UNPKG

78.8 kBJavaScriptView Raw
1"use strict";
2var _a, _b, _c, _d, _e, _f, _g, _h, _j, _k, _l, _m, _o, _p, _q, _r, _s, _t, _u;
3Object.defineProperty(exports, "__esModule", { value: true });
4exports.CompositePrincipal = exports.StarPrincipal = exports.Anyone = exports.AnyPrincipal = exports.AccountRootPrincipal = exports.SamlConsolePrincipal = exports.SamlPrincipal = exports.OpenIdConnectPrincipal = exports.WebIdentityPrincipal = exports.FederatedPrincipal = exports.CanonicalUserPrincipal = exports.OrganizationPrincipal = exports.ServicePrincipal = exports.AccountPrincipal = exports.ArnPrincipal = exports.PrincipalPolicyFragment = exports.SessionTagsPrincipal = exports.PrincipalWithConditions = exports.PrincipalBase = void 0;
5const jsiiDeprecationWarnings = require("../.warnings.jsii.js");
6const JSII_RTTI_SYMBOL_1 = Symbol.for("jsii.rtti");
7const cdk = require("@aws-cdk/core");
8const region_info_1 = require("@aws-cdk/region-info");
9const policy_statement_1 = require("./policy-statement");
10const assume_role_policy_1 = require("./private/assume-role-policy");
11const util_1 = require("./util");
12/**
13 * Base class for policy principals
14 */
15class PrincipalBase {
16 constructor() {
17 this.grantPrincipal = this;
18 this.principalAccount = undefined;
19 /**
20 * When this Principal is used in an AssumeRole policy, the action to use.
21 */
22 this.assumeRoleAction = 'sts:AssumeRole';
23 }
24 addToPolicy(statement) {
25 try {
26 jsiiDeprecationWarnings._aws_cdk_aws_iam_PolicyStatement(statement);
27 }
28 catch (error) {
29 if (process.env.JSII_DEBUG !== "1" && error.name === "DeprecationError") {
30 Error.captureStackTrace(error, this.addToPolicy);
31 }
32 throw error;
33 }
34 return this.addToPrincipalPolicy(statement).statementAdded;
35 }
36 addToPrincipalPolicy(_statement) {
37 try {
38 jsiiDeprecationWarnings._aws_cdk_aws_iam_PolicyStatement(_statement);
39 }
40 catch (error) {
41 if (process.env.JSII_DEBUG !== "1" && error.name === "DeprecationError") {
42 Error.captureStackTrace(error, this.addToPrincipalPolicy);
43 }
44 throw error;
45 }
46 // This base class is used for non-identity principals. None of them
47 // have a PolicyDocument to add to.
48 return { statementAdded: false };
49 }
50 addToAssumeRolePolicy(document) {
51 try {
52 jsiiDeprecationWarnings._aws_cdk_aws_iam_PolicyDocument(document);
53 }
54 catch (error) {
55 if (process.env.JSII_DEBUG !== "1" && error.name === "DeprecationError") {
56 Error.captureStackTrace(error, this.addToAssumeRolePolicy);
57 }
58 throw error;
59 }
60 // Default implementation of this protocol, compatible with the legacy behavior
61 document.addStatements(new policy_statement_1.PolicyStatement({
62 actions: [this.assumeRoleAction],
63 principals: [this],
64 }));
65 }
66 toString() {
67 // This is a first pass to make the object readable. Descendant principals
68 // should return something nicer.
69 return JSON.stringify(this.policyFragment.principalJson);
70 }
71 /**
72 * JSON-ify the principal
73 *
74 * Used when JSON.stringify() is called
75 */
76 toJSON() {
77 // Have to implement toJSON() because the default will lead to infinite recursion.
78 return this.policyFragment.principalJson;
79 }
80 /**
81 * Returns a new PrincipalWithConditions using this principal as the base, with the
82 * passed conditions added.
83 *
84 * When there is a value for the same operator and key in both the principal and the
85 * conditions parameter, the value from the conditions parameter will be used.
86 *
87 * @returns a new PrincipalWithConditions object.
88 */
89 withConditions(conditions) {
90 return new PrincipalWithConditions(this, conditions);
91 }
92 /**
93 * Returns a new principal using this principal as the base, with session tags enabled.
94 *
95 * @returns a new SessionTagsPrincipal object.
96 */
97 withSessionTags() {
98 return new SessionTagsPrincipal(this);
99 }
100}
101exports.PrincipalBase = PrincipalBase;
102_a = JSII_RTTI_SYMBOL_1;
103PrincipalBase[_a] = { fqn: "@aws-cdk/aws-iam.PrincipalBase", version: "1.156.1" };
104/**
105 * Base class for Principals that wrap other principals
106 */
107class PrincipalAdapter extends PrincipalBase {
108 constructor(wrapped) {
109 super();
110 this.wrapped = wrapped;
111 this.assumeRoleAction = this.wrapped.assumeRoleAction;
112 this.principalAccount = this.wrapped.principalAccount;
113 }
114 get policyFragment() { return this.wrapped.policyFragment; }
115 addToPolicy(statement) {
116 return this.wrapped.addToPolicy(statement);
117 }
118 addToPrincipalPolicy(statement) {
119 return this.wrapped.addToPrincipalPolicy(statement);
120 }
121}
122/**
123 * An IAM principal with additional conditions specifying when the policy is in effect.
124 *
125 * For more information about conditions, see:
126 * https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition.html
127 */
128class PrincipalWithConditions extends PrincipalAdapter {
129 constructor(principal, conditions) {
130 super(principal);
131 try {
132 jsiiDeprecationWarnings._aws_cdk_aws_iam_IPrincipal(principal);
133 }
134 catch (error) {
135 if (process.env.JSII_DEBUG !== "1" && error.name === "DeprecationError") {
136 Error.captureStackTrace(error, this.constructor);
137 }
138 throw error;
139 }
140 this.additionalConditions = conditions;
141 }
142 /**
143 * Add a condition to the principal
144 */
145 addCondition(key, value) {
146 const existingValue = this.additionalConditions[key];
147 this.additionalConditions[key] = existingValue ? { ...existingValue, ...value } : value;
148 }
149 /**
150 * Adds multiple conditions to the principal
151 *
152 * Values from the conditions parameter will overwrite existing values with the same operator
153 * and key.
154 */
155 addConditions(conditions) {
156 Object.entries(conditions).forEach(([key, value]) => {
157 this.addCondition(key, value);
158 });
159 }
160 /**
161 * The conditions under which the policy is in effect.
162 * See [the IAM documentation](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition.html).
163 */
164 get conditions() {
165 return this.mergeConditions(this.wrapped.policyFragment.conditions, this.additionalConditions);
166 }
167 get policyFragment() {
168 return new PrincipalPolicyFragment(this.wrapped.policyFragment.principalJson, this.conditions);
169 }
170 toString() {
171 return this.wrapped.toString();
172 }
173 /**
174 * JSON-ify the principal
175 *
176 * Used when JSON.stringify() is called
177 */
178 toJSON() {
179 // Have to implement toJSON() because the default will lead to infinite recursion.
180 return this.policyFragment.principalJson;
181 }
182 mergeConditions(principalConditions, additionalConditions) {
183 const mergedConditions = {};
184 Object.entries(principalConditions).forEach(([operator, condition]) => {
185 mergedConditions[operator] = condition;
186 });
187 Object.entries(additionalConditions).forEach(([operator, condition]) => {
188 // merge the conditions if one of the additional conditions uses an
189 // operator that's already used by the principal's conditions merge the
190 // inner structure.
191 const existing = mergedConditions[operator];
192 if (!existing) {
193 mergedConditions[operator] = condition;
194 return; // continue
195 }
196 // if either the existing condition or the new one contain unresolved
197 // tokens, fail the merge. this is as far as we go at this point.
198 if (cdk.Token.isUnresolved(condition) || cdk.Token.isUnresolved(existing)) {
199 throw new Error(`multiple "${operator}" conditions cannot be merged if one of them contains an unresolved token`);
200 }
201 mergedConditions[operator] = { ...existing, ...condition };
202 });
203 return mergedConditions;
204 }
205}
206exports.PrincipalWithConditions = PrincipalWithConditions;
207_b = JSII_RTTI_SYMBOL_1;
208PrincipalWithConditions[_b] = { fqn: "@aws-cdk/aws-iam.PrincipalWithConditions", version: "1.156.1" };
209/**
210 * Enables session tags on role assumptions from a principal
211 *
212 * For more information on session tags, see:
213 * https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html
214 */
215class SessionTagsPrincipal extends PrincipalAdapter {
216 constructor(principal) {
217 super(principal);
218 try {
219 jsiiDeprecationWarnings._aws_cdk_aws_iam_IPrincipal(principal);
220 }
221 catch (error) {
222 if (process.env.JSII_DEBUG !== "1" && error.name === "DeprecationError") {
223 Error.captureStackTrace(error, this.constructor);
224 }
225 throw error;
226 }
227 }
228 addToAssumeRolePolicy(doc) {
229 try {
230 jsiiDeprecationWarnings._aws_cdk_aws_iam_PolicyDocument(doc);
231 }
232 catch (error) {
233 if (process.env.JSII_DEBUG !== "1" && error.name === "DeprecationError") {
234 Error.captureStackTrace(error, this.addToAssumeRolePolicy);
235 }
236 throw error;
237 }
238 // Lazy import to avoid circular import dependencies during startup
239 // eslint-disable-next-line @typescript-eslint/no-require-imports
240 const adapter = require('./private/policydoc-adapter');
241 assume_role_policy_1.defaultAddPrincipalToAssumeRole(this.wrapped, new adapter.MutatingPolicyDocumentAdapter(doc, (statement) => {
242 statement.addActions('sts:TagSession');
243 return statement;
244 }));
245 }
246}
247exports.SessionTagsPrincipal = SessionTagsPrincipal;
248_c = JSII_RTTI_SYMBOL_1;
249SessionTagsPrincipal[_c] = { fqn: "@aws-cdk/aws-iam.SessionTagsPrincipal", version: "1.156.1" };
250/**
251 * A collection of the fields in a PolicyStatement that can be used to identify a principal.
252 *
253 * This consists of the JSON used in the "Principal" field, and optionally a
254 * set of "Condition"s that need to be applied to the policy.
255 *
256 * Generally, a principal looks like:
257 *
258 * { '<TYPE>': ['ID', 'ID', ...] }
259 *
260 * And this is also the type of the field `principalJson`. However, there is a
261 * special type of principal that is just the string '*', which is treated
262 * differently by some services. To represent that principal, `principalJson`
263 * should contain `{ 'LiteralString': ['*'] }`.
264 */
265class PrincipalPolicyFragment {
266 /**
267 *
268 * @param principalJson JSON of the "Principal" section in a policy statement
269 * @param conditions conditions that need to be applied to this policy
270 */
271 constructor(principalJson,
272 /**
273 * The conditions under which the policy is in effect.
274 * See [the IAM documentation](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition.html).
275 */
276 conditions = {}) {
277 this.principalJson = principalJson;
278 this.conditions = conditions;
279 }
280}
281exports.PrincipalPolicyFragment = PrincipalPolicyFragment;
282_d = JSII_RTTI_SYMBOL_1;
283PrincipalPolicyFragment[_d] = { fqn: "@aws-cdk/aws-iam.PrincipalPolicyFragment", version: "1.156.1" };
284/**
285 * Specify a principal by the Amazon Resource Name (ARN).
286 * You can specify AWS accounts, IAM users, Federated SAML users, IAM roles, and specific assumed-role sessions.
287 * You cannot specify IAM groups or instance profiles as principals
288 *
289 * @see https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_principal.html
290 */
291class ArnPrincipal extends PrincipalBase {
292 /**
293 *
294 * @param arn Amazon Resource Name (ARN) of the principal entity (i.e. arn:aws:iam::123456789012:user/user-name)
295 */
296 constructor(arn) {
297 super();
298 this.arn = arn;
299 }
300 get policyFragment() {
301 return new PrincipalPolicyFragment({ AWS: [this.arn] });
302 }
303 toString() {
304 return `ArnPrincipal(${this.arn})`;
305 }
306 /**
307 * A convenience method for adding a condition that the principal is part of the specified
308 * AWS Organization.
309 */
310 inOrganization(organizationId) {
311 return this.withConditions({
312 StringEquals: {
313 'aws:PrincipalOrgID': organizationId,
314 },
315 });
316 }
317}
318exports.ArnPrincipal = ArnPrincipal;
319_e = JSII_RTTI_SYMBOL_1;
320ArnPrincipal[_e] = { fqn: "@aws-cdk/aws-iam.ArnPrincipal", version: "1.156.1" };
321/**
322 * Specify AWS account ID as the principal entity in a policy to delegate authority to the account.
323 */
324class AccountPrincipal extends ArnPrincipal {
325 /**
326 *
327 * @param accountId AWS account ID (i.e. 123456789012)
328 */
329 constructor(accountId) {
330 super(new StackDependentToken(stack => `arn:${stack.partition}:iam::${accountId}:root`).toString());
331 this.accountId = accountId;
332 this.principalAccount = accountId;
333 }
334 toString() {
335 return `AccountPrincipal(${this.accountId})`;
336 }
337}
338exports.AccountPrincipal = AccountPrincipal;
339_f = JSII_RTTI_SYMBOL_1;
340AccountPrincipal[_f] = { fqn: "@aws-cdk/aws-iam.AccountPrincipal", version: "1.156.1" };
341/**
342 * An IAM principal that represents an AWS service (i.e. sqs.amazonaws.com).
343 */
344class ServicePrincipal extends PrincipalBase {
345 /**
346 *
347 * @param service AWS service (i.e. sqs.amazonaws.com)
348 */
349 constructor(service, opts = {}) {
350 super();
351 this.service = service;
352 this.opts = opts;
353 try {
354 jsiiDeprecationWarnings._aws_cdk_aws_iam_ServicePrincipalOpts(opts);
355 }
356 catch (error) {
357 if (process.env.JSII_DEBUG !== "1" && error.name === "DeprecationError") {
358 Error.captureStackTrace(error, this.constructor);
359 }
360 throw error;
361 }
362 }
363 get policyFragment() {
364 return new PrincipalPolicyFragment({
365 Service: [
366 new ServicePrincipalToken(this.service, this.opts).toString(),
367 ],
368 }, this.opts.conditions);
369 }
370 toString() {
371 return `ServicePrincipal(${this.service})`;
372 }
373}
374exports.ServicePrincipal = ServicePrincipal;
375_g = JSII_RTTI_SYMBOL_1;
376ServicePrincipal[_g] = { fqn: "@aws-cdk/aws-iam.ServicePrincipal", version: "1.156.1" };
377/**
378 * A principal that represents an AWS Organization
379 */
380class OrganizationPrincipal extends PrincipalBase {
381 /**
382 *
383 * @param organizationId The unique identifier (ID) of an organization (i.e. o-12345abcde)
384 */
385 constructor(organizationId) {
386 super();
387 this.organizationId = organizationId;
388 }
389 get policyFragment() {
390 return new PrincipalPolicyFragment({ AWS: ['*'] }, { StringEquals: { 'aws:PrincipalOrgID': this.organizationId } });
391 }
392 toString() {
393 return `OrganizationPrincipal(${this.organizationId})`;
394 }
395}
396exports.OrganizationPrincipal = OrganizationPrincipal;
397_h = JSII_RTTI_SYMBOL_1;
398OrganizationPrincipal[_h] = { fqn: "@aws-cdk/aws-iam.OrganizationPrincipal", version: "1.156.1" };
399/**
400 * A policy principal for canonicalUserIds - useful for S3 bucket policies that use
401 * Origin Access identities.
402 *
403 * See https://docs.aws.amazon.com/general/latest/gr/acct-identifiers.html
404 *
405 * and
406 *
407 * https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.html
408 *
409 * for more details.
410 *
411 */
412class CanonicalUserPrincipal extends PrincipalBase {
413 /**
414 *
415 * @param canonicalUserId unique identifier assigned by AWS for every account.
416 * root user and IAM users for an account all see the same ID.
417 * (i.e. 79a59df900b949e55d96a1e698fbacedfd6e09d98eacf8f8d5218e7cd47ef2be)
418 */
419 constructor(canonicalUserId) {
420 super();
421 this.canonicalUserId = canonicalUserId;
422 }
423 get policyFragment() {
424 return new PrincipalPolicyFragment({ CanonicalUser: [this.canonicalUserId] });
425 }
426 toString() {
427 return `CanonicalUserPrincipal(${this.canonicalUserId})`;
428 }
429}
430exports.CanonicalUserPrincipal = CanonicalUserPrincipal;
431_j = JSII_RTTI_SYMBOL_1;
432CanonicalUserPrincipal[_j] = { fqn: "@aws-cdk/aws-iam.CanonicalUserPrincipal", version: "1.156.1" };
433/**
434 * Principal entity that represents a federated identity provider such as Amazon Cognito,
435 * that can be used to provide temporary security credentials to users who have been authenticated.
436 * Additional condition keys are available when the temporary security credentials are used to make a request.
437 * You can use these keys to write policies that limit the access of federated users.
438 *
439 * @see https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_iam-condition-keys.html#condition-keys-wif
440 */
441class FederatedPrincipal extends PrincipalBase {
442 /**
443 *
444 * @param federated federated identity provider (i.e. 'cognito-identity.amazonaws.com' for users authenticated through Cognito)
445 * @param conditions The conditions under which the policy is in effect.
446 * See [the IAM documentation](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition.html).
447 * @param sessionTags Whether to enable session tagging (see https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html)
448 */
449 constructor(federated, conditions, assumeRoleAction = 'sts:AssumeRole') {
450 super();
451 this.federated = federated;
452 this.conditions = conditions;
453 this.assumeRoleAction = assumeRoleAction;
454 }
455 get policyFragment() {
456 return new PrincipalPolicyFragment({ Federated: [this.federated] }, this.conditions);
457 }
458 toString() {
459 return `FederatedPrincipal(${this.federated})`;
460 }
461}
462exports.FederatedPrincipal = FederatedPrincipal;
463_k = JSII_RTTI_SYMBOL_1;
464FederatedPrincipal[_k] = { fqn: "@aws-cdk/aws-iam.FederatedPrincipal", version: "1.156.1" };
465/**
466 * A principal that represents a federated identity provider as Web Identity such as Cognito, Amazon,
467 * Facebook, Google, etc.
468 */
469class WebIdentityPrincipal extends FederatedPrincipal {
470 /**
471 *
472 * @param identityProvider identity provider (i.e. 'cognito-identity.amazonaws.com' for users authenticated through Cognito)
473 * @param conditions The conditions under which the policy is in effect.
474 * See [the IAM documentation](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition.html).
475 * @param sessionTags Whether to enable session tagging (see https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html)
476 */
477 constructor(identityProvider, conditions = {}) {
478 super(identityProvider, conditions !== null && conditions !== void 0 ? conditions : {}, 'sts:AssumeRoleWithWebIdentity');
479 }
480 get policyFragment() {
481 return new PrincipalPolicyFragment({ Federated: [this.federated] }, this.conditions);
482 }
483 toString() {
484 return `WebIdentityPrincipal(${this.federated})`;
485 }
486}
487exports.WebIdentityPrincipal = WebIdentityPrincipal;
488_l = JSII_RTTI_SYMBOL_1;
489WebIdentityPrincipal[_l] = { fqn: "@aws-cdk/aws-iam.WebIdentityPrincipal", version: "1.156.1" };
490/**
491 * A principal that represents a federated identity provider as from a OpenID Connect provider.
492 */
493class OpenIdConnectPrincipal extends WebIdentityPrincipal {
494 /**
495 *
496 * @param openIdConnectProvider OpenID Connect provider
497 * @param conditions The conditions under which the policy is in effect.
498 * See [the IAM documentation](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition.html).
499 */
500 constructor(openIdConnectProvider, conditions = {}) {
501 super(openIdConnectProvider.openIdConnectProviderArn, conditions !== null && conditions !== void 0 ? conditions : {});
502 try {
503 jsiiDeprecationWarnings._aws_cdk_aws_iam_IOpenIdConnectProvider(openIdConnectProvider);
504 }
505 catch (error) {
506 if (process.env.JSII_DEBUG !== "1" && error.name === "DeprecationError") {
507 Error.captureStackTrace(error, this.constructor);
508 }
509 throw error;
510 }
511 }
512 get policyFragment() {
513 return new PrincipalPolicyFragment({ Federated: [this.federated] }, this.conditions);
514 }
515 toString() {
516 return `OpenIdConnectPrincipal(${this.federated})`;
517 }
518}
519exports.OpenIdConnectPrincipal = OpenIdConnectPrincipal;
520_m = JSII_RTTI_SYMBOL_1;
521OpenIdConnectPrincipal[_m] = { fqn: "@aws-cdk/aws-iam.OpenIdConnectPrincipal", version: "1.156.1" };
522/**
523 * Principal entity that represents a SAML federated identity provider
524 */
525class SamlPrincipal extends FederatedPrincipal {
526 constructor(samlProvider, conditions) {
527 super(samlProvider.samlProviderArn, conditions, 'sts:AssumeRoleWithSAML');
528 try {
529 jsiiDeprecationWarnings._aws_cdk_aws_iam_ISamlProvider(samlProvider);
530 }
531 catch (error) {
532 if (process.env.JSII_DEBUG !== "1" && error.name === "DeprecationError") {
533 Error.captureStackTrace(error, this.constructor);
534 }
535 throw error;
536 }
537 }
538 toString() {
539 return `SamlPrincipal(${this.federated})`;
540 }
541}
542exports.SamlPrincipal = SamlPrincipal;
543_o = JSII_RTTI_SYMBOL_1;
544SamlPrincipal[_o] = { fqn: "@aws-cdk/aws-iam.SamlPrincipal", version: "1.156.1" };
545/**
546 * Principal entity that represents a SAML federated identity provider for
547 * programmatic and AWS Management Console access.
548 */
549class SamlConsolePrincipal extends SamlPrincipal {
550 constructor(samlProvider, conditions = {}) {
551 super(samlProvider, {
552 ...conditions,
553 StringEquals: {
554 'SAML:aud': 'https://signin.aws.amazon.com/saml',
555 },
556 });
557 try {
558 jsiiDeprecationWarnings._aws_cdk_aws_iam_ISamlProvider(samlProvider);
559 }
560 catch (error) {
561 if (process.env.JSII_DEBUG !== "1" && error.name === "DeprecationError") {
562 Error.captureStackTrace(error, this.constructor);
563 }
564 throw error;
565 }
566 }
567 toString() {
568 return `SamlConsolePrincipal(${this.federated})`;
569 }
570}
571exports.SamlConsolePrincipal = SamlConsolePrincipal;
572_p = JSII_RTTI_SYMBOL_1;
573SamlConsolePrincipal[_p] = { fqn: "@aws-cdk/aws-iam.SamlConsolePrincipal", version: "1.156.1" };
574/**
575 * Use the AWS account into which a stack is deployed as the principal entity in a policy
576 */
577class AccountRootPrincipal extends AccountPrincipal {
578 constructor() {
579 super(new StackDependentToken(stack => stack.account).toString());
580 }
581 toString() {
582 return 'AccountRootPrincipal()';
583 }
584}
585exports.AccountRootPrincipal = AccountRootPrincipal;
586_q = JSII_RTTI_SYMBOL_1;
587AccountRootPrincipal[_q] = { fqn: "@aws-cdk/aws-iam.AccountRootPrincipal", version: "1.156.1" };
588/**
589 * A principal representing all AWS identities in all accounts
590 *
591 * Some services behave differently when you specify `Principal: '*'`
592 * or `Principal: { AWS: "*" }` in their resource policy.
593 *
594 * `AnyPrincipal` renders to `Principal: { AWS: "*" }`. This is correct
595 * most of the time, but in cases where you need the other principal,
596 * use `StarPrincipal` instead.
597 */
598class AnyPrincipal extends ArnPrincipal {
599 constructor() {
600 super('*');
601 }
602 toString() {
603 return 'AnyPrincipal()';
604 }
605}
606exports.AnyPrincipal = AnyPrincipal;
607_r = JSII_RTTI_SYMBOL_1;
608AnyPrincipal[_r] = { fqn: "@aws-cdk/aws-iam.AnyPrincipal", version: "1.156.1" };
609/**
610 * A principal representing all identities in all accounts
611 * @deprecated use `AnyPrincipal`
612 */
613class Anyone extends AnyPrincipal {
614}
615exports.Anyone = Anyone;
616_s = JSII_RTTI_SYMBOL_1;
617Anyone[_s] = { fqn: "@aws-cdk/aws-iam.Anyone", version: "1.156.1" };
618/**
619 * A principal that uses a literal '*' in the IAM JSON language
620 *
621 * Some services behave differently when you specify `Principal: "*"`
622 * or `Principal: { AWS: "*" }` in their resource policy.
623 *
624 * `StarPrincipal` renders to `Principal: *`. Most of the time, you
625 * should use `AnyPrincipal` instead.
626 */
627class StarPrincipal extends PrincipalBase {
628 constructor() {
629 super(...arguments);
630 this.policyFragment = {
631 principalJson: { [util_1.LITERAL_STRING_KEY]: ['*'] },
632 conditions: {},
633 };
634 }
635 toString() {
636 return 'StarPrincipal()';
637 }
638}
639exports.StarPrincipal = StarPrincipal;
640_t = JSII_RTTI_SYMBOL_1;
641StarPrincipal[_t] = { fqn: "@aws-cdk/aws-iam.StarPrincipal", version: "1.156.1" };
642/**
643 * Represents a principal that has multiple types of principals. A composite principal cannot
644 * have conditions. i.e. multiple ServicePrincipals that form a composite principal
645 */
646class CompositePrincipal extends PrincipalBase {
647 constructor(...principals) {
648 super();
649 this.principals = new Array();
650 try {
651 jsiiDeprecationWarnings._aws_cdk_aws_iam_IPrincipal(principals);
652 }
653 catch (error) {
654 if (process.env.JSII_DEBUG !== "1" && error.name === "DeprecationError") {
655 Error.captureStackTrace(error, this.constructor);
656 }
657 throw error;
658 }
659 if (principals.length === 0) {
660 throw new Error('CompositePrincipals must be constructed with at least 1 Principal but none were passed.');
661 }
662 this.assumeRoleAction = principals[0].assumeRoleAction;
663 this.addPrincipals(...principals);
664 }
665 /**
666 * Adds IAM principals to the composite principal. Composite principals cannot have
667 * conditions.
668 *
669 * @param principals IAM principals that will be added to the composite principal
670 */
671 addPrincipals(...principals) {
672 try {
673 jsiiDeprecationWarnings._aws_cdk_aws_iam_IPrincipal(principals);
674 }
675 catch (error) {
676 if (process.env.JSII_DEBUG !== "1" && error.name === "DeprecationError") {
677 Error.captureStackTrace(error, this.addPrincipals);
678 }
679 throw error;
680 }
681 this.principals.push(...principals);
682 return this;
683 }
684 addToAssumeRolePolicy(doc) {
685 try {
686 jsiiDeprecationWarnings._aws_cdk_aws_iam_PolicyDocument(doc);
687 }
688 catch (error) {
689 if (process.env.JSII_DEBUG !== "1" && error.name === "DeprecationError") {
690 Error.captureStackTrace(error, this.addToAssumeRolePolicy);
691 }
692 throw error;
693 }
694 for (const p of this.principals) {
695 assume_role_policy_1.defaultAddPrincipalToAssumeRole(p, doc);
696 }
697 }
698 get policyFragment() {
699 // We only have a problem with conditions if we are trying to render composite
700 // princpals into a single statement (which is when `policyFragment` would get called)
701 for (const p of this.principals) {
702 const fragment = p.policyFragment;
703 if (fragment.conditions && Object.keys(fragment.conditions).length > 0) {
704 throw new Error('Components of a CompositePrincipal must not have conditions. ' +
705 `Tried to add the following fragment: ${JSON.stringify(fragment)}`);
706 }
707 }
708 const principalJson = {};
709 for (const p of this.principals) {
710 util_1.mergePrincipal(principalJson, p.policyFragment.principalJson);
711 }
712 return new PrincipalPolicyFragment(principalJson);
713 }
714 toString() {
715 return `CompositePrincipal(${this.principals})`;
716 }
717}
718exports.CompositePrincipal = CompositePrincipal;
719_u = JSII_RTTI_SYMBOL_1;
720CompositePrincipal[_u] = { fqn: "@aws-cdk/aws-iam.CompositePrincipal", version: "1.156.1" };
721/**
722 * A lazy token that requires an instance of Stack to evaluate
723 */
724class StackDependentToken {
725 constructor(fn) {
726 this.fn = fn;
727 this.creationStack = cdk.captureStackTrace();
728 }
729 resolve(context) {
730 return this.fn(cdk.Stack.of(context.scope));
731 }
732 toString() {
733 return cdk.Token.asString(this);
734 }
735 /**
736 * JSON-ify the token
737 *
738 * Used when JSON.stringify() is called
739 */
740 toJSON() {
741 return '<unresolved-token>';
742 }
743}
744class ServicePrincipalToken {
745 constructor(service, opts) {
746 this.service = service;
747 this.opts = opts;
748 this.creationStack = cdk.captureStackTrace();
749 }
750 resolve(ctx) {
751 var _v;
752 if (this.opts.region) {
753 // Special case, handle it separately to not break legacy behavior.
754 return (_v = region_info_1.RegionInfo.get(this.opts.region).servicePrincipal(this.service)) !== null && _v !== void 0 ? _v : region_info_1.Default.servicePrincipal(this.service, this.opts.region, cdk.Aws.URL_SUFFIX);
755 }
756 const stack = cdk.Stack.of(ctx.scope);
757 return stack.regionalFact(region_info_1.FactName.servicePrincipal(this.service), region_info_1.Default.servicePrincipal(this.service, stack.region, cdk.Aws.URL_SUFFIX));
758 }
759 toString() {
760 return cdk.Token.asString(this, {
761 displayHint: this.service,
762 });
763 }
764 /**
765 * JSON-ify the token
766 *
767 * Used when JSON.stringify() is called
768 */
769 toJSON() {
770 return `<${this.service}>`;
771 }
772}
773//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicHJpbmNpcGFscy5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbInByaW5jaXBhbHMudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7O0FBQUEscUNBQXFDO0FBQ3JDLHNEQUFxRTtBQUdyRSx5REFBNEU7QUFDNUUscUVBQStFO0FBRS9FLGlDQUE0RDtBQXNHNUQ7O0dBRUc7QUFDSCxNQUFzQixhQUFhO0lBQW5DO1FBQ2tCLG1CQUFjLEdBQWUsSUFBSSxDQUFDO1FBQ2xDLHFCQUFnQixHQUF1QixTQUFTLENBQUM7UUFPakU7O1dBRUc7UUFDYSxxQkFBZ0IsR0FBVyxnQkFBZ0IsQ0FBQztLQXlEN0Q7SUF2RFEsV0FBVyxDQUFDLFNBQTBCOzs7Ozs7Ozs7O1FBQzNDLE9BQU8sSUFBSSxDQUFDLG9CQUFvQixDQUFDLFNBQVMsQ0FBQyxDQUFDLGNBQWMsQ0FBQztLQUM1RDtJQUVNLG9CQUFvQixDQUFDLFVBQTJCOzs7Ozs7Ozs7O1FBQ3JELG9FQUFvRTtRQUNwRSxtQ0FBbUM7UUFDbkMsT0FBTyxFQUFFLGNBQWMsRUFBRSxLQUFLLEVBQUUsQ0FBQztLQUNsQztJQUVNLHFCQUFxQixDQUFDLFFBQXdCOzs7Ozs7Ozs7O1FBQ25ELCtFQUErRTtRQUMvRSxRQUFRLENBQUMsYUFBYSxDQUFDLElBQUksa0NBQWUsQ0FBQztZQUN6QyxPQUFPLEVBQUUsQ0FBQyxJQUFJLENBQUMsZ0JBQWdCLENBQUM7WUFDaEMsVUFBVSxFQUFFLENBQUMsSUFBSSxDQUFDO1NBQ25CLENBQUMsQ0FBQyxDQUFDO0tBQ0w7SUFFTSxRQUFRO1FBQ2IsMEVBQTBFO1FBQzFFLGlDQUFpQztRQUNqQyxPQUFPLElBQUksQ0FBQyxTQUFTLENBQUMsSUFBSSxDQUFDLGNBQWMsQ0FBQyxhQUFhLENBQUMsQ0FBQztLQUMxRDtJQUVEOzs7O09BSUc7SUFDSSxNQUFNO1FBQ1gsa0ZBQWtGO1FBQ2xGLE9BQU8sSUFBSSxDQUFDLGNBQWMsQ0FBQyxhQUFhLENBQUM7S0FDMUM7SUFFRDs7Ozs7Ozs7T0FRRztJQUNJLGNBQWMsQ0FBQyxVQUFzQjtRQUMxQyxPQUFPLElBQUksdUJBQXVCLENBQUMsSUFBSSxFQUFFLFVBQVUsQ0FBQyxDQUFDO0tBQ3REO0lBRUQ7Ozs7T0FJRztJQUNJLGVBQWU7UUFDcEIsT0FBTyxJQUFJLG9CQUFvQixDQUFDLElBQUksQ0FBQyxDQUFDO0tBQ3ZDOztBQXBFSCxzQ0FxRUM7OztBQUVEOztHQUVHO0FBQ0gsTUFBTSxnQkFBaUIsU0FBUSxhQUFhO0lBSTFDLFlBQStCLE9BQW1CO1FBQ2hELEtBQUssRUFBRSxDQUFDO1FBRHFCLFlBQU8sR0FBUCxPQUFPLENBQVk7UUFIbEMscUJBQWdCLEdBQUcsSUFBSSxDQUFDLE9BQU8sQ0FBQyxnQkFBZ0IsQ0FBQztRQUNqRCxxQkFBZ0IsR0FBRyxJQUFJLENBQUMsT0FBTyxDQUFDLGdCQUFnQixDQUFDO0tBSWhFO0lBRUQsSUFBVyxjQUFjLEtBQThCLE9BQU8sSUFBSSxDQUFDLE9BQU8sQ0FBQyxjQUFjLENBQUMsRUFBRTtJQUU1RixXQUFXLENBQUMsU0FBMEI7UUFDcEMsT0FBTyxJQUFJLENBQUMsT0FBTyxDQUFDLFdBQVcsQ0FBQyxTQUFTLENBQUMsQ0FBQztLQUM1QztJQUNELG9CQUFvQixDQUFDLFNBQTBCO1FBQzdDLE9BQU8sSUFBSSxDQUFDLE9BQU8sQ0FBQyxvQkFBb0IsQ0FBQyxTQUFTLENBQUMsQ0FBQztLQUNyRDtDQUNGO0FBRUQ7Ozs7O0dBS0c7QUFDSCxNQUFhLHVCQUF3QixTQUFRLGdCQUFnQjtJQUczRCxZQUFZLFNBQXFCLEVBQUUsVUFBc0I7UUFDdkQsS0FBSyxDQUFDLFNBQVMsQ0FBQyxDQUFDOzs7Ozs7Ozs7O1FBQ2pCLElBQUksQ0FBQyxvQkFBb0IsR0FBRyxVQUFVLENBQUM7S0FDeEM7SUFFRDs7T0FFRztJQUNJLFlBQVksQ0FBQyxHQUFXLEVBQUUsS0FBZ0I7UUFDL0MsTUFBTSxhQUFhLEdBQUcsSUFBSSxDQUFDLG9CQUFvQixDQUFDLEdBQUcsQ0FBQyxDQUFDO1FBQ3JELElBQUksQ0FBQyxvQkFBb0IsQ0FBQyxHQUFHLENBQUMsR0FBRyxhQUFhLENBQUMsQ0FBQyxDQUFDLEVBQUUsR0FBRyxhQUFhLEVBQUUsR0FBRyxLQUFLLEVBQUUsQ0FBQyxDQUFDLENBQUMsS0FBSyxDQUFDO0tBQ3pGO0lBRUQ7Ozs7O09BS0c7SUFDSSxhQUFhLENBQUMsVUFBc0I7UUFDekMsTUFBTSxDQUFDLE9BQU8sQ0FBQyxVQUFVLENBQUMsQ0FBQyxPQUFPLENBQUMsQ0FBQyxDQUFDLEdBQUcsRUFBRSxLQUFLLENBQUMsRUFBRSxFQUFFO1lBQ2xELElBQUksQ0FBQyxZQUFZLENBQUMsR0FBRyxFQUFFLEtBQUssQ0FBQyxDQUFDO1FBQ2hDLENBQUMsQ0FBQyxDQUFDO0tBQ0o7SUFFRDs7O09BR0c7SUFDSCxJQUFXLFVBQVU7UUFDbkIsT0FBTyxJQUFJLENBQUMsZUFBZSxDQUFDLElBQUksQ0FBQyxPQUFPLENBQUMsY0FBYyxDQUFDLFVBQVUsRUFBRSxJQUFJLENBQUMsb0JBQW9CLENBQUMsQ0FBQztLQUNoRztJQUVELElBQVcsY0FBYztRQUN2QixPQUFPLElBQUksdUJBQXVCLENBQUMsSUFBSSxDQUFDLE9BQU8sQ0FBQyxjQUFjLENBQUMsYUFBYSxFQUFFLElBQUksQ0FBQyxVQUFVLENBQUMsQ0FBQztLQUNoRztJQUVNLFFBQVE7UUFDYixPQUFPLElBQUksQ0FBQyxPQUFPLENBQUMsUUFBUSxFQUFFLENBQUM7S0FDaEM7SUFFRDs7OztPQUlHO0lBQ0ksTUFBTTtRQUNYLGtGQUFrRjtRQUNsRixPQUFPLElBQUksQ0FBQyxjQUFjLENBQUMsYUFBYSxDQUFDO0tBQzFDO0lBRU8sZUFBZSxDQUFDLG1CQUErQixFQUFFLG9CQUFnQztRQUN2RixNQUFNLGdCQUFnQixHQUFlLEVBQUUsQ0FBQztRQUN4QyxNQUFNLENBQUMsT0FBTyxDQUFDLG1CQUFtQixDQUFDLENBQUMsT0FBTyxDQUFDLENBQUMsQ0FBQyxRQUFRLEVBQUUsU0FBUyxDQUFDLEVBQUUsRUFBRTtZQUNwRSxnQkFBZ0IsQ0FBQyxRQUFRLENBQUMsR0FBRyxTQUFTLENBQUM7UUFDekMsQ0FBQyxDQUFDLENBQUM7UUFFSCxNQUFNLENBQUMsT0FBTyxDQUFDLG9CQUFvQixDQUFDLENBQUMsT0FBTyxDQUFDLENBQUMsQ0FBQyxRQUFRLEVBQUUsU0FBUyxDQUFDLEVBQUUsRUFBRTtZQUNyRSxtRUFBbUU7WUFDbkUsdUVBQXVFO1lBQ3ZFLG1CQUFtQjtZQUNuQixNQUFNLFFBQVEsR0FBRyxnQkFBZ0IsQ0FBQyxRQUFRLENBQUMsQ0FBQztZQUM1QyxJQUFJLENBQUMsUUFBUSxFQUFFO2dCQUNiLGdCQUFnQixDQUFDLFFBQVEsQ0FBQyxHQUFHLFNBQVMsQ0FBQztnQkFDdkMsT0FBTyxDQUFDLFdBQVc7YUFDcEI7WUFFRCxxRUFBcUU7WUFDckUsaUVBQWlFO1lBQ2pFLElBQUksR0FBRyxDQUFDLEtBQUssQ0FBQyxZQUFZLENBQUMsU0FBUyxDQUFDLElBQUksR0FBRyxDQUFDLEtBQUssQ0FBQyxZQUFZLENBQUMsUUFBUSxDQUFDLEVBQUU7Z0JBQ3pFLE1BQU0sSUFBSSxLQUFLLENBQUMsYUFBYSxRQUFRLDJFQUEyRSxDQUFDLENBQUM7YUFDbkg7WUFFRCxnQkFBZ0IsQ0FBQyxRQUFRLENBQUMsR0FBRyxFQUFFLEdBQUcsUUFBUSxFQUFFLEdBQUcsU0FBUyxFQUFFLENBQUM7UUFDN0QsQ0FBQyxDQUFDLENBQUM7UUFDSCxPQUFPLGdCQUFnQixDQUFDO0tBQ3pCOztBQS9FSCwwREFnRkM7OztBQUVEOzs7OztHQUtHO0FBQ0gsTUFBYSxvQkFBcUIsU0FBUSxnQkFBZ0I7SUFDeEQsWUFBWSxTQUFxQjtRQUMvQixLQUFLLENBQUMsU0FBUyxDQUFDLENBQUM7Ozs7Ozs7Ozs7S0FDbEI7SUFFTSxxQkFBcUIsQ0FBQyxHQUFtQjs7Ozs7Ozs7OztRQUM5QyxtRUFBbUU7UUFFbkUsaUVBQWlFO1FBQ2pFLE1BQU0sT0FBTyxHQUFpRCxPQUFPLENBQUMsNkJBQTZCLENBQUMsQ0FBQztRQUVyRyxvREFBK0IsQ0FBQyxJQUFJLENBQUMsT0FBTyxFQUFFLElBQUksT0FBTyxDQUFDLDZCQUE2QixDQUFDLEdBQUcsRUFBRSxDQUFDLFNBQVMsRUFBRSxFQUFFO1lBQ3pHLFNBQVMsQ0FBQyxVQUFVLENBQUMsZ0JBQWdCLENBQUMsQ0FBQztZQUN2QyxPQUFPLFNBQVMsQ0FBQztRQUNuQixDQUFDLENBQUMsQ0FBQyxDQUFDO0tBQ0w7O0FBZkgsb0RBZ0JDOzs7QUFFRDs7Ozs7Ozs7Ozs7Ozs7R0FjRztBQUNILE1BQWEsdUJBQXVCO0lBQ2xDOzs7O09BSUc7SUFDSCxZQUNrQixhQUEwQztJQUMxRDs7O09BR0c7SUFDYSxhQUF5QixFQUFFO1FBTDNCLGtCQUFhLEdBQWIsYUFBYSxDQUE2QjtRQUsxQyxlQUFVLEdBQVYsVUFBVSxDQUFpQjtLQUM1Qzs7QUFiSCwwREFjQzs7O0FBRUQ7Ozs7OztHQU1HO0FBQ0gsTUFBYSxZQUFhLFNBQVEsYUFBYTtJQUM3Qzs7O09BR0c7SUFDSCxZQUE0QixHQUFXO1FBQ3JDLEtBQUssRUFBRSxDQUFDO1FBRGtCLFFBQUcsR0FBSCxHQUFHLENBQVE7S0FFdEM7SUFFRCxJQUFXLGNBQWM7UUFDdkIsT0FBTyxJQUFJLHVCQUF1QixDQUFDLEVBQUUsR0FBRyxFQUFFLENBQUMsSUFBSSxDQUFDLEdBQUcsQ0FBQyxFQUFFLENBQUMsQ0FBQztLQUN6RDtJQUVNLFFBQVE7UUFDYixPQUFPLGdCQUFnQixJQUFJLENBQUMsR0FBRyxHQUFHLENBQUM7S0FDcEM7SUFFRDs7O09BR0c7SUFDSSxjQUFjLENBQUMsY0FBc0I7UUFDMUMsT0FBTyxJQUFJLENBQUMsY0FBYyxDQUFDO1lBQ3pCLFlBQVksRUFBRTtnQkFDWixvQkFBb0IsRUFBRSxjQUFjO2FBQ3JDO1NBQ0YsQ0FBQyxDQUFDO0tBQ0o7O0FBM0JILG9DQTRCQzs7O0FBRUQ7O0dBRUc7QUFDSCxNQUFhLGdCQUFpQixTQUFRLFlBQVk7SUFHaEQ7OztPQUdHO0lBQ0gsWUFBNEIsU0FBYztRQUN4QyxLQUFLLENBQUMsSUFBSSxtQkFBbUIsQ0FBQyxLQUFLLENBQUMsRUFBRSxDQUFDLE9BQU8sS0FBSyxDQUFDLFNBQVMsU0FBUyxTQUFTLE9BQU8sQ0FBQyxDQUFDLFFBQVEsRUFBRSxDQUFDLENBQUM7UUFEMUUsY0FBUyxHQUFULFNBQVMsQ0FBSztRQUV4QyxJQUFJLENBQUMsZ0JBQWdCLEdBQUcsU0FBUyxDQUFDO0tBQ25DO0lBRU0sUUFBUTtRQUNiLE9BQU8sb0JBQW9CLElBQUksQ0FBQyxTQUFTLEdBQUcsQ0FBQztLQUM5Qzs7QUFkSCw0Q0FlQzs7O0FBc0JEOztHQUVHO0FBQ0gsTUFBYSxnQkFBaUIsU0FBUSxhQUFhO0lBQ2pEOzs7T0FHRztJQUNILFlBQTRCLE9BQWUsRUFBbUIsT0FBNkIsRUFBRTtRQUMzRixLQUFLLEVBQUUsQ0FBQztRQURrQixZQUFPLEdBQVAsT0FBTyxDQUFRO1FBQW1CLFNBQUksR0FBSixJQUFJLENBQTJCOzs7Ozs7Ozs7O0tBRTVGO0lBRUQsSUFBVyxjQUFjO1FBQ3ZCLE9BQU8sSUFBSSx1QkFBdUIsQ0FBQztZQUNqQyxPQUFPLEVBQUU7Z0JBQ1AsSUFBSSxxQkFBcUIsQ0FBQyxJQUFJLENBQUMsT0FBTyxFQUFFLElBQUksQ0FBQyxJQUFJLENBQUMsQ0FBQyxRQUFRLEVBQUU7YUFDOUQ7U0FDRixFQUFFLElBQUksQ0FBQyxJQUFJLENBQUMsVUFBVSxDQUFDLENBQUM7S0FDMUI7SUFFTSxRQUFRO1FBQ2IsT0FBTyxvQkFBb0IsSUFBSSxDQUFDLE9BQU8sR0FBRyxDQUFDO0tBQzVDOztBQW5CSCw0Q0FvQkM7OztBQUVEOztHQUVHO0FBQ0gsTUFBYSxxQkFBc0IsU0FBUSxhQUFhO0lBQ3REOzs7T0FHRztJQUNILFlBQTRCLGNBQXNCO1FBQ2hELEtBQUssRUFBRSxDQUFDO1FBRGtCLG1CQUFjLEdBQWQsY0FBYyxDQUFRO0tBRWpEO0lBRUQsSUFBVyxjQUFjO1FBQ3ZCLE9BQU8sSUFBSSx1QkFBdUIsQ0FDaEMsRUFBRSxHQUFHLEVBQUUsQ0FBQyxHQUFHLENBQUMsRUFBRSxFQUNkLEVBQUUsWUFBWSxFQUFFLEVBQUUsb0JBQW9CLEVBQUUsSUFBSSxDQUFDLGNBQWMsRUFBRSxFQUFFLENBQ2hFLENBQUM7S0FDSDtJQUVNLFFBQVE7UUFDYixPQUFPLHlCQUF5QixJQUFJLENBQUMsY0FBYyxHQUFHLENBQUM7S0FDeEQ7O0FBbEJILHNEQW1CQzs7O0FBRUQ7Ozs7Ozs7Ozs7OztHQVlHO0FBQ0gsTUFBYSxzQkFBdUIsU0FBUSxhQUFhO0lBQ3ZEOzs7OztPQUtHO0lBQ0gsWUFBNEIsZUFBdUI7UUFDakQsS0FBSyxFQUFFLENBQUM7UUFEa0Isb0JBQWUsR0FBZixlQUFlLENBQVE7S0FFbEQ7SUFFRCxJQUFXLGNBQWM7UUFDdkIsT0FBTyxJQUFJLHVCQUF1QixDQUFDLEVBQUUsYUFBYSxFQUFFLENBQUMsSUFBSSxDQUFDLGVBQWUsQ0FBQyxFQUFFLENBQUMsQ0FBQztLQUMvRTtJQUVNLFFBQVE7UUFDYixPQUFPLDBCQUEwQixJQUFJLENBQUMsZUFBZSxHQUFHLENBQUM7S0FDMUQ7O0FBakJILHdEQWtCQzs7O0FBRUQ7Ozs7Ozs7R0FPRztBQUNILE1BQWEsa0JBQW1CLFNBQVEsYUFBYTtJQUduRDs7Ozs7O09BTUc7SUFDSCxZQUNrQixTQUFpQixFQUNqQixVQUFzQixFQUN0QyxtQkFBMkIsZ0JBQWdCO1FBQzNDLEtBQUssRUFBRSxDQUFDO1FBSFEsY0FBUyxHQUFULFNBQVMsQ0FBUTtRQUNqQixlQUFVLEdBQVYsVUFBVSxDQUFZO1FBSXRDLElBQUksQ0FBQyxnQkFBZ0IsR0FBRyxnQkFBZ0IsQ0FBQztLQUMxQztJQUVELElBQVcsY0FBYztRQUN2QixPQUFPLElBQUksdUJBQXVCLENBQUMsRUFBRSxTQUFTLEVBQUUsQ0FBQyxJQUFJLENBQUMsU0FBUyxDQUFDLEVBQUUsRUFBRSxJQUFJLENBQUMsVUFBVSxDQUFDLENBQUM7S0FDdEY7SUFFTSxRQUFRO1FBQ2IsT0FBTyxzQkFBc0IsSUFBSSxDQUFDLFNBQVMsR0FBRyxDQUFDO0tBQ2hEOztBQXpCSCxnREEwQkM7OztBQUVEOzs7R0FHRztBQUNILE1BQWEsb0JBQXFCLFNBQVEsa0JBQWtCO0lBRTFEOzs7Ozs7T0FNRztJQUNILFlBQVksZ0JBQXdCLEVBQUUsYUFBeUIsRUFBRTtRQUMvRCxLQUFLLENBQUMsZ0JBQWdCLEVBQUUsVUFBVSxhQUFWLFVBQVUsY0FBVixVQUFVLEdBQUksRUFBRSxFQUFFLCtCQUErQixDQUFDLENBQUM7S0FDNUU7SUFFRCxJQUFXLGNBQWM7UUFDdkIsT0FBTyxJQUFJLHVCQUF1QixDQUFDLEVBQUUsU0FBUyxFQUFFLENBQUMsSUFBSSxDQUFDLFNBQVMsQ0FBQyxFQUFFLEVBQUUsSUFBSSxDQUFDLFVBQVUsQ0FBQyxDQUFDO0tBQ3RGO0lBRU0sUUFBUTtRQUNiLE9BQU8sd0JBQXdCLElBQUksQ0FBQyxTQUFTLEdBQUcsQ0FBQztLQUNsRDs7QUFuQkgsb0RBb0JDOzs7QUFFRDs7R0FFRztBQUNILE1BQWEsc0JBQXVCLFNBQVEsb0JBQW9CO0lBRTlEOzs7OztPQUtHO0lBQ0gsWUFBWSxxQkFBNkMsRUFBRSxhQUF5QixFQUFFO1FBQ3BGLEtBQUssQ0FBQyxxQkFBcUIsQ0FBQyx3QkFBd0IsRUFBRSxVQUFVLGFBQVYsVUFBVSxjQUFWLFVBQVUsR0FBSSxFQUFFLENBQUMsQ0FBQzs7Ozs7Ozs7OztLQUN6RTtJQUVELElBQVcsY0FBYztRQUN2QixPQUFPLElBQUksdUJBQXVCLENBQUMsRUFBRSxTQUFTLEVBQUUsQ0FBQyxJQUFJLENBQUMsU0FBUyxDQUFDLEVBQUUsRUFBRSxJQUFJLENBQUMsVUFBVSxDQUFDLENBQUM7S0FDdEY7SUFFTSxRQUFRO1FBQ2IsT0FBTywwQkFBMEIsSUFBSSxDQUFDLFNBQVMsR0FBRyxDQUFDO0tBQ3BEOztBQWxCSCx3REFtQkM7OztBQUVEOztHQUVHO0FBQ0gsTUFBYSxhQUFjLFNBQVEsa0JBQWtCO0lBQ25ELFlBQVksWUFBMkIsRUFBRSxVQUFzQjtRQUM3RCxLQUFLLENBQUMsWUFBWSxDQUFDLGVBQWUsRUFBRSxVQUFVLEVBQUUsd0JBQXdCLENBQUMsQ0FBQzs7Ozs7Ozs7OztLQUMzRTtJQUVNLFFBQVE7UUFDYixPQUFPLGlCQUFpQixJQUFJLENBQUMsU0FBUyxHQUFHLENBQUM7S0FDM0M7O0FBUEgsc0NBUUM7OztBQUVEOzs7R0FHRztBQUNILE1BQWEsb0JBQXFCLFNBQVEsYUFBYTtJQUNyRCxZQUFZLFlBQTJCLEVBQUUsYUFBeUIsRUFBRTtRQUNsRSxLQUFLLENBQUMsWUFBWSxFQUFFO1lBQ2xCLEdBQUcsVUFBVTtZQUNiLFlBQVksRUFBRTtnQkFDWixVQUFVLEVBQUUsb0NBQW9DO2FBQ2pEO1NBQ0YsQ0FBQyxDQUFDOzs7Ozs7Ozs7O0tBQ0o7SUFFTSxRQUFRO1FBQ2IsT0FBTyx3QkFBd0IsSUFBSSxDQUFDLFNBQVMsR0FBRyxDQUFDO0tBQ2xEOztBQVpILG9EQWFDOzs7QUFFRDs7R0FFRztBQUNILE1BQWEsb0JBQXFCLFNBQVEsZ0JBQWdCO0lBQ3hEO1FBQ0UsS0FBSyxDQUFDLElBQUksbUJBQW1CLENBQUMsS0FBSyxDQUFDLEVBQUUsQ0FBQyxLQUFLLENBQUMsT0FBTyxDQUFDLENBQUMsUUFBUSxFQUFFLENBQUMsQ0FBQztLQUNuRTtJQUVNLFFBQVE7UUFDYixPQUFPLHdCQUF3QixDQUFDO0tBQ2pDOztBQVBILG9EQVFDOzs7QUFFRDs7Ozs7Ozs7O0dBU0c7QUFDSCxNQUFhLFlBQWEsU0FBUSxZQUFZO0lBQzVDO1FBQ0UsS0FBSyxDQUFDLEdBQUcsQ0FBQyxDQUFDO0tBQ1o7SUFFTSxRQUFRO1FBQ2IsT0FBTyxnQkFBZ0IsQ0FBQztLQUN6Qjs7QUFQSCxvQ0FRQzs7O0FBRUQ7OztHQUdHO0FBQ0gsTUFBYSxNQUFPLFNBQVEsWUFBWTs7QUFBeEMsd0JBQTRDOzs7QUFFNUM7Ozs7Ozs7O0dBUUc7QUFDSCxNQUFhLGFBQWMsU0FBUSxhQUFhO0lBQWhEOztRQUNrQixtQkFBYyxHQUE0QjtZQUN4RCxhQUFhLEVBQUUsRUFBRSxDQUFDLHlCQUFrQixDQUFDLEVBQUUsQ0FBQyxHQUFHLENBQUMsRUFBRTtZQUM5QyxVQUFVLEVBQUUsRUFBRTtTQUNmLENBQUM7S0FLSDtJQUhRLFFBQVE7UUFDYixPQUFPLGlCQUFpQixDQUFDO0tBQzFCOztBQVJILHNDQVNDOzs7QUFFRDs7O0dBR0c7QUFDSCxNQUFhLGtCQUFtQixTQUFRLGFBQWE7SUFJbkQsWUFBWSxHQUFHLFVBQXdCO1FBQ3JDLEtBQUssRUFBRSxDQUFDO1FBSE8sZUFBVSxHQUFHLElBQUksS0FBSyxFQUFjLENBQUM7Ozs7Ozs7Ozs7UUFJcEQsSUFBSSxVQUFVLENBQUMsTUFBTSxLQUFLLENBQUMsRUFBRTtZQUMzQixNQUFNLElBQUksS0FBSyxDQUFDLHlGQUF5RixDQUFDLENBQUM7U0FDNUc7UUFDRCxJQUFJLENBQUMsZ0JBQWdCLEdBQUcsVUFBVSxDQUFDLENBQUMsQ0FBQyxDQUFDLGdCQUFnQixDQUFDO1FBQ3ZELElBQUksQ0FBQyxhQUFhLENBQUMsR0FBRyxVQUFVLENBQUMsQ0FBQztLQUNuQztJQUVEOzs7OztPQUtHO0lBQ0ksYUFBYSxDQUFDLEdBQUcsVUFBd0I7Ozs7Ozs7Ozs7UUFDOUMsSUFBSSxDQUFDLFVBQVUsQ0FBQyxJQUFJLENBQUMsR0FBRyxVQUFVLENBQUMsQ0FBQztRQUNwQyxPQUFPLElBQUksQ0FBQztLQUNiO0lBRU0scUJBQXFCLENBQUMsR0FBbUI7Ozs7Ozs7Ozs7UUFDOUMsS0FBSyxNQUFNLENBQUMsSUFBSSxJQUFJLENBQUMsVUFBVSxFQUFFO1lBQy9CLG9EQUErQixDQUFDLENBQUMsRUFBRSxHQUFHLENBQUMsQ0FBQztTQUN6QztLQUNGO0lBRUQsSUFBVyxjQUFjO1FBQ3ZCLDhFQUE4RTtRQUM5RSxzRkFBc0Y7UUFDdEYsS0FBSyxNQUFNLENBQUMsSUFBSSxJQUFJLENBQUMsVUFBVSxFQUFFO1lBQy9CLE1BQU0sUUFBUSxHQUFHLENBQUMsQ0FBQyxjQUFjLENBQUM7WUFDbEMsSUFBSSxRQUFRLENBQUMsVUFBVSxJQUFJLE1BQU0sQ0FBQyxJQUFJLENBQUMsUUFBUSxDQUFDLFVBQVUsQ0FBQyxDQUFDLE1BQU0sR0FBRyxDQUFDLEVBQUU7Z0JBQ3RFLE1BQU0sSUFBSSxLQUFLLENBQ2IsK0RBQStEO29CQUMvRCx3Q0FBd0MsSUFBSSxDQUFDLFNBQVMsQ0FBQyxRQUFRLENBQUMsRUFBRSxDQUFDLENBQUM7YUFDdkU7U0FDRjtRQUVELE1BQU0sYUFBYSxHQUFnQyxFQUFFLENBQUM7UUFFdEQsS0FBSyxNQUFNLENBQUMsSUFBSSxJQUFJLENBQUMsVUFBVSxFQUFFO1lBQy9CLHFCQUFjLENBQUMsYUFBYSxFQUFFLENBQUMsQ0FBQyxjQUFjLENBQUMsYUFBYSxDQUFDLENBQUM7U0FDL0Q7UUFFRCxPQUFPLElBQUksdUJBQXVCLENBQUMsYUFBYSxDQUFDLENBQUM7S0FDbkQ7SUFFTSxRQUFRO1FBQ2IsT0FBTyxzQkFBc0IsSUFBSSxDQUFDLFVBQVUsR0FBRyxDQUFDO0tBQ2pEOztBQXJESCxnREFzREM7OztBQUVEOztHQUVHO0FBQ0gsTUFBTSxtQkFBbUI7SUFFdkIsWUFBNkIsRUFBNkI7UUFBN0IsT0FBRSxHQUFGLEVBQUUsQ0FBMkI7UUFDeEQsSUFBSSxDQUFDLGFBQWEsR0FBRyxHQUFHLENBQUMsaUJBQWlCLEVBQUUsQ0FBQztLQUM5QztJQUVNLE9BQU8sQ0FBQyxPQUE0QjtRQUN6QyxPQUFPLElBQUksQ0FBQyxFQUFFLENBQUMsR0FBRyxDQUFDLEtBQUssQ0FBQyxFQUFFLENBQUMsT0FBTyxDQUFDLEtBQUssQ0FBQyxDQUFDLENBQUM7S0FDN0M7SUFFTSxRQUFRO1FBQ2IsT0FBTyxHQUFHLENBQUMsS0FBSyxDQUFDLFFBQVEsQ0FBQyxJQUFJLENBQUMsQ0FBQztLQUNqQztJQUVEOzs7O09BSUc7SUFDSSxNQUFNO1FBQ1gsT0FBTyxvQkFBb0IsQ0FBQztLQUM3QjtDQUNGO0FBRUQsTUFBTSxxQkFBcUI7SUFFekIsWUFDbUIsT0FBZSxFQUNmLElBQTBCO1FBRDFCLFlBQU8sR0FBUCxPQUFPLENBQVE7UUFDZixTQUFJLEdBQUosSUFBSSxDQUFzQjtRQUMzQyxJQUFJLENBQUMsYUFBYSxHQUFHLEdBQUcsQ0FBQyxpQkFBaUIsRUFBRSxDQUFDO0tBQzlDO0lBRU0sT0FBTyxDQUFDLEdBQXdCOztRQUNyQyxJQUFJLElBQUksQ0FBQyxJQUFJLENBQUMsTUFBTSxFQUFFO1lBQ3BCLG1FQUFtRTtZQUNuRSxhQUFPLHdCQUFVLENBQUMsR0FBRyxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsTUFBTSxDQUFDLENBQUMsZ0JBQWdCLENBQUMsSUFBSSxDQUFDLE9BQU8sQ0FBQyxtQ0FDcEUscUJBQU8sQ0FBQyxnQkFBZ0IsQ0FBQyxJQUFJLENBQUMsT0FBTyxFQUFFLElBQUksQ0FBQyxJQUFJLENBQUMsTUFBTSxFQUFFLEdBQUcsQ0FBQyxHQUFHLENBQUMsVUFBVSxDQUFDLENBQUM7U0FDaEY7UUFFRCxNQUFNLEtBQUssR0FBRyxHQUFHLENBQUMsS0FBSyxDQUFDLEVBQUUsQ0FBQyxHQUFHLENBQUMsS0FBSyxDQUFDLENBQUM7UUFDdEMsT0FBTyxLQUFLLENBQUMsWUFBWSxDQUN2QixzQkFBUSxDQUFDLGdCQUFnQixDQUFDLElBQUksQ0FBQyxPQUFPLENBQUMsRUFDdkMscUJBQU8sQ0FBQyxnQkFBZ0IsQ0FBQyxJQUFJLENBQUMsT0FBTyxFQUFFLEtBQUssQ0FBQyxNQUFNLEVBQUUsR0FBRyxDQUFDLEdBQUcsQ0FBQyxVQUFVLENBQUMsQ0FDekUsQ0FBQztLQUNIO0lBRU0sUUFBUTtRQUNiLE9BQU8sR0FBRyxDQUFDLEtBQUssQ0FBQyxRQUFRLENBQUMsSUFBSSxFQUFFO1lBQzlCLFdBQVcsRUFBRSxJQUFJLENBQUMsT0FBTztTQUMxQixDQUFDLENBQUM7S0FDSjtJQUVEOzs7O09BSUc7SUFDSSxNQUFNO1FBQ1gsT0FBTyxJQUFJLElBQUksQ0FBQyxPQUFPLEdBQUcsQ0FBQztLQUM1QjtDQUNGIiwic291cmNlc0NvbnRlbnQiOlsiaW1wb3J0ICogYXMgY2RrIGZyb20gJ0Bhd3MtY2RrL2NvcmUnO1xuaW1wb3J0IHsgRGVmYXVsdCwgRmFjdE5hbWUsIFJlZ2lvbkluZm8gfSBmcm9tICdAYXdzLWNkay9yZWdpb24taW5mbyc7XG5pbXBvcnQgeyBJT3BlbklkQ29ubmVjdFByb3ZpZGVyIH0gZnJvbSAnLi9vaWRjLXByb3ZpZGVyJztcbmltcG9ydCB7IFBvbGljeURvY3VtZW50IH0gZnJvbSAnLi9wb2xpY3ktZG9jdW1lbnQnO1xuaW1wb3J0IHsgQ29uZGl0aW9uLCBDb25kaXRpb25zLCBQb2xpY3lTdGF0ZW1lbnQgfSBmcm9tICcuL3BvbGljeS1zdGF0ZW1lbnQnO1xuaW1wb3J0IHsgZGVmYXVsdEFkZFByaW5jaXBhbFRvQXNzdW1lUm9sZSB9IGZyb20gJy4vcHJpdmF0ZS9hc3N1bWUtcm9sZS1wb2xpY3knO1xuaW1wb3J0IHsgSVNhbWxQcm92aWRlciB9IGZyb20gJy4vc2FtbC1wcm92aWRlcic7XG5pbXBvcnQgeyBMSVRFUkFMX1NUUklOR19LRVksIG1lcmdlUHJpbmNpcGFsIH0gZnJvbSAnLi91dGlsJztcblxuLyoqXG4gKiBBbnkgb2JqZWN0IHRoYXQgaGFzIGFuIGFzc29jaWF0ZWQgcHJpbmNpcGFsIHRoYXQgYSBwZXJtaXNzaW9uIGNhbiBiZSBncmFudGVkIHRvXG4gKi9cbmV4cG9ydCBpbnRlcmZhY2UgSUdyYW50YWJsZSB7XG4gIC8qKlxuICAgKiBUaGUgcHJpbmNpcGFsIHRvIGdyYW50IHBlcm1pc3Npb25zIHRvXG4gICAqL1xuICByZWFkb25seSBncmFudFByaW5jaXBhbDogSVByaW5jaXBhbDtcbn1cblxuLyoqXG4gKiBSZXByZXNlbnRzIGEgbG9naWNhbCBJQU0gcHJpbmNpcGFsLlxuICpcbiAqIEFuIElQcmluY2lwYWwgZGVzY3JpYmVzIGEgbG9naWNhbCBlbnRpdHkgdGhhdCBjYW4gcGVyZm9ybSBBV1MgQVBJIGNhbGxzXG4gKiBhZ2FpbnN0IHNldHMgb2YgcmVzb3VyY2VzLCBvcHRpb25hbGx5IHVuZGVyIGNlcnRhaW4gY29uZGl0aW9ucy5cbiAqXG4gKiBFeGFtcGxlcyBvZiBzaW1wbGUgcHJpbmNpcGFscyBhcmUgSUFNIG9iamVjdHMgdGhhdCB5b3UgY3JlYXRlLCBzdWNoXG4gKiBhcyBVc2VycyBvciBSb2xlcy5cbiAqXG4gKiBBbiBleGFtcGxlIG9mIGEgbW9yZSBjb21wbGV4IHByaW5jaXBhbHMgaXMgYSBgU2VydmljZVByaW5jaXBhbGAgKHN1Y2ggYXNcbiAqIGBuZXcgU2VydmljZVByaW5jaXBhbChcInNucy5hbWF6b25hd3MuY29tXCIpYCwgd2hpY2ggcmVwcmVzZW50cyB0aGUgU2ltcGxlXG4gKiBOb3RpZmljYXRpb25zIFNlcnZpY2UpLlxuICpcbiAqIEEgc2luZ2xlIGxvZ2ljYWwgUHJpbmNpcGFsIG1heSBhbHNvIG1hcCB0byBhIHNldCBvZiBwaHlzaWNhbCBwcmluY2lwYWxzLlxuICogRm9yIGV4YW1wbGUsIGBuZXcgT3JnYW5pemF0aW9uUHJpbmNpcGFsKCdvLTEyMzQnKWAgcmVwcmVzZW50cyBhbGxcbiAqIGlkZW50aXRpZXMgdGhhdCBhcmUgcGFydCBvZiB0aGUgZ2l2ZW4gQVdTIE9yZ2FuaXphdGlvbi5cbiAqL1xuZXhwb3J0IGludGVyZmFjZSBJUHJpbmNpcGFsIGV4dGVuZHMgSUdyYW50YWJsZSB7XG4gIC8qKlxuICAgKiBXaGVuIHRoaXMgUHJpbmNpcGFsIGlzIHVzZWQgaW4gYW4gQXNzdW1lUm9sZSBwb2xpY3ksIHRoZSBhY3Rpb24gdG8gdXNlLlxuICAgKi9cbiAgcmVhZG9ubHkgYXNzdW1lUm9sZUFjdGlvbjogc3RyaW5nO1xuXG4gIC8qKlxuICAgKiBSZXR1cm4gdGhlIHBvbGljeSBmcmFnbWVudCB0aGF0IGlkZW50aWZpZXMgdGhpcyBwcmluY2lwYWwgaW4gYSBQb2xpY3kuXG4gICAqL1xuICByZWFkb25seSBwb2xpY3lGcmFnbWVudDogUHJpbmNpcGFsUG9saWN5RnJhZ21lbnQ7XG5cbiAgLyoqXG4gICAqIFRoZSBBV1MgYWNjb3VudCBJRCBvZiB0aGlzIHByaW5jaXBhbC5cbiAgICogQ2FuIGJlIHVuZGVmaW5lZCB3aGVuIHRoZSBhY2NvdW50IGlzIG5vdCBrbm93blxuICAgKiAoZm9yIGV4YW1wbGUsIGZvciBzZXJ2aWNlIHByaW5jaXBhbHMpLlxuICAgKiBDYW4gYmUgYSBUb2tlbiAtIGluIHRoYXQgY2FzZSxcbiAgICogaXQncyBhc3N1bWVkIHRvIGJlIEFXUzo6QWNjb3VudElkLlxuICAgKi9cbiAgcmVhZG9ubHkgcHJpbmNpcGFsQWNjb3VudD86IHN0cmluZztcblxuICAvKipcbiAgICogQWRkIHRvIHRoZSBwb2xpY3kgb2YgdGhpcyBwcmluY2lwYWwuXG4gICAqXG4gICAqIEByZXR1cm5zIHRydWUgaWYgdGhlIHN0YXRlbWVudCB3YXMgYWRkZWQsIGZhbHNlIGlmIHRoZSBwcmluY2lwYWwgaW5cbiAgICogcXVlc3Rpb24gZG9lcyBub3QgaGF2ZSBhIHBvbGljeSBkb2N1bWVudCB0byBhZGQgdGhlIHN0YXRlbWVudCB0by5cbiAgICpcbiAgICogQGRlcHJlY2F0ZWQgVXNlIGBhZGRUb1ByaW5jaXBhbFBvbGljeWAgaW5zdGVhZC5cbiAgICovXG4gIGFkZFRvUG9saWN5KHN0YXRlbWVudDogUG9saWN5U3RhdGVtZW50KTogYm9vbGVhbjtcblxuICAvKipcbiAgICogQWRkIHRvIHRoZSBwb2xpY3kgb2YgdGhpcyBwcmluY2lwYWwuXG4gICAqL1xuICBhZGRUb1ByaW5jaXBhbFBvbGljeShzdGF0ZW1lbnQ6IFBvbGljeVN0YXRlbWVudCk6IEFkZFRvUHJpbmNpcGFsUG9saWN5UmVzdWx0O1xufVxuXG4vKipcbiAqIEEgdHlwZSBvZiBwcmluY2lwYWwgdGhhdCBoYXMgbW9yZSBjb250cm9sIG92ZXIgaXRzIG93biByZXByZXNlbnRhdGlvbiBpbiBBc3N1bWVSb2xlUG9saWN5RG9jdW1lbnRzXG4gKlxuICogTW9yZSBjb21wbGV4IHR5cGVzIG9mIGlkZW50aXR5IHByb3ZpZGVycyBuZWVkIG1vcmUgY29udHJvbCBvdmVyIFJvbGUncyBwb2xpY3kgZG9jdW1lbnRzXG4gKiB0aGFuIHNpbXBseSBgeyBFZmZlY3Q6ICdBbGxvdycsIEFjdGlvbjogJ0Fzc3VtZVJvbGUnLCBQcmluY2lwYWw6IDxXaGF0ZXZlcj4gfWAuXG4gKlxuICogSWYgdGhhdCBjb250cm9sIGlzIG5lY2Vzc2FyeSwgdGhleSBjYW4gaW1wbGVtZW50IGBJQXNzdW1lUm9sZVByaW5jaXBhbGAgdG8gZ2V0IGZ1bGxcbiAqIGFjY2VzcyB0byBhIFJvbGUncyBBc3N1bWVSb2xlUG9saWN5RG9jdW1lbnQuXG4gKi9cbmV4cG9ydCBpbnRlcmZhY2UgSUFzc3VtZVJvbGVQcmluY2lwYWwgZXh0ZW5kcyBJUHJpbmNpcGFsIHtcbiAgLyoqXG4gICAqIEFkZCB0aGUgcHJpbmNwaWFsIHRvIHRoZSBBc3N1bWVSb2xlUG9saWN5RG9jdW1lbnRcbiAgICpcbiAgICogQWRkIHRoZSBzdGF0ZW1lbnRzIHRvIHRoZSBBc3N1bWVSb2xlUG9saWN5RG9jdW1lbnQgbmVjZXNzYXJ5IHRvIGdpdmUgdGhpcyBwcmluY2lwYWxcbiAgICogcGVybWlzc2lvbnMgdG8gYXNzdW1lIHRoZSBnaXZlbiByb2xlLlxuICAgKi9cbiAgYWRkVG9Bc3N1bWVSb2xlUG9saWN5KGRvY3VtZW50OiBQb2xpY3lEb2N1bWVudCk6IHZvaWQ7XG59XG5cbi8qKlxuICogUmVzdWx0IG9mIGNhbGxpbmcgYGFkZFRvUHJpbmNpcGFsUG9saWN5YFxuICovXG5leHBvcnQgaW50ZXJmYWNlIEFkZFRvUHJpbmNpcGFsUG9saWN5UmVzdWx0IHtcbiAgLyoqXG4gICAqIFdoZXRoZXIgdGhlIHN0YXRlbWVudCB3YXMgYWRkZWQgdG8gdGhlIGlkZW50aXR5J3MgcG9saWNpZXMuXG4gICAqXG4gICAqL1xuICByZWFkb25seSBzdGF0ZW1lbnRBZGRlZDogYm9vbGVhbjtcblxuICAvKipcbiAgICogRGVwZW5kYWJsZSB3aGljaCBhbGxvd3MgZGVwZW5kaW5nIG9uIHRoZSBwb2xpY3kgY2hhbmdlIGJlaW5nIGFwcGxpZWRcbiAgICpcbiAgICogQGRlZmF1bHQgLSBSZXF1aXJlZCBpZiBgc3RhdGVtZW50QWRkZWRgIGlzIHRydWUuXG4gICAqL1xuICByZWFkb25seSBwb2xpY3lEZXBlbmRhYmxlPzogY2RrLklEZXBlbmRhYmxlO1xufVxuXG4vKipcbiAqIEJhc2UgY2xhc3MgZm9yIHBvbGljeSBwcmluY2lwYWxzXG4gKi9cbmV4cG9ydCBhYnN0cmFjdCBjbGFzcyBQcmluY2lwYWxCYXNlIGltcGxlbWVudHMgSUFzc3VtZVJvbGVQcmluY2lwYWwge1xuICBwdWJsaWMgcmVhZG9ubHkgZ3JhbnRQcmluY2lwYWw6IElQcmluY2lwYWwgPSB0aGlzO1xuICBwdWJsaWMgcmVhZG9ubHkgcHJpbmNpcGFsQWNjb3VudDogc3RyaW5nIHwgdW5kZWZpbmVkID0gdW5kZWZpbmVkO1xuXG4gIC8qKlxuICAgKiBSZXR1cm4gdGhlIHBvbGljeSBmcmFnbWVudCB0aGF0IGlkZW50aWZpZXMgdGhpcyBwcmluY2lwYWwgaW4gYSBQb2xpY3kuXG4gICAqL1xuICBwdWJsaWMgYWJzdHJhY3QgcmVhZG9ubHkgcG9saWN5RnJhZ21lbnQ6IFByaW5jaXBhbFBvbGljeUZyYWdtZW50O1xuXG4gIC8qKlxuICAgKiBXaGVuIHRoaXMgUHJpbmNpcGFsIGlzIHVzZWQgaW4gYW4gQXNzdW1lUm9sZSBwb2xpY3ksIHRoZSBhY3Rpb24gdG8gdXNlLlxuICAgKi9cbiAgcHVibGljIHJlYWRvbmx5IGFzc3VtZVJvbGVBY3Rpb246IHN0cmluZyA9ICdzdHM6QXNzdW1lUm9sZSc7XG5cbiAgcHVibGljIGFkZFRvUG9saWN5KHN0YXRlbWVudDogUG9saWN5U3RhdGVtZW50KTogYm9vbGVhbiB7XG4gICAgcmV0dXJuIHRoaXMuYWRkVG9QcmluY2lwYWxQb2xpY3koc3RhdGVtZW50KS5zdGF0ZW1lbnRBZGRlZDtcbiAgfVxuXG4gIHB1YmxpYyBhZGRUb1ByaW5jaXBhbFBvbGljeShfc3RhdGVtZW50OiBQb2xpY3lTdGF0ZW1lbnQpOiBBZGRUb1ByaW5jaXBhbFBvbGljeVJlc3VsdCB7XG4gICAgLy8gVGhpcyBiYXNlIGNsYXNzIGlzIHVzZWQgZm9yIG5vbi1pZGVudGl0eSBwcmluY2lwYWxzLiBOb25lIG9mIHRoZW1cbiAgICAvLyBoYXZlIGEgUG9saWN5RG9jdW1lbnQgdG8gYWRkIHRvLlxuICAgIHJldHVybiB7IHN0YXRlbWVudEFkZGVkOiBmYWxzZSB9O1xuICB9XG5cbiAgcHVibGljIGFkZFRvQXNzdW1lUm9sZVBvbGljeShkb2N1bWVudDogUG9saWN5RG9jdW1lbnQpOiB2b2lkIHtcbiAgICAvLyBEZWZhdWx0IGltcGxlbWVudGF0aW9uIG9mIHRoaXMgcHJvdG9jb2wsIGNvbXBhdGlibGUgd2l0aCB0aGUgbGVnYWN5IGJlaGF2aW9yXG4gICAgZG9jdW1lbnQuYWRkU3RhdGVtZW50cyhuZXcgUG9saWN5U3RhdGVtZW50KHtcbiAgICAgIGFjdGlvbnM6IFt0aGlzLmFzc3VtZVJvbGVBY3Rpb25dLFxuICAgICAgcHJpbmNpcGFsczogW3RoaXNdLFxuICAgIH0pKTtcbiAgfVxuXG4gIHB1YmxpYyB0b1N0cmluZygpIHtcbiAgICAvLyBUaGlzIGlzIGEgZmlyc3QgcGFzcyB0byBtYWtlIHRoZSBvYmplY3QgcmVhZGFibGUuIERlc2NlbmRhbnQgcHJpbmNpcGFsc1xuICAgIC8vIHNob3VsZCByZXR1cm4gc29tZXRoaW5nIG5pY2VyLlxuICAgIHJldHVybiBKU09OLnN0cmluZ2lmeSh0aGlzLnBvbGljeUZyYWdtZW50LnByaW5jaXBhbEpzb24pO1xuICB9XG5cbiAgLyoqXG4gICAqIEpTT04taWZ5IHRoZSBwcmluY2lwYWxcbiAgICpcbiAgICogVXNlZCB3aGVuIEpTT04uc3RyaW5naWZ5KCkgaXMgY2FsbGVkXG4gICAqL1xuICBwdWJsaWMgdG9KU09OKCkge1xuICAgIC8vIEhhdmUgdG8gaW1wbGVtZW50IHRvSlNPTigpIGJlY2F1c2UgdGhlIGRlZmF1bHQgd2lsbCBsZWFkIHRvIGluZmluaXRlIHJlY3Vyc2lvbi5cbiAgICByZXR1cm4gdGhpcy5wb2xpY3lGcmFnbWVudC5wcmluY2lwYWxKc29uO1xuICB9XG5cbiAgLyoqXG4gICAqIFJldHVybnMgYSBuZXcgUHJpbmNpcGFsV2l0aENvbmRpdGlvbnMgdXNpbmcgdGhpcyBwcmluY2lwYWwgYXMgdGhlIGJhc2UsIHdpdGggdGhlXG4gICAqIHBhc3NlZCBjb25kaXRpb25zIGFkZGVkLlxuICAgKlxuICAgKiBXaGVuIHRoZXJlIGlzIGEgdmFsdWUgZm9yIHRoZSBzYW1lIG9wZXJhdG9yIGFuZCBrZXkgaW4gYm90aCB0aGUgcHJpbmNpcGFsIGFuZCB0aGVcbiAgICogY29uZGl0aW9ucyBwYXJhbWV0ZXIsIHRoZSB2YWx1ZSBmcm9tIHRoZSBjb25kaXRpb25zIHBhcmFtZXRlciB3aWxsIGJlIHVzZWQuXG4gICAqXG4gICAqIEByZXR1cm5zIGEgbmV3IFByaW5jaXBhbFdpdGhDb25kaXRpb25zIG9iamVjdC5cbiAgICovXG4gIHB1YmxpYyB3aXRoQ29uZGl0aW9ucyhjb25kaXRpb25zOiBDb25kaXRpb25zKTogUHJpbmNpcGFsQmFzZSB7XG4gICAgcmV0dXJuIG5ldyBQcmluY2lwYWxXaXRoQ29uZGl0aW9ucyh0aGlzLCBjb25kaXRpb25zKTtcbiAgfVxuXG4gIC8qKlxuICAgKiBSZXR1cm5zIGEgbmV3IHByaW5jaXBhbCB1c2luZyB0aGlzIHByaW5jaXBhbCBhcyB0aGUgYmFzZSwgd2l0aCBzZXNzaW9uIHRhZ3MgZW5hYmxlZC5cbiAgICpcbiAgICogQHJldHVybnMgYSBuZXcgU2Vzc2lvblRhZ3NQcmluY2lwYWwgb2JqZWN0LlxuICAgKi9cbiAgcHVibGljIHdpdGhTZXNzaW9uVGFncygpOiBQcmluY2lwYWxCYXNlIHtcbiAgICByZXR1cm4gbmV3IFNlc3Npb25UYWdzUHJpbmNpcGFsKHRoaXMpO1xuICB9XG59XG5cbi8qKlxuICogQmFzZSBjbGFzcyBmb3IgUHJpbmNpcGFscyB0aGF0IHdyYXAgb3RoZXIgcHJpbmNpcGFsc1xuICovXG5jbGFzcyBQcmluY2lwYWxBZGFwdGVyIGV4dGVuZHMgUHJpbmNpcGFsQmFzZSB7XG4gIHB1YmxpYyByZWFkb25seSBhc3N1bWVSb2xlQWN0aW9uID0gdGhpcy53cmFwcGVkLmFzc3VtZVJvbGVBY3Rpb247XG4gIHB1YmxpYyByZWFkb25seSBwcmluY2lwYWxBY2NvdW50ID0gdGhpcy53cmFwcGVkLnByaW5jaXBhbEFjY291bnQ7XG5cbiAgY29uc3RydWN0b3IocHJvdGVjdGVkIHJlYWRvbmx5IHdyYXBwZWQ6IElQcmluY2lwYWwpIHtcbiAgICBzdXBlcigpO1xuICB9XG5cbiAgcHVibGljIGdldCBwb2xpY3lGcmFnbWVudCgpOiBQcmluY2lwYWxQb2xpY3lGcmFnbWVudCB7IHJldHVybiB0aGlzLndyYXBwZWQucG9saWN5RnJhZ21lbnQ7IH1cblxuICBhZGRUb1BvbGljeShzdGF0ZW1lbnQ6IFBvbGljeVN0YXRlbWVudCk6IGJvb2xlYW4ge1xuICAgIHJldHVybiB0aGlzLndyYXBwZWQuYWRkVG9Qb2xpY3koc3RhdGVtZW50KTtcbiAgfVxuICBhZGRUb1ByaW5jaXBhbFBvbGljeShzdGF0ZW1lbnQ6IFBvbGljeVN0YXRlbWVudCk6IEFkZFRvUHJpbmNpcGFsUG9saWN5UmVzdWx0IHtcbiAgICByZXR1cm4gdGhpcy53cmFwcGVkLmFkZFRvUHJpbmNpcGFsUG9saWN5KHN0YXRlbWVudCk7XG4gIH1cbn1cblxuLyoqXG4gKiBBbiBJQU0gcHJpbmNpcGFsIHdpdGggYWRkaXRpb25hbCBjb25kaXRpb25zIHNwZWNpZnlpbmcgd2hlbiB0aGUgcG9saWN5IGlzIGluIGVmZmVjdC5cbiAqXG4gKiBGb3IgbW9yZSBpbmZvcm1hdGlvbiBhYm91dCBjb25kaXRpb25zLCBzZWU6XG4gKiBodHRwczovL2RvY3MuYXdzLmFtYXpvbi5jb20vSUFNL2xhdGVzdC9Vc2VyR3VpZGUvcmVmZXJlbmNlX3BvbGljaWVzX2VsZW1lbnRzX2NvbmRpdGlvbi5odG1sXG4gKi9cbmV4cG9ydCBjbGFzcyBQcmluY2lwYWxXaXRoQ29uZGl0aW9ucyBleHRlbmRzIFByaW5jaXBhbEFkYXB0ZXIge1xuICBwcml2YXRlIGFkZGl0aW9uYWxDb25kaXRpb25zOiBDb25kaXRpb25zO1xuXG4gIGNvbnN0cnVjdG9yKHByaW5jaXBhbDogSVByaW5jaXBhbCwgY29uZGl0aW9uczogQ29uZGl0aW9ucykge1xuICAgIHN1cGVyKHByaW5jaXBhbCk7XG4gICAgdGhpcy5hZGRpdGlvbmFsQ29uZGl0aW9ucyA9IGNvbmRpdGlvbnM7XG4gIH1cblxuICAvKipcbiAgICogQWRkIGEgY29uZGl0aW9uIHRvIHRoZSBwcmluY2lwYWxcbiAgICovXG4gIHB1YmxpYyBhZGRDb25kaXRpb24oa2V5OiBzdHJpbmcsIHZhbHVlOiBDb25kaXRpb24pIHtcbiAgICBjb25zdCBleGlzdGluZ1ZhbHVlID0gdGhpcy5hZGRpdGlvbmFsQ29uZGl0aW9uc1trZXldO1xuICAgIHRoaXMuYWRkaXRpb25hbENvbmRpdGlvbnNba2V5XSA9IGV4aXN0aW5nVmFsdWUgPyB7IC4uLmV4aXN0aW5nVmFsdWUsIC4uLnZhbHVlIH0gOiB2YWx1ZTtcbiAgfVxuXG4gIC8qKlxuICAgKiBBZGRzIG11bHRpcGxlIGNvbmRpdGlvbnMgdG8gdGhlIHByaW5jaXBhbFxuICAgKlxuICAgKiBWYWx1ZXMgZnJvbSB0aGUgY29uZGl0aW9ucyBwYXJhbWV0ZXIgd2lsbCBvdmVyd3JpdGUgZXhpc3RpbmcgdmFsdWVzIHdpdGggdGhlIHNhbWUgb3BlcmF0b3JcbiAgICogYW5kIGtleS5cbiAgICovXG4gIHB1YmxpYyBhZGRDb25kaXRpb25zKGNvbmRpdGlvbnM6IENvbmRpdGlvbnMpIHtcbiAgICBPYmplY3QuZW50cmllcyhjb25kaXRpb25zKS5mb3JFYWNoKChba2V5LCB2YWx1ZV0pID0+IHtcbiAgICAgIHRoaXMuYWRkQ29uZGl0aW9uKGtleSwgdmFsdWUpO1xuICAgIH0pO1xuICB9XG5cbiAgLyoqXG4gICAqIFRoZSBjb25kaXRpb25zIHVuZGVyIHdoaWNoIHRoZSBwb2xpY3kgaXMgaW4gZWZmZWN0LlxuICAgKiBTZWUgW3RoZSBJQU0gZG9jdW1lbnRhdGlvbl0oaHR0cHM6Ly9kb2NzLmF3cy5hbWF6b24uY29tL0lBTS9sYXRlc3QvVXNlckd1aWRlL3JlZmVyZW5jZV9wb2xpY2llc19lbGVtZW50c19jb25kaXRpb24uaHRtbCkuXG4gICAqL1xuICBwdWJsaWMgZ2V0IGNvbmRpdGlvbnMoKSB7XG4gICAgcmV0dXJuIHRoaXMubWVyZ2VDb25kaXRpb25zKHRoaXMud3JhcHBlZC5wb2xpY3lGcmFnbWVudC5jb25kaXRpb25zLCB0aGlzLmFkZGl0aW9uYWxDb25kaXRpb25zKTtcbiAgfVxuXG4gIHB1YmxpYyBnZXQgcG9saWN5RnJhZ21lbnQoKTogUHJpbmNpcGFsUG9saWN5RnJhZ21lbnQge1xuICAgIHJldHVybiBuZXcgUHJpbmNpcGFsUG9saWN5RnJhZ21lbnQodGhpcy53cmFwcGVkLnBvbGljeUZyYWdtZW50LnByaW5jaXBhbEpzb24sIHRoaXMuY29uZGl0aW9ucyk7XG4gIH1cblxuICBwdWJsaWMgdG9TdHJpbmcoKSB7XG4gICAgcmV0dXJuIHRoaXMud3JhcHBlZC50b1N0cmluZygpO1xuICB9XG5cbiAgLyoqXG4gICAqIEpTT04taWZ5IHRoZSBwcmluY2lwYWxcbiAgICpcbiAgICogVXNlZCB3aGVuIEpTT04uc3RyaW5naWZ5KCkgaXMgY2FsbGVkXG4gICAqL1xuICBwdWJsaWMgdG9KU09OKCkge1xuICAgIC8vIEhhdmUgdG8gaW1wbGVtZW50IHRvSlNPTigpIGJlY2F1c2UgdGhlIGRlZmF1bHQgd2lsbCBsZWFkIHRvIGluZmluaXRlIHJlY3Vyc2lvbi5cbiAgICByZXR1cm4gdGhpcy5wb2xpY3lGcmFnbWVudC5wcmluY2lwYWxKc29uO1xuICB9XG5cbiAgcHJpdmF0ZSBtZXJnZUNvbmRpdGlvbnMocHJpbmNpcGFsQ29uZGl0aW9uczogQ29uZGl0aW9ucywgYWRkaXRpb25hbENvbmRpdGlvbnM6IENvbmRpdGlvbnMpOiBDb25kaXRpb25zIHtcbiAgICBjb25zdCBtZXJnZWRDb25kaXRpb25zOiBDb25kaXRpb25zID0ge307XG4gICAgT2JqZWN0LmVudHJpZXMocHJpbmNpcGFsQ29uZGl0aW9ucykuZm9yRWFjaCgoW29wZXJhdG9yLCBjb25kaXRpb25dKSA9PiB7XG4gICAgICBtZXJnZWRDb25kaXRpb25zW29wZXJhdG9yXSA9IGNvbmRpdGlvbjtcbiAgICB9KTtcblxuICAgIE9iamVjdC5lbnRyaWVzKGFkZGl0aW9uYWxDb25kaXRpb25zKS5mb3JFYWNoKChbb3BlcmF0b3IsIGNvbmRpdGlvbl0pID0+IHtcbiAgICAgIC8vIG1lcmdlIHRoZSBjb25kaXRpb25zIGlmIG9uZSBvZiB0aGUgYWRkaXRpb25hbCBjb25kaXRpb25zIHVzZXMgYW5cbiAgICAgIC8vIG9wZXJhdG9yIHRoYXQncyBhbHJlYWR5IHVzZWQgYnkgdGhlIHByaW5jaXBhbCdzIGNvbmRpdGlvbnMgbWVyZ2UgdGhlXG4gICAgICAvLyBpbm5lciBzdHJ1Y3R1cmUuXG4gICAgICBjb25zdCBleGlzdGluZyA9IG1lcmdlZENvbmRpdGlvbnNbb3BlcmF0b3JdO1xuICAgICAgaWYgKCFleGlzdGluZykge1xuICAgICAgICBtZXJnZWRDb25kaXRpb25zW29wZXJhdG9yXSA9IGNvbmRpdGlvbjtcbiAgICAgICAgcmV0dXJuOyAvLyBjb250aW51ZVxuICAgICAgfVxuXG4gICAgICAvLyBpZiBlaXRoZXIgdGhlIGV4aXN0aW5nIGNvbmRpdGlvbiBvciB0aGUgbmV3IG9uZSBjb250YWluIHVucmVzb2x2ZWRcbiAgICAgIC8vIHRva2VucywgZmFpbCB0aGUgbWVyZ2UuIHRoaXMgaXMgYXMgZmFyIGFzIHdlIGdvIGF0IHRoaXMgcG9pbnQuXG4gICAgICBpZiAoY2RrLlRva2VuLmlzVW5yZXNvbHZlZChjb25kaXRpb24pIHx8IGNkay5Ub2tlbi5pc1VucmVzb2x2ZWQoZXhpc3RpbmcpKSB7XG4gICAgICAgIHRocm93IG5ldyBFcnJvcihgbXVsdGlwbGUgXCIke29wZXJhdG9yfVwiIGNvbmRpdGlvbnMgY2Fubm90IGJlIG1lcmdlZCBpZiBvbmUgb2YgdGhlbSBjb250YWlucyBhbiB1bnJlc29sdmVkIHRva2VuYCk7XG4gICAgICB9XG5cbiAgICAgIG1lcmdlZENvbmRpdGlvbnNbb3BlcmF0b3JdID0geyAuLi5leGlzdGluZywgLi4uY29uZGl0aW9uIH07XG4gICAgfSk7XG4gICAgcmV0dXJuIG1lcmdlZENvbmRpdGlvbnM7XG4gIH1cbn1cblxuLyoqXG4gKiBFbmFibGVzIHNlc3Npb24gdGFncyBvbiByb2xlIGFzc3VtcHRpb25zIGZyb20gYSBwcmluY2lwYWxcbiAqXG4gKiBGb3IgbW9yZSBpbmZvcm1hdGlvbiBvbiBzZXNzaW9uIHRhZ3MsIHNlZTpcbiAqIGh0dHBzOi8vZG9jcy5hd3MuYW1hem9uLmNvbS9JQU0vbGF0ZXN0L1VzZXJHdWlkZS9pZF9zZXNzaW9uLXRhZ3MuaHRtbFxuICovXG5leHBvcnQgY2xhc3MgU2Vzc2lvblRhZ3NQcmluY2lwYWwgZXh0ZW5kcyBQcmluY2lwYWxBZGFwdGVyIHtcbiAgY29uc3RydWN0b3IocHJpbmNpcGFsOiBJUHJpbmNpcGFsKSB7XG4gICAgc3VwZXIocHJpbmNpcGFsKTtcbiAgfVxuXG4gIHB1YmxpYyBhZGRUb0Fzc3VtZVJvbGVQb2xpY3koZG9jOiBQb2xpY3lEb2N1bWVudCkge1xuICAgIC8vIExhenkgaW1wb3J0IHRvIGF2b2lkIGNpcmN1bGFyIGltcG9ydCBkZXBlbmRlbmNpZXMgZHVyaW5nIHN0YXJ0dXBcblxuICAgIC8vIGVzbGludC1kaXNhYmxlLW5leHQtbGluZSBAdHlwZXNjcmlwdC1lc2xpbnQvbm8tcmVxdWlyZS1pbXBvcnRzXG4gICAgY29uc3QgYWRhcHRlcjogdHlwZW9mIGltcG9ydCgnLi9wcml2YXRlL3BvbGljeWRvYy1hZGFwdGVyJykgPSByZXF1aXJlKCcuL3ByaXZhdGUvcG9saWN5ZG9jLWFkYXB0ZXInKTtcblxuICAgIGRlZmF1bHRBZGRQcmluY2lwYWxUb0Fzc3VtZVJvbGUodGhpcy53cmFwcGVkLCBuZXcgYWRhcHRlci5NdXRhdGluZ1BvbGljeURvY3VtZW50QWRhcHRlcihkb2MsIChzdGF0ZW1lbnQpID0+IHtcbiAgICAgIHN0YXRlbWVudC5hZGRBY3Rpb25zKCdzdHM6VGFnU2Vzc2lvbicpO1xuICAgICAgcmV0dXJuIHN0YXRlbWVudDtcbiAgICB9KSk7XG4gIH1cbn1cblxuLyoqXG4gKiBBIGNvbGxlY3Rpb24gb2YgdGhlIGZpZWxkcyBpbiBhIFBvbGljeVN0YXRlbWVudCB0aGF0IGNhbiBiZSB1c2VkIHRvIGlkZW50aWZ5IGEgcHJpbmNpcGFsLlxuICpcbiAqIFRoaXMgY29uc2lzdHMgb2YgdGhlIEpTT04gdXNlZCBpbiB0aGUgXCJQcmluY2lwYWxcIiBmaWVsZCwgYW5kIG9wdGlvbmFsbHkgYVxuICogc2V0IG9mIFwiQ29uZGl0aW9uXCJzIHRoYXQgbmVlZCB0byBiZSBhcHBsaWVkIHRvIHRoZSBwb2xpY3kuXG4gKlxuICogR2VuZXJhbGx5LCBhIHByaW5jaXBhbCBsb29rcyBsaWtlOlxuICpcbiAqICAgICB7ICc8VFlQRT4nOiBbJ0lEJywgJ0lEJywgLi4uXSB9XG4gKlxuICogQW5kIHRoaXMgaXMgYWxzbyB0aGUgdHlwZSBvZiB0aGUgZmllbGQgYHByaW5jaXBhbEpzb25gLiAgSG93ZXZlciwgdGhlcmUgaXMgYVxuICogc3BlY2lhbCB0eXBlIG9mIHByaW5jaXBhbCB0aGF0IGlzIGp1c3QgdGhlIHN0cmluZyAnKicsIHdoaWNoIGlzIHRyZWF0ZWRcbiAqIGRpZmZlcmVudGx5IGJ5IHNvbWUgc2VydmljZXMuIFRvIHJlcHJlc2VudCB0aGF0IHByaW5jaXBhbCwgYHByaW5jaXBhbEpzb25gXG4gKiBzaG91bGQgY29udGFpbiBgeyAnTGl0ZXJhbFN0cmluZyc6IFsnKiddIH1gLlxuICovXG5leHBvcnQgY2xhc3MgUHJpbmNpcGFsUG9saWN5RnJhZ21lbnQge1xuICAvKipcbiAgICpcbiAgICogQHBhcmFtIHByaW5jaXBhbEpzb24gSlNPTiBvZiB0aGUgXCJQcmluY2lwYWxcIiBzZWN0aW9uIGluIGEgcG9saWN5IHN0YXRlbWVudFxuICAgKiBAcGFyYW0gY29uZGl0aW9ucyBjb25kaXRpb25zIHRoYXQgbmVlZCB0byBiZSBhcHBsaWVkIHRvIHRoaXMgcG9saWN5XG4gICAqL1xuICBjb25zdHJ1Y3RvcihcbiAgICBwdWJsaWMgcmVhZG9ubHkgcHJpbmNpcGFsSnNvbjogeyBba2V5OiBzdHJpbmddOiBzdHJpbmdbXSB9LFxuICAgIC8qKlxuICAgICAqIFRoZSBjb25kaXRpb25zIHVuZGVyIHdoaWNoIHRoZSBwb2xpY3kgaXMgaW4gZWZmZWN0LlxuICAgICAqIFNlZSBbdGhlIElBTSBkb2N1bWVudGF0aW9uXShodHRwczovL2RvY3MuYXdzLmFtYXpvbi5jb20vSUFNL2xhdGVzdC9Vc2VyR3VpZGUvcmVmZXJlbmNlX3BvbGljaWVzX2VsZW1lbnRzX2NvbmRpdGlvbi5odG1sKS5cbiAgICAgKi9cbiAgICBwdWJsaWMgcmVhZG9ubHkgY29uZGl0aW9uczogQ29uZGl0aW9ucyA9IHt9KSB7XG4gIH1cbn1cblxuLyoqXG4gKiBTcGVjaWZ5IGEgcHJpbmNpcGFsIGJ5IHRoZSBBbWF6b24gUmVzb3VyY2UgTmFtZSAoQVJOKS5cbiAqIFlvdSBjYW4gc3BlY2lmeSBBV1MgYWNjb3VudHMsIElBTSB1c2VycywgRmVkZXJhdGVkIFNBTUwgdXNlcnMsIElBTSByb2xlcywgYW5kIHNwZWNpZmljIGFzc3VtZWQtcm9sZSBzZXNzaW9ucy5cbiAqIFlvdSBjYW5ub3Qgc3BlY2lmeSBJQU0gZ3JvdXBzIG9yIGluc3RhbmNlIHByb2ZpbGVzIGFzIHByaW5jaXBhbHNcbiAqXG4gKiBAc2VlIGh0dHBzOi8vZG9jcy5hd3MuYW1hem9uLmNvbS9JQU0vbGF0ZXN0L1VzZXJHdWlkZS9yZWZlcmVuY2VfcG9saWNpZXNfZWxlbWVudHNfcHJpbmNpcGFsLmh0bWxcbiAqL1xuZXhwb3J0IGNsYXNzIEFyblByaW5jaXBhbCBleHRlbmRzIFByaW5jaXBhbEJhc2Uge1xuICAvKipcbiAgICpcbiAgICogQHBhcmFtIGFybiBBbWF6b24gUmVzb3VyY2UgTmFtZSAoQVJOKSBvZiB0aGUgcHJpbmNpcGFsIGVudGl0eSAoaS5lLiBhcm46YXdzOmlhbTo6MTIzNDU2Nzg5MDEyOnVzZXIvdXNlci1uYW1lKVxuICAgKi9cbiAgY29uc3RydWN0b3IocHVibGljIHJlYWRvbmx5IGFybjogc3RyaW5nKSB7XG4gICAgc3VwZXIoKTtcbiAgfVxuXG4gIHB1YmxpYyBnZXQgcG9saWN5RnJhZ21lbnQoKTogUHJpbmNpcGFsUG9saWN5RnJhZ21lbnQge1xuICAgIHJldHVybiBuZXcgUHJpbmNpcGFsUG9saWN5RnJhZ21lbnQoeyBBV1M6IFt0aGlzLmFybl0gfSk7XG4gIH1cblxuICBwdWJsaWMgdG9TdHJpbmcoKSB7XG4gICAgcmV0dXJuIGBBcm5QcmluY2lwYWwoJHt0aGlzLmFybn0pYDtcbiAgfVxuXG4gIC8qKlxuICAgKiBBIGNvbnZlbmllbmNlIG1ldGhvZCBmb3IgYWRkaW5nIGEgY29uZGl0aW9uIHRoYXQgdGhlIHByaW5jaXBhbCBpcyBwYXJ0IG9mIHRoZSBzcGVjaWZpZWRcbiAgICogQVdTIE9yZ2FuaXphdGlvbi5cbiAgICovXG4gIHB1YmxpYyBpbk9yZ2FuaXphdGlvbihvcmdhbml6YXRpb25JZDogc3RyaW5nKSB7XG4gICAgcmV0dXJuIHRoaXMud2l0aENvbmRpdGlvbnMoe1xuICAgICAgU3RyaW5nRXF1YWxzOiB7XG4gICAgICAgICdhd3M6UHJpbmNpcGFsT3JnSUQnOiBvcmdhbml6YXRpb25JZCxcbiAgICAgIH0sXG4gICAgfSk7XG4gIH1cbn1cblxuLyoqXG4gKiBTcGVjaWZ5IEFXUyBhY2NvdW50IElEIGFzIHRoZSBwcmluY2lwYWwgZW50aXR5IGluIGEgcG9saWN5IHRvIGRlbGVnYXRlIGF1dGhvcml0eSB0byB0aGUgYWNjb3VudC5cbiAqL1xuZXhwb3J0IGNsYXNzIEFjY291bnRQcmluY2lwYWwgZXh0ZW5kcyBBcm5QcmluY2lwYWwge1xuICBwdWJsaWMgcmVhZG9ubHkgcHJpbmNpcGFsQWNjb3VudDogc3RyaW5nIHwgdW5kZWZpbmVkO1xuXG4gIC8qKlxuICAgKlxuICAgKiBAcGFyYW0gYWNjb3VudElkIEFXUyBhY2NvdW50IElEIChpLmUuIDEyMzQ1Njc4OTAxMilcbiAgICovXG4gIGNvbnN0cnVjdG9yKHB1YmxpYyByZWFkb25seSBhY2NvdW50SWQ6IGFueSkge1xuICAgIHN1cGVyKG5ldyBTdGFja0RlcGVuZGVudFRva2VuKHN0YWNrID0+IGBhcm46JHtzdGFjay5wYXJ0aXRpb259OmlhbTo6JHthY2NvdW50SWR9OnJvb3RgKS50b1N0cmluZygpKTtcbiAgICB0aGlzLnByaW5jaXBhbEFjY291bnQgPSBhY2NvdW50SWQ7XG4gIH1cblxuICBwdWJsaWMgdG9TdHJpbmcoKSB7XG4gICAgcmV0dXJuIGBBY2NvdW50UHJpbmNpcGFsKCR7dGhpcy5hY2NvdW50SWR9KWA7XG4gIH1cbn1cblxuLyoqXG4gKiBPcHRpb25zIGZvciBhIHNlcnZpY2UgcHJpbmNpcGFsLlxuICovXG5leHBvcnQgaW50ZXJmYWNlIFNlcnZpY2VQcmluY2lwYWxPcHRzIHtcbiAgLyoqXG4gICAqIFRoZSByZWdpb24gaW4gd2hpY2ggdGhlIHNlcnZpY2UgaXMgb3BlcmF0aW5nLlxuICAgKlxuICAgKiBAZGVmYXVsdCAtIHRoZSBjdXJyZW50IFN0YWNrJ3MgcmVnaW9uLlxuICAgKiBAZGVwcmVjYXRlZCBZb3Ugc2hvdWxkIG5vdCBuZWVkIHRvIHNldCB0aGlzLiBUaGUgc3RhY2sncyByZWdpb24gaXMgYWx3YXlzIGNvcnJlY3QuXG4gICAqL1xuICByZWFkb25seSByZWdpb24/OiBzdHJpbmc7XG5cbiAgLyoqXG4gICAqIEFkZGl0aW9uYWwgY29uZGl0aW9ucyB0byBhZGQgdG8gdGhlIFNlcnZpY2UgUHJpbmNpcGFsXG4gICAqXG4gICAqIEBkZWZhdWx0IC0gTm8gY29uZGl0aW9uc1xuICAgKi9cbiAgcmVhZG9ubHkgY29uZGl0aW9ucz86IHsgW2tleTogc3RyaW5nXTogYW55IH07XG59XG5cbi8qKlxuICogQW4gSUFNIHByaW5jaXBhbCB0aGF0IHJlcHJlc2VudHMgYW4gQVdTIHNlcnZpY2UgKGkuZS4gc3FzLmFtYXpvbmF3cy5jb20pLlxuICovXG5leHBvcnQgY2xhc3MgU2VydmljZVByaW5jaXBhbCBleHRlbmRzIFByaW5jaXBhbEJhc2Uge1xuICAvKipcbiAgICpcbiAgICogQHBhcmFtIHNlcnZpY2UgQVdTIHNlcnZpY2UgKGkuZS4gc3FzLmFtYXpvbmF3cy5jb20pXG4gICAqL1xuICBjb25zdHJ1Y3RvcihwdWJsaWMgcmVhZG9ubHkgc2VydmljZTogc3RyaW5nLCBwcml2YXRlIHJlYWRvbmx5IG9wdHM6IFNlcnZpY2VQcmluY2lwYWxPcHRzID0ge30pIHtcbiAgICBzdXBlcigpO1xuICB9XG5cbiAgcHVibGljIGdldCBwb2xpY3lGcmFnbWVudCgpOiBQcmluY2lwYWxQb2xpY3lGcmFnbWVudCB7XG4gICAgcmV0dXJuIG5ldyBQcmluY2lwYWxQb2xpY3lGcmFnbWVudCh7XG4gICAgICBTZXJ2aWNlOiBbXG4gICAgICAgIG5ldyBTZXJ2aWNlUHJpbmNpcGFsVG9rZW4odGhpcy5zZXJ2aWNlLCB0aGlzLm9wdHMpLnRvU3RyaW5nKCksXG4gICAgICBdLFxuICAgIH0sIHRoaXMub3B0cy5jb25kaXRpb25zKTtcbiAgfVxuXG4gIHB1YmxpYyB0b1N0cmluZygpIHtcbiAgICByZXR1cm4gYFNlcnZpY2VQcmluY2lwYWwoJHt0aGlzLnNlcnZpY2V9KWA7XG4gIH1cbn1cblxuLyoqXG4gKiBBIHByaW5jaXBhbCB0aGF0IHJlcHJlc2VudHMgYW4gQVdTIE9yZ2FuaXphdGlvblxuICovXG5leHBvcnQgY2xhc3MgT3JnYW5pemF0aW9uUHJpbmNpcGFsIGV4dGVuZHMgUHJpbmNpcGFsQmFzZSB7XG4gIC8qKlxuICAgKlxuICAgKiBAcGFyYW0gb3JnYW5pemF0aW9uSWQgVGhlIHVuaXF1ZSBpZGVudGlmaWVyIChJRCkgb2YgYW4gb3JnYW5pemF0aW9uIChpLmUuIG8tMTIzNDVhYmNkZSlcbiAgICovXG4gIGNvbnN0cnVjdG9yKHB1YmxpYyByZWFkb25seSBvcmdhbml6YXRpb25JZDogc3RyaW5nKSB7XG4gICAgc3VwZXIoKTtcbiAgfVxuXG4gIHB1YmxpYyBnZXQgcG9saWN5RnJhZ21lbnQoKTogUHJpbmNpcGFsUG9saWN5RnJhZ21lbnQge1xuICAgIHJldHVybiBuZXcgUHJpbmNpcGFsUG9saWN5RnJhZ21lbnQoXG4gICAgICB7IEFXUzogWycqJ10gfSxcbiAgICAgIHsgU3RyaW5nRXF1YWxzOiB7ICdhd3M6UHJpbmNpcGFsT3JnSUQnOiB0aGlzLm9yZ2FuaXphdGlvbklkIH0gfSxcbiAgICApO1xuICB9XG5cbiAgcHVibGljIHRvU3RyaW5nKCkge1xuICAgIHJldHVybiBgT3JnYW5pemF0aW9uUHJpbmNpcGFsKCR7dGhpcy5vcmdhbml6YXRpb25JZH0pYDtcbiAgfVxufVxuXG4vKipcbiAqIEEgcG9saWN5IHByaW5jaXBhbCBmb3IgY2Fub25pY2FsVXNlcklkcyAtIHVzZWZ1bCBmb3IgUzMgYnVja2V0IHBvbGljaWVzIHRoYXQgdXNlXG4gKiBPcmlnaW4gQWNjZXNzIGlkZW50aXRpZXMuXG4gKlxuICogU2VlIGh0dHBzOi8vZG9jcy5hd3MuYW1hem9uLmNvbS9nZW5lcmFsL2xhdGVzdC9nci9hY2N0LWlkZW50aWZpZXJzLmh0bWxcbiAqXG4gKiBhbmRcbiAqXG4gKiBodHRwczovL2RvY3MuYXdzLmFtYXpvbi5jb20vQW1hem9uQ2xvdWRGcm9udC9sYXRlc3QvRGV2ZWxvcGVyR3VpZGUvcHJpdmF0ZS1jb250ZW50LXJlc3RyaWN0aW5nLWFjY2Vzcy10by1zMy5odG1sXG4gKlxuICogZm9yIG1vcmUgZGV0YWlscy5cbiAqXG4gKi9cbmV4cG9ydCBjbGFzcyBDYW5vbmljYWxVc2VyUHJpbmNpcGFsIGV4dGVuZHMgUHJpbmNpcGFsQmFzZSB7XG4gIC8qKlxuICAgKlxuICAgKiBAcGFyYW0gY2Fub25pY2FsVXNlcklkIHVuaXF1ZSBpZGVudGlmaWVyIGFzc2lnbmVkIGJ5IEFXUyBmb3IgZXZlcnkgYWNjb3VudC5cbiAgICogICByb290IHVzZXIgYW5kIElBTSB1c2VycyBmb3IgYW4gYWNjb3VudCBhbGwgc2VlIHRoZSBzYW1lIElELlxuICAgKiAgIChpLmUuIDc5YTU5ZGY5MDBiOTQ5ZTU1ZDk2YTFlNjk4ZmJhY2VkZmQ2ZTA5ZDk4ZWFjZjhmOGQ1MjE4ZTdjZDQ3ZWYyYmUpXG4gICAqL1xuICBjb25zdHJ1Y3RvcihwdWJsaWMgcmVhZG9ubHkgY2Fub25pY2FsVXNlcklkOiBzdHJpbmcpIHtcbiAgICBzdXBlcigpO1xuICB9XG5cbiAgcHVibGljIGdldCBwb2xpY3lGcmFnbWVudCgpOiBQcmluY2lwYWxQb2xpY3lGcmFnbWVudCB7XG4gICAgcmV0dXJuIG5ldyBQcmluY2lwYWxQb2xpY3lGcmFnbWVudCh7IENhbm9uaWNhbFVzZXI6IFt0aGlzLmNhbm9uaWNhbFVzZXJJZF0gfSk7XG4gIH1cblxuICBwdWJsaWMgdG9TdHJpbmcoKSB7XG4gICAgcmV0dXJuIGBDYW5vbmljYWxVc2VyUHJpbmNpcGFsKCR7dGhpcy5jYW5vbmljYWxVc2VySWR9KWA7XG4gIH1cbn1cblxuLyoqXG4gKiBQcmluY2lwYWwgZW50aXR5IHRoYXQgcmVwcmVzZW50cyBhIGZlZGVyYXRlZCBpZGVudGl0eSBwcm92aWRlciBzdWNoIGFzIEFtYXpvbiBDb2duaXRvLFxuICogdGhhdCBjYW4gYmUgdXNlZCB0byBwcm92aWRlIHRlbXBvcmFyeSBzZWN1cml0eSBjcmVkZW50aWFscyB0byB1c2VycyB3aG8gaGF2ZSBiZWVuIGF1dGhlbnRpY2F0ZWQuXG4gKiBBZGRpdGlvbmFsIGNvbmRpdGlvbiBrZXlzIGFyZSBhdmFpbGFibGUgd2hlbiB0aGUgdGVtcG9yYXJ5IHNlY3VyaXR5IGNyZWRlbnRpYWxzIGFyZSB1c2VkIHRvIG1ha2UgYSByZXF1ZXN0LlxuICogWW91IGNhbiB1c2UgdGhlc2Uga2V5cyB0byB3cml0ZSBwb2xpY2llcyB0aGF0IGxpbWl0IHRoZSBhY2Nlc3Mgb2YgZmVkZXJhdGVkIHVzZXJzLlxuICpcbiAqIEBzZWUgaHR0cHM6Ly9kb2NzLmF3cy5hbWF6b24uY29tL0lBTS9sYXRlc3QvVXNlckd1aWRlL3JlZmVyZW5jZV9wb2xpY2llc19pYW0tY29uZGl0aW9uLWtleXMuaHRtbCNjb25kaXRpb24ta2V5cy13aWZcbiAqL1xuZXhwb3J0IGNsYXNzIEZlZGVyYXRlZFByaW5jaXBhbCBleHRlbmRzIFByaW5jaXBhbEJhc2Uge1xuICBwdWJsaWMgcmVhZG9ubHkgYXNzdW1lUm9sZUFjdGlvbjogc3RyaW5nO1xuXG4gIC8qKlxuICAgKlxuICAgKiBAcGFyYW0gZmVkZXJhdGVkIGZlZGVyYXRlZCBpZGVudGl0eSBwcm92aWRlciAoaS5lLiAnY29nbml0by1pZGVudGl0eS5hbWF6b25hd3MuY29tJyBmb3IgdXNlcnMgYXV0aGVudGljYXRlZCB0aHJvdWdoIENvZ25pdG8pXG4gICAqIEBwYXJhbSBjb25kaXRpb25zIFRoZSBjb25kaXRpb25zIHVuZGVyIHdoaWNoIHRoZSBwb2xpY3kgaXMgaW4gZWZmZWN0LlxuICAgKiAgIFNlZSBbdGhlIElBTSBkb2N1bWVudGF0aW9uXShodHRwczovL2RvY3MuYXdzLmFtYXpvbi5jb20vSUFNL2xhdGVzdC9Vc2VyR3VpZGUvcmVmZXJlbmNlX3BvbGljaWVzX2VsZW1lbnRzX2NvbmRpdGlvbi5odG1sKS5cbiAgICogQHBhcmFtIHNlc3Npb25UYWdzIFdoZXRoZXIgdG8gZW5hYmxlIHNlc3Npb24gdGFnZ2luZyAoc2VlIGh0dHBzOi8vZG9jcy5hd3MuYW1hem9uLmNvbS9JQU0vbGF0ZXN0L1VzZXJHdWlkZS9pZF9zZXNzaW9uLXRhZ3MuaHRtbClcbiAgICovXG4gIGNvbnN0cnVjdG9yKFxuICAgIHB1YmxpYyByZWFkb25seSBmZWRlcmF0ZWQ6IHN0cmluZyxcbiAgICBwdWJsaWMgcmVhZG9ubHkgY29uZGl0aW9uczogQ29uZGl0aW9ucyxcbiAgICBhc3N1bWVSb2xlQWN0aW9uOiBzdHJpbmcgPSAnc3RzOkFzc3VtZVJvbGUnKSB7XG4gICAgc3VwZXIoKTtcblxuICAgIHRoaXMuYXNzdW1lUm9sZUFjdGlvbiA9IGFzc3VtZVJvbGVBY3Rpb247XG4gIH1cblxuICBwdWJsaWMgZ2V0IHBvbGljeUZyYWdtZW50KCk6IFByaW5jaXBhbFBvbGljeUZyYWdtZW50IHtcbiAgICByZXR1cm4gbmV3IFByaW5jaXBhbFBvbGljeUZyYWdtZW50KHsgRmVkZXJhdGVkOiBbdGhpcy5mZWRlcmF0ZWRdIH0sIHRoaXMuY29uZGl0aW9ucyk7XG4gIH1cblxuICBwdWJsaWMgdG9TdHJpbmcoKSB7XG4gICAgcmV0dXJuIGBGZWRlcmF0ZWRQcmluY2lwYWwoJHt0aGlzLmZlZGVyYXRlZH0pYDtcbiAgfVxufVxuXG4vKipcbiAqIEEgcHJpbmNpcGFsIHRoYXQgcmVwcmVzZW50cyBhIGZlZGVyYXRlZCBpZGVudGl0eSBwcm92aWRlciBhcyBXZWIgSWRlbnRpdHkgc3VjaCBhcyBDb2duaXRvLCBBbWF6b24sXG4gKiBGYWNlYm9vaywgR29vZ2xlLCBldGMuXG4gKi9cbmV4cG9ydCBjbGFzcyBXZWJJZGVudGl0eVByaW5jaXBhbCBleHRlbmRzIEZlZGVyYXRlZFByaW5jaXBhbCB7XG5cbiAgLyoqXG4gICAqXG4gICAqIEBwYXJhbSBpZGVudGl0eVByb3ZpZGVyIGlkZW50aXR5IHByb3ZpZGVyIChpLmUuICdjb2duaXRvLWlkZW50aXR5LmFtYXpvbmF3cy5jb20nIGZvciB1c2VycyBhdXRoZW50aWNhdGVkIHRocm91Z2ggQ29nbml0bylcbiAgICogQHBhcmFtIGNvbmRpdGlvbnMgVGhlIGNvbmRpdGlvbnMgdW5kZXIgd2hpY2ggdGhlIHBvbGljeSBpcyBpbiBlZmZlY3QuXG4gICAqICAgU2VlIFt0aGUgSUFNIGRvY3VtZW50YXRpb25dKGh0dHBzOi8vZG9jcy5hd3MuYW1hem9uLmNvbS9JQU0vbGF0ZXN0L1VzZXJHdWlkZS9yZWZlcmVuY2VfcG9saWNpZXNfZWxlbWVudHNfY29uZGl0aW9uLmh0bWwpLlxuICAgKiBAcGFyYW0gc2Vzc2lvblRhZ3MgV2hldGhlciB0byBlbmFibGUgc2Vzc2lvbiB0YWdnaW5nIChzZWUgaHR0cHM6Ly9kb2NzLmF3cy5hbWF6b24uY29tL0lBTS9sYXRlc3QvVXNlckd1aWRlL2lkX3Nlc3Npb24tdGFncy5odG1sKVxuICAgKi9cbiAgY29uc3RydWN0b3IoaWRlbnRpdHlQcm92aWRlcjogc3RyaW5nLCBjb25kaXRpb25zOiBDb25kaXRpb25zID0ge30pIHtcbiAgICBzdXBlcihpZGVudGl0eVByb3ZpZGVyLCBjb25kaXRpb25zID8/IHt9LCAnc3RzOkFzc3VtZVJvbGVXaXRoV2ViSWRlbnRpdHknKTtcbiAgfVxuXG4gIHB1YmxpYyBnZXQgcG9saWN5RnJhZ21lbnQoKTogUHJpbmNpcGFsUG9saWN5RnJhZ21lbnQge1xuICAgIHJldHVybiBuZXcgUHJpbmNpcGFsUG9saWN5RnJhZ21lbnQoeyBGZWRlcmF0ZWQ6IFt0aGlzLmZlZGVyYXRlZF0gfSwgdGhpcy5jb25kaXRpb25zKTtcbiAgfVxuXG4gIHB1YmxpYyB0b1N0cmluZygpIHtcbiAgICByZXR1cm4gYFdlYklkZW50aXR5UHJpbmNpcGFsKCR7dGhpcy5mZWRlcmF0ZWR9KWA7XG4gIH1cbn1cblxuLyoqXG4gKiBBIHByaW5jaXBhbCB0aGF0IHJlcHJlc2VudHMgYSBmZWRlcmF0ZWQgaWRlbnRpdHkgcHJvdmlkZXIgYXMgZnJvbSBhIE9wZW5JRCBDb25uZWN0IHByb3ZpZGVyLlxuICovXG5leHBvcnQgY2xhc3MgT3BlbklkQ29ubmVjdFByaW5jaXBhbCBleHRlbmRzIFdlYklkZW50aXR5UHJpbmNpcGFsIHtcblxuICAvKipcbiAgICpcbiAgICogQHBhcmFtIG9wZW5JZENvbm5lY3RQcm92aWRlciBPcGVuSUQgQ29ubmVjdCBwcm92aWRlclxuICAgKiBAcGFyYW0gY29uZGl0aW9ucyBUaGUgY29uZGl0aW9ucyB1bmRlciB3aGljaCB0aGUgcG9saWN5IGlzIGluIGVmZmVjdC5cbiAgICogICBTZWUgW3RoZSBJQU0gZG9jdW1lbnRhdGlvbl0oaHR0cHM6Ly9kb2NzLmF3cy5hbWF6b24uY29tL0lBTS9sYXRlc3QvVXNlckd1aWRlL3JlZmVyZW5jZV9wb2xpY2llc19lbGVtZW50c19jb25kaXRpb24uaHRtbCkuXG4gICAqL1xuICBjb25zdHJ1Y3RvcihvcGVuSWRDb25uZWN0UHJvdmlkZXI6IElPcGVuSWRDb25uZWN0UHJvdmlkZXIsIGNvbmRpdGlvbnM6IENvbmRpdGlvbnMgPSB7fSkge1xuICAgIHN1cGVyKG9wZW5JZENvbm5lY3RQcm92aWRlci5vcGVuSWRDb25uZWN0UHJvdmlkZXJBcm4sIGNvbmRpdGlvbnMgPz8ge30pO1xuICB9XG5cbiAgcHVibGljIGdldCBwb2xpY3lGcmFnbWVudCgpOiBQcmluY2lwYWxQb2xpY3lGcmFnbWVudCB7XG4gICAgcmV0dXJuIG5ldyBQcmluY2lwYWxQb2xpY3lGcmFnbWVudCh7IEZlZGVyYXRlZDogW3RoaXMuZmVkZXJhdGVkXSB9LCB0aGlzLmNvbmRpdGlvbnMpO1xuICB9XG5cbiAgcHVibGljIHRvU3RyaW5nKCkge1xuICAgIHJldHVybiBgT3BlbklkQ29ubmVjdFByaW5jaXBhbCgke3RoaXMuZmVkZXJhdGVkfSlgO1xuICB9XG59XG5cbi8qKlxuICogUHJpbmNpcGFsIGVudGl0eSB0aGF0IHJlcHJlc2VudHMgYSBTQU1MIGZlZGVyYXRlZCBpZGVudGl0eSBwcm92aWRlclxuICovXG5leHBvcnQgY2xhc3MgU2FtbFByaW5jaXBhbCBleHRlbmRzIEZlZGVyYXRlZFByaW5jaXBhbCB7XG4gIGNvbnN0cnVjdG9yKHNhbWxQcm92aWRlcjogSVNhbWxQcm92aWRlciwgY29uZGl0aW9uczogQ29uZGl0aW9ucykge1xuICAgIHN1cGVyKHNhbWxQcm92aWRlci5zYW1sUHJvdmlkZXJBcm4sIGNvbmRpdGlvbnMsICdzdHM6QXNzdW1lUm9sZVdpdGhTQU1MJyk7XG4gIH1cblxuICBwdWJsaWMgdG9TdHJpbmcoKSB7XG4gICAgcmV0dXJuIGBTYW1sUHJpbmNpcGFsKCR7dGhpcy5mZWRlcmF0ZWR9KWA7XG4gIH1cbn1cblxuLyoqXG4gKiBQcmluY2lwYWwgZW50aXR5IHRoYXQgcmVwcmVzZW50cyBhIFNBTUwgZmVkZXJhdGVkIGlkZW50aXR5IHByb3ZpZGVyIGZvclxuICogcHJvZ3JhbW1hdGljIGFuZCBBV1MgTWFuYWdlbWVudCBDb25zb2xlIGFjY2Vzcy5cbiAqL1xuZXhwb3J0IGNsYXNzIFNhbWxDb25zb2xlUHJpbmNpcGFsIGV4dGVuZHMgU2FtbFByaW5jaXBhbCB7XG4gIGNvbnN0cnVjdG9yKHNhbWxQcm92aWRlcjogSVNhbWxQcm92aWRlciwgY29uZGl0aW9uczogQ29uZGl0aW9ucyA9IHt9KSB7XG4gICAgc3VwZXIoc2FtbFByb3ZpZGVyLCB7XG4gICAgICAuLi5jb25kaXRpb25zLFxuICAgICAgU3RyaW5nRXF1YWxzOiB7XG4gICAgICAgICdTQU1MOmF1ZCc6ICdodHRwczovL3NpZ25pbi5hd3MuYW1hem9uLmNvbS9zYW1sJyxcbiAgICAgIH0sXG4gICAgfSk7XG4gIH1cblxuICBwdWJsaWMgdG9TdHJpbmcoKSB7XG4gICAgcmV0dXJuIGBTYW1sQ29uc29sZVByaW5jaXBhbCgke3RoaXMuZmVkZXJhdGVkfSlgO1xuICB9XG59XG5cbi8qKlxuICogVXNlIHRoZSBBV1MgYWNjb3VudCBpbnRvIHdoaWNoIGEgc3RhY2sgaXMgZGVwbG95ZWQgYXMgdGhlIHByaW5jaXBhbCBlbnRpdHkgaW4gYSBwb2xpY3lcbiAqL1xuZXhwb3J0IGNsYXNzIEFjY291bnRSb290UHJpbmNpcGFsIGV4dGVuZHMgQWNjb3VudFByaW5jaXBhbCB7XG4gIGNvbnN0cnVjdG9yKCkge1xuICAgIHN1cGVyKG5ldyBTdGFja0RlcGVuZGVudFRva2VuKHN0YWNrID0+IHN0YWNrLmFjY291bnQpLnRvU3RyaW5nKCkpO1xuICB9XG5cbiAgcHVibGljIHRvU3RyaW5nKCkge1xuICAgIHJldHVybiAnQWNjb3VudFJvb3RQcmluY2lwYWwoKSc7XG4gIH1cbn1cblxuLyoqXG4gKiBBIHByaW5jaXBhbCByZXByZXNlbnRpbmcgYWxsIEFXUyBpZGVudGl0aWVzIGluIGFsbCBhY2NvdW50c1xuICpcbiAqIFNvbWUgc2VydmljZXMgYmVoYXZlIGRpZmZlcmVudGx5IHdoZW4geW91IHNwZWNpZnkgYFByaW5jaXBhbDogJyonYFxuICogb3IgYFByaW5jaXBhbDogeyBBV1M6IFwiKlwiIH1gIGluIHRoZWlyIHJlc291cmNlIHBvbGljeS5cbiAqXG4gKiBgQW55UHJpbmNpcGFsYCByZW5kZXJzIHRvIGBQcmluY2lwYWw6IHsgQVdTOiBcIipcIiB9YC4gVGhpcyBpcyBjb3JyZWN0XG4gKiBtb3N0IG9mIHRoZSB0aW1lLCBidXQgaW4gY2FzZXMgd2hlcmUgeW91IG5lZWQgdGhlIG90aGVyIHByaW5jaXBhbCxcbiAqIHVzZSBgU3RhclByaW5jaXBhbGAgaW5zdGVhZC5cbiAqL1xuZXhwb3J0IGNsYXNzIEFueVByaW5jaXBhbCBleHRlbmRzIEFyblByaW5jaXBhbCB7XG4gIGNvbnN0cnVjdG9yKCkge1xuICAgIHN1cGVyKCcqJyk7XG4gIH1cblxuICBwdWJsaWMgdG9TdHJpbmcoKSB7XG4gICAgcmV0dXJuICdBbnlQcmluY2lwYWwoKSc7XG4gIH1cbn1cblxuLyoqXG4gKiBBIHByaW5jaXBhbCByZXByZXNlbnRpbmcgYWxsIGlkZW50aXRpZXMgaW4gYWxsIGFjY291bnRzXG4gKiBAZGVwcmVjYXRlZCB1c2UgYEFueVByaW5jaXBhbGBcbiAqL1xuZXhwb3J0IGNsYXNzIEFueW9uZSBleHRlbmRzIEFueVByaW5jaXBhbCB7IH1cblxuLyoqXG4gKiBBIHByaW5jaXBhbCB0aGF0IHVzZXMgYSBsaXRlcmFsICcqJyBpbiB0aGUgSUFNIEpTT04gbGFuZ3VhZ2VcbiAqXG4gKiBTb21lIHNlcnZpY2VzIGJlaGF2ZSBkaWZmZXJlbnRseSB3aGVuIHlvdSBzcGVjaWZ5IGBQcmluY2lwYWw6IFwiKlwiYFxuICogb3IgYFByaW5jaXBhbDogeyBBV1M6IFwiKlwiIH1gIGluIHRoZWlyIHJlc291cmNlIHBvbGljeS5cbiAqXG4gKiBgU3RhclByaW5jaXBhbGAgcmVuZGVycyB0byBgUHJpbmNpcGFsOiAqYC4gTW9zdCBvZiB0aGUgdGltZSwgeW91XG4gKiBzaG91bGQgdXNlIGBBbnlQcmluY2lwYWxgIGluc3RlYWQuXG4gKi9cbmV4cG9ydCBjbGFzcyBTdGFyUHJpbmNpcGFsIGV4dGVuZHMgUHJpbmNpcGFsQmFzZSB7XG4gIHB1YmxpYyByZWFkb25seSBwb2xpY3lGcmFnbWVudDogUHJpbmNpcGFsUG9saWN5RnJhZ21lbnQgPSB7XG4gICAgcHJpbmNpcGFsSnNvbjogeyBbTElURVJBTF9TVFJJTkdfS0VZXTogWycqJ10gfSxcbiAgICBjb25kaXRpb25zOiB7fSxcbiAgfTtcblxuICBwdWJsaWMgdG9TdHJpbmcoKSB7XG4gICAgcmV0dXJuICdTdGFyUHJpbmNpcGFsKCknO1xuICB9XG59XG5cbi8qKlxuICogUmVwcmVzZW50cyBhIHByaW5jaXBhbCB0aGF0IGhhcyBtdWx0aXBsZSB0eXBlcyBvZiBwcmluY2lwYWxzLiBBIGNvbXBvc2l0ZSBwcmluY2lwYWwgY2Fubm90XG4gKiBoYXZlIGNvbmRpdGlvbnMuIGkuZS4gbXVsdGlwbGUgU2VydmljZVByaW5jaXBhbHMgdGhhdCBmb3JtIGEgY29tcG9zaXRlIHByaW5jaXBhbFxuICovXG5leHBvcnQgY2xhc3MgQ29tcG9zaXRlUHJpbmNpcGFsIGV4dGVuZHMgUHJpbmNpcGFsQmFzZSB7XG4gIHB1YmxpYyByZWFkb25seSBhc3N1bWVSb2xlQWN0aW9uOiBzdHJpbmc7XG4gIHByaXZhdGUgcmVhZG9ubHkgcHJpbmNpcGFscyA9IG5ldyBBcnJheTxJUHJpbmNpcGFsPigpO1xuXG4gIGNvbnN0cnVjdG9yKC4uLnByaW5jaXBhbHM6IElQcmluY2lwYWxbXSkge1xuICAgIHN1cGVyKCk7XG4gICAgaWYgKHByaW5jaXBhbHMubGVuZ3RoID09PSAwKSB7XG4gICAgICB0aHJvdyBuZXcgRXJyb3IoJ0NvbXBvc2l0ZVByaW5jaXBhbHMgbXVzdCBiZSBjb25zdHJ1Y3RlZCB3aXRoIGF0IGxlYXN0IDEgUHJpbmNpcGFsIGJ1dCBub25lIHdlcmUgcGFzc2VkLicpO1xuICAgIH1cbiAgICB0aGlzLmFzc3VtZVJvbGVBY3Rpb24gPSBwcmluY2lwYWxzWzBdLmFzc3VtZVJvbGVBY3Rpb247XG4gICAgdGhpcy5hZGRQcmluY2lwYWxzKC4uLnByaW5jaXBhbHMpO1xuICB9XG5cbiAgLyoqXG4gICAqIEFkZHMgSUFNIHByaW5jaXBhbHMgdG8gdGhlIGNvbXBvc2l0ZSBwcmluY2lwYWwuIENvbXBvc2l0ZSBwcmluY2lwYWxzIGNhbm5vdCBoYXZlXG4gICAqIGNvbmRpdGlvbnMuXG4gICAqXG4gICAqIEBwYXJhbSBwcmluY2lwYWxzIElBTSBwcmluY2lwYWxzIHRoYXQgd2lsbCBiZSBhZGRlZCB0byB0aGUgY29tcG9zaXRlIHByaW5jaXBhbFxuICAgKi9cbiAgcHVibGljIGFkZFByaW5jaXBhbHMoLi4ucHJpbmNpcGFsczogSVByaW5jaXBhbFtdKTogdGhpcyB7XG4gICAgdGhpcy5wcmluY2lwYWxzLnB1c2goLi4ucHJpbmNpcGFscyk7XG4gICAgcmV0dXJuIHRoaXM7XG4gIH1cblxuICBwdWJsaWMgYWRkVG9Bc3N1bWVSb2xlUG9saWN5KGRvYzogUG9saWN5RG9jdW1lbnQpIHtcbiAgICBmb3IgKGNvbnN0IHAgb2YgdGhpcy5wcmluY2lwYWxzKSB7XG4gICAgICBkZWZhdWx0QWRkUHJpbmNpcGFsVG9Bc3N1bWVSb2xlKHAsIGRvYyk7XG4gICAgfVxuICB9XG5cbiAgcHVibGljIGdldCBwb2xpY3lGcmFnbWVudCgpOiBQcmluY2lwYWxQb2xpY3lGcmFnbWVudCB7XG4gICAgLy8gV2Ugb25seSBoYXZlIGEgcHJvYmxlbSB3aXRoIGNvbmRpdGlvbnMgaWYgd2UgYXJlIHRyeWluZyB0byByZW5kZXIgY29tcG9zaXRlXG4gICAgLy8gcHJpbmNwYWxzIGludG8gYSBzaW5nbGUgc3RhdGVtZW50ICh3aGljaCBpcyB3aGVuIGBwb2xpY3lGcmFnbWVudGAgd291bGQgZ2V0IGNhbGxlZClcbiAgICBmb3IgKGNvbnN0IHAgb2YgdGhpcy5wcmluY2lwYWxzKSB7XG4gICAgICBjb25zdCBmcmFnbWVudCA9IHAucG9saWN5RnJhZ21lbnQ7XG4gICAgICBpZiAoZnJhZ21lbnQuY29uZGl0aW9ucyAmJiBPYmplY3Qua2V5cyhmcmFnbWVudC5jb25kaXRpb25zKS5sZW5ndGggPiAwKSB7XG4gICAgICAgIHRocm93IG5ldyBFcnJvcihcbiAgICAgICAgICAnQ29tcG9uZW50cyBvZiBhIENvbXBvc2l0ZVByaW5jaXBhbCBtdXN0IG5vdCBoYXZlIGNvbmRpdGlvbnMuICcgK1xuICAgICAgICAgIGBUcmllZCB0byBhZGQgdGhlIGZvbGxvd2luZyBmcmFnbWVudDogJHtKU09OLnN0cmluZ2lmeShmcmFnbWVudCl9YCk7XG4gICAgICB9XG4gICAgfVxuXG4gICAgY29uc3QgcHJpbmNpcGFsSnNvbjogeyBba2V5OiBzdHJpbmddOiBzdHJpbmdbXSB9ID0ge307XG5cbiAgICBmb3IgKGNvbnN0IHAgb2YgdGhpcy5wcmluY2lwYWxzKSB7XG4gICAgICBtZXJnZVByaW5jaXBhbChwcmluY2lwYWxKc29uLCBwLnBvbGljeUZyYWdtZW50LnByaW5jaXBhbEpzb24pO1xuICAgIH1cblxuICAgIHJldHVybiBuZXcgUHJpbmNpcGFsUG9saWN5RnJhZ21lbnQocHJpbmNpcGFsSnNvbik7XG4gIH1cblxuICBwdWJsaWMgdG9TdHJpbmcoKSB7XG4gICAgcmV0dXJuIGBDb21wb3NpdGVQcmluY2lwYWwoJHt0aGlzLnByaW5jaXBhbHN9KWA7XG4gIH1cbn1cblxuLyoqXG4gKiBBIGxhenkgdG9rZW4gdGhhdCByZXF1aXJlcyBhbiBpbnN0YW5jZSBvZiBTdGFjayB0byBldmFsdWF0ZVxuICovXG5jbGFzcyBTdGFja0RlcGVuZGVudFRva2VuIGltcGxlbWVudHMgY2RrLklSZXNvbHZhYmxlIHtcbiAgcHVibGljIHJlYWRvbmx5IGNyZWF0aW9uU3RhY2s6IHN0cmluZ1tdO1xuICBjb25zdHJ1Y3Rvcihwcml2YXRlIHJlYWRvbmx5IGZuOiAoc3RhY2s6IGNkay5TdGFjaykgPT4gYW55KSB7XG4gICAgdGhpcy5jcmVhdGlvblN0YWNrID0gY2RrLmNhcHR1cmVTdGFja1RyYWNlKCk7XG4gIH1cblxuICBwdWJsaWMgcmVzb2x2ZShjb250ZXh0OiBjZGsuSVJlc29sdmVDb250ZXh0KSB7XG4gICAgcmV0dXJuIHRoaXMuZm4oY2RrLlN0YWNrLm9mKGNvbnRleHQuc2NvcGUpKTtcbiAgfVxuXG4gIHB1YmxpYyB0b1N0cmluZygpIHtcbiAgICByZXR1cm4gY2RrLlRva2VuLmFzU3RyaW5nKHRoaXMpO1xuICB9XG5cbiAgLyoqXG4gICAqIEpTT04taWZ5IHRoZSB0b2tlblxuICAgKlxuICAgKiBVc2VkIHdoZW4gSlNPTi5zdHJpbmdpZnkoKSBpcyBjYWxsZWRcbiAgICovXG4gIHB1YmxpYyB0b0pTT04oKSB7XG4gICAgcmV0dXJuICc8dW5yZXNvbHZlZC10b2tlbj4nO1xuICB9XG59XG5cbmNsYXNzIFNlcnZpY2VQcmluY2lwYWxUb2tlbiBpbXBsZW1lbnRzIGNkay5JUmVzb2x2YWJsZSB7XG4gIHB1YmxpYyByZWFkb25seSBjcmVhdGlvblN0YWNrOiBzdHJpbmdbXTtcbiAgY29uc3RydWN0b3IoXG4gICAgcHJpdmF0ZSByZWFkb25seSBzZXJ2aWNlOiBzdHJpbmcsXG4gICAgcHJpdmF0ZSByZWFkb25seSBvcHRzOiBTZXJ2aWNlUHJpbmNpcGFsT3B0cykge1xuICAgIHRoaXMuY3JlYXRpb25TdGFjayA9IGNkay5jYXB0dXJlU3RhY2tUcmFjZSgpO1xuICB9XG5cbiAgcHVibGljIHJlc29sdmUoY3R4OiBjZGsuSVJlc29sdmVDb250ZXh0KSB7XG4gICAgaWYgKHRoaXMub3B0cy5yZWdpb24pIHtcbiAgICAgIC8vIFNwZWNpYWwgY2FzZSwgaGFuZGxlIGl0IHNlcGFyYXRlbHkgdG8gbm90IGJyZWFrIGxlZ2FjeSBiZWhhdmlvci5cbiAgICAgIHJldHVybiBSZWdpb25JbmZvLmdldCh0aGlzLm9wdHMucmVnaW9uKS5zZXJ2aWNlUHJpbmNpcGFsKHRoaXMuc2VydmljZSkgPz9cbiAgICAgICAgRGVmYXVsdC5zZXJ2aWNlUHJpbmNpcGFsKHRoaXMuc2VydmljZSwgdGhpcy5vcHRzLnJlZ2lvbiwgY2RrLkF3cy5VUkxfU1VGRklYKTtcbiAgICB9XG5cbiAgICBjb25zdCBzdGFjayA9IGNkay5TdGFjay5vZihjdHguc2NvcGUpO1xuICAgIHJldHVybiBzdGFjay5yZWdpb25hbEZhY3QoXG4gICAgICBGYWN0TmFtZS5zZXJ2aWNlUHJpbmNpcGFsKHRoaXMuc2VydmljZSksXG4gICAgICBEZWZhdWx0LnNlcnZpY2VQcmluY2lwYWwodGhpcy5zZXJ2aWNlLCBzdGFjay5yZWdpb24sIGNkay5Bd3MuVVJMX1NVRkZJWCksXG4gICAgKTtcbiAgfVxuXG4gIHB1YmxpYyB0b1N0cmluZygpIHtcbiAgICByZXR1cm4gY2RrLlRva2VuLmFzU3RyaW5nKHRoaXMsIHtcbiAgICAgIGRpc3BsYXlIaW50OiB0aGlzLnNlcnZpY2UsXG4gICAgfSk7XG4gIH1cblxuICAvKipcbiAgICogSlNPTi1pZnkgdGhlIHRva2VuXG4gICAqXG4gICAqIFVzZWQgd2hlbiBKU09OLnN0cmluZ2lmeSgpIGlzIGNhbGxlZFxuICAgKi9cbiAgcHVibGljIHRvSlNPTigpIHtcbiAgICByZXR1cm4gYDwke3RoaXMuc2VydmljZX0+YDtcbiAgfVxufVxuIl19
\No newline at end of file