Framework/Helpers/ContextHelper.ps1
|
<#
.Description # Context class for indenity details. # Provides functionality to login, create context, get token for api calls #> using namespace Microsoft.IdentityModel.Clients.ActiveDirectory class ContextHelper { static hidden [Context] $currentContext; #This will be used to carry current org under current context. static hidden [string] $orgName; hidden static [PSObject] GetCurrentContext() { return [ContextHelper]::GetCurrentContext($false); } hidden static [PSObject] GetCurrentContext([bool]$authNRefresh) { if( (-not [ContextHelper]::currentContext) -or $authNRefresh) { $clientId = [Constants]::DefaultClientId ; $replyUri = [Constants]::DefaultReplyUri; $adoResourceId = [Constants]::DefaultADOResourceId; [AuthenticationContext] $ctx = $null; $ctx = [AuthenticationContext]::new("https://login.windows.net/common"); [AuthenticationResult] $result = $null; $azSKUI = $null; if ( !$authNRefresh -and ($azSKUI = Get-Variable 'AzSKADOLoginUI' -Scope Global -ErrorAction 'Ignore')) { if ($azSKUI.Value -eq 1) { $PromptBehavior = [Microsoft.IdentityModel.Clients.ActiveDirectory.PromptBehavior]::Always $PlatformParameters = New-Object Microsoft.IdentityModel.Clients.ActiveDirectory.PlatformParameters -ArgumentList $PromptBehavior $result = $ctx.AcquireTokenAsync($adoResourceId, $clientId, [Uri]::new($replyUri),$PlatformParameters).Result; } else { $PromptBehavior = [Microsoft.IdentityModel.Clients.ActiveDirectory.PromptBehavior]::Auto $PlatformParameters = New-Object Microsoft.IdentityModel.Clients.ActiveDirectory.PlatformParameters -ArgumentList $PromptBehavior $result = $ctx.AcquireTokenAsync($adoResourceId, $clientId, [Uri]::new($replyUri),$PlatformParameters).Result; } } else { $PromptBehavior = [Microsoft.IdentityModel.Clients.ActiveDirectory.PromptBehavior]::Auto $PlatformParameters = New-Object Microsoft.IdentityModel.Clients.ActiveDirectory.PlatformParameters -ArgumentList $PromptBehavior $result = $ctx.AcquireTokenAsync($adoResourceId, $clientId, [Uri]::new($replyUri),$PlatformParameters).Result; } [ContextHelper]::ConvertToContextObject($result) } return [ContextHelper]::currentContext } hidden static [PSObject] GetCurrentContext([System.Security.SecureString] $PATToken) { if(-not [ContextHelper]::currentContext) { [ContextHelper]::ConvertToContextObject($PATToken) } return [ContextHelper]::currentContext } static [string] GetAccessToken([string] $resourceAppIdUri) { return [ContextHelper]::GetAccessToken() } static [string] GetAccessToken() { if([ContextHelper]::currentContext) { # Validate if token is PAT using lenght (PAT has lengh of 52), if PAT dont go to refresh login session. #TODO: Change code to find token type supplied PAT or login session token #if token expiry is within 2 min, refresh. if (([ContextHelper]::currentContext.AccessToken.length -ne 52) -and ([ContextHelper]::currentContext.TokenExpireTimeLocal -le [DateTime]::Now.AddMinutes(2))) { [ContextHelper]::GetCurrentContext($true); } return [ContextHelper]::currentContext.AccessToken } else { return $null } } hidden [SubscriptionContext] SetContext([string] $subscriptionId) { if((-not [string]::IsNullOrEmpty($subscriptionId))) { $SubscriptionContext = [SubscriptionContext]@{ SubscriptionId = $subscriptionId; Scope = "/Organization/$subscriptionId"; SubscriptionName = $subscriptionId; }; # $subscriptionId contains the organization name (due to framework). [ContextHelper]::orgName = $subscriptionId; [ContextHelper]::GetCurrentContext() } else { throw [SuppressedException] ("OrganizationName name [$subscriptionId] is either malformed or incorrect.") } return $SubscriptionContext; } hidden [SubscriptionContext] SetContext([string] $subscriptionId, [System.Security.SecureString] $PATToken) { if((-not [string]::IsNullOrEmpty($subscriptionId))) { $SubscriptionContext = [SubscriptionContext]@{ SubscriptionId = $subscriptionId; Scope = "/Organization/$subscriptionId"; SubscriptionName = $subscriptionId; }; # $subscriptionId contains the organization name (due to framework). [ContextHelper]::orgName = $subscriptionId; [ContextHelper]::GetCurrentContext($PATToken) } else { throw [SuppressedException] ("OrganizationName name [$subscriptionId] is either malformed or incorrect.") } return $SubscriptionContext; } static [void] ResetCurrentContext() { } hidden static ConvertToContextObject([PSObject] $context) { $contextObj = [Context]::new() $contextObj.Account.Id = $context.UserInfo.DisplayableId $contextObj.Tenant.Id = $context.TenantId $contextObj.AccessToken = $context.AccessToken # Here subscription basically means ADO organization (due to framework). # We do not get ADO organization Id as part of current context. Hence appending org name to both Id and Name param. $contextObj.Subscription = [Subscription]::new() $contextObj.Subscription.Id = [ContextHelper]::orgName $contextObj.Subscription.Name = [ContextHelper]::orgName $contextObj.TokenExpireTimeLocal = $context.ExpiresOn.LocalDateTime #$contextObj.AccessToken = ConvertTo-SecureString -String $context.AccessToken -asplaintext -Force [ContextHelper]::currentContext = $contextObj } hidden static ConvertToContextObject([System.Security.SecureString] $patToken) { $contextObj = [Context]::new() $contextObj.Account.Id = [string]::Empty $contextObj.Tenant.Id = [string]::Empty $contextObj.AccessToken = [System.Net.NetworkCredential]::new("", $patToken).Password # Here subscription basically means ADO organization (due to framework). # We do not get ADO organization Id as part of current context. Hence appending org name to both Id and Name param. $contextObj.Subscription = [Subscription]::new() $contextObj.Subscription.Id = [ContextHelper]::orgName $contextObj.Subscription.Name = [ContextHelper]::orgName #$contextObj.AccessToken = $patToken #$contextObj.AccessToken = ConvertTo-SecureString -String $context.AccessToken -asplaintext -Force [ContextHelper]::currentContext = $contextObj $apiURL = "https://dev.azure.com/{0}/_apis/connectionData" -f [ContextHelper]::orgName #Note: cannot use this WRH method below due to ordering constraints during load in Framework.ps1 #$header = [WebRequestHelper]::GetAuthHeaderFromUri($apiURL); $user = "" $base64AuthInfo = [Convert]::ToBase64String([Text.Encoding]::ASCII.GetBytes(("{0}:{1}" -f $user, $contextObj.AccessToken))) $headers = @{ "Authorization"= ("Basic " + $base64AuthInfo); "Content-Type"="application/json" }; $responseObj = Invoke-RestMethod -Method Get -Uri $apiURL -Headers $headers -UseBasicParsing #If the token is valid, we get: "descriptor"="Microsoft.IdentityModel.Claims.ClaimsIdentity;72f988bf-86f1-41af-91ab-2d7cd011db47\xyz@microsoft.com" #Note that even for guest users, we get the host tenant (and not their native tenantId). E.g., "descriptor...;72f...47\pqr@live.com" #If the token is invalid, we get a diff object: "descriptor":"System:PublicAccess;aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaaa" $authNUserInfo = @(($responseObj.authenticatedUser.descriptor -split ';') -split '\\') #Check if the above split resulted in 3 elements (valid token case) if ($authNUserInfo.Count -eq 3) { $contextObj.Tenant.Id = $authNUserInfo[1] $contextObj.Account.Id = $authNUserInfo[2] } } static [string] GetCurrentSessionUser() { $context = [ContextHelper]::GetCurrentContext() if ($null -ne $context) { return $context.Account.Id } else { return "NO_ACTIVE_SESSION" } } } # SIG # Begin signature block # MIIhewYJKoZIhvcNAQcCoIIhbDCCIWgCAQExDzANBglghkgBZQMEAgEFADB5Bgor # BgEEAYI3AgEEoGswaTA0BgorBgEEAYI3AgEeMCYCAwEAAAQQH8w7YFlLCE63JNLG # KX7zUQIBAAIBAAIBAAIBAAIBADAxMA0GCWCGSAFlAwQCAQUABCCtoI/ZeuTDUz+o # cTncva1EohpXiAyQdTf7FrccMeDzW6CCC28wggTrMIID06ADAgECAhMzAAAD53EW # vSG3L5ZCAAAAAAPnMA0GCSqGSIb3DQEBCwUAMHkxCzAJBgNVBAYTAlVTMRMwEQYD # VQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNy # b3NvZnQgQ29ycG9yYXRpb24xIzAhBgNVBAMTGk1pY3Jvc29mdCBUZXN0aW5nIFBD # QSAyMDEwMB4XDTIwMDMwNDE5NTgzOVoXDTIxMDMwMzE5NTgzOVowfDELMAkGA1UE # BhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAc # BgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEmMCQGA1UEAxMdQ29kZSBTaWdu # IFRlc3QgKERPIE5PVCBUUlVTVCkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK # AoIBAQC0dFU8yYFFisft2syLgnrgoEcOrrzraGs5owrAJ8YWyYuxhhk7UUJP0YAC # wuDAlPQMHrhnEhZsqmD7DfWGzz33gxe7hvcNpHdhItPpgXiVkh3thZrWz4jfHFGc # RMW1zyebGUJ16gN5cYWsI18Pax9tBZW1YZIef2hIQNU5Vr5QhVKZVAbaqZFqJRo+ # 51czrP44ZnofEMr3Z3HBmIS7C97kkFYS/G8JpkufIuDsTchX7dWduHhMbFIem+Zx # nT7mrsps0D5hXV3L9JPe8TFm1T0iwaFy6RWFaWPelibrTryIbWk6Qrv4Lz89WMM6 # XFxlrqQVphAmhns1+rNrr6yacRCtAgMBAAGjggFnMIIBYzATBgNVHSUEDDAKBggr # BgEFBQcDAzAdBgNVHQ4EFgQUseZoPiUpJDttlBAhnIzqzbcXsK4wUAYDVR0RBEkw # R6RFMEMxKTAnBgNVBAsTIE1pY3Jvc29mdCBPcGVyYXRpb25zIFB1ZXJ0byBSaWNv # MRYwFAYDVQQFEw0yMzAwNzIrNDU4Mzk0MB8GA1UdIwQYMBaAFN3WR4sjFC/YOGhC # oz5tw/CQ9yzQMFMGA1UdHwRMMEowSKBGoESGQmh0dHA6Ly9jcmwubWljcm9zb2Z0 # LmNvbS9wa2kvY3JsL3Byb2R1Y3RzL01pY1Rlc1BDQV8yMDEwLTA3LTAxLmNybDBX # BggrBgEFBQcBAQRLMEkwRwYIKwYBBQUHMAKGO2h0dHA6Ly93d3cubWljcm9zb2Z0 # LmNvbS9wa2kvY2VydHMvTWljVGVzUENBXzIwMTAtMDctMDEuY3J0MAwGA1UdEwEB # /wQCMAAwDQYJKoZIhvcNAQELBQADggEBAJYdTCu6GLf0F8qu4JuKidCt6hweTHFz # 012VGqDoVNN8REwov3VMjK71y8oL6wgvx29RYYqD2sKn6a/NcKUlHJjttvbXW/Az # NK4FetsfpyURFCRTS8C5hRcGZTIZfiSsJXn0N/yV/pbf/M6N4c0Q//I5f+e5lMch # 0jf6TGVLEHcXgOOH1PcS4Rd9LjAaggJG7VAOrIQaoSfgtsMn/a0CoYXeigizHb4k # sZW2nEC5JSAZ49b3Y1Pjvtr1H6xfMewXwtGCEvTq2btl8in/TV8du5cimL7VmZAa # aggJr0eFOmLCNUgGhH+Ic+sLH7G7vpkdggW9PRQ0wtQm8ofUIYhIn2swggZ8MIIE # ZKADAgECAgphEYRvAAAAAAADMA0GCSqGSIb3DQEBCwUAMIGQMQswCQYDVQQGEwJV # UzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UE # ChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMTowOAYDVQQDEzFNaWNyb3NvZnQgVGVz # dGluZyBSb290IENlcnRpZmljYXRlIEF1dGhvcml0eSAyMDEwMB4XDTEwMDcwMTIx # MjMwMVoXDTI1MDcwMTIxMzMwMVoweTELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldh # c2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBD # b3Jwb3JhdGlvbjEjMCEGA1UEAxMaTWljcm9zb2Z0IFRlc3RpbmcgUENBIDIwMTAw # ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBvSHVS2YGAJIwORjKy3NC # WbHvmyeo4OhVvSmw+SQfOtHow1mJ7ZG2wegzY/ZaZBniLnwMkIAFOL8cproNai/v # J5er3vbvUPOD59fDRTciPxi1wpYRto0Sg1mLJ1EGVnW5YGoTDtUmPy2WqgXMoYc/ # vk807wxMb8wE1KHmZ80KJzOf46+bb2h8vLQMczSMWoH5h/tUHMVHbOqfV7RZ/c4Z # qXd8h0KftXmUvMt2ktuWl6FfBCQ5/qGV4Z+G417ZXFbfQ5CfyRTq0fWgW6vzCATd # KK8b4qouE6AK7dKZRCr1mUT7K6RP8bthwh0t9SUnAqh475M59F51ge7S4HYMWyPv # AgMBAAGjggHsMIIB6DAQBgkrBgEEAYI3FQEEAwIBADAdBgNVHQ4EFgQU3dZHiyMU # L9g4aEKjPm3D8JD3LNAwGQYJKwYBBAGCNxQCBAweCgBTAHUAYgBDAEEwCwYDVR0P # BAQDAgGGMA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAUowEEfjCIM+u5MZzK # 64V2Z/xltNEwWQYDVR0fBFIwUDBOoEygSoZIaHR0cDovL2NybC5taWNyb3NvZnQu # Y29tL3BraS9jcmwvcHJvZHVjdHMvTWljVGVzUm9vQ2VyQXV0XzIwMTAtMDYtMTcu # Y3JsMF0GCCsGAQUFBwEBBFEwTzBNBggrBgEFBQcwAoZBaHR0cDovL3d3dy5taWNy # b3NvZnQuY29tL3BraS9jZXJ0cy9NaWNUZXNSb29DZXJBdXRfMjAxMC0wNi0xNy5j # cnQwgaAGA1UdIAEB/wSBlTCBkjCBjwYJKwYBBAGCNy4DMIGBMD0GCCsGAQUFBwIB # FjFodHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vUEtJL2RvY3MvQ1BTL2RlZmF1bHQu # aHRtMEAGCCsGAQUFBwICMDQeMiAdAEwAZQBnAGEAbABfAFAAbwBsAGkAYwB5AF8A # UwB0AGEAdABlAG0AZQBuAHQALiAdMA0GCSqGSIb3DQEBCwUAA4ICAQBAYQU+N90z # e1LCSGuA92ADFrbJLol+vdlYHGPT9ZLS9loEDQjuh7/rmDQ6ZXxQ5MgbKVB5VXsY # OZG1QSbzF3+YlWd8TN1y5B21BM3DSPb6r+3brl50kW2t1JqACtiLbZnmhmh5hkdJ # i8HYUfLQ7xKcP0g1CIJP9CyKil7UJv/HnMXKigTGiBaHjfVtVwG5k8roymrEirpB # DcOMVB0OZiTXxYIHDbM4v7LItZYIISdPs6+LwxwzwdroMdpj42+3dWQBumpRGQAg # qJ9i5UiBQtUM+9vLpKIRnujnWfQxbaIuIt2HRLFpHUYKGOXRlf148o+71dX3YWap # 88+ocaxkM8rkavgDNkcWSe9Dpoq8a3tS2P9BpxewDV+iSzF0JRo9UOZeciaSQDZv # rkQskxJjtdO725L6E5Fu1Ti+lGl6exRCnhPbooxCqHEGLRdiwXkrmLp+huTGAK8z # mfEt0d1JFrrDdu5kqoG3OVT2dN4JVFNpOFvCU/LNiVDCyCIcG0cSRVtDjyNckMhu # 1PcPtberjr1mcL8RkTzvonoH4pIvQk1k4IOLpdxslOj2oigApZjqCBJA3mIEZHln # wRuglg4Er74nSmL6953C0r1Vwl7T0vXnQO8izb+incAb1r6Y+45N5aVXww+PqHJB # RjvhjyBKG+1aDLVM3ixjV9P6OZkOvp4uozGCFWIwghVeAgEBMIGQMHkxCzAJBgNV # BAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4w # HAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xIzAhBgNVBAMTGk1pY3Jvc29m # dCBUZXN0aW5nIFBDQSAyMDEwAhMzAAAD53EWvSG3L5ZCAAAAAAPnMA0GCWCGSAFl # AwQCAQUAoIGuMBkGCSqGSIb3DQEJAzEMBgorBgEEAYI3AgEEMBwGCisGAQQBgjcC # AQsxDjAMBgorBgEEAYI3AgEVMC8GCSqGSIb3DQEJBDEiBCAYTjmPEfDHNlY65rLA # SGuwMuZPWsjhZqxX+ji0s2n8MDBCBgorBgEEAYI3AgEMMTQwMqAUgBIATQBpAGMA # cgBvAHMAbwBmAHShGoAYaHR0cDovL3d3dy5taWNyb3NvZnQuY29tMA0GCSqGSIb3 # DQEBAQUABIIBAEUqf4edLlRnaIoIGxeNtrmUv5r3lA6rc4mnlmTtogflBWZtUM2Z # V32WM72hBETS4Rouob03ekkw1h419X9I7ImP237vKpagQ6Zfab9ZK8CYBORLOviK # 40eLgIH+oEF6pYyTnCTgQcK7H9F2lfnizeiW2+7RPiJCYXn1Sx+nugWIYK2yARYe # D8XR4QvHAVBRBrjZ5cGY2CDMyQ6MFfDTb0buJmlSiH1LlDhGgICJJalDyDyviWVF # sFHoeJaNccHRfvSqxJvcUxjQGTTfK8I9lTaerF/VujNi467PJcKqLQXjWDIvr93G # cOBykM+y3c/wG/lEZSjbzs7fXjeWTjKKpVWhghLxMIIS7QYKKwYBBAGCNwMDATGC # Et0wghLZBgkqhkiG9w0BBwKgghLKMIISxgIBAzEPMA0GCWCGSAFlAwQCAQUAMIIB # VQYLKoZIhvcNAQkQAQSgggFEBIIBQDCCATwCAQEGCisGAQQBhFkKAwEwMTANBglg # hkgBZQMEAgEFAAQggRdlBLlXV7FFUKN/gOl6U6YbLq5cVD+oI172No4XvukCBl+7 # yVvTURgTMjAyMDExMjcxMTQ4NTQuNzgxWjAEgAIB9KCB1KSB0TCBzjELMAkGA1UE # BhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAc # BgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEpMCcGA1UECxMgTWljcm9zb2Z0 # IE9wZXJhdGlvbnMgUHVlcnRvIFJpY28xJjAkBgNVBAsTHVRoYWxlcyBUU1MgRVNO # OjQ2MkYtRTMxOS0zRjIwMSUwIwYDVQQDExxNaWNyb3NvZnQgVGltZS1TdGFtcCBT # ZXJ2aWNloIIORDCCBPUwggPdoAMCAQICEzMAAAEky80CoRdwXJoAAAAAASQwDQYJ # KoZIhvcNAQELBQAwfDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24x # EDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlv # bjEmMCQGA1UEAxMdTWljcm9zb2Z0IFRpbWUtU3RhbXAgUENBIDIwMTAwHhcNMTkx # MjE5MDExNDU3WhcNMjEwMzE3MDExNDU3WjCBzjELMAkGA1UEBhMCVVMxEzARBgNV # BAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jv # c29mdCBDb3Jwb3JhdGlvbjEpMCcGA1UECxMgTWljcm9zb2Z0IE9wZXJhdGlvbnMg # UHVlcnRvIFJpY28xJjAkBgNVBAsTHVRoYWxlcyBUU1MgRVNOOjQ2MkYtRTMxOS0z # RjIwMSUwIwYDVQQDExxNaWNyb3NvZnQgVGltZS1TdGFtcCBTZXJ2aWNlMIIBIjAN # BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkJsqOA2eGO8yWdE0C3Htfc3llmRJ # 9QVQvJaxUnWmfIyxIhOKaDWrc5DUiR/T/eCDxQblMhGbvAfyyMG2gHee7MXPXUJ6 # AgVxqdie3TnQm+etRMp4A9RHmkulN4/dASAv4JY5ziVOD9fGOdC/TUUPtNOf0MS4 # 7eSnQZDzsyN3myzErQrWrghY0UDJGnHmfxWbdWbWKJUvkUwNQqyXkb9KpB2IQOfx # yphupYxXNYf3g90p3DWYgdOgFEI2xH0EcdbM2RJL5HRZGKkFJKispPty4uUQFiEO # jwBje4waW/SQtEscBJn6zPad+SlbYJW35seFWYzr/mqK7Z/t5ihNgm5wUQIDAQAB # o4IBGzCCARcwHQYDVR0OBBYEFLsd0XKsYoiEPG/KksDWUP/AZFKwMB8GA1UdIwQY # MBaAFNVjOlyKMZDzQ3t8RhvFM2hahW1VMFYGA1UdHwRPME0wS6BJoEeGRWh0dHA6 # Ly9jcmwubWljcm9zb2Z0LmNvbS9wa2kvY3JsL3Byb2R1Y3RzL01pY1RpbVN0YVBD # QV8yMDEwLTA3LTAxLmNybDBaBggrBgEFBQcBAQROMEwwSgYIKwYBBQUHMAKGPmh0 # dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9wa2kvY2VydHMvTWljVGltU3RhUENBXzIw # MTAtMDctMDEuY3J0MAwGA1UdEwEB/wQCMAAwEwYDVR0lBAwwCgYIKwYBBQUHAwgw # DQYJKoZIhvcNAQELBQADggEBAGjdDM241GDN1+XADhTt/d7YJwaXB2DqKLj3xwGJ # KtOlYo7eqrPmm+AcCTiGHrL8UtjzRHn2KcvBxW7IPbhLckR1KJ7jLW0Lkmm3B5HW # qXFEkJEzi8buc+0gLh4AwpxeCi+7SZMW/vGkUBWlG6+56lH3WAh17fbyW/UdNMkJ # X8sEGTzdeLucIY8Xn0XF4itwTfbG3hgmASkQCKR4yq9YJMzI+qWa/H0n3Z/FTdxB # zDaPYRbCo4PlPc3PYdZ89XzSyKEPUDpjkeGOlL21oM+zsIjnwjbXUXfKx6A3I56w # bcxOtIkfI8wspgUPFwbWd5XSWKS2/5Nb3buxQ5VzNxJSFAswggZxMIIEWaADAgEC # AgphCYEqAAAAAAACMA0GCSqGSIb3DQEBCwUAMIGIMQswCQYDVQQGEwJVUzETMBEG # A1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWlj # cm9zb2Z0IENvcnBvcmF0aW9uMTIwMAYDVQQDEylNaWNyb3NvZnQgUm9vdCBDZXJ0 # aWZpY2F0ZSBBdXRob3JpdHkgMjAxMDAeFw0xMDA3MDEyMTM2NTVaFw0yNTA3MDEy # MTQ2NTVaMHwxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYD # VQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xJjAk # BgNVBAMTHU1pY3Jvc29mdCBUaW1lLVN0YW1wIFBDQSAyMDEwMIIBIjANBgkqhkiG # 9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqR0NvHcRijog7PwTl/X6f2mUa3RUENWlCgCC # hfvtfGhLLF/Fw+Vhwna3PmYrW/AVUycEMR9BGxqVHc4JE458YTBZsTBED/FgiIRU # QwzXTbg4CLNC3ZOs1nMwVyaCo0UN0Or1R4HNvyRgMlhgRvJYR4YyhB50YWeRX4FU # sc+TTJLBxKZd0WETbijGGvmGgLvfYfxGwScdJGcSchohiq9LZIlQYrFd/XcfPfBX # day9ikJNQFHRD5wGPmd/9WbAA5ZEfu/QS/1u5ZrKsajyeioKMfDaTgaRtogINeh4 # HLDpmc085y9Euqf03GS9pAHBIAmTeM38vMDJRF1eFpwBBU8iTQIDAQABo4IB5jCC # AeIwEAYJKwYBBAGCNxUBBAMCAQAwHQYDVR0OBBYEFNVjOlyKMZDzQ3t8RhvFM2ha # hW1VMBkGCSsGAQQBgjcUAgQMHgoAUwB1AGIAQwBBMAsGA1UdDwQEAwIBhjAPBgNV # HRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFNX2VsuP6KJcYmjRPZSQW9fOmhjEMFYG # A1UdHwRPME0wS6BJoEeGRWh0dHA6Ly9jcmwubWljcm9zb2Z0LmNvbS9wa2kvY3Js # L3Byb2R1Y3RzL01pY1Jvb0NlckF1dF8yMDEwLTA2LTIzLmNybDBaBggrBgEFBQcB # AQROMEwwSgYIKwYBBQUHMAKGPmh0dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9wa2kv # Y2VydHMvTWljUm9vQ2VyQXV0XzIwMTAtMDYtMjMuY3J0MIGgBgNVHSABAf8EgZUw # gZIwgY8GCSsGAQQBgjcuAzCBgTA9BggrBgEFBQcCARYxaHR0cDovL3d3dy5taWNy # b3NvZnQuY29tL1BLSS9kb2NzL0NQUy9kZWZhdWx0Lmh0bTBABggrBgEFBQcCAjA0 # HjIgHQBMAGUAZwBhAGwAXwBQAG8AbABpAGMAeQBfAFMAdABhAHQAZQBtAGUAbgB0 # AC4gHTANBgkqhkiG9w0BAQsFAAOCAgEAB+aIUQ3ixuCYP4FxAz2do6Ehb7Prpsz1 # Mb7PBeKp/vpXbRkws8LFZslq3/Xn8Hi9x6ieJeP5vO1rVFcIK1GCRBL7uVOMzPRg # Eop2zEBAQZvcXBf/XPleFzWYJFZLdO9CEMivv3/Gf/I3fVo/HPKZeUqRUgCvOA8X # 9S95gWXZqbVr5MfO9sp6AG9LMEQkIjzP7QOllo9ZKby2/QThcJ8ySif9Va8v/rbl # jjO7Yl+a21dA6fHOmWaQjP9qYn/dxUoLkSbiOewZSnFjnXshbcOco6I8+n99lmqQ # eKZt0uGc+R38ONiU9MalCpaGpL2eGq4EQoO4tYCbIjggtSXlZOz39L9+Y1klD3ou # OVd2onGqBooPiRa6YacRy5rYDkeagMXQzafQ732D8OE7cQnfXXSYIghh2rBQHm+9 # 8eEA3+cxB6STOvdlR3jo+KhIq/fecn5ha293qYHLpwmsObvsxsvYgrRyzR30uIUB # HoD7G4kqVDmyW9rIDVWZeodzOwjmmC3qjeAzLhIp9cAvVCch98isTtoouLGp25ay # p0Kiyc8ZQU3ghvkqmqMRZjDTu3QyS99je/WZii8bxyGvWbWu3EQ8l1Bx16HSxVXj # ad5XwdHeMMD9zOZN+w2/XU/pnR4ZOC+8z1gFLu8NoFA12u8JJxzVs341Hgi62jbb # 01+P3nSISRKhggLSMIICOwIBATCB/KGB1KSB0TCBzjELMAkGA1UEBhMCVVMxEzAR # BgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1p # Y3Jvc29mdCBDb3Jwb3JhdGlvbjEpMCcGA1UECxMgTWljcm9zb2Z0IE9wZXJhdGlv # bnMgUHVlcnRvIFJpY28xJjAkBgNVBAsTHVRoYWxlcyBUU1MgRVNOOjQ2MkYtRTMx # OS0zRjIwMSUwIwYDVQQDExxNaWNyb3NvZnQgVGltZS1TdGFtcCBTZXJ2aWNloiMK # AQEwBwYFKw4DAhoDFQCXA+U0Kr5SfnhR/Et7/ApLVdzieqCBgzCBgKR+MHwxCzAJ # BgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25k # MR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xJjAkBgNVBAMTHU1pY3Jv # c29mdCBUaW1lLVN0YW1wIFBDQSAyMDEwMA0GCSqGSIb3DQEBBQUAAgUA42rkyDAi # GA8yMDIwMTEyNzA2MzY1NloYDzIwMjAxMTI4MDYzNjU2WjB3MD0GCisGAQQBhFkK # BAExLzAtMAoCBQDjauTIAgEAMAoCAQACAhcKAgH/MAcCAQACAhF+MAoCBQDjbDZI # AgEAMDYGCisGAQQBhFkKBAIxKDAmMAwGCisGAQQBhFkKAwKgCjAIAgEAAgMHoSCh # CjAIAgEAAgMBhqAwDQYJKoZIhvcNAQEFBQADgYEAK0un05AWb9mKKNcPYewLvupT # xkJ+qJJ46+CQ9CjNP0JjskO2cwfv/qk4BZT62NMhSGHu/iCpBkL8dkTbkKTXGezu # gCAQaWdHR3CXyFqUklkzNgbUJ4/IksEs9ySF1OqIVGMQ1EiQTIRAZMO7KXYiw/cg # bhdasdimLzGvCtfjpLIxggMNMIIDCQIBATCBkzB8MQswCQYDVQQGEwJVUzETMBEG # A1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWlj # cm9zb2Z0IENvcnBvcmF0aW9uMSYwJAYDVQQDEx1NaWNyb3NvZnQgVGltZS1TdGFt # cCBQQ0EgMjAxMAITMwAAASTLzQKhF3BcmgAAAAABJDANBglghkgBZQMEAgEFAKCC # AUowGgYJKoZIhvcNAQkDMQ0GCyqGSIb3DQEJEAEEMC8GCSqGSIb3DQEJBDEiBCBQ # u7TMDZUOFjPnIsNvIbUgCKz01CBwBG73hi7uzVRf2jCB+gYLKoZIhvcNAQkQAi8x # geowgecwgeQwgb0EIGI44eiiGov5ftdr/bmOnXBOtDFiVgYuzOKz+cBOKuMgMIGY # MIGApH4wfDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNV # BAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEmMCQG # A1UEAxMdTWljcm9zb2Z0IFRpbWUtU3RhbXAgUENBIDIwMTACEzMAAAEky80CoRdw # XJoAAAAAASQwIgQghv/DOm48W5GfI3PbQGzT7uKCNt+3WIun1PC1yQ7Lm5owDQYJ # KoZIhvcNAQELBQAEggEAizjloAR43wvrHUPXSB7hRFYMPijQw/3TFDr31wmcvLAB # 1v6puCU1zMi+7gqvmw2BPbZ0rNN7EIMBmLHvslRaWyU1fAP0BPvHVdbgcOUzJHKT # JeTlK8S7vi1kgwKCDjm03NxpWew6oPd1aS+6twN/Eoy6TleK3DdFz1xK/slcKWAt # n7s8K3ilw80hTKaj8HrEVeNFUK/2jSeCAVadio/1daP1R9phWfxwyN3GgyEi/llm # Zl43RJMghlhHpLu3Mc8dQtnDo6iAE/6jdvxrJKimBGzwu4wEV7EbsSsNGnCpjN6d # EtZrEUW+Nejx8qslYQD241Vksir1H0IxQGhIzBCivA== # SIG # End signature block |