lBa0JoRSxDQUFDO0lBRVMsVUFBVTs7WUFDckIsR0FBRyxDQUFDLE1BQU0sQ0FBQyxNQUFNLEVBQUUsQ0FBQyxJQUFJLEVBQUUsRUFBRSxDQUFDLElBQUksQ0FBQyxVQUFVLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxPQUFPLENBQUMsQ0FBQyxDQUFDO1FBQ25FLENBQUM7S0FBQTtJQUVhLFlBQVksQ0FDeEIsWUFBb0IsRUFDcEIsUUFBZ0IsRUFDaEIsYUFBNEIsRUFDNUIsY0FBOEI7O1lBRTlCLE1BQU0sYUFBYSxHQUFHLE1BQU0sSUFBSSxDQUFDLFVBQVUsQ0FBQyxhQUFhLGlCQUN2RCxRQUFRLElBQ0wsYUFBYSxFQUNoQixDQUFDO1lBQ0gsa0RBQWtEO1lBQ2xELE1BQU0sSUFBSSxHQUFHLE1BQU0sSUFBSSxDQUFDLElBQUksQ0FBQyxNQUFNLENBQ2pDLFlBQVksRUFDWixJQUFJLENBQUMsZUFBZSxDQUFDLGdCQUFnQixDQUFDLGFBQWEsQ0FBQyxHQUFHLENBQUMsQ0FDekQsQ0FBQztZQUVGLElBQUksQ0FBQyxjQUFjLEdBQUcsY0FBYyxDQUFDO1lBRXJDLE9BQU8sSUFBSSxDQUFDO1FBQ2QsQ0FBQztLQUFBO0lBRWEsUUFBUSxDQUNwQixZQUFvQixFQUNwQixRQUFnQjs7WUFFaEIsaURBQWlEO1lBQ2pELE1BQU0sZ0JBQWdCLEdBQUcsTUFBTSxJQUFJLENBQUMsY0FBYyxDQUFDLGdCQUFnQixDQUNqRSxZQUFZLENBQ2IsQ0FBQztZQUVGLElBQ0UsZ0JBQWdCLENBQUMsb0JBQW9CLEtBQUssb0JBQW9CLENBQUMsVUFBVSxFQUN6RTtnQkFDQSxNQUFNLElBQUksMkJBQTJCLENBQUMsa0NBQWtDLENBQUMsQ0FBQzthQUMzRTtZQUVELElBQ0UsZ0JBQWdCLENBQUMsb0JBQW9CLEtBQUssb0JBQW9CLENBQUMsUUFBUSxFQUN2RTtnQkFDQSxPQUFPLENBQUMsR0FBRyxDQUFDLG1CQUFtQixDQUFDLENBQUM7Z0JBQ2pDLG1HQUFtRztnQkFDbkcsSUFBSTtvQkFDRixNQUFNLElBQUksR0FBRyxNQUFNLElBQUksQ0FBQyxZQUFZLENBQ2xDLFlBQVksRUFDWixRQUFRLEVBQ1IsZ0JBQWdCLENBQUMsZ0JBQWdCLEVBQ2pDLGNBQWMsQ0FBQyxZQUFZLENBQzVCLENBQUM7b0JBQ0YseURBQXlEO29CQUV6RCxnQ0FBZ0M7b0JBQ2hDLHdFQUF3RTtvQkFFeEUsT0FBTyxDQUFDLEdBQUcsQ0FBQyxxQkFBcUIsQ0FBQyxDQUFDO29CQUVuQyxPQUFPLElBQUksQ0FBQztpQkFDYjtnQkFBQyxPQUFPLEtBQUssRUFBRTtvQkFDZCwwQ0FBMEM7b0JBQzFDLElBQUksS0FBSyxDQUFDLElBQUksS0FBSyx3QkFBd0IsRUFBRTt3QkFDM0MsTUFBTSxLQUFLLENBQUM7cUJBQ2I7b0JBQ0QsaURBQWlEO2lCQUNsRDtnQkFFRCxnRkFBZ0Y7Z0JBQ2hGLElBQUk7b0JBQ0YsTUFBTSxJQUFJLEdBQUcsTUFBTSxJQUFJLENBQUMsWUFBWSxDQUNsQyxZQUFZLEVBQ1osUUFBUSxFQUNSLGdCQUFnQixDQUFDLG9CQUFvQixFQUNyQyxjQUFjLENBQUMsWUFBWSxDQUM1QixDQUFDO29CQUNGLHVCQUF1QjtvQkFDdkIsT0FBTyxDQUFDLEdBQUcsQ0FBQyxxQkFBcUIsQ0FBQyxDQUFDO29CQUVuQyxPQUFPLElBQUksQ0FBQztpQkFDYjtnQkFBQyxPQUFPLEtBQUssRUFBRTtvQkFDZCwwQ0FBMEM7b0JBQzFDLE1BQU0sS0FBSyxDQUFDLElBQUksS0FBSyx3QkFBd0I7d0JBQzNDLENBQUMsQ0FBQyxJQUFJLHFCQUFxQixDQUN2QixzR0FBc0csQ0FDdkc7d0JBQ0gsQ0FBQyxDQUFDLEtBQUssQ0FBQztpQkFDWDthQUNGO1lBRUQsK0NBQStDO1lBQy9DLElBQUksZ0JBQWdCLENBQUMsZUFBZSxFQUFFO2dCQUNwQyxJQUFJO29CQUNGLDRFQUE0RTtvQkFDNUUsOENBQThDO29CQUM5QyxNQUFNLEtBQUssR0FBRyxnQkFBZ0IsQ0FBQyxlQUFlLENBQUM7b0JBQy9DLE1BQU0sR0FBRyxHQUFHLE1BQU0sSUFBSSxDQUFDLFlBQVksQ0FDakMsS0FBSyxDQUFDLGFBQWEsRUFDbkIsUUFBUSxFQUNSLEtBQUssQ0FBQyxhQUFhLEVBQ25CLGNBQWMsQ0FBQyxJQUFJLENBQ3BCLENBQUM7b0JBQ0YsR0FBRyxDQUFDLHFCQUFxQixHQUFHLElBQUksQ0FBQztvQkFFakMsT0FBTyxHQUFHLENBQUM7aUJBQ1o7Z0JBQUMsT0FBTyxHQUFHLEVBQUU7b0JBQ1osdUNBQXVDO2lCQUN4QzthQUNGO1lBRUQsd0JBQXdCO1lBQ3hCLE9BQU8sTUFBTSxJQUFJLENBQUMsWUFBWSxDQUM1QixZQUFZLEVBQ1osUUFBUSxFQUNSLGdCQUFnQixDQUFDLG9CQUFvQixFQUNyQyxjQUFjLENBQUMsSUFBSSxDQUNwQixDQUFDO1FBQ0osQ0FBQztLQUFBO0lBRWUsMEJBQTBCOztZQUN4QyxJQUFJLElBQUksQ0FBQyxNQUFNLENBQUMsMkJBQTJCLEVBQUU7Z0JBQzNDLElBQUksQ0FBQyxTQUFTLEVBQUUsRUFBRTtvQkFDaEIsTUFBTSxHQUFHLEdBQ1AseUZBQXlGLENBQUM7b0JBQzVGLE9BQU8sQ0FBQyxLQUFLLENBQUMsR0FBRyxDQUFDLENBQUM7b0JBQ25CLE1BQU0sSUFBSSxLQUFLLENBQUMsR0FBRyxDQUFDLENBQUM7aUJBQ3RCO3FCQUFNO29CQUNMLE9BQU8sQ0FBQyxJQUFJLENBQ1YsdUZBQXVGLENBQ3hGLENBQUM7aUJBQ0g7YUFDRjtpQkFBTTtnQkFDTCwrREFBK0Q7Z0JBQy9ELE1BQU0sb0JBQW9CLEdBQUcsTUFBTSxJQUFJLENBQUMsVUFBVSxDQUFDLFNBQVMsRUFBRSxDQUFDO2dCQUMvRCxNQUFNLElBQUksQ0FBQyxTQUFTLENBQUMsUUFBUSxDQUMzQixJQUFJLFVBQVUsQ0FBQztvQkFDYixRQUFRLEVBQUUsK0JBQStCO29CQUN6QyxTQUFTLEVBQUU7d0JBQ1QsS0FBSyxFQUFFOzRCQUNMLG9CQUFvQixFQUFFLElBQUksQ0FBQyxTQUFTLENBQ2xDLG9CQUFvQixDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsQ0FDbEM7eUJBQ0Y7cUJBQ0Y7aUJBQ0YsQ0FBQyxFQUNGO29CQUNFLGVBQWUsRUFBRSxLQUFLO2lCQUN2QixDQUNGLENBQUM7Z0JBRUYsSUFBSSxDQUFDLGNBQWMsQ0FBQyw2QkFBNkIsQ0FBQyxvQkFBb0IsQ0FBQyxDQUFDO2FBQ3pFO1FBQ0gsQ0FBQztLQUFBO0lBRWUsY0FBYyxDQUFDLFdBQWlDOztZQUM5RCxNQUFNLElBQUksQ0FBQyxzQkFBc0IsQ0FBQyxXQUFXLENBQUMsQ0FBQztZQUMvQyxNQUFNLElBQUksQ0FBQywwQkFBMEIsRUFBRSxDQUFDO1FBQzFDLENBQUM7S0FBQTtJQUVZLEtBQUssQ0FDaEIsWUFBb0IsRUFDcEIsUUFBZ0IsRUFDaEIsRUFBRSwyQkFBMkIsR0FBRyxJQUFJLEtBQW1CLEVBQUU7OztZQUV6RCxJQUFJLFdBQVcsR0FBRyxNQUFNLElBQUksQ0FBQyxTQUFTLENBQUMsWUFBWSxFQUFFLFFBQVEsQ0FBQyxDQUFDO1lBRS9ELElBQ0UsMkJBQTJCO2dCQUMzQixPQUFBLFdBQVcsQ0FBQyxTQUFTLDBDQUFFLEtBQUssTUFBSyxZQUFZLENBQUMsUUFBUSxFQUN0RDtnQkFDQSxNQUFNLElBQUksQ0FBQyxlQUFlLENBQUMsUUFBUSxDQUFDLENBQUM7Z0JBQ3JDLFdBQVcsR0FBRyxNQUFNLElBQUksQ0FBQyxTQUFTLENBQUMsWUFBWSxFQUFFLFFBQVEsQ0FBQyxDQUFDO2FBQzVEO1lBRUQsT0FBTyxXQUFXLENBQUM7O0tBQ3BCO0lBRVksU0FBUyxDQUNwQixZQUFvQixFQUNwQixRQUFnQjs7WUFFaEIsTUFBTSxJQUFJLENBQUMsTUFBTSxFQUFFLENBQUM7WUFDcEIsTUFBTSxXQUFXLEdBQUcsTUFBTSxJQUFJLENBQUMsUUFBUSxDQUFDLFlBQVksRUFBRSxRQUFRLENBQUMsQ0FBQztZQUVoRSw2QkFBNkI7WUFDN0IsSUFBSSxDQUFDLFNBQVMsRUFBRSxvQkFBb0IsQ0FBQyxDQUFDLFFBQVEsQ0FBQyxXQUFXLENBQUMsYUFBYSxDQUFDLEVBQUU7Z0JBQ3pFLE9BQU8sRUFBRSxZQUFZLEVBQUUsSUFBSSxFQUFFLFNBQVMsRUFBRSxXQUFXLEVBQUUsQ0FBQzthQUN2RDtZQUVELE1BQU0sSUFBSSxDQUFDLGNBQWMsQ0FBQyxXQUFXLENBQUMsQ0FBQztZQUV2QyxJQUFJLFdBQVcsQ0FBQyxxQkFBcUIsRUFBRTtnQkFDckMsaURBQWlEO2dCQUNqRCxNQUFNLFNBQVMsR0FBRyxNQUFNLElBQUksQ0FBQyxhQUFhLENBQUMsUUFBUSxDQUFDLENBQUM7Z0JBQ3JELE9BQU8sRUFBRSxZQUFZLEVBQUUsS0FBSyxFQUFFLFNBQVMsRUFBRSxDQUFDO2FBQzNDO2lCQUFNO2dCQUNMLE1BQU0sSUFBSSxHQUFHLE1BQU0sSUFBSSxDQUFDLFFBQVEsQ0FBQyxXQUFXLEVBQUUsUUFBUSxDQUFDLENBQUM7Z0JBQ3hELE1BQU0sSUFBSSxDQUFDLFdBQVcsQ0FBQyxLQUFLLEVBQUUsQ0FBQyxDQUFDLDhDQUE4QztnQkFDOUUsT0FBTyxFQUFFLFlBQVksRUFBRSxLQUFLLEVBQUUsSUFBSSxFQUFFLENBQUM7YUFDdEM7UUFDSCxDQUFDO0tBQUE7SUFFRCwwRkFBMEY7SUFDN0UsV0FBVyxDQUN0QixTQUErQixFQUMvQixRQUFnQixFQUNoQixVQUFtQixFQUNuQixJQUFZOztZQUVaLE1BQU0sSUFBSSxDQUFDLElBQUksQ0FBQyxhQUFhLENBQUMsU0FBUyxFQUFFLElBQUksRUFBRSxTQUFTLENBQUMsYUFBYSxDQUFDLENBQUM7WUFFeEUsa0VBQWtFO1lBRWxFLE1BQU0sV0FBVyxHQUFnQixNQUFNLElBQUksQ0FBQyxJQUFJLENBQUMsd0JBQXdCLEVBQUUsQ0FBQztZQUU1RSxNQUFNLElBQUksQ0FBQyxjQUFjLENBQUMsU0FBUyxDQUFDLENBQUM7WUFFckMsTUFBTSxJQUFJLEdBQUcsTUFBTSxJQUFJLENBQUMsUUFBUSxDQUFDLFdBQVcsRUFBRSxRQUFRLENBQUMsQ0FBQztZQUV4RCxJQUFJLFVBQVUsRUFBRTtnQkFDZCxXQUFXLENBQUMseUJBQXlCLENBQUM7b0JBQ3BDLFNBQVMsRUFBRSxHQUFHLEVBQUUsR0FBRSxDQUFDO29CQUNuQixTQUFTLEVBQUUsQ0FBQyxDQUFDLEVBQUUsRUFBRSxDQUFDLE9BQU8sQ0FBQyxLQUFLLENBQUMsQ0FBQyxDQUFDO2lCQUNuQyxDQUFDLENBQUM7YUFDSjtZQUVELE9BQU8sSUFBSSxDQUFDO1FBQ2QsQ0FBQztLQUFBO0lBRUssc0JBQXNCLENBQUMsSUFBMEI7O1lBQ3JELElBQUksSUFBSSxDQUFDLGNBQWMsS0FBSyxjQUFjLENBQUMsSUFBSSxFQUFFO2dCQUMvQyxNQUFNLFFBQVEsR0FBRyxJQUFJO3FCQUNsQixvQkFBb0IsRUFBRTtxQkFDdEIsY0FBYyxFQUFFO3FCQUNoQixXQUFXLEVBQUUsQ0FBQztnQkFDakIsTUFBTSxJQUFJLENBQUMsZUFBZSxDQUFDLHNCQUFzQixDQUMvQyxRQUFRLEVBQ1IsSUFBSSxDQUFDLGNBQWMsS0FBSyxjQUFjLENBQUMsWUFBWSxDQUNwRCxDQUFDO2FBQ0g7UUFDSCxDQUFDO0tBQUE7SUFFSyxrQkFBa0IsQ0FDdEIsU0FBa0IsS0FBSzs7WUFFdkIsTUFBTSxXQUFXLEdBQUcsTUFBTSxJQUFJLENBQUMsSUFBSSxDQUFDLHdCQUF3QixFQUFFLENBQUM7WUFFL0QsSUFBSSxXQUFXLENBQUMsV0FBVyxFQUFFLENBQUMsUUFBUSxDQUFDLGlDQUFpQyxDQUFDLEVBQUU7Z0JBQ3pFLE9BQU8sSUFBSSxDQUFDLFlBQVksQ0FBQyxNQUFNLENBQUMsQ0FBQzthQUNsQztpQkFBTTtnQkFDTCxPQUFPLElBQUksQ0FBQyxPQUFPLENBQUMsTUFBTSxDQUFDLENBQUM7YUFDN0I7UUFDSCxDQUFDO0tBQUE7SUFFSyxZQUFZLENBQUMsU0FBa0IsS0FBSzs7WUFDeEMsSUFBSSxDQUFDLE1BQU0sSUFBSSxJQUFJLENBQUMsZ0JBQWdCLEVBQUU7Z0JBQ3BDLE9BQU8sSUFBSSxDQUFDLGdCQUFnQixDQUFDO2FBQzlCO1lBRUQsSUFBSSxDQUFDLGdCQUFnQixHQUFHLE1BQU0sSUFBSSxDQUFDLGFBQWEsRUFBRSxDQUFDO1lBRW5ELE1BQU0sSUFBSSxDQUFDLFdBQVcsQ0FBQyxLQUFLLEVBQUUsQ0FBQyxDQUFDLDhDQUE4QztZQUU5RSxPQUFPLElBQUksQ0FBQyxnQkFBZ0IsQ0FBQztRQUMvQixDQUFDO0tBQUE7SUFFSyxPQUFPLENBQUMsU0FBa0IsS0FBSzs7WUFDbkMsSUFBSSxDQUFDLE1BQU0sSUFBSSxJQUFJLENBQUMsV0FBVyxFQUFFO2dCQUMvQixPQUFPLElBQUksQ0FBQyxXQUFXLENBQUM7YUFDekI7WUFDRCxJQUFJLENBQUMsV0FBVyxHQUFHLE1BQU0sSUFBSSxDQUFDLFFBQVEsQ0FDcEMsTUFBTSxJQUFJLENBQUMsSUFBSSxDQUFDLHdCQUF3QixFQUFFLENBQzNDLENBQUM7WUFDRixPQUFPLENBQUMsR0FBRyxDQUFDLHdCQUF3QixDQUFDLENBQUM7WUFDdEMsTUFBTSxJQUFJLENBQUMsV0FBVyxDQUFDLEtBQUssRUFBRSxDQUFDLENBQUMsOENBQThDO1lBQzlFLE9BQU8sSUFBSSxDQUFDLFdBQVcsQ0FBQztRQUMxQixDQUFDO0tBQUE7SUFFTyxnQkFBZ0IsQ0FBQyxRQUFjO1FBQ3JDLE1BQU0sY0FBYyxHQUFHLFFBQVEsYUFBUixRQUFRLHVCQUFSLFFBQVEsQ0FBRSxPQUFPLENBQUM7UUFDekMsT0FBTyxDQUNMLENBQUEsY0FBYyxhQUFkLGNBQWMsdUJBQWQsY0FBYyxDQUFFLE1BQU0sSUFBRyxDQUFDO1lBQzFCLGNBQWMsQ0FBQyxJQUFJLENBQUMsQ0FBQyxPQUFPLEVBQUUsRUFBRSxDQUFDLE9BQU8sQ0FBQyxXQUFXLEVBQUUsS0FBSyxRQUFRLENBQUMsQ0FDckUsQ0FBQztJQUNKLENBQUM7SUFFYSxRQUFRLENBQ3BCLFdBQXdCLEVBQ3hCLFFBQWlCOztZQUVqQixNQUFNLEVBQ0osV0FBVyxFQUNYLFdBQVcsRUFDWCxTQUFTLEdBQ1YsR0FBRyxNQUFNLElBQUksQ0FBQyxjQUFjLENBQUMsY0FBYyxFQUFFLENBQUM7WUFFL0MsSUFBSSxXQUFXLENBQUMsb0JBQW9CLEVBQUU7Z0JBQ3BDLElBQUksQ0FBQyxjQUFjLENBQUMsNkJBQTZCLENBQy9DLE1BQU0sR0FBRyxDQUFDLEtBQUssQ0FBQyxXQUFXLENBQUMsb0JBQW9CLENBQUMsQ0FDbEQsQ0FBQzthQUNIO1lBRUQsTUFBTSxjQUFjLEdBQUcsTUFBTSxJQUFJLENBQUMsSUFBSSxDQUFDLGNBQWMsQ0FBQyxXQUFXLENBQUMsQ0FBQztZQUVuRSxJQUFJLFFBQVEsRUFBRTtnQkFDWixNQUFNLE9BQU8sR0FBRyxDQUNkLE1BQU0sSUFBSSxDQUFDLFVBQVUsQ0FBQyxhQUFhLGlCQUNqQyxRQUFRLElBQ0wsV0FBVyxDQUFDLGNBQWMsQ0FBQyxPQUFPLENBQUMsYUFBYSxFQUNuRCxDQUNILENBQUMsR0FBRyxDQUFDO2dCQUVOLE1BQU0sSUFBSSxDQUFDLFdBQVcsQ0FBQyxnQkFBZ0IsQ0FDckMsTUFBTSxJQUFJLENBQUMsZUFBZSxDQUFDLGlCQUFpQixDQUMxQyxXQUFXLENBQUMsY0FBYyxDQUFDLE9BQU8sQ0FBQyxFQUFFLEVBQ3JDLE9BQU8sRUFDUCxXQUFXLENBQUMsY0FBYyxDQUFDLFNBQVMsQ0FBQyxFQUFFLENBQ3hDLENBQ0YsQ0FBQzthQUNIO1lBQ0QsTUFBTSxJQUFJLENBQUMsZUFBZSxDQUFDLFlBQVksQ0FBQyxXQUFXLENBQUMsY0FBYyxDQUFDLENBQUM7WUFFcEUsT0FBTztnQkFDTCxFQUFFLEVBQUUsV0FBVyxDQUFDLEVBQUU7Z0JBQ2xCLEdBQUcsRUFBRSxJQUFJLENBQUMsZ0JBQWdCLENBQUMsS0FBSyxFQUFFLGNBQWMsQ0FBQztnQkFDakQsUUFBUSxFQUFFLFdBQVcsQ0FBQyxRQUFRO2dCQUM5QixjQUFjLEVBQUUsV0FBVyxDQUFDLGNBQWM7Z0JBQzFDLGlCQUFpQixFQUFFLEdBQUcsRUFBRSxDQUN0QixXQUFXLENBQUMsb0JBQW9CLEVBQUUsQ0FBQyxjQUFjLEVBQUUsQ0FBQyxXQUFXLEVBQUU7Z0JBQ25FLEtBQUssRUFBRSxJQUFJLENBQUMsZ0JBQWdCLENBQUMsT0FBTyxFQUFFLGNBQWMsQ0FBQztnQkFDckQsYUFBYSxFQUNYLElBQUksQ0FBQyxnQkFBZ0IsQ0FBQyxnQkFBZ0IsRUFBRSxjQUFjLENBQUMsS0FBSyxNQUFNO2dCQUNwRSxLQUFLLEVBQUUsSUFBSSxDQUFDLGdCQUFnQixDQUFDLGNBQWMsRUFBRSxjQUFjLENBQUM7Z0JBQzVELGFBQWEsRUFDWCxJQUFJLENBQUMsZ0JBQWdCLENBQUMsdUJBQXVCLEVBQUUsY0FBYyxDQUFDO29CQUM5RCxNQUFNO2dCQUNSLFdBQVcsb0JBQ04sQ0FBQyxNQUFNLElBQUksQ0FBQyxjQUFjLENBQUMsa0JBQWtCLENBQUMsV0FBVyxDQUFDLENBQUMsQ0FDL0Q7Z0JBQ0QsVUFBVSxFQUFFLFdBQVcsQ0FBQyxVQUFVO2dCQUNsQyxTQUFTO2dCQUNULGdCQUFnQixFQUFFLElBQUksQ0FBQyxnQkFBZ0IsQ0FBQyxXQUFXLENBQUMsUUFBUSxDQUFDO2dCQUM3RCxRQUFRLEVBQUUsV0FBVyxDQUFDLFFBQVE7Z0JBQzlCLG9CQUFvQixFQUFFLFdBQVcsQ0FBQyxvQkFBb0I7YUFDdkQsQ0FBQztRQUNKLENBQUM7S0FBQTtJQUVNLFNBQVM7UUFDZCxPQUFPLElBQUksQ0FBQyxVQUFVLENBQUM7SUFDekIsQ0FBQztJQUVZLE1BQU07O1lBQ2pCLElBQUksQ0FBQyxXQUFXLEdBQUcsSUFBSSxDQUFDO1lBQ3hCLElBQUksQ0FBQyxVQUFVLENBQUMsU0FBUyxFQUFFLENBQUM7WUFDNUIsSUFBSSxDQUFDLGVBQWUsQ0FBQyxTQUFTLEVBQUUsQ0FBQztZQUVqQyxNQUFNLE9BQU8sQ0FBQyxHQUFHLENBQUMsQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLE9BQU8sRUFBRSxFQUFFLElBQUksQ0FBQyxjQUFjLENBQUMsT0FBTyxFQUFFLENBQUMsQ0FBQyxDQUFDO1FBQzFFLENBQUM7S0FBQTtJQUVPLGdCQUFnQixDQUN0QixhQUFxQixFQUNyQixjQUFzQztRQUV0QyxNQUFNLGFBQWEsR0FBRyxjQUFjLENBQUMsSUFBSSxDQUN2QyxDQUFDLENBQUMsRUFBRSxFQUFFLENBQUMsQ0FBQyxDQUFDLE9BQU8sRUFBRSxLQUFLLGFBQWEsQ0FDckMsQ0FBQztRQUVGLE9BQU8sYUFBYSxDQUFDLENBQUMsQ0FBQyxhQUFhLENBQUMsUUFBUSxFQUFFLENBQUMsQ0FBQyxDQUFDLElBQUksQ0FBQztJQUN6RCxDQUFDO0lBRVksYUFBYSxDQUFDLFFBQWlCOztZQUMxQyxNQUFNLEVBQUUsbUJBQW1CLEVBQUUsU0FBUyxFQUFFLEdBQUcsTUFBTSxJQUFJLENBQUMsU0FBUyxDQUFDLEtBQUssQ0FBQztnQkFDcEUsS0FBSyxFQUFFLHdCQUF3QjthQUNoQyxDQUFDLENBQUM7WUFFSCxJQUFJLFNBQVMsQ0FBQyxvQkFBb0IsRUFBRTtnQkFDbEMsSUFBSSxDQUFDLGNBQWMsQ0FBQyw2QkFBNkIsQ0FDL0MsTUFBTSxHQUFHLENBQUMsS0FBSyxDQUFDLFNBQVMsQ0FBQyxvQkFBb0IsQ0FBQyxDQUNoRCxDQUFDO2FBQ0g7WUFFRCxrQkFBa0I7WUFDbEIsSUFBSSxRQUFRLEVBQUU7Z0JBQ1osTUFBTSxPQUFPLEdBQUcsQ0FDZCxNQUFNLElBQUksQ0FBQyxVQUFVLENBQUMsYUFBYSxpQkFDakMsUUFBUSxJQUNMLFNBQVMsQ0FBQyxPQUFPLENBQUMsYUFBYSxFQUNsQyxDQUNILENBQUMsR0FBRyxDQUFDO2dCQUVOLE1BQU0sSUFBSSxDQUFDLFdBQVcsQ0FBQyxnQkFBZ0IsQ0FDckMsTUFBTSxJQUFJLENBQUMsZUFBZSxDQUFDLGlCQUFpQixDQUMxQyxTQUFTLENBQUMsT0FBTyxDQUFDLEVBQUUsRUFDcEIsT0FBTyxFQUNQLFNBQVMsQ0FBQyxTQUFTLENBQUMsRUFBRSxDQUN2QixDQUNGLENBQUM7YUFDSDtZQUVELElBQUksQ0FBQyxVQUFVLENBQUMsWUFBWSxDQUFDO2dCQUMzQixPQUFPLEVBQUU7b0JBQ1AsRUFBRSxFQUFFLFNBQVMsQ0FBQyxPQUFPLENBQUMsRUFBRTtpQkFDekI7Z0JBQ0QsU0FBUyxFQUFFO29CQUNULEVBQUUsRUFBRSxTQUFTLENBQUMsU0FBUyxDQUFDLEVBQUU7aUJBQzNCO2FBQ0YsQ0FBQyxDQUFDO1lBRUgsTUFBTSxjQUFjLEdBQUcsTUFBTSxJQUFJLENBQUMsSUFBSSxDQUFDLGNBQWMsQ0FDbkQsTUFBTSxJQUFJLENBQUMsSUFBSSxDQUFDLHdCQUF3QixFQUFFLENBQzNDLENBQUM7WUFDRixNQUFNLEdBQUcsR0FBRyxJQUFJLENBQUMsZ0JBQWdCLENBQUMsS0FBSyxFQUFFLGNBQWMsQ0FBQyxDQUFDO1lBRXpELHVDQUNLLENBQUMsTUFBTSxJQUFJLENBQUMsK0JBQStCLENBQUMsOEJBQThCLENBQzNFLFNBQVMsQ0FDVixDQUFDLEtBQ0YsR0FBRyxJQUNIO1FBQ0osQ0FBQztLQUFBO0lBRVksa0JBQWtCOztZQUM3QixNQUFNLFdBQVcsR0FBZ0IsTUFBTSxJQUFJLENBQUMsSUFBSSxDQUFDLHdCQUF3QixFQUFFLENBQUM7WUFDNUUsTUFBTSxZQUFZLEdBQUcsV0FBVyxDQUFDLG9CQUFvQixFQUFFLENBQUMsZUFBZSxFQUFFLENBQUM7WUFFMUUsT0FBTyxJQUFJLE9BQU8sQ0FBQyxDQUFDLE9BQU8sRUFBRSxNQUFNLEVBQUUsRUFBRTtnQkFDckMsV0FBVyxDQUFDLGNBQWMsQ0FBQyxZQUFZLEVBQUUsQ0FBQyxHQUFHLEVBQUUsSUFBSSxFQUFFLEVBQUU7b0JBQ3JELElBQUksR0FBRyxFQUFFO3dCQUNQLE9BQU8sQ0FBQyxLQUFLLENBQUMsMEJBQTBCLEVBQUUsR0FBRyxDQUFDLENBQUM7d0JBQy9DLE1BQU0sQ0FBQyxHQUFHLENBQUMsQ0FBQztxQkFDYjt5QkFBTTt3QkFDTCxPQUFPLENBQUMsR0FBRyxDQUFDLDBCQUEwQixFQUFFLElBQUksQ0FBQyxDQUFDO3dCQUM5QyxPQUFPLENBQUMsQ0FBQyxDQUFDLENBQUM7cUJBQ1o7Z0JBQ0gsQ0FBQyxDQUFDLENBQUM7WUFDTCxDQUFDLENBQUMsQ0FBQztRQUNMLENBQUM7S0FBQTtJQUVLLGVBQWUsQ0FBQyxXQUFtQjs7WUFDdkMsTUFBTSxTQUFTLEdBQUcsTUFBTSxJQUFJLENBQUMsWUFBWSxDQUFDLElBQUksQ0FBQyxDQUFDO1lBRWhELElBQUksU0FBUyxDQUFDLEtBQUssS0FBSyxZQUFZLENBQUMsUUFBUSxFQUFFO2dCQUM3QyxNQUFNLElBQUksbUJBQW1CLENBQzNCLCtDQUErQyxDQUNoRCxDQUFDO2FBQ0g7WUFFRCxpRUFBaUU7WUFDakUsdURBQXVEO1lBQ3ZELGlFQUFpRTtZQUNqRSxNQUFNLFdBQVcsR0FBRyxNQUFNLElBQUksQ0FBQyxrQkFBa0IsQ0FBQyxTQUFTLENBQUMsQ0FBQztZQUU3RCxNQUFNLEVBQUUsT0FBTyxFQUFFLEdBQUcsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsT0FBTyxDQUN0RCxXQUFXLEVBQ1gsU0FBUyxDQUFDLGtCQUFrQixDQUM3QixDQUFDO1lBQ0YsT0FBTyxDQUFDLEdBQUcsQ0FBQyxPQUFPLENBQUMsQ0FBQztZQUVyQixnQ0FBZ0M7WUFDaEMsTUFBTSxVQUFVLEdBQUcsTUFBTSxHQUFHLENBQUMsS0FBSyxDQUFDLE9BQU8sQ0FBQyxDQUFDO1lBRTVDLE1BQU0sU0FBUyxHQUFHLE1BQU0sSUFBSSxDQUFDLGVBQWUsQ0FBQyxNQUFNLENBQUMsU0FBUyxDQUFDLFNBQVMsQ0FBQyxFQUFFLENBQUMsQ0FBQztZQUU1RSxNQUFNLHVCQUF1QixHQUFHLE1BQU0sSUFBSSxDQUFDLGlCQUFpQixDQUFDLGVBQWUsQ0FDMUUsU0FBUyxDQUFDLEdBQUcsRUFDYixVQUFVLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxDQUN4QixDQUFDO1lBRUYsbUJBQW1CO1lBQ25CLE1BQU0sZ0JBQWdCLEdBQUcsTUFBTSxJQUFJLENBQUMsVUFBVSxDQUFDLGFBQWEsaUJBQzFELFFBQVEsRUFBRSxXQUFXLElBQ2xCLFNBQVMsQ0FBQyxPQUFPLENBQUMsYUFBYSxFQUNsQyxDQUFDO1lBRUgsTUFBTSxjQUFjLEdBQUcsSUFBSSxDQUFDLGVBQWUsQ0FBQyxnQkFBZ0IsQ0FDMUQsZ0JBQWdCLENBQUMsR0FBRyxDQUNyQixDQUFDO1lBRUYsaUVBQWlFO1lBQ2pFLDZCQUE2QjtZQUM3QixpRUFBaUU7WUFDakUsTUFBTSxTQUFTLEdBQUcsQ0FDaEIsTUFBTSxJQUFJLENBQUMsU0FBUyxDQUFDLFFBQVEsQ0FDM0IsSUFBSSxVQUFVLENBQUM7Z0JBQ2IsUUFBUSxFQUFFLG9DQUFvQztnQkFDOUMsU0FBUyxFQUFFO29CQUNULEtBQUssRUFBRSxFQUFFO2lCQUNWO2FBQ0YsQ0FBQyxFQUNGO2dCQUNFLGVBQWUsRUFBRSxLQUFLO2FBQ3ZCLENBQ0YsQ0FDRixDQUFDLDRCQUE0QixDQUFDLFNBQVMsQ0FBQztZQUV6QyxPQUFPLENBQUMsR0FBRyxDQUFDLFNBQVMsQ0FBQyxDQUFDO1lBRXZCLHFCQUFxQjtZQUNyQixrRUFBa0U7WUFDbEUsU0FBUyxDQUFDLFdBQVcsR0FBRyxJQUFJLENBQUMsVUFBVSxDQUFDLFlBQVksQ0FDbEQscUNBQXFDLENBQ3RDLENBQUM7WUFDRixPQUFPLENBQUMsR0FBRyxDQUFDLFNBQVMsQ0FBQyxDQUFDO1lBRXZCLE1BQU0sc0JBQXNCLEdBQUcsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsT0FBTyxDQUNqRSxXQUFXLEVBQ1gsU0FBUyxDQUFDLDZCQUE2QixDQUN4QyxDQUFDO1lBQ0YsTUFBTSxlQUFlLEdBQUcsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsSUFBSSxDQUN2RCxzQkFBc0IsRUFDdEIsU0FBUyxDQUNWLENBQUM7WUFFRixpRUFBaUU7WUFDakUsd0NBQXdDO1lBQ3hDLGlFQUFpRTtZQUNqRSxNQUFNLGVBQWUsR0FBRyxDQUN0QixNQUFNLElBQUksQ0FBQyxTQUFTLENBQUMsUUFBUSxDQUMzQixJQUFJLFVBQVUsQ0FBQztnQkFDYixRQUFRLEVBQUUseUNBQXlDO2dCQUNuRCxTQUFTLEVBQUU7b0JBQ1QsS0FBSyxFQUFFO3dCQUNMLGVBQWUsRUFBRSxJQUFJLENBQUMsU0FBUyxDQUFDLGVBQWUsQ0FBQztxQkFDakQ7aUJBQ0Y7YUFDRixDQUFDLEVBQ0Y7Z0JBQ0UsZUFBZSxFQUFFLEtBQUs7YUFDdkIsQ0FDRixDQUNGLENBQUMsaUNBQWlDLENBQUMsV0FBVyxDQUFDO1lBRWhELGlFQUFpRTtZQUNqRSwwREFBMEQ7WUFDMUQsaUVBQWlFO1lBQ2pFLGtFQUFrRTtZQUNsRSxpRUFBaUU7WUFDakUsOERBQThEO1lBQzlELG1FQUFtRTtZQUNuRSxpREFBaUQ7WUFFakQsOERBQThEO1lBQzlELE1BQU0sVUFBVSxHQUFHLElBQUksT0FBTyxDQUFPLENBQUMsT0FBTyxFQUFFLEVBQUU7Z0JBQy9DLE1BQU0sUUFBUSxHQUFHLENBQU8sSUFBSSxFQUFFLEVBQUU7b0JBQzlCLElBQUksSUFBSSxDQUFDLE9BQU8sQ0FBQyxLQUFLLEtBQUssUUFBUSxFQUFFO3dCQUNuQyxPQUFPO3FCQUNSO29CQUVELEdBQUcsQ0FBQyxNQUFNLENBQUMsTUFBTSxFQUFFLFFBQVEsQ0FBQyxDQUFDO29CQUU3QixPQUFPLENBQUMsR0FBRyxDQUFDLElBQUksQ0FBQyxPQUFPLENBQUMsQ0FBQztvQkFFMUIsTUFBTSxJQUFJLENBQUMsSUFBSSxDQUFDLE1BQU0sQ0FBQyxTQUFTLENBQUMsUUFBUSxFQUFFLGNBQWMsQ0FBQyxDQUFDO29CQUUzRCxxQ0FBcUM7b0JBQ3JDLE1BQU0sSUFBSSxDQUFDLFNBQVMsQ0FBQyxRQUFRLENBQzNCLElBQUksVUFBVSxDQUFDO3dCQUNiLFFBQVEsRUFBRSxzQ0FBc0M7d0JBQ2hELFNBQVMsRUFBRTs0QkFDVCxLQUFLLEVBQUU7Z0NBQ0wsdUJBQXVCO2dDQUN2QixXQUFXLEVBQUUsU0FBUyxDQUFDLEVBQUU7NkJBQzFCO3lCQUNGO3FCQUNGLENBQUMsQ0FDSCxDQUFDO29CQUVGLE9BQU8sRUFBRSxDQUFDO2dCQUNaLENBQUMsQ0FBQSxDQUFDO2dCQUVGLEdBQUcsQ0FBQyxNQUFNLENBQUMsTUFBTSxFQUFFLFFBQVEsQ0FBQyxDQUFDO1lBQy9CLENBQUMsQ0FBQyxDQUFDO1lBRUgsMEZBQTBGO1lBQzFGLDZCQUE2QjtZQUM3QixJQUFJLElBQUksR0FBRyxNQUFNLElBQUksQ0FBQyxJQUFJLENBQUMsTUFBTSxDQUFDLFNBQVMsQ0FBQyxRQUFRLEVBQUUsZUFBZSxFQUFFO2dCQUNyRSxPQUFPLEVBQUUsTUFBTTthQUNoQixDQUFDLENBQUM7WUFFSCxJQUFJLElBQUksQ0FBQyxhQUFhLEtBQUssdUJBQXVCLEVBQUU7Z0JBQ2xELE1BQU0sSUFBSSxXQUFXLENBQUM7b0JBQ3BCLE9BQU8sRUFDTCwwSEFBMEg7aUJBQzdILENBQUMsQ0FBQzthQUNKO1lBRUQsMEJBQTBCO1lBQzFCLCtFQUErRTtZQUMvRSwyQkFBMkI7WUFDM0IsSUFBSSxHQUFHLE1BQU0sSUFBSSxDQUFDLElBQUksQ0FBQyxtQkFBbUIsQ0FBQyxJQUFJLEVBQUUsY0FBYyxFQUFFLEVBQUUsQ0FBQyxDQUFDO1lBRXJFLE9BQU8sVUFBVSxDQUFDO1FBQ3BCLENBQUM7S0FBQTtJQUVhLGtCQUFrQixDQUM5QixTQUFrQzs7WUFFbEMsNEJBQTRCO1lBQzVCLElBQUksaUJBQXlCLENBQUM7WUFFOUIsTUFBTSxHQUFHLEdBQUcsTUFBTSxJQUFJLENBQUMsZUFBZSxDQUFDLE1BQU0sQ0FBQyxTQUFTLENBQUMsR0FBRyxDQUFDLEVBQUUsQ0FBQyxDQUFDO1lBRWhFLE1BQU0sTUFBTSxHQUFHLE1BQU0sT0FBTyxDQUFDLEdBQUcsQ0FDOUIsU0FBUyxDQUFDLFNBQVM7aUJBQ2hCLE1BQU0sQ0FBQyxDQUFDLFFBQVEsRUFBRSxFQUFFLENBQUMsQ0FBQyxDQUFDLFFBQVEsQ0FBQyxnQ0FBZ0MsQ0FBQztpQkFDakUsR0FBRyxDQUFDLENBQU8sUUFBUSxFQUFFLEVBQUU7Z0JBQ3RCLE1BQU0sa0JBQWtCLEdBQUcsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsT0FBTyxDQUM3RCxHQUFHLEVBQ0gsUUFBUSxDQUFDLGdDQUFnQyxDQUMxQyxDQUFDO2dCQUVGLElBQUksaUJBQWlCLEVBQUU7b0JBQ3JCLElBQ0UsSUFBSSxDQUFDLFNBQVMsQ0FBQyxpQkFBaUIsQ0FBQzt3QkFDakMsSUFBSSxDQUFDLFNBQVMsQ0FBQyxrQkFBa0IsQ0FBQyxpQkFBaUIsQ0FBQyxFQUNwRDt3QkFDQSxNQUFNLElBQUksbUJBQW1CLENBQzNCLGtFQUFrRSxDQUNuRSxDQUFDO3FCQUNIO2lCQUNGO3FCQUFNO29CQUNMLGlCQUFpQixHQUFHLGtCQUFrQixDQUFDLGlCQUFpQixDQUFDO2lCQUMxRDtnQkFDRCxPQUFPLGtCQUFrQixDQUFDLE1BQU0sQ0FBQyxLQUFLLENBQUMsU0FBUyxDQUFDO1lBQ25ELENBQUMsQ0FBQSxDQUFDLENBQ0wsQ0FBQztZQUVGLE9BQU8sQ0FBQyxHQUFHLENBQUMsc0JBQXNCLEVBQUUsTUFBTSxDQUFDLENBQUM7WUFFNUMsTUFBTSxjQUFjLEdBQUcsTUFBTSxJQUFJLENBQUMsYUFBYSxDQUFDLGFBQWEsQ0FDM0QsTUFBTSxFQUNOLG1DQUFtQyxDQUNwQyxDQUFDO1lBRUYsT0FBTyxHQUFHLENBQUMsS0FBSyxpQ0FDWCxpQkFBaUIsS0FDcEIsQ0FBQyxFQUFFLGNBQWMsSUFDakIsQ0FBQztRQUNMLENBQUM7S0FBQTs7OztZQXRwQkYsVUFBVSxTQUFDO2dCQUNWLFVBQVUsRUFBRSxNQUFNO2FBQ25COzs7NENBT0ksTUFBTSxTQUFDLFNBQVM7WUF6Q1osU0FBUztZQVFULGlCQUFpQjtZQXpCakIsVUFBVTtZQUNWLGNBQWM7WUFGZCxlQUFlO1lBaUJmLGVBQWU7WUFRZixXQUFXO1lBRVgsZ0JBQWdCO1lBRWhCLCtCQUErQjtZQUUvQixjQUFjO1lBR2QsaUJBQWlCO1lBQ2pCLGFBQWEiLCJzb3VyY2VzQ29udGVudCI6WyJpbXBvcnQgeyBJbmplY3QsIEluamVjdGFibGUsIGlzRGV2TW9kZSB9IGZyb20gJ0Bhbmd1bGFyL2NvcmUnO1xyXG5pbXBvcnQgeyBDb2duaXRvVXNlciB9IGZyb20gJ0Bhd3MtYW1wbGlmeS9hdXRoJztcclxuaW1wb3J0IHsgSHViIH0gZnJvbSAnQGF3cy1hbXBsaWZ5L2NvcmUnO1xyXG5pbXBvcnQgeyBDb2duaXRvVXNlckF0dHJpYnV0ZSB9IGZyb20gJ2FtYXpvbi1jb2duaXRvLWlkZW50aXR5LWpzJztcclxuaW1wb3J0IHsgT2JzZXJ2YWJsZSwgUmVwbGF5U3ViamVjdCB9IGZyb20gJ3J4anMnO1xyXG5pbXBvcnQgeyBQYXNzSWRwUGFyYW1zIH0gZnJvbSAnLi4vY3J5cHRvZ3JhcGh5L2NyeXB0b2dyYXBoeS50eXBlcyc7XHJcbmltcG9ydCB7IEtleUdyYXBoU2VydmljZSB9IGZyb20gJy4uL2NyeXB0b2dyYXBoeS9rZXktZ3JhcGguc2VydmljZSc7XHJcbmltcG9ydCB7IEtleVNlcnZpY2UgfSBmcm9tICcuLi9jcnlwdG9ncmFwaHkva2V5LnNlcnZpY2UnO1xyXG5pbXBvcnQgeyBQcm9maWxlU2VydmljZSB9IGZyb20gJy4uL3VzZXJzL3Byb2ZpbGUuc2VydmljZSc7XHJcbmltcG9ydCB7IFBhc3N3b3JkQ2hhbmdlU3RhdHVzIH0gZnJvbSAnLi4vdXNlcnMvcHJvZmlsZS50eXBlcyc7XHJcbmltcG9ydCB7XHJcbiAgTHJDb25jdXJyZW50QWNjZXNzRXhjZXB0aW9uLFxyXG4gIExyQmFkUmVxdWVzdEV4Y2VwdGlvbixcclxuICBMckJhZFN0YXRlRXhjZXB0aW9uLFxyXG4gIExyRXhjZXB0aW9uLFxyXG59IGZyb20gJy4uL19jb21tb24vZXhjZXB0aW9ucyc7XHJcbmltcG9ydCB7XHJcbiAgQ29nbml0b0NoYWxsZW5nZVVzZXIsXHJcbiAgQ3VycmVudFVzZXIsXHJcbiAgVHBQYXNzd29yZFJlc2V0VXNlcixcclxuICBMb2dpblJlc3VsdCxcclxuICBSZWNvdmVyeVN0YXR1cyxcclxufSBmcm9tICcuL2F1dGgudHlwZXMnO1xyXG5pbXBvcnQgeyBQYXNzd29yZFNlcnZpY2UgfSBmcm9tICcuL3Bhc3N3b3JkLnNlcnZpY2UnO1xyXG5pbXBvcnQgeyBBdXRoQ2xhc3MgfSBmcm9tICdAYXdzLWFtcGxpZnkvYXV0aC9saWItZXNtL0F1dGgnO1xyXG5pbXBvcnQge1xyXG4gIENvbXBsZXRlVHBQYXNzd29yZFJlc2V0UmVxdWVzdE11dGF0aW9uLFxyXG4gIENyZWF0ZVRwQXNzZW1ibHlLZXlDaGFsbGVuZ2VNdXRhdGlvbixcclxuICBQcmVDb21wbGV0ZVRwUGFzc3dvcmRSZXNldFJlcXVlc3RNdXRhdGlvbixcclxuICBUcFBhc3N3b3JkUmVzZXRVc2VyUXVlcnksXHJcbn0gZnJvbSAnLi4vdHJ1c3RlZC1wYXJ0aWVzL3RwLXBhc3N3b3JkLXJlc2V0LmdxbCc7XHJcbmltcG9ydCB7IElkbGVTZXJ2aWNlIH0gZnJvbSAnLi9pZGxlLnNlcnZpY2UnO1xyXG5pbXBvcnQgeyBLZXlGYWN0b3J5U2VydmljZSB9IGZyb20gJy4uL2NyeXB0b2dyYXBoeS9rZXktZmFjdG9yeS5zZXJ2aWNlJztcclxuaW1wb3J0IHsgTHJHcmFwaFFMU2VydmljZSwgTHJNdXRhdGlvbiB9IGZyb20gJy4uL2FwaS9sci1ncmFwaHFsJztcclxuaW1wb3J0IHsgVHBDbGFpbVN0YXRlLCBUcFBhc3N3b3JkUmVzZXRVc2VyTm9kZSB9IGZyb20gJy4uL2FwaS90eXBlcyc7XHJcbmltcG9ydCB7IFRwUGFzc3dvcmRSZXNldFByb2Nlc3NvclNlcnZpY2UgfSBmcm9tICcuLi9hcGkvcXVlcnktcHJvY2Vzc29yL3RwLXBhc3N3b3JkLXJlc2V0LXByb2Nlc3Nvci5zZXJ2aWNlJztcclxuaW1wb3J0IHsgU2V0U2Vzc2lvbkVuY3J5cHRpb25LZXlNdXRhdGlvbiB9IGZyb20gJy4vYXV0aC5ncWwnO1xyXG5pbXBvcnQgeyBQZXJzaXN0U2VydmljZSB9IGZyb20gJy4uL2FwaS9wZXJzaXN0LnNlcnZpY2UnO1xyXG5pbXBvcnQgeyBKV0sgfSBmcm9tICdub2RlLWpvc2UnO1xyXG5pbXBvcnQgeyBMaWZlUmVhZHlDb25maWcsIExSX0NPTkZJRyB9IGZyb20gJy4uL2xpZmUtcmVhZHkuY29uZmlnJztcclxuaW1wb3J0IHsgRW5jcnlwdGlvblNlcnZpY2UgfSBmcm9tICcuLi9jcnlwdG9ncmFwaHkvZW5jcnlwdGlvbi5zZXJ2aWNlJztcclxuaW1wb3J0IHsgU2xpcDM5U2VydmljZSB9IGZyb20gJy4uL2NyeXB0b2dyYXBoeS9zbGlwMzkuc2VydmljZSc7XHJcbmltcG9ydCB7XHJcbiAgVFBfUEFTU1dPUkRfUkVTRVRfQ0xJRU5UX05PTkNFX0xFTkdUSCxcclxuICBUUF9QQVNTV09SRF9SRVNFVF9TTElQMzlfUEFTU1BIUkFTRSxcclxuICBUUF9QQVNTV09SRF9SRVNFVF9VU0VSTkFNRV9TVUZGSVgsXHJcbn0gZnJvbSAnLi4vdHJ1c3RlZC1wYXJ0aWVzL3RwLXBhc3N3b3JkLXJlc2V0LmNvbnN0YW50cyc7XHJcblxyXG5leHBvcnQgY29uc3QgaW5pdGlhbGlzZUF1dGggPSAoYXV0aFNlcnZpY2U6IExpZmVSZWFkeUF1dGhTZXJ2aWNlKSA9PiB7XHJcbiAgcmV0dXJuICgpID0+IGF1dGhTZXJ2aWNlLmluaXRpYWxpc2UoKTtcclxufTtcclxuXHJcbmV4cG9ydCBpbnRlcmZhY2UgTG9naW5PcHRpb25zIHtcclxuICB0cFBhc3N3b3JkUmVzZXRBdXRvQ29tcGxldGU/OiBib29sZWFuO1xyXG59XHJcblxyXG5ASW5qZWN0YWJsZSh7XHJcbiAgcHJvdmlkZWRJbjogJ3Jvb3QnLFxyXG59KVxyXG5leHBvcnQgY2xhc3MgTGlmZVJlYWR5QXV0aFNlcnZpY2Uge1xyXG4gIHByaXZhdGUgaHViU3ViamVjdDogUmVwbGF5U3ViamVjdDxhbnk+ID0gbmV3IFJlcGxheVN1YmplY3Q8YW55PigxKTtcclxuICBwcml2YXRlIGN1cnJlbnRVc2VyOiBDdXJyZW50VXNlcjtcclxuICBwcml2YXRlIGN1cnJlbnRSZXNldFVzZXI6IFRwUGFzc3dvcmRSZXNldFVzZXI7XHJcblxyXG4gIGNvbnN0cnVjdG9yKFxyXG4gICAgQEluamVjdChMUl9DT05GSUcpIHByaXZhdGUgY29uZmlnOiBMaWZlUmVhZHlDb25maWcsXHJcbiAgICBwcml2YXRlIGF1dGg6IEF1dGhDbGFzcyxcclxuICAgIHByaXZhdGUga2V5RmFjdG9yeTogS2V5RmFjdG9yeVNlcnZpY2UsXHJcbiAgICBwcml2YXRlIGtleVNlcnZpY2U6IEtleVNlcnZpY2UsXHJcbiAgICBwcml2YXRlIHByb2ZpbGVTZXJ2aWNlOiBQcm9maWxlU2VydmljZSxcclxuICAgIHByaXZhdGUga2V5R3JhcGhTZXJ2aWNlOiBLZXlHcmFwaFNlcnZpY2UsXHJcbiAgICBwcml2YXRlIHBhc3N3b3JkU2VydmljZTogUGFzc3dvcmRTZXJ2aWNlLFxyXG4gICAgcHJpdmF0ZSBpZGxlU2VydmljZTogSWRsZVNlcnZpY2UsXHJcbiAgICBwcml2YXRlIGxyR3JhcGhRTDogTHJHcmFwaFFMU2VydmljZSxcclxuICAgIHByaXZhdGUgdHBQYXNzd29yZFJlc2V0UHJvY2Vzc29yU2VydmljZTogVHBQYXNzd29yZFJlc2V0UHJvY2Vzc29yU2VydmljZSxcclxuICAgIHByaXZhdGUgcGVyc2lzdFNlcnZpY2U6IFBlcnNpc3RTZXJ2aWNlLFxyXG4gICAgcHJpdmF0ZSBlbmNyeXB0aW9uU2VydmljZTogRW5jcnlwdGlvblNlcnZpY2UsXHJcbiAgICBwcml2YXRlIHNsaXAzOVNlcnZpY2U6IFNsaXAzOVNlcnZpY2VcclxuICApIHt9XHJcblxyXG4gIHB1YmxpYyBhc3luYyBpbml0aWFsaXNlKCkge1xyXG4gICAgSHViLmxpc3RlbignYXV0aCcsIChkYXRhKSA9PiB0aGlzLmh1YlN1YmplY3QubmV4dChkYXRhLnBheWxvYWQpKTtcclxuICB9XHJcblxyXG4gIHByaXZhdGUgYXN5bmMgbG9naW5JZHBJbXBsKFxyXG4gICAgZW1haWxPclBob25lOiBzdHJpbmcsXHJcbiAgICBwYXNzd29yZDogc3RyaW5nLFxyXG4gICAgcGFzc0lkcFBhcmFtczogUGFzc0lkcFBhcmFtcyxcclxuICAgIHJlY292ZXJ5U3RhdHVzOiBSZWNvdmVyeVN0YXR1c1xyXG4gICk6IFByb21pc2U8Q29nbml0b0NoYWxsZW5nZVVzZXI+IHtcclxuICAgIGNvbnN0IHBhc3NJZHBSZXN1bHQgPSBhd2FpdCB0aGlzLmtleUZhY3RvcnkuZGVyaXZlUGFzc0lkcCh7XHJcbiAgICAgIHBhc3N3b3JkLFxyXG4gICAgICAuLi5wYXNzSWRwUGFyYW1zLFxyXG4gICAgfSk7XHJcbiAgICAvLyBVc2UgdGhlIGRlcml2ZWQgcGFzc3dvcmQgdG8gc2lnbmluIHdpdGggY29nbml0b1xyXG4gICAgY29uc3QgdXNlciA9IGF3YWl0IHRoaXMuYXV0aC5zaWduSW4oXHJcbiAgICAgIGVtYWlsT3JQaG9uZSxcclxuICAgICAgdGhpcy5wYXNzd29yZFNlcnZpY2UuZ2V0UGFzc0lkcFN0cmluZyhwYXNzSWRwUmVzdWx0Lmp3aylcclxuICAgICk7XHJcblxyXG4gICAgdXNlci5yZWNvdmVyeVN0YXR1cyA9IHJlY292ZXJ5U3RhdHVzO1xyXG5cclxuICAgIHJldHVybiB1c2VyO1xyXG4gIH1cclxuXHJcbiAgcHJpdmF0ZSBhc3luYyBsb2dpbklkcChcclxuICAgIGVtYWlsT3JQaG9uZTogc3RyaW5nLFxyXG4gICAgcGFzc3dvcmQ6IHN0cmluZ1xyXG4gICk6IFByb21pc2U8Q29nbml0b0NoYWxsZW5nZVVzZXI+IHtcclxuICAgIC8vIERvd25sb2FkIHRoZSBzYWx0IG5lZWRlZCB0byBkZXJpdmUgdGhlIFBhc3NJZHBcclxuICAgIGNvbnN0IHBhc3NJZHBBcGlSZXN1bHQgPSBhd2FpdCB0aGlzLnByb2ZpbGVTZXJ2aWNlLmdldFBhc3NJZHBQYXJhbXMoXHJcbiAgICAgIGVtYWlsT3JQaG9uZVxyXG4gICAgKTtcclxuXHJcbiAgICBpZiAoXHJcbiAgICAgIHBhc3NJZHBBcGlSZXN1bHQucGFzc3dvcmRDaGFuZ2VTdGF0dXMgPT09IFBhc3N3b3JkQ2hhbmdlU3RhdHVzLkluUHJvZ3Jlc3NcclxuICAgICkge1xyXG4gICAgICB0aHJvdyBuZXcgTHJDb25jdXJyZW50QWNjZXNzRXhjZXB0aW9uKCdBIHBhc3N3b3JkIGNoYW5nZSBpcyBpbiBwcm9ncmVzcycpO1xyXG4gICAgfVxyXG5cclxuICAgIGlmIChcclxuICAgICAgcGFzc0lkcEFwaVJlc3VsdC5wYXNzd29yZENoYW5nZVN0YXR1cyA9PT0gUGFzc3dvcmRDaGFuZ2VTdGF0dXMuUmVjb3ZlcnlcclxuICAgICkge1xyXG4gICAgICBjb25zb2xlLmxvZygnSW4gcmVjb3ZlcnkgbW9kZS4nKTtcclxuICAgICAgLy8gTGV0J3Mgc2F5IHdlIGRvbid0IGtub3cgaWYgdGhlIHBhc3N3b3JkIGlzIHRoZSBuZXcgb25lIG9yIHRoZSBvbGQgb25lLiBXZSBqdXN0IGhhdmUgdG8gdHJ5IGJvdGguXHJcbiAgICAgIHRyeSB7XHJcbiAgICAgICAgY29uc3QgdXNlciA9IGF3YWl0IHRoaXMubG9naW5JZHBJbXBsKFxyXG4gICAgICAgICAgZW1haWxPclBob25lLFxyXG4gICAgICAgICAgcGFzc3dvcmQsXHJcbiAgICAgICAgICBwYXNzSWRwQXBpUmVzdWx0Lm5ld1Bhc3NJZHBQYXJhbXMsXHJcbiAgICAgICAgICBSZWNvdmVyeVN0YXR1cy5ORVdfUEFTU1dPUkRcclxuICAgICAgICApO1xyXG4gICAgICAgIC8vIE5ldyBwYXNzd29yZCB3b3JrZWQuIExldCdzIHNldCB0byB0aGUgY3VycmVudCBwYXNzd29yZFxyXG5cclxuICAgICAgICAvLyAtLVBvdGVudGlhbCBGYWlsdXJlIFBvaW50IDEtLVxyXG4gICAgICAgIC8vIGlmIGNoYW5nZVBhc3N3b3JkQ29tcGxldGUoKSBkb2Vzbid0IGdldCBjYWxsZWQsIHRoZW4gaXQgc2hvdWxkIHJlbWFpblxyXG5cclxuICAgICAgICBjb25zb2xlLmxvZygnTmV3IHBhc3N3b3JkIHdvcmtzIScpO1xyXG5cclxuICAgICAgICByZXR1cm4gdXNlcjtcclxuICAgICAgfSBjYXRjaCAoZXJyb3IpIHtcclxuICAgICAgICAvLyBKdXN0IGJ1YmJsZSB1cCBhbnkgb3RoZXIgdHlwZSBvZiBlcnJvci5cclxuICAgICAgICBpZiAoZXJyb3IuY29kZSAhPT0gJ05vdEF1dGhvcml6ZWRFeGNlcHRpb24nKSB7XHJcbiAgICAgICAgICB0aHJvdyBlcnJvcjtcclxuICAgICAgICB9XHJcbiAgICAgICAgLy8gcGFzcywgdHJ5IGFnYWluIGFzc3VtaW5nIGl0J3MgdGhlIG9sZCBwYXNzd29yZFxyXG4gICAgICB9XHJcblxyXG4gICAgICAvLyBOb3cgYXNzdW1lIGl0J3MgdGhlIHByZXZpb3VzIHBhc3N3b3JkLiBBbnkgZXhjZXB0aW9uIGlzIGFsbG93ZWQgdG8gYnViYmxlIHVwLlxyXG4gICAgICB0cnkge1xyXG4gICAgICAgIGNvbnN0IHVzZXIgPSBhd2FpdCB0aGlzLmxvZ2luSWRwSW1wbChcclxuICAgICAgICAgIGVtYWlsT3JQaG9uZSxcclxuICAgICAgICAgIHBhc3N3b3JkLFxyXG4gICAgICAgICAgcGFzc0lkcEFwaVJlc3VsdC5jdXJyZW50UGFzc0lkcFBhcmFtcyxcclxuICAgICAgICAgIFJlY292ZXJ5U3RhdHVzLk9MRF9QQVNTV09SRFxyXG4gICAgICAgICk7XHJcbiAgICAgICAgLy8gT2xkIHBhc3N3b3JkIHdvcmtlZC5cclxuICAgICAgICBjb25zb2xlLmxvZygnT2xkIHBhc3N3b3JkIHdvcmtzIScpO1xyXG5cclxuICAgICAgICByZXR1cm4gdXNlcjtcclxuICAgICAgfSBjYXRjaCAoZXJyb3IpIHtcclxuICAgICAgICAvLyBKdXN0IGJ1YmJsZSB1cCBhbnkgb3RoZXIgdHlwZSBvZiBlcnJvci5cclxuICAgICAgICB0aHJvdyBlcnJvci5jb2RlID09PSAnTm90QXV0aG9yaXplZEV4Y2VwdGlvbidcclxuICAgICAgICAgID8gbmV3IExyQmFkUmVxdWVzdEV4Y2VwdGlvbihcclxuICAgICAgICAgICAgICAnVGhlIHBhc3N3b3JkIGNoYW5nZSByZXF1ZXN0IHdhcyBpbnRlcnJ1cHRlZCwgcGxlYXNlIHRyeSB0byBsb2dpbiB3aXRoIGJvdGggeW91ciBuZXcgYW5kIG9sZCBwYXNzd29yZCdcclxuICAgICAgICAgICAgKVxyXG4gICAgICAgICAgOiBlcnJvcjtcclxuICAgICAgfVxyXG4gICAgfVxyXG5cclxuICAgIC8vIFRyeSBhZ2FpbnN0IGFzIHRoZSBUUCBwYXNzd29yZCByZXNldCBhY2NvdW50XHJcbiAgICBpZiAocGFzc0lkcEFwaVJlc3VsdC50cFBhc3N3b3JkUmVzZXQpIHtcclxuICAgICAgdHJ5IHtcclxuICAgICAgICAvLyBUUCBwYXNzd29yZCByZXNldCBpcyBpbiBwcm9jZXNzLiBXZSBuZWVkIHRvIHRyeSB0aGUgcGFzc3dvcmQgYWdhaW5zdCBib3RoXHJcbiAgICAgICAgLy8gb3JpZ2luYWwgYWNjb3VudCBhbmQgdGhlIG5ldyByZXNldCBhY2NvdW50LlxyXG4gICAgICAgIGNvbnN0IHJlc2V0ID0gcGFzc0lkcEFwaVJlc3VsdC50cFBhc3N3b3JkUmVzZXQ7XHJcbiAgICAgICAgY29uc3QgcmV0ID0gYXdhaXQgdGhpcy5sb2dpbklkcEltcGwoXHJcbiAgICAgICAgICByZXNldC5yZXNldFVzZXJuYW1lLFxyXG4gICAgICAgICAgcGFzc3dvcmQsXHJcbiAgICAgICAgICByZXNldC5wYXNzSWRwUGFyYW1zLFxyXG4gICAgICAgICAgUmVjb3ZlcnlTdGF0dXMuTk9ORVxyXG4gICAgICAgICk7XHJcbiAgICAgICAgcmV0LmlzVHBQYXNzd29yZFJlc2V0VXNlciA9IHRydWU7XHJcblxyXG4gICAgICAgIHJldHVybiByZXQ7XHJcbiAgICAgIH0gY2F0Y2ggKGVycikge1xyXG4gICAgICAgIC8vIGNvbnRpbnVlLCB0cnkgYWdhaW4gYXMgcmVndWxhciB1c2VyLlxyXG4gICAgICB9XHJcbiAgICB9XHJcblxyXG4gICAgLy8gTG9naW4gYXMgcmVndWxhciB1c2VyXHJcbiAgICByZXR1cm4gYXdhaXQgdGhpcy5sb2dpbklkcEltcGwoXHJcbiAgICAgIGVtYWlsT3JQaG9uZSxcclxuICAgICAgcGFzc3dvcmQsXHJcbiAgICAgIHBhc3NJZHBBcGlSZXN1bHQuY3VycmVudFBhc3NJZHBQYXJhbXMsXHJcbiAgICAgIFJlY292ZXJ5U3RhdHVzLk5PTkVcclxuICAgICk7XHJcbiAgfVxyXG5cclxuICBwcm90ZWN0ZWQgYXN5bmMgaGFuZGxlU2Vzc2lvbkVuY3J5cHRpb25LZXkoKSB7XHJcbiAgICBpZiAodGhpcy5jb25maWcuZGlzYWJsZVNlc3Npb25FbmNyeXB0aW9uS2V5KSB7XHJcbiAgICAgIGlmICghaXNEZXZNb2RlKCkpIHtcclxuICAgICAgICBjb25zdCBtc2cgPVxyXG4gICAgICAgICAgJ1lvdSBzaG91bGQgbm90IHNldCBkaXNhYmxlU2Vzc2lvbkVuY3J5cHRpb25LZXk9VHJ1ZSBpbiBtb2RlIHByb2QuIEl0IGRlZmF1bHRzIHRvIGZhbHNlLic7XHJcbiAgICAgICAgY29uc29sZS5lcnJvcihtc2cpO1xyXG4gICAgICAgIHRocm93IG5ldyBFcnJvcihtc2cpO1xyXG4gICAgICB9IGVsc2Uge1xyXG4gICAgICAgIGNvbnNvbGUud2FybihcclxuICAgICAgICAgICdZb3UgaGF2ZSBzZXQgZGlzYWJsZVNlc3Npb25FbmNyeXB0aW9uS2V5PVRydWUuIE1ha2Ugc3VyZSBub3QgdG8gZG8gdGhpcyBpbiBwcm9kIG1vZGUuJ1xyXG4gICAgICAgICk7XHJcbiAgICAgIH1cclxuICAgIH0gZWxzZSB7XHJcbiAgICAgIC8vIFNldCB0aGUgc2Vzc2lvbiBrZXkgdG8gYSBuZXcgZW5jcnlwdGlvbiBrZXkgZm9yIHRoaXMgc2Vzc2lvblxyXG4gICAgICBjb25zdCBzZXNzaW9uRW5jcnlwdGlvbktleSA9IGF3YWl0IHRoaXMua2V5RmFjdG9yeS5jcmVhdGVLZXkoKTtcclxuICAgICAgYXdhaXQgdGhpcy5sckdyYXBoUUwubHJNdXRhdGUoXHJcbiAgICAgICAgbmV3IExyTXV0YXRpb24oe1xyXG4gICAgICAgICAgbXV0YXRpb246IFNldFNlc3Npb25FbmNyeXB0aW9uS2V5TXV0YXRpb24sXHJcbiAgICAgICAgICB2YXJpYWJsZXM6IHtcclxuICAgICAgICAgICAgaW5wdXQ6IHtcclxuICAgICAgICAgICAgICBzZXNzaW9uRW5jcnlwdGlvbktleTogSlNPTi5zdHJpbmdpZnkoXHJcbiAgICAgICAgICAgICAgICBzZXNzaW9uRW5jcnlwdGlvbktleS50b0pTT04odHJ1ZSlcclxuICAgICAgICAgICAgICApLFxyXG4gICAgICAgICAgICB9LFxyXG4gICAgICAgICAgfSxcclxuICAgICAgICB9KSxcclxuICAgICAgICB7XHJcbiAgICAgICAgICBpbmNsdWRlS2V5R3JhcGg6IGZhbHNlLFxyXG4gICAgICAgIH1cclxuICAgICAgKTtcclxuXHJcbiAgICAgIHRoaXMucGVyc2lzdFNlcnZpY2Uuc2V0U2VydmVyU2Vzc2lvbkVuY3J5cHRpb25LZXkoc2Vzc2lvbkVuY3J5cHRpb25LZXkpO1xyXG4gICAgfVxyXG4gIH1cclxuXHJcbiAgcHJvdGVjdGVkIGFzeW5jIGhhbmRsZVBvc3RBdXRoKGNvZ25pdG9Vc2VyOiBDb2duaXRvQ2hhbGxlbmdlVXNlcikge1xyXG4gICAgYXdhaXQgdGhpcy5oYW5kbGVQYXNzd29yZFJlY292ZXJ5KGNvZ25pdG9Vc2VyKTtcclxuICAgIGF3YWl0IHRoaXMuaGFuZGxlU2Vzc2lvbkVuY3J5cHRpb25LZXkoKTtcclxuICB9XHJcblxyXG4gIHB1YmxpYyBhc3luYyBsb2dpbihcclxuICAgIGVtYWlsT3JQaG9uZTogc3RyaW5nLFxyXG4gICAgcGFzc3dvcmQ6IHN0cmluZyxcclxuICAgIHsgdHBQYXNzd29yZFJlc2V0QXV0b0NvbXBsZXRlID0gdHJ1ZSB9OiBMb2dpbk9wdGlvbnMgPSB7fVxyXG4gICkge1xyXG4gICAgbGV0IGxvZ2luUmVzdWx0ID0gYXdhaXQgdGhpcy5sb2dpbkltcGwoZW1haWxPclBob25lLCBwYXNzd29yZCk7XHJcblxyXG4gICAgaWYgKFxyXG4gICAgICB0cFBhc3N3b3JkUmVzZXRBdXRvQ29tcGxldGUgJiZcclxuICAgICAgbG9naW5SZXN1bHQucmVzZXRVc2VyPy5zdGF0ZSA9PT0gVHBDbGFpbVN0YXRlLkFQUFJPVkVEXHJcbiAgICApIHtcclxuICAgICAgYXdhaXQgdGhpcy5jb21wbGV0ZVJlcXVlc3QocGFzc3dvcmQpO1xyXG4gICAgICBsb2dpblJlc3VsdCA9IGF3YWl0IHRoaXMubG9naW5JbXBsKGVtYWlsT3JQaG9uZSwgcGFzc3dvcmQpO1xyXG4gICAgfVxyXG5cclxuICAgIHJldHVybiBsb2dpblJlc3VsdDtcclxuICB9XHJcblxyXG4gIHB1YmxpYyBhc3luYyBsb2dpbkltcGwoXHJcbiAgICBlbWFpbE9yUGhvbmU6IHN0cmluZyxcclxuICAgIHBhc3N3b3JkOiBzdHJpbmdcclxuICApOiBQcm9taXNlPExvZ2luUmVzdWx0PiB7XHJcbiAgICBhd2FpdCB0aGlzLmxvZ291dCgpO1xyXG4gICAgY29uc3QgY29nbml0b1VzZXIgPSBhd2FpdCB0aGlzLmxvZ2luSWRwKGVtYWlsT3JQaG9uZSwgcGFzc3dvcmQpO1xyXG5cclxuICAgIC8vIHRvZG86IE1lZXQgTUZBIGNoYWxsZW5nZXMuXHJcbiAgICBpZiAoWydTTVNfTUZBJywgJ1NPRlRXQVJFX1RPS0VOX01GQSddLmluY2x1ZGVzKGNvZ25pdG9Vc2VyLmNoYWxsZW5nZU5hbWUpKSB7XHJcbiAgICAgIHJldHVybiB7IGhhc0NoYWxsZW5nZTogdHJ1ZSwgY2hhbGxlbmdlOiBjb2duaXRvVXNlciB9O1xyXG4gICAgfVxyXG5cclxuICAgIGF3YWl0IHRoaXMuaGFuZGxlUG9zdEF1dGgoY29nbml0b1VzZXIpO1xyXG5cclxuICAgIGlmIChjb2duaXRvVXNlci5pc1RwUGFzc3dvcmRSZXNldFVzZXIpIHtcclxuICAgICAgLy8gQXNzdW1pbmcgdGhlcmUgaXMgbm8gTUZBIG9uIHRoZSBUUCByZXNldCB1c2VyLlxyXG4gICAgICBjb25zdCByZXNldFVzZXIgPSBhd2FpdCB0aGlzLmxvYWRSZXNldFVzZXIocGFzc3dvcmQpO1xyXG4gICAgICByZXR1cm4geyBoYXNDaGFsbGVuZ2U6IGZhbHNlLCByZXNldFVzZXIgfTtcclxuICAgIH0gZWxzZSB7XHJcbiAgICAgIGNvbnN0IHVzZXIgPSBhd2FpdCB0aGlzLmxvYWRVc2VyKGNvZ25pdG9Vc2VyLCBwYXNzd29yZCk7XHJcbiAgICAgIGF3YWl0IHRoaXMuaWRsZVNlcnZpY2Uuc3RhcnQoKTsgLy8gUnVuIGlkbGVTZXJ2aWNlIHdoZW5ldmVyIHVzZXIgaXMgbG9nZ2VkIGluLlxyXG4gICAgICByZXR1cm4geyBoYXNDaGFsbGVuZ2U6IGZhbHNlLCB1c2VyIH07XHJcbiAgICB9XHJcbiAgfVxyXG5cclxuICAvLyBUT0RPIDxBWj4gV2UgbmVlZCB0byBoYW5kbGUgdGhlIGlzVHBQYXNzd29yZFJlc2V0VXNlcj1UcnVlIGNhc2UgaGVyZSBhZnRlciBNRkEgYXMgd2VsbC5cclxuICBwdWJsaWMgYXN5bmMgdmVyaWZ5TG9naW4oXHJcbiAgICBjaGFsbGVuZ2U6IENvZ25pdG9DaGFsbGVuZ2VVc2VyLFxyXG4gICAgcGFzc3dvcmQ6IHN0cmluZyxcclxuICAgIHJlbWVtYmVyTWU6IGJvb2xlYW4sXHJcbiAgICBjb2RlOiBzdHJpbmdcclxuICApOiBQcm9taXNlPEN1cnJlbnRVc2VyPiB7XHJcbiAgICBhd2FpdCB0aGlzLmF1dGguY29uZmlybVNpZ25JbihjaGFsbGVuZ2UsIGNvZGUsIGNoYWxsZW5nZS5jaGFsbGVuZ2VOYW1lKTtcclxuXHJcbiAgICAvLyBUT0RPOiB0aGlzLmF1dGguY29uZmlybVNpZ25JbigpIGNvdWxkIHJldHVybiBhbm90aGVyIGNoYWxsZW5nZS5cclxuXHJcbiAgICBjb25zdCBjb2duaXRvVXNlcjogQ29nbml0b1VzZXIgPSBhd2FpdCB0aGlzLmF1dGguY3VycmVudEF1dGhlbnRpY2F0ZWRVc2VyKCk7XHJcblxyXG4gICAgYXdhaXQgdGhpcy5oYW5kbGVQb3N0QXV0aChjaGFsbGVuZ2UpO1xyXG5cclxuICAgIGNvbnN0IHVzZXIgPSBhd2FpdCB0aGlzLmxvYWRVc2VyKGNvZ25pdG9Vc2VyLCBwYXNzd29yZCk7XHJcblxyXG4gICAgaWYgKHJlbWVtYmVyTWUpIHtcclxuICAgICAgY29nbml0b1VzZXIuc2V0RGV2aWNlU3RhdHVzUmVtZW1iZXJlZCh7XHJcbiAgICAgICAgb25TdWNjZXNzOiAoKSA9PiB7fSxcclxuICAgICAgICBvbkZhaWx1cmU6IChlKSA9PiBjb25zb2xlLmVycm9yKGUpLFxyXG4gICAgICB9KTtcclxuICAgIH1cclxuXHJcbiAgICByZXR1cm4gdXNlcjtcclxuICB9XHJcblxyXG4gIGFzeW5jIGhhbmRsZVBhc3N3b3JkUmVjb3ZlcnkodXNlcjogQ29nbml0b0NoYWxsZW5nZVVzZXIpIHtcclxuICAgIGlmICh1c2VyLnJlY292ZXJ5U3RhdHVzICE9PSBSZWNvdmVyeVN0YXR1cy5OT05FKSB7XHJcbiAgICAgIGNvbnN0IGp3dFRva2VuID0gdXNlclxyXG4gICAgICAgIC5nZXRTaWduSW5Vc2VyU2Vzc2lvbigpXHJcbiAgICAgICAgLmdldEFjY2Vzc1Rva2VuKClcclxuICAgICAgICAuZ2V0Snd0VG9rZW4oKTtcclxuICAgICAgYXdhaXQgdGhpcy5wYXNzd29yZFNlcnZpY2UuY2hhbmdlUGFzc3dvcmRDb21wbGV0ZShcclxuICAgICAgICBqd3RUb2tlbixcclxuICAgICAgICB1c2VyLnJlY292ZXJ5U3RhdHVzID09PSBSZWNvdmVyeVN0YXR1cy5ORVdfUEFTU1dPUkRcclxuICAgICAgKTtcclxuICAgIH1cclxuICB9XHJcblxyXG4gIGFzeW5jIGdldFVzZXJPclJlc2V0VXNlcihcclxuICAgIHJlbG9hZDogYm9vbGVhbiA9IGZhbHNlXHJcbiAgKTogUHJvbWlzZTxDdXJyZW50VXNlciB8IFRwUGFzc3dvcmRSZXNldFVzZXI+IHtcclxuICAgIGNvbnN0IGNvZ25pdG9Vc2VyID0gYXdhaXQgdGhpcy5hdXRoLmN1cnJlbnRBdXRoZW50aWNhdGVkVXNlcigpO1xyXG5cclxuICAgIGlmIChjb2duaXRvVXNlci5nZXRVc2VybmFtZSgpLmVuZHNXaXRoKFRQX1BBU1NXT1JEX1JFU0VUX1VTRVJOQU1FX1NVRkZJWCkpIHtcclxuICAgICAgcmV0dXJuIHRoaXMuZ2V0UmVzZXRVc2VyKHJlbG9hZCk7XHJcbiAgICB9IGVsc2Uge1xyXG4gICAgICByZXR1cm4gdGhpcy5nZXRVc2VyKHJlbG9hZCk7XHJcbiAgICB9XHJcbiAgfVxyXG5cclxuICBhc3luYyBnZXRSZXNldFVzZXIocmVsb2FkOiBib29sZWFuID0gZmFsc2UpOiBQcm9taXNlPFRwUGFzc3dvcmRSZXNldFVzZXI+IHtcclxuICAgIGlmICghcmVsb2FkICYmIHRoaXMuY3VycmVudFJlc2V0VXNlcikge1xyXG4gICAgICByZXR1cm4gdGhpcy5jdXJyZW50UmVzZXRVc2VyO1xyXG4gICAgfVxyXG5cclxuICAgIHRoaXMuY3VycmVudFJlc2V0VXNlciA9IGF3YWl0IHRoaXMubG9hZFJlc2V0VXNlcigpO1xyXG5cclxuICAgIGF3YWl0IHRoaXMuaWRsZVNlcnZpY2Uuc3RhcnQoKTsgLy8gUnVuIGlkbGVTZXJ2aWNlIHdoZW5ldmVyIHVzZXIgaXMgbG9nZ2VkIGluLlxyXG5cclxuICAgIHJldHVybiB0aGlzLmN1cnJlbnRSZXNldFVzZXI7XHJcbiAgfVxyXG5cclxuICBhc3luYyBnZXRVc2VyKHJlbG9hZDogYm9vbGVhbiA9IGZhbHNlKTogUHJvbWlzZTxDdXJyZW50VXNlcj4ge1xyXG4gICAgaWYgKCFyZWxvYWQgJiYgdGhpcy5jdXJyZW50VXNlcikge1xyXG4gICAgICByZXR1cm4gdGhpcy5jdXJyZW50VXNlcjtcclxuICAgIH1cclxuICAgIHRoaXMuY3VycmVudFVzZXIgPSBhd2FpdCB0aGlzLmxvYWRVc2VyKFxyXG4gICAgICBhd2FpdCB0aGlzLmF1dGguY3VycmVudEF1dGhlbnRpY2F0ZWRVc2VyKClcclxuICAgICk7XHJcbiAgICBjb25zb2xlLmxvZygnU3RhcnRpbmcgaWRsZSBzZXJ2aWNlLicpO1xyXG4gICAgYXdhaXQgdGhpcy5pZGxlU2VydmljZS5zdGFydCgpOyAvLyBSdW4gaWRsZVNlcnZpY2Ugd2hlbmV2ZXIgdXNlciBpcyBsb2dnZWQgaW4uXHJcbiAgICByZXR1cm4gdGhpcy5jdXJyZW50VXNlcjtcclxuICB9XHJcblxyXG4gIHByaXZhdGUgbWFwVFBWYXVsdEFjY2VzcyhmZWF0dXJlcz86IGFueSk6IGJvb2xlYW4ge1xyXG4gICAgY29uc3QgdHBWYXVsdEZlYXR1cmUgPSBmZWF0dXJlcz8udHBWYXVsdDtcclxuICAgIHJldHVybiAoXHJcbiAgICAgIHRwVmF1bHRGZWF0dXJlPy5sZW5ndGggPiAwICYmXHJcbiAgICAgIHRwVmF1bHRGZWF0dXJlLnNvbWUoKGZlYXR1cmUpID0+IGZlYXR1cmUudG9VcHBlckNhc2UoKSA9PT0gJ0FDQ0VTUycpXHJcbiAgICApO1xyXG4gIH1cclxuXHJcbiAgcHJpdmF0ZSBhc3luYyBsb2FkVXNlcihcclxuICAgIGNvZ25pdG9Vc2VyOiBDb2duaXRvVXNlcixcclxuICAgIHBhc3N3b3JkPzogc3RyaW5nXHJcbiAgKTogUHJvbWlzZTxDdXJyZW50VXNlcj4ge1xyXG4gICAgY29uc3Qge1xyXG4gICAgICBjdXJyZW50VXNlcixcclxuICAgICAgY29udGFjdENhcmQsXHJcbiAgICAgIHVzZXJQbGFucyxcclxuICAgIH0gPSBhd2FpdCB0aGlzLnByb2ZpbGVTZXJ2aWNlLmdldEN1cnJlbnRVc2VyKCk7XHJcblxyXG4gICAgaWYgKGN1cnJlbnRVc2VyLnNlc3Npb25FbmNyeXB0aW9uS2V5KSB7XHJcbiAgICAgIHRoaXMucGVyc2lzdFNlcnZpY2Uuc2V0U2VydmVyU2Vzc2lvbkVuY3J5cHRpb25LZXkoXHJcbiAgICAgICAgYXdhaXQgSldLLmFzS2V5KGN1cnJlbnRVc2VyLnNlc3Npb25FbmNyeXB0aW9uS2V5KVxyXG4gICAgICApO1xyXG4gICAgfVxyXG5cclxuICAgIGNvbnN0IHVzZXJBdHRyaWJ1dGVzID0gYXdhaXQgdGhpcy5hdXRoLnVzZXJBdHRyaWJ1dGVzKGNvZ25pdG9Vc2VyKTtcclxuXHJcbiAgICBpZiAocGFzc3dvcmQpIHtcclxuICAgICAgY29uc3QgcGFzc0tleSA9IChcclxuICAgICAgICBhd2FpdCB0aGlzLmtleUZhY3RvcnkuZGVyaXZlUGFzc0tleSh7XHJcbiAgICAgICAgICBwYXNzd29yZCxcclxuICAgICAgICAgIC4uLmN1cnJlbnRVc2VyLmN1cnJlbnRVc2VyS2V5LnBhc3NLZXkucGFzc0tleVBhcmFtcyxcclxuICAgICAgICB9KVxyXG4gICAgICApLmp3aztcclxuXHJcbiAgICAgIGF3YWl0IHRoaXMuaWRsZVNlcnZpY2UucGVyc2lzdE1hc3RlcktleShcclxuICAgICAgICBhd2FpdCB0aGlzLmtleUdyYXBoU2VydmljZS51bndyYXBXaXRoUGFzc0tleShcclxuICAgICAgICAgIGN1cnJlbnRVc2VyLmN1cnJlbnRVc2VyS2V5LnBhc3NLZXkuaWQsXHJcbiAgICAgICAgICBwYXNzS2V5LFxyXG4gICAgICAgICAgY3VycmVudFVzZXIuY3VycmVudFVzZXJLZXkubWFzdGVyS2V5LmlkXHJcbiAgICAgICAgKVxyXG4gICAgICApO1xyXG4gICAgfVxyXG4gICAgYXdhaXQgdGhpcy5rZXlHcmFwaFNlcnZpY2UucG9wdWxhdGVLZXlzKGN1cnJlbnRVc2VyLmN1cnJlbnRVc2VyS2V5KTtcclxuXHJcbiAgICByZXR1cm4ge1xyXG4gICAgICBpZDogY3VycmVudFVzZXIuaWQsXHJcbiAgICAgIHN1YjogdGhpcy5nZXRVc2VyQXR0cmlidXRlKCdzdWInLCB1c2VyQXR0cmlidXRlcyksXHJcbiAgICAgIHVzZXJuYW1lOiBjdXJyZW50VXNlci51c2VybmFtZSxcclxuICAgICAgY3VycmVudFVzZXJLZXk6IGN1cnJlbnRVc2VyLmN1cnJlbnRVc2VyS2V5LFxyXG4gICAgICBnZXRBY2Nlc3NKd3RUb2tlbjogKCkgPT5cclxuICAgICAgICBjb2duaXRvVXNlci5nZXRTaWduSW5Vc2VyU2Vzc2lvbigpLmdldEFjY2Vzc1Rva2VuKCkuZ2V0Snd0VG9rZW4oKSxcclxuICAgICAgZW1haWw6IHRoaXMuZ2V0VXNlckF0dHJpYnV0ZSgnZW1haWwnLCB1c2VyQXR0cmlidXRlcyksXHJcbiAgICAgIGVtYWlsVmVyaWZpZWQ6XHJcbiAgICAgICAgdGhpcy5nZXRVc2VyQXR0cmlidXRlKCdlbWFpbF92ZXJpZmllZCcsIHVzZXJBdHRyaWJ1dGVzKSA9PT0gJ3RydWUnLFxyXG4gICAgICBwaG9uZTogdGhpcy5nZXRVc2VyQXR0cmlidXRlKCdwaG9uZV9udW1iZXInLCB1c2VyQXR0cmlidXRlcyksXHJcbiAgICAgIHBob25lVmVyaWZpZWQ6XHJcbiAgICAgICAgdGhpcy5nZXRVc2VyQXR0cmlidXRlKCdwaG9uZV9udW1iZXJfdmVyaWZpZWQnLCB1c2VyQXR0cmlidXRlcykgPT09XHJcbiAgICAgICAgJ3RydWUnLFxyXG4gICAgICBjb250YWN0Q2FyZDoge1xyXG4gICAgICAgIC4uLihhd2FpdCB0aGlzLnByb2ZpbGVTZXJ2aWNlLmRlY3J5cHRDb250YWN0Q2FyZChjb250YWN0Q2FyZCkpLFxyXG4gICAgICB9LFxyXG4gICAgICB1c2VyRGVsZXRlOiBjdXJyZW50VXNlci51c2VyRGVsZXRlLFxyXG4gICAgICB1c2VyUGxhbnMsXHJcbiAgICAgIGhhc1RQVmF1bHRBY2Nlc3M6IHRoaXMubWFwVFBWYXVsdEFjY2VzcyhjdXJyZW50VXNlci5mZWF0dXJlcyksXHJcbiAgICAgIGZlYXR1cmVzOiBjdXJyZW50VXNlci5mZWF0dXJlcyxcclxuICAgICAgc2Vzc2lvbkVuY3J5cHRpb25LZXk6IGN1cnJlbnRVc2VyLnNlc3Npb25FbmNyeXB0aW9uS2V5LFxyXG4gICAgfTtcclxuICB9XHJcblxyXG4gIHB1YmxpYyB3YXRjaEF1dGgoKTogT2JzZXJ2YWJsZTxhbnk+IHtcclxuICAgIHJldHVybiB0aGlzLmh1YlN1YmplY3Q7XHJcbiAgfVxyXG5cclxuICBwdWJsaWMgYXN5bmMgbG9nb3V0KCk6IFByb21pc2U8dm9pZD4ge1xyXG4gICAgdGhpcy5jdXJyZW50VXNlciA9IG51bGw7XHJcbiAgICB0aGlzLmtleVNlcnZpY2UucHVyZ2VLZXlzKCk7XHJcbiAgICB0aGlzLmtleUdyYXBoU2VydmljZS5wdXJnZUtleXMoKTtcclxuXHJcbiAgICBhd2FpdCBQcm9taXNlLmFsbChbdGhpcy5hdXRoLnNpZ25PdXQoKSwgdGhpcy5wcm9maWxlU2VydmljZS5zaWduT3V0KCldKTtcclxuICB9XHJcblxyXG4gIHByaXZhdGUgZ2V0VXNlckF0dHJpYnV0ZShcclxuICAgIGF0dHJpYnV0ZU5hbWU6IHN0cmluZyxcclxuICAgIHVzZXJBdHRyaWJ1dGVzOiBDb2duaXRvVXNlckF0dHJpYnV0ZVtdXHJcbiAgKSB7XHJcbiAgICBjb25zdCB1c2VyQXR0cmlidXRlID0gdXNlckF0dHJpYnV0ZXMuZmluZChcclxuICAgICAgKHgpID0+IHguZ2V0TmFtZSgpID09PSBhdHRyaWJ1dGVOYW1lXHJcbiAgICApO1xyXG5cclxuICAgIHJldHVybiB1c2VyQXR0cmlidXRlID8gdXNlckF0dHJpYnV0ZS5nZXRWYWx1ZSgpIDogbnVsbDtcclxuICB9XHJcblxyXG4gIHB1YmxpYyBhc3luYyBsb2FkUmVzZXRVc2VyKHBhc3N3b3JkPzogc3RyaW5nKTogUHJvbWlzZTxUcFBhc3N3b3JkUmVzZXRVc2VyPiB7XHJcbiAgICBjb25zdCB7IHRwUGFzc3dvcmRSZXNldFVzZXI6IHJlc2V0VXNlciB9ID0gYXdhaXQgdGhpcy5sckdyYXBoUUwucXVlcnkoe1xyXG4gICAgICBxdWVyeTogVHBQYXNzd29yZFJlc2V0VXNlclF1ZXJ5LFxyXG4gICAgfSk7XHJcblxyXG4gICAgaWYgKHJlc2V0VXNlci5zZXNzaW9uRW5jcnlwdGlvbktleSkge1xyXG4gICAgICB0aGlzLnBlcnNpc3RTZXJ2aWNlLnNldFNlcnZlclNlc3Npb25FbmNyeXB0aW9uS2V5KFxyXG4gICAgICAgIGF3YWl0IEpXSy5hc0tleShyZXNldFVzZXIuc2Vzc2lvbkVuY3J5cHRpb25LZXkpXHJcbiAgICAgICk7XHJcbiAgICB9XHJcblxyXG4gICAgLy8gVXBkYXRlIHRoZSBrZXlzXHJcbiAgICBpZiAocGFzc3dvcmQpIHtcclxuICAgICAgY29uc3QgcGFzc0tleSA9IChcclxuICAgICAgICBhd2FpdCB0aGlzLmtleUZhY3RvcnkuZGVyaXZlUGFzc0tleSh7XHJcbiAgICAgICAgICBwYXNzd29yZCxcclxuICAgICAgICAgIC4uLnJlc2V0VXNlci5wYXNzS2V5LnBhc3NLZXlQYXJhbXMsXHJcbiAgICAgICAgfSlcclxuICAgICAgKS5qd2s7XHJcblxyXG4gICAgICBhd2FpdCB0aGlzLmlkbGVTZXJ2aWNlLnBlcnNpc3RNYXN0ZXJLZXkoXHJcbiAgICAgICAgYXdhaXQgdGhpcy5rZXlHcmFwaFNlcnZpY2UudW53cmFwV2l0aFBhc3NLZXkoXHJcbiAgICAgICAgICByZXNldFVzZXIucGFzc0tleS5pZCxcclxuICAgICAgICAgIHBhc3NLZXksXHJcbiAgICAgICAgICByZXNldFVzZXIubWFzdGVyS2V5LmlkXHJcbiAgICAgICAgKVxyXG4gICAgICApO1xyXG4gICAgfVxyXG5cclxuICAgIHRoaXMua2V5U2VydmljZS5wb3B1bGF0ZUtleXMoe1xyXG4gICAgICBwYXNzS2V5OiB7XHJcbiAgICAgICAgaWQ6IHJlc2V0VXNlci5wYXNzS2V5LmlkLFxyXG4gICAgICB9LFxyXG4gICAgICBtYXN0ZXJLZXk6IHtcclxuICAgICAgICBpZDogcmVzZXRVc2VyLm1hc3RlcktleS5pZCxcclxuICAgICAgfSxcclxuICAgIH0pO1xyXG5cclxuICAgIGNvbnN0IHVzZXJBdHRyaWJ1dGVzID0gYXdhaXQgdGhpcy5hdXRoLnVzZXJBdHRyaWJ1dGVzKFxyXG4gICAgICBhd2FpdCB0aGlzLmF1dGguY3VycmVudEF1dGhlbnRpY2F0ZWRVc2VyKClcclxuICAgICk7XHJcbiAgICBjb25zdCBzdWIgPSB0aGlzLmdldFVzZXJBdHRyaWJ1dGUoJ3N1YicsIHVzZXJBdHRyaWJ1dGVzKTtcclxuXHJcbiAgICByZXR1cm4ge1xyXG4gICAgICAuLi4oYXdhaXQgdGhpcy50cFBhc3N3b3JkUmVzZXRQcm9jZXNzb3JTZXJ2aWNlLnByb2Nlc3NUcFBhc3N3b3JkUmVzZXRVc2VyTm9kZShcclxuICAgICAgICByZXNldFVzZXJcclxuICAgICAgKSksXHJcbiAgICAgIHN1YixcclxuICAgIH07XHJcbiAgfVxyXG5cclxuICBwdWJsaWMgYXN5bmMgcmVmcmVzaEFjY2Vzc1Rva2VuKCkge1xyXG4gICAgY29uc3QgY29nbml0b1VzZXI6IENvZ25pdG9Vc2VyID0gYXdhaXQgdGhpcy5hdXRoLmN1cnJlbnRBdXRoZW50aWNhdGVkVXNlcigpO1xyXG4gICAgY29uc3QgcmVmcmVzaFRva2VuID0gY29nbml0b1VzZXIuZ2V0U2lnbkluVXNlclNlc3Npb24oKS5nZXRSZWZyZXNoVG9rZW4oKTtcclxuXHJcbiAgICByZXR1cm4gbmV3IFByb21pc2UoKHJlc29sdmUsIHJlamVjdCkgPT4ge1xyXG4gICAgICBjb2duaXRvVXNlci5yZWZyZXNoU2Vzc2lvbihyZWZyZXNoVG9rZW4sIChlcnIsIGRhdGEpID0+IHtcclxuICAgICAgICBpZiAoZXJyKSB7XHJcbiAgICAgICAgICBjb25zb2xlLmVycm9yKCdFcnJvciByZWZyZXNoaW5nIHRva2VuOiAnLCBlcnIpO1xyXG4gICAgICAgICAgcmVqZWN0KGVycik7XHJcbiAgICAgICAgfSBlbHNlIHtcclxuICAgICAgICAgIGNvbnNvbGUubG9nKCdUb2tlbiByZWZyZXNoIGNvbXBsZXRlOiAnLCBkYXRhKTtcclxuICAgICAgICAgIHJlc29sdmUoMCk7XHJcbiAgICAgICAgfVxyXG4gICAgICB9KTtcclxuICAgIH0pO1xyXG4gIH1cclxuXHJcbiAgYXN5bmMgY29tcGxldGVSZXF1ZXN0KG5ld1Bhc3N3b3JkOiBzdHJpbmcpOiBQcm9taXNlPHZvaWQ+IHtcclxuICAgIGNvbnN0IHJlc2V0VXNlciA9IGF3YWl0IHRoaXMuZ2V0UmVzZXRVc2VyKHRydWUpO1xyXG5cclxuICAgIGlmIChyZXNldFVzZXIuc3RhdGUgIT09IFRwQ2xhaW1TdGF0ZS5BUFBST1ZFRCkge1xyXG4gICAgICB0aHJvdyBuZXcgTHJCYWRTdGF0ZUV4Y2VwdGlvbihcclxuICAgICAgICAnUGFzc3dvcmQgcmVzZXQgcmVxdWVzdCBoYXMgbm90IGJlZW4gYXBwcm92ZWQuJ1xyXG4gICAgICApO1xyXG4gICAgfVxyXG5cclxuICAgIC8vIC0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tXHJcbiAgICAvLyBQcmVwYXJlIGFsbCBtYXRlcmlhbHMgdG8gZW5zdXJlIHRoZXJlIGFyZSBubyBlcnJvcnMuXHJcbiAgICAvLyAtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLVxyXG4gICAgY29uc3QgYXNzZW1ibHlLZXkgPSBhd2FpdCB0aGlzLnJlY292ZXJBc3NlbWJseUtleShyZXNldFVzZXIpO1xyXG5cclxuICAgIGNvbnN0IHsgcm9vdEtleSB9ID0gYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5kZWNyeXB0KFxyXG4gICAgICBhc3NlbWJseUtleSxcclxuICAgICAgcmVzZXRVc2VyLmFzc2VtYmx5Q2lwaGVyRGF0YVxyXG4gICAgKTtcclxuICAgIGNvbnNvbGUubG9nKHJvb3RLZXkpO1xyXG5cclxuICAgIC8vIE1ha2luZyBzdXJlIGl0J3MgYSB2YWxpZCBrZXkuXHJcbiAgICBjb25zdCByb290S2V5SndrID0gYXdhaXQgSldLLmFzS2V5KHJvb3RLZXkpO1xyXG5cclxuICAgIGNvbnN0IG1hc3RlcktleSA9IGF3YWl0IHRoaXMua2V5R3JhcGhTZXJ2aWNlLmdldEtleShyZXNldFVzZXIubWFzdGVyS2V5LmlkKTtcclxuXHJcbiAgICBjb25zdCBtYXN0ZXJLZXlXcmFwcGVkUm9vdEtleSA9IGF3YWl0IHRoaXMuZW5jcnlwdGlvblNlcnZpY2UuZW5jcnlwdFRvU3RyaW5nKFxyXG4gICAgICBtYXN0ZXJLZXkuandrLFxyXG4gICAgICByb290S2V5SndrLnRvSlNPTih0cnVlKVxyXG4gICAgKTtcclxuXHJcbiAgICAvLyBUaGUgbmV3IHBhc3N3b3JkXHJcbiAgICBjb25zdCBuZXdQYXNzSWRwUmVzdWx0ID0gYXdhaXQgdGhpcy5rZXlGYWN0b3J5LmRlcml2ZVBhc3NJZHAoe1xyXG4gICAgICBwYXNzd29yZDogbmV3UGFzc3dvcmQsXHJcbiAgICAgIC4uLnJlc2V0VXNlci5wYXNzS2V5LnBhc3NJZHBQYXJhbXMsXHJcbiAgICB9KTtcclxuXHJcbiAgICBjb25zdCBuZXdJZHBQYXNzd29yZCA9IHRoaXMucGFzc3dvcmRTZXJ2aWNlLmdldFBhc3NJZHBTdHJpbmcoXHJcbiAgICAgIG5ld1Bhc3NJZHBSZXN1bHQuandrXHJcbiAgICApO1xyXG5cclxuICAgIC8vIC0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tXHJcbiAgICAvLyBHZXQgYXNzZW1ibHkga2V5IGNoYWxsZW5nZVxyXG4gICAgLy8gLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS1cclxuICAgIGNvbnN0IGNoYWxsZW5nZSA9IChcclxuICAgICAgYXdhaXQgdGhpcy5sckdyYXBoUUwubHJNdXRhdGUoXHJcbiAgICAgICAgbmV3IExyTXV0YXRpb24oe1xyXG4gICAgICAgICAgbXV0YXRpb246IENyZWF0ZVRwQXNzZW1ibHlLZXlDaGFsbGVuZ2VNdXRhdGlvbixcclxuICAgICAgICAgIHZhcmlhYmxlczoge1xyXG4gICAgICAgICAgICBpbnB1dDoge30sXHJcbiAgICAgICAgICB9LFxyXG4gICAgICAgIH0pLFxyXG4gICAgICAgIHtcclxuICAgICAgICAgIGluY2x1ZGVLZXlHcmFwaDogZmFsc2UsXHJcbiAgICAgICAgfVxyXG4gICAgICApXHJcbiAgICApLmNyZWF0ZVRwQXNzZW1ibHlLZXlDaGFsbGVuZ2UuY2hhbGxlbmdlO1xyXG5cclxuICAgIGNvbnNvbGUubG9nKGNoYWxsZW5nZSk7XHJcblxyXG4gICAgLy8gU2lnbiB0aGUgY2hhbGxlbmdlXHJcbiAgICAvLyBHZW5lcmF0ZSBhIGNsaWVudCBzaWRlIG5vbmNlIHRoYXQncyBubyBpbiB0aGUgc2VydmVyJ3MgY29udHJvbC5cclxuICAgIGNoYWxsZW5nZS5jbGllbnROb25jZSA9IHRoaXMua2V5RmFjdG9yeS5yYW5kb21TdHJpbmcoXHJcbiAgICAgIFRQX1BBU1NXT1JEX1JFU0VUX0NMSUVOVF9OT05DRV9MRU5HVEhcclxuICAgICk7XHJcbiAgICBjb25zb2xlLmxvZyhjaGFsbGVuZ2UpO1xyXG5cclxuICAgIGNvbnN0IGFzc2VtYmx5S2V5VmVyaWZpZXJQcmsgPSBhd2FpdCB0aGlzLmVuY3J5cHRpb25TZXJ2aWNlLmRlY3J5cHQoXHJcbiAgICAgIGFzc2VtYmx5S2V5LFxyXG4gICAgICByZXNldFVzZXIud3JhcHBlZEFzc2VtYmx5S2V5VmVyaWZpZXJQcmtcclxuICAgICk7XHJcbiAgICBjb25zdCBzaWduZWRDaGFsbGVuZ2UgPSBhd2FpdCB0aGlzLmVuY3J5cHRpb25TZXJ2aWNlLnNpZ24oXHJcbiAgICAgIGFzc2VtYmx5S2V5VmVyaWZpZXJQcmssXHJcbiAgICAgIGNoYWxsZW5nZVxyXG4gICAgKTtcclxuXHJcbiAgICAvLyAtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLVxyXG4gICAgLy8gQ2hhbmdlIHBhc3N3b3JkIGZvciB0aGUgb3JpZ2luYWwgdXNlclxyXG4gICAgLy8gLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS1cclxuICAgIGNvbnN0IHRlbXBJZHBQYXNzd29yZCA9IChcclxuICAgICAgYXdhaXQgdGhpcy5sckdyYXBoUUwubHJNdXRhdGUoXHJcbiAgICAgICAgbmV3IExyTXV0YXRpb24oe1xyXG4gICAgICAgICAgbXV0YXRpb246IFByZUNvbXBsZXRlVHBQYXNzd29yZFJlc2V0UmVxdWVzdE11dGF0aW9uLFxyXG4gICAgICAgICAgdmFyaWFibGVzOiB7XHJcbiAgICAgICAgICAgIGlucHV0OiB7XHJcbiAgICAgICAgICAgICAgc2lnbmVkQ2hhbGxlbmdlOiBKU09OLnN0cmluZ2lmeShzaWduZWRDaGFsbGVuZ2UpLFxyXG4gICAgICAgICAgICB9LFxyXG4gICAgICAgICAgfSxcclxuICAgICAgICB9KSxcclxuICAgICAgICB7XHJcbiAgICAgICAgICBpbmNsdWRlS2V5R3JhcGg6IGZhbHNlLFxyXG4gICAgICAgIH1cclxuICAgICAgKVxyXG4gICAgKS5wcmVDb21wbGV0ZVRwUGFzc3dvcmRSZXNldFJlcXVlc3QuaWRwUGFzc3dvcmQ7XHJcblxyXG4gICAgLy8gLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS1cclxuICAgIC8vIExvZ2luIGFzIHRoZSBvcmlnaW5hbCB1c2VyIHVzaW5nIG5ldyB0ZW1wb3JhcnkgcGFzc3dvcmRcclxuICAgIC8vIC0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tXHJcbiAgICAvLyBBdCB0aGlzIHBvaW50LCB0aGUgb3JpZ2luYWwgYWNjb3VudCdzIHBhc3N3b3JkIGhhcyBiZWVuIGNoYW5nZWRcclxuICAgIC8vIHRvIGEgdGVtcG9yYXJ5IHBhc3N3b3JkLiBJdCBpcyBubyBsb25nZXIgcG9zc2libGUgZm9yIHRoZSB1c2VyXHJcbiAgICAvLyB0byB1c2UgdGhlIG9yaWdpbmFsIHBhc3N3b3JkIHRvIGxvZ2luLiBBbnkgc3VjY2Vzc2Z1bCBsb2dpblxyXG4gICAgLy8gY2FuIG9ubHkgYmUgdXNpbmcgdGhlIHRlbXBvcmFyeSBwYXNzd29yZC4gU28gaXQncyBzYWZlIHRvIGFzc3VtZVxyXG4gICAgLy8gdGhhdCB3ZSB3YW50IHRvIFwiY29tcGxldGVcIiB0aGUgcGFzc3dvcmQgcmVzZXQuXHJcblxyXG4gICAgLy8gVGhlIG1heWJlIDJGQSBzbyB3ZSBsaXN0ZW4gZm9yIHRoZSBhdXRoIGV2ZW50IGZyb20gQW1wbGlmeS5cclxuICAgIGNvbnN0IHJldFByb21pc2UgPSBuZXcgUHJvbWlzZTx2b2lkPigocmVzb2x2ZSkgPT4ge1xyXG4gICAgICBjb25zdCBsaXN0ZW5lciA9IGFzeW5jIChkYXRhKSA9PiB7XHJcbiAgICAgICAgaWYgKGRhdGEucGF5bG9hZC5ldmVudCAhPT0gJ3NpZ25JbicpIHtcclxuICAgICAgICAgIHJldHVybjtcclxuICAgICAgICB9XHJcblxyXG4gICAgICAgIEh1Yi5yZW1vdmUoJ2F1dGgnLCBsaXN0ZW5lcik7XHJcblxyXG4gICAgICAgIGNvbnNvbGUubG9nKGRhdGEucGF5bG9hZCk7XHJcblxyXG4gICAgICAgIGF3YWl0IHRoaXMuYXV0aC5zaWduSW4ocmVzZXRVc2VyLnVzZXJuYW1lLCBuZXdJZHBQYXNzd29yZCk7XHJcblxyXG4gICAgICAgIC8vIFN3aXRjaCBvdmVyIHRvIHRoZSBuZXcgc2V0IG9mIGtleXNcclxuICAgICAgICBhd2FpdCB0aGlzLmxyR3JhcGhRTC5sck11dGF0ZShcclxuICAgICAgICAgIG5ldyBMck11dGF0aW9uKHtcclxuICAgICAgICAgICAgbXV0YXRpb246IENvbXBsZXRlVHBQYXNzd29yZFJlc2V0UmVxdWVzdE11dGF0aW9uLFxyXG4gICAgICAgICAgICB2YXJpYWJsZXM6IHtcclxuICAgICAgICAgICAgICBpbnB1dDoge1xyXG4gICAgICAgICAgICAgICAgbWFzdGVyS2V5V3JhcHBlZFJvb3RLZXksXHJcbiAgICAgICAgICAgICAgICBtYXN0ZXJLZXlJZDogbWFzdGVyS2V5LmlkLFxyXG4gICAgICAgICAgICAgIH0sXHJcbiAgICAgICAgICAgIH0sXHJcbiAgICAgICAgICB9KVxyXG4gICAgICAgICk7XHJcblxyXG4gICAgICAgIHJlc29sdmUoKTtcclxuICAgICAgfTtcclxuXHJcbiAgICAgIEh1Yi5saXN0ZW4oJ2F1dGgnLCBsaXN0ZW5lcik7XHJcbiAgICB9KTtcclxuXHJcbiAgICAvLyBTaWduaW4gYXMgdGhlIG9yaWdpbmFsIHVzZXIuIFBhc3N3b3JkIGhhcyBiZWVuIHJlc2V0IHRvIHRlbXBvcmFyeSBvbmUuIEl0IHNob3VsZCByZXR1cm5cclxuICAgIC8vIHdpdGggTkVXX1BBU1NXT1JEX1JFUVVJUkVEXHJcbiAgICBsZXQgdXNlciA9IGF3YWl0IHRoaXMuYXV0aC5zaWduSW4ocmVzZXRVc2VyLnVzZXJuYW1lLCB0ZW1wSWRwUGFzc3dvcmQsIHtcclxuICAgICAgbm9Qcm94eTogJ3RydWUnLFxyXG4gICAgfSk7XHJcblxyXG4gICAgaWYgKHVzZXIuY2hhbGxlbmdlTmFtZSAhPT0gJ05FV19QQVNTV09SRF9SRVFVSVJFRCcpIHtcclxuICAgICAgdGhyb3cgbmV3IExyRXhjZXB0aW9uKHtcclxuICAgICAgICBtZXNzYWdlOlxyXG4gICAgICAgICAgJ0ludGVybmFsIGVycm9yLiBFeHBlY3RpbmcgQ29nbml0byB0byBoYXZlIGRvbmUgYSBwYXNzd29yZCByZXNldCBhZnRlciBjYWxsIHRvIFByZUNvbXBsZXRlVHBQYXNzd29yZFJlc2V0UmVxdWVzdE11dGF0aW9uLicsXHJcbiAgICAgIH0pO1xyXG4gICAgfVxyXG5cclxuICAgIC8vIFNldCBuZXcgcGFzc3dvcmQgb24gSWRwXHJcbiAgICAvLyB0aGUgYXdzRmV0Y2goKSBmdW5jdGlvbiBwYXNzZXMgTkVXX1BBU1NXT1JEX1JFUVVJUkVEIGRpcmVjdGx5IHRvIEFXUyB3aXRob3V0XHJcbiAgICAvLyBnb2luZyB0aHJvdWdoIHRoZSBwcm94eS5cclxuICAgIHVzZXIgPSBhd2FpdCB0aGlzLmF1dGguY29tcGxldGVOZXdQYXNzd29yZCh1c2VyLCBuZXdJZHBQYXNzd29yZCwge30pO1xyXG5cclxuICAgIHJldHVybiByZXRQcm9taXNlO1xyXG4gIH1cclxuXHJcbiAgcHJpdmF0ZSBhc3luYyByZWNvdmVyQXNzZW1ibHlLZXkoXHJcbiAgICByZXNldFVzZXI6IFRwUGFzc3dvcmRSZXNldFVzZXJOb2RlXHJcbiAgKTogUHJvbWlzZTxKV0suS2V5PiB7XHJcbiAgICAvLyBSZWNvdmVyIHRoZSBhc3NlbWJseSBrZXkuXHJcbiAgICBsZXQgYXNzZW1ibHlLZXlQYXJhbXM6IG9iamVjdDtcclxuXHJcbiAgICBjb25zdCBwcmsgPSBhd2FpdCB0aGlzLmtleUdyYXBoU2VydmljZS5nZXRLZXkocmVzZXRVc2VyLnB4ay5pZCk7XHJcblxyXG4gICAgY29uc3Qgc2hhcmVzID0gYXdhaXQgUHJvbWlzZS5hbGwoXHJcbiAgICAgIHJlc2V0VXNlci5hcHByb3ZhbHNcclxuICAgICAgICAuZmlsdGVyKChhcHByb3ZhbCkgPT4gISFhcHByb3ZhbC5yZWNlaXZlckNpcGhlclBhcnRpYWxBc3NlbWJseUtleSlcclxuICAgICAgICAubWFwKGFzeW5jIChhcHByb3ZhbCkgPT4ge1xyXG4gICAgICAgICAgY29uc3QgcGFydGlhbEFzc2VtYmx5S2V5ID0gYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5kZWNyeXB0KFxyXG4gICAgICAgICAgICBwcmssXHJcbiAgICAgICAgICAgIGFwcHJvdmFsLnJlY2VpdmVyQ2lwaGVyUGFydGlhbEFzc2VtYmx5S2V5XHJcbiAgICAgICAgICApO1xyXG5cclxuICAgICAgICAgIGlmIChhc3NlbWJseUtleVBhcmFtcykge1xyXG4gICAgICAgICAgICBpZiAoXHJcbiAgICAgICAgICAgICAgSlNPTi5zdHJpbmdpZnkoYXNzZW1ibHlLZXlQYXJhbXMpICE9PVxyXG4gICAgICAgICAgICAgIEpTT04uc3RyaW5naWZ5KHBhcnRpYWxBc3NlbWJseUtleS5hc3NlbWJseUtleVBhcmFtcylcclxuICAgICAgICAgICAgKSB7XHJcbiAgICAgICAgICAgICAgdGhyb3cgbmV3IExyQmFkU3RhdGVFeGNlcHRpb24oXHJcbiAgICAgICAgICAgICAgICAnVGhlIGFzc2VtYmx5IGtleSBwYXJhbWV0ZXJzIGFyZSBkaWZmZXJlbnQgYmV0d2VlbiB0aGUgYXBwcm92YWxzLidcclxuICAgICAgICAgICAgICApO1xyXG4gICAgICAgICAgICB9XHJcbiAgICAgICAgICB9IGVsc2Uge1xyXG4gICAgICAgICAgICBhc3NlbWJseUtleVBhcmFtcyA9IHBhcnRpYWxBc3NlbWJseUtleS5hc3NlbWJseUtleVBhcmFtcztcclxuICAgICAgICAgIH1cclxuICAgICAgICAgIHJldHVybiBwYXJ0aWFsQXNzZW1ibHlLZXkuc2xpcDM5LnNoYXJlLm1uZW1vbmljcztcclxuICAgICAgICB9KVxyXG4gICAgKTtcclxuXHJcbiAgICBjb25zb2xlLmxvZygncmVjb3ZlckFzc2VtYmx5S2V5KCknLCBzaGFyZXMpO1xyXG5cclxuICAgIGNvbnN0IHJhd0Fzc2VtYmx5S2V5ID0gYXdhaXQgdGhpcy5zbGlwMzlTZXJ2aWNlLnJlY292ZXJTZWNyZXQoXHJcbiAgICAgIHNoYXJlcyxcclxuICAgICAgVFBfUEFTU1dPUkRfUkVTRVRfU0xJUDM5X1BBU1NQSFJBU0VcclxuICAgICk7XHJcblxyXG4gICAgcmV0dXJuIEpXSy5hc0tleSh7XHJcbiAgICAgIC4uLmFzc2VtYmx5S2V5UGFyYW1zLFxyXG4gICAgICBrOiByYXdBc3NlbWJseUtleSxcclxuICAgIH0pO1xyXG4gIH1cclxufVxyXG4iXX0=