From 436272916071a3d86bde225ba8094e8433e07c7b Mon Sep 17 00:00:00 2001 From: Kunal Dawar Date: Mon, 19 Jan 2026 17:31:29 +0530 Subject: [PATCH 1/7] Refactor project structure and fix issues #60 and #67 - Reorganized code into cmd/ and internal/ directories following Go best practices - Split authentication logic into separate modules (claims, middleware, validator) - Extracted configuration into dedicated config package - Moved API handlers into separate handlers package - Updated dependencies and build configurations - Fixed issue #67: Added CORS support with WithValidateOnOptions(false) to allow OPTIONS preflight requests - Fixed issue #60: Added comprehensive setup documentation for RBAC and M2M permissions - Added screenshots showing Auth0 Dashboard configuration steps - Updated README with detailed instructions to prevent empty permissions array Closes #60 Closes #67 --- .circleci/config.yml | 82 +++---- 01-Authorization-RS256/Dockerfile | 12 +- 01-Authorization-RS256/README.md | 200 ++++++++++++------ 01-Authorization-RS256/cmd/server/main.go | 70 ++++++ 01-Authorization-RS256/exec.ps1 | 2 +- 01-Authorization-RS256/exec.sh | 2 +- 01-Authorization-RS256/go.mod | 23 +- 01-Authorization-RS256/go.sum | 89 +++----- .../internal/auth/claims.go | 46 ++++ .../internal/auth/middleware.go | 22 ++ .../internal/auth/validator.go | 41 ++++ .../internal/config/auth.go | 28 +++ .../internal/handlers/api.go | 50 +++++ 01-Authorization-RS256/main.go | 23 -- 01-Authorization-RS256/middleware/jwt.go | 81 ------- 01-Authorization-RS256/router/router.go | 63 ------ LICENSE | 2 +- assets/enable-rbac-settings.png | Bin 0 -> 112352 bytes assets/m2m-permissions.png | Bin 0 -> 229180 bytes 19 files changed, 499 insertions(+), 337 deletions(-) create mode 100644 01-Authorization-RS256/cmd/server/main.go create mode 100644 01-Authorization-RS256/internal/auth/claims.go create mode 100644 01-Authorization-RS256/internal/auth/middleware.go create mode 100644 01-Authorization-RS256/internal/auth/validator.go create mode 100644 01-Authorization-RS256/internal/config/auth.go create mode 100644 01-Authorization-RS256/internal/handlers/api.go delete mode 100644 01-Authorization-RS256/main.go delete mode 100644 01-Authorization-RS256/middleware/jwt.go delete mode 100644 01-Authorization-RS256/router/router.go create mode 100644 assets/enable-rbac-settings.png create mode 100644 assets/m2m-permissions.png diff --git a/.circleci/config.yml b/.circleci/config.yml index daccf8e..0a598d9 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -3,49 +3,49 @@ machine: &machine-cfg image: ubuntu-2004:202107-02 defaults: &defaults - steps: - - attach_workspace: - at: ~/ - - run: - name: Prepare environment variables - command: | - cd $AUTH0_CFG - mv .env.example .env - sed -i 's|{DOMAIN}|'$auth0_domain'|g' .env - sed -i 's|{API_IDENTIFIER}|'$api_identifier'|g' .env - - run: - name: Background Server - command: cd $AUTH0_CFG && sh exec.sh - background: true - - run: - name: Wait until server is online - command: | - until $(curl --silent --head --output /dev/null --fail http://localhost:3010/api/public); do - sleep 5 - done - - run: - name: Prepare tests - command: | - cd test - echo "AUTH0_DOMAIN=$auth0_domain" >> .env - echo "API_IDENTIFIER=$api_identifier" >> .env - echo "AUTH0_CLIENT_ID_1=$client_id_scopes_none" >> .env - echo "AUTH0_CLIENT_SECRET_1=$client_secret_scopes_none" >> .env - echo "AUTH0_CLIENT_ID_2=$client_id_scopes_read" >> .env - echo "AUTH0_CLIENT_SECRET_2=$client_secret_scopes_read" >> .env - echo "AUTH0_CLIENT_ID_3=$client_id_scopes_write" >> .env - echo "AUTH0_CLIENT_SECRET_3=$client_secret_scopes_write" >> .env - echo "AUTH0_CLIENT_ID_4=$client_id_scopes_readwrite" >> .env - echo "AUTH0_CLIENT_SECRET_4=$client_secret_scopes_readwrite" >> .env - echo "API_URL=http://localhost:3010" >> .env - npm install - - run: - name: Execute automated tests - command: cd test && npm test + steps: + - attach_workspace: + at: ~/ + - run: + name: Prepare environment variables + command: | + cd $AUTH0_CFG + mv .env.example .env + sed -i 's|{DOMAIN}|'$auth0_domain'|g' .env + sed -i 's|{API_IDENTIFIER}|'$api_identifier'|g' .env + - run: + name: Background Server + command: cd $AUTH0_CFG && sh exec.sh + background: true + - run: + name: Wait until server is online + command: | + until $(curl --silent --head --output /dev/null --fail http://localhost:8080/api/public); do + sleep 5 + done + - run: + name: Prepare tests + command: | + cd test + echo "AUTH0_DOMAIN=$auth0_domain" >> .env + echo "API_IDENTIFIER=$api_identifier" >> .env + echo "AUTH0_CLIENT_ID_1=$client_id_scopes_none" >> .env + echo "AUTH0_CLIENT_SECRET_1=$client_secret_scopes_none" >> .env + echo "AUTH0_CLIENT_ID_2=$client_id_scopes_read" >> .env + echo "AUTH0_CLIENT_SECRET_2=$client_secret_scopes_read" >> .env + echo "AUTH0_CLIENT_ID_3=$client_id_scopes_write" >> .env + echo "AUTH0_CLIENT_SECRET_3=$client_secret_scopes_write" >> .env + echo "AUTH0_CLIENT_ID_4=$client_id_scopes_readwrite" >> .env + echo "AUTH0_CLIENT_SECRET_4=$client_secret_scopes_readwrite" >> .env + echo "API_URL=http://localhost:8080" >> .env + npm install + - run: + name: Execute automated tests + command: cd test && npm test # Jobs and Workflows version: 2 -jobs: +jobs: checkout: machine: <<: *machine-cfg @@ -55,7 +55,7 @@ jobs: name: Clone test script command: git clone -b v0.0.1 --depth 1 https://github.com/auth0-samples/api-quickstarts-tests test - persist_to_workspace: - root: ~/ + root: ~/ paths: - project - test diff --git a/01-Authorization-RS256/Dockerfile b/01-Authorization-RS256/Dockerfile index 008018a..1412f40 100644 --- a/01-Authorization-RS256/Dockerfile +++ b/01-Authorization-RS256/Dockerfile @@ -1,9 +1,9 @@ -FROM golang:1.17-alpine3.14 +FROM golang:1.24-alpine # Install git RUN apk --update add \ - git openssl \ - && rm /var/cache/apk/* + git openssl \ + && rm /var/cache/apk/* # Define current working directory WORKDIR /01-Authorization-RS256 @@ -17,7 +17,7 @@ RUN go mod download # Add sources COPY . . -# Expose port 3010 for our api binary -EXPOSE 3010 +# Expose port 8080 for our api binary +EXPOSE 8080 -CMD ["go", "run", "main.go"] +CMD ["go", "run", "cmd/server/main.go"] diff --git a/01-Authorization-RS256/README.md b/01-Authorization-RS256/README.md index 7435c21..1a1e0a0 100644 --- a/01-Authorization-RS256/README.md +++ b/01-Authorization-RS256/README.md @@ -1,86 +1,168 @@ -# Golang Authorization for RS256-Signed Tokens +# Auth0 Golang API Sample - Authorization (RS256) + +This sample demonstrates how to protect a Go API using Auth0 with RS256 signed JWT tokens. + +## Prerequisites + +- Go 1.24 or higher +- An Auth0 account ([Sign up for free](https://auth0.com/signup)) + +## Setup + +1. **Create an API in Auth0 Dashboard:** + - Go to APIs in your Auth0 Dashboard + - Click "Create API" + - Give it a name and identifier (audience) + - Select RS256 signing algorithm + +2. **Add permissions to your API:** + - Select your API in the Auth0 Dashboard + - Go to the **Permissions** tab + - Add a new permission: + - **Permission (Scope):** `read:messages` + - **Description:** Read messages from the API + - Click **Add** + +3. **Enable RBAC for your API (Important!):** + - Select your API in the Auth0 Dashboard + - Go to the **Settings** tab + - Scroll down to **RBAC Settings** + - Enable **Enable RBAC** + - Enable **Add Permissions in the Access Token** + - Click **Save** + + Enable RBAC Settings + + > ⚠️ **Note:** Without enabling these settings, the `permissions` array in your access token will be empty, causing the scoped endpoint to fail with a 403 error. + +4. **Configure Machine-to-Machine Application (for testing):** + - Go to **Applications > Applications** in your Auth0 Dashboard + - Select your Machine-to-Machine application (or create one) + - Go to the **APIs** tab + - Find your API and expand it + - Toggle **Authorize** to enable it + - Select the permissions you want to grant (e.g., `read:messages`) + - Click **Update** + + Configure M2M Permissions + + > 💡 This step ensures that tokens generated for this application will include the selected permissions in the `permissions` array. + +5. **Configure environment variables:** + ```bash + cp .env.example .env + ``` + + Edit `.env` and set: + ``` + AUTH0_DOMAIN=your-tenant.auth0.com + AUTH0_AUDIENCE=https://your-api-identifier + ``` + +6. **Install dependencies:** + ```bash + go mod download + ``` + +## Running the Sample -This sample demonstrates how to protect endpoints in a Go API by verifying an incoming JWT access token signed by Auth0. -The token must be signed with the RS256 algorithm and must be verified against your Auth0 JSON Web Key Set. - -Check the [Golang API Quickstart](https://auth0.com/docs/quickstart/backend/golang) to understand this sample better. - -## Getting Started - -If you haven't already done so, [sign up](https://auth0.com/signup) for your free Auth0 account and create a new API -client in the [dashboard](https://manage.auth0.com/). - -Clone the repo or download it from the Golang API quickstart page in Auth0's documentation. +```bash +go run cmd/server/main.go +``` -### Add Your Credentials +The server will start on port 8080. -Rename the `.env.example` to `.env` and you will see variables for `AUTH0_DOMAIN` and `AUTH0_API_AUDIENCE`. -Update these values with your credentials and save the file. +## API Endpoints -```text -AUTH0_DOMAIN={DOMAIN} -AUTH0_AUDIENCE={API_AUDIENCE} +### Public Endpoint (No Authentication Required) +```bash +curl http://localhost:8080/api/public ``` -### Install Dependencies and Start Server - +### Private Endpoint (Requires Valid JWT) ```bash -# Download dependencies -go mod vendor - -# Start the server -go run main.go +curl -H "Authorization: Bearer YOUR_ACCESS_TOKEN" \ + http://localhost:8080/api/private ``` -The API will be served at `http://localhost:3010`. - -### Endpoints - -The sample includes these endpoints: - -**GET** /api/public -* An unprotected endpoint which returns a message on success. Does not require a valid JWT access token. +### Scoped Endpoint (Requires JWT with `read:messages` scope) +```bash +curl -H "Authorization: Bearer YOUR_ACCESS_TOKEN" \ + http://localhost:8080/api/private-scoped +``` -**GET** /api/private -* A protected endpoint which returns a message on success. Requires a valid JWT access token. +## Getting an Access Token -**GET** /api/private-scoped -* A protected endpoint which returns a message on success. Requires a valid JWT access token with a `scope` of `read:messages`. +To test the protected endpoints, you need an access token: -### Running the Example With Docker +1. Go to the **Test** tab of your API in the Auth0 Dashboard +2. In the **Scopes** field, add `read:messages` (for testing the scoped endpoint) +3. Copy the provided access token or `curl` command +4. Use it in the `Authorization` header as shown above -In order to run the example with docker, you need to have `docker` installed. +**Note:** Tokens without the `read:messages` scope will receive a 403 Forbidden error when accessing the scoped endpoint. -You also need to set the environment variables as explained [previously](#add-your-credentials). +### Verifying Your Token Contains Permissions -Execute in command line `sh exec.sh` to run the Docker in Linux, or `.\exec.ps1` to run the Docker in Windows. +You can decode your JWT token at [jwt.io](https://jwt.io) to verify it contains the permissions. A properly configured token should include: -## What is Auth0? +```json +{ + "iss": "https://your-tenant.auth0.com/", + "sub": "...", + "aud": "https://your-api-identifier", + "iat": 1697988893, + "exp": 1698075293, + "azp": "...", + "scope": "read:messages", + "gty": "client-credentials", + "permissions": [ + "read:messages" + ] +} +``` -Auth0 helps you to: +If the `permissions` array is empty, please verify you've completed steps 3 and 4 in the Setup section above. -* Add authentication with [multiple authentication sources](https://auth0.com/docs/authenticate/identity-providers), either social like **Google, Facebook, Microsoft Account, LinkedIn, GitHub, Twitter, Box, Salesforce, among others**, or enterprise identity systems like **Windows Azure AD, Google Apps, Active Directory, ADFS or any SAML Identity Provider**. -* Add authentication through more traditional **[username/password databases](https://auth0.com/docs/authenticate/database-connections/custom-db/overview-custom-db-connections)**. -* Add support for **[linking different user accounts](https://auth0.com/docs/manage-users/user-accounts/user-account-linking)** with the same user. -* Support for generating signed [Json Web Tokens](https://auth0.com/docs/secure/tokens/json-web-tokens) to call your APIs and **flow the user identity** securely. -* Analytics of how, when and where users are logging in. -* Pull data from other sources and add it to the user profile, through [JavaScript rules](https://auth0.com/docs/customize/rules). +## Project Structure -## Create a free Auth0 account +``` +01-Authorization-RS256/ +├── cmd/ +│ └── server/ +│ └── main.go # Application entry point +├── internal/ +│ ├── auth/ +│ │ ├── validator.go # JWT validator setup +│ │ └── middleware.go # JWT middleware +│ ├── config/ +│ │ └── auth.go # Configuration loading +│ └── handlers/ +│ └── api.go # HTTP handlers +├── .env.example +├── go.mod +└── README.md +``` -1. Go to [Auth0](https://auth0.com/signup) and click Sign Up. -2. Use Google, GitHub or Microsoft Account to login. +## Key Features -## Issue Reporting +- ✅ RS256 JWT validation +- ✅ Custom claims support +- ✅ Scope-based authorization +- ✅ Graceful shutdown +- ✅ Production-ready timeouts +- ✅ Structured logging with slog -If you have found a bug or if you have a feature request, please report them at this repository issues section. -Please do not report security vulnerabilities on the public GitHub issue tracker. -The [Responsible Disclosure Program](https://auth0.com/whitehat) details the procedure for disclosing security issues. +## Learn More -## Author +- [Auth0 Go SDK Documentation](https://github.com/auth0/go-jwt-middleware) +- [Auth0 Documentation](https://auth0.com/docs) +- [Securing Go APIs with +## Project Structure -[Auth0](https://auth0.com) +``` +01-Autckstart/backend/golang) ## License -This project is licensed under the MIT license. See the `LICENSE` file for more info. +This project is licensed under the MIT license. See the [LICENSE](../../LICENSE) file for more info. diff --git a/01-Authorization-RS256/cmd/server/main.go b/01-Authorization-RS256/cmd/server/main.go new file mode 100644 index 0000000..7f65f9b --- /dev/null +++ b/01-Authorization-RS256/cmd/server/main.go @@ -0,0 +1,70 @@ +package main + +import ( + "context" + "log" + "net/http" + "os" + "os/signal" + "time" + + "github.com/auth0-samples/auth0-golang-api-samples/01-Authorization-RS256/internal/auth" + "github.com/auth0-samples/auth0-golang-api-samples/01-Authorization-RS256/internal/config" + "github.com/auth0-samples/auth0-golang-api-samples/01-Authorization-RS256/internal/handlers" + "github.com/joho/godotenv" +) + +func main() { + if err := godotenv.Load(); err != nil { + log.Println("No .env file found, using environment variables") + } + + cfg, err := config.LoadAuthConfig() + if err != nil { + log.Fatalf("Failed to load config: %v", err) + } + + jwtValidator, err := auth.NewValidator(cfg.Domain, cfg.Audience) + if err != nil { + log.Fatalf("Failed to create validator: %v", err) + } + + middleware, err := auth.NewMiddleware(jwtValidator) + if err != nil { + log.Fatalf("Failed to create middleware: %v", err) + } + + mux := http.NewServeMux() + mux.HandleFunc("/api/public", handlers.PublicHandler) + mux.Handle("/api/private", middleware.CheckJWT(http.HandlerFunc(handlers.PrivateHandler))) + mux.Handle("/api/private-scoped", middleware.CheckJWT(http.HandlerFunc(handlers.ScopedHandler))) + + srv := &http.Server{ + Addr: ":8080", + Handler: mux, + ReadTimeout: 15 * time.Second, + WriteTimeout: 15 * time.Second, + IdleTimeout: 60 * time.Second, + } + + go func() { + log.Println("Server starting on :8080") + if err := srv.ListenAndServe(); err != nil && err != http.ErrServerClosed { + log.Fatalf("Server failed: %v", err) + } + }() + + quit := make(chan os.Signal, 1) + signal.Notify(quit, os.Interrupt) + <-quit + + log.Println("Shutting down server...") + ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second) + defer cancel() + + if err := srv.Shutdown(ctx); err != nil { + log.Fatalf("Server forced to shutdown: %v", err) + } + + log.Println("Server exited") +} diff --git a/01-Authorization-RS256/exec.ps1 b/01-Authorization-RS256/exec.ps1 index 3e50b04..5a9854a 100644 --- a/01-Authorization-RS256/exec.ps1 +++ b/01-Authorization-RS256/exec.ps1 @@ -1,2 +1,2 @@ docker build -t auth0-golang-api . -docker run --env-file .env -p 3010:3010 -it auth0-golang-api +docker run --env-file .env -p 8080:8080 -it auth0-golang-api diff --git a/01-Authorization-RS256/exec.sh b/01-Authorization-RS256/exec.sh index 9744870..49bc7a4 100644 --- a/01-Authorization-RS256/exec.sh +++ b/01-Authorization-RS256/exec.sh @@ -1,3 +1,3 @@ #!/usr/bin/env bash docker build -t auth0-golang-api . -docker run --env-file .env -p 3010:3010 -it auth0-golang-api +docker run --env-file .env -p 8080:8080 -it auth0-golang-api diff --git a/01-Authorization-RS256/go.mod b/01-Authorization-RS256/go.mod index d781015..49c7d22 100644 --- a/01-Authorization-RS256/go.mod +++ b/01-Authorization-RS256/go.mod @@ -1,9 +1,24 @@ -module 01-Authorization-RS256 +module github.com/auth0-samples/auth0-golang-api-samples/01-Authorization-RS256 -go 1.16 +go 1.24.0 require ( - github.com/auth0/go-jwt-middleware/v2 v2.2.0 + github.com/auth0/go-jwt-middleware/v3 v3.0.0 github.com/joho/godotenv v1.5.1 - golang.org/x/crypto v0.17.0 // indirect +) + +require ( + github.com/decred/dcrd/dcrec/secp256k1/v4 v4.4.0 // indirect + github.com/goccy/go-json v0.10.5 // indirect + github.com/lestrrat-go/blackmagic v1.0.4 // indirect + github.com/lestrrat-go/dsig v1.0.0 // indirect + github.com/lestrrat-go/dsig-secp256k1 v1.0.0 // indirect + github.com/lestrrat-go/httpcc v1.0.1 // indirect + github.com/lestrrat-go/httprc/v3 v3.0.3 // indirect + github.com/lestrrat-go/jwx/v3 v3.0.12 // indirect + github.com/lestrrat-go/option/v2 v2.0.0 // indirect + github.com/segmentio/asm v1.2.1 // indirect + github.com/valyala/fastjson v1.6.7 // indirect + golang.org/x/crypto v0.46.0 // indirect + golang.org/x/sys v0.40.0 // indirect ) diff --git a/01-Authorization-RS256/go.sum b/01-Authorization-RS256/go.sum index 99aa4f7..6f8d5ca 100644 --- a/01-Authorization-RS256/go.sum +++ b/01-Authorization-RS256/go.sum @@ -1,70 +1,45 @@ -github.com/auth0/go-jwt-middleware/v2 v2.2.0 h1:4WTpcHh+VZJOLEnS4E+hh+vP96Jy1tSbJOMnbJ29/KI= -github.com/auth0/go-jwt-middleware/v2 v2.2.0/go.mod h1:BFCz+RF+1szSkrGNJLYn2ng2PtfzBiKR6fynTvS2A/k= +github.com/auth0/go-jwt-middleware/v3 v3.0.0 h1:+rvUPCT+VbAuK4tpS13fWfZrMyqTwLopt3VoY0Y7kvA= +github.com/auth0/go-jwt-middleware/v3 v3.0.0/go.mod h1:iU42jqjRyeKbf9YYSnRnolr836gk6Ty/jnUNuVq2b0o= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= -github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= +github.com/decred/dcrd/dcrec/secp256k1/v4 v4.4.0 h1:NMZiJj8QnKe1LgsbDayM4UoHwbvwDRwnI3hwNaAHRnc= +github.com/decred/dcrd/dcrec/secp256k1/v4 v4.4.0/go.mod h1:ZXNYxsqcloTdSy/rNShjYzMhyjf0LaoftYK0p+A3h40= +github.com/goccy/go-json v0.10.5 h1:Fq85nIqj+gXn/S5ahsiTlK3TmC85qgirsdTP/+DeaC4= +github.com/goccy/go-json v0.10.5/go.mod h1:oq7eo15ShAhp70Anwd5lgX2pLfOS3QCiwU/PULtXL6M= +github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8= +github.com/google/go-cmp v0.7.0/go.mod h1:pXiqmnSA92OHEEa9HXL2W4E7lf9JzCmGVUdgjX3N/iU= github.com/joho/godotenv v1.5.1 h1:7eLL/+HRGLY0ldzfGMeQkb7vMd0as4CfYvUVzLqw0N0= github.com/joho/godotenv v1.5.1/go.mod h1:f4LDr5Voq0i2e/R5DDNOoa2zzDfwtkZa6DnEwAbqwq4= +github.com/lestrrat-go/blackmagic v1.0.4 h1:IwQibdnf8l2KoO+qC3uT4OaTWsW7tuRQXy9TRN9QanA= +github.com/lestrrat-go/blackmagic v1.0.4/go.mod h1:6AWFyKNNj0zEXQYfTMPfZrAXUWUfTIZ5ECEUEJaijtw= +github.com/lestrrat-go/dsig v1.0.0 h1:OE09s2r9Z81kxzJYRn07TFM9XA4akrUdoMwr0L8xj38= +github.com/lestrrat-go/dsig v1.0.0/go.mod h1:dEgoOYYEJvW6XGbLasr8TFcAxoWrKlbQvmJgCR0qkDo= +github.com/lestrrat-go/dsig-secp256k1 v1.0.0 h1:JpDe4Aybfl0soBvoVwjqDbp+9S1Y2OM7gcrVVMFPOzY= +github.com/lestrrat-go/dsig-secp256k1 v1.0.0/go.mod h1:CxUgAhssb8FToqbL8NjSPoGQlnO4w3LG1P0qPWQm/NU= +github.com/lestrrat-go/httpcc v1.0.1 h1:ydWCStUeJLkpYyjLDHihupbn2tYmZ7m22BGkcvZZrIE= +github.com/lestrrat-go/httpcc v1.0.1/go.mod h1:qiltp3Mt56+55GPVCbTdM9MlqhvzyuL6W/NMDA8vA5E= +github.com/lestrrat-go/httprc/v3 v3.0.3 h1:WjLHWkDkgWXeIUrKi/7lS/sGq2DjkSAwdTbH5RHXAKs= +github.com/lestrrat-go/httprc/v3 v3.0.3/go.mod h1:mSMtkZW92Z98M5YoNNztbRGxbXHql7tSitCvaxvo9l0= +github.com/lestrrat-go/jwx/v3 v3.0.12 h1:p25r68Y4KrbBdYjIsQweYxq794CtGCzcrc5dGzJIRjg= +github.com/lestrrat-go/jwx/v3 v3.0.12/go.mod h1:HiUSaNmMLXgZ08OmGBaPVvoZQgJVOQphSrGr5zMamS8= +github.com/lestrrat-go/option/v2 v2.0.0 h1:XxrcaJESE1fokHy3FpaQ/cXW8ZsIdWcdFzzLOcID3Ss= +github.com/lestrrat-go/option/v2 v2.0.0/go.mod h1:oSySsmzMoR0iRzCDCaUfsCzxQHUEuhOViQObyy7S6Vg= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/segmentio/asm v1.2.1 h1:DTNbBqs57ioxAD4PrArqftgypG4/qNpXoJx8TVXxPR0= +github.com/segmentio/asm v1.2.1/go.mod h1:BqMnlJP91P8d+4ibuonYZw9mfnzI9HfxselHZr5aAcs= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= -github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= -github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= -github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= -github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= -golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= -golang.org/x/crypto v0.4.0/go.mod h1:3quD/ATkf6oY+rnes5c3ExXTbLc8mueNue5/DoinL80= -golang.org/x/crypto v0.17.0 h1:r8bRNjWL3GshPW3gkd+RpvzWrZAwPS49OmTGZ/uhM4k= -golang.org/x/crypto v0.17.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4= -golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= -golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= -golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= -golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= -golang.org/x/net v0.3.0/go.mod h1:MBQ8lrhLObU/6UmLb4fmbmk5OcyYmqtbGd/9yIeKjEE= -golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= -golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg= -golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.5.0 h1:60k92dhOjHxJkrqnwsfl8KuaHbn/5dl0lUPUklKo3qE= -golang.org/x/sync v0.5.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= -golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.3.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= -golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= -golang.org/x/term v0.3.0/go.mod h1:q750SLmJuPmVoN1blW3UFBPREJfb1KmY3vwxfr+nFDA= -golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= -golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo= -golang.org/x/term v0.15.0/go.mod h1:BDl952bC7+uMoWR75FIrCDx79TPU9oHkTZ9yRbYOrX0= -golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= -golang.org/x/text v0.5.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= -golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= -golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= -golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= -golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= -golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU= -golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +github.com/stretchr/testify v1.11.1 h1:7s2iGBzp5EwR7/aIZr8ao5+dra3wiQyKjjFuvgVKu7U= +github.com/stretchr/testify v1.11.1/go.mod h1:wZwfW3scLgRK+23gO65QZefKpKQRnfz6sD981Nm4B6U= +github.com/valyala/fastjson v1.6.7 h1:ZE4tRy0CIkh+qDc5McjatheGX2czdn8slQjomexVpBM= +github.com/valyala/fastjson v1.6.7/go.mod h1:CLCAqky6SMuOcxStkYQvblddUtoRxhYMGLrsQns1aXY= +golang.org/x/crypto v0.46.0 h1:cKRW/pmt1pKAfetfu+RCEvjvZkA9RimPbh7bhFjGVBU= +golang.org/x/crypto v0.46.0/go.mod h1:Evb/oLKmMraqjZ2iQTwDwvCtJkczlDuTmdJXoZVzqU0= +golang.org/x/sys v0.40.0 h1:DBZZqJ2Rkml6QMQsZywtnjnnGvHza6BTfYFWY9kjEWQ= +golang.org/x/sys v0.40.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/go-jose/go-jose.v2 v2.6.1 h1:qEzJlIDmG9q5VO0M/o8tGS65QMHMS1w01TQJB1VPJ4U= -gopkg.in/go-jose/go-jose.v2 v2.6.1/go.mod h1:zzZDPkNNw/c9IE7Z9jr11mBZQhKQTMzoEEIoEdZlFBI= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= diff --git a/01-Authorization-RS256/internal/auth/claims.go b/01-Authorization-RS256/internal/auth/claims.go new file mode 100644 index 0000000..6ab660f --- /dev/null +++ b/01-Authorization-RS256/internal/auth/claims.go @@ -0,0 +1,46 @@ +package auth + +import ( + "context" + "fmt" + "strings" +) + +// CustomClaims contains custom data we want to parse from the JWT. +type CustomClaims struct { + Scope string `json:"scope"` +} + +// Validate ensures the custom claims are properly formatted. +func (c *CustomClaims) Validate(ctx context.Context) error { + // Scope is optional, but if present, must be properly formatted + if c.Scope == "" { + return nil // No scope is valid - not all endpoints require permissions + } + + // Validate scope format (no leading/trailing spaces, no double spaces) + if strings.TrimSpace(c.Scope) != c.Scope { + return fmt.Errorf("scope claim has invalid whitespace") + } + + if strings.Contains(c.Scope, " ") { + return fmt.Errorf("scope claim contains double spaces") + } + + return nil +} + +// HasScope checks whether our claims have a specific scope. +func (c *CustomClaims) HasScope(expectedScope string) bool { + if c.Scope == "" { + return false + } + + scopes := strings.Split(c.Scope, " ") + for _, scope := range scopes { + if scope == expectedScope { + return true + } + } + return false +} diff --git a/01-Authorization-RS256/internal/auth/middleware.go b/01-Authorization-RS256/internal/auth/middleware.go new file mode 100644 index 0000000..4d754e2 --- /dev/null +++ b/01-Authorization-RS256/internal/auth/middleware.go @@ -0,0 +1,22 @@ +package auth + +import ( + "log/slog" + "net/http" + + jwtmiddleware "github.com/auth0/go-jwt-middleware/v3" + "github.com/auth0/go-jwt-middleware/v3/validator" +) + +func NewMiddleware(jwtValidator *validator.Validator) (*jwtmiddleware.JWTMiddleware, error) { + return jwtmiddleware.New( + jwtmiddleware.WithValidator(jwtValidator), + jwtmiddleware.WithValidateOnOptions(false), + jwtmiddleware.WithErrorHandler(func(w http.ResponseWriter, r *http.Request, err error) { + slog.Error("JWT validation failed", "error", err, "path", r.URL.Path) + w.Header().Set("Content-Type", "application/json") + w.WriteHeader(http.StatusUnauthorized) + w.Write([]byte(`{"message":"Failed to validate JWT."}`)) + }), + ) +} diff --git a/01-Authorization-RS256/internal/auth/validator.go b/01-Authorization-RS256/internal/auth/validator.go new file mode 100644 index 0000000..be304a2 --- /dev/null +++ b/01-Authorization-RS256/internal/auth/validator.go @@ -0,0 +1,41 @@ +package auth + +import ( + "fmt" + "net/url" + "time" + + "github.com/auth0/go-jwt-middleware/v3/jwks" + "github.com/auth0/go-jwt-middleware/v3/validator" +) + +func NewValidator(domain, audience string) (*validator.Validator, error) { + issuerURL, err := url.Parse("https://" + domain + "/") + if err != nil { + return nil, fmt.Errorf("failed to parse issuer URL: %w", err) + } + + provider, err := jwks.NewCachingProvider( + jwks.WithIssuerURL(issuerURL), + jwks.WithCacheTTL(5*time.Minute), + ) + if err != nil { + return nil, fmt.Errorf("failed to create JWKS provider: %w", err) + } + + jwtValidator, err := validator.New( + validator.WithKeyFunc(provider.KeyFunc), + validator.WithAlgorithm(validator.RS256), + validator.WithIssuer(issuerURL.String()), + validator.WithAudience(audience), + validator.WithCustomClaims(func() validator.CustomClaims { + return &CustomClaims{} + }), + validator.WithAllowedClockSkew(30*time.Second), + ) + if err != nil { + return nil, fmt.Errorf("failed to create validator: %w", err) + } + + return jwtValidator, nil +} diff --git a/01-Authorization-RS256/internal/config/auth.go b/01-Authorization-RS256/internal/config/auth.go new file mode 100644 index 0000000..290eb54 --- /dev/null +++ b/01-Authorization-RS256/internal/config/auth.go @@ -0,0 +1,28 @@ +package config + +import ( + "fmt" + "os" +) + +type AuthConfig struct { + Domain string + Audience string +} + +func LoadAuthConfig() (*AuthConfig, error) { + domain := os.Getenv("AUTH0_DOMAIN") + if domain == "" { + return nil, fmt.Errorf("AUTH0_DOMAIN environment variable required") + } + + audience := os.Getenv("AUTH0_AUDIENCE") + if audience == "" { + return nil, fmt.Errorf("AUTH0_AUDIENCE environment variable required") + } + + return &AuthConfig{ + Domain: domain, + Audience: audience, + }, nil +} diff --git a/01-Authorization-RS256/internal/handlers/api.go b/01-Authorization-RS256/internal/handlers/api.go new file mode 100644 index 0000000..c757ae9 --- /dev/null +++ b/01-Authorization-RS256/internal/handlers/api.go @@ -0,0 +1,50 @@ +package handlers + +import ( + "encoding/json" + "net/http" + + "github.com/auth0-samples/auth0-golang-api-samples/01-Authorization-RS256/internal/auth" + jwtmiddleware "github.com/auth0/go-jwt-middleware/v3" + "github.com/auth0/go-jwt-middleware/v3/validator" +) + +func PublicHandler(w http.ResponseWriter, r *http.Request) { + response := map[string]string{ + "message": "Hello from a public endpoint! You don't need to be authenticated to see this.", + } + w.Header().Set("Content-Type", "application/json") + json.NewEncoder(w).Encode(response) +} + +func PrivateHandler(w http.ResponseWriter, r *http.Request) { + response := map[string]string{ + "message": "Hello from a private endpoint! You need to be authenticated to see this.", + } + w.Header().Set("Content-Type", "application/json") + json.NewEncoder(w).Encode(response) +} + +func ScopedHandler(w http.ResponseWriter, r *http.Request) { + claims, err := jwtmiddleware.GetClaims[*validator.ValidatedClaims](r.Context()) + if err != nil { + w.Header().Set("Content-Type", "application/json") + w.WriteHeader(http.StatusUnauthorized) + w.Write([]byte(`{"message":"Unauthorized."}`)) + return + } + + customClaims, ok := claims.CustomClaims.(*auth.CustomClaims) + if !ok || !customClaims.HasScope("read:messages") { + w.Header().Set("Content-Type", "application/json") + w.WriteHeader(http.StatusForbidden) + w.Write([]byte(`{"message":"Insufficient scope."}`)) + return + } + + response := map[string]string{ + "message": "Hello from a private endpoint! You need to be authenticated and have a scope of read:messages to see this.", + } + w.Header().Set("Content-Type", "application/json") + json.NewEncoder(w).Encode(response) +} diff --git a/01-Authorization-RS256/main.go b/01-Authorization-RS256/main.go deleted file mode 100644 index 587f010..0000000 --- a/01-Authorization-RS256/main.go +++ /dev/null @@ -1,23 +0,0 @@ -package main - -import ( - "log" - "net/http" - - "github.com/joho/godotenv" - - "01-Authorization-RS256/router" -) - -func main() { - if err := godotenv.Load(); err != nil { - log.Fatalf("Error loading the .env file: %v", err) - } - - rtr := router.New() - - log.Print("Server listening on http://localhost:3010") - if err := http.ListenAndServe("0.0.0.0:3010", rtr); err != nil { - log.Fatalf("There was an error with the http server: %v", err) - } -} diff --git a/01-Authorization-RS256/middleware/jwt.go b/01-Authorization-RS256/middleware/jwt.go deleted file mode 100644 index 6fd667d..0000000 --- a/01-Authorization-RS256/middleware/jwt.go +++ /dev/null @@ -1,81 +0,0 @@ -package middleware - -import ( - "context" - "log" - "net/http" - "net/url" - "os" - "strings" - "time" - - "github.com/auth0/go-jwt-middleware/v2" - "github.com/auth0/go-jwt-middleware/v2/jwks" - "github.com/auth0/go-jwt-middleware/v2/validator" -) - -// CustomClaims contains custom data we want from the token. -type CustomClaims struct { - Scope string `json:"scope"` -} - -// Validate does nothing for this example, but we need -// it to satisfy validator.CustomClaims interface. -func (c CustomClaims) Validate(ctx context.Context) error { - return nil -} - -// HasScope checks whether our claims have a specific scope. -func (c CustomClaims) HasScope(expectedScope string) bool { - result := strings.Split(c.Scope, " ") - for i := range result { - if result[i] == expectedScope { - return true - } - } - - return false -} - -// EnsureValidToken is a middleware that will check the validity of our JWT. -func EnsureValidToken() func(next http.Handler) http.Handler { - issuerURL, err := url.Parse("https://" + os.Getenv("AUTH0_DOMAIN") + "/") - if err != nil { - log.Fatalf("Failed to parse the issuer url: %v", err) - } - - provider := jwks.NewCachingProvider(issuerURL, 5*time.Minute) - - jwtValidator, err := validator.New( - provider.KeyFunc, - validator.RS256, - issuerURL.String(), - []string{os.Getenv("AUTH0_AUDIENCE")}, - validator.WithCustomClaims( - func() validator.CustomClaims { - return &CustomClaims{} - }, - ), - validator.WithAllowedClockSkew(time.Minute), - ) - if err != nil { - log.Fatalf("Failed to set up the jwt validator") - } - - errorHandler := func(w http.ResponseWriter, r *http.Request, err error) { - log.Printf("Encountered error while validating JWT: %v", err) - - w.Header().Set("Content-Type", "application/json") - w.WriteHeader(http.StatusUnauthorized) - w.Write([]byte(`{"message":"Failed to validate JWT."}`)) - } - - middleware := jwtmiddleware.New( - jwtValidator.ValidateToken, - jwtmiddleware.WithErrorHandler(errorHandler), - ) - - return func(next http.Handler) http.Handler { - return middleware.CheckJWT(next) - } -} diff --git a/01-Authorization-RS256/router/router.go b/01-Authorization-RS256/router/router.go deleted file mode 100644 index cbbc356..0000000 --- a/01-Authorization-RS256/router/router.go +++ /dev/null @@ -1,63 +0,0 @@ -package router - -import ( - "net/http" - - "github.com/auth0/go-jwt-middleware/v2" - "github.com/auth0/go-jwt-middleware/v2/validator" - - "01-Authorization-RS256/middleware" -) - -// New sets up our routes and returns a *http.ServeMux. -func New() *http.ServeMux { - router := http.NewServeMux() - - // This route is always accessible. - router.Handle("/api/public", http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - w.Header().Set("Content-Type", "application/json") - w.WriteHeader(http.StatusOK) - w.Write([]byte(`{"message":"Hello from a public endpoint! You don't need to be authenticated to see this."}`)) - })) - - // This route is only accessible if the user has a valid access_token. - router.Handle("/api/private", middleware.EnsureValidToken()( - http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - // CORS Headers. - w.Header().Set("Access-Control-Allow-Credentials", "true") - w.Header().Set("Access-Control-Allow-Origin", "http://localhost:3000") - w.Header().Set("Access-Control-Allow-Headers", "Authorization") - - w.Header().Set("Content-Type", "application/json") - w.WriteHeader(http.StatusOK) - w.Write([]byte(`{"message":"Hello from a private endpoint! You need to be authenticated to see this."}`)) - }), - )) - - // This route is only accessible if the user has a - // valid access_token with the read:messages scope. - router.Handle("/api/private-scoped", middleware.EnsureValidToken()( - http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - // CORS Headers. - w.Header().Set("Access-Control-Allow-Credentials", "true") - w.Header().Set("Access-Control-Allow-Origin", "http://localhost:3000") - w.Header().Set("Access-Control-Allow-Headers", "Authorization") - - w.Header().Set("Content-Type", "application/json") - - token := r.Context().Value(jwtmiddleware.ContextKey{}).(*validator.ValidatedClaims) - - claims := token.CustomClaims.(*middleware.CustomClaims) - if !claims.HasScope("read:messages") { - w.WriteHeader(http.StatusForbidden) - w.Write([]byte(`{"message":"Insufficient scope."}`)) - return - } - - w.WriteHeader(http.StatusOK) - w.Write([]byte(`{"message":"Hello from a private endpoint! You need to be authenticated to see this."}`)) - }), - )) - - return router -} diff --git a/LICENSE b/LICENSE index 86bcdb8..71d9d2c 100644 --- a/LICENSE +++ b/LICENSE @@ -1,6 +1,6 @@ MIT License -Copyright (c) 2017 Auth0 Samples +Copyright (c) 2026 Auth0 Samples Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/assets/enable-rbac-settings.png b/assets/enable-rbac-settings.png new file mode 100644 index 0000000000000000000000000000000000000000..a5d5903e6c8f6595fbb0471a5c95a08ebd45a4c9 GIT binary patch literal 112352 zcmeFZbyQSc`vy#RNh=5#NVfUPx0Far4BeqL3?(%*j5G{g z-@)hcd5rg4?{9s7e(PnenK?7(?6dd2_Z`=L-TM%ttSC*0cMT5(1%*&nMoJY01$z($ z1z{vrRFJ^ZUz_Rc0t@(A}&-T6HpiJ=qlYJ7cN*oGkGVJ&8!fv7Vt|Q+h-6 zIzvM7u=}xk{h;mwX#!<=L~;dw`xlxp($EDolt|{6uoq4eoUPcXjfohl+H@#VEDJq3 zOR~`({H;Q~)C{dp*h8{62 zHz%OpX*FHAUsCHU`sgz;&hs&nITu+)DUSvv<7z<}1o~=lOvtW>Bgv|S9^+f=_WhHj zNQLmLaR-m8Uv(jtQ@720c$oJZSU%0)XZ3k3tk$|Z+ChuYJ5PEe`vGkvm*Pu*E%Z4Y zu$zrmgOZ%Y9RZU@>Fk#(OD3o#k8k7dYa&du5TDZGd@qu#b|8}_Wbq~jQeyRQW3N)Z z|46Z~)wmf(zZBpac01`1_4*rcy+d)%2P)!etnNwdZ(BP)dgv)7EYoLP3!9L2et&%C z=%=Ds{8r$(pkfNWF!wz%Vot?qQG?q(VWDbmA+Z+Qk{RmTGhPycGXW@#Xn13TjZY&n zTMP8}^ta@O$uJJZv3UJ)1d)8`w@6PsZ*NiK<29y|g!p?qB>5Q@;Vej=uaand3BkTU zJb;>caKQ59Qxn-sX9?=hkkL?4#xF(~xHCLYTQ6R|Bu+$GibPNRbOGN*Uvm#akKgir z#KV0nOms$;;5HVC+n%yt(>F79^}2V%Lr$b}j_#nK67tpLc%o zPeSr?&}&hqX09K;V!**ozd;~H&m+Np#jEwI@hwpq2Ga0W23Z-_w-6Z;OkT41h<6NZ zZ=9autG-^7B)Y})249B8i3aTNa&3}G}y#1SOErZCOYV$=xZZ$9y+ zu zs9M=Kw?$bZ)TMN!#~%tQRzLX0;KPvjM&Wbs0)rE;_5;q_v2WeqM!YGCOnob+c9$iF zTuJWsLz#F*?MGi9S!L?IcTpBqEB`Q}ZvTvyKTIe>=TSjcO8RtGy^5L|pW3c+mB>Z_r_QzvW%F1bUA67-?O(yzJ!nQ#n5U zMwWulw(h>T=6sj+?zg*zmbIB`D={uaJ~!+94dlec8>BV|Gc9$jocNCtO8MFD5?fCX ztqqu1z8(x6>KxX2U#_+qFv4g1wj$astwPxgvahkOHXcDu-ICN~hC{u3b%NT0`nr(R zb?fUXiZO~Iy>`hO$#(j-`czXGQ&!a!)zYpL@zk);FQ!Y}u{;NS_S|BGeAn8q-nmxc zp|xJj)-t_HIJyfXLr|=)57ZPM$fjn|e@HE8c+g;Qk%DSxWI?um%H5|XjY?zvW4!JX@=3Q+yS8swMY8xk4?qq+2@DbJ6;JZP~Q=~ zV-hudr$Zs7)J2F%V;$Xj{{?|LOX(z;?wBm#mk3 z-GVNiZCYuXZdy0r^@j3Rlyo6A*lt09Ni&Bw$5zq(kyQlV^(TTK9fzzfge@S>fxG1c zWdjl!%dhOH&pO+tA1-_vSd3w7am` z!tss|n-BeQ{0Z(^#R+I}%;}S0jUd-q@~PQ*@G0CGR8?BZgjVc7<3Hy=BEH^u*tpYp zB4I9ZRf1n)s;RJvFF@%9$%Ezx8ZRanu5M%0J~MFt;I)$94>SH|Tw=UvOx&{GY&QGa zbf6^NRP%Kmjq%kRAs-?z-qe16^5)=uenz&`^^iM{q#tTZiG^IH;Nx4;W54C5y4E}9 z?s)FlHMh|^(aJWLNVbB@f;)`6Nrq0Ud8Z|AEhQ&p!2JNpYM+mQLu zSDP}93M_I}JWZa>Ww=y#u08IK_i!QgA@v)Cs6TjS@~wA>>r}>rOt|q?l!|C_Y?{g5-2sT)%nTJJw=SnxShrMTw)VXbOPE-4acH*aL3u*Js&l^3m z-Cv{Rdlh;>>;o}R&Q3edriS*7Ql!8FqLKcLGVt{r zQ`>Xz)YH&YVl}dCy0~n91>OR)>M3L!ER_<2;*=LX^+w!)2+U=vHlEnr(cCuvb+=;T zlt_nnZ@~TQ&d--MdNO*uQVw*})n+@Jp}SosR4c;Sq7QkQcUTslsmv~ zdcW~dS)CgQ8|66HU}rxsZ_UjtTj(NfdTZ!Mx99w|uTCBoTfyn9Tj6-$vFhp3Yl?cd zj~dSk*tL!2b&-5;a!A+ z09)oVxbS`M&=URHm&RJ)sx9kRq*bZMZUIM=?l;x~R(U8XbjjZ56Nm9cmEl-}y1l@d z!KbrTqA%h5ALBm4hBtSlMHe5J0p(yjr*r{yHtZ|uAzXR6?A<+(pL z2eB#rH2Ag$a<1fbJ2o6s$x=x!H9@4ncj+`gm+!;w&hB=fuz`%B_Xg{++G^h(m#qQa zY1d{^%!cFC^`fUmo`ziDj0^J)-B@T3NCk8NU#veltv`Hz9{e$4En-=e(bw}B{Eccb z_ES-XAx%S|Pt8Q)#01-7*P%}X8nv>W?I5a09Xg5*DGEWQeP+1kI`IjC%DUAF$)S=~ zdGH$F;j$|J1tOzn2HvB9vTujpi1!VqhVt?~D#i-0HCIqT zVFiwHP%u!hpsK84UmFA!0N2tsw=-+=wLqQ3)Lc#d^8b#pq@-Gs2UAFn_6a8%v z3O4YK6nJ^0q5ZfTdoT_C$1$2Oa1KR6O;T1C_*64>GBdMtwzPLq%<8y2f$Jcn?Tms# z$$0rfl~ujH1>AqsN?prEOX0DQsl6?y@l$&fGfod%hs(=RL_CCmLt8T!V+Idf8#`wq z575o;R|o;emp^meWcYrGi#6z`mVz>aq`i|F!#z%JPVSqccnk~-B2G`ug;b>;{oNe+ z2D)kK;^H90#pUkq&gss_Y42pg#dH7ueJ*ZZE?!;^;0g|Bu$_ys2Zx>Wt-o&a<33Vm z&ZbUQ4lY*qb_|#IH8!z#bphSHdD+oFe}9eB%){#6p6s0eo)$1cuFErAJe=HI|J)mB zDsuU&kg}DBnT@uTl`SAMpbyb|e1an1um9uBzdiocQtRKAyxiQpKR5m9)bCB7IGZ_1 z+S>wsx`_U}UVk_K`Q+aXMYt}f{*x&FlJoap0YQu6iE#b1Xrg#^uU5{1b)>bDQc?## z0WG`yLlpzwnE(2`JYI}LiN0Qef+CJ0D9g%@3t||I&R|7YEf`&Di_cW>S|8Q$oOoGga&Xx^Dw*Nj5bzEwhqPLFK|8>A= zjUULlBSl$>YlI8_`xulNjTq|W+7bVUiDjrZiXVRvS=%W4?_&^;_J<%@ujc$8CiY4W z6%g)DaSiPMFoypL7ZB3_gnOyi|I^${r}00xaOuDQ=NA6Ix`h@AqZIH`NaE3?b01-F zk1Gv@vN$Rx`Ty%1H4hNp5@|cXL@@=M#b{^G>cMi9h$BGzS{}#&=@z!4+Cc|{Y425C z_%%u`BS_G0mI%G?;q2D9brF9ObRaQ|{gaFgcKp%jgH68+uZ)KY^#bPIamCY~tAQ+P z*)JGlv~Jd(AFs~BFV5X7ms7l&r`+M!v3R$-j_*x-%s2Wf#Btvc+3n_=eIreWt7!l> zt2~(YO0+w1h@ZVheEzsOj4(EVQds=(!f3=`7Q#+bw z&C4I0hfdl1olF>&O%ZZ>*Jc(Cr-ng1>^ln&NkUbX=y9`Z!6D zXRWkP)VL3Hke`pU)r`;eV$*wBc(x3txax|k@^#xH5nQ`fAokWO%c3v+JlTEW|zDfPA^jH!MZ9RmUnnqAE z871xhXS46r6mboYIyKQS8QX>w89*HJGbi)(7ao;|b78Q|?1(bji)FEkt4oRY^>n** z9y5^H)7`#Jo`SDo<)a3|NzT3ZqdE9PyTs0rFi1dV7-#i|Lyd_d=vVW^740WuQ5G_0 zSOJKJqaOR6FX%f-GxwII<)mpHrEG4b8c@;eCZ}qE$iwS_)8X3vLJPL`Ub=`Xb-m!C ze+@P$LYxgUIyX%%!xf4=bIpSw%d*LoM0n0eM2{Zlwdvh zaqd>bRY7_k+0!ktgGp!I!WHpFOSH2)zsurLDFEm0NHUTbtLB%nWJDD&j%alwW4%#0>@`^5XMB(*= zyIfhjIBU0>A$Xn0t!Q6?fzDHO`a|&u?@j~nov2iT)WcRL&)SEWcE0!^WWOXRo64}? z=fv=QC)N|w+E+~l?4QzSX{OY+N}-{3W3BFBx}@fyOoSq^;bdwvJ64qSw=9AC8wNq9 z!2N|baUr9!3eG!daF;il1jmJ?y+X6+C!3o*UUV`I^WnnHcM@#|=g*JK zY~*g*uZO@B6yWmn8@(3 znd)1#evVQqT@0}5hr(<<6W_KcJ?3AV5*uTTB8XDG6I{1_r(8#epHFJ)yFM9nXd#?` zmd9$JV{399`KVn;HbU&&W6bAZ3Y~&CG-T#nMfy6$KHTr(kh0+hd^_B|)i@_~_gLo- zZ_5B=Ltj+v_#;z39nD~iQP=O67iGmlC<#xy)GqC*8;nd^`Nryel+151k3r7n8h zX1-pxXAgb5c{*At2>>&(U41M>Zxu;?}z9|K1rXr%t@Z4$598|~Y#eS{7 zM+i2q5KQmuF=Hs#(=MlHU$@s>M zXJ_`ZevJTLW+^+WC96u*J-GKSoy3w`xP|ESeUQHjq>@!dLXc4ZVV_>`bvG^082p3D zy`ycKP`r`bo*G^!6L31MY}Rd>NVszDgL|gUYLLc%gTi0R+-M0TtJ4b~pfoZ$3?V!P zYWQ|K_-n;2M4*vDI|d&BSiIzDRJ-E>mxgF$NTDj@&5(KLFuX<)o2rXip-X=7?oo&a zKE}3MH4v{_g2hf}k)LL7>0jTdn6PuC!&_frjoj{-}8g{*<<9s9YEm z?9wOu%-uI;R!||HH!$Z$ADiNbvoG)*<+sfWgWvcwIG~ff$|!QyWOxhILTSkxVpkKB z14@Aa%$uOBdzB|~4m%aLKZ=)XC0 zi)>nQqxG=wfHhf&*CW;#-!)VEusW$LpA|zG4!>HYUjOh|H@Xr#lYd7Te$*Rp4*r&# zV*=ehO_@o#uVe;s@%$jPQ91t&B+nyOkXR*_?X|;{>do7CQ`DX@QqdvRRwf#I=kcMB zb>5!u~1vV11od$yYZ^W3i{bu7h_^E{63U9I!G7U9C)_ZH0E_ z+5W`*?i_uEJ@73gN=bOVYzv6pC4ya#ixBOiQ}Zxekp`a74xjA6q~F|DS|iT)HBYOc zkzuN-RlZGOxtNELXGl&H(hbaoTp}nh3v&eXT?<2N!*NzaNxTa9Q z+EF`A1bIb&=glm1vEu;;U&?n%FdEQc-J;usEtSO$9HqP{^OGs&hEot8ocVQwFx;W{j2c5!K3>_6cdGRxerI8*-YVn zFnbnk7p~Z&leyfW5^DMq>M63EU|lGP9FF5LMe9{J@i;$PmWRHkYhST?h4=9`E2>(2 zv@1PePWAQHo;ejg@#HWP-}u15P`>=pT$Ijf7AO(PTiQ;0r#-u}?rC^G$&w_xfBSSrT8uS0P~%h`Mcb}wQ4X#|#*&!`jDiMhu;Voi6}|%$KqX~b zi}OIwG`dLj^0ZvNet{pehFoFje>PJ-P?#+)1iEmz@SA@v5JZ2z6%3IJ3*)HJvPrIQ z!lD@}O_RP8kjLV<`KWDzJnejH)0fKkbe{x-otDh z!$%1KU|CFA`P9W}T^WYqi2Gof1#>X|kx@LHn5+KK#D~&1)j>&NQ}H%y9x1a@2psS6 ze9B&m*9NZeX03BAw&Lb)oaP#6=kqOe$!l5fuz{uwK7b;vT*$SRx}T725hMwHyT8RwGU zV+{iN_2$-ak#BkZsX+bq>#^%@J`dJq>11-OThNIF z8T^F%edsauU2>$M!7M(ziEskLn=)ySe;@GLl$V47=vK75DO%P!9mYaA?64!jEx}6DhIP;vx<1vbm zQW@!uF-3;dR$ti8^Sz}IwC38t10b>HRilcoOKwOO7g}YA>n-sHIEdXRK_<#4jp)P# z%c*|85n$@wq(Tw3n_PHPp;Pis8^sN|Ip|AV_?c?{(9@l+j&2*AJ8p30T8?+xV*tq?;*@BH?jB>nbbb`x=e&Xnodnuo&~c|`y{cbNltu(o z1KWqgZjj)FPPCQ)g(o5*dH&P4k9qr*@EpMS*Kcm0Ktk)l<3PHMUKjahtf-dMK{U1R zUl95CBB$v!ihEYc`#fWVxS+vbSswsNPm%O2Cg$z3wKUybkwpm7+jH0%&k5)A@)VXv zkNj-srRzJMz(8}5D&l355%lTybi6J+ zOW$b(@?~9n34?oujDc~vPmc16>aVd8_ET7DzrQJM;Gjb(V=?)#U6(1@ZQQCPT0z@D zoqRUwec~4l{QF%yjtM`i6Wn^3I)t^^XV&C0%f6xhn=mD@Wb-1irRb-*TGcH?!b5Ot zWl$rxdO#*z6}cyOyWF|ied0thfs0G zdE6bX$1X5whLSkIF_(&>wUy17>D4~^o>q+cU7XFcm)WJwg)l|PD@n9^ zVZoxvbir_sgh%)XLm=;jdvOsixQh6AXs6`jPqO5#IkqA`R>A6gc~mT8@un>UmGCzn zg_PV>%R_$JZWCsVJn!b~Yqh(X7cc;Jk5tD>Qx%sh<7C&=I<+y|hS3`Cg zMlv0V0io2^D*4rYxAqUO@Q{M6%9k4sw$(?;D@ShC#;Zdw$M z_a?w)K|(Rxq*nb{B_c()LzG$_m&10ILlQcNZu?@-#gS5Is%3qnv8zn)P*${}qyN)t zbO5U(Gk595OJk&n>ZOCY=sH-LE) z_lL5pSh}nhK)(};^$O{-B@-UgpLH|064Jn|TJ!u?0FK7BNOsj24I4Mq3Fs$0Q)Xgi zw<#NVRKkB`o@lErDIWU`3wQY{W-7FKMBxBr}+qMs4Xb8YTTF^dtRtQ9Qt7w2F)T5OPF%rr3 zxQGQJnE+wNUA0H$xR&ss#WEt8*_pqC2))mR;9B zrVe9V%^_*yVj3Wz-ns3jxa%t#kS{C*inI9P)iA%4&CQ>=v-#l7QD^l%r7q&dTXm@Y zpOWyfM3h2O(5c;p=`WHB`)JC|mAYa;gM-gq7jo6m5M~`*@ZOAYAy#jIXL=nK3UT2? zdBvAXis`X1%6x?+hZj9pE3)%0-Y#e5OaL9KS9VUTGIp6x&Ym!)*Aor|?DSt^=hlUY=pwLD+#Gm?8P<%KFE#EU;ej zez2F!2BR!8R4NSd4iLF|BnaTh=WT58QFk;*k9HH&q5-sV03g12UrCjwxX||7)v6YW zovOkeQFKsM@s!TtT&DbYT+yDF@GvKq1EiXs*m$9)1fp18j+@q7HTP5HU{-p+WBVj) zO;GY6wZycey%U|iukM(qgOunA!HJ%vjY*#aV7>QldrD86IPpLOr@q$-2;_)zKeBL z3YnbPLiK^&Ug6DG4dtCX8(n4QfF_z+q>gElavWZDu8kW9r2t&3QXG(mnBD^lCQcEJ zexlvv90O5)j>)yXy6L5a7O6gNJ{7g994C$2RxvA-7nk&E(rdi2P0!Jq1dh3re`^|l z9leqP0Gk4lHBTgwmZM&?$*Qdm1ok$awH!#X>D#4q0{L_Ext}u#a}=r-gL=o>Q$O(> zteksyzGLBu1(?ku$L>~*(#%N2%yZ)KK!q}sH2F<))NzenySwxSLY7k!?}v8**Q}9x z7L#aS2yHhaXpT}6tvWX-WpWApEV^KI8)Fc`yR(!aFIS)*cj#kFdkka@AWl_w8HJ-v zX`PaOLgs=9W{gGn;r2XiV*5>uB6;uNM1br+AwmId9m}B0=J=Y7Qp>*bjl&*$UuVSO zQtDB+Me~hdT2f8J+6y+ULELV7w=rWrTh?8kB=Y&pD9gnpc!VbA;MH*i{l%fQ2P|=# zJec6-%wy=5S%}yE8gW`TN(ohKsWAN0hEF^*fS0YL&> zD0Xo!gZF0L!M+xSX$oK8%`kS-9IDL=z|)ztT9+uaOtV z6z8%$Vp?SM^pX3)>Bi%blnNq|t;WN*wq0IRa=Qx=1cq&!WiCn$8`Z1rc1JLgDiCaC zcCD36i2#4&U!me$o1K&Ld=2Qh$*V!zl`%=N8HVrgZ2yBcOJ)WVVxx0 znFNsXE$>m?i8>8*MCHKQG*DZ*#>ZKK@p*J45rFAv0fl2$t_rB?a$-Ocs|AR~l!k*3 zo->%01WF|cfCj7m?aF1#uH}?FOnW}}c~1ep#`Wd_TRwY^k-0(v-}UneC5t z4oiX3Vp}@8sxkdCSM+;5jYFkZiUab5uFM3ltcK zN;&BIYL}VJo8O%n`O+}rvtq0P$@SiJQJgQ?e1bc1L>Z8Nc2LgkMXQUXuexu{%NkxB zkIpw7zTXdqTM$TBe7TdDDO<7($+On4gKN^5gv^&;W_9pLE3EMO5ncQ1eIa*yr2jzI ziQ=J&G%`hkI|W#S+DV1DR^Vh(4s7OkEZJ^A=%vkJV0E2P91Y4P38_W+M)1_C&5m5= zM_ai{J|8Q`;|-Sev3ATIA3J9I0O6RBd^!^e&|mi}US1MzuuQrLn-;5_)s z>+tIZckKY4LyIR(i{z2S(9v>g>ZdSF1(#sM=<)al?X=pjCr9`0;%CAFQe#e8cnlU5 zh1Z8N-eYa5fal+bapK9dmq;bJ0>o8&5?4|wIq79dYklBacD>O$t|a;66p{Oiypbtg z|D?H(!T@f=)-^TP`*WR|oDX3pY%s}d9NEIXm`ImfD<9@?{^lCyAieKO`c}!t`YjLL z80wrvp1NI>ySw~&nY*GKO}Qx5KuvMy6Yqe}DJnK?f5t&!XM7FZl0QC|M6@5_F2T?OC^>Q;3fhy*FvX20ZWmc) zH4Cn?49F$mp_TRb>Q2BO1fe|)SjycK>FTHO;W<=rNcI;A(Kxi>D&X6>dznTx?p)ID zOt3&veWg!uu!*S7dL|x$OPC^r>?kJ7ZONXJ*?!-*{u}@jtQ`G>cM6nM-##XczIUQbwo>dwt@O?Q#W+#o zH4sgkW8p}^N?#&SL*aA?C;@Dy70klnJUwz-BThkf;0;Vv!vv01FC@y5|8zQ z#E_~Ftq-CUg>vtHo??$wq{Aq_>X%G8IjNh|YLD*g<+E;W7{)OSLu%0L5@trxgY*XG zlBE_+_V>0s=p%{}uPb@3c? zP%$rjd5&PAM_VXUmF4JwxzHh&l1c{Yf$as}PF;O0w70aBx{gFjHp#!Kq)B&Kw6n3_ zX{S9sT^2J;qScjE!-=D+RoQyj7#oVAmi;(He}S*pNbc2*&yF1O7>Ni{F-E+0OA4tp zpf+~ymZ0Zn;|eV6j``-Ork2;+)F|@s0$}gR(Zu%sDS1^7Sya6Ysa0w`dFX^)jiByj zz6NkmitLs0M@A3W+^au41*vn&>ObKnrXc^&I3OpV_%0{nho|>PJL3}1Gt&|0DsDvE zo{lSNKY9CMOU_JT1KWyG0dx3VMjaz7_BJaWSz5!%MonF;4Oxtr=f;;@0>vUjTKeb9 zwl{@pexQNB1l;(N>atiza#^g4#wY-*rNunRxZK>}))lKUJRvSrkc-<5oAQvus6x>3 zWId9A-&H!7VS8g;Sd}dr60>v(g3eq$n|+hPOYuB73EBLfneq?OD%ElnZSU&B4sa}C z`d)PTc4Z_IKKl??%_n!#93nL+!BmT8;7=k`3$WK_Pr^KPpfF)^p=lO+R)IAjCqkH= zl?)#xVs<9h85$a|<5K2^oqQA*+Er5tusc-CdL=@f0&_~0qbk#QMlO>>gI9((f^hp4gqNFap;MH0wcG8Ufnj{Tf*HmP$=)kODUR2!x)~v|VimPJq8vWaH(jrO;i&;&L58D!_>*Cw|F+Xw+z+2xX476}SIsC6 zPdV2=6t9O>s-F*yf>_4I`U0Wk=NY$AlK5Y?N{e68aZXe@tlZBqELjwxN0(fP&9D-5 zLkYB}jyT^0D%P_|m{L)L`OnuSpX(#2C@BE^ydx zqYBoxNai=+{d_Cp#jS9`n|k2I=vkmt76NOJpr;3zJmSF1y4EWi0Zzq?#p7$%`B#8l zTm!MgHTl1q>TkJ;KiYLBU~9uXQ3y?D;|xBn=Sq5(ei@m1PM5n*!7^etm=5n`18P_a zfb-oiqW^A)`H%Ymjihj>W$3R242q56=J;cWnS1c;~31A;%B7e zalGHr90e62H}IK__U)Zo`(62z#UUer4M6P{lYaFlY54ue-m`?+FG5y1MORkoIw?f= zp(iaFe#y_+_R>Xg3Uz-o5Qqx95rYpoy|=sm&u4^mjRxK2ZR{JEZZ;BH~Nf8ec~NbFwJXH<6ut}#|hs&>Cty&-*by~_5J0_ z@8*^!0PL*x%2?w4bxJ6>?8V9U2$eS^!`5w1$bR*b* zY4Tmr;&1@C9Q5>M{o(*2zGT2gBo^bHn67j z(naw)`!WB)xd5#J2Vwut{MSufNCP7&jDgkd9f3~CWyINAfADDLhJf63pBZ8H^0hyM z2?TQK^+`T1{i+gWH@MeooFh1`n3|EfO2Jnn9usqcK(}i5=kip{ zDoRR&?=!u^pQnr$=oU76K;1AIU|iu?+Hr7BC0PVIfrrK4U0?FKL(23!@slPlcDYc} zk4t}red82y)&ob)cqc`$4U=RZztDuy@zflx<5$wD_!0WPz6AM06c zbKA{=O;GCCf~K#_7U6t=JGQ&d1_r0tT7!D?f6?;q{g>SY0xt#QvdS+`6-&nG$Y+$u zS&2?eyo%VUV(QHD;8Dol>4ut6%W_Thoxb~y^Lufc%yvEMnwYPOfJ zXcKmYwJbHmGFCXN4Shi3({9=qnA>n@;gLQP z=;fDL^-RBB>8o8Ex1C8kurZkX?1!?SmFVpL9(;gFd;|1!m0a|<`6wB69|BLKOWvcc zrPv=$cqW0|2%iL#rX(Ieu3XN64t0oa77cTUAM*+qU0aIh^?Md$V4ZAW|9;w(ADZm( z!~;AY2FgBq@aMEv!T<+Szf$!p!0DHVw876}xE-h3ysD5S95Dea<{pzoJvyR&> zI!bFitYkMh{Xi1rPLSdbeYku?WB)?9-peO$KxwKu3KCCPLR}-zrXRkef#|`c>J4qQZT2v;L@|z*P zAd1lUf~VOuweH2>L_s~ATa1p;8!j|GkO{fZKYvs}9xXUD*i2L9YtA ze{}DHBJq#38}C0q!^f?TX4)P>$VUHZR=J@5Y%hCcWxJ%pqd@*3x1pX-1iUM`zC0Yv zNU3Ezz-^YeSfi6Qx|5!Bu<_CpG&-SJ%UUb4-ga!A`s-?Z7hfF(;D~hZ$NmabJZ}^? zevE2Tmcv&y|yO@c4&`A&!J#``6u?hgmlo+AridQPSQ zeiS4E?rM?zWLv2Irx;@{#po(BMe~ao9sbciVQ;n?fujCvXRmdX&vJF?iPZeS9g#K{ z?`$=3>~+jk3-~>4!bO2{ddIn&U*!eVo$yOVmFmwo`)*>?+JIF_k8Hcx{~YYnS}1~a=u7x`tJ3l3Q{00X)1F%s%}HeKuIF}HBP%v6sIKo<%Kh9^ zz>;y>pOH7do;!wh)5O5t3&zU5Y@!V!(%nH|1mfx}J(D5m_QaChFN%CAN~5QMiqmU% z!0LYX77!vTt+Ud^K<$q1ky%~s36Z%aeZT4yckDrX(0S*Uj%^Y$U8Z!nUD|N5__Zg- z;I0OusNqzn5;4{lWCGL6`6JVL#SI|sTWkK+!aq-_|0|j`-ClU_bYqz-2o0e>RSjc3 zTQUv0r(8FFC9#cXaGo2%I8_7p7@~*K{ZY*U969o`)?b9sQ~pIOEDengu?DT1kfV~7 z;Fr4IMH6VqHgn{^D1cETMv&6z zMv3VG-BfkM_A$+D1zF*>!NMs`QI{4ShB~&F)22yC9p$OQDeSc}e$!tX10MNNGN7a? z?w_ZOe?CJk2Z7R^R&X!BaFndV?HScy9jWtrfxN&Rw3cwGc57J8r)dTvoOMbEN;eM> z(wcSmwe#}$Jvrj0Z$%ndN1qS!@imJn)_bCi*u?xS*zaTz_c#DBA}Vfeod5h-LSrNz zJ9IR`cslD20pi|WeK1~TM~4o39i=$&6a;y~S;Z&f+I35zl=|h>>9TJ(jYA4zH?PVR z6}+UIw)Sg5dZiM%r#jDz=Z}m0sY~xJb;%5Sa_Y%Xkra|np>;ZCk4rYH?`%FdEfr45YGlsL0)eYih)c5na4L6ObqAjAu|)RTlrMwBkeU{?r00%v{Vu8JBa+jU=JW#6ed0nbSshdH zjFTr}6D3%GL0OygtU zu4(H)NBlk*g*a1OZ{y0g;d=T$e3w`eA8-+8jro&$Ki~NKA{h-`E}Cob4qmS2f_!D0L=@r}nuaI#@;BfKtu#EaK%~P$zi@z}mTt)6x zlsD5skQ)r1b!MKL0-F~?%bSo91bVz>VEvkbbt{9AesxaFO0KRumQ2pWV-CX$d5^t7 zO)Mw1?mw6H(VI&vbSa*C^0O7L(Eb}LES`tzs^Vw5yKnSL-cuBcszF2W(Rp!BI!|-V zmd6@!a87X*StL5|7kAs`1v!!}AHgeE%I&7CLQ>EWcOUz$Rbw}wHPq!9j#%CK!yeO6 zfYk*N{~SHUAvZ{<`Fw4(jv@(zje2bJKS}4gw96K8Ok9`RyvBF-dh7HI)?7z5J-ylF z60jn_QLGy0wY{xhFo2sfs*~xCIbb~@0pFM^7_b*ceB9b8qna4wvH02g{&tMl0NiB1 zHed70pc?&gACEuHEnYG2BG5Vqp2sSei-=e(7{vY1pk*EJdttvpRHnQcA%%}@gX(a; z%3}1S6YtZ_7}bzs2N3858Qpo8--&7YQu@!<_*V}@fD;{M`Hf&BsBhdkDZIXvBI3KH zIr;6H6{NTJbQXN}W@8FgHr_f4e<`ufWaklC<&{jSXI)afk}V$`84+xNpLStygVY%T zrfKLg^VMNld-T9lpY!+XJ}`>^_^dTI4w^HEkfE0Gg)0EC>+~MFlY_AOzq}WYQ#jPQ|Ex-XMUylNK&=ay???Qi@ZA1r`1wLC>{VxS=#@dD<_c*^cM#0htJ}C`=Vy6#;Lzyj2h;?Ha;JhFKQ<=KHa_l%(Rv4Zfedw ztmE1)b`oM!AX z<#l5*VKy0kPM-UDAH9T3$?gRRk&VDh8a4eU)p^u#!c!q0QA!@L(olpsP?S8L98CO+ z8h@W`Nv-MptMYp?_761m_CwBw|NSDbGLg*$lIMt$5Ko*wF+q;W zi;0>Rd}5HU;W*QOn3*_`5!1`)@BZwcQ8AAhxUHhHn%^gKz=CP9EC)6kJt7VTIR>@$ zkJY>$E7hb%+Yl%WtU4mcPmWfp^@)iM&r`RyC@wg(M`Zs)Cykd;Kv38Dw@%o<2fQsT zwdPh=s!eBuvjhqEcc*?$I~$W;7(?-t%OAvspy_Oi23}v!GTDNFkG8%^+mw|}WV|@4fjUU5;aM={rk~rZtrVCPEEQmgomg@5jS+K47 zfnrjs9WDu|rPPQ(CVL;j+T&)nz$%|#iHg5ENxAH#)J@^nP8x9f<$R_YnK0T_=>;59 zxXsT?jKixsUR*+5uA~2ly{~YKy4%_Y1WBbskS=MElomuf1nF*&mhKz@k?sa5k?saT zLILTJ98yZU8RFaXoO9myd7g9L_xt{U@4DvFf#Emvo4wawd#$za`(6#1vP4o9s6Td; zErxdgR!qyrf2naxS=;}{g{xuAZ!b#yY zme6t;mHLXw(TW4tMmPX$AD3>o$hF86fDY)wlV`;R^zXWZ5lL(aoVP=_Uk)o2?|>KN z+*P^%dfJwTIVg5_ZG5?&9L)`cL&~Z+iyJ54puI(a(SrQohYAn!&DkFA!tscIoOB)& zCp&DMz9}gqx_3%oby%@b+l9dr0+dBW;F=!GfIS<9!efUt^mKsL7{DAKUd!A8!V_V6 z^Y&*xXOh{OP}muE!6F=S&p9l790FL|0t%Ueb(-m8)58uG8ai55u~J0n^6X7!tT-Kq zy=0jCXS?)}4ua-ndJIUm@7avUuIKe(-+)E2vP}{;WZ*Gsc}<%v98aTVl?z$<2yWDu zwbGuSvK*FyAJ3qOfyv%zv8+hAA^Rl;{j2W+VhaY;cW#3&}MxUp(ZAS0!TkMd??kfYVn9s#m z%BV%_4ggOS3jrunv9=Q~{LN?>b9?d`7{|&nIhILhIH;j3x#M~r=(n8Zb7X6uP18fdH&&KUGxYCHV0Nec!F$fvX-Bio25qXZvvQ9iWHl&dkxi(P7LOFAI8W|JFXXyk)Q1@mH#4eY2JH;KsQ- z6#HHxZ3mDS==soocv=zK0tmQXh4kr|EhtQ03sc{>9(1HEl;eICyoGYA)2~_VCvz>9d`uF`{py z3cUXUVfZSOqYa?UiUjP3GCM=SM5)}ilycG7ICT}_DE6NKw7&8iE^&bbd178%@jT)I z-%l#I(o9vswI;yJyc)d`UZA7!{#_M&44@L&0RL|J$S&jTyN*!?Q5~}U05kK5?;Wo6 zW8970fE_rU*xVrVqSq06o6EBs9drRE4`zA?(^;CcB2z`kNLr~S8OE117@6gy|Md)T zLQKWE73HHNk8;Jc5%?}+8#S_=dLJb|zf7?7%CB2p4yDX8cn9FF`+++WEY@Jrd|*q{ z)HYAN`i-^v9Mik~9#OgaTT(;JiGmYg!}M_KupCF|2*XYHK{;!c_>qw-nd+T%GH}nlzy<2SaU^w@- z+SGSD)`4zN`WG?3uRZ|%_3&g~9Ghj!@UF~yZEXU~4U)ePf2`kOgkcCAL@}7cMSJ#k zYRKVxC!XD@yEDyqgbBLIu1nG^c>t;~EnV7;)96gW7HZI@I~ zh#tj8cS`}LeDp&ts!T!^1PRReMYo9g^c%8%^Ph&y00Ic)fwZ1z)ro+mzj04r=XTG% z0~0QRG-+EE;h=N!aQX%D`d3d_XxD;wv1UwAFF5>p*6{5WD~2m;0CzlH=fIpSuwwy(m5w zwxs*9;mx)t3%^~hufL|m$x$Sr%vL{s0#y>(_xk>mBO-Aj6l@*Dv!dn_5Y=|g{ZFph zVmKl;r`D^2F3W(~0aoZ-CBQ(3CL4G$En2=-FWgI5aQMeS|E`!GQhK)i)lvvxJ+e*L zll~kTe?h~u0(_<52dEStMvvVa`CGC#xJLp{7Hy%928EMIlxJ0w;#ZDmj&t5{#7&bf z3!>v&V^)=*Y2>fgyDw3ah3nF=vv)bbOdDTc99FgXdc|2KSn=LQI{47yj1+m_!hyzB z=0at?)*_2f{?M8NYL$^SDx>cZJSPP<39ePS-fJxU!AhAoB-=9;pznyke{NMrDnmJ6 zM(Sx}LnK4#=`GxP_D%e1gpy-Fcuwp-!1EUE+yPZ2sJMf1W|q#4{v>7KiBf|jOi&pV zxi`r18)W{RHopuMSEtJ4qCoG(vHfWlulNz!bhrJepXKlpkYQ$38@60%l{)R!MFCaT zFgoe0xxS=Y&U5!30M>EH!Fi{Vs*Xs3q=Z}{6WL41u=HZURwsI_Yza_C9^I;w$=8ZC zllZ`y8cA9v;Xi*I17arm&pyU14;p*58nId<9Y7~qt*)i=JpiHsw@G#7eT0TVZeS-f z9K6EzzmRN`65PqxwKyXbQ+*>fz*j)Dx{L4@dc^FRIxQNR_x6+m{ z8I&vp;lgoMUl7;``?h}E=3g^RHAh&GZ5}1>uKz4tl_^OCdPcDeZu2~JPJdDfu>00aY72DvO%-8dL<Rg;?K^3 z&PdrgP5?0!y4FWh<0G9vjIy)lm3A)iWg}&OOao6t{dSjvLv+Ij6;}ozwxm|J)v%dc zmzonq$+iT)oxFrXTZeCBC}Gh4b6fjyN~oc&Bv-*c#XDc4beYGD^@+P{LaF;T8WpRo z&^^DSN1sV)+sF;~5P|zy_E5};!^-~da@Xg!&eXt`<$mcS>~P*v)#&5z>!6(al%4|L ztK1mck9QuIayVl)e^lMQLBgo&H&p1H>p{tz5_sa)(GdYl9zrZXoIgG$|H1pIL$zf? zLeT#h*5x9y;ykt~8a_^Gp+JvSUeVgha~Wwol;AK<~Oh~GFt@`h_kN6A<I+q^!J?c~oP(i+KZM8lt^|(Y2Pv(l+Z2D!QNM8F ze8R{t%F&r*&j12#fjM?H2|?oO$C-eKwhZ9nB^{ZlD?%20!x?KIq%s&W7(l$!N--DT0sZ|9#S^yQ;V&YP@{3UhF546e z7fefpFxgJSgQCT=`i7nyNu4BV49*#Lq=%k5{x_#z;XGm=)#wfQ7P?BZK~Tu|22o;J zk<>I3>&P@FIxmZO#D5vnFsySD2v-T+uRS8fw_R^cB8)1y{HYuij_h;%B5=H+{j^Mr zq!9#)y>djM6kb-M^5YxobJ;|{2b|*%BK?ncmbqR?Tu1Cbm1gHJ`rNfN$i z$yBThMydgscqna}dQMWp#ACH9w0%}^4wJsOns_o}R3A`(Gng3@@co7Ueyo5$ky|xl zH38f6plPF3rnBONBKpVg)X?EYZ@~TZxIGZ07oDyRDqMHbUbJriy#6d2ou{I1O6Ra9 zfpz@t&EZca1fM1yghTuV)5P)5!q^J+@z~k-hOkBNfS)q?x^Mxf5Jt}cv^FVRldV_c zHxExATwQC-IT}k1A#1~@K4P_lyN$I#!va}zlf9v|OL^w4LY|RFB=1z1=_KAfJ3~2& z7+BnLy3NUi2E@r5ysOZ+b~hl0A%-(-1qO`#84GqzgbqHcA_uMuD|-J*J%|7*8G62_ zlb35($F&`RMrnGnjO|a-(yREK+Cr|aXKi}ZVS@SPynYK&k&DN!o&w?LvD(kl?G+bM zKhzweiJ>AssOt3Xt7=Bi^iflj_s6PVAU=&M?$S#OwYh(em%(k`**;%b0X4MF?CEp4 zS%r~GdfCZ5kK^G;6x%!u+~0UvEOu7o@$jT4d6*B@eVH7kIeR-_-#Emh?9f3respuw zb^|y?Vy&y>`(cC>K(VDiLcO;~p0(Q$r1?xg~V)0DN`7hG3e-)B8jmD@mq7F_zi z&NGb>-9X+2qFomW>hjSyhc}rTuU+??9y(%ol1xYL?W>BaN4JR($LU|$J8XzD-Ib}; z>;E1G3Lq1!Wu1){MTC4$E3W1X%soq+IY|3KTC$O*e!J?dTKY|5Uts=DHIQ3b&%F_~ zeJKc2ZlCx41}gOQT4|*v!lj?7DB;$AaC&rm|8uRvZE67$O~tgXLz`AH+Yd>p$ILA^ zK>AH7emlAhta{5Op=boJECI_$8kPbN%i{M#hv$fwyq>3-cZHxk9MCC#`h3_U{5SQy zz;^UCi2R4n^xm%pF|its6Kg;i#Iji9CQ;Mi*?41zb^EmwAWfsOlsB4~i*}TvV50>T zBw$c7x#Wyw`y)3NPbx2ymDw^8R-JQ7G&oW!=}YvG$lv&Z+&Xy$T%lxjvu4^Djxr?U60uWTwQ0)XU3u^X zpzXu+rx>HQgk)%*-DSk;$pd1G5PY=JV@$BC7%lN40RR{tc2gdW3 zy(Ya05}ZiHwOJMvcyr1nUrhpq_RE029~U_OZLq46vcZqy^?U3Pgw?WJuiJq-2J_1J zdHeYVH8Etjcquagz06MFU0rolBS~Kp(p#OlHKxo40vu=7CmDTF>$1o{R8=y?`3SY& zhaU&9%U@>12w-btm&rfltG%UBXUoP|fhW6t!;kuC*Pnxw^jmPi;v>rpF10T$+w;bc z@CcurfnBnkxUK_P-WoDw87E<*ihwpBhp>oXNX zbY!N+`N?2B;F+mfa;Y*CT0YxEYxK*+1clu=H@&@zp z0Lr#^jyD_LMx3f|sl?!&+McaJrX!J*%t5jER!I)l z$D4xWh6j`6z;cdygrBr&|7hR@aCW%$z>*N&jUBsP1o~iyX#?)ekYk@doYE!dK6ewp zNcQ_Y=vw1*vg%zzgcEA1kY$9UiMiDtcd`wO8F%bUd@I>=LildGa?U?~aa$yTF!%lT zNMzt#09w;3y^_{tS@^R>%6>d~zoIejz1Y^3^gb4{SmT*<#)aq_cZ$wh&4s$AK4I{! zx%TO_AJK52MY}Brp~;x1_!5b-*F)KJ8a>)i`SDQN_4*#yYJcBLd$Y^Hi$#V#M*wz@ z^%dCul((|M)xLQfzmFgPDW{Wb0DoGuTud(;J#Ia)+J&89KaZ3=_~hBXJXIS96#85D z@bS{(2k#f{dE+8zeOdeAFUx|Ri>^HlhahIt=`gyzT(HBnG%}e_)9f`|w0|2n(yP%n z9BrK()}NhHYO7cgg2)-|q1SzEeii?ZM5L8_Vs^PrqT|m&eDe%Kles zMtW{|8yrw#z2u0FN2^#flsY2~M=i{3asC!tGdu8f|F?RmxBHOmkdW5}&8t_nBqu`^ z+~(6t%v$3Ec;U_oyBqCcKI6Qp{eApUALoodu{_B?bU~w|R(B2loEV6QqP<2L8~;@& z7-gH*v0XLkqq?1o@TKx~vfI1gwr z*p3btxkw$wQw68n%PKdEF({+BM6XpfKscLG#KGM5n+w)^lrNrv*nOc(2q*%@=6Hy$ zfDk5X+q9nK`9X&|6F9TmLmVH_?sI!m8_|5C7LAvT-v_mN=7Sh&$3f(!Q`1UkmoSm z5BnCZk=&YH^zw}0S|t_|@C+th5W|Cou(R4q?XS8RB(R=sSaN@RUUuiRmn{gFk3J|X z4R|AUXB>OJp{G=^id5>sXTBJzPIfM09&L`pP(jAonhY4mVXAATqk7woE1h64J?4~G zU`u+G`$pu3D^p?#*vR;yUQTr%V7|@e^@t{lKCEz6R9-KHC!fopsJLA<+j`Ip65oES z%Jz6IO2o%r@0V)6H~kPj%;T|YUkgW`?WJ#5h_T9yL?Dh>aQ3z zhaBlU|F}-xxrZ37uAxnD(9tOR3inAtI|av)Y#Xto{`IzIM_TpXVM=+h0;`|D+Ve0Q z0z_+{PcC09S?HP39U}`^49l^RH^)!oJ>RA;`uP{Qs*4m3<4)@bJ$e29V{)Jic_F6b z5af?)-zyELk7DOwf95&rK{aId#cf?Npi?h3GrhFWdwPG`ftke@WPs7IFWK-tyWNjJ z?oQmtp+>)!YW=oYOE%V(C^-H#MIO@2tP4FyMS5~j>l$Ti%N~NP{Bw);MbAH9houis zSppFRkB9TGTEuRhb}86>H0+bco$^@f4aBX%ggjYv}Lr`GsAZ_kCz+3y>%)b27`m10}& z_bBG2-$DoX>6q^&o_6CApAClrY^>z)f>no zRkW`@$+66se5?#k3SN_!?@j>R)*xH+PRU=iIlUfz1l>4vj9OVm8kjy>g^5Vr|5}$Y zarXnJrR@69E^-VLCZj?Y^D`!8z;IyFHOJOF2@3pr8%DpbIKBsw>LG=iw z0$BlMh>aA_J9)&O69k1Kd%cGQTzcxNi!0`mLQXTVk-1Vh=rIm1K8*ITLJkNT3Gt6d znv(N)fh$&>){hf6VrNUmPriDkFP3Nk7;#6x$=9( z8Fg^RO_FygJDH-?xtu5*MOB=_di zB1DZHS9D`OHz3+#oqc5EGFhc`{409vs>d=l2sVNLGOehhFTw|?q^(VNf?aW%l)2f- zZpoVt`(x3r*(Zb`qI?rao`$X6b4?xPNz>-r!`t;bxtFi`m>EPZUz@GKfK<%ma{?FR z#oPJem1iU0lKc5jvLs_d_fuPYJZDjv1rMX0G^(+M&ykH9gG0-{dpIE)U z44<-!TsmYBGT&ooxRb2+y??JdUvZEL$gHB7m_4vhFZ-x`htl<@k9HM?VXH7$jE)pP z^Uk4AfH&kdB3)UqH0wiwr2v6&46YsN;I}E&B#uzSM?CUxW9#%hm3Wy?R9cUHocOU}&%4&*!TyDdI&y z4+U4s*k1c%qT3sYOs71BQ9q_CJQCH&Gv^O{gfVu6G+KRHD;SBu-)V}+#)v-AkVc~H z4MY>8I)`hO%?ApdU}&s(IRg!CpiXvVrxEZ?SpARvi7n8I`c;yuu@FRvfTG|<$?uc2 zsUWyIvsXzUEkqJ|3!UbSfkdb7#`l?$2w&wIN+J^42Lj9=5jA5i2#7Cq6!2OVn8X|+ zQ0%NJDAZyKm}TOJbPf*>}7dV98n=x;(A=sctiCSblf1t&%AHN5FUNx<0(spCnw2 zEH&ML^?WRSV$&nmutpr?7?|`mEPX#{;(goau15p$Xh*oeS8L+^Upl8R`uMx9FJ3q_ z-;M?&Pj9zAebH`apNJZKk5lH>?D*V%Z{YQ! z5>(zN>jEqPy{->YqrKWzq&EX|mr5*~n8st}ppDmQ%$TzU&bf_H^}c}Xv5nRl*GSKZ z;tD7 zKft8Vg9#cn3WQ^1mf6^HRNvHn3B61wqT+xF+`6bG*#Fd!Z9 z*;-#wu1)12L*nQqo5Ln)0=t#B^InX9-UMh!DqJ|(oGIE)^nqzdopxO^qNMs5VuMr` zptj;AHLzPvq%&9pjtF{p$k=Nw*oTsJlvKYBSaM(=jFP4ea~EsJJRRcs;x8bE&diPV zd>g4nfZ+L`O;>fKxD-z^Hm<5|iz~XVz_QIkz8sd#{f`Vg1(5+CO zt?u=2CInRBv2%M0f{peF^8uaII9WmBBl8pkS1b>XKfG>AL(0|FO(s(6e8Vdzrn{&o zm19t66(o{40gt(r_AKmr|_apzxBMl*{%9IPMdxgaO*j4>({)SKhx+t zWwui^!BMz-Rj$K-J|hR5PC?!n16ChayfIP;JHjKDGjKp&+L1||zlL%+C~m_XBvVTz z7apYAt6N|*3|b5{Rr5XvX+|u&In#Wuc+v}MI=1?6=}FTBK?(Fa6xI6qFCo(ejpImR z-5#4RV%e%CD58VVQiNE~&lmw@gcp^1axNV0fL`96L|=@lvMApv9OR2ENmjrkYVHt} zt3Ee;<>j40YR6)FJoeyO_@1G4q*fwY4$hOjQw&qQqUC#}nGK!>#RadmHEXTgK{t>- zIkegjg=D@%WI?!|%tXHq4Vc3?$T0Z~lQv!>b+QPzI90mIueq3__5jX5B_LV zn`6HjE>pq4$IM46mpRNo zLF$;rx&3^CL5G4m_w8TF@9~S@-XkimY}XDbo3sI%>5uZpP#~vRlwT|xKJ$_v$9s9V zYSn8~K|DW~2V+eG1fia8QxcEdr6W_V4C9yQZzc=3VI`x2NFsuUJb!(n>*aA9QJ5huuu@~zgKXZI5KukKb zzGLf_J@H%Aqq2PFdu!s3PP_lsrDJo&8@HPcQLCQWN~G(DtM0Gz682Cd&XvouC?k)Q z_Uo=%K2HwYeqQnfvQj+;@5a17muGI>03A&xaC%I%W!{QfC_#RXG|%{Y!E}oF;CmRn zlNb$liO@fAWMA%T+!+oG6)*3^`c>=S%gNAO4~QmlNodEh?T~24y_l*R`0z-m=V$!$ ziElq6%ziWVDq5kFdhO-|e91QtjuO#;fF^+&Fwyk9Dvly4dX`6upjo zZzmVUXH#{ie4si~C(?rafO=2jUYK4y4}zZ6mr!qXS&0zzjBKAH*~JH^*FtaZ7K}s5 z^@g)Vv~u78Ac`6`mQg?5EVVMh113_bPv0BDmwP2x3DUz z+^7Y)Xj%)$U<=Kz&I&12F51`m*=KRBg_#Vjr4n90drfyEd9`&oON1GWj5F=2cZ__e z_|iP=v~jNlSveIQ>n&e4tgjI}5#p&fG8B`u7T$&?Rd9yTQ?sP!-wsHtE=AY*gJZkw zRYRRhb3TcZ#b&=@378Ke)!`nt@+X{J50|G)CoX$U zs&NrVA1{w@zi}Ch=&>=+ZHJtw!W>w7BYZ?3XIU zC9dxU#TC>MuaQ38{NqK3`DVf3kaf!@UQA5;=C86v1>_gve|qG+N9W<878%4qmYUZ$ z?R=-6uf1!s8#(D-j41E9vQFt!g~PC9fin%&!q?&?KELhjRr|#y$p8tD+N)=xzxF&JWKb}`%*Q? z$giA7Q(O@^tpifrjU#Q3bpj?agP5{#aL^R=AVT+MttGrNMo4`rSw-e*tykNgFA;W0 zsLpT=Fm=DuORz)_BTR5bvTw(&!o4AhsSO-&^Z+_%;tk;NJBbIKmc9KT1$|2vNgy6G z#Y|iVe;lI+Uo<|@cb2wQ{{`cyV`kILgMHb#BJwVg`l|I=AdfSQJ)sIcAc~!&XEy)B zV6XBE^wM1+9Dezsvjh!aL`youCAPyu*vK(c<#UXZui4S-$NaNCx?Vx(Ph@vrsivNx zW8Ttv%2x4-M$~nLm%OUL(MH{=sUKx{5p%tH^rVwz-F@H(2Mse_zN4b5kd;l(Sk&md zf=U1TDTl(60*nm|ZFPOxGjykhqFqS-rKR0<6{EU8BK@EInmqMpIIKHM6cmT0)ltj| z{nNlI?Fz2!BBDj(!|9M`AI*xta3-Njn=^Z&i=D}ba`<@q#se|jMmKDrU&0r2tKbZ3 zL9RG^sWgap;TNv-TduhR&z!pW`ekx3S^ZzQY07h>B>XVUUxI>4n_Lkm5*ijBx?fbW1E1== zjQgqEELqagctTHJbE^A{l2ASGoC=xyreh(37d`W8P{X%`BmeE+NIL4T1*a=0oMJO0YHxi9*b z24j}*nRfQW?3@rWa7G9DYIpRr%9Ol(iOr0>6npNYW7(UCP&Ro{BPaRP?{N%!O#B^T zUynY}E3-Fm(mb5Rkli)%$f(V4%6ceu=SaTJYAd6ndZ*4(#f8dR0eZpgCA)<+byJ!= zLaA|V2l4B599G7sopY>J?BsUzXf?|NQZ)q`6EceElHeX;+O1ht*e<6ijGczVszN)? z0!Up(U0HPs2Xk(P%0^pec@`4SZ8>b(eC+I(sEx+b4)y$UqrKyKqJ7QYa996US+5p5 z(e06bcy&x~l#6cVeq=tqBWuT3Synd=-GLU?UDIcFZWp2j6GGm@kmZ)oDliB0?6;Qk z^bk+HJ#NIPTcO#ZcfxtDEUjV#ep7dv+Rd13Evo3$A`1M_d3E35*H9*z_W(E{TWfaP)v<}324d}Bfb@@>-xBFg z6P>)!eMK!sk)d@Tfu&%2R3dWO&ii1^Kf?Up7?XgyEN&GiBk99OHP8}blg}NCaF`Pl zfRABR5SA;u#b{UX3;({~M;pb{1pZL){3T?7vwdVc?J9`Vf;!w+ARMV=PQYnqB}drwko;Zc?}ACi7c$8D zQx0qeze9#U%nj27tOCJzD(kW}*2AC2#plU-Z^I3R9`E>vJjQGkg$pfRD~FJ?Hjf9P zLmLkZ+pvS{9%z@POGF&1U}3F(m@D!%fAG5AdTNA04_CTY*dBzNQOyCqiCGD(7hMegOuyil(~u&~G){pP>x)T>y-@mAu}WmM*+Xo);hK z$fmqt{PEH56)=+BxfQfWgAYz+|-%Qqi0WBMT_q&J`(OrkhAcl zGM7g`%#N)!wAYp~B^Kr068c_V)y^&}Q&GVuWaF#+*&TD-J+bai7QeW%vX>hxusN8& zpz#Yo1(aRE&kxi?7B)xoj+4#VC@;xW-HepP6l7q)X$tCojv2apgeD7p!0OulRziC! z=^S@!nC3a$Y-1z6(Ent!zbD~G(M9Sr^O=S`~nB^RDFuOPnkzd%#zPN60wf6 z^AQT#wJd&oLTcGq&#aN9MPh~?meOb@^};e|L@)5&`K(vkXq`jV)1IrK&H*6LH-WwQ z?tDhHJQ;Td=!XAxWFu`hkfI{zv5F!7wBNkL4%!Hkw3JOvvBnvC@A5jR>+J;12j&aQ zkg;N~%Hq@5X1bI|51?iR+StAjlwdNkQoR}gy?;^?#7YfiC}KGp+51jycw+jn+*akz zfKpvW)jRts#4q`XD?j+=28{!QZKRI`l(cGj;>sl?1Wl&JZV#hdcRam`@B1;WVl~q~ zF(M}wWeFFFXT;fU#AY!oZCqi1aHhPk!`=Nlk}CN9RnMQHh!$HakI0 z?||DQ!z}Te8S%WO8bvk6zVWQ>0l&2>a`2kM%bYfb7tpyEY(onG9o#Nj<$#!cjP|>B zD@1_0t^F!L#wHFz8@wJSgf_25eAI4CmhD<8S{7*`ao=tS2sCb@uBSTUX@-6O|tu{XH%ch!1pv3#GFw{=0dlw$|=%REz_OXVohLnO{fD>Hk0qCr? zB2({*s_OiTCfcjmVRi$O?O&~69+d4+tLcwKUCSX13_;5p&+MA+vtVLM$Z*u%75a)> z6)8%;#)cW1PJWcagcdnHfTp8)XiGMkQ$QAjBj$v?o}- zG@^5Yqecp(J|Ae#GVUOJ(U?aC34?$ZD{VlAztxCHs7PuA#!;eJZs_BKiC&HQpg|VCeHV zNUn%yME?j=ObdeR#J0qRyH*1pa6Vm%hLD@bJni8Hj^1J&3!{J{1@WG%DWY zWOb%IU97j$y^CsWu03H)B=4uVcZJN5^P&uT6CNU_jpE1}f@6YH;8YXca>J=5oKJ3Z zY$g6JcTgo+(Czo8vNW6R*E(NJ?Jb?_O3OGL1N0S!y_Av8)7oL6*_Kcd5!QmmS^@fj zie`UfS&Za+cfzRnp?c$GgT-NAcl7etQ18)Lw^Y9%SstyKaW_?Vv{%%bwMMxgCP{Xu zf$^@5f3L&hq-i(Kgo-l8#18$j!sy1#h)#a1*;j>xkO%s7o1*)2nd9PeGvis3mnz%j zxr0)Nk68C{F;o_@P@%9=#oiBBx$))G;cQOhpnaHR$!@J1&T{H^LXX=3?Dco`;YPct zH&0gZoTNp9^Q#VHulJR8?f_P(!C{wj5f$fgu~UrkZ2hVPr6bbUMxSQCqTrab% zeYV_FCr}OBX+i3>K4;xecY}C7>plo1^nbwwyx-Teqqt_0;PBqRgwPo^0gB)e}fcCGfaYS|iC z^An*5sj^U6x5yhqs_!(JJKH5c*oziphu&P4)390R#>5P@u?ltZ(uF==N0nrX%Wu{OH!~@{hQjfO_FdKkj`f)~&y+?`rxx2eNi|PfH0GlYFsHViBx} z=vxuCQ`kBRo_u_fn17XZPmq28^sPT~4pSR&%a1j?}zgol2)+D7wd z`0}&P7B{C##v-6cA_IbSZv_j7c0xN$=R4#2^I4;&o}T&`oItd9>-Zlfc)nQttTZ;z zGr?h!#fn@c251j|`XeSEC70}{E`a>ujfp4J7a+WEbMNGFG(Km|LxjQyIJ9p$N2~%7 zWf+Q8-l1v99FgsT)l>eo3VCn7sip&afE!usR$C@*B({5TPx6BpP$oY*jYKC8tIfwn z{D8n+nu|M-7bwdZ7Nx=X=_?kij>sx`YFLnC{A;&C7NpaNz%i2`^rc#SE#V@R0haRT zwuQGkl^(y{bJ_M(D%#FwN!brUvhp>EccFkzpkX`u*H}DMt87_$~aPYN1N@AP>Yxf`$&Pi}`l7 zKAJQg9@3?LiZ6b}GZ|I?OABD8mD`R%S0dLf<~w~@TPtH=eYn?<8M00GL46lpwpEjo z$to?zEx~q2ki5;V4on&v@gxLIAtkOjf#k@|)#amSkKMQ3fZ)ZVnM8c6W^ zX#P-^J%X}IG`C^;BHbnD{yy|)xs0#t0JN|_JznDmUJ;CW?(QwL!2J1C$jEVI z;TsK$lnmp;(k$H4M@tW-EMM@liaPN}eR*YTRGBP`q=gm|JcNb3Oc5VA1G+dAzKqb- znHuAD?{(w4H-i<2gL+7hqK5#dXc>H1A)S(wj`;xSp(EdPhB(DrEtdLMl=_1ug4fS7 zN+poD%ri~K?)jIVRW3r3%N#Q3-p$sm)XQ#d%*w5)&2#UPXmBTROqKUG4r%q8pL0D}S2P#t<}Kt!SW8!=h`jdI;re|y`DMQLCLd6cJ;y=_nS-;#dSuP}^omz- z5tge{jF3EDTYZQKz6xq_?dE2+bh2~kT&aSNve6LYBRf_Aop26s8=I1BH#T+=+^nKC zVIRH2jymC8y;-8^MJ;JuE9q5+2h@clNydr9Nv3#q_4iqSl!i6;uV>NUUn)%GJnV!b?akwA<}C{UZnfK45ve)onN5+^J}Bs@ z4JhEouUsOti>R(-t8-YpbX{;b#=4SX@Wef!>S~bTp|V{b4L*BM@8W2eMbK3(o^4Id zhFv}79KkaG6ww6WR1a)kCeQlo`kb(YeVb6j=XfUVtxP5b)9H7w?lF7=G7L+n8n%K?jW?wr={vepZO>yGHqLqQaq-YUw=t&9r+XpY zrF7)3q5Vif5?;jf+Rf3_$YZ5eF0osD}Kl- z_vLVS-=kx-QssB?DQ-$kENN>M62U&0jH&h4S=dF;8{TD$vGT_pH$r~>)CC3PXc{CJaABM0zWGfLgotTd_HEyE?koz zVbe(5o1nif+xX&z&SNdyE{5-)MRyn9c?=zeKMfJkf1@pDA}#d7Z^S+}y8f}m*r`)r zu|utSLaxc|9B28}cD$9h49lI7Y#YWxdZ_j1-W!l`Vx@5QhQz8uGet854$39k)%bR5 zA|nUV1r8J3rRY|5zs`;{ddEkxeLBw<9cwqa{1!ryWc=yHlRvy$3*Nq_qEo`0|2V%| z-*4|Y!CrUk0tw)^RIR_^Df`yXtWOE;RP4Z7m@)fIDwbiXesOQR?nap}Z?tW7s&6|! z|MaLaaJVxJM$gi!RH!i1A543wuSpJklBTri6T-jG4ZK`dgiNw&sU#CJ~_v$$+#HCz72dmiM7PBfQM!guD`R(zxUDr>d?TH5GLm!JB63KUI1E z6>1aFAT?t25Yp@=hi*)1M&XaoZRojWC)G&wVbI%)96~l-6DOEy0|s>TKCZsZI;}Gw zRWpB-zZUjI0$ya1$ncbF{-+aVMF!u2135LH?r(k-?qkKDAve2htxSKTj{>xj79d^S z-O|z5#*b0Izi$;eBNK`XaDs!fnIdLq9}}aUi}Ai{V%uj z*C&(8;9H$;#H#*l=Kk-Oszd{enx?fCk^Aq#`CGjD_aAev&}C#QZiQ7b{+3Ms{SW_T z|KRuAv0%o%LdvAW{}c@ThsplatFOhtFi&Pn%jNzhg81Jq5*GpIEe6q*r=W?|e+}gS z{v>dl5e)Oyu?!Qz|Ne)6di9eue1YKBQ_%m*e*ZcR|6$ZsZs5+xpMnYUA71<)u0E9k zvnkRwmG{4l>)&4boDGI~dziLB<^O#)Dd4jy{nIPq|9zNG@xd_Pc;*xQ`{MYYrsscL zG=UPxf-aj&I(2W>Ino83KEl^=uC88-+wMH*mWk(0emEz8jF zvIou=woWGUwV#}va<$XYW;|;Lzn<~sc29!6Im6=LiP)-|e!Xqf!prAYrqkf=+;Kav zn0e$<@KHa1MH{g77U0z*=oaYtxo%~iAhXpr(Y!JE+EzAsiQ zy4onzD_4`k13W|edC>EGdp}LsvpQYK-9DC!r*vRi+mgHiNC8~z&jD0Ni;_XRVme>B zFYIg&ND#Qe+mU1n=c(iac1Fq$D27OWyBzkvT?L}}#S#sywHt6AQUf3xz)r+KlNgI1ll=qmmgCfBL>Pb> z6FmpoRAcJ@DpXAW^)i}5-$s1FzSaZuI1qAQ31^&LesAl(P|`714#P!Ry)x@fw;#OG zY??OotzD`s(5u`JByMD@-`iSDy~-eayWUywqUsxT928L8r?f3E&xOGUEPw{!)!#at z_1maUTX<8FTLB?rJ;y-e8Qk@~j=NjZ zjWIu}lOsEcM$jH+K3_I|jD5O^2A#)Yab6$vFt{z3=V~3sA#OqnFbw`Uu3rE(t5rBtx!L1Ir@*w9=>zwxts>aYFQ3!I9sgNtlznY24x^7l zfakpz@869Jxr0_xEpnIH>EmpLi>g7rUeR2!A+5vLny6&Yzc~p)>Hw6NcegjkPHiAB z0Ntg^2kw++xe%{`HbWV`7oXkigznDIHm!6+K){e6#V_cTJ$n zJpE3Y>s$T0f+8h@>VBF!M4$`cJB?`uwC;5i3o4E2EQ25LIfjzErTEW)W_**Q#OxTk zAVMhDtT2f3gMki8rOTeZ{aGO=5XPbseVK}SuL+fq6TrxxzX8;N^Tndx506&&fCWK{ zR8W~j*!U3)Eq1Lk zXy@u?2Zm+Hp!PkD0chR5_R$k@1689W%s#|4>X}6>?wBWK(rS*c@l$;gy8KWcqNtlU z#A7986uh8}B*y_g*6QUbMRbt%F%`W&_-a4#=~Yz)HMIzl{3z;anI_NE1uCRsu!$6{ zjLQCXd4h zE#MWG8+Q2FFSdFvV%z`{L;P3s9pGO#z)|YQ2}@$yfPFxru?LKM7eoJ>I)5b+C$7Vg zbMu*D=6rn3Y5UM73fT4J&B2YHLtB)qm!4JY1)hE6!}KOX-FoNW{?B%3`FGniA8YK( z=8{nR)}4_xPqCDxrjJx+z^-e~=NY*d--1nmhH3j_)arJNev4bVdWnX8s(F%=^RGcC z(9h*`E1I6xIU8ie>5d~-IsN-=($0D4!T(}E*R`wfM)euvj84ZRv>n< zbnhIrNxnSNjEY$-)#eVBmu+P_5JjE}{iPp%KIhQkI$oq)QHT7ztQ!Tj^0VYhJ(DaycOte+j z_Pboa;e~G;`5T}>?e4_hA}i#C3;b@#EOCCUfaQ<0bw?C~Z)7NkCXxNVK;oi$ z1GZI^EqKJuZl;KRUJte+IO(liDuO8M(fS^Mx_pS>^JneP#9vPs_37pkDwxRSOfzYO zoL3F!)AjSj$9;-$yj+R6s1NiBq&630G7K9(y1xfD%r*{=(juj%_bf&8l24L7_2v^x z?;WdM`unrI$_{6?|87^SJ%M;-zP&crbozOQ zgF$6zw!vZFAy+K=SOL-DC|3L?Q^dO-8hx94^Jd~xtiwiGS;O_}EZ~ji^|FDJigH0@I+QjD}qi^-~E+nOkj&r?q2GJUzikFv2#7GgOj zde}aXPb^m^-7TdL!QZ9#B^}Oz4(f;+{mhj_h3=_hZ^>U;(7cwDQMU0PpOWF=SN`49 zis>r~<*gO*nSPahQNAh^Vq_=c3f&g#TU}WafF}F+$24?{xbNvbB*r2#tnz)O+TDr` zbqoQWXGa~FY%F4x{QLM5AOe8n$pTGEpq-VT9b<(`6Io7OIZPAJ7S@%GdViO0-@lmR zIBCOaONQ3!PN;7qx`ytf?MRm@gxql~Q4C0)6?0Itu+-FQ*6Jc3g*86m)*C)7Jsp?M z5u+JFK$DSiKu9gs{9CXK@)M9CW|;1N2jV(EDvbXRdv6&QW!vtLQX)u$0@5Yj4bp;u zq@Z*oB{_75fS^c8DvhA1fb=sgLxXg8|F3!0`|kBDU*EmfvA^xT*B1|B9Pay` z>pHJ9elZ}k0t`wQNdi0W+MI-}=0RB>qL>2cBLbTxefEPzeY*>9ajN&*;kWK}V6*jC z3VSJL`KQIM?cw;sG^7H*>QrRZ9=T3=ij8qWFZ>~++$XD@+lYOQSeN728dedkCx$y+ z40&F9Hc{zOrvmj)>)LyhPcq-RMENZ?aJYr)oe1C&w|FzfzT^7q;5C?V zjFTUf*#lQvG#;mEFpUi?+CH(RS;hM*uW1X%B4V(RZ|HOX-6 zJP1R&rm+r9V#*MG1Sj${XgjGP4A|1N5v+v|T9}bL<6u$PAz_^!lD-EnSmWkqvxi`) zwL48QkFgPV2fd<`HmHs^j0r!mJeimN{WNlxT5Je)GTGT7TfE}U_6CT`6It6fLWCS+ zNjU0Iq(9C&$?}LiQEe8sz~aqZRdRCHfR&txi^d(;X6qs_KRZr9-$-@5`|N7G@#^W< zsjjy)@)nq{>^O2mlnECpcRR!5?yone7(858HdlK8NC!gchM2CXz3 zm#QL6+Iz?B804EGL0F{;uN?C3JQl@`^sZ=}JDfX(1+*mqEtkH|LqM;e1orRRmE4nn zbb)xRNWB#6mbspb8e-WLjC#dOf@%_Q__Wdaw3DF6ntZq?Gbs&8a(!igCj#IKdq zi>5Hq)#v3%Cv!6k>~+yba5~M+8Jy=QzcL`YN2Rp3P525J1Z{()F@r2W@`We)woHWp zfz(O1bQWRdBp3zNuliKK@baqF2PkHy?Y$QT~!qe2Zr^XAYIy9_ zA~U05Y@sEqHJcf5JT)%xW_s|M=otfZHox*qSK((}ad`z=u`Efl7z#Z|d!Ju3jK!B+ zA{s3hzx<-AXsnMKa&Qjv#3`dgrHY+r8UoRDPv-qUeV=}ZMVVQC>3YTx#aLs779QZH zFt|%O06QH;MFZ>F*6;Ta8>SwS!G7gwhA~moLWm`_0}(8ts-lvAktmBodk8vS46B>xR3TThfw{3 z_>Ut{jpe;@aCZb?5mxW>XP7f5gsOyeeo)VwYsNQQ%G0*-Qo2A<4ToQNJlUSEmy`~h zk7FA%dJutsn1CJ`RY8}km8I&iKpxth!~0e^RoUP!ZznuDIGn+fZ;_Vt7xNgSPU-Cj z+J%f3kpi>nSv$>2}1;z{x`9!K??dGuphYZ?L$19vb0 zcZz;RzZkCOo$Y*&2itqF$>Oc>%ceyJlCvw*;$rQY)HXLTPh&QSKBr_1($fmRP$fPu zeB(mtc+Z2EA~o2f3H9cQ@Ox!X>mi5J&cj2lJjUq~Ts+dwiv9y*)$h3(rNOfTP6*L+ zeM>|2cLhX`TL|FaN7V0gNh`ndRiKr*8XhAmagyAw+kdWV@<7jmnA{^CJ3<+CmkQ@6 zo0tZQu91(`6@MZ8-J6a)CbZ2P0a!Xe^pfFup-AivKnU^&(cZUntVl}8t7>C-L^53K zwY}ADS9=7Kt-XNGvg!uQO{2S?`d^*DWc^5^kEloi3OxDO$^jqzHFXM|7utYm*%By5 zETN0g1M?pWYtc6vp4zfZE}t==&Gh6!spvD51?tkmZO?nXegH=N0+Pf(aRfz3VDG0n zGdEzLd`wN~P2q97wiU3w#vW^Y$kG@F*>P<3!gai>GqZTlYG94Y$Hl6+(BRyByT1z2 z!1{&*p-A{}f+dXPfEgf$Vjr{Ev2cbtQnXwHO|o^#knidVP7SfFiWm*3Y}=4bxkp9U z$uSj7H4y#Qb#=JkLlP$V3%q&tEIwugDmZIh9^Y)ZU}viCoA)h?smuT;J)t zPtvzSW~=e&&hTmGBnWQ)@B-7tJ4@lt4sfm>l7#WwAbr2m5J`zE9{!i26DJadv;^oH zWzniOzaGbU5(9~8HpO&%5W=ncoDU6#m&<_3t8}+RUsYmmzkGv?G0$ro@?sJ)F1?IN zEbT#d;h07-blvDt3u{m$fJ9U9Y-RdhFdxsZsJPVy?u_#`ot+PyR|gQ(G+qBfELgt$ z0h3l!GHuZ3@Iu&m)&Anr@znk#vGg!jbTB~5t)aFXv`%W(*PWMrsijy&Tx#>uPBx64 z+WJ3@N7jBPa3kpPDD;c%>ZPl?f#HdX>qEf#G&ea)II<^L5ZyKMJFbku1kf(1A7w{3 z!}aHbkz+Dj(UH^9X?}dUTsS)2jkhJB*U`k~L>()!rzE{&Gp3n;YqhPriFy7MG|r#2 z1~6rkkv~z;T)qIsfvG)VqViRu#&o#sGfcRT4cf8!P^7Ina^l%MjaBejmmkAkRzliAOE4@v6koin_VYs-n{2Uk!H`3;%^T?bL&~CdtFm!T zhBr2RNO$?a+oL{?+-uImX)~7hb^B&NPJXP_ThN{WP!RY@J<$i6UM_=YV5oS0cDLqH zzUso$FqwM6-J}^i^etRH#)HQnOEn)nX;I)nrN>ZFk|#RDD1KEQ$(e!-71Q}zht=t> zNmkMBh88zUUmlU@u8xs5(GHTTW}5%J#jG$PHqFNscFD~k>ZnFupu$|^Dp5QY?ORlO z&UJlaJR>KbZu>PAG2CBjPYo z!fVi&l}`i7;bLs_LYYCSNMoL67&`>B1V8g!#}AItzMq=!<6hFDeswrgTzBp=EW9Kl zdX-S~PEfgBF>WV9+2)6x+~-Z_Y9HcXBCAS!POW10>my=}_VjoI_WZGPr?!rU2SDvnQAZb3P5$=el6 zpRxjLG|&TXB=EL62Qbfk&)mOMs%~AEt7D_31#kN7M|;eyK^?4)3}A&*BtC^ zji%7JLvho#UuG@~cI&^&;@eSn=91c+N-hMz{pwiaSP!tA-Fn=VgUp{M5#Hmx(88~9ry6W3J!-C2l;ZH+SR z8&F)|xsJ3DKg`Vqd2+jO?vG-Db@niI%)OT2a~Go_ezS;n z-*msN?}yUI9oXXL=|h*AKgE1Tc)fVXwIQOuT4(c63()S^#>#CT; zcUK-zmB>CU7Sh2T7I49dg%N%f84!>2E4fwHOfnpfLWGIQP%3Zpy_9^8!Yd#5C9{4u z|4ILS{+}rEO=0etHq-3$%tmp-VaA0nrDL}grd+;D!9ViyH8Zo6NT9Un37TQw&?qb< zM|tQ#5DMX`eDf00zL}yO(KGilIA-EOwpt9wNaStY9Y*qa8`5D+M5%+dX8NA8F?PF8 zEp3!(vIt!s_G&&d*VpVmGg`af!X1SYS<dETcR{r|Csh z!x?v-hz{p#vxdJXVtnYmjp>OOfO#qOf}Z9Hrw!(|@6Mc7o47E4B?nndzN!DLdJEUF@^c973%2K!;a!TDvcsocN50 zw`MlM$AC}x57E&MxNA4&2|6nqmwqXy&Ui29AbviB+Zq%GsgVq?`kl~}?%6^#Kfcpz zx#n;=)@TSrZas3-;lNTkUoAt`G^O`!BdS%;_$|nLK3|(lD4*M%s#jN4t}0uy<{J9@ zFHgGCJpP7jUVD2JXCsjLR?}N$wlJ+Q_brt#S*n69=L8|wDogY{*D(Wd~!z(_KCiss40g>fEKTYT3)lThAerWgh zvHQ(~YC#s6>osn1`Tw$t=5dW=WxP6#z z;a2KIuxOe`_S?EJGK(h$wPto$P`lL-`q1IW>wP8(jrH({mpnq0{*%!!596Ec`dPhf zy80M0 z4}*rVjqL0+o~v-GPcmb#dP+G)X$H%vWjB^fl>3$aVC->8;Wqa7i7^~#nQz&=zcuqA zfa93>W&mz_A7%8E&7{ig`Y9Z3K?!G{;C$ z>ez3k&W-`^<7ime4Vi@X@k^)9Xa=5s;VE0rb1a$;vu{-VMldPJyw3NIfjc$g9hg>( z7=te3sfygkq3z-eh3iS>FV{osxs3^X8G-MemF3*kq$eRIc{ z)X{I_3d~X9euZ;hU`HNCId8ZSe`!~%UarNkKNgJ&s#P~6vQ+}DVUaw+iK*0(s;=@T5UvN+fF z4$KGzNhvGMxJT6^t|E-)e=Us}NG~L+A$X+6P0GJBh?Q(FZF!|_Zkc#n=TZ9f`a}8$ zl4{zg#4V`TE%^(&XY2Ld_0xqT-!q3r%)8o3M$7aBQ_(+1wb`8l9xL!o3f!T$)I|>ae7Sn&1Vn`1V^r zCFJG5m3H5R%{-K{)PnX>-;Am6ohIQ=ZF)*t?S@0K$*gmiJ}fCUehrq^~@v8il9 zv>Yq;i@Y(=F+EP3d%va_J*jYTDe)^On%Tq=eIdQ;%dv$;h0o1KPX*>W;TH39T}>od zxj1q)`gy}Q4TGF}>)O*ExRgoiZEEEIut*{SGyMZ3|COd^5%y|cd*R#7bVu+pRgV`= zanWGD=@tmP8&(HK-jkmx42={7hS11h7@W!Ex0j>}cOc6&8HueP=BHR(m3rkQ$0rzt z2QGYRw{4+%EHqm~%3}Jk2s^A^+u{BB7!pOcznU1Rx`m4Zqy`vmVn(uzC43<-x(Oll zc1=^v%Jj2zi+MLVLLqYM)qU$V_&;<5xStf4VFf4JF$+z=%NMZ^GbJ9*BBf%vaHcB! zaR$R3OVrY3>g3I=?JY8^_3*=O?vt|E<}I0O{bV%O?@>z)oMb5y)@Nm(2A!RD`)|MN2@r=2axCP0^fsmZ2@4Z5js2_|?bJQr>>$1j-gqj*Wy?KS$}$1J==@OPHy7 zGCq~}@FHuq0^;)p9FdDYgX(riJ)jhxITwgkzxs4}4NXK@=6HJDYNK$Rus4-?35G=H z%34F`Ei>j>!3yFtEF*#-Ii6VNDYl2U+P5coqKxm6WmX%* z?+Fd?mGq&IqVb1XnVaz*x2EUM^N6X?k3owo;?&cv4>PRi9=s>N5aB2R1nnMboeGFW zalHuo5^gF9VK^w!b!JrgS()Xh)~%^gR7r9+PMIyVBG|d|_Hi-Hjp!ogGbAZfJ{HP4 zB>Q@%bJ<%mtdx8du+StY-|19yfF<)UCt&JEvC+0!l1BW+PR|PGM6?Rt=EzGij8L*+ zLu_2aEA5vF&1S9S;xk%}xqa?bnyFJ%2t$4WS?O+`ZF7LdxW7>ndaOglvY6OgSG+D0 zFbe31>``&}Uh>$S)Vr@knm|)RgU&${I$W6E>gSLpOuKGXN0D0Kz&-hZ!y^s&CG?SR zJ4qan5{Y25b6vmfp|R`Ha^l>a1E=Fiq3I?~Ie7!%T2C#+N^cS9=BnylKn(W}NW8dL z$#Y@)gOfs4Z*E))B+wR0m*4YxE0L*5x_S*?mOru0=2EOs)KhFLcBap0cq!H2z`+&Z zPdWUOuREqpgH=I^fJH+OpA*p&OrqL)(r2g$mU9x(bc$~h=`ehzLY%ZizhBNb z|15VWAmM2JffBS%?a>3oF6@lfD}!34$IH(%+4W9Mh{!jxA1ci3#JMy<8$aigu~`AV zp(5;n@b!^Gb_|$TePb+nt@Asa=@t=hN^W>@`9ALaJUg!uZIW9OaTCX#*nAPhd;8;p zaF}uV*30{_2eI#+eGXR8L#I-2UOD$W)cz{5jHroO_waCTkebG;{g_1^Gv)b@7FDft zibLIG$!92uk+xG?CZB8hag1;)ikBiLJ)n+BQR6yt&J2O zZvprFfUH*8K4j95ZsUEW)@M0!NIPE3q`-vdCVaHC8N3X|<$r0^1L`G6p9VH$pe)#qiT_>c#;G7}CWM+*Igx_Mu z;Jq8)EqLG<29t`Z3ORyv7Wvq0wOZcru}!$^`0iB=;c)5v#{m3xyWv`}jB7zq%QB8| z>5}J=zkDZPb9P0dV#Qoa|BPgQnny*l#S(Q1gP!X6hd$b+$fam=&&}zln0OS4zUN}g z=?ligfXTVglId*1+%{Vy+5HuTKpM<9rU2@|aExMA*@w8w&^(Lkcv#s(*q%z6bTw%$ zYJQkXQim2S;G0_Tc9QyQN!?W3a_BdiY56vGm>v(BBh(Jd}ld6_%j$ zES@HKs2J-95eT6k7&=40<-3tG6sVYnL`LKeZB`C&@wd1S8R>`~#!vxA3%rHmL==t$JfROG`Vksp_6Jd}I;(o0BAVrQzF7xtV5ScVNj$Z0JSNhu#S@ExM1WnI-+pM`&drS}v(9S&DmqegOnEVPN5g9CaM%PGWLXNPWGT!6kPL1k+ zgtMBn)C;7sojZL?l+8f|^SWS6WXxNbzN6a(sMVi76hHMl-rCe_6jT;{^qNN^Q*f5b zq&4t8meu%JN}SW6Wt3j@N{9yu{cZR~2q2}p^)gYn8Mo<=83^w(+cil_1Og%N)5FFD znh=;$H62~*>=;6hbZf5sHPJA~;|R_S$fTeXWIUpChg*)aze$)ueA@~f_SCw&W5sEP zy0t7dLgsenw};oiN|CXH>a2>W>ukzj>n5-<B^bT1c`#@TWp@s5lSr{RUIT3OuFfuG zMs_Yh)x}JUY|=-wzwG2nqHR`Xztz_!fy3&dNq)745Qb1XU`60s^y#62O zJuM*Pu&lB|uUP6;v?eL4I)8{XSSHAcmWFQ&)`bwAH008h*AZmmzLgV2)spiizDG?K z(nADrV`9m#m46SN{3J~t%%S07U}Q03h><_#Aa~1tg}x>%M+?n6e;#|p`dmNk;K<%- zK1T9TJ*d}BV|r_=;gYj<%6WXoR?({~e*7e$4I;k>D>>lrH@YsTf%I}ib19E^D!1mY zjWQcKm6c4LPLsFZglH^UF?7q#oB$cfMM0%Tp_&g2TMA*C4iV3&Q5 zveAV9e*dNKbUKa#yu@Gr=B8ut{Vn}D0naH9-E9hT6{)r+-c4jUjZ7Ze5gWRE1SapC z;grYpW17=Io}hQo0CoG8w|-=C^n1bCn3WjvDBgF>N-taV{#i~PKFz{O;vgyQ7Uk4j zke44IA{Z-$B!{K9ez-}JyH&TZE&>K#PTf>p`#?Oq1sbGRz#sqO2d%KIh!9PsPqZJXHTFK5W!|=B^j54b zCbnYWcJzGH9iggDmj%>?F}E+<2Na;n0g=X?Oqhs>ef)#DgAV}Qy3;FK;^`|mAunhI zTaabt4okQPHsd?94j^el9tMT+KX>Z#abnGDeG!=D2!AGSKT|EOZZ@D53)CG^A`JbL zi_FTDjKp8j;&b{C8Z*;>zMjwI4I>eH4bG1vh9d5Tq+n$n07#9#Gu+!vGJQ`~u|flX zCh0OyJWU9nB=y5z*?_I@Lg1uV2k?oS-?1ek8-`cxoaG4(bLd~UE{C5hJ94Oa&9=Yr z6}D)LH0X5}+z&kM zHkLB;I{w*rya!>zUcLG$HomvMWYjl!d4}WFZ*^YFBXvy|l(i{nKh4ZCES*R)VqJan z;bm+6)!GM7b`Q!LSoE)~DJ0hPEW{TxWnE4QiW-<{V}AfIccjE`aVrF)#%6=C7TBHz z8qQ#(K{4YGUT-V`&Sk>5T=Y#uL{ms5od*`Q8P)}j6P$Hec1*Ksswxh1XYS;+L;Lzc zlebaZpdE0qUxF4hsw6z(wXFk3{d;sXQ9WSyh3AEPVf zC)BrAFRb}d<(>(e{q%nn!?LMYQ3NuLNGYDPG~aTdZ+x21M>yJg)m$7dosgs_wE$|a z*N541hKl#YWjZLfvDyw46Z2upMrn>!?<}=QGj+PkMTy>d^t_{!WqqhbFx8`&GD=qr zFtpww8Lp48!rcQW+X|WHQn&B71+Agbt1Iz5iG_U&aB}qK3?U*J0m>-B-HI?58;e(J z%;qod`gD+bjsF;55kYAY&MmC|&ZDEml5s?>eytR60&r(yMvSS7X!sp}b*d+vxLD~k zyuQkt%1eZ!dAz_T1VmSZK(3t?NjpaaZ^yTB142n(uIKh!E-R`=dvL9iUE9On+GbOm zw_ww+-H1F>nflP5GnIQWS$30D113n^nH!*EQ2j`ywtcYbhZMt`2j>hWtl%_gU|sq+ z{WlH_5~XRDL)X+qD@UIb*Z!iOkdzS@v9Kj1&a1D40u{aGI5N-om2=)30GAMw#|UlK z8j9ueTdPHr?k=CwcV(PVs!G!?;G!ZIHK*L0TxCz;p01tg{%M9^y30)3Xabgf#7fPt zW|y_pk|9Vam}9M_w6u4?WHd{)GS65Arv}Mz8uwHmPu)M9AYaRI3%uVpS^qKJ$=j>|ANHI$M z2#-@oM4m+6)EkeFh=fT*SuXOSiJ)nG)hW7I2boP;rJ#-?QlGqjC79AO4AYHzunaSD zbEs)nQ0|7EbsY8huMyX}65B8W5*6~WP6OQ14B2DeXVfTt{APx_a^g<8?_e@bqteBp zM9+z62^k2hlxgYH{X-_2&lz@9v!tdBi^{IJt*}ddrVtdXZFp$~_TMX-pJt9golOUm z_d#`Su`=TcoaD zxVgf^$k$KoLdO!V5IdG3%4SU&hl!;J?Zni*#_*eaA>Bm(?1$`_96m;#JZm@!uCv_~ z%ZnuQ7#;%{&pAvJ?dzV=B{G%`;m;9;Nc=MHx+yP8a^>Aw*gPfyU0+}>3Y)<)LMk6P z>pLEYO;%i}aQK1t$O+XX0VtZ;0&Wz4)W@M3itxONN~v?eQ4+>+`G~xSi^SXrat_8G zLQ*6s`UL4xDazc;N<*24Yoonc%j7Lj-$Jq7W*i4!rCpdUdk38ft{nl-q|Na-k&r6= za_hjK#1r3(UDf#H#1l4by?jJ^Xl5+(!kbW}FWJ{Kpo53B2aJyaxt>Zsu!s7R=k&pp zSsDHeU4>0v6d_BV&1XdfWwKj?{=3w0)&W25tP+2l4A;!V*-(O-p%02~hEib(XL?d$ z*p!R3AvIm~s`9Ol(ueuC=`;8v&mHyRh2b7>(=+Mhht2Txz=<9oqjN*2%&^U|7q^GI zBV5mO{eR_eOq?x6_W4`RT7{NTjn!8ObG;E)Q~LJok|4|O+|H3BK_WFyZt_8vy0IV7 zy|^rL`E{OD6;b65Ts5}F44o@&_a~34#Z_rruTKj;{CKLjYocnMvoZ2(zB)`wP0p7l z!&5$c0C{E!RJ_*v{mh!jP6czvSaOHvXout`Ix=)sqrm{-$Smeyn^)t-%26y-N)NxQ z8f1;kzjgxq5pn#<1bu4z{&lw^q<`rq?0Dv#w59{3c*M@$Yl2S%_Ar`k5U=NIt)Z{T zCg$+;7Dtsww42U)*v+l#iRhpM%-Va6U_e$~-~%kkvNWjY-dEZ#Y|~#2+B9U9zi{4s zFK9eKYl(ME1ij!Iy{v8I-HSlw;T$C=XXN!Bq~o3EN3Ygv=PMYPH8aLql}He}15j$- zJf1sgO%yRmzQ}nZ*BDj%r9=)DJvCVu?8>?%uIzQ3#h7JVG^|OyNO^sn0n4(!yGb%6 zL|26aLQJTHNkFr4v-vXQ`m&py*y?Uc5eGeW^9?E72}3hp+TB+ndT5BP`ePHG)CnPn z2k|dv67PYi*xmBxuE53F`<#2$IkJ9wmTa-@wKxb0$~_rndD$nZ z=*>lmgdY>m6OzA~?cwG!hb+^-ZwvqDE<^0g(Ptb{e#Cl+0k>R3zq}hFoQ92!l>^C1 z=O-dFJs?lc@aNE{R%lbOefYgf!a5g&G)GlO=~iUl7>g@j0DeO2TQs>-fRjy@R-5U3 zhPQ4*)PACt!ShgwMUELo^I;J|pEMKn!DJuw?k4+^5PO~g_N|niWc=aa@14XPZ8vF| zCw94%B1wkDObTcqc=QJ^TAkrMXY838lgi!z<}(GRu6rih7tILTf#Ys9gaums4Q3P< zD!%yOPo!%jz_U~vs9sVXU~~4GujULet{J?e|CWl;#8eJDN)hepPAHMoi<1-Ie(Yo_ zPZf?v;=J?Ra)!i+_Hh2~*vIhQPuQzQx}VQzrACfM;5vT7CU?6`(PmTsjC@4DIkWVr9y6 z)A%}O58INA@uIwN`h+k$@NZ6D0RC+s{EmxkrX;;G*SW^TbR5iNGEskO?l9qVGR?iV zS_cdlLmN5qL5uJHKws3e(BpY%CvLXo&uFvO27T`o#ykPL>;U!D`2aP-`O`=aTvf}E zjwWvdGdd#KmN5sY{oOa6#=N0dIktAo<*()SF&)+)DX|nqt|9@J#3-)u3enLOnTJ<=1|1lY1^ir4@g+#`$2$dcG_6Qh6Z z6Y)XLPxz1^HUuoT<^@(%xP>Tv*jWo0!t{2;Q1|8w$>pGW)so`~tT92f8%oa=JJ zSF~KtCGuEee}c9fBpjc;U=L#47zYAC*#q*u#59(X$t)|HlaFPt9gwZN z(t&l$a@Sbp7UAymA$ODOId57rP-Yr>lfk3xztsx^wIdS=x9=g6t4v8jX6pv+=W+`^tj3-+QZ$y4?|d}XX#1eeGp&6l2PkPpoYS_}bJJ(XWbon6$C&p4|FM_O zDh4}K2OpF}yjwv0XzJl%Ho-zln5RH&H7cPpYvxXFI>mRX

?6Dm@Iot_jhUZ?ua>p}GvF379fIr05~I!InV3+>H+vM-J1J$g?y%ssu|So>n}0%|(=iQoLg)2y;fBo_HL*k5zD;K+f?007faLH zPSos4l$&%`M88zMgMIF;sZ$W_TeQ6YdFjS5-9qyvM=Bv=@gBn$Y*BjM9x@MN`cPpU z`*qlQiyy_F)aDJxi}`5E+Cf*xaIVexBxU0i>@$40K$znm)tsn3W!fS2eDQ~jU>u2+ z+FRH*5C{`>>x)$WM?rcHl+RAvpK-TUGY#@84^}ONuMv&YM<%H2HKi}#8A;L9IMvDF zDXS}A)^+WzHRDr*D>2U4w7+!S%bT#_id^UTNd_#AGUHye5#-k$zxZ;Um(&ne6|rr$ z#_mW!BGiNTgF`~8IsO%3N}N8ce!Lb4m{Yd_qgZ=(<&PX(8Ba9Ok3J%I&&LwvM8k?y z&67>kxCMBs`|AakuRHHTa56&(VVUxkdn~Z+Y?H;VI0-Te=S6sNl48GHQ-wn+bjBOMYPe3pySfi~T)BLB^# z9sv-3+r_Z?TgN~Zu>Ipo!H1Z=UVO8u0pE?Jy@$8Yd8q*z#f5nIDc0|_F+dv+0~|l` zW`oiAM@rw;HXhG^c_RbR5f{N?-4^vgTB+lygi|&ov=9EJ5FLotYCBgB_`>sR%!GmUcn?R?#T^f6BW>b zp7EWq&jtVbAmp>@NzCHR$BjK9jZ1V$A8EY1;nT(#{Qp)P0V?xPWdzIbMza4%G1p#$ zhf%{|=wAnv=MyJ^2Q&hpAXg2bPMch#NDAk*F|TC@?s1>MAPmXHIEnO#0EC@KKR2~p805g62E12hhS#JN_P^6OJWFf1U z7^VEz&HE%(=EK8i#6P+7mQo9E1Q0;>Q)liItN5R`Psnqm%8h}m-0E+u(AEV53|45z zf##!#BV5pHDM?otcKq!lnbc;*2vWyk9%PK`NNW8=9<@JcoPxd^1X!vT*8&}fDIk_W z>X(84`=soz6N>W!ENGq!p8}EJ{-mA~_6B%ACs3t;p3!k;?MiMG=`d7J@NEDP52&tk zoU8%e|A}Y{A@<#T5ah%}ytWW+`{ML}+I=OqKt{X4cJafs+<)EBX7orE7GHj@uW=@l zY&wtr_>9-yf^(uK?6jtB?K-bv^I)`NE+7IQ1 zpM&FZ3NTg{zd4S6NiqaVIaB<-oC`GmJF>?>VSmi`(fU{s^>LNM&tYW8HBfRJke2S# zIv>2W20C%T1ab5dq<&6oKR#a_fO!53i8(-WYNaj@w2wh6sWvO{jLp}6V>>^^1dcp; zr0`|}&x;zbfe1omy|9Gs;3759+}MI013Iufz!PBcs7#r9{Ey1WinBI4O-^jUOO`Z#~BJw z?G5d&DrvIO{}|#FkRz(w+{XVB5SK_`pv_<3m3Dh13$P07%pBKUkp#jmz=rl@$#8#5 zRuUIl&fXcMtm7crJ=~Bw^uKUIWpKniX$u;0+E-75D zC}SL`3IA-{1SMNw(cX$r*gDdd-0AFKbx8YkCYn;jQ_}Cq9a(f`6~sx$Po4rg2Li}_ ztfc0dq2^@NDc!=_`HKTsRp$*<2@qB(#>vt&TMpolW>QiCQw59(Km{}|C81?+m-hd7 z^!qaUYcD@S>eRS<)@c9N1uBE_h`|LkXvM?EfHyo((Dh<>!u~muidk5`pkS$c0a*(lzO2JZY`v7Uf~%Deu{H6GitwV-P2~1g@6q=Z>D7NrVm*+) zTJoaPl?KOmI7+nNcjqyOZ`e72c#6=HwTK*Zr`39GdW`KRPw6e00x6ABISG*#k6te5 z0i=i2ay8aN-25NSx5M+ftVcTp3nLAGI?n%X1}xK!QC1l5G|xpKOVz<1FyHpd zXBR;e)739Nqo>a}Zvu9vN#rjYxddi41fczIihHar7L^krTFvCPKm_|W)hNB!#fa2L z@5h;r+_`imUC(fplbS=g4HhjqU1o>ky8_jLL$tHm=1_aA>AZD7v8^TBr}dsirG-k; z#$SC4y8POjdjY7c9!MjxXc$C$=K6H^|D6C!5IoEXUt+&czzIp#ajR+-pGJ$u%?#8_SZA2o2@tPTQ=&t~Ts)oePX{5iUZY5&Lsmb6B1jt=OL}%mK z+SgNCIr?KDm*V=Z@yhqg2_fjSy18SVExw%k7#76zMjF%xW^iSbdGZot%-I_+yDk9=d_PgdS$KT&G93k@6%vt z9)1S_gDgCUMf0RIN2DCVQfb00eZK%etMW{9s`=b_3G{Xf=7a-h zn?kNGk!A{BK;Ve<94jb5OsZs;#xaT_<*K{m>kW|Zfxs{|EM;tB z8-xba?Q<|mcTX`5^oe#Wv>Je~1K?AgbWHdW@~~Ap2XV6g{xMQ&q(gF!pzvqVaqUbs zKDGEs1xZ#rP%OSPj9iP24QG)=j0ixcZB-H2Mt0?PQKmrz*dx8RBbWl_1PJ6{nuXmZ zD_j$BXdBz}i+F_aV3IzA*aDls_*8J zT7IM;MjEVxW=NMYP?V_~y>DO1Q{KlfG`tJ$4F*6eos!^06N=gYfXoNM1@EnYi(m;l z1910xNl?f^L4)X2J0~vYL<+F}gD!wbkQ;!1xqAEkx^xW#ik84iz{5E_2=IOLq})Il zb_Wjk1zzYuKOQSCO?}sW9kkZ!q4oQTgG_?x1V91w?(yos2-+2JhCI5px;Y8;x;#Jj zg2~xP9s>XQmT%}WD3bPLoHog`;BQuveO+&1kjxu_K`fyi6!x&nag#}pz9Q#oHk(pM z^MjS4t>&Aw6$Tv}Z}fRA&4vma+aCH5VX4&&r1R4oRl(>b{7;E;Hal_{^V&g^;kOKr zf&qCuK^F_OQ%EU_hU+UoFMtiI0jTG3xgLYn$bm?N2UngV?SS}l1n727RynQ%5(Qa= zp<7`;cF_6c3>66~QbESc%4y2uK21ldx_X?nkjUd;!aKu*(%1gb;YS?RDJH(%cz5}k z>bUj;#pKSwy>C?gw5A-q0B3^znn0}7neBE%AV@fXu?LXtVXCs$en^y`2tcU$ZSrm~Q(rS~bmL^tI|ix>n7GDG4 zj!vujDW2en+F|e!#H*4z0iVx?y7+2d-I5sT0Tu#0gHJ$e(&#{#N8);kCkRqx2t8WP zmGec4)d8KIEv`+lU;jcTjlcc?a4`7s)MPt_BUgZpGYZ2LS*O15=?*sO`_{_5uz8BtJ0^7BoV0t_aCBPh)lU_Bh$2Pp;<66?Kjop4q`9>R%aLY{XuTZ{pS8P z;pXo_QAH(f=pxw-Ai_Tvw;$o5xk)jao4v1usKle}br&az$hEx!3qTM+= zOM3#5`6bxBX&O=bi9w(kL!R|pAUYlBEWxsE91oBxE4%nu?O_FR1Eolw(Balpnz2aW zh4=9fZ4I$uSt_hWpo#$n>GPKPA5MI!)#mp%| z8~VX>;*twmarXkK_%YzF6&Y0S>1=kq)&`nY9w2boU44=BX?}*fhrb>)+$Vmx$g&-t ztGgvWHO!*Trm#K5 z;5pm1(U^+Ol)D`L?wIL8qcj#w@1AqzsLm-&G(21K`486PHWCe3bLdS!^Xg&J)#Mmt zVp^JcN?~7U9&te`OATEG>SUlxNWder0|X4etpnL5vfNFo7x(QhK{hl6YBjGQQDr3? zix%J)y)v%i3<_k0xvanHSYROCO25bwen;16=o65u#h1d9ATg(UoE~?NXUsGx016_@ zxbHRCvxsO=H~3LU`UTz#b2nNB8FmPMZy@LJyEoZ?>=|lOfSb>Uj2Qo3rD{G#i<~V) zjTv=cf!8NS(6L(HQ1=(G892ChDK*K;@o}o(xuc`kjB|z*bHp*u`;;I0>IO`?^M*vO zh|W|yrk=%(7~TOlX^{79f0VSB$O}1N?t8ZY>d4wc=qL=IK1)mjf=oqzR~Xn$GHHWBf4){PBlRNWkrlCQ?3%`u)TGNc=?Mrv`6wmFbXOf z#v?R2-&H(AEJ8Y&zrO$T7iQdad4oK>|2MDr-!}sf^S?a2|9xhEew^B%S7l=gd)8Wes%h79#*#DCyf8k4iK$FJ_X#^&eA(Dnk$4?0 zgD1&}RVhlJpUB^@(5HWX&EMZ9 z`%#mOZ_=BQJDUII4gd4S9r?i_2axK?Dce8(<^Oyk_$q`Q6@B$7zq;;!`>waiQ-GIu z=aQ4xhyTGfe8IrY)9n^D{_k(h%;*-m5^YNDRJ6{2e+>o1ym2P?7To^_HwIxdqYE(F z@)R-n@2}y1A1?CI|L?;^?ydiCtXy)25I|fM-~d{#XT6Vm-dS=Ugi#0nK?LYtdpxz{NRxoKrs`vM8(^1xBZ+Z?d0VCH=wREWfU!<1f zSyeR&vntl4Q>|m)HsDL)108f(U7yCY(Qo*m&-uC+aIMK#S``Ds5ErBhYsH1jfJEwe^&FyjsA|h& zOrNE&`qz77GNgX^oAHfefz--bAofE%QxE2ZbD#yiB6L6HZ{aW78HBm>hjtJD^O=CJ zWSr3|lo~+WskLr@V6x8^bgJ>a0P}0#jmH^`$EJ2VrLXv`cY)kD*9Pcj8CxAM&|Zr= z09*{@C-}7xp{kt-Q6d89p&AURYwiG2FCMrjgI*uSbKI4k4)v6`!xt=JnfwdUImpu6H(t^$Mrp;nN=VNojK!24S z%adFFdkI;%H>uq)fgQ7U0-q1T0~I%IV67o2u(at+u!FJ~=XF`wc6zc>ss_ z*F~AjV5s2&%u*siU&V0(>c*68SD*>#U%@-og8|&dG1I6G`x)D~qhA($g%K{TE})Ot zahxLZBC%Ga7{|)4;{UMsmSItD@7u71grFlJB?t&2n+B0?MMRL0W@wNSq-*E_1*KI| zQc|Qtq*FlY5C^1l=o)&6XN|xA-pbzlcRc^k@B4i5z+)Khb+2`;E6?k^@cQx5B3kBi zWsblm&2cGd{IUlOgj90Mq;+g(M75a%!!s7BRlB5tBQH&f1Vx2KKdUhxDl7PQdbkK% z@3bIuRq_NFwS}$UhLZQ#Y@x)#Y6cDT!d(J44FL%*mBC?uY#`_vzio?>8~TFTZ$}-| zF#hQewt#Z{9n{Q8ywGcoJ>jm%5lGn)f_c(TsOqCG%ZnM1T^BCFE$`ZfcJ@MAQ0Q(M zHiv=&%UkjaI*=MHIz2)62tdfFR3|~TkMp?T&C7DRb(s#>FT)uK$b}D8o>X(4v1F-t z{MKw1ZN0;V=LvAh0YNu~Cdh3G?Exy=L;IaUEiI1Wli61kauZHH;?3(md)31NMxZDX zn(sHUTmGqKok}oiGga|IC_cQHR*pV+dDLA<7SEFgrtJ>iy=`z5WSWdYu8#hj##K3b zbpyU%V!t2_+zW_1*N5MA!G&#w$p#z5KfwHP)7}$M1Pxn8 zdS<;c2kavN3>duc1B5I>0-T%kJ}Tvu76AIkg~U%wG0N%tP974BzPNzUb5g_%eAv>N zMgzj;JnHvpJ1potj^d}e1yxV9Jy$=b6QSn-3kNaS6Sv_NoGh0rn`$!?W*a2C!Dg^~ zo)|_=0XOfZ5`bFH`rVqP*MwSSnk#7As4{TIcS%loP4&0>!~-2xr#**0xQZ$STE;lZ z}$qBezL0uT5EhvYX}&XZN%2?fM4k+J?t>TR#>u*h9xPqU9&9< zp2yT=s(-BYy+h1-euM(&GmXFPN}FW22GXamB-Shh7VW*p9I3?a7XA*@<6EqG(6c~Z z^TY%D4-5rmMG$eIJzt0-)>;(lrek9HOoOIvGc61?3G!zz_WYgK*%EwtdKOD|gcbiX z1xC)`BGT)lJNkdWiValcm~v?oz%I~zvIPSiUckwr@84hwtW>zZpyV-){2&R?3kECU zf-WJ+^FPbT=<&TeDuNTBCaGB72rjeU#4eye-EV6K87>+MsO38>!_)0-$*{3JvLTRY zUY&6REY8*#YzKa)*4|WJY4?Q$o012KnOu?G#Mz0C@Z3VC`*>0nP=Qx`QseKs&D)8eX~NtZW3hRtRG-%p-)Ju-8bsL-G*L&|ZoDdoA-x&hvZfvZhC;~s@#yZ9?JI(YbJVlZV#th8<52B*Iwq&$+F$Qn? z2FKUzIM91ruifY0P6A_WfPstodHucDqnIk4@}ygj;wRY+59HlJRcG8;Vc8c{*V7tf z>yPI8&q3*MPa5zgE}tAC>H{%?Q5vrpe~Y;W%mulG!DqF5G_cbd9xrJ%i;i!GYrkYX zbp+*{DSXL&=~QA`$ZA%NjUiBE(+*KFUG>YEqpbBuI|1}ZM*Axkk_pOJHs`akd3xHVQwb0_vWsaoku>Z?^&!NuKT6BsFHy7 zx{vfJ{r0=X<_W~zikZfxC0Kdw1NJ-+7sr&HW z;SiK?DFRLatp2m#!Isn^R+!O|APtu~qg)PKGrJnNkE#utf z=)Luc&7re+Ro!(#U}r|8jaPB*MTxu=tn&S{yU!U4JYh>N2L|~( zTU5N1gM;BtiH&V?Pg+sl9Qbr z9BsapO#LOqfcCwdYM%D1!k}|UfS_DVH}|wrEE~0hHuz23T*&Yp>FHb8TD~W6T`?8S z_2xHE6`Xd%BvEfuJOklN&2PBta=6znf$H6Uve6{)Iq4@TPdO?k{oygm&do|-V0@3y zZYdRQx~GMIQrU?Qu!jj)2_;e@`I=Vzair2tP|*R#XwAT~LuR8__&#{0_YPA|wzKDl z7I39bfGA|7Jr}G$=$Zn8YCv4jJ53=7bsAty)J!Nd%1*FT)j{mT7?LL0u>}3?Fg31J zW zOxud@SR49}d)>DW+iv0ZDb|5ADOnzU4bUnxun_iuq~5}oo&d8u*t*|9Crzce&%s0% zQUl)JrPBkmtcoA5NX85Uf6cVP5x|xlUMYnS)Y!Pdw{1I;?Czc<+vZZ^`5k{PR!q~i z3HKv&HxmnTpx+$?5OB2xFLiG^8)PE!uQWt$+-oyvuT6|;ow-Os=EC&@FEUCjzQ z7f6z-da;eYjSG1msaZX?id>%ZE<^}#P1dBjT_kO0wYTLX#&NZSb?BP3B*fOtGH-fT zwSk)En;G`4C&p+kWy)L@=59=sPXK0(MNa zQfKMDs9<xc+G8wcQeBGh)Gl4l)7EYq~bDL;w*W5F!GTgA`R>OR={8K z*APc4=ir31X!_(+74I3v0|ohMp6~3YPv4Y}dn^mB@vjqNlOCm!GtW5jt=SZt@uTKA zO9@^3rYncM_eH_Qz|vQz#NjWSX5NtE@s~-Bqxb~OhZJHXH@_U}H$7Co`FW9Y* z9!S$k4BX?<&s1Z*&g>s6lp*7WYT*iv5LtS!9S?^E!;h;{`8mUe>u<2>s#IQA4!wI6 zVtB-eH$$M5NrxYojZs4~Em-~)rL_l z`tCQ=n=HtNtekErFE z$R%%M(qDhmUQkGt1VXD~)k`DyQj?a2b7IX*@vfaL-iTC!Tm!uuo_aXs=ileOqBr$w ztbIm@E$3XX+$*l%6CYDh3}f&HlhIy~H&t{yc{z=7T6c8|zg~Nw&cU|(wxPJk0hJ|K z`%%056?6G;Sg$6|r@OF>HNPQX8xXgb2U^O7r0jz{>zC#|+-KCw zV#?0B%6>^Qxh_?LH{DZMun%y1nB0|jkzNKQaa`r*76wq8Y(H~o`P#>y;$S_H zf0eWK0Y*P2GnW-} zb&&7EN#Eykf9Zw=GM-3@!`*o1-&2}!-WyVvV>P30K*h486n@A+4>NfyL$J)|-+jCW zx5FmC0d<@J6Y(~^HzAyF)fy_O=jQFZ zC_eU}RFRb=%Gd_!wPJ_O;mogWlJ~eglcVpdxXbm<{Y_j`)pndk+>aq+=d%yo6{YE* z_egJWmzUq@O@NjTkPGTRp(KO9`^Naz_KVfM6jl9Rk@fMEO*r9Ak|?h7&x)|Q!debp zjhnj{^*sjyu&jQ@`BSK!ti6@=Z?{q?mO;pEb@)Vzz4wE|xA=G?8gg>EvOl`oWLvL) z6w2Zk;XK}CEq@q6A$s0W1U(M;3o90X=Ckb3fQ^7Se7!pCn_O3Soj3hX$=OXx8 zQ#Pr{IYVgR*tK|L&TL^DRlI)TZ0bvX>ffzpk|m>SsKVjuHm_0&iuH7J)SF>FJop(^?IH&omt3Mhd>b$#wWhs9@`U|q#NBoG}mIAjFR%u=SlWLF@PCJc2EnT#7S|Yse^My zq(nF+2rEeBItK1S#INYKp62j|i;Z356Y$~%ewPMAl9c)r2YE!NGr7T_Nc{Kdva2k- z+|id++XJ*(j9lIZY5CWcncwW=cl$uqXu+o6+s?nE*KnIu+LO(4vQ-6F9dNe|M(3|p zdtGyx>qfGBPAD?ecJt8pNURSst}i7zeoMNKo2F)VjqSvK^kc%ILlQfkTUjvo?xBiS zvO(;6tcFjL;+&cL1?Ul(3dx|W53syA*r1_C&9V<k6(BU#3J>w{B;rK%gT+Ck8}n?kk~6b|(_F183?)0+KNOMySa zB=ptS1c>r~&rz64Ge9_s#9Lyzt!M~eWPOh7vGRJ7#p~++By;4$JqCT#>~q?@k;!g2 zK9g|#7}xZK_Q+4TYy6Q)f<3H#Y$!}3(q{8vQL>SOj?uGrd;lPNrxOd0As}Dd8#e)dj^WC8T%lvcGdP~KK#?LdBXfknRfkLjP5kjM4@{AVd;3yW|*B# zIJ+J&L^C>k1^XcDYoJ$i5YIJFtsMVNfx#O@A2zOT}%f5RZ<(Kwj3J)gsC{x@ar%vBH9`3WRvGCEpfHG~k$Nj$)$#F6Kb4?wD$Z z1mTQUc{>kmYu5Y|I#f-OXe;XQTFtZ=L!6Rd=qc#dNh#Vsmakil(|VlQ3~) ze)M*n5tAdG&jWVVbQz@SJn|Uc1Ri|xRJG*#=6-kX-Cpgww*zS#HBw*nrKj|hIf*Ms zXHhdpy1zCZ{t6@3kJl&_GS7&$o*%^^u7WB%6dKHjXRiYV$t=@P-xsSn%ZJja#aQ0o zxr`Z$7-C5FSXtjL`(R-C{?&Y1%zU4=h!&~CAc^gFLKK{aCjiR|S%>v__M6}sEYiis zc(MA4(!#efqjGEj{Hj|DU(xOa=$$RGA`0a zgZ9Pb+;WF(O1s#q(=hYX5;$XXRvH}=`i<}le`dg=3%xRh4UR!K3MIyxmmU5R z$6AP7#a;}xI~|!g5uiwDCkeHhSpU|uJPOj{&+^ejz`dYuPq1La89EZ4r5Z87coH~A475-@}rP}D{mww zJ`@XQ?W(~wu{zMB80yhAzqM|U+Yijb=>`bMUJWA3o3f&B=}!#2b^)0ihm&oKGTi=Q zI~yF%C)6}`aqp$1pNE1hC5O*P(1_DkJa^FB0q%nH7BfLiIAXf^%O2}o+X|>HtZqE# z_PXvp7`ql_)u_;d)hdE1NhH9s1rK<;Dmpqxls*vUfh|XlDfEU>w1XOrQs){-`4IzW zon|X9VSR*CVUTK3J@{S!#aiOt_JnqP;(V1D0D(K+0QD9YkZKh-Gt^RAM!JMcv2vz9 zm;kw$w+KJ4xkQM1*>yi zZ|;uygHPzXF)0!9Moeb7=$ooSOJ438J`rb`N@@ueAoieANa7t-lZQJ8`WO)qkdAnH zn92oWl1M&TEVyjVvj|7*JxqXhlx%&jR<)N;f%lOxykL&-vlA^cXAJc|)=9)LW&PK& z$;M)=_Q!gT{4-XY1PglAwx|)$!P+wZzI_Q7$wPD_#OJbwF^6;2`K zf^d?_cHK9-S8LJ++0cp3grWu&S)-&n(b761&L#-LggH7OmH<==(CgSo~W9f z9wFgTzPU(9J8<_L!j&{Soj~=ChmL@G?^KE_&f;T*5PN9g8%!goHsLa;Nxn=ONI9a) zz$f?raS(YKq~2nfrFwi4g&a&emq3!zlCF?-9qc5xN?*WsI{onuo zrGk`y^?|-m=MZD<*J+wx+EfSR0>!WV^5!rQhwBtZc?*~-Pr*kGg~G`tv!dPV(PJB6N>S3MsXEW~ixYP06{-B}Xj&XL#f+Hm zRK53n<$;4sDaYd5nso}YxinhO*|F51j|S#M^9KnN2N;usser>}xZh>x^CpVbBbKhV9@ySlI+RJHd>_Z z!`4iA%vZfVpb~$X5L%Qtf-xLjW=NfOqh6U4lr@X7n?QkxvUEo8dWDkNl{GC|O6NBzRh<)HhPKJQ zlCm||o^*qr#WD%Q|Ern+&OIv&l~mfC`-Q0TAGfi!%OqHiXIUf(@#($nok*%q=cOg3 zKbOd)GTLDoP{>(SD*J4`nF4KjY#oeB>CDWH9d4ksxrwqr->)MK&n8n6x{eoZYAk=! z3yr5(h6y%x3P7lWdv)l-j{E9ea>DdcWt`HtKfeQ5^v1DE69#v9n>aEhZAs8 zfPx44Rxc{k1k=#Xf@M;2W}(&v!;UuPkIX}uu z`~jo8JplQ)7~N`&`)1}0A|SJcOG#@ETDnj9C0b=ZP2pZ&@J}}Cl_SVdkAB`j*Q!(}HXv z8Et*e9)7nO-E;}N4)OACS=4SLv0Fmblq1gJ zUR(@J&`e&^lU+lWptnx$p(n58CIv|45POH1IPRAMqGmZ3mzG=pY# zvbCqUP*j6)J>ss9bDQ#H@=U00h22x)XekEA8#k*C=k<*0$=tK1WmwQPpbA<%eOLvW zz1xD%mCeuVafP!Rn2iHh3byMcvX>OC31v+V8OTx$*}LR{NBu$Oa*Ao3Cw4xXy8qdQ z>o@;0B3S3ENO&U0!`^oM%H93fpF(voNj+CYmGLj({;xlcfjwQ9?J_%KpZ?nNUvLM^ zRmcMl4R5ve7|(C(`Y+#u+X6qi@+Oc-cW1)42u}eE9G0^ZU|MX~3S1y{`=Yzb~O7jvS=Y%-!;7e!1;`#jt;0b#EBh zGuv-^zohugmj1p3qfQL!u(bO7MYaF>JAZw!0F;%7;1jO&zaoeKx&$8c^B|-c)?W_% z6>9%|nSXuRnaPNumWDs}(O*ycui#FqQg9S)D+MmizrV$Q`QHB%-=7Ed|2y%87qjuK zr=f!GX}-Nok+}W3sNwVT=9-W$`gtA8aUNuiQ&_N~&s03Jxl~z#EE%?)!!y&!(zNYK zPZTk+Bj;}ZLoGe+h(h%r7r3ufq*r^a(g^y?;$ zM|7vPmy)=akN*7XFQxGB0%sJ78>8(zT-4uf4N+Zdj#~|R?$YyUf3&r&+Q-Gz^k^IX zBW^(F%yWO90DK&1^}Tsy|Ct9#P2k4(3pURS`L=VR$QOq)gP zeK+zbnDRXH%NU(QMGXE-z`G~OXP1VLon9xpN5zmr&8%F!g|rZ(%o;mf-`J13-xP|b zhbT+lViG(3=Jd#{-~f3ErKruoQPjz3{ED3A**z`8Tb&;pMmMWZTYG8NPte8!iq)`` zu+M~No`Biv-uswW_B{_fo6b0Z_+-eSIPmTu{yTi89F|KUq!`-4RiNdtY zGAWyrWXA1vZpY`W%&(K^|rS!S{kTVyp8FMDg=U#lTheh9lg>agU}wb_IIc(wJB zp$lTCxrv=C=53}RG+Qv?Jw&_fqGA0FF}~FttbwDyT~Ew^w;93nD8*xcLv(_5R9%Uy zY3^wHta#I{a+`-U#(yD9t3MQ<4)Q74%Vi>9fzJs7H#%JMv>l=n^nMlp#)Q^;*XS@H zc7kl}V2sm>_qVw2&x3&{W3KT-OT05;BW3X)O?7Ij>ssDx-*YVhS^6Ulb<#rFtjMBA zZN8l&y7!?=H?^+|{T5wU(#Pg)ey(=&(<^gGmZ971y{XE@9!;}L6ZD^v+_TBG)J(LH|zY8x}^t405c8Wfe(mcGtzE;-Ssks>D zwXo=|DN`H2{HH|BTl`i6|Lf((fcv$s***8?!Tm?$as8z!-HK;%lUn;em*Uf6P%H$ zwQm*w?=r#DbpGc0MhTC@o3BhYQKi9JmSHC*Oz%%pme+~Yx@)Yo+v}$j5X2#cpKQ|k zJ#4}ybaS^cc4!n;ts9tWQ*b71{rM8DF&HEHQF83+@Ar*r3OjfGAh_sDJDIFIs|9%> ziQMV>&_bA7SdUwZw_3XH-jvl&?Pt7>K=Sd5`Ob49jobUD-)@UPYg_laG3v23AsdvR zss49A4^F}fylt6vI-=~~#l}?8C<({#+I&J$!!*#&DRUO zRl}{2XZ*Xvf4HvF>1GO=F7Qo=9e)Yk*fTx7#bM@@`THLIyvRJ|m>hZj@#6Qt&JH6l z1eERv+2xm3K0ta|x*DpeF9lH*SzIxF!>M4{tS9!zm3cL)%d zoI=(wUgbPQ#=VhUbVf>)D(nfH3n)a0HcNRR+cFe>f9;>EZdd_+i-n-WS(k>#5<5NH zdT*#0?Poh?=rz@1-^?3JY>il3rmKN5MN06!kT6QzmQ@)m7{gyJ;y3+WNHAW1YZ4G2 zhff`2M!$bTr381mzOg<-HzyNDG#rwpZkFc<6)2V*%KBFI@NRY?cl&O4QxRe-ptzwzh4@WU3Oqg}tB6?}^PPfGx?yAI8-y%~9uLbC>O zOL1|^rNx^=ler83oCwJLOioE^Rr-e%t6g4fEU{TF=2bA3_x7kK)TFL zqxl22YRq*nWH4Jwq?CUg$=RQhuxYc8Mg(P}w_PrIxWswFVc<=uxx{U|X{QPdC#dM^ z*6Ju|kcfX=i&QCVpjPt367T-hTz~$vkkC*Q(oO$e+!9qcCum8{U*(iSuAD+GhvXZp zuD{$QUjNj2-RHR1b-ixiqvP3EQGqI#lu{BQyU++F-!+_8IXkbqspZ&b7Fpu_mN(4* z=^@PA$GqS$!uE`!3%&fyD9Bl{1xqVz57E|cic4=($)z0lwBjf~(^abaVA9wae^gQ{ zaDj-Ub_1hpobhBMPWcV4o_cN>4m5SK7zhio3u^r?fIkCLDmP59n3sbTdO$QP5wr;PJ#gf$(~k2roojPzZ=$L+T`-c-m40EI2PFL({Tt$EX>SC>9adTpqdG9+n2^TtWQ~$@!1f zakv4LDebC_;F&f|+3<$hYX%fIZEwM5ue{fOEz97oiCn9BJd?o(GiUH_4N!h2>f@pB zezJ%RR@j?E>7lx=X^uTT#spobqFf&7x^7?rQX&@z=xa=#R3P0xZJQ;T|I^H0U@&4B zn>nlDsqo-1$|T7=&))gwqWMdj!l@b}GZ}(0N#rsq!sdq|Q(rx^o>%+8OeX>sar?A9 zmVX$(`x?@16Q;CL)5qv-e!2G1r9;=0!K=rCc6y}A@w@8yH1m1?*yvQLTA*}1=<9#K zj9BOK6pe;CwJyCWH*o3QS{I)A#wK1D^GTj1^+X*Uu6TVdfA5`I`j-?7Z`}06JCzl- z#r%>#$=c<;&_1m7J+#0CS?FRY>R)mhZ-E>oT&X*o?+7$73iCFgrhxkNy)$&Ew$3;& zg4zn&>(Z)nQy#cVX6Vj~_wm$wus*JOxolRpK_&b;Hkf-~2}+e`Si=fVe+0A8O(?Wl88 zwDDnWgi9Hn#XrOh>--N)Rx$iF>a0Zx_@n6aVMk!JtAXcbM6c<0+;*$iW6HruTxVSk96&YT_z&LK_-Ack&+ojsEOA_(;uzghR&(LemLKVwak zuh+GoojdGQIm|OU%;Or5|GqMwq+|Y3C889(e~(^Neb^PgCpDxOQw~TcS|;~9ty;K7 zO)uB-`j+y0n3nq{d3s`8T|U&t8C&z8z2G4Lf`N}U$nm>=kpgK=*{3{7`$GD)sM90z zXIDf|*AsMZ^Wh-7;zV9Ko=7h9mrF&IUh!Y>wZ!e?PPoMmF+8*W|6K1zuE9U|e=lsI8p2Qlqmb1rG4M zE(=DG?MrylXJ_?zS!U^AIY~e)VG>Svh_l*mE?pNpD72bNo*28DHG$T4vidhKIsk(m z;c@BGJtOlA(tqCHk3qC}R((3~O{`4^Xhvz(cJ}7m@oo<-RjRjXf-?(Y>!=>yD!MiF zfMm0`Z(ZqQ9hQH*mmhWj3wX$eO_$Euhv*oM-$Oza?8;5zD!$Gpqn51kO4DXfFUIt= zdrL_rSviEyE0hxR&CG^Hl#X|Xz7v$_K02Bt-+PA7T`P(S73UfMrU-tXT_EUlKU8^8 z{R<(3d2A{^ypl4Jg`@Z+gU5LFB~y0Co(`{L+H5KQx8b39zS|b;Hokl@$yN3#pl)** zf#2MWn4nBfII%IdmBhGywM{-Ie{uo*P5SR*UT+~!|7>ePFC`WjfwTt^jt`!7O8@bD7)c6!2;2-Nr+RI+e^}*T`t5&yf*XVGc!`G_ z1)670>L0&{`PAq!CjT9eZc+W06aV{4h~EG+VeIer@$Vm;)nq?EWl{s@_hpnjM*e@X zh&T{iK*(xx&)T1V-eK^ksN%t<-Jkai2`xa&{O=&65yQQ0i8X|E~`Iii2}t^dm+crb49O?R!_f5b)qcw3%Z z81Ja_*d*s)_v!4i10R6X;AyOe{x78G-+^fVc>YiQ_Wwlqe>UIf{~IC6%=5VnyW!C z&QC}ht?$w16d>SSxgFvleoE`qNdnsa3mYW+eNhP$&oFRZby(=`7KCM2WI2zF!oYpX z9?*wBXI0B`)`&9bnJCbNYFoye#SpURm#MmgzN+Sllig2EpYEa@UNXlJV0vuyFqDA; zx7ks*LsQmmJnx_6hYuxh1x_8yEq8#!D$j zvn))FWwMu7)9KMe@29C&=jfGec13*vsj!a_-~g{;lP^TtX|Z#1Z2v&i39NvgV<2u1^Q(rYCz*= z7<0{ZFnbet>JZ1%F_(f^Pie`udtGAINV$#GUc-~A&JUk#wX%GM5LnT)#G^F={p`u0$!DCa;5 zfXbCCRIODl2LddbXtytDmVJgy_AGE7HlV9}J!PKol)@EA;*jbI==*K2Snx^yE^7#& zqUlJ7wri9af&o?Cn?89YR4KQuREa~QHPlnlCm76Xw-e}?4&>_=O21Y3YQM#j`_%p| zzyb9wAB;q-(ys*Vlq7^$^sXQQ>Bp0&fN~UB=SeW3_#4kfJ9d7OaTPc)=%Ui*CD1oI{=`m&f~^l7%!yu zP&3zyYt>yD`b@&tY;sBSU%S6QL{FSb907oB-dj%BO~sJ$zPAf$Ubka?g+|dNH4Dt{ z{e@50?oYle;8;z(>w=Y4RTH#Tt%>l#w!rl0q~3e7L=hLvk7-T|EQz~YSMWcAwsoz4 z>H2|B* zyTseFfsJX!4s!Vv9zB889K6s@u9C_Q+yedL%E&X8zBfTC*GQi3oaCe*4qh2_<#88G zBH)_bdWN2<@pvOaM#Oo_Pw)8PKDgW-gvrjDKb9)dB<}CK#Xoa7>T1a55b+GoiAPO* ztlG^kxhysFqbHJjAX_zCv}XS>G7Ffwsg#L}6$= zT5a{{!7SniUse(oUGJU2nfq1c-iM3XGoDp`=7)gvgW8kB9dNM@Fn%m#t$#_zg4ZtP z2Ko@a6Ly*Io*M<6tRD}q)aSAJI@B5Ls__<1Ta>>v4e|b5+``*Yu8~=?ngsZUrya@w zRdoDb9)JD#5|wZ)oh#D4 z>8h69rk?ASTX1aF;h@wP&6zVuRXr*iW8ksqemW`9=;ICAfZI#L24eJGhXEDYGa(4- zbw!qnM8Q)47q>HAXS7N|c~_nE?i>ZP7f?mG6c}?D)(G-s?EuF4s~hQJ71`F5usN%u z!fQ$6Za+97N;XVLcKvOqvAW~k5$kmev$d!Qm+77zs-6;0W!so>$ly+t^>wouAGMet z7c;V#*+<%M&9-^J^0d{EH}4cRYmb_@x$9sfpryHGj_LhVTlR^~AFmki9viAp3|SOo zH@^qDa)kHw6ZeF`D9T!M*oA9uc&(P9E2VyS#vlsWhE^(6Xqj7<$Q~CJiV>pB1|%rH zpEiCd$+w!-KNqP?aj?@dk2f<}$D&PHvG5si1=@*&X?6S|tU{oVF=>@4(;&{h$1Y*o zC1o+gd198X*=_)sVeVukU;XOJy4?OXp4Snkx77~jfd;n+?J6?MUPEyrn@1Cpdf64@ z8|cchs9l%p`f8L{CB41Prl)^NsezBhETY=$KE3>O4f++uM2E?VOq?&@)TIxyxXbC;ks4n7M_NC zRfy+;HB%RPsp7Y;r|tmkxiB4(6?8M&y9_j#{zUytJnX5r@I3^`-r*Cm(i zX&_EYV1!q^fm<1h=)|xDVMu@Cp9;{ekSxfN$M+M{exh}&KiMf%C?vERUBq0kDZu*V zV6)lXyb`6V{71_&B>KfTDtV7s=>8D0?Ret!xh@TYfzHL&*%0V7~TTfwi+R#ylk<8pce zD|4X7^l_+o)GKu$##oko+_L8?eI4nU{gPRH_)gc{>O)TF1_sc!>&sR!L-GYpKUCQ5 z`!j*ZjCTFFK8e3|d;Sby@a}_)yA|$M!_<4o=1b60-(z|GVHKbgY97=w94k=)v|{?H zAJsJ^EClGb$<8UTihE^}Gv=%8N1PLc)VXWlVb`U5HqZobP}-abb%D5A#mj}*K-XTm ze~I&F<+d(+Z%{_^Y!*I+>ADy)xgDL8gwU$nispT<8Klm5IP1A8z1La#)L zy1}4il=zG{pU^5vS|Ke;3Amj0z$MIzfNw4nR`i>sXfm*7^7dmU4^qiYT^GT!Q>~-# z_bS^E1=COlrlT7(j^KxY6PrFjJFY)C;yY8BxhWm#Ty~4fa6l>G)@SgV#G!wIeg%US zDf2w@4x>jW$e*iTE!UmES*%@SY1fT*C)fil2sPAl85;DEC&NLwEOINl*jLM(zp9DY z65^I{6Ff1FrQ0Ue&IlqPh1;-|Tp?@2f^-Ng%h3kq1!+30&_I_XKg1|EhJfIPA=zRj zA_^ad#8UN725M-}oX9;J6)WXsK*&^3u^DvX3K&LVaYz-QDK?8toPBrWq_}x?K{kv7;A%%e$mdL?$}P&CdB!DAi%QQqJVt`;XF#(aMDCs z$D^yldY%Qt;MB1541JzLPm(au>7heyPoX3jKw(mIqJrmcPlFk?5Y;C9LR)r7l)1OWbN&qw{G6+ z&?eOct=sp!QcfSNC3fH*mJgYPxGUd~>e}q)4><1P_gfZ6XUA3Xv(BsS#(VF)RQ5`v zUb*?cvCh0&^NBh%-A2!}@=_*R=wP<(0q;h~-Y6d?m_-TP498;gskr-i z>E1R((*@0!V)-Us-S?GEL&!CCD1|L5TX+(BZ_PcFG{Z=gp?>0;b)u zR4{wKGYk`EJz{-E_p<-^jg!Aq+>TR${pyVu@jf`3=lkz()y7Y>sgH7?kAqpr7y9cJ z_dAdMCQQ^VuRjtFoQR%n{21VrXiZ0c-}2qK?bU(_ET&^2u9yfk=lr(NXSW+3_b1)1 z)#C)Sp6)^Re7fT)uNJZk?2^}uSK{{tXr8R6MBOi}fAzlMVIky(PlChP%wdmRnYt@m zx*lNpvWf}#( z*NI<7oIaw{s?9>sf>X3TDVSfs*2o1phE0BHCdJlrK2C-X_A}1hr9V_5F5f6h#{arl z9pyI0j>TAYKEn|!e|U>Ru51aIf#Zn^A&5FE=;UF>+$QK7ou?8@%e(RTYeN&pZc{Q1+PUt_ZiHzY_570B7gQ3KC202~0__qpT{^g<=tC z5*WiD2`v76xT70cEZA)L8Tj#HacTU#`45LR=NGdy95fDC?*rRB5kBo%p5)ybU_i&% zulkxn2y*U$Snr%C^frl62JJz>g!8Cl=O#Tl;rqw0W039>pZcm?yL9yTRfp4u&hti- z3H4|vf7itA>94!q@TCq0+;jR46tL4Cz2Wg- z5-m13jG7Dz<`CPkK)e4TKN}r&(CC_|mA*?Mh}*1uUqjIG z$+$w_2P9ae9^NDIr@Vn3je8sQZJ9S3sj(}uH|w6av=(m$d!Gm`#?XpwUWc{6F(#DQ z$x&`;XB6Zw$dR;8+@qbjQ4W_PlNRu&1kJK)1b~`+@Pqw}s9SS;$QivS{^mR?f0yt-0{$F z%Hhi7Lc|9dr~}HeL@aWriZzE5ds~O3DnQDH_c+$jx4Jf^I4m&$H(VIvGgNVDbX=%l z*e&tyk-@m{>G2HzE6+xwXU+O;~;S{ZO6{05Y1eG(xVx=iJhi?j_G{@Dfva- zDIaP3B(EQ<{*rTz%PPm0s21CJ5%@l$sybIJPAdvi03{}Ztxmdot| zb1%>Fh+o?{hXUTd37=d-&l@O$H$Mfw4FX7mx{^KIG6I{;bCH@#EewJkJhr!`X`wIs zo(t>CW<}9|GK0{>M+Euc@(R-t$lfxP7gL#~9Rc*9CLvep2q?%J8`7IwAgJvq(QAG0YT$K4!@@T8WUXPeCgQ{^ z{)*JB7xHa_zfGr;O1dL1xtP0q_hvMmKeD5Kn!NBuBT*Jfg`7C&hVWb$x@6|{Vuo01 z+g2VsH$G|>GM7Ver{`vij2$GArOX3__!`&hYxP7uD%aJcgM!}EAAGrQ(uaxp+rE1o zxNamjoJTr~XjS&iMw2=2eei@dO8GO~*qW|NQsutM8u0<4UK#2s1}`cx)^iM~!PfCf zyn?fsXswPrU8gWdUO>_!qcx@%^u9>8@H|W&T$$}g5doCrl?kVbxx@ByHLQ?STY0bh zMK6{mqFsb2t@Ix-zY!x5%ig19GwS;wktx!1RL4&RcW&=pt$mMJR{e4ELCa%gQhQpY z`&dY0_6riTQu-j0R7Ub>fvs=Ai@m_%bZr(IW2iMyMevwZTPX+BY!vtA%W7>bKoeTK zd(IuYTFq#EQA^e?@5Jw&>L!y{2du7s_-W6S5Et3*ZK2EZT3|m|Mtvm?`yvE<_Xd_p zQXXjR@v^9DVYlVS8Vj?_x8u4vG(D-s9n{hDmkbEh@oJVNFpo zAhahFyXg(yGXj3-8fzi8il~|A=iQGl&#@W4O(z1shpht}4q}Qlpx9TKQ-XB4?>lR! z-;$9pYgbBH3`T)euY%!4_qi!@X%995XEI{NHWl8ukq)1$Dh;n8>K7PP4D>7B|?BurGpUZC837$uH5%?&Ut*!JKuaW-@o5K8E2d!*?V7mt!rJsc1MtK z%w6*||HEiiw@19+a@HLxK?LA>1i2F~R!Q-bzxlw`$(wUQyS!L;zhLhQl@{!ax$fgT ztihtrN0IzJx4l1pGw$zsTY2WPE|kGjlHKs|)oxSajOX!%^lM2Oy`Y=6WD%9P{J(p`)v$qEOI5F$PAR@w$bNF$v9Ay0-$~``72#^B;#IY3 zPjp@@L1}W=?1}a4>0ojo}?jm(`<6%xHE-yLq>yq@3W(0xF3qP=#P z@G6mEp_Yh+uMx{sE?9?&=!&A#>EGm&Z{+XIr$*L6&! zqKqf;3vSWh3oe;Ke02ub7M3j$^U#@QB*v<+c>SpAI}#D>}{iG zG|v#mLHDG@OiN#WrE~vb3_-6goJvJyk%{+5v=3s1nn%jtOIHap-wO5^xGIjOD)35= zq+<>kdZ;AyUIbmRdbqLlck@yR;Xc%_`cZqQSsJ)DTiHMBskZUO#eI;(LHE9VXhE2x z8s71r_y~W;2(}<&{Jg);nf-j+8}m_(aK(Y@D%BTJxgtj`SJKF5dJIae#a5N^vJ#mO zrS0ydY_dC0nbPOCJw5JwKRMtbG98;p{B`YrDsykKVYs(()2AWFtU$BI-LEDrh?w_erjW%D`tv%my!8P2XCDMJl&%6o($-`nxA#TGWB?r>GmQE z{Lg$UM!ZkW2mrOf=f{Mo!B1zZLUQjgEw11l z%lk^#Sk{MlUSAL}eVNx4%-RzTe4nP%mrIaCkc}q%4A1q%gHYo(;ghN+HfJLC7SE0D=kMF1WE0@APp+Dp?N``6yXy^;I(4-S&ZoxSsP3 zPDUe73XjIj)!qi+e%|HuEjc`p+v-^F&TFK5c?4xp#IQ)?W?diV3BM-7NGSh^G*F8y zDB%r}+(Rc)+9jaBR%?s9gz$L#eJPAo-LTU0Sm@Z5c?_Z=)YpW>YW&V%9p6sxT$N+mg%Ibb-mXNW0mQlKP`z!ur`u} zlkt}wsdhLM7)gpekQiHfy2=@A=Ha})H_n$(a+tgr$tE?KaEU})kkjrbaQVGf^YcX! z!PwYv$|fbV zzZW}$>`AM{DI#)Grr}((==26(l&Ad8g=SW`4v+JQz5fO}%T@TdObiWC;Fl`-+5v0s zjl_zr!n{F09=QLL4HEY?LT~O;v*38JZT7ZK+AG!`q*v_zI-u-__P000d6$3EVkkjr zzZh#Srr@SBYrOv*^KBLl_cwLEawKwu(}RBp213kVzC6m!gFpe|?#gHKRro}TEh-O) z>2ohJ@{s0SR=dHg)0BP7>_u)ynDn=B{)T7*kG z-&DhB(uCpU%)U$b!OI{gll)u6e12maeo+3cBEtW>=mnfyEPB02bI>|O^edYw2~dcy zTFEQ28#~+elYc40c9*1mVQ(IPw&pUWUbZ^P6P;!*NQ+mMW+`+FyJluyFkpAD-KHVXcc{a?ln6V^`MjmNH_8Z<_3iDYcXC<;-X{Sl`&aum18Y?J1yupa#&zGyw(b*`S_s_{Y1nwf6cLW4Kh zo{V5i@u^q&qk%OwK|FHzsBmWNCKuiqnvGHM)?C+K#ASuZK}2=f+GYL-R2g$Ne{4pB zky_B?u(jmX!?N2nZJ(DUpiCe}Q+~(=$`wzXyb4*{G~QqlbL|e5=8l~K-9PJCuH5_Q zxIkacN}o3q^bU9q zxjQ>uRYIzgewYOyh3@V03SRypvM`Zf#Pa6uAHo(q+iV|3AMqo%DtyNiU-6;*)`0~u z1>TuSGC~x6J#tpbWKGZ9Z_leWN1rQ<@z!9(H8kbbXN6i^2YZE(w68La0AHVse<}4R zz8*tZ@|t_&)%Te~rHy6OX6Kkw!>dx>#aj`4w8k-HRdiRM1z{hdC7{g%)uMOCEa)xxw;G@l;CP_NwuQ(-Kw+QPRzNyGlpH&9wCS z6)gNYEA>_&xR}EDeuJxEw6nVM`Ta4Idud(^Z_AZ&o=uB4T@5nnHIQSPwT>PKB~CHS zqv?bz(=!pruBN?|z)()KV@IBP9|VGsw;py2zN_p)+KH!v{vMDfd?SD3o!sX?C<}1& zU!=o35+AZ|Mf`WY#OQ|I%CZS7{A-SmTx;4nuW%_Gl!}scGzQb^WujZZgj(?r0OnE| zB_H&q)JJf>=AO95Mjq!pjAY_Fee7kKTLbECt?9$7Ei-B?{n;{j^^nBP)<4Y*NFIOE z70R8y;8nB$EX7`CtrI+eRpGX)fu|&uxfY`GY4TAtSZ;1?xc~Ue$dhIuPx4nqTn`(6 z^qs@6p3S@t&3mIkoBepd@7{zO$ngBUmti6X?D=08R^FBInYPu^EdnV63)c<=Yq2+~D>xkez>!F}o(!%BJlJuT+)WmFh<6 zq8=rik!BX{tKH6OP97W1{RWsY*Ic`m-usvkI<+??B1O*yCrf`AUrpm%{>XY!cP#Vo z4NTB_W$CBvL?eEPVFUOtloXb2M`{-qfs;AU%WmY6cyAgGTl3*xy^WcQ*27*i)WcUB z)nj4!fDZf>MtUOe$B)+8jmH%(hFHZld6keuHUaurzUHZ?(R4*GS-0e#pjRpUd4~Qp zF2--&syy-L=GGx!^|02Cr>@kfZ^Nbw>++4fA$i?TUz{dazq)zARZWkM1c--V=2Mqc zlnYkPhGW*Wj1(t$OY{oL9(_J|-4q_>d!}QV#R!%rpZd&PnP)|q+j~!BC*Bbt!IGsG zvw+P{rpQqSVBp#ogLJpH5bsLAhYgLYW5VlyMsMPsY9SJ3+g&u z*iEzxavoWiRCF~5VEV*j%uPK;bo*T4D8ER|;=Rlxl@mvk8pw3rJw6)D;H1`*)5EB) z(_o$I^Mcr}21LJb|Dx08TER&R&p-*NSEnTtwLiGCzhyza-k}P-clOfMbIPOplf5C! z@_W3gd)r}}b-{FaX*$UeY_2_6z2{Nsi=~9x?JQk}MUvW&q)$aQC1l-M)~WCE=M}oX zu)C?Ktj6-!NVUV~ZpIRXQ`1h5IH$)<=q-XFs~G45k}r4~7ami)rayaMRq>U4rbk@yEsrO*-_tJ5eI{|^(rEkPqPgd}zYl}!r_>Hl(UTuGp=At^N>)!kk-quHT$g=<+&x_K^x?`@se<`be zN6XR6QD1DgDY-x#Cr8gZ7xrF;P@g(NNGbPHrKt8G{e2pmCemcNyR9Gc^g;wv2UCh&(OpeyQDL0$vHlFBnbboUu#@p5Nys`3LK2n0 zYxT|4=_o8^gYT?9KeK1L+_=$LJ>sT{>&w|gpF)%}_e?~cn}=&M(%_`j+^X3yA*?8x z&p#7?-d$Vt?GgSK5J#sDDaYFip)e<`OjFbb3f#e1_Vm>3aOo_r>}yLnci+~NeMIXArpXZY2Z3Z#zb2=3wLhy zm833X1#Huu_d6W5)VH45NJAGR?-c^ltj)^GB@OAv_7n4V+!NSD@kWzRnCP(kM&tg%KpV__ z(;q0=%nSyHd`cyMK(rL{5*wEnKBx>rMBb5061kYHf0w@`HLF8gU_>4I7DGi{?H=fn5?gF$KDO8~SD9)c^>Xhkp(Ss)56F&GX6zMXX}lNQ zSarPJ2kFvhG}k#ybQU`%`7CWw$H>O?-7Nztv=6^&gQ%Y;Q)(Ju46gW0gTH5|#bifK zK_jjueyuEK=$cZODC7b03bre+R(h@7B@g@I-KS(6WQh5VU##CdyPvP!Ylxc}>(OiP zuJR7~nLqR=drfL*OD~`0X~Xhn*XSd3%hiGAcbPhhErcajEQZjh$$%@YF;|#yHna@7 zxq`6a_Lb_8kEV*gw|{eg2QIZ=z9RXO20GemH)}b&NXQpTa@Tt60IPtIHjU2uI$6oD zlEpasJu=Q~0etZVq*P;`ySF@4eER)7#!MLvwFpquxUgp)#im zizTNAv#kqhedUVRpT_ndqvfl_h(kpko=Rs8(CvTIy!g7oqN1;|B*Xrv^AI7|37xF> z@KR-3#Bxa@XYs<}!ELnADum^z@7orG_hF@=>sKrDLh>P;c&2bb&3#HvaVlC-+RGIX zvqeU~34~b!ldg+eew?gCX$e32`Dkv*uY>Nqmd4+oBeYK24*HabZzgR^CeD5=cXpGK zuo%7&?h;4hBl_lx{YeV4bo1!x=@o;?1FL;cri<{SbM4Gyont>ZEZi?z;?~(Y+AR}j zBBA#Zc>;L_f}iq?>8AiOyFhIQaHtBQ2UC?l0lG5uD(^iVW$@=8IA-qtOFv>J?`@wu zpFGG4`uRLtq5mY~*(tYma5Aia%`WULyX^)c$%@($*w}oENW6LMzvJz{GO4kVV ziUk?UNlibyHy=tU$M%QPg#G-rAQ^fgrtJNUp@~wy%T9Pk8IijwIfL78*Y-!}cZt3< z^>_cci>CoJc$s?+3Tzp6VM78#)Uce-r06$G)wcD;_@oF#p&#lm(BIjTr73l_jEES< z@ZgR~bf!{bmVB76|5jO?DbmIAR)tR3| zzVE{&xBV>qOurypxk+)m^We^pXf3f_8Dln@%*AqUB{Wn(ZxgsPLR3Rp-iBzb%hSto zob@#GE1~@xOrGVzxkAYkP0G-%cU37RQq~vUh|)p0)A*rRw(O;5YePlv8=69k*N8)w ztg{Bm2rO^V-RLwqj9iS|Qj(_^$PwF+6y_m>Gf-;e@&DJWVAH%jk;&pyUocLU~N4R{6A2L-rWr0f(T|AHz|~X1gEWnWfN26Gz{1 znr?e#kq(PekW7>89U5u2ySXgPJ(j!aysFwiHs}&=cj&)v@0wx7D!H6wHPmtqV>_w- zWend&xTY)lDP6p{iBdl8^jBuAfA;-@Xd^qxO0gHkQ6DDHSfFd;dD8MigrHgw2NE%~ zJfVlYzah4CvUV2D=9l3{gGtXfD>N=WspbL+N-JUvaOO}9Su5@k`u*%X>?4NH!`C#n z-{x366T0adqueTKYe9Rbzu=^A0Cj_dLRP(id}C@xmX;utCs-s3L(lm?{*-)W41 z-%S&HSWDNXMLIn3Ao4bKtDo@G+Yyi?U=jf{`7ujikMmavz7cKc%Po3${=i0bc>caZ z`@(t2_%-XSmfUg|dZvAd%dm`KG{01*O|qil@=;WmaA(<>Xjf#%mRf)2PGjg+NAn;i zV_QWM34cJ|3&6mrOt0JgB*W$5KA$U4Ft2ddUb`u!X)z0DyY+oR)!Qd2%$8S zbtE}MPTiYM$Y*`kGk=K9n+|*&QYc|lPxBDjZA8a0ji?hKr+*LJP9c9Uy!B6ooA>0f zLG!HrCRzp3P6G8trM3#rxjqvVaW`xp)=&_OnIf zi;+UnTe8#q7k?7IO}Z50C@Zl==kKN|5-n)9D8~l%BYk7*AnV-!SXKfz3CtG*O< z6{kk=sQ1l@kpU#QWQ59?;PbUToz%I_*A6 zZ`%rO_`8OyH^e*;-^~%hSVQC^;a0=7+(X|RY~yJrqspfz8dllx@Z;u!;>QU;tp;?5koUX7< zXkzaDp+{TSepq6VzD!{oJ(%VHb2b!m$5@5H_dreg186JZt7w6xTDWzw#i zRWXYp)+pm-tI&wVVh&1$JZ|4>R{N&Wbl!=txTl=yQuECAOqXd;e9OY_&Rg0$>0HnX zs2v5p2Q|SRkBJ7Y+&3c8v&KX@_T{qW7KuLmUqXTc9|DFj;C*`9C=7wsQD z^Kz|3`*i;Y+RZsV72}bFO_K=6P&CI+u1Z9^|i> z!nOAo80_ln5~#Wj{ZE1LOMF@}edg{IV&t<7D`AK*w&ivbuQTr;{3Jd659qLr8f?Mj zS*!ocNyH$6h%x#jdnlf>x0>@&t&kG6GU4&-3xhgvC1ZrdboTg0|paa3vj)5`@&96bm@+=^90>zyrpnCS?}Wlar}v$j!#+(`LxI0R#IJ(47kXlZ0@Y;!zu$ z-(BP0z5iud^v6y4Tcm1055D1%NCwKw4<^#6tM_8R^-XeODy z`JM z|2#fX@Lq~d9{youb+=576av_aB`n*4mvm}p{e6y|(+{=WeBUZUS2agK%&#sKsPT&N z!N~M1XKSrz_F%N8uRD8wc7RTDtBs*G0P$A|b_;+%Sv46xx>&%nUly*5_b1=`bP4)J z0z~E&F*`T87MI5+fb#>hq1!?qn9__$OU&#NDO?&L$O;DI{X zIzMwhp7ET4+3W#7@lvM`*q>lg&?sk7C6+v~p(NS@>?wV9pP#6qb@W66thwD^Hhl+q zeuBhHQg!^$lCyS3r*BI=r}gM;sxnk#x5UJzT;#!N-m~v^*@HAzyKfaBe@0jOu$`)q z_iNqLye-*NuL0Rhx&ZmPOE;y;oz!-d;E+6T z5DaJpUE)?RAT8~cd$WU2R+Io>WD$O>yENH+s%on=Ckq=XG8>un9UHm60Wiyv4|kM@ z#(;7MQAh=5dwm4?@SBI1$z02dsOHhwo>c}O<@W$$zPt&%N_oV1W;fw+gwe+7 zRsK1A0DRXBvGMRv zYI?r$#5M6nF6hc*?y5X}#wGk6&@SckZXB}T7>x0E_W-;(!DjgOD8Bd@iVx1@!dh3z zi>=P7p8=q}w8Z~7KcK;=#=&q;{T!>l=v)_@Kx086tYl;E-^o0q;RvS0+$xf%SQPyE z&Myxj=-vzAg0P29;)#n|(7)K=u>+>cjINN=$=1`!7py+t58enzk9E*j42Wte7mImp zdw3~M&`OJ+_S zv*gfyz6pld+;4FB7aE_{@kOBi*M|}BY7rd_n8Hl0f|MG|%dDg%WK+E^LZ0b+N8m|R zentH}d)T3HX4Ux1nw_7cjqzzLi^BStwNRfA5pTeren9-b$7?ZfZKPJmn;uHmletS{ zNyM^9U@4&447jICo$yM5VGn#FO%Li78EkwXpT}MeB-eQ!K;exj0;vm@keEC!{F{f` z^~yAB_<;t2HYKY}*Wxh0wVbI*hf)v0^5*~Ix2#|LL8|p%5qXZfUlRk)4cKO#M-SN2 z-|OKO+wXerq^*sQjV*V$(nVdGJ!k>aFd&WISnX%dxrfSgQ`{hA_}vX#&3f#?SNmmt z;S4Wn*16=0c#DS&i$-LR%Adxz$S_Y#{M~C7qd*J0hF#wKgRt55lMl3>+s5H6zn#5N zsXX2>v@cx;GjL2|@g=o04ae!TN9pg7AR@_Q#0N;q@*dmx`>}V31AQcL` zkt60f3i)eUheM=DEgVvyi9-lF6`)C?y<5xc+5@}v{wqMCV!?T zoYmiJ59F!XLNXh;1ijkHwGR8Y_ZiIGH5;lgB4bX1rEO2w`SyCYK)K~@bxC4QFkK1n`i=X~z5Go7pb& z&D9N!UAqizXOu|U1wuiNy@bVw2d+yVVRFkJEpWMbhUVXoM(|T5QJiN~7^HdL-aNJL zu6G`)F+z)B0CKhyqYiB?vtjhQ{NRM@L1zqJm|WVdZkOVMRo6bmk+*J>+a>9(Pmnl< zT70k`x=7P$N8b7D9u*iahfQ2tS6nKa{E;|d1;WLZBP>!HSo&A`2BoRI+Aa=Bbj^ObMMXh%<}hM0iQFa8nTNG zB8Fdvp0_;snb~W$Tdu;=xc}vsq?VwC+Du$}e@ty0xO zT%EJ12jA=t{%sb2meT@sq4w}K4XNbZ84J+}yqy4LlzMhh&0>y;*>nw0{(RC>qlUUm z+Mv)ID`{z#UZe^}?BK=uQRexP=*zZr&zT9YlOD+RhRm$Wl~Z4Q>O^9;**s%bJMEqU z%JnAZt>V6_Q+fN@cYov;;v43w=nmi3x8B|$Tu}*QaRiBhiKb^8yh_Ayp!$3w6`(x_ zInnt7R;P#ll~Wuy?K`xepq$@=?x(!QzqgefS%Bc&P@MxgyhRKlfptK*DPX8w~1ZNB~(ay55x-Lb{=Bfz;s!zj3D-)Hoakx}M*cnA#ij4Cbsn{Ahs_8vsd=}7rrIR&UIiz&aLM^KRlqwJDJElHN4CUdbkvU z9yID@dy3D8TH+5!SQI3Ne0(W%sRl-^(PRgPEOVbW-R8d^aLPRMp>bLY4NT8y@o0C~ zK4k91oPlmp>7dbZ*Fw^jRi|SfSfJD$1KntfV8hvFwf+WD^2bvAG9K z6`x4?zZ6sRLNZ$p-%*NjNl{>?kiKc1 z5*tqaVe3(rQ`X=UZFZH@Md`Ce?1M~p_w!&)b@#B8b8tll{KhrKE7>D_dnA)F?C}MH z>JOLV+%s2ui0Pe&9gBQF0LK!koBB5*V3z0Eo&htR(gCdqHvx*5KWN{fLp9>8J}fqW z6?kVALvoSG3x8N=GE4LMsc6Y^4sJtiKh2KOk<#>ItNh*ZrxL50Ve_q^G3<>gdGLWi zR-zs1A&gTpBeh9}U)48x-wN@U`kq0ChAN~=sn;QFDUiO)_fQWX@WFYjl@H&jg7l`YWu-t7w9#eYT;J0P#$X!@k(hgS<2TIgP4@v=Cn z@3DeSh8isIjhUO@1T@?gv4PT)-qPY%XKd@sP3|B-u|&AF#_bZFTXD;}wV?83BIbn| zDe58I92`H65Zcn2`7BQ@QN!h$t!`5qV~@TcTn)x*>}dXTB;EvD+jL3VpNRp#9|e+s zH|gq^-#KB)GBH4IxjqqUf28UCQj=7&{u=^Pr=(oU>wSlIVL-Wo&r!A=;5fspvGP|Q zGsKZupD#O~J&ziQ-diFR58b=f^jS<4TKCyy=M=DPBBW7P{xmqe-mXDiM4pq*cCaXl zWl%-lG6PG?&rF>oW^)p5@#aD%E%aJrKaZUBXn0$oi{uk8+J0)z!H6g`ckHb^MJ@tJ z=$6uW;z8Ns9_c49p!#Tj7p}7#yWK^nUM$dz9rCiThI2{nyuI3Kq&>cj!YXmC1IMA} z9t^JEHp!kz1mZO;4?_&zC0JMXSUc_2Z>c!OH{HXPNBB(aL(CFghnoU_ozw8-0W^E# zdZ^h(0BAgo2H8U7+Iqa*1nu^NNn1&CrFY({cfp6OT3A)-a*&lO*KQDyK$9nWu#7Q# z&u3uUN_BrxwTW!^2Yh=C={W9&tVY}CWqq|cqIpU? zjyb(sd=Y)UW)FDZ=nFsdH`_f8Yx^i9rLZ#R+wm$AL!N1WnR;^lXsQW*S9YWH^k=DX zkq+ZcLYq~(RpWjtd{P!upG68=I+E5*JH=ml;1h@R`M{f%tEFC#jwulDW~L0fZ5c(U zvMkLEKMO1xpdtORH`J*;PaVi_Ohzj%D^hv)%c|~CQH}v;B*93An}}zb7Va0B2nMOc z{UR0atXoAA%5ytkZ?|_uUun6B*4)2$IotKG;5PFc>Ex^;$BuGVd1Anez-~BBbdciw zhY?lx=ez3ED$@l^m$uT@uqI0 zia^5o%+{$H(}T3_kc>%_lV~}i$JAf|3nM?+o3=3$ z(4)|@5&??TebAznK{I`!{BRzE@0lmxGlx~Ra7!@ig(1Q&fU{DoDRje5U0L=XJ0(=bO8QeG1SbnFMRI9g{lBXJ z0!JI$joZapHUdz04vk+pTB9=lyCJZq%tQz&4>JlqC^cD%2r2Lt?=#f2uKy`1gL`unK&G&=DYEM+L zxYO^TUVk~4{k*}uOlceq*Opad{KD4q<`LZ4$6~9(tIK#m@O!EowXC2S?5%gC8_9V& zRVE0~Tb%h3^7B&6YI})d5N~d=BH4u9T$^jxF^c*Qt6J*D4`G#Q`CwMUgQj0NO88wC zt~3|9N7Ij|f6R&wO?b}w74<1l_LKf{jkf%5Wv05{B)uivD+R8G8|#qQZYcVS<6EvK zdHVyjdi0UV1y$DdZS}-i+G29({zQ%Fm8Svk=9qcqUaj&zF}-`!kc? z?NMW_jmxI%h$(CNKW#=IBsq_Xs6*)yNqN!MxR+B2QKh?9-E7cje*bhnpBh0Qj2#98E@t}*UW4?% zT-%R4vbW+FF8d3>$`UQB;Afwbcrt$nXPzbDBu_D62-5M^@_%@g?${VJ9uAP&6{ zLY*G?AtN*-$l8+0d+S~=p(Uf`<2YYqcgi8ODJLTOLNL0RYEAcA&7~+h()DpYU*{Ur zIMUaLGq6~-H$Aq5L{G47zYdFd2UFj}D%0#XlUZ{2dqAP6F$UTk&%yVdT-D&E5uL9YipsIaB^Zm z5~(uzY!)uudla2`WvKe>d*XL~McZxtgs2BUzj&j*(2&99j+hHJrrPTh{Yo9i=`dV5HgUoB zicu=IGD=C(j>-8f@2ovatX$`6=_l(PNZ+&alB}?=W&bnlpC+alYBYYB`^V&ephyO6 zgw(GuRB?ZKbM@V)cM*#rFqo1N2{Cq?LuFxsXZ}8c;`Pt>W`T7{=})jhX_v)^2bTZv zio|8m?hZ!qF2|d932gZ>WiAObkyDen$~KjDP%no(#a@VHpK0t*&3J~@%8qL;>clJ$ zo;upy(9kD69lt`q$(rUI0|^AH7a@uF588oIV)>&`m_Qlb@PT2Sl1!=8dX*_B5#w~+XqT+QNV^(%pk zSO4pc0LZK}BRhveC!=~S^k~HVbYxY`e^E?}BXQTjsUqg|*{D_Aq;Jy_zw=}J_WF<> zPLI&7o(7bXU6ywa%EEGGD7T>hx%7fp32#zGf5v>w;dFomIS%oN?CrmXpt zLl4I^)E|trN4{#~*X`}GcEmlb4YSZ;VTy9y7jg8!REG0*p4cp4$)UEt3AgSFQ&Er_toSK@7kpYvOh(h? zW|={b^t&3CV`J+rchUQWs`l?FMkp>7a-Ah{{x>-8Z}j4l&;&ZybM6Ux2M*E2v0Iak zU}&3vug)OyQ}-X@I(wL%)4by=9iBYwl8_}1A`abqdh_$It-;@)*L828MxaCX@$9Ws zknOe||9Xdsik+Mz|6%=DDZ6Ao2w~)7N(iaQxISb0Jg{L@lW&9fDjw>PtV}Va`v|&0 zdIqLMPM~g(ed= zEG5-Tra}kTgpp0RXHN#DAkss3K-mbRMIEMszAm&mRYZ{<0O$kWMXIZu1Fou zy;C5vZf5W>Oq3{cJZl=OK6`5|@(nrT z#QtpB)8G>=wL(n#2)!o9J; z1%$Yj^0~O6oZMJiV5l?6G!`^B4|K?np~(pHT$&+jt-&>ZLT>K>xALZf0lL_X!MHpY zhbF~XB^Q1qa*w-?1C;sjx<0k9v`^FgTu(M7xJl3Xf9Nos=cUdb>qw4cz+}` zd<SE z=T+(`y}|TM)kuL+HDwb|sA@L0syp{R7GS5^V-6a`TVm3e(dMC&f?ewQT&GYGsWg{% zeK_G&Kf=Ak%~G)neagNW9_cmzEJHPpS8LzCITD75?~&o?2`nbI+4Agtp51i~qt93Q zc}_}nJuKZNT0vH`;f9Y20@_9vk9QH%Q)KmX_w_ybb`-3sl_AdbJcEY9mc9q}&M_mg zhON2DROakq2AVRvmxNn&AH$L@y6{<(WHQ2R+c8x0(t_DRq=krMGS>KY*pZ0Q^WK*J50Z%gSHvx$ zl?AcRXb}^@#@q2Y(C^b1^^V1h(ypFAdi#m(ELu_Swv@JKxi}Te(_?{{qvqjBfv0GU z(HAx-D@n5xDcbjDFS;JeZs#Afv~2>IN0v)uv-t74KIn#w8n_;=F|=PLU?q^5sH{D? z;t_DKYX>l+gq>7qP(tcVy2VD-JbQ7=dkt(*C-%0MZxYnB8n(aNzY$GUrq6pII$GMG zMP%~`xeGE%ie+lCqhR4diWtI4g?=iqyxDsBJ1bmIH1JdHHs1AAP+wJ6gJ^4!OcIj( z>f1@pX_bBKeY@(8H#0r(88_aLLyD+-jO~GKt9Wz5m~HAU_@XE~)nr`H9nrQrK)}{^ zp$DVFXb&cK&DGaFW-&c~L2MYGg^|RFs5jGKlJ?6TjfDjj-p-Bp$+sGi)J&1wQXqUg zHpyajcwA%Gd%y_dXK&tFZ z8e2o7{9E;ey z7lnx4t)Zo@uY2la*8Q|Ol^LR=p9n5y2M>JW6O0^k8GOW$i;Jp_8jlU&43KgL1@TTI zp%n?hL9d6<3Nz8F#VOT`fq5hjVCquD-zNPpDgqlBV@@N-pS5xDp$)L)Sfdl#aLa?x z`qay^7okJ-LR0kg+lJnJ!oGY2P$%0rXs>8cT;BMC> zYR)b)RUUX0y%dghho>Im!ZgQf5Y2v*6gnvph}3Db8RP#IUU9 z-zDJ*0M-}ZKish!_g&p=aC0cW$dSJeVUo4Z3VRikg`8xn>T2lveQT*fbi{h6-j1bl zRN6H0I=aWsJ122XnL{AD2sjAt*mYgoSMIIOR*;LVx~IC5&GK$Zwb06{p$2ZZHeLfe z%J`?BUBh$zkLyNG`~MxNE7K$W%fK6$QR^w*^cZGZiwiI3%JhB7^uRmn?ItWJqK$}~ zo^Tsr_cNG&_1Ck$;!a`n(LTu0X|5zH#Wo>F^>G82mb0a@LSf1n@)3@77}}DwIgcZ4 zzB#XAK8!hUtKX#uj1rt4DSb?IG5o@^!pBQhMOH)hjr11TO5G(M=>2?tVLr*uVLFPx z0@IObvTU|_k8Br!qU2yC4$5t84@t4vXzPdAdnm0sPkz}exl>}Oh=Y^P*dAlYYF$An zz8;F`2^37N-uX6T6!?~;20QB~gWD8{?S`ojetY)8ylJ+km!M^{^`z#IaJ|?%kG{$;67U)c!Rr&sfPeW} z^SC5MSn4~kfE4)O3&B234tfpgd_jTKf;HbonGm?=8XXsg8_eWL)F32Ojp477^HKl2 z-DOhXRWDUHp4|E)vcx`K#^j{m=Vl_WlC$jQ4rFB}4?B>P&nfRG^6Qn9iI1s# z&*$PVUh}`swEtTFyt=y;cvzM)_Tqr=^OqUXhD`74f!$q15Ctq{`nAhA>Uk-s zI_~#-sja_v2d|lD?LMyRJ{c&surOiGl-Hl|z=z%Vv%GA5Cu4OtIj&88h@;)4dLxP9 z$As$&c=jpspa6ipSq%W~)lc21VyA+7uCya!dw^s3FE6uU*^vE6UyXg0o9c1U@4?Q| zl&j-+QKQU!sor5$!B+8mt3$S231c-SjHW>!##VM7vSeo@xkrDKmZ#eAY{8@#NPU^) zJgQQ~%{Iw;hrpM1G6Yj++RLL5-n_HUzq!@rD*zux^8D}+Hf6&iPq^pXz=?y!44&K= zcyQ~<%=k0VfPSeYn8!VcN@!~kY9Nu_11zFxh;sBk;eJ#8J>1n!L zEGsd2SHX%q5$Q9GMn&7AY@l5d9tBni55e>PnD`pM@{_cHe`S%j#ejqDG~FMhv>>0y zY~G=6u9+;c9`m+RHx3?irRxkzHt}H#e?8@G-e2`zzE4byrOmCqcR-S>&&jSM<-YYi zJIj;Iu|D=>0_k6K+{GoODIjs$x7{bXQKfx(;X0=jVGcy;t`EWTy>~P3eb42uJiHyi z3!U{^j6#L_d3W?_eGb2gIse5ao!p{4?R%JkH@M$RLqoWlP4@+&k)p639AtUcZU!%$>2O&iUYJBPDmKXd*a{??KH;(!i zV(}qk4J&|bHP@#8tE|1b{^$k=kx;M91a;^UU10h7P--fBK`Stc-+7roRFkX5I@8b+CkY>05fL2+LxU+r4ocjWCSH+F9JFlucuzEI}CRN?X? z19WLCt-dXeNGd3HV3;&yE>ok~Y4&pv#U2St!*e-`G9|kCW%6KUDoZnVJxb0r!chC- zg;lHmOQJ76RS~Z=wLa~B=T1(QfezJtU?%xfuq#~b(iq+eL6Q+zb{YfC%sI?_wQk)tB7A#yLHrc7#BlCjbp0I{&@%HIt??1J6< zxgD6JQ}KrXBcbRDLZ)#^wJ4f2E`!#}Dx;a%+>MNkL6jNyChs$?eV4ZL z_Wt?)G0x$fIezE+d(Jc8=leY0@ALV5zA>Zv*UEG$W7oqVR|_)Fdr-n~E&K0CPW8tw z3TbA>w@Iyokd5jDU8o{CWSjex(bcRHLJ|&I_P{v`$Wc)#pccbOWaA%A3sFG5K<}77 z31z@$U}s@6i?a0&F#H1r&pDp}88mM;Kn4`D!>W=VB?R$LjWiT1C24UQrun}kwT9zO z<}m|6RJq?5hJ%%D5^Izr;ijmkYpQ>%hFB8 z)@`BQ=cafX?E%tsk1V(Y;#o@c%mO<--QugLqAVmtjVA!2p@gLN^yx-af$*C1E7`<$ z^A-a?bgt*wcf~(%Epb`3ECn(>Be!x2papIHo$$kow}5WrBH)QF-Tg|x;@$>JgA2sh zkk-wXhSs4hGwDfKPRLMpX$S-`&GIWlbAh|+`V%@#IkS&&rTK38pyL3$;_^kaep>`J z_H)I}l+9yj?zZhJdnz^I=qo8P<*lA5hyVngBfdKj9tLB{^Anovm`-&LJ_(Do^{jsl zfO>j=Y~`O43Kg`@N=-C?T0w|FotMk+uKr~>`vuS7o8hz4I#&tjt6Z$L)sDBkV(@pA zY??kET;w&Pjz$uWIic=Rz?ooA((%&ZGsG!Qv=_Rqs#=xHD9-&4@}`DAWd<7wAlzQ8n>`V+78VSz7V}kA>46;}DO?Y+ z;MTS7veZ_|=N_ zt7O95Gy#|_&AO{1`eguDJW#Xw{)R$}0!I4EY2d|;nS`IbcvVVPpG3Y5iNm`hCjGK! zC<^&B$C+<(-_+97iuA7`H(Av6Mk;l?LW8+2W&y-`jrlA7wJr-We8-|Vh)OT4y2F^A zDm;^N1!OH0_2NNAr*TLgOFxqft8$OIEkiVq4Faf?dP%Mhw!m*@5xRfOH+5jHFNoI8 zg(Cx>Q+N9zFQ1EcRj`4_0)$AhPXVpd?g~~_g$zq9gn7r;;B5P1DBYH(mfKNRd%B>v zRAESr-XrS*U6wqux$uplIM5m;NyhVai?eW9Rz7xO4rLQLrVjO%1LtSjv@6^qB0M&h z;CkJ3u6c$lP%yq0T5x}x&C+sG9cH}82FDNCGiHCn*rZxDz1hu#Nah*@Codi=<<=Vq1^asP4#v+C8=gl3A^o78;| z5JSA6Ka8P{${Q9OM%WOI_FLMT>qOPj*hPgGaKhF%%&N;AzjPNbwilQ0zsvctOx$i% z3)g{`xL7yh`>&o1<7?&nj%cH|f4754G>TCj9pUBh^JM1u@kN|Z>i6;Dk%;ymU7UKh zVlIjI+N#iiTPYSX_U2qjbXDQs`{mn#sDv*br$4{W6Z>8>Px4EC2XdrHxD#!&Zeg4w zwWElz>o6`(Y|Dm-cqehZ)z3mWX8i`>OV9jfdZ7EE^qy8O!fyJhv13lsP@-3fpWdlK zQW)Ua-XD|u{RZ?r@s6~$3-;mJ95Tr5QZ$OHrWR49yviigR{&{@W_Mw?A$*F;5uMw^ zbS5ZfOh2WKnEbKh-7FlO&U7yRWzeU#Gvz8EEI~gD!1cK$aQmea2ItNXIK8?Ls9)nk zPG~qF1wWyTF>B&NW%{(mZTv9{_K)mnergd{b{cWIPw#QCuGL48C5Q0$-_)FBaiX5O z$76N?L=+~VFs=zgdg^h*dS<#QVhDb6`Pt8g%h@r5*ekSSu?mBjrmRRdcH6T1T?=qc zs%&=T+a4j*`jmR>chcvdXP^8byyHc9vEA2h^AE^f#_}Pa3GjWRpp;?TchH;>o>K*u z-1o1tlj7g#KB8TmjAbJ7LMP?~?x19Bu?yq^!)Db4%O!x*%_2)&${YL1@q6Wz)tihr zHjP>WZDsTIRFA38A-cm`Tp4|J>b)rMPpz~|NJd-hdutXnPzQNjtQ(l`|D~9S}t@M*#Jh@m<@a-Z# zHfd>R5%%DWK;>5DN@d_&sBSlh1lM7j^6%NFK_YeN&hZx#*%g84&n6-YRbC+hYF;UG z*maX7Y634f5i9Nz)QQb~Ni*;7n!8q=c_(l@My*0Y{h0jxmr$grbPiBF9X&fkXcxqEg-tRZCi@WCn?)6Xi?pI8GC6Oi{mvxveb#2w(LWS-A>_+DaP+D*t6^s5$rPER^!=)8el-&dIvuRN=V-CI6^zKPPh(4&krbCa3tS<>F!QI_ll$zbU3U7 zZ?ECD{M}K{X9z%rBv=>98{Qw!Kdcs_so+^bq^Z%`-S>l5(Q$ErYax%9pe+5<%)3JU z+CKt7d7Yo&_P_Vlf9Ru>t`EWdmE73)Y67;_%=>TR@AV-JR+NUWUz;DYssyhA6`V$+ z!dn&p&ETI^0MX{VDTlvKQ8__4&%>V!Z literal 0 HcmV?d00001 diff --git a/assets/m2m-permissions.png b/assets/m2m-permissions.png new file mode 100644 index 0000000000000000000000000000000000000000..03254291fd519475f62bf9b19a63c5c7fb96edd8 GIT binary patch literal 229180 zcmeFXbyyrtw=aqY_h3N>4Nf4q4^DyvcMZWIL1%!$H3Sb9ToNpJaF^f`9D)q)ZUYQ* zC-3*2z4yKMeD8hl|EHhsr>m=LRdrXbTI;tYQbSD<5BnK55)u-gvXY!85)#G)64DbU z%qNJNx<&-X1m%UiIJ-RJe% zyxLrj?vJHx9z?bm8?BLY>d(JUP-~L}7%OLSvdm=*aI>Y!d*c&IKe0!`AoC409*q2m zjq&TrsDHheP>#@#Qhb#%|Eov6N#c(iC`fV7BPK&!Ww?7VkUP@RG!1Bx-?~!ZzH62Zgi=oezK?DX@ge=%2@~fqi$nI<;Wb)eBKpWo z2$wlXOcyi2JT;DR$|1-|ET6I|yw6EI6&m>=qbez7MOf;(%kLVX&pooL{wOtc+Ri1U z_<}cFz;Q3FI*!76w9+}YhBch6O0kfJiwMw1UBd)>I_kHp ztH`hjS#~IXi+HnTiCp!X3F}I4*XrwTbxx|^V`k%7;9?a?nx(0nR9iv{C3#*6>6L!R zaTMKFkVh0##x*icysz=KG&k^#bPl^$24_M~UkS)q{mV98{OjGso9K8Ohu%|Wa%pm+ zGEIVZE&YTq08{vaAC-|9?#*;UfrH(VO&A&A`#!_ptO9dG_Fyw1VK8|Rvc=2^&|8g^}s6(HSNSt;RP>al;nys zF4Gf2*$5dqqeUcGXY0v(&_(bFrOi4mD%cmsDh~KTL`z&w@*At3H4?{KHjf(Tcdnm? zKV-u1JApI0fXN5{MXC~6>x@V$B#cG$(e6&j>Tr47=2c(WcWj4O~&)* z))YTuE&1IG!ZO45b3RtjNX;mcI{Y?oZ48!>-QIrCfB?k9@h*GFEHEnF=9CXmW z$vmkYIt(lGRm26+8pp$o6zo%IYEG<~rIxG~IqICLo9S%g zWJ11#wq(~t+N9{QkVY~2almSeH{}J4--TBSkN;UOCCjrqkp5vMNB8nR-t74#$u8;s z;dpa7OgZ~2T~T&fJFwmKF$>w*+=kGJciKF^lQOt`RkXV`3@41704jCoB|G(Nl(+YN z*s5+fSvM`CRlYf6@wjNdmV!y|Yb&XB&h_cuzE5JR6fBY~mWk6WeX3bC?grGl_@$pb zzDzsW+di`_;a#%)ZGSsI{F`(6`!C1Xc?q`?kp=N3-&$}DxIQ%Ur+!o#nE+Y4ktXMS za$2$j*O)BMP8c%jgcWUmus;05u zwokFsv+x?At@WxQUvQ~(p^~9keF5albL~;Z@W6KL$@x)4+;S8L$$t7BC}y*m2!))&ZA!CqpSCAhXn2-pL=N9zqE0 z0_uh=Zcv`0wb+|_75VIZ|21i`XHjLbX+h9^*k!#MZ8ct%Yo!<6N@YO_h%Aali*M=I ziHGHV&;KSz6Um~WD6c0c6-i0T&%b5N$>^zhFgoY;;o-y3+ELF!564ny$dJtBtJF!1dWr$4Vbm*;E=|bb5FFz#?aP_IfxC zygjS2C0tC)bZ+ZLL0jsboXST(QB+fgMG8_KHd>%k$j^~{U)HwS7zO` zbn$aCn+%Qgjt?~(kUB0t>AuyHM)2;#JEyehVYT!n@jlR?y>ImxyVH?JYDS7&~9kbeo=#PbBwCF7mi_md31@t`;RYvWO~To1aOoDa1<#RWe$ zhKM^8%=~FD-R8$yUrnaeal0ASeGvK3`1U56w2h-g*S?HX|HgKDPRFCvpfpOa-Gtw6 zBvdnHLe-(zfz)APsB7rijKO!Kwxd_zcQ=>Vj~^uvdzr`d(J%OYcT%(;m4gta6Z`yy zT@C2GjH}aVkG+ijRXuV2mJ6hs%VMF?Y_46~MQF~n`hFjOAm*whwPbSoXnI-<&x^ZM z#^I?zX0xWJ$udo4bM8#8=Me2yRzjdM8 z^;o)0yFA2G#&ZgnB@hzw7N8Yf1HDyDwA1?eW+{It=1nY@@QhE(3TO;#H?lmDl9f(C z-M-DuezDl0Fkihs3ro!H!SUC;*0%6=Og2ms>fU+YwQ4rsK4a$ItUtT<+jU217K&fn zR6Aqh+CKGue%;k-A+^p*&$l9@<=Oko1A*n*s9DDH`lX2W5Bu*1N3M*zjK-X|7yT}M z9*(n*hg)AY82PH7o9;ro;Yt2;4^@RrW%oP50T^5aR&>i?CeX!N)!k`I47$3lx=QvJ z@iM=yyYI#PMdxSdr(<@qqIm-}M=# z)Q?EKk$^!r+u(O?*TE0rC9wyw+mg(F-nZaA@`;q{iaIl@_E1RkLi)l2$L7#Aq#cDq z!`W#98Ptl3WJrvJ+u%|VqjyLE$9;2X2PeE%*RKsf;J@D1#ChD!Z(f0ps3KiCqjq5L zO==-UmIKsFnR~s*1#pC}Sd_AwNSxN0g8emn1UPf0Y%G zpCh6ERgZ#%6mExv_U|@oi2I)-4srdV`PUsaAq)uv@kETcKshM?t2M?%4(k6ZKVd?= zLz2;wRaQpawX9sNt)1O$UED`s>K-5}u-+>fxFI2tG5@)cl{J}85dF{DY3sY|tG*Vs za&h9ec}~<#a&}||N2gAkllZeQHPKZI>CI5TD{ypyheEDxe zah^Z_{y*m8UlaXTEn=o6vBi1*YtCF-fDJClO;u zPDrQmX@Bg0%E!Ssc0Mc*^`2>TFtUNVjY@b4!?JwZx9|OrmVL@wk_Bo%ozR-W+nkO=!up42Pb^aC#r5g>Jd-raKRnq! zAxNHj%7R7yApxSDgHmFxx>^@ilvjvQvIj@!W7qq zAW^pv`kW&Bk7)>{P@Yb#_r=;I{^Myb;6;#V&Eais{=;=aH2XhG^M97+|L3j=$&fD5 z-epn^%Oj5GZZA+vG}2Uj8?RkF8ScASK(W$ZO1`<5#P51}_NLKwH^;cG(&zzxteK}4 z3iQrf+cN*B`(K_@A=6 z^Z{nUn4xUsPLidUCbkP?_rSXm%P;=76|6*dZW#U( zk8g%J;uSZ$27UrA)e7St{4bSPy^;Ul%NihsvRg9~=bpv^)-e-3Pcarh zFVvfVgv;D=PA7SJlk(uEjFzWF73z5>{e%Soy?wEsfc?G=i)=2=uglcE<0n)~Vy}JM zpQTF$6-{%2Kst8WLct9N!c$L*y9 zSHQ_{Lpj^D;9cOHiEQ1$4HE-HnQ^PPyjqqpq38K}$lomn{UR29fzOt>7g#khYsXZ$ z1>YC^EnDIY5)=k1j5`VyUnQXD6km2~dCFy~Q|ELq+v|TPS54+hoE3LW>$c6slG*er z-cjUi;21|LrIA1E#+gFaZqt6GwjubPgWkwT5_rqaE0xte(n}=_*drqx=Ip94k|0oT zY*rT|DGAxDZ0l2F_9D)d&I~*J`f~|#(cor-n<6jeUjozms=}<}(!w};uDlB)!yzou zZZ|nq{z^$B)uib8&@4LIlCUP%5)PuXFcRXrGHjUouESHjP}G_s`aww&-cUm=(ZbL6 zjiTZOhiPzBX+J%*O4#r1F|riUGF=A1sbe$77A8-pBuEp@h^_O$h=TddybMgKWF+QUEyPM|tKB1`D`x5*)0Tlzz> zSl2Ia%-?IEEjC_W*%XXBsqYEumCFq}+}po;yYVw%`?`es5F+HOuJvW90zu>Jm}?$(I!tex4~?U%E;$?V$ zrt}6io8!wnE_luiy>8^dQ;zPLUNHBsW;eR_5kaHgi-w*0u-lk5ig&*Dqz22Jy; z3ai0c{dvBYLC}gSy;E310zeV9qKhAcl>@?f<(;F)`Ud0a1mul!M>VcW z&!K>MIsNyO;zSJVYX`2+sZ7op|}Z3o1~{RH$>l zQ)P((v#Vh~FX+QEsunM{O!_uaH;E|$Yu6o%FDA+MDrfwPxtr^qO$WMG-K>I6tcGS* z(Yb%7S)3T-b8&VH*Ninwi8qBqqs<}6A~l?)${WRc>wTCpNhyy zY#uHdgCX61+C-vcj|T=F>op&UNtY+Sm%g-n_(2Qlt(Sc}zs9Egk_7+N-+``yDCysy zzB0*P-HsOQMjz!weCRt&@>|_th!k(<>OBv#Luf||l~cz=ZWD#Z@*X^u&$s+<*}i^gMf2?fnxr z`kC-|t9Dv?rj-vyJi*75mN(>FHMRD*!Uga_YQ^ESfIxU^#582TSNn+307uT87F>%Z7Hq7nkLuQpf z%EcNUUD}-zs!?$IZd>b=%!bApn>Utnxz_Iv)du%h=Kf9z$IYQFS}gHo-n`<@vcMiO zKaxdARA!T8cD2b6++#JsQs);wFCd_WnN{=YMB?PqN4Rm7KKg3&Dj46#ZG|hSWvg>8 zI2JcWh5hlR=7)WMpCyrJds>*M+o^5yd zjA7EX<!rprw@sdYHtKvI+Iqz0N2UAy4X$+UHOg?#e0DGyPgA@e#fJ zt9IIN6rN$lrcdLW*Qfh;>Yo*xY%+o|>IQb7BR*08AQcS2xE%G@+voqF+Q5SlHA((; z+(}xj_zL?kw6-z~-wqTV0b1B!n3=WkzZ+x;jnbXk&KC0lULDRqE#uLO-K7v(CprIPpj1tt;5gYY0`Yd7r<{yNf)DIF-A-vW8=o0|mMD#8 zgl=|)PTDU&7Wpr%la_Uk>iC-ow=>bcA zy08P|!Yr{dSZ9WVOU1ouKP$+LFmh#hH{X+_9o|op#pBO5kXfHv@CGXDi+T#Vxb(rC z)%&4uy_9mFN&EQ0rqCar9_yl2z9{d$G~V63ab4A_CI-WAtJx7#90jsx+>_orTF|z& z0k(|OiGa83rX9S_SeGVJK3ffK$QL#mfxW9Q~|gM*J^KZCe82>up@1=^xjZ#b0x z$iGm#Ns~1j@Yfp?>svfkr`Os0l)!98RoLmT$1|8FtCg{SeZa&4kfj&X*>@^)@+?wYO-HrHGzcLg=tLeJvY=YM+2Fna1US9su{NL?d`p=;43FaXe?9)a{HM(P1Teb^XCi@#W%$&Myxs5*>;OHio z3+h(Z%fnuo?>dJ`qW1;&iqO9GF}Wohk2cOVx{7G}!ND1Z8@w!E;uhP^!!_%GvP-l# zZ2*<|Co%V?_p0 znuq3reFwWPY%=1vz$Zox)K~WWYrfy)A*b(GS2|Iyp zjdX`LuqY$H*8slFsr9tfsoO~G)nu~7g@`|QItvscLcepq&QQ>|>GuW8qDrRJ$1H)$ zet8%4E4}Ge%4liJgjtEpFP|WE!Cv5{q}BM)IV$-M*j%QMibv@4;IwlJ{5RgXtcx)$ zQQ8=0b9MeWn_aWHFuo%c?bpp~9&!*|X_w}NIyOm8-t1}DDSte9NST_i0g=XTw=0g4vAmg$275PccoL# z8k2-vAiy}gS3RX;NlV>H$D_Ta3%F$gB=ZBw>`BD|0kjeN%De_$)C?$kR`>^YUEN(w zvkuZX2(;Ivbexlf$>a78X_6Pw5z19zc4Py_j`ud9LuFi929(nmhG>rAWkMZ~3 z_U!Oi-OL&9T%;Ji;`i&5+H)Tku*tY9&`K*Z8Q%Lomic5@9Z3H;lzLlC#>As&`WbM) zZy)P3l@@^x3UllZ!o@u3r4NgyoR#&c|ARuK_rEQB92e1T`Je!37^;ZQGD*s4B7R#*ftUa^Dlt><^gV<21 z4_M=wxjczuIGoy6_sT!Lfc#nGzM~)J!17f*k$tY7t`|Q9_XQ2k^deMCd#!oG<^)Is zKOB&??D?|nJO3HGu1dFu&En@+6amB(8JSGt6bXa15;-U;1Oy-0n zYL|W}#7~F32|W<#DqdiefZPtFR3Vv;^J0!U=-$yA334Uep{uZsZGF?c|K{^U5r7ti zMJJUD%&qtYOMENGaA7AtFn4s0l^@;7VD zVWOAm<;Lku^mOcPG~IO8#TJFp#t%ui+XyY~CS#M`q7b7wXgb+YhPt%-o4ZBGXqvR$m`V}kMMFjPmrrohnK)Pn1Tu*AqgW17P7w$ zG5kDkGG-NiTX)BIZ1vNj*6<|Gv~?eEsw;LmhCa#`-y98R8h)o;Q9KI!MO$G~==C+| z;{_7@VZXE5a-bHSs)=_m{634JP?W*(K-UhFe$a|Y^#N#ov4-Wl|7qmr!RZFFisn{S zj}YNDm|54LSUv80Lq+v~RHHUctHZC(Axm6Teo13}l84jb_u{<@O6n=x`QjyK-sEp~ z0p_WX?3dJ!HP*#XpBw8c7IeS{)?O)rhxhgr7I4a%8nIO>jT%_z! zc06Z@aoi~KJD&taxdM-#cXH^wS6Ai)Uewu=9{mRHgo%o`OJx|!(doytOY}_lCDzcA z$~zqQx5U0f8sVXDdEs86+!|7jekZ1i*FKyHKoFR>o)DQ^%`lr46zPq6Dg0 z^jz4~K=9d2j>B?O!&ZuRzb7WeiHZQjs8Mh_2y6+&}z`}p&3mtlHUo?z!aODlQ%o0V*r=`_1qA+MkfM-;Ho%A-@1P&=1kNRa3%K_vb zoNWu}tO6l13c$r-#^%=Y@3HW7e(|&Yr3vNi zW3o2-y<}Y+0s0O97e|y_zM`n5G-9<#auW#a`?9I8?&QfTNn<8tvpW3x&b-f}$zem5 z?%XfjmUdKLXY@i%J$iCX%+-m&zbsA8GF~C>T{}h<=~^)91j(A;8da$A6tCGX^6!L?aaZ>MYjw(C`=^VP<*O&47Q^ZuF~gA7>)D}%8yyxVAD42r~W2( z`@GwNKn@2U9rsYXUq5MLUPaOcSy&#vf}w5FmBLm!+R992fw&6Vs8;z=~&Nx1%xY2&Y<4drqIhpo{?#3v>7WuC2` zu6>X!c}=B}z^63MRClBHtW3U-Sy{)8&8qYO8k`hb&@~=JrNFS~Eb!xrg+GTzp!l{v zZvd3}`kgP|nMM2Ed%T8i!VRaIbI6Sz3$tJ( z%ao6NgqsrQT@o&sU-|a|C6nsbj|5RCIpSfKD_PU%7KW5D1(l5f9M{zo5s~)C9~ny! zO&W{}#vZ?^9tlQm;QKXG`H5(GH4a7jCM;4;!uF=oV2< zHQNL(o1GAQ``kI_VBUMe8VhF^JEI&ooL$umiuDqMRu}h?jS@XCa76C>npZj{2D+Q*;pT>;J6R+60g9Q?v*Ds%Fx#7Bvq1uA z%hqdjoW$GKCMBuIYg2sxvc|;H1-k;z1K88ehq-m|;j&j#q9*F{#tFO7JAZY0P1)~P z)&$~r-(rXZn|`)`N}=-y_1V3XibV{SC2!a+0vJ|o1J|2Zg)giOECJ=^l)thgd>K0e z<#zkW62NC4+bTGxM$|IJ3&>sz2o?%2Tx0KExxH}sO%-%<*oJ$v?^6C4SMCaRONTOC z;(aM?lXo6M7`C^xqZ2>d7z$FaB4~r3^YOwM*e1h_{<9Gp_={L6k*#c_=(Bot(ile? z_Kn&)#c#@xHkcb+ZKzl^e6#0P*7e5t?G6U+DrPQmkgV`#<({baT|#Kwa>31{>#Lgb z+pzBjH^JC%j!uuxJ;HA}c$`DX!{&kBrwJ;lx+1j}2;)D+%k(q^eHOi(j<9UC3`e%% zY*!0o7jkC{y^&>p?Jeh7_^TGxf_ybFnlipWC2qNBH&N~3Fb#?~orgNw{BNhQeZ@%b zAW1_ZF?M|L>?pv=$ClgZ?(6XN)fd8dy>;khX0+c48?yGL`d-4CJ))$xzN~bLUWYyt z{az2@bCrQnUes_0>8+mt>KCTH+au0^M`s6bTVr`=`+XdT$#xcjw^oCt#Fv%3>@L?T zNm7d`jcySOK+zU{x_v>@?5&t5D@XgQeal{F_k9C615WU!ij0M|iZ zFX02e7D8^S`9m$4OG}MUNG@M=y;Q$BFldc!*~)B+nT8|0%&+ZBDo2uZV&20Iz2VlP>@n&WeE->Ga7a5sv{LHiw@qky&N{)g` zYWUsDn@L(xkB`Ot3y5eAnwvn>lPBVOKefS5RLi#wYO?`AxL2|sBkkXWmqJ32TE@<& z*clofKo1X82{K)klldI5f%r|Igt8RxqL3Bd79BvEX3;e>4uA%n5kE$`#Zh0X+TsQq z`QQ z4jxZ*#a>{!oQTsDg^Z>S(>M$N63FE-Qj#ihb&jQ28vr=QlIQ`J$W-sa9hTI_3qvmD zzw!uToB*w^wOgWIB7=BV2XHh_Ku`-=xm#ep8vVLSyJMB4R5EJPqVl_Kmu@NlhyK5 z2m2$B$6H($G~a6 z&)d|q&qD8TI*+!;%`)#}8psb){etJ$B;;e@e4G2b+PDZWCSifod!y$e?hETQ7E5Nk zQ9p5)VH3lsNkRk4nTAC z`)}3pY3S~p3aK9;dakJ@v(&Q8Xg+ueK?DdFg8}Aloefiq$7=2V*l$m7J$Btj9leD$ z*Rm$3jZwHnSMMJ79b}q~%Cmcx@+(s-LJar9F8JrkuNxZ!BbB@J6FmP7B0iQ(? z3`}23Eob`-yu}%uq_O1TjDs=nnLVqPi~N;^iC!1yj3W`~dY>1YP9@I7b-WvH5*Zzb zk4y=4bv)RJL^YiHF;>-Wz=&~<@T`5N*dM5Ml4Ccb=a0ubvg6lx{tn4L8q|AwtoryVF{M|YK$kT55#QZ zh_g#ty3FE4M_E2p|JeGP5Pu;X0R3@#wAAuIp7!#H(qA>0U5Ftb5n9XgA@sC3sT|D^ zND;r-QG$GWzlb@Mi3lrZuG0WKY}EZ<36{Z?z41;qoT1gHdN;nqlTEE~MIe^Tk)Kr) zi_wXSZR~}O>9v{<#8T~KCS0+R2epRWteMPtk!*sa=qDLw4W1iM@_QKic#Y@1XOplX z&>NBL>OkO!!?N z$=ja;9Xo~eeE5o%S3Ugb3RFF-mvx}$E_N4yaX485K}6_1D1S?zphR_td-lJ%JPtCP zJKfP*FL=9~?w;O&xr@m|5bJG~?RQ-?kJo_kk3@9fi0U^RaXl*{sO5})gjxrzUG@rnXS4+G1fbM=PQaEi1bCbjX;#I?tw2Vh=0t?+ zE)P#JSHGok74$K!3F_{OJS%-kQ%U-&J^8p0UvLQ&>gn&MVI@-L8i^3G%-!+bVu;9F z)~|D0sy{3iu7peAN&PMScjLV}<+&e*S@$iM?C441R9^B0W%Z7rd4Nxy&9-Q#7eU|k zQM>3J&wX1MP^mA7!k55&$NzoyGt=Xy@`&3&dFn0L6Ef%4l9tEl8>_c_BZ3rwrH9Nz zp2LXU*uR5m*F@5^7Yt>Cy%mY?#oRBC*9kaGzuFTzDkx3n%F1(%B{-et z+^J5L+dfNrHY6Jh4mr>EyVIzCJHRD0?Za!x4P(`jJk4XT5EhpbVh7Ny0S>||%*NMB zDzKPCPPR&+e@P(kK2}8zp&(wc2!oOR`cHfG6J+H*R zg=f%>;ynpBGbu7|dWb?1!nwzzsb8R)E;DwsG1w9LcQH?u1Q(^O!$JqbvEejwjtwT_-J7e1EoL6V@hv zCptJ`^=Fjv;1S_Pbh;FCbh-p{ing;6XgZ~IPDy<=Q}2uY_|mMe9sO5wNr=vZ58jsQgdax__CwB8YUwx^!y zgH-yrQ8L<$v5U0w?!$auL10rW(nhR&B069eLK)%;s-yk=Sl?FP_S^mFp^;4g6c@lL z=$h9o5#aQOWO-Ak#OG`Rfp(-wSr!>f(%T#m5lZ?NA;CKEL*&9v__n-cM-1j z)VsqEL=)o#WRd1on4G_YPzqj0XdHLM%Rb(=WH+HoNv#+>4&zL^AEr$zZjJ;--)%*D zdJ%n(%OZsF2cH>_CRT)y84(;TtYv+CsyqI&sif!`uUVHfLTp9!Aibced;h>%ZC+v1FEdRA3OWEhOF%opy{BqsM09|0R}i zKXqt*?6o_YCuiz?+m}b%N%;)%iTp>?ojgAt<0wlD(J{T8&xS30#!;&ggnZV%>L$}o z_eP^WTgP7V#eB72wPvfDAiT7@s6Nn~t}-)0SuvyYd&SO{wBtRO_+m$RKW4FhZLy@g zfBtJK$5jXck8dixRb2^if9kyc6;%ApJ0o?XYDeKt=0B%z5IUf+0p+|d&K`YVZGT%1 zH$P(gSaR~l1yvQ_5`oms(`8kb2@sBSK*4&i=bos7O42C^FB=i)#i4BeyyJVhrvrhO zPPe=|@?Np-J0}fww#c^|qMbOI8Ev{}BNe4+>_y~c6vvJbhz*O1dnn>MQ98UCyRfc9 zz%AB-{7kO6wDY(W-*q#b;oK_)A=9aECo2zSd!k1I;p26fZ(=nrE9bUiVrJ5G2qy(X zHI>G`ioeZO z2&*_25gi;uWWbqRgbv>xc@*MCp~jKWu2afpyRz#|Ru|*EX{_nnY!y2CvuXELB1&lOn^?EC5J)AWPv?=o(9Q9*Oi1#x4OwMgwXFcF`mE&OW*^f?vv6}B_&0C=Z!T%&&xe)$}>#~nr{oA zEgt%X@Ce>nIa|zrPIsE7I*!Aj^^>JDjcF-5x04+Si7w`&-9Hh{_61#AWRAj*-WtuOMly7~ zpQJ36a2i3U-zDq(=V)iYE#CX)FJ3+Lo*vOSprbS_FfdFEzLHJaDG!m1xbx@C;xzjF z-bZPZnaB7?9)2fYtY?I4v6kY_2Ke-oYY_Ln57=lC3(2fJ2?~6PchH zVcdijyJIWZD*i?-kO}|44V7mxun%Ki(g@f?3l~;l6j@P2 zDLmd1-GL$Q8T##~`4iu#-I@q|Wd$qDipUuYbnHmqzw$r3O9kE5jp=g4KfM0ltNgteu~SGK9+V~2 z5GaHSKqG_{WYnw(b?Yi$5ZdfHz2`Fs-FD6qALY<#Rn@y8egsC!1RJSnD^qbsNx zE~9paNUZ6X81$hbGXl_TYip0K2eV7P4AJ&~qCV%+26{u!0I%7`;6~(LVeilGw@Tmg|`cC&M}apkTFTGoLe_sMUjsQTg6t&5t~=y2lveF ze&t<<1W{ybVr|Fg2tW|G#_TdB3n&l+Hut>+NqS#q?{gwmw$s$b#e_16P30lUJ)GD? z`QN$VGs8SD#DKyzlmHIIClQD?K;um?7F)qQc?03bGio|4_K+k>IF3_UR>=7 z?;+vDoj5WGHNS{BDHCg1zZ-qAc|}IVUupgXC+7}aARDKsO znkP@|(bKD5$4e;Im|@D2rw)tN9E}c$p}iV@G{WavA`Krc&rCSp+AmO=d~U;-yC zV6$x~TkGWvwVRi;h}JV`phkr6@l*D3F2(O!DEQD!7JRwLZEPk ziNLFHyL$N-h!l?7fSmCL13j9v#jE$>Hb+u}QD-TQbOYrySTKfp2BIEg|0g_>p!3eH zF>iG+V@%}CQ;Xk3%al(nwl9${Gf%F@pDB`dG@oY)R`g%8-|>jYSw#6$R-l!6&tpS<>{~gGQdHQOe?|-R8ptCmQJ+ufwtvW%KgJv&Qt--Bb`~iF<*V( zP z^UzPb>_S3YM2SDQ{kC*OCa8)u?sZCPPl%(4UaaL{*F2=36+lmBecQDn_TiswP@_DC zyCPR*oe8`PjTTsla^^G%H*xbWD|g(?)_G~p(E4d4TOpQcC}@kowyShk_8Wk z`=Ib#!>7FPZ#JS=eK3$Ipz@qdAB^Y$!Wx;o7|=MQFCM3NrV$@C14ZQ;=UUy$hSMJE zRzw${WT}4fnq1y)5b9k?iaEYMW7g97jjYZ@JGQ=oO=!WKBG>6PP!u@KI3?~l(O~o0=8nfZ zTk3z0Fz7QdwabkS20yc{zqUJCY;@gv4FVS@^O%{kYZv8gH+UWz-fU-guszF+QqIea zh`_wrE3Mf0mhPNjJ(R4RF6cA`^{!wVcU%*6jG-1OP)=mI-N;vr9qbClS)X}>IX3uj z7bd16=9^h=qWimC{%W^d1(8Bv18a!2CIA|>WFo`2HMDk^dGuzwHB9(=K~3b&=dQ=6 z0-t1u9ubX1QRO*k{*%?hTF~cScwoGq&0cYK=+ATRqk>5BOv=%d+jf$oGHj^sM&T?h`5qzvSITLS&%9$fznwngsTn-iir^UO@-P1!yKBCO}Ts#5c4<* z8)TX@%J1>t0D$lMk@gdf@a?A3_J<5EEh&Ehpy_f!(f5e8B}V{*6H^qd|26(vNO#Ow zxMi#@#2pm}=p17lx>4|vEGT0)uubTpEuOIcocuYnjZV)KIkpq#ob*#-d!IuXP*TLx zUHw-S9`TlKFT|-tNPWc3Qc*Rt=;SrgcQlB;d zG2kU8F*Xr4ZOLgxn796w`v2Y%s$$`_>cwqb4Wr69_l6yn{a=KAbzGF~*0mtW5W)ab zk^>@03W#(K-AZ?gs7MdpFf>w9l7a{*-5r8-gLLOG)X*K@&3T^peBXP{dEf63`7wXV zeO>F`d+oK?-Xm?2ONZy2?y)O?oGQ;v?{4wCzc#8W_Ao&AJOkS3e*6YNiAq3~^-Rxl zdwAN)YKi&}HO4PImXYb389q19T;`m#b(DpyPma`1e(0I<=6-$pEjuqye0MU2M@Y4+ zs(4)Rd@x{>Aw;I@o6%2Y&2BZeV0%UFd1RBwXmx}hM+}o>ZU6??+&g7JN0Oyv4kU$# z8J7`_K=jsnjTNeH%V!bRL9TnPUo#l3s)Xxk&U2R1QsWZ-ZheVhhOo97*NZ&MZ7Y?h zYbU;Iw*JsMRAHa>-aBbTS2fUk2f`p4G3Ut=gNVHJDzP3RE@`V9%s4L6jy%oIptk%U zMoekY85I-ajD3!!&|WAdu<2%rB`l;q~S^*=i~O;qA<>tJY({`%6osoepORs*+Q)<%fT2R$jwxl3(i#WDE)}pa~I^ zTf9xWM>zBmk*?J?zf#~h2lxNG4C z9y{8J%6|e;v;pX7b4)Sa>qNI0N&nMmXS&kj_GU=-IREvxAf=R-%2CZQq}uzry2=TI zJ_!fn5iS%S1-D#(GA|}B28Th72?yiU$2MI#RiFbLxAj_Rs^kyx*s@z3r{IZZ+^Vv< zR@XTO4q}%;Muud)(G!u}!#cnGoRxT|cOT)(XQBP2cbj;J z_q@OB4dZ*ShRg$QQUUvq894pvsw^5d^qAps6UQKn%l_=9gNYBSAbdo&)T~7MBI)VT zFvO<61n^uA+D4lE-LsbCz+ld1N)#fwaC`aTB71gvnL=a;VV)k#PU(Yt{guk^KU2|V z@q0@h;Uug%gICw53*T+#>fC)chB6O^Wog?pJ15g(V*`&SV?fR0OKjPQADTKiFP>3& z4_)Pb)rgQp-jjqqQFa0$CzM@99OozZ54yJUDfOELQ4%5C8|l zkr?gs@tKU6Amt2@E3Qh0Ae*uBHoH(&AMPT#gQ^*0pvgIX{)9w;-{O;-;d^?1?Q`M4|_A1Zdk2b{`OO|!6JM{mHFfcQUxs5dg9Bh_4k&3 zI08&-?5E~uAgSaxuNcILc${pA4y21%~`zLKFctBkO;&sJ&cV{4zk>fiB`xG?)m=6H7 zgokUP>Bb|#97Jd2_PASg4DNYUyZY+(7xNsqSnK?}=SOQSb6FUH$7LR!k9R~e-h5ta zxw{=OI{Fz6AK={Gbpr%sZl7@v`^RfB9O=?BfOp;ItDWJ0?E>gQm={UYgsNK#hyG`z z0<_=?OwRo#1hz3GG10W&L3se&>1M+`xYiVSO-HkSitg>NY!x?;Ll$2 zP!l*tjAgd%p-f5ieVXw~D{Z&^cCzE9V%p1--S`v@S2uGT!0dES^!iAh9iFR_HvMAs zyeq@=Kwh@Qg{6QRZs2n~ro9Fvo7V$iWZ~oCaI~i?sm!*G#|eWPwI{p`sB`P;xu@3` z$Bq{i&rN(IXvK_9YdubF8UvXPe`-9lOl8w8!+6w@7W7(($8z9L!|d9p$GowL#@@OL zi5xpcM5#RQhUf%b_e?4T)$gHQA5R!3{?yD*rf&?iyZue9+I4=2uo$3H%{HIapIxyl zshAp7oXY(W*rws160k2bq3;x?r&H?K@m8Sjt+5?~=~ezL-=kQw!XCGV5zUN{Bbx7d zLJS`%Dh=pWgJi>c0MUA&J!dcN)xM%LwC++gSA{xLbXR+}UHIw$>KXsX@UZf|^kuN@ zQuo6EX1pabBjjA2)2IbNq7o*IJd{zF7pCDoq0h3-RrV5snd&$LWZeMT^#+Kv!#|fE ziUP3|V3?iWA*cjC@!$x*BidytMl5OEznVA8OX(RRUEhNAY z%US1n^fUFR^^;S#pdYAf~A6V@Ciu6j_iHQUsfN~?Lc0pgfk2YS<4dQY( z(19lK^_#sLXT2|X0FiEgJ;gQ*n-=g5UL7dzI6dS%CS}*#s1tTO*ic_A6#4Ln`4U!I zOkq05z`)={3p(`PofVkM7e?NmBWS%Mf#}3$_HMSORJ-{EtzqI*wJ86r%Yv8D{7qi4 ztZ2ivy{+iYnYnI>iQkDsu~B1PQ&0lC{w4?E+nY$C-67$Aa`2$f&ABD@2#rO(^G@s! zV=qR>F)!H+*OxTjXQp$rpq&#QvkUp3*1vMTKXLg4mFM-`?r?JZ#?W_L+I-SGfVvLe zjGDVwYGt@xbP$`bAhGtTXm0qM+jm;STGf+50#Om@woH`a7J$amlt9!tco=x`HZ`Z} zoUC-~U_Z2V)o9>hw1G$24f#|l|6@4#yHKE8#h`;qngl{H&T8yeQn?^y$#zTDGgZeu zsGS#TLjSmqxg(&@1f+t|U~nd#%sIEdT(IlxcSSO$?V9&duhu~CBVVDwUxBEf@934{ z4tJmxaL5*wnsk5{-JUM^C|AypYb~upq9xwJH$ok?3iZ}1N{i2dg&zk)k^};oTWK<{ zg>K+57okh?R^Ed@=DW{b+fy(Ja^^UjujnU?eHumK6K7<`o~A#KNGGD&vDa_#X@qq; zBB{43Bqp6*2ioXv_-yBeA7jl1o3;fBAmE>)jj{|ax((QZd8$k1Uqde{XE#2mQlpY< zkcT zB%o-EZ}XT<{G~p#YHB<7Grmb>6yM)5;K9SAOpkrv_W?Vs#SQdnf=(mSKoG87p^ikq zOfDri1(-!$S}`q9bT6SrxwUz&$;gU2#^s>{2(Cc>y;ROut%16op zbW_e=%kjA+|1X{8zXGHm5T#CD22F-}E?31fzlM5W_J3}paI4DK%zsM8VNjB?;ia#k zq6E3-VcY{=-rnK$0CbQ(fTHFikCQ3OwHe#yvCF-Y`6}xax&pzzRrmx}5$*BTL}K@6 zrY$ws0?K`AU^rItcTm#Kpc!lSO!{&Xt8mY+g{s}T`rgAqvEp#g!1U@F=+!_9Uorli zQMHYsAtrv!(~qV#r`X!WpZ62 zz4rUj$b#$2L+ZNOHB+vGJntv?mN^m++J>u ziI@&o{s{pEG%TS_@8zH4|&5)F&@qmh1U#Q)-M{%bh~oirh{PRZA+{Z86Q zS#FNqk?)GbMO=n;FqJ7)T+%Lv*O>!p&`RQnyi^8Re5PRj*3OiYt(=USRk^6}=*UzQ z$Q~c?;iS|ivH!NL@XLG1s#})Lpo0Y*K?cx>LdV4EiW0kFu60C==T4^|<#3i)I?kj3 ztxz5QQmYA$(r*v9XX>?W)C88UbXM;#VhU(I->{JiO4?SW<9NzukZWni z?0jF0^r7AK=-nT}HpmMz=4_9JQ4=YcqYMx@fQL0)`u{$xFNQze5Wua9Qx_ys=@U7P z$I;J9%{v>Cu^3opXolpUWg~jx6~~JV^AQA`Hm+tXb)H|+jHxomAk37w>&eP9!1N-p zB4Bgx5R^d>faTikeXT?`TqPNV7lThNxN-19Jy$Su>l-hOL>wgR>g{0~u=8X0LlHqt zFpxlp-Nk?lT_v6d_`)g9*3H7$?VGv1cKOHCjR%g$ae#}zT{J4L9K{eK&`{>w&*Az^ZJb$&;;=ZMlbo(9(xtIt$fZ#_CiEf_ylN?HWw ziLy9becI@DZw?e;sx$gFwbB4d%$uPS_0;*PU0ih9ANBh{F4&~TX-lg+8WKQL_xhWR zpk>{c;6`g8OFI_w=K_M1iW3wU>6~}sv^Cy6=d!TF1NHqPUTrg%4Rnt#?5@uCxlLN` zsgwL6rMkJfw3W{gZM0cvaC4k0F%1}W^f=mpG&?8;nK-pHS}F$H zc$KRQ#X%P8S0@1Z6WOGiF8r)|!MmQE)7esdLZv;7#EIPXk?m~F>x`8xTQFG8YV7BC zX-AhQXlx-ZW@wWDZ+J8GRRZ8$Xb;WS`@X1ULNN`uw{B*3h#i}y>U&~qbs~RLai5q| zKn!i;6N)fkp+qAt{nKon<1`^&8Q69*ML#iD>k`%)0%2pt?go461G|EdTNR_kdkpQ( z;Q-C~HPA;oa_zN%er(}WzE=d)m@i%(Vie<&hye~Q@BB$qC{YV1XSo_1^ z4`T{4pB{gY8cY|-m)`47;S)Nxp00?go_FsRSV)XE%9bOPH4${$jMFI88?)?k(vJ(v zkH$y2xem9{i7o)m_%gG=>Qi>%R^WH9xd$|tdy_#})unKv5mxOYwmVYgg9`4tm^6>V z&cehnFSi^dO(i%a!)fxmJQ+a0ciPzDBuNf8-43R4mjg&_HsCh6)RoZX$3|kNB*f10 z;(YlLgm~#2?fr2MZHjkg+9NiJ%+4_1AvWIutr>bTtoaXpDO7;5**p-K9TfT+g%g52 zLs-Q`N39Qs?alf7rccrfJ|(&f%-`nTlEQJ(;Hkjtq+FvEeE83$MgTe3iIAhi4W`X!811iHQVz%VPv5Xz*~o zpBS_bn!+zV1<0LKYctSh7$%UK1;he#ZLK1MACkY@cqpOerEu`baAFz*&9d0xz?}myRtjA@HMA0mmNTU$)&+Yn_$duTrtL1yUogW6j*h zr+b&k(eJPRoP&Pc0wQNOkk1%hc4zgjWOcl$tMt>H5NR%(f}?2ZffPJ%ft5d+uwkHN zOClAhd!z!eDj>gX-J#Xd3J&X2*_ok1CJxH>To5)hbvLjc z7qGtP&N(I>iQzCDd>X&~rB+&{KrHTwqa(o`p%hV35W&Ag?6c!g`Sl5D)uT7w_XWKE z0ZhMJee@%x+vdjO2D^VnDu@*wh-vWv8CDy_M&}l84hYSD8%!I_C)hAzUB6Q`^QJF} zD{`XN5DNu!6)QGwHX@@Hgvs5BIQ60P!F*Lh4K*GG0N}XjI$D$bw$~Dk69z>u+4MdG z2Mn3?Ip}5@zBtjor|JcVRTpafP&)v^r+kq??Y3F5S9XR6a6+pA1fqK^of4r$jBgHB zyZuA%HQ_CbLJt6VpVkQi>ErLZ`aId$HU63HEwjiRL-q>!(p+)ac6woJ{cU{B(ww8_ zGdgMgypmlOb32xJTEibm8i_d&a?`apZ;i-}TbQ2hP5~_regZ4UzB{JOddqErNQ@Fe zHh{0#3#a7%a~seTUOz{~05X1CUW6d>-&OCuTg7{|HIT5jrt1@ZH-I$;_{Xs8zq}Kx zTBdNkR)3tL2Y^}XdDzeAZg3i9M>xV&TxQX`c^R^I z==?&TEn27Exp3W3M%!0{>#sN%q&a&F-@Q|WF*x=21faROsTvlSIT?^Vm2*si0K4=3xI_3d5xOO)b z)Dj&pReMjct%#gd{2t)OgQ?#2#c2QqIk4?-L_HQ-glTHu=aZcst+;IQ_h3WIEeV?Y z_gmvR8zZ)VP2g7xMB?sha8^Jt$e=TDHNa~XfhK;70%V2X-^0HS`VmtKm+ccEr%ra~ z@^3NcB$8hA#WIE)0Br&P)Dw@BZ9@2)U_SSfphHDw0;hL`lzcXi_%Y!1Yk$k1^P>?@ zv-KhK@s<}&8P(lOBpyU-j}OM#=mQ@o9=K+)+5&#kp&@I?b<5z)TGv5iD0ha*18m@- z`X--cD&LhEs@STsIQ0))zpao7{xcrYxe>K|*j?Sbg+EoTOXdC7hq`<2mRm}{7hgsc zYH2FlF3TF>N6dtC`%0&9w_A_a40P1dtH%vPiY^63(l9uTFMT7u@UcJ-gV$k~*y=%T z*DDo9EiZt~Mvgs+wO@I)|1CN_f;KEp(5c|TxBrVvTl7pL>5K-X-N`?b(0}^{EQJ1d z)NbF+{{68Kew4SkJE`L~@_L(aWRO;nVdiOZJS!Pz@SC@U$Wgf;&YFzoO>7efS#7rJ z9@!}+yY#Z!JBina)q!vD?RNl{VP}B&JUf63w9VMFEdg;fn&$}+-C}txRnmko&Sk+p z=C?Q3Xej&r<#tBnCQpaWKhLHb+{#BuS=9t#8+6|l6BDM&Eqh}b6;tctD(*+29`kh66h|_v&ak@)!i#z!+o;t$TgxYMq^WLijTe3f zg7+E8AAnY}-gRV}Z*TNvBB_u^Xnu`=taNd<+WmQ?*~cfBgK>ur>wIsi?U>Q)a;Lfs z$QS&E^8i=k(9GA0AIsP7&CT$BoGUuZ^jgk^c!}%p2YYh2Z1eMi$V$Y293gH^5udM{ zkiU7*-s%zy9*7sJBONLYre@FHx__>^rXV|ox%Q>W<3!6Z*d0nPJQQBV%s{aiYJ5G?XwCDYSn0G#ICTBgoK0#t+`Z#u@sh)!qpVwr&uYsEx<=)1 zm3K-b?NH!p$ji3F*_S@hy7vL4t;Yl{cWS_kkCU&QwHWAnB5D@lK~VwbcW!uGRnpVK(so}B9p*>zI8be-(XSO6JQ;*;&;C7PGE^9EHw z7zb9V^0kN7wL1aOQqGm-2f{u6u1B`3B+}F+bODMBhvwG8d5=8QW;YXgAr_4i# zkCZ535zaMYuFm*W{ELoFP3t5x+=n+9b@L|Eznu-*AUTJ#gH`n+yB6ufZWyO4fLQMU z2%0XR-*v82QWmzdl%QC{`aSnADV>`78eIH##nQR5y?>z`8}6TVFeaEPv0VvyoD|Rq z4Y^bTtn-e(--(+ysN~7M;gYgJ?BD$rJcC~ZBHvSvmM@{M?5O`cSfASU9EnfWgin3cfn2p?UWOQOL?;L%fhG>;XCaPS1DtL@ z$+XUgc&suFtjGjo>n{iye@co?(7XS6J9EbCa3kL8`fFu`Xas1mFs)Lx)fWE)Iv3_q zB2W2d?E*-vz%p0G%{K=ggLHJq+rSoeR0pjCVHUNI!ArmcWHTMOk^pr-s`tN~%T>+T zAQ4rdbCo;`BH=VLxTCArXtY3MgjB>cb$M*Ja>B?FBO91ilr*U;b$6=$Zg2j}pV%B+ zcyqQwa1NLxfUQ)xIg?ZLdI59uKkRl)VsND(Gk3!751rDiz6>$rQ`-q(5fUKA{?KCI z^Py_E+^rXc2G%zl)H-zEClICs>M2K3^i(k)Bk${D?d!ogn%A^8P3LdF08+S7L4Z4G zZ?4{D0@uaJ=h_MJNLb7@QuK102T*tO)g#mBrNcJt57&ATagtJoWp6^)!Ey$UDj{tu zPENKlH|Xe1r928!R}$ar#izqxJ%)=kkeQ%E2nTz6Ih(1JQ-jFET}WpDBGe6#Z7-F4 z;7=MUHJ81Pq^HKjcs(g{I?GV`VGPHWgS6I!<0f4oB+ZrMuFoP&R>PFSXG@yh0Fq%o z5qK{aC`XA7asQL|x(w*mWE3hv*4VWdCZ}%Vh=-K8~`$4cfbb@OPJ2hl5+Uq7E4dlq+h!@!%I0?OFbbKCrNk^Rd={ zi+2B9Iw{@&x|>%Ht6-rl7KOTV!yO9~@?WQVX_|RtQ`(Ds@K|fL5NO=VOMNZy2T~-P z-mtj(TK49!Vv6V8uyA;fUwWm6O=wqi$Dzxd28}F#+O2TB=&Rb{v6>IGx52kd3-e#} z@1~w1joW818Wsq@sH1`k;;(kEVmu2YK++4EEWw7}fC@&AG6u-^YAqstbcar1veknQ z()gx3c3Pdt{}Z9L=fejQXovotlpld~UuL_|Qy5RLCUS^@kF8(BF3j5A(gHScW;$k$tRN zaVj9Na=g3WhQlZ&(3L7su9POIiExjCu2%XX_=UUX(h=R7a?Pjn9!{$d44%+aw$#6{ z8ZWqT3jzgN5@%sIJhSEj#+z#)QkUfS6H)GblZf$U7pxTa7DW7GB*1p z4Iuc?-BxgI{#Zl6}FA7n}K!T^}%>HK=YZkYkt_ z@O1b_2U_9}QV6S-N>ltk6(9VGWPLgFwm(_^o6M(*vl`QDcY&Ytx*^p-bvI(Pc(Uv} zc|@tC4@vJrM@KI7uQyXGt=^NO^jm87%2E2V>{NU9a!KeN zrFZAb4BT>_`WJdLL(|QLRlVD*%SR&tt-odd8*BY%^A5~}?)HHs0bN-`?$GW9W2CG+ zQcq6X=TY0Outj82q-5L{PNQvw%SVy7&R>IA!$;an178(|muTJ|L8`#Rn)e+es<3=6 zv?B}lHlP>T&#wpp%;RzLK2gU3$PPnx_4`p7pgzxS|0EIc;QVOwK)T7e+4~}D5^UP> zi4ySw`$=}22T^()pphg18|wKHlR|ra0iBdLayFDw-za*vh>c7JdTn{1dr4Lp0)^MW zDZWH&6>(=&uPm)k!7a!(k$^^cQt@lqRtZ7OgLK30-^sLwEoEp%`<>Zt)A}C(F zE3-W?fhLtE?obGk38kM|RxhC!ze9=5cg84;0brQz z8F?4XKLlko;n5uLp5n)_(M2xbEI0DRJfrK8r2Fj{DSiK~J?2HBL2X%u)r87Rn_1?& zeh>`~N(jT5yuo>?5jP+Ye+dUwg)R9o%BPPk{3G3nWC7oUOdNEM&8N!APrwsIJwr?# z?Yw3&pV)0$g_?jMn@k{O8`Rzh?rdH~)GJssX*w30nE6jnM~!~oU%_)%-`N{P4 z15(RHHwrQDhQr;ZMzl5-&7bek$WA+-S6p_YqEl?@9}m}tu8$`h9**8aZA*8oR3;v?Rl@}Td&*80XJ1hmuZu9ATC+L zovbZQ*+lx_2>|eo$Gez8Iu!x!VoAg|`s;vniRVl;A%mSZ>>GR?%pqgs;EvhN@ii@wk4a3(MnrGVYq36{n<0AiRPgGz@V9Qm?DY z;}qSHBE`_;wt3G(<;J8oC4K=MB!TGJ*CtD#M@#IAsDFqnl0;gKO+jv#k`Z8RmZYzdwddcSQK&qV$Q6f5BsAD9gX1XO3dw zk$=6E?(#8rWon^79e2erD3_K8o`u+ge_z(X6`chgcE}0$0kS>;DKH#!H^q}uh9`AE zGvV9~<={O?gyc}byAM*olR9bu4GT7DXUtZTgy#Pe!x^+w^~LI#Q7PH^23p@nOlG<<&)d_gf9jYe;dVth(b`8h0JZn4xZbnu=BFNo< zV7It-8`)(J6T;U&LFk*gN(KU!qc*qf8VwYMDwfsU#qR0ASV!N^a( z_++rbTNuSp82{by`e-wF~QQl7#cMd%m4cfVn|$mIet5#?K^Lw>9-E zf?dmfgivQG0xY9)B7Num$DBZeDX_CAwiht%;ktS!mY?FH?l0?=z{#GIYKhZ9$sHOf+4U=;w=_WJ!p1eWyQkmv zt8LH;fXiWrkHYtyndU+ncc_cR&RweCD;(38!lu?79 z8{HETsps%-9mfnxFD?Rf9&%BgwqJX3ostd`A9&XHyH3}uKl*+8g?o^j6n`;gean5; zk*iZD!WV&KR9@v8fyvgWNn=S4Jz=P*um+;Qr_+XFm+1)8tXGo@7@oKGs?p|@6FNXG zOHD&r0IcS6`%MU?U2qBMaJ}8O91B?m&h0bHy#;T03f}|U4{%T?AKKtO`oP6=$w!Z* z?zOa%U%G?}5a_RX(E_fR1yWZvhGdX%jhF5><|rp2_kcNk+_IAAm?+x$Hj_ROQV!yW zg3POi3{F1giFvw>BB$4aq2>)aqn|I}j?RA+a@j3VkFRO#PH``9N13rbX{#o3ekHA~ z^Mf=Bq87~Ac8bIE6HWj_^IoN0Jq! zILMc}yZ`yyN5l{4|K3~R-mTFk6y~5~5I8tx}fj;e(}s1>mVlW zBEzHcGqHS9gZBc4*1McGd-sB^L;AXUabo)Lt8D;4LR-tn2Y!6K@E6Az##qK|u$v?O z0HL0D-zy5_$5k~95w($|#=u=E-BpysVgiMM840zY~nt4fJZ%kx8C z+csCg6~^s$u=-9pLOcpb2qmCZMKP#V-i40hNOy#X@|~AM3R=~vaizCWX!Kg*uhM{0 zs6}Y@C7W<9zzC08vEx?Uhcc`In*C>~olA^-mymQ~v8nZQZH=DX5^L7ICO%ixA|~oa z#UHYcX^KBcB3$~Z{q##~^*x}+d3&a{EaY$bV(6M{C8c2(oDJb_?Q`7ZT!VVTVdeZC ziD%&+Q7FE3xYugn4Pd4?P6dC$2#;tXKvC@Ck}kK{71lajM>PuhC1(Fby)}l1QCx;2?vmMMo)vV zN6v2^k=$Ms8rvB1T8~cD$mlT z5!>VT`F-1yL2#wcb!z0`eS7;B{Rr!Jw{e(t!fT~x`2x4-=h^m^_xmFM#q-9oox(YT zb0>N^CXK8>wl$!&xN}KY^X!~i;$ns7v}QTlh-?u?to&7n3nojoJTiP14?B*2_T+l>LC zggdNVIbYi!!3!B0rrKbZfIg71*om`N}k5zG(33$&@Y|9NDm8Bbo07iqpZKIRGQ*QRx--dq1ABLKQ ztP!59XId$x+#0-=xB&Ev@WiI0?-scBCuk)6lQsj=5y<%z>p@%u8v-|;;-_9VkH{sN zWu2X+(d(>ZX7&;6Oyh&t#5i-Xqc;(aLnLZ8<<`6Lm9Q<6ve533E`EuUJj*Yk{Pn@B z_!U~q69V=Oiqj+L6LCdd1)6LgFN`mQdL7&~LCYD;l)9Or{%tbB6$YvBOxc6eHquXYyQlH%j=iI^9ajSbGP1g(8!k{9FZdx z@vh$U2uv~Ta*9Yup=;aGw+G1AkZj}A^KBs(yH}u?Q42>rsqbucUQDTPGaRn$3$OJ! zsfsu8MIVmb=4;o6hCS{}ynH_!C4)UuJ?A`Ars!I?nG1XkfTfYy1}=-@kfDfVbx9M| z=(d&n=PuSRsp_4H(<)^4>P^gGN;>VvcSc%;EEc)kYBasUm6VJvq$d_8(!OtgTqsv% z8xwi0fN{N@STO=^9>jC!Jel~4^fdlAm_K^;Rm2Z-t5El2LobSqa;L$~gU8xjMblL9 zFpVTHk#n}W!r|i5hyAuuj0tsp(ZbnCyJp*nh>oM=tjnp{uWx2am~*#0cbT~Pl22D- zh5xMx^$)ZoAiRd8>Yzr~77-f?MgaVanJ?z5(j9u9d1?ENufq-%LZEy@uj%D1h1H=| zKVu*4Go``Q?AuAS`;tEv1;FYKzW17;_rhiox~%&xv>Fe-9wR+*Mv(Yl7Qg)*qIMbE zZ+i)TK$w&ZdGd<@f@O%Ot?AhnaP&edm(`~3r%FA8%EUAOBLKFQ!s(!2BSe|Fho%h+ z%!KYlDnuo(=4S*q{%rEmz~G)3D5p_rvP0y- zS=zlX;(QOE9=_kaiR74e%kWZ+md`h?W6ybI@5_~hoi|dpmY`1xSOVUii=vs+Yz~== z8|Z`l>_dotF)lIx5?Gpl->6jpx8HV&{M>m0-N_X_{=s9O(`iW{v|YkIsT6S3DSA?B zvDocS969=sAI*C@O&}vmt3?CPByEIr4&yW2N+Y_fjrU{?yRj(cnLVERlQwDG5aX!Uf&Is_ z{*MfS*OKkw3rBVLRZ%2_*|~G=iL`Pzp^gO{a>XC02byv#g)WyH4hL8zPu?W(NC>Jp zkvy&$TotjA;@hyy@N%v-9&zhHQJK%8n2#Kyjf__&L*Cbp+Z(*%3N-(s#(O1!f!xMw z{kS{9pIcb={)cj4a)s5Yj>?#71ZZ`t*$qrHs!rkOnCKWeBq~<4?ConRSfHRWndxt! zNx;E%TZcTL6L~l+KwD!wHaEKI5A*y%SGC}M86R&@gSFZg{@cBMuqKK;J2*s)ncNZ&1D}5m9$QIx?GMwtmQj@UAM+0M zjcSPqzIq=*At7igJ0IxU7q!UL0ng=qE2zRT+6M&pXz}oOP`uVu@4&qvu2h72^t`PX zb|t9#Ck}hf)Gln>K#z{w#%-R&))NRJKVC@GNGie-B=TfVZ=4wYVRd9rzxFG_TPk3m zeB<8#gbsqzM_Qu4COqdRFfbRWu*@7j}h)0E*^=4)}SgUTN7W!&8W2OniKv8s;jpr`@G*xCSR*n3r9leFa&x}IxrUS za5R49CNMW24Re|?3Ww=smN);1ZrM`$94Vdg0IBiHb)6?eH_~b#X$#|~d80BqDq+tp z+WSw8ENRM-UQsT@vw&F4+!%4mOE7}k)#O+dysJeHlI5!xDr}TJ>O;;W9hFQ~aXoPg zOOeSUMN#lgPR}LWUZ=BeRc|%VRR-EnX^zv+i^(hD<}v0`&6jD#gxQ>Y-@?d74*jbS z>C(JHSOZtcX84VOzzADXWn?WHJ$fLqlq^?F;D)>Q(*LM#d`V-&L=Md2zBaM*E(TcZ z&@bl3`u^!RGEihjoq5cA{>}~V)YfZ(6A>TBhS&B1ju9S4M+2>;3KQ2Dy{V&k($PkV zE9Af~;vcGBKevA^bpN`ZB&xg$r-QP{LCOcX*1j z(0iVgXRur64M_$DUcQg}0^_I5srqDuoOoW9>t@|8U!EnLp`heZn1MdYR&)p7JQ zyxAtp_NkljKYQOuIu9R)38~_`R>fPt6O!wU@d~G&D?_lSkFM|&=#5_gMh!CxHX~LB z4)yft?$U0`gOOT~jgPp3vJx1V- z{-AU@(9Ecn+L$MUT(Nu9MBb#s`C8&cqsW$1z>zN1P3FIV>mMImq%hZ6K4Wt} zm>z<2p4cO!PFalX>>St!?;r|^2k)ba0icx%hz30)R9eqme}0&k@{)yYb)~!WDBPp) z19s}hxB!mdGgE#M!jhRYyPmQ;YzppIo`uhP%B_!m=-qsTR^T$AtWhMm-a9$gD`snvsX!0 z^A0swuE>(lUtT{J5k@cT3!`-~KKkc)G9Md@*K$$;6^K zY>q*aIC8CCnacn6M@wsMLRHdWZtj-Lu4RS4<&<)7A33s-hC-*ht`&@1F*K-uD;u5e zQzQ=p0A;x9n5v!?i;gfbB!HZkoz2iSDzs1hONI2;$E1iB1I%BabuUSp<7yAKl%iFt zD}@c1p3t#{aVTBxJl1m}lG*>70S-_2{uIFZG1@HA{QIwSQAKeO{0t8O3p8G zB;?kjPE0MXfLgLS=xHM|m&OSq=K4Lq_{8Zfy!JnOmzhBz0X|%3GTac$nqa&UK&0}N z$PyM!@xO9oEQH4mL@jh;k1(`+H*34Ak;;zk^}7AeWv#YfXnY#{Zk|m*oK1|Oe(q1h zd0_5up%%HNxt>WD;YoEYAtAUDII2L&vpvH7A({q3vI65#ao5aj1(C?|kB^2?X^yTJ zx1V>Oce#NXBllr=9`h^HJ)&PHu=T77a7N6P9D;CKJ|AWohidI2_h_zjqE5-p{EfKs zzP5@q6-|8Re~a7+G@{SSmJpnH?k+zG3>x-A@M|6*8iju&&L||@MOEF&1r~kp_pJCi zrlC{eNe+I)j3Z9J;Wy^+31QF25A)382wK0$|-0S(%rfR&;@9eug zH(0)`yr911+diwM_lLEbLMg{T*;H+{l0YG?5SEPRZ{6bn5=+b?cHXVZ(YA)mQS;Sd z`$WQgs`CONMiHK5C$ONBvyv=nqQWn;m{zr&o$sobS!M%_23k)&^bkaCWTk3lRjl{- zx^ER~Q#tl=tuwb&(5=`eiq-K&+)qj%Vx*W=5 zIMI1=a2Uc6$?V~pH<48j=)mULvHAE3nG!7v9p#mc=zIvQDkmWbELv?6ay{ z&WWJRmbHjI(qXZ@Y7rZrLGxJ`A-ctx*-B!n5HhZw&!uD)sXhgxThDnB+x#1}S;j4qmqWVd@^I zF?B{-0O?+rXn*Lw^iGefg|5+|`aJ8ulas&G2{ECL<>>uzO)W#mx4PAar`^j<9;l@A z8RJb%EnTPAr2{!weM)uk{<`OzR@#Y;k>9gIdwX^O z5tJbNB~(~9!mSXka@Kd&F5H(J&w{2jc7WVWO0dS5!_b>Jt@HRaA``8`D$#NFJ)SyK zU$cg=H~(^qQ_iyQ9h3@6t+z)wj+l{`M)MEYV5#Sj%S|z;vr?&NF4E6+O+yB=6S^M= z=wVF+;s>nvo`9W)+IeO|xJaGY@fd*nd_ipTYRP{*_I*n_r-w99!MJ$p$aZYK&4V|9 z)$CKbtwmKF;SHZ{VrUG%YgfKSP+79M>0NNYJah3Vv`l$aXT?-fUr5%~m_I?yb1BG9 zE}d_0WGRP@{!Rg7?P}mS@KBgN%B|15$1Zs4sQ@rPxrZzjDC;G(G zBFF-&vhI4q$m*m)xOk!m)@k%T{U@CWx*Q7?czivuXcL?Ba6Eqn1Ie}$U+ih2i_B*E zvpTz)+R9_?l~JsJrObCu<>8d+sl=xet#VJ15j&C^{gS*|bX~a^6DF%FP0V5{orqd_ zfFu+|{IX}`TUWK~cU^fON|%<?R9KP8}4MkHpS?5xiwj zxP}v(x{X~9XNeTo5b}iLJa^QO?D1TLGS&M6`Kc2WWs1X3 z!>@I?C3@-|bi1hcs}e$e;&0@5GHq3S@c1?FRo}^st+6*#Cc4o)RM;QpJ`l>a&6S(= z_*9aGe$R`kInv}6S@z*PNBy?i$*g$ztv5+-Qi55ucXPlk%fE8vJ2;lmV~kI4=(c~r zeVMF#w8Q81qXtoQ)A(^fsUh~ZZ2EBuiIw$P1x27o!ko^m_sRi9cOQo2)yNOJw4nfB z2f)3?#usA~j{RtZKCvjwZL!a_-D9`ba>{~-cvvrPx03;codQ&UqKbS~z=Ve@1vgI- z#~k|T$S17b0$PHi_n4}z%B^EA&6jhfT?dwwfQ)98Z>E?08bnHQnt*iy=Tyc;lQRs5 zt?#cI;hI44ah9;z$9*nFGZK78rFk;Z3I(ylurmOf3dOFI%>g@WV0x^jOo_2_%UNnp zHb*cj|G?$x<@2}&B-4h@mtc+&C?TI-Wo{+0%unMMrB&_}&&)42MT@a}L@sWn-}Bx}FPf-| z2t$3ugimkeK#=`p)Re*XlZ8E%$WbN%d(&AvXM$nypO9uqGqo>5P7wDGASCR z4Pe94r#>a8oM<8w9P7p;**vQLs`I(5TjU;T6hjB;hcVak(TPEw0PJRL>a8V)db!$O z+AC+JoyKJpnfU zAN=Pf0!f!D@(LeYx&p^zL4>paH9h#xBmZX!655mS=Z|ilQgwB{v1X9#^u;=NBqI=X!VheE)#! z{mZ#^qdKqgcs}O+et+ocL_g-l9wKF1GJ|gfTf~~sh~1*Y5wQlaMWPDVqpvIG2VY;< z8=>Vgr8>;H39nufyB1r-y($Z7%nx?I<#ydCyR5%zDRTW}FT!#vEImFaXx_Phiv`J< z@u5w{_)W>o6H~8SujPZ&7)CNnf(0z}Xdz)iR4zb=4D0Pitm9M|193C1JB^CS&A)H9vu6DPcuFK@ziPM~u?pMAO?< z$fV+IT7N+YyiLYbhRwC4;i%xsJA-bg{|}Z%lKwflIsi9Y4HE)8}y}jNvEvf!7@xV5>|W z6_V>1bI+xYOMWOLP-!Zmr6F^I4$v!+o6(8ogDsP`r+uAEZGXXq9!K{}kq@J4;>&n= ziD@HB`_3E`#+TcJ7zr@b<%I7-QJE64w=wP!yBPcB zyq^#;kmC_k>xi)>=5|<(SBNa>?zm2}HN8kj+3FTc596{Q3UpCVsp8H>T>qum@KPOQ z?{rwmbetD)dPKfAq*T|<#QKR+!eZ<~q@+WhPPH(IY1h&o*xGaI=-2&N9?EC-%~~G z(>PsvkYBu385QgINPl_%$kLe1$9Z8iFW5!boKoG-VcQ{GV!Lr_aFY=tq}K%;I!MI7gt%a+P#d+wrCJJ@F%=XH$hYl@GcC zf}4DGb2e(?jQA%;2s1r1_rs^TLoE675|;66Vr59;@Mqe)R%Z+qhgqgNw) z{HyMa>cLmIPNn&5eZw{nX*FNSKD3XP2}{n<{6qC>@PtIq*f;R$+S?3iTWrGAG!q72 zyB2|yw(Zp3=xTHKUg$2}nXTKh8+y+qV>s!J>npZTlk>8T?JwXx9k^X{BTb#2gn=}T z{nBzk8Xr2lS`gXcnt`8mF(8NM<%e5A8X$TX!Czd*Sb3E|`zteyeR2`O#{$v~ZqS|! zLk*2MBac5=nLjOi+0y-&d?N;UN-N%jk_o=s>y2yPl_rK`#|ExxX<@=6W9D@2#wsv_ z$^C|vIc+O7u`jG=QTNTnQO}6a4{hxUM&7x)K3;SJ5NX`!-A*1`;e@L5Evp++aq>BvfTOU=5 z^u?nnU397+v{;S3?N}3qt+&2`9Q3g@-Bh$1PCvEqm6`!^89ZKwlzqV{sA@SVCTR`r z${#{y1g7^+0*6mEB00{voR>S{GXQ;=+BNNrbnG_~j;GE|6l>PHD8Z{^sOvz03I`}) zU#)Og@&9Oe|I3tA-<~pVEUli)*u64VEN+{^aEDMb(QL|Ncz}IUTFT?cV^F77N_!C5 zQCL(eY8!)T!1d4XrW`f>4bZwFc7N<+UBaht) z|A`p=WZ*le*F&<*6GugeG;D@Ux+1DwE2z(+T-#PuyDnu4OB4_B{__?G)lNgQhk+8+ zzwYus`~BJEgF?P@Ufw*2KD@PSO0)X+H2jd^vG-$0R%pDOm*SqQ3Hd0OugTg){YSqq z-@lWn=8>c7V$dHS;rYu3SawNz+fRhhGx>%|x9V)aQHD$UiQ?KbujG`fD(H6AxX-l( zcdQhZPM24|bpOX3%>YWW-i%*=iWlbrxlVqjQ z%dV*KhWNvo)Eaqp;qyb<7yL3jh-y?bJQ}{xYW+T;nOdLYm*aSv|LiVoiHbf|JaTN@ z;HBu)Fm>N~8>XvonD4^8GeTEKWc6haiJNvc5- zC#(3+pP4CxbC~~30nYg6|LQ-E*BTi^PVK_7(I4Ba|2ekId+?dfSNUa5${)M*|M?dF zzTDr>{_m%IVitcJ!{5g6Z};%GG5l=|e;dPprd5B3iNC|dzb)c#WBA(`{(m!uD)x=R zP?@T|Y}teCdB8~HX~s`sY6Mk~f+3%QkgLgRS^LF~3!;-6MxJxQ7QNr1{y19uM`80> zfGF+4&~+m=GlME?&CQdBdEKw~Dq$IfRjUr5ydxRWsxiD?HT<|^#L&_BM75?vw0ZOG z2bqQn^~Mf5!^;h;6)Mg%zBt;9qwW0AB?HSi-7qkL$sGkc#bGgzB|eH_!Fru^g(=d> zQgGI6MNNpI&Il5TNgec;rxzq0nwI2!KcI^?Z+LahYvT`9R0k9iUzy4#_Rf9mLKwS9j#-I zO6oo$EZQTZd{;HlJHI$&>%|D$!#x8VSC>xaq8b?<^KtiQ16dEvHuL=s@+}{}y-z9a zwj$~^iLD67Vc?kdqT(8e^O$7Mtcg zG_C_^ENIurv}_NlgiEg1WwV*((^67?uzm-df5Q>)?>(`%AhTiX?K`wz+^`P6LrZ4e zx7FteyW{H}d~AZ7EklKUzlJ?QJ+th8RiHaQ95^;=T;z4MIr#2B+=nDcI4w$wwVs%y z*wHNIQRW`F!6&;8m;4tw0j}I?`Q~hqDdB}&_ynS9-Mxd+D)swfUs9nva{Ng47%SUx zpJglhDR|2%o(cG~C`y*c-~*!ClwTMoad0;SK54^(3rD_QumXvHAGFnBXuEOzYJOb9#GmRw0@>V1aUKi zp7#9meEOEY-;O?s@kW3C5TBI=pp##p zFoMScAo4V=zM}@#Kr6}8l8EaTVUG34+!^SeyL)-(*)N`)&3MEP?RSd+&=OXN0Uvb3 zTTI0*)e2?Vq5BL)h#23#g*`v*< z@MC<-F*jJFp@mP%^G9=H`{@rxr}v7gA|c*u)jfhVHulYKs3D(qlqrYU2_XomFcRIC7xYRw{Xu7A* zoOlg7eG{mqxYEzS`|y}N!^gY4*eq_9T|;9iaJ;5GMs;PW9M}@>kH_AkfT51R*Ie0Iz7BDSH*?`pKd?u zHmugePApckRRKiz=}(}b<^2-q%d!XGqbMS?;cGS({3!nb*V&V9wYYlZr3eSmk@orC zLr_DzKo-Bllh@3A87Gp~dQ{+kqXUGcD4H%b=J*JcfV|!{cjDZ;_d8t*C&eQ{Xh1#% zLSG%YmSe&eLy@G6h0Gyy7Z?>BNFo?&m`FSQ@>FJFmJAal6-S)u0v3d;>jSR9@AJnrC!X-fJYbaLXO9p3wG1hU5B zkLwm9xn;on&aY%Xz?tuw8%Otxe-`$~hGVI_@+@NsqrZ~naJWgy+o=gBSJ%s>YmBs- zR)x(mSQaq!t91$@51*wzEwQvGMH!KbMeapS3-GlZZf!xLKRpJD8Q3@EDU+lJ{Q}-G z*dX*&JIij_ynfTdp`SOMbGnW(Vt%2#bXj~E(Q@Ptopia1Y&gwp&!~Kzf6}7PWT78- zDZZV+5uczwFthLC`8NG=9i?Ck28L_6Gb888&+FqjKYCOti?6JxC7rf7?!@tgTr5Nr zLM&H7cChIC3QvNR-POeT#7lX*O-(ZsVA<7}e& zB#fY;KV&JS7USyoFpb}RVix_^mhCtf8+D(o^P~<{gpz8>gJ)9G&i^T0KMR!2;bW!Gm%{lVtk*C=mAqC5AFtME<+QSJ} zu>62Frs<84`Cxt@^ON>`Ut>Q%@n#o`x1Bhh=fNYm-*QL5XKDW4gdOuHPqvJB+tQ{Q z&o0SnO~#9Y#>}R5tS?8+7d;zORX%dWahrhqr;l(n)PE%WF~zj;aUCsEvWuhLN+(X! zZg~I4)mlP--=2@*Q7H&?Jqv*g;=HLdCtM}xHgb;bV$}|D6_0N^G9RvKKo}k`>@7rL zmD%`l&sf=B_ym=Ja;9S-viruEg{_x0dd=TX{@YvKQgc%g%G< zZ}|GlGoPfjufWg7vYq@upbXnFsB`T7MOa5kGA}2>`U|fwA`znmozNed-ws6p;+Z{Y%F>CT9?i*gixx| zIBI=c?Pi%M|UiKR{*diSBdXm2WxxrsT_dWlTlaP24=I~o`oRn$S(w8m#qlna_9|6(R2OB(7;=I(?W-X^eMm5Jy`O4;9TcF5vHkDb0!zC)I z%{S^iT@f77c_fsWZ9aGsB(wz6r5>&CkSPL zPSrE6s#!9>cGK7C>jBLT8WREt4UXb#7GAvH=h-EWBAhd7*TX_zxyyO23lyF(T3Qkpue zxH8ISO;P1>>a}OHr+2}2BjZC*MHqIZh6#PWirXX1)3+G#`3*?pc;1pTcz#x|OCd!$ zuG#amZ-Rv^rsEp#{OPnW1DMntkTI&X8|x}pCLtsGL{@IYzWd2a+O|IIHevTB0M@55 z%Mugwu;z9b@E>pS-)Xuvxb;r?YAU7F4@+6IqaXP)?n{SrSk%$Sb3^Jt zWo*8Fz}KO^&U72XGJL=d(HMfqTbjvPCNzH81m#Vj0}EfJ1G6n4L-MoiR$@LrkY|fc z&{W&n*C7x<>G0x~z#CgdnW=&r!3@oT-{&(G5!7@UlIr5~y&`rtx=m2kv(@=MeF=$C z2I^rTHG=FYQdyAs*e4w;!N0KHj%ePkUKH%C&TzFG63E6mViF{LA>du zhJToRZW3X4qBPS*Nte+|cDLdAmx@mEA#%ABM)H?W-SNFu-MP8^afQ}#{q9Kw0f*>* z=@1GzW{;}6C6kA?-|KM00g107>3-_ol+FktuxJan916>C)3@w(EcWzf;P0Zlg%hI> zR7?-FpcfV(dbE3;%@T{T+TB?HbdAwlkOJ4A%S=-$n|X3vCMt0 z$g1{KW$yW~xC0#SYK5gN{tX%{GGTYewe;HgrMh2DoU69YveNbXt?U#tr?aSMBxm;f zD_qPQyVSXcI-=!NyS$wFoG!fHNXN*sf+}$+Dz0T1e+rjxEpD=?e3LP<+C0#WEBMjP z7B_G3m`dY%Zv8?Y#L#)kWo}V*F_#3bO(uvXK%?4rqStb>^oNC3J%;LJBM%7NO)`r( zj3y}WYK5gK_f>~6sVLl>dEmBNQhPc+M#6MY=39NM$90OC`mHdYMW&qn` zmw87{f-;$`&vRB`P(kGyyk@a=RlpL|%KWU)s3G68B1gV`9}m%p2yGxHxeQw><{To0 zK~>&4Bm3Gv5BRRTc05n9*Lzv1s=~(7{SZ17ldiMzIjJlobiZm)`J9}WjsP2H7@Kt3 z^FfT1!7Wv`)$F1Hsjo*bOBG&`nB$F5`<3K@6$d5~r zDo@+%_z+HuF-8PcldM@ghpz1IkE3W{In32d{i8eJG=`#Ro0-<*T@*NfC~nf)N! zCDij89LuB8E*ZVEE8BLh&Yd-yLxdRF*GK}HKvFuI$oxfb0_n~k)s_>$()_4wbAjY*l?Tx^i_ZACGU`nof5RVNJ;`0CF!?(r+y+|CK>~$^5ifcgJH<@@x7CwSd>Qd|li^ubXCoQ8&N%xn;YktiodexU>UCacQlB%wiJ)0uOXVhB zog5%ft?zndSvA`4j5#Bi0nb?NscqgVUYt0OYpuQ=DI7wW9kn{{+W!G)0SyJ5pM_Jx z^qu?OT57Ye1d$S%tP384CXN9JtSxV9dtRk^pTa3dvU1ty-i#!VRFO9;X$jiVv<`mD zf#j$CIuu4Ns5UH^L5W!_%J!b=sk6cw2kdt=vwywiiEQo@Y}+4j; zN1TO!*z4XHi%;FcX{J*cAN{;G#-7Z1Q{6d}_NELpHI94N2C^RPO>Zxaz&gj(tJZXqokT*^k&@+gnJNS0`In>s>fnoU+y%yczkq1(} zIo0gECByMzo1ddj-6b+z`rg@yf{1rgE`HDs`izpGK1K6ulPdi)+tr?W)cqbe*gmF8 zr1QNzy0}W1xj34f!HInq>2D&FF2wth3=1VwRb;Yo7is~g5aVX5HkeEwK-~E<|KSh( z%<)murnCjzlPr-GwKx1$Y=NvYiad2o`4q9#st4p2(%*blKVEyMEFHmEltS7qwR}@C zQg9jSr~wY05U(6p+^sG7A`zDK;pEWxr^E-E<6@mdYdH^ZP!1I-!%MB7bcw&C=Mg{4 z3B*7#F1$|UGGgkUX6jEYyEqx(4j4>8&7U2HWPpFxH?i#NOxpr30I`n2_VhCN5PV9%- zZ`a(yNL|F=F{z6Vr{|dLV05{%PDnO+4G;rgo|8ifpMT<^(Y;G2X|p4d`Crv z317aR{Ep8Gz_Zue>yKQf*ohZq66n`$h$Cac*@%>l80vN@ms&p-BvzV+*T2Qz{l%qji|HmXKHY_0Ck5viHf3Sos zUyKcnt_tZf92GLIQk|2A7k{GAO60q0`~LH*5f9CIe^Zv6C`m`S^x~W_rHxJ8WsAm6 zmjwRh*|uF!COC*r3#&BW_SZi;%5LT9Vm6Ij9NhEf8X zu;d_jAKG$HN0Eje_TPWTa!a39UT0|^G!QG#e;Kv`L53w~I4nLM96Qf^-tnOU8tTEJ z^quQuQFMCcrqI^|<(i1$(;4Q>n;yH6;Pjz$p(*j(a*hu11Azkmr_xGtpCGKuW!D8e zU7kvQWNv%86nEjN@sMu^ri!OqC5Was{1nA-;{z3|whpq)r^#?%CA2%Fvcl1N^QU9u zVxso~up6#c~NQTQ*hJaK)p-0UDp^nJ9e z*Uhiz%%ynE_LFL7S-WnSKK?mlGsND%7P7Fc0A7dgr93I1neY zYcVB!-8cc1`CRv?b~PBZa$Z=IOfO9SnjWYJ6oE+Xs)Og#P z*+0a4MNM?-vSXZV3LtQC_tzgb%zR?pIeNX>ip5`(HqodL@jlh0H0ae_xG@!Odm*>G z+Q;IvY#^W?jeek&m=Q&Dz3jNQT>l2ssO3vsA^ik6vr^{d%8;+A)rui#LRUNu1ZM zL5bT1!hvJ&nRIc)SM(@+f&p`#9jNxlE5D zvIp0=*kx*nQBtpSwTOzHvUltwiXb~0k}S+ZvP2&W>HHcM5c!|(>xTaV4mb44VPD-l z#5TNp$~~w&(4s}?NNVn(@rUS;XnX(3-WHxfqD-AGd7fe{YMp&eMZXi}-3Q?uw5 z-Y-{%QxMo01bjT|k?xc3LN zZMx0gx+Kk@7nb|Voh4Vmv7gDS`9l^p?XLpPgm{CCQv+B+c41E3^&&5I8|obG@+iK# zld@?`;z>2Li3+#nV1-mj)a&Uh%ir0#?vL~ZPV-s&8ZAO_N!x%C>=i`txn z-Y1K{RvJV#tV^&vNUK5-%Gdv|y%pAQ_}Wk6AwFGKZYer0OlJJpe-GJj_=A6R_wPT8 zx-C`wg=`oq(BbDMscg%}5}D6SNzOrj`?mX3M5hl_KtXg-N@t1PG}d!AffTjSpE3d` zj;WH*>saB;1pyp*O9Ca9Ec38@;*+hO;2h8#$X zspf|}kE341YTV%6q!OS!WEf5?Nh~6o*v7iIAl48*UhwHWrXK@7OLrC%(ffFJzkEtB zQWCSOmp7L41lITbb~}^vBfKL7qw*%ko|!(3?iX7>ucV<12*pY2RWGBUTBrcF7;NN7 zmTo(X0I#&j;8yfBRhCnUHYzYonE1SI(}kQ9yHZziTS}p{pu(#Ab#9#hblu+~Hg7#u zp=$e=zj&((9E45!D)RH3^xS(M{&e?eMr-c4{_q{e94aQn)FdLkQeRe1b;3S19Oa`0 zl%rWJOe-BdM$JRrUiJ`JX#0S9k$iJ{i&JoB0B|2{}I|7fcqy zhSFaaC&d(guKm`mjO-J9q<)|I{`T`SFe;6`U!5}ycr{oIF$%f7$r1AL1JRR7Q;XzV zfZctunMUit*YB5vvXi<}3sXmvzp{By1A$^!NBN`68m`{cQ6rjVM$`{KF%vI6`~_JE z>%_@TXTN8UYfX;Nn^8)cW<@vq?KH@|_3C4)db==qz$BkW~F}Q_UN>IZPdNHaGTOgF}**0hJ11PKuCEC^k9%`+z^(MA)(mJm$5_J z9~LvA+Lz|$O?t*Jh>jPmK23F&BY)`Wlo+CNiQ=Jti%k)K=cC>(s&(9~fN?$`-){^U z66IspaNbj}K3Q!Xn`j2#v83;yimgDv6kNW8N}hw|YyQ+>m&k~3$;wV%m*dgcE&L0< zK(~?5^=GJSX&TJooH`qsZJmN$%y)*z`KK2+V5urq%z47TkY#cIblT;oqF$P_1h-?r zk}s|j=eW(BQ00Qr&x*TJ?1*A#R~}v{GL7zUd?fs4rvR@cCeP0r=%vEYArd*E+22<~ zz!J0;owvU$BuKv#kddIR;{6qD@0am-Ux71F7I#8}=2YiK22G(oU;DhS&1uS2w6m=DZ}Sw4&3+k^(kq zY1r@%)3*1xz1ON}^Zmn?W8CopZ2LazfyUTduQ=Noux4l}lg&4AfnZMQJ=%+llbbQ# za<~1Lvq5B{hdB|AK89N@7JiW~rWPiIW{aQDFG5&%6wU*-E-KD{VF>@`ApI|1=Tiic zHhoSdjRlWm=ial%4u&W(i0ejKDpi)!hmL+Q_7S~f^AF?bDFyR{oy9W?CxfB4@bdI0 zA4y?02ZKV#Mn7i+`yHzqms2eJsCheqprZ zHvJFpasVf--*?-eK?P3B@hUL}re!9+j|`LoDb!)IgH?>LFhWiOtupt4&th_jgx8`< z=oiuA0lJjGfu)4$+AABe1nWM=jNEF0;LvYwtygbO$=XEsN-KG<04VaNxyA&&rU0OJkr~t24zb7WpP6JAy4N)UJ49e zmzTpkR4=n*tCZRwCD81k7@)b!J{6e(D8-A{hDJ(ILZSOjD4A6cSWeFg6Eg2DVe|&E zvf-f1)Sj+mT@81(g0)|49?)l*Ep&E^xCL2+Fxp9+&7oD!tObU* zN)-@0Ml@uP@w5>A%7G%HnOpcUaP0U)qCfl;la`%rtEZv8kmbEzh^_tRGER2(H|JP- zYvbxG<+ExOO)G;vR5wck)jA`NyY-v3URs(ijz6mp4A^E6VPoxTdNJ*jkext85yzON z5K(A@MSxLku_Qls|EKTq3oqZNFtt+Xeg*c#W)9LSXFNVhM2Ykhl+yU?6a4-#?KGxa zeh_`KB0ItO^%>u9Hxqh^7u+|hBsjiiQ3X-G*0A1j1KsENDHlDGro{(mjy`&S7G7_B zq7HwTe|}}F+JQDjrs@;k=fKO&z1uS}NYsu0vFLi$m2f^S8>L4cn5vO1+F8Ttt@sM` z0K8lo4?ajog_&OGklhGPOr`L5<^{GsCoag9ySk#m$_Ji<*f zWwl6&1oe@|7(F!Q8xbheyVt<9<7Mz!x=k|#Hp?ysOa&UvLYYqfElO(ZtDAc~K5Zlh z?DvMf!z|>jtARdR>q6oepXIQ0Wd&lfP-Yj!#>qV^*$L-?J`utgTS)(Fr=k~Uu7AlA z7C>B6zVgNSyc18=ljQaLaJ|S99677_^f(t`*SrOL-5Aya>LLQe>A90KdJ7iACkaFD z`C?OMjE=_cD&{vhb~fi}$VE`qmiVk_XK*dsn8kWuu&|){tZ4#Rqx8K+B@YJ3biQP| z(9)i{Z9hr668{bD=rx?uZOg+hQaq2Q=;HCmWeN`A-RmFoGk|R|He=L;Goahp3+qXM zf<89A=cli1(j|SXcXp@BZg$p|jEA_HRHf$)k;@{v6r=ExJ&O%aEhQ`UGcKxwH0Qg{ z#HpnG-ykClI*sTlOmc#H%CYpiFYj)vfJIKN^Lm$i-3&Bo8uREX1v_rb@ek3ahbRrG z_M|6;%3fw!{+?#t;sQczUsa(hD>b#$;K3XDbN3-tBXPjH)Nc8kPn~ITMm7O#Li|Gg zaIsg5{j;Wm^Y`Z1ZO6y?e65wj#XAL9tEnPshJafdF{|4&OXD+L@Rz|xlBNU|{vNt$ zr0rNptu$_XJ0(7r1Qw%W*``7fcgj=DRF}bfM@ijFYhNSr9#>7SL(3BO_1fF`gMa2T zPej|c41l=l@`YD)uXQwL<+y=#Wd!u@RR2Fh6A_*Al);axQ4XVnp@e3g-Fupkf#!#S z1--+*cSKYV^bxN2l5!rNgK{V-ay`|LfHqBtGg=wBZBL$3OXsk{0_f8WsD;Fwv$`!b zszNe?NU5$T#*7^=CtWMm{A$9{DsD+>j>!4xy=`X0AcKhDs~#dm<3& z8$leGBamt+`rQ+rnkD~LRejn$5%SehSvP65F|bu83@l)-IFvpPO&9WP;R zXN@x+)i3?D*KU+q_bvV(&T8(L`d@9(>=Kyf(hEPL07>^jqH0R;bM!YdCcW> zZQDqTrdG7==ATr~F?G9bs6iDM! zg&HWSsCy9?tn}BN1Vd?1$c#Og|Jo-q@u?0Vq`EUD9NoL`5|^F;XcEqGtnAvtO%6@| zok8_@yBGUg`#%ncQJ7!+@Hkc^vix_--3R#k8cIbP@CzkZ0{o-jtUJ@=m* zc|+InA-)p&auWCbQh|=aq8F8(o-Zy->r5Qe#++DYn}zNiv!xL|FL z3B{hiDSHuXsYjRsZHHmJ#T2d-jvf|6G#0KYnKI#;M=+9lX$nk8SPYiBb{Se&_|Pi` zOTrydP}l9Oj?tt0s~u++5v75NSQE7F0sCYo&?J_|O3snYG4jS+-&V9;0b9A^0D9wa zk$+%ZRBD;yyv3C^F?dLxw^knV^li$wpbCU`2Ht=RsjEz#;mc$6n3l4(^wEGkFa|iD z4nqLvnzuE@Ll_lfoYng^hdowv_WBG7Pkj!$!~v>Ex5KQfLFk&A&taJ?#2&0&O6%^5QT#FzkIPV-cEDWsax{{10t)UIt_w=~z%; zZ-SorWum0JWawJc9!jYV^{K!~x8%Z^VbZ25yCp|>8wXFGp)L_gKoDYg7ZcLN_Z7Ol z_sc}|Gnjf{KaIWhju8Isl1o4vigJ)BwGI0Cv-84R(Rk!OICG;F6LZVyY0CUMEN|pF zJDl%@o5_0yxC97BlFJLV-6oRuA-BFJ@EE5K#EKo^{(dJY1-=lzOmcMA&uc(J?&t)B z8cXX_KpYcFtu_VnerMITyqN*F^G^Nm$ZCfMz<5RKU*i>p?UmNu@9-pB`mR&bvQ$?( zc0Lqlohw$YH!brcAFo#*^hyhRbeYS>sZonDNZvhkVjm>;d=-w4D_2P!E*_s-fV94AURisO_ z7a#2$G2&#XupjaD09qRxr<|n%h45pIg9hW!9OwsVXRo8o6g;S6mCU-f77~AXGq7); zz@%Kf_hr6#F!pym45y33Tb?}k?*gh9*hSHO^~w*WxF#M@^}~nmoHF*(CL8`(x0B6E zD6mTd)7h|u6Mxd38E2M2(s4L%+KNyRJMgEJ_(9fZ;? zK^?BZkdmXI>eD{E!>rPtEx5UsU$&!F9u$ zoW4jE!9?~Sk8d9t;0Q%CJGUcC&0A=6>{WgbUSKoj2ha%ble!1Ujj9bKFbJLXj>Lcs z+BZ42|CF)NoSd@nlVCen52<&R%WL^_$`G#2GJcA=>vA?ynGuKuj^c+lykFbdC@4e8 z)5*U)opwulY-`I>ke@pP4i=Nuv`>0yJ~0V#(Pb7Gb>pLRH%%5kNK)DrwK+o=zNc|e z%4ZL9y^n8br(?5Q7ei2Y3fR+x^}Z{CWtw0z~sPZ-0rnoCR-$Vp&F z0lc(_ZmOK163=t{%)rJo$uhPZN)6AiR+(B5R#<*@;@xFWPLTW!fmzRNssgIETp;?# zyx@VvG9wvm;c05SKaGH}qgck_FOHs#FncRmApbXg)^kt&gRVg9?g@ z`&m3DA#dGX?m+C;K3s>O)*~0dGg%0aL*B_A@7#JMExLfU-={HiKGLiUnf{4B9n{UO z3BH`+(PCkv(?Di}M_UQ!q+}hbJsg#{sKQ)YHPUDJDYAhwNp^}`yYA>t-{2z zuchH7X!8ri6g+!&c-n?tBFQBc5;Cq^m*Ta_%En%DU9Mmyt9(M)Oy8>ulr!pYIXON)HzWSB;2j+i@_Lk% z%hFA*du9ET0}FL?4IJ$P4=jrk6LB9IK1<)Cn7cMpzI-;V4M)>2$~CW3--$dR~I#z#^sXI3w%n`#&(Dm$OcQ)~{?XJbcwPK&Ajq z+Xx74aO>(1>^9wozryHyQaub`v#zHbrtTdkiYI*%R0d_-eie>VNb}$cC;eI_l2dIj zmAEJkdG$TuHEFT#0;Us*qD#?pn6Rr<+o!h39Ugayr8ZuQ}D46iB zV3z=N7Z998i9$6@VPO|M{B%;hxqU|D_ zA$P(5t=gUj0b8;%q{mv!lsxB@uMCxU! zO4>#DTh-MJg(aNgqZrXK5(6?XJq~3y_EHYf&2^%8NpN0E9TEy3h)8kJ62_{%b^S+8 zl-ns*2Q0J?mUB-lvfxnO)Fc3#4C+5L?P^YZBswEK9&{kZJX z+yBO&{F}&w)y;I3^P;H#b}J>8G86jM1JDO_YX%?ZmmZ`+H$J~Bixm6`r5e`*d5asr zde1e;9Q8Bgln*6DU7m@B47(wDRmFD@nYZW*xm4i@&FpJGrnS+)WhUr(>QH>pxO9WH z7CP9>fMZ~~drV7^0Sj$DoyNb`O35)>Q6MqyJC3^ zGz5UUy!xEZLJiD{TS#b@zGo#Ua}XQqNEL7|j7PdUM9!Pit2+6b8BjssE=Ri6@}+m! zp8eW;YFH=YYA4dv8Bsw=zRWN*3jnj+07EJIqgZbN(KQwNmR{%194B5dgLdNczS_AZ z^Ic<^jKUW2ma!J%u=A|nx8d5trE;a;uO#75#o_Ao%6rYb!{C%uRn+gbzP&P`?&KBI zIDOHUEB8D;&1!P73ps{k&hYW*4n!t~+)G81#ue5*AL@`a_Z*hT&>4Bx!JH@=b@nS! zK3LRp@td6-tw$|8?df5seH?#z3!v}3uuSv0I**|xq`8%pLKh|xZPue1+$)pnh{~D$ zwqrjO&iGndRLdVaLEya&%N_VUbZ@%+m1HGg+ehM9&+H+^puKRhIvVa_`VKA9f6_m7 zUK0N{Kt1x^@bnx@F)R5RFGX+esX2zYr~}&0#~fd?ZC`c{*ZkWW{vVX@@GT&LV($H+i6+dO{_b+cJ|B;`2^9dqw+u*ncl5N#6B}3&7~|b6^gN{?Z2h$2ACCJrTGmXPpXz@`3Lj@Q5xF zy}oe*&K2AEd?q|bU8dd>(J(EH^-A!2!{#-}(1>+rVtn+<+5Y2?d!plj(9`2%q=v9j zCI;$r7$7@?j5quuHihQAraT3=(dN?HF}FS82vFfZ_|j zr26ia+`;8FRZ+_$3Wl748Q+EEJ~}hiDKICkszaAFbeFeVwM_K2z?pMOEBhrD#b$#N z!Q$8Zq8_hor*8Y}>Kj*kPE1Veon0d69mZrFK63^uGwH#yyEV}y%pcCCS}E1-y3 zEphE=xbd5hm7nhQqQ2WL)EkIWd)Vw4>yt?EZUAIs-6*J$!c_R1s>C+G&`37%mNXK@ zQ2i!`<*!$&JI~6I(w=C=$XN;ifB_)f+{T!murcIp-T#0N`0X47`c7UzqsNrUzbYX! z)zbm)M-4!CrYkju^^bzLfS(1wZWcYA=DV2uUl?%zg2AcY1A-kyU-{(!Qy=87EHAK+ zLlRuh)R=zB$3MTG|7p3OiBEKXUaemHD<<|YU-b9oo;;GjpYCr{`P&%&Himyo3jJ*i ze;dQ!#_+G;|2roC9VY$`6aUVj{x*hx8p9xp%{R?`_&3Iw^Qr(7>7V`kbX6!hl3IED93o;{ibghYk^YyiB4^OuSy!NusG?U|Di!aI= z<)&NB;xs6uzxQcWj>k+vC(NlMBr7xPu3Rq8Bc4$x zER#?eM>k{pB_|dWOdWI!b)5H@L>=7Xeip`0%jm_KGx#`CvQ3Xz#e2aGEyz912eD1L=;{x1!T! z7nnqzK~qVHsqURR{og(^1IptN$d{hk&4v)B+JEo;$v9{sZjp+|x@Tzy6Qzg^lXe*?e%WK6 z+Vl`lR;PR5^J-hf$)V}XQ%#~aote3`QYc0=Ko!4Z?jMlGoo7^Aa zR@BdJ8V6`1no`9KVcYm(NOiY#`jqSha2EdO!Z>Z>ys%UUe5&rAZeLk)OO8(cis z|GNQ#-v&R<93)0rr9txu$msiaPwe=%*TJghE6PT3!$1QeWes$eMBG<&&{GW_heWqi zn~~|>lUsmLWxKQTvl1+UPi%W$Jy&kNFyoDp_Aou>B$J(gef^VekzO8^)ac#bLv`6> zI|3e83m(SV3>O@xZsB5)UU700FwQ*lVg80yA^J{I{U1>2o$X-}tNzs4_K|W61i zzzQikBTtFlP)w*JVF7nx;#7l=P)b zPw3`>oxbbq=DP8+pz}~;-hQ?vxnV~R9UOOv#*^e&NrZ0K< zt(JF9y28!?c5SS%-RR&I;TOMHUDAjSnNjyc&XGdO{Ldp88Iku+srat9sl>;() z-Fu`go@_tYp%?$_0X?}R&dWr>*Az>Q>MN#zD8j|6z4!WxCl6mcbNpt z?zORx7}nUK0$vu2KJR6~|B6wczh8wG?3;iAG*u$kEa^pNYw)jfSt3PQbGQ#j1Xd{~ zkOLX4e$6(+d3okT;q?6LTqF1$G`(N{%xy*29K6L)aY%~nLd2cPjdkGHi|wZy#rN*w zF8wb)<&?iXhX!ZBHkkMHIW%rQ3N7k(({*vQJqMgt9t@x)YYT4R@CDlWkxVAWv{P4_ zr8NzFz*u}7@S&|teKv!ejtzlywd_gMCJngtl`Rn0BFW@n!GK!&(jwV!GIX|;OL-V(S~!+e!uVcoOSlu$^PT_ zTkD*)-hV7>d1gG%bKm!;Uf1=Rp{nexPv+?+$jErj+zJG;A4Mm^*>TbgTaE0hAExE& z41fu$nu&)G-%V4iOfkv8W2}aNt2%%fuIO#9Pw;s9OV>a@w^LDSU?dse6~{Y?iU?m7 z$j7%Atl~TAgm9?{Qgb|N5T9p3NMbuMhukC=h#F;{2{dbI;vPodt<{KPD+OMqO1{q> zNXeYXuBdO$cBQ*^rl^}Gt+LEBbf#;umu1hdAD8-LJ!{xiofQ|(zsGy~=~0Q6`@`pd zO`;s*5?0g_`^$1xB@K}0;D)s?@+-M)xCV9Ht z>~}kBF9Rfj{)$@T#2rAZ|3MKz8o*o^`U`F(KIImFGhG32M16y$u5i$7Epu}796>RP zGa!RMEf^_wgS%Jtg;!pE#@Qx9p8ygHXL@HW- zKIfAi1S%`8ppo0$XVp8&uCksICu;OH_`O_LQo!ciIvhj`0gK@U&g*wU1NO95bTQBc z5w3kc&L0x=-uMNE4KkmdvbMe2F|@ui8GdG1>(?Oz_$%b2TIxX@FzU`=a(dB`vp4&v znqTFCz@XHBb>{V~%5dLJ$)v z0GT-1wLkx4HE-+hPj@OO@adKJEXv$mg_DB{HB2b00BZK~N;Um|E@r&ayH9LSRvlxk ziEkP%%T^Bn5mlZ;M-s^%=zi4EU4r|mVDz$?ZPnGCYLqq>hE1{pf;w)=sKR7;U6qUEDnc^SgCU5u)m)F0m;1suzb`t7mjatyu7o#D>IXH5e~-ODRU z#|J2F%LI@eVX2tZQ8X0&2TEwnD@NG``}H~h_9lh6m>MNe2;Q}Q1&3j{cg-wN8!CvG zhFAJ`F|qRA10%k(X#6a((hGsAO-^K=JAiMPPNLsr{)~=_qd}vS9((us-^DP$d>z$ruoV`x346Q+woj83>ODik-TDwC0emvEqze8&$I= zhHa1(s92XW^KYX&gL@1h_$Eygdvfd~EJ}-kFU1>Q;&*6rN4 zT|z<8+uaqx78pzUAs~o1>@n{(^Sz)K4I^x-q`4S0<`RdYK6PL>h)CM<|28_>6Uw|V zLPa~qBRV(iw>wklf!e*jVdQVdxsQH-ZS28)40G>2;^ejd!A*Pv*S^Rx{rx^t6XFCN zFR2MJujt<%^*#GuFf!v#8x@@TtqFagc8-}N!=V8>bK9{SO}O zvibudWlqdx!arDF4l{7=Wp43*@L>1C_NWJ(v$SvjC+k}XuDvH_@(&*D8w1#kx5`^S zoc;&v`=5;qcFO;28`oeqjC|R?#q{INxLn|&Osf4>z6rPdlLNwNbEi8~cMVix2A*(> zyMVxC(Bgqe|mKvqzCGfCtBBS_1=0soP77o6SKv^l96faQkUZ=0}cmFdWrqkkf@36 zjhKrQhxwwj#gwhQGI`d8YUr6P@GadQBs2`GXaCLXx8Jg7-}PH5K^s3aZAbCBW_Bz` z&uh01aD%S`5iQ0z*_m8iE!cnXw`bHKg&_!9nYoW1Mwv(FePWseCBv$4x`?c~+CTXG z1GV}i{a|@V_R_#q87KLRVdUbAMV$X&W%9U%wAq^tUkL28{k?_yb`e;ePDWvE_R##_ zo5_3cfH|8DA9vA_wCUjsD2Fv6=*kpjoEkuF?D&D0I#)gX0I*Whi1VO~ zSKRzccnJ4V$4I~e1+N07K0>);*C`87gl}1NX?=D1jgMYJyE~{b->@kKT4F==>Yp^c zulV-In*$32MI*cRMIh|Xz_u<5d%J;>doc*r<42nm{;+yG*PWFReYUEv&|XJz3Y1wJ z9v+mr_bqn8WGs{5le<}iN|vVO0>G3YC?-9A*TVg2k^A@&qKqGEml4%|zvr!Y&; z2vAoR|JkSY?3it16nji{@M~^%g;^muC_24{E&_H+F+GVhqXM>5W(C&RR&135)^!{{m1yECVI){wF+=Nz-y%4}(FMhps#~Fcz|# z2r670(}QB(CR$;j#PI3pdDC&5cz7B8C0UHsB3=7(%`B>2fPid1C~pqY<)$T)y7z-3 zK_NYP5>lLiRFLn02172$Cc(8*JX6AhxuaQ)k*qp?0_Jts9v|te38b!<)PP#A>&DON z$1)|lG2G%N-$6ZxxG!*oz3jzlt;*y%Z(lWL!TrC?`_(Q3iyeCiys$GdN0I%TASkf6 zn8?*w2kjBd2MGyLli?oF8z2>yo6ZFMHY?Z-KFj91S`o%Mh!QCGdjn({Z8!(z95mmP zL)rm_{lkLS?`*HHtbxy;%Wcr}aTPboJvJ68gIZJtQq(dbJ3(bJ!<$)lP0^XliZ{Ch zfH01CFOFSxJ0B#P=UZEi<3hl|WO~2Cim(?N1ovjBaW_7Uxe51CF%VMno;BD4<(Hyr zm9nGc)=IFyXF{CNr^6La&iZlZ!?4!M))94{lbWC~7>kzEFAlMq1be-*{Sa-FqEp-= zqkJv~l;!(@4_qouf58*HOG7wR1C8V_*yp2K3VJ@BDJTDW+Wu{c_UvQ4@yX$GiyW@& z$(P8ddh$D-p!m@3dEy3DJvQm}IauZqw@qJQhH;mnGQxEm2N83)FWw|b9>toKJrOf8>T`h? zXRS+|MJ6Wbb_>nQd80pB+tS`$vManLo6@zvXYY@4yOCwHpu83CYfIuyXL#F;a<1ZuG%K?tN6q~i0=v%xsEYD(kn z=zsFjcpdVyS(x5QWS*}mdlD(PG+a@{x6j%uQT#hQI}Dq;+gou5ENNengMK$NB_()v&Se+7RAjFu321Uqf#DP^~5*7j?G;*hz&HF3x-mgQlP*XVbPZ5crHtHZ;Qjze% zYgk8mxUxDd&$cnr&CydCLk*1=+kkcny2w|Q@}ewPZ#GI|oR$Css7V<12Bj@JT|oF8F`!UEkH=Opc-{6*?{)_g zWrt%CGtM4Y(3^G88^RTU{(;2wl7K2Iw0#1Y*0#d2@vuw?02ZGf)^M+0iA-=%Sy%dH zk0o@Q3j}s^JjFs*q0^6rlN_a;d%oSzfW!#jdUt23dQ}f+pwnoW?9p)07f|No!z%9> z#bsLu;%*3=tsWEs zYv^143i`DU^agL>I;fW;>aG3w>vAg!LCe|&VlC)Db$B;_wH(N+jTE+95R$v!@Tgac zHE{E?3#trjK0EeeIhLzbd>k4GZlmz~T;8YNx+u z=nMK!ReC4&l~x`S&rjl4peqVvKtoqV$AP0xFU?|C!RK8$XaE*k>a$+QCI|XFG01xC z(Osha^V{hW1(X2040IZ3PvbKU8IJheTTVX;xXes$#Zlw%ikM%yZ?2>C93t-L$&4`k zwi~2_duqdfk~JoOdN|;e zQQIzZXM@nRe~0c=_A;Fq*VHtSM&wUV4VF4}e}$ffXD~35>oaYsy_eLM6s4_rY|df{ z+d&iYOiGsAg2Q_2wTCd#iSQEBh`_>=BQ$tV7hOX>#-hjH`OKpaGS4rjY_v%$ghd-c zx9c;hiK9<}w=6a+m{{aC*vh1Cf)eLUyR=~zW1V%Hg->t=m?Sc6#OrLGxHm|LI|F`g zf5e1>wY1M*S2h=93f`A{T#)suS26rb)SXv(OB|`u;yYAF5M~TN+6S4I9=w`12CHB6 z5d2ks{mq@eINTy4VE10-))u>G)Ss1as!_R>dB-RLJ(M`O4ZV9 zWe|I5??4dBez?9gT2thGbha-qL3H_q{QV5Rt4igpKC}H!S&5d6)!(7Yd1B5!GRyTj zHmbsS6Lsvqv6acDgh=X|ZX;g&d#?d$ej&BRpLLo!8T%Hl-9i_4pPDMf5-Ag6;P4JxyD7F4Z>(M^_(i>UX5KONNk~ZTU}o@| zd9mX}DP_5lz3R@ed%5#Mz=&VBuG>nx;*z&*b+yk~pTe zgpujd-UI*H&Q!DLUTpfET|go7d8!<^_6)(b(ji<4JzJ%~I2#1r$kRJFARX}uJXSyu z$)9lSj>EgZbVAOD3pd3TleTzh+k7*&8h=^`3sIz;w&{w^RR)#Q=kgc>|?T` zsvmF*-zzHtcRtYIE!ps^xQgoxeZ_hWI5K9U&iJx8?FgGjpv0`8#B4hib#wWnNb3?}--7g;p+L=iUoym;5D zK;DCqs<&{jv5)6e={Me+YrABx?Emu~pQ3Lri>Q63tJp0ix{KAha^%6xi#2}kZC{8{ zEau`i5Nr3?TPU{NxHm@(1Fgx;oOge}nThgb-N2;cX@NI_A(6dg1)G9g`w&;@0Cm4( zUJ=;%H)^44qk&6#y(57z=pe+z3&%Cx3`^bMh2 z9h^xn;y&TpxD;;jt4f%VDrl8xY|`OU8ZU{R0#72|>fBw`B4p42N4tdH8$0@0%tkP9 zq2RS-?{X{Zh%R>qI^F_0QZW$JkAipzwx1iSoiQ?*J?>W9_~5Ey#Is6D8@p@rtbCoG zZyE3A&Sy@2Z#3PL&@)JT{~NXkani~UB8Bn!i}6FjpC0TrYu8|@ugLqes|W)1VTIbe z3YJ~D&Yn;ww3D`2D>dusgw779e5tUp2ZF3>t?@}hSzb@k@mA19-af0-tm~yE>Xn*Roq<=4&dn-w z3cTFy)L<{+)RU`U`lhw=)Vb zIaF%TE?CkEqu%A+66fCgy|eLue3FF{;UqZYECd(cW-~Ny_n0KUzB3-qe%r(oJ!olL zh1Uwz1jOp^BWI`*H)ApR zf!Lb0%Omr0VlYhgb?IO^Z7RQMu^=le)_L`w?&+(=u0wswv~QMvGYWSCnVDl6O1uGGmm3e+3#wVW)LUMjij95D;& z=2j7ZNNrWup#KhyK!Q2~WAYRBMNG@WawiGpXmT<4fz3q0)v0^Bwndt-&P$95kz+O| z5~_loUA7=@C3(OzM&5;8uMHj$9XFvAmA**OHQ}ANUQ%Y|!*(i~fym~4V!(V3$!Q}8 zr!=tQ=tu^$s~Yq8PKXK(l!nKk2Q3m$aILco0L)!=m3vN@w?C0^Gf}cZw|A8e03ddz zM6*r^StUZe+jqu+;v#*-i!V5_&|_m zfq|?Erk)#jW!u+7ZaF<#p#=v7+&?wrO7XY+xYigz04=h!dmL{3yxAeka_jI!cqWZ7kG zUL?5`?}eTu^5&c+&Zcm{2-y&Ss6U)-1r)AE0LqdODN9x5bdz2bDB3 zbo7GdF{NS4s--Ate8F7#5mp%14yv^eir89f7EXQ_*{>D5LwIf=;c z*7jJZEpr`i4)bQUqR+K51x3Z-iCf21N6+cMzYB_am)iW72oI=rb`9#4OF^kTs=M2( zqEQv>dcqvjwD;emezkx1gjUnve9qB_LdvGS$JyL9q7pm|R|DX|O8`wdXoVPw^Way` z7Shp3cL3%g?UU@B=4q7|R{gx5QW#z{LQ0F3jSo?gDF`G%ZqYN>hH&}I5J7I=a}XsO zd|PS3yswi`zcC!HZoj)jv+A6)dAne;swM6L)!_;g|7`rxJx$D`u5J9%*}=%ZZja%& zHo+BqPZZ~u*R%xuGx)u}U&0uLiGAVDh&e9xHS*B$ABaUaO7M${QPsyYpV~=-EjwV6 zp!ZVMK#@b${Gx{glg$by`Y>;t`bp37xy?CRBI=ZtY6tI(jRp!H9oXh0SONvWS5_ws z1!|u(k4*F7+JRqTE}?r(s9ROUC)J%zxF7QQu~a=N$a)}UKF-_GYpg(%=)_E3R+`(X z6#WEiV(^jc+(4ZU3tPO#{j)iY3}8k5{)9wAwCQOj$Bd|Jx*9upG|c_!6Ym<~p2uqV zb5&2scV?5E{kE=c5ib4GLt^R1qyczHNt@bg7BTKf(a*;3-e-$;_T-N^$Fq+xxj@Rf zymMH2uYCLZoR2_?+Ld1)4_^exOJ8=Lz9-)N)$QtpwA9b^5~C5c%pB$aR{9VX2(j21 z-R&)<17R#wyHx48H1xVv#r=n-UJu7)JRuO&?Zvc1?# z!HmF93f{Bh0ynR?BYf2>t!Eo;M%X*tu}xQE$~E@`-zj)YBVO3KUPz{^lf;X&;^#D; z*afz}pRQ#Xfk<22Y$CU=(DTWsIl*kS&3dof+;tew{AQR;K%JwTA1IuTLR~S-7W^g+ z{19>gD^JLX55A%$@cEt;D%?ZaRiFC@q+Z%MC|LzL?9B?iiB}bs|5jMj%k$dq|CQeR zSeApzZ@A>+F<4WC;!<_D4^Eq0OYNPfm+%uLRdyOW`RgPTpN=*?R?vB9{p-F{tPBV= zIVhw8h)K!y0{M5VMTvkR(3f$86PAaPPlQ(Rxn(8##yhRMK^MiQD7HCa($Ld*P*R^G za$ijXVvL#dcS;&gWDu3O4a8#UQDlOw#i|@yOwMdoqXGQ{wl_1Z&!hX>9!TkQPHLGn z1ERb+-!NSh;D!~^^YVs9+2{v`i6?rlFjb)18{61*uwI5j3JB8hd9KPuOat@POtiV8nE~%v?YB`1N{%XSjP3K} zl!*#$1rHlN0IsZJy#kYYQ`HFWxWR@$XaPGTRs%8 z+;-03Z+?pwON<~EDiBaQT5}F02JL6(@1?EwFdv%0&z0;bqqZK0krRCfn|^T(_;n%l^ z>4;^t2W!%ku#(oh8j3Kq^+;O*=8jn}9>NV=HH8W;)-!r5WGM!N>Bs|vU&3M1^;VofPZj9{|_jfoZ zkg;7M^K`UagX>V8exrJT$LJcpi1zRx=XPdUIaD}oW0m0G9|VB)UK(MFuob(U-swvX@Tf!8Oz?aT;kYE)lqS%SlDHS-HCPA1sLTn-!f~`b{Wm zlzV_>;BO5h~DpmcH@F@_{41g=LP3Z%dFxsPZVV^BV!%vxW1aq}$KR zQMT-7zQ1pW1GzVEy#DGJ;xUTKO-d2Jitn3WL~MIPy_we+3Ihl%kOTFunXGwjg03HLZp^Jt?PWKqaRYD)e!mv(vCFJ+7H#)%2cz|a1x)o z)z@=L{iMTkrK6Rg%mEu&`F`<$9V<0;l zuBCK@nSLw_KDsReIj#9DAE3sE8T%)Ml;v)#1?@jfnjM_2IqJeoQLoPrLUwyP8$TEi zyv{GUNnKh}P+6yVqw}pazQaeZC0bwMs*7}k87PAQo9cBusHRSGx72lL5L8m<1#kMJ z;Tb84hB`+x;8s3DhEa#c$ckF3M)RN2Gou;IO@xxpYvZLAK=v}?u^Oxx@LceQdQ6T~ z*i~=Zg|uI{iFD~uh3k;pu^0`bZ|FNZ+?6WddM3d++3tdHB0F=M8g(a`#E3 z_2!@=dzU*Q`xSi`OwWXQ`y4F?1dx$A2cAl%=RKb3pbm~1G>>bqZJya$sw<HHG)>Kh{*|mXns)}W{@Cq zj5>5^>>PlKCW&?THeZF#)@MfV;pIPRc(&3;(m57Gp>b?gVpB=dQ#J08LGBZ9JzuEg zRwjHEbYB%aNF!Ckhj1Oh;haB-332r;drUuytM6Jh%4+SNj=fPB`JN=*8p$e{bdhVV zaavrik7Mnzg8ll*-jcR!USGG6b0$W|vx_3ce%f=nYz~+-u}MQasnNRZ97&Vb9Umb$ zN>I@sZI*G!WlKse4KUe;Dfs0j-jgSREp^SF8x(!b?t9rVO2~(~tK$vUch|vn=lURY0gzFG$NQJrUX5VnukUdqJrC=`vML{WonM_XEB&f3^ZTURi4$gWaQqemDY#@ ziZbN|z@rs+4CB^N3vEt--H=NxPjUA2k?Sw_w9}KFxav+b5WR(8Yor74QAhqFtiixZfk|j7l=ZP2l6`2cVWj8Y;@x$=f9_r*q2H- zwZnhWlM<5pGpVadIWU*n_^dda<9yW~YAMEQL}?;k-vU}|Xra!618j{su}JBdHBh;D zi&cjkYxHRdVHu1|FsUoO2PZ(u(o3U-i8?L5=5;whW0~@6l>3uP`b&oJLB%!hS-gRSzl@^6DSc)K?C34(>oHt`_iH}yJEz+07>r( zI@2Z!CQ77-m4O>P!jjE-3-m;XKP>WQhV*0`K88&h{xbXwr$07NT{goU2#8VAu7f>^ zi6}kkX$WF2w=BJqhy-iZ-7CMkk3FHe0KQ|UoGZdGr*M{W z3S`8HQ2$x3qVvH3hQ9_HH|~_-CNr5gUn9Vr7nw z?LxAPn(3UJka56OC~>ddI9L1q*I?z)5b*rFB_7l#ph)n_@Exe=YVc$(0knrn!QJaa z#ZIpzO!Gg{DRi%d^<|)Fp06gLQ%3Js0cD z(ofbq8(`iu@GE#4mkGU087F=dY=R!kd`#1o45?p6GXLVO2o-=`^X;Pu(_E^N{qJ#Q zYC@sldgh4#fT;d^`~3&A_E*#Ye;Y*55AaZP0ok$?%pfkw`@Xa*HcJW)|vk9JN|ngh$!rXbV@T;M0&vh$GN8My_9gCu&HC1cg}hX zxfoI)_1oLo6B=|_8*#Q$wHdICh$+xG>zvzX@%vN38ty2S|1#M4msb|qw-2y@?w@{* zH7#fWzT>T=gE7Eq2N~YY`fKg*FJ18CrvY=}(%X2>fAF6kodV#K>yLeY5e@wN#az|| z;i%mOY2hb-`Hz3ODUR#l+9yYdzvnqJ-+KmZ@>fe|J+9xbjGE9Ba4px_KJ|a!)8F6r zH+rk`Sw+tWk$Yc%*nc)Ic)kDGxL~LJXXDb{<9{qJFmeB}xWLK% ze{69x%u+z2+6Q7uKy`lO3hMn%ql#7kYNiYAG60yL8$HDZsvv^^tiL*~#*AByNKE{D zYaeSl{%JpZF+jemZa|d&Fjly@^jQ{?o!<^Yb&qUg>^Aq4)&$I(2ASXZqUM@~Ls~%upF>w4>UmJ9Gv(UcP z1z>qf@6?A)iLV~|*VWf8Q|OKIOkF-S(E0dSbvaR}=22aRobum=ccBd@4XXV-s{r_F zq@L}BTr5Y8howyP5xPqhieco+O!l97?Ht`R!TKt7&hI|`c04mx;;GwK1F)g^K_{`S7YE~GeD0bs@`P=b=4 zxh6Tw^K|mhwbVvGn7O4&%q?;O=>AMY3tSg7t~>R+$}gfO&2c&*9!{R`6;F`%=lz$v z|IS%XSJ}9s3W}Ic^8UXgeccA!-K@0**uBJBN;r2@aFgby470xttJ%y9o=X0yjcbK-Ylqe;y3%n*SeG?C6|?8)zt*fHV%2JE8|9?tE zL~vjguW$aG*=XkeEJULtnCJye?=8R)k_!i9hReaK9ftqTvv(!I{+i0`OuNo91elea zDpi1YVo~i^K-aY$6`_A zd}F(!y82bSkd^BGt%co=Ku^-b4Ve&9k9Jlma+=p9E7+@y^jR=!Ad*5nRTCZe(>g_n zaSlMfF)W?05-A$&%2P={%bNRIpEdzHtQ(+NJ*}PtayCP`W<@`UbWI;Rh{Xc5>*?YT zrEVj2s{1KKd>QaeLt%_8E?`LL3f?1YnI)r=wBhN?xajw@@d5HwtPwaiXYK-GQK_{1 zPDjY_S+g(7Npv>^+^f4VwVTd}3-h-+vklYF3$AZ?zGPf^_p>n+ z`4@kuHVVm}O+ze=&S7o}rZ@#4v|a3IWPZg&*?8I*~>`0r{fZ`iOVIVE9MBIuk#a(zDmp ztXuDY?DML78H_-S+*<6`S1CAHpl4cZ1$3TFKHlVpc?v4I?<$o=z=V2zI%0~%9GhMV z9$4TE{Q%*}5I+2rH)HE9P#0QU0}>@$Urzah6_esq^2_Izv>w)sKH&s*Z3}hv?{{hZ zgN8mJ41?==Z_`^&FF^rr+yIc^m=|LPBrp9TfX5x#;kxHb8Xiyqm>$caIvL~6a57!R z2Wwq3EH4Wx^gyHx^lg)2d_y&EQdP64kh+cpIoo%vK{-05Rj0Lg%fdfB^we0$+mUsE zYsMx?7}n;+j;RO8UDH4Ml8DIPS+XdkY_C=ziQ#0>WUcCQE*jcds@rt~ctH226VLD7 z|9+{dyrCF$cHfEhApss9eVg`D=Yl61^^(@1x=WUvEahPSbLXx9Z#%DEhz4+& Ze z^ML5j8x=553-F>QqZQkA z_ls~M-RTHxA^p&rG14;u-%s`YE|Xs=CTZ715nG=UC0rNdxkY2%3(>}etPI?%?}yXK zjZLC$%s8W;Q^Z#rKtxT>OB#At`~=l2O<3dLfqBr7=`8*0eyvfTg`zkZOEzI~4&r2)nw!+6SU!{%dPr-*Di2>7h zP3%|(F?``wzlZolru8>KR4Jd^Z=t)IxdbGfCVEXZ{||A1NX9;Z&%Zyh++Sdq2ZXq8 zbfnRF@JFmpZ_I6_0p!$~xk`Ctn2>VT-2p82WQ%(R{B@kDMVCqd70A^ObDLD&Vhr5P zt8!U*>z+9bd~%TeMOHn!e7DMjbW}i z`jwFK`$IAGU}ob_%MGSx<0!Xjo@83Nr-@G#|L_}fXnZcrH0Som1rQQnq1k@K(*s&s z$d@NmHI}{U{#%P>h@n0~7r<(HOE00a#ZX-OPE0pyJ-FVSw7l-vQL4%4WH= zEvQ)=Y^AgR0PEKKTuvXm+i78JTl1wkCFyF@ws>h*pxqz??>jGx`!wH+4zKFCZ_|Vw zopRJ5tWqnr|UgF{XG@ud;qkH9wKIvE>(7idQAPbWvoO+hv$bjtQ!VlHW>{)#xT{ zf2`U5{_%!Z{`VWP)|eoBbjen2fqXjrD++-hzn2b?eA5txkI`F@ET9@ zcHz2dy(|>FjpG?x&g2hl-2x}rRIH$LL%bPpC2dBp6ru)~3T(&1B@AP&f!G$^|Lcw| zCHwt&>_!3p@j{ZaqvQHVowo;MIqR?s>dBIEyQ(l#F7Z7*)WIB0mM+8$o%Z@AOdN)} zq6<$OTiOf`0!u4e^k6;O4&nP~`V3(6UO^H_bvlwT%!l4=!^Y=iw5xc!DUjP+wijIz zXE*#KW&7&Jqf&I*R}cHTu}AGT$Da+-nbsnE&fa|O5wi&3)}*Q+)oa1))fC<~7#2@d z46Ly>yPDsuNjNQ-7}YLp_BD3ClBq0*n7i1lzYz^^^510ccfqGIlU>9xBPIqaC&iD< zo0uN0)s#tm<6LE~`l3nz&)o5|$G_QVDNDrF;#QhVvJc09nFD|ycuR~CX=D883us?M z3GQwKaOmngOaCw2E1yR4PHbsuR48psy>gQ~hGc#?L}wrX_F8`6I-M4@nmrsq%yVPA zpnPomv>QOjxG6JkY~HB@mT*{UW^@0yvgDAR0h(>P&F9VKIXpJm$@&oOC)L$5*G>(9 zNPY;m?07~j?hI?j2=MRjZ&t-x@TUh@5%-G@b9Dl@KT=G)<_fpwn|?=Tp#r%y-_uO9 z?BjR3nLYtG_9N0!hg^@I7`&I7dD6QUASnX@KA`ksH`5Xw9=Vf$$Zc#4A4LN_TRVD$ zur)cPim^a?%pMc)8xPG0xyXbksQe|9&Cn7$mZ1ueHkos~r61>>ZVM;}^n+=ahj-nY z-03#bYi#vQyp5GjthkzCH-ZH+-{=Z2;~#FP6V7Ux4E;D=;(4sO*E*C|Z!OyrJO`b! z?ETM|cjg!g^U2@8x1GAXL#-oKr2~y&X={cfA(z__?KSH+hP<$+U2vZb`|4~Q&}D>r z-<@gNu%VLg(n_hH;ZOfZ2XVU_ZtmX{sRJ$CPZ#PE1w7pZYe%|kceYC&!Y+e5?ny5J zfr|T63ZS;zx(b2?0ii3LhmAYCWKFrH;xB#pP(qRnHd&Zs3 zNa%8%v972D&F@gH{So;3%!P@N-7PRP=jIiAv}zcb&y%nU*O+s@f+~+ZymAcU1a|6Ddv+_7LS&`W1u!78Sd+VPR-+c zdSTwQlb(RgStT(7q#XOo+{eyaKp$Z~DMGsib%Z~7G#phf2ve`T@Mh)HfM4KWpyqp$enYa8#E0*L5Yj zw$%*>r6ZVl4Gp-bfOf<)9{KEJpuhJd$wqgpMxl?0J%#JrmmpM>}z)j9ML$uxJ zRW7gbo2;yFkA8XL$`k1F5SnY;rm{tzGj-g$hHG3&T_oq&Ek+1SKElE-nH)xXxl}pR zl4kGK?Y=30cV;KdvND|-Yp#IWl|BpnD8Gz`aR(&I#$B2YN7IN&P}V6?G`lmQo*`i$ES;1@H8Rh$Y7lB zrw~1#-npWk?dBF(Ht&#TdOy|UtQ~i5!UE+jrpP9kx8REm`N7p~qxR|{4+3vUN0kYmSLMcN3L1>(+O1qi zD%8r3`ki)4L2>kj@GNP)gZ7P!Z}}*t-|fb(clpy+824L6EJC`tThQhf$rHSLHTe(s zZ2OCw;%muU#>vPXQ|@;}M5uz>Yz0u_D0g;8MsEO^{TNW;YywArhG)bTHEy2R$2Cm! z>%Et^+t(?L1sJ+k_SfO8h39R$anl^6A!D1e?=fuH3mjI8KdKJU!? z=33onGSkZdOb)CM&?*)JmNwW6`P|Cuk+BtMto=S{b(sYPN-u$yW}x93CF1 zV-L}lakF&)a(6dyGLEnC;k2}`(;a@v1-m#j=`P$vvM8xcaK?tWF3)0Djp#ifb-`md zXzHoVOc9SO1$CCR@$zF!|Ady+9WDOA2#dZ;JIk)ccP`b2?+XyF3n%C0iLkRRk@nYC zpV33ak~*%Bodl_GJY+H`mXu5_gXqWY6}i}l=zzS96U-LnG$5RvKJ2{7Hl)u(6nI3N z+;1--?qMQbQOFcgEbjy|z9qyoJMT#t_ed>g{LlTmg2b#GXnmrJQKRnI7P08Y-a-{g z=`WAitx8y-L?EDyM`nt_4zhU(9`Y`+f~pZeaIzvu9Tw^}rKufiHm-S#z>%SKoStz1_=0oYb>pLT#FMxJ96P?FP`u84%g43qCOP3vAh zR7#iQVBDJLT5c9DV7pde+l}ldD)(QzPswR5?EcITk~?ARS0*)iOO@E9PGPMk&$iqsK*NI-)>?Lveh2}Je)ozlov(iD_hBiy`Sg|9QyZ+JwNEv6I zWx0aXN?8i&A%84G4U=nPBE5R=qcWFb$Y(2RLpr(cZ(a}`Cfirkrgy%b-%J|~QB9}Z zW}F+UbVb@?4Ag8=(0kMxu~CW#XUn0|*-N$!j7Jn|0ad)uXeG2k^7$b-F%!p^Hj6EM z2L{@u`MyT32ag?Ko#j=1X63wS53{6pyndb|)`E1@iQUnUz3{0r@WfQ)SA5`E!|Nen zVuBuR#&;ra_o4nSUss0;ZFyx~dIfQ1Ve2Elb_UhW{ZO^P1_~+>`b^Auli0^3_Ta@* z({HpS(jQK&yk+@b7d9QvbZL=P`rcf4&mU52Ja^xBlD{#}rQ&A6#N=2h!nzJf#xJ)Y z%`UWfb6 z=0(^Si+NKH7r-i*X5XZteBva6fYwyK?&l?9;4Ga@-btCuN{(jgHm?^958fprywf`6 zYg4%pL9rMpS-Jf3-sy7_nJ2E9J&9Mio3q>@%T3D>GnX)&#WuxBImUBAiA2TSaf0*3 z&fZHRSmqFn6QA==wU3oFD~7#m*T2tlZ<^}SHdjHCb|$6gk{Tf|Nd5S&XT7@X8ali-%yD8A4VPE`+kweDnG`1tF1fszmR~?CMyDJtkN9SlSjI z{!oDX9%{}@Nsd>o(`u`ygqkS0P4o$DmnW2O;CtU|;AQ(u`_7cJl1|4CfqM6iYe4jy zqNA={4w`D*g3(uN!nP%$t|q&O@6%Dx%4bl%YgKG)i9X=4#jAV{0@C#JwA?)kX5bgd zL)x%eFfE)-L1ZU1ZM1FkBagt5Ys$f7^_)zbhnpW~EKr^1d+Q=gU`8B?ul$`#r%Q68 zZwSV2vVYjMThbeM%{#CYicPz5+ezrg_4wzKa{tx>2p@fI98xWM^9%YAtM;pFsj)|{ zuWmcX#@@>mF}i$3=w-%bZqfK#FRnNRh+f|zP^aYA%n(an9W@SPUR0+LJfV9aP zYPsIrxrE!8;EGwpd?P+q<*(r2wAw*&htY!X}$B} z%)#kyVy#6pg70{eGU0XVUB&RQ$6(UonqqIOK-u>e-KDt`)Na9GjSAAd;4}FMCfPbbQ+{=oDaJo9uQ)YNh^DF@;DUn()esite(ru&ZPgm9v)gD~+T}d-oF~J* zqAk@v(ZSuyt%`z}-mm3;>F4OCmX7j_=Ufxkc&(o*-d5NVd^hGN+D7Thv*4q}t}pEb z3&uiZ(^;Pl_+?yPs*Vw15?pVEaLVn zXxJd$tnB+P^F47yNIBHIwoK3TL$rNjU9w`wN!eQ^={Ylj%k5*-MfsjoZ^9a<|LE}y zVePiq$&s6y!EJ$(vU_`Ks-?tqRNU#4ZZ4gk>DzK5ywGP(`j9D+80zNc*Q$HB=4RkX z&DEbDZ1~d7O3odM9zxDYDbzF>9r=n_ix$L=6pbyYp4`m!#oxie&*L{$5-$zm=92ix0ne)wEG2e#5yX1cs&k9-erGNUGYpRH zO&nPKAg5Q=;jcO4cnonqc6%THL)`HULXd*S+;^rIwi*h%jx8fn6?R#x?KwfFGcoAb z+xIH~1w4U3i5WI~ZPOrHQ6;N^D*Gs<-67fJTeC)KZ<5jO5cCkwE5;o{Y5kOoXT2sg>)+P0{#NHF# zm>%9NZgLfr`k)>8NxxZ@Yj9ba(k@hkSDH7IL{v{}M!Y`cj+3v}AwgONUyD}kzaV(Q ziBRbfP!uNkzwCVa5%{FWl96S(@9A@y!R+Hn#Wd1M;lzYxDR;jS&Px;8kt51rqRiLt z8rC+BweHS!etPbOG7o0A^@PWIy(9O%8bL&Q>I=uXr7!dn@Mx99F!HYd+^9Y6xv$$y zhssRs^FLV+t(hd zGP&wBA;0IFBftReNW9@J~-zs2{u6rJv1TB0FSZ4VZxzH~uK`Q#^tZm8Z$wM;)4 zeUp=G+8;7rbwhpoW!$o=2`N?uW88MlbB30$q!qO+K>%yx+L{TM!H5pwuF2vfE^W=6w$8Ij z)d}7B2+`vfE4C4-u*2IFcV4NZwWEwM($kd&YULvNw0oCuWM|3WXhP3O{iP${1@~D; zph-vT#KCeyWT_|f8fl_*KxjC4t)1G&$Jhfth%mB+Prms&+(v}$d0=eCo#o@Us0 zO^(Bj{d7`;TFju_Qs32d`cg)``^r)!HKBC&K3Puz}}955qVwV}qxo%Z}+p1d$8b+NN$*Rc?El(Smo=9_nSm z&yM30)Yj~uR%8K-PKPU`g+8Ia9H--0)s@JZj+q@(e=EiA``JHPTnXMH=r3X*mjW{q8 zDV8aN9333ofKDw)orudIyzkX1v8ifBry*vo1MByYm8&YgbPg6n$FyFZE6|Xz2OLyW z9Sf<2?;b$+^lDANb6v}snoR5Y+E>W3z&4#>zT~1AU-Hp+m0qz;Xlc<7#k7#jR0PSW z>A1iB)nuhqTSH{P#?q{nXO8PUf>|Whp-VM6&%88ax+7k?rL98nJ9by<#$Dmh%_6K6mp*6jQyJ0{xl=p2)*PP_@_jh`^`50&Z*VcQoJk6 zQhn-oGrnZQZAtrFDn{yHuE^6lJB*J}qbU+Y*+tG?szYa8{kwsP6r88RG)>6&mr3*; ztS-;lQS}l~@TH&>cIcSEJ|GYGO=&+kKagG7vO8nL!0O03$$rpNEh9?Bbq>5}omEZa zn~;Wz_nIekmf6!LNa@o}ZmP6YwNukmQaKH=htno*Nm1~RMo=n&NrS-ko( zl1i4KPPF5RB<}&hTgTL{ts#d_6&1eQXv#i#X!?CStg}eV{X~u|M8*yjg)Q1aX)al( z?v?#{s&FR^8*&s?Rysl)E5%=DgMOwmw}jEEF_#|cq7dSXBJSdb*4uGBT#@ zh>(oLq0s8+^5)L|;##uvyy2CPhHK&~n7{qE8v&H56Nf)D=7{#X%p7YPI~a}plu>`6 z)lQut7R%hh!k;`|Ad8ooB{eK0^&W5xmjU_aqF_wB6Hg3}izb$4wa&FnkgHA>)t6Lp zLbV3v%1d(5dQMW2raeK4xNkJhZ^3`KI-JGPl0r!`21bW94CA1jzJiezlfgx#Qd z7P`0lPT({;Yg8h^TUpEave7AiqW2VJWePkdpH>q($Q^}qQyiHDH0o>mlPyJ|1sYGL zn-xuZ8J<{0g7S1Ra`Ng(0(VGpkdPyzI;P#!_r6Rb6CuRZYuwhMW5j+kd>`X4H6V*m zgCi|_yd_@g7zN;5T*G|Idx+AVz~qn7^rp+MT9I#;&4lV_%(tY#1G@dI^*BA(HF9yJ^Pih)80)W#`pKx6kYDU{ zK8?-Q4hvnomJ+nfe>Hu^r9;aj5N+maoq7!t=2g$bXH`FUQ1?(Rlts)H<1;2WzUwHR zBga(JFpL=yJ3vg3EV;5nr@GKQ{Eauw!wu&q1M};2FhtH@`*7v*ZvOZ12urVPLzWwT zXfl^~OT;U{>x;7-4Uy$lU8mxNv%pX?+zT5(5ZalLTuVF^qtp2-F`2dx*J;=lC}Hz_ zFMVq~T~K|!1FWEYYSIf$Pj3~n=u|Wz`vdDrt!qGRqVp%EEO*U0ks!<6q$6dIsU%TF zE8h`uA;fKxXu*}J&O}e-Enr9^5;y8HSX7Jp7)!g{F8H+P;L2JLn|Q}@376Sc$fuy$ zHY3g5i0&EMsV1VWUT?5Kymv4cGWcjhU+YyxXN-N%+>^q$7A zM{8#-c=t{@E;S{8Ydf=tG2E}$qp3Ex073L>{}7Ve9CdLrqIkysll$W-lJsc1zkm2m zvVW1qYAqA*piBk6yogw)U!FvBDf~7kX;nRb%0k8a276RTGw!~X1M5LTY>wXK6Em*| zji)*uD9LMP4Hgx*`j#dPitrFFj20g!y;FwN1Rq`n7ec(}1$lLwyr*o#L~P zm7fH)dbL)J4GAoSK0rBUCIpn4J;pR5Ehzmuh6osXPU9VEBy9ofqMby8s5B+%emr3m z(;5_a;%rfaM(2JNTJM3t-mDX!@Q?^E2qk4JceeK83GL~At+2XvK#0~($(eXZ)YNZt z)s#((G(?&umua&i+Cbm&xs9%umM<*Z6?;O3gRO%`VC@;7Oi2n5F$>qpl`Ij*9|Gn@@yzk?52%Sw@~#P$uaAA2O;jeZ+yQqWPyWJ`=?>;-;k(m> z1OjTV#HYq>mJ3s`$1qR>!u5yH=Zfb(2j#@Vt9*z0sQ?3lP9`g8)YD z*=$hcH!QL!!Y{-NBmfzLO%~oOCv~C6(B1xPzeU8)(P(FG(Qim);`;oK0wyG5J(f(W zO@Ky`LExkE%VhZx*zK|wpfdpQ(k-O|Pp6r3$Lj%2qNPTg(+$^M&Hg0zGi=I`<3w`nethjj zw@Ib$n57yTslDdYo9X~V&c*4pkNwUvv(|8J{&(sRoNx~uZqW1M;ZX8y@QdDfk}M=+ zh3ml%Lq&IeIH9n)G(t1S@9ilSWn4F>{3`TnPAk^V(!rCDqigJ+bTW=;3cFE?XlR9Eqo{{6!6Ey_Rdi?Gg`a#>X_aBzs1IwYd^_E z_=B*XFbO-+l4kR;%N;ez0`J)upq=lhSa;ZA`c-S(#gza?;ZV1~%(MMsj9KyqZ*Q5h zHzT6hZ->hR!fOR#7%~yLqvOu%SM7bo{2=o+bgfoW^m1(#HEcP(1p6TPN!nfA$y6)t z4K0DE9ZcK7tTn@x6$acCW*`(qkd4x?itmT+lz=yPW96vC_2v67lK$) zbD^cKDyZYTGlX14FLI|~B8*pXHv{PtVF2mViHBQVq56JMx#ffieT|DS|B#|{QyS2- z?sOtu5%)||2LAhF^T%ndp6N=Q6l!jqA-^9z^B$9qP#Xw3jomy=xL zcUN&4-UL8RuBV+D9OPxA&?KF`@(5`!q)o>({HEFK7|KiAC2R4%YO2GhNvl zENoGwr!Z0w)TBW8U6EVm(=U^+B%>WlHEJs;8M{j$;82e(YVOo}ot>Y{S-5G)(}A3O zdtde|%P8gM&sXeI`DDmZBjj892X)fr7EroAnN}PtV`LUn-<5kt?a}L$-m6D#g6}9q z-ot#2@OgVGMYA`nRB`HZ%+%!63#%xe(T&9m&shetKV0IgT4->QH{`Aqp2K&0u=m07 z-qRhTM|+H|;#4rNyvw+yl1Cj=@}aBcO}x1qAGbn2il*Yy9m7MR^i)U4q}JAKa-J;Y z{5T+LZxr+keX~l8_?7FQ52=1gQXhIbF^${E9y>f z0&&HlKRyWp+#~+L7{5>Fz4a8}8Rzs6J{FeR@BG3SfU)UMA-}yjpg&Uwtw&VNcIQVl zAQ&@(bKT6)RzWwcpsWk<OA zw}}s)V|o{R+1Z-+rv%BRyJJA?WSD{)atVD9OB`Wksf0YaXdc7<3=N`jI<*Gi6&eBF z8eebxd_r>rroWol--&TnzL4&{|aeYD=_OCQUr19Z^b7=%CL<5zhvU(-wLR7@i8Rss7{o_dOm3okKM+E?2Ls% zaV^DgefaRqg}eIackJN0HtErV2Zwydr=^FRb$iCucFdFuNlL5>oxfFoq?dbUrlvJg z(jIShNzp_`eoM#$C(hp4RGZDAY-i(yW<#WdHOvZQR!7amYKL(~lP!aAhGAr18Ac%U;<3Y+J*6dVviq~beJA4#=mkIj-J>14p z#MBPbKG)5=U}<+^HB6uZnBHlvh*ZLQ&90AKa}StxqBYq#zvFsv7B|p-V^r1WRVtS@ zE1V$1PDpAfxF1uFN_pwy*^Vl_U3vm|Aspa^Xl=@*O=z?qnZlwp2V6^dA@+=>p`NLg zc#_ag&2^c0%D76}Z=HpJ4jdgC?#kCCUaEOy$0tWXh@aB6Z3IQr>2*`PXReimT$&tscthy&SY+;IsJ01tzQx-4KC6rz;^<67P& z_dkht5n0t~KGvvD+K*`x0M(`lX-Y8M=kr6s+NSw@GD<%0r~vB7<5r`AFb_T8ig7CrAb zMm8x#4Jj1_yjM)VCP&bYKtW+K?AVdf6O=OhDy;WQ`UqiX3S-~KFLOmw@DDZpLY>`# zqgG=9Cv4!1hI$awoQs6`_BTp@{Octy?6~>@T6cL)X24G3YupW=JOmcyOK71ARVP$ zS{geV(1|+f=Z}+M)S5B_=&lk?v{uLWM0uRB<4l!8=KJr0H7z zw1yQ=XdSGwmmrst*%4c8;pOXogQY|)$?3naf?hh%yK#4tYw6xH8EMzv>{(oc6a*d$Oz-F*_t@3$(XB>pr6VQi zBt?kkoWfV|NMk#Cg;N1tsXAY?C_kmBpuHVI)4KSw1>k;j>9=~6p|7Jy2xVyizrjo7 zNt`>FZYNopQ*BU*ICcz*yQxXP67^cI_mr}U{7;I+u5VPZ9Bawe&kZ zS~%n^=kUtzXZl4Wm>7^}!%E3B;?9rhn68-QYmsQFRA1}edW`ylq&>2Kp(LZ5S`y&; z?z->Adspp2ltw6DMYq8?FeE*m8y+K1Plex7A_wi7H6t}KQg`xP0~|2lN%k=wxgv?8 zE3UJ((zQW$H{!6~JC>2@6I<8#u>Bt0XS$-xx{@LfddV z^=3^}*ujVg54ANph>-wQ9atMWgeJgEb*vnif3FgH3V8hK+e#IXdNX5k6CBroS$|T8 ze=mfDCe{1-gVBt5k8$znyW+H4YnXMo-x=F-*_o$S%b)_Roq-};M&MZ=> zzL7)oM{a;6jy>VvZP(EE8j<8Rm+z1@xBQqZhAa=|CNf0DY4F|nV%Q}7Nl)*?<`}U- z4uxOEsEs_DT>&V$ldz00qD_LLy?Y0|TCs7pf{Iv4aTbO!tAPJf8$@oXuT&@;8%;iO zvA1QLsv_6|o5n)rpUlA@1=!UlpZhjv3X3pKrq)->o5=iLle}829n=_C=ZyWvFCzQ# ztU**y-1|d6#kzkMZ!53KhJ5Y36h%H6rS~CEol7!{(&KgzB}8RadH)KQDcJa<(EC@# zmzSz_0_JdK=l-TI@A&9VkCL(*j;*8Qm|19@TEVw-m#hg^Hn#acCF1}3rRpW{E{5*W zbU(f8Yf zgumt8PxTgfuHEna0o}zfo||m}))3mz*O?$2@~xw5lPIt9_YN$9D6VkluXp9RL6qLf zhJ6h4qfvT{WFr6fpZo^iFh`^_{TH_Y8wCY!xc-3%Z^!HGK6kj)3EtC-iiu=GyXupF z^;9C_yTE%I9H=eUkuc;GyQ?XD|A_@}{SSFWZ2z-B|6i+baLqs;JT>=|RAmT1C8D6g zejo4YPuPKny{hQ`>#css2e!Ids%h*Z*y{YcRMqc4Ne9xg?#0&Me>%)RghlXo@c)zN z-UjmS{#q8i_nH@HQ$>HdR%=BPt9eRB&|~`hR^)+4Yg$~%i6!+JKP97 zyA)$|4-oZVz3^*s@MUqKKTLcD*1HUrJPZ!i0JmS(gKad3eVpUSS7*6--|7@29(=4g{`UyYIpzTUV(cU z$ndoQ3LjQ+4kT}mouj`O)HF}YOkEQD{)5kb+oH%HcrtAlI2dO!C9&HC6;Oe&TlMQz zH~|lfj`Vg(@ho-A-;QVS;zhU6Bj(ue`*Fg-iJq09EKwpqNN}8I#fIpuqbT(HPyK3v zct7B5|4M}E6+HuXcMwd}Py)E-vDjOyLbL*PwtfFi$Yzt<^N+;vk9pa_LC{{UsLyFc zbAoU7l#6CgmyWOd^+Spz`h=Njv}ZmmrW|j$s!p5*^&Dpsd$;$hH9Np{!^(C?X*F8e z`!%~BoKCF;k-9kxw}og<#m54 z!r)HJH-1Q^16KrT16Hd3(OqS20~qzp_jC9G_up1o8Yl>9)y@C1D6g*oMH5lfZGT`9 z(fP5aY!Q$Fy!ImTUlt`C=zYCZ#@N$;S>=Zj01mL`-ur)96xCGl7JVKdTwG)me%J*F zP`OK@_hYmEJRAS#qUUsO4ILfuPOctQwjHHsJ{ZUAVgYVG$S(U|cj)#CFs9OJ2GpEv z=Eu>fSimw{6{v?J!_R?SUxV1WOX)igV>_=!LjPq4xuPbCp#UdHYBmVzSjDRy8Q28$ z-7>b_b`7*wJAx2)4Rz1J5P#sIf4Pw8W)tIKz=2z!^z!p{vxs5;>Zn3 zQtP%UGe-y<<)7tDUPN$U2$oNZST6Nd^m#Z;4!Q)tBjW26Q47N3Mi819T}l?(}=zQ5|9 zS24g^pcqeyk)TyQ*|kz8Q>F03c9+T-sv@H6s&N@;e9V6PZr_jNyvUWD4EQ$NU3pUo z$XF8ANC!ORO|P}^u>@D6ja>)rb~y2tkmEhVLjNoxz@NPofk1(YaycHqO#u2qnc22l zjr*WZqPhNzvzElaXyC*xVJ`7D*;*fgpOCOy>!EDO@x-k+|84E845A$B=+O>gj~6kx zf9hYS4?vThy&*tR6gm6P4Mp zbDXZMQa;Gc7#vkcOLU3)x-NPc!-T*E)*QtMA)_k$m6n{Az=@dkoq>JEbi#_&22)uoMw)=Cp^Rfy}1yo6Euse=~Vl zIop$i=5JEr&eI3)H3@Hd*W_ou_+o+h*a5#`^#POK>5twC@(Jfc*&h0SEJ?yyt6*61 z7(Y;>tIs-39?(=S2<)%R$U$@hu(7dBMct)t(Z$y9+UtirrMX$+lPtF_CV#6|Q{Yju ze-$o2U6b=TT!C+`V4(prOJ=gt(Kq!=RlSbCV^+r4?nM>0({r9l2@>>*3hho*52+nf zL_f&|&Wcmisz^v3^SPmy4DIJ0g};26dz(Zu(UZG=Xyp)I7_huic`-vBwwt%cpO(J< zx4m6jnSYg;2!nVV|K`FTI8H?o;)gFBI1Sxma}X+jpnbTi-V@hzGQW!R#b^8$cCTi4 zK*L4Er66#)tU{I1Y~*_vTD*mRY3(N|;wg}nI}NV#4`~=# z)nh=lt~y9GtgWqe3T+F)*(~<=q)5!>+rI4M~^+lkIi;}3*Y+8jvYW1^k zP)TpL#w`oe+78m7a?ku1^(Kkic#p61%#c$V5n8TP_K6i&)Agjse}qYBT;r{V5E^?7 zmU07l8>#ap7K<*W5KwN4ZRgih&=7jZhC6|K?w6hAS_RgQ20-SrlZv{V)ro6i-BX9*ZU!y z{PMALk-Dr8K7fTMp&1|@k{xa}g&qW{51Gik;p9a`=XEvDX)nnGPHvLvS&%?|BS3+X z8!X`tK;&rmw}$<~#(Wo-AuRCB3x5MHFZ|&vB4r{j#VgRM3nD-Bzc1tE zukU^nTGS~Zg1h0ji-HFVdAd`#cXS3V(QS*&#KPyhGbTB8XI9b4!Blm^A%VSTz*4

{vkxC?}M>ZzxtFx*jC0-y=Q z*KDJ zFe?UY2bleOecD|T;+mlPcz#p3&yxl6!W=nqBA5inSVU?MKQ8RJoO|B}FyGA=1%DC6 z?qY^cmlFV5L!DYu`d}Hiq#(pI5G=Xf#>f8g9t(NiA-RCzMB40e*UUNE1h2EP0-)Sf zO!t4@Km6kmKq!ib6I7)IIH3^1s#i#bSf&>h!MzivTE|}Zr0#<)7phyW0?CO^WsEeC3 zSg@T0FaZ7J{1k3XPKc=48$5VhE^-%WA+3@P`c#=&vy2X*>$zjuCptBIwTfzy;LKBBfRN3Pk~%4vAvDK4Bb#O zMoMNX95#QRvaoIAO@)tU&~B2!MAiIARlN-??QDmL1|HiK!(HH3Ewr*v2%kmn@-A*X zY9FMDqJFX<2snIud#aHK5U>Ln9hdi;tUQq7v|GGH{NSd7fFry-%F$MLtQ2x6-34%0 zy5|l8ES-IwR;Fga+iv#pg)W+&6__+um2Ze#G2{&nU&9oy7I+K-dC&=Z4Ha&O&JY}X z>>Q_3960nm3@cqYU+|5>%_M(;oyfJ0NLJ9 zD5cPvDk-pW4woLXq8FfD-H85AJV5Gc5DY2y$k%)m>IE|TGvYfhlBV#HX%A<47_lNU z8?*36IP~O~=Pl>lfq_}UQc8+%qB7=MT8QgDVH*~+3I&_NI|!cA2a~YIs~?s_Z-l^8Hk*&1n8_?GTb5Klxv#!j$Y7E;_ubN z_mbbo0`wg~5 zKUWj~cmf%pbuleqK)Xp!$K_UZ`Y>FG{vPvOYq_6}M_|$04`@4EWGd|26fTlosXsDW zWE^pXtjc17cS**KX@wr@c3j}JGO`<--!cUW7|AV#1*CLplToD~p<%7($<*~tp%VUj z>3)Y8>`UGS5Q32I*VnF@*Iv5pnkAj*G&z7`o6Q8qq<{gKQ{cXz!fy7JUEL>h zl0yQ@;tU8jdZQZ0!0Yf!kOw3HYkr`5R-dNYzTE`->>*=OALt1$!t4N%$wiIa82(21 zhbKamrj@#e7m(=)MaQ`>Vg#VWDzewin1cS0#;-5o-Acd|>Gvoh8}B;o-*O0Mh|Ggo zj|;kBK9&d#7nz5LqsH$#cJU2MRN{+vR6x;;l%v$Ey;m}8XSX7{8fSbactqGT>%a1# zBfG)a=^^vPATXyJ-EJ(I3F{Nm8T}}DpttPMidLdC=DDU}aQ+kN8ol#Kor}T9Vnld5 zf0F1%g_oqSQ}k{22~u*^MLD=&WEc+8TI8^T%}3vz1k;7EMjmi$4jKjpWf-;uHn=-j zL~2nJYnXJoG4gt-1JMT1T_Eyl-uv%Y4kG9HpW?O}ZccQ8#dp`0p z7~1@=o80wgXMmD!6lC;Nw&?A=r{8~1J$c$O-VdOlXXgol3MUpQ36*F30S(O5#|(55 zOiz=4hZEX9DCW)3x{!eFCd`$O?Ei`zfBs;>%h^5VousN<{u-EuR8aZgMI-ho?CA}* zcClxHJX&H(+t6*r=LGzy%OK#|qz4BQC)l4IK=m_q;XWKaWbY}Ll@_{gP0{gqf@%a-lI96M}yCiHZ?1pPp-q6yQkDzpc5 zf0m?vd_~<7?%sEcrh~_7& z&jp3wCqJh%DnR36lY*f6F5Sill52(ZzJ1Ql3HDm{A@ws?$q^V40%~CzMOLktb$6WY zV2vTF%C)@0U77wX50m7KnqaqQW3^3~wX-S^(gfzX@Isd=g>f{J`WgN;LN-L`OUI%m zxQ{%?_Q)QPzdicYU7vAkPy%ZEIPkpdM9Q?>VRBfuwh8ohFuT!Mv(8Y zwua~Z_~X<%(#N*%_7!xYHM^JWBgjl7*6y!0*`PdvJ`#%l4&>* z7~(;IqGAg%&uV*1efatnwS|5QTL@082K+8eZxSd=jk>@t(5Qy@Kk!O-TQKq_&GmNI z&EnmcRzNBJy6{gh6rCT78BCjK!!aY=3-F~9{7x124!{GIXWsh0cm?=q z*;=w63^VILaBZCQ1Y5vQnSJ8s_#Y?gf0g;`RM5I$^_F++Ghek&$XINQ!ev<{_7sQ! zycU26zVTYo<0WtOLI$)rHJE}#g$myN(=6f(HH-mh&k` z z>Ul=z#wI}vfXEld%fKzFp+}K@FfS(GVAZ$xDjjEG0mKSc+BO8$iafMJq7Z_g1C;VL z5~Xyzs1$LvizsO;8<#k$l;{{D9)KT%hv~~PeZxHEjL6rno)CP3*){^YRArb|FKKo@ zqK9oMtFO+^-x7<58;^FBjdixpa(9_9agVth7IQw~r-AQDUk7~8=;6aFSa+VO_hW)o zBr;{WfMSuZUEs?sQfaUo0lf00p*{R+fU@ZcVsr~k*4nYLlp3`~@Gi0=l=lugMyMPmqP(KqWNyI5$ zbYNGs!JQtbN01Lo4dz7}js`Jr3XUWgs925X9l71{{+R?J%yV#Y##q*yF^`W!Ih z!F0fEod&tyR35Nh-Y6Wgx)uZ(3P&SM$#!k@t-&*c2?<06j4UK;YiRjcG)8p>FvKeH zYMM6ZZ*8hc>(!pP3Ue4U9F4|Y(X7UzMxA98`QsH%dx7GZ5BM6w-Y@#dX1DOOsFos3 z^UdL;8@hwQSB0ssnaxUY=yVT z*}IBlnFB)##@QknN>c<0$?8>^)<+?nKFQ& z(FM5tZq%!eARa9DO1Y&K!K?7u(@e0VvjsH61@0kgsy+yUcrHh?Qahj=CGet)Bu@=O z0muv_5mzs&gzR{}$2XvaGN1YjH0fB;jc;SP>rY2jemZS>01_p76E?&qBD!;xK zrH&aSQV-X8QD~He8BQAsp_@AHA%~2?VPINR0Wv(4d~zTu7XrVDPy}p?0qVp6s+|nr zoab2|!U$*~qh?inyTAkztwXWH7?s*4XQJ(U&6iNBbpqej%%*;Uq zy`7Bh(v3=4`zj8^jDh-*hsKexO^=d-L3^F|}wO#Qq)Z6Zt`zFu?P`KcF5PfIJ3ZWRqzr zn&eKcQVY-)s!}%azy-`s-wUQ_hpHVFHQ!-d}4twMwq~9xRaqdYWV! zE`tj})#pMEvH3osK-lQoHW$JSa%}hS^fZOUBB?fHvvpbvY>@&}YF^dA1Jh*b2_6Lj z@Z+45&pJ#MCd8pb*%=LAXC;KVfCv1U=3ejMeo4alh^;M3VAWw&TCN?MnyWp4wrDVu zNYkln*p!p%bKDIz{RsfD(}=SwRRij$-^5_&23+6W@TwlxAHM@t0+Mb6Kj$`Ev4&$0 z;EkJ0^cUS7bC4!e?A9P2Pt-DTF^@PoIS=z^_$Bs`fd!QY9WNlhQ{)*U0xx@`);bNS z;am9%7<1kHMxuvllS%}UQU0P%7U<)`J*(sln-%nW%<>WoNd%qhN(DRUvN>L;wj+SC zIkNyX4mCXgLf;qMaG*8zCO#=w2cN61`3*#@y@F6o&sdT%-Zlzjpnu+tx_hAx8cHGF z@5VSv(|n^a&J~>I0xuGTESjAYF$K~#-RuXXNoGl_gFO6gZ6BT);(bhIs`R4r1Qf+- zGMl{XICr54I~5+z)+3)Blh~q%$rGc9 zC#c#J%?th9N}*Y~#jFtz$>~s1#7i$6I}nDfH^b?w#vFh#2A`~JS4;3m4rj0Nc}pL! z2k1jvk_6qpf@ngXh-I4tI1I{u<73x@ldY%J{s zs?sIytfd?BQcg}#xPLF`OnbGO-oDc)9yT_{SGpUl6{;)*bh8HO(br?0I5%YGoLXf= zKpH@iUV?e>aDR0oLI|$62>|WWFoWJe@+XRS^LzJ?XDUG4*c}v|xw8exv!YX_BZIH> zzlI6N5+!=$#djVgUs~pQOaxym9dwWW0%M?yFN8N49uL>#^+ub9E-&>Ii{W(#Hkhqv zRI(DU=uNZ&KcPbZ>+6*+z|eYceh={+pQGtlxkq8*SUq+3#pyHl2|Q)*0@4MS!p}e@ zK|IqLLL8e_(G(b<-k3TEuasz(WmbW9@92izKqc4@uJ;Zw5@og0+R(3nOZEGd;bLX> z6LG*Dc(55LF8CAe+lI(pyu|2!!>`{X$Yp8-b&qMDg~*060a7#Si2C=QYO@b%Uki&a zuASg3p`S|Yp>!iNaU(f6Ul8<>TGO0!6ns|2o1Z z!AKZW>Tz=Lgkt{73qfuT{bq98CWD{{)9Hadp32Odbp9ZKv~As&?(22gL^f?3MJFPL z*%kPfeb5_ZgXHCw7t5!!R8TX72M!}*4gu%O1BlLtKtrhRbBXM#kZo^f74*jM_zXlF zYhY5mUb&HFA)ObMCxJKo2>6?h6%y^Ac{w1_RE2k55mY8sW7G#=|jdl zAEbzf0;Q*^Dab}LOGnJ9r$9Rxq;pZoi^X0L6~2qmG^z4Gd;xRZ+3W1W0kz`Uw&#If zX~zosl>tVmL1b7$8Pew*E{+|#(k79ula8d$n_mk8N|LR8f;>oXPZiN#?h!5x6{g>b zXCF5Y(8ie}9{`M3zP!K07cM~OrhasjUrX`_M2mKCQ6p*^Qv-&?r45E(-*hy*imXy) z>s6LTPwF96_jqziE?TbPLuA!ai3|GG8PmC$wcmJY0TxKIlqDfTD!ArUE^g@2T@5@v z!TQ1-*Tc8?INe_7#F^iUCX!`C{6BdZEha6*y}&n;*Z)uX#K`EZ)eZ{>Jfo#IAw#(5 zVm*4~8Xq;*V8u6m0Hy06n+IW*5}=0jRS)JRD)q)*HH{xJK!OT* z3|FCvC*qg!=mf2Fdwz<-yNmLR8Ycr@Y1>H9JxV(Kukzl9PnIfwA{~-CZfI`_)7quV zteA)gbnyB7#9AF9kD{PwhJ=Wp9V_>)XwGK1UuU~@`kMdD`1B)G63ha}{PNU!A&Sw9 zABc$KE|;JF07IN;cq4V|^>6ElAj>s)OC|Vx`}tW0p{d0>LwD>dTJgK81XYpxg3!ra zRvI%nClkl1E(66UQr<|%|Awo7m6QN%kf+?~pyJqC*d7~jYY6Ziqa z){ZdRdwz<}0o}#6hHte!?-Eh6+-*_Bq{@FUs~%9`T-5S}I=u#2>yoz&qoh2C>B_Bo9cPh(~_mH|Fn((gR!(Siv&&ow^nBI^J;o)WGY=Z z16JN^+qz3w_e$>{KpVlQuY)J{T1O&#RkY2Sj)Pmv3n-_iWB;}xKa{tsH4h32`F{=A z6Efl{tVr&0>TE3H_OG{!kLfAObD(Ez#{ihs?G^Oh9AbO8_5z{aL{7YJ1t>Cp2TT*iVRv{ah8+6FOskx{MG+H!X2C;11DzE}eJmkc7dhFpF^dN4-#5>B#UZ4S7-i*!MI+Gfmv=g0U_$OYgfuv@Shng9k+{ddmab)I zB7FOooG5=GKEw7c-v)^gpfBIISp50NS5FWA^WuIKT?T3%)$DR&7#S**Yd)0I%4(l6tTK|yzp{(*u zfsI*@hPEF*?ITm>xU)u8&bj8^LNH>=jqHPgk%;Z;^A4f%+Ob)36>uzBE3R3(V&Y#@pt9djNV>oZg_4ynmrT{(DKnFrwo6p}{YpF+0u9 z?V2sUEgO=4aCYObbn#yn4J4g;JYB0{hmouQjj13UBvp%q#4=(3Miy`>5e%>$0ptfu zm;77I`^U{KFJ3ot`DNv7|QscLkR8<&x3;MWFCqgD&aIC4Kq7+Tt(6 zx}-Li)W(w9_-O@}^yQMiT+)~Sy8=swV#!eaq$dALwk_$)C4Kq7+G5GS{QtYYbaYK} zq1@geM|pQgw27FcUWDLLaQ=5P{x2E%^TR{zs-uxoNtS>WYrlKTv;Bdrfm=S0|H$|Y zPMO^WZCp;?Dqp8-BDba-y}u<+I)vT0-?O85)qF_hKh>IfS_^6HL`>Z0=AWPDN=%H- zK9N*-(*GIl2K&93qwaeYRBvYBP_nKFF3f?L`$mN10(E^f=!M{dX|7d zQ@P4Li?@h>c|%RUdbe(8Z!m%I#jR4Q0P-68@DhiQNv-S1o@n2x;m z^RTI(%#Zld6&o<Ut!<(r{PyROZht!gk4-_BQ$nWye-)g5bxaXUgtajE_lv*jW$_NKwIWky;>pH*9ozp4bzHBg-iU#zF&%b=chH~iJU#0<{_xYoP(_Qc;Q$W>r0lNTZ#bp5= zun=nos;ua)QlSYFkY_rwYrz<^bCtTa{eT`OO-Os_;r^>%-f1~l{i84C^k$u4xh!{; zN`N5;@FSkOcZhitaIr$ocqF#T2iz?cQl=+0z-;9}4xkNA<%M9OfX_GwFkCVqeii#- z3?%kc4INRrT<*<7S#fyWwH0D=!%%%LyR>tXb=SEz(#$bAB&JqKXY62W_dO9V;L1U~ z0)!{DS9$BHW}gA0=kX3ekMO%N15EJQ?L|EKW5IrRH)hqkH3E(JGSAZ7a*0TdwK`i0(z&C-#x!z6Km!Yog>|vQ|1N&$w3b1U}=7o zvsU(Tm_TY0<`H0sm~UK1u>u5v%cniLldUQ}>c_fpk!>#2D>z)<#|s+eP;*|2#`V!XfI56D+$+yLK_sj%)>gI9o3 zf|7YG=67=GY>pH}QZAO@_SpEIcr@S$7Rxr%>@IHWO_b(7$-!Kn9>1_-p+?f%u0j(e z1=v6`^GfWcOz%;d#qWmbyop^5>V%I6PdS{ISbyZXO+2o0GHuZSmWJ4@ zzM)uyh*1Kxm`6Hu^Iu*5y<{9Nj(&uC zt2al@dDkF=ooDCVMLYPnySyLeUs)nbo0EX0o~j4|ls)8qn@~AI8{VnBc(?J0*s*$EPxWkDeTNDBh~R#ttxh zk!MB?RPISbv^{xK9ZQ-mO?k{{uK*kJ?^Q1VS;m!z=-*5sz8u^fSajX@_qCcQ_IjOp z33%jwpCT;m75_@8Sd`=kjOLqOQN7ayUGf|OsJ9;(RRT?!Lk^uPf-_Rro|Ypxy`qoR91@lB!QF7v({PVTj` z>CNJOE9O&r=Uh4cG7Hvx*Tx-AG}y0xJy^PdQn|oosvIRGjD#gHj|_?T&b&Z}Jo7vm z1eEn}DK#G$iSx5yEc)>XY2>9XnqGG8hd0=T@^}z+;MuDA2}swc~y z-*E<;tv%QaNVaKh!J(0Ry_S6g^zPcmI)U;nFO<>v4jAB%TSzbmiHYEeFGs_nA;T7K zfHg?b>-1wURhRnM3spSQ$5KtLIY6bTv|{2LakH&QbPJgI>HC(ZmtdK+wI)H{_2BJ~ zlh;-XncTR=8k}mb9p1u(3s7>g1T5l<2=-2vh(?>!jW7KL!Gnr-;T0aa`|r1J-F{^O zwZL4+;*rqrzW%k4n0z4jQooT5=Opr5Uj!k+7Jathl0GTS`uO>*ILphPqR-qWL2~eYOQYw-KOU_ zpH>{yyXe4C5TkQdR6$BdKEbX~ym5;hF2kdWJM|t(N%JKqRI;P1(jK7DhA{eQ9dmT^&U-P^c&R4_>eg`rar1f)wErA0{rB?P1!1_nf=V?Yp)jv*za zOF$(?rH5_-5r&}|x}N>D?%(JC`Q7*bdH>um&UrD1GqJyWuf5i_u611>wHwx7-*#Ob znzN?hZdSPtDcD%`!AHYODHyGffaI+H`|F2CwS)CshleXZU6l!*74YTD&N5Qv7|Tc+ zn`U8t^WxvhAe;dLH+a!tF1L98!Dn_6_WhJ0Gqu1XJmzQ4!vI$fYY2-{dhD8 zI$d(#j9|L7qYuS@Y*le8+OgvJ|F<&e*R|xE|KS}W#$;igGWmCs)3E&;iMdu;Doyg&nYqafH=*5^!z&SOFN2)SSk3T zm9h!~NMT*UwW7(F-WHVJg9BCT(d#NOBhvjVz0cyz-qDGFI*c#!P9ybQNd%(x(@XKs zMCE6-a|BZ-O)k7$Z++niU)y;Vuh+=QGwU6u7;%58%vHW5!d>|00k9f)SilF2$B*9= zy3J5d*F%N}793A0f`%{UXI;ODp5J6I%UL{Lx6HZH+lD5`K2e8#p)Dh5Rz95^8=o)M zIUA3WyoW!uEE`2`cDEfZp$cn+V{DvBQE0s-ha$BUam;?fa4!yRZXD|;G-(n8_h9^( zRd(#X_4eSf+3i8Sv4`IdRS4CYjPUsD61EmYK-*qlFs&KC2x;JB`tmf}3^-{_ww~*R z(0Ah8xsMt$CXK)NX*cfmw|GPH=Pi{bv;^-rk_(*}3=81xOLjo>Qk&~Y)#TYWWT7d1nhr_JD4>U82dt4&fT37w4cz zS57Vsr(&_U+L2hcAQC&ss2K50P`Ya&VbFzI-^)C#oI9ru=`uh1`dR8M*d>EsSW_Q) zamsTl5L4S|DHS-;^tviMrqV12D}VMmIN4M4sUVRQm!mVf*`v^-tpT(cX)9t0*bL{t zrGkXCrDbodjkBzsS|9xxPdQ7Y*?=ZJNn%g*;H*=wcXl+LcqNifyz>hXQ_I_1Gj8^( zQT2RJBA9*g`;`?m`6@`Vw8U&)&$kJswlQCwei~T4mchAp1gYg|P13p!J!!dgb9R4? zvhBtr0FoCb(yccX!!K@CJ+c8&!!dbBd}}E43QD_b?cXU^0m%5*qwxX4yRTHm)|xW{ z8M?#yV?=NAtP9E`6oPx+k(kD1U2ix90%v#a+?%MrR{d~?0{o)_1sZPoG#abuDvp&T z@q3jb2JZZd#kRD*ZZ8oY!BN9JE-o>Y{xBM*FnKQ5O%Ix;Nns zonZc1Y)+~-Tx4s=WCNK4Vr3nn_e?mjEvTn_a+nnUV_h2WqAW$jxZlLd&2vNK)G=ii zjIn;>zPQ_ldQGiOjugD$no;MN`k|LtF&C0pb39Jav)S`uF=3O*(*V~jxMAzX^E{$= zbd6a87?EP7xku9!jf!h-eMRrLDvEDrk07@lxAW1DecJk6&tM;3>iQ3jm;9d_AKTqV zQm`cdOq++)5mhXWUJh2bO7UatX`EvtD_( zCGII(8F39pc4er0tBJLiuaz`-Sdt4SG+$!X$fxl;yh%YNxsRl)&z}H7s;K6 zk99y^bwY?}J)fX=*@ORf_-1FDOM}VivmF5)LQ2MwHg(TI1Gk$4EOy%l9^HdninPLx zrhCQ5d&S1&8)vDk)lbj!*ti&;y?|kS&N=AXDM>M9T(CjIoK1l2IWWr;Y2|r1xW`qM zC(%ki$}^6LA-rX>u<~&rV)@6=v}o-)%-hUe6TNLnOE6?jPYZjh@ua$ zSTVV7o`vCB~!N;N}$7sO%~&b7%2t z#QjSF6t0nmiyz94n^mszT#y+fCY}X04vK-)j-Sg`T)oK@S*76Kd{Q{26htZJ9!Hi{ zQB8Jk3*m13C1{bJy)$SqLWJc_n&=&{K|bTPpzaKrBS`|bL+dRY3v3(H{)?##^PBPV z5+h-}-5ya0uZVo0r~li){(r|ML!bEga^XdIYjKRiFrI zR`Lm%)PdrFHa~k+X-ri8AiBr?xl*jJPW}dw}C|rh%oPPDxR-L z<6avby`Zlgs=@^fHwFq$@R-Pssq?A_AH#HjuS{r_Ne7dFNf<`0GbN{+AX*f(0XP?4P>VTYc>iIDIVSJ5&>D zLyHrtv=FjoVe=dCxP-|>&aeaw9kW3OMI{j)8efirEqiCGGn&o8Wg0kewf}MTGKicX zQh_&6;R67R*@$UNY=k{P!9j-Rb8z;+kH`G|20uyyf(xonegI&UvTPtw9s7 z?X{en8F3Fff}{LVu|P7EythfgNFi94mXxznUphyl93ob?bGW^>gl4@w%i7I^M?BE`2X>a`_2 zHW!`N+K1;%bwR{7`HE+Z5Xu-U-=w7X8Ve(3{G6GzTGN%qo#N$)JIvP}iy_WzHhJp* z-fO3cRu%FhT66SfYzOMoagf8#m6aCqb)FlDfdX9*vX)7eYxC%uYq&g+_HSg2vG^36 z#rlmaM*65G|NFLV+VM~1$-n_@oeq*MIl^n1k4?t$&w`_-Sd*Ra|3uE>O!}UMiEt?t z$Bw#QZwRLnEQ-G;@oAThXVW?CEZ5*gq`l<86Cbqbgoc2Dn3f-Y!A3U#P+y$AHjZ3gh}X@N%_XJw}o0>{daIS+Kn79 z)_E-=h+1N1W-WdY8qWkg*O_e4o7ia;tb9ry^g+-zgl(Uv^6lBC3*hAGo-;n}6C*@R z1Q3Zz!H3o$q_=oS&`LH8ZGqBGqr^tz&0*Jhj)F+Y^Q|;N0;n*fAfJ^&c!3EGV||;G zzyu|yB68cL(fFF*v%I4Yf6K5Rskfd;TSezMrle#hQjbZgt#$ z05kV=9_yUJ@`!9f5D5ukEMmRb=kTr0ib!@Iji{^jh(%_2$nn?h9F@daNYM4Fl)ewcFvNmsuk@RQF507B@NBc8@j@#DcCd z`#rV^$NAa?Gc+HM0i65rL@RS(TO2X=SHs_)-)66MYxjqP#+9ssV9Jo7M3aPw6XH9M%kL>c^!&uIL~nGLc;Y zMhpYz4?w6|bPG#~Aa+PwZ{hYXA?%COefq|q21V=C&SMFAD_IPtY{0`VM^KSx^f_4f zsGeRY>6~jIIj>+Ok41GE%i3S9z<8 z8?+^mRJ7A)g9wk`W<_sg)FQ-;04&-I)xZfg8D5g|Q*nazF~uJL9)l*fi2d;H0;X+w z7+BVaeiO_-fz&AICw=lHEF~O^%27?$Ls&)3ZICs{eTIQrWPXj3o+|xu!QcV#0AT7! z66P}ih^dVqerKA}@(4Juy(4Th!Q1HqQrG>{DLgklyu7Q=U_rHPSpwwlv%yv_p?nQH z39{oIlX9OJ)jiInne2d_N5T)i)~1G!flbm)IUOp^tSSy@anE4a>K&{hP?AT_6WEZ% z&;0O>H=~!2MVI5Bkd)oH_`nzsPtxScs7tyo{%Kpydp(+cKoxnXI+_lV>@vVUAcb5B zoiht283CY9thzNV3ChMS%^^iQ3#)-B$8ffLVW@hL>-B=kd9ASc@H@QH&92PyWKeKW1Fa@E;5Jfs zcC2XJ-1D$PB;w}9K>+-dTU96oiAXZaPQG)hpw1*Z13(C*-DUo^oegFUv!XY zCSTqS!o5n`<^7`tP*XvRt_5azS$CsZuJlHC+3dSFiZIk)PeET|0F4I2k^s-7#HCZ9 zlonIuj{7I5qMh+Ova5CNqN|M3u+}Cp#nk4^u0al;%jo)Kme!cHF!y8IV@Hm**{!+b z1XODu2+TVDZ>^)>3^N4Xtwle)|1bfrxY2vfg(ttpAUJQ#Bpg(xS3H#O77@=s^!0s# z_ZXgp{%zS*`5)fvG+YJnnxv3nw2~6Zj$hd=feO2FN#_Q*r?r*q4Gt~B(jxM5pl-qR zY`n+;XcHFOP7C{{020>r1Gk}T|Dn>M0e|DxeT`>xYuG$BxpLff)EIY-??M=eHA;nW(YPnv)TDOIP3Ze;P%qkCh|1|ek|L@#Y3$B;q46pfy!;@0@M@{0l5jCUuV4uJfJn_=H@{{bU_Yk|KZGT;N(B!l84z%hH}scibL z`+9?5nx!Ln2uxJfAY8r|c-n{)6^_Jw=qB_6Njpb_`yL+K;&^7GjDmK52#pD#veogz z0}oT#kj68RYVE&U_z(6#Dc7yXk7w5NKoD?2x%AdF{_P+CdY^g7H=cVl0P!E2p@7pt z58j%{gJS64fBJvl@V{&L|J|AYZ*CjP0ja(797V~7)oT&hUG5>?!rMn@Eb~e@E(+(u z{*XOx8$4c!3G9_28jD@7URuC!HyXa8N!dZt(_aH{)^%~XvmQXjHN^mxwmEV!ko&Ki z+D_Gn0^KqUAcsSdBRN|w)liJ~Jk?;ZO!~6upLpbV0spna*o8aLERyEr-djV&;}O#h zgM9S#U*zo$(fLO{OLADjMlnSCnT55cc>s18zML2T{N!J`dCHZbTZa%>ZsA*tlg**| zefl5o5OOYBwYc&&aVbt3;{t;bRq#G;l7CR89&!zkn-JVKDf@ z%ZHi2H>B^#>40@ThcrJ*EvY>YH!tlG%ed_;Xx^y-j@}I|xcBuce8@kr#KAwy2Lk-J zH8e}MkA$;=o_T#?sQ7NboRM;z(R%-xQf;2|;zyyRC--95HDAtMkk$M9Da&W312GUk z+u`u)p#6o6YSl-?`6GXFI!+;9e~&_;A&rZPbcd6SJxH#I*?~mw)Pd2}*_MsEEyHPR2L7OKG6J8%R5V|(>)mS z55jJD59;2j;J0aAJ}x2*nI8JQJX{;5RntCNUR>7^`}6mN`1lV4#X}tRmc=F^^?O|| zV|>^PspA!u{Jk@m`ytxN&SiQyGWmq-pT1GI@10Eo3_t)1Ds}xIvARCDBl~?P-9cX9 z%(ZG!z3d49U*MPY2->3emFEmqFYHxlPDI((thpsqXWIO&6a&;BABG!7O?b=?hKjQl z&lNRpW#F4uXmr~QZ&vi(x5Ur)v^Xz=@}wwBCHyaMp7W8fS*&h${0{`URxKC$@+!P) zaLsy@{L;U17fMIpGY*AAU!*p@B9B&j<|S`NFb@oc@%MzwuAr=J{y4kL!+af0;U3}? zo?HH14e2-yY`=y)8LMi64gUVh=i$G?fTI0AW9{!LWpNql7_cl?Yy@IGS_`?a>?H!;Or zd&ac~uZmqO+#t3Ck0TbGPi6T`H#uz6pWRMR!KQG%rNZD~P{kp6C_JU>&*OuurFDW8 zM;3u0jzglog+=U`QS9;_+6XYi?4I3*=ZIU0{(U;%Egew z6>cw1i}IO|Z^PU-(N@%?**Cvlhu^@gDXhdC39ogkBD-Aw-Xr1+tM9K2-aGch7wZkW zXy%9|9j(lax>dM2ur2^z+$+oRI%E8kKVMmmFhmyVD`;jMn|GTjN-9E(sJtY4P1^*2N zKW~x*^pe&ikL2=+fYEIJ!3oa7_g^nyc-x9zwQ@>ST9}PQYhu1Dtf&!9_~_T-Xa}?O z?e=66cD}vzI5?X~_PYiONPP|xVZ>F*#iEkd>+D=dallg?qPg9M=wn6^6UpMI02a%ag{EBYLLbR;m$Uhe-NiI&WMDvyuJm)^l zwyI^IE~l^(p`>S(+#!0<+$dP*^r-@yFL^*`;51vaffuIw`<H33HR*X~hS7GH~DaOkG9QsZ!gT=O6yA(gLK@ia?&V zZ4fz;*Y~KBipSVg{*TK0ch<-gEedTks@|Ucs+_yAzP>s;FdlD--BSk1gUqBP;PK+>9A`4 z0{;;q0(YA;IA&dXw;=_y8O6%S8G7l}?!1T=8Ta~Jsc%!!j}gHYXnGxkL=OYFk3DM* zP|62h*D74HtHowR#Comq-GX&^x zsyK+~Jy2xi)WHu8@>=wZ|H5B37=P{vdc{dVp2t9=0lQDGuku0chacGOnv+y|AMBbt zf)ec{cEVD6vsE~}IlKV0*K1!R@#up!7BHeb_8^irG*ON3O+C6@k26@&>o%&nGt#wx z40@(cCGY!B?ed00N%bA0b3fBEV2Y=iComeW4{s^QUadn3zQ;D%Oe`H`H5whibza^^ zsv;!^>ZTkI+;@P1ZK=z<6~MR00JhLzKG7DFw@`TKerbD~d0UtJ?`kn1?oRYiLMm_l zvP&_Q{q=2~{R7}?sl3+oEfXn`Fdg`b&7o`x^l=ikK<}X(0LNFX@~UvN@ymzifO7Kg zJXb0p9%ub?S%_{4>;X&vD_RzAI#@7Yp#%}o_C^L9Vj(Jbbm&}zpm~I zI1JPBeWenQXiRF}3MsUeZgh&~5cXdAdBAQ7`qma*ncEVd-G70heV$F6L z7=_bF3fm>BRd0U9*V}oenK$9Z6p^&RKijqr51iK9H}9OmIx&}?{CPa)MSZhD|7T|2 zwr**_HKelo?M{FmN z+~+a-CE74D@I3+ye=Zw8v}}ZzOk&aR`#h2<1(^)Nc!s!VvJkfvydN6}#$80dcgut( za=$GWoZSUGJAPuTvg%48l^|s^zbp5omxy{JA%@`9nh5mU+Et)PQ-e_3ZJ?`pRv-{|3-HV9Rf7t z-8&WWI-gjIqD5+^-WlXHA8Q1WH1dR-R5X9a(;lq`_Q%1Occ~^;1B^#D;xYA{Btny* z3)GT(utRdI2w2_PHyI~vJ0`mSv?T9!YuHF$&pLBN`EmCn!SVjcKH$Z(Wv9{3E6osm zlesL6au>}WdVjQsBN!>?Hljdnn^lRhfgg0S1`1_c&mxcZfK{?EV-H22i*cB8l`@VDEm~IVpG@e~%q#2MK3?Sk89(Ia>mHLv|4?aE}f=|9}pof%on# zyS&kB=4_N078QNJ`hk+QCm<4B(QJ$>?uzGOgyhr``s=;OU z?(vz0J%@4%KfJ3|2KPL!+0cMboCpJ%Qv(=~LVWJK9w3AELL)TJ>t9%_V*7%_FTX*| z%n%2B6Tket}obN*T9p4vNB7Yucuu)%weJEmM80 zYG*2s3)l_S-i}xBsz)AyQL^kE65;G>>fC?rEaG`1UvDCeNy3T&XjMjBF4#c#luo%m zfgh|24OM9G4*Ty?_NJoyHr6s7bR~eHYc^!uUQme$BavrKvX{1U-U}C;h&Mc3(9Qu@ zdDVDBC&d|TvekKvXjLgQw0E7kph#VR6@_-u7`vr&^8!v}O`+_cIY4hO-s_h+df!V| zKh^_iL(sE_RswjM^>jZAY&3)7%7caBC5hFZP|Vl2 z?ZT%lXcFUBI%wY?4>(Wf%pE*&ZJ>IK_45D>W4j1y;Zlo3aM^HpD}q_FoKf%5gVWd& z`FX&JNC1(vklcq8!Z>OHs|Eu=Ej{H+BU_;6IT-8!+w)>~PcSucqiBDcU~o3hNMan& zOIqMR*8HsMNF_hFvgNX+f&qgcLrgD@OAo*Vfl`U9rLOU_f$HpV(%ugs=u2`>KHH}h z)N8(Ul1I++p!)cmAJJ9KQE13crN_tb^@3ZA%N9riG^}aRI|+mDvn}`roEsgtTo$1L zG8VNIF&!tT_f=n55>Y=H)3?hU!ePDnt^BUaXGDjP%K-17d>9SZD8g4%V_NX@j*1=N^2pVXOY(&Ff(R0CJdgu;p?PsqHnt+it7oK`AFSYhGa%OJ=@tH8b9~QOn4iO-eA!WW6_FOpD zDTK69vvpmnpSP+qe+A7yE)bMHo;7OQz#zWfRTpw8&SxS4dxpw7y3%8I!t&q- zj_6=YU?pkecvzHdXEb~LxcK14%juTcqc1LXKiHX~=&#+-e8Z=Ztxhud;JZS0J9!lQ zSSr0qHB-@N_qIs-p4Y@hp^+Yno5u}+Wlnc)X>K{i-J>-neVCjK3!-TilBRTk8jvm`8aXZf6;mBruZ@FowuM1MX#TP+ z-w6zbg&N6_F+Pp;+OC^)kvy0pIxGTbw~LC0=T5X%-{<31p^Jf{OXbnp?M+K-+sSSd z!(hN*(h0n$!uz)4BaolYXpUD&x0`FB!lmyJ5}u@|I}JbKYsiA3(6=rLIN4#_52R+s zwi4#G6ed{70s##Or&4DJCK;rZd?%czlW0Mpd12J}YMip2&d@x z6&*ir0M8nXsITF@mQ9^8~W+bJ3CWrG}m%r5O&%1yl(F0AM^^&9K zLu5Vxe`$e^2K#?nA20Zhb&+1|!{-5}ev|0CRx?=?I%vL%nD`X$fAX(wK zc`KMP@SMOs!fo|x32I%zNiU~3Gfz40@7F)RRz}I4^7U>eQK$wbf~scNMZHNtEjtjl z1zAz6xAP9P7uNKRUOxZz1HRL%#}&nE`@A=hg@-AAT(Lvee-2Oa8Gb?9QCCzmZQ-_Y z$^5omm^WfgNwmgAa7=I{;dmn$z3h-fUFG5JD>Xqzh6Pip@4zT;(^z(*?SlS`R~4Ni zICo@IwPl{H$a%&dIrm$!=f1L?&ykydIV&Sa$^i3!lbZ`oMLsFXUZK1#%%zkU;H5y~ zAI2RGeo8Nucd+rRpSuTq$$9hB@HdJI$Mm0?PGbaaUmo5Pk>t5-eCPHXF^|$gyTxsF z?^h*(F^drC6v0>Ye*NAGYUo}fbnVNdgsiemUdm7Mo!b-*!b2IW!~#obL8XZyV)LOL z-FvXRZK4I$T|*R)$L1vFfFjUbkm(Jw)fbd=60M|U*l!;;uYO7KT*h`v9v`$b;9<^- zoPn5~6B&Vu$swv#AwhWJO9%>R8xZ=|66dxFji|`h;+ri!6+~tCzn+FLOu7(_C2Ae@rs}rYl$n%CM;qY!3eg7^H@6RB z&>7We)mwG6ur-M#j(Y?LHJy`}YY>j!Dve}cyz2p-HBp1#%|3}C?;J|(wH zuDT}f7ZjmRXQP?f&@{7fq>56BzXz))sV}-h|KcoKfh=~19)`M`I|*I85+VVFu1PGx z#M5NrulQ%tVb@Focgtt3t1PZ7`skk`G*=?@By%F36*NV}o3Sxfl`&v=zD-at@C-UGs7&ve%r$rMje2V`nviT%c0#{I$O}{LM^4!6z{fdpx#iCh&IA>NF4zw8eT^Wrxy?YQMwiM3NJ9A-LqZeSKtZ%#{K~U;JmLNKBHC;61e!5E=yF@>I zz$&?WcV>i;snmJh`T%fNadAB;F)7XY?}^r>!A&(MzBolP8;EwEd#Wu*!Tgn4JUUFh z&ksfcqfAbijZl_FQIYPE|Jv}prx!3++B!}4<-m)~sT{>ym#U7kHG5ygk-M-*%{#yf zWwVVuzN9Z#CU%CtrF=CBj)AN|z}<^kKfr3cE74=_ipus?eE~_wlnyQ5Rm^4o^WQ+S zG3z?!fX+5fPk#-gR29D5)uVn(z>!AtGLNftLLl$)!G@>#$*>|qd4-XCs0VDy=W{PK zu}H%^{4R^Iab~Ri-8$!?trI-);g;!(e_$dX9ur1=da|cTeVslsP_LT+8a$BaQ>2}E zR(Gq&pPfe6m7pp4Zoy>9A($m!dlOg?hDZT7q%D||uS)e6&Hy!f?b>KVp^86OA1NHanM8DaqRplV#Ypdp=TQ~Bl)&#vUN7HV|cdxKewqS2CS za0ArIYi0DZ>48xTs8XV261LBqQF|~07~}1^R$czsXf=tN60Z|I>*>C)OBpaG&3OG^ zJ7wX{zjlhJ+*?@@I6rCww`_ei9yZr zoB3^DYc%y+?9n3p40HA}9E^I7Z@U@2FMp)vTYs54wfyNG!VT#*ms)SGb;YmYCQ>nn zzTjpT@)m#>Fgmg$^p*l@wRqNmm&%}X#}a#qjFFC-QwWNB!KImPyS^b2{uy! zxs}IU_y&@Lh&FyUx)hC%MN#tx*VCBDaNwj{Q&6spAUe-+N}tQ5cgZA71m{WI7R(-R zN&>)RNM3i8*87!K2wsk*AR1zi45=Z0tsqDvI8MV~E3!&6J_;mZB(LpyOh`t^a97!$ z$<*L;dMpGDMFd?XyI&uOOB~%QRkJV0N6wqi8?uymqlND#rm&iFeo}uXjn~M{DXHgT zNUrFV@v|PNDS&ykYDjPtmcMcvD(9t-ijWA8NUlg>oo$-m2YmcCQ3@ULLNDVTBF6cd zf>R6_eJM>d|DTB$-4);3u*`93l#*I|!v;^3Y97GFQ5uw_FvnPCOXC`vSFUsnB7OdZ z-%2Vz1k0Q2(w@>=Kb_oNs%t26=d->%!&gvU4%^mmW{(*56zXoVifKP$#eVNN8n%&z z7ib39AivnX@YRWBQ_0bxcp@ zxIG$CH3{!Hv|lt|oQw3nN`k#@{e?LWkJHp+QjJfj4^u>5a$|c}FdWayHY9shH-vRS z@P)GAxl4s?6_GQM-*u&HSq3QhrD|9iXg=z{sz55=ifpyauuet1!i*1?8=rbjv1u~9 z$^I+gNT+F&%s*s+C4bH^s&<2DyNOAwA|8^#BbVbE=r>Ibo0VBdNd^zW@LPY$d*ofw z&X*+<4}Y-fnzEr_i$t2sc7Q?JE4wl%hk{0PZ9!VG71t#$wcXJx&Mw<55hcpvaD6{g z5y|*`k#hecpUms5oGKH0tq)OG%r%Y_WkMw+(9}*kBvl~8tp+%3-I~5E{Gam(l2bpE z!0RMX5_l6z0v9`@f3@Ub0_h$XbHuM=G$t#`GI zkKBakig@vUtJ34WxlZi|d)R($5$Ma6IRN zoioydLcT_GBd|)#2OC{>iM`C4-2u)wb2JsV`6A-7C-92q=F!w<` zF4sAE+?Y;o@|^$XH3H3my#w9BT0l4FmkT8ODDCXb@xmeE_ACp}8f?Lha-o}>XKeNy z%0B+GxK+n`Z4jQXORN`2v>0uue7V<8Qx#>wp=g&RLlR5+iN1-62~##;QswBCZTQa) zsW6iM4O@QqHKu~DhEPR8Cj9RmlPn9a&Rl$Ro?9N(rmWt;=dq+_6)V7$)^TxnATzCJIwHz2_t{r{scgc$aM{ z(iyWl>6esN9C!azZFt60C92E}^(ltk;b-qV3&u9_1P=;UEy<-qxrnB-xUS!)iaD9X zi1I{8-AThGg7YrWDk=xVCs;3G!Z~}Gn?Uxf?wFelRd-jqM1Bxzs65$2H1f>Q4!`C^ zSSGbL%s+B?$UaCcUx-F;P$j4ASApJ+fNQ9t-JSH``FXb#bS;G_roy9ZHPldMJW<{U zYv{VQ8MNRgCqviG77@`c5TLU^#J#i6_4FUrY>ciUm4-dJE8pg>TZv+vZ7ToK6s$;O zQ~XHbE$P#7Cc1N;Hypu38EoV~8U6%Q?T~ zdrL;v+ZwcZNvMDgUGL=t`tN+e&G^3@Gy z@TH5=&s$#2niga_VB{BLpC$9kmYP@gAzC%rS}>UJ0+drZP#VbGrB5&P zBB?=qWzVSwVm^Hohx?Pq%l56Dq_HPK1M8@djWnl(TSR*%ZM!kX;2+gXAf$NC+;W}) zPq7DA&G|&u^Z*=znGd1-k}Cf*`Br66k8>#34|2u^57#rZV7@4Obnp+}zVh@9?F)O* zC=+N*Hlu+0ukH95AqCsgFD&6RB^;FuLpN=%r2qtAu(+#ptpvgIR(0TPpt3?fDfUT> z&`CMaeADh_mpK${YtXHfEC_qBJjAc^c~LiJ{L9zjIetfM!CU@Y`fH+-`oWqm;IIQ3A+vZ6VwD( z8S3b9z5Q_ht@V_^#I%BLT|%YGn*$2Bu_riw8>)O-039qb9%3BOutAF(R`HqC3C*$q zdo5nh^sB(-aAwBK4(nu z_7_u1h^M;XASuUOI`=zmxx@ND?vsgEV7qVXqo1lNXWD$ibmnY(O*p zI|C^K#xw#jkE-DHv?HSyQlpZ;u>lGcS6$byZWA78ZUsE(|FM>RHHi>zElDE5STZEH z%TPSBm&$~hYMzgidbX&zL%PsF&h2Cm1Cx20U%g1M=jh%B{aQVD=Kj_5Dip zt%W@f7f*aacqKAz8~$T@c&tQ+TdDJWFM7NvPNqLGY+Oi;EoV}$r>Wv(!K{hMd6ZRL z4_vxN8?Q4oM9cnt^0 zda>E$-)BFU8ySOS-I8~?gk=hX5VtrA))Yf6DqR|b^?bu_hB~JofM#Hu{4?i-X86n$ z9BX}HQ`DOlKA#?85icgZkef-}qe|F(1i5Fboc2_dj((P$nX17g@JnASoS&x3fj-KH=tcKy84323~uK@m(CKxWr{eS>5cj3poLW7z?T^o>JTm?L%$G&72d1AS!Y zfu37`_~aUe^I^Z1eqo93|4c|op=YL~+B)k|IQ&Dt>VDfKD zTt`Fou09^*4uNubgI{a*^3Eh(_gmRLj1u<}BxKl%V0yg`Q4w~=zi>mt>s0*D9?X!- z63ghgg;F~-lh}e*t@Z6d^67(0el{x6iQ^X~vUh&4ccpiP#j;}wG=l^;{yh{_7{LlMMjasI3L z7HAZInUQukX!49aK&|C8OER4JuTbx3$fC$#Z;aE8JEeo1OdWCj~ba-~~ZUAsT@NIGOE(mp0+;3h8Mwq>(a@FMopL0Ftg*M5A!S zozM!;ZyiF94V_TD=SGIN8aYt{YrD&u+=r?%Bf$>Il$=X==S89#Q}T|J*jJVX>;z#V z60B@CBdB@eyS|xXM-E%R(O%Ajq*WTPmMZ(EKjCe<$X5-CK}IO25LT+aNHGK$Vp>3+ z(aioAEfQ?+2h^os_gkdj9fMk9)y-b(t5Fh{n1-o-PzyJX&ZQCE=Xe^o_ZU~r*NCI3 z7A!o-kt~ZHeTqK#{D$aR^4?NBZQ*Q6>blN*4@K{)d#GN;i}olNBy*@D`d#3(6?TLt z#1?3tsN~(hyX^t$&%GtBxv4le%r_L#V3h$`oX9DSgyk!h5i zR}Iko>f?y=Xw@-NJpP;O+&Wc%4`q^Tb}doeo{&?oSd?>g+0B{s{_{X-Ce_%FH#qs? zCwa0<#E^0W_O{fQbOH$cW}(h_qRcZd2HkFM5aB+`lMN$DxGuD*HF8x9{JsI*t{rHOo{z|#X%HMj9{ z7%x)hBM=`ZE^nlo&7HqML4u8uF|XJZ;JFuwy+5obe_an1|~!dWxqI-DN^H&Q|={Sy<}$%}D*ObD^daV$wI zU}nr-iK_->;|MYDjY=`r@cHTjo`_xxHh`+_uh7~%ANn|TErn*RJgI8-h#~aMSkiU0 zm_+29)zuZq`ACQP^5|v6vpHEcrpIgp^>_Cp{%LCG>sl=K6(+zA%Y38>-FR`1@2VRte82V0H$en&&^9XSEqT7eA&GV`Bz@5|^czs*H@) zLx$vyv~N%7h|XlBk}IR)7+$jn=!9}+P@fmLhm!phGa4B{%n;d*CVW*hDHyRvB`s*^ zlepw^9!tz4ouHf|HXL2LRi`g;msK_4GmlBDaxasjSy-?sWr#l^FE#lGUL_DH2)Ci? zE$Z5d`moz+V`M?@O1gK&3p}rh(&-$Q|3fOlsn#qYG7soh%Uw^*+CU%5pOU2szbbT= zc(Xa-J7BdG8wpM@xaDqxU|>^_ZaFtqw)p7DFfRbllN9O5isA%F`Q#wf7N z2bo5_2ch2U&c$YjYHyJ@Ns1TjqWWE_-<-CuE&oPS8GR!KPUlM>8~iCi2R&eZjejG^ znGkU#J(WZ}FrZz+N;=yCpZWZl7@I_pb1&(fa&ib9h;Pz%n)0U*kXr}Ul=GkZ+l+9?GdurpUI%u<;(4l?js}MZ z(qD)|-aXxeHHuD(?|p^=m@c~r!M7i@JN6>9U|#Ey%UcwGk7RB~jZsQfYMtja0nMwa zhV-2Yt|$qhy(NTU7~YdF7e^|h8DBXo#2S~)i|8U_9;CBbmb?rY5D9W#VAUhcdEUKq zEj4bEEuJk)Hb?1ifZ#h-uZ$|25IEbQ&egCpovkb~)sR2=M(Cv}+vbyI#w;_zuLWhD z3#yWb&UVhqmb54#EaOdMaa_DkBO@;s2<2{`cG2>vOy?%GRKcsI5c@}*>}7B&82ee) z+Vc62vDC8-b|hfUq;IGVc%Vz@Vq=_!dCX)*bYI(B6Nb0D79gM`#TLx_4oJVIyp(s7JsYYR z$O(-wz(nldMCzWO!vK99#xge5^94RMPhW&w;5Db;lX%pi`ES9ym;)NmZ~V63$1c2% zS!iEok7lizxvXEs_qs~gs!moUCv-5coe@)LDVyRX@t(pYlck5RfcvFXBwkgQluEBD zCf#9osO`$EH<%D{;5kl&uZ}Ry9-t+*O0s#0w`6n49;Q}pnf9LCqyK~8ph@P<7?Sk~ z))ZT*$ue#SRnEVB7qA87w1#sN2(LP)+frmaxA$sZy(W+7waqZnp*;Yh3a=XHV5;tA zqq_&gF6(XuR$z2FdQUTo$ltyA7AS-k*>oNpnyN@w>Bnt#_?km)~Mn7;&RLs6v zHHI;&%3`Vzsh0nYVCcE)o64FuH@(BlkjyKq4g>xv647L;Md`}%w>|<=rnkiTR2LZ) zV-x@a&!!(CHh_!Q8^5mjM=Kf1Ow2I?+EAKU`z%8P;rTxHd|^|c~RA@Rs+zk1>=LFtL^PN+{RVD8PU zK;I#;XGiHJ8{!tbF9xWU2-oMga3C>NW~rQsmSt*@MaG|Anf=H0!<|13t3 zfplE@89c+`KDZ95OmqziFbVTk3$2e6=IkxerihFg2czKb?34nFwSt-T%BZN|nC1C$ zp=T0n&1BxXY46vQCnBUM%}>5#*rO$Qm?Xvgr$7%l{}V}-N0Ftsjr67~s$J}vZ+DB` zl{#j~655ivW&R~a%m1jESI(5`Q_n4BtCV}Fz&WN%BJf*#c3Mw6-Yq`%LG!$>^o3bE z(SqWs5-)QqqMNT|N&*NA8Pak)#lRM=`gecDn#VgoyQ}b728?FZ`LBhW6(_qsR=8fO zbUwm`4<;`Z)h+CFrYf2PYC!(gpih6a0Df~JUfv-fnRj7;%?Eu05<<)g>IJ=u333@G z?ToMLCQ(6(D}tQP^?!aA{LJs4<>d3Zvl>Fo#`9Hi!39JqaRGIC^m{!5rw9kq2_8#xkjLaV;7ab2jh|_x#2F%HcNbpgo&6O&e=;mC@|-%9Ms?lpRkj6;V{1L` z@ig-@)J&Xkp9y!@HafT(H9=9OOYwWNA_9IA zHJC9yWV%EN&NC%_d90AI5okge;q=9MS}UU)Y*_ojSom^9=h{uSgpZfE>UVgBbN;3*_UM7&o0QF7tgwM`(+67e|dqV}$ zm+~O_t9=8$_FH~_V&*qL0-g2!&2vlftI>*hASGK_9G=O5X`)I0+rEVV^K*6Yp`7Bn z$+Q7i+mfMo>9SToS+Hy)Hal@oPwh4*!HlNt-s7|ar$6;_dDcc+8r9{+pqXRq_>d2`k}FZK&vOJU8L`OO_ye6P=UgcTz4uqff3 zDT&^&UBhh0KlcdRl8E^UgFE~xaUtkZ-%wA@`=5&R-;Kb9O|T^k$(*lgzmL@bn5%TW zlisZL@frtU`qBlVR@N0LwHyFSj(&Sk(>j~J1l67{3zn~E`q;mXPcI^(TVWGx?(v2{cNbBMi$t6b+x!nn{`>ou_+%L2 z(ku%+xl(n3=+}9oRk!gf@#z78=EvOvtSsf>xWj)f`e*jhpz^(rHVMWEHdrv`MRLhS2xRkyU#91Qka@q z5@}pjMek(!wpZsDPhU}&>@O6{{VPaDG?^A7#lI14yBTur#XNe}pYxl@_bCXq8e#$d z6etl7+jhaF^GsG_3?XLFrauMcsVd2T2YQHQ9hikEX>2*tkMDn0P<{HJlKS7DSrLF+ zC8KU*j~y~z?KGzKUmp}b5SNw~(u(}4SmD3^_YD8<$7hXSlB`!xf&6Dpq6f|)UP{R> zHT+B?Uqj`;K7hn09?&#nmHdMF?@$jc_0b7Ln*A_-X<|`|l<7Y&bH;+`NERI-zDI@i z|N4DelqdAy-S7k#|N9t5JR6Z{a2&iO*cMq-c5(X89v06Ab=C4z%2plIGT0Jw5{>-9!D`}9~5axw@-`4Gid&@Z0*Q|px_ zO{)JBF;RB_Zr67Ry}}}*wP*eC$ub(c#=hmp#IqMnV~=q$?@uW6W!@rGs3Xs;#u>!i z@cJWej~GC}0D@BY%`^~FE<&Q%eoAM3M5Zx4DW=R;Pn z@eDu{Z}D~8Z*%u$_+>MKE3M0+yuSrO`8m?GW$}eYf|elg2<{G`wv9j#yBr}~oQgg$OeibBbZA2cO1A2b@I7%sQ2X_4 z`}`chbGJu`KS9^U5a`FKrr!y*qe9~l67mC(yW2M6QjOlC8$oBm&)^{kz)*(WkZYKE z`On=Y+^ORCX|{c~@1-61En38NPR52Jm5)a{`{tO$o1>p0m zqvY{4@GV(8f+_aQnvl+|N`C!cea`{2fg~p5jSHxXI|7tO!yj(@1%7u>lBv@R!`<>l zDZbzxlK1)+yM>8{hSV1cEMvZB0|C};8i<5$Q8&ANJ(58}0~v2_K3#Ea1k&JJ888Xb z4Bpy>6POaxQjA6@Ll+U{(b#KX4Y7qV*+`B#G&2q-tWKo%9^|$MD$P07xExb!(LzTPl{i2^0Hm?B0%qc6E!Wwl)Keoh>tmb?fj(w4 z_`^9fzicR-e>n}u1G>0qglajtr3{RKNg`rrKJndW5MO{maRDwNwXs!Vpvtfap72b= z)auc?Da~!FyUVAt!c4c1-k|pwDp?(-PfB2pqOZZU4%X(MD$kkljqjP?G(pSY z4gbQe&gRQ0^5Awf^!6~{RV+hCGc81UKx}5Lv;GLq1ZjP+@;(qHqpz*oq=nJ$)1jrDP4>}_{ z=U=UF9j$CNA&cdSKN~B)-8I2~B8s`(gOkmm`AIk<3bY?yfa6j$8d=x(%VvHiA`WsY(CmM!VPeSU_j|0M4#*-CxWIus| zU{vUBM!uhhW*+`qDkOsKGSjI8g1>ve-Wv^dvms7y1qwhoZU~E%lOF&|h*Ljnk^Zdz z5)wcBJqN44T38)9mF{=0r_*LfMUY(KhpxtKS8DUj7wA3#?TBW%7MP&<7JL}%{~Lzq zR&&Je^9N*eNDZIfg6v1leDyWKcF56NOY-~N@i7E(8cKkxsxq4sQ+pHMLZ=xo&q=uL zX4iENYKWVMdSFgqQ@5BGMB;Ig0obV5a(}a9(#visL4pAU6MDRW1I&`xg9TyzWIjsD zYvKWJH4S7OZ8LQ8MLwR2qALmA=seNX{=fz2AX(S`2OEw3@157*cCP5(U-;i``Y%9vhqwB}U0PrpKv2#Hv|LxF zpf~pT5-wFMcvkzQS*I4wmo{#DxZO{bn%t-hd!EUC(_9 zcqX^`(S{@TZ-;6cAM|ctQ*0{1-v{2yz*lVj1K6#t1o6X7R5k3XZ^aVHZ@K~HbdUc6 zXuV|(j>q@uV)CmyUm~MH!HqL=i8gm~HlfQE3q$Ml)d7|vzBC9olDVI~ zU8l#bM80hwxT6cW8vc-BgC4NvvhdV+ji{Xe-sK4PWI~q4300Q_V6X$cP)*dbvfk#oU5r zLiK&8nmcM4bYrsZs{fdogu_@4>CY&GkF%T-Z1U}FRin-DmYrI3+e7LKs1GTQ?!=DF zTO_A>EyECfXoC2drIgD%tYuc8Lff5N4qM495iHgtLom$QS{{uoJ9SIkn&$mo@BOhr zf#ExY8;ngemG=hywI@qM%_GLT*VIc<#J+jfVpy(LH_GACByO5FIv)OwS~q0yr{Bju zo|vmYy#4CSa@x@#QWisSeEhkP=hDu#O-p(?NJ*+!rngK`Y+#3X@ucN=@RUP57Ihh- z1Nx=EGZGrLcB)52!l&gd4KNwEqI~L)XqlwN~{;$Z3bh_AcnnAjWnMt$nhHuU=z&EWJ{VB}3>bmLau z42^Q9d-Lp%nXs7fJ0;J$dcq&nZLl}BmfFpG)%`7Ga6(;be(uCSLnIEQ$Pdq7-vW*n*=*(P_sK+>&7XXS6FZV><;HbsFvDlE*qYZfubpsg#I94E)*6}ik> z`c>i;h1we6j=pgR8@@Npo8CToTLXKqU`cAp9N8Es zLHyk|%#?V~f#Xlb8wK`}R$5*0ETaG+Fv|FOHgg)+0D>oa^$83RohBp=H~dm#`3>xp z3>_Naz~E{u_#uCm+fI@FcmP2n=?GB2Z6&|4F8T~bQ&K^M#(zwrMmi32b}Xkz-*y3& z{N4|~sbFa&%ylq?dbAtc(=TFPgHUm8R7?KAl5D@`g2_>d)On@ z*zz0A%lLZwgpH&1vWyvFIb3brGAAjIYrH`S>&mgI2J8Skyk+Pt14=M#AS;nvDG ztzK6Ll`J_7D19>H}N!E`j9`Iu}7B?UWP9Chwt0<(1Ik;nlCpXBC?P0 zmfbP;>N6*oB?L!<-9)T=2TTvUA$$g?7}7AB+5ymE*U1dqvQ@=Jo|0Um5zGz$_F;%U z`_6Sye!Bx{rZa(az93^c&7>-E;+GWKuf*m z(@0O-x;Q#p&028QKOi*^R+P7lF9N#7>c-mPXT_Y$Uo8rwYFGABqz&&r`B6#|-2Vpr z-#DMmzGV*b{m`hC{Bvw1@<4higJBPA%hUCOx16`ToQfjaSkuLB|AM!~n|U*6D%7n9 zU8wGDOdO9P?7A11df30zzDMq?Ryf_P`9iKlY?pVBH`8P3r007Bdm-)-icysECD>3< zcWR%wSR1Uv9AuciuELp?}+N#hNI zV=g{G@Cmocq_~qIrFb3UnM`Ctz_5_iLGBtrzE{He`{~E&h$8f=Fz`dUPzi)1jz%lx zS^I|pTr`#MCAdMsDoWc^0D3GW6uJOitPXa3tbGEAeRqB z>WOo-6n@^*z{kFLCIp03K>{+$1~Q>|p<@UN1+J+%v*heZDd#9PBR@jS*jmU=HqNw# zF1y=E(r(h)Y9` z1ETATBTLdE>KP-z86S)e>j!!2W-rG#x+}E6kvV(x%XADLgW&~tn_J)*$qP8)mk(qG zD)hLoc{@Wlhr;7R&~Aid6v)cyawCNo(x2e?)d<Qf-rvizj9t{k6zQK8J@Hs%{u~*@kjPrxPyYodI4a<|L{w%!(2qn zi>KHO#EA|)7XT~U$~~-(Tge@@8`QFjN6&o7<)YL>=t5ln5RJAcNX>T8gd*`uO$jd~ z9I0AUOXvHp)>i(O^;Snsv^%lQi0Mp!!Vy)kcDE32Yv&R-C30Zqy2eLMn)#yxH20rC*#ur|vQz18#ZNew*YDd9UIN zxc@@Xhg-olNL`8B#YsP$&%~FdHlO!CyNOs-UHWd+-^vfr8lOEaUvUyHMQNQy7sJ_p z7DR=gJ%O`LQM8jlJ3{>;KLID;+9$3?H1(XWqH?+=Py))4>Zt=C9Md<=H`D{Bqnl*N z+v!_0QfpjdyplEs{)LO4<3l65{KH)3o7?UD>=j@})USmpw|2{y_!ro9aoqecQuCKvkSc=t3@?2!7iLHew>RDL1kdBeI11S#SEB4nVAqz+q_ z-&U-}kT#rb0?Y(IIej%u5eqB22t9&h#aAEqPxA69T4O)uIdJ7|f5#6|ubiA6(GTx661E-s57=s4}H%0py^7HAJ$W4@9 z0^^aViDD~o|IdoX(;XKNrOcVUeiXCjjXQ&C*M@vNte0vT z%1yHPfGUog$d@b0Z9m?aN@uxj#AWB7sEe3jdw=W40@Fr}jvmIQh3(2+fgGr3q>&R+ zH6!_uo)T}U3G<Ut&< z$d?QG+S9nd3wu>Degr{KiE4b5M36C#gA*!#FjA;I7Yg6Il|VEV$zr3ec_2b>eUI>x zyn2hA4mC!nAJ4?#BJ^gSZ6BnS(;;>dR<^?G%*PH37(~oTMtorW_Xa+ zWAkVi$96RpZ!Y1ynb3YQ1(x_1E!`0@>)%bL)5f##We*b!wsV>XeH{3JTQmOG9vMLh^N- zjsQP|kpGMlWH?fj_m+;tYwPsJH zbVM8zZ(@Aq)d38d*7rZ)gOU7SH;WXqD@>Ip-Z;ATeufjri?TDewmfDSCx>z2pZv~E zR0omT@oZ|GG4ni1 z?V`Np_In@Jdf52wXCPgcJ3sC_;~TLXh#Sr$i|;0Ke>^a z^ds3BKh9w2E?@MMLBTcS9HDc5l)+=G60Gu`L(+_taHQTO%sPMCcwh6lUc5mX7 zcVOKO{%q`I?TD%GK&7~H=Q-3{I`x$Dn!L7p=q-75XAW&Q2$UrEO8-IHb`&DBQNX7A zA-YjoO3+pEs}UOSV(2C5h5AxQpEUA?gv(bo=2zdd2&O(CF zR*6~jR_CE_ULqW7gI#IUD>Jd}_x$H+#}iYOE3M3m9Otj4wD6BBrCc+?jaa9z`B81l zj&K<@_u>I)#B#<`@VI3?I?Bl#aX5Qb3BY-myI3W3R7M4}jKJ_`nrc!F!b;RmM5@!>h5-bUVN&fXbR&LWg zYFt_aLxCQ3Mw>aP@?k73VO#OeLxd&S+_49SotqgUK$hA$SjiZtvV1dD|63K+ zo%hMyUDXINWO0gX-B0o=jG<}LK?nV6(fa4BaQgktH_=~eZX{t0MakjVQ6XRaZwQI7 zceu!R{75cB*yzRf*B)Tjk$F{*7ko@ekj;N3TYtgZvX^@HF8a(loo&p5h*E1ylAl~W zA-HoKotc#ROqg?nnJBr#V}Qn#=w+OR9K*Y~Wpt~s<7DWA5TXZBBMngH70(MtM$8`+ zC1|Raa@3UaChzW0O$ z5?>6nm_#IZm5&~CXP{``{tyfd6N+SD&}Uvf{b`RlQxu<(1=}5_974u#*Hu(ohvVcn z;kJh+Ex*|Ng=H9~nCMu5+I11og!G{of>v_R>X(+&1_Y|<9*QAJ6S;eKv` z+GqTxRWm(oXM|@RqsP55^}DN-WZU6B+!(#3Kv-Gjxkf*1f&UX-o0sEbKmB@t*k|_F~ z-nx`;B4w05E>$}?gI*%?k|T7I%~w$AVYEE~;j!lVKVb|^Kt5dGK#XO_atmim{Omyn zfs&DPI5WG`LYrpnuTDIdZgb_Dd_R8@+Xi(}_8NnqwH z%vd%Zd-4wUVJFnCQJRHs$3m4o$3%2Iz}Lr0iJf6iWsk3*6N)O zqS)%?eivET ztl9_~2;nq0ZG>T4JV$7rEf0nh`J?k#SQ>#{bfbo;kx?`^8@9oA0BxGQt^3Lz#SDPwvAKVOV-CvILDuHfa#Ko2}uP zrAHYzfmLq^swg9q$4!q(k)K*>v~ctQG5kP74D0s2K#EyyR||GTQWqIzBnykQlo#J+ z_0gNEHc50CTc9QNv^C)cj_@Vzhia6BCG|t2-*wC^-aT}$w|0ehbxf=*=~kTjxs4O> zUQ)wA8*_s3!pv-iI^C$fdpC<4jowl&Ks&8PRk-(M_`qD2yU)_aSFt)?`;AEo`;q4C zq{=ousjAhh?wN2dD~yQhukih|>!zL>;-J890iwS_C*_;Hmr{OM&;2a-o^x$7Jjo!M ztg|g1^c%@36y9?B-&Bt_X{#iChkK5zzDVr^;CD1KDdE|el6Zy1e_d_7R#~er_yv_u zcN_%ys;8{>lamH}%JT4-?glc;QaZsX=E9kyN7Kf;nWkI!vRmAZeJH=Z0M5GVq{@XSBdCcPm9*^9P5caJD+ktu>5(s82hu{$312yXE{?oSH=Zt!?kO(= zx2YS6eBnkA-NpXjork|Y)4KJ|+?T1RFj9o4ob}Gm_w%a}-K7Sydiq$oiejc|<@`+n z{MqxkRr~FNl#7^+oP*gzM0}sSs&~NxX~m}7=aiyl9A~i&l26VFk6=RW=I5EfM$;); zjCynr2{%xs-+m{Co>w`IQQ|{inAUgH4W3`5dGtg9SHD-Wo;`mPB15H4_a@kOL8du$ zhJGBHz?_=#t&b@2DQ!l@WXcme7W(m_D+L{hbwuet&pYZZT)hI)sm45%1|c$MUVS@oqJiv`sdv zZu<{CloYwiv_;^EXZ7vCLn+_++$=qSYj9k#(`k%nJ9xy0RZ6gl?hrTmUS~WWMhX&U zuT$<@*t1qR(&InsJ#57Rd!I#|^2PZr)(N)Fy}oRZImu9a_eRr*EeZLo>to^?lQqOu zIdPWLhsf1mD*VO;4vq5U;3bTe}A>i+rX6SJN)M+SX_<G> zn*z&8B8Q;v$M0jjBLayd4yzZV+|F=zO6Eo+^aZmL$=voYsu2PSPO;#;9QN0e>D9sT ztx2|&X8;mh3SqZX>{z-n6!KD@kJ}$rpTRh@R;fk##g23=0uJ zoAE>3UT3*Y`;S1)0CX_)nlG?RO15~-4Q!iirxs|-=Ur;SNc<0kkNxq%!t!Uu_*TM9 z0g?>$4uT&OuR58vb_U*|$Ly}V>xf|;B6g6<1@D~0Os#1iM#bO#VGT?D6|<>*yu%_AV#Z6FjH@lpn%-tQ0AnF|{x04@Adghb_yH@zc1m3kH;`a2G*tf;l-QuQ{yHj?D0TQJBvP ziom0wl526$t`2oJ(lB4addyfwhfAj&fnJH>pxw6Tz0pAF%k$=AlyqfiG?1|Nl)B~mB&p@H93i3dkS~z;bY7KxlZO9E$mfk{<&)j z2vuQ(N0qbyeJco_bG9std;>M6%v?OojrNCpQM0nul;lAl&J@|#)J_p>stZ>fK-nMl0$;gg{7%E;1rLGrfn`l{q!gL?ldW0bczle>J3%X(oIG|%n zNoj8_&&~UPovRcZ%OMf<+@HcUZD|*phZx%W_ghXnO$?6>!`Eh7+HB8H$YU_b*1On{ zibh`PWLF4&E+E71wAm>{#EIMXs>*yZPFxvM2=sBa|L{zrH8$3+5_vVVYW_WfeOOPlGqAI>$&1Y8X4S+SvO$g) zY+;Rq=o6S=K;z@~jwuxG3h=it3|3pE(j&Xa-$-0I=@sW2X`;pBYDxXbaUUPy`Z5fl zg`$`uwl+%nugCbl@EuZzZLWD6h+!?KgEa7g(9W<8^36AMI0yuPz7X0y|N@i3+C! zyp%Ig2$|#d2$Q-28mE=$$qY`#&aIxfB=S;A#uDW&E8V|p*G1oHNk~VyONKEmqlaa; z%}s8FxbU$`dynO;p^`sfO%yqN-N%tWTs|6(E2pFaxtXTlW^`kbYjq1<5v)>rrYiO) zMH{SmhWAT}ochN1vMu>!ndU76%UUMY*vcwbP#8L^J~9{`)>S;vJct zN+A9NP$0a?6y1U6W6e2liHBLJzX&xj0A(I0(9$d&NXUI^Kl0y zU*tOgQbG)Rh!%s5$Z8dAAl$_U%|uB3NuRdxe-yLU}d05+V zP*F>_eu}_yAna!qUK)PZ-xHXbn;!Q0x{=bHNDqArk9zqwWbGm1D z=HKLnP%Nz%K^5dGrrIsv$6}T@GKMvsw7!^WwzVfKT%TLB-=(Oy+u(yA$x@Wt2E#wA zzU}|4`sjB>|C;#s)A&qCzDTV+v6v>I+ z_mpZXI}B3C^2EKCW@z*b>fM#xAlN3;KJKq%CP(*};Wm~_K9xQ!D&d$~qQKPHDM6UZQD}k=jsnC46 zFLB>{#Dv-~<3)eMOZ&p@r+YWm@VA4;M!1q-7~w{J%>eoTyNR<@(k3#vpcWe8GJej3 z8$T7gIm$TRRu$}@Y<&p?jAu&+7-3H%gR^SMdS2b~jsPdEM;}`MgtWy}raorvYkzU` z3I+MTDP7D1&-c6pz46z9KZ?!w`g9YSE3!b<;KQwadOxv!f3T?pzr3m8&MD~5Pe1$o zfgJm-%{OpQ-8G$pv1oLJS++f3I@>9%BH(IQ1;R&Ly(L-Cn&Tl5gzn~Y0P`j8eN1E| zm1O+%ik6eeX~oWSY)OcSQXcv4=btGMuoce9(g+37zqY;|RG5@JoijS*S3K^$?nfEy z#6~h-2T6HEfB<9b2-@n7Q)q5Gz2lo-2ZSKTIzTZW!^R$t5uPfg+Wyv5pnAJ~}rv+*Yd z;Wj|Tr>UknY(|MiVDlz~mAcOG;O{18dRhE(!=7ILm$VeG4`gT#1RrAP;|p3szL@>M zM9;hOwO+HGG?-cmAYt_TQb5%*Qczy-%deei+ZTiOkw% zS>p9>QA)671^_pypBHU6mxT<=^oXa+o;R!Lq?FH~xOD(J!h@B!uLZ!S5JZMxawN(s zK0~y$QO8q1nQYNxvwO9`qqqrSSwpLD_OE#G3Ug@3mB~Ms8Nb1^ z@z&3_2xtI;zy$BWX$Qr{*4| zXOqT5lL{c?0=dAAjEB!69NTB$UrU?F{!l}VqW{`xlDqTk{!bsfgT_raAzZVcoq-AW z7;KMqPR$RDnL#P*r|I-$#AftObe|tUWBh(cV;l9jhOcJsvj5CX$Y0+kKd~rEG>!=n z;MzvGzTd{KOAJK-AU7f}5MF@ogJ@gotobp@Nw~`sy6+pn!UgtledaPS;`whQNT`(nOY9QW>vuBxLG?t!vqZ+HwCY z%#wc=|995sxnUmvTK@I)p=`lPPd&+rN)JH>VEqS1t_{T7aL)svrVd4-tV%yomKX5U*G?Nm9d!T9P9{e|BY?b7e+)vVbr3SWuwb&q zZ=p}+OMLJ^BElV);McyKTt2VEs&9y~prY;KOBWx?KV^DgUzOHj_uBn)Nn9>+LdGkp zxR)i!qR73&tIS0G0Sk*yUzN0C-FzE(iKu@BWsVGX~pl z&=SwOc(v(HT&0UvjUN-Hdsk0DPsvY)qIioUbI-D-3|pu_*e=}eDfow^2u-P=%+F_r z$o_jDbWBv__Dsva-)#TW$(gd$$u2r+aT48Yo;e#ecEauZxcR0|s2|AuG|$ZF$D_i1 zhIJWMZ!6x${1B!}$Lv6M>KXH!X4xHo75tJhZJI3dp0w!Rz7lF-JtNr^;Vc z2FP``6S7K!0IDFIDU&;Kq%<(zRjmzp%G}oVBI6P1qaFgS^-w(H4bTW@GwMG!ryUIs zh(yaLrbl7|!BghxuMh<37Rt&0Rq#v zg3;VR#%u#Tqy9if=2F@mnINq%L&9Y&P4^;eUk6 zu&y^H7{PpzfeZ;}9w@13o5Q`7QN%`}O!eQ>Idxz+jX=!~@pZIT|B!q;nwcg=SKh@!FA z3&0W`Va=KpriWhY>{5Xcl-6ok#uHaEt_oienj!~k$~W>$9ty!ksBeOu9`YL9sWG~JRz!qY?PlrW>`Ri;I)Y-4 zJE;u}qI>NjC;w&vWE^?^>6Tzjszh!QZ1SNrp53-&v>$MU>;J1e69BaSRDrlgou@(3 z0od;>UYQwAEll-PgUgBPbmGZHXzpc&K2x@&bpGpF%i!s_OA&K}!E+)_sOZDkG%e0x z8naX2^01n6BUR`iZ8BbMR$ zRVai(;POESNu)9{oN|)^>qK1Ex|dp@cIww35R3Jn_M~-jpLSw#p4Cl#m7Z~;n^8s! zk3bZ(%#}ly@AtB`J+W1tx;%pS`rSuKwds+FD}L~x+ehKs-&QL3#{X%|00oJLQ7Cc= z8>cmItQ-?hNK!ZRs8lTeLpzyg!h^@+V3Grw#M}hzt%SDV2;oEv2%h}Q7{ZwM!ynV) z5iQ-3Pf*bLvzze<5%$dt}JbC zk2}rvN5I(B3~Pz82=6d|UT^BD5v_ za-K-ts9jb==$rIu5D(nFDLZYGJ1Cit1pQDV^j%!17`4H~css;=03grK`&?iW3#s$i1J8@U++rXJ!cbvhtg!-v zXqRK`QfX?J2yv-Qw~zt_E(3oHEm?|ZsM6r+$L0LmY<{O)f0;D#7;0K^xqX#C;wG}l zT{vCL)Ytgy%-v8|eh#N0=9GM%5ElpY1Re8*8n;?+u>oTHujswO9tp`e!Vd|yU7=QI zGzWZeA|`fdDYOfknG+bkyA24yONQ<(;c{U{-wE(l{Sr&rgrudKqVxFmbNxTb!92_Ff|j<7yW#_mSl5aY=V-OQk z<7qZ=bxGVvoA@{UUSc!9Mu&Z2)N>xPRB}w&X+@S~cYk(yVm=ax49xmppW5bsR9T65w81rF4N8R76(*|8WNBi~A-~38(fB3p&j0-2 z6Zf29NoU4B`pA?cz?2I9KnM?sxJ-0H+6&vRFtd*B-VNK~u(pT)oL<09Cv8kI9O_(K z;*ft4;&wy6|D-F1$C$$8KmFA?hLXW)$49aipZ_F;kT#3J32$j|sb~5-(BKSiPk9y^ z{LAL(1wPC5-zZIP;t1V;p|drs$BLwiB1?ybSBiu8@(uu98^@5{H1|rl;|(-b8SmW_ zdfKV|U^i~LClsCRpjv}1qbBEzN{!M* zjY-b=kO(63a;j6_HLKIQcV<(KU^^o_g0ANt;|}`%rg>l^X?XOxFphv%6F8gh| z(t}R@sIfYiC;5%_H>b>|T}a3s9{WFFn{s0>qzJT`+S>W$D}yjy#{vmdWl?2SLgHe zwAJe?)d~VE+9)~`Y0c%CtFSJf?V=eM+yw_A%e9R5K4dY!!fJTT?u10+1FAg`U!H* zEknwjYuea0Qk*Y5K9R;N2cObbIwjaar=f*XgQ;9;=9FBE1dEY_!aku1Aj%buU157v zt$sdQ^?Zi#`IP+`?^3N%s49Yz$jHk4l_*`@m?1W6%!`UTwkKL>O^*&0`<)Cu zrcV!YsVmcpn4bK3F_ITBEp--L=j2>_V3AWy0QfOF8nIv*|kxN zR8US$;99P}l*@vRxII9qqFCDNY#f-q{)FrU=WD28{o%E}bdsF86s!_Ne7beeButPS55W(PWxyCq@F!d@sgb%l&T~+l$Xk6*{QoHX^@M%t_?*-br;LCNjC52f{dny9)CKW z&q`FRd@}@wjl#pvI>Z~pMvQwtm7W_n+M<%EM;VF#V3lkH9}4b~{EmbE$4pQAyHoKq z=AM^OcQRR!efH=5JTk#V6WCcXmq5Xl3D#DJqEPZCNeOQDYC}6C=n_eTF%sP=al&s_ zACH%R!e1d5K)82w-3ui#z|EOJa@Cc>&C<6JHxlAJ25p+}6dLo~qoJ5Ow!icIf>TgK zT~H*%Z1A70-&aq%=;hHslpCq*oR|T290W2w&hj+XDWCND;#)j4euW^6$<_$BlX}BL zBvIh8mA%1l33^bm7o4(dd6Li!r$#ZNqt0Gev92@@YsWJ&3qd&%(EiKtns*tou+*c? z0xelj^Qyi|i#3=>5@*c!8B&=_-9?{aFoS;AqBBBi%3&2*B7D0KO|L2GhqJwEC=#P2 z`X&En=M(_cowEdcY7ofT7%^}ET1CRKECT|9?bdfp6XkhOIayh$*JhN%QQ;hb^Yy@t z@ep5qBIE{*NEu!EEE)KDw)61=J|dcFWi)K#UY}c)92Y8Y)~^g=#s1Xq+@2_wW2qmC z!#>vpy2Q7@*uJ;wqp4VW9KocsFJo$|q_d5_ttabx=?A_m{eWxy2n!Y2@$P4#=wwZl z`!lOmD_Nn0zgzG5SUnfYX&de>x);ZxwTpgvW4N5d>t(sd-Wu-zx;J0V1&GEVyKE(O zRvJkaYi-z-;nz_{{R|X2uPK>!wEe3V);!yCI~Td3!1XobH=%sCs$=Q1=9$iA{N7IG zPHCHW@u+3?LE3Py14O3;znCsw1%*t7ZXO5UV+PXc$?xoV(`;^4UDutBs6w7%_bxx@ z9Q-(4{|;bpbYIvU4Lpi(Ppb}hsXK)lml)ftTo5g>RBEU3{~GVtOv`>lwLe1njtqDA*>X~-SSBfnPnkmW4uFd<`ZK$1M zESvTfr!qPeF2@A)M#E@@2Kvv^8C*fvHXbKT$@G{KOCmGi6BupgpD=EU6d5lU+64`$ zpT{ju20-+=O-N@SEI3=a@?zB0DP~oVJASxQ^W1D$c7sn>FkF!C@P}Ul*l0oNCZ6|} zxB-UG^wp<_FYeD&kFgkn3P`8*?aRVaV6K4je1-)ga!=B*nFfjRMSkd-bUR7|l{!fR zb{;z_%D9R6^UKIjNk+6GUjv0<1swr;DMtzSgisIJOsg`{Dvak|1mmK zZW@?|^>Y1Ylxal2?fSxsOmmtrK6^yH$wLW-o|Z*Kx<_7b&g?hM{duf#%Md!`x|E*N zp0^_aQVwag-c7o8{>ZF8?|ZWOZqUQHPf!?HP~S<1#~kbX$^iEVUNHiRB-_sWdVDkK z)Nju2sxL7QmAOLYXgEyi`FX5lr`IzF3|X7*H)u`r%{B4`d18}$dK~8P=3;Tve39H~ z&vMiLV`C|*{WsgHFF71rZlDpq<+si?t%r@O^@`Zm#t0rfYHBaCRTlU3>L{hqO?I{&%@QTs5VlLfj2IH zif8DfcBo2y&sch}HYm$>8o)Y;u{4kyHK2kK!_ZVX_0UcSwKjL*`H1f1=ZjYa+eLCk z8UMjf0nUNAIT(w79jf*a3{wBa9^l`{KwoJPcfrS9l43&e*f3;^HIIJXzt1Xn(pmY)5^hUwD% zr5zCcpC1I^e}M*spY`Jx-~adXkf22iM6lSS$$39lB1WoQKwtiJw~O!jj^Z=`W+5KT z^s@Ccwf}lB?0-R8UMBxn4~87wXG@ai9l$(?1PS}zU2iVt%O@^?34@fE>gi2X2m~A8 zLBLf?eE;+Q1Hgbj0t@$(H|l?&ssG`({=(b94*nmM?0=}X|Nl|r{tKzp3dYb5fS1J} zTV6CgsJ$VOr|B{=09vw@|sU+K`3LOTf~emYu+FaIKYt!o11aOOkxhZ7hh&}5d?;iyy-g@Zn^pubucDNLlu+q>G>tu{jSBOTHr6!RN-?y0Qy9S zz$DJ!FLseiKL&rx@9%|C0nYj->Q7Q4+GQy0)_|!qJA%C3D2XTXv>N*S0`EQo`#*16 zJ+y#uP69La6?ct}`c~7B_N#9GkpG9hw~VTC>)%ENQ9w}|LAqN~x&6Icb~c3?(IJB`<(OsznpQtJY(EC)?mdw?>XnMfAhKk5Rr!^h@K3_ zYhD&=yKI*SKmi+XO2B#bFX|SJFAEcD5WTehfc??7Yxq8)?d@q>rfr>hnU^@ydbw_} z_0~@S9*Q?f15gdw#T1`P!a?z0YWtb{&NH5+9Fq%a<)LB^o|XV;&cRgM5eaip9ywzK zIP+e+7i;N+AH?n4iHDSbSypd~-#9-4BF+?aZVlxHs2^{S{TN(Zc>$EoE?_O&R>!kj zJRxR;@Ep|va^!j_UL*8elr;cvA>1nbsv}K(^A8-43xMaH1*BdZja{^9N&%0(h{Xg% zE+gk*UuM9gMm`<$VYf@re9OM21%;2F2KY@p-=GAr;NMw}pgPwCYow763bw*ui$wT+ zIw!`C305)a7#P8EL$Xxh*W>cLyFSy*PhxwAvTpF6HoN&BxF;x15BKGI<}4IPY7w?^ ziW<%t7HS+77@=n*v#k>WQVYa4+k#!`<&t^R#ZPl+)5S(D^f}Jx!|V5*QP1}S__xnp zK=yO1xK76`|K3Ec6bt(bC_@1y3oRm^vrB(a`TOl77akK{DJN( zzy+Hx;_Mto1MpJ?W`FI38p+>VS^#h_j7qWmLW%*Lz4g$C-#zFebYK8D);|waaiKf+ z7v34D99`LVf{hWH4A^fANuM7H6JADIj05uQHG>50hv^iF7<5_EGEsp2dUOB)Lzn}Y zC_7LKIiT*I2e7!Y!fqnl-j83b1Ge#}cQ*i3CP4P?t?lkF;F_wyEZh`U<7j^5t?u&LjXV4E=V_G5y@D6 z1pro4l1aLDdw?YVY`oXH1dw1FN;AVfzC&92-CO|L^>q?El#AWmrD7N7CfuddMzDD? z(eZ57VarIv>?U|EzPb*IkHc=YByt8y4N{|gr&jom?+)MbfjUzd)!qXvm6lvt_&Wg6 z0AP0@K@HmSm*jUl7EHUqvm+7e;#$to9=PzWJDPvvn}l%PkMK^$}Q#<-O8%ICP9S1Y+Y0xT!>$4oj<>3&|xZEIgKYA`D~WArY^%a zsi)2Ddkko+NXQ(fjB~$y5)SY`JD1_V-WPVXSX~1p*#4XdIdPN_bsYw-;8FN%@jbpczcp7;9(0>4;GzqE4WD?t7oxH^*C@>6qe5uKJY{P# zzqJEtbOfx^kNIe>P>?_24+3)cB5xJMGx6QW?Sk`8YxrVxpYkSed|jqM)PV2WAv*T{ z=XtD;Gvs#0W9NJTVIu|IRoN75ny00f)uG%b`$-UvcEFaMhoKk)j|omj7zf}8PW@) zKQAScH*uvZu|dAapR=mo(|Drn=1OkK}|B}mUbz}e6`%5+!eix|nYO3?SomU0Em zcVi9xINVw)*ZWQ|{ZIm7b)!#y-b2#vGJF?$P(R^EMQ7Uth}F5IZgTOI-&y%VvG(xB z`H|gXH*T-?N_YBjQyQTN`Blhpj4}RgPN0J47cjeGQS);Mq~6d=SjH;J=r=2IVByx1 zpWc&LhKa2XF4K+R>}*^lY##s!?GaPLpWHs4TmomnZ@H_PUA;tfv*8D2cmv=<>If)p zq+EDC?O%tE`)%;2=)mZrtsT51|#~N@+ z#6-l6I3H$R2nkM&+ty>TaCb0vwpzUIv*aqh*z!^QA&Pd~LMTWT@`UgNv@#;?m|eRa zy2T^Ex_1bLjzb2Be+HDiBfV3ad=r{k+(%7gri~R>^%uSGC*dW3R?DTc@exW8LVFV* z-yUchGF;*FA#EjejTIq3v`9m&MDl>2N31+N;_HK_J>o&T8U)_iJ0nfU+rTixr`LyH zWpWQrof%+@MKTH&sK%+sx)*$umL~9fzg6AavcTIOn=vC-YI5#;O-04hyoQGD3d!|$6Zk2> zwKHXhA}BBqP$$1#p42=kJx?-Bu@YU!&|zX);_InF`II=Z1a9^0p+<+X<&#F>JT9uz z6U6FF$DZg{xY7?=4RgKLc=2T=8b!C-^>L0bC3G8<(wI-@5o+{# z&IJlQM$hY2rVADqa+Z5L^&(DyE^B$Bq;4r#n_G0kax}*wiSye`(UBqgfVg)$fN1zAInD8-Rph*@EaU75icSR{GI|j^(wosHuqBNed925$9_i4`n~YcOt5jVwi*yBo#MZZW1$uA#AKXvEsw( za8h9u&I(Ax`D}Z4dtEGidSM0M?z>zYM^L=z9BueI;IUUNY)G-$L=xT8 z*d%|t3e|d2sX-7N5|(gIyFn4R&6J=`;3s{Af}tK(L|>>Yo@|0|S;4U|iDC_3Jr`{0 z?Yln-mJ7=uNDJ59qwjGcy3_E?Cc|nwXFuAA)wyFHi*C-N_DQCjm#jX77yTDY&h1}h zPixq^Vgq;wH$bZtmZiEI|(XX~BPp7Gt7Um9S|0DDXl0MoM3Kp7MDs&oa~F*a!X$=w3<`TH^wwmAE+v zk&$Vl*;}q%N0g+g2SJQ!`eyf}2?=SjyZ9rPT<~p&1oK(mqd`dRbs;|6IEHCzXif*ABysW03xPl6|~#^K!`<1;(D zFTGplN4aWsOq&8>hzTr*U4RW_8|k~|Dd|`x=#lW>8TGYY(gCRSF6XKI=fvN&mt3-Z zP?1UIOuL?FUh?a^CDLhz)F+cmO_yumM-FW@`+hKy^xJMX>8ZIF22Zms2XxT^Wv&({ zpxC4%$A>l&5=n}2>oB4ZZASUd7kq5QG$>hm6_~otqw=u59(gNa(JlUz!dZ6;SmxGh@w6A>PrU~v ztzW2H_(~eja+&O^!+`~*ceB)>Is#pf)8?$Gq!VA9Vg>=87jC#kIDFU7oZhf!x~yoV z%epMN-uLLc+CO>8@^rj>XE}oM{o*E4_-XzsWQ3;gqjd{RW*gkvgfr99S4K2^)bNTZ zWED1&EOovO#F_&6n?e1c8-g~HE=5{h8;6% z$FLNx17U0!J<8g0aCxKMv0M9fQKCT-HQoCbVRcjc!FA)lJ5aJ{LycX=(+S*Hzf^r_ zaA}i7LV$paum4uDvBK3xdIp3UpM(S53`_e11rqZ-z~1t50US{uyy@7Bp0G`1oDNCi zM&d<<4+)52xG#T-Nc(K%^u_;lKQq)(0NU$1szlwFs4&13z0!*TS^f)NX~3w<=|e|QCg=H)#;H6?0fB# z#zkq2xLX;j7Ay^{ynOxGQ7hMSlTwXF$C=%rjq+(L zUFpCj)CGUEVTCX2Vj*aKjm33;DKkNF(FaqNbhZ~_6~m{32_eOD?S#*i&Uhjc$(Rhn zyl?$_r=bIR%!vrcWUz`4#Efg1LNt%b{AWKE+1BZ`Abexl!ILz$oNwKa2^22h#)dQ? zD4yar+oUf#VV5T+yuqVgcJS3)vZ~5Ny2R$NB+?uY6(mA>NFwdZxP%(dXH^0WHKpxJ z*Is5A1#-D+k@sMfDTFET28F*RP@fsab6E?JSG>W-C*-@nfcJQ&neerO(3^;)p0}1I zldu_mZ-Kx|)9gS>(hxX=MZA^s0BWtZwhSA)9JaT+1s=PNmG*_nhJGWKDocG)daRx4 zRZ|hN)>_fzdGspjUUh+U2UDI)=xZ^u8kGwCWJm6DwzSGXG5LU?FLDlf%A;3<)an-# zRJSZ^_>zw{YIrD{nH*ODjH~f8c@hHAccE(pY0H2yRhz9?RaKJ$GG2gBw)!L$4vJS? z<_lB)f~$9;y6-30GtZ%WCYP1Cv7nBAb;(1lJ)SyO3a*~TtH8D6GZILs|eT>s6 zgnDK9dSf+_6%Xk!03l2`h{MDHmX)0zZrZWlWZM58HK{$*p*}B*l@hjgAMGHLP7`Na z4MQmtZjRLFvkcX31(bF_3ub}78jiJ@7A69MrTpB2g^bm{(R>yiM&sBAV?1O!62z$l6;d&xyds_% z=44?3TqXB&x;k*e2k_*Z`aTd^?m7u{I!5N)_fxGDd`H0MbZ@EE&xBnSK>USV$6<~b zqnpv&aOt&^)W@Y8??aJ@_n9~|#rpkEBd8~%Ne7*@rT`hsw{FRH{6Q}%xL&l#NR4={ zv&r<9r!f4XgZ{>RNJ7k+h$vIWA^p7|;FZ(Im2kFQ(aHauwTM0>^Y&ppHndZ~BpF3P z-yRS4{kg%pk+DG&5q=FqU`JDxYuRc0p=;S-U1?mga(Vj154SRo(t&dzZAK#E>BA8F z>Ozm2B^>&VhBvqc`>nl?HWYaxRQ7Q+W43rWY0>qoC#m+$4y^P^hGGyDF!ACd=c-Mf z;Kv0vX4w@`uBGtD&j@REDTlt&duYMffSMW=Seg~aQG5CvHF_e@p4@tG(W1EuYd`9RgFz!R{}eU}nSKa0jI_ym4i%)X}5dX4O`sv6y5fLl~zG2cXN z@CrXrx2NXGeb4nF$#?K=^MTx$Oz3b2TwDlf$)O!al0J@TR^;)ydRkJZz(P)pOWCW1 zMxZz6(%F`MIzqffbqa)UEHj(5juOQoZrrRhV{zxuj|>th{N)YzO8oJL4TF-l#Vt{D z(I^=Uc<`ogxr7#Pq=4cn`J2 zN^QeVY_EZ?O?63B;$C|STDyv9aExrYN#=2kaf|=*zGq8btfN}iM1D(o!29?~XGq{p z%HzrkS8D!?wsm5>h=(=0`@uGYoH^{4Vvja>h!%MaInm-N(G5BGIF5{AOU$O%Y4!D2 zUX+F&>c`fox(*(eAiA^wj-D%@bJMGFm*RR2CLMli07r{5j5?aQiMy*h{*LFp+*|S5 zszZ(CfF~tpxTphsrx|TddKBI&@5)$rc=j_wR3JW|R9OUP&b3Jk?|WsZpCu{3IHe`c z8r7I6dZLQ#8PCog(XXfNjn&*?x<325D~h#p;XdrMOnQBiH}Rgn#}#l5kXu_%5xvd? zD_&pdE`61fG^QOZk9Dr*-Y@ zTH(-mtM4s{tq=P>iLn(gc+k;)fCSAqXo6qJv_B(# z(dTs!U8UfJlA}}V0tOznhYGbbalC-k*?xG@pME7^Ew_6qs_sf{n18> zEWBje7pGG;7LPNKUqGsan>yY4oiOD)Jb7HjN^04Hppz5d>C|7rk5}zw zmvJ_wNfL|B)&6sCuO7L%1AEoIfnoh)Od;nqrZ~*jv8*?k+?YMovN0QzUs@(BjNeY? z(9Nrmkw>COOvwIh9n09DBIbR{%CZy^rKyU=Pes=8qsVR3EkaB3{p!~RTkW2Wuq7M+ zQ4`*@7-RJt#~)`!e66Lt@4uTi7i?lSN;(CKv*6jlCY`jqkF``pt$;wzmSnLt){Yr< zyIc?1%w9%&waRi^{Y*3*8=<+(5&t4y z7#eAg51J%3T#S&%O>t{SnUcTCFx%5jNyWbe@(oQi_MvU_U5yef9S!F!@h|u=F>`Ot z8IjX&`KUI$a#pO0lCtSmNL3Z}#QKC6;%7Pb%FxX=K5#KD$PVq8LHPnppGUc? zOj1YJXZlr6H40c>KLN#7IoC&0LeAqwoHeoVUv!5$L1O-gIcG%CyRI`mE;EBC?|P=@ zm*7tx4wUgrh7zgF0kF;8ioO?x0C;zDT2Qj^1zYG3Nzt ze5&kE+la9uLYGK9#b0EApe&=DaK9FhfJju{I%wQ(-6*xgm)VS&y5?&T6ci~tL6EIn zziNE70Wc;{`!FKUM15@yw#d>3-xjy;B)|+C#Jqg^ON-KxWOemj0r-tU%9}j-?=~-bc+y#Tqw+Hn?z@8^{@ol>rxr#ARVVc2Hsr+3N1?K z#i;z$;3Vk~!)cbC$1;fFG=t7l7;iYfa5P{K!jQO9GI6L!!a`V`U{hWHw<$Rq)r(=MF4R$!G5wD^q;Qev{(O#FtPpF~MUyV8>EqOa9 z==0F;B)WpR^Zw(}wMw)2NSQqo?|3+|#h$5ko=^&UNpV?q8>+c+ymLL-T~Y74@0bKg zIS0s(`(Fqq9ju?9JDxU8T9;7OK7j3~m@9Kj>geNUBuNbrEuzA8 zW;pU3T)&sR$-l#KDFYV_bq`_{Oia5JJZ-T>$l9<|2Lg%467@tsvfj}&&9nbfr9Y($ z#S{0Di(;sn;051?o=%Diu3prcN+$Qa1rBQ2K5AR>dHM7A9*wipM5erk@W1bXr;S#w zNLd}l;w4nFhpjF$4nk=)x~ZyZty!%OMOG3OkC@J7hLEZ@nY`;vAWk)NbdL)XkR^Vj zXsG};X$jLgU;j_xloq6PME)oh#Dl6T!$Z;Co_O=?*G2c|tGbbF+5C9Qg-=;nGYQ7HY(mfWx_BFH~D`Fd-J53>p|m8o(Qd+ zH9W+;H~}GNeMkDimq}S-X@Sow^sxHO%D0txO={j{sf&v571hySRMlh;PcUEgiexnW zW#a{Z+jvjJjT7gi^2!tMkO!(M>7rw$HB#S`dnal_G_4+W3vXvk?@2|pt1%o;y z%D`Wkw`2Q-qerv%wv1G!C3AFy%9L*u_2*{wfE$Em)d!1 z6;q6953+b`!nJa}7PmM~nJ~JB!mJ!L=P`vX#jBexb{-7snWg{^U=45(y9^Ho*)5em zOIfv)N}X=7Q-4+P3Ddp8@wPa#^%-yBWQr`C+44CKJMR} z0@B(kIJ%s|=RZU7UyaP%Q?5*A?%of^B!$^O6pB9&?`(um!l^~7;{?+g)^_G)} zkn&2)8EUff6KK^c3v)|faO6I01GwdYi7m4bBl z1eFV7YD*0n=8;WKq)NV?bC1w8pfUs{f z63-4wL``VNrz@0hUu$#%O&3r3)+UtX%%~=$c+)xVV^`ho5GuLJYmY!oVD5*mhm4&SugW#Mih6wVGN_Te7mP}n46P|pYsd9hE}YP0DV@!ZhJxo$gE zS!5yxRS42`{A$2avJ{+J>aX;Q%%Aj%7>X`N6=I7qt_5g0GY=w+<~V7!&O59Rrg}vIpxNo^cr1F&iydo!GnzJH(lEnmMySd144g6<1T2PsTOpPe7@o z&G+~`1tr!QQc9hm&mn`*$`i|UgEeZ2$>hAwe3{PGljjcW6neX$?HPcX{4li&)t_5k z9O%JSPCZ-eMePg?G2e49V(P53t#Jl~&a!}c&}D#;lihv+u_>>8w|EuJu+j$peOdPRk}s`M10T8?~RHx6r5 zV#(tmebpUdTWdx=ab!ePz4PqKz_qMky4(58&yh0`1e!hNIa~&$BL~Fmu}baOVeL1l zG00;H$YaB2)ij%m+tUtqghfUgm9UPlAn>Dp%&(s|Uj|X8S=x&BRMNPX0V_4b7w1Gk zjg}RG^FhQ}qj<=oSRB*~@_dhX6}hpWgrs)|>Q8-GV#a29JK{9o?@A_WfSy~y5q6`o z_hU(~=VjmMDJh>wS~TewdZj1|MvBqJG=9J`;IEpPVD}(IEQ@q~lsY4jsj-1x(YT4C ziIUGK4fXLtS~8v39N&S(iEjtZb=J9~@m}BMJ^R5!kq_bOD+HEEX+5Qw1k8b&G$1uR|M- z%}ZJC_@w{bARPlfWTnGAPYTyUzTI%AtGoWCn42dB#Ly?I%rJr7a=Zd{*`W9ly0cU=#IWMvnM-cWP-DnpUQ*v6G02}H4XwHpT z3Z--otmMP-Wt;eCL}p`?`CxmkqPkm3$!N!~V8dg?j0Z~-`pXacFnqHZSu)O#w(IXr zHf4`CR^gSEp~f6fERq{P{;>LdmH4K-i@>JeQ4Rv4@8hi>4mCXmvIl1?i>a%j(iQZlXlVqv4<- zZoC?cFYkO#+wa(YgP<$Hv-?uTHR5%!kG2n&N70iPhu0q85Gm`JI|`4$IvPuXiQPxSp%385PDFSB6jq)Nqo74Gn|}nV47t| z?*(g77p0>r-;8p+vLsnzXwE*ka@Hekt-FR@bYV<7j^XX)fkrt$4ZfUzp&8P z7Zg_=GOy+oq{~`~Nf6@R(SndrD~*Tol_M69kkgleSen2 z)ys9(qpM=*`4yGvz*(lpnJ~RF+|s_FMA^xyYNHFKIdOBw*Ncp${k{ks9Ttye_r|?% zCeiXK{;9N0Tc*UR8|$1DTl8{#y@?d3T^Gfl-(?vJIcvB<3S@aWn2Pb7@@q?QCFRRr zj7?iKzgKVjxZE{vFNW|GPnZJM7-U;><&0Oez0Jvlha>!3fdsH>LTvbIKhve>M3g?Hh)-rdNGFF7koVv}(^ue2CMz8sF zeC1jKoH&iW^`+CCwc{lVK9~b0O7}{;FUkhn1J}-P12>$M;*hZ(ZvfzmqnpEC%_=u$ zLiQb}EYp3?h!}TJRU!KA+m$|@J%6jRhaYaEs!{QKM9tAdFzcYjo?-Ww9UxpHqtFiW+cLQKc zSz2#VffP_Z>tfVoC~T^fR&v|yuQQ7$l)2R-8QT068e2#I360?dtY%D$38rBVTnq`Z zQ;mNn3g3%PM%{uj%y(Hl8_7^v6!hz9|m+s z*d(WXd+tR@{5<4=kYutlY%bgzCOp@6+fdvaR6e41u4xW74jtpvds4o7A1G3`AbeMJ z+mLh)PoFj^WPoLqRSX)f%t1L5QIk@vM7edmUEf8*(~$lS~V);J_!r5 z$h%68g&vKugJ{@&aSh5b33B&!eQp-6$m6~F<{B(D!$%wMt^n1Qg7SAx*g9jo>BHyE z@$}D(G4uDFPI^i>r!Y(UsupZ!{K>_nF%d0eAkL&`2?XIs31e*K%~EjDU_(;|Rqd_; zegyI&r=UQ-7KeB#T;pJ5KZdw>n#|_S(Pvns@vA-uE})FCp&wS2pc~Hlt1CoZa zvdY^jMQJBwhF|>&bZNh|ly6fx7M-ev;vX08!|vH(L$XETnq20hab3 zH$gwc+;U(WtLIiTDAv#}#UV*_N~`A#(JXI`0L~2J z73KZVcq1Og$2wf{)eCSWS=#Z9hHH^IA_k7$T}$37q;cuaXq$_PdA%UEKmF!3!rAwdnjDDH!Sr=SGU*5o3%_Z zLBH7CTnl@?xN77zaZCRi$b?cBiM6>@0zn$}9zKe(8^@^@@oD9fgexdti49(qyvqfK z0B7Z^WjGXaf{3r8iJI4SQ5?B5h$1P^n3z|CbQ7@WAoJQSn(NmdPH+ldLz{1XMvXpm z^ZFz99x;l(LF!_px3n-O*DPKm+K|&k*pzE#8WVUAA~O>cgoF2nk2mltd!6Gbvux-} zQ1J}MihW7#wtpyVKFNHHC^RDRK$PR)`^L)sviBZzoC00&rjECb(Nt z#Hm{msG8U(VJ8_Cq43j=BJPvcRw*PWyyo|#*MjW>0<69Bsv7t8d1;Z-s?>Qnh*z>s zEF*j>2f}A6xBPUOM-f=UyG1exKn!<+P(8S3h3j?acc+y~ZG4qD&_1~0FpsjQT zhZcfxtGZwHh!BZCHk|&vB=kkrji8?3y-$s;n{o3~xd!QC!EhV8{u0Ez=9;TMt3L>C z#@-|TU25vDaU~i5cXYkf2P(*c3a@ z;3pX(`DNFZpy?uL%2!K>>nVo3HmQ~lM>-rP0&`O1rVmDLx|L{7UJ$maH{;a;75Y%d z86~@1=n0GQ^}v@WnqwEjTG9E9sICJjK8aHgDUsXc01^Z4lr*Qs^hiu-zA4I+f%ULp zVaa{?E6~p)93iC%fJ)Qv3ZQY|wVZ_>=PiLHGuUklwi4EL9hW;9WTWU*yD{2 ziH`v#MdUb3%bSe|;^KRpcAoa(Q3AHxOv~;AXFvJ(d0`s8npoacEUT*$78S5Xv&9Pd z&i3sy85!;ncoTkOI~OwUbh8b>x6iw9L-5WLbhfu3Key?n&h-t?>S0~+!8~d$s4FF( z%yoMqU%ELv9@B-J#-}p;)!+dj3W3Lm$ptwhJu4ReuGG}R{Z@`Qc<-w2kHU<%2RN@X zT=Bdm6DMSmdbDxax?QwUtq7H`?19c`5~D)vE%Vi+PKO!FIfHV}CBF6=jyo)dW!02K zN$mb8)@vqF6ZLH-dZo@I#;fI0^04akMCzx@0L-o3XSChNX;nx3E?RQsw|Gt5NTJs_^2}j+wBz>9ad~6x?SoJ z`Wlr{A+9C5qGfAx!`LMi{cEyQ2*?b9@?OFsQD5*(X65PX6XovEF^4nCK2JGt!@2P1h@G?7YvD=F>|pTV&%loM@Q4-;@A#3ZX4%Z+HF&GMLS0; z2azb_<#LYSNuO?3nK|lvq@bU&TLtf-Mo%Iipsexrt#|a^O08kwlGcGt!JxefSw}PF zeGVQyA_bPG_*P%itLcacz__oW#QmZ@GRuJEqDeh5d$T z!mOQ2o@KL(G7_Tp79cAzuU0IN74G%0wVZ}%n&rTWQgpcHmws0yNE+oL>}Z`d@U!Kj zB7TZ`o}uhKmv_qnah|UP0r#HjS~?K{?_%N?irssG{9SJM=63<{+Mw^-G5ErQu55#`9rIEBJ3mlC?R+@(|Tx!B% zfw;_@HquxFE9BsK@sAa2inhNd3y{p?P488ROQOD>}jXCIY= zCO=o=@S2sO;u3bOm)vIjyn$GjjVU(j^d}a)TgE0@A?*s&flCS1)sSX}Wk6WuoY@#M zlex^3-B?4oclEBvQ9=4s4ZAy9kZLeg7GQA;*4X3<4vB3QZx zg%zdTM;oCzl!FT2ft*~$QGdj*)o^2Yo6f~$p1c|$|8NtI1uLVEkxCA~ce{VHS`k5| zA?{^f)u#1p@zSKck;ib3Dy>#JA8Qsus!)O=dSNTy2sd!?%7Kqd{v7DoTFkpzL0qT8rVCSyQj^O5vf`Adg5$a~{djfW+;mWdkKUDt$-6&Bc#5f(k4kKPJq zd-RE7Z<227dJ*34`;qt<(}f0~3IYDj*z9j7#_a>_nZlAjLUy}GVB*UWiqVT`4$RcA zsAw^LJ1bEcysHz}x#(PHK3_R7jP-+zvRZk)ZVoVUg96ZKvyj>y6O5l~mPZ*n_j)Dt z-o|=?jwP%4%#?Q5qa_Rc4N67SfDHsTtE7SNg^qVLbE6wxiJoOEEpZ%fgFjf^hcFJ_ zr;R@U;=W{CKXpaZt60^v7U$;JVTO|-iaUa-JL&ZGI2i$h7+RTIQ86X`rS&Lb+q?wg zBl++uJ`0~}!NNT|;tCrw_Ky;p=%Gwc;aXKg?#%rh;)y^8%$)4K;jR}FM3Ulr(TR#V zYVn?~W%0b#GzkcS0{GC5Eb^>znBw$gibznzNzJgw@Op?ibm0Az%+{!zIX+NlOg5Ap z7k48eDlVt#84N0lSBXFdjb^!#>R-7c5iJgsNHCC$t;mCArPHQ{rG0#Mp~btGQrJ#H1iSNlJ<?uaHgW(@uvr2$t7mNx_K- zz#W3Qf@EgS*FOSZf4?eq-0#{Azm>T5J{t=L^*jVx>P6h}VEWPU0h*MI&wXnWDgcg$ z%z|Uwc=60yIG)gg5a@?=(N=|vze?8j$C-IVTZ9siLj)*Ca1867X*hl=_c1a-MS=O% z(*TP7SaSdCkSD|Mk$$!u1f98?_VZnYD#9C}Bi|MrCepmFo&yUSC_n>7m#=cH|BMvO zUr1^sK>|LQzx}MjZZLl@e=lg{rgR60@0F1hdR|It73AkU^3mMKsWk15B;JJ*vRZsS z5FMkq)PO#BJ^8QPpWnw{UMRZPqJU>q6YV8|@7+-sl#D(=_^GWps-^jNIWapZ+cxw_ zgph@jsKm|ra)h=XSLP_8+p*jkIQ{TA4k6GJ0Ry_QC=_O_DTpYMQy=>1g-7K(# z;0~&eEV>ZE{28v-Uz1w!2LF{7s9W1tUg+=ho$m_|^pDF$#+ko|wY}BHKL+WB=`fJ< z*7m&wsAKXWakU!cqF0FzK?iVQVj1npwRSAC;ZNM~u%j=#ABh$;+Un~3j0K}9S z^l{&*z{~R`eDDU}ll`4Llg*>2$pk}3ee-otd|eSvB;yAnG@4!|`z>sL{Ur4NH%Xv3 zW&|M)-1hIQiq)&YI}>e0y*??=@}E!g#{McKx&C`hf4!Lvwhu$t8^nKpAW%T^w^_?B z40=Qf9X<3K68<%a4$A)y;=eQT-#tOx_+RPxub%j=H2pU=dsxcFTE4zwiFb`VuoP1(G&o%DDYl%NZyoRlnL{Hp!o%7EpVXZVy~1;O;;# zuNPv_wEcDa3x^MJ#DD)429-+smpdt1|248{y!EVssViy7jsIMdeT)PBOC~(sa?|xv z`S^Qs6Ftys~V*yLHL0 zs;d0gU|aUd8ArrPzkuF?3FOZgZ2%O&A)A?$zZ`>ahwg8~O9cBqTp+GVXZV|)6S3Rq zUCMG!vK8^!Z3Cns-vzQ!@@4zp*}3pXO#1X1^nV@?_;e(2Sno`EYkxY!k6+i<&O7$M zx9p71wq_qw(fy*)===qQs$(}G370)GGWhR@Y5Uj$4hsGRt*AWgw(D=s!13dcy`k6b zZ_ocdc3VzZ#mnGVkH=U2z**THLX9R4_1{wfJe_-) z-2=64&9u6Q=zT+@O@D?wbb_F;0g4UpKRz3wOsT7#cG^o8a`H#I{T9YM*#10D<9Pc6 z_n#F86JyF+e_^Ay)lRBprRjEHo{z_zJ<72hias)Qyqo>zgW;bKW0%007RWF&fsUGy zzSC}5ypmjbcxc@5*X8vZQDKJ`Yv3KYHFftCF2U;01Vi$(Q{0FvV;-^tK^9~8*!43sw^DvT(j1K!2CD1kv2vordB?AfXi)#Y z5ezCeADpT0aB1`Hru+F~z-wk={&KX?*CK!aq5zyfw^#T+W(Y=sI>Lro=7`1dDo$(T z!DgFzXCl@U{ZZ$QS2E=_sDFmODApqSImV~?y6)~`c)c*5Aj~{FSPb_G4s$!yl|GHp zc=gYCfm;sa1#Kb-1E&Lta}`5HYf1WKS<##^|NP#rWJacI2Z>0%U!;uS&-a$}wU_nx zg%WQceXB1sxEz&zw>IZ~!*q6{ObC@*decn)KTAjin<}f-jw)u4F2&)OTmlg?pL;Nd zVDdR8WWuB2HW+4iqpP%p)h08XtDr5vlPpI$SSbh^YyEWz1fT`p&$JD^1~d{hylL0% zudQg9{>wVa7!6 z4v!o@^c~IE^-1h{H9$5Z`$PFI*Te57z+u#tCeRN*Vq#)1E*h8j_b8xa(XBdH(GB}C z=+PFig%FcIfvOOf^XGkAJg>oH%%j)C#lE(WM%b8d1n$gz-;_AayH7D48ebn!I_QS6 zXzyI@XWstt#yt^inZ545?7@4ig4&txS=V0km$^~M)!M<`T1oR#Mz7ds%E!+lIFkHRyE*DFk?9lE33e!dRwmC^!0;;AIB_>#s2&qe&@F!Q zqy6Y0V{@|J2+mA`E)&Unihutc590Oyjq>i1?7Z#X*NZHdi;f0vX#v^zL;-4@%Wl#L zyqu@_R_&-U$?N}CvI3N7U_0}FqZ4etIZY;IoKl5#t_VCtj}bXm{g?FcdzCEFc9PXs zM-n^}+50mq|B`_}^84>UW;_BN;Ds4^tpEA#e}DAv*J}PCY>VfNqY3=8IsU!k|KYU& zCNzK+lr#Ph@BJeP|MwSFNFX++x1mw|*Np$xTmMMy|MJ3%24o#dy+4oqA3pc5uNmQh z$5;QUP(bu=asGdQtq5{78V_D&6aQ;<|B5pIpZ*_$9xtrz&sPxqpU-ju5s3UB1-};l zv&#R6FK6h3$G1q7&-ebH&$5CbNDN_O#QFcvm$DB${v31e+XsKN@xLbYKTds~H`p;W zR5VZi2+x1~+@C*sfie|wqrOb`Ba;8|EWddGc8ua1h3Eh8%lGeh>4m}L_ockX{Ff#A zKh5%g1?Im3^Iw7a|4CqM8DN2n4mnXbpY~_I*`1dC;xPZ=YJMnuO65Q6$>&5vX1>P~ zl<7Uv%p1qM0L#XXf!9Oq{;TgfB#f>Ip&-67KmDTo2%d6?{k#F*&7KGYuWm+V$wqsgy--E5 zTZ^k(QJ=!>&P~fY$nv{Om*ZC}){-%v*2UD>-MN8oIE&@Ftrzq2Zs)flvjupg19chd zcEvY7433j6?`LK2@Mnq-=Z6zlx#nCO9zW+px;=5qHJjRZpA!7fj~9%#&L(tOLA$qv zrTM{z(DC`w(`kprUlAVT3_>W+VV-#l6U28Jnae`#tl*iLezBxhkrjpg4SZGVvW@KQ zMB|zL^cMy-9WIS+hx29NyWe5ib1v@3&5Ua{Y1%rNjSC~>rJY2g7we3XGj@EhY%sHL zVl`#g+kdvZ4s)})oB5=k0VWN`5vxVR@h6tU5AvG^MQygZO)2&^sStl2O^?-kXUDqA z4u#hawgw^L;)V?qpaYl{fG_+9J)1!aEZ81G!E1Rq9xo-d5iwjhy4q=XGZw*jY?jZ? z29ssi@hA~uF*zj6tL>iJ9?@6TTrJG5&2r|NuH2qA^P`DvOc7r7f2|`VcGl}&iGrtF zbiZ>m8XvS|?@!%SW#=*OwGKc5kV_io)3YU(=yz_;XZvpVXYtwb=ZU-IKEL;AA&VJY z5Ti@qb3S=K5VG#_Mfr9wtt5&mJ%r?}>C2ktY;pZ5%qQXfNlLSYrkkJ3FJkU?qobfAXmK2}q{@oSL? z)(z!MOUJsMJ`Hk+k!69@#HxE##t50iZ!_Y)nj)+ryk7BWG#w3vt(w2uzCeK?z2jR& zGLV8Wmlil{x*qMCTI->nJUX-7o#U2qIGb~Ko}i=tTuI^Fyjl|%se%02{ZGL8ue$>0 zIRaxujKB$l{iMpK;eaB6MBsX9w06cYy$Mw`2;&o1XToxW1mzz3DWO$+)a-%;O0bEuV0j+%kkA5BWLgu{JrSFbUR`i@iqEmE{Htew-XU-SC%Q3~gUQ2-0br?s1uOweE9wG%9mvk+2i3$>J zf00ke@3?otSgmiZew7m6)f~oDlKcrmV(uN3YY*YK%e?xz6=8ZbMVmR2lVV^GsxUDP z>F&?b4lgm;f9ze@e0+IhpA-o?ozSJ3Qd0PGl+~(a5=>e=1DMm?e#5i&Zzh2ESW+rH}O=46! z8dTP``tUmtHs0yf@qHWQ^xzoOlkeZ|OxJpyepfzwCftOy6@R4mJtyG<8~bAWXq}uG zew*9nfywP%q51ld=355{8b=qtMa3Jw9L}{%!s}VX{Hvqv_jh+Uds=5b0j1w-Bu#|R zqu4&xHour8un!B>OV|3G@5X%^VL59vF#6Q}<_CPWF597heq0xUAqo4@wq(P_GY$4_ z=bkUqS2mNKn=ug@eRxc-Q$D*TZM4$GePeyltfZMKf%vH2=(v_v&XMGCjAQ<{iznNQo)0B!Q_f zs;FhmrG1Er>$Vle!CBni3?*UX^QqgF8rAf>UQM@CV`J74QL-}z7s%)LnPJJ$fSmWF zk73Su+?*`JFkKAW>*|d~^PW_b87@o8N9QyBY4)8Tn@A@l{}+4j8P(Lft_?2>(xiz9 zf;3T3dPivykfKslq&E@igd$B^q7*@?%A%Jjz4so9iZm&q2NHS@Aqf~rsNtRN^X_%_ zIeWe1J3qf4XAH;~8FMD{&QtFGTo-O`Ky{ySUui1H17zXK^__i$7oP!zxoJVIPZufM z;6KP5z~OA1+GO?EG0jiC7Q_7`3FLGnZ)+;1QPYgh1C3e;(8xIIM}RKaY+)`c) z)t`>oPm~Xy)waAB#B<}DX9Pe88%Z;_zmCOO{jgbT=fWRAE?h=Y;!nKX{%n+rC5-hQ zD|qAbSL;7|Uz(?O7JwcS63iQ#*yBzM4Q!62m-V(z1r?m@EMsSm%8sweAlR4vj|V%B zj)-@b^)KPEHV}%R6MA2)e{{&A7VMvkv^CD&I?{^R4ZN6B`zqNzM14u1C z2Fk(B2FpKe&##&8-#I9n2#xAk+C1r0jKA?~L1n#J$wQStukldv+)OKd`Komwh0%Yt zE2yPjUU_s-8a?Ws_c3T9uBR?R!8)WWh=R#*oo5S?>6sB}u0IX=lW8DiIc^H-)i@&z zZ;oJ}ud+I%*<;VFwx4on1u`34Zjc%#H?p&T6gl|$5$X|n@M3!H&e`aS^<+!G3|rH& zj|-Td3O^uEsax_Ub6^>SR2mMRE?J%?RD>(AipAtR%xaFN+b-l zA1+z>kI6+g10S1dciCq<<6pem=q+=&2TOc+>t{=ugldrMuR_~N9qpBU@|D87;TcoR zjD+oVn0L0LeZc6B?Wq+yJf?2ht!8lA{ZN%2?g(odvI;t&*d{iwSqzppQ*50xA_+V# z0}}&6cRaq+}u7m>p7v;Nh7)A3&9t2!ROymHYxQxUhbCjJJ;nmSH8+LGA3pO39uTOC$+a4> z9j|#JC#MeAORYI|fVRmB7kS6lP+XI(d`Qq4u1eK$ykiAAX>zKcps?ku^xIv@M(cYa z_FJZ6d{Y9G{l!&xxwR@&a7jJ z^O}zZ&ga2CZYnHg2RC1cYY6N6Rf@->@zA@9x4KDL>|-9ShY7YQ=7v5+ztMQp@pI#>Idg?5!Axp6$u{ZURs{Fs6As{lCer)5xIt9+pT zC-6L=t_=IpPet5#QDG?dyB_Vlzmk+TzqaEVoErW^PXx4c;4VSF?w*>yOg$nNwkHn9 zBCl;Wb&m~HQ2j$s)FN%oAxnf8BU~R_v-#ufEZMhQyLEhy#Pkyh0Icrch5N%#&IkUP z5ciyj*khy>rF|(ix{kCt#TKLo4y7l=^mgm~%#-@%3ZJd?T8>k2-UnE9avxot{TU_6 zs?G9;2YfNr58m?)bbmH!a)bA5SCpp4F%3G!rm0`Whj3ua%R0(z#B#_yaW!j*#`C_K z7PFM_RkiJ3Z{hEro58~-4xYbN4&Mc|%Sic7Wmw47_FtHe4ehVG+*&_AowtW?exkSo zWeu$MO@qr?%_k&urD~C!hgff{sn;4Uw$M*G)$uL#UEPCdJE@1;{vDv4$ieg5E4e03 zT$L_Lyl#$H)_1C@shjgnX83*d@4Y!5jK9#n_b%7US3uyH_KHAg`hMqK zDKB|9({03`h6sGa%ubGZ8VlFl-gTkwTjoQw>q|9n;Y}u|ggL+BZh=u+H}U%KevlvJ z*S2fte%*NwyZYwIpB#HTfV1!_US w(e0cv?$ckdOLYJpB6(S7fqV|5xa&3iAs(J zU=eboHi3(A?|$gh?~Zzfdw2VWIYr!IH2A?C9;UWVxU97**7&ocy|z2j_Qy2=16t_} zt5W)VMfgJ;{&VY1B%v_WaGe^frdk)$GDQp*xZ)Qg$9cKOh=Tp7sj50n{3>P99g@r6LNZDV%xyvioTH5m>aYQfLPa5X$#C&D)U zHd^r z(6p;Bqq)T|lCL?eK40T^V7L8KuETaFY)HvB@$tJmt4*1E$2WsN4K^qtMvBjL!g7d4 zXea#bPX9(r|2&If|NF~xnSyyK&7`GPd2juthIsw^)d}tUPctI@_%B~yWm=Cvq9f(Q zSl06d(0G*w=h{`5l{v>%#ILT@`ZM$AKxyFDT3=XcxgArB-}uEo*>{As+TIFVowdf9 zJ2l|My}8YKYOFI@+KBgk;>L8-%?`%Mf3J2Dv_JRIV8--89ZcidY(HqVMpT36srWZ& zuW13t8a-;O=6GN%-?E8gkv&>`NzTzM2h32LV0;6r$l$C`e_36wMR2j$cX6R>4KLse zA=i!t?sUuM$3*F6oSg`l{ZYnp+#w>4YRfX!uL|lMG@#A3OgjYVF)5cSmX00TPDK*P z+B7w+vLV7T-#s!4LMWP(zNHlt@|*x4k8Jx&E6&yM;8Ga@zBTFo@uoaoPD6B7j%MB|e;a#drG2+A_PC3ae={B<&5 zk}u@)Z@1Nom6@d(b7#bH?WX$I{c*cVz-d0nzG*>D`n={BWVu}U3Z^`sByzkl{Q860 zkJLQ{m2dHMmbYl`YBQOZSfy7d#5pYr>_EaX*|xGFcRHXKh_qj2R3x)x^g-^ke23k% zMqM%@uU&f{vX0^u6hCbRP30~wM>v9U{o7F|eqIe4jn9LhR@9y}A3Q3<%k*Db zJX}n-51${4w_$Cl2U(V)w}PFSlQ6el&8|{6DDledKY79B4sq#4*BV&!RxH1sr<_Bb zzx9({OC+!wl${gQ9)Tnwk!QY$4m|ftkdJd_T?dc$FXSo)a^vv2ZD4?w5_F$J-#&N3(xCDAh@4y)aTqu3iK=#G zkQs!)&l{>C_KWeqBVtzpV+LV2^TM+Xygq_-;)DZ_f1}%ho zf-=Gnj`PM4lC1(#7O1_34DJTTn#0|W*4xapoQ-v0;EL7GQT_pAjgUYTfK>3MEBvIp_qO}PMXEgSa zME5qL_pMiK6FLe_GX}lNGW`aWq0U)QUYr9gsB5^w+IzbFivZ_411JL%JE^BLbZi$(>Kz`2&P)HB?{#M}jQ?6cxjjIkL$?WEMBg9M{p+z=AAW z%5d}El6NDxQTH78ETz70=Zg$qmco#t*Ewh`#9ou8(of9ON@2_|rI`_Je`8f6H^*Ov zB}+p#-Qi)w?mv1x|GjE+`TDRx`0f*}lMM9o8+fN;A41uyoV|xpC!+Qji0nl#-T>jC zdOe`_2&qM>(jpGjN-Y1b;7j-^rzyImE-0(HXvOh8=C8}>`UWa+cq#jywjV$XN>Aus zcRe1*AXI$APM!s6UVQn%bE`=snag2w9`)|FhiF2N0n@y~ut6ncOVR?|fIHw%?O}3+ z)h$X27_#vDqX{IwwRz~e8AKRw=;F*LPPn^}Em=eNaakGUa*Od0^{$)KYom-6$s~Zs zH39%#xs%h$zWBx|%6GoAdA^Y6T%p_N(aa?*P?opRoa%}K4vtx_&CK@|Wfh-vDj-GGkC z3)=gE^$&}Pj@eb#a2W0o!8(e$cMqijJ!zh8kFrH?y-MS?Qgn4va00!sc!3dXn`$>? zo=1=bd=qn6(9%npCtf${c)On z&X!8F>ow515jM~TsGxJm@ueGM0bcvQAh>>OUf(f&<#NR6IrWTp&_vl_j?@r5vcJGP z)7SH%dkSfKQ@2+Au!W0z*@0Ngt9-hvXKQ}ABE_6>bg*jFB-Fa3+jx^N0%F)nIqZ_5I?-aiU?om5lFQ=Hw9DX1=nk{2@e~glAh}hQxlB zP>>Yp?ju^v(9#KFFSt7JM=~dXZAsZU$8L71-sJT{^wg;K1OB$H zdiM4DH1A7|ApmgNK3fJj$a-TYOr!$EaTM^#{!rlZNe-U~4;kYd@cGC}av?gh!Dp2IUC$Kz-S{;er(mly?C=Gb> zTvdYchGx%7L&K22b-<^i%O?ZP9G(NUwsjJQA+@q^%tZ4HF94@%roTTrR*LyY_=u*8?A_GyZ`+Sr9e~FprfN}x$V`RWQzfRzx_u8_?W;e zjG4q9MgHM6FJ608aIN%K+KX0Qt|z4Ih=lf27K43zZpsyhvEEW8W9uNRy7>b410z3r zfmeV-pb64E6e1a7OiE<}z>nrQF)>ZqBmRGU*1Lm=GBQ-UXKye44~KhX`t$*=Og&w& zTV-e49yj?g9t|tAzdr?wONQh9wYTj#*+#G0w;rAGKbgKN*|vP6=PO67GWJ@33qlp5 z5_JfkZ{YnH7yofpVwy5T-u7sgA9b^KxcCb!n|yh6tib@1;*U#G5%NNt0C16GeSUBo zZbj-U_x*gxbgF}BrDdMUZ|B*7*yT4%Zje0pz?k}6Kk+OCbz(F*qhQ&i%~SOf-hix# za6sdwkzZCNuoD$B$%(xdh}P_=Ige)WECfEl$!I7$Sf-2#`uqC+t%skrX)tByhHgy) z^#N2C7MVIwOQD`+*9x*yagqQj3R~$s!W(>!`{>|W4sGI^rvK50dAYnW59EV*3byqM zY+-sjb_@;$*AX?dqz-`?{bp=(;>OE?z$s)mCH;3z%bL|b~`5!Nzh{m7iVwwqw8)w1gebcGg5lS7M_3yc= zcCF4Qu`;GcQ~6t*s?%+S6*wX>L-sgr;ovo8N;mO?Wc1BKy7-9QmkFu?_p}CN(mCve zv5nSH(bmfJbqajw%BbGaSem+`Va0q1wy*PL*vDRK?xWy+RV-(w=L@K6h|tBYIy79Oc}EN-Mb+jvioNf30sykUsWZ)V@OJz~A+ zA00iZLb8b&PgMwDuTo3;>7ERZ@;YDfSB!QP!;}RkCkwUb4raX`#eA0*iHb9A9e-#> zvPVY=)y~*mq_~-MTB&#NQZyjkdc#ojctf^8jNqc_?TxOPS|2q|% z;XDaph}UT(rTbtH1V!m57x@46QSi}ra-`o)Vl^fW@j)f~&V%TDS%oY1}64n%IqS1S277TLw4QUwp=wKpc^4~c`l?J63rg0W$w zOa<=?@hgyE@#})udj`e0;Par#a0wT|TRvTZ-RV6R1le1c zZnNW&*dS-hG_bm5R#>`q_|{m=5(|= zkm|k$s{6t(1Esu=*sa;>Z(uQ+sl6riDBUymg=JyPQwY-kaxk$zveO6Oz_<^iagmTm z$As*RL8&88=JvQEd}>hvaphETRmg@y(GbHOtREic&7 zY6`DwN0&!UoYi>z^If^zs`&sSt+uwdOo3}*;x)q=-hi){NWPoc(RQM(&HO>t2nz-} zQOHlpuJv?5k#1(mnN@Nt0ZALc00aoMN<7sMP7R9-5g*9(&b1j@>C;9#_|VecpzvMe z^&C&MMT>Uir@6*=UhWe?+h--_fO(ytiyZ2E(@V75Hbqt!yl&I?A54z6V{0bcCv}9t z>yi=ct~b(Le3q0KiVDLBLH)kk`}qYZ{7tt^U$Gyw_Vu%FhHHv3@gGU;*$F)Kt6RJV z>qG1N{F8HCX9K|pawaUp+J{UE$61BT(GCLUGi;^wlh5#Tj4NpWkS3I;9 zMAQ9}6NXy)PDx`z3NAf7t!^5I_mHftOV}&6*WM~4C9)tFqj*H&v~d%)y!x3m~xP?#1LwGD{R2R5P6H36T#R zJtACF&77)Cb>fN0i$~Jn`V{55Z|SuoK#=gw5=S165^r_zh-n%=!IYJ8~F&ePhzZ|Fa8-exC`EkYMlp8YPap}1uZY`=6VY|CVA%~mB)OhN)X zvtIdFgy7z0BWu96c@OlrVm7ib@X89 zBCp!N_S^nTA%R=-xBnr3{RHT}^-N)!DQA9E06m8Err26c7R^EsuAM~=p@U`gL%o#- zs(}-gXDAWp6GFCHPp|xq>84PwkA9DYb zGJlp_dD=sT{_bn8XB&~3df+=%O2f2?QLJaIByYDEUw)QQU)BJTL9__-zC?Do-8vGA60 zr&`*15|bV>ze~I=HX+mr8l?1&$uvoQ^cx8^q>tzXg-t`F)hJL2t7Dc?U6l!mkHCb);3HffmBnXD9s5 zJ8)xRh3_}=(ggDyxgX8{KA`;XfA=QN2ZkrOtKBW2Q^60faydjv#(aKn^$Je{sxJg4 zLLyWiO;Y9^u>PzKI7r3CEa|k#>(hZ5*&7aNAkNq*?toA0n?S9W!T}htv@u|70751#MpF>HRL6JNFn`_4@Es_;vT0 zIlwOWFzn?Xed_N0(Z&=o9PfS&k-xLWXb2x$w4d+fWf0)vZTI*LKk2qh?79d`vGn6= z9H&Dw$z0Fc!y|WUnV!eodwJu9fbqX9S;p+&WgvWWp}Sk2Q$%Ad7WGDDO+V|(Tcb-1@qq`ALK zy8?cFzh(7fU7XU(=3%KD`U((_7ZTi>cPjU9rsjVm9}yHSS|7p5O8Y~f2U4GTq{TGV zKKR9X+Z!kM30dZS$)>{$%!`weIndomSy<$O6tEXyiV_?Fh7%Ov$eOJSizDk(aD?oT zUo8V$*WC$Kj%Y$kW@DILz|Gn+*Kd$@IrrS<2BkScTu2*M5)9ji2dXQguO~akil!v+ zjE({(5gxeN`>!IZ-Lua7@0_g=LEYZE$4y}j?5Eum%VrN1RP%e~Hy^m87 znCCdtqgbWAKXTAu#ilHj>M0!gCM*lDBr2JxK1xwFiezS0SR!uyAi;wcN20ST+kGmzeCFcP zR?|He>$$%V1D$N9T+P=1(7wGozqPMWH_*Y9yFB{FE}J%2suF(u2YG-M`6Xa5k}lfJ*5uxYY_nf>?Wg0DbK5%FXbm9^MXrLYkCum3p93g4_BB_jJ{=L!Jk&F6s5OfUrO`_I zkO$zzvP1Ln_})w4t7&@c(psJCzK37*W+Cyeow|R-#_4#J8jvFngMsA#LC{cF{i~bv zQz6(ef0+O8!W?crXEl$=k=1KTSpei`>gOH5^nUKxb$NLP$nUea1FpDmMO#k5prVi_ zN)`LLPgFey-whh575=Gt2(0peRSA^18M^xwwf0uWYq;xOta(&F4Cz;E1@svN$JCM6 z3=~>)qw{a_&;A3A;Gc(B{uEpV(b?Gkwe=!pWs&_nr=L`O4lutYQ%feR#uVe8I8Heaq^7(VN{ltOB7qdv8k; zuH;WnwpxQ`Q{$71J8r`f?S;p4`mhx~t1o*I-}Yk&n|4hW3Y0m<~6Pe1RYxPZ4%c1_7O-0L&2mTgXi{NHZskbLOboVVu4WnZ?P+-MtF_FlKc@y89fCwm9U9TCFo&KKsQx#!3#l`rn-b$E(t6tJE^EBZJ)%7IL z1na1_WRqT%oMD7$Y<}>5H4?Q`8aW^AX0B5KHk|fa?;QBpW5YX>l1w#kLee#I7-3du z=_%E$>F#4>5209k9*j+jnULof15WH9>v|`X)8a-nhD|oc#bPQt$mTo*C^i~T-AGX! z?WXRqdv0Djp}X!nLtsf$wFO|0m7f-G)mJ1vGXyt_1|mG~!Ivt`ZeTV-6zR!-== z6-jyMTHs5wc=^RE{a$3lcaEp-F*sib(g0y_J0srAF*PF_PL_$}@y##4{25Ho8?Rp3 z)`U*Sq^`7(aaUuUp^qgS+CH>*LU$=LB(I87x>*S^(2%1|!->BNqm!APwiQd=L+Dec zu@9Tc$@Pq4d0tT{`KY05BK`0F#TcG z{e))^Q&?HhubTxUopCM|<#Wt1=`!?f68@+ciz z&aYgAfm6O#EKxSg{A=;isF{r5bR(C7vwaKU)&1c^oF!M4Yx)gpjJh)#@`$V8_C-Te z^6nINFf?GSJjEI<}vo&YM?`5NX`cJc|=qXkt|nG0yl)q_Daw)*M(_m*?J z87FGwR2?cm+vjxGPk03c99ykLKvU|InIwcZn_U?yKCsfo%ef!qMAYK)%0t~XCYGMe zb_f?4_g%>=^{rD^qq=M!2kD&*s9&8tnsV>XkaxASI5QvE`Q^3xqcMDm@={3^Ut>?N*KeF9V3FslMI~k7)*Ok0klsg1DAYRW z*YMX=^flc?GPOmV$Dl4COCBxffMiGpYWb-K;6F-} zcH|z6K$kgwv$4f}vKcAP!F3YF=j7h}#4!kgB!!3hv?W)zt%#NZlzSL$hjDFI#AhVpv1glLd{fWMA)jxi`IiV$no?vSp zat?tMZ+N>z@^nZ=a)%^=ukuc0=**mq|MJPa?DW%Uvc<3c>(|#>d^MYh(1oMjnGW|+aYs>^LTJine$nvB=)TSA635C|(W|OA1o`tLzjVYE^_<5%5pI3= zU$*{lO^|>6@hi1JOVg9D$8#C+g?bgdX>7MPwSj&4N4kQe%kW`M8`!xNxqA$pRBo^> z%Z4wtbon6IRLiZ~M(d`kazh?~bV_{dyZdwl6U3R#U_RYh4HLzoPQK7KMH)hSu|ai3?pmfiHw9hD%aI*=}4k4|^UGH#j-RCU61&TQGG7Ejpf z-#~WXMvr#G>pYH+ZTPdz?>8kCbht&7kS~-Uljz?`3NqmT1?xg7`RGrdx>#B`7?t3jhzJHgL$ z)`b<>C!Rh_3Vr4Sh^g?zu+Agtq&#ewaB*=E!m^IWEpYWNPD;B+4(n zwT_3w(v3A?J3^U@~xg^UU}D_}7<*ntV^xS{Oe-?$4~7I2M>|HJ{7p%>~h% zl|T8Tl2<$TLknsmo+$o&O!jc`0QZ^x<)Ht-8!m9EP3W$4n^?n)42K29Ef-&Rk~2BY zYR!2yWrwo@Q$%70JjXD(YEEh*FC81XwuK!X z&yf@tAj6ZvbWW$lU9q)U1zs7Gxo!O+z7u>$wo?JM*y@B>lR2uz^IrecQkyJL1zWmx zwD3V-i+%C;sO}dgo`sJ!HOt8`ZvR{cA$`Ws7&o<+0u$s{7qPNrtnlHY6`R3QvL$Hu z3TK|H63TbWAx@EE;QZ~AwFy1O%dSG+!UOu|?nYI#^aV`1F&htwsryf(%JVL48y|+O ztmaFUnR%A@(SXH+oD2#r#K5;K)mkPiCzt4|CWI|*-;1DN7{d-J&QdaTzJ1wx2wN#E zTon2qZc@^<7tXF-QCl`kQvLQ0KNwoEa+0%s+_jFc6B9f^E~|X(5x5(^LArTJdXOn|POx6$-zq8|jY^I)d>ml;enChhibty@pE^HzNry;N;1N z19DTxePhnC5F3^6KJ%-dLBTVmTTRCM6xe6#xL+jo#pEv?aI)ga7RPSQa6t(2nSCl# zsP&6yw+r>)6%G9%dhCp&d+FvcOVu;+%@x<*TO%EDOo^&>Un+!8!XFh7)KnVp$kFXtlu1mxIgyD z;vt7exmd@Zg(Ek#pGEqGZz@iQbsnJvURXLpmD2-+l)bF`ETO{w@+(}|?4)kb4Ro8w z@Pf8p$PE_aMY2&jQ}oGCz+qYHs`p#n(86cue zRsIwn49iyW0ZktILT?e|o=o^r4uzMLOAQ;d!M5cI8lCU%Q@x`oKEim}XFHOtQMQi^ zK~8;T57k`S%;ugJh47Q3)IqhEMK_P4S~j!g_e9V}L768h7SYMvZuA?P^p4ZwUBnaR zXmgvk!&tq}cZ2M*KE%=Hva)t zc?T9UO|nqAj!}Lb&vF<%>3O!~*;AwZoJtLlj)V^{%_u$FOUQrMgUq)o@4X1y{iQCY z@>dXY@74Kdn5QaNiYFiiql7$LziWHE9j8+_Z) ztu{UC2iqOuL-eKhLcdVSZuM|0@Yt^*G93KNOhX+TL7eE|h0j4-`+J-oLEj&pO3p*} z93;2;kZL#IFl=$`1(A51%WGE z{}{X*z~BY4-L2yMm#KVuR%vg`l@UZr=hLlB3luxPR}R;nKUGo^4Bl^h5m;f25n|%B zMfuMNE<2Q4*N--oKwZBJTrFH=_?IvF&;9@D#=V5>yxhU|>wi7}#}y}}t;m=+*)DVv z1yAkPvq&?qcgdKRfl7{rPR=BDoc?ItLv^Y(5=vi4R4NLUSv0m!xA%AqFsd-ha5Zeb z~l z>txyO$w3jMU%A22(+Y0K7k~Tt7r>e%)U)R?QeRRp{GWP;xR^`w7}z;I{g3>_53Kx{a!2Uzhb@;;4fXiRm|5GKwK+u9xE^s zz6+%U%lPAGgsp@`{s(5YNcHU}+R+R-SBKq7#h*)E(SrkNGNpDCWvqX1*#6b_ef~i8 z@VZWAT=K@^^1c4uDjLN9r&)TtXZU#|Y?o8cB^3ZfzoTbkmnvaalQ-HefxNQ?#3-hY z7fHp2g~lkwF~0<%|A9rE5d0kjyyJ3r;#6?YJo_|C)nl%8ocJ^NbH$1)vLeg8>w5(K z;MR1lAtK=4?diWgpo&6!IV553i$-LfWYD)zDx*nZOR=#GS?5oRn{+!u2HBZ`L+8#v zRQvoSSIc1}M>D^w*v;-e{YG|i&5N!Nm*!dJd4X~36|YjAA&ei5j^;laMAf_25=04q z>j)$~ew)KIs^pK)^mB3;Oiv=U*1+oArlrAbiGq3$gRDOq{4N%@_!Hd6v)Vq8_MoRn zHbX{r9`kb>u%7_CnG@s?Q#h_XJ@-iOM_A6~jp^FLS#hI<*QY1s{oLv)D)ZarCBI6wJz?J_u+BqI+tO4+0-OB){!ydErONqEacA zuO2ivRs$2bmgzn8V6c$)X9vL8Htx;Cw{ZUW=m)ETvaL1bz@BWp)e%O`Bo7c56lYnp zy>V||O`al3^Z%Cn;n{phN2y_9+*NtE)MBI3WP2#(V101R0A%$r@(oz?FSqV5kBRx- z=ZAo&?Ja3ypP>5u>mOse+VOQ_Ew~1>o9j{?yN1Cra}1wKxZ!sLdWO*n+;6@$uq6_& z@$Ta7X7R=ebNuHp#v1J>Z1=5SFGgHa&FO+;C@MGR`G5n$WCeh&tXk==`^=pOSRQq!5!$=%dvygjxcb1gs@yJht&07O__2|37Cex$%evo3y-#mU;yU# z&!n7V;BH9eLQATGu&(EUN1AqxQyQ-%l@k54Q0vGzLc~Q z9dQAJa;{fIyVVX3{CLkg_%li5(a@qv$6?al-C+%!-|5l(sXRax>DGtSxb0R2W$IJV zK|&h9=t+D9sP+EsEfCtY_3X^K59FyEA^jirAdP*38L9LVt;0Oo9_Yx9t|& z)2LDp_3=GZA+Bao=VS{%9OuAoUhz5jwTdl6*ZWLzm6}w_yX;*yno-5H>6Yj0Z%I8?p!a;}2Y@K>MB@xF?OjAI3Qweh}|azpiQLVD>h8x4uw zw-uo)B}B*R8hfqsPxUjw=HIa#&H;2IKFUTu$`is?nv^ti6=a1Kx}j#wZ=-22O9^?r z-N{6HjZP!(Bkoq1R)4o6b6dVP#ClES8?X5SH;D!+ zFqxE%Zf`=uLEZuJFi<5A{6JyGQzLh|68jimlFC--1e-t^BfqR6y+)ehFZ(`a*0M`i zc5J_ZQ}3gb5eF>3OdrchhU*{VKE~wYQ(7+g>KgfoIVv%>*tB?6dh1~ciKnK>{D#{@ z{$~_mss=t{B~6IH+26zOf@<{eP(9f-lnMCtQXyc|qbH6V=a@dk6(XpgCfzl+zH3>Y zZ?qebgUHp*ZzcDC*gqx`oEML>RM+eEyrS`9hi>nMSMMV0^vf;gi+v3ISL2lMRZPC_ zn5m{E-dfA~wq3Kl<*70=nIPUYIoISiA%`Pnk(Eq;bg#|dYhMdM`}VL5$LB-(NOlz< zs{kI6C^#PFsu%m2ss$q1zE#t&OUBO*(h6lhXD9CT@MgdX?MlnnPnbnvd{!V+fD2{B zVLi)V|HPDFT!0I})guQC4OEh@{83VW%%CvyT*FrHC=ztc&*lIRVB2@Gu^dr#vN_K2 zJzbT6R%5N;4zbO$sj3z_3u}Ai1E2@D5%d)XFxhH-`zS(}3WFRv6Mywfpi?gYbg?v~ zvZ&aIwAUjpMN71#j8a@cM#YN>8jRJpFHjlZSdI8Nl>FRY-diZZO_pb1(2X7?XjgIz zceq!6N9{&0zomj)bzsxplN-ulmnAY-n|IAq&U*Ghkc#p)qS~X|Elh;&lTo$y7f927f3F|! z=t0Fn{c%;iaOCj`0cv2hMN_GP@U`x>QS)yKX11h9L5%8p3pY@T`wL+}J2)!6Re6J{rgK87I7QOf#RHitNXW|wK47u0!Wx!9z2B-+iXf|)V{!=(|G?D5JoY^ zg0kNOs_;hiuUis(!13md!bw)X6Gp|2$98^WdJ3Ax#*g33RoZks(?pC9d^^W25CR=t zfB5Y7N@lz{Pvzexi5_zUxv{(BrPp-`v+%~d06oA~aw~u{v-TyDM|y8_LI!#`2HT1s zrW4x@dtLD6E}E%jdTxx4?J~>{FUNKka>KAk^*pe<=}#5-Noj zErcX%7?dbUVhqEWWXnzr*+vmcSz097_hrn;GM2GS5-R&T7(=oQhOv&Z&G>ztbDnda z^ZWJa{NMdw9B+J?xxe@Jxv%?LKG%KUH?7OmJ*=!xp#rxH$@86gIz(^}ZqBtzj_Q`8 zYCSmawVLQX9&4A92|@?z>GE~wc_lMO%mI8jSo1jrFv`IPbjrcU)0*^SCTqo z@c3xyC~xWvaDJ!U)0Pr0@Y7c}GJ67I#}N@6pWuLw^OD>_fCo4MSL>+?ij~j1*ESk9 z+JQCn%Vq@RJ{T1S%IzH$fC(b4 zSzuW}!+b{-5819?g3Us0s~cLKT;f-|QI9olD6VDz*3dElF;kMfhw2(Ro%#m%j^V2d zz?k?0Bw6CCmO>5<;MTW33^x02c<8P8MK4V{1l**rkD`J$S6iv*VmwpjPPD4wq^R@x z(Tc}C!=Z(17w&4RZC1_)d9d~c?b%<*C!boPm!x<~E220_!UrU#Ej5Zf!qu_3y3y!~ z7r(6CN;gAIh`_35H>h5C9aQpRRr5l@BYxxlJnas5Pmui{sVHmxLP=3e#%-ygUm==N zOh6k`?Y?9n0mZNUM9IluOs#3)T`jAEFaT`+}Er}srUK(LYidAE6 zm=SB6SRheJ+f|`qLAVc|b>S&4-jHLTN(x|l6CavOAh9mgl@?B@J!}%&)uDvlhkb9L z{~qm)a2!oH%37Z;(#vH{G$#}+z6fLh3gN|W5}M^4_C46EVyXm=#89BYp%8O#YpB8) z@~P2#+$HwnF4@JWdwCtRlPy#E+cD9pJy-63VJG@y@cW&Q^aXmXX8)`Qv|sDUs?Ya> zxs)+=xKxyDg&>PP4Xl*dkW|6?W+42IO-bZ zWZN>AG@E@xb#;{2S7oY_2;AuC=)#4$V(kUI$wEdTJT!-rD^E zasqQj80&YOn{|=nJR+W3X(HJ$_+@raP;OW1cL_12K_&iv$bMMzs`Za|`R@ABT4sCU zdWDeSooIMXKFj^%ItZD(R7-T?>5ZRKr~LBghC1h8MSj+hfVXzDe$0FobkmT10q9|1 ziSj|decFug*caU7069DlFCgvWPyv0W^MI$?{ck3*P1R_GAjhHsAgapx1ydz_s6MCk zb)5XUf?sIp!8padNQjs!y}q;3OmSfS@XxYM;%t`m=#JnhgE~>Hd5_l)|DKH#*@t^C z^xE>#G*Tu#T05CJcav0o`P%HEThz}9MhADtB5>o#md5l%EG=8qD>Kzx%1ra*OsQ(* zM%ek)M2CgD+-y_*B!B)1W&OI7eE#OESNm2PE^Nf6TIY0EQ)I6-=npL#rrci7@|^*& zZ|_TOD=?zZ4=3K_P$bLr%`5%VqykF-{`;!~ta{Fu7%Q+>nilyuO^E(VN`vG^A8T`S$ zv*9yEAdJ}8hc)kguUZrgg|F5Lz~iU-yScdrmSUM}>lxI(?$@vVn`Xor$hsqRwcqpypFYsZG6 z-%!|U=;W&A@UwBk`%JO56KjAWbxZdr@@WsJ64M7X@ES_8tQg#V$nSh5?S*Lwa-yZ{ zB&<{X@^Qd}0z&QgD(0ph&TYIGEQDF9Nr0MA4zCQCWEy0r@vlNdke>*bQtNkkHtyR5 zuVn3jXrdKhQB=Jw>Py5iSd;|Wb(UQTVx5q4_Zhx2yP-vYHs{h)sLonVC=@Ps$4k^+ zFao%(#4zKrYgEo-16YUn$DT(O9AYH@PZFK8gC@0mD}mKbl@Od;BR^EgCOqZv^ayzM zriIPB%sGicxp9J4rOtU3d~NOp3m+^WH;6b6^Jv$!gMC?VWM|W1`a+p7b=P#B0Vxif z;z+S!$!D|=0V;Z*O>;>arw}<(0j&D9A^UYW<1fdFz0CgkEbOxs ziFf0t3*0-OK3A1p*`TMMhjZ+yx)puPxniaS0Uf0rZBtRB3no-eiFW2{t;eBD`7VcPWrwLd`P`5zbRO0STs^}#r3LOEQudvT8?^BeeQV^_#(F5V z8)v(&X$gS~?mLi{+A4kg>gHlglH5jF+bjz-QTV$(W36(bRjTwhzPq>ujKy#V%+85V z+ExFtBCs2Ns+$|W&=q8swT;+Xyld_9#G>K)EVcGS*2xxGfFk}SD|Oh`EXo-^$6Smw zQP2jdW?PjLTca<~Rxz{gYXfsH#Juc!1^N7!DKcL-BkoQp&gQ>p_&?sTEr*$53}7*H zt$qgxUI)d_-O+cj3glq_N!V2U{(Yps1ZpXA?nA>1n?ojZKt;u{OCmd`_D0)Xol zV}VCXL+fien0Q@0Uiq^WT zzJnO!9_F>3nF(kI$7a;@yR4bTs|Iu&b1KwQ;Hks3qX4^O<$S%|gRaXQ05^0c<+(Ye zeYu>U(9ex+aGcv3*!meZY!jyd0+iR&CB_lS zDClVAz>UxF7aM}VS!L00E6-meu9-)6XLyw9xK<_R>_2nE?2oemzU*z^uscM}LBI|5 zQTJ&J$p^cyXmlx4Wy#rOr1e31bwG6^^u+a*czvE6>MA(Z=b~%lcaLhs>>w#SBlTt( z$`2GDX5Z{&%famI9l~^@0v|!7zv2^9p>Y+fSU88B;pc`9_;m&2g&~7rf#5QIO%t zQ!aJsgb4^_WQfGPOA-cYRJux1kP+J)!2jz7k~6}$9N zH9rtQkcGV+SpPL@&K1wP~uy8wce{~e4$_^({iNCA{1|G!Xne<|3tg9FL5%xIJ!7|`D(ioL&{G>n}`QmhV z3Wgd5J`|7AEJa>062B5Wx;9VX-ofC{UXzA_avLO=NKNdQo`)M4`!p!K!-t|)RibAR zreUoe0@EdnUFwuJ5LjqfqQo4PB5@o0$GFP(m%p1Gqz63ZDt+hGxl)r7kra^zAGlP= zI%#i_E8LtGHk;Q&Ei{^M6~>Ag@(4St&%7ghz1jrK%6_T^$+w)jw$mh&M^|DHal!C2 zT7fYpeymK9J!xQN*1@3#-MwOACXaKk0XYVf{2nbhFB_kzT7nb4{i` z1#e(#Ya6*-vN#cGn9#Xmw?vdYEBKv0`;6G3$rZS34QoyxC!jj0Aj$FW5op7-{ojpp zG*zr7Dk1G{J8|Y_^PvazXAdad{!l;5(XT7WH2qpRY#p2=(5NC(38Q+)FJA4$`92e( z$Vdf6MHWqNdt0p;3Q0%nXx4JDo6dyzJN1sZXWnp4b z9I)J8K1mL91k52pEEbnd@I}@=-XbT`bmG@Dgwx53t68*Fda)V(v~K=Phnv?B{d)LO z>xyN9uba+*JGxB-Mt)U+*Q9a%bje@GWDzbKK3Q($+uUfT$9pyYl=|hq-z~be?^j<6 z^4M(no-JL7wL^;c+(JJn0`~Yx6};vf+)qRC0#{C`7H?ut@Dm@n#H*!UIbk?^qeeSE z!d((8pyoORUz&Poq&X5PZUz3Xnv6s(_rXH!T=Sv(IWIgAb+b1Wj6L%y z`FV$uvmXrD(71R?t)O@ien?ymvm-~jbB*$KbRu&;Xvx)@S6(+>1SYYg+q#;%AMgtn zkqRn=&JR3XBETS2*#LYYYmW2U+z?=1jnB6_;Jx-%#W)=SY}iW7ii9O2OcPn!^FfZd zIxfaGiOgKTW2ndD>_3cG(vyu3s^1-h544q+tOPkJXwzW}%hbf>9`i#{SqnEX}*Z--u##HP4zPIbq~4QmdAXN4+hQXJi2ehchK@r;RTNP zb7h~5q+*XA{fwB$SdWV_ZM9Dfv2KW{bgE=4Qx?SMtT{RW%b$O3^{m0B@hEN_VP*Cbbj9+Bp9=-e(YeWqJ@O8*{ z@|#3R-0y*&QE>NL_xAypRntT&%Ki9@F!l~`&gipK5!&H5W-GG0@t7lCk|9AJLux70mEMaR zeeS9e?kaXCm?|hS0Lnh!%Vh?4_dzRt-t>h|Ij=2s>gmB+nd`Wr^S6w4WF6${VEl6v zStlmU%vUDME=H@PYybyEQOLp_YZfm&eF!3MPcurUD421?%2!_4^e!0K#i0l)29;A! zd^iKy(GPgIi3eewQ+|f|m&A@1roh{-goO>cKl4A)5WuXejGASM)i4R5F_$Sq8NT4m z)UXRNFwa>3D}OVaO}f=_pr?`4k=zGAB1MJd&MlcWB819m)=D-lIf6zzc)##SR+GWzT79 zrbN}Nwsgss;!Yx9VDSqOlqP=V3HGxU*2qXCBh~p`mTsJlDZ<{LV+?TTIslirrFC7B zHOhmg$7EUcO9dQZdRlXoUP8=Zcy5q#N`csjxwS0#uSY6{g{Lj+>fv0f%x09 z5dWViAC=({A9m>BD?LMfalhb6j!}=n9CAp=DX<+76{+RjO zJEnYm^&>fR71DikHx<)4>~jtIN>}I$8r7Uu9M+7PHXsXpkB8=v=u*PT+-%4*^`Jd{ zrJvP(Qs|Aj`#MSiS8Nyk1o&A8laly4$M8!zKUukBP3Cyfaj)K*_=i(Dp1f%xhv!QD z0klX@xoK-w84Vx^u$)rysdzn!D7If~twCE_>(Y0QjxB#lnwvGu8(`XBGMMbZI@p^T zG9F-z%#afa61y9h5?P$EVYxt@5Qc_EqbMucKR1)nM!m?G!4HF*DaIql;@XgB$AnBf zS$8C{)vRg>2RJrdBy0e&K{?(tx7uoZMLUtJoaat!(<|~I&vK&7mWNY0*w@;jb=)2F zp@4wSEIr|MpOpsd_4_Y3e{QhDVCuLQ;hB7j^oh>HRB2Bc%4s)^%lJ#zO6F^1tMgjC zAzl4$Kxmn2*Ml#Q&`eRs`Kb1K5}jt`tftNwlUPs`cfdBL3TCH%*O98S%6hR5kEh&d z%-sSPx4AzJyx40QSx3SechaaN;_{y4=O8YsF5sgw%L?U5pkP>C6||+6{-!a)e%f-D zTUuPZmA*dQt|jbr6;XvY*WXaPeE(gSPH+<{c%{KSNovb0Xx~SDG7C9Ef2`5U?PQDb zeU|y0_c0aly)PR-Sd+G_f6uMD^2tot(Aa?cBJbJT#Z?UxRb?5ee?vemQQEQhqhT=L zri_d-=?RNpjbcrMY5|$F z!I@%SgWg%~Wjz=x&YHq1FZ;Hi4?>g2UVUGg9|>ov%>Lb=`YeTHu4kymbGKuCMZ%uMZTHmBi_jT^k^wE`Y!b(E^frOHFZkfVhFMEqD z_p5xe8yq6epdtqCYVoZR)OyY977+F(#G%=Bz5=zMO=j4xwiOWm8bKbkfn>{a&*r1< zZf%#K5(2fFDX%|^0;mv@Yg_rL-@|cLcKKtNh5{^943G!95CC!T0_*Q@&o3i+5ij{T za#0pEAD+_JPnRj9Z}duP^(N*4JITpqhtIS?K-2h^ok=sFm|v_db$vfJ8x)e-R%Jrc z39Wc%xap7t<{m3Z1LC`?b>fNGy}TRwcP@@#^|JicqTE&)vyu ze%%a>Ax;lQZq_0Ho}8C}cNaaW*!=Yp}06Z-&4lIP4oOwvq#Q zn7$kA9m?mdf*WZ@VNN)ERFx%ar26m{UJ+Q!2Q1u8We%@WYQAKrbZ2?S_vjYTMnb2= z)%9!+yQ4koqJFb^+3thrNc^uQL+F-dpnYfW;IlbrjM$k6xB$IMQr#SUX;ao`_eRQW z35DfBBU2~quGe~+I|tF~E14o4QYt=67kBO1_fhKnJ^gz^-Lj=aCp(%0T2<)1k^>}n zeDoV%-6s*0`-4^dWS0`g!$pCE>Fc24&??db?H;RjgK zlQ-U+>1$Y%0`~pxBk8D{ zCh28sL^Fm%$Sn-NsZS1Ri7RSRYIFqd6!mliHXkYehgAYT8y>=Uf={!Wip7Q$x}Hc7 zJMrLI6yW8pyPePISj{MWG=E<(HCX)Qipm>5fU9Ej<=Fw&RtJHo5&Zo!Hp4Hg2gpb& zTk??KV)*f!B4Ju|7%6~Ot|GfaO~%j>0pKwS7;#L3Zyxpu9~um5+?bhf=<1>5uB3c_ zifIslapqQ%F|t4`ql1AMbH^`%hQR0b)!hu|#oeCzUY%=wp51y3&yxDt(Vt1FeuY|T zY^Ix!ayO(cswdUxQoUfazEV|ekFEbE5`reWe=59K@_;!RXfyM(awIr1lkR_G8`y{RJ_NS{1<*L^dILfCVTjxDoQ5!o+^ zeGlo)_l=?A0sd2o{$Z4_QDbu5gn5nXM0Hwfl-bU7!6c}}YA8TV!U=yfT%N3p8nmP_8xwsz9ffiS7rSc?9WSKe(q>ty6`=uK zqrOrdKH!4ud>;*$ymQva;uYQVQ2x>@Qbg%aX$8hor-2IFWRW2;XDpkIi{wJ5;_iO#hAf1_QJ}+L@@%s1sN3x>z4YA%1*%BKOpjH)d1J0B_sgwiUfKz8+@f*nsh>)s?tb-p;+W$2D9!`9JlT0xw#0MAAAI_*wXnSM zKQx~{b)1+|i335h()36Y%8MNa5#w{i*eR~v&KjAFiIuVKHyWX0%^GfzW2t+Uq-6NO z6J6!#@AAWUUje?czQ6E|_f*RIlnOlziO5n1a~4*7jIdCtbW1}0q3*J7RYfk_krTHrn6rGD(W9*X_(WpLXR z?RkOasfI5Ri>ExKcTZ9`+7FKoQ#8>jL+lzZ2oiMs0(k)Wt@;m5P@%Q>=Q*2-Dc&)u(Q;ZJ*S*YC{bsnlYoKDz0FYEf3M@ndA&;t}7 z{ciwYLItY~d7+DE#kTY%1-|c!i#|T5PyrH%x&h@6)&rkZzudnlvm6)%zW23 z6@HcAohbrqJU5CoX;Q~6qubnd8}I1X#n*COxzH{CQk6||Z-_#Bm6~XabZ6C_B)i~ zp*5zDZgp#vnv#@J75)iveJpO^i*4n3b_gzqjUJ7wnHr@k)D8Pr**!0(FlMl^ao_!7 z1B8OM1;hDI`&kcoT?zA73RY68$H^g7vrB{g#Kx}8WMMkP<@&!S%G=k)wm$s3Px4{= ze9W7cQ;6ncr4zXJO5C8~k?V^MvgfP@6^M|1^v7Wepr6wYC3YJYvI|ErCy9kGhASS! zb3_cd<@-a!aB!Q&>=wG%PqWS{Z9=%J&VVb|80jqbHi2Q(sLzw%+C`hWa?4xyz0fcG z3_#+Prf|B~MB528Vmy$QGxq||U6Ew97Cu(5)nX5i#l?R*C(d0{OUd+ktZ&U0E$C9& zzFdFj>m}4fb5_eo?a-pA+=F*k@)A{-64C+MuID*^^c7QwncV)8 zg}f|)VD9;h9YMi34`@XkE5F@n1Li4P`T4>r{}^<+mK)?a2!wtY@ytF~yKhL_WjNP^hV~#+dcE&z661(~|G9Zqb(kQkw#?t{OMx z30%|Vd@1Ad=*y72wnx-8R4PZ9aKJ`EtP&#EfAGX%jf{qtD}q=YL|;nH-VH8x)x9@- z9Q4QA{+%pg?6NydRXe7*9@g`ypxfl~ZO3X$J_y;f=#MwR|a79+MCFW|AS2Y#ENqoAk*2r(UmKZDC)ks4v>vy0SczL$syWC zTG&n%-{s2^rX`nkkIKt6Lh?RJbat<|3c&p=wmeL)Ng%mnzd#$%=N|4Yl71cRxJ0Mj z^J--L#5C(ayw``a)Br8bsgzb%j&S7rrAwRrG&ngu(Bt@N?0x%V#bzCcQ--CR#HU2; z_jzJ92)zl>vRuBJPU4N~|30|CV$Wt9KY7jBA?`^x`M<{v{WC}HUsl&7AX_Gdl>dV) z1nn}wDEq9p!*h#0|Erq+^gj_Gr&Wa%Wc#mr{_<(B0FW-XviB49)bFYP>6|?2S-x}s zN#5iz(67CqoxT3QZR?IFTMTCp?!;e`%>KPmr_F$V4WHdn5&0JY{L=_WNdjRCYK_c) z(152vzs_##zDNIy1^wp%?*LL#J5?V2CrO^JK);?Q?U+{mHRk@**2ii%U~+M6t-qUC z0DlL!`ZdSa+0Q_~c#$k0*Z&eJ|N7v+p#3js0W|y*PDP$(%;{G@&2S?uqdc9{A;ep&^zKm(&PJ$ir zdYJh;E8q$3TJq^Y4`^!sSzFV+)IAcNI&;Yd-+o=&KQ-q==eAC<3IBj-ma8(q;3^+` z{K*DuwYS#}%S>`>L;P<_zl~RGXPcaZ0v;1(`951*Mg%;I|3L zQQ)m?X2}X=d$|W~Cn&e)&agzE|LFJ4YLP~4Fd7##miwK0eCX9y6Nprqn)gRFPuFLj z*1Lz6PO7Z5U09A&x&H4O@1KmIzkMK*!cr%kPUi~r;9%*#F!xPo_hh#pyYascVEVNo z0Y0M^Wp3RCB$xwgvCis5!OZW5Ne?(c$Itv$!ksOpU+9si;I?oQc?H-<&y}aAJ-mSm z8pZ3Ee)oP1U?5BiT`8&L01BXZ;=sQ#m+mwJHFW#!F!r|t+}ttsZuiB1W8Gx415FRR zV|9d5wL^W)C*WD1`fqHfyFeA^IfO)_OaQa2X#eb=Et+49>&NQ7Jn8u^T5lOShk&YX zT3Dz2rq_oufL`kh@yq4*0#4f(GtWM%{HBCqB2Z$iuW*#6{aD0bMd|%C$8X@JxaAJs zF)zmg@M6fy{~JI53tb|LK$pKM_DtLD1Rhv_NQ?jG?V?*iy3h8q87%~KdCKiqM`Hck zP#JE;UJ=iZc@IDS5H^qcg*1 zd0>DDHzD2)YZTR%s!OYv``w%*0dsPzG%mDQp6G$L%@Xoiyu4WN`@+3tHFOagXI>#! z*vW7jy|CD|vZ_eV$=i!z!UT&<=^>u;F++22yk|#5qp`WPhvmR%j9FM`{i)}_0_d}? z(~+!9=$e5`2;B`x#0Em9b8~KdIYVnxmhjTsK5^6Y8|aL-)auo*T)$bPJX@);XZX~8 zJhMmE4;L@~e<%@sA z_%GU!aSAv$YS9?%5jB`?q1$QQStv~)x0qU2ue$}4Uhj`1$id`EpB%diOJb!RqE|;z z88*YIvIQlD`avITi0G-fo)2EjVvDrRcX1}}Mt$BR5wFaPGNq3bdt_&bJOKX@&-95zaB`3Cn(8I zmn{N?rJ=L*H;`UC0g30O_`y^$#tDfI@r3t$zv#)I1=O9(06e9+H8p|l%M0Za0&8!< zFf!!%V=ZcJ-xskJU&i<0Z}js^m{#{F%Ob1GU6zg&`Ox}{=>xpMZM!0zE!Kp3o4WEL zwN;Lrs+$WM?nHl?=4f)MTm{1A0lZ=(B&o?)Sn5XHZ9SX|;nO}Pi>pO$p*Tuq)irJPHv;CS510q1P0NlUv}N3zEShh1iaZ54W?+ZriFz80o2896spY z9S(|>O{wpf4IJ>B2zI)A!n=#*P#1xieBJ&7!1CQ3Zgx66+nSF!pYCPt6y*T-B3@qX zzw&~lb0$fI@f9vFW4q^xf62l~SM+$i_?ftjMvW`+PMJ6TB1NhWx|v-5joj4)jLWZ$q_j0!QiGaC?p%xdeZY-%@?s8h%vk|}_olP4c3Fr`C!VJRUK<5zlU>yjzTch(Emir*?F(Eu zlS$;KHGz`ik~nHe`|P7try^Q1y*mrj8F`Io;+_vldAShr4Kyd`JsFKm>dCR73iW&|CS{lS>yaw(G-Th(_!TGOrvXs=tm`E7$z zZh=c_0i8|pNI#PpDqU5HSaO{nGb|+Biz-+p#R~Rid4Vnwm6tty#Qo%9V5X>c{!OQz z;OzyT8g1*q#3g`L?Ozv$9dCQG`C{KktT+COWtt&jDl#I@mMW-1bf!JmD!F)8sBb_O zIZx9Z54n;_Y|!6S@t!@Csm>^TM~MYk7JeK(rk7DpB?ErDWG0@z1NO4Qi<{N$?oDYU zKIT^jO8T023W58NN4g?0|L6f_GN&&2SynhfT+1 zroJt?65)eRgkpJ9C-c_ox97DX1j;&fu-Bu{V^^A6CvkU;_e`?jvMX?k3Z7nnJJYfP zj(ZQsilt7jw~D({7(e5z$2U$Ge2%*_*1ER?6(7&{o9+IN(-!V086u1+)67`H5DYjV zN4(X=a=AYvC4uU4$~HEuzE!We$iH;Wrk8JKdeKYO>^^3tQ7?!7nR}U(_NsiT6g|_( zJ80sFDMx(p_v=$c>&}t{`x-b1e1*1RSND`k`%ascNB|5k%VhDlpfWGs5u6u2M#gr~ zUM8T%zUW34Zh6cvXh}L?*71Yvc|lte99hyJ6C_DlPg?gcxsf}n61XI0VI%tI-QrJT z^$+wM3I-I3rdrpTI;UpID{>!!^FvmSEw=SGq4A`X4E|pE0qNSxl{G2#QsHzxV1@6i zoMV#*V$2N50a>~7`g4%gnaA%kTc7C8SmGPK)-@*Z70ixy59%HMr=dX}cSM=-4T^acl!@D zSF_%?Rx?F;mV-Qk2}e)CQrrwzYrWCB`LIT4BIq9~$h1|1P|ra8Lr0S`#(020+zI(; ztRc5lni2Zwc+RW1betVM$OEe;>`OnBX%SR7-zmk8(~so9=qcJN`A1*n^&eb3zF*H&19wMW3qk{2j2iVsN*vB3@vq?O>xlmcDQwhTixasTiAh z-?rxx%?H?Gu>A1iN8yUp_!~B>3-G{)AZ>yM(~rDwF@P6oS3u>jv{>vPrzXpKr-fLn z(}N*;(n&}#|5q=P!?IkHSyx0bD^} zwzbohh6O$cC(b!K$mDg&Ze6eOy%NpCY|+6JKJHBhi%lwNHd$Necne6GSnh!>r^Tu+ z#)z1q>oz^?t`v2)qRV8>SN4+qU3!?W8{*c3oa`&~`{evL>Mps@BMdqQUHVc>j<{Xb zN^|Y!18L`*W`!K_Z9Q{6084!nBsmVrUpC@tD)yy^jOQjFe6p-7Dy9v(H(NjcQ(dr+ zE)%{wm}(*+voId6%kZg*U=!x_=3QKky7)u9 zEY2JNVz~NX@ePS0*LM5GwTc(b0U-1Ha->JQifmg$a@?9_Td}3O^7&O&+S~@#goL9X z93;gY&gTmRyf5sy#a^$ldB)glg+lEEr1NRQqSH_K(#JxE_Y)#u(go76!cvD>=DHqBO)@zb&U z5pECLe5?tBoX#zjJo4%J%1=~_MXR=6YdU(?z!mQ8U(LK%xzr~IMd^7r+v1`Sk`F*geC_jT<&!6-=}6;RV662U*CTe+F4PQlE! zjvVRyD)eSr%hk=ge(vSEvwhy9s6r<~>!I{4wsCA^I2qFNOk7e>UgXE%$4TuxZ(pwg zKhhWDRoB_o@vBZViS^nwD`}0Hb)*-P)TG+{0FSyiQt?Qt5A+6py80V~jL9N*MwgW7 zp?-G0quOcu=t~0r7^M`hUro**(}fk_Nss)jz}nz$Q&LxaUf|1@y_TsXpXL+MgPle* zwiO{99qWm)u}(Frl#Y^KEcww!RmJ*C3%?lq3IZh(&YBkHhaE6if)Pw4`u~HU=MGYor?(GoV4Igu0odkad7}LK*_ut;4wwHD5^&kEpUk_6a za8xew^Jyi@Zw~Ug;PIvE(T`@dfu^3)f5`pU)$MpP&cl-~uO-}^S`YO7=q|y;?Hcz4 zcpm6ER z-G@M-Z-Uu=+u@unBBBjqyHHw!0SX~}UB-Vk`~Rp7eO5%rMcUu{2qw?HY7) zFEA%v`>}_N07qeO&$(?E1{D~VfgAgKUjn~vrgIe!{N*;m&T|-=yrRCAFmx?m-eVrA zlPt+{_LQ7I!WU*fCc4cu?PkAho;;_%_Stmsg&Qwf&ip2;gm@d`k*On-TJtUe|D1Q5 zIv>bB`3yu#IFrJ2W^|xvsc}=0C;miG#7rFg{2k4kC$<5pTJk%VVD63vc(Dkk(#}a@ z|4ZF_#!nuLN>gOpPO$83Lk1$8W0r3I~W{_?!dVjvb(nd;!+eL3zE&-&7lg2b?Vd2B)@#qS|A%=fJubbx!Q~ zO|>EcKrfh?*H3RhXHO0SQ>HVZoUz@?0~Uwc)=s{m8?L>LVBPvilz&AS$x Date: Mon, 19 Jan 2026 17:57:58 +0530 Subject: [PATCH 2/7] Migrate from CircleCI to GitHub Actions - Added GitHub Actions workflow for automated testing - Uses ubuntu-20.04 runner with Go 1.24 and Node.js 20 - Clones latest test scripts from main branch - Removed CircleCI configuration - Removed semgrep workflow - Maintains same test coverage with modern CI/CD platform --- .circleci/config.yml | 79 -------------------------------- .github/workflows/semgrep.yml | 25 ----------- .github/workflows/test.yml | 85 +++++++++++++++++++++++++++++++++++ 3 files changed, 85 insertions(+), 104 deletions(-) delete mode 100644 .circleci/config.yml delete mode 100644 .github/workflows/semgrep.yml create mode 100644 .github/workflows/test.yml diff --git a/.circleci/config.yml b/.circleci/config.yml deleted file mode 100644 index 0a598d9..0000000 --- a/.circleci/config.yml +++ /dev/null @@ -1,79 +0,0 @@ -# Common Logic -machine: &machine-cfg - image: ubuntu-2004:202107-02 - -defaults: &defaults - steps: - - attach_workspace: - at: ~/ - - run: - name: Prepare environment variables - command: | - cd $AUTH0_CFG - mv .env.example .env - sed -i 's|{DOMAIN}|'$auth0_domain'|g' .env - sed -i 's|{API_IDENTIFIER}|'$api_identifier'|g' .env - - run: - name: Background Server - command: cd $AUTH0_CFG && sh exec.sh - background: true - - run: - name: Wait until server is online - command: | - until $(curl --silent --head --output /dev/null --fail http://localhost:8080/api/public); do - sleep 5 - done - - run: - name: Prepare tests - command: | - cd test - echo "AUTH0_DOMAIN=$auth0_domain" >> .env - echo "API_IDENTIFIER=$api_identifier" >> .env - echo "AUTH0_CLIENT_ID_1=$client_id_scopes_none" >> .env - echo "AUTH0_CLIENT_SECRET_1=$client_secret_scopes_none" >> .env - echo "AUTH0_CLIENT_ID_2=$client_id_scopes_read" >> .env - echo "AUTH0_CLIENT_SECRET_2=$client_secret_scopes_read" >> .env - echo "AUTH0_CLIENT_ID_3=$client_id_scopes_write" >> .env - echo "AUTH0_CLIENT_SECRET_3=$client_secret_scopes_write" >> .env - echo "AUTH0_CLIENT_ID_4=$client_id_scopes_readwrite" >> .env - echo "AUTH0_CLIENT_SECRET_4=$client_secret_scopes_readwrite" >> .env - echo "API_URL=http://localhost:8080" >> .env - npm install - - run: - name: Execute automated tests - command: cd test && npm test - -# Jobs and Workflows -version: 2 -jobs: - checkout: - machine: - <<: *machine-cfg - steps: - - checkout - - run: - name: Clone test script - command: git clone -b v0.0.1 --depth 1 https://github.com/auth0-samples/api-quickstarts-tests test - - persist_to_workspace: - root: ~/ - paths: - - project - - test - 01-Authorization-RS256: - machine: - <<: *machine-cfg - environment: - AUTH0_CFG: 01-Authorization-RS256 - SAMPLE_PATH: 01-Authorization-RS256 - <<: *defaults - -workflows: - version: 2 - API-Tests: - jobs: - - checkout: - context: Quickstart API Tests - - 01-Authorization-RS256: - context: Quickstart API Tests - requires: - - checkout diff --git a/.github/workflows/semgrep.yml b/.github/workflows/semgrep.yml deleted file mode 100644 index 916745e..0000000 --- a/.github/workflows/semgrep.yml +++ /dev/null @@ -1,25 +0,0 @@ -name: Semgrep - -on: - pull_request: {} - - push: - branches: ["master", "main"] - - schedule: - - cron: '30 0 1,15 * *' - -jobs: - semgrep: - name: Scan - runs-on: ubuntu-latest - container: - image: returntocorp/semgrep - # Skip any PR created by dependabot to avoid permission issues - if: (github.actor != 'dependabot[bot]') - steps: - - uses: actions/checkout@v3 - - - run: semgrep ci - env: - SEMGREP_APP_TOKEN: ${{ secrets.SEMGREP_APP_TOKEN }} diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml new file mode 100644 index 0000000..e670619 --- /dev/null +++ b/.github/workflows/test.yml @@ -0,0 +1,85 @@ +name: API Tests + +on: + push: + branches: [master, main] + pull_request: + branches: [master, main] + +jobs: + test-01-authorization-rs256: + runs-on: ubuntu-20.04 + + env: + AUTH0_CFG: 01-Authorization-RS256 + SAMPLE_PATH: 01-Authorization-RS256 + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Set up Go + uses: actions/setup-go@v5 + with: + go-version: "1.24" + + - name: Set up Node.js + uses: actions/setup-node@v4 + with: + node-version: "20" + + - name: Clone test scripts + run: git clone --depth 1 https://github.com/auth0-samples/api-quickstarts-tests test + + - name: Prepare environment variables + env: + AUTH0_DOMAIN: ${{ secrets.AUTH0_DOMAIN }} + API_IDENTIFIER: ${{ secrets.API_IDENTIFIER }} + run: | + cd $AUTH0_CFG + mv .env.example .env + sed -i 's|{DOMAIN}|'$AUTH0_DOMAIN'|g' .env + sed -i 's|{API_IDENTIFIER}|'$API_IDENTIFIER'|g' .env + + - name: Install Go dependencies + run: cd $AUTH0_CFG && go mod download + + - name: Start server in background + run: cd $AUTH0_CFG && sh exec.sh & + + - name: Wait for server to be ready + run: | + until $(curl --silent --head --output /dev/null --fail http://localhost:8080/api/public); do + echo "Waiting for server to start..." + sleep 5 + done + + - name: Prepare test environment + env: + AUTH0_DOMAIN: ${{ secrets.AUTH0_DOMAIN }} + API_IDENTIFIER: ${{ secrets.API_IDENTIFIER }} + CLIENT_ID_SCOPES_NONE: ${{ secrets.CLIENT_ID_SCOPES_NONE }} + CLIENT_SECRET_SCOPES_NONE: ${{ secrets.CLIENT_SECRET_SCOPES_NONE }} + CLIENT_ID_SCOPES_READ: ${{ secrets.CLIENT_ID_SCOPES_READ }} + CLIENT_SECRET_SCOPES_READ: ${{ secrets.CLIENT_SECRET_SCOPES_READ }} + CLIENT_ID_SCOPES_WRITE: ${{ secrets.CLIENT_ID_SCOPES_WRITE }} + CLIENT_SECRET_SCOPES_WRITE: ${{ secrets.CLIENT_SECRET_SCOPES_WRITE }} + CLIENT_ID_SCOPES_READWRITE: ${{ secrets.CLIENT_ID_SCOPES_READWRITE }} + CLIENT_SECRET_SCOPES_READWRITE: ${{ secrets.CLIENT_SECRET_SCOPES_READWRITE }} + run: | + cd test + echo "AUTH0_DOMAIN=$AUTH0_DOMAIN" >> .env + echo "API_IDENTIFIER=$API_IDENTIFIER" >> .env + echo "AUTH0_CLIENT_ID_1=$CLIENT_ID_SCOPES_NONE" >> .env + echo "AUTH0_CLIENT_SECRET_1=$CLIENT_SECRET_SCOPES_NONE" >> .env + echo "AUTH0_CLIENT_ID_2=$CLIENT_ID_SCOPES_READ" >> .env + echo "AUTH0_CLIENT_SECRET_2=$CLIENT_SECRET_SCOPES_READ" >> .env + echo "AUTH0_CLIENT_ID_3=$CLIENT_ID_SCOPES_WRITE" >> .env + echo "AUTH0_CLIENT_SECRET_3=$CLIENT_SECRET_SCOPES_WRITE" >> .env + echo "AUTH0_CLIENT_ID_4=$CLIENT_ID_SCOPES_READWRITE" >> .env + echo "AUTH0_CLIENT_SECRET_4=$CLIENT_SECRET_SCOPES_READWRITE" >> .env + echo "API_URL=http://localhost:8080" >> .env + npm install + + - name: Run automated tests + run: cd test && npm test From 5d6e1062593886cc26f95d4bf2b42e8e8b5e8d6f Mon Sep 17 00:00:00 2001 From: Kunal Dawar Date: Mon, 19 Jan 2026 19:14:10 +0530 Subject: [PATCH 3/7] Add pull request template --- .github/PULL_REQUEST_TEMPLATE.md | 42 ++++++++++++++++++++++++++++++++ 1 file changed, 42 insertions(+) create mode 100644 .github/PULL_REQUEST_TEMPLATE.md diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md new file mode 100644 index 0000000..17a0f8a --- /dev/null +++ b/.github/PULL_REQUEST_TEMPLATE.md @@ -0,0 +1,42 @@ + + +### 🔧 Changes + + + +### 📚 References + + + +### 🔬 Testing + + + +### 📝 Checklist + +- [ ] All new/changed/fixed functionality is covered by tests (or N/A) +- [ ] I have added documentation for all new/changed functionality (or N/A) + + From fca5a525ec8338e0321aeb0dcd974cf301ca468c Mon Sep 17 00:00:00 2001 From: Kunal Dawar Date: Mon, 19 Jan 2026 19:20:46 +0530 Subject: [PATCH 4/7] Switch to ubuntu-latest runner for better availability --- .github/workflows/test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index e670619..82cfcaa 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -8,7 +8,7 @@ on: jobs: test-01-authorization-rs256: - runs-on: ubuntu-20.04 + runs-on: ubuntu-latest env: AUTH0_CFG: 01-Authorization-RS256 From e02a5bcf731ef68e591a6a8fbf2a6e8ffbc2e380 Mon Sep 17 00:00:00 2001 From: Kunal Dawar Date: Mon, 19 Jan 2026 20:22:33 +0530 Subject: [PATCH 5/7] Refactor CI workflow to build and start Docker image for API tests --- .github/workflows/test.yml | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 82cfcaa..9932045 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -44,11 +44,15 @@ jobs: - name: Install Go dependencies run: cd $AUTH0_CFG && go mod download - - name: Start server in background - run: cd $AUTH0_CFG && sh exec.sh & + - name: Build Docker image + run: cd $AUTH0_CFG && docker build -t auth0-golang-api . + + - name: Start server in detached mode + run: cd $AUTH0_CFG && docker run -d --env-file .env -p 8080:8080 auth0-golang-api - name: Wait for server to be ready run: | + sleep 3 until $(curl --silent --head --output /dev/null --fail http://localhost:8080/api/public); do echo "Waiting for server to start..." sleep 5 From 897cd793c86880610579d576f841fcc7ea73b950 Mon Sep 17 00:00:00 2001 From: Kunal Dawar Date: Tue, 20 Jan 2026 14:42:19 +0530 Subject: [PATCH 6/7] Add 01-Quickstart-Go-API with modern structure and test both versions - Created new 01-Quickstart-Go-API folder with refactored code using Go 1.24 and v3 SDK - Reverted 01-Authorization-RS256 to original state for backward compatibility - Updated GitHub Actions workflow to test both samples independently - Fixed all module paths and import references in new folder - Added CORS support with WithValidateOnOptions(false) - Enhanced RBAC documentation with setup screenshots - Updated .gitignore and dependabot.yml for dual-folder structure - Removed 'Available Samples' section from main README --- .github/dependabot.yml | 15 +- .github/workflows/test.yml | 81 +++++++ .gitignore | 2 + 01-Authorization-RS256/Dockerfile | 12 +- 01-Authorization-RS256/README.md | 200 ++++++------------ 01-Authorization-RS256/exec.ps1 | 2 +- 01-Authorization-RS256/exec.sh | 2 +- 01-Authorization-RS256/go.mod | 23 +- 01-Authorization-RS256/go.sum | 89 +++++--- 01-Authorization-RS256/main.go | 23 ++ 01-Authorization-RS256/middleware/jwt.go | 81 +++++++ 01-Authorization-RS256/router/router.go | 63 ++++++ 01-Quickstart-Go-API/.dockerignore | 3 + 01-Quickstart-Go-API/.env.example | 2 + 01-Quickstart-Go-API/Dockerfile | 23 ++ 01-Quickstart-Go-API/README.md | 168 +++++++++++++++ .../cmd/server/main.go | 6 +- 01-Quickstart-Go-API/exec.ps1 | 2 + 01-Quickstart-Go-API/exec.sh | 3 + 01-Quickstart-Go-API/go.mod | 24 +++ 01-Quickstart-Go-API/go.sum | 45 ++++ .../internal/auth/claims.go | 0 .../internal/auth/middleware.go | 0 .../internal/auth/validator.go | 0 .../internal/config/auth.go | 0 .../internal/handlers/api.go | 2 +- README.md | 2 +- 27 files changed, 665 insertions(+), 208 deletions(-) create mode 100644 01-Authorization-RS256/main.go create mode 100644 01-Authorization-RS256/middleware/jwt.go create mode 100644 01-Authorization-RS256/router/router.go create mode 100644 01-Quickstart-Go-API/.dockerignore create mode 100644 01-Quickstart-Go-API/.env.example create mode 100644 01-Quickstart-Go-API/Dockerfile create mode 100644 01-Quickstart-Go-API/README.md rename {01-Authorization-RS256 => 01-Quickstart-Go-API}/cmd/server/main.go (85%) create mode 100644 01-Quickstart-Go-API/exec.ps1 create mode 100644 01-Quickstart-Go-API/exec.sh create mode 100644 01-Quickstart-Go-API/go.mod create mode 100644 01-Quickstart-Go-API/go.sum rename {01-Authorization-RS256 => 01-Quickstart-Go-API}/internal/auth/claims.go (100%) rename {01-Authorization-RS256 => 01-Quickstart-Go-API}/internal/auth/middleware.go (100%) rename {01-Authorization-RS256 => 01-Quickstart-Go-API}/internal/auth/validator.go (100%) rename {01-Authorization-RS256 => 01-Quickstart-Go-API}/internal/config/auth.go (100%) rename {01-Authorization-RS256 => 01-Quickstart-Go-API}/internal/handlers/api.go (94%) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 63eafc1..5e85025 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -1,10 +1,19 @@ version: 2 updates: + - package-ecosystem: "gomod" + directory: "/01-Authorization-RS256" + schedule: + interval: "daily" + ignore: + - dependency-name: "*" + update-types: + ["version-update:semver-major", "version-update:semver-patch"] - - package-ecosystem: "gomod" - directory: "/01-Authorization-RS256" + - package-ecosystem: "gomod" + directory: "/01-Quickstart-Go-API" schedule: interval: "daily" ignore: - dependency-name: "*" - update-types: ["version-update:semver-major", "version-update:semver-patch"] + update-types: + ["version-update:semver-major", "version-update:semver-patch"] diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 9932045..07c1129 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -14,6 +14,87 @@ jobs: AUTH0_CFG: 01-Authorization-RS256 SAMPLE_PATH: 01-Authorization-RS256 + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Set up Go + uses: actions/setup-go@v5 + with: + go-version: "1.19" + + - name: Set up Node.js + uses: actions/setup-node@v4 + with: + node-version: "20" + + - name: Clone test scripts + run: git clone --depth 1 https://github.com/auth0-samples/api-quickstarts-tests test + + - name: Prepare environment variables + env: + AUTH0_DOMAIN: ${{ secrets.AUTH0_DOMAIN }} + API_IDENTIFIER: ${{ secrets.API_IDENTIFIER }} + run: | + cd $AUTH0_CFG + mv .env.example .env + sed -i 's|{DOMAIN}|'$AUTH0_DOMAIN'|g' .env + sed -i 's|{API_IDENTIFIER}|'$API_IDENTIFIER'|g' .env + + - name: Install Go dependencies + run: cd $AUTH0_CFG && go mod download + + - name: Build Docker image + run: cd $AUTH0_CFG && docker build -t auth0-golang-api . + + - name: Start server in detached mode + run: cd $AUTH0_CFG && docker run -d --env-file .env -p 8080:8080 auth0-golang-api + + - name: Wait for server to be ready + run: | + sleep 3 + until $(curl --silent --head --output /dev/null --fail http://localhost:8080/api/public); do + echo "Waiting for server to start..." + sleep 5 + done + + - name: Prepare test environment + env: + AUTH0_DOMAIN: ${{ secrets.AUTH0_DOMAIN }} + API_IDENTIFIER: ${{ secrets.API_IDENTIFIER }} + CLIENT_ID_SCOPES_NONE: ${{ secrets.CLIENT_ID_SCOPES_NONE }} + CLIENT_SECRET_SCOPES_NONE: ${{ secrets.CLIENT_SECRET_SCOPES_NONE }} + CLIENT_ID_SCOPES_READ: ${{ secrets.CLIENT_ID_SCOPES_READ }} + CLIENT_SECRET_SCOPES_READ: ${{ secrets.CLIENT_SECRET_SCOPES_READ }} + CLIENT_ID_SCOPES_WRITE: ${{ secrets.CLIENT_ID_SCOPES_WRITE }} + CLIENT_SECRET_SCOPES_WRITE: ${{ secrets.CLIENT_SECRET_SCOPES_WRITE }} + CLIENT_ID_SCOPES_READWRITE: ${{ secrets.CLIENT_ID_SCOPES_READWRITE }} + CLIENT_SECRET_SCOPES_READWRITE: ${{ secrets.CLIENT_SECRET_SCOPES_READWRITE }} + run: | + cd test + echo "AUTH0_DOMAIN=$AUTH0_DOMAIN" >> .env + echo "API_IDENTIFIER=$API_IDENTIFIER" >> .env + echo "AUTH0_CLIENT_ID_1=$CLIENT_ID_SCOPES_NONE" >> .env + echo "AUTH0_CLIENT_SECRET_1=$CLIENT_SECRET_SCOPES_NONE" >> .env + echo "AUTH0_CLIENT_ID_2=$CLIENT_ID_SCOPES_READ" >> .env + echo "AUTH0_CLIENT_SECRET_2=$CLIENT_SECRET_SCOPES_READ" >> .env + echo "AUTH0_CLIENT_ID_3=$CLIENT_ID_SCOPES_WRITE" >> .env + echo "AUTH0_CLIENT_SECRET_3=$CLIENT_SECRET_SCOPES_WRITE" >> .env + echo "AUTH0_CLIENT_ID_4=$CLIENT_ID_SCOPES_READWRITE" >> .env + echo "AUTH0_CLIENT_SECRET_4=$CLIENT_SECRET_SCOPES_READWRITE" >> .env + echo "API_URL=http://localhost:8080" >> .env + npm install + + - name: Run automated tests + run: cd test && npm test + + test-01-quickstart-go-api: + runs-on: ubuntu-latest + + env: + AUTH0_CFG: 01-Quickstart-Go-API + SAMPLE_PATH: 01-Quickstart-Go-API + steps: - name: Checkout repository uses: actions/checkout@v4 diff --git a/.gitignore b/.gitignore index ed3bb2a..60ed564 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,5 @@ .DS_Store 01-Authorization-RS256/.env 01-Authorization-RS256/vendor/ +01-Quickstart-Go-API/.env +01-Quickstart-Go-API/vendor/ diff --git a/01-Authorization-RS256/Dockerfile b/01-Authorization-RS256/Dockerfile index 1412f40..008018a 100644 --- a/01-Authorization-RS256/Dockerfile +++ b/01-Authorization-RS256/Dockerfile @@ -1,9 +1,9 @@ -FROM golang:1.24-alpine +FROM golang:1.17-alpine3.14 # Install git RUN apk --update add \ - git openssl \ - && rm /var/cache/apk/* + git openssl \ + && rm /var/cache/apk/* # Define current working directory WORKDIR /01-Authorization-RS256 @@ -17,7 +17,7 @@ RUN go mod download # Add sources COPY . . -# Expose port 8080 for our api binary -EXPOSE 8080 +# Expose port 3010 for our api binary +EXPOSE 3010 -CMD ["go", "run", "cmd/server/main.go"] +CMD ["go", "run", "main.go"] diff --git a/01-Authorization-RS256/README.md b/01-Authorization-RS256/README.md index 1a1e0a0..7435c21 100644 --- a/01-Authorization-RS256/README.md +++ b/01-Authorization-RS256/README.md @@ -1,168 +1,86 @@ -# Auth0 Golang API Sample - Authorization (RS256) - -This sample demonstrates how to protect a Go API using Auth0 with RS256 signed JWT tokens. - -## Prerequisites - -- Go 1.24 or higher -- An Auth0 account ([Sign up for free](https://auth0.com/signup)) - -## Setup - -1. **Create an API in Auth0 Dashboard:** - - Go to APIs in your Auth0 Dashboard - - Click "Create API" - - Give it a name and identifier (audience) - - Select RS256 signing algorithm - -2. **Add permissions to your API:** - - Select your API in the Auth0 Dashboard - - Go to the **Permissions** tab - - Add a new permission: - - **Permission (Scope):** `read:messages` - - **Description:** Read messages from the API - - Click **Add** - -3. **Enable RBAC for your API (Important!):** - - Select your API in the Auth0 Dashboard - - Go to the **Settings** tab - - Scroll down to **RBAC Settings** - - Enable **Enable RBAC** - - Enable **Add Permissions in the Access Token** - - Click **Save** - - Enable RBAC Settings - - > ⚠️ **Note:** Without enabling these settings, the `permissions` array in your access token will be empty, causing the scoped endpoint to fail with a 403 error. - -4. **Configure Machine-to-Machine Application (for testing):** - - Go to **Applications > Applications** in your Auth0 Dashboard - - Select your Machine-to-Machine application (or create one) - - Go to the **APIs** tab - - Find your API and expand it - - Toggle **Authorize** to enable it - - Select the permissions you want to grant (e.g., `read:messages`) - - Click **Update** - - Configure M2M Permissions - - > 💡 This step ensures that tokens generated for this application will include the selected permissions in the `permissions` array. - -5. **Configure environment variables:** - ```bash - cp .env.example .env - ``` - - Edit `.env` and set: - ``` - AUTH0_DOMAIN=your-tenant.auth0.com - AUTH0_AUDIENCE=https://your-api-identifier - ``` - -6. **Install dependencies:** - ```bash - go mod download - ``` - -## Running the Sample +# Golang Authorization for RS256-Signed Tokens -```bash -go run cmd/server/main.go -``` +This sample demonstrates how to protect endpoints in a Go API by verifying an incoming JWT access token signed by Auth0. +The token must be signed with the RS256 algorithm and must be verified against your Auth0 JSON Web Key Set. -The server will start on port 8080. +Check the [Golang API Quickstart](https://auth0.com/docs/quickstart/backend/golang) to understand this sample better. -## API Endpoints +## Getting Started -### Public Endpoint (No Authentication Required) -```bash -curl http://localhost:8080/api/public -``` +If you haven't already done so, [sign up](https://auth0.com/signup) for your free Auth0 account and create a new API +client in the [dashboard](https://manage.auth0.com/). -### Private Endpoint (Requires Valid JWT) -```bash -curl -H "Authorization: Bearer YOUR_ACCESS_TOKEN" \ - http://localhost:8080/api/private +Clone the repo or download it from the Golang API quickstart page in Auth0's documentation. + +### Add Your Credentials + +Rename the `.env.example` to `.env` and you will see variables for `AUTH0_DOMAIN` and `AUTH0_API_AUDIENCE`. +Update these values with your credentials and save the file. + +```text +AUTH0_DOMAIN={DOMAIN} +AUTH0_AUDIENCE={API_AUDIENCE} ``` -### Scoped Endpoint (Requires JWT with `read:messages` scope) +### Install Dependencies and Start Server + ```bash -curl -H "Authorization: Bearer YOUR_ACCESS_TOKEN" \ - http://localhost:8080/api/private-scoped +# Download dependencies +go mod vendor + +# Start the server +go run main.go ``` -## Getting an Access Token +The API will be served at `http://localhost:3010`. -To test the protected endpoints, you need an access token: +### Endpoints -1. Go to the **Test** tab of your API in the Auth0 Dashboard -2. In the **Scopes** field, add `read:messages` (for testing the scoped endpoint) -3. Copy the provided access token or `curl` command -4. Use it in the `Authorization` header as shown above +The sample includes these endpoints: -**Note:** Tokens without the `read:messages` scope will receive a 403 Forbidden error when accessing the scoped endpoint. +**GET** /api/public +* An unprotected endpoint which returns a message on success. Does not require a valid JWT access token. -### Verifying Your Token Contains Permissions +**GET** /api/private +* A protected endpoint which returns a message on success. Requires a valid JWT access token. -You can decode your JWT token at [jwt.io](https://jwt.io) to verify it contains the permissions. A properly configured token should include: +**GET** /api/private-scoped +* A protected endpoint which returns a message on success. Requires a valid JWT access token with a `scope` of `read:messages`. -```json -{ - "iss": "https://your-tenant.auth0.com/", - "sub": "...", - "aud": "https://your-api-identifier", - "iat": 1697988893, - "exp": 1698075293, - "azp": "...", - "scope": "read:messages", - "gty": "client-credentials", - "permissions": [ - "read:messages" - ] -} -``` +### Running the Example With Docker -If the `permissions` array is empty, please verify you've completed steps 3 and 4 in the Setup section above. +In order to run the example with docker, you need to have `docker` installed. -## Project Structure +You also need to set the environment variables as explained [previously](#add-your-credentials). -``` -01-Authorization-RS256/ -├── cmd/ -│ └── server/ -│ └── main.go # Application entry point -├── internal/ -│ ├── auth/ -│ │ ├── validator.go # JWT validator setup -│ │ └── middleware.go # JWT middleware -│ ├── config/ -│ │ └── auth.go # Configuration loading -│ └── handlers/ -│ └── api.go # HTTP handlers -├── .env.example -├── go.mod -└── README.md -``` +Execute in command line `sh exec.sh` to run the Docker in Linux, or `.\exec.ps1` to run the Docker in Windows. -## Key Features +## What is Auth0? -- ✅ RS256 JWT validation -- ✅ Custom claims support -- ✅ Scope-based authorization -- ✅ Graceful shutdown -- ✅ Production-ready timeouts -- ✅ Structured logging with slog +Auth0 helps you to: -## Learn More +* Add authentication with [multiple authentication sources](https://auth0.com/docs/authenticate/identity-providers), either social like **Google, Facebook, Microsoft Account, LinkedIn, GitHub, Twitter, Box, Salesforce, among others**, or enterprise identity systems like **Windows Azure AD, Google Apps, Active Directory, ADFS or any SAML Identity Provider**. +* Add authentication through more traditional **[username/password databases](https://auth0.com/docs/authenticate/database-connections/custom-db/overview-custom-db-connections)**. +* Add support for **[linking different user accounts](https://auth0.com/docs/manage-users/user-accounts/user-account-linking)** with the same user. +* Support for generating signed [Json Web Tokens](https://auth0.com/docs/secure/tokens/json-web-tokens) to call your APIs and **flow the user identity** securely. +* Analytics of how, when and where users are logging in. +* Pull data from other sources and add it to the user profile, through [JavaScript rules](https://auth0.com/docs/customize/rules). -- [Auth0 Go SDK Documentation](https://github.com/auth0/go-jwt-middleware) -- [Auth0 Documentation](https://auth0.com/docs) -- [Securing Go APIs with -## Project Structure +## Create a free Auth0 account -``` -01-Autckstart/backend/golang) +1. Go to [Auth0](https://auth0.com/signup) and click Sign Up. +2. Use Google, GitHub or Microsoft Account to login. + +## Issue Reporting + +If you have found a bug or if you have a feature request, please report them at this repository issues section. +Please do not report security vulnerabilities on the public GitHub issue tracker. +The [Responsible Disclosure Program](https://auth0.com/whitehat) details the procedure for disclosing security issues. + +## Author + +[Auth0](https://auth0.com) ## License -This project is licensed under the MIT license. See the [LICENSE](../../LICENSE) file for more info. +This project is licensed under the MIT license. See the `LICENSE` file for more info. diff --git a/01-Authorization-RS256/exec.ps1 b/01-Authorization-RS256/exec.ps1 index 5a9854a..3e50b04 100644 --- a/01-Authorization-RS256/exec.ps1 +++ b/01-Authorization-RS256/exec.ps1 @@ -1,2 +1,2 @@ docker build -t auth0-golang-api . -docker run --env-file .env -p 8080:8080 -it auth0-golang-api +docker run --env-file .env -p 3010:3010 -it auth0-golang-api diff --git a/01-Authorization-RS256/exec.sh b/01-Authorization-RS256/exec.sh index 49bc7a4..9744870 100644 --- a/01-Authorization-RS256/exec.sh +++ b/01-Authorization-RS256/exec.sh @@ -1,3 +1,3 @@ #!/usr/bin/env bash docker build -t auth0-golang-api . -docker run --env-file .env -p 8080:8080 -it auth0-golang-api +docker run --env-file .env -p 3010:3010 -it auth0-golang-api diff --git a/01-Authorization-RS256/go.mod b/01-Authorization-RS256/go.mod index 49c7d22..d781015 100644 --- a/01-Authorization-RS256/go.mod +++ b/01-Authorization-RS256/go.mod @@ -1,24 +1,9 @@ -module github.com/auth0-samples/auth0-golang-api-samples/01-Authorization-RS256 +module 01-Authorization-RS256 -go 1.24.0 +go 1.16 require ( - github.com/auth0/go-jwt-middleware/v3 v3.0.0 + github.com/auth0/go-jwt-middleware/v2 v2.2.0 github.com/joho/godotenv v1.5.1 -) - -require ( - github.com/decred/dcrd/dcrec/secp256k1/v4 v4.4.0 // indirect - github.com/goccy/go-json v0.10.5 // indirect - github.com/lestrrat-go/blackmagic v1.0.4 // indirect - github.com/lestrrat-go/dsig v1.0.0 // indirect - github.com/lestrrat-go/dsig-secp256k1 v1.0.0 // indirect - github.com/lestrrat-go/httpcc v1.0.1 // indirect - github.com/lestrrat-go/httprc/v3 v3.0.3 // indirect - github.com/lestrrat-go/jwx/v3 v3.0.12 // indirect - github.com/lestrrat-go/option/v2 v2.0.0 // indirect - github.com/segmentio/asm v1.2.1 // indirect - github.com/valyala/fastjson v1.6.7 // indirect - golang.org/x/crypto v0.46.0 // indirect - golang.org/x/sys v0.40.0 // indirect + golang.org/x/crypto v0.17.0 // indirect ) diff --git a/01-Authorization-RS256/go.sum b/01-Authorization-RS256/go.sum index 6f8d5ca..99aa4f7 100644 --- a/01-Authorization-RS256/go.sum +++ b/01-Authorization-RS256/go.sum @@ -1,45 +1,70 @@ -github.com/auth0/go-jwt-middleware/v3 v3.0.0 h1:+rvUPCT+VbAuK4tpS13fWfZrMyqTwLopt3VoY0Y7kvA= -github.com/auth0/go-jwt-middleware/v3 v3.0.0/go.mod h1:iU42jqjRyeKbf9YYSnRnolr836gk6Ty/jnUNuVq2b0o= +github.com/auth0/go-jwt-middleware/v2 v2.2.0 h1:4WTpcHh+VZJOLEnS4E+hh+vP96Jy1tSbJOMnbJ29/KI= +github.com/auth0/go-jwt-middleware/v2 v2.2.0/go.mod h1:BFCz+RF+1szSkrGNJLYn2ng2PtfzBiKR6fynTvS2A/k= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/decred/dcrd/dcrec/secp256k1/v4 v4.4.0 h1:NMZiJj8QnKe1LgsbDayM4UoHwbvwDRwnI3hwNaAHRnc= -github.com/decred/dcrd/dcrec/secp256k1/v4 v4.4.0/go.mod h1:ZXNYxsqcloTdSy/rNShjYzMhyjf0LaoftYK0p+A3h40= -github.com/goccy/go-json v0.10.5 h1:Fq85nIqj+gXn/S5ahsiTlK3TmC85qgirsdTP/+DeaC4= -github.com/goccy/go-json v0.10.5/go.mod h1:oq7eo15ShAhp70Anwd5lgX2pLfOS3QCiwU/PULtXL6M= -github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8= -github.com/google/go-cmp v0.7.0/go.mod h1:pXiqmnSA92OHEEa9HXL2W4E7lf9JzCmGVUdgjX3N/iU= +github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= +github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/joho/godotenv v1.5.1 h1:7eLL/+HRGLY0ldzfGMeQkb7vMd0as4CfYvUVzLqw0N0= github.com/joho/godotenv v1.5.1/go.mod h1:f4LDr5Voq0i2e/R5DDNOoa2zzDfwtkZa6DnEwAbqwq4= -github.com/lestrrat-go/blackmagic v1.0.4 h1:IwQibdnf8l2KoO+qC3uT4OaTWsW7tuRQXy9TRN9QanA= -github.com/lestrrat-go/blackmagic v1.0.4/go.mod h1:6AWFyKNNj0zEXQYfTMPfZrAXUWUfTIZ5ECEUEJaijtw= -github.com/lestrrat-go/dsig v1.0.0 h1:OE09s2r9Z81kxzJYRn07TFM9XA4akrUdoMwr0L8xj38= -github.com/lestrrat-go/dsig v1.0.0/go.mod h1:dEgoOYYEJvW6XGbLasr8TFcAxoWrKlbQvmJgCR0qkDo= -github.com/lestrrat-go/dsig-secp256k1 v1.0.0 h1:JpDe4Aybfl0soBvoVwjqDbp+9S1Y2OM7gcrVVMFPOzY= -github.com/lestrrat-go/dsig-secp256k1 v1.0.0/go.mod h1:CxUgAhssb8FToqbL8NjSPoGQlnO4w3LG1P0qPWQm/NU= -github.com/lestrrat-go/httpcc v1.0.1 h1:ydWCStUeJLkpYyjLDHihupbn2tYmZ7m22BGkcvZZrIE= -github.com/lestrrat-go/httpcc v1.0.1/go.mod h1:qiltp3Mt56+55GPVCbTdM9MlqhvzyuL6W/NMDA8vA5E= -github.com/lestrrat-go/httprc/v3 v3.0.3 h1:WjLHWkDkgWXeIUrKi/7lS/sGq2DjkSAwdTbH5RHXAKs= -github.com/lestrrat-go/httprc/v3 v3.0.3/go.mod h1:mSMtkZW92Z98M5YoNNztbRGxbXHql7tSitCvaxvo9l0= -github.com/lestrrat-go/jwx/v3 v3.0.12 h1:p25r68Y4KrbBdYjIsQweYxq794CtGCzcrc5dGzJIRjg= -github.com/lestrrat-go/jwx/v3 v3.0.12/go.mod h1:HiUSaNmMLXgZ08OmGBaPVvoZQgJVOQphSrGr5zMamS8= -github.com/lestrrat-go/option/v2 v2.0.0 h1:XxrcaJESE1fokHy3FpaQ/cXW8ZsIdWcdFzzLOcID3Ss= -github.com/lestrrat-go/option/v2 v2.0.0/go.mod h1:oSySsmzMoR0iRzCDCaUfsCzxQHUEuhOViQObyy7S6Vg= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/segmentio/asm v1.2.1 h1:DTNbBqs57ioxAD4PrArqftgypG4/qNpXoJx8TVXxPR0= -github.com/segmentio/asm v1.2.1/go.mod h1:BqMnlJP91P8d+4ibuonYZw9mfnzI9HfxselHZr5aAcs= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= +github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.11.1 h1:7s2iGBzp5EwR7/aIZr8ao5+dra3wiQyKjjFuvgVKu7U= -github.com/stretchr/testify v1.11.1/go.mod h1:wZwfW3scLgRK+23gO65QZefKpKQRnfz6sD981Nm4B6U= -github.com/valyala/fastjson v1.6.7 h1:ZE4tRy0CIkh+qDc5McjatheGX2czdn8slQjomexVpBM= -github.com/valyala/fastjson v1.6.7/go.mod h1:CLCAqky6SMuOcxStkYQvblddUtoRxhYMGLrsQns1aXY= -golang.org/x/crypto v0.46.0 h1:cKRW/pmt1pKAfetfu+RCEvjvZkA9RimPbh7bhFjGVBU= -golang.org/x/crypto v0.46.0/go.mod h1:Evb/oLKmMraqjZ2iQTwDwvCtJkczlDuTmdJXoZVzqU0= -golang.org/x/sys v0.40.0 h1:DBZZqJ2Rkml6QMQsZywtnjnnGvHza6BTfYFWY9kjEWQ= -golang.org/x/sys v0.40.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks= +github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= +github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= +github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= +github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= +golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= +golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= +golang.org/x/crypto v0.4.0/go.mod h1:3quD/ATkf6oY+rnes5c3ExXTbLc8mueNue5/DoinL80= +golang.org/x/crypto v0.17.0 h1:r8bRNjWL3GshPW3gkd+RpvzWrZAwPS49OmTGZ/uhM4k= +golang.org/x/crypto v0.17.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4= +golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= +golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= +golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= +golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= +golang.org/x/net v0.3.0/go.mod h1:MBQ8lrhLObU/6UmLb4fmbmk5OcyYmqtbGd/9yIeKjEE= +golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= +golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg= +golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.5.0 h1:60k92dhOjHxJkrqnwsfl8KuaHbn/5dl0lUPUklKo3qE= +golang.org/x/sync v0.5.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= +golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.3.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= +golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= +golang.org/x/term v0.3.0/go.mod h1:q750SLmJuPmVoN1blW3UFBPREJfb1KmY3vwxfr+nFDA= +golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= +golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo= +golang.org/x/term v0.15.0/go.mod h1:BDl952bC7+uMoWR75FIrCDx79TPU9oHkTZ9yRbYOrX0= +golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= +golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= +golang.org/x/text v0.5.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= +golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= +golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= +golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= +golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= +golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU= +golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/go-jose/go-jose.v2 v2.6.1 h1:qEzJlIDmG9q5VO0M/o8tGS65QMHMS1w01TQJB1VPJ4U= +gopkg.in/go-jose/go-jose.v2 v2.6.1/go.mod h1:zzZDPkNNw/c9IE7Z9jr11mBZQhKQTMzoEEIoEdZlFBI= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= diff --git a/01-Authorization-RS256/main.go b/01-Authorization-RS256/main.go new file mode 100644 index 0000000..587f010 --- /dev/null +++ b/01-Authorization-RS256/main.go @@ -0,0 +1,23 @@ +package main + +import ( + "log" + "net/http" + + "github.com/joho/godotenv" + + "01-Authorization-RS256/router" +) + +func main() { + if err := godotenv.Load(); err != nil { + log.Fatalf("Error loading the .env file: %v", err) + } + + rtr := router.New() + + log.Print("Server listening on http://localhost:3010") + if err := http.ListenAndServe("0.0.0.0:3010", rtr); err != nil { + log.Fatalf("There was an error with the http server: %v", err) + } +} diff --git a/01-Authorization-RS256/middleware/jwt.go b/01-Authorization-RS256/middleware/jwt.go new file mode 100644 index 0000000..6fd667d --- /dev/null +++ b/01-Authorization-RS256/middleware/jwt.go @@ -0,0 +1,81 @@ +package middleware + +import ( + "context" + "log" + "net/http" + "net/url" + "os" + "strings" + "time" + + "github.com/auth0/go-jwt-middleware/v2" + "github.com/auth0/go-jwt-middleware/v2/jwks" + "github.com/auth0/go-jwt-middleware/v2/validator" +) + +// CustomClaims contains custom data we want from the token. +type CustomClaims struct { + Scope string `json:"scope"` +} + +// Validate does nothing for this example, but we need +// it to satisfy validator.CustomClaims interface. +func (c CustomClaims) Validate(ctx context.Context) error { + return nil +} + +// HasScope checks whether our claims have a specific scope. +func (c CustomClaims) HasScope(expectedScope string) bool { + result := strings.Split(c.Scope, " ") + for i := range result { + if result[i] == expectedScope { + return true + } + } + + return false +} + +// EnsureValidToken is a middleware that will check the validity of our JWT. +func EnsureValidToken() func(next http.Handler) http.Handler { + issuerURL, err := url.Parse("https://" + os.Getenv("AUTH0_DOMAIN") + "/") + if err != nil { + log.Fatalf("Failed to parse the issuer url: %v", err) + } + + provider := jwks.NewCachingProvider(issuerURL, 5*time.Minute) + + jwtValidator, err := validator.New( + provider.KeyFunc, + validator.RS256, + issuerURL.String(), + []string{os.Getenv("AUTH0_AUDIENCE")}, + validator.WithCustomClaims( + func() validator.CustomClaims { + return &CustomClaims{} + }, + ), + validator.WithAllowedClockSkew(time.Minute), + ) + if err != nil { + log.Fatalf("Failed to set up the jwt validator") + } + + errorHandler := func(w http.ResponseWriter, r *http.Request, err error) { + log.Printf("Encountered error while validating JWT: %v", err) + + w.Header().Set("Content-Type", "application/json") + w.WriteHeader(http.StatusUnauthorized) + w.Write([]byte(`{"message":"Failed to validate JWT."}`)) + } + + middleware := jwtmiddleware.New( + jwtValidator.ValidateToken, + jwtmiddleware.WithErrorHandler(errorHandler), + ) + + return func(next http.Handler) http.Handler { + return middleware.CheckJWT(next) + } +} diff --git a/01-Authorization-RS256/router/router.go b/01-Authorization-RS256/router/router.go new file mode 100644 index 0000000..cbbc356 --- /dev/null +++ b/01-Authorization-RS256/router/router.go @@ -0,0 +1,63 @@ +package router + +import ( + "net/http" + + "github.com/auth0/go-jwt-middleware/v2" + "github.com/auth0/go-jwt-middleware/v2/validator" + + "01-Authorization-RS256/middleware" +) + +// New sets up our routes and returns a *http.ServeMux. +func New() *http.ServeMux { + router := http.NewServeMux() + + // This route is always accessible. + router.Handle("/api/public", http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + w.Header().Set("Content-Type", "application/json") + w.WriteHeader(http.StatusOK) + w.Write([]byte(`{"message":"Hello from a public endpoint! You don't need to be authenticated to see this."}`)) + })) + + // This route is only accessible if the user has a valid access_token. + router.Handle("/api/private", middleware.EnsureValidToken()( + http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + // CORS Headers. + w.Header().Set("Access-Control-Allow-Credentials", "true") + w.Header().Set("Access-Control-Allow-Origin", "http://localhost:3000") + w.Header().Set("Access-Control-Allow-Headers", "Authorization") + + w.Header().Set("Content-Type", "application/json") + w.WriteHeader(http.StatusOK) + w.Write([]byte(`{"message":"Hello from a private endpoint! You need to be authenticated to see this."}`)) + }), + )) + + // This route is only accessible if the user has a + // valid access_token with the read:messages scope. + router.Handle("/api/private-scoped", middleware.EnsureValidToken()( + http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + // CORS Headers. + w.Header().Set("Access-Control-Allow-Credentials", "true") + w.Header().Set("Access-Control-Allow-Origin", "http://localhost:3000") + w.Header().Set("Access-Control-Allow-Headers", "Authorization") + + w.Header().Set("Content-Type", "application/json") + + token := r.Context().Value(jwtmiddleware.ContextKey{}).(*validator.ValidatedClaims) + + claims := token.CustomClaims.(*middleware.CustomClaims) + if !claims.HasScope("read:messages") { + w.WriteHeader(http.StatusForbidden) + w.Write([]byte(`{"message":"Insufficient scope."}`)) + return + } + + w.WriteHeader(http.StatusOK) + w.Write([]byte(`{"message":"Hello from a private endpoint! You need to be authenticated to see this."}`)) + }), + )) + + return router +} diff --git a/01-Quickstart-Go-API/.dockerignore b/01-Quickstart-Go-API/.dockerignore new file mode 100644 index 0000000..d3c9987 --- /dev/null +++ b/01-Quickstart-Go-API/.dockerignore @@ -0,0 +1,3 @@ +README.md +exec.sh +exec.ps1 diff --git a/01-Quickstart-Go-API/.env.example b/01-Quickstart-Go-API/.env.example new file mode 100644 index 0000000..6b907e4 --- /dev/null +++ b/01-Quickstart-Go-API/.env.example @@ -0,0 +1,2 @@ +AUTH0_DOMAIN={DOMAIN} +AUTH0_AUDIENCE={API_IDENTIFIER} diff --git a/01-Quickstart-Go-API/Dockerfile b/01-Quickstart-Go-API/Dockerfile new file mode 100644 index 0000000..231524c --- /dev/null +++ b/01-Quickstart-Go-API/Dockerfile @@ -0,0 +1,23 @@ +FROM golang:1.24-alpine + +# Install git +RUN apk --update add \ + git openssl \ + && rm /var/cache/apk/* + +# Define current working directory +WORKDIR /01-Quickstart-Go-API + +# Download modules to local cache so we can skip re- +# downloading on consecutive docker build commands +COPY go.mod . +COPY go.sum . +RUN go mod download + +# Add sources +COPY . . + +# Expose port 8080 for our api binary +EXPOSE 8080 + +CMD ["go", "run", "cmd/server/main.go"] diff --git a/01-Quickstart-Go-API/README.md b/01-Quickstart-Go-API/README.md new file mode 100644 index 0000000..87fac10 --- /dev/null +++ b/01-Quickstart-Go-API/README.md @@ -0,0 +1,168 @@ +# Auth0 Golang API Sample - Authorization (RS256) + +This sample demonstrates how to protect a Go API using Auth0 with RS256 signed JWT tokens. + +## Prerequisites + +- Go 1.24 or higher +- An Auth0 account ([Sign up for free](https://auth0.com/signup)) + +## Setup + +1. **Create an API in Auth0 Dashboard:** + - Go to APIs in your Auth0 Dashboard + - Click "Create API" + - Give it a name and identifier (audience) + - Select RS256 signing algorithm + +2. **Add permissions to your API:** + - Select your API in the Auth0 Dashboard + - Go to the **Permissions** tab + - Add a new permission: + - **Permission (Scope):** `read:messages` + - **Description:** Read messages from the API + - Click **Add** + +3. **Enable RBAC for your API (Important!):** + - Select your API in the Auth0 Dashboard + - Go to the **Settings** tab + - Scroll down to **RBAC Settings** + - Enable **Enable RBAC** + - Enable **Add Permissions in the Access Token** + - Click **Save** + + Enable RBAC Settings + + > ⚠️ **Note:** Without enabling these settings, the `permissions` array in your access token will be empty, causing the scoped endpoint to fail with a 403 error. + +4. **Configure Machine-to-Machine Application (for testing):** + - Go to **Applications > Applications** in your Auth0 Dashboard + - Select your Machine-to-Machine application (or create one) + - Go to the **APIs** tab + - Find your API and expand it + - Toggle **Authorize** to enable it + - Select the permissions you want to grant (e.g., `read:messages`) + - Click **Update** + + Configure M2M Permissions + + > 💡 This step ensures that tokens generated for this application will include the selected permissions in the `permissions` array. + +5. **Configure environment variables:** + ```bash + cp .env.example .env + ``` + + Edit `.env` and set: + ``` + AUTH0_DOMAIN=your-tenant.auth0.com + AUTH0_AUDIENCE=https://your-api-identifier + ``` + +6. **Install dependencies:** + ```bash + go mod download + ``` + +## Running the Sample + +```bash +go run cmd/server/main.go +``` + +The server will start on port 8080. + +## API Endpoints + +### Public Endpoint (No Authentication Required) +```bash +curl http://localhost:8080/api/public +``` + +### Private Endpoint (Requires Valid JWT) +```bash +curl -H "Authorization: Bearer YOUR_ACCESS_TOKEN" \ + http://localhost:8080/api/private +``` + +### Scoped Endpoint (Requires JWT with `read:messages` scope) +```bash +curl -H "Authorization: Bearer YOUR_ACCESS_TOKEN" \ + http://localhost:8080/api/private-scoped +``` + +## Getting an Access Token + +To test the protected endpoints, you need an access token: + +1. Go to the **Test** tab of your API in the Auth0 Dashboard +2. In the **Scopes** field, add `read:messages` (for testing the scoped endpoint) +3. Copy the provided access token or `curl` command +4. Use it in the `Authorization` header as shown above + +**Note:** Tokens without the `read:messages` scope will receive a 403 Forbidden error when accessing the scoped endpoint. + +### Verifying Your Token Contains Permissions + +You can decode your JWT token at [jwt.io](https://jwt.io) to verify it contains the permissions. A properly configured token should include: + +```json +{ + "iss": "https://your-tenant.auth0.com/", + "sub": "...", + "aud": "https://your-api-identifier", + "iat": 1697988893, + "exp": 1698075293, + "azp": "...", + "scope": "read:messages", + "gty": "client-credentials", + "permissions": [ + "read:messages" + ] +} +``` + +If the `permissions` array is empty, please verify you've completed steps 3 and 4 in the Setup section above. + +## Project Structure + +``` +01-Quickstart-Go-API/ +├── cmd/ +│ └── server/ +│ └── main.go # Application entry point +├── internal/ +│ ├── auth/ +│ │ ├── validator.go # JWT validator setup +│ │ └── middleware.go # JWT middleware +│ ├── config/ +│ │ └── auth.go # Configuration loading +│ └── handlers/ +│ └── api.go # HTTP handlers +├── .env.example +├── go.mod +└── README.md +``` + +## Key Features + +- ✅ RS256 JWT validation +- ✅ Custom claims support +- ✅ Scope-based authorization +- ✅ Graceful shutdown +- ✅ Production-ready timeouts +- ✅ Structured logging with slog + +## Learn More + +- [Auth0 Go SDK Documentation](https://github.com/auth0/go-jwt-middleware) +- [Auth0 Documentation](https://auth0.com/docs) +- [Securing Go APIs with +## Project Structure + +``` +01-Autckstart/backend/golang) + +## License + +This project is licensed under the MIT license. See the [LICENSE](../../LICENSE) file for more info. diff --git a/01-Authorization-RS256/cmd/server/main.go b/01-Quickstart-Go-API/cmd/server/main.go similarity index 85% rename from 01-Authorization-RS256/cmd/server/main.go rename to 01-Quickstart-Go-API/cmd/server/main.go index 7f65f9b..44a4abd 100644 --- a/01-Authorization-RS256/cmd/server/main.go +++ b/01-Quickstart-Go-API/cmd/server/main.go @@ -8,9 +8,9 @@ import ( "os/signal" "time" - "github.com/auth0-samples/auth0-golang-api-samples/01-Authorization-RS256/internal/auth" - "github.com/auth0-samples/auth0-golang-api-samples/01-Authorization-RS256/internal/config" - "github.com/auth0-samples/auth0-golang-api-samples/01-Authorization-RS256/internal/handlers" + "github.com/auth0-samples/auth0-golang-api-samples/01-Quickstart-Go-API/internal/auth" + "github.com/auth0-samples/auth0-golang-api-samples/01-Quickstart-Go-API/internal/config" + "github.com/auth0-samples/auth0-golang-api-samples/01-Quickstart-Go-API/internal/handlers" "github.com/joho/godotenv" ) diff --git a/01-Quickstart-Go-API/exec.ps1 b/01-Quickstart-Go-API/exec.ps1 new file mode 100644 index 0000000..5a9854a --- /dev/null +++ b/01-Quickstart-Go-API/exec.ps1 @@ -0,0 +1,2 @@ +docker build -t auth0-golang-api . +docker run --env-file .env -p 8080:8080 -it auth0-golang-api diff --git a/01-Quickstart-Go-API/exec.sh b/01-Quickstart-Go-API/exec.sh new file mode 100644 index 0000000..49bc7a4 --- /dev/null +++ b/01-Quickstart-Go-API/exec.sh @@ -0,0 +1,3 @@ +#!/usr/bin/env bash +docker build -t auth0-golang-api . +docker run --env-file .env -p 8080:8080 -it auth0-golang-api diff --git a/01-Quickstart-Go-API/go.mod b/01-Quickstart-Go-API/go.mod new file mode 100644 index 0000000..d6ce969 --- /dev/null +++ b/01-Quickstart-Go-API/go.mod @@ -0,0 +1,24 @@ +module github.com/auth0-samples/auth0-golang-api-samples/01-Quickstart-Go-API + +go 1.24.0 + +require ( + github.com/auth0/go-jwt-middleware/v3 v3.0.0 + github.com/joho/godotenv v1.5.1 +) + +require ( + github.com/decred/dcrd/dcrec/secp256k1/v4 v4.4.0 // indirect + github.com/goccy/go-json v0.10.5 // indirect + github.com/lestrrat-go/blackmagic v1.0.4 // indirect + github.com/lestrrat-go/dsig v1.0.0 // indirect + github.com/lestrrat-go/dsig-secp256k1 v1.0.0 // indirect + github.com/lestrrat-go/httpcc v1.0.1 // indirect + github.com/lestrrat-go/httprc/v3 v3.0.3 // indirect + github.com/lestrrat-go/jwx/v3 v3.0.12 // indirect + github.com/lestrrat-go/option/v2 v2.0.0 // indirect + github.com/segmentio/asm v1.2.1 // indirect + github.com/valyala/fastjson v1.6.7 // indirect + golang.org/x/crypto v0.46.0 // indirect + golang.org/x/sys v0.40.0 // indirect +) diff --git a/01-Quickstart-Go-API/go.sum b/01-Quickstart-Go-API/go.sum new file mode 100644 index 0000000..6f8d5ca --- /dev/null +++ b/01-Quickstart-Go-API/go.sum @@ -0,0 +1,45 @@ +github.com/auth0/go-jwt-middleware/v3 v3.0.0 h1:+rvUPCT+VbAuK4tpS13fWfZrMyqTwLopt3VoY0Y7kvA= +github.com/auth0/go-jwt-middleware/v3 v3.0.0/go.mod h1:iU42jqjRyeKbf9YYSnRnolr836gk6Ty/jnUNuVq2b0o= +github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= +github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/decred/dcrd/dcrec/secp256k1/v4 v4.4.0 h1:NMZiJj8QnKe1LgsbDayM4UoHwbvwDRwnI3hwNaAHRnc= +github.com/decred/dcrd/dcrec/secp256k1/v4 v4.4.0/go.mod h1:ZXNYxsqcloTdSy/rNShjYzMhyjf0LaoftYK0p+A3h40= +github.com/goccy/go-json v0.10.5 h1:Fq85nIqj+gXn/S5ahsiTlK3TmC85qgirsdTP/+DeaC4= +github.com/goccy/go-json v0.10.5/go.mod h1:oq7eo15ShAhp70Anwd5lgX2pLfOS3QCiwU/PULtXL6M= +github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8= +github.com/google/go-cmp v0.7.0/go.mod h1:pXiqmnSA92OHEEa9HXL2W4E7lf9JzCmGVUdgjX3N/iU= +github.com/joho/godotenv v1.5.1 h1:7eLL/+HRGLY0ldzfGMeQkb7vMd0as4CfYvUVzLqw0N0= +github.com/joho/godotenv v1.5.1/go.mod h1:f4LDr5Voq0i2e/R5DDNOoa2zzDfwtkZa6DnEwAbqwq4= +github.com/lestrrat-go/blackmagic v1.0.4 h1:IwQibdnf8l2KoO+qC3uT4OaTWsW7tuRQXy9TRN9QanA= +github.com/lestrrat-go/blackmagic v1.0.4/go.mod h1:6AWFyKNNj0zEXQYfTMPfZrAXUWUfTIZ5ECEUEJaijtw= +github.com/lestrrat-go/dsig v1.0.0 h1:OE09s2r9Z81kxzJYRn07TFM9XA4akrUdoMwr0L8xj38= +github.com/lestrrat-go/dsig v1.0.0/go.mod h1:dEgoOYYEJvW6XGbLasr8TFcAxoWrKlbQvmJgCR0qkDo= +github.com/lestrrat-go/dsig-secp256k1 v1.0.0 h1:JpDe4Aybfl0soBvoVwjqDbp+9S1Y2OM7gcrVVMFPOzY= +github.com/lestrrat-go/dsig-secp256k1 v1.0.0/go.mod h1:CxUgAhssb8FToqbL8NjSPoGQlnO4w3LG1P0qPWQm/NU= +github.com/lestrrat-go/httpcc v1.0.1 h1:ydWCStUeJLkpYyjLDHihupbn2tYmZ7m22BGkcvZZrIE= +github.com/lestrrat-go/httpcc v1.0.1/go.mod h1:qiltp3Mt56+55GPVCbTdM9MlqhvzyuL6W/NMDA8vA5E= +github.com/lestrrat-go/httprc/v3 v3.0.3 h1:WjLHWkDkgWXeIUrKi/7lS/sGq2DjkSAwdTbH5RHXAKs= +github.com/lestrrat-go/httprc/v3 v3.0.3/go.mod h1:mSMtkZW92Z98M5YoNNztbRGxbXHql7tSitCvaxvo9l0= +github.com/lestrrat-go/jwx/v3 v3.0.12 h1:p25r68Y4KrbBdYjIsQweYxq794CtGCzcrc5dGzJIRjg= +github.com/lestrrat-go/jwx/v3 v3.0.12/go.mod h1:HiUSaNmMLXgZ08OmGBaPVvoZQgJVOQphSrGr5zMamS8= +github.com/lestrrat-go/option/v2 v2.0.0 h1:XxrcaJESE1fokHy3FpaQ/cXW8ZsIdWcdFzzLOcID3Ss= +github.com/lestrrat-go/option/v2 v2.0.0/go.mod h1:oSySsmzMoR0iRzCDCaUfsCzxQHUEuhOViQObyy7S6Vg= +github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= +github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/segmentio/asm v1.2.1 h1:DTNbBqs57ioxAD4PrArqftgypG4/qNpXoJx8TVXxPR0= +github.com/segmentio/asm v1.2.1/go.mod h1:BqMnlJP91P8d+4ibuonYZw9mfnzI9HfxselHZr5aAcs= +github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= +github.com/stretchr/testify v1.11.1 h1:7s2iGBzp5EwR7/aIZr8ao5+dra3wiQyKjjFuvgVKu7U= +github.com/stretchr/testify v1.11.1/go.mod h1:wZwfW3scLgRK+23gO65QZefKpKQRnfz6sD981Nm4B6U= +github.com/valyala/fastjson v1.6.7 h1:ZE4tRy0CIkh+qDc5McjatheGX2czdn8slQjomexVpBM= +github.com/valyala/fastjson v1.6.7/go.mod h1:CLCAqky6SMuOcxStkYQvblddUtoRxhYMGLrsQns1aXY= +golang.org/x/crypto v0.46.0 h1:cKRW/pmt1pKAfetfu+RCEvjvZkA9RimPbh7bhFjGVBU= +golang.org/x/crypto v0.46.0/go.mod h1:Evb/oLKmMraqjZ2iQTwDwvCtJkczlDuTmdJXoZVzqU0= +golang.org/x/sys v0.40.0 h1:DBZZqJ2Rkml6QMQsZywtnjnnGvHza6BTfYFWY9kjEWQ= +golang.org/x/sys v0.40.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks= +gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= +gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= diff --git a/01-Authorization-RS256/internal/auth/claims.go b/01-Quickstart-Go-API/internal/auth/claims.go similarity index 100% rename from 01-Authorization-RS256/internal/auth/claims.go rename to 01-Quickstart-Go-API/internal/auth/claims.go diff --git a/01-Authorization-RS256/internal/auth/middleware.go b/01-Quickstart-Go-API/internal/auth/middleware.go similarity index 100% rename from 01-Authorization-RS256/internal/auth/middleware.go rename to 01-Quickstart-Go-API/internal/auth/middleware.go diff --git a/01-Authorization-RS256/internal/auth/validator.go b/01-Quickstart-Go-API/internal/auth/validator.go similarity index 100% rename from 01-Authorization-RS256/internal/auth/validator.go rename to 01-Quickstart-Go-API/internal/auth/validator.go diff --git a/01-Authorization-RS256/internal/config/auth.go b/01-Quickstart-Go-API/internal/config/auth.go similarity index 100% rename from 01-Authorization-RS256/internal/config/auth.go rename to 01-Quickstart-Go-API/internal/config/auth.go diff --git a/01-Authorization-RS256/internal/handlers/api.go b/01-Quickstart-Go-API/internal/handlers/api.go similarity index 94% rename from 01-Authorization-RS256/internal/handlers/api.go rename to 01-Quickstart-Go-API/internal/handlers/api.go index c757ae9..52dd99d 100644 --- a/01-Authorization-RS256/internal/handlers/api.go +++ b/01-Quickstart-Go-API/internal/handlers/api.go @@ -4,7 +4,7 @@ import ( "encoding/json" "net/http" - "github.com/auth0-samples/auth0-golang-api-samples/01-Authorization-RS256/internal/auth" + "github.com/auth0-samples/auth0-golang-api-samples/01-Quickstart-Go-API/internal/auth" jwtmiddleware "github.com/auth0/go-jwt-middleware/v3" "github.com/auth0/go-jwt-middleware/v3/validator" ) diff --git a/README.md b/README.md index d2fda52..8acb5e2 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ # Auth0 Golang API Samples -[![CircleCI](https://img.shields.io/circleci/project/github/auth0-samples/auth0-golang-api-samples.svg?style=flat-square)](https://circleci.com/gh/auth0-samples/auth0-golang-api-samples/tree/master) +[![GitHub Actions](https://img.shields.io/github/actions/workflow/status/auth0-samples/auth0-golang-api-samples/test.yml?branch=master&style=flat-square)](https://github.com/auth0-samples/auth0-golang-api-samples/actions) These samples demonstrate how to create an API with Go which only permits access to resources if a valid **access token** is included. This verification is done by validating the signature and claims in a JSON Web Token (JWT) signed by Auth0. From 6c92832efc1e9f8c28348ffc05c276d0766aab51 Mon Sep 17 00:00:00 2001 From: Kunal Dawar Date: Tue, 20 Jan 2026 14:46:39 +0530 Subject: [PATCH 7/7] Fix port mapping for legacy sample (3010 vs 8080) --- .github/workflows/test.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 07c1129..a524bd2 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -48,12 +48,12 @@ jobs: run: cd $AUTH0_CFG && docker build -t auth0-golang-api . - name: Start server in detached mode - run: cd $AUTH0_CFG && docker run -d --env-file .env -p 8080:8080 auth0-golang-api + run: cd $AUTH0_CFG && docker run -d --env-file .env -p 3010:3010 auth0-golang-api - name: Wait for server to be ready run: | sleep 3 - until $(curl --silent --head --output /dev/null --fail http://localhost:8080/api/public); do + until $(curl --silent --head --output /dev/null --fail http://localhost:3010/api/public); do echo "Waiting for server to start..." sleep 5 done @@ -82,7 +82,7 @@ jobs: echo "AUTH0_CLIENT_SECRET_3=$CLIENT_SECRET_SCOPES_WRITE" >> .env echo "AUTH0_CLIENT_ID_4=$CLIENT_ID_SCOPES_READWRITE" >> .env echo "AUTH0_CLIENT_SECRET_4=$CLIENT_SECRET_SCOPES_READWRITE" >> .env - echo "API_URL=http://localhost:8080" >> .env + echo "API_URL=http://localhost:3010" >> .env npm install - name: Run automated tests