UNPKG

aws-cdk

Version:

AWS CDK CLI, the command line tool for CDK apps

github.com/aws/aws-cdk

aws/aws-cdk-cli

202 lines 31.8 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
"use strict"; Object.defineProperty(exports, "__esModule", { value: true }); exports.EnvironmentAccess = void 0; const environment_resources_1 = require("./environment-resources"); const placeholders_1 = require("./placeholders"); const api_1 = require("../../../../@aws-cdk/tmp-toolkit-helpers/src/api"); const private_1 = require("../../../../@aws-cdk/tmp-toolkit-helpers/src/api/io/private"); const util_1 = require("../../util"); const mode_1 = require("../plugin/mode"); /** * Access particular AWS resources, based on information from the CX manifest * * It is not possible to grab direct access to AWS credentials; 9 times out of 10 * we have to allow for role assumption, and role assumption can only work if * there is a CX Manifest that contains a role ARN. * * This class exists so new code isn't tempted to go and get SDK credentials directly. */ class EnvironmentAccess { constructor(sdkProvider, toolkitStackName, ioHelper) { this.sdkProvider = sdkProvider; this.sdkCache = new Map(); this.environmentResources = new environment_resources_1.EnvironmentResourcesRegistry(toolkitStackName); this.ioHelper = ioHelper; } /** * Resolves the environment for a stack. */ async resolveStackEnvironment(stack) { return this.sdkProvider.resolveEnvironment(stack.environment); } /** * Get an SDK to access the given stack's environment for stack operations * * Will ask plugins for readonly credentials if available, use the default * AWS credentials if not. * * Will assume the deploy role if configured on the stack. Check the default `deploy-role` * policies to see what you can do with this role. */ async accessStackForReadOnlyStackOperations(stack) { return this.accessStackForStackOperations(stack, mode_1.Mode.ForReading); } /** * Get an SDK to access the given stack's environment for stack operations * * Will ask plugins for mutating credentials if available, use the default AWS * credentials if not. The `mode` parameter is only used for querying * plugins. * * Will assume the deploy role if configured on the stack. Check the default `deploy-role` * policies to see what you can do with this role. */ async accessStackForMutableStackOperations(stack) { return this.accessStackForStackOperations(stack, mode_1.Mode.ForWriting); } /** * Get an SDK to access the given stack's environment for environmental lookups * * Will use a plugin if available, use the default AWS credentials if not. * The `mode` parameter is only used for querying plugins. * * Will assume the lookup role if configured on the stack. Check the default `lookup-role` * policies to see what you can do with this role. It can generally read everything * in the account that does not require KMS access. * * --- * * For backwards compatibility reasons, there are some scenarios that are handled here: * * 1. The lookup role may not exist (it was added in bootstrap stack version 7). If so: * a. Return the default credentials if the default credentials are for the stack account * (you will notice this as `isFallbackCredentials=true`). * b. Throw an error if the default credentials are not for the stack account. * * 2. The lookup role may not have the correct permissions (for example, ReadOnlyAccess was added in * bootstrap stack version 8); the stack will have a minimum version number on it. * a. If it does not we throw an error which should be handled in the calling * function (and fallback to use a different role, etc) * * Upon success, caller will have an SDK for the right account, which may or may not have * the right permissions. */ async accessStackForLookup(stack) { if (!stack.environment) { throw new api_1.ToolkitError(`The stack ${stack.displayName} does not have an environment`); } const lookupEnv = await this.prepareSdk({ environment: stack.environment, mode: mode_1.Mode.ForReading, assumeRoleArn: stack.lookupRole?.arn, assumeRoleExternalId: stack.lookupRole?.assumeRoleExternalId, assumeRoleAdditionalOptions: stack.lookupRole?.assumeRoleAdditionalOptions, }); // if we succeed in assuming the lookup role, make sure we have the correct bootstrap stack version if (lookupEnv.didAssumeRole && stack.lookupRole?.bootstrapStackVersionSsmParameter && stack.lookupRole.requiresBootstrapStackVersion) { const version = await lookupEnv.resources.versionFromSsmParameter(stack.lookupRole.bootstrapStackVersionSsmParameter); if (version < stack.lookupRole.requiresBootstrapStackVersion) { throw new api_1.ToolkitError(`Bootstrap stack version '${stack.lookupRole.requiresBootstrapStackVersion}' is required, found version '${version}'. To get rid of this error, please upgrade to bootstrap version >= ${stack.lookupRole.requiresBootstrapStackVersion}`); } } if (lookupEnv.isFallbackCredentials) { const arn = await lookupEnv.replacePlaceholders(stack.lookupRole?.arn); await this.ioHelper.notify(private_1.IO.DEFAULT_TOOLKIT_WARN.msg(`Lookup role ${arn} was not assumed. Proceeding with default credentials.`)); } return lookupEnv; } /** * Get an SDK to access the given stack's environment for reading stack attributes * * Will use a plugin if available, use the default AWS credentials if not. * The `mode` parameter is only used for querying plugins. * * Will try to assume the lookup role if given, will use the regular stack operations * access (deploy-role) otherwise. When calling this, you should assume that you will get * the least privileged role, so don't try to use it for anything the `deploy-role` * wouldn't be able to do. Also you cannot rely on being able to read encrypted anything. */ async accessStackForLookupBestEffort(stack) { if (!stack.environment) { throw new api_1.ToolkitError(`The stack ${stack.displayName} does not have an environment`); } try { return await this.accessStackForLookup(stack); } catch (e) { await this.ioHelper.notify(private_1.IO.DEFAULT_TOOLKIT_WARN.msg(`${(0, util_1.formatErrorMessage)(e)}`)); } return this.accessStackForStackOperations(stack, mode_1.Mode.ForReading); } /** * Get an SDK to access the given stack's environment for stack operations * * Will use a plugin if available, use the default AWS credentials if not. * The `mode` parameter is only used for querying plugins. * * Will assume the deploy role if configured on the stack. Check the default `deploy-role` * policies to see what you can do with this role. */ async accessStackForStackOperations(stack, mode) { if (!stack.environment) { throw new api_1.ToolkitError(`The stack ${stack.displayName} does not have an environment`); } return this.prepareSdk({ environment: stack.environment, mode, assumeRoleArn: stack.assumeRoleArn, assumeRoleExternalId: stack.assumeRoleExternalId, assumeRoleAdditionalOptions: stack.assumeRoleAdditionalOptions, }); } /** * Prepare an SDK for use in the given environment and optionally with a role assumed. */ async prepareSdk(options) { const resolvedEnvironment = await this.sdkProvider.resolveEnvironment(options.environment); // Substitute any placeholders with information about the current environment const { assumeRoleArn } = await (0, placeholders_1.replaceEnvPlaceholders)({ assumeRoleArn: options.assumeRoleArn, }, resolvedEnvironment, this.sdkProvider); const stackSdk = await this.cachedSdkForEnvironment(resolvedEnvironment, options.mode, { assumeRoleArn, assumeRoleExternalId: options.assumeRoleExternalId, assumeRoleAdditionalOptions: options.assumeRoleAdditionalOptions, }); return { sdk: stackSdk.sdk, resolvedEnvironment, resources: this.environmentResources.for(resolvedEnvironment, stackSdk.sdk, this.ioHelper), // If we asked for a role, did not successfully assume it, and yet got here without an exception: that // means we must have fallback credentials. isFallbackCredentials: !stackSdk.didAssumeRole && !!assumeRoleArn, didAssumeRole: stackSdk.didAssumeRole, replacePlaceholders: async (str) => { const ret = await (0, placeholders_1.replaceEnvPlaceholders)({ str }, resolvedEnvironment, this.sdkProvider); return ret.str; }, }; } async cachedSdkForEnvironment(environment, mode, options) { const cacheKeyElements = [ environment.account, environment.region, `${mode}`, options?.assumeRoleArn ?? '', options?.assumeRoleExternalId ?? '', ]; if (options?.assumeRoleAdditionalOptions) { cacheKeyElements.push(JSON.stringify(options.assumeRoleAdditionalOptions)); } const cacheKey = cacheKeyElements.join(':'); const existing = this.sdkCache.get(cacheKey); if (existing) { return existing; } const ret = await this.sdkProvider.forEnvironment(environment, mode, options); this.sdkCache.set(cacheKey, ret); return ret; } } exports.EnvironmentAccess = EnvironmentAccess; //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiZW52aXJvbm1lbnQtYWNjZXNzLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiZW52aXJvbm1lbnQtYWNjZXNzLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQUdBLG1FQUF1RTtBQUV2RSxpREFBd0Q7QUFDeEQsMEVBQWdGO0FBQ2hGLHlGQUFnRztBQUNoRyxxQ0FBZ0Q7QUFFaEQseUNBQXNDO0FBRXRDOzs7Ozs7OztHQVFHO0FBQ0gsTUFBYSxpQkFBaUI7SUFLNUIsWUFBNkIsV0FBd0IsRUFBRSxnQkFBd0IsRUFBRSxRQUFrQjtRQUF0RSxnQkFBVyxHQUFYLFdBQVcsQ0FBYTtRQUpwQyxhQUFRLEdBQUcsSUFBSSxHQUFHLEVBQTZCLENBQUM7UUFLL0QsSUFBSSxDQUFDLG9CQUFvQixHQUFHLElBQUksb0RBQTRCLENBQUMsZ0JBQWdCLENBQUMsQ0FBQztRQUMvRSxJQUFJLENBQUMsUUFBUSxHQUFHLFFBQVEsQ0FBQztJQUMzQixDQUFDO0lBRUQ7O09BRUc7SUFDSSxLQUFLLENBQUMsdUJBQXVCLENBQUMsS0FBd0M7UUFDM0UsT0FBTyxJQUFJLENBQUMsV0FBVyxDQUFDLGtCQUFrQixDQUFDLEtBQUssQ0FBQyxXQUFXLENBQUMsQ0FBQztJQUNoRSxDQUFDO0lBRUQ7Ozs7Ozs7O09BUUc7SUFDSSxLQUFLLENBQUMscUNBQXFDLENBQUMsS0FBd0M7UUFDekYsT0FBTyxJQUFJLENBQUMsNkJBQTZCLENBQUMsS0FBSyxFQUFFLFdBQUksQ0FBQyxVQUFVLENBQUMsQ0FBQztJQUNwRSxDQUFDO0lBRUQ7Ozs7Ozs7OztPQVNHO0lBQ0ksS0FBSyxDQUFDLG9DQUFvQyxDQUFDLEtBQXdDO1FBQ3hGLE9BQU8sSUFBSSxDQUFDLDZCQUE2QixDQUFDLEtBQUssRUFBRSxXQUFJLENBQUMsVUFBVSxDQUFDLENBQUM7SUFDcEUsQ0FBQztJQUVEOzs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7OztPQTBCRztJQUNJLEtBQUssQ0FBQyxvQkFBb0IsQ0FBQyxLQUF3QztRQUN4RSxJQUFJLENBQUMsS0FBSyxDQUFDLFdBQVcsRUFBRSxDQUFDO1lBQ3ZCLE1BQU0sSUFBSSxrQkFBWSxDQUFDLGFBQWEsS0FBSyxDQUFDLFdBQVcsK0JBQStCLENBQUMsQ0FBQztRQUN4RixDQUFDO1FBRUQsTUFBTSxTQUFTLEdBQUcsTUFBTSxJQUFJLENBQUMsVUFBVSxDQUFDO1lBQ3RDLFdBQVcsRUFBRSxLQUFLLENBQUMsV0FBVztZQUM5QixJQUFJLEVBQUUsV0FBSSxDQUFDLFVBQVU7WUFDckIsYUFBYSxFQUFFLEtBQUssQ0FBQyxVQUFVLEVBQUUsR0FBRztZQUNwQyxvQkFBb0IsRUFBRSxLQUFLLENBQUMsVUFBVSxFQUFFLG9CQUFvQjtZQUM1RCwyQkFBMkIsRUFBRSxLQUFLLENBQUMsVUFBVSxFQUFFLDJCQUEyQjtTQUMzRSxDQUFDLENBQUM7UUFFSCxtR0FBbUc7UUFDbkcsSUFBSSxTQUFTLENBQUMsYUFBYSxJQUFJLEtBQUssQ0FBQyxVQUFVLEVBQUUsaUNBQWlDLElBQUksS0FBSyxDQUFDLFVBQVUsQ0FBQyw2QkFBNkIsRUFBRSxDQUFDO1lBQ3JJLE1BQU0sT0FBTyxHQUFHLE1BQU0sU0FBUyxDQUFDLFNBQVMsQ0FBQyx1QkFBdUIsQ0FBQyxLQUFLLENBQUMsVUFBVSxDQUFDLGlDQUFpQyxDQUFDLENBQUM7WUFDdEgsSUFBSSxPQUFPLEdBQUcsS0FBSyxDQUFDLFVBQVUsQ0FBQyw2QkFBNkIsRUFBRSxDQUFDO2dCQUM3RCxNQUFNLElBQUksa0JBQVksQ0FBQyw0QkFBNEIsS0FBSyxDQUFDLFVBQVUsQ0FBQyw2QkFBNkIsaUNBQWlDLE9BQU8sdUVBQXVFLEtBQUssQ0FBQyxVQUFVLENBQUMsNkJBQTZCLEVBQUUsQ0FBQyxDQUFDO1lBQ3BRLENBQUM7UUFDSCxDQUFDO1FBQ0QsSUFBSSxTQUFTLENBQUMscUJBQXFCLEVBQUUsQ0FBQztZQUNwQyxNQUFNLEdBQUcsR0FBRyxNQUFNLFNBQVMsQ0FBQyxtQkFBbUIsQ0FBQyxLQUFLLENBQUMsVUFBVSxFQUFFLEdBQUcsQ0FBQyxDQUFDO1lBQ3ZFLE1BQU0sSUFBSSxDQUFDLFFBQVEsQ0FBQyxNQUFNLENBQUMsWUFBRSxDQUFDLG9CQUFvQixDQUFDLEdBQUcsQ0FBQyxlQUFlLEdBQUcsd0RBQXdELENBQUMsQ0FBQyxDQUFDO1FBQ3RJLENBQUM7UUFDRCxPQUFPLFNBQVMsQ0FBQztJQUNuQixDQUFDO0lBRUQ7Ozs7Ozs7Ozs7T0FVRztJQUNJLEtBQUssQ0FBQyw4QkFBOEIsQ0FBQyxLQUF3QztRQUNsRixJQUFJLENBQUMsS0FBSyxDQUFDLFdBQVcsRUFBRSxDQUFDO1lBQ3ZCLE1BQU0sSUFBSSxrQkFBWSxDQUFDLGFBQWEsS0FBSyxDQUFDLFdBQVcsK0JBQStCLENBQUMsQ0FBQztRQUN4RixDQUFDO1FBRUQsSUFBSSxDQUFDO1lBQ0gsT0FBTyxNQUFNLElBQUksQ0FBQyxvQkFBb0IsQ0FBQyxLQUFLLENBQUMsQ0FBQztRQUNoRCxDQUFDO1FBQUMsT0FBTyxDQUFNLEVBQUUsQ0FBQztZQUNoQixNQUFNLElBQUksQ0FBQyxRQUFRLENBQUMsTUFBTSxDQUFDLFlBQUUsQ0FBQyxvQkFBb0IsQ0FBQyxHQUFHLENBQUMsR0FBRyxJQUFBLHlCQUFrQixFQUFDLENBQUMsQ0FBQyxFQUFFLENBQUMsQ0FBQyxDQUFDO1FBQ3RGLENBQUM7UUFDRCxPQUFPLElBQUksQ0FBQyw2QkFBNkIsQ0FBQyxLQUFLLEVBQUUsV0FBSSxDQUFDLFVBQVUsQ0FBQyxDQUFDO0lBQ3BFLENBQUM7SUFFRDs7Ozs7Ozs7T0FRRztJQUNLLEtBQUssQ0FBQyw2QkFBNkIsQ0FBQyxLQUF3QyxFQUFFLElBQVU7UUFDOUYsSUFBSSxDQUFDLEtBQUssQ0FBQyxXQUFXLEVBQUUsQ0FBQztZQUN2QixNQUFNLElBQUksa0JBQVksQ0FBQyxhQUFhLEtBQUssQ0FBQyxXQUFXLCtCQUErQixDQUFDLENBQUM7UUFDeEYsQ0FBQztRQUVELE9BQU8sSUFBSSxDQUFDLFVBQVUsQ0FBQztZQUNyQixXQUFXLEVBQUUsS0FBSyxDQUFDLFdBQVc7WUFDOUIsSUFBSTtZQUNKLGFBQWEsRUFBRSxLQUFLLENBQUMsYUFBYTtZQUNsQyxvQkFBb0IsRUFBRSxLQUFLLENBQUMsb0JBQW9CO1lBQ2hELDJCQUEyQixFQUFFLEtBQUssQ0FBQywyQkFBMkI7U0FDL0QsQ0FBQyxDQUFDO0lBQ0wsQ0FBQztJQUVEOztPQUVHO0lBQ0ssS0FBSyxDQUFDLFVBQVUsQ0FDdEIsT0FBOEI7UUFFOUIsTUFBTSxtQkFBbUIsR0FBRyxNQUFNLElBQUksQ0FBQyxXQUFXLENBQUMsa0JBQWtCLENBQUMsT0FBTyxDQUFDLFdBQVcsQ0FBQyxDQUFDO1FBRTNGLDZFQUE2RTtRQUM3RSxNQUFNLEVBQUUsYUFBYSxFQUFFLEdBQUcsTUFBTSxJQUFBLHFDQUFzQixFQUFDO1lBQ3JELGFBQWEsRUFBRSxPQUFPLENBQUMsYUFBYTtTQUNyQyxFQUFFLG1CQUFtQixFQUFFLElBQUksQ0FBQyxXQUFXLENBQUMsQ0FBQztRQUUxQyxNQUFNLFFBQVEsR0FBRyxNQUFNLElBQUksQ0FBQyx1QkFBdUIsQ0FBQyxtQkFBbUIsRUFBRSxPQUFPLENBQUMsSUFBSSxFQUFFO1lBQ3JGLGFBQWE7WUFDYixvQkFBb0IsRUFBRSxPQUFPLENBQUMsb0JBQW9CO1lBQ2xELDJCQUEyQixFQUFFLE9BQU8sQ0FBQywyQkFBMkI7U0FDakUsQ0FBQyxDQUFDO1FBRUgsT0FBTztZQUNMLEdBQUcsRUFBRSxRQUFRLENBQUMsR0FBRztZQUNqQixtQkFBbUI7WUFDbkIsU0FBUyxFQUFFLElBQUksQ0FBQyxvQkFBb0IsQ0FBQyxHQUFHLENBQUMsbUJBQW1CLEVBQUUsUUFBUSxDQUFDLEdBQUcsRUFBRSxJQUFJLENBQUMsUUFBUSxDQUFDO1lBQzFGLHNHQUFzRztZQUN0RywyQ0FBMkM7WUFDM0MscUJBQXFCLEVBQUUsQ0FBQyxRQUFRLENBQUMsYUFBYSxJQUFJLENBQUMsQ0FBQyxhQUFhO1lBQ2pFLGFBQWEsRUFBRSxRQUFRLENBQUMsYUFBYTtZQUNyQyxtQkFBbUIsRUFBRSxLQUFLLEVBQWdDLEdBQU0sRUFBRSxFQUFFO2dCQUNsRSxNQUFNLEdBQUcsR0FBRyxNQUFNLElBQUEscUNBQXNCLEVBQUMsRUFBRSxHQUFHLEVBQUUsRUFBRSxtQkFBbUIsRUFBRSxJQUFJLENBQUMsV0FBVyxDQUFDLENBQUM7Z0JBQ3pGLE9BQU8sR0FBRyxDQUFDLEdBQUcsQ0FBQztZQUNqQixDQUFDO1NBQ0YsQ0FBQztJQUNKLENBQUM7SUFFTyxLQUFLLENBQUMsdUJBQXVCLENBQ25DLFdBQThCLEVBQzlCLElBQVUsRUFDVixPQUE0QjtRQUU1QixNQUFNLGdCQUFnQixHQUFHO1lBQ3ZCLFdBQVcsQ0FBQyxPQUFPO1lBQ25CLFdBQVcsQ0FBQyxNQUFNO1lBQ2xCLEdBQUcsSUFBSSxFQUFFO1lBQ1QsT0FBTyxFQUFFLGFBQWEsSUFBSSxFQUFFO1lBQzVCLE9BQU8sRUFBRSxvQkFBb0IsSUFBSSxFQUFFO1NBQ3BDLENBQUM7UUFFRixJQUFJLE9BQU8sRUFBRSwyQkFBMkIsRUFBRSxDQUFDO1lBQ3pDLGdCQUFnQixDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsU0FBUyxDQUFDLE9BQU8sQ0FBQywyQkFBMkIsQ0FBQyxDQUFDLENBQUM7UUFDN0UsQ0FBQztRQUVELE1BQU0sUUFBUSxHQUFHLGdCQUFnQixDQUFDLElBQUksQ0FBQyxHQUFHLENBQUMsQ0FBQztRQUM1QyxNQUFNLFFBQVEsR0FBRyxJQUFJLENBQUMsUUFBUSxDQUFDLEdBQUcsQ0FBQyxRQUFRLENBQUMsQ0FBQztRQUM3QyxJQUFJLFFBQVEsRUFBRSxDQUFDO1lBQ2IsT0FBTyxRQUFRLENBQUM7UUFDbEIsQ0FBQztRQUNELE1BQU0sR0FBRyxHQUFHLE1BQU0sSUFBSSxDQUFDLFdBQVcsQ0FBQyxjQUFjLENBQUMsV0FBVyxFQUFFLElBQUksRUFBRSxPQUFPLENBQUMsQ0FBQztRQUM5RSxJQUFJLENBQUMsUUFBUSxDQUFDLEdBQUcsQ0FBQyxRQUFRLEVBQUUsR0FBRyxDQUFDLENBQUM7UUFDakMsT0FBTyxHQUFHLENBQUM7SUFDYixDQUFDO0NBQ0Y7QUE3TUQsOENBNk1DIiwic291cmNlc0NvbnRlbnQiOlsiaW1wb3J0IHR5cGUgKiBhcyBjeGFwaSBmcm9tICdAYXdzLWNkay9jeC1hcGknO1xuaW1wb3J0IHR5cGUgeyBTREsgfSBmcm9tICcuLi9hd3MtYXV0aCc7XG5pbXBvcnQgdHlwZSB7IEVudmlyb25tZW50UmVzb3VyY2VzIH0gZnJvbSAnLi9lbnZpcm9ubWVudC1yZXNvdXJjZXMnO1xuaW1wb3J0IHsgRW52aXJvbm1lbnRSZXNvdXJjZXNSZWdpc3RyeSB9IGZyb20gJy4vZW52aXJvbm1lbnQtcmVzb3VyY2VzJztcbmltcG9ydCB0eXBlIHsgU3RyaW5nV2l0aG91dFBsYWNlaG9sZGVycyB9IGZyb20gJy4vcGxhY2Vob2xkZXJzJztcbmltcG9ydCB7IHJlcGxhY2VFbnZQbGFjZWhvbGRlcnMgfSBmcm9tICcuL3BsYWNlaG9sZGVycyc7XG5pbXBvcnQgeyBUb29sa2l0RXJyb3IgfSBmcm9tICcuLi8uLi8uLi8uLi9AYXdzLWNkay90bXAtdG9vbGtpdC1oZWxwZXJzL3NyYy9hcGknO1xuaW1wb3J0IHsgSU8sIHR5cGUgSW9IZWxwZXIgfSBmcm9tICcuLi8uLi8uLi8uLi9AYXdzLWNkay90bXAtdG9vbGtpdC1oZWxwZXJzL3NyYy9hcGkvaW8vcHJpdmF0ZSc7XG5pbXBvcnQgeyBmb3JtYXRFcnJvck1lc3NhZ2UgfSBmcm9tICcuLi8uLi91dGlsJztcbmltcG9ydCB0eXBlIHsgQ3JlZGVudGlhbHNPcHRpb25zLCBTZGtGb3JFbnZpcm9ubWVudCwgU2RrUHJvdmlkZXIgfSBmcm9tICcuLi9hd3MtYXV0aC9zZGstcHJvdmlkZXInO1xuaW1wb3J0IHsgTW9kZSB9IGZyb20gJy4uL3BsdWdpbi9tb2RlJztcblxuLyoqXG4gKiBBY2Nlc3MgcGFydGljdWxhciBBV1MgcmVzb3VyY2VzLCBiYXNlZCBvbiBpbmZvcm1hdGlvbiBmcm9tIHRoZSBDWCBtYW5pZmVzdFxuICpcbiAqIEl0IGlzIG5vdCBwb3NzaWJsZSB0byBncmFiIGRpcmVjdCBhY2Nlc3MgdG8gQVdTIGNyZWRlbnRpYWxzOyA5IHRpbWVzIG91dCBvZiAxMFxuICogd2UgaGF2ZSB0byBhbGxvdyBmb3Igcm9sZSBhc3N1bXB0aW9uLCBhbmQgcm9sZSBhc3N1bXB0aW9uIGNhbiBvbmx5IHdvcmsgaWZcbiAqIHRoZXJlIGlzIGEgQ1ggTWFuaWZlc3QgdGhhdCBjb250YWlucyBhIHJvbGUgQVJOLlxuICpcbiAqIFRoaXMgY2xhc3MgZXhpc3RzIHNvIG5ldyBjb2RlIGlzbid0IHRlbXB0ZWQgdG8gZ28gYW5kIGdldCBTREsgY3JlZGVudGlhbHMgZGlyZWN0bHkuXG4gKi9cbmV4cG9ydCBjbGFzcyBFbnZpcm9ubWVudEFjY2VzcyB7XG4gIHByaXZhdGUgcmVhZG9ubHkgc2RrQ2FjaGUgPSBuZXcgTWFwPHN0cmluZywgU2RrRm9yRW52aXJvbm1lbnQ+KCk7XG4gIHByaXZhdGUgcmVhZG9ubHkgZW52aXJvbm1lbnRSZXNvdXJjZXM6IEVudmlyb25tZW50UmVzb3VyY2VzUmVnaXN0cnk7XG4gIHByaXZhdGUgcmVhZG9ubHkgaW9IZWxwZXI6IElvSGVscGVyO1xuXG4gIGNvbnN0cnVjdG9yKHByaXZhdGUgcmVhZG9ubHkgc2RrUHJvdmlkZXI6IFNka1Byb3ZpZGVyLCB0b29sa2l0U3RhY2tOYW1lOiBzdHJpbmcsIGlvSGVscGVyOiBJb0hlbHBlcikge1xuICAgIHRoaXMuZW52aXJvbm1lbnRSZXNvdXJjZXMgPSBuZXcgRW52aXJvbm1lbnRSZXNvdXJjZXNSZWdpc3RyeSh0b29sa2l0U3RhY2tOYW1lKTtcbiAgICB0aGlzLmlvSGVscGVyID0gaW9IZWxwZXI7XG4gIH1cblxuICAvKipcbiAgICogUmVzb2x2ZXMgdGhlIGVudmlyb25tZW50IGZvciBhIHN0YWNrLlxuICAgKi9cbiAgcHVibGljIGFzeW5jIHJlc29sdmVTdGFja0Vudmlyb25tZW50KHN0YWNrOiBjeGFwaS5DbG91ZEZvcm1hdGlvblN0YWNrQXJ0aWZhY3QpOiBQcm9taXNlPGN4YXBpLkVudmlyb25tZW50PiB7XG4gICAgcmV0dXJuIHRoaXMuc2RrUHJvdmlkZXIucmVzb2x2ZUVudmlyb25tZW50KHN0YWNrLmVudmlyb25tZW50KTtcbiAgfVxuXG4gIC8qKlxuICAgKiBHZXQgYW4gU0RLIHRvIGFjY2VzcyB0aGUgZ2l2ZW4gc3RhY2sncyBlbnZpcm9ubWVudCBmb3Igc3RhY2sgb3BlcmF0aW9uc1xuICAgKlxuICAgKiBXaWxsIGFzayBwbHVnaW5zIGZvciByZWFkb25seSBjcmVkZW50aWFscyBpZiBhdmFpbGFibGUsIHVzZSB0aGUgZGVmYXVsdFxuICAgKiBBV1MgY3JlZGVudGlhbHMgaWYgbm90LlxuICAgKlxuICAgKiBXaWxsIGFzc3VtZSB0aGUgZGVwbG95IHJvbGUgaWYgY29uZmlndXJlZCBvbiB0aGUgc3RhY2suIENoZWNrIHRoZSBkZWZhdWx0IGBkZXBsb3ktcm9sZWBcbiAgICogcG9saWNpZXMgdG8gc2VlIHdoYXQgeW91IGNhbiBkbyB3aXRoIHRoaXMgcm9sZS5cbiAgICovXG4gIHB1YmxpYyBhc3luYyBhY2Nlc3NTdGFja0ZvclJlYWRPbmx5U3RhY2tPcGVyYXRpb25zKHN0YWNrOiBjeGFwaS5DbG91ZEZvcm1hdGlvblN0YWNrQXJ0aWZhY3QpOiBQcm9taXNlPFRhcmdldEVudmlyb25tZW50PiB7XG4gICAgcmV0dXJuIHRoaXMuYWNjZXNzU3RhY2tGb3JTdGFja09wZXJhdGlvbnMoc3RhY2ssIE1vZGUuRm9yUmVhZGluZyk7XG4gIH1cblxuICAvKipcbiAgICogR2V0IGFuIFNESyB0byBhY2Nlc3MgdGhlIGdpdmVuIHN0YWNrJ3MgZW52aXJvbm1lbnQgZm9yIHN0YWNrIG9wZXJhdGlvbnNcbiAgICpcbiAgICogV2lsbCBhc2sgcGx1Z2lucyBmb3IgbXV0YXRpbmcgY3JlZGVudGlhbHMgaWYgYXZhaWxhYmxlLCB1c2UgdGhlIGRlZmF1bHQgQVdTXG4gICAqIGNyZWRlbnRpYWxzIGlmIG5vdC4gIFRoZSBgbW9kZWAgcGFyYW1ldGVyIGlzIG9ubHkgdXNlZCBmb3IgcXVlcnlpbmdcbiAgICogcGx1Z2lucy5cbiAgICpcbiAgICogV2lsbCBhc3N1bWUgdGhlIGRlcGxveSByb2xlIGlmIGNvbmZpZ3VyZWQgb24gdGhlIHN0YWNrLiBDaGVjayB0aGUgZGVmYXVsdCBgZGVwbG95LXJvbGVgXG4gICAqIHBvbGljaWVzIHRvIHNlZSB3aGF0IHlvdSBjYW4gZG8gd2l0aCB0aGlzIHJvbGUuXG4gICAqL1xuICBwdWJsaWMgYXN5bmMgYWNjZXNzU3RhY2tGb3JNdXRhYmxlU3RhY2tPcGVyYXRpb25zKHN0YWNrOiBjeGFwaS5DbG91ZEZvcm1hdGlvblN0YWNrQXJ0aWZhY3QpOiBQcm9taXNlPFRhcmdldEVudmlyb25tZW50PiB7XG4gICAgcmV0dXJuIHRoaXMuYWNjZXNzU3RhY2tGb3JTdGFja09wZXJhdGlvbnMoc3RhY2ssIE1vZGUuRm9yV3JpdGluZyk7XG4gIH1cblxuICAvKipcbiAgICogR2V0IGFuIFNESyB0byBhY2Nlc3MgdGhlIGdpdmVuIHN0YWNrJ3MgZW52aXJvbm1lbnQgZm9yIGVudmlyb25tZW50YWwgbG9va3Vwc1xuICAgKlxuICAgKiBXaWxsIHVzZSBhIHBsdWdpbiBpZiBhdmFpbGFibGUsIHVzZSB0aGUgZGVmYXVsdCBBV1MgY3JlZGVudGlhbHMgaWYgbm90LlxuICAgKiBUaGUgYG1vZGVgIHBhcmFtZXRlciBpcyBvbmx5IHVzZWQgZm9yIHF1ZXJ5aW5nIHBsdWdpbnMuXG4gICAqXG4gICAqIFdpbGwgYXNzdW1lIHRoZSBsb29rdXAgcm9sZSBpZiBjb25maWd1cmVkIG9uIHRoZSBzdGFjay4gQ2hlY2sgdGhlIGRlZmF1bHQgYGxvb2t1cC1yb2xlYFxuICAgKiBwb2xpY2llcyB0byBzZWUgd2hhdCB5b3UgY2FuIGRvIHdpdGggdGhpcyByb2xlLiBJdCBjYW4gZ2VuZXJhbGx5IHJlYWQgZXZlcnl0aGluZ1xuICAgKiBpbiB0aGUgYWNjb3VudCB0aGF0IGRvZXMgbm90IHJlcXVpcmUgS01TIGFjY2Vzcy5cbiAgICpcbiAgICogLS0tXG4gICAqXG4gICAqIEZvciBiYWNrd2FyZHMgY29tcGF0aWJpbGl0eSByZWFzb25zLCB0aGVyZSBhcmUgc29tZSBzY2VuYXJpb3MgdGhhdCBhcmUgaGFuZGxlZCBoZXJlOlxuICAgKlxuICAgKiAgMS4gVGhlIGxvb2t1cCByb2xlIG1heSBub3QgZXhpc3QgKGl0IHdhcyBhZGRlZCBpbiBib290c3RyYXAgc3RhY2sgdmVyc2lvbiA3KS4gSWYgc286XG4gICAqICAgICBhLiBSZXR1cm4gdGhlIGRlZmF1bHQgY3JlZGVudGlhbHMgaWYgdGhlIGRlZmF1bHQgY3JlZGVudGlhbHMgYXJlIGZvciB0aGUgc3RhY2sgYWNjb3VudFxuICAgKiAgICAgICAgKHlvdSB3aWxsIG5vdGljZSB0aGlzIGFzIGBpc0ZhbGxiYWNrQ3JlZGVudGlhbHM9dHJ1ZWApLlxuICAgKiAgICAgYi4gVGhyb3cgYW4gZXJyb3IgaWYgdGhlIGRlZmF1bHQgY3JlZGVudGlhbHMgYXJlIG5vdCBmb3IgdGhlIHN0YWNrIGFjY291bnQuXG4gICAqXG4gICAqICAyLiBUaGUgbG9va3VwIHJvbGUgbWF5IG5vdCBoYXZlIHRoZSBjb3JyZWN0IHBlcm1pc3Npb25zIChmb3IgZXhhbXBsZSwgUmVhZE9ubHlBY2Nlc3Mgd2FzIGFkZGVkIGluXG4gICAqICAgICBib290c3RyYXAgc3RhY2sgdmVyc2lvbiA4KTsgdGhlIHN0YWNrIHdpbGwgaGF2ZSBhIG1pbmltdW0gdmVyc2lvbiBudW1iZXIgb24gaXQuXG4gICAqICAgICBhLiBJZiBpdCBkb2VzIG5vdCB3ZSB0aHJvdyBhbiBlcnJvciB3aGljaCBzaG91bGQgYmUgaGFuZGxlZCBpbiB0aGUgY2FsbGluZ1xuICAgKiAgICAgICAgZnVuY3Rpb24gKGFuZCBmYWxsYmFjayB0byB1c2UgYSBkaWZmZXJlbnQgcm9sZSwgZXRjKVxuICAgKlxuICAgKiBVcG9uIHN1Y2Nlc3MsIGNhbGxlciB3aWxsIGhhdmUgYW4gU0RLIGZvciB0aGUgcmlnaHQgYWNjb3VudCwgd2hpY2ggbWF5IG9yIG1heSBub3QgaGF2ZVxuICAgKiB0aGUgcmlnaHQgcGVybWlzc2lvbnMuXG4gICAqL1xuICBwdWJsaWMgYXN5bmMgYWNjZXNzU3RhY2tGb3JMb29rdXAoc3RhY2s6IGN4YXBpLkNsb3VkRm9ybWF0aW9uU3RhY2tBcnRpZmFjdCk6IFByb21pc2U8VGFyZ2V0RW52aXJvbm1lbnQ+IHtcbiAgICBpZiAoIXN0YWNrLmVudmlyb25tZW50KSB7XG4gICAgICB0aHJvdyBuZXcgVG9vbGtpdEVycm9yKGBUaGUgc3RhY2sgJHtzdGFjay5kaXNwbGF5TmFtZX0gZG9lcyBub3QgaGF2ZSBhbiBlbnZpcm9ubWVudGApO1xuICAgIH1cblxuICAgIGNvbnN0IGxvb2t1cEVudiA9IGF3YWl0IHRoaXMucHJlcGFyZVNkayh7XG4gICAgICBlbnZpcm9ubWVudDogc3RhY2suZW52aXJvbm1lbnQsXG4gICAgICBtb2RlOiBNb2RlLkZvclJlYWRpbmcsXG4gICAgICBhc3N1bWVSb2xlQXJuOiBzdGFjay5sb29rdXBSb2xlPy5hcm4sXG4gICAgICBhc3N1bWVSb2xlRXh0ZXJuYWxJZDogc3RhY2subG9va3VwUm9sZT8uYXNzdW1lUm9sZUV4dGVybmFsSWQsXG4gICAgICBhc3N1bWVSb2xlQWRkaXRpb25hbE9wdGlvbnM6IHN0YWNrLmxvb2t1cFJvbGU/LmFzc3VtZVJvbGVBZGRpdGlvbmFsT3B0aW9ucyxcbiAgICB9KTtcblxuICAgIC8vIGlmIHdlIHN1Y2NlZWQgaW4gYXNzdW1pbmcgdGhlIGxvb2t1cCByb2xlLCBtYWtlIHN1cmUgd2UgaGF2ZSB0aGUgY29ycmVjdCBib290c3RyYXAgc3RhY2sgdmVyc2lvblxuICAgIGlmIChsb29rdXBFbnYuZGlkQXNzdW1lUm9sZSAmJiBzdGFjay5sb29rdXBSb2xlPy5ib290c3RyYXBTdGFja1ZlcnNpb25Tc21QYXJhbWV0ZXIgJiYgc3RhY2subG9va3VwUm9sZS5yZXF1aXJlc0Jvb3RzdHJhcFN0YWNrVmVyc2lvbikge1xuICAgICAgY29uc3QgdmVyc2lvbiA9IGF3YWl0IGxvb2t1cEVudi5yZXNvdXJjZXMudmVyc2lvbkZyb21Tc21QYXJhbWV0ZXIoc3RhY2subG9va3VwUm9sZS5ib290c3RyYXBTdGFja1ZlcnNpb25Tc21QYXJhbWV0ZXIpO1xuICAgICAgaWYgKHZlcnNpb24gPCBzdGFjay5sb29rdXBSb2xlLnJlcXVpcmVzQm9vdHN0cmFwU3RhY2tWZXJzaW9uKSB7XG4gICAgICAgIHRocm93IG5ldyBUb29sa2l0RXJyb3IoYEJvb3RzdHJhcCBzdGFjayB2ZXJzaW9uICcke3N0YWNrLmxvb2t1cFJvbGUucmVxdWlyZXNCb290c3RyYXBTdGFja1ZlcnNpb259JyBpcyByZXF1aXJlZCwgZm91bmQgdmVyc2lvbiAnJHt2ZXJzaW9ufScuIFRvIGdldCByaWQgb2YgdGhpcyBlcnJvciwgcGxlYXNlIHVwZ3JhZGUgdG8gYm9vdHN0cmFwIHZlcnNpb24gPj0gJHtzdGFjay5sb29rdXBSb2xlLnJlcXVpcmVzQm9vdHN0cmFwU3RhY2tWZXJzaW9ufWApO1xuICAgICAgfVxuICAgIH1cbiAgICBpZiAobG9va3VwRW52LmlzRmFsbGJhY2tDcmVkZW50aWFscykge1xuICAgICAgY29uc3QgYXJuID0gYXdhaXQgbG9va3VwRW52LnJlcGxhY2VQbGFjZWhvbGRlcnMoc3RhY2subG9va3VwUm9sZT8uYXJuKTtcbiAgICAgIGF3YWl0IHRoaXMuaW9IZWxwZXIubm90aWZ5KElPLkRFRkFVTFRfVE9PTEtJVF9XQVJOLm1zZyhgTG9va3VwIHJvbGUgJHthcm59IHdhcyBub3QgYXNzdW1lZC4gUHJvY2VlZGluZyB3aXRoIGRlZmF1bHQgY3JlZGVudGlhbHMuYCkpO1xuICAgIH1cbiAgICByZXR1cm4gbG9va3VwRW52O1xuICB9XG5cbiAgLyoqXG4gICAqIEdldCBhbiBTREsgdG8gYWNjZXNzIHRoZSBnaXZlbiBzdGFjaydzIGVudmlyb25tZW50IGZvciByZWFkaW5nIHN0YWNrIGF0dHJpYnV0ZXNcbiAgICpcbiAgICogV2lsbCB1c2UgYSBwbHVnaW4gaWYgYXZhaWxhYmxlLCB1c2UgdGhlIGRlZmF1bHQgQVdTIGNyZWRlbnRpYWxzIGlmIG5vdC5cbiAgICogVGhlIGBtb2RlYCBwYXJhbWV0ZXIgaXMgb25seSB1c2VkIGZvciBxdWVyeWluZyBwbHVnaW5zLlxuICAgKlxuICAgKiBXaWxsIHRyeSB0byBhc3N1bWUgdGhlIGxvb2t1cCByb2xlIGlmIGdpdmVuLCB3aWxsIHVzZSB0aGUgcmVndWxhciBzdGFjayBvcGVyYXRpb25zXG4gICAqIGFjY2VzcyAoZGVwbG95LXJvbGUpIG90aGVyd2lzZS4gV2hlbiBjYWxsaW5nIHRoaXMsIHlvdSBzaG91bGQgYXNzdW1lIHRoYXQgeW91IHdpbGwgZ2V0XG4gICAqIHRoZSBsZWFzdCBwcml2aWxlZ2VkIHJvbGUsIHNvIGRvbid0IHRyeSB0byB1c2UgaXQgZm9yIGFueXRoaW5nIHRoZSBgZGVwbG95LXJvbGVgXG4gICAqIHdvdWxkbid0IGJlIGFibGUgdG8gZG8uIEFsc28geW91IGNhbm5vdCByZWx5IG9uIGJlaW5nIGFibGUgdG8gcmVhZCBlbmNyeXB0ZWQgYW55dGhpbmcuXG4gICAqL1xuICBwdWJsaWMgYXN5bmMgYWNjZXNzU3RhY2tGb3JMb29rdXBCZXN0RWZmb3J0KHN0YWNrOiBjeGFwaS5DbG91ZEZvcm1hdGlvblN0YWNrQXJ0aWZhY3QpOiBQcm9taXNlPFRhcmdldEVudmlyb25tZW50PiB7XG4gICAgaWYgKCFzdGFjay5lbnZpcm9ubWVudCkge1xuICAgICAgdGhyb3cgbmV3IFRvb2xraXRFcnJvcihgVGhlIHN0YWNrICR7c3RhY2suZGlzcGxheU5hbWV9IGRvZXMgbm90IGhhdmUgYW4gZW52aXJvbm1lbnRgKTtcbiAgICB9XG5cbiAgICB0cnkge1xuICAgICAgcmV0dXJuIGF3YWl0IHRoaXMuYWNjZXNzU3RhY2tGb3JMb29rdXAoc3RhY2spO1xuICAgIH0gY2F0Y2ggKGU6IGFueSkge1xuICAgICAgYXdhaXQgdGhpcy5pb0hlbHBlci5ub3RpZnkoSU8uREVGQVVMVF9UT09MS0lUX1dBUk4ubXNnKGAke2Zvcm1hdEVycm9yTWVzc2FnZShlKX1gKSk7XG4gICAgfVxuICAgIHJldHVybiB0aGlzLmFjY2Vzc1N0YWNrRm9yU3RhY2tPcGVyYXRpb25zKHN0YWNrLCBNb2RlLkZvclJlYWRpbmcpO1xuICB9XG5cbiAgLyoqXG4gICAqIEdldCBhbiBTREsgdG8gYWNjZXNzIHRoZSBnaXZlbiBzdGFjaydzIGVudmlyb25tZW50IGZvciBzdGFjayBvcGVyYXRpb25zXG4gICAqXG4gICAqIFdpbGwgdXNlIGEgcGx1Z2luIGlmIGF2YWlsYWJsZSwgdXNlIHRoZSBkZWZhdWx0IEFXUyBjcmVkZW50aWFscyBpZiBub3QuXG4gICAqIFRoZSBgbW9kZWAgcGFyYW1ldGVyIGlzIG9ubHkgdXNlZCBmb3IgcXVlcnlpbmcgcGx1Z2lucy5cbiAgICpcbiAgICogV2lsbCBhc3N1bWUgdGhlIGRlcGxveSByb2xlIGlmIGNvbmZpZ3VyZWQgb24gdGhlIHN0YWNrLiBDaGVjayB0aGUgZGVmYXVsdCBgZGVwbG95LXJvbGVgXG4gICAqIHBvbGljaWVzIHRvIHNlZSB3aGF0IHlvdSBjYW4gZG8gd2l0aCB0aGlzIHJvbGUuXG4gICAqL1xuICBwcml2YXRlIGFzeW5jIGFjY2Vzc1N0YWNrRm9yU3RhY2tPcGVyYXRpb25zKHN0YWNrOiBjeGFwaS5DbG91ZEZvcm1hdGlvblN0YWNrQXJ0aWZhY3QsIG1vZGU6IE1vZGUpOiBQcm9taXNlPFRhcmdldEVudmlyb25tZW50PiB7XG4gICAgaWYgKCFzdGFjay5lbnZpcm9ubWVudCkge1xuICAgICAgdGhyb3cgbmV3IFRvb2xraXRFcnJvcihgVGhlIHN0YWNrICR7c3RhY2suZGlzcGxheU5hbWV9IGRvZXMgbm90IGhhdmUgYW4gZW52aXJvbm1lbnRgKTtcbiAgICB9XG5cbiAgICByZXR1cm4gdGhpcy5wcmVwYXJlU2RrKHtcbiAgICAgIGVudmlyb25tZW50OiBzdGFjay5lbnZpcm9ubWVudCxcbiAgICAgIG1vZGUsXG4gICAgICBhc3N1bWVSb2xlQXJuOiBzdGFjay5hc3N1bWVSb2xlQXJuLFxuICAgICAgYXNzdW1lUm9sZUV4dGVybmFsSWQ6IHN0YWNrLmFzc3VtZVJvbGVFeHRlcm5hbElkLFxuICAgICAgYXNzdW1lUm9sZUFkZGl0aW9uYWxPcHRpb25zOiBzdGFjay5hc3N1bWVSb2xlQWRkaXRpb25hbE9wdGlvbnMsXG4gICAgfSk7XG4gIH1cblxuICAvKipcbiAgICogUHJlcGFyZSBhbiBTREsgZm9yIHVzZSBpbiB0aGUgZ2l2ZW4gZW52aXJvbm1lbnQgYW5kIG9wdGlvbmFsbHkgd2l0aCBhIHJvbGUgYXNzdW1lZC5cbiAgICovXG4gIHByaXZhdGUgYXN5bmMgcHJlcGFyZVNkayhcbiAgICBvcHRpb25zOiBQcmVwYXJlU2RrUm9sZU9wdGlvbnMsXG4gICk6IFByb21pc2U8VGFyZ2V0RW52aXJvbm1lbnQ+IHtcbiAgICBjb25zdCByZXNvbHZlZEVudmlyb25tZW50ID0gYXdhaXQgdGhpcy5zZGtQcm92aWRlci5yZXNvbHZlRW52aXJvbm1lbnQob3B0aW9ucy5lbnZpcm9ubWVudCk7XG5cbiAgICAvLyBTdWJzdGl0dXRlIGFueSBwbGFjZWhvbGRlcnMgd2l0aCBpbmZvcm1hdGlvbiBhYm91dCB0aGUgY3VycmVudCBlbnZpcm9ubWVudFxuICAgIGNvbnN0IHsgYXNzdW1lUm9sZUFybiB9ID0gYXdhaXQgcmVwbGFjZUVudlBsYWNlaG9sZGVycyh7XG4gICAgICBhc3N1bWVSb2xlQXJuOiBvcHRpb25zLmFzc3VtZVJvbGVBcm4sXG4gICAgfSwgcmVzb2x2ZWRFbnZpcm9ubWVudCwgdGhpcy5zZGtQcm92aWRlcik7XG5cbiAgICBjb25zdCBzdGFja1NkayA9IGF3YWl0IHRoaXMuY2FjaGVkU2RrRm9yRW52aXJvbm1lbnQocmVzb2x2ZWRFbnZpcm9ubWVudCwgb3B0aW9ucy5tb2RlLCB7XG4gICAgICBhc3N1bWVSb2xlQXJuLFxuICAgICAgYXNzdW1lUm9sZUV4dGVybmFsSWQ6IG9wdGlvbnMuYXNzdW1lUm9sZUV4dGVybmFsSWQsXG4gICAgICBhc3N1bWVSb2xlQWRkaXRpb25hbE9wdGlvbnM6IG9wdGlvbnMuYXNzdW1lUm9sZUFkZGl0aW9uYWxPcHRpb25zLFxuICAgIH0pO1xuXG4gICAgcmV0dXJuIHtcbiAgICAgIHNkazogc3RhY2tTZGsuc2RrLFxuICAgICAgcmVzb2x2ZWRFbnZpcm9ubWVudCxcbiAgICAgIHJlc291cmNlczogdGhpcy5lbnZpcm9ubWVudFJlc291cmNlcy5mb3IocmVzb2x2ZWRFbnZpcm9ubWVudCwgc3RhY2tTZGsuc2RrLCB0aGlzLmlvSGVscGVyKSxcbiAgICAgIC8vIElmIHdlIGFza2VkIGZvciBhIHJvbGUsIGRpZCBub3Qgc3VjY2Vzc2Z1bGx5IGFzc3VtZSBpdCwgYW5kIHlldCBnb3QgaGVyZSB3aXRob3V0IGFuIGV4Y2VwdGlvbjogdGhhdFxuICAgICAgLy8gbWVhbnMgd2UgbXVzdCBoYXZlIGZhbGxiYWNrIGNyZWRlbnRpYWxzLlxuICAgICAgaXNGYWxsYmFja0NyZWRlbnRpYWxzOiAhc3RhY2tTZGsuZGlkQXNzdW1lUm9sZSAmJiAhIWFzc3VtZVJvbGVBcm4sXG4gICAgICBkaWRBc3N1bWVSb2xlOiBzdGFja1Nkay5kaWRBc3N1bWVSb2xlLFxuICAgICAgcmVwbGFjZVBsYWNlaG9sZGVyczogYXN5bmMgPEEgZXh0ZW5kcyBzdHJpbmcgfCB1bmRlZmluZWQ+KHN0cjogQSkgPT4ge1xuICAgICAgICBjb25zdCByZXQgPSBhd2FpdCByZXBsYWNlRW52UGxhY2Vob2xkZXJzKHsgc3RyIH0sIHJlc29sdmVkRW52aXJvbm1lbnQsIHRoaXMuc2RrUHJvdmlkZXIpO1xuICAgICAgICByZXR1cm4gcmV0LnN0cjtcbiAgICAgIH0sXG4gICAgfTtcbiAgfVxuXG4gIHByaXZhdGUgYXN5bmMgY2FjaGVkU2RrRm9yRW52aXJvbm1lbnQoXG4gICAgZW52aXJvbm1lbnQ6IGN4YXBpLkVudmlyb25tZW50LFxuICAgIG1vZGU6IE1vZGUsXG4gICAgb3B0aW9ucz86IENyZWRlbnRpYWxzT3B0aW9ucyxcbiAgKSB7XG4gICAgY29uc3QgY2FjaGVLZXlFbGVtZW50cyA9IFtcbiAgICAgIGVudmlyb25tZW50LmFjY291bnQsXG4gICAgICBlbnZpcm9ubWVudC5yZWdpb24sXG4gICAgICBgJHttb2RlfWAsXG4gICAgICBvcHRpb25zPy5hc3N1bWVSb2xlQXJuID8/ICcnLFxuICAgICAgb3B0aW9ucz8uYXNzdW1lUm9sZUV4dGVybmFsSWQgPz8gJycsXG4gICAgXTtcblxuICAgIGlmIChvcHRpb25zPy5hc3N1bWVSb2xlQWRkaXRpb25hbE9wdGlvbnMpIHtcbiAgICAgIGNhY2hlS2V5RWxlbWVudHMucHVzaChKU09OLnN0cmluZ2lmeShvcHRpb25zLmFzc3VtZVJvbGVBZGRpdGlvbmFsT3B0aW9ucykpO1xuICAgIH1cblxuICAgIGNvbnN0IGNhY2hlS2V5ID0gY2FjaGVLZXlFbGVtZW50cy5qb2luKCc6Jyk7XG4gICAgY29uc3QgZXhpc3RpbmcgPSB0aGlzLnNka0NhY2hlLmdldChjYWNoZUtleSk7XG4gICAgaWYgKGV4aXN0aW5nKSB7XG4gICAgICByZXR1cm4gZXhpc3Rpbmc7XG4gICAgfVxuICAgIGNvbnN0IHJldCA9IGF3YWl0IHRoaXMuc2RrUHJvdmlkZXIuZm9yRW52aXJvbm1lbnQoZW52aXJvbm1lbnQsIG1vZGUsIG9wdGlvbnMpO1xuICAgIHRoaXMuc2RrQ2FjaGUuc2V0KGNhY2hlS2V5LCByZXQpO1xuICAgIHJldHVybiByZXQ7XG4gIH1cbn1cblxuLyoqXG4gKiBTREsgb2J0YWluZWQgYnkgYXNzdW1pbmcgdGhlIGRlcGxveSByb2xlXG4gKiBmb3IgYSBnaXZlbiBlbnZpcm9ubWVudFxuICovXG5leHBvcnQgaW50ZXJmYWNlIFRhcmdldEVudmlyb25tZW50IHtcbiAgLyoqXG4gICAqIFRoZSBTREsgZm9yIHRoZSBnaXZlbiBlbnZpcm9ubWVudFxuICAgKi9cbiAgcmVhZG9ubHkgc2RrOiBTREs7XG5cbiAgLyoqXG4gICAqIFRoZSByZXNvbHZlZCBlbnZpcm9ubWVudCBmb3IgdGhlIHN0YWNrXG4gICAqIChubyBtb3JlICd1bmtub3duLWFjY291bnQvdW5rbm93bi1yZWdpb24nKVxuICAgKi9cbiAgcmVhZG9ubHkgcmVzb2x2ZWRFbnZpcm9ubWVudDogY3hhcGkuRW52aXJvbm1lbnQ7XG5cbiAgLyoqXG4gICAqIEFjY2VzcyBjbGFzcyBmb3IgZW52aXJvbm1lbnRhbCByZXNvdXJjZXMgdG8gaGVscCB0aGUgZGVwbG95bWVudFxuICAgKi9cbiAgcmVhZG9ubHkgcmVzb3VyY2VzOiBFbnZpcm9ubWVudFJlc291cmNlcztcblxuICAvKipcbiAgICogV2hldGhlciBvciBub3Qgd2UgYXNzdW1lZCBhIHJvbGUgaW4gdGhlIHByb2Nlc3Mgb2YgZ2V0dGluZyB0aGVzZSBjcmVkZW50aWFsc1xuICAgKi9cbiAgcmVhZG9ubHkgZGlkQXNzdW1lUm9sZTogYm9vbGVhbjtcblxuICAvKipcbiAgICogV2hldGhlciBvciBub3QgdGhlc2UgYXJlIGZhbGxiYWNrIGNyZWRlbnRpYWxzXG4gICAqXG4gICAqIEZhbGxiYWNrIGNyZWRlbnRpYWxzIG1lYW5zIHRoYXQgYXNzdW1pbmcgdGhlIGludGVuZGVkIHJvbGUgZmFpbGVkLCBidXQgdGhlXG4gICAqIGJhc2UgY3JlZGVudGlhbHMgaGFwcGVuIHRvIGJlIGZvciB0aGUgcmlnaHQgYWNjb3VudCBzbyB3ZSBqdXN0IHBpY2tlZCB0aG9zZVxuICAgKiBhbmQgaG9wZSB0aGUgZnV0dXJlIFNESyBjYWxscyBzdWNjZWVkLlxuICAgKlxuICAgKiBUaGlzIGlzIGEgYmFja3dhcmRzIGNvbXBhdGliaWxpdHkgbWVjaGFuaXNtIGZyb20gYXJvdW5kIHRoZSB0aW1lIHdlIGludHJvZHVjZWRcbiAgICogZGVwbG95bWVudCByb2xlcy5cbiAgICovXG4gIHJlYWRvbmx5IGlzRmFsbGJhY2tDcmVkZW50aWFsczogYm9vbGVhbjtcblxuICAvKipcbiAgICogUmVwbGFjZSBlbnZpcm9ubWVudCBwbGFjZWhvbGRlcnMgYWNjb3JkaW5nIHRvIHRoZSBjdXJyZW50IGVudmlyb25tZW50XG4gICAqL1xuICByZXBsYWNlUGxhY2Vob2xkZXJzKHg6IHN0cmluZyB8IHVuZGVmaW5lZCk6IFByb21pc2U8U3RyaW5nV2l0aG91dFBsYWNlaG9sZGVycyB8IHVuZGVmaW5lZD47XG59XG5cbmludGVyZmFjZSBQcmVwYXJlU2RrUm9sZU9wdGlvbnMge1xuICByZWFkb25seSBlbnZpcm9ubWVudDogY3hhcGkuRW52aXJvbm1lbnQ7XG4gIHJlYWRvbmx5IG1vZGU6IE1vZGU7XG4gIHJlYWRvbmx5IGFzc3VtZVJvbGVBcm4/OiBzdHJpbmc7XG4gIHJlYWRvbmx5IGFzc3VtZVJvbGVFeHRlcm5hbElkPzogc3RyaW5nO1xuICByZWFkb25seSBhc3N1bWVSb2xlQWRkaXRpb25hbE9wdGlvbnM/OiB7IFtrZXk6IHN0cmluZ106IGFueSB9O1xufVxuIl19