From 8e265d54d2ce440538fd1c356da8192609f06135 Mon Sep 17 00:00:00 2001 From: mahammedtaheer <57249563+mahammedtaheer@users.noreply.github.com> Date: Mon, 20 Nov 2023 20:05:14 +0530 Subject: [PATCH] [ES-418] Added password based auth support. (#1132) Signed-off-by: Mahammed Taheer --- .../service/config/IDAMappingConfig.java | 3 + .../common/service/facade/AuthFacadeImpl.java | 53 ++ .../common/service/filter/IdAuthFilter.java | 16 + .../common/service/helper/IdInfoHelper.java | 6 + .../service/impl/IdInfoFetcherImpl.java | 16 + .../service/impl/PasswordAuthServiceImpl.java | 70 +++ .../service/impl/match/IdaIdMapping.java | 3 +- .../service/impl/match/PasswordAuthType.java | 57 ++ .../service/impl/match/PasswordMatchType.java | 131 +++++ .../impl/match/PasswordMatchingStrategy.java | 85 +++ .../integration/PasswordComparator.java | 39 ++ .../manager/IdAuthSecurityManager.java | 10 + .../common/service/util/AuthTypeUtil.java | 9 + .../core/constant/AuditEvents.java | 2 + .../core/constant/AuditModules.java | 2 + .../core/constant/IdAuthCommonConstants.java | 6 + .../IdAuthenticationErrorConstants.java | 7 +- .../core/constant/RequestType.java | 3 +- .../core/indauth/dto/KycRequestDTO.java | 2 + .../match/ComparePasswordFunction.java | 22 + .../core/spi/indauth/match/IdInfoFetcher.java | 499 +++++++++--------- .../core/spi/indauth/match/MappingConfig.java | 497 ++++++++--------- .../core/spi/indauth/match/MatchType.java | 5 +- .../indauth/service/PasswordAuthService.java | 4 + .../Dockerfile | 2 + .../lib/libargon2.so | Bin 0 -> 194040 bytes .../InternalAuthenticationApplication.java | 5 +- .../authentication-otp-service/Dockerfile | 2 + .../lib/libargon2.so | Bin 0 -> 194040 bytes .../otp/service/OtpApplication.java | 5 +- .../authentication-service/Dockerfile | 2 + .../authentication-service/lib/libargon2.so | Bin 0 -> 194040 bytes .../service/IdAuthenticationApplication.java | 7 +- .../service/kyc/filter/KycAuthFilter.java | 2 + authentication/pom.xml | 2 +- 35 files changed, 1078 insertions(+), 496 deletions(-) create mode 100644 authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/impl/PasswordAuthServiceImpl.java create mode 100644 authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/impl/match/PasswordAuthType.java create mode 100644 authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/impl/match/PasswordMatchType.java create mode 100644 authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/impl/match/PasswordMatchingStrategy.java create mode 100644 authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/integration/PasswordComparator.java create mode 100644 authentication/authentication-core/src/main/java/io/mosip/authentication/core/spi/indauth/match/ComparePasswordFunction.java create mode 100644 authentication/authentication-core/src/main/java/io/mosip/authentication/core/spi/indauth/service/PasswordAuthService.java create mode 100755 authentication/authentication-internal-service/lib/libargon2.so create mode 100755 authentication/authentication-otp-service/lib/libargon2.so create mode 100755 authentication/authentication-service/lib/libargon2.so diff --git a/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/config/IDAMappingConfig.java b/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/config/IDAMappingConfig.java index b2f00b47101..3117ec4c3fc 100644 --- a/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/config/IDAMappingConfig.java +++ b/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/config/IDAMappingConfig.java @@ -126,4 +126,7 @@ public class IDAMappingConfig implements MappingConfig { /** The dynamic attributes. */ private Map> dynamicAttributes; + /** The password. */ + private List password; + } diff --git a/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/facade/AuthFacadeImpl.java b/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/facade/AuthFacadeImpl.java index e215a10e3a8..c95f38bea78 100644 --- a/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/facade/AuthFacadeImpl.java +++ b/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/facade/AuthFacadeImpl.java @@ -29,6 +29,7 @@ import io.mosip.authentication.common.service.helper.AuditHelper; import io.mosip.authentication.common.service.helper.AuthTransactionHelper; import io.mosip.authentication.common.service.helper.IdInfoHelper; +import io.mosip.authentication.common.service.impl.match.IdaIdMapping; import io.mosip.authentication.common.service.integration.TokenIdManager; import io.mosip.authentication.common.service.transaction.manager.IdAuthSecurityManager; import io.mosip.authentication.common.service.util.AuthTypeUtil; @@ -47,6 +48,7 @@ import io.mosip.authentication.core.indauth.dto.AuthStatusInfo; import io.mosip.authentication.core.indauth.dto.IdType; import io.mosip.authentication.core.indauth.dto.IdentityInfoDTO; +import io.mosip.authentication.core.indauth.dto.KycAuthRequestDTO; import io.mosip.authentication.core.indauth.dto.EkycAuthRequestDTO; import io.mosip.authentication.core.logger.IdaLogger; import io.mosip.authentication.core.partner.dto.PartnerPolicyResponseDTO; @@ -58,6 +60,7 @@ import io.mosip.authentication.core.spi.indauth.service.BioAuthService; import io.mosip.authentication.core.spi.indauth.service.DemoAuthService; import io.mosip.authentication.core.spi.indauth.service.OTPAuthService; +import io.mosip.authentication.core.spi.indauth.service.PasswordAuthService; import io.mosip.authentication.core.spi.notification.service.NotificationService; import io.mosip.authentication.core.spi.partner.service.PartnerService; import io.mosip.kernel.core.logger.spi.Logger; @@ -129,6 +132,9 @@ public class AuthFacadeImpl implements AuthFacade { @Autowired private KeyBindedTokenAuthService keyBindedTokenAuthService; + + @Autowired + private PasswordAuthService passwordAuthService; /* * (non-Javadoc) @@ -161,6 +167,14 @@ public AuthResponseDTO authenticateIndividual(AuthRequestDTO authRequestDTO, boo addKycPolicyAttributes(filterAttributes, kycAuthRequestDTO); } + + if(authRequestDTO instanceof KycAuthRequestDTO) { + KycAuthRequestDTO kycAuthRequestDTO = (KycAuthRequestDTO) authRequestDTO; + // In case of kyc-auth request and password auth is requested + if(AuthTypeUtil.isPassword(kycAuthRequestDTO)) { + filterAttributes.add(IdaIdMapping.PASSWORD.getIdname()); + } + } Map idResDTO = idService.processIdType(idvIdType, idvid, idInfoHelper.isBiometricDataNeeded(authRequestDTO), markVidConsumed, filterAttributes); @@ -312,6 +326,11 @@ private List processAuthType(AuthRequestDTO authRequestDTO, authTxnBuilder, idvidHash); } + if (!isMatchFailed(authStatusList)) { + processPasswordAuth(authRequestDTO, idInfo, token, isAuth, authStatusList, idType, authTokenId, partnerId, + authTxnBuilder, idvidHash); + } + return authStatusList; } @@ -513,5 +532,39 @@ private void processTokenAuth(AuthRequestDTO authRequestDTO, Map> idInfo, String token, + boolean isAuth, List authStatusList, IdType idType, String authTokenId, String partnerId, + AuthTransactionBuilder authTxnBuilder, String idvidHash) throws IdAuthenticationBusinessException { + if (AuthTypeUtil.isPassword(authRequestDTO)) { + AuthStatusInfo passwordMatchStatus = null; + try { + passwordMatchStatus = passwordAuthService.authenticate(authRequestDTO, token, idInfo, partnerId); + authStatusList.add(passwordMatchStatus); + + boolean isStatus = passwordMatchStatus != null && passwordMatchStatus.isStatus(); + auditHelper.audit(AuditModules.PASSWORD_AUTH, AuditEvents.PASSWORD_BASED_AUTH_REQUEST, idvidHash, + idType, "authenticateApplicant status(Password) : " + isStatus); + } finally { + boolean isStatus = passwordMatchStatus != null && passwordMatchStatus.isStatus(); + logger.info(IdAuthCommonConstants.SESSION_ID, EnvUtil.getAppId(), + AUTH_FACADE, "Password Authentication status : " + isStatus); + authTxnBuilder.addRequestType(RequestType.PASSWORD_AUTH); + } + } + } } \ No newline at end of file diff --git a/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/filter/IdAuthFilter.java b/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/filter/IdAuthFilter.java index a8d5e2bc73f..9796bed5cff 100644 --- a/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/filter/IdAuthFilter.java +++ b/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/filter/IdAuthFilter.java @@ -28,6 +28,8 @@ import javax.servlet.ServletException; import io.mosip.authentication.core.indauth.dto.KeyBindedTokenDTO; +import io.mosip.authentication.core.indauth.dto.KycAuthRequestDTO; + import org.apache.commons.codec.binary.Base64; import org.apache.commons.codec.digest.DigestUtils; import org.springframework.beans.factory.NoSuchBeanDefinitionException; @@ -843,6 +845,7 @@ protected void checkAllowedAuthTypeForKeyBindedToken(Map request Object value = Optional.ofNullable(requestBody.get(IdAuthCommonConstants.REQUEST)) .filter(obj -> obj instanceof Map).map(obj -> ((Map) obj).get(KEY_BINDED_TOKEN)) .filter(obj -> obj instanceof List).orElse(Collections.emptyMap()); + List list = mapper.readValue(mapper.writeValueAsBytes(value), new TypeReference>() { }); @@ -861,6 +864,19 @@ protected void checkAllowedAuthTypeForKeyBindedToken(Map request } } + protected void checkAllowedAuthTypeForPassword(Map requestBody, List authPolicies) + throws IdAuthenticationAppException, IOException { + KycAuthRequestDTO authRequestDTO = mapper.readValue(mapper.writeValueAsBytes(requestBody), + KycAuthRequestDTO.class); + + if (AuthTypeUtil.isPassword(authRequestDTO) && !isAllowedAuthType(MatchType.Category.PASSWORD.getType(), authPolicies)) { + throw new IdAuthenticationAppException( + IdAuthenticationErrorConstants.AUTHTYPE_NOT_ALLOWED.getErrorCode(), + String.format(IdAuthenticationErrorConstants.AUTHTYPE_NOT_ALLOWED.getErrorMessage(), + MatchType.Category.PASSWORD.name())); + } + } + /** * Check allowed auth type for bio. * diff --git a/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/helper/IdInfoHelper.java b/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/helper/IdInfoHelper.java index c7293860059..bd19c5cf457 100644 --- a/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/helper/IdInfoHelper.java +++ b/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/helper/IdInfoHelper.java @@ -535,6 +535,12 @@ private Map getEntityInfo(Map> idE IdAuthenticationErrorConstants.KEY_BINDING_MISSING.getErrorCode(), String.format(IdAuthenticationErrorConstants.KEY_BINDING_MISSING.getErrorMessage(), input.getAuthType().getType())); + + case PASSWORD: + throw new IdAuthenticationBusinessException( + IdAuthenticationErrorConstants.PASSWORD_MISSING.getErrorCode(), + String.format(IdAuthenticationErrorConstants.PASSWORD_MISSING.getErrorMessage(), + input.getAuthType().getType())); } } return entityInfo; diff --git a/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/impl/IdInfoFetcherImpl.java b/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/impl/IdInfoFetcherImpl.java index be8c0aa7aea..cdebdf68e2c 100644 --- a/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/impl/IdInfoFetcherImpl.java +++ b/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/impl/IdInfoFetcherImpl.java @@ -26,6 +26,7 @@ import io.mosip.authentication.common.service.impl.match.IdaIdMapping; import io.mosip.authentication.common.service.integration.MasterDataManager; import io.mosip.authentication.common.service.integration.OTPManager; +import io.mosip.authentication.common.service.integration.PasswordComparator; import io.mosip.authentication.common.service.util.BioMatcherUtil; import io.mosip.authentication.common.service.util.EnvUtil; import io.mosip.authentication.core.constant.IdAuthCommonConstants; @@ -37,6 +38,7 @@ import io.mosip.authentication.core.indauth.dto.RequestDTO; import io.mosip.authentication.core.spi.bioauth.CbeffDocType; import io.mosip.authentication.core.spi.indauth.match.AuthType; +import io.mosip.authentication.core.spi.indauth.match.ComparePasswordFunction; import io.mosip.authentication.core.spi.indauth.match.IdInfoFetcher; import io.mosip.authentication.core.spi.indauth.match.IdMapping; import io.mosip.authentication.core.spi.indauth.match.MappingConfig; @@ -96,6 +98,9 @@ public class IdInfoFetcherImpl implements IdInfoFetcher { @Autowired(required = false) private KeyBindedTokenMatcherUtil keyBindedTokenMatcherUtil; + + @Autowired(required = false) + private PasswordComparator passwordComparator; /** * Gets the demo normalizer. @@ -572,4 +577,15 @@ public List getUserPreferredLanguages(Map> } return Collections.emptyList(); } + + /* + * Get Match password Function + * + * @see io.mosip.authentication.core.spi.indauth.match.IdInfoFetcher# + * getMatchPasswordFunction() + */ + @Override + public ComparePasswordFunction getMatchPasswordFunction() { + return passwordComparator::matchPasswordFunction; + } } diff --git a/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/impl/PasswordAuthServiceImpl.java b/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/impl/PasswordAuthServiceImpl.java new file mode 100644 index 00000000000..d337d55c482 --- /dev/null +++ b/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/impl/PasswordAuthServiceImpl.java @@ -0,0 +1,70 @@ +package io.mosip.authentication.common.service.impl; + +import java.util.List; +import java.util.Map; + +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Service; + +import io.mosip.authentication.common.service.builder.AuthStatusInfoBuilder; +import io.mosip.authentication.common.service.builder.MatchInputBuilder; +import io.mosip.authentication.common.service.config.IDAMappingConfig; +import io.mosip.authentication.common.service.helper.IdInfoHelper; +import io.mosip.authentication.common.service.impl.match.PasswordAuthType; +import io.mosip.authentication.common.service.impl.match.PasswordMatchType; +import io.mosip.authentication.core.constant.IdAuthenticationErrorConstants; +import io.mosip.authentication.core.exception.IdAuthenticationBusinessException; +import io.mosip.authentication.core.indauth.dto.AuthRequestDTO; +import io.mosip.authentication.core.indauth.dto.AuthStatusInfo; +import io.mosip.authentication.core.indauth.dto.IdentityInfoDTO; +import io.mosip.authentication.core.spi.indauth.match.MatchInput; +import io.mosip.authentication.core.spi.indauth.match.MatchOutput; +import io.mosip.authentication.core.spi.indauth.service.PasswordAuthService; +import lombok.NoArgsConstructor; + +@Service +@NoArgsConstructor +public class PasswordAuthServiceImpl implements PasswordAuthService { + + @Autowired + private IdInfoHelper idInfoHelper; + + /** The id info helper. */ + @Autowired + private MatchInputBuilder matchInputBuilder; + + /** The ida mapping config. */ + @Autowired + private IDAMappingConfig idaMappingConfig; + + public AuthStatusInfo authenticate(AuthRequestDTO authRequestDTO,String individualId, + Map> idInfo,String partnerId) + throws IdAuthenticationBusinessException { + + if (idInfo == null || idInfo.isEmpty()) { + throw new IdAuthenticationBusinessException(IdAuthenticationErrorConstants.SERVER_ERROR); + } + + List listMatchInputs = constructMatchInput(authRequestDTO, idInfo); + + List listMatchOutputs = constructMatchOutput(authRequestDTO, listMatchInputs, idInfo, + partnerId); + // Using AND condition on the match output for Bio auth. + boolean isMatched = !listMatchOutputs.isEmpty() && listMatchOutputs.stream().allMatch(MatchOutput::isMatched); + return AuthStatusInfoBuilder.buildStatusInfo(isMatched, listMatchInputs, listMatchOutputs, + PasswordAuthType.values(), idaMappingConfig); + + } + + public List constructMatchInput(AuthRequestDTO authRequestDTO, + Map> idInfo) { + return matchInputBuilder.buildMatchInput(authRequestDTO, PasswordAuthType.values(), PasswordMatchType.values(), + idInfo); + } + + private List constructMatchOutput(AuthRequestDTO authRequestDTO, List listMatchInputs, + Map> idInfo, String partnerId) + throws IdAuthenticationBusinessException { + return idInfoHelper.matchIdentityData(authRequestDTO, idInfo, listMatchInputs, partnerId); + } +} diff --git a/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/impl/match/IdaIdMapping.java b/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/impl/match/IdaIdMapping.java index 789171e659b..4e3ccd80650 100644 --- a/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/impl/match/IdaIdMapping.java +++ b/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/impl/match/IdaIdMapping.java @@ -177,13 +177,14 @@ public String getSubType() { RIGHTIRIS, LEFTIRIS, UNKNOWN_IRIS, FACE,UNKNOWN_FACE), "DummyType"), - KEY_BINDED_TOKENS("keyBindedTokens"){ public BiFunction> getMappingFunction() { return (mappingConfig, matchType) -> { return Collections.emptyList(); }; } }, + PASSWORD("password", MappingConfig::getPassword), + /** The dynamic demographics ID Mapping. */ DYNAMIC("demographics") { diff --git a/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/impl/match/PasswordAuthType.java b/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/impl/match/PasswordAuthType.java new file mode 100644 index 00000000000..5c301684adf --- /dev/null +++ b/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/impl/match/PasswordAuthType.java @@ -0,0 +1,57 @@ +package io.mosip.authentication.common.service.impl.match; + +import io.mosip.authentication.common.service.impl.AuthTypeImpl; +import io.mosip.authentication.core.indauth.dto.AuthRequestDTO; +import io.mosip.authentication.core.indauth.dto.KycAuthRequestDTO; +import io.mosip.authentication.core.spi.indauth.match.AuthType; +import io.mosip.authentication.core.spi.indauth.match.ComparePasswordFunction; +import io.mosip.authentication.core.spi.indauth.match.IdInfoFetcher; +import io.mosip.authentication.core.spi.indauth.match.MatchType; + +import java.util.HashMap; +import java.util.Map; +import java.util.Objects; +import java.util.Set; + +public enum PasswordAuthType implements AuthType { + + PASSWORD(IdaIdMapping.PASSWORD.getIdname(), AuthType.setOf(PasswordMatchType.PASSWORD), "PASSWORD"); + + private AuthTypeImpl authTypeImpl; + + /** + * Instantiates a new demo auth type. + * + * @param type the type + * @param associatedMatchTypes the associated match types + */ + private PasswordAuthType(String type, Set associatedMatchTypes, String displayName) { + authTypeImpl = new AuthTypeImpl(type, associatedMatchTypes, displayName); + } + + + @Override + public boolean isAuthTypeInfoAvailable(AuthRequestDTO authRequestDTO) { + if(authRequestDTO instanceof KycAuthRequestDTO) { + KycAuthRequestDTO kycAuthRequestDTO = (KycAuthRequestDTO) authRequestDTO; + return Objects.nonNull(kycAuthRequestDTO.getRequest().getPassword()); + } + return false; + } + + @Override + public Map getMatchProperties(AuthRequestDTO authRequestDTO, IdInfoFetcher idInfoFetcher, + String language) { + Map valueMap = new HashMap<>(); + if(isAuthTypeInfoAvailable(authRequestDTO)) { + ComparePasswordFunction func = idInfoFetcher.getMatchPasswordFunction(); + valueMap.put(IdaIdMapping.PASSWORD.getIdname(), func); + } + return valueMap; + } + + @Override + public AuthType getAuthTypeImpl() { + return authTypeImpl; + } +} diff --git a/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/impl/match/PasswordMatchType.java b/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/impl/match/PasswordMatchType.java new file mode 100644 index 00000000000..2e3eec2c1d2 --- /dev/null +++ b/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/impl/match/PasswordMatchType.java @@ -0,0 +1,131 @@ +package io.mosip.authentication.common.service.impl.match; + +import static io.mosip.authentication.core.spi.indauth.match.MatchType.setOf; + +import java.util.Collections; +import java.util.HashMap; +import java.util.List; +import java.util.Map; +import java.util.Objects; +import java.util.Optional; +import java.util.Set; +import java.util.function.BiFunction; +import java.util.function.Function; + +import io.mosip.authentication.core.indauth.dto.AuthRequestDTO; +import io.mosip.authentication.core.indauth.dto.IdentityInfoDTO; +import io.mosip.authentication.core.indauth.dto.KycAuthRequestDTO; +import io.mosip.authentication.core.indauth.dto.RequestDTO; +import io.mosip.authentication.core.spi.indauth.match.IdMapping; +import io.mosip.authentication.core.spi.indauth.match.MatchType; +import io.mosip.authentication.core.spi.indauth.match.MatchingStrategy; +import io.mosip.authentication.core.spi.indauth.match.MatchingStrategyType; + +public enum PasswordMatchType implements MatchType { + + /** Primary password Match Type. */ + PASSWORD(IdaIdMapping.PASSWORD, Category.PASSWORD, setOf(PasswordMatchingStrategy.EXACT), authReq -> { + KycAuthRequestDTO kycAuthRequestDTO = (KycAuthRequestDTO)authReq; + return (Objects.nonNull(kycAuthRequestDTO.getRequest()) && + Objects.nonNull(kycAuthRequestDTO.getRequest().getPassword()))? kycAuthRequestDTO.getRequest().getPassword() : ""; + }); + + /** The allowed matching strategy. */ + private Set allowedMatchingStrategy; + + /** The request info function. */ + private Function> requestInfoFunction; + + /** The id mapping. */ + private IdMapping idMapping; + + private Category category; + + /** + * Instantiates a new demo match type. + * + * @param idMapping the id mapping + * @param allowedMatchingStrategy the allowed matching strategy + * @param requestInfoFunction the request info function + * @param langType the lang type + * @param usedBit the used bit + * @param matchedBit the matched bit + */ + private PasswordMatchType(IdMapping idMapping, Category category, Set allowedMatchingStrategy, + Function requestInfoFunction) { + this.idMapping = idMapping; + this.category = category; + this.requestInfoFunction = (AuthRequestDTO authReq) -> { + Map map = new HashMap<>(); + map.put(idMapping.getIdname(), requestInfoFunction.apply(authReq)); + return map; + }; + this.allowedMatchingStrategy = Collections.unmodifiableSet(allowedMatchingStrategy); + } + + /** + * Gets the allowed matching strategy. + * + * @param matchStrategyType the match strategy type + * @return the allowed matching strategy + */ + public Optional getAllowedMatchingStrategy(MatchingStrategyType matchStrategyType) { + return allowedMatchingStrategy.stream().filter(ms -> ms.getType().equals(matchStrategyType)).findAny(); + } + + /** + * Gets the entity info. + * + * @return the entity info + */ + public BiFunction, Map, Map> getEntityInfoMapper() { + return (entity, props) -> entity; + } + + /* + * (non-Javadoc) + * + * @see io.mosip.authentication.service.impl.indauth.service.demo.MatchType# + * getIdMapping() + */ + public IdMapping getIdMapping() { + return idMapping; + } + + /* + * (non-Javadoc) + * + * @see io.mosip.authentication.service.impl.indauth.service.demo.MatchType# + * getIdentityInfoFunction() + */ + @Override + public Function>> getIdentityInfoFunction() { + return id -> Collections.emptyMap(); + } + + /* + * (non-Javadoc) + * + * @see io.mosip.authentication.core.spi.indauth.match.MatchType#getCategory() + */ + @Override + public Category getCategory() { + return category; + } + + @Override + public Function> getReqestInfoFunction() { + return requestInfoFunction; + } + + @Override + public boolean hasIdEntityInfo() { + return true; + } + + @Override + public boolean hasRequestEntityInfo() { + return false; + } + +} diff --git a/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/impl/match/PasswordMatchingStrategy.java b/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/impl/match/PasswordMatchingStrategy.java new file mode 100644 index 00000000000..723a95279c9 --- /dev/null +++ b/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/impl/match/PasswordMatchingStrategy.java @@ -0,0 +1,85 @@ +package io.mosip.authentication.common.service.impl.match; + +import static io.mosip.authentication.core.constant.IdAuthCommonConstants.SEMI_COLON; + +import java.util.Map; + +import io.mosip.authentication.core.constant.IdAuthCommonConstants; +import io.mosip.authentication.core.constant.IdAuthenticationErrorConstants; +import io.mosip.authentication.core.exception.IdAuthenticationBusinessException; +import io.mosip.authentication.core.logger.IdaLogger; +import io.mosip.authentication.core.spi.indauth.match.ComparePasswordFunction; +import io.mosip.authentication.core.spi.indauth.match.MatchFunction; +import io.mosip.authentication.core.spi.indauth.match.MatchingStrategy; +import io.mosip.authentication.core.spi.indauth.match.MatchingStrategyType; +import io.mosip.authentication.core.util.DemoMatcherUtil; +import io.mosip.kernel.core.logger.spi.Logger; + +public enum PasswordMatchingStrategy implements MatchingStrategy { + + EXACT(MatchingStrategyType.EXACT, (Object reqInfo, Object entityInfo, Map props) -> { + if (reqInfo instanceof Map && entityInfo instanceof Map) { + Object object = props.get(IdaIdMapping.PASSWORD.getIdname()); + if (object instanceof ComparePasswordFunction) { + ComparePasswordFunction func = (ComparePasswordFunction) object; + Map entityInfoMap = (Map) entityInfo; + Map reqInfoMap = (Map) reqInfo; + String[] hashSaltValue = entityInfoMap.get("password").split(SEMI_COLON); + String passwordHashedValue = hashSaltValue[0]; + String salt = hashSaltValue[1]; + String reqInfoValue = reqInfoMap.get(IdaIdMapping.PASSWORD.getIdname()); + boolean matched = func.matchPasswordFunction(reqInfoValue, passwordHashedValue, salt); + return !matched ? 0 : 100; + } else { + logError(); + throw new IdAuthenticationBusinessException(IdAuthenticationErrorConstants.PASSWORD_MISMATCH.getErrorCode(), + IdAuthenticationErrorConstants.PASSWORD_MISMATCH.getErrorMessage()); + } + } + return 0; + }); + + private final MatchFunction matchFunction; + + /** The match strategy type. */ + private final MatchingStrategyType matchStrategyType; + + private static Logger mosipLogger = IdaLogger.getLogger(PasswordMatchingStrategy.class); + + /** + * Instantiates a new Token matching strategy. + * + * @param matchStrategyType the match strategy type + * @param matchFunction the match function + */ + private PasswordMatchingStrategy(MatchingStrategyType matchStrategyType, MatchFunction matchFunction) { + this.matchFunction = matchFunction; + this.matchStrategyType = matchStrategyType; + } + + /* (non-Javadoc) + * @see io.mosip.authentication.core.spi.indauth.match.MatchingStrategy#getType() + */ + @Override + public MatchingStrategyType getType() { + return matchStrategyType; + } + + /* (non-Javadoc) + * @see io.mosip.authentication.core.spi.indauth.match.MatchingStrategy#getMatchFunction() + */ + @Override + public MatchFunction getMatchFunction() { + return matchFunction; + } + + private static void logError() { + mosipLogger.error(IdAuthCommonConstants.SESSION_ID, IdAuthCommonConstants.PASSWORD_BASED_AUTH, + "Error in Passward Matching Strategy"); + } + + public static DemoMatcherUtil getDemoMatcherUtilObject(Map props) { + return (DemoMatcherUtil)props.get("demoMatcherUtil"); + } + +} diff --git a/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/integration/PasswordComparator.java b/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/integration/PasswordComparator.java new file mode 100644 index 00000000000..cafaa686935 --- /dev/null +++ b/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/integration/PasswordComparator.java @@ -0,0 +1,39 @@ + package io.mosip.authentication.common.service.integration; + +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Component; + +import io.mosip.authentication.common.service.transaction.manager.IdAuthSecurityManager; +import io.mosip.authentication.core.constant.IdAuthCommonConstants; +import io.mosip.authentication.core.constant.IdAuthenticationErrorConstants; +import io.mosip.authentication.core.exception.IdAuthenticationBusinessException; +import io.mosip.authentication.core.logger.IdaLogger; +import io.mosip.kernel.core.logger.spi.Logger; + + +/** + * This Class will compare the input password value with the stored Hash value & salt + * + */ +@Component +public class PasswordComparator { + + @Autowired(required = false) + private IdAuthSecurityManager securityManager; + + /** + * Logger + */ + private static Logger logger = IdaLogger.getLogger(PasswordComparator.class); + + public boolean matchPasswordFunction(String passwordValue, String passwordHashValue, String salt) throws IdAuthenticationBusinessException { + + try { + String inputPasswordHash = securityManager.generateArgon2Hash(passwordValue, salt); + return inputPasswordHash.equals(passwordHashValue); + } catch (Exception e) { + logger.error(IdAuthCommonConstants.SESSION_ID, this.getClass().getName(), e.getLocalizedMessage(),e.getMessage()); + throw new IdAuthenticationBusinessException(IdAuthenticationErrorConstants.SERVER_ERROR, e); + } + } +} diff --git a/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/transaction/manager/IdAuthSecurityManager.java b/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/transaction/manager/IdAuthSecurityManager.java index 6115f62ef9c..412ec9aefe0 100644 --- a/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/transaction/manager/IdAuthSecurityManager.java +++ b/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/transaction/manager/IdAuthSecurityManager.java @@ -49,6 +49,8 @@ import io.mosip.kernel.core.util.DateUtils; import io.mosip.kernel.core.util.HMACUtils2; import io.mosip.kernel.crypto.jce.core.CryptoCore; +import io.mosip.kernel.cryptomanager.dto.Argon2GenerateHashRequestDto; +import io.mosip.kernel.cryptomanager.dto.Argon2GenerateHashResponseDto; import io.mosip.kernel.cryptomanager.dto.CryptomanagerRequestDto; import io.mosip.kernel.cryptomanager.dto.JWTCipherResponseDto; import io.mosip.kernel.cryptomanager.service.CryptomanagerService; @@ -705,4 +707,12 @@ public String jwtEncrypt(String dataToEncrypt, String certificateData) { JWTCipherResponseDto cipherResponseDto = cryptomanagerService.jwtEncrypt(encryptRequestDto); return cipherResponseDto.getData(); } + + public String generateArgon2Hash(String anyString, String salt) { + Argon2GenerateHashRequestDto hashRequestDto = new Argon2GenerateHashRequestDto(); + hashRequestDto.setInputData(anyString); + hashRequestDto.setSalt(salt); + Argon2GenerateHashResponseDto hashResponseDto = cryptomanagerService.generateArgon2Hash(hashRequestDto); + return hashResponseDto.getHashValue(); + } } diff --git a/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/util/AuthTypeUtil.java b/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/util/AuthTypeUtil.java index 4847e1e3d05..5c6ea119e84 100644 --- a/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/util/AuthTypeUtil.java +++ b/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/util/AuthTypeUtil.java @@ -9,6 +9,7 @@ import io.mosip.authentication.common.service.impl.match.DemoAuthType; import io.mosip.authentication.common.service.impl.match.PinAuthType; import io.mosip.authentication.common.service.impl.match.KeyBindedTokenAuthType; +import io.mosip.authentication.common.service.impl.match.PasswordAuthType; import io.mosip.authentication.core.constant.RequestType; import io.mosip.authentication.core.indauth.dto.AuthRequestDTO; import io.mosip.authentication.core.indauth.dto.EkycAuthRequestDTO; @@ -38,6 +39,10 @@ public static boolean isKeyBindedToken(AuthRequestDTO authReqDto) { return isAuthTypeInfoAvailable(authReqDto, new AuthType[] {KeyBindedTokenAuthType.KEYBINDEDTOKEN}); } + public static boolean isPassword(AuthRequestDTO authReqDto) { + return isAuthTypeInfoAvailable(authReqDto, new AuthType[] {PasswordAuthType.PASSWORD}); + } + private static boolean isAuthTypeInfoAvailable(AuthRequestDTO authReqDto, AuthType[] values) { return Stream.of(values).anyMatch(authType -> authType.isAuthTypeInfoAvailable(authReqDto)); } @@ -67,6 +72,10 @@ public static List findAutRequestTypes(AuthRequestDTO authRequestDT if(authRequestDTO instanceof EkycAuthRequestDTO) { requestTypes.add(RequestType.EKYC_AUTH_REQUEST); } + + if (AuthTypeUtil.isPassword(authRequestDTO)) { + requestTypes.add(RequestType.PASSWORD_AUTH); + } return requestTypes; } diff --git a/authentication/authentication-core/src/main/java/io/mosip/authentication/core/constant/AuditEvents.java b/authentication/authentication-core/src/main/java/io/mosip/authentication/core/constant/AuditEvents.java index f46389d51a8..566996881ca 100644 --- a/authentication/authentication-core/src/main/java/io/mosip/authentication/core/constant/AuditEvents.java +++ b/authentication/authentication-core/src/main/java/io/mosip/authentication/core/constant/AuditEvents.java @@ -49,6 +49,8 @@ public enum AuditEvents { VCI_EXCHANGE_REQUEST_RESPONSE("IDA_017", "System", "Vci Exchange Request"), + PASSWORD_BASED_AUTH_REQUEST("IDA_018", "System", "Password Based Auth Request"), + /** Static_Pin_Storage_Request_Response. */ STATIC_PIN_STORAGE_REQUEST_RESPONSE("IDA-EVT-OLD-006","BUSINESS", ""),//not applicable for release v1 diff --git a/authentication/authentication-core/src/main/java/io/mosip/authentication/core/constant/AuditModules.java b/authentication/authentication-core/src/main/java/io/mosip/authentication/core/constant/AuditModules.java index f6419cbd278..0069e5c6867 100644 --- a/authentication/authentication-core/src/main/java/io/mosip/authentication/core/constant/AuditModules.java +++ b/authentication/authentication-core/src/main/java/io/mosip/authentication/core/constant/AuditModules.java @@ -23,6 +23,8 @@ public enum AuditModules { FACE_AUTH("IDA-FAA", "Face Authentication Request", "Face Authenticator"), TOKEN_AUTH("IDA-TOA","Token Authentication requested", "Token Authenticator"), + + PASSWORD_AUTH("IDA-PSD","Password Authentication requested", "Password Authenticator"), /** The e KY C AUTH. */ EKYC_AUTH("IDA-EKA", "E-KYC Authentication Request", "eKYC Authenticator"), diff --git a/authentication/authentication-core/src/main/java/io/mosip/authentication/core/constant/IdAuthCommonConstants.java b/authentication/authentication-core/src/main/java/io/mosip/authentication/core/constant/IdAuthCommonConstants.java index 3ef269091ac..04f3fc39f0c 100644 --- a/authentication/authentication-core/src/main/java/io/mosip/authentication/core/constant/IdAuthCommonConstants.java +++ b/authentication/authentication-core/src/main/java/io/mosip/authentication/core/constant/IdAuthCommonConstants.java @@ -445,6 +445,12 @@ public final class IdAuthCommonConstants { public static final String VC_CREDENTIAL_DEF = "credentialsDefinition"; + public static final String PASSWORD_BASED_AUTH = "PasswordBasedAuth"; + + public static final String PASSWORD = "password"; + + public static final String SEMI_COLON = ";"; + private IdAuthCommonConstants() { } } diff --git a/authentication/authentication-core/src/main/java/io/mosip/authentication/core/constant/IdAuthenticationErrorConstants.java b/authentication/authentication-core/src/main/java/io/mosip/authentication/core/constant/IdAuthenticationErrorConstants.java index 4614fc484e3..2dc9646cd6c 100644 --- a/authentication/authentication-core/src/main/java/io/mosip/authentication/core/constant/IdAuthenticationErrorConstants.java +++ b/authentication/authentication-core/src/main/java/io/mosip/authentication/core/constant/IdAuthenticationErrorConstants.java @@ -213,9 +213,12 @@ public enum IdAuthenticationErrorConstants { CREATE_VCI_PUBLIC_KEY_OBJECT_ERROR("IDA-VCI-002", "Error creating Public Key object."), KEY_ALREADY_MAPPED_ERROR("IDA-VCI-003", "Error Key already mapped to different id/vid."), VCI_NOT_SUPPORTED_ERROR("IDA-VCI-004", "Error VCI not supported."), - LDP_VC_GENERATION_FAILED("IDA-VCI-005", "Ldp VC generation Failed."); + LDP_VC_GENERATION_FAILED("IDA-VCI-005", "Ldp VC generation Failed."), + + PASSWORD_MISMATCH("IDA-PSD-001", "Password value did not match", "Please re-enter your password"), + PASSWORD_MISSING("IDA-PSD-002", "For the input VID/UIN - No Password found in DB.", + "Please use UIN/VID with Password Auth."); - private final String errorCode; private final String errorMessage; private String actionMessage; diff --git a/authentication/authentication-core/src/main/java/io/mosip/authentication/core/constant/RequestType.java b/authentication/authentication-core/src/main/java/io/mosip/authentication/core/constant/RequestType.java index 88733da11a2..870913f7ef8 100644 --- a/authentication/authentication-core/src/main/java/io/mosip/authentication/core/constant/RequestType.java +++ b/authentication/authentication-core/src/main/java/io/mosip/authentication/core/constant/RequestType.java @@ -21,7 +21,8 @@ public enum RequestType { IDENTITY_KEY_BINDING("IDENTITY-KEY-BINDING","Identity Key Binding Request"), TOKEN_REQUEST("TOKEN-REQUEST", "Token Request"), TOKEN_AUTH("TOKEN-AUTH","Token based Authentication"), - VCI_EXCHANGE_REQUEST("VCI-EXCHANGE-REQUEST","VCI Exchange Request"); + VCI_EXCHANGE_REQUEST("VCI-EXCHANGE-REQUEST","VCI Exchange Request"), + PASSWORD_AUTH("PASSWORD-AUTH","Password Auth"); String type; String message; diff --git a/authentication/authentication-core/src/main/java/io/mosip/authentication/core/indauth/dto/KycRequestDTO.java b/authentication/authentication-core/src/main/java/io/mosip/authentication/core/indauth/dto/KycRequestDTO.java index 90c9587478f..02fda3481ad 100644 --- a/authentication/authentication-core/src/main/java/io/mosip/authentication/core/indauth/dto/KycRequestDTO.java +++ b/authentication/authentication-core/src/main/java/io/mosip/authentication/core/indauth/dto/KycRequestDTO.java @@ -10,4 +10,6 @@ public class KycRequestDTO extends RequestDTO { /** H/W or S/W token */ private List keyBindedTokens; + + private String password; } diff --git a/authentication/authentication-core/src/main/java/io/mosip/authentication/core/spi/indauth/match/ComparePasswordFunction.java b/authentication/authentication-core/src/main/java/io/mosip/authentication/core/spi/indauth/match/ComparePasswordFunction.java new file mode 100644 index 00000000000..41464cc05bb --- /dev/null +++ b/authentication/authentication-core/src/main/java/io/mosip/authentication/core/spi/indauth/match/ComparePasswordFunction.java @@ -0,0 +1,22 @@ +package io.mosip.authentication.core.spi.indauth.match; + +import io.mosip.authentication.core.exception.IdAuthenticationBusinessException; + +/** + * To match Password against Stored Hashed Password and Salt + + */ +public interface ComparePasswordFunction { + + /** + * To Match Password. + * + * @param passwordValue the password value + * @param passwordHashValue the stored password hash value + * @param salt the stored salt value + * @return true, if successful + * @throws IdAuthenticationBusinessException the id authentication business exception + */ + public boolean matchPasswordFunction(String passwordValue, String passwordHashValue, String salt) throws IdAuthenticationBusinessException; + +} diff --git a/authentication/authentication-core/src/main/java/io/mosip/authentication/core/spi/indauth/match/IdInfoFetcher.java b/authentication/authentication-core/src/main/java/io/mosip/authentication/core/spi/indauth/match/IdInfoFetcher.java index 92c1585159b..2d168eeb52e 100644 --- a/authentication/authentication-core/src/main/java/io/mosip/authentication/core/spi/indauth/match/IdInfoFetcher.java +++ b/authentication/authentication-core/src/main/java/io/mosip/authentication/core/spi/indauth/match/IdInfoFetcher.java @@ -1,241 +1,258 @@ -package io.mosip.authentication.core.spi.indauth.match; - -import java.util.Collections; -import java.util.List; -import java.util.Map; -import java.util.Map.Entry; -import java.util.Optional; -import java.util.Set; -import java.util.stream.Collectors; -import java.util.stream.Stream; - -import org.springframework.core.env.Environment; - -import io.mosip.authentication.core.exception.IdAuthenticationBusinessException; -import io.mosip.authentication.core.indauth.dto.IdentityInfoDTO; -import io.mosip.authentication.core.indauth.dto.RequestDTO; -import io.mosip.authentication.core.spi.bioauth.CbeffDocType; -import io.mosip.authentication.core.util.DemoMatcherUtil; -import io.mosip.authentication.core.util.DemoNormalizer; - -/** - * The IdInfoFetcher interface that provides the helper methods invoked by the - * classes involved in ID Info matching. - * - * @author Loganathan.Sekar - * @author Nagarjuna - */ -public interface IdInfoFetcher { - - /** - * Gets the template default language codes - * @return - */ - public List getTemplatesDefaultLanguageCodes(); - - /** - * Gets the system supported languages. - * Combination of Mandatory and optional languages. - * @return - */ - public List getSystemSupportedLanguageCodes(); - - /** - * To check language type. - * - * @param languageForMatchType the language for match type - * @param languageFromReq the language from req - * @return true, if successful - */ - public boolean checkLanguageType(String languageForMatchType, String languageFromReq); - - /** - * Get language name for Match Properties based on language code. - * - * @param languageCode language code - * @return language name - */ - public Optional getLanguageName(String languageCode); - - /** - * Gets the identity info for the MatchType from the IdentityDTO. - * - * @param matchType the match type - * @param idName - * @param identity the identity - * @param language the language - * @return the identity info - */ - public Map getIdentityRequestInfo(MatchType matchType, String idName, RequestDTO identity, String language); - - /** - * Gets the identity info. - * - * @param matchType the match type - * @param idName the id name - * @param identity the identity - * @return the identity info - */ - public Map> getIdentityInfo(MatchType matchType, String idName, RequestDTO identity); - - /** - * Gets the identity info for the MatchType from the IdentityDTO. - * - * @param matchType the match type - * @param idName - * @param identity the identity - * @param language the language - * @return the identity info - */ - public Map getIdentityRequestInfo(MatchType matchType, RequestDTO identity, String language); - - /** - * Get the Validate Otp function. - * - * @return the ValidateOtpFunction - */ - public ValidateOtpFunction getValidateOTPFunction(); - - /** - * To fetch cbeff values. - * - * @param idEntity the id entity - * @param cbeffDocTypes the cbeff doc types - * @param matchType the match type - * @return the cbeff values - * @throws IdAuthenticationBusinessException the id authentication business exception - */ - public Map>> getCbeffValues(Map> idEntity, - CbeffDocType[] cbeffDocTypes, MatchType matchType) throws IdAuthenticationBusinessException; - - /** - * To get EnvPropertyResolver. - * - * @return the environment - */ - public Environment getEnvironment(); - - /** - * Title info fetcher from Master data manager. - * - * @return the title fetcher - */ - public MasterDataFetcher getTitleFetcher(); - - /** - * Gets the matching threshold. - * - * @param key the key - * @return the matching threshold - */ - public Optional getMatchingThreshold(String key); - - - /** - * Gets the demo normalizer object to normalise the - * corresponding(address/name) used for demographic authentication - * . - * - * @return the demo normalizer - */ - public DemoNormalizer getDemoNormalizer(); - - /** - * Gets the user preferred language attribute - * @return - */ - public List getUserPreferredLanguages(Map> idInfo); - - - /** - * Gets the match function. - * - * @param authType the auth type - * @return the match function - */ - public TriFunctionWithBusinessException, Map, Map, Double> getMatchFunction(AuthType authType); - - - /** - * Gets the type for id name. - * - * @param idName the id name - * @param idMappings the id mappings - * @return the type for id name - */ - public Optional getTypeForIdName(String idName, IdMapping[] idMappings); - - /** - * Gets the mapping config. - * - * @return the mapping config - */ - public MappingConfig getMappingConfig(); - - /** - * - * @return - */ - public DemoMatcherUtil getDemoMatcherUtil(); - - - /** - * Gets the available dynamic attributes names. - * - * @param request the request - * @return the available dynamic attributes names - */ - Set getAvailableDynamicAttributesNames(RequestDTO request); - - /** - * Fetch data from Identity info value based on Identity response. - * - * @param idResponseDTO the id response DTO - * @return the id info - * @throws IdAuthenticationBusinessException the id authentication business exception - */ - @SuppressWarnings({ "unchecked", "rawtypes" }) - public static Map> getIdInfo(Map idResponseDTO) { - return idResponseDTO.entrySet().stream().flatMap(entry -> { - if (entry.getValue() instanceof Map) { - return ((Map) entry.getValue()).entrySet().stream(); - } else { - return Stream.of(entry); - } - }).collect(Collectors.toMap(t -> t.getKey(), entry -> { - Object val = entry.getValue(); - if (val instanceof List) { - List arrayList = (List) val; - if (!arrayList.isEmpty()) { - Object object = arrayList.get(0); - if (object instanceof Map) { - return arrayList.stream().filter(elem -> elem instanceof Map) - .map(elem -> (Map) elem).map(map1 -> { - String value = String.valueOf(map1.get("value")); - IdentityInfoDTO idInfo = new IdentityInfoDTO(); - if (map1.containsKey("language")) { - idInfo.setLanguage(String.valueOf(map1.get("language"))); - } - idInfo.setValue(value); - return idInfo; - }).collect(Collectors.toList()); - - } else if (object instanceof String) { - return arrayList.stream().map(string -> { - String value = (String) string; - IdentityInfoDTO idInfo = new IdentityInfoDTO(); - idInfo.setValue(value); - return idInfo; - }).collect(Collectors.toList()); - } - } - } else if (val instanceof Boolean || val instanceof String || val instanceof Long || val instanceof Integer - || val instanceof Double || val instanceof Float) { - IdentityInfoDTO idInfo = new IdentityInfoDTO(); - idInfo.setValue(String.valueOf(val)); - return Stream.of(idInfo).collect(Collectors.toList()); - } - return Collections.emptyList(); - })); - } -} +package io.mosip.authentication.core.spi.indauth.match; + +import static io.mosip.authentication.core.constant.IdAuthCommonConstants.PASSWORD; +import static io.mosip.authentication.core.constant.IdAuthCommonConstants.SEMI_COLON; + +import java.util.Collections; +import java.util.List; +import java.util.Map; +import java.util.Map.Entry; +import java.util.Optional; +import java.util.Set; +import java.util.stream.Collectors; +import java.util.stream.Stream; + +import org.springframework.core.env.Environment; + +import io.mosip.authentication.core.exception.IdAuthenticationBusinessException; +import io.mosip.authentication.core.indauth.dto.IdentityInfoDTO; +import io.mosip.authentication.core.indauth.dto.RequestDTO; +import io.mosip.authentication.core.spi.bioauth.CbeffDocType; +import io.mosip.authentication.core.util.DemoMatcherUtil; +import io.mosip.authentication.core.util.DemoNormalizer; + +/** + * The IdInfoFetcher interface that provides the helper methods invoked by the + * classes involved in ID Info matching. + * + * @author Loganathan.Sekar + * @author Nagarjuna + */ +public interface IdInfoFetcher { + + /** + * Gets the template default language codes + * @return + */ + public List getTemplatesDefaultLanguageCodes(); + + /** + * Gets the system supported languages. + * Combination of Mandatory and optional languages. + * @return + */ + public List getSystemSupportedLanguageCodes(); + + /** + * To check language type. + * + * @param languageForMatchType the language for match type + * @param languageFromReq the language from req + * @return true, if successful + */ + public boolean checkLanguageType(String languageForMatchType, String languageFromReq); + + /** + * Get language name for Match Properties based on language code. + * + * @param languageCode language code + * @return language name + */ + public Optional getLanguageName(String languageCode); + + /** + * Gets the identity info for the MatchType from the IdentityDTO. + * + * @param matchType the match type + * @param idName + * @param identity the identity + * @param language the language + * @return the identity info + */ + public Map getIdentityRequestInfo(MatchType matchType, String idName, RequestDTO identity, String language); + + /** + * Gets the identity info. + * + * @param matchType the match type + * @param idName the id name + * @param identity the identity + * @return the identity info + */ + public Map> getIdentityInfo(MatchType matchType, String idName, RequestDTO identity); + + /** + * Gets the identity info for the MatchType from the IdentityDTO. + * + * @param matchType the match type + * @param idName + * @param identity the identity + * @param language the language + * @return the identity info + */ + public Map getIdentityRequestInfo(MatchType matchType, RequestDTO identity, String language); + + /** + * Get the Validate Otp function. + * + * @return the ValidateOtpFunction + */ + public ValidateOtpFunction getValidateOTPFunction(); + + /** + * To fetch cbeff values. + * + * @param idEntity the id entity + * @param cbeffDocTypes the cbeff doc types + * @param matchType the match type + * @return the cbeff values + * @throws IdAuthenticationBusinessException the id authentication business exception + */ + public Map>> getCbeffValues(Map> idEntity, + CbeffDocType[] cbeffDocTypes, MatchType matchType) throws IdAuthenticationBusinessException; + + /** + * To get EnvPropertyResolver. + * + * @return the environment + */ + public Environment getEnvironment(); + + /** + * Title info fetcher from Master data manager. + * + * @return the title fetcher + */ + public MasterDataFetcher getTitleFetcher(); + + /** + * Gets the matching threshold. + * + * @param key the key + * @return the matching threshold + */ + public Optional getMatchingThreshold(String key); + + + /** + * Gets the demo normalizer object to normalise the + * corresponding(address/name) used for demographic authentication + * . + * + * @return the demo normalizer + */ + public DemoNormalizer getDemoNormalizer(); + + /** + * Gets the user preferred language attribute + * @return + */ + public List getUserPreferredLanguages(Map> idInfo); + + + /** + * Gets the match function. + * + * @param authType the auth type + * @return the match function + */ + public TriFunctionWithBusinessException, Map, Map, Double> getMatchFunction(AuthType authType); + + + /** + * Gets the type for id name. + * + * @param idName the id name + * @param idMappings the id mappings + * @return the type for id name + */ + public Optional getTypeForIdName(String idName, IdMapping[] idMappings); + + /** + * Gets the mapping config. + * + * @return the mapping config + */ + public MappingConfig getMappingConfig(); + + /** + * + * @return + */ + public DemoMatcherUtil getDemoMatcherUtil(); + + + /** + * Gets the available dynamic attributes names. + * + * @param request the request + * @return the available dynamic attributes names + */ + Set getAvailableDynamicAttributesNames(RequestDTO request); + + /** + * Fetch data from Identity info value based on Identity response. + * + * @param idResponseDTO the id response DTO + * @return the id info + * @throws IdAuthenticationBusinessException the id authentication business exception + */ + @SuppressWarnings({ "unchecked", "rawtypes" }) + public static Map> getIdInfo(Map idResponseDTO) { + return idResponseDTO.entrySet().stream().flatMap(entry -> { + if (entry.getValue() instanceof Map) { + return ((Map) entry.getValue()).entrySet().stream(); + } else { + return Stream.of(entry); + } + }).collect(Collectors.toMap(t -> t.getKey(), entry -> { + Object val = entry.getValue(); + if (val instanceof List) { + List arrayList = (List) val; + if (!arrayList.isEmpty()) { + Object object = arrayList.get(0); + if (object instanceof Map) { + return arrayList.stream().filter(elem -> elem instanceof Map) + .map(elem -> (Map) elem).map(map1 -> { + String value = String.valueOf(map1.get("value")); + IdentityInfoDTO idInfo = new IdentityInfoDTO(); + if (map1.containsKey("language")) { + idInfo.setLanguage(String.valueOf(map1.get("language"))); + } + idInfo.setValue(value); + return idInfo; + }).collect(Collectors.toList()); + + } else if (object instanceof String) { + return arrayList.stream().map(string -> { + String value = (String) string; + IdentityInfoDTO idInfo = new IdentityInfoDTO(); + idInfo.setValue(value); + return idInfo; + }).collect(Collectors.toList()); + } + } + } else if (val instanceof Boolean || val instanceof String || val instanceof Long || val instanceof Integer + || val instanceof Double || val instanceof Float) { + IdentityInfoDTO idInfo = new IdentityInfoDTO(); + idInfo.setValue(String.valueOf(val)); + return Stream.of(idInfo).collect(Collectors.toList()); + } else if (entry.getKey().equals(PASSWORD) && val instanceof Map) { + Map map = (Map) val; + String passwordData = map.entrySet().stream().map(mapEntry -> mapEntry.getValue() ).collect(Collectors.joining(SEMI_COLON)); + IdentityInfoDTO idInfo = new IdentityInfoDTO(); + idInfo.setValue(String.valueOf(passwordData)); + return Stream.of(idInfo).collect(Collectors.toList()); + } + + return Collections.emptyList(); + })); + } + + /** + * To Get match Password function. + * + * @return the ComparePasswordFunction + */ + public ComparePasswordFunction getMatchPasswordFunction(); +} diff --git a/authentication/authentication-core/src/main/java/io/mosip/authentication/core/spi/indauth/match/MappingConfig.java b/authentication/authentication-core/src/main/java/io/mosip/authentication/core/spi/indauth/match/MappingConfig.java index 4f8e57e2fef..b7281c5acb8 100644 --- a/authentication/authentication-core/src/main/java/io/mosip/authentication/core/spi/indauth/match/MappingConfig.java +++ b/authentication/authentication-core/src/main/java/io/mosip/authentication/core/spi/indauth/match/MappingConfig.java @@ -1,245 +1,252 @@ -package io.mosip.authentication.core.spi.indauth.match; - -import java.util.List; -import java.util.Map; - -/** - * The Interface MappingConfig. - * - * @author Dinesh Karuppiah.T - */ - -public interface MappingConfig { - - /** - * List of value to hold Full Name. - * - * @return the name - */ - public List getName(); - - /** - * List of value to hold DOB. - * - * @return the dob - */ - public List getDob(); - - /** - * List of value to hold DOBtype. - * - * @return the dob type - */ - public List getDobType(); - - /** - * List of value to hold Age. - * - * @return the age - */ - public List getAge(); - - /** - * List of value to hold Gender. - * - * @return the gender - */ - public List getGender(); - - /** - * List of value to hold Phone Number. - * - * @return the phone number - */ - public List getPhoneNumber(); - - /** - * List of value to hold Email ID. - * - * @return the email id - */ - public List getEmailId(); - - /** - * List of value to hold Address Line 1. - * - * @return the address line 1 - */ - public List getAddressLine1(); - - /** - * List of value to hold Address Line 2. - * - * @return the address line 2 - */ - public List getAddressLine2(); - - /** - * List of value to hold Address Line 3. - * - * @return the address line 3 - */ - public List getAddressLine3(); - - /** - * List of value to hold Location 1. - * - * @return the location 1 - */ - public List getLocation1(); - - /** - * List of value to hold Location 2. - * - * @return the location 2 - */ - public List getLocation2(); - - /** - * List of value to hold Location 3. - * - * @return the location 3 - */ - public List getLocation3(); - - /** - * List of value to hold Postalcode. - * - * @return the pin code - */ - public List getPostalCode(); - - /** - * List of value to hold Full Address. - * - * @return the full address - */ - public List getFullAddress(); - - /** - * List of value to hold Otp. - * - * @return the otp - */ - public List getOtp(); - - /** - * List of value to hold Pin. - * - * @return the pin - */ - public List getPin(); - - /** - * List of value to hold IRIS. - * - * @return the iris - */ - public List getIris(); - - /** - * List of value to hold Left Index. - * - * @return the left index - */ - - public List getLeftIndex(); - - /** - * List of value to hold Left Little. - * - * @return the left little - */ - public List getLeftLittle(); - - /** - * List of value to hold Left Middle. - * - * @return the left middle - */ - public List getLeftMiddle(); - - /** - * List of value to hold Left Ring. - * - * @return the left ring - */ - public List getLeftRing(); - - /** - * List of value to hold Left Thumb. - * - * @return the left thumb - */ - public List getLeftThumb(); - - /** - * List of value to hold Right Index. - * - * @return the right index - */ - public List getRightIndex(); - - /** - * List of value to hold Right Little. - * - * @return the right little - */ - public List getRightLittle(); - - /** - * List of value to hold Right Middle. - * - * @return the right middle - */ - public List getRightMiddle(); - - /** - * List of value to hold Right Ring. - * - * @return the right ring - */ - public List getRightRing(); - - /** - * List of value to hold Right Thumb. - * - * @return the right thumb - */ - public List getRightThumb(); - - /** - * List of value to hold Finger print. - * - * @return the fingerprint - */ - public List getFingerprint(); - - /** - * List of value to hold Face. - * - * @return the face - */ - public List getFace(); - - /** - * Gets the left eye. - * - * @return the left eye - */ - public List getLeftEye(); - - /** - * Gets the right eye. - * - * @return the right eye - */ - public List getRightEye(); - - /** - * Gets the dynamic attributes. - * - * @return the dynamic attributes - */ - public Map> getDynamicAttributes(); -} +package io.mosip.authentication.core.spi.indauth.match; + +import java.util.List; +import java.util.Map; + +/** + * The Interface MappingConfig. + * + * @author Dinesh Karuppiah.T + */ + +public interface MappingConfig { + + /** + * List of value to hold Full Name. + * + * @return the name + */ + public List getName(); + + /** + * List of value to hold DOB. + * + * @return the dob + */ + public List getDob(); + + /** + * List of value to hold DOBtype. + * + * @return the dob type + */ + public List getDobType(); + + /** + * List of value to hold Age. + * + * @return the age + */ + public List getAge(); + + /** + * List of value to hold Gender. + * + * @return the gender + */ + public List getGender(); + + /** + * List of value to hold Phone Number. + * + * @return the phone number + */ + public List getPhoneNumber(); + + /** + * List of value to hold Email ID. + * + * @return the email id + */ + public List getEmailId(); + + /** + * List of value to hold Address Line 1. + * + * @return the address line 1 + */ + public List getAddressLine1(); + + /** + * List of value to hold Address Line 2. + * + * @return the address line 2 + */ + public List getAddressLine2(); + + /** + * List of value to hold Address Line 3. + * + * @return the address line 3 + */ + public List getAddressLine3(); + + /** + * List of value to hold Location 1. + * + * @return the location 1 + */ + public List getLocation1(); + + /** + * List of value to hold Location 2. + * + * @return the location 2 + */ + public List getLocation2(); + + /** + * List of value to hold Location 3. + * + * @return the location 3 + */ + public List getLocation3(); + + /** + * List of value to hold Postalcode. + * + * @return the pin code + */ + public List getPostalCode(); + + /** + * List of value to hold Full Address. + * + * @return the full address + */ + public List getFullAddress(); + + /** + * List of value to hold Otp. + * + * @return the otp + */ + public List getOtp(); + + /** + * List of value to hold Pin. + * + * @return the pin + */ + public List getPin(); + + /** + * List of value to hold IRIS. + * + * @return the iris + */ + public List getIris(); + + /** + * List of value to hold Left Index. + * + * @return the left index + */ + + public List getLeftIndex(); + + /** + * List of value to hold Left Little. + * + * @return the left little + */ + public List getLeftLittle(); + + /** + * List of value to hold Left Middle. + * + * @return the left middle + */ + public List getLeftMiddle(); + + /** + * List of value to hold Left Ring. + * + * @return the left ring + */ + public List getLeftRing(); + + /** + * List of value to hold Left Thumb. + * + * @return the left thumb + */ + public List getLeftThumb(); + + /** + * List of value to hold Right Index. + * + * @return the right index + */ + public List getRightIndex(); + + /** + * List of value to hold Right Little. + * + * @return the right little + */ + public List getRightLittle(); + + /** + * List of value to hold Right Middle. + * + * @return the right middle + */ + public List getRightMiddle(); + + /** + * List of value to hold Right Ring. + * + * @return the right ring + */ + public List getRightRing(); + + /** + * List of value to hold Right Thumb. + * + * @return the right thumb + */ + public List getRightThumb(); + + /** + * List of value to hold Finger print. + * + * @return the fingerprint + */ + public List getFingerprint(); + + /** + * List of value to hold Face. + * + * @return the face + */ + public List getFace(); + + /** + * Gets the left eye. + * + * @return the left eye + */ + public List getLeftEye(); + + /** + * Gets the right eye. + * + * @return the right eye + */ + public List getRightEye(); + + /** + * Gets the dynamic attributes. + * + * @return the dynamic attributes + */ + public Map> getDynamicAttributes(); + + /** + * List of value to hold password. + * + * @return the password + */ + public List getPassword(); +} diff --git a/authentication/authentication-core/src/main/java/io/mosip/authentication/core/spi/indauth/match/MatchType.java b/authentication/authentication-core/src/main/java/io/mosip/authentication/core/spi/indauth/match/MatchType.java index cc4d4343e12..6feaccc5d3c 100644 --- a/authentication/authentication-core/src/main/java/io/mosip/authentication/core/spi/indauth/match/MatchType.java +++ b/authentication/authentication-core/src/main/java/io/mosip/authentication/core/spi/indauth/match/MatchType.java @@ -17,6 +17,7 @@ import io.mosip.authentication.core.exception.IdAuthenticationBusinessException; import io.mosip.authentication.core.indauth.dto.AuthRequestDTO; import io.mosip.authentication.core.indauth.dto.IdentityInfoDTO; +import io.mosip.authentication.core.indauth.dto.KycAuthRequestDTO; import io.mosip.authentication.core.indauth.dto.RequestDTO; /** @@ -41,7 +42,9 @@ public enum Category { /** s-pin category. */ SPIN("pin"), /** Token category */ - KBT("kbt"); + KBT("kbt"), + /** Password category */ + PASSWORD("password"); /** The type. */ String type; diff --git a/authentication/authentication-core/src/main/java/io/mosip/authentication/core/spi/indauth/service/PasswordAuthService.java b/authentication/authentication-core/src/main/java/io/mosip/authentication/core/spi/indauth/service/PasswordAuthService.java new file mode 100644 index 00000000000..7b22ba59bf6 --- /dev/null +++ b/authentication/authentication-core/src/main/java/io/mosip/authentication/core/spi/indauth/service/PasswordAuthService.java @@ -0,0 +1,4 @@ +package io.mosip.authentication.core.spi.indauth.service; + +public interface PasswordAuthService extends AuthService { +} diff --git a/authentication/authentication-internal-service/Dockerfile b/authentication/authentication-internal-service/Dockerfile index 7e27c6b8402..b5239d29a7a 100644 --- a/authentication/authentication-internal-service/Dockerfile +++ b/authentication/authentication-internal-service/Dockerfile @@ -108,6 +108,8 @@ ENV current_module_env=authentication-internal-service ADD configure_start.sh configure_start.sh +ADD ./lib/* "${loader_path_env}"/ + RUN chmod +x configure_start.sh ADD target/${current_module_env}-*.jar ${current_module_env}.jar diff --git a/authentication/authentication-internal-service/lib/libargon2.so b/authentication/authentication-internal-service/lib/libargon2.so new file mode 100755 index 0000000000000000000000000000000000000000..bf8cad86215db71654f7a78677f67f88ffd5d3df GIT binary patch literal 194040 zcmeFadwf*Y)i-|5OfF|a$eBRIps0h6kjTXhpeBNlArmZ$xiZ#+1Wxh5uUz?dP8n&2KiH3^c zDoF_l`P*cscMhE*Lxj^&c0 zR+82aPLX=q9GP;u19*qkYgymhn_p{{NqaGVz45yYzsvD+;K!#gepd=ef-Oi=Km7We z@hpVd_zlJ{;oU!6J}I}{{_f#^KR&SYXj(x-#xFlOIyyaNYU|ohN-QmJ1dpff`SHX) zea;N-`PNszSbWz@vzrPEKRWc;Eh+a+YrMN|?9jS$b?uwGysQ3x;t|id%lD^@*w*&S zR~7x#E5`40ul`llC(rMA^_7#CZNGQUAI;*s46Kq(D(l`cX)U5XI-*2u5Zbvb{2f1l z?}J>9F8C~lg1X}KOVDNcF+|c6x*ddum3=~-XGxe$`8Zj%xfMM{RP+Nv2TgiAI}V;Q)Q1nn>(PZB29a); zGNt+&2gzd3$0i@q0fCLy_ctc}rcU(hP5NV*28$^DQbB+51^gx8DSyqS2L0n^$-5B} zzsjuFl_uVA@_(fh|7T2mb0_?*QTk5$y1~S+F!9MI|6iE+dXrBSUv0|MtQv&(nDkeh z^ra@BsGQ*_eJ8!VYSOoK;{TjU@1TRkb1T|~&!nh4CV#f0cqUJtHD})3$(2=8=2uOg zEKQz0cXpLDc_spBvbUsY^7I+=XUv*iSv6yRNl`)hyty+)GF~dxrJ(=l~XUv^8Z~Bbs9g*{= zEHn|*yP`6Y?Nqb7B#UC(>84Mnyhd$i$HVanlNZdGKYQi_amgk|Le%#GzY=wgC) zh@$Kc@n|%T>+A~)isgzUn>=Iw{CV>y&zVtKIb~L~@uJN}ai+yuxN-(80hDZNYD221 zDw{uJ3Mz-cRWoAI`{vD_8;i_X1p7hF=1!YaK~+{jy;UL%(+@iEtG;BmjkA`Q%zh=K#KmShlBFje{}rZD zNzxl8uBtcb6Q%WLJY)83jOYncvl%z|Sz`R6^U3HuaFyvlLgu_NiZ3|+Q?=m=5g)=hRT?f8@oN~T%EHAWekJ2nNjP7`FJYWrA)F)PJs78I!VVEn zVVq4Lwu`uhaW;8a67e%XMx0F@K6W06tG{KOT`1fl;s+RK*9kX^_$7$XToJkY8WC#2 zo5BFJU?PJFT6UYJf1~-^(iU8V=HFLgG{5bhNXtz13Xde+)5unyIas}-7A&EX;7xxP z`LBD{$bX*s8_rub{g~De8l}k_we9DtGQsRslUb_4%*fxFU(HQ-fsa((U-RFz3>hGj z{!LY?7PyJ>h6+)`kcL0^Y)s4nLOyY!Jl?qw+CNIF?iRiml!n|WKie!nOqP-6dqn&D zBXU*2{A_>3Qr$-jUeq1)YqW)mpzf5Wde(t`4XP=*>H(qtpxJYqpgD^mMnn8&1OI6U z{DkrPNlpJA<~(t_7D%`{3%oSli1qvnt-$(a3 z9eGVaFzXn+%dX=+}1{v+%ym}u(#TR(a8A7@iSm`{5&=+{o*~U;$aH`ARX7|sl zb+!PbE?X^Pjq0*@gje|9x`w8$E_EX6)+3PCt?vpoLnb&6P2Zr_K8F-k7DalTj)1{O z3!r#kAi?Papg^Ds5B^kvLL;!q7pxMrcIJJ}sUYy_t@FA=_mN0ly;@fTWKrGMRcV?|9r*P9 zq4$wgRCl;4Tl2r|#DqeUsxA*aCPdR9A~8PwTOX9yI8rF@N2bP~fQO+@KRpwPxazgQ z6G9hIeTGoIS{DQ_?UD6V+1>ZJC%Nx&-|L>-xWdQ|6@+d#Is6AWpv?}xWpcie_*mIT zL)Vye^Fg=f3tGqHu%|T;JaTZ^iZ!PZh8N?H(J$AWW4ydQet_{w_!D{r3|64y*zfCk zpB$-j=0|_`Nr1FaI#|MBwZ@q%;{1_Gf1hMfky2291#W`6lm9a4$+0v4SED();1BMd z`1_;OUGled!T+{sjxP9HF5rJvl)58-*QxMkG$|U>@TY5O6XDec3jS)X80r2Pi=$_1 z`nmC%enQ{HwhaZ4L}M!ep(jv?LH8jTUA)-qbx~e}UuYp98>RpE}W~cv%j+4{t!&-e1Ld z@h*5oVxtD#V%(_VaV~Pz`|{4H%jk!-Ixsn>)}{gW>ZiQ=hi?7-(9NgFyKzkm`1ta^ zUwA*qEBI;rl+b38__0iK_+v2ego|!g%1=opE_>T7U9pUhIasK2@k$;zgfz z{Y_W-BUh=*O6VIG)=qJ&x1)T?o#H8-;_02@nVsT&JH@Z*6wm4u-_t2BkL@T=-%fFFr+DZ3 zPwABYK&SZQo#M}Qioe{ceO~Vrf3s8ktxoZG{>6Cb`uw<)Jim+QC;WvjoP|f<#@V&& zl)e)_fD6V#ePihUZ`nDULPHUH^oUnqADWnlx%5%5ygqabAWR4K&%MF&f%ecSL_PXZ zcn(eeM@UA@t8eh=t={0IK~m^=t|YySDLRnreezeKbY{j1RFikdb?kOmCe{b}>gtW! zo3i<6`e{vld7TzqqG0?{CwxPe0PYQ>BKmRo{FnB!i}L=!r+cEIzh%DDr^3FyC-kU{BJyY zdkcaIJ*!f*r?f!EM$MJcba$hxK3b2ABw&(3t!Ou~qSc4)#!SuqRt*b#BOiYS=&CPt z?KrqB>L0v%GuJZ>THUFt;ac71>V8^aOev--+yxlo(>KDiN1C;OmGMhl_24Pm-K%f+ z>6nmct;fB24OLs#(8=E2xWWfh*mR60VLiAN^Uy%zfvFD3UECi~F$FeetBwI~g( z0}xA$walsM+ak@F*RIdxIxCR)BT%4_G>mLjwuA4Q{7;zmij9hyN{3Og)~Nu2nS5PD zt^JN{>o6F8r`Co5djhv)`e;b!3IkXPzELBJ-LL6i`GS);z-@w_Q@p{~BneBT6WSld ztg#@t*cS2R?W!z-TzVTOX$Dn>LQ_El@~ZsI@POx_pKu4$Z)528_PO%37`a4<nc(pbMrwP>zXN*J@p z@LjNxwJaP)6&j5tWZ=M&0JBivqW#20cn7T!4xqu@*HErkDyr>o%)TG-PiI_eWZX`qOP| zfra?pY1aayLT5)vQYbk~m^OTEqp)u)CKrJ_`_%1FYun(f;`SKyb6}9^U*eF}+Dazr zAFhS!B|XE*UoIqBW zdi1u!<=8;ks0B0f3-wc4!#;=B4bCArqR|`7_)ycY@#*uiGc#Y&g4Z2_xrLhgF>BS+ zg>VTDcW?}h>mR;gd80CO1^WvYMoMTWXnc8xtB<_%Iogy4EFYw`?GK%X>(fJYFmc0_ zTmRTI;33F(W?|;Rtakeg#OhHA+1ns_V`!04{MQGcb7KkS_Mb~o>&`+hKbk{kn+z{Z zRUiEv7|dep0=K3%B{JfjV?6YAj z<4mZ>aJ1TlK6yLm?{&l1xc%o7syF!)oH8~SP{91Zvj%YR?VAy6_M@hatZFY*QF!?9 zML>1%zx0O>L3bK<0M*(D0Qr|FR&^jBbiwj#US#yLH7ULU)6r|n#p`K#gSeRRPO0Ath zD%diqYQR|v+=@X{t>qT!8rVY&Z~9G%{~An>A{dXw##v*#J*>gZ9{AY)?i!4p z9pV`8I>f*36#t5GLsMd(uW=1FE+~dkzqs8&djiD0qfgvY58fO&S3Mi_2-}HUmR|k5 zS3g4~}U&#|rP(ObNMBFU}3T$su63%yR(f*v_; z{L=CcsE>-JI6N`NFRPlKV2K;L4#pP(vyfs1Jd6U|fx=9)g!OQeU6+BZ_8-yO?8WAOQFD@PNfSz?1+wGRUv8!y^5s820`u}#Mq z7eBrY16Q;BF4MUU7rF$!s$Jil1SP`hRwo%d>)~!_fVlaM*xB_TDvr~d*vuAwdK>Bs z2AEH&wT*R>+M~Z_lmjgyQA##*3K%#SY$jK}nL ze`o@5rwS@$weBlwt01dA-_dA|Tt+^Jm{$kJW7GU-=rU0XcFm)u#Hg(Xbq=Z11LJc^ zeG~&SO0iVW4isozfod3UxCU@;O(J40-s5IIFa3FFC1Qb_gTTYiFfS-eIM@G z`~8-?IeXXM-2UjkmzLa~b{iKQ-}{0$O~f3>`=+w_?Gv;1+3thwOoSvItVIKYyY!gC zFLt6SJUC+rV44O%1Axf_4jceL7dUYM;2=;60IkebOW@`l0u=y6_C)~lHE5;=f&)fV z8RrjxiwW}p0`Nq_PZ@BjZ)oL2UtnC07PwXm+=|j`ovVzbGGAZ}PEMvde1ZG3e1W@B zMy>OCBMoIP$<&69&-dw%83#F72^HxdkmMDEWRbS^it>>I9xF?HS{qskSzdJ3BgOm1 z@IP&-t^4aN94$QN+ysmdd77CA;Tnc(?tjPq{R?~iS7<|VQ1;gG>o1#pBxXsAc-bw#dSw^%(QHPhShK_<%Gn$JTl zdy#xhkZl6Pb(;LS7U<&ywRby~=iiUDF8&%EXF0TnMzGma>v}8k(YpbE!{Y+?J zvo#3Az&_=xn4mI!`+8qqn_9O+tn8p@N|t#-eOQ1#XQtWaMp?5h*&CsK2Eh)s*}!<{wC%eqnVK}r@99mCEZih zQQ}N66#9%~q2VvZaDPUv^?*jq0frN3TE_0i$Joi*4%3ZpdL086n_k%R!uCkfjUdr2 zfW`@EG!}x1ngQAY78)R0HgU88IslF`K=ixB5e5h!m6&IMxyHuVI_`jt#yo7}{JYV@ zN%*ChEjre&rdtrdIoiZy(fp&)yz_2$L`l$UqtR;fZq6YFksNh(lK$w|5FS?n+8sW9 zvjCUykFc zVT7ce)rrYQ zG)XgnWi1TxbgAI(%dh81-Ky!`v_N-1BAPx9I__R$fY5RGhYS!p?*5;`bEYjiL8(F>J_)_(5 zjSYH+mlkE8^ZL&z>Z824;tix}!9|e%lp(z`F5ny7Hdgm#;V7cb8}ubg5L`1P*8&Ck z*k_@fuj-5Bli2mskq9Md z5_Jb4v8O2>%#ae)rGLeqkx?(B2+Ytw@5J5fUys5L*O*0wUJyLblIOxL-r%w&?1>Gb zWDWNcjOBN-*1E?lZwQDIwT3T}i-L>QnnG-51xu`@;Tu_IY(K+&YC}RbPJOX!+Y6k~ zplLu^mg9sZ3Go6n>EQD--8vdJd=fc@Kj4yKmWbb5y!Ra4<2Vml@J_iF8vG!gFbW6wt? z>|atWsdWzn3@mFw+j#Ylu+w4D9ywEk*upF=xY!Ea9Du?@Pl3Hhet~4|`)OR>)4tv& zy*GQk7W5>Sdi`e=)lc(upIQ&Q%K?AfKvL^Y0wq)yyuXw>V<+fn6xrVt$@`*8JB8gP z?<42Py4?`erF#%B(hvFcld<*n|JV+GFIdLxpsw8xaOVKqFs+|pCni~I_%himZ!~P7 zC|G_`P59dm`qu)z*bj_OU>_SO>4#2G;xIZvYC?M-2zQ4$%*6ecUT6x-a=Ti~Ezr^G z>m~ip&m4^`=fekMTKp3rEH=Xdgn?eVeKhz&)g_Lz;f+AW@1I~r_=bXZ5Q{+!?iXAO z#PV9J+Y48x)?ORcI?i>jqN@F0Bd3O&D$6pML`SC9*+fbUQ*iZCU#D5eqxUv|Ow-5b ztG`~SuHK=^<27?YQ|mU7RM-c!`DP7b*;`zvqQhIL_eb1EX4ec2K8|_?tbt#Oa>W%i zZiYi?#yk^%on0R;z5r8R&VvI54gzrR1z7~(+%eh$fNL+vC6F6RMhR>4DFqhjXRw24 z`pBc9!;BaypNCoyp~LL3*K;-YdT>XPH`K(wmpM3x2S8oi*F+FG_+H5Kp}AjU-bch1 z;)Ln`IXtE9iGhL+UdgAP^+Qv=PI^H+&1`9D@aC&7yO!MPpPf}}7L3WPI zPpm5f;gj{X>(sh0fx~sCe03T75Aa$Li%_-hFNm4Vc`bIHkZbwdKxw$eSIE9q`&Y)m zxD>j47BJ@HoP@x8!6zI2SzY#oz@SfS?9=-~>vu*X@{0x`?lr=(;|j~?q5p(C(Kp1L z)^D*np_%ssG2j^6WqL@h6?A}x~RO^euTU_r#%N#guf7#dPg+! zZ^V9>7$v>gP4FL9_>V};e>A~=(10<(s&(fmKE{AzEm(;v#5sN7FsAsj&lSmMh5NvU zMrbuQzBSW-7_EW)lDd>F>(!4G>HA~r4>I-XxOIF1Pp^Mtjn{wF7)i*r6kNTJoUZ|s zg^>53x{&oTEzpNNicV~dTiyW9a>YQp&-5YV0wp8pLvl?Y!U=#mj)rY$D03X=-81*8 zCgDlwk}%Sgj1ZnA_k8#ZAYAp~OA)wHfNn1UQ#z2`v*8UuhN`#IoawLQ@7J!ebTZ@T zfiUmaV&S7MyBD5D^PkVhNiYtFz52&q{e5is*+E7{<}4_Sb+%ugpswBe#zhzLZYdi{ za<8SL)!JE5W6Y+;;!YJLTdM#1RpzbZv#M@5VLPt+1H}9H!RYQw5tF4f zb+v_4r6jd(6=u&KYpvjnq2Hq$V3nJ;S^E>zF(!{%SB~hopa*@=EWdXWCsgQqVmLh? z@-}lgeNk}p>0gSC>(4{HpNZBBe+YGn{rD73PlIH*u$6+@;o>w*M; z54J}1UB;A4TzTa_^w>%~N;>+2*75(1p1OT znksxA7}Q206a9#gmuHsD7<;kr~fti2OBX zTr=a#&3LgHUtz{4n(?O)hO9Vv<5+Pig+hm{K(k?hNJSJjB9S!c&X3yYM{HEMLPfNU z+w9dGnDs`StfHB#Qbj*`lv7VFfO{^cadzw4I8O-U{LD1Yc>jkcWL9rru@aY6KhC>3 z#vTtYC?U6*^#P1Xuxm`T#lj^C-h^Y6SiDGFyd<3uPY@V5L<a+PH2AKqSpQ%7z_rUt2r3pZ}=BL#OB9tF*V}GBD+dzsW@PZN|F_v^_pr_HIr7#LLCsP7W=`$m-F*RhQ~esOk63GKCB3 zs>BYXv{~}&IFO4D)N6U;HB)O^_b%OZQ++*y>@!%j;?fFMf!lfWoU1-g{k7~(n!MBO zACOF67d{VD68>1+;tFbT!C$~`F=Iu|P^rriDapjxy@}(tyj%0Pv|+-BW%K*&DTv`x zSztsjO&^htq7*G}-Tb5BSCM9n$3j0?Z(B=?vNuvSs(%fJ8$%&~gQKQG>`?i|Kymc1 z`!68bS1Y=h3srD^oqe)MZZ+pZi$Z_F$zyaaWsF;Fe0AxSWTOwn(F&aV;rRJb1y}hU z=R@QRH;DPrk?4GAQK%T4%~{sMCa*ak!u<^obS4I2vCO`3dDUbrtU~a;D_{@ys6B8- z5gr6A`@3Pc9G;_NH%ynC&s9BLFtb$4^3)`;a2uZBoPV@Kd+69OXtzx?RMaqW6+HAb z76rUeCnf?c9j3}h+=+rIHVZ@5|Q20lJzNU@gCh2VW4bjpHYQaEdh%t zpu}<(BiGsRlPFx@gk2=7Ikt^KiSB?zBJ2rCh8WW!d7vkpkp7AALxGY@kUjHk_%8T< zOiM7f7nzQ#P#PETTn!2E2NM-7`+aZrVL1f9B%IU?Y>x>arSF1s!k~Pel(!DP$~FH; z*o!obkl|5~sZc+LtN)vUp+Cj$EW95E+$%WXW?}(?Ngq5nNd5p~ci>{N1i67rkesvO zTkxh8*DE)O^-9k9@J&F7ovuQu0MdaBf5Lk(zYo2)o<*Q>!&?wtfsL%HOL;yI2fAHD z38%udK@l6@#CkpMJO%058{*P=KhPBkokSkP-`?S>cTd0#Gk1ymogbm!PjJ8eAcFDl z7O!oG*x`bUTZ@YudVHn*qmmu`K%|JX>|0k{9VQR?ag z?$%HBb>z|diOBq++yC{otvmc*4!~70TeB_XKb^Q7*ZX=vHn%^VpdW)Q*xcVNLC z|Dmr#=GISIKSDnLHv?GywR#A}Z(2S^_URuNDz!*NU;v12}}ooZAlAm? za5``(GcY+TFi+7xj@whiS_Jo<{s99KcfR^yw&JcC=~U}_U^vEW7MS zGSKQ;%?eL$)j#lubNr`m>N0);NSn4<)6c*udf)tw@$^2}kNa4@yzT0;g`mLDr+cSu zE|Tku^agM1c3<9R?4vL%T?rh7Pi}yjs#7;1ux3dgn9?ONU@<2`7jORdHGDaVW|FW6E9F>0SduKbz^#Nz_H{^t0os&{UR&oa=~KQ z<33!RX3i&#oLD_q&CoFHqTq#-Sf1jIo|t0NL7U7)eu>C@0>o$ph$)Q%WdxX1K_E17 zr(xkOh|~<1s%)Guztcj!VBl1+sn$oFN_)6dEAGMiJKW`_y{c=AVLO`DtvCA*$;ZQ3r*Mq77jdEYJ!(!Z!{Z@_HSeiLE z+NX&b1dK6W>l?!T5P@+f;09jIi0@dq-@%$M68;{kq2+JK`5STH z@+0xu^2zZyrO?0Ex54G)bZ|9Ua5eLh3!4C#QiocxTZ(0uT6;Ns1${{?3}5q~lhviE zz`Wr^!{dw*ez$cd4y`d{g%Xfk%iF*g0+xnIEzIF_tfYL|-|+3P@g(q{!%gzdNN%z^ z7u+Nj1_~!>!S1{9?K5An`rMnBgRgj%24^@pP4GA3O71tj(z*bdxv`7G&4l2ik@M%z zx9;fMe02?;s{I%m4%q)(Qv-+KS?3LwI4ydEPxX8$HF*7>TD{qait_fUOUI*BCc;R0 z{8p5`k5aw!7Mu1wq#9~SHAhH=ZT9Y?AyvFYM-7Rv0-n`9#98^j@o$ebAftnY#2pX=%anP@4FBLmJq@q`biq zeYEV)urn`LJ^ZGy#^7XJ<(M0psbB046lHk>6CCEg^4(Y}U_T;Kh4=Q4;GGe$#y;D5 zc|qYC!;Ft$zSShp)W<-bMOXn$kV5^VdHNd1XIZhcpXy#XKFf*j&h!31cJm_#KM7^L z!9JId_rAnbu=UIB2lVD(#_c#%wPb(HucX-cjT9_OaMtRtw?yAh^G9sr72^e&Yv13x zb?XY8x?{21iaClEPD%fGA zzjd@3K421R*@&iKLq~OZITkB=c?Zr+iiVbz zdK)%4@Uo~+J_3r5;e_OfCV#8BnsIF~6PsYTIHsCy96M!an%` zd15A=?!kJ`h2d!uMyl;XBD_kFub{tU3fAL9TxI1KOdobkzRY&Scy?&5w(Am8qF?PM$C zM#~OdiNuz<+$>U2tT#|xj5DI5p`{gW{kZ;7k&JIK9QHP>N2ObQ@|U37fVaB6u63BZ zHEhX5BDnbEU65frnlKlQ;T0EUQD^w37GyZ$!Du6IK*^b2*8%VLb$HQMefb2c01+#I zo`?$#MMEnVVIf{5N4&Vw>CusV3~zvbk5@kBy_C^mbyvchp zUGTa#;`%6xJB9r+q9GaZNt&#XLon((02>A`zon zt0tfGx(*uGMzIL~91Y48O>XtN@ajn}vZEBJ8wDX(kzTO~g|+J2d{7Iy9`WiG#Xi?( z+V+irvOM^*2Gc(miO0RX>Pyo(;*$>=8AZYguj>;wB*@7KIk+-+Xz~YM7q+M>6#X+A zkS3pk4HfBSr6BnLEWllc99wX;*sE(3y{;`-s~`<0O}GGzMlRBeb2NFE<~pu5G&sEa z7Q9a^V->ms>#!R^xMgf`L~mhB-e}WqF`5=UkMnIC&F*udYIs#`GhV;Z%CPt|iwLG- zdn6;xs~6|{TwBC0g0_8~*iry4m$sMM14b_IMyI4fg9(jhydR+P3J&)YE;f5${!>0zi@2YwulMTt$IzYCmz&216Z+x1A(kS& z6rF-MbpfsN4acnmweFI$a1p`Gbbbu9bPj$AV}Tav=?nagr~kgd(>#}n za{^l6ZxS$Zeqf7l=r8f@J3d zvEBf4I)$>)0grp-tv=V6^a@ybn3{n zN2$E}jRPq81ZYm9s~6&?zN@VWK7pRN0e8W`dry&k(5;_Cw=9wm^Cmbgz7-O_U#R1* zK`XKHX}s(Y+M}9l6B@rrK353KbRD6uU>U7mI2pKtLc0AXcmr%zdQk?_@u`6#c|#F| z^s(0#$wz#yQ$BsD8+MPvisVyne)!9fS3VCyIK%y3`9oU0eA09g+kE;9Y+E3UTpMt0 z9&s9@SN^WZ^`#fizuh|^JIG?LK2zUCZWKVqYNrw}BYdlWKr_Q6;d*A%g{>MC(B*No zAKz|3C&w&0Kx1du)rH1k9_X1EG%()5p>aPJ7nx6La9nyAw{(z-_v_(D!l)HnZi_ka zQPJ{7G*UJ(o)`-Uim?!d=`V;*hDOAV=?(lK znWAmq05pvOH!S7vk)c`i03S}9T-Z_DX;>VcUIW&^P`nR=mA?_bauYwE;A#+l1Vhgj zDEBk3yc1s`a_!-;=+p0BWSAga-X@ubKpTw7m#5hO`kzc+k@uZ$f)iPspA3o$4Qm!nGhLT5zt=HQ!VMANsH1R^Bj49huH{KD(4ZlBu8Al8(8Ec;gEO>^z+!4o{nph_CedxlxSs4p**-ow< z`fhxN&*w}H7DTW!%0}VMi!82p1IcDRw7{^e@U=jh=O(pIYB6RdY8~HOhow;2ah77* z1H>8T+RS~ACmO<+2`)8|Omb}wy^78J@HBzS$MA(ST~#!f4Ov`{1*hoN8! zsOc-66G07F7^tH{a}cUH!NVRc=c2nfrUE1 zZWL#<;b|b{oh8i6UlfvR!Pg8C(e=%$itpqd4LyZ}2ebn8ZG7!;IpTtMRQzx+Fbnm4 z5wB_Ud;v?M*k?tJ&j821>m2=P@^r~9z9l_72AGKH(yim9TdS)os;e9o_&zbdU+tJ( z>9}Qr&lg1_S~YK;qq1z?{HjhkeCK+WRE&>RFPt}jI`g#?cE$?Q@l(pHI+Dd>1c|${ za^AGr_-yiY2fuaPk@^P`4c;^Gx#iB>JKzLa$?Q2Z9Mk4iwo~#`+0q5*alCsMi}D;KJ#Z7?c=Ddo>u0-XUZ#S0P|)#jJ!s9 zMtaed8{Gp3E{^JW-|5LN`!nSnAZD#~Z0 zQ;Dy`OVY%@!yVz5i(eLgnfNLAwY>(!}PFL|;Y%E~xlrW4OR=3jR@f z8D~0qk)C`>8?7JtM(a*q%*XOr7U@|Y@yx>~TBm4xk}g{3c%GD-d095gh^CP~Dg!`~ zm;A|(c~~Z8U^%2^NdBxZ`H@$Ymc03pH+eE2d65U@B^)i6yvd7s`H+_UNE@vKc}Hc7 zwrNxz;wcAtl8))*O`hZ()gyV5U-Tg@c|_Zb`N)I3CPh-R)neVp#BW8 z$ms*655!D-I>J7<-0>R1#n`CbO8h3YC&KcrXdfus_W|TY`1UrGgYdB(k%$upG2(Ny z8^Usgk0D%)@HvE!A$%L*r#L=Kg)yY!no|kF#kjoq9Ku5fASc2;_!v$C49ADC55n^A zAU8ts&Ls3IKX|(&FS5&*rY0*ZpkF6&I8~NbJrjxK(4f=oH>YKeRl6-zYNSz@48LZm z^GaYveh_NJlr4SG)PNiQlEqaU4? zGg{DlI@5E__OI|S{}=hM{1^Fe{TKLC?`KVVm}%@GJ_G%B4cY-_6?=#u2>dIZ@WX)j z0RKGj;{UpV4j!YPms&k(4u66-Eyr47Nl9}61%*RBnov0P&HuMUf`7ORa!Bp^*1FVp zy=>XorMkU>ALZK$es=hc&T`WaDZqEG=UJBD1wH*$8|3OtKM?q1z<1_PzZU8OKMD92 z;LBK!`LM6h|K(!w#e?{`dKbp(4HGr(yeKW-GLzQV*~nSnx4~xx_|Pv$AL8jx*8tCt zI7T1#0s7Y#;MWjYm}d7|EDxrnDei9f;BSG^4@sAifd3BzepmEo59#KBU`)3=@K(y zhammqV{C_|^pE}|G=^fm2{O@S&>k_rC_F9se+NFCuU`~pj&K-$sTj{3z@H_)y&nsG zdf>Ew5#NnXL!ew9D}a2aT(DDIJYEY|<(LN3vPh5rYidW@?f=q0XS z_+tHHT&!Q*owmYi{ar$r4#6GO`={Vnit+f4xOQ}c^>@HOkMWsrm2+J3!){BhvmhD= zB%>oxo<48@Iqyayc^&2HdOTWXu?~ix>tZ|-c1V7lCpa1-5x%S<`C{$VNq?5&M(AxL z6t@*-^ghh!19U#N;L^m$5`xyB32(xF@izFqf{URXSJ+-=zqmQBU)0FfVW?M!ej)6D z@|;Ef7R*Q9Gxc`CcpLABnk`lZoVuuAjGqr3ycF}9ms1USF5nkGejiJ;{HjZKqPavr zSP6dhA4Vemz%KgGemQ^I4Lrn;J;ZZ9)eOAwWa!UKWIewIeiQKH%y#-2{Z!B@>~jqJ zjc8r##cZfCaUG@ro-3;$4gp@Y_hFcqZTbl7PPW^GSi86Tqq#;$G2D=+o3$RC+x^lw z%15~tgU>4;V|?gnU+v>SLCoIaD6G@0UA9-DQC;xc3VzLdVGr>0Kim(;!PZBBRcH5L z*ge}Z0|Q*!XOYM?fTIub1A(_=z8S9%*24pQ7Vy1Meq6ups-O7MR;61%Q@X5(@F?W> z1k1<#b)H#|e`-f7dRq^7ZI{MG1N{E|{JRDI-2(q^fq%EazgytnE%478VCE_Wx%`_eYzj7zw@2^yvS$iA(t6!BkB=(KTT7 z|K03k;-l&KHqktyj&V+h2TL093* z0yA7{hQBhyKbqlcGko6Eqp7}_%wq})ZggZ#m|8uzs@ieg;9-Mv23=n*Vy=f>*ALDa zHrO>J+emN>$#GqubA3*p*i1AOW2iOypGv!z&f%_<3J_i4urBV7EuR%7hOKM|t(<1Gk5~Z&(=~qX4L8p8M|4r3V`uqt7 z!Owr7zSXEH*D#=$$Dt?4`|yYFoOIPtmRuxQcZH;VMwSyODxsF3RY@KIH;||#DNiygClw-RlJYDf z$;uy*v^(**19@%S*h&0$D)5qxEuPr=bNp3o{C^e_+X&lj=fF4dG~rC!A{*c{gdMg& zqX#B_PdLjqiN&2IoMYRKzlrAv=h{Y+&w0Z6DFvufq9ik-rM!dE5@iu7PU*pjMMNg1 zq(Rig1etFrm8Q^K5|d=Ubyb$~Jxn-Jk*5Mzk@7QgOBIo-lu8zpCRZS3QOa0GddN2; zQj_vqa_cFVAo6Gm{x44{F+-jX0)NUQWRNLWA+kJ$?|UWom45<)6)7VrPPQCG3@MR zc7C}+Ni2h#__HXcZS88nO1cO%!r^q+#k zg7ohJSEs)RnyU24z*MFu0G^*7z~3LIFTmf5^gAHyy!0t3Wp4UJVCJNM2g>qvZZzMY zUWpR#OD_OCJG~qDm!&U5S+mk_20SzU8>G%ipMz4Sr*8$#wDh;YZEAWF;3?^^<8NvD z0C1k1z6AJt)3+hlJ(7j5q9s4`cO)k%Z{cqbR(czNp5hNRiIk5-`jg0Lxr`Z}-6s&- zK+ZTzViNQe#L5FGWKr_FEohUA=2cfo$@NT>Z1b`IlH9NgJd}$n7EYIv8;M89LSpiI z;xlbm5#C6=!#0cbO~hx}j)7V7X5w>f2kC+xS4RVZ5!e3giCC-XsP5KgeTe#qb-s@Bs|HMfi_LvMWvV89wh$by@1PX{2v~Z z_mHMSvb>KvCV#@3t4{-yKub#gM;gfOU!Z*?`?vTj+h0W*{`>QbS=1K?Q3rJ&NDS() zN06FdF0$J{!{46vmHaF9T82PMP==Kt{h|eu0l>0f0JG`93Cmt0Srj-$Wf-|A!|*3p z86%+_TQSiZK}pn0@ls~R_AG=|#u84o-G@3V;|SYrYe1>^2xr*%B@U&CaHeQ06EdRQ%1dHByk<`B{}57z_nXQfLE~gJ>&d{5&8oo`tyF zpY-y5Ak6#_NpgSY$s}93KiT%?_MDtes@@b-zJ>+&rkp1DEE{(Kcc-OGx`Eg-BnZ&D zl6)$`!7@aEx3Tmg&k*|*{#b?x`@EF2m#)O0K34%N9~I(+0A4oLg{T1yi9)y}1dur| zpDoG91TbBakFzhJhDVSujqnv?$?Oi{?d0oViw;q_J7m_*@k=9-j>#cvdZ)~)_QeG= zNuDS&NmqV>RQVFpM2E@f0jj+6$KZIC$ax7f$`h{olc1goDd5(fG_f3X7(R!LK$2I^ zN8?=GA4z0ybW!q59;aV{#=rI|5oPLrM6aTwGEyy% zOIHb1&!Ul89#^h9KvSK?oR-J!R~3sGhkncBnOFUp#$9HlISl2NQMs1Kv#z2?l4nyM z%i}pNVM_P2H(4LAe|U)KAmyy<7}Ri%(a#ufpVKcA~JWS0ITi zmaFRkTt(nP05<~|iRe`$ZJ{GRVIro0rQbp?!}71sOwtR z=3UAwx}u1-F)Hf%E>m4FGo!BWvNjwHjJnoS#@{n4>RQj#PZ2fh+7PX)=!y*;x}uq8 zAN0=uwsr;V!%eJR^97o0>JE{FqiLf27r`)$+KK2bjEdTAV(KzPjoNLZ{Pj!~j%G9E zr%@TT+sxDnb!E4k9r&Jeq0tK@a^eYj@o*z)l`3rcoRm5J(6M4NHU~o8@N1Kd zqgK0flXE2LI=(L?-y)c;GO5rPO=dQXf(El&1hYSq*vPvsW%)c1Mia z?Sk3oWcFs)%!XjTeFDtt&17-63PQ;%voZQzoq+mgqM}#Z0W2iI%L=;y^veREqNFTT zPU=o#CQSrJ5I;eH*|z}5CQX0l$o(S<`^GG+lm*=*U%dsmUgS^@ppL+50B-@vCP}}K z5Ic@ozs~^t=^~);4Em^Jjf|n00|?v+XIt`V+GVl1gDNh6Aug}1hugYVOqot|Qk;k{ z6Bw3vnzpqSQN!|1)3!>G{aP_WKEpZGr-*5J)M&IbBcd*DD!vBHz@SUiVJXAhoiaFpvOkf-`e~&sxrxmZ8c+Qi0 zq6WlQV*b<=haV7!KWyUf1pTchej##|h<3Wo@{lAAj+iu@!VFgMhYuqI>~WDt%-onZ z55C95Q;GpqW`y?hUq4X9pG_Juak=hoI{x8?*_sLMePB5BdA-ofaG8qfiM{y|V#YjN zre=JIUoU*ZaG9#9L;Qv}O*XXF_6`Rth?`BwF7%lBw1|9BbiJ7e<|rO{3>o*4F9@2S#+T&y7_`yyI{^ntqVobv%%V^b)hKwS;UQ6 z7mA|yvgl9#Cq)lI(a+NQri-FmE~xdBELwQ5>B3KB^g&!W(&<8!BE)alZ)T&CFKA%l z*m79CGEv5{3#xZIRz{g9V`;36GEv66EaS{SErZ(Qw=d;#QHF$G!>8SF?m?F|>QOGr zXp5CmF3NCShB8vjY+cubZPf^-a)roYH;JP+D&>_cSVmv=-3lSaec*}aCE{Jtxoe;o zK93s#{LE(buIt5E|E}onzekqq#QufVSTfIpbUa%&(51sW>43;i6r8T^u&N@p@)jTxDW$OMDbvIO{barikV9({el z_BecmsT;MNdhdiL5vr-UP^-LPWIA#{qQ5xJnlIn=vwf;e~rRd;a=k=%X^k=%X^kt~iO(qd;1 z%Ji3D$*MSeu#2+?yEuEWPXgD6?BeXfF3uk8;_SgL&K~UI?7=S19_-@m!7k1o?BeXf zF3uk8;_SgL&K~UI?7=S19_-@m!7k1o?BeXfF3uk8@F&uJ_5z4A+b+%??BeXfF3uk8 z-yn5{U7S7G#o2>hoITjZ*@Io2J=h1p%qQE$*@Hdq>_K^kUx!Xo*5YsaRPfmWpojP~ z2r;DW7U{o7+ljLW<=L=69L3+B5fYQ2hagTCXAjD|U%^LYa9d2NXQHI=>_KVxD|jdw zoT(^{#M_l~Ok7WVrg9bGjl???dUvIX_$-BI56WiZa}=IEC|iin&A{1%vX$t3g=Y`S z`$TIB2NGo)VV}Z5L}?~mtnlnX*-p4b;n{<-gYZO!JAKNBgeNIHdr)>!>7@$K9+Zzi z16-!?>_OQ>8uRQy`Ghr3i=90v|40Y9D$X8MarU6T3TpH0LHXhc>X7yrR-WSQ!FK7r zpuXrTj?4*a1n3&I7=QECM`5`R^;bx+t8c<})~FxiZ@xMTf3@h*gl*UYWY1V2834M# z8z^fjaH3RR!LEKG+`S{I91^$k8K=byTUDh zn~!jY!lMaW5#dbHl(t(4_YqBLyOpp*^eUo)+mFaoQXZ$wcN0z!H^FU_Xo-q)G#&VRh)GaAfz+`YK2&M>viwAPj8nTd19!V_J>PK(|?d$S7 zlp&9nUyD(XZl@ki>OMG4DxeI~Wma^CcEKslH)=OyJk7Szn||S)3BAGMTR-29Lb*HZaeA0!i|O?B6jcx#lkj<}%NK zZfwuHs3`e2pfipv?-C&0nS2+As!Qiq&ynOG4FXl>Lu@7i4*VMl?j{zt@jFDWpx4P_ zd8JrW@VUnbAjQ?l*MACpggEOr?N z%O%O!SHY(I<Q`HcEhw%4bU#$wc`s=Yn}H0o0=>XSur z>&+5MVwEU>+4pxLDc}S!0)TWifH44`CU84|4*^_5FW0>v95Op+l+Q7c%L}@bM={Vp zMSA}+0A2#%a$r3m&|gK-rTwwxbI_E5C9@G0;IBAq#Gbi~g&3bfMjAI8;#+8FhM8XB z5P6x7{mKmxOWjkT!OW7KQS=j32T`2iy+ws?CT~h;& zc&-~`a)D&l$IFsXx|}l@rzZ=gBusb6Xd^Q8Akc$0W=vy}6qa>8ldjl`KUr*~Vv`ki zIK(6WAMV}+ysGMY8$aisaC0GqDa-^2VID#fhA<@%W-k+(7Ey3O+yDEnz4tjMxvBO0zCQo&dA_6E ztiAWUhQ0RM>+EyRzUS_l607~QANs{L{{S(nF;H5@4b<4HK@2a}vb59C@p&*!_225g zhT)NCS3-Q}`E*7e?Nga9&*ZK-GigQdEPU8^R%&_jg*?{mDZ>J4w4|In8C$PG>u7mw zebr|+6HhlQ#;&&Pz074t02;@1@Q9X(;c3*simkAs7UD7A zWR!meV$`b|1Y_h7NOF>f%mb19Ck-(XU(JZeIRvT28plX609@M3VgHP`yhYOWM$*qf zjQXf4Wv?5^*Hm_{k+RJ`Wyz*Tn-VyGc&l>juH2(v#(A7q?vvBK0U5rTQnP`V@%dJ}``j zag|svkF%|$A85H#Ad!i~ZA%`LAWW7{3%mo1WBlX<`DJMf^J1iDe_#YwJF$G^U?AZ$VUv)>(E*L$W;qogoUyruYe28s7wUqp+ z2+eYemaC3OSnL*y;)`77q~Ug0#>E7`MBcH(QS3;$QmjG|C!Wqw(US|#V5m1qu0bdL ziA-H(*Ir&PWoLr=19Nu(HhHUu*bhNdPO{wHX4~5+k6*6Y>cBU?Oc(B?kYMNlR7@R7 zhA6oSXTJfiUNZlqY$kwdRhHe%rp?o;T?!Ll)lE+n=d`eCDkS}d9qywfEof&X^>HQj zbtNe(@l(39pG|DyP&%)_*gXv^Nqd0EneiG#<3{E5Y0x@G@vnACZ9s-L06lsX@GRcv zvNs5SrS35Ab z7CVE!0r3|SL0H~14MaN-H<9Q8!WxBN0N@SuF)27nKOKkaVJIy@^`LYRM?j3>3;cf0 zrWvSt4>h?=i}Mo2Oue5NhRm{a0g~lXbKInm+?Ygyxp5u{Yy42nb6)~B7L@72&rrA* zoR~7PwN^`PQ~y`j;eD#%XS<-eV`2%}ptEUB?PI9K;e9sY3G(A_wUo;XKaGhg&IUTDxb!Ezu7>6J`|1bl`b|g<*I^CCgLsX# ztXbD%2-@kEB59XVo4p71qZ&61`Y~#`VRX>LAh?Bj(32o8fJi-ramaffrQ}&!T%A^g zd$v5Xc!SiwQo?DUhL~@7+k4)DrE}y2dZjEp?Ri%I3eE#3kckBp5Bb_R{@Q!)?S$Bq z)2Jhh{e@#pEII)uoL5kui|CFDaLP@=+Py$dP|*Q%hRWsD$2D3oNIC2lfjc`OB)&k! zjbQ5kHxLhlkTY##bjt#Xrr#6DGwnAd7)|6r7*a!>*1&TW4?8CCtWD(hzf2T+ivH z7Z5Y=)?V0@fC~_)P%}dVc#_|Os{8}ATf#(Kh-7OiKL@+cIpcq?>y{^2ICANn`ML^I zR}Oo9AO%ml#20HIN4&F>1pW00h*6DMJa;9p(9-BGDwXlZg%XZz2A65y%C21&_#rj% z`s+<9;L5c1Bq(@HOM&Hb2qX(F0$Bqh`FRa7mlf-eLLU>iR_=+Jlh7uTOG!{N(OU9)EjhCpBo7YkGLmm3mXd!CLTvUUwd9io(dMs7P%_b4@=h(e zvKb@~4SZrGCr;Cnr-Km5ex#Os2|<*6BMC|-T1$RVOWsGxse$S7fY8ssB$hV+5rjzg zBempz5=6;~)3s!x_4(k0mJAtk*dqcD80p!>Q~DYZaz1E`)*9*vq=rXG&~|cY+uzX| zPSEyI0jE14wEb;jDINFRmF<3{mfRa{B6&IqN+w!M?l6!fjvypY30!0(R}f3dyFiFn z{75bNmjuz~KaikgqP677T5<{{=LQ}%k^@;^hc!yaAC+fa)GmDASs0X2@%3 z#XU1$E7zQJ>=D*X6Y7MlZ5m=?mXO<m6==1J+A@kcVA}HFKx0 z{tdUj0qea!$R{qun)wS||0h_}7XLhV@M3;W03$s9ZyLjM()g%Bs^?PZpbJ-n(^|ld z4zWMx1Ke?@NswtROo5RmUq zI_kTV0rlOCv(kBKn`CGi578v}Lm} zL$*Rh+fvArtq{=xDHO_9i0CN03KpoX5Ya(<0}5&@M0CiewUx3JBD$p%YGf-!bSrx& zS~kd5i0F3qA{4gDR*2|0*?hE3wn9X=x3@r=+6ocf*}f44wG|?|m+U30ldTZZ1MQze z!0oaXB6^S%_Q_U==)qF>v22Bi9wLQ9vK1nFsC^Z99+RyQ(aB=lQP~O+ooerf9=#PJ z`c}0SB6<%yDO(|;?;@$TLPYOnchy#i=zG{(e))1D>VlyoD8+CvX?Dx|L9muXDYZW` zwfypB7TRKYuRn@m6zcXC8e7Q|%~tY6vsHJrWww$hnyvH`&5IDonV~+HU_yp|3p&)7 zQmoK^(sI7AL&dE@_h)?|6hnFdX(x0WF$0%^jtc#e^@D228VZsgOiY{58e)c!ZX0@p zbP`pyQ_ug0ZUmhWDkMIcbcz*2C`svStSWO~g_K)cQDF*6Vb|2t*wFAZXl=a`-^(Lm zwZ=Y#k(?iytxK&?8mYY2d>R`X#cMtFG&VGv9#T(ZLt{v*r?H{2RF9{z>bX)Iw0rd(@9@o8*m+$}Jm4WGt3!+r{Ya}f}2`5ifDn2>xL>kKPnEuY3Z!x%kQ zJ7R+&zK1HV-BNtEAB#TPL!B!@cbE%`1Q1l%egK?hk8vK z68-N0r1VRmpg#h-}L8!4hv#~Rs*?tm@9Og_V5FHpM9q4i+YqO}{=6(ydWQqBCAXw9>5-W-w zB=8J2hmz3ittfY91O!9ZlPsWuPw1fu&V8t$mh*xOFf zwV2YZE==?GDM9zcXi&~6F^5l7PqF)Le@Zo{gs+md?-AIw+i`Z}Ggf!2Ciyu@8aM>a zof#YL`N%v_?Bt`O10R_Oia8?mTCw=EJ)bQH@||iIkZ%C_oKaT%5$e9roM7awe5khf z%!1_Zu=PILIxriLzxmx%`#zdhgJMrS9KD|)XXl~KJ@E+b$GWg30bYH8UOfm{0&WUR z;Z+oRaoqnrn0j&B2!iZ4THqv**bUX^(4N>1MAsZN_9pUkjRZsv`whPML(ua867*#* z`kxW#QiFcPpnp%aSP?r!$vi4nTmxhuTG59VC`1R1u+V0|@vxBb}qg`{2ZarJe9RWhgeMzG&NVMNbH^>Tu+(o3=`)-82+9z~>sVL=e9;vXb(&jrkyyW?2cK;En8QgZ_a*|BPtyR7?^m9Cad>yHLc&zZqnk zIcOAQ7mYkB$Posa1As49M`+X;LGj^{$g2cO#^@Hx6A#VQNY73_mlE^|gZ|t_FNi=N zHt6JhEqg8qWoxNMC!pu{8>bBNMgV-aZq}$gLA8j{+JA23{oa*#i$-o0*Jv;L>J0i-gFa8RjKEQiJ|tEgHpo<*AjG%xd8QEGz7k=@ zM+UvqpnpNM$bCzrPl?=iEwvxc7-ai-My`BQ9R<(cOoN^ckeY==_YEcE6UWAW_>k4a z#X#ycP5Td9V_c>+@$ zyy4TEg8OQ=-HOYy=Zq!WC1`pdY`wX9Fqr-ZGc`!et7z&rAH;7!WRiFS#BvbUpuwPW zwdgg5ZCWCiHFpp>4a8F<#)0^lEY{%1HU55$??aROumcfI1KEus>_n>tg6_xjdu58^ zl=sDgwD-iefr?+E=>xzLp8`={h-;D;K=51fz1X{Y&D93MZdaZ%J!@424)$yq3HEG0 z2&)%;{fK7CBumY!tpK2{n*b1dlh`nXHnK{b-HXmPe0AiTa~t^j(9vRsY2%!;r!J#R zI=G(NX~uIDPBWBqQ&Lr5RrkT7ocj^sbZ+cI5OnSs5b)sD8b497Sw81BZW8B;(Zosw z{9Sjro#wVL4Yk$=E~X+HxRnGA{1G(@8=sQ%aM`LR7`Eev?GwY+b`g+6PidAx!iY!s zWZ=N1p;?CVN)Uq^!v=Cl2i4)Daf`hyaSy7=)jJu)U$ue+t-zl6XQ~*7ru%^zRE{2e zrZGsxa@ZphH=_ClwBv4-k+2;zG({d}rr=&o=nNbCb{xh(diti`4bk@caVRI~dU;1N z%J!be+pE>tdd}fbAi9UFJ=b4_*0qb#wyNYZFmrXu?Pxu&rmPLpiegW!PA}u?)Y*Av zvjouPT0;sFmVNV{HV796P#=zs3LJ^uIt|-O*sYhgMc)~_aTf!{xt7ERiQO@%@?zKU zwL!qzb7q6ji(S)J$+oFIDU+(NhX4tULliEtJB*2;?QnDn$5Fyn+`djI%^0OL!qaOb)hyrfXnv){mzt2zMbGWUT*1WPX;5L}hcKuzj zGw};lpP@u0NFZogud>9i_zJpfu|}UFK{T(WrCrcfD2-%C&S=x> zsLiqYjtA*Ui)A3_-b@ng$+aNhUFzc(OajY6bOCWOh+Y(R-v|JBFzn8KVI;kYc9E1& zq9v7quzFnwmiIMF9$C&0Vqf{qkC%vaiF(uoN)5}5kyL?I6j{E#$guPWKv;wzOEy{3 zdTBVXg*F51PQR#~A8ig=$!mS>Zkw}iYpp1;k|$^j&D52llfjaF^~x}XLuci%ckwIw z63Z2|h*N173C8lHv`E2YF3~me z=5uh{drCS&9V6}$h?9toTM2?O{8tbXem^Z^C}9MpddDRixOx=`vQA#D+XY>Z(kMpQ zL9GlkTn+^6h7Mri)Ek9GgM`^a5)9bQAd(-`EO)_Y>;}hAzKUxloq~P|_)rjc!vaaKhT=CRs>r<0vc9-e1ASLw*D z8v`f~$dp5$XJ?@uA|8aWV_HNeMRc}zQUp&emjWWwaW@H0$Hzb!(b?g;~Th|G5DAP*g%OiQPHAA;2^WSMoALYCaum5Q^)S!6)cRN4*`|;nSjRxfxwngkonrsaRU2LZM7!vk zz6Atz)qzk6Yn*0j(+(`>?;{HnRu0a59>M8(11MINHEQQ$n}a&Z zr>PxlYVvIKqj)|``&7%|Mc;i5S~U(**vPP!TXg(dZXG&mi)eR3J z!}75AeBBoba|6yUK>QRne}^|z0-Y%nWY-l)u$)sfW$ujLj%Jxxs(H!|>_m{MILqcU zn7pfzZy%<(*)ppT>Kn)XmgPK~s&HMpC0%CP95LwLYjFaV*>;8fl{Rh^Zx%nJ3(;aH z_zUgl<1yN0Xsf&)1mFF(3xr&ZH%12vBzzwykjd{I5)3JF;HwCA2#Ohr*gmzHrm43R zG`j(&|BB@@eX2OLW!&3LJD2G4nJqFuPixcKVD*H}ynA~ezHOq{?V{FP!jaSI*o3>Q=`8GA?<=*akF0aUN>I3ppxnwyS_W%oSS`jfnetrfsnar z4PG)$VN?7w@JDEu8TdSi-dvlMYS=)9#w`5GNFB6WOD!Qmm+b|irqoTE?NA&nIX{H` z<}7@HNSEN0vTiXfcs-;Xr^xbc*s$~kKv;wz%M7xl9nl&%3%3C5O||M%n1!RYG&Xxp zo6Ia6$!wjUp)@A6hsL#bw_ec1?7N04nU95FhHicK14_Gt9qK}frxx8H@hJp^64nJk}T&f+RmZewa-s*fPRS@#gZ}^6pnpl`F41MM*eZ1pCHRWQDde3 zLu=rm%>|ePC(Dhformxuz~nM5&J3!wIg(nZGFX>PfD|03sLrvaN4@WcF7~Jhgo=Ga z(spSq6YaAJK3zz|OtW00?AI8sQQm8SVVYf&Y01Gv{;!6unRwNY4nXp{{ZKbYIyZg0XZP z2%SdO4AB!@N8?k)7a(Uj~dweS`!@?-LMe0xi&N`)JAe z8nSTCbvfWCIDuxPMzNgGEGNkF?fr(O#;^!MmfOgZwnM`?r+x#lJKj$9DdbUW8bCPA zl#{Dw$IGJ(gr~K;__7tR~LyFSkW zE#npYFucfA(s7ECew2MW_emcuzYOgn|6vjws|z5M)d^^{$95yUMkmVh+q^;9%4n`HgjmGMPui0zbV$OMKLG3uEq(gpoSv6+r zR!;n5ZmX5n-8Y^8=GLogKqksfSYN0eFy>iJ7Hn++9dbeDSTTJev8yRZTO(GsMsK?$ zqo%pDuMA)uoyib02*_-MjM2|}M$G2Qs%Kc?OErE3iqq8Ff4CKB8aKr?e}Lq4v$<^s zzcJ5$fjhFgL1$b1YhjU^&K)QGH=SEQ_|H0l`5R?*1F83`CACre)l%3U969Qb^>JGW zY_Jhc?>^I8&c16eo8D~}71I06n(-wpfpjKAH1Q=Y*!0G?vowo>cBlUj(SUDe<1>0S zJ}_Ub5DBXpU&!DLSPQZ_cjwt%7JxLS!ZmW(d$_u5(GRlhE+hkwpg5hyt~UZPi^W_i zQtCkzW2WowJ`8wE^;XrE{8n&Fxo{|GDHjfNXcnz$&Rv3bKPq3M88HrW*n9Y5W~ICz zu`PcA@hddyNF(uhP{X~4c50;tpnqBnEopVRu0E#tcxGsQ4kO8bQGaPY7M{cz!{GP;(?ckfyXo&hfKk-7G|NWnNXtuo!BIIWt znq5h<>7RK}TMUDrc0t6-7Q^7#r2wlfhC%iF4)V68p!$6W*fd*eErvn;`wp_jFsOguLADs;Jgys`LWRlk$TOp`&axFICzH8R`ceLeH|^yi|$x=A}xkH!oFUy?Ln;>&;7* zST8^55PFH#=A}xkHZN5oZCalLY7^EOK+Jz5i-J`~DKe;$;B;h*~RA>?PlMm*UGPCe~qb z7LV8MKS)6DJ7Deg`t)&z%eI4keuAn&j{?bZ-=CxO1C)3KLsS_I@w%-WpG4bp*-86; zXzqfZ&ZS7J`xk7fB=kf!D-eL_H4l4FEzYN^rPNau@8ke3f+r z`0ir+cf`btS+DV2JTM+(^X5{@gFw~{I)QM+n{TC#mgA6Lq{Ux*&vRHf43-z`25biW zd6+U-v;}O6p7#V6eD{EW1WunPp2S7Qa{6eToHjmZxq{_%DbG8C@^vg{h{iivE@XMU z$a@v#q3PNTbU=<9F_)5hushR4Nan9lJ#?l<_0=eTXGo!@3u*&U$@4Vm2CQ9P1VCLK zTdAeG{&v)}PCci88ZhhGPWUz4W{ zsRICQeeOkF{8Jd;J3uT3k;s<5KSk+fl=|}ZSk6&YpJ4T`QL08sj$v)OV{3`4eWqyd z@-*6pWuk@4TxG&6F<}l`#DoWQuj&B8SN_F>8Z?RtkAO&Ii&8EwKM5Q!&PO%q;3 ziN~-uJrE#RK`W2W77H$YmMwW`;mlj<|&@vh=BaSl= z=1U89ht#J2Y&M#4FbngdZawH>TN7}1)RnV9&_yEW5L&n~M#(Akq>39`>F; zW8pqn&I4=Zcgc3b$RUy**NSPsKW?(YTFC|%UNEzNoy`7)FTz)a_T8fK zILgCLCEx)QE+Uc+(|7eE_-|+!J_J5{PTSO`m$dcCM_rqjFnZHLj3B{ZKw1m}k}?76 z5Njmu6G^pbN~5HYw4_Q(+Gkt9iL_rBX@Qruw7wuxzt!+#Dj_t(JCb_a-d=!BHZX5% z43mjU8ZcrXBOw1h--X}|ruSn%=Q!x}+}5>IadW|* zg&Ts+oikcG_d%q-tWm~0w6@^icxMSDDev4ThKEjQ@3fgqa}dT#m3U_`8pY@h zBxv-VAX58jXp`PK3jTWZM=7~ql)MTqiJcV9>3ZjW<(+dzQI}V>qNyO@oimWeQ>}`f zA2;+)nwFN(2j2Oy-3mDI&PocQcXoqFU7}In$2)nDqzwPD82%^(NbKy_LbfVZ;+;QG z4P&SO@3hg`AW|RK&?dce2>eH2r&98ODA@`w@y@fF)Ah~+$~!-zd@4F-6nzeY-hs5+ z+8Xctq@j0?YiWGfiv1IN2yo(^POpKWcP4{K{Y<02k9W30k}~`!Vt6S8h~dKvXpZcE zlfO_W9=evQX!uDIjGwPSq)yUsotM-D96iUXWsVKa)et-&kmD0ruT&op)$yjig_y&X2H~3aS=w385{sGtzI^zoV z|A#Lb>l?iK_HGn^yfS$APhe29&>?&V$Km5S{EL>4t3aUzYZ82B;WLUqUKzaSk5cg- zK0}}4BbtC{0XLTyNC%(dzQh*XOc6ZFMk}TYJ_tU&6lACcUmzWPmi297zQt$oIo5ZM z;lv33hV=(#3#5ZDvwB7hUmzWP zg>-HVUmzVkK{_vnFOUwtO1dECN{n6bcccqr_yj2UI_bqR?QtOxJXsHVNesWf7<}^t z=#?>ifpqXKVk)gD{&;2Z5A1nMd4cpAP{DT`Kw{rRzpdD___SkxhKhg{)rqR!JB6y2 zA3&mfkvDicm1z0#%2@gF%2@T|l`Z8R(-aupjkf|@^=<(=DpuYx9h-;sNoMS}7&s_a z-Z33}xFwdmv9IGZGgiH0y0!ZG%jgl;gT2K%yg-@+TwQ|?n%j0K2zFA4C-_nYDghpRH z3%u?4#aBmt@m22Wtw%|SWgz$>b-n-^9~_5v(;y_!g=Oa}G{tSurMSy9(P51h=t}ku z8&K7al+|$)xa|IBnsH|xGL+^9|_U!PjWsIQm2aq%i@bH%4V_w9D%4eQGAiD z1L&l56g%%>aUlJJ%cF|U-6_fx*LT5w&_T5NXMlEn79#$rbL7^3z>R$h1JvzpRKJ1t zZm)s(5=1;3yT6Z8^6x?X9Yh5PE#dE4!Xc4hW0*w3F(5?3#~|X_C=zfABaB_E*6L8E7Td$cd60W^AB3zBoOgz6n(d$Bo@C3 zLhEazB_JorVUMjh`f`!FL|-LynCR=R(Fy(Op*Mi+Ne}g;cj8$odL9Hmft~>u`_xx+ zEfKDN8TlU@`K{kJ^2cjroggO$VF2Z410eoe10tS{qUT2_NqCpDa1Drf zHj0F!D2W8?v`C<})&i0^rHX_Ll)y1t2!vR>g;259(a5cW%xDe(t$mzGdgg5q@oW@b z*S)WGy#PXwdUq`W?w7+JyNXh%@AeP0z9&H_eM2?+gy=hH^nF1j^>zIa`q(J?=Aa~f z+X+JJ8?7ZE@a3?_{?X|BD^SwE)*qos#%;DnTZ8D!W(ZBOEE@npRtS=DIbS1F1Ua2Z zdg1_)wCoiS@oW^!qW_{Tn+`(v?Gi1aQY2h!B-{;zNO%rJJR3zqm%nNWMIdzFs8;aK0OuDrwc}3+fQ|$(m<#_ozUo`qAvr>H0jf& zL~_)3gNSFN==;Svt?wKNt?y)nzEzaMF-!Ye>stsy#p5R$eMa={G{{>3@SQ0>)2M_Y z^w*2Vs>g|Pi{3_+@ie2jMIjBtB3L+^#p?dVUof0(5Y7px@^cQ-oQH&Sy5Xz^ zOgwQ9hIl*1xoa-CtUO`*65TZ`m{e5m@?826G?p^frw|L=!^NM z)|UeU5|~w&YY9t4!c0nF-}VFH8@p8+RVS#MjGpI#5jG*TnvC% zc?F1gHYz*NNA0#GO_k=K!~+%n;UDJEmVCvD#$rR@;o;S0P)VHAmZ65x{jeFxFPq=s|S)$~v`%|DLv{8rhuIGtl zpZ*FWo{gewVk@od3J`jX?$8pvG3wo3>-!QY(HGwua2e5`YP1{g)3Si}c|fjh9@D5! zuAg=h#pn^M7C>IF#vrk9BU=2Uds0hEk^UVqmK_F6EPI!hi6=hN$R&dO7m?K0wT<>f z28ehzik`J7iPwJtLQD8sOW?Z)>}eA_XbG*`Y6-(Y#IsQ(T!NBF_z4I|;M|H@q&j>; zB&?zYW`d}8+S-92l(nri(i%=(2aT>$A~|l?f{16M==w8CqAM}Z)zwE!ND&Ed8eMk+ zA)a}PQ1MKEja(wgE**8hz9y2oy0@oijIP&E5?yf}s7ppYLrd^tWICm=Z+`(w^u=~G z`sQi$A<=iO(KiDC(YFdjJR7BN`%w~o|3d*vU$K_pUfWE2)ac9Tr1dQYq54;;(Pu>8 zS4Q7mM6!QJLBz9B^nHnv=o{VH)wfYgXr+b^BhnwCEB(6}DCys$go{6SYjna0j$Ij% zjI_^*q`ppFppT8BuM#EEcL)R|FivjM5|)UBT}Icyu3Fbj5K7lUjjR*o8%EbPL{is- zAmZ65x{AALU3Y`fx(;axr$hpOUt0RLK3?m(6NJ+BtVXsO$$pLLtowBm0JYv?gXsAR zReF|6e4Nyr-gvDbH{)XrZp4fKF6JG1@!z`|ohN!8FnWGSB>VIvh|5+0tuGaX(${V=_;9pIqYrl&eXEJ2zMDYAvr+UtjFQC0Sqe~n>#8MGii8J^ zu6~0t3f?`m1dZA!s85WZY@kHXHW2Y_6g~H%BzoQlp)DP!C7cln{kv+(eqV!OJJNQ3`#!7$}LCD+rf( z*{IQ5MIXOaEc5M2BI(n2LBz9B^aX}$eUm`wG29-ZFS?u7w+<-LcL(7zJMYlwL!vL$ zAm1>^uLMa?+@+DH1X)caGr@>tZP@}4@oW^!Hlie+I1EDf?FlU*VKjZoABPqRe+NQe z;i5sf+opJ zE>&AO7lig-b1lIeFTQ4KQWw7049C<6Nq>=3b#F6_h}*s?Uk^Wz&A$N(~`SuudD?^ zB-{=no{b{mh>`HElE4wD)e=sLgd$2{1P>pfJyHlljledIY%`X+?lih~5y=twC5U)7 zimta%k~rxylGaLw-KQmZS?IXYHxnosflCRO8S_hx&J%r358bx|04Tq*L3F)>D&tr7 z=`qc@PdEpXlYMHP22RO7iCgEvCLDk4g-4iZ?~P~wwfIy&DwlY@ZvFtxrT*r?I&8Gt z?_<77wMOmSR}lm|gjk8O7kk3*)7;e*E+{Lpt8S0 z&#}0Kt#6^o$8*Ijj2?qFUZ~nj$Dvq`VpqP8zDF1(948njcRrkeIO&b*o6+8_Gl)k? z#DaJmMB?Ek#9~_uI(=PxxAYgTaBF)aMcUz_QTJ)0@kpqG{qs=x>?0~CMztHW}S0U~BcB++l(-OtT>Z^2hik0}Gu5Olyn;l9T z9-gj;pWvCq^S;(++*Vl4);_NkE0H>~PXf?>GQFnFeee18EV1TaG>p zAST7@HMORCE~I_Kd_}Yl_q;;zi0<0@!k8i%jgfB8#Ze79mgf13yrYzHw@m6nqefFw zKKcbocn&_srw3My)mFf}WF6N+4Rf=$Hg4c*`*mA}XYhnB>0Pk9YN$n`ypXKMfM9^;|JLkkII%(vCzhFKuvzArH?d;O#A<0KRxIaftH#r+wV76Geqma*^`=!j zHLY-$KuxRm4X0HH;YDBn)BI8srr``zvj=ml@$Bj5#Sxw!c;koFj0aY8wuc)fm>;UD zr%E3QZVTc^we<4B2CEP+5O98Q!4T6R)cSa~FkUdF%v@$n_w&UXvP^$7;RZy^#evcU z7B$x(YOr6Y$w5QBm~$r`C+bk&Tuk=nVv1isaj9xT4|8V(D~G!!&W{nE3U*I-NZxNL(U#G8=lL zf&VA^tbnz++>>aD%n6e$udVFYxseeDjoZ zbt0T^vibsz!bqw_R_L!_5EM1eT?-pjAhZ{G75^r)c}oSeYQRz<%H$(DIbz-L-^*-` zlUgg2)LJ)8SZ!R->a(>U3hrZ{HH_Kg!x2O!;(c}K6+OyEv>fMj9RS*4;b zjg>NJx-#Orc>{q==SgcY=Dx)Q$GnGUD~mlng&axTku>(PwU;ke<+Pe;QdDnWJW2~P z9V4=@H$nSFWHFWCpk{!Ht$`|l2l=HTx0xh@e5RHlNh&c7RSk52KaKgaTWUjRHSokR ze{Yc2OiF5;(tI$Ph-vG`6-{Dx;qqj%sbisWe)D%3ulLY~xifycfBMew3S71_+cj9& zl=BXGQEBK@#g1a<$#? zl-V=f9V^REoeg&wu-h$L}I$Cza_sc`nA*1(oT#=$Mq8 z)fItkb@Nh@No@aa9hTMbnuFQNw>s$QscR}bd11E>sgC$^{Ewx5}u@G>DH$57n50vFE~@Z z_#0+2)Nr4TSn-&Ir4t9&V0uxM<_A)8gLH*e8SJ5dHK)0{(dL<}8+YE1YcK(zIlVyz z+?(N5V0D&;3%&-|HB1oyi}}Dmo#d3ybAQlF1koxHgv>QX^M;d&w+eIw$*qEh*E=m6 zpXp=GnO>dp(Z$vx&%M@fW3GeRn(Lr;kJUADakjV7^9uN z(4!-H7r{3hy7~rJA{AFU>hu_|LchBS@g77{k+~ekMB>>Qr+5D8WzMgOCe|1#y?sI0 z#|x>xUU$_w$Txp*&Eigt#+N<=eA5hl!I|F7D)w}c(abBE2B!~vW!S4gGI=_{FP>mq zjb+;xTE*hi25qs-S1}~7t*%PO&x@^IySyZM!|1ed+K8mpW#wx(B&{f4o4mBFrdmN( zmn}_Rv20l+WTfG4Aj;ArEvvX{MMe3rp?EI>zJXs;RaU-Y_|TQG2!-X#OG-iG{#ngs zl_k}x8j8v)Kt>6oth`3iTFgodA-1fdssyznaJdf*Rs}98Uskaknhc0qRSRy71^CW$ z9uDr~91T5`>})6vtqW~B@cH6dw~uvV(rX%4d~Z%s(ZZeEcWz(jW|7hW3`aBitB#B@4io%}5H%E2p>owC3n`_1i6 zOyR-LwmZ}IUUlASe%49ZyE->?cc@ct=*rNDMpRB{hx3jV8X9*F|DCT-$|<_axwUp% zU~t?OId=sn#04tb9)Game>)#^|8xFg9mqKE?5quC*X_8n?Y@T+XH+6fG=DN_H02IHQIZ?S!Eh2N1Q+vO;I@wyYc=hKGLVEIM!xY<;r* zIsE5zKPx7kiwk|=ykONhkJZ+F{-2L84vx!7s>?V&E~7dllre5a=&|ud(T$^g(o%Tjbw z*_z7Ls)C}tS>sLwhI;}Y+)22Pvk`PXY{cBslcdr?Ee|BKc0FsGr;}oBY+$S%Iud%& z3Pd@f6~REicEKwLZ-0Epbf;tJblkXJITu~@#LpHdquF*U4?O3zFLXAfJ27XSMBBNz zbZxbhn7-3la-jZ_X}f!jAM3OXwR4&u3*Eds?)^~5W1-~GEGW9A_B6QvZUqu?n-gk! z^D~Jb8BTp|pttS($qF5IT7+txGR(H{Ugue>&^c0@oqHVAHs`w9z+n4v=QZot^YzZf z$DCe;PGTwBonG0YIB0*-dD_|*y2NR1U-_idy)<=sPR8R->upasOKY-H#*G{Pb!t*p z?lsQF>@4)0UD?QwP=>Q~n^SYPDmOF>0z#*AKU?U$Y1PEBF<2LTFx1s~uy$`Kd0fUS zMCvN1ZK%+x$adPMJ2ly%kG6*fWQ?1THTK$R=;B{C*Px4c2DY6GB|q=9Ds*BCcQ|eL zI*U(->a!L)g`tEuoJ&IqPB=T1yK}|3>Wqx7)pt1;tiv->oDBz@no?)#Hs@6s-GP?M8np?Wuf%rKsc?=9&}=l9b~OD`j|8CEPS%f zIboeeHaY*rd8cKev!gcQ5~p{mbJ9Bbmrct)FF3#2 z6u{F`R{h2~t6}?H*gMWP1$%5$V4Q+I>6~?L+O zehr^)JMaASat!R1QQ0${&o57(z4IbxP^ixN#M$fY+H?Tyd!3s$q2de#)S)6D;H^<- zot~jm=jPfvr#T{OeWBC5WaUghuciJfssCE)uaf$2rGC5Af9upNf}pKZ*c!D>Xe!$tMI*kwoJMSq zs#&=6Ar!y3d@qW1(sV|e>ez&qPo#9aw0xv#&GhHXOTl!nH2qPU?j_Tq&zvg6{}aw7 zho5i~593E0ZTs8iOp>2tt~Zq=O#=JACwy}P7yS1)`|F&vRGsM?Ca5M({VMU{)bB0> zaKiWHMzah6!cBa>6F#cbm#!^aU6WK+K3?TFWV%6$a_+Tlr+v1wdau(q+o{;=v_A~G z#%UkeW!r&qt&fC;gcgSW^(NxBtrARMT!n@U!SG+v$(Ry~%ax48sA^n$T*;AKdyOtvvdi^-YFrCl$%l=0x5ga|*Ftv)zeAUcapkx@ zb!#GZx%Ncra=9Yy`Hr5J8vnRnb>+DBxVpYWPDD>LOt4Nik~2yJ13CqMVRyRll=JbH z(AkcoGjU#sJ?$(C^yeC)XJCyTnAkovKQO+%vjOL}7KINLp4$z~2F9S%YADvhC{-{^ zw#(iQat-|9v`=U4szS(FNIAU%3+%1<9Ai5<$oJZon= zN4As_@T{Gl<2<<~+j+*WnGY$CZwcg3Lktu+)yLqH7cH9jNG(q+&s#XrIs^7P>4!Te zU4#YMBcZ;B(E8k#5Sw4I58UjOpB7`_@j#*&gVw!Nb;M53FveV@Ov(Narc9vpbyQR+gqg~_Nw}jhe)cXae0v9VzWuPwt=>PyvZ*eck&JMHso`x-uXKD4zvUyGfZ2q2aICSZBj)=jKgtl88ULnN#z*Kz0@iM}+yg05BWVoopB7Yz#BH_z+;;OdqBvf$n{SOMu1ET40g8An4p0a#^g4*V_QzvcFc>D3+t;6 zW{k@i&mq}{aoDDYWV?Sz4(K77t@RZ8^>~wSAZ35okk|a%A$MN40-3h+quNl7n2Na{ zaK#;Fggjv%Sa{RH6+eZYfqwSC7qlU;#I>$z5m#2_va`qjy^NPEq%YX<$>tERpiTq= zX99MhH5PsKSpEd8E%XqZ)ii`RgKZ&LlAnfN`{qyBZScQ?wtGbEjAd_StJVi>yce{^rE z!G*YY-^sgW6}fCRFN}5e**0z`4Nc?4bmma!s8#A@CYV3Z=rk$)$gErL~1 zyYUehq=9k49DD|Xp|kR57C)=`u@fKdKgUO$b3<*YREW>5Y+WILlb^XEv?B+1+iFhF zbXsORYtxG(o&v1@TWLB#34vv*PShC(SomJdK> zQFQ`X#80QW6c8mWQC^cDyVy{4^^Vo}+s^r53swh0ofQ|fb8Zyt+htt0CDa?%pM(dD z@u%^Ahd@;4;K`t~r}mihwiTFzg%<9pbU*1V8|rjV$7eR~@)eECSjf?Iu9g*Oz`1p^ zTDS(BzXoV_AV)XcvRSP=*+8>>4f@(7;CviV3w_)h+N`byaAh1&OVEI`3!)uzI;&0N z6%I~0QuVJ*>Y68jTMk&_G^*Q%OLkTF&rQaRZH^M`I5%$&a47>G$N78UfEdhLrNwd1 zxF*y^nsB8P;$Q@DvK6HlTm?H^1vmK=eCjH=$yIRHRd8dZf~y)S_{vpqwX5Is-gRmIx!lS z^G3tl9_mEWnz1$N>CT9I*r;J-DzE>K&hEEJ3C2f@LmeX`$vg)&zqQa=|k0 z@SE?c^}6ZVtnx=&r-y<0y5^}jm%%;GHlbc63=t988P7IzweGjA$#L;{)Z@nL-?-W9 zhPiO}kD#ZZL)9}TSh#moEQTP1m^C%6g!n6QF>^iZ5Oe7FYE17@oHikj}Dx#Q+j z??qe_>P@#i^{(8dUPsM1?Z+cF-6^lp^po*t4EDLz@b*wAlD2rn=FJArH6{}GyECLA zPCLg;E*Ph4T#Jl^9&U}-^N{Ih0}py*Z|=#@R%6jaZjzbrsdC5qKiPCx z_t0;XXQ#C^XA&W_mk;_-zGDp{z>lX_eYV@;C0eJd9+re0)Emp zxUiMc^c!h9gFNreoTet__tpR1xR8mN9krfjFF?MV+3Tcl5}LSp$jwFbo0g)TV3c`o z!L2UkP_N2N_xa|O;Xj{v(e87Z>*T|(lfBsW4Dx(z>>gwS#?x;4iH>NaU3+joHR;Eo zcGMb`7c5V_r_vYyu8}59H600_6xT>IuRSBpZ1rkP{CZ})HNNrk&hDOxrhER#_hmDW z+bH!;>VwQ2c-5D2U9%$xdmCp!Xq?mHK&aPo+^EH!m!7!a*5WX(KJiFUo(%3?1yCS( z8uuY_uWdXEb}&0QYkJwkJBDOEG<<5xjFdcQ8o+-c=hUvWmb6E z%3}N|adq+P8mkg_4{E~rS5j48yt>+|F56fFwza4M2dL6A)T7c0SFfz7s^QPXOw6A? zd)BbVcg)OPeA38A5A{ zt5%g%@v$%_f<{f8(lCm2^|bt{Q^R`jCQr%<&zeW?t0~})NiHg;S}I7w+8q4xMd943 zlk=zg!>h8mx*C0=HS4R&5Q@G?bp56rrj^aepE_}hiYxJZxSF%Ex?~xC5ZJm%iUQre`@|*riWScW=@)#FGCzgH&)cFH10Ks)D%ovY_=;guGQ{$ z+lOl}7{QzG(`PDqhs$&@F-sHc>fm`HwFPZr`QKY!|E3|~>+RNs(selS(0jbN$` zFE7D7Vj>7HTe`|H`_iP!D;#lgi^|T^vXGIqB7`8*l)^2mKvv#Rldl$Dp&l&P~!b;*h~B{(DLKtR;h z6eEI`ty~o@EiPN#$We0MSqIML%;ja}m20t+RQu95;RIGJ=LC+{@L?D&?Vl#Iy9pmP z4%27NOPD-*Ov1>aBZj6V;PjN1l9ndy%EXQc5mUDY7dXj3Pv;I+bQ%hy(y zKu80BduKV5NhGj1IHNg}VEX}FL zBx$=Rea=p`tYA_xU2#wU5-w|sH{e8Cf>T<9+08BE!>ZP?ztsoJtRY*+QP(&&A zN^4aU)p^`+a&_^Vk}%KU#?vEHhfT^V2rrnOkJDM!tgx71X-6_0!}jtO3G(44Bj%em zmnkQRp(a&8l{G1MV$RfIla!=MMFmsmTGMhTP7g0zT~b`-E^qZ%x#*m!MG6ZMN^n{E z@{$eV;?>O_Wmui@G_5)~e3*r~h!o?x83D;PT#bcWvn5p+$&xTKX>nM(pxry8 zQ7<_vX(O=uE2~i+3nPE6EpeBFlJ0R{XF%Z8z7~#MUshRSO!pi^f9M#}&R$tujvR+D zn8aPgGnj7uj`D^+y!5gfW-P zoa7w6J=ugCJJZOPk`1WZfQ7pXK&2v#4&gjsT@xBSZKdZoH8YU z>fE_lN4o){TZ~atvZha+TVTvmK0tO_w$dFRxpuMKX|H3rs$_L>O&QiTZu}ZUkT8@D zrh+MiOZatJ~K22|I`P#L9I zKdvc;lTDc`@-^rtPJiZWJW2phID!I&%W#tTamH5BuLuKot*G$m~#ndL@p|PtQY}V zc`U=j7F-RxEyfQjka4+EU4biNtF*YBXJ(^1Yrc$xRmsYl3Y^H7uSNDiAK5d5l3A~O z)}RV7h0$XSA*PF~OG;~)cOXVjTj`X(&hkr1aZdy~m>On>(zWHwFudkuArn+(3>hjF zhZrIQkW&kp7{5psIIEy1Tsgu>?m58igblohz-o}nMlK0?e*w1+D#Tt(4+&3b`h-mg zGY}!N#H^qQ{A8hMsH~Jf)pBQ|)LP1Uz~+)=VJu{Qqo@%wj93UM^Pm)0lZXk}SiTIu zzgJOJhGi7iNphm)S9H*!WeOb*mtwAzR#mJqT>3Htf68#P#44S%x_IWQVvCEdaPjix z3`QhQqjeY(>Z22!V@bpu6eZrx)x!- z&hV`-t63RFDplD;>kx~S4$77D7W$0SGT3!d%hMcUisF#ZFn^s;^r*@u+*5<2R{g;j zpXM1d4m)Xh*w$P_cF0%}R_pRJnOrT^Mio{=@xm6hkhHSq)e*BJO8Z2hN(D-(=+ zjGm?qGb#)(yxo`)RgDe%T32{nd4@|~vx#Q(FhTbWFVm9)RfaT1Io8fSW<<11%Q8;7 zU)O-okdNxBuK0bbb}j#fqwA$s$M%XEJix~LV(Ja%agFV6RiChSNBujvfjyz&J*~CY z@ID$XoQ>og;4#e*w5niDk9t!!p<`S58sYvitgq-A^vsZk3m$nS!XtUwgTHq@InR*i z@hF~$ZG{clQ+BH19T_rBOsPcI0%*wV+^Ttoyu+;u8?wHEIHk?|G^V}lnpR*)qXu1i za*HV#MVN|)GztXgNmf*({5eK`FSqL#8}c??1yQ?eO~I(9Kjze%lF@Eka|~&EY+Dx_ z(%7bW|Fd!V#yFz}mKMHH$D*bfiy}0h(60NNJLvNadGOWFK9nPHhV2`;1^LXo@k?tC1S#G{qR{)kwztrWhl= z8p&AL6l0`UBN>aDVvO`^igr$}=T$@If2UU?84H?XjPz z8J8G_G+dMw8BEP|-!j}j<{5P>T)XnhHECpFX{)^Cea315c^azJ8Ciz0X(Jl*;`+Za zV-vRo43`-bc-@eGBjz>Xzlim02jd2}&xOW%@QdFe6 zc}AVbrC&Yo@kVleA2%5;yrEByfR$2j=v;Ty=NNL9u5zqPYwJy+$isc3$>#X-84uiZ zFeHDETUE_5WG`LiSXFktDI|M1LyqxqfqGMz?%@nM$HO`GrV#dUhAi`NQT3*<-oqL4 z3J=$;-V|=~aEAP$hYQx5!u=l3kU#Tq(e=rG*lhcje`hierv z9~qG;-jeI1g#uKS2>07lq$6ZV38FCO_^~wX;#E>g>6_eMzdQ;ly z0S&pS0nn7L@qmVWssYfHUUz}>4Ea_Apt8*SjO<2%>Bb~i*2RW2hO-+5Za0i_+<`Kr zQH~pChVKXj-UQ5!s?6iAq(g{AF@&%v z7-A9$I1&;z0keQ*aRdF0`aU5N# zINB0%bj5MBrQ(PeTAxz4q66h!5FYQ=zi1G8MGk|`sIg)t zr5J~r*&CGdzZZzwf*N)QiPBk(6{{)5IMi6Nl2VLA9jAD9EkcFeZOBk##cE114t0{u z?pt_-edUlIW5sGpG4?n^W)CYo!X7@P$5^qNQj9&$lG!5*kFeL-+gkI#bO+d=qhArt zcaFu*vTwoUe|Ad=_6UiFw)J&ys|x#s7j?om+KMYgT=#m#3T*y)B^OsaY@@BX%f+_Z zur=P>>Vj>w6`yWmTeGqCdT*;6w$WC6sUO>#gRMrz_)_21-`*1|#u^RwpS-9I*1p12 z|4TQT4(1f;U{_0& zuH`HpUF;RBu#JjwKSVMAj#mCRDodqjR{fZL)J)V?bFhVCz7o`NPiBduVnf%l(N>(V z^|E!nXui6D|2Hq2S<7Fvm;W`~-nTJc{~HN4Rr|DN{m;Jm<&K%mamD|$bZn8Rg%8^& zk!uf17Z*U-_YVS6y1W3wesmD92*PoM((M(iuxEQwJ1p_!(N$}d2+5icmUtYH5}_n^ zN{FM)JFURtCbw1bPS+PeSe%c@=D_07>6TT#*V}4?ZFJh^onqE@6kw@a?xC$l>BEIZ z*v3%e3Gz58;NNy+U{jH% zAs^rNiWS&K#rR|zE4HN+*bYl|ZQQ|9^P)wO{HD-{CE@}cwgk?ukx1OoWVC(pVwfw&dv~imbcykdxS)85}i)~f^cWpIa$5vJUsv-@r%l%^#ov{Br=rIXO6a9UePS`2j5votPVKQ)9JV#T7 z#gk3mu()xPCM7%>5Vp~2JVV~98h%l9WHz$~|2<#(D(s6?)s}2vU5&zIpOPwZe6|r6 zR`e3trFP@9wV8YR@$ji@vdOme+_T0p;&PL>3te>u*cI zu&O2s-QTAO$NL0TVy#M<)(&3lRM^5$du%AWg@^m!D~!}O-w|?hqNvLd&Bqf&>AZ!y zc2)=#6H7-RJNdzoy4C>oW1oa}SQHb@M7;M6s!f>S5H%vxC!Y)8-7p-9j25qH3z zFOfUtQhHYbgdO~R0VVsiZT&AX;o!8>+p56gCU;t?QM#c3!amp#U8P2;a2m~5I6cAJ zYJohiK6pu|H91h-ta z@)HzlKWLD-WETH}r&2G@*4XbCCbNooSv0}f$CvAWJf&bm2ews*@_rKUHZ`q?+4su4 zd4!!a+680tCF~UvxgaQQDS)tl8U&=2`MX>lu7=U1*E$%!kh;(&O4h?gXe)B>$R}c1#8Lr*VQN- z>?4S}GPfqXi~D`B_HFw5pFLy(yILYQzft;Z0ffDE5YX8v{*RqjW2apyr`1~Qv@7K_ zz6?KFHN;cilJK~)Yx>xJ^dlLxR>@+jLx-4A*@YXksCR{^k=a4RVyruVf4?G^o+Fw8 z-;z<_A;g0EdK^@UN(B{SET|dNeJBOyF)G1@FN~{$vlF|CtA)19a z?(>+LQNlw^y6HkxDoY{8vh>|lmj0q>_A63CcIexQi>6qs5^F_SLTe}aN_Ad_Lz^GP zsr`cxmDnseS_XzT6rvJ_Hp`w;i7K6@l#Ic80tis~lmdCJo&f}=oDB;|IusFBf zLfFPQ;zT~Bd>o=U@(y>s_>B#+&_SwWQUPqaO`XtMdM63py^4Im(mrFe)x{1DR&Nu2 zY}Q{K43mv6^Bo)Q6v;=GmKHI#HKH< zkMWJuKQ*i`m}7l1qnKhywB?I-#d|umcA0nr9hn^(&CsEqU2(KVigjTa_tsbsF-b#n z6(-}SB^z^`A2wL13&RjXO`Gl3$ryTx2{42tO^2X_oy~HU`DcteU~hSm3)S`^VQ-hn z%}$h_D1c$*F#n|7Soeb6;I-OeG3X{8N`?7oVSxF`KKcsmZQgu0ECzG)l^UhOe6-e{ zBD05z+9LYiu!dO(vNdCf2_dPqL5Q)n!LA2}hOGQL#nL7^GV717ib6~xq!5w{Da2Sv zt5PAIs!)~{Y1$M;9)c1vg^*NCA;x0*b}FW`70X3MOy7-S3PFjOLP#p65Mwb-Jt%UP zW$#feR~Iq;B!Y#YL`)$h6;p_@m@Z7kbgg2!UDPh_!jNJ})WJhYDxwf$5&a|;(U%p; zJ)+jZ?Q8FY|3XY6Ng*T^Qi!pT4nKIXr+VoLg|dU@6bose5Efz*A%&1sNFl~T`amkA zDGKG#BBVpZkU~r%q!5w{Da2Sve@KONszO;NYP03tVMtjBO2iaGQZa=Xi|M#SB4>pl z|GrxOXX`N7bG)b>mOBl0hQICtrx5=?!|PRH(R1gmP~{{E9@4GC)IxSQ8NEp~g}GD5 zejsY6{7KPL2+&;ujn2-oTN=}9lu@?Z3Spf0O65V(k=b#Pc`)~T^XF#gn|aFUCYtqU zQu&oPA8*xx;gPKTcFZ|uo-(?L=sR`CeSv5)JAk?c8f|wmR+)XuC?{?njhD*Qq3i?N z-P`Z8mG`t7Wt0=E>}gV&E}F_dm{)r9YqJZ?JY{qfcaCRDcdnGm^`gnX35chjM%xR;`prINloJ<;JWYd%WcC4l z$j5(ScCOi{jB+A9H%jGp(Ny-q+~m!#&CWCPl+hiLogPj+|0b1hc=K`J1aqf1-*5Su zR-=q=B0Jxe%FjfT*#UIFw|`!}Z&F4%5&kcv@`z|EJ76C6<}auxpEA0MuK!!9{KcD( zvjgT2-h6+3-lY5|$rITbp|jE$(PVZe=-?{~(4=U11KLfXeDcnx56UPfChz^Ea*${$ zgPZ{Mz_*Y5g#=?G_eLx@g_E**C7|JLoX84<=a;s=6`(Qrj&7WWIz?9KV ztew6fmAk$9IQw9}maCV#vtkr# zh)wv!*9RN!*8f`klMOQXXS{4?4SuvTIx;(;2EU`19aw|k)yod5!B6zEgKO}6d)Xm1 z_~~Bu>Kgp3y)53=ZPhUzGq4tby{@=}4f_>|+}G&og2bjW5S~j&j=>O=8iN>EqJ)~Ecr=Bep+-}PO)QAW;%1-C*kz1~vl(J+ zQz15l6Oxg-@Q5+7vk;TKN3pHl^Pz@O5%)T*fl8$E+cGc&`rG8S<$`GP0!43eD0&G|N>{yskcPJS znEWT_I@|(E&2=0*Q58tebs=b|xh}*eh8D@9(Hh$C<35jh`-Nj6R`k8CQ8DgBv0?|# zQA}LGacH~-x8-JiEo`;Akein@niB@$hvv*lY*6}@PEjlx(zUG@-WwGgcpJ6_XPJ#`e0_H)@>*bYDGoxgrWjnan-AS}bGZgAHi ztH}nU7PR+sPDf#=$p#{Yg`qA|NZxGkhHM@0lh6rU^`a^)DI1lYvwmG7ft_?5a+cT~ zBCesEHt7FZtd*+GHn{(-y4y}!|K<_==&3)OJY}9Are~;oB_KE&t-g_h1XUpEnNRC% z*mrqRPuK(P2NC3w2_o?uiT5eeU;DAq1&fc-*_icfvOQ~*@tMolnLKvf6+4ceTgUMa z3desdL*22V?l_|8-Y*gH{H|>tz!Kyb+oiUjkXlQ}E?Q$3(KFB3A(ghggT-Lt%!StP zm8#@4vX6Sg5O#pH3YxTYrOxeN6-}+uV@$kC4>7i)xb(v4+=>?#4JmIiCiWI$%-hwm zHzwyN{iumfPCwP5At1jN5*h}e7; z^JwR`s@~Rv-f0!~887OF{g7^EJ6%e5N@@#s*zbE$H|&3VQ5ANiD&WjfDymftrn!u2 zt@EK(V5y#+6<`}{TJbe~+Us_~Qjt84N{!MMA8;2ef!oRumZ+UBrJ@eev_>6>(y|8I z81Vnsn&v#EmG-a{!BRbIn)eD-D;j}H(-?+=&;Z_L0{A7YhV=>XntVD)$-F3)v{TJIu#z<)4<76($EyhXo z3>=22P;$V{CAe)eRHd0Y*$jQ&DLQL4b{Cyth?@q<*K@1t>p3Jvjamuhi#}VeG)CdI zHTD{<`ml*X8*Ahk?ZinQt?lGKxmsgfHJA`YSsIodBeI$)Q)*snuimrIn- zg&j3YmlVJ-2F%~#%~xUDyw+S;47#b7(mOq{3X4YvEOYuc@3aDYK|=*9HA|f0b6KA^Vy{`xaT=J z?H5q^vV?8`Q2K764f|lDHicgmIM_XQa*pd>DEwGL=Y`Ur8le=%k9YbGN@4TtQgORkC`07+)Z}*}uSd!$%Dy46EU=@}u*@_L8EZM05me34U7S|Tv zODeFmpPjE@i6oD!Qls=bCE0+mR|PE8k>4GqVHRN#+)n4~P+aaLDY-AUVuthGT-b=J}*@n{w z75KZ#<<|5M>OuvqPH|%AlGw|AVtZg~UQ~r8yQ8voc5{ak3AUG~gfqT54SPFrEi0y` z;USR~I@2@WN-Hd@su$YU@H%eW)CiJ=)ZnAxLTd0)&R8s$1|JQh|BFH*wU!o~7hSNY zOpE9nv`DInh-8}#&Bc9TXl`sMN-^~yuP?|h%j_C@%;r67hzNFkW2!H67@U&u6edi2 z3PYqMKZOaCNnFHW(u7cS+SwD+X4F{FY1IH zzq50a&q5tFN_$9ZcO764@S;xG!w2b7I;#M}zHUOJ6G~@FYST6BA79!Cq_o{0PHNG> ze!`17VGrBWq3lxSigPLaR6_FsyXs{PI0{!xY;;WN8c9tX_KSmnlDe#$q}Tv*!08tH1^NSl2l&4s01>NpBCi*rngmazz7X%+{hM9UZuwy}}o=f-HH zFZo8Qz|t}{bHX+@QYFzymAH|5QjJup(Mb3E2JV5~u3;oqYLwovi|bhy4eXD1ExKQ& zMyYc*4}|@#z7dk=s#2qLyau9Kgr%V!kP>ZeJ6^Cfm+8XZp)u!leaVlSo>5|VX&7FW z8l_hjKv-JeS)@b6 zU8%m%=KI2}epc;*rSg)UfH-vKGn0c;llmJVQ>EU>=y z>(Tg2oP#omtovVVQ#SBzM#(F$)_Ib~_D!2c&d`pABcFw#S1$u`Wgrz??gOunG z285;M9gq@@|2&?r={6P%EZxS%LWwEFfUtBM2c)#ncfig|#nO`;kP_z(vj|JKaX?C$ zRsaUvPAqebiHfy=`WerHs33g;VBq&uGIr<>O6#NJhiV87!<-LOCMqE=YWUHS8inw+}*B-QRiLDGGs+L*RBpK-f&(}bgZQ?|m=ql8eh)TWNA;j3b9Ukro-C22@#{NVYM}MROVFfp=<6kjp+Up0R9g%eb7bhRR`Kqvf)&)pA+*_jNS{V<*oe9r%Ol zhq;XT?=aOWm$70c>|7SkB)N>U33Ea&8!isl>O|6`NSu@slf3O9!xFLshCw?iVYh2- z?WB~h@+)eZ6~Ef!fnM2OS%W;p0VJxIiE3KIcdDG$sbw_ zvr#u2juU5qS&S2tlZLq?OXMT(+wklCJl;+7?cyheZc=fZdRMLqe~0gct*{SyQ8(=N zni}ks3A?+$nmETcW+}a<0EP)j%+XYdrgjylMCBS9o^I-ZRCRE7ptdx%!&0KPhiiDc zy3-DOyOV}BOb$BgNa!{y!njRD(6}{G=+i`@LlcF)grpVjX2aRbgrG{K36-zV&B$;M_R+*>Uu<%c38;KbL8}&yRvsof8p-hG>OuKLXl9$T2$9 zDLUHT*V1QC&r@bxS#O7>P4kmtn1j@bayS?3eRR>H2UU9e;J#ldR?4bH&3CZfVEb0W z4)aFZ4+eri%uuhb>zHU=q3Dy_uXMr&(}D90$j<6(Njog2-lhdq{$R^-S~)Qsav5t@ zP93=n-zh_(ba`vcy(bIUtJgmSQmy7 z)`i1`Xx(Vbg;9)78V2d4VU$i9hUuhXoK6}B>ZHR(YFiv(JDVtsv0)>GRyI)>or%KG zOccgtqOzdQQ}3%^{!n;pv8IQmm)e{W247bV!>U`A`5** ztgChelujCk>7-$tP8tU4 zq{BsOJK$lMCJJLTQ5c|!!stvChGwELE)$gn#pR_7J&emq!_b_R=o(haHdllJI&2uD zlZIhBX<|`qcFW>F%8#n6d=PE0*Gpv2H(Yw5e{v#DWm}xe zXc@dr9vLq-p72bEGf`~2JGLDyVzFJ+>iM(n`hOU@lZMedX;=X#4ZB)c2iDW8M(kO` z8|~6~3>j^;b7NcCqZd2m2ExDw8PHB07aEPn!XQa70VReEkZ%{0+zz2AJVcKp7 zg>}0`GZnXqlKw+b!aor1LD@bIY+*X#f0Ua2Rib0<64uWgT==xB%MCjCsDzKD4u;jl z4fC1R0OO0LZz9-+-M0-F)^NmKf<*0O^PQMq=*@S=hC0JIr|AX__iplyG;ZG9sAIW| zTQuzbBaIx9EWV?_=*Q4m1lu~hbsRBzi z95AeilZI6hR+ZU9)JZ8V@^^hIuvbY`-!`K_Dx7wh3?~iKk=%C++se+_B!fDdD6F7~ z!rJ91MM`ic3L`U77?z2ir$(Y*xpag9J1M7O?!`GNHKAFYloBmto1?I_%Mgv^SNfUyGh+DLqO0QEh=9=(t_5HFH_69HN zhW&Rh>V(}aQU2rB5j9FJes8WbtZL%aMU@zjuHuxaoV5llJ=X!lsyb=9JCFmK+F>ct z+S}If;TUi>!+Ix2CpD)+`5@D|km)qe9xInUZ3{c>6I|4<}@51RA}h2P^PubX-EVa z+NQ1c_Bn{IBX}5Kq9AOiQ)Zaj;DM#(^R4qREvfDF;anW&qw5YUfGWde@SrIaqqabi znzIT|ZKq>~dRZqAt7W1vG_>X^`s9L|e%W9;v;*Y9q3ke9dFaj7Sg?Q8@X4RLY4cAm z@`#!NVTTYBol<4bN4^(epk`cFC5AF7G z-yGerH+fMNmd49>S=afdWInMoLp)NVQAk|>sScQ!Mq)^0g}&P1gPa|AquFtvnH^3F z&uANDwKvoq8%orxJGLF2w6HyGNZU;r>WPEwi48?*3nR+UhW7fk`pxCgV&k#UbmOrw zqtv$O7O4reOsk??CC{St)&|p|9Uz|`$_`4}YR*6G1gq6$=AK=pw6`=2h;B&rOr6=P z!eY~wh_D#U%~xxb3iH*_EM@)H&CFL|v1xnFuo!gH9Hqj1v^<(2`-g~H1z}$;k;?>e zgmiMD2z#Qw(KNK;fnKo!i(+C)jaz)=xAWnT@s?U)PxGSLu!krryN?9>djB!00qjTg zByXt$mZft`wt7U3!W3`5w1*IHW9<8T^X=rF?}FJXg8+~4#@nL+B}f^^qD{=OoHMP@ zz`o8Kk0!7_8Nb;_IS2M$FFGCeXA+IJPxp*DVp@&zSUG6P&ON^-j3-Zv17y!X`D0>Q zrO)@htdGJj80j!0veRJsV3W1ZNdNVw2MQeQuf3=P_Kyow?L80Z=W_+cMt`$xs{^%?8Vu$Z=?2utjS3T=l`T8(3^sMDauH|K0xrqev`TfQ0_ ziY8zTp*) z^;v0!UFthW7o8Y`cHzM%Cdj;rV5xG#9p6OynSvde&Gbn`J(q=H{zBpXst6OdsBaHp zV#%)CLPH}p7|LX1*jN&cl41mDh{sL!19@Ky^_Zu>o;biiKdMHSe0NYs*@ zy{<-qDDCPZ^qRQfz~OD)dPl4kE%nhNw!B}#pW!XFoh6pgY)J!KMA;Vmi_&_a3>{L~ zhJAw%Mr(b%tO@S*w@C;QX= zBpyxu_bNW1)_NtBJ}SvU;)k zD%OhTt1!&GUlAvtnzJ+23ltxr*`gP=h_W^I7p3(-l#UuZLoVt zw4+^8H1;dP*|$)ECBl}hZ$>SQu`UdANxx|9S2Xxg{fZUi3;ohAN&w9R)cVhwW#<2O z&9j(C9)^bgCw)EVz~1jg71*CjRG+UX;Myjq&}(A8!eO!WofB(C{R%B&%lj4lmwlYA zUlmJe)~{fTC|hHHQCitZ!(Q%19YpX=FKUDRp+w<)ML3%a6<8vyccC!GWWU-e zScT?`Ir=aS}*GOq}YS}XGPj!5A~vs!^F<^qITGCdC^?hUwTmo?8xHV53sv? zQ3vdv64e)s;g}kDeTEUXPvO8N@Op87*V6Jy1>Db%RIN$nS1)&-c&$g$NH>w zlUu%6Wm|A0a;C3*H(C2`A%Z0@Rtebcd_Fp1CwNg6wn)*yh-jroieBb}ufU$@O?APZ zB9XhKq%^kxmbCyjZM_VOR&FbPg~(LJvyYFf74|AGimrzD)uGcpB${vz*P)pTIyG#M z5~f`=|B7i?vk+tR{`IRvkd;GRVn1tv+%S0UybXJc4kaG{Jwu0_N&$U4FTh^l zap%X~0AqlxcZPKV!mMKzfyISQQ?M9f0t&5hyl95_D&n1r_`Ra3M=L{&eZg+?Qs*pc zvJjhS3I^^Sa%twal$i^$i7%HvE;GmZc_7**`zw_bq$RWF8L2`sH&6SBSCvKC-l= zxk7BBxgL#k^(!*Xz_sK-j3^Hbn3-B2jPe$I<3u(x_qw1}bEA$H1ifbKj6TlBXBVih1HR52 zBajImV*#o16Qgz}LwHF34iC^Bs?nHi&E{-$UpB3V1ocGD?w8U-qKTda1|28-6D zY|SKopJ!X3qg-Q7oH^ARcJi7@qbEl-!)UWPN1sT>+e^fqS3VOovBoi?+}~q{iB{o9 zLDP6RADJCjius|kHQJn>ZEZmr-9)0dNTu1FP*3cP%w|R5fqBG-x7vE*v>Ih}6J2E& zJ)|+&Kdf=OjCca%r5@4>iu#+!dfAB*z`7 zdK~5J6W#0ta;S&Qfkn$Eox4NJ8G6mu8GW1;6YW}GXO0ob1V0&DK&6uo8Nx$y(gC!; zs%?|bBiZNy>q$sZPi)`w=;Lgkv#2Kl>F|&$ELt|{?88*EW(-_D>5Q>SXP?BRgVAPl zjy{o$w`c#{Tv1H)93#s8J!Y6_%O)Kf59g^#2h6d`R{l`pDr*bM=#I#uL=)!%pXk=G zuX3o_w4E!{mxx-2dP6iZ0eXwC!r4}dX*J3yC#t}qD}5EBhZ2EY<{_=HXxYRxF046f z&DI=!d=(SZxqgsxj5us!8mF;YfWp84-&~|Len9}BPY7gVbc-9KNKjAgE__Q$KlK@l zk_zM=52?bUWn**(BXi9-xO|L`voSg&F-9@kY|7CmlJOZ?EXF9uh;o0A87A7YF-jgc z`b^9XTMWn-Jfs4PmYpXyg=!gk&E^AroQ==USJz`TM~V$ShOTd--$JjQT>Y>Tk`)T4P`@yu}7^^i&Ze2eeXHj z>NBlI8QsM6^^8=;j&vi+o;(SM7Le^dq!kt|J16X3rq*mThHi^t3Yw;dMo~`%@&*s7 z!lGp-+Cv%NYj%grPqe$+iT2RMi58>HW(0jA8K2QLixVx!h;o0A87A7YS%cK#Jax_i zbFi{C+MKSlE>0QU#FWr3m4!ahQ3nJv$3uEx(Xw;S1C8gLp&KS2AE|TBwrS-(EOE{u z+GZOWeX3Y=`*nT+%Q32dabvfqCt63`whD3T-8L6gna}Jm{`QEe2>NBlI z8QsM6wN@(YeAkGswtzI-9^@E1$vGa-N?(Pw_5+A%HOeR_2Eav9`H-(dGys5H;vt=| zXg%!~UE93enz-!?tq+WvJlQq(%&9DFC;knVe0Fg{*G*oxge%3#^+n(LS-k8cU(Gf- z`Xsp+g8b%WVvS=ozz!ogJJnP1|I3Cbn*YUtxUt{+KQm2`1(=v~Cnz0@I zX~#{Nu-BAXQ+IpC%P0PQgke!76Hu4Cj4@Hz?k7-7;?SFjYiwIHmA7rv%J*9>Z~HXn z?XpK!jGi_#y4FnBBClLfiNA}+*C;Db{@+EElm9MT+}g9`?idq9v*!%-nN?C7)f{8S zdAfzo?2>_0bisejJcA~{^3ER*+JDSE&p!L?ODC3fF%5|DWR*JY{A1?PZLaVPwH4ufMr`Zdxy^*c6{(M{a3xmhY-5KUc(eM85Jmke}=yE;IcohBcW zi$94bHobr}>*6mmJ+{RKpSZ6M8uC!maSqT1t?k*Pj2(G4abyL(9VAR3Tn+XsDI6t|0t=SaeCM_Zzs z8XRDDROqAa3OwIurHpQ(%MD27oTApS7kg2ZE3^to^sFC{W^;u;(Tumob`!{IzZt|a z!YJ}tV8VRmfHa!{^l`B@<7kP(In##~?e79< zHY`ljK*^yBXu0ATZ5OopLt>QA_VKmBVsDH=FWX{QE75u415)~!SB@$N1Wb;!s|xE7szisBzjf_ zNV6G39~a~Ot7D4$JYiS*ABD5aD0d`rJ2HgW@_Cz-|MS$5uwaaJK ze6O7{x{0UYj+M&sJ~6GZ9bObY^MFyOJLK|QfHe@IGy^f`-WDj<(| zNE<9#lg;HwcA)$HUbNkeG23j`(I=K-P_u}iSmPLR&a|ON)`y9=?Ce4V z;yyKpg88{J#v}8T(M>!u|36Y`HY?N=JET#N{Pqgp_((WNu zShQ^7xmf8g9H7^1ozcfxG1(Rq561|kcx2uJDxG-95FU~f51^w|ZJT&5b`uX0)Dw$^ z`BGZpa~Aa^AZK|<8!TEj@myRC>F8Oy%{k}ozWqno(POQdUjvZE6Lhnh{?`(^q%QR`IkWAlKn^i?>! z{cmsDF3aoH3_BN9MriURYW%GzjioKI1d(M_B(M(G7zFZC~e zi@G|H9XzBJ7Ol7BU7d!=+hN!S%DYYCiHRmO^FEz;sFA3fZE*CdYBA7Q?oO<6j5J)@ zIMDu2(^1x&=$h0nwUh;usl7+rdyCgvZ=#HDVuVkV%Hc&*FDL3I;UQCv{Ez7r&HIP7KlGq*C=sjW%+zV##2Uv4WP-<7K&59Rng9>Uvk{=9RPB7R zy#46>)*=$r^B3O*fAgiZ+~+J>oB>(vAziR&+1cpgVzRq<(AmiPjxCo{XCn+Zn|Jhy zrday$Qh|vzjuGjB#dZ4d5tq#$G$H|{&PHHPQ`Yh;_56kiWpoo)>gP)3{XXGQvjJJ> zAsw)2+1cpg#TI;_nt7j2oQ;UO*#<|SsulySxJSb=(r{_xKx;S~ZF{BE z8@8gShlzCQDChN^kQhP@ee$3j0Sn>2+ouLXc!u%Y?5H~ zlIP?~0MNC5h+R;hB`Bkum?iF#%8!fj6RZ?6Am8_pE?Bh2k1E}*&v)@B=NtI;FuvWG zpu6UUVw)|wzn|Z8NS&6pRWH9CGP!=spz(?PzoS_4*vQMETOICz%bx2XmbQx$f^Y^Bn*S>4*&=||M zwxy~%?6z^(cebVvSo@aUonsnl_Dq95bI*8tC7P>BvFhg-^U}*lf!T^)`H%VO6)#WD zl|u~*KfC{9etKTV{6FR=`%#4bD#8XSx8a`K{G^0Nk883>Wx7dS|Ddu|JF2 zf)jRoRXE>?6I*yd?-{QbWd%sHRYsq9iVGF0KC#9z!pL_(x7Q|Jfhxjw+}^6rzP?GL z8#_Rn4St49^YyR9a}+=h@liz25CVCwQQ)F@Dyg^&6efqH;5&K!0_atWJ%6Gt|0Mur zloQoHK`NcT+EMa>@R7O11DHUX%?$duDDIE>AKXV14Q+{TYN7#ij89Boeczlix`}=B z)1E~WKsveO4@Q`R*4M?*YKpz*y7Cl=( z@vo^k8KIjR5MaKm(7D%38QsKY;;*IhC(+b^0P`DfzOTM{Px%j$+gq+-F=wyn4x3`6 z9!c9lbO=bZd7duQZ}2Xn6DN=ZJtTVB0+8n#1ulx^L~$c5OwRENXPyr$y7eAHlD`N5 z)NJhN6G!p5$WXrsAm3;wM>wE2s)~7M&2J@BMmcdS`An&tFPd!5inc&!R7p9rz5JtC`mL(x6A@2Gi-`gEa1h7!L7{z9bH z9&1HE2BS;9N7{LV!hh7u4yeJ?Wo(7~I`y%lFT~$Ki>op>4l4R}4z;Aur@p{O{=nMI zfANy=43Yp{u{EGeBM_B6!4Is-bHx6e?1%?{T;>Z zBziap0y<0OBSnu9T`d}tt5vU0iryyros#-)EB+n&tv)~ey+Xg~dr9=by^HK_;a?;i zcz)R##=m77@vo5G6GgFmpUR>ABTDdJDZyj6RmZEM)E_^aC4X47EFVACaqy3*JgOvr z+lpVO{`fBK7hNIxC(#A!#{(t(`Fqm;f#|)WZw~BnKOxL-nf?Q^!zX6@WG~bor?@7G zP7$4667MaVtnU&%UuU7KL__;8lYGAb_t_HsIGwNfX6PO&A0o{t3yS5^Z^ri+BgoF#ai$?=3o0^w1Lgsgj>2 z+AF%O1b?UI;k!h?C;Eeu`T6&fKOy?xqJI?~t@)ByCx`V3^-dRlfoO=|Me^N6d3EvB z68vi--z55Z(c4S#-$3?Fby|D!U1<5yxeogf55zD4Js z+eORHXCDa8d)KSXgG09lb~w*oS8~2;*4~o8u|3YSVgC6*beAsm*?2fh3feWSAMFmVtld8@JE1=E@lDp} z2H9;^f0Ojb2L9KpoGFjHmgEy0`3F~)|BGbzJ)-Xuy-W0Jwd2;>L+@MCzgP4j(O--H zUNp@AKJxb}(E~);XgXfyR?$$uPkH&6=mya(T5tWg=q_Af2L`?%{DY!b3y=Ot>6PiD z_jBq0MwIpCGb(Ravi_SP`9Y$Giykjp5uGg>grBWfeD4%}x9CSiLp<{9bo>s{J4IK$ z*lDa64fWCcSK&WfV&|KZhx+@DbCQ11Eux*{L!>JoxsCY02)~CmQZ|d0*#|dCxM`xV z7JZ%Q(V}6Lt0Z47dYw!2mWWt-v>oE@9H%0KTG~r$=@!r|4RG>4$hRF_m$WiPJgBR z4T!E6y+Sl_mpvl+??wMhv_n;xQHqpC9$xEv~=|g*vm#{s;dLF5K zT_Z|+h4J8jq5O8JJ<9xFs(L+N{uli(`=6nD&k_yuO~2dPe0Hk6=7}y8T_UZS{wpPsrYlqTdz`+k2e+?Jhb|bf)NGqDP5_`s8V@@^yL8Uc>c|(B2O;Zhs{D zQ_<~YKg3@m`K6*)hm=men*NvSNrp2V5MlE=-3kbzmohn zqFY4&3|{+GEuyPL`$f+cT`&4BQ9eQw*5}VU{@7)NN9sPy zc+oN1S9z!Cw?!W)*>3^=LLFxxW!-bsU-lgJPn15-S@NJ_m{01xuj;>_=uFWNUxwQt z{B5FN5+#pUDxR&icg=IuKUew}ioRbo^j{YDcZJ_1dT)t-8SYKGztt&vx+r;{27w>iLMbX!y|vMa94=(6x*j&F56$;TD_f1_5-(8|8t7t7STII!~B-v%KZOT zcE%{a9YxFV$fpSRI?v<#2@c;Tv|vqhJPo+TRAe{1!4G>?7O zQ(2e>28Xk^LUHt$#6z4RZfpJDBfIyD{#^8zCH}TkJ;sUdF1lw){l;!1zRd3aCH6m} ze11~&2GP$1d8UZ`W(mF`dbjBJL^p|sB*fh>z(XN0kpD{MM?`-ox<&LE(U1(M7vixq zLe~qsh)(AEAy7cRkB%QG`dU%0hmI=I4{;|7H@gIXq2w2dzDx9y5_}o%$`brXCI5uz zO`o`XP=_MeQklo(JN?S)qQ28<5_`q9GnT({y}4(U~Q9KGziDUM+n1k)#tO zKe@ynA5#Ly^SP%BzeM!R5`Azy&jgNohxH{7@0Gm|h<>cZK60LCx(w*>4$6k58oVX_hcvVx~f@ZmmJh!1g(NzcE`H&DPYuZVtB_&!$m{=5XXyNt0j2kr|S4=qU_J{Qc_+w8TuPeFT`VKmHhC!%5zjcSM+V7 zmx%JN$k5(!c0zoa-4DqR@0{etd7(b?YlOd6^g7WSMQ;)1`C48K6WSZjPKXcf@-C89G#4;P&!dZcJ*FU0X)j?NN%_~MNo z;dtRjXrKFBA?{4+@g5A`#u4fxUoZUIL@yHMg%@Ez`J|4A_K=tLqYxkVt4*@YODaPA zuXX%)qT$OHLVOwSY3YyD{__r^p+53)I=-9eo}#=U;nga?R+L}(hxYc;@u{Mr9`_}< zAJHisKa3CU;pdIQ9W9ET5Fg?~Km5R+*9(OD$hog^p8Ty7<)`u7SKzsJ?q`JdLObD4 z>_hy|v@bnQ`=7J5@5t}ULi|wWmTW|JcVgeBB^#M>U%yemC2PqxC9Zp0vQgQg>Q965 z+hsf_Jy>q9{!Z-Qwq)C9o0IY}+3kt_)t2l9*%^uFWLvTwvP+ZlvDwDNbE+-&(DkOI z{6*QO`Hhh~z9ri++nkiYID33)3O_E}bXH2fQ?~hnNzs9pY<%`eQoeJxB`KefJ(ZO2 zl0C34W#1kWTc48emR*;W@1AW;%6VF4a1~mz^usSLS^A-*mTb?#22^Uv(hqI6WD`s9 z>4#ohvPltsgh@tak3Ab6$RFPxk;Qq=YdSK~Px2b&@^QiQ)6*rN7s!vQ+b{B&$C3ZF z+rJTsc0bqTx&5mHI~UdQasRp2Gf+ zlDa(ZSNZW&z53;M{cD|toAkSa^^$Km%*nr_`122=QcYcbwND zpW)=ZFW?r*=V|D5xx-n$&!5|0rF=3SKOp%G$>l!Ff45r4YpDLv%K6`ulDAH(7qkCz zBpYe<7?JIkZCLLPXuBeNnaOiI*)#|IAK~+M%jH*3ae^yk|4_;2DIQKsC(3>}zs(kY z(gDs6pO9UOokN`bKG|O*`MCX^yi@Y`NPe}ZvfJI^?1PeTt~!B+L3Wkola!zRgue;7 z>>MunM#*Qr!U;YkzxjT2J#dand4~r9j9?ezdA|sdCJehF5K)?$+MH4 z;0$%3UX$~TrJ!~4<`Vhkb-B$OI#pdJrE5#@cL;yAo-^J-_d_Eraye)R7Nxo6`x!;oa>+xBD$oBc{3e~hm`|=P!GA&cR{icJpHK6@Z`a#Zm6C5%KAEpBl>AcRk-yvIXO+ocP{O)7&l$|#U&+oO~Wb;M-cZ%ejf_~U-a%?)J`#-0kngvp>Xj|* z8|WWcy?F8Tg;`I}2}ic|oOFD9wWlXr)Z5p)WNH6EZ(q;A@}7muR<7vnH^icqJxi9Y zTrhuG&!T~qef>T2SFgzyu3WxqS?@saqUop^%_~;yS%@5pr^lg;q-%M&O9tz zymZ+zD=k@WmU{-y=*w~oOD)DT=J%g5ebxNFf$1}|1-yZ5iOl&@H{te1MZwmhqMtrx6bm7DR! zdRtoy&0n6aS=r}mn=Lrxpk=))GHc(}eZ4(zUb@QHv<|PQq{kv!oma`4e(}=2{sA&o zZ>rv&{((MgFLzvBBkMV8&M8NneEgB#dp#l6qP^ZhPtUQZbo3m3oLcX=quQ)q)sv5; z9gjWfO>aEnq@Fh&b4>fu)t>4RZ#?Pfo@~YH<$1gdSFTcf+32zUQUqZRX3aYGq~qUs zWX}Q9514*%wn}Z~8fNe@HJz)6<MC=(w>C_YqFl>t0(sqBi7>0$7^-| z0&59pZt0@>V6d^52et@l&pEw)OBb(oMtZGf=KCZ0*a_f+(D{JQBeMVp2i9Y`pTF>| zo`q+e)w6j1(q+ZbgS>I)Rs*>JS^)$%M(qzz(fRuI^ekL6KcD*R(@qdePyZ?#q63TLHp`~>uU$Sce}U0~ zK1a`hTd{JWclweQtEVqmy>!{4{gy7u>ZLp%+4MzgSD2=w1AXp@^^pFhD_0CE^w_b! z-evQ11#zpE4P?{v=_Q+P?DQoojTz`&WB=DX`t-h)_0ciC_Y9q@&RAqdC^=Pk(sCN` zXD&3DxtYIw=|YQP7OAZta>)x6@F5;xbw9g4Ih*Z~lrU)-Eb8U9os2{QLzA z`g+fyv~1~$UUq53I8T z_P38C{(tnLKe8i@@%#G{>z&GVUeht?L4RrDMt%18u3PW$jB{5i#xLbZjLB_Lf3A}^ zu6GFhxRUb)pVQylzufO%8cL ziGS=IBK^T$Y_4A55O*F9GVMSA{lH*^!#$91(B^-yafJUv>`r!oz5^zw*Z$V&s~Y}L tsGpbR$zyWn0lj#T_fF<%oM->&kM!$&eogrw_bX@hgPfQQm;Z(S|6lkJ>xcjV literal 0 HcmV?d00001 diff --git a/authentication/authentication-internal-service/src/main/java/io/mosip/authentication/internal/service/InternalAuthenticationApplication.java b/authentication/authentication-internal-service/src/main/java/io/mosip/authentication/internal/service/InternalAuthenticationApplication.java index 169c4a4feb6..808ad5a3ffd 100644 --- a/authentication/authentication-internal-service/src/main/java/io/mosip/authentication/internal/service/InternalAuthenticationApplication.java +++ b/authentication/authentication-internal-service/src/main/java/io/mosip/authentication/internal/service/InternalAuthenticationApplication.java @@ -31,6 +31,7 @@ import io.mosip.authentication.common.service.impl.KeyBindedTokenAuthServiceImpl; import io.mosip.authentication.common.service.impl.OTPAuthServiceImpl; import io.mosip.authentication.common.service.impl.OTPServiceImpl; +import io.mosip.authentication.common.service.impl.PasswordAuthServiceImpl; import io.mosip.authentication.common.service.impl.hotlist.HotlistServiceImpl; import io.mosip.authentication.common.service.impl.idevent.CredentialStoreServiceImpl; import io.mosip.authentication.common.service.impl.idevent.IdChangeEventHandlerServiceImpl; @@ -46,6 +47,7 @@ import io.mosip.authentication.common.service.integration.NotificationManager; import io.mosip.authentication.common.service.integration.OTPManager; import io.mosip.authentication.common.service.integration.PartnerServiceManager; +import io.mosip.authentication.common.service.integration.PasswordComparator; import io.mosip.authentication.common.service.integration.TokenIdManager; import io.mosip.authentication.common.service.util.BioMatcherUtil; import io.mosip.authentication.common.service.util.EnvUtil; @@ -135,7 +137,8 @@ io.mosip.kernel.keymanagerservice.dto.AuthorizedRolesDTO.class, io.mosip.kernel.partnercertservice.dto.AuthorizedRolesDTO.class, io.mosip.kernel.signature.dto.AuthorizedRolesDTO.class, - EnvUtil.class, KeyBindedTokenMatcherUtil.class, HSMHealthCheck.class, PrivateKeyDecryptorHelper.class }) + EnvUtil.class, KeyBindedTokenMatcherUtil.class, HSMHealthCheck.class, PrivateKeyDecryptorHelper.class, + PasswordAuthServiceImpl.class, PasswordComparator.class }) @ComponentScan(basePackages = { "io.mosip.authentication.internal.service.*", "${mosip.auth.adapter.impl.basepackage}", "io.mosip.kernel.core.logger.config", "io.mosip.authentication.common.service.config" }, excludeFilters = @ComponentScan.Filter(type = FilterType.REGEX, pattern = { diff --git a/authentication/authentication-otp-service/Dockerfile b/authentication/authentication-otp-service/Dockerfile index 9228889b97c..8744dbba1b6 100644 --- a/authentication/authentication-otp-service/Dockerfile +++ b/authentication/authentication-otp-service/Dockerfile @@ -91,6 +91,8 @@ ENV current_module_env=authentication-otp-service ADD configure_start.sh configure_start.sh +ADD ./lib/* "${loader_path_env}"/ + RUN chmod +x configure_start.sh ADD target/${current_module_env}-*.jar ${current_module_env}.jar diff --git a/authentication/authentication-otp-service/lib/libargon2.so b/authentication/authentication-otp-service/lib/libargon2.so new file mode 100755 index 0000000000000000000000000000000000000000..bf8cad86215db71654f7a78677f67f88ffd5d3df GIT binary patch literal 194040 zcmeFadwf*Y)i-|5OfF|a$eBRIps0h6kjTXhpeBNlArmZ$xiZ#+1Wxh5uUz?dP8n&2KiH3^c zDoF_l`P*cscMhE*Lxj^&c0 zR+82aPLX=q9GP;u19*qkYgymhn_p{{NqaGVz45yYzsvD+;K!#gepd=ef-Oi=Km7We z@hpVd_zlJ{;oU!6J}I}{{_f#^KR&SYXj(x-#xFlOIyyaNYU|ohN-QmJ1dpff`SHX) zea;N-`PNszSbWz@vzrPEKRWc;Eh+a+YrMN|?9jS$b?uwGysQ3x;t|id%lD^@*w*&S zR~7x#E5`40ul`llC(rMA^_7#CZNGQUAI;*s46Kq(D(l`cX)U5XI-*2u5Zbvb{2f1l z?}J>9F8C~lg1X}KOVDNcF+|c6x*ddum3=~-XGxe$`8Zj%xfMM{RP+Nv2TgiAI}V;Q)Q1nn>(PZB29a); zGNt+&2gzd3$0i@q0fCLy_ctc}rcU(hP5NV*28$^DQbB+51^gx8DSyqS2L0n^$-5B} zzsjuFl_uVA@_(fh|7T2mb0_?*QTk5$y1~S+F!9MI|6iE+dXrBSUv0|MtQv&(nDkeh z^ra@BsGQ*_eJ8!VYSOoK;{TjU@1TRkb1T|~&!nh4CV#f0cqUJtHD})3$(2=8=2uOg zEKQz0cXpLDc_spBvbUsY^7I+=XUv*iSv6yRNl`)hyty+)GF~dxrJ(=l~XUv^8Z~Bbs9g*{= zEHn|*yP`6Y?Nqb7B#UC(>84Mnyhd$i$HVanlNZdGKYQi_amgk|Le%#GzY=wgC) zh@$Kc@n|%T>+A~)isgzUn>=Iw{CV>y&zVtKIb~L~@uJN}ai+yuxN-(80hDZNYD221 zDw{uJ3Mz-cRWoAI`{vD_8;i_X1p7hF=1!YaK~+{jy;UL%(+@iEtG;BmjkA`Q%zh=K#KmShlBFje{}rZD zNzxl8uBtcb6Q%WLJY)83jOYncvl%z|Sz`R6^U3HuaFyvlLgu_NiZ3|+Q?=m=5g)=hRT?f8@oN~T%EHAWekJ2nNjP7`FJYWrA)F)PJs78I!VVEn zVVq4Lwu`uhaW;8a67e%XMx0F@K6W06tG{KOT`1fl;s+RK*9kX^_$7$XToJkY8WC#2 zo5BFJU?PJFT6UYJf1~-^(iU8V=HFLgG{5bhNXtz13Xde+)5unyIas}-7A&EX;7xxP z`LBD{$bX*s8_rub{g~De8l}k_we9DtGQsRslUb_4%*fxFU(HQ-fsa((U-RFz3>hGj z{!LY?7PyJ>h6+)`kcL0^Y)s4nLOyY!Jl?qw+CNIF?iRiml!n|WKie!nOqP-6dqn&D zBXU*2{A_>3Qr$-jUeq1)YqW)mpzf5Wde(t`4XP=*>H(qtpxJYqpgD^mMnn8&1OI6U z{DkrPNlpJA<~(t_7D%`{3%oSli1qvnt-$(a3 z9eGVaFzXn+%dX=+}1{v+%ym}u(#TR(a8A7@iSm`{5&=+{o*~U;$aH`ARX7|sl zb+!PbE?X^Pjq0*@gje|9x`w8$E_EX6)+3PCt?vpoLnb&6P2Zr_K8F-k7DalTj)1{O z3!r#kAi?Papg^Ds5B^kvLL;!q7pxMrcIJJ}sUYy_t@FA=_mN0ly;@fTWKrGMRcV?|9r*P9 zq4$wgRCl;4Tl2r|#DqeUsxA*aCPdR9A~8PwTOX9yI8rF@N2bP~fQO+@KRpwPxazgQ z6G9hIeTGoIS{DQ_?UD6V+1>ZJC%Nx&-|L>-xWdQ|6@+d#Is6AWpv?}xWpcie_*mIT zL)Vye^Fg=f3tGqHu%|T;JaTZ^iZ!PZh8N?H(J$AWW4ydQet_{w_!D{r3|64y*zfCk zpB$-j=0|_`Nr1FaI#|MBwZ@q%;{1_Gf1hMfky2291#W`6lm9a4$+0v4SED();1BMd z`1_;OUGled!T+{sjxP9HF5rJvl)58-*QxMkG$|U>@TY5O6XDec3jS)X80r2Pi=$_1 z`nmC%enQ{HwhaZ4L}M!ep(jv?LH8jTUA)-qbx~e}UuYp98>RpE}W~cv%j+4{t!&-e1Ld z@h*5oVxtD#V%(_VaV~Pz`|{4H%jk!-Ixsn>)}{gW>ZiQ=hi?7-(9NgFyKzkm`1ta^ zUwA*qEBI;rl+b38__0iK_+v2ego|!g%1=opE_>T7U9pUhIasK2@k$;zgfz z{Y_W-BUh=*O6VIG)=qJ&x1)T?o#H8-;_02@nVsT&JH@Z*6wm4u-_t2BkL@T=-%fFFr+DZ3 zPwABYK&SZQo#M}Qioe{ceO~Vrf3s8ktxoZG{>6Cb`uw<)Jim+QC;WvjoP|f<#@V&& zl)e)_fD6V#ePihUZ`nDULPHUH^oUnqADWnlx%5%5ygqabAWR4K&%MF&f%ecSL_PXZ zcn(eeM@UA@t8eh=t={0IK~m^=t|YySDLRnreezeKbY{j1RFikdb?kOmCe{b}>gtW! zo3i<6`e{vld7TzqqG0?{CwxPe0PYQ>BKmRo{FnB!i}L=!r+cEIzh%DDr^3FyC-kU{BJyY zdkcaIJ*!f*r?f!EM$MJcba$hxK3b2ABw&(3t!Ou~qSc4)#!SuqRt*b#BOiYS=&CPt z?KrqB>L0v%GuJZ>THUFt;ac71>V8^aOev--+yxlo(>KDiN1C;OmGMhl_24Pm-K%f+ z>6nmct;fB24OLs#(8=E2xWWfh*mR60VLiAN^Uy%zfvFD3UECi~F$FeetBwI~g( z0}xA$walsM+ak@F*RIdxIxCR)BT%4_G>mLjwuA4Q{7;zmij9hyN{3Og)~Nu2nS5PD zt^JN{>o6F8r`Co5djhv)`e;b!3IkXPzELBJ-LL6i`GS);z-@w_Q@p{~BneBT6WSld ztg#@t*cS2R?W!z-TzVTOX$Dn>LQ_El@~ZsI@POx_pKu4$Z)528_PO%37`a4<nc(pbMrwP>zXN*J@p z@LjNxwJaP)6&j5tWZ=M&0JBivqW#20cn7T!4xqu@*HErkDyr>o%)TG-PiI_eWZX`qOP| zfra?pY1aayLT5)vQYbk~m^OTEqp)u)CKrJ_`_%1FYun(f;`SKyb6}9^U*eF}+Dazr zAFhS!B|XE*UoIqBW zdi1u!<=8;ks0B0f3-wc4!#;=B4bCArqR|`7_)ycY@#*uiGc#Y&g4Z2_xrLhgF>BS+ zg>VTDcW?}h>mR;gd80CO1^WvYMoMTWXnc8xtB<_%Iogy4EFYw`?GK%X>(fJYFmc0_ zTmRTI;33F(W?|;Rtakeg#OhHA+1ns_V`!04{MQGcb7KkS_Mb~o>&`+hKbk{kn+z{Z zRUiEv7|dep0=K3%B{JfjV?6YAj z<4mZ>aJ1TlK6yLm?{&l1xc%o7syF!)oH8~SP{91Zvj%YR?VAy6_M@hatZFY*QF!?9 zML>1%zx0O>L3bK<0M*(D0Qr|FR&^jBbiwj#US#yLH7ULU)6r|n#p`K#gSeRRPO0Ath zD%diqYQR|v+=@X{t>qT!8rVY&Z~9G%{~An>A{dXw##v*#J*>gZ9{AY)?i!4p z9pV`8I>f*36#t5GLsMd(uW=1FE+~dkzqs8&djiD0qfgvY58fO&S3Mi_2-}HUmR|k5 zS3g4~}U&#|rP(ObNMBFU}3T$su63%yR(f*v_; z{L=CcsE>-JI6N`NFRPlKV2K;L4#pP(vyfs1Jd6U|fx=9)g!OQeU6+BZ_8-yO?8WAOQFD@PNfSz?1+wGRUv8!y^5s820`u}#Mq z7eBrY16Q;BF4MUU7rF$!s$Jil1SP`hRwo%d>)~!_fVlaM*xB_TDvr~d*vuAwdK>Bs z2AEH&wT*R>+M~Z_lmjgyQA##*3K%#SY$jK}nL ze`o@5rwS@$weBlwt01dA-_dA|Tt+^Jm{$kJW7GU-=rU0XcFm)u#Hg(Xbq=Z11LJc^ zeG~&SO0iVW4isozfod3UxCU@;O(J40-s5IIFa3FFC1Qb_gTTYiFfS-eIM@G z`~8-?IeXXM-2UjkmzLa~b{iKQ-}{0$O~f3>`=+w_?Gv;1+3thwOoSvItVIKYyY!gC zFLt6SJUC+rV44O%1Axf_4jceL7dUYM;2=;60IkebOW@`l0u=y6_C)~lHE5;=f&)fV z8RrjxiwW}p0`Nq_PZ@BjZ)oL2UtnC07PwXm+=|j`ovVzbGGAZ}PEMvde1ZG3e1W@B zMy>OCBMoIP$<&69&-dw%83#F72^HxdkmMDEWRbS^it>>I9xF?HS{qskSzdJ3BgOm1 z@IP&-t^4aN94$QN+ysmdd77CA;Tnc(?tjPq{R?~iS7<|VQ1;gG>o1#pBxXsAc-bw#dSw^%(QHPhShK_<%Gn$JTl zdy#xhkZl6Pb(;LS7U<&ywRby~=iiUDF8&%EXF0TnMzGma>v}8k(YpbE!{Y+?J zvo#3Az&_=xn4mI!`+8qqn_9O+tn8p@N|t#-eOQ1#XQtWaMp?5h*&CsK2Eh)s*}!<{wC%eqnVK}r@99mCEZih zQQ}N66#9%~q2VvZaDPUv^?*jq0frN3TE_0i$Joi*4%3ZpdL086n_k%R!uCkfjUdr2 zfW`@EG!}x1ngQAY78)R0HgU88IslF`K=ixB5e5h!m6&IMxyHuVI_`jt#yo7}{JYV@ zN%*ChEjre&rdtrdIoiZy(fp&)yz_2$L`l$UqtR;fZq6YFksNh(lK$w|5FS?n+8sW9 zvjCUykFc zVT7ce)rrYQ zG)XgnWi1TxbgAI(%dh81-Ky!`v_N-1BAPx9I__R$fY5RGhYS!p?*5;`bEYjiL8(F>J_)_(5 zjSYH+mlkE8^ZL&z>Z824;tix}!9|e%lp(z`F5ny7Hdgm#;V7cb8}ubg5L`1P*8&Ck z*k_@fuj-5Bli2mskq9Md z5_Jb4v8O2>%#ae)rGLeqkx?(B2+Ytw@5J5fUys5L*O*0wUJyLblIOxL-r%w&?1>Gb zWDWNcjOBN-*1E?lZwQDIwT3T}i-L>QnnG-51xu`@;Tu_IY(K+&YC}RbPJOX!+Y6k~ zplLu^mg9sZ3Go6n>EQD--8vdJd=fc@Kj4yKmWbb5y!Ra4<2Vml@J_iF8vG!gFbW6wt? z>|atWsdWzn3@mFw+j#Ylu+w4D9ywEk*upF=xY!Ea9Du?@Pl3Hhet~4|`)OR>)4tv& zy*GQk7W5>Sdi`e=)lc(upIQ&Q%K?AfKvL^Y0wq)yyuXw>V<+fn6xrVt$@`*8JB8gP z?<42Py4?`erF#%B(hvFcld<*n|JV+GFIdLxpsw8xaOVKqFs+|pCni~I_%himZ!~P7 zC|G_`P59dm`qu)z*bj_OU>_SO>4#2G;xIZvYC?M-2zQ4$%*6ecUT6x-a=Ti~Ezr^G z>m~ip&m4^`=fekMTKp3rEH=Xdgn?eVeKhz&)g_Lz;f+AW@1I~r_=bXZ5Q{+!?iXAO z#PV9J+Y48x)?ORcI?i>jqN@F0Bd3O&D$6pML`SC9*+fbUQ*iZCU#D5eqxUv|Ow-5b ztG`~SuHK=^<27?YQ|mU7RM-c!`DP7b*;`zvqQhIL_eb1EX4ec2K8|_?tbt#Oa>W%i zZiYi?#yk^%on0R;z5r8R&VvI54gzrR1z7~(+%eh$fNL+vC6F6RMhR>4DFqhjXRw24 z`pBc9!;BaypNCoyp~LL3*K;-YdT>XPH`K(wmpM3x2S8oi*F+FG_+H5Kp}AjU-bch1 z;)Ln`IXtE9iGhL+UdgAP^+Qv=PI^H+&1`9D@aC&7yO!MPpPf}}7L3WPI zPpm5f;gj{X>(sh0fx~sCe03T75Aa$Li%_-hFNm4Vc`bIHkZbwdKxw$eSIE9q`&Y)m zxD>j47BJ@HoP@x8!6zI2SzY#oz@SfS?9=-~>vu*X@{0x`?lr=(;|j~?q5p(C(Kp1L z)^D*np_%ssG2j^6WqL@h6?A}x~RO^euTU_r#%N#guf7#dPg+! zZ^V9>7$v>gP4FL9_>V};e>A~=(10<(s&(fmKE{AzEm(;v#5sN7FsAsj&lSmMh5NvU zMrbuQzBSW-7_EW)lDd>F>(!4G>HA~r4>I-XxOIF1Pp^Mtjn{wF7)i*r6kNTJoUZ|s zg^>53x{&oTEzpNNicV~dTiyW9a>YQp&-5YV0wp8pLvl?Y!U=#mj)rY$D03X=-81*8 zCgDlwk}%Sgj1ZnA_k8#ZAYAp~OA)wHfNn1UQ#z2`v*8UuhN`#IoawLQ@7J!ebTZ@T zfiUmaV&S7MyBD5D^PkVhNiYtFz52&q{e5is*+E7{<}4_Sb+%ugpswBe#zhzLZYdi{ za<8SL)!JE5W6Y+;;!YJLTdM#1RpzbZv#M@5VLPt+1H}9H!RYQw5tF4f zb+v_4r6jd(6=u&KYpvjnq2Hq$V3nJ;S^E>zF(!{%SB~hopa*@=EWdXWCsgQqVmLh? z@-}lgeNk}p>0gSC>(4{HpNZBBe+YGn{rD73PlIH*u$6+@;o>w*M; z54J}1UB;A4TzTa_^w>%~N;>+2*75(1p1OT znksxA7}Q206a9#gmuHsD7<;kr~fti2OBX zTr=a#&3LgHUtz{4n(?O)hO9Vv<5+Pig+hm{K(k?hNJSJjB9S!c&X3yYM{HEMLPfNU z+w9dGnDs`StfHB#Qbj*`lv7VFfO{^cadzw4I8O-U{LD1Yc>jkcWL9rru@aY6KhC>3 z#vTtYC?U6*^#P1Xuxm`T#lj^C-h^Y6SiDGFyd<3uPY@V5L<a+PH2AKqSpQ%7z_rUt2r3pZ}=BL#OB9tF*V}GBD+dzsW@PZN|F_v^_pr_HIr7#LLCsP7W=`$m-F*RhQ~esOk63GKCB3 zs>BYXv{~}&IFO4D)N6U;HB)O^_b%OZQ++*y>@!%j;?fFMf!lfWoU1-g{k7~(n!MBO zACOF67d{VD68>1+;tFbT!C$~`F=Iu|P^rriDapjxy@}(tyj%0Pv|+-BW%K*&DTv`x zSztsjO&^htq7*G}-Tb5BSCM9n$3j0?Z(B=?vNuvSs(%fJ8$%&~gQKQG>`?i|Kymc1 z`!68bS1Y=h3srD^oqe)MZZ+pZi$Z_F$zyaaWsF;Fe0AxSWTOwn(F&aV;rRJb1y}hU z=R@QRH;DPrk?4GAQK%T4%~{sMCa*ak!u<^obS4I2vCO`3dDUbrtU~a;D_{@ys6B8- z5gr6A`@3Pc9G;_NH%ynC&s9BLFtb$4^3)`;a2uZBoPV@Kd+69OXtzx?RMaqW6+HAb z76rUeCnf?c9j3}h+=+rIHVZ@5|Q20lJzNU@gCh2VW4bjpHYQaEdh%t zpu}<(BiGsRlPFx@gk2=7Ikt^KiSB?zBJ2rCh8WW!d7vkpkp7AALxGY@kUjHk_%8T< zOiM7f7nzQ#P#PETTn!2E2NM-7`+aZrVL1f9B%IU?Y>x>arSF1s!k~Pel(!DP$~FH; z*o!obkl|5~sZc+LtN)vUp+Cj$EW95E+$%WXW?}(?Ngq5nNd5p~ci>{N1i67rkesvO zTkxh8*DE)O^-9k9@J&F7ovuQu0MdaBf5Lk(zYo2)o<*Q>!&?wtfsL%HOL;yI2fAHD z38%udK@l6@#CkpMJO%058{*P=KhPBkokSkP-`?S>cTd0#Gk1ymogbm!PjJ8eAcFDl z7O!oG*x`bUTZ@YudVHn*qmmu`K%|JX>|0k{9VQR?ag z?$%HBb>z|diOBq++yC{otvmc*4!~70TeB_XKb^Q7*ZX=vHn%^VpdW)Q*xcVNLC z|Dmr#=GISIKSDnLHv?GywR#A}Z(2S^_URuNDz!*NU;v12}}ooZAlAm? za5``(GcY+TFi+7xj@whiS_Jo<{s99KcfR^yw&JcC=~U}_U^vEW7MS zGSKQ;%?eL$)j#lubNr`m>N0);NSn4<)6c*udf)tw@$^2}kNa4@yzT0;g`mLDr+cSu zE|Tku^agM1c3<9R?4vL%T?rh7Pi}yjs#7;1ux3dgn9?ONU@<2`7jORdHGDaVW|FW6E9F>0SduKbz^#Nz_H{^t0os&{UR&oa=~KQ z<33!RX3i&#oLD_q&CoFHqTq#-Sf1jIo|t0NL7U7)eu>C@0>o$ph$)Q%WdxX1K_E17 zr(xkOh|~<1s%)Guztcj!VBl1+sn$oFN_)6dEAGMiJKW`_y{c=AVLO`DtvCA*$;ZQ3r*Mq77jdEYJ!(!Z!{Z@_HSeiLE z+NX&b1dK6W>l?!T5P@+f;09jIi0@dq-@%$M68;{kq2+JK`5STH z@+0xu^2zZyrO?0Ex54G)bZ|9Ua5eLh3!4C#QiocxTZ(0uT6;Ns1${{?3}5q~lhviE zz`Wr^!{dw*ez$cd4y`d{g%Xfk%iF*g0+xnIEzIF_tfYL|-|+3P@g(q{!%gzdNN%z^ z7u+Nj1_~!>!S1{9?K5An`rMnBgRgj%24^@pP4GA3O71tj(z*bdxv`7G&4l2ik@M%z zx9;fMe02?;s{I%m4%q)(Qv-+KS?3LwI4ydEPxX8$HF*7>TD{qait_fUOUI*BCc;R0 z{8p5`k5aw!7Mu1wq#9~SHAhH=ZT9Y?AyvFYM-7Rv0-n`9#98^j@o$ebAftnY#2pX=%anP@4FBLmJq@q`biq zeYEV)urn`LJ^ZGy#^7XJ<(M0psbB046lHk>6CCEg^4(Y}U_T;Kh4=Q4;GGe$#y;D5 zc|qYC!;Ft$zSShp)W<-bMOXn$kV5^VdHNd1XIZhcpXy#XKFf*j&h!31cJm_#KM7^L z!9JId_rAnbu=UIB2lVD(#_c#%wPb(HucX-cjT9_OaMtRtw?yAh^G9sr72^e&Yv13x zb?XY8x?{21iaClEPD%fGA zzjd@3K421R*@&iKLq~OZITkB=c?Zr+iiVbz zdK)%4@Uo~+J_3r5;e_OfCV#8BnsIF~6PsYTIHsCy96M!an%` zd15A=?!kJ`h2d!uMyl;XBD_kFub{tU3fAL9TxI1KOdobkzRY&Scy?&5w(Am8qF?PM$C zM#~OdiNuz<+$>U2tT#|xj5DI5p`{gW{kZ;7k&JIK9QHP>N2ObQ@|U37fVaB6u63BZ zHEhX5BDnbEU65frnlKlQ;T0EUQD^w37GyZ$!Du6IK*^b2*8%VLb$HQMefb2c01+#I zo`?$#MMEnVVIf{5N4&Vw>CusV3~zvbk5@kBy_C^mbyvchp zUGTa#;`%6xJB9r+q9GaZNt&#XLon((02>A`zon zt0tfGx(*uGMzIL~91Y48O>XtN@ajn}vZEBJ8wDX(kzTO~g|+J2d{7Iy9`WiG#Xi?( z+V+irvOM^*2Gc(miO0RX>Pyo(;*$>=8AZYguj>;wB*@7KIk+-+Xz~YM7q+M>6#X+A zkS3pk4HfBSr6BnLEWllc99wX;*sE(3y{;`-s~`<0O}GGzMlRBeb2NFE<~pu5G&sEa z7Q9a^V->ms>#!R^xMgf`L~mhB-e}WqF`5=UkMnIC&F*udYIs#`GhV;Z%CPt|iwLG- zdn6;xs~6|{TwBC0g0_8~*iry4m$sMM14b_IMyI4fg9(jhydR+P3J&)YE;f5${!>0zi@2YwulMTt$IzYCmz&216Z+x1A(kS& z6rF-MbpfsN4acnmweFI$a1p`Gbbbu9bPj$AV}Tav=?nagr~kgd(>#}n za{^l6ZxS$Zeqf7l=r8f@J3d zvEBf4I)$>)0grp-tv=V6^a@ybn3{n zN2$E}jRPq81ZYm9s~6&?zN@VWK7pRN0e8W`dry&k(5;_Cw=9wm^Cmbgz7-O_U#R1* zK`XKHX}s(Y+M}9l6B@rrK353KbRD6uU>U7mI2pKtLc0AXcmr%zdQk?_@u`6#c|#F| z^s(0#$wz#yQ$BsD8+MPvisVyne)!9fS3VCyIK%y3`9oU0eA09g+kE;9Y+E3UTpMt0 z9&s9@SN^WZ^`#fizuh|^JIG?LK2zUCZWKVqYNrw}BYdlWKr_Q6;d*A%g{>MC(B*No zAKz|3C&w&0Kx1du)rH1k9_X1EG%()5p>aPJ7nx6La9nyAw{(z-_v_(D!l)HnZi_ka zQPJ{7G*UJ(o)`-Uim?!d=`V;*hDOAV=?(lK znWAmq05pvOH!S7vk)c`i03S}9T-Z_DX;>VcUIW&^P`nR=mA?_bauYwE;A#+l1Vhgj zDEBk3yc1s`a_!-;=+p0BWSAga-X@ubKpTw7m#5hO`kzc+k@uZ$f)iPspA3o$4Qm!nGhLT5zt=HQ!VMANsH1R^Bj49huH{KD(4ZlBu8Al8(8Ec;gEO>^z+!4o{nph_CedxlxSs4p**-ow< z`fhxN&*w}H7DTW!%0}VMi!82p1IcDRw7{^e@U=jh=O(pIYB6RdY8~HOhow;2ah77* z1H>8T+RS~ACmO<+2`)8|Omb}wy^78J@HBzS$MA(ST~#!f4Ov`{1*hoN8! zsOc-66G07F7^tH{a}cUH!NVRc=c2nfrUE1 zZWL#<;b|b{oh8i6UlfvR!Pg8C(e=%$itpqd4LyZ}2ebn8ZG7!;IpTtMRQzx+Fbnm4 z5wB_Ud;v?M*k?tJ&j821>m2=P@^r~9z9l_72AGKH(yim9TdS)os;e9o_&zbdU+tJ( z>9}Qr&lg1_S~YK;qq1z?{HjhkeCK+WRE&>RFPt}jI`g#?cE$?Q@l(pHI+Dd>1c|${ za^AGr_-yiY2fuaPk@^P`4c;^Gx#iB>JKzLa$?Q2Z9Mk4iwo~#`+0q5*alCsMi}D;KJ#Z7?c=Ddo>u0-XUZ#S0P|)#jJ!s9 zMtaed8{Gp3E{^JW-|5LN`!nSnAZD#~Z0 zQ;Dy`OVY%@!yVz5i(eLgnfNLAwY>(!}PFL|;Y%E~xlrW4OR=3jR@f z8D~0qk)C`>8?7JtM(a*q%*XOr7U@|Y@yx>~TBm4xk}g{3c%GD-d095gh^CP~Dg!`~ zm;A|(c~~Z8U^%2^NdBxZ`H@$Ymc03pH+eE2d65U@B^)i6yvd7s`H+_UNE@vKc}Hc7 zwrNxz;wcAtl8))*O`hZ()gyV5U-Tg@c|_Zb`N)I3CPh-R)neVp#BW8 z$ms*655!D-I>J7<-0>R1#n`CbO8h3YC&KcrXdfus_W|TY`1UrGgYdB(k%$upG2(Ny z8^Usgk0D%)@HvE!A$%L*r#L=Kg)yY!no|kF#kjoq9Ku5fASc2;_!v$C49ADC55n^A zAU8ts&Ls3IKX|(&FS5&*rY0*ZpkF6&I8~NbJrjxK(4f=oH>YKeRl6-zYNSz@48LZm z^GaYveh_NJlr4SG)PNiQlEqaU4? zGg{DlI@5E__OI|S{}=hM{1^Fe{TKLC?`KVVm}%@GJ_G%B4cY-_6?=#u2>dIZ@WX)j z0RKGj;{UpV4j!YPms&k(4u66-Eyr47Nl9}61%*RBnov0P&HuMUf`7ORa!Bp^*1FVp zy=>XorMkU>ALZK$es=hc&T`WaDZqEG=UJBD1wH*$8|3OtKM?q1z<1_PzZU8OKMD92 z;LBK!`LM6h|K(!w#e?{`dKbp(4HGr(yeKW-GLzQV*~nSnx4~xx_|Pv$AL8jx*8tCt zI7T1#0s7Y#;MWjYm}d7|EDxrnDei9f;BSG^4@sAifd3BzepmEo59#KBU`)3=@K(y zhammqV{C_|^pE}|G=^fm2{O@S&>k_rC_F9se+NFCuU`~pj&K-$sTj{3z@H_)y&nsG zdf>Ew5#NnXL!ew9D}a2aT(DDIJYEY|<(LN3vPh5rYidW@?f=q0XS z_+tHHT&!Q*owmYi{ar$r4#6GO`={Vnit+f4xOQ}c^>@HOkMWsrm2+J3!){BhvmhD= zB%>oxo<48@Iqyayc^&2HdOTWXu?~ix>tZ|-c1V7lCpa1-5x%S<`C{$VNq?5&M(AxL z6t@*-^ghh!19U#N;L^m$5`xyB32(xF@izFqf{URXSJ+-=zqmQBU)0FfVW?M!ej)6D z@|;Ef7R*Q9Gxc`CcpLABnk`lZoVuuAjGqr3ycF}9ms1USF5nkGejiJ;{HjZKqPavr zSP6dhA4Vemz%KgGemQ^I4Lrn;J;ZZ9)eOAwWa!UKWIewIeiQKH%y#-2{Z!B@>~jqJ zjc8r##cZfCaUG@ro-3;$4gp@Y_hFcqZTbl7PPW^GSi86Tqq#;$G2D=+o3$RC+x^lw z%15~tgU>4;V|?gnU+v>SLCoIaD6G@0UA9-DQC;xc3VzLdVGr>0Kim(;!PZBBRcH5L z*ge}Z0|Q*!XOYM?fTIub1A(_=z8S9%*24pQ7Vy1Meq6ups-O7MR;61%Q@X5(@F?W> z1k1<#b)H#|e`-f7dRq^7ZI{MG1N{E|{JRDI-2(q^fq%EazgytnE%478VCE_Wx%`_eYzj7zw@2^yvS$iA(t6!BkB=(KTT7 z|K03k;-l&KHqktyj&V+h2TL093* z0yA7{hQBhyKbqlcGko6Eqp7}_%wq})ZggZ#m|8uzs@ieg;9-Mv23=n*Vy=f>*ALDa zHrO>J+emN>$#GqubA3*p*i1AOW2iOypGv!z&f%_<3J_i4urBV7EuR%7hOKM|t(<1Gk5~Z&(=~qX4L8p8M|4r3V`uqt7 z!Owr7zSXEH*D#=$$Dt?4`|yYFoOIPtmRuxQcZH;VMwSyODxsF3RY@KIH;||#DNiygClw-RlJYDf z$;uy*v^(**19@%S*h&0$D)5qxEuPr=bNp3o{C^e_+X&lj=fF4dG~rC!A{*c{gdMg& zqX#B_PdLjqiN&2IoMYRKzlrAv=h{Y+&w0Z6DFvufq9ik-rM!dE5@iu7PU*pjMMNg1 zq(Rig1etFrm8Q^K5|d=Ubyb$~Jxn-Jk*5Mzk@7QgOBIo-lu8zpCRZS3QOa0GddN2; zQj_vqa_cFVAo6Gm{x44{F+-jX0)NUQWRNLWA+kJ$?|UWom45<)6)7VrPPQCG3@MR zc7C}+Ni2h#__HXcZS88nO1cO%!r^q+#k zg7ohJSEs)RnyU24z*MFu0G^*7z~3LIFTmf5^gAHyy!0t3Wp4UJVCJNM2g>qvZZzMY zUWpR#OD_OCJG~qDm!&U5S+mk_20SzU8>G%ipMz4Sr*8$#wDh;YZEAWF;3?^^<8NvD z0C1k1z6AJt)3+hlJ(7j5q9s4`cO)k%Z{cqbR(czNp5hNRiIk5-`jg0Lxr`Z}-6s&- zK+ZTzViNQe#L5FGWKr_FEohUA=2cfo$@NT>Z1b`IlH9NgJd}$n7EYIv8;M89LSpiI z;xlbm5#C6=!#0cbO~hx}j)7V7X5w>f2kC+xS4RVZ5!e3giCC-XsP5KgeTe#qb-s@Bs|HMfi_LvMWvV89wh$by@1PX{2v~Z z_mHMSvb>KvCV#@3t4{-yKub#gM;gfOU!Z*?`?vTj+h0W*{`>QbS=1K?Q3rJ&NDS() zN06FdF0$J{!{46vmHaF9T82PMP==Kt{h|eu0l>0f0JG`93Cmt0Srj-$Wf-|A!|*3p z86%+_TQSiZK}pn0@ls~R_AG=|#u84o-G@3V;|SYrYe1>^2xr*%B@U&CaHeQ06EdRQ%1dHByk<`B{}57z_nXQfLE~gJ>&d{5&8oo`tyF zpY-y5Ak6#_NpgSY$s}93KiT%?_MDtes@@b-zJ>+&rkp1DEE{(Kcc-OGx`Eg-BnZ&D zl6)$`!7@aEx3Tmg&k*|*{#b?x`@EF2m#)O0K34%N9~I(+0A4oLg{T1yi9)y}1dur| zpDoG91TbBakFzhJhDVSujqnv?$?Oi{?d0oViw;q_J7m_*@k=9-j>#cvdZ)~)_QeG= zNuDS&NmqV>RQVFpM2E@f0jj+6$KZIC$ax7f$`h{olc1goDd5(fG_f3X7(R!LK$2I^ zN8?=GA4z0ybW!q59;aV{#=rI|5oPLrM6aTwGEyy% zOIHb1&!Ul89#^h9KvSK?oR-J!R~3sGhkncBnOFUp#$9HlISl2NQMs1Kv#z2?l4nyM z%i}pNVM_P2H(4LAe|U)KAmyy<7}Ri%(a#ufpVKcA~JWS0ITi zmaFRkTt(nP05<~|iRe`$ZJ{GRVIro0rQbp?!}71sOwtR z=3UAwx}u1-F)Hf%E>m4FGo!BWvNjwHjJnoS#@{n4>RQj#PZ2fh+7PX)=!y*;x}uq8 zAN0=uwsr;V!%eJR^97o0>JE{FqiLf27r`)$+KK2bjEdTAV(KzPjoNLZ{Pj!~j%G9E zr%@TT+sxDnb!E4k9r&Jeq0tK@a^eYj@o*z)l`3rcoRm5J(6M4NHU~o8@N1Kd zqgK0flXE2LI=(L?-y)c;GO5rPO=dQXf(El&1hYSq*vPvsW%)c1Mia z?Sk3oWcFs)%!XjTeFDtt&17-63PQ;%voZQzoq+mgqM}#Z0W2iI%L=;y^veREqNFTT zPU=o#CQSrJ5I;eH*|z}5CQX0l$o(S<`^GG+lm*=*U%dsmUgS^@ppL+50B-@vCP}}K z5Ic@ozs~^t=^~);4Em^Jjf|n00|?v+XIt`V+GVl1gDNh6Aug}1hugYVOqot|Qk;k{ z6Bw3vnzpqSQN!|1)3!>G{aP_WKEpZGr-*5J)M&IbBcd*DD!vBHz@SUiVJXAhoiaFpvOkf-`e~&sxrxmZ8c+Qi0 zq6WlQV*b<=haV7!KWyUf1pTchej##|h<3Wo@{lAAj+iu@!VFgMhYuqI>~WDt%-onZ z55C95Q;GpqW`y?hUq4X9pG_Juak=hoI{x8?*_sLMePB5BdA-ofaG8qfiM{y|V#YjN zre=JIUoU*ZaG9#9L;Qv}O*XXF_6`Rth?`BwF7%lBw1|9BbiJ7e<|rO{3>o*4F9@2S#+T&y7_`yyI{^ntqVobv%%V^b)hKwS;UQ6 z7mA|yvgl9#Cq)lI(a+NQri-FmE~xdBELwQ5>B3KB^g&!W(&<8!BE)alZ)T&CFKA%l z*m79CGEv5{3#xZIRz{g9V`;36GEv66EaS{SErZ(Qw=d;#QHF$G!>8SF?m?F|>QOGr zXp5CmF3NCShB8vjY+cubZPf^-a)roYH;JP+D&>_cSVmv=-3lSaec*}aCE{Jtxoe;o zK93s#{LE(buIt5E|E}onzekqq#QufVSTfIpbUa%&(51sW>43;i6r8T^u&N@p@)jTxDW$OMDbvIO{barikV9({el z_BecmsT;MNdhdiL5vr-UP^-LPWIA#{qQ5xJnlIn=vwf;e~rRd;a=k=%X^k=%X^kt~iO(qd;1 z%Ji3D$*MSeu#2+?yEuEWPXgD6?BeXfF3uk8;_SgL&K~UI?7=S19_-@m!7k1o?BeXf zF3uk8;_SgL&K~UI?7=S19_-@m!7k1o?BeXfF3uk8@F&uJ_5z4A+b+%??BeXfF3uk8 z-yn5{U7S7G#o2>hoITjZ*@Io2J=h1p%qQE$*@Hdq>_K^kUx!Xo*5YsaRPfmWpojP~ z2r;DW7U{o7+ljLW<=L=69L3+B5fYQ2hagTCXAjD|U%^LYa9d2NXQHI=>_KVxD|jdw zoT(^{#M_l~Ok7WVrg9bGjl???dUvIX_$-BI56WiZa}=IEC|iin&A{1%vX$t3g=Y`S z`$TIB2NGo)VV}Z5L}?~mtnlnX*-p4b;n{<-gYZO!JAKNBgeNIHdr)>!>7@$K9+Zzi z16-!?>_OQ>8uRQy`Ghr3i=90v|40Y9D$X8MarU6T3TpH0LHXhc>X7yrR-WSQ!FK7r zpuXrTj?4*a1n3&I7=QECM`5`R^;bx+t8c<})~FxiZ@xMTf3@h*gl*UYWY1V2834M# z8z^fjaH3RR!LEKG+`S{I91^$k8K=byTUDh zn~!jY!lMaW5#dbHl(t(4_YqBLyOpp*^eUo)+mFaoQXZ$wcN0z!H^FU_Xo-q)G#&VRh)GaAfz+`YK2&M>viwAPj8nTd19!V_J>PK(|?d$S7 zlp&9nUyD(XZl@ki>OMG4DxeI~Wma^CcEKslH)=OyJk7Szn||S)3BAGMTR-29Lb*HZaeA0!i|O?B6jcx#lkj<}%NK zZfwuHs3`e2pfipv?-C&0nS2+As!Qiq&ynOG4FXl>Lu@7i4*VMl?j{zt@jFDWpx4P_ zd8JrW@VUnbAjQ?l*MACpggEOr?N z%O%O!SHY(I<Q`HcEhw%4bU#$wc`s=Yn}H0o0=>XSur z>&+5MVwEU>+4pxLDc}S!0)TWifH44`CU84|4*^_5FW0>v95Op+l+Q7c%L}@bM={Vp zMSA}+0A2#%a$r3m&|gK-rTwwxbI_E5C9@G0;IBAq#Gbi~g&3bfMjAI8;#+8FhM8XB z5P6x7{mKmxOWjkT!OW7KQS=j32T`2iy+ws?CT~h;& zc&-~`a)D&l$IFsXx|}l@rzZ=gBusb6Xd^Q8Akc$0W=vy}6qa>8ldjl`KUr*~Vv`ki zIK(6WAMV}+ysGMY8$aisaC0GqDa-^2VID#fhA<@%W-k+(7Ey3O+yDEnz4tjMxvBO0zCQo&dA_6E ztiAWUhQ0RM>+EyRzUS_l607~QANs{L{{S(nF;H5@4b<4HK@2a}vb59C@p&*!_225g zhT)NCS3-Q}`E*7e?Nga9&*ZK-GigQdEPU8^R%&_jg*?{mDZ>J4w4|In8C$PG>u7mw zebr|+6HhlQ#;&&Pz074t02;@1@Q9X(;c3*simkAs7UD7A zWR!meV$`b|1Y_h7NOF>f%mb19Ck-(XU(JZeIRvT28plX609@M3VgHP`yhYOWM$*qf zjQXf4Wv?5^*Hm_{k+RJ`Wyz*Tn-VyGc&l>juH2(v#(A7q?vvBK0U5rTQnP`V@%dJ}``j zag|svkF%|$A85H#Ad!i~ZA%`LAWW7{3%mo1WBlX<`DJMf^J1iDe_#YwJF$G^U?AZ$VUv)>(E*L$W;qogoUyruYe28s7wUqp+ z2+eYemaC3OSnL*y;)`77q~Ug0#>E7`MBcH(QS3;$QmjG|C!Wqw(US|#V5m1qu0bdL ziA-H(*Ir&PWoLr=19Nu(HhHUu*bhNdPO{wHX4~5+k6*6Y>cBU?Oc(B?kYMNlR7@R7 zhA6oSXTJfiUNZlqY$kwdRhHe%rp?o;T?!Ll)lE+n=d`eCDkS}d9qywfEof&X^>HQj zbtNe(@l(39pG|DyP&%)_*gXv^Nqd0EneiG#<3{E5Y0x@G@vnACZ9s-L06lsX@GRcv zvNs5SrS35Ab z7CVE!0r3|SL0H~14MaN-H<9Q8!WxBN0N@SuF)27nKOKkaVJIy@^`LYRM?j3>3;cf0 zrWvSt4>h?=i}Mo2Oue5NhRm{a0g~lXbKInm+?Ygyxp5u{Yy42nb6)~B7L@72&rrA* zoR~7PwN^`PQ~y`j;eD#%XS<-eV`2%}ptEUB?PI9K;e9sY3G(A_wUo;XKaGhg&IUTDxb!Ezu7>6J`|1bl`b|g<*I^CCgLsX# ztXbD%2-@kEB59XVo4p71qZ&61`Y~#`VRX>LAh?Bj(32o8fJi-ramaffrQ}&!T%A^g zd$v5Xc!SiwQo?DUhL~@7+k4)DrE}y2dZjEp?Ri%I3eE#3kckBp5Bb_R{@Q!)?S$Bq z)2Jhh{e@#pEII)uoL5kui|CFDaLP@=+Py$dP|*Q%hRWsD$2D3oNIC2lfjc`OB)&k! zjbQ5kHxLhlkTY##bjt#Xrr#6DGwnAd7)|6r7*a!>*1&TW4?8CCtWD(hzf2T+ivH z7Z5Y=)?V0@fC~_)P%}dVc#_|Os{8}ATf#(Kh-7OiKL@+cIpcq?>y{^2ICANn`ML^I zR}Oo9AO%ml#20HIN4&F>1pW00h*6DMJa;9p(9-BGDwXlZg%XZz2A65y%C21&_#rj% z`s+<9;L5c1Bq(@HOM&Hb2qX(F0$Bqh`FRa7mlf-eLLU>iR_=+Jlh7uTOG!{N(OU9)EjhCpBo7YkGLmm3mXd!CLTvUUwd9io(dMs7P%_b4@=h(e zvKb@~4SZrGCr;Cnr-Km5ex#Os2|<*6BMC|-T1$RVOWsGxse$S7fY8ssB$hV+5rjzg zBempz5=6;~)3s!x_4(k0mJAtk*dqcD80p!>Q~DYZaz1E`)*9*vq=rXG&~|cY+uzX| zPSEyI0jE14wEb;jDINFRmF<3{mfRa{B6&IqN+w!M?l6!fjvypY30!0(R}f3dyFiFn z{75bNmjuz~KaikgqP677T5<{{=LQ}%k^@;^hc!yaAC+fa)GmDASs0X2@%3 z#XU1$E7zQJ>=D*X6Y7MlZ5m=?mXO<m6==1J+A@kcVA}HFKx0 z{tdUj0qea!$R{qun)wS||0h_}7XLhV@M3;W03$s9ZyLjM()g%Bs^?PZpbJ-n(^|ld z4zWMx1Ke?@NswtROo5RmUq zI_kTV0rlOCv(kBKn`CGi578v}Lm} zL$*Rh+fvArtq{=xDHO_9i0CN03KpoX5Ya(<0}5&@M0CiewUx3JBD$p%YGf-!bSrx& zS~kd5i0F3qA{4gDR*2|0*?hE3wn9X=x3@r=+6ocf*}f44wG|?|m+U30ldTZZ1MQze z!0oaXB6^S%_Q_U==)qF>v22Bi9wLQ9vK1nFsC^Z99+RyQ(aB=lQP~O+ooerf9=#PJ z`c}0SB6<%yDO(|;?;@$TLPYOnchy#i=zG{(e))1D>VlyoD8+CvX?Dx|L9muXDYZW` zwfypB7TRKYuRn@m6zcXC8e7Q|%~tY6vsHJrWww$hnyvH`&5IDonV~+HU_yp|3p&)7 zQmoK^(sI7AL&dE@_h)?|6hnFdX(x0WF$0%^jtc#e^@D228VZsgOiY{58e)c!ZX0@p zbP`pyQ_ug0ZUmhWDkMIcbcz*2C`svStSWO~g_K)cQDF*6Vb|2t*wFAZXl=a`-^(Lm zwZ=Y#k(?iytxK&?8mYY2d>R`X#cMtFG&VGv9#T(ZLt{v*r?H{2RF9{z>bX)Iw0rd(@9@o8*m+$}Jm4WGt3!+r{Ya}f}2`5ifDn2>xL>kKPnEuY3Z!x%kQ zJ7R+&zK1HV-BNtEAB#TPL!B!@cbE%`1Q1l%egK?hk8vK z68-N0r1VRmpg#h-}L8!4hv#~Rs*?tm@9Og_V5FHpM9q4i+YqO}{=6(ydWQqBCAXw9>5-W-w zB=8J2hmz3ittfY91O!9ZlPsWuPw1fu&V8t$mh*xOFf zwV2YZE==?GDM9zcXi&~6F^5l7PqF)Le@Zo{gs+md?-AIw+i`Z}Ggf!2Ciyu@8aM>a zof#YL`N%v_?Bt`O10R_Oia8?mTCw=EJ)bQH@||iIkZ%C_oKaT%5$e9roM7awe5khf z%!1_Zu=PILIxriLzxmx%`#zdhgJMrS9KD|)XXl~KJ@E+b$GWg30bYH8UOfm{0&WUR z;Z+oRaoqnrn0j&B2!iZ4THqv**bUX^(4N>1MAsZN_9pUkjRZsv`whPML(ua867*#* z`kxW#QiFcPpnp%aSP?r!$vi4nTmxhuTG59VC`1R1u+V0|@vxBb}qg`{2ZarJe9RWhgeMzG&NVMNbH^>Tu+(o3=`)-82+9z~>sVL=e9;vXb(&jrkyyW?2cK;En8QgZ_a*|BPtyR7?^m9Cad>yHLc&zZqnk zIcOAQ7mYkB$Posa1As49M`+X;LGj^{$g2cO#^@Hx6A#VQNY73_mlE^|gZ|t_FNi=N zHt6JhEqg8qWoxNMC!pu{8>bBNMgV-aZq}$gLA8j{+JA23{oa*#i$-o0*Jv;L>J0i-gFa8RjKEQiJ|tEgHpo<*AjG%xd8QEGz7k=@ zM+UvqpnpNM$bCzrPl?=iEwvxc7-ai-My`BQ9R<(cOoN^ckeY==_YEcE6UWAW_>k4a z#X#ycP5Td9V_c>+@$ zyy4TEg8OQ=-HOYy=Zq!WC1`pdY`wX9Fqr-ZGc`!et7z&rAH;7!WRiFS#BvbUpuwPW zwdgg5ZCWCiHFpp>4a8F<#)0^lEY{%1HU55$??aROumcfI1KEus>_n>tg6_xjdu58^ zl=sDgwD-iefr?+E=>xzLp8`={h-;D;K=51fz1X{Y&D93MZdaZ%J!@424)$yq3HEG0 z2&)%;{fK7CBumY!tpK2{n*b1dlh`nXHnK{b-HXmPe0AiTa~t^j(9vRsY2%!;r!J#R zI=G(NX~uIDPBWBqQ&Lr5RrkT7ocj^sbZ+cI5OnSs5b)sD8b497Sw81BZW8B;(Zosw z{9Sjro#wVL4Yk$=E~X+HxRnGA{1G(@8=sQ%aM`LR7`Eev?GwY+b`g+6PidAx!iY!s zWZ=N1p;?CVN)Uq^!v=Cl2i4)Daf`hyaSy7=)jJu)U$ue+t-zl6XQ~*7ru%^zRE{2e zrZGsxa@ZphH=_ClwBv4-k+2;zG({d}rr=&o=nNbCb{xh(diti`4bk@caVRI~dU;1N z%J!be+pE>tdd}fbAi9UFJ=b4_*0qb#wyNYZFmrXu?Pxu&rmPLpiegW!PA}u?)Y*Av zvjouPT0;sFmVNV{HV796P#=zs3LJ^uIt|-O*sYhgMc)~_aTf!{xt7ERiQO@%@?zKU zwL!qzb7q6ji(S)J$+oFIDU+(NhX4tULliEtJB*2;?QnDn$5Fyn+`djI%^0OL!qaOb)hyrfXnv){mzt2zMbGWUT*1WPX;5L}hcKuzj zGw};lpP@u0NFZogud>9i_zJpfu|}UFK{T(WrCrcfD2-%C&S=x> zsLiqYjtA*Ui)A3_-b@ng$+aNhUFzc(OajY6bOCWOh+Y(R-v|JBFzn8KVI;kYc9E1& zq9v7quzFnwmiIMF9$C&0Vqf{qkC%vaiF(uoN)5}5kyL?I6j{E#$guPWKv;wzOEy{3 zdTBVXg*F51PQR#~A8ig=$!mS>Zkw}iYpp1;k|$^j&D52llfjaF^~x}XLuci%ckwIw z63Z2|h*N173C8lHv`E2YF3~me z=5uh{drCS&9V6}$h?9toTM2?O{8tbXem^Z^C}9MpddDRixOx=`vQA#D+XY>Z(kMpQ zL9GlkTn+^6h7Mri)Ek9GgM`^a5)9bQAd(-`EO)_Y>;}hAzKUxloq~P|_)rjc!vaaKhT=CRs>r<0vc9-e1ASLw*D z8v`f~$dp5$XJ?@uA|8aWV_HNeMRc}zQUp&emjWWwaW@H0$Hzb!(b?g;~Th|G5DAP*g%OiQPHAA;2^WSMoALYCaum5Q^)S!6)cRN4*`|;nSjRxfxwngkonrsaRU2LZM7!vk zz6Atz)qzk6Yn*0j(+(`>?;{HnRu0a59>M8(11MINHEQQ$n}a&Z zr>PxlYVvIKqj)|``&7%|Mc;i5S~U(**vPP!TXg(dZXG&mi)eR3J z!}75AeBBoba|6yUK>QRne}^|z0-Y%nWY-l)u$)sfW$ujLj%Jxxs(H!|>_m{MILqcU zn7pfzZy%<(*)ppT>Kn)XmgPK~s&HMpC0%CP95LwLYjFaV*>;8fl{Rh^Zx%nJ3(;aH z_zUgl<1yN0Xsf&)1mFF(3xr&ZH%12vBzzwykjd{I5)3JF;HwCA2#Ohr*gmzHrm43R zG`j(&|BB@@eX2OLW!&3LJD2G4nJqFuPixcKVD*H}ynA~ezHOq{?V{FP!jaSI*o3>Q=`8GA?<=*akF0aUN>I3ppxnwyS_W%oSS`jfnetrfsnar z4PG)$VN?7w@JDEu8TdSi-dvlMYS=)9#w`5GNFB6WOD!Qmm+b|irqoTE?NA&nIX{H` z<}7@HNSEN0vTiXfcs-;Xr^xbc*s$~kKv;wz%M7xl9nl&%3%3C5O||M%n1!RYG&Xxp zo6Ia6$!wjUp)@A6hsL#bw_ec1?7N04nU95FhHicK14_Gt9qK}frxx8H@hJp^64nJk}T&f+RmZewa-s*fPRS@#gZ}^6pnpl`F41MM*eZ1pCHRWQDde3 zLu=rm%>|ePC(Dhformxuz~nM5&J3!wIg(nZGFX>PfD|03sLrvaN4@WcF7~Jhgo=Ga z(spSq6YaAJK3zz|OtW00?AI8sQQm8SVVYf&Y01Gv{;!6unRwNY4nXp{{ZKbYIyZg0XZP z2%SdO4AB!@N8?k)7a(Uj~dweS`!@?-LMe0xi&N`)JAe z8nSTCbvfWCIDuxPMzNgGEGNkF?fr(O#;^!MmfOgZwnM`?r+x#lJKj$9DdbUW8bCPA zl#{Dw$IGJ(gr~K;__7tR~LyFSkW zE#npYFucfA(s7ECew2MW_emcuzYOgn|6vjws|z5M)d^^{$95yUMkmVh+q^;9%4n`HgjmGMPui0zbV$OMKLG3uEq(gpoSv6+r zR!;n5ZmX5n-8Y^8=GLogKqksfSYN0eFy>iJ7Hn++9dbeDSTTJev8yRZTO(GsMsK?$ zqo%pDuMA)uoyib02*_-MjM2|}M$G2Qs%Kc?OErE3iqq8Ff4CKB8aKr?e}Lq4v$<^s zzcJ5$fjhFgL1$b1YhjU^&K)QGH=SEQ_|H0l`5R?*1F83`CACre)l%3U969Qb^>JGW zY_Jhc?>^I8&c16eo8D~}71I06n(-wpfpjKAH1Q=Y*!0G?vowo>cBlUj(SUDe<1>0S zJ}_Ub5DBXpU&!DLSPQZ_cjwt%7JxLS!ZmW(d$_u5(GRlhE+hkwpg5hyt~UZPi^W_i zQtCkzW2WowJ`8wE^;XrE{8n&Fxo{|GDHjfNXcnz$&Rv3bKPq3M88HrW*n9Y5W~ICz zu`PcA@hddyNF(uhP{X~4c50;tpnqBnEopVRu0E#tcxGsQ4kO8bQGaPY7M{cz!{GP;(?ckfyXo&hfKk-7G|NWnNXtuo!BIIWt znq5h<>7RK}TMUDrc0t6-7Q^7#r2wlfhC%iF4)V68p!$6W*fd*eErvn;`wp_jFsOguLADs;Jgys`LWRlk$TOp`&axFICzH8R`ceLeH|^yi|$x=A}xkH!oFUy?Ln;>&;7* zST8^55PFH#=A}xkHZN5oZCalLY7^EOK+Jz5i-J`~DKe;$;B;h*~RA>?PlMm*UGPCe~qb z7LV8MKS)6DJ7Deg`t)&z%eI4keuAn&j{?bZ-=CxO1C)3KLsS_I@w%-WpG4bp*-86; zXzqfZ&ZS7J`xk7fB=kf!D-eL_H4l4FEzYN^rPNau@8ke3f+r z`0ir+cf`btS+DV2JTM+(^X5{@gFw~{I)QM+n{TC#mgA6Lq{Ux*&vRHf43-z`25biW zd6+U-v;}O6p7#V6eD{EW1WunPp2S7Qa{6eToHjmZxq{_%DbG8C@^vg{h{iivE@XMU z$a@v#q3PNTbU=<9F_)5hushR4Nan9lJ#?l<_0=eTXGo!@3u*&U$@4Vm2CQ9P1VCLK zTdAeG{&v)}PCci88ZhhGPWUz4W{ zsRICQeeOkF{8Jd;J3uT3k;s<5KSk+fl=|}ZSk6&YpJ4T`QL08sj$v)OV{3`4eWqyd z@-*6pWuk@4TxG&6F<}l`#DoWQuj&B8SN_F>8Z?RtkAO&Ii&8EwKM5Q!&PO%q;3 ziN~-uJrE#RK`W2W77H$YmMwW`;mlj<|&@vh=BaSl= z=1U89ht#J2Y&M#4FbngdZawH>TN7}1)RnV9&_yEW5L&n~M#(Akq>39`>F; zW8pqn&I4=Zcgc3b$RUy**NSPsKW?(YTFC|%UNEzNoy`7)FTz)a_T8fK zILgCLCEx)QE+Uc+(|7eE_-|+!J_J5{PTSO`m$dcCM_rqjFnZHLj3B{ZKw1m}k}?76 z5Njmu6G^pbN~5HYw4_Q(+Gkt9iL_rBX@Qruw7wuxzt!+#Dj_t(JCb_a-d=!BHZX5% z43mjU8ZcrXBOw1h--X}|ruSn%=Q!x}+}5>IadW|* zg&Ts+oikcG_d%q-tWm~0w6@^icxMSDDev4ThKEjQ@3fgqa}dT#m3U_`8pY@h zBxv-VAX58jXp`PK3jTWZM=7~ql)MTqiJcV9>3ZjW<(+dzQI}V>qNyO@oimWeQ>}`f zA2;+)nwFN(2j2Oy-3mDI&PocQcXoqFU7}In$2)nDqzwPD82%^(NbKy_LbfVZ;+;QG z4P&SO@3hg`AW|RK&?dce2>eH2r&98ODA@`w@y@fF)Ah~+$~!-zd@4F-6nzeY-hs5+ z+8Xctq@j0?YiWGfiv1IN2yo(^POpKWcP4{K{Y<02k9W30k}~`!Vt6S8h~dKvXpZcE zlfO_W9=evQX!uDIjGwPSq)yUsotM-D96iUXWsVKa)et-&kmD0ruT&op)$yjig_y&X2H~3aS=w385{sGtzI^zoV z|A#Lb>l?iK_HGn^yfS$APhe29&>?&V$Km5S{EL>4t3aUzYZ82B;WLUqUKzaSk5cg- zK0}}4BbtC{0XLTyNC%(dzQh*XOc6ZFMk}TYJ_tU&6lACcUmzWPmi297zQt$oIo5ZM z;lv33hV=(#3#5ZDvwB7hUmzWP zg>-HVUmzVkK{_vnFOUwtO1dECN{n6bcccqr_yj2UI_bqR?QtOxJXsHVNesWf7<}^t z=#?>ifpqXKVk)gD{&;2Z5A1nMd4cpAP{DT`Kw{rRzpdD___SkxhKhg{)rqR!JB6y2 zA3&mfkvDicm1z0#%2@gF%2@T|l`Z8R(-aupjkf|@^=<(=DpuYx9h-;sNoMS}7&s_a z-Z33}xFwdmv9IGZGgiH0y0!ZG%jgl;gT2K%yg-@+TwQ|?n%j0K2zFA4C-_nYDghpRH z3%u?4#aBmt@m22Wtw%|SWgz$>b-n-^9~_5v(;y_!g=Oa}G{tSurMSy9(P51h=t}ku z8&K7al+|$)xa|IBnsH|xGL+^9|_U!PjWsIQm2aq%i@bH%4V_w9D%4eQGAiD z1L&l56g%%>aUlJJ%cF|U-6_fx*LT5w&_T5NXMlEn79#$rbL7^3z>R$h1JvzpRKJ1t zZm)s(5=1;3yT6Z8^6x?X9Yh5PE#dE4!Xc4hW0*w3F(5?3#~|X_C=zfABaB_E*6L8E7Td$cd60W^AB3zBoOgz6n(d$Bo@C3 zLhEazB_JorVUMjh`f`!FL|-LynCR=R(Fy(Op*Mi+Ne}g;cj8$odL9Hmft~>u`_xx+ zEfKDN8TlU@`K{kJ^2cjroggO$VF2Z410eoe10tS{qUT2_NqCpDa1Drf zHj0F!D2W8?v`C<})&i0^rHX_Ll)y1t2!vR>g;259(a5cW%xDe(t$mzGdgg5q@oW@b z*S)WGy#PXwdUq`W?w7+JyNXh%@AeP0z9&H_eM2?+gy=hH^nF1j^>zIa`q(J?=Aa~f z+X+JJ8?7ZE@a3?_{?X|BD^SwE)*qos#%;DnTZ8D!W(ZBOEE@npRtS=DIbS1F1Ua2Z zdg1_)wCoiS@oW^!qW_{Tn+`(v?Gi1aQY2h!B-{;zNO%rJJR3zqm%nNWMIdzFs8;aK0OuDrwc}3+fQ|$(m<#_ozUo`qAvr>H0jf& zL~_)3gNSFN==;Svt?wKNt?y)nzEzaMF-!Ye>stsy#p5R$eMa={G{{>3@SQ0>)2M_Y z^w*2Vs>g|Pi{3_+@ie2jMIjBtB3L+^#p?dVUof0(5Y7px@^cQ-oQH&Sy5Xz^ zOgwQ9hIl*1xoa-CtUO`*65TZ`m{e5m@?826G?p^frw|L=!^NM z)|UeU5|~w&YY9t4!c0nF-}VFH8@p8+RVS#MjGpI#5jG*TnvC% zc?F1gHYz*NNA0#GO_k=K!~+%n;UDJEmVCvD#$rR@;o;S0P)VHAmZ65x{jeFxFPq=s|S)$~v`%|DLv{8rhuIGtl zpZ*FWo{gewVk@od3J`jX?$8pvG3wo3>-!QY(HGwua2e5`YP1{g)3Si}c|fjh9@D5! zuAg=h#pn^M7C>IF#vrk9BU=2Uds0hEk^UVqmK_F6EPI!hi6=hN$R&dO7m?K0wT<>f z28ehzik`J7iPwJtLQD8sOW?Z)>}eA_XbG*`Y6-(Y#IsQ(T!NBF_z4I|;M|H@q&j>; zB&?zYW`d}8+S-92l(nri(i%=(2aT>$A~|l?f{16M==w8CqAM}Z)zwE!ND&Ed8eMk+ zA)a}PQ1MKEja(wgE**8hz9y2oy0@oijIP&E5?yf}s7ppYLrd^tWICm=Z+`(w^u=~G z`sQi$A<=iO(KiDC(YFdjJR7BN`%w~o|3d*vU$K_pUfWE2)ac9Tr1dQYq54;;(Pu>8 zS4Q7mM6!QJLBz9B^nHnv=o{VH)wfYgXr+b^BhnwCEB(6}DCys$go{6SYjna0j$Ij% zjI_^*q`ppFppT8BuM#EEcL)R|FivjM5|)UBT}Icyu3Fbj5K7lUjjR*o8%EbPL{is- zAmZ65x{AALU3Y`fx(;axr$hpOUt0RLK3?m(6NJ+BtVXsO$$pLLtowBm0JYv?gXsAR zReF|6e4Nyr-gvDbH{)XrZp4fKF6JG1@!z`|ohN!8FnWGSB>VIvh|5+0tuGaX(${V=_;9pIqYrl&eXEJ2zMDYAvr+UtjFQC0Sqe~n>#8MGii8J^ zu6~0t3f?`m1dZA!s85WZY@kHXHW2Y_6g~H%BzoQlp)DP!C7cln{kv+(eqV!OJJNQ3`#!7$}LCD+rf( z*{IQ5MIXOaEc5M2BI(n2LBz9B^aX}$eUm`wG29-ZFS?u7w+<-LcL(7zJMYlwL!vL$ zAm1>^uLMa?+@+DH1X)caGr@>tZP@}4@oW^!Hlie+I1EDf?FlU*VKjZoABPqRe+NQe z;i5sf+opJ zE>&AO7lig-b1lIeFTQ4KQWw7049C<6Nq>=3b#F6_h}*s?Uk^Wz&A$N(~`SuudD?^ zB-{=no{b{mh>`HElE4wD)e=sLgd$2{1P>pfJyHlljledIY%`X+?lih~5y=twC5U)7 zimta%k~rxylGaLw-KQmZS?IXYHxnosflCRO8S_hx&J%r358bx|04Tq*L3F)>D&tr7 z=`qc@PdEpXlYMHP22RO7iCgEvCLDk4g-4iZ?~P~wwfIy&DwlY@ZvFtxrT*r?I&8Gt z?_<77wMOmSR}lm|gjk8O7kk3*)7;e*E+{Lpt8S0 z&#}0Kt#6^o$8*Ijj2?qFUZ~nj$Dvq`VpqP8zDF1(948njcRrkeIO&b*o6+8_Gl)k? z#DaJmMB?Ek#9~_uI(=PxxAYgTaBF)aMcUz_QTJ)0@kpqG{qs=x>?0~CMztHW}S0U~BcB++l(-OtT>Z^2hik0}Gu5Olyn;l9T z9-gj;pWvCq^S;(++*Vl4);_NkE0H>~PXf?>GQFnFeee18EV1TaG>p zAST7@HMORCE~I_Kd_}Yl_q;;zi0<0@!k8i%jgfB8#Ze79mgf13yrYzHw@m6nqefFw zKKcbocn&_srw3My)mFf}WF6N+4Rf=$Hg4c*`*mA}XYhnB>0Pk9YN$n`ypXKMfM9^;|JLkkII%(vCzhFKuvzArH?d;O#A<0KRxIaftH#r+wV76Geqma*^`=!j zHLY-$KuxRm4X0HH;YDBn)BI8srr``zvj=ml@$Bj5#Sxw!c;koFj0aY8wuc)fm>;UD zr%E3QZVTc^we<4B2CEP+5O98Q!4T6R)cSa~FkUdF%v@$n_w&UXvP^$7;RZy^#evcU z7B$x(YOr6Y$w5QBm~$r`C+bk&Tuk=nVv1isaj9xT4|8V(D~G!!&W{nE3U*I-NZxNL(U#G8=lL zf&VA^tbnz++>>aD%n6e$udVFYxseeDjoZ zbt0T^vibsz!bqw_R_L!_5EM1eT?-pjAhZ{G75^r)c}oSeYQRz<%H$(DIbz-L-^*-` zlUgg2)LJ)8SZ!R->a(>U3hrZ{HH_Kg!x2O!;(c}K6+OyEv>fMj9RS*4;b zjg>NJx-#Orc>{q==SgcY=Dx)Q$GnGUD~mlng&axTku>(PwU;ke<+Pe;QdDnWJW2~P z9V4=@H$nSFWHFWCpk{!Ht$`|l2l=HTx0xh@e5RHlNh&c7RSk52KaKgaTWUjRHSokR ze{Yc2OiF5;(tI$Ph-vG`6-{Dx;qqj%sbisWe)D%3ulLY~xifycfBMew3S71_+cj9& zl=BXGQEBK@#g1a<$#? zl-V=f9V^REoeg&wu-h$L}I$Cza_sc`nA*1(oT#=$Mq8 z)fItkb@Nh@No@aa9hTMbnuFQNw>s$QscR}bd11E>sgC$^{Ewx5}u@G>DH$57n50vFE~@Z z_#0+2)Nr4TSn-&Ir4t9&V0uxM<_A)8gLH*e8SJ5dHK)0{(dL<}8+YE1YcK(zIlVyz z+?(N5V0D&;3%&-|HB1oyi}}Dmo#d3ybAQlF1koxHgv>QX^M;d&w+eIw$*qEh*E=m6 zpXp=GnO>dp(Z$vx&%M@fW3GeRn(Lr;kJUADakjV7^9uN z(4!-H7r{3hy7~rJA{AFU>hu_|LchBS@g77{k+~ekMB>>Qr+5D8WzMgOCe|1#y?sI0 z#|x>xUU$_w$Txp*&Eigt#+N<=eA5hl!I|F7D)w}c(abBE2B!~vW!S4gGI=_{FP>mq zjb+;xTE*hi25qs-S1}~7t*%PO&x@^IySyZM!|1ed+K8mpW#wx(B&{f4o4mBFrdmN( zmn}_Rv20l+WTfG4Aj;ArEvvX{MMe3rp?EI>zJXs;RaU-Y_|TQG2!-X#OG-iG{#ngs zl_k}x8j8v)Kt>6oth`3iTFgodA-1fdssyznaJdf*Rs}98Uskaknhc0qRSRy71^CW$ z9uDr~91T5`>})6vtqW~B@cH6dw~uvV(rX%4d~Z%s(ZZeEcWz(jW|7hW3`aBitB#B@4io%}5H%E2p>owC3n`_1i6 zOyR-LwmZ}IUUlASe%49ZyE->?cc@ct=*rNDMpRB{hx3jV8X9*F|DCT-$|<_axwUp% zU~t?OId=sn#04tb9)Game>)#^|8xFg9mqKE?5quC*X_8n?Y@T+XH+6fG=DN_H02IHQIZ?S!Eh2N1Q+vO;I@wyYc=hKGLVEIM!xY<;r* zIsE5zKPx7kiwk|=ykONhkJZ+F{-2L84vx!7s>?V&E~7dllre5a=&|ud(T$^g(o%Tjbw z*_z7Ls)C}tS>sLwhI;}Y+)22Pvk`PXY{cBslcdr?Ee|BKc0FsGr;}oBY+$S%Iud%& z3Pd@f6~REicEKwLZ-0Epbf;tJblkXJITu~@#LpHdquF*U4?O3zFLXAfJ27XSMBBNz zbZxbhn7-3la-jZ_X}f!jAM3OXwR4&u3*Eds?)^~5W1-~GEGW9A_B6QvZUqu?n-gk! z^D~Jb8BTp|pttS($qF5IT7+txGR(H{Ugue>&^c0@oqHVAHs`w9z+n4v=QZot^YzZf z$DCe;PGTwBonG0YIB0*-dD_|*y2NR1U-_idy)<=sPR8R->upasOKY-H#*G{Pb!t*p z?lsQF>@4)0UD?QwP=>Q~n^SYPDmOF>0z#*AKU?U$Y1PEBF<2LTFx1s~uy$`Kd0fUS zMCvN1ZK%+x$adPMJ2ly%kG6*fWQ?1THTK$R=;B{C*Px4c2DY6GB|q=9Ds*BCcQ|eL zI*U(->a!L)g`tEuoJ&IqPB=T1yK}|3>Wqx7)pt1;tiv->oDBz@no?)#Hs@6s-GP?M8np?Wuf%rKsc?=9&}=l9b~OD`j|8CEPS%f zIboeeHaY*rd8cKev!gcQ5~p{mbJ9Bbmrct)FF3#2 z6u{F`R{h2~t6}?H*gMWP1$%5$V4Q+I>6~?L+O zehr^)JMaASat!R1QQ0${&o57(z4IbxP^ixN#M$fY+H?Tyd!3s$q2de#)S)6D;H^<- zot~jm=jPfvr#T{OeWBC5WaUghuciJfssCE)uaf$2rGC5Af9upNf}pKZ*c!D>Xe!$tMI*kwoJMSq zs#&=6Ar!y3d@qW1(sV|e>ez&qPo#9aw0xv#&GhHXOTl!nH2qPU?j_Tq&zvg6{}aw7 zho5i~593E0ZTs8iOp>2tt~Zq=O#=JACwy}P7yS1)`|F&vRGsM?Ca5M({VMU{)bB0> zaKiWHMzah6!cBa>6F#cbm#!^aU6WK+K3?TFWV%6$a_+Tlr+v1wdau(q+o{;=v_A~G z#%UkeW!r&qt&fC;gcgSW^(NxBtrARMT!n@U!SG+v$(Ry~%ax48sA^n$T*;AKdyOtvvdi^-YFrCl$%l=0x5ga|*Ftv)zeAUcapkx@ zb!#GZx%Ncra=9Yy`Hr5J8vnRnb>+DBxVpYWPDD>LOt4Nik~2yJ13CqMVRyRll=JbH z(AkcoGjU#sJ?$(C^yeC)XJCyTnAkovKQO+%vjOL}7KINLp4$z~2F9S%YADvhC{-{^ zw#(iQat-|9v`=U4szS(FNIAU%3+%1<9Ai5<$oJZon= zN4As_@T{Gl<2<<~+j+*WnGY$CZwcg3Lktu+)yLqH7cH9jNG(q+&s#XrIs^7P>4!Te zU4#YMBcZ;B(E8k#5Sw4I58UjOpB7`_@j#*&gVw!Nb;M53FveV@Ov(Narc9vpbyQR+gqg~_Nw}jhe)cXae0v9VzWuPwt=>PyvZ*eck&JMHso`x-uXKD4zvUyGfZ2q2aICSZBj)=jKgtl88ULnN#z*Kz0@iM}+yg05BWVoopB7Yz#BH_z+;;OdqBvf$n{SOMu1ET40g8An4p0a#^g4*V_QzvcFc>D3+t;6 zW{k@i&mq}{aoDDYWV?Sz4(K77t@RZ8^>~wSAZ35okk|a%A$MN40-3h+quNl7n2Na{ zaK#;Fggjv%Sa{RH6+eZYfqwSC7qlU;#I>$z5m#2_va`qjy^NPEq%YX<$>tERpiTq= zX99MhH5PsKSpEd8E%XqZ)ii`RgKZ&LlAnfN`{qyBZScQ?wtGbEjAd_StJVi>yce{^rE z!G*YY-^sgW6}fCRFN}5e**0z`4Nc?4bmma!s8#A@CYV3Z=rk$)$gErL~1 zyYUehq=9k49DD|Xp|kR57C)=`u@fKdKgUO$b3<*YREW>5Y+WILlb^XEv?B+1+iFhF zbXsORYtxG(o&v1@TWLB#34vv*PShC(SomJdK> zQFQ`X#80QW6c8mWQC^cDyVy{4^^Vo}+s^r53swh0ofQ|fb8Zyt+htt0CDa?%pM(dD z@u%^Ahd@;4;K`t~r}mihwiTFzg%<9pbU*1V8|rjV$7eR~@)eECSjf?Iu9g*Oz`1p^ zTDS(BzXoV_AV)XcvRSP=*+8>>4f@(7;CviV3w_)h+N`byaAh1&OVEI`3!)uzI;&0N z6%I~0QuVJ*>Y68jTMk&_G^*Q%OLkTF&rQaRZH^M`I5%$&a47>G$N78UfEdhLrNwd1 zxF*y^nsB8P;$Q@DvK6HlTm?H^1vmK=eCjH=$yIRHRd8dZf~y)S_{vpqwX5Is-gRmIx!lS z^G3tl9_mEWnz1$N>CT9I*r;J-DzE>K&hEEJ3C2f@LmeX`$vg)&zqQa=|k0 z@SE?c^}6ZVtnx=&r-y<0y5^}jm%%;GHlbc63=t988P7IzweGjA$#L;{)Z@nL-?-W9 zhPiO}kD#ZZL)9}TSh#moEQTP1m^C%6g!n6QF>^iZ5Oe7FYE17@oHikj}Dx#Q+j z??qe_>P@#i^{(8dUPsM1?Z+cF-6^lp^po*t4EDLz@b*wAlD2rn=FJArH6{}GyECLA zPCLg;E*Ph4T#Jl^9&U}-^N{Ih0}py*Z|=#@R%6jaZjzbrsdC5qKiPCx z_t0;XXQ#C^XA&W_mk;_-zGDp{z>lX_eYV@;C0eJd9+re0)Emp zxUiMc^c!h9gFNreoTet__tpR1xR8mN9krfjFF?MV+3Tcl5}LSp$jwFbo0g)TV3c`o z!L2UkP_N2N_xa|O;Xj{v(e87Z>*T|(lfBsW4Dx(z>>gwS#?x;4iH>NaU3+joHR;Eo zcGMb`7c5V_r_vYyu8}59H600_6xT>IuRSBpZ1rkP{CZ})HNNrk&hDOxrhER#_hmDW z+bH!;>VwQ2c-5D2U9%$xdmCp!Xq?mHK&aPo+^EH!m!7!a*5WX(KJiFUo(%3?1yCS( z8uuY_uWdXEb}&0QYkJwkJBDOEG<<5xjFdcQ8o+-c=hUvWmb6E z%3}N|adq+P8mkg_4{E~rS5j48yt>+|F56fFwza4M2dL6A)T7c0SFfz7s^QPXOw6A? zd)BbVcg)OPeA38A5A{ zt5%g%@v$%_f<{f8(lCm2^|bt{Q^R`jCQr%<&zeW?t0~})NiHg;S}I7w+8q4xMd943 zlk=zg!>h8mx*C0=HS4R&5Q@G?bp56rrj^aepE_}hiYxJZxSF%Ex?~xC5ZJm%iUQre`@|*riWScW=@)#FGCzgH&)cFH10Ks)D%ovY_=;guGQ{$ z+lOl}7{QzG(`PDqhs$&@F-sHc>fm`HwFPZr`QKY!|E3|~>+RNs(selS(0jbN$` zFE7D7Vj>7HTe`|H`_iP!D;#lgi^|T^vXGIqB7`8*l)^2mKvv#Rldl$Dp&l&P~!b;*h~B{(DLKtR;h z6eEI`ty~o@EiPN#$We0MSqIML%;ja}m20t+RQu95;RIGJ=LC+{@L?D&?Vl#Iy9pmP z4%27NOPD-*Ov1>aBZj6V;PjN1l9ndy%EXQc5mUDY7dXj3Pv;I+bQ%hy(y zKu80BduKV5NhGj1IHNg}VEX}FL zBx$=Rea=p`tYA_xU2#wU5-w|sH{e8Cf>T<9+08BE!>ZP?ztsoJtRY*+QP(&&A zN^4aU)p^`+a&_^Vk}%KU#?vEHhfT^V2rrnOkJDM!tgx71X-6_0!}jtO3G(44Bj%em zmnkQRp(a&8l{G1MV$RfIla!=MMFmsmTGMhTP7g0zT~b`-E^qZ%x#*m!MG6ZMN^n{E z@{$eV;?>O_Wmui@G_5)~e3*r~h!o?x83D;PT#bcWvn5p+$&xTKX>nM(pxry8 zQ7<_vX(O=uE2~i+3nPE6EpeBFlJ0R{XF%Z8z7~#MUshRSO!pi^f9M#}&R$tujvR+D zn8aPgGnj7uj`D^+y!5gfW-P zoa7w6J=ugCJJZOPk`1WZfQ7pXK&2v#4&gjsT@xBSZKdZoH8YU z>fE_lN4o){TZ~atvZha+TVTvmK0tO_w$dFRxpuMKX|H3rs$_L>O&QiTZu}ZUkT8@D zrh+MiOZatJ~K22|I`P#L9I zKdvc;lTDc`@-^rtPJiZWJW2phID!I&%W#tTamH5BuLuKot*G$m~#ndL@p|PtQY}V zc`U=j7F-RxEyfQjka4+EU4biNtF*YBXJ(^1Yrc$xRmsYl3Y^H7uSNDiAK5d5l3A~O z)}RV7h0$XSA*PF~OG;~)cOXVjTj`X(&hkr1aZdy~m>On>(zWHwFudkuArn+(3>hjF zhZrIQkW&kp7{5psIIEy1Tsgu>?m58igblohz-o}nMlK0?e*w1+D#Tt(4+&3b`h-mg zGY}!N#H^qQ{A8hMsH~Jf)pBQ|)LP1Uz~+)=VJu{Qqo@%wj93UM^Pm)0lZXk}SiTIu zzgJOJhGi7iNphm)S9H*!WeOb*mtwAzR#mJqT>3Htf68#P#44S%x_IWQVvCEdaPjix z3`QhQqjeY(>Z22!V@bpu6eZrx)x!- z&hV`-t63RFDplD;>kx~S4$77D7W$0SGT3!d%hMcUisF#ZFn^s;^r*@u+*5<2R{g;j zpXM1d4m)Xh*w$P_cF0%}R_pRJnOrT^Mio{=@xm6hkhHSq)e*BJO8Z2hN(D-(=+ zjGm?qGb#)(yxo`)RgDe%T32{nd4@|~vx#Q(FhTbWFVm9)RfaT1Io8fSW<<11%Q8;7 zU)O-okdNxBuK0bbb}j#fqwA$s$M%XEJix~LV(Ja%agFV6RiChSNBujvfjyz&J*~CY z@ID$XoQ>og;4#e*w5niDk9t!!p<`S58sYvitgq-A^vsZk3m$nS!XtUwgTHq@InR*i z@hF~$ZG{clQ+BH19T_rBOsPcI0%*wV+^Ttoyu+;u8?wHEIHk?|G^V}lnpR*)qXu1i za*HV#MVN|)GztXgNmf*({5eK`FSqL#8}c??1yQ?eO~I(9Kjze%lF@Eka|~&EY+Dx_ z(%7bW|Fd!V#yFz}mKMHH$D*bfiy}0h(60NNJLvNadGOWFK9nPHhV2`;1^LXo@k?tC1S#G{qR{)kwztrWhl= z8p&AL6l0`UBN>aDVvO`^igr$}=T$@If2UU?84H?XjPz z8J8G_G+dMw8BEP|-!j}j<{5P>T)XnhHECpFX{)^Cea315c^azJ8Ciz0X(Jl*;`+Za zV-vRo43`-bc-@eGBjz>Xzlim02jd2}&xOW%@QdFe6 zc}AVbrC&Yo@kVleA2%5;yrEByfR$2j=v;Ty=NNL9u5zqPYwJy+$isc3$>#X-84uiZ zFeHDETUE_5WG`LiSXFktDI|M1LyqxqfqGMz?%@nM$HO`GrV#dUhAi`NQT3*<-oqL4 z3J=$;-V|=~aEAP$hYQx5!u=l3kU#Tq(e=rG*lhcje`hierv z9~qG;-jeI1g#uKS2>07lq$6ZV38FCO_^~wX;#E>g>6_eMzdQ;ly z0S&pS0nn7L@qmVWssYfHUUz}>4Ea_Apt8*SjO<2%>Bb~i*2RW2hO-+5Za0i_+<`Kr zQH~pChVKXj-UQ5!s?6iAq(g{AF@&%v z7-A9$I1&;z0keQ*aRdF0`aU5N# zINB0%bj5MBrQ(PeTAxz4q66h!5FYQ=zi1G8MGk|`sIg)t zr5J~r*&CGdzZZzwf*N)QiPBk(6{{)5IMi6Nl2VLA9jAD9EkcFeZOBk##cE114t0{u z?pt_-edUlIW5sGpG4?n^W)CYo!X7@P$5^qNQj9&$lG!5*kFeL-+gkI#bO+d=qhArt zcaFu*vTwoUe|Ad=_6UiFw)J&ys|x#s7j?om+KMYgT=#m#3T*y)B^OsaY@@BX%f+_Z zur=P>>Vj>w6`yWmTeGqCdT*;6w$WC6sUO>#gRMrz_)_21-`*1|#u^RwpS-9I*1p12 z|4TQT4(1f;U{_0& zuH`HpUF;RBu#JjwKSVMAj#mCRDodqjR{fZL)J)V?bFhVCz7o`NPiBduVnf%l(N>(V z^|E!nXui6D|2Hq2S<7Fvm;W`~-nTJc{~HN4Rr|DN{m;Jm<&K%mamD|$bZn8Rg%8^& zk!uf17Z*U-_YVS6y1W3wesmD92*PoM((M(iuxEQwJ1p_!(N$}d2+5icmUtYH5}_n^ zN{FM)JFURtCbw1bPS+PeSe%c@=D_07>6TT#*V}4?ZFJh^onqE@6kw@a?xC$l>BEIZ z*v3%e3Gz58;NNy+U{jH% zAs^rNiWS&K#rR|zE4HN+*bYl|ZQQ|9^P)wO{HD-{CE@}cwgk?ukx1OoWVC(pVwfw&dv~imbcykdxS)85}i)~f^cWpIa$5vJUsv-@r%l%^#ov{Br=rIXO6a9UePS`2j5votPVKQ)9JV#T7 z#gk3mu()xPCM7%>5Vp~2JVV~98h%l9WHz$~|2<#(D(s6?)s}2vU5&zIpOPwZe6|r6 zR`e3trFP@9wV8YR@$ji@vdOme+_T0p;&PL>3te>u*cI zu&O2s-QTAO$NL0TVy#M<)(&3lRM^5$du%AWg@^m!D~!}O-w|?hqNvLd&Bqf&>AZ!y zc2)=#6H7-RJNdzoy4C>oW1oa}SQHb@M7;M6s!f>S5H%vxC!Y)8-7p-9j25qH3z zFOfUtQhHYbgdO~R0VVsiZT&AX;o!8>+p56gCU;t?QM#c3!amp#U8P2;a2m~5I6cAJ zYJohiK6pu|H91h-ta z@)HzlKWLD-WETH}r&2G@*4XbCCbNooSv0}f$CvAWJf&bm2ews*@_rKUHZ`q?+4su4 zd4!!a+680tCF~UvxgaQQDS)tl8U&=2`MX>lu7=U1*E$%!kh;(&O4h?gXe)B>$R}c1#8Lr*VQN- z>?4S}GPfqXi~D`B_HFw5pFLy(yILYQzft;Z0ffDE5YX8v{*RqjW2apyr`1~Qv@7K_ zz6?KFHN;cilJK~)Yx>xJ^dlLxR>@+jLx-4A*@YXksCR{^k=a4RVyruVf4?G^o+Fw8 z-;z<_A;g0EdK^@UN(B{SET|dNeJBOyF)G1@FN~{$vlF|CtA)19a z?(>+LQNlw^y6HkxDoY{8vh>|lmj0q>_A63CcIexQi>6qs5^F_SLTe}aN_Ad_Lz^GP zsr`cxmDnseS_XzT6rvJ_Hp`w;i7K6@l#Ic80tis~lmdCJo&f}=oDB;|IusFBf zLfFPQ;zT~Bd>o=U@(y>s_>B#+&_SwWQUPqaO`XtMdM63py^4Im(mrFe)x{1DR&Nu2 zY}Q{K43mv6^Bo)Q6v;=GmKHI#HKH< zkMWJuKQ*i`m}7l1qnKhywB?I-#d|umcA0nr9hn^(&CsEqU2(KVigjTa_tsbsF-b#n z6(-}SB^z^`A2wL13&RjXO`Gl3$ryTx2{42tO^2X_oy~HU`DcteU~hSm3)S`^VQ-hn z%}$h_D1c$*F#n|7Soeb6;I-OeG3X{8N`?7oVSxF`KKcsmZQgu0ECzG)l^UhOe6-e{ zBD05z+9LYiu!dO(vNdCf2_dPqL5Q)n!LA2}hOGQL#nL7^GV717ib6~xq!5w{Da2Sv zt5PAIs!)~{Y1$M;9)c1vg^*NCA;x0*b}FW`70X3MOy7-S3PFjOLP#p65Mwb-Jt%UP zW$#feR~Iq;B!Y#YL`)$h6;p_@m@Z7kbgg2!UDPh_!jNJ})WJhYDxwf$5&a|;(U%p; zJ)+jZ?Q8FY|3XY6Ng*T^Qi!pT4nKIXr+VoLg|dU@6bose5Efz*A%&1sNFl~T`amkA zDGKG#BBVpZkU~r%q!5w{Da2Sve@KONszO;NYP03tVMtjBO2iaGQZa=Xi|M#SB4>pl z|GrxOXX`N7bG)b>mOBl0hQICtrx5=?!|PRH(R1gmP~{{E9@4GC)IxSQ8NEp~g}GD5 zejsY6{7KPL2+&;ujn2-oTN=}9lu@?Z3Spf0O65V(k=b#Pc`)~T^XF#gn|aFUCYtqU zQu&oPA8*xx;gPKTcFZ|uo-(?L=sR`CeSv5)JAk?c8f|wmR+)XuC?{?njhD*Qq3i?N z-P`Z8mG`t7Wt0=E>}gV&E}F_dm{)r9YqJZ?JY{qfcaCRDcdnGm^`gnX35chjM%xR;`prINloJ<;JWYd%WcC4l z$j5(ScCOi{jB+A9H%jGp(Ny-q+~m!#&CWCPl+hiLogPj+|0b1hc=K`J1aqf1-*5Su zR-=q=B0Jxe%FjfT*#UIFw|`!}Z&F4%5&kcv@`z|EJ76C6<}auxpEA0MuK!!9{KcD( zvjgT2-h6+3-lY5|$rITbp|jE$(PVZe=-?{~(4=U11KLfXeDcnx56UPfChz^Ea*${$ zgPZ{Mz_*Y5g#=?G_eLx@g_E**C7|JLoX84<=a;s=6`(Qrj&7WWIz?9KV ztew6fmAk$9IQw9}maCV#vtkr# zh)wv!*9RN!*8f`klMOQXXS{4?4SuvTIx;(;2EU`19aw|k)yod5!B6zEgKO}6d)Xm1 z_~~Bu>Kgp3y)53=ZPhUzGq4tby{@=}4f_>|+}G&og2bjW5S~j&j=>O=8iN>EqJ)~Ecr=Bep+-}PO)QAW;%1-C*kz1~vl(J+ zQz15l6Oxg-@Q5+7vk;TKN3pHl^Pz@O5%)T*fl8$E+cGc&`rG8S<$`GP0!43eD0&G|N>{yskcPJS znEWT_I@|(E&2=0*Q58tebs=b|xh}*eh8D@9(Hh$C<35jh`-Nj6R`k8CQ8DgBv0?|# zQA}LGacH~-x8-JiEo`;Akein@niB@$hvv*lY*6}@PEjlx(zUG@-WwGgcpJ6_XPJ#`e0_H)@>*bYDGoxgrWjnan-AS}bGZgAHi ztH}nU7PR+sPDf#=$p#{Yg`qA|NZxGkhHM@0lh6rU^`a^)DI1lYvwmG7ft_?5a+cT~ zBCesEHt7FZtd*+GHn{(-y4y}!|K<_==&3)OJY}9Are~;oB_KE&t-g_h1XUpEnNRC% z*mrqRPuK(P2NC3w2_o?uiT5eeU;DAq1&fc-*_icfvOQ~*@tMolnLKvf6+4ceTgUMa z3desdL*22V?l_|8-Y*gH{H|>tz!Kyb+oiUjkXlQ}E?Q$3(KFB3A(ghggT-Lt%!StP zm8#@4vX6Sg5O#pH3YxTYrOxeN6-}+uV@$kC4>7i)xb(v4+=>?#4JmIiCiWI$%-hwm zHzwyN{iumfPCwP5At1jN5*h}e7; z^JwR`s@~Rv-f0!~887OF{g7^EJ6%e5N@@#s*zbE$H|&3VQ5ANiD&WjfDymftrn!u2 zt@EK(V5y#+6<`}{TJbe~+Us_~Qjt84N{!MMA8;2ef!oRumZ+UBrJ@eev_>6>(y|8I z81Vnsn&v#EmG-a{!BRbIn)eD-D;j}H(-?+=&;Z_L0{A7YhV=>XntVD)$-F3)v{TJIu#z<)4<76($EyhXo z3>=22P;$V{CAe)eRHd0Y*$jQ&DLQL4b{Cyth?@q<*K@1t>p3Jvjamuhi#}VeG)CdI zHTD{<`ml*X8*Ahk?ZinQt?lGKxmsgfHJA`YSsIodBeI$)Q)*snuimrIn- zg&j3YmlVJ-2F%~#%~xUDyw+S;47#b7(mOq{3X4YvEOYuc@3aDYK|=*9HA|f0b6KA^Vy{`xaT=J z?H5q^vV?8`Q2K764f|lDHicgmIM_XQa*pd>DEwGL=Y`Ur8le=%k9YbGN@4TtQgORkC`07+)Z}*}uSd!$%Dy46EU=@}u*@_L8EZM05me34U7S|Tv zODeFmpPjE@i6oD!Qls=bCE0+mR|PE8k>4GqVHRN#+)n4~P+aaLDY-AUVuthGT-b=J}*@n{w z75KZ#<<|5M>OuvqPH|%AlGw|AVtZg~UQ~r8yQ8voc5{ak3AUG~gfqT54SPFrEi0y` z;USR~I@2@WN-Hd@su$YU@H%eW)CiJ=)ZnAxLTd0)&R8s$1|JQh|BFH*wU!o~7hSNY zOpE9nv`DInh-8}#&Bc9TXl`sMN-^~yuP?|h%j_C@%;r67hzNFkW2!H67@U&u6edi2 z3PYqMKZOaCNnFHW(u7cS+SwD+X4F{FY1IH zzq50a&q5tFN_$9ZcO764@S;xG!w2b7I;#M}zHUOJ6G~@FYST6BA79!Cq_o{0PHNG> ze!`17VGrBWq3lxSigPLaR6_FsyXs{PI0{!xY;;WN8c9tX_KSmnlDe#$q}Tv*!08tH1^NSl2l&4s01>NpBCi*rngmazz7X%+{hM9UZuwy}}o=f-HH zFZo8Qz|t}{bHX+@QYFzymAH|5QjJup(Mb3E2JV5~u3;oqYLwovi|bhy4eXD1ExKQ& zMyYc*4}|@#z7dk=s#2qLyau9Kgr%V!kP>ZeJ6^Cfm+8XZp)u!leaVlSo>5|VX&7FW z8l_hjKv-JeS)@b6 zU8%m%=KI2}epc;*rSg)UfH-vKGn0c;llmJVQ>EU>=y z>(Tg2oP#omtovVVQ#SBzM#(F$)_Ib~_D!2c&d`pABcFw#S1$u`Wgrz??gOunG z285;M9gq@@|2&?r={6P%EZxS%LWwEFfUtBM2c)#ncfig|#nO`;kP_z(vj|JKaX?C$ zRsaUvPAqebiHfy=`WerHs33g;VBq&uGIr<>O6#NJhiV87!<-LOCMqE=YWUHS8inw+}*B-QRiLDGGs+L*RBpK-f&(}bgZQ?|m=ql8eh)TWNA;j3b9Ukro-C22@#{NVYM}MROVFfp=<6kjp+Up0R9g%eb7bhRR`Kqvf)&)pA+*_jNS{V<*oe9r%Ol zhq;XT?=aOWm$70c>|7SkB)N>U33Ea&8!isl>O|6`NSu@slf3O9!xFLshCw?iVYh2- z?WB~h@+)eZ6~Ef!fnM2OS%W;p0VJxIiE3KIcdDG$sbw_ zvr#u2juU5qS&S2tlZLq?OXMT(+wklCJl;+7?cyheZc=fZdRMLqe~0gct*{SyQ8(=N zni}ks3A?+$nmETcW+}a<0EP)j%+XYdrgjylMCBS9o^I-ZRCRE7ptdx%!&0KPhiiDc zy3-DOyOV}BOb$BgNa!{y!njRD(6}{G=+i`@LlcF)grpVjX2aRbgrG{K36-zV&B$;M_R+*>Uu<%c38;KbL8}&yRvsof8p-hG>OuKLXl9$T2$9 zDLUHT*V1QC&r@bxS#O7>P4kmtn1j@bayS?3eRR>H2UU9e;J#ldR?4bH&3CZfVEb0W z4)aFZ4+eri%uuhb>zHU=q3Dy_uXMr&(}D90$j<6(Njog2-lhdq{$R^-S~)Qsav5t@ zP93=n-zh_(ba`vcy(bIUtJgmSQmy7 z)`i1`Xx(Vbg;9)78V2d4VU$i9hUuhXoK6}B>ZHR(YFiv(JDVtsv0)>GRyI)>or%KG zOccgtqOzdQQ}3%^{!n;pv8IQmm)e{W247bV!>U`A`5** ztgChelujCk>7-$tP8tU4 zq{BsOJK$lMCJJLTQ5c|!!stvChGwELE)$gn#pR_7J&emq!_b_R=o(haHdllJI&2uD zlZIhBX<|`qcFW>F%8#n6d=PE0*Gpv2H(Yw5e{v#DWm}xe zXc@dr9vLq-p72bEGf`~2JGLDyVzFJ+>iM(n`hOU@lZMedX;=X#4ZB)c2iDW8M(kO` z8|~6~3>j^;b7NcCqZd2m2ExDw8PHB07aEPn!XQa70VReEkZ%{0+zz2AJVcKp7 zg>}0`GZnXqlKw+b!aor1LD@bIY+*X#f0Ua2Rib0<64uWgT==xB%MCjCsDzKD4u;jl z4fC1R0OO0LZz9-+-M0-F)^NmKf<*0O^PQMq=*@S=hC0JIr|AX__iplyG;ZG9sAIW| zTQuzbBaIx9EWV?_=*Q4m1lu~hbsRBzi z95AeilZI6hR+ZU9)JZ8V@^^hIuvbY`-!`K_Dx7wh3?~iKk=%C++se+_B!fDdD6F7~ z!rJ91MM`ic3L`U77?z2ir$(Y*xpag9J1M7O?!`GNHKAFYloBmto1?I_%Mgv^SNfUyGh+DLqO0QEh=9=(t_5HFH_69HN zhW&Rh>V(}aQU2rB5j9FJes8WbtZL%aMU@zjuHuxaoV5llJ=X!lsyb=9JCFmK+F>ct z+S}If;TUi>!+Ix2CpD)+`5@D|km)qe9xInUZ3{c>6I|4<}@51RA}h2P^PubX-EVa z+NQ1c_Bn{IBX}5Kq9AOiQ)Zaj;DM#(^R4qREvfDF;anW&qw5YUfGWde@SrIaqqabi znzIT|ZKq>~dRZqAt7W1vG_>X^`s9L|e%W9;v;*Y9q3ke9dFaj7Sg?Q8@X4RLY4cAm z@`#!NVTTYBol<4bN4^(epk`cFC5AF7G z-yGerH+fMNmd49>S=afdWInMoLp)NVQAk|>sScQ!Mq)^0g}&P1gPa|AquFtvnH^3F z&uANDwKvoq8%orxJGLF2w6HyGNZU;r>WPEwi48?*3nR+UhW7fk`pxCgV&k#UbmOrw zqtv$O7O4reOsk??CC{St)&|p|9Uz|`$_`4}YR*6G1gq6$=AK=pw6`=2h;B&rOr6=P z!eY~wh_D#U%~xxb3iH*_EM@)H&CFL|v1xnFuo!gH9Hqj1v^<(2`-g~H1z}$;k;?>e zgmiMD2z#Qw(KNK;fnKo!i(+C)jaz)=xAWnT@s?U)PxGSLu!krryN?9>djB!00qjTg zByXt$mZft`wt7U3!W3`5w1*IHW9<8T^X=rF?}FJXg8+~4#@nL+B}f^^qD{=OoHMP@ zz`o8Kk0!7_8Nb;_IS2M$FFGCeXA+IJPxp*DVp@&zSUG6P&ON^-j3-Zv17y!X`D0>Q zrO)@htdGJj80j!0veRJsV3W1ZNdNVw2MQeQuf3=P_Kyow?L80Z=W_+cMt`$xs{^%?8Vu$Z=?2utjS3T=l`T8(3^sMDauH|K0xrqev`TfQ0_ ziY8zTp*) z^;v0!UFthW7o8Y`cHzM%Cdj;rV5xG#9p6OynSvde&Gbn`J(q=H{zBpXst6OdsBaHp zV#%)CLPH}p7|LX1*jN&cl41mDh{sL!19@Ky^_Zu>o;biiKdMHSe0NYs*@ zy{<-qDDCPZ^qRQfz~OD)dPl4kE%nhNw!B}#pW!XFoh6pgY)J!KMA;Vmi_&_a3>{L~ zhJAw%Mr(b%tO@S*w@C;QX= zBpyxu_bNW1)_NtBJ}SvU;)k zD%OhTt1!&GUlAvtnzJ+23ltxr*`gP=h_W^I7p3(-l#UuZLoVt zw4+^8H1;dP*|$)ECBl}hZ$>SQu`UdANxx|9S2Xxg{fZUi3;ohAN&w9R)cVhwW#<2O z&9j(C9)^bgCw)EVz~1jg71*CjRG+UX;Myjq&}(A8!eO!WofB(C{R%B&%lj4lmwlYA zUlmJe)~{fTC|hHHQCitZ!(Q%19YpX=FKUDRp+w<)ML3%a6<8vyccC!GWWU-e zScT?`Ir=aS}*GOq}YS}XGPj!5A~vs!^F<^qITGCdC^?hUwTmo?8xHV53sv? zQ3vdv64e)s;g}kDeTEUXPvO8N@Op87*V6Jy1>Db%RIN$nS1)&-c&$g$NH>w zlUu%6Wm|A0a;C3*H(C2`A%Z0@Rtebcd_Fp1CwNg6wn)*yh-jroieBb}ufU$@O?APZ zB9XhKq%^kxmbCyjZM_VOR&FbPg~(LJvyYFf74|AGimrzD)uGcpB${vz*P)pTIyG#M z5~f`=|B7i?vk+tR{`IRvkd;GRVn1tv+%S0UybXJc4kaG{Jwu0_N&$U4FTh^l zap%X~0AqlxcZPKV!mMKzfyISQQ?M9f0t&5hyl95_D&n1r_`Ra3M=L{&eZg+?Qs*pc zvJjhS3I^^Sa%twal$i^$i7%HvE;GmZc_7**`zw_bq$RWF8L2`sH&6SBSCvKC-l= zxk7BBxgL#k^(!*Xz_sK-j3^Hbn3-B2jPe$I<3u(x_qw1}bEA$H1ifbKj6TlBXBVih1HR52 zBajImV*#o16Qgz}LwHF34iC^Bs?nHi&E{-$UpB3V1ocGD?w8U-qKTda1|28-6D zY|SKopJ!X3qg-Q7oH^ARcJi7@qbEl-!)UWPN1sT>+e^fqS3VOovBoi?+}~q{iB{o9 zLDP6RADJCjius|kHQJn>ZEZmr-9)0dNTu1FP*3cP%w|R5fqBG-x7vE*v>Ih}6J2E& zJ)|+&Kdf=OjCca%r5@4>iu#+!dfAB*z`7 zdK~5J6W#0ta;S&Qfkn$Eox4NJ8G6mu8GW1;6YW}GXO0ob1V0&DK&6uo8Nx$y(gC!; zs%?|bBiZNy>q$sZPi)`w=;Lgkv#2Kl>F|&$ELt|{?88*EW(-_D>5Q>SXP?BRgVAPl zjy{o$w`c#{Tv1H)93#s8J!Y6_%O)Kf59g^#2h6d`R{l`pDr*bM=#I#uL=)!%pXk=G zuX3o_w4E!{mxx-2dP6iZ0eXwC!r4}dX*J3yC#t}qD}5EBhZ2EY<{_=HXxYRxF046f z&DI=!d=(SZxqgsxj5us!8mF;YfWp84-&~|Len9}BPY7gVbc-9KNKjAgE__Q$KlK@l zk_zM=52?bUWn**(BXi9-xO|L`voSg&F-9@kY|7CmlJOZ?EXF9uh;o0A87A7YF-jgc z`b^9XTMWn-Jfs4PmYpXyg=!gk&E^AroQ==USJz`TM~V$ShOTd--$JjQT>Y>Tk`)T4P`@yu}7^^i&Ze2eeXHj z>NBlI8QsM6^^8=;j&vi+o;(SM7Le^dq!kt|J16X3rq*mThHi^t3Yw;dMo~`%@&*s7 z!lGp-+Cv%NYj%grPqe$+iT2RMi58>HW(0jA8K2QLixVx!h;o0A87A7YS%cK#Jax_i zbFi{C+MKSlE>0QU#FWr3m4!ahQ3nJv$3uEx(Xw;S1C8gLp&KS2AE|TBwrS-(EOE{u z+GZOWeX3Y=`*nT+%Q32dabvfqCt63`whD3T-8L6gna}Jm{`QEe2>NBlI z8QsM6wN@(YeAkGswtzI-9^@E1$vGa-N?(Pw_5+A%HOeR_2Eav9`H-(dGys5H;vt=| zXg%!~UE93enz-!?tq+WvJlQq(%&9DFC;knVe0Fg{*G*oxge%3#^+n(LS-k8cU(Gf- z`Xsp+g8b%WVvS=ozz!ogJJnP1|I3Cbn*YUtxUt{+KQm2`1(=v~Cnz0@I zX~#{Nu-BAXQ+IpC%P0PQgke!76Hu4Cj4@Hz?k7-7;?SFjYiwIHmA7rv%J*9>Z~HXn z?XpK!jGi_#y4FnBBClLfiNA}+*C;Db{@+EElm9MT+}g9`?idq9v*!%-nN?C7)f{8S zdAfzo?2>_0bisejJcA~{^3ER*+JDSE&p!L?ODC3fF%5|DWR*JY{A1?PZLaVPwH4ufMr`Zdxy^*c6{(M{a3xmhY-5KUc(eM85Jmke}=yE;IcohBcW zi$94bHobr}>*6mmJ+{RKpSZ6M8uC!maSqT1t?k*Pj2(G4abyL(9VAR3Tn+XsDI6t|0t=SaeCM_Zzs z8XRDDROqAa3OwIurHpQ(%MD27oTApS7kg2ZE3^to^sFC{W^;u;(Tumob`!{IzZt|a z!YJ}tV8VRmfHa!{^l`B@<7kP(In##~?e79< zHY`ljK*^yBXu0ATZ5OopLt>QA_VKmBVsDH=FWX{QE75u415)~!SB@$N1Wb;!s|xE7szisBzjf_ zNV6G39~a~Ot7D4$JYiS*ABD5aD0d`rJ2HgW@_Cz-|MS$5uwaaJK ze6O7{x{0UYj+M&sJ~6GZ9bObY^MFyOJLK|QfHe@IGy^f`-WDj<(| zNE<9#lg;HwcA)$HUbNkeG23j`(I=K-P_u}iSmPLR&a|ON)`y9=?Ce4V z;yyKpg88{J#v}8T(M>!u|36Y`HY?N=JET#N{Pqgp_((WNu zShQ^7xmf8g9H7^1ozcfxG1(Rq561|kcx2uJDxG-95FU~f51^w|ZJT&5b`uX0)Dw$^ z`BGZpa~Aa^AZK|<8!TEj@myRC>F8Oy%{k}ozWqno(POQdUjvZE6Lhnh{?`(^q%QR`IkWAlKn^i?>! z{cmsDF3aoH3_BN9MriURYW%GzjioKI1d(M_B(M(G7zFZC~e zi@G|H9XzBJ7Ol7BU7d!=+hN!S%DYYCiHRmO^FEz;sFA3fZE*CdYBA7Q?oO<6j5J)@ zIMDu2(^1x&=$h0nwUh;usl7+rdyCgvZ=#HDVuVkV%Hc&*FDL3I;UQCv{Ez7r&HIP7KlGq*C=sjW%+zV##2Uv4WP-<7K&59Rng9>Uvk{=9RPB7R zy#46>)*=$r^B3O*fAgiZ+~+J>oB>(vAziR&+1cpgVzRq<(AmiPjxCo{XCn+Zn|Jhy zrday$Qh|vzjuGjB#dZ4d5tq#$G$H|{&PHHPQ`Yh;_56kiWpoo)>gP)3{XXGQvjJJ> zAsw)2+1cpg#TI;_nt7j2oQ;UO*#<|SsulySxJSb=(r{_xKx;S~ZF{BE z8@8gShlzCQDChN^kQhP@ee$3j0Sn>2+ouLXc!u%Y?5H~ zlIP?~0MNC5h+R;hB`Bkum?iF#%8!fj6RZ?6Am8_pE?Bh2k1E}*&v)@B=NtI;FuvWG zpu6UUVw)|wzn|Z8NS&6pRWH9CGP!=spz(?PzoS_4*vQMETOICz%bx2XmbQx$f^Y^Bn*S>4*&=||M zwxy~%?6z^(cebVvSo@aUonsnl_Dq95bI*8tC7P>BvFhg-^U}*lf!T^)`H%VO6)#WD zl|u~*KfC{9etKTV{6FR=`%#4bD#8XSx8a`K{G^0Nk883>Wx7dS|Ddu|JF2 zf)jRoRXE>?6I*yd?-{QbWd%sHRYsq9iVGF0KC#9z!pL_(x7Q|Jfhxjw+}^6rzP?GL z8#_Rn4St49^YyR9a}+=h@liz25CVCwQQ)F@Dyg^&6efqH;5&K!0_atWJ%6Gt|0Mur zloQoHK`NcT+EMa>@R7O11DHUX%?$duDDIE>AKXV14Q+{TYN7#ij89Boeczlix`}=B z)1E~WKsveO4@Q`R*4M?*YKpz*y7Cl=( z@vo^k8KIjR5MaKm(7D%38QsKY;;*IhC(+b^0P`DfzOTM{Px%j$+gq+-F=wyn4x3`6 z9!c9lbO=bZd7duQZ}2Xn6DN=ZJtTVB0+8n#1ulx^L~$c5OwRENXPyr$y7eAHlD`N5 z)NJhN6G!p5$WXrsAm3;wM>wE2s)~7M&2J@BMmcdS`An&tFPd!5inc&!R7p9rz5JtC`mL(x6A@2Gi-`gEa1h7!L7{z9bH z9&1HE2BS;9N7{LV!hh7u4yeJ?Wo(7~I`y%lFT~$Ki>op>4l4R}4z;Aur@p{O{=nMI zfANy=43Yp{u{EGeBM_B6!4Is-bHx6e?1%?{T;>Z zBziap0y<0OBSnu9T`d}tt5vU0iryyros#-)EB+n&tv)~ey+Xg~dr9=by^HK_;a?;i zcz)R##=m77@vo5G6GgFmpUR>ABTDdJDZyj6RmZEM)E_^aC4X47EFVACaqy3*JgOvr z+lpVO{`fBK7hNIxC(#A!#{(t(`Fqm;f#|)WZw~BnKOxL-nf?Q^!zX6@WG~bor?@7G zP7$4667MaVtnU&%UuU7KL__;8lYGAb_t_HsIGwNfX6PO&A0o{t3yS5^Z^ri+BgoF#ai$?=3o0^w1Lgsgj>2 z+AF%O1b?UI;k!h?C;Eeu`T6&fKOy?xqJI?~t@)ByCx`V3^-dRlfoO=|Me^N6d3EvB z68vi--z55Z(c4S#-$3?Fby|D!U1<5yxeogf55zD4Js z+eORHXCDa8d)KSXgG09lb~w*oS8~2;*4~o8u|3YSVgC6*beAsm*?2fh3feWSAMFmVtld8@JE1=E@lDp} z2H9;^f0Ojb2L9KpoGFjHmgEy0`3F~)|BGbzJ)-Xuy-W0Jwd2;>L+@MCzgP4j(O--H zUNp@AKJxb}(E~);XgXfyR?$$uPkH&6=mya(T5tWg=q_Af2L`?%{DY!b3y=Ot>6PiD z_jBq0MwIpCGb(Ravi_SP`9Y$Giykjp5uGg>grBWfeD4%}x9CSiLp<{9bo>s{J4IK$ z*lDa64fWCcSK&WfV&|KZhx+@DbCQ11Eux*{L!>JoxsCY02)~CmQZ|d0*#|dCxM`xV z7JZ%Q(V}6Lt0Z47dYw!2mWWt-v>oE@9H%0KTG~r$=@!r|4RG>4$hRF_m$WiPJgBR z4T!E6y+Sl_mpvl+??wMhv_n;xQHqpC9$xEv~=|g*vm#{s;dLF5K zT_Z|+h4J8jq5O8JJ<9xFs(L+N{uli(`=6nD&k_yuO~2dPe0Hk6=7}y8T_UZS{wpPsrYlqTdz`+k2e+?Jhb|bf)NGqDP5_`s8V@@^yL8Uc>c|(B2O;Zhs{D zQ_<~YKg3@m`K6*)hm=men*NvSNrp2V5MlE=-3kbzmohn zqFY4&3|{+GEuyPL`$f+cT`&4BQ9eQw*5}VU{@7)NN9sPy zc+oN1S9z!Cw?!W)*>3^=LLFxxW!-bsU-lgJPn15-S@NJ_m{01xuj;>_=uFWNUxwQt z{B5FN5+#pUDxR&icg=IuKUew}ioRbo^j{YDcZJ_1dT)t-8SYKGztt&vx+r;{27w>iLMbX!y|vMa94=(6x*j&F56$;TD_f1_5-(8|8t7t7STII!~B-v%KZOT zcE%{a9YxFV$fpSRI?v<#2@c;Tv|vqhJPo+TRAe{1!4G>?7O zQ(2e>28Xk^LUHt$#6z4RZfpJDBfIyD{#^8zCH}TkJ;sUdF1lw){l;!1zRd3aCH6m} ze11~&2GP$1d8UZ`W(mF`dbjBJL^p|sB*fh>z(XN0kpD{MM?`-ox<&LE(U1(M7vixq zLe~qsh)(AEAy7cRkB%QG`dU%0hmI=I4{;|7H@gIXq2w2dzDx9y5_}o%$`brXCI5uz zO`o`XP=_MeQklo(JN?S)qQ28<5_`q9GnT({y}4(U~Q9KGziDUM+n1k)#tO zKe@ynA5#Ly^SP%BzeM!R5`Azy&jgNohxH{7@0Gm|h<>cZK60LCx(w*>4$6k58oVX_hcvVx~f@ZmmJh!1g(NzcE`H&DPYuZVtB_&!$m{=5XXyNt0j2kr|S4=qU_J{Qc_+w8TuPeFT`VKmHhC!%5zjcSM+V7 zmx%JN$k5(!c0zoa-4DqR@0{etd7(b?YlOd6^g7WSMQ;)1`C48K6WSZjPKXcf@-C89G#4;P&!dZcJ*FU0X)j?NN%_~MNo z;dtRjXrKFBA?{4+@g5A`#u4fxUoZUIL@yHMg%@Ez`J|4A_K=tLqYxkVt4*@YODaPA zuXX%)qT$OHLVOwSY3YyD{__r^p+53)I=-9eo}#=U;nga?R+L}(hxYc;@u{Mr9`_}< zAJHisKa3CU;pdIQ9W9ET5Fg?~Km5R+*9(OD$hog^p8Ty7<)`u7SKzsJ?q`JdLObD4 z>_hy|v@bnQ`=7J5@5t}ULi|wWmTW|JcVgeBB^#M>U%yemC2PqxC9Zp0vQgQg>Q965 z+hsf_Jy>q9{!Z-Qwq)C9o0IY}+3kt_)t2l9*%^uFWLvTwvP+ZlvDwDNbE+-&(DkOI z{6*QO`Hhh~z9ri++nkiYID33)3O_E}bXH2fQ?~hnNzs9pY<%`eQoeJxB`KefJ(ZO2 zl0C34W#1kWTc48emR*;W@1AW;%6VF4a1~mz^usSLS^A-*mTb?#22^Uv(hqI6WD`s9 z>4#ohvPltsgh@tak3Ab6$RFPxk;Qq=YdSK~Px2b&@^QiQ)6*rN7s!vQ+b{B&$C3ZF z+rJTsc0bqTx&5mHI~UdQasRp2Gf+ zlDa(ZSNZW&z53;M{cD|toAkSa^^$Km%*nr_`122=QcYcbwND zpW)=ZFW?r*=V|D5xx-n$&!5|0rF=3SKOp%G$>l!Ff45r4YpDLv%K6`ulDAH(7qkCz zBpYe<7?JIkZCLLPXuBeNnaOiI*)#|IAK~+M%jH*3ae^yk|4_;2DIQKsC(3>}zs(kY z(gDs6pO9UOokN`bKG|O*`MCX^yi@Y`NPe}ZvfJI^?1PeTt~!B+L3Wkola!zRgue;7 z>>MunM#*Qr!U;YkzxjT2J#dand4~r9j9?ezdA|sdCJehF5K)?$+MH4 z;0$%3UX$~TrJ!~4<`Vhkb-B$OI#pdJrE5#@cL;yAo-^J-_d_Eraye)R7Nxo6`x!;oa>+xBD$oBc{3e~hm`|=P!GA&cR{icJpHK6@Z`a#Zm6C5%KAEpBl>AcRk-yvIXO+ocP{O)7&l$|#U&+oO~Wb;M-cZ%ejf_~U-a%?)J`#-0kngvp>Xj|* z8|WWcy?F8Tg;`I}2}ic|oOFD9wWlXr)Z5p)WNH6EZ(q;A@}7muR<7vnH^icqJxi9Y zTrhuG&!T~qef>T2SFgzyu3WxqS?@saqUop^%_~;yS%@5pr^lg;q-%M&O9tz zymZ+zD=k@WmU{-y=*w~oOD)DT=J%g5ebxNFf$1}|1-yZ5iOl&@H{te1MZwmhqMtrx6bm7DR! zdRtoy&0n6aS=r}mn=Lrxpk=))GHc(}eZ4(zUb@QHv<|PQq{kv!oma`4e(}=2{sA&o zZ>rv&{((MgFLzvBBkMV8&M8NneEgB#dp#l6qP^ZhPtUQZbo3m3oLcX=quQ)q)sv5; z9gjWfO>aEnq@Fh&b4>fu)t>4RZ#?Pfo@~YH<$1gdSFTcf+32zUQUqZRX3aYGq~qUs zWX}Q9514*%wn}Z~8fNe@HJz)6<MC=(w>C_YqFl>t0(sqBi7>0$7^-| z0&59pZt0@>V6d^52et@l&pEw)OBb(oMtZGf=KCZ0*a_f+(D{JQBeMVp2i9Y`pTF>| zo`q+e)w6j1(q+ZbgS>I)Rs*>JS^)$%M(qzz(fRuI^ekL6KcD*R(@qdePyZ?#q63TLHp`~>uU$Sce}U0~ zK1a`hTd{JWclweQtEVqmy>!{4{gy7u>ZLp%+4MzgSD2=w1AXp@^^pFhD_0CE^w_b! z-evQ11#zpE4P?{v=_Q+P?DQoojTz`&WB=DX`t-h)_0ciC_Y9q@&RAqdC^=Pk(sCN` zXD&3DxtYIw=|YQP7OAZta>)x6@F5;xbw9g4Ih*Z~lrU)-Eb8U9os2{QLzA z`g+fyv~1~$UUq53I8T z_P38C{(tnLKe8i@@%#G{>z&GVUeht?L4RrDMt%18u3PW$jB{5i#xLbZjLB_Lf3A}^ zu6GFhxRUb)pVQylzufO%8cL ziGS=IBK^T$Y_4A55O*F9GVMSA{lH*^!#$91(B^-yafJUv>`r!oz5^zw*Z$V&s~Y}L tsGpbR$zyWn0lj#T_fF<%oM->&kM!$&eogrw_bX@hgPfQQm;Z(S|6lkJ>xcjV literal 0 HcmV?d00001 diff --git a/authentication/authentication-otp-service/src/main/java/io/mosip/authentication/otp/service/OtpApplication.java b/authentication/authentication-otp-service/src/main/java/io/mosip/authentication/otp/service/OtpApplication.java index 8eada82060b..bd2ed775ec3 100644 --- a/authentication/authentication-otp-service/src/main/java/io/mosip/authentication/otp/service/OtpApplication.java +++ b/authentication/authentication-otp-service/src/main/java/io/mosip/authentication/otp/service/OtpApplication.java @@ -30,6 +30,7 @@ import io.mosip.authentication.common.service.impl.KeyBindedTokenAuthServiceImpl; import io.mosip.authentication.common.service.impl.OTPAuthServiceImpl; import io.mosip.authentication.common.service.impl.OTPServiceImpl; +import io.mosip.authentication.common.service.impl.PasswordAuthServiceImpl; import io.mosip.authentication.common.service.impl.hotlist.HotlistServiceImpl; import io.mosip.authentication.common.service.impl.masterdata.MasterDataCacheUpdateServiceImpl; import io.mosip.authentication.common.service.impl.notification.NotificationServiceImpl; @@ -41,6 +42,7 @@ import io.mosip.authentication.common.service.integration.NotificationManager; import io.mosip.authentication.common.service.integration.OTPManager; import io.mosip.authentication.common.service.integration.PartnerServiceManager; +import io.mosip.authentication.common.service.integration.PasswordComparator; import io.mosip.authentication.common.service.integration.TokenIdManager; import io.mosip.authentication.common.service.transaction.manager.IdAuthSecurityManager; import io.mosip.authentication.common.service.util.EnvUtil; @@ -108,7 +110,8 @@ LangComparatorConfig.class, OpenApiProperties.class, SessionKeyDecrytorHelper.class, ExternalRestHelperConfig.class, IdaRequestResponsConsumerUtil.class, PartnerCACertEventServiceImpl.class, PartnerCACertEventInitializer.class, IdAuthWebSubInitializer.class, AuthAnonymousEventPublisher.class, EnvUtil.class, KeyBindedTokenMatcherUtil.class, - HSMHealthCheck.class, PrivateKeyDecryptorHelper.class }) + HSMHealthCheck.class, PrivateKeyDecryptorHelper.class, + PasswordAuthServiceImpl.class, PasswordComparator.class }) @ComponentScan(basePackages = { "io.mosip.authentication.otp.service.*", "io.mosip.kernel.core.logger.config", "${mosip.auth.adapter.impl.basepackage}" }, excludeFilters = @ComponentScan.Filter(type = FilterType.REGEX, pattern = { "io.mosip.idrepository.core.config.IdRepoDataSourceConfig.*" })) diff --git a/authentication/authentication-service/Dockerfile b/authentication/authentication-service/Dockerfile index ab0a6b78234..805fd9b3a84 100644 --- a/authentication/authentication-service/Dockerfile +++ b/authentication/authentication-service/Dockerfile @@ -111,6 +111,8 @@ ENV current_module_env=authentication-service ADD configure_start.sh configure_start.sh +ADD ./lib/* "${loader_path_env}"/ + RUN chmod +x configure_start.sh ADD target/${current_module_env}-*.jar ${current_module_env}.jar diff --git a/authentication/authentication-service/lib/libargon2.so b/authentication/authentication-service/lib/libargon2.so new file mode 100755 index 0000000000000000000000000000000000000000..bf8cad86215db71654f7a78677f67f88ffd5d3df GIT binary patch literal 194040 zcmeFadwf*Y)i-|5OfF|a$eBRIps0h6kjTXhpeBNlArmZ$xiZ#+1Wxh5uUz?dP8n&2KiH3^c zDoF_l`P*cscMhE*Lxj^&c0 zR+82aPLX=q9GP;u19*qkYgymhn_p{{NqaGVz45yYzsvD+;K!#gepd=ef-Oi=Km7We z@hpVd_zlJ{;oU!6J}I}{{_f#^KR&SYXj(x-#xFlOIyyaNYU|ohN-QmJ1dpff`SHX) zea;N-`PNszSbWz@vzrPEKRWc;Eh+a+YrMN|?9jS$b?uwGysQ3x;t|id%lD^@*w*&S zR~7x#E5`40ul`llC(rMA^_7#CZNGQUAI;*s46Kq(D(l`cX)U5XI-*2u5Zbvb{2f1l z?}J>9F8C~lg1X}KOVDNcF+|c6x*ddum3=~-XGxe$`8Zj%xfMM{RP+Nv2TgiAI}V;Q)Q1nn>(PZB29a); zGNt+&2gzd3$0i@q0fCLy_ctc}rcU(hP5NV*28$^DQbB+51^gx8DSyqS2L0n^$-5B} zzsjuFl_uVA@_(fh|7T2mb0_?*QTk5$y1~S+F!9MI|6iE+dXrBSUv0|MtQv&(nDkeh z^ra@BsGQ*_eJ8!VYSOoK;{TjU@1TRkb1T|~&!nh4CV#f0cqUJtHD})3$(2=8=2uOg zEKQz0cXpLDc_spBvbUsY^7I+=XUv*iSv6yRNl`)hyty+)GF~dxrJ(=l~XUv^8Z~Bbs9g*{= zEHn|*yP`6Y?Nqb7B#UC(>84Mnyhd$i$HVanlNZdGKYQi_amgk|Le%#GzY=wgC) zh@$Kc@n|%T>+A~)isgzUn>=Iw{CV>y&zVtKIb~L~@uJN}ai+yuxN-(80hDZNYD221 zDw{uJ3Mz-cRWoAI`{vD_8;i_X1p7hF=1!YaK~+{jy;UL%(+@iEtG;BmjkA`Q%zh=K#KmShlBFje{}rZD zNzxl8uBtcb6Q%WLJY)83jOYncvl%z|Sz`R6^U3HuaFyvlLgu_NiZ3|+Q?=m=5g)=hRT?f8@oN~T%EHAWekJ2nNjP7`FJYWrA)F)PJs78I!VVEn zVVq4Lwu`uhaW;8a67e%XMx0F@K6W06tG{KOT`1fl;s+RK*9kX^_$7$XToJkY8WC#2 zo5BFJU?PJFT6UYJf1~-^(iU8V=HFLgG{5bhNXtz13Xde+)5unyIas}-7A&EX;7xxP z`LBD{$bX*s8_rub{g~De8l}k_we9DtGQsRslUb_4%*fxFU(HQ-fsa((U-RFz3>hGj z{!LY?7PyJ>h6+)`kcL0^Y)s4nLOyY!Jl?qw+CNIF?iRiml!n|WKie!nOqP-6dqn&D zBXU*2{A_>3Qr$-jUeq1)YqW)mpzf5Wde(t`4XP=*>H(qtpxJYqpgD^mMnn8&1OI6U z{DkrPNlpJA<~(t_7D%`{3%oSli1qvnt-$(a3 z9eGVaFzXn+%dX=+}1{v+%ym}u(#TR(a8A7@iSm`{5&=+{o*~U;$aH`ARX7|sl zb+!PbE?X^Pjq0*@gje|9x`w8$E_EX6)+3PCt?vpoLnb&6P2Zr_K8F-k7DalTj)1{O z3!r#kAi?Papg^Ds5B^kvLL;!q7pxMrcIJJ}sUYy_t@FA=_mN0ly;@fTWKrGMRcV?|9r*P9 zq4$wgRCl;4Tl2r|#DqeUsxA*aCPdR9A~8PwTOX9yI8rF@N2bP~fQO+@KRpwPxazgQ z6G9hIeTGoIS{DQ_?UD6V+1>ZJC%Nx&-|L>-xWdQ|6@+d#Is6AWpv?}xWpcie_*mIT zL)Vye^Fg=f3tGqHu%|T;JaTZ^iZ!PZh8N?H(J$AWW4ydQet_{w_!D{r3|64y*zfCk zpB$-j=0|_`Nr1FaI#|MBwZ@q%;{1_Gf1hMfky2291#W`6lm9a4$+0v4SED();1BMd z`1_;OUGled!T+{sjxP9HF5rJvl)58-*QxMkG$|U>@TY5O6XDec3jS)X80r2Pi=$_1 z`nmC%enQ{HwhaZ4L}M!ep(jv?LH8jTUA)-qbx~e}UuYp98>RpE}W~cv%j+4{t!&-e1Ld z@h*5oVxtD#V%(_VaV~Pz`|{4H%jk!-Ixsn>)}{gW>ZiQ=hi?7-(9NgFyKzkm`1ta^ zUwA*qEBI;rl+b38__0iK_+v2ego|!g%1=opE_>T7U9pUhIasK2@k$;zgfz z{Y_W-BUh=*O6VIG)=qJ&x1)T?o#H8-;_02@nVsT&JH@Z*6wm4u-_t2BkL@T=-%fFFr+DZ3 zPwABYK&SZQo#M}Qioe{ceO~Vrf3s8ktxoZG{>6Cb`uw<)Jim+QC;WvjoP|f<#@V&& zl)e)_fD6V#ePihUZ`nDULPHUH^oUnqADWnlx%5%5ygqabAWR4K&%MF&f%ecSL_PXZ zcn(eeM@UA@t8eh=t={0IK~m^=t|YySDLRnreezeKbY{j1RFikdb?kOmCe{b}>gtW! zo3i<6`e{vld7TzqqG0?{CwxPe0PYQ>BKmRo{FnB!i}L=!r+cEIzh%DDr^3FyC-kU{BJyY zdkcaIJ*!f*r?f!EM$MJcba$hxK3b2ABw&(3t!Ou~qSc4)#!SuqRt*b#BOiYS=&CPt z?KrqB>L0v%GuJZ>THUFt;ac71>V8^aOev--+yxlo(>KDiN1C;OmGMhl_24Pm-K%f+ z>6nmct;fB24OLs#(8=E2xWWfh*mR60VLiAN^Uy%zfvFD3UECi~F$FeetBwI~g( z0}xA$walsM+ak@F*RIdxIxCR)BT%4_G>mLjwuA4Q{7;zmij9hyN{3Og)~Nu2nS5PD zt^JN{>o6F8r`Co5djhv)`e;b!3IkXPzELBJ-LL6i`GS);z-@w_Q@p{~BneBT6WSld ztg#@t*cS2R?W!z-TzVTOX$Dn>LQ_El@~ZsI@POx_pKu4$Z)528_PO%37`a4<nc(pbMrwP>zXN*J@p z@LjNxwJaP)6&j5tWZ=M&0JBivqW#20cn7T!4xqu@*HErkDyr>o%)TG-PiI_eWZX`qOP| zfra?pY1aayLT5)vQYbk~m^OTEqp)u)CKrJ_`_%1FYun(f;`SKyb6}9^U*eF}+Dazr zAFhS!B|XE*UoIqBW zdi1u!<=8;ks0B0f3-wc4!#;=B4bCArqR|`7_)ycY@#*uiGc#Y&g4Z2_xrLhgF>BS+ zg>VTDcW?}h>mR;gd80CO1^WvYMoMTWXnc8xtB<_%Iogy4EFYw`?GK%X>(fJYFmc0_ zTmRTI;33F(W?|;Rtakeg#OhHA+1ns_V`!04{MQGcb7KkS_Mb~o>&`+hKbk{kn+z{Z zRUiEv7|dep0=K3%B{JfjV?6YAj z<4mZ>aJ1TlK6yLm?{&l1xc%o7syF!)oH8~SP{91Zvj%YR?VAy6_M@hatZFY*QF!?9 zML>1%zx0O>L3bK<0M*(D0Qr|FR&^jBbiwj#US#yLH7ULU)6r|n#p`K#gSeRRPO0Ath zD%diqYQR|v+=@X{t>qT!8rVY&Z~9G%{~An>A{dXw##v*#J*>gZ9{AY)?i!4p z9pV`8I>f*36#t5GLsMd(uW=1FE+~dkzqs8&djiD0qfgvY58fO&S3Mi_2-}HUmR|k5 zS3g4~}U&#|rP(ObNMBFU}3T$su63%yR(f*v_; z{L=CcsE>-JI6N`NFRPlKV2K;L4#pP(vyfs1Jd6U|fx=9)g!OQeU6+BZ_8-yO?8WAOQFD@PNfSz?1+wGRUv8!y^5s820`u}#Mq z7eBrY16Q;BF4MUU7rF$!s$Jil1SP`hRwo%d>)~!_fVlaM*xB_TDvr~d*vuAwdK>Bs z2AEH&wT*R>+M~Z_lmjgyQA##*3K%#SY$jK}nL ze`o@5rwS@$weBlwt01dA-_dA|Tt+^Jm{$kJW7GU-=rU0XcFm)u#Hg(Xbq=Z11LJc^ zeG~&SO0iVW4isozfod3UxCU@;O(J40-s5IIFa3FFC1Qb_gTTYiFfS-eIM@G z`~8-?IeXXM-2UjkmzLa~b{iKQ-}{0$O~f3>`=+w_?Gv;1+3thwOoSvItVIKYyY!gC zFLt6SJUC+rV44O%1Axf_4jceL7dUYM;2=;60IkebOW@`l0u=y6_C)~lHE5;=f&)fV z8RrjxiwW}p0`Nq_PZ@BjZ)oL2UtnC07PwXm+=|j`ovVzbGGAZ}PEMvde1ZG3e1W@B zMy>OCBMoIP$<&69&-dw%83#F72^HxdkmMDEWRbS^it>>I9xF?HS{qskSzdJ3BgOm1 z@IP&-t^4aN94$QN+ysmdd77CA;Tnc(?tjPq{R?~iS7<|VQ1;gG>o1#pBxXsAc-bw#dSw^%(QHPhShK_<%Gn$JTl zdy#xhkZl6Pb(;LS7U<&ywRby~=iiUDF8&%EXF0TnMzGma>v}8k(YpbE!{Y+?J zvo#3Az&_=xn4mI!`+8qqn_9O+tn8p@N|t#-eOQ1#XQtWaMp?5h*&CsK2Eh)s*}!<{wC%eqnVK}r@99mCEZih zQQ}N66#9%~q2VvZaDPUv^?*jq0frN3TE_0i$Joi*4%3ZpdL086n_k%R!uCkfjUdr2 zfW`@EG!}x1ngQAY78)R0HgU88IslF`K=ixB5e5h!m6&IMxyHuVI_`jt#yo7}{JYV@ zN%*ChEjre&rdtrdIoiZy(fp&)yz_2$L`l$UqtR;fZq6YFksNh(lK$w|5FS?n+8sW9 zvjCUykFc zVT7ce)rrYQ zG)XgnWi1TxbgAI(%dh81-Ky!`v_N-1BAPx9I__R$fY5RGhYS!p?*5;`bEYjiL8(F>J_)_(5 zjSYH+mlkE8^ZL&z>Z824;tix}!9|e%lp(z`F5ny7Hdgm#;V7cb8}ubg5L`1P*8&Ck z*k_@fuj-5Bli2mskq9Md z5_Jb4v8O2>%#ae)rGLeqkx?(B2+Ytw@5J5fUys5L*O*0wUJyLblIOxL-r%w&?1>Gb zWDWNcjOBN-*1E?lZwQDIwT3T}i-L>QnnG-51xu`@;Tu_IY(K+&YC}RbPJOX!+Y6k~ zplLu^mg9sZ3Go6n>EQD--8vdJd=fc@Kj4yKmWbb5y!Ra4<2Vml@J_iF8vG!gFbW6wt? z>|atWsdWzn3@mFw+j#Ylu+w4D9ywEk*upF=xY!Ea9Du?@Pl3Hhet~4|`)OR>)4tv& zy*GQk7W5>Sdi`e=)lc(upIQ&Q%K?AfKvL^Y0wq)yyuXw>V<+fn6xrVt$@`*8JB8gP z?<42Py4?`erF#%B(hvFcld<*n|JV+GFIdLxpsw8xaOVKqFs+|pCni~I_%himZ!~P7 zC|G_`P59dm`qu)z*bj_OU>_SO>4#2G;xIZvYC?M-2zQ4$%*6ecUT6x-a=Ti~Ezr^G z>m~ip&m4^`=fekMTKp3rEH=Xdgn?eVeKhz&)g_Lz;f+AW@1I~r_=bXZ5Q{+!?iXAO z#PV9J+Y48x)?ORcI?i>jqN@F0Bd3O&D$6pML`SC9*+fbUQ*iZCU#D5eqxUv|Ow-5b ztG`~SuHK=^<27?YQ|mU7RM-c!`DP7b*;`zvqQhIL_eb1EX4ec2K8|_?tbt#Oa>W%i zZiYi?#yk^%on0R;z5r8R&VvI54gzrR1z7~(+%eh$fNL+vC6F6RMhR>4DFqhjXRw24 z`pBc9!;BaypNCoyp~LL3*K;-YdT>XPH`K(wmpM3x2S8oi*F+FG_+H5Kp}AjU-bch1 z;)Ln`IXtE9iGhL+UdgAP^+Qv=PI^H+&1`9D@aC&7yO!MPpPf}}7L3WPI zPpm5f;gj{X>(sh0fx~sCe03T75Aa$Li%_-hFNm4Vc`bIHkZbwdKxw$eSIE9q`&Y)m zxD>j47BJ@HoP@x8!6zI2SzY#oz@SfS?9=-~>vu*X@{0x`?lr=(;|j~?q5p(C(Kp1L z)^D*np_%ssG2j^6WqL@h6?A}x~RO^euTU_r#%N#guf7#dPg+! zZ^V9>7$v>gP4FL9_>V};e>A~=(10<(s&(fmKE{AzEm(;v#5sN7FsAsj&lSmMh5NvU zMrbuQzBSW-7_EW)lDd>F>(!4G>HA~r4>I-XxOIF1Pp^Mtjn{wF7)i*r6kNTJoUZ|s zg^>53x{&oTEzpNNicV~dTiyW9a>YQp&-5YV0wp8pLvl?Y!U=#mj)rY$D03X=-81*8 zCgDlwk}%Sgj1ZnA_k8#ZAYAp~OA)wHfNn1UQ#z2`v*8UuhN`#IoawLQ@7J!ebTZ@T zfiUmaV&S7MyBD5D^PkVhNiYtFz52&q{e5is*+E7{<}4_Sb+%ugpswBe#zhzLZYdi{ za<8SL)!JE5W6Y+;;!YJLTdM#1RpzbZv#M@5VLPt+1H}9H!RYQw5tF4f zb+v_4r6jd(6=u&KYpvjnq2Hq$V3nJ;S^E>zF(!{%SB~hopa*@=EWdXWCsgQqVmLh? z@-}lgeNk}p>0gSC>(4{HpNZBBe+YGn{rD73PlIH*u$6+@;o>w*M; z54J}1UB;A4TzTa_^w>%~N;>+2*75(1p1OT znksxA7}Q206a9#gmuHsD7<;kr~fti2OBX zTr=a#&3LgHUtz{4n(?O)hO9Vv<5+Pig+hm{K(k?hNJSJjB9S!c&X3yYM{HEMLPfNU z+w9dGnDs`StfHB#Qbj*`lv7VFfO{^cadzw4I8O-U{LD1Yc>jkcWL9rru@aY6KhC>3 z#vTtYC?U6*^#P1Xuxm`T#lj^C-h^Y6SiDGFyd<3uPY@V5L<a+PH2AKqSpQ%7z_rUt2r3pZ}=BL#OB9tF*V}GBD+dzsW@PZN|F_v^_pr_HIr7#LLCsP7W=`$m-F*RhQ~esOk63GKCB3 zs>BYXv{~}&IFO4D)N6U;HB)O^_b%OZQ++*y>@!%j;?fFMf!lfWoU1-g{k7~(n!MBO zACOF67d{VD68>1+;tFbT!C$~`F=Iu|P^rriDapjxy@}(tyj%0Pv|+-BW%K*&DTv`x zSztsjO&^htq7*G}-Tb5BSCM9n$3j0?Z(B=?vNuvSs(%fJ8$%&~gQKQG>`?i|Kymc1 z`!68bS1Y=h3srD^oqe)MZZ+pZi$Z_F$zyaaWsF;Fe0AxSWTOwn(F&aV;rRJb1y}hU z=R@QRH;DPrk?4GAQK%T4%~{sMCa*ak!u<^obS4I2vCO`3dDUbrtU~a;D_{@ys6B8- z5gr6A`@3Pc9G;_NH%ynC&s9BLFtb$4^3)`;a2uZBoPV@Kd+69OXtzx?RMaqW6+HAb z76rUeCnf?c9j3}h+=+rIHVZ@5|Q20lJzNU@gCh2VW4bjpHYQaEdh%t zpu}<(BiGsRlPFx@gk2=7Ikt^KiSB?zBJ2rCh8WW!d7vkpkp7AALxGY@kUjHk_%8T< zOiM7f7nzQ#P#PETTn!2E2NM-7`+aZrVL1f9B%IU?Y>x>arSF1s!k~Pel(!DP$~FH; z*o!obkl|5~sZc+LtN)vUp+Cj$EW95E+$%WXW?}(?Ngq5nNd5p~ci>{N1i67rkesvO zTkxh8*DE)O^-9k9@J&F7ovuQu0MdaBf5Lk(zYo2)o<*Q>!&?wtfsL%HOL;yI2fAHD z38%udK@l6@#CkpMJO%058{*P=KhPBkokSkP-`?S>cTd0#Gk1ymogbm!PjJ8eAcFDl z7O!oG*x`bUTZ@YudVHn*qmmu`K%|JX>|0k{9VQR?ag z?$%HBb>z|diOBq++yC{otvmc*4!~70TeB_XKb^Q7*ZX=vHn%^VpdW)Q*xcVNLC z|Dmr#=GISIKSDnLHv?GywR#A}Z(2S^_URuNDz!*NU;v12}}ooZAlAm? za5``(GcY+TFi+7xj@whiS_Jo<{s99KcfR^yw&JcC=~U}_U^vEW7MS zGSKQ;%?eL$)j#lubNr`m>N0);NSn4<)6c*udf)tw@$^2}kNa4@yzT0;g`mLDr+cSu zE|Tku^agM1c3<9R?4vL%T?rh7Pi}yjs#7;1ux3dgn9?ONU@<2`7jORdHGDaVW|FW6E9F>0SduKbz^#Nz_H{^t0os&{UR&oa=~KQ z<33!RX3i&#oLD_q&CoFHqTq#-Sf1jIo|t0NL7U7)eu>C@0>o$ph$)Q%WdxX1K_E17 zr(xkOh|~<1s%)Guztcj!VBl1+sn$oFN_)6dEAGMiJKW`_y{c=AVLO`DtvCA*$;ZQ3r*Mq77jdEYJ!(!Z!{Z@_HSeiLE z+NX&b1dK6W>l?!T5P@+f;09jIi0@dq-@%$M68;{kq2+JK`5STH z@+0xu^2zZyrO?0Ex54G)bZ|9Ua5eLh3!4C#QiocxTZ(0uT6;Ns1${{?3}5q~lhviE zz`Wr^!{dw*ez$cd4y`d{g%Xfk%iF*g0+xnIEzIF_tfYL|-|+3P@g(q{!%gzdNN%z^ z7u+Nj1_~!>!S1{9?K5An`rMnBgRgj%24^@pP4GA3O71tj(z*bdxv`7G&4l2ik@M%z zx9;fMe02?;s{I%m4%q)(Qv-+KS?3LwI4ydEPxX8$HF*7>TD{qait_fUOUI*BCc;R0 z{8p5`k5aw!7Mu1wq#9~SHAhH=ZT9Y?AyvFYM-7Rv0-n`9#98^j@o$ebAftnY#2pX=%anP@4FBLmJq@q`biq zeYEV)urn`LJ^ZGy#^7XJ<(M0psbB046lHk>6CCEg^4(Y}U_T;Kh4=Q4;GGe$#y;D5 zc|qYC!;Ft$zSShp)W<-bMOXn$kV5^VdHNd1XIZhcpXy#XKFf*j&h!31cJm_#KM7^L z!9JId_rAnbu=UIB2lVD(#_c#%wPb(HucX-cjT9_OaMtRtw?yAh^G9sr72^e&Yv13x zb?XY8x?{21iaClEPD%fGA zzjd@3K421R*@&iKLq~OZITkB=c?Zr+iiVbz zdK)%4@Uo~+J_3r5;e_OfCV#8BnsIF~6PsYTIHsCy96M!an%` zd15A=?!kJ`h2d!uMyl;XBD_kFub{tU3fAL9TxI1KOdobkzRY&Scy?&5w(Am8qF?PM$C zM#~OdiNuz<+$>U2tT#|xj5DI5p`{gW{kZ;7k&JIK9QHP>N2ObQ@|U37fVaB6u63BZ zHEhX5BDnbEU65frnlKlQ;T0EUQD^w37GyZ$!Du6IK*^b2*8%VLb$HQMefb2c01+#I zo`?$#MMEnVVIf{5N4&Vw>CusV3~zvbk5@kBy_C^mbyvchp zUGTa#;`%6xJB9r+q9GaZNt&#XLon((02>A`zon zt0tfGx(*uGMzIL~91Y48O>XtN@ajn}vZEBJ8wDX(kzTO~g|+J2d{7Iy9`WiG#Xi?( z+V+irvOM^*2Gc(miO0RX>Pyo(;*$>=8AZYguj>;wB*@7KIk+-+Xz~YM7q+M>6#X+A zkS3pk4HfBSr6BnLEWllc99wX;*sE(3y{;`-s~`<0O}GGzMlRBeb2NFE<~pu5G&sEa z7Q9a^V->ms>#!R^xMgf`L~mhB-e}WqF`5=UkMnIC&F*udYIs#`GhV;Z%CPt|iwLG- zdn6;xs~6|{TwBC0g0_8~*iry4m$sMM14b_IMyI4fg9(jhydR+P3J&)YE;f5${!>0zi@2YwulMTt$IzYCmz&216Z+x1A(kS& z6rF-MbpfsN4acnmweFI$a1p`Gbbbu9bPj$AV}Tav=?nagr~kgd(>#}n za{^l6ZxS$Zeqf7l=r8f@J3d zvEBf4I)$>)0grp-tv=V6^a@ybn3{n zN2$E}jRPq81ZYm9s~6&?zN@VWK7pRN0e8W`dry&k(5;_Cw=9wm^Cmbgz7-O_U#R1* zK`XKHX}s(Y+M}9l6B@rrK353KbRD6uU>U7mI2pKtLc0AXcmr%zdQk?_@u`6#c|#F| z^s(0#$wz#yQ$BsD8+MPvisVyne)!9fS3VCyIK%y3`9oU0eA09g+kE;9Y+E3UTpMt0 z9&s9@SN^WZ^`#fizuh|^JIG?LK2zUCZWKVqYNrw}BYdlWKr_Q6;d*A%g{>MC(B*No zAKz|3C&w&0Kx1du)rH1k9_X1EG%()5p>aPJ7nx6La9nyAw{(z-_v_(D!l)HnZi_ka zQPJ{7G*UJ(o)`-Uim?!d=`V;*hDOAV=?(lK znWAmq05pvOH!S7vk)c`i03S}9T-Z_DX;>VcUIW&^P`nR=mA?_bauYwE;A#+l1Vhgj zDEBk3yc1s`a_!-;=+p0BWSAga-X@ubKpTw7m#5hO`kzc+k@uZ$f)iPspA3o$4Qm!nGhLT5zt=HQ!VMANsH1R^Bj49huH{KD(4ZlBu8Al8(8Ec;gEO>^z+!4o{nph_CedxlxSs4p**-ow< z`fhxN&*w}H7DTW!%0}VMi!82p1IcDRw7{^e@U=jh=O(pIYB6RdY8~HOhow;2ah77* z1H>8T+RS~ACmO<+2`)8|Omb}wy^78J@HBzS$MA(ST~#!f4Ov`{1*hoN8! zsOc-66G07F7^tH{a}cUH!NVRc=c2nfrUE1 zZWL#<;b|b{oh8i6UlfvR!Pg8C(e=%$itpqd4LyZ}2ebn8ZG7!;IpTtMRQzx+Fbnm4 z5wB_Ud;v?M*k?tJ&j821>m2=P@^r~9z9l_72AGKH(yim9TdS)os;e9o_&zbdU+tJ( z>9}Qr&lg1_S~YK;qq1z?{HjhkeCK+WRE&>RFPt}jI`g#?cE$?Q@l(pHI+Dd>1c|${ za^AGr_-yiY2fuaPk@^P`4c;^Gx#iB>JKzLa$?Q2Z9Mk4iwo~#`+0q5*alCsMi}D;KJ#Z7?c=Ddo>u0-XUZ#S0P|)#jJ!s9 zMtaed8{Gp3E{^JW-|5LN`!nSnAZD#~Z0 zQ;Dy`OVY%@!yVz5i(eLgnfNLAwY>(!}PFL|;Y%E~xlrW4OR=3jR@f z8D~0qk)C`>8?7JtM(a*q%*XOr7U@|Y@yx>~TBm4xk}g{3c%GD-d095gh^CP~Dg!`~ zm;A|(c~~Z8U^%2^NdBxZ`H@$Ymc03pH+eE2d65U@B^)i6yvd7s`H+_UNE@vKc}Hc7 zwrNxz;wcAtl8))*O`hZ()gyV5U-Tg@c|_Zb`N)I3CPh-R)neVp#BW8 z$ms*655!D-I>J7<-0>R1#n`CbO8h3YC&KcrXdfus_W|TY`1UrGgYdB(k%$upG2(Ny z8^Usgk0D%)@HvE!A$%L*r#L=Kg)yY!no|kF#kjoq9Ku5fASc2;_!v$C49ADC55n^A zAU8ts&Ls3IKX|(&FS5&*rY0*ZpkF6&I8~NbJrjxK(4f=oH>YKeRl6-zYNSz@48LZm z^GaYveh_NJlr4SG)PNiQlEqaU4? zGg{DlI@5E__OI|S{}=hM{1^Fe{TKLC?`KVVm}%@GJ_G%B4cY-_6?=#u2>dIZ@WX)j z0RKGj;{UpV4j!YPms&k(4u66-Eyr47Nl9}61%*RBnov0P&HuMUf`7ORa!Bp^*1FVp zy=>XorMkU>ALZK$es=hc&T`WaDZqEG=UJBD1wH*$8|3OtKM?q1z<1_PzZU8OKMD92 z;LBK!`LM6h|K(!w#e?{`dKbp(4HGr(yeKW-GLzQV*~nSnx4~xx_|Pv$AL8jx*8tCt zI7T1#0s7Y#;MWjYm}d7|EDxrnDei9f;BSG^4@sAifd3BzepmEo59#KBU`)3=@K(y zhammqV{C_|^pE}|G=^fm2{O@S&>k_rC_F9se+NFCuU`~pj&K-$sTj{3z@H_)y&nsG zdf>Ew5#NnXL!ew9D}a2aT(DDIJYEY|<(LN3vPh5rYidW@?f=q0XS z_+tHHT&!Q*owmYi{ar$r4#6GO`={Vnit+f4xOQ}c^>@HOkMWsrm2+J3!){BhvmhD= zB%>oxo<48@Iqyayc^&2HdOTWXu?~ix>tZ|-c1V7lCpa1-5x%S<`C{$VNq?5&M(AxL z6t@*-^ghh!19U#N;L^m$5`xyB32(xF@izFqf{URXSJ+-=zqmQBU)0FfVW?M!ej)6D z@|;Ef7R*Q9Gxc`CcpLABnk`lZoVuuAjGqr3ycF}9ms1USF5nkGejiJ;{HjZKqPavr zSP6dhA4Vemz%KgGemQ^I4Lrn;J;ZZ9)eOAwWa!UKWIewIeiQKH%y#-2{Z!B@>~jqJ zjc8r##cZfCaUG@ro-3;$4gp@Y_hFcqZTbl7PPW^GSi86Tqq#;$G2D=+o3$RC+x^lw z%15~tgU>4;V|?gnU+v>SLCoIaD6G@0UA9-DQC;xc3VzLdVGr>0Kim(;!PZBBRcH5L z*ge}Z0|Q*!XOYM?fTIub1A(_=z8S9%*24pQ7Vy1Meq6ups-O7MR;61%Q@X5(@F?W> z1k1<#b)H#|e`-f7dRq^7ZI{MG1N{E|{JRDI-2(q^fq%EazgytnE%478VCE_Wx%`_eYzj7zw@2^yvS$iA(t6!BkB=(KTT7 z|K03k;-l&KHqktyj&V+h2TL093* z0yA7{hQBhyKbqlcGko6Eqp7}_%wq})ZggZ#m|8uzs@ieg;9-Mv23=n*Vy=f>*ALDa zHrO>J+emN>$#GqubA3*p*i1AOW2iOypGv!z&f%_<3J_i4urBV7EuR%7hOKM|t(<1Gk5~Z&(=~qX4L8p8M|4r3V`uqt7 z!Owr7zSXEH*D#=$$Dt?4`|yYFoOIPtmRuxQcZH;VMwSyODxsF3RY@KIH;||#DNiygClw-RlJYDf z$;uy*v^(**19@%S*h&0$D)5qxEuPr=bNp3o{C^e_+X&lj=fF4dG~rC!A{*c{gdMg& zqX#B_PdLjqiN&2IoMYRKzlrAv=h{Y+&w0Z6DFvufq9ik-rM!dE5@iu7PU*pjMMNg1 zq(Rig1etFrm8Q^K5|d=Ubyb$~Jxn-Jk*5Mzk@7QgOBIo-lu8zpCRZS3QOa0GddN2; zQj_vqa_cFVAo6Gm{x44{F+-jX0)NUQWRNLWA+kJ$?|UWom45<)6)7VrPPQCG3@MR zc7C}+Ni2h#__HXcZS88nO1cO%!r^q+#k zg7ohJSEs)RnyU24z*MFu0G^*7z~3LIFTmf5^gAHyy!0t3Wp4UJVCJNM2g>qvZZzMY zUWpR#OD_OCJG~qDm!&U5S+mk_20SzU8>G%ipMz4Sr*8$#wDh;YZEAWF;3?^^<8NvD z0C1k1z6AJt)3+hlJ(7j5q9s4`cO)k%Z{cqbR(czNp5hNRiIk5-`jg0Lxr`Z}-6s&- zK+ZTzViNQe#L5FGWKr_FEohUA=2cfo$@NT>Z1b`IlH9NgJd}$n7EYIv8;M89LSpiI z;xlbm5#C6=!#0cbO~hx}j)7V7X5w>f2kC+xS4RVZ5!e3giCC-XsP5KgeTe#qb-s@Bs|HMfi_LvMWvV89wh$by@1PX{2v~Z z_mHMSvb>KvCV#@3t4{-yKub#gM;gfOU!Z*?`?vTj+h0W*{`>QbS=1K?Q3rJ&NDS() zN06FdF0$J{!{46vmHaF9T82PMP==Kt{h|eu0l>0f0JG`93Cmt0Srj-$Wf-|A!|*3p z86%+_TQSiZK}pn0@ls~R_AG=|#u84o-G@3V;|SYrYe1>^2xr*%B@U&CaHeQ06EdRQ%1dHByk<`B{}57z_nXQfLE~gJ>&d{5&8oo`tyF zpY-y5Ak6#_NpgSY$s}93KiT%?_MDtes@@b-zJ>+&rkp1DEE{(Kcc-OGx`Eg-BnZ&D zl6)$`!7@aEx3Tmg&k*|*{#b?x`@EF2m#)O0K34%N9~I(+0A4oLg{T1yi9)y}1dur| zpDoG91TbBakFzhJhDVSujqnv?$?Oi{?d0oViw;q_J7m_*@k=9-j>#cvdZ)~)_QeG= zNuDS&NmqV>RQVFpM2E@f0jj+6$KZIC$ax7f$`h{olc1goDd5(fG_f3X7(R!LK$2I^ zN8?=GA4z0ybW!q59;aV{#=rI|5oPLrM6aTwGEyy% zOIHb1&!Ul89#^h9KvSK?oR-J!R~3sGhkncBnOFUp#$9HlISl2NQMs1Kv#z2?l4nyM z%i}pNVM_P2H(4LAe|U)KAmyy<7}Ri%(a#ufpVKcA~JWS0ITi zmaFRkTt(nP05<~|iRe`$ZJ{GRVIro0rQbp?!}71sOwtR z=3UAwx}u1-F)Hf%E>m4FGo!BWvNjwHjJnoS#@{n4>RQj#PZ2fh+7PX)=!y*;x}uq8 zAN0=uwsr;V!%eJR^97o0>JE{FqiLf27r`)$+KK2bjEdTAV(KzPjoNLZ{Pj!~j%G9E zr%@TT+sxDnb!E4k9r&Jeq0tK@a^eYj@o*z)l`3rcoRm5J(6M4NHU~o8@N1Kd zqgK0flXE2LI=(L?-y)c;GO5rPO=dQXf(El&1hYSq*vPvsW%)c1Mia z?Sk3oWcFs)%!XjTeFDtt&17-63PQ;%voZQzoq+mgqM}#Z0W2iI%L=;y^veREqNFTT zPU=o#CQSrJ5I;eH*|z}5CQX0l$o(S<`^GG+lm*=*U%dsmUgS^@ppL+50B-@vCP}}K z5Ic@ozs~^t=^~);4Em^Jjf|n00|?v+XIt`V+GVl1gDNh6Aug}1hugYVOqot|Qk;k{ z6Bw3vnzpqSQN!|1)3!>G{aP_WKEpZGr-*5J)M&IbBcd*DD!vBHz@SUiVJXAhoiaFpvOkf-`e~&sxrxmZ8c+Qi0 zq6WlQV*b<=haV7!KWyUf1pTchej##|h<3Wo@{lAAj+iu@!VFgMhYuqI>~WDt%-onZ z55C95Q;GpqW`y?hUq4X9pG_Juak=hoI{x8?*_sLMePB5BdA-ofaG8qfiM{y|V#YjN zre=JIUoU*ZaG9#9L;Qv}O*XXF_6`Rth?`BwF7%lBw1|9BbiJ7e<|rO{3>o*4F9@2S#+T&y7_`yyI{^ntqVobv%%V^b)hKwS;UQ6 z7mA|yvgl9#Cq)lI(a+NQri-FmE~xdBELwQ5>B3KB^g&!W(&<8!BE)alZ)T&CFKA%l z*m79CGEv5{3#xZIRz{g9V`;36GEv66EaS{SErZ(Qw=d;#QHF$G!>8SF?m?F|>QOGr zXp5CmF3NCShB8vjY+cubZPf^-a)roYH;JP+D&>_cSVmv=-3lSaec*}aCE{Jtxoe;o zK93s#{LE(buIt5E|E}onzekqq#QufVSTfIpbUa%&(51sW>43;i6r8T^u&N@p@)jTxDW$OMDbvIO{barikV9({el z_BecmsT;MNdhdiL5vr-UP^-LPWIA#{qQ5xJnlIn=vwf;e~rRd;a=k=%X^k=%X^kt~iO(qd;1 z%Ji3D$*MSeu#2+?yEuEWPXgD6?BeXfF3uk8;_SgL&K~UI?7=S19_-@m!7k1o?BeXf zF3uk8;_SgL&K~UI?7=S19_-@m!7k1o?BeXfF3uk8@F&uJ_5z4A+b+%??BeXfF3uk8 z-yn5{U7S7G#o2>hoITjZ*@Io2J=h1p%qQE$*@Hdq>_K^kUx!Xo*5YsaRPfmWpojP~ z2r;DW7U{o7+ljLW<=L=69L3+B5fYQ2hagTCXAjD|U%^LYa9d2NXQHI=>_KVxD|jdw zoT(^{#M_l~Ok7WVrg9bGjl???dUvIX_$-BI56WiZa}=IEC|iin&A{1%vX$t3g=Y`S z`$TIB2NGo)VV}Z5L}?~mtnlnX*-p4b;n{<-gYZO!JAKNBgeNIHdr)>!>7@$K9+Zzi z16-!?>_OQ>8uRQy`Ghr3i=90v|40Y9D$X8MarU6T3TpH0LHXhc>X7yrR-WSQ!FK7r zpuXrTj?4*a1n3&I7=QECM`5`R^;bx+t8c<})~FxiZ@xMTf3@h*gl*UYWY1V2834M# z8z^fjaH3RR!LEKG+`S{I91^$k8K=byTUDh zn~!jY!lMaW5#dbHl(t(4_YqBLyOpp*^eUo)+mFaoQXZ$wcN0z!H^FU_Xo-q)G#&VRh)GaAfz+`YK2&M>viwAPj8nTd19!V_J>PK(|?d$S7 zlp&9nUyD(XZl@ki>OMG4DxeI~Wma^CcEKslH)=OyJk7Szn||S)3BAGMTR-29Lb*HZaeA0!i|O?B6jcx#lkj<}%NK zZfwuHs3`e2pfipv?-C&0nS2+As!Qiq&ynOG4FXl>Lu@7i4*VMl?j{zt@jFDWpx4P_ zd8JrW@VUnbAjQ?l*MACpggEOr?N z%O%O!SHY(I<Q`HcEhw%4bU#$wc`s=Yn}H0o0=>XSur z>&+5MVwEU>+4pxLDc}S!0)TWifH44`CU84|4*^_5FW0>v95Op+l+Q7c%L}@bM={Vp zMSA}+0A2#%a$r3m&|gK-rTwwxbI_E5C9@G0;IBAq#Gbi~g&3bfMjAI8;#+8FhM8XB z5P6x7{mKmxOWjkT!OW7KQS=j32T`2iy+ws?CT~h;& zc&-~`a)D&l$IFsXx|}l@rzZ=gBusb6Xd^Q8Akc$0W=vy}6qa>8ldjl`KUr*~Vv`ki zIK(6WAMV}+ysGMY8$aisaC0GqDa-^2VID#fhA<@%W-k+(7Ey3O+yDEnz4tjMxvBO0zCQo&dA_6E ztiAWUhQ0RM>+EyRzUS_l607~QANs{L{{S(nF;H5@4b<4HK@2a}vb59C@p&*!_225g zhT)NCS3-Q}`E*7e?Nga9&*ZK-GigQdEPU8^R%&_jg*?{mDZ>J4w4|In8C$PG>u7mw zebr|+6HhlQ#;&&Pz074t02;@1@Q9X(;c3*simkAs7UD7A zWR!meV$`b|1Y_h7NOF>f%mb19Ck-(XU(JZeIRvT28plX609@M3VgHP`yhYOWM$*qf zjQXf4Wv?5^*Hm_{k+RJ`Wyz*Tn-VyGc&l>juH2(v#(A7q?vvBK0U5rTQnP`V@%dJ}``j zag|svkF%|$A85H#Ad!i~ZA%`LAWW7{3%mo1WBlX<`DJMf^J1iDe_#YwJF$G^U?AZ$VUv)>(E*L$W;qogoUyruYe28s7wUqp+ z2+eYemaC3OSnL*y;)`77q~Ug0#>E7`MBcH(QS3;$QmjG|C!Wqw(US|#V5m1qu0bdL ziA-H(*Ir&PWoLr=19Nu(HhHUu*bhNdPO{wHX4~5+k6*6Y>cBU?Oc(B?kYMNlR7@R7 zhA6oSXTJfiUNZlqY$kwdRhHe%rp?o;T?!Ll)lE+n=d`eCDkS}d9qywfEof&X^>HQj zbtNe(@l(39pG|DyP&%)_*gXv^Nqd0EneiG#<3{E5Y0x@G@vnACZ9s-L06lsX@GRcv zvNs5SrS35Ab z7CVE!0r3|SL0H~14MaN-H<9Q8!WxBN0N@SuF)27nKOKkaVJIy@^`LYRM?j3>3;cf0 zrWvSt4>h?=i}Mo2Oue5NhRm{a0g~lXbKInm+?Ygyxp5u{Yy42nb6)~B7L@72&rrA* zoR~7PwN^`PQ~y`j;eD#%XS<-eV`2%}ptEUB?PI9K;e9sY3G(A_wUo;XKaGhg&IUTDxb!Ezu7>6J`|1bl`b|g<*I^CCgLsX# ztXbD%2-@kEB59XVo4p71qZ&61`Y~#`VRX>LAh?Bj(32o8fJi-ramaffrQ}&!T%A^g zd$v5Xc!SiwQo?DUhL~@7+k4)DrE}y2dZjEp?Ri%I3eE#3kckBp5Bb_R{@Q!)?S$Bq z)2Jhh{e@#pEII)uoL5kui|CFDaLP@=+Py$dP|*Q%hRWsD$2D3oNIC2lfjc`OB)&k! zjbQ5kHxLhlkTY##bjt#Xrr#6DGwnAd7)|6r7*a!>*1&TW4?8CCtWD(hzf2T+ivH z7Z5Y=)?V0@fC~_)P%}dVc#_|Os{8}ATf#(Kh-7OiKL@+cIpcq?>y{^2ICANn`ML^I zR}Oo9AO%ml#20HIN4&F>1pW00h*6DMJa;9p(9-BGDwXlZg%XZz2A65y%C21&_#rj% z`s+<9;L5c1Bq(@HOM&Hb2qX(F0$Bqh`FRa7mlf-eLLU>iR_=+Jlh7uTOG!{N(OU9)EjhCpBo7YkGLmm3mXd!CLTvUUwd9io(dMs7P%_b4@=h(e zvKb@~4SZrGCr;Cnr-Km5ex#Os2|<*6BMC|-T1$RVOWsGxse$S7fY8ssB$hV+5rjzg zBempz5=6;~)3s!x_4(k0mJAtk*dqcD80p!>Q~DYZaz1E`)*9*vq=rXG&~|cY+uzX| zPSEyI0jE14wEb;jDINFRmF<3{mfRa{B6&IqN+w!M?l6!fjvypY30!0(R}f3dyFiFn z{75bNmjuz~KaikgqP677T5<{{=LQ}%k^@;^hc!yaAC+fa)GmDASs0X2@%3 z#XU1$E7zQJ>=D*X6Y7MlZ5m=?mXO<m6==1J+A@kcVA}HFKx0 z{tdUj0qea!$R{qun)wS||0h_}7XLhV@M3;W03$s9ZyLjM()g%Bs^?PZpbJ-n(^|ld z4zWMx1Ke?@NswtROo5RmUq zI_kTV0rlOCv(kBKn`CGi578v}Lm} zL$*Rh+fvArtq{=xDHO_9i0CN03KpoX5Ya(<0}5&@M0CiewUx3JBD$p%YGf-!bSrx& zS~kd5i0F3qA{4gDR*2|0*?hE3wn9X=x3@r=+6ocf*}f44wG|?|m+U30ldTZZ1MQze z!0oaXB6^S%_Q_U==)qF>v22Bi9wLQ9vK1nFsC^Z99+RyQ(aB=lQP~O+ooerf9=#PJ z`c}0SB6<%yDO(|;?;@$TLPYOnchy#i=zG{(e))1D>VlyoD8+CvX?Dx|L9muXDYZW` zwfypB7TRKYuRn@m6zcXC8e7Q|%~tY6vsHJrWww$hnyvH`&5IDonV~+HU_yp|3p&)7 zQmoK^(sI7AL&dE@_h)?|6hnFdX(x0WF$0%^jtc#e^@D228VZsgOiY{58e)c!ZX0@p zbP`pyQ_ug0ZUmhWDkMIcbcz*2C`svStSWO~g_K)cQDF*6Vb|2t*wFAZXl=a`-^(Lm zwZ=Y#k(?iytxK&?8mYY2d>R`X#cMtFG&VGv9#T(ZLt{v*r?H{2RF9{z>bX)Iw0rd(@9@o8*m+$}Jm4WGt3!+r{Ya}f}2`5ifDn2>xL>kKPnEuY3Z!x%kQ zJ7R+&zK1HV-BNtEAB#TPL!B!@cbE%`1Q1l%egK?hk8vK z68-N0r1VRmpg#h-}L8!4hv#~Rs*?tm@9Og_V5FHpM9q4i+YqO}{=6(ydWQqBCAXw9>5-W-w zB=8J2hmz3ittfY91O!9ZlPsWuPw1fu&V8t$mh*xOFf zwV2YZE==?GDM9zcXi&~6F^5l7PqF)Le@Zo{gs+md?-AIw+i`Z}Ggf!2Ciyu@8aM>a zof#YL`N%v_?Bt`O10R_Oia8?mTCw=EJ)bQH@||iIkZ%C_oKaT%5$e9roM7awe5khf z%!1_Zu=PILIxriLzxmx%`#zdhgJMrS9KD|)XXl~KJ@E+b$GWg30bYH8UOfm{0&WUR z;Z+oRaoqnrn0j&B2!iZ4THqv**bUX^(4N>1MAsZN_9pUkjRZsv`whPML(ua867*#* z`kxW#QiFcPpnp%aSP?r!$vi4nTmxhuTG59VC`1R1u+V0|@vxBb}qg`{2ZarJe9RWhgeMzG&NVMNbH^>Tu+(o3=`)-82+9z~>sVL=e9;vXb(&jrkyyW?2cK;En8QgZ_a*|BPtyR7?^m9Cad>yHLc&zZqnk zIcOAQ7mYkB$Posa1As49M`+X;LGj^{$g2cO#^@Hx6A#VQNY73_mlE^|gZ|t_FNi=N zHt6JhEqg8qWoxNMC!pu{8>bBNMgV-aZq}$gLA8j{+JA23{oa*#i$-o0*Jv;L>J0i-gFa8RjKEQiJ|tEgHpo<*AjG%xd8QEGz7k=@ zM+UvqpnpNM$bCzrPl?=iEwvxc7-ai-My`BQ9R<(cOoN^ckeY==_YEcE6UWAW_>k4a z#X#ycP5Td9V_c>+@$ zyy4TEg8OQ=-HOYy=Zq!WC1`pdY`wX9Fqr-ZGc`!et7z&rAH;7!WRiFS#BvbUpuwPW zwdgg5ZCWCiHFpp>4a8F<#)0^lEY{%1HU55$??aROumcfI1KEus>_n>tg6_xjdu58^ zl=sDgwD-iefr?+E=>xzLp8`={h-;D;K=51fz1X{Y&D93MZdaZ%J!@424)$yq3HEG0 z2&)%;{fK7CBumY!tpK2{n*b1dlh`nXHnK{b-HXmPe0AiTa~t^j(9vRsY2%!;r!J#R zI=G(NX~uIDPBWBqQ&Lr5RrkT7ocj^sbZ+cI5OnSs5b)sD8b497Sw81BZW8B;(Zosw z{9Sjro#wVL4Yk$=E~X+HxRnGA{1G(@8=sQ%aM`LR7`Eev?GwY+b`g+6PidAx!iY!s zWZ=N1p;?CVN)Uq^!v=Cl2i4)Daf`hyaSy7=)jJu)U$ue+t-zl6XQ~*7ru%^zRE{2e zrZGsxa@ZphH=_ClwBv4-k+2;zG({d}rr=&o=nNbCb{xh(diti`4bk@caVRI~dU;1N z%J!be+pE>tdd}fbAi9UFJ=b4_*0qb#wyNYZFmrXu?Pxu&rmPLpiegW!PA}u?)Y*Av zvjouPT0;sFmVNV{HV796P#=zs3LJ^uIt|-O*sYhgMc)~_aTf!{xt7ERiQO@%@?zKU zwL!qzb7q6ji(S)J$+oFIDU+(NhX4tULliEtJB*2;?QnDn$5Fyn+`djI%^0OL!qaOb)hyrfXnv){mzt2zMbGWUT*1WPX;5L}hcKuzj zGw};lpP@u0NFZogud>9i_zJpfu|}UFK{T(WrCrcfD2-%C&S=x> zsLiqYjtA*Ui)A3_-b@ng$+aNhUFzc(OajY6bOCWOh+Y(R-v|JBFzn8KVI;kYc9E1& zq9v7quzFnwmiIMF9$C&0Vqf{qkC%vaiF(uoN)5}5kyL?I6j{E#$guPWKv;wzOEy{3 zdTBVXg*F51PQR#~A8ig=$!mS>Zkw}iYpp1;k|$^j&D52llfjaF^~x}XLuci%ckwIw z63Z2|h*N173C8lHv`E2YF3~me z=5uh{drCS&9V6}$h?9toTM2?O{8tbXem^Z^C}9MpddDRixOx=`vQA#D+XY>Z(kMpQ zL9GlkTn+^6h7Mri)Ek9GgM`^a5)9bQAd(-`EO)_Y>;}hAzKUxloq~P|_)rjc!vaaKhT=CRs>r<0vc9-e1ASLw*D z8v`f~$dp5$XJ?@uA|8aWV_HNeMRc}zQUp&emjWWwaW@H0$Hzb!(b?g;~Th|G5DAP*g%OiQPHAA;2^WSMoALYCaum5Q^)S!6)cRN4*`|;nSjRxfxwngkonrsaRU2LZM7!vk zz6Atz)qzk6Yn*0j(+(`>?;{HnRu0a59>M8(11MINHEQQ$n}a&Z zr>PxlYVvIKqj)|``&7%|Mc;i5S~U(**vPP!TXg(dZXG&mi)eR3J z!}75AeBBoba|6yUK>QRne}^|z0-Y%nWY-l)u$)sfW$ujLj%Jxxs(H!|>_m{MILqcU zn7pfzZy%<(*)ppT>Kn)XmgPK~s&HMpC0%CP95LwLYjFaV*>;8fl{Rh^Zx%nJ3(;aH z_zUgl<1yN0Xsf&)1mFF(3xr&ZH%12vBzzwykjd{I5)3JF;HwCA2#Ohr*gmzHrm43R zG`j(&|BB@@eX2OLW!&3LJD2G4nJqFuPixcKVD*H}ynA~ezHOq{?V{FP!jaSI*o3>Q=`8GA?<=*akF0aUN>I3ppxnwyS_W%oSS`jfnetrfsnar z4PG)$VN?7w@JDEu8TdSi-dvlMYS=)9#w`5GNFB6WOD!Qmm+b|irqoTE?NA&nIX{H` z<}7@HNSEN0vTiXfcs-;Xr^xbc*s$~kKv;wz%M7xl9nl&%3%3C5O||M%n1!RYG&Xxp zo6Ia6$!wjUp)@A6hsL#bw_ec1?7N04nU95FhHicK14_Gt9qK}frxx8H@hJp^64nJk}T&f+RmZewa-s*fPRS@#gZ}^6pnpl`F41MM*eZ1pCHRWQDde3 zLu=rm%>|ePC(Dhformxuz~nM5&J3!wIg(nZGFX>PfD|03sLrvaN4@WcF7~Jhgo=Ga z(spSq6YaAJK3zz|OtW00?AI8sQQm8SVVYf&Y01Gv{;!6unRwNY4nXp{{ZKbYIyZg0XZP z2%SdO4AB!@N8?k)7a(Uj~dweS`!@?-LMe0xi&N`)JAe z8nSTCbvfWCIDuxPMzNgGEGNkF?fr(O#;^!MmfOgZwnM`?r+x#lJKj$9DdbUW8bCPA zl#{Dw$IGJ(gr~K;__7tR~LyFSkW zE#npYFucfA(s7ECew2MW_emcuzYOgn|6vjws|z5M)d^^{$95yUMkmVh+q^;9%4n`HgjmGMPui0zbV$OMKLG3uEq(gpoSv6+r zR!;n5ZmX5n-8Y^8=GLogKqksfSYN0eFy>iJ7Hn++9dbeDSTTJev8yRZTO(GsMsK?$ zqo%pDuMA)uoyib02*_-MjM2|}M$G2Qs%Kc?OErE3iqq8Ff4CKB8aKr?e}Lq4v$<^s zzcJ5$fjhFgL1$b1YhjU^&K)QGH=SEQ_|H0l`5R?*1F83`CACre)l%3U969Qb^>JGW zY_Jhc?>^I8&c16eo8D~}71I06n(-wpfpjKAH1Q=Y*!0G?vowo>cBlUj(SUDe<1>0S zJ}_Ub5DBXpU&!DLSPQZ_cjwt%7JxLS!ZmW(d$_u5(GRlhE+hkwpg5hyt~UZPi^W_i zQtCkzW2WowJ`8wE^;XrE{8n&Fxo{|GDHjfNXcnz$&Rv3bKPq3M88HrW*n9Y5W~ICz zu`PcA@hddyNF(uhP{X~4c50;tpnqBnEopVRu0E#tcxGsQ4kO8bQGaPY7M{cz!{GP;(?ckfyXo&hfKk-7G|NWnNXtuo!BIIWt znq5h<>7RK}TMUDrc0t6-7Q^7#r2wlfhC%iF4)V68p!$6W*fd*eErvn;`wp_jFsOguLADs;Jgys`LWRlk$TOp`&axFICzH8R`ceLeH|^yi|$x=A}xkH!oFUy?Ln;>&;7* zST8^55PFH#=A}xkHZN5oZCalLY7^EOK+Jz5i-J`~DKe;$;B;h*~RA>?PlMm*UGPCe~qb z7LV8MKS)6DJ7Deg`t)&z%eI4keuAn&j{?bZ-=CxO1C)3KLsS_I@w%-WpG4bp*-86; zXzqfZ&ZS7J`xk7fB=kf!D-eL_H4l4FEzYN^rPNau@8ke3f+r z`0ir+cf`btS+DV2JTM+(^X5{@gFw~{I)QM+n{TC#mgA6Lq{Ux*&vRHf43-z`25biW zd6+U-v;}O6p7#V6eD{EW1WunPp2S7Qa{6eToHjmZxq{_%DbG8C@^vg{h{iivE@XMU z$a@v#q3PNTbU=<9F_)5hushR4Nan9lJ#?l<_0=eTXGo!@3u*&U$@4Vm2CQ9P1VCLK zTdAeG{&v)}PCci88ZhhGPWUz4W{ zsRICQeeOkF{8Jd;J3uT3k;s<5KSk+fl=|}ZSk6&YpJ4T`QL08sj$v)OV{3`4eWqyd z@-*6pWuk@4TxG&6F<}l`#DoWQuj&B8SN_F>8Z?RtkAO&Ii&8EwKM5Q!&PO%q;3 ziN~-uJrE#RK`W2W77H$YmMwW`;mlj<|&@vh=BaSl= z=1U89ht#J2Y&M#4FbngdZawH>TN7}1)RnV9&_yEW5L&n~M#(Akq>39`>F; zW8pqn&I4=Zcgc3b$RUy**NSPsKW?(YTFC|%UNEzNoy`7)FTz)a_T8fK zILgCLCEx)QE+Uc+(|7eE_-|+!J_J5{PTSO`m$dcCM_rqjFnZHLj3B{ZKw1m}k}?76 z5Njmu6G^pbN~5HYw4_Q(+Gkt9iL_rBX@Qruw7wuxzt!+#Dj_t(JCb_a-d=!BHZX5% z43mjU8ZcrXBOw1h--X}|ruSn%=Q!x}+}5>IadW|* zg&Ts+oikcG_d%q-tWm~0w6@^icxMSDDev4ThKEjQ@3fgqa}dT#m3U_`8pY@h zBxv-VAX58jXp`PK3jTWZM=7~ql)MTqiJcV9>3ZjW<(+dzQI}V>qNyO@oimWeQ>}`f zA2;+)nwFN(2j2Oy-3mDI&PocQcXoqFU7}In$2)nDqzwPD82%^(NbKy_LbfVZ;+;QG z4P&SO@3hg`AW|RK&?dce2>eH2r&98ODA@`w@y@fF)Ah~+$~!-zd@4F-6nzeY-hs5+ z+8Xctq@j0?YiWGfiv1IN2yo(^POpKWcP4{K{Y<02k9W30k}~`!Vt6S8h~dKvXpZcE zlfO_W9=evQX!uDIjGwPSq)yUsotM-D96iUXWsVKa)et-&kmD0ruT&op)$yjig_y&X2H~3aS=w385{sGtzI^zoV z|A#Lb>l?iK_HGn^yfS$APhe29&>?&V$Km5S{EL>4t3aUzYZ82B;WLUqUKzaSk5cg- zK0}}4BbtC{0XLTyNC%(dzQh*XOc6ZFMk}TYJ_tU&6lACcUmzWPmi297zQt$oIo5ZM z;lv33hV=(#3#5ZDvwB7hUmzWP zg>-HVUmzVkK{_vnFOUwtO1dECN{n6bcccqr_yj2UI_bqR?QtOxJXsHVNesWf7<}^t z=#?>ifpqXKVk)gD{&;2Z5A1nMd4cpAP{DT`Kw{rRzpdD___SkxhKhg{)rqR!JB6y2 zA3&mfkvDicm1z0#%2@gF%2@T|l`Z8R(-aupjkf|@^=<(=DpuYx9h-;sNoMS}7&s_a z-Z33}xFwdmv9IGZGgiH0y0!ZG%jgl;gT2K%yg-@+TwQ|?n%j0K2zFA4C-_nYDghpRH z3%u?4#aBmt@m22Wtw%|SWgz$>b-n-^9~_5v(;y_!g=Oa}G{tSurMSy9(P51h=t}ku z8&K7al+|$)xa|IBnsH|xGL+^9|_U!PjWsIQm2aq%i@bH%4V_w9D%4eQGAiD z1L&l56g%%>aUlJJ%cF|U-6_fx*LT5w&_T5NXMlEn79#$rbL7^3z>R$h1JvzpRKJ1t zZm)s(5=1;3yT6Z8^6x?X9Yh5PE#dE4!Xc4hW0*w3F(5?3#~|X_C=zfABaB_E*6L8E7Td$cd60W^AB3zBoOgz6n(d$Bo@C3 zLhEazB_JorVUMjh`f`!FL|-LynCR=R(Fy(Op*Mi+Ne}g;cj8$odL9Hmft~>u`_xx+ zEfKDN8TlU@`K{kJ^2cjroggO$VF2Z410eoe10tS{qUT2_NqCpDa1Drf zHj0F!D2W8?v`C<})&i0^rHX_Ll)y1t2!vR>g;259(a5cW%xDe(t$mzGdgg5q@oW@b z*S)WGy#PXwdUq`W?w7+JyNXh%@AeP0z9&H_eM2?+gy=hH^nF1j^>zIa`q(J?=Aa~f z+X+JJ8?7ZE@a3?_{?X|BD^SwE)*qos#%;DnTZ8D!W(ZBOEE@npRtS=DIbS1F1Ua2Z zdg1_)wCoiS@oW^!qW_{Tn+`(v?Gi1aQY2h!B-{;zNO%rJJR3zqm%nNWMIdzFs8;aK0OuDrwc}3+fQ|$(m<#_ozUo`qAvr>H0jf& zL~_)3gNSFN==;Svt?wKNt?y)nzEzaMF-!Ye>stsy#p5R$eMa={G{{>3@SQ0>)2M_Y z^w*2Vs>g|Pi{3_+@ie2jMIjBtB3L+^#p?dVUof0(5Y7px@^cQ-oQH&Sy5Xz^ zOgwQ9hIl*1xoa-CtUO`*65TZ`m{e5m@?826G?p^frw|L=!^NM z)|UeU5|~w&YY9t4!c0nF-}VFH8@p8+RVS#MjGpI#5jG*TnvC% zc?F1gHYz*NNA0#GO_k=K!~+%n;UDJEmVCvD#$rR@;o;S0P)VHAmZ65x{jeFxFPq=s|S)$~v`%|DLv{8rhuIGtl zpZ*FWo{gewVk@od3J`jX?$8pvG3wo3>-!QY(HGwua2e5`YP1{g)3Si}c|fjh9@D5! zuAg=h#pn^M7C>IF#vrk9BU=2Uds0hEk^UVqmK_F6EPI!hi6=hN$R&dO7m?K0wT<>f z28ehzik`J7iPwJtLQD8sOW?Z)>}eA_XbG*`Y6-(Y#IsQ(T!NBF_z4I|;M|H@q&j>; zB&?zYW`d}8+S-92l(nri(i%=(2aT>$A~|l?f{16M==w8CqAM}Z)zwE!ND&Ed8eMk+ zA)a}PQ1MKEja(wgE**8hz9y2oy0@oijIP&E5?yf}s7ppYLrd^tWICm=Z+`(w^u=~G z`sQi$A<=iO(KiDC(YFdjJR7BN`%w~o|3d*vU$K_pUfWE2)ac9Tr1dQYq54;;(Pu>8 zS4Q7mM6!QJLBz9B^nHnv=o{VH)wfYgXr+b^BhnwCEB(6}DCys$go{6SYjna0j$Ij% zjI_^*q`ppFppT8BuM#EEcL)R|FivjM5|)UBT}Icyu3Fbj5K7lUjjR*o8%EbPL{is- zAmZ65x{AALU3Y`fx(;axr$hpOUt0RLK3?m(6NJ+BtVXsO$$pLLtowBm0JYv?gXsAR zReF|6e4Nyr-gvDbH{)XrZp4fKF6JG1@!z`|ohN!8FnWGSB>VIvh|5+0tuGaX(${V=_;9pIqYrl&eXEJ2zMDYAvr+UtjFQC0Sqe~n>#8MGii8J^ zu6~0t3f?`m1dZA!s85WZY@kHXHW2Y_6g~H%BzoQlp)DP!C7cln{kv+(eqV!OJJNQ3`#!7$}LCD+rf( z*{IQ5MIXOaEc5M2BI(n2LBz9B^aX}$eUm`wG29-ZFS?u7w+<-LcL(7zJMYlwL!vL$ zAm1>^uLMa?+@+DH1X)caGr@>tZP@}4@oW^!Hlie+I1EDf?FlU*VKjZoABPqRe+NQe z;i5sf+opJ zE>&AO7lig-b1lIeFTQ4KQWw7049C<6Nq>=3b#F6_h}*s?Uk^Wz&A$N(~`SuudD?^ zB-{=no{b{mh>`HElE4wD)e=sLgd$2{1P>pfJyHlljledIY%`X+?lih~5y=twC5U)7 zimta%k~rxylGaLw-KQmZS?IXYHxnosflCRO8S_hx&J%r358bx|04Tq*L3F)>D&tr7 z=`qc@PdEpXlYMHP22RO7iCgEvCLDk4g-4iZ?~P~wwfIy&DwlY@ZvFtxrT*r?I&8Gt z?_<77wMOmSR}lm|gjk8O7kk3*)7;e*E+{Lpt8S0 z&#}0Kt#6^o$8*Ijj2?qFUZ~nj$Dvq`VpqP8zDF1(948njcRrkeIO&b*o6+8_Gl)k? z#DaJmMB?Ek#9~_uI(=PxxAYgTaBF)aMcUz_QTJ)0@kpqG{qs=x>?0~CMztHW}S0U~BcB++l(-OtT>Z^2hik0}Gu5Olyn;l9T z9-gj;pWvCq^S;(++*Vl4);_NkE0H>~PXf?>GQFnFeee18EV1TaG>p zAST7@HMORCE~I_Kd_}Yl_q;;zi0<0@!k8i%jgfB8#Ze79mgf13yrYzHw@m6nqefFw zKKcbocn&_srw3My)mFf}WF6N+4Rf=$Hg4c*`*mA}XYhnB>0Pk9YN$n`ypXKMfM9^;|JLkkII%(vCzhFKuvzArH?d;O#A<0KRxIaftH#r+wV76Geqma*^`=!j zHLY-$KuxRm4X0HH;YDBn)BI8srr``zvj=ml@$Bj5#Sxw!c;koFj0aY8wuc)fm>;UD zr%E3QZVTc^we<4B2CEP+5O98Q!4T6R)cSa~FkUdF%v@$n_w&UXvP^$7;RZy^#evcU z7B$x(YOr6Y$w5QBm~$r`C+bk&Tuk=nVv1isaj9xT4|8V(D~G!!&W{nE3U*I-NZxNL(U#G8=lL zf&VA^tbnz++>>aD%n6e$udVFYxseeDjoZ zbt0T^vibsz!bqw_R_L!_5EM1eT?-pjAhZ{G75^r)c}oSeYQRz<%H$(DIbz-L-^*-` zlUgg2)LJ)8SZ!R->a(>U3hrZ{HH_Kg!x2O!;(c}K6+OyEv>fMj9RS*4;b zjg>NJx-#Orc>{q==SgcY=Dx)Q$GnGUD~mlng&axTku>(PwU;ke<+Pe;QdDnWJW2~P z9V4=@H$nSFWHFWCpk{!Ht$`|l2l=HTx0xh@e5RHlNh&c7RSk52KaKgaTWUjRHSokR ze{Yc2OiF5;(tI$Ph-vG`6-{Dx;qqj%sbisWe)D%3ulLY~xifycfBMew3S71_+cj9& zl=BXGQEBK@#g1a<$#? zl-V=f9V^REoeg&wu-h$L}I$Cza_sc`nA*1(oT#=$Mq8 z)fItkb@Nh@No@aa9hTMbnuFQNw>s$QscR}bd11E>sgC$^{Ewx5}u@G>DH$57n50vFE~@Z z_#0+2)Nr4TSn-&Ir4t9&V0uxM<_A)8gLH*e8SJ5dHK)0{(dL<}8+YE1YcK(zIlVyz z+?(N5V0D&;3%&-|HB1oyi}}Dmo#d3ybAQlF1koxHgv>QX^M;d&w+eIw$*qEh*E=m6 zpXp=GnO>dp(Z$vx&%M@fW3GeRn(Lr;kJUADakjV7^9uN z(4!-H7r{3hy7~rJA{AFU>hu_|LchBS@g77{k+~ekMB>>Qr+5D8WzMgOCe|1#y?sI0 z#|x>xUU$_w$Txp*&Eigt#+N<=eA5hl!I|F7D)w}c(abBE2B!~vW!S4gGI=_{FP>mq zjb+;xTE*hi25qs-S1}~7t*%PO&x@^IySyZM!|1ed+K8mpW#wx(B&{f4o4mBFrdmN( zmn}_Rv20l+WTfG4Aj;ArEvvX{MMe3rp?EI>zJXs;RaU-Y_|TQG2!-X#OG-iG{#ngs zl_k}x8j8v)Kt>6oth`3iTFgodA-1fdssyznaJdf*Rs}98Uskaknhc0qRSRy71^CW$ z9uDr~91T5`>})6vtqW~B@cH6dw~uvV(rX%4d~Z%s(ZZeEcWz(jW|7hW3`aBitB#B@4io%}5H%E2p>owC3n`_1i6 zOyR-LwmZ}IUUlASe%49ZyE->?cc@ct=*rNDMpRB{hx3jV8X9*F|DCT-$|<_axwUp% zU~t?OId=sn#04tb9)Game>)#^|8xFg9mqKE?5quC*X_8n?Y@T+XH+6fG=DN_H02IHQIZ?S!Eh2N1Q+vO;I@wyYc=hKGLVEIM!xY<;r* zIsE5zKPx7kiwk|=ykONhkJZ+F{-2L84vx!7s>?V&E~7dllre5a=&|ud(T$^g(o%Tjbw z*_z7Ls)C}tS>sLwhI;}Y+)22Pvk`PXY{cBslcdr?Ee|BKc0FsGr;}oBY+$S%Iud%& z3Pd@f6~REicEKwLZ-0Epbf;tJblkXJITu~@#LpHdquF*U4?O3zFLXAfJ27XSMBBNz zbZxbhn7-3la-jZ_X}f!jAM3OXwR4&u3*Eds?)^~5W1-~GEGW9A_B6QvZUqu?n-gk! z^D~Jb8BTp|pttS($qF5IT7+txGR(H{Ugue>&^c0@oqHVAHs`w9z+n4v=QZot^YzZf z$DCe;PGTwBonG0YIB0*-dD_|*y2NR1U-_idy)<=sPR8R->upasOKY-H#*G{Pb!t*p z?lsQF>@4)0UD?QwP=>Q~n^SYPDmOF>0z#*AKU?U$Y1PEBF<2LTFx1s~uy$`Kd0fUS zMCvN1ZK%+x$adPMJ2ly%kG6*fWQ?1THTK$R=;B{C*Px4c2DY6GB|q=9Ds*BCcQ|eL zI*U(->a!L)g`tEuoJ&IqPB=T1yK}|3>Wqx7)pt1;tiv->oDBz@no?)#Hs@6s-GP?M8np?Wuf%rKsc?=9&}=l9b~OD`j|8CEPS%f zIboeeHaY*rd8cKev!gcQ5~p{mbJ9Bbmrct)FF3#2 z6u{F`R{h2~t6}?H*gMWP1$%5$V4Q+I>6~?L+O zehr^)JMaASat!R1QQ0${&o57(z4IbxP^ixN#M$fY+H?Tyd!3s$q2de#)S)6D;H^<- zot~jm=jPfvr#T{OeWBC5WaUghuciJfssCE)uaf$2rGC5Af9upNf}pKZ*c!D>Xe!$tMI*kwoJMSq zs#&=6Ar!y3d@qW1(sV|e>ez&qPo#9aw0xv#&GhHXOTl!nH2qPU?j_Tq&zvg6{}aw7 zho5i~593E0ZTs8iOp>2tt~Zq=O#=JACwy}P7yS1)`|F&vRGsM?Ca5M({VMU{)bB0> zaKiWHMzah6!cBa>6F#cbm#!^aU6WK+K3?TFWV%6$a_+Tlr+v1wdau(q+o{;=v_A~G z#%UkeW!r&qt&fC;gcgSW^(NxBtrARMT!n@U!SG+v$(Ry~%ax48sA^n$T*;AKdyOtvvdi^-YFrCl$%l=0x5ga|*Ftv)zeAUcapkx@ zb!#GZx%Ncra=9Yy`Hr5J8vnRnb>+DBxVpYWPDD>LOt4Nik~2yJ13CqMVRyRll=JbH z(AkcoGjU#sJ?$(C^yeC)XJCyTnAkovKQO+%vjOL}7KINLp4$z~2F9S%YADvhC{-{^ zw#(iQat-|9v`=U4szS(FNIAU%3+%1<9Ai5<$oJZon= zN4As_@T{Gl<2<<~+j+*WnGY$CZwcg3Lktu+)yLqH7cH9jNG(q+&s#XrIs^7P>4!Te zU4#YMBcZ;B(E8k#5Sw4I58UjOpB7`_@j#*&gVw!Nb;M53FveV@Ov(Narc9vpbyQR+gqg~_Nw}jhe)cXae0v9VzWuPwt=>PyvZ*eck&JMHso`x-uXKD4zvUyGfZ2q2aICSZBj)=jKgtl88ULnN#z*Kz0@iM}+yg05BWVoopB7Yz#BH_z+;;OdqBvf$n{SOMu1ET40g8An4p0a#^g4*V_QzvcFc>D3+t;6 zW{k@i&mq}{aoDDYWV?Sz4(K77t@RZ8^>~wSAZ35okk|a%A$MN40-3h+quNl7n2Na{ zaK#;Fggjv%Sa{RH6+eZYfqwSC7qlU;#I>$z5m#2_va`qjy^NPEq%YX<$>tERpiTq= zX99MhH5PsKSpEd8E%XqZ)ii`RgKZ&LlAnfN`{qyBZScQ?wtGbEjAd_StJVi>yce{^rE z!G*YY-^sgW6}fCRFN}5e**0z`4Nc?4bmma!s8#A@CYV3Z=rk$)$gErL~1 zyYUehq=9k49DD|Xp|kR57C)=`u@fKdKgUO$b3<*YREW>5Y+WILlb^XEv?B+1+iFhF zbXsORYtxG(o&v1@TWLB#34vv*PShC(SomJdK> zQFQ`X#80QW6c8mWQC^cDyVy{4^^Vo}+s^r53swh0ofQ|fb8Zyt+htt0CDa?%pM(dD z@u%^Ahd@;4;K`t~r}mihwiTFzg%<9pbU*1V8|rjV$7eR~@)eECSjf?Iu9g*Oz`1p^ zTDS(BzXoV_AV)XcvRSP=*+8>>4f@(7;CviV3w_)h+N`byaAh1&OVEI`3!)uzI;&0N z6%I~0QuVJ*>Y68jTMk&_G^*Q%OLkTF&rQaRZH^M`I5%$&a47>G$N78UfEdhLrNwd1 zxF*y^nsB8P;$Q@DvK6HlTm?H^1vmK=eCjH=$yIRHRd8dZf~y)S_{vpqwX5Is-gRmIx!lS z^G3tl9_mEWnz1$N>CT9I*r;J-DzE>K&hEEJ3C2f@LmeX`$vg)&zqQa=|k0 z@SE?c^}6ZVtnx=&r-y<0y5^}jm%%;GHlbc63=t988P7IzweGjA$#L;{)Z@nL-?-W9 zhPiO}kD#ZZL)9}TSh#moEQTP1m^C%6g!n6QF>^iZ5Oe7FYE17@oHikj}Dx#Q+j z??qe_>P@#i^{(8dUPsM1?Z+cF-6^lp^po*t4EDLz@b*wAlD2rn=FJArH6{}GyECLA zPCLg;E*Ph4T#Jl^9&U}-^N{Ih0}py*Z|=#@R%6jaZjzbrsdC5qKiPCx z_t0;XXQ#C^XA&W_mk;_-zGDp{z>lX_eYV@;C0eJd9+re0)Emp zxUiMc^c!h9gFNreoTet__tpR1xR8mN9krfjFF?MV+3Tcl5}LSp$jwFbo0g)TV3c`o z!L2UkP_N2N_xa|O;Xj{v(e87Z>*T|(lfBsW4Dx(z>>gwS#?x;4iH>NaU3+joHR;Eo zcGMb`7c5V_r_vYyu8}59H600_6xT>IuRSBpZ1rkP{CZ})HNNrk&hDOxrhER#_hmDW z+bH!;>VwQ2c-5D2U9%$xdmCp!Xq?mHK&aPo+^EH!m!7!a*5WX(KJiFUo(%3?1yCS( z8uuY_uWdXEb}&0QYkJwkJBDOEG<<5xjFdcQ8o+-c=hUvWmb6E z%3}N|adq+P8mkg_4{E~rS5j48yt>+|F56fFwza4M2dL6A)T7c0SFfz7s^QPXOw6A? zd)BbVcg)OPeA38A5A{ zt5%g%@v$%_f<{f8(lCm2^|bt{Q^R`jCQr%<&zeW?t0~})NiHg;S}I7w+8q4xMd943 zlk=zg!>h8mx*C0=HS4R&5Q@G?bp56rrj^aepE_}hiYxJZxSF%Ex?~xC5ZJm%iUQre`@|*riWScW=@)#FGCzgH&)cFH10Ks)D%ovY_=;guGQ{$ z+lOl}7{QzG(`PDqhs$&@F-sHc>fm`HwFPZr`QKY!|E3|~>+RNs(selS(0jbN$` zFE7D7Vj>7HTe`|H`_iP!D;#lgi^|T^vXGIqB7`8*l)^2mKvv#Rldl$Dp&l&P~!b;*h~B{(DLKtR;h z6eEI`ty~o@EiPN#$We0MSqIML%;ja}m20t+RQu95;RIGJ=LC+{@L?D&?Vl#Iy9pmP z4%27NOPD-*Ov1>aBZj6V;PjN1l9ndy%EXQc5mUDY7dXj3Pv;I+bQ%hy(y zKu80BduKV5NhGj1IHNg}VEX}FL zBx$=Rea=p`tYA_xU2#wU5-w|sH{e8Cf>T<9+08BE!>ZP?ztsoJtRY*+QP(&&A zN^4aU)p^`+a&_^Vk}%KU#?vEHhfT^V2rrnOkJDM!tgx71X-6_0!}jtO3G(44Bj%em zmnkQRp(a&8l{G1MV$RfIla!=MMFmsmTGMhTP7g0zT~b`-E^qZ%x#*m!MG6ZMN^n{E z@{$eV;?>O_Wmui@G_5)~e3*r~h!o?x83D;PT#bcWvn5p+$&xTKX>nM(pxry8 zQ7<_vX(O=uE2~i+3nPE6EpeBFlJ0R{XF%Z8z7~#MUshRSO!pi^f9M#}&R$tujvR+D zn8aPgGnj7uj`D^+y!5gfW-P zoa7w6J=ugCJJZOPk`1WZfQ7pXK&2v#4&gjsT@xBSZKdZoH8YU z>fE_lN4o){TZ~atvZha+TVTvmK0tO_w$dFRxpuMKX|H3rs$_L>O&QiTZu}ZUkT8@D zrh+MiOZatJ~K22|I`P#L9I zKdvc;lTDc`@-^rtPJiZWJW2phID!I&%W#tTamH5BuLuKot*G$m~#ndL@p|PtQY}V zc`U=j7F-RxEyfQjka4+EU4biNtF*YBXJ(^1Yrc$xRmsYl3Y^H7uSNDiAK5d5l3A~O z)}RV7h0$XSA*PF~OG;~)cOXVjTj`X(&hkr1aZdy~m>On>(zWHwFudkuArn+(3>hjF zhZrIQkW&kp7{5psIIEy1Tsgu>?m58igblohz-o}nMlK0?e*w1+D#Tt(4+&3b`h-mg zGY}!N#H^qQ{A8hMsH~Jf)pBQ|)LP1Uz~+)=VJu{Qqo@%wj93UM^Pm)0lZXk}SiTIu zzgJOJhGi7iNphm)S9H*!WeOb*mtwAzR#mJqT>3Htf68#P#44S%x_IWQVvCEdaPjix z3`QhQqjeY(>Z22!V@bpu6eZrx)x!- z&hV`-t63RFDplD;>kx~S4$77D7W$0SGT3!d%hMcUisF#ZFn^s;^r*@u+*5<2R{g;j zpXM1d4m)Xh*w$P_cF0%}R_pRJnOrT^Mio{=@xm6hkhHSq)e*BJO8Z2hN(D-(=+ zjGm?qGb#)(yxo`)RgDe%T32{nd4@|~vx#Q(FhTbWFVm9)RfaT1Io8fSW<<11%Q8;7 zU)O-okdNxBuK0bbb}j#fqwA$s$M%XEJix~LV(Ja%agFV6RiChSNBujvfjyz&J*~CY z@ID$XoQ>og;4#e*w5niDk9t!!p<`S58sYvitgq-A^vsZk3m$nS!XtUwgTHq@InR*i z@hF~$ZG{clQ+BH19T_rBOsPcI0%*wV+^Ttoyu+;u8?wHEIHk?|G^V}lnpR*)qXu1i za*HV#MVN|)GztXgNmf*({5eK`FSqL#8}c??1yQ?eO~I(9Kjze%lF@Eka|~&EY+Dx_ z(%7bW|Fd!V#yFz}mKMHH$D*bfiy}0h(60NNJLvNadGOWFK9nPHhV2`;1^LXo@k?tC1S#G{qR{)kwztrWhl= z8p&AL6l0`UBN>aDVvO`^igr$}=T$@If2UU?84H?XjPz z8J8G_G+dMw8BEP|-!j}j<{5P>T)XnhHECpFX{)^Cea315c^azJ8Ciz0X(Jl*;`+Za zV-vRo43`-bc-@eGBjz>Xzlim02jd2}&xOW%@QdFe6 zc}AVbrC&Yo@kVleA2%5;yrEByfR$2j=v;Ty=NNL9u5zqPYwJy+$isc3$>#X-84uiZ zFeHDETUE_5WG`LiSXFktDI|M1LyqxqfqGMz?%@nM$HO`GrV#dUhAi`NQT3*<-oqL4 z3J=$;-V|=~aEAP$hYQx5!u=l3kU#Tq(e=rG*lhcje`hierv z9~qG;-jeI1g#uKS2>07lq$6ZV38FCO_^~wX;#E>g>6_eMzdQ;ly z0S&pS0nn7L@qmVWssYfHUUz}>4Ea_Apt8*SjO<2%>Bb~i*2RW2hO-+5Za0i_+<`Kr zQH~pChVKXj-UQ5!s?6iAq(g{AF@&%v z7-A9$I1&;z0keQ*aRdF0`aU5N# zINB0%bj5MBrQ(PeTAxz4q66h!5FYQ=zi1G8MGk|`sIg)t zr5J~r*&CGdzZZzwf*N)QiPBk(6{{)5IMi6Nl2VLA9jAD9EkcFeZOBk##cE114t0{u z?pt_-edUlIW5sGpG4?n^W)CYo!X7@P$5^qNQj9&$lG!5*kFeL-+gkI#bO+d=qhArt zcaFu*vTwoUe|Ad=_6UiFw)J&ys|x#s7j?om+KMYgT=#m#3T*y)B^OsaY@@BX%f+_Z zur=P>>Vj>w6`yWmTeGqCdT*;6w$WC6sUO>#gRMrz_)_21-`*1|#u^RwpS-9I*1p12 z|4TQT4(1f;U{_0& zuH`HpUF;RBu#JjwKSVMAj#mCRDodqjR{fZL)J)V?bFhVCz7o`NPiBduVnf%l(N>(V z^|E!nXui6D|2Hq2S<7Fvm;W`~-nTJc{~HN4Rr|DN{m;Jm<&K%mamD|$bZn8Rg%8^& zk!uf17Z*U-_YVS6y1W3wesmD92*PoM((M(iuxEQwJ1p_!(N$}d2+5icmUtYH5}_n^ zN{FM)JFURtCbw1bPS+PeSe%c@=D_07>6TT#*V}4?ZFJh^onqE@6kw@a?xC$l>BEIZ z*v3%e3Gz58;NNy+U{jH% zAs^rNiWS&K#rR|zE4HN+*bYl|ZQQ|9^P)wO{HD-{CE@}cwgk?ukx1OoWVC(pVwfw&dv~imbcykdxS)85}i)~f^cWpIa$5vJUsv-@r%l%^#ov{Br=rIXO6a9UePS`2j5votPVKQ)9JV#T7 z#gk3mu()xPCM7%>5Vp~2JVV~98h%l9WHz$~|2<#(D(s6?)s}2vU5&zIpOPwZe6|r6 zR`e3trFP@9wV8YR@$ji@vdOme+_T0p;&PL>3te>u*cI zu&O2s-QTAO$NL0TVy#M<)(&3lRM^5$du%AWg@^m!D~!}O-w|?hqNvLd&Bqf&>AZ!y zc2)=#6H7-RJNdzoy4C>oW1oa}SQHb@M7;M6s!f>S5H%vxC!Y)8-7p-9j25qH3z zFOfUtQhHYbgdO~R0VVsiZT&AX;o!8>+p56gCU;t?QM#c3!amp#U8P2;a2m~5I6cAJ zYJohiK6pu|H91h-ta z@)HzlKWLD-WETH}r&2G@*4XbCCbNooSv0}f$CvAWJf&bm2ews*@_rKUHZ`q?+4su4 zd4!!a+680tCF~UvxgaQQDS)tl8U&=2`MX>lu7=U1*E$%!kh;(&O4h?gXe)B>$R}c1#8Lr*VQN- z>?4S}GPfqXi~D`B_HFw5pFLy(yILYQzft;Z0ffDE5YX8v{*RqjW2apyr`1~Qv@7K_ zz6?KFHN;cilJK~)Yx>xJ^dlLxR>@+jLx-4A*@YXksCR{^k=a4RVyruVf4?G^o+Fw8 z-;z<_A;g0EdK^@UN(B{SET|dNeJBOyF)G1@FN~{$vlF|CtA)19a z?(>+LQNlw^y6HkxDoY{8vh>|lmj0q>_A63CcIexQi>6qs5^F_SLTe}aN_Ad_Lz^GP zsr`cxmDnseS_XzT6rvJ_Hp`w;i7K6@l#Ic80tis~lmdCJo&f}=oDB;|IusFBf zLfFPQ;zT~Bd>o=U@(y>s_>B#+&_SwWQUPqaO`XtMdM63py^4Im(mrFe)x{1DR&Nu2 zY}Q{K43mv6^Bo)Q6v;=GmKHI#HKH< zkMWJuKQ*i`m}7l1qnKhywB?I-#d|umcA0nr9hn^(&CsEqU2(KVigjTa_tsbsF-b#n z6(-}SB^z^`A2wL13&RjXO`Gl3$ryTx2{42tO^2X_oy~HU`DcteU~hSm3)S`^VQ-hn z%}$h_D1c$*F#n|7Soeb6;I-OeG3X{8N`?7oVSxF`KKcsmZQgu0ECzG)l^UhOe6-e{ zBD05z+9LYiu!dO(vNdCf2_dPqL5Q)n!LA2}hOGQL#nL7^GV717ib6~xq!5w{Da2Sv zt5PAIs!)~{Y1$M;9)c1vg^*NCA;x0*b}FW`70X3MOy7-S3PFjOLP#p65Mwb-Jt%UP zW$#feR~Iq;B!Y#YL`)$h6;p_@m@Z7kbgg2!UDPh_!jNJ})WJhYDxwf$5&a|;(U%p; zJ)+jZ?Q8FY|3XY6Ng*T^Qi!pT4nKIXr+VoLg|dU@6bose5Efz*A%&1sNFl~T`amkA zDGKG#BBVpZkU~r%q!5w{Da2Sve@KONszO;NYP03tVMtjBO2iaGQZa=Xi|M#SB4>pl z|GrxOXX`N7bG)b>mOBl0hQICtrx5=?!|PRH(R1gmP~{{E9@4GC)IxSQ8NEp~g}GD5 zejsY6{7KPL2+&;ujn2-oTN=}9lu@?Z3Spf0O65V(k=b#Pc`)~T^XF#gn|aFUCYtqU zQu&oPA8*xx;gPKTcFZ|uo-(?L=sR`CeSv5)JAk?c8f|wmR+)XuC?{?njhD*Qq3i?N z-P`Z8mG`t7Wt0=E>}gV&E}F_dm{)r9YqJZ?JY{qfcaCRDcdnGm^`gnX35chjM%xR;`prINloJ<;JWYd%WcC4l z$j5(ScCOi{jB+A9H%jGp(Ny-q+~m!#&CWCPl+hiLogPj+|0b1hc=K`J1aqf1-*5Su zR-=q=B0Jxe%FjfT*#UIFw|`!}Z&F4%5&kcv@`z|EJ76C6<}auxpEA0MuK!!9{KcD( zvjgT2-h6+3-lY5|$rITbp|jE$(PVZe=-?{~(4=U11KLfXeDcnx56UPfChz^Ea*${$ zgPZ{Mz_*Y5g#=?G_eLx@g_E**C7|JLoX84<=a;s=6`(Qrj&7WWIz?9KV ztew6fmAk$9IQw9}maCV#vtkr# zh)wv!*9RN!*8f`klMOQXXS{4?4SuvTIx;(;2EU`19aw|k)yod5!B6zEgKO}6d)Xm1 z_~~Bu>Kgp3y)53=ZPhUzGq4tby{@=}4f_>|+}G&og2bjW5S~j&j=>O=8iN>EqJ)~Ecr=Bep+-}PO)QAW;%1-C*kz1~vl(J+ zQz15l6Oxg-@Q5+7vk;TKN3pHl^Pz@O5%)T*fl8$E+cGc&`rG8S<$`GP0!43eD0&G|N>{yskcPJS znEWT_I@|(E&2=0*Q58tebs=b|xh}*eh8D@9(Hh$C<35jh`-Nj6R`k8CQ8DgBv0?|# zQA}LGacH~-x8-JiEo`;Akein@niB@$hvv*lY*6}@PEjlx(zUG@-WwGgcpJ6_XPJ#`e0_H)@>*bYDGoxgrWjnan-AS}bGZgAHi ztH}nU7PR+sPDf#=$p#{Yg`qA|NZxGkhHM@0lh6rU^`a^)DI1lYvwmG7ft_?5a+cT~ zBCesEHt7FZtd*+GHn{(-y4y}!|K<_==&3)OJY}9Are~;oB_KE&t-g_h1XUpEnNRC% z*mrqRPuK(P2NC3w2_o?uiT5eeU;DAq1&fc-*_icfvOQ~*@tMolnLKvf6+4ceTgUMa z3desdL*22V?l_|8-Y*gH{H|>tz!Kyb+oiUjkXlQ}E?Q$3(KFB3A(ghggT-Lt%!StP zm8#@4vX6Sg5O#pH3YxTYrOxeN6-}+uV@$kC4>7i)xb(v4+=>?#4JmIiCiWI$%-hwm zHzwyN{iumfPCwP5At1jN5*h}e7; z^JwR`s@~Rv-f0!~887OF{g7^EJ6%e5N@@#s*zbE$H|&3VQ5ANiD&WjfDymftrn!u2 zt@EK(V5y#+6<`}{TJbe~+Us_~Qjt84N{!MMA8;2ef!oRumZ+UBrJ@eev_>6>(y|8I z81Vnsn&v#EmG-a{!BRbIn)eD-D;j}H(-?+=&;Z_L0{A7YhV=>XntVD)$-F3)v{TJIu#z<)4<76($EyhXo z3>=22P;$V{CAe)eRHd0Y*$jQ&DLQL4b{Cyth?@q<*K@1t>p3Jvjamuhi#}VeG)CdI zHTD{<`ml*X8*Ahk?ZinQt?lGKxmsgfHJA`YSsIodBeI$)Q)*snuimrIn- zg&j3YmlVJ-2F%~#%~xUDyw+S;47#b7(mOq{3X4YvEOYuc@3aDYK|=*9HA|f0b6KA^Vy{`xaT=J z?H5q^vV?8`Q2K764f|lDHicgmIM_XQa*pd>DEwGL=Y`Ur8le=%k9YbGN@4TtQgORkC`07+)Z}*}uSd!$%Dy46EU=@}u*@_L8EZM05me34U7S|Tv zODeFmpPjE@i6oD!Qls=bCE0+mR|PE8k>4GqVHRN#+)n4~P+aaLDY-AUVuthGT-b=J}*@n{w z75KZ#<<|5M>OuvqPH|%AlGw|AVtZg~UQ~r8yQ8voc5{ak3AUG~gfqT54SPFrEi0y` z;USR~I@2@WN-Hd@su$YU@H%eW)CiJ=)ZnAxLTd0)&R8s$1|JQh|BFH*wU!o~7hSNY zOpE9nv`DInh-8}#&Bc9TXl`sMN-^~yuP?|h%j_C@%;r67hzNFkW2!H67@U&u6edi2 z3PYqMKZOaCNnFHW(u7cS+SwD+X4F{FY1IH zzq50a&q5tFN_$9ZcO764@S;xG!w2b7I;#M}zHUOJ6G~@FYST6BA79!Cq_o{0PHNG> ze!`17VGrBWq3lxSigPLaR6_FsyXs{PI0{!xY;;WN8c9tX_KSmnlDe#$q}Tv*!08tH1^NSl2l&4s01>NpBCi*rngmazz7X%+{hM9UZuwy}}o=f-HH zFZo8Qz|t}{bHX+@QYFzymAH|5QjJup(Mb3E2JV5~u3;oqYLwovi|bhy4eXD1ExKQ& zMyYc*4}|@#z7dk=s#2qLyau9Kgr%V!kP>ZeJ6^Cfm+8XZp)u!leaVlSo>5|VX&7FW z8l_hjKv-JeS)@b6 zU8%m%=KI2}epc;*rSg)UfH-vKGn0c;llmJVQ>EU>=y z>(Tg2oP#omtovVVQ#SBzM#(F$)_Ib~_D!2c&d`pABcFw#S1$u`Wgrz??gOunG z285;M9gq@@|2&?r={6P%EZxS%LWwEFfUtBM2c)#ncfig|#nO`;kP_z(vj|JKaX?C$ zRsaUvPAqebiHfy=`WerHs33g;VBq&uGIr<>O6#NJhiV87!<-LOCMqE=YWUHS8inw+}*B-QRiLDGGs+L*RBpK-f&(}bgZQ?|m=ql8eh)TWNA;j3b9Ukro-C22@#{NVYM}MROVFfp=<6kjp+Up0R9g%eb7bhRR`Kqvf)&)pA+*_jNS{V<*oe9r%Ol zhq;XT?=aOWm$70c>|7SkB)N>U33Ea&8!isl>O|6`NSu@slf3O9!xFLshCw?iVYh2- z?WB~h@+)eZ6~Ef!fnM2OS%W;p0VJxIiE3KIcdDG$sbw_ zvr#u2juU5qS&S2tlZLq?OXMT(+wklCJl;+7?cyheZc=fZdRMLqe~0gct*{SyQ8(=N zni}ks3A?+$nmETcW+}a<0EP)j%+XYdrgjylMCBS9o^I-ZRCRE7ptdx%!&0KPhiiDc zy3-DOyOV}BOb$BgNa!{y!njRD(6}{G=+i`@LlcF)grpVjX2aRbgrG{K36-zV&B$;M_R+*>Uu<%c38;KbL8}&yRvsof8p-hG>OuKLXl9$T2$9 zDLUHT*V1QC&r@bxS#O7>P4kmtn1j@bayS?3eRR>H2UU9e;J#ldR?4bH&3CZfVEb0W z4)aFZ4+eri%uuhb>zHU=q3Dy_uXMr&(}D90$j<6(Njog2-lhdq{$R^-S~)Qsav5t@ zP93=n-zh_(ba`vcy(bIUtJgmSQmy7 z)`i1`Xx(Vbg;9)78V2d4VU$i9hUuhXoK6}B>ZHR(YFiv(JDVtsv0)>GRyI)>or%KG zOccgtqOzdQQ}3%^{!n;pv8IQmm)e{W247bV!>U`A`5** ztgChelujCk>7-$tP8tU4 zq{BsOJK$lMCJJLTQ5c|!!stvChGwELE)$gn#pR_7J&emq!_b_R=o(haHdllJI&2uD zlZIhBX<|`qcFW>F%8#n6d=PE0*Gpv2H(Yw5e{v#DWm}xe zXc@dr9vLq-p72bEGf`~2JGLDyVzFJ+>iM(n`hOU@lZMedX;=X#4ZB)c2iDW8M(kO` z8|~6~3>j^;b7NcCqZd2m2ExDw8PHB07aEPn!XQa70VReEkZ%{0+zz2AJVcKp7 zg>}0`GZnXqlKw+b!aor1LD@bIY+*X#f0Ua2Rib0<64uWgT==xB%MCjCsDzKD4u;jl z4fC1R0OO0LZz9-+-M0-F)^NmKf<*0O^PQMq=*@S=hC0JIr|AX__iplyG;ZG9sAIW| zTQuzbBaIx9EWV?_=*Q4m1lu~hbsRBzi z95AeilZI6hR+ZU9)JZ8V@^^hIuvbY`-!`K_Dx7wh3?~iKk=%C++se+_B!fDdD6F7~ z!rJ91MM`ic3L`U77?z2ir$(Y*xpag9J1M7O?!`GNHKAFYloBmto1?I_%Mgv^SNfUyGh+DLqO0QEh=9=(t_5HFH_69HN zhW&Rh>V(}aQU2rB5j9FJes8WbtZL%aMU@zjuHuxaoV5llJ=X!lsyb=9JCFmK+F>ct z+S}If;TUi>!+Ix2CpD)+`5@D|km)qe9xInUZ3{c>6I|4<}@51RA}h2P^PubX-EVa z+NQ1c_Bn{IBX}5Kq9AOiQ)Zaj;DM#(^R4qREvfDF;anW&qw5YUfGWde@SrIaqqabi znzIT|ZKq>~dRZqAt7W1vG_>X^`s9L|e%W9;v;*Y9q3ke9dFaj7Sg?Q8@X4RLY4cAm z@`#!NVTTYBol<4bN4^(epk`cFC5AF7G z-yGerH+fMNmd49>S=afdWInMoLp)NVQAk|>sScQ!Mq)^0g}&P1gPa|AquFtvnH^3F z&uANDwKvoq8%orxJGLF2w6HyGNZU;r>WPEwi48?*3nR+UhW7fk`pxCgV&k#UbmOrw zqtv$O7O4reOsk??CC{St)&|p|9Uz|`$_`4}YR*6G1gq6$=AK=pw6`=2h;B&rOr6=P z!eY~wh_D#U%~xxb3iH*_EM@)H&CFL|v1xnFuo!gH9Hqj1v^<(2`-g~H1z}$;k;?>e zgmiMD2z#Qw(KNK;fnKo!i(+C)jaz)=xAWnT@s?U)PxGSLu!krryN?9>djB!00qjTg zByXt$mZft`wt7U3!W3`5w1*IHW9<8T^X=rF?}FJXg8+~4#@nL+B}f^^qD{=OoHMP@ zz`o8Kk0!7_8Nb;_IS2M$FFGCeXA+IJPxp*DVp@&zSUG6P&ON^-j3-Zv17y!X`D0>Q zrO)@htdGJj80j!0veRJsV3W1ZNdNVw2MQeQuf3=P_Kyow?L80Z=W_+cMt`$xs{^%?8Vu$Z=?2utjS3T=l`T8(3^sMDauH|K0xrqev`TfQ0_ ziY8zTp*) z^;v0!UFthW7o8Y`cHzM%Cdj;rV5xG#9p6OynSvde&Gbn`J(q=H{zBpXst6OdsBaHp zV#%)CLPH}p7|LX1*jN&cl41mDh{sL!19@Ky^_Zu>o;biiKdMHSe0NYs*@ zy{<-qDDCPZ^qRQfz~OD)dPl4kE%nhNw!B}#pW!XFoh6pgY)J!KMA;Vmi_&_a3>{L~ zhJAw%Mr(b%tO@S*w@C;QX= zBpyxu_bNW1)_NtBJ}SvU;)k zD%OhTt1!&GUlAvtnzJ+23ltxr*`gP=h_W^I7p3(-l#UuZLoVt zw4+^8H1;dP*|$)ECBl}hZ$>SQu`UdANxx|9S2Xxg{fZUi3;ohAN&w9R)cVhwW#<2O z&9j(C9)^bgCw)EVz~1jg71*CjRG+UX;Myjq&}(A8!eO!WofB(C{R%B&%lj4lmwlYA zUlmJe)~{fTC|hHHQCitZ!(Q%19YpX=FKUDRp+w<)ML3%a6<8vyccC!GWWU-e zScT?`Ir=aS}*GOq}YS}XGPj!5A~vs!^F<^qITGCdC^?hUwTmo?8xHV53sv? zQ3vdv64e)s;g}kDeTEUXPvO8N@Op87*V6Jy1>Db%RIN$nS1)&-c&$g$NH>w zlUu%6Wm|A0a;C3*H(C2`A%Z0@Rtebcd_Fp1CwNg6wn)*yh-jroieBb}ufU$@O?APZ zB9XhKq%^kxmbCyjZM_VOR&FbPg~(LJvyYFf74|AGimrzD)uGcpB${vz*P)pTIyG#M z5~f`=|B7i?vk+tR{`IRvkd;GRVn1tv+%S0UybXJc4kaG{Jwu0_N&$U4FTh^l zap%X~0AqlxcZPKV!mMKzfyISQQ?M9f0t&5hyl95_D&n1r_`Ra3M=L{&eZg+?Qs*pc zvJjhS3I^^Sa%twal$i^$i7%HvE;GmZc_7**`zw_bq$RWF8L2`sH&6SBSCvKC-l= zxk7BBxgL#k^(!*Xz_sK-j3^Hbn3-B2jPe$I<3u(x_qw1}bEA$H1ifbKj6TlBXBVih1HR52 zBajImV*#o16Qgz}LwHF34iC^Bs?nHi&E{-$UpB3V1ocGD?w8U-qKTda1|28-6D zY|SKopJ!X3qg-Q7oH^ARcJi7@qbEl-!)UWPN1sT>+e^fqS3VOovBoi?+}~q{iB{o9 zLDP6RADJCjius|kHQJn>ZEZmr-9)0dNTu1FP*3cP%w|R5fqBG-x7vE*v>Ih}6J2E& zJ)|+&Kdf=OjCca%r5@4>iu#+!dfAB*z`7 zdK~5J6W#0ta;S&Qfkn$Eox4NJ8G6mu8GW1;6YW}GXO0ob1V0&DK&6uo8Nx$y(gC!; zs%?|bBiZNy>q$sZPi)`w=;Lgkv#2Kl>F|&$ELt|{?88*EW(-_D>5Q>SXP?BRgVAPl zjy{o$w`c#{Tv1H)93#s8J!Y6_%O)Kf59g^#2h6d`R{l`pDr*bM=#I#uL=)!%pXk=G zuX3o_w4E!{mxx-2dP6iZ0eXwC!r4}dX*J3yC#t}qD}5EBhZ2EY<{_=HXxYRxF046f z&DI=!d=(SZxqgsxj5us!8mF;YfWp84-&~|Len9}BPY7gVbc-9KNKjAgE__Q$KlK@l zk_zM=52?bUWn**(BXi9-xO|L`voSg&F-9@kY|7CmlJOZ?EXF9uh;o0A87A7YF-jgc z`b^9XTMWn-Jfs4PmYpXyg=!gk&E^AroQ==USJz`TM~V$ShOTd--$JjQT>Y>Tk`)T4P`@yu}7^^i&Ze2eeXHj z>NBlI8QsM6^^8=;j&vi+o;(SM7Le^dq!kt|J16X3rq*mThHi^t3Yw;dMo~`%@&*s7 z!lGp-+Cv%NYj%grPqe$+iT2RMi58>HW(0jA8K2QLixVx!h;o0A87A7YS%cK#Jax_i zbFi{C+MKSlE>0QU#FWr3m4!ahQ3nJv$3uEx(Xw;S1C8gLp&KS2AE|TBwrS-(EOE{u z+GZOWeX3Y=`*nT+%Q32dabvfqCt63`whD3T-8L6gna}Jm{`QEe2>NBlI z8QsM6wN@(YeAkGswtzI-9^@E1$vGa-N?(Pw_5+A%HOeR_2Eav9`H-(dGys5H;vt=| zXg%!~UE93enz-!?tq+WvJlQq(%&9DFC;knVe0Fg{*G*oxge%3#^+n(LS-k8cU(Gf- z`Xsp+g8b%WVvS=ozz!ogJJnP1|I3Cbn*YUtxUt{+KQm2`1(=v~Cnz0@I zX~#{Nu-BAXQ+IpC%P0PQgke!76Hu4Cj4@Hz?k7-7;?SFjYiwIHmA7rv%J*9>Z~HXn z?XpK!jGi_#y4FnBBClLfiNA}+*C;Db{@+EElm9MT+}g9`?idq9v*!%-nN?C7)f{8S zdAfzo?2>_0bisejJcA~{^3ER*+JDSE&p!L?ODC3fF%5|DWR*JY{A1?PZLaVPwH4ufMr`Zdxy^*c6{(M{a3xmhY-5KUc(eM85Jmke}=yE;IcohBcW zi$94bHobr}>*6mmJ+{RKpSZ6M8uC!maSqT1t?k*Pj2(G4abyL(9VAR3Tn+XsDI6t|0t=SaeCM_Zzs z8XRDDROqAa3OwIurHpQ(%MD27oTApS7kg2ZE3^to^sFC{W^;u;(Tumob`!{IzZt|a z!YJ}tV8VRmfHa!{^l`B@<7kP(In##~?e79< zHY`ljK*^yBXu0ATZ5OopLt>QA_VKmBVsDH=FWX{QE75u415)~!SB@$N1Wb;!s|xE7szisBzjf_ zNV6G39~a~Ot7D4$JYiS*ABD5aD0d`rJ2HgW@_Cz-|MS$5uwaaJK ze6O7{x{0UYj+M&sJ~6GZ9bObY^MFyOJLK|QfHe@IGy^f`-WDj<(| zNE<9#lg;HwcA)$HUbNkeG23j`(I=K-P_u}iSmPLR&a|ON)`y9=?Ce4V z;yyKpg88{J#v}8T(M>!u|36Y`HY?N=JET#N{Pqgp_((WNu zShQ^7xmf8g9H7^1ozcfxG1(Rq561|kcx2uJDxG-95FU~f51^w|ZJT&5b`uX0)Dw$^ z`BGZpa~Aa^AZK|<8!TEj@myRC>F8Oy%{k}ozWqno(POQdUjvZE6Lhnh{?`(^q%QR`IkWAlKn^i?>! z{cmsDF3aoH3_BN9MriURYW%GzjioKI1d(M_B(M(G7zFZC~e zi@G|H9XzBJ7Ol7BU7d!=+hN!S%DYYCiHRmO^FEz;sFA3fZE*CdYBA7Q?oO<6j5J)@ zIMDu2(^1x&=$h0nwUh;usl7+rdyCgvZ=#HDVuVkV%Hc&*FDL3I;UQCv{Ez7r&HIP7KlGq*C=sjW%+zV##2Uv4WP-<7K&59Rng9>Uvk{=9RPB7R zy#46>)*=$r^B3O*fAgiZ+~+J>oB>(vAziR&+1cpgVzRq<(AmiPjxCo{XCn+Zn|Jhy zrday$Qh|vzjuGjB#dZ4d5tq#$G$H|{&PHHPQ`Yh;_56kiWpoo)>gP)3{XXGQvjJJ> zAsw)2+1cpg#TI;_nt7j2oQ;UO*#<|SsulySxJSb=(r{_xKx;S~ZF{BE z8@8gShlzCQDChN^kQhP@ee$3j0Sn>2+ouLXc!u%Y?5H~ zlIP?~0MNC5h+R;hB`Bkum?iF#%8!fj6RZ?6Am8_pE?Bh2k1E}*&v)@B=NtI;FuvWG zpu6UUVw)|wzn|Z8NS&6pRWH9CGP!=spz(?PzoS_4*vQMETOICz%bx2XmbQx$f^Y^Bn*S>4*&=||M zwxy~%?6z^(cebVvSo@aUonsnl_Dq95bI*8tC7P>BvFhg-^U}*lf!T^)`H%VO6)#WD zl|u~*KfC{9etKTV{6FR=`%#4bD#8XSx8a`K{G^0Nk883>Wx7dS|Ddu|JF2 zf)jRoRXE>?6I*yd?-{QbWd%sHRYsq9iVGF0KC#9z!pL_(x7Q|Jfhxjw+}^6rzP?GL z8#_Rn4St49^YyR9a}+=h@liz25CVCwQQ)F@Dyg^&6efqH;5&K!0_atWJ%6Gt|0Mur zloQoHK`NcT+EMa>@R7O11DHUX%?$duDDIE>AKXV14Q+{TYN7#ij89Boeczlix`}=B z)1E~WKsveO4@Q`R*4M?*YKpz*y7Cl=( z@vo^k8KIjR5MaKm(7D%38QsKY;;*IhC(+b^0P`DfzOTM{Px%j$+gq+-F=wyn4x3`6 z9!c9lbO=bZd7duQZ}2Xn6DN=ZJtTVB0+8n#1ulx^L~$c5OwRENXPyr$y7eAHlD`N5 z)NJhN6G!p5$WXrsAm3;wM>wE2s)~7M&2J@BMmcdS`An&tFPd!5inc&!R7p9rz5JtC`mL(x6A@2Gi-`gEa1h7!L7{z9bH z9&1HE2BS;9N7{LV!hh7u4yeJ?Wo(7~I`y%lFT~$Ki>op>4l4R}4z;Aur@p{O{=nMI zfANy=43Yp{u{EGeBM_B6!4Is-bHx6e?1%?{T;>Z zBziap0y<0OBSnu9T`d}tt5vU0iryyros#-)EB+n&tv)~ey+Xg~dr9=by^HK_;a?;i zcz)R##=m77@vo5G6GgFmpUR>ABTDdJDZyj6RmZEM)E_^aC4X47EFVACaqy3*JgOvr z+lpVO{`fBK7hNIxC(#A!#{(t(`Fqm;f#|)WZw~BnKOxL-nf?Q^!zX6@WG~bor?@7G zP7$4667MaVtnU&%UuU7KL__;8lYGAb_t_HsIGwNfX6PO&A0o{t3yS5^Z^ri+BgoF#ai$?=3o0^w1Lgsgj>2 z+AF%O1b?UI;k!h?C;Eeu`T6&fKOy?xqJI?~t@)ByCx`V3^-dRlfoO=|Me^N6d3EvB z68vi--z55Z(c4S#-$3?Fby|D!U1<5yxeogf55zD4Js z+eORHXCDa8d)KSXgG09lb~w*oS8~2;*4~o8u|3YSVgC6*beAsm*?2fh3feWSAMFmVtld8@JE1=E@lDp} z2H9;^f0Ojb2L9KpoGFjHmgEy0`3F~)|BGbzJ)-Xuy-W0Jwd2;>L+@MCzgP4j(O--H zUNp@AKJxb}(E~);XgXfyR?$$uPkH&6=mya(T5tWg=q_Af2L`?%{DY!b3y=Ot>6PiD z_jBq0MwIpCGb(Ravi_SP`9Y$Giykjp5uGg>grBWfeD4%}x9CSiLp<{9bo>s{J4IK$ z*lDa64fWCcSK&WfV&|KZhx+@DbCQ11Eux*{L!>JoxsCY02)~CmQZ|d0*#|dCxM`xV z7JZ%Q(V}6Lt0Z47dYw!2mWWt-v>oE@9H%0KTG~r$=@!r|4RG>4$hRF_m$WiPJgBR z4T!E6y+Sl_mpvl+??wMhv_n;xQHqpC9$xEv~=|g*vm#{s;dLF5K zT_Z|+h4J8jq5O8JJ<9xFs(L+N{uli(`=6nD&k_yuO~2dPe0Hk6=7}y8T_UZS{wpPsrYlqTdz`+k2e+?Jhb|bf)NGqDP5_`s8V@@^yL8Uc>c|(B2O;Zhs{D zQ_<~YKg3@m`K6*)hm=men*NvSNrp2V5MlE=-3kbzmohn zqFY4&3|{+GEuyPL`$f+cT`&4BQ9eQw*5}VU{@7)NN9sPy zc+oN1S9z!Cw?!W)*>3^=LLFxxW!-bsU-lgJPn15-S@NJ_m{01xuj;>_=uFWNUxwQt z{B5FN5+#pUDxR&icg=IuKUew}ioRbo^j{YDcZJ_1dT)t-8SYKGztt&vx+r;{27w>iLMbX!y|vMa94=(6x*j&F56$;TD_f1_5-(8|8t7t7STII!~B-v%KZOT zcE%{a9YxFV$fpSRI?v<#2@c;Tv|vqhJPo+TRAe{1!4G>?7O zQ(2e>28Xk^LUHt$#6z4RZfpJDBfIyD{#^8zCH}TkJ;sUdF1lw){l;!1zRd3aCH6m} ze11~&2GP$1d8UZ`W(mF`dbjBJL^p|sB*fh>z(XN0kpD{MM?`-ox<&LE(U1(M7vixq zLe~qsh)(AEAy7cRkB%QG`dU%0hmI=I4{;|7H@gIXq2w2dzDx9y5_}o%$`brXCI5uz zO`o`XP=_MeQklo(JN?S)qQ28<5_`q9GnT({y}4(U~Q9KGziDUM+n1k)#tO zKe@ynA5#Ly^SP%BzeM!R5`Azy&jgNohxH{7@0Gm|h<>cZK60LCx(w*>4$6k58oVX_hcvVx~f@ZmmJh!1g(NzcE`H&DPYuZVtB_&!$m{=5XXyNt0j2kr|S4=qU_J{Qc_+w8TuPeFT`VKmHhC!%5zjcSM+V7 zmx%JN$k5(!c0zoa-4DqR@0{etd7(b?YlOd6^g7WSMQ;)1`C48K6WSZjPKXcf@-C89G#4;P&!dZcJ*FU0X)j?NN%_~MNo z;dtRjXrKFBA?{4+@g5A`#u4fxUoZUIL@yHMg%@Ez`J|4A_K=tLqYxkVt4*@YODaPA zuXX%)qT$OHLVOwSY3YyD{__r^p+53)I=-9eo}#=U;nga?R+L}(hxYc;@u{Mr9`_}< zAJHisKa3CU;pdIQ9W9ET5Fg?~Km5R+*9(OD$hog^p8Ty7<)`u7SKzsJ?q`JdLObD4 z>_hy|v@bnQ`=7J5@5t}ULi|wWmTW|JcVgeBB^#M>U%yemC2PqxC9Zp0vQgQg>Q965 z+hsf_Jy>q9{!Z-Qwq)C9o0IY}+3kt_)t2l9*%^uFWLvTwvP+ZlvDwDNbE+-&(DkOI z{6*QO`Hhh~z9ri++nkiYID33)3O_E}bXH2fQ?~hnNzs9pY<%`eQoeJxB`KefJ(ZO2 zl0C34W#1kWTc48emR*;W@1AW;%6VF4a1~mz^usSLS^A-*mTb?#22^Uv(hqI6WD`s9 z>4#ohvPltsgh@tak3Ab6$RFPxk;Qq=YdSK~Px2b&@^QiQ)6*rN7s!vQ+b{B&$C3ZF z+rJTsc0bqTx&5mHI~UdQasRp2Gf+ zlDa(ZSNZW&z53;M{cD|toAkSa^^$Km%*nr_`122=QcYcbwND zpW)=ZFW?r*=V|D5xx-n$&!5|0rF=3SKOp%G$>l!Ff45r4YpDLv%K6`ulDAH(7qkCz zBpYe<7?JIkZCLLPXuBeNnaOiI*)#|IAK~+M%jH*3ae^yk|4_;2DIQKsC(3>}zs(kY z(gDs6pO9UOokN`bKG|O*`MCX^yi@Y`NPe}ZvfJI^?1PeTt~!B+L3Wkola!zRgue;7 z>>MunM#*Qr!U;YkzxjT2J#dand4~r9j9?ezdA|sdCJehF5K)?$+MH4 z;0$%3UX$~TrJ!~4<`Vhkb-B$OI#pdJrE5#@cL;yAo-^J-_d_Eraye)R7Nxo6`x!;oa>+xBD$oBc{3e~hm`|=P!GA&cR{icJpHK6@Z`a#Zm6C5%KAEpBl>AcRk-yvIXO+ocP{O)7&l$|#U&+oO~Wb;M-cZ%ejf_~U-a%?)J`#-0kngvp>Xj|* z8|WWcy?F8Tg;`I}2}ic|oOFD9wWlXr)Z5p)WNH6EZ(q;A@}7muR<7vnH^icqJxi9Y zTrhuG&!T~qef>T2SFgzyu3WxqS?@saqUop^%_~;yS%@5pr^lg;q-%M&O9tz zymZ+zD=k@WmU{-y=*w~oOD)DT=J%g5ebxNFf$1}|1-yZ5iOl&@H{te1MZwmhqMtrx6bm7DR! zdRtoy&0n6aS=r}mn=Lrxpk=))GHc(}eZ4(zUb@QHv<|PQq{kv!oma`4e(}=2{sA&o zZ>rv&{((MgFLzvBBkMV8&M8NneEgB#dp#l6qP^ZhPtUQZbo3m3oLcX=quQ)q)sv5; z9gjWfO>aEnq@Fh&b4>fu)t>4RZ#?Pfo@~YH<$1gdSFTcf+32zUQUqZRX3aYGq~qUs zWX}Q9514*%wn}Z~8fNe@HJz)6<MC=(w>C_YqFl>t0(sqBi7>0$7^-| z0&59pZt0@>V6d^52et@l&pEw)OBb(oMtZGf=KCZ0*a_f+(D{JQBeMVp2i9Y`pTF>| zo`q+e)w6j1(q+ZbgS>I)Rs*>JS^)$%M(qzz(fRuI^ekL6KcD*R(@qdePyZ?#q63TLHp`~>uU$Sce}U0~ zK1a`hTd{JWclweQtEVqmy>!{4{gy7u>ZLp%+4MzgSD2=w1AXp@^^pFhD_0CE^w_b! z-evQ11#zpE4P?{v=_Q+P?DQoojTz`&WB=DX`t-h)_0ciC_Y9q@&RAqdC^=Pk(sCN` zXD&3DxtYIw=|YQP7OAZta>)x6@F5;xbw9g4Ih*Z~lrU)-Eb8U9os2{QLzA z`g+fyv~1~$UUq53I8T z_P38C{(tnLKe8i@@%#G{>z&GVUeht?L4RrDMt%18u3PW$jB{5i#xLbZjLB_Lf3A}^ zu6GFhxRUb)pVQylzufO%8cL ziGS=IBK^T$Y_4A55O*F9GVMSA{lH*^!#$91(B^-yafJUv>`r!oz5^zw*Z$V&s~Y}L tsGpbR$zyWn0lj#T_fF<%oM->&kM!$&eogrw_bX@hgPfQQm;Z(S|6lkJ>xcjV literal 0 HcmV?d00001 diff --git a/authentication/authentication-service/src/main/java/io/mosip/authentication/service/IdAuthenticationApplication.java b/authentication/authentication-service/src/main/java/io/mosip/authentication/service/IdAuthenticationApplication.java index 1f54f60bdec..ff5e3055cbc 100644 --- a/authentication/authentication-service/src/main/java/io/mosip/authentication/service/IdAuthenticationApplication.java +++ b/authentication/authentication-service/src/main/java/io/mosip/authentication/service/IdAuthenticationApplication.java @@ -33,6 +33,7 @@ import io.mosip.authentication.common.service.impl.IdInfoFetcherImpl; import io.mosip.authentication.common.service.impl.IdServiceImpl; import io.mosip.authentication.common.service.impl.OTPAuthServiceImpl; +import io.mosip.authentication.common.service.impl.PasswordAuthServiceImpl; import io.mosip.authentication.common.service.impl.KeyBindedTokenAuthServiceImpl; import io.mosip.authentication.common.service.impl.hotlist.HotlistServiceImpl; import io.mosip.authentication.common.service.impl.masterdata.MasterDataCacheUpdateServiceImpl; @@ -45,6 +46,7 @@ import io.mosip.authentication.common.service.integration.NotificationManager; import io.mosip.authentication.common.service.integration.OTPManager; import io.mosip.authentication.common.service.integration.PartnerServiceManager; +import io.mosip.authentication.common.service.integration.PasswordComparator; import io.mosip.authentication.common.service.integration.TokenIdManager; import io.mosip.authentication.common.service.transaction.manager.IdAuthSecurityManager; import io.mosip.authentication.common.service.util.BioMatcherUtil; @@ -102,7 +104,7 @@ */ @SpringBootApplication(exclude = { HibernateDaoConfig.class, SecurityAutoConfiguration.class }) @Import(value = { IdValidationUtil.class, IDAMappingConfig.class, KeyBindedTokenAuthServiceImpl.class, - AuthContextClazzRefProvider.class, CbeffImpl.class, + AuthContextClazzRefProvider.class, CbeffImpl.class, RestRequestFactory.class, AuditRequestFactory.class, AuditRequestFactory.class, NotificationManager.class, NotificationServiceImpl.class, IdTemplateManager.class, TemplateManagerBuilderImpl.class, IdAuthExceptionHandler.class, IdInfoFetcherImpl.class, OTPManager.class, MasterDataManager.class, IdInfoHelper.class, OTPAuthServiceImpl.class, @@ -122,7 +124,8 @@ IdAuthFraudAnalysisEventManager.class, IdAuthFraudAnalysisEventPublisher.class, AuthFiltersValidator.class, AuthAnonymousProfileServiceImpl.class, AuthAnonymousEventPublisher.class, SessionKeyDecrytorHelper.class, ExternalRestHelperConfig.class, IdaRequestResponsConsumerUtil.class, PartnerCACertEventServiceImpl.class, PartnerCACertEventInitializer.class, EnvUtil.class, KeyBindedTokenMatcherUtil.class, - HSMHealthCheck.class, TokenValidationHelper.class, VCSchemaProviderUtil.class, PrivateKeyDecryptorHelper.class }) + HSMHealthCheck.class, TokenValidationHelper.class, VCSchemaProviderUtil.class, PrivateKeyDecryptorHelper.class, + PasswordAuthServiceImpl.class, PasswordComparator.class }) @ComponentScan(basePackages = { "io.mosip.authentication.service.*", "io.mosip.kernel.core.logger.config", "io.mosip.authentication.common.service.config", "${mosip.auth.adapter.impl.basepackage}" }, excludeFilters = @ComponentScan.Filter(type = FilterType.REGEX, pattern = { "io.mosip.idrepository.core.config.IdRepoDataSourceConfig.*" })) diff --git a/authentication/authentication-service/src/main/java/io/mosip/authentication/service/kyc/filter/KycAuthFilter.java b/authentication/authentication-service/src/main/java/io/mosip/authentication/service/kyc/filter/KycAuthFilter.java index de11d4f2ebc..426f3824b39 100644 --- a/authentication/authentication-service/src/main/java/io/mosip/authentication/service/kyc/filter/KycAuthFilter.java +++ b/authentication/authentication-service/src/main/java/io/mosip/authentication/service/kyc/filter/KycAuthFilter.java @@ -59,6 +59,8 @@ protected void checkAllowedAuthTypeBasedOnPolicy(Map requestBody if (AuthTypeUtil.isKeyBindedToken(kycAuthRequestDTO)) { super.checkAllowedAuthTypeForKeyBindedToken(requestBody, authPolicies); } + + super.checkAllowedAuthTypeForPassword(requestBody, authPolicies); } catch (IOException e) { throw new IdAuthenticationAppException(IdAuthenticationErrorConstants.UNABLE_TO_PROCESS, e); } diff --git a/authentication/pom.xml b/authentication/pom.xml index 7685d577e81..4cd905992a7 100644 --- a/authentication/pom.xml +++ b/authentication/pom.xml @@ -95,7 +95,7 @@ 1.2.1-SNAPSHOT ${kernel.parent.version} - 1.2.0.1-B3-SNAPSHOT + 1.2.1-SNAPSHOT ${kernel.parent.version} ${kernel.parent.version} ${kernel.parent.version}