From 47dd096da63dd6b0360c23ca18c23da2155617c4 Mon Sep 17 00:00:00 2001 From: mhg <73169169+Marcel-Haag@users.noreply.github.com> Date: Fri, 6 Aug 2021 16:27:17 +0200 Subject: [PATCH] feat: added mongodb to microservice and docker compose --- .gitignore | 4 + c4po.sh | 23 +- security-c4po-api/.gitignore | 1 + security-c4po-api/Dockerfile | 17 +- security-c4po-api/build.gradle.kts | 19 +- .../api/configuration/security/Appuser.kt | 6 +- .../security/AppuserJwtAuthConverter.kt | 41 +- .../security/UserAccountDetailsService.kt | 15 - .../security/WebSecurityConfiguration.kt | 10 +- .../com/securityc4po/api/project/Project.kt | 30 +- .../api/project/ProjectController.kt | 13 +- .../securityc4po/api/project/ProjectEntity.kt | 23 +- .../api/project/ProjectRepository.kt | 13 + .../api/project/ProjectService.kt | 29 +- .../resources/application-COMPOSE.properties | 9 + .../main/resources/application-DEV.properties | 8 + .../src/main/resources/application.properties | 16 +- .../securityc4po/api/BaseContainerizedTest.kt | 96 + .../api/BaseDocumentationIntTest.kt | 2 +- .../com/securityc4po/api/BaseIntTest.kt | 2 +- .../ProjectControllerDocumentationTest.kt | 5 +- .../api/project/ProjectControllerIntTest.kt | 108 +- .../api/project/ProjectServiceTest.kt | 4 +- .../test/resources/collections/projects.json | 26 + .../test/resources/create-keycloak-user.sh | 28 + .../src/test/resources/insert-mongodb-user.js | 12 + .../resources/mocks/Allsafe.png | Bin .../{main => test}/resources/mocks/E_Corp.png | Bin .../resources/mocks/projects.json | 0 .../{main => test}/resources/mocks/user.json | 0 .../test/resources/outdated_realm-export.json | 2230 +++++++++++++++++ .../src/test/resources/realm-export.json | 1813 ++++++++++++++ .../src/test/resources/script_local | 28 + .../backend/docker-compose.backend.yml | 15 +- security-c4po-cfg/cfg/c4po_realm_export.json | 58 +- security-c4po-cfg/cfg/keycloak.env | 2 +- security-c4po-cfg/docker-compose.yml | 89 + .../frontend/docker-compose.frontend.yml | 9 +- .../kc/docker-compose.keycloak.yml | 11 +- .../mongodb/docker-compose.mongodb.yml | 14 + 40 files changed, 4627 insertions(+), 202 deletions(-) create mode 100644 .gitignore delete mode 100644 security-c4po-api/src/main/kotlin/com/securityc4po/api/configuration/security/UserAccountDetailsService.kt create mode 100644 security-c4po-api/src/main/kotlin/com/securityc4po/api/project/ProjectRepository.kt create mode 100644 security-c4po-api/src/main/resources/application-COMPOSE.properties create mode 100644 security-c4po-api/src/main/resources/application-DEV.properties create mode 100644 security-c4po-api/src/test/resources/collections/projects.json create mode 100644 security-c4po-api/src/test/resources/create-keycloak-user.sh create mode 100644 security-c4po-api/src/test/resources/insert-mongodb-user.js rename security-c4po-api/src/{main => test}/resources/mocks/Allsafe.png (100%) rename security-c4po-api/src/{main => test}/resources/mocks/E_Corp.png (100%) rename security-c4po-api/src/{main => test}/resources/mocks/projects.json (100%) rename security-c4po-api/src/{main => test}/resources/mocks/user.json (100%) create mode 100644 security-c4po-api/src/test/resources/outdated_realm-export.json create mode 100644 security-c4po-api/src/test/resources/realm-export.json create mode 100644 security-c4po-api/src/test/resources/script_local create mode 100644 security-c4po-cfg/docker-compose.yml create mode 100644 security-c4po-cfg/mongodb/docker-compose.mongodb.yml diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..2c6a7df --- /dev/null +++ b/.gitignore @@ -0,0 +1,4 @@ +.DS_Store +# Volumes +/security-c4po-cfg/volumes/keycloak/data/* +/security-c4po-cfg/volumes/mongodb/data/* diff --git a/c4po.sh b/c4po.sh index ad09377..d9b6bcd 100755 --- a/c4po.sh +++ b/c4po.sh @@ -1,11 +1,17 @@ #!/bin/bash -docker_reg="c4po.io" baseDir=$(pwd) +composeDir=$baseDir"/security-c4po-cfg" +keycloakVolume="security-c4po-cfg/volumes/keycloak/data/*" +mongoVolume="security-c4po-cfg/volumes/mongodb/data/*" + composeKeycloak=$baseDir"/security-c4po-cfg/kc/docker-compose.keycloak.yml" +composeDatabase=$baseDir"/security-c4po-cfg/mongodb/docker-compose.mongodb.yml" composeFrontend=$baseDir"/security-c4po-cfg/frontend/docker-compose.frontend.yml" composeBackend=$baseDir"/security-c4po-cfg/backend/docker-compose.backend.yml" +compose=$baseDir"/security-c4po-cfg/docker-compose.yml" + echo -e " _______ _______ _______ _ _ ______ _____ _______ __ __ |______ |______ | | | |_____/ | | \_/ @@ -18,12 +24,13 @@ ______| |______ |_____ |_____| | \_ __|__ | | _/_/_/ _/ echo "-------------CLEAN UP Container---------------" echo -e "\n" -#docker rm -f security-c4po-keycloak -#docker rm -f security-c4po-postgres-keycloak -docker rm -f security-c4po-api -docker rm -f security-c4po-angular +rm -r ${keycloakVolume} +docker rm -f c4po-keycloak +docker rm -f c4po-keycloak-postgres +docker rm -f c4po-db +docker rm -f c4po-api +docker rm -f c4po-angular echo -e "\n" - echo "-----------------Start Build------------------" echo -e "\n" echo " - Backend: " @@ -32,7 +39,9 @@ echo -e "\n" echo " - Frontend: " docker-compose -f ${composeFrontend} build echo -e "\n" +# docker-compose -f ${compose} up echo "------------Start Docker Container------------" echo -e "\n" -docker-compose -f ${composeKeycloak} -f ${composeBackend} -f ${composeFrontend} up +docker-compose -f ${composeKeycloak} -f ${composeDatabase} -f ${composeBackend} -f ${composeFrontend} up +# docker-compose -f ${compose} up diff --git a/security-c4po-api/.gitignore b/security-c4po-api/.gitignore index c2065bc..d67cd18 100644 --- a/security-c4po-api/.gitignore +++ b/security-c4po-api/.gitignore @@ -1,5 +1,6 @@ HELP.md .gradle +*.DS_Store build/ !gradle/wrapper/gradle-wrapper.jar !**/src/main/**/build/ diff --git a/security-c4po-api/Dockerfile b/security-c4po-api/Dockerfile index e14b773..8c3ffcf 100644 --- a/security-c4po-api/Dockerfile +++ b/security-c4po-api/Dockerfile @@ -1,7 +1,20 @@ FROM openjdk:11-jre +ENV TZ=Europe/Berlin +RUN groupadd -g 9999 security-c4po-api && \ + useradd -r -u 9999 -g security-c4po-api security-c4po-api +RUN mkdir /data +RUN chown security-c4po-api:security-c4po-api /data +USER security-c4po-api + +# GET CURRENT STAGE +ARG STAGE +ENV ENV_STAGE=$STAGE # COPY PACKAGE INTO IMAGE -COPY ./build/libs/security-c4po-api-0.0.1-SNAPSHOT.jar . +COPY ./build/libs/security-c4po-api-0.0.1-SNAPSHOT.jar / +USER security-c4po-api +EXPOSE 8443 # RUN JAVA -CMD [ "java", "-jar", "security-c4po-api-0.0.1-SNAPSHOT.jar" ] +# CMD [ "java", "-jar", "security-c4po-api-0.0.1-SNAPSHOT.jar" ] +ENTRYPOINT [ "java", "-jar", "-Dspring.profiles.active=${ENV_STAGE}", "security-c4po-api-0.0.1-SNAPSHOT.jar" ] diff --git a/security-c4po-api/build.gradle.kts b/security-c4po-api/build.gradle.kts index 24c2802..828fab9 100644 --- a/security-c4po-api/build.gradle.kts +++ b/security-c4po-api/build.gradle.kts @@ -36,6 +36,8 @@ repositories { mavenCentral() } +apply(plugin = "org.asciidoctor.jvm.convert") + dependencyCheck { autoUpdate = true cveValidForHours = 1 @@ -59,28 +61,33 @@ val snippetsDir = file("build/generated-snippets") dependencies { implementation("com.fasterxml.jackson.datatype:jackson-datatype-joda:2.11.3") - implementation("io.projectreactor.kotlin:reactor-kotlin-extensions:1.1.1") - implementation("javax.websocket:javax.websocket-api:1.1") - implementation("org.springframework.boot:spring-boot-starter-oauth2-resource-server") + implementation("org.springframework.boot:spring-boot-starter-data-mongodb") + implementation("org.springframework.boot:spring-boot-starter-data-mongodb-reactive") + implementation("org.springframework.boot:spring-boot-starter-webflux") implementation("org.springframework.boot:spring-boot-starter-actuator") + implementation("io.projectreactor.kotlin:reactor-kotlin-extensions:1.1.1") implementation("com.fasterxml.jackson.module:jackson-module-kotlin") - /*implementation("org.springframework.boot:spring-boot-starter-data-mongodb-reactive") - implementation("org.springframework.boot:spring-boot-starter-data-mongodb")*/ implementation("org.jetbrains.kotlin:kotlin-reflect") implementation("org.jetbrains.kotlin:kotlin-stdlib-jdk8") implementation("com.github.spotbugs:spotbugs-annotations:4.1.2") + + implementation("org.springframework.boot:spring-boot-starter-oauth2-resource-server") + implementation("org.springframework.boot:spring-boot-starter-oauth2-client") + implementation("com.auth0:java-jwt:3.18.1") implementation("org.modelmapper:modelmapper:2.3.2") - api("org.springframework.boot:spring-boot-starter-test") api("org.springframework.security:spring-security-jwt:1.1.1.RELEASE") + testImplementation("org.springframework.boot:spring-boot-starter-test") testImplementation("com.nhaarman.mockitokotlin2:mockito-kotlin:2.1.0") testImplementation("io.projectreactor:reactor-test") testImplementation("org.junit.jupiter:junit-jupiter-api:5.3.1") testImplementation("org.junit.jupiter:junit-jupiter-engine:5.3.1") testImplementation("org.springframework.cloud:spring-cloud-contract-wiremock:2.1.0.RELEASE") testImplementation("org.springframework.restdocs:spring-restdocs-webtestclient") + testImplementation("com.github.spotbugs:spotbugs-annotations:4.1.2") + testApi("org.testcontainers:junit-jupiter:1.15.2") } jacoco { diff --git a/security-c4po-api/src/main/kotlin/com/securityc4po/api/configuration/security/Appuser.kt b/security-c4po-api/src/main/kotlin/com/securityc4po/api/configuration/security/Appuser.kt index bb6ad3e..0db770d 100644 --- a/security-c4po-api/src/main/kotlin/com/securityc4po/api/configuration/security/Appuser.kt +++ b/security-c4po-api/src/main/kotlin/com/securityc4po/api/configuration/security/Appuser.kt @@ -5,7 +5,11 @@ import org.springframework.security.core.authority.SimpleGrantedAuthority import org.springframework.security.core.GrantedAuthority import org.springframework.security.core.userdetails.UserDetails -class Appuser : UserDetails { +class Appuser internal constructor( + val sub: String, + val extractedUsername: String, + val token: String +) : UserDetails { override fun getAuthorities(): Collection { return listOf("user").stream().map { diff --git a/security-c4po-api/src/main/kotlin/com/securityc4po/api/configuration/security/AppuserJwtAuthConverter.kt b/security-c4po-api/src/main/kotlin/com/securityc4po/api/configuration/security/AppuserJwtAuthConverter.kt index 68bf153..d1616b5 100644 --- a/security-c4po-api/src/main/kotlin/com/securityc4po/api/configuration/security/AppuserJwtAuthConverter.kt +++ b/security-c4po-api/src/main/kotlin/com/securityc4po/api/configuration/security/AppuserJwtAuthConverter.kt @@ -9,19 +9,33 @@ import org.springframework.security.core.GrantedAuthority import org.springframework.security.core.authority.SimpleGrantedAuthority import org.springframework.security.oauth2.jwt.Jwt import reactor.core.publisher.Mono +import reactor.kotlin.core.publisher.toMono import java.util.stream.Collectors /** JWT converter that takes the roles from 'groups' claim of JWT token. */ -class AppuserJwtAuthConverter( - private val appuserDetailsService: UserAccountDetailsService) : Converter> { +class AppuserJwtAuthConverter : Converter> { override fun convert(jwt: Jwt): Mono { val authorities = extractAuthorities(jwt) - return appuserDetailsService - .findByUsername(jwt.getClaimAsString("sub")) - .map { u -> - UsernamePasswordAuthenticationToken(u, "n/a", authorities); - } + val sub = extractSub(jwt) + val username = extractUserName(jwt) + return UsernamePasswordAuthenticationToken(Appuser(sub, username, jwt.tokenValue!!), "n/a", authorities).toMono() + } + + private fun extractSub(jwt: Jwt): String { + val sub = jwt.getClaims().get(SUB).toString() + if (sub.isEmpty() || sub.equals("null")) { + return "n/a" + } + return sub + } + + private fun extractUserName(jwt: Jwt): String { + val username = jwt.getClaims().get(USERNAME).toString() + if (username.isEmpty() || username.equals("null")) { + return "n/a" + } + return username } private fun extractAuthorities(jwt: Jwt): Collection { @@ -35,19 +49,18 @@ class AppuserJwtAuthConverter( private fun getScopes(jwt: Jwt): Collection { val mapper = ObjectMapper() val scopes = jwt.getClaims().get(GROUPS_CLAIM).toString() - if (scopes != null) { - val roleStringValue = mapper.readTree(scopes).get("roles").toString() - val roles = mapper.readValue>(roleStringValue) - if (!roles.isEmpty()){ - return roles - } + val roleStringValue = mapper.readTree(scopes).get("roles").toString() + val roles = mapper.readValue>(roleStringValue) + if (!roles.isEmpty()){ + return roles } - return emptyList() } companion object { private val GROUPS_CLAIM = "realm_access" private val ROLE_PREFIX = "ROLE_" + private val SUB = "sub" + private val USERNAME = "username" } } diff --git a/security-c4po-api/src/main/kotlin/com/securityc4po/api/configuration/security/UserAccountDetailsService.kt b/security-c4po-api/src/main/kotlin/com/securityc4po/api/configuration/security/UserAccountDetailsService.kt deleted file mode 100644 index 39618f2..0000000 --- a/security-c4po-api/src/main/kotlin/com/securityc4po/api/configuration/security/UserAccountDetailsService.kt +++ /dev/null @@ -1,15 +0,0 @@ -package com.securityc4po.api.configuration.security - -import org.springframework.security.core.userdetails.ReactiveUserDetailsService -import org.springframework.security.core.userdetails.UserDetails -import org.springframework.stereotype.Service -import reactor.core.publisher.Mono -import reactor.kotlin.core.publisher.toMono - -@Service -class UserAccountDetailsService : ReactiveUserDetailsService { - - override fun findByUsername(username: String): Mono { - return Appuser().toMono() - } -} diff --git a/security-c4po-api/src/main/kotlin/com/securityc4po/api/configuration/security/WebSecurityConfiguration.kt b/security-c4po-api/src/main/kotlin/com/securityc4po/api/configuration/security/WebSecurityConfiguration.kt index fb358b7..27cb711 100644 --- a/security-c4po-api/src/main/kotlin/com/securityc4po/api/configuration/security/WebSecurityConfiguration.kt +++ b/security-c4po-api/src/main/kotlin/com/securityc4po/api/configuration/security/WebSecurityConfiguration.kt @@ -1,18 +1,18 @@ package com.securityc4po.api.configuration.security +import org.springframework.boot.autoconfigure.web.reactive.WebFluxAutoConfiguration import org.springframework.context.annotation.Bean -import org.springframework.context.annotation.Configuration +import org.springframework.context.annotation.Lazy import org.springframework.http.HttpMethod -import org.springframework.web.cors.CorsConfiguration import org.springframework.security.config.annotation.method.configuration.EnableReactiveMethodSecurity import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity import org.springframework.security.config.web.server.ServerHttpSecurity import org.springframework.security.web.server.SecurityWebFilterChain +import org.springframework.web.cors.CorsConfiguration -@Configuration @EnableWebFluxSecurity @EnableReactiveMethodSecurity -class WebSecurityConfiguration(private val userAccountDetailsService: UserAccountDetailsService) { +class WebSecurityConfiguration { @Bean fun springSecurityFilterChain(http: ServerHttpSecurity): SecurityWebFilterChain { @@ -43,6 +43,6 @@ class WebSecurityConfiguration(private val userAccountDetailsService: UserAccoun @Bean fun appuserJwtAuthenticationConverter(): AppuserJwtAuthConverter { - return AppuserJwtAuthConverter(userAccountDetailsService) + return AppuserJwtAuthConverter() } } diff --git a/security-c4po-api/src/main/kotlin/com/securityc4po/api/project/Project.kt b/security-c4po-api/src/main/kotlin/com/securityc4po/api/project/Project.kt index a98ef98..af3fcf8 100644 --- a/security-c4po-api/src/main/kotlin/com/securityc4po/api/project/Project.kt +++ b/security-c4po-api/src/main/kotlin/com/securityc4po/api/project/Project.kt @@ -2,35 +2,27 @@ package com.securityc4po.api.project import com.fasterxml.jackson.annotation.JsonFormat import com.securityc4po.api.ResponseBody +import org.springframework.data.mongodb.core.index.Indexed import java.time.Instant import java.util.UUID data class Project( - /* - * @Indexed(background = true, unique = true) - * Can be used after adding deps for mongodb - */ - val id: String = UUID.randomUUID().toString(), - - val client: String, - - val title: String, - - @JsonFormat(shape = JsonFormat.Shape.STRING, pattern = "yyyy-MM-dd'T'HH:mm:ssZ") - /* Change to Instant after database integration */ - val createdAt: String, - - val tester: String? = null, - - val logo: String? = null + @Indexed(background = true, unique = true) + val id: String = UUID.randomUUID().toString(), + val client: String, + val title: String, + @JsonFormat(shape = JsonFormat.Shape.STRING, pattern = "yyyy-MM-dd'T'HH:mm:ssZ") + val createdAt: String = Instant.now().toString(), + val tester: String? = null, + val logo: String? = null ) fun Project.toProjectResponseBody(): ResponseBody { - return kotlin.collections.mapOf( + return mapOf( "id" to id, "client" to client, "title" to title, - "createdAt" to createdAt.toString(), + "createdAt" to createdAt, "tester" to tester, "logo" to logo ) diff --git a/security-c4po-api/src/main/kotlin/com/securityc4po/api/project/ProjectController.kt b/security-c4po-api/src/main/kotlin/com/securityc4po/api/project/ProjectController.kt index fffde87..416e1b1 100644 --- a/security-c4po-api/src/main/kotlin/com/securityc4po/api/project/ProjectController.kt +++ b/security-c4po-api/src/main/kotlin/com/securityc4po/api/project/ProjectController.kt @@ -4,9 +4,9 @@ import com.securityc4po.api.configuration.BC_BAD_CAST_TO_ABSTRACT_COLLECTION import com.securityc4po.api.extensions.getLoggerFor import edu.umd.cs.findbugs.annotations.SuppressFBWarnings import com.securityc4po.api.ResponseBody -import org.springframework.http.HttpHeaders import org.springframework.http.ResponseEntity import org.springframework.web.bind.annotation.* +import reactor.core.publisher.Mono @RestController @RequestMapping("/projects") @@ -22,8 +22,13 @@ class ProjectController(private val projectService: ProjectService) { var logger = getLoggerFor() @GetMapping - fun getProjects(): List { - return projectService.getProjects() + fun getProjects(): Mono>> { + return projectService.getProjects().map { + it.map { + it.toProjectResponseBody() + } + }.map { + ResponseEntity.ok(it) + } } - } diff --git a/security-c4po-api/src/main/kotlin/com/securityc4po/api/project/ProjectEntity.kt b/security-c4po-api/src/main/kotlin/com/securityc4po/api/project/ProjectEntity.kt index 87787b4..0362c61 100644 --- a/security-c4po-api/src/main/kotlin/com/securityc4po/api/project/ProjectEntity.kt +++ b/security-c4po-api/src/main/kotlin/com/securityc4po/api/project/ProjectEntity.kt @@ -1,11 +1,26 @@ package com.securityc4po.api.project import com.securityc4po.api.BaseEntity +import org.springframework.data.mongodb.core.mapping.Document -/* - * @Document(collection = "project") - * Can be used after adding deps for mongodb -*/ +@Document(collection = "projects") open class ProjectEntity( data: Project ) : BaseEntity(data) + +fun ProjectEntity.toProject() : Project { + return Project( + this.data.id, + this.data.client, + this.data.title, + this.data.createdAt, + this.data.tester, + this.data.logo + ) +} + +fun List.toProjects(): List { + return this.map { + it.toProject() + } +} diff --git a/security-c4po-api/src/main/kotlin/com/securityc4po/api/project/ProjectRepository.kt b/security-c4po-api/src/main/kotlin/com/securityc4po/api/project/ProjectRepository.kt new file mode 100644 index 0000000..03e1561 --- /dev/null +++ b/security-c4po-api/src/main/kotlin/com/securityc4po/api/project/ProjectRepository.kt @@ -0,0 +1,13 @@ +package com.securityc4po.api.project + +import org.springframework.data.mongodb.repository.Query +import org.springframework.data.mongodb.repository.ReactiveMongoRepository +import org.springframework.stereotype.Repository +import reactor.core.publisher.Mono + +@Repository +interface ProjectRepository: ReactiveMongoRepository { + + @Query("{'data._id' : ?0}") + fun findProjectById(id: String): Mono +} \ No newline at end of file diff --git a/security-c4po-api/src/main/kotlin/com/securityc4po/api/project/ProjectService.kt b/security-c4po-api/src/main/kotlin/com/securityc4po/api/project/ProjectService.kt index 5b10529..458434e 100644 --- a/security-c4po-api/src/main/kotlin/com/securityc4po/api/project/ProjectService.kt +++ b/security-c4po-api/src/main/kotlin/com/securityc4po/api/project/ProjectService.kt @@ -1,39 +1,22 @@ package com.securityc4po.api.project import com.securityc4po.api.extensions.getLoggerFor -import org.junit.BeforeClass import org.springframework.stereotype.Service -import reactor.core.publisher.Flux -/* Remove after database is integrated */ -import java.io.File -import com.fasterxml.jackson.datatype.jsr310.JavaTimeModule -import com.fasterxml.jackson.module.kotlin.jacksonObjectMapper -import com.fasterxml.jackson.module.kotlin.readValue -import com.fasterxml.jackson.module.kotlin.registerKotlinModule +import reactor.core.publisher.Mono @Service -class ProjectService() { +class ProjectService(private val projectRepository: ProjectRepository) { var logger = getLoggerFor() - /* Remove after database is integrated */ - val mapper = jacksonObjectMapper() - - @BeforeClass - fun init() { - mapper.registerKotlinModule() - mapper.registerModule(JavaTimeModule()) - } - /** * Get all [Project]s * * @return list of [Project] */ - fun getProjects(): List { - val jsonProjectsString: String = File("./src/main/resources/mocks/projects.json").readText(Charsets.UTF_8) - val jsonProjectList: List = mapper.readValue>(jsonProjectsString) - /* After database integration the return should be Flux of ProjectEntity */ - return jsonProjectList; + fun getProjects(): Mono> { + return projectRepository.findAll().collectList().map { + it.map { projectEntity -> projectEntity.toProject() } + } } } diff --git a/security-c4po-api/src/main/resources/application-COMPOSE.properties b/security-c4po-api/src/main/resources/application-COMPOSE.properties new file mode 100644 index 0000000..0eb417a --- /dev/null +++ b/security-c4po-api/src/main/resources/application-COMPOSE.properties @@ -0,0 +1,9 @@ +## IdentityProvider (Keycloak) ## +# spring.security.oauth2.resourceserver.jwt.issuer-uri=http://localhost:8888/auth/realms/c4po_realm_local +# keycloakhost=localhost +# keycloak.client.url=http://localhost:8888/ + +## Database (MONGODB) Config ## +#spring.data.mongodb.host=c4po-db +spring.data.mongodb.host=localhost +spring.data.mongodb.port=27017 \ No newline at end of file diff --git a/security-c4po-api/src/main/resources/application-DEV.properties b/security-c4po-api/src/main/resources/application-DEV.properties new file mode 100644 index 0000000..f3fb2e6 --- /dev/null +++ b/security-c4po-api/src/main/resources/application-DEV.properties @@ -0,0 +1,8 @@ +## IdentityProvider (Keycloak) ## +# spring.security.oauth2.resourceserver.jwt.issuer-uri=http://localhost:8888/auth/realms/c4po_realm_local +# keycloakhost=localhost +# keycloak.client.url=http://localhost:8888/ + +## Database (MONGODB) Config ## +spring.data.mongodb.host=localhost +spring.data.mongodb.port=27017 \ No newline at end of file diff --git a/security-c4po-api/src/main/resources/application.properties b/security-c4po-api/src/main/resources/application.properties index c467b52..327d23c 100644 --- a/security-c4po-api/src/main/resources/application.properties +++ b/security-c4po-api/src/main/resources/application.properties @@ -1,6 +1,7 @@ ## General Properties ## -spring.main.web-application-type=reactive +# spring.main.web-application-type=reactive spring.main.allow-bean-definition-overriding=true +spring.jackson.default-property-inclusion=non_null ## Server Config ## server.port=8443 @@ -11,13 +12,12 @@ management.endpoint.health.enabled=true management.endpoints.web.exposure.include=info, health, metrics ## Database (MONGODB) Config ## -# spring.data.mongodb.database=C4PO -# spring.data.mongodb.host=localhost -# spring.data.mongodb.port=27017 -# spring.main.allow-bean-definition-overriding=true -# spring.data.mongodb.auto-index-creation=true +spring.data.mongodb.database=c4po +spring.data.mongodb.auto-index-creation=true -## IdentityProvider (Keycloak for tests) ## +## IdentityProvider (Keycloak) ## spring.security.oauth2.resourceserver.jwt.issuer-uri=http://localhost:8888/auth/realms/c4po_realm_local keycloakhost=localhost -keycloak.client.url=http://localhost:8888/ \ No newline at end of file +keycloak.client.url=http://localhost:8888/ +# keycloak.client.realm.path=auth/realms/c4po_realm_local/ +idp.jwt.claim.name.user=username \ No newline at end of file diff --git a/security-c4po-api/src/test/kotlin/com/securityc4po/api/BaseContainerizedTest.kt b/security-c4po-api/src/test/kotlin/com/securityc4po/api/BaseContainerizedTest.kt index a383f67..c8f98c4 100644 --- a/security-c4po-api/src/test/kotlin/com/securityc4po/api/BaseContainerizedTest.kt +++ b/security-c4po-api/src/test/kotlin/com/securityc4po/api/BaseContainerizedTest.kt @@ -1,9 +1,105 @@ package com.securityc4po.api +import com.fasterxml.jackson.annotation.JsonIgnoreProperties +import com.github.dockerjava.api.model.ExposedPort +import com.github.dockerjava.api.model.PortBinding +import com.github.dockerjava.api.model.Ports +import com.nimbusds.jwt.JWTParser import org.junit.jupiter.api.TestInstance +import org.springframework.beans.factory.annotation.Value +import org.springframework.cloud.contract.wiremock.AutoConfigureWireMock +import org.springframework.http.HttpEntity +import org.springframework.http.HttpHeaders +import org.springframework.http.MediaType import org.springframework.test.context.TestPropertySource +import org.springframework.util.LinkedMultiValueMap +import org.springframework.web.client.RestTemplate +import org.testcontainers.shaded.com.fasterxml.jackson.databind.ObjectMapper +import org.testcontainers.containers.GenericContainer +import org.testcontainers.images.builder.ImageFromDockerfile +import org.testcontainers.utility.DockerImageName +import org.testcontainers.utility.MountableFile +import java.nio.file.Paths @TestInstance(TestInstance.Lifecycle.PER_CLASS) +@AutoConfigureWireMock(port = 0) +@TestPropertySource(properties = [ + "spring.data.mongodb.port=10002", + "spring.data.mongodb.authentication-database=admin", + "spring.data.mongodb.password=test", + "spring.data.mongodb.username=testuser", + "MONGO_DB_MAX_CONNECTION_IDLE_TIME=PT25M", + "DATA_REFRESH_THRESHOLD_DURATION=PT30M", + "CLEANUP_BATCH_SIZE_FOR_SELECTING_EXPIRED_USERS=100" +]) abstract class BaseContainerizedTest { + @Value("\${keycloakhost}") + var keycloakhost: String? = null + companion object { + val mongoDbContainer = KGenericContainer(ImageFromDockerfile("c4poapibasecontainerizedtest").withDockerfileFromBuilder { + it.from("mongo") + it.env("MONGO_INITDB_ROOT_USERNAME", "root") + it.env("MONGO_INITDB_ROOT_PASSWORD", "cjwkbencowepoc324pon2mop3mp4") + it.env("MONGO_INITDB_DATABASE", "admin") + it.add("insert-mongodb-user.js", "/docker-entrypoint-initdb.d") + }.withFileFromPath("insert-mongodb-user.js", Paths.get(MountableFile.forClasspathResource("insert-mongodb-user.js", 700).resolvedPath)) + ).apply { + withCreateContainerCmdModifier { + it.hostConfig?.withPortBindings(PortBinding(Ports.Binding.bindPort(10002), ExposedPort(27017))) + } + start() + } + + val keycloakContainer = KGenericContainerFromImage(DockerImageName.parse("jboss/keycloak:6.0.1")).apply { + withEnv("KEYCLOAK_USER", "admin") + withEnv("KEYCLOAK_PASSWORD", "admin") + withEnv("KEYCLOAK_IMPORT", "/tmp/realm.json") + withEnv("DB_VENDOR", "h2") + withCreateContainerCmdModifier { + it.hostConfig?.withPortBindings(PortBinding(Ports.Binding.bindPort(8888), ExposedPort(8080))) + } + withCopyFileToContainer(MountableFile.forClasspathResource("outdated_realm-export.json", 700), "/tmp/realm.json") + withCopyFileToContainer(MountableFile.forClasspathResource("create-keycloak-user.sh", 700), + "/opt/jboss/create-keycloak-user.sh") + start() + println("== Inserting users must wait until Keycloak is started completely ==") + execInContainer("sh", "/opt/jboss/create-keycloak-user.sh") + } + } + + var token = "n/a" + var tokenAdmin = "n/a" + var tokenUser = "n/a" + var keycloakHost: String? = null + + fun getAccessToken(username: String, password: String, clientId: String, realm: String): String { + keycloakHost = "http://" + keycloakhost + ":" + keycloakContainer.getMappedPort(8080) + val restTemplate = RestTemplate() + val headers = HttpHeaders() + headers.contentType = MediaType.APPLICATION_FORM_URLENCODED + + val map = LinkedMultiValueMap() + map.add("grant_type", "password") + map.add("client_id", clientId) + map.add("username", username) + map.add("password", password) + map.add("client_secret", "secret") + val responseString = restTemplate.postForObject("$keycloakHost/auth/realms/$realm/protocol/openid-connect/token", + HttpEntity(map, headers), String::class.java) + val token = ObjectMapper().readValue(responseString, KeyCloakToken::class.java) + return token.access_token!! + } + + fun getSubClaim(token: String): String { + val jwt = JWTParser.parse(token) + val scopes = ObjectMapper().readValue(jwt.jwtClaimsSet.toJSONObject().toJSONString(), HashMap::class.java) + return scopes["sub"] as String + } + + @JsonIgnoreProperties(ignoreUnknown = true) + class KeyCloakToken(val access_token: String? = null) + + class KGenericContainerFromImage(imageName: DockerImageName) : GenericContainer(imageName) + class KGenericContainer(dockerFile: ImageFromDockerfile) : GenericContainer(dockerFile) } \ No newline at end of file diff --git a/security-c4po-api/src/test/kotlin/com/securityc4po/api/BaseDocumentationIntTest.kt b/security-c4po-api/src/test/kotlin/com/securityc4po/api/BaseDocumentationIntTest.kt index cff40b3..3f16153 100644 --- a/security-c4po-api/src/test/kotlin/com/securityc4po/api/BaseDocumentationIntTest.kt +++ b/security-c4po-api/src/test/kotlin/com/securityc4po/api/BaseDocumentationIntTest.kt @@ -28,7 +28,7 @@ abstract class BaseDocumentationIntTest : BaseContainerizedTest() { @BeforeEach fun setupDocs(restDocumentation: RestDocumentationContextProvider) { webTestClient = WebTestClient.bindToServer() - .baseUrl("com.securityc4po.api.http://localhost:$port") + .baseUrl("http://localhost:$port") .filter(documentationConfiguration(restDocumentation)) .responseTimeout(Duration.ofMillis(10000)) .build() diff --git a/security-c4po-api/src/test/kotlin/com/securityc4po/api/BaseIntTest.kt b/security-c4po-api/src/test/kotlin/com/securityc4po/api/BaseIntTest.kt index 65e7b77..f12646b 100644 --- a/security-c4po-api/src/test/kotlin/com/securityc4po/api/BaseIntTest.kt +++ b/security-c4po-api/src/test/kotlin/com/securityc4po/api/BaseIntTest.kt @@ -8,4 +8,4 @@ import org.springframework.test.context.junit.jupiter.SpringExtension @ExtendWith(SpringExtension::class) @SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT) @DirtiesContext -abstract class BaseIntTest : BaseContainerizedTest() { } \ No newline at end of file +abstract class BaseIntTest : BaseContainerizedTest() \ No newline at end of file diff --git a/security-c4po-api/src/test/kotlin/com/securityc4po/api/project/ProjectControllerDocumentationTest.kt b/security-c4po-api/src/test/kotlin/com/securityc4po/api/project/ProjectControllerDocumentationTest.kt index 0bf18a8..a15dcc8 100644 --- a/security-c4po-api/src/test/kotlin/com/securityc4po/api/project/ProjectControllerDocumentationTest.kt +++ b/security-c4po-api/src/test/kotlin/com/securityc4po/api/project/ProjectControllerDocumentationTest.kt @@ -9,6 +9,7 @@ import org.junit.jupiter.api.Nested import org.junit.jupiter.api.Test import org.springframework.beans.factory.annotation.Autowired import org.springframework.cloud.contract.wiremock.AutoConfigureWireMock +import org.springframework.data.mongodb.core.MongoTemplate import org.springframework.restdocs.operation.preprocess.Preprocessors import org.springframework.restdocs.payload.JsonFieldType import org.springframework.restdocs.payload.PayloadDocumentation @@ -18,8 +19,8 @@ import org.springframework.restdocs.webtestclient.WebTestClientRestDocumentation @SuppressFBWarnings(SIC_INNER_SHOULD_BE_STATIC) class ProjectControllerDocumentationTest : BaseDocumentationIntTest() { - /*@Autowired - lateinit var mongoTemplate: MongoTemplate*/ + @Autowired + lateinit var mongoTemplate: MongoTemplate @BeforeEach fun init() { diff --git a/security-c4po-api/src/test/kotlin/com/securityc4po/api/project/ProjectControllerIntTest.kt b/security-c4po-api/src/test/kotlin/com/securityc4po/api/project/ProjectControllerIntTest.kt index 335a505..6928f27 100644 --- a/security-c4po-api/src/test/kotlin/com/securityc4po/api/project/ProjectControllerIntTest.kt +++ b/security-c4po-api/src/test/kotlin/com/securityc4po/api/project/ProjectControllerIntTest.kt @@ -5,38 +5,54 @@ import com.securityc4po.api.BaseIntTest import com.securityc4po.api.configuration.SIC_INNER_SHOULD_BE_STATIC import com.securityc4po.api.configuration.URF_UNREAD_FIELD import edu.umd.cs.findbugs.annotations.SuppressFBWarnings +import io.netty.handler.ssl.SslContextBuilder import org.junit.jupiter.api.BeforeEach import org.junit.jupiter.api.Nested import org.junit.jupiter.api.Test import org.springframework.beans.factory.annotation.Autowired import org.springframework.boot.web.server.LocalServerPort import org.springframework.cloud.contract.wiremock.AutoConfigureWireMock +import org.springframework.data.mongodb.core.MongoTemplate +import org.springframework.data.mongodb.core.query.Query +import org.springframework.test.context.TestPropertySource import org.springframework.test.web.reactive.server.WebTestClient +import org.springframework.util.ResourceUtils +import reactor.netty.http.client.HttpClient import java.time.Duration @AutoConfigureWireMock(port = 0) -@SuppressFBWarnings(SIC_INNER_SHOULD_BE_STATIC, URF_UNREAD_FIELD, "Unread field will become used after database implementation") +/*@TestPropertySource( + properties = [ + "keycloak.client.url=http://localhost:${'$'}{wiremock.server.port}" + ] +)*/ +@SuppressFBWarnings( + SIC_INNER_SHOULD_BE_STATIC, + URF_UNREAD_FIELD, + "Unread field will become used after database implementation" +) class ProjectControllerIntTest : BaseIntTest() { @LocalServerPort private var port = 0 + @Autowired + lateinit var mongoTemplate: MongoTemplate + private lateinit var webTestClient: WebTestClient @BeforeEach fun setupWebClient() { webTestClient = WebTestClient.bindToServer() - .baseUrl("http://localhost:$port") - .responseTimeout(Duration.ofMillis(10000)) - .build() + .baseUrl("http://localhost:$port") + .responseTimeout(Duration.ofMillis(10000)) + .build() } - /*@Autowired - lateinit var mongoTemplate: MongoTemplate*/ - @BeforeEach fun init() { cleanUp() + configureAdminToken() persistBasicTestScenario() } @@ -44,63 +60,67 @@ class ProjectControllerIntTest : BaseIntTest() { inner class GetProjects { @Test fun `requesting projects successfully`() { - /* Implement after the implementation of database */ - - /*webTestClient.get().uri("/v1/projects") - .header("") - .exchange() - .expectStatus().isOk - .expectHeader().doesNotExist("") - .expectBody().json(Json.write(getProjects()))*/ + webTestClient.get().uri("/v1/projects") + .header("Authorization", "Bearer $tokenAdmin") + .exchange() + .expectStatus().isOk + .expectHeader().valueEquals("Application-Name", "security-c4po-api") + .expectBody().json(Json.write(getProjects())) } val projectOne = Project( - id = "4f6567a8-76fd-487b-8602-f82d0ca4d1f9", - client = "E Corp", - title = "Some Mock API (v1.0) Scanning", - createdAt = "2021-01-10T18:05:00Z", - tester = "Novatester", - logo = "Insert'E_Corp.png'BASE64Encoded" + id = "4f6567a8-76fd-487b-8602-f82d0ca4d1f9", + client = "E Corp", + title = "Some Mock API (v1.0) Scanning", + createdAt = "2021-01-10T18:05:00Z", + tester = "Novatester", + logo = "Insert'E_Corp.png'BASE64Encoded" ) val projectTwo = Project( - id = "61360a47-796b-4b3f-abf9-c46c668596c5", - client = "Allsafe", - title = "CashMyData (iOS)", - createdAt = "2021-01-10T18:05:00Z", - tester = "Elliot", - logo = "Insert'Allsafe.png'BASE64Encoded" + id = "61360a47-796b-4b3f-abf9-c46c668596c5", + client = "Allsafe", + title = "CashMyData (iOS)", + createdAt = "2021-01-10T18:05:00Z", + tester = "Elliot", + logo = "Insert'Allsafe.png'BASE64Encoded" ) private fun getProjects() = listOf( - projectOne.toProjectResponseBody(), - projectTwo.toProjectResponseBody() + projectOne.toProjectResponseBody(), + projectTwo.toProjectResponseBody() ) } private fun cleanUp() { - /*mongoTemplate.findAllAndRemove(Query(), Project::class.java)*/ + mongoTemplate.findAllAndRemove(Query(), Project::class.java) + + tokenAdmin = "n/a" } private fun persistBasicTestScenario() { // setup test data val projectOne = Project( - id = "4f6567a8-76fd-487b-8602-f82d0ca4d1f9", - client = "E Corp", - title = "Some Mock API (v1.0) Scanning", - createdAt = "2021-01-10T18:05:00Z", - tester = "Novatester", - logo = "Insert'E_Corp.png'BASE64Encoded" + id = "4f6567a8-76fd-487b-8602-f82d0ca4d1f9", + client = "E Corp", + title = "Some Mock API (v1.0) Scanning", + createdAt = "2021-01-10T18:05:00Z", + tester = "Novatester", + logo = "Insert'E_Corp.png'BASE64Encoded" ) val projectTwo = Project( - id = "61360a47-796b-4b3f-abf9-c46c668596c5", - client = "Allsafe", - title = "CashMyData (iOS)", - createdAt = "2021-01-10T18:05:00Z", - tester = "Elliot", - logo = "Insert'Allsafe.png'BASE64Encoded" + id = "61360a47-796b-4b3f-abf9-c46c668596c5", + client = "Allsafe", + title = "CashMyData (iOS)", + createdAt = "2021-01-10T18:05:00Z", + tester = "Elliot", + logo = "Insert'Allsafe.png'BASE64Encoded" ) cleanUp() - /*mongoTemplate.save(ProjectEntity(projectOne)) - mongoTemplate.save(ProjectEntity(projectTwo))*/ + mongoTemplate.save(ProjectEntity(projectOne)) + mongoTemplate.save(ProjectEntity(projectTwo)) + } + + private fun configureAdminToken() { + tokenAdmin = getAccessToken("test_admin", "test", "c4po_local", "c4po_realm_local") } } \ No newline at end of file diff --git a/security-c4po-api/src/test/kotlin/com/securityc4po/api/project/ProjectServiceTest.kt b/security-c4po-api/src/test/kotlin/com/securityc4po/api/project/ProjectServiceTest.kt index a2ccded..cb78fa0 100644 --- a/security-c4po-api/src/test/kotlin/com/securityc4po/api/project/ProjectServiceTest.kt +++ b/security-c4po-api/src/test/kotlin/com/securityc4po/api/project/ProjectServiceTest.kt @@ -12,7 +12,9 @@ class ProjectServiceTest { private val log = mock() - private val cut = ProjectService().apply { + private val projectRepository = mock() + + private val cut = ProjectService(projectRepository).apply { this.logger = log } diff --git a/security-c4po-api/src/test/resources/collections/projects.json b/security-c4po-api/src/test/resources/collections/projects.json new file mode 100644 index 0000000..bcb980f --- /dev/null +++ b/security-c4po-api/src/test/resources/collections/projects.json @@ -0,0 +1,26 @@ +[{ + "_id": "1234567890123456789012345", + "_class": "de.novatec.openspace.usermanagementservice.v1.sensor.SensorAdminEntity", + "data": { + "_id": "92e7a4e3-2968-4831-a2bd-94c3b33f85fd", + "client": "E Corp", + "title": "Some Mock API (v1.0) Scanning", + "createdAt": "2021-01-10T18:05:00Z", + "tester": "Novatester", + "logo": "iVBORw0KGgoAAAANSUhEUgAAAqIAAAJkCAYAAADKsENaAAABQ2lDQ1BJQ0MgUHJvZmlsZQAAKJFjYGASSCwoyGFhYGDIzSspCnJ3UoiIjFJgf8rAxMDLwMOgysCdmFxc4BgQ4ANUwgCjUcG3awyMIPqyLsis+FXXLh6uWMp768/BCv9DGxdjqkcBXCmpxclA+g8QJycXFJUwMDAmANnK5SUFIHYLkC1SBHQUkD0DxE6HsNeA2EkQ9gGwmpAgZyD7CpAtkJyRmAJkPwGydZKQxNOR2FB7QYAz0NjI3TDc3YSAW0kGJakVJSDaOb+gsigzPaNEwREYQqkKnnnJejoKRgZGhgwMoPCGqP58AxyOjGIcCLGaCQwMlk5AxkKEWPB2BobNMQwM/DsQYmr9DAzCiQwMh64UJBYlwh3A+I2lOM3YCMLmBupjnfb//+dwBgZ2TQaGv9f///+9/f//v8sYGJhvMTAc+AYAJd1hev7dChYAAABWZVhJZk1NACoAAAAIAAGHaQAEAAAAAQAAABoAAAAAAAOShgAHAAAAEgAAAESgAgAEAAAAAQAAAqKgAwAEAAAAAQAAAmQAAAAAQVNDSUkAAABTY3JlZW5zaG90n6HMZQAAAdZpVFh0WE1MOmNvbS5hZG9iZS54bXAAAAAAADx4OnhtcG1ldGEgeG1sbnM6eD0iYWRvYmU6bnM6bWV0YS8iIHg6eG1wdGs9IlhNUCBDb3JlIDUuNC4wIj4KICAgPHJkZjpSREYgeG1sbnM6cmRmPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5LzAyLzIyLXJkZi1zeW50YXgtbnMjIj4KICAgICAgPHJkZjpEZXNjcmlwdGlvbiByZGY6YWJvdXQ9IiIKICAgICAgICAgICAgeG1sbnM6ZXhpZj0iaHR0cDovL25zLmFkb2JlLmNvbS9leGlmLzEuMC8iPgogICAgICAgICA8ZXhpZjpQaXhlbFhEaW1lbnNpb24+Njc0PC9leGlmOlBpeGVsWERpbWVuc2lvbj4KICAgICAgICAgPGV4aWY6VXNlckNvbW1lbnQ+U2NyZWVuc2hvdDwvZXhpZjpVc2VyQ29tbWVudD4KICAgICAgICAgPGV4aWY6UGl4ZWxZRGltZW5zaW9uPjYxMjwvZXhpZjpQaXhlbFlEaW1lbnNpb24+CiAgICAgIDwvcmRmOkRlc2NyaXB0aW9uPgogICA8L3JkZjpSREY+CjwveDp4bXBtZXRhPgolIiPRAABAAElEQVR4Aex9B6BcVbn1N33m9nRSSUJCJzRBUFCE0EQQEaxgowmEXkIPvQqCCBZQH/bn04ei71ff8/lEaUqvCtKblEBIu/dO/9f69tnTctNvmfLtZOacOXPaXvvcOeusr4Wi0WhRrBkChoAhYAgYAoaAIWAIGALDjEB4mI9nhzMEDAFDwBAwBAwBQ8AQMAQUASOidiEYAoaAIWAIGAKGgCFgCIwIAkZERwR2O6ghYAgYAoaAIWAIGAKGgBFRuwYMAUPAEDAEDAFDwBAwBEYEASOiIwK7HdQQMAQMAUPAEDAEDAFDwIioXQOGgCFgCBgChoAhYAgYAiOCgBHREYHdDmoIGAKGgCFgCBgChoAhYETUrgFDwBAwBAwBQ8AQMAQMgRFBwIjoiMBuBzUEDAFDwBAwBAwBQ8AQMCJq14AhYAgYAoaAIWAIGAKGwIggYER0RGC3gxoChoAhYAgYAoaAIWAIGBG1a8AQMAQMAUPAEDAEDAFDYEQQMCI6IrDbQQ0BQ8AQMAQMAUPAEDAEjIjaNWAIGAKGgCFgCBgChoAhMCIIGBEdEdjtoIaAIWAIGAKGgCFgCBgCRkTtGjAEDAFDwBAwBAwBQ8AQGBEEjIiOCOx2UEPAEDAEDAFDwBAwBAwBI6J2DRgChoAhYAgYAoaAIWAIjAgCRkRHBHY7qCFgCBgChoAhYAgYAoaAEVG7BgwBQ8AQWBsEQiERvqwZAoaAIWAIrDcCRkTXG0LbgSFgCBgChoAhYAgYAobAuiAQXZeNbBtDwBAwBJoVgbBEVuhagQJoMe+U0BCmbF4ULdjzvAPE3g0BQ8AQWHsE7Bd07TGzLQwBQ6DFEAhLwfXYk9Cg/6FiiwFh3TUEDAFDYJARMEV0kAG13RkChkCDIxAKSGcxeE4PPoc4LVYyTyeJhoPvC379Bu++nb4hYAgYAsOJgBHR4UTbjmUIGAKNhQBIZrFQkFC4KKEqEgpO6k3zjdUjO1tDwBAwBOoKASOidTUcdjKGgCEwUgiEayPhA6VTYJYvQgxNxGOSamvT0+vr7ZVsrihFCfxFR+qk7biGgCFgCDQ4AuYj2uADaKdvCBgCQ4MAlVAB0QxHwhKLRiSZTEgU83xxPhELI16pHNi0ApEdmtOyvRoChoAh0FQImCLaVMNpnTEEDIF1RaBQYXp3ZvgCaCZJaFTC4ZDEozEQT+cjGsV8Ed+J9Es2WxBuS1M9yajO43OoVmFd1xOz7QwBQ8AQaGIEjIg28eBa1wwBQ2DdEKBPKK3uJJYkoTEQzwLt83ma45G5icugjEoiiU8kozl8nwcZLSuk63Zk28oQMAQMgdZCwIhoa4239dYQMAQGUiqhYIbDMLWr4Ik3rJNsi8MED6IJ/hmLQxsNwSwfgxJayEk6ndWETtEIFFBVSkXS2Yzk8yCkqowywN55Pnn/pxD2X9kqFdjK5TZvCBgChkArIWBEtJVG2/pqCBgCK0WgmM8GhncQz2iolK+e7DQaiUpnZ6eMGzdWCvAdff2NN2TxkiVKXiMgo4lEh8jyZdh3RnKMX7KI+pXibF8YAoaAIVCJgBHRSjRs3hAwBFoAgWplkhWTmCOUimgY5vdILCLxWBTkMgWFsyCpZEpmbjRT9vvwh2WTTTeRApY98cRjcusPfihLly5F0FIc5DMv8XhcsSsUMyCrmDUy2gLXknXREDAE1hcBI6Lri6BtbwgYAg2PADljKpGQCFw8o5GYRspHEaTUlkrI+3beSY49dp689/3vp8Ve84ru8+F9ZOE7i+QXv7gNZvp+idDsDos+ySit+/2ZDEzzCGLSgKaGh8c6YAgYAobAkCGA38/wBUO2d9uxIWAIGAJ1hwACjhh4hBcVUEbAJ+H72daWVD/QEKKUEkjP1NbWIfvss69cfMmlsumWc+j0iZ6AicJXNAKSuu2228mrr74qzz/3vPT3pzWAieQ1BDN+PpfD6oicV1rK7RhFX63Ecqk1Q8AQMARaHQEjoq1+BVj/DYEWRCCMqPgo5M8YXnHkCI3CFF+Eeb29LSUxkNLOjk750O5z5Zprvyrdo8Y6hJSIYlZN7iFp7+iSjWdvJPfcc48sg4m+CJM9vysyAT7M/TTh+00Qfw8iqhuW0DYiWoLCZgwBQ6CFETAi2sKDb103BJoZAaZeIvkrET4SQV1GB85iQDrjMMczRRP9QmOqjs7YcJoc8+Vj5JTTTpMoqimx5XIZmOsxz30oE+W+RboQwLTFFpvLXX+5S/1F1RxfzGF/yPSEoCVQURwq7Ez0UETLZ4NUT47R6v7tzRAwBAyBVkXAiGirjrz12xBocgS8AllJRGl2VzM53js7OqCKkoQiSAmkcszoMfKe7beTm268SXaduzdIaALW+7zmCHWBSCShIJeYaPJ6EMl0Oi2TJm4go0d1yZ133Sm9fb1YioCnMNI8QRGFhR6qKOgntuH5hDBDMqovENPSueme7c0QMAQMgdZDwIho64259dgQaGoEvBLqO6lkDySQfptUMZPICZqIs1qSM8tTvezq7JJddv2AnL/gfJk6cxYk0Ax8PZE7FOtEo3Fs50zrSibBREkoSWi16hL8TGfPniVPP/UPeenll2CSZ1lQmvvhcwp/UZrleWDnM0o9lWeElxFRP0Q2NQQMgRZGwIhoCw++dd0QaEYEvBLKvvmk8UzPxBrxrA/P1EzMC5pCQBLJ4aieHtlz7lw566wzZdr0jcAR6euJoCPKpNr8NPjoZUwuJrMFoWTw0uxZM+TOO++UZcgvmknDlI/lVFvJWfNILqqlP6HI8lzARvGZO7BmCBgChkBrI2BEtLXH33pvCDQfAiR6geoYQjJ6vvi5DVWSGIiUgMKpJTuR7HPq5CnypS9+UY6fd6xMwHwGpvYIVNAcTPIRrKeMcQWEqGZWLAyi48eOHy8zpk2Tu+66WxYvXhYEKtGXNILVC1p1STmsK9+0kn1X7NdmDQFDwBBoAQSMiLbAIFsXDYFWQEDVR5LCgOgVSUKDjrMCPBPTx6CExpSIRmTrrbaUs+bPl08eeqikYJqHLR5rgThinWgssRaQkV5iOyio06ZMQVnQNrn//vslw1yiBZ4PvwuD5PZhNaSO4knxZYroWmBsqxoChkCzImBEtFlH1vplCLQIAhH133RmeJJRjTwC0WtPxZFgPiGdbe3w84QqCZKaSiSlvb1N9th9d7n88itk2513Zki89Pf1o558SiPjSRrLmqrjjJVQFtUcD09PHMORShfs1N+XlhhU10033hiEdKrc+9e/Ib9oH8zzIXUHKKBGfQ7H4h7pO0qSas0QMAQMgVZHwIhoq18B1n9DoMERIC8swsxOH8wCy3XCx5MBQYlEHD6hTMmEoCMwxp7ubpm+4XQ56ogj5eyzz5Hu8WOhVML8jm0iIKE0oVOpJAmtbFhU1QaijySnEVVgwxJFadDxY8fKKy+9JE8/8wx4cQiR9xn1I+W55HmuzO2ksmjVru2DIWAIGAIth4AR0ZYbcuuwIdBcCGjwj/ppOjGUwUjxuAtKYuBRCMpjW6pNNt90U7nqyitkr333lTAi59UUX8iAiELRRLARmOgKJJRIrQkRhfEdvqXYBwgvSWYSgVAbbzpbHn30UXn99X+RKSvoUfifUrXNZbI4nIvEH4jYNtcIWW8MAUPAEFg5AkZEV46NfWMIGAJ1jgDVRrA8JYtRELwYSShqxsfjSSxGGiVEv3ci6fxmm2wm3/zWN2TG7I0lhHrwJJ30BQ2BPHLrkjep7q+602tKRLke/UEZLR8C4Rw9bpxsN2eOPPrIw/LOO2/rUSDZ6vfMIKpmeqxrRLQab/tkCBgCrYVACLWR7XewtcbcemsINAUCIRBNNsYmRZCaKYVa8SzNySTzbCSE7e0dshmU0Ou+eo1M33gTLiUHrZA54VMaNKZyqmyVaaAql/v5WhN+aU/BbrIITmJlpleffUaOPOpIeerppxE5jyT3iMjPIZ1TJgvf1GyW3FSXk02HQJxXaEE/V1huCwwBQ8AQaAIETBFtgkG0LhgCrYgA0yzRvB0LcoMyKr6Qz4HYFVC+s026unpk553fJ1+56isybeZGYHkrJ6ED4bc6IlpNWyu4bbCzCPxTJZ+Vzq5OyfT3yv33PSDLli9HoFKQ4J46LMhvPo9IeuYX1cT3JTpbcUq1R6r4ymYNAUPAEGhwBIyINvgA2ukbAq2CAH1BfV5QTulrmYiCiMLUzpRMJKGcZ7L6iRtMkM994fNy+mmny7gJ49UHlKTVyaEIagJo9OtcVVsdEfXCqp+W9uV3yylIcRjnNmvmTHkZVZeeefZ5DazKZtNasYnVnuhTqmosz4+Gep1y1pUjLe3XZgwBQ8AQaEIEjIg24aBalwyBZkTA5wdl38jxUvAFjcZIQqMakc6USPQTnb3xbLn6qqvlwAMPlPZu5AeF0piHMqkBSfhUCLwy15eIYlcrbdQ4HaeEDygUz0QqhepNe8pbb7wuzz3/gmQRrEQiTfW2AHM9X+Sf6qvqiWhwnis9iH1hCBgChkATIGBEtAkG0bpgCLQGAjBewxwfQwokpkGKMzUTarrjR0xTNSVhmt9qqzkyH0nqd9ltNxA7+luCsjKACOtREXV+naSxK9JQKqCVr/XBVPcTHJtEmOfA4Kjx48bKQw8+IK/963UE2DNwCX2BiluA36hLfg/3ARDQYhBlz3NgQBb3Zwb69RkR29YQMATqFQEjovU6MnZehoAhUEKA6mGEpBMv1oxHkKUqodEISBoSxo8eNVr22nNPueySy2SLLTYjBQSDo6kbTT9AbQyURhI6R0X126F740Foadfjg0hC9RwPN4GJEzeQBx68X5aiJn021w9VFCQUbgX0ESUB1Rh+nKsnn5yyGRFVGOzNEDAEmgwBI6JNNqDWHUOg4REg8QrIl+8LfSiTSfh/0gwPZVFVUCiJbaiSNHPGDDn6yCNl3rzjZQwUxzCqKYUiCBRi2SPdD3J7Ysp/vnGu/MkvHZwpVVeSRiW8FQcJw5+1CH/QGbNmSU9nB8joA9KLakyky1GknZIiySgmKtuSwToyikXajIh6JGxqCBgCzYSAEdFmGk3riyHQDAjUkFDfJSaJJwGNQgGlQprC562Rp/NrX7tedt9nH0TPw/weQ/5Q5nNyNFA3LQRkcLiIaCVh5Dy7U+ajTqWdPn1D6evrk6f+8Q/pR7qpXD4D8gziyRRSSLDvUknRTM8daDdMEXUw2LshYAg0GQJGRJtsQK07hkCzIJBXM7Vokvo21HCnGtoG8slpF5LUb7nlVnLd9dfL9JkbqRlbVVDSNRA5sj/108SUdI4vTxA9KfTTwcaL++Wr8ngavOSX4ZziUG233WYr5BZ9Sl544QWUB0VAVS4DdwMm2xdJZ1B2VPfCs8MC/g/65PfLb6wZAoaAIdDoCBgRbfQRtPM3BJoQAaZqisGUnYDKGWdKJpBPlu5MIFI+hiClTZGk/gqU69xo481A4FAuU3OKkv6hgbAN1GoJ3MBrDbTlui3zxxvwODjHRCopW26+ufz13ntl4cK3NbKfjJOuBzG8siCmykXp21qxE7/fdTsr28oQMAQMgfpCwIhofY2HnY0h0DIIhIO8oDSla17QYMr5CPTEtra4JOL0B3WKJtM1tYG8fXjvfeTiiy6SmRttLAXk4YxARcwXnGemC+ypYG0VaHJp5aviqyGZ9ceq3Tli5XEeRcn2Z2X02HEyY8Y0uRdkNJPOaI7RKKL9WZGpv78/IKCgnupu4Mz6RkRrEbXPhoAh0MgIWInPRh49O3dDoIERIBFlyiLkJyoJfuRbyrnwNnZsN3qHHJsgmfl8WEt1XnThRbLr7nM1NycSg8L+DRKLyHnXXHImTZdUZ7j48qGcFuk6gIYEAC4wKd8nDz5wvxx11FHy1ptvovwn/EXRt76+XgQzUe0lCr6PEUTZGxWts+G10zEEDIH1QMAU0fUAzzY1BAyBNUegtjISGJVuzChxcismo2dpziSUz7DkYI5nBqYQPrfJtttuLeefe5687/27YmEM5BMsLtieKigJHnVTlRA9Z1vzUxvyNZ1Si7NTP09OcUhG9bOhP13tHbJkyWJ57PHHNbl9Dmmd4okU1F50E0ScqrDrLgKZ3Fb6Xomp9r3iO5s1BAwBQ6AREDAi2gijZOdoCDQBApWVkdgdkrJwiFWRUKYTr/a2dkxj6h9JFZCENImKRPvuu5ecCxK6zY47YyuU50Q+TlZR0lZBOj3ZK4mHbo36fQ/OnecdS7bJLrvsJE8//U+UAn0ZqiiUYOQXJT7EIpdDrlHtGOtCYUMkwicW1ZhWgFG/vbYzMwQMAUOgCgEjolVw2AdDwBAYKgSqSRNN0yCgeLkApKhWEGIVIVZNisLvc+zYMXLQgR+T886/UCZtOAPmeIqgCOZBiiaWxmRT8kn+RW5GmbEBuFiBLglwPeBLnRIgcfLcGfW/2Sabyv1Idv/GG29ACcUXzBygifmLgkqhqvw6Ikr114gorwFrhoAh0NgIGBFt7PGzszcEGgYBT0SVN8KUznygrBPPF6Pi/bStvV022GCCHH744XLs8cdLPNmuRvcsVELWlgdr0zyizA+qOesDBJSINgAaJKC+lcmo85PtGT1GRnV3ycMPPYzgpX5kBMgp+aQCnIcqqvIo6KtWYAKhrW4NwMKrT9g+GQKGgCEgFqxkF4EhYAgMLgJqNq7ZJeRM9WfEYubHRLYlZ4ZHVDyKd0L9y8I036WEdIMNJsq3bv6WbLbZ5rqTIldGC2G/LOepAT8ko7q0cd9gfNeTDwc9yeVAzqPoH+rO//lPf5Rzzz5LXn7pJSS8z0quAEKK9XKZtGTgmqB+tWvNO6s3oO+pNUPAEDAERhoBU0RHegTs+IZAsyFAp8YVGmgUlECSUFjeQbhiapKP0tcT6ihzg3Z3dsveSM301euulZlIUl8A8WR9+JDuD4ohSChbkSZ4tGpapYsa6s0nuXdaqEgmk1V3BZriJ0+cRMu7PAhlNKc+sRFNUaUYgD/SbA9jfYDNmna7GjEfyb+mW9t6hoAhYAgMBQJGRIcCVdunIdDSCND0jJcnpHTuRAvjcwSplnxyemqaDH5nuc5JUEGPOPIImQdT/LhxE7g1NmegDsgT+RMnAQGlH2k1peLeG6+xF74nVCdD3u8VSyNI5L/NdtvLc888J/985hmQVCS3Byg0yYOGgoJyOhDhXxUO1agZEV0VVvadIWAIDBcCRkSHC2k7jiHQagiQiJZIKColMTgJcigrJLESEtkkSeiWW2wp55x7rnzq0M9JW2cP1L4cAndcqctKyDwR9dPK7xp9nn2i8ssXCaKazUFOt956jryAEqAvvviS4kLQNOsTvtOAJ58Cao0AMCK6RjDZSoaAITCsCJiP6LDCbQczBFoHARKqEEzI8WRMUzFFIX9yWRJ+oTQss9767Nmz5aILLpAddkJqJuTTpMqnwic4k/dh9MTTT5sZwZJKCfWzgNKlVJFf+9e/5JhjjpYHkPSeyihoqkKQy6YljQAuLQqAJX5bqsls9KmtbtVE1ONbvY59MgQMAUNgeBEwIjq8eNvRDIGWQSDKikfgTIkE68Wn8IISit5TEU2hVOeee+0txx17jNaLZ3lLRsd7EkqQPFHyBNRPmxVATyR9/2i2L2SRMzUelqf//g/5wuc/J8+/8Cwwct6l2WxOKsmo396IqEfQpoaAIdAICJhpvhFGyc7REKhDBHxVH7Wx8/yowNEcD82O36WSCQQmOZ/QGMgnSwNx2tPTLQd//CCZP38+8oNORyQ4SGgKJFT3wTflr/CZDHwoAyGv2Ymo6zne1dweAi5ZiSagHoNwjhkzFr61EXnk4Qdl+bJlilUYrg7Em1gz5Wht6U8X5FXaK2YCIINFnrhWrmHzhoAhYAgMNwKmiA434nY8Q6BJECABYvO10121H9e5MKTQjvYUKGke+UIZIR+Xdqigo0ePkoM+9jE57ayzYFLG9pqSiSb5cnN7xVelGafxNTsRLRHDwO+TcUmI1yKvl3w2A8+FqHzqkI/L/ff9TZYsXQyS73DL5vOSzaWlH3XpfUYBommm+fI1ZXOGgCFQvwiYIlq/Y2NnZgiMKAIana5BNAykQZBMcDZlJdQtYFomqm/q0wgSxe16kJSd4mgYbJK+oEmoo7vttptcccUVcsBBH1OGpcE5QUomZVuBYkfdTl94o6mex252EkokfT/ZZ+LBz+Tq1IdV3QQznTZtijz+xJPyzqJFkkPC+xjSX7HkKaK+NL2Ti6oPApqQLItI8h+nta1EfGu/sM+GgCFgCAwjAkZEhxFsO5Qh0EgI1JK/MhH1c643juKAOOFjHPlAIyCXcdSJp1k+ggCltraUvH/nneXKKy6XqVOngTS5IBqfF7RMklYkS42E1+CfqyP/WpFKoSmi4tQGqio/9dTTsnzJMslDDY2gKpUGLGkkPRVqjA/W9yn/V4aqEdHBHzHboyFgCKw9AkZE1x4z28IQaAkESDcrXyWFlJHtFS8wS10zFU9KDD6NIaRsisdhNgYhmjJlqnzykE/IuUjPNGbcWJiXk+oA6mgrlU5u69vKKJP/vsWmAfn0UnQ+lwG+KZk1a7aMGzNa/vKXP0s6iyT4IP70D6VFv4Ao+gKUU9VB6T+6CsiMiK4CHPvKEDAEhg0BeiBZMwQMAUNg7REokuio7Vi3jcEPVM3L8AuFpVhmz9pETjrxBDnggAPgCoqaStG48wsFcSJBKiuia3/oVtzCK9Sc7r33vjDJ5+Wcc86Rd999V0l/FP62BYjNBZjkqZS6x4hVUdFWRNH6bAgYAvWGgCmi9TYidj6GQJ0h4H1C83mU6QShdPlAcZJQPlPw/4xFw9LR0a68h0FJnR2dMmP6DNRKP0c+uNsHJYp1dFuyU9/Aj1wwjVJSLDXC5KHhtJJ0KrkH+aSKzJRWtLzHoDjPnDFDlixeIo8/+phin8/loJhyPKLqp0syyswDK4OW+7FmCBgChsBII2BEdKRHwI5vCNQ5AuqjiHNUMzqIEKsiJVGCMplMKSHSBOsgSil8ToAIffYzn5FLL75EtpqzlSQ6ukGGYLwnz/RENOCc1Wb5OgehDk6PhJSVqPjKI0ApBleIDTecKs8+/Yw8++wzSlLVZQLrCfxzcyCmq1JFjYjWwaDaKRgChgCsZdGoPRfbhWAIGAIrIkBCgxaCqd1NMU81LhZ3yenxdbGA7zDtBOEcNWq0HHLwwXLSSSdKqh1R8xpEgy3JeLAv7s4H0uj+gv3rzu1tBQRW58PJB4S+3j554+WX5PAjjpB/Pv0U0jjlJY/l/FHPpFF5KZ13aUlX2DtM+Ew+as0QMAQMgRFGwIjoCA+AHd4QqFsEHHMEgWTwCwNhilA8o5qOiSQoBTN8OpOWVFu7bDx7Y/nSFw+Xj370AGnrGiVFlKcMRROYsm48/ENZZQm8x4jomo/26ohoDrlD+WAQwdsTjzwmnz30MHl70dvSn+3XgCU8MkhfX58+KLg0UNXHNiJajYd9MgQMgZFBwEzzI4O7HdUQGHEEmOOThLL2RXbDZZA7MWVMPPxCoW5SGW1vb8N5U0njd2FJJJOy+eabyw3Xf01222Ou+iiGaILXuvHgQJzHTrz4yQAl7/M44gDU+Ql4nEpTjEDlvwgqK3EMmLpp3LgJMMVnkWP0cVm2vFfN9FEEh0WQZ5S+vPQwZYJ8PlD4FysGVI69+6bOQbHTMwQMgaZDwIho0w2pdcgQWDMElGyuYlX1SQQJjSAYKR6PQwFNKYlhnfhoNCbdSFr/wQ9+QL5x400yadJEVAFipR8GJLk8oX7XSkJL7Mcvten6I8AHBlBTKM70v91+m61l4dvvyFP/fEZyCCwj7s4PVKVokNPqIzoDfuUyDpI1Q8AQMASGFwEjosOLtx3NEKgbBFZGRD1nZN7QCEzqCRDQBBLV5/Iwt+PLBIJkOjo7tVTngvPPR37QcSChcVU+dQXmGK3gNFWpQuum901wIlStg8EiIY0gUGzypMny2JOPyZtvvumEa6xDxZSKKMlpdePy0i6wRsWgVa9onwwBQ8AQGDIEjIgOGbS2Y0OgvhFYGRH1Z800TYyC12pJmGeQUgyEdOrUKfLRAz6KHKEnyejxk6DIgYQy8CVgnG5SJjWVpNTv26aDgACJqG+EGx+78IDQ1d0pjz/+uCxahPyiXMjVMAh5JL+vJpsV2+ua5THDR2uGgCFgCAwLAhasNCww20EMgfpDgD6ilS2PYCS6dMaiIKDw/QwjTVOxkAMRjSN/KIKUEJy0+eabyfwz5ss222wnnZ09lZsr2aHfoW8uT2jwyTiOh2UQp2Ws3U4JMglnWu655x45ft7x8uqrr4GDUg11mQ8yqE9PX9I8MjuFGUCGxlSjrjmXClZpsmYIGAKGwHAhYIrocCFtxzEE6gyBWkWUfITm+HgsKlGQT1ZNCoddcnSW7Nxttw/JNV+5Vrbaams11zt/UEd+SICcPZ5TR2RKeUK5irUhQKCaMGqyeziCRuAmMRk+u+PhMvHYY4/L0mVL8UCBscTY6pioeo1AJTDQ0tDoDP17nYA6BCdruzQEDAFDYEAEjIgOCIstNASaHwFHFEk+HKGJUfUEAY2CiEZAQOlXGEe6pp6eHtl//4/IVVdfLePGjhW6GkaYIzTgQWp6J5Hxr2B/aqJXUlqiO80P6jD2EDWWFGkOg74IM/K6apBZJCabbbKJvP7aa/LUU/9ATtEMVoJhHq8wxo6uFKxJ754fWOnZkVCefjCsnLVmCBgChsCQI2BEdMghtgMYAvWBACvyUDUjUWELl6KIEFwEgpJEUFIEPqBM+cNKSIlkQiaM3wD5Qb8gp5x0inQiYX0IBMcxTkwCm26wu9JiNwPSs+IXPKy1QUKgNuod+Q2kiIGjaV3VT8zPmjFD7rvvb/LGm29o/XkNasK4R/Cwkc2AnLKVrgP30Yiow8HeDQFDYHgQMCI6PDjbUQyBEUeAJIRJ0qmERUE2WaqTZDQBs3s7ktKzRnmhgIAWfN/R3iGzZ20kt9x8s+y1z76olIRa8hDQ+J3yS7xxf24eXQNx5bwuAwFyaisJLw38TmUrKXfBZ35rbd0RqCWi/Exju44BdsuiAl09o2SH97xHnn7qaXnllVdARnOSy/RrXtgwxomiqBsd6t/0I3V74VJrhoAhYAgMBwJGRIcDZTuGIVAHCJCgUBEl+WReUBIR0g/mBGWAEhuj4seMHi077bST3HTjjTJ9xgwmY0J++qSSUK7DpPRKXkoslEsdEXUz+l56W5nCZkS0BNE6zdQS0cqd6CMA1GsO0ehx42W7refIA/ffp5H0+sCAlbXYAJLd54P0Tn6cqiPrK/dq84aAIWAIDD4CRkQHH1PboyFQVwhoiU74apJQUp9k4BHTMtErkFHyEaRmYuUkpmlKJlNy6KGfkTNOP00mTZ0qmQxrycOkDyWNUfRs3IubwZT/VQHVL/Sz+1IFVNDclbdgLytfwb5ZJQKrIqJ4asCzgnePKMoouFVMmjhBo+mXLFmskfN8AMnjwYSmfH1I4TZoRkRXCbt9aQgYAoOMgBHRQQbUdmcI1BsCjI4n6aMSFsZ8DMSTiqia2eHnSZ9QBiglkJ7ps5/+jCy48CLp7OoBWUHqJqRxonKmpSKDjpG0aAumpc/B936yKhLKdYyIeqTWbboqIkofUeYN5aDTBYNllabP2FB6ly6Thx95RBa9sxjjjYAzfM+a885lw40Yg+rZVjau7lt7NwQMAUNgcBAwIjo4ONpeDIG6RYDkk6QiRhIK5ZPmdwYnYZH6ilIZ22bOHLnuuuvlsM9/AcQEkdeoYx4GYWVTQoJ1mRdUfT+5IV5cviqyYkR0aC+JlRNRp327PK6k+3QExRQ+o1tssYW88vJL8q83XpcM8o0GIqh+TcJaKCcV1ZNf1fgObe9s74aAIdAqCDBvhzVDwBBoUgQ0epr14kFCmaQ+hOiUcJh+oe5PPx5LyKabbSYXXLBAdnjv+5RgKhQFEBf1BQWJIZex1pAIOCLpHglCeADpHDNGRvV04wGEgWoITgsx3RMU7ygePOi8EYHPKAob0JeYL2uGgCFgCAw1AkZEhxph278hMFwIUKnUFuSERCAK/TkjIJ5xEM88oqWZBDTeBjN8LCVR1Izfftvt5aKLLpHpM2aCeKDcDhrrxhfyTHgO1ZROpKqo6Vf2VlcIBONcOqfVEEeMZWbpu7K8txcPFxxbBKEV4f+L3fDSwZBbMwQMAUNg2BEwIjrskNsBDYFhQAAkNEKlS0ko68THYJll4FFeUqkOGT1mtBx80CEy/9xzcTJhKYKgao5QkE+S0EgMy0p222E4XzvEICBQfmggp9Tnkgr/iCLyhj733HPyMkzz9P9VP1JcI1yPq2UyaVVB8xWM1EzzgzAstgtDwBBYJQJGRFcJj31pCNQxAoECWksWVOkSJKUHGY0HaZno+pdq69D64ptuupmcfPIJsteH90fnSF5ARmCa1YZ9MrjJk1C10EM1W5e2bluty5FsmzIClajDvM5sB/DtzYOE/vAHt8r3f/gDeenlF6WvH/6hYKtFXCMc62w2hxyjCG5Cw+q6zJv1cTloK67jdeC2tndDwBAwBAZGwIjowLjYUkOgIRGgcZ5UJBJlcFJM/UEZtMIUTW3tbbLDjjvIOWedJZtuugkIJ1VPrl1BXrADT2xJQq01JgIwuKvKmc/D5xNk87Zf3ibXf/3r8hYqLFENzaT7JBJPaA5RktAs1fKK5q+BikU2awgYAobAkCBgRHRIYLWdGgJDjwAS9LiDBIoVySaT1TNRvQtGcTlCI4iA7+rqlt0/9CE5++wzZeqGM1Xx0s2wfqkF+/GfYdW3VscIVIxcxVl6R0/KnQUQzLR877u3yi233CJvvPEGxj0v2VwGfsDIIQp3jGw2g88MToJ/sAanVezKZg0BQ8AQGAYEjIgOA8h2CENgKBDw5nOqVypegjgyZWQU5niST6ZqovdfT0+P7PfhD8upp54mE6dM12VgISsSD1NAh2KYhnGfJKGeiIosW7pUfvHzn8tNN90oSzBP3081v1P1DqPWfH8fIuTzpeh4Xk+mhA7jcNmhDAFDQBEwImoXgiHQIAiEQ45kFH3G8eC8+VmFTahayUSnqp1OGY3ItGlT5cz5Z8hee+4lyfYuDUrSzegIuIbNm+jDfsZvZ8TVIzE801Up1BgLvS6ggqb7e+XthW/JOeeeL3fffbf09jrCmYMPaJ6+oEjLVCzSH5QFXqmg05DPDAvYh43p8IylHcUQMARKCBgRLUFhM4ZAYyDgar1D+4JpNRqPgHwmVf1kIvo4/P44TaFU58yZM+X000+XvfaaC4YxsCG3MXpsZ7lSBPBwogQUY16E72df33L5/e9/Kzd941vy7HPPahASy7Rm+pdLjtZ6qJ7+QQaPL0pAPb81ErpSlO0LQ8AQGEIEjIgOIbi2a0NgcBGgiun9QlmqM4yo+DD8QWmGj4BkQNmCyb2zs0Pe975d5OSTTpOtttma0UeSzfRhffy5B6qqOy+Q00oFzDOSlZ20D58ufV+5cWmhzQwbAiShIKAo5UmTewQpuq686kr59e2/lncWvSPpdAaVkqCQ9iF/LBofXKiAIpY+OMPgWgo+2cQQMAQMgZFAwIjoSKBuxzQE1gABNZkOVN0GqhZzhMbjMKuyDCcCUPL5sLS3tWu+0H333Ueu/eoNKOFIogLqihQ+0VgSRyRxDEiIccg1GIH6WUX9gYMHhRCjyDivw8mxzyIHaEbOhQvGL3/1a1m+7F3JptMSjqFyEoY7CpU83Yccobhu9EHGxr5+BtbOxBAwBJBs0JohYAjUFQKegLLEIucpRLq64nkQTyigIKHkn/T3i8Xj4CMR6WjvUHP8pz75STnpxBNBUrCUHBXTMGvLk3yoolk20a8QmLISgoIK5A6fygj7ukKsyU+G/FHt5szv6qpluYsC1a8wnH/5yx1yy3e/Jw/e/6D0Le/V64FVs6iG8sEjne7HvMPIm9+Dj7qwlB+0cqFb3X1fMW+zhoAhYAgMNgJGRAcbUdufIbCeCJCAqi8fFCzOR8AiqYKROIKWarUk5gaNJ0FCkSu0HflBx44dJ/vvtx/M8adIG6LktVISSSy2IxlVKllDNGnot9YYCLhnAC3YCpU754LTQEp/+1+/kYsuvlRee+1f0o/SnSScEbhgRDHm/T4qHtHy5Ji8DthWwjf1O3szBAwBQ2C4ETAiOtyI2/EMgdUgEFI/ThBPMAZyh1gcienxgSQ0HAEZCfKFtrW1oVxnSmbMmClf+Nzn5COolNTWM0qDVkIwy3I3JK9FVUJXPGigc5a+KGulpUU1M2u/Rc0O7OPaIFDJGDFfhIuFSBZVsFLy7tuvy8033yI/+MEP4Q+6CJHyffgODxw0v2sWBfgFMzUT3EC5G1VEgwcR/zxSufu1OS1b1xAwBAyBwUTAiOhgomn7MgQGCQHWAQ+xOhKCkEhEqXJpuUaonJqaCSb67u5u2XGH98r555+HNE0zcGQY0eEXGo67P2vqp6Z/DdKADPduVmCJfAhwJThfev4pmX/mWUjNdA+i5PuFaZmikRiuD4Qh5eAvWkDCej6AgJRCU3ckdLjP345nCBgChsAaImBEdA2BstUMgaFCgKTBtXIUM5XMPEhlMubIZC7TDzWUwScFBJ9E5QMf2FWOPeY42W6798A/tA2kNerM8SCosNi6xt3SKXAlimiwlk3qBQFPPlURD0sGJDPehiCzwNcTFQjkVdSJP/644+WJJ/+O/KAwxfN6iNBPGDQ1kw5yhBaRqglqqC7l+A/cwZJv6MBf21JDwBAwBIYFgdVb44blNOwghoAhUIkAc4UmU9A0oYiy8mIE0zgCkzo7O2WjjWbKF7/wJfnArh9w+UNBNrN9LkG5OQBWotjA8yCjzLZFRZsBSmz33HWnfOnwI+WRRx+TJUuWgHRyeRhR8yzbiRROgW8x88iqSd5HKOnW9mYIGAKGQH0iYIpofY6LnVULIuCFSw1Eggk+Aj9P+oQmQEATiRTUr6LsvPNOcvppp8q2226nVvcQ18P3BSWiAM2rX37agjg2cpfp4umHTpVyklAQzBtvvEFuvfX78sqrryBVUxq+vxGsR/M76slnclgFaZxgvacpXgXUYCeu6pbfYyMjY+duCBgCzYqAEdFmHVnrV0MgoPkhS6Z5d8rglpqcXIS+fnFJokoS68XvsfsecsXll8EH1OUELeaKEk/EdaNoIqbEVD8Y72iIsa86SRBQktDKxmT1S999Vxacf4H8+je/kaWoF5/L4ZrABRJDSq5+JKzPIn9oJp3VbelT7KsmVe7H5g0BQ8AQqGcEjIjW8+jYuTU1AkpC0UMGIbHRT6ajsx1EA2oXySlUr1QqLlMmT4YidqNsseVWul6R0hcb1mNT8sHVacMPGtfwfjfUztav+T2t315afusaolmJh14LNKkjNVM4GhP6BPf3LkOJ1lPlTgQlLe9dDsKJJPXImBAKx1CsICt9WKYNw1M1wsF14H1Aawlu5XFt3hAwBAyBkUbAiOhIj4Adv2UR0LygULcYBc9KSclkQrGgyTUCMpFIJWTrrbeWr99wg0yZOq0aJ9aOd8kla1gIiG31mvapARDQBw8EnIWzMMXjweThhx+GEnqePPnkk+r/mUMqJrppUA1llHwhmxmwV3wYWQXfHXAbW2gIGAKGwEgiYER0JNG3Y7cUAi4/aLnLESiarBMfhQJGgkGfwCj9QkEmWK5zzjZbyWWXXiITJ09S/1AqpdpULa3SwMo7tbnGRCCIlGdk2n/87Ofyla9cLW+88S+ooI5wqv8wihfkcjnJQg3VVE01jLPmY2PiYGdtCBgCLYeAEdGWG3LrcD0gAA1UyacjohEooGFNRs7ApO7uLtntgx+Qk089RaZOnooSnW04ZURPQwmz1tgI0ASv6ie7oeTT96cgi995W373u9/JxRdfJm++9YY+mKT7aY5HSi6sRhcO+oPmS64ZflubGgKGgCHQuAgYEW3csbMzbxAEvBLqSUgExIJelyGEN6dS7erjmcd8AoFHEyaOR634k2SfffaVbpbqxJoMWtEGn9HKViY0lUttvm4QqJEoOf585XNpPcUoChUUEXxEX+C/wwS/YMECefSxx2XhwoX6kNKf7gPpxCMIzPK8PjQanldOpLzj8lzd9NpOxBAwBAyBtULAiOhawWUrGwLrjgCJYwTBJlGY2KlxtbUhJROYRgwJ6nvaO2TmRrPk6quulM3nbINk9hkloet+NNuynhDwJFRdMCL0Bc5LMdsvIUS/P/rQQ3LqqafJc8+/JIsWvaOnzUCjbB7JmJgbFE6/oK8rdMdI6AqQ2AJDwBBoQASMiDbgoNkp1ykCXrEslTZy50lSQVWUJJRRzxqcRFUUwSfRaFg6Ojpk0002kSuvuko2nDFTMqgbHkPgklPAVuxrKTremMiK4NTjEow93XrzyPcZRhUk0sr+vj5JYOx//pMfy7dv+a48889npReVlGh+Z1Q8fUHzSM/FIdb68VRCa5pX2msW20dDwBAwBBoKASOiDTVcdrKNioAmIAcZoRLqgo4wBSkdM3a0Jqm/9JJLpWf0OJhp+ScZBCIhQoVKmrUGRkCjjHweA6bpCoOELpd33loo3/jGTfKTn/xUKyT19yMfKB5AWB0pBoLKmvGOhjZw3+3UDQFDwBBYAwSMiK4BSLaKIaAIeMVzdXD49aCMRpGSJwrlMxZz/p0F+ARynmb5MWPGyCGfOFjmoXZ4R9do7JVEpToavuQHym8oq1W2mo/+qxW1M/+NTYcUgdpnhiAYKdPfj3KdUL/jEaRdWiZ/+O/fybe++W15GipoJp2DErpcXTQYCR8BCWXN+AxcM6iEcsw57KjiirdqH2GfJ3RI+2Q7NwQMAUNgiBEwIjrEANvuWw+BcEBIwigWDl4BhYtpmhCYgmTl0VhSRiEIac7WW8nhRxyJakm7SyzRLmkkK0+wOpK1pkCA9eFDzOgKFhnX/LB4yEDQ2X/9v/+Syy+7Ul5++TXJgoS6evHsMtw3cOEwIj4Ds7wvUsBvlIRyxpohYAgYAk2IgBHRJhxU69IQIVDj+8lo58rmCSgJSAhqViKcCBRRJGuCGT6CwJRUKik7v3dHuezyy2XS1KkgKk6/BFe11iwIBD6hWtuqyLyfMLujUtK3v/VN+d73vi9vL3wb/p8IPgoU7gKCkugQXCyENHk9RXHvB2wktFkuCuuHIWAIrAwBI6IrQ8aWGwKrQ4DEFGS0CL8+VkZi8ySU05ia5QMSivU6Otpk1113kXPPPV8mTZsBgYw1wqF+kcEikt77g65ggl/dedj3I49ArVmeHp5aurUgr7/+mlyw4EL505/ukGXLaIYHOU33I1sCsiawrKemZyoiSh7zgTmeuzMSOvLDamdgCBgCQ4+AEdGhx9iO0MwIgIwyAKkIRYs13ZNQPalm4b9GxIcQrNIGFXT8+PFy4gnzZP8D9pdk9ygQkV6Y5EFEaJIN8PFTD1cgmPmPYCblWZ2r3aDma/s4xAgE41F6gMCgp5cjGr49hQND4cxn5IUXn5NLLr1C7rrrXuld1oux1gKuUMeTkoNSmgf5zMEcr8STlnz4E9eSUAa6uVY94P64Q9zL0u6Zeso3ppWqjdo3n1WPjk0NAUNgbRAwIro2aNm6hkAVAvADBFsMgyggG5PEEfHOSHimZGKLYxpPJuWQjx8k846fJxMmTULeyLjmCPUktGp39qGuEViB+NU+GHDMmaS+UEQEfL9cdeVl8r9//KM8/8IL6vtJ/09GwpPEMSqeJDSbcyQUmygJVYV9gJyh9QAMU0q54KlqQlwP52bnYAgYAo2LgBHRxh07O/MRQoCqVQGBR8zMQ7UqFkO9eExDNNFDvGJ6pgRqxsdQKWmvubvL2eeeI20d7aiI49TSSDgFqsFgFidy2m19hAZyLQ9bS0SddlneSRF5P0N4+KDP58UXXSL/edvPpA8R8VnkD82ReNIMj+9IVPOYgpfSl0OvA38tMHE9ryma5TXzU3n3dTFHIspMEGx0K2BQljVDwBAwBNYHASOi64OebduyCNCgTnUrDP9OVkqKRmNSyGRBIsJKQlMwz34UZvhLLr1Uou2sFU8DPplHFL6AGVVOCZ6RUKLQiA1KZqCI8hpgy2TTsvitt+XrN35T/uu3t8vixYtBPKF+ckUUNcghYIlT5grNg2kqsdW8sdgYIrpeC8EFUY8klKZ5klAG3sXwoMX+gl8rGa0l6QqIvRkChoAhsAYIGBFdA5BsldZGoOwbFzAPTLRCEmBJIR9oMpGEaR4qKW7ONNNPmTRRjv7yUXLol74IdgHCwajokAtsyoNhhKGM+lb2uvNLVjE11roKcIbhq2D46ffLVx5BR5EYKmDhwYJ+wb///X/JLd+5RZ584glZtrRXc4FS3WQlLZrcYYWHisidMJSNE+QV9Ww22Peqe7FGK616FxXfhoM8pxWLVjqL4rSa4zSMfvJaR6dhBcDq6FrWi6Jh+o3CJFATZbWyy5YuCtYMAUPAEDAiateAIbCWCJBGRJEjlKoQSUYRJkoJ83NcZkyfLpddcpHs+P73g2hQNWV5T9ybOeVdu6JVf6r4wmbrEgGXzaAcpMOHEZJQBibdfvvt8pWvXC0vvfSK9PUuhyk+DeWwQ/1Bs1mY5qEeFpCeiQ00Fv9Q8nNlNVx1rfp58yQ0iv5S8VdejQ5onlyeJhZowJVmkaif87YzMQQMgcZAwIhoY4yTneVwIkBVB62UF1QVnkC9gYoUjzsTZSIeV/MqVa0YTPNbbLGlXHv11TJj1kbqDwqG6kioE8Gq9qkfHC/RWXtrBATKJJTkc9myJSCYWfn+D34gN9/8HXl30TtamKCAIKQwcsiyUfVLp+EfikCfMK4Rr2nqJeU/1HHXK0loBOfPRkGUpJyKMB/E4CKtjalR2UHfLbu8HS72bggYAqtGwIjoqvGxb1sUAZJQp2LSFxAf1KSOJPUIjw/TT453Y7R4PCE93T2y0cyN5KvXfVUmT56silGBEcZQTfWubHfkhr2KvO+jM8d7U7Kbvv32W3LppZfJH/7wf+oLSoEzm0FKJiigrKAlxX5dzs5rgBsvBsrjddoYROUT6fMUK0koA/B8xLwSUa6A6xvJp/QaJxnNMwMAusceanqninRPXN2aIWAIGAIDIWBEdCBUbFlLIhD2JCGQdCIgnyQXRd5soWyxBKdWSMJNOZ5IKAnt7OySD+y6q5x6yhmywYQJ6jNIssHa4sUaX7mWBLWROh2MO0/ZPXwEJ4+LoBQdTpUbDyMvv/S8nH7aGfLggw+jXjwVT+RBgBKKmHJu7VRQTWjv9qEEDQxN/SL9dRbsvh4mWlKUZw4yGsGDFv2iE/B9pgtKDv2gytvW1iaTkIKsu7NDXn3tVVm+dJn09oFsw/+Zfs8MwsrkMtgHnFCwPf58tNmfQT2MsJ2DIVC/CBgRrd+xsTMbKQRgfme1JMaVUAmi2Z3+oFTFQCXUFzSBIJUpk6fI5z7/BfnYxz4uo8eN05u1qkaBWjpSp2/HHTwEfM14EjGmVmIqpp//4j/kpm98Q1575TWkZ0qDfLrSnIUMyCiuG6ZlUr/h4DRIxPSlyjo8jPHZu30M3pmu356ohFIBpf8nI+P5UJbNpGVp/xIQ0JRMmTpN3g+/57lz95DxY0bLI48+Kv/2vX8DsX5H+tNpcm99MON2aWDkFFHn4rJ+Z2ZbGwKGQLMjEMKPTvDc2uxdtf4ZAqtGgDdRr+LA0AjiybRMIdxgYxJHIBLvthGoYalkm+y4w3vlpJNPlPfssCOS1CfUBFtJQmm8ZXontpWRDq5vrY4Q8L+E+iCCDySQCETjMBUKWQ3OOeesM+WXv7pdFsEfNKvpuiJQQkE+4StKAqpJ67EpK22x+V3yUwgqYRCv5K4JHzGvaw7/m0bNV5xDMp7UB68QgpIYHc+OUxmeNHGSHHHE4fpqa+9QsppFwv6/P/6EfPJTn4av7DLJav+RoAzr5+Ge0I/gLGYFYCsrou5695jwYc+aIWAIGAJGRO0aMASAwIoktCgp5P9kMEYk8HVLIjgpmUzJPnvtLZdfeYWkOrrJOHCjddEaqirh5u1vr0ZEG+zSUgJJP0m6ZOAD0hEx9VaxmFVC9uUvHy3/98c7EBGfk34QsSzM0I5pOsKV7mdkfGB+R77QYpAeSa8HktrgOiIq+nBSQQKHGymW5wxVHJ+8M9nWodc7r/kwHrgScD/pGTVKPv2pT8oJJ5wg7Z3deOBCgBLLkKKjRZDPBx94QK0CS5YshVkeqjGWk4zmoJJm81kl3vS1ds2I6HCPsx3PEGgEBPwvRCOcq52jIbBeCJBs6gsmSNDLqhcTjdMMr6Z4qJ8koSn4hMZjzlyZSsVlNEySc/ecKxddcrFEQUqpmGGHEI7KL54g/6j4wpb6qvy+cp7rWhtGBCjFrexVdRpMUYTRIxcFx3zj9TflmGOOld/99g+ydMly6V3ei/GlDyTIJqopZUC6+nv71EdUfUlBOD0JLZaujXX4qcW2KseubFp1zhUfqEQO9PKrgGATCCq0NMMzF25XV48SU5YepfqbiMUQeDdRDjrwAJk371hYBaKBOkwSyh0BgUSbbLPN9vKhD+0B32i4r4CgplFJCvVLJZaMK5n1h+S0CED5smYIGAKGQCUC5iNaiYbNty4Cql4haTfu4THcdBmkwRYDEWXamg033FAuWLAAgUkfwD04pml7WhesJuw5+ZHyPqQlglmZxIopl+748580Mv7ZZ55V87sjsvSfdCmZclABs5q3yGHio87VDO8VRxLJkW5BKU4qoVTx2fy5UsbNwB+U0xjM811dXbLHHrvLYZ87DH6hO4PTur8F351yV1DSFg9kfDBbuHCh3HPP3ZJMtemDGVM7odqpKsnMl6oZKHDYspm+vBebMwQMgdZGwEzzrT3+LdV7V0nGmVG141C0tAUm1HgUgUkkoRo1TDEqpIEa22+3jVxxxWUyY/pM+IMiLY/qnTTfkmCUla7Sjd3t1d7rDYFaMS4YdyWXPNcSX+SYFuUHt/6bfO2Gr8nLL7+sUfE0S9NvmIE4eRDRLAKYCiB4NOOTYLnxd9dXqWKS7re0Y34qtxWZXfk7zq2OwK52++BaD0holU8oTikK83s8Ecdh3DWciCZkAjI/7P6hD8k555wto8eOxuWNFE1QSaMg5lRZ1WUh6A7/PvT6B9F87KGH5Igjj5CXgFWRuMC3lgQ0nWYKK3BcrOpN9Ezoz2Y+ogqDvRkCLY8A3N/CF7Q8CgZASyDgot7JRjx5xA3RkxEEJyWTiRIJJSBMV/O+9+0s111/nUzdcIZGRBfgM8gbcB51DcNQRiubuzFXLrH5ukWgNO7lM2SUONXCZUuXyI9++EO55JJL5J1Fi0CmkBuU/o6s0QlXDBKttAbjwDwPEleEw6cb+wFIKHe/OkJZPoXquXXdzu+FBLOGhAYxSEoFk6kEMkLgBZLJMrWTJk2WAz96gJxy8skyZuwYzRNKPCJ4QGMfnEme/XEHIDFno/rb090to0b3yEMPPgT/2TT+VoK6n9iI7rbOIs+/N/7nP0Jd+2Sgu7M3Q8AQaDEEnM2lxTpt3W1NBJzHJm6AehvEDRE+bRGQSZrjQzpFonqoRIx4HoUgjYM+fpAwQGXCxMm4n6OsZ0kNhZqEDN7QwQIC0pp4NlyvST499+FUiR6JpSNUUaTo+terr0ANPB8m+T+DkC4DicI2Spwiki1mpIAgJS7SdEwlAALlsfR5ZGeYw5OqbZjsD2RUg5LQ1wL8Wdu62nDyrBCFspzwbS1C5YzB13PKlKkyf/58mbvHnsLIeEdgQWTJGJWEeuDKfePfDFseQVsxBDbts8+H5b6/3i+3/eo26e3vw2ZF/J0ksIucLO9Nw2eUf3nEKlCQax4Git5CoXu1N0PAEGgVBMw03yoj3eL9xODlxgAAQABJREFUZJBSkdWOeGMFAWUoEQOTmJ4pCsWHN2ZwUOnATXibbbbSVDV7Ijqe0cMRmCednxwVJrx8426sNQYCyqNIKtmCKca8CJWTCeoZZPOzn/1Mvvu978k//vE0fIBz+qBB1Y6kjqZmlupkLlHuisvDoYGf46vM8jycXnScqWmrUwRXtp3fzSq25/mp4ggySOrHazsGgsok9TmkV4qAdNP3eQoqge222wflYwcdLO/f9YNKsJkRIIa/iSiC9uhuoOZ4f0xOS9e9/1uADyjPBf/7li6VK5FR4kc/+YksQuUpJsenSZ7pntL4+9PGQCo0ODjo1L8ZEfVI2NQQaC0EBv4lbS0MrLcthACjoLXqC5UiEFIGI0VxQ44gIKOzPSVbbrmFXHPtV2TylEm6XjSW0kT1DOZIxFMVN+EWAq2Bu6oECefvjMErdiSEB5Hc8uVyKczwv7r9dnn7nXdA1LLS39eHyO8UCBZjeFDIEuZ4RsDn856FMU0XKSmt9X7ZivsfqSV0FSCBVgIKMsgSnCSWUVRAYjoyElIGJX3+sMPkqKOPlARTkWEbqsNt7e3IC4pE/SShqyC7PieqYhCw03gyKRdcuEDziv70pz8FGX1bwghoYlncGGRkpnQimXfK6EihY8c1BAyBekLAiGg9jYady6Ai4E2Ubqd5qDNQhvBGBTSMqSqiUIbiuFHST26PPebCFH+UTEOEfCQaVyUon0WuSPCMRLx9UM/NdjZSCHg1FCpnpl8WvvUWiNOF8kfkB10CUzyJFxXNJPyDc/ADJgnFmkrqCnR2ZKs/3unOq+ad1cDiINoxJaBQ9WGSp+tJFAFKJKGHfuYzcvwpJ0kID2K0EPBaj8CUns8hawD+PlZFQmsOpR+Z8oppzUhg6Wf6wosvyN133yPvgtyzMRMFXRpyTBFVhHWCRFe/sTdDwBBoZQTMNN/Ko9+kffcElFHCXnmB1xxuegUEZaTUVy2GGy5T1fBm29nVLYcccjBI6DEyafIkmBhhMqQ6FNwmGR1fxE22VlXzhskmhbEBuuVN7bWnSj/fCorj+SMGrIgcl/RdpPJ3z91/kW9+81ty71//JosXLwNRgzqqZnh8D9KZY8UkvOgnymuBBLVyv/UWnFZWZhlIB1JI52eSaPSBlcEYkBTBssm4xg+G//Mpp54KLHBV4yGMJHL1bXVXfMV4APMXn39Wjj76aLn/gYfUHSAP7NnySHdFXLXBKuFHiiR1oEZXVzYz3Tsc7N0QaDYETBFtthG1/qh6RcJABStE5QU3uCLus50wP2ah+kQZmATTfBzmwlmzN5YTTjpR9tl7b1WDCB+JhyOd7s5YWRHH4G1MBLRmvCc0qAj0y9t+IZdfcaW88eab0tsLJVQzKUTdtQOOlANRzcF/1JvftZJQg3Td+T4jUX0qKVlWOEKC+vaODvV/3mijGXLE4YfLgR87UIk2qyihzMPg9wx/OhvOnCVHHXWkvHzeBfLmm28JTqR0HKqhSkY5Jvz75ARvKyOjpQ1txhAwBJoOASOiTTek1qFKBEhC4wzMoOCD+VRbEkTU3aS3f88OcvXV8AedNl2VLs0HCQJLJYymeqpJ1hoRAY4bqQ3eqYy6Wf28BOmYrvnK1fLv//5TRMUvVT9giKBqiua44xkEqihIqJrksSm/DFotXavYrV9lWKcuL271IT0JpTk+3durX3Z390g7/D4PPuTjcuSRR8pUBCjxbwEyKF6cwZQMsCaKvXrPa/8pixyie+29r9x9733yH//xM+ANP1sADBdVRPBnAwUa/qIEEofXCd48GfVK6Nof2bYwBAyBRkLATPONNFp2rmuMAG/SWmIT/qDxOIORYnoDTMAc3wF16AO77ioLLrhQNkDaGlbQYdQ8TfpKXHhPxg1ayzXiiAXesNHMNK8w1NFbmSQOdFIcyyIIpXItrPDcP/8pp556uvz9ySfk3XffhQ9ovwbwZBFFHgZxo0JHMqokFLv25mM3+isegcFLI9WcGb466ryShPJaZuR7HkFWY1Ca9vAvfUlOPf00DbxjEJOa5IPo9XCESe3XhIiuDAmPQvV4MPo+ivPg8T75qU/L3/56r6SxjE0zEcAHl8ozz1EzDVSY6f0eK6dmmq9Ew+YNgeZBwIho84xly/Wk7BPnul5Wr6C6ICiju7MLgUm8ERbVJN/e1iE9PaPlrDPPlH323UfNlQyuIGHRG7E3UZb4hbuxeiJKYmutnhCoJj7lMysvZ+BNGITrJz/9idz87e/IC8+/oLXhMyBEvEaogDIciSUp+9OMjOdenN+iv55qrzN/nBXSNPkvhmhaq4BSMaTPJ4OASEKpaDIlk6uEFJfOzk64o3Tgget8OeCAA9DfuJ6Zu9apQFKDdFkkdMZf/+7Der9nQfSJEfF78vEnkKf0DHn0kUelH64QPDR9tOkqk8GDQJ4VqgC+V0PdmVWfghHRajzskyHQLAhYZaVmGckW7Ie/ofquq78bbnpMTB5HWiYSjTB80agOMT/orFmzZT5I6P4H7C9tuEFrjsMSCeVeAqJZ4pvuduiVL3rTWasnBKrpijfD+/CXvt7lsD4XQUJ/Kl+7/gZ5+cWXZRlSNakvIrpBVY5qXAY5Q7M0ywddY9p1bbg22GqvM12IN7++/zzUU1cZrHyUIqp8aRQ804/heudZq2qPma6uTtlxh/fINddcI7vt/iGcLB+2XECS70/ttHT9lw+xznOqRuNvkQQZdF8mbDBRtkJqtKee/AeyEyyRPowDM1doIBgVWvzz+UoVfX2rPfyAC2tXss+GgCHQYAiYItpgA2anW0agVqmiKERySYWIEcMJJk+E2pVE5ZgddthBzj7nXJmz7XZY5m5oGsxEk6RvnllULOJXPl+iKaIeqPqYMpTIN1YPohmeLzx+YIjp75mVy6+8Conq/0Ne/9ebqrhpqU5YtAtwx2AZSjpw0G+RQ+/VOE8xS+ma/EGGe+pN56V+OlO8951UEorrPAJ/Zj5w5RGExZrwrAq25157ynnnL9Da8QWavtHDSI0i6rvjCan6ivqF6zHlqDi11Y0P/26UZBYy8rd7/ibz5h0nb7z+uixfjupLNN0Df45HDpYLPhiw2hPHgvlGK5spopVo2Lwh0DwImCLaPGPZcj0p30DZdVcrPgZfUEbDx2CST0Al6kZqprl7zpVvfftbMmnqNNysUTEHZkBuS79Q33RfKyGinqCYIurRqodpWcHUswlIaAhkhuofx/isc86RX/7ydnnrrYUgnVA/kTaI5nbWjs8iWAYVDQLChKsHZKj6etLdjGxH/fWJvrlzcxcoS3fy+YmR8CRyTEnF4J/2jk4lofvt/xG5+sorpQeENITAvAxKcPKhTc336FFtP8ufa57A1rH3/s+IVJKNDwb6t4bznLjBBrJw4dvy8MOPQInGGLDhsOyHsk/Mcwjds2J5T7pe8ADp5u3dEDAEmgUBU0SbZSRbqB9eCeVtU6u04H5Fdagt1QbyiQh53NR4Xxs3fqzWi58373jp6B7Fux3WJ/mECoONYbVdq1a+Ya/VZrbyICPglFCa1ZEYHcSSOWExosgNSpLZiweRsHzusC/InXfdC8KZUx/EHEhPgemYSFJxHWiEPM6LBJWtrsY2UEL1xPBGoqkN58rsD4kky3M6M3s0wlru7vpnvfh5xx0nhxx8EGrKd2Fp+UFLFcrK8rT4dm377JDSM1mjNx7TB/jxTJjPNARSvWjR23LC8SfKHX++Q5YvWyoMFmtHarU0KlpxXBgkRpWUDwfWDAFDoPkRMEW0+ce46XpYvoFCKYJplQFJMdyh21BeEMwEpvi4TJw4QY484gg56stHqz9oFiQkDLWUrRCY43kDX5tWPu7abGXrDi4CVEIdQYmGWbIyCvKCwCM8ebBy0L333CnHHnuc/O2+B9TMW4AfJSOzC3xhs9LWeAjxJNQLbZ40De75rsPeAiWU6i2vuQjM7lFUSGJRUb3W4y44KYL+s0JRT3e3bLHFFnL5ZZfKRw44UOJJVgGrvrp9YYfKs1nb63ktn9v0UB5TfzZ9yGvaiXRSO+ywvQYuvQ11lOfBErphuBUwsb76l2JrklFrhoAh0PwImCLa/GPcsD0MBXkNa33DvCKaSkIJgzDEqOgoUr/EQTTbkCd049mz5NhjvgyT/J4SbUshqXcGdcO71Fzr/D3LSlElOKtTSNf2xl25b5sfDARITJweyikbVdEIxj+T7pMf/NutctON35B3Fr0jy5YtwzWBlExQ4GiSpxqXA7GhryIM9LptgQohSBB9RNkqXTV0wereoK4OVSMZC+P8wnjAijHwTi9OPkyBUuI6Z7Q8/w66kBlir73myvFQGKdPny7xVAeqGPUrmYslElWnx6j0yra21/O60sLav7Yi69hDxf7b3X+RM86YL08++XeookjrhKArjgFhzVIdhZpNVdX7itb+DlT2xeYNAUOgcREwRbRxx67pz9xHCfPGVHnTdPN5rZediCdQB54+oTHphjI0d4895OJLLpRtt0dQEu67WeQqDMOMqfkkqbbovbj6huyBHHip/7b6HMpLbW54EHAklMeiMsix4gtioSx6Z6H8+Ic/lOuu/ZosRb34DEkMzL2aq5LmeJBPT0J94JlSyEB59L6MldcYjzOSTckbfEEdEY1pJgh2OIKqYC4YLyrdPT1y6KGHyllnnS2TJk1FDfmEFFkvHn8TGrRFO35Ath1a1T1a2/4S73Wh3tyuqulQZmXK9JlQczvliSeekEXI68rKumysusR+00SvmRBKR11hT24DezcEDIGGRsAqKzX08DXnyXsl1Peu9nMcakoi2YEbV7mmdg9uyqeddpoceOBHJQWVCA6BunnUmzlr/OP8vtdqWnsXtvviWsG32pVr8fUbqDJO9hKFH+FSPHg4pa+AHKH/fPopOe+8BfLQQ49Ifx/yVtK/EK8wHkwy/SCj2Kd7gdRgvLyIqQ8kwfHWWgn15zXIU6/0626hdlLpTSShEuJfnrk2YapPdaRQoCEu4yeMl6222kpOOOEk5AptB9nOSThP8wDy4uYYIQ+MvALq+6nUveKkV4Z3xSpVs8CvVt2s+n51H/x5IJiQY0khet9995On/vFPuf7660E3+dBAP98+JdB0g2VVUH+aHp/hzt+6um7Z94aAIbB+CBgRXT/8bOshREDNk7ghh0NRBjirz197ql1T1JBdxFENJwHz/CT4g8477ng58KCPwwSfhBrWh5tXHiZN+IyiqUkPN1Gvhg3hKduuBxuBEgklEc1qUBKuBFn67iL53e9/Lzff/B159p/PIijJmd/pE8p0RcyOUCah+M7J6np2np8N9qkO5v6YfixKuRf9KUbYd4F62IP68SnZZJNN5NOf+iQC8XC9o2qY/nGQ1cENgQF5dDfQ12Ce0FDsC367caRWO+20U6FqvyO3/fI2VUY5cPx7pzdCBP7fVEp9lbOhOA3bpyFgCIwsAkZERxZ/O/oACOA2qr58nEZwU40hEj6EG3OsPaG+cZRS6PvX2dkh06ZNkQsvvEB22HFHVYNyCHpgLsViCDdoL6VwR9YaD4ESCfWnXoQLBn6yQGBuuvEmEJdfyWuvvQ4FLatEJQTVW8t0wjSfARmlfqe5RZWEun3UFQkl22LzNmn3yQUkoZ80UeMxTLMAxPAAxnrxH9lvfzkOkfHTprE0LZRfXOf822A+CLBP/V8rfAa7rbsJAhTQdWQCSCTlWOQWfeW1V+SOP90B/9A0SoGm4e/KjAAISMQ61gwBQ6B5ETAf0eYd24bsmTO/QRHBvYf8MYq0TNEooqNJRskiQCriiIpn+cI5c7ZEZPxRstuHdgPn4DOVy5WYQU5FKkrl5phomYS4z+Xv3dzAS8tr+Qjg0pLVbVBa0WbWGoEqEkoiUpD+5UuR+ucdVEm6Tm79/o9k8eLFsmTJYlwSeDABKWMFLJa3zFAdxWc+ibh0TZjDWKlPZNWYrZehea27tMIGFT6q3uysUfFwK6CPJK83piJrb2/T/KCHHXaYLECS+o72Tv3bYAon5gktwC80jL8PbRX9ozA6qG2w94eTCyH4ihkNekaPxkNmWB577DHp64NpHscq5pn/VP+qtb8uit5R7kHtl+3MEDAERhQBi5ofUfhb9OBeCartPpQh3pBDmDJQiWpQCqZ2RjoztQsTcpOEjh0zBqbJT2mgxuQNpzn1lIlDSxJo7Y7dZ+hHVV9Uf6r6yj4MBwJesfbHUvLpP5BIIq1P/3Io4vB7BCn53z/8j3zzW9+WRx97AlV5liMtE8zWeDBRqzR8C/v7EI2NQcUsn1e0+YePKr9Cz9D8Sv6QQzz1ZLP2gUaTuUP5S8L3OZ6IuWT7OJcElMIErveZM2fJdV/9qpbIrDpFqv6VzfcrWEZFVRlc5Tr1Oq/jVZDf3H67XHDBhfLqKy/pXytr0bvoedE8o8x4wFV1XIteUa69kOq1k3ZehoAhMBACpogOhIotG1oESkpQxWFqSGgUSk97G4Mw8lBD4xoVT3/QjWfNlvPPO08+//nPIUl9D4gHVCFVaiqJKOe5sPoGRWpb2ao/VX5j88OOQImEOiWTCqgyTAxSGCbcP/3xj3Ld9V+Xxx9/EpHxIKFQPtUHFG/qF8qKWXh4IQnl2FP9HJCE6tcjM/I+Sr2aiDKwiCmZQpJkHlw0RsWzVO2oUT2y8047yQ1fu0E23HBDVQx1Bf9W+0BXSUTRRSWift16n3JIcP6zN5qBYLQ4Ki89JL3Llks+jVRUzB4AlZjlPxnMpH/wOoT2KFnvw2rnZwisCQLmI7omKNk6g4uA94nzN1L/mf5guOmQhMaogPLmHEkqqWhHZPAUlOi8GaU6p+KmzJZHaiZKYExm7hrvTtXkM/hCJ36tymU2X08IkEUqk9STysNkuxxk5Nbv3So33/IdBLIsUrMt82S6xOeuCk+RAUoYdo587ehXKaG+q8OshPrD+imSSeksFX6KlhEEI9H9pLdvKSLikyCkKRk9epR8eL/9EBV/AoozTFHzdRHrr6pV8tBVrVfX34GEH3rYofLsc8/IT3/0Y1nC7BcahCX4TYAPMBVwSOB003Gpneq6N3ZyhoAhsAYImCK6BiDZKkODgPIBkFAqRWEoYvT+8iSU0bIpmCYZqESfuF122UWuv+56kNBpmi+RARpMZxOFcsSWQXob+pi5pnIJZmtpiV8erGaTkUWAw0ElFA8fjoB6EsppUV5+8WU55ZRT5ee/+KW8++5izQ/Ka8ap4GHkiM1CJcMDCQgryUlRk75zX26cBySh+HakmldE/XVJxZIVk3gN6zxIWBLX/MSJE1Gi9FA59dRTZcy4CQHhgp6/giWh+nou79/1sPbzSPV7bY5Ldxx0VDbZdBN58L77hZWX6ILBsQzh75tKuIrl2Kkj3tUYrM2xbF1DwBCoDwTMR7Q+xqElz0LTM2nPETmL+08EN2L6xDEtE/3p2traNChp3nHz5NOf+awuRxg9FFD4DOL+w5s3UzJVmzrLUHpaWl5ic/WGQBY5IylohykNoinZwLKnn35aLrnkMi3VuWxZL7ib8welZZZBK3z19cJsG3SI5TDZGLBUb83nweWZwQivKYnY5xh8QkNBxaQ2uKGQYG2xxZYy/8wzZaed3qupmtgX72KgyekrOsd9rbLVHxSrPF0OJv3B3XNEQV568Xk5Yd7x8vgTT0pvby+yIzBPLCLqMy41l8NlxU5aBaZVw2zfGgL1hoAR0XobkRY6H6Zm4m2E5QuZeD6RSqpvXAQKGQM1pk3bUI46+mg55OOfQLWYeBkZmiix4epIhxHRMmT1NseHEF85C+WAMJ4cULpaROXvTzyMkpUnyAsvvKJKKEtTUt2jAl6ALyin+YCdlQgoWAyXV7Z6UQRJRENwQyHXZjYHJd546HKcGVkgkKC/A64nu++2u6qgs2bP0r8D35dWIaJKQsuCNki6yN8fe1xOPvUUeRzR9BnUqc8X0pKBEk5rfQ5y+EBk1Iiov3Jsagg0BgJGRBtjnJrqLEs35oCAwgovESanxyuqKWnCiBSeLpdcfInsvMsHKIG5/uPmzcabOoloNe1wq6zq3YjpqtAZzu/KI+dKr2Iw4R/MQb32ysvlV7/+tTzz7HMaeJRGTlAGqJBwZugTDBWQ8yQgGrhScdrqM8hdBW1lSrn/ftCnjlm63YJo+yh5tyCPDBBt8Ht21y9JcozJ2nFt9yAoaddddpWrr75auru60UWkZIK7AYO0fKtV/t213FxXtBJR32FMafHg9fGH//5vOffcc+WVV16EO0ZacljGWvSsoEWzfcDoy+q4V4oxBtYMAUOg/hEwH9H6H6OmOkNvpqQ6lMSNmPlBY1EkqgcBZeqaMG7CO+6wPXJFfk3msF487iWsFR5C1CxvTKpyBTf8tb3NVHCUpsK08TrjRq4IspVHmc5QMSf33HWXHHn44fJ/d9yB1D2vYZwRmILBJ7ksMC8ouGsGuUFpki/iO1wR6HbNFVAzwCNKRHF2vFbp/qqnpSp/AmooTPPwQ6ErQhTX9IQNxsseu+8h1113HVxROlXlYzon9t8rur4iWGV/2PPKz413DQxwxjXDmUujrCkePmbM3FDefPMN+cffn1K/YNBTVZdDuBa04Rpx14PfZ3MRdN8rmxoCzYqAKaLNOrJ10K9KRYgqFv3hwrgJxxH9GonENE0LE3armRY35p6e0XLwwR+Xo444XEaPGQtTPfzmfO5P3M1VCa3oV1lXcwvt9lMBzgjO1o4LtWuOjTPHY7yRG1KDlLA0hIeR/3f7bXL1VdfIy6+8gvygvaokUvFM53IITsmDnGGaZWqmGqYy3H0sKZ4ru9KCnocQgEcCCrWuDRHwEfg9c9O+3uUgnyFJtXUoIZ01a6Z89dprZKs520gswWt9ReRW3cWVnceqt2qIb4EfPTUKBZBRjH8B0fPzjjtWfv/738FE36cPJCTqeVwTWVTWykIdhYOPKuVlVwZ9BHAPAgN0ulZRH2AVW2QIGALDgEDZ9jMMB7NDtC4CnoQmGGwEEhoB8SRRZc5E3jjGjR0vH/3o/nLyySehkkwHCAoCkvx92d1PWhe8Jum5C0SBfyd8/KJtKFSACOg/glh89Zrr5PnnX5B+lHUkWc1DDSyAhTBvZI7mV5BQV2u8nolXmYS64UI50jj8QOl3AopEKzEDknjd9/R0yzZbby1XXHEF/KCn6bW+grrbJGO+rt0gXnx6wWMrSDtcFUBITznlFKiiT8oLzz8PN41+3TXVUVZfY8tQNufDDUms/WYoJvZmCDQCAqaINsIoNcg5lhVQ+vLVNNxZUkhIH6YJniUMoYTSRJlMJGTi5MnypS9+UQ4+5BPSgdKdohVjcPPmfUVvKO4mX6uI1hzBPtYZAjCk6xmV6SNog6qhIksXL5Lv/+BW+clPfiqvvvYqlE/4gLJmPAY8B0LBajokoVStQF0H7lmhvOeBVxjipT4PbtBP1kX3hJKXbTvINiNuwnhFYJLv7OiQMWOg+h9ysHziE5+QSZOmSBRBeDlgEkuk1uFkR7j/63DGa7oJH0jIJvkbgNwY2IwzRfnf3/9WFlywQP75zFOOcOKKoVDO66avN6NZNGB3CQ6zajZqiuiajoatZwgMLQKmiA4tvq29d5U1HAQQgpSERhk9rCQ0KmNG98hmm20mF19ysczaZAsoZQhEgE9YNM7ShdiA0oa1hkXA04FSB/R6KCA/6ItyxZVXyR13/EkWo1Z8Xx/KeEZZVQh5IhGIQkKap6kVl4Ca41fYUWmPIz8D5ZakiZkflA5xEvAfKsChMF1SIlBH4zJjxnQ56aQTZb/990ewTU5iQSWlGDJEOALLjto1DxBc498/cHUJ7KF4In3THnP3gF9xTs48+yx59dVXsB6xR3U1DVCCyweaKaIKg70ZAg2DgCmiDTNU9X+iVYoobs68HycTTNaNUGHcU6KolkRliCX8WC/+mGO+LB898KMyDsoQmzPF42bMDclCaoioD97Qle2tjhFwSiiJJaO/NUAt4FcLX39D5p81X+668y7pg69fX98yjHMEvpNx6VveD5MrUzOB3EFcdAnq0U2QuQHbCCui/novsvpP0NrbEkqcSDxJUBmQ1A4ldMsttpAz589HFohd0Te6G2RBRNdFBfVH4rSeGXrlea7bPIPVwt4/B9cPK2rRDN+7fJn88Q//KyfCjYfR8/QjzuRAQot4kAGuWZYCBTZw8tADF7CcrVyBTT+q2u7m7N0QMARGEgGLmh9J9Jvs2I4ouh9/KqDJpKsYwxsAI94jIBwxpKSZNAmVYz53GKrHHCbdYydIAfkBlXPCF8w1MlG0YOI+4GMpWMQvsWl9IuBYpwaoYcxcOc6i/P3xx6EIniz33nsv/EH7EWji/EBpIqUSzkpJVECpgPGC4F50zGseSEp9HkFHQCWhOG+ajZmEPwxf0LZkHNkfoOaD98SRrJ7XfU93t2w9Z2u56es3yGZbbY2HrSKUvbQqpIyOX79W8weyfjuru61hdHfPozwzdJUlf3ExgcC3yeRJG2hu0RdffAkPL2m4+yT0/DXbAB4AtNJW0CP3SBxcS8EyTtT8X/HZZg0BQ2BkEDBFdGRwb6qj+pRMelukmTK4P7a3o3IMiAhoKG4icfUR3WKLzeWM0+fL+1GyM4SgJdwNmEQUU95kCEuwcSVCARExIloJSj3OVyuXVArTff20rsot371ZfvTDH8trr76mQUjpDB4+QOBIItL9MMUreQCBoMMfWhXH9BdUbZdHUBEN4XyZPojpxpgFIoxE9UxFpj6tCKxpS3VIz+huOehjH5fj5s2TDVC2EzYBVfW8r3MEFoL1a+tLZNfv6EO1tfctdo8iOApx5s+CH2+tP5+TF194Tr7whS8h5+yzuIZwnQW/J/QtZslfKqN6HaFIAsfFK6L4hdJTr1Syh6ovtl9DwBBYPQJGRFePka2xGgQ0QT0JJVqJM+BjVzfLFrIePJLVIyjp0M9+Vs4/73wlpyGqn7i5hBNtiJ4GgdENByCh3KkRUaJQ582TUD/l6Yaggj4qV15+hdwNFbSvt08rCy1dthQuGjE1p6YRKc/gpAiUcvr+sVWRUC4oXVT8UNE8MalYNFyzqojC7YDkMw6fZiqhzIkajyeR9aFdJk6aIN/45o0yZ2vmwqVCR2WYBMglq+dDlfvs/m7W7bxbhIgCHHXBJUiEi6p5HoFJIKTPPvO0fPFLR+gDThq+xcwzywuIKb+W9/XhEoRbEK7DPMlsoEAbESWQ1gyB+kHAiGj9jEXdn4n3ieOJ4jaK94qbKMoYamnOVArEMg+zfEorx6ThBzh+3AQ56MCDZMFFF4KEcuPgBgqVFLcYvNCwvFLxJJ1pztus9rbJ3mBC5YOIplzK6DiSmHHZoZ/5rNxzz1+RlN5FwWe0UhJM8nj46OvvrSCdJAzYBUhpbelWr7jXgjacpRzZF6pqvHRjeIiiryJz4KZQlpaN124cfqH0g546bap85eorZfv3vKfcP/gpqq90cFVXXuu1/bLPAyNQMqXrzw4JJ/K14iH1//7wBznxxJNl4VsL4S+KzAtQQsN4+KWPaRpJ8Qt0AQmqApCE+gcdlxIMx+K1a80QMARGDAHzER0x6BvvwLU3T88pcU/WG3OqrU2DkRiQFIcCGsdNefz4CfLZT39Wzl5wHrgmfvA9CeUN2fuEckdofv9eUwsWuy/tvY4RgJkahICKYDSGEpxQox647z45Yd5x8re/3a8+kZqYHg8o9AstgIT2wyRfMr1qxLPrHq+BWlpQqkm/AgLDd4XwvBgZr/lvce3GkIasrS2F/vABDJ9BQlkvfrtttpFrkKR+DqZUQXFVuxfW8SZ53w1/vfvPNl1DBBTSEAKVMloaeMrkKXD7icujjz6mwUr9fb24FrOqTtNXlKVAeU25h+fgmtFJ7ZW2hse31QwBQ2BQEfDRIYO6U9tZsyLgApHKvUMqJvygx2CapNnLKxYMGOju6pLZszZSc/zH4CfHGuFYyU3xznt0cEso787mGgsBfx8PBpJmat74f/yTH8uNN9woixYugjqOmum4HrIgpxqcRL9RkATO++avG/+5XqZhqPxsLjUQpnhw4nUew4NWGIovCU8Mpvgk8uNOmjhJ9tp7H/nyscfIhEmTNVsAmCcl3nrpTtOdRxE/PgVUr4rhoffgjx8iDz38iPz2t7+TNiicy5cu0QdbqtY5/tbgWnWXKwPM8DvEz6aENt01YR1qTATMNN+Y4zYiZ+1vzKWD44ec/nFUg3iDjuIGzej47s4u5AfdXK6/9qsybfYsKSCQIIQoYvzyg4CSjLpWUoQCIuM/+1t3eU2/hU3rBgFPQnlCStgKMI2+Jv+DSkkXXXyJLF26DCTUlV9U5RukLIsUO/2IjGeuUKqDJdPoanw9R8I079xQymSZ3WxDyVlXAx5dDkgmk9RPnz5dTj3lZNnvI/vjOo8hICmjD1oRBDJpIxk1RdRhsR7vtcTRfYbaCVN8hIFiUNk/+YlPyv333Q+3j35186CDTxZpn/rhEsJ5F0HPKbko1Hkjo+sxIrapITA4CJhpfnBwbPq98Ec/BBmTBIKKgipDKGFIEhpFoAmnCdTUTiK1yk477Sxfv/56RApPwm8/1ucNOQgacDdy7KeSZdYQUc9xgsVNj23DddCrSSAAHMc0EtK/+a9X5fwFF8iPfvRjeXvhQslgWTSKPJkY9zxUK+Z37AUhcL56yC+KToc0v2PFhcBrRC8MfwU4ZLxp3vmE8qrwr8FFjuSTBNMRX17v7kj0B03ggYs5QWkBwCrSDl9oEtM5c+bI/DPOkN3n7ilhRsFjG0bQo2wYn7vwAX8tSkJXPGf/4DW4vWidvVERxS8RLhngrb9PIlOnTJEnkCZs6dKlGjnPnMUsFVuAWwhJKH/DOLB0AOHwcAw4tWYIGAIjh4AR0ZHDvuGOTPKJ/xKD+hCDL2B7e5u7cWNZPMYk9eNgiv+MXIASfKPHI10NV8aNwt3O8XPPOzga4wb0hqCf8OYW6764yN8YgsV+LZuOIAJ8ENFKQRxD/ufNnPd/pCp67rln5NjjjpNHH3lU3nzzdSVwjIDPQenMoYIQ84NmQAY0UIR9wD4GHNvS04m/AlyHPREtXShDhEOZGDoSysOwDC2vd6qbPGtW8aEvKAOTttlmWzn91NNklw9+EKJvoH6iY0FcTOl6Lve1PMd9l4/HT9bWFgFHJ4NridcUXCemTJsmi999Vx588EF1j+jtRcEEtFSqDQMDH2V9OuCSMgGtvtr4nTVDwBAYTgTMR3Q40a63Y6lKWXlS3iheuQzzVBsC8hBF4m6NDkawRoyR0UijQh/RDTecKvNPOxPmyQOwvjdpkoRye7z0RoF7AWfdR3OfAw6N0eBXh0HLw8+T+WBpac70L8d1IHL7r38pN1x/kzzzzPNqDo1EEqpA5UFCs5k+JZ+sFU8SW/TXW4kM1F/vqYKykfy6AgwuRyj7zwAl+hyO7umWvfbaW44//gSZBOKTRpqgeFCu021t70OJAL08K5t6fWLcVOPENXrk0UfJsmVL5Lvf+Y6umUZpUD5Ex+HLK0gXlsZDkk/hVLkfmzcEDIGRQcCI6MjgPvJH9aSg6kxIHAcmo/QPZQLyCBN344YcxZTkNIEf9wM/dqBcc83ViJhGFDF8scKoG17MIickTfIkHbyL1+xZCSkXBzd+XcHe6hABjpS7JqLx4MEin5YlSxYhOvxque22X8rSJcuQJqcf10YSN34oTTB/ZuEf6oyhzlStKji+Ywqkemxqltdrkf6r7qKMMVE9Hrb0IQzXcAo14TfffDO5FlHxs2ZvDMUXPYGKG8bfhbqu0G5vbcQQoH86EhMLywScgXKqXe0duEavRUnQ5RgfJryPKxktppHwHqVkWZSgQHcjrF+bMmzEOmEHNgRaEAELVmrBQQed1F5XqgJ0nfKEo8DgE8heWr4QN2Ca3eMwPcZxU/bMkTff0aNHy9w9dpcLFpwvHZ09EkUEsWsBYQk+OQ0UW9YsrvlYWttm6gUBEjJ3LejdOo+AD4z7H//7f+Tn//mf8pc/3ylvv/22Uzt5U2cNdSifBZTrdKqT64e7tjhfTdSGmpRW5r3l0UuBKcGDEZfpgxImXJe5TmlhT9AUD9cTmuEjMPcWoPB3IQBvk002lW9/65syafIUsmt0x/0d6X74VnItKC1Z5YyZ5lcJz7p9WXqwLUh2yRI57bRT5Ze/+Y36ixYKeEjGeOYwZSGFPhBSvSLxQ4R09/rAscKY8ixKFp51OyXbyhAwBFaNgCmiq8anZb6lCOQJg6tigh9myJXMCRrFrzWneZbWA+FglSSmq/nMZz8tX4YZLAUSykTk1poJAY4nX/yJYMUjJq3PyEvPvSS3fOdmuRtJ6tN9WSifjEbmZYGAkAxu/vAFZaUkbbVEzS2tu3dHWPNKQukTyghszQKBkpF0O+nq7JQdd3ivXHjhApmEYBiSFfojuqjtuutOa58QmSV/y/jUi/Gbf/bZ8q833pS77rkbye75FcgoHhiSKESQzfXqsxGen0BDkW+URQeqn5VaG0vrvSEwTAgYER0moBvhMCSg9OdjoymeSigTnTBQIwZTPHP2deCmPHrUaLng/PNk7p5zkbgejoJQT/OISo3Af7SqlX7UnUxBamutjhFww4SbsyOh2XQaORqhciIdURhPKj9ERPyvbv+1/PWv98EPFMvhj0fOyQT2abhk+Drxfpj97vRuP0C3a9MyDXalpJICGhy79ni6uOKS5PUegTme5UfpgsI4u7HjxspnUJDh0EM/KxtMmgKCQ2yohmJS7mBwBJvUEwK02owbv4EcceSR8vyLL8qrr74CZRSp5CIoQoAxTiDrB90rCkV3HbvrluPrf8c4b80QMASGGgEjokONcCPsn2Z43lhBQCJ6o+V9FomiYadUn1DclKkQdbR3yTQEZ3zjxm/IRhvNdPdh/KBLCCUPoRypagbTrLUGRUBJWfnmG+ONGiVa30LpxDPPOkvuvPNuJHHvgzIO9QjjnOcLUfGZLPJmBuNOVb1xTM7l6HiOGEkoTbdMv0QSs/U2W8uxxxwj+314X+QHRelaWAT4MMa0AFgT/aRvqA/Ma9Axb9LT5u9ZKA5/UXDKPff9sDzy6MPyvX+7Fblu30QqsQwizzjeeIhGbluI+Kr9s3KW/Xo16QVh3aprBIyI1vXwDO7JlX3mQDZohtKfX8yCfMKzT6OE+UucSEAtgPk9B59Aplnq7hqlRHWXXd4vZ5xxOgI1ZkM0QDob+smxeZu+3pz/P3vfARhXca19tE2r6t5xb+ACtmmm9xZC6oOX8hIg9SUPTAiYDgYn9G4SQknCn5cQSPISUkknJBB6dcEVdxt3W13aXa3+7ztzZ5t2XSXtajUj3b393pkzc898c9pgXwGNnnE/3YwCGqKJ9QqAFYP0aO3a1TL7yqvltdffVIckOiJRJU3cySkWYwBmamnnOeqwI8dpTQQDKpX0DnAwc0ApU9W/jyAwDo8p2qX6ka9ACGATjZ3T0AYASFTNjgyXY5raIPaPmTlTbrrpehmDARelZj4ES6ezi3VMYiNX2LKPdqEHVH53895RAPVrncc4YKLt7hWzr5bamnrYNv8SznW70G459SenpIUnPeo91mhMTLTxqkZg717lrnIUcBQ4cAo4IHrgNOyeTwCzZT9eAnDgQ8/MsDQBSngAQqhip1SozHPYqKqqlGOPO0bm3nKLlFVUQQAaVJUsw0m3Sw6EtiNJ9zkACafafGL2IwxCNqxbJZfNukxWLF8JaSDgJgYvcQxaWoHM2JHTM57Azla5hz8Txc1UjSdO5GmDklpOx0ApfwjtvRR2grQJjaHMcUg7S0vL9dz48eNk9uwrFYRqJAhI0PxBRILwhMWUhLrUDSjAQRPqW50uobm55rprZeu2rfLss89KpHEX6hR2vt5gHM3AG4xwUO4NsLtBEV0WHQWKgQIOiBZDLe5lGSwwoGRUnYuAINg5l0Iq5INEi8yY0k0/jPw1XigkQ0OHDQUYmSWnnX6aVPfphxtwDVTxPthZZUupR113nY1ChXfMOt20IeA3gSUll6+89LLce88dsmTxUgWdEY3FyBiinKUGQeqxMPQNU6Ztp0ZdwHHOwqVpHyWX5qYD+EWbNimlBSIPfgDIEnjehQBA6ITEkVgbJboA3TQ7qe7VW04+5ST54he/LJOmTNbg5yVQ3foCUOES0BCspDZwr/xU1btUOBRgFRGAKq9i1dBxCYCzoncfuerK2bJ0yRJZ8f5yTPvZpJluN7Ao8cwt2hwgVQK5H0eBTqaAA6KdTOBCe7xVz1MSSjDqh10UQSiDdWv8RAJRnKOX/FlnnynzHnrIqC5xrfJ2HKddnGXeqf1yoZXV5WffKKASQ0gL5817SH74w+9L3a6dBniq1JNTVZqYizGgMark2W4KPdHshG2VeWdbJ2ZkWKYAJf8oKyFLANPSjhkzWi666CL5/Oc+h7EYzmFwFgVAZWxUNnwj+U0BtoVecJe/dhQgvxs9YZxc8c3LoKq/SlqimI/e2pEkrkYbwUDb2f4mCOI2HAU6nQIOiHY6ifP3Ags6GVqcycKGhAAHTJgSnhJ4jZp4iQQXUFvCE/5D554jD86bpzZ+UQSnJ0hhAGgqu5ja1GEjq3Jez7ufwqVA+87XG06ggaxdv17+/Jc/Sk1NrbQhEoJaQuJ0HOp4xW2se88xiYMZJitp1x38GLiKjT1IQtnhp6aEIDP1YNp2uuSxjSLKRGNOuRCDKVtGHTB5AycNQwazEw666HgUwrSPnL5zzOjR8pWvflU+cf75aN0ErYSn2IJNKL+chFws4138Jkyy65Q8uM28UUBbJeuQzZpVw3pjm6CdLyThxx13HKZprZSdmAqUNU1paXkFBhwYgPCWlmaYauB6mqG45CjgKND5FEjvCTr/fe4NBUABnb4QIZkYgJxOSbQJpZ1cZXmFlGMe7f+44JNy89xvadxQ5eOeLWiJh0TaVBKWDgoKoFguCx1AgSqE5xrQfwBMM5ZLEzzktQ/Hc2kzTHAXRztpRQet2s50mNYBb9/HR2QAw9S7DUhkHFzCEkR1wIpRACAU1VBU5QCh4bIymTJ5CmbhuUpmIE4oHbEUuPBBmKKU8SY5IxTLnQSdqW9x2wVNAdt4mUnYxBOE0r6iCpMTlGJ+Wju4ViyK4QaqWRc2gjhMUFxyFHAU6BoKOCDaNXQuqLdoXFDOkgQ7T84Xz3h6QTDmIYMGYf7sS+Sc8z6s+fVzXvEUvGk740T/T5TqUrengJUeci75/v37y+cvvlCWLVsmmxEbNIJYoiWQgFJ6qbFD4aBEsZFKnbTkNNNIJ0GmzWj62S7Y8xqoMTeBSh5IIwhVO0FpKUKSMbt9+vSWT3zi4/LVr/y39OnXH0cSck9sJyVhBK4udTcKePWXyrxQp3GNddsqTz/9lGxBSDKbdHICqO0pDW+F9JxmGPabsDzPXuvWjgKOAh1PAQdEO56mBftEdskBeCSxgw4wRijtPcF0KRUdMniIPPrIwzJp2jRIvRCWB+r6gL80ISDSQrlOuWDrtiMyRlOO+vo6OeP0s2TposXy6PcekfoakWaAUY5I6KREtTyaDaTpHfHGznsGsWgAUn9q74NYB7zIEDQ7GTt6lFx84cVywX9+WiNA0GGpDfagJbiOTVyBdQa47rycuid3FAWso519np3AgHiUnvN1dbXy8ssvy0PfeVgaGxtRz2gcnvqdtsStuJCDrVYEFnVScEtFt3YU6HwKOCDa+TQuqDcEoGJlnESVFoE9ow9WcDFjxnSZMH4C8grpFzpkTnmXSEYPm9h1G92bAlbKkyn1Yb2XwzyD8UO/CpvJbVu2ylNPPSUNjfUSQnDwtjYAOnTSrWg0JbYDz0KKJABIyk2zXNZhh6yE3jjRmckXQoiFSwloCUSaUTqlxBGODGYHZ595llz+jctkzMSJbOqaSjAos4m0QelUJW+POamopURhry0QjTLcFuve42Gs0w1r1yIu7Bx544035YONGxVohjAAp9lGTIPawwEPgyyvWQOkwtJZRySFXWaXO0eBYqBAkgMXQ2lcGfZIAc6KwznjSzDvMoN5c/akUoCMSHOzBCrKwYihaqUHfYrydY8PdRcUDQXY+QbQLghSL511iWz64AP55/P/kl1w7KAEKcjOGxPTcP55yI0KqtyU8DP0lE8jQED+r3atrbAJ7AWpf0g+8bGPyS1z5kgYQes5GQMloTapeSiBB/5pF+pS96MA65tglFJNTknb1FyvXOyf/3pBvjPvOwjbtBwOSogEgcFUACZJZppaOCZB0k8beQ5ATDvomgFU96Owy7GjQOdQwAHRzqFrQT6V3vPg05i2kc4mMZ0/ng4ZrWDEa9etkTUrl8vIsWMwZWMTHJiglmccyBRpaGYHnWpVV5AFdpnaLwoYn50S6TdwEKa4/Do68KXShKk+I80tGKhg4gOAUV7TAsmT1dBzX1EcV7imKxIlocCd8G42b+OAikCa1n4EzQQltA3t27uvfPzjH5NvfvObEq6shvc0ZtFhfgk8U9q3A6FdUWud8w4OnIxEvETCCMfF0VIrzC3uvPtu+etf/g4p6BZpamzQKWv9sIePxeF019ykbQXBIVxyFHAUyCMFoMHw3ZzH97tXdyIFkqolr6dmj60MGyN/dNJ+SEMpIY3GWqQRHtJroL46Air6Xn36QqJAmKm9dSKHBmwkdiFt6BrAkXyj2+ocCnjtwz4cCI81H22JyODBg6Rv3z7yzlvvSIRTekKaThRKL3rOMa9C0UQz4QZSZkMxRxUkepsdsDJ5VizpZb8MXvCUiDKsFHPCwPUzMVXn7Cu+KV/+ypcASgFUdWpanNVBlpGA2WZuokGkZs2UxytV6gndTn5f7U65A51EAWtOwseT/tznmpFAKNVkQA/auK9cuVIeuP8ezKL0J9m4YRPsnJuV17EuOU1rDCHpWqIwM9FRDBoQTrSxMSGZ1q+b7sdRwFGgCyjggGgXEDlfr2D/7HXX2AJ4oJeJGuiDWav9FBg4mDKUWSoZqK2tkbLysMw4fIbe50Onzfs0hI3h0WlFcUA0jRzdbsd04OzEAdx0QW2zU+cAg/tQYXI611HDh8raNWtlydIl0gwTDgay53V+BOa0Th7syKETh+0o1OMKDMw1yXdkaUC5KKZSSl6fsVAEyqMKPiDahxkJbQHD4VKdCYxl8MMpiXbQFTAzOfWUU+Tb3/6WHH7EkQAfIZ3SUfNDoKqgA2vd5j4meNBjKD2ANP8snuY624K7ND/up/MpkApA7dtYh2pKpONhOpzBXASxQv/0xz/Kt+beIq++8pps3bIFknE6H5m7GKKLg/CommUQxBrgmQShvM7Vq6WxWzsKdAUFHBDtCioXyDtM54vMkM+i4yUY5Tzz2AR4oCqzTZYibM+Igw6SiRMPsRfq5bZTTi2KA6Kp1CiGba+39ooSZyB4tJFAKCyTDzlY1kJivnnTZkhGERgc7YZzcrPtUKjE4N8KYPF74N14licgDiQTQajGhMQqAFtQgl4uBMQxABE6WzE004UXfl5BaO8+fTCnfDkkYHBgSXFKMkVMf49t4/ao3TfXtv91QLQ9TTr7SCogVSCKem9paVR74JaGennxhRfl9ttul5Xvvy+1NbvQLgk2qd0Bf2MbwcQMUUpCsWZT0jomGkXCrpdsC7D7bu0o4CjQmRRwQLQzqVtgzyajTVsgKaCaSmdVotQAkoI4pGBvQw07bdoUqGWHqsQIvT/ABSQOFmKAoVOU4IBogVXwAWcn2RXzUXToKYEkkf10OdTehx12mCzHQGXDxg061zzVoKrqRvtgp65aTh6z7WR/80PJp7Y58ySCYUIDtkELQukNHwIQpWMVzQQYjqysolJGDB8uF5z/H3L9DTdAFR9GfFx6RgMto83yuvTEpyaTeUdy3wHRJC0Kcau5qRE+7xgooR3UA3T+5H9/LA8+OE8+WL9RGuob0FbYfiDpxm8Mg6dolI5MAnU8fthOOZjyQCjLZ+LfpreJQiy3y5OjQLFRwAHRYqvRfSkPO3yyaoBRqiajcEhpQdDnuvp6qdlVI6eeehKm+2QsUQIAMnULRs2+A6L7QuzucC3bQzJR+hSBqjNAxzWgzl69quWII4+Q9xYtlK3btmmHrmpyquTRllphd6c9fOIR+9+pa9MkWgDQsK3OgFBKRpFPoESakXByBoJQzpR05FFHypWwB73o4ouRDYTlAfjwA6QwsY23T7vPnwOi7SmWzyNGAuq1UQ6GYa9Mx7n3ly2Vm268SZ751a9l585dGve2BY5IxrTIr9LwhkbYM4PH8W7yOpzUdpVent23h/Rr3Z6jgKNAR1HAAdGOomR3eg6lAFjaqO4E2KBK3o+O2x8IaSlK0APv3LFdGqHqOv7448DwaWMVgwrUAA6d4xtXOiDanSp9b/LKjji50Iwu6McMXDahnVSUVchRRx8tz/3j7+j0d6qaHkxEQ4DF4PSmgWlVmqldvvc8+4Ddrwk+k2/ntieD17niIa3HrE6lIT/mBS+XsrKwekVTmh9EzNDTTztd5j34oIwePVYD2fsAUC0IzfVWAhKCm1wLc7D7v1xPdsc7lgKQiLNhILWqgxyk27Br98N+edmSJTL3llvkz3/9mzQ0NKkTEh0wre1vtCUqLXSL18ZFO2A8xHsWVfamDZiBeK52kOt4qpmAZs79OAo4CuwXBRwQ3S+ydfObPK5OKRaZchzeSFSrUrJEpksGy3nGV61+XzZ/sBHOS9MhfapAob1umUADHF0lC92cFC77uSlAGMhF+222GXTcDH3Tq1elVFdWyMuvvAybOzPbUjTSBACI+KOQUnEuetPb8069O/dLUs7YK+2agx+2R3VAgkS2rKLUqOEBfOmQVBouk17VVfLZz35G7r//ATgthSHBp+d80Ms1nsQ2njPZN2W/YHd38o7d3539me7o/lDA1gTaI0CmDwPohvpGeeaZZ+SWm2+RRYsWYUCEcExgYoxtS9V7HDagbJsR6OJp68y2ayXcFox6LXt/MqT3OCC636RzNzoKpFHAAdE0cvSQHQ+IJjpp5czqeoJOnFICCkpjkJK2yZrVq2XYQcPkkIMPVlDAk4aB45cqLpeKjgKe8jtRLgWjOvAg9DKgYPiIYQADdbJ8+QrY3kUgocJsXGgP8dYIFijTtY1ZqGbX5pGc09vAOB5nazLPtFdxX2NCYh3wY5542oKGAgjHFMagCcCXdoGQePbq3Us++vGPyBWXXy5llQg5BnBqQjfhCXikaeZ4ak4wat9o8pX5a+FP5nG7v/u77VVuvbcUsO2OdLeLoTF/zRZNLJpgOvS73/9B7r/vXlm1cqVGcohC6hnn9JwAoZyiMwLHNWBRtBS2A5pn4H40CLZl8yzzPOx4T+bWviUHRPeNXu5qR4FcFHBANBdlivm46aHBgcHuEW6H0gJKOMlYOZ1hCTt08Ok4mDk79A0bNsgJJx4HSVhvnDQMXH91O8nQi5lkPalsBAGZydQ3ACIlUiqNDMtxR8/ENKBbEKdxA6YBbdC2wvvowc7rTA9v24dd84rUbe6ZN9qjXNtpQgMIEeVHPFDaggKFwrEuCClobxkydKh88j8+KXNuvBFq+gq0WdqERvBuDpDMwjdpckDUUqKg1znbHXPNk6jHnVu3yQ9++AN59JFHZctmRnBA4HqATz+k8S2wCY5hO0rJKAcsbAuQnmtzQ6PK9nw+2rY7bu9LckB0X6jlrnUUyE0BTLMcyPV95r7LnSkuCqjEQBiMRwLg2wH8UPJQClV9MEjPZL+MnzhOvve978jo0WPA0H1wYhEJAwDQUtSlnkEB7XiVWxgbPIlHhCFzrrziSvnjH/8sdXU16gQSaWoBMCyRZjSSOKSkVgJqGE329qKe8XqBlVnFIQFFm0TbYwoGytAOQ1JZUSEHQUI/b96DMmnKFEN4TwGUossAAEAASURBVDJvvJ494IEzBKQuFQ4FKJ3cu+Q5qAFQah16PVRdTY1cffVs+cff/yF1iHnMUEyUkKskFNLQJkjjeWkcAJQpU2OT2R50sKRXdtHPgbZHSgVcchQoQgo4iWgRVuo+F8nryFVAqqycHQDVoiFIFto0VE8DAAdjMZ548omQSoWgKi1DJ8DrsgOLfc6Du6HgKZDsyCleMrCCDkFHIWD8q6++Ktt37ER8RsxuA8BIT3cGG1cxqeICSKesaCpLSY3SFB0t7P8IXYOQhJbC5pMxQkuDZRIuDUMi30umT58hd99zj0w8ZBKuZdvz1K76bK8tevgzmd8sL3SHupwCewejvHaFNtASaUY7KMXUsg3y+9/9VmbPni1vvvm61NXUShP4EWfRIgilPWgEbY1Tupp3WCDqNQSvpO3aQ1cDuwMFol1eY+6FjgJdQwEHRLuGzgX+FrJvgkqTTaNyAmygih6HOJMO02rYi/br00+mTj0UdoHGkYSdARCBnnc/xU+BZGdeIo11dZCYI3RSZZWMGTVKXnv1NdkFkEA0oLFpOdMNwEECgKKBGTV8enuhNJSJRwlC/cESxP8MAMMizi3AJm1DBw0aKBd+/vNyxZVXQiI6HBfSfIRtz7a/lGd6m8m88uku5ZsCrJbUJROYAlbiPBeeQZtA/TfV18rjjz0u991/n6xfu0bNL2KYQ57STKreaT4UVdtQ7HMkrXVvGkBm/Wfu6yApn0TxoYyaZ+Y7uRiPf5KAdHDJUaD4KeCAaPHX8V6XMMmoGa4J3QGkDKFSBjSHmhVx+TgjycpVq2XsuPEyHGDARy9p/Dmp6F6TuCguZHvgH+duJyCIo10cNGqklEFq+cqrr2CmGwYPx+xLMO2I06ter2anCoDAe2m7Z/aw64FQSKcIRCgJJQil0xwl8KFQhUwYN1auuOIKuegLX5Cq3v203VH6ZZxQspDU4BCc9zayXOIO5Z8CWjusd21PbAemLZh1HBE7PoAt6CPywyeekF0IJ8cBcgummOWc8mxHbHcxOCbFAETbdLBMMMdymXrPrP/M/XwDUaMFwFCKplFKB7NmEH6WAIdcchToERRwQLRHVPPeFZJ8T3kfR+fcoq0VuCE9oOmJWoI4orW1dbJs+TLMujRExo2foGAhhg6BoZ8SyfQDiV23UYQU8OqYYNCHeI4EBqNHjpJRI0fKiy++gPYC33ao703nT2kVBzYEGtrF6iAHPzgPVTxABG2T6R1fCekqO2I/pPHlmClpEqI13DjnZjn73A9DQs84t7gQj6Akns/e3VKEVC+6InFIYuw8EXnBz1mw0EbQTpYvXSKzYXv8hz88i8k1dqHOMeEGBiZsVzF4yLe0QBWPdoCWZXgWfmmXjAaBhdJyrDOSAbzafEwr7GKkx7BTNHlKLMifHwMuP+zxg/iGNOvMGVgvc89JJNLbd3qbd85SGRXsdrstBRwQ7bZV13kZ1/ii+niCUUosqKI3KlB2BjthC1gLx5Tjjz1Wqnv3VWZJT2mjpseN7fuAzsuse3L+KMCBiuk9tdJLEWi+X+8+snTpMsxLv1ptiE1bULiBQQtgA8EoFsIH9MEImO+H6t2vTnGlkKiCIeF4iQwdMlg+8pHzZM6cOTJ9xgxpaompBJbPI5zlUMk1s/xV/YG+mSCKrUL/AbjM9KtRiWF2twUL3pWvfPm/0Y6Wyq6dWzHIDaPdEJ0hjD3uowSUbYBAVMOEURqKhW3CJPKq9ikTnHY1kEvyVZM3Sv3JMxkTl9sEpWzTLCvXmhIb3EvbAWtOlthc7H4dBbonBRwQ7Z711sm5JsPDAnBJFSinyvNjTm8eIzNvhV0WHQZKMaPN4dOnw3EpZNRLVLOqNJWWXplsk1m2EIIMlEs6Y+UVLhU+BVJr0dSgaS+cUrMSge5LYTf65ltvS2Njo3aWPsYEQ6dpJKSUZpqlDAHpGR+UMUEZnqkUbYyS9YOGDdP54q+++hrpP2gIBFzmPG3n+G6bXOuxlCjstW0vqfVFPkJJKKV+5AWxlgbUc1B+/atfydVXXSPr1q+X+oYGAFRj/sOwTCoNBUiLqrTdKLYJ2exCoIqWpW1NKcJBUkoqCCDqgUe25QDKHoQqgNJ/Hc8hu0oO5Y0cqpmSJfmkKU8CfjogmlK7brM7U8AB0e5ce52cdytjoDAiAMZJ5kmJFZ1IyCSXLlum6tTJkyYpoCBwJbbkWW6o/X1aZ5BgoV7O0zuKTi6Oe3wHUSC1FlUoyueyEwVgpF3omJGjZNvWLbJ4yWKJIs6jmnjgfEDjgWKNjpdLuLxc2xMlQVTPUz3Zr19f+dA558jV11yLDjoID/ywmn8QjJog+clCuNaTpEUhb7G9tJdREp7S3MenIHTbtu3y3Yceku9+92HZtGkzoi/QC95wklbYGVMizggelIa2YmF7Y1L7dIvizKHkbxrv4bXpLaazJYqUdtp3UC3PwZhNlH0G4ZSnjklo+9bURL8jZJOTNoA8+ukkCmsLbR+S8jx7yK0dBbojBVwc0e5Ya12YZ8tICUApwWJ8UfJzAocQgEXv3lXy0yd/LJMnTwbQCBON6IwmxKScm16lYZrfpL1gMvueBCN5wG11IwqgijUpyPD6WPaNJZCA0tHtnjtuQ/DxJ6SmZhfs+iJwQqKNZ3qKIERPKASVPIDp8ccdB1X8jTJyxGgpq+6lKkoDYfAGds4ZQKI9uEl/ttvLDwVsuzAaEFODmWCqDeCyBNJAer3/389/Lo899pgsX7Yc8YkRexbOSJSAUl1P4Bmh8xts1JkYK9byJIK4tLQHYJYwHfJuoranIxNtUJlocsCBut0mrOQZAupyTFPLaAABOPoxIgTbvR+DN/JTahBaYfrECRxYxkgzA/RTk2DaPgd95pnGHt/YXJtj7tdRoDtTwElEu3PtdUHeKUXgQrZK5gh+aZwCyPSBNptbmuWvf/0L7EWPkUFDhuAkmCpsSpX14j5ebzukpI0UOwCesAuvcam7UcB0taYWtSpRANMXo/axccwxM2XVqpWyDLZ+xtmN6liqWFuwwDmlBGpXtKF+ffvJmWecIXffdacMGzZcQmVleBJBhgc0zEPtwxNk0qaV2HMbhUIB0y6SIC+1nuIElAi/VIJYs63NjfLcc8/JbbffLqtWr4EzEuaLp/0nrmGMYgJFtpcYjEF1ti6AUCbLk7zGttfF5n2pyQLa1GMHsp36fILENpSF6xLVFLVJOBwC6AxqJAmCT0YkKUNbr6qsVEBKoEoJL+kXAn3i4LE0Z1EgimMc2BvzA68c5MEuOQoUAQUcEC2CSuyqIpApKuuDzl3nFcd89JQCRFoi8u7b8+UESLQqywEiYFPKGKTUzRuWibvwn+wHbIfAtd3uqlK493QUBXLXHs+wzmNCs4033nxTNm2BupUz37BTxjl22iE4J40ePUpmXTpLLr30EunTbwBOYeADyXqyjwX48JpIptczHuRSAVKAFuK2bZiqM3XOrLbAGSmIKbO2bd0s3//+D+Te++6TzVDFE3QyPBzXrZCeUzVvnJI4COb9lIRmFDbJUDJOZN9NBYq8ojOBqMks2jmabxCAMwD7Z4JONUMJYIYwgM8wJgU5Fg6f5557rkyYMEHWrV0nDQ1NAKuUBNN+Fo57KCPLrXnFwww9vQ+iHUGyl9sddRQodAo4IFroNVRg+WNHQQknWWIMUzj6ADajWO/YsUNWvL9Czjv3QxIAwGgDIzWqKnJRU4j0foPSDSPhKLAiuux0BAU4CMEMXL369IYnfS94Qi9U5xO2nyCAZmlpmQyBZ/x1114n//mZT5vpYtGxtkL6xY4YgSGRC6/Dtav0BtQRuXTP6HAKGP5gPnp++N7Hr1uw8YTUcz0ckW66aY78+te/lq2YO56THjQ3NeIKqOpxPgbJYCvU1wSiHJjYJ7TDXfvYHjoTiBpelyQmB+o0BQgBdHPAFYJZSpAqeAzQud2/f3/56le+LN+eO1eOxMxkp5x+ugzCsfnzFyBmczNms0OsVFJEwagxR9DYzrTAV7JaqiTf6bYcBborBRwQ7a41l4d8kykaKQLCqEBiQfumAEb3GgMPfHHLlq3oOOJy7PHHA0IQPVDyRUko17gAKnsDLjxkYYFGHsriXtnZFCiRlqYGSIJCMnbMKBkzGjMvvfY6JGIRTNdZKuPHj5Nbb79VTj75FDOowTSNNOnwYUrHBAC1WXRA1FKiG6wVJeHLpwoeklGOJygFJx/A5tqV78vX/+d/5A20hcamJrUdjsVacAnugzc8AVhMB7vgINCs6HP0IbifEkEwFLtgI7HNYyoxzzhmr9U1WRDyYBdrx7m/RE19nz4D+Sbfg5k8eKNPSgk+AURRMN0noi4rK5dph02TB+5/QM77yMdwLcAp4/DivvHjxsuEiRPln//6J8AoaAJ64GkKXpl/gngcQJlZECzccclRoAgo4JyViqASu6oImcb+QTDRsnCphiFhZ8N40gMG9pNbb71VzkEAcnBfdCaWWaJHUiBqc+ukoZYSRbNm35iS6HjB8DsMNF63azukoKWycP47esXUww5VEBEoLZcoJEAM4SSQoGpCp2uS90Bvl52xS4VOAU8iCokmgRdEeviBSQ+knP98/gW59vrrdapglkIln7AXpU0oTUdpF0pb4kTy+IV10skEXhnNbY+wTLFb4uHEvczr/qdMKSifr/FA6UuEthqEOp5lL4UzHgFpWbhcJh9yiNx7770yauxYnEovQSsiTNAZ9Fe/ekZuvOkGqa2pMTazALiUEDc10rY6phkmTdrS+On+l8Pd6SiQbwo4iWi+a6AbvT8TCNAQn/EfiTV1dhTEBeQc9G++8YYcedSRMhiqV1WsET+Q5yqQ4I4Dod2o2vc+q6xau7CWMRChBJ0OJ+yUaSs35KDhMmToEHgGI/YspOltsAfUCRNUKsR2gQfwGZq8h3n7me3PXuXW+aWAtbVMOiMCTBKVqWQT4BLxZZ9++mlVx2/YsAGHITkEL4hgoMK2wf0I+AZV9MpM2ATagVCWMdEwshZ492fb332gEtFkeyR4bsNgil7wlGBiDfOSJpgb0C6UA7DScFimTpost99+l4wdOw4gHFEBIPE1uWLOIfsEaGeIqilTp8i27dtlCWaXIki39CVwJa0Uvuot+F7IU+2SlSruoKNA4VPAAdHCr6OCyWGS8SJLsOFTOyZ2HmCWcTiiME4kbaN2Idj9+ytXwAj/bGXCWgBlnNBZsTPhcJ77LhUvBbS+2Ud66lPoKznvPCWkqZLxEh8lpvQGxg2UEHGdmbxDae0v8xq3n3cKaNWpGp5QCQuAVt3OHfLAAw/CKel+2blzlw5UUckYmJSq41IsCnU8nJSs/ae2FyGfMGxCNxI/WdpG4hyfuvuUeb7jgChV6JwZiXGWWWw4a+Jl9Irv06ev9O/XX0466US54YYbZQIkorRX0NBTzFDK4gN4pfmBL1ACU5Yx8uI//4lZ7HYAnJK/EtzTNApAlLazSG3Yz/q96Fn34yjQfSjgVPPdp64KJ6cJlRAYKlRF9C0J+OJSQY95tfhrVVuoD334bHlw3n3QuCK+KJmmAHC0UQrAbaTMnsEcdb9FTYEMdagXkidRZNcmEqQo1A2r0eYUm0yAR/ilfSRAEkATzXRojvHe/Hflnnvvk3+/9DLUzPW4BnaOGGxQvdwKe8cWDEw4oLUzLCl8zWwPfEGBpExVvI3jybi5VMlXYIKGVti7MpVXVCEsU5V87GMflU/DGW/KlCkYhNk4ugSQeygUPpM1mBDi6quvltcQdaIRYfL4vihsrKPQPMF8FNQ2Af8Tpgtxj6/u4dHutKNAoVHASUQLrUa6Q34UVDKj4KbkfbDz4sicse/IHinximEET+elhvp6OfroI1X9Ck6M87zB48J7Ysa40qViowArPWVJ2bTNothKXHTlIWJEIgAyIJQ7lApipiRIBemk9tzf/gY7x5vknXfmqxc4qzkG9EQQytm2qIJmODjcCNbBs3xEYQMpm0/NLH7UMx7S/CBG4kHwPtpEc7rjUnjJ9+vXT84680z51txb5KCRI1WiScck0/RNee1z7JrAPqEsAo2rq6pkJExZXoOpU119HSILNCmtjJNoEOp947zE+80Tsz/XPt+tHQUKlQIOiBZqzRRyvpTf8cf0SCWQhtLD0w/JALWrgunsaP/Ejmb16rW4LC6HH364UUcpEPU6HMc3C7mWXd4cBXJQAB85vl37+VIKWoJvvo0e75gp60dPPCG33na7rF23XiII7RZT+084JEGSF4caXkEoMCjkiOARtCI3S46XFcxhltHwPOaYdqA+BaGMDEF7aDpmVkASWl1drdPUXn/ddVLVq7fe44c9dDKRSSqjTB7iEY+gCkZJX7xvwODBajv6JqSizYjBykvUARS0LKE0mWCe1/I47HKtR72x1+VRlxwFCp8CDogWfh0VXg6NMRjyBWYKRqhMD5uM+8dOqQ2heKg2YviVpuYmWbBwkZSCWc+YcTi4JaSiyh/R+Vh+rEyZjNQxzsKrbJcjR4EkBayjUeKIfv9ElXHZuX2rzHvwIXnk0cdl1y7j8U1+QAAai8EiE5eBNSBxwApFvjUMTTysMDfoLET7T+V3iSxipiTEwuVMSTpNJ1gXJZjDhg2TT33qArl57rckTIAKe1FOY6rhqcDf0nlcOr+zQJSv4DadngKhUjl06mQNdr98+TJIlGH6QGkyzBo4aYjajuJ6fVL64+xRPs4lR4GCpoCzES3o6in8zHHUrvwPzNpGavIDbAZhI0YG7sO6rLJCDkZ8vEcfeUTGTjgYXJNhTcDY2zHO9PKmM+30c27PUcBRoOspwJBLMUQ6YFB21Xq0IBA9eMCSxe/JnJtvkbfffkfqamvVNCeImLAxglB4zTe3wB6UA01MU0knoe4AQq1NKG0zCSQ5HzxtQUNBxLuFYybluDRHIi3KYR/6xYsvko9+5KMyDjFyfQhLpvayqVWUMGlKPZjctja3ySPgkjpYN++f9bWvyl///Fc4eTVL7Y5dYKMwgUJ9RABOFcSCvlzzlmyp0E0fsuXZHesZFHAS0Z5Rz51SSqOqQt/iSTasgFODOoPphsKQGMAuip6gtHGimu60U07BPlRI8J5OhCXxcpcJPDP3O6UQ7qGOAo4Ce0UBfq/8dgOQ8unkFrANb6yvlSef/IncfPNcWbZ0uezasR3fPNTQBEX44/zprZCGxigKpY0kEudlg7oEW7kgk16W/x8tL8An8sry+qHhCcAe1B8KqISUsyb5AU5pD3raaSfL5d+4XA4aNVpV5+oV7/HFREFAk92lVImovc7cQbqXyISxY+XVV1+VWgB9mgXEQH+q/FkftFONqme9vTPbevfvz3aHO+Yo0BUUcEC0K6hcJO9Q6adnh2RskLyCkcGmLNq9YD8Ib3mqtHiKndiatWs0AP60w2Zg5M57ktCVT8oEnpn7RUJGVwxHgW5HATNohPaDIjro2CnljAMI3XbbrfLkT56Utfi2IzjGQSe+ZEg8MUUnnHfotMhA9cYPCTaNBKGJVLhAVEE3c4vyBAE81SEJqnA/JKGcyINxQssRI3TgoP5y/vmflEswW9SgYSMYpd8LR0U7eROGSourGFB/EqW3zkkqxUw/pdeoNFS3DJ369u0lI4YPl1defQVz0jcobUluhn2idDqKSARaT96zDI9lbdiU3LJH3NpRoBAo4IBoIdRCN8lDGvjcU55pSE8vUthQEXPStqy5qVnmL1wgI0cMR1Dn0Wrgb9gkGW2m/RSO8EaXHAUcBfJOAX776pSEnDQ21smunTvl2muulWeffVa2bduuAJQglCr3aAtmAELAdqqMqStuo30lkSi+Z8j2UspSuECUkJmJdpqcwjiACRnoJBQgGIU0klLIgQMHyJe/dLGC0IqKSqjRUTaAVNp1moD8XvkSRU5s6LOzSUD1hPeTvNo8pwTSz2GYJIThrl5/8y1pAfCPwjmM3vg6rsd9jDlKW1yPoyp7TT4nuZX6HrftKJBvCjggmu8a6FbvJyPbiwUdkpEooPOhRy2jPPMYGGhzUwvUSy9Lvz69ZOphU3EYKiZ42xKwJiQEeId2WHiVYajdikgus44C3ZwCHoDSr49FwT4knHQ+ZPrzH/8g199wvbz15rs6AxCdZ+hFHoNTDqWgrfiQ6RlPEx2VgPJ2xUD44T94gQ4yiZjykdRh0vAk8qXEgnLSLpSaH5i2q807Z0Yi6GQgeSauKyrK5fTTTpN533lQTjjxJCktqwDwjgOAIl4yAtuzqGYQzWexrHYxg22eS5xXKmEff7wTV2JBPvQZfI55FgcCrdEWSGSDiEAyHYHy+8gbb7yOSUXgFqrh83AX3kO+q570yjjxLNjk5nq/Sk/xHpccBfJNAQdE810Dxfh+ck8k/qI/gi8DuiOCUXRLnFO8Gcb266DKOwPMnOFNOC0e7cmoqbfqJN7tPUafw+e55CjgKNDZFLDgkGI1gBxOwQopIMFaHMHaf/vrZxCa6TYNy0b1MD5bPU/wE4WELoZvnap4HVQqnOI3bfKsg0vdtAfsuzq7TBnPR1naJQBtBaG6hpc8+FS4LKRrHqejkh+AdDDCKZ126qny0EMPyYBBgyApLTWPAgBkOCXSKcG3Ehvt3qYHiBVTk0cVHMo8Y+hEO1UDYEWGYZrclSvfl1WrV+sAgFJRUN1IR/kEaqRAeHt96nvstgOilhJunW8KOCCa7xoo4veTCZKlUl1XAsko4+21xiM44pOa2jrZuPEDGPmforaklAfQ+zYVjFJCkGTORUwoVzRHgYKgAAEPF/1qFVS1IPwa51BvaqyXH3z/cbnr7ntk65ZtwKhU1eO7BvCi9LMVoduiUMdz5iQCT6qxFXgqGMumksc7wBfyk/heLBaQAnwyURLqAwMKQPIbhEd6IBjWLLKMtPfs27ePXDbrErnqqqslDC95tYHl9KQoM52GKDG22FMZF5mXx8AsVb03K4X1pSk/SV6XSRezH4024z1hSEabwTNDMnTIEHnppVdkJ0JlKeDUyxipxNimIlu7TQ6I7pY87mQXUsAB0S4kdk97Ffmg8kIweBM3MKoMnTZOcYhMOJpfg+XsM07HhVT9sQfDP27Srst2FD2NcK68jgJdTIE2fn8EoYqkCJv4SfKbFMyQtkWe/f0f5H7MGb9l81Z1SqKmmkAzynBOmHayBRExCHwYQZixgttUDGoGojmLkjcg6uWIhfNAqI8gFCUiCA0AhFL62YpA/EGowqkGHwoJ5E+ffFJOhTQ0VFqqdrAlAKccXBOomuRJIJOIUg8banqX7GaVvE25ZsqVZp9qe2mN8FffO2zECMRnDsqSJUswsK/R+uA51gsluJxIIImMUx7nbTog2p4m7kh+KOCAaH7o3jPe6okHyBg5YvehgzLT4lH6aeygtm3bKmUVZToXs0pD0cOpCgrsVPspq9cDxXTUjzUZO1lzknFjxyVHAUeB/aQAwSMWai7wEbbCZltDsmHAuGbVavnKV/5bfvGLX+p0vRboUAIa43zxEUhB6RmP75bARr9qBWYAofkGmhnUMPaf5EOQcJIf4TzXFCD6sQ6XlUtZGew8lQ6YshhOR9W9qmX8uAny+OOPyzjEQNZpOgn0oArnc8iIOIAm71LUnvJOy68MjEw5kWMzyc8y7zD7fB7BLwG/Sl8BmqdOmaRTfy5ZshRS60alebwtChANKS8yZQYMlPiSa5rFAudCq58cZHGHewAFHBDtAZWctyKCcdoROVmp9SQlwyVT5bzTTfCkX7hwISQOg2TS1EOlBB1cBF63nLPZGJfxGaYEmYzdO5y34rkXOwp0fwp44ASIivLLGOxAAwhR1FhXJ7/53e/kqquvkfdXrIQUNKIq6Dim8uUMavEovlM4ynCfpjdxfusMVwRwxm19GoFQ8vPNO6ks/wCcS+SFOaX5ehBolHbsUcznTp4Vxnzx1bBfP+aYmXLffffLyJGjE3zI3px4isWNCsBx1jth32dP2/tyrRPPQ57SU/o+n8sljjrxQSI7DXxzw8b1smrlKgwiIAUF0RlmSgE1ykZtlCJm/BoebN7kgGg6ld1e/ijggGj+aF+8bwaTJDO3iZ7xlDyQMeoMJSqLQJxR9UZtgaSlWd5/f6Ucf8wx0m/QYFqLIoGDKmMHE/aelcnYk2+wb3JrRwFHgd1RIBV8UPpJKRmhKAEZARTtC9sAZu646w55/LHvy6YPNgOcQuoJKSmlaxw8RqGGNzErcRcP8jslCMUDdJ41fS5zwS+UsC8dSPFMPpLlHygFXg/HSUgyGVkqgB+ND8owTQhSH4ZUdMCAgfKZT39arrvuWhl80Ahcjws1mTJlLVcXAlFmhQCT8UNZB6eceLIsfm+RrN+wwdQVBgv0otc6QDlZTeDCpkpsjYAfu+QoUAgUcFN8FkItFFseUkAoi6YjeG7Ak5NsnKA0iGjNgVLuwVsVnVgQ3qfHH3ec/PAHj0tln4Ew3YriRnZuXgcApmo7EvBUTbZr8HbdylHAUWAPFEgCUUBG/U4JRGkfia8K9pIb1q2Va6+7QZ5//kVpbKiH2pozoBntBXFLawRTSjJQPfTDDA1EKNNGkaL9TvmcdinbMVzUhUBIB8KJfIHnIOfKdwL0hud0pYgNChDeC/PFHzT8IPnYRz8mX/7KV6UU8UGJ3tog/dV4qIlncMM4V3KLQkcjbcQO2RpXHh/MUXpzUcpvkp9lv4ODeJtsPSpvxXto48vz/4V57l9/401MAxpBdJKIRBlXlAMJmE9Qks2k0musOXWpS44ChUABJxEthFoo9jxQEsoFjJsLWKDE2mLKCE2MPsO5KX1hh3EsAGkJbLAosVF7JvJfj6lreCePXh6/L3bqufI5CuwTBcwXxq8suRh8iCOKZSwAAfyEhJNSQYLCP/7+d3Lbrbcjzu/rEmmGBBSIKgYgQ1tQSkAjsAdt1e+YIA6qX9zXptJPPFS/Tz6f0ka+JHXBbiekzJne6PFueYYFaHatr0dZKRrkMT9AZwiB6el4xID1QUhCy8LlcuQRR8jdd98tZ551pgam13KAXCYevxkM22cSyFLbk1jwXHuOa5u4tTeLvT7X1bRqJT+0S/p12AOwnDB+gvz7pZekDtOAMrg967UNdVcOL3+q7WlGwbJohlhFLjkKFAAFHBAtgEroaVlQ/odOgx0dGT07BQJVPxj7kqXLZPjQoTJ+7FiAUaoJEe6JzgBk+GDCqbwzyep7GgVdeR0FclMg9RuxV6l6XE8QiHHBYBA2hgqYAM6e+9tf5Nvful3eW7QEMyc1AcQohgGuZMB0SNXwfXJ2NH6vJmGd9j3yuD3nXdLJK2NakHxJkh8kZYvJs9S8cGpOzI6EKTEZnok2oaWwBeV0ndXVvWTc6DFy67fnyoSJE8UXKkvcage/OihOHGXx8Ua+NPnilLNdvYlBA8wnhg4foR7+r772is5k1woQSg96mkExWkmMQNRmLbFhD7i1o0B+KOCAaH7o7t4K7q2do9fhMah9gGpA7L/59lsydPAgGQcwqh0CmKc1sk/lnQXB/11NOgoUGAUsNrLfShKW8WOjlAwZpmQQ27W1O2Xe/ffLvffeLx9AI9Hc2IzA9bCbZPgiBqcHEI1AkqgglFI+829KnAZEu54IuYGoFhAZsiVnaCqEWoKlTzAIPgPpJ2dyC8IrnhLRwYOHyLkfOkeuufpamTh5qoJvFBg8hzNJJQvcDoimSD27pPS2Yu3aVrD3cg1qj3odO248bFz7yxuvYeYlzMYUhQMaJxmgCQLtfSkVZbGSiLRLcu9e4iiQkwIOiOYkjTvR2RQwEk6o6xFTtEQZZRBMMyr19fWyFJLRKYdOlUED+8ORAB70Htc0UlSTM/JSlxwFHAWyU0C/Dx3EYYsjPOrnCUJoIgO17ZJFC2Tu3JvlN7/5ndTCS57TIXEKXgIwdVACCGVYJhWE8l4PeCmGwY/xxs7+7q44mglE4XKE10LiB17C4lKLYhyTeDiO0EyYKQlgjBJRamFo/3ro1Kny8MPflQs+/VnpN2CASjn5XF+oHAUEnZSIpjR5B6ImG3v4ZfzQFpkwYZxsR2i8RYsWAYxCoo27GPpJJdwkDg5oU9jD09xpR4GuoIADol1BZfeOrBRgHD61e8IvR+nhcBi8H6pAiGSaEEZl0XvvybRph8mgQQNxP3oElcAkewYyV2WwWZ/uDjoKOArEoVYnHlMVPKV8sIuMN7fIT370BKSgd8vixUtk+/btAC8EnfzGEKcStoTNmK6T36RKz0BGgjDzrfJhZpvfXj5TKhClxoScgXmkFzlBVgBlZb6DAJ6lYQxmAVB1qk6AUPKao2ceLXfddZccPGkyygzaAKjxCeokyQfwmZ5JkJafJkIA43bJZ9n5bpuP1DWzT1MDcsaJEyfIa6+/Ktu2bVeJKCXcPpyjbasfZTGTDlDblCwTt/Ndr/mmq3t/11PAAdGup7l7o0cBBrgn4zesj96rUAdCdUQPVkpiajEN6K6du+SIww+XyuoqvcswSf6y2zEpuWWPuLWjQM+mgM5eBu2CTvcI6WeJD1IwrCMNjTLvwfvle48+JqvXrBbOF0/M5fOHdE3P6hhU8eqUVEKVtlVvt6dnvgFLOhAlOPYSJZoAWuHSMoAsqqQRuAj2oQSmQWhX+vbtK+eddx6A+H0ycCAidIA0fqjq2yVPAmyPE6QVUkK2FTSyHuyCAtOkHhi6RKqqKqWyolzmv/uu1NXX6aCCdU2tkgHryYFGarnyXa+peXHbPYMCDoj2jHourFISgEJSkew6CEbBHD2vVsb0i7TAVg0j+A0bN6ADCchxx5+IMkBqgV9rbs/7C6trKCwyu9z0LApApqnfBr8PepDTI74Ns+xwgMe0af06ueOOO+Tnv/g/qYMqPgZHQMaaLCkJ4k6fBq2PQRrKUD9tAKGaVPppNjN/8wZYCAixWNmdDZtEJyzOJhQC/6DNuZEMtmI7oBJQSkEHQrtyyaWXyNe+9jWpqqxSAEqnSAWZZCa6qAg5s7jmmnZHu+5AJvDM9Watf55E3Y0YMVTWrl0rqzGVMgf5MU5CANtgI+mF4QIGHsZ8gbVpBh15q1fm2aUeSQEHRHtktee50GCQTEkgavITh8SG0okA5k/WOHkYvlO1uBhzKdPJ4qijj8aFOp7HLzf5m4SihSaxYBZdchToKgrYARoHbPhyiNXwiSA8E6Rjr7/0itxyy1x57h//kPq6egzyWqUFQJS2oAQjOsuZquPxReE+lYR632nyC0svSd4AiykY8mlzYHgCv390aMb+UyWcxts/FApLZWWlHHLIIfKNb1wmn0ag+tJwqXIShjgKwm40PWUvcb75iy1tel6z7Rl6RCNNAOUhOfHEE2TFivdl3dr10tjUqFEQqJ4n+2T5ldfqYxwQzUZNd6zzKeCAaOfT2L2hHQXIUsEsyffQmRjJBo6ZHlA9dTXOHwApvT1b0EGuWr0KDPU46d9/AG5CjFECUEpANPF5XudBOzfzeH2cd4FbOQoULQUoCWXrZ7NvxUjOfk+trZiuE9LQv//1L1DHPyQvA4wy0DnV71FISxsxoxklZJSARgFIzQdDOGv+jHMOv7PsSxLAdCxp6XREIJy5JIG2eZ/GDcVmCRAVJXy0c62oxFzxSok41PBhlD8oVTDrOffcD8udd94m06dNh7d8uTrtBADSApCWWt5BoGkWSontdnJt3pq/X9bx3i2GAZKCNHEi4jzrjDNlG2yBV69Zo6YX5J/kvKQVsCgEALyOgxcczViUR+OYpVP+KODeXKwUcEC0WGu2G5TLShjIDlOTOkiAeVKlSMlODLMsNdQ3ysIFi+T0009BZ8MYf5D6AKRqn8OhPVKi49Q97nsbbuUoUMQUMLCRalao4iWGWcsCqppvjUfkztvvkEe/9yiiUKww0k8ADjoDtgKAEowSi/Az0pT4YAzosCrvXKTrLCCq0tgsL00FohoL1buGIJSS0LJShGbSCBslGh80hDBN/fr1gz3oRxAf9FZVxYcQtJ6FZtQAtZ/VZxiwmXxld2ccpBRBpdE50T6WvHYynLLmz5+v04BGozTboAkHJcgoP+in07UmiZBlq7vTJUuR3KGCoIADogVRDT0zExaI6sAcPC6VzRGM+hHzj9eoGgkD9l27dsnKlavkWHi7BmEHxoDU5ibezM4kZR8kTfSrPZO8rtRFTwFqBIxci99ODBLQ0gCBVqts37lNvvfww/Lkk0+pw19zcwSSrzYFobGWKKSHnGXHu5sfSsrHQmmZfouqsshNxM4CogZYs1xGVQzojFLawaaR2mnOcYgAinPF0zM+gLigNk9UxQ8fPlz+5+tfly9/+SsSLMUc8gpC6SBp7sOv4RmJIqqKJrHX7TYMiVAsbCAUF8unFan164fDZy+deemVV1+TmppaSME5oQEduUBDRhjAn87GlLPg2ipynnUnHAX2lwIOiO4v5dx9B0yBBBD1npTJ5tSnXkOmEJCyk4Dz0oYNshXx8U484QQJoeNRpssb2SlpZ8od86SUvtV7g1s5ChQTBSzyMGUq8dSwS5cvQXD2q+U3zyA+6K4adfxjQEyCDEpCCUJVFU/3aiZvZXZSfvMERG0OLBBNBaHmHEAqv3cAKEpCCUIZzJ3B9+n93qd3H8TRHA9zhAfl7A+dK+FyzJ7kg5kPnbBAA8t37Nq+Lzchkld0iy0Sx2saDNGktrSsY0jC+/TpCzA6Xv794r+lobFRTZ8YV1WnK/VCYFFLn3hAWoFzNZS0i9yOo8A+U8AB0X0mmbuhoyjQriMgn/MWXfGHDFXBKE+1IThzTFatWoW5k8vkqJnHgsmKRGH3FuCUfKqixwG9GSuHRDuqqtxzCpIC/DhMY2fcXc4UtHzpErnpxpswq86bUlezC6Azqt8Qba0bELophuDmavrigVCaVOdMeQaiVjLK/JlpSRmEnhoSAlA4JiHvnEOdA1QfgCbBKG3Ij4ZT4/0AoePHT/TwFMEYFqqoPScdVVtr+TxmoXTMSYludoLl5cCd9p4sH7cREg9AnVLjgf37y9gx4+Rvf/8bBiktauLUDCemcJgmTwydx4gJuI8ic96eSGk7iaNuw1HgQCnggOiBUtDdv98U2C1QBM9TG1DaguINvJaMlJ1OU1OzLFy4SAYO6CuHTJgA3km1EphuQsJjGOZun7/fuXY3OgoUCgV0lAYpZwQzIjXJT378I7n+uhtk2bKl0gRpVywaQUb53QDSAVTQMYmpTeP3wiZQHVD0UPafPANRZsoAUJaTZgXGEUtBKHyMKMmjVoTxiDlnfD8ArIsu/Lxce/31MnTIQbjF0AcP4ZP4OE2WL9i1PV58a5Y/mVTCDFoEATiHDRmEEF61aCvLzWAF5OF5koqz3CnFld64P0G6xEbyoW7LUaADKOCAaAcQ0T1i/yiwp46AbI99CY3ofVhTEsJ9erpyDuXFixdLdXW1TJkySaUhhmOSkyobBVOlJMAlR4Fio4CxDdVSITzTurVrZM5NN8nTT/9MamBHTSlXpLmZ2E3a4A1PjX2Uaml8PAaE4rhiCiMp0wuzkWgP34+1x8x2614d8+IJYwSJb5Z54XebTBoXVHdxHPktC0EiSgBKDQkYAsMyUYpHMNofIPSWm2+RL3zxS6qeZ7QAU0gWNPui+DT5uiLcyig3d5nQDgKhkEydPEVWvr9S1qxZq5om0p+8VeE+2gtDfGmy9yURqTnufh0FOogCDoh2ECHdY/adAnsDRPWp6IcYooY9aik6nTg6XxOIWcBIl8vBBx8sg4cMAVCldyg7M8M5HRDd9zpxdxQmBQj6zPdipJqqGWhskPegGbjyytnyGhxQqJ5nKKaWlkYAiqDEIhF8JwChsA2klpVTVioATQALW1aezJI6HYhmDhTT82G+ZTNLEsvOMEy0ZeRAk4PTqqpeuj9p8iS54fob5MMf+agWggHsFSTHjYQvS8n0UPED0cySe/RlYwDILK+qkqOOPBJhvV6SHTt2QGLOqAtUziNBGsoZtjQl2ktiwxx3v44CHUQBB0Q7iJDuMftOAZXQUEqTa8EjyRgpGeE1rehVafNGL1oy0lBpSOgNvH37NjkXTgm0/2KHZey/yDQ9xpsza46x5iSNO5E3Clh5J1svFxqnsKXGW+H5jmk72cbbIvR8j8hsgNC333pLGjFVJ2dKikQgCcXFPMfQoK2w96PJn34J0CjQPtQ+N7lWwxZ9C9+UWHJ9l97x/SaQJwmlloPlSizYULCN792AUEy9iVmPkG2o4aFSDmIQGkf5caC8ohqD0rAcfvh0ue666+XEU05RyS9hlOEB5AN8cu60h9O5byzUMwlCIoMeLdNp4V3AAQYBPRpaJWaXKkNw/7fffhsDGUz3CgDK6VHZYihJZxxSnZMeIxhtQ3w0K6ToiFeoldoz8uWAaM+o525dSnZKxl5U2SN4LBkhthGipAkqyE2bN8vokaNk4sGHaOdjPEVxjRnb76bsZLguOQoUFgVsh29zBUilcUEJEEog3VwPVfxPnvyJzLpklixdtgL2oY1qqmJmJsMwDQiU5qAqFaSGgKAB98Z365lk39YFa0/S2u7rU20G328owGk6+e37g1DJA/yQDpR2lkEdTw3IFy66ENEBrpWx48Yof+BAVBlD4sGJjayF6pFYKoUkkeYW8UNFf/DE8bJ923ZZBkc3SkVbsaDxKC8lPbFJWIotktd7gF1npaw76CiwbxRwQHTf6OWuzgMF2BlxEiVVL+L9RloCz1k4K5Ax0pN+4cIFcsrJJ5v5o72g1rZDy53lFK6c+yJ3xlGgSynAVsnFAlIOqRQKYGKH1WtWyZw5N8pvf/NbhGaqI0yAY1K9BnLndJ1RzprkOZtQkqrwAQ8zzyqQ9r5bIIrwSiitD9+1escjlnAAElRfSUCn/g1AQjpy1EiZdeksufDzF0p1ZTXAVNiT4vFOLIliJjZIwHapx2Ipjyx+xGImU6XU9PAZ02UdZl1atnyZGcgQjOI6Brzn5W0Uq3P8rwMbtiq2qN3Ttx3B3QFHgRwUcEA0B2Hc4cKhgDI/SHToNG9ZHxlhqLQMfBRG9VDZR6Cq/Pvfn5PTzzhd+vTti8zbK1kO26Vnlin1msxzbt9RIL8UYOtMttBW2bF1s3zpS1+UN15/E1LQZjglcZrOWjVJgUYVU+FG1bNcwzNlzXryaVlPd9XBbEBUp+ulDYH9VtsQhB6SUFxLr3iqg8sQkP6oo46UefPmySmnnAY7WIAkxA1VQEl1f5uB7Emi7b68PRaIop45RNFpPUEEH4LZB0FHzlq36n3MSb9+PRpeibEZBQkNGIVEnY0M+0mqJre6qum49xQnBRwQLc56LapSmfE31XIoFhkhVZScbx6dFqUm9MCIwCYugjnpFy1aCAP8w6VXr2pcbMK9UFWvqn3em9b7OEZaVA2lCApDB6MopFG0jWRbjcNhJI4ZkzasWyP/9bnPoX2/p7Z8LfSKV2kWHJDwHUQjUKmqPZ/5RoAesMEPxnwfqfAhX2SilFNtFgGCVKLmSddMlAuAUKTyigpM4VsBb/iwAiU/nK5CsA1lIPaZM2fqVJ3jxo4DeAqh/BTRUX1vAKi1Dec72rCQBFjlXPJFh3y9V2lv68BbmzE6wD/pBZr279tPXnr5JamvrwfwNGCVkwD4MV1qGyQBbGvKNflDTVXKggP5Kpp7bzengAOi3bwCe1L2DdOzzM5ITmhQT1syAlJKRj/44AMpDQbl+OOPUeGK6czp/MAOy95rqGY7sJ5EQ1fWwqQAO3id+YdifyAoxspsjTZLc2Ot/OpXv0R4pjmyZOlSSEChhgc441AsDhtpeo9HEaQ+xlA7bN4J9MVyGoBWKCXO/P6S+TIglGp3NfPEAJL2rgxSX1FeoUHqv3DxRXLznFtkwICBuAblZzkBlAig9LmUhnqfNyioKf1rT77NbaVTwNKJjnCDBw6SIUMGy4IFC2Tnjp0UnQoHPQyTxTjOaKaUpRpS2xsTj2t3IHHGbTgK7I4CDojujjruXIFRgIzOLAosVeKD0TqAqMa/gyMH1UhLly6Tfv36y1TGFw2E0VHRE5RFSWeUDogWWPX2uOwQMnFARckSMSRU0bDb8wONUQraGmuUO+64VX78kydl5apVmEEsiraOGYRwHSWglEhF6JhEz3giBIQvI/i0Xs6FRs5MIFqCfFMyyq/Sh7KUliI4PfEkiMGpOquqqmXQoIEy95Zb5LOf+YyUwVOexaTDEie1oI04rzXPxVO8z5sUZfJ2zY77bUcBTkevFqCgvSbwTrajiXBeGgJAumD+AgS9r2OFoO3RsYnTpDLEEwf2uIPOb2lETttp9z53wFEgFwUcEM1FGXe8oClA1km2hwas4NMHMBrDVJ+Mfce5tN99912ZPmMGvGsHoHOjihIJjDY1OSCaSg233RUUUMDovSgTmHGGpDaEJ2qqr0Ncx+1y1ezZ8syvfyM7d+5CbNBmhG4icIXtHsxQaK7HIPWUhKozPCWEngTUArGuKM/evoNq+fRknJKMlsOcCQGI8psMwpO7Eur5adMOk69//b/lw+eehwDs5erNzW+b2g8V/OLHAdF0qu7LHtuJwZLYYvVg5aNJCIDmuAmYHhUS54WLFunUsESepg4BQymJ5ogAV2qtJqo2sbEv2XDXOgrA1jsQYItyyVGg21HApw4O7H79mG3FJ+GyUrUrYydVVlYuR8Cx4amnn5QQ7M2kBDZOZKBMHiDNBALmpPt1FOh4CqQCUD7dtD22Ry5QRSP+JwdT8XhE/vHc83LLLbfK+ytW8kp1QKLGPoKA9TZh1k7jmKT386okCFBgai/czVqdT3Zzfr9P0XEoJWm8UAAZAhyTKAWFVA0fKu0PwxWYL542NvguKQ2uQmzL88//JAL1X6FS0TDU821QvZd4zyUtST+71pAaHghPea3b3AMFbG3wMtrb0zM+tR3VbN8hF190kbzy6is6wKdzE9tMGwdAGiIM22h2drauhJNc5qBDQeseMuNO92gKOIloj67+7l14SlM0gdEx8LIfTNGvU/txXu2o7AAjnT9/PqYAnQxnh97a8bHL5uieyQFRJYP76UIKJAEpYAA7aNp2IlA92/Lq1avk+48/Jvff94Bs3PgB2jClT7QFZfuGQxKmtUXXD6ckqFCRZ2OrR+hg2nOiGBm7ieMZG8m8ZJw40N1MzQOfh0Ej8+kDKqX6naBbg9RjUgpqLGgfS6ekkSNHyo03XCeXf/ObUgYJaRALb6AK33y3eErm96t8YC8LfaBlK6L7Pe5pSgSaGhqzrsyhMgwQjp15jAa737pls4Z1Iu3pSBdAvUUBRrUNcxCAexLP8+qniEjlitLJFHBAtJMJ7B7fiRRAB0SeabsgdHO67YPtGDvZ5kgTnJc2y/adO2QywGhveN4aXZTpxp1qvhPrxj06hQKUPZk2l1hj4ERARiBaAue6NStXy4033ii/+/2zshVhmuIQeVIT34p1q3rOI0YoOn7zJEJQtn3b8s2rVBKafiglD+03Ow2IemWFAt3k0NNcMGssM0MFBRCkPoB4vwa8+HSGn7Fjx2KqzuvlQ+d+WG1EfUFqMnATAbuCG+wQdCYW7rNcfIpucCcjZaG9l7/c92Q8okh3De2ThWsDXY2E01CGbbB33/5y7DFHY/aut2Xb9u1eZAYOJsBj0S5bNaRTsk5UOGDrZ29F88ksuK0eSgEHRHtoxRdDsRMSUa8/Mqo+lgzSUUhGGQSbktK169bJ8BHD5RDMvBREB6gdGTouM3DP1YEVA4VcGQqDAildPlXQAELa9mjfiYUg9IrZV8g777yrc3774S1OyWcM3vCUhurUtpAYKkhAx28lgrZsCUC6j02584CoyRkHhkZtzn2qffFdUpqmMyVBCgpaBOF81X9Af40P+tnPfFbO+8h5UlpW5n2biAiAcFYEovSUb59sgXcHRFNo3+4B9v52J3rEgfaUSR5hW2vFSIh2oVWw1z32mGPkT3/+k9TX1Wt4MfJatcvXWZg8cnnk5Mpsegd6BDVdIQ+EAg6IHgj13L35pQDUfAlWxw0N4UJZETpAdOAUpJC1xmBgt+r9VTJp8kQZMXw4VPS0N2PW9SZvzX2XHAU6gQLo1RWUoUFSCk+nJDrdEJj94v9+Ifc/8ABmBlskOyC5p8e7TtJAezy02xjAGgEbjymGZfa0YbOdm/bNLf5lAtQ9leRAgWgiLig+Jr7bLpovlhXl47EAAqaHEA2grLwS32UUACYAh6SAhDAj0pChQzBN5zVy6aWXylEzj1VJqPku+W0S7CBeMPFs4ntNLZUe1OsSR/lye1gP8kCulHZhrouK9ngmZdhGUxeAA7Q51qFoXFdOA7p4yRI0PwwQ4DzXBgk97UUpSdX6IXo1/0ozCgpSl4yKKVq6uoLtOwUcEN13mrk7CoUCqgJKZW9grQSj7JbBGdUAH5yRnXRtba289tpr2vGNGTPKMEzlnuyMUhwfCqVsLh9FSAG0T6gzfZDW1+7cLo8/9pg88cSPEB90CQKIN0IVD2kpOnk61cVhH8p92oaaOeQJG9hWU5K23+R+VwPRXO9jTvUrZFl0YUxQHETZ/VDHUypaGi6VUaNHqkPS+RecL5UI1WQ+SrNKLWqimBm2p+3owRczpZHJHjSn0n/TLkw/1QP2dkcZFt8ONCi1D8B85OSTT5JdiOAwf8F80JhxbhlOzAuhRR6KdqsJZM1O2exHzU3utydTwAHRnlz73bXs7Jl0SWd8ZHMEnQSjJsQIVEtkiQCsFCLVIyzOmtUr5YRjZ0pVdRWYKGZnUZaZnUHm6mi7K9lcvjuXApnWiO1aFeaKh1u4rFi8ROY98CCkob+UDzZuRGimFjRnSkqjKmGihzxbNtcx2Omxf6d8kcdSl8z2mbm/p9IeqESU8XnTc0S0yU+T0lGo3WGrTYekUtqDIgYlwy7xs2WQ+kMmTUSQ/pvllNNOxVS95QDd0GPwZGriri4oNdYqVU49ryfTDpidtMeQYrlS2oW5Lira47ujDAvN8wpGNboBJaN+GT1mtLz19luyaTOclyDdRtQdUze8GOREa1Vey/u1snXD/vRselsquHV7Cjgg2p4m7kihU8B2WJSIesmyOF0TdYIl2hG6uRyMFB1hTU2NrFm7Ws4562x45JbhOt6RXSK6rx27lxW36qEUSLZGQwDTFi0xANpw4JUX/y1z586Vf//7Jcxcs0MaIakPIG4m499GMFd8FA9RKaiuodymlDRHymyfmfs5bkscPnAgakrM78y82wBRvoDaiIrKclXBB0OlGpapvLxcqqur5ZSTTpT77r9fDj3sMNhslyMeKswU8JG2A6I2p953vkcgaj5le5e3zqyV1NNaQ6kHetT27ihjCcFrGA5PzZlgJtGrVy/pVV2pwe5rdtXirHFcogi8jYMmT5Wvz7Z82j5MeW1ix204CiQo4IBoghRuo9tRgDZJdvEApXrCQ7pE+RE7WvJCBsoOYuTOOHlMmzZu0lH7MZi7WuMTgtPGIa1qQ/wn4zmKeylF1aewUzWU2deO3tzlfouFApnyPzaL1CVZTnNlS3MTpO5oi2xfUG+ufn+FzLp0Fmb+WiI7tm5RCSjV9PSKj0aghgegMyCUaxOiiW2OcEnX3E5Zku8zW2zv+7Jk3r+nfauqpbQz4SjImzwiWC/5IDQN4fIySEDjKjGLIexUKcBoZVWVnPvhD8ndd92t3ti0/0TJvEkpWDaqeY3UNLWcBKDtQShfTMrsKSn1cFG29Z7uLe7z2SiS7RhpRz7KiuZ6woQJUl1RKc8//7w0N7cokbSO9BoO6nklfnCxZzbqEVIv8LbdylEgSQEHRJO0cFtFQAH2iezE6OFANRE7Tx8DjHpMUmMWwtNzxYqVMhjTB44bNw6XGg9eBtMm40wms2MP6XOTJ91WD6MA29aek5FgwjgEIIyz1IjUQfL51JM/keuuvU7WrVknjQ0KmnUHAABAAElEQVR1AKgcGBE4Gmc6quEZnInvaNOpa/f8pq6+Itn+DSWsJJTRKehBDZGYAk/afwYAvv1wUophqtIQwjCNHz8esyR9TS7/BuKDViKmrwc608tgv7S9o7T3Uac/wu11EgVYNyXSgpB4dFAaN24sNE5xWb5sBWZeatBtSk1pfsFWbNqx3mJYr+bK1m8nZdE9tttSwAHRblt1LuO5KMAOk0ySXbrobCyeygj7nB7Rh/A4URjav/X2OwjpdLCMBlP1o+MkKKD0k2veyvlhcNTsYK3SVuy51DMpYLpitgmzsGWkJnbB6imubYbtzydbN2+UGxAf9MmnfipbaFeHTpzjJA6IohgQMWh9DA2OdqA6eFIRUmF22EkgSm9qlhyDPIBQesAzNijDpoUQ6Bz4Uwd/bW0xCcP8ZRLCpj3+2CNy6imnwlkpqBJiQ0FKP6nOtxTlM5kyKWuOtv8tTDq1z2dxHIlGmzXSQRQ8NBwuk2OPPUZqYeq0bNlyE08U1UYISjCqgyzV16fWpauv4mgJHV8KB0Q7nqbuiXmmADtMBaPs4KBGpLqTnp/s6Kmmj2E6xSgcQwgEtmzeJEcdPkOqKqqAWU2HaH5xORFDSnJANIUYbpO4y9jPgRYEoHpA6aIoTZYtfk9mX3kVojW8LrW7aqSpsV5aGjE7EtpjK0SgVMVHMWAyIBRP0BEQH5be7vSRBfBjvwcN6QOwwREbtQ0aoB7SXx8ck+hFzUEdU69e1TJ50iT5f0/8UIaPGgMKYTDnC0gEoasCgVC77ytZRN6fCmCSZ9K3CpNO6Xksnj1K8Zn8qHOak/gw+BgPjdILL7wgW7Zs4Ueg1cZwYz60AR/4rbbtRF26+lICup92FHBzzbcjiTtQjBTgvPQBSKGCUCH6g5TCCPaDarfGKUCfeeaXesyHaQabm5sRVBuzutgUN9dThe9Sz6UApTw2cVuBmR6Kw96Tnu+Un0Piid534aIF8s1vXCGrVq2CV3xUIvCMj8EZiREdWnEv4KeagVAlz0dkBaEp77PvzedabUSRWYZkYqKdaABghJNEcBBHS07SIVxWKX16V8v0GTPkjjtuAwgdCxvYZkhO6RxoviWuzVOSR/ShWX/2/sqst7uDHUQBWw/mcW2oazoorV+7Xj7+iU9gRrCtyjtjiJPbRhU92koMGgDGcaZ9Pu3xXXIUyEYB1zKyUcUdKw4KUC2vqnl29LBXAx9tiQI0YGHiyL0FoHPJksVyzTXXoLMEUACYCEO9SEhhnZSKgxiuFB1JAaofiSDjmCeeEnbMraBq57qaOvneI9+Tiy78gqxYvgJS0Gao32M6ZWdbawnaIC1B0QZxPUEotrKD0I7MbAc8Sz3a1dwFwBEDMgapDzImKMkAFTztBkMI0cSg9cOGDZGLLr5InvjRD2XoQcNhDtOC6zFnvIJQAtAkCO2ArLlH5IkCBJg+RHwYPmq4jBw5IpELjVaC9s2kNvoOZRhiuN+cFDCy9pyn3QlHgW5IAQ98JnKe2Dcj8wiAKCzZMMe3T5o5QwgA6d/++jc57eRT5ORTT5VShJnR4TxAqdqMJh7kNno0BbzOlTQwYZUwZSWkgbR7pKtRc0M9YmPeKH//+3M6gUIsAo9itK0SzwOOEJRxGzRAPbSUHBzpQKkbaCxVHc+yAICHUGaq5Es4sxlsROmURWAeBCgZgal0r5p9pZz3sQtQ0hgWDulwneeAZYaAOOxSN6JAaq0lt4OlYcyuFNEZwDilsk061TJ21JSJSiSIRmltkqpRsNe6taMAKZBsPY4ejgJFTgGqP30ApZwuUe3UEFKGvvWRlghsRbfKXXfdK5MnT5HBmHaQxn9+ePuSgbrkKGApQPW7iZVYovOgh/ylsPusQ0iw9XLNddfJG2+8JY2NjVDHNysI9esgCBLAOCSnkIYSk+rCB3azxsV8UxBMEOoH+IxDEkopaDgcxjokM6ZPgyT4IjnrnHMAUJqlBGp7mmabeeKJ4t3HZNtRd1kb8EggybpLglDmnwMt2o2uWL5MNm3apEWyZhu6k/LDduMJ1FOOuk1HAUMBZyPqWkKPooCqGFFiaovo3RukNAscks4m1dW9ZeYxM+Xee++RoaNHeZ7BJA+s3wBM2+JkxsnOFLb4LvUgCkQiEQVcVLVrt4zYs7SJ/MXPnpaHH3lYBzMNDU060KHane2GHXOccULhoEMHJSMcJYgDMMsEonm2CbXfRvsqNfF3ebwMttOUfhJ40tI1hO+nGrOUnXXmmXL1VddINabqDGPmJKYSz7nFTLvLA3rY/RQ4BdR+GbWbmmh6YptrK7zm/RhkEKS+v3SpfOOyb8j8hYukqakRbR2DLY4+ND5uHBEh2P6hC8D3oLPdpT7UbTsKeBRwXvOuKfQoCqhcBhyVazOHN9Sr6Fj9cFxqBbfcjBA72xH3cdqUKVJeVqaqyBJ4AptZmjKAqOtYe1TbIQAzkiF6DqNNAGD+5re/ltvvuFM++OADaW5qQJui+QfaFxoYQzW1RFsRnQEOG+yctTOnd7zXcGzPXiBUtGVrnx3jlFRWVq6gmnRg+cuxP3jwYLng/Atkzs1zpCxcISFIRxWxUBLslTeBQN330p60BXjERAE1GbP2nqw6AtASAEsOqJpq6+TZP/xerrhytiyHLXQM4fBiiERinO4wRCH45DeAdk8QaiYTcQ2gAKu7ILLkgGhBVIPLRFdSAPxRAYWBo+hU0WlymkWmpqYmWbturc5Lf+QRM3RGmBKqISkFS3jNG4ZaYDhC8+9+Oo8CBGrWzq2psUmefuopmfutufAW3ozOllJShg2DmBzXtWDGmShskek1TPtRTWg2bHtGHq8bBfXTHogy355nPCRg1ArQS54gNASzluHDR8j1MEf41Kc+pcftlLlG2Eta0EBwN+BjN6cKijA9LDPki2obz/pBg/UBfHKDkxbEMLAKoO5vnfsteeTRR2XjRgzA4KzXAr4ZCMFmFO0/hoFXC0Apx1tJEEoiugonFVxqTwGnXGxPE3ekB1CAI3cuBAZUHzGoeBTevUHEGaVU618vvIiA92+D/6qO1RvRm+0eQB5XxBwUIFhj+9iE+LPfefi7Gq6GAb4ZmomxMWnqwfORFqri4U1OVNYNUqZanqCaScMzAXz6AD5ZdpavoqJCjjr6KPnxj/9XPnTuR6SiqheuhB0sJGVR2A3SFCE5aNPHuJ9uSAGq4y1AQNUrKN25bbt84+tfl58+/TQGYNukrmYXIkM0SRnjMENSzkQNQCsmakgHoXrK/TgKZKWAk4hmJYs72CMo4EmvCEipWiKQoJqe6iQy1zdef00OGjZMRo44yIz2wZiNxAvUAWNuL0HqEVTrsYUkqLRAdPXq1fLLX/5SJee0A2VMTWPqgYENOmK2D0qETBOjdDB14XMIUNm75y8RfNp8aS6AHAhAKfj3Q/pFQE1HJIJPBjHnuk+fvjLz6Jk6X/yIkaNxP1XwuAeB6lkenT+ez8VfZvkUzKQWN7/FT82J206jgBk8cUARR1umhDQGG+d/Pf8vuePOuzXCSEsTJ2ZA1SMOGbVJHKK34kCEAxEOvlDZZgxm24Gr7DQSu500CjggmkYOt9PTKKAsF8HuKRvVjpm9MDpgxj6sra+XjR9slDPOOEMqyuFBryN+MFQPRDgg2rNaC+ubYJQ2klzeevNN2YT2QXu4Us7YBXUkByq0NeaiHfJuSZTfzjmz/RI8QvCpqncCaIJQlofhmcoR0oyq+M9/7r9k9uzZMnDQEANCs5TPPteu7SUOiFpKFPaaAyu2c78fknC088b6OvnZz34mDz30XW3zLZD+MwYzbaB9COWlKni1hcZsdRjQGxhb2GV0uSssCjggWlj14XLTlRRgz6gLJFR4L7XwKtfBRhzqVqpca2sbAEhr5PSzzsAFuJz6KlVYUaplFVddmWn3rnxSwEpFqZ6eNOkQefHFf2mopharks4BRO19zDs7btPgCguIAm8CeDBGKMAo1fHcgKyrsrJSJkycKDfdcIN86tP/hdnIqhWgJAviFShRMLOfCTwz95UGJIhLeaYA5ZnkaxiOeyCUUUSizeB/O3dhdqzbAUR/LhvWb4AGoF4lnTQ7YeimVkhEowh/FwUobcWMIW0cyZAvKm90kDTPFdttXu+AaLepKpfRDqeA7Rkp4UTfaYElPUPjnPoGakca6K9duxaSrw/k1FNPVgZr4APkRw6IdniVFOoDCSSZrFSU231795LjjztGXn3lZdmxc6cOXNgmjESUNqJsQ0aKau/lOgHAFLjpkbz8sCxGhW6yRLMUNHfMIW6iA4QRNYKq+BNPPEG+9MUvy5lnnaNTlXIWJQ1gbkiSzHvGvv287AWZ+wk62AvcusspYAZI5rXc1tBLAKSsq/Vr1sn1N94g//jHc7IZc8k3NjQiPqwxO9FIIriNzp0R2khDA4BYkBn5z2gQGWfdrqOApYADopYSbt2DKUDJJhfOhwwOjA6Z3p86cwgYLNVNSxG0uaZ2h5x00kl6Da+zxvk9mHA9pugK2gjcMpbqqiqEbWqSBQsWSqQZcUVhX0xHHR3MULpEYZMZuagAMbVr5uzsXZlSbUJZDjRzCUIMSsBZGkZcUEi5AghQT8lYdXUvSEKr5Mwzz5Zr4Rl/5JFHqiSMAJSOSxSg0YuegCWx4HkcmyWW1HOkQebSlYV378pKAbYD2jbTHtRUKvgdpq1dvGiJXHbpLHn9tVdVK8SZtbQCUYc0RYnAdKmlBVMi8yhGL3yO3s+GkVh41iVHgT1TwAHRPdPIXVHsFCAThTSADiT8U5cNOGf4eAwdK+Sjqn5dD9XUwAH9ZczoMbgc8UdVAkAG7FLPpAAdNQIy47BpUrOrRhYvXop2gikP0W4CmJWLzj5Eoti1fbgBYx6xuhqIGrCQrCk6JDEUk1kIJmCaAnVrOFwqhxx8iMyadZlciqVfv34aHYAe9Kkp83mp59x2YVMg1VSEUnw6mzHWZ2NTnfzjuefl9ltvk0UIUt9Q36CwknXNewhCNUg9PZWQOG7fsy10YdPC5S7/FHBANP914HJQIBTwAYgaWAmJKDCESnZ4QA+2KRjdtnWLnHTyiVKF2WRoI2WSlQKYuwukOC4bnUwBBviml3gzZpSZecwxUo9QNsuWL9fYoTHMwW08yYlF0T6ygNF8A1E6IXGqTrZjesWH4XBFMDpj+gz50Y+ekJnHHqeSXdqL0mPe2IQmieqAaJIW3WOLUk3Dq1jPBJVWqxNtwYxgkIreeuvt8ugjj8m6deuhigcIBSM0c8cDhAKIMi4uA9rDVUkZpAOh3aPmCz2XDogWeg25/HUZBUxIHb4OYlAkyADAfLlHyagPQZsbpaGxWfoP6CfTph0KqRclRGTu+FUJgYc29AjuJ7d3qWgpwNBFcXjKBwHUAvAePv74E2XN6lWyas1qtZ1jC6K00QexEb2MU8GoaRmmnXU2gaz0K709tiIovXFIIgil2r6svExOQBnuueceGTZijGaLavhWTOZAD2mWN/UZqdudXQb3/I6gAPlTMmm7AF8jCN22favMuvRS+cMf/ii74KCkDkgwSbJ1TPam7YA8ETv6R3GoS44CHUABB0Q7gIjuEcVBAcpDVSaKcE7c4hzZRl3P8mFe7VC5tGAWkXfnz5e6uho5eOJ4eBBX4hxVVmTalJDivhwA1DJ1Ps2l7k8B1qfG0WQsTXTocYSwOWTyZHnrjddl+7YdKGCbdt5sOwoB+MPmwaLjh82E7csu3hme7dBUgvbMF5cCeJYGQ7AJDWM6zrCq4WkfWFFRLlWwdb3ws5+XG667QYaOGKHXE6hoflE2etCrcx4z7y2uPXdoNXXqw0xdgquhKVDCqZUYh7d7S4u88vLL8q25c+XFF/4tDSoFRYvFheSFjCPKAPURgNIYJKHaJLTheoOoHLyuUwvjHl50FHBAtOiq1BXoQCmQlIyyIybDJYIA88aqNdqsDHrZiuUyaFB/OXTKJJWWQvZlLlEpARk9djOYdOa+XuR+ui0F2KlrpbO6Ue9+BPauxsBk2qFT5aWX/g0njzpI0RsQazGEWJwYpOB6qjq1Oemtpp1w06TMfXt8/9ZWEkoQCUYP288yZNe0Z8aHpJSTYahGjBguX/zCF2XWJZdJFexBjTqWDkls90iJbCU2zOGM9q0H3U9BUoBtgQ5HbXHE+cQa1S+NdbWYpvancsddd8qiRe9JfW2NkXbiWg6q2gA8Y1DXxzB9rUr0eRPq3GsVBVlOl6nuSQEHRLtnvblcdyoFKOlS2agBDgSZSD6oMP2YfSkWa8RUhhFZCE/pMngcT5k6Va+zs8uQWTMZG0Bse/23A6JKluL5SfTIrGAs9DwG0BwweJgMhlPba6+9Dgk6POmh2m7DwvbDK9s4gQLvzQRy1iiZxzPP7SPVVAKGe2gaEIRDVYjmA7AFjcMhhSC0tDQk5RVsu5Nlzpyb5D/Ov0D8pWFphcSfXv80OSjxZksyeWHO05Nrz+n0yP8eR0ZsWHbx6gy7rCsFoah/mhRtWLtG7rzzTvl///u/sgWhmWjfrBJvDKhoB0rwSQko24smSFHjOGearX0u91xyFDhwCjggeuA0dE8oSgoYMMpOmPZQRk0PFSUwqR8/nA60qRlq+nfmQzI6SMaOHa9SL4sflKknEKghkOu4i6yhpPbD7JtR+UZVLzJu/ETZsmmTLFm6hCeg3jThcQgCzRCHoCET3FFa2bGJktggFq4pAY0jH7QNpeT2BMQH/c5D82TSlKkKQtpoEwjwyXA8Jm8sD/KYmU0vi649d2xdHfjTUhskWBZ2zdCH1Yn2hsEFjI1kw7p1cu0118hf/vo32bWrVlqam7T+jfaHgvsSaUb0B0rRVYKuAySznVbnOpo68Fy7JzgKOCDq2oCjQC4KQCrK1Eb1vAJSrMHP1cYKpxieh/ZTq1etkgEDBsrESezQKXnANWT5aouV7BzSmHiud7rj3YYCitGI0wjUTK+PNbNvkNv06dNk/oIFKnFikHs9rJJ2TpjgXaq3eh0+tuO4ldYd+gT7Aj5yL1IyTihUr3wG8sRZkQh+mcowTWcYy4iRo+SC/zwfHtK3QaJf7mWE7ZXmJcwAbaO99qsZyf5y156z06XzjqINaQNjI8u2JN9MiTil2vSE56QcyrjQqpYsmi+Xf/Ob8uqrkNbDPjQWa1F+xTvbUPeUgnJGOY0Vi+t5zDTwLA3BAdEkwd3WAVHAAdEDIp+7uZgpkLQVNSopMn+VjsJrlEIChuWh/V1jQxMkCzXwOD5BKtDx08PeqDaNSt/SyHXclhLFu7Y4lJKoMFTfveAE9Aacl2pqalBotB5coBACo5UST9WpElJ0+AShNiXAqD2wF+tk+0IcU6jiw1C1xwBGGJ6JYJQhmMaPGydf+9rX5Atf+JKZRQnHff4QsEbKyw0M9tBw7hen35P7OnemoyigrWuvHsa64WCCobfaADbrdtTIn37/W7nyyqswcF6p2pwoQowxhBMrGpwMbSUuETXJ4MCIAHQPr3JAdA8Ecqf3lgIOiO4tpdx1PZAC5MQMbQPQoNJRAgnPdpTCCbBvPzpxqjx3IuRJCM4qRx95FFSbnBoUzikUjRJ2ePcadT3vc6koKWA7bruGFHTYQcPUCWT+/AUoMrzoMe2n6eNxETbiRJ9Um7KNUFqauqijXG5K2XZp79G2hncQhDKkFJ6uNqIhqOUrKytk+vTpchccU04/8wy8CtBD2ylCOOnMOEYKikzo/x5BCLLlgGjuuumcM3sCohkSU14OU4xWzBl/9z13yve//wNZv36jTsnJERHjgbKyOeih6UhMwzLhiCdBzywDLtNmYdfWDjnzOrfvKLCvFHBAdF8p5q7vcRRISkZN0RnEmcyYbJnqzEhLs848s3zFCgDSGjnq8CO8WZcADXitSics+zbPcL9FTgFUdxscPoLwVD/6iBlSW1Mri95bpNPFquc82wTNNwA82wBG1VPdIFQlDHGpjWebjVJUwxvgac5q1AaA0KA/qI5JDFTPRkpA2rt3LznrzDPlrrvvkTFjx2p7tKpXo7bns5js2uzt6dcB0T1RqKPPZweiFhBqk7Cv5KUYIG8F8Lzm2mvkZz//hezYuQPhmprVec4fLNXpaAlCYxqiCQ51bJEAofYte2oN9r32lW7tKLC/FHBAdH8p5+7rMRQgg26/0KQfXTcQAwOCA2/q/saNGyF5OkwOQkgc2mWptIq2d0xUxfJCcnpen9Zz6BXup5tSwNalHXTQfhhWemqi0YZ6P+H4YxEiZ5GsWbUaPiNwGkHdq9QSxpxtMBhNzOWN8lsAkGh1npRUZ/7ytrUBqXS1BN7wJjxTGeKD6nOhgqdXfBBhowYPHixXXHmFzLpslvQbMCCtzdk8p77R5n9v1t20qrpxtsk4UPPkIanJ2zX1CTtPhJhjBIf/++lTGHzcJS+8+CJYUavahFLaWeILqhaHZsuUgkZxLR+h03ymPtfbtu3RODMp18MZtk5KVF1yFDhwCjggeuA0dE/ogRQgMFVmDPU7rOzA3MHr0UE0NzXJkiWL5fgTjpVevXqrmov9Bp0GKOFKdv642wHRom05CuTQUVPipNsAAIdMmChvv/2WbN++Q8EEg8kTULIlEQhYgMF9HtQ1t73Ubh/tR2duwkCH/iit0ZiUwvkoEAxowPpRo0fJ5ZdfJv/5qU8hiH0Z8oGLdpsy37Dbi93JLqeAhzgz3ptoNxiktNImGBE9fvOrX8l9994nCxa+B2DaAptQOCWBV2kIJpoM4dqoglDEFcXzDAjNXv/Jo8ktZsEB0YyKcLv7TQEHRPebdO7Gnk4BnbEGdnwM9qxexgAGNPjfsnWz7MDMOscdfzyAQVjP0QYrALVpanJANJUaxbOtTkdoC+zgwWC1/n0Agf0QW3T40KHy3nuL4dy2S1WkjNPI67Qt8B6KqbBml6/RGnSLe3Q+SQciAaDPAB1SGN82SMcU7EMlzznjZ8yYgfigc+Sss8/W6A5+2InqaAlPyp3SgUbu69yZrqQA5Y6seTpK6hrVpAMcLxO0Bbaal4b6OnnwwQfkoe98V7Zs3oSBcQMAZytMhyKofkzXivbVipsj4FNtaE90UvKjHRnZJtqfaWpsbtry+Ipkq0hu8bgDoqSCSx1BAQdEO4KK7hk9kgJk/voHMEppAx2U1OYOkoZt27fLuAljZcyYsWD0QQNI6IzqSUUN8OiRZCv6QmtnjlJSTc6FYbzM4pMRo0dLNabUfPutt6QRIIFxPQk8GeyeERgIS0vYnvCXCgFINAtEaQ9KYw/gTtxDEMo9n4Rg99erF+xBzzpTfviDx2X4yFE4DjAMEKqg1qAZPCcdUOhF+pPrePIKt9X1FGC1mQToByDJ+vMlD+IUWgvULpS2X3LJpfKXv/wZtuo7MXNSHQY2aDcw3QghgoKJZUvQaSZUUA0/qtyAUL7BDIDYClJbQnI7ucWrHRAlFVzqCAo4INoRVHTP6JEUoFLVLIYpBzjnOMAp1aVNCBL91ttvy4Tx42T0yBEaJkUdRAgCyM+Vp6cz9h5JxCIqNAGCggRULuSg+mcq2qCGOBxFfLDfHDtmpAwffhDmpH8Tc3s3KVCMQq3u51SgaDs08dDpGNlI2KY8oMG1rySA9iU6Xzzf9f/Zew8AS4pqffxM3MSSJCM5SBJBckbF8JJP/y+/5zO/nwFFRXIGQSUICCiIAj7lgSAioEgOKgpLTpt32Zzz7sQbZv7fd/rWTM+de2fmzs7s3O75aqZvp+rqqq+qu74+dc4pOqcfB4OoMfDYsO1229knPvFxO//8c23CxM1xLVVG0EYL1veUiEXD86EBFq9TVBkJLgqJYeGbwdekjtGbBseh4pPFUHs9JO3ZDNZoT1QH4ixJN9xwA6Ttk+FOrgUjMzknoA2NY60BEvIGfKS0tLahbSENfCmRhPKDiW2t+2Z+khF6LCS5vpDAxpYEQ6ysVxkCIqJVViHKTjIRYAfPzoEswQkJuo52TAM6Y8Y0O/roo2yb7bZFwdjx4yXva5aT+wrpR4B1btYOAsGh+joQg5132N7mzZtr8+YvsJaWZjQFkFcsJAa1YAhuvQxGwg8d/8U5rjmM2ggJKF000V0Y2xpnTtpnn33ti1/4nJ0OZ+WNSL+2ASoh3tZ456id9a8jyrgKI41A1Fq6cxHq0XVBvb7xjuH0qxB3tjQ32Q9+8AP79a/vg2umBdYKKXuk3lFr+fYsCCmnmIWTeryL3D2Tk8pIqspmUXyv7rtqSwhsOgRERDcd1rpTihEI5JPmID6jEjqMDCQW69c32azZM+0f/u7vQBpIKygro4SB5CAQhGidYnhGedEiiRJ1Ommg5OQRVu37778/poh9w1auXgOygOk38VcLCSgtm914hCzBh2LJUylthXsmEFBO11kHIgJhp42HEdKxxxxjl116qZ140snWOGGi1daPARmhcRwl9N1tS0Q0Gc2QNcYlGvoufIpQSun+jHmi03J4t2TgfeES1PsDDzzkBnCcKYm+QSmLp0Q0j3gZSNojH6EFx/Ucq/fA9ALFLRzSSgiMEAIioiMEvG6bLgSCZIGdfdAJ5BzODEsWL8Uw/Sv2yU9+EnuURpCu8gp0N04wuskCDiqkDgGQCa9nkEfogpJIcBIE+vc85thj3K3TIrj9yrlnBQ6/g0o4GUU7AXHgDF4Yk/Vh+wZYRNNHaB1Y6ObQB/3i578Aidi1tsO7d8EQLCWkJBi8XySZj0MpIhpHo/q3SRPDm4Htp9NJpkEK2mxrYOx2xhln2oMPPmQbNmC++PZWt5jnZ24H2ksux48f6gejDXW9b8J7J3r78A2kIASqAQER0WqoBeUhFQigryh0HdHQKv04sjMg+dywodmtmQ/HzEuUcpFgUP8v6iMK3U3odVKBhgrRjQArlgulUaAKqHQattGf48TNxtshBx9sjz3+hLW2tFimrcVJKFsSOSuNkRrgjmkMhtsboe8HegEp6HjomO5ip37lVDv1q6da/fgJ0ZSynM3L7wPSgsYYycaQCBsmFpIZhSQgQGMiLpCJQrJJjR9/s6D+2qHn+cJf/2rnnH2OvfTiK9APbXOdUE4Xy9GWPEhopNMZvYv8G4aX80XD6i+0BZFQgqJQLQiIiFZLTSgfiUfApRboPPwljx/X88M+h8vaIB2dPm06ugqz97xnXxsD8kCWys6DEizvJcQTEt8G+i5A7+6fks+tt97Gtth8ok16YZJLs9zBPYhINtNaGGKnv9BorvjNJ25hu2KyhNO+/nX79Gc+DQMnTOWJNGjEQmMkko3uOetJSP2QZ0tEtO/aqZ6zkQSdL5IamMdzPngaOq6FCseDDz5oV1zxPZs+Y6a7AKN/YnTibuiWx1B99IHrrxYUJ3qhuPEb9tj6wlI9ZVVOhAAk9+gsLxEQQkAIbDwCoaOPLEyRHoZT6T+Sr3+S0Ux7xubOm2cHHri/+5N0V08uoWCPw/uHbiLqQHhEIU0IsF7jC+sbZDGbsb323NOWLFlsU6ZNgVV0m0vEqDdKPVBaRo8bO8Em4OPlxONPsIsvuMA+dMopICkgoZCWMriE1T9zImloICE8F1pTaJ88plDNCLBd4EOkjdNxZjBNbKMtnj/Pvg/L+J//7y9txcqVPlUsXxc1UNPghwhEoTBGoiswvEU66wpvEpBYfOx6KEhCg0TU19UMgfI2qhAQER1V1a3CDicC8Y6eZDSPjoHdAA1Q2LE0Yqi+FUNpCxbMs6OOPhI6glvjJHPE3oND9b4T7fOwwqhAoMYNkGrsmGOOsxeef96WLlsODwychhGTIDSOsbFwzzRxs4n2uc9+1q685lrbcdddKW6H9JSGT2hbJBtsaAXG6XZwMeRERGNgVPEm3xmRr1iqcNABB9Qr0AamYQKEr512mj39zB9tw/r1bojUiI8TOqrvxMdKjgZJWNgMyDc5HM/Qg4RGh/QrBKoSARHRqqwWZSqJCPD933OBdMrZAa2h2UlAhwvDZ0uWLLHZs2bZ0UcdYZtBylUD3T52Qj6O6p1IlIqMS5LYCirJMylitHBYvQHkYt9997UXX3oZOsXQFYXP0HHjJti2227nJPT0b5+BNkLjJVxF0sKheKzZWvwjiElxu2jxgzxGlqJQhQiQeEbPvFvGW0OkK4yKvvqqq+za635o06dPx4gKJKQgpjR0o0eOPPRHc3if5EFIeT3fF3yNsAW4SgbqO2oX0Zrb8aUQmRcoCIERRUBEdETh183TjkBEMNk1RJ0AjRAymTZbvXqttcHdyoknngB3O5G1c0QT8FvgCyKiaW8d8fKhfUDKucOOO8FIqd5effU1uN3J297wD3r22WfbZz7/BdKLiEjQh2SMVLq7MCbVD88UEY3jPfLb/m7wbDh7xAcGVDHQBuh6q7V5g33nssvtzrvutmVLl8EnMfSFES1yRp93VR+qbkQungpvDhJRpEdDtQGFiLUOKKoiCYHhRKAGPumip2A476K0hcAoRqAW/v9gTmBjMB84nY1nc22woB9vW269tZ3+7W/Zv/3bP9n48RPhH3KMoxSfCWcUwzYKi07JGNQz8EZ+HpbRDNu8612YKnZfkNTYa7owU1I3kfGoIqIFGKp9FeqNxJMhWnf4DFv8mHjr9dfsxzffYk889oQ1wWE9h91z0C+vhT4wpeGcLz6Ha6ma0TNAX5SfK0U8NNZyekR3x/c9jmhHCIwMAiKiI4O77jqKECARpWF8Ayxfx40fh44k65ItEs/N4UvyX/75/7NLL7tURHQUtYlSRQ3EhH4gSRIoIfV54rEfDbEWKEUR0wjERhLRUqhW17FQV+4bFnrjnXgXMECjHNLOTvvrc3+FVfx3bTL0Qum6qT2TtSxGThrGjsE+DJicgEbqGbymZ6AuOkKRRFRENIJFv9WLQGRyWb35U86EQGoQoCQjA8fT9ZiikeKrfB7T7sFi+sVJL0E1DOQD+l81HKZHB4WN1JRbBRkgAgVjNap+cqpYSkYjwoI1SAqlXT1CYVdD7j1QGcEdSrQZgtFhtBd+Q11G+/w4zULKGZFHjoI8eP9v7Prrf+jTvra1NUdSUKhhNIwdjyH7GmvOrMd7ARbx8MbBEEZOOAECQ2gf5YinR9KPEKhCBKQjWoWVoiylC4Foak+WCRpd6Ks4ysoZdnKY/5nkdENTs73xxhv2oQ992MaMHYsehXpikfFBupBQaTYGgV6Es4iXbkzaunYoEAgUsEzFhNO4FbkjDY04S9bSRYthlHSl3XHHHTZjxnSo7mSjYXe+Ayz6IKVJWgbH+Q7pDgUCWkREi79XuuMXbUlHtAgQ7Y4UAiKiI4W87jtqEAhENOo20KVA0YuGJ+MmbIFOJ+M6YKtWroKe6AQ74qijgEs0+045gCh3YXdUprsrd5mOJw0BVnBsiYbnY8eSVp7U5zeQxDJPJhU8/cmN4tVikoIFc+fY+eedZw899DtbsWIZyCms4TFcXwuxOCWe5IpwEQoSSimom6thTYlrt9Q1fKAEieiAXwwiosBRoRoQEBGthlpQHlKNQDT/N4uIrgJ9VNS5sDOCxIMdDv6ymZwtXLTIPnjyybblFpvDyXm7O6suRTf76e5SjeVoLlwgHKMZg+oue3gyuY7IaNAJ9XeAn47IKD9GJ7/1up32jW/apEkvWlNTk5NQ2h/VQkrqHBG6wPk85o2ns3qo7bh6RkH6GcchtAsR0Tgq2k4SAjJWSlJtKa+JRiDS5eo2MKiHMQrnEa+t5/BbLWbOGW/777ef3XrrT2z3vfbG8DwsY9EJ8bw7LkcsdmMhdMtEwhGthYAQ2PQIxJ/K7rvTuRK8z/sBulpqxMQEOGAdGJL/XwzD3/LTn9rixUswVedKa2wci+F4kE0Mx3sAUc1jhqRslp+pnhLO80O2jLQ1ukq/QiCRCEgimshqU6aTiAC7GGp9dS/owCD6YN9CYwROB7pm9WpISCbZkUccbu+C6x7qkbE/o69Id1gdK7i6pBgY2hQCI4ZAgTx23T9IPfmk4+MR0ky6bctlWjBf/Ar72c9+ZjfeeJMtX77CWtpa/Tx+XF888hOKa5AEhKF4PcBCvitdfXp2QaGNVCEgIpqq6lRhkoQAh+s4DR+7GnYx7Zhbmqx0BTqopg3r7ZQPnmwNjZjqEdIUDrtF84k7L/ViiogmqbaV1/Qi0E0VozJyn7Op1UC3E66XOKIBC8WF8+ba1ddcZXff/Suf0KK1pcmj+4gHVHQyWYyA8EM1Rz1ypICfninriU9vGxrdJZOPmNFd/yp9FSDQAaKZQT4a0RlxCj/6HH3kkcesHVP6/eimG0FGx8JrC928gLJCb6wm+JGUgKQKak9ZEAIRApEOZ0RCeaQ904xZsmBwBDdtf3r2Obvwwottzty5eMbzeLYxhSue97r6BndAn4O/0A6KQINvUJDYniQ0uod+hUAaEZBENI21qjIlAgE3YGBO2elQBEKpJ6Ug2Oec06thST9xwgQ75LD304IBkhKM1xV8TSJqryD9sV6Q6IAQ2AQIFCgjntlOkEk+ou0Yhh/TiFnU8DF5//3324UXXWJLoA+ap1N6qNtwlINjG1lIQX3mJIzFu3oonv0an8KVnjMwUxIS616ontO9BEOoTVBA3UIIDCsCIqLDCq8SFwLlEegiooUo7jsUU4HWUiRKx9XQG5s1e5bttdtuMF7aC7FwHL2VD9hRMkrCGgvF+7FT2hQCQmDYEIiIKD4j8XhiKk4YIdZCt3POrHfsh9ffaLfc8lNbtmQpPzMxOxKs4DFlJ591bEZ6oHiMI0OkYrdtPZ/v4uyLiBYjov2kIiAimtSaU74Tj0AwWiIhjRzYUxqC7soJZgd0Rlusra3d3pkz1w475BDbZvttab0AAlro+Lyf4na0UHKiIASEwKZGIHoeedc8dEI7MPT+youv2PkXXmSPPvqEtTS3wHgeEk+ST+qBQhrKiSyoYZPHjxso+RAHH+juxR/vPooiItoHODqVKARERBNVXcpsGhFwYlngk5R2go66VDQP36LcWwVL+qYNTfaBE0+0ehgvsbPya4qIp4hoGluHylT9CAQiCgMlPJt333W3fe+738MsSTMwpW/W2luoD1pveUpC4Y4N/5FVPOLyP1xdXE4R0WJEtJ9WBERE01qzKldiECDZ9JlUYIzEXqkGM67QlRMX55r4oZHDosWL7JQPfdAdXnsPRgGoD+OzKyM5ZZG5XW7pr2vj9QpCQAj0hQCeUn/Cup+mGmsF2eyEz9CrMFXnLTf/BPPFLwTxhP4ndEStA0Py9AlMAopHM49h+w6OgiABWsZzlIMLR0KYZlj6ygPPSSLaH0I6nxQERESTUlPKZ6oRIHWEapl3cN4xUUcUhg+1sJavozQFzq7fmT3H5sIFzJGHH27jN5uA8+i0MJTvAR0bddD6DoW4fUfSWSEgBPpAgM8qQzabsTo8n1lYwL/51lt2zdVX2W/uf8CWYIY0ssk8zlPlhvFpKR/5BoVzepzr6OEf1JPrpfMdHS3/KyJaHhudSRYCIqLJqi/lNsUIhCH6yKsopCOQjLqQlPwRvVcHmOeC+Qts3LjxduRRR3IyJp7AEhFMEVHioSAEhgqBIPvkM9a90LESlzo8n62tLfbw7/9g1/7gWpv04ku2YtkKjFjAJROiuz9QXJlzZ/WF2ZG60sGJjTQ2FBEdqnpWOiONQH8ilJHOn+4vBEYVAkHCmUfnlcvBzQs6rjzW2UwbfA+2WzOGAH9x5502feo0H5WnxIWhA8OC7Jjiy6gCToUVApsYAT5rTz35pN30ox/Zq6+9amvWrHF/vxxi53PJiSqchFIairjcD3SWFFdBCAiBCAHNNa+WIASqEIEadFx048ShP+qP0p99tF2L6QLH2vve9167+cc/tt323MN10dgp1tWPKTzVRQWKuCoEMHSKHwuRIDV2QJtCYBQjUHhO6MO3Z4j2SSP5wcfnrCOftdtvu81uvvkWW7RosWUy7Rh+p7ESHNhz2B3PYzuMDeOhSyc0fjC2TbdPlYQOjvUrCIEUIKCh+RRUooqQQgRouEBDpE50TnTphL8xmK8aPZxLV1bDkn7FihV20gkn2NjxEyGBcYXRHkAU+xXtZVUvItoDL+0IAUeAz12P0L1fW9toc96ZZddcdZX9+Mc3Y6rO1T4DWjZD/6GYGY3D8DRG4vNYUJlhUj1IKIfki4blGaf4eeWxvgLJroIQSAMCIqJpqEWVIZUIkIhGg3kkpTWYqaUR+9AVhSSEM7QsW77MNt98ou2z9942ZuzYqHOLkcvijk1ENJXNRIXaSAQCoYts1pFYFxGlxDGQPTxzMD56/vm/2BWXX26PP/aENcM/aHtrsxsVRkPv0AflPPG4LPINimv5PBaeSU8pTkCLCGnx89pfsUK++4un80Kg2hEQEa32GlL+Ri0CLhFl6SEVpe5oXT2m+SQJRYeYowSmvs4mT55iO+6wox1w4IGR2EVEdNS2FxV84xDoTUS7SShJ37VXX2vXXfdDmzJlGpzUN9mG9RtszLhG6IU2cD40y9BZPVhoHnF5ZZxYupsmZi9ORIuyG49fdKrkrohoSVh0MIEIiIgmsNKU5dGBQGSbS2kodM46aiybhzsYGD747EtQGu2AeyfO2vLa669bA0jqYUccAZKaBTgYvgdh5YB+V+eKo5KIjo52o1L2jQAlls4UyRYjMaVfwOF0jK4jQB2mk87nsYBctrdn7NqrrrGf3Xa7rV+7AYaD+BDEc9bYAOt46IXyujyeRSebwZ1aIemuW/gd+v4hsaxk6Ts1nRUCyUFARDQ5daWcjlIEIsmo95iua8aRQwpW6usb0QHmrKWl1WbOmGl77bmn7fzuXbxDpNlDXV19D8RERHvAoZ3RikD0KJUoPT793JkvjIw4kwQI5pw5c+xb3zzdfnXvvdbWmoEBUgZqMfBlQdKIZy8HIpqjVTwWvwbPJSWbZW9R4q46JARGOwLsrxSEgBBIAAKUuHTmoSMKOSf7Peqe0Y9hDpa8S5YutRtvusnWrl1rdegIG8aMS0CJlEUhMAII+JdcN1WklTsDCWQ+i5mQEDphFf/mm2/bqV8/zf745z9j2B1Tdba2WratDRLRdjizxz70tLN4EGkt3zX07lfTvjCmI1M4ppUQEAKlEZBEtDQuOioEqgYBN1oqzNBCQwoOt7urF3Sg9RweBEHtwHlKRrfddht7/6GHeqcaCuC+Sb3f5TB/rIOMbYa4WguBNCPAZyWEaDvsQ7IJEsrnKg8VmMcef9wuvugSmzptmvvvbW9rtdrGBnh2gm9QSkIx05m7TwqXM9Ei90vxU+GeWgsBIdAbARHR3pjoiBCoKgRIPTnsFzikDwu6ZS78FmJ2FxJN9q8Z6LItmDfftttuO9tvfxgvwRE+O8duPdEiIlpcShHTYkS0nxIEnHQWMUOSzprawnC85aDqUm/Lli2xCy64CD56b7YFCxZgxKHJCSfjcmg+B91rJtNJqSqm3nXySQLKpSgU3a7orHaFgBAICIiIBiS0FgJVjkCXFT3yGdnl+ui8SzlJUum6cN26tTb57cl2wL772g477QSzC3SHNFyCcZPrv/VVRhHRvtDRuRQg0C0RxbA6Ziurq8cTAukmRwremT3LzjjjTHvuuT/DP+gqGALCNRP+6jBlJ42T3MapwC77n06Xz6iCEBACA0FARHQgKCmOEKgCBAIRpXNsckZ2dB3YiWSekMjgYC0kp83oQKdOnWrHHXu0bbXNNohFQwoQUVoD9xVERPtCR+cSj0DcXJ4fblmQUC55mwujpFO/9jV7+623bD3cMrW2kIRC1xq+e/FUuZGSWwpij88fnzXX2eZ+0RLUX7jmIkIKgBSEQB8IiIj2AY5OCYFqQiAQ0Z58ETIb9K+UiNZC6tm8br3VQW90/YZ1tmjxIjvu6CPRmY6FBX00hO89aKFQlA6FTtMP9Uy4moquvAiBjUOgyyAJowOuZw1XTZBxtre32wsvvmTf/vYZNmXy29aG/Xy+HarY0L+GJLQGw+85+u2FG6curxOF5yRSmcEOHz4uhdDjmcIxEdGAjNZCoDQCIqKlcdFRIVB1CFDaGck/OZ81O75oiaQutVZfUw/SiXmwIeGhY+0lS5dg9qWldvzxx2F6UDjeppNEXJLPZSANykGtrR79Z3cH6slVXamVISEwQATKMT744aWedE0tLNwzMDqqgX9Q+Amtaai3r371q/ajm35kixYshNSzDR4o8GzACwXVWJgcCWiWsyXheQpE1J8Y/JS7HY/7OZ+znh97pZfo+R1g2RRNCKQYARHRFFeuipYuBOKkMSKfUfn8uPd+HZB80iN3J+a8hlUv3MosWboYMy/tYPsfsD9sK+hXFFQW/kUpPe01VB/jpOlCTqUZ3Qjw4eCkEPD/iaH4OsxI9tabb9qXvvQV+8tfnscMSev8w40+eakISsM/eqHIYxIJPkP8q8VHXjzwUXF90/iHXDwCtsMIRtHh2K4euBgY2hzFCIiIjuLKV9GThUCciDLn3A/HKPGJJCydkHRim1IYrFtb2mz6zOl2xBFH2jbbbO06pFHfSX3Roo6waJf3UBACiUeAFu7+PEQ61A8+8IBddPGlNm36DNenpv40RxE64ReUM5jlwERh3wdySsf1uBTnSwXS276CiGhf6OicEOhGQES0GwttCYGqRiCQznKZjIbuaecLCY6TUQ4vdsC/aJsbYxyHIXrXFSUBRSdLqWgPMioiWg5aHU8IAr31nmmgxMWsDUZ8v33gfrvsO9/FjEnz3TVTph0uzvAsYB4yrCgFpXN6zpTkDLQsCWV6IqJEQUEIbDwCNfCd1t/ztPF3UQpCQAhsNAL9zdbi1vPQIyUHraursTHjxvrwITvnzSduZocedqjdcMP1tvPOu7o7GjrDpzSod+jHur73BToiBEYegUJPRkfz1OmkLnTj2DGerwXz5tm1115jjz32uK1etRpGSq3RUH0nTJZcAkqyyhnLSEpBMjE0jzF83w4/0ahD2IOuNe7RV6hxHdHyMTpxbwUhIATwqMFR7yUCQggIgepHoD+JaLeIhhJPdKswTur04cVOtwbe0NRkS5Ystg984IMYeuywBieiLHexKLR4v/qxUQ5HNwIuCWU75j++xOiAvpbO6gHLjOnT7IyzzrSnnnwSfnbX+RSddMmUh9Sze2rObhJKJP1Zw0ddPBQTUY499BU0NN8XOjonBLoREBHtxkJbQqCqEeiPiPakj5xtCS5nvK+k1W6NZTIZOOpeDT+J6+yE4491ow302ihz4UqX0LAnr2oYlDkh0AsBtu8OOqYvzHCUbW92o7zHH3nEXTO9+upr7qopj9nG6LKJaix4OpyI8hGhTihHBzqpQM1nooiE8oYiokRBQQgMPQIiokOPqVIUAsOCQGVElJ1rNHRIl9rUB83l2tAJZ2zu3LnW1tZmxx13bKHDDcyzsA67w1IKJSoEhgcBd7EEIkoSyuH3W26+2b73/e9jFGCptcFBPYcJsnDH1NgAF2dgn9QH7Qr+wdZ3wxcR7UJLG0JgSBEQER1SOJWYEBg+BNhXllucpLIf9QXWvm6gAWMliES7/rzjxRnowXEKwyNhSb/tdjsjUe+FcS3WXNxHaawcfffPsYjaFAKbEAE0VX5s5bJtPhRPx/N19TX2ChzUn3feufbYo4/bqlWr8AHm4s5I7xNSTxJQ2iLRRRObfmj+xTnvPXNS15Pkz1Rx/N77XQ8kTpXa7n2FjgiB0YiAiOhorHWVOXUIoD+N9Nq8ZNxjYC+LYUboynHTRx1xlLpxGzZssOnTp9uRh7/ftthsM6up51SG4boi5lm0y5QVhMBII0ASWosZw+gftA4+cjln/NNPPWkXX3KJvfXWZLTx9SCbkQV8Jz6+8iCeJJ8+UlCOfcYKFZ6G2CFtCgEhMAwIiIgOA6hKUgiMBALdQ/fxLrSwDTIJ8w2XHKHHxmwxWVuzep0tW7bMTjzpJBvTwClAg5VwEfMs2h2JsumeQqAYgRp+YHmA709IRX/1q3vt8iuusNkzZzsJra1tcDdMEQmlWybqhMKiHn+UdnY/L8UpR/sh9dJndVQICIGhQkBEdKiQVDpCYIQR6O5Yi7pQl/7U0EUGhiGDVIgSog43Xtpzjz1t/4Pei9wHxhnWhQIV7Y5wMXX7UYQA22s8dLdxSPYxFE9paHPTenvyyafsyquutAULFmAoHr5Bg/on2jjTgFwUw/ERAQ0pxtOK3yNsh3hhX2shIASGBwER0eHBVakKgU2OQHfHWtSFYkweNLRAMyH5dGKJH1jVNzU32aRJL3mHfsThR6J3z/n82sHZvccVEd3kdTnab1hMQH2/0KxJPrOYF75hzDhbtHC+nXveeXbrrbfio2qttbe1g4hyLnl8VuHDi8PxOQ7Hh2sJrOuo0KtE31LRoqdotFeJyi8Ehg0BEdFhg1YJC4FNi0BZIurZwIAkemPGCfFq3bdTDYbp87ZmzWojEd1m++2doNbWwdl9IQTeGva1FgKbCoFehBRzxdfCPy6Z5p///Kx985vftNdee82a4COXJNTni2fm+J0FqWiec8XHhuNJQjGLZ7fs37+0SpdGRLQ0LjoqBIYaARHRoUZU6QmBEUIgEEx0waVzgA7YLYGx5hSg1JWj4+88iCiP0/H3x045xcZuNoHiJHTWHei3mVas58YeRz0LR0vfR0eFwDAg0AkSylALw6T//fnP7dLLLrOFCxdAH7TZWltauu7IGYvcMAltmi6dgk6oRwDxpFMI/Bd2w1bhQGxV5imKxdCmEBACQ4GAiOhQoKg0hEAVINAvES3ksZN6c5QEgVFy7vn2tgx65hpbumSJTZk6xU45+QPWOI5TI4ZOGuuwiaOhg44dqoLSKwtpQKBYAtpdJjRWqJKshyX8ld//nt188y22cuUK9/6Qy2Yh+YzaMuOThLKNU2rag4TyJNp5vN12PzM82TOEdt7zqPaEgBAYagRERIcaUaUnBEYIAXac0UJpZ/dSmF6puwOmVAidNOeud+1RWB9HHXaHLVq82MZhjvrDDz0UfTZ9NGL+GZeegreiB++EOAmXeYh36CNUZN02JQhwGJ3EMQo0MMKQOoyOOBtYYyNci4GEUvfzggvOt7vuuttnB8u0t3k7RkuOJPxomxiJj0gok/OngdyTbZbPQ+/Q/cwwfs+ld2wdEQJCYDgQEBEdDlSVphCoIgTCnNe9iCMIpve+Pgxvlstg6kPMwDR75izbd++9bI+99gaH5dAmhkMhOeW0iN1stsdmFZVWWUkmAhFN5LS0DPwIqoNv25rOnJPMZ5551s465yx77PEnIAVdaxlM01kQejKyX0P3TC4JxV4goX6i8BPdIX5E20JACFQDAsFxYDXkRXkQAkJgGBEo7og7ClYbjSCkOYiS6tCfN2Ee+hXQG/3+lVfZu3fZzfY96GAIo+gmBzJW2IhwZnoKrxSEwNAjQJ3kQuvCB1A202TNzS125y/vsttuv92H4luaN7iUvr6+ARLSiLSGqWxdqopMFbfzkE+OAMQD9aIVhIAQGHkEaurr6/U0jnw9KAdCYNgQ6OrcS9yhDhJQSjop+ayvj1w80ZCpsXGsHXDA/nbzLT+xffc/AFeyE+erglRUQQgMDQLBhRIloTSOcx3RAqNcuGiBXXTRJfbnP/3F1q5bh9aH4flsO5phrc+OlHORaDe55GWMA23RAWVORHRAMCmSEBh2BDQ0P+wQ6wZCYKQRYGfde6lxNzicbaaQPwxt1hV06XiILnGmTplsJ59wvI0fM8anAaVklHy0LyOPkS6t7l+tCFDayZbFNoT2yH+0tw74ru3Mwy1TXb1l21utvqHe5s+fY6ef/m177rm/goSujq6B/9BcBnGRTAfmj6d1vKfDtLggwRp8KPF3IH+lhu+RiIIQEAKbGAER0U0MuG4nBKoFgRqOtXuXzS6ZHXkk7XTVUfT2JJ3rIInqgJHICSceDyIKTR5aIrvECl19aG8dDgAAQABJREFU0VBntZRL+ahWBEhCo8A2FDUftCM0OOomk4xygoXf/OY+O//8C+3ttyfbqlUrvc3hB+wTzumzbH+Qe0KVxD+kQoKDWIuIDgI0XSIEhgEBEdFhAFVJCoGqRoAElMPxXUQSZMClSujcOTyKzFOfLp+h38Zamzt/nu2626629567wYcjJKMRU8X1EXH14VTE7E6vqkuvzI0YAt1E1CWhGFqP2kwn9EGb/TPohh/e4K6Z5s2bZxua1vK7x12MMR6lnSSgtJJ3IkuJ/kYEEdGNAE+XCoEhREBEdAjBVFJCIBEIFAhknDhSHgo2ig6eHT7ko04A6mGd3Gbt8NM4ZfIU23+//WznnbaH0VIDCARJAIdHu0scT6/7qLaEQEAg1lhwiFN1chpOktCVK1fZ1VdfY7/85Z22fMUKDNE3Y8ieHzf8ZiLxpB4zfYRGaYmIBky1FgLJR0BENPl1qBIIgQoRICGgH1F08iSdWLyXx1ESUpJR7udBQKlxl8fQfHNLm82aNdMOeu97bYcdtgN5aHdJFS/1YdOCdJUy1Sj1KDFuM02FUYCAt4US5YQlfORgnuQT7a1g70ZJOgnl0089Df+gF9kzz/wResnN1g5LeZeyg4D6x42ni6lo89Gc8b6Lcww+Uxha3GD+SuRUh4SAEBgBBERERwB03VIIVAMCJSWYTk6ROyej1N+LhumzMChZvmIlZrbZYEcfdYRtNnEiIuG8s0z+gB5gJ9I1jUpX4KYiohEco/eXknYQUEpAfVYvWMhzatn1TevtnnvucUno1ClTrQltKwsJvDclDr/zowbNih9GHI7Pg4jGg6ze42hoWwgkFwER0eTWnXIuBDYKgWIiyqHPuPSSQie3QgYbdcMQnFy6dKmtWbPajj/uWKujSLWWrog5RE9SCvLgCUSpiIhuVPWk52I0LJ+dCzqhlHTWNzbYgnnz7ZprrrGf//wXtmjRQkjYM2g/kfEciShbntvYQ2KaL+h/FFZduPSkpV2HtSEEhEDCEBARTViFKbtCYKgQ6EVECwlTJ4/n3AE4uSa2eYyzK7W2ttqcOe9Ap2+lnXzyyS7Z4rkuiaizTxHRoaqjVKTDLxyEDkwIz3a1cMF8O/ecc+3BBx+ydsyQ1I42Rc8M+LJxJdA8CGsHCSilqC6Zx/XRF04POEREe8ChHSGQWARERBNbdcq4ENg4BIqJqItDwSGpbwcGANLABSSUt8F+HayUyTNzsKZftmwZ9EUPsN333NuH5KlPSqkpre+jAXqkEvHRoH7qaW1cjnV1UhAInhS4pnoHh+bxKQMSusC+8uUv26RJk0BMO52IdmRplQRpOggopZ8koYjugSsc8V98EkUHC78ioj3g0I4QSCwCIqKJrTplXAhsHAK9iGg8ORJS9PTRPPWRdJQdP2dhIlFthlHJW2+/ZScef4xttdXWkF5hTnB3C8VEAgON1oU9EdE4vinfDm3LndXTOh5/M2fOAAn9ir351psgoG3uiokuwjwuGhtJKI2XwEdBPaFPij/S0O4gItqNhbaEQHoQEBFNT12qJEKgIgQCWSh3kctCC0OjpAMNjY1OC3z0HYRh3fr1tnDhQjseZHT8hAkgFPRPStpZIBAUhSGIiDoMo+KHHy8hdOSyPgNSw9gx9r+YK/788863WbNnW1tLs3ViKL6DTunRXig1zWLYnh8z3O6EJD6WTEgO5yhr72pdXce1IQSEQLIREBFNdv0p90Jg0Aj0T0SjpEkuKBmtb2iIiChIqLNLrJavWG577L67Hbj/fq5H6lc4GcWWiOig6yZJF/owvDPH8MkR5Z5uv5YuW2pnn3mm3XLrrbYCesVZHKPrr9b2rDWiPVEflHPG06KebYrfPaVIaJRiz/SThJHyKgSEQHkERETLY6MzQiDVCPRHRJ1ssu93qVWN5TAFYz3JpQs6IcHKZcAaOu2FSS/auAnj7f2HH+E6fw2NY3FJHaK5zb1Lvfq9V6qRTkvhIl3NyCco6CK/ULgEOSXH1KlXDOM1fov89bnn7LtXXG5PP/OMtbViKJ6EE4PulLQzDqWg7gcU7py8rRkl6lD9cOVib3hsfLElLTiqHEJACMQREBGNo6FtITCKEKiEHNKAJNLcy1sduEGYHzwHMpGBdGva1Bm27TZbw4DpYAy5cmpQkA1yiIhhcEMh8QgUZJWFVSiOS0SxwzZBgzUOu//+oQfs0ksvtddef91aoE/cAYJKwtqZ4xA83ThxIY8FCS2EzoIEvSj5cFprISAEUoqAiGhKK1bFEgL9ITBQIkoOEZFKyLMKcyzShSgP0vKZQ605HH/r7cm2+eab20EHHwzOGllLR3mISIhIaX81Uu3nCxSxDFNkO1m3epVdd911dv31P3T94baWFrSNHKTnhVm6QEI7MAxP4SkNknoKPCOd4l7Js/GVWqodLuVPCAiBASEgIjogmBRJCKQPgQET0a6igyJE/74eN3ZCZN1McgHxVltbu02fMcOOPPxw22HH7XFVoBRck7mGdVeC2kgKAl51hfosrIqzvnTxIjv7nHPsnnvvtVUgpFn4CM1kczYGRm6cSSmShOJjBh8pbk2PBHq2wT6IaPHNtC8EhEBqEBARTU1VqiBCoDIEepKAPq4N0k8nI7UFH4+QhLZn3AWPS0c51Aqy2draYo2YOeeEE46BA3y/EAnzQg7tU/+Pax4vJiF+SD/VhEAR4eykTjCGz32WLVq8U88TZJPCykXwnnDqqV+zP0MvdMO6dZbNZjAcDx/1cFLvzulR73kcIAll/UdJU32DsymRgEYklMUvui0bCg8rCAEhkFIERERTWrEqlhDoD4EBE9FCQl26gCAGJJ2c0jMioZE+aF1dvRsrzZo501owJHv44e+3BlhGcyg2A4f3dXWFKRxFRPurmuo7X8OxdJDP+nrX86wBwWR7aG5qsl/fd599/bTTbNas2bYeJNTbFdoI15SUUxJKFQ4yzOCYiefKtT8R0eqrfuVICAwnAiKiw4mu0hYCVYxAOSJQLsuBiIbzPgUoLJxpYxKIaT5LfdGczZ8/zxrHNNqhhx4MwlGHWZnqsabUi9KtSMJV6f3DfbUebgQotQYddOXgwpoSbX6AQB+4ph712JG1+fMW2I9+9CO79daf2rKly6wV/kG9TvF1QsJJQzYS0A4YJHGfwlCSzLCUq3+e7xFwXwUhIATSi4CIaHrrViUTAn0iUI4IlLuoJBFF5MATOOsSKUiexkvgLbNmv2Pbb7+D7b3PXi49qwUZDfN9RqS03J10fGQRiFPBAilFhjJwwYQOA+oYeXv88cfsnLPPsz/++U+2ctUqy2Monh8gTlbRBjLYj9pLPK2ehLJc+4tf4TiEBjayoOjuQkAIDBMCIqLDBKySFQLVjgCJQiVLcXlIJPhn9Bnq27SUp+TTMBybBzHptKVLl9pxxx5vW2+5teVguEKjFcaJ5GI9iUlx+tofbgQCyST1iy+8b+FcwcdnJ8gnj1Gy+YffPWxXXX2NzZw9y9atXW05uGRy6Tg/Q9CmcjkOx7NtsX57SsGZcgjxO8a3w3mthYAQGB0IiIiOjnpWKYXAkCPQRURJaCENpSESSWgNdEVplJKFWLS5GdM54vjJJ59sdfWNmPKRUzuS1DBieT3BIc+sEiyBAOlfqUASigASmoeUk/VFaffKFSvtjjvusBtuvMnmL1iAut3gPmQp3WZboD4o3XhxznhvG2wMCkJACAiBfhAQEe0HIJ0WAkKgNAIkGwwuFSUZ5TSNvhdJPXMwUMpksvbOO3Nsi823tAMP2N/qMesSp37klbUgrAojiUA5Ilo4DoLZgY+J+oZ66IPOs/POu8Du+81vbRWG4tvaWkFSSTi7SWgeElAaJnkQCR3JitW9hUCiEBARTVR1KbNCoHoQCEQ05MhNVEBISUVINOvrG9yNTzvcPE2eMtne8559bccdd4AR0zirhfU1Y3EotzidkJ7Ww41ATyLaCSl2VBfR8TCV5wIYnp199rn2l7/81VatWAES2mbtbRm46Wr0+IztklCR0OGuMKUvBFKJgIhoKqtVhRICw49ALwLpVta4byeG6fFHd01ZzKjDKUApGaXx0lbQFd1rrz2hK1qHId9AWQtS1ZBljegGJIZ53U1E+UFAJ/MchqeXA0o6OzMZW7ZsmX3jtG/ay6+8YutWrYXUG5JsnGtsaPSvDR+O50xJPlUnKi4uCeV2fH+YS6PkhYAQSCYCIqLJrDflWgiMOAK9iCjIZxQKQ7bYiYyTMGQLQtoM36KzYeCy+26725577e36ohSdhuHdrgKJiHZBMbwbob5YB9TXhV9YfCDQUf36tWvt9jtut1O/9nWbOXMW/MI2W2tzCwgnmCjrDH80XcqBhNIwzQOuVxACQkAIVIqAiGiliCm+EBACjgBpTHwhkYmspHEUUtEa+JOkVJRklBK3DGbhacU0oHPmzrH3vvcg22abd0VElcTGOUyBgYqIDlMLowQ6XmO8Tfcxl3aivl59+WU77RvfsPvuux8O65utrbXVLeNJP9FhwDANqYC4dnCmJNRrZB3PSlTFDVPFKVkhkGoERERTXb0qnBDYdAh0S0gjskPpmktEwTKD1Kwd+oUtkKytxlzkJ510EmZegrsnkBsfCuZlsdCdXuygNjcCgTjAgYDGk6uxJ+Ef9Iwzz7Tp02dAvzfrup+tre1ONuug19sBFgruGS0gtZSMUg3Dg4hoHExtCwEhMEAEREQHCJSiCQEh0DcCpCPRQnISLS7qrMUeyCYDraozMF6iE/TVq9fYiSeeAKvsBpyhmC2Qo0JKgfGEVDX06xhW/hNwDVdyPzqWgfU7p2alJ4O777rLLrnkEps3dz50ejOWhV5vNsMB+Ih45mFBT0ko6yoySYvS43kPxUSU9acgBISAEOgHARHRfgDSaSEgBAaHAIfjw1KLucnr4cg+GqbvsDYM0y9ZvMR23XUXe89+B/gN3Eo7dqsuiWhhxDca+o9F0OYAEYgIoVvFOwElCSXv74Q7rQZbuGCh/eTWW+2GG26w5ctXYKrOFkhD8z4ta6g/j+9XhR9UCo3TELroZjERDVG1FgJCQAj0gYCIaB/g6JQQEAJ9IEDiEV9KRCWRYYhWlJPyEvinhGSUUrUlSxbbCccfYxPGj8PxOo8bfkREAxIbu44+CCCPdqv4Tlq4d2KWK8wZP2/OPDv/gvPt4Yf/YGtWrbGm9etdjWLc+AlYc9CdtcTre+ehw8/0Pq4jQkAICIFKEBARrQQtxRUCQqAbgQFLwEBlMOyexxSf5DMkoyQ4vHzlypX25ttv2YdPOcXGjZvQlXYXCQ1HnPPKKjvAMZB1+AgglsS/E+6ZomMRwXzl5VdgFf81e+WV120trOSbmzbA9yunaIVRUg31QUlAo7hecbGbwk4JoQQ7jcXRphAQAkJgIAiIiA4EJcURAkKgNwIDJqJkLTUYlqdkNNIXJdlpbWnD7Ep1tnrlasxIXmNHHnEEfFTS5ZNHd8kp49H6nuuI+JD8hMXZEPYVeiIQ6X92wGWW40cJNLapHkEvBh1wt8Rh+Msv/65NmzbFh+IpJa0tSKRrYGSWgz9RWsPnSWAhGXWpKOCOLObD3UREAxJaCwEhMHgEREQHj52uFAKjG4EBE9EIppqCTqGT0gLBJKdsy7TZ22+/bdtuu60dethhYDsgUjwfjJPK8s2yJ0Z3vQBUJ/zAj0Zi1L3lTFasrlfgmP7ss86ye++9D87ql1hraxbklP5DGQ/Q40OBQ/KcJAmrSCpaFk0R0bLQ6IQQEAIDRkBEdMBQKaIQEAI9EBgkEQ1S0QZOAQpJHZw8kTrZa6+9bptNmGD77/ceo6sgEdEeaPe/E3ghCD+xozSUJDTi8x32u98+aOecey7I6KvW0rTWpZ11dZBUU0qKWa46qBNKEgpGShIaWchHt+VQfC/azwNsA2HpP4eKIQSEgBDohYCUrnpBogNCQAgMNwI0VmqDc3tK4jhUnAcRaoKO4s9+9jObMmUKyFNPw6Xhzk8q0ndiGEoCQsnpOl3PodMef/RRu/Cii2zRooUeIZMlWaWfV+iCgmXCM1NUDxRRh+DTdkY78MClIASEgBAYFgQkER0WWJWoEBACxQiA+oDmRAslbvRf6bzHdUBJSHM++9IqGDB96OSTrIZDyo2Mw6H6UsS0l4yu+JYp3wcuDmCcJXIbMx6B2HeC4Ldias6HHnzALrr4Epu/YC78grZbLpthFFzKiQagB+pxWS+8ljgXpKnY6k6f54oXj6AfISAEhMBGISAiulHw6WIhIAQGi4DTSAzruoESmFE7nKvTSGYVnN0vX7HcjjzySBsLN0IcXs7nMhhCBintEUY7ESUx7A4cVvehdVjH10HtYTGknzfceKNdd/31tgaTBxBDSkk5qUAnCSiloPTk1JVMzwGyrsPdt9CWEBACQmDIERARHXJIlaAQEAIDQaAWJNSt4anTiAsykNTRqptTSy5dusx22mkne89ee1ndmLFu8R2J8eIpjzYiGpeA9qaJHU40c3BSP86mTp5s3zr9W/aHPzxiLZCK5nLwIYrZk/J5GiL11AUNbpqILFMNSxxpbQsBISAEhguBGviN6/1GG667KV0hIASEQAEBJ6KgoDVQQKyDRQ0lduNhrMQwBuRzm3dtY/fde4/tvc/eGKLHNKCF4Xnql1K3lEPIoytAktktvoxIfAyAttZma4CR19RpM+1zn/uszZ+/wEl9R0fWpco+iUBhKB4yZh+Wj13eK734OW0LASEgBIYLgdH2Jh8uHJWuEBAClSIAiaj7pYSgjw7Xx43fDGscw5hxG6aZXLt2nZ1+xlm2cPFiH3LOtLW57mO+yzE7iRn9XUZLpbdPUnwS0DgJ9by7MREIfLYdAOZt7Nix8A96o/37v/+rzZ492z0S5GkIBlFDjgtIaLeObqQHGvkZDX5ak4SI8ioEhEBaENDQfFpqUuUQAglDwIflkWcKN304GJJOKi7WUmnUQw3mPl9uU2FFf+KJJ9pmEydC97HRSRfEd4U43asud0/dh1K21ZOM0tE/SSglnauhV3vRxRfbL395J/yDLrO29lbgCLdMdMWE8x1ko5A+Uz+UehC9SG3KkFJxhIAQSA4CIqLJqSvlVAikCoFARMlCXaoJkkR6SSJaA13RtuYWdz9Ew6UZM2baBz70IUhNo6F7zvhDBkuJaqCko4GIQjQMhJy2OzZUUZg5fYadecaZ9tijj9uqFSssA9+s9cCPfkBJQt0oiXqhBakqr3YiTzLf18J4CkJACAiBYUZAQ/PDDLCSFwJCoH8EMLu5G9LkMJRM10MMY8aNh6uhrLXC3+hLL79sTz31lGXaWsDFYOo96kKECYsduGNHe7s9/MCD9uUvfdleefU1a25ugp4thuKzkSl8kIS6K6dSQ/ujDkMVWAgIgWpEQBLRaqwV5UkIjAIEuiSiYFb+R6/pdDAKKZ/PtgRpHt05kYySVE2bPtV23XUX2+c9++J4YR514BRNHUo9R4IWSQtLr4PstLrB7ZZ5hlJEkuJI4osygFTmWtvsiu9912688SY4qV9sGzZsAElv89LXNTQAC/oIpYU89GhhmGQ+vWqR3AHpKAgBISAERhoBEdGRrgHdXwiMUgS6iCjLz1Fi/oCMdmCaH6o04uVUGE4GmcJwfdOGJpsFI5xDDnmvbbf9do4aCZcTUHcBVUS0euGaDCJaTA+BiJNPul/inPEzpk21077xDXv49w/bSjj/z2Eong5BsyDtxIyYOP0kCaVBU1ex+8OnF2A6IASEgBAYdgRERIcdYt1ACAiBUgj0IKKM4GQUZImSUUjrSEZr6wqSPVjKU1K6bt16OGdfBeOlk2xM4xg4cALxKhg3wTV+qdvEjnUxstix6ttkLrmQkEKz02eYYi4zmTZ7/JE/2Nlnn2Ovv/EmiPkGHrZse9bGjB3vMyTVBhIK9QaXhDJCKDalovGFCrYKQkAICIERRkBEdIQrQLcXAqMVgV5ElECAG5FQ0tqbzoZojEPjJTphz8EfZiOGnWfPfsf1RI879jiQUMRHnOjS5BNRGhR14cKhcx8+59rsmquu9KH4efPmWwuH4qEjypmUOFVqBuoLdIFFA6VcnIQWMHWAin9ERIsR0b4QEAIjgICI6AiArlsKASEAAhkpdcagoISOTJTTfkZW3+RhdfW11tDYCGFeh5MvsrKpU6fbCliIf/gjH/Gh6Pb2NgxLF+auL6RYOv3Y7ap4M5PBlKZOwmvdp+r3r7jC7rn3Plu1cpVtWLfO6mvqoQOaI1ocuEeA7BQ71Av14CoLIOZII1Jf6L0muVUQAkJACIw0AiKiI10Dur8QGKUI9CaK3UBQIkqeRK7K4Wm8qKy+od6Nb2iclIO+5KLFSzEN6I623/4HWD3mVu8iVmRnfm1hI9rlka6tatsIfj2JSR66no0g3pR2roLrqosvusjuuutuW750qWVBUOshFSYxz2FKVJJMgkQ1hsBBg6AzrMuWVUS0LDQ6IQSEwKZDQER002GtOwkBIRBDoBwRDfzIfYViBwPzTrZqaHwDtkWVUBovtcJynMP0xx1/jG25xUTwsboo9QQSUWLBsnXA6KgeQ+0kmS+/9JJddNGF9uijj8I1UzPcMuUw/B75A82DiJOkk3y7EgOMkjpd/zNST+iXhBKpAHSEmn6FgBAQAiOCgIjoiMCumwoBIVCOiAZkOt3qm3qiJGmgWyCaJGp5iP/8GHRJm5qaMLf6NPvgKR+yCZgi1EMCiShJYZ6O6CHtJAn97f2/tXPOOccmT54MfdAmeBLI+1A9hbodIKNBYkwS6lOesuBgppSQDoiEMr6IKFFQEAJCYIQREBEd4QrQ7YXAaEUgSPeK15GBDtQbQaqoJ0mZaDQEzSH6OgzDQxcU57Iw0EEs27C+Cb+1duyxx8LKvt5Ja3RdMbIFhlp8eJPtRx5CqXQQ/miQlc9lkGdIQkFCN6xbaz+55Wa75uqrbeGCBe5DlQSTBJS8MU+JqEuIOX88pKAoN0DCmmVDaow00GWTlVs3EgJCQAiUR0BEtDw2OiMEhECVIEBuRT+jHH6muybu5zCDEPVGW1pabN78ebYDfIvus/deOAN6hikue4eRJqLMdU9BJMtE/6D1jWMxVec0+853vmO/+MUvbeXy5a6C4CV18kkpKIflI9Mkn7YTos/AOXuXVUeEgBAQAslAQEQ0GfWkXAqBUY9ATQ1IWCelfxGhq4ePUSdykCZuaGq2N95807baams7+JD3QZ8yW4KMVgcRjWSXJNaRtLcFU3M+/vhjdt5559kfn/2jtbW1QtoLQyT8BWmxS0JxoQ/LA4YOWMy776pR3yoEgBAQAklHQEQ06TWo/AuB0YIApYE0yAEZpY6oG/hQ+onhekpA18Gt0TvvvGP77rOP7bb7Hn6+JzSbnoiSSIbgxkVhp7DmUPx3v/c9++EPb7D58A+a5dSlOEdjJDdeQvki/wEFiSi5OKfsZLK0mFcQAkJACCQcARHRhFegsi8ERgsCri7qhQUpo/ESDpC0uYSUxAzj1c0tzU5G33fIIfaurbYqSEULBLTYimeoeWk353RJppPFeOWAlObgfqkOrqbyWFMmes5ZZ9vvf/97W7tmjdEXaifH3BGPcThlJ5Mkl40WZjha3Cgpnra2hYAQEAIJRUBENKEVp2wLgdGGAP2HxkNnB6SiQTIKpkb/m5SSrgapW7lyhZ1w4ok2Dpb0HTjO4AZP8QSGmojG0y5sxyWinRhOpzEVCfTSRYvt4osvtvt/+1v4Cl2BPHaAeOYi6SeK6TNLoUw9SxxlmEP2/Cs+W+L2OiQEhIAQqHoERESrvoqUQSEgBIhAMRF1WSjJKPgZCShpGofp89AZXbJkqW255VZ28EEHwhAIszJ5JNA697VZWEfyRlxFusdluJgppJxIn4S4vmGMvfTCC3bBBRfYH//0J1sJEsq85WMSXreqx35wUI+LPXchfy7YRVbjJJdxFISAEBACSURARDSJtaY8C4FRiEBvIkoQIBcskNFGWJ5nMLzNQIni22+/bRMnTrSDDjzASWBpS3qPXvjZeCJamhyS5BoMkHLwD/obO/1bp8M/6BRbsXwZjtZgrvjITVUUixoGHU6mI4lnXA+0kL/CqvS9/Fb6EQJCQAgkBoEa+OQL77/EZFoZFQJCQAjEfYVS0Dl+/HjXHc3nM5aD9HHihIm211572S9+eYftsuuumLGoAdLRMQBukK88GEmVCz1JIWSaGFZvb2+3sWPHuoP6+fAJeuWVV9mzzz5rixYtRF7qrA2kmRJcbtManp7oKTul/isXli+ujVCs4so4CkJACAiBpCMgiWjSa1D5FwKjFAEfbkfZnbBBV7QDOpYkgC455VA9uF073CC99fZb9tGPfNg2m7gFzkHi6K6dMDd9xYS0f4lpREgLRBdS2TrohM6ZO8cuvOAie/rpp90oib5AGYPckySUgfs5jMUHQhvKRm2Brrt2bfglXXGjPf0KASEgBJKJgIhoMutNuRYCox6BQNZI3nwhkSMqYKC1YJw5TJlJoeH69etsxsyZdsLxx9qYxgYcy4MgBobnlBAXcV3E9JhWj1B0nn5NyXa5kFVG9DJ2Rd4eeuhBu+yyS+2FSS9YM6YjbYe1fEMDdFYZm475sZFHvjkc34F1KFMskShbRbfm+UBae8TVjhAQAkIgYQiIiCaswpRdISAEIgTipI3D1J20jnfCRnJI4yXsQPrY3LzBjZdWrVplx2AaUA7h+7UUj/YIxfs9TmKn6DwJaDjGzaLw3e9dYdddd73NmjUbuqutGIpvtwa4ZRo7dpznj0ZVHfnIFVUnputkWvEyFSXXa1dEtBckOiAEhEACERARTWClKctCQAiQy3UTQ2536Yw6KYymAo14Iq3SO23+/PmwpN/aDjvsCJ/DnfO7+zVd6XSnVxLfIP0srOlwnvft5Jz3HG6nM3pISWsw3H7Rhefb3XffY6tWrXYJbGtrq7tu4v1yUCFwaS1cNjENyEQxx1Kdu3Uqed8yB0VEywCjw0JACCQKARHRRFWXMisEhEBAIE5EeYw00qWg3CmQUTBDJ4vuSxTbNBQ64vDDbceddwYJLRDPgRJRphsPkGYyZEFE68dAyglbpuf/+rydddZZ9vDDf7A1a1ZjhqQMhtBheARyWluYCYmGSfkchvWjy5HnghFUVz7iNym/LSJaHhudEQJCIDkIiIgmp66UUyEgBGIIlCKisdO9yGgz5nTPgQBOmTLFjsMQ/RZbbQnmCmMhEEWGTipskhwWluL0PVLsx3klLPTr6utt/drVdvttt9nV11xtb771FvyDLje8XHG/yJk+CTFpcjaL4XjOEx9ugrWIaAxUbQoBITDqEBARHXVVrgILgXQgUEwUC/LNnoVzqSN+QATpb5TmTCtWrLRJkybZgQfsbzvutKPH59zuNXClFA/F6cfPBfLK9bz5C+yySy+1X/ziF7Z69RpbB1JKaaU718d5SkCzmZzP/ETpaHG6IqI9kNWOEBACowwBEdFRVuEqrhBICwIkez0Wp5nUDcVQN4hnNEzPoXlKOxk3b+1t7U4ENzRtsOlTp9luu7zb3v3uXaKpN6H7SddPYYlLLX2bZBYGUU5YoQva3tpic+a8Y+ecc4499dTT1gq/oK2tTQ5vQ0M9ht9piIT7Ug8U/xigxwppQPLq0tewjyvIl3uUpbhsJfbTUo8qhxAQAqMbARHR0V3/Kr0QSB0CQeIYJKQkogxj4MyehI+0j9xwzZpVtnbdejvm6KO7Len9fOmfzlw7LqUxEgglJKj33nuvXXzJpfbaa69jCD7nJDSLoXjqnkIeannE7aRBUnRTHAs5itIP+Sx9Nx0VAkJACIwOBERER0c9q5RCYNQgEAheoH2BiNJ/J0koZ13KwtE9jYdWYK73nXbc0Q55/2EgjJGuaAAqpNO1Xwf/n5idadHceT5L0s+gEzp37lxIPTvgqH69D8HTYp7pUhLakafksztNEdGApNZCQAgIgW4ERES7sdCWEBACKUCgm0B2iSLJP/EP6STKxyFwd2pPhoplxswZduThh9n2O2zfo/Td6USHO0E4//j0U3b5dy63J558ypYuXuwkNJuB2yamiz+qBVAnNBp+h6FSIQtMQUQ0wlG/QkAICIE4AiKicTS0LQSEQOIR6NK1REmceBbWnAKUUxnVYWi9HlNvtrsBUc5aWtthST/NTjjuWNty663h1jPnxkU0NqI+KAloDaScDz3wkP3gmh/YG2+8Zatg8ES3TbxBfW29u2fCmDwIKHRBcY8O6KN2uHEUh+mjpRjYYqJbfF77QkAICIHRgICI6GioZZVRCIxCBEhI48HpIAgldThJAmuwpjulHBzRr1692jZgKtCPfPCDVoshfJ+/HmSVIYdpOZ94/HG75JLLbOasWT5fPKcQDUSSaw7AO+mltBUkNLp3UA7wZHr9hOt7ndABISAEhMAoQkBEdBRVtooqBEYzAsVEtA76nBxTzxV8ey5ZutSlnMccc0wEE/Q7lyxaZN+/6kq74cabbNHiJZZtawPR7PB49Q1jXGLKoXgITV3y6bqhrhbaNwnlDURER3NrVNmFgBAICIiIBiS0FgJCINUIBCLqsktIMcEE3ek8ySglozQsmjJlKpzRr7AJmI9+8uTJdu6559qTTz0DC/u1loFklMP1FH3SiT1ZLIftaYFPnVPqiHK/pxy2PKQiouWx0RkhIARGDwI19fX1A31vjh5UVFIhIARSh0AtfH8ygH76uq6euqLRNi3pxzSOtbFjx9j4CRNs3NhxmJ8+Zxs2NFnThg3QI222RgzZU/rJQEv5WszK5C5CnXwWjhfOeyT9CAEhIASEQL8IiIj2C5EiCAEhkAYEAhENZSEhbWiAuyU6wGcAq6yFI/r6+gY3aOrAXPKZTLu1wQk+p+WMpKAQiEZ8FhdEw++UhEaX65vegdCPEBACQqACBEREKwBLUYWAEEguAsVElCUJZJTbHZCKQrgJwyPMngSSSompHwfz5HEGzs4UQmdngcCGA1oLASEgBIRAxQhEZqEVX6YLhIAQEALJR6ATpJNemGBMTwYKMgoXT3WRpNOH311aSkt70FMQ1WJL/OQjoBIIASEgBEYWARHRkcVfdxcCQmCEESAZtY46mzBhvHVgis4M3DnlczA6AjHNU/8TvJR8VBLQEa4o3V4ICIFUIqCxpVRWqwolBIRAJQiQjOYhGqXlvPsQLXozhqH5StJUXCEgBISAEOgfAUlE+8dIMYSAEEgxAsGKPpvDGD1CHpJQl5IWytxtCF/ETgvntRICQkAICIHBIyAiOnjsdKUQEAIpQICkk2Q0EFBayzPQ1SgDh+YVhIAQEAJCYHgQEBEdHlyVqhAQAlWGQEefVu7B9RKkngXBZzhSZcVQdoSAEBACqUJAY02pqk4VRggIASEgBISAEBACyUFARDQ5daWcCgEhIASEgBAQAkIgVQiIiKaqOlUYISAEhIAQEAJCQAgkBwER0eTUlXIqBISAEBACQkAICIFUISAimqrqVGGEgBAQAkJACAgBIZAcBEREk1NXyqkQEAJCQAgIASEgBFKFgIhoqqpThRECQkAICAEhIASEQHIQEBFNTl0pp0JACAgBISAEhIAQSBUCIqKpqk4VRggIASEgBISAEBACyUFARDQ5daWcCgEhIASEgBAQAkIgVQiIiKaqOlUYISAEhIAQEAJCQAgkBwER0eTUlXIqBISAEBACQkAICIFUISAimqrqVGGEgBAQAkJACAgBIZAcBEREk1NXyqkQEAJCQAgIASEgBFKFgIhoqqpThRECQkAICAEhIASEQHIQEBFNTl0pp0JACAgBISAEhIAQSBUCIqKpqk4VRggIASEgBISAEBACyUFARDQ5daWcCgEhIASEgBAQAkIgVQiIiKaqOlUYISAEhIAQEAJCQAgkBwER0eTUlXIqBISAEBACQkAICIFUISAimqrqVGGEgBAQAkJACAgBIZAcBEREk1NXyqkQEAJCQAgIASEgBFKFgIhoqqpThRECQkAICAEhIASEQHIQEBFNTl0pp0JACAgBISAEhIAQSBUCIqKpqk4VRggIASEgBISAEBACyUFARDQ5daWcCgEhIASEgBAQAkIgVQiIiKaqOlUYISAEhIAQEAJCQAgkBwER0eTUlXIqBISAEBACQkAICIFUISAimqrqVGGEgBAQAkJACAgBIZAcBEREk1NXyqkQEAJCQAgIASEgBFKFgIhoqqpThRECQkAICAEhIASEQHIQEBFNTl0pp0JACAgBISAEhIAQSBUCIqKpqk4VRggIASEgBISAEBACyUFARDQ5daWcCgEhIASEgBAQAkIgVQiIiKaqOlUYISAEhIAQEAJCQAgkBwER0eTUlXIqBISAEBACQkAICIFUISAimqrqVGGEgBAQAkJACAgBIZAcBEREk1NXyqkQEAJCQAgIASEgBFKFgIhoqqpThRECQkAICAEhIASEQHIQEBFNTl0pp0JACAgBISAEhIAQSBUCIqKpqk4VRggIASEgBISAEBACyUFARDQ5daWcCgEhIASEgBAQAkIgVQiIiKaqOlUYISAEhIAQEAJCQAgkBwER0eTUlXIqBISAEBACQkAICIFUISAimqrqVGGEgBAQAkJACAgBIZAcBEREk1NXyqkQEAJCQAgIASEgBFKFgIhoqqpThRECQkAICAEhIASEQHIQEBFNTl0pp0JACAgBISAEhIAQSBUCIqKpqk4VRggIASEgBISAEBACyUFARDQ5daWcCgEhIASEgBAQAkIgVQjUp6o0KkwqEejs7OxRrpqamh772hECQkAICAEhIASSiYAkosmst1TmOhDO+vp648LQ0dGRyrKqUEJACAgBISAEhIBZDTr8nuImoSIERhCBQEbjWairq3NCWnxOktE4StoWAkJACAgBIZA8BDQ0n7w6S3WOSS6LpaG1tbXGhdJRLsWENNWAqHBCQAgIASEgBFKMgIhoiis3CUUjwczn80YCSpLZ2NhoY8eOtYaGBj+ey+Usk8l4UYoJaRLKpzyWRyB8XJSPoTN9ISD8+kKn8nPhA1cjLZVjpyuEwMYgICK6Mejp2o1CILz4mQjJ54c//GH7/Oc/b9tvv72NGTPG1q5da1OnTrXHHnvM5s2bZxyiJzHNZrNOWrnO5rKWz+WdtLa0tPhxEleeY/wQgq5p/J7hXLk1r2c6zAvXxdeywyJh5v3iJLlcejrejQDxCoG4EkfWbThOvLlNjPmhwvPcb29v9/rgtYxfKsTridfz44Z1xHRYlyGNIGEvTiPkofh48X5oU8XHh3s/5I/3D9u8J7fZZllO4scwbty4XjiFchOnQLrCKASvIa4Bw1LPEOOMphDHeCjLPVLtZyjLoLSEwFAgIB3RoUBRaQwaAb7k2XFuvvnmdtttt9lHP/pRJw6hY2xra3MSMXnyZFuxYoXHjRMQdpi8nse47sh3WC6fc0LKTIWONnSsYT2QDE+bNs0WL15sy5cv94UEJh54P5Jfdvqtra1d94zH0XbfCLCe2QbYKRNfEh/WEdc8zvMkoVtuuaV/oOy+++727ne/27gm/vHAeEuWLLF33nnHXnrpJW8TGzZs8PbDOmL6bA+hbfGe8TR4rhLSMZJEghiFtsx8h3ZO0h2wJOnmNssUnpmANa/luYBHiEM8wjGeD/eJ3yOOeZq2K6n7oSg38VUQAkLATBJRtYIRQ4CEgB0kOzl2oHvssYevAzkgGaGklMtRRx3V1dmyc+yrYwwdNAvGeAzhWFj7wQH8zJ8/3xYtWuRLcXSXwIL4NjQ22LXXXmtvv/12cRTtl0GAnX4gP6wT1jWXnXbaybbZZhsnm1tvvbW3CUrIt9pqK3vve99r73rXu2zbbbftqtd48qFjZ5uaMmWKrVq1ylh//JihZH3ZsmU2d+5cl66ToDIE8hGujaeXhG22bxJwYsfnhmVlmcaPH+/SX665TJw40aWjPEeCWlcLol9X6/GbmpqcpBOv5ubmro+qOGEnFknFqL96DG0grOPx01rmeBm1LQRGGgER0ZGugVF+/0BCwtArOwN2gOwAAokkRDzOuHEiGTqJeDzGLd6PHyt1jufLhV133dV2h/SN9y2+NgzJkwQ8/fTTIqLlQCxxPNQdPzJ23HFHJ5x/93d/Z//wD//gZDQMp5M0kViy/ok/F+LO8/G2wFuE+uG5Qw45pKu9UBoa4vO+vP7mm2+2Z5991onpwoULPS6l2uUCSR7ruVoCy8r88Flh2bjNUQXite+++9phhx1mBx98sH3sYx/z8yw34xIz4hHac3jWWC6WkWT9kUcesd/97ndGXKges27dOo9PiXKQrFYLDkOVj0BCQzsLH8NDlb7S6RsBts9QB33H1Nk0IqCh+TTWakLKxE6QnSI70e22286eeuop22effZxQFJMMFikQjU1RvHD/sC51T748Q8d85pln2i233FIq2qg8FnDjmvUcArcptdtiiy3s5JNPtv/3//6f7bfffr7P4fehDCEP5dKkJJCkdM6cOS4xZf298sor3iEGshbaKNveSHSUATu2s1Aekk1iyHDEEUfYZz7zGTvyyCNtS2C62YTNbMLEzfxDjlLQeCh+fkJ68TjxbZJSSv2Jz5133unqDhwdIGZcGAImXPN54DJSYcKECfb3f//3dsIJJ/hzyfyznTGQTDMQR9Ytl2JVmzge3A6LX4if4vjEkzjwONerV6+2lStXOnmnZJnHiEuou9CGAlYh3eFas+0wDxxFYJvhdgihrPH1xtYdrw9tjPdiuUP5SeyZBwbixW2eZx655nnGjYeQVvyYttOJQHcPkc7yqVQJQWAgL53w0hxskQZyj0rT5ouUL1F2bArdCMSxZgcTOpn999/fPv7xj9u//Mu/uBSUHRKxCxLL7hSGf4sSRAZ21JQe/uu//qsTUZKu3/zmN04sWLf8UAr539jOerClYjsLHTjJ5z/+4z/aMccc4/mmVNkDPEJ3doIMFDr08LzE62Kg92e5qRpBlYg9oDLzgQ98wHW0//KXv7jE9E9/+pPNhZoD646jGVwP5j4Dzc9A4vEjlh+Eu2MEg/lhnbHuGFie9evXdz2rrMeAT0ibceIhnOc6voQ2QJUHXhPOsR6CmgRVQ4jV66+/7iMl1DXndWznDJS+h7zF7zmU22wv//RP/2TnnHOO1yPbEEO8XGG/+JhHrPCHWLBMvM+MGTNcV5tlpmSd+/zIo54/A+uG8Xme7YYL8zDSbajCIiv6ECEgIjpEQCqZwSGQ5BcPX6Zc+DJlx6fQEwHiwk6JEg+SmXPPPddOOumkrqH3EHskSCjvzXyFPJIQc5u6yMcdd5x95rOfseuuvc4eeughr1vGZV1vqhDuxfuGDprYXXLJJfa+973Ph+GZX8YLnbhfU9Mzj4FgVJrvQCh4PaVbJFgctfjEJz5hVKGYPXu23XXXXXbfffe5xJR54P2Zp5EKO++8s0vXeX9+ZBS/W0isNyYQizieTD9+D54L5Gp3kOGPfOQjjh1J6ZVXXmkk75SYEqfhJqEsJ4kxJcSHHnpov203lCusB4NTwINpUKUpYMM2wfcjP1z4PP3617+21157zXWXiVc1fMQMpry6ZugQ6PnWGrp0lZIQ6BeBeKcVXlr9XhSLMJhrYpdv9Gb8/iQMCj0RID40NPrOd77jUqHPfvazboRE0sfOmEvAMKx7pjC8eyTJJMGBQIX2yI706KOOtl/+8pf2i1/8wiWmw5uT3qmHvGy22Wau58l8PPPMM3b00UcbjwUyEzAM8S02T97GkIqQI5IEYsT0WUfhPgcccIBddNFFrk7zzW9+0969y7v9HPMzUoESSpaZ7Yt5jZef2/H9UnnsLw7TZPnCEtosryMuxIrr8GHFeMzT4Ycf7uSLqh9UoWD+SMCGO7B98/ljCPVW7p4sy1AsVOUI6VB9hJLf0Ibe85732Le+9S177rnn7Prrr7cDDzzQyTI/cgKWIX/91VWIp3U6EBi5t0Y68FMphgCB8JKklCC8kMLLLL4udav41zRf7nyBhWu4H7Z5begweL9SL7ri8yFOSCOsizsivkg5DDaaQ8CKnR8D15/85CfdByw7H57nEs6H/XAdrwn4bqo17xkC65TtL0iqmC8SChr7HHTQQZ7vUO/DsWY+wnMQMKHkkyoCv/rVr+w//uM/3DVZQz38qULqSTdlJJ2dHcAVC63guwLJKBZQi+ivQDK6zhc2+sOZ+WDbZiAu3Oc6EC3WJb0c8EPjwQcetP/5n/9xjweMT4x4ns/gpiBdIY/MWwgsXwihrGG/1Hogccpdx/Ly3uH+TIvH4oHPA9U+SNx32WUXx4cYhfqOxx2KbaZLvVlKtIvzwvR5vnjZmPsyLfqtDWmScFMqGzDhcbYftqmvfvWr3rZvv/12N67jfYlZeDdzO6SzMXnStclAoOeTkow8K5cpQSB0vCwOXzyDCeElF178TJMvXi4M4WUWSCpfyFx4PLz0QhyuKwkhfri+kmvTFjd0HCTku2NYkuTkpptucuMzdkiB0CSt3Gwrm2JYnvdhWyYxodEWycqjjz5qxx9/vEtAqxk35ps6ttddd51dffXVtvfee3eRakoESU4YwvMyXGUhdsQx/l4ZrnsNJl2+k3bbbTd/Nq655hqXCPJ54bMxHHkm6WNdhHfkYPI8nNfQHzDJOUcePve5z7k6RXgOmHe+UwbbLwxnvpX20CMgHdGhx1QpVoAAXzwbE9i5kWSSLHD2Jb64wkssSEtJhLjwhcxhTa5LveQqfenx3ryGnchwdCQbg8tIXMsO9f3vf799//vfdz1L1i0t0ykVYZ0MNxHZmDKXyhvbFOs3DLluTPoDuZZEhcO4F154oUtiSaw4vMl88NzYMQWjpIEktgnihGc3YMdn7D//8z+NBmmnnXaavfzyyz40y+eNZWE5hjNQLzE8k2E9nPerNG3iwPcE2xSNiOhi67/+678cJz4j4eO50nTLxSfmO+ywg9+vXJyRPM72wDzyI+aqq65yYn7ppZe6UVml7+KRLIfuvfEIiIhuPIZKYSMQ4IuZHdpgXzwkoRdccIE9/PDDXfpGgXQyWyRANFygGxdaAO+7z762z777uEVw6EjDvYvXoVhMIx5CPF7PhXmgq5jRHk455RS79957e9QnJWLEiISKHXFfYaTIQ/wjItQt88l6DevQTv3AMP1wiltKQRmoW8dOmgvx43pAgQMLlQn2B5RscaQ4Tqy3QDJZx9T9o0HKt7/9bXviiSfc+wCvj1/DMsVxL06/0n2mzfuyzogV81RtgXki2SRGLP+ee+7pLt/++7//23Wow3tmqJ6D+ChEIH39YUIcWS/xuurvmuLzcez7Sie0aeaNUvNvfOMb/tF3+eWX+8QKxelqP70IDPDtll4AVLKRRSC8tMK60tzw5U1rVE7ryBA6N64pZQj7TJ+kKP5i5DY7BIawHT/vJwrneNzPoaOn5h0D7x06FfpXHG2B2AZc6d6H5CMEShGJLRfG4cdBF0EqcISa2gjHcE18TSLGzokElvXIwPuF+uKQZui4wzmPhB92cKyrkEZ8m3nxeixE5n5oIzwU0uc288z7MH78OM8NReB9SZyox0d3VjRmCWUMw9mhjCQV1AWN5704DygKzkdHc9mM1UGflCGOYSgv7xM+DHiMcXgPlpMLCVOcyESpdv8GHMPa81fAkvjTwv4nP/mJ3fOre+y8889za/GAY8B7KDFl2vSbOtA0mW+GOJ6hLN2l7LkVyFzIf7g+nkbPK3rv+XOAw+H+9KHLjzd6RKBFPY+HOuDV8Xv1Tq3/I8wb02Q64Z7lrgrthOVkHliPQXUgHCu+lnGYbvgACOf7uxfjhThs41x4f/oVngvrej4LleAa7qt1MhEQEU1mvaUi13zZ8QW3MYF+6eisOrywuQ7bfLGFbb70SEy4Di+4sA6dfchHuc4spBXikWyFzntjyxHSTNqaHStJKI1qQgj4hXU43t861AexDESMZImkiD4gOV0n3QZxus7ly5f7vPLFaTI+r2W+6K6HswzRUpnSJ7YHnmcbYN64Zgca6rVUfnnNUA+Zhjzz/swnDaI401N/IeBTNh7S68xhARmtbyhIn7FNIh+u5ZoLyxqkc9xnPniMxIPbxIm4hOtK3ZP5j4fiuHw26AYrA1JMC/s1a9Z49OLr4mls7HZxHsqlVyoej7HMxIHO6YvfC9xnmdhmAqal0il3z+LjTIdYk4xSeky9alqdEx/mYWPfKcwrw0Dx5nPDe/LeJJjcZpm5Zlosazwtvv8Y2I5YjhAYL+ASjx/Ol1vzGqZDMvrnP//Zp+ktF1fH04WAiGi66jNxpeHLhy++wQR2Gpwz3Od8jxHQ8PILL/LwUuQ6LLxfufsGYhLPE48x3ZB2uJ5plIofvzat2+y4qN/1gx/8wDuqODYsc8C9kvIzDXZ+/GjgjD5vvPGG+xycOXOmTZs2zes7zI0e6pfph7rhOtw3THlJ/5J77LGH66/SQIKOz+kUnp0tF9ZfPK14fsPc6/FjQ7XNfHI4/qc//al3wMxDyHul94jKTxIFIw9cnM+DRKBs69astSnTpjo+dKpO8tDa0urkkJJYShGJD6dZpT4hiQDx4MK2Hcez0jwFcvKVr3zFpb70nsCPxkCQhvq5GSx2obxUI+DHDvfZxtg2SgXqmfMDh22fGJK0DyaEdwfv96lPfcpHFN58880eH0eDSTdcEx9JKFeWEJdr1nU8UELLD77wbBTjyw+9bbfd1kl5aCdhXSq9eNqlttkuSGrppeILX/iCXXzxxV4PpeLqWLoQKP2kpauMKk2VIhA6orCuNJvx67hd/CItRzTDfeLX81jx9SFefB1/GcclJkyL5+Ln49elcZvuhZ5++mknL+xAAsHoq6zxjqo4Hs/xw4LOrm+88UZ79dVXvSOklC4QxtB5k1DF8Y9vU9LEQDLBjxRK4tjBc/50BqposLM79dRTjf4wufCaUp31cEpE/+Zv/sbuv/9+zxPvU+r+fnIAP2x32QwlWB22fMVKm4fhTaqs0IBv4eJFPsNPfFYbxg/tnS6YSM6pY8nZpUhKSeJJZJinvuqsv6zxuWCd/du//ZuT3i9+8YtORuP11V8aAz1f6bNHgsXy8Trqja9YvsIlwiwv81f8fgj1w7bOjzD6xfzbv/1bJ5HEL/6+6Q8z3jPkl9exDmjoxRmI+PEzFCHkl+UYCN6hPTA//DjiBybzyBm8+MwEYhvyxmeGJJznWX7G4YcNvT4wjVA+xud2SD9cX2od6oOqKvfcc4+9+OKLpaLpWMoQ0FzzKavQJBYnvIiffPJJ22uvvcoWofhFxhchh2o5gwmlPQrDj0Do3Ogo++677/aZiMJd0bWGzT7XHR3w94rOsb4gSWK9kmxy1hXqFb799ttOItmBBjIQ1n0mXOFJSrZowHbsscf68Pg///M/e8fKTpP5Ycc7efJkJxsLFizo1Zmz3VYSSNTZZklkqC5AEs97EdOQFve5lArEiUuIyzgBI6bx0AMP2ONPPGnPPPuMT6VIokXCznXAL6xLpR/mpicmO+28k33sox9zB+TEgffktQGbIO0slU65Y7yWBIeSUeLQV17KpVHuONNm+6HBXMAvrMtdw+PEhgvbMz9a+gpx3EM8ki9KBj//+c87kdx99929bAMhfsX544cCvU4sXbp0wGmEfJRaU2LLaTXLheL3KeOxXogHdVb5HMZDOckvy0psKB0mFh/60IfsS1/6kr/Lg5420yl1v3j68Th8RqiucsYZZ3h9FmNVfJ32k41AZW/SZJdVua8yBMKLabAdUrxjiG9XWTFTkx12UgyUBp1++uk9SWgZ8hQKH+qaBkocMiYJZYfH8NZbb7nFLDuvZ5991tauXevH2S7C4geG+Id6p/R2QP3Wr3/9667reu2117pUKkh/2K6Yh4EQi/6yx06ZZaYhT5A2Mf2w9Iiz7P0AADolSURBVNfZEkMSS5JkBnbW3Kbkk9NufuGL/2N33H6b69BSssz7MQ7vORAceQ2HzilFfXHSi+6G68QTT7T/+7//8w893puB+QxtwQ8M8Id5IFGkTiTzNdQh4Bfa2kDSJ4HnnPDMW6WBeFDqPhfSZ/pPpdU3JZpsKyEvlaTJDyPizfwPZHShv7RZtkqwYFy2RUrn+eEV2kxY83h8Ydm5sJ1xYbvhaMaPf/xjo7SfEzGE4fb+8hrOB9xIej/60Y92uZ8aTP2ENLWufgRERKu/jlKdQ774FJKBQJCCffCDH3TiFnIdOo+wX2rNOJSEhtDeGhmS/fznP7d//MQ/GtckQWwP7EADeQrxh3od7hOIGjtYDgNSL416m5/5zGdcYkkdVXaC5aRBleSLHT2lRpyBiP5CWU4u4RkgRn1hybyyY+fCjp+jACTv//7v/+4Evqm5yXLIK9MjSeJSaQfOcpJIBckYiQV9gtLv5QOQuAaSFPJcSfkZl7q6VIkIRL/S6/uKPxgCyHa2cOFCJ1h9pV3qXMCJ5zicTh1TupLjBw7TrTTwA4/ki21kMES/+H5sJ6wv5oXr4qU4PtsK65Wu7nh/7oeFaXBhm2I75BLO8dlheyQevCcly9TvppP6Sy65xG/DuAMN4RmgygxVH5hvPicK6UVALCC9dZuIklXygkpEgVKWSXYCgXRQ+saht/POO887JBY1dBqVFJskdOWqVW4dS1K2cMFC7/hCWuzkGMJ9K0l7oHFDu2MHFzpdXst7k+BxtheSL+aPElp2tJWG4vxzn87ev/a1r3lS3C+O09c9AmmlEcmkSZPsvz/9365HRwIfMOvr+r7OhXywjgOBZZqsE0pKX3rpJSe9tO4mPiF+X2kWnwuS3E9/+tM+o07x+U29z7bNdrAx2JF4MRAP4vbYY4+5L9jB4kMn9ySkQxFIDBkGSmoD2SMmvCa+ECsGtgeWLSzc5xLOx8tNPCgdDSoonsAAf5gmA6e2DaohA7xU0RKIgIhoAistLVnmC48vsLCkpVxpKQc7JtYRO5dAgmjMQovh4o4odEjxdTEOHJKnL9Gnnn4K+nT/Yb+6626rw7zpXOph7R3uEe/Mwn2GY838sXxxMsFjLAM7cQ47UtpDohI6dZ4fSAhl4DoQARoA/RySXw7NU/IY4nSlx76+p+Fy16lAlpjf66+/3vURX3j+hS6pFCNSYsXzfdVBV4JFG7yOz2EcZ6YTDyTj1PGkLi31MRnCvQLJjMcv3iahYDwunGucOARsemFRfHGJfV7DfHNN8hZPI7xT4usSSXg9UIIXb3tMp9RSfH24H69lIBZsM5zqlPmqNLBNcNRh3PhxFbe3UvcKbSyMZIS6KrcOaYSyh32ueU2pENIKWLANhmeFGFA6HD5c43XB7f4C4zDv8ecz5C3cr780dD4ZCIiIJqOeUpnL+AtrIC+mVIJQpYVifZAwhA6I0g364qQ0i0OHofOtNPvLYIjBKUAnvTCp0ksTFT9ORNiREi9KQjnX+EAC8efCdEiGuWYad9x+hzv7HomZvJgHtgMawHBKRro6CqG/ofbQjvjMc5seF0ho4ziFtAa7DvcY6PWVxu8v3fAOmz59uhuL9Re/1PltttnGttxiy1KnKj7WUB9Ja3lhJWVlncTrpZJrizPJa+n3l35BBxPYXrjE8zOYdHRNdSMgIlrd9ZPq3LFj5cubL6vw1Z7qAieocHz5s04oVQkSQTquP/TQQ10fbjAdQwZD8pxLmoYwoFkJQmNwWaV0iIGEfg/oRnKYkZKcgWAXOn9iz3rgc3Lrrbfat8/4tkuZAukZXM4GdxXzTSLKNQ3Mvvvd73q+WM5Q1nIph+ec7SoQ849//ONOSIlJf9eXSjeOI/EKS6m45Y4FHONplYvb3/HwzLC+Z82a1V/0Ps8PRX4oWWUYaFrEgnFZF+Ga0A77zGyZk6Ge2YapMzqYwPcPcVVINwIioumu36ouHV9QoYOiG5RKQ3x4Jrw4K01D8UsjEPAk8eAHA52dn3XWWV5flIjGsS+dQs+jrOdLMXPMQ797yGpAPPIFktYzVrr2QsfODjlYi7NjZefOc1z6CjzP+By+pmuzCy+8sEtXlWlu6sB2wHqn9JNSWurRXnPNNV3kpb/8hPIGwkYLcVpXk2iH9tZfGtV8PhByloVSwMEE6v+uXRd5jRjM9fFrQhuphEwy76FtVnJd/L5hm+2W73hvN1C/GUxgW+H1CulGQDWc7vqt6tLxBRN0xChFCOSGL8JSL8FSx3h9eHkm7cu52jtf5i90ZpyJiE63S9VBVyMrUiMLcUlaXn75Zbvj53fYKhgpMXSCjOU7i/To+uZlXbdJ0gbJCWdzoj9EzhUflwQTn0DOepSpgAOfBxJ2usW57LLLXP+QdcLrhqPthPrqkZfYTrg3yQUD92++5WajFwUa2bCsA3kGQ7kZ9/zzz7fnn3/eh26ZXngHxG5bdpPx4/iF/BevyyZQOEEdUaZVHCrJC69lXngN0+pPVaH4XmGf2EK2G3Y3ah0IXMCjv8RCPPpmZl1ubOC7I9RpbV1PIsp7hfuVu0+oW7aTUvVT7jodTx4CPVtH8vKvHKcAAb5o6DIkWIuGF9BAihaG9AfSAQ4kPcXpRoAdGTskdiicESfUT3eMvrd4LRdadZOIxWf26fvKdJwNnS1dQZHEDya0t2fs3nvvdefigQAOJp3huIbtY8H8BfajH/2oi7gM5NkNcUguOBJy3HHHdX3wDEc+N1Wa4aON015S2juYQGMnfpQPRQj5qSQt1umGpg1d9VnJtcVx+exzRIVrvt9D6I+AhnhsJxQ00Eiu0o+CkIbWyUBARDQZ9ZTKXPIlw5cNXzIkkoHoDPRFxY6MVpnhqzuVII1godgBEFvOdnX88cdXnJMgkaFuI/1xsp5DhxLWFSeaoAtYflrKn3DCCf1Kf8oVayEMgu68884u3MrFG4njJBisxz/84Q/2xz/+0bfZXgYaeC2f9ZNPPnlAktTidAOh5fGBvjPKpRFPqzjOQPeJBwNnJRqoUVpx2pyOlmR0KPJDtQ4G5msg6YU406ZOGxIJJN/vFBRwxi7OXMVQST0xLt/vQS/ZE9BPKhEQEU1ltSajUOy0+LLhOsyvHF6GAykBOzJ29JwbeyRDJZ3vSOaz0nvz44CdGUnoYKQrvB+lob///e/91uwQKdULBKbS/CQtPstJ6VglpITtP3TWHMqf9OIkn61nMH5MhxsvEm22fZKn2267rWtGrEqeYV7PKVaLJcY83t9zFcdquMvK9Pm+4VIu8Fmh5I+TDAw0FGPF9yCJaGgDA02nVLwwStQfjuHaQPgGq98a0glrYsVngBJvTuBQaZkYf/Xq1X4dSa1CehGQjmh667bqSxZ/MbFTC8PslWR85513ti9/+ctuzMGXHl+mfHnRvU0YFiL54XYjhpjzeUzXiBfkKhgF1I9p9M6OL+qBdGqMw4UdDu/F6/iy5bHw0o3nva9OKx6vWrdZTnYAnDs6lD1eZwPJN61lOe1hsQ7wQDvHgdyjWuOwTR900EFdurVx/dDSeYbeHGefgj4d9QQ3rF9n37/yyi4CVG2YhfbPsnCaUeqy0qsC28pA2kl4bkiYjjnmmK5pJZleSCNe5lLPE48xDuNTLzNcx3V/IcSlw/7+Qrg378Vngmt+nLGO+ZHA8nKbH21HHXWUxwlEsFTajM/7My2+n0JcGn+FtPiOGWxgGgceeGDXO4r7/QWWMeSnv7ilzvNapsF78V3O8nH/U5/6VMUGR8SX6bBdkZgrpBsBEdF012+iShde9pVkmmSJL7pPfOITLn2Lv7z5IgwL02xER8FQB/96b7z+urVnM279y46EBjWhM/BIJX6oOkCJBe/x17/+1SZPnmxU7OcLk0R3IC/7EslW7SFisuWWW/psSoP5SCD55HzTHF4rrlvWS9rwKq5ISkPZLklY2GZq+7McBiYhZIHdb+//rb3zzhxvW6GDD+erYU2yEOqV+r8coqd/0HCsvzyy/tkO2LZo8MQpRNnmGCptH8SYz29oUwO5ns8sryERDMSH9w5p8BgDy8NtEi2myyWUkW2c+ed5Sv2uuOIK3w9l8wRK/DANBqYTPIbQC8G0adGwePw9VuLyAR0qljL3dxHzwjIyhLL3dw3PByxIxBmIqX/44938kY98xBem19/71S/GD+NyYbqPPPKIHx7otSENrZOFgIhosuor1bllZxI6gUoKSkkIX1x0Bh1e4Hwphpd9SDPb1m4NY8e4JfJOGM6va+jZ/MMLtdy9eZ6dFl/WdE7+3HPP2XfgkohWv7x/2gJx22LLLbr0uyotH+vz4Ycf9stCx1JpGkmOT4LBeetZdicrkMb3FVxiijZWA47SDEvuX993H66NpEyBzPZ1/Uici9crpwHl88dnr79niXkN1/I53ef/b+9coO0a7j8+eWvFO7khlNyg0vi31aXUu6l3X6ELUfSh0nj08a9XW39a4a/Cqj/VErpKNf6lpUQsiqISRVYS1COC+hNCEu8QkUXJ6z+fufd7Mnefs8/Z+5xzz73n3t/cte/sM3vmN7/5zuyZ757nttsW9qxFht7ZcmkiDmQQHx+kIkLIQwZu5QyY8j7jF1nJOOM0EA/PuXDnIixxcOwtZ8SfcMIJYT41fniG/HJG8vDzqj/ogY82PooVjjhrMfECoVrkVAorPbG5wIQLTOjhZY5ojGU5eYQnP8jDe+65x73++ushrD4ayoW1Z82LQMeWuHnTYZr3UgSozKm0REaBQZUezzCq3Pi10jcQ9IgOHOQ3SfYO8hM8+n/IKmeoYKkoafSY27bllluGc797YkUJedpg/Q3CPFz1/JTDJvmM+aHPP/98cEYWGPUmQ1mhFx1iAX7xSTeVcMD/3CfmhiF6yi/YJctqJRmNeo5+vHOMDrAVEgSc94g8L2fi9xQyJwJWLkz8jPDqwSOsiCh+0KmSAU+Fo/4QvujOJRlKH/FxEQ82e+ty3C2Lk0477bRCvUO8sS5peqgeIa8f8yM0nFglEkYY6ZMWvpK7SDblMOv7qzRXkl3qOZgMHjw4dAgcdthh4RhXMKI3s1K9ijxhLvuCCy4IoyngUCsWpfQ1t+6DgBHR7pMXpkkVCKiCwmZxRz9/ZjmGexnm20ECVBnKDmEqEE/JwFY4Vaw0YhoyytuIxnK76z0NGatduWhkSL8wQGdhn6Y/PcUQqN5IQsGktbU1EFHKCPhVwotyiqFn9G2/qTkleE2bU3Dvzv8gMAsWLHD33nuv+8pXvtKBlGXRmw86hpK1xRflrBJe+vgjbvxqiJv4wLuSURyMbjAlILkgLC7ryNI7DtnigAJI6EYbbRR6RJN+S8WPH/lDX5FViOLEiRMdc1X1vJLuWZ7HOqjOisMl8eU3/kaNGhXeWTDBTXLAOdaP9xo36gnmQnONHz/ebbPNNq6lpSX4VdhkXLEeusePMJkzZ07YaUPhJEd+ze5ZCBgR7Vn5aanpAgSojHuiofJXr1bcAGVNK3NoadhoqNSgZA3bE/yxkA4Ms6Y9+PPEk14x5iLT28fVLI0wvaEQSchE3neCnmNO7KKcZcVLZRO8MIRVLyPkrpKhXCJjxIgR7uKLL3acER8b9bbKjbJMzykfGMoT4iStWXSWH+SCEWHB7Mgjj3RPPfVUYf9Q+VO8tdjSM4sMiD1ke8KECWFuMwuF6EmFkGKLJEoWepJvkE4w5AJP/Iq050mLygzxTJ06NezGQFx5ZEg3s5sLASOizZVfpq0h0DAEaMRoaGgI8hAEFMT/woULQ4MtMoVbbzFgRs+SjDDU75K2J6Ey8+bNcxz3CPmRUUOt393Rhlhh8hAgpYPh+TxhwQbyRFwQIHpEcctaVkVkiRPywyrzSkZ5AOElXvKVK4shLJfyFBnHHntsWOSldyOrrCzx4Uf5IDtLOHRkFIThdfSSbkkZSk+SoIIr5DXGN0u8yAcTDnC46qqrQpB645FFD/PTeAQqj180XieLsZcgoEqcCi1pVPkl3e134xCgYaAxydMYqOHChiSQt8hJNlaNS0XXxcRws0hHVi3ADbyfeOKJQo8oRD7ZO5dVXiP9UVa4IBPVmHhoPUt5oXzpI4ewLM4Bu6x1Bz2isV/u40tESzZpIm3EQb7meS8Ii3/SRY8hH2lf//rX3U033RTeEeLNKw+Z9TT0IqNDsj7GrZRueq/j/Bae9BxXY9jq7cwzzyzgXI0MC9N8CFiPaPPlWY/RmMqNykyNCbYaIFVocWLjypDKkgpQ/mmUHHNE/R6Mffv1DxWnZBAH0+80By9MvosEy1+fvmsbMcXFM91HQcKtKmw1Tkl/Id5koCb7rTSRFuFUKgnhmTo82zuIwAV3kTHJKhW+J7qx9VWc5vg+Lb344Ro5cmSal27rTn7zDsfvcR5leZcpK4TPalQmIT5xGcW9Et4QL4Unvkr+8ash5yz6QThFzGPiOmXKFHf55ZeH4Xjk1KueQA7YEZemOkhPlSv9LmdrWkOMTTn/qoPxUwnDWA4fAsRFuRHZP/HEE8N+tPXCJI7P7rsvAkZEu2/e9ArNROYG+W2VqJiogKjMqJzKVfr4U4WJX8L0G8CiEN9T4QklJhBPT46oUFe3N259/F6OhMVNFW2o9KLRNVWmei5b7nHGUPETnnSUeh77bbZ70qS0Z9Vd/mUTDnzIo95m+DgSDlnLhvwne5Syhm9mjHn/ZVQv6HeaHeOi91puwlK/S8ko96yU/zxukFB0EAllDuoll1zirr322lDX5ZHVE/2SX+Q59fzSpUvdEUcc4WbMmNHj6tGemHf1TpMR0XojavIyI0AlzQWh/OhHPloYEqJxwE0NSZpAGiuRnJkzZ7p/+Qn/fXzl1s/3iPb1MtZhWNmT0nD53wP6D/Q9FAP9ggO/pc5Av92L9xd+D1rHDfB+V69ZHRZMcCQjOiTjT/bU8ByyQY9A3Iim6dts7pBH0pzEIWs6WMQgg4zObPQVT3eyKRsqH1nTDt6UJ1Zmy2QNK//NavMO6YMuS3lJklXqgqTpauxIBydOTZ482d1yyy3hnjJR7iM7mYa8v2NclH7ZeWV1pn/0pKzPnTvX/fCHPwzb4KEndT9zTEvlZ2fqY7K7DgEjol2HvcXsERDJoQeIRpjKKWsFRKXFSSQHHXSQe/bZZ53vC3V9+7f1itIpOmCA3+Tab1o/cOAgf982XB9Ir59PRm/F0CFDwypYVusO8vF/5KMfCXtm0iCOGzcubMuiTJKesnFftGhR2DuRITh6PXqaIa3kh+w8aSRvmCNJg0vDS9i4gexpWJVKD+kmzXlIgIgoQ6uxyfNexOG64j5Peilb8i8imvX9z5K2WH4W/1n9ZJFLnp1++unuz3/+c9iYXR+red6jrPo0oz8WtkHOmRP6yiuvFOp9bRvVjGkynatDwIhodbhZqDogQAPERYUNYYEkxkYNVOyWvKcye/vtt0N4PaNnk21EV37gjwv8ANe1ZxWrkZMtHfgd91L8/ve/77AvoWTHNpUnhoaF8KQjNsnf8bNmuYfov/XWW22kXHNASyjPNAjfv10gFXg56Ktj3UTfyLzhV3/3BCxKJLusE2WTMp2lHCNI5Aabskg47vUs3HTzf2xZhe7SO1Y3DQf88jHH1k/ccyEjT5nhY1KG8Hqv5ZZm4xeCqHdY/uLw+MFIf+mleBQmaeOfQx3YiouPEsnM+8GdlFvut3TkQ1s7XpTzHz8DB8orIyHUZ5IV+yl3n8QJv6SbXk8w41Idz3ZVp556augFpf7WXFrCqG7m3kzvQMCIaO/I526ZSiocKi9V7CjZ2ZWQ4sKO4+I3xEGVKbowb6mciStqyS3nv9mekaYlS5aE/RV33333DocEZEnLMH+qClMuwJSGBrLRWwxpvtdv7s7KaBp2GuMshjIJUdlwow3D8DybnMstS/iu9MMG7zvssEMgMJCa+MOulF7xuwYJ5YOHdyp2LxWukhsy4nczzT/xSM9kGJ6pjpAs3ORP92mycYeEnXfeeW7HHXcM2xE9/vjjBTKW3Dy/nJxGPSO/4rJKGvMY4UQYwmoLJ8ovchcvXhzqkiuuuMJNnz7dLV/e1kEQk9A88ZnfnoNAttqx56TXUmIIFBCgcoyNKt64QuV5TFhj/z2RfMbp457eHHosqjFvvvG6GzNmjPvLjTeERrkaGc0cRidLkQaRmkrpoazhd8gmQ8J2RBBRTLJMVpLTFc+32GKLwnSWLMQboqbe05deeikQUb1rWd4tva/VppXwkCDM3Xff7Ra+tLCDqJZhLY40tba2hrzgoYga+VEpfnr/SM8xxxzjxvj34IwzzghD0aSN3kpIcGeYSnqlxcmHohbJQZST732WMshHFBhhkz7Oiucjg83xmcfPkb+UaXDHj/BXuU/Tzdx7NgJGRHt2/nbr1JVqbFTBZ6n0ak2cGj3kJCtC6UalToVZyjRCx1LxNsqN4UrSyP6M4MHwex6z7uD13PHHH+duunlar+oNFUY0wjTG7HEJfnF5k59SNv4oczppiN9Zw5aS15lu6KV3Zeutty4QGdwrEaJQptoJHWRFGBEWklppLiVlkzCKn3Tilue9fPrppwNRZN/WpEGH9ddf3+28887uwAMPdGPHjg3znklXMg6lNekuQs6xl1P8tk2nnHJKh1XzpWQl9cj6W2Ukrq/yyIc4U16Z0zp79uyiNEp+mj6EhYTKnj9/fhhRIW+1+AjdtB6AjxB9jJCHeXRN08HcmxMBI6LNmW89TmvNt6Qip1JKVuidneBk76jia7Qeirc72DSi6hkhT/r5rbHKm/Zts9r56gBPZIcN29Rt6ofoWTmchnF5mc37lKFmhuc5e520i6woRXHZCs8YCeXy+EFc9t9//7AgTo14TLgkoyvtmJgMGTIkLPCDXKBn/CxNRwgJ6aYnjtN01Pub5j/pTvmE9BAfZ76DZ4xp0n/yN34ZLmbVNjokw5KGZcuWub///e/huvDCC91OO+3kfvOb37hNNtkkTLdQOpW3spNx8XtAvwHufy64yPVZ08ddffX/ug9WfRBwSoZJ6lFKVjk3fUDyAYRs5MkuF460sKH8pEmT3KuvvlqUh1n0Ih7yg4syjy1iLDueooNM1QtZ5JfT3541LwLF+100b1pM8yZDgEqLiwqQSf2qoKi8GmFUYTYqvkakqZ5xkB80Hpz+Uo1hB4MhQ4e48ePHh8ZGjXY1spoxDNjdddddgSypZyxrOmiUDz300NB7BG7dsYzSm4UhbeyQMGLEiCIyVym9pJM6YNbsWQWvpDULKcEfYTGdUbaQH1/07N18883u6KOPLqzy5h2BDGcxq1atdoN8r+Oll13qxviheg1LKw2kOUu6K8UFFkk5iqNcWPzw8cSQPB8/zOGML6bpVLrwz1x7wlM+RD6Jt17pK5cGe9acCBgRbc586xFaa+iNipMKjsqLyrAzGpUeAViDE0HvFiTjnnvucS+//HLF2H076hubtd44XGDddQe7733ve27XXXdd+6CX3FGWH3nkkUBUksQgCwRgtscee3ToVcoSrlF+eE8harzHLMpi/10Z3CsZEbh58+a5t5a8Vcl70XP1pKEHVzUYFwkt4yB96SH99re/7V544YWwCpwh7Sxxs7dxv/6+yfU9opMmnes23WzTgB3lJEv4MqqFRxA/4a5eUcmVXU4GfgiHHGGa1SZeSCe2LtKltGWJv5xu9qxnI2BEtGfnb9OkDtJD74IqLmwzXYsAjRBD8wzTVdsrumrVyjDXkeE+5poiszeZBQsWhOFOGmI1zEp/8rfcZYPVSSed5DgqVB9tetYdbN5ZdGz1i3mOO+64QLjj9za+T9OX3rMbb7wxfIim+cniXi0+Ik9Z4sAPaSLN999/f9iEnZEcCLF6h8vJ6defba38wjXfM/qJT3zC7b/f/oX3oR7vRYw38qohf/38KAZEUqMh4KOLdKZdpJv4iDd5lcPEnhkCINC7WgXL826HAJUWFR8VORVZfHU7ZXuZQsoT8og5fK+9/pr7cIUfhvS9nu//+/1gh/VL9IJGPaFy40Srvr6HBfPpT3/a7bPPPoXelrjRDB564D+GXiEqHHwQ0su3lb/W+E1uucJ80Pbf4d4/DuXfA8jfSj/k+x+jt3ejRo0q9DZBCjAa1g0/uvAfC6omTJgQFmQlpx+QFoze6aSaEFmGgVlRXU16JJ/6A1nVGPKF8FmN4uSdYKSADywRrzWrfHp9b2fq5SPxWxx7PDj9bYCbOHGiGz16dMAHGbUadEMO6eEgjzg/SGfyKhXf8neXF6bRKN9kl/JvboZAPRCovfTXQwuT0SsRoMJUxdkrAWiCRKuB5OQqFt6o55qFEFkMjRgN4Hrrrec4JIATq7SpdZbwzeyH3iOmnPz4xz8O+yeu8SyES0bEQL+Tdl9/BO0Gvjf0tNNOC9sikRcQNggGPVZdbfhQ+eQnP+m+8Y1vFFQhTRjyXUbpTNr4mTZtWugxzkMGJVcESXHKPY9N2GriVhycG3/rrbdWJYMFT0xpYNFWlh5VxZlmg0ep+rTWNKbFZ+6GQL0QMCJaLyRNjiHQwxBguJOGDULFECqrhTlpSW5FyYV7rOUfhcc0kDSGkNfLLrssLMJBdi0EoiC8G9/QewlxZI9MtsTJa8AZjPbee2/33e9+NwTPszgmb3x5/W+22WaBJLNiHUM+pxnSwaVhXuwnn3zSXf+X60OvcVq47uzOe8EWXRdccIFbuLDjHqRZ9Oaj7mtf+5obPnx4VUQ2SxzV+KmFmFcTn4UxBIyIWhloWgTUuGFb5dl52Qi+zBWdM2dO6P0p1etC7PhLM5AUZGy88cahZ/Twww8vS1zS5HSVO2nOayAaLHCBsLAvowy9oiJtsvUstlWmwfUnP/mJ22uvvTrsLSq/1eimsLXY3/nOd9wBBxwQ8p10Kv/T0kR64uvOO+90s2fNDpu7K6159YnjIn7pUIucrGH1HnBiUjyH2o+8hyH4SnLAbOTIkW7fffftMDWh2jR0VTmolE57bghUQiB/7VpJoj03BLoIgbiRq6ZhY1Url5m1CIAjDZx6MG+7/bbCCTgxxlkaT3oHaXwZhrzyyivdmf4c+mHDhoVeskAifC9ZP9+Kx3Pb1mpS+13fPpx57Xx8rPBdE6YI0DNHOhQn0wa4Hzp0qDvqqKPcWWedFXpyq23kkUXYf/zjH+7SSy/1BKVtaD4mUJVShgxO4mFqw3777RfyAp3BTHlAOuptkClcSIPSAkaQULCRCf78dwhzW0sZ0qvwEHT2Df7tb38b3JQHpcKVcyP9Kpfkl0woS+2klPs0g058JJC2avKXMMoDFly9teTNsBApNT7f2kJSdQ3o13by0hn/9TO34QYbBh2Un2kysriD56CBg8LeqvhHx6zpYyqJylaWuMyPIVAPBIyI1gNFk1EXBMo1GqUioMJUpZk3bCl55tYRAeEbk6Z5T8wLJ8OIoDBUjD/8xP46SmprDHlOOIgIhrmTf/rTn9xnPvOZEHaAbzx9n1aQJ9KSlFPtb8rHqtWeWPl5lwP6D/Tb6PQP24VBZIiLdDBnjzmPLCKZMWOGO/nkk92YMWPqMoeP+K+95lr37HPzQ9zCrFx6hCkkAswg7UxtOOKII0IPGs91Sk01i33Kxc0z4uWjARvChmE4/qKLLnK//vWvw+9q/oHFNddcUxjOluy8slTesMEHuVxZDR9FDz30UEhftUSeuMnL5557zk3ze4x+6PHCVDz7Ifjxza9Xd4stN3cnnXhyYSsokes8aSFO9MBQFthpgbIhI6z0O82O3+c0P+ZuCNQbASOi9UbU5NWEQN7Kt6bI6hg4a49DHaNsuCgaM3pMJk+eHDZqJ800ejGREBmolI8imrvttltYkX/iiSe6zfwJTOw9KgJUzwSiex+vL2SUC0M86NnS0hJ6+K6++mp3xx13BAK67bbbuk996lPhVCiIQT0Mp9bQq7ls6TsF4l4JJ+JFd2HNKVXM1f3Zz3wvmicbEId66VcqjcRN/pJfO+ywg/vb3/4WtmqKSY7C4beSQQ6r5EkDJi47lcImnyML8gU2pfRJ+ud3XD65Z/4uJovuwWP0D92FD3Oop0690X/k+LLiyWV7EYt8p9+uWrHaHXzQQaEXXouWkFutTuDCbgZgkqV8STP8kg7szixTis9sQ0AIGBEVEmZ3OQJ5Kk2UVQ9AlyveSxSgwcewMIPewjkPzgmNlghB3vwjHA1ea2trWPDxhz/8wR126CHheEstgKkntMSHGTx4XTfc9+ztuOOO7uc//7mbNWtWIIhf+MIXwhA4/kirphHUSwd63a6//jr38MMPe1LctoBLZKMSdvjjwAeIJwT01FNPdVdccUUgh+grAlMvXZHDRwZkhl7Qb33rW2E6BVtJVWvQnXnC5557bpjeUQsJRQeVR+6r2YmBMAonG1l5jPKPsjLLz3d9+eVXPKulbmrrQa4ky3O+QMZbR7a6XXbZpeY6jToRXeIeXulYSReek0eVymIWOebHEMiDQFvNnCeE+TUEOhEBKlIqzrTKM64kuafCJQwXq7L5TaMsf3Fj5R3DHL2wj6PvtuAZPXAMB6/yvRs+ZsexlPE80dUrV7k1njRAmPBPPBjZIi00qh3iyoCRZGTw2i28xOl/5pln3K8u+lUYYgUDpT/ON+VBQXnf6PqcXfuT/PAXYciTvT7/+XCxgf4Lzz/v/vjHP7r77r/PLfanOtFAKl8hR/yO40JomANKbvo8UtzsY+q39g7Eb9NhLW7fffZ1hx52mNt66639wqm24UvmX+KfdMiQN5AT4tBUAj2r1l7pu8le8Wk7+5z/drvstmuIj3iKhtXXQtQhKvX6EYa8OMj3on32s591v/vd79yMe2e4B+c8GMo/OvNc5TEuZ7oXPirX5B9uXITDpleN8+5ZKEXvcGH/03at4rzsoKjPZwxk22eHW+kPNYAcgSMEmh5R5Cfzry3U2v/Sda1L8V2sq55Kdiwft1IGvRQPsnRfym85N8KuXL3Cnf/L89p6e/03m59kUjGNyOw3wPfU+3rr877833DDDUGHanQhDEZ1IvcxBvwuZ8DoscceC2GQkSdsObn2zBCohMDamreST3tuCHQyAmmNRVq0NGytra1hs/QHHngg9BjhVxUo8mhg9Vvd/8wPZJgWs9qTA4hLcItJkm9GaGgHDhpI10uQE/c6SSZu3NMIVNN4BCWa5F+ykeaoQ/ZRpLcMEieykTU54EYeKd/5zUUPXEvLULfbHruHox8ho2yTs3jxYsd530/Me8K99uprRQTxww9W+Pwa5Hs11/EkcpD7+Mc/HuSMGNEaht9Zdb7++uv7Xr6BvrEmW9eSE+mQ1J0GuV6Nssgeq6xPOOGEMM+S06aU7rDJfVKBMr8Jt8UWW4Rh+h/84Afuuuuuc3fcfoeb96Q/MtOfGa6PA8ol9xiRFYklT0kfBnmQYggoR4t+//vfd3v7raNqMp6LUjaIZ+rUqY5eb3SBVFNeajEqj3r3JEt46nclm/SjDz3OtRj0oR5iz12mdmQ1qjc48IH6jKNDazGkXx8teeTwDoAF6bCh+TzImd9aETAiWiuCFr6uCOSpBGnQGMJl8cQCf5QiJ51ADGngqFBj4oiS7/n5je+99757991l/v69tlOCvDurqCGkVOBxQ73snWVhPqHoihpsJZj5VPKPLuiu3/LTk+13333XnX322W6nnXYKpI+0g5EwAM9KBj8igdht+eBX6Xvy8r7PKxrUsWPHBjHkJ0SJk4q4WHkdm5UrV4djRJnzyfD1Vltu6TjASIYOOm2twz1Gcbf9Kv5PWRKJK36az0U9x8uXL3e33Xab22677dwpp5xS6G3nwyeLEWbSi57bIUOGhBOOjjnmGPfiiy+GM+7nzp0bSA3EBr8Mi8eGfKLMsqXWxz72sUCe2E6IU7C4qh2uVhycDIXp7/WDnDENgvKB/tJdfquxJYMP0qzEKc5v7pctWxaiTr7b1egDlvPnz3e33HJL6EWO4yonDzzIC3rpWYjG/FnqlryG+LnINz4mqjG80+hjxhBoJAJGRBuJtsVVFoGsFXdSCKuuaTjZHBoZXKqUY79qWDnrebUfLqQHarX3u2jxIjf/ufn+hJdnYu/u5Vde9Y36AvfmkiXBneHg2LBwB0PvE8PJahhjPz35nvSy2IPGk54uFrPgJiKaNe0iVvhnqkSYP+nzBhIKMW1zX7swil5ArtiEssPxit5ANmVYZsRhRhDSVfzz92poPQWWt1QbgkJZqoeh/IEPunL058UXX1zYJipvDxZp0FQCyDKyIWS4b7/99oFUcuIR5J1nlN2YrCmPeI4+/EYeNjriVx90TF3IYpAjbGP/EOFDDjnEPe+nW6ALHxOl3s84TNb7kO/ec9/2TCf+UjqUkkfa33jzjZBWSLrwLOU3ixtlhTy4/PLLw+I3Pg6yGnAnj9hfl8MPmIcNRmmYVpJbNN2jUgD/HB0g5uR3sq7LENy8GAJVI2BEtGroLGBXIBA3MlScNJiqrNUo4Qf3ooalnXcQrm/fgSEcaRg5cutw7ezn22FWtzdmzBUN89t8g0WjrHiCJ/9PvSg03D/6zx+56TOm61GvsMEDLNm65ktf+lKY/3f88ceHtEM4MCKmcb6FByX+9SF/PObxEDXElI5CYV+Up+1ygvyUjhw4ShshTXqIGKuXw5y+2BAnvZfK5/hZNfcM/baVvbZ4+YA566yzAill1wCIB7hBiiCmxI8RdrKTcQtryrzeBwgR4cELufwuZWJ35BMGGRjJVbi0+HlOuJB/THXxZQKzws+vpofwyKOODMd4IpfyUC9D2tRjzRQa9EvTUWlLPl/xYdt2S+gETrUYMKAnc+nSpWF3AT4E0A+Myfekwb8MepHnDOnvueeebsqUKYW0xP7wn0yDZOAPTMC4GiJKeJV39K0VD+lltiFQCQEjopUQsufdFoFSlXseZZMV+gYbbxKC+zYhkB/JooIuRUYUPxX/8M2Hy3uvsMEE/LBpsGjAzjnnHDd9+vQwBMuKdBEZNWrlhp4LeeHlZRyh7nScw1SAdQYFEqH01jNSCArTC8CNnijmZK633nqBCFLeVL6qjbOAabUC8oaj69mbvv08ifGjDpDQceMO83unPldzWkqpEpNajU6U8pfmJtJO+a0HViL9vAvXX399mFKSlxCiEwT2Zr8nKb3meYw+KqotO5RxrhjXPPGbX0OgWgSKP9OqlWThDIEGI1CPxiNWGQIaSCiO6qxotyEFyYv4ueQey+oN98KfhouhPGw2gqcHjA3P6fEDGxp6bPlPxab9A0C4VvSfKijjA7rwoisZH0T6pRdfKpDtjFIzewMzcGFeHueVn3TSSQEzyAjuaUb4pD3vCveg0wC/CND3yK349wfu7rvuaiOhz/xf+IjLS8iypoF4IU+tfpFPMv8qyQBnyiYX97Ua5EBGIYT//Oc/3TN+qg/D3OXyMo5TPeZs47T77rtXpRPvIGkZPHhwLDrTPWHBUphkCmSeDIE6IJBe29VBuIkwBLIgQOXXLU27WjRwNCbJC717Y8WdzC8aLnphGIYEo0ULF7lJkyaFHj62eSrMNwtEH7bZHIa5jbfffntYTZ2VTGRNGXhRriAN6sliVTlzBCHzBcxSBCbzIMVb3ZxV1ssJZErFS36h1C89qT5m/Hj3/Pznw6IzwiQXSpWTk/UZpA9D+WNHhGoMYUlbPfIXGeQbFz3cjz7yaPg4y5pXkHX8MkR/+hmnh/nDcZooL+XINvFSrihP7A6R1+g9zqpvXvnm3xBIQ8CIaBoy5t7pCKjCw2YPUL7i1SiXi5wKU1/v+FMFnbSLZLT3uIWhX3/vaWSHv4L/hL+Ce+JGjQI6VyIOiaBN/VM4KxH8Vo+SyChz5RiePPDAA0NPn/x+uOLDtsVIHnkWJXW41NBG+IfncpeQKmyVNeaLcrFuCaM85LnSxZD8mWeeGVah33rrrVWtYG6Tnv4fvESk8EWZJt4HH3wwxMveoPSQ4YZu4Cr9JFVp0m89r5ctubL1tvD+rPbD8PzGJk+xp910U1iUNPFsP+912TtulXfjIq0qH5JVLxsMIHCaU8tvXck4krhA2hjSp+7B1EpGyUOllXyb4ud54ka80im2k/rFv0dtNyr08lK3SG78vNQ9OBAX716WerSUDNyQUysWabLN3RAohYAR0VKomFtDEKDShFBiU/HRmHDPRYXNMwz3scGvGra4Yte9wvCbSlxX8nks0+6rR4D8KmVo0Jb4HQeuvPLKcFQmcyGZNwjBUhjyGJKFifOnlLxq3ZCLgYCuXMl83zZJEBHix6bxfvTRR91Pf/pTN3r06HCM6ezZs93bb78dGnXJaAvZOf8p15BTVkxz3v2Xv/xl99jjj3Ugwnon9J50jibFUokP/cBB5Eq+Fvit01ikNuHYCX4P0ycDXhCxzjbCgrqgmvxRvUD+d4YBF3q5Kd958aBHk5O+0JH3KIvBL3mkvMoSJvZDuLx6xuHt3hCoFgEjotUiZ+FqRiBuPJiY/8gjj4RFLzQwVIhUrKxAVW8j/hVGla0qXn7rQjHd81wX7oRHrmRJHs/UUxru7V/NCJCPDMmSFxC6X/ziF6GHlMUY7KNJnpMXzMUkH1asXFE4B77myNsFdMhf77Zq1Yf+I8b5nrBlIW6O9zz//PP9fMZx7otf/KK75JJLwt6bLDih3EFyVH6Ssuqlo+RAOMCMeMANIjz2q2PdUUcd5e68887wLqALBtwaadAJ3chL6QA+4/0QPKcvXXXVVW65710kD9ENctfZeBEPupBH1ZJJ6hnVL/XG880333Q3+V5icMtrwPmAAw4I++JCZLPIUNkhrD7U88RLOLAA187Ouzx6md+ej4Ctmu/5edxtU6iGhEqP1cNseM1cr739aS78ZqieypU9IyEym2++eegxEjGg94jKkys2+k0Pa2z4zZBVvJo7fm739UWA/GWxBo09RIHfL/vjOqdNm+YY8iZfDz74YDfu8HGuZWhL6PlhI25WjpfK17zaJRtTiAELg7jY7P3qq68OHz8QYvxSrrA1rCmdsXmmcpVXj6z+1TOs4VjCMdfwr3/9qz/HfFZYwMKJTNtss43fbmxkVrF18UfayUewYz/QJ33PJ0d/cuIVpAcSrcU25HNnY0WiyCvVAcRZDfmqlsBmAZV8fPjhh0NZ+9znPpclSAc/HKu63ajt3MMPPZyJLKu8i5x3EJbhB+HUAYCsRuRhBrXMSy9AwC9y7N9x3LMXJNqS2D0QUAMfa0ODxiUywDMaGDU48kslmawoITAQH2xIJ8cncs/JMZBaKtpNNtkkPKNh4DQZ4sIdwluuIVMlT4MnE99zzCUEK4+Jw+cJ1139gmM5k0wvmJLPkE/yhw8ENgFnY/xvfvObjtXDNIz4Ia+VB6Xi0LNkHOQri3+42FoKIkUvOwQv6Tcpt9LzSulNysvymzjT5PK+UKZHbz/a7bnHno5jPTkOFWwgsTyn/GNUnsElfleEE370/sgt6Rc/TFlAH6ZYTJ48ORBijihVzxn6VsIJOZ1h0JeywfvNyU2882nYJeMHL/TmY4jdHcAia9ikrLTf1FnEoQMfwIw4VJ4JJ8zTZPDBdvTRR4fRA+VXml9kUwZ4jy688MIwXQK/aeGUb0o3ec3BIBxSwTO5p8Wn8GnPzd0QyIqA9YhmRcr81R2BZEVHhUkDSgXHIgIqVQzuVOpJkwzP3DoqeSpinmETjktklsaKe2TSqLNQgca7HAklXlW6arSlC0eM0ss3c+ZMOZmdEQHyAKJJbze9kuQZecjWNxyTOGzYMDd8+PCQjyIdaaJL5Q/D2zSq9NpxRn1aHifLUVocjXAvpwsYQKBnPjAz9JJN8YthtvTHmELYwYmhXD6uIPZ8YIlsgXNMfkgHsvR+ESd+FDdYzps3L8Tx9L+edrPnzA5Hqr6z9J1AQDXHlzBdaYgfcsdHDO81hvqD9z1On3QkfVykj7Q/9NBD4aMErBRWfuthq0zed/99bs6cOSGfJBf9uEoZ4crzVr8tFfnJ+1HJ8C4p3/Eb528cVvJxU30rXfThId3jcHZvCHQWAsWte2fFZHINgTIIqHJUI0HFiJvIA5WsKkuJURj9xsYfDTDPaHwxyOSiEaLihaBi8Kd73DFqjMOP6J8q5lgH5NMQoqPkREHstgwCwhHslC/Y/CYvmJpBLxxD6GALqRRhKCVW+SMbP8TBb8LxwUHZwCiPY7/hQTf/B8FCd/Sm3EHgwYgeStLIorCtttoqLLbi3HLKJx90fGi1tLSE0YA4iWBC7/Brr70WbORzz9A7JI2pDJBOsMfwTnEJv1hWV9xLj0WLFrkxY8aEaT06+lV5HeuFf8oXBI13n625VIfoPY7913oPnpRl9qKlh3LChAmBJIeP4f6+3LN6zhulQ/FJJwgo0zLQlbxUHSV/SVvvB+GfeuqpsPgOP2nyecY7wulxbL113XXXFQgvskphSBgzhkC9EbCh+XojavIyIyAyogBUoFTeMqp45cZvhcFvXMGKVPA8foY7V+xOQ4QfDLL5jR9V5Io/tiVftsKiQ7WNWCwrjqtZ7+P8KJWGZHr5DcmkweMekkB+CFPyjN8qB+RZnLdxHJKt8sEz7pFPQ07jTz6lhY9l6V4y9TtpV0pv0n+tvymn+rgiLcRPmZWeSVvxgQOX8IvdccMgq1R69M6RNxjFEX50g3/oo3cYLPQuyj2pYkxElWZshUv6r+U3OoA7ecY9F0Y4J23FJXc+ANAXGVnwJxwX7xP+9Vt5LPn6HT/HjQ8bMEzmucIlbaUn6W6/DYG8CBgRzYuY+TcEDAFDwBAwBAwBQ8AQqAsC5VcX1CUKE2IIGAKGgCFgCBgChoAhYAgUI2BEtBgTczEEDAFDwBAwBAwBQ8AQaAACRkQbALJFYQgYAoaAIWAIGAKGgCFQjIAR0WJMzMUQMAQMAUPAEDAEDAFDoAEIGBFtAMgWhSFgCBgChoAhYAgYAoZAMQJGRIsxMRdDwBAwBAwBQ8AQMAQMgQYgYES0ASBbFIaAIWAIGAKGgCFgCBgCxQgYES3GxFwMAUPAEDAEDAFDwBAwBBqAgBHRBoBsURgChoAhYAgYAoaAIWAIFCNgRLQYE3MxBAwBQ8AQMAQMAUPAEGgAAkZEGwCyRWEIGAKGgCFgCBgChoAhUIyAEdFiTMzFEDAEDAFDwBAwBAwBQ6ABCBgRbQDIFoUhYAgYAoaAIWAIGAKGQDECRkSLMTEXQ8AQMAQMAUPAEDAEDIEGIGBEtAEgWxSGgCFgCBgChoAhYAgYAsUIGBEtxsRcDAFDwBAwBAwBQ8AQMAQagIAR0QaAbFEYAoaAIWAIGAKGgCFgCBQjYES0GBNzMQQMAUPAEDAEDAFDwBBoAAJGRBsAskVhCBgChoAhYAgYAoaAIVCMgBHRYkzMxRAwBAwBQ8AQMAQMAUOgAQgYEW0AyBaFIWAIGAKGgCFgCBgChkAxAkZEizExF0PAEDAEDAFDwBAwBAyBBiBgRLQBIFsUhoAhYAgYAoaAIWAIGALFCBgRLcbEXAwBQ8AQMAQMAUPAEDAEGoCAEdEGgGxRGAKGgCFgCBgChoAhYAgUI2BEtBgTczEEDAFDwBAwBAwBQ8AQaAACRkQbALJFYQgYAoaAIWAIGAKGgCFQjIAR0WJMzMUQMAQMAUPAEDAEDAFDoAEIGBFtAMgWhSFgCBgChoAhYAgYAoZAMQJGRIsxMRdDwBAwBAwBQ8AQMAQMgQYgYES0ASBbFIaAIWAIGAKGgCFgCBgCxQgYES3GxFwMAUPAEDAEDAFDwBAwBBqAgBHRBoBsURgChoAhYAgYAoaAIWAIFCNgRLQYE3MxBAwBQ8AQMAQMAUPAEGgAAkZEGwCyRWEIGAKGgCFgCBgChoAhUIyAEdFiTMzFEDAEDAFDwBAwBAwBQ6ABCBgRbQDIFoUhYAgYAoaAIWAIGAKGQDEC/w+DsUIvZYi68QAAAABJRU5ErkJggg==" + }, + "lastModified": "2021-01-01T12:00:00.000Z" +}, + { + "_id": "1234567890123456789023456", + "_class": "de.novatec.openspace.usermanagementservice.v1.sensor.SensorAdminEntity", + "data": { + "_id": "9bcde7fe-df3d-4c6b-b392-36f4087b0446", + "client": "Allsafe", + "title": "CashMyData (iOS)", + "createdAt": "2021-01-10T18:05:00Z", + "tester": "Elliot", + "logo": "iVBORw0KGgoAAAANSUhEUgAAAOEAAADhCAMAAAAJbSJIAAAA/1BMVEX///////0YTH61ubr//v/8/Pz///wANW8APHLHz9bd4+efq74AQXv2+PohSnr9//5lfpbCx88AO28IR31yhZe+wsLFxcWJiYkAOHDm5uby8vLg4OAAP3aBgYGvr6/u7u6amprOzs6hoaEARHwsUX0AP3LV1dV5eXllgJSfrLnS2uCwvsm5vcObm5uPj48AMGhKZYcAM3MAKWeCkqY1V30APHoAQG8AHGE4XH0AKGRra2sAIWB+j55jd5OSnq4AFl94i6hIYolRa4hkdIuls7xygZ0xUW+MmaYWQWtSZoSaoqyFmbUkUoNXdpokTHM5XoZPan/S1+Pi7OYAEGCrssR+taBcAAAOfUlEQVR4nO2bD1ubyraHZ5AhBIMkwUYgiRgJekKsiRKxPTmgUt317t3a0336/T/LXTOQfwqaqL33ufdZbx8JITDMj7VmzVqTlBAEQRAEQRAEQRAEQRAEQRAEQRAEQRAEQRAEQRAEQRAEQRAEQRAEQRAEQRAEQRAEQRAEQRAEQZ7H4BvZoNSQ5f+tPlC62L4/MmgzKDQPr7/nDi8Cd4et8psEcnTHdV3HEQIZ2/RqsLwsz65ibPMGMuPJ9BVXPtsrIvMWqTb8V9r3R6ORFU3i7arDLWls5q6UKEq2xxR4s3k/GRjRUN5XIddnKERLHi6vduJwMGwMfyXX49HV53jIqLzRrSitJkl2BbWTxKUbd1Rxw8nOQ6K8rw2ZojTGl2r9xCEL/zeC7ZvLUeiSzQyxfebr2V7j/FyjGwes6rnv+f7N+8YBSoLx5Y8h79iSGArepoXWKHTA2YrvJ5PdNH300fbFTq6walW0DQMGM2xf6twNwi/vpxCiJnHuppMqH+KrDxzGoEKcpOIPCZWVoosNtylVqqvHtmtzhWplUxsa5NpUeYOMvddsxWCYBdHoVoG9p08NJkVK3PjqjinFw/FXTTJ3Vw+9SSFlD94dTBXKK8J4IbIMsgaXN275UJMNgwwrOzY4UEFnx+ZE2lkevI8VKpvN3IZm1RqbXLAGNJyGpNAFZzflYbZfCWiB4/xtdbabVnXl+Tyy4YYDsWpZP99xsmfg9+HnASXPj2oYqs74c0CMJ4YedHb0Zm33GRtuqJBWm81No9OzMJJMtwt6/vQ89sOCMbUyqiC7u/Hq5M580Jd1lCmUC3JNOt/MqKqq9vT+r446Mvl19Se44YsnUoPq/XtXWY2ointuNciHC3DTlxXKIuOky2dS8eHi7jyYVdVIowXJ3usScZloo7t5kvUszKB2dKOsPG+ZDGqRQ/XIvFseiIUKKeRibhBoEJTyU3ncYjYcYvPcjp/608ptOGtRhqNMCwL3FZaklE36hrGGCcUdaXU6WBmwBkTSGLpVN6OXIo3BaCONfPViJ85nTz5J7U4iVVUng/kwCeP4uynFcb2eOvkxygw9mTRVNRo3+HPeSCEMwvMAer5Crv3RAX5MV66n9opCG3IBGJlD7qbPKyTkzvLUs0rT9/7I3it/x5bpVSxLNS++zGrRG880Jcmsmeb5LKGlRHvomFalciE1r5+N+QXI9uXXDeowRTaieNmINPEtx6CGE3nLk/5ThTCq7iI/bbTb1a/3uUJyfdHsJ1Ut+NU3L8L82L/qcWqa8Zc4/i9HyVVrqmftwnmDfk39uplAQur3usI9o17MPwSzd3FVIcNpVYyLDONTLRZjJ5Z8Y+E/TxUqNBjV7qCsgjf6n/lpf1VuxdOiTl/y3eyRwV9gLcdSOP/BvA9EoGGpZxWE2efQLgfgqSl4RjHe0ieSWTmhTOmnSwq1ZmcoejX0l3PTpwopCWuSI66U51El0cQeNDr0oZ38oZFqE2TQWWyA6boW/RTj1GB6xBO6tcMNnBhaPEn5LpUAsqJMpiTtmFLzBHo0PJ9Nx/CSdEaOaMrtgJvO3bfAS0lcG2dZ37za5GUub0QG51fNMJ80KChUl2Z86lSi62xdA6JxwkP3+rEGonzIB25cpnCShOFf4dev4V/fvHDXtEChAdfkEwYUGxMzFQIp+SLdO/OGi2wYRzekpBaGz294Q/kTaiwrNCCzjzQlNwnVeIK4drChpHEpmiqx4Y75LR2naTqGjWTWv0tqQziNz2a3CKzObd7Uba25SJcLbKiEHnS0oMwwxKJF3fxEZh/yrG3phNQc8wUWDjTk+4M11wz46Cf1PnlGYean+SDkQPYC/aleBjN/SmrQFx7nZcUdwaQ/6/9ThbJSHZljnXdukcNBEBfPiulaav4oUag/+OHiHZl44ZrrDcKt7zOHGzc5lkBVraUd+Gs250emQ5BGdTXJnqJBdrx0nnel0kxV4Xwok7Qj3Q95nTKbnhSYvVkwDOO+WjG5QjK7Zlmh3fTubgdz+mZM1h2H1NCmDfEQg+qauKKz6Vh0mdHgzA/bQYYWmurcTQtnfPbvC9OaDBXulNkBxQkjy/K8mtWUpDKFGqhXOZ1Op1ZTJSlde82IkuFn19hkcZlmtktUbjMe2DzJtCDX4AaueH0I5Ea5QqjPtiNPqj00eEUCwUmGMqnjWf04vK3qd6U21Czp4Vt/wc76NoT56J7lvp+Xh4/yUyNL2eR5lOMCZYhPfHamhtKXvE5HPFqx7ft6vgpSVj25SdQxz0L+Hm7ctqRoW8uuqHvlCq0GVdgCY4NVketP2Wvvw5pkeUdwxTMMGSK3uTtccG2qs1m7rHoyiBtGO5WEiFW8FKYBrpSvftWfseG82bwVsn7yffM9i2y9rZc54ZtMoXbFEzdKw86ZPW+LEtsy63m6U6JQrEj+9KWmDXkJ1SyfFyp81pdJXKbQ0O+91SUWun5OQyZx9toq1yWAl62twSBXSN3LIc9DwEnHixIEOjE2/TzfeGYVw1CGF/4vohhkOE8/of8P0tJssayQ0k9e+uo1jf7dCwoHf3zK+OP2Q1yfK4RZg68gN81kpVgc1PiIeV4hNWQ98hM+4nmukh/k4aREoUxCL8/KX8HkJYUnc1ZsCAphmg/90cqCER+XdyU2hFSUUuHBiqL7nYTv33b8TIgM1Y1XppAowaiTEJblFSWr0qWMv7+g8DEuvw3l4xCG1IPZX2mNKmMzz00LbMh0RXy1ZdDAqkHRrBjVC/+Wl1VUARFSqQ0ZnZi1AOoPBvan1N1oKXX3x6YK+S1J8J8jSPWDpvd1xUllut25OClQCCkMlY0/sohIjdiMHP4trBNJYEQeF6vN9K+y2QKkVWFW+cn34dxhc3sThX/uMHEH9gIGzXf4KIN8feqCKUJPDVYjgKJVpGwFQCiUZwq5lxrK2LoZBJo2vPEqA1EzkYFq3g80LbiGc679H/OA2VjNvCH9rUjqXQPO3P6hng02UTg8d3mr8tqhimcEcEMLBpUReQ9sde6lkBb7Oj82WHz3dHYGCilXqJq1s4rV8WA6zLOc+pnZqZxZvCqp1ybzaa5aqawU8pQmI8/kiVOtY+3qZAO0abYY/3V3Pf5RVXhoj2GSIO00HTxaJ5fJSZqKddOT9EvekSBNbR5kFKYnfasJ/+KA0llmetuvWJVmHcq/JN2dP+ej9N/2cvyF8j6oW9bIquyE2mYrUSxKREPfPaloCYOvYsx3JM/zKid8ptfvk5J1S7b0utxDsaXZaqlYGs1XMWCA2oGmlxXGi3bZfL10s++TGYkn+TJSWXXoiYWaKIpEgQg1vgGx8LL6YtPFCNWLZ0NFNkzXSvvFPLvxxK9AzBAOn5olAn9sJznfzHDXbJ7we4QdfcM1y7yT4kc68tLyK4+OxppJpgzzirzhLyYgc3Kawk3TMhN+G88wa/U6KIRJd7FO85t4x58ngIuETaHQlIqtyJcQpXwVA/6sBmg7OQ+KBNqtD71FcsX2Xt9PxloOec3veAqQiX35CzqdXnR831dz/DkdeKPCpgn19QW8PT8BF5ukBT7qnp5utfb3Fr18i0J9rw0tOu9ky/ieKbTXWBMbKoKiOON0j0TfFr1cKGT5hmUbsnJidlBsyeoVp3ZuxTfaUtGmyQYzDNTaO2lBwD7oLb9jmULXzfdth4hvA5kDW8cVvwNjtp6dylx9VZuji7cH9tKxN8C/4dZknnMIRKVnzFnaF7/mA23heVtmj8ehczzryamw5eER2XMPDk/3uMZe93BvHyQeu3t7Djs4+NiFM1t7/CBcdAg7LXLQ5q3AB5Ahn+7DxXa3u9dt7wmVezZ5AxAa+59ko+THQE+g1c9JwUPtHc72jg5go3fBhodgo6MuIe1TOP+wRVh3H3b2W/Axg9Ng/yMY/qDFz58pBOXiEfEn89HmFQG8sfee3G8TFKgURiFZs+qibjRWCuavD/uzPdZ1RMdY1+ZWhcd/yi3gnhJyDAOLHGbuvMeDpX0A8rPntaSQ5Aq5l/IjZL/35H4bAbn04GoABe06mYUxidwia7fmNiRbYJRTdxZpDo/AdByw6j+5ZPv4g857zo8ddvnZjxTu8wO5QkY+tt8UlXNgbEHNrrzwaxOFQMy9GQWFPzWzu7nrMm4tsA2bK9S7R20OYdlY1beOW8TttrODYNInCsmSwqNDcrRfcMMNFTKyOx28FJT5L9/Sz9USQ3fb80nh1Nk/yr1VBIlu/o1UppBH1G6bdfObCZPxccoV8gG3opA3vIipb1AIud7uZSJWM0sw+BcNbn9UJU/CaEb72M4Fkt7WKZ8MujxItKHP+6LPIPN4dsbBEdnnnzIHgrDIXsgWP2n/dEVhm3+w3zp4s0AOlGdXqVP288rs0TcqUen3ywwkfmy19nlgYMei992tw95+1+X+etjjEZKPQzDWVm//lD8AOLgHtu4df+hBKNGPt3qHrWMmYhYjPEy1Tlug0fnnG+NMjsz4asOQysU/dwTjOndXsV6+EguPoN1qHQmPE27JbEhUjzIXbLd6jjjCE7JeS8yY5KjVE1O+0+NCGOu1XMKjp0htbW7qtshOu2+OMwLuem48vQl4ObMcVQ3+tStMWNvN5i2Pt6UtsFmk4XFmtpuPu2xnOWlbSmJY/qE4OHtdfNh7e5yZt0ZpYzJNG1CCw4yX1+BUUUCVm9yfXz/z28xVRFh8pz6BN796LfgJCrfQyeQyChsrSz1/336ffr5uk7IY84gsF3svPnZb71ct8v/cAO4ZhObldHKXDHklcRvG0X/Ox7cOd9f17qQ771nAOuw9WxNTngITe/Br92ZndD6djpr9NGw4v7eg/59GBl/leafu2LbtOtxfFWM9//w/As2+9qVioY+7psL+X+kT/K7/L4YgCIIgCIIgCIIgCIIgCIIgCIIgCIIgCIIgCIIgCIIgCIIgCIIgCIIgCIIgCIIgCIIgCIIgyO/gvwFjAmJFO+s3MwAAAABJRU5ErkJggg==" + }, + "lastModified": "2021-01-01T12:00:00.000Z" + }] \ No newline at end of file diff --git a/security-c4po-api/src/test/resources/create-keycloak-user.sh b/security-c4po-api/src/test/resources/create-keycloak-user.sh new file mode 100644 index 0000000..4ec0d95 --- /dev/null +++ b/security-c4po-api/src/test/resources/create-keycloak-user.sh @@ -0,0 +1,28 @@ +#!/usr/bin/env bash +cd keycloak/bin +sleep 20 +./kcadm.sh config credentials --server http://localhost:8080/auth --realm master --user admin --password admin + +USERID=$(./kcadm.sh create users -r c4po_realm_local -s username=test_admin \ +-s email=Test.Admin@heros.com \ +-s firstName=test \ +-s lastName=admin \ +-s attributes.lang="de-DE" \ +-s attributes.datenumberformat="en-US" \ +-o --fields id | jq '.id' | tr -d '"') + +./kcadm.sh update users/$USERID/reset-password -r c4po_realm_test -s type=password -s value=test -s temporary=false -n +./kcadm.sh add-roles --uusername test_admin --rolename c4po_admin -r c4po_realm_test +./kcadm.sh add-roles -r c4po_realm_test --uusername test_admin --cclientid realm-management --rolename create-client --rolename view-users + +USERID=$(./kcadm.sh create users -r c4po_realm_local -s username=test_user \ +-s email=Test.User@heros.com \ +-s firstName=test \ +-s lastName=user \ +-s attributes.lang="de-DE" \ +-s attributes.datenumberformat="en-US" \ +-o --fields id | jq '.id' | tr -d '"') + +./kcadm.sh update users/$USERID/reset-password -r c4po_realm_test -s type=password -s value=test -s temporary=false -n +./kcadm.sh add-roles --uusername test_user --rolename c4po_user -r c4po_realm_test +./kcadm.sh add-roles -r c4po_realm_test --uusername test_user --cclientid realm-management --rolename create-client --rolename view-users \ No newline at end of file diff --git a/security-c4po-api/src/test/resources/insert-mongodb-user.js b/security-c4po-api/src/test/resources/insert-mongodb-user.js new file mode 100644 index 0000000..43baf99 --- /dev/null +++ b/security-c4po-api/src/test/resources/insert-mongodb-user.js @@ -0,0 +1,12 @@ +db.createUser( + { + user: "testuser", + pwd: "test", + roles: [ + { + role: "readWrite", + db: "c4po" + } + ] + } +); \ No newline at end of file diff --git a/security-c4po-api/src/main/resources/mocks/Allsafe.png b/security-c4po-api/src/test/resources/mocks/Allsafe.png similarity index 100% rename from security-c4po-api/src/main/resources/mocks/Allsafe.png rename to security-c4po-api/src/test/resources/mocks/Allsafe.png diff --git a/security-c4po-api/src/main/resources/mocks/E_Corp.png b/security-c4po-api/src/test/resources/mocks/E_Corp.png similarity index 100% rename from security-c4po-api/src/main/resources/mocks/E_Corp.png rename to security-c4po-api/src/test/resources/mocks/E_Corp.png diff --git a/security-c4po-api/src/main/resources/mocks/projects.json b/security-c4po-api/src/test/resources/mocks/projects.json similarity index 100% rename from security-c4po-api/src/main/resources/mocks/projects.json rename to security-c4po-api/src/test/resources/mocks/projects.json diff --git a/security-c4po-api/src/main/resources/mocks/user.json b/security-c4po-api/src/test/resources/mocks/user.json similarity index 100% rename from security-c4po-api/src/main/resources/mocks/user.json rename to security-c4po-api/src/test/resources/mocks/user.json diff --git a/security-c4po-api/src/test/resources/outdated_realm-export.json b/security-c4po-api/src/test/resources/outdated_realm-export.json new file mode 100644 index 0000000..d321e8f --- /dev/null +++ b/security-c4po-api/src/test/resources/outdated_realm-export.json @@ -0,0 +1,2230 @@ +{ + "id": "c4po_realm_local", + "realm": "c4po_realm_local", + "notBefore": 0, + "revokeRefreshToken": false, + "refreshTokenMaxReuse": 0, + "accessTokenLifespan": 300, + "accessTokenLifespanForImplicitFlow": 900, + "ssoSessionIdleTimeout": 1800, + "ssoSessionMaxLifespan": 36000, + "ssoSessionIdleTimeoutRememberMe": 0, + "ssoSessionMaxLifespanRememberMe": 0, + "offlineSessionIdleTimeout": 2592000, + "offlineSessionMaxLifespanEnabled": false, + "offlineSessionMaxLifespan": 5184000, + "accessCodeLifespan": 60, + "accessCodeLifespanUserAction": 300, + "accessCodeLifespanLogin": 1800, + "actionTokenGeneratedByAdminLifespan": 43200, + "actionTokenGeneratedByUserLifespan": 300, + "enabled": true, + "sslRequired": "external", + "registrationAllowed": false, + "registrationEmailAsUsername": false, + "rememberMe": false, + "verifyEmail": false, + "loginWithEmailAllowed": true, + "duplicateEmailsAllowed": false, + "resetPasswordAllowed": false, + "editUsernameAllowed": false, + "bruteForceProtected": false, + "permanentLockout": false, + "maxFailureWaitSeconds": 900, + "minimumQuickLoginWaitSeconds": 60, + "waitIncrementSeconds": 60, + "quickLoginCheckMilliSeconds": 1000, + "maxDeltaTimeSeconds": 43200, + "failureFactor": 30, + "roles": { + "realm": [ + { + "id": "ffe6c698-0281-404a-8f8b-16b8b489f76f", + "name": "offline_access", + "description": "${role_offline-access}", + "composite": false, + "clientRole": false, + "containerId": "c4po_realm_local", + "attributes": {} + }, + { + "id": "1cd0f230-beec-4e5e-9a59-8553da3ee74b", + "name": "USER", + "composite": true, + "composites": { + "client": { + "realm-management": [ + "view-clients", + "manage-identity-providers", + "manage-users", + "manage-realm", + "query-realms", + "view-realm", + "query-users", + "query-groups", + "impersonation", + "view-authorization", + "manage-authorization", + "view-users", + "create-client", + "manage-events", + "view-events", + "manage-clients", + "realm-admin", + "view-identity-providers", + "query-clients" + ] + } + }, + "clientRole": false, + "containerId": "c4po_realm_local", + "attributes": {} + }, + { + "id": "e67c470f-5fe5-4e4b-a996-0ef8e6df7585", + "name": "PROJECTLEAD", + "composite": true, + "composites": { + "client": { + "realm-management": [ + "view-clients", + "manage-identity-providers", + "manage-users", + "manage-realm", + "query-realms", + "view-realm", + "query-users", + "query-groups", + "impersonation", + "view-authorization", + "manage-authorization", + "view-users", + "create-client", + "manage-events", + "view-events", + "manage-clients", + "realm-admin", + "view-identity-providers", + "query-clients" + ] + } + }, + "clientRole": false, + "containerId": "c4po_realm_local", + "attributes": {} + }, + { + "id": "04320a32-4608-447a-98ab-422de17b1e97", + "name": "CUSTOMERADMIN", + "composite": true, + "composites": { + "client": { + "realm-management": [ + "view-clients", + "manage-identity-providers", + "manage-users", + "manage-realm", + "query-realms", + "view-realm", + "query-users", + "query-groups", + "impersonation", + "view-authorization", + "manage-authorization", + "view-users", + "create-client", + "manage-events", + "view-events", + "manage-clients", + "realm-admin", + "view-identity-providers", + "query-clients" + ] + } + }, + "clientRole": false, + "containerId": "c4po_realm_local", + "attributes": {} + }, + { + "id": "62b91792-977d-448b-8163-8d7bc8cd7e8b", + "name": "OWNER", + "composite": true, + "composites": { + "client": { + "realm-management": [ + "view-clients", + "manage-identity-providers", + "manage-users", + "manage-realm", + "query-realms", + "view-realm", + "query-users", + "query-groups", + "impersonation", + "view-authorization", + "manage-authorization", + "view-users", + "create-client", + "manage-events", + "view-events", + "manage-clients", + "realm-admin", + "view-identity-providers", + "query-clients" + ] + } + }, + "clientRole": false, + "containerId": "c4po_realm_local", + "attributes": {} + }, + { + "id": "f7584ecd-24e2-41ef-89bf-245671a31163", + "name": "uma_authorization", + "description": "${role_uma_authorization}", + "composite": false, + "clientRole": false, + "containerId": "c4po_realm_local", + "attributes": {} + }, + { + "id": "80382db6-cd7f-44e4-b3c3-4a59bbabdccc", + "name": "OBSERVER", + "composite": true, + "composites": { + "client": { + "realm-management": [ + "view-clients", + "manage-identity-providers", + "manage-users", + "manage-realm", + "query-realms", + "view-realm", + "query-users", + "query-groups", + "impersonation", + "view-authorization", + "manage-authorization", + "view-users", + "create-client", + "manage-events", + "view-events", + "manage-clients", + "realm-admin", + "view-identity-providers", + "query-clients" + ] + } + }, + "clientRole": false, + "containerId": "c4po_realm_local", + "attributes": {} + }, + { + "id": "9681689b-afc8-4252-8339-5ed97eac19b5", + "name": "COMPANYADMIN", + "composite": true, + "composites": { + "client": { + "realm-management": [ + "view-clients", + "manage-identity-providers", + "manage-users", + "manage-realm", + "query-realms", + "view-realm", + "query-users", + "query-groups", + "impersonation", + "view-authorization", + "manage-authorization", + "view-users", + "create-client", + "manage-events", + "view-events", + "manage-clients", + "realm-admin", + "view-identity-providers", + "query-clients" + ] + } + }, + "clientRole": false, + "containerId": "c4po_realm_local", + "attributes": {} + }, + { + "id": "7222919e-386a-4c70-a5d8-1b3d3bf06f57", + "name": "cuid:11c47c56-3bcd-45f1-a05b-c197dbd32111", + "composite": false, + "clientRole": false, + "containerId": "c4po_realm_local", + "attributes": {} + } + ], + "client": { + "useraccount-service": [ + { + "id": "7a7e2bee-36c1-4b59-9623-bbe4f81d069e", + "name": "CUSTOMERADMIN", + "composite": false, + "clientRole": true, + "containerId": "0dc2a195-7b23-4e58-bf81-3b6566e4c36c", + "attributes": {} + }, + { + "id": "76591939-e3e2-4e35-b9c8-14a19f0ac50b", + "name": "uma_protection", + "composite": false, + "clientRole": true, + "containerId": "0dc2a195-7b23-4e58-bf81-3b6566e4c36c", + "attributes": {} + }, + { + "id": "b9fae233-7d6b-4a12-8951-5c20fba7e560", + "name": "OBSERVER", + "composite": false, + "clientRole": true, + "containerId": "0dc2a195-7b23-4e58-bf81-3b6566e4c36c", + "attributes": {} + }, + { + "id": "f5efb02b-c6ed-48fe-92bf-47cc8b1c783f", + "name": "USER", + "composite": false, + "clientRole": true, + "containerId": "0dc2a195-7b23-4e58-bf81-3b6566e4c36c", + "attributes": {} + }, + { + "id": "74ef1b12-b236-4dfb-a251-8f9c38fedab9", + "name": "PROJECTLEAD", + "composite": false, + "clientRole": true, + "containerId": "0dc2a195-7b23-4e58-bf81-3b6566e4c36c", + "attributes": {} + }, + { + "id": "9cae2c55-361b-4d34-b4aa-55d8877948ac", + "name": "cuid:11c47c56-3bcd-45f1-a05b-c197dbd32111", + "composite": false, + "clientRole": true, + "containerId": "0dc2a195-7b23-4e58-bf81-3b6566e4c36c", + "attributes": {} + }, + { + "id": "06be41f6-43d9-48aa-8e36-dad567e2eb7f", + "name": "COMPANYADMIN", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "0dc2a195-7b23-4e58-bf81-3b6566e4c36c", + "attributes": {} + }, + { + "id": "00e583d6-dedd-43f8-b7cb-e2aefe313ac5", + "name": "OWNER", + "composite": false, + "clientRole": true, + "containerId": "0dc2a195-7b23-4e58-bf81-3b6566e4c36c", + "attributes": {} + }, + { + "id": "d65244ef-f2cc-4ca1-83cd-b80d2139cb87", + "name": "SENSORADMIN", + "composite": false, + "clientRole": true, + "containerId": "0dc2a195-7b23-4e58-bf81-3b6566e4c36c", + "attributes": {} + }, + { + "id": "fe51cb66-706f-42ea-aa95-2dc9a67b7bd9", + "name": "SENSORCLIENT", + "composite": false, + "clientRole": true, + "containerId": "0dc2a195-7b23-4e58-bf81-3b6566e4c36c", + "attributes": {} + } + ], + "realm-management": [ + { + "id": "e3ee3ecd-c0f0-4f21-8ed9-26f188182873", + "name": "view-clients", + "description": "${role_view-clients}", + "composite": true, + "composites": { + "client": { + "realm-management": [ + "query-clients" + ] + } + }, + "clientRole": true, + "containerId": "1f6ed582-3900-4f1d-8f5e-7e43ec70d721", + "attributes": {} + }, + { + "id": "d9b446db-f795-4e96-a7ec-a4fd5efe6fbc", + "name": "manage-identity-providers", + "description": "${role_manage-identity-providers}", + "composite": false, + "clientRole": true, + "containerId": "1f6ed582-3900-4f1d-8f5e-7e43ec70d721", + "attributes": {} + }, + { + "id": "61e592ba-4f37-4f7a-83d1-9b61dd870f74", + "name": "manage-realm", + "description": "${role_manage-realm}", + "composite": false, + "clientRole": true, + "containerId": "1f6ed582-3900-4f1d-8f5e-7e43ec70d721", + "attributes": {} + }, + { + "id": "407b4eee-745d-4f84-a278-18cdc99e9bc7", + "name": "manage-users", + "description": "${role_manage-users}", + "composite": false, + "clientRole": true, + "containerId": "1f6ed582-3900-4f1d-8f5e-7e43ec70d721", + "attributes": {} + }, + { + "id": "ead18270-d63c-4634-853d-9da14a060c08", + "name": "query-realms", + "description": "${role_query-realms}", + "composite": false, + "clientRole": true, + "containerId": "1f6ed582-3900-4f1d-8f5e-7e43ec70d721", + "attributes": {} + }, + { + "id": "3d8b1ae3-06b3-4699-bdb4-c18a81f1deca", + "name": "view-realm", + "description": "${role_view-realm}", + "composite": false, + "clientRole": true, + "containerId": "1f6ed582-3900-4f1d-8f5e-7e43ec70d721", + "attributes": {} + }, + { + "id": "04416ae9-7437-4107-b958-802fdc8909f5", + "name": "query-users", + "description": "${role_query-users}", + "composite": false, + "clientRole": true, + "containerId": "1f6ed582-3900-4f1d-8f5e-7e43ec70d721", + "attributes": {} + }, + { + "id": "a33907aa-eae0-4154-85d7-6acda98bbe79", + "name": "query-groups", + "description": "${role_query-groups}", + "composite": false, + "clientRole": true, + "containerId": "1f6ed582-3900-4f1d-8f5e-7e43ec70d721", + "attributes": {} + }, + { + "id": "ddfe71ae-8181-4cd8-9fdd-2b8f2c524101", + "name": "impersonation", + "description": "${role_impersonation}", + "composite": false, + "clientRole": true, + "containerId": "1f6ed582-3900-4f1d-8f5e-7e43ec70d721", + "attributes": {} + }, + { + "id": "2d7fb697-7c73-4854-87f2-c84974b2f73a", + "name": "view-authorization", + "description": "${role_view-authorization}", + "composite": false, + "clientRole": true, + "containerId": "1f6ed582-3900-4f1d-8f5e-7e43ec70d721", + "attributes": {} + }, + { + "id": "e927482a-dd4b-475a-b4f9-b7224a8fbac1", + "name": "create-client", + "description": "${role_create-client}", + "composite": false, + "clientRole": true, + "containerId": "1f6ed582-3900-4f1d-8f5e-7e43ec70d721", + "attributes": {} + }, + { + "id": "5c8d303a-853d-4c2d-abac-77056f424a5f", + "name": "view-users", + "description": "${role_view-users}", + "composite": true, + "composites": { + "client": { + "realm-management": [ + "query-users", + "query-groups" + ] + } + }, + "clientRole": true, + "containerId": "1f6ed582-3900-4f1d-8f5e-7e43ec70d721", + "attributes": {} + }, + { + "id": "00ab84fb-a0b0-4ef4-8b43-e09f5da7e350", + "name": "manage-authorization", + "description": "${role_manage-authorization}", + "composite": false, + "clientRole": true, + "containerId": "1f6ed582-3900-4f1d-8f5e-7e43ec70d721", + "attributes": {} + }, + { + "id": "bf58f8f7-e097-4dec-96cd-aab047c80c99", + "name": "manage-events", + "description": "${role_manage-events}", + "composite": false, + "clientRole": true, + "containerId": "1f6ed582-3900-4f1d-8f5e-7e43ec70d721", + "attributes": {} + }, + { + "id": "50e67c01-1b81-45c9-bda1-93205f61a4e1", + "name": "view-events", + "description": "${role_view-events}", + "composite": false, + "clientRole": true, + "containerId": "1f6ed582-3900-4f1d-8f5e-7e43ec70d721", + "attributes": {} + }, + { + "id": "f50a4f70-3ca9-48b4-a567-3f838d93bc4a", + "name": "manage-clients", + "description": "${role_manage-clients}", + "composite": false, + "clientRole": true, + "containerId": "1f6ed582-3900-4f1d-8f5e-7e43ec70d721", + "attributes": {} + }, + { + "id": "e159661b-c630-4279-a7fd-da46d2aaa734", + "name": "realm-admin", + "description": "${role_realm-admin}", + "composite": true, + "composites": { + "client": { + "realm-management": [ + "view-clients", + "manage-identity-providers", + "manage-users", + "manage-realm", + "query-realms", + "view-realm", + "query-users", + "query-groups", + "impersonation", + "view-authorization", + "manage-authorization", + "view-users", + "create-client", + "manage-events", + "view-events", + "manage-clients", + "view-identity-providers", + "query-clients" + ] + } + }, + "clientRole": true, + "containerId": "1f6ed582-3900-4f1d-8f5e-7e43ec70d721", + "attributes": {} + }, + { + "id": "912fb2b9-5db4-473f-820b-5048cc85e8db", + "name": "view-identity-providers", + "description": "${role_view-identity-providers}", + "composite": false, + "clientRole": true, + "containerId": "1f6ed582-3900-4f1d-8f5e-7e43ec70d721", + "attributes": {} + }, + { + "id": "4672a0f6-0522-40cc-b560-68f060f6d877", + "name": "query-clients", + "description": "${role_query-clients}", + "composite": false, + "clientRole": true, + "containerId": "1f6ed582-3900-4f1d-8f5e-7e43ec70d721", + "attributes": {} + } + ], + "security-admin-console": [], + "admin-cli": [], + "broker": [ + { + "id": "6aadda6f-299f-41e4-9954-009cee812cf8", + "name": "read-token", + "description": "${role_read-token}", + "composite": false, + "clientRole": true, + "containerId": "934c22be-97c3-44b3-a5c0-2f1bdc93e540", + "attributes": {} + } + ], + "account": [ + { + "id": "b2a111c4-4574-4f09-92ea-bccf7fe7400f", + "name": "view-profile", + "description": "${role_view-profile}", + "composite": false, + "clientRole": true, + "containerId": "5f58a3c9-fb96-4565-aa97-24001d045829", + "attributes": {} + }, + { + "id": "d441f7b3-d8a8-4644-bde4-e99938520c51", + "name": "manage-account", + "description": "${role_manage-account}", + "composite": true, + "composites": { + "client": { + "account": [ + "manage-account-links" + ] + } + }, + "clientRole": true, + "containerId": "5f58a3c9-fb96-4565-aa97-24001d045829", + "attributes": {} + }, + { + "id": "68d365a0-df3f-4f12-ba1a-739acceec1e0", + "name": "manage-account-links", + "description": "${role_manage-account-links}", + "composite": false, + "clientRole": true, + "containerId": "5f58a3c9-fb96-4565-aa97-24001d045829", + "attributes": {} + } + ] + } + }, + "groups": [], + "defaultRoles": [ + "uma_authorization", + "offline_access" + ], + "requiredCredentials": [ + "password" + ], + "otpPolicyType": "totp", + "otpPolicyAlgorithm": "HmacSHA1", + "otpPolicyInitialCounter": 0, + "otpPolicyDigits": 6, + "otpPolicyLookAheadWindow": 1, + "otpPolicyPeriod": 30, + "otpSupportedApplications": [ + "FreeOTP", + "Google Authenticator" + ], + "scopeMappings": [ + { + "client": "useraccount-service", + "roles": [ + "COMPANYADMIN", + "OWNER", + "cuid:11c47c56-3bcd-45f1-a05b-c197dbd32111", + "OBSERVER", + "CUSTOMERADMIN", + "PROJECTLEAD", + "USER", + "SENSORADMIN", + "SENSORCLIENT" + ] + }, + { + "clientScope": "offline_access", + "roles": [ + "offline_access" + ] + } + ], + "clientScopeMappings": { + "realm-management": [ + { + "client": "useraccount-service", + "roles": [ + "view-identity-providers", + "view-realm", + "manage-identity-providers", + "impersonation", + "realm-admin", + "create-client", + "manage-users", + "query-realms", + "view-authorization", + "query-clients", + "query-users", + "manage-events", + "manage-realm", + "view-events", + "view-users", + "view-clients", + "manage-authorization", + "manage-clients", + "query-groups" + ] + } + ], + "account": [ + { + "client": "useraccount-service", + "roles": [ + "view-profile" + ] + } + ] + }, + "clients": [ + { + "id": "0dc2a195-7b23-4e58-bf81-3b6566e4c36c", + "clientId": "useraccount-service", + "surrogateAuthRequired": false, + "enabled": true, + "clientAuthenticatorType": "client-secret", + "secret": "secret", + "redirectUris": [ + "http://awstslx070:4200/*", + "http://localhost:4200/*", + "http://awstslx071:4200/*" + ], + "webOrigins": [ + "*" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": true, + "authorizationServicesEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "exclude.session.state.from.auth.response": "false", + "saml_force_name_id_format": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "e467088f-3ad5-439e-a507-6213ec96dc7e", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "f593e14f-701b-4318-9c45-06b46596df9b", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "fb2f5eff-a705-4069-8578-57419ed6ea79", + "name": "Cognito Groups", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-realm-role-mapper", + "consentRequired": false, + "config": { + "multivalued": "true", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "cognito:groups", + "jsonType.label": "String" + } + }, + { + "id": "73eaf490-b6d8-4f6b-a9a0-1823c95c129d", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "role_list", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ], + "authorizationSettings": { + "allowRemoteResourceManagement": true, + "policyEnforcementMode": "ENFORCING", + "resources": [ + { + "name": "Default Resource", + "type": "urn:useraccount-service:resources:default", + "ownerManagedAccess": false, + "attributes": {}, + "_id": "b6b38f1d-9b2f-45b4-903b-75e4caa04822", + "uris": [ + "/*" + ] + } + ], + "policies": [ + { + "id": "028c93ef-a91a-4cb4-9658-e9df81a2c7d1", + "name": "Default Policy", + "description": "A policy that grants access only for users within this realm", + "type": "js", + "logic": "POSITIVE", + "decisionStrategy": "AFFIRMATIVE", + "config": { + "code": "// by default, grants any permission associated with this policy\n$evaluation.grant();\n" + } + }, + { + "id": "b10ccbd7-080f-46d8-b064-1082bcbc8025", + "name": "Default Permission", + "description": "A permission that applies to the default resource type", + "type": "resource", + "logic": "POSITIVE", + "decisionStrategy": "UNANIMOUS", + "config": { + "defaultResourceType": "urn:useraccount-service:resources:default", + "applyPolicies": "[\"Default Policy\"]" + } + } + ], + "scopes": [] + } + }, + { + "id": "20111584-1444-43f4-a8bb-824139f991ea", + "clientId": "security-admin-console", + "name": "${client_security-admin-console}", + "baseUrl": "/auth/admin/c4po_realm_local/console/index.html", + "surrogateAuthRequired": false, + "enabled": true, + "clientAuthenticatorType": "client-secret", + "secret": "secret", + "redirectUris": [ + "/auth/admin/c4po_realm_local/console/*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "protocolMappers": [ + { + "id": "4d4a3b4a-866a-48fd-9ed7-cf86eed3ec93", + "name": "locale", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "locale", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "locale", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "role_list", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "15a976bb-49f0-4abc-a2f4-54694144aa42", + "clientId": "admin-cli", + "name": "${client_admin-cli}", + "surrogateAuthRequired": false, + "enabled": true, + "clientAuthenticatorType": "client-secret", + "secret": "secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "role_list", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "5f58a3c9-fb96-4565-aa97-24001d045829", + "clientId": "account", + "name": "${client_account}", + "baseUrl": "/auth/realms/c4po_realm_local/account", + "surrogateAuthRequired": false, + "enabled": true, + "clientAuthenticatorType": "client-secret", + "secret": "secret", + "defaultRoles": [ + "view-profile", + "manage-account" + ], + "redirectUris": [ + "/auth/realms/c4po_realm_local/account/*" + ], + "webOrigins": [ + "*" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "exclude.session.state.from.auth.response": "false", + "saml_force_name_id_format": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "role_list", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "1f6ed582-3900-4f1d-8f5e-7e43ec70d721", + "clientId": "realm-management", + "name": "${client_realm-management}", + "surrogateAuthRequired": false, + "enabled": true, + "clientAuthenticatorType": "client-secret", + "secret": "secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": true, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "role_list", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "934c22be-97c3-44b3-a5c0-2f1bdc93e540", + "clientId": "broker", + "name": "${client_broker}", + "surrogateAuthRequired": false, + "enabled": true, + "clientAuthenticatorType": "client-secret", + "secret": "secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "role_list", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + } + ], + "clientScopes": [ + { + "id": "47257d76-9d63-49f5-a902-34df495a43a4", + "name": "address", + "description": "OpenID Connect built-in scope: address", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${addressScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "66fb76f1-0cde-4791-9957-163fd18cb034", + "name": "address", + "protocol": "openid-connect", + "protocolMapper": "oidc-address-mapper", + "consentRequired": false, + "config": { + "user.attribute.formatted": "formatted", + "user.attribute.country": "country", + "user.attribute.postal_code": "postal_code", + "userinfo.token.claim": "true", + "user.attribute.street": "street", + "id.token.claim": "true", + "user.attribute.region": "region", + "access.token.claim": "true", + "user.attribute.locality": "locality" + } + } + ] + }, + { + "id": "075e5aee-2465-42a0-a653-b4d5273e273d", + "name": "email", + "description": "OpenID Connect built-in scope: email", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${emailScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "ef81e559-91a4-461c-871a-30848376ccb1", + "name": "email", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "email", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "email", + "jsonType.label": "String" + } + }, + { + "id": "78100256-46c2-4fd9-94d5-b552d7baa837", + "name": "email verified", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "emailVerified", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "email_verified", + "jsonType.label": "boolean" + } + } + ] + }, + { + "id": "b5ebe782-a5bf-4cc6-8606-2ffe41c609af", + "name": "microprofile-jwt", + "description": "Microprofile - JWT built-in scope", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "false" + }, + "protocolMappers": [ + { + "id": "33aeb362-e0a7-47ed-8f30-e257d262f2c7", + "name": "groups", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-realm-role-mapper", + "consentRequired": false, + "config": { + "multivalued": "true", + "userinfo.token.claim": "true", + "user.attribute": "foo", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "groups", + "jsonType.label": "String" + } + }, + { + "id": "6e3f86f8-6f52-4d0d-bcd6-62cd2b48217c", + "name": "upn", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "username", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "upn", + "jsonType.label": "String" + } + } + ] + }, + { + "id": "df76f14a-1373-4866-b859-4ec4474150bf", + "name": "offline_access", + "description": "OpenID Connect built-in scope: offline_access", + "protocol": "openid-connect", + "attributes": { + "consent.screen.text": "${offlineAccessScopeConsentText}", + "display.on.consent.screen": "true" + } + }, + { + "id": "ac5cf00b-0079-4bd0-8e3a-bf228ee622e5", + "name": "phone", + "description": "OpenID Connect built-in scope: phone", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${phoneScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "c167feb2-2750-4916-9a3a-7a8b5bf8be20", + "name": "phone number", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "phoneNumber", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "phone_number", + "jsonType.label": "String" + } + }, + { + "id": "e2f48d7b-be91-480c-a23b-77eb40b887bc", + "name": "phone number verified", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "phoneNumberVerified", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "phone_number_verified", + "jsonType.label": "boolean" + } + } + ] + }, + { + "id": "345ab109-6915-4487-b22b-625c3d416897", + "name": "profile", + "description": "OpenID Connect built-in scope: profile", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${profileScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "1f743089-4d5c-48a3-91d0-db1ef3c12a14", + "name": "full name", + "protocol": "openid-connect", + "protocolMapper": "oidc-full-name-mapper", + "consentRequired": false, + "config": { + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + }, + { + "id": "3de9048d-cc21-4c70-989f-d926d89b0766", + "name": "website", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "website", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "website", + "jsonType.label": "String" + } + }, + { + "id": "6988c27c-baf5-476d-b268-64175380ff15", + "name": "middle name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "middleName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "middle_name", + "jsonType.label": "String" + } + }, + { + "id": "cd8fce4a-c143-4093-bf04-a0a208f96ad8", + "name": "gender", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "gender", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "gender", + "jsonType.label": "String" + } + }, + { + "id": "774bb1ac-94dc-4024-869f-7ac3c74a3049", + "name": "given name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "firstName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "given_name", + "jsonType.label": "String" + } + }, + { + "id": "4fd53d8d-abf9-4cc7-accd-54d1fc836dfb", + "name": "picture", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "picture", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "picture", + "jsonType.label": "String" + } + }, + { + "id": "ec02c8fd-945e-4ca9-a4f4-063860c4c005", + "name": "locale", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "locale", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "locale", + "jsonType.label": "String" + } + }, + { + "id": "282efa0d-e0b6-4eda-a16e-f46f9f2258dc", + "name": "zoneinfo", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "zoneinfo", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "zoneinfo", + "jsonType.label": "String" + } + }, + { + "id": "03f06be8-0e88-479b-9c94-99221d84c2e9", + "name": "nickname", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "nickname", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "nickname", + "jsonType.label": "String" + } + }, + { + "id": "35423b7e-f94b-4ebc-a98a-7929cfc1ffc7", + "name": "updated at", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "updatedAt", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "updated_at", + "jsonType.label": "String" + } + }, + { + "id": "8a711ca2-9cc4-4f0d-9e68-e2fc8a584eca", + "name": "profile", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "profile", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "profile", + "jsonType.label": "String" + } + }, + { + "id": "3b1a7f22-88b0-4c50-aff7-b3e944d9c863", + "name": "birthdate", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "birthdate", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "birthdate", + "jsonType.label": "String" + } + }, + { + "id": "20ea37d6-3f1b-4744-a273-2894a8e5194b", + "name": "username", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "username", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "preferred_username", + "jsonType.label": "String" + } + }, + { + "id": "325e7a38-d5c3-4494-bda0-bd26b77e97f4", + "name": "family name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "lastName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "family_name", + "jsonType.label": "String" + } + } + ] + }, + { + "id": "ca8687eb-111b-4004-84c8-3983b1e4c8f7", + "name": "role_list", + "description": "SAML role list", + "protocol": "saml", + "attributes": { + "consent.screen.text": "${samlRoleListScopeConsentText}", + "display.on.consent.screen": "true" + }, + "protocolMappers": [ + { + "id": "86dcf3ff-37bd-4e59-a873-8c48a84f3768", + "name": "role list", + "protocol": "saml", + "protocolMapper": "saml-role-list-mapper", + "consentRequired": false, + "config": { + "single": "false", + "attribute.nameformat": "Basic", + "attribute.name": "Role" + } + } + ] + }, + { + "id": "3b49b3b4-bebc-446c-b5b5-181e5bf25f5a", + "name": "roles", + "description": "OpenID Connect scope for add user roles to the access token", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "false", + "display.on.consent.screen": "true", + "consent.screen.text": "${rolesScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "290b8e1f-ab02-4c15-ad33-208d43b25f22", + "name": "realm roles", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-realm-role-mapper", + "consentRequired": false, + "config": { + "user.attribute": "foo", + "access.token.claim": "true", + "claim.name": "realm_access.roles", + "jsonType.label": "String", + "multivalued": "true" + } + }, + { + "id": "d4161ff3-251b-4812-bbd2-47ecec67f2f0", + "name": "client roles", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-client-role-mapper", + "consentRequired": false, + "config": { + "user.attribute": "foo", + "access.token.claim": "true", + "claim.name": "resource_access.${client_id}.roles", + "jsonType.label": "String", + "multivalued": "true" + } + }, + { + "id": "03d5aaf1-d43b-4739-97ec-9906e034d09e", + "name": "audience resolve", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-resolve-mapper", + "consentRequired": false, + "config": {} + } + ] + }, + { + "id": "5f39e087-9178-404d-be5a-81034370de82", + "name": "web-origins", + "description": "OpenID Connect scope for add allowed web origins to the access token", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "false", + "display.on.consent.screen": "false", + "consent.screen.text": "" + }, + "protocolMappers": [ + { + "id": "7a931e44-5929-4b71-b40d-5bf96c7ee1f0", + "name": "allowed web origins", + "protocol": "openid-connect", + "protocolMapper": "oidc-allowed-origins-mapper", + "consentRequired": false, + "config": {} + } + ] + } + ], + "defaultDefaultClientScopes": [ + "email", + "profile", + "roles", + "web-origins", + "role_list" + ], + "defaultOptionalClientScopes": [ + "address", + "phone", + "microprofile-jwt", + "offline_access" + ], + "browserSecurityHeaders": { + "contentSecurityPolicyReportOnly": "", + "xContentTypeOptions": "nosniff", + "xRobotsTag": "none", + "xFrameOptions": "SAMEORIGIN", + "xXSSProtection": "1; mode=block", + "contentSecurityPolicy": "frame-src 'self'; frame-ancestors 'self'; object-src 'none';", + "strictTransportSecurity": "max-age=31536000; includeSubDomains" + }, + "smtpServer": {}, + "eventsEnabled": false, + "eventsListeners": [ + "jboss-logging" + ], + "enabledEventTypes": [], + "adminEventsEnabled": false, + "adminEventsDetailsEnabled": false, + "components": { + "org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy": [ + { + "id": "eab6b4c5-33c3-4a40-8fa9-9d98ce0992c2", + "name": "Max Clients Limit", + "providerId": "max-clients", + "subType": "anonymous", + "subComponents": {}, + "config": { + "max-clients": [ + "200" + ] + } + }, + { + "id": "f6203bd5-ba45-45df-bf45-741e0e2202f5", + "name": "Allowed Client Scopes", + "providerId": "allowed-client-templates", + "subType": "authenticated", + "subComponents": {}, + "config": { + "allow-default-scopes": [ + "true" + ] + } + }, + { + "id": "f7d196b9-3d1a-48af-82bc-8c3409209838", + "name": "Allowed Protocol Mapper Types", + "providerId": "allowed-protocol-mappers", + "subType": "authenticated", + "subComponents": {}, + "config": { + "allowed-protocol-mapper-types": [ + "oidc-usermodel-property-mapper", + "oidc-usermodel-attribute-mapper", + "oidc-full-name-mapper", + "saml-role-list-mapper", + "saml-user-property-mapper", + "oidc-sha256-pairwise-sub-mapper", + "oidc-address-mapper", + "saml-user-attribute-mapper" + ] + } + }, + { + "id": "90993401-7ea6-4213-8a53-d49ed7bebea0", + "name": "Allowed Protocol Mapper Types", + "providerId": "allowed-protocol-mappers", + "subType": "anonymous", + "subComponents": {}, + "config": { + "allowed-protocol-mapper-types": [ + "oidc-full-name-mapper", + "oidc-usermodel-property-mapper", + "saml-role-list-mapper", + "saml-user-attribute-mapper", + "saml-user-property-mapper", + "oidc-address-mapper", + "oidc-usermodel-attribute-mapper", + "oidc-sha256-pairwise-sub-mapper" + ] + } + }, + { + "id": "9ee10d51-fb23-4781-abd8-aed83ccbee4e", + "name": "Allowed Client Scopes", + "providerId": "allowed-client-templates", + "subType": "anonymous", + "subComponents": {}, + "config": { + "allow-default-scopes": [ + "true" + ] + } + }, + { + "id": "adad855f-8eb4-452b-9c01-f3df1d06dec2", + "name": "Full Scope Disabled", + "providerId": "scope", + "subType": "anonymous", + "subComponents": {}, + "config": {} + }, + { + "id": "9f64e8b7-b375-43a9-948b-49155901b906", + "name": "Trusted Hosts", + "providerId": "trusted-hosts", + "subType": "anonymous", + "subComponents": {}, + "config": { + "host-sending-registration-request-must-match": [ + "true" + ], + "client-uris-must-match": [ + "true" + ] + } + }, + { + "id": "5926dcbc-4191-4f1c-8c48-0414d0e4e959", + "name": "Consent Required", + "providerId": "consent-required", + "subType": "anonymous", + "subComponents": {}, + "config": {} + } + ], + "org.keycloak.keys.KeyProvider": [ + { + "id": "5228af06-9a4a-4c1c-aafc-36b1e554ee61", + "name": "hmac-generated", + "providerId": "hmac-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ], + "algorithm": [ + "HS256" + ] + } + }, + { + "id": "e2223ecb-b36c-4e5d-ad0b-0e0f94aa5242", + "name": "rsa-generated", + "providerId": "rsa-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ] + } + }, + { + "id": "b37b8cac-96e4-4c1c-a9c5-1d44b9447412", + "name": "aes-generated", + "providerId": "aes-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ] + } + } + ] + }, + "internationalizationEnabled": false, + "supportedLocales": [], + "authenticationFlows": [ + { + "id": "04667e23-0791-4598-9e81-71dad2f8850e", + "alias": "Handle Existing Account", + "description": "Handle what to do if there is existing account with same email/username like authenticated identity provider", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "idp-confirm-link", + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "idp-email-verification", + "requirement": "ALTERNATIVE", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "requirement": "ALTERNATIVE", + "priority": 30, + "flowAlias": "Verify Existing Account by Re-authentication", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "d12d870d-a9c8-447d-9b2a-8513daaa1ff4", + "alias": "Verify Existing Account by Re-authentication", + "description": "Reauthentication of existing account", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "idp-username-password-form", + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-otp-form", + "requirement": "OPTIONAL", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "a9d235f0-562f-44d8-8034-374b427375a4", + "alias": "browser", + "description": "browser based authentication", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "auth-cookie", + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-spnego", + "requirement": "DISABLED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "identity-provider-redirector", + "requirement": "ALTERNATIVE", + "priority": 25, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "requirement": "ALTERNATIVE", + "priority": 30, + "flowAlias": "forms", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "0eb4370f-846b-4938-99a3-e41daf4b8f99", + "alias": "clients", + "description": "Base authentication for clients", + "providerId": "client-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "client-secret", + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "client-jwt", + "requirement": "ALTERNATIVE", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "client-secret-jwt", + "requirement": "ALTERNATIVE", + "priority": 30, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "client-x509", + "requirement": "ALTERNATIVE", + "priority": 40, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "6aa71b0a-0fbc-478f-9e70-3438a363d17d", + "alias": "direct grant", + "description": "OpenID Connect Resource Owner Grant", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "direct-grant-validate-username", + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "direct-grant-validate-password", + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "direct-grant-validate-otp", + "requirement": "OPTIONAL", + "priority": 30, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "9d882641-2247-4c39-bcdc-b6a731fb9d23", + "alias": "docker auth", + "description": "Used by Docker clients to authenticate against the IDP", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "docker-http-basic-authenticator", + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "e4f1f2c7-4171-4b8b-8759-279bbf1be477", + "alias": "first broker login", + "description": "Actions taken after first broker login with identity provider account, which is not yet linked to any Keycloak account", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticatorConfig": "review profile config", + "authenticator": "idp-review-profile", + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorConfig": "create unique user config", + "authenticator": "idp-create-user-if-unique", + "requirement": "ALTERNATIVE", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "requirement": "ALTERNATIVE", + "priority": 30, + "flowAlias": "Handle Existing Account", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "e00fbb15-36a1-483e-87ce-4b209b61ecfc", + "alias": "forms", + "description": "Username, password, otp and other auth forms.", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "auth-username-password-form", + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-otp-form", + "requirement": "OPTIONAL", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "042387a5-bc8c-4dd7-9b87-9ff1f4e0ca1e", + "alias": "http challenge", + "description": "An authentication flow based on challenge-response HTTP Authentication Schemes", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "no-cookie-redirect", + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "basic-auth", + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "basic-auth-otp", + "requirement": "DISABLED", + "priority": 30, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-spnego", + "requirement": "DISABLED", + "priority": 40, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "1c00ba91-5e86-4037-bd34-cea2aca0871b", + "alias": "registration", + "description": "registration flow", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "registration-page-form", + "requirement": "REQUIRED", + "priority": 10, + "flowAlias": "registration form", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "51aaecfb-6135-4e8c-a154-98454e51b3f1", + "alias": "registration form", + "description": "registration form", + "providerId": "form-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "registration-user-creation", + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "registration-profile-action", + "requirement": "REQUIRED", + "priority": 40, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "registration-password-action", + "requirement": "REQUIRED", + "priority": 50, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "registration-recaptcha-action", + "requirement": "DISABLED", + "priority": 60, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "f1d62ae4-4a19-4f58-9301-dc014c064439", + "alias": "reset credentials", + "description": "Reset credentials for a user if they forgot their password or something", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "reset-credentials-choose-user", + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "reset-credential-email", + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "reset-password", + "requirement": "REQUIRED", + "priority": 30, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "reset-otp", + "requirement": "OPTIONAL", + "priority": 40, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "e4405727-0f00-4b39-87b8-002d91b67579", + "alias": "saml ecp", + "description": "SAML ECP Profile Authentication Flow", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "http-basic-authenticator", + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + } + ], + "authenticatorConfig": [ + { + "id": "bca740b1-4261-45b4-a91b-ef679c92a79d", + "alias": "create unique user config", + "config": { + "require.password.update.after.registration": "false" + } + }, + { + "id": "dd6821e3-694a-4e46-b284-1664ba568ade", + "alias": "review profile config", + "config": { + "update.profile.on.first.login": "missing" + } + } + ], + "requiredActions": [ + { + "alias": "CONFIGURE_TOTP", + "name": "Configure OTP", + "providerId": "CONFIGURE_TOTP", + "enabled": true, + "defaultAction": false, + "priority": 10, + "config": {} + }, + { + "alias": "terms_and_conditions", + "name": "Terms and Conditions", + "providerId": "terms_and_conditions", + "enabled": false, + "defaultAction": false, + "priority": 20, + "config": {} + }, + { + "alias": "UPDATE_PASSWORD", + "name": "Update Password", + "providerId": "UPDATE_PASSWORD", + "enabled": true, + "defaultAction": false, + "priority": 30, + "config": {} + }, + { + "alias": "UPDATE_PROFILE", + "name": "Update Profile", + "providerId": "UPDATE_PROFILE", + "enabled": true, + "defaultAction": false, + "priority": 40, + "config": {} + }, + { + "alias": "VERIFY_EMAIL", + "name": "Verify Email", + "providerId": "VERIFY_EMAIL", + "enabled": true, + "defaultAction": false, + "priority": 50, + "config": {} + } + ], + "browserFlow": "browser", + "registrationFlow": "registration", + "directGrantFlow": "direct grant", + "resetCredentialsFlow": "reset credentials", + "clientAuthenticationFlow": "clients", + "dockerAuthenticationFlow": "docker auth", + "attributes": { + "_browser_header.xXSSProtection": "1; mode=block", + "_browser_header.xFrameOptions": "SAMEORIGIN", + "_browser_header.strictTransportSecurity": "max-age=31536000; includeSubDomains", + "permanentLockout": "false", + "quickLoginCheckMilliSeconds": "1000", + "_browser_header.xRobotsTag": "none", + "maxFailureWaitSeconds": "900", + "minimumQuickLoginWaitSeconds": "60", + "failureFactor": "30", + "actionTokenGeneratedByUserLifespan": "300", + "maxDeltaTimeSeconds": "43200", + "_browser_header.xContentTypeOptions": "nosniff", + "offlineSessionMaxLifespan": "5184000", + "actionTokenGeneratedByAdminLifespan": "43200", + "_browser_header.contentSecurityPolicyReportOnly": "", + "bruteForceProtected": "false", + "_browser_header.contentSecurityPolicy": "frame-src 'self'; frame-ancestors 'self'; object-src 'none';", + "waitIncrementSeconds": "60", + "offlineSessionMaxLifespanEnabled": "false" + }, + "keycloakVersion": "6.0.1", + "userManagedAccessAllowed": false +} \ No newline at end of file diff --git a/security-c4po-api/src/test/resources/realm-export.json b/security-c4po-api/src/test/resources/realm-export.json new file mode 100644 index 0000000..63addac --- /dev/null +++ b/security-c4po-api/src/test/resources/realm-export.json @@ -0,0 +1,1813 @@ +{ + "id" : "c4po_realm_local", + "realm" : "c4po_realm_local", + "displayName" : "C4PO", + "displayNameHtml" : "
C4PO
", + "notBefore" : 0, + "revokeRefreshToken" : false, + "refreshTokenMaxReuse" : 0, + "accessTokenLifespan" : 300, + "accessTokenLifespanForImplicitFlow" : 900, + "ssoSessionIdleTimeout" : 1800, + "ssoSessionMaxLifespan" : 36000, + "ssoSessionIdleTimeoutRememberMe" : 0, + "ssoSessionMaxLifespanRememberMe" : 0, + "offlineSessionIdleTimeout" : 2592000, + "offlineSessionMaxLifespanEnabled" : false, + "offlineSessionMaxLifespan" : 5184000, + "clientSessionIdleTimeout" : 0, + "clientSessionMaxLifespan" : 0, + "clientOfflineSessionIdleTimeout" : 0, + "clientOfflineSessionMaxLifespan" : 0, + "accessCodeLifespan" : 60, + "accessCodeLifespanUserAction" : 300, + "accessCodeLifespanLogin" : 1800, + "actionTokenGeneratedByAdminLifespan" : 43200, + "actionTokenGeneratedByUserLifespan" : 300, + "enabled" : true, + "sslRequired" : "external", + "registrationAllowed" : false, + "registrationEmailAsUsername" : false, + "rememberMe" : false, + "verifyEmail" : false, + "loginWithEmailAllowed" : true, + "duplicateEmailsAllowed" : false, + "resetPasswordAllowed" : false, + "editUsernameAllowed" : false, + "bruteForceProtected" : false, + "permanentLockout" : false, + "maxFailureWaitSeconds" : 900, + "minimumQuickLoginWaitSeconds" : 60, + "waitIncrementSeconds" : 60, + "quickLoginCheckMilliSeconds" : 1000, + "maxDeltaTimeSeconds" : 43200, + "failureFactor" : 30, + "roles" : { + "realm" : [ { + "id" : "2faaa7e1-01d0-480d-b397-66155bf8a950", + "name" : "uma_authorization", + "description" : "${role_uma_authorization}", + "composite" : false, + "clientRole" : false, + "containerId" : "c4po_realm_local", + "attributes" : { } + }, { + "id" : "1fabc468-65bf-4651-8436-7d8d6a3a79e7", + "name" : "c4po_user", + "description" : "This is a normal c4po User role", + "composite" : true, + "composites" : { + "realm" : [ "offline_access", "uma_authorization" ] + }, + "clientRole" : false, + "containerId" : "c4po_realm_local", + "attributes" : { } + }, { + "id" : "9b6774c4-335d-44fb-82ba-d6e18dde814d", + "name" : "offline_access", + "description" : "${role_offline-access}", + "composite" : false, + "clientRole" : false, + "containerId" : "c4po_realm_local", + "attributes" : { } + }, { + "id" : "3dc67a08-dc0a-4bb1-8808-b49bbf4611b0", + "name" : "c4po_admin", + "description" : "This is an c4po admin role", + "composite" : true, + "composites" : { + "realm" : [ "c4po_user", "offline_access", "uma_authorization" ] + }, + "clientRole" : false, + "containerId" : "c4po_realm_local", + "attributes" : { } + } ], + "client" : { + "realm-management" : [ { + "id" : "72960cc0-cb99-4759-b342-7096bcd3c92a", + "name" : "create-client", + "description" : "${role_create-client}", + "composite" : false, + "clientRole" : true, + "containerId" : "fa74c4e8-a9c0-4fa9-bb21-2ad3535b08ef", + "attributes" : { } + }, { + "id" : "c90d908c-7e17-4ada-9f3b-aa623e449ef1", + "name" : "manage-clients", + "description" : "${role_manage-clients}", + "composite" : false, + "clientRole" : true, + "containerId" : "fa74c4e8-a9c0-4fa9-bb21-2ad3535b08ef", + "attributes" : { } + }, { + "id" : "dc9e7c69-4ed1-403d-ac42-55c507f3be40", + "name" : "manage-realm", + "description" : "${role_manage-realm}", + "composite" : false, + "clientRole" : true, + "containerId" : "fa74c4e8-a9c0-4fa9-bb21-2ad3535b08ef", + "attributes" : { } + }, { + "id" : "3e152bff-b1b3-491e-8b41-5824f417357e", + "name" : "query-groups", + "description" : "${role_query-groups}", + "composite" : false, + "clientRole" : true, + "containerId" : "fa74c4e8-a9c0-4fa9-bb21-2ad3535b08ef", + "attributes" : { } + }, { + "id" : "82f7b76d-b528-4fd5-aa9f-d89f1df9e1e1", + "name" : "impersonation", + "description" : "${role_impersonation}", + "composite" : false, + "clientRole" : true, + "containerId" : "fa74c4e8-a9c0-4fa9-bb21-2ad3535b08ef", + "attributes" : { } + }, { + "id" : "fa7c22da-a9ef-4895-ae56-57403f279631", + "name" : "view-authorization", + "description" : "${role_view-authorization}", + "composite" : false, + "clientRole" : true, + "containerId" : "fa74c4e8-a9c0-4fa9-bb21-2ad3535b08ef", + "attributes" : { } + }, { + "id" : "d0610310-b6e1-46cc-90e3-64a9948f1e1d", + "name" : "view-clients", + "description" : "${role_view-clients}", + "composite" : true, + "composites" : { + "client" : { + "realm-management" : [ "query-clients" ] + } + }, + "clientRole" : true, + "containerId" : "fa74c4e8-a9c0-4fa9-bb21-2ad3535b08ef", + "attributes" : { } + }, { + "id" : "c8fb89bc-00a8-4d6b-bb5c-d13cba12840d", + "name" : "manage-identity-providers", + "description" : "${role_manage-identity-providers}", + "composite" : false, + "clientRole" : true, + "containerId" : "fa74c4e8-a9c0-4fa9-bb21-2ad3535b08ef", + "attributes" : { } + }, { + "id" : "84338fd5-5a70-4c6a-b580-adb7416cb8b6", + "name" : "view-events", + "description" : "${role_view-events}", + "composite" : false, + "clientRole" : true, + "containerId" : "fa74c4e8-a9c0-4fa9-bb21-2ad3535b08ef", + "attributes" : { } + }, { + "id" : "f36d5b71-6f9e-433e-a549-5f8dab3fa39d", + "name" : "query-realms", + "description" : "${role_query-realms}", + "composite" : false, + "clientRole" : true, + "containerId" : "fa74c4e8-a9c0-4fa9-bb21-2ad3535b08ef", + "attributes" : { } + }, { + "id" : "d10b3abb-4120-4d28-a3a5-2bc2600502a6", + "name" : "view-realm", + "description" : "${role_view-realm}", + "composite" : false, + "clientRole" : true, + "containerId" : "fa74c4e8-a9c0-4fa9-bb21-2ad3535b08ef", + "attributes" : { } + }, { + "id" : "96a21ada-31a8-4d6a-9e26-f7551ca6ec3b", + "name" : "query-clients", + "description" : "${role_query-clients}", + "composite" : false, + "clientRole" : true, + "containerId" : "fa74c4e8-a9c0-4fa9-bb21-2ad3535b08ef", + "attributes" : { } + }, { + "id" : "7fcf212c-4371-48be-a75a-ec93830c4f8b", + "name" : "manage-users", + "description" : "${role_manage-users}", + "composite" : false, + "clientRole" : true, + "containerId" : "fa74c4e8-a9c0-4fa9-bb21-2ad3535b08ef", + "attributes" : { } + }, { + "id" : "26f88bad-f69b-464f-89f1-43b987589173", + "name" : "manage-authorization", + "description" : "${role_manage-authorization}", + "composite" : false, + "clientRole" : true, + "containerId" : "fa74c4e8-a9c0-4fa9-bb21-2ad3535b08ef", + "attributes" : { } + }, { + "id" : "13ff84e3-fef2-4c52-a30b-89602dd22457", + "name" : "query-users", + "description" : "${role_query-users}", + "composite" : false, + "clientRole" : true, + "containerId" : "fa74c4e8-a9c0-4fa9-bb21-2ad3535b08ef", + "attributes" : { } + }, { + "id" : "24928355-a003-4dc5-8272-71f32c3982e5", + "name" : "manage-events", + "description" : "${role_manage-events}", + "composite" : false, + "clientRole" : true, + "containerId" : "fa74c4e8-a9c0-4fa9-bb21-2ad3535b08ef", + "attributes" : { } + }, { + "id" : "60932726-3a3b-44f0-b668-b1ec55946404", + "name" : "view-users", + "description" : "${role_view-users}", + "composite" : true, + "composites" : { + "client" : { + "realm-management" : [ "query-groups", "query-users" ] + } + }, + "clientRole" : true, + "containerId" : "fa74c4e8-a9c0-4fa9-bb21-2ad3535b08ef", + "attributes" : { } + }, { + "id" : "18447ab5-84fc-4dc5-8f1b-ac39bfbd72a6", + "name" : "realm-admin", + "description" : "${role_realm-admin}", + "composite" : true, + "composites" : { + "client" : { + "realm-management" : [ "create-client", "manage-clients", "manage-realm", "query-groups", "impersonation", "view-authorization", "view-clients", "manage-identity-providers", "view-events", "query-realms", "view-realm", "query-clients", "manage-users", "manage-authorization", "query-users", "manage-events", "view-users", "view-identity-providers" ] + } + }, + "clientRole" : true, + "containerId" : "fa74c4e8-a9c0-4fa9-bb21-2ad3535b08ef", + "attributes" : { } + }, { + "id" : "ca1a9e13-0f97-4c69-a37a-0edc9a822485", + "name" : "view-identity-providers", + "description" : "${role_view-identity-providers}", + "composite" : false, + "clientRole" : true, + "containerId" : "fa74c4e8-a9c0-4fa9-bb21-2ad3535b08ef", + "attributes" : { } + } ], + "security-admin-console" : [ ], + "admin-cli" : [ ], + "c4po_local" : [ { + "id" : "e26a27e7-1648-491b-832a-8bf751d378bb", + "name" : "user", + "composite" : false, + "clientRole" : true, + "containerId" : "6cbc559d-073e-40d7-8b73-b2dcdc438461", + "attributes" : { } + } ], + "security-c4po-api" : [ ], + "account-console" : [ ], + "broker" : [ { + "id" : "ef655eb1-164c-49e3-be85-510395bfd7d9", + "name" : "read-token", + "description" : "${role_read-token}", + "composite" : false, + "clientRole" : true, + "containerId" : "f90fb534-a4bf-4e08-b0d3-8a5552eb5a12", + "attributes" : { } + } ], + "security-c4po-angular" : [ ], + "account" : [ { + "id" : "1d2d7350-47be-4131-b634-297b59731ccf", + "name" : "view-profile", + "description" : "${role_view-profile}", + "composite" : false, + "clientRole" : true, + "containerId" : "a7f62881-aa9e-4565-afeb-1d6305d3c56e", + "attributes" : { } + }, { + "id" : "14139dff-c524-4efd-84a1-9fbb3e8bafae", + "name" : "manage-account", + "description" : "${role_manage-account}", + "composite" : true, + "composites" : { + "client" : { + "account" : [ "manage-account-links" ] + } + }, + "clientRole" : true, + "containerId" : "a7f62881-aa9e-4565-afeb-1d6305d3c56e", + "attributes" : { } + }, { + "id" : "f590afe8-3e54-491d-97b1-e29f56b22df3", + "name" : "manage-account-links", + "description" : "${role_manage-account-links}", + "composite" : false, + "clientRole" : true, + "containerId" : "a7f62881-aa9e-4565-afeb-1d6305d3c56e", + "attributes" : { } + }, { + "id" : "897b62b3-c4d8-4998-9536-9c2d59bd2896", + "name" : "manage-consent", + "description" : "${role_manage-consent}", + "composite" : true, + "composites" : { + "client" : { + "account" : [ "view-consent" ] + } + }, + "clientRole" : true, + "containerId" : "a7f62881-aa9e-4565-afeb-1d6305d3c56e", + "attributes" : { } + }, { + "id" : "34488e12-5873-490b-a25b-986e62a21caa", + "name" : "view-consent", + "description" : "${role_view-consent}", + "composite" : false, + "clientRole" : true, + "containerId" : "a7f62881-aa9e-4565-afeb-1d6305d3c56e", + "attributes" : { } + }, { + "id" : "18770e33-50c1-4bb8-960d-d8acd163f5ab", + "name" : "view-applications", + "description" : "${role_view-applications}", + "composite" : false, + "clientRole" : true, + "containerId" : "a7f62881-aa9e-4565-afeb-1d6305d3c56e", + "attributes" : { } + } ] + } + }, + "groups" : [ ], + "defaultRoles" : [ "uma_authorization", "offline_access" ], + "requiredCredentials" : [ "password" ], + "otpPolicyType" : "totp", + "otpPolicyAlgorithm" : "HmacSHA1", + "otpPolicyInitialCounter" : 0, + "otpPolicyDigits" : 6, + "otpPolicyLookAheadWindow" : 1, + "otpPolicyPeriod" : 30, + "otpSupportedApplications" : [ "FreeOTP", "Google Authenticator" ], + "webAuthnPolicyRpEntityName" : "keycloak", + "webAuthnPolicySignatureAlgorithms" : [ "ES256" ], + "webAuthnPolicyRpId" : "", + "webAuthnPolicyAttestationConveyancePreference" : "not specified", + "webAuthnPolicyAuthenticatorAttachment" : "not specified", + "webAuthnPolicyRequireResidentKey" : "not specified", + "webAuthnPolicyUserVerificationRequirement" : "not specified", + "webAuthnPolicyCreateTimeout" : 0, + "webAuthnPolicyAvoidSameAuthenticatorRegister" : false, + "webAuthnPolicyAcceptableAaguids" : [ ], + "webAuthnPolicyPasswordlessRpEntityName" : "keycloak", + "webAuthnPolicyPasswordlessSignatureAlgorithms" : [ "ES256" ], + "webAuthnPolicyPasswordlessRpId" : "", + "webAuthnPolicyPasswordlessAttestationConveyancePreference" : "not specified", + "webAuthnPolicyPasswordlessAuthenticatorAttachment" : "not specified", + "webAuthnPolicyPasswordlessRequireResidentKey" : "not specified", + "webAuthnPolicyPasswordlessUserVerificationRequirement" : "not specified", + "webAuthnPolicyPasswordlessCreateTimeout" : 0, + "webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister" : false, + "webAuthnPolicyPasswordlessAcceptableAaguids" : [ ], + "users" : [ { + "id" : "10e06d7a-8dd0-4ecd-8963-056b45079c4f", + "createdTimestamp" : 1617897245335, + "username" : "ttt", + "enabled" : true, + "totp" : false, + "emailVerified" : false, + "firstName" : "test", + "lastName" : "user", + "credentials" : [ { + "id" : "7026fefc-ae26-442b-acae-92f1f2d24eac", + "type" : "password", + "createdDate" : 1617897287400, + "secretData" : "{\"value\":\"mhW4yxOg+8bcyPF4yWsfPZnLGUp4oaqc9aNA+WBcpr9qXgs/Jw+rM2VlLEgeD/kXGItcScA8V20sVGrMWT94Yw==\",\"salt\":\"nkH510WAwjKZJqd/ZEkIHA==\"}", + "credentialData" : "{\"hashIterations\":27500,\"algorithm\":\"pbkdf2-sha256\"}" + } ], + "disableableCredentialTypes" : [ ], + "requiredActions" : [ ], + "realmRoles" : [ "uma_authorization", "c4po_user", "c4po_admin" ], + "clientRoles" : { + "c4po_local" : [ "user" ], + "account" : [ "view-profile", "manage-account" ] + }, + "notBefore" : 0, + "groups" : [ ] + } ], + "scopeMappings" : [ { + "clientScope" : "offline_access", + "roles" : [ "offline_access" ] + } ], + "clientScopeMappings" : { + "account" : [ { + "client" : "account-console", + "roles" : [ "manage-account" ] + } ] + }, + "clients" : [ { + "id" : "a7f62881-aa9e-4565-afeb-1d6305d3c56e", + "clientId" : "account", + "name" : "${client_account}", + "rootUrl" : "${authBaseUrl}", + "baseUrl" : "/realms/c4po_realm_local/account/", + "surrogateAuthRequired" : false, + "enabled" : true, + "alwaysDisplayInConsole" : false, + "clientAuthenticatorType" : "client-secret", + "secret" : "**********", + "defaultRoles" : [ "view-profile", "manage-account" ], + "redirectUris" : [ "/realms/c4po_realm_local/account/*" ], + "webOrigins" : [ ], + "notBefore" : 0, + "bearerOnly" : false, + "consentRequired" : false, + "standardFlowEnabled" : true, + "implicitFlowEnabled" : false, + "directAccessGrantsEnabled" : false, + "serviceAccountsEnabled" : false, + "publicClient" : false, + "frontchannelLogout" : false, + "protocol" : "openid-connect", + "attributes" : { }, + "authenticationFlowBindingOverrides" : { }, + "fullScopeAllowed" : false, + "nodeReRegistrationTimeout" : 0, + "defaultClientScopes" : [ "web-origins", "role_list", "profile", "roles", "email" ], + "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] + }, { + "id" : "da51d616-1ca6-4434-a16d-b543d2a4e4c0", + "clientId" : "account-console", + "name" : "${client_account-console}", + "rootUrl" : "${authBaseUrl}", + "baseUrl" : "/realms/c4po_realm_local/account/", + "surrogateAuthRequired" : false, + "enabled" : true, + "alwaysDisplayInConsole" : false, + "clientAuthenticatorType" : "client-secret", + "secret" : "**********", + "redirectUris" : [ "/realms/c4po_realm_local/account/*" ], + "webOrigins" : [ ], + "notBefore" : 0, + "bearerOnly" : false, + "consentRequired" : false, + "standardFlowEnabled" : true, + "implicitFlowEnabled" : false, + "directAccessGrantsEnabled" : false, + "serviceAccountsEnabled" : false, + "publicClient" : true, + "frontchannelLogout" : false, + "protocol" : "openid-connect", + "attributes" : { + "pkce.code.challenge.method" : "S256" + }, + "authenticationFlowBindingOverrides" : { }, + "fullScopeAllowed" : false, + "nodeReRegistrationTimeout" : 0, + "protocolMappers" : [ { + "id" : "0c5a81d7-f454-4793-b4e4-60c924b73533", + "name" : "audience resolve", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-audience-resolve-mapper", + "consentRequired" : false, + "config" : { } + } ], + "defaultClientScopes" : [ "web-origins", "role_list", "profile", "roles", "email" ], + "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] + }, { + "id" : "63cb2215-d2f1-4229-96fc-82fb843e283a", + "clientId" : "admin-cli", + "name" : "${client_admin-cli}", + "surrogateAuthRequired" : false, + "enabled" : true, + "alwaysDisplayInConsole" : false, + "clientAuthenticatorType" : "client-secret", + "secret" : "**********", + "redirectUris" : [ ], + "webOrigins" : [ ], + "notBefore" : 0, + "bearerOnly" : false, + "consentRequired" : false, + "standardFlowEnabled" : false, + "implicitFlowEnabled" : false, + "directAccessGrantsEnabled" : true, + "serviceAccountsEnabled" : false, + "publicClient" : true, + "frontchannelLogout" : false, + "protocol" : "openid-connect", + "attributes" : { }, + "authenticationFlowBindingOverrides" : { }, + "fullScopeAllowed" : false, + "nodeReRegistrationTimeout" : 0, + "defaultClientScopes" : [ "web-origins", "role_list", "profile", "roles", "email" ], + "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] + }, { + "id" : "f90fb534-a4bf-4e08-b0d3-8a5552eb5a12", + "clientId" : "broker", + "name" : "${client_broker}", + "surrogateAuthRequired" : false, + "enabled" : true, + "alwaysDisplayInConsole" : false, + "clientAuthenticatorType" : "client-secret", + "secret" : "**********", + "redirectUris" : [ ], + "webOrigins" : [ ], + "notBefore" : 0, + "bearerOnly" : false, + "consentRequired" : false, + "standardFlowEnabled" : true, + "implicitFlowEnabled" : false, + "directAccessGrantsEnabled" : false, + "serviceAccountsEnabled" : false, + "publicClient" : false, + "frontchannelLogout" : false, + "protocol" : "openid-connect", + "attributes" : { }, + "authenticationFlowBindingOverrides" : { }, + "fullScopeAllowed" : false, + "nodeReRegistrationTimeout" : 0, + "defaultClientScopes" : [ "web-origins", "role_list", "profile", "roles", "email" ], + "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] + }, { + "id" : "6cbc559d-073e-40d7-8b73-b2dcdc438461", + "clientId" : "c4po_local", + "surrogateAuthRequired" : false, + "enabled" : true, + "alwaysDisplayInConsole" : false, + "clientAuthenticatorType" : "client-secret", + "secret" : "**********", + "redirectUris" : [ "http://localhost:4200/*" ], + "webOrigins" : [ "*" ], + "notBefore" : 0, + "bearerOnly" : false, + "consentRequired" : false, + "standardFlowEnabled" : true, + "implicitFlowEnabled" : false, + "directAccessGrantsEnabled" : true, + "serviceAccountsEnabled" : false, + "publicClient" : true, + "frontchannelLogout" : false, + "protocol" : "openid-connect", + "attributes" : { + "saml.assertion.signature" : "false", + "saml.force.post.binding" : "false", + "saml.multivalued.roles" : "false", + "saml.encrypt" : "false", + "saml.server.signature" : "false", + "saml.server.signature.keyinfo.ext" : "false", + "exclude.session.state.from.auth.response" : "false", + "saml_force_name_id_format" : "false", + "saml.client.signature" : "false", + "tls.client.certificate.bound.access.tokens" : "false", + "saml.authnstatement" : "false", + "display.on.consent.screen" : "false", + "saml.onetimeuse.condition" : "false" + }, + "authenticationFlowBindingOverrides" : { }, + "fullScopeAllowed" : true, + "nodeReRegistrationTimeout" : -1, + "defaultClientScopes" : [ "web-origins", "role_list", "profile", "roles", "email" ], + "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] + }, { + "id" : "fa74c4e8-a9c0-4fa9-bb21-2ad3535b08ef", + "clientId" : "realm-management", + "name" : "${client_realm-management}", + "surrogateAuthRequired" : false, + "enabled" : true, + "alwaysDisplayInConsole" : false, + "clientAuthenticatorType" : "client-secret", + "secret" : "**********", + "redirectUris" : [ ], + "webOrigins" : [ ], + "notBefore" : 0, + "bearerOnly" : true, + "consentRequired" : false, + "standardFlowEnabled" : true, + "implicitFlowEnabled" : false, + "directAccessGrantsEnabled" : false, + "serviceAccountsEnabled" : false, + "publicClient" : false, + "frontchannelLogout" : false, + "protocol" : "openid-connect", + "attributes" : { }, + "authenticationFlowBindingOverrides" : { }, + "fullScopeAllowed" : false, + "nodeReRegistrationTimeout" : 0, + "defaultClientScopes" : [ "web-origins", "role_list", "profile", "roles", "email" ], + "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] + }, { + "id" : "7e165a51-6cb8-43cf-a4fe-1d0ad513586b", + "clientId" : "security-admin-console", + "name" : "${client_security-admin-console}", + "rootUrl" : "${authAdminUrl}", + "baseUrl" : "/admin/c4po_realm_local/console/", + "surrogateAuthRequired" : false, + "enabled" : true, + "alwaysDisplayInConsole" : false, + "clientAuthenticatorType" : "client-secret", + "secret" : "**********", + "redirectUris" : [ "/admin/c4po_realm_local/console/*" ], + "webOrigins" : [ "+" ], + "notBefore" : 0, + "bearerOnly" : false, + "consentRequired" : false, + "standardFlowEnabled" : true, + "implicitFlowEnabled" : false, + "directAccessGrantsEnabled" : false, + "serviceAccountsEnabled" : false, + "publicClient" : true, + "frontchannelLogout" : false, + "protocol" : "openid-connect", + "attributes" : { + "pkce.code.challenge.method" : "S256" + }, + "authenticationFlowBindingOverrides" : { }, + "fullScopeAllowed" : false, + "nodeReRegistrationTimeout" : 0, + "protocolMappers" : [ { + "id" : "4fd1eab6-f53b-4d37-b65c-bea9845b3e9f", + "name" : "locale", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-attribute-mapper", + "consentRequired" : false, + "config" : { + "userinfo.token.claim" : "true", + "user.attribute" : "locale", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "locale", + "jsonType.label" : "String" + } + } ], + "defaultClientScopes" : [ "web-origins", "role_list", "profile", "roles", "email" ], + "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] + }, { + "id" : "7f731c1c-4fd8-470a-a995-b242fc5b550d", + "clientId" : "security-c4po-angular", + "rootUrl" : "", + "adminUrl" : "", + "baseUrl" : "http://localhost:4200/", + "surrogateAuthRequired" : false, + "enabled" : true, + "alwaysDisplayInConsole" : false, + "clientAuthenticatorType" : "client-secret", + "secret" : "482621c2-e0fe-43b9-bb62-7469158e1966", + "redirectUris" : [ "http://localhost:4200/*" ], + "webOrigins" : [ "*" ], + "notBefore" : 0, + "bearerOnly" : false, + "consentRequired" : false, + "standardFlowEnabled" : true, + "implicitFlowEnabled" : false, + "directAccessGrantsEnabled" : true, + "serviceAccountsEnabled" : false, + "publicClient" : false, + "frontchannelLogout" : false, + "protocol" : "openid-connect", + "attributes" : { + "saml.assertion.signature" : "false", + "saml.force.post.binding" : "false", + "saml.multivalued.roles" : "false", + "saml.encrypt" : "false", + "saml.server.signature" : "false", + "saml.server.signature.keyinfo.ext" : "false", + "exclude.session.state.from.auth.response" : "false", + "saml_force_name_id_format" : "false", + "saml.client.signature" : "false", + "tls.client.certificate.bound.access.tokens" : "false", + "saml.authnstatement" : "false", + "display.on.consent.screen" : "false", + "saml.onetimeuse.condition" : "false" + }, + "authenticationFlowBindingOverrides" : { }, + "fullScopeAllowed" : true, + "nodeReRegistrationTimeout" : -1, + "defaultClientScopes" : [ "web-origins", "role_list", "profile", "roles", "email" ], + "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] + }, { + "id" : "8badc11a-50e4-44ae-a292-47e3759fcaeb", + "clientId" : "security-c4po-api", + "rootUrl" : "", + "adminUrl" : "", + "baseUrl" : "http://localhost:8443/", + "surrogateAuthRequired" : false, + "enabled" : true, + "alwaysDisplayInConsole" : false, + "clientAuthenticatorType" : "client-secret", + "secret" : "0aef07ba-d8b4-405d-9dcb-f3743f966856", + "redirectUris" : [ "http://localhost:8443/*" ], + "webOrigins" : [ "*" ], + "notBefore" : 0, + "bearerOnly" : false, + "consentRequired" : false, + "standardFlowEnabled" : true, + "implicitFlowEnabled" : false, + "directAccessGrantsEnabled" : true, + "serviceAccountsEnabled" : false, + "publicClient" : false, + "frontchannelLogout" : false, + "protocol" : "openid-connect", + "attributes" : { + "saml.assertion.signature" : "false", + "saml.force.post.binding" : "false", + "saml.multivalued.roles" : "false", + "saml.encrypt" : "false", + "saml.server.signature" : "false", + "saml.server.signature.keyinfo.ext" : "false", + "exclude.session.state.from.auth.response" : "false", + "saml_force_name_id_format" : "false", + "saml.client.signature" : "false", + "tls.client.certificate.bound.access.tokens" : "false", + "saml.authnstatement" : "false", + "display.on.consent.screen" : "false", + "saml.onetimeuse.condition" : "false" + }, + "authenticationFlowBindingOverrides" : { }, + "fullScopeAllowed" : true, + "nodeReRegistrationTimeout" : -1, + "defaultClientScopes" : [ "web-origins", "role_list", "profile", "roles", "email" ], + "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] + } ], + "clientScopes" : [ { + "id" : "8d428e56-80df-4505-8e1a-26537e793b31", + "name" : "offline_access", + "description" : "OpenID Connect built-in scope: offline_access", + "protocol" : "openid-connect", + "attributes" : { + "consent.screen.text" : "${offlineAccessScopeConsentText}", + "display.on.consent.screen" : "true" + } + }, { + "id" : "4b171f57-736a-41b4-b67b-585bac1d8d24", + "name" : "role_list", + "description" : "SAML role list", + "protocol" : "saml", + "attributes" : { + "consent.screen.text" : "${samlRoleListScopeConsentText}", + "display.on.consent.screen" : "true" + }, + "protocolMappers" : [ { + "id" : "2b161cf6-2c63-45e8-a698-48f7297cc303", + "name" : "role list", + "protocol" : "saml", + "protocolMapper" : "saml-role-list-mapper", + "consentRequired" : false, + "config" : { + "single" : "false", + "attribute.nameformat" : "Basic", + "attribute.name" : "Role" + } + } ] + }, { + "id" : "ac7d05f9-d505-42e9-9b7c-1984b31e653d", + "name" : "profile", + "description" : "OpenID Connect built-in scope: profile", + "protocol" : "openid-connect", + "attributes" : { + "include.in.token.scope" : "true", + "display.on.consent.screen" : "true", + "consent.screen.text" : "${profileScopeConsentText}" + }, + "protocolMappers" : [ { + "id" : "2be3fbed-d2c8-46eb-94e0-b2efdf20ad60", + "name" : "middle name", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-attribute-mapper", + "consentRequired" : false, + "config" : { + "userinfo.token.claim" : "true", + "user.attribute" : "middleName", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "middle_name", + "jsonType.label" : "String" + } + }, { + "id" : "d3465101-1321-43a7-8f65-8b782c390297", + "name" : "website", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-attribute-mapper", + "consentRequired" : false, + "config" : { + "userinfo.token.claim" : "true", + "user.attribute" : "website", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "website", + "jsonType.label" : "String" + } + }, { + "id" : "68391807-41ec-4ce2-877d-3a808bb1bbe4", + "name" : "locale", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-attribute-mapper", + "consentRequired" : false, + "config" : { + "userinfo.token.claim" : "true", + "user.attribute" : "locale", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "locale", + "jsonType.label" : "String" + } + }, { + "id" : "d8d837e5-e1f8-45af-96b0-7c5607780e0b", + "name" : "nickname", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-attribute-mapper", + "consentRequired" : false, + "config" : { + "userinfo.token.claim" : "true", + "user.attribute" : "nickname", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "nickname", + "jsonType.label" : "String" + } + }, { + "id" : "0667458d-83c3-4cd1-b60a-436a3bb42d2e", + "name" : "birthdate", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-attribute-mapper", + "consentRequired" : false, + "config" : { + "userinfo.token.claim" : "true", + "user.attribute" : "birthdate", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "birthdate", + "jsonType.label" : "String" + } + }, { + "id" : "e8cd5b57-ee69-46eb-afd7-71cc68ca5384", + "name" : "full name", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-full-name-mapper", + "consentRequired" : false, + "config" : { + "id.token.claim" : "true", + "access.token.claim" : "true", + "userinfo.token.claim" : "true" + } + }, { + "id" : "643f5ffd-4c38-4228-808d-2fd9f2a075ba", + "name" : "family name", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-property-mapper", + "consentRequired" : false, + "config" : { + "userinfo.token.claim" : "true", + "user.attribute" : "lastName", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "family_name", + "jsonType.label" : "String" + } + }, { + "id" : "b41a9738-9529-47f8-bd90-461c072212af", + "name" : "username", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-property-mapper", + "consentRequired" : false, + "config" : { + "userinfo.token.claim" : "true", + "user.attribute" : "username", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "preferred_username", + "jsonType.label" : "String" + } + }, { + "id" : "29c5817f-6101-48ff-a1e5-dbb23e3b0534", + "name" : "profile", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-attribute-mapper", + "consentRequired" : false, + "config" : { + "userinfo.token.claim" : "true", + "user.attribute" : "profile", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "profile", + "jsonType.label" : "String" + } + }, { + "id" : "a4a193ec-25bb-4457-8287-ca2abaff5940", + "name" : "zoneinfo", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-attribute-mapper", + "consentRequired" : false, + "config" : { + "userinfo.token.claim" : "true", + "user.attribute" : "zoneinfo", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "zoneinfo", + "jsonType.label" : "String" + } + }, { + "id" : "3c132112-0285-4ef4-9317-2d94c58c9bc6", + "name" : "picture", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-attribute-mapper", + "consentRequired" : false, + "config" : { + "userinfo.token.claim" : "true", + "user.attribute" : "picture", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "picture", + "jsonType.label" : "String" + } + }, { + "id" : "7bbf2f74-db95-47f1-8736-8b0864a01d5a", + "name" : "gender", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-attribute-mapper", + "consentRequired" : false, + "config" : { + "userinfo.token.claim" : "true", + "user.attribute" : "gender", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "gender", + "jsonType.label" : "String" + } + }, { + "id" : "7f92e589-d307-4574-bf84-0f34bdbef9f3", + "name" : "updated at", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-attribute-mapper", + "consentRequired" : false, + "config" : { + "userinfo.token.claim" : "true", + "user.attribute" : "updatedAt", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "updated_at", + "jsonType.label" : "String" + } + }, { + "id" : "efe55944-ab38-4fe2-9452-8499f9d52e80", + "name" : "given name", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-property-mapper", + "consentRequired" : false, + "config" : { + "userinfo.token.claim" : "true", + "user.attribute" : "firstName", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "given_name", + "jsonType.label" : "String" + } + } ] + }, { + "id" : "32f1098d-79a9-4da4-a94a-c873fcc0f6e1", + "name" : "email", + "description" : "OpenID Connect built-in scope: email", + "protocol" : "openid-connect", + "attributes" : { + "include.in.token.scope" : "true", + "display.on.consent.screen" : "true", + "consent.screen.text" : "${emailScopeConsentText}" + }, + "protocolMappers" : [ { + "id" : "92afef33-2843-40bc-aba1-58d462fa81cc", + "name" : "email verified", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-property-mapper", + "consentRequired" : false, + "config" : { + "userinfo.token.claim" : "true", + "user.attribute" : "emailVerified", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "email_verified", + "jsonType.label" : "boolean" + } + }, { + "id" : "4b4d33d1-ed47-40db-a05f-4253c25dbbff", + "name" : "email", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-property-mapper", + "consentRequired" : false, + "config" : { + "userinfo.token.claim" : "true", + "user.attribute" : "email", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "email", + "jsonType.label" : "String" + } + } ] + }, { + "id" : "412cfb80-d33e-44da-a0e2-b0bde0423c00", + "name" : "address", + "description" : "OpenID Connect built-in scope: address", + "protocol" : "openid-connect", + "attributes" : { + "include.in.token.scope" : "true", + "display.on.consent.screen" : "true", + "consent.screen.text" : "${addressScopeConsentText}" + }, + "protocolMappers" : [ { + "id" : "261a490f-073d-4975-af5b-e2d9e21ea768", + "name" : "address", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-address-mapper", + "consentRequired" : false, + "config" : { + "user.attribute.formatted" : "formatted", + "user.attribute.country" : "country", + "user.attribute.postal_code" : "postal_code", + "userinfo.token.claim" : "true", + "user.attribute.street" : "street", + "id.token.claim" : "true", + "user.attribute.region" : "region", + "access.token.claim" : "true", + "user.attribute.locality" : "locality" + } + } ] + }, { + "id" : "faf5c077-e43d-4433-9f5d-ddfc10f31385", + "name" : "phone", + "description" : "OpenID Connect built-in scope: phone", + "protocol" : "openid-connect", + "attributes" : { + "include.in.token.scope" : "true", + "display.on.consent.screen" : "true", + "consent.screen.text" : "${phoneScopeConsentText}" + }, + "protocolMappers" : [ { + "id" : "57383851-63a0-4599-8074-ecaddfbf5164", + "name" : "phone number verified", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-attribute-mapper", + "consentRequired" : false, + "config" : { + "userinfo.token.claim" : "true", + "user.attribute" : "phoneNumberVerified", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "phone_number_verified", + "jsonType.label" : "boolean" + } + }, { + "id" : "8992684a-ea4f-490c-8cd4-6af77ab77b64", + "name" : "phone number", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-attribute-mapper", + "consentRequired" : false, + "config" : { + "userinfo.token.claim" : "true", + "user.attribute" : "phoneNumber", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "phone_number", + "jsonType.label" : "String" + } + } ] + }, { + "id" : "21ac5f31-d742-40c7-89a1-cd7f35036450", + "name" : "roles", + "description" : "OpenID Connect scope for add user roles to the access token", + "protocol" : "openid-connect", + "attributes" : { + "include.in.token.scope" : "false", + "display.on.consent.screen" : "true", + "consent.screen.text" : "${rolesScopeConsentText}" + }, + "protocolMappers" : [ { + "id" : "c9ab2a7d-062d-419f-90d4-7682c854857e", + "name" : "realm roles", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-realm-role-mapper", + "consentRequired" : false, + "config" : { + "user.attribute" : "foo", + "access.token.claim" : "true", + "claim.name" : "realm_access.roles", + "jsonType.label" : "String", + "multivalued" : "true" + } + }, { + "id" : "46b6c2ed-6b50-4205-a7c2-d2fd2c93353c", + "name" : "client roles", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-client-role-mapper", + "consentRequired" : false, + "config" : { + "user.attribute" : "foo", + "access.token.claim" : "true", + "claim.name" : "resource_access.${client_id}.roles", + "jsonType.label" : "String", + "multivalued" : "true" + } + }, { + "id" : "60e36e8d-7456-4581-9c35-068942b61a40", + "name" : "audience resolve", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-audience-resolve-mapper", + "consentRequired" : false, + "config" : { } + } ] + }, { + "id" : "cd5f153a-ff23-43d5-81a0-6c8dc6f39a4e", + "name" : "web-origins", + "description" : "OpenID Connect scope for add allowed web origins to the access token", + "protocol" : "openid-connect", + "attributes" : { + "include.in.token.scope" : "false", + "display.on.consent.screen" : "false", + "consent.screen.text" : "" + }, + "protocolMappers" : [ { + "id" : "9a8031f8-997b-4899-ba60-05868f8e4b18", + "name" : "allowed web origins", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-allowed-origins-mapper", + "consentRequired" : false, + "config" : { } + } ] + }, { + "id" : "b18623a4-3595-4993-b2bd-79e94778d28b", + "name" : "microprofile-jwt", + "description" : "Microprofile - JWT built-in scope", + "protocol" : "openid-connect", + "attributes" : { + "include.in.token.scope" : "true", + "display.on.consent.screen" : "false" + }, + "protocolMappers" : [ { + "id" : "a59540b9-81a8-4ca8-b0ff-bff6ceb049c2", + "name" : "upn", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-property-mapper", + "consentRequired" : false, + "config" : { + "userinfo.token.claim" : "true", + "user.attribute" : "username", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "upn", + "jsonType.label" : "String" + } + }, { + "id" : "0eee48de-8c6f-4167-8958-fb4d3ef973cc", + "name" : "groups", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-realm-role-mapper", + "consentRequired" : false, + "config" : { + "multivalued" : "true", + "userinfo.token.claim" : "true", + "user.attribute" : "foo", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "groups", + "jsonType.label" : "String" + } + } ] + } ], + "defaultDefaultClientScopes" : [ "role_list", "profile", "email", "roles", "web-origins" ], + "defaultOptionalClientScopes" : [ "offline_access", "address", "phone", "microprofile-jwt" ], + "browserSecurityHeaders" : { + "contentSecurityPolicyReportOnly" : "", + "xContentTypeOptions" : "nosniff", + "xRobotsTag" : "none", + "xFrameOptions" : "SAMEORIGIN", + "contentSecurityPolicy" : "frame-src 'self'; frame-ancestors 'self'; object-src 'none';", + "xXSSProtection" : "1; mode=block", + "strictTransportSecurity" : "max-age=31536000; includeSubDomains" + }, + "smtpServer" : { }, + "eventsEnabled" : false, + "eventsListeners" : [ "jboss-logging" ], + "enabledEventTypes" : [ ], + "adminEventsEnabled" : false, + "adminEventsDetailsEnabled" : false, + "components" : { + "org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy" : [ { + "id" : "56f53138-a448-42f5-ba77-b026b1b179d0", + "name" : "Allowed Client Scopes", + "providerId" : "allowed-client-templates", + "subType" : "anonymous", + "subComponents" : { }, + "config" : { + "allow-default-scopes" : [ "true" ] + } + }, { + "id" : "46301b5f-58b3-48f2-8844-e82f1b5b5ad3", + "name" : "Max Clients Limit", + "providerId" : "max-clients", + "subType" : "anonymous", + "subComponents" : { }, + "config" : { + "max-clients" : [ "200" ] + } + }, { + "id" : "898437e1-5717-4010-9306-6c3582ca5b09", + "name" : "Allowed Protocol Mapper Types", + "providerId" : "allowed-protocol-mappers", + "subType" : "anonymous", + "subComponents" : { }, + "config" : { + "allowed-protocol-mapper-types" : [ "saml-role-list-mapper", "oidc-full-name-mapper", "saml-user-attribute-mapper", "oidc-usermodel-attribute-mapper", "oidc-usermodel-property-mapper", "oidc-address-mapper", "oidc-sha256-pairwise-sub-mapper", "saml-user-property-mapper" ] + } + }, { + "id" : "cc2d0cd7-3d3f-4b0a-ad95-7118f36bf188", + "name" : "Full Scope Disabled", + "providerId" : "scope", + "subType" : "anonymous", + "subComponents" : { }, + "config" : { } + }, { + "id" : "e1ded6a4-e0af-4c3a-bc5d-a142701302c4", + "name" : "Consent Required", + "providerId" : "consent-required", + "subType" : "anonymous", + "subComponents" : { }, + "config" : { } + }, { + "id" : "12513189-c247-4869-8a24-ba7f694e8668", + "name" : "Allowed Client Scopes", + "providerId" : "allowed-client-templates", + "subType" : "authenticated", + "subComponents" : { }, + "config" : { + "allow-default-scopes" : [ "true" ] + } + }, { + "id" : "7511759b-c33d-4bb4-bd46-724599ea2efb", + "name" : "Allowed Protocol Mapper Types", + "providerId" : "allowed-protocol-mappers", + "subType" : "authenticated", + "subComponents" : { }, + "config" : { + "allowed-protocol-mapper-types" : [ "saml-user-attribute-mapper", "saml-role-list-mapper", "saml-user-property-mapper", "oidc-address-mapper", "oidc-sha256-pairwise-sub-mapper", "oidc-full-name-mapper", "oidc-usermodel-attribute-mapper", "oidc-usermodel-property-mapper" ] + } + }, { + "id" : "92230e65-7480-44c3-af2d-72ddee758cbc", + "name" : "Trusted Hosts", + "providerId" : "trusted-hosts", + "subType" : "anonymous", + "subComponents" : { }, + "config" : { + "host-sending-registration-request-must-match" : [ "true" ], + "client-uris-must-match" : [ "true" ] + } + } ], + "org.keycloak.keys.KeyProvider" : [ { + "id" : "ea025a18-d77a-4bbc-8e3a-c6b55ccf4b3f", + "name" : "hmac-generated", + "providerId" : "hmac-generated", + "subComponents" : { }, + "config" : { + "kid" : [ "ddd6d915-c898-4e32-b9de-f1469a2dfb6a" ], + "secret" : [ "GegBlWTwur6eFVW_fdHBsmbWZmpkLcZrhZS028OOUG3bErTFFxgjqHfH-cZ8au5uOFyquTYB1_IrzKNQB1HyMg" ], + "priority" : [ "100" ], + "algorithm" : [ "HS256" ] + } + }, { + "id" : "d54e6431-5a1c-4783-a9ca-dbbedd0b0f20", + "name" : "aes-generated", + "providerId" : "aes-generated", + "subComponents" : { }, + "config" : { + "kid" : [ "40b8e0ac-9300-4736-9668-713676911d5e" ], + "secret" : [ "kJGFh7LGYAI2ged6rJQVDQ" ], + "priority" : [ "100" ] + } + }, { + "id" : "38c2dd59-c891-4558-8102-c26ada370abd", + "name" : "rsa-generated", + "providerId" : "rsa-generated", + "subComponents" : { }, + "config" : { + "privateKey" : [ "MIIEpAIBAAKCAQEA5l/1wCtrIxaD7HW7/Qlmb4DtH1KdHzXc3J24pyLO914lvwfZBaRz4mcY9nia9/R+oCr62/EjIxVa4/SfA+O7ZUgi2TMJtwtUX3CKRlm+ktK51wnJ1TNN38zYEB9fFKuElP3Sqva+nLlmVTMyqXkDzLLhFJnc1Szu8tWXJKyrim4Oo/iAfvbmTisldgJ1YH/wcqfH08jgVhySDSXde6HejThhuDsM4FqeaPANBztpxDwYDo7sj9mD8UE9NvyzXr2o0NV+JvZv2H0RHth3KUf8iJta5tjo+wY4vQAPvkfOOdwn+XEsWIhZwKGMPeYeqETT6kKQX//UbNc+5YT513U1PQIDAQABAoIBAQCTXRrUfHGiFkr5PS6tZA/0j6IfATekuU24ieOOdkOyFLVMh3aZl2LRlmVvdCKdLfa5+gRSIOP7EzP60YXOdSRwWz5/dZhnUIX+Lv0kl0/Cl61tEsPa72CHIn+rgIXPsQ+0RtE1r3SqyCXfpkpoAhMeI+a6yNlsO7v19g8i1Jk+iIUiQxtsCGGUt+FsTao1cXq/i7F7NCS9PUD5aAVyURI5IEJ5+YXJZN68y0EBf8B2kWToMVEgLM5BJZraH+APuDbndmRFmNqe8w6X1PAYBAzubuAHrNfda/PC6whuSsupI9oRugU4LFIPdBVZLyL833xYQgAA7OaEF4KzK/E00f75AoGBAP7sm2AWtgQ6f0QPQfcS6zJJNwrfU86ay1NDoVL3eYY9rz9FXtAfUq/+Wo6nTnez1YSJjhnLeTpngquTlSlqlJdHqoAgPaOtAnZltVZ21hU3/9KHfF3Bi5X8T0nvoJ8FZTiOCRKKNGr9FEVdYOG+avtF6+TaEQyeW2q7PDkwkSPfAoGBAOdY1RxPEjTvuBrgGGBJ3sDd75okVc3OTxHsmZ2j1dqftk0euU8kNcQ40L2rwJ/OdnThFsyHfnN9lLoEQzc/rDWm74pOgQGqJ+AQZzEt0kWV1TmOwWQEx8dvipxMgI3xWzQ4BnzK3LTWl19LrP2f9V4F/iv//EqqHN3btojIxmpjAoGAT0wGYPNvlw0jPWaJnHOUGcZQit9BUIkyKiplakt0z98sPkAz6AV2USyLusgsTmvwRRQM0dVLVnGQYhK8WW+/3Pb8AHMG+Xz9wRqON+ErYtpSh4iBlSB5bSRY/aS+j/i7rcXw6IV5HLawsYsEcfQrjxIG+N8kYop34VFwwFFtNH0CgYBC4Tlqn6lByHNOwa4KWBCfbQmRZCOyBYxyQBYArpZqR3WqQdGMgYlRmqMt0fMzv7oa+99dbWYu+QT/6a+Mz0l3kTT6pMtCsfApJFTQsNBy8Wfc5doekgs3KpXFrZAUeMvHAtNNTFAVr1u/Xt85yv5iGhVqnuxOoXMK6DOSw4goxQKBgQDvTnYvpyRlHvTFHgutWocGWZA/k9XwwZJJaferWYD79EZkZHG7vkNp1JyxiuL2nuCidQp6psuOl5HeauhPHzFmpnq014Ju49t8CklKbiQt51T8Ir0S3nXs6F3e31c2t9fgMwLDfrNW1713wwHntDCWcQjU2aTDpLk9MY+ZaBaQhg==" ], + "certificate" : [ "MIICrzCCAZcCBgF4ra3edDANBgkqhkiG9w0BAQsFADAbMRkwFwYDVQQDDBBjNHBvX3JlYWxtX2xvY2FsMB4XDTIxMDQwNzE4NTA1NloXDTMxMDQwNzE4NTIzNlowGzEZMBcGA1UEAwwQYzRwb19yZWFsbV9sb2NhbDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOZf9cArayMWg+x1u/0JZm+A7R9SnR813NyduKcizvdeJb8H2QWkc+JnGPZ4mvf0fqAq+tvxIyMVWuP0nwPju2VIItkzCbcLVF9wikZZvpLSudcJydUzTd/M2BAfXxSrhJT90qr2vpy5ZlUzMql5A8yy4RSZ3NUs7vLVlySsq4puDqP4gH725k4rJXYCdWB/8HKnx9PI4FYckg0l3Xuh3o04Ybg7DOBanmjwDQc7acQ8GA6O7I/Zg/FBPTb8s169qNDVfib2b9h9ER7YdylH/IibWubY6PsGOL0AD75HzjncJ/lxLFiIWcChjD3mHqhE0+pCkF//1GzXPuWE+dd1NT0CAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAgat1JOdb/cvKGc2rFRH4XuiP7mUrzJo+gCQNbikXEFZQHYeKUci3n9QIeFGUCwALgQdgWeeQG4wR1Hu95FkGFk9uMlt2w5lh5eCuTHX1fW6UMiUL4Cw1kgfyW6Lw8Ffk58qW6BAM76yTKgyYc6o8Hhvgw5X/sqxz4IXWgSB2+Zj8AjdaeThsOtnefpXChSSrGnoJwZqXLc1rLWvqtqiIVtJau0CO4qZ7VXiSHwJvZpF7+vLMWig9zEVnvNX38HGWcfGCymGRxjVP8mjC/GE1WG9jLU55otvE3Fll6/XXhndXh6imRzgvG41qdlvOz/gQgtcI5LBw8YCZ5EJQay93oQ==" ], + "priority" : [ "100" ] + } + } ] + }, + "internationalizationEnabled" : false, + "supportedLocales" : [ ], + "authenticationFlows" : [ { + "id" : "fa5fc78f-19a9-4737-868b-618163f28c79", + "alias" : "Account verification options", + "description" : "Method with which to verity the existing account", + "providerId" : "basic-flow", + "topLevel" : false, + "builtIn" : true, + "authenticationExecutions" : [ { + "authenticator" : "idp-email-verification", + "requirement" : "ALTERNATIVE", + "priority" : 10, + "userSetupAllowed" : false, + "autheticatorFlow" : false + }, { + "requirement" : "ALTERNATIVE", + "priority" : 20, + "flowAlias" : "Verify Existing Account by Re-authentication", + "userSetupAllowed" : false, + "autheticatorFlow" : true + } ] + }, { + "id" : "01735b0f-139f-46e5-bb63-f797a27efa77", + "alias" : "Authentication Options", + "description" : "Authentication options.", + "providerId" : "basic-flow", + "topLevel" : false, + "builtIn" : true, + "authenticationExecutions" : [ { + "authenticator" : "basic-auth", + "requirement" : "REQUIRED", + "priority" : 10, + "userSetupAllowed" : false, + "autheticatorFlow" : false + }, { + "authenticator" : "basic-auth-otp", + "requirement" : "DISABLED", + "priority" : 20, + "userSetupAllowed" : false, + "autheticatorFlow" : false + }, { + "authenticator" : "auth-spnego", + "requirement" : "DISABLED", + "priority" : 30, + "userSetupAllowed" : false, + "autheticatorFlow" : false + } ] + }, { + "id" : "a7666cf0-626c-48c4-9e71-e408832de725", + "alias" : "Browser - Conditional OTP", + "description" : "Flow to determine if the OTP is required for the authentication", + "providerId" : "basic-flow", + "topLevel" : false, + "builtIn" : true, + "authenticationExecutions" : [ { + "authenticator" : "conditional-user-configured", + "requirement" : "REQUIRED", + "priority" : 10, + "userSetupAllowed" : false, + "autheticatorFlow" : false + }, { + "authenticator" : "auth-otp-form", + "requirement" : "REQUIRED", + "priority" : 20, + "userSetupAllowed" : false, + "autheticatorFlow" : false + } ] + }, { + "id" : "1dfabb7a-efdd-4964-bba5-389cad79b654", + "alias" : "Direct Grant - Conditional OTP", + "description" : "Flow to determine if the OTP is required for the authentication", + "providerId" : "basic-flow", + "topLevel" : false, + "builtIn" : true, + "authenticationExecutions" : [ { + "authenticator" : "conditional-user-configured", + "requirement" : "REQUIRED", + "priority" : 10, + "userSetupAllowed" : false, + "autheticatorFlow" : false + }, { + "authenticator" : "direct-grant-validate-otp", + "requirement" : "REQUIRED", + "priority" : 20, + "userSetupAllowed" : false, + "autheticatorFlow" : false + } ] + }, { + "id" : "c3b2bf2b-3da8-430d-a9b7-8793c3dc30a3", + "alias" : "First broker login - Conditional OTP", + "description" : "Flow to determine if the OTP is required for the authentication", + "providerId" : "basic-flow", + "topLevel" : false, + "builtIn" : true, + "authenticationExecutions" : [ { + "authenticator" : "conditional-user-configured", + "requirement" : "REQUIRED", + "priority" : 10, + "userSetupAllowed" : false, + "autheticatorFlow" : false + }, { + "authenticator" : "auth-otp-form", + "requirement" : "REQUIRED", + "priority" : 20, + "userSetupAllowed" : false, + "autheticatorFlow" : false + } ] + }, { + "id" : "44343bdf-8592-4242-835f-e349943a110b", + "alias" : "Handle Existing Account", + "description" : "Handle what to do if there is existing account with same email/username like authenticated identity provider", + "providerId" : "basic-flow", + "topLevel" : false, + "builtIn" : true, + "authenticationExecutions" : [ { + "authenticator" : "idp-confirm-link", + "requirement" : "REQUIRED", + "priority" : 10, + "userSetupAllowed" : false, + "autheticatorFlow" : false + }, { + "requirement" : "REQUIRED", + "priority" : 20, + "flowAlias" : "Account verification options", + "userSetupAllowed" : false, + "autheticatorFlow" : true + } ] + }, { + "id" : "e72b8fcb-cd8b-4e7a-a057-3446b806b538", + "alias" : "Reset - Conditional OTP", + "description" : "Flow to determine if the OTP should be reset or not. Set to REQUIRED to force.", + "providerId" : "basic-flow", + "topLevel" : false, + "builtIn" : true, + "authenticationExecutions" : [ { + "authenticator" : "conditional-user-configured", + "requirement" : "REQUIRED", + "priority" : 10, + "userSetupAllowed" : false, + "autheticatorFlow" : false + }, { + "authenticator" : "reset-otp", + "requirement" : "REQUIRED", + "priority" : 20, + "userSetupAllowed" : false, + "autheticatorFlow" : false + } ] + }, { + "id" : "2416145b-4d20-493c-bdf7-419898c002ee", + "alias" : "User creation or linking", + "description" : "Flow for the existing/non-existing user alternatives", + "providerId" : "basic-flow", + "topLevel" : false, + "builtIn" : true, + "authenticationExecutions" : [ { + "authenticatorConfig" : "create unique user config", + "authenticator" : "idp-create-user-if-unique", + "requirement" : "ALTERNATIVE", + "priority" : 10, + "userSetupAllowed" : false, + "autheticatorFlow" : false + }, { + "requirement" : "ALTERNATIVE", + "priority" : 20, + "flowAlias" : "Handle Existing Account", + "userSetupAllowed" : false, + "autheticatorFlow" : true + } ] + }, { + "id" : "b7ff8aad-2daa-4736-8815-f3e8f0df391e", + "alias" : "Verify Existing Account by Re-authentication", + "description" : "Reauthentication of existing account", + "providerId" : "basic-flow", + "topLevel" : false, + "builtIn" : true, + "authenticationExecutions" : [ { + "authenticator" : "idp-username-password-form", + "requirement" : "REQUIRED", + "priority" : 10, + "userSetupAllowed" : false, + "autheticatorFlow" : false + }, { + "requirement" : "CONDITIONAL", + "priority" : 20, + "flowAlias" : "First broker login - Conditional OTP", + "userSetupAllowed" : false, + "autheticatorFlow" : true + } ] + }, { + "id" : "8339d3ba-2d0a-4d23-bbfa-a78e4973d3c9", + "alias" : "browser", + "description" : "browser based authentication", + "providerId" : "basic-flow", + "topLevel" : true, + "builtIn" : true, + "authenticationExecutions" : [ { + "authenticator" : "auth-cookie", + "requirement" : "ALTERNATIVE", + "priority" : 10, + "userSetupAllowed" : false, + "autheticatorFlow" : false + }, { + "authenticator" : "auth-spnego", + "requirement" : "DISABLED", + "priority" : 20, + "userSetupAllowed" : false, + "autheticatorFlow" : false + }, { + "authenticator" : "identity-provider-redirector", + "requirement" : "ALTERNATIVE", + "priority" : 25, + "userSetupAllowed" : false, + "autheticatorFlow" : false + }, { + "requirement" : "ALTERNATIVE", + "priority" : 30, + "flowAlias" : "forms", + "userSetupAllowed" : false, + "autheticatorFlow" : true + } ] + }, { + "id" : "5ece002a-4e62-4d0d-8705-4b116164b424", + "alias" : "clients", + "description" : "Base authentication for clients", + "providerId" : "client-flow", + "topLevel" : true, + "builtIn" : true, + "authenticationExecutions" : [ { + "authenticator" : "client-secret", + "requirement" : "ALTERNATIVE", + "priority" : 10, + "userSetupAllowed" : false, + "autheticatorFlow" : false + }, { + "authenticator" : "client-jwt", + "requirement" : "ALTERNATIVE", + "priority" : 20, + "userSetupAllowed" : false, + "autheticatorFlow" : false + }, { + "authenticator" : "client-secret-jwt", + "requirement" : "ALTERNATIVE", + "priority" : 30, + "userSetupAllowed" : false, + "autheticatorFlow" : false + }, { + "authenticator" : "client-x509", + "requirement" : "ALTERNATIVE", + "priority" : 40, + "userSetupAllowed" : false, + "autheticatorFlow" : false + } ] + }, { + "id" : "bd27b0dc-bc87-40b7-a626-491b9955668d", + "alias" : "direct grant", + "description" : "OpenID Connect Resource Owner Grant", + "providerId" : "basic-flow", + "topLevel" : true, + "builtIn" : true, + "authenticationExecutions" : [ { + "authenticator" : "direct-grant-validate-username", + "requirement" : "REQUIRED", + "priority" : 10, + "userSetupAllowed" : false, + "autheticatorFlow" : false + }, { + "authenticator" : "direct-grant-validate-password", + "requirement" : "REQUIRED", + "priority" : 20, + "userSetupAllowed" : false, + "autheticatorFlow" : false + }, { + "requirement" : "CONDITIONAL", + "priority" : 30, + "flowAlias" : "Direct Grant - Conditional OTP", + "userSetupAllowed" : false, + "autheticatorFlow" : true + } ] + }, { + "id" : "2db79d60-7c9d-4516-80f0-0c5d60349899", + "alias" : "docker auth", + "description" : "Used by Docker clients to authenticate against the IDP", + "providerId" : "basic-flow", + "topLevel" : true, + "builtIn" : true, + "authenticationExecutions" : [ { + "authenticator" : "docker-http-basic-authenticator", + "requirement" : "REQUIRED", + "priority" : 10, + "userSetupAllowed" : false, + "autheticatorFlow" : false + } ] + }, { + "id" : "25a92fbe-7d4d-46bc-a751-29ef844290a3", + "alias" : "first broker login", + "description" : "Actions taken after first broker login with identity provider account, which is not yet linked to any Keycloak account", + "providerId" : "basic-flow", + "topLevel" : true, + "builtIn" : true, + "authenticationExecutions" : [ { + "authenticatorConfig" : "review profile config", + "authenticator" : "idp-review-profile", + "requirement" : "REQUIRED", + "priority" : 10, + "userSetupAllowed" : false, + "autheticatorFlow" : false + }, { + "requirement" : "REQUIRED", + "priority" : 20, + "flowAlias" : "User creation or linking", + "userSetupAllowed" : false, + "autheticatorFlow" : true + } ] + }, { + "id" : "26f6a5db-9be8-446c-82d0-6f4e29b5f08d", + "alias" : "forms", + "description" : "Username, password, otp and other auth forms.", + "providerId" : "basic-flow", + "topLevel" : false, + "builtIn" : true, + "authenticationExecutions" : [ { + "authenticator" : "auth-username-password-form", + "requirement" : "REQUIRED", + "priority" : 10, + "userSetupAllowed" : false, + "autheticatorFlow" : false + }, { + "requirement" : "CONDITIONAL", + "priority" : 20, + "flowAlias" : "Browser - Conditional OTP", + "userSetupAllowed" : false, + "autheticatorFlow" : true + } ] + }, { + "id" : "05a94701-ad98-4bbc-a162-746a107afba5", + "alias" : "http challenge", + "description" : "An authentication flow based on challenge-response HTTP Authentication Schemes", + "providerId" : "basic-flow", + "topLevel" : true, + "builtIn" : true, + "authenticationExecutions" : [ { + "authenticator" : "no-cookie-redirect", + "requirement" : "REQUIRED", + "priority" : 10, + "userSetupAllowed" : false, + "autheticatorFlow" : false + }, { + "requirement" : "REQUIRED", + "priority" : 20, + "flowAlias" : "Authentication Options", + "userSetupAllowed" : false, + "autheticatorFlow" : true + } ] + }, { + "id" : "75347884-d4cb-4eba-9b89-63566d509b92", + "alias" : "registration", + "description" : "registration flow", + "providerId" : "basic-flow", + "topLevel" : true, + "builtIn" : true, + "authenticationExecutions" : [ { + "authenticator" : "registration-page-form", + "requirement" : "REQUIRED", + "priority" : 10, + "flowAlias" : "registration form", + "userSetupAllowed" : false, + "autheticatorFlow" : true + } ] + }, { + "id" : "74e3a2d3-ecda-400d-8bff-0926dc272e4b", + "alias" : "registration form", + "description" : "registration form", + "providerId" : "form-flow", + "topLevel" : false, + "builtIn" : true, + "authenticationExecutions" : [ { + "authenticator" : "registration-user-creation", + "requirement" : "REQUIRED", + "priority" : 20, + "userSetupAllowed" : false, + "autheticatorFlow" : false + }, { + "authenticator" : "registration-profile-action", + "requirement" : "REQUIRED", + "priority" : 40, + "userSetupAllowed" : false, + "autheticatorFlow" : false + }, { + "authenticator" : "registration-password-action", + "requirement" : "REQUIRED", + "priority" : 50, + "userSetupAllowed" : false, + "autheticatorFlow" : false + }, { + "authenticator" : "registration-recaptcha-action", + "requirement" : "DISABLED", + "priority" : 60, + "userSetupAllowed" : false, + "autheticatorFlow" : false + } ] + }, { + "id" : "6eae8652-baf7-4a7d-80a4-1711906caec7", + "alias" : "reset credentials", + "description" : "Reset credentials for a user if they forgot their password or something", + "providerId" : "basic-flow", + "topLevel" : true, + "builtIn" : true, + "authenticationExecutions" : [ { + "authenticator" : "reset-credentials-choose-user", + "requirement" : "REQUIRED", + "priority" : 10, + "userSetupAllowed" : false, + "autheticatorFlow" : false + }, { + "authenticator" : "reset-credential-email", + "requirement" : "REQUIRED", + "priority" : 20, + "userSetupAllowed" : false, + "autheticatorFlow" : false + }, { + "authenticator" : "reset-password", + "requirement" : "REQUIRED", + "priority" : 30, + "userSetupAllowed" : false, + "autheticatorFlow" : false + }, { + "requirement" : "CONDITIONAL", + "priority" : 40, + "flowAlias" : "Reset - Conditional OTP", + "userSetupAllowed" : false, + "autheticatorFlow" : true + } ] + }, { + "id" : "6135710b-b019-4117-ba32-578d3d496b2a", + "alias" : "saml ecp", + "description" : "SAML ECP Profile Authentication Flow", + "providerId" : "basic-flow", + "topLevel" : true, + "builtIn" : true, + "authenticationExecutions" : [ { + "authenticator" : "http-basic-authenticator", + "requirement" : "REQUIRED", + "priority" : 10, + "userSetupAllowed" : false, + "autheticatorFlow" : false + } ] + } ], + "authenticatorConfig" : [ { + "id" : "3d3735a0-1362-4f0d-9306-bfc727da1b5b", + "alias" : "create unique user config", + "config" : { + "require.password.update.after.registration" : "false" + } + }, { + "id" : "c1f4a15f-8234-4f0f-affa-baf610b001e1", + "alias" : "review profile config", + "config" : { + "update.profile.on.first.login" : "missing" + } + } ], + "requiredActions" : [ { + "alias" : "CONFIGURE_TOTP", + "name" : "Configure OTP", + "providerId" : "CONFIGURE_TOTP", + "enabled" : true, + "defaultAction" : false, + "priority" : 10, + "config" : { } + }, { + "alias" : "terms_and_conditions", + "name" : "Terms and Conditions", + "providerId" : "terms_and_conditions", + "enabled" : false, + "defaultAction" : false, + "priority" : 20, + "config" : { } + }, { + "alias" : "UPDATE_PASSWORD", + "name" : "Update Password", + "providerId" : "UPDATE_PASSWORD", + "enabled" : true, + "defaultAction" : false, + "priority" : 30, + "config" : { } + }, { + "alias" : "UPDATE_PROFILE", + "name" : "Update Profile", + "providerId" : "UPDATE_PROFILE", + "enabled" : true, + "defaultAction" : false, + "priority" : 40, + "config" : { } + }, { + "alias" : "VERIFY_EMAIL", + "name" : "Verify Email", + "providerId" : "VERIFY_EMAIL", + "enabled" : true, + "defaultAction" : false, + "priority" : 50, + "config" : { } + }, { + "alias" : "update_user_locale", + "name" : "Update User Locale", + "providerId" : "update_user_locale", + "enabled" : true, + "defaultAction" : false, + "priority" : 1000, + "config" : { } + } ], + "browserFlow" : "browser", + "registrationFlow" : "registration", + "directGrantFlow" : "direct grant", + "resetCredentialsFlow" : "reset credentials", + "clientAuthenticationFlow" : "clients", + "dockerAuthenticationFlow" : "docker auth", + "attributes" : { + "clientOfflineSessionMaxLifespan" : "0", + "clientSessionIdleTimeout" : "0", + "clientSessionMaxLifespan" : "0", + "clientOfflineSessionIdleTimeout" : "0" + }, + "keycloakVersion" : "11.0.3", + "userManagedAccessAllowed" : false +} \ No newline at end of file diff --git a/security-c4po-api/src/test/resources/script_local b/security-c4po-api/src/test/resources/script_local new file mode 100644 index 0000000..f6c82e4 --- /dev/null +++ b/security-c4po-api/src/test/resources/script_local @@ -0,0 +1,28 @@ +#!/usr/bin/env bash +cd keycloak/bin +sleep 20 +./kcadm.sh config credentials --server http://localhost:8888/auth --realm master --user admin --password admin + +USERID=$(./kcadm.sh create users -r c4po_realm_local -s username=test_admin \ +-s email=Troy.Stewart@heros.com \ +-s firstName=test \ +-s lastName=admin \ +-s attributes.lang="de-DE" \ +-s attributes.datenumberformat="en-US" \ +-o --fields id | jq '.id' | tr -d '"') + +./kcadm.sh update users/$USERID/reset-password -r c4po_realm_test -s type=password -s value=test -s temporary=false -n +./kcadm.sh add-roles --uusername test_admin --rolename c4po_admin -r c4po_realm_test +./kcadm.sh add-roles -r c4po_realm_test --uusername test_admin --cclientid realm-management --rolename create-client --rolename view-users + +USERID=$(./kcadm.sh create users -r c4po_realm_local -s username=test_user \ +-s email=Troy.Stewart@heros.com \ +-s firstName=test \ +-s lastName=user \ +-s attributes.lang="de-DE" \ +-s attributes.datenumberformat="en-US" \ +-o --fields id | jq '.id' | tr -d '"') + +./kcadm.sh update users/$USERID/reset-password -r c4po_realm_test -s type=password -s value=test -s temporary=false -n +./kcadm.sh add-roles --uusername test_user --rolename c4po_user -r c4po_realm_test +./kcadm.sh add-roles -r c4po_realm_test --uusername test_user --cclientid realm-management --rolename create-client --rolename view-users \ No newline at end of file diff --git a/security-c4po-cfg/backend/docker-compose.backend.yml b/security-c4po-cfg/backend/docker-compose.backend.yml index 005e749..00983fc 100644 --- a/security-c4po-cfg/backend/docker-compose.backend.yml +++ b/security-c4po-cfg/backend/docker-compose.backend.yml @@ -4,13 +4,18 @@ services: c4po-api: build: '../../security-c4po-api' image: security-c4po-api:latest - container_name: security-c4po-api + container_name: c4po-api + environment: + - SPRING_PROFILES_ACTIVE=COMPOSE + depends_on: + - c4po-db + - c4po-keycloak + links: + - c4po-db + - c4po-keycloak deploy: resources: limits: memory: "1G" ports: - - '8443:8443' - -networks: - c4po: + - 8443:8443 diff --git a/security-c4po-cfg/cfg/c4po_realm_export.json b/security-c4po-cfg/cfg/c4po_realm_export.json index d948248..63addac 100644 --- a/security-c4po-cfg/cfg/c4po_realm_export.json +++ b/security-c4po-cfg/cfg/c4po_realm_export.json @@ -1,6 +1,8 @@ { "id" : "c4po_realm_local", "realm" : "c4po_realm_local", + "displayName" : "C4PO", + "displayNameHtml" : "
C4PO
", "notBefore" : 0, "revokeRefreshToken" : false, "refreshTokenMaxReuse" : 0, @@ -380,7 +382,7 @@ } ], "disableableCredentialTypes" : [ ], "requiredActions" : [ ], - "realmRoles" : [ "uma_authorization", "c4po_user", "offline_access", "c4po_admin" ], + "realmRoles" : [ "uma_authorization", "c4po_user", "c4po_admin" ], "clientRoles" : { "c4po_local" : [ "user" ], "account" : [ "view-profile", "manage-account" ] @@ -659,8 +661,8 @@ "protocol" : "openid-connect", "attributes" : { "saml.assertion.signature" : "false", - "saml.multivalued.roles" : "false", "saml.force.post.binding" : "false", + "saml.multivalued.roles" : "false", "saml.encrypt" : "false", "saml.server.signature" : "false", "saml.server.signature.keyinfo.ext" : "false", @@ -680,7 +682,7 @@ }, { "id" : "8badc11a-50e4-44ae-a292-47e3759fcaeb", "clientId" : "security-c4po-api", - "rootUrl" : "http://localhost:8443", + "rootUrl" : "", "adminUrl" : "", "baseUrl" : "http://localhost:8443/", "surrogateAuthRequired" : false, @@ -702,8 +704,8 @@ "protocol" : "openid-connect", "attributes" : { "saml.assertion.signature" : "false", - "saml.multivalued.roles" : "false", "saml.force.post.binding" : "false", + "saml.multivalued.roles" : "false", "saml.encrypt" : "false", "saml.server.signature" : "false", "saml.server.signature.keyinfo.ext" : "false", @@ -1206,7 +1208,7 @@ "subType" : "anonymous", "subComponents" : { }, "config" : { - "allowed-protocol-mapper-types" : [ "oidc-full-name-mapper", "oidc-usermodel-attribute-mapper", "oidc-address-mapper", "saml-user-attribute-mapper", "oidc-sha256-pairwise-sub-mapper", "oidc-usermodel-property-mapper", "saml-user-property-mapper", "saml-role-list-mapper" ] + "allowed-protocol-mapper-types" : [ "saml-role-list-mapper", "oidc-full-name-mapper", "saml-user-attribute-mapper", "oidc-usermodel-attribute-mapper", "oidc-usermodel-property-mapper", "oidc-address-mapper", "oidc-sha256-pairwise-sub-mapper", "saml-user-property-mapper" ] } }, { "id" : "cc2d0cd7-3d3f-4b0a-ad95-7118f36bf188", @@ -1238,7 +1240,7 @@ "subType" : "authenticated", "subComponents" : { }, "config" : { - "allowed-protocol-mapper-types" : [ "saml-user-attribute-mapper", "saml-role-list-mapper", "oidc-full-name-mapper", "oidc-usermodel-attribute-mapper", "oidc-usermodel-property-mapper", "saml-user-property-mapper", "oidc-address-mapper", "oidc-sha256-pairwise-sub-mapper" ] + "allowed-protocol-mapper-types" : [ "saml-user-attribute-mapper", "saml-role-list-mapper", "saml-user-property-mapper", "oidc-address-mapper", "oidc-sha256-pairwise-sub-mapper", "oidc-full-name-mapper", "oidc-usermodel-attribute-mapper", "oidc-usermodel-property-mapper" ] } }, { "id" : "92230e65-7480-44c3-af2d-72ddee758cbc", @@ -1287,7 +1289,7 @@ "internationalizationEnabled" : false, "supportedLocales" : [ ], "authenticationFlows" : [ { - "id" : "2c54f19d-5992-447d-a2b3-58953c5a92d9", + "id" : "fa5fc78f-19a9-4737-868b-618163f28c79", "alias" : "Account verification options", "description" : "Method with which to verity the existing account", "providerId" : "basic-flow", @@ -1307,7 +1309,7 @@ "autheticatorFlow" : true } ] }, { - "id" : "58e457d2-c138-401b-94e6-aa0c89d40be5", + "id" : "01735b0f-139f-46e5-bb63-f797a27efa77", "alias" : "Authentication Options", "description" : "Authentication options.", "providerId" : "basic-flow", @@ -1333,7 +1335,7 @@ "autheticatorFlow" : false } ] }, { - "id" : "ed8a0f0d-c571-4c7c-8177-51ff71e0cb0e", + "id" : "a7666cf0-626c-48c4-9e71-e408832de725", "alias" : "Browser - Conditional OTP", "description" : "Flow to determine if the OTP is required for the authentication", "providerId" : "basic-flow", @@ -1353,7 +1355,7 @@ "autheticatorFlow" : false } ] }, { - "id" : "b12f09d6-8e47-4fa2-80cb-6adece38f970", + "id" : "1dfabb7a-efdd-4964-bba5-389cad79b654", "alias" : "Direct Grant - Conditional OTP", "description" : "Flow to determine if the OTP is required for the authentication", "providerId" : "basic-flow", @@ -1373,7 +1375,7 @@ "autheticatorFlow" : false } ] }, { - "id" : "571ebbe3-1dbd-4c11-a048-431ebe7b9ba0", + "id" : "c3b2bf2b-3da8-430d-a9b7-8793c3dc30a3", "alias" : "First broker login - Conditional OTP", "description" : "Flow to determine if the OTP is required for the authentication", "providerId" : "basic-flow", @@ -1393,7 +1395,7 @@ "autheticatorFlow" : false } ] }, { - "id" : "9efe3906-9789-45d5-bd69-17657e7d0dd1", + "id" : "44343bdf-8592-4242-835f-e349943a110b", "alias" : "Handle Existing Account", "description" : "Handle what to do if there is existing account with same email/username like authenticated identity provider", "providerId" : "basic-flow", @@ -1413,7 +1415,7 @@ "autheticatorFlow" : true } ] }, { - "id" : "ff2fc973-bd97-49f6-a5b9-234904131b12", + "id" : "e72b8fcb-cd8b-4e7a-a057-3446b806b538", "alias" : "Reset - Conditional OTP", "description" : "Flow to determine if the OTP should be reset or not. Set to REQUIRED to force.", "providerId" : "basic-flow", @@ -1433,7 +1435,7 @@ "autheticatorFlow" : false } ] }, { - "id" : "b4b2f650-4ae7-4d26-ae58-59e6074fb067", + "id" : "2416145b-4d20-493c-bdf7-419898c002ee", "alias" : "User creation or linking", "description" : "Flow for the existing/non-existing user alternatives", "providerId" : "basic-flow", @@ -1454,7 +1456,7 @@ "autheticatorFlow" : true } ] }, { - "id" : "5848478b-6cb0-4460-a0be-9393e8835382", + "id" : "b7ff8aad-2daa-4736-8815-f3e8f0df391e", "alias" : "Verify Existing Account by Re-authentication", "description" : "Reauthentication of existing account", "providerId" : "basic-flow", @@ -1474,7 +1476,7 @@ "autheticatorFlow" : true } ] }, { - "id" : "79af744f-037e-49b7-b469-4581078db93a", + "id" : "8339d3ba-2d0a-4d23-bbfa-a78e4973d3c9", "alias" : "browser", "description" : "browser based authentication", "providerId" : "basic-flow", @@ -1506,7 +1508,7 @@ "autheticatorFlow" : true } ] }, { - "id" : "bed9a42e-29ce-42e3-b217-4c82ddc1da60", + "id" : "5ece002a-4e62-4d0d-8705-4b116164b424", "alias" : "clients", "description" : "Base authentication for clients", "providerId" : "client-flow", @@ -1538,7 +1540,7 @@ "autheticatorFlow" : false } ] }, { - "id" : "90ed59d7-616e-4db0-b5b7-b02c4778bfe6", + "id" : "bd27b0dc-bc87-40b7-a626-491b9955668d", "alias" : "direct grant", "description" : "OpenID Connect Resource Owner Grant", "providerId" : "basic-flow", @@ -1564,7 +1566,7 @@ "autheticatorFlow" : true } ] }, { - "id" : "02136f0a-354a-41d6-8a81-82d9d61f8ae1", + "id" : "2db79d60-7c9d-4516-80f0-0c5d60349899", "alias" : "docker auth", "description" : "Used by Docker clients to authenticate against the IDP", "providerId" : "basic-flow", @@ -1578,7 +1580,7 @@ "autheticatorFlow" : false } ] }, { - "id" : "61049b62-3f5e-440e-b3d3-7955c74ce79a", + "id" : "25a92fbe-7d4d-46bc-a751-29ef844290a3", "alias" : "first broker login", "description" : "Actions taken after first broker login with identity provider account, which is not yet linked to any Keycloak account", "providerId" : "basic-flow", @@ -1599,7 +1601,7 @@ "autheticatorFlow" : true } ] }, { - "id" : "a3416906-b38a-4626-9759-99010c6e27b9", + "id" : "26f6a5db-9be8-446c-82d0-6f4e29b5f08d", "alias" : "forms", "description" : "Username, password, otp and other auth forms.", "providerId" : "basic-flow", @@ -1619,7 +1621,7 @@ "autheticatorFlow" : true } ] }, { - "id" : "e53c6c19-574d-4ba0-b8b5-55631d71328d", + "id" : "05a94701-ad98-4bbc-a162-746a107afba5", "alias" : "http challenge", "description" : "An authentication flow based on challenge-response HTTP Authentication Schemes", "providerId" : "basic-flow", @@ -1639,7 +1641,7 @@ "autheticatorFlow" : true } ] }, { - "id" : "3bc89297-8fa2-45a0-a4f9-64166c5f53f2", + "id" : "75347884-d4cb-4eba-9b89-63566d509b92", "alias" : "registration", "description" : "registration flow", "providerId" : "basic-flow", @@ -1654,7 +1656,7 @@ "autheticatorFlow" : true } ] }, { - "id" : "7f080e51-3567-498e-ae34-1abeefe07495", + "id" : "74e3a2d3-ecda-400d-8bff-0926dc272e4b", "alias" : "registration form", "description" : "registration form", "providerId" : "form-flow", @@ -1686,7 +1688,7 @@ "autheticatorFlow" : false } ] }, { - "id" : "d0fe2454-5b33-47bd-9909-fd81dc62e27b", + "id" : "6eae8652-baf7-4a7d-80a4-1711906caec7", "alias" : "reset credentials", "description" : "Reset credentials for a user if they forgot their password or something", "providerId" : "basic-flow", @@ -1718,7 +1720,7 @@ "autheticatorFlow" : true } ] }, { - "id" : "f41e0e59-1927-4f6b-9917-1fffc76ed300", + "id" : "6135710b-b019-4117-ba32-578d3d496b2a", "alias" : "saml ecp", "description" : "SAML ECP Profile Authentication Flow", "providerId" : "basic-flow", @@ -1733,13 +1735,13 @@ } ] } ], "authenticatorConfig" : [ { - "id" : "7328eecb-235e-4d51-aeb8-60f040bdce55", + "id" : "3d3735a0-1362-4f0d-9306-bfc727da1b5b", "alias" : "create unique user config", "config" : { "require.password.update.after.registration" : "false" } }, { - "id" : "3ca8532e-719d-420c-9c96-684c1195ece6", + "id" : "c1f4a15f-8234-4f0f-affa-baf610b001e1", "alias" : "review profile config", "config" : { "update.profile.on.first.login" : "missing" diff --git a/security-c4po-cfg/cfg/keycloak.env b/security-c4po-cfg/cfg/keycloak.env index c2e568b..f65c089 100644 --- a/security-c4po-cfg/cfg/keycloak.env +++ b/security-c4po-cfg/cfg/keycloak.env @@ -1,6 +1,6 @@ # cfg for local keycloak DB_VENDOR=postgres -DB_ADDR=keycloak-postgres +DB_ADDR=c4po-keycloak-postgress DB_PORT=5432 DB_USER=c4po_kc_local DB_PASSWORD=Test1234! diff --git a/security-c4po-cfg/docker-compose.yml b/security-c4po-cfg/docker-compose.yml new file mode 100644 index 0000000..c82c6d7 --- /dev/null +++ b/security-c4po-cfg/docker-compose.yml @@ -0,0 +1,89 @@ +version: '2' + +volumes: + c4po-keycloak-postgres: + c4po-db: + +services: + # Database + c4po-keycloak-postgres: + container_name: c4po-keycloak-postgres + image: postgres:latest + env_file: + - cfg/keycloakdb.env + ports: + - 5433:5432 + volumes: + - /volumes/keycloak/data/:/var/lib/postgres/data + networks: + - c4po + c4po-db: + image: mongo:latest + container_name: c4po-db + volumes: + - /volumes/mongodb/data/:/db/data + deploy: + resources: + limits: + memory: "1G" + ports: + - 27017:27017 + networks: + - c4po + # Authentity Provider + c4po-keycloak: + container_name: c4po-keycloak + depends_on: + - c4po-keycloak-postgres + links: + - c4po-keycloak-postgres + image: jboss/keycloak:11.0.3 + volumes: + - /cfg/c4po_realm_export.json/:/tmp/c4po_realm_export.json + ports: + - 8888:8080 + env_file: + - cfg/keycloak.env + networks: + - c4po + # Services + c4po-angular: + build: '../security-c4po-angular' + image: security-c4po-angular:latest + container_name: c4po-angular + depends_on: + - c4po-keycloak + links: + - c4po-keycloak + deploy: + resources: + limits: + memory: "1G" + ports: + - 4200:4200 + networks: + - c4po + + c4po-api: + build: '../security-c4po-api' + image: security-c4po-api:latest + container_name: c4po-api + environment: + - SPRING_PROFILES_ACTIVE=COMPOSE + depends_on: + - c4po-db + - c4po-keycloak + links: + - c4po-db + - c4po-keycloak + deploy: + resources: + limits: + memory: "1G" + ports: + - 8443:8443 + networks: + - c4po + +networks: + c4po: diff --git a/security-c4po-cfg/frontend/docker-compose.frontend.yml b/security-c4po-cfg/frontend/docker-compose.frontend.yml index 234dc26..d88f900 100644 --- a/security-c4po-cfg/frontend/docker-compose.frontend.yml +++ b/security-c4po-cfg/frontend/docker-compose.frontend.yml @@ -4,13 +4,12 @@ services: c4po-angular: build: '../../security-c4po-angular' image: security-c4po-angular:latest - container_name: security-c4po-angular + container_name: c4po-angular + depends_on: + - c4po-keycloak deploy: resources: limits: memory: "1G" ports: - - '4200:4200' - -networks: - c4po: + - 4200:4200 diff --git a/security-c4po-cfg/kc/docker-compose.keycloak.yml b/security-c4po-cfg/kc/docker-compose.keycloak.yml index 84bf79d..ac3b62d 100644 --- a/security-c4po-cfg/kc/docker-compose.keycloak.yml +++ b/security-c4po-cfg/kc/docker-compose.keycloak.yml @@ -2,23 +2,22 @@ version: '3.1' services: c4po-keycloak: - container_name: security-c4po-keycloak + container_name: c4po-keycloak depends_on: - - keycloak-postgres + - c4po-keycloak-postgres image: jboss/keycloak:11.0.3 volumes: - ../cfg/c4po_realm_export.json:/tmp/c4po_realm_export.json ports: - 8888:8080 - - 9990:9990 env_file: - ../cfg/keycloak.env - keycloak-postgres: - container_name: security-c4po-postgres-keycloak + c4po-keycloak-postgress: + container_name: c4po-keycloak-postgres image: postgres:latest env_file: - ../cfg/keycloakdb.env ports: - 5433:5432 volumes: - - ../volumes/keycloak/data:/var/lib/postgresql/data + - ../volumes/keycloak/data:/var/lib/postgres/data diff --git a/security-c4po-cfg/mongodb/docker-compose.mongodb.yml b/security-c4po-cfg/mongodb/docker-compose.mongodb.yml new file mode 100644 index 0000000..c9f3a7d --- /dev/null +++ b/security-c4po-cfg/mongodb/docker-compose.mongodb.yml @@ -0,0 +1,14 @@ +version: '3.1' + +services: + c4po-db: + image: mongo:latest + container_name: c4po-db + volumes: + - ../volumes/mongodb/data:/data/db + deploy: + resources: + limits: + memory: "1G" + ports: + - 27017:27017