UNPKG

vix-ui

Version:

A set of essential UI modules for your Angular application in ViSenze

1,056 lines (1,048 loc) 180 kB
import { Injectable, NgModule, ChangeDetectorRef, Component, NgZone } from '@angular/core'; import { HttpClient, HttpHeaders, HttpClientModule } from '@angular/common/http'; import { __awaiter, __generator } from 'tslib'; import { OAuthService, UrlHelperService } from 'angular-oauth2-oidc'; import * as OktaAuth from '@okta/okta-auth-js'; import { Router } from '@angular/router'; import { CommonModule } from '@angular/common'; import { FormControl, Validators, FormsModule, ReactiveFormsModule } from '@angular/forms'; import { MatButtonModule, MatFormFieldModule, MatIconModule, MatInputModule, MatProgressBarModule } from '@angular/material'; import { BrowserAnimationsModule, NoopAnimationsModule } from '@angular/platform-browser/animations'; /** * @fileoverview added by tsickle * @suppress {checkTypes} checked by tsc */ /** * VixAuthConfig holds the necessary config required by other services */ var /** * VixAuthConfig holds the necessary config required by other services */ VixAuthConfig = /** @class */ (function () { function VixAuthConfig() { } return VixAuthConfig; }()); /** * AuthConfigService provides get method for all parameters * * \@var {string} _url: url for okta account like: 'https://dev-913444.oktapreview.com' * \@ */ var AuthConfigService = /** @class */ (function () { function AuthConfigService(authConfig) { this.authConfig = authConfig; this._url = authConfig.url; this._issuer = authConfig.issuer; this._clientId = authConfig.clientId; this._redirectUrl = authConfig.redirectUrl; this._apiKey = authConfig.apiKey; this._loginUrl = authConfig.loginUrl; } /** * @return {?} */ AuthConfigService.prototype.getLoginUrl = /** * @return {?} */ function () { return this._loginUrl; }; /** * @returns url */ /** * @return {?} url */ AuthConfigService.prototype.getUrl = /** * @return {?} url */ function () { return this._url; }; /** * @returns issuer */ /** * @return {?} issuer */ AuthConfigService.prototype.getIssuer = /** * @return {?} issuer */ function () { return this._issuer; }; /** * @returns clientId */ /** * @return {?} clientId */ AuthConfigService.prototype.getClientId = /** * @return {?} clientId */ function () { return this._clientId; }; /** * * @returns redirectUrl */ /** * * @return {?} redirectUrl */ AuthConfigService.prototype.getRedirectUrl = /** * * @return {?} redirectUrl */ function () { return this._redirectUrl; }; /** * * @returns remove the domain from url. * example: return '/foo/bar' if redirectUrl is 'http://foobar.com/foo/bar' */ /** * * @return {?} remove the domain from url. * example: return '/foo/bar' if redirectUrl is 'http://foobar.com/foo/bar' */ AuthConfigService.prototype.getRoute = /** * * @return {?} remove the domain from url. * example: return '/foo/bar' if redirectUrl is 'http://foobar.com/foo/bar' */ function () { var /** @type {?} */ s = this._redirectUrl.split('/'); return '/' + s.slice(3, s.length).join('/'); }; /** * @returns okta API key */ /** * @return {?} okta API key */ AuthConfigService.prototype.getApiKey = /** * @return {?} okta API key */ function () { return this._apiKey; }; AuthConfigService.decorators = [ { type: Injectable }, ]; /** @nocollapse */ AuthConfigService.ctorParameters = function () { return [ { type: VixAuthConfig, }, ]; }; return AuthConfigService; }()); /** * @fileoverview added by tsickle * @suppress {checkTypes} checked by tsc */ /** * Wrapper for Okta API */ var OktaService = /** @class */ (function () { /** * @param httpClient * @param authConfig */ function OktaService(httpClient, authConfig) { this.httpClient = httpClient; this.authConfig = authConfig; this.httpOptions = { headers: new HttpHeaders({ 'Content-Type': 'application/json', 'Accept': 'application/json', 'Authorization': 'SSWS ' + this.authConfig.getApiKey() }) }; } /** * Build Full API URl by given endpoint * @param endpoint * @returns */ /** * Build Full API URl by given endpoint * @param {?} endpoint * @return {?} */ OktaService.prototype.getFullUrl = /** * Build Full API URl by given endpoint * @param {?} endpoint * @return {?} */ function (endpoint) { return this.authConfig.getUrl() + "/api/v1" + endpoint; }; /** * Get user info by email. * doc: https://developer.okta.com/docs/api/resources/users#get-current-user * @returns */ /** * Get user info by email. * doc: https://developer.okta.com/docs/api/resources/users#get-current-user * @param {?} userId * @return {?} */ OktaService.prototype.getUserInfo = /** * Get user info by email. * doc: https://developer.okta.com/docs/api/resources/users#get-current-user * @param {?} userId * @return {?} */ function (userId) { return this.httpClient.get(this.getFullUrl("/users/" + userId), this.httpOptions).toPromise(); }; /** * Get user groups information by given userId * doc: https://developer.okta.com/docs/api/resources/users#get-member-groups * @param userId * @returns */ /** * Get user groups information by given userId * doc: https://developer.okta.com/docs/api/resources/users#get-member-groups * @param {?} userId * @return {?} */ OktaService.prototype.getUserGroups = /** * Get user groups information by given userId * doc: https://developer.okta.com/docs/api/resources/users#get-member-groups * @param {?} userId * @return {?} */ function (userId) { return this.httpClient.get(this.getFullUrl("/users/" + userId + "/groups"), this.httpOptions).toPromise(); }; /** * List all groups */ /** * List all groups * @return {?} */ OktaService.prototype.listGroups = /** * List all groups * @return {?} */ function () { return this.httpClient.get(this.getFullUrl('/groups'), this.httpOptions).toPromise(); }; OktaService.decorators = [ { type: Injectable }, ]; /** @nocollapse */ OktaService.ctorParameters = function () { return [ { type: HttpClient, }, { type: AuthConfigService, }, ]; }; return OktaService; }()); /** * @fileoverview added by tsickle * @suppress {checkTypes} checked by tsc */ /** * UserInfo holds the user information */ var /** * UserInfo holds the user information */ UserInfo = /** @class */ (function () { /** * Extract necessary information oktaUserInfo * @param oktaUserInfo * oktaUserInfo example: * { * "id": "foobar", * ... * "profile": { * "firstName": "foobar", * "lastName": "foobar", * "mobilePhone": null, * "secondEmail": null, * "login": "foo@bar.com", * "email": "foo@bar.com" * }, * ... * } */ function UserInfo(oktaUserInfo) { this.userId = oktaUserInfo.id; this.email = oktaUserInfo.profile.email; this.firstName = oktaUserInfo.profile.firstName; this.lastName = oktaUserInfo.profile.lastName; } return UserInfo; }()); /** * @fileoverview added by tsickle * @suppress {checkTypes} checked by tsc */ /** * UserGroups holds the groups information of a user. It is mainly used to check permissions. */ var /** * UserGroups holds the groups information of a user. It is mainly used to check permissions. */ UserGroups = /** @class */ (function () { /** * construct UserGroups from OktaUserGroups * * @param oktaUserGroups Array of oktaGroups * oktaGroup example: * { ... * "profile": { * "name": "Everyone", * "description": "All users in your organization" * }, * ... * } */ function UserGroups(oktaUserGroups) { var _this = this; this.groups = []; if (oktaUserGroups) { oktaUserGroups.forEach(function (oktaGroup) { _this.groups.push(oktaGroup.profile.name); }); } } /** * Check if instance has enough permission for requireGroups. * * @param requireGroups * @returns true if this.groups contains all group of requireGroups, else then false */ /** * Check if instance has enough permission for requireGroups. * * @param {?} requireGroups * @return {?} true if this.groups contains all group of requireGroups, else then false */ UserGroups.prototype.hasPermission = /** * Check if instance has enough permission for requireGroups. * * @param {?} requireGroups * @return {?} true if this.groups contains all group of requireGroups, else then false */ function (requireGroups) { for (var /** @type {?} */ i = 0; i < requireGroups.length; i++) { if (this.groups.indexOf(requireGroups[i]) > 0) { return true; } } return false; }; return UserGroups; }()); /** * @fileoverview added by tsickle * @suppress {checkTypes} checked by tsc */ /** * VixAuthService is the interface exported to users. It wraps all API and methods. */ var VixAuthService = /** @class */ (function () { function VixAuthService(oauth, authConfig, okta) { this.oauth = oauth; this.authConfig = authConfig; this.okta = okta; this.oktaAuth = new OktaAuth({ url: this.authConfig.getUrl(), issuer: this.authConfig.getIssuer() }); } /** * Check permissions by userGroups and requireGroups * * @param userGroups groups users are in * @param requireGroups groups application requires user to have * @returns true/false */ /** * Check permissions by userGroups and requireGroups * * @param {?} userGroups groups users are in * @param {?} requireGroups groups application requires user to have * @return {?} true/false */ VixAuthService.hasPermission = /** * Check permissions by userGroups and requireGroups * * @param {?} userGroups groups users are in * @param {?} requireGroups groups application requires user to have * @return {?} true/false */ function (userGroups, requireGroups) { return userGroups.hasPermission(requireGroups); }; /** * Use tokenManager to store userId * TODO: actually I have problems in create a cache object to hold all these cache variables, so I use tokenManager to do these works. * TODO: need to create a share service to provide cache service * * @param userId */ /** * Use tokenManager to store userId * TODO: actually I have problems in create a cache object to hold all these cache variables, so I use tokenManager to do these works. * TODO: need to create a share service to provide cache service * * @param {?} userId * @return {?} */ VixAuthService.prototype.setUserId = /** * Use tokenManager to store userId * TODO: actually I have problems in create a cache object to hold all these cache variables, so I use tokenManager to do these works. * TODO: need to create a share service to provide cache service * * @param {?} userId * @return {?} */ function (userId) { var /** @type {?} */ obj = { accessToken: 'userId', expiresAt: Math.round((new Date()).getTime() / 1000 + 3600), scopes: [userId] }; this.oktaAuth.tokenManager.add('userId', obj); }; /** * Get userId from tokenManager * @returns */ /** * Get userId from tokenManager * @return {?} */ VixAuthService.prototype.getUserId = /** * Get userId from tokenManager * @return {?} */ function () { var /** @type {?} */ userIdObj = this.oktaAuth.tokenManager.get('userId'); if (userIdObj) { return this.oktaAuth.tokenManager.get('userId').scopes[0]; } else { return null; } }; /** * Store userGroup and shared among browsers by TokenManager with key 'userGroup' * * @param userGroups */ /** * Store userGroup and shared among browsers by TokenManager with key 'userGroup' * * @param {?} userGroups * @return {?} */ VixAuthService.prototype.setCurrentUserGroups = /** * Store userGroup and shared among browsers by TokenManager with key 'userGroup' * * @param {?} userGroups * @return {?} */ function (userGroups) { var /** @type {?} */ obj = { accessToken: 'userGroups', expiresAt: Math.round((new Date()).getTime() / 1000 + 3600), scopes: userGroups.groups }; this.oktaAuth.tokenManager.add('userGroups', obj); }; /** * Get stored userGroups and refresh if expires * * @returns */ /** * Get stored userGroups and refresh if expires * * @return {?} */ VixAuthService.prototype.getLoginUserGroups = /** * Get stored userGroups and refresh if expires * * @return {?} */ function () { return __awaiter(this, void 0, void 0, function () { var userGroupsTokenObj, nowSecond, tmpUserGroups, userGroups; return __generator(this, function (_a) { switch (_a.label) { case 0: userGroupsTokenObj = this.oktaAuth.tokenManager.get('userGroups'); nowSecond = (new Date()).getTime() / 1000; if (!(!userGroupsTokenObj || nowSecond > userGroupsTokenObj.expireAt)) return [3 /*break*/, 2]; return [4 /*yield*/, this.getUserGroups(this.getUserId())]; case 1: tmpUserGroups = _a.sent(); this.setCurrentUserGroups(tmpUserGroups); _a.label = 2; case 2: userGroups = new UserGroups(null); userGroups.groups = this.oktaAuth.tokenManager.get('userGroups').scopes; return [2 /*return*/, userGroups]; } }); }); }; /** * Get current login userInfo * TODO: we can cache user info includes groups information when finished login * * @returns */ /** * Get current login userInfo * TODO: we can cache user info includes groups information when finished login * * @return {?} */ VixAuthService.prototype.getUserInfo = /** * Get current login userInfo * TODO: we can cache user info includes groups information when finished login * * @return {?} */ function () { return __awaiter(this, void 0, void 0, function () { var oktaUserInfo; return __generator(this, function (_a) { switch (_a.label) { case 0: if (!this.isLogin()) return [3 /*break*/, 3]; return [4 /*yield*/, this.okta.getUserInfo(this.getUserId())]; case 1: oktaUserInfo = _a.sent(); return [4 /*yield*/, new UserInfo(oktaUserInfo)]; case 2: return [2 /*return*/, _a.sent()]; case 3: return [2 /*return*/, Promise.reject('not login')]; } }); }); }; /** * get userGroup by given userId * * @param userId * @returns */ /** * get userGroup by given userId * * @param {?} userId * @return {?} */ VixAuthService.prototype.getUserGroups = /** * get userGroup by given userId * * @param {?} userId * @return {?} */ function (userId) { return __awaiter(this, void 0, void 0, function () { var oktaUserGroups, err_1; return __generator(this, function (_a) { switch (_a.label) { case 0: if (!this.isLogin()) return [3 /*break*/, 6]; _a.label = 1; case 1: _a.trys.push([1, 4, , 5]); return [4 /*yield*/, this.okta.getUserGroups(userId)]; case 2: oktaUserGroups = _a.sent(); return [4 /*yield*/, new UserGroups(oktaUserGroups)]; case 3: return [2 /*return*/, _a.sent()]; case 4: err_1 = _a.sent(); console.log('getUserGroups err', err_1); // return new UserGroups(null); return [3 /*break*/, 5]; case 5: return [3 /*break*/, 7]; case 6: return [2 /*return*/, null]; case 7: return [2 /*return*/]; } }); }); }; /** * Return if already login by check the existence of accessToken * * @returns */ /** * Return if already login by check the existence of accessToken * * @return {?} */ VixAuthService.prototype.isLogin = /** * Return if already login by check the existence of accessToken * * @return {?} */ function () { return !!this.getUserId(); }; /** * Redirect to url for Google login */ /** * Redirect to url for Google login * @param {?} redirectUrl * @return {?} */ VixAuthService.prototype.loginWithGoogle = /** * Redirect to url for Google login * @param {?} redirectUrl * @return {?} */ function (redirectUrl) { window.location.href = this.authConfig.getUrl() + "/oauth2/v1/authorize?" + ("idp=0oadulhuz78SMW8cD0h7&client_id=" + this.authConfig.getClientId() + "&response_type=id_token&") + "response_mode=fragment&scope=openid&scope=email&scope=picture&scope=name&" + ("state=WM6D&nonce=YsG76jo&redirect_uri=" + redirectUrl); }; /** * Login by username and password * * @param username * @param password * @returns */ /** * Login by username and password * * @param {?} username * @param {?} password * @return {?} */ VixAuthService.prototype.loginWithPassword = /** * Login by username and password * * @param {?} username * @param {?} password * @return {?} */ function (username, password) { return __awaiter(this, void 0, void 0, function () { var nonce, signInResponse, session; return __generator(this, function (_a) { switch (_a.label) { case 0: return [4 /*yield*/, this.oauth.createAndSaveNonce()]; case 1: nonce = _a.sent(); return [4 /*yield*/, this.oktaAuth.signIn({ username: username, password: password })]; case 2: signInResponse = _a.sent(); if (!(signInResponse.status === 'SUCCESS')) return [3 /*break*/, 5]; return [4 /*yield*/, this.oktaAuth.token.getWithoutPrompt({ clientId: this.authConfig.getClientId(), responseType: ['id_token', 'token'], scopes: ['openid', 'profile', 'email'], sessionToken: signInResponse.sessionToken, nonce: nonce, redirectUri: window.location.origin })]; case 3: _a.sent(); return [4 /*yield*/, this.getSession()]; case 4: session = _a.sent(); if (session.status === 'ACTIVE') { console.log('session ACTIVE'); this.setUserId(session.userId); } return [2 /*return*/, Promise.resolve('login successfully')]; case 5: return [2 /*return*/, Promise.reject('username or password error')]; } }); }); }; /** * List all groups * * @return {?} */ VixAuthService.prototype.listGroups = /** * List all groups * * @return {?} */ function () { return __awaiter(this, void 0, void 0, function () { return __generator(this, function (_a) { switch (_a.label) { case 0: return [4 /*yield*/, this.okta.listGroups()]; case 1: return [2 /*return*/, _a.sent()]; } }); }); }; /** * Get session * * @return {?} */ VixAuthService.prototype.getSession = /** * Get session * * @return {?} */ function () { return __awaiter(this, void 0, void 0, function () { return __generator(this, function (_a) { switch (_a.label) { case 0: return [4 /*yield*/, this.oktaAuth.session.get()]; case 1: return [2 /*return*/, _a.sent()]; } }); }); }; /** * Navigate browser to login page * @return {?} */ VixAuthService.prototype.navigateToLoginPage = /** * Navigate browser to login page * @return {?} */ function () { console.log('navigateToLoginPage:', this.authConfig.getLoginUrl()); document.location.href = this.authConfig.getLoginUrl(); }; /** * Navigate browser to redirect page */ /** * Navigate browser to redirect page * @return {?} */ VixAuthService.prototype.navigateToRedirectPage = /** * Navigate browser to redirect page * @return {?} */ function () { console.log('navigateToRedirectPage:', this.authConfig.getRedirectUrl()); document.location.href = this.authConfig.getRedirectUrl(); }; /** * Logout current user and clear token * * @returns */ /** * Logout current user and clear token * * @return {?} */ VixAuthService.prototype.logout = /** * Logout current user and clear token * * @return {?} */ function () { var _this = this; if (this.isLogin()) { this.oktaAuth.tokenManager.clear(); console.log('start to logout'); this.oktaAuth.signOut().then(function () { console.log('logout done, to navigate', _this.authConfig.getLoginUrl()); _this.navigateToLoginPage(); }); } }; VixAuthService.decorators = [ { type: Injectable }, ]; /** @nocollapse */ VixAuthService.ctorParameters = function () { return [ { type: OAuthService, }, { type: AuthConfigService, }, { type: OktaService, }, ]; }; return VixAuthService; }()); /** * @fileoverview added by tsickle * @suppress {checkTypes} checked by tsc */ /** * Auth guard will check user groups and app required groups and * judge user can view the route or not */ var VixAuthGuard = /** @class */ (function () { /** * @param auth * @param authConfig * @param router */ function VixAuthGuard(auth, authConfig, router) { this.auth = auth; this.authConfig = authConfig; this.router = router; } /** * compare user groups and app required groups by UserGroups.hasPermission() * canActive will cache the user groups information by 1 hour. * * @param route * @param state * @returns */ /** * compare user groups and app required groups by UserGroups.hasPermission() * canActive will cache the user groups information by 1 hour. * * @param {?} route * @param {?} state * @return {?} */ VixAuthGuard.prototype.canActivate = /** * compare user groups and app required groups by UserGroups.hasPermission() * canActive will cache the user groups information by 1 hour. * * @param {?} route * @param {?} state * @return {?} */ function (route, state) { return __awaiter(this, void 0, void 0, function () { var currentUserGroups, requireGroups; return __generator(this, function (_a) { switch (_a.label) { case 0: console.log('in authguard'); if (!this.auth.isLogin()) { alert('Please login first.'); this.auth.navigateToLoginPage(); return [2 /*return*/, false]; } return [4 /*yield*/, this.auth.getLoginUserGroups()]; case 1: currentUserGroups = _a.sent(); requireGroups = /** @type {?} */ (route.data['groups']); if (VixAuthService.hasPermission(currentUserGroups, requireGroups)) { return [2 /*return*/, true]; } alert('Insufficient permissions. Please contact renjie@visenze.com'); // this.auth.navigateToLoginPage(); this.auth.navigateToRedirectPage(); return [2 /*return*/, false]; } }); }); }; VixAuthGuard.decorators = [ { type: Injectable }, ]; /** @nocollapse */ VixAuthGuard.ctorParameters = function () { return [ { type: VixAuthService, }, { type: AuthConfigService, }, { type: Router, }, ]; }; return VixAuthGuard; }()); /** * @fileoverview added by tsickle * @suppress {checkTypes} checked by tsc */ var VixAuthModule = /** @class */ (function () { function VixAuthModule() { } /** * @param {?} config * @return {?} */ VixAuthModule.forRoot = /** * @param {?} config * @return {?} */ function (config) { return { ngModule: VixAuthModule, providers: [ { provide: VixAuthConfig, useValue: config } ] }; }; VixAuthModule.decorators = [ { type: NgModule, args: [{ imports: [ CommonModule, HttpClientModule, ], providers: [ OktaService, VixAuthService, AuthConfigService, ], declarations: [], exports: [] },] }, ]; return VixAuthModule; }()); /** * @fileoverview added by tsickle * @suppress {checkTypes} checked by tsc */ var VixLoginComponent = /** @class */ (function () { function VixLoginComponent(oauth, auth, router, authConfig, cdRef, ngZone) { var _this = this; this.oauth = oauth; this.auth = auth; this.router = router; this.authConfig = authConfig; this.cdRef = cdRef; this.ngZone = ngZone; this.loginFormControl = new FormControl('', [Validators.required, Validators.email]); this.isShowProgressBar = false; this.isShowProgressBar = false; if (this.auth.isLogin()) { console.log('already login in login page'); this.ngZone.run(function () { _this.auth.navigateToRedirectPage(); }); } } /** * @param {?} status * @return {?} */ VixLoginComponent.prototype.toggleProgressBar = /** * @param {?} status * @return {?} */ function (status) { this.isShowProgressBar = status; }; /** * Form control to validate email * * @returns */ /** * Form control to validate email * * @return {?} */ VixLoginComponent.prototype.getErrorMessage = /** * Form control to validate email * * @return {?} */ function () { return this.loginFormControl.hasError('required') ? 'You must enter a value' : this.loginFormControl.hasError('email') ? 'Not a valid email' : ''; }; /** * Login with Google */ /** * Login with Google * @return {?} */ VixLoginComponent.prototype.loginWithGoogle = /** * Login with Google * @return {?} */ function () { this.auth.loginWithGoogle(this.authConfig.getLoginUrl()); }; /** * Login with username and password. Redirect to url after login successfully */ /** * Login with username and password. Redirect to url after login successfully * @return {?} */ VixLoginComponent.prototype.loginWithPassword = /** * Login with username and password. Redirect to url after login successfully * @return {?} */ function () { var _this = this; if (this.loginFormControl.invalid) { alert('Email is not valid!'); return; } this.toggleProgressBar(true); this.auth.loginWithPassword(this.email, this.password) .then(function () { // this.router.navigate([this.authConfig.getRoute()]); // this.router.navigate([this.authConfig.getRoute()]); _this.auth.navigateToRedirectPage(); }) .catch(function (err) { _this.toggleProgressBar(false); console.log('login with username and password failed', err); alert('Username or Password error, cannot login'); }); }; /** * @return {?} */ VixLoginComponent.prototype.ngAfterViewChecked = /** * @return {?} */ function () { this.cdRef.detectChanges(); }; /** * This is used for Google Login. Browser will redirect to the login url after login successfully. * ngAfterViewInit will get the access_token from url and redirect to the url set as redirect url. */ /** * This is used for Google Login. Browser will redirect to the login url after login successfully. * ngAfterViewInit will get the access_token from url and redirect to the url set as redirect url. * @return {?} */ VixLoginComponent.prototype.ngAfterViewInit = /** * This is used for Google Login. Browser will redirect to the login url after login successfully. * ngAfterViewInit will get the access_token from url and redirect to the url set as redirect url. * @return {?} */ function () { var _this = this; var /** @type {?} */ regexp = new RegExp('[#|\?]id_token=([^&]*)[&]{0,1}'); var /** @type {?} */ idTokenRegex = regexp.exec(this.router.url); if (idTokenRegex) { console.log('has idToken', idTokenRegex); this.toggleProgressBar(true); // has idToken in url this.auth.getSession().then(function (session) { if (session.status === 'ACTIVE') { console.log('session ACTIVE'); _this.auth.setUserId(session.userId); _this.ngZone.run(function () { _this.auth.navigateToRedirectPage(); }); } else { console.log('session INACTIVE'); _this.ngZone.run(function () { _this.auth.navigateToLoginPage(); }); } }); } }; VixLoginComponent.decorators = [ { type: Component, args: [{ selector: 'vix-log-in', template: "<title>ViSenze Sign In</title>\n<div class=\"background\">\n <img class=\"logo\" src=\"data:image/jpeg;base64,/9j/4AAQSkZJRgABAQEAAAAAAAD/7QFkUGhvdG9zaG9wIDMuMAA4QklNBAQAAAAAAUgcAgUADFZJU0VOWkUgTE9HTxwCDwADQSBGHAIZAApURUNITk9MT0dZHAIeAAgyMDE0MDIxORwCIwAEMDAwMBwCKABaU0VFIFNUT1JZIDIwMTQwMjE5L0hLNjY4MDRMT0dPLCBNTSAoOTg1NjU0KSBNZWRpYSBjb250YWN0OiBPbGl2ZXIgVGFuLCBvbGl2ZXJAdmlzZW56ZS5jb20uHAI3ABcyMDE0MDIxOFQwMDowMDowMC0wNTowMBwCWgAJU0lOR0FQT1JFHAJkAANTR1AcAmUACVNJTkdBUE9SRRwCaQAMVklTRU5aRSBMT0dPHAJuAAtQUiBORVdTV0lSRRwCcwAHVklTRU5aRRwCeAAjVmlTZW56ZSBMb2dvLiAgKFBSTmV3c0ZvdG8vVmlTZW56ZSkcAnoAAlJEHAL6AAoxNDAwIHggMzY3/+EOPUV4aWYAAE1NACoAAAAIAAcBEgADAAAAAQAAAAABGgAFAAAAAQAAAGIBGwAFAAAAAQAAAGoBKAADAAAAAQACAAABMQACAAAAHAAAAHIBMgACAAAAFAAAAI6HaQAEAAAAAQAAAKQAAADQAAAAAAAAAAEAAAAAAAAAAUFkb2JlIFBob3Rvc2hvcCBDUzMgV2luZG93cwAyMDE0OjAyOjE4IDA5OjI3OjA3AAAAAAOgAQADAAAAAQABAACgAgAEAAAAAQAABXigAwAEAAAAAQAAAW8AAAAAAAAABgEDAAMAAAABAAYAAAEaAAUAAAABAAABHgEbAAUAAAABAAABJgEoAAMAAAABAAIAAAIBAAQAAAABAAABLgICAAQAAAABAAANBwAAAAAAAAAAAAAAAQAAAAAAAAAB/9j/4AAQSkZJRgABAgAASABIAAD/7QAMQWRvYmVfQ00AAf/uAA5BZG9iZQBkgAAAAAH/2wCEAAwICAgJCAwJCQwRCwoLERUPDAwPFRgTExUTExgRDAwMDAwMEQwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwBDQsLDQ4NEA4OEBQODg4UFA4ODg4UEQwMDAwMEREMDAwMDAwRDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDP/AABEIACoAoAMBIgACEQEDEQH/3QAEAAr/xAE/AAABBQEBAQEBAQAAAAAAAAADAAECBAUGBwgJCgsBAAEFAQEBAQEBAAAAAAAAAAEAAgMEBQYHCAkKCxAAAQQBAwIEAgUHBggFAwwzAQACEQMEIRIxBUFRYRMicYEyBhSRobFCIyQVUsFiMzRygtFDByWSU/Dh8WNzNRaisoMmRJNUZEXCo3Q2F9JV4mXys4TD03Xj80YnlKSFtJXE1OT0pbXF1eX1VmZ2hpamtsbW5vY3R1dnd4eXp7fH1+f3EQACAgECBAQDBAUGBwcGBTUBAAIRAyExEgRBUWFxIhMFMoGRFKGxQiPBUtHwMyRi4XKCkkNTFWNzNPElBhaisoMHJjXC0kSTVKMXZEVVNnRl4vKzhMPTdePzRpSkhbSVxNTk9KW1xdXl9VZmdoaWprbG1ub2JzdHV2d3h5ent8f/2gAMAwEAAhEDEQA/AOMRKcXKvbY6iiy5tLd9zq2OeGN/0lpra70q/b9N6Gum/wAXWUyr6yDDt1p6lRbjPaTAmPXZ/wBGqyv/AK6tWcjGJkNaFuXjiJSETpbztGNk5JcMamy81t32Cpjn7WDmyz0w7ZX/AC3Ia6votVvRPql9ZMmyG5L7W9Irnnc0mrI2/wBnJc//AKyuU+HCUZcRl2BoJnDhEe53bWD06/ONnpFrW1N3Pe8wB+6P7SqrW6R0K7qHSuq9TryRQ3ple59W0k2tc11hZ6jXs9P+b/ctWShEkzn6gQKqNfL3uX6XEmYiMeOokSPFxSuxPX08Mf0OFJj4+RlXCjFpsyLnAltVTHWPIH0jsrDnJ8nEy8Sz0cui3Gtjd6dzHVug/nbbA32rrPqRY+/o3Wel9LuGJ1/JDbMW0kNc+pgbuopsP0Ht/T+//A/afX/MXL5+T1O+/wBPqdt9uRjTUW5LnOsYZl9TjaXP+kkJkzlHQcP+N/eVKAEIy1Jl/i+TV45V0dF62YjpuYZ4jHu1n/raoW/zT/6p/IvS/rw363HqGI7ohzfsoxG+qcVxDPU3P3b9p/nPT2pTmYyiBXqvWXgnHjEokm9P3XzdTrx8i5lj6arLWUt33OYxzgxv+kucwO9Jn8uxDEQI47Ltf8Wt+NjN67fmN3YlWJW/IbG4Gtv2h1vs/P8A0e5HJPhiZAXS3HATlwnR4+rGybmWPppstZS3fc+tjnNY39+5zA5tTNPp2Ia7npHSX9Gp+unTiS6qrAJx7Od9L68t+PZu/P8A0btj/wDhfUXDIQnxGVbCq/whxJyY+AR7m7+ibHws7L3fZMa7J2Rv9Gt9m2fo7/Sa/Zu2qV/TepY1fq5OHkY9UhvqW02Vtk/RbvsY1u5yn07O6vjWej0rIuouynMYK6HlhseT6dLHbfpe6xdF9fs+6t2D9XHZD8o9Mqa/MvscXOsybGzueX/6Op+9n/hnZ/g0jKQmI6a/bwhUYRMDI3p9nE8krNXS+q31tuowcm6p4llldFj2OE7fZYxjmO9yrLvXt+sDvqF0H9hfafW3v9b7ISHbJv8A5zaR7N6WSZjw1XqNaqxQEuK70F6PCWVW02OquY6q1h2vre0tc0j817Hw5jlFFzDlnLuOaXnLDyMg2mX7x7X+p/LbtQk8bMZ3f//Q4xHwM13T8/Gz2iTiXV3R4hjg97f7bPagImNj25WTTi0gG3IsZTWCYBfY4Vs3H+u5a5qjezlRuxW9va/4yPs2DTidLxHbm5eRf1S/zdYdtTv6rvWv/wC21wy0X9E6mKRk5BazHDf6Ra8lga2/9mubu2vd+iytu9lf0Kra7U9/1fzqG2ue+k+jk/YXbXuM5A9PfQ39Ft/Resz1LLfTq/0b7FHj4YREeK/FkyCc5cXDQdz6pAn6o/Wv/iB/57uXIq5b07PxmZIcdrKMsYF7WvMG/wDSezaP5yv9BZ+kUsno+Vibhkvpqs9Wymulz/fY6qz7Jc6hob/NtyGvra+51Pq+nb6PqemjGhKRv5z+xUhIxiOEjgBtXTOl9by5zOkUXWvxLGj1Mcj1K7CC6twbuD+30/5v/SLf/wAYQabOk2Zba2ddfi/5WZUQYcBV6PqbPZu3/aNn8j/gvSWTV9X+t15d9OG/9Pi2042Q+ix7NlmRY/FqY9+2lzmevV6dljP0f0FRycCyjGxsx9tVjc4OsqDHOc8hrjVa+3exv0bmPp+n/OIaGYlxDTtv6h+knWOMx4TruT8un7rTt/mn/wBU/kXo/wBe+lfWbM6liP6TTlPoGG1lnoWbGb9z9zXt9Wr3bCuLHQeonHZkhrDTbULq37/pM9LKy3Rp/OVVdOyvWr/wdv6P89GPRetNyvsnrTe2zGoe1t7/AGWZYc7Erc/6DvZXvfZT6tP836dliE6MokSHpvfXdOPijEgxOvbRyeNPDRdV9ShPSfrTpp+zTP8AmZawm9Gz3Y+LkhjRVnVZF+OS6JZiNdZk7m/mO2N3U/6VC6di5WdlMw8R22zIDh7nljS1rXXP9VzfzG11vTp1KJF/X+6f/QVkOKEwTE66V5vc/V3Po6h9RurmzXqPTum24Vj51djCu63BLv8Ai919P/W7V58tJ/Quq0NsDtrbPtH2H0WPLnW2kUuFNfoh1L2OblUfz1tbE9X1ez7rX1UWUWlln2drm2eyzJh9n2Gix7GMsytlT/8AgP5v9P8Ap6PUbARiZHi0kb8l+TjmIjh1iHY/xe9Ksu6hkdZdQ7Iq6TU59NTQJtyXNd6VNe/2b2V7v+Lstx3rH6z0n6w4z39S6ziPx3Zlzi+12yDbZuucxore/wDdfs/kMUcfpXUX2YuLTexmTnbH04guLbNtrTbRbaxn6Kv1am7/AOc9fY+n1ameopDonVrn01WvDTe7HZW2612lmULji1PbFnp2v+zW1P8A9FZ/OJbTMuIa1/iqomAhwHT/AKTmLu7sHreZ9Qegs6PXfZax73WDHfsIb+nHuO+r27lyv7BzQ0Wutx240XOOU62KmtosrxLnvds9X+k31U1fof0v/Fqb+iddootseH1V432gWj1SA04rmMya4Y7Zv/TNsp2/z9f6WtKfDLhqQ9JvVGMShxXE+oVo0czHy8bLtozWuZlMd+mbYdz9x9/vdL9znbt27cgpOc5xLnEuceXEkk/FxSUoYTvo/wD/0eMRcTJsw8ujMqANmNay6sOktLq3NtZvgt9u5iH9yX3LXNUb2coXYre9HRt+sHULsC7pz9n2a8NDmAO0LMi3qLbK/f7bPWybKn/v4/p/n1+opWfWLNtryK311H7TmO6gSDa3bc81udtrZcKbaf0DNleTXesz7kvuUf6vw3/5zJ+u8dv+a6WR16zIGUH4eOBmZAzbA03e3JHq/rFc5B/7kWfoX78f/glO36zZ9teS19VBflG0Ot2uDmsvv/aNuOyLPTfV9r32U+uy66j1bv0vvWV9yX3Jfq9NvBP67Xfxdqv639Vp6jZ1HHbVTfdczItANr2ucwZLfT233W7aLW512+lnsr/RfZ/RWVdl23Y2JjPDRXhMfXURMkWWPyn+pr9L1LXfR/MQvuS+5GPt36avT8vSifu16rpvVdczqsbFxW7DVgjKbQHAn+msdTkb/d7vTa+x2P8Auep/hFYq+s2ZT6IZRQWYzKG47Hes7Y7Fddbh3+o/I9V7qHZd2ym2z7L6Xp0+h6dSyfuS+5A+31r+RSPerS+jqt+s2eKqqH1Y9lGOwV1VOYWwz7M/pVrPVpfVe718Z++3fb/P11+j6Vf6JU8LqNuB1BufiMZXZWXmqv3ljPUY+mGONnr/AKNlv6J/repvVb7kvuRHBRqqrXtS0+5Yu7vTu6jvrJ1A17dtbbhezLbkM9RrvtDG47PtNlTbfsmRZa7Cqvu+04936xZfb/hU9X1kyKLHvx8TFqBuGXUwNtc2rK2vr+247bL3/pNtn8xb6uJ+io/Qfollfcl9yH6qui79d4urj/WXOx6qGNqpc6h1Lja4PLrPs1dmJii5rbW0/o8e30n21V1XXelR6v8ANqLvrJ1J91N9vp2W0WYdwe8OJe/AFjMZ1x9T3er67/tX+k/wfpLM+5L7kv1Xgr9d4ug3rmR9nbiXUU34oF7bKXh4Fjci6vOe2x1NtVv6LJoqfR6T6/5fqItv1o6rdj5OPaWOZmtuGRo4bjfYzIc+A/ZvodX6eN/o6X2V/pFlfcl9yX6vw3/5yv13iskn+5L7lIwv/9n/4gxYSUNDX1BST0ZJTEUAAQEAAAxITGlubwIQAABtbnRyUkdCIFhZWiAHzgACAAkABgAxAABhY3NwTVNGVAAAAABJRUMgc1JHQgAAAAAAAAAAAAAAAQAA9tYAAQAAAADTLUhQICAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABFjcHJ0AAABUAAAADNkZXNjAAABhAAAAGx3dHB0AAAB8AAAABRia3B0AAACBAAAABRyWFlaAAACGAAAABRnWFlaAAACLAAAABRiWFlaAAACQAAAABRkbW5kAAACVAAAAHBkbWRkAAACxAAAAIh2dWVkAAADTAAAAIZ2aWV3AAAD1AAAACRsdW1pAAAD+AAAABRtZWFzAAAEDAAAACR0ZWNoAAAEMAAAAAxyVFJDAAAEPAAACAxnVFJDAAAEPAAACAxiVFJDAAAEPAAACAx0ZXh0AAAAAENvcHlyaWdodCAoYykgMTk5OCBIZXdsZXR0LVBhY2thcmQgQ29tcGFueQAAZGVzYwAAAAAAAAASc1JHQiBJRUM2MTk2Ni0yLjEAAAAAAAAAAAAAABJzUkdCIElFQzYxOTY2LTIuMQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWFlaIAAAAAAAAPNRAAEAAAABFsxYWVogAAAAAAAAAAAAAAAAAAAAAFhZWiAAAAAAAABvogAAOPUAAAOQWFlaIAAAAAAAAGKZAAC3hQAAGNpYWVogAAAAAAAAJKAAAA+EAAC2z2Rlc2MAAAAAAAAAFklFQyBodHRwOi8vd3d3LmllYy5jaAAAAAAAAAAAAAAAFklFQyBodHRwOi8vd3d3LmllYy5jaAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABkZXNjAAAAAAAAAC5JRUMgNjE5NjYtMi4xIERlZmF1bHQgUkdCIGNvbG91ciBzcGFjZSAtIHNSR0IAAAAAAAAAAAAAAC5JRUMgNjE5NjYtMi4xIERlZmF1bHQgUkdCIGNvbG91ciBzcGFjZSAtIHNSR0IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAZGVzYwAAAAAAAAAsUmVmZXJlbmNlIFZpZXdpbmcgQ29uZGl0aW9uIGluIElFQzYxOTY2LTIuMQAAAAAAAAAAAAAALFJlZmVyZW5jZSBWaWV3aW5nIENvbmRpdGlvbiBpbiBJRUM2MTk2Ni0yLjEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHZpZXcAAAAAABOk/gAUXy4AEM8UAAPtzAAEEwsAA1yeAAAAAVhZWiAAAAAAAEwJVgBQAAAAVx/nbWVhcwAAAAAAAAABAAAAAAAAAAAAAAAAAAAAAAAAAo8AAAACc2lnIAAAAABDUlQgY3VydgAAAAAAAAQAAAAABQAKAA8AFAAZAB4AIwAoAC0AMgA3ADsAQABFAEoATwBUAFkAXgBjAGgAbQByAHcAfACBAIYAiwCQAJUAmgCfAKQAqQCuALIAtwC8AMEAxgDLANAA1QDbAOAA5QDrAPAA9gD7AQEBBwENARMBGQEfASUBKwEyATgBPgFFAUwBUgFZAWABZwFuAXUBfAGDAYsBkgGaAaEBqQGxAbkBwQHJAdEB2QHhAekB8gH6AgMCDAIUAh0CJgIvAjgCQQJLAlQCXQJnAnECegKEAo4CmAKiAqwCtgLBAssC1QLgAusC9QMAAwsDFgMhAy0DOANDA08DWgNmA3IDfgOKA5YDogOuA7oDxwPTA+AD7AP5BAYEEwQgBC0EOwRIBFUEYwRxBH4EjASaBKgEtgTEBNME4QTwBP4FDQUcBSsFOgVJBVgFZwV3BYYFlgWmBbUFxQXVBeUF9gYGBhYGJwY3BkgGWQZqBnsGjAadBq8GwAbRBuMG9QcHBxkHKwc9B08HYQd0B4YHmQesB78H0gflB/gICwgfCDIIRghaCG4IggiWCKoIvgjSCOcI+wkQCSUJOglPCWQJeQmPCaQJugnPCeUJ+woRCicKPQpUCmoKgQqYCq4KxQrcCvMLCwsiCzkLUQtpC4ALmAuwC8gL4Qv5DBIMKgxDDFwMdQyODKcMwAzZDPMNDQ0mDUANWg10DY4NqQ3DDd4N+A4TDi4OSQ5kDn8Omw62DtIO7g8JDyUPQQ9eD3oPlg+zD88P7BAJECYQQxBhEH4QmxC5ENcQ9RETETERTxFtEYwRqhHJEegSBxImEkUSZBKEEqMSwxLjEwMTIxNDE2MTgxOkE8UT5RQGFCcUSRRqFIsUrRTOFPAVEhU0FVYVeBWbFb0V4BYDFiYWSRZsFo8WshbWFvoXHRdBF2UXiReuF9IX9xgbGEAYZRiKGK8Y1Rj6GSAZRRlrGZEZtxndGgQaKhpRGncanhrFGuwbFBs7G2MbihuyG9ocAhwqHFIcexyjHMwc9R0eHUcdcB2ZHcMd7B4WHkAeah6UHr4e6R8THz4faR+UH78f6iAVIEEgbCCYIMQg8CEcIUghdSGhIc4h+yInIlUigiKvIt0jCiM4I2YjlCPCI/AkHyRNJHwkqyTaJQklOCVoJZclxyX3JicmVyaHJrcm6CcYJ0kneierJ9woDSg/KHEooijUKQYpOClrKZ0p0CoCKjUqaCqbKs8rAis2K2krnSvRLAUsOSxuLKIs1y0MLUEtdi2rLeEuFi5MLoIuty7uLyQvWi+RL8cv/jA1MGwwpDDbMRIxSjGCMbox8jIqMmMymzLUMw0zRjN/M7gz8TQrNGU0njTYNRM1TTWHNcI1/TY3NnI2rjbpNyQ3YDecN9c4FDhQOIw4yDkFOUI5fzm8Ofk6Njp0OrI67zstO2s7qjvoPCc8ZTykPOM9Ij1hPaE94D4gPmA+oD7gPyE/YT+iP+JAI0BkQKZA50EpQWpBrEHuQjBCckK1QvdDOkN9Q8BEA0RHRIpEzkUSRVVFmkXeRiJGZ0arRvBHNUd7R8BIBUhLSJFI10kdSWNJqUnwSjdKfUrESwxLU0uaS+JMKkxyTLpNAk1KTZNN3E4lTm5Ot08AT0lPk0/dUCdQcVC7UQZRUFGbUeZSMVJ8UsdTE1NfU6pT9lRCVI9U21UoVXVVwlYPVlxWqVb3V0RXklfgWC9YfVjLWRpZaVm4WgdaVlqmWvVbRVuVW+VcNVyGXNZdJ114XcleGl5sXr1fD19hX7NgBWBXYKpg/GFPYaJh9WJJYpxi8GNDY5dj62RAZJRk6WU9ZZJl52Y9ZpJm6Gc9Z5Nn6Wg/aJZo7GlDaZpp8WpIap9q92tPa6dr/2xXbK9tCG1gbbluEm5rbsRvHm94b9FwK3CGcOBxOnGVcfByS3KmcwFzXXO4dBR0cHTMdSh1hXXhdj52m3b4d1Z3s3gReG54zHkqeYl553pGeqV7BHtje8J8IXyBfOF9QX2hfgF+Yn7CfyN/hH/lgEeAqIEKgWuBzYIwgpKC9INXg7qEHYSAhOOFR4Wrhg6GcobXhzuHn4gEiGmIzokziZmJ/opkisqLMIuWi/yMY4zKjTGNmI3/jmaOzo82j56QBpBukNaRP5GokhGSepLjk02TtpQglIqU9JVflcmWNJaflwqXdZfgmEyYuJkkmZCZ/JpomtWbQpuvnByciZz3nWSd0p5Anq6fHZ+Ln/qgaaDYoUehtqImopajBqN2o+akVqTHpTilqaYapoum/adup+CoUqjEqTepqaocqo+rAqt1q+msXKzQrUStuK4trqGvFq+LsACwdbDqsWCx1rJLssKzOLOutCW0nLUTtYq2AbZ5tvC3aLfguFm40blKucK6O7q1uy67p7whvJu9Fb2Pvgq+hL7/v3q/9cBwwOzBZ8Hjwl/C28NYw9TEUcTOxUvFyMZGxsPHQce/yD3IvMk6ybnKOMq3yzbLtsw1zLXNNc21zjbOts83z7jQOdC60TzRvtI/0sHTRNPG1EnUy9VO1dHWVdbY11zX4Nhk2OjZbNnx2nba+9uA3AXcit0Q3ZbeHN6i3ynfr+A24L3hROHM4lPi2+Nj4+vkc+T85YTmDeaW5x/nqegy6LzpRunQ6lvq5etw6/vshu0R7ZzuKO6070DvzPBY8OXxcvH/8ozzGfOn9DT0wvVQ9d72bfb794r4Gfio+Tj5x/pX+uf7d/wH/Jj9Kf26/kv+3P9t////4RXgaHR0cDovL25zLmFkb2JlLmNvbS94YXAvMS4wLwA8P3hwYWNrZXQgYmVnaW49Iu+7vyIgaWQ9Ilc1TTBNcENlaGlIenJlU3pOVGN6a2M5ZCI/PiA8eDp4bXBtZXRhIHhtbG5zOng9ImFkb2JlOm5zOm1ldGEvIiB4OnhtcHRrPSJYTVAgQ29yZSA0LjQuMCI+DQogICAgPHJkZjpSREYgeG1sbnM6cmRmPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5LzAyLzIyLXJkZi1zeW50YXgtbnMjIj4NCiAgICAgICAgPHJkZjpEZXNjcmlwdGlvbiByZGY6YWJvdXQ9IiIgeG1sbnM6ZGM9Imh0dHA6Ly9wdXJsLm9yZy9kYy9lbGVtZW50cy8xLjEvIiB4bWxuczp4bXA9Imh0dHA6Ly9ucy5hZG9iZS5jb20veGFwLzEuMC8iIHhtbG5zOnhtcE1NPSJodHRwOi8vbnMuYWRvYmUuY29tL3hhcC8xLjAvbW0vIiB4bWxuczpzdFJlZj0iaHR0cDovL25zLmFkb2JlLmNvbS94YXAvMS4wL3NUeXBlL1Jlc291cmNlUmVmIyIgeG1sbnM6cGhvdG9zaG9wPSJodHRwOi8vbnMuYWRvYmUuY29tL3Bob3Rvc2hvcC8xLjAvIiB4bWxuczp0aWZmPSJodHRwOi8vbnMuYWRvYmUuY29tL3RpZmYvMS4wLyIgeG1sbnM6ZXhpZj0iaHR0cDovL25zLmFkb2JlLmNvbS9leGlmLzEuMC8iIHhtbG5zOklwdGM0eG1wQ29yZT0iaHR0cDovL2lwdGMub3JnL3N0ZC9JcHRjNHhtcENvcmUvMS4wL3htbG5zLyIgeG1sbnM6Y3VzdG9tPSJodHRwOi8vd3d3LnBybmV3c3dpcmUuY29tL1hNUC8iIGRjOmZvcm1hdD0iaW1hZ2UvanBlZyIgeG1wOkNyZWF0b3JUb29sPSJBZG9iZSBQaG90b3Nob3AgQ1MzIFdpbmRvd3MiIHhtcDpDcmVhdGVEYXRlPSIyMDE0LTAyLTE4VDA5OjI3OjA3LTA1OjAwIiB4bXA6TW9kaWZ5RGF0ZT0iMjAxNC0wMi0xOFQwOToyNzowNy0wNTowMCIgeG1wOk1ldGFkYXRhRGF0ZT0iMjAxNC0wMi0xOFQwOToyNzowNy0wNTowMCIgeG1wTU06RG9jdW1lbnRJRD0idXVpZDpERTRGMEVCNkE4OThFMzExQTEyNTgxN0YzRDVDNkI1MCIgeG1wTU06SW5zdGFuY2VJRD0idXVpZDpDRjc5QTVCRUE4OThFMzExQTEyNTgxN0YzRDVDNkI1MCIgcGhvdG9zaG9wOkNvbG9yTW9kZT0iMyIgcGhvdG9zaG9wOklDQ1Byb2ZpbGU9InNSR0IgSUVDNjE5NjYtMi4xIiBwaG90b3Nob3A6SGlzdG9yeT0iIiBwaG90b3Nob3A6Q2l0eT0iU0lOR0FQT1JFIiBwaG90b3Nob3A6Q291bnRyeT0iU0lOR0FQT1JFIiBwaG90b3Nob3A6RGF0ZUNyZWF0ZWQ9IjIwMTQtMDItMThUMDA6MDA6MDAtMDU6MDAiIHBob3Rvc2hvcDpDYXB0aW9uV3JpdGVyPSJSRCIgcGhvdG9zaG9wOkhlYWRsaW5lPSJWSVNFTlpFIExPR08iIHBob3Rvc2hvcDpJbnN0cnVjdGlvbnM9IlNFRSBTVE9SWSAyMDE0MDIxOS9ISzY2ODA0TE9HTywgTU0gKDk4NTY1NCkgTWVkaWEgY29udGFjdDogT2xpdmVyIFRhbiwgb2xpdmVyQHZpc2VuemUuY29tLiIgcGhvdG9zaG9wOkNyZWRpdD0iUFIgTkVXU1dJUkUiIHBob3Rvc2hvcDpTb3VyY2U9IlZJU0VOWkUiIHRpZmY6T3JpZW50YXRpb249IjEiIHRpZmY6WFJlc29sdXRpb249IjIwMDAwMDAvMTAwMDAiIHRpZmY6WVJlc29sdXRpb249IjIwMDAwMDAvMTAwMDAiIHRpZmY6UmVzb2x1dGlvblVuaXQ9IjIiIHRpZmY6TmF0aXZlRGlnZXN0PSIyNTYsMjU3LDI1OCwyNTksMjYyLDI3NCwyNzcsMjg0LDUzMCw1MzEsMjgyLDI4MywyOTYsMzAxLDMxOCwzMTksNTI5LDUzMiwzMDYsMjcwLDI3MSwyNzIsMzA1LDMxNSwzMzQzMjs0REQ5MDZFRDY0RjAyODIzQUY2MjgwMzAwNDc2NTQxNiIgZXhpZjpQaXhlbFhEaW1lbnNpb249IjE0MDAiIGV4aWY6UGl4ZWxZRGltZW5zaW9uPSIzNjciIGV4aWY6Q29sb3JTcGFjZT0iMSIgZXhpZjpOYXRpdmVEaWdlc3Q9IjM2ODY0LDQwOTYwLDQwOTYxLDM3MTIxLDM3MTIyLDQwOTYyLDQwOTYzLDM3NTEwLDQwOTY0LDM2ODY3LDM2ODY4LDMzNDM0LDMzNDM3LDM0ODUwLDM0ODUyLDM0ODU1LDM0ODU2LDM3Mzc3LDM3Mzc4LDM3Mzc5LDM3MzgwLDM3MzgxLDM3MzgyLDM3MzgzLDM3Mzg0LDM3Mzg1LDM3Mzg2LDM3Mzk2LDQxNDgzLDQxNDg0LDQxNDg2LDQxNDg3LDQxNDg4LDQxNDkyLDQxNDkzLDQxNDk1LDQxNzI4LDQxNzI5LDQxNzMwLDQxOTg1LDQxOTg2LDQxOTg3LDQxOTg4LDQxOTg5LDQxOTkwLDQxOTkxLDQxOTkyLDQxOTkzLDQxOTk0LDQxOTk1LDQxOTk2LDQyMDE2LDAsMiw0LDUsNiw3LDgsOSwxMCwxMSwxMiwxMywxNCwxNSwxNiwxNywxOCwyMCwyMiwyMywyNCwyNSwyNiwyNywyOCwzMDtBRUFBNkEwNzM5RTA4REFGNjZCQUVBQzMzODJDQjlDOSIgSXB0YzR4bXBDb3JlOkNvdW50cnlDb2RlPSJTR1AiIGN1c3RvbTpQaG90b0lkZW50aWZpZXI9IjIwMTQwMjE5L0hLNjY4MDRMT0dPIiBjdXN0b206QWNjb3VudE51bWJlcj0iOTg1NjU0IiBjdXN0b206Q29udGFjdD0iTWVkaWEgY29udGFjdDogT2xpdmVyIFRhbiwgb2xpdmVyQHZpc2VuemUuY29tLiIgY3VzdG9tOlRhZ3M9IlRFQ0hOT0xPR1kiIGN1c3RvbTpEb3dubG9hZGFibGVJbmRpY2F0b3I9IlllcyI+DQogICAgICAgICAgICA8ZGM6dGl0bGU+DQogICAgICAgICAgICAgICAgPHJkZjpBbHQ+DQogICAgICAgICAgICAgICAgICAgIDxyZGY6bGkgeG1sOmxhbmc9IngtZGVmYXVsdCI+VklTRU5aRSBMT0dPPC9yZGY6bGk+DQogICAgICAgICAgICAgICAgPC9yZGY6QWx0Pg0KICAgICAgICAgICAgPC9kYzp0aXRsZT4NCiAgICAgICAgICAgIDxkYzpkZXNjcmlwdGlvbj4NCiAgICAgICAgICAgICAgICA8cmRmOkFsdD4NCiAgICAgICAgICAgICAgICAgICAgPHJkZjpsaSB4bWw6bGFuZz0ieC1kZWZhdWx0Ij5WaVNlbnplIExvZ28uICAoUFJOZXdzRm90by9WaVNlbnplKTwvcmRmOmxpPg0KICAgICAgICAgICAgICAgIDwvcmRmOkFsdD4NCiAgICAgICAgICAgIDwvZGM6ZGVzY3JpcHRpb24+DQogICAgICAgICAgICA8ZGM6c3ViamVjdD4NCiAgICAgICAgICAgICAgICA8cmRmOkJhZz4NCiAgICAgICAgICAgICAgICAgICAgPHJkZjpsaT5URUNITk9MT0dZPC9yZGY6bGk+DQogICAgICAgICAgICAgICAgPC9yZGY6QmFnPg0KICAgICAgICAgICAgPC9kYzpzdWJqZWN0Pg0KICAgICAgICAgICAgPHhtcE1NOkRlcml2ZWRGcm9tIHN0UmVmOmluc3RhbmNlSUQ9InV1aWQ6RDc0RjBFQjZBODk4RTMxMUExMjU4MTdGM0Q1QzZCNTAiIHN0UmVmOmRvY3VtZW50SUQ9InV1aWQ6RDc0RjBFQjZBODk4RTMxMUExMjU4MTdGM0Q1QzZCNTAiIC8+DQogICAgICAgICAgICA8Y3VzdG9tOk1TREV4cGlyYXRpb25EYXRlPjIwMTUtMDItMTlUMDU6MDE6MzlaPC9jdXN0b206TVNERXhwaXJhdGlvbkRhdGU+DQogICAgICAgIDwvcmRmOkRlc2NyaXB0aW9uPg0KICAgICAgICA8cmRmOkRlc2NyaXB0aW9uIHJkZjphYm91dD0idXVpZDphYWExYWM0NS00M2I5LTQ1ZGYtODZjNS03ZWQ4M2JmZDIwNDYiIHhtbG5zOnhtcERNPSJodHRwOi8vbnMuYWRvYmUuY29tL3htcC8xLjAvRHluYW1pY01lZGlhLyI+DQogICAgICAgICAgICA8eG1wRE06cmVsZWFzZURhdGU+MjAxNC0wMi0xOVQwNTowMTozN1o8L3htcERNOnJlbGVhc2VEYXRlPg0KICAgICAgICA8L3JkZjpEZXNjcmlwdGlvbj4NCiAgICA8L3JkZjpSREY+DQo8L3g6eG1wbWV0YT4NCg0KDQogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8P3hwYWNrZXQgZW5kP