@push.rocks/smartproxy 16.0.2 → 16.0.4

package/dist_ts/proxies/network-proxy/websocket-handler.js

@@ -1,18 +1,49 @@
 import * as plugins from '../../plugins.js';
+import '../../core/models/socket-augmentation.js';
 import { createLogger } from './models/types.js';
 import { ConnectionPool } from './connection-pool.js';
-import { ProxyRouter } from '../../http/router/index.js';
+import { ProxyRouter, RouteRouter } from '../../http/router/index.js';
+import { toBaseContext } from '../../core/models/route-context.js';
+import { ContextCreator } from './context-creator.js';
+import { SecurityManager } from './security-manager.js';
+import { TemplateUtils } from '../../core/utils/template-utils.js';
+import { getMessageSize, toBuffer } from '../../core/utils/websocket-utils.js';
 /**
  * Handles WebSocket connections and proxying
  */
 export class WebSocketHandler {
-    constructor(options, connectionPool, router) {
+    constructor(options, connectionPool, legacyRouter, // Legacy router for backward compatibility
+    routes = [] // Routes for modern router
+    ) {
         this.options = options;
         this.connectionPool = connectionPool;
-        this.router = router;
+        this.legacyRouter = legacyRouter;
+        this.routes = routes;
         this.heartbeatInterval = null;
         this.wsServer = null;
+        this.contextCreator = new ContextCreator();
+        this.routeRouter = null;
         this.logger = createLogger(options.logLevel || 'info');
+        this.securityManager = new SecurityManager(this.logger, routes);
+        // Initialize modern router if we have routes
+        if (routes.length > 0) {
+            this.routeRouter = new RouteRouter(routes, this.logger);
+        }
+    }
+    /**
+     * Set the route configurations
+     */
+    setRoutes(routes) {
+        this.routes = routes;
+        // Initialize or update the route router
+        if (!this.routeRouter) {
+            this.routeRouter = new RouteRouter(routes, this.logger);
+        }
+        else {
+            this.routeRouter.setRoutes(routes);
+        }
+        // Update the security manager
+        this.securityManager.setRoutes(routes);
     }
     /**
      * Initialize WebSocket server on an existing HTTPS server
@@ -73,18 +104,115 @@ export class WebSocketHandler {
                 wsIncoming.isAlive = true;
                 wsIncoming.lastPong = Date.now();
             });
-            // Find target configuration based on request
-            const proxyConfig = this.router.routeReq(req);
-            if (!proxyConfig) {
-                this.logger.warn(`No proxy configuration for WebSocket host: ${req.headers.host}`);
-                wsIncoming.close(1008, 'No proxy configuration for this host');
-                return;
+            // Create a context for routing
+            const connectionId = `ws-${Date.now()}-${Math.floor(Math.random() * 10000)}`;
+            const routeContext = this.contextCreator.createHttpRouteContext(req, {
+                connectionId,
+                clientIp: req.socket.remoteAddress?.replace('::ffff:', '') || '0.0.0.0',
+                serverIp: req.socket.localAddress?.replace('::ffff:', '') || '0.0.0.0',
+                tlsVersion: req.socket.getTLSVersion?.() || undefined
+            });
+            // Try modern router first if available
+            let route;
+            if (this.routeRouter) {
+                route = this.routeRouter.routeReq(req);
             }
-            // Get destination target using round-robin if multiple targets
-            const destination = this.connectionPool.getNextTarget(proxyConfig.destinationIps, proxyConfig.destinationPorts[0]);
-            // Build target URL
+            // Define destination variables
+            let destination;
+            // If we found a route with the modern router, use it
+            if (route && route.action.type === 'forward' && route.action.target) {
+                this.logger.debug(`Found matching WebSocket route: ${route.name || 'unnamed'}`);
+                // Check if WebSockets are enabled for this route
+                if (route.action.websocket?.enabled === false) {
+                    this.logger.debug(`WebSockets are disabled for route: ${route.name || 'unnamed'}`);
+                    wsIncoming.close(1003, 'WebSockets not supported for this route');
+                    return;
+                }
+                // Check security restrictions if configured to authenticate WebSocket requests
+                if (route.action.websocket?.authenticateRequest !== false && route.security) {
+                    if (!this.securityManager.isAllowed(route, toBaseContext(routeContext))) {
+                        this.logger.warn(`WebSocket connection denied by security policy for ${routeContext.clientIp}`);
+                        wsIncoming.close(1008, 'Access denied by security policy');
+                        return;
+                    }
+                    // Check origin restrictions if configured
+                    const origin = req.headers.origin;
+                    if (origin && route.action.websocket?.allowedOrigins && route.action.websocket.allowedOrigins.length > 0) {
+                        const isAllowed = route.action.websocket.allowedOrigins.some(allowedOrigin => {
+                            // Handle wildcards and template variables
+                            if (allowedOrigin.includes('*') || allowedOrigin.includes('{')) {
+                                const pattern = allowedOrigin.replace(/\*/g, '.*');
+                                const resolvedPattern = TemplateUtils.resolveTemplateVariables(pattern, routeContext);
+                                const regex = new RegExp(`^${resolvedPattern}$`);
+                                return regex.test(origin);
+                            }
+                            return allowedOrigin === origin;
+                        });
+                        if (!isAllowed) {
+                            this.logger.warn(`WebSocket origin ${origin} not allowed for route: ${route.name || 'unnamed'}`);
+                            wsIncoming.close(1008, 'Origin not allowed');
+                            return;
+                        }
+                    }
+                }
+                // Extract target information, resolving functions if needed
+                let targetHost;
+                let targetPort;
+                try {
+                    // Resolve host if it's a function
+                    if (typeof route.action.target.host === 'function') {
+                        const resolvedHost = route.action.target.host(toBaseContext(routeContext));
+                        targetHost = resolvedHost;
+                        this.logger.debug(`Resolved function-based host for WebSocket: ${Array.isArray(resolvedHost) ? resolvedHost.join(', ') : resolvedHost}`);
+                    }
+                    else {
+                        targetHost = route.action.target.host;
+                    }
+                    // Resolve port if it's a function
+                    if (typeof route.action.target.port === 'function') {
+                        targetPort = route.action.target.port(toBaseContext(routeContext));
+                        this.logger.debug(`Resolved function-based port for WebSocket: ${targetPort}`);
+                    }
+                    else {
+                        targetPort = route.action.target.port === 'preserve' ? routeContext.port : route.action.target.port;
+                    }
+                    // Select a single host if an array was provided
+                    const selectedHost = Array.isArray(targetHost)
+                        ? targetHost[Math.floor(Math.random() * targetHost.length)]
+                        : targetHost;
+                    // Create a destination for the WebSocket connection
+                    destination = {
+                        host: selectedHost,
+                        port: targetPort
+                    };
+                }
+                catch (err) {
+                    this.logger.error(`Error evaluating function-based target for WebSocket: ${err}`);
+                    wsIncoming.close(1011, 'Internal server error');
+                    return;
+                }
+            }
+            else {
+                // Fall back to legacy routing if no matching route found via modern router
+                const proxyConfig = this.legacyRouter.routeReq(req);
+                if (!proxyConfig) {
+                    this.logger.warn(`No proxy configuration for WebSocket host: ${req.headers.host}`);
+                    wsIncoming.close(1008, 'No proxy configuration for this host');
+                    return;
+                }
+                // Get destination target using round-robin if multiple targets
+                destination = this.connectionPool.getNextTarget(proxyConfig.destinationIps, proxyConfig.destinationPorts[0]);
+            }
+            // Build target URL with potential path rewriting
             const protocol = req.socket.encrypted ? 'wss' : 'ws';
-            const targetUrl = `${protocol}://${destination.host}:${destination.port}${req.url}`;
+            let targetPath = req.url || '/';
+            // Apply path rewriting if configured
+            if (route?.action.websocket?.rewritePath) {
+                const originalPath = targetPath;
+                targetPath = TemplateUtils.resolveTemplateVariables(route.action.websocket.rewritePath, { ...routeContext, path: targetPath });
+                this.logger.debug(`WebSocket path rewritten: ${originalPath} -> ${targetPath}`);
+            }
+            const targetUrl = `${protocol}://${destination.host}:${destination.port}${targetPath}`;
             this.logger.debug(`WebSocket connection from ${req.socket.remoteAddress} to ${targetUrl}`);
             // Create headers for outgoing WebSocket connection
             const headers = {};
@@ -98,15 +226,50 @@ export class WebSocketHandler {
                     headers[key] = value;
                 }
             }
-            // Override host header if needed
-            if (proxyConfig.rewriteHostHeader) {
-                headers['host'] = `${destination.host}:${destination.port}`;
+            // Always rewrite host header for WebSockets for consistency
+            headers['host'] = `${destination.host}:${destination.port}`;
+            // Add custom headers from route configuration
+            if (route?.action.websocket?.customHeaders) {
+                for (const [key, value] of Object.entries(route.action.websocket.customHeaders)) {
+                    // Skip if header already exists and we're not overriding
+                    if (headers[key.toLowerCase()] && !value.startsWith('!')) {
+                        continue;
+                    }
+                    // Handle special delete directive (!delete)
+                    if (value === '!delete') {
+                        delete headers[key.toLowerCase()];
+                        continue;
+                    }
+                    // Handle forced override (!value)
+                    let finalValue;
+                    if (value.startsWith('!') && value !== '!delete') {
+                        // Keep the ! but resolve any templates in the rest
+                        const templateValue = value.substring(1);
+                        finalValue = '!' + TemplateUtils.resolveTemplateVariables(templateValue, routeContext);
+                    }
+                    else {
+                        // Resolve templates in the entire value
+                        finalValue = TemplateUtils.resolveTemplateVariables(value, routeContext);
+                    }
+                    // Set the header
+                    headers[key.toLowerCase()] = finalValue;
+                }
             }
-            // Create outgoing WebSocket connection
-            const wsOutgoing = new plugins.wsDefault(targetUrl, {
+            // Create WebSocket connection options
+            const wsOptions = {
                 headers: headers,
                 followRedirects: true
-            });
+            };
+            // Add subprotocols if configured
+            if (route?.action.websocket?.subprotocols && route.action.websocket.subprotocols.length > 0) {
+                wsOptions.protocols = route.action.websocket.subprotocols;
+            }
+            else if (req.headers['sec-websocket-protocol']) {
+                // Pass through client requested protocols
+                wsOptions.protocols = req.headers['sec-websocket-protocol'].split(',').map(p => p.trim());
+            }
+            // Create outgoing WebSocket connection
+            const wsOutgoing = new plugins.wsDefault(targetUrl, wsOptions);
             // Handle connection errors
             wsOutgoing.on('error', (err) => {
                 this.logger.error(`WebSocket target connection error: ${err.message}`);
@@ -116,9 +279,54 @@ export class WebSocketHandler {
             });
             // Handle outgoing connection open
             wsOutgoing.on('open', () => {
+                // Set up custom ping interval if configured
+                let pingInterval = null;
+                if (route?.action.websocket?.pingInterval && route.action.websocket.pingInterval > 0) {
+                    pingInterval = setInterval(() => {
+                        if (wsIncoming.readyState === wsIncoming.OPEN) {
+                            wsIncoming.ping();
+                            this.logger.debug(`Sent WebSocket ping to client for route: ${route.name || 'unnamed'}`);
+                        }
+                    }, route.action.websocket.pingInterval);
+                    // Don't keep process alive just for pings
+                    if (pingInterval.unref)
+                        pingInterval.unref();
+                }
+                // Set up custom ping timeout if configured
+                let pingTimeout = null;
+                const pingTimeoutMs = route?.action.websocket?.pingTimeout || 60000; // Default 60s
+                // Define timeout function for cleaner code
+                const resetPingTimeout = () => {
+                    if (pingTimeout)
+                        clearTimeout(pingTimeout);
+                    pingTimeout = setTimeout(() => {
+                        this.logger.debug(`WebSocket ping timeout for client connection on route: ${route?.name || 'unnamed'}`);
+                        wsIncoming.terminate();
+                    }, pingTimeoutMs);
+                    // Don't keep process alive just for timeouts
+                    if (pingTimeout.unref)
+                        pingTimeout.unref();
+                };
+                // Reset timeout on pong
+                wsIncoming.on('pong', () => {
+                    wsIncoming.isAlive = true;
+                    wsIncoming.lastPong = Date.now();
+                    resetPingTimeout();
+                });
+                // Initial ping timeout
+                resetPingTimeout();
+                // Handle potential message size limits
+                const maxSize = route?.action.websocket?.maxPayloadSize || 0;
                 // Forward incoming messages to outgoing connection
                 wsIncoming.on('message', (data, isBinary) => {
                     if (wsOutgoing.readyState === wsOutgoing.OPEN) {
+                        // Check message size if limit is set
+                        const messageSize = getMessageSize(data);
+                        if (maxSize > 0 && messageSize > maxSize) {
+                            this.logger.warn(`WebSocket message exceeds max size (${messageSize} > ${maxSize})`);
+                            wsIncoming.close(1009, 'Message too big');
+                            return;
+                        }
                         wsOutgoing.send(data, { binary: isBinary });
                     }
                 });
@@ -134,12 +342,22 @@ export class WebSocketHandler {
                     if (wsOutgoing.readyState === wsOutgoing.OPEN) {
                         wsOutgoing.close(code, reason);
                     }
+                    // Clean up timers
+                    if (pingInterval)
+                        clearInterval(pingInterval);
+                    if (pingTimeout)
+                        clearTimeout(pingTimeout);
                 });
                 wsOutgoing.on('close', (code, reason) => {
                     this.logger.debug(`WebSocket target connection closed: ${code} ${reason}`);
                     if (wsIncoming.readyState === wsIncoming.OPEN) {
                         wsIncoming.close(code, reason);
                     }
+                    // Clean up timers
+                    if (pingInterval)
+                        clearInterval(pingInterval);
+                    if (pingTimeout)
+                        clearTimeout(pingTimeout);
                 });
                 this.logger.debug(`WebSocket connection established: ${req.headers.host} -> ${destination.host}:${destination.port}`);
             });
@@ -185,4 +403,4 @@ export class WebSocketHandler {
         }
     }
 }
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoid2Vic29ja2V0LWhhbmRsZXIuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi90cy9wcm94aWVzL25ldHdvcmstcHJveHkvd2Vic29ja2V0LWhhbmRsZXIudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUEsT0FBTyxLQUFLLE9BQU8sTUFBTSxrQkFBa0IsQ0FBQztBQUM1QyxPQUFPLEVBQXlFLFlBQVksRUFBNEIsTUFBTSxtQkFBbUIsQ0FBQztBQUNsSixPQUFPLEVBQUUsY0FBYyxFQUFFLE1BQU0sc0JBQXNCLENBQUM7QUFDdEQsT0FBTyxFQUFFLFdBQVcsRUFBRSxNQUFNLDRCQUE0QixDQUFDO0FBRXpEOztHQUVHO0FBQ0gsTUFBTSxPQUFPLGdCQUFnQjtJQUszQixZQUNVLE9BQTZCLEVBQzdCLGNBQThCLEVBQzlCLE1BQW1CO1FBRm5CLFlBQU8sR0FBUCxPQUFPLENBQXNCO1FBQzdCLG1CQUFjLEdBQWQsY0FBYyxDQUFnQjtRQUM5QixXQUFNLEdBQU4sTUFBTSxDQUFhO1FBUHJCLHNCQUFpQixHQUEwQixJQUFJLENBQUM7UUFDaEQsYUFBUSxHQUFzQyxJQUFJLENBQUM7UUFRekQsSUFBSSxDQUFDLE1BQU0sR0FBRyxZQUFZLENBQUMsT0FBTyxDQUFDLFFBQVEsSUFBSSxNQUFNLENBQUMsQ0FBQztJQUN6RCxDQUFDO0lBRUQ7O09BRUc7SUFDSSxVQUFVLENBQUMsTUFBNEI7UUFDNUMsMEJBQTBCO1FBQzFCLElBQUksQ0FBQyxRQUFRLEdBQUcsSUFBSSxPQUFPLENBQUMsRUFBRSxDQUFDLGVBQWUsQ0FBQztZQUM3QyxNQUFNLEVBQUUsTUFBTTtZQUNkLGNBQWMsRUFBRSxJQUFJO1NBQ3JCLENBQUMsQ0FBQztRQUVILCtCQUErQjtRQUMvQixJQUFJLENBQUMsUUFBUSxDQUFDLEVBQUUsQ0FBQyxZQUFZLEVBQUUsQ0FBQyxVQUFtQyxFQUFFLEdBQWlDLEVBQUUsRUFBRTtZQUN4RyxJQUFJLENBQUMseUJBQXlCLENBQUMsVUFBVSxFQUFFLEdBQUcsQ0FBQyxDQUFDO1FBQ2xELENBQUMsQ0FBQyxDQUFDO1FBRUgsK0JBQStCO1FBQy9CLElBQUksQ0FBQyxjQUFjLEVBQUUsQ0FBQztRQUV0QixJQUFJLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQywrQkFBK0IsQ0FBQyxDQUFDO0lBQ3BELENBQUM7SUFFRDs7T0FFRztJQUNLLGNBQWM7UUFDcEIsb0NBQW9DO1FBQ3BDLElBQUksSUFBSSxDQUFDLGlCQUFpQixFQUFFLENBQUM7WUFDM0IsYUFBYSxDQUFDLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxDQUFDO1FBQ3hDLENBQUM7UUFFRCx5REFBeUQ7UUFDekQsSUFBSSxDQUFDLGlCQUFpQixHQUFHLFdBQVcsQ0FBQyxHQUFHLEVBQUU7WUFDeEMsSUFBSSxDQUFDLElBQUksQ0FBQyxRQUFRLElBQUksSUFBSSxDQUFDLFFBQVEsQ0FBQyxPQUFPLENBQUMsSUFBSSxLQUFLLENBQUMsRUFBRSxDQUFDO2dCQUN2RCxPQUFPLENBQUMsZ0NBQWdDO1lBQzFDLENBQUM7WUFFRCxJQUFJLENBQUMsTUFBTSxDQUFDLEtBQUssQ0FBQyxpQ0FBaUMsSUFBSSxDQUFDLFFBQVEsQ0FBQyxPQUFPLENBQUMsSUFBSSxVQUFVLENBQUMsQ0FBQztZQUV6RixJQUFJLENBQUMsUUFBUSxDQUFDLE9BQU8sQ0FBQyxPQUFPLENBQUMsQ0FBQyxFQUFxQixFQUFFLEVBQUU7Z0JBQ3RELE1BQU0sZUFBZSxHQUFHLEVBQTZCLENBQUM7Z0JBRXRELElBQUksZUFBZSxDQUFDLE9BQU8sS0FBSyxLQUFLLEVBQUUsQ0FBQztvQkFDdEMsSUFBSSxDQUFDLE1BQU0sQ0FBQyxLQUFLLENBQUMsMkNBQTJDLENBQUMsQ0FBQztvQkFDL0QsT0FBTyxlQUFlLENBQUMsU0FBUyxFQUFFLENBQUM7Z0JBQ3JDLENBQUM7Z0JBRUQsZUFBZSxDQUFDLE9BQU8sR0FBRyxLQUFLLENBQUM7Z0JBQ2hDLGVBQWUsQ0FBQyxJQUFJLEVBQUUsQ0FBQztZQUN6QixDQUFDLENBQUMsQ0FBQztRQUNMLENBQUMsRUFBRSxLQUFLLENBQUMsQ0FBQztRQUVWLHdEQUF3RDtRQUN4RCxJQUFJLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxLQUFLLEVBQUUsQ0FBQztZQUNqQyxJQUFJLENBQUMsaUJBQWlCLENBQUMsS0FBSyxFQUFFLENBQUM7UUFDakMsQ0FBQztJQUNILENBQUM7SUFFRDs7T0FFRztJQUNLLHlCQUF5QixDQUFDLFVBQW1DLEVBQUUsR0FBaUM7UUFDdEcsSUFBSSxDQUFDO1lBQ0gsZ0NBQWdDO1lBQ2hDLFVBQVUsQ0FBQyxPQUFPLEdBQUcsSUFBSSxDQUFDO1lBQzFCLFVBQVUsQ0FBQyxRQUFRLEdBQUcsSUFBSSxDQUFDLEdBQUcsRUFBRSxDQUFDO1lBRWpDLHlDQUF5QztZQUN6QyxVQUFVLENBQUMsRUFBRSxDQUFDLE1BQU0sRUFBRSxHQUFHLEVBQUU7Z0JBQ3pCLFVBQVUsQ0FBQyxPQUFPLEdBQUcsSUFBSSxDQUFDO2dCQUMxQixVQUFVLENBQUMsUUFBUSxHQUFHLElBQUksQ0FBQyxHQUFHLEVBQUUsQ0FBQztZQUNuQyxDQUFDLENBQUMsQ0FBQztZQUVILDZDQUE2QztZQUM3QyxNQUFNLFdBQVcsR0FBRyxJQUFJLENBQUMsTUFBTSxDQUFDLFFBQVEsQ0FBQyxHQUFHLENBQUMsQ0FBQztZQUU5QyxJQUFJLENBQUMsV0FBVyxFQUFFLENBQUM7Z0JBQ2pCLElBQUksQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFDLDhDQUE4QyxHQUFHLENBQUMsT0FBTyxDQUFDLElBQUksRUFBRSxDQUFDLENBQUM7Z0JBQ25GLFVBQVUsQ0FBQyxLQUFLLENBQUMsSUFBSSxFQUFFLHNDQUFzQyxDQUFDLENBQUM7Z0JBQy9ELE9BQU87WUFDVCxDQUFDO1lBRUQsK0RBQStEO1lBQy9ELE1BQU0sV0FBVyxHQUFHLElBQUksQ0FBQyxjQUFjLENBQUMsYUFBYSxDQUNuRCxXQUFXLENBQUMsY0FBYyxFQUMxQixXQUFXLENBQUMsZ0JBQWdCLENBQUMsQ0FBQyxDQUFDLENBQ2hDLENBQUM7WUFFRixtQkFBbUI7WUFDbkIsTUFBTSxRQUFRLEdBQUksR0FBRyxDQUFDLE1BQWMsQ0FBQyxTQUFTLENBQUMsQ0FBQyxDQUFDLEtBQUssQ0FBQyxDQUFDLENBQUMsSUFBSSxDQUFDO1lBQzlELE1BQU0sU0FBUyxHQUFHLEdBQUcsUUFBUSxNQUFNLFdBQVcsQ0FBQyxJQUFJLElBQUksV0FBVyxDQUFDLElBQUksR0FBRyxHQUFHLENBQUMsR0FBRyxFQUFFLENBQUM7WUFFcEYsSUFBSSxDQUFDLE1BQU0sQ0FBQyxLQUFLLENBQUMsNkJBQTZCLEdBQUcsQ0FBQyxNQUFNLENBQUMsYUFBYSxPQUFPLFNBQVMsRUFBRSxDQUFDLENBQUM7WUFFM0YsbURBQW1EO1lBQ25ELE1BQU0sT0FBTyxHQUE4QixFQUFFLENBQUM7WUFFOUMsOENBQThDO1lBQzlDLEtBQUssTUFBTSxDQUFDLEdBQUcsRUFBRSxLQUFLLENBQUMsSUFBSSxNQUFNLENBQUMsT0FBTyxDQUFDLEdBQUcsQ0FBQyxPQUFPLENBQUMsRUFBRSxDQUFDO2dCQUN2RCxJQUFJLEtBQUssSUFBSSxPQUFPLEtBQUssS0FBSyxRQUFRO29CQUNsQyxHQUFHLENBQUMsV0FBVyxFQUFFLEtBQUssWUFBWTtvQkFDbEMsR0FBRyxDQUFDLFdBQVcsRUFBRSxLQUFLLFNBQVM7b0JBQy9CLEdBQUcsQ0FBQyxXQUFXLEVBQUUsS0FBSyxtQkFBbUI7b0JBQ3pDLEdBQUcsQ0FBQyxXQUFXLEVBQUUsS0FBSyx1QkFBdUIsRUFBRSxDQUFDO29CQUNsRCxPQUFPLENBQUMsR0FBRyxDQUFDLEdBQUcsS0FBSyxDQUFDO2dCQUN2QixDQUFDO1lBQ0gsQ0FBQztZQUVELGlDQUFpQztZQUNqQyxJQUFLLFdBQW1DLENBQUMsaUJBQWlCLEVBQUUsQ0FBQztnQkFDM0QsT0FBTyxDQUFDLE1BQU0sQ0FBQyxHQUFHLEdBQUcsV0FBVyxDQUFDLElBQUksSUFBSSxXQUFXLENBQUMsSUFBSSxFQUFFLENBQUM7WUFDOUQsQ0FBQztZQUVELHVDQUF1QztZQUN2QyxNQUFNLFVBQVUsR0FBRyxJQUFJLE9BQU8sQ0FBQyxTQUFTLENBQUMsU0FBUyxFQUFFO2dCQUNsRCxPQUFPLEVBQUUsT0FBTztnQkFDaEIsZUFBZSxFQUFFLElBQUk7YUFDdEIsQ0FBQyxDQUFDO1lBRUgsMkJBQTJCO1lBQzNCLFVBQVUsQ0FBQyxFQUFFLENBQUMsT0FBTyxFQUFFLENBQUMsR0FBRyxFQUFFLEVBQUU7Z0JBQzdCLElBQUksQ0FBQyxNQUFNLENBQUMsS0FBSyxDQUFDLHNDQUFzQyxHQUFHLENBQUMsT0FBTyxFQUFFLENBQUMsQ0FBQztnQkFDdkUsSUFBSSxVQUFVLENBQUMsVUFBVSxLQUFLLFVBQVUsQ0FBQyxJQUFJLEVBQUUsQ0FBQztvQkFDOUMsVUFBVSxDQUFDLEtBQUssQ0FBQyxJQUFJLEVBQUUsdUJBQXVCLENBQUMsQ0FBQztnQkFDbEQsQ0FBQztZQUNILENBQUMsQ0FBQyxDQUFDO1lBRUgsa0NBQWtDO1lBQ2xDLFVBQVUsQ0FBQyxFQUFFLENBQUMsTUFBTSxFQUFFLEdBQUcsRUFBRTtnQkFDekIsbURBQW1EO2dCQUNuRCxVQUFVLENBQUMsRUFBRSxDQUFDLFNBQVMsRUFBRSxDQUFDLElBQUksRUFBRSxRQUFRLEVBQUUsRUFBRTtvQkFDMUMsSUFBSSxVQUFVLENBQUMsVUFBVSxLQUFLLFVBQVUsQ0FBQyxJQUFJLEVBQUUsQ0FBQzt3QkFDOUMsVUFBVSxDQUFDLElBQUksQ0FBQyxJQUFJLEVBQUUsRUFBRSxNQUFNLEVBQUUsUUFBUSxFQUFFLENBQUMsQ0FBQztvQkFDOUMsQ0FBQztnQkFDSCxDQUFDLENBQUMsQ0FBQztnQkFFSCxtREFBbUQ7Z0JBQ25ELFVBQVUsQ0FBQyxFQUFFLENBQUMsU0FBUyxFQUFFLENBQUMsSUFBSSxFQUFFLFFBQVEsRUFBRSxFQUFFO29CQUMxQyxJQUFJLFVBQVUsQ0FBQyxVQUFVLEtBQUssVUFBVSxDQUFDLElBQUksRUFBRSxDQUFDO3dCQUM5QyxVQUFVLENBQUMsSUFBSSxDQUFDLElBQUksRUFBRSxFQUFFLE1BQU0sRUFBRSxRQUFRLEVBQUUsQ0FBQyxDQUFDO29CQUM5QyxDQUFDO2dCQUNILENBQUMsQ0FBQyxDQUFDO2dCQUVILGdDQUFnQztnQkFDaEMsVUFBVSxDQUFDLEVBQUUsQ0FBQyxPQUFPLEVBQUUsQ0FBQyxJQUFJLEVBQUUsTUFBTSxFQUFFLEVBQUU7b0JBQ3RDLElBQUksQ0FBQyxNQUFNLENBQUMsS0FBSyxDQUFDLHVDQUF1QyxJQUFJLElBQUksTUFBTSxFQUFFLENBQUMsQ0FBQztvQkFDM0UsSUFBSSxVQUFVLENBQUMsVUFBVSxLQUFLLFVBQVUsQ0FBQyxJQUFJLEVBQUUsQ0FBQzt3QkFDOUMsVUFBVSxDQUFDLEtBQUssQ0FBQyxJQUFJLEVBQUUsTUFBTSxDQUFDLENBQUM7b0JBQ2pDLENBQUM7Z0JBQ0gsQ0FBQyxDQUFDLENBQUM7Z0JBRUgsVUFBVSxDQUFDLEVBQUUsQ0FBQyxPQUFPLEVBQUUsQ0FBQyxJQUFJLEVBQUUsTUFBTSxFQUFFLEVBQUU7b0JBQ3RDLElBQUksQ0FBQyxNQUFNLENBQUMsS0FBSyxDQUFDLHVDQUF1QyxJQUFJLElBQUksTUFBTSxFQUFFLENBQUMsQ0FBQztvQkFDM0UsSUFBSSxVQUFVLENBQUMsVUFBVSxLQUFLLFVBQVUsQ0FBQyxJQUFJLEVBQUUsQ0FBQzt3QkFDOUMsVUFBVSxDQUFDLEtBQUssQ0FBQyxJQUFJLEVBQUUsTUFBTSxDQUFDLENBQUM7b0JBQ2pDLENBQUM7Z0JBQ0gsQ0FBQyxDQUFDLENBQUM7Z0JBRUgsSUFBSSxDQUFDLE1BQU0sQ0FBQyxLQUFLLENBQUMscUNBQXFDLEdBQUcsQ0FBQyxPQUFPLENBQUMsSUFBSSxPQUFPLFdBQVcsQ0FBQyxJQUFJLElBQUksV0FBVyxDQUFDLElBQUksRUFBRSxDQUFDLENBQUM7WUFDeEgsQ0FBQyxDQUFDLENBQUM7UUFFTCxDQUFDO1FBQUMsT0FBTyxLQUFLLEVBQUUsQ0FBQztZQUNmLElBQUksQ0FBQyxNQUFNLENBQUMsS0FBSyxDQUFDLHdDQUF3QyxLQUFLLENBQUMsT0FBTyxFQUFFLENBQUMsQ0FBQztZQUMzRSxJQUFJLFVBQVUsQ0FBQyxVQUFVLEtBQUssVUFBVSxDQUFDLElBQUksRUFBRSxDQUFDO2dCQUM5QyxVQUFVLENBQUMsS0FBSyxDQUFDLElBQUksRUFBRSx1QkFBdUIsQ0FBQyxDQUFDO1lBQ2xELENBQUM7UUFDSCxDQUFDO0lBQ0gsQ0FBQztJQUVEOztPQUVHO0lBQ0ksaUJBQWlCO1FBQ3RCLE9BQU87WUFDTCxpQkFBaUIsRUFBRSxJQUFJLENBQUMsUUFBUSxDQUFDLENBQUMsQ0FBQyxJQUFJLENBQUMsUUFBUSxDQUFDLE9BQU8sQ0FBQyxJQUFJLENBQUMsQ0FBQyxDQUFDLENBQUM7U0FDbEUsQ0FBQztJQUNKLENBQUM7SUFFRDs7T0FFRztJQUNJLFFBQVE7UUFDYiwwQkFBMEI7UUFDMUIsSUFBSSxJQUFJLENBQUMsaUJBQWlCLEVBQUUsQ0FBQztZQUMzQixhQUFhLENBQUMsSUFBSSxDQUFDLGlCQUFpQixDQUFDLENBQUM7WUFDdEMsSUFBSSxDQUFDLGlCQUFpQixHQUFHLElBQUksQ0FBQztRQUNoQyxDQUFDO1FBRUQsa0NBQWtDO1FBQ2xDLElBQUksSUFBSSxDQUFDLFFBQVEsRUFBRSxDQUFDO1lBQ2xCLElBQUksQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFDLFdBQVcsSUFBSSxDQUFDLFFBQVEsQ0FBQyxPQUFPLENBQUMsSUFBSSx3QkFBd0IsQ0FBQyxDQUFDO1lBRWhGLEtBQUssTUFBTSxNQUFNLElBQUksSUFBSSxDQUFDLFFBQVEsQ0FBQyxPQUFPLEVBQUUsQ0FBQztnQkFDM0MsSUFBSSxDQUFDO29CQUNILE1BQU0sQ0FBQyxTQUFTLEVBQUUsQ0FBQztnQkFDckIsQ0FBQztnQkFBQyxPQUFPLEtBQUssRUFBRSxDQUFDO29CQUNmLElBQUksQ0FBQyxNQUFNLENBQUMsS0FBSyxDQUFDLG9DQUFvQyxFQUFFLEtBQUssQ0FBQyxDQUFDO2dCQUNqRSxDQUFDO1lBQ0gsQ0FBQztZQUVELG1CQUFtQjtZQUNuQixJQUFJLENBQUMsUUFBUSxDQUFDLEtBQUssRUFBRSxDQUFDO1lBQ3RCLElBQUksQ0FBQyxRQUFRLEdBQUcsSUFBSSxDQUFDO1FBQ3ZCLENBQUM7SUFDSCxDQUFDO0NBQ0YifQ==
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoid2Vic29ja2V0LWhhbmRsZXIuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi90cy9wcm94aWVzL25ldHdvcmstcHJveHkvd2Vic29ja2V0LWhhbmRsZXIudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUEsT0FBTyxLQUFLLE9BQU8sTUFBTSxrQkFBa0IsQ0FBQztBQUM1QyxPQUFPLDBDQUEwQyxDQUFDO0FBQ2xELE9BQU8sRUFBeUUsWUFBWSxFQUE0QixNQUFNLG1CQUFtQixDQUFDO0FBQ2xKLE9BQU8sRUFBRSxjQUFjLEVBQUUsTUFBTSxzQkFBc0IsQ0FBQztBQUN0RCxPQUFPLEVBQUUsV0FBVyxFQUFFLFdBQVcsRUFBRSxNQUFNLDRCQUE0QixDQUFDO0FBR3RFLE9BQU8sRUFBRSxhQUFhLEVBQUUsTUFBTSxvQ0FBb0MsQ0FBQztBQUNuRSxPQUFPLEVBQUUsY0FBYyxFQUFFLE1BQU0sc0JBQXNCLENBQUM7QUFDdEQsT0FBTyxFQUFFLGVBQWUsRUFBRSxNQUFNLHVCQUF1QixDQUFDO0FBQ3hELE9BQU8sRUFBRSxhQUFhLEVBQUUsTUFBTSxvQ0FBb0MsQ0FBQztBQUNuRSxPQUFPLEVBQUUsY0FBYyxFQUFFLFFBQVEsRUFBRSxNQUFNLHFDQUFxQyxDQUFDO0FBRS9FOztHQUVHO0FBQ0gsTUFBTSxPQUFPLGdCQUFnQjtJQVEzQixZQUNVLE9BQTZCLEVBQzdCLGNBQThCLEVBQzlCLFlBQXlCLEVBQUUsMkNBQTJDO0lBQ3RFLFNBQXlCLEVBQUUsQ0FBQywyQkFBMkI7O1FBSHZELFlBQU8sR0FBUCxPQUFPLENBQXNCO1FBQzdCLG1CQUFjLEdBQWQsY0FBYyxDQUFnQjtRQUM5QixpQkFBWSxHQUFaLFlBQVksQ0FBYTtRQUN6QixXQUFNLEdBQU4sTUFBTSxDQUFxQjtRQVg3QixzQkFBaUIsR0FBMEIsSUFBSSxDQUFDO1FBQ2hELGFBQVEsR0FBc0MsSUFBSSxDQUFDO1FBRW5ELG1CQUFjLEdBQW1CLElBQUksY0FBYyxFQUFFLENBQUM7UUFDdEQsZ0JBQVcsR0FBdUIsSUFBSSxDQUFDO1FBUzdDLElBQUksQ0FBQyxNQUFNLEdBQUcsWUFBWSxDQUFDLE9BQU8sQ0FBQyxRQUFRLElBQUksTUFBTSxDQUFDLENBQUM7UUFDdkQsSUFBSSxDQUFDLGVBQWUsR0FBRyxJQUFJLGVBQWUsQ0FBQyxJQUFJLENBQUMsTUFBTSxFQUFFLE1BQU0sQ0FBQyxDQUFDO1FBRWhFLDZDQUE2QztRQUM3QyxJQUFJLE1BQU0sQ0FBQyxNQUFNLEdBQUcsQ0FBQyxFQUFFLENBQUM7WUFDdEIsSUFBSSxDQUFDLFdBQVcsR0FBRyxJQUFJLFdBQVcsQ0FBQyxNQUFNLEVBQUUsSUFBSSxDQUFDLE1BQU0sQ0FBQyxDQUFDO1FBQzFELENBQUM7SUFDSCxDQUFDO0lBRUQ7O09BRUc7SUFDSSxTQUFTLENBQUMsTUFBc0I7UUFDckMsSUFBSSxDQUFDLE1BQU0sR0FBRyxNQUFNLENBQUM7UUFFckIsd0NBQXdDO1FBQ3hDLElBQUksQ0FBQyxJQUFJLENBQUMsV0FBVyxFQUFFLENBQUM7WUFDdEIsSUFBSSxDQUFDLFdBQVcsR0FBRyxJQUFJLFdBQVcsQ0FBQyxNQUFNLEVBQUUsSUFBSSxDQUFDLE1BQU0sQ0FBQyxDQUFDO1FBQzFELENBQUM7YUFBTSxDQUFDO1lBQ04sSUFBSSxDQUFDLFdBQVcsQ0FBQyxTQUFTLENBQUMsTUFBTSxDQUFDLENBQUM7UUFDckMsQ0FBQztRQUVELDhCQUE4QjtRQUM5QixJQUFJLENBQUMsZUFBZSxDQUFDLFNBQVMsQ0FBQyxNQUFNLENBQUMsQ0FBQztJQUN6QyxDQUFDO0lBRUQ7O09BRUc7SUFDSSxVQUFVLENBQUMsTUFBNEI7UUFDNUMsMEJBQTBCO1FBQzFCLElBQUksQ0FBQyxRQUFRLEdBQUcsSUFBSSxPQUFPLENBQUMsRUFBRSxDQUFDLGVBQWUsQ0FBQztZQUM3QyxNQUFNLEVBQUUsTUFBTTtZQUNkLGNBQWMsRUFBRSxJQUFJO1NBQ3JCLENBQUMsQ0FBQztRQUVILCtCQUErQjtRQUMvQixJQUFJLENBQUMsUUFBUSxDQUFDLEVBQUUsQ0FBQyxZQUFZLEVBQUUsQ0FBQyxVQUFtQyxFQUFFLEdBQWlDLEVBQUUsRUFBRTtZQUN4RyxJQUFJLENBQUMseUJBQXlCLENBQUMsVUFBVSxFQUFFLEdBQUcsQ0FBQyxDQUFDO1FBQ2xELENBQUMsQ0FBQyxDQUFDO1FBRUgsK0JBQStCO1FBQy9CLElBQUksQ0FBQyxjQUFjLEVBQUUsQ0FBQztRQUV0QixJQUFJLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQywrQkFBK0IsQ0FBQyxDQUFDO0lBQ3BELENBQUM7SUFFRDs7T0FFRztJQUNLLGNBQWM7UUFDcEIsb0NBQW9DO1FBQ3BDLElBQUksSUFBSSxDQUFDLGlCQUFpQixFQUFFLENBQUM7WUFDM0IsYUFBYSxDQUFDLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxDQUFDO1FBQ3hDLENBQUM7UUFFRCx5REFBeUQ7UUFDekQsSUFBSSxDQUFDLGlCQUFpQixHQUFHLFdBQVcsQ0FBQyxHQUFHLEVBQUU7WUFDeEMsSUFBSSxDQUFDLElBQUksQ0FBQyxRQUFRLElBQUksSUFBSSxDQUFDLFFBQVEsQ0FBQyxPQUFPLENBQUMsSUFBSSxLQUFLLENBQUMsRUFBRSxDQUFDO2dCQUN2RCxPQUFPLENBQUMsZ0NBQWdDO1lBQzFDLENBQUM7WUFFRCxJQUFJLENBQUMsTUFBTSxDQUFDLEtBQUssQ0FBQyxpQ0FBaUMsSUFBSSxDQUFDLFFBQVEsQ0FBQyxPQUFPLENBQUMsSUFBSSxVQUFVLENBQUMsQ0FBQztZQUV6RixJQUFJLENBQUMsUUFBUSxDQUFDLE9BQU8sQ0FBQyxPQUFPLENBQUMsQ0FBQyxFQUFxQixFQUFFLEVBQUU7Z0JBQ3RELE1BQU0sZUFBZSxHQUFHLEVBQTZCLENBQUM7Z0JBRXRELElBQUksZUFBZSxDQUFDLE9BQU8sS0FBSyxLQUFLLEVBQUUsQ0FBQztvQkFDdEMsSUFBSSxDQUFDLE1BQU0sQ0FBQyxLQUFLLENBQUMsMkNBQTJDLENBQUMsQ0FBQztvQkFDL0QsT0FBTyxlQUFlLENBQUMsU0FBUyxFQUFFLENBQUM7Z0JBQ3JDLENBQUM7Z0JBRUQsZUFBZSxDQUFDLE9BQU8sR0FBRyxLQUFLLENBQUM7Z0JBQ2hDLGVBQWUsQ0FBQyxJQUFJLEVBQUUsQ0FBQztZQUN6QixDQUFDLENBQUMsQ0FBQztRQUNMLENBQUMsRUFBRSxLQUFLLENBQUMsQ0FBQztRQUVWLHdEQUF3RDtRQUN4RCxJQUFJLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxLQUFLLEVBQUUsQ0FBQztZQUNqQyxJQUFJLENBQUMsaUJBQWlCLENBQUMsS0FBSyxFQUFFLENBQUM7UUFDakMsQ0FBQztJQUNILENBQUM7SUFFRDs7T0FFRztJQUNLLHlCQUF5QixDQUFDLFVBQW1DLEVBQUUsR0FBaUM7UUFDdEcsSUFBSSxDQUFDO1lBQ0gsZ0NBQWdDO1lBQ2hDLFVBQVUsQ0FBQyxPQUFPLEdBQUcsSUFBSSxDQUFDO1lBQzFCLFVBQVUsQ0FBQyxRQUFRLEdBQUcsSUFBSSxDQUFDLEdBQUcsRUFBRSxDQUFDO1lBRWpDLHlDQUF5QztZQUN6QyxVQUFVLENBQUMsRUFBRSxDQUFDLE1BQU0sRUFBRSxHQUFHLEVBQUU7Z0JBQ3pCLFVBQVUsQ0FBQyxPQUFPLEdBQUcsSUFBSSxDQUFDO2dCQUMxQixVQUFVLENBQUMsUUFBUSxHQUFHLElBQUksQ0FBQyxHQUFHLEVBQUUsQ0FBQztZQUNuQyxDQUFDLENBQUMsQ0FBQztZQUVILCtCQUErQjtZQUMvQixNQUFNLFlBQVksR0FBRyxNQUFNLElBQUksQ0FBQyxHQUFHLEVBQUUsSUFBSSxJQUFJLENBQUMsS0FBSyxDQUFDLElBQUksQ0FBQyxNQUFNLEVBQUUsR0FBRyxLQUFLLENBQUMsRUFBRSxDQUFDO1lBQzdFLE1BQU0sWUFBWSxHQUFHLElBQUksQ0FBQyxjQUFjLENBQUMsc0JBQXNCLENBQUMsR0FBRyxFQUFFO2dCQUNuRSxZQUFZO2dCQUNaLFFBQVEsRUFBRSxHQUFHLENBQUMsTUFBTSxDQUFDLGFBQWEsRUFBRSxPQUFPLENBQUMsU0FBUyxFQUFFLEVBQUUsQ0FBQyxJQUFJLFNBQVM7Z0JBQ3ZFLFFBQVEsRUFBRSxHQUFHLENBQUMsTUFBTSxDQUFDLFlBQVksRUFBRSxPQUFPLENBQUMsU0FBUyxFQUFFLEVBQUUsQ0FBQyxJQUFJLFNBQVM7Z0JBQ3RFLFVBQVUsRUFBRSxHQUFHLENBQUMsTUFBTSxDQUFDLGFBQWEsRUFBRSxFQUFFLElBQUksU0FBUzthQUN0RCxDQUFDLENBQUM7WUFFSCx1Q0FBdUM7WUFDdkMsSUFBSSxLQUErQixDQUFDO1lBQ3BDLElBQUksSUFBSSxDQUFDLFdBQVcsRUFBRSxDQUFDO2dCQUNyQixLQUFLLEdBQUcsSUFBSSxDQUFDLFdBQVcsQ0FBQyxRQUFRLENBQUMsR0FBRyxDQUFDLENBQUM7WUFDekMsQ0FBQztZQUVELCtCQUErQjtZQUMvQixJQUFJLFdBQTJDLENBQUM7WUFFaEQscURBQXFEO1lBQ3JELElBQUksS0FBSyxJQUFJLEtBQUssQ0FBQyxNQUFNLENBQUMsSUFBSSxLQUFLLFNBQVMsSUFBSSxLQUFLLENBQUMsTUFBTSxDQUFDLE1BQU0sRUFBRSxDQUFDO2dCQUNwRSxJQUFJLENBQUMsTUFBTSxDQUFDLEtBQUssQ0FBQyxtQ0FBbUMsS0FBSyxDQUFDLElBQUksSUFBSSxTQUFTLEVBQUUsQ0FBQyxDQUFDO2dCQUVoRixpREFBaUQ7Z0JBQ2pELElBQUksS0FBSyxDQUFDLE1BQU0sQ0FBQyxTQUFTLEVBQUUsT0FBTyxLQUFLLEtBQUssRUFBRSxDQUFDO29CQUM5QyxJQUFJLENBQUMsTUFBTSxDQUFDLEtBQUssQ0FBQyxzQ0FBc0MsS0FBSyxDQUFDLElBQUksSUFBSSxTQUFTLEVBQUUsQ0FBQyxDQUFDO29CQUNuRixVQUFVLENBQUMsS0FBSyxDQUFDLElBQUksRUFBRSx5Q0FBeUMsQ0FBQyxDQUFDO29CQUNsRSxPQUFPO2dCQUNULENBQUM7Z0JBRUQsK0VBQStFO2dCQUMvRSxJQUFJLEtBQUssQ0FBQyxNQUFNLENBQUMsU0FBUyxFQUFFLG1CQUFtQixLQUFLLEtBQUssSUFBSSxLQUFLLENBQUMsUUFBUSxFQUFFLENBQUM7b0JBQzVFLElBQUksQ0FBQyxJQUFJLENBQUMsZUFBZSxDQUFDLFNBQVMsQ0FBQyxLQUFLLEVBQUUsYUFBYSxDQUFDLFlBQVksQ0FBQyxDQUFDLEVBQUUsQ0FBQzt3QkFDeEUsSUFBSSxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsc0RBQXNELFlBQVksQ0FBQyxRQUFRLEVBQUUsQ0FBQyxDQUFDO3dCQUNoRyxVQUFVLENBQUMsS0FBSyxDQUFDLElBQUksRUFBRSxrQ0FBa0MsQ0FBQyxDQUFDO3dCQUMzRCxPQUFPO29CQUNULENBQUM7b0JBRUQsMENBQTBDO29CQUMxQyxNQUFNLE1BQU0sR0FBRyxHQUFHLENBQUMsT0FBTyxDQUFDLE1BQU0sQ0FBQztvQkFDbEMsSUFBSSxNQUFNLElBQUksS0FBSyxDQUFDLE1BQU0sQ0FBQyxTQUFTLEVBQUUsY0FBYyxJQUFJLEtBQUssQ0FBQyxNQUFNLENBQUMsU0FBUyxDQUFDLGNBQWMsQ0FBQyxNQUFNLEdBQUcsQ0FBQyxFQUFFLENBQUM7d0JBQ3pHLE1BQU0sU0FBUyxHQUFHLEtBQUssQ0FBQyxNQUFNLENBQUMsU0FBUyxDQUFDLGNBQWMsQ0FBQyxJQUFJLENBQUMsYUFBYSxDQUFDLEVBQUU7NEJBQzNFLDBDQUEwQzs0QkFDMUMsSUFBSSxhQUFhLENBQUMsUUFBUSxDQUFDLEdBQUcsQ0FBQyxJQUFJLGFBQWEsQ0FBQyxRQUFRLENBQUMsR0FBRyxDQUFDLEVBQUUsQ0FBQztnQ0FDL0QsTUFBTSxPQUFPLEdBQUcsYUFBYSxDQUFDLE9BQU8sQ0FBQyxLQUFLLEVBQUUsSUFBSSxDQUFDLENBQUM7Z0NBQ25ELE1BQU0sZUFBZSxHQUFHLGFBQWEsQ0FBQyx3QkFBd0IsQ0FBQyxPQUFPLEVBQUUsWUFBWSxDQUFDLENBQUM7Z0NBQ3RGLE1BQU0sS0FBSyxHQUFHLElBQUksTUFBTSxDQUFDLElBQUksZUFBZSxHQUFHLENBQUMsQ0FBQztnQ0FDakQsT0FBTyxLQUFLLENBQUMsSUFBSSxDQUFDLE1BQU0sQ0FBQyxDQUFDOzRCQUM1QixDQUFDOzRCQUNELE9BQU8sYUFBYSxLQUFLLE1BQU0sQ0FBQzt3QkFDbEMsQ0FBQyxDQUFDLENBQUM7d0JBRUgsSUFBSSxDQUFDLFNBQVMsRUFBRSxDQUFDOzRCQUNmLElBQUksQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFDLG9CQUFvQixNQUFNLDJCQUEyQixLQUFLLENBQUMsSUFBSSxJQUFJLFNBQVMsRUFBRSxDQUFDLENBQUM7NEJBQ2pHLFVBQVUsQ0FBQyxLQUFLLENBQUMsSUFBSSxFQUFFLG9CQUFvQixDQUFDLENBQUM7NEJBQzdDLE9BQU87d0JBQ1QsQ0FBQztvQkFDSCxDQUFDO2dCQUNILENBQUM7Z0JBRUQsNERBQTREO2dCQUM1RCxJQUFJLFVBQTZCLENBQUM7Z0JBQ2xDLElBQUksVUFBa0IsQ0FBQztnQkFFdkIsSUFBSSxDQUFDO29CQUNILGtDQUFrQztvQkFDbEMsSUFBSSxPQUFPLEtBQUssQ0FBQyxNQUFNLENBQUMsTUFBTSxDQUFDLElBQUksS0FBSyxVQUFVLEVBQUUsQ0FBQzt3QkFDbkQsTUFBTSxZQUFZLEdBQUcsS0FBSyxDQUFDLE1BQU0sQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFDLGFBQWEsQ0FBQyxZQUFZLENBQUMsQ0FBQyxDQUFDO3dCQUMzRSxVQUFVLEdBQUcsWUFBWSxDQUFDO3dCQUMxQixJQUFJLENBQUMsTUFBTSxDQUFDLEtBQUssQ0FBQywrQ0FBK0MsS0FBSyxDQUFDLE9BQU8sQ0FBQyxZQUFZLENBQUMsQ0FBQyxDQUFDLENBQUMsWUFBWSxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsQ0FBQyxDQUFDLENBQUMsWUFBWSxFQUFFLENBQUMsQ0FBQztvQkFDM0ksQ0FBQzt5QkFBTSxDQUFDO3dCQUNOLFVBQVUsR0FBRyxLQUFLLENBQUMsTUFBTSxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUM7b0JBQ3hDLENBQUM7b0JBRUQsa0NBQWtDO29CQUNsQyxJQUFJLE9BQU8sS0FBSyxDQUFDLE1BQU0sQ0FBQyxNQUFNLENBQUMsSUFBSSxLQUFLLFVBQVUsRUFBRSxDQUFDO3dCQUNuRCxVQUFVLEdBQUcsS0FBSyxDQUFDLE1BQU0sQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFDLGFBQWEsQ0FBQyxZQUFZLENBQUMsQ0FBQyxDQUFDO3dCQUNuRSxJQUFJLENBQUMsTUFBTSxDQUFDLEtBQUssQ0FBQywrQ0FBK0MsVUFBVSxFQUFFLENBQUMsQ0FBQztvQkFDakYsQ0FBQzt5QkFBTSxDQUFDO3dCQUNOLFVBQVUsR0FBRyxLQUFLLENBQUMsTUFBTSxDQUFDLE1BQU0sQ0FBQyxJQUFJLEtBQUssVUFBVSxDQUFDLENBQUMsQ0FBQyxZQUFZLENBQUMsSUFBSSxDQUFDLENBQUMsQ0FBQyxLQUFLLENBQUMsTUFBTSxDQUFDLE1BQU0sQ0FBQyxJQUFjLENBQUM7b0JBQ2hILENBQUM7b0JBRUQsZ0RBQWdEO29CQUNoRCxNQUFNLFlBQVksR0FBRyxLQUFLLENBQUMsT0FBTyxDQUFDLFVBQVUsQ0FBQzt3QkFDNUMsQ0FBQyxDQUFDLFVBQVUsQ0FBQyxJQUFJLENBQUMsS0FBSyxDQUFDLElBQUksQ0FBQyxNQUFNLEVBQUUsR0FBRyxVQUFVLENBQUMsTUFBTSxDQUFDLENBQUM7d0JBQzNELENBQUMsQ0FBQyxVQUFVLENBQUM7b0JBRWYsb0RBQW9EO29CQUNwRCxXQUFXLEdBQUc7d0JBQ1osSUFBSSxFQUFFLFlBQVk7d0JBQ2xCLElBQUksRUFBRSxVQUFVO3FCQUNqQixDQUFDO2dCQUNKLENBQUM7Z0JBQUMsT0FBTyxHQUFHLEVBQUUsQ0FBQztvQkFDYixJQUFJLENBQUMsTUFBTSxDQUFDLEtBQUssQ0FBQyx5REFBeUQsR0FBRyxFQUFFLENBQUMsQ0FBQztvQkFDbEYsVUFBVSxDQUFDLEtBQUssQ0FBQyxJQUFJLEVBQUUsdUJBQXVCLENBQUMsQ0FBQztvQkFDaEQsT0FBTztnQkFDVCxDQUFDO1lBQ0gsQ0FBQztpQkFBTSxDQUFDO2dCQUNOLDJFQUEyRTtnQkFDM0UsTUFBTSxXQUFXLEdBQUcsSUFBSSxDQUFDLFlBQVksQ0FBQyxRQUFRLENBQUMsR0FBRyxDQUFDLENBQUM7Z0JBRXBELElBQUksQ0FBQyxXQUFXLEVBQUUsQ0FBQztvQkFDakIsSUFBSSxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsOENBQThDLEdBQUcsQ0FBQyxPQUFPLENBQUMsSUFBSSxFQUFFLENBQUMsQ0FBQztvQkFDbkYsVUFBVSxDQUFDLEtBQUssQ0FBQyxJQUFJLEVBQUUsc0NBQXNDLENBQUMsQ0FBQztvQkFDL0QsT0FBTztnQkFDVCxDQUFDO2dCQUVELCtEQUErRDtnQkFDL0QsV0FBVyxHQUFHLElBQUksQ0FBQyxjQUFjLENBQUMsYUFBYSxDQUM3QyxXQUFXLENBQUMsY0FBYyxFQUMxQixXQUFXLENBQUMsZ0JBQWdCLENBQUMsQ0FBQyxDQUFDLENBQ2hDLENBQUM7WUFDSixDQUFDO1lBRUQsaURBQWlEO1lBQ2pELE1BQU0sUUFBUSxHQUFJLEdBQUcsQ0FBQyxNQUFjLENBQUMsU0FBUyxDQUFDLENBQUMsQ0FBQyxLQUFLLENBQUMsQ0FBQyxDQUFDLElBQUksQ0FBQztZQUM5RCxJQUFJLFVBQVUsR0FBRyxHQUFHLENBQUMsR0FBRyxJQUFJLEdBQUcsQ0FBQztZQUVoQyxxQ0FBcUM7WUFDckMsSUFBSSxLQUFLLEVBQUUsTUFBTSxDQUFDLFNBQVMsRUFBRSxXQUFXLEVBQUUsQ0FBQztnQkFDekMsTUFBTSxZQUFZLEdBQUcsVUFBVSxDQUFDO2dCQUNoQyxVQUFVLEdBQUcsYUFBYSxDQUFDLHdCQUF3QixDQUNqRCxLQUFLLENBQUMsTUFBTSxDQUFDLFNBQVMsQ0FBQyxXQUFXLEVBQ2xDLEVBQUMsR0FBRyxZQUFZLEVBQUUsSUFBSSxFQUFFLFVBQVUsRUFBQyxDQUNwQyxDQUFDO2dCQUNGLElBQUksQ0FBQyxNQUFNLENBQUMsS0FBSyxDQUFDLDZCQUE2QixZQUFZLE9BQU8sVUFBVSxFQUFFLENBQUMsQ0FBQztZQUNsRixDQUFDO1lBRUQsTUFBTSxTQUFTLEdBQUcsR0FBRyxRQUFRLE1BQU0sV0FBVyxDQUFDLElBQUksSUFBSSxXQUFXLENBQUMsSUFBSSxHQUFHLFVBQVUsRUFBRSxDQUFDO1lBRXZGLElBQUksQ0FBQyxNQUFNLENBQUMsS0FBSyxDQUFDLDZCQUE2QixHQUFHLENBQUMsTUFBTSxDQUFDLGFBQWEsT0FBTyxTQUFTLEVBQUUsQ0FBQyxDQUFDO1lBRTNGLG1EQUFtRDtZQUNuRCxNQUFNLE9BQU8sR0FBOEIsRUFBRSxDQUFDO1lBRTlDLDhDQUE4QztZQUM5QyxLQUFLLE1BQU0sQ0FBQyxHQUFHLEVBQUUsS0FBSyxDQUFDLElBQUksTUFBTSxDQUFDLE9BQU8sQ0FBQyxHQUFHLENBQUMsT0FBTyxDQUFDLEVBQUUsQ0FBQztnQkFDdkQsSUFBSSxLQUFLLElBQUksT0FBTyxLQUFLLEtBQUssUUFBUTtvQkFDbEMsR0FBRyxDQUFDLFdBQVcsRUFBRSxLQUFLLFlBQVk7b0JBQ2xDLEdBQUcsQ0FBQyxXQUFXLEVBQUUsS0FBSyxTQUFTO29CQUMvQixHQUFHLENBQUMsV0FBVyxFQUFFLEtBQUssbUJBQW1CO29CQUN6QyxHQUFHLENBQUMsV0FBVyxFQUFFLEtBQUssdUJBQXVCLEVBQUUsQ0FBQztvQkFDbEQsT0FBTyxDQUFDLEdBQUcsQ0FBQyxHQUFHLEtBQUssQ0FBQztnQkFDdkIsQ0FBQztZQUNILENBQUM7WUFFRCw0REFBNEQ7WUFDNUQsT0FBTyxDQUFDLE1BQU0sQ0FBQyxHQUFHLEdBQUcsV0FBVyxDQUFDLElBQUksSUFBSSxXQUFXLENBQUMsSUFBSSxFQUFFLENBQUM7WUFFNUQsOENBQThDO1lBQzlDLElBQUksS0FBSyxFQUFFLE1BQU0sQ0FBQyxTQUFTLEVBQUUsYUFBYSxFQUFFLENBQUM7Z0JBQzNDLEtBQUssTUFBTSxDQUFDLEdBQUcsRUFBRSxLQUFLLENBQUMsSUFBSSxNQUFNLENBQUMsT0FBTyxDQUFDLEtBQUssQ0FBQyxNQUFNLENBQUMsU0FBUyxDQUFDLGFBQWEsQ0FBQyxFQUFFLENBQUM7b0JBQ2hGLHlEQUF5RDtvQkFDekQsSUFBSSxPQUFPLENBQUMsR0FBRyxDQUFDLFdBQVcsRUFBRSxDQUFDLElBQUksQ0FBQyxLQUFLLENBQUMsVUFBVSxDQUFDLEdBQUcsQ0FBQyxFQUFFLENBQUM7d0JBQ3pELFNBQVM7b0JBQ1gsQ0FBQztvQkFFRCw0Q0FBNEM7b0JBQzVDLElBQUksS0FBSyxLQUFLLFNBQVMsRUFBRSxDQUFDO3dCQUN4QixPQUFPLE9BQU8sQ0FBQyxHQUFHLENBQUMsV0FBVyxFQUFFLENBQUMsQ0FBQzt3QkFDbEMsU0FBUztvQkFDWCxDQUFDO29CQUVELGtDQUFrQztvQkFDbEMsSUFBSSxVQUFrQixDQUFDO29CQUN2QixJQUFJLEtBQUssQ0FBQyxVQUFVLENBQUMsR0FBRyxDQUFDLElBQUksS0FBSyxLQUFLLFNBQVMsRUFBRSxDQUFDO3dCQUNqRCxtREFBbUQ7d0JBQ25ELE1BQU0sYUFBYSxHQUFHLEtBQUssQ0FBQyxTQUFTLENBQUMsQ0FBQyxDQUFDLENBQUM7d0JBQ3pDLFVBQVUsR0FBRyxHQUFHLEdBQUcsYUFBYSxDQUFDLHdCQUF3QixDQUFDLGFBQWEsRUFBRSxZQUFZLENBQUMsQ0FBQztvQkFDekYsQ0FBQzt5QkFBTSxDQUFDO3dCQUNOLHdDQUF3Qzt3QkFDeEMsVUFBVSxHQUFHLGFBQWEsQ0FBQyx3QkFBd0IsQ0FBQyxLQUFLLEVBQUUsWUFBWSxDQUFDLENBQUM7b0JBQzNFLENBQUM7b0JBRUQsaUJBQWlCO29CQUNqQixPQUFPLENBQUMsR0FBRyxDQUFDLFdBQVcsRUFBRSxDQUFDLEdBQUcsVUFBVSxDQUFDO2dCQUMxQyxDQUFDO1lBQ0gsQ0FBQztZQUVELHNDQUFzQztZQUN0QyxNQUFNLFNBQVMsR0FBUTtnQkFDckIsT0FBTyxFQUFFLE9BQU87Z0JBQ2hCLGVBQWUsRUFBRSxJQUFJO2FBQ3RCLENBQUM7WUFFRixpQ0FBaUM7WUFDakMsSUFBSSxLQUFLLEVBQUUsTUFBTSxDQUFDLFNBQVMsRUFBRSxZQUFZLElBQUksS0FBSyxDQUFDLE1BQU0sQ0FBQyxTQUFTLENBQUMsWUFBWSxDQUFDLE1BQU0sR0FBRyxDQUFDLEVBQUUsQ0FBQztnQkFDNUYsU0FBUyxDQUFDLFNBQVMsR0FBRyxLQUFLLENBQUMsTUFBTSxDQUFDLFNBQVMsQ0FBQyxZQUFZLENBQUM7WUFDNUQsQ0FBQztpQkFBTSxJQUFJLEdBQUcsQ0FBQyxPQUFPLENBQUMsd0JBQXdCLENBQUMsRUFBRSxDQUFDO2dCQUNqRCwwQ0FBMEM7Z0JBQzFDLFNBQVMsQ0FBQyxTQUFTLEdBQUcsR0FBRyxDQUFDLE9BQU8sQ0FBQyx3QkFBd0IsQ0FBQyxDQUFDLEtBQUssQ0FBQyxHQUFHLENBQUMsQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDLEVBQUUsQ0FBQyxDQUFDLENBQUMsSUFBSSxFQUFFLENBQUMsQ0FBQztZQUM1RixDQUFDO1lBRUQsdUNBQXVDO1lBQ3ZDLE1BQU0sVUFBVSxHQUFHLElBQUksT0FBTyxDQUFDLFNBQVMsQ0FBQyxTQUFTLEVBQUUsU0FBUyxDQUFDLENBQUM7WUFFL0QsMkJBQTJCO1lBQzNCLFVBQVUsQ0FBQyxFQUFFLENBQUMsT0FBTyxFQUFFLENBQUMsR0FBRyxFQUFFLEVBQUU7Z0JBQzdCLElBQUksQ0FBQyxNQUFNLENBQUMsS0FBSyxDQUFDLHNDQUFzQyxHQUFHLENBQUMsT0FBTyxFQUFFLENBQUMsQ0FBQztnQkFDdkUsSUFBSSxVQUFVLENBQUMsVUFBVSxLQUFLLFVBQVUsQ0FBQyxJQUFJLEVBQUUsQ0FBQztvQkFDOUMsVUFBVSxDQUFDLEtBQUssQ0FBQyxJQUFJLEVBQUUsdUJBQXVCLENBQUMsQ0FBQztnQkFDbEQsQ0FBQztZQUNILENBQUMsQ0FBQyxDQUFDO1lBRUgsa0NBQWtDO1lBQ2xDLFVBQVUsQ0FBQyxFQUFFLENBQUMsTUFBTSxFQUFFLEdBQUcsRUFBRTtnQkFDekIsNENBQTRDO2dCQUM1QyxJQUFJLFlBQVksR0FBMEIsSUFBSSxDQUFDO2dCQUMvQyxJQUFJLEtBQUssRUFBRSxNQUFNLENBQUMsU0FBUyxFQUFFLFlBQVksSUFBSSxLQUFLLENBQUMsTUFBTSxDQUFDLFNBQVMsQ0FBQyxZQUFZLEdBQUcsQ0FBQyxFQUFFLENBQUM7b0JBQ3JGLFlBQVksR0FBRyxXQUFXLENBQUMsR0FBRyxFQUFFO3dCQUM5QixJQUFJLFVBQVUsQ0FBQyxVQUFVLEtBQUssVUFBVSxDQUFDLElBQUksRUFBRSxDQUFDOzRCQUM5QyxVQUFVLENBQUMsSUFBSSxFQUFFLENBQUM7NEJBQ2xCLElBQUksQ0FBQyxNQUFNLENBQUMsS0FBSyxDQUFDLDRDQUE0QyxLQUFLLENBQUMsSUFBSSxJQUFJLFNBQVMsRUFBRSxDQUFDLENBQUM7d0JBQzNGLENBQUM7b0JBQ0gsQ0FBQyxFQUFFLEtBQUssQ0FBQyxNQUFNLENBQUMsU0FBUyxDQUFDLFlBQVksQ0FBQyxDQUFDO29CQUV4QywwQ0FBMEM7b0JBQzFDLElBQUksWUFBWSxDQUFDLEtBQUs7d0JBQUUsWUFBWSxDQUFDLEtBQUssRUFBRSxDQUFDO2dCQUMvQyxDQUFDO2dCQUVELDJDQUEyQztnQkFDM0MsSUFBSSxXQUFXLEdBQTBCLElBQUksQ0FBQztnQkFDOUMsTUFBTSxhQUFhLEdBQUcsS0FBSyxFQUFFLE1BQU0sQ0FBQyxTQUFTLEVBQUUsV0FBVyxJQUFJLEtBQUssQ0FBQyxDQUFDLGNBQWM7Z0JBRW5GLDJDQUEyQztnQkFDM0MsTUFBTSxnQkFBZ0IsR0FBRyxHQUFHLEVBQUU7b0JBQzVCLElBQUksV0FBVzt3QkFBRSxZQUFZLENBQUMsV0FBVyxDQUFDLENBQUM7b0JBQzNDLFdBQVcsR0FBRyxVQUFVLENBQUMsR0FBRyxFQUFFO3dCQUM1QixJQUFJLENBQUMsTUFBTSxDQUFDLEtBQUssQ0FBQywwREFBMEQsS0FBSyxFQUFFLElBQUksSUFBSSxTQUFTLEVBQUUsQ0FBQyxDQUFDO3dCQUN4RyxVQUFVLENBQUMsU0FBUyxFQUFFLENBQUM7b0JBQ3pCLENBQUMsRUFBRSxhQUFhLENBQUMsQ0FBQztvQkFFbEIsNkNBQTZDO29CQUM3QyxJQUFJLFdBQVcsQ0FBQyxLQUFLO3dCQUFFLFdBQVcsQ0FBQyxLQUFLLEVBQUUsQ0FBQztnQkFDN0MsQ0FBQyxDQUFDO2dCQUVGLHdCQUF3QjtnQkFDeEIsVUFBVSxDQUFDLEVBQUUsQ0FBQyxNQUFNLEVBQUUsR0FBRyxFQUFFO29CQUN6QixVQUFVLENBQUMsT0FBTyxHQUFHLElBQUksQ0FBQztvQkFDMUIsVUFBVSxDQUFDLFFBQVEsR0FBRyxJQUFJLENBQUMsR0FBRyxFQUFFLENBQUM7b0JBQ2pDLGdCQUFnQixFQUFFLENBQUM7Z0JBQ3JCLENBQUMsQ0FBQyxDQUFDO2dCQUVILHVCQUF1QjtnQkFDdkIsZ0JBQWdCLEVBQUUsQ0FBQztnQkFFbkIsdUNBQXVDO2dCQUN2QyxNQUFNLE9BQU8sR0FBRyxLQUFLLEVBQUUsTUFBTSxDQUFDLFNBQVMsRUFBRSxjQUFjLElBQUksQ0FBQyxDQUFDO2dCQUU3RCxtREFBbUQ7Z0JBQ25ELFVBQVUsQ0FBQyxFQUFFLENBQUMsU0FBUyxFQUFFLENBQUMsSUFBSSxFQUFFLFFBQVEsRUFBRSxFQUFFO29CQUMxQyxJQUFJLFVBQVUsQ0FBQyxVQUFVLEtBQUssVUFBVSxDQUFDLElBQUksRUFBRSxDQUFDO3dCQUM5QyxxQ0FBcUM7d0JBQ3JDLE1BQU0sV0FBVyxHQUFHLGNBQWMsQ0FBQyxJQUFJLENBQUMsQ0FBQzt3QkFDekMsSUFBSSxPQUFPLEdBQUcsQ0FBQyxJQUFJLFdBQVcsR0FBRyxPQUFPLEVBQUUsQ0FBQzs0QkFDekMsSUFBSSxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsdUNBQXVDLFdBQVcsTUFBTSxPQUFPLEdBQUcsQ0FBQyxDQUFDOzRCQUNyRixVQUFVLENBQUMsS0FBSyxDQUFDLElBQUksRUFBRSxpQkFBaUIsQ0FBQyxDQUFDOzRCQUMxQyxPQUFPO3dCQUNULENBQUM7d0JBRUQsVUFBVSxDQUFDLElBQUksQ0FBQyxJQUFJLEVBQUUsRUFBRSxNQUFNLEVBQUUsUUFBUSxFQUFFLENBQUMsQ0FBQztvQkFDOUMsQ0FBQztnQkFDSCxDQUFDLENBQUMsQ0FBQztnQkFFSCxtREFBbUQ7Z0JBQ25ELFVBQVUsQ0FBQyxFQUFFLENBQUMsU0FBUyxFQUFFLENBQUMsSUFBSSxFQUFFLFFBQVEsRUFBRSxFQUFFO29CQUMxQyxJQUFJLFVBQVUsQ0FBQyxVQUFVLEtBQUssVUFBVSxDQUFDLElBQUksRUFBRSxDQUFDO3dCQUM5QyxVQUFVLENBQUMsSUFBSSxDQUFDLElBQUksRUFBRSxFQUFFLE1BQU0sRUFBRSxRQUFRLEVBQUUsQ0FBQyxDQUFDO29CQUM5QyxDQUFDO2dCQUNILENBQUMsQ0FBQyxDQUFDO2dCQUVILGdDQUFnQztnQkFDaEMsVUFBVSxDQUFDLEVBQUUsQ0FBQyxPQUFPLEVBQUUsQ0FBQyxJQUFJLEVBQUUsTUFBTSxFQUFFLEVBQUU7b0JBQ3RDLElBQUksQ0FBQyxNQUFNLENBQUMsS0FBSyxDQUFDLHVDQUF1QyxJQUFJLElBQUksTUFBTSxFQUFFLENBQUMsQ0FBQztvQkFDM0UsSUFBSSxVQUFVLENBQUMsVUFBVSxLQUFLLFVBQVUsQ0FBQyxJQUFJLEVBQUUsQ0FBQzt3QkFDOUMsVUFBVSxDQUFDLEtBQUssQ0FBQyxJQUFJLEVBQUUsTUFBTSxDQUFDLENBQUM7b0JBQ2pDLENBQUM7b0JBRUQsa0JBQWtCO29CQUNsQixJQUFJLFlBQVk7d0JBQUUsYUFBYSxDQUFDLFlBQVksQ0FBQyxDQUFDO29CQUM5QyxJQUFJLFdBQVc7d0JBQUUsWUFBWSxDQUFDLFdBQVcsQ0FBQyxDQUFDO2dCQUM3QyxDQUFDLENBQUMsQ0FBQztnQkFFSCxVQUFVLENBQUMsRUFBRSxDQUFDLE9BQU8sRUFBRSxDQUFDLElBQUksRUFBRSxNQUFNLEVBQUUsRUFBRTtvQkFDdEMsSUFBSSxDQUFDLE1BQU0sQ0FBQyxLQUFLLENBQUMsdUNBQXVDLElBQUksSUFBSSxNQUFNLEVBQUUsQ0FBQyxDQUFDO29CQUMzRSxJQUFJLFVBQVUsQ0FBQyxVQUFVLEtBQUssVUFBVSxDQUFDLElBQUksRUFBRSxDQUFDO3dCQUM5QyxVQUFVLENBQUMsS0FBSyxDQUFDLElBQUksRUFBRSxNQUFNLENBQUMsQ0FBQztvQkFDakMsQ0FBQztvQkFFRCxrQkFBa0I7b0JBQ2xCLElBQUksWUFBWTt3QkFBRSxhQUFhLENBQUMsWUFBWSxDQUFDLENBQUM7b0JBQzlDLElBQUksV0FBVzt3QkFBRSxZQUFZLENBQUMsV0FBVyxDQUFDLENBQUM7Z0JBQzdDLENBQUMsQ0FBQyxDQUFDO2dCQUVILElBQUksQ0FBQyxNQUFNLENBQUMsS0FBSyxDQUFDLHFDQUFxQyxHQUFHLENBQUMsT0FBTyxDQUFDLElBQUksT0FBTyxXQUFXLENBQUMsSUFBSSxJQUFJLFdBQVcsQ0FBQyxJQUFJLEVBQUUsQ0FBQyxDQUFDO1lBQ3hILENBQUMsQ0FBQyxDQUFDO1FBRUwsQ0FBQztRQUFDLE9BQU8sS0FBSyxFQUFFLENBQUM7WUFDZixJQUFJLENBQUMsTUFBTSxDQUFDLEtBQUssQ0FBQyx3Q0FBd0MsS0FBSyxDQUFDLE9BQU8sRUFBRSxDQUFDLENBQUM7WUFDM0UsSUFBSSxVQUFVLENBQUMsVUFBVSxLQUFLLFVBQVUsQ0FBQyxJQUFJLEVBQUUsQ0FBQztnQkFDOUMsVUFBVSxDQUFDLEtBQUssQ0FBQyxJQUFJLEVBQUUsdUJBQXVCLENBQUMsQ0FBQztZQUNsRCxDQUFDO1FBQ0gsQ0FBQztJQUNILENBQUM7SUFFRDs7T0FFRztJQUNJLGlCQUFpQjtRQUN0QixPQUFPO1lBQ0wsaUJBQWlCLEVBQUUsSUFBSSxDQUFDLFFBQVEsQ0FBQyxDQUFDLENBQUMsSUFBSSxDQUFDLFFBQVEsQ0FBQyxPQUFPLENBQUMsSUFBSSxDQUFDLENBQUMsQ0FBQyxDQUFDO1NBQ2xFLENBQUM7SUFDSixDQUFDO0lBRUQ7O09BRUc7SUFDSSxRQUFRO1FBQ2IsMEJBQTBCO1FBQzFCLElBQUksSUFBSSxDQUFDLGlCQUFpQixFQUFFLENBQUM7WUFDM0IsYUFBYSxDQUFDLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxDQUFDO1lBQ3RDLElBQUksQ0FBQyxpQkFBaUIsR0FBRyxJQUFJLENBQUM7UUFDaEMsQ0FBQztRQUVELGtDQUFrQztRQUNsQyxJQUFJLElBQUksQ0FBQyxRQUFRLEVBQUUsQ0FBQztZQUNsQixJQUFJLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxXQUFXLElBQUksQ0FBQyxRQUFRLENBQUMsT0FBTyxDQUFDLElBQUksd0JBQXdCLENBQUMsQ0FBQztZQUVoRixLQUFLLE1BQU0sTUFBTSxJQUFJLElBQUksQ0FBQyxRQUFRLENBQUMsT0FBTyxFQUFFLENBQUM7Z0JBQzNDLElBQUksQ0FBQztvQkFDSCxNQUFNLENBQUMsU0FBUyxFQUFFLENBQUM7Z0JBQ3JCLENBQUM7Z0JBQUMsT0FBTyxLQUFLLEVBQUUsQ0FBQztvQkFDZixJQUFJLENBQUMsTUFBTSxDQUFDLEtBQUssQ0FBQyxvQ0FBb0MsRUFBRSxLQUFLLENBQUMsQ0FBQztnQkFDakUsQ0FBQztZQUNILENBQUM7WUFFRCxtQkFBbUI7WUFDbkIsSUFBSSxDQUFDLFFBQVEsQ0FBQyxLQUFLLEVBQUUsQ0FBQztZQUN0QixJQUFJLENBQUMsUUFBUSxHQUFHLElBQUksQ0FBQztRQUN2QixDQUFDO0lBQ0gsQ0FBQztDQUNGIn0=

package/dist_ts/proxies/smart-proxy/index.d.ts

@@ -12,4 +12,4 @@ export { TlsManager } from './tls-manager.js';
 export { NetworkProxyBridge } from './network-proxy-bridge.js';
 export { RouteManager } from './route-manager.js';
 export { RouteConnectionHandler } from './route-connection-handler.js';
-export { createRoute, createHttpRoute, createHttpsRoute, createPassthroughRoute, createRedirectRoute, createHttpToHttpsRedirect, createBlockRoute, createLoadBalancerRoute, createHttpsServer } from './route-helpers.js';
+export * from './utils/index.js';

package/dist_ts/proxies/smart-proxy/index.js

@@ -16,6 +16,6 @@ export { NetworkProxyBridge } from './network-proxy-bridge.js';
 // Export route-based components
 export { RouteManager } from './route-manager.js';
 export { RouteConnectionHandler } from './route-connection-handler.js';
-// Export route helpers for configuration
-export { createRoute, createHttpRoute, createHttpsRoute, createPassthroughRoute, createRedirectRoute, createHttpToHttpsRedirect, createBlockRoute, createLoadBalancerRoute, createHttpsServer } from './route-helpers.js';
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi90cy9wcm94aWVzL3NtYXJ0LXByb3h5L2luZGV4LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUFBOzs7O0dBSUc7QUFDSCxtQkFBbUI7QUFDbkIsY0FBYyxtQkFBbUIsQ0FBQztBQUVsQyxtQ0FBbUM7QUFDbkMsT0FBTyxFQUFFLFVBQVUsRUFBRSxNQUFNLGtCQUFrQixDQUFDO0FBRTlDLGlDQUFpQztBQUNqQyxPQUFPLEVBQUUsaUJBQWlCLEVBQUUsTUFBTSx5QkFBeUIsQ0FBQztBQUM1RCxPQUFPLEVBQUUsZUFBZSxFQUFFLE1BQU0sdUJBQXVCLENBQUM7QUFDeEQsT0FBTyxFQUFFLGNBQWMsRUFBRSxNQUFNLHNCQUFzQixDQUFDO0FBQ3RELE9BQU8sRUFBRSxVQUFVLEVBQUUsTUFBTSxrQkFBa0IsQ0FBQztBQUM5QyxPQUFPLEVBQUUsa0JBQWtCLEVBQUUsTUFBTSwyQkFBMkIsQ0FBQztBQUUvRCxnQ0FBZ0M7QUFDaEMsT0FBTyxFQUFFLFlBQVksRUFBRSxNQUFNLG9CQUFvQixDQUFDO0FBQ2xELE9BQU8sRUFBRSxzQkFBc0IsRUFBRSxNQUFNLCtCQUErQixDQUFDO0FBRXZFLHlDQUF5QztBQUN6QyxPQUFPLEVBQ0wsV0FBVyxFQUNYLGVBQWUsRUFDZixnQkFBZ0IsRUFDaEIsc0JBQXNCLEVBQ3RCLG1CQUFtQixFQUNuQix5QkFBeUIsRUFDekIsZ0JBQWdCLEVBQ2hCLHVCQUF1QixFQUN2QixpQkFBaUIsRUFDbEIsTUFBTSxvQkFBb0IsQ0FBQyJ9
+// Export all helper functions from the utils directory
+export * from './utils/index.js';
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi90cy9wcm94aWVzL3NtYXJ0LXByb3h5L2luZGV4LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUFBOzs7O0dBSUc7QUFDSCxtQkFBbUI7QUFDbkIsY0FBYyxtQkFBbUIsQ0FBQztBQUVsQyxtQ0FBbUM7QUFDbkMsT0FBTyxFQUFFLFVBQVUsRUFBRSxNQUFNLGtCQUFrQixDQUFDO0FBRTlDLGlDQUFpQztBQUNqQyxPQUFPLEVBQUUsaUJBQWlCLEVBQUUsTUFBTSx5QkFBeUIsQ0FBQztBQUM1RCxPQUFPLEVBQUUsZUFBZSxFQUFFLE1BQU0sdUJBQXVCLENBQUM7QUFDeEQsT0FBTyxFQUFFLGNBQWMsRUFBRSxNQUFNLHNCQUFzQixDQUFDO0FBQ3RELE9BQU8sRUFBRSxVQUFVLEVBQUUsTUFBTSxrQkFBa0IsQ0FBQztBQUM5QyxPQUFPLEVBQUUsa0JBQWtCLEVBQUUsTUFBTSwyQkFBMkIsQ0FBQztBQUUvRCxnQ0FBZ0M7QUFDaEMsT0FBTyxFQUFFLFlBQVksRUFBRSxNQUFNLG9CQUFvQixDQUFDO0FBQ2xELE9BQU8sRUFBRSxzQkFBc0IsRUFBRSxNQUFNLCtCQUErQixDQUFDO0FBRXZFLHVEQUF1RDtBQUN2RCxjQUFjLGtCQUFrQixDQUFDIn0=

package/dist_ts/proxies/smart-proxy/models/interfaces.d.ts

@@ -19,11 +19,6 @@ export declare function isRoutedOptions(options: any): boolean;
  */
 export interface ISmartProxyOptions {
     routes: IRouteConfig[];
-    globalPortRanges?: Array<{
-        from: number;
-        to: number;
-    }>;
-    forwardAllGlobalRanges?: boolean;
     preserveSourceIP?: boolean;
     defaults?: {
         target?: {
@@ -104,6 +99,9 @@ export interface IConnectionRecord {
     tlsHandshakeComplete: boolean;
     hasReceivedInitialData: boolean;
     routeConfig?: IRouteConfig;
+    targetHost?: string;
+    targetPort?: number;
+    tlsVersion?: string;
     hasKeepAlive: boolean;
     inactivityWarningIssued?: boolean;
     incomingTerminationReason?: string | null;

package/dist_ts/proxies/smart-proxy/models/route-types.d.ts

@@ -25,13 +25,32 @@ export interface IRouteMatch {
     tlsVersion?: string[];
     headers?: Record<string, string | RegExp>;
 }
+/**
+ * Context provided to port and host mapping functions
+ */
+export interface IRouteContext {
+    port: number;
+    domain?: string;
+    clientIp: string;
+    serverIp: string;
+    path?: string;
+    query?: string;
+    headers?: Record<string, string>;
+    isTls: boolean;
+    tlsVersion?: string;
+    routeName?: string;
+    routeId?: string;
+    targetHost?: string | string[];
+    targetPort?: number;
+    timestamp: number;
+    connectionId: string;
+}
 /**
  * Target configuration for forwarding
  */
 export interface IRouteTarget {
-    host: string | string[];
-    port: number;
-    preservePort?: boolean;
+    host: string | string[] | ((context: IRouteContext) => string | string[]);
+    port: number | 'preserve' | ((context: IRouteContext) => number);
 }
 /**
  * TLS configuration for route actions
@@ -66,7 +85,7 @@ export interface IRouteAuthentication {
     oauthClientId?: string;
     oauthClientSecret?: string;
     oauthRedirectUri?: string;
-    [key: string]: any;
+    options?: Record<string, unknown>;
 }
 /**
  * Security options for route actions
@@ -99,6 +118,15 @@ export interface IRouteTestResponse {
     headers: Record<string, string>;
     body: string;
 }
+/**
+ * URL rewriting configuration
+ */
+export interface IRouteUrlRewrite {
+    pattern: string;
+    target: string;
+    flags?: string;
+    onlyRewritePath?: boolean;
+}
 /**
  * Advanced options for route actions
  */
@@ -108,6 +136,7 @@ export interface IRouteAdvanced {
     keepAlive?: boolean;
     staticFiles?: IRouteStaticFiles;
     testResponse?: IRouteTestResponse;
+    urlRewrite?: IRouteUrlRewrite;
 }
 /**
  * WebSocket configuration
@@ -117,6 +146,11 @@ export interface IRouteWebSocket {
     pingInterval?: number;
     pingTimeout?: number;
     maxPayloadSize?: number;
+    customHeaders?: Record<string, string>;
+    subprotocols?: string[];
+    rewritePath?: string;
+    allowedOrigins?: string[];
+    authenticateRequest?: boolean;
 }
 /**
  * Load balancing configuration
@@ -144,6 +178,10 @@ export interface IRouteAction {
     loadBalancing?: IRouteLoadBalancing;
     security?: IRouteSecurity;
     advanced?: IRouteAdvanced;
+    options?: {
+        backendProtocol?: 'http1' | 'http2';
+        [key: string]: any;
+    };
 }
 /**
  * Rate limiting configuration
@@ -182,12 +220,26 @@ export interface IRouteSecurity {
     ipAllowList?: string[];
     ipBlockList?: string[];
 }
+/**
+ * CORS configuration for a route
+ */
+export interface IRouteCors {
+    enabled: boolean;
+    allowOrigin?: string | string[];
+    allowMethods?: string;
+    allowHeaders?: string;
+    allowCredentials?: boolean;
+    exposeHeaders?: string;
+    maxAge?: number;
+    preflight?: boolean;
+}
 /**
  * Headers configuration
  */
 export interface IRouteHeaders {
     request?: Record<string, string>;
     response?: Record<string, string>;
+    cors?: IRouteCors;
 }
 /**
  * The core unified configuration interface

package/dist_ts/proxies/smart-proxy/network-proxy-bridge.d.ts

@@ -8,8 +8,8 @@ import type { IRouteConfig } from './models/route-types.js';
  * Manages NetworkProxy integration for TLS termination
  *
  * NetworkProxyBridge connects SmartProxy with NetworkProxy to handle TLS termination.
- * It directly maps route configurations to NetworkProxy configuration format and manages
- * certificate provisioning through Port80Handler when ACME is enabled.
+ * It directly passes route configurations to NetworkProxy and manages the physical
+ * connection piping between SmartProxy and NetworkProxy for TLS termination.
  *
  * It is used by SmartProxy for routes that have:
  * - TLS mode of 'terminate' or 'terminate-and-reencrypt'
@@ -52,23 +52,6 @@ export declare class NetworkProxyBridge {
      * Stop NetworkProxy
      */
     stop(): Promise<void>;
-    /**
-     * Register domains from routes with Port80Handler for certificate management
-     *
-     * Extracts domains from routes that require TLS termination and registers them
-     * with the Port80Handler for certificate issuance and renewal.
-     *
-     * @param routes The route configurations to extract domains from
-     */
-    registerDomainsWithPort80Handler(routes: IRouteConfig[]): void;
-    /**
-     * Finds the route reference for a given domain
-     *
-     * @param domain The domain to find a route reference for
-     * @param routes The routes to search
-     * @returns The route reference if found, undefined otherwise
-     */
-    private findRouteReferenceForDomain;
     /**
      * Forwards a TLS connection to a NetworkProxy for handling
      */
@@ -76,48 +59,12 @@ export declare class NetworkProxyBridge {
     /**
      * Synchronizes routes to NetworkProxy
      *
-     * This method directly maps route configurations to NetworkProxy format and updates
-     * the NetworkProxy with these configurations. It handles:
-     *
-     * - Extracting domain, target, and certificate information from routes
-     * - Converting TLS mode settings to NetworkProxy configuration
-     * - Applying security and advanced settings
-     * - Registering domains for ACME certificate provisioning when needed
+     * This method directly passes route configurations to NetworkProxy without any
+     * intermediate conversion. NetworkProxy natively understands route configurations.
      *
      * @param routes The route configurations to sync to NetworkProxy
      */
     syncRoutesToNetworkProxy(routes: IRouteConfig[]): Promise<void>;
-    /**
-     * Map routes directly to NetworkProxy configuration format
-     *
-     * This method directly maps route configurations to NetworkProxy's format
-     * without any intermediate domain-based representation. It processes each route
-     * and creates appropriate NetworkProxy configs for domains that require TLS termination.
-     *
-     * @param routes Array of route configurations to map
-     * @param defaultCertPair Default certificate to use if no custom certificate is specified
-     * @returns Array of NetworkProxy configurations
-     */
-    mapRoutesToNetworkProxyConfigs(routes: IRouteConfig[], defaultCertPair: {
-        key: string;
-        cert: string;
-    }): plugins.tsclass.network.IReverseProxyConfig[];
-    /**
-     * @deprecated This method is kept for backward compatibility.
-     * Use mapRoutesToNetworkProxyConfigs() instead.
-     */
-    convertRoutesToNetworkProxyConfigs(routes: IRouteConfig[], defaultCertPair: {
-        key: string;
-        cert: string;
-    }): plugins.tsclass.network.IReverseProxyConfig[];
-    /**
-     * @deprecated This method is deprecated and will be removed in a future version.
-     * Use syncRoutesToNetworkProxy() instead.
-     *
-     * This legacy method exists only for backward compatibility and
-     * simply forwards to syncRoutesToNetworkProxy().
-     */
-    syncDomainConfigsToNetworkProxy(): Promise<void>;
     /**
      * Request a certificate for a specific domain
      *