cdk-rds-sql/lib/role.js

A CDK construct that allows creating roles or users and databases on Aurora Serverless PostgreSQL or MySQL/MariaDB clusters, as well as AWS DSQL clusters.

"use strict";
var _a;
Object.defineProperty(exports, "__esModule", { value: true });
exports.Role = void 0;
const JSII_RTTI_SYMBOL_1 = Symbol.for("jsii.rtti");
const aws_cdk_lib_1 = require("aws-cdk-lib");
const iam = require("aws-cdk-lib/aws-iam");
const aws_secretsmanager_1 = require("aws-cdk-lib/aws-secretsmanager");
const ssm = require("aws-cdk-lib/aws-ssm");
const constructs_1 = require("constructs");
const enum_1 = require("./enum");
const provider_1 = require("./provider");
const role_custom_resource_1 = require("./role.custom-resource");
// Private Parameters construct (not exported)
class Parameters extends constructs_1.Construct {
    constructor(scope, id, props) {
        super(scope, id);
        // Create parameters for each key-value pair
        Object.entries(props.paramData).forEach(([key, value]) => {
            if (value !== undefined) {
                new ssm.StringParameter(this, `Parameter-${key}`, {
                    parameterName: `${props.parameterPrefix}${key}`,
                    stringValue: value.toString(),
                });
            }
        });
        // For password, use the existing provider to store it in SSM
        const passwordParameterName = `${props.parameterPrefix}password`;
        const password_parameter = new aws_cdk_lib_1.CustomResource(this, "PasswordParameter", {
            serviceToken: props.providerServiceToken,
            properties: {
                SecretArn: props.secretArn,
                Resource: enum_1.RdsSqlResource.PARAMETER_PASSWORD,
                PasswordArn: props.passwordArn,
                ParameterName: passwordParameterName,
            },
        });
        password_parameter.node.addDependency(props.provider);
        const paramArn = `arn:aws:ssm:${aws_cdk_lib_1.Stack.of(this).region}:${aws_cdk_lib_1.Stack.of(this).account}:parameter${passwordParameterName.startsWith("/") ? "" : "/"}${passwordParameterName}`;
        props.provider.handler.addToRolePolicy(new iam.PolicyStatement({
            actions: ["ssm:PutParameter", "ssm:AddTagsToResource", "ssm:GetParameters"],
            resources: [paramArn],
        }));
    }
}
class Role extends constructs_1.Construct {
    constructor(scope, id, props) {
        if (props.provider.engine !== provider_1.DatabaseEngine.DSQL) {
            if (props.database && props.databaseName) {
                throw "Specify either database or databaseName";
            }
            if (!props.database && !props.databaseName) {
                // If neither is specified, we might need a default or throw an error depending on desired behavior.
                // For now, let's assume it's allowed but the secret won't have a dbname.
                // If it should be required, uncomment the line below:
                throw "Specify either database or databaseName";
            }
        }
        super(scope, id);
        // DSQL doesn't use secrets - it always uses IAM authentication
        if (props.provider.engine !== provider_1.DatabaseEngine.DSQL) {
            // For imported providers without cluster details, provide helpful error message
            if (!props.provider.cluster) {
                throw new Error("Role creation requires cluster information. When importing a provider with " +
                    "Provider.fromProviderAttributes(), include the 'cluster' property if you plan " +
                    "to create new roles. Alternatively, use existing roles created with the original provider.");
            }
            // For RDS/Aurora clusters and instances, get endpoint details
            const host = props.provider.cluster.clusterEndpoint
                ? props.provider.cluster.clusterEndpoint.hostname
                : props.provider.cluster.instanceEndpoint.hostname;
            const port = props.provider.cluster.clusterEndpoint
                ? props.provider.cluster.clusterEndpoint.port
                : props.provider.cluster.instanceEndpoint.port;
            const identifier = props.provider.cluster.clusterIdentifier
                ? props.provider.cluster.clusterIdentifier
                : props.provider.cluster.instanceIdentifier;
            const secretTemplate = {
                dbClusterIdentifier: identifier,
                engine: props.provider.engine,
                host: host,
                port: port,
                username: props.roleName,
                dbname: props.database ? props.database.databaseName : props.databaseName,
            };
            this.secret = new aws_secretsmanager_1.Secret(this, "Secret", {
                secretName: props.secretName,
                encryptionKey: props.encryptionKey,
                description: `Generated secret for ${props.provider.engine} role ${props.roleName}`,
                ...(props.enableIamAuth
                    ? {
                        // For IAM auth, create secret without password generation
                        secretStringTemplate: JSON.stringify(secretTemplate),
                    }
                    : {
                        // For password auth, generate password
                        generateSecretString: {
                            passwordLength: 30, // Oracle password cannot have more than 30 characters
                            secretStringTemplate: JSON.stringify(secretTemplate),
                            generateStringKey: "password",
                            excludeCharacters: " %+~`#$&*()|[]{}:;<>?!'/@\"\\",
                        },
                    }),
                removalPolicy: aws_cdk_lib_1.RemovalPolicy.DESTROY,
            });
            // Create Parameters if parameterPrefix is provided
            if (props.parameterPrefix) {
                const paramData = {
                    dbClusterIdentifier: identifier,
                    engine: props.provider.engine,
                    host: host,
                    port: port,
                    username: props.roleName,
                    dbname: props.database ? props.database.databaseName : props.databaseName,
                };
                new Parameters(this, "Parameters", {
                    secretArn: props.provider.secret?.secretArn || "",
                    parameterPrefix: props.parameterPrefix,
                    passwordArn: props.enableIamAuth ? "" : this.secret.secretArn,
                    providerServiceToken: props.provider.serviceToken,
                    provider: props.provider,
                    paramData,
                });
            }
        }
        const role = new role_custom_resource_1.Role(this, "PostgresRole", {
            provider: props.provider,
            roleName: props.roleName,
            passwordArn: props.enableIamAuth || props.provider.engine === provider_1.DatabaseEngine.DSQL
                ? ""
                : this.secret.secretArn,
            database: props.database,
            databaseName: props.databaseName,
            enableIamAuth: props.enableIamAuth || props.provider.engine === provider_1.DatabaseEngine.DSQL,
        });
        if (this.secret) {
            role.node.addDependency(this.secret);
            this.secret.grantRead(props.provider.handler);
            if (this.secret.encryptionKey) {
                // It seems we need to grant explicit permission
                this.secret.encryptionKey.grantDecrypt(props.provider.handler);
            }
        }
        this.roleName = props.roleName;
    }
}
exports.Role = Role;
_a = JSII_RTTI_SYMBOL_1;
Role[_a] = { fqn: "cdk-rds-sql.Role", version: "7.3.2" };
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicm9sZS5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uL3NyYy9yb2xlLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7Ozs7O0FBQUEsNkNBQWtFO0FBQ2xFLDJDQUEwQztBQUcxQyx1RUFBZ0U7QUFDaEUsMkNBQTBDO0FBQzFDLDJDQUFzQztBQUV0QyxpQ0FBdUM7QUFDdkMseUNBQXNEO0FBQ3RELGlFQUFtRTtBQStFbkUsOENBQThDO0FBQzlDLE1BQU0sVUFBVyxTQUFRLHNCQUFTO0lBQ2hDLFlBQ0UsS0FBZ0IsRUFDaEIsRUFBVSxFQUNWLEtBT0M7UUFFRCxLQUFLLENBQUMsS0FBSyxFQUFFLEVBQUUsQ0FBQyxDQUFBO1FBRWhCLDRDQUE0QztRQUM1QyxNQUFNLENBQUMsT0FBTyxDQUFDLEtBQUssQ0FBQyxTQUFTLENBQUMsQ0FBQyxPQUFPLENBQUMsQ0FBQyxDQUFDLEdBQUcsRUFBRSxLQUFLLENBQUMsRUFBRSxFQUFFO1lBQ3ZELElBQUksS0FBSyxLQUFLLFNBQVMsRUFBRSxDQUFDO2dCQUN4QixJQUFJLEdBQUcsQ0FBQyxlQUFlLENBQUMsSUFBSSxFQUFFLGFBQWEsR0FBRyxFQUFFLEVBQUU7b0JBQ2hELGFBQWEsRUFBRSxHQUFHLEtBQUssQ0FBQyxlQUFlLEdBQUcsR0FBRyxFQUFFO29CQUMvQyxXQUFXLEVBQUUsS0FBSyxDQUFDLFFBQVEsRUFBRTtpQkFDOUIsQ0FBQyxDQUFBO1lBQ0osQ0FBQztRQUNILENBQUMsQ0FBQyxDQUFBO1FBRUYsNkRBQTZEO1FBQzdELE1BQU0scUJBQXFCLEdBQUcsR0FBRyxLQUFLLENBQUMsZUFBZSxVQUFVLENBQUE7UUFDaEUsTUFBTSxrQkFBa0IsR0FBRyxJQUFJLDRCQUFjLENBQUMsSUFBSSxFQUFFLG1CQUFtQixFQUFFO1lBQ3ZFLFlBQVksRUFBRSxLQUFLLENBQUMsb0JBQW9CO1lBQ3hDLFVBQVUsRUFBRTtnQkFDVixTQUFTLEVBQUUsS0FBSyxDQUFDLFNBQVM7Z0JBQzFCLFFBQVEsRUFBRSxxQkFBYyxDQUFDLGtCQUFrQjtnQkFDM0MsV0FBVyxFQUFFLEtBQUssQ0FBQyxXQUFXO2dCQUM5QixhQUFhLEVBQUUscUJBQXFCO2FBQ3JDO1NBQ0YsQ0FBQyxDQUFBO1FBQ0Ysa0JBQWtCLENBQUMsSUFBSSxDQUFDLGFBQWEsQ0FBQyxLQUFLLENBQUMsUUFBUSxDQUFDLENBQUE7UUFFckQsTUFBTSxRQUFRLEdBQUcsZUFBZSxtQkFBSyxDQUFDLEVBQUUsQ0FBQyxJQUFJLENBQUMsQ0FBQyxNQUFNLElBQ25ELG1CQUFLLENBQUMsRUFBRSxDQUFDLElBQUksQ0FBQyxDQUFDLE9BQ2pCLGFBQ0UscUJBQXFCLENBQUMsVUFBVSxDQUFDLEdBQUcsQ0FBQyxDQUFDLENBQUMsQ0FBQyxFQUFFLENBQUMsQ0FBQyxDQUFDLEdBQy9DLEdBQUcscUJBQXFCLEVBQUUsQ0FBQTtRQUUxQixLQUFLLENBQUMsUUFBUSxDQUFDLE9BQU8sQ0FBQyxlQUFlLENBQ3BDLElBQUksR0FBRyxDQUFDLGVBQWUsQ0FBQztZQUN0QixPQUFPLEVBQUUsQ0FBQyxrQkFBa0IsRUFBRSx1QkFBdUIsRUFBRSxtQkFBbUIsQ0FBQztZQUMzRSxTQUFTLEVBQUUsQ0FBQyxRQUFRLENBQUM7U0FDdEIsQ0FBQyxDQUNILENBQUE7SUFDSCxDQUFDO0NBQ0Y7QUFFRCxNQUFhLElBQUssU0FBUSxzQkFBUztJQVlqQyxZQUFZLEtBQWdCLEVBQUUsRUFBVSxFQUFFLEtBQWdCO1FBQ3hELElBQUksS0FBSyxDQUFDLFFBQVEsQ0FBQyxNQUFNLEtBQUsseUJBQWMsQ0FBQyxJQUFJLEVBQUUsQ0FBQztZQUNsRCxJQUFJLEtBQUssQ0FBQyxRQUFRLElBQUksS0FBSyxDQUFDLFlBQVksRUFBRSxDQUFDO2dCQUN6QyxNQUFNLHlDQUF5QyxDQUFBO1lBQ2pELENBQUM7WUFDRCxJQUFJLENBQUMsS0FBSyxDQUFDLFFBQVEsSUFBSSxDQUFDLEtBQUssQ0FBQyxZQUFZLEVBQUUsQ0FBQztnQkFDM0Msb0dBQW9HO2dCQUNwRyx5RUFBeUU7Z0JBQ3pFLHNEQUFzRDtnQkFDdEQsTUFBTSx5Q0FBeUMsQ0FBQTtZQUNqRCxDQUFDO1FBQ0gsQ0FBQztRQUNELEtBQUssQ0FBQyxLQUFLLEVBQUUsRUFBRSxDQUFDLENBQUE7UUFFaEIsK0RBQStEO1FBQy9ELElBQUksS0FBSyxDQUFDLFFBQVEsQ0FBQyxNQUFNLEtBQUsseUJBQWMsQ0FBQyxJQUFJLEVBQUUsQ0FBQztZQUNsRCxnRkFBZ0Y7WUFDaEYsSUFBSSxDQUFDLEtBQUssQ0FBQyxRQUFRLENBQUMsT0FBTyxFQUFFLENBQUM7Z0JBQzVCLE1BQU0sSUFBSSxLQUFLLENBQ2IsNkVBQTZFO29CQUMzRSxnRkFBZ0Y7b0JBQ2hGLDRGQUE0RixDQUMvRixDQUFBO1lBQ0gsQ0FBQztZQUVELDhEQUE4RDtZQUM5RCxNQUFNLElBQUksR0FBSSxLQUFLLENBQUMsUUFBUSxDQUFDLE9BQTRCLENBQUMsZUFBZTtnQkFDdkUsQ0FBQyxDQUFFLEtBQUssQ0FBQyxRQUFRLENBQUMsT0FBNEIsQ0FBQyxlQUFlLENBQUMsUUFBUTtnQkFDdkUsQ0FBQyxDQUFFLEtBQUssQ0FBQyxRQUFRLENBQUMsT0FBNkIsQ0FBQyxnQkFBZ0IsQ0FBQyxRQUFRLENBQUE7WUFFM0UsTUFBTSxJQUFJLEdBQUksS0FBSyxDQUFDLFFBQVEsQ0FBQyxPQUE0QixDQUFDLGVBQWU7Z0JBQ3ZFLENBQUMsQ0FBRSxLQUFLLENBQUMsUUFBUSxDQUFDLE9BQTRCLENBQUMsZUFBZSxDQUFDLElBQUk7Z0JBQ25FLENBQUMsQ0FBRSxLQUFLLENBQUMsUUFBUSxDQUFDLE9BQTZCLENBQUMsZ0JBQWdCLENBQUMsSUFBSSxDQUFBO1lBRXZFLE1BQU0sVUFBVSxHQUFJLEtBQUssQ0FBQyxRQUFRLENBQUMsT0FBNEIsQ0FBQyxpQkFBaUI7Z0JBQy9FLENBQUMsQ0FBRSxLQUFLLENBQUMsUUFBUSxDQUFDLE9BQTRCLENBQUMsaUJBQWlCO2dCQUNoRSxDQUFDLENBQUUsS0FBSyxDQUFDLFFBQVEsQ0FBQyxPQUE2QixDQUFDLGtCQUFrQixDQUFBO1lBRXBFLE1BQU0sY0FBYyxHQUFHO2dCQUNyQixtQkFBbUIsRUFBRSxVQUFVO2dCQUMvQixNQUFNLEVBQUUsS0FBSyxDQUFDLFFBQVEsQ0FBQyxNQUFNO2dCQUM3QixJQUFJLEVBQUUsSUFBSTtnQkFDVixJQUFJLEVBQUUsSUFBSTtnQkFDVixRQUFRLEVBQUUsS0FBSyxDQUFDLFFBQVE7Z0JBQ3hCLE1BQU0sRUFBRSxLQUFLLENBQUMsUUFBUSxDQUFDLENBQUMsQ0FBQyxLQUFLLENBQUMsUUFBUSxDQUFDLFlBQVksQ0FBQyxDQUFDLENBQUMsS0FBSyxDQUFDLFlBQVk7YUFDMUUsQ0FBQTtZQUVELElBQUksQ0FBQyxNQUFNLEdBQUcsSUFBSSwyQkFBTSxDQUFDLElBQUksRUFBRSxRQUFRLEVBQUU7Z0JBQ3ZDLFVBQVUsRUFBRSxLQUFLLENBQUMsVUFBVTtnQkFDNUIsYUFBYSxFQUFFLEtBQUssQ0FBQyxhQUFhO2dCQUNsQyxXQUFXLEVBQUUsd0JBQXdCLEtBQUssQ0FBQyxRQUFRLENBQUMsTUFBTSxTQUFTLEtBQUssQ0FBQyxRQUFRLEVBQUU7Z0JBQ25GLEdBQUcsQ0FBQyxLQUFLLENBQUMsYUFBYTtvQkFDckIsQ0FBQyxDQUFDO3dCQUNFLDBEQUEwRDt3QkFDMUQsb0JBQW9CLEVBQUUsSUFBSSxDQUFDLFNBQVMsQ0FBQyxjQUFjLENBQUM7cUJBQ3JEO29CQUNILENBQUMsQ0FBQzt3QkFDRSx1Q0FBdUM7d0JBQ3ZDLG9CQUFvQixFQUFFOzRCQUNwQixjQUFjLEVBQUUsRUFBRSxFQUFFLHNEQUFzRDs0QkFDMUUsb0JBQW9CLEVBQUUsSUFBSSxDQUFDLFNBQVMsQ0FBQyxjQUFjLENBQUM7NEJBQ3BELGlCQUFpQixFQUFFLFVBQVU7NEJBQzdCLGlCQUFpQixFQUFFLCtCQUErQjt5QkFDbkQ7cUJBQ0YsQ0FBQztnQkFDTixhQUFhLEVBQUUsMkJBQWEsQ0FBQyxPQUFPO2FBQ3JDLENBQUMsQ0FBQTtZQUVGLG1EQUFtRDtZQUNuRCxJQUFJLEtBQUssQ0FBQyxlQUFlLEVBQUUsQ0FBQztnQkFDMUIsTUFBTSxTQUFTLEdBQUc7b0JBQ2hCLG1CQUFtQixFQUFFLFVBQVU7b0JBQy9CLE1BQU0sRUFBRSxLQUFLLENBQUMsUUFBUSxDQUFDLE1BQU07b0JBQzdCLElBQUksRUFBRSxJQUFJO29CQUNWLElBQUksRUFBRSxJQUFJO29CQUNWLFFBQVEsRUFBRSxLQUFLLENBQUMsUUFBUTtvQkFDeEIsTUFBTSxFQUFFLEtBQUssQ0FBQyxRQUFRLENBQUMsQ0FBQyxDQUFDLEtBQUssQ0FBQyxRQUFRLENBQUMsWUFBWSxDQUFDLENBQUMsQ0FBQyxLQUFLLENBQUMsWUFBWTtpQkFDMUUsQ0FBQTtnQkFFRCxJQUFJLFVBQVUsQ0FBQyxJQUFJLEVBQUUsWUFBWSxFQUFFO29CQUNqQyxTQUFTLEVBQUUsS0FBSyxDQUFDLFFBQVEsQ0FBQyxNQUFNLEVBQUUsU0FBUyxJQUFJLEVBQUU7b0JBQ2pELGVBQWUsRUFBRSxLQUFLLENBQUMsZUFBZTtvQkFDdEMsV0FBVyxFQUFFLEtBQUssQ0FBQyxhQUFhLENBQUMsQ0FBQyxDQUFDLEVBQUUsQ0FBQyxDQUFDLENBQUMsSUFBSSxDQUFDLE1BQU0sQ0FBQyxTQUFTO29CQUM3RCxvQkFBb0IsRUFBRSxLQUFLLENBQUMsUUFBUSxDQUFDLFlBQVk7b0JBQ2pELFFBQVEsRUFBRSxLQUFLLENBQUMsUUFBUTtvQkFDeEIsU0FBUztpQkFDVixDQUFDLENBQUE7WUFDSixDQUFDO1FBQ0gsQ0FBQztRQUVELE1BQU0sSUFBSSxHQUFHLElBQUksMkJBQWtCLENBQUMsSUFBSSxFQUFFLGNBQWMsRUFBRTtZQUN4RCxRQUFRLEVBQUUsS0FBSyxDQUFDLFFBQVE7WUFDeEIsUUFBUSxFQUFFLEtBQUssQ0FBQyxRQUFRO1lBQ3hCLFdBQVcsRUFDVCxLQUFLLENBQUMsYUFBYSxJQUFJLEtBQUssQ0FBQyxRQUFRLENBQUMsTUFBTSxLQUFLLHlCQUFjLENBQUMsSUFBSTtnQkFDbEUsQ0FBQyxDQUFDLEVBQUU7Z0JBQ0osQ0FBQyxDQUFDLElBQUksQ0FBQyxNQUFPLENBQUMsU0FBUztZQUM1QixRQUFRLEVBQUUsS0FBSyxDQUFDLFFBQVE7WUFDeEIsWUFBWSxFQUFFLEtBQUssQ0FBQyxZQUFZO1lBQ2hDLGFBQWEsRUFBRSxLQUFLLENBQUMsYUFBYSxJQUFJLEtBQUssQ0FBQyxRQUFRLENBQUMsTUFBTSxLQUFLLHlCQUFjLENBQUMsSUFBSTtTQUNwRixDQUFDLENBQUE7UUFFRixJQUFJLElBQUksQ0FBQyxNQUFNLEVBQUUsQ0FBQztZQUNoQixJQUFJLENBQUMsSUFBSSxDQUFDLGFBQWEsQ0FBQyxJQUFJLENBQUMsTUFBTSxDQUFDLENBQUE7WUFDcEMsSUFBSSxDQUFDLE1BQU0sQ0FBQyxTQUFTLENBQUMsS0FBSyxDQUFDLFFBQVEsQ0FBQyxPQUFPLENBQUMsQ0FBQTtZQUM3QyxJQUFJLElBQUksQ0FBQyxNQUFNLENBQUMsYUFBYSxFQUFFLENBQUM7Z0JBQzlCLGdEQUFnRDtnQkFDaEQsSUFBSSxDQUFDLE1BQU0sQ0FBQyxhQUFhLENBQUMsWUFBWSxDQUFDLEtBQUssQ0FBQyxRQUFRLENBQUMsT0FBTyxDQUFDLENBQUE7WUFDaEUsQ0FBQztRQUNILENBQUM7UUFFRCxJQUFJLENBQUMsUUFBUSxHQUFHLEtBQUssQ0FBQyxRQUFRLENBQUE7SUFDaEMsQ0FBQzs7QUE1SEgsb0JBNkhDIiwic291cmNlc0NvbnRlbnQiOlsiaW1wb3J0IHsgQ3VzdG9tUmVzb3VyY2UsIFJlbW92YWxQb2xpY3ksIFN0YWNrIH0gZnJvbSBcImF3cy1jZGstbGliXCJcbmltcG9ydCAqIGFzIGlhbSBmcm9tIFwiYXdzLWNkay1saWIvYXdzLWlhbVwiXG5pbXBvcnQgKiBhcyBrbXMgZnJvbSBcImF3cy1jZGstbGliL2F3cy1rbXNcIlxuaW1wb3J0IHsgSURhdGFiYXNlQ2x1c3RlciwgSURhdGFiYXNlSW5zdGFuY2UgfSBmcm9tIFwiYXdzLWNkay1saWIvYXdzLXJkc1wiXG5pbXBvcnQgeyBJU2VjcmV0LCBTZWNyZXQgfSBmcm9tIFwiYXdzLWNkay1saWIvYXdzLXNlY3JldHNtYW5hZ2VyXCJcbmltcG9ydCAqIGFzIHNzbSBmcm9tIFwiYXdzLWNkay1saWIvYXdzLXNzbVwiXG5pbXBvcnQgeyBDb25zdHJ1Y3QgfSBmcm9tIFwiY29uc3RydWN0c1wiXG5pbXBvcnQgeyBJRGF0YWJhc2UgfSBmcm9tIFwiLi9kYXRhYmFzZVwiXG5pbXBvcnQgeyBSZHNTcWxSZXNvdXJjZSB9IGZyb20gXCIuL2VudW1cIlxuaW1wb3J0IHsgSVByb3ZpZGVyLCBEYXRhYmFzZUVuZ2luZSB9IGZyb20gXCIuL3Byb3ZpZGVyXCJcbmltcG9ydCB7IFJvbGUgYXMgQ3VzdG9tUmVzb3VyY2VSb2xlIH0gZnJvbSBcIi4vcm9sZS5jdXN0b20tcmVzb3VyY2VcIlxuXG5leHBvcnQgaW50ZXJmYWNlIFJvbGVQcm9wcyB7XG4gIC8qKlxuICAgKiBQcm92aWRlci5cbiAgICovXG4gIHJlYWRvbmx5IHByb3ZpZGVyOiBJUHJvdmlkZXJcblxuICAvKipcbiAgICogU1FMLlxuICAgKi9cbiAgcmVhZG9ubHkgcm9sZU5hbWU6IHN0cmluZ1xuXG4gIC8qKlxuICAgKiBPcHRpb25hbCBkYXRhYmFzZSB0aGlzIHVzZXIgaXMgZXhwZWN0ZWQgdG8gdXNlLlxuICAgKlxuICAgKiBJZiB0aGUgZGF0YWJhc2UgZXhpc3RzLCBjb25uZWN0IHByaXZpbGVnZXMgYXJlIGdyYW50ZWQuXG4gICAqXG4gICAqIFNwZWNpZnkgb25lIG9mIGBkYXRhYmFzZWAgb3IgYGRhdGFiYXNlTmFtZWAuIFRoaXMgaXMgdGhlIG5hbWVcbiAgICogdGhhdCB3aWxsIGJlIHN0b3JlZCBpbiB0aGUgcm9sZSdzIHNlY3JldCBhcyB0aGUgZGF0YWJhc2UgbmFtZSB0b1xuICAgKiB1c2UuXG4gICAqL1xuICByZWFkb25seSBkYXRhYmFzZT86IElEYXRhYmFzZVxuXG4gIC8qKlxuICAgKiBPcHRpb25hbCBkYXRhYmFzZSBuYW1lIHRoaXMgdXNlciBpcyBleHBlY3RlZCB0byB1c2UuXG4gICAqXG4gICAqIElmIHRoZSBkYXRhYmFzZSBleGlzdHMsIGNvbm5lY3QgcHJpdmlsZWdlcyBhcmUgZ3JhbnRlZC5cbiAgICpcbiAgICogU3BlY2lmeSBvbmUgb2YgYGRhdGFiYXNlYCBvciBgZGF0YWJhc2VOYW1lYC4gVGhpcyBpcyB0aGUgbmFtZVxuICAgKiB0aGF0IHdpbGwgYmUgc3RvcmVkIGluIHRoZSByb2xlJ3Mgc2VjcmV0IGFzIHRoZSBkYXRhYmFzZSBuYW1lIHRvXG4gICAqIHVzZS5cbiAgICovXG4gIHJlYWRvbmx5IGRhdGFiYXNlTmFtZT86IHN0cmluZ1xuXG4gIC8qKlxuICAgKiBBIG5ldyBzZWNyZXQgaXMgY3JlYXRlZCBmb3IgdGhpcyB1c2VyLlxuICAgKlxuICAgKiBPcHRpb25hbGx5IGVuY3J5cHQgaXQgd2l0aCB0aGUgZ2l2ZW4ga2V5LlxuICAgKi9cbiAgcmVhZG9ubHkgZW5jcnlwdGlvbktleT86IGttcy5JS2V5XG5cbiAgLyoqXG4gICAqIEEgbmV3IHNlY3JldCBpcyBjcmVhdGVkIGZvciB0aGlzIHVzZXIuXG4gICAqXG4gICAqIE9wdGlvbmFsbHkgYWRkIHNlY3JldCBuYW1lIHRvIHRoZSBzZWNyZXQuXG4gICAqL1xuICByZWFkb25seSBzZWNyZXROYW1lPzogc3RyaW5nXG5cbiAgLyoqXG4gICAqIFByZWZpeCBmb3IgU1NNIHBhcmFtZXRlcnMgdG8gc3RvcmUgY3JlZGVudGlhbHMgaW4gUGFyYW1ldGVyIFN0b3JlLlxuICAgKiBXaGVuIGRlZmluZWQsIGNyZWRlbnRpYWxzIHdpbGwgYWxzbyBiZSBzdG9yZWQgYXMgcGFyYW1ldGVycy5cbiAgICpcbiAgICogVGhlIHBhcmFtZXRlciBuYW1lcyBzdWNoIGFzIFwicGFzc3dvcmRcIiBpcyBzaW1wbHkgYXBwZW5kZWQgdG9cbiAgICogYHBhcmFtZXRlclByZWZpeGAsIHNvIG1ha2Ugc3VyZSB0aGUgcHJlZml4IGVuZHMgd2l0aCBhIHNsYXNoIGlmXG4gICAqICB5b3UgaGF2ZSB5b3VyIHBhcmFtZXRlciBuYW1lcyBzbGFzaCBzZXBhcmF0ZWQuXG4gICAqXG4gICAqIE5vdGUgdGhhdCB0aGUgcGFzc3dvcmQgZnJvbSB0aGUgc2VjcmV0IGlzIGNvcGllZCBqdXN0IG9uY2UsIHRoZXlcbiAgICogYXJlIG5vdCBrZXB0IGluIHN5bmMuXG4gICAqXG4gICAqIEBkZWZhdWx0IC0gY3JlZGVudGlhbHMgYXJlIG9ubHkgc3RvcmVkIGluIFNlY3JldHMgTWFuYWdlclxuICAgKi9cbiAgcmVhZG9ubHkgcGFyYW1ldGVyUHJlZml4Pzogc3RyaW5nXG5cbiAgLyoqXG4gICAqIEVuYWJsZSBJQU0gYXV0aGVudGljYXRpb24gZm9yIHRoaXMgcm9sZS5cbiAgICpcbiAgICogV2hlbiBlbmFibGVkLCB0aGUgcm9sZSB3aWxsIGJlIGNyZWF0ZWQgd2l0aG91dCBhIHBhc3N3b3JkIGFuZFxuICAgKiBjb25maWd1cmVkIGZvciBBV1MgSUFNIGRhdGFiYXNlIGF1dGhlbnRpY2F0aW9uLiBUaGUgc2VjcmV0XG4gICAqIHdpbGwgbm90IGNvbnRhaW4gYSBwYXNzd29yZCBmaWVsZC5cbiAgICpcbiAgICogTm90ZTogRm9yIERTUUwgY2x1c3RlcnMsIHRoaXMgcHJvcGVydHkgaXMgaWdub3JlZCBhcyBEU1FMIGFsd2F5c1xuICAgKiB1c2VzIElBTSBhdXRoZW50aWNhdGlvbi5cbiAgICpcbiAgICogQGRlZmF1bHQgZmFsc2UgLSB1c2UgcGFzc3dvcmQgYXV0aGVudGljYXRpb25cbiAgICovXG4gIHJlYWRvbmx5IGVuYWJsZUlhbUF1dGg/OiBib29sZWFuXG59XG5cbi8vIFByaXZhdGUgUGFyYW1ldGVycyBjb25zdHJ1Y3QgKG5vdCBleHBvcnRlZClcbmNsYXNzIFBhcmFtZXRlcnMgZXh0ZW5kcyBDb25zdHJ1Y3Qge1xuICBjb25zdHJ1Y3RvcihcbiAgICBzY29wZTogQ29uc3RydWN0LFxuICAgIGlkOiBzdHJpbmcsXG4gICAgcHJvcHM6IHtcbiAgICAgIHByb3ZpZGVyOiBJUHJvdmlkZXJcbiAgICAgIHNlY3JldEFybjogc3RyaW5nXG4gICAgICBwYXJhbWV0ZXJQcmVmaXg6IHN0cmluZ1xuICAgICAgcGFzc3dvcmRBcm46IHN0cmluZ1xuICAgICAgcHJvdmlkZXJTZXJ2aWNlVG9rZW46IHN0cmluZ1xuICAgICAgcGFyYW1EYXRhOiBSZWNvcmQ8c3RyaW5nLCBhbnk+XG4gICAgfVxuICApIHtcbiAgICBzdXBlcihzY29wZSwgaWQpXG5cbiAgICAvLyBDcmVhdGUgcGFyYW1ldGVycyBmb3IgZWFjaCBrZXktdmFsdWUgcGFpclxuICAgIE9iamVjdC5lbnRyaWVzKHByb3BzLnBhcmFtRGF0YSkuZm9yRWFjaCgoW2tleSwgdmFsdWVdKSA9PiB7XG4gICAgICBpZiAodmFsdWUgIT09IHVuZGVmaW5lZCkge1xuICAgICAgICBuZXcgc3NtLlN0cmluZ1BhcmFtZXRlcih0aGlzLCBgUGFyYW1ldGVyLSR7a2V5fWAsIHtcbiAgICAgICAgICBwYXJhbWV0ZXJOYW1lOiBgJHtwcm9wcy5wYXJhbWV0ZXJQcmVmaXh9JHtrZXl9YCxcbiAgICAgICAgICBzdHJpbmdWYWx1ZTogdmFsdWUudG9TdHJpbmcoKSxcbiAgICAgICAgfSlcbiAgICAgIH1cbiAgICB9KVxuXG4gICAgLy8gRm9yIHBhc3N3b3JkLCB1c2UgdGhlIGV4aXN0aW5nIHByb3ZpZGVyIHRvIHN0b3JlIGl0IGluIFNTTVxuICAgIGNvbnN0IHBhc3N3b3JkUGFyYW1ldGVyTmFtZSA9IGAke3Byb3BzLnBhcmFtZXRlclByZWZpeH1wYXNzd29yZGBcbiAgICBjb25zdCBwYXNzd29yZF9wYXJhbWV0ZXIgPSBuZXcgQ3VzdG9tUmVzb3VyY2UodGhpcywgXCJQYXNzd29yZFBhcmFtZXRlclwiLCB7XG4gICAgICBzZXJ2aWNlVG9rZW46IHByb3BzLnByb3ZpZGVyU2VydmljZVRva2VuLFxuICAgICAgcHJvcGVydGllczoge1xuICAgICAgICBTZWNyZXRBcm46IHByb3BzLnNlY3JldEFybixcbiAgICAgICAgUmVzb3VyY2U6IFJkc1NxbFJlc291cmNlLlBBUkFNRVRFUl9QQVNTV09SRCxcbiAgICAgICAgUGFzc3dvcmRBcm46IHByb3BzLnBhc3N3b3JkQXJuLFxuICAgICAgICBQYXJhbWV0ZXJOYW1lOiBwYXNzd29yZFBhcmFtZXRlck5hbWUsXG4gICAgICB9LFxuICAgIH0pXG4gICAgcGFzc3dvcmRfcGFyYW1ldGVyLm5vZGUuYWRkRGVwZW5kZW5jeShwcm9wcy5wcm92aWRlcilcblxuICAgIGNvbnN0IHBhcmFtQXJuID0gYGFybjphd3M6c3NtOiR7U3RhY2sub2YodGhpcykucmVnaW9ufToke1xuICAgICAgU3RhY2sub2YodGhpcykuYWNjb3VudFxuICAgIH06cGFyYW1ldGVyJHtcbiAgICAgIHBhc3N3b3JkUGFyYW1ldGVyTmFtZS5zdGFydHNXaXRoKFwiL1wiKSA/IFwiXCIgOiBcIi9cIlxuICAgIH0ke3Bhc3N3b3JkUGFyYW1ldGVyTmFtZX1gXG5cbiAgICBwcm9wcy5wcm92aWRlci5oYW5kbGVyLmFkZFRvUm9sZVBvbGljeShcbiAgICAgIG5ldyBpYW0uUG9saWN5U3RhdGVtZW50KHtcbiAgICAgICAgYWN0aW9uczogW1wic3NtOlB1dFBhcmFtZXRlclwiLCBcInNzbTpBZGRUYWdzVG9SZXNvdXJjZVwiLCBcInNzbTpHZXRQYXJhbWV0ZXJzXCJdLFxuICAgICAgICByZXNvdXJjZXM6IFtwYXJhbUFybl0sXG4gICAgICB9KVxuICAgIClcbiAgfVxufVxuXG5leHBvcnQgY2xhc3MgUm9sZSBleHRlbmRzIENvbnN0cnVjdCB7XG4gIC8qKlxuICAgKiBUaGUgcm9sZSBuYW1lLlxuICAgKi9cbiAgcHVibGljIHJlYWRvbmx5IHJvbGVOYW1lOiBzdHJpbmdcblxuICAvKipcbiAgICogVGhlIGdlbmVyYXRlZCBzZWNyZXQuXG4gICAqIE9ubHkgYXZhaWxhYmxlIGZvciBub24tRFNRTCBjbHVzdGVycyBhcyBEU1FMIHVzZXMgSUFNIGF1dGhlbnRpY2F0aW9uLlxuICAgKi9cbiAgcHVibGljIHJlYWRvbmx5IHNlY3JldD86IElTZWNyZXRcblxuICBjb25zdHJ1Y3RvcihzY29wZTogQ29uc3RydWN0LCBpZDogc3RyaW5nLCBwcm9wczogUm9sZVByb3BzKSB7XG4gICAgaWYgKHByb3BzLnByb3ZpZGVyLmVuZ2luZSAhPT0gRGF0YWJhc2VFbmdpbmUuRFNRTCkge1xuICAgICAgaWYgKHByb3BzLmRhdGFiYXNlICYmIHByb3BzLmRhdGFiYXNlTmFtZSkge1xuICAgICAgICB0aHJvdyBcIlNwZWNpZnkgZWl0aGVyIGRhdGFiYXNlIG9yIGRhdGFiYXNlTmFtZVwiXG4gICAgICB9XG4gICAgICBpZiAoIXByb3BzLmRhdGFiYXNlICYmICFwcm9wcy5kYXRhYmFzZU5hbWUpIHtcbiAgICAgICAgLy8gSWYgbmVpdGhlciBpcyBzcGVjaWZpZWQsIHdlIG1pZ2h0IG5lZWQgYSBkZWZhdWx0IG9yIHRocm93IGFuIGVycm9yIGRlcGVuZGluZyBvbiBkZXNpcmVkIGJlaGF2aW9yLlxuICAgICAgICAvLyBGb3Igbm93LCBsZXQncyBhc3N1bWUgaXQncyBhbGxvd2VkIGJ1dCB0aGUgc2VjcmV0IHdvbid0IGhhdmUgYSBkYm5hbWUuXG4gICAgICAgIC8vIElmIGl0IHNob3VsZCBiZSByZXF1aXJlZCwgdW5jb21tZW50IHRoZSBsaW5lIGJlbG93OlxuICAgICAgICB0aHJvdyBcIlNwZWNpZnkgZWl0aGVyIGRhdGFiYXNlIG9yIGRhdGFiYXNlTmFtZVwiXG4gICAgICB9XG4gICAgfVxuICAgIHN1cGVyKHNjb3BlLCBpZClcblxuICAgIC8vIERTUUwgZG9lc24ndCB1c2Ugc2VjcmV0cyAtIGl0IGFsd2F5cyB1c2VzIElBTSBhdXRoZW50aWNhdGlvblxuICAgIGlmIChwcm9wcy5wcm92aWRlci5lbmdpbmUgIT09IERhdGFiYXNlRW5naW5lLkRTUUwpIHtcbiAgICAgIC8vIEZvciBpbXBvcnRlZCBwcm92aWRlcnMgd2l0aG91dCBjbHVzdGVyIGRldGFpbHMsIHByb3ZpZGUgaGVscGZ1bCBlcnJvciBtZXNzYWdlXG4gICAgICBpZiAoIXByb3BzLnByb3ZpZGVyLmNsdXN0ZXIpIHtcbiAgICAgICAgdGhyb3cgbmV3IEVycm9yKFxuICAgICAgICAgIFwiUm9sZSBjcmVhdGlvbiByZXF1aXJlcyBjbHVzdGVyIGluZm9ybWF0aW9uLiBXaGVuIGltcG9ydGluZyBhIHByb3ZpZGVyIHdpdGggXCIgK1xuICAgICAgICAgICAgXCJQcm92aWRlci5mcm9tUHJvdmlkZXJBdHRyaWJ1dGVzKCksIGluY2x1ZGUgdGhlICdjbHVzdGVyJyBwcm9wZXJ0eSBpZiB5b3UgcGxhbiBcIiArXG4gICAgICAgICAgICBcInRvIGNyZWF0ZSBuZXcgcm9sZXMuIEFsdGVybmF0aXZlbHksIHVzZSBleGlzdGluZyByb2xlcyBjcmVhdGVkIHdpdGggdGhlIG9yaWdpbmFsIHByb3ZpZGVyLlwiXG4gICAgICAgIClcbiAgICAgIH1cblxuICAgICAgLy8gRm9yIFJEUy9BdXJvcmEgY2x1c3RlcnMgYW5kIGluc3RhbmNlcywgZ2V0IGVuZHBvaW50IGRldGFpbHNcbiAgICAgIGNvbnN0IGhvc3QgPSAocHJvcHMucHJvdmlkZXIuY2x1c3RlciBhcyBJRGF0YWJhc2VDbHVzdGVyKS5jbHVzdGVyRW5kcG9pbnRcbiAgICAgICAgPyAocHJvcHMucHJvdmlkZXIuY2x1c3RlciBhcyBJRGF0YWJhc2VDbHVzdGVyKS5jbHVzdGVyRW5kcG9pbnQuaG9zdG5hbWVcbiAgICAgICAgOiAocHJvcHMucHJvdmlkZXIuY2x1c3RlciBhcyBJRGF0YWJhc2VJbnN0YW5jZSkuaW5zdGFuY2VFbmRwb2ludC5ob3N0bmFtZVxuXG4gICAgICBjb25zdCBwb3J0ID0gKHByb3BzLnByb3ZpZGVyLmNsdXN0ZXIgYXMgSURhdGFiYXNlQ2x1c3RlcikuY2x1c3RlckVuZHBvaW50XG4gICAgICAgID8gKHByb3BzLnByb3ZpZGVyLmNsdXN0ZXIgYXMgSURhdGFiYXNlQ2x1c3RlcikuY2x1c3RlckVuZHBvaW50LnBvcnRcbiAgICAgICAgOiAocHJvcHMucHJvdmlkZXIuY2x1c3RlciBhcyBJRGF0YWJhc2VJbnN0YW5jZSkuaW5zdGFuY2VFbmRwb2ludC5wb3J0XG5cbiAgICAgIGNvbnN0IGlkZW50aWZpZXIgPSAocHJvcHMucHJvdmlkZXIuY2x1c3RlciBhcyBJRGF0YWJhc2VDbHVzdGVyKS5jbHVzdGVySWRlbnRpZmllclxuICAgICAgICA/IChwcm9wcy5wcm92aWRlci5jbHVzdGVyIGFzIElEYXRhYmFzZUNsdXN0ZXIpLmNsdXN0ZXJJZGVudGlmaWVyXG4gICAgICAgIDogKHByb3BzLnByb3ZpZGVyLmNsdXN0ZXIgYXMgSURhdGFiYXNlSW5zdGFuY2UpLmluc3RhbmNlSWRlbnRpZmllclxuXG4gICAgICBjb25zdCBzZWNyZXRUZW1wbGF0ZSA9IHtcbiAgICAgICAgZGJDbHVzdGVySWRlbnRpZmllcjogaWRlbnRpZmllcixcbiAgICAgICAgZW5naW5lOiBwcm9wcy5wcm92aWRlci5lbmdpbmUsXG4gICAgICAgIGhvc3Q6IGhvc3QsXG4gICAgICAgIHBvcnQ6IHBvcnQsXG4gICAgICAgIHVzZXJuYW1lOiBwcm9wcy5yb2xlTmFtZSxcbiAgICAgICAgZGJuYW1lOiBwcm9wcy5kYXRhYmFzZSA/IHByb3BzLmRhdGFiYXNlLmRhdGFiYXNlTmFtZSA6IHByb3BzLmRhdGFiYXNlTmFtZSxcbiAgICAgIH1cblxuICAgICAgdGhpcy5zZWNyZXQgPSBuZXcgU2VjcmV0KHRoaXMsIFwiU2VjcmV0XCIsIHtcbiAgICAgICAgc2VjcmV0TmFtZTogcHJvcHMuc2VjcmV0TmFtZSxcbiAgICAgICAgZW5jcnlwdGlvbktleTogcHJvcHMuZW5jcnlwdGlvbktleSxcbiAgICAgICAgZGVzY3JpcHRpb246IGBHZW5lcmF0ZWQgc2VjcmV0IGZvciAke3Byb3BzLnByb3ZpZGVyLmVuZ2luZX0gcm9sZSAke3Byb3BzLnJvbGVOYW1lfWAsXG4gICAgICAgIC4uLihwcm9wcy5lbmFibGVJYW1BdXRoXG4gICAgICAgICAgPyB7XG4gICAgICAgICAgICAgIC8vIEZvciBJQU0gYXV0aCwgY3JlYXRlIHNlY3JldCB3aXRob3V0IHBhc3N3b3JkIGdlbmVyYXRpb25cbiAgICAgICAgICAgICAgc2VjcmV0U3RyaW5nVGVtcGxhdGU6IEpTT04uc3RyaW5naWZ5KHNlY3JldFRlbXBsYXRlKSxcbiAgICAgICAgICAgIH1cbiAgICAgICAgICA6IHtcbiAgICAgICAgICAgICAgLy8gRm9yIHBhc3N3b3JkIGF1dGgsIGdlbmVyYXRlIHBhc3N3b3JkXG4gICAgICAgICAgICAgIGdlbmVyYXRlU2VjcmV0U3RyaW5nOiB7XG4gICAgICAgICAgICAgICAgcGFzc3dvcmRMZW5ndGg6IDMwLCAvLyBPcmFjbGUgcGFzc3dvcmQgY2Fubm90IGhhdmUgbW9yZSB0aGFuIDMwIGNoYXJhY3RlcnNcbiAgICAgICAgICAgICAgICBzZWNyZXRTdHJpbmdUZW1wbGF0ZTogSlNPTi5zdHJpbmdpZnkoc2VjcmV0VGVtcGxhdGUpLFxuICAgICAgICAgICAgICAgIGdlbmVyYXRlU3RyaW5nS2V5OiBcInBhc3N3b3JkXCIsXG4gICAgICAgICAgICAgICAgZXhjbHVkZUNoYXJhY3RlcnM6IFwiICUrfmAjJCYqKCl8W117fTo7PD4/IScvQFxcXCJcXFxcXCIsXG4gICAgICAgICAgICAgIH0sXG4gICAgICAgICAgICB9KSxcbiAgICAgICAgcmVtb3ZhbFBvbGljeTogUmVtb3ZhbFBvbGljeS5ERVNUUk9ZLFxuICAgICAgfSlcblxuICAgICAgLy8gQ3JlYXRlIFBhcmFtZXRlcnMgaWYgcGFyYW1ldGVyUHJlZml4IGlzIHByb3ZpZGVkXG4gICAgICBpZiAocHJvcHMucGFyYW1ldGVyUHJlZml4KSB7XG4gICAgICAgIGNvbnN0IHBhcmFtRGF0YSA9IHtcbiAgICAgICAgICBkYkNsdXN0ZXJJZGVudGlmaWVyOiBpZGVudGlmaWVyLFxuICAgICAgICAgIGVuZ2luZTogcHJvcHMucHJvdmlkZXIuZW5naW5lLFxuICAgICAgICAgIGhvc3Q6IGhvc3QsXG4gICAgICAgICAgcG9ydDogcG9ydCxcbiAgICAgICAgICB1c2VybmFtZTogcHJvcHMucm9sZU5hbWUsXG4gICAgICAgICAgZGJuYW1lOiBwcm9wcy5kYXRhYmFzZSA/IHByb3BzLmRhdGFiYXNlLmRhdGFiYXNlTmFtZSA6IHByb3BzLmRhdGFiYXNlTmFtZSxcbiAgICAgICAgfVxuXG4gICAgICAgIG5ldyBQYXJhbWV0ZXJzKHRoaXMsIFwiUGFyYW1ldGVyc1wiLCB7XG4gICAgICAgICAgc2VjcmV0QXJuOiBwcm9wcy5wcm92aWRlci5zZWNyZXQ/LnNlY3JldEFybiB8fCBcIlwiLFxuICAgICAgICAgIHBhcmFtZXRlclByZWZpeDogcHJvcHMucGFyYW1ldGVyUHJlZml4LFxuICAgICAgICAgIHBhc3N3b3JkQXJuOiBwcm9wcy5lbmFibGVJYW1BdXRoID8gXCJcIiA6IHRoaXMuc2VjcmV0LnNlY3JldEFybixcbiAgICAgICAgICBwcm92aWRlclNlcnZpY2VUb2tlbjogcHJvcHMucHJvdmlkZXIuc2VydmljZVRva2VuLFxuICAgICAgICAgIHByb3ZpZGVyOiBwcm9wcy5wcm92aWRlcixcbiAgICAgICAgICBwYXJhbURhdGEsXG4gICAgICAgIH0pXG4gICAgICB9XG4gICAgfVxuXG4gICAgY29uc3Qgcm9sZSA9IG5ldyBDdXN0b21SZXNvdXJjZVJvbGUodGhpcywgXCJQb3N0Z3Jlc1JvbGVcIiwge1xuICAgICAgcHJvdmlkZXI6IHByb3BzLnByb3ZpZGVyLFxuICAgICAgcm9sZU5hbWU6IHByb3BzLnJvbGVOYW1lLFxuICAgICAgcGFzc3dvcmRBcm46XG4gICAgICAgIHByb3BzLmVuYWJsZUlhbUF1dGggfHwgcHJvcHMucHJvdmlkZXIuZW5naW5lID09PSBEYXRhYmFzZUVuZ2luZS5EU1FMXG4gICAgICAgICAgPyBcIlwiXG4gICAgICAgICAgOiB0aGlzLnNlY3JldCEuc2VjcmV0QXJuLFxuICAgICAgZGF0YWJhc2U6IHByb3BzLmRhdGFiYXNlLFxuICAgICAgZGF0YWJhc2VOYW1lOiBwcm9wcy5kYXRhYmFzZU5hbWUsXG4gICAgICBlbmFibGVJYW1BdXRoOiBwcm9wcy5lbmFibGVJYW1BdXRoIHx8IHByb3BzLnByb3ZpZGVyLmVuZ2luZSA9PT0gRGF0YWJhc2VFbmdpbmUuRFNRTCxcbiAgICB9KVxuXG4gICAgaWYgKHRoaXMuc2VjcmV0KSB7XG4gICAgICByb2xlLm5vZGUuYWRkRGVwZW5kZW5jeSh0aGlzLnNlY3JldClcbiAgICAgIHRoaXMuc2VjcmV0LmdyYW50UmVhZChwcm9wcy5wcm92aWRlci5oYW5kbGVyKVxuICAgICAgaWYgKHRoaXMuc2VjcmV0LmVuY3J5cHRpb25LZXkpIHtcbiAgICAgICAgLy8gSXQgc2VlbXMgd2UgbmVlZCB0byBncmFudCBleHBsaWNpdCBwZXJtaXNzaW9uXG4gICAgICAgIHRoaXMuc2VjcmV0LmVuY3J5cHRpb25LZXkuZ3JhbnREZWNyeXB0KHByb3BzLnByb3ZpZGVyLmhhbmRsZXIpXG4gICAgICB9XG4gICAgfVxuXG4gICAgdGhpcy5yb2xlTmFtZSA9IHByb3BzLnJvbGVOYW1lXG4gIH1cbn1cbiJdfQ==