Trang chủ Khám phá Trợ giúp
Đăng ký Đăng nhập
chengnan
/
s202226701001
1
0
Fork 0
Các tập tin Các vấn đề 0 Yêu cầu kéo về 0 Wiki
Branch: master
Branches Tags
s202226701001
/
sever-test
/
node_modules
/
parse-server
/
lib
/
Adapters
/
Auth
/
mfa.js

mfa.js 24 KB
Permalink Lịch sử Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248 
  1. "use strict";
    2. 

  2. 

  3. Object.defineProperty(exports, "__esModule", {
    4. 

  4.   value: true
    5. 

  5. });
    6. 

  6. exports.default = void 0;
    7. 

  7. var _otpauth = require("otpauth");
    8. 

  8. var _cryptoUtils = require("../../cryptoUtils");
    9. 

  9. var _AuthAdapter = _interopRequireDefault(require("./AuthAdapter"));
    10. 

  10. function _interopRequireDefault(e) { return e && e.__esModule ? e : { default: e }; }
    11. 

  11. class MFAAdapter extends _AuthAdapter.default {
    12. 

  12.   validateOptions(opts) {
    13. 

  13.     const validOptions = opts.options;
    14. 

  14.     if (!Array.isArray(validOptions)) {
    15. 

  15.       throw 'mfa.options must be an array';
    16. 

  16.     }
    17. 

  17.     this.sms = validOptions.includes('SMS');
    18. 

  18.     this.totp = validOptions.includes('TOTP');
    19. 

  19.     if (!this.sms && !this.totp) {
    20. 

  20.       throw 'mfa.options must include SMS or TOTP';
    21. 

  21.     }
    22. 

  22.     const digits = opts.digits || 6;
    23. 

  23.     const period = opts.period || 30;
    24. 

  24.     if (typeof digits !== 'number') {
    25. 

  25.       throw 'mfa.digits must be a number';
    26. 

  26.     }
    27. 

  27.     if (typeof period !== 'number') {
    28. 

  28.       throw 'mfa.period must be a number';
    29. 

  29.     }
    30. 

  30.     if (digits < 4 || digits > 10) {
    31. 

  31.       throw 'mfa.digits must be between 4 and 10';
    32. 

  32.     }
    33. 

  33.     if (period < 10) {
    34. 

  34.       throw 'mfa.period must be greater than 10';
    35. 

  35.     }
    36. 

  36.     const sendSMS = opts.sendSMS;
    37. 

  37.     if (this.sms && typeof sendSMS !== 'function') {
    38. 

  38.       throw 'mfa.sendSMS callback must be defined when using SMS OTPs';
    39. 

  39.     }
    40. 

  40.     this.smsCallback = sendSMS;
    41. 

  41.     this.digits = digits;
    42. 

  42.     this.period = period;
    43. 

  43.     this.algorithm = opts.algorithm || 'SHA1';
    44. 

  44.   }
    45. 

  45.   validateSetUp(mfaData) {
    46. 

  46.     if (mfaData.mobile && this.sms) {
    47. 

  47.       return this.setupMobileOTP(mfaData.mobile);
    48. 

  48.     }
    49. 

  49.     if (this.totp) {
    50. 

  50.       return this.setupTOTP(mfaData);
    51. 

  51.     }
    52. 

  52.     throw 'Invalid MFA data';
    53. 

  53.   }
    54. 

  54.   async validateLogin(loginData, _, req) {
    55. 

  55.     const saveResponse = {
    56. 

  56.       doNotSave: true
    57. 

  57.     };
    58. 

  58.     const token = loginData.token;
    59. 

  59.     const auth = req.original.get('authData') || {};
    60. 

  60.     const {
    61. 

  61.       secret,
    62. 

  62.       recovery,
    63. 

  63.       mobile,
    64. 

  64.       token: saved,
    65. 

  65.       expiry
    66. 

  66.     } = auth.mfa || {};
    67. 

  67.     if (this.sms && mobile) {
    68. 

  68.       if (token === 'request') {
    69. 

  69.         const {
    70. 

  70.           token: sendToken,
    71. 

  71.           expiry
    72. 

  72.         } = await this.sendSMS(mobile);
    73. 

  73.         auth.mfa.token = sendToken;
    74. 

  74.         auth.mfa.expiry = expiry;
    75. 

  75.         req.object.set('authData', auth);
    76. 

  76.         await req.object.save(null, {
    77. 

  77.           useMasterKey: true
    78. 

  78.         });
    79. 

  79.         throw 'Please enter the token';
    80. 

  80.       }
    81. 

  81.       if (!saved || token !== saved) {
    82. 

  82.         throw 'Invalid MFA token 1';
    83. 

  83.       }
    84. 

  84.       if (new Date() > expiry) {
    85. 

  85.         throw 'Invalid MFA token 2';
    86. 

  86.       }
    87. 

  87.       delete auth.mfa.token;
    88. 

  88.       delete auth.mfa.expiry;
    89. 

  89.       return {
    90. 

  90.         save: auth.mfa
    91. 

  91.       };
    92. 

  92.     }
    93. 

  93.     if (this.totp) {
    94. 

  94.       if (typeof token !== 'string') {
    95. 

  95.         throw 'Invalid MFA token';
    96. 

  96.       }
    97. 

  97.       if (!secret) {
    98. 

  98.         return saveResponse;
    99. 

  99.       }
    100. 

  100.       if (recovery[0] === token || recovery[1] === token) {
    101. 

  101.         return saveResponse;
    102. 

  102.       }
    103. 

  103.       const totp = new _otpauth.TOTP({
    104. 

  104.         algorithm: this.algorithm,
    105. 

  105.         digits: this.digits,
    106. 

  106.         period: this.period,
    107. 

  107.         secret: _otpauth.Secret.fromBase32(secret)
    108. 

  108.       });
    109. 

  109.       const valid = totp.validate({
    110. 

  110.         token
    111. 

  111.       });
    112. 

  112.       if (valid === null) {
    113. 

  113.         throw 'Invalid MFA token';
    114. 

  114.       }
    115. 

  115.     }
    116. 

  116.     return saveResponse;
    117. 

  117.   }
    118. 

  118.   async validateUpdate(authData, _, req) {
    119. 

  119.     if (req.master) {
    120. 

  120.       return;
    121. 

  121.     }
    122. 

  122.     if (authData.mobile && this.sms) {
    123. 

  123.       var _req$original$get;
    124. 

  124.       if (!authData.token) {
    125. 

  125.         throw 'MFA is already set up on this account';
    126. 

  126.       }
    127. 

  127.       return this.confirmSMSOTP(authData, ((_req$original$get = req.original.get('authData')) === null || _req$original$get === void 0 ? void 0 : _req$original$get.mfa) || {});
    128. 

  128.     }
    129. 

  129.     if (this.totp) {
    130. 

  130.       await this.validateLogin({
    131. 

  131.         token: authData.old
    132. 

  132.       }, null, req);
    133. 

  133.       return this.validateSetUp(authData);
    134. 

  134.     }
    135. 

  135.     throw 'Invalid MFA data';
    136. 

  136.   }
    137. 

  137.   afterFind(req, authData) {
    138. 

  138.     if (req.master) {
    139. 

  139.       return;
    140. 

  140.     }
    141. 

  141.     if (this.totp && authData.secret) {
    142. 

  142.       return {
    143. 

  143.         status: 'enabled'
    144. 

  144.       };
    145. 

  145.     }
    146. 

  146.     if (this.sms && authData.mobile) {
    147. 

  147.       return {
    148. 

  148.         status: 'enabled'
    149. 

  149.       };
    150. 

  150.     }
    151. 

  151.     return {
    152. 

  152.       status: 'disabled'
    153. 

  153.     };
    154. 

  154.   }
    155. 

  155.   policy(req, auth) {
    156. 

  156.     if (this.sms && auth !== null && auth !== void 0 && auth.pending && Object.keys(auth).length === 1) {
    157. 

  157.       return 'default';
    158. 

  158.     }
    159. 

  159.     return 'additional';
    160. 

  160.   }
    161. 

  161.   async setupMobileOTP(mobile) {
    162. 

  162.     const {
    163. 

  163.       token,
    164. 

  164.       expiry
    165. 

  165.     } = await this.sendSMS(mobile);
    166. 

  166.     return {
    167. 

  167.       save: {
    168. 

  168.         pending: {
    169. 

  169.           [mobile]: {
    170. 

  170.             token,
    171. 

  171.             expiry
    172. 

  172.           }
    173. 

  173.         }
    174. 

  174.       }
    175. 

  175.     };
    176. 

  176.   }
    177. 

  177.   async sendSMS(mobile) {
    178. 

  178.     if (!/^[+]*[(]{0,1}[0-9]{1,3}[)]{0,1}[-\s\./0-9]*$/g.test(mobile)) {
    179. 

  179.       throw 'Invalid mobile number.';
    180. 

  180.     }
    181. 

  181.     let token = '';
    182. 

  182.     while (token.length < this.digits) {
    183. 

  183.       token += (0, _cryptoUtils.randomString)(10).replace(/\D/g, '');
    184. 

  184.     }
    185. 

  185.     token = token.substring(0, this.digits);
    186. 

  186.     await Promise.resolve(this.smsCallback(token, mobile));
    187. 

  187.     const expiry = new Date(new Date().getTime() + this.period * 1000);
    188. 

  188.     return {
    189. 

  189.       token,
    190. 

  190.       expiry
    191. 

  191.     };
    192. 

  192.   }
    193. 

  193.   async confirmSMSOTP(inputData, authData) {
    194. 

  194.     var _authData$pending;
    195. 

  195.     const {
    196. 

  196.       mobile,
    197. 

  197.       token
    198. 

  198.     } = inputData;
    199. 

  199.     if (!((_authData$pending = authData.pending) !== null && _authData$pending !== void 0 && _authData$pending[mobile])) {
    200. 

  200.       throw 'This number is not pending';
    201. 

  201.     }
    202. 

  202.     const pendingData = authData.pending[mobile];
    203. 

  203.     if (token !== pendingData.token) {
    204. 

  204.       throw 'Invalid MFA token';
    205. 

  205.     }
    206. 

  206.     if (new Date() > pendingData.expiry) {
    207. 

  207.       throw 'Invalid MFA token';
    208. 

  208.     }
    209. 

  209.     delete authData.pending[mobile];
    210. 

  210.     authData.mobile = mobile;
    211. 

  211.     return {
    212. 

  212.       save: authData
    213. 

  213.     };
    214. 

  214.   }
    215. 

  215.   setupTOTP(mfaData) {
    216. 

  216.     const {
    217. 

  217.       secret,
    218. 

  218.       token
    219. 

  219.     } = mfaData;
    220. 

  220.     if (!secret || !token || secret.length < 20) {
    221. 

  221.       throw 'Invalid MFA data';
    222. 

  222.     }
    223. 

  223.     const totp = new _otpauth.TOTP({
    224. 

  224.       algorithm: this.algorithm,
    225. 

  225.       digits: this.digits,
    226. 

  226.       period: this.period,
    227. 

  227.       secret: _otpauth.Secret.fromBase32(secret)
    228. 

  228.     });
    229. 

  229.     const valid = totp.validate({
    230. 

  230.       token
    231. 

  231.     });
    232. 

  232.     if (valid === null) {
    233. 

  233.       throw 'Invalid MFA token';
    234. 

  234.     }
    235. 

  235.     const recovery = [(0, _cryptoUtils.randomString)(30), (0, _cryptoUtils.randomString)(30)];
    236. 

  236.     return {
    237. 

  237.       response: {
    238. 

  238.         recovery: recovery.join(', ')
    239. 

  239.       },
    240. 

  240.       save: {
    241. 

  241.         secret,
    242. 

  242.         recovery
    243. 

  243.       }
    244. 

  244.     };
    245. 

  245.   }
    246. 

  246. }
    247. 

  247. var _default = exports.default = new MFAAdapter();
    248. 

  248. //# sourceMappingURL=data:application/json;charset=utf-8;base64,eyJ2ZXJzaW9uIjozLCJuYW1lcyI6WyJfb3RwYXV0aCIsInJlcXVpcmUiLCJfY3J5cHRvVXRpbHMiLCJfQXV0aEFkYXB0ZXIiLCJfaW50ZXJvcFJlcXVpcmVEZWZhdWx0IiwiZSIsIl9fZXNNb2R1bGUiLCJkZWZhdWx0IiwiTUZBQWRhcHRlciIsIkF1dGhBZGFwdGVyIiwidmFsaWRhdGVPcHRpb25zIiwib3B0cyIsInZhbGlkT3B0aW9ucyIsIm9wdGlvbnMiLCJBcnJheSIsImlzQXJyYXkiLCJzbXMiLCJpbmNsdWRlcyIsInRvdHAiLCJkaWdpdHMiLCJwZXJpb2QiLCJzZW5kU01TIiwic21zQ2FsbGJhY2siLCJhbGdvcml0aG0iLCJ2YWxpZGF0ZVNldFVwIiwibWZhRGF0YSIsIm1vYmlsZSIsInNldHVwTW9iaWxlT1RQIiwic2V0dXBUT1RQIiwidmFsaWRhdGVMb2dpbiIsImxvZ2luRGF0YSIsIl8iLCJyZXEiLCJzYXZlUmVzcG9uc2UiLCJkb05vdFNhdmUiLCJ0b2tlbiIsImF1dGgiLCJvcmlnaW5hbCIsImdldCIsInNlY3JldCIsInJlY292ZXJ5Iiwic2F2ZWQiLCJleHBpcnkiLCJtZmEiLCJzZW5kVG9rZW4iLCJvYmplY3QiLCJzZXQiLCJzYXZlIiwidXNlTWFzdGVyS2V5IiwiRGF0ZSIsIlRPVFAiLCJTZWNyZXQiLCJmcm9tQmFzZTMyIiwidmFsaWQiLCJ2YWxpZGF0ZSIsInZhbGlkYXRlVXBkYXRlIiwiYXV0aERhdGEiLCJtYXN0ZXIiLCJfcmVxJG9yaWdpbmFsJGdldCIsImNvbmZpcm1TTVNPVFAiLCJvbGQiLCJhZnRlckZpbmQiLCJzdGF0dXMiLCJwb2xpY3kiLCJwZW5kaW5nIiwiT2JqZWN0Iiwia2V5cyIsImxlbmd0aCIsInRlc3QiLCJyYW5kb21TdHJpbmciLCJyZXBsYWNlIiwic3Vic3RyaW5nIiwiUHJvbWlzZSIsInJlc29sdmUiLCJnZXRUaW1lIiwiaW5wdXREYXRhIiwiX2F1dGhEYXRhJHBlbmRpbmciLCJwZW5kaW5nRGF0YSIsInJlc3BvbnNlIiwiam9pbiIsIl9kZWZhdWx0IiwiZXhwb3J0cyJdLCJzb3VyY2VzIjpbIi4uLy4uLy4uL3NyYy9BZGFwdGVycy9BdXRoL21mYS5qcyJdLCJzb3VyY2VzQ29udGVudCI6WyJpbXBvcnQgeyBUT1RQLCBTZWNyZXQgfSBmcm9tICdvdHBhdXRoJztcbmltcG9ydCB7IHJhbmRvbVN0cmluZyB9IGZyb20gJy4uLy4uL2NyeXB0b1V0aWxzJztcbmltcG9ydCBBdXRoQWRhcHRlciBmcm9tICcuL0F1dGhBZGFwdGVyJztcbmNsYXNzIE1GQUFkYXB0ZXIgZXh0ZW5kcyBBdXRoQWRhcHRlciB7XG4gIHZhbGlkYXRlT3B0aW9ucyhvcHRzKSB7XG4gICAgY29uc3QgdmFsaWRPcHRpb25zID0gb3B0cy5vcHRpb25zO1xuICAgIGlmICghQXJyYXkuaXNBcnJheSh2YWxpZE9wdGlvbnMpKSB7XG4gICAgICB0aHJvdyAnbWZhLm9wdGlvbnMgbXVzdCBiZSBhbiBhcnJheSc7XG4gICAgfVxuICAgIHRoaXMuc21zID0gdmFsaWRPcHRpb25zLmluY2x1ZGVzKCdTTVMnKTtcbiAgICB0aGlzLnRvdHAgPSB2YWxpZE9wdGlvbnMuaW5jbHVkZXMoJ1RPVFAnKTtcbiAgICBpZiAoIXRoaXMuc21zICYmICF0aGlzLnRvdHApIHtcbiAgICAgIHRocm93ICdtZmEub3B0aW9ucyBtdXN0IGluY2x1ZGUgU01TIG9yIFRPVFAnO1xuICAgIH1cbiAgICBjb25zdCBkaWdpdHMgPSBvcHRzLmRpZ2l0cyB8fCA2O1xuICAgIGNvbnN0IHBlcmlvZCA9IG9wdHMucGVyaW9kIHx8IDMwO1xuICAgIGlmICh0eXBlb2YgZGlnaXRzICE9PSAnbnVtYmVyJykge1xuICAgICAgdGhyb3cgJ21mYS5kaWdpdHMgbXVzdCBiZSBhIG51bWJlcic7XG4gICAgfVxuICAgIGlmICh0eXBlb2YgcGVyaW9kICE9PSAnbnVtYmVyJykge1xuICAgICAgdGhyb3cgJ21mYS5wZXJpb2QgbXVzdCBiZSBhIG51bWJlcic7XG4gICAgfVxuICAgIGlmIChkaWdpdHMgPCA0IHx8IGRpZ2l0cyA+IDEwKSB7XG4gICAgICB0aHJvdyAnbWZhLmRpZ2l0cyBtdXN0IGJlIGJldHdlZW4gNCBhbmQgMTAnO1xuICAgIH1cbiAgICBpZiAocGVyaW9kIDwgMTApIHtcbiAgICAgIHRocm93ICdtZmEucGVyaW9kIG11c3QgYmUgZ3JlYXRlciB0aGFuIDEwJztcbiAgICB9XG4gICAgY29uc3Qgc2VuZFNNUyA9IG9wdHMuc2VuZFNNUztcbiAgICBpZiAodGhpcy5zbXMgJiYgdHlwZW9mIHNlbmRTTVMgIT09ICdmdW5jdGlvbicpIHtcbiAgICAgIHRocm93ICdtZmEuc2VuZFNNUyBjYWxsYmFjayBtdXN0IGJlIGRlZmluZWQgd2hlbiB1c2luZyBTTVMgT1RQcyc7XG4gICAgfVxuICAgIHRoaXMuc21zQ2FsbGJhY2sgPSBzZW5kU01TO1xuICAgIHRoaXMuZGlnaXRzID0gZGlnaXRzO1xuICAgIHRoaXMucGVyaW9kID0gcGVyaW9kO1xuICAgIHRoaXMuYWxnb3JpdGhtID0gb3B0cy5hbGdvcml0aG0gfHwgJ1NIQTEnO1xuICB9XG4gIHZhbGlkYXRlU2V0VXAobWZhRGF0YSkge1xuICAgIGlmIChtZmFEYXRhLm1vYmlsZSAmJiB0aGlzLnNtcykge1xuICAgICAgcmV0dXJuIHRoaXMuc2V0dXBNb2JpbGVPVFAobWZhRGF0YS5tb2JpbGUpO1xuICAgIH1cbiAgICBpZiAodGhpcy50b3RwKSB7XG4gICAgICByZXR1cm4gdGhpcy5zZXR1cFRPVFAobWZhRGF0YSk7XG4gICAgfVxuICAgIHRocm93ICdJbnZhbGlkIE1GQSBkYXRhJztcbiAgfVxuICBhc3luYyB2YWxpZGF0ZUxvZ2luKGxvZ2luRGF0YSwgXywgcmVxKSB7XG4gICAgY29uc3Qgc2F2ZVJlc3BvbnNlID0ge1xuICAgICAgZG9Ob3RTYXZlOiB0cnVlLFxuICAgIH07XG4gICAgY29uc3QgdG9rZW4gPSBsb2dpbkRhdGEudG9rZW47XG4gICAgY29uc3QgYXV0aCA9IHJlcS5vcmlnaW5hbC5nZXQoJ2F1dGhEYXRhJykgfHwge307XG4gICAgY29uc3QgeyBzZWNyZXQsIHJlY292ZXJ5LCBtb2JpbGUsIHRva2VuOiBzYXZlZCwgZXhwaXJ5IH0gPSBhdXRoLm1mYSB8fCB7fTtcbiAgICBpZiAodGhpcy5zbXMgJiYgbW9iaWxlKSB7XG4gICAgICBpZiAodG9rZW4gPT09ICdyZXF1ZXN0Jykge1xuICAgICAgICBjb25zdCB7IHRva2VuOiBzZW5kVG9rZW4sIGV4cGlyeSB9ID0gYXdhaXQgdGhpcy5zZW5kU01TKG1vYmlsZSk7XG4gICAgICAgIGF1dGgubWZhLnRva2VuID0gc2VuZFRva2VuO1xuICAgICAgICBhdXRoLm1mYS5leHBpcnkgPSBleHBpcnk7XG4gICAgICAgIHJlcS5vYmplY3Quc2V0KCdhdXRoRGF0YScsIGF1dGgpO1xuICAgICAgICBhd2FpdCByZXEub2JqZWN0LnNhdmUobnVsbCwgeyB1c2VNYXN0ZXJLZXk6IHRydWUgfSk7XG4gICAgICAgIHRocm93ICdQbGVhc2UgZW50ZXIgdGhlIHRva2VuJztcbiAgICAgIH1cbiAgICAgIGlmICghc2F2ZWQgfHwgdG9rZW4gIT09IHNhdmVkKSB7XG4gICAgICAgIHRocm93ICdJbnZhbGlkIE1GQSB0b2tlbiAxJztcbiAgICAgIH1cbiAgICAgIGlmIChuZXcgRGF0ZSgpID4gZXhwaXJ5KSB7XG4gICAgICAgIHRocm93ICdJbnZhbGlkIE1GQSB0b2tlbiAyJztcbiAgICAgIH1cbiAgICAgIGRlbGV0ZSBhdXRoLm1mYS50b2tlbjtcbiAgICAgIGRlbGV0ZSBhdXRoLm1mYS5leHBpcnk7XG4gICAgICByZXR1cm4ge1xuICAgICAgICBzYXZlOiBhdXRoLm1mYSxcbiAgICAgIH07XG4gICAgfVxuICAgIGlmICh0aGlzLnRvdHApIHtcbiAgICAgIGlmICh0eXBlb2YgdG9rZW4gIT09ICdzdHJpbmcnKSB7XG4gICAgICAgIHRocm93ICdJbnZhbGlkIE1GQSB0b2tlbic7XG4gICAgICB9XG4gICAgICBpZiAoIXNlY3JldCkge1xuICAgICAgICByZXR1cm4gc2F2ZVJlc3BvbnNlO1xuICAgICAgfVxuICAgICAgaWYgKHJlY292ZXJ5WzBdID09PSB0b2tlbiB8fCByZWNvdmVyeVsxXSA9PT0gdG9rZW4pIHtcbiAgICAgICAgcmV0dXJuIHNhdmVSZXNwb25zZTtcbiAgICAgIH1cbiAgICAgIGNvbnN0IHRvdHAgPSBuZXcgVE9UUCh7XG4gICAgICAgIGFsZ29yaXRobTogdGhpcy5hbGdvcml0aG0sXG4gICAgICAgIGRpZ2l0czogdGhpcy5kaWdpdHMsXG4gICAgICAgIHBlcmlvZDogdGhpcy5wZXJpb2QsXG4gICAgICAgIHNlY3JldDogU2VjcmV0LmZyb21CYXNlMzIoc2VjcmV0KSxcbiAgICAgIH0pO1xuICAgICAgY29uc3QgdmFsaWQgPSB0b3RwLnZhbGlkYXRlKHtcbiAgICAgICAgdG9rZW4sXG4gICAgICB9KTtcbiAgICAgIGlmICh2YWxpZCA9PT0gbnVsbCkge1xuICAgICAgICB0aHJvdyAnSW52YWxpZCBNRkEgdG9rZW4nO1xuICAgICAgfVxuICAgIH1cbiAgICByZXR1cm4gc2F2ZVJlc3BvbnNlO1xuICB9XG4gIGFzeW5jIHZhbGlkYXRlVXBkYXRlKGF1dGhEYXRhLCBfLCByZXEpIHtcbiAgICBpZiAocmVxLm1hc3Rlcikge1xuICAgICAgcmV0dXJuO1xuICAgIH1cbiAgICBpZiAoYXV0aERhdGEubW9iaWxlICYmIHRoaXMuc21zKSB7XG4gICAgICBpZiAoIWF1dGhEYXRhLnRva2VuKSB7XG4gICAgICAgIHRocm93ICdNRkEgaXMgYWxyZWFkeSBzZXQgdXAgb24gdGhpcyBhY2NvdW50JztcbiAgICAgIH1cbiAgICAgIHJldHVybiB0aGlzLmNvbmZpcm1TTVNPVFAoYXV0aERhdGEsIHJlcS5vcmlnaW5hbC5nZXQoJ2F1dGhEYXRhJyk/Lm1mYSB8fCB7fSk7XG4gICAgfVxuICAgIGlmICh0aGlzLnRvdHApIHtcbiAgICAgIGF3YWl0IHRoaXMudmFsaWRhdGVMb2dpbih7IHRva2VuOiBhdXRoRGF0YS5vbGQgfSwgbnVsbCwgcmVxKTtcbiAgICAgIHJldHVybiB0aGlzLnZhbGlkYXRlU2V0VXAoYXV0aERhdGEpO1xuICAgIH1cbiAgICB0aHJvdyAnSW52YWxpZCBNRkEgZGF0YSc7XG4gIH1cbiAgYWZ0ZXJGaW5kKHJlcSwgYXV0aERhdGEpIHtcbiAgICBpZiAocmVxLm1hc3Rlcikge1xuICAgICAgcmV0dXJuO1xuICAgIH1cbiAgICBpZiAodGhpcy50b3RwICYmIGF1dGhEYXRhLnNlY3JldCkge1xuICAgICAgcmV0dXJuIHtcbiAgICAgICAgc3RhdHVzOiAnZW5hYmxlZCcsXG4gICAgICB9O1xuICAgIH1cbiAgICBpZiAodGhpcy5zbXMgJiYgYXV0aERhdGEubW9iaWxlKSB7XG4gICAgICByZXR1cm4ge1xuICAgICAgICBzdGF0dXM6ICdlbmFibGVkJyxcbiAgICAgIH07XG4gICAgfVxuICAgIHJldHVybiB7XG4gICAgICBzdGF0dXM6ICdkaXNhYmxlZCcsXG4gICAgfTtcbiAgfVxuXG4gIHBvbGljeShyZXEsIGF1dGgpIHtcbiAgICBpZiAodGhpcy5zbXMgJiYgYXV0aD8ucGVuZGluZyAmJiBPYmplY3Qua2V5cyhhdXRoKS5sZW5ndGggPT09IDEpIHtcbiAgICAgIHJldHVybiAnZGVmYXVsdCc7XG4gICAgfVxuICAgIHJldHVybiAnYWRkaXRpb25hbCc7XG4gIH1cblxuICBhc3luYyBzZXR1cE1vYmlsZU9UUChtb2JpbGUpIHtcbiAgICBjb25zdCB7IHRva2VuLCBleHBpcnkgfSA9IGF3YWl0IHRoaXMuc2VuZFNNUyhtb2JpbGUpO1xuICAgIHJldHVybiB7XG4gICAgICBzYXZlOiB7XG4gICAgICAgIHBlbmRpbmc6IHtcbiAgICAgICAgICBbbW9iaWxlXToge1xuICAgICAgICAgICAgdG9rZW4sXG4gICAgICAgICAgICBleHBpcnksXG4gICAgICAgICAgfSxcbiAgICAgICAgfSxcbiAgICAgIH0sXG4gICAgfTtcbiAgfVxuXG4gIGFzeW5jIHNlbmRTTVMobW9iaWxlKSB7XG4gICAgaWYgKCEvXlsrXSpbKF17MCwxfVswLTldezEsM31bKV17MCwxfVstXFxzXFwuLzAtOV0qJC9nLnRlc3QobW9iaWxlKSkge1xuICAgICAgdGhyb3cgJ0ludmFsaWQgbW9iaWxlIG51bWJlci4nO1xuICAgIH1cbiAgICBsZXQgdG9rZW4gPSAnJztcbiAgICB3aGlsZSAodG9rZW4ubGVuZ3RoIDwgdGhpcy5kaWdpdHMpIHtcbiAgICAgIHRva2VuICs9IHJhbmRvbVN0cmluZygxMCkucmVwbGFjZSgvXFxEL2csICcnKTtcbiAgICB9XG4gICAgdG9rZW4gPSB0b2tlbi5zdWJzdHJpbmcoMCwgdGhpcy5kaWdpdHMpO1xuICAgIGF3YWl0IFByb21pc2UucmVzb2x2ZSh0aGlzLnNtc0NhbGxiYWNrKHRva2VuLCBtb2JpbGUpKTtcbiAgICBjb25zdCBleHBpcnkgPSBuZXcgRGF0ZShuZXcgRGF0ZSgpLmdldFRpbWUoKSArIHRoaXMucGVyaW9kICogMTAwMCk7XG4gICAgcmV0dXJuIHsgdG9rZW4sIGV4cGlyeSB9O1xuICB9XG5cbiAgYXN5bmMgY29uZmlybVNNU09UUChpbnB1dERhdGEsIGF1dGhEYXRhKSB7XG4gICAgY29uc3QgeyBtb2JpbGUsIHRva2VuIH0gPSBpbnB1dERhdGE7XG4gICAgaWYgKCFhdXRoRGF0YS5wZW5kaW5nPy5bbW9iaWxlXSkge1xuICAgICAgdGhyb3cgJ1RoaXMgbnVtYmVyIGlzIG5vdCBwZW5kaW5nJztcbiAgICB9XG4gICAgY29uc3QgcGVuZGluZ0RhdGEgPSBhdXRoRGF0YS5wZW5kaW5nW21vYmlsZV07XG4gICAgaWYgKHRva2VuICE9PSBwZW5kaW5nRGF0YS50b2tlbikge1xuICAgICAgdGhyb3cgJ0ludmFsaWQgTUZBIHRva2VuJztcbiAgICB9XG4gICAgaWYgKG5ldyBEYXRlKCkgPiBwZW5kaW5nRGF0YS5leHBpcnkpIHtcbiAgICAgIHRocm93ICdJbnZhbGlkIE1GQSB0b2tlbic7XG4gICAgfVxuICAgIGRlbGV0ZSBhdXRoRGF0YS5wZW5kaW5nW21vYmlsZV07XG4gICAgYXV0aERhdGEubW9iaWxlID0gbW9iaWxlO1xuICAgIHJldHVybiB7XG4gICAgICBzYXZlOiBhdXRoRGF0YSxcbiAgICB9O1xuICB9XG5cbiAgc2V0dXBUT1RQKG1mYURhdGEpIHtcbiAgICBjb25zdCB7IHNlY3JldCwgdG9rZW4gfSA9IG1mYURhdGE7XG4gICAgaWYgKCFzZWNyZXQgfHwgIXRva2VuIHx8IHNlY3JldC5sZW5ndGggPCAyMCkge1xuICAgICAgdGhyb3cgJ0ludmFsaWQgTUZBIGRhdGEnO1xuICAgIH1cbiAgICBjb25zdCB0b3RwID0gbmV3IFRPVFAoe1xuICAgICAgYWxnb3JpdGhtOiB0aGlzLmFsZ29yaXRobSxcbiAgICAgIGRpZ2l0czogdGhpcy5kaWdpdHMsXG4gICAgICBwZXJpb2Q6IHRoaXMucGVyaW9kLFxuICAgICAgc2VjcmV0OiBTZWNyZXQuZnJvbUJhc2UzMihzZWNyZXQpLFxuICAgIH0pO1xuICAgIGNvbnN0IHZhbGlkID0gdG90cC52YWxpZGF0ZSh7XG4gICAgICB0b2tlbixcbiAgICB9KTtcbiAgICBpZiAodmFsaWQgPT09IG51bGwpIHtcbiAgICAgIHRocm93ICdJbnZhbGlkIE1GQSB0b2tlbic7XG4gICAgfVxuICAgIGNvbnN0IHJlY292ZXJ5ID0gW3JhbmRvbVN0cmluZygzMCksIHJhbmRvbVN0cmluZygzMCldO1xuICAgIHJldHVybiB7XG4gICAgICByZXNwb25zZTogeyByZWNvdmVyeTogcmVjb3Zlcnkuam9pbignLCAnKSB9LFxuICAgICAgc2F2ZTogeyBzZWNyZXQsIHJlY292ZXJ5IH0sXG4gICAgfTtcbiAgfVxufVxuZXhwb3J0IGRlZmF1bHQgbmV3IE1GQUFkYXB0ZXIoKTtcbiJdLCJtYXBwaW5ncyI6Ijs7Ozs7O0FBQUEsSUFBQUEsUUFBQSxHQUFBQyxPQUFBO0FBQ0EsSUFBQUMsWUFBQSxHQUFBRCxPQUFBO0FBQ0EsSUFBQUUsWUFBQSxHQUFBQyxzQkFBQSxDQUFBSCxPQUFBO0FBQXdDLFNBQUFHLHVCQUFBQyxDQUFBLFdBQUFBLENBQUEsSUFBQUEsQ0FBQSxDQUFBQyxVQUFBLEdBQUFELENBQUEsS0FBQUUsT0FBQSxFQUFBRixDQUFBO0FBQ3hDLE1BQU1HLFVBQVUsU0FBU0Msb0JBQVcsQ0FBQztFQUNuQ0MsZUFBZUEsQ0FBQ0MsSUFBSSxFQUFFO0lBQ3BCLE1BQU1DLFlBQVksR0FBR0QsSUFBSSxDQUFDRSxPQUFPO0lBQ2pDLElBQUksQ0FBQ0MsS0FBSyxDQUFDQyxPQUFPLENBQUNILFlBQVksQ0FBQyxFQUFFO01BQ2hDLE1BQU0sOEJBQThCO0lBQ3RDO0lBQ0EsSUFBSSxDQUFDSSxHQUFHLEdBQUdKLFlBQVksQ0FBQ0ssUUFBUSxDQUFDLEtBQUssQ0FBQztJQUN2QyxJQUFJLENBQUNDLElBQUksR0FBR04sWUFBWSxDQUFDSyxRQUFRLENBQUMsTUFBTSxDQUFDO0lBQ3pDLElBQUksQ0FBQyxJQUFJLENBQUNELEdBQUcsSUFBSSxDQUFDLElBQUksQ0FBQ0UsSUFBSSxFQUFFO01BQzNCLE1BQU0sc0NBQXNDO0lBQzlDO0lBQ0EsTUFBTUMsTUFBTSxHQUFHUixJQUFJLENBQUNRLE1BQU0sSUFBSSxDQUFDO0lBQy9CLE1BQU1DLE1BQU0sR0FBR1QsSUFBSSxDQUFDUyxNQUFNLElBQUksRUFBRTtJQUNoQyxJQUFJLE9BQU9ELE1BQU0sS0FBSyxRQUFRLEVBQUU7TUFDOUIsTUFBTSw2QkFBNkI7SUFDckM7SUFDQSxJQUFJLE9BQU9DLE1BQU0sS0FBSyxRQUFRLEVBQUU7TUFDOUIsTUFBTSw2QkFBNkI7SUFDckM7SUFDQSxJQUFJRCxNQUFNLEdBQUcsQ0FBQyxJQUFJQSxNQUFNLEdBQUcsRUFBRSxFQUFFO01BQzdCLE1BQU0scUNBQXFDO0lBQzdDO0lBQ0EsSUFBSUMsTUFBTSxHQUFHLEVBQUUsRUFBRTtNQUNmLE1BQU0sb0NBQW9DO0lBQzVDO0lBQ0EsTUFBTUMsT0FBTyxHQUFHVixJQUFJLENBQUNVLE9BQU87SUFDNUIsSUFBSSxJQUFJLENBQUNMLEdBQUcsSUFBSSxPQUFPSyxPQUFPLEtBQUssVUFBVSxFQUFFO01BQzdDLE1BQU0sMERBQTBEO0lBQ2xFO0lBQ0EsSUFBSSxDQUFDQyxXQUFXLEdBQUdELE9BQU87SUFDMUIsSUFBSSxDQUFDRixNQUFNLEdBQUdBLE1BQU07SUFDcEIsSUFBSSxDQUFDQyxNQUFNLEdBQUdBLE1BQU07SUFDcEIsSUFBSSxDQUFDRyxTQUFTLEdBQUdaLElBQUksQ0FBQ1ksU0FBUyxJQUFJLE1BQU07RUFDM0M7RUFDQUMsYUFBYUEsQ0FBQ0MsT0FBTyxFQUFFO0lBQ3JCLElBQUlBLE9BQU8sQ0FBQ0MsTUFBTSxJQUFJLElBQUksQ0FBQ1YsR0FBRyxFQUFFO01BQzlCLE9BQU8sSUFBSSxDQUFDVyxjQUFjLENBQUNGLE9BQU8sQ0FBQ0MsTUFBTSxDQUFDO0lBQzVDO0lBQ0EsSUFBSSxJQUFJLENBQUNSLElBQUksRUFBRTtNQUNiLE9BQU8sSUFBSSxDQUFDVSxTQUFTLENBQUNILE9BQU8sQ0FBQztJQUNoQztJQUNBLE1BQU0sa0JBQWtCO0VBQzFCO0VBQ0EsTUFBTUksYUFBYUEsQ0FBQ0MsU0FBUyxFQUFFQyxDQUFDLEVBQUVDLEdBQUcsRUFBRTtJQUNyQyxNQUFNQyxZQUFZLEdBQUc7TUFDbkJDLFNBQVMsRUFBRTtJQUNiLENBQUM7SUFDRCxNQUFNQyxLQUFLLEdBQUdMLFNBQVMsQ0FBQ0ssS0FBSztJQUM3QixNQUFNQyxJQUFJLEdBQUdKLEdBQUcsQ0FBQ0ssUUFBUSxDQUFDQyxHQUFHLENBQUMsVUFBVSxDQUFDLElBQUksQ0FBQyxDQUFDO0lBQy9DLE1BQU07TUFBRUMsTUFBTTtNQUFFQyxRQUFRO01BQUVkLE1BQU07TUFBRVMsS0FBSyxFQUFFTSxLQUFLO01BQUVDO0lBQU8sQ0FBQyxHQUFHTixJQUFJLENBQUNPLEdBQUcsSUFBSSxDQUFDLENBQUM7SUFDekUsSUFBSSxJQUFJLENBQUMzQixHQUFHLElBQUlVLE1BQU0sRUFBRTtNQUN0QixJQUFJUyxLQUFLLEtBQUssU0FBUyxFQUFFO1FBQ3ZCLE1BQU07VUFBRUEsS0FBSyxFQUFFUyxTQUFTO1VBQUVGO1FBQU8sQ0FBQyxHQUFHLE1BQU0sSUFBSSxDQUFDckIsT0FBTyxDQUFDSyxNQUFNLENBQUM7UUFDL0RVLElBQUksQ0FBQ08sR0FBRyxDQUFDUixLQUFLLEdBQUdTLFNBQVM7UUFDMUJSLElBQUksQ0FBQ08sR0FBRyxDQUFDRCxNQUFNLEdBQUdBLE1BQU07UUFDeEJWLEdBQUcsQ0FBQ2EsTUFBTSxDQUFDQyxHQUFHLENBQUMsVUFBVSxFQUFFVixJQUFJLENBQUM7UUFDaEMsTUFBTUosR0FBRyxDQUFDYSxNQUFNLENBQUNFLElBQUksQ0FBQyxJQUFJLEVBQUU7VUFBRUMsWUFBWSxFQUFFO1FBQUssQ0FBQyxDQUFDO1FBQ25ELE1BQU0sd0JBQXdCO01BQ2hDO01BQ0EsSUFBSSxDQUFDUCxLQUFLLElBQUlOLEtBQUssS0FBS00sS0FBSyxFQUFFO1FBQzdCLE1BQU0scUJBQXFCO01BQzdCO01BQ0EsSUFBSSxJQUFJUSxJQUFJLENBQUMsQ0FBQyxHQUFHUCxNQUFNLEVBQUU7UUFDdkIsTUFBTSxxQkFBcUI7TUFDN0I7TUFDQSxPQUFPTixJQUFJLENBQUNPLEdBQUcsQ0FBQ1IsS0FBSztNQUNyQixPQUFPQyxJQUFJLENBQUNPLEdBQUcsQ0FBQ0QsTUFBTTtNQUN0QixPQUFPO1FBQ0xLLElBQUksRUFBRVgsSUFBSSxDQUFDTztNQUNiLENBQUM7SUFDSDtJQUNBLElBQUksSUFBSSxDQUFDekIsSUFBSSxFQUFFO01BQ2IsSUFBSSxPQUFPaUIsS0FBSyxLQUFLLFFBQVEsRUFBRTtRQUM3QixNQUFNLG1CQUFtQjtNQUMzQjtNQUNBLElBQUksQ0FBQ0ksTUFBTSxFQUFFO1FBQ1gsT0FBT04sWUFBWTtNQUNyQjtNQUNBLElBQUlPLFFBQVEsQ0FBQyxDQUFDLENBQUMsS0FBS0wsS0FBSyxJQUFJSyxRQUFRLENBQUMsQ0FBQyxDQUFDLEtBQUtMLEtBQUssRUFBRTtRQUNsRCxPQUFPRixZQUFZO01BQ3JCO01BQ0EsTUFBTWYsSUFBSSxHQUFHLElBQUlnQyxhQUFJLENBQUM7UUFDcEIzQixTQUFTLEVBQUUsSUFBSSxDQUFDQSxTQUFTO1FBQ3pCSixNQUFNLEVBQUUsSUFBSSxDQUFDQSxNQUFNO1FBQ25CQyxNQUFNLEVBQUUsSUFBSSxDQUFDQSxNQUFNO1FBQ25CbUIsTUFBTSxFQUFFWSxlQUFNLENBQUNDLFVBQVUsQ0FBQ2IsTUFBTTtNQUNsQyxDQUFDLENBQUM7TUFDRixNQUFNYyxLQUFLLEdBQUduQyxJQUFJLENBQUNvQyxRQUFRLENBQUM7UUFDMUJuQjtNQUNGLENBQUMsQ0FBQztNQUNGLElBQUlrQixLQUFLLEtBQUssSUFBSSxFQUFFO1FBQ2xCLE1BQU0sbUJBQW1CO01BQzNCO0lBQ0Y7SUFDQSxPQUFPcEIsWUFBWTtFQUNyQjtFQUNBLE1BQU1zQixjQUFjQSxDQUFDQyxRQUFRLEVBQUV6QixDQUFDLEVBQUVDLEdBQUcsRUFBRTtJQUNyQyxJQUFJQSxHQUFHLENBQUN5QixNQUFNLEVBQUU7TUFDZDtJQUNGO0lBQ0EsSUFBSUQsUUFBUSxDQUFDOUIsTUFBTSxJQUFJLElBQUksQ0FBQ1YsR0FBRyxFQUFFO01BQUEsSUFBQTBDLGlCQUFBO01BQy9CLElBQUksQ0FBQ0YsUUFBUSxDQUFDckIsS0FBSyxFQUFFO1FBQ25CLE1BQU0sdUNBQXVDO01BQy9DO01BQ0EsT0FBTyxJQUFJLENBQUN3QixhQUFhLENBQUNILFFBQVEsRUFBRSxFQUFBRSxpQkFBQSxHQUFBMUIsR0FBRyxDQUFDSyxRQUFRLENBQUNDLEdBQUcsQ0FBQyxVQUFVLENBQUMsY0FBQW9CLGlCQUFBLHVCQUE1QkEsaUJBQUEsQ0FBOEJmLEdBQUcsS0FBSSxDQUFDLENBQUMsQ0FBQztJQUM5RTtJQUNBLElBQUksSUFBSSxDQUFDekIsSUFBSSxFQUFFO01BQ2IsTUFBTSxJQUFJLENBQUNXLGFBQWEsQ0FBQztRQUFFTSxLQUFLLEVBQUVxQixRQUFRLENBQUNJO01BQUksQ0FBQyxFQUFFLElBQUksRUFBRTVCLEdBQUcsQ0FBQztNQUM1RCxPQUFPLElBQUksQ0FBQ1IsYUFBYSxDQUFDZ0MsUUFBUSxDQUFDO0lBQ3JDO0lBQ0EsTUFBTSxrQkFBa0I7RUFDMUI7RUFDQUssU0FBU0EsQ0FBQzdCLEdBQUcsRUFBRXdCLFFBQVEsRUFBRTtJQUN2QixJQUFJeEIsR0FBRyxDQUFDeUIsTUFBTSxFQUFFO01BQ2Q7SUFDRjtJQUNBLElBQUksSUFBSSxDQUFDdkMsSUFBSSxJQUFJc0MsUUFBUSxDQUFDakIsTUFBTSxFQUFFO01BQ2hDLE9BQU87UUFDTHVCLE1BQU0sRUFBRTtNQUNWLENBQUM7SUFDSDtJQUNBLElBQUksSUFBSSxDQUFDOUMsR0FBRyxJQUFJd0MsUUFBUSxDQUFDOUIsTUFBTSxFQUFFO01BQy9CLE9BQU87UUFDTG9DLE1BQU0sRUFBRTtNQUNWLENBQUM7SUFDSDtJQUNBLE9BQU87TUFDTEEsTUFBTSxFQUFFO0lBQ1YsQ0FBQztFQUNIO0VBRUFDLE1BQU1BLENBQUMvQixHQUFHLEVBQUVJLElBQUksRUFBRTtJQUNoQixJQUFJLElBQUksQ0FBQ3BCLEdBQUcsSUFBSW9CLElBQUksYUFBSkEsSUFBSSxlQUFKQSxJQUFJLENBQUU0QixPQUFPLElBQUlDLE1BQU0sQ0FBQ0MsSUFBSSxDQUFDOUIsSUFBSSxDQUFDLENBQUMrQixNQUFNLEtBQUssQ0FBQyxFQUFFO01BQy9ELE9BQU8sU0FBUztJQUNsQjtJQUNBLE9BQU8sWUFBWTtFQUNyQjtFQUVBLE1BQU14QyxjQUFjQSxDQUFDRCxNQUFNLEVBQUU7SUFDM0IsTUFBTTtNQUFFUyxLQUFLO01BQUVPO0lBQU8sQ0FBQyxHQUFHLE1BQU0sSUFBSSxDQUFDckIsT0FBTyxDQUFDSyxNQUFNLENBQUM7SUFDcEQsT0FBTztNQUNMcUIsSUFBSSxFQUFFO1FBQ0ppQixPQUFPLEVBQUU7VUFDUCxDQUFDdEMsTUFBTSxHQUFHO1lBQ1JTLEtBQUs7WUFDTE87VUFDRjtRQUNGO01BQ0Y7SUFDRixDQUFDO0VBQ0g7RUFFQSxNQUFNckIsT0FBT0EsQ0FBQ0ssTUFBTSxFQUFFO0lBQ3BCLElBQUksQ0FBQywrQ0FBK0MsQ0FBQzBDLElBQUksQ0FBQzFDLE1BQU0sQ0FBQyxFQUFFO01BQ2pFLE1BQU0sd0JBQXdCO0lBQ2hDO0lBQ0EsSUFBSVMsS0FBSyxHQUFHLEVBQUU7SUFDZCxPQUFPQSxLQUFLLENBQUNnQyxNQUFNLEdBQUcsSUFBSSxDQUFDaEQsTUFBTSxFQUFFO01BQ2pDZ0IsS0FBSyxJQUFJLElBQUFrQyx5QkFBWSxFQUFDLEVBQUUsQ0FBQyxDQUFDQyxPQUFPLENBQUMsS0FBSyxFQUFFLEVBQUUsQ0FBQztJQUM5QztJQUNBbkMsS0FBSyxHQUFHQSxLQUFLLENBQUNvQyxTQUFTLENBQUMsQ0FBQyxFQUFFLElBQUksQ0FBQ3BELE1BQU0sQ0FBQztJQUN2QyxNQUFNcUQsT0FBTyxDQUFDQyxPQUFPLENBQUMsSUFBSSxDQUFDbkQsV0FBVyxDQUFDYSxLQUFLLEVBQUVULE1BQU0sQ0FBQyxDQUFDO0lBQ3RELE1BQU1nQixNQUFNLEdBQUcsSUFBSU8sSUFBSSxDQUFDLElBQUlBLElBQUksQ0FBQyxDQUFDLENBQUN5QixPQUFPLENBQUMsQ0FBQyxHQUFHLElBQUksQ0FBQ3RELE1BQU0sR0FBRyxJQUFJLENBQUM7SUFDbEUsT0FBTztNQUFFZSxLQUFLO01BQUVPO0lBQU8sQ0FBQztFQUMxQjtFQUVBLE1BQU1pQixhQUFhQSxDQUFDZ0IsU0FBUyxFQUFFbkIsUUFBUSxFQUFFO0lBQUEsSUFBQW9CLGlCQUFBO0lBQ3ZDLE1BQU07TUFBRWxELE1BQU07TUFBRVM7SUFBTSxDQUFDLEdBQUd3QyxTQUFTO0lBQ25DLElBQUksR0FBQUMsaUJBQUEsR0FBQ3BCLFFBQVEsQ0FBQ1EsT0FBTyxjQUFBWSxpQkFBQSxlQUFoQkEsaUJBQUEsQ0FBbUJsRCxNQUFNLENBQUMsR0FBRTtNQUMvQixNQUFNLDRCQUE0QjtJQUNwQztJQUNBLE1BQU1tRCxXQUFXLEdBQUdyQixRQUFRLENBQUNRLE9BQU8sQ0FBQ3RDLE1BQU0sQ0FBQztJQUM1QyxJQUFJUyxLQUFLLEtBQUswQyxXQUFXLENBQUMxQyxLQUFLLEVBQUU7TUFDL0IsTUFBTSxtQkFBbUI7SUFDM0I7SUFDQSxJQUFJLElBQUljLElBQUksQ0FBQyxDQUFDLEdBQUc0QixXQUFXLENBQUNuQyxNQUFNLEVBQUU7TUFDbkMsTUFBTSxtQkFBbUI7SUFDM0I7SUFDQSxPQUFPYyxRQUFRLENBQUNRLE9BQU8sQ0FBQ3RDLE1BQU0sQ0FBQztJQUMvQjhCLFFBQVEsQ0FBQzlCLE1BQU0sR0FBR0EsTUFBTTtJQUN4QixPQUFPO01BQ0xxQixJQUFJLEVBQUVTO0lBQ1IsQ0FBQztFQUNIO0VBRUE1QixTQUFTQSxDQUFDSCxPQUFPLEVBQUU7SUFDakIsTUFBTTtNQUFFYyxNQUFNO01BQUVKO0lBQU0sQ0FBQyxHQUFHVixPQUFPO0lBQ2pDLElBQUksQ0FBQ2MsTUFBTSxJQUFJLENBQUNKLEtBQUssSUFBSUksTUFBTSxDQUFDNEIsTUFBTSxHQUFHLEVBQUUsRUFBRTtNQUMzQyxNQUFNLGtCQUFrQjtJQUMxQjtJQUNBLE1BQU1qRCxJQUFJLEdBQUcsSUFBSWdDLGFBQUksQ0FBQztNQUNwQjNCLFNBQVMsRUFBRSxJQUFJLENBQUNBLFNBQVM7TUFDekJKLE1BQU0sRUFBRSxJQUFJLENBQUNBLE1BQU07TUFDbkJDLE1BQU0sRUFBRSxJQUFJLENBQUNBLE1BQU07TUFDbkJtQixNQUFNLEVBQUVZLGVBQU0sQ0FBQ0MsVUFBVSxDQUFDYixNQUFNO0lBQ2xDLENBQUMsQ0FBQztJQUNGLE1BQU1jLEtBQUssR0FBR25DLElBQUksQ0FBQ29DLFFBQVEsQ0FBQztNQUMxQm5CO0lBQ0YsQ0FBQyxDQUFDO0lBQ0YsSUFBSWtCLEtBQUssS0FBSyxJQUFJLEVBQUU7TUFDbEIsTUFBTSxtQkFBbUI7SUFDM0I7SUFDQSxNQUFNYixRQUFRLEdBQUcsQ0FBQyxJQUFBNkIseUJBQVksRUFBQyxFQUFFLENBQUMsRUFBRSxJQUFBQSx5QkFBWSxFQUFDLEVBQUUsQ0FBQyxDQUFDO0lBQ3JELE9BQU87TUFDTFMsUUFBUSxFQUFFO1FBQUV0QyxRQUFRLEVBQUVBLFFBQVEsQ0FBQ3VDLElBQUksQ0FBQyxJQUFJO01BQUUsQ0FBQztNQUMzQ2hDLElBQUksRUFBRTtRQUFFUixNQUFNO1FBQUVDO01BQVM7SUFDM0IsQ0FBQztFQUNIO0FBQ0Y7QUFBQyxJQUFBd0MsUUFBQSxHQUFBQyxPQUFBLENBQUExRSxPQUFBLEdBQ2MsSUFBSUMsVUFBVSxDQUFDLENBQUMiLCJpZ25vcmVMaXN0IjpbXX0=
    249.