@lifeready/core 1.0.21 → 1.0.22

package/esm2015/lib/auth/password.service.js

@@ -1,315 +0,0 @@
-import { __awaiter } from "tslib";
-import { HttpClient } from '@angular/common/http';
-import { Inject, Injectable } from '@angular/core';
-import { AuthClass } from '@aws-amplify/auth/lib-esm/Auth';
-import { ProfileService } from '../users/profile.service';
-import { EncryptionService } from '../cryptography/encryption.service';
-import { KeyGraphService } from '../cryptography/key-graph.service';
-import { LR_CONFIG } from '../life-ready.config';
-import { LrAuthException } from '../_common/exceptions';
-import { LrApolloService } from './../api/lr-apollo.service';
-import { PasswordChangeMutation, PasswordChangeRequestMutation, PasswordChangeConfigQuery, } from './auth.gql';
-import { WebCryptoService } from '../cryptography/web-crypto.service';
-import * as moment_ from 'moment';
-import { IdleService } from '../auth/idle.service';
-import { KeyFactoryService as KFS } from '../cryptography/key-factory.service';
-import * as i0 from "@angular/core";
-import * as i1 from "../life-ready.config";
-import * as i2 from "@angular/common/http";
-import * as i3 from "../api/lr-apollo.service";
-import * as i4 from "@aws-amplify/auth/lib-esm/Auth";
-import * as i5 from "../users/profile.service";
-import * as i6 from "../cryptography/key-factory.service";
-import * as i7 from "../cryptography/encryption.service";
-import * as i8 from "../cryptography/key-graph.service";
-import * as i9 from "../cryptography/web-crypto.service";
-import * as i10 from "./idle.service";
-// "why?" you ask: https://stackoverflow.com/questions/59735280/angular-8-moment-error-cannot-call-a-namespace-moment
-const moment = moment_;
-export class PasswordCheck {
-}
-export class PasswordService {
-    constructor(config, http, apollo, auth, profileService, keyFactory, encryptionService, keyGraph, webCryptoService, idleService) {
-        this.config = config;
-        this.http = http;
-        this.apollo = apollo;
-        this.auth = auth;
-        this.profileService = profileService;
-        this.keyFactory = keyFactory;
-        this.encryptionService = encryptionService;
-        this.keyGraph = keyGraph;
-        this.webCryptoService = webCryptoService;
-        this.idleService = idleService;
-        this.CLIENT_NONCE_LENGTH = 32;
-    }
-    checkPassword(password) {
-        return __awaiter(this, void 0, void 0, function* () {
-            const { years } = this.passwordStrength(password);
-            return {
-                length: password.length,
-                timeToCrack: moment.duration({ years }),
-                passwordExposed: yield this.getExposureCount(password),
-            };
-        });
-    }
-    getExposureCount(password) {
-        return __awaiter(this, void 0, void 0, function* () {
-            const sha1Password = yield this.webCryptoService.stringDigest('SHA-1', password);
-            const first5sha1 = sha1Password.substring(0, 5);
-            const response = yield this.http
-                .get(`https://api.pwnedpasswords.com/range/${first5sha1}`, {
-                responseType: 'text',
-            })
-                .toPromise();
-            const results = new RegExp(`^(?:${sha1Password.substring(5)}:)(?<count>\\d+)$`, 'im').exec(response);
-            if (results) {
-                return +results.groups.count;
-            }
-            return 0;
-        });
-    }
-    getPassIdpString(passIdp) {
-        return passIdp.toJSON(true).k;
-    }
-    createPassKeyBundle(password) {
-        return __awaiter(this, void 0, void 0, function* () {
-            const passIdpParams = yield this.keyFactory.createPassIdpParams();
-            const passIdp = (yield this.keyFactory.derivePassIdp(Object.assign({ password }, passIdpParams))).jwk;
-            const passKeyParams = yield this.keyFactory.createPassKeyParams();
-            const passKey = (yield this.keyFactory.derivePassKey(Object.assign({ password }, passKeyParams))).jwk;
-            const passIdpVerifier = yield this.keyFactory.createPkcSignKey();
-            const wrappedPassIdpVerifierPrk = yield this.encryptionService.encrypt(passKey, passIdpVerifier.toJSON(true));
-            // There are two formats that the private key can be represented in JWK:
-            // https://tools.ietf.org/html/rfc8017#page-9
-            // The second form is an optimization:
-            // https://crypto.stackexchange.com/questions/19413/what-are-dp-and-dq-in-encryption-by-rsa-in-c
-            return {
-                passKeyParams,
-                passKey,
-                passIdpParams,
-                passIdp,
-                passIdpVerifier,
-                wrappedPassIdpVerifierPrk,
-            };
-        });
-    }
-    /**
-     * We need to allow for interruption of the process at any point. Each API call can be considered
-     * atomic and either succeeds or fails.
-     *
-     * The LR server APIs use semaphore tokens for locking critical operations, so concurrent calls will
-     * fail.
-     *
-     * We assume the worst case for IdP API calls. So we use the semaphore token from LR to prevent
-     * concurrent calls to IdP APIs, but we have to assume that the IdP API calls will either succeed or
-     * fail within a reasonable amount of time.
-     *
-     * Each location where the server state changes can be a potential point of interruption.
-     * Potential points of interruption are marked with: --Potential Failure Point--
-     *
-     * Places for timeout:
-     * - Login age too old at call to: verifyPassword()
-     * - Login age too old at call to: changePasswordMutation()
-     * - Semaphore token expires at call to: changePasswordComplete()
-     *
-     * Tests:
-     * - Potential Failure Point 1: should be able to restart the process, user remains signed in.
-     * - Potential Failure Point 2: should enter recovery flow
-     * - Potential Failure Point 3: should enter recovery flow
-     * - Potential Failure Point 4: should enter recovery flow
-     *
-     */
-    isLoginRequired() {
-        return __awaiter(this, void 0, void 0, function* () {
-            const changePasswordConfig = yield this.getChangePasswordConfig();
-            const authTime = moment(changePasswordConfig.authTime);
-            const serverTime = moment(changePasswordConfig.serverTime);
-            const duration = moment.duration(serverTime.diff(authTime));
-            const seconds = duration.asSeconds();
-            if (seconds > changePasswordConfig.maxAuthAgeSeconds) {
-                return true;
-            }
-            else {
-                return false;
-            }
-        });
-    }
-    changePassword(password, newPassword) {
-        return __awaiter(this, void 0, void 0, function* () {
-            const cognitoUser = yield this.auth.currentAuthenticatedUser();
-            // Not checking that passwords are different. It makes it easier to test.
-            const { currentUser } = yield this.profileService.getCurrentUser();
-            const { passIdp, signedChallenge } = yield this.verifyPassword(password, currentUser);
-            // --Potential Failure Point 1--
-            // verifyPassword() asks for a current password challenge hence changes server state.
-            // Place break points here to test the failure scenarios.
-            // Generate the new passIdp
-            const newPassKey = yield this.createPassKeyBundle(newPassword);
-            // Re-encrypt master key with new key
-            const masterKey = yield this.keyGraph.getKey(currentUser.currentUserKey.masterKey.id);
-            const newWrappedMasterKey = yield this.encryptionService.encrypt(newPassKey.passKey, masterKey.jwk.toJSON(true));
-            // If the IdP change password failed, we need to go into recovery mode by forcing
-            // a login. We can't logout the user just yet since the IdP password change needs
-            // the user to be logged in. We _can_ removed any persisted session values for the IdP
-            // but that seems like too much trouble.
-            const { token, newPassKeyId } = yield this.changePasswordMutation(signedChallenge, currentUser.currentUserKey.masterKey.id, newWrappedMasterKey, newPassKey);
-            // --Potential Failure Point 2--
-            // changePasswordMutation() uploads new keys and obtains a semaphore lock to prevent any other
-            // clients from performing IdP password change.
-            // Now we can do the IdP password change.
-            // todo: Add this back in
-            yield this.auth.changePassword(cognitoUser, this.getPassIdpString(passIdp), this.getPassIdpString(newPassKey.passIdp));
-            // --Potential Failure Point 3--
-            // IdP password change
-            // Note that changePassword() could throw an exception for a number of reason. It could throw
-            // a network timeout for example. But we don't know if it's the response that timed out and
-            // the idp password change was actually carried out. So we have to be extra conservative and
-            // only act on a clear success. Otherwise we go into recover mode.
-            yield this.changePasswordComplete(cognitoUser.getSignInUserSession().getAccessToken().getJwtToken(), true, token);
-        });
-    }
-    changePasswordComplete(accessToken, useNewPassword, token = null) {
-        return __awaiter(this, void 0, void 0, function* () {
-            return this.http
-                .post(`${this.config.authUrl}users/password-change-complete/`, Object.assign({ use_new_password: useNewPassword }, (token && { token })), {
-                headers: {
-                    Authorization: `Bearer ${accessToken}`,
-                },
-            })
-                .toPromise();
-        });
-    }
-    getVerifierPrK(passKey, wrappedPrK) {
-        return __awaiter(this, void 0, void 0, function* () {
-            try {
-                const prkJson = yield this.encryptionService.decrypt(passKey, wrappedPrK);
-                return KFS.asKey(prkJson);
-            }
-            catch (error) {
-                throw new LrAuthException('Wrong current password');
-            }
-        });
-    }
-    verifyPassword(password, currentUser) {
-        return __awaiter(this, void 0, void 0, function* () {
-            // Get information from the server to prepare for password change.
-            const passwordRequest = yield this.apollo.mutate({
-                mutation: PasswordChangeRequestMutation,
-                variables: {},
-            });
-            // Get the old passKey so we can decrypt the old password verifier
-            const passKeyResult = yield this.keyFactory.derivePassKey(Object.assign({ password }, currentUser.currentUserKey.passKey.passKeyParams));
-            const verifierPrK = yield this.getVerifierPrK(passKeyResult.jwk, currentUser.currentUserKey.passKey.wrappedPassIdpVerifierPrk);
-            // Sign the server challenge to prove to the server we can decrypt the password verifier.
-            // Generate
-            const clientNonce = this.keyFactory.randomString(this.CLIENT_NONCE_LENGTH);
-            const signedChallenge = yield this.encryptionService.sign(verifierPrK, {
-                serverNonce: passwordRequest.passwordChangeRequest.challenge.serverNonce,
-                clientNonce,
-            });
-            const passIdpResult = yield this.keyFactory.derivePassIdp(Object.assign({ password }, currentUser.currentUserKey.passKey.passIdpParams));
-            return {
-                passIdp: passIdpResult.jwk,
-                signedChallenge,
-            };
-        });
-    }
-    changePasswordMutation(signedChallenge, masterKeyId, newWrappedMasterKey, passKeyBundle) {
-        return __awaiter(this, void 0, void 0, function* () {
-            const response = yield this.apollo.mutate({
-                mutation: PasswordChangeMutation,
-                variables: {
-                    input: {
-                        signedChallenge: JSON.stringify(signedChallenge),
-                        masterKeyId,
-                        newWrappedMasterKey: JSON.stringify(newWrappedMasterKey),
-                        newPassKey: {
-                            passIdpParams: JSON.stringify(passKeyBundle.passIdpParams),
-                            passIdpVerifierPbk: JSON.stringify(passKeyBundle.passIdpVerifier.toJSON()),
-                            wrappedPassIdpVerifierPrk: JSON.stringify(passKeyBundle.wrappedPassIdpVerifierPrk),
-                            passKeyParams: JSON.stringify(passKeyBundle.passKeyParams),
-                        },
-                    },
-                },
-            });
-            return {
-                token: response.passwordChange.token,
-                newPassKeyId: response.passwordChange.newPassKey.id,
-            };
-        });
-    }
-    getChangePasswordConfig() {
-        return __awaiter(this, void 0, void 0, function* () {
-            const res = yield this.apollo.query({
-                query: PasswordChangeConfigQuery,
-            });
-            const ret = res.passwordChangeConfig;
-            ret.authTime = new Date(ret.authTime);
-            ret.serverTime = new Date(ret.serverTime);
-            return ret;
-        });
-    }
-    passwordStrength(password) {
-        const upper = /[A-Z]/g;
-        const lower = /[a-z]/g;
-        const digit = /[0-9]/g;
-        const upperChoices = 26;
-        const lowerChoices = 26;
-        const digitChoices = 10;
-        const specialChoices = 30; // /[!"#$%&'()*+,-./:;<=>?@[\]^_`{|}~]/g
-        function instanceCount(str, re) {
-            return ((str || '').match(re) || []).length;
-        }
-        const uppers = instanceCount(password, upper);
-        const lowers = instanceCount(password, lower);
-        const digits = instanceCount(password, digit);
-        const specials = password.length - uppers - lowers - digits;
-        let choices = 0;
-        if (uppers) {
-            choices += upperChoices;
-        }
-        if (lowers) {
-            choices += lowerChoices;
-        }
-        if (digits) {
-            choices += digitChoices;
-        }
-        if (specials) {
-            choices += specialChoices;
-        }
-        if (password.length === 0) {
-            return {
-                years: 0,
-                // bits of entropy
-                bits: 0,
-            };
-        }
-        const permutations = Math.pow(choices, password.length);
-        const years = (54000 * permutations) /
-            Math.pow(upperChoices + lowerChoices + digitChoices, 12);
-        return {
-            years,
-            // bits of entropy
-            bits: Math.round(Math.log2(permutations)),
-        };
-    }
-}
-PasswordService.ɵprov = i0.ɵɵdefineInjectable({ factory: function PasswordService_Factory() { return new PasswordService(i0.ɵɵinject(i1.LR_CONFIG), i0.ɵɵinject(i2.HttpClient), i0.ɵɵinject(i3.LrApolloService), i0.ɵɵinject(i4.AuthClass), i0.ɵɵinject(i5.ProfileService), i0.ɵɵinject(i6.KeyFactoryService), i0.ɵɵinject(i7.EncryptionService), i0.ɵɵinject(i8.KeyGraphService), i0.ɵɵinject(i9.WebCryptoService), i0.ɵɵinject(i10.IdleService)); }, token: PasswordService, providedIn: "root" });
-PasswordService.decorators = [
-    { type: Injectable, args: [{
-                providedIn: 'root',
-            },] }
-];
-PasswordService.ctorParameters = () => [
-    { type: undefined, decorators: [{ type: Inject, args: [LR_CONFIG,] }] },
-    { type: HttpClient },
-    { type: LrApolloService },
-    { type: AuthClass },
-    { type: ProfileService },
-    { type: KFS },
-    { type: EncryptionService },
-    { type: KeyGraphService },
-    { type: WebCryptoService },
-    { type: IdleService }
-];
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicGFzc3dvcmQuc2VydmljZS5qcyIsInNvdXJjZVJvb3QiOiIvb3B0L2F0bGFzc2lhbi9waXBlbGluZXMvYWdlbnQvYnVpbGQvcHJvamVjdHMvY29yZS9zcmMvIiwic291cmNlcyI6WyJsaWIvYXV0aC9wYXNzd29yZC5zZXJ2aWNlLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7QUFBQSxPQUFPLEVBQUUsVUFBVSxFQUFFLE1BQU0sc0JBQXNCLENBQUM7QUFDbEQsT0FBTyxFQUFFLE1BQU0sRUFBRSxVQUFVLEVBQUUsTUFBTSxlQUFlLENBQUM7QUFFbkQsT0FBTyxFQUFFLFNBQVMsRUFBRSxNQUFNLGdDQUFnQyxDQUFDO0FBRTNELE9BQU8sRUFBRSxjQUFjLEVBQUUsTUFBTSwwQkFBMEIsQ0FBQztBQUMxRCxPQUFPLEVBQUUsaUJBQWlCLEVBQUUsTUFBTSxvQ0FBb0MsQ0FBQztBQUN2RSxPQUFPLEVBQUUsZUFBZSxFQUFFLE1BQU0sbUNBQW1DLENBQUM7QUFDcEUsT0FBTyxFQUFtQixTQUFTLEVBQUUsTUFBTSxzQkFBc0IsQ0FBQztBQUNsRSxPQUFPLEVBQUUsZUFBZSxFQUEwQixNQUFNLHVCQUF1QixDQUFDO0FBQ2hGLE9BQU8sRUFBRSxlQUFlLEVBQUUsTUFBTSw0QkFBNEIsQ0FBQztBQUM3RCxPQUFPLEVBQ0wsc0JBQXNCLEVBQ3RCLDZCQUE2QixFQUM3Qix5QkFBeUIsR0FDMUIsTUFBTSxZQUFZLENBQUM7QUFFcEIsT0FBTyxFQUFFLGdCQUFnQixFQUFFLE1BQU0sb0NBQW9DLENBQUM7QUFFdEUsT0FBTyxLQUFLLE9BQU8sTUFBTSxRQUFRLENBQUM7QUFFbEMsT0FBTyxFQUFFLFdBQVcsRUFBRSxNQUFNLHNCQUFzQixDQUFDO0FBQ25ELE9BQU8sRUFBRSxpQkFBaUIsSUFBSSxHQUFHLEVBQUUsTUFBTSxxQ0FBcUMsQ0FBQzs7Ozs7Ozs7Ozs7O0FBRS9FLHFIQUFxSDtBQUNySCxNQUFNLE1BQU0sR0FBRyxPQUFPLENBQUM7QUF5QnZCLE1BQU0sT0FBTyxhQUFhO0NBSXpCO0FBS0QsTUFBTSxPQUFPLGVBQWU7SUFHMUIsWUFDNkIsTUFBdUIsRUFDMUMsSUFBZ0IsRUFDaEIsTUFBdUIsRUFDdkIsSUFBZSxFQUNmLGNBQThCLEVBQzlCLFVBQWUsRUFDZixpQkFBb0MsRUFDcEMsUUFBeUIsRUFDekIsZ0JBQWtDLEVBQ2xDLFdBQXdCO1FBVEwsV0FBTSxHQUFOLE1BQU0sQ0FBaUI7UUFDMUMsU0FBSSxHQUFKLElBQUksQ0FBWTtRQUNoQixXQUFNLEdBQU4sTUFBTSxDQUFpQjtRQUN2QixTQUFJLEdBQUosSUFBSSxDQUFXO1FBQ2YsbUJBQWMsR0FBZCxjQUFjLENBQWdCO1FBQzlCLGVBQVUsR0FBVixVQUFVLENBQUs7UUFDZixzQkFBaUIsR0FBakIsaUJBQWlCLENBQW1CO1FBQ3BDLGFBQVEsR0FBUixRQUFRLENBQWlCO1FBQ3pCLHFCQUFnQixHQUFoQixnQkFBZ0IsQ0FBa0I7UUFDbEMsZ0JBQVcsR0FBWCxXQUFXLENBQWE7UUFaakIsd0JBQW1CLEdBQUcsRUFBRSxDQUFDO0lBYXZDLENBQUM7SUFFUyxhQUFhLENBQUMsUUFBZ0I7O1lBQ3pDLE1BQU0sRUFBRSxLQUFLLEVBQUUsR0FBRyxJQUFJLENBQUMsZ0JBQWdCLENBQUMsUUFBUSxDQUFDLENBQUM7WUFFbEQsT0FBTztnQkFDTCxNQUFNLEVBQUUsUUFBUSxDQUFDLE1BQU07Z0JBQ3ZCLFdBQVcsRUFBRSxNQUFNLENBQUMsUUFBUSxDQUFDLEVBQUUsS0FBSyxFQUFFLENBQUM7Z0JBQ3ZDLGVBQWUsRUFBRSxNQUFNLElBQUksQ0FBQyxnQkFBZ0IsQ0FBQyxRQUFRLENBQUM7YUFDdkQsQ0FBQztRQUNKLENBQUM7S0FBQTtJQUVZLGdCQUFnQixDQUFDLFFBQWdCOztZQUM1QyxNQUFNLFlBQVksR0FBRyxNQUFNLElBQUksQ0FBQyxnQkFBZ0IsQ0FBQyxZQUFZLENBQzNELE9BQU8sRUFDUCxRQUFRLENBQ1QsQ0FBQztZQUNGLE1BQU0sVUFBVSxHQUFHLFlBQVksQ0FBQyxTQUFTLENBQUMsQ0FBQyxFQUFFLENBQUMsQ0FBQyxDQUFDO1lBRWhELE1BQU0sUUFBUSxHQUFHLE1BQU0sSUFBSSxDQUFDLElBQUk7aUJBQzdCLEdBQUcsQ0FBQyx3Q0FBd0MsVUFBVSxFQUFFLEVBQUU7Z0JBQ3pELFlBQVksRUFBRSxNQUFNO2FBQ3JCLENBQUM7aUJBQ0QsU0FBUyxFQUFFLENBQUM7WUFFZixNQUFNLE9BQU8sR0FBRyxJQUFJLE1BQU0sQ0FDeEIsT0FBTyxZQUFZLENBQUMsU0FBUyxDQUFDLENBQUMsQ0FBQyxtQkFBbUIsRUFDbkQsSUFBSSxDQUNMLENBQUMsSUFBSSxDQUFDLFFBQVEsQ0FBQyxDQUFDO1lBRWpCLElBQUksT0FBTyxFQUFFO2dCQUNYLE9BQU8sQ0FBQyxPQUFPLENBQUMsTUFBTSxDQUFDLEtBQUssQ0FBQzthQUM5QjtZQUNELE9BQU8sQ0FBQyxDQUFDO1FBQ1gsQ0FBQztLQUFBO0lBRU0sZ0JBQWdCLENBQUMsT0FBZ0I7UUFDdEMsT0FBUSxPQUFPLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBUyxDQUFDLENBQUMsQ0FBQztJQUN6QyxDQUFDO0lBRVksbUJBQW1CLENBQUMsUUFBZ0I7O1lBQy9DLE1BQU0sYUFBYSxHQUFHLE1BQU0sSUFBSSxDQUFDLFVBQVUsQ0FBQyxtQkFBbUIsRUFBRSxDQUFDO1lBQ2xFLE1BQU0sT0FBTyxHQUFHLENBQ2QsTUFBTSxJQUFJLENBQUMsVUFBVSxDQUFDLGFBQWEsaUJBQ2pDLFFBQVEsSUFDTCxhQUFhLEVBQ2hCLENBQ0gsQ0FBQyxHQUFHLENBQUM7WUFFTixNQUFNLGFBQWEsR0FBRyxNQUFNLElBQUksQ0FBQyxVQUFVLENBQUMsbUJBQW1CLEVBQUUsQ0FBQztZQUNsRSxNQUFNLE9BQU8sR0FBRyxDQUNkLE1BQU0sSUFBSSxDQUFDLFVBQVUsQ0FBQyxhQUFhLGlCQUNqQyxRQUFRLElBQ0wsYUFBYSxFQUNoQixDQUNILENBQUMsR0FBRyxDQUFDO1lBRU4sTUFBTSxlQUFlLEdBQUcsTUFBTSxJQUFJLENBQUMsVUFBVSxDQUFDLGdCQUFnQixFQUFFLENBQUM7WUFFakUsTUFBTSx5QkFBeUIsR0FBRyxNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxPQUFPLENBQ3BFLE9BQU8sRUFDUCxlQUFlLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxDQUM3QixDQUFDO1lBRUYsd0VBQXdFO1lBQ3hFLDZDQUE2QztZQUM3QyxzQ0FBc0M7WUFDdEMsZ0dBQWdHO1lBRWhHLE9BQU87Z0JBQ0wsYUFBYTtnQkFDYixPQUFPO2dCQUNQLGFBQWE7Z0JBQ2IsT0FBTztnQkFDUCxlQUFlO2dCQUNmLHlCQUF5QjthQUMxQixDQUFDO1FBQ0osQ0FBQztLQUFBO0lBRUQ7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7T0F5Qkc7SUFFVSxlQUFlOztZQUMxQixNQUFNLG9CQUFvQixHQUFHLE1BQU0sSUFBSSxDQUFDLHVCQUF1QixFQUFFLENBQUM7WUFDbEUsTUFBTSxRQUFRLEdBQUcsTUFBTSxDQUFDLG9CQUFvQixDQUFDLFFBQVEsQ0FBQyxDQUFDO1lBQ3ZELE1BQU0sVUFBVSxHQUFHLE1BQU0sQ0FBQyxvQkFBb0IsQ0FBQyxVQUFVLENBQUMsQ0FBQztZQUMzRCxNQUFNLFFBQVEsR0FBRyxNQUFNLENBQUMsUUFBUSxDQUFDLFVBQVUsQ0FBQyxJQUFJLENBQUMsUUFBUSxDQUFDLENBQUMsQ0FBQztZQUM1RCxNQUFNLE9BQU8sR0FBRyxRQUFRLENBQUMsU0FBUyxFQUFFLENBQUM7WUFDckMsSUFBSSxPQUFPLEdBQUcsb0JBQW9CLENBQUMsaUJBQWlCLEVBQUU7Z0JBQ3BELE9BQU8sSUFBSSxDQUFDO2FBQ2I7aUJBQU07Z0JBQ0wsT0FBTyxLQUFLLENBQUM7YUFDZDtRQUNILENBQUM7S0FBQTtJQUVZLGNBQWMsQ0FBQyxRQUFnQixFQUFFLFdBQW1COztZQUMvRCxNQUFNLFdBQVcsR0FBZ0IsTUFBTSxJQUFJLENBQUMsSUFBSSxDQUFDLHdCQUF3QixFQUFFLENBQUM7WUFFNUUseUVBQXlFO1lBQ3pFLE1BQU0sRUFBRSxXQUFXLEVBQUUsR0FBRyxNQUFNLElBQUksQ0FBQyxjQUFjLENBQUMsY0FBYyxFQUFFLENBQUM7WUFFbkUsTUFBTSxFQUFFLE9BQU8sRUFBRSxlQUFlLEVBQUUsR0FBRyxNQUFNLElBQUksQ0FBQyxjQUFjLENBQzVELFFBQVEsRUFDUixXQUFXLENBQ1osQ0FBQztZQUVGLGdDQUFnQztZQUNoQyxxRkFBcUY7WUFDckYseURBQXlEO1lBRXpELDJCQUEyQjtZQUMzQixNQUFNLFVBQVUsR0FBRyxNQUFNLElBQUksQ0FBQyxtQkFBbUIsQ0FBQyxXQUFXLENBQUMsQ0FBQztZQUUvRCxxQ0FBcUM7WUFDckMsTUFBTSxTQUFTLEdBQUcsTUFBTSxJQUFJLENBQUMsUUFBUSxDQUFDLE1BQU0sQ0FDMUMsV0FBVyxDQUFDLGNBQWMsQ0FBQyxTQUFTLENBQUMsRUFBRSxDQUN4QyxDQUFDO1lBQ0YsTUFBTSxtQkFBbUIsR0FBRyxNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxPQUFPLENBQzlELFVBQVUsQ0FBQyxPQUFPLEVBQ2xCLFNBQVMsQ0FBQyxHQUFHLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxDQUMzQixDQUFDO1lBRUYsaUZBQWlGO1lBQ2pGLGlGQUFpRjtZQUNqRixzRkFBc0Y7WUFDdEYsd0NBQXdDO1lBRXhDLE1BQU0sRUFBRSxLQUFLLEVBQUUsWUFBWSxFQUFFLEdBQUcsTUFBTSxJQUFJLENBQUMsc0JBQXNCLENBQy9ELGVBQWUsRUFDZixXQUFXLENBQUMsY0FBYyxDQUFDLFNBQVMsQ0FBQyxFQUFFLEVBQ3ZDLG1CQUFtQixFQUNuQixVQUFVLENBQ1gsQ0FBQztZQUVGLGdDQUFnQztZQUNoQyw4RkFBOEY7WUFDOUYsK0NBQStDO1lBRS9DLHlDQUF5QztZQUN6Qyx5QkFBeUI7WUFDekIsTUFBTSxJQUFJLENBQUMsSUFBSSxDQUFDLGNBQWMsQ0FDNUIsV0FBVyxFQUNYLElBQUksQ0FBQyxnQkFBZ0IsQ0FBQyxPQUFPLENBQUMsRUFDOUIsSUFBSSxDQUFDLGdCQUFnQixDQUFDLFVBQVUsQ0FBQyxPQUFPLENBQUMsQ0FDMUMsQ0FBQztZQUVGLGdDQUFnQztZQUNoQyxzQkFBc0I7WUFFdEIsNkZBQTZGO1lBQzdGLDJGQUEyRjtZQUMzRiw0RkFBNEY7WUFDNUYsa0VBQWtFO1lBQ2xFLE1BQU0sSUFBSSxDQUFDLHNCQUFzQixDQUMvQixXQUFXLENBQUMsb0JBQW9CLEVBQUUsQ0FBQyxjQUFjLEVBQUUsQ0FBQyxXQUFXLEVBQUUsRUFDakUsSUFBSSxFQUNKLEtBQUssQ0FDTixDQUFDO1FBQ0osQ0FBQztLQUFBO0lBRVksc0JBQXNCLENBQ2pDLFdBQW1CLEVBQ25CLGNBQXVCLEVBQ3ZCLFFBQWdCLElBQUk7O1lBRXBCLE9BQU8sSUFBSSxDQUFDLElBQUk7aUJBQ2IsSUFBSSxDQUNILEdBQUcsSUFBSSxDQUFDLE1BQU0sQ0FBQyxPQUFPLGlDQUFpQyxrQkFFckQsZ0JBQWdCLEVBQUUsY0FBYyxJQUM3QixDQUFDLEtBQUssSUFBSSxFQUFFLEtBQUssRUFBRSxDQUFDLEdBRXpCO2dCQUNFLE9BQU8sRUFBRTtvQkFDUCxhQUFhLEVBQUUsVUFBVSxXQUFXLEVBQUU7aUJBQ3ZDO2FBQ0YsQ0FDRjtpQkFDQSxTQUFTLEVBQUUsQ0FBQztRQUNqQixDQUFDO0tBQUE7SUFFYSxjQUFjLENBQzFCLE9BQWdCLEVBQ2hCLFVBQWtCOztZQUVsQixJQUFJO2dCQUNGLE1BQU0sT0FBTyxHQUFHLE1BQU0sSUFBSSxDQUFDLGlCQUFpQixDQUFDLE9BQU8sQ0FBQyxPQUFPLEVBQUUsVUFBVSxDQUFDLENBQUM7Z0JBQzFFLE9BQU8sR0FBRyxDQUFDLEtBQUssQ0FBQyxPQUFPLENBQUMsQ0FBQzthQUMzQjtZQUFDLE9BQU8sS0FBSyxFQUFFO2dCQUNkLE1BQU0sSUFBSSxlQUFlLENBQUMsd0JBQXdCLENBQUMsQ0FBQzthQUNyRDtRQUNILENBQUM7S0FBQTtJQUVhLGNBQWMsQ0FDMUIsUUFBZ0IsRUFDaEIsV0FBMkI7O1lBRTNCLGtFQUFrRTtZQUNsRSxNQUFNLGVBQWUsR0FDbkIsTUFBTSxJQUFJLENBQUMsTUFBTSxDQUFDLE1BQU0sQ0FBZ0M7Z0JBQ3RELFFBQVEsRUFBRSw2QkFBNkI7Z0JBQ3ZDLFNBQVMsRUFBRSxFQUFFO2FBQ2QsQ0FBQyxDQUFDO1lBRUwsa0VBQWtFO1lBQ2xFLE1BQU0sYUFBYSxHQUFHLE1BQU0sSUFBSSxDQUFDLFVBQVUsQ0FBQyxhQUFhLGlCQUN2RCxRQUFRLElBQ0wsV0FBVyxDQUFDLGNBQWMsQ0FBQyxPQUFPLENBQUMsYUFBYSxFQUNuRCxDQUFDO1lBRUgsTUFBTSxXQUFXLEdBQUcsTUFBTSxJQUFJLENBQUMsY0FBYyxDQUMzQyxhQUFhLENBQUMsR0FBRyxFQUNqQixXQUFXLENBQUMsY0FBYyxDQUFDLE9BQU8sQ0FBQyx5QkFBeUIsQ0FDN0QsQ0FBQztZQUVGLHlGQUF5RjtZQUN6RixXQUFXO1lBQ1gsTUFBTSxXQUFXLEdBQUcsSUFBSSxDQUFDLFVBQVUsQ0FBQyxZQUFZLENBQUMsSUFBSSxDQUFDLG1CQUFtQixDQUFDLENBQUM7WUFFM0UsTUFBTSxlQUFlLEdBQUcsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsSUFBSSxDQUFDLFdBQVcsRUFBRTtnQkFDckUsV0FBVyxFQUFFLGVBQWUsQ0FBQyxxQkFBcUIsQ0FBQyxTQUFTLENBQUMsV0FBVztnQkFDeEUsV0FBVzthQUNaLENBQUMsQ0FBQztZQUVILE1BQU0sYUFBYSxHQUFHLE1BQU0sSUFBSSxDQUFDLFVBQVUsQ0FBQyxhQUFhLGlCQUN2RCxRQUFRLElBQ0wsV0FBVyxDQUFDLGNBQWMsQ0FBQyxPQUFPLENBQUMsYUFBYSxFQUNuRCxDQUFDO1lBRUgsT0FBTztnQkFDTCxPQUFPLEVBQUUsYUFBYSxDQUFDLEdBQUc7Z0JBQzFCLGVBQWU7YUFDaEIsQ0FBQztRQUNKLENBQUM7S0FBQTtJQUVhLHNCQUFzQixDQUNsQyxlQUFxQyxFQUNyQyxXQUFtQixFQUNuQixtQkFBMkIsRUFDM0IsYUFBNEI7O1lBRTVCLE1BQU0sUUFBUSxHQUFHLE1BQU0sSUFBSSxDQUFDLE1BQU0sQ0FBQyxNQUFNLENBQXlCO2dCQUNoRSxRQUFRLEVBQUUsc0JBQXNCO2dCQUNoQyxTQUFTLEVBQUU7b0JBQ1QsS0FBSyxFQUFFO3dCQUNMLGVBQWUsRUFBRSxJQUFJLENBQUMsU0FBUyxDQUFDLGVBQWUsQ0FBQzt3QkFDaEQsV0FBVzt3QkFDWCxtQkFBbUIsRUFBRSxJQUFJLENBQUMsU0FBUyxDQUFDLG1CQUFtQixDQUFDO3dCQUN4RCxVQUFVLEVBQUU7NEJBQ1YsYUFBYSxFQUFFLElBQUksQ0FBQyxTQUFTLENBQUMsYUFBYSxDQUFDLGFBQWEsQ0FBQzs0QkFDMUQsa0JBQWtCLEVBQUUsSUFBSSxDQUFDLFNBQVMsQ0FDaEMsYUFBYSxDQUFDLGVBQWUsQ0FBQyxNQUFNLEVBQUUsQ0FDdkM7NEJBQ0QseUJBQXlCLEVBQUUsSUFBSSxDQUFDLFNBQVMsQ0FDdkMsYUFBYSxDQUFDLHlCQUF5QixDQUN4Qzs0QkFDRCxhQUFhLEVBQUUsSUFBSSxDQUFDLFNBQVMsQ0FBQyxhQUFhLENBQUMsYUFBYSxDQUFDO3lCQUMzRDtxQkFDRjtpQkFDRjthQUNGLENBQUMsQ0FBQztZQUNILE9BQU87Z0JBQ0wsS0FBSyxFQUFFLFFBQVEsQ0FBQyxjQUFjLENBQUMsS0FBSztnQkFDcEMsWUFBWSxFQUFFLFFBQVEsQ0FBQyxjQUFjLENBQUMsVUFBVSxDQUFDLEVBQUU7YUFDcEQsQ0FBQztRQUNKLENBQUM7S0FBQTtJQUVLLHVCQUF1Qjs7WUFDM0IsTUFBTSxHQUFHLEdBQUcsTUFBTSxJQUFJLENBQUMsTUFBTSxDQUFDLEtBQUssQ0FBTTtnQkFDdkMsS0FBSyxFQUFFLHlCQUF5QjthQUNqQyxDQUFDLENBQUM7WUFFSCxNQUFNLEdBQUcsR0FBRyxHQUFHLENBQUMsb0JBQTRDLENBQUM7WUFFN0QsR0FBRyxDQUFDLFFBQVEsR0FBRyxJQUFJLElBQUksQ0FBQyxHQUFHLENBQUMsUUFBUSxDQUFDLENBQUM7WUFDdEMsR0FBRyxDQUFDLFVBQVUsR0FBRyxJQUFJLElBQUksQ0FBQyxHQUFHLENBQUMsVUFBVSxDQUFDLENBQUM7WUFDMUMsT0FBTyxHQUFHLENBQUM7UUFDYixDQUFDO0tBQUE7SUFFTSxnQkFBZ0IsQ0FBQyxRQUFRO1FBQzlCLE1BQU0sS0FBSyxHQUFHLFFBQVEsQ0FBQztRQUN2QixNQUFNLEtBQUssR0FBRyxRQUFRLENBQUM7UUFDdkIsTUFBTSxLQUFLLEdBQUcsUUFBUSxDQUFDO1FBRXZCLE1BQU0sWUFBWSxHQUFHLEVBQUUsQ0FBQztRQUN4QixNQUFNLFlBQVksR0FBRyxFQUFFLENBQUM7UUFDeEIsTUFBTSxZQUFZLEdBQUcsRUFBRSxDQUFDO1FBQ3hCLE1BQU0sY0FBYyxHQUFHLEVBQUUsQ0FBQyxDQUFDLHdDQUF3QztRQUVuRSxTQUFTLGFBQWEsQ0FBQyxHQUFHLEVBQUUsRUFBRTtZQUM1QixPQUFPLENBQUMsQ0FBQyxHQUFHLElBQUksRUFBRSxDQUFDLENBQUMsS0FBSyxDQUFDLEVBQUUsQ0FBQyxJQUFJLEVBQUUsQ0FBQyxDQUFDLE1BQU0sQ0FBQztRQUM5QyxDQUFDO1FBRUQsTUFBTSxNQUFNLEdBQUcsYUFBYSxDQUFDLFFBQVEsRUFBRSxLQUFLLENBQUMsQ0FBQztRQUM5QyxNQUFNLE1BQU0sR0FBRyxhQUFhLENBQUMsUUFBUSxFQUFFLEtBQUssQ0FBQyxDQUFDO1FBQzlDLE1BQU0sTUFBTSxHQUFHLGFBQWEsQ0FBQyxRQUFRLEVBQUUsS0FBSyxDQUFDLENBQUM7UUFDOUMsTUFBTSxRQUFRLEdBQUcsUUFBUSxDQUFDLE1BQU0sR0FBRyxNQUFNLEdBQUcsTUFBTSxHQUFHLE1BQU0sQ0FBQztRQUU1RCxJQUFJLE9BQU8sR0FBRyxDQUFDLENBQUM7UUFDaEIsSUFBSSxNQUFNLEVBQUU7WUFDVixPQUFPLElBQUksWUFBWSxDQUFDO1NBQ3pCO1FBQ0QsSUFBSSxNQUFNLEVBQUU7WUFDVixPQUFPLElBQUksWUFBWSxDQUFDO1NBQ3pCO1FBQ0QsSUFBSSxNQUFNLEVBQUU7WUFDVixPQUFPLElBQUksWUFBWSxDQUFDO1NBQ3pCO1FBQ0QsSUFBSSxRQUFRLEVBQUU7WUFDWixPQUFPLElBQUksY0FBYyxDQUFDO1NBQzNCO1FBRUQsSUFBSSxRQUFRLENBQUMsTUFBTSxLQUFLLENBQUMsRUFBRTtZQUN6QixPQUFPO2dCQUNMLEtBQUssRUFBRSxDQUFDO2dCQUNSLGtCQUFrQjtnQkFDbEIsSUFBSSxFQUFFLENBQUM7YUFDUixDQUFDO1NBQ0g7UUFFRCxNQUFNLFlBQVksR0FBRyxJQUFJLENBQUMsR0FBRyxDQUFDLE9BQU8sRUFBRSxRQUFRLENBQUMsTUFBTSxDQUFDLENBQUM7UUFFeEQsTUFBTSxLQUFLLEdBQ1QsQ0FBQyxLQUFLLEdBQUcsWUFBWSxDQUFDO1lBQ3RCLElBQUksQ0FBQyxHQUFHLENBQUMsWUFBWSxHQUFHLFlBQVksR0FBRyxZQUFZLEVBQUUsRUFBRSxDQUFDLENBQUM7UUFDM0QsT0FBTztZQUNMLEtBQUs7WUFDTCxrQkFBa0I7WUFDbEIsSUFBSSxFQUFFLElBQUksQ0FBQyxLQUFLLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxZQUFZLENBQUMsQ0FBQztTQUMxQyxDQUFDO0lBQ0osQ0FBQzs7OztZQW5YRixVQUFVLFNBQUM7Z0JBQ1YsVUFBVSxFQUFFLE1BQU07YUFDbkI7Ozs0Q0FLSSxNQUFNLFNBQUMsU0FBUztZQS9EWixVQUFVO1lBVVYsZUFBZTtZQVBmLFNBQVM7WUFFVCxjQUFjO1lBaUJPLEdBQUc7WUFoQnhCLGlCQUFpQjtZQUNqQixlQUFlO1lBVWYsZ0JBQWdCO1lBSWhCLFdBQVciLCJzb3VyY2VzQ29udGVudCI6WyJpbXBvcnQgeyBIdHRwQ2xpZW50IH0gZnJvbSAnQGFuZ3VsYXIvY29tbW9uL2h0dHAnO1xuaW1wb3J0IHsgSW5qZWN0LCBJbmplY3RhYmxlIH0gZnJvbSAnQGFuZ3VsYXIvY29yZSc7XG5pbXBvcnQgeyBDb2duaXRvVXNlciB9IGZyb20gJ0Bhd3MtYW1wbGlmeS9hdXRoJztcbmltcG9ydCB7IEF1dGhDbGFzcyB9IGZyb20gJ0Bhd3MtYW1wbGlmeS9hdXRoL2xpYi1lc20vQXV0aCc7XG5pbXBvcnQgeyBKV0ssIEpXUyB9IGZyb20gJ25vZGUtam9zZSc7XG5pbXBvcnQgeyBQcm9maWxlU2VydmljZSB9IGZyb20gJy4uL3VzZXJzL3Byb2ZpbGUuc2VydmljZSc7XG5pbXBvcnQgeyBFbmNyeXB0aW9uU2VydmljZSB9IGZyb20gJy4uL2NyeXB0b2dyYXBoeS9lbmNyeXB0aW9uLnNlcnZpY2UnO1xuaW1wb3J0IHsgS2V5R3JhcGhTZXJ2aWNlIH0gZnJvbSAnLi4vY3J5cHRvZ3JhcGh5L2tleS1ncmFwaC5zZXJ2aWNlJztcbmltcG9ydCB7IExpZmVSZWFkeUNvbmZpZywgTFJfQ09ORklHIH0gZnJvbSAnLi4vbGlmZS1yZWFkeS5jb25maWcnO1xuaW1wb3J0IHsgTHJBdXRoRXhjZXB0aW9uLCBMckJhZEFyZ3VtZW50RXhjZXB0aW9uIH0gZnJvbSAnLi4vX2NvbW1vbi9leGNlcHRpb25zJztcbmltcG9ydCB7IExyQXBvbGxvU2VydmljZSB9IGZyb20gJy4vLi4vYXBpL2xyLWFwb2xsby5zZXJ2aWNlJztcbmltcG9ydCB7XG4gIFBhc3N3b3JkQ2hhbmdlTXV0YXRpb24sXG4gIFBhc3N3b3JkQ2hhbmdlUmVxdWVzdE11dGF0aW9uLFxuICBQYXNzd29yZENoYW5nZUNvbmZpZ1F1ZXJ5LFxufSBmcm9tICcuL2F1dGguZ3FsJztcbmltcG9ydCB7IFBhc3NLZXlCdW5kbGUgfSBmcm9tICcuL2F1dGgudHlwZXMnO1xuaW1wb3J0IHsgV2ViQ3J5cHRvU2VydmljZSB9IGZyb20gJy4uL2NyeXB0b2dyYXBoeS93ZWItY3J5cHRvLnNlcnZpY2UnO1xuaW1wb3J0IHsgRHVyYXRpb24gfSBmcm9tICdtb21lbnQnO1xuaW1wb3J0ICogYXMgbW9tZW50XyBmcm9tICdtb21lbnQnO1xuaW1wb3J0IHsgQXBpQ3VycmVudFVzZXIgfSBmcm9tICcuLi91c2Vycy9wcm9maWxlLnR5cGVzJztcbmltcG9ydCB7IElkbGVTZXJ2aWNlIH0gZnJvbSAnLi4vYXV0aC9pZGxlLnNlcnZpY2UnO1xuaW1wb3J0IHsgS2V5RmFjdG9yeVNlcnZpY2UgYXMgS0ZTIH0gZnJvbSAnLi4vY3J5cHRvZ3JhcGh5L2tleS1mYWN0b3J5LnNlcnZpY2UnO1xuXG4vLyBcIndoeT9cIiB5b3UgYXNrOiBodHRwczovL3N0YWNrb3ZlcmZsb3cuY29tL3F1ZXN0aW9ucy81OTczNTI4MC9hbmd1bGFyLTgtbW9tZW50LWVycm9yLWNhbm5vdC1jYWxsLWEtbmFtZXNwYWNlLW1vbWVudFxuY29uc3QgbW9tZW50ID0gbW9tZW50XztcblxuaW50ZXJmYWNlIFBhc3N3b3JkQ2hhbmdlUmVxdWVzdE11dGF0aW9uIHtcbiAgcGFzc3dvcmRDaGFuZ2VSZXF1ZXN0OiB7XG4gICAgY2hhbGxlbmdlOiB7XG4gICAgICBzZXJ2ZXJOb25jZTogc3RyaW5nO1xuICAgIH07XG4gIH07XG59XG5cbmludGVyZmFjZSBQYXNzd29yZENoYW5nZU11dGF0aW9uIHtcbiAgcGFzc3dvcmRDaGFuZ2U6IHtcbiAgICB0b2tlbjogc3RyaW5nO1xuICAgIG5ld1Bhc3NLZXk6IHtcbiAgICAgIGlkOiBzdHJpbmc7XG4gICAgfTtcbiAgfTtcbn1cblxuZXhwb3J0IGludGVyZmFjZSBQYXNzd29yZENoYW5nZUNvbmZpZyB7XG4gIG1heEF1dGhBZ2VTZWNvbmRzOiBudW1iZXI7XG4gIGF1dGhUaW1lOiBzdHJpbmcgfCBEYXRlO1xuICBzZXJ2ZXJUaW1lOiBzdHJpbmcgfCBEYXRlO1xufVxuXG5leHBvcnQgY2xhc3MgUGFzc3dvcmRDaGVjayB7XG4gIGxlbmd0aD86IG51bWJlcjtcbiAgdGltZVRvQ3JhY2s/OiBEdXJhdGlvbjtcbiAgcGFzc3dvcmRFeHBvc2VkPzogbnVtYmVyO1xufVxuXG5ASW5qZWN0YWJsZSh7XG4gIHByb3ZpZGVkSW46ICdyb290Jyxcbn0pXG5leHBvcnQgY2xhc3MgUGFzc3dvcmRTZXJ2aWNlIHtcbiAgcHJpdmF0ZSByZWFkb25seSBDTElFTlRfTk9OQ0VfTEVOR1RIID0gMzI7XG5cbiAgY29uc3RydWN0b3IoXG4gICAgQEluamVjdChMUl9DT05GSUcpIHByaXZhdGUgY29uZmlnOiBMaWZlUmVhZHlDb25maWcsXG4gICAgcHJpdmF0ZSBodHRwOiBIdHRwQ2xpZW50LFxuICAgIHByaXZhdGUgYXBvbGxvOiBMckFwb2xsb1NlcnZpY2UsXG4gICAgcHJpdmF0ZSBhdXRoOiBBdXRoQ2xhc3MsXG4gICAgcHJpdmF0ZSBwcm9maWxlU2VydmljZTogUHJvZmlsZVNlcnZpY2UsXG4gICAgcHJpdmF0ZSBrZXlGYWN0b3J5OiBLRlMsXG4gICAgcHJpdmF0ZSBlbmNyeXB0aW9uU2VydmljZTogRW5jcnlwdGlvblNlcnZpY2UsXG4gICAgcHJpdmF0ZSBrZXlHcmFwaDogS2V5R3JhcGhTZXJ2aWNlLFxuICAgIHByaXZhdGUgd2ViQ3J5cHRvU2VydmljZTogV2ViQ3J5cHRvU2VydmljZSxcbiAgICBwcml2YXRlIGlkbGVTZXJ2aWNlOiBJZGxlU2VydmljZVxuICApIHt9XG5cbiAgcHVibGljIGFzeW5jIGNoZWNrUGFzc3dvcmQocGFzc3dvcmQ6IHN0cmluZyk6IFByb21pc2U8UGFzc3dvcmRDaGVjaz4ge1xuICAgIGNvbnN0IHsgeWVhcnMgfSA9IHRoaXMucGFzc3dvcmRTdHJlbmd0aChwYXNzd29yZCk7XG5cbiAgICByZXR1cm4ge1xuICAgICAgbGVuZ3RoOiBwYXNzd29yZC5sZW5ndGgsXG4gICAgICB0aW1lVG9DcmFjazogbW9tZW50LmR1cmF0aW9uKHsgeWVhcnMgfSksXG4gICAgICBwYXNzd29yZEV4cG9zZWQ6IGF3YWl0IHRoaXMuZ2V0RXhwb3N1cmVDb3VudChwYXNzd29yZCksXG4gICAgfTtcbiAgfVxuXG4gIHB1YmxpYyBhc3luYyBnZXRFeHBvc3VyZUNvdW50KHBhc3N3b3JkOiBzdHJpbmcpOiBQcm9taXNlPG51bWJlcj4ge1xuICAgIGNvbnN0IHNoYTFQYXNzd29yZCA9IGF3YWl0IHRoaXMud2ViQ3J5cHRvU2VydmljZS5zdHJpbmdEaWdlc3QoXG4gICAgICAnU0hBLTEnLFxuICAgICAgcGFzc3dvcmRcbiAgICApO1xuICAgIGNvbnN0IGZpcnN0NXNoYTEgPSBzaGExUGFzc3dvcmQuc3Vic3RyaW5nKDAsIDUpO1xuXG4gICAgY29uc3QgcmVzcG9uc2UgPSBhd2FpdCB0aGlzLmh0dHBcbiAgICAgIC5nZXQoYGh0dHBzOi8vYXBpLnB3bmVkcGFzc3dvcmRzLmNvbS9yYW5nZS8ke2ZpcnN0NXNoYTF9YCwge1xuICAgICAgICByZXNwb25zZVR5cGU6ICd0ZXh0JyxcbiAgICAgIH0pXG4gICAgICAudG9Qcm9taXNlKCk7XG5cbiAgICBjb25zdCByZXN1bHRzID0gbmV3IFJlZ0V4cChcbiAgICAgIGBeKD86JHtzaGExUGFzc3dvcmQuc3Vic3RyaW5nKDUpfTopKD88Y291bnQ+XFxcXGQrKSRgLFxuICAgICAgJ2ltJ1xuICAgICkuZXhlYyhyZXNwb25zZSk7XG5cbiAgICBpZiAocmVzdWx0cykge1xuICAgICAgcmV0dXJuICtyZXN1bHRzLmdyb3Vwcy5jb3VudDtcbiAgICB9XG4gICAgcmV0dXJuIDA7XG4gIH1cblxuICBwdWJsaWMgZ2V0UGFzc0lkcFN0cmluZyhwYXNzSWRwOiBKV0suS2V5KSB7XG4gICAgcmV0dXJuIChwYXNzSWRwLnRvSlNPTih0cnVlKSBhcyBhbnkpLms7XG4gIH1cblxuICBwdWJsaWMgYXN5bmMgY3JlYXRlUGFzc0tleUJ1bmRsZShwYXNzd29yZDogc3RyaW5nKTogUHJvbWlzZTxQYXNzS2V5QnVuZGxlPiB7XG4gICAgY29uc3QgcGFzc0lkcFBhcmFtcyA9IGF3YWl0IHRoaXMua2V5RmFjdG9yeS5jcmVhdGVQYXNzSWRwUGFyYW1zKCk7XG4gICAgY29uc3QgcGFzc0lkcCA9IChcbiAgICAgIGF3YWl0IHRoaXMua2V5RmFjdG9yeS5kZXJpdmVQYXNzSWRwKHtcbiAgICAgICAgcGFzc3dvcmQsXG4gICAgICAgIC4uLnBhc3NJZHBQYXJhbXMsXG4gICAgICB9KVxuICAgICkuandrO1xuXG4gICAgY29uc3QgcGFzc0tleVBhcmFtcyA9IGF3YWl0IHRoaXMua2V5RmFjdG9yeS5jcmVhdGVQYXNzS2V5UGFyYW1zKCk7XG4gICAgY29uc3QgcGFzc0tleSA9IChcbiAgICAgIGF3YWl0IHRoaXMua2V5RmFjdG9yeS5kZXJpdmVQYXNzS2V5KHtcbiAgICAgICAgcGFzc3dvcmQsXG4gICAgICAgIC4uLnBhc3NLZXlQYXJhbXMsXG4gICAgICB9KVxuICAgICkuandrO1xuXG4gICAgY29uc3QgcGFzc0lkcFZlcmlmaWVyID0gYXdhaXQgdGhpcy5rZXlGYWN0b3J5LmNyZWF0ZVBrY1NpZ25LZXkoKTtcblxuICAgIGNvbnN0IHdyYXBwZWRQYXNzSWRwVmVyaWZpZXJQcmsgPSBhd2FpdCB0aGlzLmVuY3J5cHRpb25TZXJ2aWNlLmVuY3J5cHQoXG4gICAgICBwYXNzS2V5LFxuICAgICAgcGFzc0lkcFZlcmlmaWVyLnRvSlNPTih0cnVlKVxuICAgICk7XG5cbiAgICAvLyBUaGVyZSBhcmUgdHdvIGZvcm1hdHMgdGhhdCB0aGUgcHJpdmF0ZSBrZXkgY2FuIGJlIHJlcHJlc2VudGVkIGluIEpXSzpcbiAgICAvLyBodHRwczovL3Rvb2xzLmlldGYub3JnL2h0bWwvcmZjODAxNyNwYWdlLTlcbiAgICAvLyBUaGUgc2Vjb25kIGZvcm0gaXMgYW4gb3B0aW1pemF0aW9uOlxuICAgIC8vIGh0dHBzOi8vY3J5cHRvLnN0YWNrZXhjaGFuZ2UuY29tL3F1ZXN0aW9ucy8xOTQxMy93aGF0LWFyZS1kcC1hbmQtZHEtaW4tZW5jcnlwdGlvbi1ieS1yc2EtaW4tY1xuXG4gICAgcmV0dXJuIHtcbiAgICAgIHBhc3NLZXlQYXJhbXMsXG4gICAgICBwYXNzS2V5LFxuICAgICAgcGFzc0lkcFBhcmFtcyxcbiAgICAgIHBhc3NJZHAsXG4gICAgICBwYXNzSWRwVmVyaWZpZXIsXG4gICAgICB3cmFwcGVkUGFzc0lkcFZlcmlmaWVyUHJrLFxuICAgIH07XG4gIH1cblxuICAvKipcbiAgICogV2UgbmVlZCB0byBhbGxvdyBmb3IgaW50ZXJydXB0aW9uIG9mIHRoZSBwcm9jZXNzIGF0IGFueSBwb2ludC4gRWFjaCBBUEkgY2FsbCBjYW4gYmUgY29uc2lkZXJlZFxuICAgKiBhdG9taWMgYW5kIGVpdGhlciBzdWNjZWVkcyBvciBmYWlscy5cbiAgICpcbiAgICogVGhlIExSIHNlcnZlciBBUElzIHVzZSBzZW1hcGhvcmUgdG9rZW5zIGZvciBsb2NraW5nIGNyaXRpY2FsIG9wZXJhdGlvbnMsIHNvIGNvbmN1cnJlbnQgY2FsbHMgd2lsbFxuICAgKiBmYWlsLlxuICAgKlxuICAgKiBXZSBhc3N1bWUgdGhlIHdvcnN0IGNhc2UgZm9yIElkUCBBUEkgY2FsbHMuIFNvIHdlIHVzZSB0aGUgc2VtYXBob3JlIHRva2VuIGZyb20gTFIgdG8gcHJldmVudFxuICAgKiBjb25jdXJyZW50IGNhbGxzIHRvIElkUCBBUElzLCBidXQgd2UgaGF2ZSB0byBhc3N1bWUgdGhhdCB0aGUgSWRQIEFQSSBjYWxscyB3aWxsIGVpdGhlciBzdWNjZWVkIG9yXG4gICAqIGZhaWwgd2l0aGluIGEgcmVhc29uYWJsZSBhbW91bnQgb2YgdGltZS5cbiAgICpcbiAgICogRWFjaCBsb2NhdGlvbiB3aGVyZSB0aGUgc2VydmVyIHN0YXRlIGNoYW5nZXMgY2FuIGJlIGEgcG90ZW50aWFsIHBvaW50IG9mIGludGVycnVwdGlvbi5cbiAgICogUG90ZW50aWFsIHBvaW50cyBvZiBpbnRlcnJ1cHRpb24gYXJlIG1hcmtlZCB3aXRoOiAtLVBvdGVudGlhbCBGYWlsdXJlIFBvaW50LS1cbiAgICpcbiAgICogUGxhY2VzIGZvciB0aW1lb3V0OlxuICAgKiAtIExvZ2luIGFnZSB0b28gb2xkIGF0IGNhbGwgdG86IHZlcmlmeVBhc3N3b3JkKClcbiAgICogLSBMb2dpbiBhZ2UgdG9vIG9sZCBhdCBjYWxsIHRvOiBjaGFuZ2VQYXNzd29yZE11dGF0aW9uKClcbiAgICogLSBTZW1hcGhvcmUgdG9rZW4gZXhwaXJlcyBhdCBjYWxsIHRvOiBjaGFuZ2VQYXNzd29yZENvbXBsZXRlKClcbiAgICpcbiAgICogVGVzdHM6XG4gICAqIC0gUG90ZW50aWFsIEZhaWx1cmUgUG9pbnQgMTogc2hvdWxkIGJlIGFibGUgdG8gcmVzdGFydCB0aGUgcHJvY2VzcywgdXNlciByZW1haW5zIHNpZ25lZCBpbi5cbiAgICogLSBQb3RlbnRpYWwgRmFpbHVyZSBQb2ludCAyOiBzaG91bGQgZW50ZXIgcmVjb3ZlcnkgZmxvd1xuICAgKiAtIFBvdGVudGlhbCBGYWlsdXJlIFBvaW50IDM6IHNob3VsZCBlbnRlciByZWNvdmVyeSBmbG93XG4gICAqIC0gUG90ZW50aWFsIEZhaWx1cmUgUG9pbnQgNDogc2hvdWxkIGVudGVyIHJlY292ZXJ5IGZsb3dcbiAgICpcbiAgICovXG5cbiAgcHVibGljIGFzeW5jIGlzTG9naW5SZXF1aXJlZCgpOiBQcm9taXNlPGJvb2xlYW4+IHtcbiAgICBjb25zdCBjaGFuZ2VQYXNzd29yZENvbmZpZyA9IGF3YWl0IHRoaXMuZ2V0Q2hhbmdlUGFzc3dvcmRDb25maWcoKTtcbiAgICBjb25zdCBhdXRoVGltZSA9IG1vbWVudChjaGFuZ2VQYXNzd29yZENvbmZpZy5hdXRoVGltZSk7XG4gICAgY29uc3Qgc2VydmVyVGltZSA9IG1vbWVudChjaGFuZ2VQYXNzd29yZENvbmZpZy5zZXJ2ZXJUaW1lKTtcbiAgICBjb25zdCBkdXJhdGlvbiA9IG1vbWVudC5kdXJhdGlvbihzZXJ2ZXJUaW1lLmRpZmYoYXV0aFRpbWUpKTtcbiAgICBjb25zdCBzZWNvbmRzID0gZHVyYXRpb24uYXNTZWNvbmRzKCk7XG4gICAgaWYgKHNlY29uZHMgPiBjaGFuZ2VQYXNzd29yZENvbmZpZy5tYXhBdXRoQWdlU2Vjb25kcykge1xuICAgICAgcmV0dXJuIHRydWU7XG4gICAgfSBlbHNlIHtcbiAgICAgIHJldHVybiBmYWxzZTtcbiAgICB9XG4gIH1cblxuICBwdWJsaWMgYXN5bmMgY2hhbmdlUGFzc3dvcmQocGFzc3dvcmQ6IHN0cmluZywgbmV3UGFzc3dvcmQ6IHN0cmluZykge1xuICAgIGNvbnN0IGNvZ25pdG9Vc2VyOiBDb2duaXRvVXNlciA9IGF3YWl0IHRoaXMuYXV0aC5jdXJyZW50QXV0aGVudGljYXRlZFVzZXIoKTtcblxuICAgIC8vIE5vdCBjaGVja2luZyB0aGF0IHBhc3N3b3JkcyBhcmUgZGlmZmVyZW50LiBJdCBtYWtlcyBpdCBlYXNpZXIgdG8gdGVzdC5cbiAgICBjb25zdCB7IGN1cnJlbnRVc2VyIH0gPSBhd2FpdCB0aGlzLnByb2ZpbGVTZXJ2aWNlLmdldEN1cnJlbnRVc2VyKCk7XG5cbiAgICBjb25zdCB7IHBhc3NJZHAsIHNpZ25lZENoYWxsZW5nZSB9ID0gYXdhaXQgdGhpcy52ZXJpZnlQYXNzd29yZChcbiAgICAgIHBhc3N3b3JkLFxuICAgICAgY3VycmVudFVzZXJcbiAgICApO1xuXG4gICAgLy8gLS1Qb3RlbnRpYWwgRmFpbHVyZSBQb2ludCAxLS1cbiAgICAvLyB2ZXJpZnlQYXNzd29yZCgpIGFza3MgZm9yIGEgY3VycmVudCBwYXNzd29yZCBjaGFsbGVuZ2UgaGVuY2UgY2hhbmdlcyBzZXJ2ZXIgc3RhdGUuXG4gICAgLy8gUGxhY2UgYnJlYWsgcG9pbnRzIGhlcmUgdG8gdGVzdCB0aGUgZmFpbHVyZSBzY2VuYXJpb3MuXG5cbiAgICAvLyBHZW5lcmF0ZSB0aGUgbmV3IHBhc3NJZHBcbiAgICBjb25zdCBuZXdQYXNzS2V5ID0gYXdhaXQgdGhpcy5jcmVhdGVQYXNzS2V5QnVuZGxlKG5ld1Bhc3N3b3JkKTtcblxuICAgIC8vIFJlLWVuY3J5cHQgbWFzdGVyIGtleSB3aXRoIG5ldyBrZXlcbiAgICBjb25zdCBtYXN0ZXJLZXkgPSBhd2FpdCB0aGlzLmtleUdyYXBoLmdldEtleShcbiAgICAgIGN1cnJlbnRVc2VyLmN1cnJlbnRVc2VyS2V5Lm1hc3RlcktleS5pZFxuICAgICk7XG4gICAgY29uc3QgbmV3V3JhcHBlZE1hc3RlcktleSA9IGF3YWl0IHRoaXMuZW5jcnlwdGlvblNlcnZpY2UuZW5jcnlwdChcbiAgICAgIG5ld1Bhc3NLZXkucGFzc0tleSxcbiAgICAgIG1hc3RlcktleS5qd2sudG9KU09OKHRydWUpXG4gICAgKTtcblxuICAgIC8vIElmIHRoZSBJZFAgY2hhbmdlIHBhc3N3b3JkIGZhaWxlZCwgd2UgbmVlZCB0byBnbyBpbnRvIHJlY292ZXJ5IG1vZGUgYnkgZm9yY2luZ1xuICAgIC8vIGEgbG9naW4uIFdlIGNhbid0IGxvZ291dCB0aGUgdXNlciBqdXN0IHlldCBzaW5jZSB0aGUgSWRQIHBhc3N3b3JkIGNoYW5nZSBuZWVkc1xuICAgIC8vIHRoZSB1c2VyIHRvIGJlIGxvZ2dlZCBpbi4gV2UgX2Nhbl8gcmVtb3ZlZCBhbnkgcGVyc2lzdGVkIHNlc3Npb24gdmFsdWVzIGZvciB0aGUgSWRQXG4gICAgLy8gYnV0IHRoYXQgc2VlbXMgbGlrZSB0b28gbXVjaCB0cm91YmxlLlxuXG4gICAgY29uc3QgeyB0b2tlbiwgbmV3UGFzc0tleUlkIH0gPSBhd2FpdCB0aGlzLmNoYW5nZVBhc3N3b3JkTXV0YXRpb24oXG4gICAgICBzaWduZWRDaGFsbGVuZ2UsXG4gICAgICBjdXJyZW50VXNlci5jdXJyZW50VXNlcktleS5tYXN0ZXJLZXkuaWQsXG4gICAgICBuZXdXcmFwcGVkTWFzdGVyS2V5LFxuICAgICAgbmV3UGFzc0tleVxuICAgICk7XG5cbiAgICAvLyAtLVBvdGVudGlhbCBGYWlsdXJlIFBvaW50IDItLVxuICAgIC8vIGNoYW5nZVBhc3N3b3JkTXV0YXRpb24oKSB1cGxvYWRzIG5ldyBrZXlzIGFuZCBvYnRhaW5zIGEgc2VtYXBob3JlIGxvY2sgdG8gcHJldmVudCBhbnkgb3RoZXJcbiAgICAvLyBjbGllbnRzIGZyb20gcGVyZm9ybWluZyBJZFAgcGFzc3dvcmQgY2hhbmdlLlxuXG4gICAgLy8gTm93IHdlIGNhbiBkbyB0aGUgSWRQIHBhc3N3b3JkIGNoYW5nZS5cbiAgICAvLyB0b2RvOiBBZGQgdGhpcyBiYWNrIGluXG4gICAgYXdhaXQgdGhpcy5hdXRoLmNoYW5nZVBhc3N3b3JkKFxuICAgICAgY29nbml0b1VzZXIsXG4gICAgICB0aGlzLmdldFBhc3NJZHBTdHJpbmcocGFzc0lkcCksXG4gICAgICB0aGlzLmdldFBhc3NJZHBTdHJpbmcobmV3UGFzc0tleS5wYXNzSWRwKVxuICAgICk7XG5cbiAgICAvLyAtLVBvdGVudGlhbCBGYWlsdXJlIFBvaW50IDMtLVxuICAgIC8vIElkUCBwYXNzd29yZCBjaGFuZ2VcblxuICAgIC8vIE5vdGUgdGhhdCBjaGFuZ2VQYXNzd29yZCgpIGNvdWxkIHRocm93IGFuIGV4Y2VwdGlvbiBmb3IgYSBudW1iZXIgb2YgcmVhc29uLiBJdCBjb3VsZCB0aHJvd1xuICAgIC8vIGEgbmV0d29yayB0aW1lb3V0IGZvciBleGFtcGxlLiBCdXQgd2UgZG9uJ3Qga25vdyBpZiBpdCdzIHRoZSByZXNwb25zZSB0aGF0IHRpbWVkIG91dCBhbmRcbiAgICAvLyB0aGUgaWRwIHBhc3N3b3JkIGNoYW5nZSB3YXMgYWN0dWFsbHkgY2FycmllZCBvdXQuIFNvIHdlIGhhdmUgdG8gYmUgZXh0cmEgY29uc2VydmF0aXZlIGFuZFxuICAgIC8vIG9ubHkgYWN0IG9uIGEgY2xlYXIgc3VjY2Vzcy4gT3RoZXJ3aXNlIHdlIGdvIGludG8gcmVjb3ZlciBtb2RlLlxuICAgIGF3YWl0IHRoaXMuY2hhbmdlUGFzc3dvcmRDb21wbGV0ZShcbiAgICAgIGNvZ25pdG9Vc2VyLmdldFNpZ25JblVzZXJTZXNzaW9uKCkuZ2V0QWNjZXNzVG9rZW4oKS5nZXRKd3RUb2tlbigpLFxuICAgICAgdHJ1ZSxcbiAgICAgIHRva2VuXG4gICAgKTtcbiAgfVxuXG4gIHB1YmxpYyBhc3luYyBjaGFuZ2VQYXNzd29yZENvbXBsZXRlKFxuICAgIGFjY2Vzc1Rva2VuOiBzdHJpbmcsXG4gICAgdXNlTmV3UGFzc3dvcmQ6IGJvb2xlYW4sXG4gICAgdG9rZW46IHN0cmluZyA9IG51bGxcbiAgKTogUHJvbWlzZTxhbnk+IHtcbiAgICByZXR1cm4gdGhpcy5odHRwXG4gICAgICAucG9zdChcbiAgICAgICAgYCR7dGhpcy5jb25maWcuYXV0aFVybH11c2Vycy9wYXNzd29yZC1jaGFuZ2UtY29tcGxldGUvYCxcbiAgICAgICAge1xuICAgICAgICAgIHVzZV9uZXdfcGFzc3dvcmQ6IHVzZU5ld1Bhc3N3b3JkLFxuICAgICAgICAgIC4uLih0b2tlbiAmJiB7IHRva2VuIH0pLFxuICAgICAgICB9LFxuICAgICAgICB7XG4gICAgICAgICAgaGVhZGVyczoge1xuICAgICAgICAgICAgQXV0aG9yaXphdGlvbjogYEJlYXJlciAke2FjY2Vzc1Rva2VufWAsXG4gICAgICAgICAgfSxcbiAgICAgICAgfVxuICAgICAgKVxuICAgICAgLnRvUHJvbWlzZSgpO1xuICB9XG5cbiAgcHJpdmF0ZSBhc3luYyBnZXRWZXJpZmllclBySyhcbiAgICBwYXNzS2V5OiBKV0suS2V5LFxuICAgIHdyYXBwZWRQcks6IG9iamVjdFxuICApOiBQcm9taXNlPEpXSy5LZXk+IHtcbiAgICB0cnkge1xuICAgICAgY29uc3QgcHJrSnNvbiA9IGF3YWl0IHRoaXMuZW5jcnlwdGlvblNlcnZpY2UuZGVjcnlwdChwYXNzS2V5LCB3cmFwcGVkUHJLKTtcbiAgICAgIHJldHVybiBLRlMuYXNLZXkocHJrSnNvbik7XG4gICAgfSBjYXRjaCAoZXJyb3IpIHtcbiAgICAgIHRocm93IG5ldyBMckF1dGhFeGNlcHRpb24oJ1dyb25nIGN1cnJlbnQgcGFzc3dvcmQnKTtcbiAgICB9XG4gIH1cblxuICBwcml2YXRlIGFzeW5jIHZlcmlmeVBhc3N3b3JkKFxuICAgIHBhc3N3b3JkOiBzdHJpbmcsXG4gICAgY3VycmVudFVzZXI6IEFwaUN1cnJlbnRVc2VyXG4gICk6IFByb21pc2U8eyBwYXNzSWRwOiBKV0suS2V5OyBzaWduZWRDaGFsbGVuZ2U6IEpXUy5DcmVhdGVTaWduUmVzdWx0IH0+IHtcbiAgICAvLyBHZXQgaW5mb3JtYXRpb24gZnJvbSB0aGUgc2VydmVyIHRvIHByZXBhcmUgZm9yIHBhc3N3b3JkIGNoYW5nZS5cbiAgICBjb25zdCBwYXNzd29yZFJlcXVlc3QgPVxuICAgICAgYXdhaXQgdGhpcy5hcG9sbG8ubXV0YXRlPFBhc3N3b3JkQ2hhbmdlUmVxdWVzdE11dGF0aW9uPih7XG4gICAgICAgIG11dGF0aW9uOiBQYXNzd29yZENoYW5nZVJlcXVlc3RNdXRhdGlvbixcbiAgICAgICAgdmFyaWFibGVzOiB7fSxcbiAgICAgIH0pO1xuXG4gICAgLy8gR2V0IHRoZSBvbGQgcGFzc0tleSBzbyB3ZSBjYW4gZGVjcnlwdCB0aGUgb2xkIHBhc3N3b3JkIHZlcmlmaWVyXG4gICAgY29uc3QgcGFzc0tleVJlc3VsdCA9IGF3YWl0IHRoaXMua2V5RmFjdG9yeS5kZXJpdmVQYXNzS2V5KHtcbiAgICAgIHBhc3N3b3JkLFxuICAgICAgLi4uY3VycmVudFVzZXIuY3VycmVudFVzZXJLZXkucGFzc0tleS5wYXNzS2V5UGFyYW1zLFxuICAgIH0pO1xuXG4gICAgY29uc3QgdmVyaWZpZXJQcksgPSBhd2FpdCB0aGlzLmdldFZlcmlmaWVyUHJLKFxuICAgICAgcGFzc0tleVJlc3VsdC5qd2ssXG4gICAgICBjdXJyZW50VXNlci5jdXJyZW50VXNlcktleS5wYXNzS2V5LndyYXBwZWRQYXNzSWRwVmVyaWZpZXJQcmtcbiAgICApO1xuXG4gICAgLy8gU2lnbiB0aGUgc2VydmVyIGNoYWxsZW5nZSB0byBwcm92ZSB0byB0aGUgc2VydmVyIHdlIGNhbiBkZWNyeXB0IHRoZSBwYXNzd29yZCB2ZXJpZmllci5cbiAgICAvLyBHZW5lcmF0ZVxuICAgIGNvbnN0IGNsaWVudE5vbmNlID0gdGhpcy5rZXlGYWN0b3J5LnJhbmRvbVN0cmluZyh0aGlzLkNMSUVOVF9OT05DRV9MRU5HVEgpO1xuXG4gICAgY29uc3Qgc2lnbmVkQ2hhbGxlbmdlID0gYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5zaWduKHZlcmlmaWVyUHJLLCB7XG4gICAgICBzZXJ2ZXJOb25jZTogcGFzc3dvcmRSZXF1ZXN0LnBhc3N3b3JkQ2hhbmdlUmVxdWVzdC5jaGFsbGVuZ2Uuc2VydmVyTm9uY2UsXG4gICAgICBjbGllbnROb25jZSxcbiAgICB9KTtcblxuICAgIGNvbnN0IHBhc3NJZHBSZXN1bHQgPSBhd2FpdCB0aGlzLmtleUZhY3RvcnkuZGVyaXZlUGFzc0lkcCh7XG4gICAgICBwYXNzd29yZCxcbiAgICAgIC4uLmN1cnJlbnRVc2VyLmN1cnJlbnRVc2VyS2V5LnBhc3NLZXkucGFzc0lkcFBhcmFtcyxcbiAgICB9KTtcblxuICAgIHJldHVybiB7XG4gICAgICBwYXNzSWRwOiBwYXNzSWRwUmVzdWx0Lmp3ayxcbiAgICAgIHNpZ25lZENoYWxsZW5nZSxcbiAgICB9O1xuICB9XG5cbiAgcHJpdmF0ZSBhc3luYyBjaGFuZ2VQYXNzd29yZE11dGF0aW9uKFxuICAgIHNpZ25lZENoYWxsZW5nZTogSldTLkNyZWF0ZVNpZ25SZXN1bHQsXG4gICAgbWFzdGVyS2V5SWQ6IHN0cmluZyxcbiAgICBuZXdXcmFwcGVkTWFzdGVyS2V5OiBvYmplY3QsXG4gICAgcGFzc0tleUJ1bmRsZTogUGFzc0tleUJ1bmRsZVxuICApOiBQcm9taXNlPHsgdG9rZW46IHN0cmluZzsgbmV3UGFzc0tleUlkOiBzdHJpbmcgfT4ge1xuICAgIGNvbnN0IHJlc3BvbnNlID0gYXdhaXQgdGhpcy5hcG9sbG8ubXV0YXRlPFBhc3N3b3JkQ2hhbmdlTXV0YXRpb24+KHtcbiAgICAgIG11dGF0aW9uOiBQYXNzd29yZENoYW5nZU11dGF0aW9uLFxuICAgICAgdmFyaWFibGVzOiB7XG4gICAgICAgIGlucHV0OiB7XG4gICAgICAgICAgc2lnbmVkQ2hhbGxlbmdlOiBKU09OLnN0cmluZ2lmeShzaWduZWRDaGFsbGVuZ2UpLFxuICAgICAgICAgIG1hc3RlcktleUlkLFxuICAgICAgICAgIG5ld1dyYXBwZWRNYXN0ZXJLZXk6IEpTT04uc3RyaW5naWZ5KG5ld1dyYXBwZWRNYXN0ZXJLZXkpLFxuICAgICAgICAgIG5ld1Bhc3NLZXk6IHtcbiAgICAgICAgICAgIHBhc3NJZHBQYXJhbXM6IEpTT04uc3RyaW5naWZ5KHBhc3NLZXlCdW5kbGUucGFzc0lkcFBhcmFtcyksXG4gICAgICAgICAgICBwYXNzSWRwVmVyaWZpZXJQYms6IEpTT04uc3RyaW5naWZ5KFxuICAgICAgICAgICAgICBwYXNzS2V5QnVuZGxlLnBhc3NJZHBWZXJpZmllci50b0pTT04oKVxuICAgICAgICAgICAgKSxcbiAgICAgICAgICAgIHdyYXBwZWRQYXNzSWRwVmVyaWZpZXJQcms6IEpTT04uc3RyaW5naWZ5KFxuICAgICAgICAgICAgICBwYXNzS2V5QnVuZGxlLndyYXBwZWRQYXNzSWRwVmVyaWZpZXJQcmtcbiAgICAgICAgICAgICksXG4gICAgICAgICAgICBwYXNzS2V5UGFyYW1zOiBKU09OLnN0cmluZ2lmeShwYXNzS2V5QnVuZGxlLnBhc3NLZXlQYXJhbXMpLFxuICAgICAgICAgIH0sXG4gICAgICAgIH0sXG4gICAgICB9LFxuICAgIH0pO1xuICAgIHJldHVybiB7XG4gICAgICB0b2tlbjogcmVzcG9uc2UucGFzc3dvcmRDaGFuZ2UudG9rZW4sXG4gICAgICBuZXdQYXNzS2V5SWQ6IHJlc3BvbnNlLnBhc3N3b3JkQ2hhbmdlLm5ld1Bhc3NLZXkuaWQsXG4gICAgfTtcbiAgfVxuXG4gIGFzeW5jIGdldENoYW5nZVBhc3N3b3JkQ29uZmlnKCk6IFByb21pc2U8UGFzc3dvcmRDaGFuZ2VDb25maWc+IHtcbiAgICBjb25zdCByZXMgPSBhd2FpdCB0aGlzLmFwb2xsby5xdWVyeTxhbnk+KHtcbiAgICAgIHF1ZXJ5OiBQYXNzd29yZENoYW5nZUNvbmZpZ1F1ZXJ5LFxuICAgIH0pO1xuXG4gICAgY29uc3QgcmV0ID0gcmVzLnBhc3N3b3JkQ2hhbmdlQ29uZmlnIGFzIFBhc3N3b3JkQ2hhbmdlQ29uZmlnO1xuXG4gICAgcmV0LmF1dGhUaW1lID0gbmV3IERhdGUocmV0LmF1dGhUaW1lKTtcbiAgICByZXQuc2VydmVyVGltZSA9IG5ldyBEYXRlKHJldC5zZXJ2ZXJUaW1lKTtcbiAgICByZXR1cm4gcmV0O1xuICB9XG5cbiAgcHVibGljIHBhc3N3b3JkU3RyZW5ndGgocGFzc3dvcmQpOiB7IHllYXJzOiBudW1iZXI7IGJpdHM6IG51bWJlciB9IHtcbiAgICBjb25zdCB1cHBlciA9IC9bQS1aXS9nO1xuICAgIGNvbnN0IGxvd2VyID0gL1thLXpdL2c7XG4gICAgY29uc3QgZGlnaXQgPSAvWzAtOV0vZztcblxuICAgIGNvbnN0IHVwcGVyQ2hvaWNlcyA9IDI2O1xuICAgIGNvbnN0IGxvd2VyQ2hvaWNlcyA9IDI2O1xuICAgIGNvbnN0IGRpZ2l0Q2hvaWNlcyA9IDEwO1xuICAgIGNvbnN0IHNwZWNpYWxDaG9pY2VzID0gMzA7IC8vIC9bIVwiIyQlJicoKSorLC0uLzo7PD0+P0BbXFxdXl9ge3x9fl0vZ1xuXG4gICAgZnVuY3Rpb24gaW5zdGFuY2VDb3VudChzdHIsIHJlKSB7XG4gICAgICByZXR1cm4gKChzdHIgfHwgJycpLm1hdGNoKHJlKSB8fCBbXSkubGVuZ3RoO1xuICAgIH1cblxuICAgIGNvbnN0IHVwcGVycyA9IGluc3RhbmNlQ291bnQocGFzc3dvcmQsIHVwcGVyKTtcbiAgICBjb25zdCBsb3dlcnMgPSBpbnN0YW5jZUNvdW50KHBhc3N3b3JkLCBsb3dlcik7XG4gICAgY29uc3QgZGlnaXRzID0gaW5zdGFuY2VDb3VudChwYXNzd29yZCwgZGlnaXQpO1xuICAgIGNvbnN0IHNwZWNpYWxzID0gcGFzc3dvcmQubGVuZ3RoIC0gdXBwZXJzIC0gbG93ZXJzIC0gZGlnaXRzO1xuXG4gICAgbGV0IGNob2ljZXMgPSAwO1xuICAgIGlmICh1cHBlcnMpIHtcbiAgICAgIGNob2ljZXMgKz0gdXBwZXJDaG9pY2VzO1xuICAgIH1cbiAgICBpZiAobG93ZXJzKSB7XG4gICAgICBjaG9pY2VzICs9IGxvd2VyQ2hvaWNlcztcbiAgICB9XG4gICAgaWYgKGRpZ2l0cykge1xuICAgICAgY2hvaWNlcyArPSBkaWdpdENob2ljZXM7XG4gICAgfVxuICAgIGlmIChzcGVjaWFscykge1xuICAgICAgY2hvaWNlcyArPSBzcGVjaWFsQ2hvaWNlcztcbiAgICB9XG5cbiAgICBpZiAocGFzc3dvcmQubGVuZ3RoID09PSAwKSB7XG4gICAgICByZXR1cm4ge1xuICAgICAgICB5ZWFyczogMCxcbiAgICAgICAgLy8gYml0cyBvZiBlbnRyb3B5XG4gICAgICAgIGJpdHM6IDAsXG4gICAgICB9O1xuICAgIH1cblxuICAgIGNvbnN0IHBlcm11dGF0aW9ucyA9IE1hdGgucG93KGNob2ljZXMsIHBhc3N3b3JkLmxlbmd0aCk7XG5cbiAgICBjb25zdCB5ZWFycyA9XG4gICAgICAoNTQwMDAgKiBwZXJtdXRhdGlvbnMpIC9cbiAgICAgIE1hdGgucG93KHVwcGVyQ2hvaWNlcyArIGxvd2VyQ2hvaWNlcyArIGRpZ2l0Q2hvaWNlcywgMTIpO1xuICAgIHJldHVybiB7XG4gICAgICB5ZWFycyxcbiAgICAgIC8vIGJpdHMgb2YgZW50cm9weVxuICAgICAgYml0czogTWF0aC5yb3VuZChNYXRoLmxvZzIocGVybXV0YXRpb25zKSksXG4gICAgfTtcbiAgfVxufVxuIl19

package/esm2015/lib/auth/register.service.js

@@ -1,172 +0,0 @@
-import { __awaiter } from "tslib";
-import { HttpClient } from '@angular/common/http';
-import { Inject, Injectable } from '@angular/core';
-import { AuthClass } from '@aws-amplify/auth/lib-esm/Auth';
-import { EncryptionService } from '../cryptography/encryption.service';
-import { KeyFactoryService } from '../cryptography/key-factory.service';
-import { LR_CONFIG } from '../life-ready.config';
-import { PasswordService } from './password.service';
-import * as i0 from "@angular/core";
-import * as i1 from "../life-ready.config";
-import * as i2 from "@aws-amplify/auth/lib-esm/Auth";
-import * as i3 from "@angular/common/http";
-import * as i4 from "../cryptography/key-factory.service";
-import * as i5 from "../cryptography/encryption.service";
-import * as i6 from "./password.service";
-export class RegisterService {
-    constructor(config, auth, http, keyFactory, encryptionService, passwordService) {
-        this.config = config;
-        this.auth = auth;
-        this.http = http;
-        this.keyFactory = keyFactory;
-        this.encryptionService = encryptionService;
-        this.passwordService = passwordService;
-    }
-    /**
-     * Request a verification code to be sent out to an email.
-     * @return Info needed to be submitted along with the verification code
-     */
-    verifyEmail(email) {
-        return __awaiter(this, void 0, void 0, function* () {
-            const { claim_id } = yield this.http
-                .post(`${this.config.authUrl}cove/claim/email/`, {
-                address: email,
-                context: 'signup',
-            })
-                .toPromise();
-            return claim_id;
-        });
-    }
-    verifyPhone(phoneNumber) {
-        return __awaiter(this, void 0, void 0, function* () {
-            const { claim_id } = yield this.http
-                .post(`${this.config.authUrl}cove/claim/sms/`, {
-                address: phoneNumber,
-                context: 'signup',
-            })
-                .toPromise();
-            return claim_id;
-        });
-    }
-    confirmVerificationCode(verificationId, verificationCode) {
-        return __awaiter(this, void 0, void 0, function* () {
-            const { token } = yield this.http
-                .post(`${this.config.authUrl}cove/respond/`, {
-                claim_id: verificationId,
-                v_code: verificationCode,
-            })
-                .toPromise();
-            return token;
-        });
-    }
-    register(email, password, verificationId, verificationToken, verificationType = 'email') {
-        return __awaiter(this, void 0, void 0, function* () {
-            // Generate the key material needed for PassIdp which will be the password used for Cognito.
-            const passKeyBundle = yield this.passwordService.createPassKeyBundle(password);
-            const masterKey = yield this.keyFactory.createKey();
-            const wrappedMasterKey = yield this.encryptionService.encrypt(passKeyBundle.passKey, masterKey.toJSON(true));
-            const rootKey = yield this.keyFactory.createKey();
-            const wrappedRootKey = yield this.encryptionService.encrypt(masterKey, rootKey.toJSON(true));
-            // Encryption PKC key
-            const prk = yield this.keyFactory.createPkcKey();
-            const wrappedPrk = yield this.encryptionService.encrypt(rootKey, prk.toJSON(true));
-            // Signing PKC key
-            const sigPrk = yield this.keyFactory.createPkcSignKey();
-            const wrappedSigPrk = yield this.encryptionService.encrypt(rootKey, sigPrk.toJSON(true));
-            // API call to setup profile
-            const user = yield this.http
-                .post(`${this.config.authUrl}users/`, {
-                claims: [
-                    {
-                        type: verificationType,
-                        token: verificationToken,
-                        claim_id: verificationId,
-                    },
-                ],
-                pass_idp_params: passKeyBundle.passIdpParams,
-                pass_idp_verifier_pbk: passKeyBundle.passIdpVerifier.toJSON(),
-                wrapped_pass_idp_verifier_prk: passKeyBundle.wrappedPassIdpVerifierPrk,
-                pass_key_params: passKeyBundle.passKeyParams,
-                wrapped_master_key: wrappedMasterKey,
-                wrapped_root_key: wrappedRootKey,
-                pbk: prk.toJSON(),
-                wrapped_prk: wrappedPrk,
-                sig_pbk: sigPrk.toJSON(),
-                wrapped_sig_prk: wrappedSigPrk,
-            })
-                .toPromise();
-            // API call to create user on cognito
-            const attributes = {};
-            user.claims.forEach((claim) => {
-                attributes[claim.type] = claim.value;
-            });
-            // Random suffix for uniqueness. If there's a duplicate, then used just needs to
-            // sign up again. But chances of collision is low.
-            const suffix = this.keyFactory.randomDigitsNoZeros(4);
-            const cognitoUser = yield this.auth.signUp({
-                username: `${email.split('@')[0]}.${suffix}`,
-                password: this.passwordService.getPassIdpString(passKeyBundle.passIdp),
-                attributes,
-                // Unfortunately, validationData is not passed to the post
-                // confirmation cognito trigger. So can can't do the association there.
-                // The current workflow will create a new user on LR before signing up
-                // with Cognito. Then Cognito can use the user.id and user.pre_sign_up_token to
-                // do the validation of the attributes.
-                // validationData: [
-                //   new CognitoUserAttribute({
-                //     Name: "user_id",
-                //     Value: String(user.id)
-                //   }),
-                //   new CognitoUserAttribute({
-                //     Name: "user_pre_sign_up_token",
-                //     Value: user.pre_sign_up_token
-                //   })
-                // ]
-                clientMetadata: {
-                    user_id: String(user.id),
-                    user_pre_sign_up_token: String(user.pre_sign_up_token),
-                },
-            });
-            return {
-                username: cognitoUser.user.getUsername(),
-                userId: user.id,
-                preSignUpToken: user.pre_sign_up_token,
-                userSub: cognitoUser.userSub,
-            };
-        });
-    }
-    hibpBreachedAccounts(account) {
-        return __awaiter(this, void 0, void 0, function* () {
-            // The account is just the email
-            try {
-                const response = yield this.http
-                    .get(`${this.config.authUrl}users/hibp/breachedaccount/${account}/?truncateResponse=false`)
-                    .toPromise();
-                return response;
-            }
-            catch (error) {
-                if (error.status === 404) {
-                    return null;
-                }
-                else {
-                    throw error;
-                }
-            }
-        });
-    }
-}
-RegisterService.ɵprov = i0.ɵɵdefineInjectable({ factory: function RegisterService_Factory() { return new RegisterService(i0.ɵɵinject(i1.LR_CONFIG), i0.ɵɵinject(i2.AuthClass), i0.ɵɵinject(i3.HttpClient), i0.ɵɵinject(i4.KeyFactoryService), i0.ɵɵinject(i5.EncryptionService), i0.ɵɵinject(i6.PasswordService)); }, token: RegisterService, providedIn: "root" });
-RegisterService.decorators = [
-    { type: Injectable, args: [{
-                providedIn: 'root',
-            },] }
-];
-RegisterService.ctorParameters = () => [
-    { type: undefined, decorators: [{ type: Inject, args: [LR_CONFIG,] }] },
-    { type: AuthClass },
-    { type: HttpClient },
-    { type: KeyFactoryService },
-    { type: EncryptionService },
-    { type: PasswordService }
-];
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicmVnaXN0ZXIuc2VydmljZS5qcyIsInNvdXJjZVJvb3QiOiIvb3B0L2F0bGFzc2lhbi9waXBlbGluZXMvYWdlbnQvYnVpbGQvcHJvamVjdHMvY29yZS9zcmMvIiwic291cmNlcyI6WyJsaWIvYXV0aC9yZWdpc3Rlci5zZXJ2aWNlLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7QUFBQSxPQUFPLEVBQUUsVUFBVSxFQUFFLE1BQU0sc0JBQXNCLENBQUM7QUFDbEQsT0FBTyxFQUFFLE1BQU0sRUFBRSxVQUFVLEVBQUUsTUFBTSxlQUFlLENBQUM7QUFDbkQsT0FBTyxFQUFFLFNBQVMsRUFBRSxNQUFNLGdDQUFnQyxDQUFDO0FBQzNELE9BQU8sRUFBRSxpQkFBaUIsRUFBRSxNQUFNLG9DQUFvQyxDQUFDO0FBQ3ZFLE9BQU8sRUFBRSxpQkFBaUIsRUFBRSxNQUFNLHFDQUFxQyxDQUFDO0FBQ3hFLE9BQU8sRUFBbUIsU0FBUyxFQUFFLE1BQU0sc0JBQXNCLENBQUM7QUFDbEUsT0FBTyxFQUFFLGVBQWUsRUFBRSxNQUFNLG9CQUFvQixDQUFDOzs7Ozs7OztBQU1yRCxNQUFNLE9BQU8sZUFBZTtJQUMxQixZQUM2QixNQUF1QixFQUMxQyxJQUFlLEVBQ2YsSUFBZ0IsRUFDaEIsVUFBNkIsRUFDN0IsaUJBQW9DLEVBQ3BDLGVBQWdDO1FBTGIsV0FBTSxHQUFOLE1BQU0sQ0FBaUI7UUFDMUMsU0FBSSxHQUFKLElBQUksQ0FBVztRQUNmLFNBQUksR0FBSixJQUFJLENBQVk7UUFDaEIsZUFBVSxHQUFWLFVBQVUsQ0FBbUI7UUFDN0Isc0JBQWlCLEdBQWpCLGlCQUFpQixDQUFtQjtRQUNwQyxvQkFBZSxHQUFmLGVBQWUsQ0FBaUI7SUFDdkMsQ0FBQztJQUVKOzs7T0FHRztJQUNVLFdBQVcsQ0FBQyxLQUFhOztZQUNwQyxNQUFNLEVBQUUsUUFBUSxFQUFFLEdBQUcsTUFBTSxJQUFJLENBQUMsSUFBSTtpQkFDakMsSUFBSSxDQUFlLEdBQUcsSUFBSSxDQUFDLE1BQU0sQ0FBQyxPQUFPLG1CQUFtQixFQUFFO2dCQUM3RCxPQUFPLEVBQUUsS0FBSztnQkFDZCxPQUFPLEVBQUUsUUFBUTthQUNsQixDQUFDO2lCQUNELFNBQVMsRUFBRSxDQUFDO1lBQ2YsT0FBTyxRQUFRLENBQUM7UUFDbEIsQ0FBQztLQUFBO0lBRVksV0FBVyxDQUFDLFdBQW1COztZQUMxQyxNQUFNLEVBQUUsUUFBUSxFQUFFLEdBQUcsTUFBTSxJQUFJLENBQUMsSUFBSTtpQkFDakMsSUFBSSxDQUFlLEdBQUcsSUFBSSxDQUFDLE1BQU0sQ0FBQyxPQUFPLGlCQUFpQixFQUFFO2dCQUMzRCxPQUFPLEVBQUUsV0FBVztnQkFDcEIsT0FBTyxFQUFFLFFBQVE7YUFDbEIsQ0FBQztpQkFDRCxTQUFTLEVBQUUsQ0FBQztZQUNmLE9BQU8sUUFBUSxDQUFDO1FBQ2xCLENBQUM7S0FBQTtJQUVZLHVCQUF1QixDQUNsQyxjQUFzQixFQUN0QixnQkFBd0I7O1lBRXhCLE1BQU0sRUFBRSxLQUFLLEVBQUUsR0FBRyxNQUFNLElBQUksQ0FBQyxJQUFJO2lCQUM5QixJQUFJLENBQVksR0FBRyxJQUFJLENBQUMsTUFBTSxDQUFDLE9BQU8sZUFBZSxFQUFFO2dCQUN0RCxRQUFRLEVBQUUsY0FBYztnQkFDeEIsTUFBTSxFQUFFLGdCQUFnQjthQUN6QixDQUFDO2lCQUNELFNBQVMsRUFBRSxDQUFDO1lBQ2YsT0FBTyxLQUFLLENBQUM7UUFDZixDQUFDO0tBQUE7SUFFWSxRQUFRLENBQ25CLEtBQWEsRUFDYixRQUFnQixFQUNoQixjQUFzQixFQUN0QixpQkFBeUIsRUFDekIsbUJBQXNDLE9BQU87O1lBRTdDLDRGQUE0RjtZQUM1RixNQUFNLGFBQWEsR0FBRyxNQUFNLElBQUksQ0FBQyxlQUFlLENBQUMsbUJBQW1CLENBQ2xFLFFBQVEsQ0FDVCxDQUFDO1lBRUYsTUFBTSxTQUFTLEdBQUcsTUFBTSxJQUFJLENBQUMsVUFBVSxDQUFDLFNBQVMsRUFBRSxDQUFDO1lBQ3BELE1BQU0sZ0JBQWdCLEdBQUcsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsT0FBTyxDQUMzRCxhQUFhLENBQUMsT0FBTyxFQUNyQixTQUFTLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxDQUN2QixDQUFDO1lBRUYsTUFBTSxPQUFPLEdBQUcsTUFBTSxJQUFJLENBQUMsVUFBVSxDQUFDLFNBQVMsRUFBRSxDQUFDO1lBQ2xELE1BQU0sY0FBYyxHQUFHLE1BQU0sSUFBSSxDQUFDLGlCQUFpQixDQUFDLE9BQU8sQ0FDekQsU0FBUyxFQUNULE9BQU8sQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFDLENBQ3JCLENBQUM7WUFFRixxQkFBcUI7WUFDckIsTUFBTSxHQUFHLEdBQUcsTUFBTSxJQUFJLENBQUMsVUFBVSxDQUFDLFlBQVksRUFBRSxDQUFDO1lBQ2pELE1BQU0sVUFBVSxHQUFHLE1BQU0sSUFBSSxDQUFDLGlCQUFpQixDQUFDLE9BQU8sQ0FDckQsT0FBTyxFQUNQLEdBQUcsQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFDLENBQ2pCLENBQUM7WUFFRixrQkFBa0I7WUFDbEIsTUFBTSxNQUFNLEdBQUcsTUFBTSxJQUFJLENBQUMsVUFBVSxDQUFDLGdCQUFnQixFQUFFLENBQUM7WUFDeEQsTUFBTSxhQUFhLEdBQUcsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsT0FBTyxDQUN4RCxPQUFPLEVBQ1AsTUFBTSxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsQ0FDcEIsQ0FBQztZQUVGLDRCQUE0QjtZQUM1QixNQUFNLElBQUksR0FBRyxNQUFNLElBQUksQ0FBQyxJQUFJO2lCQUN6QixJQUFJLENBQU0sR0FBRyxJQUFJLENBQUMsTUFBTSxDQUFDLE9BQU8sUUFBUSxFQUFFO2dCQUN6QyxNQUFNLEVBQUU7b0JBQ047d0JBQ0UsSUFBSSxFQUFFLGdCQUFnQjt3QkFDdEIsS0FBSyxFQUFFLGlCQUFpQjt3QkFDeEIsUUFBUSxFQUFFLGNBQWM7cUJBQ3pCO2lCQUNGO2dCQUNELGVBQWUsRUFBRSxhQUFhLENBQUMsYUFBYTtnQkFDNUMscUJBQXFCLEVBQUUsYUFBYSxDQUFDLGVBQWUsQ0FBQyxNQUFNLEVBQUU7Z0JBQzdELDZCQUE2QixFQUFFLGFBQWEsQ0FBQyx5QkFBeUI7Z0JBQ3RFLGVBQWUsRUFBRSxhQUFhLENBQUMsYUFBYTtnQkFDNUMsa0JBQWtCLEVBQUUsZ0JBQWdCO2dCQUNwQyxnQkFBZ0IsRUFBRSxjQUFjO2dCQUNoQyxHQUFHLEVBQUUsR0FBRyxDQUFDLE1BQU0sRUFBRTtnQkFDakIsV0FBVyxFQUFFLFVBQVU7Z0JBQ3ZCLE9BQU8sRUFBRSxNQUFNLENBQUMsTUFBTSxFQUFFO2dCQUN4QixlQUFlLEVBQUUsYUFBYTthQUMvQixDQUFDO2lCQUNELFNBQVMsRUFBRSxDQUFDO1lBRWYscUNBQXFDO1lBQ3JDLE1BQU0sVUFBVSxHQUFHLEVBQUUsQ0FBQztZQUN0QixJQUFJLENBQUMsTUFBTSxDQUFDLE9BQU8sQ0FBQyxDQUFDLEtBQUssRUFBRSxFQUFFO2dCQUM1QixVQUFVLENBQUMsS0FBSyxDQUFDLElBQUksQ0FBQyxHQUFHLEtBQUssQ0FBQyxLQUFLLENBQUM7WUFDdkMsQ0FBQyxDQUFDLENBQUM7WUFFSCxnRkFBZ0Y7WUFDaEYsa0RBQWtEO1lBQ2xELE1BQU0sTUFBTSxHQUFHLElBQUksQ0FBQyxVQUFVLENBQUMsbUJBQW1CLENBQUMsQ0FBQyxDQUFDLENBQUM7WUFFdEQsTUFBTSxXQUFXLEdBQUcsTUFBTSxJQUFJLENBQUMsSUFBSSxDQUFDLE1BQU0sQ0FBQztnQkFDekMsUUFBUSxFQUFFLEdBQUcsS0FBSyxDQUFDLEtBQUssQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDLENBQUMsSUFBSSxNQUFNLEVBQUU7Z0JBQzVDLFFBQVEsRUFBRSxJQUFJLENBQUMsZUFBZSxDQUFDLGdCQUFnQixDQUFDLGFBQWEsQ0FBQyxPQUFPLENBQUM7Z0JBQ3RFLFVBQVU7Z0JBQ1YsMERBQTBEO2dCQUMxRCx1RUFBdUU7Z0JBQ3ZFLHNFQUFzRTtnQkFDdEUsK0VBQStFO2dCQUMvRSx1Q0FBdUM7Z0JBQ3ZDLG9CQUFvQjtnQkFDcEIsK0JBQStCO2dCQUMvQix1QkFBdUI7Z0JBQ3ZCLDZCQUE2QjtnQkFDN0IsUUFBUTtnQkFDUiwrQkFBK0I7Z0JBQy9CLHNDQUFzQztnQkFDdEMsb0NBQW9DO2dCQUNwQyxPQUFPO2dCQUNQLElBQUk7Z0JBQ0osY0FBYyxFQUFFO29CQUNkLE9BQU8sRUFBRSxNQUFNLENBQUMsSUFBSSxDQUFDLEVBQUUsQ0FBQztvQkFDeEIsc0JBQXNCLEVBQUUsTUFBTSxDQUFDLElBQUksQ0FBQyxpQkFBaUIsQ0FBQztpQkFDdkQ7YUFDRixDQUFDLENBQUM7WUFFSCxPQUFPO2dCQUNMLFFBQVEsRUFBRSxXQUFXLENBQUMsSUFBSSxDQUFDLFdBQVcsRUFBRTtnQkFDeEMsTUFBTSxFQUFFLElBQUksQ0FBQyxFQUFFO2dCQUNmLGNBQWMsRUFBRSxJQUFJLENBQUMsaUJBQWlCO2dCQUN0QyxPQUFPLEVBQUUsV0FBVyxDQUFDLE9BQU87YUFDN0IsQ0FBQztRQUNKLENBQUM7S0FBQTtJQUVZLG9CQUFvQixDQUFDLE9BQWU7O1lBQy9DLGdDQUFnQztZQUNoQyxJQUFJO2dCQUNGLE1BQU0sUUFBUSxHQUFHLE1BQU0sSUFBSSxDQUFDLElBQUk7cUJBQzdCLEdBQUcsQ0FDRixHQUFHLElBQUksQ0FBQyxNQUFNLENBQUMsT0FBTyw4QkFBOEIsT0FBTywwQkFBMEIsQ0FDdEY7cUJBQ0EsU0FBUyxFQUFFLENBQUM7Z0JBQ2YsT0FBTyxRQUFRLENBQUM7YUFDakI7WUFBQyxPQUFPLEtBQUssRUFBRTtnQkFDZCxJQUFJLEtBQUssQ0FBQyxNQUFNLEtBQUssR0FBRyxFQUFFO29CQUN4QixPQUFPLElBQUksQ0FBQztpQkFDYjtxQkFBTTtvQkFDTCxNQUFNLEtBQUssQ0FBQztpQkFDYjthQUNGO1FBQ0gsQ0FBQztLQUFBOzs7O1lBMUtGLFVBQVUsU0FBQztnQkFDVixVQUFVLEVBQUUsTUFBTTthQUNuQjs7OzRDQUdJLE1BQU0sU0FBQyxTQUFTO1lBWlosU0FBUztZQUZULFVBQVU7WUFJVixpQkFBaUI7WUFEakIsaUJBQWlCO1lBR2pCLGVBQWUiLCJzb3VyY2VzQ29udGVudCI6WyJpbXBvcnQgeyBIdHRwQ2xpZW50IH0gZnJvbSAnQGFuZ3VsYXIvY29tbW9uL2h0dHAnO1xuaW1wb3J0IHsgSW5qZWN0LCBJbmplY3RhYmxlIH0gZnJvbSAnQGFuZ3VsYXIvY29yZSc7XG5pbXBvcnQgeyBBdXRoQ2xhc3MgfSBmcm9tICdAYXdzLWFtcGxpZnkvYXV0aC9saWItZXNtL0F1dGgnO1xuaW1wb3J0IHsgRW5jcnlwdGlvblNlcnZpY2UgfSBmcm9tICcuLi9jcnlwdG9ncmFwaHkvZW5jcnlwdGlvbi5zZXJ2aWNlJztcbmltcG9ydCB7IEtleUZhY3RvcnlTZXJ2aWNlIH0gZnJvbSAnLi4vY3J5cHRvZ3JhcGh5L2tleS1mYWN0b3J5LnNlcnZpY2UnO1xuaW1wb3J0IHsgTGlmZVJlYWR5Q29uZmlnLCBMUl9DT05GSUcgfSBmcm9tICcuLi9saWZlLXJlYWR5LmNvbmZpZyc7XG5pbXBvcnQgeyBQYXNzd29yZFNlcnZpY2UgfSBmcm9tICcuL3Bhc3N3b3JkLnNlcnZpY2UnO1xuaW1wb3J0IHsgUmVnaXN0ZXJSZXN1bHQgfSBmcm9tICcuL2F1dGgudHlwZXMnO1xuXG5ASW5qZWN0YWJsZSh7XG4gIHByb3ZpZGVkSW46ICdyb290Jyxcbn0pXG5leHBvcnQgY2xhc3MgUmVnaXN0ZXJTZXJ2aWNlIHtcbiAgY29uc3RydWN0b3IoXG4gICAgQEluamVjdChMUl9DT05GSUcpIHByaXZhdGUgY29uZmlnOiBMaWZlUmVhZHlDb25maWcsXG4gICAgcHJpdmF0ZSBhdXRoOiBBdXRoQ2xhc3MsXG4gICAgcHJpdmF0ZSBodHRwOiBIdHRwQ2xpZW50LFxuICAgIHByaXZhdGUga2V5RmFjdG9yeTogS2V5RmFjdG9yeVNlcnZpY2UsXG4gICAgcHJpdmF0ZSBlbmNyeXB0aW9uU2VydmljZTogRW5jcnlwdGlvblNlcnZpY2UsXG4gICAgcHJpdmF0ZSBwYXNzd29yZFNlcnZpY2U6IFBhc3N3b3JkU2VydmljZVxuICApIHt9XG5cbiAgLyoqXG4gICAqIFJlcXVlc3QgYSB2ZXJpZmljYXRpb24gY29kZSB0byBiZSBzZW50IG91dCB0byBhbiBlbWFpbC5cbiAgICogQHJldHVybiBJbmZvIG5lZWRlZCB0byBiZSBzdWJtaXR0ZWQgYWxvbmcgd2l0aCB0aGUgdmVyaWZpY2F0aW9uIGNvZGVcbiAgICovXG4gIHB1YmxpYyBhc3luYyB2ZXJpZnlFbWFpbChlbWFpbDogc3RyaW5nKTogUHJvbWlzZTxzdHJpbmc+IHtcbiAgICBjb25zdCB7IGNsYWltX2lkIH0gPSBhd2FpdCB0aGlzLmh0dHBcbiAgICAgIC5wb3N0PHsgY2xhaW1faWQgfT4oYCR7dGhpcy5jb25maWcuYXV0aFVybH1jb3ZlL2NsYWltL2VtYWlsL2AsIHtcbiAgICAgICAgYWRkcmVzczogZW1haWwsXG4gICAgICAgIGNvbnRleHQ6ICdzaWdudXAnLFxuICAgICAgfSlcbiAgICAgIC50b1Byb21pc2UoKTtcbiAgICByZXR1cm4gY2xhaW1faWQ7XG4gIH1cblxuICBwdWJsaWMgYXN5bmMgdmVyaWZ5UGhvbmUocGhvbmVOdW1iZXI6IHN0cmluZyk6IFByb21pc2U8c3RyaW5nPiB7XG4gICAgY29uc3QgeyBjbGFpbV9pZCB9ID0gYXdhaXQgdGhpcy5odHRwXG4gICAgICAucG9zdDx7IGNsYWltX2lkIH0+KGAke3RoaXMuY29uZmlnLmF1dGhVcmx9Y292ZS9jbGFpbS9zbXMvYCwge1xuICAgICAgICBhZGRyZXNzOiBwaG9uZU51bWJlcixcbiAgICAgICAgY29udGV4dDogJ3NpZ251cCcsXG4gICAgICB9KVxuICAgICAgLnRvUHJvbWlzZSgpO1xuICAgIHJldHVybiBjbGFpbV9pZDtcbiAgfVxuXG4gIHB1YmxpYyBhc3luYyBjb25maXJtVmVyaWZpY2F0aW9uQ29kZShcbiAgICB2ZXJpZmljYXRpb25JZDogc3RyaW5nLFxuICAgIHZlcmlmaWNhdGlvbkNvZGU6IHN0cmluZ1xuICApOiBQcm9taXNlPHN0cmluZz4ge1xuICAgIGNvbnN0IHsgdG9rZW4gfSA9IGF3YWl0IHRoaXMuaHR0cFxuICAgICAgLnBvc3Q8eyB0b2tlbiB9PihgJHt0aGlzLmNvbmZpZy5hdXRoVXJsfWNvdmUvcmVzcG9uZC9gLCB7XG4gICAgICAgIGNsYWltX2lkOiB2ZXJpZmljYXRpb25JZCxcbiAgICAgICAgdl9jb2RlOiB2ZXJpZmljYXRpb25Db2RlLFxuICAgICAgfSlcbiAgICAgIC50b1Byb21pc2UoKTtcbiAgICByZXR1cm4gdG9rZW47XG4gIH1cblxuICBwdWJsaWMgYXN5bmMgcmVnaXN0ZXIoXG4gICAgZW1haWw6IHN0cmluZyxcbiAgICBwYXNzd29yZDogc3RyaW5nLFxuICAgIHZlcmlmaWNhdGlvbklkOiBzdHJpbmcsXG4gICAgdmVyaWZpY2F0aW9uVG9rZW46IHN0cmluZyxcbiAgICB2ZXJpZmljYXRpb25UeXBlOiAnZW1haWwnIHwgJ3Bob25lJyA9ICdlbWFpbCdcbiAgKTogUHJvbWlzZTxSZWdpc3RlclJlc3VsdD4ge1xuICAgIC8vIEdlbmVyYXRlIHRoZSBrZXkgbWF0ZXJpYWwgbmVlZGVkIGZvciBQYXNzSWRwIHdoaWNoIHdpbGwgYmUgdGhlIHBhc3N3b3JkIHVzZWQgZm9yIENvZ25pdG8uXG4gICAgY29uc3QgcGFzc0tleUJ1bmRsZSA9IGF3YWl0IHRoaXMucGFzc3dvcmRTZXJ2aWNlLmNyZWF0ZVBhc3NLZXlCdW5kbGUoXG4gICAgICBwYXNzd29yZFxuICAgICk7XG5cbiAgICBjb25zdCBtYXN0ZXJLZXkgPSBhd2FpdCB0aGlzLmtleUZhY3RvcnkuY3JlYXRlS2V5KCk7XG4gICAgY29uc3Qgd3JhcHBlZE1hc3RlcktleSA9IGF3YWl0IHRoaXMuZW5jcnlwdGlvblNlcnZpY2UuZW5jcnlwdChcbiAgICAgIHBhc3NLZXlCdW5kbGUucGFzc0tleSxcbiAgICAgIG1hc3RlcktleS50b0pTT04odHJ1ZSlcbiAgICApO1xuXG4gICAgY29uc3Qgcm9vdEtleSA9IGF3YWl0IHRoaXMua2V5RmFjdG9yeS5jcmVhdGVLZXkoKTtcbiAgICBjb25zdCB3cmFwcGVkUm9vdEtleSA9IGF3YWl0IHRoaXMuZW5jcnlwdGlvblNlcnZpY2UuZW5jcnlwdChcbiAgICAgIG1hc3RlcktleSxcbiAgICAgIHJvb3RLZXkudG9KU09OKHRydWUpXG4gICAgKTtcblxuICAgIC8vIEVuY3J5cHRpb24gUEtDIGtleVxuICAgIGNvbnN0IHByayA9IGF3YWl0IHRoaXMua2V5RmFjdG9yeS5jcmVhdGVQa2NLZXkoKTtcbiAgICBjb25zdCB3cmFwcGVkUHJrID0gYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5lbmNyeXB0KFxuICAgICAgcm9vdEtleSxcbiAgICAgIHByay50b0pTT04odHJ1ZSlcbiAgICApO1xuXG4gICAgLy8gU2lnbmluZyBQS0Mga2V5XG4gICAgY29uc3Qgc2lnUHJrID0gYXdhaXQgdGhpcy5rZXlGYWN0b3J5LmNyZWF0ZVBrY1NpZ25LZXkoKTtcbiAgICBjb25zdCB3cmFwcGVkU2lnUHJrID0gYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5lbmNyeXB0KFxuICAgICAgcm9vdEtleSxcbiAgICAgIHNpZ1Byay50b0pTT04odHJ1ZSlcbiAgICApO1xuXG4gICAgLy8gQVBJIGNhbGwgdG8gc2V0dXAgcHJvZmlsZVxuICAgIGNvbnN0IHVzZXIgPSBhd2FpdCB0aGlzLmh0dHBcbiAgICAgIC5wb3N0PGFueT4oYCR7dGhpcy5jb25maWcuYXV0aFVybH11c2Vycy9gLCB7XG4gICAgICAgIGNsYWltczogW1xuICAgICAgICAgIHtcbiAgICAgICAgICAgIHR5cGU6IHZlcmlmaWNhdGlvblR5cGUsXG4gICAgICAgICAgICB0b2tlbjogdmVyaWZpY2F0aW9uVG9rZW4sXG4gICAgICAgICAgICBjbGFpbV9pZDogdmVyaWZpY2F0aW9uSWQsXG4gICAgICAgICAgfSxcbiAgICAgICAgXSxcbiAgICAgICAgcGFzc19pZHBfcGFyYW1zOiBwYXNzS2V5QnVuZGxlLnBhc3NJZHBQYXJhbXMsXG4gICAgICAgIHBhc3NfaWRwX3ZlcmlmaWVyX3BiazogcGFzc0tleUJ1bmRsZS5wYXNzSWRwVmVyaWZpZXIudG9KU09OKCksXG4gICAgICAgIHdyYXBwZWRfcGFzc19pZHBfdmVyaWZpZXJfcHJrOiBwYXNzS2V5QnVuZGxlLndyYXBwZWRQYXNzSWRwVmVyaWZpZXJQcmssXG4gICAgICAgIHBhc3Nfa2V5X3BhcmFtczogcGFzc0tleUJ1bmRsZS5wYXNzS2V5UGFyYW1zLFxuICAgICAgICB3cmFwcGVkX21hc3Rlcl9rZXk6IHdyYXBwZWRNYXN0ZXJLZXksXG4gICAgICAgIHdyYXBwZWRfcm9vdF9rZXk6IHdyYXBwZWRSb290S2V5LFxuICAgICAgICBwYms6IHByay50b0pTT04oKSwgLy8gcHVibGljIGVuY3J5cHRpb24ga2V5XG4gICAgICAgIHdyYXBwZWRfcHJrOiB3cmFwcGVkUHJrLFxuICAgICAgICBzaWdfcGJrOiBzaWdQcmsudG9KU09OKCksIC8vIHB1YmxpYyBzaWduaW5nIGtleVxuICAgICAgICB3cmFwcGVkX3NpZ19wcms6IHdyYXBwZWRTaWdQcmssXG4gICAgICB9KVxuICAgICAgLnRvUHJvbWlzZSgpO1xuXG4gICAgLy8gQVBJIGNhbGwgdG8gY3JlYXRlIHVzZXIgb24gY29nbml0b1xuICAgIGNvbnN0IGF0dHJpYnV0ZXMgPSB7fTtcbiAgICB1c2VyLmNsYWltcy5mb3JFYWNoKChjbGFpbSkgPT4ge1xuICAgICAgYXR0cmlidXRlc1tjbGFpbS50eXBlXSA9IGNsYWltLnZhbHVlO1xuICAgIH0pO1xuXG4gICAgLy8gUmFuZG9tIHN1ZmZpeCBmb3IgdW5pcXVlbmVzcy4gSWYgdGhlcmUncyBhIGR1cGxpY2F0ZSwgdGhlbiB1c2VkIGp1c3QgbmVlZHMgdG9cbiAgICAvLyBzaWduIHVwIGFnYWluLiBCdXQgY2hhbmNlcyBvZiBjb2xsaXNpb24gaXMgbG93LlxuICAgIGNvbnN0IHN1ZmZpeCA9IHRoaXMua2V5RmFjdG9yeS5yYW5kb21EaWdpdHNOb1plcm9zKDQpO1xuXG4gICAgY29uc3QgY29nbml0b1VzZXIgPSBhd2FpdCB0aGlzLmF1dGguc2lnblVwKHtcbiAgICAgIHVzZXJuYW1lOiBgJHtlbWFpbC5zcGxpdCgnQCcpWzBdfS4ke3N1ZmZpeH1gLFxuICAgICAgcGFzc3dvcmQ6IHRoaXMucGFzc3dvcmRTZXJ2aWNlLmdldFBhc3NJZHBTdHJpbmcocGFzc0tleUJ1bmRsZS5wYXNzSWRwKSxcbiAgICAgIGF0dHJpYnV0ZXMsXG4gICAgICAvLyBVbmZvcnR1bmF0ZWx5LCB2YWxpZGF0aW9uRGF0YSBpcyBub3QgcGFzc2VkIHRvIHRoZSBwb3N0XG4gICAgICAvLyBjb25maXJtYXRpb24gY29nbml0byB0cmlnZ2VyLiBTbyBjYW4gY2FuJ3QgZG8gdGhlIGFzc29jaWF0aW9uIHRoZXJlLlxuICAgICAgLy8gVGhlIGN1cnJlbnQgd29ya2Zsb3cgd2lsbCBjcmVhdGUgYSBuZXcgdXNlciBvbiBMUiBiZWZvcmUgc2lnbmluZyB1cFxuICAgICAgLy8gd2l0aCBDb2duaXRvLiBUaGVuIENvZ25pdG8gY2FuIHVzZSB0aGUgdXNlci5pZCBhbmQgdXNlci5wcmVfc2lnbl91cF90b2tlbiB0b1xuICAgICAgLy8gZG8gdGhlIHZhbGlkYXRpb24gb2YgdGhlIGF0dHJpYnV0ZXMuXG4gICAgICAvLyB2YWxpZGF0aW9uRGF0YTogW1xuICAgICAgLy8gICBuZXcgQ29nbml0b1VzZXJBdHRyaWJ1dGUoe1xuICAgICAgLy8gICAgIE5hbWU6IFwidXNlcl9pZFwiLFxuICAgICAgLy8gICAgIFZhbHVlOiBTdHJpbmcodXNlci5pZClcbiAgICAgIC8vICAgfSksXG4gICAgICAvLyAgIG5ldyBDb2duaXRvVXNlckF0dHJpYnV0ZSh7XG4gICAgICAvLyAgICAgTmFtZTogXCJ1c2VyX3ByZV9zaWduX3VwX3Rva2VuXCIsXG4gICAgICAvLyAgICAgVmFsdWU6IHVzZXIucHJlX3NpZ25fdXBfdG9rZW5cbiAgICAgIC8vICAgfSlcbiAgICAgIC8vIF1cbiAgICAgIGNsaWVudE1ldGFkYXRhOiB7XG4gICAgICAgIHVzZXJfaWQ6IFN0cmluZyh1c2VyLmlkKSxcbiAgICAgICAgdXNlcl9wcmVfc2lnbl91cF90b2tlbjogU3RyaW5nKHVzZXIucHJlX3NpZ25fdXBfdG9rZW4pLFxuICAgICAgfSxcbiAgICB9KTtcblxuICAgIHJldHVybiB7XG4gICAgICB1c2VybmFtZTogY29nbml0b1VzZXIudXNlci5nZXRVc2VybmFtZSgpLFxuICAgICAgdXNlcklkOiB1c2VyLmlkLFxuICAgICAgcHJlU2lnblVwVG9rZW46IHVzZXIucHJlX3NpZ25fdXBfdG9rZW4sXG4gICAgICB1c2VyU3ViOiBjb2duaXRvVXNlci51c2VyU3ViLFxuICAgIH07XG4gIH1cblxuICBwdWJsaWMgYXN5bmMgaGlicEJyZWFjaGVkQWNjb3VudHMoYWNjb3VudDogc3RyaW5nKTogUHJvbWlzZTxhbnk+IHtcbiAgICAvLyBUaGUgYWNjb3VudCBpcyBqdXN0IHRoZSBlbWFpbFxuICAgIHRyeSB7XG4gICAgICBjb25zdCByZXNwb25zZSA9IGF3YWl0IHRoaXMuaHR0cFxuICAgICAgICAuZ2V0KFxuICAgICAgICAgIGAke3RoaXMuY29uZmlnLmF1dGhVcmx9dXNlcnMvaGlicC9icmVhY2hlZGFjY291bnQvJHthY2NvdW50fS8/dHJ1bmNhdGVSZXNwb25zZT1mYWxzZWBcbiAgICAgICAgKVxuICAgICAgICAudG9Qcm9taXNlKCk7XG4gICAgICByZXR1cm4gcmVzcG9uc2U7XG4gICAgfSBjYXRjaCAoZXJyb3IpIHtcbiAgICAgIGlmIChlcnJvci5zdGF0dXMgPT09IDQwNCkge1xuICAgICAgICByZXR1cm4gbnVsbDtcbiAgICAgIH0gZWxzZSB7XG4gICAgICAgIHRocm93IGVycm9yO1xuICAgICAgfVxuICAgIH1cbiAgfVxufVxuIl19