@aws-solutions-constructs/core/lib/sqs-helper.js

Core CDK Construct for patterns library

"use strict";
/**
 *  Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
 *
 *  Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance
 *  with the License. A copy of the License is located at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 *  or in the 'license' file accompanying this file. This file is distributed on an 'AS IS' BASIS, WITHOUT WARRANTIES
 *  OR CONDITIONS OF ANY KIND, express or implied. See the License for the specific language governing permissions
 *  and limitations under the License.
 */
Object.defineProperty(exports, "__esModule", { value: true });
exports.buildQueue = buildQueue;
exports.buildDeadLetterQueue = buildDeadLetterQueue;
exports.CheckSqsProps = CheckSqsProps;
/*
 *  The functions found here in the core library are for internal use and can be changed
 *  or removed outside of a major release. We recommend against calling them directly from client code.
 */
// Imports
const sqs = require("aws-cdk-lib/aws-sqs");
const defaults = require("./sqs-defaults");
const utils_1 = require("./utils");
const aws_iam_1 = require("aws-cdk-lib/aws-iam");
const aws_cdk_lib_1 = require("aws-cdk-lib");
const kms_helper_1 = require("./kms-helper");
/**
 * @internal This is an internal core function and should not be called directly by Solutions Constructs clients.
 */
function buildQueue(scope, id, props) {
    CheckBuidQueueProps(props);
    let deadLetterQueue;
    if ((0, utils_1.CheckBooleanWithDefault)(props.deployDeadLetterQueue, true)) {
        deadLetterQueue = buildDeadLetterQueue(scope, id, {
            existingQueueObj: props.existingQueueObj,
            deployDeadLetterQueue: props.deployDeadLetterQueue,
            deadLetterQueueProps: props.deadLetterQueueProps,
            constructDeadLetterQueueProps: props.constructDeadLetterQueueProps,
            maxReceiveCount: props.maxReceiveCount
        });
    }
    // If an existingQueueObj is not specified
    if (!props.existingQueueObj) {
        // Setup the queue
        let queueProps;
        if (props.queueProps) {
            // If property overrides have been provided, incorporate them and deploy
            const checkFifo = props.queueProps.fifo ? true : undefined;
            queueProps = (0, utils_1.overrideProps)(defaults.DefaultQueueProps(), { ...props.queueProps, fifo: checkFifo });
        }
        else {
            // If no property overrides, deploy using the default configuration
            queueProps = defaults.DefaultQueueProps();
        }
        if (props.constructQueueProps) {
            queueProps = (0, utils_1.overrideProps)(queueProps, props.constructQueueProps);
        }
        // Determine whether a DLQ property should be added
        if (deadLetterQueue) {
            queueProps.deadLetterQueue = deadLetterQueue;
        }
        // Set encryption properties.
        // Note that defaults.DefaultQueueProps sets encryption to Server-side KMS encryption with a KMS key managed by SQS.
        if (props.queueProps?.encryptionMasterKey) {
            queueProps.encryptionMasterKey = props.queueProps?.encryptionMasterKey;
        }
        else if (props.encryptionKey) {
            queueProps.encryptionMasterKey = props.encryptionKey;
        }
        else if (props.encryptionKeyProps || props.enableEncryptionWithCustomerManagedKey === true) {
            queueProps.encryptionMasterKey = (0, kms_helper_1.buildEncryptionKey)(scope, id, props.encryptionKeyProps);
        }
        // NOSONAR (typescript:S6330)
        // encryption is set to QueueEncryption.KMS_MANAGED by default in DefaultQueueProps, but
        // Sonarqube can't parse the code well enough to see this. Encryption is confirmed by
        // the 'Test deployment without imported encryption key' unit test
        const queue = new sqs.Queue(scope, id, queueProps); // NOSONAR
        applySecureQueuePolicy(queue);
        // Return the queue
        return { queue, key: queue.encryptionMasterKey, dlq: deadLetterQueue };
    }
    else {
        // If an existingQueueObj is specified, return that object as the queue to be used
        return { queue: props.existingQueueObj };
    }
}
/**
 * @internal This is an internal core function and should not be called directly by Solutions Constructs clients.
 */
function CheckBuidQueueProps(props) {
    if ((props.queueProps?.encryptionMasterKey || props.encryptionKey || props.encryptionKeyProps)
        && props.enableEncryptionWithCustomerManagedKey !== true) {
        (0, utils_1.printWarning)(`Ignoring enableEncryptionWithCustomerManagedKey because one of
     queueProps.encryptionMasterKey, encryptionKey, or encryptionKeyProps was already specified`);
    }
    let errorMessages = '';
    let errorFound = false;
    if ((props.deployDeadLetterQueue === false) && props.maxReceiveCount) {
        errorMessages += 'Error - MaxReceiveCount cannot be set if deployDeadLetterQueue is false.\n';
        errorFound = true;
    }
    if (errorFound) {
        throw new Error(errorMessages);
    }
}
/**
 * @internal This is an internal core function and should not be called directly by Solutions Constructs clients.
 */
function buildDeadLetterQueue(scope, id, props) {
    if (!props.existingQueueObj && (0, utils_1.CheckBooleanWithDefault)(props.deployDeadLetterQueue, true)) {
        // Create the Dead Letter Queue
        const buildQueueResponse = buildQueue(scope, `${id}-dlq`, {
            queueProps: (0, utils_1.consolidateProps)({}, props.deadLetterQueueProps, props.constructDeadLetterQueueProps),
            deployDeadLetterQueue: false // don't deploy a DLQ for the DLG!
        });
        const mrc = (props.maxReceiveCount) ? props.maxReceiveCount : defaults.defaultMaxReceiveCount;
        // Setup the Dead Letter Queue interface
        const deadLetterQueueObject = {
            maxReceiveCount: mrc,
            queue: buildQueueResponse.queue
        };
        // Return the dead letter queue interface
        return deadLetterQueueObject;
    }
    // Typescript requires this return statement, so disabling SonarQube warning
    return; // NOSONAR
}
function applySecureQueuePolicy(queue) {
    // Apply queue policy to enforce only the queue owner can perform operations on queue
    queue.addToResourcePolicy(new aws_iam_1.PolicyStatement({
        sid: 'QueueOwnerOnlyAccess',
        resources: [
            `${queue.queueArn}`
        ],
        actions: [
            "sqs:DeleteMessage",
            "sqs:ReceiveMessage",
            "sqs:SendMessage",
            "sqs:GetQueueAttributes",
            "sqs:RemovePermission",
            "sqs:AddPermission",
            "sqs:SetQueueAttributes"
        ],
        principals: [new aws_iam_1.AccountPrincipal(aws_cdk_lib_1.Stack.of(queue).account)],
        effect: aws_iam_1.Effect.ALLOW
    }));
    // Apply queue policy to enforce encryption of data in transit
    queue.addToResourcePolicy(new aws_iam_1.PolicyStatement({
        sid: 'HttpsOnly',
        resources: [
            `${queue.queueArn}`
        ],
        actions: [
            "SQS:*"
        ],
        principals: [new aws_iam_1.AnyPrincipal()],
        effect: aws_iam_1.Effect.DENY,
        conditions: {
            Bool: {
                'aws:SecureTransport': 'false'
            }
        }
    }));
}
function CheckSqsProps(propsObject) {
    let errorMessages = '';
    let errorFound = false;
    if (propsObject.existingQueueObj && propsObject.queueProps) {
        errorMessages += 'Error - Either provide queueProps or existingQueueObj, but not both.\n';
        errorFound = true;
    }
    if (propsObject.queueProps?.encryptionMasterKey && propsObject.encryptionKey) {
        errorMessages += 'Error - Either provide queueProps.encryptionMasterKey or encryptionKey, but not both.\n';
        errorFound = true;
    }
    if (propsObject.queueProps?.encryptionMasterKey && propsObject.encryptionKeyProps) {
        errorMessages += 'Error - Either provide queueProps.encryptionMasterKey or encryptionKeyProps, but not both.\n';
        errorFound = true;
    }
    if (propsObject.encryptionKey && propsObject.encryptionKeyProps) {
        errorMessages += 'Error - Either provide encryptionKey or encryptionKeyProps, but not both.\n';
        errorFound = true;
    }
    if ((propsObject?.deployDeadLetterQueue === false) && propsObject.deadLetterQueueProps) {
        errorMessages += 'Error - If deployDeadLetterQueue is false then deadLetterQueueProps cannot be specified.\n';
        errorFound = true;
    }
    const isQueueFifo = propsObject?.queueProps?.fifo;
    const isDeadLetterQueueFifo = propsObject?.deadLetterQueueProps?.fifo;
    const deployDeadLetterQueue = (0, utils_1.CheckBooleanWithDefault)(propsObject.deployDeadLetterQueue, true);
    if (deployDeadLetterQueue && (isQueueFifo !== isDeadLetterQueueFifo)) {
        errorMessages += 'Error - If you specify a fifo: true in either queueProps or deadLetterQueueProps, you must also set fifo: ' +
            'true in the other props object. Fifo must match for the Queue and the Dead Letter Queue.\n';
        errorFound = true;
    }
    if (errorFound) {
        throw new Error(errorMessages);
    }
}
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic3FzLWhlbHBlci5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbInNxcy1oZWxwZXIudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IjtBQUFBOzs7Ozs7Ozs7OztHQVdHOztBQTJGSCxnQ0EyREM7QUE2REQsb0RBcUJDO0FBd0RELHNDQTBDQztBQXhVRDs7O0dBR0c7QUFFSCxVQUFVO0FBQ1YsMkNBQTJDO0FBQzNDLDJDQUEyQztBQUUzQyxtQ0FBa0c7QUFDbEcsaURBQThGO0FBQzlGLDZDQUFvQztBQUNwQyw2Q0FBZ0Q7QUEwRWhEOztHQUVHO0FBQ0gsU0FBZ0IsVUFBVSxDQUFDLEtBQWdCLEVBQUUsRUFBVSxFQUFFLEtBQXNCO0lBQzdFLG1CQUFtQixDQUFDLEtBQUssQ0FBQyxDQUFDO0lBQzNCLElBQUksZUFBZ0QsQ0FBQztJQUVyRCxJQUFJLElBQUEsK0JBQXVCLEVBQUUsS0FBSyxDQUFDLHFCQUFxQixFQUFFLElBQUksQ0FBQyxFQUFFLENBQUM7UUFDaEUsZUFBZSxHQUFHLG9CQUFvQixDQUFDLEtBQUssRUFBRSxFQUFFLEVBQUU7WUFDaEQsZ0JBQWdCLEVBQUUsS0FBSyxDQUFDLGdCQUFnQjtZQUN4QyxxQkFBcUIsRUFBRSxLQUFLLENBQUMscUJBQXFCO1lBQ2xELG9CQUFvQixFQUFFLEtBQUssQ0FBQyxvQkFBb0I7WUFDaEQsNkJBQTZCLEVBQUUsS0FBSyxDQUFDLDZCQUE2QjtZQUNsRSxlQUFlLEVBQUUsS0FBSyxDQUFDLGVBQWU7U0FDdkMsQ0FBQyxDQUFDO0lBQ0wsQ0FBQztJQUVELDBDQUEwQztJQUMxQyxJQUFJLENBQUMsS0FBSyxDQUFDLGdCQUFnQixFQUFFLENBQUM7UUFDNUIsa0JBQWtCO1FBQ2xCLElBQUksVUFBVSxDQUFDO1FBQ2YsSUFBSSxLQUFLLENBQUMsVUFBVSxFQUFFLENBQUM7WUFDckIsd0VBQXdFO1lBQ3hFLE1BQU0sU0FBUyxHQUFHLEtBQUssQ0FBQyxVQUFVLENBQUMsSUFBSSxDQUFDLENBQUMsQ0FBQyxJQUFJLENBQUMsQ0FBQyxDQUFDLFNBQVMsQ0FBQztZQUMzRCxVQUFVLEdBQUcsSUFBQSxxQkFBYSxFQUFDLFFBQVEsQ0FBQyxpQkFBaUIsRUFBRSxFQUFFLEVBQUUsR0FBRyxLQUFLLENBQUMsVUFBVSxFQUFFLElBQUksRUFBRSxTQUFTLEVBQUUsQ0FBQyxDQUFDO1FBQ3JHLENBQUM7YUFBTSxDQUFDO1lBQ04sbUVBQW1FO1lBQ25FLFVBQVUsR0FBRyxRQUFRLENBQUMsaUJBQWlCLEVBQUUsQ0FBQztRQUM1QyxDQUFDO1FBQ0QsSUFBSSxLQUFLLENBQUMsbUJBQW1CLEVBQUUsQ0FBQztZQUM5QixVQUFVLEdBQUcsSUFBQSxxQkFBYSxFQUFDLFVBQVUsRUFBRSxLQUFLLENBQUMsbUJBQW1CLENBQUMsQ0FBQztRQUNwRSxDQUFDO1FBRUQsbURBQW1EO1FBQ25ELElBQUksZUFBZSxFQUFFLENBQUM7WUFDcEIsVUFBVSxDQUFDLGVBQWUsR0FBRyxlQUFlLENBQUM7UUFDL0MsQ0FBQztRQUVELDZCQUE2QjtRQUM3QixvSEFBb0g7UUFDcEgsSUFBSSxLQUFLLENBQUMsVUFBVSxFQUFFLG1CQUFtQixFQUFFLENBQUM7WUFDMUMsVUFBVSxDQUFDLG1CQUFtQixHQUFHLEtBQUssQ0FBQyxVQUFVLEVBQUUsbUJBQW1CLENBQUM7UUFDekUsQ0FBQzthQUFNLElBQUksS0FBSyxDQUFDLGFBQWEsRUFBRSxDQUFDO1lBQy9CLFVBQVUsQ0FBQyxtQkFBbUIsR0FBRyxLQUFLLENBQUMsYUFBYSxDQUFDO1FBQ3ZELENBQUM7YUFBTSxJQUFJLEtBQUssQ0FBQyxrQkFBa0IsSUFBSSxLQUFLLENBQUMsc0NBQXNDLEtBQUssSUFBSSxFQUFFLENBQUM7WUFDN0YsVUFBVSxDQUFDLG1CQUFtQixHQUFHLElBQUEsK0JBQWtCLEVBQUMsS0FBSyxFQUFFLEVBQUUsRUFBRSxLQUFLLENBQUMsa0JBQWtCLENBQUMsQ0FBQztRQUMzRixDQUFDO1FBRUQsNkJBQTZCO1FBQzdCLHdGQUF3RjtRQUN4RixxRkFBcUY7UUFDckYsa0VBQWtFO1FBQ2xFLE1BQU0sS0FBSyxHQUFHLElBQUksR0FBRyxDQUFDLEtBQUssQ0FBQyxLQUFLLEVBQUUsRUFBRSxFQUFFLFVBQVUsQ0FBQyxDQUFDLENBQUMsVUFBVTtRQUU5RCxzQkFBc0IsQ0FBQyxLQUFLLENBQUMsQ0FBQztRQUU5QixtQkFBbUI7UUFDbkIsT0FBTyxFQUFFLEtBQUssRUFBRSxHQUFHLEVBQUUsS0FBSyxDQUFDLG1CQUFtQixFQUFHLEdBQUcsRUFBRSxlQUFlLEVBQUUsQ0FBQztJQUMxRSxDQUFDO1NBQU0sQ0FBQztRQUNOLGtGQUFrRjtRQUNsRixPQUFPLEVBQUUsS0FBSyxFQUFFLEtBQUssQ0FBQyxnQkFBZ0IsRUFBRSxDQUFDO0lBQzNDLENBQUM7QUFDSCxDQUFDO0FBRUQ7O0dBRUc7QUFDSCxTQUFTLG1CQUFtQixDQUFDLEtBQXNCO0lBQ2pELElBQUksQ0FBQyxLQUFLLENBQUMsVUFBVSxFQUFFLG1CQUFtQixJQUFJLEtBQUssQ0FBQyxhQUFhLElBQUksS0FBSyxDQUFDLGtCQUFrQixDQUFDO1dBQzNGLEtBQUssQ0FBQyxzQ0FBc0MsS0FBSyxJQUFJLEVBQUUsQ0FBQztRQUN6RCxJQUFBLG9CQUFZLEVBQUM7Z0dBQytFLENBQUMsQ0FBQztJQUNoRyxDQUFDO0lBRUQsSUFBSSxhQUFhLEdBQUcsRUFBRSxDQUFDO0lBQ3ZCLElBQUksVUFBVSxHQUFHLEtBQUssQ0FBQztJQUV2QixJQUFJLENBQUMsS0FBSyxDQUFDLHFCQUFxQixLQUFLLEtBQUssQ0FBQyxJQUFJLEtBQUssQ0FBQyxlQUFlLEVBQUUsQ0FBQztRQUNyRSxhQUFhLElBQUksNEVBQTRFLENBQUM7UUFDOUYsVUFBVSxHQUFHLElBQUksQ0FBQztJQUNwQixDQUFDO0lBRUQsSUFBSSxVQUFVLEVBQUUsQ0FBQztRQUNmLE1BQU0sSUFBSSxLQUFLLENBQUMsYUFBYSxDQUFDLENBQUM7SUFDakMsQ0FBQztBQUNILENBQUM7QUFtQ0Q7O0dBRUc7QUFDSCxTQUFnQixvQkFBb0IsQ0FBQyxLQUFnQixFQUFFLEVBQVUsRUFBRSxLQUFnQztJQUNqRyxJQUFJLENBQUMsS0FBSyxDQUFDLGdCQUFnQixJQUFJLElBQUEsK0JBQXVCLEVBQUMsS0FBSyxDQUFDLHFCQUFxQixFQUFFLElBQUksQ0FBQyxFQUFFLENBQUM7UUFDMUYsK0JBQStCO1FBQy9CLE1BQU0sa0JBQWtCLEdBQUcsVUFBVSxDQUFDLEtBQUssRUFBRSxHQUFHLEVBQUUsTUFBTSxFQUFFO1lBQ3hELFVBQVUsRUFBRSxJQUFBLHdCQUFnQixFQUFDLEVBQUUsRUFBRSxLQUFLLENBQUMsb0JBQW9CLEVBQUUsS0FBSyxDQUFDLDZCQUE2QixDQUFDO1lBQ2pHLHFCQUFxQixFQUFFLEtBQUssQ0FBRSxrQ0FBa0M7U0FDakUsQ0FBQyxDQUFDO1FBRUgsTUFBTSxHQUFHLEdBQUcsQ0FBQyxLQUFLLENBQUMsZUFBZSxDQUFDLENBQUMsQ0FBQyxDQUFDLEtBQUssQ0FBQyxlQUFlLENBQUMsQ0FBQyxDQUFDLFFBQVEsQ0FBQyxzQkFBc0IsQ0FBQztRQUU5Rix3Q0FBd0M7UUFDeEMsTUFBTSxxQkFBcUIsR0FBd0I7WUFDakQsZUFBZSxFQUFFLEdBQUc7WUFDcEIsS0FBSyxFQUFFLGtCQUFrQixDQUFDLEtBQUs7U0FDaEMsQ0FBQztRQUVGLHlDQUF5QztRQUN6QyxPQUFPLHFCQUFxQixDQUFDO0lBQy9CLENBQUM7SUFDRCw0RUFBNEU7SUFDNUUsT0FBTyxDQUFDLFVBQVU7QUFDcEIsQ0FBQztBQUVELFNBQVMsc0JBQXNCLENBQUMsS0FBZ0I7SUFFOUMscUZBQXFGO0lBQ3JGLEtBQUssQ0FBQyxtQkFBbUIsQ0FDdkIsSUFBSSx5QkFBZSxDQUFDO1FBQ2xCLEdBQUcsRUFBRSxzQkFBc0I7UUFDM0IsU0FBUyxFQUFFO1lBQ1QsR0FBRyxLQUFLLENBQUMsUUFBUSxFQUFFO1NBQ3BCO1FBQ0QsT0FBTyxFQUFFO1lBQ1AsbUJBQW1CO1lBQ25CLG9CQUFvQjtZQUNwQixpQkFBaUI7WUFDakIsd0JBQXdCO1lBQ3hCLHNCQUFzQjtZQUN0QixtQkFBbUI7WUFDbkIsd0JBQXdCO1NBQ3pCO1FBQ0QsVUFBVSxFQUFFLENBQUMsSUFBSSwwQkFBZ0IsQ0FBQyxtQkFBSyxDQUFDLEVBQUUsQ0FBQyxLQUFLLENBQUMsQ0FBQyxPQUFPLENBQUMsQ0FBQztRQUMzRCxNQUFNLEVBQUUsZ0JBQU0sQ0FBQyxLQUFLO0tBQ3JCLENBQUMsQ0FDSCxDQUFDO0lBRUYsOERBQThEO0lBQzlELEtBQUssQ0FBQyxtQkFBbUIsQ0FDdkIsSUFBSSx5QkFBZSxDQUFDO1FBQ2xCLEdBQUcsRUFBRSxXQUFXO1FBQ2hCLFNBQVMsRUFBRTtZQUNULEdBQUcsS0FBSyxDQUFDLFFBQVEsRUFBRTtTQUNwQjtRQUNELE9BQU8sRUFBRTtZQUNQLE9BQU87U0FDUjtRQUNELFVBQVUsRUFBRSxDQUFDLElBQUksc0JBQVksRUFBRSxDQUFDO1FBQ2hDLE1BQU0sRUFBRSxnQkFBTSxDQUFDLElBQUk7UUFDbkIsVUFBVSxFQUNOO1lBQ0UsSUFBSSxFQUFFO2dCQUNKLHFCQUFxQixFQUFFLE9BQU87YUFDL0I7U0FDRjtLQUNOLENBQUMsQ0FDSCxDQUFDO0FBQ0osQ0FBQztBQVdELFNBQWdCLGFBQWEsQ0FBQyxXQUEyQjtJQUN2RCxJQUFJLGFBQWEsR0FBRyxFQUFFLENBQUM7SUFDdkIsSUFBSSxVQUFVLEdBQUcsS0FBSyxDQUFDO0lBRXZCLElBQUksV0FBVyxDQUFDLGdCQUFnQixJQUFJLFdBQVcsQ0FBQyxVQUFVLEVBQUUsQ0FBQztRQUMzRCxhQUFhLElBQUksd0VBQXdFLENBQUM7UUFDMUYsVUFBVSxHQUFHLElBQUksQ0FBQztJQUNwQixDQUFDO0lBRUQsSUFBSSxXQUFXLENBQUMsVUFBVSxFQUFFLG1CQUFtQixJQUFJLFdBQVcsQ0FBQyxhQUFhLEVBQUUsQ0FBQztRQUM3RSxhQUFhLElBQUkseUZBQXlGLENBQUM7UUFDM0csVUFBVSxHQUFHLElBQUksQ0FBQztJQUNwQixDQUFDO0lBRUQsSUFBSSxXQUFXLENBQUMsVUFBVSxFQUFFLG1CQUFtQixJQUFJLFdBQVcsQ0FBQyxrQkFBa0IsRUFBRSxDQUFDO1FBQ2xGLGFBQWEsSUFBSSw4RkFBOEYsQ0FBQztRQUNoSCxVQUFVLEdBQUcsSUFBSSxDQUFDO0lBQ3BCLENBQUM7SUFFRCxJQUFJLFdBQVcsQ0FBQyxhQUFhLElBQUksV0FBVyxDQUFDLGtCQUFrQixFQUFFLENBQUM7UUFDaEUsYUFBYSxJQUFJLDZFQUE2RSxDQUFDO1FBQy9GLFVBQVUsR0FBRyxJQUFJLENBQUM7SUFDcEIsQ0FBQztJQUVELElBQUksQ0FBQyxXQUFXLEVBQUUscUJBQXFCLEtBQUssS0FBSyxDQUFDLElBQUksV0FBVyxDQUFDLG9CQUFvQixFQUFFLENBQUM7UUFDdkYsYUFBYSxJQUFJLDRGQUE0RixDQUFDO1FBQzlHLFVBQVUsR0FBRyxJQUFJLENBQUM7SUFDcEIsQ0FBQztJQUVELE1BQU0sV0FBVyxHQUFZLFdBQVcsRUFBRSxVQUFVLEVBQUUsSUFBSSxDQUFDO0lBQzNELE1BQU0scUJBQXFCLEdBQVksV0FBVyxFQUFFLG9CQUFvQixFQUFFLElBQUksQ0FBQztJQUMvRSxNQUFNLHFCQUFxQixHQUFZLElBQUEsK0JBQXVCLEVBQUMsV0FBVyxDQUFDLHFCQUFxQixFQUFFLElBQUksQ0FBQyxDQUFDO0lBRXhHLElBQUkscUJBQXFCLElBQUksQ0FBQyxXQUFXLEtBQUsscUJBQXFCLENBQUMsRUFBRSxDQUFDO1FBQ3JFLGFBQWEsSUFBSSw0R0FBNEc7WUFDM0gsNEZBQTRGLENBQUM7UUFDL0YsVUFBVSxHQUFHLElBQUksQ0FBQztJQUNwQixDQUFDO0lBRUQsSUFBSSxVQUFVLEVBQUUsQ0FBQztRQUNmLE1BQU0sSUFBSSxLQUFLLENBQUMsYUFBYSxDQUFDLENBQUM7SUFDakMsQ0FBQztBQUNILENBQUMiLCJzb3VyY2VzQ29udGVudCI6WyIvKipcbiAqICBDb3B5cmlnaHQgQW1hem9uLmNvbSwgSW5jLiBvciBpdHMgYWZmaWxpYXRlcy4gQWxsIFJpZ2h0cyBSZXNlcnZlZC5cbiAqXG4gKiAgTGljZW5zZWQgdW5kZXIgdGhlIEFwYWNoZSBMaWNlbnNlLCBWZXJzaW9uIDIuMCAodGhlIFwiTGljZW5zZVwiKS4gWW91IG1heSBub3QgdXNlIHRoaXMgZmlsZSBleGNlcHQgaW4gY29tcGxpYW5jZVxuICogIHdpdGggdGhlIExpY2Vuc2UuIEEgY29weSBvZiB0aGUgTGljZW5zZSBpcyBsb2NhdGVkIGF0XG4gKlxuICogICAgICBodHRwOi8vd3d3LmFwYWNoZS5vcmcvbGljZW5zZXMvTElDRU5TRS0yLjBcbiAqXG4gKiAgb3IgaW4gdGhlICdsaWNlbnNlJyBmaWxlIGFjY29tcGFueWluZyB0aGlzIGZpbGUuIFRoaXMgZmlsZSBpcyBkaXN0cmlidXRlZCBvbiBhbiAnQVMgSVMnIEJBU0lTLCBXSVRIT1VUIFdBUlJBTlRJRVNcbiAqICBPUiBDT05ESVRJT05TIE9GIEFOWSBLSU5ELCBleHByZXNzIG9yIGltcGxpZWQuIFNlZSB0aGUgTGljZW5zZSBmb3IgdGhlIHNwZWNpZmljIGxhbmd1YWdlIGdvdmVybmluZyBwZXJtaXNzaW9uc1xuICogIGFuZCBsaW1pdGF0aW9ucyB1bmRlciB0aGUgTGljZW5zZS5cbiAqL1xuXG4vKlxuICogIFRoZSBmdW5jdGlvbnMgZm91bmQgaGVyZSBpbiB0aGUgY29yZSBsaWJyYXJ5IGFyZSBmb3IgaW50ZXJuYWwgdXNlIGFuZCBjYW4gYmUgY2hhbmdlZFxuICogIG9yIHJlbW92ZWQgb3V0c2lkZSBvZiBhIG1ham9yIHJlbGVhc2UuIFdlIHJlY29tbWVuZCBhZ2FpbnN0IGNhbGxpbmcgdGhlbSBkaXJlY3RseSBmcm9tIGNsaWVudCBjb2RlLlxuICovXG5cbi8vIEltcG9ydHNcbmltcG9ydCAqIGFzIHNxcyBmcm9tICdhd3MtY2RrLWxpYi9hd3Mtc3FzJztcbmltcG9ydCAqIGFzIGRlZmF1bHRzIGZyb20gJy4vc3FzLWRlZmF1bHRzJztcbmltcG9ydCAqIGFzIGttcyBmcm9tICdhd3MtY2RrLWxpYi9hd3Mta21zJztcbmltcG9ydCB7IENoZWNrQm9vbGVhbldpdGhEZWZhdWx0LCBjb25zb2xpZGF0ZVByb3BzLCBwcmludFdhcm5pbmcsICBvdmVycmlkZVByb3BzIH0gZnJvbSAnLi91dGlscyc7XG5pbXBvcnQgeyBBY2NvdW50UHJpbmNpcGFsLCBFZmZlY3QsIFBvbGljeVN0YXRlbWVudCwgQW55UHJpbmNpcGFsIH0gZnJvbSAnYXdzLWNkay1saWIvYXdzLWlhbSc7XG5pbXBvcnQgeyBTdGFjayB9IGZyb20gJ2F3cy1jZGstbGliJztcbmltcG9ydCB7YnVpbGRFbmNyeXB0aW9uS2V5fSBmcm9tIFwiLi9rbXMtaGVscGVyXCI7XG4vLyBOb3RlOiBUbyBlbnN1cmUgQ0RLdjIgY29tcGF0aWJpbGl0eSwga2VlcCB0aGUgaW1wb3J0IHN0YXRlbWVudCBmb3IgQ29uc3RydWN0IHNlcGFyYXRlXG5pbXBvcnQgeyBDb25zdHJ1Y3QgfSBmcm9tICdjb25zdHJ1Y3RzJztcblxuZXhwb3J0IGludGVyZmFjZSBCdWlsZFF1ZXVlUHJvcHMge1xuICAgIC8qKlxuICAgICAqIEV4aXN0aW5nIGluc3RhbmNlIG9mIFNRUyBxdWV1ZSBvYmplY3QsIHByb3ZpZGluZyBib3RoIHRoaXMgYW5kIHF1ZXVlUHJvcHMgd2lsbCBjYXVzZSBhbiBlcnJvci5cbiAgICAgKlxuICAgICAqIEBkZWZhdWx0IC0gTm9uZS5cbiAgICAgKi9cbiAgICByZWFkb25seSBleGlzdGluZ1F1ZXVlT2JqPzogc3FzLlF1ZXVlO1xuICAgIC8qKlxuICAgICAqIE9wdGlvbmFsIHVzZXIgcHJvdmlkZWQgcHJvcHMgdG8gb3ZlcnJpZGUgdGhlIGRlZmF1bHQgcHJvcHMgZm9yIHRoZSBwcmltYXJ5IHF1ZXVlLlxuICAgICAqXG4gICAgICogQGRlZmF1bHQgLSBEZWZhdWx0IHByb3BzIGFyZSB1c2VkLlxuICAgICAqL1xuICAgIHJlYWRvbmx5IHF1ZXVlUHJvcHM/OiBzcXMuUXVldWVQcm9wcztcbiAgICAvKipcbiAgICAgKiBPcHRpb25hbCBwcm9wcyByZXF1aXJlZCBieSB0aGUgY29uc3RydWN0IHRoYXQgb3ZlcmlkZSBib3RoIHRoZSBkZWZhdWx0IGFuZCBjbGllbnQgc3VwcGxpZWQgdmFsdWVzXG4gICAgICpcbiAgICAgKiBAZGVmYXVsdCAtIG5vbmVcbiAgICAgKi9cbiAgICByZWFkb25seSBjb25zdHJ1Y3RRdWV1ZVByb3BzPzogc3FzLlF1ZXVlUHJvcHM7XG4gICAgLyoqXG4gICAgICogSWYgbm8ga2V5IGlzIHByb3ZpZGVkLCB0aGlzIGZsYWcgZGV0ZXJtaW5lcyB3aGV0aGVyIHRoZSBxdWV1ZSBpcyBlbmNyeXB0ZWQgd2l0aCBhIG5ldyBDTUsgb3IgYW4gQVdTIG1hbmFnZWQga2V5LlxuICAgICAqIFRoaXMgZmxhZyBpcyBpZ25vcmVkIGlmIGFueSBvZiB0aGUgZm9sbG93aW5nIGFyZSBkZWZpbmVkOiBxdWV1ZVByb3BzLmVuY3J5cHRpb25NYXN0ZXJLZXksIGVuY3J5cHRpb25LZXkgb3IgZW5jcnlwdGlvbktleVByb3BzLlxuICAgICAqXG4gICAgICogQGRlZmF1bHQgLSBGYWxzZSBpZiBxdWV1ZVByb3BzLmVuY3J5cHRpb25NYXN0ZXJLZXksIGVuY3J5cHRpb25LZXksIGFuZCBlbmNyeXB0aW9uS2V5UHJvcHMgYXJlIGFsbCB1bmRlZmluZWQuXG4gICAgICovXG4gICAgcmVhZG9ubHkgZW5hYmxlRW5jcnlwdGlvbldpdGhDdXN0b21lck1hbmFnZWRLZXk/OiBib29sZWFuO1xuICAgIC8qKlxuICAgICAqIEFuIG9wdGlvbmFsLCBpbXBvcnRlZCBlbmNyeXB0aW9uIGtleSB0byBlbmNyeXB0IHRoZSBTUVMgUXVldWUgd2l0aC5cbiAgICAgKlxuICAgICAqIEBkZWZhdWx0IC0gTm9uZVxuICAgICAqL1xuICAgIHJlYWRvbmx5IGVuY3J5cHRpb25LZXk/OiBrbXMuSUtleTtcbiAgICAvKipcbiAgICAgKiBPcHRpb25hbCB1c2VyIHByb3ZpZGVkIHByb3BlcnRpZXMgdG8gb3ZlcnJpZGUgdGhlIGRlZmF1bHQgcHJvcGVydGllcyBmb3IgdGhlIEtNUyBlbmNyeXB0aW9uIGtleSB1c2VkIHRvIGVuY3J5cHQgdGhlIFNRUyBRdWV1ZSB3aXRoLlxuICAgICAqXG4gICAgICogQGRlZmF1bHQgLSBOb25lXG4gICAgICovXG4gICAgIHJlYWRvbmx5IGVuY3J5cHRpb25LZXlQcm9wcz86IGttcy5LZXlQcm9wcztcbiAgICAvKipcbiAgICAgKiBXaGV0aGVyIHRvIGRlcGxveSBhIHNlY29uZGFyeSBxdWV1ZSB0byBiZSB1c2VkIGFzIGEgZGVhZCBsZXR0ZXIgcXVldWUuXG4gICAgICpcbiAgICAgKiBAZGVmYXVsdCAtIHRydWVcbiAgICAgKi9cbiAgICByZWFkb25seSBkZXBsb3lEZWFkTGV0dGVyUXVldWU/OiBib29sZWFuLFxuICAgIC8qKlxuICAgICAqIE9wdGlvbmFsIHVzZXIgcHJvdmlkZWQgcHJvcGVydGllcyBmb3IgdGhlIGRlYWQgbGV0dGVyIHF1ZXVlXG4gICAgICpcbiAgICAgKiBAZGVmYXVsdCAtIERlZmF1bHQgcHJvcHMgYXJlIHVzZWRcbiAgICAgKi9cbiAgICByZWFkb25seSBkZWFkTGV0dGVyUXVldWVQcm9wcz86IHNxcy5RdWV1ZVByb3BzLFxuICAgIC8qKlxuICAgICAqIE9wdGlvbmFsIHByb3BzIHJlcXVpcmVkIGJ5IHRoZSBjb25zdHJ1Y3QgdGhhdCBvdmVyaWRlIGJvdGggdGhlIGRlZmF1bHQgYW5kIGNsaWVudCBzdXBwbGllZCB2YWx1ZXNcbiAgICAgKlxuICAgICAqIEBkZWZhdWx0IC0gbm9uZVxuICAgICAqL1xuICAgIHJlYWRvbmx5IGNvbnN0cnVjdERlYWRMZXR0ZXJRdWV1ZVByb3BzPzogc3FzLlF1ZXVlUHJvcHMsXG4gICAgLyoqXG4gICAgICogVGhlIG51bWJlciBvZiB0aW1lcyBhIG1lc3NhZ2UgY2FuIGJlIHVuc3VjY2Vzc2Z1bGx5IGRlcXVldWVkIGJlZm9yZSBiZWluZyBtb3ZlZCB0byB0aGUgZGVhZCBsZXR0ZXIgcXVldWUuXG4gICAgICpcbiAgICAgKiBAZGVmYXVsdCAtIERlZmF1bHQgcHJvcHMgYXJlIHVzZWRcbiAgICAgKi9cbiAgICByZWFkb25seSBtYXhSZWNlaXZlQ291bnQ/OiBudW1iZXJcbn1cblxuZXhwb3J0IGludGVyZmFjZSBCdWlsZFF1ZXVlUmVzcG9uc2Uge1xuICByZWFkb25seSBxdWV1ZTogc3FzLlF1ZXVlLFxuICByZWFkb25seSBrZXk/OiBrbXMuSUtleSxcbiAgcmVhZG9ubHkgZGxxPzogc3FzLkRlYWRMZXR0ZXJRdWV1ZSxcbn1cblxuLyoqXG4gKiBAaW50ZXJuYWwgVGhpcyBpcyBhbiBpbnRlcm5hbCBjb3JlIGZ1bmN0aW9uIGFuZCBzaG91bGQgbm90IGJlIGNhbGxlZCBkaXJlY3RseSBieSBTb2x1dGlvbnMgQ29uc3RydWN0cyBjbGllbnRzLlxuICovXG5leHBvcnQgZnVuY3Rpb24gYnVpbGRRdWV1ZShzY29wZTogQ29uc3RydWN0LCBpZDogc3RyaW5nLCBwcm9wczogQnVpbGRRdWV1ZVByb3BzKTogQnVpbGRRdWV1ZVJlc3BvbnNlIHtcbiAgQ2hlY2tCdWlkUXVldWVQcm9wcyhwcm9wcyk7XG4gIGxldCBkZWFkTGV0dGVyUXVldWU6IHNxcy5EZWFkTGV0dGVyUXVldWUgfCB1bmRlZmluZWQ7XG5cbiAgaWYgKENoZWNrQm9vbGVhbldpdGhEZWZhdWx0KCBwcm9wcy5kZXBsb3lEZWFkTGV0dGVyUXVldWUsIHRydWUpKSB7XG4gICAgZGVhZExldHRlclF1ZXVlID0gYnVpbGREZWFkTGV0dGVyUXVldWUoc2NvcGUsIGlkLCB7XG4gICAgICBleGlzdGluZ1F1ZXVlT2JqOiBwcm9wcy5leGlzdGluZ1F1ZXVlT2JqLFxuICAgICAgZGVwbG95RGVhZExldHRlclF1ZXVlOiBwcm9wcy5kZXBsb3lEZWFkTGV0dGVyUXVldWUsXG4gICAgICBkZWFkTGV0dGVyUXVldWVQcm9wczogcHJvcHMuZGVhZExldHRlclF1ZXVlUHJvcHMsXG4gICAgICBjb25zdHJ1Y3REZWFkTGV0dGVyUXVldWVQcm9wczogcHJvcHMuY29uc3RydWN0RGVhZExldHRlclF1ZXVlUHJvcHMsXG4gICAgICBtYXhSZWNlaXZlQ291bnQ6IHByb3BzLm1heFJlY2VpdmVDb3VudFxuICAgIH0pO1xuICB9XG5cbiAgLy8gSWYgYW4gZXhpc3RpbmdRdWV1ZU9iaiBpcyBub3Qgc3BlY2lmaWVkXG4gIGlmICghcHJvcHMuZXhpc3RpbmdRdWV1ZU9iaikge1xuICAgIC8vIFNldHVwIHRoZSBxdWV1ZVxuICAgIGxldCBxdWV1ZVByb3BzO1xuICAgIGlmIChwcm9wcy5xdWV1ZVByb3BzKSB7XG4gICAgICAvLyBJZiBwcm9wZXJ0eSBvdmVycmlkZXMgaGF2ZSBiZWVuIHByb3ZpZGVkLCBpbmNvcnBvcmF0ZSB0aGVtIGFuZCBkZXBsb3lcbiAgICAgIGNvbnN0IGNoZWNrRmlmbyA9IHByb3BzLnF1ZXVlUHJvcHMuZmlmbyA/IHRydWUgOiB1bmRlZmluZWQ7XG4gICAgICBxdWV1ZVByb3BzID0gb3ZlcnJpZGVQcm9wcyhkZWZhdWx0cy5EZWZhdWx0UXVldWVQcm9wcygpLCB7IC4uLnByb3BzLnF1ZXVlUHJvcHMsIGZpZm86IGNoZWNrRmlmbyB9KTtcbiAgICB9IGVsc2Uge1xuICAgICAgLy8gSWYgbm8gcHJvcGVydHkgb3ZlcnJpZGVzLCBkZXBsb3kgdXNpbmcgdGhlIGRlZmF1bHQgY29uZmlndXJhdGlvblxuICAgICAgcXVldWVQcm9wcyA9IGRlZmF1bHRzLkRlZmF1bHRRdWV1ZVByb3BzKCk7XG4gICAgfVxuICAgIGlmIChwcm9wcy5jb25zdHJ1Y3RRdWV1ZVByb3BzKSB7XG4gICAgICBxdWV1ZVByb3BzID0gb3ZlcnJpZGVQcm9wcyhxdWV1ZVByb3BzLCBwcm9wcy5jb25zdHJ1Y3RRdWV1ZVByb3BzKTtcbiAgICB9XG5cbiAgICAvLyBEZXRlcm1pbmUgd2hldGhlciBhIERMUSBwcm9wZXJ0eSBzaG91bGQgYmUgYWRkZWRcbiAgICBpZiAoZGVhZExldHRlclF1ZXVlKSB7XG4gICAgICBxdWV1ZVByb3BzLmRlYWRMZXR0ZXJRdWV1ZSA9IGRlYWRMZXR0ZXJRdWV1ZTtcbiAgICB9XG5cbiAgICAvLyBTZXQgZW5jcnlwdGlvbiBwcm9wZXJ0aWVzLlxuICAgIC8vIE5vdGUgdGhhdCBkZWZhdWx0cy5EZWZhdWx0UXVldWVQcm9wcyBzZXRzIGVuY3J5cHRpb24gdG8gU2VydmVyLXNpZGUgS01TIGVuY3J5cHRpb24gd2l0aCBhIEtNUyBrZXkgbWFuYWdlZCBieSBTUVMuXG4gICAgaWYgKHByb3BzLnF1ZXVlUHJvcHM/LmVuY3J5cHRpb25NYXN0ZXJLZXkpIHtcbiAgICAgIHF1ZXVlUHJvcHMuZW5jcnlwdGlvbk1hc3RlcktleSA9IHByb3BzLnF1ZXVlUHJvcHM/LmVuY3J5cHRpb25NYXN0ZXJLZXk7XG4gICAgfSBlbHNlIGlmIChwcm9wcy5lbmNyeXB0aW9uS2V5KSB7XG4gICAgICBxdWV1ZVByb3BzLmVuY3J5cHRpb25NYXN0ZXJLZXkgPSBwcm9wcy5lbmNyeXB0aW9uS2V5O1xuICAgIH0gZWxzZSBpZiAocHJvcHMuZW5jcnlwdGlvbktleVByb3BzIHx8IHByb3BzLmVuYWJsZUVuY3J5cHRpb25XaXRoQ3VzdG9tZXJNYW5hZ2VkS2V5ID09PSB0cnVlKSB7XG4gICAgICBxdWV1ZVByb3BzLmVuY3J5cHRpb25NYXN0ZXJLZXkgPSBidWlsZEVuY3J5cHRpb25LZXkoc2NvcGUsIGlkLCBwcm9wcy5lbmNyeXB0aW9uS2V5UHJvcHMpO1xuICAgIH1cblxuICAgIC8vIE5PU09OQVIgKHR5cGVzY3JpcHQ6UzYzMzApXG4gICAgLy8gZW5jcnlwdGlvbiBpcyBzZXQgdG8gUXVldWVFbmNyeXB0aW9uLktNU19NQU5BR0VEIGJ5IGRlZmF1bHQgaW4gRGVmYXVsdFF1ZXVlUHJvcHMsIGJ1dFxuICAgIC8vIFNvbmFycXViZSBjYW4ndCBwYXJzZSB0aGUgY29kZSB3ZWxsIGVub3VnaCB0byBzZWUgdGhpcy4gRW5jcnlwdGlvbiBpcyBjb25maXJtZWQgYnlcbiAgICAvLyB0aGUgJ1Rlc3QgZGVwbG95bWVudCB3aXRob3V0IGltcG9ydGVkIGVuY3J5cHRpb24ga2V5JyB1bml0IHRlc3RcbiAgICBjb25zdCBxdWV1ZSA9IG5ldyBzcXMuUXVldWUoc2NvcGUsIGlkLCBxdWV1ZVByb3BzKTsgLy8gTk9TT05BUlxuXG4gICAgYXBwbHlTZWN1cmVRdWV1ZVBvbGljeShxdWV1ZSk7XG5cbiAgICAvLyBSZXR1cm4gdGhlIHF1ZXVlXG4gICAgcmV0dXJuIHsgcXVldWUsIGtleTogcXVldWUuZW5jcnlwdGlvbk1hc3RlcktleSwgIGRscTogZGVhZExldHRlclF1ZXVlIH07XG4gIH0gZWxzZSB7XG4gICAgLy8gSWYgYW4gZXhpc3RpbmdRdWV1ZU9iaiBpcyBzcGVjaWZpZWQsIHJldHVybiB0aGF0IG9iamVjdCBhcyB0aGUgcXVldWUgdG8gYmUgdXNlZFxuICAgIHJldHVybiB7IHF1ZXVlOiBwcm9wcy5leGlzdGluZ1F1ZXVlT2JqIH07XG4gIH1cbn1cblxuLyoqXG4gKiBAaW50ZXJuYWwgVGhpcyBpcyBhbiBpbnRlcm5hbCBjb3JlIGZ1bmN0aW9uIGFuZCBzaG91bGQgbm90IGJlIGNhbGxlZCBkaXJlY3RseSBieSBTb2x1dGlvbnMgQ29uc3RydWN0cyBjbGllbnRzLlxuICovXG5mdW5jdGlvbiBDaGVja0J1aWRRdWV1ZVByb3BzKHByb3BzOiBCdWlsZFF1ZXVlUHJvcHMpIHtcbiAgaWYgKChwcm9wcy5xdWV1ZVByb3BzPy5lbmNyeXB0aW9uTWFzdGVyS2V5IHx8IHByb3BzLmVuY3J5cHRpb25LZXkgfHwgcHJvcHMuZW5jcnlwdGlvbktleVByb3BzKVxuICAmJiBwcm9wcy5lbmFibGVFbmNyeXB0aW9uV2l0aEN1c3RvbWVyTWFuYWdlZEtleSAhPT0gdHJ1ZSkge1xuICAgIHByaW50V2FybmluZyhgSWdub3JpbmcgZW5hYmxlRW5jcnlwdGlvbldpdGhDdXN0b21lck1hbmFnZWRLZXkgYmVjYXVzZSBvbmUgb2ZcbiAgICAgcXVldWVQcm9wcy5lbmNyeXB0aW9uTWFzdGVyS2V5LCBlbmNyeXB0aW9uS2V5LCBvciBlbmNyeXB0aW9uS2V5UHJvcHMgd2FzIGFscmVhZHkgc3BlY2lmaWVkYCk7XG4gIH1cblxuICBsZXQgZXJyb3JNZXNzYWdlcyA9ICcnO1xuICBsZXQgZXJyb3JGb3VuZCA9IGZhbHNlO1xuXG4gIGlmICgocHJvcHMuZGVwbG95RGVhZExldHRlclF1ZXVlID09PSBmYWxzZSkgJiYgcHJvcHMubWF4UmVjZWl2ZUNvdW50KSB7XG4gICAgZXJyb3JNZXNzYWdlcyArPSAnRXJyb3IgLSBNYXhSZWNlaXZlQ291bnQgY2Fubm90IGJlIHNldCBpZiBkZXBsb3lEZWFkTGV0dGVyUXVldWUgaXMgZmFsc2UuXFxuJztcbiAgICBlcnJvckZvdW5kID0gdHJ1ZTtcbiAgfVxuXG4gIGlmIChlcnJvckZvdW5kKSB7XG4gICAgdGhyb3cgbmV3IEVycm9yKGVycm9yTWVzc2FnZXMpO1xuICB9XG59XG5cbmV4cG9ydCBpbnRlcmZhY2UgQnVpbGREZWFkTGV0dGVyUXVldWVQcm9wcyB7XG4gIC8qKlxuICAgKiBFeGlzdGluZyBpbnN0YW5jZSBvZiBTUVMgcXVldWUgb2JqZWN0LCBwcm92aWRpbmcgYm90aCB0aGlzIGFuZCBxdWV1ZVByb3BzIHdpbGwgY2F1c2UgYW4gZXJyb3IuXG4gICAqXG4gICAqIEBkZWZhdWx0IC0gTm9uZS5cbiAgICovXG4gIHJlYWRvbmx5IGV4aXN0aW5nUXVldWVPYmo/OiBzcXMuUXVldWUsXG4gIC8qKlxuICAgKiBXaGV0aGVyIHRvIGRlcGxveSBhIHNlY29uZGFyeSBxdWV1ZSB0byBiZSB1c2VkIGFzIGEgZGVhZCBsZXR0ZXIgcXVldWUuXG4gICAqXG4gICAqIEBkZWZhdWx0IC0gcmVxdWlyZWQgZmllbGQuXG4gICAqL1xuICByZWFkb25seSBkZXBsb3lEZWFkTGV0dGVyUXVldWU/OiBib29sZWFuLFxuICAvKipcbiAgICogT3B0aW9uYWwgdXNlciBwcm92aWRlZCBwcm9wZXJ0aWVzIGZvciB0aGUgZGVhZCBsZXR0ZXIgcXVldWVcbiAgICpcbiAgICogQGRlZmF1bHQgLSBEZWZhdWx0IHByb3BzIGFyZSB1c2VkXG4gICAqL1xuICByZWFkb25seSBkZWFkTGV0dGVyUXVldWVQcm9wcz86IHNxcy5RdWV1ZVByb3BzLFxuICAvKipcbiAgICogT3B0aW9uYWwgUHJvcHMgdGhhdCBvdmVycmlkZSBkZWZhdWx0IGFuZCBjbGllbnQgcHJvcHNcbiAgICpcbiAgICogQGRlZmF1bHQgLSBEZWZhdWx0IHByb3BzIGFyZSB1c2VkXG4gICAqL1xuICByZWFkb25seSBjb25zdHJ1Y3REZWFkTGV0dGVyUXVldWVQcm9wcz86IHNxcy5RdWV1ZVByb3BzLFxuICAvKipcbiAgICogVGhlIG51bWJlciBvZiB0aW1lcyBhIG1lc3NhZ2UgY2FuIGJlIHVuc3VjY2Vzc2Z1bGx5IGRlcXVldWVkIGJlZm9yZSBiZWluZyBtb3ZlZCB0byB0aGUgZGVhZCBsZXR0ZXIgcXVldWUuXG4gICAqXG4gICAqIEBkZWZhdWx0IC0gRGVmYXVsdCBwcm9wcyBhcmUgdXNlZFxuICAgKi9cbiAgcmVhZG9ubHkgbWF4UmVjZWl2ZUNvdW50PzogbnVtYmVyXG59XG5cbi8qKlxuICogQGludGVybmFsIFRoaXMgaXMgYW4gaW50ZXJuYWwgY29yZSBmdW5jdGlvbiBhbmQgc2hvdWxkIG5vdCBiZSBjYWxsZWQgZGlyZWN0bHkgYnkgU29sdXRpb25zIENvbnN0cnVjdHMgY2xpZW50cy5cbiAqL1xuZXhwb3J0IGZ1bmN0aW9uIGJ1aWxkRGVhZExldHRlclF1ZXVlKHNjb3BlOiBDb25zdHJ1Y3QsIGlkOiBzdHJpbmcsIHByb3BzOiBCdWlsZERlYWRMZXR0ZXJRdWV1ZVByb3BzKTogc3FzLkRlYWRMZXR0ZXJRdWV1ZSB8IHVuZGVmaW5lZCB7XG4gIGlmICghcHJvcHMuZXhpc3RpbmdRdWV1ZU9iaiAmJiBDaGVja0Jvb2xlYW5XaXRoRGVmYXVsdChwcm9wcy5kZXBsb3lEZWFkTGV0dGVyUXVldWUsIHRydWUpKSB7XG4gICAgLy8gQ3JlYXRlIHRoZSBEZWFkIExldHRlciBRdWV1ZVxuICAgIGNvbnN0IGJ1aWxkUXVldWVSZXNwb25zZSA9IGJ1aWxkUXVldWUoc2NvcGUsIGAke2lkfS1kbHFgLCB7XG4gICAgICBxdWV1ZVByb3BzOiBjb25zb2xpZGF0ZVByb3BzKHt9LCBwcm9wcy5kZWFkTGV0dGVyUXVldWVQcm9wcywgcHJvcHMuY29uc3RydWN0RGVhZExldHRlclF1ZXVlUHJvcHMpLFxuICAgICAgZGVwbG95RGVhZExldHRlclF1ZXVlOiBmYWxzZSAgLy8gZG9uJ3QgZGVwbG95IGEgRExRIGZvciB0aGUgRExHIVxuICAgIH0pO1xuXG4gICAgY29uc3QgbXJjID0gKHByb3BzLm1heFJlY2VpdmVDb3VudCkgPyBwcm9wcy5tYXhSZWNlaXZlQ291bnQgOiBkZWZhdWx0cy5kZWZhdWx0TWF4UmVjZWl2ZUNvdW50O1xuXG4gICAgLy8gU2V0dXAgdGhlIERlYWQgTGV0dGVyIFF1ZXVlIGludGVyZmFjZVxuICAgIGNvbnN0IGRlYWRMZXR0ZXJRdWV1ZU9iamVjdDogc3FzLkRlYWRMZXR0ZXJRdWV1ZSA9IHtcbiAgICAgIG1heFJlY2VpdmVDb3VudDogbXJjLFxuICAgICAgcXVldWU6IGJ1aWxkUXVldWVSZXNwb25zZS5xdWV1ZVxuICAgIH07XG5cbiAgICAvLyBSZXR1cm4gdGhlIGRlYWQgbGV0dGVyIHF1ZXVlIGludGVyZmFjZVxuICAgIHJldHVybiBkZWFkTGV0dGVyUXVldWVPYmplY3Q7XG4gIH1cbiAgLy8gVHlwZXNjcmlwdCByZXF1aXJlcyB0aGlzIHJldHVybiBzdGF0ZW1lbnQsIHNvIGRpc2FibGluZyBTb25hclF1YmUgd2FybmluZ1xuICByZXR1cm47IC8vIE5PU09OQVJcbn1cblxuZnVuY3Rpb24gYXBwbHlTZWN1cmVRdWV1ZVBvbGljeShxdWV1ZTogc3FzLlF1ZXVlKTogdm9pZCB7XG5cbiAgLy8gQXBwbHkgcXVldWUgcG9saWN5IHRvIGVuZm9yY2Ugb25seSB0aGUgcXVldWUgb3duZXIgY2FuIHBlcmZvcm0gb3BlcmF0aW9ucyBvbiBxdWV1ZVxuICBxdWV1ZS5hZGRUb1Jlc291cmNlUG9saWN5KFxuICAgIG5ldyBQb2xpY3lTdGF0ZW1lbnQoe1xuICAgICAgc2lkOiAnUXVldWVPd25lck9ubHlBY2Nlc3MnLFxuICAgICAgcmVzb3VyY2VzOiBbXG4gICAgICAgIGAke3F1ZXVlLnF1ZXVlQXJufWBcbiAgICAgIF0sXG4gICAgICBhY3Rpb25zOiBbXG4gICAgICAgIFwic3FzOkRlbGV0ZU1lc3NhZ2VcIixcbiAgICAgICAgXCJzcXM6UmVjZWl2ZU1lc3NhZ2VcIixcbiAgICAgICAgXCJzcXM6U2VuZE1lc3NhZ2VcIixcbiAgICAgICAgXCJzcXM6R2V0UXVldWVBdHRyaWJ1dGVzXCIsXG4gICAgICAgIFwic3FzOlJlbW92ZVBlcm1pc3Npb25cIixcbiAgICAgICAgXCJzcXM6QWRkUGVybWlzc2lvblwiLFxuICAgICAgICBcInNxczpTZXRRdWV1ZUF0dHJpYnV0ZXNcIlxuICAgICAgXSxcbiAgICAgIHByaW5jaXBhbHM6IFtuZXcgQWNjb3VudFByaW5jaXBhbChTdGFjay5vZihxdWV1ZSkuYWNjb3VudCldLFxuICAgICAgZWZmZWN0OiBFZmZlY3QuQUxMT1dcbiAgICB9KVxuICApO1xuXG4gIC8vIEFwcGx5IHF1ZXVlIHBvbGljeSB0byBlbmZvcmNlIGVuY3J5cHRpb24gb2YgZGF0YSBpbiB0cmFuc2l0XG4gIHF1ZXVlLmFkZFRvUmVzb3VyY2VQb2xpY3koXG4gICAgbmV3IFBvbGljeVN0YXRlbWVudCh7XG4gICAgICBzaWQ6ICdIdHRwc09ubHknLFxuICAgICAgcmVzb3VyY2VzOiBbXG4gICAgICAgIGAke3F1ZXVlLnF1ZXVlQXJufWBcbiAgICAgIF0sXG4gICAgICBhY3Rpb25zOiBbXG4gICAgICAgIFwiU1FTOipcIlxuICAgICAgXSxcbiAgICAgIHByaW5jaXBhbHM6IFtuZXcgQW55UHJpbmNpcGFsKCldLFxuICAgICAgZWZmZWN0OiBFZmZlY3QuREVOWSxcbiAgICAgIGNvbmRpdGlvbnM6XG4gICAgICAgICAge1xuICAgICAgICAgICAgQm9vbDoge1xuICAgICAgICAgICAgICAnYXdzOlNlY3VyZVRyYW5zcG9ydCc6ICdmYWxzZSdcbiAgICAgICAgICAgIH1cbiAgICAgICAgICB9XG4gICAgfSlcbiAgKTtcbn1cblxuZXhwb3J0IGludGVyZmFjZSBTcXNQcm9wcyB7XG4gIHJlYWRvbmx5IGV4aXN0aW5nUXVldWVPYmo/OiBzcXMuUXVldWUsXG4gIHJlYWRvbmx5IHF1ZXVlUHJvcHM/OiBzcXMuUXVldWVQcm9wcyxcbiAgcmVhZG9ubHkgZGVwbG95RGVhZExldHRlclF1ZXVlPzogYm9vbGVhbixcbiAgcmVhZG9ubHkgZGVhZExldHRlclF1ZXVlUHJvcHM/OiBzcXMuUXVldWVQcm9wcyxcbiAgcmVhZG9ubHkgZW5jcnlwdGlvbktleT86IGttcy5LZXksXG4gIHJlYWRvbmx5IGVuY3J5cHRpb25LZXlQcm9wcz86IGttcy5LZXlQcm9wc1xufVxuXG5leHBvcnQgZnVuY3Rpb24gQ2hlY2tTcXNQcm9wcyhwcm9wc09iamVjdDogU3FzUHJvcHMgfCBhbnkpIHtcbiAgbGV0IGVycm9yTWVzc2FnZXMgPSAnJztcbiAgbGV0IGVycm9yRm91bmQgPSBmYWxzZTtcblxuICBpZiAocHJvcHNPYmplY3QuZXhpc3RpbmdRdWV1ZU9iaiAmJiBwcm9wc09iamVjdC5xdWV1ZVByb3BzKSB7XG4gICAgZXJyb3JNZXNzYWdlcyArPSAnRXJyb3IgLSBFaXRoZXIgcHJvdmlkZSBxdWV1ZVByb3BzIG9yIGV4aXN0aW5nUXVldWVPYmosIGJ1dCBub3QgYm90aC5cXG4nO1xuICAgIGVycm9yRm91bmQgPSB0cnVlO1xuICB9XG5cbiAgaWYgKHByb3BzT2JqZWN0LnF1ZXVlUHJvcHM/LmVuY3J5cHRpb25NYXN0ZXJLZXkgJiYgcHJvcHNPYmplY3QuZW5jcnlwdGlvbktleSkge1xuICAgIGVycm9yTWVzc2FnZXMgKz0gJ0Vycm9yIC0gRWl0aGVyIHByb3ZpZGUgcXVldWVQcm9wcy5lbmNyeXB0aW9uTWFzdGVyS2V5IG9yIGVuY3J5cHRpb25LZXksIGJ1dCBub3QgYm90aC5cXG4nO1xuICAgIGVycm9yRm91bmQgPSB0cnVlO1xuICB9XG5cbiAgaWYgKHByb3BzT2JqZWN0LnF1ZXVlUHJvcHM/LmVuY3J5cHRpb25NYXN0ZXJLZXkgJiYgcHJvcHNPYmplY3QuZW5jcnlwdGlvbktleVByb3BzKSB7XG4gICAgZXJyb3JNZXNzYWdlcyArPSAnRXJyb3IgLSBFaXRoZXIgcHJvdmlkZSBxdWV1ZVByb3BzLmVuY3J5cHRpb25NYXN0ZXJLZXkgb3IgZW5jcnlwdGlvbktleVByb3BzLCBidXQgbm90IGJvdGguXFxuJztcbiAgICBlcnJvckZvdW5kID0gdHJ1ZTtcbiAgfVxuXG4gIGlmIChwcm9wc09iamVjdC5lbmNyeXB0aW9uS2V5ICYmIHByb3BzT2JqZWN0LmVuY3J5cHRpb25LZXlQcm9wcykge1xuICAgIGVycm9yTWVzc2FnZXMgKz0gJ0Vycm9yIC0gRWl0aGVyIHByb3ZpZGUgZW5jcnlwdGlvbktleSBvciBlbmNyeXB0aW9uS2V5UHJvcHMsIGJ1dCBub3QgYm90aC5cXG4nO1xuICAgIGVycm9yRm91bmQgPSB0cnVlO1xuICB9XG5cbiAgaWYgKChwcm9wc09iamVjdD8uZGVwbG95RGVhZExldHRlclF1ZXVlID09PSBmYWxzZSkgJiYgcHJvcHNPYmplY3QuZGVhZExldHRlclF1ZXVlUHJvcHMpIHtcbiAgICBlcnJvck1lc3NhZ2VzICs9ICdFcnJvciAtIElmIGRlcGxveURlYWRMZXR0ZXJRdWV1ZSBpcyBmYWxzZSB0aGVuIGRlYWRMZXR0ZXJRdWV1ZVByb3BzIGNhbm5vdCBiZSBzcGVjaWZpZWQuXFxuJztcbiAgICBlcnJvckZvdW5kID0gdHJ1ZTtcbiAgfVxuXG4gIGNvbnN0IGlzUXVldWVGaWZvOiBib29sZWFuID0gcHJvcHNPYmplY3Q/LnF1ZXVlUHJvcHM/LmZpZm87XG4gIGNvbnN0IGlzRGVhZExldHRlclF1ZXVlRmlmbzogYm9vbGVhbiA9IHByb3BzT2JqZWN0Py5kZWFkTGV0dGVyUXVldWVQcm9wcz8uZmlmbztcbiAgY29uc3QgZGVwbG95RGVhZExldHRlclF1ZXVlOiBib29sZWFuID0gQ2hlY2tCb29sZWFuV2l0aERlZmF1bHQocHJvcHNPYmplY3QuZGVwbG95RGVhZExldHRlclF1ZXVlLCB0cnVlKTtcblxuICBpZiAoZGVwbG95RGVhZExldHRlclF1ZXVlICYmIChpc1F1ZXVlRmlmbyAhPT0gaXNEZWFkTGV0dGVyUXVldWVGaWZvKSkge1xuICAgIGVycm9yTWVzc2FnZXMgKz0gJ0Vycm9yIC0gSWYgeW91IHNwZWNpZnkgYSBmaWZvOiB0cnVlIGluIGVpdGhlciBxdWV1ZVByb3BzIG9yIGRlYWRMZXR0ZXJRdWV1ZVByb3BzLCB5b3UgbXVzdCBhbHNvIHNldCBmaWZvOiAnICtcbiAgICAgICd0cnVlIGluIHRoZSBvdGhlciBwcm9wcyBvYmplY3QuIEZpZm8gbXVzdCBtYXRjaCBmb3IgdGhlIFF1ZXVlIGFuZCB0aGUgRGVhZCBMZXR0ZXIgUXVldWUuXFxuJztcbiAgICBlcnJvckZvdW5kID0gdHJ1ZTtcbiAgfVxuXG4gIGlmIChlcnJvckZvdW5kKSB7XG4gICAgdGhyb3cgbmV3IEVycm9yKGVycm9yTWVzc2FnZXMpO1xuICB9XG59XG4iXX0=