From 4d3299ae084dd9267a12bfede268ff7dda809f81 Mon Sep 17 00:00:00 2001 From: Bill Burke Date: Tue, 21 Oct 2014 21:39:10 -0400 Subject: [PATCH] saml distro and examples --- distribution/appliance-dist/assembly.xml | 8 + distribution/appliance-dist/pom.xml | 7 + .../src/main/xslt/standalone.xsl | 5 + distribution/as7-adapter-zip/assembly.xml | 1 + distribution/eap6-adapter-zip/assembly.xml | 2 + distribution/examples-docs-zip/build.xml | 8 + distribution/modules/build.xml | 29 ++ distribution/modules/pom.xml | 36 +++ .../org/picketlink/common/main/module.xml | 30 ++ .../org/picketlink/config/main/module.xml | 28 ++ .../org/picketlink/core/api/main/module.xml | 32 ++ .../org/picketlink/core/main/module.xml | 34 +++ .../federation/bindings/main/module.xml | 53 ++++ .../org/picketlink/federation/main/module.xml | 56 ++++ .../org/picketlink/idm/api/main/module.xml | 30 ++ .../org/picketlink/idm/main/module.xml | 34 +++ .../org/picketlink/idm/schema/main/module.xml | 32 ++ .../modules/org/picketlink/main/module.xml | 27 ++ distribution/wildfly-adapter-zip/assembly.xml | 1 + examples/saml/pom.xml | 34 +++ examples/saml/post-basic/README.md | 273 ++++++++++++++++++ .../META-INF/jboss-deployment-structure.xml | 10 + .../conf/jboss-eap/WEB-INF/jboss-web.xml | 16 + .../META-INF/jboss-deployment-structure.xml | 10 + .../io.undertow.servlet.ServletExtension | 1 + .../conf/wildfly/WEB-INF/jboss-web.xml | 10 + .../configure-security-domain-eap.cli | 16 + .../configure-security-domain-wildfly.cli | 16 + examples/saml/post-basic/pom.xml | 99 +++++++ .../post-basic/remove-security-domain.cli | 13 + .../src/main/webapp/WEB-INF/picketlink.xml | 20 ++ .../src/main/webapp/WEB-INF/web.xml | 52 ++++ .../post-basic/src/main/webapp/css/idp.css | 78 +++++ .../saml/post-basic/src/main/webapp/error.jsp | 43 +++ .../post-basic/src/main/webapp/favicon.ico | Bin 0 -> 1342 bytes .../post-basic/src/main/webapp/images/bkg.gif | Bin 0 -> 51660 bytes .../images/picketlink-banner-1180px.png | Bin 0 -> 104130 bytes .../src/main/webapp/images/rh_bg.png | Bin 0 -> 577 bytes .../saml/post-basic/src/main/webapp/index.jsp | 14 + .../post-basic/src/main/webapp/logout.jsp | 44 +++ .../post-basic/src/main/webapp/piechart.gif | Bin 0 -> 20994 bytes examples/saml/post-with-encryption/README.md | 269 +++++++++++++++++ .../META-INF/jboss-deployment-structure.xml | 10 + .../conf/jboss-eap/WEB-INF/jboss-web.xml | 16 + .../META-INF/jboss-deployment-structure.xml | 10 + .../io.undertow.servlet.ServletExtension | 1 + .../conf/wildfly/WEB-INF/jboss-web.xml | 10 + .../configure-security-domain-eap.cli | 16 + .../configure-security-domain-wildfly.cli | 16 + examples/saml/post-with-encryption/pom.xml | 116 ++++++++ .../remove-security-domain.cli | 13 + .../src/main/resources/keystore.jks | Bin 0 -> 1723 bytes .../src/main/webapp/WEB-INF/picketlink.xml | 31 ++ examples/saml/post-with-signature/README.md | 270 +++++++++++++++++ .../META-INF/jboss-deployment-structure.xml | 10 + .../conf/jboss-eap/WEB-INF/jboss-web.xml | 16 + .../META-INF/jboss-deployment-structure.xml | 10 + .../io.undertow.servlet.ServletExtension | 1 + .../conf/wildfly/WEB-INF/jboss-web.xml | 10 + .../configure-security-domain-eap.cli | 16 + .../configure-security-domain-wildfly.cli | 16 + examples/saml/post-with-signature/pom.xml | 116 ++++++++ .../remove-security-domain.cli | 13 + .../src/main/resources/keystore.jks | Bin 0 -> 1721 bytes .../src/main/webapp/WEB-INF/picketlink.xml | 31 ++ examples/saml/redirect-basic/README.md | 270 +++++++++++++++++ .../META-INF/jboss-deployment-structure.xml | 10 + .../conf/jboss-eap/WEB-INF/jboss-web.xml | 16 + .../META-INF/jboss-deployment-structure.xml | 10 + .../io.undertow.servlet.ServletExtension | 1 + .../conf/wildfly/WEB-INF/jboss-web.xml | 10 + .../configure-security-domain-eap.cli | 16 + .../configure-security-domain-wildfly.cli | 16 + examples/saml/redirect-basic/pom.xml | 102 +++++++ .../redirect-basic/remove-security-domain.cli | 13 + .../META-INF/jboss-deployment-structure.xml | 10 + .../src/main/webapp/WEB-INF/picketlink.xml | 20 ++ .../src/main/webapp/WEB-INF/web.xml | 52 ++++ .../src/main/webapp/careermap.jpg | Bin 0 -> 57220 bytes .../src/main/webapp/css/idp.css | 78 +++++ .../redirect-basic/src/main/webapp/error.jsp | 43 +++ .../src/main/webapp/favicon.ico | Bin 0 -> 1342 bytes .../src/main/webapp/images/bkg.gif | Bin 0 -> 51660 bytes .../images/picketlink-banner-1180px.png | Bin 0 -> 104130 bytes .../src/main/webapp/images/rh_bg.png | Bin 0 -> 577 bytes .../redirect-basic/src/main/webapp/index.jsp | 10 + .../redirect-basic/src/main/webapp/logout.jsp | 44 +++ .../saml/redirect-with-signature/README.md | 270 +++++++++++++++++ .../META-INF/jboss-deployment-structure.xml | 10 + .../conf/jboss-eap/WEB-INF/jboss-web.xml | 16 + .../META-INF/jboss-deployment-structure.xml | 10 + .../io.undertow.servlet.ServletExtension | 1 + .../conf/wildfly/WEB-INF/jboss-web.xml | 10 + .../configure-security-domain-eap.cli | 16 + .../configure-security-domain-wildfly.cli | 16 + examples/saml/redirect-with-signature/pom.xml | 116 ++++++++ .../remove-security-domain.cli | 13 + .../src/main/resources/keystore.jks | Bin 0 -> 1717 bytes .../src/main/webapp/WEB-INF/picketlink.xml | 36 +++ examples/saml/testsaml.json | 118 ++++++++ .../partials/application-detail.html | 2 +- pom.xml | 13 +- .../saml/SALM2LoginResponseBuilder.java | 19 +- .../protocol/saml/SAML2BindingBuilder.java | 60 ++-- .../saml/SAML2ErrorResponseBuilder.java | 30 +- .../saml/SAML2LogoutRequestBuilder.java | 27 +- .../{SalmProtocol.java => SamlProtocol.java} | 27 +- .../protocol/saml/SamlProtocolFactory.java | 2 +- .../keycloak/protocol/saml/SamlService.java | 17 +- 109 files changed, 3701 insertions(+), 68 deletions(-) create mode 100755 distribution/modules/src/main/resources/modules/org/picketlink/common/main/module.xml create mode 100755 distribution/modules/src/main/resources/modules/org/picketlink/config/main/module.xml create mode 100755 distribution/modules/src/main/resources/modules/org/picketlink/core/api/main/module.xml create mode 100755 distribution/modules/src/main/resources/modules/org/picketlink/core/main/module.xml create mode 100755 distribution/modules/src/main/resources/modules/org/picketlink/federation/bindings/main/module.xml create mode 100755 distribution/modules/src/main/resources/modules/org/picketlink/federation/main/module.xml create mode 100755 distribution/modules/src/main/resources/modules/org/picketlink/idm/api/main/module.xml create mode 100755 distribution/modules/src/main/resources/modules/org/picketlink/idm/main/module.xml create mode 100755 distribution/modules/src/main/resources/modules/org/picketlink/idm/schema/main/module.xml create mode 100644 distribution/modules/src/main/resources/modules/org/picketlink/main/module.xml create mode 100755 examples/saml/pom.xml create mode 100755 examples/saml/post-basic/README.md create mode 100644 examples/saml/post-basic/conf/jboss-eap/META-INF/jboss-deployment-structure.xml create mode 100644 examples/saml/post-basic/conf/jboss-eap/WEB-INF/jboss-web.xml create mode 100644 examples/saml/post-basic/conf/wildfly/META-INF/jboss-deployment-structure.xml create mode 100644 examples/saml/post-basic/conf/wildfly/WEB-INF/classes/META-INF/services/io.undertow.servlet.ServletExtension create mode 100644 examples/saml/post-basic/conf/wildfly/WEB-INF/jboss-web.xml create mode 100644 examples/saml/post-basic/configure-security-domain-eap.cli create mode 100644 examples/saml/post-basic/configure-security-domain-wildfly.cli create mode 100644 examples/saml/post-basic/pom.xml create mode 100644 examples/saml/post-basic/remove-security-domain.cli create mode 100755 examples/saml/post-basic/src/main/webapp/WEB-INF/picketlink.xml create mode 100644 examples/saml/post-basic/src/main/webapp/WEB-INF/web.xml create mode 100644 examples/saml/post-basic/src/main/webapp/css/idp.css create mode 100644 examples/saml/post-basic/src/main/webapp/error.jsp create mode 100644 examples/saml/post-basic/src/main/webapp/favicon.ico create mode 100644 examples/saml/post-basic/src/main/webapp/images/bkg.gif create mode 100644 examples/saml/post-basic/src/main/webapp/images/picketlink-banner-1180px.png create mode 100644 examples/saml/post-basic/src/main/webapp/images/rh_bg.png create mode 100644 examples/saml/post-basic/src/main/webapp/index.jsp create mode 100644 examples/saml/post-basic/src/main/webapp/logout.jsp create mode 100644 examples/saml/post-basic/src/main/webapp/piechart.gif create mode 100755 examples/saml/post-with-encryption/README.md create mode 100644 examples/saml/post-with-encryption/conf/jboss-eap/META-INF/jboss-deployment-structure.xml create mode 100644 examples/saml/post-with-encryption/conf/jboss-eap/WEB-INF/jboss-web.xml create mode 100644 examples/saml/post-with-encryption/conf/wildfly/META-INF/jboss-deployment-structure.xml create mode 100644 examples/saml/post-with-encryption/conf/wildfly/WEB-INF/classes/META-INF/services/io.undertow.servlet.ServletExtension create mode 100644 examples/saml/post-with-encryption/conf/wildfly/WEB-INF/jboss-web.xml create mode 100644 examples/saml/post-with-encryption/configure-security-domain-eap.cli create mode 100644 examples/saml/post-with-encryption/configure-security-domain-wildfly.cli create mode 100755 examples/saml/post-with-encryption/pom.xml create mode 100644 examples/saml/post-with-encryption/remove-security-domain.cli create mode 100755 examples/saml/post-with-encryption/src/main/resources/keystore.jks create mode 100755 examples/saml/post-with-encryption/src/main/webapp/WEB-INF/picketlink.xml create mode 100755 examples/saml/post-with-signature/README.md create mode 100644 examples/saml/post-with-signature/conf/jboss-eap/META-INF/jboss-deployment-structure.xml create mode 100644 examples/saml/post-with-signature/conf/jboss-eap/WEB-INF/jboss-web.xml create mode 100644 examples/saml/post-with-signature/conf/wildfly/META-INF/jboss-deployment-structure.xml create mode 100644 examples/saml/post-with-signature/conf/wildfly/WEB-INF/classes/META-INF/services/io.undertow.servlet.ServletExtension create mode 100644 examples/saml/post-with-signature/conf/wildfly/WEB-INF/jboss-web.xml create mode 100644 examples/saml/post-with-signature/configure-security-domain-eap.cli create mode 100644 examples/saml/post-with-signature/configure-security-domain-wildfly.cli create mode 100755 examples/saml/post-with-signature/pom.xml create mode 100644 examples/saml/post-with-signature/remove-security-domain.cli create mode 100755 examples/saml/post-with-signature/src/main/resources/keystore.jks create mode 100755 examples/saml/post-with-signature/src/main/webapp/WEB-INF/picketlink.xml create mode 100755 examples/saml/redirect-basic/README.md create mode 100644 examples/saml/redirect-basic/conf/jboss-eap/META-INF/jboss-deployment-structure.xml create mode 100644 examples/saml/redirect-basic/conf/jboss-eap/WEB-INF/jboss-web.xml create mode 100644 examples/saml/redirect-basic/conf/wildfly/META-INF/jboss-deployment-structure.xml create mode 100644 examples/saml/redirect-basic/conf/wildfly/WEB-INF/classes/META-INF/services/io.undertow.servlet.ServletExtension create mode 100644 examples/saml/redirect-basic/conf/wildfly/WEB-INF/jboss-web.xml create mode 100644 examples/saml/redirect-basic/configure-security-domain-eap.cli create mode 100644 examples/saml/redirect-basic/configure-security-domain-wildfly.cli create mode 100644 examples/saml/redirect-basic/pom.xml create mode 100644 examples/saml/redirect-basic/remove-security-domain.cli create mode 100644 examples/saml/redirect-basic/src/main/webapp/META-INF/jboss-deployment-structure.xml create mode 100755 examples/saml/redirect-basic/src/main/webapp/WEB-INF/picketlink.xml create mode 100644 examples/saml/redirect-basic/src/main/webapp/WEB-INF/web.xml create mode 100644 examples/saml/redirect-basic/src/main/webapp/careermap.jpg create mode 100644 examples/saml/redirect-basic/src/main/webapp/css/idp.css create mode 100644 examples/saml/redirect-basic/src/main/webapp/error.jsp create mode 100644 examples/saml/redirect-basic/src/main/webapp/favicon.ico create mode 100644 examples/saml/redirect-basic/src/main/webapp/images/bkg.gif create mode 100644 examples/saml/redirect-basic/src/main/webapp/images/picketlink-banner-1180px.png create mode 100644 examples/saml/redirect-basic/src/main/webapp/images/rh_bg.png create mode 100644 examples/saml/redirect-basic/src/main/webapp/index.jsp create mode 100644 examples/saml/redirect-basic/src/main/webapp/logout.jsp create mode 100755 examples/saml/redirect-with-signature/README.md create mode 100644 examples/saml/redirect-with-signature/conf/jboss-eap/META-INF/jboss-deployment-structure.xml create mode 100644 examples/saml/redirect-with-signature/conf/jboss-eap/WEB-INF/jboss-web.xml create mode 100644 examples/saml/redirect-with-signature/conf/wildfly/META-INF/jboss-deployment-structure.xml create mode 100644 examples/saml/redirect-with-signature/conf/wildfly/WEB-INF/classes/META-INF/services/io.undertow.servlet.ServletExtension create mode 100644 examples/saml/redirect-with-signature/conf/wildfly/WEB-INF/jboss-web.xml create mode 100644 examples/saml/redirect-with-signature/configure-security-domain-eap.cli create mode 100644 examples/saml/redirect-with-signature/configure-security-domain-wildfly.cli create mode 100755 examples/saml/redirect-with-signature/pom.xml create mode 100644 examples/saml/redirect-with-signature/remove-security-domain.cli create mode 100755 examples/saml/redirect-with-signature/src/main/resources/keystore.jks create mode 100755 examples/saml/redirect-with-signature/src/main/webapp/WEB-INF/picketlink.xml create mode 100755 examples/saml/testsaml.json rename saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/{SalmProtocol.java => SamlProtocol.java} (89%) diff --git a/distribution/appliance-dist/assembly.xml b/distribution/appliance-dist/assembly.xml index 228f0b95a8..73f33c7daf 100755 --- a/distribution/appliance-dist/assembly.xml +++ b/distribution/appliance-dist/assembly.xml @@ -21,6 +21,7 @@ **/*.sh welcome-content/* + **/modules/system/layers/base/org/picketlink/** @@ -31,6 +32,13 @@ 0755 + + ${project.build.directory}/unpacked/modules + keycloak/modules/system/layers/base + + org/picketlink/** + + ${project.build.directory}/unpacked/deployments keycloak/standalone/deployments diff --git a/distribution/appliance-dist/pom.xml b/distribution/appliance-dist/pom.xml index 9382e850ba..c75c5fc330 100755 --- a/distribution/appliance-dist/pom.xml +++ b/distribution/appliance-dist/pom.xml @@ -90,6 +90,13 @@ ${project.build.directory}/unpacked/js-adapter *.js + + org.keycloak + keycloak-jboss-modules + ${project.version} + zip + ${project.build.directory}/unpacked/modules + **/welcome-content/* diff --git a/distribution/appliance-dist/src/main/xslt/standalone.xsl b/distribution/appliance-dist/src/main/xslt/standalone.xsl index 64fda3328a..7b8ba53ed6 100755 --- a/distribution/appliance-dist/src/main/xslt/standalone.xsl +++ b/distribution/appliance-dist/src/main/xslt/standalone.xsl @@ -46,6 +46,11 @@ + + + + + diff --git a/distribution/as7-adapter-zip/assembly.xml b/distribution/as7-adapter-zip/assembly.xml index 6a507fdf99..120549aa0f 100755 --- a/distribution/as7-adapter-zip/assembly.xml +++ b/distribution/as7-adapter-zip/assembly.xml @@ -10,6 +10,7 @@ ${project.build.directory}/unpacked + org/picketlink/** org/keycloak/keycloak-undertow-adapter/** org/keycloak/keycloak-wildfly-subsystem/** org/keycloak/keycloak-wildfly-adapter/** diff --git a/distribution/eap6-adapter-zip/assembly.xml b/distribution/eap6-adapter-zip/assembly.xml index d3d334ac02..d3ac9a46d3 100755 --- a/distribution/eap6-adapter-zip/assembly.xml +++ b/distribution/eap6-adapter-zip/assembly.xml @@ -10,8 +10,10 @@ ${project.build.directory}/unpacked + org/picketlink/** org/keycloak/keycloak-undertow-adapter/** org/keycloak/keycloak-wildfly-subsystem/** + org/keycloak/keycloak-wildfly-adapter/** modules/system/layers/base diff --git a/distribution/examples-docs-zip/build.xml b/distribution/examples-docs-zip/build.xml index 65dd8e2067..3e4f1dcf52 100755 --- a/distribution/examples-docs-zip/build.xml +++ b/distribution/examples-docs-zip/build.xml @@ -26,6 +26,14 @@ + + + + + + + + diff --git a/distribution/modules/build.xml b/distribution/modules/build.xml index 8503475736..7495cdc077 100755 --- a/distribution/modules/build.xml +++ b/distribution/modules/build.xml @@ -81,6 +81,35 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/distribution/modules/pom.xml b/distribution/modules/pom.xml index 800a182d67..6d8a003b67 100755 --- a/distribution/modules/pom.xml +++ b/distribution/modules/pom.xml @@ -83,6 +83,42 @@ org.bouncycastle bcprov-jdk16 + + org.picketlink + picketlink-common + + + org.picketlink + picketlink-idm-api + + + org.picketlink + picketlink-idm-impl + + + org.picketlink + picketlink-federation + + + org.picketlink + picketlink-wildlfy-common + + + org.picketlink + picketlink-idm-simple-schema + + + org.picketlink + picketlink-config + + + org.picketlink + picketlink-api + + + org.picketlink + picketlink-impl + diff --git a/distribution/modules/src/main/resources/modules/org/picketlink/common/main/module.xml b/distribution/modules/src/main/resources/modules/org/picketlink/common/main/module.xml new file mode 100755 index 0000000000..6602ccfbc9 --- /dev/null +++ b/distribution/modules/src/main/resources/modules/org/picketlink/common/main/module.xml @@ -0,0 +1,30 @@ + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/distribution/modules/src/main/resources/modules/org/picketlink/config/main/module.xml b/distribution/modules/src/main/resources/modules/org/picketlink/config/main/module.xml new file mode 100755 index 0000000000..9afbd36cf7 --- /dev/null +++ b/distribution/modules/src/main/resources/modules/org/picketlink/config/main/module.xml @@ -0,0 +1,28 @@ + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/distribution/modules/src/main/resources/modules/org/picketlink/core/api/main/module.xml b/distribution/modules/src/main/resources/modules/org/picketlink/core/api/main/module.xml new file mode 100755 index 0000000000..eb6241774c --- /dev/null +++ b/distribution/modules/src/main/resources/modules/org/picketlink/core/api/main/module.xml @@ -0,0 +1,32 @@ + + + + + + + + + + + + + + + + + + + diff --git a/distribution/modules/src/main/resources/modules/org/picketlink/core/main/module.xml b/distribution/modules/src/main/resources/modules/org/picketlink/core/main/module.xml new file mode 100755 index 0000000000..c9aad28ea1 --- /dev/null +++ b/distribution/modules/src/main/resources/modules/org/picketlink/core/main/module.xml @@ -0,0 +1,34 @@ + + + + + + + + + + + + + + + + + + + + + diff --git a/distribution/modules/src/main/resources/modules/org/picketlink/federation/bindings/main/module.xml b/distribution/modules/src/main/resources/modules/org/picketlink/federation/bindings/main/module.xml new file mode 100755 index 0000000000..ed09b9e6fe --- /dev/null +++ b/distribution/modules/src/main/resources/modules/org/picketlink/federation/bindings/main/module.xml @@ -0,0 +1,53 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/distribution/modules/src/main/resources/modules/org/picketlink/federation/main/module.xml b/distribution/modules/src/main/resources/modules/org/picketlink/federation/main/module.xml new file mode 100755 index 0000000000..dac4638269 --- /dev/null +++ b/distribution/modules/src/main/resources/modules/org/picketlink/federation/main/module.xml @@ -0,0 +1,56 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/distribution/modules/src/main/resources/modules/org/picketlink/idm/api/main/module.xml b/distribution/modules/src/main/resources/modules/org/picketlink/idm/api/main/module.xml new file mode 100755 index 0000000000..9c840ba9b1 --- /dev/null +++ b/distribution/modules/src/main/resources/modules/org/picketlink/idm/api/main/module.xml @@ -0,0 +1,30 @@ + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/distribution/modules/src/main/resources/modules/org/picketlink/idm/main/module.xml b/distribution/modules/src/main/resources/modules/org/picketlink/idm/main/module.xml new file mode 100755 index 0000000000..97a8a80ab7 --- /dev/null +++ b/distribution/modules/src/main/resources/modules/org/picketlink/idm/main/module.xml @@ -0,0 +1,34 @@ + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/distribution/modules/src/main/resources/modules/org/picketlink/idm/schema/main/module.xml b/distribution/modules/src/main/resources/modules/org/picketlink/idm/schema/main/module.xml new file mode 100755 index 0000000000..a9bfe96816 --- /dev/null +++ b/distribution/modules/src/main/resources/modules/org/picketlink/idm/schema/main/module.xml @@ -0,0 +1,32 @@ + + + + + + + + + + + + + + + + + + + diff --git a/distribution/modules/src/main/resources/modules/org/picketlink/main/module.xml b/distribution/modules/src/main/resources/modules/org/picketlink/main/module.xml new file mode 100644 index 0000000000..2418940a90 --- /dev/null +++ b/distribution/modules/src/main/resources/modules/org/picketlink/main/module.xml @@ -0,0 +1,27 @@ + + + + + + + + + + + + + + \ No newline at end of file diff --git a/distribution/wildfly-adapter-zip/assembly.xml b/distribution/wildfly-adapter-zip/assembly.xml index 76d1f183e4..82a8fb98f3 100755 --- a/distribution/wildfly-adapter-zip/assembly.xml +++ b/distribution/wildfly-adapter-zip/assembly.xml @@ -13,6 +13,7 @@ org/keycloak/keycloak-as7-adapter/** org/keycloak/keycloak-as7-subsystem/** org/bouncycastle/** + org/picketlink/** modules/system/layers/base diff --git a/examples/saml/pom.xml b/examples/saml/pom.xml new file mode 100755 index 0000000000..e8be627a68 --- /dev/null +++ b/examples/saml/pom.xml @@ -0,0 +1,34 @@ + + + examples-pom + org.keycloak + 1.1.0-Alpha1-SNAPSHOT + ../pom.xml + + Provider Examples + + 4.0.0 + + examples-saml-pom + pom + + + + + org.apache.maven.plugins + maven-deploy-plugin + + true + + + + + + post-basic + post-with-signature + post-with-encryption + redirect-basic + redirect-with-signature + + diff --git a/examples/saml/post-basic/README.md b/examples/saml/post-basic/README.md new file mode 100755 index 0000000000..70934a7105 --- /dev/null +++ b/examples/saml/post-basic/README.md @@ -0,0 +1,273 @@ +picketlink-federation-saml-sp-post-basic: PicketLink Service Provider With a Basic Configuration using SAML HTTP POST Binding +=============================== +Author: Pedro Igor +Level: Intermediate +Technologies: PicketLink Federation, SAML v2.0 +Summary: Basic example that demonstrates how to setup an application as a SAML v2.0 Service Provider using SAML HTTP POST Binding. +Source: + + +What is it? +----------- + +This example demonstrates Keycloak SAML 2.0 support in conjunction with a servlet secured by Picketlink's SAML SP client. + + +Make sure you've set up the Keycloak Server +-------------------------------------- +The Keycloak Appliance Distribution comes with a preconfigured Keycloak server (based on Wildfly). You can use it out of +the box to run these demos. So, if you're using this, you can head to Step 2. + +Alternatively, you can install the Keycloak Server onto any JBoss AS 7.1.1, EAP 6.x, or Wildfly 8.x server, but there is +a few steps you must follow. + +Obtain latest keycloak-war-dist-all.zip. This distro is used to install Keycloak onto an existing JBoss installation. +This installs the server. + + $ cd ${wildfly.jboss.home}/standalone + $ cp -r ${keycloak-war-dist-all}/deployments . + +To be able to run the demos you also need to install the Keycloak client adapter. For Wildfly: + + $ cd ${wildfly.home} + $ unzip ${keycloak-war-dist-all}/adapters/keycloak-wildfly-adapter-dist.zip + +For JBoss EAP 6.x + + $ cd ${eap.home} + $ unzip ${keycloak-war-dist-all}/adapters/keycloak-eap6-adapter-dist.zip + +For JBoss AS 7.1.1: + + $ cd ${as7.home} + $ unzip ${keycloak-war-dist-all}/adapters/keycloak-as7-adapter-dist.zip + +Unzipping the adapter ZIP only installs the JAR files. You must also add the Keycloak Subsystem to the server's +configuration (standalone/configuration/standalone.xml). + +For Wildfly: + + + + + + ... + + + + + ... + + +For JBoss 7.1.1 and EAP 6.x: + + + + + + ... + + + + + ... + + + +Boot Keycloak Server +--------------------------------------- +Where you go to start up the Keycloak Server depends on which distro you installed. + +From appliance: + +``` +$ cd keycloak/bin +$ ./standalone.sh +``` + + +From existing Wildfly/EAP6/AS7 distro + +``` +$ cd ${wildfly.jboss.home}/bin +$ ./standalone.sh +``` + + +Import the Test Realm +--------------------------------------- +Next thing you have to do is import the test realm for the demo. Clicking on the below link will bring you to the +create realm page in the Admin UI. The username/password is admin/admin to login in. Keycloak will ask you to +create a new admin password before you can go to the create realm page. + +[http://localhost:8080/auth/admin/master/console/#/create/realm](http://localhost:8080/auth/admin/master/console/#/create/realm) + +Import the testsaml.json file that is in the saml/ example directory. + + + +Install Picketlink Modules into App server +------------------------------------------ + +If you are running this example with the Keycloak application distribution, you can skip this step. + +You may have to upgrade your picketlink modules in your JBoss EAP or Wildfly distribution. See Picketlink docs for more details. + +Create the Security Domain for JBoss EAP +--------------- +If you are running this example with the Keycloak application distribution, you can skip this step. + + +These steps assume you are running the server in standalone mode and using the default standalone.xml supplied with the distribution. + +You configure the security domain by running JBoss CLI commands. For your convenience, this quickstart batches the commands into a `configure-security-domain-eap.cli` script provided in the root directory of this quickstart. + +1. Before you begin, back up your server configuration file + * If it is running, stop the JBoss server. + * Backup the file: `JBOSS_HOME/standalone/configuration/standalone.xml` + * After you have completed testing this quickstart, you can replace this file to restore the server to its original configuration. + +2. Start the JBoss server by typing the following: + + For Linux: JBOSS_HOME/bin/standalone.sh + For Windows: JBOSS_HOME\bin\standalone.bat +3. Review the `configure-security-domain-eap.cli` file in the root of this quickstart directory. This script adds the `sp` domain to the `security` subsystem in the server configuration and configures authentication access. Comments in the script describe the purpose of each block of commands. + +4. Open a new command prompt, navigate to the root directory of this quickstart, and run the following command, replacing JBOSS_HOME with the path to your server: + + JBOSS_HOME/bin/jboss-cli.sh --connect --file=configure-security-domain-eap.cli + +You should see the following result when you run the script: + + The batch executed successfully + { + "outcome" => "success", + } + + +Create the Security Domain for WildFly +--------------- +If you are running this example with the Keycloak application distribution, you can skip this step. + +These steps assume you are running the server in standalone mode and using the default standalone.xml supplied with the distribution. + +You configure the security domain by running JBoss CLI commands. For your convenience, this quickstart batches the commands into a `configure-security-domain-wildfly.cli` script provided in the root directory of this quickstart. + +1. Before you begin, back up your server configuration file + * If it is running, stop the JBoss server. + * Backup the file: `JBOSS_HOME/standalone/configuration/standalone.xml` + * After you have completed testing this quickstart, you can replace this file to restore the server to its original configuration. + +2. Start the JBoss server by typing the following: + + For Linux: JBOSS_HOME/bin/standalone.sh + For Windows: JBOSS_HOME\bin\standalone.bat +3. Review the `configure-security-domain-wildfly.cli` file in the root of this quickstart directory. This script adds the `sp` domain to the `security` subsystem in the server configuration and configures authentication access. Comments in the script describe the purpose of each block of commands. + +4. Open a new command prompt, navigate to the root directory of this quickstart, and run the following command, replacing JBOSS_HOME with the path to your server: + + JBOSS_HOME/bin/jboss-cli.sh --connect --file=configure-security-domain-wildfly.cli + +You should see the following result when you run the script: + + The batch executed successfully + { + "outcome" => "success", + } + + + +Review the Modified Server Configuration for EAP +----------------------------------- +If you are running this example with the Keycloak application distribution, you can skip this step. + +If you want to review and understand newly added XML configuration, stop the JBoss server and open the `JBOSS_HOME/standalone/configuration/standalone.xml` file. + +The following `sp` security-domain was added to the `security` subsystem. + + + + + + + +The configuration above defines a security-domain which will be used by the SP to authenticate users based on a SAML Assertion previously issued by a Identity Provider. + +Review the Modified Server Configuration for WildFly +----------------------------------- +If you are running this example with the Keycloak application distribution, you can skip this step. + +If you are using Wildfly, the security-domain should have the following configuration: + + + + + + + + +SAML SP-Initiated Single Sign-On +----------------------------------- + +The SAML v2.0 specification defines a specific SSO mode called *SP-Initiated SSO*. In this mode, the SSO flow starts at the Service Provider side. +Please, take a look at the following documentation for more details: + +1. [SAML v2.0 SP-Initiated SSO](https://docs.jboss.org/author/display/PLINK/SP-Initiated+SSO) + + +Start JBoss Enterprise Application Platform 6 or WildFly with the Web Profile +------------------------- + +1. Open a command line and navigate to the root of the JBoss server directory. +2. The following shows the command line to start the server with the web profile: + + For Linux: JBOSS_HOME/bin/standalone.sh + For Windows: JBOSS_HOME\bin\standalone.bat + + +Build and Deploy the Quickstart +------------------------- + +_NOTE: The following build command assumes you have configured your Maven user settings. If you have not, you must include Maven setting arguments on the command line. See [Build and Deploy the Quickstarts](../README.md#build-and-deploy-the-quickstarts) for complete instructions and additional options._ + +1. Make sure you have started the JBoss Server as described above. +2. Open a command line and navigate to the root directory of this quickstart. +3. Type this command to build and deploy the archive: + + For EAP 6: mvn clean package jboss-as:deploy + For WildFly: mvn -Pwildfly clean package wildfly:deploy + +4. This will deploy `target/picketlink-federation-saml-sp-post-basic.war` to the running instance of the server. + + +Access the application +--------------------- + +The application will be running at the following URL: . + +*Note: A Service Provider alone is not very useful without an Identity Provider to authenticate users and issue SAML Assertions. Once you get this application deployed, please take a look at [About the PicketLink Federation Quickstarts](../README.md#about-the-picketlink-federation-quickstarts).* + + +Undeploy the Archive +-------------------- + +1. Make sure you have started the JBoss Server as described above. +2. Open a command line and navigate to the root directory of this quickstart. +3. When you are finished testing, type this command to undeploy the archive: + + For EAP 6: mvn jboss-as:undeploy + For WildFly: mvn -Pwildfly wildfly:undeploy + + +Run the Quickstart in JBoss Developer Studio or Eclipse +------------------------------------- +You can also start the server and deploy the quickstarts from Eclipse using JBoss tools. For more information, see [Use JBoss Developer Studio or Eclipse to Run the Quickstarts](../README.md#use-jboss-developer-studio-or-eclipse-to-run-the-quickstarts) + + +Debug the Application +------------------------------------ + +If you want to debug the source code or look at the Javadocs of any library in the project, run either of the following commands to pull them into your local repository. The IDE should then detect them. + + mvn dependency:sources + mvn dependency:resolve -Dclassifier=javadoc \ No newline at end of file diff --git a/examples/saml/post-basic/conf/jboss-eap/META-INF/jboss-deployment-structure.xml b/examples/saml/post-basic/conf/jboss-eap/META-INF/jboss-deployment-structure.xml new file mode 100644 index 0000000000..7b07a0210b --- /dev/null +++ b/examples/saml/post-basic/conf/jboss-eap/META-INF/jboss-deployment-structure.xml @@ -0,0 +1,10 @@ + + + + + + + + + diff --git a/examples/saml/post-basic/conf/jboss-eap/WEB-INF/jboss-web.xml b/examples/saml/post-basic/conf/jboss-eap/WEB-INF/jboss-web.xml new file mode 100644 index 0000000000..c461ff2267 --- /dev/null +++ b/examples/saml/post-basic/conf/jboss-eap/WEB-INF/jboss-web.xml @@ -0,0 +1,16 @@ + + + + sp + + + sales-post + + + + org.picketlink.identity.federation.bindings.tomcat.sp.ServiceProviderAuthenticator + + diff --git a/examples/saml/post-basic/conf/wildfly/META-INF/jboss-deployment-structure.xml b/examples/saml/post-basic/conf/wildfly/META-INF/jboss-deployment-structure.xml new file mode 100644 index 0000000000..7b07a0210b --- /dev/null +++ b/examples/saml/post-basic/conf/wildfly/META-INF/jboss-deployment-structure.xml @@ -0,0 +1,10 @@ + + + + + + + + + diff --git a/examples/saml/post-basic/conf/wildfly/WEB-INF/classes/META-INF/services/io.undertow.servlet.ServletExtension b/examples/saml/post-basic/conf/wildfly/WEB-INF/classes/META-INF/services/io.undertow.servlet.ServletExtension new file mode 100644 index 0000000000..ffaf42ca71 --- /dev/null +++ b/examples/saml/post-basic/conf/wildfly/WEB-INF/classes/META-INF/services/io.undertow.servlet.ServletExtension @@ -0,0 +1 @@ +org.picketlink.identity.federation.bindings.wildfly.sp.SPServletExtension \ No newline at end of file diff --git a/examples/saml/post-basic/conf/wildfly/WEB-INF/jboss-web.xml b/examples/saml/post-basic/conf/wildfly/WEB-INF/jboss-web.xml new file mode 100644 index 0000000000..e11a2b4e6e --- /dev/null +++ b/examples/saml/post-basic/conf/wildfly/WEB-INF/jboss-web.xml @@ -0,0 +1,10 @@ + + + + sp + + + sales-post + diff --git a/examples/saml/post-basic/configure-security-domain-eap.cli b/examples/saml/post-basic/configure-security-domain-eap.cli new file mode 100644 index 0000000000..9f9777c4cb --- /dev/null +++ b/examples/saml/post-basic/configure-security-domain-eap.cli @@ -0,0 +1,16 @@ +# Batch script to add and configure the quickstart-domain security domain in the JBoss server + +# Start batching commands +batch + +# Add and configure the security domain, then add the PicketLink SAML2LoginModule. Which wil be used to extract user's information from the SAML Assertion and authenticate the user. +/subsystem=security/security-domain=sp:add(cache-type=default) +/subsystem=security/security-domain=sp/authentication=classic:add +/subsystem=security/security-domain=sp/authentication=classic/login-module=org.picketlink.identity.federation.bindings.jboss.auth.SAML2LoginModule:add(code=org.picketlink.identity.federation.bindings.jboss.auth.SAML2LoginModule,flag=required) + +# Run the batch commands +run-batch + +# Reload the server configuration +:reload + diff --git a/examples/saml/post-basic/configure-security-domain-wildfly.cli b/examples/saml/post-basic/configure-security-domain-wildfly.cli new file mode 100644 index 0000000000..6b65d5e94f --- /dev/null +++ b/examples/saml/post-basic/configure-security-domain-wildfly.cli @@ -0,0 +1,16 @@ +# Batch script to add and configure the quickstart-domain security domain in the JBoss server + +# Start batching commands +batch + +# Add and configure the security domain, then add the PicketLink SAML2LoginModule. Which wil be used to extract user's information from the SAML Assertion and authenticate the user. +/subsystem=security/security-domain=sp:add(cache-type=default) +/subsystem=security/security-domain=sp/authentication=classic:add +/subsystem=security/security-domain=sp/authentication=classic/login-module=org.picketlink.identity.federation.bindings.wildfly.SAML2LoginModule:add(code=org.picketlink.identity.federation.bindings.wildfly.SAML2LoginModule,flag=required) + +# Run the batch commands +run-batch + +# Reload the server configuration +:reload + diff --git a/examples/saml/post-basic/pom.xml b/examples/saml/post-basic/pom.xml new file mode 100644 index 0000000000..07762a8910 --- /dev/null +++ b/examples/saml/post-basic/pom.xml @@ -0,0 +1,99 @@ + + 4.0.0 + + org.picketlink.quickstarts + picketlink-federation-saml-sp-post-basic + 2.7.0.Beta2 + + war + + PicketLink Quickstart: picketlink-federation-saml-sp-post-basic + PicketLink Quickstart: PicketLink Service Provider With a Basic Configuration using SAML HTTP POST Binding + + http://www.picketlink.org + + + + Apache License, Version 2.0 + repo + http://www.apache.org/licenses/LICENSE-2.0.html + + + + + + 7.4.Final + + + 1.0.1.Final + + + 2.7.0.Beta2 + + + jboss-eap + + + 2.1.1 + + + 3.1 + 1.6 + 1.6 + + + + + ${project.artifactId} + + + maven-war-plugin + ${version.war.plugin} + + + false + + + ${target.container} + + + ${basedir}/conf/${target.container} + + + + + + + org.jboss.as.plugins + jboss-as-maven-plugin + ${version.jboss.maven.plugin} + + ${project.build.finalName}-${target.container}.${project.packaging} + + + + + + + + wildfly + + wildfly + + + + + org.wildfly.plugins + wildfly-maven-plugin + ${version.wildfly.maven.plugin} + + ${project.build.finalName}-${target.container}.${project.packaging} + + + + + + + + \ No newline at end of file diff --git a/examples/saml/post-basic/remove-security-domain.cli b/examples/saml/post-basic/remove-security-domain.cli new file mode 100644 index 0000000000..9487613e2c --- /dev/null +++ b/examples/saml/post-basic/remove-security-domain.cli @@ -0,0 +1,13 @@ +# Batch script to remove the quickstart-domain security domain from the JBoss server + +# Start batching commands +batch + +# Remove the security domain +/subsystem=security/security-domain=sp:remove + +# Run the batch commands +run-batch + +# Reload the server configuration +:reload \ No newline at end of file diff --git a/examples/saml/post-basic/src/main/webapp/WEB-INF/picketlink.xml b/examples/saml/post-basic/src/main/webapp/WEB-INF/picketlink.xml new file mode 100755 index 0000000000..269f4d3df2 --- /dev/null +++ b/examples/saml/post-basic/src/main/webapp/WEB-INF/picketlink.xml @@ -0,0 +1,20 @@ + + + ${idp.url::http://localhost:8080/auth/realms/saml-demo/protocol/saml} + ${sales-post.url::http://localhost:8080/sales-post/} + + localhost,jboss.com,jboss.org,amazonaws.com + + + + + + + + + \ No newline at end of file diff --git a/examples/saml/post-basic/src/main/webapp/WEB-INF/web.xml b/examples/saml/post-basic/src/main/webapp/WEB-INF/web.xml new file mode 100644 index 0000000000..1bb001cd4a --- /dev/null +++ b/examples/saml/post-basic/src/main/webapp/WEB-INF/web.xml @@ -0,0 +1,52 @@ + + + + PicketLink Sales Service Provider + + PicketLink Service Provider With a Basic Configuration using SAML HTTP POST Binding + + + + + SALES Application + /* + + + manager + + + + + + + freezone + /freezone/* + + + images + /images/* + + + css + /css/* + + + + + + FORM + Tomcat SALES Application + + /jsp/login.jsp + /jsp/loginerror.jsp + + + + + + The role that is required to log in to the Manager Application + manager + + diff --git a/examples/saml/post-basic/src/main/webapp/css/idp.css b/examples/saml/post-basic/src/main/webapp/css/idp.css new file mode 100644 index 0000000000..afb49ea942 --- /dev/null +++ b/examples/saml/post-basic/src/main/webapp/css/idp.css @@ -0,0 +1,78 @@ +/* + ~ JBoss, Home of Professional Open Source. + ~ Copyright (c) 2011, Red Hat, Inc., and individual contributors + ~ as indicated by the @author tags. See the copyright.txt file in the + ~ distribution for a full listing of individual contributors. + ~ + ~ This is free software; you can redistribute it and/or modify it + ~ under the terms of the GNU Lesser General Public License as + ~ published by the Free Software Foundation; either version 2.1 of + ~ the License, or (at your option) any later version. + ~ + ~ This software is distributed in the hope that it will be useful, + ~ but WITHOUT ANY WARRANTY; without even the implied warranty of + ~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + ~ Lesser General Public License for more details. + ~ + ~ You should have received a copy of the GNU Lesser General Public + ~ License along with this software; if not, write to the Free + ~ Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + ~ 02110-1301 USA, or see the FSF site: http://www.fsf.org. +*/ +body { + background: url(images/rh_bg.png) repeat-x scroll 0 0 #F3F3F3; + color: #555555; + font: 12px/1.4 "Lucida Sans Unicode", "Lucida Grande", sans-serif; +} + +.loginBox { + position:absolute; + top: 50%; + left: 50%; + width:30em; + height:3em; + margin-top: -9em; /*set to a negative number 1/2 of your height*/ + margin-left: -15em; /*set to a negative number 1/2 of your width*/ + border: 1px solid #ccc; + background-color: #f3f3f3; +} + +.wrapper { + margin-left: auto; + margin-right: auto; + width: 50em; + text-align: left; +} + +a { + text-decoration: none; + color: #5e8a9a; +} + +h1 { + padding-top: 20px; + color: #7b1e1e; +} + +a:hover { + text-decoration: underline; + color: #8ec6d9; +} + +.content { + margin-left: 230px; +} + +.dualbrand { + padding-top: 20px; +} + +.as7 { + float: left; + margin-left: 10px; +} + +.note { + font-size: 8pt; + color: #aaaaaa; +} \ No newline at end of file diff --git a/examples/saml/post-basic/src/main/webapp/error.jsp b/examples/saml/post-basic/src/main/webapp/error.jsp new file mode 100644 index 0000000000..7a78c2fefc --- /dev/null +++ b/examples/saml/post-basic/src/main/webapp/error.jsp @@ -0,0 +1,43 @@ + + + + + +PicketLink Example Application + + + + + + +
+
+

+ The Service Provider could not process the request. +

+
+
+ + \ No newline at end of file diff --git a/examples/saml/post-basic/src/main/webapp/favicon.ico b/examples/saml/post-basic/src/main/webapp/favicon.ico new file mode 100644 index 0000000000000000000000000000000000000000..c31d0fa862ae165d366947de726a404564be8b4c GIT binary patch literal 1342 zcmeIu_fJz%6bJAxDvFAV3%BA%aqqn+E`++Z2q;6vfr!r)68*(UFeXOj2TdfzM2*G~ z2R|SQ#DsuSN?+G&`#PlSbl@D;Ussj119-;jCV-$U; z#I29d@bvu)R8_ym^)D~+wze9Tb)WFAz6ST3Yf&MpL3Lw2>b`%)L%JSsq>ZSdn;?-i zK}`5hMmyb%y4iPXzXUNb_-aC1zLv{TBj8*I|rSUgOSj; zb1+2Npm*8fYInfla=_>&JWg;OZrBLU>xSLyft~lj#{Yzq?|{?S0iO55?eoIr=i&GH z;0o{v_&rOqx&rSiw*79UOdlb;%2Kpmg`Hy6&@5`7b?3+H7}7nkm$B6;TUgrpVI z=bkT2zC>m9LeJjugNBYAFeGVbzr;y{`wkn?zeh}L+>8vWaMZSvX#=ND?lWgIbz$WW zDrZ~~wJv3QwC9-#1yt6O)zrC#snMRo-J_`!3)WI6$DXD#_pF+KXv5+o$EF-EK9H7{ UmY%+5qac0azWv?(>tE}?0b*BYE&u=k literal 0 HcmV?d00001 diff --git a/examples/saml/post-basic/src/main/webapp/images/bkg.gif b/examples/saml/post-basic/src/main/webapp/images/bkg.gif new file mode 100644 index 0000000000000000000000000000000000000000..523877c0874148d46cbc645c6f1b9a452fe660ff GIT binary patch literal 51660 zcmbTdXIxXw*C@KP(?bhA^bmRv2vVdZGy?+CL{QLB1t|tZ1jWal0HI?jB2^vmc<=de=fmDJvsan5X06}MtXX@jo2!*|=tcNh z;2QuuURdTme34jp>-op8lZ&73y!_x3bL_|OKM&_#)bpnz|0#XB`t8-{@3X>J?>~K+ zTKZgdsc$zU^I&du{q>R0U)Ptu{J1+kyZ-Zc|M=AVuRmf>-^eIyxH0)Wqhsje&EXRR zPxlqKhL&CQh)A1wy|QgT>&uVd{HJgGpS-$$=fRGnCx8FhIN8uSI{T_?eD>kHwNh?d zMaRw6@4uKgXa4;8lbBhSS9AXJ+SkU5H!t_yIa*M?ulm}T-y5%&mcuHq-g&m@7MALh zTr~Us%iQYsn^VHvil%@#=GXNf$2r_HwAJ>j{ zjmI7?C+fZq_ju;Tv848~;@W2VkrSC`x+Y&P zKYaC`7J9ho;)q++vBOQgQ;io-UmZ>_Yr41avE|NO@679#;h6wNcF@7x(u;$8i#tj> z_^l(4vs-RMe}x~tyPc8SGWFUk`dGug7lkdoC$5YyfBRi+F$p{Nrtd+}?YQBTt}HEd}+LQp=jB z-hJ_kIx_L*Q_jh=m#1GAooU~nQ~T)UyVg5%F()tl)7n3^xccbr=Ld@)gVQ+oW`q@2 zMiO(X@-K}Z$}SI2FJ_-=+H;V7tf=R?b7*qt-?yzpDkC&JHZqwQ7P&7b z!H)Ft#%&TYCc=)i)54SN$#9B{j-ee%iu60;|CMG`HH$wuMi&1B+cQ)AOj z=9ZS0hD0;6DcOW#)vfWjXZeZP*Qm0UvQ28Aph0f|DDmlfPY70vpp&1@1%srIUfi=6d#$8?B;Ao z`uoK=A|}Gd!o|_b+QQM*(#njy*~-+^%G_*|i>s5Rla;xZr779*KQ#U)T(Yx^HQ9Od zW^1ygrKzb4*~;A6nQG=lb#k0{^Z4x9R_F{I~N& zCj9l7q`$5K+xYYQ*Uul{*S~%JviAAY>dMCt@0Z`bU0Qte`qjeA7xTjB&z{cBK6yOz z=;4FusmTe!{d;%E?~IL(3=a(s^!M?3w{P9-y>b0o&($lJyDwer>b%g=-gdsVrTJV_ zV?%x2S?-zBwKdgMl@+JTPnMOI6mw1#6&B>@<>q9wvobSSOz8MO$I_1;NlQJPawz#= zQX=C(LVR58{+Q@}QIQehVWITBdqRSD?+Oas8L-3O&)3I$yO*cOHg`ALR#z8iCr2v9 z!QRexi;cCFO=f@H(%8t*KwnQ+M_Wr%gQQMWQ&mw`QdA(w%gM?}OG)A-#KlBK za99i)g+#zX7yzh$M*#m8!+#(DuDJka1NeBv?5%Uv^E$TxgHGMTOWPR2?I!NA2c$6YvdUi{G7=26$CWdEoCkd`e&wl-B(|79G_>R5xT{uO!@fqVkBCplh>r6(PLJu6)#JXhs!2UAjz_wd>#lF#Sai( z+T!=YQc~+OPIrFYVB|Oi$Uslpd&&a6Bir?N?bYyPQMMF})A(RI_h4LPP4qd^x4~X4*HW3JYeN2vsTS&DYsmulg;v;tEK} zZPIOK{AcGiH%LhBX+e#s=|uumhzVn(Gh-u;h0Hw~Y2=9uCkb zEf_BBOkGYLrDU2uxuAa_+DQ)NY0GEM`*H#mZjXCIU=3u_Ndu(J6Z67TNs7Up&z;4k zP4aB1GQ&=)U9JN0`ODPIk=^|(0gDn}`R?dYGIi6hR~K&7u;ISCjw_v}hBD8_kP=pO z^oG%=R;Tf37eh^cr)oG``%^x%R$R9^bZJ++&OjfR){ zFN^)Afc4EN_tV`aJBY1^(nk!{;`!v3-EeKP58R-WCA+8#zW=leA9Gtw`XkAl3mn_H$0%8Jsr97e>Z!PJ)sjFAs&H05jENV9KP;S8JE|4d` z{nnG1Xg-5FLdSBJO{A6RC8fP9Y&r9J#FdgvXYpceur&w1H?<$}3pKubL_GsceSkM` zWLXf(0zI+M{0@FW7L7I3i{+mb*Mzy~zR(AXDs%&wS?qnl**$NM;Qrj3+Lk;J1qv#6uZ^PKJ9?U(D zSSNo9haVS@h3?WDDKs11nJ?K87bzOe79kM3>ylw=8e}S9#Xy^EaA2sn4JfrRb$no= zXimZRplO+<%KOfIg(vyeQK8)v=EAzX%fvnzdMc!@0kIO5#+GoUod6!Qi^tfEo_Pyt~47> zU24eG)obfG^dat?>K*>eq@2FtS43B98NX=Qn9AaR{r&l`DC8X=h#uNb9d;lQ{V`Jg$1gGJo1-jMXWxdUJy4BhwrfmEtEU;4ER z9=>@0F66o*^QRN(xWSa$*K+BSP+0T%)zIb;?Nd}PRuT`@qlN1kO^1LY{K&pt=?{_q z`k(_v!BJH2@)>aK9N0g(5zVF=!qDv`!)12mvpT$-AVH=&!y~&JH7vY1cEIUKaet4~P)zChN@hc%q z!o|~DY>xf``h3F&v0Q_-^ouQ7A{6n*$qp3Vc9kj-;WV%HCl9?B_;J~apPSzUF0eEy zGS4J4?*rdTX0!kjrY{@J(Y|)g{X^23fcJ62v!w2vW(UDMQXn?}5!yHkaQI+EjnHE+ zM8QUuxDQf!h{S&=a+>&34RsP0x9DUjir@AuVxLPB+0|^SN#vF7CZleAKdI^B5z{pa zK7}q_6Qy=8z`RqoT~`c-BVq}&X9;OrR7CxE7VZy(fkCt$Y#@XVoT)iM)j8X{SA2YXgjJ{IY&!% zoWaHs>B$taG!FXnXLb@pv?awskqETl#ZGscV9-$JV#ANRx;z zl*nToQMG>6_YR^{ZeA{Rl3P@HRR8fDSMo`GIC;=N^>!jj?h=)s- z!pfRW!JZkorVzu)wtb9BN?D0J0-|p^Y9c-ni3|tD@N8^xwn7dXd_!XiPO*sSI;> zyn1gyR{JZJP2o6naqMOU8v9b&e)R0`4{KX^NPQRP;f-i2s}pxJEp{)UXVa|HW#t~s z!c0?;aSsC8-1HkhcCx{Pvbi*-pS~5iI=zbTIax zY~DGHM zg%up)l9*ADC{|$Ee97iPC+^QaaCW6dThOw_8mw$Em^-({DTt&#eSD9=fV9#`@@ZiI zh`%`rU!96;ZaPl??q8I6wkH(>gUW4oDn{W^`tk<#dVAhRAekC4DbD`cPqh;OHW=R# zOzij`&>_5LWV0e_!qT{wsI;P}ZR@N4c#6~*r142#sf#P}eBN%Hym=KDv%tcobFoSl z+L-E2i3MC45oZcRMALPpwsfU-${w%WZ^yxfdW#f%s#l$@j~61z6fqlT<2ndS=3K02 z;LZUsmf#`_LI96st2nsw4I;1`0JjU&T2ktDcf;FXtgyI5LWH5_c6``~<%R9wS9tiMO51YIa^upGn%Lj=w zt4+mp<8>phV4}LN9*tG5EAt8O6CHBPkgYQA(!w~&NrOW(a8lAvy?{t)n${^&3rHTD8z{OW7UZ_x@X~+W3ibR z6gV3L=D-kKM)IpmMd}I_>Q|_hmu- zOZU0yiA$J`A%|-VEOQH3CB5Qltf(|iQp%^K{Ku{8R{0}L(Y2o~mXD9l($QBA+5F&2 zv~5DfREcR5MJ+2!ZPJcjJkr!I5SvmjOLr%Y?%J`_G4e;hgVADkkrZ$f1dsdH(>QJG zKoF_Gp!gMtWE>7x5E}%mJ^eG9)UopX@<%w0X--x$7f=t)4rVZqRc8P5y?;y_-SSmG zdWAHDhq<6`gf||B|E#(99S$D4!266)r(?so2PQa!yV?dh_>PHAUo|VdHJl-1(B*!R zdNcM$TJ|m9bgeESa??6ca@p(;xVwZQsxKRFSK^Q^+C(247SYB@l5w1D2@xU!)}L9k z@xnEPLQC=o(gfVWV&xCHdAHw5_`k*|F)W!vgtTy!`)gEHi1gxMa#z4zy13wrW5Ip< zax|{CL~zyNp5>HW|FsTKZ|}2k`#o@Ui?H88d7Q5-W+OPXnj{^v=Hi4vdo0Vi;fMcZ zw^jcP^cpbpdX&5^8hWR+0I6~vE{k(5&^e*pLnr;O0U zA!F5I+lDGvg~;>J?uBx!J&;?hgVcX1_rG~p5M9WY4Ra3pD&VU>Y$ zUrLqUR8Wcku8iH^D?q9D|CXT2Ty8VZPY z&e% zboF{nPCdII2^QXWYg`Dm6i(-T8bHc_VMFm<(Tt;$n(zbSw`uZ{k&ZrudcpHIj{nk zwI*rxohv2c?mszxKu~cj4=rRF`pG*DXk*PX{WZ7D%Q>>*NOCZ z(H<&MK?d|7==Z&AQthLgz)35~@qgD^9JqqMv`Ul!Pr{jEV%l5&;6-d0+43{&o@eYa z*VCsNqDwYNz5!0esEB-7)6=Ya^W^!qTg&Z#w(r}t<({9?QoIXzZ&|hmyZh`Za9Dos znf%H4t~3sgV2anINP-Yz+iu3E-Hc=N2U0meCLBbYW}AqLNA-uKdoO0FOMZpJ705HA|il)h0&;xz*oCAzXwQa|S|b1@vXW?-j!O zn^EGxAvZn>)`^TN##ITClK?DsgY&YIND#SlAuq#c{H*epy*g9&C#18iw&~#@FR{#$ z5AXJnL-AtU26b8(Ooj?7$Vb+Uk{yRNP#;s?b^CL@5V{*H&THV11fcNR5xw=|N)11aK2#>DN1sC#t#8S^c)j+@VJ zSgCW+Q{JL$M}PL5_{o2bjD^Y&q4->Ow+B(rBm_9M5^K)`4H>C0GNRi;gvg6#4=OMG zqx4QFvWJ0AA+~Zip1e-@(~7FV_z;f#oKP28QgUGwF^XPQ9|8B!kpa^hFA07dFOhp8 zzjc9LCPEYr;E^7pn$a&1*_OWeVtNivmgA)EC}6?8b}`Y$=2iSh6ZHxl^}8|*E$;9r zUiavF_~Vks9GPh0ctgv0{;z(0W*tNiU;Y8Lp4r`34QT^lDu+Z5K~t7eb*L8e;V zQS>q1{bzmtBRW@y$os9Z?W;r(<6LlMsxUc*2^iM>AiCg0%1r}l@9#(v%LCd;#G?HN zNl@rOwye${mYxBDK{9)=AObG+r1?QnVw&yjDj zk6nt;xhED5pIFKU4;4S_RrX$`D%2gIiN2e$^LF7nwWFFW8ve#d&1zO&h$%m#2t){r zWIz_ao|B(p(i`ZasG0J4fnbav=9hONXj%CVnsrFAkOIF|G(0bdQl`1sNfNaUE{@<{ zMcEh?{5mpCMZ@eRBP=!dM|hPqPSRfLO)Xn_7O5uZpd@rWdsf{IF7-}`2QCPB2=%v# zOy~=1GFn4ExND%KbeS&PV)gRZJ<(0`ZP~-BpX0=eI{eoz^>lRVu@sPt9HF;3@W1x4YZyt(@l@3;E`G7218A5Dg}DlHLD~z#kx6Nz(-00`w;kaUovn+fp7)4g zNqqD}S*$Z$>?6W(IDD3IZ_j4`^f9e7p8^$vd@}(V2npljTMWxuzO++|Vj(I?TZqJX zBM{vj8fIpoO6{bHJH@K}qG(HgX(pJ6id4TIell=PJPf!U}pPLM44{!8*66=SflFPr{B|x96hx4f@RwwEu&kN9K zZZyg;1IuoH60^G#Y8TopsVHUYki9tdPQb7@_IfynX3jM{O1WcZN=XxW$_K{GLENV) zwTsG44{~D052akFjT|e|G{*~6WmirXe`jKnO_4w5ywK&q)(#=L?YNi+LMy(>_{Vo0 z$#o}h&zc9QHeRO2(~;~bPAT?b1I%ee$9@e9SGpu%ZPBE(?y2DEYYW)=m6Tly*uKN4 z746PE?>13-KR9+I;F2*tEhS0ETa%C7wg}muUWc^p@hAo11L@!y$GtyWMV$vgXs=;l zsMtFfmi{HJFq!(DjseZeEBp=IIbErPH4A)Z4Iq(3Ydv-Z$d=*o2qYpi)bqv_Ju*KV zLDzv@Tz&HBieq8y0!2=ng0)(Cr||p9`&*e7()R9|h*G*%q64xQ-<`GlM49G6Expl4 zd(Q8gzTPkIQ|Zp0n^wCH^*fs_-Kk8M5=-xXvMKMY=+h?o!25((L$n`z)`xc9`uKD- zVENt2@3-Vr%V!q9J-MXfhB!=`fA#1O`^pvHNwA?kRJz)c1HRW!IruV+W{AmPShx5~li_rH_ORhBMZXeH-HHV4l7-coP*maBAa~35G`|vBPnQW`FyxGwY z5;CN~dNHOf->q1u zCh*qDCHJeATZhb2#{GuKl>Ca-Y$1away#^@au4^$YM}{&qWk2wxGB=y1125@L+1!o z#0+He#LX$r8&Wd7i^Y+t^y|@>ixqklme_mjEl*~bVM3eRBFpndv}W=(i_vy3%iRwO zt!{d5V^#m5Lnz~2cl?01&<96fkndmZi~zIsa=yMG39n%~S3jRQwR_P?%|_5Q@ww8~ z)!?IxjUd-}P39LB{`<>?d$$;`rc^iIi2J$o(amRvhy?nq)V*q0*nDf?VDm#I9)I5q zqi0f~dLXHF@P6^>A`eqm8zAmWb5`Mt-Ko~&dUGKAzLJwR?8kC@w; zfM{4}wMA@X{oVNhA3e5HF~T7n#1!&yjYHbXg9YTT2W;d z;CN1L;2o7Y)9%$!X;enW>4VqL-Jrs)>`sf=$u3pYZn}Ba0EAbtW@GsBb1DkUlAEa+ zh4U3|WOnu?vJZ`!J4^0bhpSLBF*y(k-*d1?YnpBVorUZ4#1k~XK&ccmA$c`XseNh_5TuKCNoO4z=@gxncP5no z>biD{l|h-sb&zjT4J_4{`$#!iMr+O{zxwL?x17omJ#Ap?6(=eG*wK60ks$!wh^qYA zE_5d=YRm;T>9Vfj;@y-PYs!MiiPZg=H{|78CM>0bi85Nx!s0;29;^J0db0T2X zs_15VhGc%}iA9WB4zf|h&L3h9o*%qpEgg9YJo|1S;1^s{52!h7JGgE09V`F`M3Gj^ z)_PlwDFw}HZFxrT-kJ;aap%m1TYkvYPxrt=u$IXT48lS;wCy9$P&c_O@P621$f2obs?%oz9cN7e{m8 z)aJ|(UH555mOC#)6q^yAgMw#Ts!%dQ%(+@585^<;aTe0M2paGZ7d&JQk`N(_8eJo| zWXo#*ngfhp7^NU-Kf*!^E@PKjghddwetE$f672`;0JPnnHv1GadNeOVn- z6pnp+40&(>MQ@-aMuy09d^%D4IF}uuRI=uD`|0BN+MUdl=-~jF%Hl-CR^7^!=hle4YqNa%8!$!h?c*$1SrYMUd85reaF z*%1`P&t-N(1t>O4{xe{ie#f#JLkLGWv+M6|NVe@5;42%tydN9zjBt?;@|^OxTbwA% zzysn!g`?e#Amv=d-90JQ-$;*IS#%`3E9L^VJJim=-h_CBv(Moa^Cam^=ZP(~v0k9!B%B zwHcXX73a=04<9rhD}fuqAJ7d*#EV z?|uZQXG}<%sxz{T0CZr>BiF=}Dcp=-M>8H&1IKG2L}!K^e#ZMCu93iu$reNlwB1*x&Qi%{>>i;KS>sr)2>ugml9I zuS1^sq`?Uz+Ps<8BR#HPZ@O0VC(~qX*D z@BJm+EDzglu27hrdLBq>k zxK*>h$vT$_U%b5MeE4h0vslq{jIf=y;-KNoO_eaFr7&ZsY307)r_RKeXNZ7VVg#7O zI))5BmG_=5dosvFC6S5 zS@v$O+uv|pDzNp+@TR3qF9LM9vodrKAg>E-A9*Y+C|p>7{E%!8gEEjtE;l}3dmG^y z2W{Vz12nm0d(hDdG@Ppxr<31dYI1H{L4CgM5)RQc-uXPS%eq3WGj!r zDC;|SW=%Nvun0Gq0a=g*59v-LL;~4aa*+5U#K54V0ocZNS%`Kg=#zDB&m^QL=smpo zIw~c^YtC`}@?WQTbbezS+}1(%zKX?z$^DDo`XZ(~0b zx#_X*aYWwc#k!o&HlDgADb(A3LcGNH44r%_LhpF%t+%Q@_C%pslSt)}$jWjzPrl;2 zV&rv=!V$P^TPMx!dD(S`RFuv?bKnoA34`g?bMx!n*qUpxy_?}`Gxs$UT8=5neGRiF za#%N&@@{R);3-X^M_5Yn{hWKDR{ML7>#awD}*H9uz@)9jRa=ebrzbXT_YNh&>e+ zHpz%vnr|^ieDJk@Rc6mp4rKe^BVlLiTywL~OIH@>LS$W*;c8Qbi-?=zp!{K`U(V&{ z$!6QQNTN4+UxHYl>@MXvbQmV7BC5{XJNxR%S)2Vk;H!W#4RP;FV9M9N{Y9dV4W6e1 zyuF;mYkv%A>&GaLzz$;$Vz{joBAgtUu^}&HE7H*h&CCrT(;0&>SwZgW$)a;Jjl9`L z>siTGY;jsv0v@uP$#{G%`h1b)uV}eB1#!c}Zl}XtiX}hfKbYAOwN&Kk`7qh@Y<1F% z%*2g;zLHqkp#ZK15%d5M9$eU|e_S6LPNUtf`z=^wibv3mu;hpn9Nqm#ey{@1Ue?PY zxeGxmU3_OW%}0t9I%HWrUZ#;d zEDGSd$I?F~gzVCSnMad{c3{t6voHK3`6pg7MHiuV_nX>Hg}HZ`yKJNlg&7-eu_9YC zKiEiGt!ObAs(1R)Ha@);J^YQcC-0|tLx-l~sOzTOZW-jO2f-MZV0wN@GL!3 zt08)CpSNqC!(ELP_}dYvXLcw)a|@lg$wctkhmd6ySaHjj`r9L+W*V9F9aa!{U=tk} zP~U0x4$MYlFeS#y8pFh|$ShTuBJB}>tD%-^fpN~`zUo~Gx+ zaE2a@Xm&_ABrV8P6vF>p@o`ZpD^GNdv(kX;K&CJp|B*sE@qE8&4KZ~keCO@(ipxq! zg#^@!Zxaj~$X1?##E9Ts2XL1U%1G)+nWuk3zeyBH`YbR0M#^*52j7q@%w52qV*<20 z_n3P#^X_)2q4)g8(?G;_NPi zJV-V&&j2DTS5_B`o_7Ay2g&a*> zm%#-QXl$t=1ekI`#t>rTVA>VLT+JK)tW2FYmHt6FKk}6L$?=>zV3SKtBqV~!nf2Hd z<(!xxqxn`pvv$i|+8aQ(dwx)#+{VOONNGBGNX~eKQ4ljyFEQSRiVw>COftb4qhRlg zS!P0rJSe@r0mw8~(Af&=7g`S$^r%Y<9$OJl&x~%FG2#%F;{1UPo|x$!+k@lGZUIXr zWkAlAaQbhQMw5*pvI&;Iqp)6nhCz{1hN?^_b*y$zZHhjc&#P7Ft_jinSYRq{{UYM? zn;8uRG%7Lli;SI(yXsV+TQp#CD%e~A6?wZ1j(CaHx2>?Yd;ppxwaK*kJBqoS#4LLQ zdYu3z8qYgy(W?2v)zqmQ=r<(iEaXccNF`sF_QLeT(0$!NwOc3|=3=9g4BS-(1q0#w z6LFF7F$BO77uzGRO)kdzh_>YNsk^)ooV@UyAyFz1oj2V$ya&s-5lQd= z$lBU#08wR4h>k`pc$DS{d-Ik_-U-qu)$J?f@x|1u*sG#a(^PMF5o17E94>Q+Cd53M z;rSMs<#nzwC8V942Yrcm@c0aCd zJQCyRozjsZA-6J*rO?WZwy!|0xlzEKhSFMhVH12=2%vMQrn!w?Zk3n(8*Fxn2O&LC zNcDia9FM5Ufzs{wLdCiM6bBW)w3_V*v@WclUYOSNa(kGn^mGXW>Ai>0BqHBcqCN%?xVhTs&li^$EBJ~uLMl!w)>_d9gm|k*E zbSHWA(OlVlIV^^f;_ZI|R;A0F35sH>cC{W;_H~uw^0Q|pVelNGo!<+$llIts77lLm zPF_g)06!`I0@X4uSbFs*eNB z5vFLNxQT)bJiNcu?QRfDR2f4M@x(iAbN4F!K+Mi){AP;=4D{B+ANg0o#dejslj4LJ zYpY9?StiEUcF{@0Cc1IgA%E&ebda zln2wu@|Pcr@zPkQiuebzkYu`qvXHLk4*+^JDpG%)yR;1rOv4!LO#mIgBQ--hpcvEK zpxJzx$p-#F>^!?r6}`Y=i_*{2ZaH<>oyUHTU>G|lYT`s6xjhB~DJY5bd6BQ{AZ{#= zslD6}$~8H{(s@io%?lRwVd056cM&3Cod=U9h^>9)Y$z@|;mE{(gk~Zu5p$lh%fRpv zzIx_+9cBxh3oAXX3Hsr~!M_J!(KVk8F&a-LK#*1l?P6xOJojcS3;=xTM0wDTH|={$x;~H2I8@6_qr%E!z#aI#3n<3&6b!QcZO% z{KZASqRP#vt$oBFY=g?VJ*uX1E$n#3LEI5J~e~@KVKq_cfu1vU`=d z6zNV#f-_H~Q;g{VsuMW)biBn>N|nAf!+$QjW~5+#7P1BZCQzdW3aHI}vi^Mgva=F~ zFp*B+^A4)$_4{soWdDCCe`o!Lfze5ne^HmiBxLWm#OV|E^PlZRE;FUb|*N_ z*0J@Km_}$0WSZ})13Z`-i!LRdLG6jYdk`LbBOJ90?km!mFFYt|jYJ%#7QH^dO>*~u zU9MDU$WwSF)R!-~6~(E%FJtv?FDC?7DZKZ}IG4pc5zq z*az3(r`<#w^6phmBe_$eiS8_DjP@P}Ur_G7oZE_#3q7lvVa}ADs|wbl>e(rvKH)6_ zGY|q8DcD0>NWD%SahB4w56*59c#Y@zxxQ=H2*2AGB;EMsz%BnQ~sT!@ij%0$3+*zwL3Ks{Cgr;vPBfs=H^ z222DKQSiNZ=cvF`i~>*~+FYNmZia=&xOxL*{Hg&)bHnMLOwc}=pb9Fkm6*lBw5;H+ zLZ*rgz!bREHbh*$_UMqaqo$!ica5snTv@sX^VWql@bD{iP&C(bb3{KpnHBJzsxH$< z;GR=lr>fMzZ0S(%dWaJKsge+q&aC=5;E|Twgk|vXM7W-2zUJCPgBl21K+&PR8Ka3Q zIfEh|XJoA4+Ho)gs9(l>L4D?RaRX20S5x)}sRJLRFi^i-0k{=U-LaW&>M{m@E1Q8) z&eIhf0zj*0@+!iHzk!;w-?L#{mMjn7Q8NNE705Y{H3q1Y>UF*88}I)^hx0w9veQgui@D@>{OyV8afY6@)T4?d^pTphV3g; z#ylw|gxJdu5PvbDt|A)dcGKJMwwwefCSRhd^s%Huu+A@lN{Sb}$-5sfJWWy#|Csk%RZnlwZRan#pcb-KtNQ z2gP27CCdPE6;Tc1IdA~7K{=|Y@kH2BL0_KAcf*FFV8e>7@@4FpIbARJzyFftf-#Oy#Zu23mYEtsiU7r-lP8tgDrmp|Be{`l95RKZ$mweAN+h9vvjJxOw4nFk5RnQ!62qKyw0T`jmu$vVSuzEFi^Zz5>Tlp(j~N90&)b57$q6S7u;0gCeJQu=ln6`YW#WbUZP=|4k1DN-Yn zSHR!m+!y117wm-ny+Z$>$Fk9c9sZiH9j}|~Gcg(|e}2actxpPww!b;_05hkuDWMgA zM)Q0(jsD#P**hh-gsP_$c@X@)t7{vc#>D$wGynAvPSV(PEIL+K5^pLXjtxKV5p0!c#R-&_$#pH!^qM@tTmzb_1y8~y<56=PtTpKuCrf?^oe5ni(qUE#{UM7^hCA`=}b;fSjthj zs{o@IrtZM-lT!D#gsLWf^zDSI*)R9okB%OB{WR_^CS!d$awnTYx~~h^zdCqsPej)`cwWt?*DEiRqZo0~#p%HOyK9Q)P%llFBF^}6r>bdjDqKWfwOOKJj;gUFUDFE z9w^83VUu@1DhG{XU06;*hS(vjde}G?`C(gR+`1c9`fUcvf$Ap6Ht7Z<2|5p`nh0gS_@QXe*DT5RDIP+ts640nl^YoyRq5i*eJ@Q~sF0#2>ObjaH+@3Q{vCV|;Wy5y2H$PK! zS!XJUd0LEKP@Vd^^<@{U*@Ha*-}mpb@difG_}~8uptN6!_g?=Q?lEk+gR`iy`Q?Gf zPX1U4&wbtDcj2ZNV7GkVkY!#V=4`=myJk%EohCWH=Q=nV4H9&JaT@o;eKj~bi=S#= z-S{|gt=BvL!p!gmErPy#0S{ptxZC67e`c2}Zmeb-H~U>m)|#lnjc?_nVOKU@HC%zd zZ0Zgbewwzd{i@wv6OjBxZqo^raJg5&FZ0*$O!%&~LxLCz!i5$8aUI|x%ax2Fj%oR` z`(_i}G?5o|hkpr)-9>T=O2Ux&7Woq+<{tvS=TB(1~5wx6aj~G0(diQ14K{Ty<1w~ohW;A@x_yQ|wz+*{nD<}RC>8togfH?AY48{(=ori9MNBU}8Q#jmeAUsl*gFXUmLi-UoRp2Thb14&VFFfXXSQ7mM>ao@w)Q zrVOL<_Su;Fl=o)}c*;UY<|KOzqi<$-Y&Q26H#8liS;naW){EytV5tcCLcUl(Euds0 zdPhDp9|XnidLEyFkCti_L}POQx$XS?5`?kkyxY2}2y;&YgD2fka;tj2jO=j`QkdF? z*R+V|R)z%Ft!`|WEkQ$f&N%3O|2vKn)b7Pac4lUNK61xm&75k9`EcV6WAl}Ln%KZ? zxkyudjS*GQaG;UnE*15C%3fB!x@-6C4ai8CY+>5))Fle=%d|p;mwijf$u?vP9}j5~ z(si^(Kb7eP{d>y1JMr)CYtj+)vKa@e|(Z*OSLs~ADoi`5bw&`&9|?&9IC zi{=PL(CqUHCd;{tDM17ka~imT+sA4ez0-baj}&bYhA7I-rntJ-4BJj!$epIgO~MQiZP115IWH*XP}e>KqC%@dws)?J~5zsjn!QeApnjMGLeD z^Ni0BdNZ#elqtZppBS5 zsytd^5w{!F`-x*NZGT^1_#WQ*k{M|z)lMU(UWPp``h8cW$T#$sf(%a0n4{@BRAhds zlq&}sl_BQe8!93!^#`{0O62?Y#?7Fgl|oG~bCpibk-T>w*s{EC`}h)sf4GA|X?*<7cI6MoXMNu*)`dSuc}(=!?j~*f7l3m?T#w z(zF_@^>??uQlXd!o=Z!}HehU=p3k=8rm<3IH(4SP=ISe5k>RP$Wd=ApT%6YCX7Awh z!jn5H-0UW8e)jU?fxd=|9vc&;ch-t8TK;_ZyVwCGYg-U?3@y!j`j^$N#$toa5>FfuOoXw zmE}#SqBSl8X7B=@ATxBcsI72bd=aI184yI!Kt_{tg{QZixaGLq1LBlyVFE_zBA9E= zHjL>o*jd+j;}x-$kc|b)12h=_+61(ltgn3DFBPGUb%4|f5WTQ?@^Q707;|UKvJ(Pw ziJ^ShgufFz-4GI5BD2ALNg^%9;G<)%M|?F>342p^T)1{+fu(lCl??d!ta>#Cl6Y9|Sg3^u+fmb3g+ zv^@jYoH+?lZX1k`m6Yr-4UV+@g0iMmG@Q7iG5fEdwJ<|(=xLWgr1gvFOWF$f8cLBP zu>lO_bvAmOvn74^ukCqrHJkK_qOu&7Q z-}{g0gtD0U(s~s(fF4_LIYc#j`cF;I3@M6iCp%fhi>@Wg&kaaN*(YZA1pxHb@^oK# zO{ioyD)m*K89a>gkQMsAl;wGadjiK6zfX0z1wCot8%1)d3DH#`>X}gxy;T%ct3)PJ zo~LCu%6%I)A-7QK(L>C|tcn7}rl#U;>r4AqH14g)nv#$^_4(NF`zsbvCQtwEk+$6G zmIH^g!OEYNZ*QS#aUD2Jbd=UGC@^R+#5bC*2g}TT4F6^&LVro#!{4SiKtZhlqPSTR z|FHkm&!Oupx7;yKXrq88YYe)d>`t=t>#J^mM{%}ut0QJg6bhBt*P2y^WRKeQ5NibLUxlSE{jqne=Z<4aGL=xBli<=zV8L0y4YIIHw(D`e$bA2mJ4)ZP}&HMWQ(_3>-I=f`;G zS}hsvN4X0?zAgy34TrAXo(br}ga@G}U;&qf+nYfV*y-hSD64T{e686MHY$8{4IW>V z54LQ*OxFkiWl@2--*7SS*H1+A&+|k-Hb#sENPO|kqx!mX z$a9{W%zyV=1Apl}T0A!l0&3mt1!1$gzXZ8?G{^Iu}Dld=J~wOf{{ojYKEc8@gpVd|lU zdIXR;K@FBXMpbQwx88xNpRZ-6e7d9{b=Y7c_ZPX%aiI11G99Ta>@FnI6 zi`pGo5g(od)i3&{(;{D;y}R_m^=LrIPh1mR!ZPdycX?aS4k!u?C=0BfGrJ3xmXAe$&=|1*h?_t_N(fVt7^I#V zdklhy+haKA8x~|~?6DH?wx#+W1yA@<|K_G1N{@W&te5}Nf0$$wo&o4om`qe*&S9`f z6`=2XxG^d)VCOAMeK}r^6_b=2)}K=V5g10*y~CEX0C($m;rzrl7*`=NiWK0d=^F@q zJtad>R>Q{S9Y-gwZR1CgMjO~u$DnZm?TfQf56g%HT4miIj4VFXtM|+1NA=HI3;=|? z5{D5Dn8yF+tO1XYk=n2eUD?l~S&Yb$tb=^Xm-mK0-v8(5N`xXQjA28TmO=!PId}L+ zMuRtMUaQLg@Zb@OB-Q&CVq|>J%EU{Y8&y3zRB-cXq68!T;Jl@cz*N1!9#@4+!01!k zW(t{R+^zu$#qTX?tpw38NApr>(mW;|MmG!aOXQE+Bvy_>Qk9+>7wWV^c~~-TZk!Hs zUl~|wFfAI}BKFXr!Jj%6&RnCNY9QY{hI=_h|n46e>?`&urB(b8D&;c0VtcgHtAubXej*LlBW7sQGp#8?oiHpr22qf zufh4T65g;PTv_BkoMm&c2ZBx2z-HB2s(A>2Q72y{be<~oWVcG!FUt33LDZ6{W(`KX zi8Aus+vKE!m&Byuovlz$8VmQGUMSmE{swj3bY?6PN&?+nCu6)v;RtGK*U1dv3ID7aez<;Fw63I6`>~7Ewn~bev zoV!j7mjHSEh4V@MM_xJkJ7Ho#1mlI*4nrV&ci=J>dFaR?OV}^Ak1WwfcWDg!QpU3LOTo;?51Y?WM5{>wvu193nDyFD=`i!$-i|qXFRql{b=Nh4Y-P9M&{XjuSWYVx ztOy;m5Z*vxVSo;AitVy}Q)qfc-na4XGS(5CSmKq{Xc{ap9f<%Lk)UoEJ42aIPww7* zrI>P1K^fru+t8ZW1>;xEy9>bQfcOWXF-K*l zW4mpHjj#(Y6uAWCHQ;a8TlK>cx7i*`KjQ(pS?#84rftB^`kHt}JY1Syhj>(TYje7W z32Gm$oPFSNF`v$&mN$t?Mn&aGA!U1!i`NK~!;CQ!E2+wN`fe|kl0d*7k@~*~SawuH zOHBO04_yF?PMm+nDs5@>C)DvBW5= z+bbv6H521z7XiKdic7;H|L|9Rm*8D(3|&FKc))ZraxO1jeDw>nT}d!mo8hjf5RtYb zfSeUxk3dhZ^agqXLoZ?fW9#f81u4e4X4Mw^)$J+vBM638AI>Tdu5H@TTJi9#@4p({ zl0Xkyecee_D3W{6$(2Z4yr_ny@8Y8~vZ#z<#AtI<$d8nJ_Op8g=6#-Ko%*cUbhUbT z&$csB*7cNL{g?6ku}7l}a|8sBVN$l9i0=jmd$FPXZ;8PAKLI3B0+z)ua7|v0J`!MH zN1)7vllRemuE)wGbCQij*CeyP7iI^@ ze~=E8n_opoP$$xzRJ%J;bb!$kC^-?t*051@O{kc^B5jBre(IRBwaxL_9K6cnn#zVP zX#cs6Fa?_q#`mVatGXnf+a8!v8N2*fB;ufo6FzbvO9$`)M*NJQck-c#gB{SU8;}69 z%KMvK8?9C}8UWYNc_KQt(B@oz7zsZUO7Or!751j8uN%oS*gt(z@BJX*5R4gKll-hO zjbWaSZNl2ccSoyS4i2we#DDVf>&&|2&iD6{1;f?qe;#?lrl*3I%YreXh2q~Ps!ie7 zr!!P+0}hfAS3i6Bqh%On99a0#?CSjOPS{4mhla!I^-i`2Xb!D3KP@FgLsn!p{fCwM z+*v_Y;Dh<6g?BI#w$UFx;tx#lHf&;p_cjL;d-@aZ3>nt4x7|^hyp)!U28n&uBMyH^ z)p2U_cscJrN29k&!W4Y<>pWiN&Om*+`8f;?C&o$Xe&fk{r(8-lCVk_`CjWi zWxHI4CY5OL&sbI;sXrS3!?f}7LiTpDcF@@LAC#u3=QbIyu``lxi}?UqUv_r&a0>eb z^bT&5)zMC$N!ih!Vxpql1yGMONp%}dmJmHbXgM`Ggk#Qbcyp6v?*$F_DH>2Mi;tH7 z8*0m1bylk6{Q>s|;2C=3AQ@>209>Wy_ zM5f2M5GIGstDTg*aX%h&)FCwPa_Gc@3WqAm`?*@{mI1>ggiNnT#OC7>mhUnNUd}^^ zx#WS%C#*lpY1ylK#u}Eq4`b(jF8jrHTzoKe565Vx-Y=BjunVtKa&DB*TADeY>53FK z-H_v@BK<1VLsMo_=h^RF>@bFFzqJwxEhu9LCiaX;k2juYi&Xxz@isQ$3M4P)7}RvU zm%4d5FIC6x+rw$I!%x+if7f=ncv;mc#Ystcz3-{Nrq_k!!ZGpXFMI^MU&6mVF_dJn zz&PhUrJKC%#n*)jykn*wH0}|DW}2xz!PBe%1s?_#n5H%}X1;=2O^&;Z295U`nyKX_ zX;?udyi!RkD=hl-Y|*0E#Hj&xcklPL_IHAfXPNU@S#hD$ru zTIxPkZl7=4SU{I?>Xq+y;E10p+5Y)E(;!aXup!QjLk?TS>Amu>cxI@Y$aT4E%A**6 zzHL*;D(#c6Yv0&+rpRx?Jhyb(^=}xMksK*MT{Gq;-4|YRIvahHneU|3+L%lk1>#)B zVLsybm+nAwvbR!>*yWd)M>VdhZ?-JsRX!mWI>#0u{M^+@^kk+C!JI?ckcZsF`;0ni zH($Jvl27DW!zLM@`U*^1Y}0Z)_k9BFmexac*`GI1ckVcf?Lr#XN;igD-f!Bt!r{6yvnav^ zWxcS8Lclfug7-{^Soe%zt!d)GUbDP^{`8uyAMyuHibbsjMsvDEeq|^A`igL@lic~W z6XNP3zdTsDa0eCrOJ#I0BdHDa5XMI38VSX_k0Xn?%4;oaZ(jQopKK*l;WJ+RG?vI0 zYhcP03+zci!-hLo#OH#{K?<+Gt$J^^6!3S|($%jF5Iq5O{D7rLaBJ=3PBsC=0?*oX z1vs77>Y}s+y`|gC{I!S(@sQk6HFjY(in{^--saW9}OzRPcuIt76^a5 zkq=hPMr*Jd?2|?tk|?SqY>mO;2^Q9HG^I2+JH+@+v}Y%en?t;)(I)qzJ*za%JMqM6 z_*uZ-Z%=K}-)|kdIT={Or^vA$y5PP_O__BOyxHzMh;!0b2?zTed>%x}vJl0PJ3W`d6{eAm} zRd2^`oBj<-|JhAAr*Y5$X{(lBOW1d-CD-bgxDYkPp8wf#By1eE2|W;C_<-MK;oS#i zN)p73TQ!(S4}X7kss+CYz>RFU|= z_~zEy+pBB4p|IG1t9QkPzSx$PxV1IiEW6g?*M}30Zw>VNPPQs{wvaw0EwWdz8mJYD z(jPblp_jVv2Axk+i-M+4P2_R^I7wqWtK7RJ?gH*kLg;Hbt~Se6SS2);Ne>!b=#}q< zXCs&sVYn`7`&sQrtH6jFQkp6+=YNbQUu!(5N3G%O>E}E87VMuWJh`}?v94KR3~k8w zU^!#lYjTa%dc}UB$Ig}r8`>w7ry8ev9sD&-(z^Aa3v=t%h!g)io#7jf(owv3gkxx5#TjShWr?>5fpM7cYQXVny zGncB%Y|Il7+lSyCo780wT%VKTzRC^o^3yZ*cue+FdBbF4JF{qAvfDCv*KOI(lQ}Sh zL)G%R!_b1uo&mgLj+OCx$c+dX=DPEdTV~0_#ep8Y8d&5r_Mf3lPe`u;+@$q3^od}E z=KfChsJ?hKTSYrCF$X;Z`<4e4Vkf_9bCx`IRWIhJLDrP`#2L;y$r{B?O9;*mKDJ8Q zwcnodkIk=}dxNxdawgoC?|%>VdVhdPzm@^N$CtjCb^haQ)Fi^8RyHcAa->9#1A%_% zHgl1xuv~_8t8vK}muxIK5tEP|S%VkxrxU5?`XGXnO)(Ht;A%G&33@Jt0oE`*WNz@` zE)`CYX>Fia3A`$mWim-cgIKh{`wG3B4BrSl)lZB6$DRDC=oLv<0tkp*_WXFc&hcU( zqy*kBk~k6%#+n-Y4dVoP_33I^zD4`P1Jn))z5Xfx~ zVEMI!I33%hrzrocNU4bHNAwU=yp@Xam_3(Qjr=YX0u%aT!|+~=9Tw)qX-qh*_sq0M zfPM5hLjEOzJbFj&Hmc3rP&kaJshrX4je}PcwlmJDkhbl-k}V!=!0z9|`#yI!bfWmo zQ`n)7(d~ob`Ay@lfIr;s`ydH8iI*Y z5+dNsDxBgalNs=7K{C_tL#qUhIwZOHIG1k%b>z2K=)s$hGH{HsD~unBr}u3b=uVb; z7i}saU3Z($XyxY_<7GL!cRpVr{`a1L9}C6MN~U=tB(W@vw2vh#(hvtW(_U|-<6@C0 z_B42tg>6I2hwbEr_5fS#e3nnR2Otqq6d%@K6RZE4Jhxzb2D0P`nWiT0lOapStaGJrzjzH*1o)_}S_AjeequNsDD(9b4As{t2v^j5&#!I9Gw(`=iA%V?e?$xba zQlhc(IAaA5EuFGE`VtW>S#Kwqzk;>kBVxgZWMf+~xPgbwqC<_IP=X&d7c{1cSN!iCEICo+3{*83Cr&4T%3>xAUXWLey%TMCpuuEldaasgQ_Gv1Aph$9~mp z*2Zm=O;=^agAz=fk!43^+&7W+qDd@SJp(YKuDg4wD#JIZ(g8h!soGL>BqqI(v=9(l z=pX^FA{*roU1lSNbpIKp<{H>{-XJp zQsyAK(PSC=nGP72kePe~RCnBi4D?|>`6PcD?+<%*v54(D6MM1vqy~EHiu}4IdaukN zMIC)h$P0z5zV}uj8pEwjDpR*QJ{aB-B&+1pNn3d6oCT|0Y$PVuIRrhz9I&j~U{V{E znZSzr@`-?hA#mL2T1I$`9uu`~4rU2@wUSrx0@y4=WBHDgyc~}WhD#sC7{W%30{j2> z)Tt@nFqo?cE^lS6%jISbvr4103n!r+!Z=>$ye+h?@0Cyk@4&)wWK%b$QAW6viHcP1 z`X$18YCLh)^Gh4%NZk!RKP9Bm68-rYhhS2lEh<)JWpE_7?Sfsh_-`9mK)JZUGNT;e zL7Qis^o?8cULtW>(}<-id~-nDS{*WF3b+U*E*AYQ;BgK}EO`?D27UG>KIZdR=)q%3 zq#iw~L+)ur#mUfdun$&}u~=UiV(a>D55xkZOSu?{m3K`du!cBc5XT89r zT#wyj$W?^A z#+I@W>m3oU`l7N{!f;Lbf(}Bs3?EMsp(UaH<3PTwC>L-1eHBLYDPY~;k&P1hi)d&4 zIA*y9bz&S9BSU}htvVeGO-8%r^Pnv-ro1C>ljHgX6&Tt<0HVRQXOq)j9#5O}gl_D( z+A+Pw4=K9eP5ihAF(^jN(Vw^nVkLTz3xjY0biJe{SBG?eGzSR8k|l^>6*9AUukYc# zm{oH;DZBOOCFPaD_$n)ZCB{N;J6>ett-zr8z}uUr4AiIA1^{PifDpz-@KIkvR)25s zB&%W*sK6G0(0T-Skb<@uPk33V#+|TB(0F|EOt(O`M(7GfC|7rlcaRKQiX~adh&T!` z;}hPLTa^*m#$I0TuS7l2ApfF~{^5{t5<-Ec$5a}Q)kfbLr-N3Sp{APUL*F(rc-TLbwP9T)LRBO@}ZQTOsGJ&pBhV zMYg_SiHW}+1G#!$Fh1M;)YFl5GEP&=Qafl%|%$an}`3n%qQs_adOBesi%u8CagiX1vwBP=~o-ChnHg4x{KRC9`aM*j- zx&Zub74Sxh%RYAua4#!1kL6hEfxW;- znWImA2d(FvVTaNYfQ*q+ztb`%$)ANK?RQv9Xf@YQw}+t42aOZi%EoMfY#f8|k87mL z=3QM*vt|i+JSh9<@g4ceXXd))zzugwIqNE2#lhBpz2W9)E~uB~+zifgYe`FO12bfV zz;?nV7Ov3~${*iZsqWsRCX_|tW)z0^VJyR35X8bqh_NjfOE%I|=8D0*4aBGf+^Z6s zg)^`_(A&%syl3GXbQ_1xm|BWae@P71>3eTg04{s;HsFtjW8Fht%n$LP0F7&hJ?qA$ zI_092=xh;8*fX^?Hl{UV|y=f>u#d2 zB|5F=`ySoo+rE1F#uQW%A58&nwK`4TY9k`{QNXo&RQp48PinL$3Yc}gl%Z-_JBIf^ zwgkO4Z2ZlsPo}5WJ-EHr6}s6MvAcQapY44_d1Po1@wPHTr)!hWE#Aty``qttJLURS zC1#(FTu6bo>+d*+-I+le_r3w>O75jLqGQws5#y*&lx5*+{3|8U z#M_(0Lm$?Y_VV$2DXRiCyAM!so>Y|Kdkd8QoW%;UjSj!s7ka8Bon+ma^E2YNnc0(0 zmAkL&P-jubT=!2$Hn|$F)!Si|db7n9&{>{C{y$!sI%tc|fn|mJCHzqO+Uf1umj1rCM8RCu#!)N4+u0$41^c`TV?9+@M`DjQd~< z_FMwivOOu$hF*q=fo)cRVotUI^?Ur5DggU^ODO;YOeH}cTMoP2NuJd>wi& zcJYp-V9Lt@YjgG2de?BX4*v-Vu3R-$Ic$OG>m#XDAX9F?@JSrkJlU!}6E6r@&a z%r3QJRcbRxHBBs{oFC8|FoG#7`S@tRYZ)6>uh0N@bi{=5717k04i5VGH{`wX;gegj zi}YEnKg1?C)VNRl+L?HQ(osHjM8$fpQqGhJY_3vCb{hVF>x8u@PaCry(O0=JbCY_% zxf~ax?2Q;ztJ13xz~0bEvi{0Ub2?aaV`*evZOe<_EzokZOK~)0Lcw`OExa)a{KbL> zc%mabTudVI&WKa$dg4XltE+2)9tzkhOEk)$tOd|Xs$M3)CFGypbQY;rjhf-C?k&%H zJx>!msy62z_SS=Y?ovn>!CQdn1}kX0*lMsE$fOvIh8I^!?-m{;Tkud+7SyRGFOp1? zmgtE;lvw9U6jN>B^#TaiU?oTI{kV-K+q}EFzLu^E-zz4nHOQF_+<4ZS^X2HX9@k|% zZpkrT_M1jt;tpxt!=jAr>a!Lp51hq-D}kLo89tjeXcw6=5+VjqSXmLT%wKC9vjg3v zfs*e-I91zLczxx#Y1;pZgy3e*{ThhbN3Q7;l6)i zpY!qdEYt-PID@s~;bv|AzrI@(_E{5sg!)|@RGqiN+L^4F+nk9X-qvVq6S3nusnFOl9l0A#rB0*KNWkd{+KkmRIw0R=@x z^Zvwb+cp1(9OcbNYO~IqrHrZRsVnQNz zx&h-a4{jF;#%a;nTzzF2ew-bEB}fl8F4)4$QFIoHk+yDT;bVlYG zTRG4D(~RF#|B#Pi{nCEIP*2sKICV)g4&?5jcz5qw5RG>zaIQuc+`u!NRSLUHMQn6~ zGj>j{cR!#h{C@z`+t$=M`aVFVS@+$fMw!>=nx?j>gBA945lHntqEs!!9pMYB&dWIT z>+~$X`<0jmY95XwStHK{CfDqYe)fSMpj_N1O4@1Kd?OEyswut(2P_QQBaX=c8x}`R zjdquKNLby)j#B|JX4=f$mlZa_7;mIFshM&*_C2MC=I-=VQMx?RXSLCsU(Nh_XGfV6 z*4S~=a4X1&1#YHdwDs|u4vdYV)>Vfn_KoE5R0mFO9MGfqs^yBCv*zgcHq#O%A-3{` zzN#7im13Qc9p9{KQZiWFcr>MCf`_L4Q;1$LX!6C|b6*q-chS`+5s_M?Za~j!9?m5T z=@e8^tVr^<-@`KYW`3l#e=}4Ns{dABHFbF=DEiUHT61{s)QO8|KnmlBCSON{yEYcj zFtB9p&5Bc=*cW(%K@kbD{cf<<(%epjRC)y0C*x5ttA0K0m*543#2? z0+rJ|%WK-JcE13x*0eh^Eiv2fdP*yJI}>1Nhj*`{YDu64T_-T^?6q{~H^A$+p^b;q z?SsqYpygCBW#NRzSN3qbURXHAr`Q(X_S6VVgq>3jxai(Y3nm88^&ws#=ol`r75m;8 zuEbi#N{}mABSovFD#3w^UoJhtnQ#1b!fM4Wn0vG?S^4^?3i)R*xNdLOjP8C2lEho{ z%Q#MrD}O!hGt!JJOw-^MX0xC6ybXL1+3Hi2X=Q|D@cvH5o+8AQ=P|)W`i(()=h|hy$WN3gH7W0Ay%}@N_b~K z2hAK8^j?-?2gZ(2wg&ETo&op%qedEvX1cs>6nOgaXmXIbrpn@q9?8s1MbK2;&581z z0Vl6DFl_q`MB_vu`{q`N72imsI53nW#6b4|Avd5XC)2P_oE>GE+yn*%J*U@V5r#Fa zojd4I{4T-G_UcNv11LF|GcI6hWT>$zd--wfA>^P3H%%y+g>I2MPDJN>$A4zqb{2;# zkwl4KF^F3QPdbhV+#>FAsH_Ml-A#lEmW3vpl)wP60rfTCZp}|=0OOe&?;s8^*(cU4 zhjF*V#mVNCPoJ(bJ;PjEt(j>m_uVs3+^t@JX8(VkF;H(t$*QDvkrC&m7Q?Bk=c9K{lf>XBpJIJ(`|ka!3;j9r9(yo|h)J9USD zEipw2>S643No+7l{SIXy*$Tyd*l69y1Lt&tn3Ww}rW1->JF$S&N?d!|GU_^b42!@a za~(BP*TnsL><1<6EA%Y%p)?x2R|kL{=gwRU-+g6QW}au5xPaCpr}qsM@Uo(CelvR( zR>}ngXzn{ZB8d1RPD0#O6$HsHDX)jlXWuFM3()qo42)+@F=+5_qu9PND4{-N<+9H9lI7O6o+x@7(bLh_oL;dBq)cxKnmAw9l$DuCgwo&aPT@@(m}eAYOO z7U~U!R`gmR=%LuTl11mAuS($d14~M>biJV=y-4Oex)=tJEJP3=w=wplGOCZA~ zA``pEYP7#O`?LqlBc4i|wf$^8{?TRUf25Drdx`I@)M>S>e$}1RZTq@yC4uW0qlXRa zBuIP|){OD|;rCO#EvMEdQ~LDI7k{i;5PPlv9WL^1k8t<2z_1{ z@7y7Au53*`3pVdayi#NWICZ$2*N~|S+_J4uwLH6 zVir2-3We%Df>>y_4Bq(=cd$nOcMWJGhGuj5L@Cms1LQTMx5zN2tb#2(_#7|4^oM*= zC5qVxJ&}Nz3X&5O;URUFZbzyv!1Tmi77t9)W9D)TLTd_Ej^#rGn1qg8Pg!neCc=Kq zz`UmFNk`uHnw_gZ=dLNuO<9EyH2|M@keLep`*zO*?_BPN%ZxX9#cR*8VikXyp(Sa6 zhZ>A+5iaiuLbO0D<5i?SIY*X<<@UyCE3it1Q|3;rK$&pCGn&cpkN_A-ZgvK|zJGUF*+byt=R+Vyhs={@u{1Ba)5(S7Q=HEq>qCn}w}CyZ*DOIasp zt8!b$Dr^P}`twAVtcJh2xg}#W$8cfZ$N{W({_>iN`2dDO0sO}0RLQKHGI@Ri;P@2$ zH9diFQeRKWJ$L6#$FAJ=iH?wQ!O9387oM@9-ZZT z2d3Lo1n^vY`qHuP5Wr8JpAI|>6~TTT`Lo4n89&!vtw?3&llqXGn;WpohyJQkQlI1P zuqIn6T$I-CtC!DT3`uis)@_UkO>>(vscqPH#_X+PfwbT3^WFxy-FrGKBJ6Dc-#o}N z79xrfYog0;;jXRQRv+|>;V8DEtH?{85X-*cjK*B%$$;trfY6tp`L+mcYLy6ttokKi z6&}25YH>`Zv9OsiOOJNw05_f~+z|`0O|9p9BhovN4D}^OO#!mV+CicCONWe*D3G3Gs*S+)-ng?HQS`@DI zGqR1SIyB3CLH&gbhc9$*qo%6lKHd+kWyqokD;AB70eY4ViuaD}WKd47a6CGxK>h1f z^!?2pri^*x9L-Zj+{naucY^LG$hKN5wPd_@Yx zXp}xTyl=*jSLVUIg0KV0( zq9E%UeEg=+&%17gcI3+jAX$yVeTO1Rz2aCje1?Z^Vd`xpg}*6gqNeg37W>1C1odFC zB|7oD10sO?ulJ_9tz&sYItF3}O_Z6t)!5Mi$~@b=1>?A7Nyw$Ek@ITg1hw3E43ilP zWnukYxlX?O6q~uhi^dmA<{kF(KipBYYzYer+7FQH$$%d8h(WCRm&7Z^xKtFRAIRtX z=EpS`h_Q`_FUsdgF6_t*&X`_|*q8LgwF8(Z$y;{2c#n17-%tO_{`%K#_QEA=>$rlQ zG5;obZYo~>>#`kRe$#DLI1}Yx14Y$@7uZ%Ee?z@IGRyqK<@rX+biC7u?ZX&-WE}sQ zy>fnlJhwb63{=M1TU-Qq@^N#FTL+Wv4PI&}9a`@GU&ITRr*(-K;iv{O33(n$m=7w> zrQLd1eCy3Rdp{`{!gY9B(`v^zjyRFeD4RLUD83h~eVg0w_&o_dF1OJ!%R?lm<{lue zryr;sE3O_}q+=?pfcG0uN}GB;;;|}ukzuHHH_4teHdsE-B2=oNGIL#;JMx&zXF1?* zc%0zwtBeSG;j!q2eEQ^0>NqV#jo7!=o*0g@(C7UhMQ0w!^#8~4&u6#UW*cVixkv6R zSGBoAjO0ohQAk26N!sPiF-MZn2qD!Rl}dd#H_1^d-6NF_qI~=6^xN;x&tIQ^KF90* zd_A9!=LPrp26wLW)LRE^)}3c}cE4jY_p&2>S%oHhu?xO-G#Dk9f)^NKm;EeI!tXz+ z(9_VZ{L1)S(z8Hb{V|?mKmmoyl3&}n&OA3;W`3BgXhxkHtZeFwy@L)Z?Oo#R_vG$3 z=kBFlB74fX+?kdS2(&BfGy-5d(u!n%)omc#x$%uUa)Bgsb&KW8l63z$&Tgv(&W8-L`R49iL>K^hBgwkd=@7B7b2E!=aSExl zA99EW7};?hn0-6P+zJJ?sV(4<8R=4X1KpsA z!S{CMg3^@{iek)`6K&c*i^YXLv!1KT6G8Zkh|3b^t`ZJ%2-d8Q64Y!jKt{ET^|{-&d3>~YjqrRGl3!B*T4+5eIORod;< z@u`KLfzWG6ll{&9Ay7Zs>dXm(t_b=j%H+cOep|htO-7V&hyXJ^e9%Q=P^F?~DuJ|U zGqoqb;$}CQy*_ka@lYY^U7-)MPCaZZ z+)}s9?8_*>e*4Vz3|*KWYI>sahz{{m5wyR8kyo;OM%}!UN3T2;37oWtnlP^)xe@*6 z$fHcHDm&**dd#|`u^%i#@(ENHfP%Uv!J<43gu~AR%76eSl$je?R}79H|6FpC=MVz9 zR;TeWoXsHH9W~ci(T604L^u5u%%64Ctn}DgvDMSTCk>8XHLW{~C)d|yetiGyE^^nR zPDTVFgE7HMkb_K|WL2&sPi)2W6wFySCkxs*V2TR}B(X5JU#k^PI8X{s`2M(d=dJZg z1WPawM-gkNz+CTL$df5`421}3EWvrAj?v%9vF2o*p(2ef9L$KnTb|v%=FgXi3;C@o zsug-A07MOCDkqKATQWruM1oOtF5yCd7SyOnV^dNck91t)N?UshuLu%T%kLhodQ{XP zuisO}jGWtF0gL3v5_QFdCS>9+*wjs?*iYb`r*gk}j-vvgzT5nG;Qp*N>;~2FoOb?G zwZk5{J*-EZJ{ir1@&07S9I$WP!|{mw&trRH?|3>MeN`8BI15rsGkRD|Y_44xVm2w|E#fpBI(I8+!>(JWK0fAlCpFS@a28P*WsWs)o_`Z# z1bnjWS{UFX3+$G;S>?s@rD3|X6z^WOy>70*C7wR^PCbml>qGzhs8Px zLPAc)Y9vz*C!Z#iBW146Z})HB)O;pDuN=?iNIU6SNRLU0r{iM(17H2nWnM)3u4a!w zeFTr;8C`x15H}r1-^`)u*uhfzs$Ss5;{;XV9)VG7c(NOX zZ3iCIxnbJQb6vKUsA}=>9w6MEAD%5Wpjx_k7*$u!<(oJJd*a`RIk1psEc&NwsQLK* ze0dDIyGy<#PvAN3WQ)j8o~p6 zrj^;x2xE3SR%5y)GBz0@I%0*?=-we}rDq8$C!+uOerT8-6UNKYsZH}VDvykXde6w` z8tu6kXKSkskpJE37xAoYS2dzVTWI1?;zF#SjH3}!yZG{(9kCQ1UU8XPz9QXhGMh0YX&f@zlODIrvA7Y1N~$p15Vyy7Yzj&%edpu*{J4N}wxKXnk6H zJK$a~>PeR>X{rns>(i$C?fDNq-}pdSKlx~q+4A`UZ3|pb9gdobvfH+kdS78_30_gs_s+mf8%AKM&XrMS&?t5hB*hx z*Vd?{2*CY^H`E%kkA(p=MhDsIGh^K&t@7tqr7;*)!%l!9p9LLvusWa#dAn)a%ExDh zlxKl}jdxZGNh*}#f>5Rm>%q(_>ZyeUGlbBw;*9t1f4T$i525hYr3=KPap z%n{kPCfty_*t~UF&Nh=(sNK~^ zI4H?`|M`KSBCE@7r_(N2Z8p}G?;PjVhupnlVQe+{1>!jQ1U{35_+UscIy8M|pI7Rm z(=zgIcOgMS^77_AB?qh5tBiD1&U9S*KJcYuZvT0e5DE05G)(%PNug9!LS=GyC|J}D zs!&+oyOwm=|4jEP2dtv<$72j8j{)#=yt3+QKy6eYgZeAX+WC1;xwyB=Fj&7ze)N48 z$mi*PW>sug(+PM^pc&PJ-umWJ{=;zZ=I>L*6!(-mn+U?>4s`xMMzHxYj=zRFLL1OiF(3){PPdKo8FbwXpiUS7N-oE zCL6{SOQEe&h@DaDHEcu@1oPND|K>K3AjN3{#mm!gMY3$}!yU>|BE*(S1E9f+WzA25 zSfN18`<3gK$7&ziZz*WO9bWL>A}#yavQ~$WCqvI(wvwv60^oZI4EcGv5XR)7h{54n{3MA4P05^-uCHnlrq4a@TiFXtY>nS>k=O!-V-7e5zaB5f3E4^gU6;rD>q`1ZXlk$05I=>? zz|hz}m0lyZt~7EF6yz0akx+8K?I*dWt94nY7ksV1>HDUWx?0QNfHLK>bs9#|b3`Dk zc5t9}u7H3#pfBZ#%4E)L)f&XBrxZxe&a=GVlNd-V@D|7mIe%F7xZ4Rs+u3|LQET0y z39f4Xn69?D8l50nqR-D=GMPg7yyIa{GW!~dNzRAH{ydgfuIdOO!w3!$yy8<#$fH@? z8<)BA_oEJM60e-S^+fuG1y0!Yj~q@;t+`{-Quk`y7^u=?Z>=TY4^58T-^A*;V~Nh9 zJ9pHy-_qb->GR9nh60#9Rr(c9|H?Mx`rbYNfx|dbkh=7a~N^ zbfXj_)*#2XinHseZ*ROBeE|NY@7~f3%ED1cfX_?_0waPq2%}|hokHsJ==fSbRH++~ zG1Ya&M|x)AtOa0jHB&9-1zYXFje5)RWGf`_m}4mfbT@)hD+`Zmj9j-lN!jva3tk*L zd%XbLBSF}aUAH7KVYluffd)IeEMLNnu@Ln-uciO`ZL@;2n%h*{B>Gx$X4?gMlPl6p5Tfgo1#^yvZ6ZulJH zDi?0e-joI^Pxq=YoJ~AkWcd`Cy&w`s1FYHXb`jAUL>d!TOUr@TR8dQaz`V2QEqYQJ z)WJUv;63|!;+b-O)yU@(4c%f*L$R_out|3art7>;2^@^u)hl&`I*GU&SGgNSTze_P zaS{rW3R=v?W({5%s9tAXK%+~f?x}730@Uk;7|#z`>#=pF6}{b90D&)!^(sV7C=4og zlDA#I|KjEt=7EIu9L0Eq=}q0lSvvjNq#n_+Jp8?#Wu{Ivh;u4?5AU(x|)L^yM2DuV&vfhT#fKDyH6bIXqT1T)%@$6rMK zg74b$Z+SKqd9G(f|45WKTRS=pKm*TQ1!cbtLAljF3f5VXwPVwG9>@wO*~x5p;B#0w zcZ(Yq6(_LB7`;BU-OZ-7#p0Bvw^~^q&ts;fdO(Sq=tiM863X`okt{cv%8JW%EQC=7p zl^cCkhw`PnIzV}zc>D)InuMz=6hkpZI&jS2BmkYkW_GdD7m4UDv1*rCsX_T+qZk_A z7a_G9dpXMid*vwL=KhH%+X5|3yfF%=V%2FFz$HDcSSXoS3Sq+-SpjFay{kSAk^xpO z@T^+b)PvyUeIH*&S&kQwTtxg5-RuTxh0G0XrPLsE`K8sH3$sK5(TO~ zY-A4@PztUy3f3=UAQQA|e*xy6WUBE5?{8dxW4rvQUC3y=XHp@EqyjJnz>sHP2+$0f zbnPFY4q-^gTw$LSlt~%F`uO7J0c98~rt76uVV_-UFS)=wsfI4E%TWM&Rq$f!JpF?V z3$e<=@q<5Ri9=l%c<#-iRH%iyi(^lpAtjaLSIqA+B>#BdC;C$*j)!~_&I=}arQGis_OqEp+FE?qy&(+awzVI1z3${p+8 z;G|kVPn(7yJMHw>eoMq-eKX58K4_r+fT;$uJ1zhc5cAD%IN25pibTB(a8Nkj5)+8)HK>Ym@igm`^$ z4Md!3q7GjT%;N~zNIrPsfmeX`h5(gFfNLhNYdl6$EOjObWmH5X&Wxdq!eJm(dU*^)TeIN|HmRR(e!oeE;GrH1 z8agp7>l2m%kt(xSr5h4l;08L;tXxAMm*#9(pvm!Q%qmg5nsxxd@ie_mLyf8J)8B@QL^S4yJBTx_S6jS z`~6yZRe_O(C3L%BVJv)tvsKd0@abx!LAYYK7!5orMo~{z_|^<82(Zy zMpe@wzc0bs*mA?oeqN1_t$nu~epHvZ!H`_|3O=!ZrQ_bV>!%c$&R7Q5W|-YzPG!c6 zG%&`-a4o%33Q|Cc!85DKKHdo|?a8NV)>9{!7ab;9j%sX0Y0Ac09O4^%TH)b^8l!wN z{mOyR-61qel1raJl{$JAyUv?;Kb96lIX|=u0Br;y&;l8&|(<$l9bcI7WhpXirC7l*+=wW z=BxVL0mef_J~HZ7jmjR0X@RDCaa8+LP}hu2H}2YdYov z1^YZHcosl2L6QQ5E_}*T+++gAnM&np|6@YH+Xs(!K8{O$*rBOY}NFI&B*_a7Osg@ zrfCU}6sHA`{^K_R{#S~L><9kKZU7Y0zhC+q5$%D#- z?Pk(VZ*35%fc;qly+6x^{1cnp=#6&@Gad6f-^^Y~C9lWzV;Tw^K|$n!+R}j)^Q-v? zfd2Zi=ygrA6y>ocNHYEhvrK9T_$k`>2zq$h=d00|&DIAYMo?#-cq7X6=>4QB#Sc0C zplY<-aSgYi1B%w~h2F+cxql4bWyESOgjzOpVS!vFYj&JJNSYS!5?z_Yxn=)3f3UDf zGflL<=HPBaqd|PQ>D!?CP5Q<@TveX+Rs(Hf^Sfx6)OG4jiz{dj@HFfKaRq&ls|olX zE^=KrO9(<>y~%fJCMbx4sMi+7HTQJh_luTRwNGmrgcckjx3c11C#4Kuj6XPc&iQ^$ z)9ISt3Zs5i#Z?#Wnx)(V_ruR#CjEo*nFsWzdvWh_RO4V}zX@-kSvAfwpK zPQP?i`Mk-q6vXGIPDOQEax-}1GqfeJ9{c?ouECj{k#?btUZVP=WILDoBL1r)h)F~3 z9C^u^DT*4P-Ch%&ezJVO>oByLp181mRq$O=I!)d9pihbnwK;D|&}5e?4Ho#T=D>?%h!jzXL#nG6^PzOq!8$e-Qnh zohf3;s~f@d|LxmzHr6a6ZvP{#xF@AC54NVzjRai{sU}BP0lWem*8N3=B^~whBY$1E z(ma*biAvTK6F&EMc&i7q<4E6vG&yHz!}f_keY#r}Vs@ljhA|F@ zbCttg&`xZvT=tW6&fB`so3G#6?*E1Y;GNWie*J4P1FSZcGmFz*_vWl^<^gRgOYTz9 zv;=Fz=(}8{XvOO5$YF1&q}@Gm$RKT3-!Ct?Px9v50JPFyso>Nz;{A0$*Cs|FtvvZ$ zs6mo~;P9sE|H3_e&PQWiU2=0jXzsG=&1v`9S}i7gIGkw?rn!x3&I2|~j**Bp{##jK z4MZJB>#0u_oyqD(1sl-5+c#}&37S@6asqQ9!~#~Q?)?XXJ>z$(pc(f&0(_tTexmEc zF)Tmv^c?5u`4i7v3JnF@G@B3V3t6eh#+x#NuD*B)38$Z1It~Mx^nlGrQGe6ad6!~2 z*5Ut2IR?$r+(}Zw#xz-}eR@+j+y1T#_3VGZjG4p4=cg@@jnQH|jL6YAN%~(Hc{uP) zY!qr7twE;V#ijh9=%X~3rI>Or#W-7Tl6SfzRJ1E@qxwL z|1eJ0Zy&k!dK!W0W$wJimZt&IwkVn|K`;MoGip)IezZMlmf+@*LJQoO6I!DA*L?3Z zwH{Ryd(7H`&d~+8mdSW|Jxu*bRstRDv`T67S*;s3I!S~ZhasFyrv$P^eS;>4z5^mo zqnjYr;bY}8lanqvtiY+FV`zCq@g?I@AHIskUV66aE*2c}jWb;0D93?W$Sb{;lGtYg zr50BA-T&Y!(z@F#@|v7XFMdZ&xmdgzC{(t(&O^Lemm?tZyL7a(3UX?^e;QiU&%NHF zh%_zFU7@;Up)n*@=sUgKQ^@;C=cWz}x*dEi$AWJBCfaUoFTF*{k-oe;dSPnihMQ{A z4}W@8818xJ7DN>xME1W`|4sk$lHRmDYvolYhq$uq%gakjnHfLyyrP+JSliULWRj?} z9CcK`+&|=*1)h@<>IMCpdXzw$rQfkOC#&{qc=8nHdF-20#&&qIWuPz*&NHFPTmZC4 zWI*#~hN|EcA}+xk0q5=%m?6d%bWyjLdQTNEV?fh;u`1N*=B{105c`F3SvJHCLd&+Zb;p!dq?|!pu z(BMy*{jii0jPIjqrdf4WPK`KF9u9;amAI!}A^9Tsd-I{&Q#O$TzRkA5%v1`Yk z$}hL|73!q64a_854J(2N8(~vXN9EcwBemJKbF!0>f&~iSl3NWB!wBUh* zlXTh3&*DLB{}YG-f=er#3ph4HG`)`QD|4#PLl8}Qo8OV+EuV_eKISd#q7Yn4bdj!Z z$h%x@EJT-3-6|5u$j&!%vQAVybyqjftEM3ItvZhaaHE{?9al4Fth#Ggy;(C23p{BpZOp$s!nR zgqb$R5mHras}Rz;oT79GHOx5sJ9_uHw0bECi+Lg3Yc4I6*(ZT0mE-%(9_SG_wq22t zulMl#NyyRpi7yMfq*5h0Hez|F)TX_<(I719-k*N~oGxY8ht&Td+Xr$^8y|nz)vU<1 zl8B(}ZjMnrji>U0Lo6o`kjmS$c6OWav`X9|OOueerGCi1W-hc|&+n6(2vwX5C8?aw zB9%8J)Zzg(90*A&s3%=qZt*)FcFJa2gmx7=W1H)M^$&^4s?F?eDV3+_l?siEYJrFd zFSI6%azsdTCd245GSg$4m2pF%XG?;vUDorI zZB)pF{gQ~1J11eJ}$Q3MQyLK~6@cHIQ(hSl^5u-`-Ho zKKr+%$?9_6wt}_AQM?;UPu^LE8^wF{&i+|?5VOKqW=Nw6Vr|Of-U}zObaDxME#xoA zCE8?z&n%EC-Q3Qc&t;>gllp0`KyBhJ-<1LyxJk7R6(wJ%rSYA%CUb1zt-hb}Zi|@M$m2}Hj zQ?81nkoj|e=9Fmgd?~oepqiHwfouyIFa`0{Akz+-HWj zJ1ux4U~KEU)M}urZPU_SpydaMdcjWuUv*XX!qwc7zXTN=momW4Q3^ybs!SZoS73G-A(D%=cyp9T;muC#piZlZ-e}4F$Wf!K zhj!Ovk9vPP#Ql#@^Fj>92PV&~cmMD+ers{DFvscb4zWxy(2t&(#i@+d$t^CpSR4`* zR^_T9Z!YAK5*VK}*1Jm&1%X$8wapl~ob^HNxF6w}d_@2E9C=C_OcYG9_cZ9p9mDq< z76}W~y1BpSFVczc_?d^hx$0)!5Jk(~5S{3%zm-kve@=}xS+id{SW&sP@B8KQFDoq7 z0cLEp=d6a8crcSQa=mE68k<`!ccNZyF<)P0&<%P8!n-wbu}E-`9HljW^-%cbqp!@q zbzPWTllwe*z;~Q>>GLJH@1@voO2XZQqmcLd`XZU~OIU_BC_*0y0AZEvgMarH*#g?+ zUacYtv`lbl&0RHK^rvTi-b#fgGqyM$?&Y7s6h}{rV);A&8r+YiL8c>>`^{iyCuQmw zkRn=r(=r@F&(?msGUxmyGg`13^>~hw6_n&aK84rVk2j~VDFaK)Xw$EZ({pe9OeH-$ zxfzEmu!4S14NT$PKKPMYXp`18BQ1K$5d^qmH1JlJP7F+ZJ3o}}3L(*WEI=ejyvK-0j?w)fr?+CAAR4H+4?#_7 zkmIX{nW`g9NKm9=1VwEJi0Qv?73~v|0U0VXUHA-}6S5S1Bru2+;>RptUeItIhyUy? z9v${vTSqZ(QFbi%ff`pdF%J;K_mpp6xm`4|WqF>s1m;clitk=9{d`59#ao3ny)O`1 z|7?4Ys$0M`c9NN!w$@nQpJv*u=E zB<`C=g+QnxS}3P{pcYQlCahQa^^}(y))1e0)tkGnD0~$iXrpbomV%Ws=a}mh<3n@1 z_Kq1(eN|5G7%~;XBZZel!k>vA$T6eWr2>o&NB^-18bVQib7=|j(07jZX`z9cI7U&G zltg@AAZ!yHl4ya zwafPjbfpv%dMjKCVuUbRVc(38Z-a+23`T}BGAsi)DVUJ10D$Ld$@G0ya@Sp;v`wPK zO@15Z4Rxi10sfGtOSc|V2oMlDE&_Rl(rCrwusrz7kr<6S&5-qj<}-7skPcKn1(Gjp zY1{uI)6Y8btEPqpjwHZqh}_vF1=Lb-Z$DLuI1t{{7}d4q_nR$)01X|f7DCZr)?vq& zuyb^^!MZ}GPGQ0xwQzy_a9v^QJw5lM4|@kZ3o$EgOO@W&G_rQK*6{io@UY9Fwb|yRmw#!HgowD zQfAY%1d!|`p$E8XA3MX?^URudDWQuW_Q!pQak_S_5EeorVD<$py zTZ%LkiOQ!zM0KuH_hYXas+`||pT@|J32abS?h`~-dzwHqMG=`KvH8fS>G|xl`rNivCr+@#dKef0INr3u(MFf1^F0DE#)l$~)ee_C*h!<6LgSRUr#P52jdO(_r+I;a} zH&sHE&-b9GM-C-RMNfM6VB{qRMMIy3aX8&<3#iAk$kE`T$prOMntF8Ue@BK5%9-gk zaaW~m6HmD8D}m~30hS?u6db4i_HV0WN1AQYuF2Qa)KEa`>)Gh+`TH7ltZ)9O zpxpMZL;fL5REGrTxgJSdLFH%Y65D3-b<9vg7UsGLT@J#UBr>&3^aHL6m99yl;9p5( z%|+pC4kRg9wmhdUk%?jI5a&;Og)`M`XVu$m0tO|RK^pcq#s07{uAH(PR%U)@7Jvs? zOsqI*ZdcFAiGP*1HorCRCLg{en~zk`Y+3WrHaj)MK6Qs&Fi=_WgDLCICO#IBC=%63 zN<}bRrjmk5IIHWN4^1@nVIC?iFu+AjBBPQJJGB*?oRuP;Xs$8U-qi_DB!S2kI}X^^nBtg`zm7JzCE3yt$nT(s9g&Y;khcwAZlG?M-1$o{MgE3RjX zNit+KjaW77iT{!$^C3{X%WY63YxJ>xjdJ>7ADT)>Q$#W^05~-`jU(rnNy;&y<%stL z(3Df%?5p0tNj*V}JE%b3vHw~+pcrxE?D^1rw?zbOVpjSUs;v^7c|@-sJbMtX_E%&S z5Ggwxro0B6K2L!UR?1n<9z0^!Iw{l6YQ_k?{1;^32HqeZ(ZcdXp56a#B0kyNbS(Xz z>w#}1WOF&H)nh0?)`D z(D)>fCnGac0HFZzWuopP$L|8!D8rZL;sv(f?aP?l&jxl9!ne5mW7;Bq# z7M&Y<-4FPv4K^=Y`Evz#|GmA07W>d2#`e2Izf;tTK=e5M@LiEhs7MVD3}r60hp;pl z0zwY}CyVlBwb0=#wf?$3+3lCc#7IeG|D8HbK(sJ3S8a4MkgKt^lA=5-2&8ZX=6j2wMyM1#mc z0CLkaLd%aAc(=;^hnf=0WdE|RSNxDw36tB^-n##EF02^NptKtnYa4T5G#ap3TQ?Bt z>MKHy+v6O*$lXvyLO^_kNG48z^<>xHdF&zhv1tZ4mVM4T|MmbLxOw_qca=bfA(E|f zB-|n(TP0ch3(%&21dVYr2$5s-!V3C>qsopMHBofoP9_{7N10StQ>UK2cZ#^<}~5-DF)|F0OyW+C9cB(PEZwO7I8OOFHx)~(t=@TGo8fp z^ArrfLSs>c3lk}Zvt9azlWk8F!SDS?gAUbV&vQ zWvRFyI(8zv(8(oSm+FxXu8i5j?_I&@M4%AiDK)PsZ#?KpvT z{HALLJH`z-%9C`6uBhcPEqtJ~A>s4F^~47miS?TRs80<%gSn#o8i{5pgw29?hw`6F z6yYX}dCU;IfPm>f00lL)^&-x#H`o4Cv2=xeO3MuNt%C}{d#Oyh4l{MLM%E1rSs~@_ARvpHG~cNP6lnV4nism%kDlEaF zz|v$Z+(DBK1s{j$IxV+*d7T{g__3l5%J|k@f@X|J;oj255$nhegFof|vPcrzMN2g0 zdVxyTo-qzrmTb=4uEp*1D30o<(%X3iq?2WJ3)Qy6cnjOEtJ1lq+;BFUNcXQf>f%gMvO-Wx%SIJ z>vb8O9SDT7K_X)v<183NOpS}+`*quaZu$|z^YI-%0 zpRgZV?L!Q$yzwYZev>&K>%aZt9uH?+LAl``E+bC%ds0JN?;#rB*EDIf;KXq)m!3>W zmnZ-XfoD0-$wuPeh;YBwzI@uUT+9BwcEq(TN8g8%>>;aGE$QhGQg0rkI;n`3t&=uRcfqllV$m*TSKaBIMrxEZr535+7*wX3xXlQ%z|14JB-Huh zTzh~)ED6`)3Z1ma=coW{cp6aJaLZfobOxnQTeHEaU_;t;Z;>N0!A;)G4PVx8sX8qf zRb)$;6JdfQ4R8o)k~^cw|y7j^AnfrK@*F=0a+FsOR{g;pZOq?+NSC7GS?wbQ

+_es-2G9(_J`^}Et`pQRnr0~+X^TVn;ie`Vz?Nr2d(B3!Q+%Y zSdV6_A%~&`Ln&Al5>=seV0nPEF+MPftzq1m0qPWtQNCe*jT>9(AjA8iBGP;ZtOx1V zLDOB*h^}?^JebRXFj7SW8Y<-@ZpaVj1cWgPA%Q9a)8dlDO|wZ{g@86Ok?>Q{ctPo4 zSINL;W8>tJO(E5U(v5$n>0*X!1d|v0$K27=G>R)OwDssd)Q|Ywvkam1r!yxmI@!_0 zpw+iaKi>Ulm6&N|MY3oJWurSl-sZTQ?qx9fTj>~JA ziL_X#>^7bjcy!nqbQhWe#$pJ!b4D>D>F#BPStKO2ztQqqi|>hi9j}mzNa{R1E>>Hv zn8-q;;;~tUTwC4rO1^#v?SjHv$UXr?){dX$DB@(=^=RtbE^{K`&MCF=K&-RQ=CAg% z=#9+~Sx-7zvod*q0|1bO0>l<`J>0$!i0r%EELX5^)6pLfPvrIwZT^bfyiR}^BT~f} z1PdPiJh!9r?Et}d1F~|N`(dHKY)SIYfDW#o$Bv5Zm*L}(_$1l~3aS?TEGfUZ`X;fo zOZPzuCv!;RY-BwN_5M98H_AY0mI7tEV|1|J#dR9SY9dkQBUve^51tpbaEfz|mD1`M zD+>hiY;G>kd9+TK2(^7NyVVD^&u#~Jb3>4{mVrjwVzdvcTF@G3Y{!=Iq2%pqYu$0h zk`BJhGl~p><6ks`j;B=mh_)-!D=)@OZdrnZD2_0_S7`0ge zbJ>{$5m3_7`VxKZi@eTm&#|+k$w)i?;G=?^%Bg}wzZ_WDG!{#I`k=dqrz>p8LW3|O z6Y=tm{zmmlo^4vBqPeJ_uwF_lKr#C?XTI*hacqpU>bKW;r77zKng^YGS-yL34Hz0Z z806m7c6q=$m+@p-S5mNX^Vi^^WGO>6Nd~AEH(JyL$04+YWzOD;SDE@UzIuu=`6udf2{JeoG^?xdwA^H zKjkvpTqSY|t`y{6p}v5V!v2_BoTOwGl6s0&Xrmyo_4tz~2njud?kSbIm>bhzY;oIZ zeipSSZiEn?vi@|S-8|*}=eC__#WQObhg_2K1!<|4IEb<*Q8h!9J3U$4YhK};e~gap zqEB+-(Y?EOU4$kqo0SFDp|`pAVh=Tg-Y^m7OZ3RMh^l*X?UgCWq*VRlYZ_6Xl-dSE8?sSq27c{z*zmCU^7*W~v&$ws47eM!` z+0An}Z&>|HZBa_kS+G)mp4ohZtxihiubJn2U$+7o_gY;}YNk10tpu=^7h=ev?YO(TBuLDJ9y1(wDCX0?J=klUYw1^HC;}uEYxB4CL_z1ny>XGq6!Fq13uF>?w zWLI&5>;5xZ&u0%kcHObUIi(M>Ug}ALTrAqsFl@MN0N2}$A9Srq@rqTh^3I8mu{9Ml zx))_!^FnfbUM^=pv4{;IEw{c2ONhi-Tfl9f)m=PsR1tYo+IQSV%Y}B|+-tRG|F+2Q zK^5(fsJ73m{pW~_wcd`V)25?aMrq(D3QHsB>_XH`NxN=z*X`qT@$)Kd-?VuXhdm|= zC0=|Gc(G^1g~qlHnyl0fH@bc{z)kj&q$LxtedFvWlfK=)|J7`H{@#7~d$SPm1J)wf zfp|eLk?{**@B%*C`@+zsVM z)Sns9O-sKLmEM^hX;S5ms3kNjEkKJIW(`KPZc&}#$}-sK z*$h{$&z-fG(A>olSD%=K)Bg>WrfhhUk{ZlHbepa2Q?TETpbaICHEs7wLTGf!sV&0~ zvS9cm^bMNKNeVE8M;w_%$g`kSfpR7rsHsDE;nk~GcV?9ycwU~2oAz1%QVRC0>{TKl zW$`dM2Jm07-|KfqmO!E=Lk8A?4#b}{AVQPr89i>1cPg~-3NRg-w+bJ9M1WUhXyZFo zUBn5pMs#Je3ak{p{R|* z7}O*sFP3#`E!X5>zSX|%C3blZ9-u|P@hZi9V-kD=9{o&$Gp9Qp0(ROY(R}fdA7Lu) z0_5Xtt88a*-|}JOq)ZcYklcwm6T>LJ5IR`uCMd~YKi9dlgIsj@{nkxxc172s?%{U@ z=|N_Q$BOu{H;e2`L-=RONH=T0_P{Fza^;cA zWC^q}DP&4qksq5>(4BO^Cg^x*M%a6g6NZF6BG=c^F2^RpT!H`7QkbT+_j`xdO}?9& zMWlzgioVa)VkrOO(;)jZRZD|zo8G$Rw?jf^arOc`Rnft&YYglFR8G4pI)-XXVV~ib zpKX@&dCxRsF~YK;g*3UEf6qPDtxlfGjn=CgHO#Ah1DxNdl3Nn>{*CvcNsFE?y?a6o zadOLPkI=Cs*rHC^?(Q=VF{!_jR7!6mY$WBm0>DrJyWm{@oq1J zDYP>!c&z$Qh~{Xa7f>xTllX6Feb(0)uUWP5Rt3D4Q9QukER=g69PX5k`L7Il>pwfJ z@*Z4AWpL}E+Oh-8p9&3>{VNK7zod^nun}MoXdY#zu^Fj)y2|E=BTS^}$9jEcWtxSn zUQ%@OvxG}eS=&5My56k9kd@AjvT7Wvb@PMZ`+|PQQj_S}yO>JK5Hrja{E87FfdOPV zTsom5jiZ9yt+jVrQa-v8$D+vJS?T-m))QU8brQ^ZyLM&y0i#%Gl0yq2FWR*px%r8u zN4EW;i}nRf*!q(p1UDJcm?VeK0i|eMuILigQ^l|Y=FLjo!2^ zm(7s-Tmukc=@&kZUZL>7@Ax*wC}ola@FX_ZsT9?^?5U>{HF@Ao7P&jU-Hrjj{nPN% zJSEZpD9?!7mhLbSsQShnV!#YfJL1_O+NXrS=-%&fE*-RT%y4hNs>BCZ=G12`ARSfv zq}}Hmueaav+Dii3xO`ByJg#Nl!y}n6e(Oxu*F-NdbRUzvaSkjwiwXvyQbuDae;+!^ zeNX?sTyp2_!Ip>ZiCNmsKYv~)C@ZDbb*fn644BAQwv}xGz+T3-@HM=y%ngoX_rYJW z>$49j#rT$t2F>Q_F3&n$kq~%8D7CG;`ZEA=ZN^FgV!{MWHkhM7^D*53T*(@HeG=kA z3pm4c&(1x;`*o`&@8-#O#@R?jjV$8)ZE!>gZ#V~}v20o#uY>Pz33v7kdUw13IHqT@ z*^X%;g*^vBD{5Iy;WSUObpU__{?JOX$9oQ*x@qZZr-4VJ>l~1gh~XoZSMzlh=so(% zoA2L*CDY>6wdtm;yDb+wLqxagR@-0w`iCG*Td?3A?(DOum}3-X6hogcg()*+6F%+; zE#C>K6+I0T&n=jpv_-}9skl_7r4sAZBbADbXhllY(GlLAMls-WMH^PLUO0;)B%!pD zvLFz+4<8UYhGZ)ul_xo5wf=J#kok|Qw`3`%Q~UgAvfW3~RV>(iFX)sJvc5x4a9dk*UESUFcv)Q!TK$s(J;-$RLN{ZE3jWzBIOAJGokE}hXbzlY%EOxn4C zg57U{m%oN>Tt+*Zx9{|U2QF85J(Oo#YaR`arnf`y!E!b@Wh(ATyIrYR@C4h}55GAS zEJft1nZpdEKcS0VO=|t=jMVe<)f)(Xcf(^^CP66VMC2vPdiFw}+3m4c1>)diR{>Fo z_UZt4P%&a9@8_U%V{8FVSo}J?Tyh8jbSjZMIu9ox)~B);#Y4_h`(FOOyV^54#+y(X z%*cBI&p0y%s!zPysT*Sl82sX<31qHOym#`aM)@*+ac&_B^cSjy z*yEpTk%-PZdFUkkczzO|M=lS37+#m@nyva|;P?Ue2MP@w zHPMtDz<64L1;SVX#@Z^lx#5C8PyNy!;3g|CTXWk+5pKNeiKn*PUkJ&Xy%KgDDtQ1w z28^9>*tqG%K6%8mtIwZV1gb2?3wN&~gcMWd@>|@~?iseF%VW>Sca5mcSw;h)fBpR)W4O!Mu{-{z~u~v&7A_3K6rU%vo~nEGkp1 z@@iJ&?<_@QPJ8oQnP;nR<{Y(l&gkx(l1ArxQO(YuFYRmo3z+neboOtwi0By^nG?Oe zs_?%6G6v20@KU2e8e}H0AM`(c0Y88m7t6NVnHrp8&TC+Padi3!M$q0Qu7JB10}gNod^hD(j)GRcW@W(SJRXKP zPJc+TM=`Jf;n93EO2K02k4PB+L+~RZ%m6ZtO8C)7H*3Wt9nZT}oNNh>9Il-Gn7Q=O zycAV$zDQMl;4A9j$?bfuoiU|+-r%49UgeB2=o0}O#SFMvP*&uSr|9Ym{@z zs8$9ipJ}CAot~*i5JTig4^N$oGqM58Fx9pm0s6*OU~on2`6=iQ;<0YTj>Q;BOcN;- zbwJ7MBah&~zJtS#hOVFqv6Kp)UHj*@FW=Ik>ik-w)}+t z@{a)t5CMj?xRW42Ck8?k;!`Mu0fQI^BuZ4FVxo$F88vR?*wN!hkRe5mBw5nr43sk} zGGeKRk)8{BV9I2qBIOK|IX6;JqNV@A5_*k11iGRs6s8V&T9}9uWdQ>=Y=&i^+9gJb z5*IEUz^K#fSFmBf+ECIDfrVT+oD>bUff|=+uuME~vEV6#3Kgne&APR#SiphBsxaap z4i*3`PH<=e3kefJ$G8a4&_ja&F2@Ay#j2HSa`55B zgI7Ve-;zPOJlweQg2)jXj@lJ5P^6tB8b^ri_7DKeqaC>VOC-YTIO84`0?6VHSi+Dd zfoZ}BgNZPZNWhj$^a719?*{)I??VtrN~t0hSb9k&ty0uOrJFvSfhR4_qNfTcZU94{ z$5;?zfOJQcEtq95T!!J*4zhR8v)TRaRSd^;KA7m33BH zYqj-OTyxcRS6+Md^;ckn6?Rx+i#7IGWRq2PS!SDc_E~77m3CTctF`u8Y_rvNTW-7c z_FHhn6?a^6%Qg30bkqM;cU^Ydb@yF($`_V{CvLl${tl1n!EWRz1@d1aPccKKzP zW0rYlnrpWCW}I`@d1sz`_W5U^gBE&dqKh{AXrz-?dTFMccKT_kqn3JVs;jp8YOJ%? zdTXw`_WEnE!xnpNvdcF6Y_!u>du_JccKdC(dvCt`_WN(Z0~dU7 z!V5S2aKsZ=d~wDbcl>e4BbR(~$}6}0a?CT=d~?n__xy9vLl=E?(n~k}bktK1d-wf!;DZ-_c;bsU{&?h*SAKcsn|JeDcdT|9te*SATu>+iy4^06Ub#g#rKo literal 0 HcmV?d00001 diff --git a/examples/saml/post-basic/src/main/webapp/images/picketlink-banner-1180px.png b/examples/saml/post-basic/src/main/webapp/images/picketlink-banner-1180px.png new file mode 100644 index 0000000000000000000000000000000000000000..2509ff4480f0069e12f288cb4f26afe0a17d5213 GIT binary patch literal 104130 zcmb4qWmFx_w(Z`yyX(dwxNTtL?hrIca1ZVTcS3@@y99T44esvl65PqlckVg&-5+n< zF<$@ZuIgTMu2t66t5$XRM=5Aoo;@f#J^x+^T_m+! z)a=b&+>M;f0HUV$#%3T{TO$iIRWl>gua3iJ0ssJXm6f`di(*XD>@5=gHZLA(f4y^1fY^+ZI zlKH26|3N7#{_hA|+y9n!c2PC^zsCPR`JL6jI+(GlnmOCMI+^@!MRThEq3VBE^pD`b z%K%X{a~HqK`MdZ4HXQT}VZm7S4|guRKYt(l#Rtb`z?tE-hM1Pm7C5#`_$ z&mylv-7nS1UkPzqM5R>HP50Ew${gA|QStnB{D|I^fex&Ibb!pzCa&CFEF$=(+9uUdy#{Xg_e@o-A9 zb8&I-ad5DKdD+={C8T(zz;7}=Z&&^& z`QKycZ|1*8p_$#^MsxZ*#twfyUjTq{C9)Et>K-d=9fvtEMrC!aAUb7dV4VtbiS4i!#_4 zOs!ihua;<@SXz))%%k4%aMH2gJ$) zahCZPvY+p`tgZ&)ckPeDQ$DntEa=Cb-RGN0ztsKwH~xG}Q!YWP^20Y6K4AK8ux7n2 z-Z|RiRbDx+XXbeE`;+icF|D*xyZ;H|r^A3(gCvV@o;j+YCQC$1^vmtBp0jzvOon#| zOP%ejXav?!b9j?29kiAFJ+VNY6>hB>mq9zkJ?oRelxJZK6q}vVb;IM!Ew|FsKCNTAGj2Xo>}#S1A2Ns z5SvBkX8o1riiON(_zaTKU{{Aj*$%$EBJj#APb1n4o>(QX;1?Sk!f^Jz{v1Yrn4347 zss@W+vQelH-2LV$Dw*gO5g}w>zuR=x(_L>kn{H{XigYiN9F3Cw9@CmsGxCtr z(T3~`KNm^LE7&?QIDFAgPj~wFm?|Y2dP_EQ8z0_I!?&7;XV-tLO{Eh3kICI8+_e%c0 z^)U6)xt}><=D=CVZ?S5H?Cy65N8On4Wt$9gC90#{G3PT;?|99!BJ|dH0W5od89U^7 z-Qjn673cE0TE5!BzkS^5-5B&S=ate`QBJ zw3wa@Z+x?l>hMyZ-z=nc-cS{~(XS}epC-bw_sm5`lz{@gy=SCf)E|mE5iv!=PlP$l za|o?r8UsS`d(Su1 z>LB-3EYqd33xW&xTC}P`jdqgZM*+IQ5PyUHQ!s9!RF03BRij0B*KWsJ+Az$P1iex( z@kF(-IiV;8`z1|^9Oun^kp|}@QbV-v649WL^Nm5wN41Bxhv!)5u(Zk5uDiP(>{}ht z^VC{&$`nDEWp70@c%aW<*d&=v)Fy8O=k~O7-NYV?j#uq?{XDeMS@x>yfUM?&LPWW4 zkY$fx)R|r#9!P-*>Ih@LeO3+1Cix@4+y+3c(+Fq-`SSG*UHE`p@e`zDqhBu|FQB|ma>CS}iaW*#R z$|Y1g7On*dt&P6b9)%MV1YS$MD%PqBHn!zbn=*@8`sPA&h^!WPp8&-yaH#u`@PT){&QLu zo~-B3DQg~826a^reCsdV;C714LDWE;p;>F2md<2OY@S<@Z76!XZevt2p2<&)fEJ;w zuGU@tOp4aGlcuQ!S1-%2W+gEFKe7u)lRdkV4Zq&$JUrCh(2a1bz4~74sQC(&`iu7o ze@HX7imx}2u0{iR))b*YVjL#5Lt+Qhx=H0eP@bhHK9F&qHcNSaFn{3CcjJc}Zw$12 zt@mljf_(B-`myVgy<`lQsHlMmG=F(yD}mH$)o?f^Xh?SCUz?evvKD zRLA?4-S?UA?*PmZeAA0@{AvuLOtd-JP!>-!3hB9hh0{_l%UZjV{P~Dr3=#bmJ!7{b zqL)`#QHHiu{au`nU5E1y2IGv2Jq%ZU5<}GM+O1(pgS+DF`|+|{sE*mxqAGmdm)83W ztzB$5wDdl|If(r`G&j3v-GbJD5r=T^NnW}cX9kTEgWfb(}(7|XL?HHt7yBnM@= zK}LdXL{?G&0V^=vEix#(6GN$`Q`e>v^Vx(C!I@$VI%2YC^y`ekQy7)?^D9f7u-Wyi)Te=d_|C|Dm^o2J8xcH!t!LXtye-cg~F zG~@MT9cc&VW!Z4ecM-a4Xi;Q8N2BWw{hcSPTeUtTsT-CJ6WSnGB5>Ckbzx94*$RPi2V z75~Y3n)T5&$R0uc&MZ{~gjd49>iJ5A|P$m&IGgHJQ{r8V3& zWM4!ptz@dN8qaX7YNr zywrUb5_WusvRzt37IeGlEQR@Vz~XH?MTG=#Fe~}$yEPqz22nO*Nt>pA!*$~#LzwgO zeR6<~i-@+#t;uyoeWC!L70rl{K!P1lHrRFe-CPj?SVObE)VnfI0$GK+pVH=r?@;4; zrsNO1=>2P>9y@+t@plO30#PBfxF4ce-$Ht#H@j{sFGxO1D|g=RZ|EGk_=Rd(HNSRv z&5JY6UsAc4UuX@(Wf%yEGITm&O9o^*Lu2pGi-53?k)RTBLdp1xz|%(FCX|z%Ul6lM z%4sY`s?lFYFZVkK!x%L1#Uh21jdS+TxQs0&J<*r*IL}$CR{%7zAUO+bg_w9Dozow& z#(HwK00}qQcp%p@ozK<$;er<`Wuq=BeqB2J7kUhA%-2XBc7`?D^EEtEf=vGkEzI&Q zJXE_g!Z2U2v&CYqnw42R=PsicS)2Scd{L4ZWCk5PRs|83ts|tmsg06vSzA(TXzamO zA=e~^SD2#I0q9Lr)X3D8bOO=$jYqh>)tgxTek(`ro0n|KD8i}kP{yTdPnmt+dq2RZ zxRltP60Bkgo;%!U5L|WMZ^=@*Ba#cKs1!#a)4LT+PfiVZ8)P$nPgP{=kuK5^`BpYOcXyDbo zKVgIe3IjfvOq}VHpk%}5&%H^tTi2re#K7p{U3*p=rQ!3#jZ7jr4WV*KqSwVcroR+z zag#7P%t_!ZW!uA8+fK2{6`PZ2aeGq!MaM*KjpC4w6DQ(_Mqg?khmwV>_9Lhk>wKLe zM43N~aX)4M9V5Iya}BW>)get}DdABb$aBtF04i{twl`wZ}7Gzb!kgxpO#JHpIBB_3cypEA7SDr{s<0 zoMe&uOmDEt9Z~Y~4y{957;MWY{Mgk0nd0%%*vX>tsDOmJE1?#vEsE zt|~K4aH;zJtZSfSspYCQl;Tc~4FE6b_VTRHu%Cp=f84)}$0Y1@&CqJMSRre$m+0N@ zvS<8sxhHXG_S7B-Y^Kbb9A}-Hog^)?uG*m5W98imF1h~N=qC43^fnI2%#>;Azj|DA zs!ObbpRs(x3kJ3j>^==7k4!GNU9B6VA|%C5Bv|*LgSVPWI2e3a8!wbR_l~4jM&Rc_ zWP}*eDBqHKvntOXjhS)wJEO_J`fIkG=4X^;;u3x6>59F6*v|c~y`)_jk57i`hHyS= zjio|qi>#ERUNT;@a=DBQu#^OXQFt+61DQ&eXi{N}(^06H-?p16z-0Rh_mC!T^U~Gk z4THdfjC~a@UvL6vFF3r6gC|4bQAZe?)WLZMbP#5O|&ON4e>k>$r~SBenqXF6(ij#}!S;AZoO!wJ#h`bYOuP}*>= z7MT?%3Ae6I|JmMYHw1C*2aFlVW-o9p&yIO##OAWT(mpOCbK!I=#ceL13qFqBVMV8M zL6;3cwN7~2T|3073$K#+_8k<@2ofkr~Fjw)I7+#QVh%-BP} z+g`VPWZlm{)e;o>eHq$lftJ3SB7&S!yyu-0;pANh51lj57{oJ{^YfLnp~{0*@bhf! zL^@ELvgkt{2{w2O$BPRcScF3e0Y?BZw}SK@SKz*804PO{Um|?Fxf%43hrMM)^QJsB zC@Bg#IhiZt#STnBqzTC-5y%Gxm3h-noP==)+%XpIt>Hun3e}5Ca#w^#HfT&AdIK_z zBE3L^Y4a>Oj2I_1-x8FD{O>#k`A9XusW!2;yFvgppO|`gnZiD3ADJp8IE`?^V>}%Z z5&rIsDH(Zc(X^{^D~Kw`mL;jV3?A?6zZA9X!d6F zL-zEg@A2joan)Dy^VMrl9Zraz{$u94#g6e3wM+Krm8wD>!atQ**fv&kX`6&r^lL}~zTdD?V2 zqz&qK5Ref{jOfRaROkmAUd6_0%sy>!uo|lEz7n&uH0<}@)iB`a6|MC+<@^ImuxJG# zBIemK6k^|~Sv>m#wvc}5c0s+1!F^N<6K4s-z=zXGta5D1mF)yE<5;*sc8c13%Tbja zQ}th_cIr8^R)LZTYc-QPT45QOR7Z%W5!2|VJMX6Mjm9;paC9Z*shFt^IObeBYj*B`(Kd5eenRZ}hptZ@WT!yOG6Ygx7 z#irXmwS`C`p6AO4oXUVS-~xyeE>P)sG$>9?lh|OfVpgk^)l)DqxUvUMk68_j4@PSJQY{0U z9~;Z!$J*U4{)?PG)qfx#0EJwXZTd1SJ^i|?YwzQ?#W}o#4VLAb6&SP&19dg_^t6WU zLzR4ucCZNRneqU2PfFooLaQX*J}q}CN5*YcpQ_VI&ai`0uzria zjD#bj&+aGEs64N}_}G|cG*)h|Hr={^MD6MX(}o;d5>oDQlmTfLtA2LoZ7KaBWacKpdL!jwtUGFfIT;SjZ&X#K;&L|*32QZ$|G z+9MDcm2P-nb>g@;R&3R`XKlGS#_vKFo8Ma{au3BOWO#;Vo3SDtHkpyrsNOUigYLQC zo~g4^3MraRLWrloL5)flF*vzFHmsh4W}3L#nr2P9snufL_r^2p7S!DOV0E8*&<*1J z(H?Eq#yPYVFf0pIGk)jznZ^WxoI++mhFXCB!T@iJs2s~dAuEw?G?xO9mVl73pY$?GtY{3!=*Bbg77ou^ z5>-zw$goR%uiZ(oI$dNjXAbH%+B8BWTJ|a)nrm@VC8oD5BZqQvaxMeLvn7EEGeo@( z4w{gwl%f!1z=Ii75>%=A`(I{jy0Kqv+k1;9Rk8cjlwGi3@QACea!k!*X3hxZV6Kl2 zSLzUNZ68W<(4YdagCZU*ezkPs7e(*|tTwBB0wW|~VjAgP7sD{-dzW^okDgxPkHj9+ ziA$nE;uws~4`K{QSZ*@4Jbc#id(I-c&Vsq5VW~csqxN83}!7tAq_U1+iYh2)0$NSkw)G~ z{Zvxtt1T47S#j1^?dv4`{hm#qL*c^k z>0@4=Ng${j!fql6ev?L^Pn5vq+P{~D#s`c3Shr`}GB?TK7!|v>O>k*JdoixO_1=H| z45tz*bY`HS$tcq{1ZQDeM|hy@<$SkyW}?v-owZ>w{>~`U)sb%Rts(F2{Oe-#eSG}x za$|;3jg%;pChd}aJWIgS|Dtu9dAQ<_J^E|%46tBLf}O_520*D4jHw`>JjwIViqG`+ zT@QC*{futTZhr`?+u?*{tM83_Yro!__`>xsTPmo&39Qc3`#bk(=i)zkF9ow)2$piL zR5?}edR#b`B3*k|YY#Wbw1zdBS&;k0>$MS4KhqfM4y2 z3WEQ>8sn?aehZ>cIiC0yQ|mO_-zVsu<@mVEe>0?-pRw#>M+a~no2OY}l2lk+3^^4r zn)0H^Ew}J7d?1p4LOw`HuQ2A~btLa7nlF`!@jidz%?QZNGb$84`hbb`G`06?i4AST z<0OLZ(5q0QA&rcn5!a3Z$z$*FKOdKaoW%j@_d1BcARKN*SJ*8vf@nUtX|-;CdJV?C z00c0HQj$>2Qo5FlD?pSRbmk-Q`4v5$#Sq$1<_KG~bI~J;gmvXaZMB{Qr2-)l(=cQu z7fw_K=s!g-46l}?))S|#g;avOA2#(1IzWPCr)8+bCi5K0C=96wEgMFAE1{IqmW>*V zL1tnB;Dz%8@a-hVB~{kILTm8wn2x zGP>yO&kag>k}D9vMk)}8g9?QzrI%JP37V7=BmI_A;Op#yB68hb#QZZ7U~D=dxV7bk zHpnq0b-$0Goh;n*Om({qZCgj)R#<0}-AH*fL}7vWdpLo5)f*GGw2XFi(GszSxpLmb zU%d~bf64VraO{wOSwyLp`%pf$=o@?)oPr|WX42au_I;S4nQ`qqcEw^ zi^olFh>&6KQ&Y*=D`O2MGzjLsmiPnOy|QHqE*kQ@+JMB{y<||ObYFyNbUs^&6>r@* zZ_ea_p_v-o5)`~dVEGcdg|HjQztkw^)|apCcf^M`J%*m{MAgG`L%xc4?&G)NMK>D{ z=JSk}x|VOQYQ*xS-4_vdm6tUZm-+nm9zT-he3n19d_q@|&<2;1!;=Y0G;P#Zu@iJw zWQW@*aNtb8&-u7I?tdX;Kti~7^nOG z(q?vUJ)+bRoVG5#x8#Z2r(6RxnAl|mZ$+hATi(y`L3}Ts%-cQ9dOA1^r({5~Wx;=5 z8kt25=`xiZ>eV1@9}cwVs`Ne!%{Bm$xwsogJx_2-fVB8<8o7-YtfSA8 ztcVOq!*&rnrhGq^%4qrCfqlv&)keg0=MdG@^3ak=TX=ie69)ji+EMgFlS(VhQt4sX zH8!GdvYMM?B05_gvWjZj&`I2gVgkc>T#X28@sv$9bf_~i_h}KXSXiv8j+~oqEfO;O z*5FxbXlC-rSzG}7)cDss-e{D(ETWP0X}HdOHz^Nq|nyvuAaADHg8- z?43+P$x3ywG9MGZd&E1WU&2-aB{tPUd-dGax1N2`j5n%Tc8|&oO_LNpPaREryHh`V zQpMi`gwL*`ELMv~{-Nw}W{Cn`9b`;s6MWm+cp?rR}K}dF#spsKy_TLuADVTrP#B?gr{Y3~s@i%&7BbLaSG#5BOEz zv=$g#yNet4gop;_k@=&d2eoF}2(N*hs_$ zxk1_02x9)-@0d3PN!QF{4Iot;Om*5FRrr3dY&*==9DM_?R~n8`zx^Hqlin~A`DR$m zUR>F85pUDFk4k-yJ|1Iq)8eYHf=sE>YS3<2)OI@PKZG*3v=9wd?wonPylVB=`|k0< zt3L~`vGP2>Xi64Nt^cG|bn(~*hXAiiN70Ss5O{>bOsLRWrcXbo1bJGs@mnrUnzi=v0>9{e4`r93>}yRsXs&ZsKAqW|-@neu(pg{*Ac#xFEdO1LaLT~Ns%c{6%2HBFAQN6tx)l7-Q*v$6MPb!q zMlI1AS3%s@@BU%IDTLVg*G+`59vSI3djrQA*-d3$-ccw`X3f$<FS1Z_W~xWUcW$C%V#e@pBh^_IZwo2npiv znu!swq_9r&6s*s}_81ZI)!P{|e`+RChT{5lZff)l9IlY1zai1T(L}OfHEkjB0*z#g z@hjAV$L!|T$Xh~p5WYwL6u_#%`Pl${{Z;QCDOYh`_vWnIS$A`~j{Tl&M1hs~(~o(0 zQ6Rd^-nnku-(@pq8jbNtq%|%k1#o(#uyKyCe zt-N?P3Le43vp+&mr~)NE?Q-yzYReJewZQV#v8Colci|lE?pfa!Zi`!YLyX_z;)|`P zs~(SmPgC1EKya!_b(A$<2&1#N6^Q*_fzi8W#j9BxR#Am% z^(#sm$)>3F;^*0CJ43UL1VP(-Zqo-0a@ktT_xYDSC;*d||9(5uA3aQ+M8+Lyfv&jS zPvch^!tdN|`pUah*cUpDm2KQ8<=S{V7AGf!rL%c| z@7^Z%btx7fpiQSuBd)aVORcciCDIPkTDq8)dNH5M-_%sQWL$hb*_;Vq4hu=bUH!RS zm7J4TQ!|{XOKhPGr!6Wfo-d$}OPqOvGXX#BPWbMj?hUVi z%U0Iov1J*gsbtK|pAj$Hu5^Qxk5_yoh)D_&-i}?))5R~>A1nV^=b@N*-EI&GA zqrLn0c3Ih&2_?@nT-TPRNd%@wwb)OIu}M3$+co)=QiS?i!^W#T)FBGGa69zM4s^F0 zooM-VvqQLF@d$)_vdAlNM6N_(KGp7w%jktx+S;&&2(^#rg2n+?Tub^Ir0QQ^FjA=b z;2eK#-UAqIQ-k)zd>rQ^8abJXi=t^M;cQV0)y4?%p=?1VL8iHTsMJ1gd<%D5jycZM zyOH*i_|(~fy|QgA*yt9&2Wr85@9iLCqPP z5zTO!J5rDlZOV0@QH6XqG+WN~j0?K0HLarx3M41KT2+!YcqNV;Cpu%ZS6;+C50h?$ zKxud>?0t1FnQkePh)Ac~wYA`D)D*6Z^=ExcQs4N(r~p_l%6-Ma;N3wX!RariwmXBv zNge7z{)P)kdt=*>az+9jhn5cTM>$rk-f_0Nu%KbmLArT&a|h<+{LpMFR5tja1H>tT z?DLvj?iH5xnO~}}@X?dYw|E%Kw@dY>{vpGhEz8j~7Bb{(Nn$kxeBWQ-4l$j^YU84! z9w*}K!V)eF(Ce4P^ZRzcPT4iUMyjF;YGR`b!ofmIhZP^4^ZdDCyNbw7JlPyLXvkw9 zdJ5sJ!g#x!hlS#AL?Pf%>1Qc{P7IFY_jzv*W7FK|n?DhnU?o!7CiJ z_Z$7eWz=0$$*D2!QTzq{iFrmNk1IWiBVigQM>tI?HOo6=cb8Z8JIzYRF=VCb25qIr z(ZapsvUr`-J}-6n)XK>_Ln@4R)R~+(t0=rCvfllM_;@u%)7CEkE48>|TkTV3EQUed>qWxML5AqSp{q_a;8#LQiGK zk~#vDzuPu`;qw{FS^}2HP_U4URs$HPBIH~QT_X`sCaI=}kyPjDaYY3|#_*A6ns*aM@IURvjHG>N**Hm7?%jQ(6tEMyEfY zY#tkl@U<*f2xvJ8{iPVTf^uzlAS{3pj36r7rKYm%_48sNVcGlCrQ^~@ep`o@6{&z@ zmzp5KwiGco$IirSdC97IgP@J)%=-QH_j1ts;mh~{ay5}?4ZQV7!Y!1aUz%{L02R02 z&GrKsaf026Fd8xugWHB(JWW@hFjK)r3{xp@Zi>LFHO(lZF=CC zSQSyHM3tRfaa%^b^-uvMsm{)$Z){lcY^kM+YriYx!r(0>b>q4A%VWqdbI3d1q;y!( zk&pYEG!d~**BVK?r$1NMP{AD>TTdtjmFGXp^&R*> z$`zHrG-2njj&?S=V#l-$;9GgVo?x^lYt?4C%RG*&{>aqe2(!8B2oKj}v>jSf&h06UZ20Fc`=;!TNGzL1a73H!Ej5;^tPyhS`P6Q1!gRU7T?PFYEFh_2S{{xOw@4gK2Xd6&mdH_iDTbT5a+}t2t0BdzBdPU?cye zd<%4=1SbUD#4Ef`sY^U3+ECMUDDlI?Q|=zZTa2Y<0TlSY>hfl<^pcnB5Wn15pnVf8 z7nEOr0rV<4wzkj(!s%8?ra-gkTTR^0Mcv;I}0G^JuUrfZ+XV6d!EYj@o_l*0Xc$J@{CD7Xa z2}M6(^jki_-vxG7%-0ezjigw(es}o^1aCQ^{`_t=R4Y&&y%0Ah@|7$US8nPi3H9e` z385;h;E~RrTWJn9&K8}JN}xVzq)~k;h~!Xxi-3pP$S6aNKF^oA>_@1f;xnu5Wjq$( zc1xWxXHD71M}$=MCE{jEs5&xGg|$(+(6{vSQ?}PHr_Us zIH}zTaOUtq=|r6-`6pMUh26YB9E$IH@X{|$ot=F5qtZg+_U#9&V%28$%70F)gK6fE=&q(0$vHgzM4T!|YY$Clsma-` z@RH_)%I|$Da0kpuk%%dVlD*l$r_e6f`t$qV0Hl~4K1>1@d zG6OPHVLv8|Xy)!N_qEr$daH9($|oDHaja_jd|nKgTs)-6uOt=O&$B z`QoP|v}6MYW2_zYrhfF*g~t-@m%-3RGos7oMspbzlY<_2MNQLczk~~k-9P3zO6NgW zL&KHr{)pp%rAG63ZM^$5{q!{ZcRLCJsn8p&PP>3^U?Rsd+;T(!_tc2gITdNK71_qw z%netQM>EVVi=NQ3p0xb9yO?@>rUCD?-laH~pqtOvv)&zs*5<#?T2gjS&Ba%|{Vv$Y zPyYUW>waO7{Pk1vla&xF9nRK(Ea4ki&+({-fd}Djw2uXZKMXC*QX){pAnvgSL#cLW zp5zi`VFEJ!z2<+NDkhsC>50Dl%FQ4K<@;A#u5gn1!60~`^fFaIoo5l$QNT0s2 zVpJ;11!R9~K-D}6(%Y=j`qs(=2pd~EVJYHZoT`TA9SR-7GzLq>?M6;;CFhD9W%t3- z*<0xt&mBA#Oe1?SHVd7NwP?G``GyVhuYhOi$ zQ-6N_4uOv1EJ1Uq^6w@VjXh`nAJo zVIR{bwRulVShEZdX9c%BJdDvEkI1T=>X zO%rjz*={R$42HM)U}WMnl^+i(bH}Tdv04eS`3ylQw}B{wrWff^u$WaE$oJZef!{pH zt5MWS&?FGa#?$s4PHWv3zQDsrxEqJ9!_5BlKHG4hQjAbaRun-a?b?JM4@~_9B&-I$ zPqUV)yv@-|!Y7v}zL#s;oAAj{x1B%{xKEl^$1PCVfU>T`Pe63dT}d5w_lvim!)k%8 z4wBH9V`Mlg6&$E&lO;tTX)$rIo-zGHMUHm=t|=P0y_wZmOeomCSsy>@cIhXOzq<*jV0?s`S}Ii|fL0b~;&6+F+r3 zi_zh=Vb!h>c@mG*m32l?`3??k^DB6?w|i`KF4d(CoJ9(LV>`{JZA zuHi$uYtIHTAyF}RJ}1|j_U!s6b4%Z2iHDSzqZ%qd1v*v%@!kCR`ep%xq-Qi&DY@z@ zOMq&EW;BZ8lnf$N)GS8mXp0IUpe{KpuceUA%G*QtVd*%h$2`gkV@ZOLShsFKXvv7c zk6Kxns)I45NCguX>cDb{VBqo7lzRpI$!`%vsy5H_CyzIU$A|oJ#4{hyHfdtNOe%qZ z4(SMq>*ePy_9656G(G|%(z*GI`ZTD90)8(aeXqy~;w=E|cDq3kK=-%0ie0?>Z_j>} znXG(M_dwdA?Uwoy%TLiJG?j{lpnAVi#kn2+%HxGW6gS21k;tg1CR{{Yv0e-UpO%%d z*gPL7VasP}jCn&D&ZtdBbe7F$mutG}VdRMidiwP7IOlly7QLx9m367?&3hrg;VWY} z{NcC=2(5z$Mpf@IqjYRvv{v$nl8kz_f72kU2Z%k_Ax!p_E4%ru!VdYOcr&_>64Z@- zuGb6Df^Us@eEItw+-8jFP8%U&NMCjw`F*o_&&eP0<22X)N9Q)Xm5NGfP6os00aNU* zP6okLF@EfCL>T@Ibv@raGMMAp#3bnj>ev8|2wGxc{d4|~nG!L2eSHc|Od1L>hf)Ix zFF;#hKL3i|_Ge5@8}r$e((?@4L7E9$wB9dMH~5&{-7WH2UPdnlb{c!3L)Kdt3l{Da}tcy<2ddLlO1K)~w@M$UITB&M9v^y|txCQ*Xd z2YBUj5~7F!9wDO&VEo*4dmt!#?n?kp+snyYz4>K`jvW|?)~s~PW^4I{5Hhm zJqHH(!*A2$yorHS{JR4u_aDqUXj>>{H$i;5{nj${dY5gRWaQSkEj$TMl4Gj9uDPI} z4)f5es4{_mDo40R7yyoN_t+elPP#)5n#g5W4)j_FsX&3L07iJyxO~dssXpw@zoG2p zQnc!Glbe;yDlPG7-(Pl{4)7gsMcIW7){Vs~F(<~!ER%_>sHg@xr*7+_%A|Z#B=^1H zbXIPTua^W{(m)E47jjL=LI1I{%O$iyQQ3n{{?ikz=kqfDQKtP@D%hO3cgYfwY zS5&ej+DD;QF}U(exBY?YGG}#`WC))WHTJ<6mv?Mh!eN{sw^~8C}D6+ zJ+w4)jcQczb`I2BAmRcucgXaE5=M#(%_2iaEB?A3f|fA-Sk%onOb;(8+dbS)=S`*x zPSKq2@-V)^8}{WFiT##Ts4W>o@I1A(+-uJeUZ*=FKOpHPW1 zx#=d;E3%n;c*`V-zk8(=Av#SeZBtu?`ZHOY8_WWj{ov?M3%&%K#R5-}v4so~gHJDm zP#s8OGEO4l0tDm|i6}l#x!_}1ZGw5FGehDeDFG*LGy{LaGNJHM2!;Y4TPh+Ofz~)Z zsfOxMCZ)OJA4{1xP*juqDxXGNw`16^i=RT zoX2#l*#?2xaY&&EzsXIlK>CHw5L=*BoZ+gv6SW)|jH=YFzdD_y`*0Q_{PyO|wqY>t z@1LSZLZ899ZFfM^t_|+%U;HK=tyh#3q^g6sr3GroEiyAAslW?u8%?6YO-SuAZBsb+ zaq7_KrkCTTVg{115ZkAwegpjKRLv=>65!pJOU0J&As*Caum3QQK`k>Nt^g`tr|84T zhYiKqiYGwO7W(O;uI2TarcQc^3{5xBDm+vqyjxdCmyGf5jwFuA+8*K-t*}R=*HEy$ zILwdwL@0rL(5{u})S!p6-66Q2(!J!PWVixh2fEj0!AvALkzaF){^=v}Ad#tfMjZCq_K0IEGc`|Q#{UP)%JuSdgrjHdkG&3a!byAtXQ7QA-*OPp`L z$p0WekKvQ$4J@0~x7L;m?Rs^cc8n;ernZJ_MlYgp7g1RV%M;VtU!>zXv#?vOckU@o zf&**`x;Yk)OxYWXE?spyW6AihRUmD@ZBW+c`3aD>&=RvYM_mQ14IQlZvGkffir~v# zqdm4#4T|hr-WG|{OO__fH6GQrCEs|^N#B`0Z;zy{R-ZGu8q9rK%#o)qu1B!O^&zW* zzZGzQiE?F~yy*kty}$<2(n_S28>jWcN5EuB&UhjWCc*$%1YRytbfE_$oz8ZV^o5Ip z#QD+v&8kWlli|c4rDM$%P|y{G%jq+tR)u6sC8M``$lC7;{Y+!ss-`mt$ zyny!hsCmc2dM2TAaFMJKxUI%23jo06qE<59f#$Z;R#Ulg@-M`ioc6fRMYAw zTuH|Ea$B-QmWwMOjL*@oXwV-bF^c~IZW#+7!L{`I1<{n@N)XS%Kc@8>w>s_u0FxfW>SQjLTs#oQ0 zadoUtSV5W@SHyq}oI{x}O0DfP8;LN%TGFuH+&Nn zFHxKQ!d7F%3R!De*b?Wmc4m?cR+7@HH8TIPWj- zk}F&db%%fB0R)!z6m-6JKBU`7VH$k_neGWFO4^d=s4^lrqT#XD>8O(**{}#XdU8^8 zb>bxVM-_*CQ`os&^&LwR`!AO_-BQQml5mE2UrAPN!Cojsd|w((%Je^F;G78ay##xj zd5(`6=By{Wz3N5wbmxuzPFnvXxZZl$Cilj!OGF6&*kMrz1^CRvCvM;Tlzx;YEi?@W zLnYC)HlGWBsaN=Ezo&`~=9>bS0qKW;uIFinRz76F?+tje6QFKNW$^q^W9qACRbZ?kPz@eS7`pW_HI|3QNP>k%{CF0<)J%Krm!K##v>&vI)8v1KVCAUiw3b??+wm{Fd~z;u}omsXg* zVDJqO4~6^*?i1Ety0lEs9zIq6zIVqprSNZ&IU;kP{kmbVB??k{TZ&e#%3n;E$n z6x99Ove^V1fzotkr>kJ}0T=;5W{d?8)lNzS$!)2Sa#GpHIEcEcQeOk!Cv?ngdKBvs zvh9M&9*{GdN_GDp73>buWik;=l7r`2flfBKA=$oOOeHpz&oJV(u!8^&0h=6ugEN3} z+8K^?=yg(XmWl_$pDCqRLa5dOf?A}Q;Mq_E-g)D zfe7?9xTmvix*ID7kr}X{A0jP=K*`&2w5$(1nq@ zWSJ7yI&M@Zo9p;I5=_M}!UW*r%AC9MqHOV%Eb*;ho0+_pZrb%7bk*iJm%yLbHe!l; zgv-I1TRf&N=+1p_p+}#+kIv7ZXu#srGjAxHZZsWwA@uqhppRQkKkf(+ug~#K2VgcGfc^2~!|P~f z;x@Wv*Z0sDpZ(QJC%!`mkA0M`+Vs}4tXBIA5&)6wp!e_6-KfG z(NJfSmRHUz;Ex;tC|~d0y^Bk8C5X3uW)sa_TIzo1YSqd_uG1A->e`1Bvk%h~Fa0;V zaPdXjzTs-xw01|y{;T~e2R5?)-ieW`RHj~HN}iGIWUI=PCrv1XuSh(2ks*n&9`dx0aF-8PW*lBLdJa}7lr zL5zRJ8vv7mIS~~fWvYjod@sz|h(<6?7cmE5SZ*POW%{s=ZW12|t0ZfnuOsOL78$cp z;V|WZl$rse_9PvUsP26hT4K`RgDj_#HRqzN7!<8em`M{moyztIXRiSN?)&m{G(9;^ zx4mXpV=OtljkaU;*poe{>6U%h(d5J$8e18nvlot)MqkHqF$>Z$n^j3rYgnXUFMK_( z)3IYC2ZdL{{r6`xhVMcE zH%=!EniXWhr3{kDoG$$FO&~bd`7Kt!2)p%3&`5%{2x0gD zEsVN;1$rtC>0KISX47dE{ikAzf@Q%Uc}#%+v8W9Xu72t z;>j$jv;nT=8z;3-5hMd(sG0BB|9$l7Lm#em06#|Wx%GeTu>fOtf?R!jU^mHlHEbIK zssIZ?5aX%*h%{0;c3bWKA+?^IbAgzgE`yq|vpTGj3@Oc(pysbmC=U3^%xxeKgAlr_lM2{SN zj{fLVe?|8_^my{mhDO%7*Y3IRL3-!g-lS&M`ibjk-I{CZ?0j!toaz31a`r2FwH2H-3}gG@q)6wO5K(UtLf^S+;=-@EU7XnAG9v-=c?M+U_E8rgv6_^W2# zTb|smnY-!XBOfUnfpm&;+0{jQ=H#EyzHQ&GoK!H0#uM6N6s*6`J@Jb)SI%|N#>s0- zw&S*Sx6y;o|2w+0e1;s;uOA@Ty$>r(3$%nwG%_^WeQmaTjRG^=xOM9XNOC zrSde#M#kx?EjLxnzsrMxjYVUbvFp0mJxX2+Sj!&3R*ocWAlrlx=No-Rel#-2LMC-0 zH<7L0z9xG(wt!o|oJpLf8fv7|TL{YRvrR-f+K>bPB-lV2qFSm~DG>Ay;66#(%5SvE zKoi78JrL{j3>5IQxmYDJmOIQQ*n$g3LR&bpf}HS2-F=D*e}Ws@D$hlw?uoXr4%TWZ zP%zDjv z#q@QT)Hc+Yv~3U^@rPCNj!XT$k)clCjCQNb*3OEQJ-<-?jE;=ZzH6>3-yiO70Fzy(Z|>rmwz?JMvKn>WzRZFE@FhnER0C2SbR^(V zIS1UwqqR=AC^Lv^^IdszigZd*ckn<*k0QDUsBO{CCUB3lI-J42J>KZg5dAJ%Xr1l~8wOx-Zp z<9THYl zs_61N+LWpyE;!9835Lzp@ELQN&c~E zFqldxMlu2%=_)n71ElIszCnwfqO6EU?7>;E%_T$dfm%EYr1Z6eSuCis)H=XyXPgx2 z_MPgOVkMZ!heGw)4c=qsNSquso`k-wVH<|vDQiHGbgC9aiB9Pdb>r%jhhqV6#5iQ* z=2-@hP&KrtYQYPVGf_=3OLRl36*zyI~cJWrgEENelRfdT9#|H40 zi2+JV@EP73 zgv>2a76N7g%tq5c)bLBRNk;&Jd4bZt z9QI=St)CNc>exD#L1`^nxfp~BAWh&=%~k2+h79|(C{HF3gn^Kd7j+HW9qWM3N|4m{ zggFDcxxg`2m_>4rhY6)}#gK)CRA7N;`={;=ojh9e1NvGx>?*qmW(EyA?=q-sU0b*KG1jj}UFtLtS~8P6bx6f6@$H2o>3Ee0P8y@Gj7&LX4Vn1a6*s|su4+V37Ia10=2WSY3?b) zKjv0P6BPr{owC>*svt!>X_0m!ldr*zoLOyg=Y=7Bd#29Kz~17$!Pun!tk5?etM#LTvxk6AFR_}M=6ZkQ#e>#EDh zMWvl=vyOrKj4ji*_X$$plAS}N0x<(&S7YZbVQS1wiC4Ho!_>iY-|<%o=Mc4_+>8zK zR;FylI8L^7J9AngYj1LNZCU#JdtdxO`TRHT{TceXZ~hofj7(FjXB2a#kn~xj6apJx zDYc$C1mjZj#m&@qbxho+TiPJ|G6yBqvi3f)(}ZO=azAH_6l-T&cG`tcCr5Xa?Ys>Z zo@HHl&I>4Rt>p`hIPwkH0>wnL1^`?$I@!0O$53aScC39ZZC!T2`#GgzB~_rB?WrVsz=2WWAr1-%MAzybt(_=_v_xB8K7 zz>@|5<>UB?Q}pz+&(k$m?a@9__xEcyznhL2n$;tx6TwI=`&ph_?bnN_r^8LLV-#~A? z{-0D0a`Z57nZB(oDIU1=x4MDJ<2VNPVm-n9XK$W*gP#^D{|jsqKk)dPBtn6GA3wz4 z7C8%R?T@V>GbO-An%3)lbFja|?`eULX~_iX3{NWMdaiHu0^Kn2nzvDzAAxKOHW@!N@tRN5`_1Ds>Zc zs;QW8?f1Z5XW8pMCvLCgL>N6IBy*!kWtT;cS%F~EV6%g7{1w%W*bq9+HPp{NCWr2f z&faYh#|%3|BS8fA`f80JwCSp5#jNFQMARiy(c3{OWrCvlMgjh9-84hnHgD?wzC@?b zA2sz22#^6TOLtG6o-NCF3;n+KT069Mauc1MJr+8a#c#!TK6ALo9K7@9{fYRu_c`b1 zPQ*I+B4Bcb8evJ2$e?pVTaA-wp6J@N^}J&j z0(4?gi7Cr*)ti4hu@Jum>m|tnN}y+sb;%xZY8#1gHt88`c^+Wvj>kLqe?Q&x^dHg- zXAjb;xuf*)1HVk)b=Uvya!zcMme6@b$54m2RuTKcpDgEZyEAGU@SVH#JT0x9r^U-> zd!;pXvZoZHCtADa>Ta;Rf!2)7B*rNg$#LBTMUqID%LI;1;OJQGzdjv~0$>h(M8}cX zOT3V}2mZJZJ{0gY1}GgKADzrH0I%QrUb<@YH};wsq%u7=Ymx|B{NG{FkhnZ%-Y@{0 zQuE3#ubbLP7f_pFI4NCAeK2d)?M=EWy9jT-Z3ZzqFMXmrf7H^h^Ve%MpN+zGnd$*r>UH?=t*eWQMM)3T(hwy15PQZRD*+dz9I$c59haGtAoUu zT5toTz;~AP9e3cmRLOf+==Qzv;@R?fQNCNA@bD;2O>CgKi)Y(RLl}@SJ@!=FyhE1n z7LU=9@v@9};nIaxU|N7?hf3Dr3hmmqm9}i0Nt)rY(TV1B*c21VMja3kywpMpR}ZZI z7H1+Mh#;O!NusArM_G64O8YX&q@-X5y+Evs=BZ<3*uFk9A81b@30YDmbz`S4k{z|f z21BkU1EK`DE^#tlcgb|gCdwMo)OmA4^H63_!chveA)<_&x83Xwsq8q@bX|?D0fNMh z&uF$?l3nI56;MaP5BzPFwn(bfg_6bz#RK1XLwDoTb5yR~YCfn9DBs*BJ&zHdr}Ny{ ztQobQQ6*;Th9;~!-Nu@-z(ye12WS5tur&jXLMSLrRQg)T0&y*SKCKO_yIT7a`D6}E+6+p`eQ?@7rp1uV+KmB2 z&+FD_I5sj7miRM~ua{kFRyDK1yO{DFNJ`v!0^v+lHE04nB4 zb@1_{OsAe$Em?o^vH!MCsRelSxtAFPe5LU}?wdl(gMdXD@KOr^-h2N;^uBk$v$1)S zzOi%t8|d*Df0ve4=F6LT{KA8@Yvzrj*^{Tnsq5*p2mcM7o_k6+?qJgFJ|uv?KF4pJzKw3)`2!{Rm(teUyYX#w^xS6~ z9l+x6Ph9vCZD0F(WySvV;h&_l^Usvedf?wrIOyDJxZbqmf1vxG`6b838;rHrr$m@z zreE%}3rT=o>%TGWMkTc=D$4>^{z};WwFU{LuNz@Z8Lt#>NAZc9CdUd+LSt+Zt5lVZ zUBK{-EkZRt+p)J!hzdV*AYx6_hF0p?CHI^J-VrWQUwy|RG{h8?t0eQph!St??;rYB zfFPf_PRvcFFrVu_nhhun*X%DS+18R_UeGT9C(^PX@`EAC5>?$W%#@S?C4_!@TQTc^ zPBsBsdmNjNy`r_Q)k8)d4mEQ6UNBB+%fk4$Z1gY789po#Mp-r?5#u(qi@3y>Y;Cz- zeAaE0K?R&hd;8J0`)>Ux8gN`%ny1SvOYy|)eoz4%UaHD>_g%9$+}x)pX1Y$zMOt22 zRzo^Be~Df?e!gT5rr3Y-QJhbqDcI9~Frfc7 z0l_3>B+3yCu)~^b%#mYbm~mP!4T+>Ut3V3_IrNl)Tp}$m_JX((`AZpa7Wx;g8llL5 zCn(BID^B_7KXHXVOTgk9k_5~Md`zZCOlMU1><(w7cq6`sJ+FZ<&>Z-X1SimR&(zH* z(pWSMXu|>S4&T<@At0?7vng*g#8a7#gl*&{$}2z#4M5P!UBzifQ+l4$e&9?Om5CUV4()yYN{9lea|@^Oj~u=mXQ$1gg_hD8hBM}FcI`x$5sQOpgrsN z)3@I8qxA8If2DlqLx1(pX!p#=Xw&3Q53EpBG7^A5vg{RYS3&JO`VQ;aWJY!0E?>St z=Po`%XBQr+n0~7R1Akn-H@A3#W-lG1!>2z-VBw`dG_x5c^G`ks zP;gE6lAe5QwV(I;H|K%4gZQA2q2X~_>BbuMMUb#UpYN6(y!Goc(g`(&Eaw zlEGJe*XN)7f9OmA{t-ny;nt$;SbrC7UH4jg>D(6sppOP-?PW`ZIrTT>KI8h$@9SRE z`u+=wIpF#VyP_ykHhA%`fn&UloOi^1#Gy2>2*IxB3`0Q4qgbROQH>V6V61&S1g#K2 zs%pvtRG^@`DRVQ}Ij$Z}l~vj?--3x!Dz~Z&s;=E;)z~d&ezr1xtfX7GZtloLQERF8 z1h1sykare)=vffEN-`M&Fq?eW7`b;U_Fppl?1i2+g3+EdbVE`kIrs85D?5y^+R}m9 zw*1O@jpQ5QIj_1A8e)mc#c5fvS$}9t@7tp~T1UFAjc~jf%)u|_%mB3S`(7PL}I$#UUSP6HM!id z&jq&}8pBTc)XE8$drpO>v!NTd!Ird55VK5k9N_tr{u&%jS9`%x$%xa+tIHW#bV_QR zpLQdZKh0ck=B&TB+6hF<;DTuygjRR5W);}1OZ2hwyjraXD7Q`t!GhF0QfNc4?h!oK zv#f0a!p(hSayozO|2de2xx(!bI(U9|jWya2YO7ygnWZ;JJA+vDp zo=^&9SBM}7<0bD&yt^3tA@zZwZ&iIh&9~Iw-3XLJUML0obFhfy{bceJn*ClFq_O1r zHiHkn;QVbCAExV!vuHA_dC@vb5GAy&VNEn!Ft*pu3VjG#wcm(BZ76PXZVAWtM6IiK?s3IvkQ#d+d5@(1VPj)t7fqt~-uk1ouWA5N zGzIyU&%U1)mS=lDSSAA!^#z9r9av};$~g+QtU_P2WXHDv{$4uwC-lV0U!!9eK3D2q z6^X>l-Jg~6XSw_Pa@kF?*25YbSwrKa6Er+DQg)o|b*AhdyVCu;mEPaXT{=b&J^yR; z$w&S%y?E{cl}u=Uz$tU0_Bd7!vveZa1w2B5rJdGb4+<;wL0voHUWX|eZ@$2cXx#ZI z0TxrRCy|&N`kqD!(2=1r*W_cz`Zv%WSG}J`hbHV+ZU8*J=E1S_pR&YG7t&5t>sz*; zXxV=j-?TB`fd^LT==1)fuX|00ZhhTQ-<%!OU=_Fg3jCz3K7SPupw$5^$L5iPYI~4l zJu|hhjPF*vKSdes`HP25d3oUPOMg`Q8tfUMZd(lZJSM$rwO`h_PeCVj1^DjzPWpj2 z{V~0H|4-ANjc=%u5Te_4*CzFTdPxcQe)W9o+B@iVSN$V;>;7M)naO>=AF{G1?Rzs5 zH_%YmzI8f7-Jf9^!VsOAf2=(0%ZEQgPoMZy>9<_F^_}#_8-60O?YG_~#GZK9RXwoDbB zPdHVLa4LVfExv4-fy$Et`Xo)^Vh+U+2uM_oONzi3G%-lyTh&-iMTjWJSyiPaJwNTB z18IT=>}}F9u$?GPylSwBMnhEHb|&u2hL>ZeteY8j8`Rf{3)B8l;KA^HT=mci%*RB# zK^mJW=z$nckM?pP>g~{^j^LD!0N*{azCgjI5JNEBmrEtk=Q{JQ@J<%_2<4L{=n<;) zMI%>|1oqeyJ@%jNzT0Hxx*NjOnhi9&aK^p⩔yxuY9*0fT2;Ep4iy^oYT#hpFDY* zPM*0y-|0MoYQ)tREdhh>@duwiLI&oDzGv4a+O%P9`ESFL zN;1FVj+dXm?{PYHdbW9Q|8+adpHR>ML79$Yj7uECo#e7cuCq`@br*Vr#EMx% z0sp5d)sDJ!ahlTc;8zaPm%e;338WRzwr|@+@BaH=A8K{{EY3+qO;p84K{nD!YvvDu0&l&R*t6I`^`9&r8Qn(f{`+f0>*gQ&SW4 zo_D>Orl%)d`zo+iJk$V~9A{8kw~)xZ#Ym1Xsf}F5;Q`PtF%nqzN|b{$BFk_o+|*PF zRuqB}fytB)(0C;wpsmbVuFQtDkC-AJa=>75oycXf2D=$FfFHW|pLSpSU^o_}SnuQ( zDo3K#94{TuK$2+>(DKR!IyrX_oxS*Q!078~`xO9F831OID;eE%zT8 z99Uf^kZzQve1RzYDLR(xBm=yYABhLEPI~tIWV6pA$mZ7o;P9xrZv~)m z`IUr>?(^xfZ8SNyg|@7{i8fE)6nL{nT7;tp07RRnZ=vI}_g2kBdS$@pFCOY1KTThG z;UneeY+rXPz3KXYq8d3s0*f3sH!A@8x9tCU`pn}$*R`9^(jW~x1}_m7OhQio&GvPF zkM_=d;~-PmHEx6TPo$&?e7im?$0Rkt$r3#h^TJ0hUIP$8_Znu(maWERE7m(rv|b1> z7TsdisJo^Tu;9GG=4f9r9wefEwE9Zyo#DtWM#4{17!I^l4r{GD=BPXwz9e3GR)R`n zHTs#;_YZl50?|E&)hUN^@Wbuefw5v%a#lPk>E77&l#+f)g#*<%Hx43)LAEN-;n4M@ zzJQKb3uh_p!(s3&X$L(RLNhOi*?6ifbo=TF%WT6tPR|8+ILvG7Ak@Ku0Prp?rn~Pp z4)A!_@x6SB78e(q*A^}=HoAd>l<(FcpbfBAF0X{ZW778%Btpvd$of{6U_b312EA(GJ_Br=?|M$=RK=(7JJ+KuB z2QusCFl;d=L?-#0Tkb_M{q-mxRl~^X}#r6J|VHdDOD~O(W>M;GtkAGmGxmJLHcigt$ zJE|OMVIkEGqYwDP^gF-*r}Rs|@?Wy&^1HwPN&2&o|3|xO9mEjyWeO-!?Y&jpf@+gy zP40HGlg=3k)D`}h|Lqs(#bc+k*L3XoDf;pEf3Hd4ae5=G?2)M|u+?$x*dRi|Q}dNu z-htC?kxV`ow0;VMUFUp&!;;oW>^dt=8kW$C`&l`IY@7CQ5-$?>R!e7aEdkM#oWQ4R zS+~75TG&aQ7FXhL?oC*dnQ1!1gE-$1DQHSGEw3db`t+}p_t0KYqN=35PniyJkPT3} zhfIu4(NDhfw;DabhhF%zvNP}xe%&vmn_!u_#nJq?<+EAeK+X%$iMe~|%={N=dF7%5 z{)%P-W5d%lHd1t#z1)4h{#ot@;Pc&|izVo{*!6n~#-A(!mcSp^44vxt!>7MMFP?jl z-n{Sspl$1K32(a6kAtr6U{i(|Z5OEIe2o%{>tLmQR@<%F5n_cljyicx zt`L?Y`x(En?)W?08K*n;zP~B^r4(QaYsL_^rSf{islH^;e0l}`wVzt(r1`ndI!F(u zbHN1cfqohUEJ}pm_|Bp7{WB+DZXv%{=z*^e1ni8gQ2^k9M-Lf5rJW}mC---MU2PIy z3k67KF$U&zxfsF-y)9ELUs`Q!Jd@XY?Kc78%Kw6-USJzWN2X}|`rFH&xU5g_Lv>XQ z$nJ|Kw=1c6;)}pR$Z$Ek#`Ou7czfErX|ADVF=Q^)>(N^NZ=v&Bfjm>H)|`EP6($DYB*P-GQmN=TOq zw^IWBO~(t{oU##_jC6+M#x{}Ztt$SsN(#4?v4Cz-s?_|XdFz$lA_O#2`5G(FZD2C5 zOlZ}W>&T+*KG8jbtu$Omcm5IdVTv@ysF^4XQ8?sKQ6XWhxWC#cMEh33+`AG0Z{6gk zDht&M5--dx(6M93=<1!@2P)r9yF^#&TW~{RZcFgE&Du8g;;#32ImV~Y&c14X(5W*Q zN-*yy|K*42*Z=dMm7uAG*W_>YnI3%VX!7$K4T3t0&LCeCWPoF6DtX;NLrzDB!>}#) z2ud+Ymk`Zg^jeY4HJe&QcbcxYq-UxmkXf$-SW0(wzu8doiTR4kW7KCd8%$k-NZfY+ zZQJ`Lv*I;d8nUFerk2Ar2SB?~%*`(hJl7snEJ3BZ&~AyfMp!MVYGnt4ADL+_9#1~~ zLf>jxSLV7Z_xSl^j7Tfo)U(MGZ0{5)?z| z8U^1?#&nQ57h85>B^Lm#Nn=VY$p8k|Mr^%8{& zO7u0E4|YLr+ezCkH=+zPs$DnDm@zy3@ZB5s(+_>!zi$5G3r~NHK6LNT$l@?Rw9Nje z{WhV8D#003du^`12wtB&@t^4Uh0m4cfwI(hd}KXso_-B&oV>Qw%IcsS_;!CTEzi@r z`D1kK>@#%o!qJlDx3D-z%a@nRQr}*QuqiiN>AtqI+&r(}zqoXsK5^j3>B(b%suzpW z8@2m2JeiI{;Sf{C54Wl{wjBF zyi);yHQ;*l?jNEx-TP*Xoh1Ou@IFk^5dgPyT6{n)y#sZefK7!xlp*f%^9LwxO4>*# zGA+GwV6XePW&(8gHw@E_w++$A$XDx)zVb!DJzMnE`^$w6pnM!Zaf+UP?uADG8D^TS z)*ZULKj#*nZ~S71^KqJZqoL1@dY>hVa zU>r0l_{dO5D9bE`VL~CW&`*@zcUMd1U%&F*-e+{W&c|q30#nbdg1uK{WnayQD~@Kw zP_J!B`?a8sFT>;W_diY#KKu;*@c;NWy5p8>Ts9gJXcih9&Xm}2f>UDoq@wWvQu(HQ z!t=^A!iX`Bgi}t2EybyJQYv*}lSqi^$&N8;wJ;2+y2_xi8Sk*ykzfKoc;IRJ|EYTu zILoT)TzsvX=dQ7*s-8#2rn`Yg1iFdLU?O0iiu!zsi21)HCi;sS{Y8mJW0IFR#>9Zh zOB7LG;*bc)paL>C&wosX_nfoW+H0SCtGXNG;diO(Tlb!O?m7GH zz1FwB^?eULx<1)=O?4&Qe8VL$r=v{-pGBA<6nSsR@4>6lF7T3dt(3BJ{sRsi=$gny zXA4ot^Z>J}XRatO2=g5`IC2Gh6+8Q^xnZ&=n~+nh6*7s?jg!n1znX=r=l}%)xAdIm z$EbD>Yt?DuY*ds^MzXcuxfT?h8^}w%C@?IDB=a%Dt0lxU2wDg z=f6Dj$pi#6n+pt*_zom!(@4V26{Ok)@9B>JHcG?L)$3!Z~{MA-Wg@)=`QIcD3 znSO@NH#pi4$NTp}-{6s){-0z1Q7q$6{@rMCQU3jpZTw3(*}oqyod14cgOL35n3&dO zUU&4^8O&|jixn`ve>JMT$2^x=ja&!BNOIVjNfDZK7Do)QQ7A6MuzZkVC7JWtT(=me zH>?0q)LJ#qC@H6_pI2mT2XNa)C3QZy!li#ZCK!ON^-H))E@c^b3fZ`k{iU#P&ZBbzSXl)PLXX)Uv^czD@ z;uv|y0wG(={g&PEX+rP?rqW%Za~kp^f~cTj8#CTWs8{5(G01m4Ah#RLl}BS`*X%o$ zvVt(RAC;Wz>t8k$#XI*N0p%DxAWbvWQbKH01&8va6%5&p@`SFCcmc-iA_jt16;kz& zN}kr(Push-ROcCY?M?kf5c7)aBvu;~>~=Hz09(}2XG zOxDn6rX;PQ%n|xm79$y8@2lVZDcpYBTi~))XNlx6olT5(pvD5^lMecUGhzToL0{6R znD!xo$op-8SR9rj7QUFp8D4gC`c_|()4p5!5Am;r?R>pj=! zctJ-0{9(|59!P7wen9?KRH%oKAGcSJhRdEq~WZgK+6GFUd~ z=MDuqQ&=DlNCjFI^DjbaYJ;G+0E>W#7?8kF#Ke)?8&M(GanLmIBoAM|FObMnKt;he zLUjGd5i)WQ62MlfN6$zB6y%135P#(PA*;WHmd{p$mVbP zARwxUH2Yn4L}<~XJl_7{J+SZi1J>Es1?3F8WorGoP+C%vZy6kg-oe9BGP)D`hmLXp zFE6mK0ecex{@mx+zJ3>+?B54(IrmP`h2e#MPZn5QAU|cT#m>d?fOZ)GU;%2cv>$dG zrIZDcNoA<}(lSf_<)$_)Nq(;=%b9?j-|_y;xmc=xV?YNAL%61vNCeHXL?Rn)hfcoY zU7yPGI_}+$1(AK&zjGXVjuTwGrp#mf88)B+2N#`P0=u^5fWZGg`hX~CmlNMgN-JP& zbTIk%Gi%qw%{N^Q%m6RiPWJ7}cRE$WomyyiRU%Yyo1n zC5Hh;F(Q#zb6!IQK*mCqKc#X`LQgMc`*EQu&i>?cKWSRivKS&|ki-EZ$l|Eun4A91d@h>C`-^ZDegnaK9(#E!(*iMY#xt%DieH|h-& z7Kj9u%;H`Hu^&Pq{6oST-91PApQLJZskjnqKp}c)R4kAOqR0ZG!`%UeDRHvJL}M>z zX(nooiOC3eG7i+&k^PTYEWG*FL27+y+3*qW_7f} z?DjS#%giywibhw6C&cMo?+T5kx}SuoPL?1NaY87_5+haHO?$o2r}V{x_*@hxswe;~ z1(;&oDbWLpuD%dufovMnR?e$#+bpue9}!Bt-u_!-a&FqT&p(+Vb|X#l*7Swuz_0l! zNg<(MnDi$1$ph%bCtBw&)mC#7j#ITm93PBVhS;IOpNMUIw_Y`?7J5<3o3D}Vb5V^0_ ziT;{)U0}h45c3i}Vxp`6MXW_cKRKS!hK4ODW6Aqom<1L2`r6@nn^L!T(3#&Tl4ArJ zD5Ed#OvD2CcV74j>jWHwe;NpwV%_pwDQ?T8M2Y$Bz{y|0k>0fq_%;?LwAE2UcrMgc zPRsK!$KY7+4mi~PT9okio+jXLOf?p9*@Nbu+_?WIFtcd|oZbFbXIkcT^)&Y&cE6)q z9y^7?D!G(@@)-0y`qu%FV2H0s2WH-yBIj~%iwdL97(IqYd+d2^Z+bISSGI;Lm`SSd zaa1z!bJ2%E1QbFFK@?quJVFQn^iouUqSp5A69kXnKLY1nR0`ADOT51uAkee~n}>O= z(FYtIuCQaEzA?uhT(@=*_U;;)a4a#YiX)}0Zp6vQ*hUA?1pqg^w%JOd)YkGmrGL1K znShYfN{@l@2}ofq#$}|Vl8aL)b5S(J7mbI^eMN?NmOU;bv zWk+FS=Z~#^CI|WeLQKE--%U01U~0p;uxQ$iP*c&Sfq*JW%Eggrb`hk$2H(y7fdk)`@a|bj&Lb*`RFJx+5LKld zA?sC2ORJ8}rW3G|C$NzFy-cO=y3}x%pP&kqA^KLnstCAf3qwSHNhY~Ihc-!puR`|o)Z^#*KXg3@?7b(&_Ffasr_8)<+qdl-?`+ivW z%FbXLuMJ+JzZp%y&wl)!&V85y88uZp0NC16uVjy`#-j*+D`N>A7hOoH;~}<`zs!@P zh*1QfOJc<%-<28#@PveZfDROxHPQtIr8qZYSg%cimNZrdNl^-+XM`b8q$niGT?|Ah zg~i_|1e$A@V**5uY7*+l;Z25aFp$4KGiF3V*2|kG4%ll&aiR>shIrN~$C?acoZ=U% zwHiA0If(ROok+XHx{-)_fd&c~HSkzUEAc5owlJ%a!$;s>*=#B*z8jtVH)seWVKxsqw zXF2j9bq(!7M|K1Q&DIo*EezPVWa>q%9eD4tP4Ka+zZE5G^@&a^6I2IKVJ{6+7#ukS zdyn4_{lfsWYABQfrXxF8{tg4b#Hw?e}+ zyXX~W*;z#xWf*4P zx~E4i0BC@|>RNq%YG_3J0N`=sZ`?2yzWdL+VR+~bXctD;b(bce9ay74zHNAQGrVcl z^0cUH&UMd5d!MD_Cyf_~3IO7ytbv-jg;&4E;(`MN9~5+*pp~V9E#O3|xs>0r&kKN> z!;IvJ5px;Jedf^Ek-QcvvNqrn>oyFI!Io~Nsi}dPV;dOh^}xR?7vBaqp7Q|<0=gGs z;nZtvVdhx>>(D!R2zrMO+k39_#7nUA=u7rx!(-zxG&&B8rd|k_EqEU^)y~Un6M}RP zU^Wz)cx$0ciLMDD`ptQ6%dZ=^x-t(^w#fxwba7-Zdy$n^QFif^%~SDplr-d6Lplbp z9M81uJ}u!c3Z&?b307Bzy|zmbaAO%)C!6y6?C7kUEElFHl3LJJQYZCbdAjCL@!^@J^Khh@utR z85JbXEh<(p8OMF~>Sa0bkHP^15+9tlqE%f9OBS}nk_7;lUAz?DH8>29JoYmD_`$Wo z&oY4Flh1Clt-x|7ylmA{`_KOVq2y3ZTX1VrgVOmbe8^EWzaZB`a0R-^^+rd(YQo2i zU@R1|js_QAB{?9kK<3|cUVjIQZuyKg4AD{noXje1`?|hb9!I zg!bwNK;)77R7+Y&t9E|ng=0= zXeY%EU3dN?;v_L?Hmj|!SY$w|$$|v*EJ$RaoMRiRK4s)@Gv-yxjKQ>G*UW+CG) ztvlF?NNNQdDGQnOhD#chgJkX&Qp7{A>aKQmD9OE6V4zH#-v#MPAWgx1r9oEN6^Vdr zlp@8<2|~sZ#B*2@tElI$?#n~O=SXS-?m500{``TP;rCbnJEg5`+HF)Ep?`Pcku zt1ST7RJ#-!s^_r3hBS;Y2z~4GkkwCEWI&t0p1x@9ubc4qV`tki z(MrpK95>)+o?j1dTD5{D%=?c&o6K$Izwtyj&_}6N9ag#Sh@y%%zY$2M@dDpba7O|| zN5QZ~#3Hfd7`qFIWb@(-@;pglzY~n648R2ZL#V4-z~WP>>C1slcZJJ6bKh%sC*Yp} z{66^RzqPDCwStN{*6;L&3xFEZIdIvWcf*GLkHNRse%7)H&9=AuF__u38ZMb~jze5cD zQCqo$q!buq^EG#*s7s{uk|o(DAVGcd&M#-Eld7UeV(nqB&Zz9$(ZEA-x=_}6<*pnp zP-a^}j-3l*1fsO$1HEO$4bAzL_wZ!FYDYz=lRUs$%Tuw4YCSrqmxAdHDs^YquszQZ zMbb`oylV5VeoRb?NdiOYEbTmsA=E4t$P*MomdUZsX!6HNr?lxE{|J}~P5FKJ{+57$7+w_;vldkJKJs^$ zY2p2?>o10-i)LEQzYrVn;m2Qg0KgPJGVi};&9Z>7h6EIdv)w=-zNq+I%kmKtK%iC4 zy@$|)nkHdh5lkli#KyfZ5Xcj_X+BZ@m`kYHQ#??3^oBl)AbaSo7wUVr-zFfMJ38 zMCx+API~RA$vr0FcLu(T;bnI+(WuUiO{$cW?mEkZ8+ZT*q92L7l|IY}*Feux7(D1yXnf+RQYk~f0P^Mq zH$!V(JN*6Qe*pc%J#eIVKYZr?n{Au$HA~;e9V&qrh|F`nLkHodJ@>%i@G+>aXolL# zX)roI3^3jZ!{dW6IyMMn&V=EyKG=W!dFbld^xp#bi#OBG`oQ`>fve8_ zb9V2ijE7Y2o$FzlW*jO@QMAE8)wJrEJ1`p8pJVG%mIe z1TlZ8?T49abbhQN*G1%|F?6y{EwYx&ye^;MtoI7Z0fQ)_pXns!LD_mLi=p`(1H5yl zV#8j1gMvupt{Eu%YcYgxs9#4(2!UI=vpSdGxk4V-R{0n)*K^X8+j^a?7fBgk0Ttk0 z)4V5?D@u4S;pbYqyYfyFX4r=$I(0}vOUWrb#GoOCV`4rDrT7?8VIMOGlN7uNo|%!` zH!htL6`)xXtWkox%)mSG3HBO+(gd71I>5MPh{xS;#62^<{P$(D>pb+{8QQb>oO${`iKnpM`fgGKxLoJExL#alar&(5v zgQyGK@dRoQ$^C}1_5;$T z+*yp3=ElO80J9H738CHjh=bP1=FNbY7{9|q{Q)SUC}Q`o*WN-3{>tcdGH?u72qT4u zhR3htwRCpB%Ed!*F7>W~r=tpfaH>w&pfJ`oSX`e6_)!XtGucH<0fw_8ucN`ZUOQUg zdy!~aDKu#4nb)e)fP_7rw zI)g&fc!cTe9N5|RJ>@n_-ZzkCj+O`CdZ0AN`qj18y9 zeCY5IczxGim_IkCNw@XjeXRZ0{5Q4X9BAaZZV=U3L%C zS;5TYiqRZ2;4%k@qK{~2#tw>sRP^iA`YWKWauNJu(q}z1K_%HKg7!2tRT4ci^9%{-|XHn(Zr({hocUrFMom zbC}80#6V1#9et4+vXYW7FwM0*JV04hH|6?6D6{l{MPlQVl-PrVkEqc2sBp}y=6`8H zMjEh!!>k7PTC45Hh0{f@VM(epD+ZX3DqbQA^8Og0j2J0=zEGVvAYk@Ld>y1r#XWD~ zlDkdw|MdJ|a{sz>Utqo>mjR#ZIjZsp?xaN7*`wdaj4mJ2OT)#-r^$lTmM5jRDRGYx zgTSG9lAz7z=T>tHjmYj;%5!2F0umdz9L^=qpLDQG&Q>Z@hZTun+U=DWlP#g^;ODd~ zpb~;RNtJgj1TaCO60aQ7#0?4x&L|TGA{}vhN(VKP6iY=1$EBjaG|DxSlths&^4UI* zE6!VBfk4gG*KC`&?T5=&HK;S6WR0Vb#Brw_SL;%+c%+*Z>1&QAU!_6~>EJKsdP+f5 z2&vUMgG?5(iJ?}6K>L+5#}R6y2vZ;wJ(xDwKsJ#g2zlBs={n`M z<`5{=OkQ*=j5Y=UYLa7!(2Fln6t~NJI??;NP?CG9eR%M}XkM$PJW;SL-RjX3k=6Y9(T?B&ru&yv8P{nvbY}JY23g zbH^4-#rZc zjd7!oGYtHN<`VCIQ2)-AFGt7vpsV|}==+zz(caBDu<+oI65z14{w$bMJqH@9WIMxz$(AgkP-t0lc{7QT6hNH2sR*2Kos0_2mv? z8yGNrC_4VJe^XJWi<9$1= z*-GL79Gie>@syy~d8#oPMQu`A%P}-Ay!jgRXxXd4gc(12OD_Zfd35$K&A5ELMY~-N zp4bT8{l}oPtPa|nF6C1NX|gtyYNCl0-?Zw!oCoO)aCg%=cck)FGIz?LG$Rw-%RTen zi#`os>FcyiK=V1@e*QD?$7{Y3h!Aw9CS{QkKD(LjOxQN#)!@F%A^<+)J&>A|VV5Dvr$SO5y}K38*3*H|O|_z!1Zq_PxM ztyh`wT;za#wuO*Luvy~Z15|Evs@X(vwQ1)KY@1*2lrrl2O+(6Eq+QI!r8eJ+ z9w&wv>kshO_!uh^nb%&E>Q;RJN`XDe`P%;`QVuyl6b9iPW)~I%)Y(y z=YoT!R4@c_LL%@SaHJ)3s6q~YD|2!@VhmzZM9M!9eCJ~dd{MD%*F*{7AFTPBZU42b zKQNA--L^gW>yP~b3=DO{&}cXO*Sg<_n#yK4x8oKlFRg+y`>24@l5#6pZY=e_G0bgSnS7x!8iStxo;+J{6h@=RSpG3OHe%Zg$K2V& zI@Ov^~F*2)DC8U8?iiW9fqtrL;Lyi=i>p^Nh@%2wf(GOiY{@ zU3-^nS`&YP;{&^(&zKg7?L<#c5d1USu5Dvy6pS-R{J-A$TX6A;^WHE3(C7eu;miMg z%KMQZ;4^F2+i%odJ1_74n*#CXF|GbwR^(8pB23#Kk>Yff*!mVKt9tV=lG^^6SxI&8 zgJACgddK6%H>By_VrEtquQzdiBVXLr^P0WyI+`yL(|7KiVY0wFsXM9oC+t0*ntog| z@2zS~L*Bx!P10E!0i%bAD(Z0mZFu?;yO=a)*oBD1KdAu0rZe}PZt0gU6% zxGsQcF_wZgTp47bpA(4V^~}!*_%%RakqkQHG!2f>7lK9~DP;0Gq(`IVWJq3KkEqPk z8QuW_I3!)Ckmn#QOC)B3M^5gBp`{}Mk(_UX4w{EfteP)uq0sP*mqV8@gh^8dfqRQ3 z;vSSrGm+YHf(00LevO!a1+G+w5+$_9m4Kd89m7U z!J!-wD64;N$p$8dk&{xz2GA>F80w3XdLuN9XDLzhqr@VYf6NB>RM znpkZ>bVqvCR5lCKgr~qb0Vm}=BJv6-IxQE3iW_+WWdf!<gn=gh*?Y! z^3T(>T)bCivh;~h<)q)dylqUd285}hThs~)xJddTI{^;BniNbj#!7ThS1)}ZET451 z{L9myfGvk|?UU>F{tPxpzpv_81mz`TaMAqVwQm@Y{xfaAmeFTTKXQWgB_)+mS2+jj zD;L1=zFkmJS{{9D1q_Y!!qDg-RFs#hj6bg7clsHBRpm8MSy2OJCFM|C)sTGghME>f zKANIq9DtpNUegoK!1zHOso;^Um{W#Ej>5r{YvFMB3$X3b_o21^d}ygV51Q-Fi2~Cq zvF@cwj}&~;)X0Q{5MzBHNXZT*rgF0kaSBKz=OKf#^h5j>fSBQckkQqkxGJLp_=M2z zJzbBfS7Us%#(S=^q8b);EQ5z0+5{WdA3nY48<7fMec{s|hWCHu3#S?C3*Qg>4;+Gy zS@TW}04%MD&fj42?+veQhQ7W&sI9GqDK&Gg8BmglMn7w-rhzoWMWkRomGZjIe$4G? z4^uckBErnMIbAl0?;ndgg}@mxq)*5iQo|y^un@m=+%&q1X6|TjS|z&A(({4D_ln-E zk=y0I6I+tcnKfl`h60cX0KELt)nrTeQB_`VnSgga{Zaex`(L{oR?WRB0R=(EV1#LUg&&@bh_NcVA9fGF*o34<2a;YCa$fY4Wz zO8B3}80>jDwghRzF*X}77))jJG8kB3%@gur6rfM)4%5hkZVZla)~PHd>SF(pm z8`d zAZ46}XScV(?3t~wa@l+bqymsGUul)4&?G01>;QSMP(Ye^O?=Z`@=XA8$ zy%y$t?2aC>NsHN^*{{)LJZn*hI0tbcM5)Fkrjyd9ZF>{8 zqS@b%fBI~2RNVFLhvC{QS2)vUZXahY?C?RFNrvXAG((`!j3H9;c#$` z?@{57y1H6eyl}Rvb!SeWd0%&LpZ7I$@0-J&&+~(~r?(&Od*}&x{Hb-&d9W)rAaS;t z(_8KPS6{jkR$so7IT1^66v<7JabokI0EtmJW#@D>bARhR&;xFkAe z9pxtvOk+VAiQqeC<}hV~*sur_MxAt)2br`dRZ#9oUue4IfNqAsm<)E59V%awO}>cw zc<04GCxH>qqf;O$>TZ&*-){SP0Sy_?QB1A>p(4iYn}DH@?D5YDYPR}?v2cLQ;|*q9 zBNAx7U(u!$D2KV9)mA$bK7P%=!6Tc#1^>C>>y`;v3jNSKumj$5?x&!YiW1@W@~us6YL{Us-86)KxV` zk10@DUX%PZ4@k@jD5;z?!-70$Q3p-Y@gI(k_o#E-1Hd2nz#mHBFIX|;F~PCESK)a7 zMyNPi3(a-s!ix$f>KG<^dq7<}GUQ4|gz? z1uyc;nJ55Z(loosVHOcbveULTvC?C>2*dWrux?^GGO@ghJWwSIm@#eD!(;t+uADmM zT<^t6&V!g_&u$l*9nak&1|O5x^@eU6TNch5VOq&Z4WfXX)vx)e9kyM(W6L zh$3mM=(cl>`UA&N~#qErxJysD!~NT{8LcRQj&~`Z@c$yhZ)m55(+LG z_@qbxd&LbZi2rHw0!h-tn!Z!Vpe!9z%7aVVX0-w1mKO)C`|39z@Bq5Mz4L!UO--f8 zZXuzA6XVVXhzU^u{;VgS+Xyv3 zsDzd0FMwNaxCC0PL$sqYNvRIySML5v=6>a7UaP(Sx+_<}yKh}x_B?(-+let z@Zw9G3hr{vWf#KV{l$la0>n}d8UQjHInf7fon!=27GfOGFLcoZpo2#5$4pUaDawz* z&Kx)9@^qsyD>!13z|OIty5?yi_k`9l%03=V6NX_QA?-!w2Ia2I5J(bG2Nxj>45G*H zbXu6i*jBpEoZAY8MqJpb*=1InPr2%>_rV3Tu7dBs@C7*8`wY}qPlNWR7525`Gzw$+ zpJ*gj7?MPAqHjNxl?_2dO*K@NPlbxoCa9|@fo%s~fYI>*tBa?(_D&S|YpiXvfM4$C z6wB~Sba0%O7|I(l5Ts^u68NK}Wr<+U)U)95@naV3j2$=)yJ=*spTjs<1n}pbe+>Ax z<^DE0J_tv8*1^%sb92>XTl3}fB0KHc|`?v2nttQU62M^XUr`b*ve=gz<6%p+&Pc>ULF!; ztF6d%6(W#RAV;Zn?c8I+m$ zN;ir;C!~{Z^1$B%8}EkacHK9j@oE`@FKvY%zVs!_M!ezd+o8E;#sr`o42I#F7GS8} zLm7Mw1li35zL|s8eMDJt6R~)XoGvrY28ZI~ZWm-j5bnmL%-X(#GD#k#$MV*KH|73t z0F$Jk5O8<~4h;m320R9r?0AuRcGd-8j=x?)lCqHfE)dEdnk0(KqSI7vNT z@b9USfV0n9ROa zaNDpPg*d^)B7VvBC4O!LU6O1O)1;LgD*WS5uP=BQ66B-&b6Mb@+3tJr3ApoPxhn39 zFKvX+{Po=`+po}Oz``$n{T>Te{_SV~80zb5)l$!7U?0YsOf-GcJ?%eq7(V#n&lLnL zQvh%!bG(*(x=fI@wT{Uv&`5I*_n6&) zfHJH+Jq=3b1+vpw|B9rBB_ynMWATBv@WOQ&+z@Gv8n(C%PYr{+n`f)Ii z5-n5$4(O%xL2)cVbL{8MxegXh{cZ1T9XPoG`Uele@&27~vVWJ==~5@@0>Gayrspe( z^bGBWZHK=FQyVUU_9@pu(l?^W`=Vz9BH|n;jt$KmMBLTUt*9V!K%C;H8p;}6=(AWf z=?*2$k}Ztf2rf5XdxrKTZ!5z}sEWp$+4da!WpHkf8GzTXdJmjC?~>E39a(I=PQMZm z@N|48mR10b4T3k5HE1dzQHh zVxUl>Byi&4kut3zO+w07?eS8-{1-pmz0uyQO||o!HHvs~kmQ{ohSgeXXEI>SeWd}| z4ESe3yRG*^N8=*6WbRw#)!_v;($9?n*e;oS6Fj@?KD*E7cHReT7QNFiJUTrw{;{Wb zzd4>Cy!<6^92!7#QQHd3?2Ez8{^49(@Ui}b7UVqUumlZwXdc&}eLLK6_6G_ZJE;2a z=yf%ahBbTU9nyi?=V+z4Hi9SSNMa5w;tu!NWQlYch7Lr#k^DH&jkAN%gp7yNaZZ`W zb$P%FMQf+-0?M%y+|<$EPRb{pu0=~)}N!VZG(hk-4?V9f`1)t@W~I|qOMZz{B78LU%C6fQvyL_An-ds zc-(@LhM`weReAcNT;*KhB*JJSj;x0Q||HeYt4x@2%HeVIKvf zqCmjNTz%alk$Z(verxhV60eQl>kXGRN%Yca#x9Muca`=V&N>9&4H?0A0Y+IkLnv6j zBoUmVAFgsRgu+NK)5>wR?(`lLm(7ogR6HuZDQ>HVyj4TmtR!1Bfd|VnNplkhr=dA~ zKM2iEP*Rkn-iaa%3eI9&q6Hl=Xz#J7En}~vd4*-f8Qs4z8p-b?2jWoz=8ffljzaI? z5KL{TgX;2js{y!v|Gz_dnb895FBo{}^v>RU*D?b3O5_s~x0 z8QcYZ!+T(0_)s)PhVnxH@jahoYBp3YjuQWub?|Sv*8aTo+#B-DKM3lKo=Fgn&d_JQ z5ul3JiN+*q1EWf@zyINKUkHj}H-#q|6TxdEWe{usor z6??#&pS?_z^sJPp8%~~xKCnpM8l@V^7MD*A?6N--CZ#rivra0~#D|i17?8~9@x^Yy zw%s=m3L3!ghI2ju54@I(?>6jz+yMX~QPI-E(zx@+1p(JAdY1(NEugsVyY}BG+)#Zf z4Sv=KM!MnK&wth)OT3xmzjDz#U{!Q%NlUMQA(qWtos6$z(RVb*@z}QSCjjS9H+~cL zpV$WPz35X`w=e`>L4jySnS#BdAO=B3mvDmt_LuK?&F&%5IV@KaPP*XuMlhe2g;>gv zid65AfQc%^?eT?NfMuxbS5JHTPeAX$3Fth!D|tg@c@;EInFcKl)1V^y-F2##o+2RR zfn<(KPT`9{@Rg`=9)O-!M!bI^7vR2X%-3nmf=Fj=mUwp0dT;MA9cmq&G;G@zz9uB6MHTbe)0GH``y0U4#zYwy7{iC`j= zjC}xkw^t`5BiS&PuK|kU=qb8@OnN8%gU8{4r~VHN4G;`Qj}o|W(!s&tP(Qq~@p-s- z`4#C{5H}Etzz~ZFh)5H4q73kqG?8eo;befL!XVT{%uzzZxd?yt_diP7cu(hMzQbRA z^+)iD58Vva`F3W^sDfr!xO`d>I-m2GS7uh3W`kl9J^~8rG8chwEW;7f8KsxvEbjI|LGn2?NNkaFmHQ0)jo z4Mac(h$OAnfsm#9?zKu1g_f4&>mdl?YXt60?^XU>S5xObSywb5u7*M#&5dHwV+mqr zQj?2m95tByckdhOgsq4Ep9KI9b-xBBC1sZVX8}CxzB`%+>_%aXMsq*&&kv6dz{|TI zjFPOUp{sjq^zUA1tZRgm{apotzv+#0p>0aL1^yDiF3&KGm0u>q?DJmhG?XL&qVw7v zhyN2+%=w67hQrxFrv1@8;wSotjzIUo?kLIL0>^r{K=0r_=QhXy{uqGG|K8R6JZw6+ z2Tl(5=7HIb&^O$Zyk^tERNuC)q9XUGtbqE;N~kWYh?3{>99U*Qqa@KUG|vr=jKbik zaaA6N?x8^#9UFs_(a(Y5A?P0&R>#d*(=YM*MrJpk4b>I7q}sSi&uKo(4)B`jx!LA- zNtbeANoSm!Ht7DL1JP$kkKu!GqJJ|3{2>1wQe&1BPVF7q1}*h7qH%WAJLb{hI+)tj z0hgY4y<>crf=lFC5uRBn@Yk^w*cgGx&9DI9Ht%XEFRg{4(H|80{QSIW-do`pTko~M-}Tg=z#m`vPu2n6ytgJc>(EvRk<<&}WoEi) zewo#@*aD7*jc3?}#(<=waf$B@7_g-{u+7apkK}z&<-zwV_P&LJJrcENzL?geD z;D8eEkrC8nE}G&Xg}D<|#^sSj7rm$dLq6iKfT`s4+`A-L6zyPGBurCiJ9K0xG&RhG z?*0R?W$(|UXJ(vI-SBw-K4`5CGXP(GeVzUJ+UqYu-#`!SKJYqpAL&ZI#o*8Yr0$?v zxx^RhD)`+ACx#86vYLzcZQ0fteESm9(mRogT|kb;Y-0TMRH>a211Jmt&7^Fzn@?E;T|h0E<{Se8*T6 zLx+@FU%*WX)uLNQy6ji5gM>;C4Wlq>odo>6Hy3@YH7~KE0Pupobg}cKFt-wiiekU6 zo+=8WqLyXGF%gCUUeqp?6Fwp-F2?D3BrOI3pK}~1=^#+p`` z-Za;Oe#WUcm;8(;fxF+*OHP1Hj*?9_voFX3bl8OPYkP+FTBqLWQ!ZvVSRdfQ|?~!$Z+^pnTF_0W}o{95g>G?dzu3H;VU`z{$aZ=$en^evXYn zS6{bfI-VHli^jxgavYluK38y_T{?Xg%xGw}fM8>Fb9B6o_RzWqcIGr@2X-aLoPd-u z@Rxvp=&Of2-?4Y_g!j$F{!!c`>A=;yp%yvUn38TR6N0h->86_dO^Ygc>T1}*_*NJsEB+7 zJxCz=<-pNh@c2vrWto4)Yz82F{N?|GXEs*B%Eec}x${@Cd7hg_f&=cMTCnwn;fkAQ z-GV9zfH8-jA!EH03is_mE-9cr3JXl;XBXlZ5<%%k;r@%B?>C#dlJyi|sb48%Z zMcuiOGUY|ky$<3DZX34!3=W^z43$;U4#pcN0RX0jD)aNm$qjJ0dpG>#iCX9%=&^ub zby-#JXK4;muPV#wsKoy!CkPD9dMFZUEP$eCW|*Xu)I@15>?W7{`S9Z}2S0L7M{AnA zp`h<(9wTR^tb1i=X4|jP%)9ND%VFuFb|1*d1CiIPxxlvH-uuHRf7?OP8J=b{GP-@;CIofU8enZ>ktImd-Z&+o)PdS+x!w>V@ zkz+j;3Rx-fIoN$?)>;2fuwix`A=_OKm6VV zz`r}*cME**cWwzEL6D|Rz)k3pwcbi|9n};QAcLC*e3C1|`PWZnd<>Jnj<|_MNZLiy zN&*mGZxVA3cg%f zxFE_+e{ugCxZs{9T(hLC62^v80C2-=o1-a)Aj`(MX zeAHXW6f%;8sBeqNKS9djYm7H zE~$c(J>Br&&%OthB^9>)$8h>)))WF3bKiE!f^!}Bt8}`eg!(UrB2FUu@>g4Z4OhAW z%z=IPM^9w7hb~<>Gr1v=iqvcoEYg9&A^7HZeinTBWvkAD+i$yyso{qh=!Okv7=Fev z*8qVkm=Zm|^8ESW-3(a+2l*o4PJVj}f`4bj?eDpY6$Vff432)k`#ZXJplKO?_pMjh zeK}nj`OB2f8D`%tEm1IV$4&6Wvzy@VdmdJg$uJB*|B2h8{Z^@_o7b*c9s~f5+i!Bv zl3^4IEGIBrJphP8j2~^r*JPAJ4k3k)Bmp2#At5mOeTKcaV%bvI_WB;^JlIvxP{aeS zU)l_=AoOICFsTyK-J1jdwiF5e-T9{XT>we-uTzrWP(Ly18Az-%r#kw20vyQQ+u82XD>iDE00k~aEZ9VcL`aMb$c+(r zl^V70N$A~f6wvA=0Rp2Jt~d;9B(Bj$$k?X33vwJV=EoNz1U*>1aU8M_&uv4aeemq| zuR+_Cv!JPVK8%bFKxyd+OlzD0$9n3cguVwV%Nk*Hyc=HGdvBDKH9=MM$gu%)K;W1G z1MOqj{%*j(7!<51D}(0xIk5BahCD-XJlbD1%$<6+W&FiS;5Y@CeP=-5uOOSy`Ap*` z`^e^x!S*AkN5bP!&oOvt^IDkQG!3p;xE!j=DvL7=F>%TCOJHux^-zXGuyOytLq+t{ zjD^awdRQ{^23S1(dT6OzII-X{e}lMF%JKePaJ1(&=sf;{W%{vJTTI>U-Swxbx}Gry z<2GFvyi4}N)P1m}>9DXJ(daG+o;Jj5l zwl6CO_;u_9HadV~!@cae4X`{*kT(2)7Qvz=`byoRmO>UO^EV>peYx z22A_pHQ#~zU%MNg-Sv~?eT&*w=D@#sH-Xme;&o7?xT1odR2|Jp%i7oE^#qwB?b@{;KK=Qx!%f#+0XJU18ft5*!DF&2 zJ|tP>+T1)!+=4-Cnxz882uzQ9*TK!1;9q@BBh*zl+8rG@8jkhN-@f~cufa`kdM`9L zOjD&>!lfYcBw>O}L`J2KKy;7B>^~Bh7Adn>?`dck>Zt}zPgjp$17R_Q-=U(?RUy}qp+PQQ)V$Ol__eE4I_MRaF z@_w-Rb~d_s_dWbwXl;Izt%OfxGqKM2C`Au|v9gme)bWfdrbHc`>;-zaQyCX;*2nBEF^{Lh=C0OInr{WAZz&O=?+CD<5! z6tf*T*ah3R@3uf9AL%r~yDhgF!;guy{oeWU9Qa34J54huBF(hOZ?q@Uby3`)io7oBRNSRA~VbD?%5VPb}(_%{+z!GA?YP1iki#Q%hZBW%B5-EO84*wFRQzXhT z01{mt?O?fL2r{5kzx&bGdr=iiT)c#W*EYMtk4^y-mD7VPF_Uh?+Vi3 zMxeQ_3Chb#VB3N9(d&j_N=>T;{;Y#*(RDS>%ooo8U06Khh6&G=n!jbdHP+05rs}z{aN3Rb-^T6O0D;{Ddn_PobPZW6 zE|UicwdtY+U{UGLqlZfmn$ z|9d*EK)kjM57fcJj%DJzyX@yPi^MHmUJYgC{Hz~70Kb+SMmdCaS+|;;x$T+f*TXyC zy&UGYT&{LaaJIK($pi{M8ldKS9uj4gVq_Y@h5gxd%nUqy#V_|RN#|(tZz!*V@1j4X z<-AIH6?E))Qm?@!pH?v=1d30DS=^zQ&OrLy$x8SlG7Q z0)Q4E?tC0(H7*fX+co{@vFyKiGunN*R^;qCj9fwuhR_pY@t4{6bGz@iF2SZ1*Z`C* zbu$7+ojM_i!)(Oj`^?T7+32H-01F`8-zh4Hw8v&+O2G&_c6Y*^pZ_}a^$)=JfA|pG z_uwz#9k*T!H(s}f8*das76T2&F0?PrqBTaL-mXkAGBRY_el^f<#o{YqM#~(it8Pl; zv}mV2{l{VVp)K(0&b3~wINFDW=UT`ED5IA)Q+}$$3*!SwZyTThD6?`C_2GE}i$u zNsdU#C&-8E-DZ7sO1nuUZ!b%k>-Hkkr^S;;I5u1h73C#R zQ&|C1Dx=S=h#pm~V7hgq_$ms>qtA;TV`F2{1MI^9fn(9bS=Wo+4ET5T>YMouMdVO} zDd~Ins{!E|bMv-NSh}!7pNE1;75COOK$Zc`9(jC2L1T!wU3alpvn!69#IxEE$Y|Pr zZ-4hyz8H#Uf9@uI>6m->EtkW(4LekD?uq9%M}MDMM5#ptCzvj7PekYG-XHuj2>yNG zJy+*JJMMbQINeUt{iC1i?NQfWxg0Kw_M=U79vJV!RRs2ZyZ0ZlZNJ_*Si2E!x$zR; zk}G2~8iKw;aj;H3fk+vA`j-SSyckvqzO(?s9TbzG&fz4y2p2D$4d3|UC!xN+7Ti)5 zIpE+ozVr$B=%>B{k3IQfQTyC~u*>duGQgjExhAUlXUsm{dfnyuL;}5~$K#$LfhHM| z0!HY8f6n^j+-j2gFC#e3G>Uw?SY_p6qUWLU>uSakirI~1(G$RH?TBwJ4uYzk@>Cei zCRQ&dy%SQaNhW%L$Xy+S7`@--OcbuJf}*Pw@E7spWyEl9OT3+!1jAS;5r?bFd2pGz zSqgn&L{yF~{bAbm#$gni>*iY4lwoWc_Fn&RIc(bZ7_?3)jS{2tp}b@k95}HN%A&;I z==p6u@I$DtZio7+4(sr1ItUCKaD03KN=incp{5cl%WL7_iCu8u;Lbeow<-tx5hZS+ z+<4=S(f2F*Go9BqR@cJsul_4&sG5}mI@4FVS*XW;m&4Aq3IFKjudsIE;V2Nh|Fx&! z?aO~NO3F)p(8OuOJ=${sp5OYxC}!)0%CZJ{^O8S;B^LO@2~U@xj8m5_DqEPQRL`{! zH^wr>o&sBjN6oWuf0HpAu!s8$S zy>Ju&j8L=>$6%x^R#8Twhfk!WBkM#S%gwc$;d{jd%rI{o7(QZ;v$k@oB143JJ;__^ z^XD^8*(sIi&jS2N2CbA4a0%Hg4cuJTex)_vFx$4n>j2K?Ad`DO&Ff;PUc*K-Ae|QC zWW|6@#clE54fF5L&;Pvz|KiR3{-Xz;hR&nI@ZMY2Kvh+FX0sD{g>Bcw0@d7` z6-QCW`sKg3?0w0CcJ4NJ`chbZ!EaiZUs**r`>v~PgmdPvvX9qx0H;7$zdQ#oZv7?O zhxz@H=l|V;fN5w-x-O5<>r3N;;wx(mghipfC;TKRng4vpAZ}CwiasOx&AWuoBtR^N z4X<@vv6`4cayqG{V++BB1j!AaP=J4~kuEvk5*;cR$`k}c6&NIElyQD@LIlVuqmn~A zL`E>T2T|s?7oj2s9)ERznvHK_@=$x7qKV*Z{yp;ekCVUeIP?TenbHZbzP=m|AMb>& zV+W$22jJL=F4%Wq2aF64LunMGS44|%d081usjG&H%5gAeHzg&xqTJ{(Lc>@!R8kd` zj021erE{WT_Zg<30Sk?}+vo@-k1_Mp0Dxmuc(A*{O=BBech%dWefk_ z3jV7VFQUhz}_65o()du>+R^6l@r+I}`UD-aSYz-;cf&D-~>fU7yjH($Rh z!=ISMG4k}vJZ`!E5~~Mj^ab6`{CoG_E|@*5ExX$`3)qul6)3d%iay7DVTju$Q@;mN zbk;CXS@r{piKZ=d3Q9+&<=29Lb+rN;Ax}j6(;vSBUVQ1p7L+Tr83y2*%T~f6W&|3Cql2s~zwU<9J1w2=#mxyVx*gdzqMiBLOY0aj9$ z+9I-KLo=oz)ZeeFo;b-6N)cV@JPceL&o$1;(p*7=1R%o9wS<&h4H@o=V$R7X{yIP{ z@^~O*7#{09r3?}(4xnM!FQ!q9Fx3(!vm@Nk$fVr)gLRI;cTq`e)LJ5{8 z=Vf5H6q;*V;NXe1P+d`H*?u{<-VzubITHQ*B$SnwL1{_31qUlD%VA`65RUd9h9ljb zP*>Fm%jRAIjkT?LsgiLBY3=zw;89SJ)Qz5<=cciQKd&3-4WoPRr1merkBK*ty2 zLC=BEjgPAHBIe&YPABp1MV@U$C z@AyI3-nAPRw$6Zg&C`P4ZD^nl7EE8lk`Ol{C8^VSnzuQNEBylK#qWW8{^hTKeF4C- zN(KNPI(!6n?A!zM=gkIB&rfzxYBuazob61cl(?1(mv#^LQ|8n>af2N4fxLf34NNUl zc?De1J77E@(8CK|rWARxodp10V37Q^K-DEDx0@uEFQQ-;qpm&$G_TQPW(K$%Mz*JB zMl?UnunfDLt{-P}#_uzKm#x2^8-N#UxE(sY+e|a5phR;m_lNV^uSfvEqx}amP{r(e zq*h(S3^NDR3j3&_*`(hm!C~gcG{{THI~DNHYz<8<&^BWh?AUV%{`wm~f;(=z8fHvu z@=ie^zd0m7e?kv56AMIOy)YMY*TJnk_o!)v)yrb=Ph1<~m)ji6IrCP*^p-hr|1;la zAfPb_d2#FGuwuz-hp;B*4M!HjjWG&h0T{R!)$xm7v!AC0jsoXov9vSFWU<+0#*sYH zdO+)o1j%<04_@QbPN z05zd7(zOi;6_{6B&BTCG?dzR!bh7(c^47A^3OIiFb@r1c-&RMhqIy?76 z=l++93INVsauHm3!RqMeg>a(hVD3hf#0Qr&s%l~sZeKJ&T2{;M>Dp$ux595(_MgxH zNl2qb0%`_y)Hdt(n`bi;3l1cemM43{0MY`Lh6O0WwK?r=87_t48Ot2Tlh17qf`3-4 z@0Kep_{S=u6p#qW-%Dnn+GY$tYN{&3D~mVJQW6lwPuJ8`z%AFWQd@zaT)Po&o3(mE zT6ZohioF5DKyxu?IGqmizzv%lWe^|>52#?p7)YQda>XYOAb#L|H(L-;f}xrTRefy@ ztiEg|-1p!U1^3(2H{b-86Z>YS)!00~`-2CIW*i!)U*q`eItwx(Z3yVGQMUWC8^e(> zkRpkRkrT|tZzKp*(v|yFUBLa~trT4FIf2r`1NE;c1fV5Yng%aI2f&rjAO~_o9pef) znyI?j6cTX{lLjc@gN^9b?$|X^AQB!hNu_KlsN)HZf!8%qXibqxQ&NS;v3{ckr zZ(H^uxMJb0Ne78JjD^#F+s1T9`qKDobZi8+?0*5e2aZ8iSp)pWxu1f0ZL3dz@I#?w z6-6@2=`1K)|Im--*;1ZZ@u7eINNOOa=k%=UtL($ZgTvhx5M00aXYkU#?NRJH0t?$Z zqPTV>`1J<+>S1bghc`KplZ>6I&9wbW_TRZtf@&Cmryp#516+XP%T`+MJ!i~7asVLm z&Mvn(B+q_1f{>OjAgY z0I6W55=Q#x9LYNW%K5UQqDs6;?|+U%uGWU>R`>5d0Roy9;q#*X8B-9c+t2b4t);(^ zSt+>KTYA5sB4q7qQd7SBk03*P)WP7G{2ZY^Uf4{f+6tq~3Bb%6hBMbCUIngPLV}aT zeJHL5pq!ZWJfBae+Srgbt4?%{z*W@azFfC&i@C+xC(ESxIf+l?)fs2n$CM#qnSrD` zP9b7o!V+WHt*nigLVbCC;iW$M%+cX-8(dS|6;VPkJd}S75|or0U@(PTX*{R(XF$Lh z0G!&g2rgOn)+lLj%2#%O30t3+A4k{O%R-+`0@&mV?qB z9dy8ZV>bi-edzWZptia)-x8oyEUDN48iR~Oqc7;G2BUK`i^_juQ|^dno9o`z)Bu0? z=kK#0yLsDw`lTPmc)c{k%9;z$6n*? z8}9WZzxz%#M?hG)Y$1RG0KO1??z?YU?N=oyG|*5~W+xszr=WtSoJwg6Bf~WU={kvM zs5k;`aFwD7zIV-K7kU#IxwIn@qpV!Ev?u`3u=Zjt7t9a{4{fIHx7aOd`vu;@s-8=;MHq+v=M_B97zP(*4HTtYu`Xxo9b4F@CEr=$b{5D&FSy-L#9}X{ z5jdHbhDLj#q@+CWyldEfqj|HA_@`;h49i59gN|zRoWKHYp-A{eo{!EH!6%BCPMSo^lf8I=txj=e; z+uNb6v<43MJZk~1*Y-XeeQrK7NLW1No4kZ}40>Fx+p!8>K*ve#n( zv=0Q2ym3qiEX;XaIs0l@5k21j=D&i+w|q7lr{T_r(a|y(9H@n=@@fwZ;cUb+6NH-f zU%9>M-0RPH+wqx&|11J%wE$^+G(+H(pZ!FCp-~;0ZJpE-!8qGvwAEDRjBfgj-8Q`=GI!tdQDKSA__W<`2BY~4p$lO?5F9c1J z1l@aEIP7xJmfyJx+g2v*zO9E}wEuR`n#=w(uD@3<76b1=R6Nen0DfOp8qVg zM04jY7yPjoIv?xnEaD!~)=l!_7nHG_3m=ld-h04Z(DlIwxZ;68q?bEgTx{p={cz{! z3WI;{cHhrlu#CXpzTr(!Rb2t98&&>Z<0MxB7Aq`OED%41=HZqpDZBe<&p}wXa)qSKul~8Eu&gDIEWK{U+&$*YxDxTEntW*%6RskXBYLiAzLTwqGJXI`Vohl!3tb%rkJ-u>6QXcsRq8EGX=r9Fz=>?8 zU3V-Byc_D8VQ$Al*s*s53=Q>J@NcLx4*;S=GNBv*XoAc|vzEj1v#y24`l)a{x~bx= zqPz~;T9&{ytKUAc(XVJIA@D^yC551u=>Dp5P4{yK0f@j2z5z@+GF+HUDH}ww; z26YBkSeIU=u9@7pp3m2VBVBx{<+2*s4axN?CDU|GfL5c;KqB>CDr7|fMZR@^+6oQ0RnmsxTpli zTs2elCHwsZ>~mBRbMT6n>?&bEgOWhu@HwC3c3{L~p8$EHp+^2Z6(jI99JN8jNDH!U ziCiWJ20vcT6Qsa(SRlEI889w$!M(l&VJUl8+K5o&a`1tSiT;azN6lm|134(v|wsGrTxa(vu{PvBP!i=d+;8%6glcXlM zSWQ~Nm)ICY(BxdQ``3E2O<8ovAsL<4v;c zNTyun822G@|3qYSU;+>Fvm5IH62F~xin*LhfkGB%19A6ebj9 zE^etbQ8{J~1Sy>}P0pQmIYsyB?Qi`Z_|AX)0}KugOllEcdERQc^x~_askAtqF)vHueG@z zZh!Y%V9COEFG@itD=p+BAw$W{+rz@nvuC!lBsOWBLr|GR7)S*PLV$%EOlL=Y_x|t+ z=pPskvh-4*aLAeD(PuEa#B)b5b=Tg*>i!HcxM|yd3)~eQrTWqcb~4_yZLbIZ#oOks z`*Tdg5Wo}o>;!~BcM76Yx;KzQRW#v-M{)`UW*VUSIZem}B!d=}HOE|VmP0R+S|6k| zq0ofR8H(VD&Oo-()7zIX%46ytmz4szKxdFaDmAjmY1Kr(GD*US0!c`}kcirefo!A& zgn_w17GRM4W+73#$rrsyJzfwUx0!R13OJIEV4=J2i|-#m^%AhoMaCRGUM%K55R)!< z|8-s_CJz!)>Exa>l;?~Rpr5^)fNRZUfjS|FX416vDcKilJvh#09DKV6w?&VA@c8Dx zgauQtj-D-vp6|DR1000YdHIBz=6UAgDB{~PoTb*JE8 zSv~m8U4w?e8Va%XwWNb3cFgZ>fjIrebow;3NVf!^+1 zH_hiCdIx-H%{O3n%Tg~OUtK9m^V=tKzLUdc(r9& ztkpGACAdm~Ik&fe0RH+*|Ez+4v*s->>fSzZ=s4VU?;~*2TUNr#^A-fmGW5Ga^X81r zFi6ujM?UKt%|F-4*D(0zOkV;Aj_mf#LHY(xLPKpMBc!^Rw%HbUEMowm+4s?thoHG( zT6nPnkk%ZTGYg8&y@ZqI{?29+WSlcps>hy59md@*1@zpNNeF|48)s}utlu>>$&o#* z@?3iRW9p-u=mxt7KygSNmnuAX4+E;J!03@YBnM{(5qT$rSQ+6DK{i=qnSWP0Nk+T~ zXu3p#ZA%O?U+oMLc*DjP-G*QfVF5mwr#c{6M<)9SnYym_#6QM+~H4GH7= zF4j~qWKLY{_UY}vOJk;gB-a4q@&EP`evAa#cbwv%g>(=7e#y5e!hekOtdVzI+I z0EqdD-sDlxbAxxug1HkuSLn5WoxaUz1sa{eHJ4w=s+AmsRu6O^z-l9||^x)&}8ZWJtu?1GM>wgXrKHfAA%T1m}pixSo!2jPBw z^!AGgxRBwOt-#~3egQo=**HH-lO3(V;_rj+AKZ)YF z2DssZzs)iK0*>~lca|*1=*quoG9x*4antpVLqH2EWe)R9_rUAXV@Gz;=VYA)0d3*2 zcRzgkzPCo#9_>E}Ej82ad4GBTV~O+cvi8;1FeK}oqdIR8 z1KQ%^ZoFRu{#8eFX*|ap;P0O2{~~$&nnmwmUz)s1XE>MgdjUWld#D5v|37Z2z{3_7f0VtAIlh zCjsilw z9$9B~WLIj?9@l)u@RPRI_JsMjb62wq{?*mj*Zh13UBEkj{RFJrxD(#@j@Q}aB|cu= z1`~NFiQKtQzkS5uF#-S#Uq8Qgp*g-_3X-%3lQO4M?ztyVIs+Cg`K1IncW+2qg!8rD ziKL7UAVn7k4o0C0=ro?2F&&jOhKPq9$vCc~ozHS^Pq}%1$SthNpIHD@g83-?=1Be! z@|JHU-9Q9NBwNZ^iGyKjCc1cFe*75AXfx3QUN;H`#@XkVCyEARz^MWeZ~Bov*A!cu ztgI4frbYhsn9&p9gYWwU{NnBhVC9ee{}hLn0wl^av-;-C2O(uLs2n}!-(O7lh5$@ zo6b~ik|wML04mC~yeS*yF_M-qMkh&iQ$iW;c#rqdh%#@!^?sQB#YyGXT|sv7DJkLS zZKcKIL~iXVa}jH7brl*LXcO-qGGvjlgC%x`j0i;)AO_>NO@S%75NpqyiMn@2d1Rl} zi%|=lb0|_ld;>6Vbf6ISmiul+>?&qU;b_}jJUu# zTR`MIs?a^5!R!^I_}fu6)kmDbkeq}aqtRLZ$ou+oXbLI5MG2CJW>62tF9H^V4&co9 zYM%ENu(-)$v5k{z+m@D7KPWzV!~+()=U?^9VW)w?f;Y7HDqS zUfAjzzV6#N08X3y`o!h843TxcqV@f1-RDa!%iN)L^JD*4fPcZ{>PMBthv=W@Yh7CA}zvMT#wS z9O(9=)6IK+S9nIjAg^U#Q}%s790VQIQo2{yz=|CU6Ch9@?eRh7Joe-9*p5@vu_r-8 z5G{>SR`w&?DUPzpLJk8;tLe!$bswG5j@KlZb`-6Fc@Pik`ix5a(6Byid%V6pjr9YP zE7Epow_~KmYlAB8C!7CJ#NWe}kOPbY^TbR*__~frK8nM37Fuir0GQ;fty^K_fN{y& zQWjp=P8)xblZh77admisl*c~VJh68*-1gL$5~kmhtq(zSYwq|vap+8V$DFHu!3|Nl zvlbh%Ms8Ho9y!yfA|^=yQklYe`;dFjKfJB29sc1f-%i?pdkg;YZSiw!VC&9i_|SVV zgkeJlnqyAqbaV_kbX&CRF-NkPJZ0=GSigN`;V}j9@13vzI?Pd{rqEq14(^@PbC4#uBG>N!fP+W)%W<@fI zwR0g!U20{zi3Z%(&^MV`8a+=n?j#wAK1R=3s}0k4#t-gs)8uTlC1* z=sZ!_1I@bF7TSPs|LFqw=m#$`$+ie^*e^G3-gQC&zzvoC6V=KJk~Ir)0}y*uwMUx+ z$;F%(bv-6f49qa55w!ztJsA^o&zO~iMWmA#E(U@Qs8-8$IzGuz%Yiod`nPXQoPddo zR~Xu_ZBcTaB^f>`id z5zvED5v}d6z}+fx3k6IM?Mg=~@UM07)$}Z*{{XrG4A*@JHCK2C@11|u*-0%zPSqNf z{tb|=m2TPd6g$HKfrn|q|dU-otBcV&=|62@O({x#G$mVVOps?qnWzE8j9UW0#u z^%smjM0*&qwcQjA^6~z==f9A=DEKR`fub@e7he`+T`2ik`#aV_OX*d#?S5%c#{LW2Nh3~&G!1|nDrT<6HL z5Mxrutr74qfPUkrOz$!Hmu{gY`1=328$NW!g)nXMXyB4hK)!Gf^7yxim8;skPa1m) z9GH1wV%DKsepB%8(zD;6Fa=Zg9}*Rg6%7CeR$(gNl6HP%PkGkPiZwAo^%Kn}hRhfj zWOaj>b~-2%5UbJcKVzo5M90n%ElDqyC3Iq15;YMSyJ#V5(E`jPRE%g`WgmF7SQVkT-EQQFLGG!MQXJD-dg!9pR`?Q?BOJN)6)e8`j4Hfw%dQ9j zI7lG(`JB&O$rS3Zg;G7YWw4N9x1ChO7WDGMwf^mc&$_=4t-$lonUl3L8y9w@;|}N) zZHcK1^`tr0NpyPU*@q?&NL#;!t&di_ns&q$fYu*`5GWurU z*Fyt*@8K`PKfLFM@T%ORgig!)T()vOEL^+{`ZnZ^#7zVG!)5QdB<_+R)(bXfC?59-&3_MHjgkTG9!@9`&O0z-Mcbt(>;B{g%$G;a__gEK66dvv<`u))`;-l zGe4F5h?|V0#}e9p&zUt?pRqw;8nmf-K+ejmJf{^@XW>80h- z4DSY&2B625bYiN;#(psOlnayBs*Ouv!;Y1(d;fMgc(?vc3;J&^%Y>yF$AeTvzK!)r$xhS366n)A}C-J0`DCm(B%;!i5^I$TP*WX1a@bFCwg<1Y z$_q!4!quT8t?=louR_P+ecb~7!WLS6Po4a_r1dxb`KwLeuhxC0S2zHF0{ol*wKDhz z)(Jo+d$v7ffBQCAvf+ox?=C*|AH@WkG2pWJlRtl6sZGi36y&RxQKQ84b#lr~pa?zi zK*cLA@(>q`!W!_){T=I}rSytzp?z}hl#j#aO}E3Q9jmjSZ`!#UF1z4k$!FbM0Rit_ z{ymsHd^Vgv{fh1{S~YGhdygb6z=p>Bv-=(%1h+i?nPY=Eo@o3}_xzzYH~?7m^h&tv z{wEUvu=8LG9B$9`zQ&9m375U|64NRvi&P|*t85h^iidoWa>vLN}{geN@{ z2i#?Gb@;$jGSWzM>q?k7Y<@&&L=Ib{HKy!#kgXdOG1hToUjRqU9qjc3Nu)_XFX-@P zfOzY+WFA?{*nfeI7tL4D_Anc16Oy{P=_g!q#;20ki@O#lZz<~mmI)=_`c4l1rQ1u* z`{34}Jp%9RL^$j88Ie0yoCpv^n2HWK#(z($=wc^Ovd;me%)dDJ7utW1_V&9+m%_S@ zI}$cvzkYof|4L#JNX0lDRe`O-XU?2_M)FenHsD$ft54ww(D)HkfO}ByPNdVkWDCt2 zjshsGA?MNskC<8=<~rmq-iX}mmQ-C?8*X@4SyW#r*0*Eji&VW^#n-%;C;Y-?>`Z?0 z!i0`6Z-nCY6VVA|#e&!qP9OzV1ZUfjCwU}Q0RTNUBeK{ESi#RMU_v!OkU$gLrMS2% z5+U?X_Fl{lCnlgEFVF-o><`SHuxJYKR$l9ZV05TRs;USH1%XNPcbU3gK6D7&3g^TPEPv z?YrQ+-}@>2?O%K-d*UP;7>iY{!DAHj))8cDp!TTZ>t9R>nN-Y)PW+dyo)lqHTVWB8 zfFx=nMNV%h(*(}YAz=i9a%l$H^-A8nMj+g-L0wyOSCs_H%$?D~0z z9;Dyn-crnf-z+gi33?QJfS_ORAz)yaGX&TdUg?)Ey6LuX&5dxdvjygie>V*3H(pMn z8LN}jI3U>@gSJ>Yw10G3Ua_ffJ6|db4BmVVH1I&cYc~HyT!M zehT`Im<9)T4|~;se@#sT+RnGW0B{~)1eS1H7GrJK zteXRwk=u*_Ffw5J!G{+b@Gk|-2LOV{W6|17rzj~hGG^pK`*$Vk<4B9l3=$D7-SJ7a_EXsf*6 zK7Lqu3|4YLf^D^@Buba5G9a|vhno#FiO!l43Wt)Q`V4Focd6Ja@oUC`ArHLJ`fFJ14%Q7kubU`cg+Pc79tFvtgY5!ExI=CGn_8h9l*n{>oMIc6JXSP-&lz%ymhZDHy2DS=mv z94o)ZvYb!6?TcM761NfKvmM3eMTypuLlY&Iouy~IX6OCz;*NV6@OMOlfDZ5%wo@j| zgE2#=h~FJIt-TYW?^gp0uQ)A9o`nTh7Gc+G~ z7A6dz4nvzp!iueTKtp|h7(eVBXzDx4N#fBr1&QXUO2LeLz>gP45y^e>%kvKT^R_4Z zXQ8`GywW*Bjv zLk}-&JF5}K4(FEtx_fwM|ueHCkvDPZDVBRwV~n14He^LawDPDdzze`%X#LgO z=y8(-VD|f^FT&Ox&G5(Xdt+jJK>#j2K{NIV8Ivk3-Q)jNW&+B|1cXlUfssmxV($a4_9DlWsNPcyLoHvw6pfE7kmzC`B1GC`Ov^ee zf%En!Z%?_9F*(1(N+?}dddCqY6Fn&;5ztd%hp2CJB{If5Tdm_GEoZ2aL`0b$L)I6; zOZg!hMRF48F$=JlPN22oa8(ZjxhgBlYzHk=g+RW2a%3V9AQvS=~sypV9-}CLmb-A;i!L||uKw^9HUI4wzjhNG2wyds`-J1PPm=rm?qk=$O9#r*7L$k1 zfh*7XoE)o|yNDur;Fbh4*6q5xl#Gmr{(T0)wtWj>#rB`Vvm3t$zk23sxbOMTB=^rS z9yBO{;7X;5A)O8?*Bi;c5L5=A+UpvGar&P`R*#EH1I2DO&zu{d!^t^>Gg*Wyh7FV_d8>Y1p@ zx6^axLAA);DF;HsZys2%$OZq#PMivZhmJ5m4*=jdZ}}B0TeVR+xuT5PO_DG3Ryikl zkuM)evD44Zq{8dlH{R}of3b5pmfIb_egb}a*At0GU|K{);-z3|dQ$A|jAHx(k-Tgo zI3gR=l6Z`=eI8V1B7GYBGAxG$Y?aPD%s$I+)Q<)AS+T5=e*#-GCBB#+Gooe^Q&tSf zykLZv8?hEyg?^HbTS=|aXyymKHZTtw|A z%`jN`A`{U`O&!T#=;=Y_)Vn%1TQNc*WNnqm`j)72hA0+y9`scP4hQ7Y$qGSc{p?RE zy@)*}79AD*51}`W$f+15veAlZC4@VE@k(&TKmcnb&5^Ue>|UlfTu%-Tz~I0;`OpAh z3kJAtbJZq*z;KIg8@KMtCoC@FPy85BCe$iGNgudJ7OsFlyXGeN@F%~Oy@GZh596tz zqBigJX$pvvCwkf2&rO_*y)Co?|NNdOGwrQZ$BOT2@+AK{?ApCQ8Wzc+Onx$-n!YHZ zp{ykl^Xem|Zd(M7(`zhJLmScbrcEEyXF)*-ta^h~z`)h+a7Y-Jgg4@tTjr+%soq!NQe)@K%_Y8hljQLM!l1-}|Y2CXt096dN*Vj+yIHAk(4| zi2_85LM({M7JUteqt+(nsZV@L(%68veC6vHTH^^Fw33TRJ82gw98D%9Jg5Lfhh>fN z0bFU9M;_#OVL=9Z@asi+07D8e5ut#r3On+#`SOD~DC=fRJWn7pl4v@l$uSyB|IUw* zbUc>_*_DFkp~DB@(Ut!K?T7Z(1pI|qIk+(K(knv8y%q^ zt5a-_*N+B9i$NSn-_!n_JCBbWavr>9;)ip_ZsmhtbJDrueL)9s_2#9?IrZ-|By#}{ z+s~JN8;FiROqOne1*jc?N7c`OAtO8C)w7k)dfmot@V~G52K>j5ep3kirCVKtESiTF z;9zVZhbS_fhnNHf8SN@8#JG4io#zpR($rEGxBzrkX=-+6zGrL?8E7j5qnusDi>QP9 zP0HqkJ*}&X>vO0jHq6pc9RIOogN!1f#_ClpYip+>pGs#IZUnNBx$<)TKdgpNrgNld z6hK21kcztH8~eb5C*fN++}drxti9t9eE*II;l4+f066_(;O3BWxQMcyiJ>cnL>8;K zVKAda{rio#!vha5dRc&f>9+W}HE`1p?@K__0-&bK?BV1=hy^1290<(WAtt^ny$-bR zD@cfZa2Dh2kZ7oiZqX~x`O>_P(!4LlOW3;QWydIDLzIr>!kj}~5vSr$ipWrKXRtEu zW>&m;7Y3oY#<@csl7wPeLW2^Kx0G7VxLgyT^(xr_l7{?<3o>zYVZi`Iln<|T zgW)oXeiwB{_a=FxIs4HQhUW<)^?1qcC3~-yLEcR$QMPjANOYQE4iY84Eq9LbUf$<|EGK(7Aa#nHbHZow;F-0X%G$=~w=*HJPfbua7Do_f*e2& zf4gzhPFS&O3oL(e6KvSLQx=8_=~qQ)Zhrldym3=~E3?ZWp9eYN!oxUSN>7~Skuz(t zThAu)ptI(o%@(w5_@abWdWbHPQ@N^Tn>k|&Ty()a1D5~oCq7v7zC$bU;%ArJLnplm zDeWNw!&kL!S-9sW?Z_Muv@3Lgs7*BtHUWYiCQx zi_q0|(2UtJL(YNOl|2672s~%b0BCH4SJl?q-T|#`9W}pSGXTT(#G+^9GL*Iys$wW9xTl=A zSqio3dl3454k3YbOoo=kL3Y7K-OHfZp!_|Q_Sq5S@&=Xlwtt_I+56fLHtwK)4a2L>^!JYov5sB>m6kzjF= z(Dr+MH<*9kcK;(w;KtkTh4zkv1@WmS5rJW8lXr#nO>h96G!^{T%Mkoaw{1K2z;}Om zKfJJNqm3`9FvF7|dNd*>7kc-!XGw-juzTMQSu`3kg=Zh)xg`~=^#%wbZdxj0MIsYnVoy(6#d7hDT8u2K0I071y~hecGAUlnLr)f6P_*dA;s5+Wj2P$CJOb5DUKxOkpIci6ysDv{l28sJClILG3ViE*(B5_^KL;_rA&W1y%uK z#%U`ry&8NdJOlFjr$?F8pOn z$7(xf2cHGA#$K7n+`I}@`o3?UelYKpH;TUrT7W-)_`9&Lb$9Zf%mFxTBi9|%1o_41 zJK#{8)B+qd6ydb9>RvVAUsjCh=B8PI&n;UOM-Py-wTsLymz*f{6(q^ZNuSYN?-PoF z2&WT+81Ufg*}032+8_I{{*5CmxkvexumH8}hKLbSH}I;S8K?@cxW5$hSW0fubDf+! zup*trXN?)7=DEA*UjYWufL~ZxETv3VM9xlWM_oGQKDZ!&f0p?-c-V+;17>SCY=>{& zau;k#SZ)+2E|8q+#L^H0T}6K=InHO8F#jHOz`vfH%dy%*8}JYAd>DTHyTyi;YEwQ9 zghT*R6O8NLSQOuKOf?<8S_5!k|Dn}0Ws2p2-mz)IPF|4C3TPR&RGv79F_{S?p+8A2 zNe>M7b>tXDg0saTXG!>M8geU6q=1s{!>HxInS1&)_Z@+;ckhEs@&JSv zddSiA)AM6xjQ;!{UkhjMY15o$2&(ze1yEMG=E1SIs1^8Up%pk|%Ap9Z!tr?9Zy$OV z+Cn8w+!)JU@?o+Zf?vLBa~VujTWB*Dn#EW{H7A|qbO{kHNK)%|*KZ$9UW=Ek$X-t` zSy_37@0Tb4rmw~9>!+VBeeb&JEna*U8l$|dW!X_=hYs+ zRhHs&qO&;jpd}4V31e}3EC6BMwUj@jIe6y#_j&~@vf3lg?#YxGiTn^gyI-V(GAc&q z97ZL@3S3;n5k0qJXLYLpHW^S%k*Tq?9qw#}hhDh0Cg3k@qlZj_8RO4<`RMx{mwnd2 zJXHJKf3OSyUUl~8;xiFS&?}b`vBkXhgWI98p>JZsl7M|IN#Nh7$;0ETuZNcQZ9Kim z25hDYONZY6*CjD0o>)yE{S)DTnn@Nh3Xha zG>tR&{p3++u@ztGqZ9<~I$J6S7d*0PxzQRVlGJ7` z`I6&%5y~1lKdSuUw{N)3W&ZW%T#n`T*i$Ru`v15)(*@);T76A8Beo_a4wV=@k!0B` zKy6#|2J?v{hKv#M9tX~Hc^P$-6w6E1`maZ&YBfd^C!)`O^$1U>G8NJZecsF!Mp%?&Pv#R(q1L}EP#jl zcmog`*n@v{0J1<$zx6v6ejk4%ko4q$3Hay&p{Gw5(?_*NwzRT5{%oG_h?8ZlX9}E%GIJfm3ZKc^$Q(nV|V0 zA56eL7rm*IT~7wOV77K4)QJRHIyRzycHE&w0x^tAtd)NA;0s?#bpL88VvQd@4Ne;U zngr-duluod(ao-wdT(@})m(m$<39Jax53=Wmt<|DAYgOf4V=jFJ}kYb6UhE0dSJ*NBFYi@UAjYRM!tq8u>05I$(A=hRnzyv7#rz+s?fTe)Pcg z3HvYI5+>jy--RhtrzMQejm^uUVL%5oG<85{Yu_G3zqM^cnufz=^FInde&Ac;=M$zN zwCqJ#|Kf>_b|%=$t|(wnQ6~R&ws=URZt9 z!9Tv;b^lYaeP=Vg^Ww9if8RbLE=0N18(4%?)z6w-=hrrD-@fsOuPE>@-9k(7W4~Vk z7tcRkrVVQ389)nTiKz@aiCsVNgxM-zY}mF^99N&lelRk)0DC671!Rxf<~0=&Q@+N^ zXCmfqtd~#qJdk!lM!R@+bG0fUI+FaG>}1$(a|#p68IH2}B-6S{-V#FLF6WUaJ}!`# zN|9+K$|L7lyU2=CUHyto5av>6R53+PVseMGfI9e4h^??ik%JFeYJsM$Qck1>@b9q+ zNX%WRr`df^{@U*?N5_sQGdw_F52|XphXtd_XK_XfW2u1tS%eR$oxf1j`>N~dAy`0n zPrXISOf46SGk~#@M zUU4h%{m|ZiNVE&3PEeP>{ap8N7B5``x83=0q@F@fP{~@QF=!Az1It%$cEP-PXH3s& z$5dU0Hr$KWwnG_9L-`56EEm@w{`9xffwvo_0`7;@?K#3RG)mcksX%x4830&K1+wt4 zw6T0}Vm~+-S#VeP(l}YJm#>gasn#j&U5~&c@zO(?=?0l#u@NdSr zGhyoJIkju;3A2x5r?qz?^!=*sbALw%v>!eUSDyV@SG|J#5MB({j3FNkKo0Ls?pOal zBUlS?Tn8}y{nkBC!^*9984XAk>_}$-q`Wl_ayGY4OoW*eIIIASFDPgPRGDrXXDCqB z@XnEs4~)Mz!k9tx;nZ=TgrWUsOI)01g3fb0diX^6!#97@Fz>?l!n)rlhAtTp)z}kL zj_$eSP8>4>wj6oh{BG76bqNr7G+lXXKhC4%0^GwsfV%odz`6$Uv&Wx$I%m!!6=tzo z$;-qod<|zUgGAP14kCpWk=Hna{Y18@CDZdJukle{OOhg+Fs$hmp##`?q>cBvrXp7b znF&^jee=(`|Dh-0`Wt=#zgzGm{Pi{0!4LoYZrHSSS3L9~d0j*|Tjch0BapD2EZTyr z>j1bTi+GWtJlCw`g!J?=C;_q~Q)nXZIu0L&EJLh(Vx1OnM_>~+fS}(aJc+! zXP22}&bD#OOBE2XLrg%(wBke%QF<+3y#>B{{m+c?N4mY`!ZV@R>8B_d1n`s@_`_Pg z6?mbP8?OA_1?SF*IwJ=V@8(Edo>kO#Swu zr}Gv}XR61Zb+#PaMYR{gpHy41$fRYc?I%$IKiSMn$7K#8vwxNblz#b-pZ<8aT7iFf z$31r4L?8SyKn{5v1QGxZDh)ni8buDA;OOw^6q$f*E301K$v=9eyd}9vhgQxB+~GH( z+9FTebZ3z=MDSUJWHn^cB^~qjUm<*+22|Kpeu+#CZE3S8vO^gp$+vN73$8`OG>MQT zz(^J_jm^EbIfEkK=RfJ_Y=H-teWj+cK4aV&Flz9GW3IK=bprJLx_Y4RS8bnr+FKLm z->88T3+21X5rP*k*p;6h=vbGGoj&!0qPl;v?-#ARIg1yFF&^EPb40Oz=2)E7N!AgT zmaidID?o;xkS8IotLhlnBZ|%G>Cp^tIt#`Oz5wd$`w4b#+QM91s6`k(Y!dVvfzUxM z@>h+WaOGK_O-xjr9YB zc35-!ivlnJH+^T)EW9hK;HLcU;WGG_Zmn(Y@S~sJ4cC6-R(N#LG6n9V%bd_Mr>X9G zDxVb&sej|ZctyH96>Ki<#&zaO`&zeQ3w-`d*C*$|x4!)b!054)j`|}NTyFyi`24C( zmF7dIkddJoOn!$mJ4Bq5U&J5Zd5;VJ9jkLWW*gJ!bhtUrGlafEzt{4>#sIGqr2A>! zw;fvAq!anL;Zv-6fRF%SEx^jr&70n+01iN1jALXZAt^w)tP+>SAr*>d=~V`2WiofU zMzF0?cUwWHL zjT|u;-txvXMc}0;<0%m^@@IEH3Dus3xjkUGq zW?SXANFt%)nTS;1v;aRMBZX9mEj)6Rv@yytr` zY4~h-&l#VDrnWi91tit8XSb)t3cg8`$qeuWGI6nAaZz`o)2XO8BP0-rf%331h zn)f~#gBbgj$z*WzB+5G%5UC)}(#01Ek_)Ok`le=RmQ?QCZ6mTl{U!=IiPnzI27`2o z7{+xtzOCD^8Lt1%56sVltL(tRL*bYAE`;yhaX++o9A*o(Nq1Zw!JP42o?}lQJ+B~b ztwF|$S1P$;Y31i@*KdK(ec1>9CY>}B>gwx{Nfh25j4$qZ5bpZjBEh;OCx#*>55pU^ z_4s?>kwx(1pZ>-L|BmIk924{}EkIE%eO0_~#*uRo%&Ax#Z2l*!HZ3)KNEm>?Oc_%E z3$^7{%wE_|d2YRylo?>w3Ba%;WTtwe(C?eWp>o9*emtZK92p?Vi+vjN0)b+savEf- z{^EI0mG&5zM+!&Liix&LCk@iLm4L7cL_={*t=l=Y?44)cABGbDN#4`|D0S*cRN}=4 zi2z?L3#`Q%fVoNmNUaHtauWj?YwUzA$ew!*&{J<&fan;ys=c7G=&ALr$q`0U!Jg2# z0^tRnBjF?mvKo_7?YU}b8h5$O{jg#Fd2?XJnyv8Y!sYIt1wb!o1%}tGlP4q$yOF~N zL0f4-*|>RE^7{Z37H#2gE`QrOQuC*ltE%meMRm_Hu%zJXI|1gMK0RsQ^|s*1`;|{$ zS%TW2>BO-xj*EDlZ zB&t3?mwvW*<9+bxi)9VtBhU%2KlN=1<1b}l9PgEV<&LMaub=z<5jbro!SGRNK*07^ zg5A5QhpYPuO80w_k7x#9*dAZ>EL?oi`AXtSTHDxhmTz4qg~*+2(Ot9oM@dyZcV5;% zRQi|buFIZUA1PNTg8q#ogbv_=gImo4&$DbqnfB&}eBRmyux|Zk`0SUzVXpbG5u=5x z?6Q>`;fB3;!w24d0gN9rJR`brP?o&wfim|SF<^WR!7TalEiX8*AS#;=OXu?W69E44 z?a@WcVeN(;@Ubf|h5r5efa|rF$}VJDYI>$cc;JzR@a-FJe-(g#vW%%?qa4dq>w{w) zCD>_3KZcBKVAu{G?toRBml*J`PoKWIR;Oa=O8ibDBUG@)kV6p8RyQxLVL*B=frAQX zB;!>euZ{;(Vr-R8?UW#fr0{*Amy}cjZM0V$92XZf^C}4noSq`{*)J~?qIJ{o;Mi1c zTlXZPBRWoLFn**?Bb<@8WCdb@R9(v2d@6@fiC#zv4e?5m1RSXdT<*>@*5eQ$)(Fyl z7!g&g6Z*so-V0OHJ|kRlO<)777m{0V+uE~EGSMgnVu8i6Uhhc+&}l&Z(JL>G>H+d? z#p*2yP#8=??tSQ4Sn=YPs^DJ$+WzY5w^>pB>;yR`>I&dk-3SwwP1;*9~he=R^rN8mU*%iWs;Cn0d`1?Qh7>o_5{nC2Lg6Y zlQJZZo|ImQnA>_s=K*+N*_W$cw!r$EJZkp;==&A10Ks09Z7nT{`A3#uJ8^`ZDk1_S zj71*)s-dng)YtWmn0{bX2Qd7%wfSj@ws5IsBIZVpMh+!&B~PCRRZAeOMffBI4#_bO zl59Z3cB!U6;p8x)Pa{^DVCR^|U*W&U*8D7cThMU4?2J!>w2kl-*^V7c?wL*ZXJ2=` zGz^}8{0QvdYv1|W*Vn_~p)b?eBXZ*imAp?kUSVvTHsGh8&C@t$Pc48ylpNyd>H9XJ4Eca+Or)?gaI*UrpARzAGhn%S?<@cj7?0N|l5Qo)wFpQ0MSJiqit zPzwIFwo1S(Xv>WnXWL6dtLqIvxCef}UFKh7pFYPOFbmh|Yu~vO)^6M`k!KOxG6rB~jFiXB4=u2UA1C5mjwS>s z3Sc?};(E%2s>?=3Sg8H%IU`LJi2xQX`6V1W+#!zTHPg;z#2*s)K#o~pZZrUK$idA) z4A#L~bR(grm$x9-HPoRWH z6D&es4!$S|){892Mk64VO;X*Ja?+A(1!nmQ)qyxs+iUEL+)CxZGR-*^`D7Ej$}IAQ zh=U`tDG7VF=Jq&ou4Q1?{*bHomh|jI3zvfbGl8fY4$MSVG98a8a_7^9Y(dr>nSdvt|)TUwDO;=I?+fp@+24K;sma0OnxWVv7i zP*JgjNcF;`au5=)Gw}gSmdKmqQ0u>S4=KwNArdPc2s@0}8i!60OIe{S1KiM?MdjR0 zWSMy+^Bs+mR2j#W6^5u1cu75_qQ6e{A-xWVypDsqu2WdwCVs8i7T`GZ-#@N2daX9)5e^39Q6IVPJq7O(c5R2Y6lL+AKMQcfLUYCalO{8C<2Xvn$9H<~kWhY2D{YO}D8 z(YEWGEP7{^X6xZ45R7aNAb{l{*JL1t23rpMNi6f%`RQdGt zwj!(ER(-HGc?`CX5EnNy?{MEOul=a9D$0;Q)-qcwo^L zG3f$>G1ey$0JyJz@lTXyVb8X}`1|`$z8Bt5`pj7C2{KeLor6E~SMMvc1-k=L5n5G) z6S#%;)YOn;;K2Spdfvy69aZzb@6)v^kfZ2WQII3C=8IGi-*)Z?P>r;Rs` zkG|ir+vobdWdZS7W6t#fd^ef#J#8frCe?|%s{We_IA8`X_Gb!c9SZV8EBe!#-2(~Bv$-UfXJ=`TR;eM9p~EK{cHXs`?_Uq&a^6n zfSnN#umSovy%Ly!ByyRayfg!_wY3eNdwwNba!~2U>x>wcDIzK&KrREInXA^ADPkH$ z-ZNAAvo-=_fb4KgIEg2xFKd{L2H$DD!Jp}(mT(opG{M*gH zfIa(K8OSe}cv5p$~wV{du5u^y#Z}2t$0#Fv%a-n7RL~i##x&*#| z$Ai#*@Gz*rl<5~%z$~pR&9-49#+>kT>CKz~5tF)jy6Ij*-NP1GMR6xn}+L(!|^W=bt^d_G-hS7C6$?Sy?RGVa>Yj zFnPi_m^5KrO@AN$_TZrd*+mL}f1sPk&{6vPBh<<6bw0uk;}eyma_Jfl88jfNnlv^v zKwJAEINW(8(SVzO&TM$&{8OEUPA{aWy8sGcQaQBHB=p1>e7URhxG}?E_wJTbKvoa? zTG|o@-u!cC!TIOT2IQxOidM@mz{uf4l5+|mV9@#7x4$hp*IKr)zY9wH`ty&x1QFl)xdB)|#ny|rG46oCB52i^o%y!~}Bbnt-ujG3Ua zSA$CD!ak*O7J$g`IYWjtCC52x#9;FZOu_fRXMSlP1G8&0ZtSSi^U(%<`ZSi#{iPGK zq|Tf%8Ls~0%aVV?IRzkZ)tZgT?+zSjGw&Zab|if4!v73(ZE%k%J+8m_*!y9`h@qA0cg`OhF?=Yj zE}c`0^S9}7eeA=RC-2jXsuH&p87oXH0>&yyLTf2H`N2_ijBH3&VkBU&k$$2AlOA!v!T6dFe_N8*+R7WGiOD}TduHRLPf+(jZW8R zb6~@c5k6saAQaVt8Dqp*pp%t9Fkgd3XEQRrThSNIUDR0mXQCo46M-xq@H~ABeB@Dz zx}akAaqI%!T3C7C_dWlQ(9*FjIxGkD9RxGS&&}@BantuZ!J2|cW1k(R^=;Me=H&fX zo%6Yjq2sN%#pP40-?^vlxl-)aUP|(Z!M^tOS?h7iRP0jU=l|v)<%}^G!{GkoU0gaI zD@6c4R3l7-<&m=^1N2oZM58>GtQ9|};Bt*2Ok1*qMoxhPf^#EU5ABENw?2}5y=l*K zIDh&TVs1_6-+O-dC~V((bl3EHr0h`pj@l3Xr>`$Rmwg7qj^9rQ>dGB|ySf0jZ|Z`P zW9v!@e|{2y_!Be&!|%Gfimq&kw>$IL{zwpr!VJ|h5u zlP8RZ;X|#vuedY}*x9jvJ*?jKbUBV4H5bMXo*KPYPj5o;9Pzq44I->xvbyj1?hV*|D5FO>|eyL(n)m5&j>$HAouV$)KJ_v zEwxaHWM?#w&XN5NwP>aGQ_i&2*ewC*G5Jm;A3dyMQqLQZ1?VhNAmqvvAVvP2WBsGc z&KC%}c}$!ZRnBsu!f+F^svH;0^)8vI30BbUQNsqqCqMf3xacp{UMUE`*Q^A9D{KD+ zy}$5h$-k8?7-tOV*CzqgW>*YC{7*L$+M*H|m~LOb<`138CoVck&P=WKKnL^-t-u$S zUbd|gSsxE(iB~=erlR|^W==?6SHmTV_TR?MFD1q&D_-1ez|R0=hI5%RaWwQ#S(hvs zC+!+#@mDqs%fFmFX>_?A`0WPC0i(&nF3#Wl*_Bm5W^HAlMyfeBZ=uOWg0TPz2?pY5>z~Q*FKQS9qwLpDed4O*Rdog+drgTzf-EGT+;_coKD_HK^D}FEy;w_(OI8U( zyKc3XU4#foO%4cCxrQ@Oo&x{hSN=v^Q?rg!<+?|UL!_RylwCt?onQ{MMw=6qxHSn( z$P~7+At{-2T&>8KQasM6+@uv-?}n{=o{obLbq#RJ zgn3X`N~!~!O#)vzAjSaD zbNF!C7$mU%0{buBf)?Q1*Ehhz1)VkTFBJH8ytMzgCHqOS4tsw!>l*vRkwdN7_e+

L-?u@Uk zdoF0!F_}1J`rPR=oN1|36k7q#5y&5lY9@$0TBqpROqDC4eNotiMZ{4}FfHArlR&Wd zDs^46sN}=mnjEpu|-oB_) zNk(P%&#Dz;xMAOb{9>b-I&QSGYp7cQ`8fH zd|Z4db&PvhOunooE6J$bA?jYdEdJy=|%1Pm;|ljqdK>SeWcOU#-% z4W>+)0>4}EWOo;a9&IaDuZ8db=vOfJ%u{={v%2~|a0GGyaP9g{uw&P57&Cf=#LZaj zh9=f`ickRH`r;Pom4to&^6uZkAN|2QVf3gGEH992ArVE2!X6l|ND&wZA2~appD8K5 zK)GI#SeL`KD+2#|t1Wlm!_UIn4cp(}U1Me+;7TYxw3TkRI6O`6ZHYYP4a z;}5-!ojCPn+bSEt(*OSTV=(WG>6K8Dvhh>yB&6f=j2{1u1OV*E*QyZ2Ohk=!u*uNN zpWM7}JKW`fe(Zh%N3K%Yn+$SZ4ZC54Mfj-0Xa$n@`~)^z2+0M++S;5c1Lu+L(L z5zU-*0%LBL6iqU$ubF%cDusIsbP7!@(g#CXD}`wPXZIFadmGmulcOKOkH9^q1^bUs zvU6hPGj*Megq=AQj2s(6v1oW~Le7cQo~dirc%HcyqMC!$zPLObFhgESD_W?8XXU8y zKRXAXs^&oGh&BmvTk>n`dj8k4?>9Cthkv~5 zJ#g>x@5SfPqvVm%G-VeIoUuLo`2Y3#uU4Jof)?P@k6E_gj5&1)5LoMW?dSdq1`TRD zZpgy_yX8l)W!uhPeMWs_Kl8KamaR11bYyZ4Dp<$l3L)27|8Lf8*aV;X;=jWE4?O{Y z`ialN4}WqOv>j-dYdWWB*J2nb)?|_kkn?=j*Y_7XfNcl2NmtQWd{+q&1L$|{*Kayz z;9t6}*{~h{?UrA_)*XAY^Wj=*sb24-VL1bE%ifjo2hX{j2U?54zrjOCysV+HuD&n9 zHNUt7zHraw(A>5?Yh|UQCFB1x-!MAGBFM6p=m7>pazY-DQNsN5z`s7FdE^aez8e}F z`?I`&M`t9Yc=F=AoExgnFV1>uBu2T)UgbE1>|-P!5c1sSKpa8>a*@5%f(w-GT}0k4 zww5ce3XaUl%SpyLkThybQecoWgA4|ZfOL^y4p6Bz2s%ab)QVU1f{@f)ChinkSD;;- z^Qai8q`?wB7P;vI7DYwQpzHaAk8m`2!|62`Gdi&xgH2nvRsEarz%}pRo*~?bG8p3* z7nLmqY9~sO0V>xyj0{kUC6#CpMAjI@Qb(vd_+1Tml$zA0>W}Q4A~`uJ`afovHW!E| z&seX9dB_X;5scduDo|UybZYT%{vZmLAxArj$sihQ%_`hHaAA0P-&hJF5@+(^I(1rz z(rMHbf4Oox8zs^iN+%o`NtGyOTrHSTIk1c3`JhUTgTw-o5}b>XaCytEhm~|MB|$aM zaSP1Z6ugXM1f`@OT{d4LiN_(si@?{=DleQ^AY)Cwx~}%hV2mq5lrD3bTP!jTy&7Ly z#M-m&C7Js38Ad}Di$~{gJptfE=^LKZNBm$m-ZMO%aWGz!Ynxg58MFHTVK|$+XR3A zg?~*rlK0Q|)ZWop?3aNH<-FNW}H z-tV{l2Jr74um2E?7&4}UqS*!>w_l80GwouKhHPk_$9B0Ywjf6+3Lbeif1RRNE!^c3 zO%9(Bcx5-@bA^+2qYPmy&5%qz5I{4mQc_cvHZVc%jNZTrB*~11h+B5H93 zW?kE1ZP41j7h2kyVNc6;*u8%%>}Xz}d>sO26jiO< z^c%?_3Ze%UnHG+5(L;xIQj5m4h!@GQJCQw*l5b_}5Tvj(0yn;3XgHcgUM9<2Is^?2 zlO>{LbxLBoq$oZERKUY3>Y!aDHQTa~QfMlkX?riGfd~WRh;k;3m*v;8#@X9V5)jRT zd}-27jFBjC54pXAh$-tgbqcP0 zPdRX;JvM3qpo+=~sB4_$lE^BzQVN0V*)$*6Sm4rKNNC7c^X%Lu6lNYi4@5v&t|UdZ zMpZyVqMBu)P*+$eazaj^RWLL9sBIC+l~dAjEP=dKN?GFL@*$w&XfndqRO^MK zRlRiMkKthF0rw*Z_8$rpM$CvZ-nt?nm|)peV*zrO9aLx89hH63@!99_fzx5$wEqk=x`EbbRW6D_EKCw9c*gg$I%0<*8`=P$Bu`1Z-=>U!xcry4FzAOgO0_q-sBE&z7 z7}!P-$7Os+rx8-A2C-UiR**3kiMAT)?1-Ab|cIhdk*}|6%Qtiz;t`*z!tdW zu}?$u{7b;pVIyGB&@u3@H{A(O1&|A67mZ1{HLct%GAJKAg9-B-iP>u*e~Q3;F524K z;qSlvjYRuTgMWef*Vx$SnBD)M{OZx<)zN;4wKe7!nd<hW@J2LroUGfmPgy&RsQTc z9c++;Hu0~JK}H-EN)xI~BMWQ`QNH%D{>Vxd%0s7Xez@2l4j($WH251}V-4)RWRd9D z5A6pJm~3zQN#o!xZ<-5(1|jU-za91+*a-(Z_9pKS58II=hfGe+b%ywapHDsxeo!XY{QhaEoqsl}$}IOF z$nh<7atpGKtE4kN+qz5CwZ%JN8ff;PFW}B~uFxQ#whG6e1dTmVK_Zb) ztoaouK41kygP6gAx3E|?ZoUZT+7(1mJ8GAi5<6@$Zxe~m9Ufy4)xuJ>;R`8+auiP^ zDqbg&^!$x}=t4j54tWSw%cV%|iV>;vr%K>s<{9WP zj7-d^h9z&2)N^EBgd)k-WdJ>*9M^;%|5*a&=-b2DsU*AKvS{c{j~$(@@Z2V!{TFoq zP8xlxV8_+Mc{Hogm;G(D4aQ!bPo@^g63Zg{2M!AYWDpPf3YBW zwRarOpE*-mwt_c`oMLiG&y5(FQ}w~ly{s@zq5~y;jzX*KXTRh#|BjbQMqmL3gODvd znw5Sb!h~Vc2t-^ZP1GrE!R^;${)KxoY{ckS%$UZmzHs{ZvawzJ;RCRA>%-2xg|Ai| z5Q@y9q=}B#DkbxoRhyQ;eNX+w2mfC8q0;&|mc^2&*nTAQ2gGg=FYP;R2R8%3a@QgG zOq2eeOo~S+K|FRDDylqKEkhwELLpM*w!BYRma@$mV{V|Hb^rL1Qc}=2W$IW%PD0D< zq}&V;$-x}?5oVMlEjPzN1aA8-yprZuFdzJV>fzEi&4ne)*1^y3xgXv*|2*j5uk3YlxU>AA97_Kc4-Sgu#>E(lGdjU} z0VhDr0>G4_s`FaIs=?UP<+r5?A$W4TV3og*`e^RtoL3T2+`9t$vZ&}$k+EyeFk$Uq z6hk=4YRFrtOoBS-mdEu$pmU57W&7B@My^F?TPF3jKrO+HMMD2nbsk2g=N0piaJBsT zNUKWsE@%f;qYLaL#gZ#>rZF~2dab;S8Hlml1~OA;Fnq{jkp-Hz!mi0PS>e-N4+U7Lkqp>aLA76Z=eAU;3)9Wj9d^h`yR zEH&A87@tT_E7kg=SQ8NAUEl~?E2g}jANg2$ZqtvV?7x%7yawv9t^#sF?e4dQF1jQV zPWQb%bQaF{|MJ-9MRPs}gZhoju4e#;f@^Hhi{oQN7IrBskMp>P+vR!FN8g6g&`{S8 z4j*ZQ`no!)1Blgi0LKkI(_fdg&@4p87N9Zg%xL5(llD4E>fdNeq?Qj;)}J* z9`GE?$!Y7d=a~LGyL5kNjVayZ9Sh+XOTV4m>vU_H(44#iywJXDFtqO+lKk7*+7}L& zUV00x!GRO@z@U?MLjO_Hd3XQviKW*B@w3l-`5OTBwXv`Q__zGoPB{JS+_x~8g9Jm6 z01g&rf!XtOJk$K{S_+bf04A-#Ksozy>9SSuy0c%K4GB@82PkNJS6cPR4WRP*d*`m* zF8DWa@K6E%rQ1_WR>9UCyWs=xdIL-xJ5n-vqO#DWbf2USnP*3jEY3&(KyO*8tXFM; zEmy$&JDw&PTX!_Wjkn$d?|B={8wcqI##s!AS{2*ooGD4pvSo9Mlu55@ynZG$1!YiI#^Jh(5(+MJ z$IS^z<1|Df;Hmg5U{>W$b6nxiYj7fzCM1Yx`*x5bS-FjVq(6KGpDX=C)Bw@8E$+Cg zc^YIOGZE+!3!O5DOcEd=7r5j`24hDJg&jNhB>H=k#*eEC{)PT`eYb`W8w78he_HZ& z$KhR&6sQ30fFOA(JzM$Wpbw2En$R9&)wS%(3P+rreI~_MSquy3J?^fj!5~j+$eorV8`=XPGp$q)F zWDP_EKbp~Q+*{>1K^IY{f&i8rfDD-w0%YyJI$-5NNdFl;Y^9Yv~Kp@m06@r`n*b?T45I1u)ml0$~vG+*2`z>#TA7`9ML!mIIqV zdFW!rx*b@KVT{+>G8VsMgaUp6i5G2LfEyJ!g1QM^-zqY`Y3P8_`Z+f~@@We?prYX_ zQEP}eRI+BvBJIC1L#IGf-@z5e96;1X7pge!GUwb{Ty)KQd$Las;+>#NO2y>h_gDsc!|VV2 z^XFk*#{VEG^Mb>qw%EK^nEJfPXnS%G^-6>Lc0SDpbiR`lS_AkO@yK zDotjT3K)eJVA-7wy2V#G#Zum{uZ7fg>$s3IVW3t8&lIF|mcX8I+DS0`lu7XG`xn6C zrOV3Izs^I+zz^-WL5FYefgP}?WgG0=vjIAf9E4gF)sP9p=EulUb&~z*k#VJ))RZcl z`z-6G;M~Dg%6nyWU1J^R07%tZrqk<;TF(!i#yu_1NzrM_^RT4|DB+3G5TkdO#{??& zP1?qp>skqIFyxv!u?K-n&EI620FH<@)eyQdriBvWCv-Y>2!VX(3*AKp@$g=@`|`&f z_4i!I!O{HV47$v80%Y5DaW5>mZQh>wh_%`PzvbNYL#r|54N0#xJ8O~SkP&Y-_T7y| zyCLu7jF}gZ!$xCmoGxdCNP(B=N_X2Bh?G-mti4NtnOYt7A`Ba+~|Nm78o=jKQ; zg`72|G$&EIG4r-;O+wDQ_?*3=Q=lUzx8c6bMO!9Mr53 z*HM}m)>sh8lxd%fX#WlDHw4BEne;#Uem&ghDdXP`^Jo6Gv6h=We0Fw?6BZyur2+Fh zuXHAeIcbwBFb?Z?Y69+c9ytUJ_0@F%(|-d?aqN)Oqc#u%G>91LSUCup3>B3ZqFo*! zHTN<@C!yv-jy53Kq92!JaHQQpmF2b8k|Wa!RHd=u;GO}nW6^Y2`?IrP+heCd%lc6X zi05s6hqh+Gpa%aE;BVPPSpVy}(6MXKQA?s%FSBgFzykCugQ`$^^!-haIjyixxdHFk zwHvmVUb-M$s1PEG@gSsj(seX|exLs0za{Oz8vLupDK~&z|M`>q;1~Bkp$zZ9y;xc6 zoz2U0Jz(Ta8s-oVm@;dGiB8J=^T5BCgGt6Cij?OwP9hAK*}qj7R9WrAqNk4z+I1jKMMW@=HK7} zL*tTCD3b$B@f~!O>5*yq)iBi+sD8=SiFMqN>X0IaiEtyU%u0krzC$7?HgPWTg;CuG zM3c*_H{{X?Tz)_;Fu}ewQz(`a0 zhFHB)7H)ZKkxiP2a$#0Phn)aqSPjI)Ur~V-XPtR+=~e#Gj^=eE21KF%cPC(Rv5)#l`5G&01^f!>F3yS zMY3YWrw-B$)@;Her@q1yIYKrcK<;vt-FK%NNVam1;2i^)IYnq;LWDI+&NV8$k*b{s z!L5>k;|dC#U0~RojJGPt;6DEgcr{S0&Ip>LPcGeq#M~h-pU?H>4B2c((JscEt%s7) zX!{1r$1=AMmoj3JN&z7cUkP#3C_d zb4_+H(1{eux-hnG9+teq*4T6q`j0LHeF5;R>vJRl00juNb8x~64F9%n8CC;l1d5%` zoo)BdvNQ1TQFYnR5*FYxh_e6*L^0--wAIyH@HMaiFMG$uYQp97v(8z#)C_wDDmOfU zf1&NSr{Evo9$xr-!U+76_g@12`}GB%t4Dq|tLySYuU6;ow%g;{uit3eeqS!&U%G{s z;OqYV4*28uy$NQFng>s=zbpB9FvQ@@IPj-~SH%{F>xcp4682xv0n9rV2x>x`Ua26U z+h}D8N90s$oA>R2yPo*I(fbSA%t>d!g=f4QO!(wqR7W=`=m#shc9D%nfZ$j7py_ z*GJ@rqe!(*b`+2IP%}gbM00sGU__IoS}+5hu3R#I!-sH&3Nxb!({6{zsNM|vMh|`Q zKq*JEj%?>(ys_1`tMGe{1jR0!!YD#xYRFgfETJZYfMIq0HSuht1WTQCA8S!t;FJg1 z;LkME9HRq{1+i#ex4asF4KaS%W8jMllw*YK3@p-F*ou{i!rvFY*Qz2vZ>gz`W zboF%|O)I2W6(ta!X@R8FY9%3H)ZG}u!wrz)V81L8*#wXLmM)U$a9+sa#CI+NvI_kv?iW3mQT%1ykm@|oT!R(*&;=DelasIYx|M&7BYS| zKWDPVAbFa;khJ5HY-U#tLUVwMe+Hofo2%SU@dKHOTlooO6<91t^X++2rKMSvl#nG& z$e(;YXYyxNwfAapRZE|Ew};IxL>y|#wJ9~YET`w(NGpJUEgja}YuvD@&=^|ff{e?{ zMc?lgqA56G_*{7Vng0?6lSU4lki3FRY+wMs)Vc*mHchng6l+l>hwRDYVd8*9>7T*< zX2R~yXDU-sbsfNAP19i7=!?s&pF{gg$F%}>9oSqtMw$E%=rb6m44(s&htGokrLV!j z5E6+)^aWD%l*{Ezh>P{0T8qSduhw!UcwRLu0~-$H>nj4dPQ+a3T!n7JV6wX9Q_%c7 zyl&J{NrW34>Y?M{;U53}>SagZ+>7eO&n8Z-ciDl}!oQb2Xi!%VSlmeYy?)rQ4bf+u)zR^`is?oIYh7cu_HUv70Dp zDy>}6HKtnpOJ7}o!}m+qW%bJ%{L6syjze(ct-pbbFPfA6Y{`}d@WHd?K*d+95e7Lq z7=bSr^C~)J&y3#BbtOs|7=H_%{iXZ4b7x)%^JZQsW9P!<0~u*0!Yl%XQBXnh?}70;;u_)JwMHR_BcoJG`+NB8LrTGn)Sr`|wi9TZ5z;V$bxkEP z8B;-M&$WBVrl%xwkA#d^Cvp+p3YcdU89Lga@x%Y0y)OZ>tGv!UU#nYcwH72b+5rJ# zkr1|64aTfC$gxcfHe-(+J7ZFIJV~ZZ;#5**vN#i09782FIALs0O`M9iIIdKAjpG>$ zI|j#qZM=XNzyh;NXh9&fOD*-8zW2TR|7ZK}Ye0ayE0=1dZoPi*F8^}QcfRv|y?`;; zht;qyWUH3|X<3aQ11fPrKpAC>#=+cSA86nRR~Tp|B(Wr3-wUH+81RCuj#kub55er> z+-B92p;HC~paBe1{NT7M31BgNv89mm23-N6eU?+FUcp^dI_uy*_irlGo9zPW>~#r<>*G{N-|YRreFYuB;}^V`c;>ek%=wLkgWqmfD70G;)I~EmkMEA?wXM2p=6D+<&X}| ztsXEt{~c}&pxPv74)M{~*Y})$f9vK^#{xX|q!s{hyg~f)4Rk!)`!!`M9TWiI?ccxC zue0wh~lG9wC3 zc2Wy^XzF4$HU9QvpQ3Nx@?F0-%pE@Lz(09>z zdUlU(>wvXO=bT7^sQaY6W*+wvlwWnronH=Hek-$&i%xqzEnBoA7sxy`ZAJ=_`VXAb%-yOlH$H5SZn001^avgqF=_Hj9cacQsUzQOQBzwj4rf z6`5YT#_>bO^^omDX4|K@F^e@x(0sgH6J3&d0If!;+~RKc`4o(j#y1)^5{Cgd8v!jAx6F!? z_5xST`C%Mm01)Gu6TqvOa11wX!-0?SMw7B>)ieb{7t}zeBc2?7mCVNdnra}7C`++rHrhlD=Z>c9>XLp3^P6E*#P21<(<~@ zvRXj3QVW@y)1{46uUgK;y(bOLPbcLHPqsZ@4lQKR&s~$5%~l+ke5-DBUrPjL$>7vD z7kd!c&WG@GxD0-3gR=q>NnZERqG_z}hb-bjfOw6bB|?x^N-%J^MyuihO70IRg0Eo9 z`z=op-I$-78FuV>oHjhAb&{&q-zD>oPr7!wkXdHr^-q~j^QNCfGY6N_yqPE0|2Avz z7#ipssz0l8q}{&fk@V*iJMW>bV_z|_Honj7#mE~Ev+q!U=F67<=GfP}U0R+bI7IQ{ z{N-0A0I+HUzVfv9(9po_9$QpdPgj}}ROd1{b-}nyKdL|1ZF!Qu^7E^oaROGc1HXRH zKh$59*~OKsuc_T{OG!-Qq|K4dp11!>&j6#JeWB8TMw=~r~tsq5x8Oju77B>aBVM!v*@Auz`p)LI=ElATmP@m{uTAl*g;~=HSqA?OrBm*g*M7HV1it0<7t-M1R1-sqZWJ!WNMrxsvG*aR zW!~R6l&-f8{F?|S882CKQ4IiAN7DxE44o$#3b=b@M-6yZ$53T_Vr9FCCSBiin^m5D zWwnZL-?fcy`oTZbR%LS9Ic5#bq07#C6U{qfktq6<%?|UNl7-b~y+Ckcy0}iy*7vS?14`#B=Gr8bl;%G&BTjvO-;*_RCDC2XGFhiF+nRUKwwGF%acnZY~ zFjQ6YhYh8{Dv`=-dg(cF)Zc?{m#Oj|>?byo=>i{R>!KKvyjZv5CALO>GH?u^LQ5P8 zkz$$PBi3@0?ZxtpLkzqHa0xoojk}8ke8>+a#K5Rewag1q=-)-D3W9hQY5LPuGU->- zMzao)AYTha$>t?R=`}VgJBXZN{K8?qdSw6r1L`_ARVHtS5dwZvOD#x1!)MT=LIVno zh)C!`QVBqLwq+#JtAzwWAT;3grT{9T-66)n2tjoD4B9F%Z0;eGt~_&hBS6{8I-eV4 z$F1EwB9|#US0iU;Jw{;XS5!b}yYQ6SK~3>VfauQ01e#FDD1{9O6VTWMo?_Bv3BPp! zn)z(BVv+%(x!k(u8RsVwxya%b|`l9 zhGTuQd1$a&VQFnK`>WL6lRB%=`=Z_!%x5$Au1WNwfttP4fxSV|OlEz|(Yp{mu;ttC za~94yre=+G*nd>iy&D`DrUkQC(~=|3rCEbV2bwMUBnGBTr{NkH1T8w^3_6Lftiiy? zpZ)=D-1bA-vg7Bp|G+MqDEfZ(GpF^>qDxQxGdga;#T3a*M0(3r3vk5(tiZpj<@W1$ zf1(D^EN;!plnAbm#;;MGIb1OSdzpSz&-sUs{gNJfa4{w%=-!Q*DR}S3@6mM|-$rXr`Hivbcn{5(I@^0qvDSQ!ncJ*b<*Mi?=dG%D zaVc;LJPN~x4l%FnC`O<*94*(rNHx*A?l!F-tu_Cq&&Y#n>2ZDZ*h9f$)D$2vF&R}A z1CUU4cV%#M=g3ByKGH{b-v94(*;#Kkd$xDrmXG{}0{@!hXTNxuKKkje(OZ7?LRzwL zIGd}5*{)&mAQ!VNQ~7TuIQUl`tCwC#pTBcf4Tx2GfLERN-s}dJ&Dn3JsRPp$%e>s;CNLz5_3+tt z5xJPtKuv69ej>vmP^)1jxWOXY1%(n$OnLev3XkfACY)4_-8eu>nhIMI? z-I_vU7QV->1)B1`M&1&no6f^ITd<0=Rea)FSfh-t-$G~V4jWo#2K6+W!6KML#9)w} ztxZ@Z1ooT6M0&3=GGk5Zyh$JyFqy40U5G%g5(EV!{~YPBd1fF&T-ktvB{L^${Lxna z=+#{rxTSIkgt5_@WTLjF(EzB?9ohQ9AdGyS0*!c7F!zhiI)bE4mNWrKtIU_$csQy7 z*q@i$-6DMiXn}Ml+g*;3Uc?3{gF$1)TlfN7$W#wc4`Tbj(>N-MNIGH`AVLiK7s3>; z=_}oj@|wY75eHifdSN6W+XDk46AbVX;kjP;-Gkle`7BJd$`PVUy6(gjlcW@=E11GS zKzd~H5vE<23(z2BA%$?2elz9yOD}$D4}^AfDh2~ z0X~Q&@=V0ALKTb;zulDg>2(`*`|r@SS#-qEa0bf)#@n13C($wUE};dpP78&arARfS z+^Rk>WoYbuE~I5+U)Aq#*meg!zU>FJWyjBG=ibfgGhb|dKmYmpijQA#F}>>4_tzj` zUa`H#q*6HUI?Go;Sp@)A$4&Qqk}g<&RSgW5i)HM~_%^KS4#p{cgJsi?v9FQQgLKCu zzewO;rR}$7;L1_Id;9x4C&i@*Mu1OI9O^_b;{9QmtVT@rj zNSo_%3&Dw$j{?O#wLxQT?ukRl>q>71n6O=R9w9@WS=gj0{xKq%DwR~Kwn7+*K-YrC zrRGkqDDMZ^6#5kU(8PmKsS9P~f)&)#XC9FnF-*E0Q&Jtl(zaU*>a!VPl9`~2KdI@2 zRa+c&15f*b=*DgcO6K^Ee;{wZcACyc*>1b~!Kyx6>ijkLj~yX-c! z0DfFRgQBi$(H5>cVn>io<+fPtXIVPW9(#p1jTOH@KR_4P?P0hS=MK0hw(iZEv* zLBVEG9=9YxvYwZL8r*p|iyj)0d@kf6s^Z-gUswS2%H_fB-gZS}0fI8C`V=)zP|bCN z%(@{feK-`7EP~-8G-5kayl{f}dW{vY;T9iUNf));E^Y_CQT!<~Km#^oo7FwDB%blR zd$am-Ynfg1n1fb!3D`;YFX!-*8H-E4x&;?@Pazwpi zQPc))-@B2X*r5g97tcM8M(bxY+HCRXDvSTO@XwDxVZXY87C!>Jnwg}EJKbESJCB<0Km3tT(ocWB&fmAAj-}}{W<9U>qtXTZ+`oLAKKGSxr+K0} zjFQ<0r|dIJ0^|tyYya=|5d5pa%LR*$o^a66#V5WceRuPHpG)nr#Lu9HFoBMrbOFHW z12bv$;tNIK8SD|0Mp^03Gf zGg@K_V_GW+?g0e(aVWL{VU8X(0|+i~L&t)M8YJq#odv&phhgYc+)X7q2toDt{{ExI+)`Rkh=wlBI4T(qvYA;zp?xk4Je8tS=mK`oq12~-MWx6B#EC*Ydc|S2M*e7B|8)_x_@NbF140!MMvX1{0Ch8;PG&!>Wl)0$8*!sa?G!Mi^Ag znR^3%p1)@qff2h+>!Q|xtT`GPi8)1) zJrsLxyx2?Ay+Y`hZM`1V7%egG$e5Kpv_%KS!?Tu9f8~r>x5Q*5A z&ONg>`dGR2avu+olpV-pj~!f_8AQK!)*sW49{ENM0RHHao9H|Df1z#-E=ngvi?gEz z$ntmA{i|BBmkqy`mdv?;Zu-UB)302+<{xVYU>c81N*|1EuoiT~ykYeM} z@1YNU{cZGt%fBMVF-&+MCVN4-r8t$i&6vUO6?Xq;qOdT{?*FEBxMbCC;vKeaqZ8z) zT7auo;Dt-28Av}pvM$<|IF5}b3V<+Ws`~!G2-D{EBeY=Y06nnb=d|+Jv-F-PI|#ai zzXJchar12<`1eAZW!!PsI$FPRD_#AjOKINRndSJs`^TRBn-U0E9e4k9TL}I=Ti4{?ry|!TiKBH>l;eQ;MeJ}0r0-P^ha*^JUC!^y@OB~u9 zmCj!U{zWan!?PFBMW?^M{?id{EH0rm-%ZzBk{V*~2JB+=l8QU`jE4-;5bRLRd1OYi z#RH1Dq*}ras3y_0K(AXx2vCF-wlxS=L$cc_EaC_VUjoqr$QeF?hJNyABFFYBT|^Wj zaRGuguIemHKH~M<&^(~j^tnEoU+)hwg_f42tTBivyi~tC43M;ZOqqf-Tbq^P;U%0+WVd z@0@s>_X0%;CbhtA;{oExXo5*lf>Tw1QIPN?uP7P2^RR=O5U$23GA&C^N={vjIT%}Z zjGCrM4q7xrfTz?T!+uqiza2OY6|e$A>Ec5`o!ijL@*oYg3+0{E?p3Va%e!+7#*t!t zqYbX5+_8cK4mL{zqhRq3-B>w-Z7FoNGTdxaHB(S{IMzeC0I4y>aF$ZqI>c;(4KQSD z5Xuplsc3LQF)$|A$Pkb&po?XLC=TWZ$6Bjo+-a!Iktp!14n8pBAm&@ZUhf9GBW{5OC&pMNu>N`V=P`3v)~q}(g<^IwF+qMco(_)gOJi_oU=a<^J&T5Co)*t; zQ#$wSV|Uy+CW(|3U^;quMGYoiCqTe2-SxM0*|^(Ju5Mm0m{i@Xr7ddsZ0v zAPh{n01pZZ0aM9ME1qYOsQU|O(7o5tjFpaD*$l&?x)o5lGgPm=N!BC4}atnhXwf892+)mr5ir}#To=$zHG5; zSCoX3QQntbfXDvZxZ%L00soq#(*C>drcR;bTlamA&N=pS8lJKE1)q-3I{-NMC+Y9! z9Q!(_qg>AGC-$Lth& zFax%>p*oe;B1*8P4r**zWy_VI#yOiKLM7`NrZmRP$v`GcY!^cG z#Fw232&}P>`7F6P1ft6fcF&0;W}Fz;Y(Y{x-x|;ueng_AnMo~<`*k-r8GCJ zo3`D;5wK2s6(a0v#1Z5s5v9(3k*=d0JyHl(s(Jm{r3sN|6U0cdl~oVJK& zE?h**7hYC>zkg&WZQcCoe@gmHr7POC3{uLC-M|1aoW=U<=4d7#(aFxpv}b7X_8=H<)gt)$<*_@nfp zwVlMf(g$2Kc6~L&uvx1SF%8P`F%@Hu(q6?bObAKlc8tMZd-S<1UTfkxsSS&)r@m;x zkrOJh-t^emI`A_6vxP?uWB~BRgisFg$M#Jb9GffI4fx5;2Wa^!qAlAtq`(7m5937a8ER32>$2(md}{w(+PgDtRa^PDs?54U4gd-j zzgzD73O%&(-tcu5@K?A~>vV!=`ADN4(--I0u7cx52)45apCZ?Co6y05!0{rg+COarcMwl=0E@8-`t{%a z`LPae4B+Tkicx}~as(K5fi}b8z*W$-8ik9wdEbD=V6)1S$+I36nuiAS#2F~)ZwB)> zB$w(5E7^J|fM}612v`FkR7i#;;s@zw*G;}z{7gDDlU%aGgs{6CSObSJqi!wKiO1AU zh#^}$$pGQjAjo^~c7U%O z^9)mnKoR~78HhpdU&aWeMjdm@g_vDd0CyyW)}>=BN-olNXYdh3;hDvYd}+OQ4<=yI zZrQnx_8sV``cI!alZFOo*SdGri;tgwIi0ZJ@*Y{Y3@i=k9^2dn20U#nQX}dH9X!hr zdg{PTT71My>o0kJ6%e>{>}$u~$7#o&$J0FAKX%=f_TjYt88kfe#5514_RpdtXPrp1 z2ba*Sp~WG%Eeohp`a-cu5i#10iHs{Og5LRx578rEy_=rcxxQx3{q4=aL+@Mjnf9cu zM3x)-exQFg&FNpIlx^fKtqn--|9t(U+KG59L4MbH*VE9{S*F#odlj&$h^b5o&CwN$ z&Y?4ozAOQn)%&km`5PY4lWr1R7}2hHMYq+JGw-U^%ZUY|KRi0lULn$G;p#c6>W*Nf^79SSZ zwf5UTre8k1k*Hs+0Ltx}PRDJ@Dw*+1j>K}?&0%chcrg5&LBB52et!sKQfCXzXk{yK7 z)!K){s_baysI zL99tuP5jfufBo)GKqnf;tA(Q1vqJ3Q0lBc19Esfp7b%&lbub_m$i{6JjRE}&Yy|$EmRm8zK?osd5IYWY6PTnO7!#WRhI_52r11HaGHdtH0e3NsX z%Q$4T{8+Fn%6?I>1a^L$2%(*LEiPHzvMxmB#Bdr%M0oH6USOA3!@T+?qz73X*=x@1$8fvv|n8j@8A(3m10Eb1G1*Ip)q>SYOAKzUg$@F~3E_ zGfs|6cTT7no`u$9PWM{b!uDA+NbPG_Fj?f7nKihu{#s0{3xz=nWmNRD(=C9o!8j2W zOzKG+1O=s2BaAv@>TJ5^;*ZjGYk$24&F@v+aSj!J*<{ZHOqn|V}D!0g)z$gvLK4dEJK|H{+eQv-kvz_{j=t6So` zU_LVYSk;BJa%=};q2!z6dkJmCI3)Z9Mm$z^VnfY6af2 zYg7QLRMujgAV**SGz}Ka>0I;d8FNk2+Sws)_~<8#;NRiql>5tvAEz7s?u+z}H(g3g z7Y?WAbddMvodcD`!EBnW$Mmsld;3}Mr@y)7x9jg4XW;5*6aA=Ke|eyz{WouDai{&4 zgMvoylw!gHf7Q{}@_X!}6?D;QukW<{27$NAXkkD!F2Mz?I{r|S#Zc-MMnZ>uO5vhS zBV7aALE+*;WXFr{=YUJ1Btof7=7Of5LnbDi=oSbvD+%kRegRhZ)HMJgB&H%0eYzMO zM*$B^+a=;#x*{+KqHG8<5E;Qm_mW+R+LwWvu4G`;ZX_%Tv-_{auMpVd8bGjd zR4Y-SAm2yaM>r`L&49A~!`f2HRd5~1M_$(}3X)|T37d*4p+MAzY%{b#slG?dR3LA1 zO#Wm2sL43~fV@?4V*nyufGtC-X^A6aTH!8Dn^&s)WH`G-++sSJ^coxUfbK#dT=#nI z2N3BGhfVu%4zN1S6A5FsS(3L-=tbs>LI8TJv66nAodY3RpkZrY$=$W=uh+OOxmz2( zPuHvfp(A%5BT5sXI|iA(*-vQeNX5yZ)lZFKHfLuh?ImoPAtcPHm0+BBomFUOR*uP% zifOMvx7!)#=afl9n^zRZb!V<2X_=B>bR`#3Hs;3SBAK9FvdOQj>dox!2p!8gjRVms zXx0xlYb}#Equ~lxn=T;KOKT*XdCU*P^QD5R^V5AQP>2 zac4QRNY_Jx+1%Yn0zE)!kSG1X?4G6{Ltf__z`4=pWidYF{?Yu96;KYn20^;Zq3h&q zhb8NUU)@D@#bzmi+xxb5-G66Hn@xiQLo{>RQaW$>pLD=Kjv_@$E%pp=xte|7Sh?lt z^^MJQg#vRe<^oZ?vNrLM6A`T98Fno7g0Y=k|AY~^jx|{qcR=mt4=C(7wkD~7r5w8+ zJ#Qtw_3S@Nud9HwkKcMNmE;Q)D8;(tBgLI1>%OrUR6t(^0yam*KCA%2KluDb^vKqG zJZ)C33kb$nJ}M2vBWEtH|6VZ~tM_&%5jh?kw?(@S>nVW@c&o+P&IhFUK(A4-yOVSK zc6+cKAkBV7K0KB`TeNWggiEgLHehp9EWkW{xS(}4v5y7-oPWd;m;X#8@UJ8?9CXnfhgM1_Vr^Yz39XVTlx&VXM90{)-d|B(6y4o=)F?Au2p!*`_b z-*(oY2C`j~l=9a-Mn?A5tiKZYcg9H<)y%&R_!or%oG==a>%Q@Tm!VvP12l7|(NSk% z_SM<0xE!7KG||hkO?Dn92NAMiD6kG^5{8)1B!hlFbNN_!e`D$h&tqF+G%)cbyV6 zZ_}snL-tLQI-cVeFv9xi=Hw$;z9T0Axfff2Hr7oTCXRu~!lbKb80fNISOj{(ua8W zkTl8!pcUH6ImlcgtkaRf9(IrsE0`l)6O3L&LZdhUomdwiV6Z3-7TRFmq$Rv5${0*h zwl^yXMW9n!LJO)Ts9}Hr1`K5#RH#H6+85R@{6XuKlQddXt7!g&gmfTLAR#QM2NoF@SqV!z|Ib1-{}m@#$(i7-z@XpR_rQmfQJ z>*m(kY7J*bF>-snD;SA+&kEUs@Z^%~lGLb`DkcVOL6rb@THfZ(T0}Dkm(tnC{yt5g zI*+v0ZM4srYDKy<7!5*JH3P`n0B0S($c0sX96Wl~6#bgwPZ@P1zsa~YO+QfA@(UAC zt6xtVsrm1$KlGUw`$v! zK;W0|x-qUtnFzoZHsw&S+JKv*Vl+~Z$D`keg)T6%EC_3$n?-zrFp(m%8o`uin2$$T zuKR4KuPjo@F|6Oij_5@TCsqq^C%IfoaA26Hr-Tb1m6mo$AhM3DAbJPy-Cjtvh*u;4(qo=x8%pUQ;}sTrd)snj1;8ZX`w(Z;{(I2 z6EI05HI3Z5SS5@vTtMwxfRlJ6QA}Trv}>5czAY}89B^o3jlv)cl2DF`so}eD09-cY z)lwe~o924yEGJxbduiZBj+e2b3|hP0sLgfOjx4E-NzmiOn8nC{P_98JIfX)CMOJUK zbp2FZJi?dAU{Y!0>Go|!qb^voH;cKxiERLC$(2@euLTen_Jf;LmMJ6?6C}`z09-fM z0{eV5Ye)iw-WfF%gX|e37JJsj8U)*i&3c9Ra7g^DP@2$g5-7*_U`#-DGi%HO2?WdQ zC5J7iB?Ann&nepKpxBAh-~?_hOj>w|MsR6V3Quw54F^u~1AeW5cd@plcBen*+Bz|= zLb7iyhFWu^aYZ17ZK&@sao(aOdDnFji%D-f20JF6J*@O{fLiaBYQc8uz+(N?gRctE+{WMUkzfCt}A~yrW4Jl;4ki@eGWX2r5=oW;ZohX}ylumobdi7_Bk1+S?(p;j!cN zm#la}ljB2`=Rf-3L0WZs<})M);EQ_j^L8IroIbq+>J3b%L6(UQsW3A|Es7?4YOiKS+HCJxh7<@UgU} zVf{J0A}`*EqzhmpYN>&*_d7_O(3;s9g?5XA6f=25nP>r3K;#LknGs#BYh*nQ12jU~ z3c$#_umlD;!XID--&jvMj@8977trW#SgAm@nd%^#NlU13hUx@2#WbR_z7oKt>eghi zmJ32-TGI5o1S}htDPVsL4oS@#b^wnPyJpdA4Xf+rdz#q}3W%O@*7|9dn1<43ftIZ_ zd@d2{K_MV$O;FlC#*Ep{wL4Y!OkLDd&z^HZfD1i<5rG-oECY%X%K-!!O@4N6ni{x> zaG17T598n*GYYq1u>qYO<~JTjWy+4U#N0vtK$`z<^)6T8H9&{FZ<8LBx4R;tP%I($}gF*k6xCP%UZgFt#u zh|Ex&?ugJWi~(I=z~WY(jh7P1Zn%NyC{V&N%$CT`goV&nYBOhMP;|D^0)c=?xLO!( zFU9Ht0#+OMT>RLq6Cm?^-LJ7WYACK^D1xJ_j=F+ga@5tTeO}%mxCZXRz_$<$o2?dY z%vHOGM3o^Az-tX2y%(?ptYsmm2P7c$L|MESOVBS|Dy=q5eCG?M;&NwC-@jt{8|t5Q zT7WwYx=J7Lo#$O&x7S9|1B@U5nfa)mGE3k+1CQ0$xZHN-V=;B==J!t)tiq}dIE)y$ z5K6+v!BH&2;eN|X6@xuUC|jkY=fOeH(K>XX=W8%OPB?xU-S@!5hZf`*?{j*V$JWg) zZNSe5;`joBoAx;2)WLLZ=bUnB4FXn2#r*s5N6O&eL@~>d!1bO3n{L{?7kN-@W~A+P7t5=^s{(zatB7P2Ue}J)1`Rx6{Jo_SWEEb5tPUeNX&| zuDR$VG<{&^cyv_``=f8lC=D-qq6Pq?qiXrBSbxq8gUCC?S&~V2v$2g<5urc=Y|v)5 zMGS;nk&W_Vr#&d4$RWD(g964EW%1HtC@LZe$p~PJ2t>VQ>~I8Q2`4*lSSs6*=*-oz zM3dLCyx~3)b)Ksn!c|6%Lpc~A(eDyF6R^T~QViOc#&hqU*pK^SzOC%*Cc$1bqB&;x za#v@_@+EYanqWN{jS{eDc98mf(zl3V+Dv30tQq7=+b#N#($C{_AqDbe(j)5*Wwn^G zZ3SyI0vop(jYOEiZ#BP++!7ToN1Zbl{X{hJ7N$k6R5K7CWu?HBlV5yqJB%k}O&rla zCm$=90$vFQx|XS^b;9-XmcuneJ4UoF6X~`xk?3-xBh_VfLEQ(@3^&epMLk4OUX*Q* zV4z&erd3R~zaeVH3+BjpSo&IHlbuE+H#&KwyO^ZLA{2u~x2IY~m`2Z{(b@#E_7cpQ zq~zPSd!qf3^lA`2XY*|tF#mTs!e0;6` zQe?_^j>~RD$37L82BS-uwG&Lu&Q*-qlsC%SZ5gDOF3p@ZyTn42v;5Z)Wj4kdK>_&6UmNq@pi`qzaaNwS<8bV}jkS}=k zF>j^Qk9oHM5!mS5A`o(*SV+>vhTJ3EMPPVT);tAM($-amDoO&7v)XFdt-x_M9Mt*P zdcg@@9j!szyfqi=g+ZBsygeX=<-zLPS1f-cz2}mT($Lh|2}HYo?b~Z}4XLFWftd1A z0q-bnlO)wxYxHxRgbZ>51=cDua$r{9N*zEea|_O;At@PwyzvB3riALDm53vG3Goag zT~D>YNhuZ*7cNEBl?(~#4jPc_MQUDu`b$>67(KGj>Dd0%DDBy$KPF@Ze< zUlsVbd{u`rGc4}d`?3ZgK$E%&*cJ)LZp846MfC3T z{)(Rb;qepdQYxmOZ2g_G^Em2%>ZLSw%lUNerJthz@tQ9vC*TSY{KB0drX4$W(+}^w zmv-#hJz*bX|G)uSeC&o0{Ie~;VZ;`R_(E>_I>xs#BD2o%Y>uQE4#7h0M8wCjki+IJ zTILEihDKrV2eE&+xH1R&V_6r7P1|p;RT?(BmMTLmKr@vecXb(4dvFKPk@9Hl*M2K9 zF8LzJd2k~TmxV(D6-f4O16tdhqhM8}4t+9-u!%%ua?r2}A;jhosW{swsKxKP12v0? zyPJgq5C#Jv*bNqlvL6#rHkwXSIKQm@H=c3Nh52OVkYFfm%z|x&fDafskT7cjX9c2@ zGj{NX9$ISCs=sN-rUxh`Z$y+ESy6Zi$QoTZG~)t7kqZHYO$D9F;dI&%LRM`M zQn#U(Ic&+7Yk++Y#^J%}c#&G5^;+ZA`=jTsf*t7RZcSct!kf)jSfOoV{a_a09eI&c zLvf8wK%kt3_1J3wVFJjjreZnVPZ%6waB@M#cKY?RKG$J;PTMqC0lZ9$Ex zN1~jmh!8gi47LCHwp>x1Bwf&vEV$H6%i5f$I+hKeM*$@)T{jE@R9+fc+Nyc*4(!8S zshvWR$F8@~3UDX2?yHrD$s7DQomn0i!oYc`X2xg&lRDxuk^#`%b2icW zcgJ<5qxZfwpGiPk*|~)GRrn6Z3+r03JdRw14bUUUJq*0{?bwJ4ow(JenTn4IlZ0`<)8( zTe58VgaZFmlrr|*_8r))=m?YV;NAte33%BR^RHq6)~7!@jizpVrMkSmI|gXM{#Ven z2QQ@q`#Lbh_a6RNy6Sh|PXG12AEb5nKRh9y=HQGyv~>BSGJ9={%0J=@@>Tw;U}97;@CLarWl%1&fhUfjZ3=DaLfL^L)FkSfj@k ziomxDn0c0u>l2daK@9jb`frH6nOLxX#rP5dnF zTN{5sHNhjGsavo|X-N_J0jV}t>sBMdf4F21mZ>JLg@g3BG-f%}o77K+LybC5`D1a9 zCBeNc*8*RhiP~@#L70o8^opw{+}5FF2Vgc-Q)rNpNzio26u5@7OuDJuQrNN%X&Ddp zt*6FWJlYEyaNfGY`=nhe)OnWL7ZGe+ zA|CO#t1$9VKKW=MbDQ>`+{fU@gw#&8C?K>}AqQ=wonPbPejD%R3j69^RBB~f-T3ALYU3#FC#*#f#TZB zB4KD#hGFvSJe&6RX8+OkCb-BEZrzIAqszLr@mNXw5!swZv;OSf8I23(wt$=H^p~DO zGiMCZ&I!iC*|`279d%r0{Z&R8`^LVQxey1wz`)M4JmwCM(#q2g(BSmWdp^1O0R8wo zyJ+P}(ZtW-U&Z_z7??U?p|RQln2d?pWXJ!EAzb0{9@fW!xj(73|C(dkhS$^}U~`;x z@!Qqw7q6a2$6e3?3#&h$d|<|ee3Y|?pRU_}qvO=$&!LyEdUY6=IdA}MvM7l7g2Oxw z6xF;?-0_-^lKp<;DK%QzEg9XW@!G`MFek_|W@B0XZ@y*pC<^HOF%SW-KLQMvGIn|o z7A7i@(uSIRes>hg=?=r{3bMe!ZLElfGTF>6xjGdfp@!Hf=QE2w5@_@mP)${dVgxUl zqc6Cx{c$5PXjsr4eJcW_0gb{bpqr4?AcBhHj9Z@+trQ}V<6jE}wMp`RRPQ4xwh$a3 zYn%(I-SCzJof#X?DVH5K{dor1Ly3nMxOFSC0EEtyVdg=#tZL>X!t@xC(H^QK|>*dA!3@5L0fxjL?u z&aM>mNbw`Ny;B^8VnEa*UZ}DqH@koc+PH&j{Z?Ibf?EVADDyDcMLD^A*@d+0zU_>_ zC831P7?955VUK=X-IQQI8(mDL9Bb~00x(&xO?m4p(Ai8Ou#K4E+CL>RF;xyZcG4UN zQK4}+j!51z$kX>mtdVeGocLY?+EHsP%c`VpX9!z=#ax2dow4(d5xA#|XQRijY*RE+ z8RB}w(G;;pbvZUPQwZ!*GZT*k5UsE*GsctTv#-21j>xG{ilpWu@oPzVj<~BF@@wM_ zkJ*CAGRm=iMBY_geh!5UG z5tEcyD0Gq8F~C77=(U$!IN=iTNC$A<{C+W~UT75QxiJd|hem7G-{~(ON#NhZ>-Nzd z-`YtBM%dO8)ls?qR_(tN7Zqa~8GSlYf@B0Vsg5YAG!Ekv>541EkNxw%lfJK7e*1PW zY5kqY@0vr~*LO{AW{uFi<9AJ{M_B3o&0o4X1ph`4_R&d8E==H`ij`EKE}P;YhZ^i^ zxCC3bPR-<=&90k>i|H@N`6dNKfk4X_jZH3_>bYuV(XAtla+=$cY>}qfHG80N&v48* zwfm~>UNXQeR0y8wd8t=O;TB!$3e1zqfmafbXT!3SX-+1rdxb|N8%YcMLQ9QQKqSLR zAW0L3thLkEn(Zp&4Ov>yXpzBmTq}#`)cOP+n6T+C>`~>(vO=IDEmr+ZWM|BwZMD^I zVbiG5)=BK;=4G;oF8F3*X~<+(exh&(m0~_Jf#TrNkk-rrSQ4l0VU@s(S6cZX91y$Ba z&f^8zFmot}m$bx;_E*NmIP{2?s~L;dQ-x*74?}cs8sIWh)uF0;2Jm-DG^e)FG9+x< z1uW=mg(y5glv+8JMy0{dkhNP?Ynx~TjllQPNY>5t2(Lyh6D(aU**F7p-f!g=8tE_= z&!=PsC0d=W_J?4)qAlMezvtw_*?5INr6_tP`vXzmtGv98ZHTfiI8-HHsQ?yt92Sa;Iu-H?L7;5@Q305&TWpF-*}k!v+lwHutn6Iy(fh2e zcv9Sl)fDK7mFpu+Xwy2w*^A7->55lRI4oskKhySY8U*Z^WguqhAErmu?t9!x2kB)O zjL`f=o$J}V2lV6H2k71(?9^))wf8b1t~{+`Gb9Lm&lBYzq?u24%5k=Tu4~pf+)w!uJk%h)U~R zKyhF)BBA=yJ+~}qnC7Ar1nWK&WYEU&PL%!|13?HAuIioh>&DBl z0_;#}8d?*O5~AO0?F#Vj+<^%$e44A5oJb~Qo5bdq4J`xDH(*{`Vg(b-4nk~_?pfYHy2KK#MVx6S8 zA^%IaMv08*_bmyOlBnG=3o-M8R55E1#2U*;2@ze_>8_n(UFV>v6=@=-s;wwmYJ5p6 zh(?;mYK^o;N!I;^OE4U#AXo3JqCHxHnVbs*s^UmR@Lb&!kZI9&N^RtJX=wz5KsU8* zFhh^myaw4~pVz{S>0IUPQN~+9tQrC|0GoG}&ig9|E?5N?xmZw}VOzQDe&F&i)0&l6 zr!{j(8!f=u zOZQBO$5rY49ev`%q2Ax_9W!e1uL1$vf_h&NkBqwVA`e(r8-+UVO-zyUX>QTMSH-=6 zr59$PaceMC*vh&!*j$rMCzu1d&yc2Aa%=DmM-IfF&)(HYi6a$_NJ{Y3&gQOHYE+pYfVi`)ejV@-8G z8^LQk8oUb&@PA=zY$j+{1A#SsehFVhX{;u}sYv?z4iQAm>Ip*pM8wOx-?ULD)gzd-Uw97{C4f#o> zRx_w^kqFOC6)9>%b?c8;s7D_-Y^oZ7Abz&ky<-~9;-Hsok%^i9?PKebmw-Sf` zsAimN-BCoyzsj=6TW=X~G_AO47a(W(0gH|`U@Yv40SCUQJW_!CkaRC$SI(*wDa7Ry z5Zh=n%J(RIp37{BEPvR7@#%h~LWoh$g*S&W?EPE~EyXGp{b*SVe3OIbw8O+Ek~Ql! zQpxMmq7n8WZM5K3>d3XJT03OKIXokB!nO1@V-i4;P3&FaeLISMD->id#M5RDY-w#s z%nDHPBPRx(U|O&N_C8{1oS5gxW}h;QSy`Zz@rh!oN<*=pSrTgiN<5$BfZP~38Mi-G zIpOgj8LWU&1a8>Ud0dtKgxN$BOh|Wi6;nv&fViO&e5x3AzjpQ?(fihXx~l=$IVxSi zKls8W^zmD-r6+c*r)=(oX!kWcW|UCLjubnmB0b_fCfDAR9aK+V^fF%s1bdBQCcQru z3Jc&MHbGF)2nxjziK5%L%#S#nKcv=i9e%Nj)g_o&UFJ3KetWG2_&h@ghxBXHV+Yi` z?;F`ek8Zv{-xV>I57pP9I4tm29gjcON4Ndk)EWS6o#&Wj2w-2k6!VN-=}EY#*n@zT*+<3vs~CXx*tTUJZF*!;-TrHf zh(1^iz%AwwXy_$f1D8XP_oA?cV0vFQ2`Kfu8Z^2Yn+&r5*-^|U=2c`iNFXv0Qc(I= zky9ue!A;%PS88Z1dvBWVT6xzU(@`houxvTV$~T#tQJT#@_l?_9IY_S{w1D8W5Va=_ zw;I^y)=iuIlGC;z5@UjzB#jjqkX&tz-#K%^%{;2I7rBe2Utn@H5~cv5id1-5IAn_; zTvTGD2)EN?6f73>-2V~YfQXrs1A8d;3tDaqTq(rc329bT%z}u?DtR$+wJ$NrlU`m_ zc!;7XDZfBa?NuBIbY?9FF1Cnr8QE$11!=`e2EdW@a_i(ON;Dv$xvDifEd$ds6dj+* z(#*^n2^M3Ip_0!Wn4(o4u}xTBbE#o*F$J}`Ew=zTCc7;T0JomDu%#3QaEi9TNIN-A77IrEy{2Y+v*uLVtt+CuQG^o_fLpbTsv~LUWI>$kVrrpY9 zMd(W#&EHt1qqC2t?ib^Ft{{C;XwqX?#)M2O7rl)B{B>WZcb<1$4GK2LcYgT=`hzcC zLVthjwRG>M?M}qKyHm=Q1>&KN{<+!+a<9F+GsE+Eq&R_mUWeue~!l4V| z{%PU+99>^)Lk-?d`@EJ0VWfPA%?Pc`PH!p|OT5bkO zpIfQji1w=tXXMWmjel`YPlCWABr~Gk4bx~W)=96*t8cX}%!%5vOV?5#H>?3%cj2N4 z)@2n{N;z_|n?;nv-9l|QqqRMiB4i%>dw&eKa*)2slh;?vrA98+BbH4? zlt~KI!^-=F+LTI{I-$$#Oa)?ahp43Zlm}O4prNIC)V^!cR~D?>9A)q)hn{t+V-BEc zXU|$p8ue%Dz+H7=BNEXzqMm^rd8mhD+QkE#98&_&Kyx}*6X{5X4P;9+Y4(a+uV5Xn zxwW`pvr~803_VWNn`l=~lGwBAb<|X3=Rw}108-pL)EMI60;Jm~wC-HVfEeb!gj0y! z`Imr81o)V8O(tm5Orf6$ZndE-fKY7kE8*@cloI@9dkK0SavL1JAdk`Lfp)Yk+4+iF zYv@pqPPLhPS$V&dne@K(VZhue{~{Lc%Zyf^opAjJyq~&!18(vD^lr8Y9COK^6vsWL z`V&Frz0W*U*x%F-i`g3zXwW%>!AXJvLRv%wV2E7d*qlAY`V4XdM=@*N;AO!elwby^ zs5Of={TCkrSX(oYc@H3*tIrV5D=?59F-}A?2OPFHt)?QUUQcBr6XC8eS9XV^M*Q`bE%CUu;h*2sXP+-of(ju%Ji<@K3*yqj| zn5_%16gD6D`yyi{nt5ux&G&L?y6sT;q6pgKCjaDJ89J@4G!hkRKVW@>-uQ#?%t(e z9d}PY2H@_IM+NYg_l@fBOOG0)HLo3}wO`vxlkL!jj>F&mxYGPn;NPQH5JqM_tM}Ud zL(X7I0g*#ni)DA%m5FMv;i_4Clm77C6QZ1xvoO^rCW2`f*RcmxRjDx z5`VOZ&+x;^JyP?iVdfTKGfSi5T6UX>$2G!KOD{T%7|bOP{wY^snalw$p=zsaM9H*0 z9~KTxdC6*7qB%gD$!<7sh#Ciq`u0ANs9u%kJfg8?@S3PaS7-GSkPx(V)1n0%8w9YV z2J6S02xP@91vIvqE9EUljbV1P5@tOt8|i4k$`lK@Fy7To;Q)*Vm7)sC4dPb#k9BKp zfX?bUMZV2eMqA49N^8EvlBh_GCImWicKADk3IjIFCnXys+F5zI*#(^;cSd6oyeH5NW_b1Q>j`s@#H%kNsXrE5(fnIrD6A>>a%XT=aclMyKYR^v0~vl zbj9lT=rLkqCg)VnMVnm>#=|~=GH~0-(y(C2hg-f?<{(S5g)f_M5X2N>jAsA;r-$okxsWXd;H>~X;*^Cl$#X!lsC3I0{>zt8sAyCcup zfjNiYT2li5D$uWL`8_bw-!oj$KjT6Y2ImS7E{_%4Dh`oX5u3c8sU^8=%dSOy5LLrO zyp*))MgGW+na@hBBQ+QWr@*BP=8)K>l;n}V^|7T2Ur}hpu|+i*<0QOCCPSDC7L+@e*p#n=d%@ZmzG~400000NkvXX Hu0mjfYReh& literal 0 HcmV?d00001 diff --git a/examples/saml/post-basic/src/main/webapp/images/rh_bg.png b/examples/saml/post-basic/src/main/webapp/images/rh_bg.png new file mode 100644 index 0000000000000000000000000000000000000000..b0e6a006d01939c874d5b4669a323501404fd79f GIT binary patch literal 577 zcmV-H0>1r;P))7UD0000PbVXQnQ*UN; zcVTj606}DLVr3vnZDD6+Qe|Oed2z{QJOBUz<4Ht8RCwCNR#|ezFbG4v|5194&h%EQ z7iW-{^N#8)biB=x66UZ=8+u*&n!VI_`1zn1}l)*r;5# zId*)`n`JD4AC6bv2j9&e5Ik;P9q<0mI52Em`rdewe~j}bE}M@P`^D4n50i(nPUj{3 z%K3=GF%#y_AteuY{C>@G;lw;28YZUPVdMzHr@z?^+z@{Vxv%qw>Hmzqb7PVFos-0+ z)jU|ai>Mb?|M94sn!gXfmQ5?zR@}XY1~)6071J?pmg}K%dc*w~&da6lqh`xF<>;h4 zCqA|oo%gLg3{G=>jHEQS^+WYr993J;}Cm!rJq)rkm7mjW<)TSZAuPBloGI*I5G>50Vq5 zhuI5EcKJuR$I7JtsrE(B9P7J>P0slEuUUPLMJMg;|FhHoklDYE9{~mcktPGm_3Cg) P00000NkvXXu0mjfQR^Rh literal 0 HcmV?d00001 diff --git a/examples/saml/post-basic/src/main/webapp/index.jsp b/examples/saml/post-basic/src/main/webapp/index.jsp new file mode 100644 index 0000000000..199bdb0ee0 --- /dev/null +++ b/examples/saml/post-basic/src/main/webapp/index.jsp @@ -0,0 +1,14 @@ +

+

SalesTool

+
+Welcome to the Sales Tool, <%=request.getUserPrincipal().getName()%> + +
+Here is your sales chart: +
+ + +
+Click to LogOut + +
diff --git a/examples/saml/post-basic/src/main/webapp/logout.jsp b/examples/saml/post-basic/src/main/webapp/logout.jsp new file mode 100644 index 0000000000..05ef7d3596 --- /dev/null +++ b/examples/saml/post-basic/src/main/webapp/logout.jsp @@ -0,0 +1,44 @@ + + + + + +PicketLink Example Application + + + + + + + +
+
+

+ Logout in progress. You will be redirected to the Login Page. +

+
+
+ + \ No newline at end of file diff --git a/examples/saml/post-basic/src/main/webapp/piechart.gif b/examples/saml/post-basic/src/main/webapp/piechart.gif new file mode 100644 index 0000000000000000000000000000000000000000..57bfe377524acaaeec5ec7def1798a4e586f490a GIT binary patch literal 20994 zcmV)EK)}C8Nk%w1VORoK00RR7l|Ns9000000 z00000000000000000000A^8LV00000EC2ui09XQ80zd@*5Xniay*TU5yZ>M)j$~<` zXsWJk>%MR-&vb3yc&_h!@BhG{a7Zi~kI1BQ$!t2G(5Q4uty-^G+F;A=N(2|MMO+zN z4CnNuyUn`a@VMOOt&l1AN&Xw|kNst86=)WOgMt)>iHHbwbB~abk|u2y1Q(YUW`CS^ zfOwyJp%R;ig^Uu46RN4G2&}KJtXz||wzoW$nH9Sfy%WC@!3dY7e4U`kqRPjfnzGQR z(x%jl)7I6ijTHrr#<<|&k!{1}nCF)0ycC;z2=4Hs@AB^7t=HQ4_u2c{{`vf3u|v?! zLP2g9x>XX#u%Qoo#MJqc2#lgIixJDjV+H^Ky^sFS^a%_It0aYv9ix#{W9%RWmlI%0 zkV)_YM29$YYAR(eozHbYCkCxJ^r9tu8||c&(2Y-pyFBpUGkc#m zpMLkuo5SM=f{u}X(dYH^->3f#FM$7dJpOfEYOIB)-97(tH7@>|C?s(&m z>b=L|BoLJ-;)zI_sN|7LlBh|FF~&&XYE=4V)s?0s*j+R&1;vnpQMrA1(IsmSvlK_etv2QVu})4s-cOdN~Wr&dfI3X#m#xCrE69S>8!WbitA{b z_BExeG`iR)sN1lL>Z-`Ln(VPJ{zb{`vqHW~9HzV4N@=y&>Z+}*(e+y8uf>WgEF$Bb z+T*!knwze%=-&C?L4--E?7YBA8^R{rQkyTW-1e()zx{dJX}EwE9Bd)Csaq(z3$J^j zmP|nmt;6)T$EdwU`pe6me>$73#<_xg?Y@__BQUspj*F#V4Y#cD%N9t?6wJ#q9OT8r z@g%afc=qy?&w29u@6bXQ4e0CET%&#V*KPg$l$L)NZua2>Cp}fu zU3EG2-f}-3uibg${dnd6>23Xpnur@+_D_V*oY~KvhfK8T*(qKi(+2YmdEBtSE<5J2 z=dF1b9-jWW=YCW4pW(Xq9=vnX$&>QR0Fiq6@>$b9JM((ee)|;omcBdc*k7-`@Vo;) zQNT(cFKWWjTi$&6kw=ey?dumbeG|q2-@W|Vb6>yr+v93-_-(W7{QvC(;Q0oqJ_5cE z30)f={qna!`!UdZJVToC#^oRZ7Vv`R!(jR{$iWSI@PI?e-TWYkKL?tygeYuaw$!$` z)(Ogj9b_K?WB9xodQgTMqC%_`NJ16*u!lfIlBR;gAjjDdhctxY4Qr@DBu0)6W^qFG zcu2(&R`Gs6yyE_(%)mCUDA9>vWMUEnxELr}AOIIY;~CS)#x*W&2|Cl_3A1R$I$|-1 zbAgEXly^iiF7b0WGY3uN>WO|l&?f(ELAy6z8N8Ymdqq3=a@@gQqnS;Fh;q^ zXuwdq5&^J8rYx07OJ=gNmd7+@)n=wfh#Ar&62m4TgI2dvatw{8ky*r=nM_lHkPf@7 zo&wo0U zmFKJh=l<47QFpTQon?a}L=JEPje4M5MQKNuYJrzJm8nW?s+G(@RV(#Wr=+Na z>b|wrfx%;@Q4Om~p*q&4%IpBxB+OGK_Ef3HY?^HqD@(~5$s*vAs7KAKwde^`y1LY_ zeRZo`|0>wB4mPldjcb86ae!cE$EH|ys7Sjy(vwm4vH}BZH#a*@j#llYTJos86g$_# z1{IyY9O_4nNm{}t7O<^FtYK$c+SeAgwzPF^Ze@#G+)goEjU9+xetOU1=G3@XttBlm z{<}8II=8vdnk#x_6EQ8j7DS2UD$f}wz}*Bx+>)maF#jD=$vRAs$lFioy+^u!SqE z;~qcw!aL6Kk9j=g9N)Eta|Pd#i-ljvB6q}3cCv^cx?k!Bm=pi~gS)oOvCGjzKGW%G)EBXZT2jX6g{_VC(MzyV$`tww`-U?s1!&)2mgs65i`ek^qCG4NrB z`{UpadB?>a@IxZJ3Spl3!sm_X|Ay1Eqjk8<1smz3ombyfx;C6JU2y)7i@fI~H@MI} zesVY9dgd#a_-o}wHsM^V1c*g&g z?xxGOkE;$6e(%Z*cL%)3#i@C)d*1J2*GbBg?$m68_9=!Zz2nPU@dx6Yy_BbJc1OnX zu4lfS+%%}qZx7|rb7%mDUns{?U-sfRp5}Tb#^@Klzf#9nV?6&m@Bb-$+gtyPz8Cys zm2P~eA7AxQXQ|Xrc=0ngKjVTfA=agT{h=#fE6N;b`yZKo?f!G%_1)+G_w!Hu+52sp zzkpy%l}+)YTjwWtpa6M9Aul~)4AVDspXW?k@_?jNfA&WSt4DnMw}BO=fX6Xoe-adg z=URCJS1587<8*jQ5ow{LVlftgo#%HDD1*DVOcr>7F#voSxP##rZLKFfrg3Q;$Xk6j zPGC@drY0wMvT^L!gfkd}_H~0e_z)WCeO9P{u2plBQi4~}fQwdwd9qSPhzDIZ3O`5; zGE*Ya_k@h=p_*Te~JAL30U9hzZMATM$QAV^}v{2096%D|0q~ZfJXO z7>93Ae&F|r%;!K=Lm1uCgGBf%oW~*_2!i(EfQU$g{%*L4j2I4mc!hHqQ}dIC7NLU^ z<}ClwS`rj9{H2AW!G%-ThM*X3Q8bFY$O1=aiPh$I*)lm9F*Xz-fNSOvuy`FHNE*V} z6AYLicK3;ZCyKpzjXMF1-(`89;Ssw)j7sv0gC$M^HCVCeeCW3ZmO(nF<8RcMOxB2v z@~8qMNQZZrd|vo$%Ggn7^(1~^9ikIx+=f?t^KbDuj|dqAm7rMu*G?gWe?$0E#p7p{ z<$(@K6rQ+7yO@w1$%`UoRDM&6b=V>lsW`NFk$l#XD!G!x@sZoZijc@=fHqy(VH_aE zk~o=@kU&!-Nkmu1lR6ocLOGN~S(HY3lt`KWluEgjOxcu9`IJx@l~OsCR9Tf)d6ih1 zm0G!#T-lXYX-o(hmI4`g#4;>qSq3-hm1=2!A1Pm?mX2bHGX29kbQvm#v5{+;mua#E zg~LK{IhJwRMU2xrWjU92sSS9kmx_5W4Vgta2bhpalfEK8gn5?8bC{SJNnw$gi#e6g zcu~hFnN$KG({zOB_$`!KmxYOfuu*`Qxti55OrCU*op}pUgi)zQmQbQ%)j=I6lbV@X z6{cYTX&0Qr(n(G9AhcPVQiPJuX*iXJfC4g;zzLg`$uXAM8aDDtkHeYFIR__+o6i{{ z2N-A&6Cf={k=2=<){u5H#-70S>q@k|2hlCGhDdMwFb~IYY~dmD~uL`w2Xc zIZ|bKp|5F~1lpn`IiE5LqO3BaNLivMYN8IxD=Y>8)d326GC?qU3U@-Btl6O>!ACSY zqY7F;HrkPmsiO}nrOGjphbJ=?`j?S}q+n>B28x_b8m51gpcbQ-X9%HGnwze7nvp4( zm5HI?A)8A&r(zmLW%8u*F@E~FqiWix-cz0c8mIy~q~aodnfTlTGs(h+^C0VI&N~qTGp>^s*)_IC{C7+qiNMgwNQcOau5S^5p#M0*-b0;im2gYc(Q8E`@H3A zyQUb!A*_wJm0`G6!xu4)@EdX*yu&&?lVCi?IJ{lVrn@Y>2DS^sRveR4+{RCLSA@1n zz2J^roV;Hw#?O@}WSpvg?0lzNENtw?ARLiYY{+n|trhWJ_Mk@&{Ju|^$A1i@7V5t} z+Qh5Gyx;#gL}y0W!*$N#Ln6n)W!3#@Q`#ZOd5gE&zzu6r`Y&9~kg;uP{*sYc4Zi?D zP|RdaxE*#&>Cr*v*u1USp`6)h=e_f3_c5EG1G}l z{%NO<>KC{LFihp$$az8taY5Qn`?AN5R-8<$Al~b9b%eTvNeL z?PiLMfDXLWZHe1n-^WnyB;$_ZF7EJt0wSeCgf7qN?%m>?S{xkj{0^QjDPJLd@7Y?q z{a)|}fA9#O@Cv{14Bzk$|L_nW@e)7r6kqWcfAJWf@fyGJ9N+OC|M4In@*+R-BwzA; zZo-;n@+zO|b+FEnj-(}F!7D%WTfOftKeHigocNHIG;jX$A9=R;&h1)?u$P+iFS74F zukf^BlQ$pqXiKbKs`G`q=SeRaW}z)P-1Hy|^)OGf)PVF=-;}p`IE$hAP%Y4lw$_?TKKdcXI$F!l!gv7zvv z@35koO!rZrp<6Lc;xzc#u$|>|_=t}M>`tXX&y2YK1z7r6okqKN>+tgj$_E4tp$ z`F3T%?ppSG%s+&`{luE7e@ic%PyHpZ5G_o#asF?F@yh+LartU5r^Smb;V=HzT>cg1 z_mWBHxgPnrpP_fJ^G7?o5P;+?(^e~SE+c<16i2c&Pc&6mwsl|Avj~v>>nCf)cC}vaS6iikHWzdHb1tvdoD3N@r`PRwd_FJJ zP5P2QguuZdze2!6!9+p}kEn@92`2z1ge6MJDJ3c}i!IO2iK|Lc1X795Qn9eOH#9d` zxY$?OT3R$YJ>6a2USHi@Mj#@gVdG+CLt^D)=46C{NK4HpN=&KE?ABFKZdI#FYjM_Y z^6w%9HVxM{+xFY{`1M)&+~0fre0{qr{^4iEWrzX-Y$mWE!GHdo`N<{i5+n)NrfI{r z%^a#w7(a;PcuM0%1gSn&QJ0S0Ja;JJsg!4u9?N<5_RXYO6Q4bW1`{sgIWQ-}g*t;O zlH-sXM`{%tWemwwq_v3Wq<$>djZ8_bCtar8y0UA_tS_P2BwN<(3qCy${$#6mr%$)a z$QXT+i6X?i=)6&#+SD5*k$yo2HjpbU*TY^DgVnk?=2^&*BL|Bs)H2Y^ZQ*WStF{W= z3<4zD4V`p?J;F}Aj845*@M*_iValc*+je8z7A5cI4J>nI%)vEx=KPlU@v#$2XSgO& zbYA64UAN|PYBVP5RnN(|Ew(%U;@sf9r;*v){P_}ch8t%;biI4v?}a)tZE8|A=+aQD z79(*K)Ytl=j->DuE0D4A5){v!^3Zdzw*ll6E0*a}BfkyP_YHqn8y$`z-S6HY1V^yDtFZ=A#%Rj-?QHZ(B1dT|&+8l9B?Wp3;$=V=&GtxNioYN#c_0*IE^#m1jP*6V= zmCHc={LD~PKiH4aMHT+l=qgELt(4L_X{FNEOgGgvxl(%#lhj`U4HirzQVkJNUK~o0_4M2M&Lj=lL(_EiStgkspxRmCoz_VJ zHn>LKSF+W1w@&>W)?aY}9yMIcHq6ghBbCjrRfSu@_tJ+gl{g(tpt84;h`Z8v-?DHT zmtb;326^Q8emoeuRo7j(*)0f+*II~Sp6$9MBf=zOY&k~H1Cj+6`D37cZi~#5k5#u} zR$1->MVW1l`DLhUmipRQH`ckA8iVe3V6Fe%`sX1EEgIRBkye?LsHsl-X|5!?xoLT= zz8Vk8gf``rp8mhi+iSj=IdyC_6E%BqhKs-%Zp7DcyIz~wR$EHB=Y}D|t{Wc$@5;Hh zdvjll1^nEj3s;)aN7tVC@RtBk-J=Rrx4@&*6Xz;&$yMOC?@?XXJ9Dsi=Nz4MK^Hz* z(b-iKR@0r1J^2EHT-|x)qemSM+H2<&_ui9P-Ex3*&pu$^!^hoVqlee8UE@n+nt9n> zTsaAB*eDHVh2nSO3&i{YS>CI&2GZ*njceeYnPl5Bgo6VkwG5IZzfef~=lm9V0flkswhKgE!9So*@_3P1*Xx7N+cv3 z%V;Mz=BZyDl%tD-gsEAdEor$-XVy}g)T`hW@kq^UnsS=ee2WmZDaO!+6P&k{r#Hp^ ziA!jj1&--FCp*>o&wlpmi|>SGfKYhPdX7_}&7@~T&yY`>EOMRvlqNtc8qkR*hmU@Y zW$ElW&u@NIqzknaL}yYrimEcB7FFp#FG)a-8jp-5btpn>3R0V@!=(ARU`o-sQjD_n zr$yN4F{6c3q>hxKA*Ja~@6l7BUR0_r4Qf?^Sj>2C5*kchYEHeH)LS{#7rgYTKdnmD zsroXTSzXvc!P?cgCKRqpeUeyr!Ly;BHLqzkD_@7(|1ak;8s0JK)$7*uV;& zu!Bns;S)>P#4AQIi&flW7{6G>i?!f}ZJc5LY8c0wA%i{aVcyJ+IKe}X@PS=yqwmOQ7HV3- z&!evf+5BqdN(R)W7B#U+-DeDWb`7dNbgP}cYG6Yf*3UjNou@tF?M1uU(hl}y^jvIY zf4i>+M!*47bz5k3HWKQ!EeOmV2X@C>-uBRTqN#0fZs&X3`^GoF(Tr$MvtZca=JTFM zEl_e#;N2NmxCI)naCj?w$`Usp!qOe@hf5&i<#u<+Kd^C-{(GF^5ubO-Jy7p|-#g{{ z?zeW&GH`<%TigOvZ^%C`a);v_;x|XfsmD?UZF`oFL$~<3=FM@Qk38u)U;56K&YVcT z+j}8rqRpSq^s77l;wCS7o)2DdaGN^eR>ykTwSIPu>pbmEPkW$IJr}W4{qcgqsk#BI}mF8Z?0WkPV9Kh0tS3A?WfcctBnAn(M#F73`k{G=Oac<60jb)DaQ<{=;XuLplr zmFIo&L4SP98$bETZ-fqH5c)I`AQz^GHN{yUIMuuUUi)}&{Sc3SH>s0C@g7nB)qlT& zeM(+@mH+(m-Jf;O$G`XUFTdvN-+sN|pbF5>zu>5^a#lMHbn89>#J=mRxa})I1mr#g z%)53gyYoXo;hPZlgFpIXKKsK!{L8@i<3J0%KlxiY?n)N^LkIn9xs~&`06aA7TRj&{ zzy^fD1ysQ73y}zvz^Y0}j8^A)uK3)r)4#AHzQJo9SR|kuMs);0VuUd%tj1K)Alqx82f73%pvGx{#?`yVPZP&& z^hSX6$8W4fg4D&38#sF~H=;>DxLZe-<3xze!-(8Nbn8MF+@RdE$S~5BgcQhtEXZ&K z$y^LcgET^@DuRQw!J(ixhb+d2l>SJVY{z#@Mva8JKIF$e5y^k_NS@Tmfhqa zq%Vnk%PFkNI@mwD#LJJoOS{y|$;?2QQx~HQoS`h2b}US_G|a&qP0;i=w|qgzyaTcH zO4g*zy{t^hjLdC3NrQmQn_DaU3IvuE&C(=I#N^H249(D7OjJoty1C5QY)#9Q&DU(s zjO$D;nM;dUiI_d;Q z;vfU>>`wXw&iS;@S0W`}WKQ!;&+$ah{(Luv452Z6&m;$Z{FD8h&elUvCfrU3txpIQ(Firs?VQkG@JkB~Pz}Y<7HvG*6pjvc z&+a3~f7s0ueNgUX&>r2<>Qd30xX=oP(UQ!y7){b9k&uq`&_Y~KACLnc9Z?^pQXs8T z&=S&pXi_6BQZHQ{+wDxP|zzq)Hg-ZI91egBqbaKP%*VrrxU+Oh13m2uAiK&){2WJ z#8O6Wuu51|QEkaN)hA1>Q%L2YKy*<)%_>vNR8^dzpU}}njk`b$#8LHB>MK=YV^vh8 zzd5T^BK5(*{4=}MRJyZH_>fW(^|wvKkI~|_Tt!shAY{^;M?(Q_cui4;)ubz}I6iRCeXfXZ40R?TV8eT`Kw1Ry)q)x@+mCMsAsr7nck6E4M8{9rsyyGJy# zS9opC86EzbtK?UT_|}y?*N(*^U5g5Xo!OWC*jlnv8XjaQ)Eyke!IIb=SUJrrnPoD!)z3a{SgoboZiLt$ zg4;IK+gM#$KxJFDm9=M$S}8kRcWn~J{alCLNcXTbatTzBl-z1`+*vK$bq!VSkz1&3 zHqPzbMg`r)ja0G~j$oadKQP^=+n$DVovww)O@O&bA_Qi|SmnhwU(=mMon6`$0iLbf z+y1RyUdai0M1=im1*&5>!n-`wrAgxH0}cY$n~hzARh@N(-sn96-xXQwg)FsD|lZqF6QMf$h!L8vfujcDX5D&|3 z0fu5heqxD~Vm7V`A*S9EHb@7Ci!ug+qHVerCfOp!qAWC%868DYxmeA$VP`YsL-w{s ze&b!_+bY6aAgsC;w&dp3MeLODn>g>ZXk0bKUFabG%DX!+~`U3XkHtRac*e`JL;r9Yj*|c49(1CfNC!G3^>Hv zsLN`e_8y;3#uM(APHkzkMr*&GVo(Igfew?QhHG3LX`6(D^70Hm;P(Y z=7)@y=a>VCFUCD#R%pgFpTX`SmNw1Fu58mDtIJ-B%%%Zq?o)gCZ1@DbW@fRzK5g5+ z?GTVc5uCs}Cgsb7jJjw;CA zTIWW_L-E?7k?!gaZ}Gkfw(gPa_Qvgo%cJBX@E&jXes6wxK=ESS^cLg0AY1u{Z~fly z&LuRN=Gy!u-g6W~{w{C>-*2unxdUHt25)c&e{cwoa0#Dq3a@Yrzi zav>jbA}?|yKXN2bawT7KCU0^le{v{~aw(s3Dz9=YzjAF+aF|+}1kZ0Q|8l@4aB$x8 zZSsPI19LRzNZS$sHg9t`e{(pGb2*>$HXi^3xN|(ubN)Twb3X5LKfm)cPjf-nhX;gh zEp)A8;*XgebVf%%;(YF#O!P8G5-)FbOW(RNS8w}nR88u1N#}w}zw{{gECMKXQ~ z5$;AB)O?S0hWGb{SNNr=1%QY6zYceE4|$Ov{`qo`hIK!Al#laQk9U@Dd6$>>0*HB; zpZS^Zc#l8l0pzlyRd$27uZ-XJi~sqoIt-h?`5ZoKoj>?wpImNtcBjYqc6k>_DSD%) zA$t$IJ+e5*R%VOW_`d)Eu=fa|fBIB#s|lj|s^1roCwaDSd$%w7lxOp>?+`c#`?!bm zm4EqK2Y@^W`@ZLUy|49mp?ShDe8Vq%v`_nl^=?t~=HMwsXXK$nZ+a7|ge}OTpcgE- zN_@qKkn&c)XIN|wiGsPmWK2qUps$8cn0v}^jR2D?&hPw)U+u~e{k(wuiYIfgR}{Z* zeKVge4v2l(=c%_Ze&av>kT?014|}=(Fa5iB^SlpySoixoFMa86_rX7W?caXxr+MKY zel3|f>_PSd0{g@^|E2eN-=CUMsEe`3_@l}!(FK1*mbrq%D)YhI`}oZLRGsZm#YwY+u1IaIo+& zak25S@gd|gbF=d^G|o&E1vUPHHMSL$wp5k(m3P(|#kg38gt-^jI-g#gI~%;)#QUCo zJ-%T~;S2x1AV5L@l|?IP@F2p37!GCow#{KTa1tL*j7agJICf;tk<)0#<3f3G;@u;O zfZj=zZbafKxst*WKQjIO3D|y_TSZ?YS*$wI0+QoxN_&xN$dY|z5qi-gW~7%jXJ(qzvc(xttExORVf4m!UR&k^Ycd`> z*RsFT#&c-q*_r}(-~P;v8|LKT!iQ&&bky@^BgRV?O7PZWASOY;UaI<^&yBMifET#t4JkPiGLZkqAUQ^;v$QIA=Vg; zHQHFCaUANn;}8tl_alBl>K7!D#R*82b_4d8Byg*BRp13uEvS-#2tEm1c^6KoWtJ6s zx#gER@i-=#Hsm-Yn#tv-rjTqNM-XZ!PKDi)b-D+og9ysmpp#d12_~R_3K}7W`jmO- znA5bm+@jDm{`wrGYu;&RbtrYA;E{ArYGs~ZNr`8l?hOhdsS=KAs-cLg`ksd)y80@t zBHopvUZ?a$t1B@ECZ~%q>dMQEHwrr}v5K9!Dza=TBdMcBx|t@U&Mv16e*to&DUy_? zdLW;zO%>afoZ6GcsfCuyC86jNm@K;rP4XzSk-|H#w2mGkAg|V1r7c0>cFV@6RsPHA zZRv(-aG(eanqj*QKQbS^&^9Zvy!BQ*WJdey%OtiP_uHw!tcBrk$XSu6Fv_Kxi!#Fw zyIe%8vC2F%&2i0&Yppor1=z2J`RZ%Wvjkf#(M20wOv^7T9SOzpIvw$|QAe9US(%BZTWuGnR>m-NzUXWcZ^Q%gPZ+ZR9U6m?=y*>R>HYt3zfTl4(} z*kd0oc*2CA`z6|Hrwy^iPdDB++-|!)-M$0v$#FS)`@K?ZbE4z5JR=-lxY=Z{Y&cGd zEADX2HM{;g?3>)|*R8jXvX{;R@Er6kKpQXzEWYzT^wGr|e|!O|ua0bGkjpK3@}VU;5zalfItv%aggR^NzFqIQUMEFm7ZOkl7x}`WiRarp;W4p8H$1>GG&RxWWJJ?+Ct>Ia4F3yx}$uQ^kpz5dHzRWVz8J$ zX&y7j7|T~G6Oa<2+XT6nPR-@AozrXyxwe^2ZbEXNDj=pe6@kf3^0S|>>!c@31WHkg zl9Z=BC_+)0Pj`(|oZ(z%IS1(;Xg>3n)LbMrJ$OxFZd9A~G#EY?`hx{Vw4o3sCrTZf zCd$<^o&3Y79CfLNlYO+N9i`_@WfD@6>VTCgJ*i56YEGdJ(R#LYsYPSz&WlFVqdAr5 zHmB&+mF<+LHQ1*=v#M3s0W_ej7$`x5X3&I^wP*kk##u{QRjaN`q9uLkP=hMh=18!m zcCF-6mHN&$hz_bY#U{$?prF{;6R&KA*;^A!RFlRPsLoL$QrG#${=DvTsvHIEU$wMG z38(-i1-M%<*UD2rDt4}oJ*`_8o5&|p6oGnWYA&sb*{5bUk5u|rO74bJ3W+wKSludc zgDbPHdeszQ4eN@=TGr*-h_hh$Y+5;+(B4|or>0Hqbs39Y>J{>?Ph{s_qZrTH?)I|g z4HIbnN(kzr@R+4_ENZnY-^bnSs2l??Y{RS3+4A?i<=qE^P@+Hb;)cD;6XJZ|8(+9? zw_?s@ZQbzu+6h~cwifQMZ8uxk^BGuezjYM=2p|>Vl6b4cEiMg_8zbd1x5dVgu8V2Z zVWoxfttx3SjuWg}s@a!clMSy3Hhf|K&P0DGP>GQHJ7d=VF?f49X0VR4i^0}ja9co@ z>2{J#Wc8lowgRSymMv@L!@8D?+smzjo~&Rsqm-o;l`KpFm=9iZdCQPIGjy**;B79M zc`FR@CL~beL1*&B0X?pY4-?}>e-^rF4Tf}K%xD|+8Bx}SFMaODW+|_^p+=4DeSgeU z+1h!?V)hS!1`FmopL!;hejlbAb>`>HdegCna=q&M=1|93ycqs3un9O|M_1sitPXY{ zUcDm(<2uz%2*b1Kkpu?WdcmE}HI<>*>t64-)W0q)mBNhdQYm{wAI>VE1)T{%6T00X zGPKSRooHFGc+zJ5g{1L~??>C4hvkM(jd%P&DnsT$}_iHm5soaFIuTD{7!9(i6oBEe)q`c8HkFLS{#JzMc?WYj0#yKs%+2lm$!p9u> zP>r|pGQZALUa$GUbABi1&blY8PW7r^g8tpO4=%g~I&Yz!{gnAGzP)Ro5O5;g@Q(U& z!3#ff=MUA*K!?1X|3*{SW4!x-ANOvQe-P$>zWfoP_<&VC{q;*>1IBdi?{{vhdR-ci;}QDP+i zAs3Qjfvt)dmZ2)H;wPM8DWqX?xuGo1Vh>qj5HOo2CL$+hA{{mX>J6bI!h|FSA|Q^U zD58fgj#MvhA~Wh@EdAnl{a6edBQciZF&3lgBqP%-qce76E`Fn-xDgQ=$}m!+IojYg zPKY+{Kq|7LJHDd}eNqjrAuZOUJu=2R=0Lz1A~^CRH})fE6d*8y;^4V4xFqE5qC|!yLs81pTEWN+#t-N(fIbgik(Y zGXf-P;i2k%jZz}zQmP~uHl-mzS2~;rR1F@WELi2rsS3# z=3-uEV(O(-3I#MmU{|!>U}B|cX5`pNf@x+!0H~g1u%%nJCOn>4T=qg;&ZbVDrX&Oa zZsw+L?xt>bBqsi1W>{*bVzSx$Rb?oWCUS;ma)yv?q9zHXrUyVL2SBH9GUi?a=XEA# zaZ1=xE~jLU<|sC&bY{SKVnBIPz6L0}n5rfi z6{wk>ss7d(m!d7`*)=GIzA2o>shrL!o#Li8k{^@GXp_$9bt%KgoFtWAqm}xom=Y?N zeyNv^DVQ4SqGG9{-YJc~XLjl-1RX-ZK;o2&rj<5op*kv~ChDgms;DX|sCudk5?-E8 zs;WxrwPit+f@fq7s;PD=tsW|=j%ujhs;=fLub!$}3@DlgD;eI*KqY8Sx@nyztFkUD zvp%St=;pIFYXCrMsyz#&y+(|-`bnS)#HN<&xAJSa&T5xM1pq*&N|ftK80^6Ir-B54yRPeVx+}oK z{;PagYqiQNpT_45xT=WqmTmegxPGk1hAggjnZrsaN+9gtC9KYMPP_W2{@l&1y{p99 zp0L&|n%)J^7;6aHrnL5~&;BgB=4Q|et+V20&<-ra4lL3d?a(6a(w>NeE^X5OtevhV z#m+0Gu4>1PK*r9VxBhFtj%?WOYQ&1{NnD4?o*>92ZRb!Nd2W_&rDofjEES0@m)hb! zVy)IzEZ?r5aRBN-bnMv5tlffa;hHVso^6*A?8yeK-2NS^d5+40E#-nN-d^p+W^TP6 zqG_JR*BUO_4sO{VF6oADuRE{|auG zb}pzbN%|gwuL3J^9Fy@JcX1taG1uxt9%nH4j;|EMUjbXt0oySH({Uja^8XIl5>Leu zGsqYtvK${W7f*5-&n!c^u@KMU{#NoGbFw6R@*`7nC(m)$mNFj~DHQ*46i+cAw^S8_ zawHq^_An7F4^}91au|p)nvL=&^Kt+OQ3sdd2jeg?7qc-Rvxf}80pKhpu<-7>@C!$? zG^1e* z&&|Hdb1!eSMtAf?i!w)d&kQUx1`)(QgJ~+SazL}PO1Jbs?@Re6bgC^h$Tjpqhh8q< zF*5kr-AL#2H7LVLhiv<%-b+h0K)ZBR>(23_ZbUD% zLF-&d$Fr|~Q!uyUFsHLwpEX*iby~NIGKcW2By$hfDKt+rUDvf;(@OG!vs&kHaNsFB zbJ{!4GguEcQNuD}AN64yb{DhK5s-9~B*7s(^(g}>0Z+9+Uo~b2@=9;E$GkFPL!h!; zZ}nKIQ7iUmpSEeIwqO_bYM-`yHMYhsfpgL?2G{nq{vL~Evvh8A_HJ9XW~T!M_qAwm zZ~K;ZYpeEGvvzW$_Hj4&aw|5oWr1S@hcBk_`_gYp`!-eoc5iogX4}<^l9=)CHF=k} zd7n3W<1i+*wOhYpD8zLS&-Go;H+|Rlp;;(IZmMxVw{!2eegMEVzn4 zZz_BDZ_o0Xx%hT(cXi53U?Vq&D|e1FH;9k8i0k-RO1dS5w~XStSd`Celcd$+g#ak&tDkGY)6w|&QuiP%mnsJVSlbB*sf zj{i81!?}k8xsTtuofk(o47s0T0c`=p5j^g%_@4)8j`X$^jsx~o&R!_)l+XBOTPB_N zc%IL>oX0tyOM0bKx}N*F`BKZWIQ5ZFHmEarbhh|a^NML4`iYoEI&7ArYj=d#lA}+0 zom+aOV>+$hx~=E>tm^|dCz)v{Kn6`#qYbu*F47KI|BnT zL416F;Ax7FywD%K!5`|er@Xf4))%mRZgn?T8bY>5z0^-V)z9#`ar+1#s9lIV*LQty zNZ?A{cdnFUe&7S#;Wz*HJAe3(f8zIaUZj zSeakRjx1YJY}&I@kU-hl$P z7;@ytm2kq(tYwh=@!*)`2HBaHbd+)ZLyFBpp zK>vX0V7u9Pdd)4klnIZg^T=4HhF1pS>0r~qe zKpw5@QON%eI-$S?K|wH@D3D9Xu`)keZL!8$ZM_xO8Am0x zR7cZP^jBXI4Yo|{z`L}X9p_9iK_u@qAyZDH{dC$aL6!E;U3u-5%x)VkcGz%%6<1h- zxO$cZWpkml*=o=guS-v@tv23J=apAIZMV(wf^WTD6kK2dpa1{>{5=?8qvUv(wU3y@ z=`Cj7OxE6dv90)8YVpmuJ$?7(ch!(ZH24dWMGkpZSM4x04HaWenburoo|)#FJ^mO+ z<;eaGxZIwPD!2lmiT!uzRS0BwE6&($QVNjZWN-?4Iks41jHSLhX`HnNDq)0+=1k~< z2iCygpnWEK=Of)k_Npy}TpD72CT=^*jj^`c?!58VaqGUb9vASly&f9_p$R^~aGn)M zyBBBKcG`runPpmvxj{PN?u#|Adh>htX6I(VJ7oFf($6TkWW>Ed-SksoR=Ez+2aDA* z*adO1=G=AP-ICBnA3gBJy%tyOR0tnFc*cc+bU|eM743xBbhO->sjbhP^XxtEyh`7H z2VVHD#m|NCvJoI$`S6QAw)yt&DKh$;ntr@1?6)UR?1Js5`u_gg@&0?@L!RKqC;qm= zp)Y+29AHDvMZYbeEq)Qhiu=~~z|UzfEQvdx-ne(YYy}X6Zfo7iScf>1jj(mEvz=hz z;4<17W`%>`-D3cth#Jlihmrtb2uHU-1tv^`8~oZ3ceXGGUMeWiquk`=!M>+uq&6JH zU=2Z_KeF);iypMv4tWT^wE3_|$2%YT5U9Q{E-E`nLn62$sFNf(v4T$n#r~{UzOkhs zY*f6U|Fl>VE_Tt21SH}^42L>`84!%)6W7s>=)NR+rj1Ob2lJlTyr@Z$k2lDl9ru{U z{rwS;JwzcK@|QXjcHx9293{$P2s_!q>VrWMD548XdX0mR|bOi^mL{F@sjTLjp~l zf<)#tE7{HpI~RJdb*KWj2tU%Iyu!07PJM1yC_xXcU8OoPVlP$3gQp5%Gdvh zRj6bQ*HO=!R-!UhJ5g-w-Q=plxq8xqca^LKLRQK!oUo*s4Z}%YN`P0kVWlkPtgC7{ zQ^?3P0AkDK4NV&ft4@|%z$9ZCgXmMg0+knP4J^ad<(v*kPl9P|s zV?7F6=ki0g8z`d*ky%~b#&fCmgyOG$D?exocde1aTt~T?zk+hqxUYR~p=?`Quih4{ zQDJ9xdCOg--nX!-8Ezaqz+C%T(YRY&?|>tRDw0`NvkCUXXkGeQH-uKSodry3TYFkW z$aIqxRxg1`Ro1i_@VX(6@4pm!Sj#z#G~JaTej6BGe)#^Eyk;X<72V3Q4Re@R@Jyam zZQJ9n!O_I;La}L7jMjO!c(+@Cae!%j#U+ag$2fkZbw}*uz9QLO=0$8!%T?rvayiJ4 z`^b}@dPU`en4mQl$&I7DF9$0a&VGp@0P0Y%IwR)Ipk=8i80^Xl*GQMBJ%pfd#pX7D zY{*p3D|{D?oh@f1s>vm)&H(4-c@}5CL7robnJl3@lGo6OMs#1TtZ4XxcejZH8v43I zkyWdDAeP3j^hzv(#BFEOou;dAHkoEM^G(#ju4|*;Tk1-Od94VnUPK~2V~5B(zq1yP zb_iOa;-VMZ*#p{KLoIBrk84!XvH%ck|XBrXO zR^9e?-=0V6V*k4{^R4K>l2N{A_1hO>l(f+x2I40G4Y&e-v?C#_>xyUFCi~X-R*YR` zfRCou)UdOpg-G$+s`%CM06@f(e9nnogVPwl_*3=0anbcw#KiWuR6_o&k*~2jdDQZ= z<7P)Y0v8$u7aMD&T0JuF8tPiAxy`=^ZgI!C&k|0|=`OpvF}Q5ynh5*L08{Rzo14zG zwD;OwOLezfVahpY^xXZ0oGU{$tdxG88NGUnf2Vi)Vb}KQ8xImYG` zw(5amLxUL50;tVE@a|6f>+mE{YTDugXHXQ7FZo7f`ReTX&}|LWO?6NS4Bid<;H{mP-E0^4WBCmA5RJm!tScD z*TxFxjNu3khx6QT9v*Pk*oScB53gYG55+qar9>_Yk$tP?hg2w?^Z zop1YMNC}tlMLN+FIjk+*@b&ueupTjp5(`bxClcQxfAa7HDCzxTPmU;186SieYq8B7 zkNl!=Kp>Er0?^rXv8k3~5rg3l)$h`rB-zYMyXa37&#)PtQPdhS8Vylm)QD_e4H+}> ztGaQFyi3}QkrLyvsLK9v8F%9x(NWlrAQV-K6m{?wZ3h%f2EoVx!X9zYPU;}JPZk~H z9|3aX_KzJOuLIq&9_I!cYtOt4$shK>9>b93=<5ny3{N&OZ)DISUy@r6Q3`vGel*A< zp@I@c5+O)(1bDF|C5rNljt(gZ=FSjfDiS6cFAFnLc&N|=GwmZ?P4h;Q7=LntwqtCp zkpC(#PxtWxk+qmX>f@QjjE?D8%L(Is(FA|{U-C1CeTfDD~SFv+Aa z1JB4Hs`oJB-2OO{V!SeA@-i}4({I|a|MCO&F4Gm8XETZN4Yxpg@<{gxhXG@A;tWWz z>JRZClQmybAmOYm-?9~H$qm#}A=i=E(q`G%`J8A6y2DFf0| zM}X@QLo?belkn(9Xl9QeX+kyelS1`RCUIdSk)=Ncu#ECwoBI<<@#k2DS& zhJ##GOXF0s1TtZ~v`y6r3Ke27U!hEK^GrcAqS#bL4{OZa15V`>QDN&iXY@xK)w4*c z*IANm#btRHyAr$B`Ma)K!1gCpy&^!jo3-bSW3@RuNM{l^{b=)k9$-Q-M`lHEvNC ztWqmgMpvb3UgTEms<+M-!o&Rnxg9p^4tbCq3_ZdW<-0$5dC=T$P1pje&$ zm8~w6RB?4#uku|TNM7kxU@a0p?)6;LWdrwBSwWLn|J4M1bzmd*cQD~vnKOm9bz8eN zFalO$JGMeO)?i81Ru|Sp4J%dQgkwEcWwrDsLKe#Oa$WniUGHHWQ+8!32(hPG&*7HWqhV59QAd=_X~>}aD_YqwT2j+RT) z#%keDYMqvA%hqf&!)wzvPZ@|U)K+KD7H;EKZs(S6>(*}X7H{)bZ}*mO`_^y&7H|Vs za0i!g3)gTD7jY9;aTk|y8`p6k7jh$4awnH^E7x)_7jrXLb2pcBJJ)mdHUa?v06PgS BD4_rV literal 0 HcmV?d00001 diff --git a/examples/saml/post-with-encryption/README.md b/examples/saml/post-with-encryption/README.md new file mode 100755 index 0000000000..0888515744 --- /dev/null +++ b/examples/saml/post-with-encryption/README.md @@ -0,0 +1,269 @@ +picketlink-federation-saml-sp-with-encryption: PicketLink Service Provider With a Basic Configuration using SAML HTTP POST Binding With Encryption Support +=============================== +Author: Pedro Igor +Level: Intermediate +Technologies: PicketLink Federation, SAML v2.0 +Summary: Basic example that demonstrates how to setup an application as a SAML v2.0 Service Provider using SAML HTTP POST Binding with Signature Support. +Source: + + +What is it? +----------- + +This example demonstrates Keycloak SAML 2.0 support in conjunction with a servlet secured by Picketlink's SAML SP client. + + +Make sure you've set up the Keycloak Server +-------------------------------------- +The Keycloak Appliance Distribution comes with a preconfigured Keycloak server (based on Wildfly). You can use it out of +the box to run these demos. So, if you're using this, you can head to Step 2. + +Alternatively, you can install the Keycloak Server onto any JBoss AS 7.1.1, EAP 6.x, or Wildfly 8.x server, but there is +a few steps you must follow. + +Obtain latest keycloak-war-dist-all.zip. This distro is used to install Keycloak onto an existing JBoss installation. +This installs the server. + + $ cd ${wildfly.jboss.home}/standalone + $ cp -r ${keycloak-war-dist-all}/deployments . + +To be able to run the demos you also need to install the Keycloak client adapter. For Wildfly: + + $ cd ${wildfly.home} + $ unzip ${keycloak-war-dist-all}/adapters/keycloak-wildfly-adapter-dist.zip + +For JBoss EAP 6.x + + $ cd ${eap.home} + $ unzip ${keycloak-war-dist-all}/adapters/keycloak-eap6-adapter-dist.zip + +For JBoss AS 7.1.1: + + $ cd ${as7.home} + $ unzip ${keycloak-war-dist-all}/adapters/keycloak-as7-adapter-dist.zip + +Unzipping the adapter ZIP only installs the JAR files. You must also add the Keycloak Subsystem to the server's +configuration (standalone/configuration/standalone.xml). + +For Wildfly: + + + + + + ... + + + + + ... + + +For JBoss 7.1.1 and EAP 6.x: + + + + + + ... + + + + + ... + + + +Boot Keycloak Server +--------------------------------------- +Where you go to start up the Keycloak Server depends on which distro you installed. + +From appliance: + +``` +$ cd keycloak/bin +$ ./standalone.sh +``` + + +From existing Wildfly/EAP6/AS7 distro + +``` +$ cd ${wildfly.jboss.home}/bin +$ ./standalone.sh +``` + + +Import the Test Realm +--------------------------------------- +Next thing you have to do is import the test realm for the demo. Clicking on the below link will bring you to the +create realm page in the Admin UI. The username/password is admin/admin to login in. Keycloak will ask you to +create a new admin password before you can go to the create realm page. + +[http://localhost:8080/auth/admin/master/console/#/create/realm](http://localhost:8080/auth/admin/master/console/#/create/realm) + +Import the testsaml.json file that is in the saml/ example directory. + +Install Picketlink Modules into App server +------------------------------------------ + +If you are running this example with the Keycloak application distribution, you can skip this step. + +You may have to upgrade your picketlink modules in your JBoss EAP or Wildfly distribution. See Picketlink docs for more details. + +Create the Security Domain for JBoss EAP +--------------- +If you are running this example with the Keycloak application distribution, you can skip this step. + + +These steps assume you are running the server in standalone mode and using the default standalone.xml supplied with the distribution. + +You configure the security domain by running JBoss CLI commands. For your convenience, this quickstart batches the commands into a `configure-security-domain-eap.cli` script provided in the root directory of this quickstart. + +1. Before you begin, back up your server configuration file + * If it is running, stop the JBoss server. + * Backup the file: `JBOSS_HOME/standalone/configuration/standalone.xml` + * After you have completed testing this quickstart, you can replace this file to restore the server to its original configuration. + +2. Start the JBoss server by typing the following: + + For Linux: JBOSS_HOME/bin/standalone.sh + For Windows: JBOSS_HOME\bin\standalone.bat +3. Review the `configure-security-domain-eap.cli` file in the root of this quickstart directory. This script adds the `sp` domain to the `security` subsystem in the server configuration and configures authentication access. Comments in the script describe the purpose of each block of commands. + +4. Open a new command prompt, navigate to the root directory of this quickstart, and run the following command, replacing JBOSS_HOME with the path to your server: + + JBOSS_HOME/bin/jboss-cli.sh --connect --file=configure-security-domain-eap.cli + +You should see the following result when you run the script: + + The batch executed successfully + { + "outcome" => "success", + } + + +Create the Security Domain for WildFly +--------------- +If you are running this example with the Keycloak application distribution, you can skip this step. + +These steps assume you are running the server in standalone mode and using the default standalone.xml supplied with the distribution. + +You configure the security domain by running JBoss CLI commands. For your convenience, this quickstart batches the commands into a `configure-security-domain-wildfly.cli` script provided in the root directory of this quickstart. + +1. Before you begin, back up your server configuration file + * If it is running, stop the JBoss server. + * Backup the file: `JBOSS_HOME/standalone/configuration/standalone.xml` + * After you have completed testing this quickstart, you can replace this file to restore the server to its original configuration. + +2. Start the JBoss server by typing the following: + + For Linux: JBOSS_HOME/bin/standalone.sh + For Windows: JBOSS_HOME\bin\standalone.bat +3. Review the `configure-security-domain-wildfly.cli` file in the root of this quickstart directory. This script adds the `sp` domain to the `security` subsystem in the server configuration and configures authentication access. Comments in the script describe the purpose of each block of commands. + +4. Open a new command prompt, navigate to the root directory of this quickstart, and run the following command, replacing JBOSS_HOME with the path to your server: + + JBOSS_HOME/bin/jboss-cli.sh --connect --file=configure-security-domain-wildfly.cli + +You should see the following result when you run the script: + + The batch executed successfully + { + "outcome" => "success", + } + + + +Review the Modified Server Configuration for EAP +----------------------------------- +If you are running this example with the Keycloak application distribution, you can skip this step. + +If you want to review and understand newly added XML configuration, stop the JBoss server and open the `JBOSS_HOME/standalone/configuration/standalone.xml` file. + +The following `sp` security-domain was added to the `security` subsystem. + + + + + + + +The configuration above defines a security-domain which will be used by the SP to authenticate users based on a SAML Assertion previously issued by a Identity Provider. + +Review the Modified Server Configuration for WildFly +----------------------------------- +If you are running this example with the Keycloak application distribution, you can skip this step. + +If you are using Wildfly, the security-domain should have the following configuration: + + + + + + + +SAML SP-Initiated Single Sign-On +----------------------------------- + +The SAML v2.0 specification defines a specific SSO mode called *SP-Initiated SSO*. In this mode, the SSO flow starts at the Service Provider side. +Please, take a look at the following documentation for more details: + +1. [SAML v2.0 SP-Initiated SSO](https://docs.jboss.org/author/display/PLINK/SP-Initiated+SSO) + + +Start JBoss Enterprise Application Platform 6 or WildFly with the Web Profile +------------------------- + +1. Open a command line and navigate to the root of the JBoss server directory. +2. The following shows the command line to start the server with the web profile: + + For Linux: JBOSS_HOME/bin/standalone.sh + For Windows: JBOSS_HOME\bin\standalone.bat + + +Build and Deploy the Quickstart +------------------------- + +_NOTE: The following build command assumes you have configured your Maven user settings. If you have not, you must include Maven setting arguments on the command line. See [Build and Deploy the Quickstarts](../README.md#build-and-deploy-the-quickstarts) for complete instructions and additional options._ + +1. Make sure you have started the JBoss Server as described above. +2. Open a command line and navigate to the root directory of this quickstart. +3. Type this command to build and deploy the archive: + + For EAP 6: mvn clean package jboss-as:deploy + For WildFly: mvn -Pwildfly clean package wildfly:deploy + +4. This will deploy `target/picketlink-federation-saml-sp-with-encryption.war` to the running instance of the server. + + +Access the application +--------------------- + +The application will be running at the following URL: . + +*Note: A Service Provider alone is not very useful without an Identity Provider to authenticate users and issue SAML Assertions. Once you get this application deployed, please take a look at [About the PicketLink Federation Quickstarts](../README.md#about-the-picketlink-federation-quickstarts).* + +Undeploy the Archive +-------------------- + +1. Make sure you have started the JBoss Server as described above. +2. Open a command line and navigate to the root directory of this quickstart. +3. When you are finished testing, type this command to undeploy the archive: + + For EAP 6: mvn jboss-as:undeploy + For WildFly: mvn -Pwildfly wildfly:undeploy + + +Run the Quickstart in JBoss Developer Studio or Eclipse +------------------------------------- +You can also start the server and deploy the quickstarts from Eclipse using JBoss tools. For more information, see [Use JBoss Developer Studio or Eclipse to Run the Quickstarts](../README.md#use-jboss-developer-studio-or-eclipse-to-run-the-quickstarts) + + +Debug the Application +------------------------------------ + +If you want to debug the source code or look at the Javadocs of any library in the project, run either of the following commands to pull them into your local repository. The IDE should then detect them. + + mvn dependency:sources + mvn dependency:resolve -Dclassifier=javadoc \ No newline at end of file diff --git a/examples/saml/post-with-encryption/conf/jboss-eap/META-INF/jboss-deployment-structure.xml b/examples/saml/post-with-encryption/conf/jboss-eap/META-INF/jboss-deployment-structure.xml new file mode 100644 index 0000000000..7b07a0210b --- /dev/null +++ b/examples/saml/post-with-encryption/conf/jboss-eap/META-INF/jboss-deployment-structure.xml @@ -0,0 +1,10 @@ + + + + + + + + + diff --git a/examples/saml/post-with-encryption/conf/jboss-eap/WEB-INF/jboss-web.xml b/examples/saml/post-with-encryption/conf/jboss-eap/WEB-INF/jboss-web.xml new file mode 100644 index 0000000000..8ef85ba321 --- /dev/null +++ b/examples/saml/post-with-encryption/conf/jboss-eap/WEB-INF/jboss-web.xml @@ -0,0 +1,16 @@ + + + + sp + + + sales-post-enc + + + + org.picketlink.identity.federation.bindings.tomcat.sp.ServiceProviderAuthenticator + + diff --git a/examples/saml/post-with-encryption/conf/wildfly/META-INF/jboss-deployment-structure.xml b/examples/saml/post-with-encryption/conf/wildfly/META-INF/jboss-deployment-structure.xml new file mode 100644 index 0000000000..7b07a0210b --- /dev/null +++ b/examples/saml/post-with-encryption/conf/wildfly/META-INF/jboss-deployment-structure.xml @@ -0,0 +1,10 @@ + + + + + + + + + diff --git a/examples/saml/post-with-encryption/conf/wildfly/WEB-INF/classes/META-INF/services/io.undertow.servlet.ServletExtension b/examples/saml/post-with-encryption/conf/wildfly/WEB-INF/classes/META-INF/services/io.undertow.servlet.ServletExtension new file mode 100644 index 0000000000..ffaf42ca71 --- /dev/null +++ b/examples/saml/post-with-encryption/conf/wildfly/WEB-INF/classes/META-INF/services/io.undertow.servlet.ServletExtension @@ -0,0 +1 @@ +org.picketlink.identity.federation.bindings.wildfly.sp.SPServletExtension \ No newline at end of file diff --git a/examples/saml/post-with-encryption/conf/wildfly/WEB-INF/jboss-web.xml b/examples/saml/post-with-encryption/conf/wildfly/WEB-INF/jboss-web.xml new file mode 100644 index 0000000000..cafc722e5d --- /dev/null +++ b/examples/saml/post-with-encryption/conf/wildfly/WEB-INF/jboss-web.xml @@ -0,0 +1,10 @@ + + + + sp + + + sales-post-enc + diff --git a/examples/saml/post-with-encryption/configure-security-domain-eap.cli b/examples/saml/post-with-encryption/configure-security-domain-eap.cli new file mode 100644 index 0000000000..9f9777c4cb --- /dev/null +++ b/examples/saml/post-with-encryption/configure-security-domain-eap.cli @@ -0,0 +1,16 @@ +# Batch script to add and configure the quickstart-domain security domain in the JBoss server + +# Start batching commands +batch + +# Add and configure the security domain, then add the PicketLink SAML2LoginModule. Which wil be used to extract user's information from the SAML Assertion and authenticate the user. +/subsystem=security/security-domain=sp:add(cache-type=default) +/subsystem=security/security-domain=sp/authentication=classic:add +/subsystem=security/security-domain=sp/authentication=classic/login-module=org.picketlink.identity.federation.bindings.jboss.auth.SAML2LoginModule:add(code=org.picketlink.identity.federation.bindings.jboss.auth.SAML2LoginModule,flag=required) + +# Run the batch commands +run-batch + +# Reload the server configuration +:reload + diff --git a/examples/saml/post-with-encryption/configure-security-domain-wildfly.cli b/examples/saml/post-with-encryption/configure-security-domain-wildfly.cli new file mode 100644 index 0000000000..6b65d5e94f --- /dev/null +++ b/examples/saml/post-with-encryption/configure-security-domain-wildfly.cli @@ -0,0 +1,16 @@ +# Batch script to add and configure the quickstart-domain security domain in the JBoss server + +# Start batching commands +batch + +# Add and configure the security domain, then add the PicketLink SAML2LoginModule. Which wil be used to extract user's information from the SAML Assertion and authenticate the user. +/subsystem=security/security-domain=sp:add(cache-type=default) +/subsystem=security/security-domain=sp/authentication=classic:add +/subsystem=security/security-domain=sp/authentication=classic/login-module=org.picketlink.identity.federation.bindings.wildfly.SAML2LoginModule:add(code=org.picketlink.identity.federation.bindings.wildfly.SAML2LoginModule,flag=required) + +# Run the batch commands +run-batch + +# Reload the server configuration +:reload + diff --git a/examples/saml/post-with-encryption/pom.xml b/examples/saml/post-with-encryption/pom.xml new file mode 100755 index 0000000000..497bea45e1 --- /dev/null +++ b/examples/saml/post-with-encryption/pom.xml @@ -0,0 +1,116 @@ + + 4.0.0 + + org.picketlink.quickstarts + picketlink-federation-saml-sp-with-encryption + 2.7.0.Beta2 + + war + + PicketLink Quickstart: picketlink-federation-saml-sp-with-encryption + PicketLink Quickstart: PicketLink Service Provider With a Basic Configuration using SAML HTTP POST Binding With Encryption Support + + http://www.picketlink.org + + + + Apache License, Version 2.0 + repo + http://www.apache.org/licenses/LICENSE-2.0.html + + + + + + 7.4.Final + + + 1.0.1.Final + + + 2.7.0.Beta2 + + + jboss-eap + + + 2.1.1 + + + 3.1 + 1.6 + 1.6 + + + + + ${project.artifactId} + + + src/main/resources + + + ../post-basic/src/main/resources + + + + + maven-war-plugin + ${version.war.plugin} + + + false + + + ${target.container} + + + + + src/main/webapp + + + ../post-basic/src/main/webapp + + + ${basedir}/conf/${target.container} + + + + + + + org.jboss.as.plugins + jboss-as-maven-plugin + ${version.jboss.maven.plugin} + + ${project.build.finalName}-${target.container}.${project.packaging} + + + + + + + + wildfly + + wildfly + + + + + org.wildfly.plugins + wildfly-maven-plugin + ${version.wildfly.maven.plugin} + + ${project.build.finalName}-${target.container}.${project.packaging} + + + + + + + + \ No newline at end of file diff --git a/examples/saml/post-with-encryption/remove-security-domain.cli b/examples/saml/post-with-encryption/remove-security-domain.cli new file mode 100644 index 0000000000..9487613e2c --- /dev/null +++ b/examples/saml/post-with-encryption/remove-security-domain.cli @@ -0,0 +1,13 @@ +# Batch script to remove the quickstart-domain security domain from the JBoss server + +# Start batching commands +batch + +# Remove the security domain +/subsystem=security/security-domain=sp:remove + +# Run the batch commands +run-batch + +# Reload the server configuration +:reload \ No newline at end of file diff --git a/examples/saml/post-with-encryption/src/main/resources/keystore.jks b/examples/saml/post-with-encryption/src/main/resources/keystore.jks new file mode 100755 index 0000000000000000000000000000000000000000..d70c862adba23194f315782eca3c91b214557c32 GIT binary patch literal 1723 zcmezO_TO6u1_mZL<}6Ok&CyLs&CO?EVDvOi;b&rCjnFeSumo}!7&I}?0b*7rHlS2= zn!f=r8>d#AN85K^Mn-N{1_Kd8Ap-$6=1>-9VT3sba^k#(CWZz^Mg|6^rbb3l;=D#M zuDO9x6b@aD^N~$wWMyD(>}4=$>||bFGIsf;Z{{aVgOxAXcmWVSA zTCTrv!K&b>oMWvupU!i{t1vMw-=z1~;Wh?a3R?R+o+vNJ>?4?N1I8jF zgK9=eNr9EVeolUJVopYWafy|MfrWv7abiwtv2Fp7ubY~etPhV}2BzHxO-$Pj_}I9# z*%(Zyf^?-VP^|xPf8YMi_4yODtPU4HZMyskI6MGgh0{ZY$2;BIXe`QH5LX^QFa0etv%Mvad#dGM~5P-SW26 z!c3LDw~H=Zp0TWbF7sra$a63_6ug%Mr3Kc|ttKrE0AA5g;U7F6sa}2KS<`+&B*i`bIdZ@d8 zX-M+byt9wXNJ+w)pO}lloN| znb31Fp_RL+@<7Zx6?4Ot8UH`6RdK!NB&{W^eXEL_>HoXSCJiNj!_11e2X6Ae`6J%$ zP1UQfQBU<1tz^zVo)UDhE$!c}e?eE7Bo@s$?WC#rs7LTXu(|2ivsLF7s~g-GH|h&Ge+%ceP!*S;v6^Kelr>-8x= z&PqAfR1FIZ5N&FH`WwAt_F zR&{!7uGD$$ak`%)RXFGNotA~q4$Juj{dsZbnV7O*uGzgGxz87L8Q$N1Hk`9ey-Msv zix~gLt<^vJr3$^x|Nd%z@lY=!lP$(l|6SuV>qQz76;}$JJ37pMjXI&Z0zka5mOyh$|SN^oD?P$=xdnab^p9u?s p82XPae|Ye@k-(#kf#)sXbvE=Y=+|D6d_w2T3vTI{nGXFL5&+{R&f5S0 literal 0 HcmV?d00001 diff --git a/examples/saml/post-with-encryption/src/main/webapp/WEB-INF/picketlink.xml b/examples/saml/post-with-encryption/src/main/webapp/WEB-INF/picketlink.xml new file mode 100755 index 0000000000..3a431b7cdf --- /dev/null +++ b/examples/saml/post-with-encryption/src/main/webapp/WEB-INF/picketlink.xml @@ -0,0 +1,31 @@ + + + ${idp-sig.url::http://localhost:8080/auth/realms/saml-demo/protocol/saml} + + ${sales-post-sig.url::http://localhost:8080/sales-post-enc/} + + + + + + + + + + + + + + + + + + + diff --git a/examples/saml/post-with-signature/README.md b/examples/saml/post-with-signature/README.md new file mode 100755 index 0000000000..971e07153a --- /dev/null +++ b/examples/saml/post-with-signature/README.md @@ -0,0 +1,270 @@ +picketlink-federation-saml-sp-post-with-signature: PicketLink Service Provider With a Basic Configuration using SAML HTTP POST Binding With Signature Support +=============================== +Author: Pedro Igor +Level: Intermediate +Technologies: PicketLink Federation, SAML v2.0 +Summary: Basic example that demonstrates how to setup an application as a SAML v2.0 Service Provider using SAML HTTP POST Binding with Signature Support. +Source: + + +What is it? +----------- + +This example demonstrates Keycloak SAML 2.0 support in conjunction with a servlet secured by Picketlink's SAML SP client. + + +Make sure you've set up the Keycloak Server +-------------------------------------- +The Keycloak Appliance Distribution comes with a preconfigured Keycloak server (based on Wildfly). You can use it out of +the box to run these demos. So, if you're using this, you can head to Step 2. + +Alternatively, you can install the Keycloak Server onto any JBoss AS 7.1.1, EAP 6.x, or Wildfly 8.x server, but there is +a few steps you must follow. + +Obtain latest keycloak-war-dist-all.zip. This distro is used to install Keycloak onto an existing JBoss installation. +This installs the server. + + $ cd ${wildfly.jboss.home}/standalone + $ cp -r ${keycloak-war-dist-all}/deployments . + +To be able to run the demos you also need to install the Keycloak client adapter. For Wildfly: + + $ cd ${wildfly.home} + $ unzip ${keycloak-war-dist-all}/adapters/keycloak-wildfly-adapter-dist.zip + +For JBoss EAP 6.x + + $ cd ${eap.home} + $ unzip ${keycloak-war-dist-all}/adapters/keycloak-eap6-adapter-dist.zip + +For JBoss AS 7.1.1: + + $ cd ${as7.home} + $ unzip ${keycloak-war-dist-all}/adapters/keycloak-as7-adapter-dist.zip + +Unzipping the adapter ZIP only installs the JAR files. You must also add the Keycloak Subsystem to the server's +configuration (standalone/configuration/standalone.xml). + +For Wildfly: + + + + + + ... + + + + + ... + + +For JBoss 7.1.1 and EAP 6.x: + + + + + + ... + + + + + ... + + + +Boot Keycloak Server +--------------------------------------- +Where you go to start up the Keycloak Server depends on which distro you installed. + +From appliance: + +``` +$ cd keycloak/bin +$ ./standalone.sh +``` + + +From existing Wildfly/EAP6/AS7 distro + +``` +$ cd ${wildfly.jboss.home}/bin +$ ./standalone.sh +``` + + +Import the Test Realm +--------------------------------------- +Next thing you have to do is import the test realm for the demo. Clicking on the below link will bring you to the +create realm page in the Admin UI. The username/password is admin/admin to login in. Keycloak will ask you to +create a new admin password before you can go to the create realm page. + +[http://localhost:8080/auth/admin/master/console/#/create/realm](http://localhost:8080/auth/admin/master/console/#/create/realm) + +Import the testsaml.json file that is in the saml/ example directory. + +Install Picketlink Modules into App server +------------------------------------------ + +If you are running this example with the Keycloak application distribution, you can skip this step. + +You may have to upgrade your picketlink modules in your JBoss EAP or Wildfly distribution. See Picketlink docs for more details. + +Create the Security Domain for JBoss EAP +--------------- +If you are running this example with the Keycloak application distribution, you can skip this step. + + +These steps assume you are running the server in standalone mode and using the default standalone.xml supplied with the distribution. + +You configure the security domain by running JBoss CLI commands. For your convenience, this quickstart batches the commands into a `configure-security-domain-eap.cli` script provided in the root directory of this quickstart. + +1. Before you begin, back up your server configuration file + * If it is running, stop the JBoss server. + * Backup the file: `JBOSS_HOME/standalone/configuration/standalone.xml` + * After you have completed testing this quickstart, you can replace this file to restore the server to its original configuration. + +2. Start the JBoss server by typing the following: + + For Linux: JBOSS_HOME/bin/standalone.sh + For Windows: JBOSS_HOME\bin\standalone.bat +3. Review the `configure-security-domain-eap.cli` file in the root of this quickstart directory. This script adds the `sp` domain to the `security` subsystem in the server configuration and configures authentication access. Comments in the script describe the purpose of each block of commands. + +4. Open a new command prompt, navigate to the root directory of this quickstart, and run the following command, replacing JBOSS_HOME with the path to your server: + + JBOSS_HOME/bin/jboss-cli.sh --connect --file=configure-security-domain-eap.cli + +You should see the following result when you run the script: + + The batch executed successfully + { + "outcome" => "success", + } + + +Create the Security Domain for WildFly +--------------- +If you are running this example with the Keycloak application distribution, you can skip this step. + +These steps assume you are running the server in standalone mode and using the default standalone.xml supplied with the distribution. + +You configure the security domain by running JBoss CLI commands. For your convenience, this quickstart batches the commands into a `configure-security-domain-wildfly.cli` script provided in the root directory of this quickstart. + +1. Before you begin, back up your server configuration file + * If it is running, stop the JBoss server. + * Backup the file: `JBOSS_HOME/standalone/configuration/standalone.xml` + * After you have completed testing this quickstart, you can replace this file to restore the server to its original configuration. + +2. Start the JBoss server by typing the following: + + For Linux: JBOSS_HOME/bin/standalone.sh + For Windows: JBOSS_HOME\bin\standalone.bat +3. Review the `configure-security-domain-wildfly.cli` file in the root of this quickstart directory. This script adds the `sp` domain to the `security` subsystem in the server configuration and configures authentication access. Comments in the script describe the purpose of each block of commands. + +4. Open a new command prompt, navigate to the root directory of this quickstart, and run the following command, replacing JBOSS_HOME with the path to your server: + + JBOSS_HOME/bin/jboss-cli.sh --connect --file=configure-security-domain-wildfly.cli + +You should see the following result when you run the script: + + The batch executed successfully + { + "outcome" => "success", + } + + + +Review the Modified Server Configuration for EAP +----------------------------------- +If you are running this example with the Keycloak application distribution, you can skip this step. + +If you want to review and understand newly added XML configuration, stop the JBoss server and open the `JBOSS_HOME/standalone/configuration/standalone.xml` file. + +The following `sp` security-domain was added to the `security` subsystem. + + + + + + + +The configuration above defines a security-domain which will be used by the SP to authenticate users based on a SAML Assertion previously issued by a Identity Provider. + +Review the Modified Server Configuration for WildFly +----------------------------------- +If you are running this example with the Keycloak application distribution, you can skip this step. + +If you are using Wildfly, the security-domain should have the following configuration: + + + + + + + + +SAML SP-Initiated Single Sign-On +----------------------------------- + +The SAML v2.0 specification defines a specific SSO mode called *SP-Initiated SSO*. In this mode, the SSO flow starts at the Service Provider side. +Please, take a look at the following documentation for more details: + +1. [SAML v2.0 SP-Initiated SSO](https://docs.jboss.org/author/display/PLINK/SP-Initiated+SSO) + + +Start JBoss Enterprise Application Platform 6 or WildFly with the Web Profile +------------------------- + +1. Open a command line and navigate to the root of the JBoss server directory. +2. The following shows the command line to start the server with the web profile: + + For Linux: JBOSS_HOME/bin/standalone.sh + For Windows: JBOSS_HOME\bin\standalone.bat + + +Build and Deploy the Quickstart +------------------------- + +_NOTE: The following build command assumes you have configured your Maven user settings. If you have not, you must include Maven setting arguments on the command line. See [Build and Deploy the Quickstarts](../README.md#build-and-deploy-the-quickstarts) for complete instructions and additional options._ + +1. Make sure you have started the JBoss Server as described above. +2. Open a command line and navigate to the root directory of this quickstart. +3. Type this command to build and deploy the archive: + + For EAP 6: mvn clean package jboss-as:deploy + For WildFly: mvn -Pwildfly clean package wildfly:deploy + +4. This will deploy `target/picketlink-federation-saml-sp-post-with-signature.war` to the running instance of the server. + + +Access the application +--------------------- + +The application will be running at the following URL: . + +*Note: A Service Provider alone is not very useful without an Identity Provider to authenticate users and issue SAML Assertions. Once you get this application deployed, please take a look at [About the PicketLink Federation Quickstarts](../README.md#about-the-picketlink-federation-quickstarts).* + +Undeploy the Archive +-------------------- + +1. Make sure you have started the JBoss Server as described above. +2. Open a command line and navigate to the root directory of this quickstart. +3. When you are finished testing, type this command to undeploy the archive: + + For EAP 6: mvn jboss-as:undeploy + For WildFly: mvn -Pwildfly wildfly:undeploy + + +Run the Quickstart in JBoss Developer Studio or Eclipse +------------------------------------- +You can also start the server and deploy the quickstarts from Eclipse using JBoss tools. For more information, see [Use JBoss Developer Studio or Eclipse to Run the Quickstarts](../README.md#use-jboss-developer-studio-or-eclipse-to-run-the-quickstarts) + + +Debug the Application +------------------------------------ + +If you want to debug the source code or look at the Javadocs of any library in the project, run either of the following commands to pull them into your local repository. The IDE should then detect them. + + mvn dependency:sources + mvn dependency:resolve -Dclassifier=javadoc \ No newline at end of file diff --git a/examples/saml/post-with-signature/conf/jboss-eap/META-INF/jboss-deployment-structure.xml b/examples/saml/post-with-signature/conf/jboss-eap/META-INF/jboss-deployment-structure.xml new file mode 100644 index 0000000000..7b07a0210b --- /dev/null +++ b/examples/saml/post-with-signature/conf/jboss-eap/META-INF/jboss-deployment-structure.xml @@ -0,0 +1,10 @@ + + + + + + + + + diff --git a/examples/saml/post-with-signature/conf/jboss-eap/WEB-INF/jboss-web.xml b/examples/saml/post-with-signature/conf/jboss-eap/WEB-INF/jboss-web.xml new file mode 100644 index 0000000000..10562b84b2 --- /dev/null +++ b/examples/saml/post-with-signature/conf/jboss-eap/WEB-INF/jboss-web.xml @@ -0,0 +1,16 @@ + + + + sp + + + sales-post-sig + + + + org.picketlink.identity.federation.bindings.tomcat.sp.ServiceProviderAuthenticator + + diff --git a/examples/saml/post-with-signature/conf/wildfly/META-INF/jboss-deployment-structure.xml b/examples/saml/post-with-signature/conf/wildfly/META-INF/jboss-deployment-structure.xml new file mode 100644 index 0000000000..7b07a0210b --- /dev/null +++ b/examples/saml/post-with-signature/conf/wildfly/META-INF/jboss-deployment-structure.xml @@ -0,0 +1,10 @@ + + + + + + + + + diff --git a/examples/saml/post-with-signature/conf/wildfly/WEB-INF/classes/META-INF/services/io.undertow.servlet.ServletExtension b/examples/saml/post-with-signature/conf/wildfly/WEB-INF/classes/META-INF/services/io.undertow.servlet.ServletExtension new file mode 100644 index 0000000000..ffaf42ca71 --- /dev/null +++ b/examples/saml/post-with-signature/conf/wildfly/WEB-INF/classes/META-INF/services/io.undertow.servlet.ServletExtension @@ -0,0 +1 @@ +org.picketlink.identity.federation.bindings.wildfly.sp.SPServletExtension \ No newline at end of file diff --git a/examples/saml/post-with-signature/conf/wildfly/WEB-INF/jboss-web.xml b/examples/saml/post-with-signature/conf/wildfly/WEB-INF/jboss-web.xml new file mode 100644 index 0000000000..284b87a988 --- /dev/null +++ b/examples/saml/post-with-signature/conf/wildfly/WEB-INF/jboss-web.xml @@ -0,0 +1,10 @@ + + + + sp + + + sales-post-sig + diff --git a/examples/saml/post-with-signature/configure-security-domain-eap.cli b/examples/saml/post-with-signature/configure-security-domain-eap.cli new file mode 100644 index 0000000000..9f9777c4cb --- /dev/null +++ b/examples/saml/post-with-signature/configure-security-domain-eap.cli @@ -0,0 +1,16 @@ +# Batch script to add and configure the quickstart-domain security domain in the JBoss server + +# Start batching commands +batch + +# Add and configure the security domain, then add the PicketLink SAML2LoginModule. Which wil be used to extract user's information from the SAML Assertion and authenticate the user. +/subsystem=security/security-domain=sp:add(cache-type=default) +/subsystem=security/security-domain=sp/authentication=classic:add +/subsystem=security/security-domain=sp/authentication=classic/login-module=org.picketlink.identity.federation.bindings.jboss.auth.SAML2LoginModule:add(code=org.picketlink.identity.federation.bindings.jboss.auth.SAML2LoginModule,flag=required) + +# Run the batch commands +run-batch + +# Reload the server configuration +:reload + diff --git a/examples/saml/post-with-signature/configure-security-domain-wildfly.cli b/examples/saml/post-with-signature/configure-security-domain-wildfly.cli new file mode 100644 index 0000000000..6b65d5e94f --- /dev/null +++ b/examples/saml/post-with-signature/configure-security-domain-wildfly.cli @@ -0,0 +1,16 @@ +# Batch script to add and configure the quickstart-domain security domain in the JBoss server + +# Start batching commands +batch + +# Add and configure the security domain, then add the PicketLink SAML2LoginModule. Which wil be used to extract user's information from the SAML Assertion and authenticate the user. +/subsystem=security/security-domain=sp:add(cache-type=default) +/subsystem=security/security-domain=sp/authentication=classic:add +/subsystem=security/security-domain=sp/authentication=classic/login-module=org.picketlink.identity.federation.bindings.wildfly.SAML2LoginModule:add(code=org.picketlink.identity.federation.bindings.wildfly.SAML2LoginModule,flag=required) + +# Run the batch commands +run-batch + +# Reload the server configuration +:reload + diff --git a/examples/saml/post-with-signature/pom.xml b/examples/saml/post-with-signature/pom.xml new file mode 100755 index 0000000000..2c644a706a --- /dev/null +++ b/examples/saml/post-with-signature/pom.xml @@ -0,0 +1,116 @@ + + 4.0.0 + + org.picketlink.quickstarts + picketlink-federation-saml-sp-post-with-signature + 2.7.0.Beta2 + + war + + PicketLink Quickstart: picketlink-federation-saml-sp-post-with-signature + PicketLink Quickstart: PicketLink Service Provider With a Basic Configuration using SAML HTTP POST Binding With Signature Support + + http://www.picketlink.org + + + + Apache License, Version 2.0 + repo + http://www.apache.org/licenses/LICENSE-2.0.html + + + + + + 7.4.Final + + + 1.0.1.Final + + + 2.7.0.Beta2 + + + jboss-eap + + + 2.1.1 + + + 3.1 + 1.6 + 1.6 + + + + + ${project.artifactId} + + + src/main/resources + + + ../post-basic/src/main/resources + + + + + maven-war-plugin + ${version.war.plugin} + + + false + + + ${target.container} + + + + + src/main/webapp + + + ../post-basic/src/main/webapp + + + ${basedir}/conf/${target.container} + + + + + + + org.jboss.as.plugins + jboss-as-maven-plugin + ${version.jboss.maven.plugin} + + ${project.build.finalName}-${target.container}.${project.packaging} + + + + + + + + wildfly + + wildfly + + + + + org.wildfly.plugins + wildfly-maven-plugin + ${version.wildfly.maven.plugin} + + ${project.build.finalName}-${target.container}.${project.packaging} + + + + + + + + \ No newline at end of file diff --git a/examples/saml/post-with-signature/remove-security-domain.cli b/examples/saml/post-with-signature/remove-security-domain.cli new file mode 100644 index 0000000000..9487613e2c --- /dev/null +++ b/examples/saml/post-with-signature/remove-security-domain.cli @@ -0,0 +1,13 @@ +# Batch script to remove the quickstart-domain security domain from the JBoss server + +# Start batching commands +batch + +# Remove the security domain +/subsystem=security/security-domain=sp:remove + +# Run the batch commands +run-batch + +# Reload the server configuration +:reload \ No newline at end of file diff --git a/examples/saml/post-with-signature/src/main/resources/keystore.jks b/examples/saml/post-with-signature/src/main/resources/keystore.jks new file mode 100755 index 0000000000000000000000000000000000000000..4185d3c309c62650b67ca36d935e69ff189c59d6 GIT binary patch literal 1721 zcmezO_TO6u1_mZL<}6Ok&CyLs&CO?EVDvOiF8R&C8lh)uU**P=OdfW$jZRn*vnwh*vZt`$gnzW!#ckU+Ieg<&+JXyCu_K6Us~}l6SKuv z=e9o4`yq2kVLO}AvBS}B0$H4y1@AnUq)uyl_Pofk&8GaWbN=r+{{s&0n5^v>EfHrL zv|NATf>ps$ImcRSKAq=?S7BmWzDe(|$tk<}i{!g z%iOQ}Ow5c7jL6OddY&2RuEI&1Z$~=ChBG~EUvYJT%B@q(zI+cKZI-^S;sor&H7emMuw4afW*&H`smr`Qf4WPV%-8DU$;0jT^}C13`{!>nwYj4@Ud}e zvoW$TYB32i0z;dniD}_A(RguA!6@nFk6b+0AKIKzxo+L97FXso<#sAjr&$x07iqXi zdv5tBE2DGyu4UImht=zB6=k;l^pSjXvSjw8H}_wtuhv<4IPe(b|8tH{*wkghzKNK9 z+q&~>-S!oSu5m3Z+{SvfeTL?RpS-;Z4XVON1EaP)?)hS$QLs$#To;@0mp>LaG`2Ge z=AW2++4=Id9p7i#eK6AA8*@-Ax9o|=;@0RIjVw_EHVyuci{H;NfBo~uRBZaq8ZD`! zt&YYSH@w0>AG|n=w>+YM-|{0TU397@+gD#XU@j-fYWQ)>+EZflyj&}T_MysDDXI@{gedqS*5QptWfPMOM#8xeY)*E2(1xO`<6rF8rfWIF!V&TPV73zOpo zU2ZzlN`5hl_*}HTW~RA*>dTOz+O5%NZ#Rgs6x#FJI$d{iQ$Dc&NvR{#(IXFUo|a4BjJisr$G_F$ zoj%`P<~Lt3d|{0Ljp&-5ioehHsQ!6+#QUb5$%eTvHobO^{_0g?+*V|dWk8j z2NHJ$t}*|-KYGEE=UGg73*T7ERleHGQggmqi)+K&nqNWvzfUpW4_f!a;&B*X82<(? z^K}oVmju>)S^R$$)6{n%2dk&eU{T}Sesxn?+oc)Bi)B8&Npv?;+;r>TQ}MlX-u!3U zwPAAc3W=*P=FgwV9O_-i7yNqjSGlb-FSLiIR!MHtu@F3RSmxUSSFViCI#!d$VDlrY z3dg*!P5xW<^IO~t;nd0g^EY4WVyS50;Yzr!$B>u&wpyf~l14BIn9Z2y+Tqc1PU4~|cMkXdk#?Yb*%r!GGjv~WE ze8t*T>0`T(Bv++$GUq;@b5dtPf%%(LGp-n1KJt($x$8XR{kW!m#{w>i3;S#}>XdSy zQdYD%)BK2sJ4?+n5nTt1>-uNsyv*;_WfD4W9krIJdhKOT#UA!#_sVs;;cgSoe>TuN z_UwF;GDB!P^MrQ&sT(p6$=`K3=W+9)s>}L$UTQrPRB;t+-LuXu+*W)md40;Y>a?%x zlABqU|5>-S@YUMbzaI(jLy!^WHX6F4G^0E~Rhv;Y7A literal 0 HcmV?d00001 diff --git a/examples/saml/post-with-signature/src/main/webapp/WEB-INF/picketlink.xml b/examples/saml/post-with-signature/src/main/webapp/WEB-INF/picketlink.xml new file mode 100755 index 0000000000..05293a5ca0 --- /dev/null +++ b/examples/saml/post-with-signature/src/main/webapp/WEB-INF/picketlink.xml @@ -0,0 +1,31 @@ + + + ${idp-sig.url::http://localhost:8080/auth/realms/saml-demo/protocol/saml} + + ${sales-post-sig.url::http://localhost:8080/sales-post-sig/} + + + + + + + + + + + + + + + + + + + diff --git a/examples/saml/redirect-basic/README.md b/examples/saml/redirect-basic/README.md new file mode 100755 index 0000000000..9cf014cd21 --- /dev/null +++ b/examples/saml/redirect-basic/README.md @@ -0,0 +1,270 @@ +picketlink-federation-saml-sp-redirect-basic: PicketLink Service Provider With a Basic Configuration using SAML HTTP Redirect Binding +=============================== +Author: Pedro Igor +Level: Intermediate +Technologies: PicketLink Federation, SAML v2.0 +Summary: Basic example that demonstrates how to setup an application as a SAML v2.0 Service Provider using SAML HTTP Redirect Binding. +Source: + + +What is it? +----------- + +This example demonstrates Keycloak SAML 2.0 support in conjunction with a servlet secured by Picketlink's SAML SP client. + + +Make sure you've set up the Keycloak Server +-------------------------------------- +The Keycloak Appliance Distribution comes with a preconfigured Keycloak server (based on Wildfly). You can use it out of +the box to run these demos. So, if you're using this, you can head to Step 2. + +Alternatively, you can install the Keycloak Server onto any JBoss AS 7.1.1, EAP 6.x, or Wildfly 8.x server, but there is +a few steps you must follow. + +Obtain latest keycloak-war-dist-all.zip. This distro is used to install Keycloak onto an existing JBoss installation. +This installs the server. + + $ cd ${wildfly.jboss.home}/standalone + $ cp -r ${keycloak-war-dist-all}/deployments . + +To be able to run the demos you also need to install the Keycloak client adapter. For Wildfly: + + $ cd ${wildfly.home} + $ unzip ${keycloak-war-dist-all}/adapters/keycloak-wildfly-adapter-dist.zip + +For JBoss EAP 6.x + + $ cd ${eap.home} + $ unzip ${keycloak-war-dist-all}/adapters/keycloak-eap6-adapter-dist.zip + +For JBoss AS 7.1.1: + + $ cd ${as7.home} + $ unzip ${keycloak-war-dist-all}/adapters/keycloak-as7-adapter-dist.zip + +Unzipping the adapter ZIP only installs the JAR files. You must also add the Keycloak Subsystem to the server's +configuration (standalone/configuration/standalone.xml). + +For Wildfly: + + + + + + ... + + + + + ... + + +For JBoss 7.1.1 and EAP 6.x: + + + + + + ... + + + + + ... + + + +Boot Keycloak Server +--------------------------------------- +Where you go to start up the Keycloak Server depends on which distro you installed. + +From appliance: + +``` +$ cd keycloak/bin +$ ./standalone.sh +``` + + +From existing Wildfly/EAP6/AS7 distro + +``` +$ cd ${wildfly.jboss.home}/bin +$ ./standalone.sh +``` + + +Import the Test Realm +--------------------------------------- +Next thing you have to do is import the test realm for the demo. Clicking on the below link will bring you to the +create realm page in the Admin UI. The username/password is admin/admin to login in. Keycloak will ask you to +create a new admin password before you can go to the create realm page. + +[http://localhost:8080/auth/admin/master/console/#/create/realm](http://localhost:8080/auth/admin/master/console/#/create/realm) + +Import the testsaml.json file that is in the saml/ example directory. + +Install Picketlink Modules into App server +------------------------------------------ + +If you are running this example with the Keycloak application distribution, you can skip this step. + +You may have to upgrade your picketlink modules in your JBoss EAP or Wildfly distribution. See Picketlink docs for more details. + +Create the Security Domain for JBoss EAP +--------------- +If you are running this example with the Keycloak application distribution, you can skip this step. + + +These steps assume you are running the server in standalone mode and using the default standalone.xml supplied with the distribution. + +You configure the security domain by running JBoss CLI commands. For your convenience, this quickstart batches the commands into a `configure-security-domain-eap.cli` script provided in the root directory of this quickstart. + +1. Before you begin, back up your server configuration file + * If it is running, stop the JBoss server. + * Backup the file: `JBOSS_HOME/standalone/configuration/standalone.xml` + * After you have completed testing this quickstart, you can replace this file to restore the server to its original configuration. + +2. Start the JBoss server by typing the following: + + For Linux: JBOSS_HOME/bin/standalone.sh + For Windows: JBOSS_HOME\bin\standalone.bat +3. Review the `configure-security-domain-eap.cli` file in the root of this quickstart directory. This script adds the `sp` domain to the `security` subsystem in the server configuration and configures authentication access. Comments in the script describe the purpose of each block of commands. + +4. Open a new command prompt, navigate to the root directory of this quickstart, and run the following command, replacing JBOSS_HOME with the path to your server: + + JBOSS_HOME/bin/jboss-cli.sh --connect --file=configure-security-domain-eap.cli + +You should see the following result when you run the script: + + The batch executed successfully + { + "outcome" => "success", + } + + +Create the Security Domain for WildFly +--------------- +If you are running this example with the Keycloak application distribution, you can skip this step. + +These steps assume you are running the server in standalone mode and using the default standalone.xml supplied with the distribution. + +You configure the security domain by running JBoss CLI commands. For your convenience, this quickstart batches the commands into a `configure-security-domain-wildfly.cli` script provided in the root directory of this quickstart. + +1. Before you begin, back up your server configuration file + * If it is running, stop the JBoss server. + * Backup the file: `JBOSS_HOME/standalone/configuration/standalone.xml` + * After you have completed testing this quickstart, you can replace this file to restore the server to its original configuration. + +2. Start the JBoss server by typing the following: + + For Linux: JBOSS_HOME/bin/standalone.sh + For Windows: JBOSS_HOME\bin\standalone.bat +3. Review the `configure-security-domain-wildfly.cli` file in the root of this quickstart directory. This script adds the `sp` domain to the `security` subsystem in the server configuration and configures authentication access. Comments in the script describe the purpose of each block of commands. + +4. Open a new command prompt, navigate to the root directory of this quickstart, and run the following command, replacing JBOSS_HOME with the path to your server: + + JBOSS_HOME/bin/jboss-cli.sh --connect --file=configure-security-domain-wildfly.cli + +You should see the following result when you run the script: + + The batch executed successfully + { + "outcome" => "success", + } + + + +Review the Modified Server Configuration for EAP +----------------------------------- +If you are running this example with the Keycloak application distribution, you can skip this step. + +If you want to review and understand newly added XML configuration, stop the JBoss server and open the `JBOSS_HOME/standalone/configuration/standalone.xml` file. + +The following `sp` security-domain was added to the `security` subsystem. + + + + + + + +The configuration above defines a security-domain which will be used by the SP to authenticate users based on a SAML Assertion previously issued by a Identity Provider. + +Review the Modified Server Configuration for WildFly +----------------------------------- +If you are running this example with the Keycloak application distribution, you can skip this step. + +If you are using Wildfly, the security-domain should have the following configuration: + + + + + + + + +SAML SP-Initiated Single Sign-On +----------------------------------- + +The SAML v2.0 specification defines a specific SSO mode called *SP-Initiated SSO*. In this mode, the SSO flow starts at the Service Provider side. +Please, take a look at the following documentation for more details: + +1. [SAML v2.0 SP-Initiated SSO](https://docs.jboss.org/author/display/PLINK/SP-Initiated+SSO) + + +Start JBoss Enterprise Application Platform 6 or WildFly with the Web Profile +------------------------- + +1. Open a command line and navigate to the root of the JBoss server directory. +2. The following shows the command line to start the server with the web profile: + + For Linux: JBOSS_HOME/bin/standalone.sh + For Windows: JBOSS_HOME\bin\standalone.bat + + +Build and Deploy the Quickstart +------------------------- + +_NOTE: The following build command assumes you have configured your Maven user settings. If you have not, you must include Maven setting arguments on the command line. See [Build and Deploy the Quickstarts](../README.md#build-and-deploy-the-quickstarts) for complete instructions and additional options._ + +1. Make sure you have started the JBoss Server as described above. +2. Open a command line and navigate to the root directory of this quickstart. +3. Type this command to build and deploy the archive: + + For EAP 6: mvn clean package jboss-as:deploy + For WildFly: mvn -Pwildfly clean package wildfly:deploy + +4. This will deploy `target/picketlink-federation-saml-sp-redirect-basic.war` to the running instance of the server. + + +Access the application +--------------------- + +The application will be running at the following URL: . + +*Note: A Service Provider alone is not very useful without an Identity Provider to authenticate users and issue SAML Assertions. Once you get this application deployed, please take a look at [About the PicketLink Federation Quickstarts](../README.md#about-the-picketlink-federation-quickstarts).* + +Undeploy the Archive +-------------------- + +1. Make sure you have started the JBoss Server as described above. +2. Open a command line and navigate to the root directory of this quickstart. +3. When you are finished testing, type this command to undeploy the archive: + + For EAP 6: mvn jboss-as:undeploy + For WildFly: mvn -Pwildfly wildfly:undeploy + + +Run the Quickstart in JBoss Developer Studio or Eclipse +------------------------------------- +You can also start the server and deploy the quickstarts from Eclipse using JBoss tools. For more information, see [Use JBoss Developer Studio or Eclipse to Run the Quickstarts](../README.md#use-jboss-developer-studio-or-eclipse-to-run-the-quickstarts) + + +Debug the Application +------------------------------------ + +If you want to debug the source code or look at the Javadocs of any library in the project, run either of the following commands to pull them into your local repository. The IDE should then detect them. + + mvn dependency:sources + mvn dependency:resolve -Dclassifier=javadoc \ No newline at end of file diff --git a/examples/saml/redirect-basic/conf/jboss-eap/META-INF/jboss-deployment-structure.xml b/examples/saml/redirect-basic/conf/jboss-eap/META-INF/jboss-deployment-structure.xml new file mode 100644 index 0000000000..7b07a0210b --- /dev/null +++ b/examples/saml/redirect-basic/conf/jboss-eap/META-INF/jboss-deployment-structure.xml @@ -0,0 +1,10 @@ + + + + + + + + + diff --git a/examples/saml/redirect-basic/conf/jboss-eap/WEB-INF/jboss-web.xml b/examples/saml/redirect-basic/conf/jboss-eap/WEB-INF/jboss-web.xml new file mode 100644 index 0000000000..f603c9a068 --- /dev/null +++ b/examples/saml/redirect-basic/conf/jboss-eap/WEB-INF/jboss-web.xml @@ -0,0 +1,16 @@ + + + + sp + + + employee + + + + org.picketlink.identity.federation.bindings.tomcat.sp.ServiceProviderAuthenticator + + diff --git a/examples/saml/redirect-basic/conf/wildfly/META-INF/jboss-deployment-structure.xml b/examples/saml/redirect-basic/conf/wildfly/META-INF/jboss-deployment-structure.xml new file mode 100644 index 0000000000..7b07a0210b --- /dev/null +++ b/examples/saml/redirect-basic/conf/wildfly/META-INF/jboss-deployment-structure.xml @@ -0,0 +1,10 @@ + + + + + + + + + diff --git a/examples/saml/redirect-basic/conf/wildfly/WEB-INF/classes/META-INF/services/io.undertow.servlet.ServletExtension b/examples/saml/redirect-basic/conf/wildfly/WEB-INF/classes/META-INF/services/io.undertow.servlet.ServletExtension new file mode 100644 index 0000000000..ffaf42ca71 --- /dev/null +++ b/examples/saml/redirect-basic/conf/wildfly/WEB-INF/classes/META-INF/services/io.undertow.servlet.ServletExtension @@ -0,0 +1 @@ +org.picketlink.identity.federation.bindings.wildfly.sp.SPServletExtension \ No newline at end of file diff --git a/examples/saml/redirect-basic/conf/wildfly/WEB-INF/jboss-web.xml b/examples/saml/redirect-basic/conf/wildfly/WEB-INF/jboss-web.xml new file mode 100644 index 0000000000..309b91b9dc --- /dev/null +++ b/examples/saml/redirect-basic/conf/wildfly/WEB-INF/jboss-web.xml @@ -0,0 +1,10 @@ + + + + sp + + + employee + diff --git a/examples/saml/redirect-basic/configure-security-domain-eap.cli b/examples/saml/redirect-basic/configure-security-domain-eap.cli new file mode 100644 index 0000000000..9f9777c4cb --- /dev/null +++ b/examples/saml/redirect-basic/configure-security-domain-eap.cli @@ -0,0 +1,16 @@ +# Batch script to add and configure the quickstart-domain security domain in the JBoss server + +# Start batching commands +batch + +# Add and configure the security domain, then add the PicketLink SAML2LoginModule. Which wil be used to extract user's information from the SAML Assertion and authenticate the user. +/subsystem=security/security-domain=sp:add(cache-type=default) +/subsystem=security/security-domain=sp/authentication=classic:add +/subsystem=security/security-domain=sp/authentication=classic/login-module=org.picketlink.identity.federation.bindings.jboss.auth.SAML2LoginModule:add(code=org.picketlink.identity.federation.bindings.jboss.auth.SAML2LoginModule,flag=required) + +# Run the batch commands +run-batch + +# Reload the server configuration +:reload + diff --git a/examples/saml/redirect-basic/configure-security-domain-wildfly.cli b/examples/saml/redirect-basic/configure-security-domain-wildfly.cli new file mode 100644 index 0000000000..6b65d5e94f --- /dev/null +++ b/examples/saml/redirect-basic/configure-security-domain-wildfly.cli @@ -0,0 +1,16 @@ +# Batch script to add and configure the quickstart-domain security domain in the JBoss server + +# Start batching commands +batch + +# Add and configure the security domain, then add the PicketLink SAML2LoginModule. Which wil be used to extract user's information from the SAML Assertion and authenticate the user. +/subsystem=security/security-domain=sp:add(cache-type=default) +/subsystem=security/security-domain=sp/authentication=classic:add +/subsystem=security/security-domain=sp/authentication=classic/login-module=org.picketlink.identity.federation.bindings.wildfly.SAML2LoginModule:add(code=org.picketlink.identity.federation.bindings.wildfly.SAML2LoginModule,flag=required) + +# Run the batch commands +run-batch + +# Reload the server configuration +:reload + diff --git a/examples/saml/redirect-basic/pom.xml b/examples/saml/redirect-basic/pom.xml new file mode 100644 index 0000000000..98c3a40b62 --- /dev/null +++ b/examples/saml/redirect-basic/pom.xml @@ -0,0 +1,102 @@ + + 4.0.0 + + org.picketlink.quickstarts + picketlink-federation-saml-sp-redirect-basic + 2.7.0.Beta2 + + war + + PicketLink Quickstart: picketlink-federation-saml-sp-redirect-basic + PicketLink Quickstart: PicketLink Service Provider With a Basic Configuration using SAML HTTP Redirect Binding + + http://www.picketlink.org + + + + Apache License, Version 2.0 + repo + http://www.apache.org/licenses/LICENSE-2.0.html + + + + + + 7.4.Final + + + 1.0.1.Final + + + 2.7.0.Beta2 + + + jboss-eap + + + 2.1.1 + + + 3.1 + 1.6 + 1.6 + + + + + ${project.artifactId} + + + maven-war-plugin + ${version.war.plugin} + + + false + + + ${target.container} + + + + + ${basedir}/conf/${target.container} + + + + + + + org.jboss.as.plugins + jboss-as-maven-plugin + ${version.jboss.maven.plugin} + + ${project.build.finalName}-${target.container}.${project.packaging} + + + + + + + + wildfly + + wildfly + + + + + org.wildfly.plugins + wildfly-maven-plugin + ${version.wildfly.maven.plugin} + + ${project.build.finalName}-${target.container}.${project.packaging} + + + + + + + + \ No newline at end of file diff --git a/examples/saml/redirect-basic/remove-security-domain.cli b/examples/saml/redirect-basic/remove-security-domain.cli new file mode 100644 index 0000000000..9487613e2c --- /dev/null +++ b/examples/saml/redirect-basic/remove-security-domain.cli @@ -0,0 +1,13 @@ +# Batch script to remove the quickstart-domain security domain from the JBoss server + +# Start batching commands +batch + +# Remove the security domain +/subsystem=security/security-domain=sp:remove + +# Run the batch commands +run-batch + +# Reload the server configuration +:reload \ No newline at end of file diff --git a/examples/saml/redirect-basic/src/main/webapp/META-INF/jboss-deployment-structure.xml b/examples/saml/redirect-basic/src/main/webapp/META-INF/jboss-deployment-structure.xml new file mode 100644 index 0000000000..7b07a0210b --- /dev/null +++ b/examples/saml/redirect-basic/src/main/webapp/META-INF/jboss-deployment-structure.xml @@ -0,0 +1,10 @@ + + + + + + + + + diff --git a/examples/saml/redirect-basic/src/main/webapp/WEB-INF/picketlink.xml b/examples/saml/redirect-basic/src/main/webapp/WEB-INF/picketlink.xml new file mode 100755 index 0000000000..78e8c938a2 --- /dev/null +++ b/examples/saml/redirect-basic/src/main/webapp/WEB-INF/picketlink.xml @@ -0,0 +1,20 @@ + + + ${idp.url::http://localhost:8080/auth/realms/saml-demo/protocol/saml} + ${employee.url::http://localhost:8080/employee/} + + + + + + + + + + \ No newline at end of file diff --git a/examples/saml/redirect-basic/src/main/webapp/WEB-INF/web.xml b/examples/saml/redirect-basic/src/main/webapp/WEB-INF/web.xml new file mode 100644 index 0000000000..d1b8e114c5 --- /dev/null +++ b/examples/saml/redirect-basic/src/main/webapp/WEB-INF/web.xml @@ -0,0 +1,52 @@ + + + + PicketLink Employee Service Provider + + PicketLink Service Provider With a Basic Configuration using SAML HTTP Redirect Binding + + + + + EMPLOYEE Application + /* + + + manager + + + + + + + freezone + /freezone/* + + + images + /images/* + + + css + /css/* + + + + + + FORM + Tomcat SALES Application + + /jsp/login.jsp + /jsp/loginerror.jsp + + + + + + The role that is required to log in to the EMPLOYEE Application + manager + + diff --git a/examples/saml/redirect-basic/src/main/webapp/careermap.jpg b/examples/saml/redirect-basic/src/main/webapp/careermap.jpg new file mode 100644 index 0000000000000000000000000000000000000000..4a012a785a49eb5e02e2475e7481e5a74263b955 GIT binary patch literal 57220 zcmb@tWmsHI*Dkmlhu|I{I0O%_!7aFZfZ*;9!66Xb-3cy@yF{?y-asS4g9i^jojlKb z-uccobItiN3wBklTD7azE?sq3_0z)B4**+UMotC*!GVA@*dOq8gy*hm?d0y{X6@um z$;HMF@Jq-k!5;yC2>VY800hAO$NwWk!1yaefVtj()1Lq3QU1Cx=WiOczZ~cv?j`nL z4h@#mKLq#py^FsLF2DoxK>#bvMfw{9`YXNu8zzHk`2R@oKmRT1pK||{0LvXt?4Rdf z89po)0RCtS|5q#YKP;{z%=x2<4eW7-1z!U|lo%{t9UulkPye%y-T-f48XN>bb(6bJ**QBY7&QP5FQ(Q%%kJ;NcuLPy6UAjZQZz{4ZPLH|qtdjBy0y9>g2 z_6!3P0~-?)8y^!B6aSBciT}?lIR7UZJbeamP+%Wm0}rAG;BY|jIH0E$*vBG2^?^iT zS|Wn}5=`Mg1P^O+1Vkic6jZclp#NP6Yhn2R2(bYW0tg-s0S*xv2?Y@zoeL(!fk&Xi zS^m9`Ab?_BZ8>R5S2q?ff0 zLUyll05~|9wg`W9LPkR5`KtmI2QC6k0~cyMM9$zu{689eQJ?z7MQgh58j>WbL15;_ zeM*P)M*(Ddp0Cp|C5nm6rL}n7EjIp_3jgmKy!@{UPfGwg{NFNh08!vlIwCba=kVaP z{-|SQWZ9*DpL_m`mdB>={EGj@^3G#@;uC;sbx%}g2nM@Y@RgZbuB9F{Lw|l3VyPUQ zGxO4l+ijd5^w+-i^b?l%y44PdzsA*w^G#P6vbbvH;+&t|X{nM?Ev?eOhQ=C>^|a1N zGI=VqUIyGf0g`*Z`L=_XScVTAm-QPxCCw8Kxc4JjCx)XAO#Pi0i`rQ%JX#v?7Zj32Hmnwb)@F_u{>F1pfOhX}OLNvexQgyZOGnPR zwm4%~D*#Hdr#-UbId3%j!8g^?@1)Uc$@nVX_?}`3H_6}%=@RK3&x&}abaTh>2ah;E z1DnO}wkr$$yULQa=~oqb;enqXSo5;y^JRE>$BSd`4u>q+bjmbpsKzn4&CCV6f34g( z^sJQ@Mtls;SE)SIP}pa!>?GN3Ix1UHsCPv!3@kiZys*9Om7kcNxnK7cHmM$I?Y{A9 zUt0)VjCepJNyrSq@I3$?YC7BaOsyUJQ1Iv#9w z%}2FeZVkg{98ZAEj+$|!)y$>nnqz+*Bz^SE1n z^Y!9Q?>YhU^u7H{%}oUkMu+(N{6@~9rJeTH2eLum{318#&4F9Bny0K%M`G|5hb z7~9g$!v4~3T0OYFdSUFbU$$ard*_|i53_gX{x!dk&2)EFCo#tAQ`+bK3mP4F?vgYt znlA^NgfrVLYJsMQq^~HVx8&9Chjynf(t3ov(CEX4!TA{jg=)WJA!fg0H~lpYr}Og5 zIvoQ$GLFLHEvkQNKv~;KBd`*QJOI(7$*=!-`RMZjdF~ufjqL={+YRz@a1@#H`p>OS zz5BKKm026;gFL~t_G(3{1t{Csl7nXz2u^nTt!Sm-|C|2_xGJ7`Oi#S6=`9=>E`F(D zM*U0*6TzFd4CPX}La930Fyq)w7g|kqse32fJimM|T-)zearj_Y;;XH9%hVvOKv+wm z-algY%y4gc7FRTXa( zv^Q#Xp+O|R`3We#MeCKZJL$60GpJ~|e``=n>FZbP$6_(JHP3sSu3-Rc#XP4fm7hr( z4X{=(dz!kGBFjmPo2O8k&n73H=d%Bve-T%cpMCe!M<7irS(}x|w`F;R75B$yQniY> z!(GRfgo#n{;VM2Ru>7d)5T;$9`JzU!&FVDEVDYT2yxqmM2eW~az}42KrC_2(5r>k+ zH#;W>nbNmM)eRGtPr#_Q-t?ix{Oa;@u*H|c9R`T`hrp%4ZI-laC9^$s9++wSnVD9KwIdV;&nOaZmq|?)4}6`#H!Yt& zExu6uEl`Wu$j3}U;XD%K*;D7qx#Q4C9#!qu{RI4YP}#1TtTPUs|`w<=D126lMf z;_HM}+mUe0+sxtA{2Z|`arALD0RAcs!?N~Ou_ zsH_Ll_S>cMGI~4zFm9yPVaIFX$2CvG>-uOpI_lvnl40Ykgta%^CvGvo!u8$7(n_zA znOS4$;gbmtci zNHuf^1?Ibs?8Fdm<9%+?txlL$2zOSd*;nT~dME2^YkoA3x*?ZYXmhOBTBPbiv@cRt zWVajOMXE1k@+sX7Y&wp1EUq5B#d#1F|W`jZe}x7NkGXs+^&yUXXF23wq z7=#8&O%zSoHZ?Hp*E(r|(UzAD4(ijIZXFhO)(k4mIIhW}q5HyRFE1#@A46{s4Cw?6 z?MU|bhW3eT-+7lgY7z0xmhM+AKh%QV$VM^-SN0YL?;cd<^*o1#pXWRQ^&j2=T!Nwc zG!(@47$!otEl+^{2x+wPz=Kfj17DfbVy1s@p;pI3h8~~BwA=B;FIVF0T~s&8%nOEr zUiyZK`Z-t!(K_@y1RoijH4uVOCyXHJ`n8Oa^ZZ3kM$Q{cg z9dToMRidRkoNJA~sUl%1J)R;SAA(cO9QKJ8M83!B=GdD~b&Nup1558u>K|Siyu2{B zy?a?0AK@{yN!Sy%vlc@p==a02ew=OLNU0UNXj;LC+swJo2DU+dbqE%sLQ`1M8i~tRIPzNi)JCdbej;%DPF%`!St;-x7{g)A(yA}^|z1l0OQ*JK87>~`(kJ-1f z4gHXJImI8z{A!_XJG($_wP;vCLm>ZZ?wSL?D@Oni%Y* zYc8F={R%Zy!l)dy+|oYqr%;|y?%l0R|<`lD& zmUK;G*DBAuqt1EooQFZC!4n`gG0in=RoZV=xuS6F$Sc{e>kdlKwfn(k_BLQla^wk^ zS)I^%d_{2a1VqRw{#xc>uiZBk%VHUNNkjSin5PBaX5cEYprZQEnwInZvUj@jfwbgX z)!1;wT$aD~#i5__?&geJw`}tk5#M~kno|BX7S{CFvd39yl0HYxzD}c%V51R_l;|^z zGZg1*K0eOIC%{(pm{$lksXqb253g?7isaqSR-wK<UuIj6q&n=YfdA%;9{$Iz{&blJWP(*9$4 z|3Qf1>q<|Qu)aTRLggJ1<)GtZJV<}&h{{_tCfw0B^!MHATZ5l6Fv48fYG4=c zG5;*@8k=N3xP8Jc_sC9vE_(Xci)_E!76a4HS^?q|aa_QGKhsCCj%T%X@xZDu_6e}* z&8^ROc(gpxWepJ4wJ2G0YR}j%c*7zD9=3Y|5)S1#Nx+{`@@)b$nkr7I_eq`m#vr(_xH=AI`%zX2HEd&i-tp4yhbdGgR!;A+i*AXQl94c=!Jdg6CgKyQeu4ksqAU)QY!gVQl1&k zBJw^&#!(o5b#f^;$;sJFPeE5kGV|E-AZO<1%p+>P^40@dSA47XVU|tJ(Ixzv;fLu1 zi#vrJ*ILgfK>V?owWGJmSI0kpA?gXJJn6*Dd7UhMx!HUzEVF=qo&7J?hxy z?8twxgvcm}9z>myx>PtyXRS ztGX8jTU^{~aWJx3>3karz^JLc)=^gTlO&m#7D$C^&o?cRKLJYDzC9Bc@-qPq?*zsy zp&*agD%DAli-WyeZm;8-8dUValjZQe-M&LHO$p}#k3*`?8xs#{u;0>XzTUzjq0v6$ z;!$5Ic!%X8Fh}NR8=q;Evatd@8@MD{4s7k8ot2 zW;!VGALZWQXXkhmXkTp^KKe0U1RhlG%fXh<#lOhYKgbp`fC59FKp^0015_X# zt|B9+DE%i2040b^Nl3%NkSqsBcUM_;aXno-|9KZ+Fk__TWM}86{0o>-YWTRhTR6B;$~l^`0srRt zCmErvtBH@BnTfpxB`c+@iGza)B_|u_AIbmE^rsI0$?{z7Z{2_hNBadfC%djh=1@ncmx;_1`iKH1^t2Qa9~1!3Kx|_T#Xvf#08%q7>3Aw;UxSu zB|$@kwtlKk{M^))E2M#zuIP+gN}8UJfdmF>q5LUB6gc@7fk~MGmkKtHxB_zza^Db7 zI(TFxH=md8*zq!Ttj{Z<`bk`j5u!`45w_pmsU|jS$B>vLptx}3Y(>JLXU-TPT-!e+X4`q%9D(6b3X-r&$yzBJLcpJ~h z?ow$%xHUJPjPtq4J$aENxgSGZ_zSjfOFV#hL z_7^Kr1@(_v^h*6J81`_V%P$$D-~gj$U^f$z@$BCtG-0Fo zjH3pjtQ_tOQbq7f^>5x?V`|C{KiVg9pkl3qhdWDV*|AH~2KkX7Vj-#^kWj@@ka?6j z$4@wF?h@I&qLbdF&g^~iFTaX2N$Jrd@o%!7nxly$KfPqdNAkQVRWR6p|4scCxzE4L ziFa*`DcXzu*G*&~n&_|`7LE7MxFDq50u!gmxP*_wgJp{orUnr^R3wik>qXynzoN#P z-p88Eeb(X+u|n(YKZ;#aE38u40$p#bEk6OQ<<;gyzq;m}<%p2P6*1ZMC722AnX20YlyfFj? z31;sn<-&!$zS%mfudkGiOT}^>G<`(+yv$%8qR10$}Zv zr|cG9XTpissvDBC-FJS*Yi!e@&!cjs%m_v+3WHxMY7c*V#q>8;5El5yS zg&CvYp!$5*`Kqy_h-t&g72QTV~8C6{?*@)93oXt?kkT#z_hjh54C?9JkibfrY9 z!v_VIW||y^+!>vc2!luAwK9Vf#V>{afeCg~wg@js`*{;Gw>!zvN_s@yax|m5GS^xH$UfYy15_4FgUc!3;rVmmkbi-@%3*?o zSEZQwg?*s7L5qj_`7<>Vt~-ak>fWTH=qsNvF~B!gCNI}VqpADzJNQ{9IQ58f3=yNy zW&EPBSwQWB}QIGgL8fYFsvy7YS7Aoa??*TC+|sXx^nHpbCgMhCTuid@-q#jM${Oj z$pjMLrvy#^LE5Z_THo|!9LYFqObdbivFF;tgvW;o%};S=GtwTEMz)}Oz^TC;*NyR9^JaY_)#^r~~8+;?o@7cFj7ih)k0<4}+WU z41U><1iQuUo(MgsD1MgOxN>Pn(3R8GwB$s}&iu8>I^u7M zH6bfbrdw0DAd21*=-zPSzuML$*;{`32PCFmh z?v+f8z4Bz|SyFSajHU(&xw)lk#@=t&XnrO|u8U{8`dvDo9LG|#dVJk4xRbn7ky`OW zINsBY@}snr9JC?JY;*U^<0)7AcklV>g_=)o&MUi4NgDJ=$}%g|Mtdu=VlR(wtoz;2 zw~KN@ghxlg^D&lE*jj>QB{;wfo6#FPgEOK8CtBXtgcGKlO=XrGj1=cmLCAZG=&PgE zmamGNAIVUy)@H6zS(*Kjy*ySgx5v2KUeV5OaimfdnSk(za63PVaKHC6XeA_B?Y8fA zyRuCQv>%x;Bl{M3lol{DnQqt}@U;f*QOTNl=a+}mP~w(vWy&Wb{(QN>jPD^~Dvbok zR}?*7@WV1>GtmcTZl1g|-~EYtxW-k#^1Gh9#j1~8$42DVR0%Nqp7j2}v+?cIXQMuG z$D$20*oo>9FU01Up^7nq)O?=`yxQKU=kc9kJoo??-Al&hLK<6tMUmf8a&=B+v@89t zb;E_lFwv`fl*{WPtUd|p{JN#U_n2^1G!1i>j~g%{apds>_ZsR z_e=;cKtV(UiQ$w7sR{z|6tFzVN?p)2R(scm-~S!`qEFL*2Y(Sg9Xcf6cU@v^k{9F*WvH<7?=;X!P{BXROMM2U3H=??lY3cm(@VW7e408ObxTA zC6Y8|w^)4X{K_x6Uu1z+2iT`6k7SMQTIse>XkOA-I1Y_4+Ps&;$U5tiA^FbXc{CGa z?l{m&w-?7kTKPMoZe!Qbn0Kt<>iNM>2pa~zj;UK|p)w+O!aM&rb1VAI#ETv0VBKU) zsM_8Gg5Clz89G<^orro{N``pwPN_Ko=34poW;jH3ec3HCo*JrK{kA#M)i|#!VEl6r z(nQ<&>kpsbiIZyUq4?cyjO*7By!4aa9K?KH{K8#`?M=(*%2&k{o#yi(#?R;h^?IcN zWDT{^ww9lK@TR(qt`^n|3;@04POI|gS;8+*4H&Yf!c%$=M|{TiLr3zB&X*85OF#JF zu4mJ|2!7sfuQ{*NBkl!d-hK#edN1x+3z~Vz9w+X7aah%zGQuwbZQQIm3Th%9G=c69 zH!mnH5FIvGSE{!>+_(;QG63ZOo_H(Nbgl zt!2)p&F0YCK)VV&+^#5AHuev_RxfqYhkvFPn=rdEcroFImBKn2Fb7TB74>{gy6Mu!QS=BCmAiK0|NK=u5l=f#l<0&nj3Jo z(qc0((0E`ZFQVsq&D6;iA(ro;xIE^$a`>)P8$uS8d*C=Q z(cO6b6EdYiSaK5Yx<5XVB|7($;e_SNlxQSn_0&EBM--)dztku)@oKNmv&M(M zrE3%&L`@E?s4l24!^d%2LKW8!-}DKK?C4X`r3sw}77IJ2keiw*-fivRONk+Trlckh z-KThWFO&Cp{~sHdRdz!Z91e4;y)^@9ZU;a98Myyht!MrWSn};BU|AJx?3P}p5-Wgd zghxbaNB%`Rl?P8Bd8jvGDE&JV=n~JFR6JnFpDRJ*rPC7-Pn$ooWRzcRF|SNW?NOmS zCe=UMK)ol(EMR?=r1WMRRLO?2vcddGYnpww3^-=E#S$LV<2Dab%51iu>HtiOR*Fzt z921DYn!&v(lA2LzldS=mC&WJ^G?j-V6;K_DQuLG=)7!w6uQ#s_m3qr(M_KHyd|Blcl9@}nxERUYD!rIYS*}i8P>>>2CAM29hF~i! zTV@;-G>ag*hg~L)CGWZ#+F(E8(m#B*+T@V!zp~9;GUC-45*!`j;jtXu;`rSzWYdjo zu3^Tlve7b%-g|4f4L^xW>Y)VKVlnwN(+O)5nvTXYIb`~;J^UUj&s*HZ@fZo;r>D5m zOTPcEt{FI<=zyLS#Em&SL~-frF41&TrMAyg;(K|u_oq$&)58C^eNO(<>>mlY&9WFa z%s2~hOyN*c4wgqrUrPk7Z|?Ipc7^n_ncODi>9#hPQzB4d&M^vY;BLs#V299FR*XHU zV&j0AQZKi9vEgS6Os>k5MNdFjbv{axL7;A1fV;p8Ly7^PRZJF=bG+XDdwhN^^Qh%Z zyY^0U{xsd)qDG|K*2Ny$rAXmXkeq=PSd+ z-1;MQ?=LIE51sWUC}Bqzb5>=H_?pi@l_&2Or13WD_n0(k;J2MU%egk{TR1R&{^pC3 zpUx*jqmIQZPx=;ijdoA_GxZFbm&KQ7Tj6VwMK3Dorw)h9lr4~+!Bt?RBXAerpf2Ww zf&*S(@i{d2$L9JOdG{g41pax^IJO-qRn(+hrj z)hC%HX>XmM&>d8F#L}Dcdcqzt-P?#a?8PoJsESwtY2%*2CVY@=$t9Zi>Jn3T#nr8GlS19S>qa05_;0F- zr@50pMx&k_YYbbe(~VOEKQSeJ&q>)$F?N)QWjfFnhj)=b6+!;{VKV`2IgaM8T%+_R z9~4o3sU5QC;U`G49B@syWrzsK%TfVknUf6Z^G$aZkho(8cWksL;JEB?n+pW@fgKSL zQ>3N@)FU*ArDTHCQv@G!c6L=fNLJ4HHorN&d`0^8U;uorGvqknK*%!63l|tXMBIJF zHtxU@gO|Xfa|S1!{avij#8NC|TMdVc4~i^r6uQAMYk$I0!@$U;v`pTTP2?MNO1LWOYPJAXLiH6Q*mzPdM|uZ> zKk|_%Cmcll<^AVgXgD3x1Z2JMw|4YKO5%#s6^Msf3dc?OILk(rd&0rSDr-lR{M+c1 z85!NHL86qPSn(2Tcro&vuvesEYR2?=-n8>f(z;NZ3LLtl+k8#^zJ33OMm3GD@K+`u z8K_kmA~h979xN|D1Ew>}zK?a=%K!FPBo4nIfZrv^8LYYosqtQ`m=zP8d3;?C2M5sX zom?X`dIj5>P^1iE1HUntA%}Z|*Fj|R^pvXb+c*V5e%Ti;U%AnK!F%CLF7@OWN8w`` zi{07Wc{elM2IMtwIIn*O#FUJ;DYh;zz`ZIFn1N68f97oXNhXotdmj}2DpAs?_am@P zR&tWd?W3{t=swE&!OQz{C4owDPCj4@pe2G`|n|dju-tRw}j^O8_TaR?C1*pPI zeblTW*j^qhGD0Nl44X@FO{Rp8q}`a)bxJip!xA$xx(PERLR^Xr?IV-sEDlvj2pmB9 zx^JnwR(Dt3nVt`#C}j}l(!(0=|IC(TFN*|1r0 zO81&K4~1XzQh(OP@-x4}j0_S;j}aRn!6rzsOvwI$2ww?DO*50%H&6Y8a^)+tW(Xa= zmYhCt!C0OdW}}ALlM@EU$9(&?Q)_4c-Y~EqAw7wX zDN`|4ej$eD_{|HsP*EIh@&ee$uLxUBz1VUvf50A3pL_7#B31cbd$QqCYw&S&rPXY4 z9jxv>{x!xK)P4Ml^A{NucE{GF&;ePfIFOqnAo!A{P?l5dZ zIpBbqGVu9LCfs#pqQn8@ZED;Ukvkmreg%2~iWfy=X8|cyQj{YYz}WV6ex zuEbMxXkH^xdV}{yd|0Z@4;vTlg(>Ba;nJ)qvVH(BtK$~(r8m-DUMlc(x7tzug~+Ek zQ3iDa-Z~HN*g#|qpDRXZXd|q=rzaLRdHK>k_C}}pv50` zLFc(H@%gpljde=?vjom2w}j9%IO-X65sw=h7gkp0g71c!xWH2B4;Ri61`kbJ>;k-p zm84ak#hyEqN>+NHEzLoXDnqR!v+|ieYh16Vq&bl#Qs9Co6rAA5c}7<(8#C@+8>1_# zeA2y}aOSPuh!^X}E`&C_WT0dz(5p{kEOB4#PCEQx?ngtEirTMiFc;g=;-)_@9a1RL zD3?gtU=$r;Dk_BC0i3isnjq~3R+&=u%mxn}rW~U-5*Qy?>kasv622Evo6tn6^dxc z@XdMwK1yIYoCM!6YC`ETW)r5G-;ZZ~n(@;_S$@Rri6jZTBkdQ1k7g7*{M%F<jP-@mKXjQhlYbj6!@BE)@su>h59yc!9c=ATtp9Oe9h{}JCerRfL_5iWRaeL5Bg zl25TP9EfKZLooH+ah2%eO1W$2Rrb>MkWTEP-?AKs4V93n`wCXRoQTKGdppmq@*sb1 zH2PyzWj9AP$<~>p%R7l21i;4F1iZHyW;g4d^Jo8%b_7K^+iGD`@CpCIVIz{?T3V>P zl6L(AE&$@sNVXoW5QlZntIn~OBVJu6V9Q2Y8_AX#P-I0X&wlHKezo;|X~dj@=27p& zubcM!?~zniNPD%^+sZ@`6(?byV5>tkFC9BOYLv|35C!`sxj*o0#R5m2Wo9TM9m$-j zobdv+=LY0Th9eN;in`j*@66a<4(hRuu=bn*3vc~8uu2h1JHy-lGKnbmNhhFz0Y92- zW!qJvkSzYDB0?f)Hif)|+%Nf*2x)FVe&asM$L6E%;F~>K!>!IwnUn~O!$lSr0wDU8 zuZ{>SgSREBVq!v4g){l&3Il|r&;fbbXE*U@1U8C171JtgtU;cHvw9Md8R5yTCoF2{ zr%+#a4%|es4T?>M%iRH#ULk($x57>yKl2l^O%lgVB}NUdd(tc`WFkQb;qm#AKB+FK z+eF9w#Bn4|_VjS^bBd)T@7}j>tH`qv?yWnqFVQ6P;Gab(BOJF}BYd_}GD%NNWco-y zJiG8dkRrhzS&oTbRl{|wUbqCr5hLloBWJVz1nB9sWNlLr`$=YB=u3DMad~=-RX)#> zq_Sh}>-eN311@z&+~e~$>1@Gq#Ro|d6Y>u*eu#J_zMVB>KI^xmbY*AXT_jC@0E7UP8H2 z)iNljX-F+Sqemd$!9-gbs7C;8Q&f&FJ@`av${>zEE(wYE82Q zVS}owE29;k)UUc4?B=Xt;REU-d}l4eKKU#szgq-V*-q)f?;d zFHb6Q_YhZ;g9nhO8Qe@%e`N-lK-p4rn;(@~l4>KS1SnsJ9^%!m9+zoxA4i95iA7f| z5fu7KE~S#pt9)}P3I^5PV4f}PWzH}uKY!ItB&X&aE0RE8l~SW=j>my|ob)}%Uuy1P zf;1kLV3&W)xK)}DY)l;N^B4HSa8()sx$B*KvUVOirE9Ecp1oZy9 z&&q(j+9A^ks_!35cXJeLc5!^wXwc;0VVvId?aebIQ0EO{B8zrvns1TP68*8-EyfHE z_K6m33zVH$v^gOfF)*%aFLW73&ayB_y)Vt|F~)Pu5aBf)h-cqrUKx;r%V2tsoR8fT zcrRMLClhn+I~1@-9eB@e7@wYB{zFmp%_nP?`i&CLwsK1Kgdl1Y@}Sqh8v>6JPpzj? z!m{7bCG9LoHmV(lLIZVMwB@p8SZ8j*Mr;>tb;Qk%-@l9g}@g_kLFXxT1uY!XH01{ufDT3YIKJ(~Qz4m20-+50-0v^&e z-2*N?iZ>DLDd?5gY_DVOLju)HP6URHj&r`(<=NaTEUOQFk-b5kDaRwf zjx{(?aQq|E=eI{P(|6*2Jo-Y|nuiVA;@+JgCejW;NZatXvSN*Tm5pivCL1hBynYSM zHHUVRyxtS-V&yj=v{|kWU>t?rLo4XL*!o1JPx}hQJ0OKtkVAWpVsT`4mR;hKKKoYD zQVG(XTu;Z^xl6G!rZ3<{$QIQ^a1--ts6cmL(s2HLheD%w260uZ`*Kx*Et-TTX z4NlZO@z{S`OkCU7EL|fmjWx1;uy_`$_PndTB)K74R%TIM-4P*LX-)r>*CouI4o5KY zbK+-_WZ#&iWxsTL%rE*&E0KrH5Rui7hK!O{3hAV{bc$|O^-Ke-)G4J_J#^$e;U;b( zhi_tzEb0ARs->gWWy*PrirY(Y@q;A2P$rp7aL5bD^U0eYZ%@B03CmMJFOiA1*(YK0-qXuh$+k5gNmzg0BONBKJV>O$6ZsC?AVklp+}Mi#tK26rIy z(OT$Y>_PaktPLrGw?vnUgZlV3_iNRH{>zmrDl_-+@#HC3v7#Q{-?U4>gX=2Jce3&S z7~pOjZ?(63J--RJ9%nGvr6Gw`AcVd6MmTKy{KlX*xnV7lnRgpX|n|W z7fAr+J<7dT+=lus&OAXfc`zD1r(z91p-nhaFC(e!rwlJFwV%R178au)Lz+8@SKCL} zMs(X6NzAN?ym;1p$2p>-<3l6O)dW&+`|L5_c6#>OVi-_rk#)Hi;z~uRZZmwX$&WjK z0zrx{v^KPJxQB{|AG5 zb{C4Xb4ZDR(1#{$@@|RHQ8U+ryzbS#ob+0hZ$u%MICwAJO`#;-A=K)@VG4{0`=$KI zY9x=fIa4tu>sI|cnw}drJ2@L&K3?T6ddw#v?sQ1@Wp;114obI$$GV;YwIX?Gg)Nfm zaD={ku0U$jxhk!Pqv!o&{<1^f!g~ci(q|Ypo5GPpsyE3Gv~8@AGmA{4`R^yxs=aRu zDd&b+=3-Jj4@m+DyH|EdjJ4%`!z=WdRv|3@&rMCL!<(*hOgI$8`bU3%}uuxX~W zx~38IR*$OrDHvq3L1pGM2F{-2p4(dg%;+rnSv2(#b35bFe2)vq9ZOmg-K2XfelEw& zQje>Lt~Fkh-4x4olUM=Di^Mcq&yK5OUTkTZ)4R^@sWv1)rzg-}fo-I1Vu`ClWC-gN zx>Cwz^y^f&6(Qj`xbfDrpXqoo0n=;je#WSGjG=7^fS50e+ob9dn(yVtuMM4Y84rTKIcqvRx6&E`v^25y1tf z!rI{BYbq*7%3TtXvw(;w zrsjd#@g8IwEPorJ60b}ZS`h$)5jTIsOyx)#u^Q$p7eKZ=!^T*QJf$Sym{oFv0vvRU zwJh41&$Ia<2HN)i2I{Gp*=jg57&oufC=*Lc%Pi==_jQo^4X@)zseQ5yL@F^UDfpbT z4QnDJdtM*Iw4w6q>;Alwt%!uI)M&#LnYk6Rn|I#@V%vF(9%EEdmUh4We)OQJYuHR< zirIS6s5YR1iRT0snBnc-V!FnBFLPTbh(53Fc#UT~% zoS*bwC7uq#`9WHJfmFrTh@b7$QA^&aqTJ_79u@r^V_YH=ys`sPI+^ntlXvGCqA4@k zypj#;oAGHy5N8FRLv;5f|<-vDNfu)13CBWmjZ@5 zu0)S@@1kq&`a|y_Sf!__4L9eZv9dePr;<4mJ&)Z!EpLMTtl`v-%8{+Z;exmy)ykB$ ze!v?m_j+N^70f_lD>`N8oA+jpuXdkiPU?!GXYn=u-GVczA{0*dZ7!wkgnzC%{>0ks z$0-Q*?_<7W?ynK{PW=tUFX2BvQbtbNOa@R>sVq>xwkG*_MQm#uuey&9tMjhdhw0O~ z=dI5*p6ym?SX_~6a-}_Mae~s%e9yXMwX91?ZR8ZHa(NiDU8%n=De)MX5ND;b<95z= zOQ=Y61@$3_G1iv<9$o#wRBQbN@IyP#$;x7B2dHOn8d@|F(2NH|ekW3Yr=}Fvz$#F? zyFFKR_gy`kY1Td-8Yogo)jX5}4u$#t0QIIs)?%5%*znbL|_-J*8 z3DW+KKSW!Eh#NU8#)l+3&~j}KU;g3UxlLTLv3ej zB0d8O{$3}d#&J1GSHh9V9GS@{-=nz8XiR}lTFT9RmBKwR;g6!d|+EgQjl()VwEONRMimZ>J zP&TYErG4PmSSlsKT>Yn6EZT7kXn5K+wi(K1t~6k^5R#93Nl6{gp?r z%t{-fs@r(T6_Hd&BPtJlWy)Lw77#C-#m)T9qvYw%9ddE*sG`wNMV^iL+%!$Lw)9n= z4QQktDOlnpSacDl4!e-6UMoLda#p=Xp^0Z(ccyFvSjCq+tIKKV%l7XL0{a+}1HrW0 zr)msj+b>;iBaw}4As=JhQtD1(g{k}68^$sQ+jXAXt%RDaUKxJw^2^NjHJyupP2BXp zTBG$4LDROM?hS(OhUT~`4>}T%uoH$qOoszL_YFK29fTbl3B%7Kh>TOgH`$6}U)=E@ zlfh0g+g3u=fSYc~9dN;W{t_JA@PM_|*9g`G+Z^nqvpxAvd$3NVO1`P-A6oXaz@-!i z2m1;{&YAlAvHlT$5Fgd3d-Vy}0PAC|oD2j71);cnCC}{%qTpK4J-asO;*bT%DA z`2rn&Rv2S%$mEw1+=230_~(Ta-{s68@pXwLAqb zSD1n7)>^bTmOU7*3D_rJ_C`SgA{hM0zRgEn-3wxPHyuB!$3x}g@7t#K4yN~ODmkyInwEE!)-jUmmqx@e0E5kQ?e4PfRgAt#)*Q)a z<||E6Om{;#?_W>9dy}qNp=YS5>cB)&Po`i5{M5rU@CDF8{U-t z6|biqK&3sn0YE(iieLaOear)2(a<>^SjSiIOfkM2(Yca$6a=O;*-S;PP_edb9BkX% zfemr%rL}%V&O3J9Bo&O1XFV4@iCCb}S9YSL?Gl%#c8Oj7LpEn};AN~WZ1A(3b8ae| zD@BI*-sE7fpKo6Fcr32ESA9!-G4QuuoLyN>P_Jw&*xYVb(^#SSW z{ez$X)$g){LePK$9RzA0*m&ZF1MliTeK^w-s2IMX`}n~T8dvT998!UL*VK9k-%g)r z5K1A`dI#Pdj-M)f37a){NOFd7*Vk5TW<|Abd^;43<@;|qyDh73+rD!JkB{#Qq0O+~ zYTh*J_T9a7tnoAq@dVB(1xy^ojrEhv8_<5*Ysz*8iA8sXQLFnq$A!3*t0v_D12;sM zR(ZK%%nBZ&CshT^K7}xP@J~&*R-VpA4&&Kd>5Me=IyHAN*~D{ zn@KY&2O%9!=nV5Y52_|0kyE1)v7*dGg#qYZ(un(fFdn`5((;|H*4@!#;%_B7-Hq(4 z!zN@*$uSLYXj->2sboB#0ydFDqcD8pn!mv`BVjO)l6amt3U$))7(d%gf$z>!AgN0`H8a*p@Cw!QNNCS zESUEH0Q|T%DwzRd6iRNV@9qH~Ko3rQ7uqZ3l11WA74v&@N1YK7{1h&PYg0JofW;CB zDBZ)S>WBq?Km|GvUc9vYY-AnqgWfIX(@nM7OLuK8ePYMD>2_KfG}tQF!&j5(eSmLx zTxE}xEt4qX1@k+02HY0rOzpu%lubdZAU$cyhY>kDX;G+9 z1ZV^I`v<2SPpLxp6bK_hIY2l!xW-Fn{s~@_ye@>G9&w z;sg@_cYlt9`-k7J9&iyT2zz?|(fz}~DL?@V)B~rjdRCvOkvYFQwPa-FuPn*Ad)1h5 z#*AazDkbH|gK_=**IV(qWSTt`W$w(wn(Y;tWqZ|x%hxQDkAy}}HIfUE69PIqz+P{p zW@f^Swf(+)hRF8BhQ37N(`2@JQH=U?HmaDm4%#%>-O1b_<-o{CA#bu3jNnu{hwTwC ziR;MA@tigK1gKL#dIILqr|B-1V5 zau}33QCWjd?#BJRnXu{rBU+D9sMJIM0IGr9KX1Pmnq9x!uVwi8)?3GCZ@U8~xGw3GVBr}yO+`^-8o%O*3O0Q>wTFIAq)d z!*Zz_kVec{HJpc=mBsD0gdyrv}S(zW*Vra641$_Si+rR0?wBddIvQikV>7aW>f%1iub}=9pRci+R$=0?h%eeAE z(5A7S+E>M`c7OVVMF3G$TabG|!Cp^8RmkBM?hz=JHwhx;GLJzjYmloZ9{><3!|vy# zJB)gWbP9m{Yy3m6Dv68((xMa(dV6sU03p}Yrzv&qufTgp{{U@1AAdjp*6+iJ9ZUuG zr}3v8Zi7Jh{{RZ|iHk}ARDFMk5JG?hQ2`p%eiZlQc5k-kWvx}0)w?GN>(oxfWL>Gu zbNFV{gt+p{EIV$%&%F|uL_h^-qrXU|O#1rkZiHB0FM$Gf|* zrrc!qN6nehO}YGCYPxU08j#LZ@)Vdy7@tqIW04fFGOxg>C>?5AhzClKGq!_nCU4mb zuWRuZ%ixPU0A~G9%9d4&bX(Z_DLTuxMC=ww#xOZP&Yp<7URri@v%5TO(UEk4nG@-q zI)y7hk~$cAlsa^+L$9~-;?Qap0RZ%=`n8d@vUJ+I41wyCv%u||jwMWVBh;If$y>V`; zY#q6mZ>)E0vb-+{7>Fy{8F-6!LQs&X$bD<7*@0~A5|ULUl}!_o2@905xGqh1sbfPSto0qPyT-|(jpL%0AcAxe5v*eUJ<%s-y6E+N^> zNqS(6@nXc}yho8^QHi~5nZbCRY~vQP4CR@TR}rq5$un@qQauMKF5P5TMPy2H9Ht8L zCVbZ8xNK442PNXXQ)iON*V`R!d$aPDqm7|fK-Pwx!sYCG&o;8PAz@J$MQ0g`n!X1l zNDOge4i0M6#uSfkXs^C=_~tfM22a57-0h9@OFq#W4X;0DvYCDNY0R4L~uwN1nYxjrn=aoW$2z0Gz9e+>4oMi;H0tG}z(6umn`kXy_0Q-CL1w8g% zsANnluiiOq^}jUDoN2jjSFX@ZTvI)%e{-z3_ZUo_Y~3^xNxEIYk_aS%UB>P=(m^t$keEcF^9p4F9-h4Q0YC%<&b8ukPJV{CIJu; z0RB-Alt6t%pgp|+N3R%TSD}bu?(Ygxz23dS>DHn@$B{3h@<_;e5%WG~{{T$nkIvee z5V$5{il2>Xs5TnzNT4QBF({M7=prH_A|XJfMq7ws0TB@z2}AA?tw*4AH+D(`q-seUeXe^Ig|)^dVZEoR-3xZqW_CiYuq@}0+#VJfC5vR*g`@Y^ZL<6Xe zIK4gtUyVY6_lL)y|IqKlh$aB_9w3}Oy8WGhyNDtJUcD>&eFun2cMo2a_5EDY?;u)a zP3yri_-P!+dEi;Adn@9c%V=dQ3Kra-xUH+#58Vy!`%&9?yQ#aFcPS+{%@s^jhfzoh zJ;W0f(6QuSTl}GFPL=1qowmHr?CwRI!WR5Z`ypy4fc1LEVJT)u-7sihhe7lnJbfsf ztVNLGLE}&=g+)h5CJGctA{^YPZyTG7Jp&&s!_FrBx{RBSWh~WnvG%5m|p6LtCi@EMCn9LhXeeC8*wX#+DkaJTTC56%XouOkz zW7ww2{{ThBLq|DCE$Bw67)1oi1a3en0DH`788G&gw4tle1H0zw_XPxbPz1Cn_3jU| z(zG9sULcS7gnEZxN(WE=q2s{y05|NVKW|tz z(ECFZY{uGU4V;KuDq>v8l=5s+nGKW-Q+Npyu(_t*6=jqP7Z2h`{oD{8Oue=3wT$m3eD#@^a@yG?cGjFQ!Yut3c zk%piF$)f?F*N^Y%=~1tzQ2ze_epC-Y_WL+-JA$;YUIre}udiM+>V2QL{v2@j6g#LP zPqx2j*~nA!rn)yq(Rf1VMgLo^{oe> zjX5-+A|L``se}MTL(oKhL_bd)AG@#T&*Ps8<@57pty8C~R^lt@9XY7@0 zWP9ELjn`pVan_b8x0&3xrNMaQ+p;#vvSFi`NlQS+A^E-0Fx9Wua`6O6b&3PrV-z{4 zE&Q71`DVv?Z}^JxVC@!w2a!hMwDrc!c8XoUD91CN*hcPVmNAMoO#l%OxI>?MJIEH# z&oNEpABgSiOzWr#v~73YI*(^8V5p|5&(V9Z&X zNZc%&l!6S#_}#5>x1P9A!O$0DZx;7Wx@8~cAFOcz^Z_26VKXK5CwZ;X zn{PrelZ?UR-r+uW%(z=fA#S+bCz@ua;H4Z{GpnnYE?>{Gg}BObbRaBM6jg&ZNF=kx zgSY7=T5pq`Rr2w1N0qd{mMmXnJ0qa)Ulw@%$NvCPR*9;alP}cBIY#gVTr2=3Q?)+O zDY{dZjIWOGCGtr!05_QV!l*IXZyviH7TvG;N6K3HnXp~f`PXeqS2B3FBHs4fPpL`@go_fC zLnP@&Vh zywL4`*nc8;8*+E&EL^@D_U7efxA)!(ye!5R&RN#k7<)jNy9+^L**N=-?_VOdx6>?y zn*nl?s2JueVE{2ILFWGeJ={+%a;SrgH^Y2%TO}0*3GqZrjRGy z^8hR(TGFHIg)cD4tRTut9lsDM(Q{8Qvl zJ`zV$@LI*<`qxC{t8kv#&55|wY+(VYIv7kJ7Dqim2BZRd^9|iQQ{~TJHdjS$ZLN** z>Rczbdn}&5PDbE1+4g54TF>M$h5rD2#5iqn-|`TUs*%%+H|Tw0Fi=XN$WcrRaWQAb zAnY)lOe0VL1nW|!A^su=)}}a6MuH(;da54~{d@<|wDs=m_jKcjppW0v`+eL_96=7? zr`yx}d-4`Hox@yX%@x{*I1PV$_=l`zXJjb%r!0Yprh?%YyACvemR zM#h+>EZN9F(@N{3#9 z{{To=h*E`WVChg0t!YniuS(O3Z{;7+`}qStW}jV{qcnJz+fcPnaA9q0-Zm_Agp*ll z$oIB`EseHEU92mV?PN}op2Re}Z{h>9q+t}Qm>2*Q?@4RbH zp1g=}Iw-e8##VBbE%-DOyHHEUAPCp-EbD zTv2dWNRh%u`iVG67YG=iF+~-M3MO!%h|t6k9)an{hz%+=^`O)QI@8!kp@2Ri(}e@j zYu)=g`hC1;^bikm8h)=@d`G7c$%)DW9m7zlc7Ta!6dzCuSFa$m%&eOzT-)J2^oQfS zN6UU4WQaFxqNO_W_`54YwFSsdq!T@mND4IQ6(2wzPN|bHh|~@gpa20zoj^oDqe1VW zRs{AR+<+9-<&2*Wtwx7(X}SlG>I*iLhrm0{5ew^ z8BjQZMtZf2$|sMV$h*+T+RL`Mk1ym0Fw$27HXIb&#&^k~A%6+^w3+QIf;t}HNu+UI zrYe}t!?X?d4L9qLDMUlmOV+gk>rnIo4?!;hA&0F)ulD$Iip!#bKvq>Wicz7Cs)R^^ z+;XN-6R2X8DszECzNQcW>LJR#igo`0EZqXV1f$lyL;1aF*N~UyIR%*B-XLd4qh^5( z<=|a7LHMaI%ZVi*aG<{Vt`hFV;l?WJeuMhrZ->>O;cB?Y6Dt{O+ooY zr7(P>LjY5!Jp~|ufb``~1Jpz8r~d$LIB*`IA7wxLtHlpcANoeW!}#(K{O&bU&)1Dz z+D7DXQ|X_OtwGOH?vYSYA{JZBjGiRE4((8&CczjCkad#}2EpXw)Y-Eg6!V&qU3UY~lhj&hIXownx>H-u2sDIL0dV2Dp2WS9Rzpwc4;t12I@rDsF zbTL3ZtLyr`IKV$>fS5*}l=Y~OKne(lsPmt%Fd2#`a;*G`;uBSEfX|y-nPcrh$#QTv z5|LQrNG)hw*$)3A>mpRTF-9HnLyO1 zGcErB`&FtL26t9A*%p!IM%;CsF`7-$l)CKsW=N+2H*I7qdBYjT#%5qUFnleXCW`49 zK1o43fOHTaN)PJga*t?~qwDL_?-AmMKrnnwU*EvJ3?uDO{hS808hZP3pU*%gLZTkM zeJlOk|I_L3%67!=ZVH>w_#HdAuywyRvRi1+TrTrxizec|El^7C$9I+8Y|8;H3zFNO zU`V%?Bb1gaW&77Nw8EfL4RFS8@$uy6bugAvzTb~7E zl$UDBnoQC}jv=tbgwtXsf|K$n4ciKBTLDuJ!Q|%@3SlX!>LKnw z9x+-J!%onk9NkB)Knyi4Yx4&=vx3pgbG=?oe5kFO^4`}ogToijsan|f-^6=YoABMQ z0MhE$SeusZj4ip3F4#z=2=ZXaIWdJWI4E-%3?0Yr*ejR)ynZ?E^2P<$U9`E>gPvh_ z!Ygp@-p)@e6?H|JO$&5JDKU~>eqC`xoWd<1A_R2YN8~tjPrQ}*$g_0oM)p%-wdZv_ znPa>69#|+xIpe5E-91huAzd2R3akV}0zSz8X-kdX$_ zn_H6?iA*HrA{Th7QSon*K_8llq>v_B0cpvrjv@KY+$q7iSIO}d5lUgVM z9ioe9Fb;qfpa-`iKWpquGSKqV;oj%8tt(#Lp16PS=F_-jU|=F*B&DsCwb6{? z45Z#iu|dPw_7g0TQ6$tcibYS{S_qo6I6`X_sG5~ZkLkNd(`WyK^&wpQjoPQ1+KJQ)t1`kmh4^K*czr&h^zWT`1a`e+? zHEqMj@vG+CJ$Tu0QjYt9tUcoDIY-u1;^LiD?1Z}*vUF;Ez(j;Ym^;Oe-)c#jrH$@8^%r-AgOMTaICLcO=6i~iLh!M3D?>42i^JT|x8z$_uAQV} zymFW-Qz$=B)!J-W(YkEF zI5chj6;+X!Vggi5Dx^-%h;V*v#ycH}vF>xj7kpj&i*kLj7k61#WICXBQn1o# z3Df$C2o-iROqL&mWA0zxV9h+oUTmAv5I#3NZyvqGX;KL?$=U@bOR6Tt2GHR zAA8~-AGvs3z)7;0WW2g|PF2SfEn(~jR^q}`rgI{U~ zrFhf&ey|Rs>L4M~o}<^LY1fcxZ>Lm7!kCdkJ%s}E|fQSHf5CP;~d9Ayx+0Ppps@k_M3wmx_AYVGmj$oQbO~<|bWWDdSIC2r9 zA`INBaYRAUjHf^VNDg87KzT5x?kIr^PK77{2dBzV0rd~FjULjSF)_PDP6JU801>DF z1u6m}J>R38sCd=#Lx;3u5oYWIvp9=#Z0xMxb~h&f0C5u$rkfRc#migyD?Z+rWv4L* za$5Ezj5M=ZNN35YMF^;X*QHBC8bN>a{{Z8WqDrZA&1}Vt;US^pZ*45vn27?2jS~-| z7^%rbRQ~`C4cD6EZ|{x>@&VdfRjF4$nQvZ*tXOgjv6l|qn$Aax1@(aA!jr@wiJ^bI(t=urD9>GlBeeMlbF0QKqc z_2f4B{858X6MH)?Ch2x@_T;7kx!$gVZj~?K?cI~aQx876Oww6(S|-h+hg1Ng@(@R# zLQBtwh-MMzkw3W zEmj_Tyn9?R>?SOwHnStZ%pi-{TZY2Yjib3O`L<3#PSNZ%yIfvYGEChk{$eVka}eaA zfJ8Zmd_!gE?TX(YGCKuo+PPK>8Rc9508NjMk^O^?HCO@+SmC1ZA=hD5g>o(@RGN^&sj zFmo2<;vY>!`)ehbM`t{}Jj%93qq4p*u|27bF6pMxS0-A*+n;D(2F7vA9Khz{xNKXd z(6(i+81|`@3}jv`#v1nZ8V_i8 zm_TR)(x6ca{G-#?knglUT`Y?)D9Gw=k7C*HARD-cYiGEd5lXX57vZHG_mH!@C!G`{ z%QqIr$C#pZn2L@i&Lsqa1dO2%%yWu-RAjA-zpc%a^8=P(_PZp&yiVZ8x{YSCc@v_V z@g+{?pOWL5AO|_J^@=F{F}N<0t^zgsZNv(ifizQd7QQ{SW#{K)A?*ty%C;mXrQ}_i zykr%xYg=*aK7Q#=(h&&wh&YC4Ir~6~B$8h!00$u>#{IW)@4mxbUSjh6G@M0`F>Ty< zSH_kxpKf-JG5)cwBvkIq{Vf=E3=MK7%}X&C1XN4)TH8pVfE`3uFDG;WzyK5yh)_Gr z+uQ^H096N|{h{a~(~xHt(XWYp&0}vfNFh9Q`3%Z`MhUqS6fG@6-fOv47FHDi00uVR z9@^!JR*8qvX%l%QVw4g|_y;FIr}}*iT2y_&K*L&h8iEy}MBRQIs#;J)1O}ob`uOfq zFwo&z`iEbKr>_(Z^O!=k5C9RUK=cs%YhHi<)$F5u^uEO3t#Y5&T!DFC*zPt??8mp% zE&l+FA4W&twr$^x?(lt0Dx2n)Af3B1nP)&ui4xIPu1un_t%Us)KtBO zAC|s=6aWwqr2suCPfk?+=uBl=k@j{C9OqYJgBF)7#hY=gyH}!cn5E zq}sK7#bSXMX7!>knl7JtRP0@=k}86v?;%EqDX1aRgUxc;NLwb}*3FTaEw61cVAlfX zCo?Of2N28gvF-82%(K*1SvG_LZVg1mIH^(zOdvf3Yp&iL;+`B=1BH^4QJT2H=y4x1Br#6=jM2UuGiZqDK>#>yX``2R(T= z#xh_8`ktKxqH1>le>FORhp2ty?Otkj-|pVEXudioP1!7$7iPvuycml*)@YKGxhE*x z>UNQZor^L2NI1D~tFBSfq)9fd5illY0Lq;-z)TTT=NkDT^2!K2%@TPJ#lC?`sFLKt zHe}N#+vBkI!n6TTFki8%JdD=+Ms=`<)`5vLiLpgPr0G!ZDT^@L%c?r>rueQW3u{Iv zwDBfAi6Kq-O|u?UU(QH&fm~cybo+xZKX~0Q%~Ls&lXB_e#vhqVPy=A9KR;hipd`^U}9P%!Y&R59hx!GF!9V#B55>b z8pW{@Ng|Y`OoRe}Py?T0gX=-3Fs8=q<}BKLEs*v5HCu$b@rF>h9b30VPt{eU)Y4Sx zIgXfvlx!gC66UvMTOj^1@)TX0=E*EU0~3+$u@llZ=sDs|(%eVmD#h zqh27^lnPd$H6OE%6#Xg#-Cp1yZ$T)4`+9!ffB)9+!-+un2Tp<0*gXS`5_^D$-A-bQO5 zzy1*C3ZN!n+kJ(#MFh>-s)*d$jg%EKwJ}DhB6t!M<>({cT6{uf>IM>;od$#H)1?4t z9-&XSkL?o}1cB0`CapUC)%5GdH%@`j3O_IhuTc*{l8s(h3yj4uef^i zE$LmXHa?u{b&zy_4tqyguwAsOMF1z$S|=A;%oYGl!efAf=^DLi0u>tbW|K_CAxl#m zv?<(k0gONUi~vwL{j?5NIDEe?0BRn=>0SfeP!6C0_kE-A4h1le!j%va4xXR!hiOi zH$vr86ZmPu!<|U0)5Ts}?VN4$Y(BX2V`k=I#XJAV>_wN*L=Z zmw#r$Y9ERGbA+<5{n~7vNW3?LdnHgG$Lz*wO#(Bp6L6V|y}7R#rK+wh+$CqVBBo6Q z*bwqRNK8?4+F?(U(vd=@EdqcdA{|5vQwh3PsDOKL0?^5T4NX%82dH|8fOQYEnnC0v zb1lsh)_cb~Ny9IC-ez?dkFbs_jxxrY%(?3Pclj17#ZWC;kw=bR-4`0fGoz$K3rNQ9 zTnJG*^B?%j)0>-8@O;$HXqrOz+wGUT-)siqWVFPKmgCI#f+?!KqXOhbMG?n%mK*6? z*7H)RC?d_6s6v!iIC4jX29+O9Ek=~6Q>RLQ!-ze7de`IE(~;ZcOHQtRo3N~`i-PV{ zajxfT<;>?V>ON9X{gKRX)T55lcNbsDlj#~?59Y`~G!@9i<`R7sl5|iN8xRKg&|S~A zcaH(G$*iDWfk#qxZk)IM;ibPl~K#{f`zg-7BZo`LP{$MgT!@56@IU@>jXvLQQwnzl z0)bHJTK?WvQ?x2kZ)coN)>R)PCx5 z_3fYldXM(~{C5~8AE-i901fsCkLUma{j?52HZk()wAu1D^}hAv#Flu?IA++(Sz{AK zWXpSGb*A20?vlh8^o~8bWaF&6+UvIG+BQ~VA<&{#enWyn1yIA(GI~Bq_WZIWZ2Q8_ z`Zi>v!D?v+x6Y+Vi2{ZYa4nI~1RukQ)93F3^&YhV0n{%e+pC;*W5@p6Yqg)_2gzln zm-7B7xv`a&%4Y=IcLlQgYT+|z^O4oxj&c>|-GpedQDY0Eq4;wEP!1*#4s6wn<*w7R zvBi%Kb!Z2bn{jJ))VD3it<}-2fiR0V@K8(`JwYeX&)*B=5^#ZtRf<3=oq}or2y);@ z%_bFe%kfO~@5&3uU>(ZCqo7%^l1LZo{UH?&;eru^*lwZ)a${55nDX!Q>#TU*HI(jE z)o&#jlGk@LY(gt|WUVW{t$R)_)!#PG-GNeGebkwwEi8=C(B)d6ZMH>C7Vl7hX}E0_G-LqgYbe;iT>k)7z}9d}PQuc^C;@3o zb?Z^}_vKIy-nFF!0Np)6Y5Y0!W#pJb#>mY|NHB_siDc?hR$5Wxc<9)u)+ngy^pun5 zXHBap_6<`qtE{2QM3O0tBS7R1Ya?kdDf_m^$W_GA`SedwoZS{Dj`$g7%eRisnStSz zfXe%@q)W6)b*;G8>8)&_fZT|o$R%-{NtC_f#eh~6^YC<+yW_H_DS8V} zFRZn+?G=Z+@WOJ=d{mr#%xrATOZHN+Qmh(D#mYvyMeKZ(bc1p`V<5rfbEt!+PnxVn zQc!{=I%g<=(0TQEbN|rq!-o!P2Jr4yJ<$vb`(ZM5p_4DWPCoR<)*{{ZVwOCXSt9FqV}Y z%9y4Q?Klz+=9M{1-SYOEwBSCar!mFz=g(U)gGgCCnW>&l@zh1hbwOBgGMA=` z_r22OSzA_|TbJ&M`HjhNyeOi@ngF8CmHAUC&C{3n{&6({vS}LO#oOs<$T<@gtQE)O z>uiyjaG`1fk|@VxDJH8ZV}O(Zs&x>cax?cg$)+aE+iT-1G-2Iu-~5XMs`>u_E#6s! z^1T}qXAvOn{jcv?!(@U!a z>j#ny=LGfClLm75*GKZ4gfpoaNhh$=F{s>AKayL^Jd2o*U8}H7*@3f^j+&xV6hJNo z{I}#ouk>KNLV0SH`icE!?j7J9U2nHof|*3U%1!3v2++r`@+sP2A5a13##_p!*D8@5 zMtDi`M&-DP#Gjct)@X-DAv%~X}U64#lWiwO5KaPCt~ez8>UMBT;h5{T~5Qk^MJ zdU|nbz{5cgKn~FOQ@BQyuf%zdWpYKTovC(Q&^Il+aD}Z8b4V^&X~?-UrtaB}e(n1e zg@d)lH!W6XBv~<`lM;v+0)xo8@E;tzZxNbrHsvy@Cy?zc>nlvCnNDx5EtPV``F_4# zQyiaBcLJp70hBO&<58&e9!u~LN(2LURB2M0wF1}Ws8+P~rF}W*4)0+w0FO}tH@`vZ z9=@D#h=5cMr$GwT#-MfmUZceCKmA7NA|Af};rE4k2)=&bF8=^WarQ23A6?dc-c1?8 z?b?_-h1gs>6J$=hK)>Su05OHOrA%I>5E1qsP06~PmcU_~ zmA&1IvfZH%dRf!0&XAdC*<=9bWceh7z{X-F*eKESQy5fg@fA`%4nYoP5mU4T$1oJ2 z0&^I`Qh*eoCKCvng#whN5fL7M0oR=U<-4Bc^H-AYEnveFGmu^`u~pW19l_X}ZR@y& z_b&UkB*3zIoq(00XBk5|Bg=0s;fmx1~NE z1B^1spg}UKCPEQ46;VYLB4kZ8fJ~vzV+a(4OrcW8VV7+3kU5x=GSvnxi!}97g5=`lcuV^Bos(yszan zPPP^CM+1tW-5?*7TpN?Ob`^~>23;i8NqLNAg{`c=H5`LsP(f5pCH0IY5&#rHc|}}{ z=a$_;8EGwE@tcv`DBym*on&mTd$DdtjKx2wK_$(3Vkt{?^5`GrHBmqgBis}YTN7SK zq~O@y*q6%QgJi8c!}raq_RgNo5*G|U&FUq=7j-m$2{Ub9`BxV~89Y}RD<0tGD~q9o zdk)n*RdShtz2A4j#m=3RgtD%SNaQuLjJAnn<#GNzzt*0QxKhblnUteRm9-lq!pujk z?W~Qm`xZ`?0R>TA!*FwMxFSlNgfDE-7x_lMv@h%TrxTz5(eJ~DJTk9;EQ^tn{5z+g zfRA|p0Pt)Q2M^tYHp)2`tec9c0`A-beTk4xP%*>+L<5|>?5@XehnLL_d2Z^rjO(t` zvokc#FUT0DH)dU**SIJYi-)tFw|y~?ma(BHW$%dhj-O+NSt`|3QgGDk^#cJwc`#l+ zcRMNVv~I-Px!VA-*9_UKx#7+V$yPKDQDv6xcXEnY7EVQrxb5r3gaxhmn8^qW;kR-s zG%1o;h5$K(uOdTmb{l^Dh+TODUUgT;>;jDRGsspKm%egdVA`B}XSKVh_2TBWGdw&! zscFYsk`s|7$u_)^(P9k9}V+`4SoxKcL=%Z}J^)mH1E3WZDFQXZw|H{9*n-TZI5*nds5 z!(8xAXt^>jxZc|fFL38P&vjy$=s4RKAi&r&5p0cb+E;Jp3VmCWJz^8E${1BpN3^7= zqgxMU?<+nT^u`_^U^LrTvaY$}Yx+`mA!VFHwU--9zR|Zc=EpsqxTS|3-59AgE&^H) zvZ>QWCXW*DZq%wMVh4RXry=|M6is6ohbdGkfKAmU3I{3sMxX#<8||mVkR1h`{J8Dr zdEEPBR`0zY*St}xyC-q$OnYpP#1lhZbY!3VR^JwvqTY4 zTNxu1#yMyw)yx}@Je>H8f8#$|@2#fReCMrMS87^n)68jWYxM1#f3=CoQ5k10N#qo= zRHg4E@vyWqYyH;f!l* z<4f}5b0i9iAD5vCYD-Bh_v;5#e+ZjlQ@B5uw!G(8#dn4;9hqmwo}A=d*Qz$f!I$#( zy;+$TBxE(Gue)aZx@Yn419W`?m8$5}dpbuW8&@2jq)ytn3=r`@Jr!`cmG+*xKufu;HPQxUTsLNw?GtSOkIb$JY`*qV+&)!clBx81vmO4uiqJpI{lmgJAV=7B$Ie4`4L9&YB zgXXU-mZXC$1DtG~kH<>dIt`9(*RlCa9JZAuu`Mc)Xf@~;5v(~UUNr5{=k@eXUw z(`qW+yz6`>c0`zPqTHT1k zwu6#3m1v?$vYVQ4^+$;;Ad!od)y1BBb>cN>JYTXJJHEEOV@D`LJK8*Je{0TkcHI(v zD0ULJUL25`$5%Xx6i@3uUOqg|)BzO$qH!=`j|VvAO#0(Dc@x{ob@DHg(`Ed{t2vfB zbrjiK`h^jTuJD9QU2v_Ol#BSQPSlZzL8Qv^r4zlKB$slloTgOD`>~^e@a4be!4nS< zgz=-~eISOMv^mAxlk}7ZSJmF! ze+vxM=U~+8I8eYdJ&7?cIKepH%EP#N&4S06!yQ}E_N|d+TP%wo3va>36+*XW(E^yp zInHGaqRSjivz5+uRXNl-j5#DK0YL#DUcEj)XxEtYD`k9fgmKO1ma^^V1CH^YK7f03 z-nX^T`3U$cb`m`>QNzd16hCo=Q4mQ4lPTA7xyX_vI>$_gg&P9|YzLPY(wV1pUS+L* z(AQF~nBYALgOs1eS4MrX+BqWe8LM$_SVyrL0mNPShtqKxkI+^rt2RU+$b#x9p${~; zn+)QN4`xK;oGXoNJWXK1Hc6yCpN=h9Yd+s%-2xRfij-_4Mr}->g+%HYqH~yPVK9h~ zGHCz+K41_U{{VzQL-zHr0U!ygQ4k)KttbQSQ22Ag{ew9+k0T`7wvb^U*>+FZyhSH0 zUbAwM&~(+~HOQ-HO$Z{A!z#-05t=)Zf;-me*ICgItvtAELJfPyM+X%u~ zu;)59E*jVy0SDP(m7#9IoylXZOKNgav*+-PTBe(H4{%7J*&?Qh6P;avfQ5eAe%f(< zA8-7*|I+Wnhbfpq3?0EzP(Z*S0s>Q14Nw}?Dedpha5W{znO!fz?KMu;@vnyR-M5MF zti+Xrm!@}a#K*8#hCjSA#qWJtrfX*Kc&hhEJW)X3+s1rCY=EnD7zIhoyzlhwCTNL&dx@{!wMtX6%%fF7oWjA|T&{)^;9vSIQ zvYKQ0{p6QBY{OT1aAs!VxXvXW>J}aMX;(5*rxY!0RqUu}=J_v{qqto~@7+Mwray3& zu8Hk`na-o6N4qO&46+lyT=u81`HQ~GpS51g+Dl)@D<0ynnXx2>kH3pH#o)IMyV)f^ zQ5}<$X~Tv=I_xgxXdCJkr3b4U6t9IN02;Fh`?Z)6UWZ&B7*qwnM?c8G?A7xK<{+-fqb<$$ zEoQ9s=4bw+F^NOrCfb-;esdHj9%5YQHmDPhW`Z|9A9sF+#^PLF56=%yYhEQp#ev$O z@&Q1Pn3v3kTECNUc+*Vc=JU8&Z#R}ZQ|P7@Fuh5}D!(uAm6?QdDC?mh$=sCIwL+zz zSS;Y>q-W?`h1cYA7d<7wX*V1RqB6!fqk4nM5U3`4iw7lO>}WkMTap?m@vxaKhS|m7 z%`(w> zKBu3B+nL}v={pHu&-!2rBm+)yYQj`N+hvE*RH?`Wk4z;cmK9q&b}lH95+~rh?DP<^ zMEwKc-AKpee8FTgH~OS~?hPdm3xJ7D0LkAU=LdK8)2S7*G|fw=@H0bzF&39)bBVY} zh+3>)Hyz3aSH)E-1n?E5;efJk*<&2^Di3-D?!Fdsu)n{#u8^Da3zy6o7|Xt#xxt@3L!P}_6?CO zE#5*7SmI!Uyk5~+AumO#VeCsIbT?l|ursgA#_gchY(3Nl&POw||o|B$g!2Qwi61 zFP%EE3`@r-P*64m<~F{bd8;6lP3f3mVxu!RQZ5YMcBWMH$(v-q2Kf`};`0=F`66zf z5;;aLV>YBLE-9YW&oV?F9T9cMp!N+!iY~gvRQXFXd|A^G!*G#Ja}H%UqF<|%GWm7E zU@>YwtDjK(8Kjj^hLB~>|A-n^QwKJMa;4*-{ypLLe0!`qGhtWNQYjeC5zP^jI!LY( z#DjVI;^(>pMpuC%e0UcLB93y1BM`bf^4Jj6^eE?%nZP#i%;5S|+ym?GY!$dP$-LUj z-d^MhD6m>uTkG0z1ntaB)WA_RFjSS*NX3a?WdCZMr8=X%B3x@{2RuAN6-SF#!B>jV zK=P%;yh-%_0VZMoy7EJ8Uw`56v|l0Pf0Q{Zt0=(nuJ8xFk}3Cwqrrv(xN@f@#2Jgt)X#8!sbxcPs6;7> zBZY>yjp59zVkJO!R;Nl|*s}7m!%l>4uNA-(Q8ymn6Pl}^ckQ;bQzyLgV*Q=Ggh&n0 z%*%_9wue7>DHZcllYe(PS(u6r5X0P*COn^_}1Zvr3$WxXXd4KvBUAC zrR4Xd^Qh*Lf<@ssInDrqIT-*U3y@DPaf?dTG}t2tJmq zY+kL#TZ*$my!BmE+N@;s^Mpt|co*h*RX1BT1hExr-=aDCfxbZ@2wq7L&og`@BzI>b z19pgvAu5dGw`dz#Yi@rQcdPQ<A)V~CGNr9W+duWvMP(VH zdzaVm+m3ds7>z1qc1dSQF?UdoXg_pb${L=N%x@*fmF7n}a4yg3H!1TMtcWMtI4D?R z+S24Kwex%F)*bPturMYx58IaM5wZoUgP0%IDNF-BlBbEFH`!jhwvl(WZ95Vs%nbi* zqEmI+)!{MQm_bD{c_Zntl(BfxL(S%z{E$k6NU7{;M(%Ln_ZRKYFBb$x-bN?dP*t&_ z$J;Q^NXMR%irw=d|HfIk3j+c~xIUvx7;?v8bLNtSj*6Sj3NAN{$LJ(HJg&}p7W;$C zE>j{oVQnT0FXf#t!ytsT8zCLZ$(dJ>{C(Xb{8v(I75V(5?2AA9kqFl z^ghl+r2^PpV*z9GZPth-e4cCHIqz<-OLxR7YB_dAoXH%oKIl;8%lGKGE7d2|;9y~A zlJ+DA@ayW5!(1+MkKexOw@yj~ynl2|xQm zRL%OXtVgl2DCPYD7QRCIIGpr#i~?Nrvtm|5-$PMo7)@26Lr?|S#r0wkAY_7*ZjZ5feWq?~V z0&QSYZCj|iY`sZD4yOS_%9&)&YPX#m?iek1lgJ_bshu6MTKyq<#={+FgiKnFNo ze+?=m*?;_4xCV0(Fw#Dv^-C9qUWsl;pshL;{l(AFRM?b$${XeQQEG=I38s5yv(v}? z0;1VwN;~W5^vC4~Kz-eUBP0;uJHR1Sk-ESDl>3DM051TK!-$gGm$%))*4L+H07RTg zAa#KA4-gHp&qDAC=rJJ>+p3cA_bZ5U20cN#sJ0RZQCYPrddM&6N-TZW6$;~YlJ?fw zRPJK;!)Ido$n7{_OiOVUy{o&GLty=4#^3a7h0)S@2Td%zExW&~&JxEGD`9QW4uT4b zDOT1Q6l|#}sUe?pn4;x?W9&H|coX6d#_AwhMK}ZXUg#RW&aabHdrOG{FON11n(=`v zOKL1M`Zd&U+ry}<n=q5aAcp{CC58`sqFzly04hCkOpI!cmorXWs{T$UWZ zZ>D7K9VT<%)ultEe?vkZQ>5Auw*XMVPc*%5iZ_tSvGG-YZHlu)t(#cE0`nnTUy@5- z&$Yk|?bgCG=W3H8pPOv#ciK!xn_+I*+B$Q3Hyl`?FPmqhjbF5~{KHjo0)y(2l=Hy; zl^4~vBjt*rWXnU1U$BECNn)2pgJP0*+UFnoGbT1d(nnl253XftllXW1rw@|f+T3?b z5J;u~1kzjP$q>qo^nma4TE|mE@1gAJPo2!2O_J1BQs&w3WW&ssv@SbakSYx37>d#Z zsvJ7wxZ+%i`!2B7`)Usiw-sJ0z!TWB;rU3Zw`|@08Ezw``ADnTQ8=i)gp7x(F%G!U zAs3k&9wwxcpoGLPfT9k-`BC5$O#LD4QmDNO!nPDPKRm};-K>vmei-0Cjtap_NF}2RMN|WkjUZ$ENLU-vw#UYi44{qb zJK4^gPvnQnyBK=Rn+nbA!jIF^19UtP@Jg%)C zC%#yMLjy|pw52r6QqWQbwdIAS?5Pas^24<}^iyYvTLx)(f$vg#Zt z-A(xRpmhq-R{MoJTt%HCR#RVpF%utWUeVVX)*d53~U3q+-jmYk~!B=yILcDVwTc3sNsVd zfR-016pIYggZJ;nWNq#5Z^oS)BEcuWiEZ+Z0q7Fw%h!KSFDC*-7oJ^}-$MTqJ$f8r z`ew^!LqFfFAARFi*ff*^)#?+0b6^!bJ}O!-7xvjZloekiVgOz$S;)WTC<9foXgyGu zDjMmS0biP97(E!oi<_!HbSfy-{^A_qyogI&5qeybLX?!(eLy5!LKVS;Kzb5sNDV9W z*0l3Eb@XPZ<5>t``5FfY4)_w~^ww>&mpMyP;3`Zt>xgr3skh^e??0kAlFRtpke<6b^NI`r>zT=-7C2TH>Z_slFt^IA&YnE$i_b%wg-#Ku;K@n0pn45KT-~ zlL;^eXE8ub#YTnj9+On2GX(|ph)mPvgL}YSc+&CxL@bqeL9_jtf7oo!qUCc(^t^5m z4B7UQg0k&FgkgM}0c={dqEPx9J8MXwBr&RzL)HgI@&>ayHb z3|cTauG}@7>`ngr^(%v$&`7m36HdY~<&gqQs3jhYe-(guKKN;O+fo*I^tN=Zb_|^! z#qA}s;$y1a6arxQAcD(35)sP=0)g9$K8iNmn|rhZbc)2!{(Bb9t8w2q7R=JRAUYw? zt5CZ?h}`n^khD8NWomy!lEIlfqIIAd2{m+BN$VfrnEjJLU)`IYgK1F7o^ST8$pcS1 zQp)Fg-z1J8r{OReRxA}YsB%#~K!SAsD)DOAoMI+ z0|6KFDF-PglOy}b52{S9N8!$6%$&rC=ApV>^5#!Gnpaq9V9ZmLX#$~X7472KuTl^s zc||co3@Y-DQZdY{fJ!Y?JT+F81PgQpbPU2G{2Qfk7450Y`C5KV61@<7C;vH>4Q;<| z`(=D{;aAXmX#dUqywr5|r9p|4KAx7?NT-#2mQH3aK5A3z`n-0e!uJcG*ztm56DZ8% zYJ)-n;o*6QL_yGmsGKLyht=p)9;GQrRKO6w%lv|dg*l7MabY`lX1sMlnMNbSo5fZJ z67;1Jw!=Q>$?7M2$aGU&U%qmnX@%ACTF1-(C&23I@Jr>&GuWL zW=(TP^ieY4M35IJ+*fQlR+Pk1q9kbpV6OP{KHm0s=kXo!jt=|RHu{}JJmlFLnJ`(g zx~mgfq2&6M9TGv`s=6=mPvZ5F?V}VNRI3R^%^QC9i0&FyZYwz&-4*Cdw|Q*R-xwkE zjc&U%pa^m39acEXU1XLKp~JKtN1Y0oB~H8RT&`qA$*cUDKO_9oAB#AcE#9|{inPO& z3O^Rq;>4CJ3`$}?eao@Y&oVsBXz}l$|sfHWAYoI zW@qA(Lcs~Rw)pII)8@>vC6uk)!9RXGvb9swo15{||1ebGfFSwpgZr)_G9#SOuob4O44GD~SJ?{w!q4GlMk9tYxv_V~q8c35^elBS(l%SBv@E zAF^*kn0XSBKlunwXXOe@J)nLdSVWq|3iXCaC9@2We&I%X-!;Z;O7J$

|yp*+6+H za<)zb#YQ<*x7b*NQnoaP4BS9(rnI}P7H;t_$2v(NF>uFT(*tVkCRe2+Kb*qv5CF?n>kt&sveOCsACAb05#NiY7{Bsnutg5`81mpDV;9Pp|kz-G1vwgZJ;hE3_YEoHh$6^ z;P*hgT zX^c_ibtMz2)OvtudHijWzya>_zsngR@)T+z%Z~v;P-6!OA%3?-)k9KMAtBMbP%k3g zaJ%%Y!~&f`rXJlB{&+rzZsuNDL_kK5P;QQn6Z0p7h$GV&Z9{Bn;0g(lPmUmh6P^8n`Z;2Wuw4-kPsi%BJ_ zJRyueZ;S~HLJth|B+!d5QIN?E*5={Z{EIoSqwJa5SKV93DJNe3#Su^Q4W1U7no=30 zZ}w%bdI?H7;m3@T^pIeJCc{26QbLWL)~|H;6B9Akobu3R#tYGaOb>b5tLrx%gHfDb z`@IKP8q5DC{M_&Ja-}MaEf|w`Qc{(o7)x@lpoZwb+GoxMhQ|5Dw$#?EFW<7vopAeuS zb1hPL3Fp(Sj9?Z$)v6pmAz%C-1TVY&6NY~oH`^`(>43|R1%I7zDFomfshwA-od9^1#?*@H8U&JZ=EQmb=wtt-P6<@al5WqwA7+)N>A0>=h_?= zEDN5;LYysg=fA$YTF!Zo+gWu?fX)s;&`S0c(nF};KnJC%Y#?U+4|Zsweq-=nHVETw%dcS@Y9R(0jRj-}}Cpw%5nqqcan)>(fNjDayO zM#@%zMe}oRL??1DIALE?ohLPaG~1un5xsU#bGZP=HtNlp=svyt$!xG7eex}19-01JBk_`S&wi|F5M@y+;l%($fzi2504@evkd?RCa z6oX%gdhg+*8}VBQs5=Tved2h|Gypfvi_uuaTat~!IC~v+L}uX#qKW-8`dNl}HFYDcyhHQpyT&xhpkgxN!nfhnAnE~yOC#qmvg=yLeD-Q?(WfK(`DYm3) ze3oao(08#=8XHw9b}X(jb4MU95F<TjQMikiUvWCcTM(hl}ef zp?G*jlqw;g(zfAqtJT!9GNmVoygV02GZXRLMOFE^KwfCzinn}>91KvfsIMQ-86*># zVrG>UGP`eg+HoFBUI3dq^O$C~t-{d0EEebs)$Y~yZz}sy*&EKz zS+0{CNK9tdGBWISH#>$hdn>MlI@bK{noZ#WTc*0YpJ}wRFc|4eODoWd^)#erj$TP5 zfxpQTE*Qc2`f(_E?FYS|mBuG2S02wn@<=bOxv7k%y`vds-<3pGb4UEV%IMRV-v0MAVxB|(;4n^sM3|DY6lDF6hp zAd?kpR^^OANbRXECpLOuOXnyXiy%ou{FmHF=^zc7?iMPRxJTU1;|l7SxoBM&yVc0a zUHxr6ilf3N{zs62=RE1BOqC{_C!_P9p*0J7Lm=3Hq-O?9*F{?yAvfM&koLUlong%+; zGEgvjXLj8Ab`*u`w>rAA3Q{_(Uv#l{BZW2xul6KvtehEC476@FnJXsdnQLR?9Z^pOpxEQS zUWDQCmj5l>xz$lFys0^pre$!wesiPRvhH1bt*SCoUi!L_bOp>w^Kl77qR$0)7$Np{ z{>|69Vk0J*sG@R31z4y|=7%v*-!a(gmcppTXz$;_ckX~D04q%62}&Zxq+yhlR2L+o5RT4>2kAb#$?JfKFMLk%bF3#^{WFFDEM(#u{F`da z6hMfI{2NA|fRSP?j93Lim^`Dzc^&WbMTTI2=_xMHU!`J#DqnkodeAW{FrcafQI(_r zyz+kaXzJ*>VhDW?BECQ-N=D&FmUv@U*~n)|RNo?64~|w)V&(LA#zVYS2!K zC91@_CFdUc89IW05q@nD%O8ThN=`_e>RI=3Qo8vy@hIA2ec|82yT-fruAb7AZ}=IW zq$SgubPLjrPwG0orCU2sws(XLBU(kZQgK=Q%YT2bka)ym7Z2(WTYLcj1UX2XB!kLL;R0^>XzHsGDLB>}>CCcD z7>}lXb55Sq;r^^Rr0WX}E`#_nbj%%3@67^bXH2FMJIFF3caD7}+t9%=C)S~c1uG|_ zld5!cSIQ9(orV!mF<8@u78lQ<7@&SVP6Z-o)9{ zm1pjV*8wUBp19GDzs;)uK0-SUJ>Nj^*OE!C$pDkFoSi_OJY9gC5V1<1DFSj+FTA$E z`7Eh-q#&hzZ8cXPGE&11Qo&YA_KY|-v*Av&wWsc@+9)+8+lU+`u%;Gt`Xs!g_zH7@ z7ZealEe2mO0pQ{^8EDleEQ)`@5L+R;r^afU6p&4;hSkW3KCB61BRVibh$kD z8EL*Hnp+LL$^`vee+@=7`AbN;EVK#a6etfCA?>uY#2KVUcCyR_?IOl%t1p2=BN8K+ z>kbcS^QLk*Wq9m#5v?PDA!Qlj=k%}uY*d&cNl9KoIVgK7(s7CAnJo`84u@xK{EgDM zbS?6%#&U-B>;`q?CXJa0!&#Fz5q5Cz_uUS6x_F1^EB!w4F+tWP-4)6j>QgEl*cu#h zFvf4;Cn1(Peko^{*$>zaeN5!Pc-xKS)RrtiGxIyOmE>2mEkzvVM(4JcFz%AwT+%Rq zcRBQGGt}gyq7@S-t?#0FxJl$T*T`LQvNLf@bG$c!0y_bj7vJ3w8CPcaCW7naX?u`6 zRYp~c7;qH)f&PAOaxQpCV?8s`93Rlbyt%x*^kYrH4hMb3-e+ClzG<4v{x80_dB>yp zRw*^L#Em(WGPm2K{_v7}_gt)xfsDU!2JK0Aa5-AG}WW!Wi=o@N_X0v1C-$yBf) zh8CE1EfC#xa!IZc2=uK4U3a(&>ehZ{6YTn?cigwZlhn%IA!??oXU}*NANJl~8-4Q~ zo3eoCJJ}9jUm9?QGH_fjN6X;HM#?CQGqGSbS7lG5#o=tYs6R-^DCwkCYyL?4YXRsj zy!qMix1p~5zTqlxrpcP|=#&hAvYm1E>)fxX7npcb$1q$sF$fXJbXy{59CdS# zMq;3)KLCFJ*LeLVUktxp0ZJE$4!!a-yp=#$c*d*OFFw?!^{9FXeo0O5_YdczRaxNT z1V{(f?(-9qaIqBTisH3jRM^&!Uhn>VZP3T>BTeCbg{ooyDOS3L6E)Lp3^0=%}1VDhV;=?=yA;~rZ7XD2HD0Kye*5_s{ z5b{+XUP^t@*4QXtDnX`rtw41D@4K*#$A4)%kCkYDE_o!2_y&!aPsag|ZFal?r;L(iUOi+kb|L1dJ*IQJTu@j}P@1GpGyhgGZvPk3CCY z1zFrP2$h;xZN&x$s`xbkAoJu}%!70TWLosu9exvo#3Kb$R63F5Kmt{q(V7sr-Do2w zjJ~kpCr+Gx&UH|ZZGLacHLPT(myvu_(?v}ksH8RBz zmaGVR#k@S+lWOn)hEyAG;Vbu)gUFY++FpGk*=&LEZ}N!KVvzj{Xbg(p8<1U02_=qM ze2+=^aJtr~#3BfIvw!6u!3JYqk!Aabh&{dr%`-}xF!X*Sho&U^E>$_mm|V8FyAvGa z*7W%5t$kT33??nr3#R{z@aj>iJQ!mF0iBe*j=~1^Do_~r!B@HAxJhK~D6{!2U{I^~ z4-GJ1BGe~N9bdiN@bMm9I%?>+$n_Jrw>4(;gzyH$-(T+N#p$o;N`+S$adEhb`QN!#c)PPSZ>0l zv~)S|H^;$FS)_l&87OE2oGOLj+@G)bz#IMf*nRVr41pS7QGkPjVu3HtO(z|+3?f#0 zQ7h(ta@`h3(!RtbRac=W7klsvN_uu<68>e54KBj!y|M3bVx=x=Kln4192h3q*bCk~-4r9*yn4w_&Pj7A8_ViqEufypj~{Ntb4|Uu*=D{S^Cur%>vjymD;L<4 zK}2VrWdl*l-(^j>c1AY6e6$}@&^6dov|X63C-lR(uwEhuxmke}e^!{A(HY3_E0$#> zGomSd3z3RRx1D?>v4Z>avpprG6ql}$$u~AZ9Y%%hZT4I(u-KJNL)7Itgkj-7erz-v zMS{G?`;XV~Y<&~=51Q3kzTgWquU`F)t|Wp{8Ug>EL<0F~I%LAuV^tewj>S3)%Od&% z$uF>JiakjA6Dop!(Ntz!3!Sm+-?-uZmCAe2ftYsogNP@ux-{Da)d2Fe*nFd(6gu+V zXcVewBO&)_24v5hHw0hO9UKqFChKAoH4)CpC^|XNB>!fM&9`DQ#HiE*;qPw`WagZ| zWteGn!TY$($WkvWs?W%Eca@fXh1uPFJZVmvh9sBLF-})r{vFW7nqM zt%XiQFcnZrU~9IWms~U?<^)cj#(J%?pa`e^7v{_M|K2O6B%eEwramP%~tl<}96+*(9MAhJrR-C8O_RuGMi+r5e%xeiFcq4Ovy`K9Ap!Fj0}A zfF|L(Q!di1o%L}qxBK+jC6YODQEuhcILhc((a_`W(_Bie4FG!zsP`+EQ?}18H$L@B zq!K&?*bMPTcPB!hsLyhc+>F%?;=I??5t&+&UHaRkl$}9lSQk{(~nN$3rw5A>gaOB$Y<*)zQ^%EdE^@f9hxuw*fwQ;9CVkgrtGjf4i5cN7_>lf+Zi3w z@>;3r!;|L&SOqIdGLqpj=H>lODjgO=EYB_KO&|wAg)k}Y|HXWN3q~VP?~fw%#3X!q zc=k25xQMhjBeoB+wBLDg^)g~_VXX`Gl4EwG%|mvY4-a&m6H@&Gi=b9IEFk4crcx;o zysX$T*uJb$@5=;FNK@F?_WW&1m&p4vAEh)=Z(>7>RyT`D!8X+k`Vgq(;M?$|jKLlS zoUWs1BL5YgkVvu08Kq?7AtXs)_s#p!aE9-$K4vE{Of`Lc^5S81sQ!Bc`4{_!9bEjlyTSRV~4C+5ZQZWQH4FweVwlN^V&=}6#| zk`_$iaU+SYqKhBp=6^)~B{S|533et`2BR;(P9&B4p%=$!2#62P^W4)X1f9Xlzq};z zc)L7E;a^n@7{AJxE(_umE7aS9S`GVCjJho z^Jo>`r>aU67r^P)HoRDNzdNaowz?`8yuTgGwOPBv7@uBv9w}>7;5pqQbPA|5O1YUP z#7gt4>9>uG#0I4&{)98DiAgLmjj#8_A5sEYyPNvwua_2DUT(K3dN8d>KhW$!kYyyM zJ;6W22jAEhk+Yq+=g=QSldKO=U_eUw|5NDVK$j`0vm?Yn+3sBY=R+5lszN|z)JqUt z6!D!dN-nsVDOA39w&Pil4{*Iov}kTT?ey`D3dGYfTb#gldunBq3glp<+!DVi5?84`Iy4u~bptYZD_F*GFV%{`4M899`{`6JL z$qNhD_S~M@V15PvMysquaTs+43N``~QMhF2^aavoAbEjvqwKz0_MI5GNexvoXW}SEcQBQcEj(292Zg zzTm;>)JY1(k`CMKd|9+b8iD#(|65VTI*_=r;L-?F#b3qE@dH*Z~V=K4{d$c9nB-o%zR4%2#&Wk?;O8PZN}PA ztc^WZ<3p{p$RlZCon5KK&aO_LV4riUy2wg=zob=)UFRpld)3B}*GJ)09CSZV-{nv1 zG}^tnI$UJ(AAzPW^>~C zvEO0hDpF~suY79{8TI1qA5O+GscpKQ5jwWHN9OZU&XBiQDWHjjkZkW7itiNRfUxNj z+9v=<@leUPH9o_l@_Zz`<0r9QMG~8jZ+6%XDU$mwlsa{F@~~GBn;B;$gMvtZIXeW) z+?l6*c&EUcZ)$#`;5Ih)oKx1&&1`FC_O8=)X9#xZXr4pU&+(ve9T4f>;dCZwyEDEc z&Y+&9d-yFJO-8gU-G2Brbz=sd>AYgkK2dnnneI92cEr2=vhw*W=>Yy;)Ub`tIuZ~5Rj%l_!_gP?p>|Hi06X|VQA()k(Z9c` zPXD|HQ4&}2U;xm%uY#>+zCjlW7c7<4Q&q-MjMNTkY);hV@Z#h?YzxWc8)^1sU>d znX`Dg#{VW&%`r~6t&>W0FU|^i=jiFT2r(3HOLy9p4?pfjIb+%#YH6 z;z-|OdSiTcByj+ClxEeFv5==XBF9o#z!nj~z4jS3C2$K@r9Ya|%gb~!bJ;=xX056{ zjv`ow)2Mjo64DAtZWu5c6GxL5Y3rian|G^5MV>9`q{Ko5FTf^tBaEH#qVy zx?%w+^E#R3OO`7|jM26;G}^*k*Z849l_iPo^ujU+60gWJhI`cyPbK4N%Sp{8K{C}Z zl1Ml9=R1QTj>$c6<3LWKYj%uI9rL6!{w6#7Uxj8($VI;!&wim#D=fUkW;eZ!22Z`1 zKG=emi~grb1@OR^C>qDSxR$-0CcsK{*@^K0#4E7w(ZVPp2^87rxF4Dx$U66B1i$K& z=N11Xy0tkMglJQ3XkT&7U^E;!)rOn2L{4{MZZd0QG%k9q>GG&*;@cx64^cWDB(bt2 z-{Myi_4XQ3xH{EaBM5J@*f^8?NWYfObRaphxXkkdtuY_s6S43ft8FDDIj!10-(y_i z0*?eEF#%ARh=-e?%?5$B`pC%!gQ}nPvEgoGN3EsWXXIbKh6*z|s{_^O5E($4;&yj=+8%DEE468PP5(D^p7+E9H%u zj$EH^;uN*e>0fAYXlH8+GycZ)ua3u5V|ao;J|AM7&M_ z-EpkL66ZOvG`J}3&Wz7};rAt@T|EN7fXP*9lvKFX0jT0X7TWhoDUsCWj<2-Ye>$-d zl{x?I(WVx2naYcW|C{1<&NkMod3z$E8FG}6WCL7QQJ`_kwM0(`z|3^ll^wjbJQ?bV z#K9#Q3*5rv{L$yK+x$@?S2t&fh<=YvIn60AffN6UBa$l>Ui*~V%5H)?74CE zBBx!qVP^PgtTACHGOCT1&DYz3DmMAb;Qia=X&H46kC(TaJMT7UNDge-wzRyLCkwpM zTcfYi&&$E(oC3==gHE0T&H)MM2loNg4_O2J%u0(_nRAqE^Q0Mr=|G{6&+v~0Q@vpNL6Bm9Fj(0jTyNp@?x>0sxwzaeaNeI2xt*rFao!YI2Tpl9-I+eY zm1p2oOAy2r3CcRaR>CaYV6#VxI;B6LH^E%|15`fTLgJ#;_h0y< z?(Z9om7iU|zLnw>6Rn7h#Qg)HZ?4CfBd7=g{rm$DA6=!Qq0Scr;bWEBpFS}_WT>KS z!fLQEEq*W`kc96QSaG2|M!gt-pNijme#GG8sX#zu%)5u;mRJ;CR>v&6698IOH_tGC zCc@#De~4gR_Bv#jk)KcI_qqu45KKzUuK~0EcNvmubN?PtK{8zJ7qj@|Pq~P6-(k;4 zy4+xh!m3w+I2HV^UKwj!Q6x|+fi903ST%_##Hb3JOW-dQhzOzNuRyv$ys}f(N({*o zi8C^&doVmArVDgkE)xLZGrKM&)0PVoRNStVS2ol6G`&ol_~22i#kN%MKR{?HBKkZ) z{Xrq}!vp~J6wTOU2k~%i_DR4e7?SU|b~L0YdR^&vQKT5QM&L0l8Gc&gPd{QuR8qyj zz#z46n=d-kocBO=x0{EgZ8&eBChNk!R2e1SieVN7+;q0UjXoXL zFG={n95@mh$bQrkb3Nj*G}oQ(&8!nP47Ft56T4pzv5L(nleO*s67F*Iq8!VqSXY~x zd0P81{b;tZF;#1AVK0sL*s+qDfSW`{X(JRHpYGCcR$76h^%AVgE)W9CC>(}Q$WpdW zmb=;ej7=zh%xBvf8vpNRh(iN{$k^D7^L5 z+hWVN)I#8g_^(C)38JFyXJR%F^}Z@Y+-Q4x3AW4o%7fqZ7Mae+z+6x@-1VaW08cmL zkYCPNd2cf6&O7Z&NMEvHnK83Qa)1lT+bUQ|>nVkXl zA0XUBonW`r6tZ@sn$3Yg$}kRGAlh&=VtyBJv%l zSNr8I(JUpP^=ly2xUG^|h}LM}fu4V;}k$bj2D4`|^;AVD-Oo4Y34L4Em7IbrR_P zm)J;deGf?2%I2ft7`1v*>wVcaPn896&n_|3uaTOs``@S{VfZLgg|BX9kiAqhRit z^{kLF&2{IE7?wSobD9#-nH@n&$CbU!OqbVZ<9B7f7rhIr5;HGYjiF6mpcUie+d;9P zyBp3e4cG|t7lrE+#mx0qhAL&FgX7vNs5Aoe>Jz5oeLBZF28|uG8Gr~}FZjnDOctcW z_>1(3a>vyv)yyJ2Vb*Voy`}OcOobt@X)v8Zo?&sAS}+Xm6eNB{?4K^Y>d=5c{#Qw7 zx)8hbWwD9*tDo6b|CQ!R6EMQD)n2?!Pg2WC=C=0+bidV<|Qckq9ZBScaGGZYN?_yxC( zaDh!e^T){)DRQQa@(ql|DikQ>>ICBO*+io(Q5C#5&WE@2x;&Wf_|-mNmfJGK_3N}- zy@VBq?(u*Mri!NC^sf9GQa$}LseJ!^*+?(4cS+(OTDQr>cp6(X(~AP%9t=pVYk#xF z{2a5$kM&YV`1~C-w9J2i51DY1554P`=zjp>qH}mKBth{XAmQz$tSRH-`uYVjt%rQh z&lmoSbp7v+x)DJX+;F)i`+vRnN_Nd9ba)LHtFfUVF42`4E!3eu5M?KHoHX1S)bffi zEARIfu8y&8{+|*;x^aGZnqBK%3K8k%GBym`Fk9pvnGfhLN4C$B8wMwpUS3F`uUMYd z?dRxLGe%-w7x;MF9(g&J9#cu#I-I(Uv_24PQm2KB#apW!SfVtR`Z9(e9-5(2DZpW> zrCaI!R-pc6tnsrb-r5+y_Gd$X`+-hfD#xiOOIODqIQ``zt}v&ukmX@5RVwYa+;$ik zH^n0YNFWG>qxj(zG!!Jq&1L6iI1=T#=g4klGOg9??QF@MNBWSEovoQ}7LuMHK_O4i z*GpxdP9MZDs=G_QUBQsfjx&Y{+JK~54f@>*p zHeku_7HnFUAb#(Gto=O@>hHA`CD?4IO^14%+tw0)pI??Vttqy}WwKjv=JE zFLiE`ktO231F?f3L``J!Tg6+4GdZ1`XbI|lqI+nyQD5$0?=tAW)AD~0d$hA?XKrR? ztm1H#8FH;y77Mbm@ugLQEMwiv;R619ZJhaLm?b;$P_vUI<0lvbaaaI+YD%m_x+`Qh zlD*l4L3p?wXt{A260U}eth5y$CR@&Tn_VmoC4puEDZN~dOns{+l{lhf2g%pXc_QKW z9(&X3wU9C-6pm6RRVtgPesDqVc%8Sm03Z^r0#doE9!sFmSAMX{81|n1;%0g$y@DMt zhv*iZO|AbTXv;7Gq zWZM^hJ{P)PM%#=JRg0N%Axrp_7j!W%%~0kbmC99AyQjm==8ZXR`ZA|(Bsgs8mo9@) zL*q9U{ij}@!>{5uO)X-Mnxgn84!;!%PMpg3H{F)`cPzQYl=H8q;WP9o4)sDq#bfau zXd_t6B7Z0N0L}6a^P^(mruk%G9=b zvVpALWBT`eA=udhjZa7AKP7qs2idEt)EjxOM-yR#>w|dP{sC~6-_>^!_kVwVC2#mu z3Gc)yZDe??Gs!5-S;|E6!|C2fx*qZ*s0$A`TpHv{_-==7#v$ z+8Xg8_e%hg)EoZgT!$U5zC$IPrd$88iXSCDLm(y`;n5s7d zv6p3Pu)`T@LSEdK#S=}g2?vf>$oOLVhzPj{DUadbemNtQ!U6|0ea!i!-B!3tbI2d` z9*^VAVvEd|PAqMu*#`Z+nE3$7p{)K#FI6o=JpkqD!( zF}wM?8#m;$X`^<^`P8jwwsf}>t&cIz3%zbE&A%De;m1s6Wi}ip(z9($eTwX;f6eaM z*k{m+G<1TJ?L_YcsS~NnV@b}UTf2j7<9U`lvyrfNPRkB&X}Jh_ya8fd*!swfv0S%~ z{F2>XBJ7%*m3J=~{Es`FnP2k|I%P1N1u@oD(OsJrWMGusuNg@G21E2s?mH2Ss!-ozWID_av zaPh|IC8xP+KYvaqA;(}Whk4V?=8W6xi9*-X{a)B@s(hM)nuy9@xvq8tUUBnLNK7iG zykt~u!0@VwPzp}chzYqdg$e~a)C53l_l*bdFbzlT4p;HI|*QD(L2WgK`r+0U!N>n~? zzMXzN|IzQf-_9R-xm4gHJpg?_zkrkgwWnGK$L!@k0oK1~_g9JmQKus7&68x@_>l4{ zlBY6dE~jPn`-&AF=9bHsBmnpAI*5Ts;2hl@V3YjkT6N-JKnOCpD-p>UKA-!IeKI*b<->Ndiy;31`3+2g6Z*tdrc3~E))w(OkM#4%h7{P%ILB62FTo+K*}n_y zRAZ~&{kZSTvgNpM3~_j3+0+#f|}4bq>s6GCDT zR4KuCAOHlvb~{V9k>`-fUCos7cd6UzrR}Ra$!9bsLC#hUm`n$q@l56EHGa9U)ylZq z?U9p(a`JtVSxC2P$v;YPSW^`W?bFPyipfVySfh0Bg+L#VX;gIn+}*zmSTC zFS$w|Qyt^m-NmghW*;my$5-9s zj%=HvdL}K!;~`~1tuV7Tte?t8IB>)25hPr>DawOCu2ZaX7q1~cD{wr>NVm7!zrxy$ z4)N**kjWCH$xsiWaO4w{<4bNT;Ci6nt0X zzP?Nn#H}w2!&q?AnHKKI*y#&C(t^vF?Y2E-jwd_jZs_};D@Yt{3~OfH z&k$0PEnQ}tW;gOca*(XGu{;h+PzJ!V*fIW2^B)hC?2GxfGS?fB*FDvR@nzd|BaAJZ zQ!}x~(pa_jZ@y7xGC4j~tbQ)HvIt3ALHUG&uN9VT;byJV`bs%h>)6|U<&s)G2z%<& z$1oRMYYBUyDf>Fl#MkyZe+cG%IAvGM*CbBJi;P!q<9O7;+Uc}n=2lhX@M+$GW1Tow z?|r`BN1?Kvrg@Eguq1JGjPn$4I4chL!q)}m29?!)#KL3f>rv#+Y=K7Mhr29{WphoX zEafI>l$X3Y4q}=y+Gf6UZtQO4u1LyE_45*446QpG^1DfRr}i!gy4SNzVoH+Y$@kU4 zJGC}5RHf3qqL77aZyaNq#K1j0#U$ZiDpBK~^jALl0LxiI`L?#(2V$&eW7<|b!G*gq zwebmd67Ro}$~Qf}a2S@C9Gv~B1m4tzB5nTw9@v8*{kzj9a*+aoD@~!oeqv9l#OsriyhPl`@2Z*L&Q4m=XIY1O3 zjJtFH((laV59aGo{at@Y9zXklKF*)Vj0%aUA|e$Z?eOA>06ppV)BYSnlqzZse|J!) z98w4kNA_|*yski}a(K(~0}8PLMBZuM!;fK$Q0{Mw?pLXs(A`L@a1iP09K8H@+(oEoo?TpoPRwn0M)Q~EqK+Ls6VcZd8iNL9yJVkdIH4G#v&+;4t`9OWS zk33ez3@42Z0F5$#OzrgZUJ7#1wF4=OEtet#+9Fzsml5giJm10;1UiSm7&QSfRB2yM zp2NiJ>>?j`0O})A5v6+j^euRTAW#z<(4kTN-vRd?1s>o5`2Oxf<`o6 z$7`O3>TU;&b_7gPh?&dR=1k33ELl%OoR6NyMnkTtYEcA1DuoOK$)x2#AP4~U^#0!5 z2jukk`2C-&H0qY0v*BJKC~ZC zPL<$c{{SziQJ??-bspiM2TF&(BEM|3Zxw7Vb1l<#?8A&>bl#S>JGJ7hAL)&Dx~66w z<4eWm;RM z=SwSoWvj~0ijv6qo<4Cr3eoMm9VXTm9!FoHzZO-&UBk8c-INs zC54t+A%PvDqSi!U1VK z?z5$Ts$~-iGn7Tq*^y!*<1C*r>LV+P=(c1n&4sxbfy00$#_+c{b*ohreB23P?@dPHpj752`O)ktz1^{{Z9gb?)7T%b3GIZ1tZR zo2;xeeBGF1G{fRchUA5ib3b!tEA9sQm0G|~;cs_bS1wq%n#mEXrl>|Zk#KZVGnCO? zIe+2C_Vod%^sNJ@sk)eJO8mkfcOB3F)9>7APQILIfeqAXKHYk8pW`oYpa^<=06Oxe zI*mf1(v|D?{oD!^4^F=PY3o6ydX|CL-oM?=Lh=N=X4)OQ4jlp_f;yA2M_e5wWm_3P z^oH-~xc~&pCs3sW?dGWXqs@3)+3|Pd?UlutafBPTx`Tk5x`{>? z;M4_2ye=7SFSqA#);_@(KbO04f*P-~ww`v;Owg6Zhpt@fifwy-)w%6Bd}EoUauv%z zYG;P_^i|;MIxbn%eq$+V(Ss^eN_ zW>wAGaM|{wD<;`ks7gP2(jk;ZxgJCjY|M?@mZmpnafg}fv;YJEDm{H^z(9Lw9<&eP z#t=Y6Kzff#SFgwWxc<=hFV&^q&poMmlzhL!QHi?Ty$_nUX-GdSS8V(GOf zF|J*{^T&`TJEtpdAhZL!eo8XslDY8oZZ^sXNbXMYD9CvD=4S_Bu>`=cS0>MR?_2b_ z=55<)dmcjj*Bx)i6B~GJdj|n`&OqIk<(&&7a>bI=wf_Jf`LZUwTewywnEe*S5c;W! z5+`|epB4En$~Q(u!c6vi$DU5ryeYRgJQg2WIGQ?aG3yJN+K90u7m$(D01=6%bfW+)l^UusCcKV9cIEJB7&zAleESW zAFv%nJ^KE>RRV|oKdyuPM~pE>qd@8UIZ}b}57Zn=7Pa^dDNdFBUvEGE)bHE`eala_ zp~jgqm})hxDeK08M5E9;2d7Z<^y7*HQwaOh`0@Nh2XIrbzvs?q#==1xkhcTC>3TI=p8v#=Y!u74@hsV^serT&q39#jL$4{Z@OR=JhtwASJGEs009b}8!R|AQk^uvV7;0G)Iu7741q>7r z_7LaaQ^NO&g;Pl*_~_IA#84K=fpBe(LHa@@ADrZiDb-e~hxvvPQ|H+bu?Bf7}Q&c+ro}VAL?d3rGLZ4?2 z963x$>NWU}r~G;H=2@0f9#%BrQa_83VsILbO6{7h%oH!p)DP{~oL1|( z!?zu$XxSOJ72^w9Fhcr%jmB7;8z;PS`HX90DpRJxWtVcCm-yP=9~-!n#>N4&rt=O3 z*3@Du08&`Hb@;Ve9P(7{*O2y`6L?JHd>xx(@Y>I8y+K-1 z{{W4(uSZu?TbPEvBXR5(Zkp}6F+FP z9BFnvzoE0<0LHn3-nwktCd9h#c$gU(`|ASDKsB~sqTwW;9x2pn{emV@Q%jT=m^_x| zGBDQNfa1 z+RN(pv0v%7>T4^DD%gm+Kd5$h4=~5JrOuqJqOoHMYtF{qcN=LdiHXws%Qg8#8yFPs z_T+%~fY1O3sPV!yr`jMNuZzT|ui9$<&>!K?|JCo~hZ3D@QTwaYfQ5a;KH;YnI($d( z;lquf2dIdL+C4ZAZ94YT^i%s&fOdO!)AVrpKlJ|2A1D5w*~8@j0Mq+8;HS5z*~S1A z2cXn`@Z%z2=h zKVAaW->DoO7p;rmR=dPqW*nOni0mN9Y@a+<(bp+WK)RtOi*p9WgbZ;hdCu<)0w4*s&1@>^bZM(7^c=v}h z)^8X&K|mo4sej8The7TC017C#2A@Ol{{TTh!u}iSf?tIa7wG;RQu%)m^!s}|ep*tV z+>PA)&%_e>otpbXZyiCfZC|n$!JMD#n{2jeF-^bazg4yHVKH@c`HHpojTA{{Tzs z_3Y)z^L6#=J!#Xgr?;mXZvOyL0(uQQy+kNI)BzryJ{0N1Ak@L~kUEF*`ud03JoNPU O`1Je#0KbP0fB)GhPT1xE literal 0 HcmV?d00001 diff --git a/examples/saml/redirect-basic/src/main/webapp/css/idp.css b/examples/saml/redirect-basic/src/main/webapp/css/idp.css new file mode 100644 index 0000000000..afb49ea942 --- /dev/null +++ b/examples/saml/redirect-basic/src/main/webapp/css/idp.css @@ -0,0 +1,78 @@ +/* + ~ JBoss, Home of Professional Open Source. + ~ Copyright (c) 2011, Red Hat, Inc., and individual contributors + ~ as indicated by the @author tags. See the copyright.txt file in the + ~ distribution for a full listing of individual contributors. + ~ + ~ This is free software; you can redistribute it and/or modify it + ~ under the terms of the GNU Lesser General Public License as + ~ published by the Free Software Foundation; either version 2.1 of + ~ the License, or (at your option) any later version. + ~ + ~ This software is distributed in the hope that it will be useful, + ~ but WITHOUT ANY WARRANTY; without even the implied warranty of + ~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + ~ Lesser General Public License for more details. + ~ + ~ You should have received a copy of the GNU Lesser General Public + ~ License along with this software; if not, write to the Free + ~ Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + ~ 02110-1301 USA, or see the FSF site: http://www.fsf.org. +*/ +body { + background: url(images/rh_bg.png) repeat-x scroll 0 0 #F3F3F3; + color: #555555; + font: 12px/1.4 "Lucida Sans Unicode", "Lucida Grande", sans-serif; +} + +.loginBox { + position:absolute; + top: 50%; + left: 50%; + width:30em; + height:3em; + margin-top: -9em; /*set to a negative number 1/2 of your height*/ + margin-left: -15em; /*set to a negative number 1/2 of your width*/ + border: 1px solid #ccc; + background-color: #f3f3f3; +} + +.wrapper { + margin-left: auto; + margin-right: auto; + width: 50em; + text-align: left; +} + +a { + text-decoration: none; + color: #5e8a9a; +} + +h1 { + padding-top: 20px; + color: #7b1e1e; +} + +a:hover { + text-decoration: underline; + color: #8ec6d9; +} + +.content { + margin-left: 230px; +} + +.dualbrand { + padding-top: 20px; +} + +.as7 { + float: left; + margin-left: 10px; +} + +.note { + font-size: 8pt; + color: #aaaaaa; +} \ No newline at end of file diff --git a/examples/saml/redirect-basic/src/main/webapp/error.jsp b/examples/saml/redirect-basic/src/main/webapp/error.jsp new file mode 100644 index 0000000000..7a78c2fefc --- /dev/null +++ b/examples/saml/redirect-basic/src/main/webapp/error.jsp @@ -0,0 +1,43 @@ + + + + + +PicketLink Example Application + + + + + + +

+
+

+ The Service Provider could not process the request. +

+
+
+ + \ No newline at end of file diff --git a/examples/saml/redirect-basic/src/main/webapp/favicon.ico b/examples/saml/redirect-basic/src/main/webapp/favicon.ico new file mode 100644 index 0000000000000000000000000000000000000000..c31d0fa862ae165d366947de726a404564be8b4c GIT binary patch literal 1342 zcmeIu_fJz%6bJAxDvFAV3%BA%aqqn+E`++Z2q;6vfr!r)68*(UFeXOj2TdfzM2*G~ z2R|SQ#DsuSN?+G&`#PlSbl@D;Ussj119-;jCV-$U; z#I29d@bvu)R8_ym^)D~+wze9Tb)WFAz6ST3Yf&MpL3Lw2>b`%)L%JSsq>ZSdn;?-i zK}`5hMmyb%y4iPXzXUNb_-aC1zLv{TBj8*I|rSUgOSj; zb1+2Npm*8fYInfla=_>&JWg;OZrBLU>xSLyft~lj#{Yzq?|{?S0iO55?eoIr=i&GH z;0o{v_&rOqx&rSiw*79UOdlb;%2Kpmg`Hy6&@5`7b?3+H7}7nkm$B6;TUgrpVI z=bkT2zC>m9LeJjugNBYAFeGVbzr;y{`wkn?zeh}L+>8vWaMZSvX#=ND?lWgIbz$WW zDrZ~~wJv3QwC9-#1yt6O)zrC#snMRo-J_`!3)WI6$DXD#_pF+KXv5+o$EF-EK9H7{ UmY%+5qac0azWv?(>tE}?0b*BYE&u=k literal 0 HcmV?d00001 diff --git a/examples/saml/redirect-basic/src/main/webapp/images/bkg.gif b/examples/saml/redirect-basic/src/main/webapp/images/bkg.gif new file mode 100644 index 0000000000000000000000000000000000000000..523877c0874148d46cbc645c6f1b9a452fe660ff GIT binary patch literal 51660 zcmbTdXIxXw*C@KP(?bhA^bmRv2vVdZGy?+CL{QLB1t|tZ1jWal0HI?jB2^vmc<=de=fmDJvsan5X06}MtXX@jo2!*|=tcNh z;2QuuURdTme34jp>-op8lZ&73y!_x3bL_|OKM&_#)bpnz|0#XB`t8-{@3X>J?>~K+ zTKZgdsc$zU^I&du{q>R0U)Ptu{J1+kyZ-Zc|M=AVuRmf>-^eIyxH0)Wqhsje&EXRR zPxlqKhL&CQh)A1wy|QgT>&uVd{HJgGpS-$$=fRGnCx8FhIN8uSI{T_?eD>kHwNh?d zMaRw6@4uKgXa4;8lbBhSS9AXJ+SkU5H!t_yIa*M?ulm}T-y5%&mcuHq-g&m@7MALh zTr~Us%iQYsn^VHvil%@#=GXNf$2r_HwAJ>j{ zjmI7?C+fZq_ju;Tv848~;@W2VkrSC`x+Y&P zKYaC`7J9ho;)q++vBOQgQ;io-UmZ>_Yr41avE|NO@679#;h6wNcF@7x(u;$8i#tj> z_^l(4vs-RMe}x~tyPc8SGWFUk`dGug7lkdoC$5YyfBRi+F$p{Nrtd+}?YQBTt}HEd}+LQp=jB z-hJ_kIx_L*Q_jh=m#1GAooU~nQ~T)UyVg5%F()tl)7n3^xccbr=Ld@)gVQ+oW`q@2 zMiO(X@-K}Z$}SI2FJ_-=+H;V7tf=R?b7*qt-?yzpDkC&JHZqwQ7P&7b z!H)Ft#%&TYCc=)i)54SN$#9B{j-ee%iu60;|CMG`HH$wuMi&1B+cQ)AOj z=9ZS0hD0;6DcOW#)vfWjXZeZP*Qm0UvQ28Aph0f|DDmlfPY70vpp&1@1%srIUfi=6d#$8?B;Ao z`uoK=A|}Gd!o|_b+QQM*(#njy*~-+^%G_*|i>s5Rla;xZr779*KQ#U)T(Yx^HQ9Od zW^1ygrKzb4*~;A6nQG=lb#k0{^Z4x9R_F{I~N& zCj9l7q`$5K+xYYQ*Uul{*S~%JviAAY>dMCt@0Z`bU0Qte`qjeA7xTjB&z{cBK6yOz z=;4FusmTe!{d;%E?~IL(3=a(s^!M?3w{P9-y>b0o&($lJyDwer>b%g=-gdsVrTJV_ zV?%x2S?-zBwKdgMl@+JTPnMOI6mw1#6&B>@<>q9wvobSSOz8MO$I_1;NlQJPawz#= zQX=C(LVR58{+Q@}QIQehVWITBdqRSD?+Oas8L-3O&)3I$yO*cOHg`ALR#z8iCr2v9 z!QRexi;cCFO=f@H(%8t*KwnQ+M_Wr%gQQMWQ&mw`QdA(w%gM?}OG)A-#KlBK za99i)g+#zX7yzh$M*#m8!+#(DuDJka1NeBv?5%Uv^E$TxgHGMTOWPR2?I!NA2c$6YvdUi{G7=26$CWdEoCkd`e&wl-B(|79G_>R5xT{uO!@fqVkBCplh>r6(PLJu6)#JXhs!2UAjz_wd>#lF#Sai( z+T!=YQc~+OPIrFYVB|Oi$Uslpd&&a6Bir?N?bYyPQMMF})A(RI_h4LPP4qd^x4~X4*HW3JYeN2vsTS&DYsmulg;v;tEK} zZPIOK{AcGiH%LhBX+e#s=|uumhzVn(Gh-u;h0Hw~Y2=9uCkb zEf_BBOkGYLrDU2uxuAa_+DQ)NY0GEM`*H#mZjXCIU=3u_Ndu(J6Z67TNs7Up&z;4k zP4aB1GQ&=)U9JN0`ODPIk=^|(0gDn}`R?dYGIi6hR~K&7u;ISCjw_v}hBD8_kP=pO z^oG%=R;Tf37eh^cr)oG``%^x%R$R9^bZJ++&OjfR){ zFN^)Afc4EN_tV`aJBY1^(nk!{;`!v3-EeKP58R-WCA+8#zW=leA9Gtw`XkAl3mn_H$0%8Jsr97e>Z!PJ)sjFAs&H05jENV9KP;S8JE|4d` z{nnG1Xg-5FLdSBJO{A6RC8fP9Y&r9J#FdgvXYpceur&w1H?<$}3pKubL_GsceSkM` zWLXf(0zI+M{0@FW7L7I3i{+mb*Mzy~zR(AXDs%&wS?qnl**$NM;Qrj3+Lk;J1qv#6uZ^PKJ9?U(D zSSNo9haVS@h3?WDDKs11nJ?K87bzOe79kM3>ylw=8e}S9#Xy^EaA2sn4JfrRb$no= zXimZRplO+<%KOfIg(vyeQK8)v=EAzX%fvnzdMc!@0kIO5#+GoUod6!Qi^tfEo_Pyt~47> zU24eG)obfG^dat?>K*>eq@2FtS43B98NX=Qn9AaR{r&l`DC8X=h#uNb9d;lQ{V`Jg$1gGJo1-jMXWxdUJy4BhwrfmEtEU;4ER z9=>@0F66o*^QRN(xWSa$*K+BSP+0T%)zIb;?Nd}PRuT`@qlN1kO^1LY{K&pt=?{_q z`k(_v!BJH2@)>aK9N0g(5zVF=!qDv`!)12mvpT$-AVH=&!y~&JH7vY1cEIUKaet4~P)zChN@hc%q z!o|~DY>xf``h3F&v0Q_-^ouQ7A{6n*$qp3Vc9kj-;WV%HCl9?B_;J~apPSzUF0eEy zGS4J4?*rdTX0!kjrY{@J(Y|)g{X^23fcJ62v!w2vW(UDMQXn?}5!yHkaQI+EjnHE+ zM8QUuxDQf!h{S&=a+>&34RsP0x9DUjir@AuVxLPB+0|^SN#vF7CZleAKdI^B5z{pa zK7}q_6Qy=8z`RqoT~`c-BVq}&X9;OrR7CxE7VZy(fkCt$Y#@XVoT)iM)j8X{SA2YXgjJ{IY&!% zoWaHs>B$taG!FXnXLb@pv?awskqETl#ZGscV9-$JV#ANRx;z zl*nToQMG>6_YR^{ZeA{Rl3P@HRR8fDSMo`GIC;=N^>!jj?h=)s- z!pfRW!JZkorVzu)wtb9BN?D0J0-|p^Y9c-ni3|tD@N8^xwn7dXd_!XiPO*sSI;> zyn1gyR{JZJP2o6naqMOU8v9b&e)R0`4{KX^NPQRP;f-i2s}pxJEp{)UXVa|HW#t~s z!c0?;aSsC8-1HkhcCx{Pvbi*-pS~5iI=zbTIax zY~DGHM zg%up)l9*ADC{|$Ee97iPC+^QaaCW6dThOw_8mw$Em^-({DTt&#eSD9=fV9#`@@ZiI zh`%`rU!96;ZaPl??q8I6wkH(>gUW4oDn{W^`tk<#dVAhRAekC4DbD`cPqh;OHW=R# zOzij`&>_5LWV0e_!qT{wsI;P}ZR@N4c#6~*r142#sf#P}eBN%Hym=KDv%tcobFoSl z+L-E2i3MC45oZcRMALPpwsfU-${w%WZ^yxfdW#f%s#l$@j~61z6fqlT<2ndS=3K02 z;LZUsmf#`_LI96st2nsw4I;1`0JjU&T2ktDcf;FXtgyI5LWH5_c6``~<%R9wS9tiMO51YIa^upGn%Lj=w zt4+mp<8>phV4}LN9*tG5EAt8O6CHBPkgYQA(!w~&NrOW(a8lAvy?{t)n${^&3rHTD8z{OW7UZ_x@X~+W3ibR z6gV3L=D-kKM)IpmMd}I_>Q|_hmu- zOZU0yiA$J`A%|-VEOQH3CB5Qltf(|iQp%^K{Ku{8R{0}L(Y2o~mXD9l($QBA+5F&2 zv~5DfREcR5MJ+2!ZPJcjJkr!I5SvmjOLr%Y?%J`_G4e;hgVADkkrZ$f1dsdH(>QJG zKoF_Gp!gMtWE>7x5E}%mJ^eG9)UopX@<%w0X--x$7f=t)4rVZqRc8P5y?;y_-SSmG zdWAHDhq<6`gf||B|E#(99S$D4!266)r(?so2PQa!yV?dh_>PHAUo|VdHJl-1(B*!R zdNcM$TJ|m9bgeESa??6ca@p(;xVwZQsxKRFSK^Q^+C(247SYB@l5w1D2@xU!)}L9k z@xnEPLQC=o(gfVWV&xCHdAHw5_`k*|F)W!vgtTy!`)gEHi1gxMa#z4zy13wrW5Ip< zax|{CL~zyNp5>HW|FsTKZ|}2k`#o@Ui?H88d7Q5-W+OPXnj{^v=Hi4vdo0Vi;fMcZ zw^jcP^cpbpdX&5^8hWR+0I6~vE{k(5&^e*pLnr;O0U zA!F5I+lDGvg~;>J?uBx!J&;?hgVcX1_rG~p5M9WY4Ra3pD&VU>Y$ zUrLqUR8Wcku8iH^D?q9D|CXT2Ty8VZPY z&e% zboF{nPCdII2^QXWYg`Dm6i(-T8bHc_VMFm<(Tt;$n(zbSw`uZ{k&ZrudcpHIj{nk zwI*rxohv2c?mszxKu~cj4=rRF`pG*DXk*PX{WZ7D%Q>>*NOCZ z(H<&MK?d|7==Z&AQthLgz)35~@qgD^9JqqMv`Ul!Pr{jEV%l5&;6-d0+43{&o@eYa z*VCsNqDwYNz5!0esEB-7)6=Ya^W^!qTg&Z#w(r}t<({9?QoIXzZ&|hmyZh`Za9Dos znf%H4t~3sgV2anINP-Yz+iu3E-Hc=N2U0meCLBbYW}AqLNA-uKdoO0FOMZpJ705HA|il)h0&;xz*oCAzXwQa|S|b1@vXW?-j!O zn^EGxAvZn>)`^TN##ITClK?DsgY&YIND#SlAuq#c{H*epy*g9&C#18iw&~#@FR{#$ z5AXJnL-AtU26b8(Ooj?7$Vb+Uk{yRNP#;s?b^CL@5V{*H&THV11fcNR5xw=|N)11aK2#>DN1sC#t#8S^c)j+@VJ zSgCW+Q{JL$M}PL5_{o2bjD^Y&q4->Ow+B(rBm_9M5^K)`4H>C0GNRi;gvg6#4=OMG zqx4QFvWJ0AA+~Zip1e-@(~7FV_z;f#oKP28QgUGwF^XPQ9|8B!kpa^hFA07dFOhp8 zzjc9LCPEYr;E^7pn$a&1*_OWeVtNivmgA)EC}6?8b}`Y$=2iSh6ZHxl^}8|*E$;9r zUiavF_~Vks9GPh0ctgv0{;z(0W*tNiU;Y8Lp4r`34QT^lDu+Z5K~t7eb*L8e;V zQS>q1{bzmtBRW@y$os9Z?W;r(<6LlMsxUc*2^iM>AiCg0%1r}l@9#(v%LCd;#G?HN zNl@rOwye${mYxBDK{9)=AObG+r1?QnVw&yjDj zk6nt;xhED5pIFKU4;4S_RrX$`D%2gIiN2e$^LF7nwWFFW8ve#d&1zO&h$%m#2t){r zWIz_ao|B(p(i`ZasG0J4fnbav=9hONXj%CVnsrFAkOIF|G(0bdQl`1sNfNaUE{@<{ zMcEh?{5mpCMZ@eRBP=!dM|hPqPSRfLO)Xn_7O5uZpd@rWdsf{IF7-}`2QCPB2=%v# zOy~=1GFn4ExND%KbeS&PV)gRZJ<(0`ZP~-BpX0=eI{eoz^>lRVu@sPt9HF;3@W1x4YZyt(@l@3;E`G7218A5Dg}DlHLD~z#kx6Nz(-00`w;kaUovn+fp7)4g zNqqD}S*$Z$>?6W(IDD3IZ_j4`^f9e7p8^$vd@}(V2npljTMWxuzO++|Vj(I?TZqJX zBM{vj8fIpoO6{bHJH@K}qG(HgX(pJ6id4TIell=PJPf!U}pPLM44{!8*66=SflFPr{B|x96hx4f@RwwEu&kN9K zZZyg;1IuoH60^G#Y8TopsVHUYki9tdPQb7@_IfynX3jM{O1WcZN=XxW$_K{GLENV) zwTsG44{~D052akFjT|e|G{*~6WmirXe`jKnO_4w5ywK&q)(#=L?YNi+LMy(>_{Vo0 z$#o}h&zc9QHeRO2(~;~bPAT?b1I%ee$9@e9SGpu%ZPBE(?y2DEYYW)=m6Tly*uKN4 z746PE?>13-KR9+I;F2*tEhS0ETa%C7wg}muUWc^p@hAo11L@!y$GtyWMV$vgXs=;l zsMtFfmi{HJFq!(DjseZeEBp=IIbErPH4A)Z4Iq(3Ydv-Z$d=*o2qYpi)bqv_Ju*KV zLDzv@Tz&HBieq8y0!2=ng0)(Cr||p9`&*e7()R9|h*G*%q64xQ-<`GlM49G6Expl4 zd(Q8gzTPkIQ|Zp0n^wCH^*fs_-Kk8M5=-xXvMKMY=+h?o!25((L$n`z)`xc9`uKD- zVENt2@3-Vr%V!q9J-MXfhB!=`fA#1O`^pvHNwA?kRJz)c1HRW!IruV+W{AmPShx5~li_rH_ORhBMZXeH-HHV4l7-coP*maBAa~35G`|vBPnQW`FyxGwY z5;CN~dNHOf->q1u zCh*qDCHJeATZhb2#{GuKl>Ca-Y$1away#^@au4^$YM}{&qWk2wxGB=y1125@L+1!o z#0+He#LX$r8&Wd7i^Y+t^y|@>ixqklme_mjEl*~bVM3eRBFpndv}W=(i_vy3%iRwO zt!{d5V^#m5Lnz~2cl?01&<96fkndmZi~zIsa=yMG39n%~S3jRQwR_P?%|_5Q@ww8~ z)!?IxjUd-}P39LB{`<>?d$$;`rc^iIi2J$o(amRvhy?nq)V*q0*nDf?VDm#I9)I5q zqi0f~dLXHF@P6^>A`eqm8zAmWb5`Mt-Ko~&dUGKAzLJwR?8kC@w; zfM{4}wMA@X{oVNhA3e5HF~T7n#1!&yjYHbXg9YTT2W;d z;CN1L;2o7Y)9%$!X;enW>4VqL-Jrs)>`sf=$u3pYZn}Ba0EAbtW@GsBb1DkUlAEa+ zh4U3|WOnu?vJZ`!J4^0bhpSLBF*y(k-*d1?YnpBVorUZ4#1k~XK&ccmA$c`XseNh_5TuKCNoO4z=@gxncP5no z>biD{l|h-sb&zjT4J_4{`$#!iMr+O{zxwL?x17omJ#Ap?6(=eG*wK60ks$!wh^qYA zE_5d=YRm;T>9Vfj;@y-PYs!MiiPZg=H{|78CM>0bi85Nx!s0;29;^J0db0T2X zs_15VhGc%}iA9WB4zf|h&L3h9o*%qpEgg9YJo|1S;1^s{52!h7JGgE09V`F`M3Gj^ z)_PlwDFw}HZFxrT-kJ;aap%m1TYkvYPxrt=u$IXT48lS;wCy9$P&c_O@P621$f2obs?%oz9cN7e{m8 z)aJ|(UH555mOC#)6q^yAgMw#Ts!%dQ%(+@585^<;aTe0M2paGZ7d&JQk`N(_8eJo| zWXo#*ngfhp7^NU-Kf*!^E@PKjghddwetE$f672`;0JPnnHv1GadNeOVn- z6pnp+40&(>MQ@-aMuy09d^%D4IF}uuRI=uD`|0BN+MUdl=-~jF%Hl-CR^7^!=hle4YqNa%8!$!h?c*$1SrYMUd85reaF z*%1`P&t-N(1t>O4{xe{ie#f#JLkLGWv+M6|NVe@5;42%tydN9zjBt?;@|^OxTbwA% zzysn!g`?e#Amv=d-90JQ-$;*IS#%`3E9L^VJJim=-h_CBv(Moa^Cam^=ZP(~v0k9!B%B zwHcXX73a=04<9rhD}fuqAJ7d*#EV z?|uZQXG}<%sxz{T0CZr>BiF=}Dcp=-M>8H&1IKG2L}!K^e#ZMCu93iu$reNlwB1*x&Qi%{>>i;KS>sr)2>ugml9I zuS1^sq`?Uz+Ps<8BR#HPZ@O0VC(~qX*D z@BJm+EDzglu27hrdLBq>k zxK*>h$vT$_U%b5MeE4h0vslq{jIf=y;-KNoO_eaFr7&ZsY307)r_RKeXNZ7VVg#7O zI))5BmG_=5dosvFC6S5 zS@v$O+uv|pDzNp+@TR3qF9LM9vodrKAg>E-A9*Y+C|p>7{E%!8gEEjtE;l}3dmG^y z2W{Vz12nm0d(hDdG@Ppxr<31dYI1H{L4CgM5)RQc-uXPS%eq3WGj!r zDC;|SW=%Nvun0Gq0a=g*59v-LL;~4aa*+5U#K54V0ocZNS%`Kg=#zDB&m^QL=smpo zIw~c^YtC`}@?WQTbbezS+}1(%zKX?z$^DDo`XZ(~0b zx#_X*aYWwc#k!o&HlDgADb(A3LcGNH44r%_LhpF%t+%Q@_C%pslSt)}$jWjzPrl;2 zV&rv=!V$P^TPMx!dD(S`RFuv?bKnoA34`g?bMx!n*qUpxy_?}`Gxs$UT8=5neGRiF za#%N&@@{R);3-X^M_5Yn{hWKDR{ML7>#awD}*H9uz@)9jRa=ebrzbXT_YNh&>e+ zHpz%vnr|^ieDJk@Rc6mp4rKe^BVlLiTywL~OIH@>LS$W*;c8Qbi-?=zp!{K`U(V&{ z$!6QQNTN4+UxHYl>@MXvbQmV7BC5{XJNxR%S)2Vk;H!W#4RP;FV9M9N{Y9dV4W6e1 zyuF;mYkv%A>&GaLzz$;$Vz{joBAgtUu^}&HE7H*h&CCrT(;0&>SwZgW$)a;Jjl9`L z>siTGY;jsv0v@uP$#{G%`h1b)uV}eB1#!c}Zl}XtiX}hfKbYAOwN&Kk`7qh@Y<1F% z%*2g;zLHqkp#ZK15%d5M9$eU|e_S6LPNUtf`z=^wibv3mu;hpn9Nqm#ey{@1Ue?PY zxeGxmU3_OW%}0t9I%HWrUZ#;d zEDGSd$I?F~gzVCSnMad{c3{t6voHK3`6pg7MHiuV_nX>Hg}HZ`yKJNlg&7-eu_9YC zKiEiGt!ObAs(1R)Ha@);J^YQcC-0|tLx-l~sOzTOZW-jO2f-MZV0wN@GL!3 zt08)CpSNqC!(ELP_}dYvXLcw)a|@lg$wctkhmd6ySaHjj`r9L+W*V9F9aa!{U=tk} zP~U0x4$MYlFeS#y8pFh|$ShTuBJB}>tD%-^fpN~`zUo~Gx+ zaE2a@Xm&_ABrV8P6vF>p@o`ZpD^GNdv(kX;K&CJp|B*sE@qE8&4KZ~keCO@(ipxq! zg#^@!Zxaj~$X1?##E9Ts2XL1U%1G)+nWuk3zeyBH`YbR0M#^*52j7q@%w52qV*<20 z_n3P#^X_)2q4)g8(?G;_NPi zJV-V&&j2DTS5_B`o_7Ay2g&a*> zm%#-QXl$t=1ekI`#t>rTVA>VLT+JK)tW2FYmHt6FKk}6L$?=>zV3SKtBqV~!nf2Hd z<(!xxqxn`pvv$i|+8aQ(dwx)#+{VOONNGBGNX~eKQ4ljyFEQSRiVw>COftb4qhRlg zS!P0rJSe@r0mw8~(Af&=7g`S$^r%Y<9$OJl&x~%FG2#%F;{1UPo|x$!+k@lGZUIXr zWkAlAaQbhQMw5*pvI&;Iqp)6nhCz{1hN?^_b*y$zZHhjc&#P7Ft_jinSYRq{{UYM? zn;8uRG%7Lli;SI(yXsV+TQp#CD%e~A6?wZ1j(CaHx2>?Yd;ppxwaK*kJBqoS#4LLQ zdYu3z8qYgy(W?2v)zqmQ=r<(iEaXccNF`sF_QLeT(0$!NwOc3|=3=9g4BS-(1q0#w z6LFF7F$BO77uzGRO)kdzh_>YNsk^)ooV@UyAyFz1oj2V$ya&s-5lQd= z$lBU#08wR4h>k`pc$DS{d-Ik_-U-qu)$J?f@x|1u*sG#a(^PMF5o17E94>Q+Cd53M z;rSMs<#nzwC8V942Yrcm@c0aCd zJQCyRozjsZA-6J*rO?WZwy!|0xlzEKhSFMhVH12=2%vMQrn!w?Zk3n(8*Fxn2O&LC zNcDia9FM5Ufzs{wLdCiM6bBW)w3_V*v@WclUYOSNa(kGn^mGXW>Ai>0BqHBcqCN%?xVhTs&li^$EBJ~uLMl!w)>_d9gm|k*E zbSHWA(OlVlIV^^f;_ZI|R;A0F35sH>cC{W;_H~uw^0Q|pVelNGo!<+$llIts77lLm zPF_g)06!`I0@X4uSbFs*eNB z5vFLNxQT)bJiNcu?QRfDR2f4M@x(iAbN4F!K+Mi){AP;=4D{B+ANg0o#dejslj4LJ zYpY9?StiEUcF{@0Cc1IgA%E&ebda zln2wu@|Pcr@zPkQiuebzkYu`qvXHLk4*+^JDpG%)yR;1rOv4!LO#mIgBQ--hpcvEK zpxJzx$p-#F>^!?r6}`Y=i_*{2ZaH<>oyUHTU>G|lYT`s6xjhB~DJY5bd6BQ{AZ{#= zslD6}$~8H{(s@io%?lRwVd056cM&3Cod=U9h^>9)Y$z@|;mE{(gk~Zu5p$lh%fRpv zzIx_+9cBxh3oAXX3Hsr~!M_J!(KVk8F&a-LK#*1l?P6xOJojcS3;=xTM0wDTH|={$x;~H2I8@6_qr%E!z#aI#3n<3&6b!QcZO% z{KZASqRP#vt$oBFY=g?VJ*uX1E$n#3LEI5J~e~@KVKq_cfu1vU`=d z6zNV#f-_H~Q;g{VsuMW)biBn>N|nAf!+$QjW~5+#7P1BZCQzdW3aHI}vi^Mgva=F~ zFp*B+^A4)$_4{soWdDCCe`o!Lfze5ne^HmiBxLWm#OV|E^PlZRE;FUb|*N_ z*0J@Km_}$0WSZ})13Z`-i!LRdLG6jYdk`LbBOJ90?km!mFFYt|jYJ%#7QH^dO>*~u zU9MDU$WwSF)R!-~6~(E%FJtv?FDC?7DZKZ}IG4pc5zq z*az3(r`<#w^6phmBe_$eiS8_DjP@P}Ur_G7oZE_#3q7lvVa}ADs|wbl>e(rvKH)6_ zGY|q8DcD0>NWD%SahB4w56*59c#Y@zxxQ=H2*2AGB;EMsz%BnQ~sT!@ij%0$3+*zwL3Ks{Cgr;vPBfs=H^ z222DKQSiNZ=cvF`i~>*~+FYNmZia=&xOxL*{Hg&)bHnMLOwc}=pb9Fkm6*lBw5;H+ zLZ*rgz!bREHbh*$_UMqaqo$!ica5snTv@sX^VWql@bD{iP&C(bb3{KpnHBJzsxH$< z;GR=lr>fMzZ0S(%dWaJKsge+q&aC=5;E|Twgk|vXM7W-2zUJCPgBl21K+&PR8Ka3Q zIfEh|XJoA4+Ho)gs9(l>L4D?RaRX20S5x)}sRJLRFi^i-0k{=U-LaW&>M{m@E1Q8) z&eIhf0zj*0@+!iHzk!;w-?L#{mMjn7Q8NNE705Y{H3q1Y>UF*88}I)^hx0w9veQgui@D@>{OyV8afY6@)T4?d^pTphV3g; z#ylw|gxJdu5PvbDt|A)dcGKJMwwwefCSRhd^s%Huu+A@lN{Sb}$-5sfJWWy#|Csk%RZnlwZRan#pcb-KtNQ z2gP27CCdPE6;Tc1IdA~7K{=|Y@kH2BL0_KAcf*FFV8e>7@@4FpIbARJzyFftf-#Oy#Zu23mYEtsiU7r-lP8tgDrmp|Be{`l95RKZ$mweAN+h9vvjJxOw4nFk5RnQ!62qKyw0T`jmu$vVSuzEFi^Zz5>Tlp(j~N90&)b57$q6S7u;0gCeJQu=ln6`YW#WbUZP=|4k1DN-Yn zSHR!m+!y117wm-ny+Z$>$Fk9c9sZiH9j}|~Gcg(|e}2actxpPww!b;_05hkuDWMgA zM)Q0(jsD#P**hh-gsP_$c@X@)t7{vc#>D$wGynAvPSV(PEIL+K5^pLXjtxKV5p0!c#R-&_$#pH!^qM@tTmzb_1y8~y<56=PtTpKuCrf?^oe5ni(qUE#{UM7^hCA`=}b;fSjthj zs{o@IrtZM-lT!D#gsLWf^zDSI*)R9okB%OB{WR_^CS!d$awnTYx~~h^zdCqsPej)`cwWt?*DEiRqZo0~#p%HOyK9Q)P%llFBF^}6r>bdjDqKWfwOOKJj;gUFUDFE z9w^83VUu@1DhG{XU06;*hS(vjde}G?`C(gR+`1c9`fUcvf$Ap6Ht7Z<2|5p`nh0gS_@QXe*DT5RDIP+ts640nl^YoyRq5i*eJ@Q~sF0#2>ObjaH+@3Q{vCV|;Wy5y2H$PK! zS!XJUd0LEKP@Vd^^<@{U*@Ha*-}mpb@difG_}~8uptN6!_g?=Q?lEk+gR`iy`Q?Gf zPX1U4&wbtDcj2ZNV7GkVkY!#V=4`=myJk%EohCWH=Q=nV4H9&JaT@o;eKj~bi=S#= z-S{|gt=BvL!p!gmErPy#0S{ptxZC67e`c2}Zmeb-H~U>m)|#lnjc?_nVOKU@HC%zd zZ0Zgbewwzd{i@wv6OjBxZqo^raJg5&FZ0*$O!%&~LxLCz!i5$8aUI|x%ax2Fj%oR` z`(_i}G?5o|hkpr)-9>T=O2Ux&7Woq+<{tvS=TB(1~5wx6aj~G0(diQ14K{Ty<1w~ohW;A@x_yQ|wz+*{nD<}RC>8togfH?AY48{(=ori9MNBU}8Q#jmeAUsl*gFXUmLi-UoRp2Thb14&VFFfXXSQ7mM>ao@w)Q zrVOL<_Su;Fl=o)}c*;UY<|KOzqi<$-Y&Q26H#8liS;naW){EytV5tcCLcUl(Euds0 zdPhDp9|XnidLEyFkCti_L}POQx$XS?5`?kkyxY2}2y;&YgD2fka;tj2jO=j`QkdF? z*R+V|R)z%Ft!`|WEkQ$f&N%3O|2vKn)b7Pac4lUNK61xm&75k9`EcV6WAl}Ln%KZ? zxkyudjS*GQaG;UnE*15C%3fB!x@-6C4ai8CY+>5))Fle=%d|p;mwijf$u?vP9}j5~ z(si^(Kb7eP{d>y1JMr)CYtj+)vKa@e|(Z*OSLs~ADoi`5bw&`&9|?&9IC zi{=PL(CqUHCd;{tDM17ka~imT+sA4ez0-baj}&bYhA7I-rntJ-4BJj!$epIgO~MQiZP115IWH*XP}e>KqC%@dws)?J~5zsjn!QeApnjMGLeD z^Ni0BdNZ#elqtZppBS5 zsytd^5w{!F`-x*NZGT^1_#WQ*k{M|z)lMU(UWPp``h8cW$T#$sf(%a0n4{@BRAhds zlq&}sl_BQe8!93!^#`{0O62?Y#?7Fgl|oG~bCpibk-T>w*s{EC`}h)sf4GA|X?*<7cI6MoXMNu*)`dSuc}(=!?j~*f7l3m?T#w z(zF_@^>??uQlXd!o=Z!}HehU=p3k=8rm<3IH(4SP=ISe5k>RP$Wd=ApT%6YCX7Awh z!jn5H-0UW8e)jU?fxd=|9vc&;ch-t8TK;_ZyVwCGYg-U?3@y!j`j^$N#$toa5>FfuOoXw zmE}#SqBSl8X7B=@ATxBcsI72bd=aI184yI!Kt_{tg{QZixaGLq1LBlyVFE_zBA9E= zHjL>o*jd+j;}x-$kc|b)12h=_+61(ltgn3DFBPGUb%4|f5WTQ?@^Q707;|UKvJ(Pw ziJ^ShgufFz-4GI5BD2ALNg^%9;G<)%M|?F>342p^T)1{+fu(lCl??d!ta>#Cl6Y9|Sg3^u+fmb3g+ zv^@jYoH+?lZX1k`m6Yr-4UV+@g0iMmG@Q7iG5fEdwJ<|(=xLWgr1gvFOWF$f8cLBP zu>lO_bvAmOvn74^ukCqrHJkK_qOu&7Q z-}{g0gtD0U(s~s(fF4_LIYc#j`cF;I3@M6iCp%fhi>@Wg&kaaN*(YZA1pxHb@^oK# zO{ioyD)m*K89a>gkQMsAl;wGadjiK6zfX0z1wCot8%1)d3DH#`>X}gxy;T%ct3)PJ zo~LCu%6%I)A-7QK(L>C|tcn7}rl#U;>r4AqH14g)nv#$^_4(NF`zsbvCQtwEk+$6G zmIH^g!OEYNZ*QS#aUD2Jbd=UGC@^R+#5bC*2g}TT4F6^&LVro#!{4SiKtZhlqPSTR z|FHkm&!Oupx7;yKXrq88YYe)d>`t=t>#J^mM{%}ut0QJg6bhBt*P2y^WRKeQ5NibLUxlSE{jqne=Z<4aGL=xBli<=zV8L0y4YIIHw(D`e$bA2mJ4)ZP}&HMWQ(_3>-I=f`;G zS}hsvN4X0?zAgy34TrAXo(br}ga@G}U;&qf+nYfV*y-hSD64T{e686MHY$8{4IW>V z54LQ*OxFkiWl@2--*7SS*H1+A&+|k-Hb#sENPO|kqx!mX z$a9{W%zyV=1Apl}T0A!l0&3mt1!1$gzXZ8?G{^Iu}Dld=J~wOf{{ojYKEc8@gpVd|lU zdIXR;K@FBXMpbQwx88xNpRZ-6e7d9{b=Y7c_ZPX%aiI11G99Ta>@FnI6 zi`pGo5g(od)i3&{(;{D;y}R_m^=LrIPh1mR!ZPdycX?aS4k!u?C=0BfGrJ3xmXAe$&=|1*h?_t_N(fVt7^I#V zdklhy+haKA8x~|~?6DH?wx#+W1yA@<|K_G1N{@W&te5}Nf0$$wo&o4om`qe*&S9`f z6`=2XxG^d)VCOAMeK}r^6_b=2)}K=V5g10*y~CEX0C($m;rzrl7*`=NiWK0d=^F@q zJtad>R>Q{S9Y-gwZR1CgMjO~u$DnZm?TfQf56g%HT4miIj4VFXtM|+1NA=HI3;=|? z5{D5Dn8yF+tO1XYk=n2eUD?l~S&Yb$tb=^Xm-mK0-v8(5N`xXQjA28TmO=!PId}L+ zMuRtMUaQLg@Zb@OB-Q&CVq|>J%EU{Y8&y3zRB-cXq68!T;Jl@cz*N1!9#@4+!01!k zW(t{R+^zu$#qTX?tpw38NApr>(mW;|MmG!aOXQE+Bvy_>Qk9+>7wWV^c~~-TZk!Hs zUl~|wFfAI}BKFXr!Jj%6&RnCNY9QY{hI=_h|n46e>?`&urB(b8D&;c0VtcgHtAubXej*LlBW7sQGp#8?oiHpr22qf zufh4T65g;PTv_BkoMm&c2ZBx2z-HB2s(A>2Q72y{be<~oWVcG!FUt33LDZ6{W(`KX zi8Aus+vKE!m&Byuovlz$8VmQGUMSmE{swj3bY?6PN&?+nCu6)v;RtGK*U1dv3ID7aez<;Fw63I6`>~7Ewn~bev zoV!j7mjHSEh4V@MM_xJkJ7Ho#1mlI*4nrV&ci=J>dFaR?OV}^Ak1WwfcWDg!QpU3LOTo;?51Y?WM5{>wvu193nDyFD=`i!$-i|qXFRql{b=Nh4Y-P9M&{XjuSWYVx ztOy;m5Z*vxVSo;AitVy}Q)qfc-na4XGS(5CSmKq{Xc{ap9f<%Lk)UoEJ42aIPww7* zrI>P1K^fru+t8ZW1>;xEy9>bQfcOWXF-K*l zW4mpHjj#(Y6uAWCHQ;a8TlK>cx7i*`KjQ(pS?#84rftB^`kHt}JY1Syhj>(TYje7W z32Gm$oPFSNF`v$&mN$t?Mn&aGA!U1!i`NK~!;CQ!E2+wN`fe|kl0d*7k@~*~SawuH zOHBO04_yF?PMm+nDs5@>C)DvBW5= z+bbv6H521z7XiKdic7;H|L|9Rm*8D(3|&FKc))ZraxO1jeDw>nT}d!mo8hjf5RtYb zfSeUxk3dhZ^agqXLoZ?fW9#f81u4e4X4Mw^)$J+vBM638AI>Tdu5H@TTJi9#@4p({ zl0Xkyecee_D3W{6$(2Z4yr_ny@8Y8~vZ#z<#AtI<$d8nJ_Op8g=6#-Ko%*cUbhUbT z&$csB*7cNL{g?6ku}7l}a|8sBVN$l9i0=jmd$FPXZ;8PAKLI3B0+z)ua7|v0J`!MH zN1)7vllRemuE)wGbCQij*CeyP7iI^@ ze~=E8n_opoP$$xzRJ%J;bb!$kC^-?t*051@O{kc^B5jBre(IRBwaxL_9K6cnn#zVP zX#cs6Fa?_q#`mVatGXnf+a8!v8N2*fB;ufo6FzbvO9$`)M*NJQck-c#gB{SU8;}69 z%KMvK8?9C}8UWYNc_KQt(B@oz7zsZUO7Or!751j8uN%oS*gt(z@BJX*5R4gKll-hO zjbWaSZNl2ccSoyS4i2we#DDVf>&&|2&iD6{1;f?qe;#?lrl*3I%YreXh2q~Ps!ie7 zr!!P+0}hfAS3i6Bqh%On99a0#?CSjOPS{4mhla!I^-i`2Xb!D3KP@FgLsn!p{fCwM z+*v_Y;Dh<6g?BI#w$UFx;tx#lHf&;p_cjL;d-@aZ3>nt4x7|^hyp)!U28n&uBMyH^ z)p2U_cscJrN29k&!W4Y<>pWiN&Om*+`8f;?C&o$Xe&fk{r(8-lCVk_`CjWi zWxHI4CY5OL&sbI;sXrS3!?f}7LiTpDcF@@LAC#u3=QbIyu``lxi}?UqUv_r&a0>eb z^bT&5)zMC$N!ih!Vxpql1yGMONp%}dmJmHbXgM`Ggk#Qbcyp6v?*$F_DH>2Mi;tH7 z8*0m1bylk6{Q>s|;2C=3AQ@>209>Wy_ zM5f2M5GIGstDTg*aX%h&)FCwPa_Gc@3WqAm`?*@{mI1>ggiNnT#OC7>mhUnNUd}^^ zx#WS%C#*lpY1ylK#u}Eq4`b(jF8jrHTzoKe565Vx-Y=BjunVtKa&DB*TADeY>53FK z-H_v@BK<1VLsMo_=h^RF>@bFFzqJwxEhu9LCiaX;k2juYi&Xxz@isQ$3M4P)7}RvU zm%4d5FIC6x+rw$I!%x+if7f=ncv;mc#Ystcz3-{Nrq_k!!ZGpXFMI^MU&6mVF_dJn zz&PhUrJKC%#n*)jykn*wH0}|DW}2xz!PBe%1s?_#n5H%}X1;=2O^&;Z295U`nyKX_ zX;?udyi!RkD=hl-Y|*0E#Hj&xcklPL_IHAfXPNU@S#hD$ru zTIxPkZl7=4SU{I?>Xq+y;E10p+5Y)E(;!aXup!QjLk?TS>Amu>cxI@Y$aT4E%A**6 zzHL*;D(#c6Yv0&+rpRx?Jhyb(^=}xMksK*MT{Gq;-4|YRIvahHneU|3+L%lk1>#)B zVLsybm+nAwvbR!>*yWd)M>VdhZ?-JsRX!mWI>#0u{M^+@^kk+C!JI?ckcZsF`;0ni zH($Jvl27DW!zLM@`U*^1Y}0Z)_k9BFmexac*`GI1ckVcf?Lr#XN;igD-f!Bt!r{6yvnav^ zWxcS8Lclfug7-{^Soe%zt!d)GUbDP^{`8uyAMyuHibbsjMsvDEeq|^A`igL@lic~W z6XNP3zdTsDa0eCrOJ#I0BdHDa5XMI38VSX_k0Xn?%4;oaZ(jQopKK*l;WJ+RG?vI0 zYhcP03+zci!-hLo#OH#{K?<+Gt$J^^6!3S|($%jF5Iq5O{D7rLaBJ=3PBsC=0?*oX z1vs77>Y}s+y`|gC{I!S(@sQk6HFjY(in{^--saW9}OzRPcuIt76^a5 zkq=hPMr*Jd?2|?tk|?SqY>mO;2^Q9HG^I2+JH+@+v}Y%en?t;)(I)qzJ*za%JMqM6 z_*uZ-Z%=K}-)|kdIT={Or^vA$y5PP_O__BOyxHzMh;!0b2?zTed>%x}vJl0PJ3W`d6{eAm} zRd2^`oBj<-|JhAAr*Y5$X{(lBOW1d-CD-bgxDYkPp8wf#By1eE2|W;C_<-MK;oS#i zN)p73TQ!(S4}X7kss+CYz>RFU|= z_~zEy+pBB4p|IG1t9QkPzSx$PxV1IiEW6g?*M}30Zw>VNPPQs{wvaw0EwWdz8mJYD z(jPblp_jVv2Axk+i-M+4P2_R^I7wqWtK7RJ?gH*kLg;Hbt~Se6SS2);Ne>!b=#}q< zXCs&sVYn`7`&sQrtH6jFQkp6+=YNbQUu!(5N3G%O>E}E87VMuWJh`}?v94KR3~k8w zU^!#lYjTa%dc}UB$Ig}r8`>w7ry8ev9sD&-(z^Aa3v=t%h!g)io#7jf(owv3gkxx5#TjShWr?>5fpM7cYQXVny zGncB%Y|Il7+lSyCo780wT%VKTzRC^o^3yZ*cue+FdBbF4JF{qAvfDCv*KOI(lQ}Sh zL)G%R!_b1uo&mgLj+OCx$c+dX=DPEdTV~0_#ep8Y8d&5r_Mf3lPe`u;+@$q3^od}E z=KfChsJ?hKTSYrCF$X;Z`<4e4Vkf_9bCx`IRWIhJLDrP`#2L;y$r{B?O9;*mKDJ8Q zwcnodkIk=}dxNxdawgoC?|%>VdVhdPzm@^N$CtjCb^haQ)Fi^8RyHcAa->9#1A%_% zHgl1xuv~_8t8vK}muxIK5tEP|S%VkxrxU5?`XGXnO)(Ht;A%G&33@Jt0oE`*WNz@` zE)`CYX>Fia3A`$mWim-cgIKh{`wG3B4BrSl)lZB6$DRDC=oLv<0tkp*_WXFc&hcU( zqy*kBk~k6%#+n-Y4dVoP_33I^zD4`P1Jn))z5Xfx~ zVEMI!I33%hrzrocNU4bHNAwU=yp@Xam_3(Qjr=YX0u%aT!|+~=9Tw)qX-qh*_sq0M zfPM5hLjEOzJbFj&Hmc3rP&kaJshrX4je}PcwlmJDkhbl-k}V!=!0z9|`#yI!bfWmo zQ`n)7(d~ob`Ay@lfIr;s`ydH8iI*Y z5+dNsDxBgalNs=7K{C_tL#qUhIwZOHIG1k%b>z2K=)s$hGH{HsD~unBr}u3b=uVb; z7i}saU3Z($XyxY_<7GL!cRpVr{`a1L9}C6MN~U=tB(W@vw2vh#(hvtW(_U|-<6@C0 z_B42tg>6I2hwbEr_5fS#e3nnR2Otqq6d%@K6RZE4Jhxzb2D0P`nWiT0lOapStaGJrzjzH*1o)_}S_AjeequNsDD(9b4As{t2v^j5&#!I9Gw(`=iA%V?e?$xba zQlhc(IAaA5EuFGE`VtW>S#Kwqzk;>kBVxgZWMf+~xPgbwqC<_IP=X&d7c{1cSN!iCEICo+3{*83Cr&4T%3>xAUXWLey%TMCpuuEldaasgQ_Gv1Aph$9~mp z*2Zm=O;=^agAz=fk!43^+&7W+qDd@SJp(YKuDg4wD#JIZ(g8h!soGL>BqqI(v=9(l z=pX^FA{*roU1lSNbpIKp<{H>{-XJp zQsyAK(PSC=nGP72kePe~RCnBi4D?|>`6PcD?+<%*v54(D6MM1vqy~EHiu}4IdaukN zMIC)h$P0z5zV}uj8pEwjDpR*QJ{aB-B&+1pNn3d6oCT|0Y$PVuIRrhz9I&j~U{V{E znZSzr@`-?hA#mL2T1I$`9uu`~4rU2@wUSrx0@y4=WBHDgyc~}WhD#sC7{W%30{j2> z)Tt@nFqo?cE^lS6%jISbvr4103n!r+!Z=>$ye+h?@0Cyk@4&)wWK%b$QAW6viHcP1 z`X$18YCLh)^Gh4%NZk!RKP9Bm68-rYhhS2lEh<)JWpE_7?Sfsh_-`9mK)JZUGNT;e zL7Qis^o?8cULtW>(}<-id~-nDS{*WF3b+U*E*AYQ;BgK}EO`?D27UG>KIZdR=)q%3 zq#iw~L+)ur#mUfdun$&}u~=UiV(a>D55xkZOSu?{m3K`du!cBc5XT89r zT#wyj$W?^A z#+I@W>m3oU`l7N{!f;Lbf(}Bs3?EMsp(UaH<3PTwC>L-1eHBLYDPY~;k&P1hi)d&4 zIA*y9bz&S9BSU}htvVeGO-8%r^Pnv-ro1C>ljHgX6&Tt<0HVRQXOq)j9#5O}gl_D( z+A+Pw4=K9eP5ihAF(^jN(Vw^nVkLTz3xjY0biJe{SBG?eGzSR8k|l^>6*9AUukYc# zm{oH;DZBOOCFPaD_$n)ZCB{N;J6>ett-zr8z}uUr4AiIA1^{PifDpz-@KIkvR)25s zB&%W*sK6G0(0T-Skb<@uPk33V#+|TB(0F|EOt(O`M(7GfC|7rlcaRKQiX~adh&T!` z;}hPLTa^*m#$I0TuS7l2ApfF~{^5{t5<-Ec$5a}Q)kfbLr-N3Sp{APUL*F(rc-TLbwP9T)LRBO@}ZQTOsGJ&pBhV zMYg_SiHW}+1G#!$Fh1M;)YFl5GEP&=Qafl%|%$an}`3n%qQs_adOBesi%u8CagiX1vwBP=~o-ChnHg4x{KRC9`aM*j- zx&Zub74Sxh%RYAua4#!1kL6hEfxW;- znWImA2d(FvVTaNYfQ*q+ztb`%$)ANK?RQv9Xf@YQw}+t42aOZi%EoMfY#f8|k87mL z=3QM*vt|i+JSh9<@g4ceXXd))zzugwIqNE2#lhBpz2W9)E~uB~+zifgYe`FO12bfV zz;?nV7Ov3~${*iZsqWsRCX_|tW)z0^VJyR35X8bqh_NjfOE%I|=8D0*4aBGf+^Z6s zg)^`_(A&%syl3GXbQ_1xm|BWae@P71>3eTg04{s;HsFtjW8Fht%n$LP0F7&hJ?qA$ zI_092=xh;8*fX^?Hl{UV|y=f>u#d2 zB|5F=`ySoo+rE1F#uQW%A58&nwK`4TY9k`{QNXo&RQp48PinL$3Yc}gl%Z-_JBIf^ zwgkO4Z2ZlsPo}5WJ-EHr6}s6MvAcQapY44_d1Po1@wPHTr)!hWE#Aty``qttJLURS zC1#(FTu6bo>+d*+-I+le_r3w>O75jLqGQws5#y*&lx5*+{3|8U z#M_(0Lm$?Y_VV$2DXRiCyAM!so>Y|Kdkd8QoW%;UjSj!s7ka8Bon+ma^E2YNnc0(0 zmAkL&P-jubT=!2$Hn|$F)!Si|db7n9&{>{C{y$!sI%tc|fn|mJCHzqO+Uf1umj1rCM8RCu#!)N4+u0$41^c`TV?9+@M`DjQd~< z_FMwivOOu$hF*q=fo)cRVotUI^?Ur5DggU^ODO;YOeH}cTMoP2NuJd>wi& zcJYp-V9Lt@YjgG2de?BX4*v-Vu3R-$Ic$OG>m#XDAX9F?@JSrkJlU!}6E6r@&a z%r3QJRcbRxHBBs{oFC8|FoG#7`S@tRYZ)6>uh0N@bi{=5717k04i5VGH{`wX;gegj zi}YEnKg1?C)VNRl+L?HQ(osHjM8$fpQqGhJY_3vCb{hVF>x8u@PaCry(O0=JbCY_% zxf~ax?2Q;ztJ13xz~0bEvi{0Ub2?aaV`*evZOe<_EzokZOK~)0Lcw`OExa)a{KbL> zc%mabTudVI&WKa$dg4XltE+2)9tzkhOEk)$tOd|Xs$M3)CFGypbQY;rjhf-C?k&%H zJx>!msy62z_SS=Y?ovn>!CQdn1}kX0*lMsE$fOvIh8I^!?-m{;Tkud+7SyRGFOp1? zmgtE;lvw9U6jN>B^#TaiU?oTI{kV-K+q}EFzLu^E-zz4nHOQF_+<4ZS^X2HX9@k|% zZpkrT_M1jt;tpxt!=jAr>a!Lp51hq-D}kLo89tjeXcw6=5+VjqSXmLT%wKC9vjg3v zfs*e-I91zLczxx#Y1;pZgy3e*{ThhbN3Q7;l6)i zpY!qdEYt-PID@s~;bv|AzrI@(_E{5sg!)|@RGqiN+L^4F+nk9X-qvVq6S3nusnFOl9l0A#rB0*KNWkd{+KkmRIw0R=@x z^Zvwb+cp1(9OcbNYO~IqrHrZRsVnQNz zx&h-a4{jF;#%a;nTzzF2ew-bEB}fl8F4)4$QFIoHk+yDT;bVlYG zTRG4D(~RF#|B#Pi{nCEIP*2sKICV)g4&?5jcz5qw5RG>zaIQuc+`u!NRSLUHMQn6~ zGj>j{cR!#h{C@z`+t$=M`aVFVS@+$fMw!>=nx?j>gBA945lHntqEs!!9pMYB&dWIT z>+~$X`<0jmY95XwStHK{CfDqYe)fSMpj_N1O4@1Kd?OEyswut(2P_QQBaX=c8x}`R zjdquKNLby)j#B|JX4=f$mlZa_7;mIFshM&*_C2MC=I-=VQMx?RXSLCsU(Nh_XGfV6 z*4S~=a4X1&1#YHdwDs|u4vdYV)>Vfn_KoE5R0mFO9MGfqs^yBCv*zgcHq#O%A-3{` zzN#7im13Qc9p9{KQZiWFcr>MCf`_L4Q;1$LX!6C|b6*q-chS`+5s_M?Za~j!9?m5T z=@e8^tVr^<-@`KYW`3l#e=}4Ns{dABHFbF=DEiUHT61{s)QO8|KnmlBCSON{yEYcj zFtB9p&5Bc=*cW(%K@kbD{cf<<(%epjRC)y0C*x5ttA0K0m*543#2? z0+rJ|%WK-JcE13x*0eh^Eiv2fdP*yJI}>1Nhj*`{YDu64T_-T^?6q{~H^A$+p^b;q z?SsqYpygCBW#NRzSN3qbURXHAr`Q(X_S6VVgq>3jxai(Y3nm88^&ws#=ol`r75m;8 zuEbi#N{}mABSovFD#3w^UoJhtnQ#1b!fM4Wn0vG?S^4^?3i)R*xNdLOjP8C2lEho{ z%Q#MrD}O!hGt!JJOw-^MX0xC6ybXL1+3Hi2X=Q|D@cvH5o+8AQ=P|)W`i(()=h|hy$WN3gH7W0Ay%}@N_b~K z2hAK8^j?-?2gZ(2wg&ETo&op%qedEvX1cs>6nOgaXmXIbrpn@q9?8s1MbK2;&581z z0Vl6DFl_q`MB_vu`{q`N72imsI53nW#6b4|Avd5XC)2P_oE>GE+yn*%J*U@V5r#Fa zojd4I{4T-G_UcNv11LF|GcI6hWT>$zd--wfA>^P3H%%y+g>I2MPDJN>$A4zqb{2;# zkwl4KF^F3QPdbhV+#>FAsH_Ml-A#lEmW3vpl)wP60rfTCZp}|=0OOe&?;s8^*(cU4 zhjF*V#mVNCPoJ(bJ;PjEt(j>m_uVs3+^t@JX8(VkF;H(t$*QDvkrC&m7Q?Bk=c9K{lf>XBpJIJ(`|ka!3;j9r9(yo|h)J9USD zEipw2>S643No+7l{SIXy*$Tyd*l69y1Lt&tn3Ww}rW1->JF$S&N?d!|GU_^b42!@a za~(BP*TnsL><1<6EA%Y%p)?x2R|kL{=gwRU-+g6QW}au5xPaCpr}qsM@Uo(CelvR( zR>}ngXzn{ZB8d1RPD0#O6$HsHDX)jlXWuFM3()qo42)+@F=+5_qu9PND4{-N<+9H9lI7O6o+x@7(bLh_oL;dBq)cxKnmAw9l$DuCgwo&aPT@@(m}eAYOO z7U~U!R`gmR=%LuTl11mAuS($d14~M>biJV=y-4Oex)=tJEJP3=w=wplGOCZA~ zA``pEYP7#O`?LqlBc4i|wf$^8{?TRUf25Drdx`I@)M>S>e$}1RZTq@yC4uW0qlXRa zBuIP|){OD|;rCO#EvMEdQ~LDI7k{i;5PPlv9WL^1k8t<2z_1{ z@7y7Au53*`3pVdayi#NWICZ$2*N~|S+_J4uwLH6 zVir2-3We%Df>>y_4Bq(=cd$nOcMWJGhGuj5L@Cms1LQTMx5zN2tb#2(_#7|4^oM*= zC5qVxJ&}Nz3X&5O;URUFZbzyv!1Tmi77t9)W9D)TLTd_Ej^#rGn1qg8Pg!neCc=Kq zz`UmFNk`uHnw_gZ=dLNuO<9EyH2|M@keLep`*zO*?_BPN%ZxX9#cR*8VikXyp(Sa6 zhZ>A+5iaiuLbO0D<5i?SIY*X<<@UyCE3it1Q|3;rK$&pCGn&cpkN_A-ZgvK|zJGUF*+byt=R+Vyhs={@u{1Ba)5(S7Q=HEq>qCn}w}CyZ*DOIasp zt8!b$Dr^P}`twAVtcJh2xg}#W$8cfZ$N{W({_>iN`2dDO0sO}0RLQKHGI@Ri;P@2$ zH9diFQeRKWJ$L6#$FAJ=iH?wQ!O9387oM@9-ZZT z2d3Lo1n^vY`qHuP5Wr8JpAI|>6~TTT`Lo4n89&!vtw?3&llqXGn;WpohyJQkQlI1P zuqIn6T$I-CtC!DT3`uis)@_UkO>>(vscqPH#_X+PfwbT3^WFxy-FrGKBJ6Dc-#o}N z79xrfYog0;;jXRQRv+|>;V8DEtH?{85X-*cjK*B%$$;trfY6tp`L+mcYLy6ttokKi z6&}25YH>`Zv9OsiOOJNw05_f~+z|`0O|9p9BhovN4D}^OO#!mV+CicCONWe*D3G3Gs*S+)-ng?HQS`@DI zGqR1SIyB3CLH&gbhc9$*qo%6lKHd+kWyqokD;AB70eY4ViuaD}WKd47a6CGxK>h1f z^!?2pri^*x9L-Zj+{naucY^LG$hKN5wPd_@Yx zXp}xTyl=*jSLVUIg0KV0( zq9E%UeEg=+&%17gcI3+jAX$yVeTO1Rz2aCje1?Z^Vd`xpg}*6gqNeg37W>1C1odFC zB|7oD10sO?ulJ_9tz&sYItF3}O_Z6t)!5Mi$~@b=1>?A7Nyw$Ek@ITg1hw3E43ilP zWnukYxlX?O6q~uhi^dmA<{kF(KipBYYzYer+7FQH$$%d8h(WCRm&7Z^xKtFRAIRtX z=EpS`h_Q`_FUsdgF6_t*&X`_|*q8LgwF8(Z$y;{2c#n17-%tO_{`%K#_QEA=>$rlQ zG5;obZYo~>>#`kRe$#DLI1}Yx14Y$@7uZ%Ee?z@IGRyqK<@rX+biC7u?ZX&-WE}sQ zy>fnlJhwb63{=M1TU-Qq@^N#FTL+Wv4PI&}9a`@GU&ITRr*(-K;iv{O33(n$m=7w> zrQLd1eCy3Rdp{`{!gY9B(`v^zjyRFeD4RLUD83h~eVg0w_&o_dF1OJ!%R?lm<{lue zryr;sE3O_}q+=?pfcG0uN}GB;;;|}ukzuHHH_4teHdsE-B2=oNGIL#;JMx&zXF1?* zc%0zwtBeSG;j!q2eEQ^0>NqV#jo7!=o*0g@(C7UhMQ0w!^#8~4&u6#UW*cVixkv6R zSGBoAjO0ohQAk26N!sPiF-MZn2qD!Rl}dd#H_1^d-6NF_qI~=6^xN;x&tIQ^KF90* zd_A9!=LPrp26wLW)LRE^)}3c}cE4jY_p&2>S%oHhu?xO-G#Dk9f)^NKm;EeI!tXz+ z(9_VZ{L1)S(z8Hb{V|?mKmmoyl3&}n&OA3;W`3BgXhxkHtZeFwy@L)Z?Oo#R_vG$3 z=kBFlB74fX+?kdS2(&BfGy-5d(u!n%)omc#x$%uUa)Bgsb&KW8l63z$&Tgv(&W8-L`R49iL>K^hBgwkd=@7B7b2E!=aSExl zA99EW7};?hn0-6P+zJJ?sV(4<8R=4X1KpsA z!S{CMg3^@{iek)`6K&c*i^YXLv!1KT6G8Zkh|3b^t`ZJ%2-d8Q64Y!jKt{ET^|{-&d3>~YjqrRGl3!B*T4+5eIORod;< z@u`KLfzWG6ll{&9Ay7Zs>dXm(t_b=j%H+cOep|htO-7V&hyXJ^e9%Q=P^F?~DuJ|U zGqoqb;$}CQy*_ka@lYY^U7-)MPCaZZ z+)}s9?8_*>e*4Vz3|*KWYI>sahz{{m5wyR8kyo;OM%}!UN3T2;37oWtnlP^)xe@*6 z$fHcHDm&**dd#|`u^%i#@(ENHfP%Uv!J<43gu~AR%76eSl$je?R}79H|6FpC=MVz9 zR;TeWoXsHH9W~ci(T604L^u5u%%64Ctn}DgvDMSTCk>8XHLW{~C)d|yetiGyE^^nR zPDTVFgE7HMkb_K|WL2&sPi)2W6wFySCkxs*V2TR}B(X5JU#k^PI8X{s`2M(d=dJZg z1WPawM-gkNz+CTL$df5`421}3EWvrAj?v%9vF2o*p(2ef9L$KnTb|v%=FgXi3;C@o zsug-A07MOCDkqKATQWruM1oOtF5yCd7SyOnV^dNck91t)N?UshuLu%T%kLhodQ{XP zuisO}jGWtF0gL3v5_QFdCS>9+*wjs?*iYb`r*gk}j-vvgzT5nG;Qp*N>;~2FoOb?G zwZk5{J*-EZJ{ir1@&07S9I$WP!|{mw&trRH?|3>MeN`8BI15rsGkRD|Y_44xVm2w|E#fpBI(I8+!>(JWK0fAlCpFS@a28P*WsWs)o_`Z# z1bnjWS{UFX3+$G;S>?s@rD3|X6z^WOy>70*C7wR^PCbml>qGzhs8Px zLPAc)Y9vz*C!Z#iBW146Z})HB)O;pDuN=?iNIU6SNRLU0r{iM(17H2nWnM)3u4a!w zeFTr;8C`x15H}r1-^`)u*uhfzs$Ss5;{;XV9)VG7c(NOX zZ3iCIxnbJQb6vKUsA}=>9w6MEAD%5Wpjx_k7*$u!<(oJJd*a`RIk1psEc&NwsQLK* ze0dDIyGy<#PvAN3WQ)j8o~p6 zrj^;x2xE3SR%5y)GBz0@I%0*?=-we}rDq8$C!+uOerT8-6UNKYsZH}VDvykXde6w` z8tu6kXKSkskpJE37xAoYS2dzVTWI1?;zF#SjH3}!yZG{(9kCQ1UU8XPz9QXhGMh0YX&f@zlODIrvA7Y1N~$p15Vyy7Yzj&%edpu*{J4N}wxKXnk6H zJK$a~>PeR>X{rns>(i$C?fDNq-}pdSKlx~q+4A`UZ3|pb9gdobvfH+kdS78_30_gs_s+mf8%AKM&XrMS&?t5hB*hx z*Vd?{2*CY^H`E%kkA(p=MhDsIGh^K&t@7tqr7;*)!%l!9p9LLvusWa#dAn)a%ExDh zlxKl}jdxZGNh*}#f>5Rm>%q(_>ZyeUGlbBw;*9t1f4T$i525hYr3=KPap z%n{kPCfty_*t~UF&Nh=(sNK~^ zI4H?`|M`KSBCE@7r_(N2Z8p}G?;PjVhupnlVQe+{1>!jQ1U{35_+UscIy8M|pI7Rm z(=zgIcOgMS^77_AB?qh5tBiD1&U9S*KJcYuZvT0e5DE05G)(%PNug9!LS=GyC|J}D zs!&+oyOwm=|4jEP2dtv<$72j8j{)#=yt3+QKy6eYgZeAX+WC1;xwyB=Fj&7ze)N48 z$mi*PW>sug(+PM^pc&PJ-umWJ{=;zZ=I>L*6!(-mn+U?>4s`xMMzHxYj=zRFLL1OiF(3){PPdKo8FbwXpiUS7N-oE zCL6{SOQEe&h@DaDHEcu@1oPND|K>K3AjN3{#mm!gMY3$}!yU>|BE*(S1E9f+WzA25 zSfN18`<3gK$7&ziZz*WO9bWL>A}#yavQ~$WCqvI(wvwv60^oZI4EcGv5XR)7h{54n{3MA4P05^-uCHnlrq4a@TiFXtY>nS>k=O!-V-7e5zaB5f3E4^gU6;rD>q`1ZXlk$05I=>? zz|hz}m0lyZt~7EF6yz0akx+8K?I*dWt94nY7ksV1>HDUWx?0QNfHLK>bs9#|b3`Dk zc5t9}u7H3#pfBZ#%4E)L)f&XBrxZxe&a=GVlNd-V@D|7mIe%F7xZ4Rs+u3|LQET0y z39f4Xn69?D8l50nqR-D=GMPg7yyIa{GW!~dNzRAH{ydgfuIdOO!w3!$yy8<#$fH@? z8<)BA_oEJM60e-S^+fuG1y0!Yj~q@;t+`{-Quk`y7^u=?Z>=TY4^58T-^A*;V~Nh9 zJ9pHy-_qb->GR9nh60#9Rr(c9|H?Mx`rbYNfx|dbkh=7a~N^ zbfXj_)*#2XinHseZ*ROBeE|NY@7~f3%ED1cfX_?_0waPq2%}|hokHsJ==fSbRH++~ zG1Ya&M|x)AtOa0jHB&9-1zYXFje5)RWGf`_m}4mfbT@)hD+`Zmj9j-lN!jva3tk*L zd%XbLBSF}aUAH7KVYluffd)IeEMLNnu@Ln-uciO`ZL@;2n%h*{B>Gx$X4?gMlPl6p5Tfgo1#^yvZ6ZulJH zDi?0e-joI^Pxq=YoJ~AkWcd`Cy&w`s1FYHXb`jAUL>d!TOUr@TR8dQaz`V2QEqYQJ z)WJUv;63|!;+b-O)yU@(4c%f*L$R_out|3art7>;2^@^u)hl&`I*GU&SGgNSTze_P zaS{rW3R=v?W({5%s9tAXK%+~f?x}730@Uk;7|#z`>#=pF6}{b90D&)!^(sV7C=4og zlDA#I|KjEt=7EIu9L0Eq=}q0lSvvjNq#n_+Jp8?#Wu{Ivh;u4?5AU(x|)L^yM2DuV&vfhT#fKDyH6bIXqT1T)%@$6rMK zg74b$Z+SKqd9G(f|45WKTRS=pKm*TQ1!cbtLAljF3f5VXwPVwG9>@wO*~x5p;B#0w zcZ(Yq6(_LB7`;BU-OZ-7#p0Bvw^~^q&ts;fdO(Sq=tiM863X`okt{cv%8JW%EQC=7p zl^cCkhw`PnIzV}zc>D)InuMz=6hkpZI&jS2BmkYkW_GdD7m4UDv1*rCsX_T+qZk_A z7a_G9dpXMid*vwL=KhH%+X5|3yfF%=V%2FFz$HDcSSXoS3Sq+-SpjFay{kSAk^xpO z@T^+b)PvyUeIH*&S&kQwTtxg5-RuTxh0G0XrPLsE`K8sH3$sK5(TO~ zY-A4@PztUy3f3=UAQQA|e*xy6WUBE5?{8dxW4rvQUC3y=XHp@EqyjJnz>sHP2+$0f zbnPFY4q-^gTw$LSlt~%F`uO7J0c98~rt76uVV_-UFS)=wsfI4E%TWM&Rq$f!JpF?V z3$e<=@q<5Ri9=l%c<#-iRH%iyi(^lpAtjaLSIqA+B>#BdC;C$*j)!~_&I=}arQGis_OqEp+FE?qy&(+awzVI1z3${p+8 z;G|kVPn(7yJMHw>eoMq-eKX58K4_r+fT;$uJ1zhc5cAD%IN25pibTB(a8Nkj5)+8)HK>Ym@igm`^$ z4Md!3q7GjT%;N~zNIrPsfmeX`h5(gFfNLhNYdl6$EOjObWmH5X&Wxdq!eJm(dU*^)TeIN|HmRR(e!oeE;GrH1 z8agp7>l2m%kt(xSr5h4l;08L;tXxAMm*#9(pvm!Q%qmg5nsxxd@ie_mLyf8J)8B@QL^S4yJBTx_S6jS z`~6yZRe_O(C3L%BVJv)tvsKd0@abx!LAYYK7!5orMo~{z_|^<82(Zy zMpe@wzc0bs*mA?oeqN1_t$nu~epHvZ!H`_|3O=!ZrQ_bV>!%c$&R7Q5W|-YzPG!c6 zG%&`-a4o%33Q|Cc!85DKKHdo|?a8NV)>9{!7ab;9j%sX0Y0Ac09O4^%TH)b^8l!wN z{mOyR-61qel1raJl{$JAyUv?;Kb96lIX|=u0Br;y&;l8&|(<$l9bcI7WhpXirC7l*+=wW z=BxVL0mef_J~HZ7jmjR0X@RDCaa8+LP}hu2H}2YdYov z1^YZHcosl2L6QQ5E_}*T+++gAnM&np|6@YH+Xs(!K8{O$*rBOY}NFI&B*_a7Osg@ zrfCU}6sHA`{^K_R{#S~L><9kKZU7Y0zhC+q5$%D#- z?Pk(VZ*35%fc;qly+6x^{1cnp=#6&@Gad6f-^^Y~C9lWzV;Tw^K|$n!+R}j)^Q-v? zfd2Zi=ygrA6y>ocNHYEhvrK9T_$k`>2zq$h=d00|&DIAYMo?#-cq7X6=>4QB#Sc0C zplY<-aSgYi1B%w~h2F+cxql4bWyESOgjzOpVS!vFYj&JJNSYS!5?z_Yxn=)3f3UDf zGflL<=HPBaqd|PQ>D!?CP5Q<@TveX+Rs(Hf^Sfx6)OG4jiz{dj@HFfKaRq&ls|olX zE^=KrO9(<>y~%fJCMbx4sMi+7HTQJh_luTRwNGmrgcckjx3c11C#4Kuj6XPc&iQ^$ z)9ISt3Zs5i#Z?#Wnx)(V_ruR#CjEo*nFsWzdvWh_RO4V}zX@-kSvAfwpK zPQP?i`Mk-q6vXGIPDOQEax-}1GqfeJ9{c?ouECj{k#?btUZVP=WILDoBL1r)h)F~3 z9C^u^DT*4P-Ch%&ezJVO>oByLp181mRq$O=I!)d9pihbnwK;D|&}5e?4Ho#T=D>?%h!jzXL#nG6^PzOq!8$e-Qnh zohf3;s~f@d|LxmzHr6a6ZvP{#xF@AC54NVzjRai{sU}BP0lWem*8N3=B^~whBY$1E z(ma*biAvTK6F&EMc&i7q<4E6vG&yHz!}f_keY#r}Vs@ljhA|F@ zbCttg&`xZvT=tW6&fB`so3G#6?*E1Y;GNWie*J4P1FSZcGmFz*_vWl^<^gRgOYTz9 zv;=Fz=(}8{XvOO5$YF1&q}@Gm$RKT3-!Ct?Px9v50JPFyso>Nz;{A0$*Cs|FtvvZ$ zs6mo~;P9sE|H3_e&PQWiU2=0jXzsG=&1v`9S}i7gIGkw?rn!x3&I2|~j**Bp{##jK z4MZJB>#0u_oyqD(1sl-5+c#}&37S@6asqQ9!~#~Q?)?XXJ>z$(pc(f&0(_tTexmEc zF)Tmv^c?5u`4i7v3JnF@G@B3V3t6eh#+x#NuD*B)38$Z1It~Mx^nlGrQGe6ad6!~2 z*5Ut2IR?$r+(}Zw#xz-}eR@+j+y1T#_3VGZjG4p4=cg@@jnQH|jL6YAN%~(Hc{uP) zY!qr7twE;V#ijh9=%X~3rI>Or#W-7Tl6SfzRJ1E@qxwL z|1eJ0Zy&k!dK!W0W$wJimZt&IwkVn|K`;MoGip)IezZMlmf+@*LJQoO6I!DA*L?3Z zwH{Ryd(7H`&d~+8mdSW|Jxu*bRstRDv`T67S*;s3I!S~ZhasFyrv$P^eS;>4z5^mo zqnjYr;bY}8lanqvtiY+FV`zCq@g?I@AHIskUV66aE*2c}jWb;0D93?W$Sb{;lGtYg zr50BA-T&Y!(z@F#@|v7XFMdZ&xmdgzC{(t(&O^Lemm?tZyL7a(3UX?^e;QiU&%NHF zh%_zFU7@;Up)n*@=sUgKQ^@;C=cWz}x*dEi$AWJBCfaUoFTF*{k-oe;dSPnihMQ{A z4}W@8818xJ7DN>xME1W`|4sk$lHRmDYvolYhq$uq%gakjnHfLyyrP+JSliULWRj?} z9CcK`+&|=*1)h@<>IMCpdXzw$rQfkOC#&{qc=8nHdF-20#&&qIWuPz*&NHFPTmZC4 zWI*#~hN|EcA}+xk0q5=%m?6d%bWyjLdQTNEV?fh;u`1N*=B{105c`F3SvJHCLd&+Zb;p!dq?|!pu z(BMy*{jii0jPIjqrdf4WPK`KF9u9;amAI!}A^9Tsd-I{&Q#O$TzRkA5%v1`Yk z$}hL|73!q64a_854J(2N8(~vXN9EcwBemJKbF!0>f&~iSl3NWB!wBUh* zlXTh3&*DLB{}YG-f=er#3ph4HG`)`QD|4#PLl8}Qo8OV+EuV_eKISd#q7Yn4bdj!Z z$h%x@EJT-3-6|5u$j&!%vQAVybyqjftEM3ItvZhaaHE{?9al4Fth#Ggy;(C23p{BpZOp$s!nR zgqb$R5mHras}Rz;oT79GHOx5sJ9_uHw0bECi+Lg3Yc4I6*(ZT0mE-%(9_SG_wq22t zulMl#NyyRpi7yMfq*5h0Hez|F)TX_<(I719-k*N~oGxY8ht&Td+Xr$^8y|nz)vU<1 zl8B(}ZjMnrji>U0Lo6o`kjmS$c6OWav`X9|OOueerGCi1W-hc|&+n6(2vwX5C8?aw zB9%8J)Zzg(90*A&s3%=qZt*)FcFJa2gmx7=W1H)M^$&^4s?F?eDV3+_l?siEYJrFd zFSI6%azsdTCd245GSg$4m2pF%XG?;vUDorI zZB)pF{gQ~1J11eJ}$Q3MQyLK~6@cHIQ(hSl^5u-`-Ho zKKr+%$?9_6wt}_AQM?;UPu^LE8^wF{&i+|?5VOKqW=Nw6Vr|Of-U}zObaDxME#xoA zCE8?z&n%EC-Q3Qc&t;>gllp0`KyBhJ-<1LyxJk7R6(wJ%rSYA%CUb1zt-hb}Zi|@M$m2}Hj zQ?81nkoj|e=9Fmgd?~oepqiHwfouyIFa`0{Akz+-HWj zJ1ux4U~KEU)M}urZPU_SpydaMdcjWuUv*XX!qwc7zXTN=momW4Q3^ybs!SZoS73G-A(D%=cyp9T;muC#piZlZ-e}4F$Wf!K zhj!Ovk9vPP#Ql#@^Fj>92PV&~cmMD+ers{DFvscb4zWxy(2t&(#i@+d$t^CpSR4`* zR^_T9Z!YAK5*VK}*1Jm&1%X$8wapl~ob^HNxF6w}d_@2E9C=C_OcYG9_cZ9p9mDq< z76}W~y1BpSFVczc_?d^hx$0)!5Jk(~5S{3%zm-kve@=}xS+id{SW&sP@B8KQFDoq7 z0cLEp=d6a8crcSQa=mE68k<`!ccNZyF<)P0&<%P8!n-wbu}E-`9HljW^-%cbqp!@q zbzPWTllwe*z;~Q>>GLJH@1@voO2XZQqmcLd`XZU~OIU_BC_*0y0AZEvgMarH*#g?+ zUacYtv`lbl&0RHK^rvTi-b#fgGqyM$?&Y7s6h}{rV);A&8r+YiL8c>>`^{iyCuQmw zkRn=r(=r@F&(?msGUxmyGg`13^>~hw6_n&aK84rVk2j~VDFaK)Xw$EZ({pe9OeH-$ zxfzEmu!4S14NT$PKKPMYXp`18BQ1K$5d^qmH1JlJP7F+ZJ3o}}3L(*WEI=ejyvK-0j?w)fr?+CAAR4H+4?#_7 zkmIX{nW`g9NKm9=1VwEJi0Qv?73~v|0U0VXUHA-}6S5S1Bru2+;>RptUeItIhyUy? z9v${vTSqZ(QFbi%ff`pdF%J;K_mpp6xm`4|WqF>s1m;clitk=9{d`59#ao3ny)O`1 z|7?4Ys$0M`c9NN!w$@nQpJv*u=E zB<`C=g+QnxS}3P{pcYQlCahQa^^}(y))1e0)tkGnD0~$iXrpbomV%Ws=a}mh<3n@1 z_Kq1(eN|5G7%~;XBZZel!k>vA$T6eWr2>o&NB^-18bVQib7=|j(07jZX`z9cI7U&G zltg@AAZ!yHl4ya zwafPjbfpv%dMjKCVuUbRVc(38Z-a+23`T}BGAsi)DVUJ10D$Ld$@G0ya@Sp;v`wPK zO@15Z4Rxi10sfGtOSc|V2oMlDE&_Rl(rCrwusrz7kr<6S&5-qj<}-7skPcKn1(Gjp zY1{uI)6Y8btEPqpjwHZqh}_vF1=Lb-Z$DLuI1t{{7}d4q_nR$)01X|f7DCZr)?vq& zuyb^^!MZ}GPGQ0xwQzy_a9v^QJw5lM4|@kZ3o$EgOO@W&G_rQK*6{io@UY9Fwb|yRmw#!HgowD zQfAY%1d!|`p$E8XA3MX?^URudDWQuW_Q!pQak_S_5EeorVD<$py zTZ%LkiOQ!zM0KuH_hYXas+`||pT@|J32abS?h`~-dzwHqMG=`KvH8fS>G|xl`rNivCr+@#dKef0INr3u(MFf1^F0DE#)l$~)ee_C*h!<6LgSRUr#P52jdO(_r+I;a} zH&sHE&-b9GM-C-RMNfM6VB{qRMMIy3aX8&<3#iAk$kE`T$prOMntF8Ue@BK5%9-gk zaaW~m6HmD8D}m~30hS?u6db4i_HV0WN1AQYuF2Qa)KEa`>)Gh+`TH7ltZ)9O zpxpMZL;fL5REGrTxgJSdLFH%Y65D3-b<9vg7UsGLT@J#UBr>&3^aHL6m99yl;9p5( z%|+pC4kRg9wmhdUk%?jI5a&;Og)`M`XVu$m0tO|RK^pcq#s07{uAH(PR%U)@7Jvs? zOsqI*ZdcFAiGP*1HorCRCLg{en~zk`Y+3WrHaj)MK6Qs&Fi=_WgDLCICO#IBC=%63 zN<}bRrjmk5IIHWN4^1@nVIC?iFu+AjBBPQJJGB*?oRuP;Xs$8U-qi_DB!S2kI}X^^nBtg`zm7JzCE3yt$nT(s9g&Y;khcwAZlG?M-1$o{MgE3RjX zNit+KjaW77iT{!$^C3{X%WY63YxJ>xjdJ>7ADT)>Q$#W^05~-`jU(rnNy;&y<%stL z(3Df%?5p0tNj*V}JE%b3vHw~+pcrxE?D^1rw?zbOVpjSUs;v^7c|@-sJbMtX_E%&S z5Ggwxro0B6K2L!UR?1n<9z0^!Iw{l6YQ_k?{1;^32HqeZ(ZcdXp56a#B0kyNbS(Xz z>w#}1WOF&H)nh0?)`D z(D)>fCnGac0HFZzWuopP$L|8!D8rZL;sv(f?aP?l&jxl9!ne5mW7;Bq# z7M&Y<-4FPv4K^=Y`Evz#|GmA07W>d2#`e2Izf;tTK=e5M@LiEhs7MVD3}r60hp;pl z0zwY}CyVlBwb0=#wf?$3+3lCc#7IeG|D8HbK(sJ3S8a4MkgKt^lA=5-2&8ZX=6j2wMyM1#mc z0CLkaLd%aAc(=;^hnf=0WdE|RSNxDw36tB^-n##EF02^NptKtnYa4T5G#ap3TQ?Bt z>MKHy+v6O*$lXvyLO^_kNG48z^<>xHdF&zhv1tZ4mVM4T|MmbLxOw_qca=bfA(E|f zB-|n(TP0ch3(%&21dVYr2$5s-!V3C>qsopMHBofoP9_{7N10StQ>UK2cZ#^<}~5-DF)|F0OyW+C9cB(PEZwO7I8OOFHx)~(t=@TGo8fp z^ArrfLSs>c3lk}Zvt9azlWk8F!SDS?gAUbV&vQ zWvRFyI(8zv(8(oSm+FxXu8i5j?_I&@M4%AiDK)PsZ#?KpvT z{HALLJH`z-%9C`6uBhcPEqtJ~A>s4F^~47miS?TRs80<%gSn#o8i{5pgw29?hw`6F z6yYX}dCU;IfPm>f00lL)^&-x#H`o4Cv2=xeO3MuNt%C}{d#Oyh4l{MLM%E1rSs~@_ARvpHG~cNP6lnV4nism%kDlEaF zz|v$Z+(DBK1s{j$IxV+*d7T{g__3l5%J|k@f@X|J;oj255$nhegFof|vPcrzMN2g0 zdVxyTo-qzrmTb=4uEp*1D30o<(%X3iq?2WJ3)Qy6cnjOEtJ1lq+;BFUNcXQf>f%gMvO-Wx%SIJ z>vb8O9SDT7K_X)v<183NOpS}+`*quaZu$|z^YI-%0 zpRgZV?L!Q$yzwYZev>&K>%aZt9uH?+LAl``E+bC%ds0JN?;#rB*EDIf;KXq)m!3>W zmnZ-XfoD0-$wuPeh;YBwzI@uUT+9BwcEq(TN8g8%>>;aGE$QhGQg0rkI;n`3t&=uRcfqllV$m*TSKaBIMrxEZr535+7*wX3xXlQ%z|14JB-Huh zTzh~)ED6`)3Z1ma=coW{cp6aJaLZfobOxnQTeHEaU_;t;Z;>N0!A;)G4PVx8sX8qf zRb)$;6JdfQ4R8o)k~^cw|y7j^AnfrK@*F=0a+FsOR{g;pZOq?+NSC7GS?wbQ

+_es-2G9(_J`^}Et`pQRnr0~+X^TVn;ie`Vz?Nr2d(B3!Q+%Y zSdV6_A%~&`Ln&Al5>=seV0nPEF+MPftzq1m0qPWtQNCe*jT>9(AjA8iBGP;ZtOx1V zLDOB*h^}?^JebRXFj7SW8Y<-@ZpaVj1cWgPA%Q9a)8dlDO|wZ{g@86Ok?>Q{ctPo4 zSINL;W8>tJO(E5U(v5$n>0*X!1d|v0$K27=G>R)OwDssd)Q|Ywvkam1r!yxmI@!_0 zpw+iaKi>Ulm6&N|MY3oJWurSl-sZTQ?qx9fTj>~JA ziL_X#>^7bjcy!nqbQhWe#$pJ!b4D>D>F#BPStKO2ztQqqi|>hi9j}mzNa{R1E>>Hv zn8-q;;;~tUTwC4rO1^#v?SjHv$UXr?){dX$DB@(=^=RtbE^{K`&MCF=K&-RQ=CAg% z=#9+~Sx-7zvod*q0|1bO0>l<`J>0$!i0r%EELX5^)6pLfPvrIwZT^bfyiR}^BT~f} z1PdPiJh!9r?Et}d1F~|N`(dHKY)SIYfDW#o$Bv5Zm*L}(_$1l~3aS?TEGfUZ`X;fo zOZPzuCv!;RY-BwN_5M98H_AY0mI7tEV|1|J#dR9SY9dkQBUve^51tpbaEfz|mD1`M zD+>hiY;G>kd9+TK2(^7NyVVD^&u#~Jb3>4{mVrjwVzdvcTF@G3Y{!=Iq2%pqYu$0h zk`BJhGl~p><6ks`j;B=mh_)-!D=)@OZdrnZD2_0_S7`0ge zbJ>{$5m3_7`VxKZi@eTm&#|+k$w)i?;G=?^%Bg}wzZ_WDG!{#I`k=dqrz>p8LW3|O z6Y=tm{zmmlo^4vBqPeJ_uwF_lKr#C?XTI*hacqpU>bKW;r77zKng^YGS-yL34Hz0Z z806m7c6q=$m+@p-S5mNX^Vi^^WGO>6Nd~AEH(JyL$04+YWzOD;SDE@UzIuu=`6udf2{JeoG^?xdwA^H zKjkvpTqSY|t`y{6p}v5V!v2_BoTOwGl6s0&Xrmyo_4tz~2njud?kSbIm>bhzY;oIZ zeipSSZiEn?vi@|S-8|*}=eC__#WQObhg_2K1!<|4IEb<*Q8h!9J3U$4YhK};e~gap zqEB+-(Y?EOU4$kqo0SFDp|`pAVh=Tg-Y^m7OZ3RMh^l*X?UgCWq*VRlYZ_6Xl-dSE8?sSq27c{z*zmCU^7*W~v&$ws47eM!` z+0An}Z&>|HZBa_kS+G)mp4ohZtxihiubJn2U$+7o_gY;}YNk10tpu=^7h=ev?YO(TBuLDJ9y1(wDCX0?J=klUYw1^HC;}uEYxB4CL_z1ny>XGq6!Fq13uF>?w zWLI&5>;5xZ&u0%kcHObUIi(M>Ug}ALTrAqsFl@MN0N2}$A9Srq@rqTh^3I8mu{9Ml zx))_!^FnfbUM^=pv4{;IEw{c2ONhi-Tfl9f)m=PsR1tYo+IQSV%Y}B|+-tRG|F+2Q zK^5(fsJ73m{pW~_wcd`V)25?aMrq(D3QHsB>_XH`NxN=z*X`qT@$)Kd-?VuXhdm|= zC0=|Gc(G^1g~qlHnyl0fH@bc{z)kj&q$LxtedFvWlfK=)|J7`H{@#7~d$SPm1J)wf zfp|eLk?{**@B%*C`@+zsVM z)Sns9O-sKLmEM^hX;S5ms3kNjEkKJIW(`KPZc&}#$}-sK z*$h{$&z-fG(A>olSD%=K)Bg>WrfhhUk{ZlHbepa2Q?TETpbaICHEs7wLTGf!sV&0~ zvS9cm^bMNKNeVE8M;w_%$g`kSfpR7rsHsDE;nk~GcV?9ycwU~2oAz1%QVRC0>{TKl zW$`dM2Jm07-|KfqmO!E=Lk8A?4#b}{AVQPr89i>1cPg~-3NRg-w+bJ9M1WUhXyZFo zUBn5pMs#Je3ak{p{R|* z7}O*sFP3#`E!X5>zSX|%C3blZ9-u|P@hZi9V-kD=9{o&$Gp9Qp0(ROY(R}fdA7Lu) z0_5Xtt88a*-|}JOq)ZcYklcwm6T>LJ5IR`uCMd~YKi9dlgIsj@{nkxxc172s?%{U@ z=|N_Q$BOu{H;e2`L-=RONH=T0_P{Fza^;cA zWC^q}DP&4qksq5>(4BO^Cg^x*M%a6g6NZF6BG=c^F2^RpT!H`7QkbT+_j`xdO}?9& zMWlzgioVa)VkrOO(;)jZRZD|zo8G$Rw?jf^arOc`Rnft&YYglFR8G4pI)-XXVV~ib zpKX@&dCxRsF~YK;g*3UEf6qPDtxlfGjn=CgHO#Ah1DxNdl3Nn>{*CvcNsFE?y?a6o zadOLPkI=Cs*rHC^?(Q=VF{!_jR7!6mY$WBm0>DrJyWm{@oq1J zDYP>!c&z$Qh~{Xa7f>xTllX6Feb(0)uUWP5Rt3D4Q9QukER=g69PX5k`L7Il>pwfJ z@*Z4AWpL}E+Oh-8p9&3>{VNK7zod^nun}MoXdY#zu^Fj)y2|E=BTS^}$9jEcWtxSn zUQ%@OvxG}eS=&5My56k9kd@AjvT7Wvb@PMZ`+|PQQj_S}yO>JK5Hrja{E87FfdOPV zTsom5jiZ9yt+jVrQa-v8$D+vJS?T-m))QU8brQ^ZyLM&y0i#%Gl0yq2FWR*px%r8u zN4EW;i}nRf*!q(p1UDJcm?VeK0i|eMuILigQ^l|Y=FLjo!2^ zm(7s-Tmukc=@&kZUZL>7@Ax*wC}ola@FX_ZsT9?^?5U>{HF@Ao7P&jU-Hrjj{nPN% zJSEZpD9?!7mhLbSsQShnV!#YfJL1_O+NXrS=-%&fE*-RT%y4hNs>BCZ=G12`ARSfv zq}}Hmueaav+Dii3xO`ByJg#Nl!y}n6e(Oxu*F-NdbRUzvaSkjwiwXvyQbuDae;+!^ zeNX?sTyp2_!Ip>ZiCNmsKYv~)C@ZDbb*fn644BAQwv}xGz+T3-@HM=y%ngoX_rYJW z>$49j#rT$t2F>Q_F3&n$kq~%8D7CG;`ZEA=ZN^FgV!{MWHkhM7^D*53T*(@HeG=kA z3pm4c&(1x;`*o`&@8-#O#@R?jjV$8)ZE!>gZ#V~}v20o#uY>Pz33v7kdUw13IHqT@ z*^X%;g*^vBD{5Iy;WSUObpU__{?JOX$9oQ*x@qZZr-4VJ>l~1gh~XoZSMzlh=so(% zoA2L*CDY>6wdtm;yDb+wLqxagR@-0w`iCG*Td?3A?(DOum}3-X6hogcg()*+6F%+; zE#C>K6+I0T&n=jpv_-}9skl_7r4sAZBbADbXhllY(GlLAMls-WMH^PLUO0;)B%!pD zvLFz+4<8UYhGZ)ul_xo5wf=J#kok|Qw`3`%Q~UgAvfW3~RV>(iFX)sJvc5x4a9dk*UESUFcv)Q!TK$s(J;-$RLN{ZE3jWzBIOAJGokE}hXbzlY%EOxn4C zg57U{m%oN>Tt+*Zx9{|U2QF85J(Oo#YaR`arnf`y!E!b@Wh(ATyIrYR@C4h}55GAS zEJft1nZpdEKcS0VO=|t=jMVe<)f)(Xcf(^^CP66VMC2vPdiFw}+3m4c1>)diR{>Fo z_UZt4P%&a9@8_U%V{8FVSo}J?Tyh8jbSjZMIu9ox)~B);#Y4_h`(FOOyV^54#+y(X z%*cBI&p0y%s!zPysT*Sl82sX<31qHOym#`aM)@*+ac&_B^cSjy z*yEpTk%-PZdFUkkczzO|M=lS37+#m@nyva|;P?Ue2MP@w zHPMtDz<64L1;SVX#@Z^lx#5C8PyNy!;3g|CTXWk+5pKNeiKn*PUkJ&Xy%KgDDtQ1w z28^9>*tqG%K6%8mtIwZV1gb2?3wN&~gcMWd@>|@~?iseF%VW>Sca5mcSw;h)fBpR)W4O!Mu{-{z~u~v&7A_3K6rU%vo~nEGkp1 z@@iJ&?<_@QPJ8oQnP;nR<{Y(l&gkx(l1ArxQO(YuFYRmo3z+neboOtwi0By^nG?Oe zs_?%6G6v20@KU2e8e}H0AM`(c0Y88m7t6NVnHrp8&TC+Padi3!M$q0Qu7JB10}gNod^hD(j)GRcW@W(SJRXKP zPJc+TM=`Jf;n93EO2K02k4PB+L+~RZ%m6ZtO8C)7H*3Wt9nZT}oNNh>9Il-Gn7Q=O zycAV$zDQMl;4A9j$?bfuoiU|+-r%49UgeB2=o0}O#SFMvP*&uSr|9Ym{@z zs8$9ipJ}CAot~*i5JTig4^N$oGqM58Fx9pm0s6*OU~on2`6=iQ;<0YTj>Q;BOcN;- zbwJ7MBah&~zJtS#hOVFqv6Kp)UHj*@FW=Ik>ik-w)}+t z@{a)t5CMj?xRW42Ck8?k;!`Mu0fQI^BuZ4FVxo$F88vR?*wN!hkRe5mBw5nr43sk} zGGeKRk)8{BV9I2qBIOK|IX6;JqNV@A5_*k11iGRs6s8V&T9}9uWdQ>=Y=&i^+9gJb z5*IEUz^K#fSFmBf+ECIDfrVT+oD>bUff|=+uuME~vEV6#3Kgne&APR#SiphBsxaap z4i*3`PH<=e3kefJ$G8a4&_ja&F2@Ay#j2HSa`55B zgI7Ve-;zPOJlweQg2)jXj@lJ5P^6tB8b^ri_7DKeqaC>VOC-YTIO84`0?6VHSi+Dd zfoZ}BgNZPZNWhj$^a719?*{)I??VtrN~t0hSb9k&ty0uOrJFvSfhR4_qNfTcZU94{ z$5;?zfOJQcEtq95T!!J*4zhR8v)TRaRSd^;KA7m33BH zYqj-OTyxcRS6+Md^;ckn6?Rx+i#7IGWRq2PS!SDc_E~77m3CTctF`u8Y_rvNTW-7c z_FHhn6?a^6%Qg30bkqM;cU^Ydb@yF($`_V{CvLl${tl1n!EWRz1@d1aPccKKzP zW0rYlnrpWCW}I`@d1sz`_W5U^gBE&dqKh{AXrz-?dTFMccKT_kqn3JVs;jp8YOJ%? zdTXw`_WEnE!xnpNvdcF6Y_!u>du_JccKdC(dvCt`_WN(Z0~dU7 z!V5S2aKsZ=d~wDbcl>e4BbR(~$}6}0a?CT=d~?n__xy9vLl=E?(n~k}bktK1d-wf!;DZ-_c;bsU{&?h*SAKcsn|JeDcdT|9te*SATu>+iy4^06Ub#g#rKo literal 0 HcmV?d00001 diff --git a/examples/saml/redirect-basic/src/main/webapp/images/picketlink-banner-1180px.png b/examples/saml/redirect-basic/src/main/webapp/images/picketlink-banner-1180px.png new file mode 100644 index 0000000000000000000000000000000000000000..2509ff4480f0069e12f288cb4f26afe0a17d5213 GIT binary patch literal 104130 zcmb4qWmFx_w(Z`yyX(dwxNTtL?hrIca1ZVTcS3@@y99T44esvl65PqlckVg&-5+n< zF<$@ZuIgTMu2t66t5$XRM=5Aoo;@f#J^x+^T_m+! z)a=b&+>M;f0HUV$#%3T{TO$iIRWl>gua3iJ0ssJXm6f`di(*XD>@5=gHZLA(f4y^1fY^+ZI zlKH26|3N7#{_hA|+y9n!c2PC^zsCPR`JL6jI+(GlnmOCMI+^@!MRThEq3VBE^pD`b z%K%X{a~HqK`MdZ4HXQT}VZm7S4|guRKYt(l#Rtb`z?tE-hM1Pm7C5#`_$ z&mylv-7nS1UkPzqM5R>HP50Ew${gA|QStnB{D|I^fex&Ibb!pzCa&CFEF$=(+9uUdy#{Xg_e@o-A9 zb8&I-ad5DKdD+={C8T(zz;7}=Z&&^& z`QKycZ|1*8p_$#^MsxZ*#twfyUjTq{C9)Et>K-d=9fvtEMrC!aAUb7dV4VtbiS4i!#_4 zOs!ihua;<@SXz))%%k4%aMH2gJ$) zahCZPvY+p`tgZ&)ckPeDQ$DntEa=Cb-RGN0ztsKwH~xG}Q!YWP^20Y6K4AK8ux7n2 z-Z|RiRbDx+XXbeE`;+icF|D*xyZ;H|r^A3(gCvV@o;j+YCQC$1^vmtBp0jzvOon#| zOP%ejXav?!b9j?29kiAFJ+VNY6>hB>mq9zkJ?oRelxJZK6q}vVb;IM!Ew|FsKCNTAGj2Xo>}#S1A2Ns z5SvBkX8o1riiON(_zaTKU{{Aj*$%$EBJj#APb1n4o>(QX;1?Sk!f^Jz{v1Yrn4347 zss@W+vQelH-2LV$Dw*gO5g}w>zuR=x(_L>kn{H{XigYiN9F3Cw9@CmsGxCtr z(T3~`KNm^LE7&?QIDFAgPj~wFm?|Y2dP_EQ8z0_I!?&7;XV-tLO{Eh3kICI8+_e%c0 z^)U6)xt}><=D=CVZ?S5H?Cy65N8On4Wt$9gC90#{G3PT;?|99!BJ|dH0W5od89U^7 z-Qjn673cE0TE5!BzkS^5-5B&S=ate`QBJ zw3wa@Z+x?l>hMyZ-z=nc-cS{~(XS}epC-bw_sm5`lz{@gy=SCf)E|mE5iv!=PlP$l za|o?r8UsS`d(Su1 z>LB-3EYqd33xW&xTC}P`jdqgZM*+IQ5PyUHQ!s9!RF03BRij0B*KWsJ+Az$P1iex( z@kF(-IiV;8`z1|^9Oun^kp|}@QbV-v649WL^Nm5wN41Bxhv!)5u(Zk5uDiP(>{}ht z^VC{&$`nDEWp70@c%aW<*d&=v)Fy8O=k~O7-NYV?j#uq?{XDeMS@x>yfUM?&LPWW4 zkY$fx)R|r#9!P-*>Ih@LeO3+1Cix@4+y+3c(+Fq-`SSG*UHE`p@e`zDqhBu|FQB|ma>CS}iaW*#R z$|Y1g7On*dt&P6b9)%MV1YS$MD%PqBHn!zbn=*@8`sPA&h^!WPp8&-yaH#u`@PT){&QLu zo~-B3DQg~826a^reCsdV;C714LDWE;p;>F2md<2OY@S<@Z76!XZevt2p2<&)fEJ;w zuGU@tOp4aGlcuQ!S1-%2W+gEFKe7u)lRdkV4Zq&$JUrCh(2a1bz4~74sQC(&`iu7o ze@HX7imx}2u0{iR))b*YVjL#5Lt+Qhx=H0eP@bhHK9F&qHcNSaFn{3CcjJc}Zw$12 zt@mljf_(B-`myVgy<`lQsHlMmG=F(yD}mH$)o?f^Xh?SCUz?evvKD zRLA?4-S?UA?*PmZeAA0@{AvuLOtd-JP!>-!3hB9hh0{_l%UZjV{P~Dr3=#bmJ!7{b zqL)`#QHHiu{au`nU5E1y2IGv2Jq%ZU5<}GM+O1(pgS+DF`|+|{sE*mxqAGmdm)83W ztzB$5wDdl|If(r`G&j3v-GbJD5r=T^NnW}cX9kTEgWfb(}(7|XL?HHt7yBnM@= zK}LdXL{?G&0V^=vEix#(6GN$`Q`e>v^Vx(C!I@$VI%2YC^y`ekQy7)?^D9f7u-Wyi)Te=d_|C|Dm^o2J8xcH!t!LXtye-cg~F zG~@MT9cc&VW!Z4ecM-a4Xi;Q8N2BWw{hcSPTeUtTsT-CJ6WSnGB5>Ckbzx94*$RPi2V z75~Y3n)T5&$R0uc&MZ{~gjd49>iJ5A|P$m&IGgHJQ{r8V3& zWM4!ptz@dN8qaX7YNr zywrUb5_WusvRzt37IeGlEQR@Vz~XH?MTG=#Fe~}$yEPqz22nO*Nt>pA!*$~#LzwgO zeR6<~i-@+#t;uyoeWC!L70rl{K!P1lHrRFe-CPj?SVObE)VnfI0$GK+pVH=r?@;4; zrsNO1=>2P>9y@+t@plO30#PBfxF4ce-$Ht#H@j{sFGxO1D|g=RZ|EGk_=Rd(HNSRv z&5JY6UsAc4UuX@(Wf%yEGITm&O9o^*Lu2pGi-53?k)RTBLdp1xz|%(FCX|z%Ul6lM z%4sY`s?lFYFZVkK!x%L1#Uh21jdS+TxQs0&J<*r*IL}$CR{%7zAUO+bg_w9Dozow& z#(HwK00}qQcp%p@ozK<$;er<`Wuq=BeqB2J7kUhA%-2XBc7`?D^EEtEf=vGkEzI&Q zJXE_g!Z2U2v&CYqnw42R=PsicS)2Scd{L4ZWCk5PRs|83ts|tmsg06vSzA(TXzamO zA=e~^SD2#I0q9Lr)X3D8bOO=$jYqh>)tgxTek(`ro0n|KD8i}kP{yTdPnmt+dq2RZ zxRltP60Bkgo;%!U5L|WMZ^=@*Ba#cKs1!#a)4LT+PfiVZ8)P$nPgP{=kuK5^`BpYOcXyDbo zKVgIe3IjfvOq}VHpk%}5&%H^tTi2re#K7p{U3*p=rQ!3#jZ7jr4WV*KqSwVcroR+z zag#7P%t_!ZW!uA8+fK2{6`PZ2aeGq!MaM*KjpC4w6DQ(_Mqg?khmwV>_9Lhk>wKLe zM43N~aX)4M9V5Iya}BW>)get}DdABb$aBtF04i{twl`wZ}7Gzb!kgxpO#JHpIBB_3cypEA7SDr{s<0 zoMe&uOmDEt9Z~Y~4y{957;MWY{Mgk0nd0%%*vX>tsDOmJE1?#vEsE zt|~K4aH;zJtZSfSspYCQl;Tc~4FE6b_VTRHu%Cp=f84)}$0Y1@&CqJMSRre$m+0N@ zvS<8sxhHXG_S7B-Y^Kbb9A}-Hog^)?uG*m5W98imF1h~N=qC43^fnI2%#>;Azj|DA zs!ObbpRs(x3kJ3j>^==7k4!GNU9B6VA|%C5Bv|*LgSVPWI2e3a8!wbR_l~4jM&Rc_ zWP}*eDBqHKvntOXjhS)wJEO_J`fIkG=4X^;;u3x6>59F6*v|c~y`)_jk57i`hHyS= zjio|qi>#ERUNT;@a=DBQu#^OXQFt+61DQ&eXi{N}(^06H-?p16z-0Rh_mC!T^U~Gk z4THdfjC~a@UvL6vFF3r6gC|4bQAZe?)WLZMbP#5O|&ON4e>k>$r~SBenqXF6(ij#}!S;AZoO!wJ#h`bYOuP}*>= z7MT?%3Ae6I|JmMYHw1C*2aFlVW-o9p&yIO##OAWT(mpOCbK!I=#ceL13qFqBVMV8M zL6;3cwN7~2T|3073$K#+_8k<@2ofkr~Fjw)I7+#QVh%-BP} z+g`VPWZlm{)e;o>eHq$lftJ3SB7&S!yyu-0;pANh51lj57{oJ{^YfLnp~{0*@bhf! zL^@ELvgkt{2{w2O$BPRcScF3e0Y?BZw}SK@SKz*804PO{Um|?Fxf%43hrMM)^QJsB zC@Bg#IhiZt#STnBqzTC-5y%Gxm3h-noP==)+%XpIt>Hun3e}5Ca#w^#HfT&AdIK_z zBE3L^Y4a>Oj2I_1-x8FD{O>#k`A9XusW!2;yFvgppO|`gnZiD3ADJp8IE`?^V>}%Z z5&rIsDH(Zc(X^{^D~Kw`mL;jV3?A?6zZA9X!d6F zL-zEg@A2joan)Dy^VMrl9Zraz{$u94#g6e3wM+Krm8wD>!atQ**fv&kX`6&r^lL}~zTdD?V2 zqz&qK5Ref{jOfRaROkmAUd6_0%sy>!uo|lEz7n&uH0<}@)iB`a6|MC+<@^ImuxJG# zBIemK6k^|~Sv>m#wvc}5c0s+1!F^N<6K4s-z=zXGta5D1mF)yE<5;*sc8c13%Tbja zQ}th_cIr8^R)LZTYc-QPT45QOR7Z%W5!2|VJMX6Mjm9;paC9Z*shFt^IObeBYj*B`(Kd5eenRZ}hptZ@WT!yOG6Ygx7 z#irXmwS`C`p6AO4oXUVS-~xyeE>P)sG$>9?lh|OfVpgk^)l)DqxUvUMk68_j4@PSJQY{0U z9~;Z!$J*U4{)?PG)qfx#0EJwXZTd1SJ^i|?YwzQ?#W}o#4VLAb6&SP&19dg_^t6WU zLzR4ucCZNRneqU2PfFooLaQX*J}q}CN5*YcpQ_VI&ai`0uzria zjD#bj&+aGEs64N}_}G|cG*)h|Hr={^MD6MX(}o;d5>oDQlmTfLtA2LoZ7KaBWacKpdL!jwtUGFfIT;SjZ&X#K;&L|*32QZ$|G z+9MDcm2P-nb>g@;R&3R`XKlGS#_vKFo8Ma{au3BOWO#;Vo3SDtHkpyrsNOUigYLQC zo~g4^3MraRLWrloL5)flF*vzFHmsh4W}3L#nr2P9snufL_r^2p7S!DOV0E8*&<*1J z(H?Eq#yPYVFf0pIGk)jznZ^WxoI++mhFXCB!T@iJs2s~dAuEw?G?xO9mVl73pY$?GtY{3!=*Bbg77ou^ z5>-zw$goR%uiZ(oI$dNjXAbH%+B8BWTJ|a)nrm@VC8oD5BZqQvaxMeLvn7EEGeo@( z4w{gwl%f!1z=Ii75>%=A`(I{jy0Kqv+k1;9Rk8cjlwGi3@QACea!k!*X3hxZV6Kl2 zSLzUNZ68W<(4YdagCZU*ezkPs7e(*|tTwBB0wW|~VjAgP7sD{-dzW^okDgxPkHj9+ ziA$nE;uws~4`K{QSZ*@4Jbc#id(I-c&Vsq5VW~csqxN83}!7tAq_U1+iYh2)0$NSkw)G~ z{Zvxtt1T47S#j1^?dv4`{hm#qL*c^k z>0@4=Ng${j!fql6ev?L^Pn5vq+P{~D#s`c3Shr`}GB?TK7!|v>O>k*JdoixO_1=H| z45tz*bY`HS$tcq{1ZQDeM|hy@<$SkyW}?v-owZ>w{>~`U)sb%Rts(F2{Oe-#eSG}x za$|;3jg%;pChd}aJWIgS|Dtu9dAQ<_J^E|%46tBLf}O_520*D4jHw`>JjwIViqG`+ zT@QC*{futTZhr`?+u?*{tM83_Yro!__`>xsTPmo&39Qc3`#bk(=i)zkF9ow)2$piL zR5?}edR#b`B3*k|YY#Wbw1zdBS&;k0>$MS4KhqfM4y2 z3WEQ>8sn?aehZ>cIiC0yQ|mO_-zVsu<@mVEe>0?-pRw#>M+a~no2OY}l2lk+3^^4r zn)0H^Ew}J7d?1p4LOw`HuQ2A~btLa7nlF`!@jidz%?QZNGb$84`hbb`G`06?i4AST z<0OLZ(5q0QA&rcn5!a3Z$z$*FKOdKaoW%j@_d1BcARKN*SJ*8vf@nUtX|-;CdJV?C z00c0HQj$>2Qo5FlD?pSRbmk-Q`4v5$#Sq$1<_KG~bI~J;gmvXaZMB{Qr2-)l(=cQu z7fw_K=s!g-46l}?))S|#g;avOA2#(1IzWPCr)8+bCi5K0C=96wEgMFAE1{IqmW>*V zL1tnB;Dz%8@a-hVB~{kILTm8wn2x zGP>yO&kag>k}D9vMk)}8g9?QzrI%JP37V7=BmI_A;Op#yB68hb#QZZ7U~D=dxV7bk zHpnq0b-$0Goh;n*Om({qZCgj)R#<0}-AH*fL}7vWdpLo5)f*GGw2XFi(GszSxpLmb zU%d~bf64VraO{wOSwyLp`%pf$=o@?)oPr|WX42au_I;S4nQ`qqcEw^ zi^olFh>&6KQ&Y*=D`O2MGzjLsmiPnOy|QHqE*kQ@+JMB{y<||ObYFyNbUs^&6>r@* zZ_ea_p_v-o5)`~dVEGcdg|HjQztkw^)|apCcf^M`J%*m{MAgG`L%xc4?&G)NMK>D{ z=JSk}x|VOQYQ*xS-4_vdm6tUZm-+nm9zT-he3n19d_q@|&<2;1!;=Y0G;P#Zu@iJw zWQW@*aNtb8&-u7I?tdX;Kti~7^nOG z(q?vUJ)+bRoVG5#x8#Z2r(6RxnAl|mZ$+hATi(y`L3}Ts%-cQ9dOA1^r({5~Wx;=5 z8kt25=`xiZ>eV1@9}cwVs`Ne!%{Bm$xwsogJx_2-fVB8<8o7-YtfSA8 ztcVOq!*&rnrhGq^%4qrCfqlv&)keg0=MdG@^3ak=TX=ie69)ji+EMgFlS(VhQt4sX zH8!GdvYMM?B05_gvWjZj&`I2gVgkc>T#X28@sv$9bf_~i_h}KXSXiv8j+~oqEfO;O z*5FxbXlC-rSzG}7)cDss-e{D(ETWP0X}HdOHz^Nq|nyvuAaADHg8- z?43+P$x3ywG9MGZd&E1WU&2-aB{tPUd-dGax1N2`j5n%Tc8|&oO_LNpPaREryHh`V zQpMi`gwL*`ELMv~{-Nw}W{Cn`9b`;s6MWm+cp?rR}K}dF#spsKy_TLuADVTrP#B?gr{Y3~s@i%&7BbLaSG#5BOEz zv=$g#yNet4gop;_k@=&d2eoF}2(N*hs_$ zxk1_02x9)-@0d3PN!QF{4Iot;Om*5FRrr3dY&*==9DM_?R~n8`zx^Hqlin~A`DR$m zUR>F85pUDFk4k-yJ|1Iq)8eYHf=sE>YS3<2)OI@PKZG*3v=9wd?wonPylVB=`|k0< zt3L~`vGP2>Xi64Nt^cG|bn(~*hXAiiN70Ss5O{>bOsLRWrcXbo1bJGs@mnrUnzi=v0>9{e4`r93>}yRsXs&ZsKAqW|-@neu(pg{*Ac#xFEdO1LaLT~Ns%c{6%2HBFAQN6tx)l7-Q*v$6MPb!q zMlI1AS3%s@@BU%IDTLVg*G+`59vSI3djrQA*-d3$-ccw`X3f$<FS1Z_W~xWUcW$C%V#e@pBh^_IZwo2npiv znu!swq_9r&6s*s}_81ZI)!P{|e`+RChT{5lZff)l9IlY1zai1T(L}OfHEkjB0*z#g z@hjAV$L!|T$Xh~p5WYwL6u_#%`Pl${{Z;QCDOYh`_vWnIS$A`~j{Tl&M1hs~(~o(0 zQ6Rd^-nnku-(@pq8jbNtq%|%k1#o(#uyKyCe zt-N?P3Le43vp+&mr~)NE?Q-yzYReJewZQV#v8Colci|lE?pfa!Zi`!YLyX_z;)|`P zs~(SmPgC1EKya!_b(A$<2&1#N6^Q*_fzi8W#j9BxR#Am% z^(#sm$)>3F;^*0CJ43UL1VP(-Zqo-0a@ktT_xYDSC;*d||9(5uA3aQ+M8+Lyfv&jS zPvch^!tdN|`pUah*cUpDm2KQ8<=S{V7AGf!rL%c| z@7^Z%btx7fpiQSuBd)aVORcciCDIPkTDq8)dNH5M-_%sQWL$hb*_;Vq4hu=bUH!RS zm7J4TQ!|{XOKhPGr!6Wfo-d$}OPqOvGXX#BPWbMj?hUVi z%U0Iov1J*gsbtK|pAj$Hu5^Qxk5_yoh)D_&-i}?))5R~>A1nV^=b@N*-EI&GA zqrLn0c3Ih&2_?@nT-TPRNd%@wwb)OIu}M3$+co)=QiS?i!^W#T)FBGGa69zM4s^F0 zooM-VvqQLF@d$)_vdAlNM6N_(KGp7w%jktx+S;&&2(^#rg2n+?Tub^Ir0QQ^FjA=b z;2eK#-UAqIQ-k)zd>rQ^8abJXi=t^M;cQV0)y4?%p=?1VL8iHTsMJ1gd<%D5jycZM zyOH*i_|(~fy|QgA*yt9&2Wr85@9iLCqPP z5zTO!J5rDlZOV0@QH6XqG+WN~j0?K0HLarx3M41KT2+!YcqNV;Cpu%ZS6;+C50h?$ zKxud>?0t1FnQkePh)Ac~wYA`D)D*6Z^=ExcQs4N(r~p_l%6-Ma;N3wX!RariwmXBv zNge7z{)P)kdt=*>az+9jhn5cTM>$rk-f_0Nu%KbmLArT&a|h<+{LpMFR5tja1H>tT z?DLvj?iH5xnO~}}@X?dYw|E%Kw@dY>{vpGhEz8j~7Bb{(Nn$kxeBWQ-4l$j^YU84! z9w*}K!V)eF(Ce4P^ZRzcPT4iUMyjF;YGR`b!ofmIhZP^4^ZdDCyNbw7JlPyLXvkw9 zdJ5sJ!g#x!hlS#AL?Pf%>1Qc{P7IFY_jzv*W7FK|n?DhnU?o!7CiJ z_Z$7eWz=0$$*D2!QTzq{iFrmNk1IWiBVigQM>tI?HOo6=cb8Z8JIzYRF=VCb25qIr z(ZapsvUr`-J}-6n)XK>_Ln@4R)R~+(t0=rCvfllM_;@u%)7CEkE48>|TkTV3EQUed>qWxML5AqSp{q_a;8#LQiGK zk~#vDzuPu`;qw{FS^}2HP_U4URs$HPBIH~QT_X`sCaI=}kyPjDaYY3|#_*A6ns*aM@IURvjHG>N**Hm7?%jQ(6tEMyEfY zY#tkl@U<*f2xvJ8{iPVTf^uzlAS{3pj36r7rKYm%_48sNVcGlCrQ^~@ep`o@6{&z@ zmzp5KwiGco$IirSdC97IgP@J)%=-QH_j1ts;mh~{ay5}?4ZQV7!Y!1aUz%{L02R02 z&GrKsaf026Fd8xugWHB(JWW@hFjK)r3{xp@Zi>LFHO(lZF=CC zSQSyHM3tRfaa%^b^-uvMsm{)$Z){lcY^kM+YriYx!r(0>b>q4A%VWqdbI3d1q;y!( zk&pYEG!d~**BVK?r$1NMP{AD>TTdtjmFGXp^&R*> z$`zHrG-2njj&?S=V#l-$;9GgVo?x^lYt?4C%RG*&{>aqe2(!8B2oKj}v>jSf&h06UZ20Fc`=;!TNGzL1a73H!Ej5;^tPyhS`P6Q1!gRU7T?PFYEFh_2S{{xOw@4gK2Xd6&mdH_iDTbT5a+}t2t0BdzBdPU?cye zd<%4=1SbUD#4Ef`sY^U3+ECMUDDlI?Q|=zZTa2Y<0TlSY>hfl<^pcnB5Wn15pnVf8 z7nEOr0rV<4wzkj(!s%8?ra-gkTTR^0Mcv;I}0G^JuUrfZ+XV6d!EYj@o_l*0Xc$J@{CD7Xa z2}M6(^jki_-vxG7%-0ezjigw(es}o^1aCQ^{`_t=R4Y&&y%0Ah@|7$US8nPi3H9e` z385;h;E~RrTWJn9&K8}JN}xVzq)~k;h~!Xxi-3pP$S6aNKF^oA>_@1f;xnu5Wjq$( zc1xWxXHD71M}$=MCE{jEs5&xGg|$(+(6{vSQ?}PHr_Us zIH}zTaOUtq=|r6-`6pMUh26YB9E$IH@X{|$ot=F5qtZg+_U#9&V%28$%70F)gK6fE=&q(0$vHgzM4T!|YY$Clsma-` z@RH_)%I|$Da0kpuk%%dVlD*l$r_e6f`t$qV0Hl~4K1>1@d zG6OPHVLv8|Xy)!N_qEr$daH9($|oDHaja_jd|nKgTs)-6uOt=O&$B z`QoP|v}6MYW2_zYrhfF*g~t-@m%-3RGos7oMspbzlY<_2MNQLczk~~k-9P3zO6NgW zL&KHr{)pp%rAG63ZM^$5{q!{ZcRLCJsn8p&PP>3^U?Rsd+;T(!_tc2gITdNK71_qw z%netQM>EVVi=NQ3p0xb9yO?@>rUCD?-laH~pqtOvv)&zs*5<#?T2gjS&Ba%|{Vv$Y zPyYUW>waO7{Pk1vla&xF9nRK(Ea4ki&+({-fd}Djw2uXZKMXC*QX){pAnvgSL#cLW zp5zi`VFEJ!z2<+NDkhsC>50Dl%FQ4K<@;A#u5gn1!60~`^fFaIoo5l$QNT0s2 zVpJ;11!R9~K-D}6(%Y=j`qs(=2pd~EVJYHZoT`TA9SR-7GzLq>?M6;;CFhD9W%t3- z*<0xt&mBA#Oe1?SHVd7NwP?G``GyVhuYhOi$ zQ-6N_4uOv1EJ1Uq^6w@VjXh`nAJo zVIR{bwRulVShEZdX9c%BJdDvEkI1T=>X zO%rjz*={R$42HM)U}WMnl^+i(bH}Tdv04eS`3ylQw}B{wrWff^u$WaE$oJZef!{pH zt5MWS&?FGa#?$s4PHWv3zQDsrxEqJ9!_5BlKHG4hQjAbaRun-a?b?JM4@~_9B&-I$ zPqUV)yv@-|!Y7v}zL#s;oAAj{x1B%{xKEl^$1PCVfU>T`Pe63dT}d5w_lvim!)k%8 z4wBH9V`Mlg6&$E&lO;tTX)$rIo-zGHMUHm=t|=P0y_wZmOeomCSsy>@cIhXOzq<*jV0?s`S}Ii|fL0b~;&6+F+r3 zi_zh=Vb!h>c@mG*m32l?`3??k^DB6?w|i`KF4d(CoJ9(LV>`{JZA zuHi$uYtIHTAyF}RJ}1|j_U!s6b4%Z2iHDSzqZ%qd1v*v%@!kCR`ep%xq-Qi&DY@z@ zOMq&EW;BZ8lnf$N)GS8mXp0IUpe{KpuceUA%G*QtVd*%h$2`gkV@ZOLShsFKXvv7c zk6Kxns)I45NCguX>cDb{VBqo7lzRpI$!`%vsy5H_CyzIU$A|oJ#4{hyHfdtNOe%qZ z4(SMq>*ePy_9656G(G|%(z*GI`ZTD90)8(aeXqy~;w=E|cDq3kK=-%0ie0?>Z_j>} znXG(M_dwdA?Uwoy%TLiJG?j{lpnAVi#kn2+%HxGW6gS21k;tg1CR{{Yv0e-UpO%%d z*gPL7VasP}jCn&D&ZtdBbe7F$mutG}VdRMidiwP7IOlly7QLx9m367?&3hrg;VWY} z{NcC=2(5z$Mpf@IqjYRvv{v$nl8kz_f72kU2Z%k_Ax!p_E4%ru!VdYOcr&_>64Z@- zuGb6Df^Us@eEItw+-8jFP8%U&NMCjw`F*o_&&eP0<22X)N9Q)Xm5NGfP6os00aNU* zP6okLF@EfCL>T@Ibv@raGMMAp#3bnj>ev8|2wGxc{d4|~nG!L2eSHc|Od1L>hf)Ix zFF;#hKL3i|_Ge5@8}r$e((?@4L7E9$wB9dMH~5&{-7WH2UPdnlb{c!3L)Kdt3l{Da}tcy<2ddLlO1K)~w@M$UITB&M9v^y|txCQ*Xd z2YBUj5~7F!9wDO&VEo*4dmt!#?n?kp+snyYz4>K`jvW|?)~s~PW^4I{5Hhm zJqHH(!*A2$yorHS{JR4u_aDqUXj>>{H$i;5{nj${dY5gRWaQSkEj$TMl4Gj9uDPI} z4)f5es4{_mDo40R7yyoN_t+elPP#)5n#g5W4)j_FsX&3L07iJyxO~dssXpw@zoG2p zQnc!Glbe;yDlPG7-(Pl{4)7gsMcIW7){Vs~F(<~!ER%_>sHg@xr*7+_%A|Z#B=^1H zbXIPTua^W{(m)E47jjL=LI1I{%O$iyQQ3n{{?ikz=kqfDQKtP@D%hO3cgYfwY zS5&ej+DD;QF}U(exBY?YGG}#`WC))WHTJ<6mv?Mh!eN{sw^~8C}D6+ zJ+w4)jcQczb`I2BAmRcucgXaE5=M#(%_2iaEB?A3f|fA-Sk%onOb;(8+dbS)=S`*x zPSKq2@-V)^8}{WFiT##Ts4W>o@I1A(+-uJeUZ*=FKOpHPW1 zx#=d;E3%n;c*`V-zk8(=Av#SeZBtu?`ZHOY8_WWj{ov?M3%&%K#R5-}v4so~gHJDm zP#s8OGEO4l0tDm|i6}l#x!_}1ZGw5FGehDeDFG*LGy{LaGNJHM2!;Y4TPh+Ofz~)Z zsfOxMCZ)OJA4{1xP*juqDxXGNw`16^i=RT zoX2#l*#?2xaY&&EzsXIlK>CHw5L=*BoZ+gv6SW)|jH=YFzdD_y`*0Q_{PyO|wqY>t z@1LSZLZ899ZFfM^t_|+%U;HK=tyh#3q^g6sr3GroEiyAAslW?u8%?6YO-SuAZBsb+ zaq7_KrkCTTVg{115ZkAwegpjKRLv=>65!pJOU0J&As*Caum3QQK`k>Nt^g`tr|84T zhYiKqiYGwO7W(O;uI2TarcQc^3{5xBDm+vqyjxdCmyGf5jwFuA+8*K-t*}R=*HEy$ zILwdwL@0rL(5{u})S!p6-66Q2(!J!PWVixh2fEj0!AvALkzaF){^=v}Ad#tfMjZCq_K0IEGc`|Q#{UP)%JuSdgrjHdkG&3a!byAtXQ7QA-*OPp`L z$p0WekKvQ$4J@0~x7L;m?Rs^cc8n;ernZJ_MlYgp7g1RV%M;VtU!>zXv#?vOckU@o zf&**`x;Yk)OxYWXE?spyW6AihRUmD@ZBW+c`3aD>&=RvYM_mQ14IQlZvGkffir~v# zqdm4#4T|hr-WG|{OO__fH6GQrCEs|^N#B`0Z;zy{R-ZGu8q9rK%#o)qu1B!O^&zW* zzZGzQiE?F~yy*kty}$<2(n_S28>jWcN5EuB&UhjWCc*$%1YRytbfE_$oz8ZV^o5Ip z#QD+v&8kWlli|c4rDM$%P|y{G%jq+tR)u6sC8M``$lC7;{Y+!ss-`mt$ zyny!hsCmc2dM2TAaFMJKxUI%23jo06qE<59f#$Z;R#Ulg@-M`ioc6fRMYAw zTuH|Ea$B-QmWwMOjL*@oXwV-bF^c~IZW#+7!L{`I1<{n@N)XS%Kc@8>w>s_u0FxfW>SQjLTs#oQ0 zadoUtSV5W@SHyq}oI{x}O0DfP8;LN%TGFuH+&Nn zFHxKQ!d7F%3R!De*b?Wmc4m?cR+7@HH8TIPWj- zk}F&db%%fB0R)!z6m-6JKBU`7VH$k_neGWFO4^d=s4^lrqT#XD>8O(**{}#XdU8^8 zb>bxVM-_*CQ`os&^&LwR`!AO_-BQQml5mE2UrAPN!Cojsd|w((%Je^F;G78ay##xj zd5(`6=By{Wz3N5wbmxuzPFnvXxZZl$Cilj!OGF6&*kMrz1^CRvCvM;Tlzx;YEi?@W zLnYC)HlGWBsaN=Ezo&`~=9>bS0qKW;uIFinRz76F?+tje6QFKNW$^q^W9qACRbZ?kPz@eS7`pW_HI|3QNP>k%{CF0<)J%Krm!K##v>&vI)8v1KVCAUiw3b??+wm{Fd~z;u}omsXg* zVDJqO4~6^*?i1Ety0lEs9zIq6zIVqprSNZ&IU;kP{kmbVB??k{TZ&e#%3n;E$n z6x99Ove^V1fzotkr>kJ}0T=;5W{d?8)lNzS$!)2Sa#GpHIEcEcQeOk!Cv?ngdKBvs zvh9M&9*{GdN_GDp73>buWik;=l7r`2flfBKA=$oOOeHpz&oJV(u!8^&0h=6ugEN3} z+8K^?=yg(XmWl_$pDCqRLa5dOf?A}Q;Mq_E-g)D zfe7?9xTmvix*ID7kr}X{A0jP=K*`&2w5$(1nq@ zWSJ7yI&M@Zo9p;I5=_M}!UW*r%AC9MqHOV%Eb*;ho0+_pZrb%7bk*iJm%yLbHe!l; zgv-I1TRf&N=+1p_p+}#+kIv7ZXu#srGjAxHZZsWwA@uqhppRQkKkf(+ug~#K2VgcGfc^2~!|P~f z;x@Wv*Z0sDpZ(QJC%!`mkA0M`+Vs}4tXBIA5&)6wp!e_6-KfG z(NJfSmRHUz;Ex;tC|~d0y^Bk8C5X3uW)sa_TIzo1YSqd_uG1A->e`1Bvk%h~Fa0;V zaPdXjzTs-xw01|y{;T~e2R5?)-ieW`RHj~HN}iGIWUI=PCrv1XuSh(2ks*n&9`dx0aF-8PW*lBLdJa}7lr zL5zRJ8vv7mIS~~fWvYjod@sz|h(<6?7cmE5SZ*POW%{s=ZW12|t0ZfnuOsOL78$cp z;V|WZl$rse_9PvUsP26hT4K`RgDj_#HRqzN7!<8em`M{moyztIXRiSN?)&m{G(9;^ zx4mXpV=OtljkaU;*poe{>6U%h(d5J$8e18nvlot)MqkHqF$>Z$n^j3rYgnXUFMK_( z)3IYC2ZdL{{r6`xhVMcE zH%=!EniXWhr3{kDoG$$FO&~bd`7Kt!2)p%3&`5%{2x0gD zEsVN;1$rtC>0KISX47dE{ikAzf@Q%Uc}#%+v8W9Xu72t z;>j$jv;nT=8z;3-5hMd(sG0BB|9$l7Lm#em06#|Wx%GeTu>fOtf?R!jU^mHlHEbIK zssIZ?5aX%*h%{0;c3bWKA+?^IbAgzgE`yq|vpTGj3@Oc(pysbmC=U3^%xxeKgAlr_lM2{SN zj{fLVe?|8_^my{mhDO%7*Y3IRL3-!g-lS&M`ibjk-I{CZ?0j!toaz31a`r2FwH2H-3}gG@q)6wO5K(UtLf^S+;=-@EU7XnAG9v-=c?M+U_E8rgv6_^W2# zTb|smnY-!XBOfUnfpm&;+0{jQ=H#EyzHQ&GoK!H0#uM6N6s*6`J@Jb)SI%|N#>s0- zw&S*Sx6y;o|2w+0e1;s;uOA@Ty$>r(3$%nwG%_^WeQmaTjRG^=xOM9XNOC zrSde#M#kx?EjLxnzsrMxjYVUbvFp0mJxX2+Sj!&3R*ocWAlrlx=No-Rel#-2LMC-0 zH<7L0z9xG(wt!o|oJpLf8fv7|TL{YRvrR-f+K>bPB-lV2qFSm~DG>Ay;66#(%5SvE zKoi78JrL{j3>5IQxmYDJmOIQQ*n$g3LR&bpf}HS2-F=D*e}Ws@D$hlw?uoXr4%TWZ zP%zDjv z#q@QT)Hc+Yv~3U^@rPCNj!XT$k)clCjCQNb*3OEQJ-<-?jE;=ZzH6>3-yiO70Fzy(Z|>rmwz?JMvKn>WzRZFE@FhnER0C2SbR^(V zIS1UwqqR=AC^Lv^^IdszigZd*ckn<*k0QDUsBO{CCUB3lI-J42J>KZg5dAJ%Xr1l~8wOx-Zp z<9THYl zs_61N+LWpyE;!9835Lzp@ELQN&c~E zFqldxMlu2%=_)n71ElIszCnwfqO6EU?7>;E%_T$dfm%EYr1Z6eSuCis)H=XyXPgx2 z_MPgOVkMZ!heGw)4c=qsNSquso`k-wVH<|vDQiHGbgC9aiB9Pdb>r%jhhqV6#5iQ* z=2-@hP&KrtYQYPVGf_=3OLRl36*zyI~cJWrgEENelRfdT9#|H40 zi2+JV@EP73 zgv>2a76N7g%tq5c)bLBRNk;&Jd4bZt z9QI=St)CNc>exD#L1`^nxfp~BAWh&=%~k2+h79|(C{HF3gn^Kd7j+HW9qWM3N|4m{ zggFDcxxg`2m_>4rhY6)}#gK)CRA7N;`={;=ojh9e1NvGx>?*qmW(EyA?=q-sU0b*KG1jj}UFtLtS~8P6bx6f6@$H2o>3Ee0P8y@Gj7&LX4Vn1a6*s|su4+V37Ia10=2WSY3?b) zKjv0P6BPr{owC>*svt!>X_0m!ldr*zoLOyg=Y=7Bd#29Kz~17$!Pun!tk5?etM#LTvxk6AFR_}M=6ZkQ#e>#EDh zMWvl=vyOrKj4ji*_X$$plAS}N0x<(&S7YZbVQS1wiC4Ho!_>iY-|<%o=Mc4_+>8zK zR;FylI8L^7J9AngYj1LNZCU#JdtdxO`TRHT{TceXZ~hofj7(FjXB2a#kn~xj6apJx zDYc$C1mjZj#m&@qbxho+TiPJ|G6yBqvi3f)(}ZO=azAH_6l-T&cG`tcCr5Xa?Ys>Z zo@HHl&I>4Rt>p`hIPwkH0>wnL1^`?$I@!0O$53aScC39ZZC!T2`#GgzB~_rB?WrVsz=2WWAr1-%MAzybt(_=_v_xB8K7 zz>@|5<>UB?Q}pz+&(k$m?a@9__xEcyznhL2n$;tx6TwI=`&ph_?bnN_r^8LLV-#~A? z{-0D0a`Z57nZB(oDIU1=x4MDJ<2VNPVm-n9XK$W*gP#^D{|jsqKk)dPBtn6GA3wz4 z7C8%R?T@V>GbO-An%3)lbFja|?`eULX~_iX3{NWMdaiHu0^Kn2nzvDzAAxKOHW@!N@tRN5`_1Ds>Zc zs;QW8?f1Z5XW8pMCvLCgL>N6IBy*!kWtT;cS%F~EV6%g7{1w%W*bq9+HPp{NCWr2f z&faYh#|%3|BS8fA`f80JwCSp5#jNFQMARiy(c3{OWrCvlMgjh9-84hnHgD?wzC@?b zA2sz22#^6TOLtG6o-NCF3;n+KT069Mauc1MJr+8a#c#!TK6ALo9K7@9{fYRu_c`b1 zPQ*I+B4Bcb8evJ2$e?pVTaA-wp6J@N^}J&j z0(4?gi7Cr*)ti4hu@Jum>m|tnN}y+sb;%xZY8#1gHt88`c^+Wvj>kLqe?Q&x^dHg- zXAjb;xuf*)1HVk)b=Uvya!zcMme6@b$54m2RuTKcpDgEZyEAGU@SVH#JT0x9r^U-> zd!;pXvZoZHCtADa>Ta;Rf!2)7B*rNg$#LBTMUqID%LI;1;OJQGzdjv~0$>h(M8}cX zOT3V}2mZJZJ{0gY1}GgKADzrH0I%QrUb<@YH};wsq%u7=Ymx|B{NG{FkhnZ%-Y@{0 zQuE3#ubbLP7f_pFI4NCAeK2d)?M=EWy9jT-Z3ZzqFMXmrf7H^h^Ve%MpN+zGnd$*r>UH?=t*eWQMM)3T(hwy15PQZRD*+dz9I$c59haGtAoUu zT5toTz;~AP9e3cmRLOf+==Qzv;@R?fQNCNA@bD;2O>CgKi)Y(RLl}@SJ@!=FyhE1n z7LU=9@v@9};nIaxU|N7?hf3Dr3hmmqm9}i0Nt)rY(TV1B*c21VMja3kywpMpR}ZZI z7H1+Mh#;O!NusArM_G64O8YX&q@-X5y+Evs=BZ<3*uFk9A81b@30YDmbz`S4k{z|f z21BkU1EK`DE^#tlcgb|gCdwMo)OmA4^H63_!chveA)<_&x83Xwsq8q@bX|?D0fNMh z&uF$?l3nI56;MaP5BzPFwn(bfg_6bz#RK1XLwDoTb5yR~YCfn9DBs*BJ&zHdr}Ny{ ztQobQQ6*;Th9;~!-Nu@-z(ye12WS5tur&jXLMSLrRQg)T0&y*SKCKO_yIT7a`D6}E+6+p`eQ?@7rp1uV+KmB2 z&+FD_I5sj7miRM~ua{kFRyDK1yO{DFNJ`v!0^v+lHE04nB4 zb@1_{OsAe$Em?o^vH!MCsRelSxtAFPe5LU}?wdl(gMdXD@KOr^-h2N;^uBk$v$1)S zzOi%t8|d*Df0ve4=F6LT{KA8@Yvzrj*^{Tnsq5*p2mcM7o_k6+?qJgFJ|uv?KF4pJzKw3)`2!{Rm(teUyYX#w^xS6~ z9l+x6Ph9vCZD0F(WySvV;h&_l^Usvedf?wrIOyDJxZbqmf1vxG`6b838;rHrr$m@z zreE%}3rT=o>%TGWMkTc=D$4>^{z};WwFU{LuNz@Z8Lt#>NAZc9CdUd+LSt+Zt5lVZ zUBK{-EkZRt+p)J!hzdV*AYx6_hF0p?CHI^J-VrWQUwy|RG{h8?t0eQph!St??;rYB zfFPf_PRvcFFrVu_nhhun*X%DS+18R_UeGT9C(^PX@`EAC5>?$W%#@S?C4_!@TQTc^ zPBsBsdmNjNy`r_Q)k8)d4mEQ6UNBB+%fk4$Z1gY789po#Mp-r?5#u(qi@3y>Y;Cz- zeAaE0K?R&hd;8J0`)>Ux8gN`%ny1SvOYy|)eoz4%UaHD>_g%9$+}x)pX1Y$zMOt22 zRzo^Be~Df?e!gT5rr3Y-QJhbqDcI9~Frfc7 z0l_3>B+3yCu)~^b%#mYbm~mP!4T+>Ut3V3_IrNl)Tp}$m_JX((`AZpa7Wx;g8llL5 zCn(BID^B_7KXHXVOTgk9k_5~Md`zZCOlMU1><(w7cq6`sJ+FZ<&>Z-X1SimR&(zH* z(pWSMXu|>S4&T<@At0?7vng*g#8a7#gl*&{$}2z#4M5P!UBzifQ+l4$e&9?Om5CUV4()yYN{9lea|@^Oj~u=mXQ$1gg_hD8hBM}FcI`x$5sQOpgrsN z)3@I8qxA8If2DlqLx1(pX!p#=Xw&3Q53EpBG7^A5vg{RYS3&JO`VQ;aWJY!0E?>St z=Po`%XBQr+n0~7R1Akn-H@A3#W-lG1!>2z-VBw`dG_x5c^G`ks zP;gE6lAe5QwV(I;H|K%4gZQA2q2X~_>BbuMMUb#UpYN6(y!Goc(g`(&Eaw zlEGJe*XN)7f9OmA{t-ny;nt$;SbrC7UH4jg>D(6sppOP-?PW`ZIrTT>KI8h$@9SRE z`u+=wIpF#VyP_ykHhA%`fn&UloOi^1#Gy2>2*IxB3`0Q4qgbROQH>V6V61&S1g#K2 zs%pvtRG^@`DRVQ}Ij$Z}l~vj?--3x!Dz~Z&s;=E;)z~d&ezr1xtfX7GZtloLQERF8 z1h1sykare)=vffEN-`M&Fq?eW7`b;U_Fppl?1i2+g3+EdbVE`kIrs85D?5y^+R}m9 zw*1O@jpQ5QIj_1A8e)mc#c5fvS$}9t@7tp~T1UFAjc~jf%)u|_%mB3S`(7PL}I$#UUSP6HM!id z&jq&}8pBTc)XE8$drpO>v!NTd!Ird55VK5k9N_tr{u&%jS9`%x$%xa+tIHW#bV_QR zpLQdZKh0ck=B&TB+6hF<;DTuygjRR5W);}1OZ2hwyjraXD7Q`t!GhF0QfNc4?h!oK zv#f0a!p(hSayozO|2de2xx(!bI(U9|jWya2YO7ygnWZ;JJA+vDp zo=^&9SBM}7<0bD&yt^3tA@zZwZ&iIh&9~Iw-3XLJUML0obFhfy{bceJn*ClFq_O1r zHiHkn;QVbCAExV!vuHA_dC@vb5GAy&VNEn!Ft*pu3VjG#wcm(BZ76PXZVAWtM6IiK?s3IvkQ#d+d5@(1VPj)t7fqt~-uk1ouWA5N zGzIyU&%U1)mS=lDSSAA!^#z9r9av};$~g+QtU_P2WXHDv{$4uwC-lV0U!!9eK3D2q z6^X>l-Jg~6XSw_Pa@kF?*25YbSwrKa6Er+DQg)o|b*AhdyVCu;mEPaXT{=b&J^yR; z$w&S%y?E{cl}u=Uz$tU0_Bd7!vveZa1w2B5rJdGb4+<;wL0voHUWX|eZ@$2cXx#ZI z0TxrRCy|&N`kqD!(2=1r*W_cz`Zv%WSG}J`hbHV+ZU8*J=E1S_pR&YG7t&5t>sz*; zXxV=j-?TB`fd^LT==1)fuX|00ZhhTQ-<%!OU=_Fg3jCz3K7SPupw$5^$L5iPYI~4l zJu|hhjPF*vKSdes`HP25d3oUPOMg`Q8tfUMZd(lZJSM$rwO`h_PeCVj1^DjzPWpj2 z{V~0H|4-ANjc=%u5Te_4*CzFTdPxcQe)W9o+B@iVSN$V;>;7M)naO>=AF{G1?Rzs5 zH_%YmzI8f7-Jf9^!VsOAf2=(0%ZEQgPoMZy>9<_F^_}#_8-60O?YG_~#GZK9RXwoDbB zPdHVLa4LVfExv4-fy$Et`Xo)^Vh+U+2uM_oONzi3G%-lyTh&-iMTjWJSyiPaJwNTB z18IT=>}}F9u$?GPylSwBMnhEHb|&u2hL>ZeteY8j8`Rf{3)B8l;KA^HT=mci%*RB# zK^mJW=z$nckM?pP>g~{^j^LD!0N*{azCgjI5JNEBmrEtk=Q{JQ@J<%_2<4L{=n<;) zMI%>|1oqeyJ@%jNzT0Hxx*NjOnhi9&aK^p⩔yxuY9*0fT2;Ep4iy^oYT#hpFDY* zPM*0y-|0MoYQ)tREdhh>@duwiLI&oDzGv4a+O%P9`ESFL zN;1FVj+dXm?{PYHdbW9Q|8+adpHR>ML79$Yj7uECo#e7cuCq`@br*Vr#EMx% z0sp5d)sDJ!ahlTc;8zaPm%e;338WRzwr|@+@BaH=A8K{{EY3+qO;p84K{nD!YvvDu0&l&R*t6I`^`9&r8Qn(f{`+f0>*gQ&SW4 zo_D>Orl%)d`zo+iJk$V~9A{8kw~)xZ#Ym1Xsf}F5;Q`PtF%nqzN|b{$BFk_o+|*PF zRuqB}fytB)(0C;wpsmbVuFQtDkC-AJa=>75oycXf2D=$FfFHW|pLSpSU^o_}SnuQ( zDo3K#94{TuK$2+>(DKR!IyrX_oxS*Q!078~`xO9F831OID;eE%zT8 z99Uf^kZzQve1RzYDLR(xBm=yYABhLEPI~tIWV6pA$mZ7o;P9xrZv~)m z`IUr>?(^xfZ8SNyg|@7{i8fE)6nL{nT7;tp07RRnZ=vI}_g2kBdS$@pFCOY1KTThG z;UneeY+rXPz3KXYq8d3s0*f3sH!A@8x9tCU`pn}$*R`9^(jW~x1}_m7OhQio&GvPF zkM_=d;~-PmHEx6TPo$&?e7im?$0Rkt$r3#h^TJ0hUIP$8_Znu(maWERE7m(rv|b1> z7TsdisJo^Tu;9GG=4f9r9wefEwE9Zyo#DtWM#4{17!I^l4r{GD=BPXwz9e3GR)R`n zHTs#;_YZl50?|E&)hUN^@Wbuefw5v%a#lPk>E77&l#+f)g#*<%Hx43)LAEN-;n4M@ zzJQKb3uh_p!(s3&X$L(RLNhOi*?6ifbo=TF%WT6tPR|8+ILvG7Ak@Ku0Prp?rn~Pp z4)A!_@x6SB78e(q*A^}=HoAd>l<(FcpbfBAF0X{ZW778%Btpvd$of{6U_b312EA(GJ_Br=?|M$=RK=(7JJ+KuB z2QusCFl;d=L?-#0Tkb_M{q-mxRl~^X}#r6J|VHdDOD~O(W>M;GtkAGmGxmJLHcigt$ zJE|OMVIkEGqYwDP^gF-*r}Rs|@?Wy&^1HwPN&2&o|3|xO9mEjyWeO-!?Y&jpf@+gy zP40HGlg=3k)D`}h|Lqs(#bc+k*L3XoDf;pEf3Hd4ae5=G?2)M|u+?$x*dRi|Q}dNu z-htC?kxV`ow0;VMUFUp&!;;oW>^dt=8kW$C`&l`IY@7CQ5-$?>R!e7aEdkM#oWQ4R zS+~75TG&aQ7FXhL?oC*dnQ1!1gE-$1DQHSGEw3db`t+}p_t0KYqN=35PniyJkPT3} zhfIu4(NDhfw;DabhhF%zvNP}xe%&vmn_!u_#nJq?<+EAeK+X%$iMe~|%={N=dF7%5 z{)%P-W5d%lHd1t#z1)4h{#ot@;Pc&|izVo{*!6n~#-A(!mcSp^44vxt!>7MMFP?jl z-n{Sspl$1K32(a6kAtr6U{i(|Z5OEIe2o%{>tLmQR@<%F5n_cljyicx zt`L?Y`x(En?)W?08K*n;zP~B^r4(QaYsL_^rSf{islH^;e0l}`wVzt(r1`ndI!F(u zbHN1cfqohUEJ}pm_|Bp7{WB+DZXv%{=z*^e1ni8gQ2^k9M-Lf5rJW}mC---MU2PIy z3k67KF$U&zxfsF-y)9ELUs`Q!Jd@XY?Kc78%Kw6-USJzWN2X}|`rFH&xU5g_Lv>XQ z$nJ|Kw=1c6;)}pR$Z$Ek#`Ou7czfErX|ADVF=Q^)>(N^NZ=v&Bfjm>H)|`EP6($DYB*P-GQmN=TOq zw^IWBO~(t{oU##_jC6+M#x{}Ztt$SsN(#4?v4Cz-s?_|XdFz$lA_O#2`5G(FZD2C5 zOlZ}W>&T+*KG8jbtu$Omcm5IdVTv@ysF^4XQ8?sKQ6XWhxWC#cMEh33+`AG0Z{6gk zDht&M5--dx(6M93=<1!@2P)r9yF^#&TW~{RZcFgE&Du8g;;#32ImV~Y&c14X(5W*Q zN-*yy|K*42*Z=dMm7uAG*W_>YnI3%VX!7$K4T3t0&LCeCWPoF6DtX;NLrzDB!>}#) z2ud+Ymk`Zg^jeY4HJe&QcbcxYq-UxmkXf$-SW0(wzu8doiTR4kW7KCd8%$k-NZfY+ zZQJ`Lv*I;d8nUFerk2Ar2SB?~%*`(hJl7snEJ3BZ&~AyfMp!MVYGnt4ADL+_9#1~~ zLf>jxSLV7Z_xSl^j7Tfo)U(MGZ0{5)?z| z8U^1?#&nQ57h85>B^Lm#Nn=VY$p8k|Mr^%8{& zO7u0E4|YLr+ezCkH=+zPs$DnDm@zy3@ZB5s(+_>!zi$5G3r~NHK6LNT$l@?Rw9Nje z{WhV8D#003du^`12wtB&@t^4Uh0m4cfwI(hd}KXso_-B&oV>Qw%IcsS_;!CTEzi@r z`D1kK>@#%o!qJlDx3D-z%a@nRQr}*QuqiiN>AtqI+&r(}zqoXsK5^j3>B(b%suzpW z8@2m2JeiI{;Sf{C54Wl{wjBF zyi);yHQ;*l?jNEx-TP*Xoh1Ou@IFk^5dgPyT6{n)y#sZefK7!xlp*f%^9LwxO4>*# zGA+GwV6XePW&(8gHw@E_w++$A$XDx)zVb!DJzMnE`^$w6pnM!Zaf+UP?uADG8D^TS z)*ZULKj#*nZ~S71^KqJZqoL1@dY>hVa zU>r0l_{dO5D9bE`VL~CW&`*@zcUMd1U%&F*-e+{W&c|q30#nbdg1uK{WnayQD~@Kw zP_J!B`?a8sFT>;W_diY#KKu;*@c;NWy5p8>Ts9gJXcih9&Xm}2f>UDoq@wWvQu(HQ z!t=^A!iX`Bgi}t2EybyJQYv*}lSqi^$&N8;wJ;2+y2_xi8Sk*ykzfKoc;IRJ|EYTu zILoT)TzsvX=dQ7*s-8#2rn`Yg1iFdLU?O0iiu!zsi21)HCi;sS{Y8mJW0IFR#>9Zh zOB7LG;*bc)paL>C&wosX_nfoW+H0SCtGXNG;diO(Tlb!O?m7GH zz1FwB^?eULx<1)=O?4&Qe8VL$r=v{-pGBA<6nSsR@4>6lF7T3dt(3BJ{sRsi=$gny zXA4ot^Z>J}XRatO2=g5`IC2Gh6+8Q^xnZ&=n~+nh6*7s?jg!n1znX=r=l}%)xAdIm z$EbD>Yt?DuY*ds^MzXcuxfT?h8^}w%C@?IDB=a%Dt0lxU2wDg z=f6Dj$pi#6n+pt*_zom!(@4V26{Ok)@9B>JHcG?L)$3!Z~{MA-Wg@)=`QIcD3 znSO@NH#pi4$NTp}-{6s){-0z1Q7q$6{@rMCQU3jpZTw3(*}oqyod14cgOL35n3&dO zUU&4^8O&|jixn`ve>JMT$2^x=ja&!BNOIVjNfDZK7Do)QQ7A6MuzZkVC7JWtT(=me zH>?0q)LJ#qC@H6_pI2mT2XNa)C3QZy!li#ZCK!ON^-H))E@c^b3fZ`k{iU#P&ZBbzSXl)PLXX)Uv^czD@ z;uv|y0wG(={g&PEX+rP?rqW%Za~kp^f~cTj8#CTWs8{5(G01m4Ah#RLl}BS`*X%o$ zvVt(RAC;Wz>t8k$#XI*N0p%DxAWbvWQbKH01&8va6%5&p@`SFCcmc-iA_jt16;kz& zN}kr(Push-ROcCY?M?kf5c7)aBvu;~>~=Hz09(}2XG zOxDn6rX;PQ%n|xm79$y8@2lVZDcpYBTi~))XNlx6olT5(pvD5^lMecUGhzToL0{6R znD!xo$op-8SR9rj7QUFp8D4gC`c_|()4p5!5Am;r?R>pj=! zctJ-0{9(|59!P7wen9?KRH%oKAGcSJhRdEq~WZgK+6GFUd~ z=MDuqQ&=DlNCjFI^DjbaYJ;G+0E>W#7?8kF#Ke)?8&M(GanLmIBoAM|FObMnKt;he zLUjGd5i)WQ62MlfN6$zB6y%135P#(PA*;WHmd{p$mVbP zARwxUH2Yn4L}<~XJl_7{J+SZi1J>Es1?3F8WorGoP+C%vZy6kg-oe9BGP)D`hmLXp zFE6mK0ecex{@mx+zJ3>+?B54(IrmP`h2e#MPZn5QAU|cT#m>d?fOZ)GU;%2cv>$dG zrIZDcNoA<}(lSf_<)$_)Nq(;=%b9?j-|_y;xmc=xV?YNAL%61vNCeHXL?Rn)hfcoY zU7yPGI_}+$1(AK&zjGXVjuTwGrp#mf88)B+2N#`P0=u^5fWZGg`hX~CmlNMgN-JP& zbTIk%Gi%qw%{N^Q%m6RiPWJ7}cRE$WomyyiRU%Yyo1n zC5Hh;F(Q#zb6!IQK*mCqKc#X`LQgMc`*EQu&i>?cKWSRivKS&|ki-EZ$l|Eun4A91d@h>C`-^ZDegnaK9(#E!(*iMY#xt%DieH|h-& z7Kj9u%;H`Hu^&Pq{6oST-91PApQLJZskjnqKp}c)R4kAOqR0ZG!`%UeDRHvJL}M>z zX(nooiOC3eG7i+&k^PTYEWG*FL27+y+3*qW_7f} z?DjS#%giywibhw6C&cMo?+T5kx}SuoPL?1NaY87_5+haHO?$o2r}V{x_*@hxswe;~ z1(;&oDbWLpuD%dufovMnR?e$#+bpue9}!Bt-u_!-a&FqT&p(+Vb|X#l*7Swuz_0l! zNg<(MnDi$1$ph%bCtBw&)mC#7j#ITm93PBVhS;IOpNMUIw_Y`?7J5<3o3D}Vb5V^0_ ziT;{)U0}h45c3i}Vxp`6MXW_cKRKS!hK4ODW6Aqom<1L2`r6@nn^L!T(3#&Tl4ArJ zD5Ed#OvD2CcV74j>jWHwe;NpwV%_pwDQ?T8M2Y$Bz{y|0k>0fq_%;?LwAE2UcrMgc zPRsK!$KY7+4mi~PT9okio+jXLOf?p9*@Nbu+_?WIFtcd|oZbFbXIkcT^)&Y&cE6)q z9y^7?D!G(@@)-0y`qu%FV2H0s2WH-yBIj~%iwdL97(IqYd+d2^Z+bISSGI;Lm`SSd zaa1z!bJ2%E1QbFFK@?quJVFQn^iouUqSp5A69kXnKLY1nR0`ADOT51uAkee~n}>O= z(FYtIuCQaEzA?uhT(@=*_U;;)a4a#YiX)}0Zp6vQ*hUA?1pqg^w%JOd)YkGmrGL1K znShYfN{@l@2}ofq#$}|Vl8aL)b5S(J7mbI^eMN?NmOU;bv zWk+FS=Z~#^CI|WeLQKE--%U01U~0p;uxQ$iP*c&Sfq*JW%Eggrb`hk$2H(y7fdk)`@a|bj&Lb*`RFJx+5LKld zA?sC2ORJ8}rW3G|C$NzFy-cO=y3}x%pP&kqA^KLnstCAf3qwSHNhY~Ihc-!puR`|o)Z^#*KXg3@?7b(&_Ffasr_8)<+qdl-?`+ivW z%FbXLuMJ+JzZp%y&wl)!&V85y88uZp0NC16uVjy`#-j*+D`N>A7hOoH;~}<`zs!@P zh*1QfOJc<%-<28#@PveZfDROxHPQtIr8qZYSg%cimNZrdNl^-+XM`b8q$niGT?|Ah zg~i_|1e$A@V**5uY7*+l;Z25aFp$4KGiF3V*2|kG4%ll&aiR>shIrN~$C?acoZ=U% zwHiA0If(ROok+XHx{-)_fd&c~HSkzUEAc5owlJ%a!$;s>*=#B*z8jtVH)seWVKxsqw zXF2j9bq(!7M|K1Q&DIo*EezPVWa>q%9eD4tP4Ka+zZE5G^@&a^6I2IKVJ{6+7#ukS zdyn4_{lfsWYABQfrXxF8{tg4b#Hw?e}+ zyXX~W*;z#xWf*4P zx~E4i0BC@|>RNq%YG_3J0N`=sZ`?2yzWdL+VR+~bXctD;b(bce9ay74zHNAQGrVcl z^0cUH&UMd5d!MD_Cyf_~3IO7ytbv-jg;&4E;(`MN9~5+*pp~V9E#O3|xs>0r&kKN> z!;IvJ5px;Jedf^Ek-QcvvNqrn>oyFI!Io~Nsi}dPV;dOh^}xR?7vBaqp7Q|<0=gGs z;nZtvVdhx>>(D!R2zrMO+k39_#7nUA=u7rx!(-zxG&&B8rd|k_EqEU^)y~Un6M}RP zU^Wz)cx$0ciLMDD`ptQ6%dZ=^x-t(^w#fxwba7-Zdy$n^QFif^%~SDplr-d6Lplbp z9M81uJ}u!c3Z&?b307Bzy|zmbaAO%)C!6y6?C7kUEElFHl3LJJQYZCbdAjCL@!^@J^Khh@utR z85JbXEh<(p8OMF~>Sa0bkHP^15+9tlqE%f9OBS}nk_7;lUAz?DH8>29JoYmD_`$Wo z&oY4Flh1Clt-x|7ylmA{`_KOVq2y3ZTX1VrgVOmbe8^EWzaZB`a0R-^^+rd(YQo2i zU@R1|js_QAB{?9kK<3|cUVjIQZuyKg4AD{noXje1`?|hb9!I zg!bwNK;)77R7+Y&t9E|ng=0= zXeY%EU3dN?;v_L?Hmj|!SY$w|$$|v*EJ$RaoMRiRK4s)@Gv-yxjKQ>G*UW+CG) ztvlF?NNNQdDGQnOhD#chgJkX&Qp7{A>aKQmD9OE6V4zH#-v#MPAWgx1r9oEN6^Vdr zlp@8<2|~sZ#B*2@tElI$?#n~O=SXS-?m500{``TP;rCbnJEg5`+HF)Ep?`Pcku zt1ST7RJ#-!s^_r3hBS;Y2z~4GkkwCEWI&t0p1x@9ubc4qV`tki z(MrpK95>)+o?j1dTD5{D%=?c&o6K$Izwtyj&_}6N9ag#Sh@y%%zY$2M@dDpba7O|| zN5QZ~#3Hfd7`qFIWb@(-@;pglzY~n648R2ZL#V4-z~WP>>C1slcZJJ6bKh%sC*Yp} z{66^RzqPDCwStN{*6;L&3xFEZIdIvWcf*GLkHNRse%7)H&9=AuF__u38ZMb~jze5cD zQCqo$q!buq^EG#*s7s{uk|o(DAVGcd&M#-Eld7UeV(nqB&Zz9$(ZEA-x=_}6<*pnp zP-a^}j-3l*1fsO$1HEO$4bAzL_wZ!FYDYz=lRUs$%Tuw4YCSrqmxAdHDs^YquszQZ zMbb`oylV5VeoRb?NdiOYEbTmsA=E4t$P*MomdUZsX!6HNr?lxE{|J}~P5FKJ{+57$7+w_;vldkJKJs^$ zY2p2?>o10-i)LEQzYrVn;m2Qg0KgPJGVi};&9Z>7h6EIdv)w=-zNq+I%kmKtK%iC4 zy@$|)nkHdh5lkli#KyfZ5Xcj_X+BZ@m`kYHQ#??3^oBl)AbaSo7wUVr-zFfMJ38 zMCx+API~RA$vr0FcLu(T;bnI+(WuUiO{$cW?mEkZ8+ZT*q92L7l|IY}*Feux7(D1yXnf+RQYk~f0P^Mq zH$!V(JN*6Qe*pc%J#eIVKYZr?n{Au$HA~;e9V&qrh|F`nLkHodJ@>%i@G+>aXolL# zX)roI3^3jZ!{dW6IyMMn&V=EyKG=W!dFbld^xp#bi#OBG`oQ`>fve8_ zb9V2ijE7Y2o$FzlW*jO@QMAE8)wJrEJ1`p8pJVG%mIe z1TlZ8?T49abbhQN*G1%|F?6y{EwYx&ye^;MtoI7Z0fQ)_pXns!LD_mLi=p`(1H5yl zV#8j1gMvupt{Eu%YcYgxs9#4(2!UI=vpSdGxk4V-R{0n)*K^X8+j^a?7fBgk0Ttk0 z)4V5?D@u4S;pbYqyYfyFX4r=$I(0}vOUWrb#GoOCV`4rDrT7?8VIMOGlN7uNo|%!` zH!htL6`)xXtWkox%)mSG3HBO+(gd71I>5MPh{xS;#62^<{P$(D>pb+{8QQb>oO${`iKnpM`fgGKxLoJExL#alar&(5v zgQyGK@dRoQ$^C}1_5;$T z+*yp3=ElO80J9H738CHjh=bP1=FNbY7{9|q{Q)SUC}Q`o*WN-3{>tcdGH?u72qT4u zhR3htwRCpB%Ed!*F7>W~r=tpfaH>w&pfJ`oSX`e6_)!XtGucH<0fw_8ucN`ZUOQUg zdy!~aDKu#4nb)e)fP_7rw zI)g&fc!cTe9N5|RJ>@n_-ZzkCj+O`CdZ0AN`qj18y9 zeCY5IczxGim_IkCNw@XjeXRZ0{5Q4X9BAaZZV=U3L%C zS;5TYiqRZ2;4%k@qK{~2#tw>sRP^iA`YWKWauNJu(q}z1K_%HKg7!2tRT4ci^9%{-|XHn(Zr({hocUrFMom zbC}80#6V1#9et4+vXYW7FwM0*JV04hH|6?6D6{l{MPlQVl-PrVkEqc2sBp}y=6`8H zMjEh!!>k7PTC45Hh0{f@VM(epD+ZX3DqbQA^8Og0j2J0=zEGVvAYk@Ld>y1r#XWD~ zlDkdw|MdJ|a{sz>Utqo>mjR#ZIjZsp?xaN7*`wdaj4mJ2OT)#-r^$lTmM5jRDRGYx zgTSG9lAz7z=T>tHjmYj;%5!2F0umdz9L^=qpLDQG&Q>Z@hZTun+U=DWlP#g^;ODd~ zpb~;RNtJgj1TaCO60aQ7#0?4x&L|TGA{}vhN(VKP6iY=1$EBjaG|DxSlths&^4UI* zE6!VBfk4gG*KC`&?T5=&HK;S6WR0Vb#Brw_SL;%+c%+*Z>1&QAU!_6~>EJKsdP+f5 z2&vUMgG?5(iJ?}6K>L+5#}R6y2vZ;wJ(xDwKsJ#g2zlBs={n`M z<`5{=OkQ*=j5Y=UYLa7!(2Fln6t~NJI??;NP?CG9eR%M}XkM$PJW;SL-RjX3k=6Y9(T?B&ru&yv8P{nvbY}JY23g zbH^4-#rZc zjd7!oGYtHN<`VCIQ2)-AFGt7vpsV|}==+zz(caBDu<+oI65z14{w$bMJqH@9WIMxz$(AgkP-t0lc{7QT6hNH2sR*2Kos0_2mv? z8yGNrC_4VJe^XJWi<9$1= z*-GL79Gie>@syy~d8#oPMQu`A%P}-Ay!jgRXxXd4gc(12OD_Zfd35$K&A5ELMY~-N zp4bT8{l}oPtPa|nF6C1NX|gtyYNCl0-?Zw!oCoO)aCg%=cck)FGIz?LG$Rw-%RTen zi#`os>FcyiK=V1@e*QD?$7{Y3h!Aw9CS{QkKD(LjOxQN#)!@F%A^<+)J&>A|VV5Dvr$SO5y}K38*3*H|O|_z!1Zq_PxM ztyh`wT;za#wuO*Luvy~Z15|Evs@X(vwQ1)KY@1*2lrrl2O+(6Eq+QI!r8eJ+ z9w&wv>kshO_!uh^nb%&E>Q;RJN`XDe`P%;`QVuyl6b9iPW)~I%)Y(y z=YoT!R4@c_LL%@SaHJ)3s6q~YD|2!@VhmzZM9M!9eCJ~dd{MD%*F*{7AFTPBZU42b zKQNA--L^gW>yP~b3=DO{&}cXO*Sg<_n#yK4x8oKlFRg+y`>24@l5#6pZY=e_G0bgSnS7x!8iStxo;+J{6h@=RSpG3OHe%Zg$K2V& zI@Ov^~F*2)DC8U8?iiW9fqtrL;Lyi=i>p^Nh@%2wf(GOiY{@ zU3-^nS`&YP;{&^(&zKg7?L<#c5d1USu5Dvy6pS-R{J-A$TX6A;^WHE3(C7eu;miMg z%KMQZ;4^F2+i%odJ1_74n*#CXF|GbwR^(8pB23#Kk>Yff*!mVKt9tV=lG^^6SxI&8 zgJACgddK6%H>By_VrEtquQzdiBVXLr^P0WyI+`yL(|7KiVY0wFsXM9oC+t0*ntog| z@2zS~L*Bx!P10E!0i%bAD(Z0mZFu?;yO=a)*oBD1KdAu0rZe}PZt0gU6% zxGsQcF_wZgTp47bpA(4V^~}!*_%%RakqkQHG!2f>7lK9~DP;0Gq(`IVWJq3KkEqPk z8QuW_I3!)Ckmn#QOC)B3M^5gBp`{}Mk(_UX4w{EfteP)uq0sP*mqV8@gh^8dfqRQ3 z;vSSrGm+YHf(00LevO!a1+G+w5+$_9m4Kd89m7U z!J!-wD64;N$p$8dk&{xz2GA>F80w3XdLuN9XDLzhqr@VYf6NB>RM znpkZ>bVqvCR5lCKgr~qb0Vm}=BJv6-IxQE3iW_+WWdf!<gn=gh*?Y! z^3T(>T)bCivh;~h<)q)dylqUd285}hThs~)xJddTI{^;BniNbj#!7ThS1)}ZET451 z{L9myfGvk|?UU>F{tPxpzpv_81mz`TaMAqVwQm@Y{xfaAmeFTTKXQWgB_)+mS2+jj zD;L1=zFkmJS{{9D1q_Y!!qDg-RFs#hj6bg7clsHBRpm8MSy2OJCFM|C)sTGghME>f zKANIq9DtpNUegoK!1zHOso;^Um{W#Ej>5r{YvFMB3$X3b_o21^d}ygV51Q-Fi2~Cq zvF@cwj}&~;)X0Q{5MzBHNXZT*rgF0kaSBKz=OKf#^h5j>fSBQckkQqkxGJLp_=M2z zJzbBfS7Us%#(S=^q8b);EQ5z0+5{WdA3nY48<7fMec{s|hWCHu3#S?C3*Qg>4;+Gy zS@TW}04%MD&fj42?+veQhQ7W&sI9GqDK&Gg8BmglMn7w-rhzoWMWkRomGZjIe$4G? z4^uckBErnMIbAl0?;ndgg}@mxq)*5iQo|y^un@m=+%&q1X6|TjS|z&A(({4D_ln-E zk=y0I6I+tcnKfl`h60cX0KELt)nrTeQB_`VnSgga{Zaex`(L{oR?WRB0R=(EV1#LUg&&@bh_NcVA9fGF*o34<2a;YCa$fY4Wz zO8B3}80>jDwghRzF*X}77))jJG8kB3%@gur6rfM)4%5hkZVZla)~PHd>SF(pm z8`d zAZ46}XScV(?3t~wa@l+bqymsGUul)4&?G01>;QSMP(Ye^O?=Z`@=XA8$ zy%y$t?2aC>NsHN^*{{)LJZn*hI0tbcM5)Fkrjyd9ZF>{8 zqS@b%fBI~2RNVFLhvC{QS2)vUZXahY?C?RFNrvXAG((`!j3H9;c#$` z?@{57y1H6eyl}Rvb!SeWd0%&LpZ7I$@0-J&&+~(~r?(&Od*}&x{Hb-&d9W)rAaS;t z(_8KPS6{jkR$so7IT1^66v<7JabokI0EtmJW#@D>bARhR&;xFkAe z9pxtvOk+VAiQqeC<}hV~*sur_MxAt)2br`dRZ#9oUue4IfNqAsm<)E59V%awO}>cw zc<04GCxH>qqf;O$>TZ&*-){SP0Sy_?QB1A>p(4iYn}DH@?D5YDYPR}?v2cLQ;|*q9 zBNAx7U(u!$D2KV9)mA$bK7P%=!6Tc#1^>C>>y`;v3jNSKumj$5?x&!YiW1@W@~us6YL{Us-86)KxV` zk10@DUX%PZ4@k@jD5;z?!-70$Q3p-Y@gI(k_o#E-1Hd2nz#mHBFIX|;F~PCESK)a7 zMyNPi3(a-s!ix$f>KG<^dq7<}GUQ4|gz? z1uyc;nJ55Z(loosVHOcbveULTvC?C>2*dWrux?^GGO@ghJWwSIm@#eD!(;t+uADmM zT<^t6&V!g_&u$l*9nak&1|O5x^@eU6TNch5VOq&Z4WfXX)vx)e9kyM(W6L zh$3mM=(cl>`UA&N~#qErxJysD!~NT{8LcRQj&~`Z@c$yhZ)m55(+LG z_@qbxd&LbZi2rHw0!h-tn!Z!Vpe!9z%7aVVX0-w1mKO)C`|39z@Bq5Mz4L!UO--f8 zZXuzA6XVVXhzU^u{;VgS+Xyv3 zsDzd0FMwNaxCC0PL$sqYNvRIySML5v=6>a7UaP(Sx+_<}yKh}x_B?(-+let z@Zw9G3hr{vWf#KV{l$la0>n}d8UQjHInf7fon!=27GfOGFLcoZpo2#5$4pUaDawz* z&Kx)9@^qsyD>!13z|OIty5?yi_k`9l%03=V6NX_QA?-!w2Ia2I5J(bG2Nxj>45G*H zbXu6i*jBpEoZAY8MqJpb*=1InPr2%>_rV3Tu7dBs@C7*8`wY}qPlNWR7525`Gzw$+ zpJ*gj7?MPAqHjNxl?_2dO*K@NPlbxoCa9|@fo%s~fYI>*tBa?(_D&S|YpiXvfM4$C z6wB~Sba0%O7|I(l5Ts^u68NK}Wr<+U)U)95@naV3j2$=)yJ=*spTjs<1n}pbe+>Ax z<^DE0J_tv8*1^%sb92>XTl3}fB0KHc|`?v2nttQU62M^XUr`b*ve=gz<6%p+&Pc>ULF!; ztF6d%6(W#RAV;Zn?c8I+m$ zN;ir;C!~{Z^1$B%8}EkacHK9j@oE`@FKvY%zVs!_M!ezd+o8E;#sr`o42I#F7GS8} zLm7Mw1li35zL|s8eMDJt6R~)XoGvrY28ZI~ZWm-j5bnmL%-X(#GD#k#$MV*KH|73t z0F$Jk5O8<~4h;m320R9r?0AuRcGd-8j=x?)lCqHfE)dEdnk0(KqSI7vNT z@b9USfV0n9ROa zaNDpPg*d^)B7VvBC4O!LU6O1O)1;LgD*WS5uP=BQ66B-&b6Mb@+3tJr3ApoPxhn39 zFKvX+{Po=`+po}Oz``$n{T>Te{_SV~80zb5)l$!7U?0YsOf-GcJ?%eq7(V#n&lLnL zQvh%!bG(*(x=fI@wT{Uv&`5I*_n6&) zfHJH+Jq=3b1+vpw|B9rBB_ynMWATBv@WOQ&+z@Gv8n(C%PYr{+n`f)Ii z5-n5$4(O%xL2)cVbL{8MxegXh{cZ1T9XPoG`Uele@&27~vVWJ==~5@@0>Gayrspe( z^bGBWZHK=FQyVUU_9@pu(l?^W`=Vz9BH|n;jt$KmMBLTUt*9V!K%C;H8p;}6=(AWf z=?*2$k}Ztf2rf5XdxrKTZ!5z}sEWp$+4da!WpHkf8GzTXdJmjC?~>E39a(I=PQMZm z@N|48mR10b4T3k5HE1dzQHh zVxUl>Byi&4kut3zO+w07?eS8-{1-pmz0uyQO||o!HHvs~kmQ{ohSgeXXEI>SeWd}| z4ESe3yRG*^N8=*6WbRw#)!_v;($9?n*e;oS6Fj@?KD*E7cHReT7QNFiJUTrw{;{Wb zzd4>Cy!<6^92!7#QQHd3?2Ez8{^49(@Ui}b7UVqUumlZwXdc&}eLLK6_6G_ZJE;2a z=yf%ahBbTU9nyi?=V+z4Hi9SSNMa5w;tu!NWQlYch7Lr#k^DH&jkAN%gp7yNaZZ`W zb$P%FMQf+-0?M%y+|<$EPRb{pu0=~)}N!VZG(hk-4?V9f`1)t@W~I|qOMZz{B78LU%C6fQvyL_An-ds zc-(@LhM`weReAcNT;*KhB*JJSj;x0Q||HeYt4x@2%HeVIKvf zqCmjNTz%alk$Z(verxhV60eQl>kXGRN%Yca#x9Muca`=V&N>9&4H?0A0Y+IkLnv6j zBoUmVAFgsRgu+NK)5>wR?(`lLm(7ogR6HuZDQ>HVyj4TmtR!1Bfd|VnNplkhr=dA~ zKM2iEP*Rkn-iaa%3eI9&q6Hl=Xz#J7En}~vd4*-f8Qs4z8p-b?2jWoz=8ffljzaI? z5KL{TgX;2js{y!v|Gz_dnb895FBo{}^v>RU*D?b3O5_s~x0 z8QcYZ!+T(0_)s)PhVnxH@jahoYBp3YjuQWub?|Sv*8aTo+#B-DKM3lKo=Fgn&d_JQ z5ul3JiN+*q1EWf@zyINKUkHj}H-#q|6TxdEWe{usor z6??#&pS?_z^sJPp8%~~xKCnpM8l@V^7MD*A?6N--CZ#rivra0~#D|i17?8~9@x^Yy zw%s=m3L3!ghI2ju54@I(?>6jz+yMX~QPI-E(zx@+1p(JAdY1(NEugsVyY}BG+)#Zf z4Sv=KM!MnK&wth)OT3xmzjDz#U{!Q%NlUMQA(qWtos6$z(RVb*@z}QSCjjS9H+~cL zpV$WPz35X`w=e`>L4jySnS#BdAO=B3mvDmt_LuK?&F&%5IV@KaPP*XuMlhe2g;>gv zid65AfQc%^?eT?NfMuxbS5JHTPeAX$3Fth!D|tg@c@;EInFcKl)1V^y-F2##o+2RR zfn<(KPT`9{@Rg`=9)O-!M!bI^7vR2X%-3nmf=Fj=mUwp0dT;MA9cmq&G;G@zz9uB6MHTbe)0GH``y0U4#zYwy7{iC`j= zjC}xkw^t`5BiS&PuK|kU=qb8@OnN8%gU8{4r~VHN4G;`Qj}o|W(!s&tP(Qq~@p-s- z`4#C{5H}Etzz~ZFh)5H4q73kqG?8eo;befL!XVT{%uzzZxd?yt_diP7cu(hMzQbRA z^+)iD58Vva`F3W^sDfr!xO`d>I-m2GS7uh3W`kl9J^~8rG8chwEW;7f8KsxvEbjI|LGn2?NNkaFmHQ0)jo z4Mac(h$OAnfsm#9?zKu1g_f4&>mdl?YXt60?^XU>S5xObSywb5u7*M#&5dHwV+mqr zQj?2m95tByckdhOgsq4Ep9KI9b-xBBC1sZVX8}CxzB`%+>_%aXMsq*&&kv6dz{|TI zjFPOUp{sjq^zUA1tZRgm{apotzv+#0p>0aL1^yDiF3&KGm0u>q?DJmhG?XL&qVw7v zhyN2+%=w67hQrxFrv1@8;wSotjzIUo?kLIL0>^r{K=0r_=QhXy{uqGG|K8R6JZw6+ z2Tl(5=7HIb&^O$Zyk^tERNuC)q9XUGtbqE;N~kWYh?3{>99U*Qqa@KUG|vr=jKbik zaaA6N?x8^#9UFs_(a(Y5A?P0&R>#d*(=YM*MrJpk4b>I7q}sSi&uKo(4)B`jx!LA- zNtbeANoSm!Ht7DL1JP$kkKu!GqJJ|3{2>1wQe&1BPVF7q1}*h7qH%WAJLb{hI+)tj z0hgY4y<>crf=lFC5uRBn@Yk^w*cgGx&9DI9Ht%XEFRg{4(H|80{QSIW-do`pTko~M-}Tg=z#m`vPu2n6ytgJc>(EvRk<<&}WoEi) zewo#@*aD7*jc3?}#(<=waf$B@7_g-{u+7apkK}z&<-zwV_P&LJJrcENzL?geD z;D8eEkrC8nE}G&Xg}D<|#^sSj7rm$dLq6iKfT`s4+`A-L6zyPGBurCiJ9K0xG&RhG z?*0R?W$(|UXJ(vI-SBw-K4`5CGXP(GeVzUJ+UqYu-#`!SKJYqpAL&ZI#o*8Yr0$?v zxx^RhD)`+ACx#86vYLzcZQ0fteESm9(mRogT|kb;Y-0TMRH>a211Jmt&7^Fzn@?E;T|h0E<{Se8*T6 zLx+@FU%*WX)uLNQy6ji5gM>;C4Wlq>odo>6Hy3@YH7~KE0Pupobg}cKFt-wiiekU6 zo+=8WqLyXGF%gCUUeqp?6Fwp-F2?D3BrOI3pK}~1=^#+p`` z-Za;Oe#WUcm;8(;fxF+*OHP1Hj*?9_voFX3bl8OPYkP+FTBqLWQ!ZvVSRdfQ|?~!$Z+^pnTF_0W}o{95g>G?dzu3H;VU`z{$aZ=$en^evXYn zS6{bfI-VHli^jxgavYluK38y_T{?Xg%xGw}fM8>Fb9B6o_RzWqcIGr@2X-aLoPd-u z@Rxvp=&Of2-?4Y_g!j$F{!!c`>A=;yp%yvUn38TR6N0h->86_dO^Ygc>T1}*_*NJsEB+7 zJxCz=<-pNh@c2vrWto4)Yz82F{N?|GXEs*B%Eec}x${@Cd7hg_f&=cMTCnwn;fkAQ z-GV9zfH8-jA!EH03is_mE-9cr3JXl;XBXlZ5<%%k;r@%B?>C#dlJyi|sb48%Z zMcuiOGUY|ky$<3DZX34!3=W^z43$;U4#pcN0RX0jD)aNm$qjJ0dpG>#iCX9%=&^ub zby-#JXK4;muPV#wsKoy!CkPD9dMFZUEP$eCW|*Xu)I@15>?W7{`S9Z}2S0L7M{AnA zp`h<(9wTR^tb1i=X4|jP%)9ND%VFuFb|1*d1CiIPxxlvH-uuHRf7?OP8J=b{GP-@;CIofU8enZ>ktImd-Z&+o)PdS+x!w>V@ zkz+j;3Rx-fIoN$?)>;2fuwix`A=_OKm6VV zz`r}*cME**cWwzEL6D|Rz)k3pwcbi|9n};QAcLC*e3C1|`PWZnd<>Jnj<|_MNZLiy zN&*mGZxVA3cg%f zxFE_+e{ugCxZs{9T(hLC62^v80C2-=o1-a)Aj`(MX zeAHXW6f%;8sBeqNKS9djYm7H zE~$c(J>Br&&%OthB^9>)$8h>)))WF3bKiE!f^!}Bt8}`eg!(UrB2FUu@>g4Z4OhAW z%z=IPM^9w7hb~<>Gr1v=iqvcoEYg9&A^7HZeinTBWvkAD+i$yyso{qh=!Okv7=Fev z*8qVkm=Zm|^8ESW-3(a+2l*o4PJVj}f`4bj?eDpY6$Vff432)k`#ZXJplKO?_pMjh zeK}nj`OB2f8D`%tEm1IV$4&6Wvzy@VdmdJg$uJB*|B2h8{Z^@_o7b*c9s~f5+i!Bv zl3^4IEGIBrJphP8j2~^r*JPAJ4k3k)Bmp2#At5mOeTKcaV%bvI_WB;^JlIvxP{aeS zU)l_=AoOICFsTyK-J1jdwiF5e-T9{XT>we-uTzrWP(Ly18Az-%r#kw20vyQQ+u82XD>iDE00k~aEZ9VcL`aMb$c+(r zl^V70N$A~f6wvA=0Rp2Jt~d;9B(Bj$$k?X33vwJV=EoNz1U*>1aU8M_&uv4aeemq| zuR+_Cv!JPVK8%bFKxyd+OlzD0$9n3cguVwV%Nk*Hyc=HGdvBDKH9=MM$gu%)K;W1G z1MOqj{%*j(7!<51D}(0xIk5BahCD-XJlbD1%$<6+W&FiS;5Y@CeP=-5uOOSy`Ap*` z`^e^x!S*AkN5bP!&oOvt^IDkQG!3p;xE!j=DvL7=F>%TCOJHux^-zXGuyOytLq+t{ zjD^awdRQ{^23S1(dT6OzII-X{e}lMF%JKePaJ1(&=sf;{W%{vJTTI>U-Swxbx}Gry z<2GFvyi4}N)P1m}>9DXJ(daG+o;Jj5l zwl6CO_;u_9HadV~!@cae4X`{*kT(2)7Qvz=`byoRmO>UO^EV>peYx z22A_pHQ#~zU%MNg-Sv~?eT&*w=D@#sH-Xme;&o7?xT1odR2|Jp%i7oE^#qwB?b@{;KK=Qx!%f#+0XJU18ft5*!DF&2 zJ|tP>+T1)!+=4-Cnxz882uzQ9*TK!1;9q@BBh*zl+8rG@8jkhN-@f~cufa`kdM`9L zOjD&>!lfYcBw>O}L`J2KKy;7B>^~Bh7Adn>?`dck>Zt}zPgjp$17R_Q-=U(?RUy}qp+PQQ)V$Ol__eE4I_MRaF z@_w-Rb~d_s_dWbwXl;Izt%OfxGqKM2C`Au|v9gme)bWfdrbHc`>;-zaQyCX;*2nBEF^{Lh=C0OInr{WAZz&O=?+CD<5! z6tf*T*ah3R@3uf9AL%r~yDhgF!;guy{oeWU9Qa34J54huBF(hOZ?q@Uby3`)io7oBRNSRA~VbD?%5VPb}(_%{+z!GA?YP1iki#Q%hZBW%B5-EO84*wFRQzXhT z01{mt?O?fL2r{5kzx&bGdr=iiT)c#W*EYMtk4^y-mD7VPF_Uh?+Vi3 zMxeQ_3Chb#VB3N9(d&j_N=>T;{;Y#*(RDS>%ooo8U06Khh6&G=n!jbdHP+05rs}z{aN3Rb-^T6O0D;{Ddn_PobPZW6 zE|UicwdtY+U{UGLqlZfmn$ z|9d*EK)kjM57fcJj%DJzyX@yPi^MHmUJYgC{Hz~70Kb+SMmdCaS+|;;x$T+f*TXyC zy&UGYT&{LaaJIK($pi{M8ldKS9uj4gVq_Y@h5gxd%nUqy#V_|RN#|(tZz!*V@1j4X z<-AIH6?E))Qm?@!pH?v=1d30DS=^zQ&OrLy$x8SlG7Q z0)Q4E?tC0(H7*fX+co{@vFyKiGunN*R^;qCj9fwuhR_pY@t4{6bGz@iF2SZ1*Z`C* zbu$7+ojM_i!)(Oj`^?T7+32H-01F`8-zh4Hw8v&+O2G&_c6Y*^pZ_}a^$)=JfA|pG z_uwz#9k*T!H(s}f8*das76T2&F0?PrqBTaL-mXkAGBRY_el^f<#o{YqM#~(it8Pl; zv}mV2{l{VVp)K(0&b3~wINFDW=UT`ED5IA)Q+}$$3*!SwZyTThD6?`C_2GE}i$u zNsdU#C&-8E-DZ7sO1nuUZ!b%k>-Hkkr^S;;I5u1h73C#R zQ&|C1Dx=S=h#pm~V7hgq_$ms>qtA;TV`F2{1MI^9fn(9bS=Wo+4ET5T>YMouMdVO} zDd~Ins{!E|bMv-NSh}!7pNE1;75COOK$Zc`9(jC2L1T!wU3alpvn!69#IxEE$Y|Pr zZ-4hyz8H#Uf9@uI>6m->EtkW(4LekD?uq9%M}MDMM5#ptCzvj7PekYG-XHuj2>yNG zJy+*JJMMbQINeUt{iC1i?NQfWxg0Kw_M=U79vJV!RRs2ZyZ0ZlZNJ_*Si2E!x$zR; zk}G2~8iKw;aj;H3fk+vA`j-SSyckvqzO(?s9TbzG&fz4y2p2D$4d3|UC!xN+7Ti)5 zIpE+ozVr$B=%>B{k3IQfQTyC~u*>duGQgjExhAUlXUsm{dfnyuL;}5~$K#$LfhHM| z0!HY8f6n^j+-j2gFC#e3G>Uw?SY_p6qUWLU>uSakirI~1(G$RH?TBwJ4uYzk@>Cei zCRQ&dy%SQaNhW%L$Xy+S7`@--OcbuJf}*Pw@E7spWyEl9OT3+!1jAS;5r?bFd2pGz zSqgn&L{yF~{bAbm#$gni>*iY4lwoWc_Fn&RIc(bZ7_?3)jS{2tp}b@k95}HN%A&;I z==p6u@I$DtZio7+4(sr1ItUCKaD03KN=incp{5cl%WL7_iCu8u;Lbeow<-tx5hZS+ z+<4=S(f2F*Go9BqR@cJsul_4&sG5}mI@4FVS*XW;m&4Aq3IFKjudsIE;V2Nh|Fx&! z?aO~NO3F)p(8OuOJ=${sp5OYxC}!)0%CZJ{^O8S;B^LO@2~U@xj8m5_DqEPQRL`{! zH^wr>o&sBjN6oWuf0HpAu!s8$S zy>Ju&j8L=>$6%x^R#8Twhfk!WBkM#S%gwc$;d{jd%rI{o7(QZ;v$k@oB143JJ;__^ z^XD^8*(sIi&jS2N2CbA4a0%Hg4cuJTex)_vFx$4n>j2K?Ad`DO&Ff;PUc*K-Ae|QC zWW|6@#clE54fF5L&;Pvz|KiR3{-Xz;hR&nI@ZMY2Kvh+FX0sD{g>Bcw0@d7` z6-QCW`sKg3?0w0CcJ4NJ`chbZ!EaiZUs**r`>v~PgmdPvvX9qx0H;7$zdQ#oZv7?O zhxz@H=l|V;fN5w-x-O5<>r3N;;wx(mghipfC;TKRng4vpAZ}CwiasOx&AWuoBtR^N z4X<@vv6`4cayqG{V++BB1j!AaP=J4~kuEvk5*;cR$`k}c6&NIElyQD@LIlVuqmn~A zL`E>T2T|s?7oj2s9)ERznvHK_@=$x7qKV*Z{yp;ekCVUeIP?TenbHZbzP=m|AMb>& zV+W$22jJL=F4%Wq2aF64LunMGS44|%d081usjG&H%5gAeHzg&xqTJ{(Lc>@!R8kd` zj021erE{WT_Zg<30Sk?}+vo@-k1_Mp0Dxmuc(A*{O=BBech%dWefk_ z3jV7VFQUhz}_65o()du>+R^6l@r+I}`UD-aSYz-;cf&D-~>fU7yjH($Rh z!=ISMG4k}vJZ`!E5~~Mj^ab6`{CoG_E|@*5ExX$`3)qul6)3d%iay7DVTju$Q@;mN zbk;CXS@r{piKZ=d3Q9+&<=29Lb+rN;Ax}j6(;vSBUVQ1p7L+Tr83y2*%T~f6W&|3Cql2s~zwU<9J1w2=#mxyVx*gdzqMiBLOY0aj9$ z+9I-KLo=oz)ZeeFo;b-6N)cV@JPceL&o$1;(p*7=1R%o9wS<&h4H@o=V$R7X{yIP{ z@^~O*7#{09r3?}(4xnM!FQ!q9Fx3(!vm@Nk$fVr)gLRI;cTq`e)LJ5{8 z=Vf5H6q;*V;NXe1P+d`H*?u{<-VzubITHQ*B$SnwL1{_31qUlD%VA`65RUd9h9ljb zP*>Fm%jRAIjkT?LsgiLBY3=zw;89SJ)Qz5<=cciQKd&3-4WoPRr1merkBK*ty2 zLC=BEjgPAHBIe&YPABp1MV@U$C z@AyI3-nAPRw$6Zg&C`P4ZD^nl7EE8lk`Ol{C8^VSnzuQNEBylK#qWW8{^hTKeF4C- zN(KNPI(!6n?A!zM=gkIB&rfzxYBuazob61cl(?1(mv#^LQ|8n>af2N4fxLf34NNUl zc?De1J77E@(8CK|rWARxodp10V37Q^K-DEDx0@uEFQQ-;qpm&$G_TQPW(K$%Mz*JB zMl?UnunfDLt{-P}#_uzKm#x2^8-N#UxE(sY+e|a5phR;m_lNV^uSfvEqx}amP{r(e zq*h(S3^NDR3j3&_*`(hm!C~gcG{{THI~DNHYz<8<&^BWh?AUV%{`wm~f;(=z8fHvu z@=ie^zd0m7e?kv56AMIOy)YMY*TJnk_o!)v)yrb=Ph1<~m)ji6IrCP*^p-hr|1;la zAfPb_d2#FGuwuz-hp;B*4M!HjjWG&h0T{R!)$xm7v!AC0jsoXov9vSFWU<+0#*sYH zdO+)o1j%<04_@QbPN z05zd7(zOi;6_{6B&BTCG?dzR!bh7(c^47A^3OIiFb@r1c-&RMhqIy?76 z=l++93INVsauHm3!RqMeg>a(hVD3hf#0Qr&s%l~sZeKJ&T2{;M>Dp$ux595(_MgxH zNl2qb0%`_y)Hdt(n`bi;3l1cemM43{0MY`Lh6O0WwK?r=87_t48Ot2Tlh17qf`3-4 z@0Kep_{S=u6p#qW-%Dnn+GY$tYN{&3D~mVJQW6lwPuJ8`z%AFWQd@zaT)Po&o3(mE zT6ZohioF5DKyxu?IGqmizzv%lWe^|>52#?p7)YQda>XYOAb#L|H(L-;f}xrTRefy@ ztiEg|-1p!U1^3(2H{b-86Z>YS)!00~`-2CIW*i!)U*q`eItwx(Z3yVGQMUWC8^e(> zkRpkRkrT|tZzKp*(v|yFUBLa~trT4FIf2r`1NE;c1fV5Yng%aI2f&rjAO~_o9pef) znyI?j6cTX{lLjc@gN^9b?$|X^AQB!hNu_KlsN)HZf!8%qXibqxQ&NS;v3{ckr zZ(H^uxMJb0Ne78JjD^#F+s1T9`qKDobZi8+?0*5e2aZ8iSp)pWxu1f0ZL3dz@I#?w z6-6@2=`1K)|Im--*;1ZZ@u7eINNOOa=k%=UtL($ZgTvhx5M00aXYkU#?NRJH0t?$Z zqPTV>`1J<+>S1bghc`KplZ>6I&9wbW_TRZtf@&Cmryp#516+XP%T`+MJ!i~7asVLm z&Mvn(B+q_1f{>OjAgY z0I6W55=Q#x9LYNW%K5UQqDs6;?|+U%uGWU>R`>5d0Roy9;q#*X8B-9c+t2b4t);(^ zSt+>KTYA5sB4q7qQd7SBk03*P)WP7G{2ZY^Uf4{f+6tq~3Bb%6hBMbCUIngPLV}aT zeJHL5pq!ZWJfBae+Srgbt4?%{z*W@azFfC&i@C+xC(ESxIf+l?)fs2n$CM#qnSrD` zP9b7o!V+WHt*nigLVbCC;iW$M%+cX-8(dS|6;VPkJd}S75|or0U@(PTX*{R(XF$Lh z0G!&g2rgOn)+lLj%2#%O30t3+A4k{O%R-+`0@&mV?qB z9dy8ZV>bi-edzWZptia)-x8oyEUDN48iR~Oqc7;G2BUK`i^_juQ|^dno9o`z)Bu0? z=kK#0yLsDw`lTPmc)c{k%9;z$6n*? z8}9WZzxz%#M?hG)Y$1RG0KO1??z?YU?N=oyG|*5~W+xszr=WtSoJwg6Bf~WU={kvM zs5k;`aFwD7zIV-K7kU#IxwIn@qpV!Ev?u`3u=Zjt7t9a{4{fIHx7aOd`vu;@s-8=;MHq+v=M_B97zP(*4HTtYu`Xxo9b4F@CEr=$b{5D&FSy-L#9}X{ z5jdHbhDLj#q@+CWyldEfqj|HA_@`;h49i59gN|zRoWKHYp-A{eo{!EH!6%BCPMSo^lf8I=txj=e; z+uNb6v<43MJZk~1*Y-XeeQrK7NLW1No4kZ}40>Fx+p!8>K*ve#n( zv=0Q2ym3qiEX;XaIs0l@5k21j=D&i+w|q7lr{T_r(a|y(9H@n=@@fwZ;cUb+6NH-f zU%9>M-0RPH+wqx&|11J%wE$^+G(+H(pZ!FCp-~;0ZJpE-!8qGvwAEDRjBfgj-8Q`=GI!tdQDKSA__W<`2BY~4p$lO?5F9c1J z1l@aEIP7xJmfyJx+g2v*zO9E}wEuR`n#=w(uD@3<76b1=R6Nen0DfOp8qVg zM04jY7yPjoIv?xnEaD!~)=l!_7nHG_3m=ld-h04Z(DlIwxZ;68q?bEgTx{p={cz{! z3WI;{cHhrlu#CXpzTr(!Rb2t98&&>Z<0MxB7Aq`OED%41=HZqpDZBe<&p}wXa)qSKul~8Eu&gDIEWK{U+&$*YxDxTEntW*%6RskXBYLiAzLTwqGJXI`Vohl!3tb%rkJ-u>6QXcsRq8EGX=r9Fz=>?8 zU3V-Byc_D8VQ$Al*s*s53=Q>J@NcLx4*;S=GNBv*XoAc|vzEj1v#y24`l)a{x~bx= zqPz~;T9&{ytKUAc(XVJIA@D^yC551u=>Dp5P4{yK0f@j2z5z@+GF+HUDH}ww; z26YBkSeIU=u9@7pp3m2VBVBx{<+2*s4axN?CDU|GfL5c;KqB>CDr7|fMZR@^+6oQ0RnmsxTpli zTs2elCHwsZ>~mBRbMT6n>?&bEgOWhu@HwC3c3{L~p8$EHp+^2Z6(jI99JN8jNDH!U ziCiWJ20vcT6Qsa(SRlEI889w$!M(l&VJUl8+K5o&a`1tSiT;azN6lm|134(v|wsGrTxa(vu{PvBP!i=d+;8%6glcXlM zSWQ~Nm)ICY(BxdQ``3E2O<8ovAsL<4v;c zNTyun822G@|3qYSU;+>Fvm5IH62F~xin*LhfkGB%19A6ebj9 zE^etbQ8{J~1Sy>}P0pQmIYsyB?Qi`Z_|AX)0}KugOllEcdERQc^x~_askAtqF)vHueG@z zZh!Y%V9COEFG@itD=p+BAw$W{+rz@nvuC!lBsOWBLr|GR7)S*PLV$%EOlL=Y_x|t+ z=pPskvh-4*aLAeD(PuEa#B)b5b=Tg*>i!HcxM|yd3)~eQrTWqcb~4_yZLbIZ#oOks z`*Tdg5Wo}o>;!~BcM76Yx;KzQRW#v-M{)`UW*VUSIZem}B!d=}HOE|VmP0R+S|6k| zq0ofR8H(VD&Oo-()7zIX%46ytmz4szKxdFaDmAjmY1Kr(GD*US0!c`}kcirefo!A& zgn_w17GRM4W+73#$rrsyJzfwUx0!R13OJIEV4=J2i|-#m^%AhoMaCRGUM%K55R)!< z|8-s_CJz!)>Exa>l;?~Rpr5^)fNRZUfjS|FX416vDcKilJvh#09DKV6w?&VA@c8Dx zgauQtj-D-vp6|DR1000YdHIBz=6UAgDB{~PoTb*JE8 zSv~m8U4w?e8Va%XwWNb3cFgZ>fjIrebow;3NVf!^+1 zH_hiCdIx-H%{O3n%Tg~OUtK9m^V=tKzLUdc(r9& ztkpGACAdm~Ik&fe0RH+*|Ez+4v*s->>fSzZ=s4VU?;~*2TUNr#^A-fmGW5Ga^X81r zFi6ujM?UKt%|F-4*D(0zOkV;Aj_mf#LHY(xLPKpMBc!^Rw%HbUEMowm+4s?thoHG( zT6nPnkk%ZTGYg8&y@ZqI{?29+WSlcps>hy59md@*1@zpNNeF|48)s}utlu>>$&o#* z@?3iRW9p-u=mxt7KygSNmnuAX4+E;J!03@YBnM{(5qT$rSQ+6DK{i=qnSWP0Nk+T~ zXu3p#ZA%O?U+oMLc*DjP-G*QfVF5mwr#c{6M<)9SnYym_#6QM+~H4GH7= zF4j~qWKLY{_UY}vOJk;gB-a4q@&EP`evAa#cbwv%g>(=7e#y5e!hekOtdVzI+I z0EqdD-sDlxbAxxug1HkuSLn5WoxaUz1sa{eHJ4w=s+AmsRu6O^z-l9||^x)&}8ZWJtu?1GM>wgXrKHfAA%T1m}pixSo!2jPBw z^!AGgxRBwOt-#~3egQo=**HH-lO3(V;_rj+AKZ)YF z2DssZzs)iK0*>~lca|*1=*quoG9x*4antpVLqH2EWe)R9_rUAXV@Gz;=VYA)0d3*2 zcRzgkzPCo#9_>E}Ej82ad4GBTV~O+cvi8;1FeK}oqdIR8 z1KQ%^ZoFRu{#8eFX*|ap;P0O2{~~$&nnmwmUz)s1XE>MgdjUWld#D5v|37Z2z{3_7f0VtAIlh zCjsilw z9$9B~WLIj?9@l)u@RPRI_JsMjb62wq{?*mj*Zh13UBEkj{RFJrxD(#@j@Q}aB|cu= z1`~NFiQKtQzkS5uF#-S#Uq8Qgp*g-_3X-%3lQO4M?ztyVIs+Cg`K1IncW+2qg!8rD ziKL7UAVn7k4o0C0=ro?2F&&jOhKPq9$vCc~ozHS^Pq}%1$SthNpIHD@g83-?=1Be! z@|JHU-9Q9NBwNZ^iGyKjCc1cFe*75AXfx3QUN;H`#@XkVCyEARz^MWeZ~Bov*A!cu ztgI4frbYhsn9&p9gYWwU{NnBhVC9ee{}hLn0wl^av-;-C2O(uLs2n}!-(O7lh5$@ zo6b~ik|wML04mC~yeS*yF_M-qMkh&iQ$iW;c#rqdh%#@!^?sQB#YyGXT|sv7DJkLS zZKcKIL~iXVa}jH7brl*LXcO-qGGvjlgC%x`j0i;)AO_>NO@S%75NpqyiMn@2d1Rl} zi%|=lb0|_ld;>6Vbf6ISmiul+>?&qU;b_}jJUu# zTR`MIs?a^5!R!^I_}fu6)kmDbkeq}aqtRLZ$ou+oXbLI5MG2CJW>62tF9H^V4&co9 zYM%ENu(-)$v5k{z+m@D7KPWzV!~+()=U?^9VW)w?f;Y7HDqS zUfAjzzV6#N08X3y`o!h843TxcqV@f1-RDa!%iN)L^JD*4fPcZ{>PMBthv=W@Yh7CA}zvMT#wS z9O(9=)6IK+S9nIjAg^U#Q}%s790VQIQo2{yz=|CU6Ch9@?eRh7Joe-9*p5@vu_r-8 z5G{>SR`w&?DUPzpLJk8;tLe!$bswG5j@KlZb`-6Fc@Pik`ix5a(6Byid%V6pjr9YP zE7Epow_~KmYlAB8C!7CJ#NWe}kOPbY^TbR*__~frK8nM37Fuir0GQ;fty^K_fN{y& zQWjp=P8)xblZh77admisl*c~VJh68*-1gL$5~kmhtq(zSYwq|vap+8V$DFHu!3|Nl zvlbh%Ms8Ho9y!yfA|^=yQklYe`;dFjKfJB29sc1f-%i?pdkg;YZSiw!VC&9i_|SVV zgkeJlnqyAqbaV_kbX&CRF-NkPJZ0=GSigN`;V}j9@13vzI?Pd{rqEq14(^@PbC4#uBG>N!fP+W)%W<@fI zwR0g!U20{zi3Z%(&^MV`8a+=n?j#wAK1R=3s}0k4#t-gs)8uTlC1* z=sZ!_1I@bF7TSPs|LFqw=m#$`$+ie^*e^G3-gQC&zzvoC6V=KJk~Ir)0}y*uwMUx+ z$;F%(bv-6f49qa55w!ztJsA^o&zO~iMWmA#E(U@Qs8-8$IzGuz%Yiod`nPXQoPddo zR~Xu_ZBcTaB^f>`id z5zvED5v}d6z}+fx3k6IM?Mg=~@UM07)$}Z*{{XrG4A*@JHCK2C@11|u*-0%zPSqNf z{tb|=m2TPd6g$HKfrn|q|dU-otBcV&=|62@O({x#G$mVVOps?qnWzE8j9UW0#u z^%smjM0*&qwcQjA^6~z==f9A=DEKR`fub@e7he`+T`2ik`#aV_OX*d#?S5%c#{LW2Nh3~&G!1|nDrT<6HL z5Mxrutr74qfPUkrOz$!Hmu{gY`1=328$NW!g)nXMXyB4hK)!Gf^7yxim8;skPa1m) z9GH1wV%DKsepB%8(zD;6Fa=Zg9}*Rg6%7CeR$(gNl6HP%PkGkPiZwAo^%Kn}hRhfj zWOaj>b~-2%5UbJcKVzo5M90n%ElDqyC3Iq15;YMSyJ#V5(E`jPRE%g`WgmF7SQVkT-EQQFLGG!MQXJD-dg!9pR`?Q?BOJN)6)e8`j4Hfw%dQ9j zI7lG(`JB&O$rS3Zg;G7YWw4N9x1ChO7WDGMwf^mc&$_=4t-$lonUl3L8y9w@;|}N) zZHcK1^`tr0NpyPU*@q?&NL#;!t&di_ns&q$fYu*`5GWurU z*Fyt*@8K`PKfLFM@T%ORgig!)T()vOEL^+{`ZnZ^#7zVG!)5QdB<_+R)(bXfC?59-&3_MHjgkTG9!@9`&O0z-Mcbt(>;B{g%$G;a__gEK66dvv<`u))`;-l zGe4F5h?|V0#}e9p&zUt?pRqw;8nmf-K+ejmJf{^@XW>80h- z4DSY&2B625bYiN;#(psOlnayBs*Ouv!;Y1(d;fMgc(?vc3;J&^%Y>yF$AeTvzK!)r$xhS366n)A}C-J0`DCm(B%;!i5^I$TP*WX1a@bFCwg<1Y z$_q!4!quT8t?=louR_P+ecb~7!WLS6Po4a_r1dxb`KwLeuhxC0S2zHF0{ol*wKDhz z)(Jo+d$v7ffBQCAvf+ox?=C*|AH@WkG2pWJlRtl6sZGi36y&RxQKQ84b#lr~pa?zi zK*cLA@(>q`!W!_){T=I}rSytzp?z}hl#j#aO}E3Q9jmjSZ`!#UF1z4k$!FbM0Rit_ z{ymsHd^Vgv{fh1{S~YGhdygb6z=p>Bv-=(%1h+i?nPY=Eo@o3}_xzzYH~?7m^h&tv z{wEUvu=8LG9B$9`zQ&9m375U|64NRvi&P|*t85h^iidoWa>vLN}{geN@{ z2i#?Gb@;$jGSWzM>q?k7Y<@&&L=Ib{HKy!#kgXdOG1hToUjRqU9qjc3Nu)_XFX-@P zfOzY+WFA?{*nfeI7tL4D_Anc16Oy{P=_g!q#;20ki@O#lZz<~mmI)=_`c4l1rQ1u* z`{34}Jp%9RL^$j88Ie0yoCpv^n2HWK#(z($=wc^Ovd;me%)dDJ7utW1_V&9+m%_S@ zI}$cvzkYof|4L#JNX0lDRe`O-XU?2_M)FenHsD$ft54ww(D)HkfO}ByPNdVkWDCt2 zjshsGA?MNskC<8=<~rmq-iX}mmQ-C?8*X@4SyW#r*0*Eji&VW^#n-%;C;Y-?>`Z?0 z!i0`6Z-nCY6VVA|#e&!qP9OzV1ZUfjCwU}Q0RTNUBeK{ESi#RMU_v!OkU$gLrMS2% z5+U?X_Fl{lCnlgEFVF-o><`SHuxJYKR$l9ZV05TRs;USH1%XNPcbU3gK6D7&3g^TPEPv z?YrQ+-}@>2?O%K-d*UP;7>iY{!DAHj))8cDp!TTZ>t9R>nN-Y)PW+dyo)lqHTVWB8 zfFx=nMNV%h(*(}YAz=i9a%l$H^-A8nMj+g-L0wyOSCs_H%$?D~0z z9;Dyn-crnf-z+gi33?QJfS_ORAz)yaGX&TdUg?)Ey6LuX&5dxdvjygie>V*3H(pMn z8LN}jI3U>@gSJ>Yw10G3Ua_ffJ6|db4BmVVH1I&cYc~HyT!M zehT`Im<9)T4|~;se@#sT+RnGW0B{~)1eS1H7GrJK zteXRwk=u*_Ffw5J!G{+b@Gk|-2LOV{W6|17rzj~hGG^pK`*$Vk<4B9l3=$D7-SJ7a_EXsf*6 zK7Lqu3|4YLf^D^@Buba5G9a|vhno#FiO!l43Wt)Q`V4Focd6Ja@oUC`ArHLJ`fFJ14%Q7kubU`cg+Pc79tFvtgY5!ExI=CGn_8h9l*n{>oMIc6JXSP-&lz%ymhZDHy2DS=mv z94o)ZvYb!6?TcM761NfKvmM3eMTypuLlY&Iouy~IX6OCz;*NV6@OMOlfDZ5%wo@j| zgE2#=h~FJIt-TYW?^gp0uQ)A9o`nTh7Gc+G~ z7A6dz4nvzp!iueTKtp|h7(eVBXzDx4N#fBr1&QXUO2LeLz>gP45y^e>%kvKT^R_4Z zXQ8`GywW*Bjv zLk}-&JF5}K4(FEtx_fwM|ueHCkvDPZDVBRwV~n14He^LawDPDdzze`%X#LgO z=y8(-VD|f^FT&Ox&G5(Xdt+jJK>#j2K{NIV8Ivk3-Q)jNW&+B|1cXlUfssmxV($a4_9DlWsNPcyLoHvw6pfE7kmzC`B1GC`Ov^ee zf%En!Z%?_9F*(1(N+?}dddCqY6Fn&;5ztd%hp2CJB{If5Tdm_GEoZ2aL`0b$L)I6; zOZg!hMRF48F$=JlPN22oa8(ZjxhgBlYzHk=g+RW2a%3V9AQvS=~sypV9-}CLmb-A;i!L||uKw^9HUI4wzjhNG2wyds`-J1PPm=rm?qk=$O9#r*7L$k1 zfh*7XoE)o|yNDur;Fbh4*6q5xl#Gmr{(T0)wtWj>#rB`Vvm3t$zk23sxbOMTB=^rS z9yBO{;7X;5A)O8?*Bi;c5L5=A+UpvGar&P`R*#EH1I2DO&zu{d!^t^>Gg*Wyh7FV_d8>Y1p@ zx6^axLAA);DF;HsZys2%$OZq#PMivZhmJ5m4*=jdZ}}B0TeVR+xuT5PO_DG3Ryikl zkuM)evD44Zq{8dlH{R}of3b5pmfIb_egb}a*At0GU|K{);-z3|dQ$A|jAHx(k-Tgo zI3gR=l6Z`=eI8V1B7GYBGAxG$Y?aPD%s$I+)Q<)AS+T5=e*#-GCBB#+Gooe^Q&tSf zykLZv8?hEyg?^HbTS=|aXyymKHZTtw|A z%`jN`A`{U`O&!T#=;=Y_)Vn%1TQNc*WNnqm`j)72hA0+y9`scP4hQ7Y$qGSc{p?RE zy@)*}79AD*51}`W$f+15veAlZC4@VE@k(&TKmcnb&5^Ue>|UlfTu%-Tz~I0;`OpAh z3kJAtbJZq*z;KIg8@KMtCoC@FPy85BCe$iGNgudJ7OsFlyXGeN@F%~Oy@GZh596tz zqBigJX$pvvCwkf2&rO_*y)Co?|NNdOGwrQZ$BOT2@+AK{?ApCQ8Wzc+Onx$-n!YHZ zp{ykl^Xem|Zd(M7(`zhJLmScbrcEEyXF)*-ta^h~z`)h+a7Y-Jgg4@tTjr+%soq!NQe)@K%_Y8hljQLM!l1-}|Y2CXt096dN*Vj+yIHAk(4| zi2_85LM({M7JUteqt+(nsZV@L(%68veC6vHTH^^Fw33TRJ82gw98D%9Jg5Lfhh>fN z0bFU9M;_#OVL=9Z@asi+07D8e5ut#r3On+#`SOD~DC=fRJWn7pl4v@l$uSyB|IUw* zbUc>_*_DFkp~DB@(Ut!K?T7Z(1pI|qIk+(K(knv8y%q^ zt5a-_*N+B9i$NSn-_!n_JCBbWavr>9;)ip_ZsmhtbJDrueL)9s_2#9?IrZ-|By#}{ z+s~JN8;FiROqOne1*jc?N7c`OAtO8C)w7k)dfmot@V~G52K>j5ep3kirCVKtESiTF z;9zVZhbS_fhnNHf8SN@8#JG4io#zpR($rEGxBzrkX=-+6zGrL?8E7j5qnusDi>QP9 zP0HqkJ*}&X>vO0jHq6pc9RIOogN!1f#_ClpYip+>pGs#IZUnNBx$<)TKdgpNrgNld z6hK21kcztH8~eb5C*fN++}drxti9t9eE*II;l4+f066_(;O3BWxQMcyiJ>cnL>8;K zVKAda{rio#!vha5dRc&f>9+W}HE`1p?@K__0-&bK?BV1=hy^1290<(WAtt^ny$-bR zD@cfZa2Dh2kZ7oiZqX~x`O>_P(!4LlOW3;QWydIDLzIr>!kj}~5vSr$ipWrKXRtEu zW>&m;7Y3oY#<@csl7wPeLW2^Kx0G7VxLgyT^(xr_l7{?<3o>zYVZi`Iln<|T zgW)oXeiwB{_a=FxIs4HQhUW<)^?1qcC3~-yLEcR$QMPjANOYQE4iY84Eq9LbUf$<|EGK(7Aa#nHbHZow;F-0X%G$=~w=*HJPfbua7Do_f*e2& zf4gzhPFS&O3oL(e6KvSLQx=8_=~qQ)Zhrldym3=~E3?ZWp9eYN!oxUSN>7~Skuz(t zThAu)ptI(o%@(w5_@abWdWbHPQ@N^Tn>k|&Ty()a1D5~oCq7v7zC$bU;%ArJLnplm zDeWNw!&kL!S-9sW?Z_Muv@3Lgs7*BtHUWYiCQx zi_q0|(2UtJL(YNOl|2672s~%b0BCH4SJl?q-T|#`9W}pSGXTT(#G+^9GL*Iys$wW9xTl=A zSqio3dl3454k3YbOoo=kL3Y7K-OHfZp!_|Q_Sq5S@&=Xlwtt_I+56fLHtwK)4a2L>^!JYov5sB>m6kzjF= z(Dr+MH<*9kcK;(w;KtkTh4zkv1@WmS5rJW8lXr#nO>h96G!^{T%Mkoaw{1K2z;}Om zKfJJNqm3`9FvF7|dNd*>7kc-!XGw-juzTMQSu`3kg=Zh)xg`~=^#%wbZdxj0MIsYnVoy(6#d7hDT8u2K0I071y~hecGAUlnLr)f6P_*dA;s5+Wj2P$CJOb5DUKxOkpIci6ysDv{l28sJClILG3ViE*(B5_^KL;_rA&W1y%uK z#%U`ry&8NdJOlFjr$?F8pOn z$7(xf2cHGA#$K7n+`I}@`o3?UelYKpH;TUrT7W-)_`9&Lb$9Zf%mFxTBi9|%1o_41 zJK#{8)B+qd6ydb9>RvVAUsjCh=B8PI&n;UOM-Py-wTsLymz*f{6(q^ZNuSYN?-PoF z2&WT+81Ufg*}032+8_I{{*5CmxkvexumH8}hKLbSH}I;S8K?@cxW5$hSW0fubDf+! zup*trXN?)7=DEA*UjYWufL~ZxETv3VM9xlWM_oGQKDZ!&f0p?-c-V+;17>SCY=>{& zau;k#SZ)+2E|8q+#L^H0T}6K=InHO8F#jHOz`vfH%dy%*8}JYAd>DTHyTyi;YEwQ9 zghT*R6O8NLSQOuKOf?<8S_5!k|Dn}0Ws2p2-mz)IPF|4C3TPR&RGv79F_{S?p+8A2 zNe>M7b>tXDg0saTXG!>M8geU6q=1s{!>HxInS1&)_Z@+;ckhEs@&JSv zddSiA)AM6xjQ;!{UkhjMY15o$2&(ze1yEMG=E1SIs1^8Up%pk|%Ap9Z!tr?9Zy$OV z+Cn8w+!)JU@?o+Zf?vLBa~VujTWB*Dn#EW{H7A|qbO{kHNK)%|*KZ$9UW=Ek$X-t` zSy_37@0Tb4rmw~9>!+VBeeb&JEna*U8l$|dW!X_=hYs+ zRhHs&qO&;jpd}4V31e}3EC6BMwUj@jIe6y#_j&~@vf3lg?#YxGiTn^gyI-V(GAc&q z97ZL@3S3;n5k0qJXLYLpHW^S%k*Tq?9qw#}hhDh0Cg3k@qlZj_8RO4<`RMx{mwnd2 zJXHJKf3OSyUUl~8;xiFS&?}b`vBkXhgWI98p>JZsl7M|IN#Nh7$;0ETuZNcQZ9Kim z25hDYONZY6*CjD0o>)yE{S)DTnn@Nh3Xha zG>tR&{p3++u@ztGqZ9<~I$J6S7d*0PxzQRVlGJ7` z`I6&%5y~1lKdSuUw{N)3W&ZW%T#n`T*i$Ru`v15)(*@);T76A8Beo_a4wV=@k!0B` zKy6#|2J?v{hKv#M9tX~Hc^P$-6w6E1`maZ&YBfd^C!)`O^$1U>G8NJZecsF!Mp%?&Pv#R(q1L}EP#jl zcmog`*n@v{0J1<$zx6v6ejk4%ko4q$3Hay&p{Gw5(?_*NwzRT5{%oG_h?8ZlX9}E%GIJfm3ZKc^$Q(nV|V0 zA56eL7rm*IT~7wOV77K4)QJRHIyRzycHE&w0x^tAtd)NA;0s?#bpL88VvQd@4Ne;U zngr-duluod(ao-wdT(@})m(m$<39Jax53=Wmt<|DAYgOf4V=jFJ}kYb6UhE0dSJ*NBFYi@UAjYRM!tq8u>05I$(A=hRnzyv7#rz+s?fTe)Pcg z3HvYI5+>jy--RhtrzMQejm^uUVL%5oG<85{Yu_G3zqM^cnufz=^FInde&Ac;=M$zN zwCqJ#|Kf>_b|%=$t|(wnQ6~R&ws=URZt9 z!9Tv;b^lYaeP=Vg^Ww9if8RbLE=0N18(4%?)z6w-=hrrD-@fsOuPE>@-9k(7W4~Vk z7tcRkrVVQ389)nTiKz@aiCsVNgxM-zY}mF^99N&lelRk)0DC671!Rxf<~0=&Q@+N^ zXCmfqtd~#qJdk!lM!R@+bG0fUI+FaG>}1$(a|#p68IH2}B-6S{-V#FLF6WUaJ}!`# zN|9+K$|L7lyU2=CUHyto5av>6R53+PVseMGfI9e4h^??ik%JFeYJsM$Qck1>@b9q+ zNX%WRr`df^{@U*?N5_sQGdw_F52|XphXtd_XK_XfW2u1tS%eR$oxf1j`>N~dAy`0n zPrXISOf46SGk~#@M zUU4h%{m|ZiNVE&3PEeP>{ap8N7B5``x83=0q@F@fP{~@QF=!Az1It%$cEP-PXH3s& z$5dU0Hr$KWwnG_9L-`56EEm@w{`9xffwvo_0`7;@?K#3RG)mcksX%x4830&K1+wt4 zw6T0}Vm~+-S#VeP(l}YJm#>gasn#j&U5~&c@zO(?=?0l#u@NdSr zGhyoJIkju;3A2x5r?qz?^!=*sbALw%v>!eUSDyV@SG|J#5MB({j3FNkKo0Ls?pOal zBUlS?Tn8}y{nkBC!^*9984XAk>_}$-q`Wl_ayGY4OoW*eIIIASFDPgPRGDrXXDCqB z@XnEs4~)Mz!k9tx;nZ=TgrWUsOI)01g3fb0diX^6!#97@Fz>?l!n)rlhAtTp)z}kL zj_$eSP8>4>wj6oh{BG76bqNr7G+lXXKhC4%0^GwsfV%odz`6$Uv&Wx$I%m!!6=tzo z$;-qod<|zUgGAP14kCpWk=Hna{Y18@CDZdJukle{OOhg+Fs$hmp##`?q>cBvrXp7b znF&^jee=(`|Dh-0`Wt=#zgzGm{Pi{0!4LoYZrHSSS3L9~d0j*|Tjch0BapD2EZTyr z>j1bTi+GWtJlCw`g!J?=C;_q~Q)nXZIu0L&EJLh(Vx1OnM_>~+fS}(aJc+! zXP22}&bD#OOBE2XLrg%(wBke%QF<+3y#>B{{m+c?N4mY`!ZV@R>8B_d1n`s@_`_Pg z6?mbP8?OA_1?SF*IwJ=V@8(Edo>kO#Swu zr}Gv}XR61Zb+#PaMYR{gpHy41$fRYc?I%$IKiSMn$7K#8vwxNblz#b-pZ<8aT7iFf z$31r4L?8SyKn{5v1QGxZDh)ni8buDA;OOw^6q$f*E301K$v=9eyd}9vhgQxB+~GH( z+9FTebZ3z=MDSUJWHn^cB^~qjUm<*+22|Kpeu+#CZE3S8vO^gp$+vN73$8`OG>MQT zz(^J_jm^EbIfEkK=RfJ_Y=H-teWj+cK4aV&Flz9GW3IK=bprJLx_Y4RS8bnr+FKLm z->88T3+21X5rP*k*p;6h=vbGGoj&!0qPl;v?-#ARIg1yFF&^EPb40Oz=2)E7N!AgT zmaidID?o;xkS8IotLhlnBZ|%G>Cp^tIt#`Oz5wd$`w4b#+QM91s6`k(Y!dVvfzUxM z@>h+WaOGK_O-xjr9YB zc35-!ivlnJH+^T)EW9hK;HLcU;WGG_Zmn(Y@S~sJ4cC6-R(N#LG6n9V%bd_Mr>X9G zDxVb&sej|ZctyH96>Ki<#&zaO`&zeQ3w-`d*C*$|x4!)b!054)j`|}NTyFyi`24C( zmF7dIkddJoOn!$mJ4Bq5U&J5Zd5;VJ9jkLWW*gJ!bhtUrGlafEzt{4>#sIGqr2A>! zw;fvAq!anL;Zv-6fRF%SEx^jr&70n+01iN1jALXZAt^w)tP+>SAr*>d=~V`2WiofU zMzF0?cUwWHL zjT|u;-txvXMc}0;<0%m^@@IEH3Dus3xjkUGq zW?SXANFt%)nTS;1v;aRMBZX9mEj)6Rv@yytr` zY4~h-&l#VDrnWi91tit8XSb)t3cg8`$qeuWGI6nAaZz`o)2XO8BP0-rf%331h zn)f~#gBbgj$z*WzB+5G%5UC)}(#01Ek_)Ok`le=RmQ?QCZ6mTl{U!=IiPnzI27`2o z7{+xtzOCD^8Lt1%56sVltL(tRL*bYAE`;yhaX++o9A*o(Nq1Zw!JP42o?}lQJ+B~b ztwF|$S1P$;Y31i@*KdK(ec1>9CY>}B>gwx{Nfh25j4$qZ5bpZjBEh;OCx#*>55pU^ z_4s?>kwx(1pZ>-L|BmIk924{}EkIE%eO0_~#*uRo%&Ax#Z2l*!HZ3)KNEm>?Oc_%E z3$^7{%wE_|d2YRylo?>w3Ba%;WTtwe(C?eWp>o9*emtZK92p?Vi+vjN0)b+savEf- z{^EI0mG&5zM+!&Liix&LCk@iLm4L7cL_={*t=l=Y?44)cABGbDN#4`|D0S*cRN}=4 zi2z?L3#`Q%fVoNmNUaHtauWj?YwUzA$ew!*&{J<&fan;ys=c7G=&ALr$q`0U!Jg2# z0^tRnBjF?mvKo_7?YU}b8h5$O{jg#Fd2?XJnyv8Y!sYIt1wb!o1%}tGlP4q$yOF~N zL0f4-*|>RE^7{Z37H#2gE`QrOQuC*ltE%meMRm_Hu%zJXI|1gMK0RsQ^|s*1`;|{$ zS%TW2>BO-xj*EDlZ zB&t3?mwvW*<9+bxi)9VtBhU%2KlN=1<1b}l9PgEV<&LMaub=z<5jbro!SGRNK*07^ zg5A5QhpYPuO80w_k7x#9*dAZ>EL?oi`AXtSTHDxhmTz4qg~*+2(Ot9oM@dyZcV5;% zRQi|buFIZUA1PNTg8q#ogbv_=gImo4&$DbqnfB&}eBRmyux|Zk`0SUzVXpbG5u=5x z?6Q>`;fB3;!w24d0gN9rJR`brP?o&wfim|SF<^WR!7TalEiX8*AS#;=OXu?W69E44 z?a@WcVeN(;@Ubf|h5r5efa|rF$}VJDYI>$cc;JzR@a-FJe-(g#vW%%?qa4dq>w{w) zCD>_3KZcBKVAu{G?toRBml*J`PoKWIR;Oa=O8ibDBUG@)kV6p8RyQxLVL*B=frAQX zB;!>euZ{;(Vr-R8?UW#fr0{*Amy}cjZM0V$92XZf^C}4noSq`{*)J~?qIJ{o;Mi1c zTlXZPBRWoLFn**?Bb<@8WCdb@R9(v2d@6@fiC#zv4e?5m1RSXdT<*>@*5eQ$)(Fyl z7!g&g6Z*so-V0OHJ|kRlO<)777m{0V+uE~EGSMgnVu8i6Uhhc+&}l&Z(JL>G>H+d? z#p*2yP#8=??tSQ4Sn=YPs^DJ$+WzY5w^>pB>;yR`>I&dk-3SwwP1;*9~he=R^rN8mU*%iWs;Cn0d`1?Qh7>o_5{nC2Lg6Y zlQJZZo|ImQnA>_s=K*+N*_W$cw!r$EJZkp;==&A10Ks09Z7nT{`A3#uJ8^`ZDk1_S zj71*)s-dng)YtWmn0{bX2Qd7%wfSj@ws5IsBIZVpMh+!&B~PCRRZAeOMffBI4#_bO zl59Z3cB!U6;p8x)Pa{^DVCR^|U*W&U*8D7cThMU4?2J!>w2kl-*^V7c?wL*ZXJ2=` zGz^}8{0QvdYv1|W*Vn_~p)b?eBXZ*imAp?kUSVvTHsGh8&C@t$Pc48ylpNyd>H9XJ4Eca+Or)?gaI*UrpARzAGhn%S?<@cj7?0N|l5Qo)wFpQ0MSJiqit zPzwIFwo1S(Xv>WnXWL6dtLqIvxCef}UFKh7pFYPOFbmh|Yu~vO)^6M`k!KOxG6rB~jFiXB4=u2UA1C5mjwS>s z3Sc?};(E%2s>?=3Sg8H%IU`LJi2xQX`6V1W+#!zTHPg;z#2*s)K#o~pZZrUK$idA) z4A#L~bR(grm$x9-HPoRWH z6D&es4!$S|){892Mk64VO;X*Ja?+A(1!nmQ)qyxs+iUEL+)CxZGR-*^`D7Ej$}IAQ zh=U`tDG7VF=Jq&ou4Q1?{*bHomh|jI3zvfbGl8fY4$MSVG98a8a_7^9Y(dr>nSdvt|)TUwDO;=I?+fp@+24K;sma0OnxWVv7i zP*JgjNcF;`au5=)Gw}gSmdKmqQ0u>S4=KwNArdPc2s@0}8i!60OIe{S1KiM?MdjR0 zWSMy+^Bs+mR2j#W6^5u1cu75_qQ6e{A-xWVypDsqu2WdwCVs8i7T`GZ-#@N2daX9)5e^39Q6IVPJq7O(c5R2Y6lL+AKMQcfLUYCalO{8C<2Xvn$9H<~kWhY2D{YO}D8 z(YEWGEP7{^X6xZ45R7aNAb{l{*JL1t23rpMNi6f%`RQdGt zwj!(ER(-HGc?`CX5EnNy?{MEOul=a9D$0;Q)-qcwo^L zG3f$>G1ey$0JyJz@lTXyVb8X}`1|`$z8Bt5`pj7C2{KeLor6E~SMMvc1-k=L5n5G) z6S#%;)YOn;;K2Spdfvy69aZzb@6)v^kfZ2WQII3C=8IGi-*)Z?P>r;Rs` zkG|ir+vobdWdZS7W6t#fd^ef#J#8frCe?|%s{We_IA8`X_Gb!c9SZV8EBe!#-2(~Bv$-UfXJ=`TR;eM9p~EK{cHXs`?_Uq&a^6n zfSnN#umSovy%Ly!ByyRayfg!_wY3eNdwwNba!~2U>x>wcDIzK&KrREInXA^ADPkH$ z-ZNAAvo-=_fb4KgIEg2xFKd{L2H$DD!Jp}(mT(opG{M*gH zfIa(K8OSe}cv5p$~wV{du5u^y#Z}2t$0#Fv%a-n7RL~i##x&*#| z$Ai#*@Gz*rl<5~%z$~pR&9-49#+>kT>CKz~5tF)jy6Ij*-NP1GMR6xn}+L(!|^W=bt^d_G-hS7C6$?Sy?RGVa>Yj zFnPi_m^5KrO@AN$_TZrd*+mL}f1sPk&{6vPBh<<6bw0uk;}eyma_Jfl88jfNnlv^v zKwJAEINW(8(SVzO&TM$&{8OEUPA{aWy8sGcQaQBHB=p1>e7URhxG}?E_wJTbKvoa? zTG|o@-u!cC!TIOT2IQxOidM@mz{uf4l5+|mV9@#7x4$hp*IKr)zY9wH`ty&x1QFl)xdB)|#ny|rG46oCB52i^o%y!~}Bbnt-ujG3Ua zSA$CD!ak*O7J$g`IYWjtCC52x#9;FZOu_fRXMSlP1G8&0ZtSSi^U(%<`ZSi#{iPGK zq|Tf%8Ls~0%aVV?IRzkZ)tZgT?+zSjGw&Zab|if4!v73(ZE%k%J+8m_*!y9`h@qA0cg`OhF?=Yj zE}c`0^S9}7eeA=RC-2jXsuH&p87oXH0>&yyLTf2H`N2_ijBH3&VkBU&k$$2AlOA!v!T6dFe_N8*+R7WGiOD}TduHRLPf+(jZW8R zb6~@c5k6saAQaVt8Dqp*pp%t9Fkgd3XEQRrThSNIUDR0mXQCo46M-xq@H~ABeB@Dz zx}akAaqI%!T3C7C_dWlQ(9*FjIxGkD9RxGS&&}@BantuZ!J2|cW1k(R^=;Me=H&fX zo%6Yjq2sN%#pP40-?^vlxl-)aUP|(Z!M^tOS?h7iRP0jU=l|v)<%}^G!{GkoU0gaI zD@6c4R3l7-<&m=^1N2oZM58>GtQ9|};Bt*2Ok1*qMoxhPf^#EU5ABENw?2}5y=l*K zIDh&TVs1_6-+O-dC~V((bl3EHr0h`pj@l3Xr>`$Rmwg7qj^9rQ>dGB|ySf0jZ|Z`P zW9v!@e|{2y_!Be&!|%Gfimq&kw>$IL{zwpr!VJ|h5u zlP8RZ;X|#vuedY}*x9jvJ*?jKbUBV4H5bMXo*KPYPj5o;9Pzq44I->xvbyj1?hV*|D5FO>|eyL(n)m5&j>$HAouV$)KJ_v zEwxaHWM?#w&XN5NwP>aGQ_i&2*ewC*G5Jm;A3dyMQqLQZ1?VhNAmqvvAVvP2WBsGc z&KC%}c}$!ZRnBsu!f+F^svH;0^)8vI30BbUQNsqqCqMf3xacp{UMUE`*Q^A9D{KD+ zy}$5h$-k8?7-tOV*CzqgW>*YC{7*L$+M*H|m~LOb<`138CoVck&P=WKKnL^-t-u$S zUbd|gSsxE(iB~=erlR|^W==?6SHmTV_TR?MFD1q&D_-1ez|R0=hI5%RaWwQ#S(hvs zC+!+#@mDqs%fFmFX>_?A`0WPC0i(&nF3#Wl*_Bm5W^HAlMyfeBZ=uOWg0TPz2?pY5>z~Q*FKQS9qwLpDed4O*Rdog+drgTzf-EGT+;_coKD_HK^D}FEy;w_(OI8U( zyKc3XU4#foO%4cCxrQ@Oo&x{hSN=v^Q?rg!<+?|UL!_RylwCt?onQ{MMw=6qxHSn( z$P~7+At{-2T&>8KQasM6+@uv-?}n{=o{obLbq#RJ zgn3X`N~!~!O#)vzAjSaD zbNF!C7$mU%0{buBf)?Q1*Ehhz1)VkTFBJH8ytMzgCHqOS4tsw!>l*vRkwdN7_e+

L-?u@Uk zdoF0!F_}1J`rPR=oN1|36k7q#5y&5lY9@$0TBqpROqDC4eNotiMZ{4}FfHArlR&Wd zDs^46sN}=mnjEpu|-oB_) zNk(P%&#Dz;xMAOb{9>b-I&QSGYp7cQ`8fH zd|Z4db&PvhOunooE6J$bA?jYdEdJy=|%1Pm;|ljqdK>SeWcOU#-% z4W>+)0>4}EWOo;a9&IaDuZ8db=vOfJ%u{={v%2~|a0GGyaP9g{uw&P57&Cf=#LZaj zh9=f`ickRH`r;Pom4to&^6uZkAN|2QVf3gGEH992ArVE2!X6l|ND&wZA2~appD8K5 zK)GI#SeL`KD+2#|t1Wlm!_UIn4cp(}U1Me+;7TYxw3TkRI6O`6ZHYYP4a z;}5-!ojCPn+bSEt(*OSTV=(WG>6K8Dvhh>yB&6f=j2{1u1OV*E*QyZ2Ohk=!u*uNN zpWM7}JKW`fe(Zh%N3K%Yn+$SZ4ZC54Mfj-0Xa$n@`~)^z2+0M++S;5c1Lu+L(L z5zU-*0%LBL6iqU$ubF%cDusIsbP7!@(g#CXD}`wPXZIFadmGmulcOKOkH9^q1^bUs zvU6hPGj*Megq=AQj2s(6v1oW~Le7cQo~dirc%HcyqMC!$zPLObFhgESD_W?8XXU8y zKRXAXs^&oGh&BmvTk>n`dj8k4?>9Cthkv~5 zJ#g>x@5SfPqvVm%G-VeIoUuLo`2Y3#uU4Jof)?P@k6E_gj5&1)5LoMW?dSdq1`TRD zZpgy_yX8l)W!uhPeMWs_Kl8KamaR11bYyZ4Dp<$l3L)27|8Lf8*aV;X;=jWE4?O{Y z`ialN4}WqOv>j-dYdWWB*J2nb)?|_kkn?=j*Y_7XfNcl2NmtQWd{+q&1L$|{*Kayz z;9t6}*{~h{?UrA_)*XAY^Wj=*sb24-VL1bE%ifjo2hX{j2U?54zrjOCysV+HuD&n9 zHNUt7zHraw(A>5?Yh|UQCFB1x-!MAGBFM6p=m7>pazY-DQNsN5z`s7FdE^aez8e}F z`?I`&M`t9Yc=F=AoExgnFV1>uBu2T)UgbE1>|-P!5c1sSKpa8>a*@5%f(w-GT}0k4 zww5ce3XaUl%SpyLkThybQecoWgA4|ZfOL^y4p6Bz2s%ab)QVU1f{@f)ChinkSD;;- z^Qai8q`?wB7P;vI7DYwQpzHaAk8m`2!|62`Gdi&xgH2nvRsEarz%}pRo*~?bG8p3* z7nLmqY9~sO0V>xyj0{kUC6#CpMAjI@Qb(vd_+1Tml$zA0>W}Q4A~`uJ`afovHW!E| z&seX9dB_X;5scduDo|UybZYT%{vZmLAxArj$sihQ%_`hHaAA0P-&hJF5@+(^I(1rz z(rMHbf4Oox8zs^iN+%o`NtGyOTrHSTIk1c3`JhUTgTw-o5}b>XaCytEhm~|MB|$aM zaSP1Z6ugXM1f`@OT{d4LiN_(si@?{=DleQ^AY)Cwx~}%hV2mq5lrD3bTP!jTy&7Ly z#M-m&C7Js38Ad}Di$~{gJptfE=^LKZNBm$m-ZMO%aWGz!Ynxg58MFHTVK|$+XR3A zg?~*rlK0Q|)ZWop?3aNH<-FNW}H z-tV{l2Jr74um2E?7&4}UqS*!>w_l80GwouKhHPk_$9B0Ywjf6+3Lbeif1RRNE!^c3 zO%9(Bcx5-@bA^+2qYPmy&5%qz5I{4mQc_cvHZVc%jNZTrB*~11h+B5H93 zW?kE1ZP41j7h2kyVNc6;*u8%%>}Xz}d>sO26jiO< z^c%?_3Ze%UnHG+5(L;xIQj5m4h!@GQJCQw*l5b_}5Tvj(0yn;3XgHcgUM9<2Is^?2 zlO>{LbxLBoq$oZERKUY3>Y!aDHQTa~QfMlkX?riGfd~WRh;k;3m*v;8#@X9V5)jRT zd}-27jFBjC54pXAh$-tgbqcP0 zPdRX;JvM3qpo+=~sB4_$lE^BzQVN0V*)$*6Sm4rKNNC7c^X%Lu6lNYi4@5v&t|UdZ zMpZyVqMBu)P*+$eazaj^RWLL9sBIC+l~dAjEP=dKN?GFL@*$w&XfndqRO^MK zRlRiMkKthF0rw*Z_8$rpM$CvZ-nt?nm|)peV*zrO9aLx89hH63@!99_fzx5$wEqk=x`EbbRW6D_EKCw9c*gg$I%0<*8`=P$Bu`1Z-=>U!xcry4FzAOgO0_q-sBE&z7 z7}!P-$7Os+rx8-A2C-UiR**3kiMAT)?1-Ab|cIhdk*}|6%Qtiz;t`*z!tdW zu}?$u{7b;pVIyGB&@u3@H{A(O1&|A67mZ1{HLct%GAJKAg9-B-iP>u*e~Q3;F524K z;qSlvjYRuTgMWef*Vx$SnBD)M{OZx<)zN;4wKe7!nd<hW@J2LroUGfmPgy&RsQTc z9c++;Hu0~JK}H-EN)xI~BMWQ`QNH%D{>Vxd%0s7Xez@2l4j($WH251}V-4)RWRd9D z5A6pJm~3zQN#o!xZ<-5(1|jU-za91+*a-(Z_9pKS58II=hfGe+b%ywapHDsxeo!XY{QhaEoqsl}$}IOF z$nh<7atpGKtE4kN+qz5CwZ%JN8ff;PFW}B~uFxQ#whG6e1dTmVK_Zb) ztoaouK41kygP6gAx3E|?ZoUZT+7(1mJ8GAi5<6@$Zxe~m9Ufy4)xuJ>;R`8+auiP^ zDqbg&^!$x}=t4j54tWSw%cV%|iV>;vr%K>s<{9WP zj7-d^h9z&2)N^EBgd)k-WdJ>*9M^;%|5*a&=-b2DsU*AKvS{c{j~$(@@Z2V!{TFoq zP8xlxV8_+Mc{Hogm;G(D4aQ!bPo@^g63Zg{2M!AYWDpPf3YBW zwRarOpE*-mwt_c`oMLiG&y5(FQ}w~ly{s@zq5~y;jzX*KXTRh#|BjbQMqmL3gODvd znw5Sb!h~Vc2t-^ZP1GrE!R^;${)KxoY{ckS%$UZmzHs{ZvawzJ;RCRA>%-2xg|Ai| z5Q@y9q=}B#DkbxoRhyQ;eNX+w2mfC8q0;&|mc^2&*nTAQ2gGg=FYP;R2R8%3a@QgG zOq2eeOo~S+K|FRDDylqKEkhwELLpM*w!BYRma@$mV{V|Hb^rL1Qc}=2W$IW%PD0D< zq}&V;$-x}?5oVMlEjPzN1aA8-yprZuFdzJV>fzEi&4ne)*1^y3xgXv*|2*j5uk3YlxU>AA97_Kc4-Sgu#>E(lGdjU} z0VhDr0>G4_s`FaIs=?UP<+r5?A$W4TV3og*`e^RtoL3T2+`9t$vZ&}$k+EyeFk$Uq z6hk=4YRFrtOoBS-mdEu$pmU57W&7B@My^F?TPF3jKrO+HMMD2nbsk2g=N0piaJBsT zNUKWsE@%f;qYLaL#gZ#>rZF~2dab;S8Hlml1~OA;Fnq{jkp-Hz!mi0PS>e-N4+U7Lkqp>aLA76Z=eAU;3)9Wj9d^h`yR zEH&A87@tT_E7kg=SQ8NAUEl~?E2g}jANg2$ZqtvV?7x%7yawv9t^#sF?e4dQF1jQV zPWQb%bQaF{|MJ-9MRPs}gZhoju4e#;f@^Hhi{oQN7IrBskMp>P+vR!FN8g6g&`{S8 z4j*ZQ`no!)1Blgi0LKkI(_fdg&@4p87N9Zg%xL5(llD4E>fdNeq?Qj;)}J* z9`GE?$!Y7d=a~LGyL5kNjVayZ9Sh+XOTV4m>vU_H(44#iywJXDFtqO+lKk7*+7}L& zUV00x!GRO@z@U?MLjO_Hd3XQviKW*B@w3l-`5OTBwXv`Q__zGoPB{JS+_x~8g9Jm6 z01g&rf!XtOJk$K{S_+bf04A-#Ksozy>9SSuy0c%K4GB@82PkNJS6cPR4WRP*d*`m* zF8DWa@K6E%rQ1_WR>9UCyWs=xdIL-xJ5n-vqO#DWbf2USnP*3jEY3&(KyO*8tXFM; zEmy$&JDw&PTX!_Wjkn$d?|B={8wcqI##s!AS{2*ooGD4pvSo9Mlu55@ynZG$1!YiI#^Jh(5(+MJ z$IS^z<1|Df;Hmg5U{>W$b6nxiYj7fzCM1Yx`*x5bS-FjVq(6KGpDX=C)Bw@8E$+Cg zc^YIOGZE+!3!O5DOcEd=7r5j`24hDJg&jNhB>H=k#*eEC{)PT`eYb`W8w78he_HZ& z$KhR&6sQ30fFOA(JzM$Wpbw2En$R9&)wS%(3P+rreI~_MSquy3J?^fj!5~j+$eorV8`=XPGp$q)F zWDP_EKbp~Q+*{>1K^IY{f&i8rfDD-w0%YyJI$-5NNdFl;Y^9Yv~Kp@m06@r`n*b?T45I1u)ml0$~vG+*2`z>#TA7`9ML!mIIqV zdFW!rx*b@KVT{+>G8VsMgaUp6i5G2LfEyJ!g1QM^-zqY`Y3P8_`Z+f~@@We?prYX_ zQEP}eRI+BvBJIC1L#IGf-@z5e96;1X7pge!GUwb{Ty)KQd$Las;+>#NO2y>h_gDsc!|VV2 z^XFk*#{VEG^Mb>qw%EK^nEJfPXnS%G^-6>Lc0SDpbiR`lS_AkO@yK zDotjT3K)eJVA-7wy2V#G#Zum{uZ7fg>$s3IVW3t8&lIF|mcX8I+DS0`lu7XG`xn6C zrOV3Izs^I+zz^-WL5FYefgP}?WgG0=vjIAf9E4gF)sP9p=EulUb&~z*k#VJ))RZcl z`z-6G;M~Dg%6nyWU1J^R07%tZrqk<;TF(!i#yu_1NzrM_^RT4|DB+3G5TkdO#{??& zP1?qp>skqIFyxv!u?K-n&EI620FH<@)eyQdriBvWCv-Y>2!VX(3*AKp@$g=@`|`&f z_4i!I!O{HV47$v80%Y5DaW5>mZQh>wh_%`PzvbNYL#r|54N0#xJ8O~SkP&Y-_T7y| zyCLu7jF}gZ!$xCmoGxdCNP(B=N_X2Bh?G-mti4NtnOYt7A`Ba+~|Nm78o=jKQ; zg`72|G$&EIG4r-;O+wDQ_?*3=Q=lUzx8c6bMO!9Mr53 z*HM}m)>sh8lxd%fX#WlDHw4BEne;#Uem&ghDdXP`^Jo6Gv6h=We0Fw?6BZyur2+Fh zuXHAeIcbwBFb?Z?Y69+c9ytUJ_0@F%(|-d?aqN)Oqc#u%G>91LSUCup3>B3ZqFo*! zHTN<@C!yv-jy53Kq92!JaHQQpmF2b8k|Wa!RHd=u;GO}nW6^Y2`?IrP+heCd%lc6X zi05s6hqh+Gpa%aE;BVPPSpVy}(6MXKQA?s%FSBgFzykCugQ`$^^!-haIjyixxdHFk zwHvmVUb-M$s1PEG@gSsj(seX|exLs0za{Oz8vLupDK~&z|M`>q;1~Bkp$zZ9y;xc6 zoz2U0Jz(Ta8s-oVm@;dGiB8J=^T5BCgGt6Cij?OwP9hAK*}qj7R9WrAqNk4z+I1jKMMW@=HK7} zL*tTCD3b$B@f~!O>5*yq)iBi+sD8=SiFMqN>X0IaiEtyU%u0krzC$7?HgPWTg;CuG zM3c*_H{{X?Tz)_;Fu}ewQz(`a0 zhFHB)7H)ZKkxiP2a$#0Phn)aqSPjI)Ur~V-XPtR+=~e#Gj^=eE21KF%cPC(Rv5)#l`5G&01^f!>F3yS zMY3YWrw-B$)@;Her@q1yIYKrcK<;vt-FK%NNVam1;2i^)IYnq;LWDI+&NV8$k*b{s z!L5>k;|dC#U0~RojJGPt;6DEgcr{S0&Ip>LPcGeq#M~h-pU?H>4B2c((JscEt%s7) zX!{1r$1=AMmoj3JN&z7cUkP#3C_d zb4_+H(1{eux-hnG9+teq*4T6q`j0LHeF5;R>vJRl00juNb8x~64F9%n8CC;l1d5%` zoo)BdvNQ1TQFYnR5*FYxh_e6*L^0--wAIyH@HMaiFMG$uYQp97v(8z#)C_wDDmOfU zf1&NSr{Evo9$xr-!U+76_g@12`}GB%t4Dq|tLySYuU6;ow%g;{uit3eeqS!&U%G{s z;OqYV4*28uy$NQFng>s=zbpB9FvQ@@IPj-~SH%{F>xcp4682xv0n9rV2x>x`Ua26U z+h}D8N90s$oA>R2yPo*I(fbSA%t>d!g=f4QO!(wqR7W=`=m#shc9D%nfZ$j7py_ z*GJ@rqe!(*b`+2IP%}gbM00sGU__IoS}+5hu3R#I!-sH&3Nxb!({6{zsNM|vMh|`Q zKq*JEj%?>(ys_1`tMGe{1jR0!!YD#xYRFgfETJZYfMIq0HSuht1WTQCA8S!t;FJg1 z;LkME9HRq{1+i#ex4asF4KaS%W8jMllw*YK3@p-F*ou{i!rvFY*Qz2vZ>gz`W zboF%|O)I2W6(ta!X@R8FY9%3H)ZG}u!wrz)V81L8*#wXLmM)U$a9+sa#CI+NvI_kv?iW3mQT%1ykm@|oT!R(*&;=DelasIYx|M&7BYS| zKWDPVAbFa;khJ5HY-U#tLUVwMe+Hofo2%SU@dKHOTlooO6<91t^X++2rKMSvl#nG& z$e(;YXYyxNwfAapRZE|Ew};IxL>y|#wJ9~YET`w(NGpJUEgja}YuvD@&=^|ff{e?{ zMc?lgqA56G_*{7Vng0?6lSU4lki3FRY+wMs)Vc*mHchng6l+l>hwRDYVd8*9>7T*< zX2R~yXDU-sbsfNAP19i7=!?s&pF{gg$F%}>9oSqtMw$E%=rb6m44(s&htGokrLV!j z5E6+)^aWD%l*{Ezh>P{0T8qSduhw!UcwRLu0~-$H>nj4dPQ+a3T!n7JV6wX9Q_%c7 zyl&J{NrW34>Y?M{;U53}>SagZ+>7eO&n8Z-ciDl}!oQb2Xi!%VSlmeYy?)rQ4bf+u)zR^`is?oIYh7cu_HUv70Dp zDy>}6HKtnpOJ7}o!}m+qW%bJ%{L6syjze(ct-pbbFPfA6Y{`}d@WHd?K*d+95e7Lq z7=bSr^C~)J&y3#BbtOs|7=H_%{iXZ4b7x)%^JZQsW9P!<0~u*0!Yl%XQBXnh?}70;;u_)JwMHR_BcoJG`+NB8LrTGn)Sr`|wi9TZ5z;V$bxkEP z8B;-M&$WBVrl%xwkA#d^Cvp+p3YcdU89Lga@x%Y0y)OZ>tGv!UU#nYcwH72b+5rJ# zkr1|64aTfC$gxcfHe-(+J7ZFIJV~ZZ;#5**vN#i09782FIALs0O`M9iIIdKAjpG>$ zI|j#qZM=XNzyh;NXh9&fOD*-8zW2TR|7ZK}Ye0ayE0=1dZoPi*F8^}QcfRv|y?`;; zht;qyWUH3|X<3aQ11fPrKpAC>#=+cSA86nRR~Tp|B(Wr3-wUH+81RCuj#kub55er> z+-B92p;HC~paBe1{NT7M31BgNv89mm23-N6eU?+FUcp^dI_uy*_irlGo9zPW>~#r<>*G{N-|YRreFYuB;}^V`c;>ek%=wLkgWqmfD70G;)I~EmkMEA?wXM2p=6D+<&X}| ztsXEt{~c}&pxPv74)M{~*Y})$f9vK^#{xX|q!s{hyg~f)4Rk!)`!!`M9TWiI?ccxC zue0wh~lG9wC3 zc2Wy^XzF4$HU9QvpQ3Nx@?F0-%pE@Lz(09>z zdUlU(>wvXO=bT7^sQaY6W*+wvlwWnronH=Hek-$&i%xqzEnBoA7sxy`ZAJ=_`VXAb%-yOlH$H5SZn001^avgqF=_Hj9cacQsUzQOQBzwj4rf z6`5YT#_>bO^^omDX4|K@F^e@x(0sgH6J3&d0If!;+~RKc`4o(j#y1)^5{Cgd8v!jAx6F!? z_5xST`C%Mm01)Gu6TqvOa11wX!-0?SMw7B>)ieb{7t}zeBc2?7mCVNdnra}7C`++rHrhlD=Z>c9>XLp3^P6E*#P21<(<~@ zvRXj3QVW@y)1{46uUgK;y(bOLPbcLHPqsZ@4lQKR&s~$5%~l+ke5-DBUrPjL$>7vD z7kd!c&WG@GxD0-3gR=q>NnZERqG_z}hb-bjfOw6bB|?x^N-%J^MyuihO70IRg0Eo9 z`z=op-I$-78FuV>oHjhAb&{&q-zD>oPr7!wkXdHr^-q~j^QNCfGY6N_yqPE0|2Avz z7#ipssz0l8q}{&fk@V*iJMW>bV_z|_Honj7#mE~Ev+q!U=F67<=GfP}U0R+bI7IQ{ z{N-0A0I+HUzVfv9(9po_9$QpdPgj}}ROd1{b-}nyKdL|1ZF!Qu^7E^oaROGc1HXRH zKh$59*~OKsuc_T{OG!-Qq|K4dp11!>&j6#JeWB8TMw=~r~tsq5x8Oju77B>aBVM!v*@Auz`p)LI=ElATmP@m{uTAl*g;~=HSqA?OrBm*g*M7HV1it0<7t-M1R1-sqZWJ!WNMrxsvG*aR zW!~R6l&-f8{F?|S882CKQ4IiAN7DxE44o$#3b=b@M-6yZ$53T_Vr9FCCSBiin^m5D zWwnZL-?fcy`oTZbR%LS9Ic5#bq07#C6U{qfktq6<%?|UNl7-b~y+Ckcy0}iy*7vS?14`#B=Gr8bl;%G&BTjvO-;*_RCDC2XGFhiF+nRUKwwGF%acnZY~ zFjQ6YhYh8{Dv`=-dg(cF)Zc?{m#Oj|>?byo=>i{R>!KKvyjZv5CALO>GH?u^LQ5P8 zkz$$PBi3@0?ZxtpLkzqHa0xoojk}8ke8>+a#K5Rewag1q=-)-D3W9hQY5LPuGU->- zMzao)AYTha$>t?R=`}VgJBXZN{K8?qdSw6r1L`_ARVHtS5dwZvOD#x1!)MT=LIVno zh)C!`QVBqLwq+#JtAzwWAT;3grT{9T-66)n2tjoD4B9F%Z0;eGt~_&hBS6{8I-eV4 z$F1EwB9|#US0iU;Jw{;XS5!b}yYQ6SK~3>VfauQ01e#FDD1{9O6VTWMo?_Bv3BPp! zn)z(BVv+%(x!k(u8RsVwxya%b|`l9 zhGTuQd1$a&VQFnK`>WL6lRB%=`=Z_!%x5$Au1WNwfttP4fxSV|OlEz|(Yp{mu;ttC za~94yre=+G*nd>iy&D`DrUkQC(~=|3rCEbV2bwMUBnGBTr{NkH1T8w^3_6Lftiiy? zpZ)=D-1bA-vg7Bp|G+MqDEfZ(GpF^>qDxQxGdga;#T3a*M0(3r3vk5(tiZpj<@W1$ zf1(D^EN;!plnAbm#;;MGIb1OSdzpSz&-sUs{gNJfa4{w%=-!Q*DR}S3@6mM|-$rXr`Hivbcn{5(I@^0qvDSQ!ncJ*b<*Mi?=dG%D zaVc;LJPN~x4l%FnC`O<*94*(rNHx*A?l!F-tu_Cq&&Y#n>2ZDZ*h9f$)D$2vF&R}A z1CUU4cV%#M=g3ByKGH{b-v94(*;#Kkd$xDrmXG{}0{@!hXTNxuKKkje(OZ7?LRzwL zIGd}5*{)&mAQ!VNQ~7TuIQUl`tCwC#pTBcf4Tx2GfLERN-s}dJ&Dn3JsRPp$%e>s;CNLz5_3+tt z5xJPtKuv69ej>vmP^)1jxWOXY1%(n$OnLev3XkfACY)4_-8eu>nhIMI? z-I_vU7QV->1)B1`M&1&no6f^ITd<0=Rea)FSfh-t-$G~V4jWo#2K6+W!6KML#9)w} ztxZ@Z1ooT6M0&3=GGk5Zyh$JyFqy40U5G%g5(EV!{~YPBd1fF&T-ktvB{L^${Lxna z=+#{rxTSIkgt5_@WTLjF(EzB?9ohQ9AdGyS0*!c7F!zhiI)bE4mNWrKtIU_$csQy7 z*q@i$-6DMiXn}Ml+g*;3Uc?3{gF$1)TlfN7$W#wc4`Tbj(>N-MNIGH`AVLiK7s3>; z=_}oj@|wY75eHifdSN6W+XDk46AbVX;kjP;-Gkle`7BJd$`PVUy6(gjlcW@=E11GS zKzd~H5vE<23(z2BA%$?2elz9yOD}$D4}^AfDh2~ z0X~Q&@=V0ALKTb;zulDg>2(`*`|r@SS#-qEa0bf)#@n13C($wUE};dpP78&arARfS z+^Rk>WoYbuE~I5+U)Aq#*meg!zU>FJWyjBG=ibfgGhb|dKmYmpijQA#F}>>4_tzj` zUa`H#q*6HUI?Go;Sp@)A$4&Qqk}g<&RSgW5i)HM~_%^KS4#p{cgJsi?v9FQQgLKCu zzewO;rR}$7;L1_Id;9x4C&i@*Mu1OI9O^_b;{9QmtVT@rj zNSo_%3&Dw$j{?O#wLxQT?ukRl>q>71n6O=R9w9@WS=gj0{xKq%DwR~Kwn7+*K-YrC zrRGkqDDMZ^6#5kU(8PmKsS9P~f)&)#XC9FnF-*E0Q&Jtl(zaU*>a!VPl9`~2KdI@2 zRa+c&15f*b=*DgcO6K^Ee;{wZcACyc*>1b~!Kyx6>ijkLj~yX-c! z0DfFRgQBi$(H5>cVn>io<+fPtXIVPW9(#p1jTOH@KR_4P?P0hS=MK0hw(iZEv* zLBVEG9=9YxvYwZL8r*p|iyj)0d@kf6s^Z-gUswS2%H_fB-gZS}0fI8C`V=)zP|bCN z%(@{feK-`7EP~-8G-5kayl{f}dW{vY;T9iUNf));E^Y_CQT!<~Km#^oo7FwDB%blR zd$am-Ynfg1n1fb!3D`;YFX!-*8H-E4x&;?@Pazwpi zQPc))-@B2X*r5g97tcM8M(bxY+HCRXDvSTO@XwDxVZXY87C!>Jnwg}EJKbESJCB<0Km3tT(ocWB&fmAAj-}}{W<9U>qtXTZ+`oLAKKGSxr+K0} zjFQ<0r|dIJ0^|tyYya=|5d5pa%LR*$o^a66#V5WceRuPHpG)nr#Lu9HFoBMrbOFHW z12bv$;tNIK8SD|0Mp^03Gf zGg@K_V_GW+?g0e(aVWL{VU8X(0|+i~L&t)M8YJq#odv&phhgYc+)X7q2toDt{{ExI+)`Rkh=wlBI4T(qvYA;zp?xk4Je8tS=mK`oq12~-MWx6B#EC*Ydc|S2M*e7B|8)_x_@NbF140!MMvX1{0Ch8;PG&!>Wl)0$8*!sa?G!Mi^Ag znR^3%p1)@qff2h+>!Q|xtT`GPi8)1) zJrsLxyx2?Ay+Y`hZM`1V7%egG$e5Kpv_%KS!?Tu9f8~r>x5Q*5A z&ONg>`dGR2avu+olpV-pj~!f_8AQK!)*sW49{ENM0RHHao9H|Df1z#-E=ngvi?gEz z$ntmA{i|BBmkqy`mdv?;Zu-UB)302+<{xVYU>c81N*|1EuoiT~ykYeM} z@1YNU{cZGt%fBMVF-&+MCVN4-r8t$i&6vUO6?Xq;qOdT{?*FEBxMbCC;vKeaqZ8z) zT7auo;Dt-28Av}pvM$<|IF5}b3V<+Ws`~!G2-D{EBeY=Y06nnb=d|+Jv-F-PI|#ai zzXJchar12<`1eAZW!!PsI$FPRD_#AjOKINRndSJs`^TRBn-U0E9e4k9TL}I=Ti4{?ry|!TiKBH>l;eQ;MeJ}0r0-P^ha*^JUC!^y@OB~u9 zmCj!U{zWan!?PFBMW?^M{?id{EH0rm-%ZzBk{V*~2JB+=l8QU`jE4-;5bRLRd1OYi z#RH1Dq*}ras3y_0K(AXx2vCF-wlxS=L$cc_EaC_VUjoqr$QeF?hJNyABFFYBT|^Wj zaRGuguIemHKH~M<&^(~j^tnEoU+)hwg_f42tTBivyi~tC43M;ZOqqf-Tbq^P;U%0+WVd z@0@s>_X0%;CbhtA;{oExXo5*lf>Tw1QIPN?uP7P2^RR=O5U$23GA&C^N={vjIT%}Z zjGCrM4q7xrfTz?T!+uqiza2OY6|e$A>Ec5`o!ijL@*oYg3+0{E?p3Va%e!+7#*t!t zqYbX5+_8cK4mL{zqhRq3-B>w-Z7FoNGTdxaHB(S{IMzeC0I4y>aF$ZqI>c;(4KQSD z5Xuplsc3LQF)$|A$Pkb&po?XLC=TWZ$6Bjo+-a!Iktp!14n8pBAm&@ZUhf9GBW{5OC&pMNu>N`V=P`3v)~q}(g<^IwF+qMco(_)gOJi_oU=a<^J&T5Co)*t; zQ#$wSV|Uy+CW(|3U^;quMGYoiCqTe2-SxM0*|^(Ju5Mm0m{i@Xr7ddsZ0v zAPh{n01pZZ0aM9ME1qYOsQU|O(7o5tjFpaD*$l&?x)o5lGgPm=N!BC4}atnhXwf892+)mr5ir}#To=$zHG5; zSCoX3QQntbfXDvZxZ%L00soq#(*C>drcR;bTlamA&N=pS8lJKE1)q-3I{-NMC+Y9! z9Q!(_qg>AGC-$Lth& zFax%>p*oe;B1*8P4r**zWy_VI#yOiKLM7`NrZmRP$v`GcY!^cG z#Fw232&}P>`7F6P1ft6fcF&0;W}Fz;Y(Y{x-x|;ueng_AnMo~<`*k-r8GCJ zo3`D;5wK2s6(a0v#1Z5s5v9(3k*=d0JyHl(s(Jm{r3sN|6U0cdl~oVJK& zE?h**7hYC>zkg&WZQcCoe@gmHr7POC3{uLC-M|1aoW=U<=4d7#(aFxpv}b7X_8=H<)gt)$<*_@nfp zwVlMf(g$2Kc6~L&uvx1SF%8P`F%@Hu(q6?bObAKlc8tMZd-S<1UTfkxsSS&)r@m;x zkrOJh-t^emI`A_6vxP?uWB~BRgisFg$M#Jb9GffI4fx5;2Wa^!qAlAtq`(7m5937a8ER32>$2(md}{w(+PgDtRa^PDs?54U4gd-j zzgzD73O%&(-tcu5@K?A~>vV!=`ADN4(--I0u7cx52)45apCZ?Co6y05!0{rg+COarcMwl=0E@8-`t{%a z`LPae4B+Tkicx}~as(K5fi}b8z*W$-8ik9wdEbD=V6)1S$+I36nuiAS#2F~)ZwB)> zB$w(5E7^J|fM}612v`FkR7i#;;s@zw*G;}z{7gDDlU%aGgs{6CSObSJqi!wKiO1AU zh#^}$$pGQjAjo^~c7U%O z^9)mnKoR~78HhpdU&aWeMjdm@g_vDd0CyyW)}>=BN-olNXYdh3;hDvYd}+OQ4<=yI zZrQnx_8sV``cI!alZFOo*SdGri;tgwIi0ZJ@*Y{Y3@i=k9^2dn20U#nQX}dH9X!hr zdg{PTT71My>o0kJ6%e>{>}$u~$7#o&$J0FAKX%=f_TjYt88kfe#5514_RpdtXPrp1 z2ba*Sp~WG%Eeohp`a-cu5i#10iHs{Og5LRx578rEy_=rcxxQx3{q4=aL+@Mjnf9cu zM3x)-exQFg&FNpIlx^fKtqn--|9t(U+KG59L4MbH*VE9{S*F#odlj&$h^b5o&CwN$ z&Y?4ozAOQn)%&km`5PY4lWr1R7}2hHMYq+JGw-U^%ZUY|KRi0lULn$G;p#c6>W*Nf^79SSZ zwf5UTre8k1k*Hs+0Ltx}PRDJ@Dw*+1j>K}?&0%chcrg5&LBB52et!sKQfCXzXk{yK7 z)!K){s_baysI zL99tuP5jfufBo)GKqnf;tA(Q1vqJ3Q0lBc19Esfp7b%&lbub_m$i{6JjRE}&Yy|$EmRm8zK?osd5IYWY6PTnO7!#WRhI_52r11HaGHdtH0e3NsX z%Q$4T{8+Fn%6?I>1a^L$2%(*LEiPHzvMxmB#Bdr%M0oH6USOA3!@T+?qz73X*=x@1$8fvv|n8j@8A(3m10Eb1G1*Ip)q>SYOAKzUg$@F~3E_ zGfs|6cTT7no`u$9PWM{b!uDA+NbPG_Fj?f7nKihu{#s0{3xz=nWmNRD(=C9o!8j2W zOzKG+1O=s2BaAv@>TJ5^;*ZjGYk$24&F@v+aSj!J*<{ZHOqn|V}D!0g)z$gvLK4dEJK|H{+eQv-kvz_{j=t6So` zU_LVYSk;BJa%=};q2!z6dkJmCI3)Z9Mm$z^VnfY6af2 zYg7QLRMujgAV**SGz}Ka>0I;d8FNk2+Sws)_~<8#;NRiql>5tvAEz7s?u+z}H(g3g z7Y?WAbddMvodcD`!EBnW$Mmsld;3}Mr@y)7x9jg4XW;5*6aA=Ke|eyz{WouDai{&4 zgMvoylw!gHf7Q{}@_X!}6?D;QukW<{27$NAXkkD!F2Mz?I{r|S#Zc-MMnZ>uO5vhS zBV7aALE+*;WXFr{=YUJ1Btof7=7Of5LnbDi=oSbvD+%kRegRhZ)HMJgB&H%0eYzMO zM*$B^+a=;#x*{+KqHG8<5E;Qm_mW+R+LwWvu4G`;ZX_%Tv-_{auMpVd8bGjd zR4Y-SAm2yaM>r`L&49A~!`f2HRd5~1M_$(}3X)|T37d*4p+MAzY%{b#slG?dR3LA1 zO#Wm2sL43~fV@?4V*nyufGtC-X^A6aTH!8Dn^&s)WH`G-++sSJ^coxUfbK#dT=#nI z2N3BGhfVu%4zN1S6A5FsS(3L-=tbs>LI8TJv66nAodY3RpkZrY$=$W=uh+OOxmz2( zPuHvfp(A%5BT5sXI|iA(*-vQeNX5yZ)lZFKHfLuh?ImoPAtcPHm0+BBomFUOR*uP% zifOMvx7!)#=afl9n^zRZb!V<2X_=B>bR`#3Hs;3SBAK9FvdOQj>dox!2p!8gjRVms zXx0xlYb}#Equ~lxn=T;KOKT*XdCU*P^QD5R^V5AQP>2 zac4QRNY_Jx+1%Yn0zE)!kSG1X?4G6{Ltf__z`4=pWidYF{?Yu96;KYn20^;Zq3h&q zhb8NUU)@D@#bzmi+xxb5-G66Hn@xiQLo{>RQaW$>pLD=Kjv_@$E%pp=xte|7Sh?lt z^^MJQg#vRe<^oZ?vNrLM6A`T98Fno7g0Y=k|AY~^jx|{qcR=mt4=C(7wkD~7r5w8+ zJ#Qtw_3S@Nud9HwkKcMNmE;Q)D8;(tBgLI1>%OrUR6t(^0yam*KCA%2KluDb^vKqG zJZ)C33kb$nJ}M2vBWEtH|6VZ~tM_&%5jh?kw?(@S>nVW@c&o+P&IhFUK(A4-yOVSK zc6+cKAkBV7K0KB`TeNWggiEgLHehp9EWkW{xS(}4v5y7-oPWd;m;X#8@UJ8?9CXnfhgM1_Vr^Yz39XVTlx&VXM90{)-d|B(6y4o=)F?Au2p!*`_b z-*(oY2C`j~l=9a-Mn?A5tiKZYcg9H<)y%&R_!or%oG==a>%Q@Tm!VvP12l7|(NSk% z_SM<0xE!7KG||hkO?Dn92NAMiD6kG^5{8)1B!hlFbNN_!e`D$h&tqF+G%)cbyV6 zZ_}snL-tLQI-cVeFv9xi=Hw$;z9T0Axfff2Hr7oTCXRu~!lbKb80fNISOj{(ua8W zkTl8!pcUH6ImlcgtkaRf9(IrsE0`l)6O3L&LZdhUomdwiV6Z3-7TRFmq$Rv5${0*h zwl^yXMW9n!LJO)Ts9}Hr1`K5#RH#H6+85R@{6XuKlQddXt7!g&gmfTLAR#QM2NoF@SqV!z|Ib1-{}m@#$(i7-z@XpR_rQmfQJ z>*m(kY7J*bF>-snD;SA+&kEUs@Z^%~lGLb`DkcVOL6rb@THfZ(T0}Dkm(tnC{yt5g zI*+v0ZM4srYDKy<7!5*JH3P`n0B0S($c0sX96Wl~6#bgwPZ@P1zsa~YO+QfA@(UAC zt6xtVsrm1$KlGUw`$v! zK;W0|x-qUtnFzoZHsw&S+JKv*Vl+~Z$D`keg)T6%EC_3$n?-zrFp(m%8o`uin2$$T zuKR4KuPjo@F|6Oij_5@TCsqq^C%IfoaA26Hr-Tb1m6mo$AhM3DAbJPy-Cjtvh*u;4(qo=x8%pUQ;}sTrd)snj1;8ZX`w(Z;{(I2 z6EI05HI3Z5SS5@vTtMwxfRlJ6QA}Trv}>5czAY}89B^o3jlv)cl2DF`so}eD09-cY z)lwe~o924yEGJxbduiZBj+e2b3|hP0sLgfOjx4E-NzmiOn8nC{P_98JIfX)CMOJUK zbp2FZJi?dAU{Y!0>Go|!qb^voH;cKxiERLC$(2@euLTen_Jf;LmMJ6?6C}`z09-fM z0{eV5Ye)iw-WfF%gX|e37JJsj8U)*i&3c9Ra7g^DP@2$g5-7*_U`#-DGi%HO2?WdQ zC5J7iB?Ann&nepKpxBAh-~?_hOj>w|MsR6V3Quw54F^u~1AeW5cd@plcBen*+Bz|= zLb7iyhFWu^aYZ17ZK&@sao(aOdDnFji%D-f20JF6J*@O{fLiaBYQc8uz+(N?gRctE+{WMUkzfCt}A~yrW4Jl;4ki@eGWX2r5=oW;ZohX}ylumobdi7_Bk1+S?(p;j!cN zm#la}ljB2`=Rf-3L0WZs<})M);EQ_j^L8IroIbq+>J3b%L6(UQsW3A|Es7?4YOiKS+HCJxh7<@UgU} zVf{J0A}`*EqzhmpYN>&*_d7_O(3;s9g?5XA6f=25nP>r3K;#LknGs#BYh*nQ12jU~ z3c$#_umlD;!XID--&jvMj@8977trW#SgAm@nd%^#NlU13hUx@2#WbR_z7oKt>eghi zmJ32-TGI5o1S}htDPVsL4oS@#b^wnPyJpdA4Xf+rdz#q}3W%O@*7|9dn1<43ftIZ_ zd@d2{K_MV$O;FlC#*Ep{wL4Y!OkLDd&z^HZfD1i<5rG-oECY%X%K-!!O@4N6ni{x> zaG17T598n*GYYq1u>qYO<~JTjWy+4U#N0vtK$`z<^)6T8H9&{FZ<8LBx4R;tP%I($}gF*k6xCP%UZgFt#u zh|Ex&?ugJWi~(I=z~WY(jh7P1Zn%NyC{V&N%$CT`goV&nYBOhMP;|D^0)c=?xLO!( zFU9Ht0#+OMT>RLq6Cm?^-LJ7WYACK^D1xJ_j=F+ga@5tTeO}%mxCZXRz_$<$o2?dY z%vHOGM3o^Az-tX2y%(?ptYsmm2P7c$L|MESOVBS|Dy=q5eCG?M;&NwC-@jt{8|t5Q zT7WwYx=J7Lo#$O&x7S9|1B@U5nfa)mGE3k+1CQ0$xZHN-V=;B==J!t)tiq}dIE)y$ z5K6+v!BH&2;eN|X6@xuUC|jkY=fOeH(K>XX=W8%OPB?xU-S@!5hZf`*?{j*V$JWg) zZNSe5;`joBoAx;2)WLLZ=bUnB4FXn2#r*s5N6O&eL@~>d!1bO3n{L{?7kN-@W~A+P7t5=^s{(zatB7P2Ue}J)1`Rx6{Jo_SWEEb5tPUeNX&| zuDR$VG<{&^cyv_``=f8lC=D-qq6Pq?qiXrBSbxq8gUCC?S&~V2v$2g<5urc=Y|v)5 zMGS;nk&W_Vr#&d4$RWD(g964EW%1HtC@LZe$p~PJ2t>VQ>~I8Q2`4*lSSs6*=*-oz zM3dLCyx~3)b)Ksn!c|6%Lpc~A(eDyF6R^T~QViOc#&hqU*pK^SzOC%*Cc$1bqB&;x za#v@_@+EYanqWN{jS{eDc98mf(zl3V+Dv30tQq7=+b#N#($C{_AqDbe(j)5*Wwn^G zZ3SyI0vop(jYOEiZ#BP++!7ToN1Zbl{X{hJ7N$k6R5K7CWu?HBlV5yqJB%k}O&rla zCm$=90$vFQx|XS^b;9-XmcuneJ4UoF6X~`xk?3-xBh_VfLEQ(@3^&epMLk4OUX*Q* zV4z&erd3R~zaeVH3+BjpSo&IHlbuE+H#&KwyO^ZLA{2u~x2IY~m`2Z{(b@#E_7cpQ zq~zPSd!qf3^lA`2XY*|tF#mTs!e0;6` zQe?_^j>~RD$37L82BS-uwG&Lu&Q*-qlsC%SZ5gDOF3p@ZyTn42v;5Z)Wj4kdK>_&6UmNq@pi`qzaaNwS<8bV}jkS}=k zF>j^Qk9oHM5!mS5A`o(*SV+>vhTJ3EMPPVT);tAM($-amDoO&7v)XFdt-x_M9Mt*P zdcg@@9j!szyfqi=g+ZBsygeX=<-zLPS1f-cz2}mT($Lh|2}HYo?b~Z}4XLFWftd1A z0q-bnlO)wxYxHxRgbZ>51=cDua$r{9N*zEea|_O;At@PwyzvB3riALDm53vG3Goag zT~D>YNhuZ*7cNEBl?(~#4jPc_MQUDu`b$>67(KGj>Dd0%DDBy$KPF@Ze< zUlsVbd{u`rGc4}d`?3ZgK$E%&*cJ)LZp846MfC3T z{)(Rb;qepdQYxmOZ2g_G^Em2%>ZLSw%lUNerJthz@tQ9vC*TSY{KB0drX4$W(+}^w zmv-#hJz*bX|G)uSeC&o0{Ie~;VZ;`R_(E>_I>xs#BD2o%Y>uQE4#7h0M8wCjki+IJ zTILEihDKrV2eE&+xH1R&V_6r7P1|p;RT?(BmMTLmKr@vecXb(4dvFKPk@9Hl*M2K9 zF8LzJd2k~TmxV(D6-f4O16tdhqhM8}4t+9-u!%%ua?r2}A;jhosW{swsKxKP12v0? zyPJgq5C#Jv*bNqlvL6#rHkwXSIKQm@H=c3Nh52OVkYFfm%z|x&fDafskT7cjX9c2@ zGj{NX9$ISCs=sN-rUxh`Z$y+ESy6Zi$QoTZG~)t7kqZHYO$D9F;dI&%LRM`M zQn#U(Ic&+7Yk++Y#^J%}c#&G5^;+ZA`=jTsf*t7RZcSct!kf)jSfOoV{a_a09eI&c zLvf8wK%kt3_1J3wVFJjjreZnVPZ%6waB@M#cKY?RKG$J;PTMqC0lZ9$Ex zN1~jmh!8gi47LCHwp>x1Bwf&vEV$H6%i5f$I+hKeM*$@)T{jE@R9+fc+Nyc*4(!8S zshvWR$F8@~3UDX2?yHrD$s7DQomn0i!oYc`X2xg&lRDxuk^#`%b2icW zcgJ<5qxZfwpGiPk*|~)GRrn6Z3+r03JdRw14bUUUJq*0{?bwJ4ow(JenTn4IlZ0`<)8( zTe58VgaZFmlrr|*_8r))=m?YV;NAte33%BR^RHq6)~7!@jizpVrMkSmI|gXM{#Ven z2QQ@q`#Lbh_a6RNy6Sh|PXG12AEb5nKRh9y=HQGyv~>BSGJ9={%0J=@@>Tw;U}97;@CLarWl%1&fhUfjZ3=DaLfL^L)FkSfj@k ziomxDn0c0u>l2daK@9jb`frH6nOLxX#rP5dnF zTN{5sHNhjGsavo|X-N_J0jV}t>sBMdf4F21mZ>JLg@g3BG-f%}o77K+LybC5`D1a9 zCBeNc*8*RhiP~@#L70o8^opw{+}5FF2Vgc-Q)rNpNzio26u5@7OuDJuQrNN%X&Ddp zt*6FWJlYEyaNfGY`=nhe)OnWL7ZGe+ zA|CO#t1$9VKKW=MbDQ>`+{fU@gw#&8C?K>}AqQ=wonPbPejD%R3j69^RBB~f-T3ALYU3#FC#*#f#TZB zB4KD#hGFvSJe&6RX8+OkCb-BEZrzIAqszLr@mNXw5!swZv;OSf8I23(wt$=H^p~DO zGiMCZ&I!iC*|`279d%r0{Z&R8`^LVQxey1wz`)M4JmwCM(#q2g(BSmWdp^1O0R8wo zyJ+P}(ZtW-U&Z_z7??U?p|RQln2d?pWXJ!EAzb0{9@fW!xj(73|C(dkhS$^}U~`;x z@!Qqw7q6a2$6e3?3#&h$d|<|ee3Y|?pRU_}qvO=$&!LyEdUY6=IdA}MvM7l7g2Oxw z6xF;?-0_-^lKp<;DK%QzEg9XW@!G`MFek_|W@B0XZ@y*pC<^HOF%SW-KLQMvGIn|o z7A7i@(uSIRes>hg=?=r{3bMe!ZLElfGTF>6xjGdfp@!Hf=QE2w5@_@mP)${dVgxUl zqc6Cx{c$5PXjsr4eJcW_0gb{bpqr4?AcBhHj9Z@+trQ}V<6jE}wMp`RRPQ4xwh$a3 zYn%(I-SCzJof#X?DVH5K{dor1Ly3nMxOFSC0EEtyVdg=#tZL>X!t@xC(H^QK|>*dA!3@5L0fxjL?u z&aM>mNbw`Ny;B^8VnEa*UZ}DqH@koc+PH&j{Z?Ibf?EVADDyDcMLD^A*@d+0zU_>_ zC831P7?955VUK=X-IQQI8(mDL9Bb~00x(&xO?m4p(Ai8Ou#K4E+CL>RF;xyZcG4UN zQK4}+j!51z$kX>mtdVeGocLY?+EHsP%c`VpX9!z=#ax2dow4(d5xA#|XQRijY*RE+ z8RB}w(G;;pbvZUPQwZ!*GZT*k5UsE*GsctTv#-21j>xG{ilpWu@oPzVj<~BF@@wM_ zkJ*CAGRm=iMBY_geh!5UG z5tEcyD0Gq8F~C77=(U$!IN=iTNC$A<{C+W~UT75QxiJd|hem7G-{~(ON#NhZ>-Nzd z-`YtBM%dO8)ls?qR_(tN7Zqa~8GSlYf@B0Vsg5YAG!Ekv>541EkNxw%lfJK7e*1PW zY5kqY@0vr~*LO{AW{uFi<9AJ{M_B3o&0o4X1ph`4_R&d8E==H`ij`EKE}P;YhZ^i^ zxCC3bPR-<=&90k>i|H@N`6dNKfk4X_jZH3_>bYuV(XAtla+=$cY>}qfHG80N&v48* zwfm~>UNXQeR0y8wd8t=O;TB!$3e1zqfmafbXT!3SX-+1rdxb|N8%YcMLQ9QQKqSLR zAW0L3thLkEn(Zp&4Ov>yXpzBmTq}#`)cOP+n6T+C>`~>(vO=IDEmr+ZWM|BwZMD^I zVbiG5)=BK;=4G;oF8F3*X~<+(exh&(m0~_Jf#TrNkk-rrSQ4l0VU@s(S6cZX91y$Ba z&f^8zFmot}m$bx;_E*NmIP{2?s~L;dQ-x*74?}cs8sIWh)uF0;2Jm-DG^e)FG9+x< z1uW=mg(y5glv+8JMy0{dkhNP?Ynx~TjllQPNY>5t2(Lyh6D(aU**F7p-f!g=8tE_= z&!=PsC0d=W_J?4)qAlMezvtw_*?5INr6_tP`vXzmtGv98ZHTfiI8-HHsQ?yt92Sa;Iu-H?L7;5@Q305&TWpF-*}k!v+lwHutn6Iy(fh2e zcv9Sl)fDK7mFpu+Xwy2w*^A7->55lRI4oskKhySY8U*Z^WguqhAErmu?t9!x2kB)O zjL`f=o$J}V2lV6H2k71(?9^))wf8b1t~{+`Gb9Lm&lBYzq?u24%5k=Tu4~pf+)w!uJk%h)U~R zKyhF)BBA=yJ+~}qnC7Ar1nWK&WYEU&PL%!|13?HAuIioh>&DBl z0_;#}8d?*O5~AO0?F#Vj+<^%$e44A5oJb~Qo5bdq4J`xDH(*{`Vg(b-4nk~_?pfYHy2KK#MVx6S8 zA^%IaMv08*_bmyOlBnG=3o-M8R55E1#2U*;2@ze_>8_n(UFV>v6=@=-s;wwmYJ5p6 zh(?;mYK^o;N!I;^OE4U#AXo3JqCHxHnVbs*s^UmR@Lb&!kZI9&N^RtJX=wz5KsU8* zFhh^myaw4~pVz{S>0IUPQN~+9tQrC|0GoG}&ig9|E?5N?xmZw}VOzQDe&F&i)0&l6 zr!{j(8!f=u zOZQBO$5rY49ev`%q2Ax_9W!e1uL1$vf_h&NkBqwVA`e(r8-+UVO-zyUX>QTMSH-=6 zr59$PaceMC*vh&!*j$rMCzu1d&yc2Aa%=DmM-IfF&)(HYi6a$_NJ{Y3&gQOHYE+pYfVi`)ejV@-8G z8^LQk8oUb&@PA=zY$j+{1A#SsehFVhX{;u}sYv?z4iQAm>Ip*pM8wOx-?ULD)gzd-Uw97{C4f#o> zRx_w^kqFOC6)9>%b?c8;s7D_-Y^oZ7Abz&ky<-~9;-Hsok%^i9?PKebmw-Sf` zsAimN-BCoyzsj=6TW=X~G_AO47a(W(0gH|`U@Yv40SCUQJW_!CkaRC$SI(*wDa7Ry z5Zh=n%J(RIp37{BEPvR7@#%h~LWoh$g*S&W?EPE~EyXGp{b*SVe3OIbw8O+Ek~Ql! zQpxMmq7n8WZM5K3>d3XJT03OKIXokB!nO1@V-i4;P3&FaeLISMD->id#M5RDY-w#s z%nDHPBPRx(U|O&N_C8{1oS5gxW}h;QSy`Zz@rh!oN<*=pSrTgiN<5$BfZP~38Mi-G zIpOgj8LWU&1a8>Ud0dtKgxN$BOh|Wi6;nv&fViO&e5x3AzjpQ?(fihXx~l=$IVxSi zKls8W^zmD-r6+c*r)=(oX!kWcW|UCLjubnmB0b_fCfDAR9aK+V^fF%s1bdBQCcQru z3Jc&MHbGF)2nxjziK5%L%#S#nKcv=i9e%Nj)g_o&UFJ3KetWG2_&h@ghxBXHV+Yi` z?;F`ek8Zv{-xV>I57pP9I4tm29gjcON4Ndk)EWS6o#&Wj2w-2k6!VN-=}EY#*n@zT*+<3vs~CXx*tTUJZF*!;-TrHf zh(1^iz%AwwXy_$f1D8XP_oA?cV0vFQ2`Kfu8Z^2Yn+&r5*-^|U=2c`iNFXv0Qc(I= zky9ue!A;%PS88Z1dvBWVT6xzU(@`houxvTV$~T#tQJT#@_l?_9IY_S{w1D8W5Va=_ zw;I^y)=iuIlGC;z5@UjzB#jjqkX&tz-#K%^%{;2I7rBe2Utn@H5~cv5id1-5IAn_; zTvTGD2)EN?6f73>-2V~YfQXrs1A8d;3tDaqTq(rc329bT%z}u?DtR$+wJ$NrlU`m_ zc!;7XDZfBa?NuBIbY?9FF1Cnr8QE$11!=`e2EdW@a_i(ON;Dv$xvDifEd$ds6dj+* z(#*^n2^M3Ip_0!Wn4(o4u}xTBbE#o*F$J}`Ew=zTCc7;T0JomDu%#3QaEi9TNIN-A77IrEy{2Y+v*uLVtt+CuQG^o_fLpbTsv~LUWI>$kVrrpY9 zMd(W#&EHt1qqC2t?ib^Ft{{C;XwqX?#)M2O7rl)B{B>WZcb<1$4GK2LcYgT=`hzcC zLVthjwRG>M?M}qKyHm=Q1>&KN{<+!+a<9F+GsE+Eq&R_mUWeue~!l4V| z{%PU+99>^)Lk-?d`@EJ0VWfPA%?Pc`PH!p|OT5bkO zpIfQji1w=tXXMWmjel`YPlCWABr~Gk4bx~W)=96*t8cX}%!%5vOV?5#H>?3%cj2N4 z)@2n{N;z_|n?;nv-9l|QqqRMiB4i%>dw&eKa*)2slh;?vrA98+BbH4? zlt~KI!^-=F+LTI{I-$$#Oa)?ahp43Zlm}O4prNIC)V^!cR~D?>9A)q)hn{t+V-BEc zXU|$p8ue%Dz+H7=BNEXzqMm^rd8mhD+QkE#98&_&Kyx}*6X{5X4P;9+Y4(a+uV5Xn zxwW`pvr~803_VWNn`l=~lGwBAb<|X3=Rw}108-pL)EMI60;Jm~wC-HVfEeb!gj0y! z`Imr81o)V8O(tm5Orf6$ZndE-fKY7kE8*@cloI@9dkK0SavL1JAdk`Lfp)Yk+4+iF zYv@pqPPLhPS$V&dne@K(VZhue{~{Lc%Zyf^opAjJyq~&!18(vD^lr8Y9COK^6vsWL z`V&Frz0W*U*x%F-i`g3zXwW%>!AXJvLRv%wV2E7d*qlAY`V4XdM=@*N;AO!elwby^ zs5Of={TCkrSX(oYc@H3*tIrV5D=?59F-}A?2OPFHt)?QUUQcBr6XC8eS9XV^M*Q`bE%CUu;h*2sXP+-of(ju%Ji<@K3*yqj| zn5_%16gD6D`yyi{nt5ux&G&L?y6sT;q6pgKCjaDJ89J@4G!hkRKVW@>-uQ#?%t(e z9d}PY2H@_IM+NYg_l@fBOOG0)HLo3}wO`vxlkL!jj>F&mxYGPn;NPQH5JqM_tM}Ud zL(X7I0g*#ni)DA%m5FMv;i_4Clm77C6QZ1xvoO^rCW2`f*RcmxRjDx z5`VOZ&+x;^JyP?iVdfTKGfSi5T6UX>$2G!KOD{T%7|bOP{wY^snalw$p=zsaM9H*0 z9~KTxdC6*7qB%gD$!<7sh#Ciq`u0ANs9u%kJfg8?@S3PaS7-GSkPx(V)1n0%8w9YV z2J6S02xP@91vIvqE9EUljbV1P5@tOt8|i4k$`lK@Fy7To;Q)*Vm7)sC4dPb#k9BKp zfX?bUMZV2eMqA49N^8EvlBh_GCImWicKADk3IjIFCnXys+F5zI*#(^;cSd6oyeH5NW_b1Q>j`s@#H%kNsXrE5(fnIrD6A>>a%XT=aclMyKYR^v0~vl zbj9lT=rLkqCg)VnMVnm>#=|~=GH~0-(y(C2hg-f?<{(S5g)f_M5X2N>jAsA;r-$okxsWXd;H>~X;*^Cl$#X!lsC3I0{>zt8sAyCcup zfjNiYT2li5D$uWL`8_bw-!oj$KjT6Y2ImS7E{_%4Dh`oX5u3c8sU^8=%dSOy5LLrO zyp*))MgGW+na@hBBQ+QWr@*BP=8)K>l;n}V^|7T2Ur}hpu|+i*<0QOCCPSDC7L+@e*p#n=d%@ZmzG~400000NkvXX Hu0mjfYReh& literal 0 HcmV?d00001 diff --git a/examples/saml/redirect-basic/src/main/webapp/images/rh_bg.png b/examples/saml/redirect-basic/src/main/webapp/images/rh_bg.png new file mode 100644 index 0000000000000000000000000000000000000000..b0e6a006d01939c874d5b4669a323501404fd79f GIT binary patch literal 577 zcmV-H0>1r;P))7UD0000PbVXQnQ*UN; zcVTj606}DLVr3vnZDD6+Qe|Oed2z{QJOBUz<4Ht8RCwCNR#|ezFbG4v|5194&h%EQ z7iW-{^N#8)biB=x66UZ=8+u*&n!VI_`1zn1}l)*r;5# zId*)`n`JD4AC6bv2j9&e5Ik;P9q<0mI52Em`rdewe~j}bE}M@P`^D4n50i(nPUj{3 z%K3=GF%#y_AteuY{C>@G;lw;28YZUPVdMzHr@z?^+z@{Vxv%qw>Hmzqb7PVFos-0+ z)jU|ai>Mb?|M94sn!gXfmQ5?zR@}XY1~)6071J?pmg}K%dc*w~&da6lqh`xF<>;h4 zCqA|oo%gLg3{G=>jHEQS^+WYr993J;}Cm!rJq)rkm7mjW<)TSZAuPBloGI*I5G>50Vq5 zhuI5EcKJuR$I7JtsrE(B9P7J>P0slEuUUPLMJMg;|FhHoklDYE9{~mcktPGm_3Cg) P00000NkvXXu0mjfQR^Rh literal 0 HcmV?d00001 diff --git a/examples/saml/redirect-basic/src/main/webapp/index.jsp b/examples/saml/redirect-basic/src/main/webapp/index.jsp new file mode 100644 index 0000000000..5b3ecd4e27 --- /dev/null +++ b/examples/saml/redirect-basic/src/main/webapp/index.jsp @@ -0,0 +1,10 @@ +

+

EmployeeDashboard

+
+Welcome to the Employee Tool, <%=request.getUserPrincipal().getName()%>. +
+ +
+Click to LogOut + +
diff --git a/examples/saml/redirect-basic/src/main/webapp/logout.jsp b/examples/saml/redirect-basic/src/main/webapp/logout.jsp new file mode 100644 index 0000000000..05ef7d3596 --- /dev/null +++ b/examples/saml/redirect-basic/src/main/webapp/logout.jsp @@ -0,0 +1,44 @@ + + + + + +PicketLink Example Application + + + + + + + +
+
+

+ Logout in progress. You will be redirected to the Login Page. +

+
+
+ + \ No newline at end of file diff --git a/examples/saml/redirect-with-signature/README.md b/examples/saml/redirect-with-signature/README.md new file mode 100755 index 0000000000..329f554e80 --- /dev/null +++ b/examples/saml/redirect-with-signature/README.md @@ -0,0 +1,270 @@ +picketlink-federation-saml-sp-redirect-with-signature: PicketLink Service Provider With a Basic Configuration using SAML HTTP Redirect Binding With Signature Support +=============================== +Author: Pedro Igor +Level: Intermediate +Technologies: PicketLink Federation, SAML v2.0 +Summary: Basic example that demonstrates how to setup an application as a SAML v2.0 Service Provider using SAML HTTP Redirect Binding With Signature Support. +Source: + + +What is it? +----------- + +This example demonstrates Keycloak SAML 2.0 support in conjunction with a servlet secured by Picketlink's SAML SP client. + + +Make sure you've set up the Keycloak Server +-------------------------------------- +The Keycloak Appliance Distribution comes with a preconfigured Keycloak server (based on Wildfly). You can use it out of +the box to run these demos. So, if you're using this, you can head to Step 2. + +Alternatively, you can install the Keycloak Server onto any JBoss AS 7.1.1, EAP 6.x, or Wildfly 8.x server, but there is +a few steps you must follow. + +Obtain latest keycloak-war-dist-all.zip. This distro is used to install Keycloak onto an existing JBoss installation. +This installs the server. + + $ cd ${wildfly.jboss.home}/standalone + $ cp -r ${keycloak-war-dist-all}/deployments . + +To be able to run the demos you also need to install the Keycloak client adapter. For Wildfly: + + $ cd ${wildfly.home} + $ unzip ${keycloak-war-dist-all}/adapters/keycloak-wildfly-adapter-dist.zip + +For JBoss EAP 6.x + + $ cd ${eap.home} + $ unzip ${keycloak-war-dist-all}/adapters/keycloak-eap6-adapter-dist.zip + +For JBoss AS 7.1.1: + + $ cd ${as7.home} + $ unzip ${keycloak-war-dist-all}/adapters/keycloak-as7-adapter-dist.zip + +Unzipping the adapter ZIP only installs the JAR files. You must also add the Keycloak Subsystem to the server's +configuration (standalone/configuration/standalone.xml). + +For Wildfly: + + + + + + ... + + + + + ... + + +For JBoss 7.1.1 and EAP 6.x: + + + + + + ... + + + + + ... + + + +Boot Keycloak Server +--------------------------------------- +Where you go to start up the Keycloak Server depends on which distro you installed. + +From appliance: + +``` +$ cd keycloak/bin +$ ./standalone.sh +``` + + +From existing Wildfly/EAP6/AS7 distro + +``` +$ cd ${wildfly.jboss.home}/bin +$ ./standalone.sh +``` + + +Import the Test Realm +--------------------------------------- +Next thing you have to do is import the test realm for the demo. Clicking on the below link will bring you to the +create realm page in the Admin UI. The username/password is admin/admin to login in. Keycloak will ask you to +create a new admin password before you can go to the create realm page. + +[http://localhost:8080/auth/admin/master/console/#/create/realm](http://localhost:8080/auth/admin/master/console/#/create/realm) + +Import the testsaml.json file that is in the saml/ example directory. + +Install Picketlink Modules into App server +------------------------------------------ + +If you are running this example with the Keycloak application distribution, you can skip this step. + +You may have to upgrade your picketlink modules in your JBoss EAP or Wildfly distribution. See Picketlink docs for more details. + +Create the Security Domain for JBoss EAP +--------------- +If you are running this example with the Keycloak application distribution, you can skip this step. + + +These steps assume you are running the server in standalone mode and using the default standalone.xml supplied with the distribution. + +You configure the security domain by running JBoss CLI commands. For your convenience, this quickstart batches the commands into a `configure-security-domain-eap.cli` script provided in the root directory of this quickstart. + +1. Before you begin, back up your server configuration file + * If it is running, stop the JBoss server. + * Backup the file: `JBOSS_HOME/standalone/configuration/standalone.xml` + * After you have completed testing this quickstart, you can replace this file to restore the server to its original configuration. + +2. Start the JBoss server by typing the following: + + For Linux: JBOSS_HOME/bin/standalone.sh + For Windows: JBOSS_HOME\bin\standalone.bat +3. Review the `configure-security-domain-eap.cli` file in the root of this quickstart directory. This script adds the `sp` domain to the `security` subsystem in the server configuration and configures authentication access. Comments in the script describe the purpose of each block of commands. + +4. Open a new command prompt, navigate to the root directory of this quickstart, and run the following command, replacing JBOSS_HOME with the path to your server: + + JBOSS_HOME/bin/jboss-cli.sh --connect --file=configure-security-domain-eap.cli + +You should see the following result when you run the script: + + The batch executed successfully + { + "outcome" => "success", + } + + +Create the Security Domain for WildFly +--------------- +If you are running this example with the Keycloak application distribution, you can skip this step. + +These steps assume you are running the server in standalone mode and using the default standalone.xml supplied with the distribution. + +You configure the security domain by running JBoss CLI commands. For your convenience, this quickstart batches the commands into a `configure-security-domain-wildfly.cli` script provided in the root directory of this quickstart. + +1. Before you begin, back up your server configuration file + * If it is running, stop the JBoss server. + * Backup the file: `JBOSS_HOME/standalone/configuration/standalone.xml` + * After you have completed testing this quickstart, you can replace this file to restore the server to its original configuration. + +2. Start the JBoss server by typing the following: + + For Linux: JBOSS_HOME/bin/standalone.sh + For Windows: JBOSS_HOME\bin\standalone.bat +3. Review the `configure-security-domain-wildfly.cli` file in the root of this quickstart directory. This script adds the `sp` domain to the `security` subsystem in the server configuration and configures authentication access. Comments in the script describe the purpose of each block of commands. + +4. Open a new command prompt, navigate to the root directory of this quickstart, and run the following command, replacing JBOSS_HOME with the path to your server: + + JBOSS_HOME/bin/jboss-cli.sh --connect --file=configure-security-domain-wildfly.cli + +You should see the following result when you run the script: + + The batch executed successfully + { + "outcome" => "success", + } + + + +Review the Modified Server Configuration for EAP +----------------------------------- +If you are running this example with the Keycloak application distribution, you can skip this step. + +If you want to review and understand newly added XML configuration, stop the JBoss server and open the `JBOSS_HOME/standalone/configuration/standalone.xml` file. + +The following `sp` security-domain was added to the `security` subsystem. + + + + + + + +The configuration above defines a security-domain which will be used by the SP to authenticate users based on a SAML Assertion previously issued by a Identity Provider. + +Review the Modified Server Configuration for WildFly +----------------------------------- +If you are running this example with the Keycloak application distribution, you can skip this step. + +If you are using Wildfly, the security-domain should have the following configuration: + + + + + + + + +SAML SP-Initiated Single Sign-On +----------------------------------- + +The SAML v2.0 specification defines a specific SSO mode called *SP-Initiated SSO*. In this mode, the SSO flow starts at the Service Provider side. +Please, take a look at the following documentation for more details: + +1. [SAML v2.0 SP-Initiated SSO](https://docs.jboss.org/author/display/PLINK/SP-Initiated+SSO) + + +Start JBoss Enterprise Application Platform 6 or WildFly with the Web Profile +------------------------- + +1. Open a command line and navigate to the root of the JBoss server directory. +2. The following shows the command line to start the server with the web profile: + + For Linux: JBOSS_HOME/bin/standalone.sh + For Windows: JBOSS_HOME\bin\standalone.bat + + +Build and Deploy the Quickstart +------------------------- + +_NOTE: The following build command assumes you have configured your Maven user settings. If you have not, you must include Maven setting arguments on the command line. See [Build and Deploy the Quickstarts](../README.md#build-and-deploy-the-quickstarts) for complete instructions and additional options._ + +1. Make sure you have started the JBoss Server as described above. +2. Open a command line and navigate to the root directory of this quickstart. +3. Type this command to build and deploy the archive: + + For EAP 6: mvn clean package jboss-as:deploy + For WildFly: mvn -Pwildfly clean package wildfly:deploy + +4. This will deploy `target/picketlink-federation-saml-sp-redirect-with-signature.war` to the running instance of the server. + + +Access the application +--------------------- + +The application will be running at the following URL: . + +*Note: A Service Provider alone is not very useful without an Identity Provider to authenticate users and issue SAML Assertions. Once you get this application deployed, please take a look at [About the PicketLink Federation Quickstarts](../README.md#about-the-picketlink-federation-quickstarts).* + +Undeploy the Archive +-------------------- + +1. Make sure you have started the JBoss Server as described above. +2. Open a command line and navigate to the root directory of this quickstart. +3. When you are finished testing, type this command to undeploy the archive: + + For EAP 6: mvn jboss-as:undeploy + For WildFly: mvn -Pwildfly wildfly:undeploy + + +Run the Quickstart in JBoss Developer Studio or Eclipse +------------------------------------- +You can also start the server and deploy the quickstarts from Eclipse using JBoss tools. For more information, see [Use JBoss Developer Studio or Eclipse to Run the Quickstarts](../README.md#use-jboss-developer-studio-or-eclipse-to-run-the-quickstarts) + + +Debug the Application +------------------------------------ + +If you want to debug the source code or look at the Javadocs of any library in the project, run either of the following commands to pull them into your local repository. The IDE should then detect them. + + mvn dependency:sources + mvn dependency:resolve -Dclassifier=javadoc \ No newline at end of file diff --git a/examples/saml/redirect-with-signature/conf/jboss-eap/META-INF/jboss-deployment-structure.xml b/examples/saml/redirect-with-signature/conf/jboss-eap/META-INF/jboss-deployment-structure.xml new file mode 100644 index 0000000000..7b07a0210b --- /dev/null +++ b/examples/saml/redirect-with-signature/conf/jboss-eap/META-INF/jboss-deployment-structure.xml @@ -0,0 +1,10 @@ + + + + + + + + + diff --git a/examples/saml/redirect-with-signature/conf/jboss-eap/WEB-INF/jboss-web.xml b/examples/saml/redirect-with-signature/conf/jboss-eap/WEB-INF/jboss-web.xml new file mode 100644 index 0000000000..4d1aef2bc1 --- /dev/null +++ b/examples/saml/redirect-with-signature/conf/jboss-eap/WEB-INF/jboss-web.xml @@ -0,0 +1,16 @@ + + + + sp + + + employee-sig + + + + org.picketlink.identity.federation.bindings.tomcat.sp.ServiceProviderAuthenticator + + diff --git a/examples/saml/redirect-with-signature/conf/wildfly/META-INF/jboss-deployment-structure.xml b/examples/saml/redirect-with-signature/conf/wildfly/META-INF/jboss-deployment-structure.xml new file mode 100644 index 0000000000..7b07a0210b --- /dev/null +++ b/examples/saml/redirect-with-signature/conf/wildfly/META-INF/jboss-deployment-structure.xml @@ -0,0 +1,10 @@ + + + + + + + + + diff --git a/examples/saml/redirect-with-signature/conf/wildfly/WEB-INF/classes/META-INF/services/io.undertow.servlet.ServletExtension b/examples/saml/redirect-with-signature/conf/wildfly/WEB-INF/classes/META-INF/services/io.undertow.servlet.ServletExtension new file mode 100644 index 0000000000..ffaf42ca71 --- /dev/null +++ b/examples/saml/redirect-with-signature/conf/wildfly/WEB-INF/classes/META-INF/services/io.undertow.servlet.ServletExtension @@ -0,0 +1 @@ +org.picketlink.identity.federation.bindings.wildfly.sp.SPServletExtension \ No newline at end of file diff --git a/examples/saml/redirect-with-signature/conf/wildfly/WEB-INF/jboss-web.xml b/examples/saml/redirect-with-signature/conf/wildfly/WEB-INF/jboss-web.xml new file mode 100644 index 0000000000..b6279d9ca1 --- /dev/null +++ b/examples/saml/redirect-with-signature/conf/wildfly/WEB-INF/jboss-web.xml @@ -0,0 +1,10 @@ + + + + sp + + + employee-sig + diff --git a/examples/saml/redirect-with-signature/configure-security-domain-eap.cli b/examples/saml/redirect-with-signature/configure-security-domain-eap.cli new file mode 100644 index 0000000000..9f9777c4cb --- /dev/null +++ b/examples/saml/redirect-with-signature/configure-security-domain-eap.cli @@ -0,0 +1,16 @@ +# Batch script to add and configure the quickstart-domain security domain in the JBoss server + +# Start batching commands +batch + +# Add and configure the security domain, then add the PicketLink SAML2LoginModule. Which wil be used to extract user's information from the SAML Assertion and authenticate the user. +/subsystem=security/security-domain=sp:add(cache-type=default) +/subsystem=security/security-domain=sp/authentication=classic:add +/subsystem=security/security-domain=sp/authentication=classic/login-module=org.picketlink.identity.federation.bindings.jboss.auth.SAML2LoginModule:add(code=org.picketlink.identity.federation.bindings.jboss.auth.SAML2LoginModule,flag=required) + +# Run the batch commands +run-batch + +# Reload the server configuration +:reload + diff --git a/examples/saml/redirect-with-signature/configure-security-domain-wildfly.cli b/examples/saml/redirect-with-signature/configure-security-domain-wildfly.cli new file mode 100644 index 0000000000..6b65d5e94f --- /dev/null +++ b/examples/saml/redirect-with-signature/configure-security-domain-wildfly.cli @@ -0,0 +1,16 @@ +# Batch script to add and configure the quickstart-domain security domain in the JBoss server + +# Start batching commands +batch + +# Add and configure the security domain, then add the PicketLink SAML2LoginModule. Which wil be used to extract user's information from the SAML Assertion and authenticate the user. +/subsystem=security/security-domain=sp:add(cache-type=default) +/subsystem=security/security-domain=sp/authentication=classic:add +/subsystem=security/security-domain=sp/authentication=classic/login-module=org.picketlink.identity.federation.bindings.wildfly.SAML2LoginModule:add(code=org.picketlink.identity.federation.bindings.wildfly.SAML2LoginModule,flag=required) + +# Run the batch commands +run-batch + +# Reload the server configuration +:reload + diff --git a/examples/saml/redirect-with-signature/pom.xml b/examples/saml/redirect-with-signature/pom.xml new file mode 100755 index 0000000000..d491d8ec89 --- /dev/null +++ b/examples/saml/redirect-with-signature/pom.xml @@ -0,0 +1,116 @@ + + 4.0.0 + + org.picketlink.quickstarts + picketlink-federation-saml-sp-redirect-with-signature + 2.7.0.Beta2 + + war + + PicketLink Quickstart: picketlink-federation-saml-sp-redirect-with-signature + PicketLink Quickstart: PicketLink Service Provider With a Basic Configuration using SAML HTTP Redirect Binding With Signature Support + + http://www.picketlink.org + + + + Apache License, Version 2.0 + repo + http://www.apache.org/licenses/LICENSE-2.0.html + + + + + + 7.4.Final + + + 1.0.1.Final + + + 2.7.0.Beta2 + + + jboss-eap + + + 2.1.1 + + + 3.1 + 1.6 + 1.6 + + + + + ${project.artifactId} + + + src/main/resources + + + ../redirect-basic/src/main/resources + + + + + maven-war-plugin + ${version.war.plugin} + + + false + + + ${target.container} + + + + + src/main/webapp + + + ../redirect-basic/src/main/webapp + + + ${basedir}/conf/${target.container} + + + + + + + org.jboss.as.plugins + jboss-as-maven-plugin + ${version.jboss.maven.plugin} + + ${project.build.finalName}-${target.container}.${project.packaging} + + + + + + + + wildfly + + wildfly + + + + + org.wildfly.plugins + wildfly-maven-plugin + ${version.wildfly.maven.plugin} + + ${project.build.finalName}-${target.container}.${project.packaging} + + + + + + + + \ No newline at end of file diff --git a/examples/saml/redirect-with-signature/remove-security-domain.cli b/examples/saml/redirect-with-signature/remove-security-domain.cli new file mode 100644 index 0000000000..9487613e2c --- /dev/null +++ b/examples/saml/redirect-with-signature/remove-security-domain.cli @@ -0,0 +1,13 @@ +# Batch script to remove the quickstart-domain security domain from the JBoss server + +# Start batching commands +batch + +# Remove the security domain +/subsystem=security/security-domain=sp:remove + +# Run the batch commands +run-batch + +# Reload the server configuration +:reload \ No newline at end of file diff --git a/examples/saml/redirect-with-signature/src/main/resources/keystore.jks b/examples/saml/redirect-with-signature/src/main/resources/keystore.jks new file mode 100755 index 0000000000000000000000000000000000000000..f044ece2844916d3f3b866da57206e710bd5b86f GIT binary patch literal 1717 zcmezO_TO6u1_mZL<}6Ok&CyLs&CO?EVDvOixq5-k2Z&jj*nm>e zY5oShY@Awc9&O)w85y}*84N@Wg$xAPm_u2Zg%Rc$$cghBniv`w85tOuni?5JiSru4 zxaI~%Q8;up&PO(#k(GhDv6sQ1v6HE>kzsY%hIM`ywDZ_zp4pqYPu6hDzO>?9CT5GT z&TW07_e188!ge;JV~3;N1hP0Y3*LDyNuAdA?0J!6n@#y$=ltJu{s$b~FuA=EbhFIFPN%2`EL)P8;tcmlZm|3K^TTo1byYcsKTUr84j7A! z49XcLB?VUc`Z@W@i8&eh#U)l21{MbTsksF?`IV`uy2Y94`tZ1AVA^fa#I)UjkBv*4 zjgf^>i%F0X7}hLJOpE(hhlxyk8S+Y!TjRvJIifK}u1VjfMkxyT-nct+wn*KH*kk85 z39a|nWOQk(V5(fIa%RRoiMf3?Pd1f0e^PR?taI_xeXAz!m7ngGy8Zd$+a-xVg5yf~ z_2$m|dMRn0%i(o~9}n5jQ(D4!MOt~Ql8W!#)|P3fTV7;OGq!qjrsMs!Xu0cLKWA+e z_cyy|DP@}Vlz&;@k*)HY>o4Z9c&!Xb(7L%n@6G!qxjSY~n=zf||5YRL(w`NYb6%cV zv}E_o$xF^hZ@<{A7Fij%!KZV+X3@Wy#gV7ZKK8Vk#CIpdKvZG3iDpXnybA)Sb1Qj0 z#hBfUvrqI|y4a)?IZsQn>Qc2}@vi&U^g~{IrLp9JLwsG*{j3okF)GqOH759rZ&`nb z_iJU+ix^Fx+UxH^|MjVsF->5#RAX{}pq5rC;Klo&t@E|!;T`kWpHw|~u(-A+wR%Ri z-!xN^qBC>eOED!)3FBS!hBM%=drR=2S!Z7z*g5q@aPhxN=f389GPPOi;ol!WvPydK z{r!347N@}Fm#>MldO8+HlxYY}Gq2HI>|-*A`~19r%WswZ3trvQawYaWkLkkik2IHY z6?$LZ-ZwjDsq5yfVEwgDBEhz^X6^S_!lY6ux}bZPmcXBTYjiI}Hs3ExYv{=`d?ENy z@!9X`()N!|Jm_?4Kl*li?EG(>l9mTIPnTmXaCowuuPCeF_Uyd(rz7ue@@_pWA0@rw zW<51Qk#6v$qJK@PhUSKr#>S==(1HuhH8r+~BH28A zMcTe^t_e0#Ic+A}GHn+;&&=}syL9E=`UD#LoV4PA$7rrK0S zzRX&4Ip&0_Zj}98b9tuHd0!o5L*Mh>UE3cw;o!bkz04nuFp0)E@x)Gfa&3;>n$Lf_ zeWlwkZcE6oYAaV+RR1#Mhu`P)FN^ri)-(P5#~?LtR?YE(nuQ7P7n%yT?{&NO + + ${idp-sig.url::http://localhost:8080/auth/realms/saml-demo/protocol/saml} + + ${employee-sig.url::http://localhost:8080/employee-sig/} + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/examples/saml/testsaml.json b/examples/saml/testsaml.json new file mode 100755 index 0000000000..210c459797 --- /dev/null +++ b/examples/saml/testsaml.json @@ -0,0 +1,118 @@ +{ + "id": "saml-demo", + "realm": "saml-demo", + "enabled": true, + "sslRequired": "external", + "passwordCredentialGrantAllowed": true, + "privateKey": "MIICXAIBAAKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQABAoGAfmO8gVhyBxdqlxmIuglbz8bcjQbhXJLR2EoS8ngTXmN1bo2L90M0mUKSdc7qF10LgETBzqL8jYlQIbt+e6TH8fcEpKCjUlyq0Mf/vVbfZSNaVycY13nTzo27iPyWQHK5NLuJzn1xvxxrUeXI6A2WFpGEBLbHjwpx5WQG9A+2scECQQDvdn9NE75HPTVPxBqsEd2z10TKkl9CZxu10Qby3iQQmWLEJ9LNmy3acvKrE3gMiYNWb6xHPKiIqOR1as7L24aTAkEAtyvQOlCvr5kAjVqrEKXalj0Tzewjweuxc0pskvArTI2Oo070h65GpoIKLc9jf+UA69cRtquwP93aZKtW06U8dQJAF2Y44ks/mK5+eyDqik3koCI08qaC8HYq2wVl7G2QkJ6sbAaILtcvD92ToOvyGyeE0flvmDZxMYlvaZnaQ0lcSQJBAKZU6umJi3/xeEbkJqMfeLclD27XGEFoPeNrmdx0q10Azp4NfJAY+Z8KRyQCR2BEG+oNitBOZ+YXF9KCpH3cdmECQHEigJhYg+ykOvr1aiZUMFT72HU0jnmQe2FVekuG+LJUt2Tm7GtMjTFoGpf0JwrVuZN39fOYAlo+nTixgeW7X8Y=", + "publicKey": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB", + "requiredCredentials": [ "password" ], + "defaultRoles": [ "user" ], + "smtpServer": { + "from": "auto@keycloak.org", + "host": "localhost", + "port":"3025" + }, + "users" : [ + { + "username" : "bburke", + "enabled": true, + "email" : "bburke@redhat.com", + "credentials" : [ + { "type" : "password", + "value" : "password" } + ], + "realmRoles": ["manager"] + } + ], + "applications": [ + { + "name": "http://localhost:8080/sales-post/", + "enabled": true, + "fullScopeAllowed": true, + "protocol": "saml", + "baseUrl": "http://localhost:8080/sales-post", + "adminUrl": "http://localhost:8080/sales-post", + "redirectUris": [ + "http://localhost:8080/sales-post/*" + ] + }, + { + "name": "http://localhost:8080/sales-post-sig/", + "enabled": true, + "protocol": "saml", + "fullScopeAllowed": true, + "baseUrl": "http://localhost:8080/sales-post-sig", + "adminUrl": "http://localhost:8080/sales-post-sig", + "redirectUris": [ + "http://localhost:8080/sales-post-sig/*" + ], + "attributes": { + "saml.server.signature": "true", + "saml.signature.algorithm": "RSA_SHA256", + "saml.client.signature": "true", + "privateKey": "MIICWwIBAAKBgQDVG8a7xGN6ZIkDbeecySygcDfsypjUMNPE4QJjis8B316CvsZQ0hcTTLUyiRpHlHZys2k3xEhHBHymFC1AONcvzZzpb40tAhLHO1qtAnut00khjAdjR3muLVdGkM/zMC7G5s9iIwBVhwOQhy+VsGnCH91EzkjZ4SVEr55KJoyQJQIDAQABAoGADaTtoG/+foOZUiLjRWKL/OmyavK9vjgyFtThNkZY4qHOh0h3og0RdSbgIxAsIpEa1FUwU2W5yvI6mNeJ3ibFgCgcxqPk6GkAC7DWfQfdQ8cS+dCuaFTs8ObIQEvU50YzeNPiiFxRA+MnauCUXaKm/PnDfjd4tPgru7XZvlGh0wECQQDsBbN2cKkBKpr/b5oJiBcBaSZtWiMNuYBDn9x8uORj+Gy/49BUIMHF2EWyxOWz6ocP5YiynNRkPe21Zus7PEr1AkEA5yWQOkxUTIg43s4pxNSeHtL+Ebqcg54lY2xOQK0yufxUVZI8ODctAKmVBMiCKpU3mZQquOaQicuGtocpgxlScQI/YM31zZ5nsxLGf/5GL6KhzPJT0IYn2nk7IoFu7bjn9BjwgcPurpLA52TNMYWQsTqAKwT6DEhG1NaRqNWNpb4VAkBehObAYBwMm5udyHIeEc+CzUalm0iLLa0eRdiN7AUVNpCJ2V2Uo0NcxPux1AgeP5xXydXafDXYkwhINWcNO9qRAkEA58ckAC5loUGwU5dLaugsGH/a2Q8Ac8bmPglwfCstYDpl8Gp/eimb1eKyvDEELOhyImAv4/uZV9wN85V0xZXWsw==", + "publicKey": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDVG8a7xGN6ZIkDbeecySygcDfsypjUMNPE4QJjis8B316CvsZQ0hcTTLUyiRpHlHZys2k3xEhHBHymFC1AONcvzZzpb40tAhLHO1qtAnut00khjAdjR3muLVdGkM/zMC7G5s9iIwBVhwOQhy+VsGnCH91EzkjZ4SVEr55KJoyQJQIDAQAB", + "X509Certificate": "MIIB1DCCAT0CBgFJGP5dZDANBgkqhkiG9w0BAQsFADAwMS4wLAYDVQQDEyVodHRwOi8vbG9jYWxob3N0OjgwODAvc2FsZXMtcG9zdC1zaWcvMB4XDTE0MTAxNjEyNDQyM1oXDTI0MTAxNjEyNDYwM1owMDEuMCwGA1UEAxMlaHR0cDovL2xvY2FsaG9zdDo4MDgwL3NhbGVzLXBvc3Qtc2lnLzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA1RvGu8RjemSJA23nnMksoHA37MqY1DDTxOECY4rPAd9egr7GUNIXE0y1MokaR5R2crNpN8RIRwR8phQtQDjXL82c6W+NLQISxztarQJ7rdNJIYwHY0d5ri1XRpDP8zAuxubPYiMAVYcDkIcvlbBpwh/dRM5I2eElRK+eSiaMkCUCAwEAATANBgkqhkiG9w0BAQsFAAOBgQCLms6htnPaY69k1ntm9a5jgwSn/K61cdai8R8B0ccY7zvinn9AfRD7fiROQpFyY29wKn8WCLrJ86NBXfgFUGyR5nLNHVy3FghE36N2oHy53uichieMxffE6vhkKJ4P8ChfJMMOZlmCPsQPDvjoAghHt4mriFiQgRdPgIy/zDjSNw==" + } + }, + { + "name": "http://localhost:8080/sales-post-enc/", + "enabled": true, + "protocol": "saml", + "fullScopeAllowed": true, + "baseUrl": "http://localhost:8080/sales-post-enc", + "adminUrl": "http://localhost:8080/sales-post-enc", + "redirectUris": [ + "http://localhost:8080/sales-post-enc/*" + ], + "attributes": { + "saml.server.signature": "true", + "saml.signature.algorithm": "RSA_SHA512", + "saml.client.signature": "true", + "saml.encrypt": "true", + "privateKey": "MIICXQIBAAKBgQDb7kwJPkGdU34hicplwfp6/WmNcaLh94TSc7Jyr9Undp5pkyLgb0DE7EIE+6kSs4LsqCb8HDkB0nLD5DXbBJFd8n0WGoKstelvtg6FtVJMnwN7k7yZbfkPECWH9zF70VeOo9vbzrApNRnct8ZhH5fbflRB4JMA9L9R+LbURdoSKQIDAQABAoGBANtbZG9bruoSGp2s5zhzLzd4hczT6Jfk3o9hYjzNb5Z60ymN3Z1omXtQAdEiiNHkRdNxK+EM7TcKBfmoJqcaeTkW8cksVEAW23ip8W9/XsLqmbU2mRrJiKa+KQNDSHqJi1VGyimi4DDApcaqRZcaKDFXg2KDr/Qt5JFD/o9IIIPZAkEA+ZENdBIlpbUfkJh6Ln+bUTss/FZ1FsrcPZWu13rChRMrsmXsfzu9kZUWdUeQ2Dj5AoW2Q7L/cqdGXS7Mm5XhcwJBAOGZq9axJY5YhKrsksvYRLhQbStmGu5LG75suF+rc/44sFq+aQM7+oeRr4VY88Mvz7mk4esdfnk7ae+cCazqJvMCQQCx1L1cZw3yfRSn6S6u8XjQMjWE/WpjulujeoRiwPPY9WcesOgLZZtYIH8nRL6ehEJTnMnahbLmlPFbttxPRUanAkA11MtSIVcKzkhp2KV2ipZrPJWwI18NuVJXb+3WtjypTrGWFZVNNkSjkLnHIeCYlJIGhDd8OL9zAiBXEm6kmgLNAkBWAg0tK2hCjvzsaA505gWQb4X56uKWdb0IzN+fOLB3Qt7+fLqbVQNQoNGzqey6B4MoS1fUKAStqdGTFYPG/+9t", + "publicKey": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDb7kwJPkGdU34hicplwfp6/WmNcaLh94TSc7Jyr9Undp5pkyLgb0DE7EIE+6kSs4LsqCb8HDkB0nLD5DXbBJFd8n0WGoKstelvtg6FtVJMnwN7k7yZbfkPECWH9zF70VeOo9vbzrApNRnct8ZhH5fbflRB4JMA9L9R+LbURdoSKQIDAQAB", + "X509Certificate": "MIIB1DCCAT0CBgFJGVacCDANBgkqhkiG9w0BAQsFADAwMS4wLAYDVQQDEyVodHRwOi8vbG9jYWxob3N0OjgwODAvc2FsZXMtcG9zdC1lbmMvMB4XDTE0MTAxNjE0MjA0NloXDTI0MTAxNjE0MjIyNlowMDEuMCwGA1UEAxMlaHR0cDovL2xvY2FsaG9zdDo4MDgwL3NhbGVzLXBvc3QtZW5jLzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA2+5MCT5BnVN+IYnKZcH6ev1pjXGi4feE0nOycq/VJ3aeaZMi4G9AxOxCBPupErOC7Kgm/Bw5AdJyw+Q12wSRXfJ9FhqCrLXpb7YOhbVSTJ8De5O8mW35DxAlh/cxe9FXjqPb286wKTUZ3LfGYR+X235UQeCTAPS/Ufi21EXaEikCAwEAATANBgkqhkiG9w0BAQsFAAOBgQBMrfGD9QFfx5v7ld/OAto5rjkTe3R1Qei8XRXfcs83vLaqEzjEtTuLGrJEi55kXuJgBpVmQpnwCCkkjSy0JxbqLDdVi9arfWUxEGmOr01ZHycELhDNaQcFqVMPr5kRHIHgktT8hK2IgCvd3Fy9/JCgUgCPxKfhwecyEOKxUc857g==" + } + }, + { + "name": "http://localhost:8080/employee/", + "enabled": true, + "fullScopeAllowed": true, + "protocol": "saml", + "baseUrl": "http://localhost:8080/employee", + "adminUrl": "http://localhost:8080/employee", + "redirectUris": [ + "http://localhost:8080/employee/*" + ] + }, + { + "name": "http://localhost:8080/employee-sig/", + "enabled": true, + "protocol": "saml", + "fullScopeAllowed": true, + "baseUrl": "http://localhost:8080/employee-sig", + "adminUrl": "http://localhost:8080/employee-sig", + "redirectUris": [ + "http://localhost:8080/employee-sig/*" + ], + "attributes": { + "saml.server.signature": "true", + "saml.client.signature": "true", + "saml.signature.algorithm": "RSA_SHA1", + "privateKey": "MIICXQIBAAKBgQC+9kVgPFpshjS2aT2g52lqTv2lqb1jgvXZVk7iFF4LAO6SdCXKXRZI4SuzIRkVNpE1a42V1kQRlaozoFklgvX5sje8tkpa9ylq+bxGXM9RRycqRu2B+oWUV7Aqq7Bs0Xud0WeHQYRcEoCjqsFKGy65qkLRDdT70FTJgpSHts+gDwIDAQABAoGANU1efgc6ojIvwn7Lsf8GAKN9z2D6uS0T3I9nw1k2CtI+xWhgKAUltEANx5lEfBRYIdYclidRpqrk8DYgzASrDYTHXzqVBJfAk1VrAGpqyRq+TNMLUHkXiTiSDOQ6WqhX93UGMmAgQm1RsLa6+fy1BO/B2y85+Yf2OUylsKS6avECQQDslRDiNFdtEjdvyOL20tQ7+W+eKVxVxKAyQ3gFjIIDizELZt+Jq1Wz6XV9NhK1JFtlVugeD1tlW/+K16fEmDYXAkEAzqKoN/JeGb20rfQldAUWdQbb0jrQAYlgoSU/9fYH9YVJT8vnkfhPBTwIw9H9euf1//lRP/jHltHd5ch4230YyQJBAN3rOkoltPiABPZbpuLGgwS7BwOCYrWlWmurtBLoaTCvyVKbrgXybNL1pBrOtR+rufvGWLeRyja65Gs1vY6BBQMCQQCTsNq/MjJj/522f7yNUl2cw4w2lOa7Um+IflFbAcDqkZu2ty0Kvgns2d4B6INeZ5ECpjaWnMA7YkFRzZnkd2NRAkB8lEY56ScnNigoZkkjtEUd2ejdhZPYuS9SKfv9zHwN+I+DE2vVFZz8GPq/iLcMx13PkZaYaJNQ4FtQY/hRLSn5", + "publicKey": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC+9kVgPFpshjS2aT2g52lqTv2lqb1jgvXZVk7iFF4LAO6SdCXKXRZI4SuzIRkVNpE1a42V1kQRlaozoFklgvX5sje8tkpa9ylq+bxGXM9RRycqRu2B+oWUV7Aqq7Bs0Xud0WeHQYRcEoCjqsFKGy65qkLRDdT70FTJgpSHts+gDwIDAQAB", + "X509Certificate": "MIIB0DCCATkCBgFJH5u0EDANBgkqhkiG9w0BAQsFADAuMSwwKgYDVQQDEyNodHRwOi8vbG9jYWxob3N0OjgwODAvZW1wbG95ZWUtc2lnLzAeFw0xNDEwMTcxOTMzNThaFw0yNDEwMTcxOTM1MzhaMC4xLDAqBgNVBAMTI2h0dHA6Ly9sb2NhbGhvc3Q6ODA4MC9lbXBsb3llZS1zaWcvMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC+9kVgPFpshjS2aT2g52lqTv2lqb1jgvXZVk7iFF4LAO6SdCXKXRZI4SuzIRkVNpE1a42V1kQRlaozoFklgvX5sje8tkpa9ylq+bxGXM9RRycqRu2B+oWUV7Aqq7Bs0Xud0WeHQYRcEoCjqsFKGy65qkLRDdT70FTJgpSHts+gDwIDAQABMA0GCSqGSIb3DQEBCwUAA4GBACKyPLGqMX8GsIrCfJU8eVnpaqzTXMglLVo/nTcfAnWe9UAdVe8N3a2PXpDBvuqNA/DEAhVcQgxdlOTWnB6s8/yLTRuH0bZgb3qGdySif+lU+E7zZ/SiDzavAvn+ABqemnzHcHyhYO+hNRGHvUbW5OAii9Vdjhm8BI32YF1NwhKp" + } + } + ], + "roles" : { + "realm" : [ + { + "name": "manager", + "description": "Have Manager privileges" + } + ] + } +} diff --git a/forms/common-themes/src/main/resources/theme/admin/base/resources/partials/application-detail.html b/forms/common-themes/src/main/resources/theme/admin/base/resources/partials/application-detail.html index 60d7ae5a22..590f78c015 100755 --- a/forms/common-themes/src/main/resources/theme/admin/base/resources/partials/application-detail.html +++ b/forms/common-themes/src/main/resources/theme/admin/base/resources/partials/application-detail.html @@ -84,7 +84,7 @@
- +
diff --git a/pom.xml b/pom.xml index 623b0e0c0f..5b3f1547ca 100755 --- a/pom.xml +++ b/pom.xml @@ -18,7 +18,8 @@ 2.3.7.Final 3.0.9.Final 1.0.15.Final - 2.7.0.CR1-20140924 + + 2.7.0.CR1 1.0.2.Final 2.11.3 3.1.4.GA @@ -251,6 +252,16 @@ picketlink-config ${picketlink.version} + + org.picketlink + picketlink-api + ${picketlink.version} + + + org.picketlink + picketlink-impl + ${picketlink.version} + org.picketbox picketbox-ldap diff --git a/saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/SALM2LoginResponseBuilder.java b/saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/SALM2LoginResponseBuilder.java index 6ed495d989..3d53c66df7 100755 --- a/saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/SALM2LoginResponseBuilder.java +++ b/saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/SALM2LoginResponseBuilder.java @@ -53,7 +53,11 @@ public class SALM2LoginResponseBuilder extends SAML2BindingBuilder { return (T)this; } - public class BindingBuilder { + public class PostBindingBuilder { protected Document document; - public BindingBuilder(Document document) { + public PostBindingBuilder(Document document) throws ProcessingException { + this.document = document; + if (signed) { + signDocument(document); + } + } + + public String encoded() throws ProcessingException, ConfigurationException, IOException { + byte[] responseBytes = org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil.getDocumentAsString(document).getBytes("UTF-8"); + return PostBindingUtil.base64Encode(new String(responseBytes)); + } + public Document getDocument() { + return document; + } + + public String htmlResponse() throws ProcessingException, ConfigurationException, IOException { + return buildHtml(encoded()); + + } + public Response response() throws ConfigurationException, ProcessingException, IOException { + return buildResponse(document); + } + } + + + public class RedirectBindingBuilder { + protected Document document; + + public RedirectBindingBuilder(Document document) { this.document = document; } public Document getDocument() { return document; } - public Response postResponse() throws ConfigurationException, ProcessingException, IOException { - return buildResponse(document); - } - - public URI redirectResponseUri() throws ConfigurationException, ProcessingException, IOException { + public URI responseUri() throws ConfigurationException, ProcessingException, IOException { return generateRedirectUri("SAMLResponse", document); } - - public Response redirectResponse() throws ProcessingException, ConfigurationException, IOException { - URI uri = redirectResponseUri(); + public Response response() throws ProcessingException, ConfigurationException, IOException { + URI uri = responseUri(); CacheControl cacheControl = new CacheControl(); cacheControl.setNoCache(true); @@ -140,6 +163,7 @@ public class SAML2BindingBuilder { } + private String getSAMLNSPrefix(Document samlResponseDocument) { Node assertionElement = samlResponseDocument.getDocumentElement() .getElementsByTagNameNS(JBossSAMLURIConstants.ASSERTION_NSURI.get(), JBossSAMLConstants.ASSERTION.get()).item(0); @@ -171,18 +195,6 @@ public class SAML2BindingBuilder { } - protected void encryptAndSign(Document samlDocument) throws ProcessingException { - if (encrypt) { - encryptDocument(samlDocument); - signDocument(samlDocument); - return; - } - if (signed) { - signDocument(samlDocument); - return; - } - } - protected void signDocument(Document samlDocument) throws ProcessingException { SamlProtocolUtils.signDocument(samlDocument, signingKeyPair, signatureAlgorithm.getXmlSignatureMethod(), signatureAlgorithm.getXmlSignatureDigestMethod(), signingCertificate); } @@ -201,6 +213,10 @@ public class SAML2BindingBuilder { byte[] responseBytes = DocumentUtil.getDocumentAsString(responseDoc).getBytes("UTF-8"); String samlResponse = PostBindingUtil.base64Encode(new String(responseBytes)); + return buildHtml(samlResponse); + } + + protected String buildHtml(String samlResponse) { if (destination == null) { throw SALM2LoginResponseBuilder.logger.nullValueError("Destination is null"); } diff --git a/saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/SAML2ErrorResponseBuilder.java b/saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/SAML2ErrorResponseBuilder.java index 8d7a8158ca..c4a2c2bad1 100755 --- a/saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/SAML2ErrorResponseBuilder.java +++ b/saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/SAML2ErrorResponseBuilder.java @@ -18,7 +18,27 @@ import org.w3c.dom.Document; */ public class SAML2ErrorResponseBuilder extends SAML2BindingBuilder { - public Document buildDocument(String status) throws ProcessingException { + protected String status; + + public SAML2ErrorResponseBuilder status(String status) { + this.status = status; + return this; + } + + public RedirectBindingBuilder redirectBinding() throws ConfigurationException, ProcessingException { + Document samlResponseDocument = buildDocument(); + return new RedirectBindingBuilder(samlResponseDocument); + + } + + public PostBindingBuilder postBinding() throws ConfigurationException, ProcessingException { + Document samlResponseDocument = buildDocument(); + return new PostBindingBuilder(samlResponseDocument); + + } + + + public Document buildDocument() throws ProcessingException { Document samlResponse = null; ResponseType responseType = null; @@ -41,15 +61,9 @@ public class SAML2ErrorResponseBuilder extends SAML2BindingBuilderBill Burke * @version $Revision: 1 $ */ -public class SalmProtocol implements LoginProtocol { - protected static final Logger logger = Logger.getLogger(SalmProtocol.class); +public class SamlProtocol implements LoginProtocol { + protected static final Logger logger = Logger.getLogger(SamlProtocol.class); public static final String LOGIN_PROTOCOL = "saml"; public static final String SAML_BINDING = "saml_binding"; public static final String SAML_POST_BINDING = "post"; @@ -49,19 +49,19 @@ public class SalmProtocol implements LoginProtocol { @Override - public SalmProtocol setSession(KeycloakSession session) { + public SamlProtocol setSession(KeycloakSession session) { this.session = session; return this; } @Override - public SalmProtocol setRealm(RealmModel realm) { + public SamlProtocol setRealm(RealmModel realm) { this.realm = realm; return this; } @Override - public SalmProtocol setUriInfo(UriInfo uriInfo) { + public SamlProtocol setUriInfo(UriInfo uriInfo) { this.uriInfo = uriInfo; return this; } @@ -84,12 +84,13 @@ public class SalmProtocol implements LoginProtocol { SAML2ErrorResponseBuilder builder = new SAML2ErrorResponseBuilder() .relayState(clientSession.getNote(GeneralConstants.RELAY_STATE)) .destination(clientSession.getRedirectUri()) - .responseIssuer(getResponseIssuer(realm)); + .responseIssuer(getResponseIssuer(realm)) + .status(status); try { if (isPostBinding(clientSession)) { - return builder.binding(status).postResponse(); + return builder.postBinding().response(); } else { - return builder.binding(status).redirectResponse(); + return builder.redirectBinding().response(); } } catch (Exception e) { return Flows.forwardToSecurityFailurePage(session, realm, uriInfo, "Failed to process response"); @@ -97,7 +98,7 @@ public class SalmProtocol implements LoginProtocol { } protected boolean isPostBinding(ClientSessionModel clientSession) { - return SalmProtocol.SAML_POST_BINDING.equals(clientSession.getNote(SalmProtocol.SAML_BINDING)); + return SamlProtocol.SAML_POST_BINDING.equals(clientSession.getNote(SamlProtocol.SAML_BINDING)); } @Override @@ -142,9 +143,9 @@ public class SalmProtocol implements LoginProtocol { } try { if (isPostBinding(clientSession)) { - return builder.binding().postResponse(); + return builder.postBinding().response(); } else { - return builder.binding().redirectResponse(); + return builder.redirectBinding().response(); } } catch (Exception e) { logger.error("failed", e); @@ -156,7 +157,7 @@ public class SalmProtocol implements LoginProtocol { return "true".equals(client.getAttribute("saml.server.signature")); } - private SignatureAlgorithm getSignatureAlgorithm(ClientModel client) { + public static SignatureAlgorithm getSignatureAlgorithm(ClientModel client) { String alg = client.getAttribute("saml.signature.algorithm"); if (alg != null) { SignatureAlgorithm algorithm = SignatureAlgorithm.valueOf(alg); @@ -214,7 +215,7 @@ public class SalmProtocol implements LoginProtocol { String logoutRequestString = null; try { - logoutRequestString = logoutBuilder.buildRequestString(); + logoutRequestString = logoutBuilder.postBinding().encoded(); } catch (Exception e) { logger.warn("failed to send saml logout", e); return; diff --git a/saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/SamlProtocolFactory.java b/saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/SamlProtocolFactory.java index 5021d0cbb7..e2c0fd5bc7 100755 --- a/saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/SamlProtocolFactory.java +++ b/saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/SamlProtocolFactory.java @@ -22,7 +22,7 @@ public class SamlProtocolFactory implements LoginProtocolFactory { @Override public LoginProtocol create(KeycloakSession session) { - return new SalmProtocol().setSession(session); + return new SamlProtocol().setSession(session); } @Override diff --git a/saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/SamlService.java b/saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/SamlService.java index 1ccfba196e..2b428289ec 100755 --- a/saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/SamlService.java +++ b/saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/SamlService.java @@ -42,11 +42,9 @@ import javax.ws.rs.core.SecurityContext; import javax.ws.rs.core.UriBuilder; import javax.ws.rs.core.UriInfo; import javax.ws.rs.ext.Providers; -import java.io.IOException; import java.net.URI; import java.security.PublicKey; import java.security.Signature; -import java.security.SignatureException; /** * Resource class for the oauth/openid connect token service @@ -195,10 +193,10 @@ public class SamlService { ClientSessionModel clientSession = session.sessions().createClientSession(realm, client); - clientSession.setAuthMethod(SalmProtocol.LOGIN_PROTOCOL); + clientSession.setAuthMethod(SamlProtocol.LOGIN_PROTOCOL); clientSession.setRedirectUri(redirect); clientSession.setAction(ClientSessionModel.Action.AUTHENTICATE); - clientSession.setNote(SalmProtocol.SAML_BINDING, getBindingType()); + clientSession.setNote(SamlProtocol.SAML_BINDING, getBindingType()); clientSession.setNote(GeneralConstants.RELAY_STATE, relayState); clientSession.setNote("REQUEST_ID", requestAbstractType.getID()); @@ -278,7 +276,7 @@ public class SamlService { @Override protected String getBindingType() { - return SalmProtocol.SAML_POST_BINDING; + return SamlProtocol.SAML_POST_BINDING; } @@ -307,7 +305,9 @@ public class SamlService { if (algorithm == null) throw new VerificationException("SigAlg as null"); if (signature == null) throw new VerificationException("Signature as null"); - SamlProtocolUtils.verifyDocumentSignature(client, documentHolder.getSamlDocument()); + // Shibboleth doesn't sign the document for redirect binding. + // todo maybe a flag? + // SamlProtocolUtils.verifyDocumentSignature(client, documentHolder.getSamlDocument()); PublicKey publicKey = SamlProtocolUtils.getPublicKey(client); @@ -323,7 +323,8 @@ public class SamlService { try { byte[] decodedSignature = RedirectBindingUtil.urlBase64Decode(signature); - Signature validator = SignatureAlgorithm.RSA_SHA1.createSignature(); // todo plugin signature alg + SignatureAlgorithm signatureAlgorithm = SamlProtocol.getSignatureAlgorithm(client); + Signature validator = signatureAlgorithm.createSignature(); // todo plugin signature alg validator.initVerify(publicKey); validator.update(rawQuery.getBytes("UTF-8")); if (!validator.verify(decodedSignature)) { @@ -343,7 +344,7 @@ public class SamlService { @Override protected String getBindingType() { - return SalmProtocol.SAML_GET_BINDING; + return SamlProtocol.SAML_GET_BINDING; }