From 88f082ed93e687fedaaa1398195fde834c36fbf2 Mon Sep 17 00:00:00 2001 From: zhihaoguo Date: Fri, 14 Oct 2022 17:38:28 +0800 Subject: [PATCH] Update README of azure-identity-providers-jdbc-[mysql/postgresql] libraries (#31380) * update README.md --- .../azure-identity-providers-core/README.md | 35 ++- .../README.md | 227 +++++++++++++++++- .../img/mysql-architecture.png | Bin 0 -> 26770 bytes .../README.md | 216 ++++++++++++++++- .../img/postgresql-architecture.png | Bin 0 -> 45329 bytes 5 files changed, 445 insertions(+), 33 deletions(-) create mode 100644 sdk/jdbc/azure-identity-providers-jdbc-mysql/img/mysql-architecture.png create mode 100644 sdk/jdbc/azure-identity-providers-jdbc-postgresql/img/postgresql-architecture.png diff --git a/sdk/jdbc/azure-identity-providers-core/README.md b/sdk/jdbc/azure-identity-providers-core/README.md index 6ccf18d88c60c..2870e837b2175 100644 --- a/sdk/jdbc/azure-identity-providers-core/README.md +++ b/sdk/jdbc/azure-identity-providers-core/README.md @@ -1,39 +1,48 @@ +- [Azure identity JDBC plugin library for Java](#azure-identity-jdbc-plugin-library-for-java) + * [Getting started](#getting-started) + + [Prerequisites](#prerequisites) + * [Key concepts](#key-concepts) + * [Examples](#examples) + * [Troubleshooting](#troubleshooting) + * [Next steps](#next-steps) + * [Contributing](#contributing) + # Azure identity JDBC plugin library for Java - -This package contains a template framework to get a token from Azure AD. + +This package contains a template framework to get a token from Azure Active Directory (Azure AD). For now, it is used by `azure-identity-providers-jdbc-mysql` and `azure-identity-providers-jdbc-postgresql` as the common framework to get a token as the password for connection. - + ## Getting started ### Prerequisites -- An Azure account with an active subscription. [Create an account for free](https://azure.microsoft.com/free/?WT.mc_id=A261C142F). +- An Azure account with an active subscription. [Create an account for free](https://azure.microsoft.com/free/). - [Java Development Kit (JDK)][jdk] with version 8 or above. - [Apache Maven](https://maven.apache.org/download.cgi). ## Key concepts -Azure Identity Providers Core contains a common template framework for users to get a token from Azure AD and -use the token as a password. For example, to connect Azure hosted MySQL, get a token from Azure AD and use the +Azure Identity Providers Core contains a common template framework for users to get a token from Azure AD and +use the token as a password. For example, to connect Azure hosted MySQL, get a token from Azure AD and use the token as a password to connect with MySQL. ## Examples +For documentation on how to use this package, please refer to [Quickstart:Use Java and JDBC with Azure Database for MySQL](https://aka.ms/passwordless/quickstart/mysql) and [Quickstart:Use Java and JDBC with Azure Database for PostgreSQL](https://aka.ms/passwordless/quickstart/postgresql). + ## Troubleshooting If you encounter any bugs, please file issues via [Issues](https://github.com/Azure/azure-sdk-for-java/issues). ## Next steps +Other useful packages are: +* [azure-identity-providers-jdbc-mysql][azure-identity-providers-jdbc-mysql]: Azure identity JDBC MySQL plugin library for Java. +* [azure-identity-providers-jdbc-postgresql][azure-identity-providers-jdbc-postgresql]: Azure identity JDBC PostgreSQL plugin library for Java. ## Contributing For details on contributing to this repository, see the [contributing guide](https://github.com/Azure/azure-sdk-for-java/blob/main/CONTRIBUTING.md). -1. Fork it -1. Create your feature branch (`git checkout -b my-new-feature`) -1. Commit your changes (`git commit -am 'Add some feature'`) -1. Push to the branch (`git push origin my-new-feature`) -1. Create new Pull Request - - +[azure-identity-providers-jdbc-mysql]: https://github.com/Azure/azure-sdk-for-java/tree/main/sdk/jdbc/azure-identity-providers-jdbc-mysql +[azure-identity-providers-jdbc-postgresql]: https://github.com/Azure/azure-sdk-for-java/tree/main/sdk/jdbc/azure-identity-providers-jdbc-postgresql diff --git a/sdk/jdbc/azure-identity-providers-jdbc-mysql/README.md b/sdk/jdbc/azure-identity-providers-jdbc-mysql/README.md index 8f9cf80efc0e6..e6baacd438dc1 100644 --- a/sdk/jdbc/azure-identity-providers-jdbc-mysql/README.md +++ b/sdk/jdbc/azure-identity-providers-jdbc-mysql/README.md @@ -1,53 +1,254 @@ +- [Azure identity JDBC MySQL plugin library for Java](#azure-identity-jdbc-mysql-plugin-library-for-java) + * [Getting started](#getting-started) + + [Prerequisites](#prerequisites) + + [Include the package](#include-the-package) + - [Include direct dependency](#include-direct-dependency) + + [Prepare the Azure Database for MySQL](#prepare-the-azure-database-for-mysql) + - [Prepare the working environment](#prepare-the-working-environment) + - [Create an Azure Database for MySQL server](#create-an-azure-database-for-mysql-server) + - [Configure a firewall rule for your MySQL server](#configure-a-firewall-rule-for-your-mysql-server) + - [Enable Azure AD-based authentication](#enable-azure-ad-based-authentication) + * [Key concepts](#key-concepts) + + [Azure AD authentication with MySQL](#azure-ad-authentication-with-mysql) + + [Architecture](#architecture) + * [Examples](#examples) + + [Authenticating with DefaultAzureCredential](#authenticating-with-defaultazurecredential) + + [Connect using managed identity](#connect-using-managed-identity) + + [Connect using service principal](#connect-using-service-principal) + + [Cloud Configuration](#cloud-configuration) + * [JDBC Parameters](#jdbc-parameters) + * [Troubleshooting](#troubleshooting) + * [Next steps](#next-steps) + * [Contributing](#contributing) + # Azure identity JDBC MySQL plugin library for Java -This package contains the jdbc authentication plugin to authenticate with Azure AD for Azure hosted MySQL services. +This package contains the jdbc authentication plugin to authenticate with Azure Active Directory (Azure AD) for Azure hosted MySQL services. + +[Source code][source] | [API reference documentation][docs] | [Product documentation][product_docs] +| [Quickstart][quick_start_mysql] ## Getting started ### Prerequisites -- An Azure account with an active subscription. [Create an account for free](https://azure.microsoft.com/free/?WT.mc_id=A261C142F). +- An Azure account with an active subscription. [Create an account for free](https://azure.microsoft.com/free/). - [Java Development Kit (JDK)][jdk] with version 8 or above. - [Apache Maven](https://maven.apache.org/download.cgi). - +- Azure Database for MySQL instance. + - Step-by-step guide for [creating a MySQL instance using the Azure Portal](https://learn.microsoft.com/azure/mysql/single-server/quickstart-create-mysql-server-database-using-azure-portal) ### Include the package +The package is not part of the `azure-sdk-bom` now, so it can only be included via a direct dependency. + +#### Include direct dependency + [//]: # ({x-version-update-start;com.azure:azure-identity-providers-jdbc-mysql;current}) + ```xml + com.azure azure-identity-providers-jdbc-mysql - 1.0.0-beta.1 + 1.0.0-beta.1 ``` + [//]: # ({x-version-update-end}) +### Prepare the Azure Database for MySQL + +#### Prepare the working environment + +First, use the following command to set up some environment variables. + +```bash +export AZ_RESOURCE_GROUP=database-workshop +export AZ_DATABASE_NAME={YOUR_DATABASE_NAME} +export AZ_LOCATION={YOUR_AZURE_REGION} +export AZ_MYSQL_AD_ADMIN_USERNAME=demo +export AZ_MYSQL_AD_NON_ADMIN_USERNAME=demo-non-admin +export AZ_LOCAL_IP_ADDRESS={YOUR_LOCAL_IP_ADDRESS} +``` + +Replace the placeholders with the following values, which are used throughout this article: + +- ${YOUR_DATABASE_NAME}: The name of your MySQL server. It should be unique across Azure. +- ${YOUR_AZURE_REGION}: The Azure region you'll use. You can use eastus by default, but we recommend that you configure a + region closer to where you live. You can have the full list of available regions by entering az account + list-locations. +- ${YOUR_LOCAL_IP_ADDRESS}: The IP address of your local computer, from which you'll run your Spring Boot application. + One convenient way to find it's to point your browser to [whatismyip.akamai.com][whatismyip.akamai.com]. + +#### Create an Azure Database for MySQL server + +```Azure CLI +az mysql server create \ + --resource-group $AZ_RESOURCE_GROUP \ + --name $AZ_DATABASE_NAME \ + --location $AZ_LOCATION \ + --sku-name B_Gen5_1 \ + --storage-size 5120 \ + --output tsv +``` + +#### Configure a firewall rule for your MySQL server + +If you are going to connect to the MySQL server from local machine, you need to create a firewall rule to enable it. + +```Azure CLI +az mysql server firewall-rule create \ + --resource-group $AZ_RESOURCE_GROUP \ + --name $AZ_DATABASE_NAME-database-allow-local-ip \ + --server $AZ_DATABASE_NAME \ + --start-ip-address $AZ_LOCAL_IP_ADDRESS \ + --end-ip-address $AZ_LOCAL_IP_ADDRESS \ + --output tsv + +``` + +#### Enable Azure AD-based authentication + +To use Azure Active Directory access with Azure Database for MySQL, you should set the Azure Active Directory (Azure AD) admin user first. Only +an Azure Active Directory (Azure AD) Admin user can create/enable users for Azure Active Directory (Azure AD)-based authentication. + +```Azure CLI +az mysql server ad-admin create \ + --resource-group $AZ_RESOURCE_GROUP \ + --server-name $AZ_DATABASE_NAME \ + --display-name $AZ_MYSQL_AD_ADMIN_USERNAME \ + --object-id `(az ad signed-in-user show --query id -o tsv)` +``` + ## Key concepts +### Azure AD authentication with MySQL + +Microsoft Azure Active Directory (Azure Active Directory (Azure AD)) authentication is a mechanism of connecting to Azure Database for MySQL +using identities defined in Azure Active Directory (Azure AD). With Azure Active Directory (Azure AD) authentication, you can manage database user identities and other +Microsoft services in a central location, which simplifies permission management. + +The following high-level diagram summarizes how authentication works using Azure Active Directory (Azure AD) authentication with Azure Database +for MySQL. The arrows indicate communication pathways. + +![mysql-architecture.png](img/mysql-architecture.png) + +To learn more about using Azure Active Directory (Azure AD) with MySQL, see Use (Azure Active Directory for authenticating with +MySQL)[Azure Active Directory for authenticating with MySQL] + +### Architecture + This picture shows how the jdbc authentication plugin for MySQL authenticating with MSI. ![mysql_design.png](img/mysql_design.png) ## Examples -For documentation on how to use this package, please refer to [Quickstart:Use Java and JDBC with Azure Database for MySQL](https://aka.ms/quickstart-jdbc-mysql). + +### Authenticating with DefaultAzureCredential + +```java +Properties properties=new Properties(); +properties.put("useSSL","true"); +properties.put("sslMode","REQUIRED"); +properties.put("defaultAuthenticationPlugin","com.azure.identity.providers.mysql.AzureIdentityMysqlAuthenticationPlugin"); +properties.put("authenticationPlugins","com.azure.identity.providers.mysql.AzureIdentityMysqlAuthenticationPlugin"); +properties.put("user","${YOUR_MYSQL_USERNAME}@${AZ_DATABASE_NAME}"); +String url="${YOUR_JDBC_URL}"; +Connection connection=DriverManager.getConnection(url,properties); +``` + +### Connect using managed identity + +```java +Properties properties=new Properties(); +properties.put("useSSL","true"); +properties.put("sslMode","REQUIRED"); +properties.put("defaultAuthenticationPlugin","com.azure.identity.providers.mysql.AzureIdentityMysqlAuthenticationPlugin"); +properties.put("authenticationPlugins","com.azure.identity.providers.mysql.AzureIdentityMysqlAuthenticationPlugin"); +properties.put("azure.managedIdentityEnabled","true"); +properties.put("user","${YOUR_MYSQL_USERNAME}@${AZ_DATABASE_NAME}"); +String url="${YOUR_JDBC_URL}"; +Connection connection=DriverManager.getConnection(url,properties); +``` + +### Connect using service principal + +```java +Properties properties=new Properties(); +properties.put("useSSL","true"); +properties.put("sslMode","REQUIRED"); +properties.put("defaultAuthenticationPlugin","com.azure.identity.providers.mysql.AzureIdentityMysqlAuthenticationPlugin"); +properties.put("authenticationPlugins","com.azure.identity.providers.mysql.AzureIdentityMysqlAuthenticationPlugin"); +properties.put("azure.clientId","${YOUR_CLIENT_ID}"); +properties.put("azure.clientSecret","${YOUR_CLIENT_SECRET}"); +properties.put("azure.tenantId","${YOUR_TENANT_ID}"); +properties.put("user","${YOUR_MYSQL_USERNAME}@${AZ_DATABASE_NAME}"); +String url="${YOUR_JDBC_URL}"; + +Connection connection=DriverManager.getConnection(url,properties); +``` + +### Cloud Configuration + +Credentials default to authenticating to the Azure Active Directory endpoint for Azure Public Cloud. To access resources +in other clouds, such as Azure Government or a private cloud, configure credentials with the `azure.authorityHost` +argument. [AzureAuthorityHosts](https://docs.microsoft.com/java/api/com.azure.identity.azureauthorityhosts?view=azure-java-stable) +defines authorities for well-known clouds: + +```java +Properties properties=new Properties(); +properties.put("useSSL","true"); +properties.put("sslMode","REQUIRED"); +properties.put("defaultAuthenticationPlugin","com.azure.identity.providers.mysql.AzureIdentityMysqlAuthenticationPlugin"); +properties.put("authenticationPlugins","com.azure.identity.providers.mysql.AzureIdentityMysqlAuthenticationPlugin"); +properties.put("azure.managedIdentityEnabled","true"); +properties.put("user","${YOUR_MYSQL_USERNAME}@${AZ_DATABASE_NAME}"); +properties.put("azure.authorityHost",AzureAuthorityHosts.AZURE_GOVERNMENT); +String url="${YOUR_JDBC_URL}"; + +Connection connection=DriverManager.getConnection(url,properties); +``` + +## JDBC Parameters + +|Parameter Key| Description| +|---|---| +|azure.clientId|Client ID to use when performing service principal authentication with Azure.| +|azure.clientSecret|Client secret to use when performing service principal authentication with Azure.| +|azure.clientCertificatePath|Path of a PEM/PFX certificate file to use when performing service principal authentication with Azure.| +|azure.clientCertificatePassword|Password of the certificate file.| +|azure.username|Username to use when performing username/password authentication with Azure.| +|azure.password|Password to use when performing username/password authentication with Azure.| +|azure.managedIdentityEnabled|Whether to enable managed identity to authenticate with Azure.| +|azure.authorityHost|The well known authority hosts for the Azure Public Cloud and sovereign clouds.| +|azure.tenantId|Tenant ID for Azure resources.| +|azure.claims|Claims for Azure resources.| +|azure.scopes|Scopes for Azure resources.| +|azure.accessTokenTimeoutInSeconds|Max time to get an access token.| +|azure.tokenCredentialProviderClassName|The canonical class name of a class that implements 'TokenCredentialProvider'.| +|azure.tokenCredentialBeanName|The given bean name of a TokenCredential bean in the Spring context.| ## Troubleshooting + If you encounter any bugs, please file issues via [Issues](https://github.com/Azure/azure-sdk-for-java/issues). ## Next steps ## Contributing -For details on contributing to this repository, see the [contributing guide](https://github.com/Azure/azure-sdk-for-java/blob/main/CONTRIBUTING.md). - -1. Fork it -1. Create your feature branch (`git checkout -b my-new-feature`) -1. Commit your changes (`git commit -am 'Add some feature'`) -1. Push to the branch (`git push origin my-new-feature`) -1. Create new Pull Request - +For details on contributing to this repository, see +the [contributing guide](https://github.com/Azure/azure-sdk-for-java/blob/main/CONTRIBUTING.md). + [jdk]: https://docs.microsoft.com/java/azure/jdk/ [azure_subscription]: https://azure.microsoft.com/free/ +[azure-identity-providers-jdbc-postgresql]: https://github.com/Azure/azure-sdk-for-java/tree/main/sdk/jdbc/azure-identity-providers-jdbc-postgresql +[azure-identity-providers-core]: https://github.com/Azure/azure-sdk-for-java/tree/main/sdk/jdbc/azure-identity-providers-core +[source]: https://github.com/Azure/azure-sdk-for-java/tree/main/sdk/jdbc/azure-identity-providers-jdbc-mysql +[docs]: https://azure.github.io/azure-sdk-for-java/ +[product_docs]: https://docs.microsoft.com/azure/mysql/single-server/overview +[quick_start_mysql]: https://aka.ms/passwordless/quickstart/mysql +[Azure Active Directory for authenticating with MySQL]:https://docs.microsoft.com/azure/mysql/single-server/concepts-azure-ad-authentication +[whatismyip.akamai.com]: https://whatismyip.akamai.com/ diff --git a/sdk/jdbc/azure-identity-providers-jdbc-mysql/img/mysql-architecture.png b/sdk/jdbc/azure-identity-providers-jdbc-mysql/img/mysql-architecture.png new file mode 100644 index 0000000000000000000000000000000000000000..078100a6fefe13add33e9899f28c621fea161881 GIT binary patch literal 26770 zcmeFZXIN9)_CAWDq9R}cR1nxG2!a8Xrc?z*=|~Bf5ZH=H?}QGqAtDM&6_6%~KuD-b zAT*^)kU2_bLXZB8ykBc8{3|ug9m^spBJ=8+1MQJ>D;_w=5M_~=6EmIxYfK|uQ)Jp zN|0T#iI=_Uu>rOE)RBEwUvf5_ei#*sUiMgv`P1p~^;z*J`}8Hs#Cnajs6suFm!ETU zuhx!!uyz!XS&tUtIwCC@4c&j8J@atcaM-vKHy_UT36@Gk8jP`S=Ws-qGIN+rHqH?Y<{{B>hx+iDfZVOxi&&@ z_-5^k=?0aCC;z&39V+blO+P>V+lM2pubQK>UTA0hsU--BnInE=o{XN}(lS*Y)^_RV z)w>lvF_S8nwa|Myn&B#@^FCkDOnX+Q)?ud3od;qvUc}54(O@885~! zIdF*UyWqfDj%7d-^VNy0fTieG*99^!@^&;0@iY3g9U^^sv;B1RX9fA%v|T3t!XwvL zC+$_So^KK7S<~S)tk`c{qz%1PuWzvItF?L{XP>2T`m*IzvW%8M@(H)bUAY|T8rN5L z0xL%Od^U=W7YvFmOwRz5jLfkty)fRB7uYp}fh+EL&_@bK#u&6s(vdVMYs(T7=i!8hqxGeOeyIg#}?k2U3o_WmK_D&BWe zsZ0#bbaXI$njYEev*_JP(%**5qfps&8@W~&6O?m~ty3m9fxy3A*3R+?Y}W%WT*d^- zH(GF^P7GWHzOj)rJH+dEb1G5(Aq14HcwUO>p`B!quW@JEVSVMbm-zZbX@e%H^sn8v zeuK?u>E{AP{0!szj`}K!j>@@^r=}FRL&$kwAsVZ_!`-7`QjTtns!Z^UGqaJ)vI6xp z9>syWc%u~>V+}3`YoBIKf-SXfk?VWJLbSo<@T8oCvA0LVw={P;dDCxt-qP|$;@sZw zO>ecUe$L7cEPgS)acqRp(`5^D|Fv$74rTkVU!Hb(l`fbZ+YfCo`w{UXK}^Z;t!pl{ z+@+6q^ybutd?QV6mq&+|eLC9J1SCLHsX-+iU#*qD#q|HRkCKnQj%4(hMq=EG6}}jL zdxl3KDSqXtCs|YDjm#Ff%w1uz6o-@`SpqSrQU;oofF_lXj*WvuF_ru1K($7Eu=BQ!QtlJJNbX#^XpstKO))L zdQXRc9H1RyUC2GBsB<%PfxeH;Oie)GZa}Pt$l}4Le>kZv6c<7U#g1(iQ%dEO16v7E ze;oYSUoX7<>g{yN`2RJOak$Cg|_^v zbFvvt==cU!Jp{b;<%MFNT&Lgf(bsxDVv9caIei#eSTipiI4io*BnvmEU0q25qVFq)oe|Y~m<$ zcf$?S2lh^JDTzomlP^_P5&u2T+3bpo8JGS!sS4%oh0@rYfzwI$Zt+&>o=vA)s;UEN zD|T<*ya91a#&U=RcfuEk`f6)NY==IY4?6x{CO*;ccA4A?Lr*pTxrftENp=a#5%Zdy zph@-JO70sv``aD`MQ6_XGU?!EQ5xPP4V^k5;Ha-X{IK`y^ zcZAd-XR6k^^;$}rqJ$_jwLhM64sR|`z|z%2f@7*?(t_}XwY$nmg&?SVH3mVh3E9T# z=2NRy4RI87CEb52-r}SEl!Ujdui@`?yTv-w>L!DyT>myembH0frjwn|gT6dFz~#ju z?4MD|SSOK{MuTJ9S8=rrP?7{U42p6aR0~{lP;ia9Htj*sU{)b&Vm#u%%lGJ`rlIgY zbFyshPE1t-eC|^seJjE8!6Coa3!gWc6WR2&9wVa!_-M$+Eke7I7T@plz%C^o|EBA2 zvtymL%NEfZyZ+q}q2`OF?c-2{26M+dea$dkU2SeRWUcG=c5_LuiQZPpv2)txJnEZY z)KHT++Lf5C4umpxkpMzABuEpGts^SJm^3DS% zid@vJo?#;3dPDS|r*1X#;bx~64~=NR(=+P@NOl8h4>3ST{zta^Z@|x!X}| zc4Rz!mB6Kg!H05a09MkSx}EWiTep=Re#^$Qk&odc-Vp=J+g)jsWuU(BYV7>fGD$0( z#tc;aHo!gR-~ajACr1&?>g~x`qu}QW_Trx<(u2KXeoFPyFDmBMY>WiO1`Hh*9}&$< zyXyJC-_ht$Woz>r!Nj{VvQ8Fd9Z;S4W*nQUs}uz7hahX&EwW7!b8I;#kj#oDcP9qs?`o}>4KuCB%dAw#>87Q zXP=)u8athdpM(lLe7PT6FV0%J}@7d5}4`t>vk-6%m=vR=kkeR z%5kj+9{$5azn8|yr2CIY)bQPlJe2tk-v`_7G14%Y?ps9pAPX)}<>a5pUWPAz7n=6wqiN6j#zcJ3KhM4(Z7;@U{t|nIpZ_Y|ceMft|<- zuH9a$3}q|rX!tLYAkIut`?ntkf<;3|!}-3{cd+!-cYp7-i1CI07U&lA6Kp~Q(k+`| zbt;1Y2xjUT`M;w(|(q;a%JuAs; z87h++R9v!loGcLgSr!eKj7M{0$L~c9Y%JJeQM;%dzxDEQ%$wo%QlDjNtusz$ zsXI~0Nx?{FxiYBV>$VmCqsnw4^1L0C8R%I%EUZ?EP1g8+b*F?cmikA7zMMjN#SC>0 zJmB$IWv*Z0%CszT`_(xTJH%*tYTqCB5L zT&0J0PoC*-b}e81@p=)l2%6dGY2FzzZVsB^J5C&g{3ESk{kwott>vhIj# zztVPbsi>a2v@tc|uU$)!;|^K3C8Fk3Tsz&buTZ+0WkmuC|${}~}p zULjHMbG=T1g#sg4n-8$<%xW;djrYoi~=;-eGQI zlhd>ZsE-l_sf72To2%&+XgR_MeX53!CDN{pFI(0VJc^wAD%IrWAf3lUaA)1jueVaeu3d1Xr;|(36?5ins>2F!-4I`{5aR}vsYlL}B1 zSKIA~`k1XYTFv-3Y^W69{S=tvM8K6+*#J*1;-@zK7G-GgROr7~`}=pOM4xASzaRgo zCMqBr@5^V?kKAZqB2Znr=P|9PxdO^*J$EAwcOR@pDCrB)a#O*MtmTIjVKatmv|h15 z+Wgcs0Fz#qR4(D$)KT#=Fnswl9`yl!KgeHD@m|Mf-=Ud@3j{&Mv@WN#j#Kr`E`9Ts zytkv(y*I)7+g0liDy7{F(rSs-1Z*;E@h^316v|2T-L6vo4yRm3BGPqr!=ujhIi<XkvXp~YWxoy700#XMX#MAFllu^^ImP=6=mni5{)Ju+MXHE3^$`^#f>y7GX~Aq+B&PZ0Vg7q zTN#TJciq;nr9i9KuT~Vr8aUq4;#hi*XDlcg2vs&u5}MTGRNd!ic@~4?AH_D5wJQ*< z+yDTCZ4^42XPA!iPmntR!g)3AYIx-FLB98#K4&Bp;a?O zm6RWunACK9ZQcyGwwOxY9>!pbz4&!8WX6u)=GPJf&SOMQ<~zowpsGx_T+|74y2tjf&B0ZCmJa zIwA=^~n`GkeKO$)<eJGHUwrYF` zPB$n_Lcz^pc$#{zZXq%1GncS>WxAqK8OX(Za{P4q<*J-FUE4=m{0kwU#{z~r>Vt_j zIGrZNLU`E%o_#0q+B$uD@$4v7Zb_88Yob6TMxvn@pX2@}PbCBG~f&eqz>b9$dq5z4CeiEc}o^(n-*IxVuU3e!gW zq<;vGzLYTP>o*!^MKP@2vp|sqN-_hCgm6aLXw5Rp{chCf3wgrKX6M*NTPi{|artye zK#w23@fN}$O>X?>iI{+>z-JFewg+k ztJNw`C0Z0VtSCB4ZQBbsWF209&z?#F54c5x(?9igvH2Va$~{K`l(A&Iw|7l3II$-+ zN+|8jTF0h^o{6$cU&2zZ;`yD>3w|q$ATnYN;Xh*Htf1jOc#M5#B9uLFvsrhbZpVqy zORFQ}?X7`wowIILM{ow*>r69$xIA+X#A zqyM{+>G97cn;~<>F^XzS*S6brHtfZl1DArepm^KHVoF4Pq_qZJHPFa6SyQLV+NO=L zPA*i>5x>?ubBHP~_F}Ab$P%$V&A)m>E6_eJJz!M1Wo4aC?sog;(RRKhE$^u^`U>ti?l5t}w#C*&$q{^T4yub>H*XjHX6ATN_4OlOfgC z*Rn*9I}ZJuXymCfuIm8k1L6*(QS&ScWZT~xB3p*OH3&qD6C0Kmw-wyo|j;VCK>6J zqLEzDl^bsAr}GBz7q*N|>=IGNoY^4+(IMS@K3&~~EB)%Tv)KhR!|cH(g2L|pYjY@w z5nrH?oCI#nxVoS&E{Q}}heeX2dnLoGoyCq{QV z2&MFqaBQFu6JkL4-mk3TACG~4M>fD#r3OoScy$+iG;b1!e#k4SlAS?)%s}cooOi5p zZqTnIyRzc=HG`g(XGJ@qoQh0eM>QnhwYc#9N4Kut__*QUd4l?=N<;kJxzLap4INvJ z(&M4u<)|gnm_Wo~@v-~YYD1^=Y`}L+gs38P^?EGIZgCBV*bMMN;n4S^M=LcW7DqNz zCuUl(q462gYlshQ;UlN?+^}yDAKI`-u|^>h_vt0j#o_tYIAwvykna5B_nKbD8jEuw zg7c^JAE*{}1w_C3xhmBwB{+Ro^K)xxjSl8PrucTbP?U9@!bnlRdxUAyG_!~E93!_w zAVbg2*`@zO?xRRSb-^h*;k~Tb&B%+S;2+?M9OS}^h0@xgTknm?;YQ_lG_iLUl){)) zIL=X6RSOh}*nVir3{I&+U(QnTtqlN<*hzI#Nk`l%irDo#PJML+OM^k_#rjRE>)xz0 z!N)1vM>H}u$!}f{3CkWL^u$fRQSrDt`cV*F-GAtCYE|cUpEB3#g&P+iF&dsZrx>Wvti?T^dY?uJpvbe(qlxkwjG>WQqap1@79r{7%ld!3HfQ2e zMbWHT_z?*Pssme#lmzJ#Un;szk}t(f`odB_Dg|o$Mj-}lH)tEJw&NE-LE-4lqIsb^ z%grI0)w3TX@j&rGHVN@vfw)F=Lf%ro3IsOBmEF~JrkD=x%M*6F>3d!+;^d4Q&tjS# zS!L3usr0nr{FQt2otW&9X`4>ONzrRy$|qr@s+DtoS4_Nzv~Sh=((C6}%lM~(Imo|{ zKR)tSU-GN*N+!5rEDN`07YI@#*7)5D0x*|Py*$hUSyJ;X*(ge;YMQ=Vnn&>%-Qw6T zX;c!Jh>doYsk{&{^1L!_#SSl{66YGY5)gW?l059SSCh!mOu2rj2ruBwR&IwI5l?d8 zc3%4Cc#mEsS^?eulC`4>q3Zt02Z`2g&>a7iZE_Ck9yq_h#S2^Yvk=vvsIIq@>hMK2 z{>?7qmd@a}tWav3Lb-+Iu5!3MeI}f$lS#FE!&Fh-I-*$Tmlex4_Asm;lam*39UXs4 zMtR&~m)XgHN{H-~-PhY{b}HtfJcvC(pxFg#jD<90f*GBr6x!_rkhMZH)9S{E4$3(*1Bw8;3Bk*7v`>khWg zpUuA_&W|-;{P>yZ7c%X3t@7mY=fSb_HH=CL(0fl4Wv9A2^-Qx|Xeq)SX1_uV8`?k{ zkDpAd+{m8Zr%z0OamB!5@SO#wY@`tsig&x$LjH=d8qw(R{a$2XP5V$(pu@CM(ZTk9 zL=t!*`{4}l&5MUIe;}<6yCH6MbiPa>0cPRFNjSD(Y#|S{5JV0%W1W%JNAT zh0u2TT}qX#;E+j2%dnCTicWdI57)s%g7A~{(O0yPm3%zX%*wcE~C4)B8!3Z3- z%HmD3n+?wDh6!0c#f(+8+f}IqDzjM?AA)95{emm-9+5Fl;vFH|is}AAKuI$upq9BC zq!F?<+qHxxx#^8}>&enq6%`fF>(F+$sp+alKru>0iBeGdDDKl&poVfP5n-~M4M92F z*ARlYZq?|+?6vMW*l}j=({HhVFAQnn-8$db=2{B9VpE4z~;8p-odqO4LS2L10xl6T?r3WMk z;6kpXlDeV=yTSas&kJDo=YU!Ii~qvDi#mLB#|~ZORwN3Db>z+ZD$^eekRy3 z-kCf=`_#E{##-8Ev411Cc^&@wgYX0*W*umINSwG4j%3Sf@r;D zlVYB=A2Q+L9aQ{Sg=^Sx_w8N2Ou-^eP(>hfIjEP`m@F%%d|2GZ_nK&l_#4Fl^W#}e zAf&tVuM&kQ%)Tah8zVKZCK}SUF~(WmhTS!*IvdgwhmP)-hkZ_21l&7>__K*%&WQ=( z@yt~ye^1NW$hsn)yIh5T0iB|E(5{mF3XR*a==y$nj1L78$Z)?+i#lgTLOHK%B^io6 zCuCUfyC1}DhX-q@UpoQ8@Xfmk+oYr_QTz#mWyM z>Pj?oap90JeF83@2aU(c{q#PpkYP!K#Mu|FS2~OcaOgqOXT$LUf^o;c3QbOB`@0k;P}S{ zK}4vMoTssaagIl-Cp5GFhPYlP&GeWbqA$Y)pK$faP&~-7tOcogsI1iogo&|a6drr8 z0CL+8#zD95^*T9dL;{CDFkKFc=LwgoX2A(%v0_o+)m!1+Uu#a@8dkRYM(_IJA|+S@ z@s9L)+4&TO9tr%gSjlq?^14q-5Pi==x*}EfrbD&4#f~wypZ|Ly(fawMl6ATh4ZBeR zHbFZ=9!YXa9O6~Xi!u`9qcdhoHL&q!NR?f$b99NG-fGxX^Js5(*10(IvjQc5W|Z&) zJ%}Gqr)8c2Eh-!NL~o#cygD@|+^?IT2z9$=BaE(KwI~31xsTKoE)qK6W`g?K)tyj$ zMdbo?`64_w(kWQ_qf2IktXM~u;kK>Gi2H6>h_iE5l}GgSrJ}^MVs?j9%$heq{nzhG znLaqabWA85a&d9nq70an^F|%T<-NWsac&cABJf!MS%yLRs)ml=#5!P>4KCvD%A%LX zq9kIj03)D&3S5^iuov&CkkQM87v2~Kr+OGSg(Sea+=pWdyO4{@q%ArE3$b|x)X@)A zcH6?dg$RN%hH$?AiMMNEVwKf^;niOB9(95M1cTKd<^wxhXcFR$XgaEtGsc4K|5Ry{Ij3J-d|Xo{Nh-I{v+Vh!kQ_GX$X{sAnNMS(ItARN3guV#3! z6=(V4V8r_ac#}^sm_5xhGeHrP-`LiDhjbr*+}3<)0zC-qACxVAZ60ohekfWNmv3i` z+i#**6hb{LUVMM+oS(pl<=u&WdJ+1nkIhdV)r+`$hYnXOXzeFqx57r4-Tc1er&@U`$}57Z5rer67`cTO+7akM9`7gI|IT-*`Znmc9Uf#>4!-u`amzY6ywi`@dbF09GlNw! z@x3Eeua--*)}rnaA6~{D#nn+%j0p!Z`@)GWigi`mmx*h8o&{APM~A-Ic&jrXfQTS$ zqS?t`2HK>9!5(v!#)qoc)MD_Aa63x&9m(k1_hkL#eg1IX_^E7|ukhu)wIR{CxkGKk z$|iIy>?FN;`MRBZ)$$8>n6>{{7@5_6YU77Eh-w6GvYM3_C!TN!dvIPXdR!}$l8skj z8EZpJDg@svaOUh%N4{BPQC4;Wmq2A}^LUSVOyb&Lkq&$(l+Vf2JOG;wAz7&wj@&-g z2+6Vz_ku|asXs$!@;plm+xRRqaNjzF05Os(g*8pwoz^lzoj5d<=8{XQVH7CqWKnf- z-aWRdy@za1IEZw%yz4Y6q?g;ax;uE4-y(-=dUs#6OCv zy}`15yDcS{1=L#4^-h6tOvk_g+z$QwA@?)O@RntT!ozAtWOuDxn*Jf<*|dU#WJ|5G zL^Bf6)Q{+2<|KY=opE8UMgay3rv;2VE@R3v1wBuF(8~mqE?r8D`Pvzn3snmX=-rFz zN_1VxH#XseeTzy2*h!)|4tTqt`@*^v?^}yr2t#L1%YyAJXEN(e3fTAR6CAm3& z>TfD{_MJ@=j^PhG?yRQtdI)tRFYeTI$wl#-_(c={5rOS937$ccaKH5kQVB@H3~r)@ zBX=_eE?dEni*%ERK)Hw!9?LoAYb=@xrqtk-oNLx&)CCpu`t74*2Y>DY2SQhKVrh9< zp)0UZ;GL@eDo!w^7_HfGuF0=g0YXYLw0yp$WkLo&tW2;<)Nx4eue3H|p9ou2vLc8? zn`gY6ndn-A8|RC}pKf!@iVIWsT}mmKD~`W$^4TzATE27J;MR_ZdEqRDO<232j` zcoB6@%tZH(zM)*1NheR9mPk!;~ zy=oX*Bp&(sY4u`q%*H60tU8YUh@z@LM`O4N=6-f6YEeb#oyXR)uJ4b$%Gp3uhdM+g zKDm;uFFrqTw`W}hr|;~6DTm_vxK$!Y!zl8s z6*}X@Vc$U@{s`O$`X#_N)$Xk5;p(|nHg7^?$(RclEZwVV!zB0G)OOq0c^27c^r_ye z`f9seO&I;PT!)8udsnc2Z;9fFzwO4ibJ3eyGyy3MTCZuW-OJ+v z42u0?5a%(Q6M~vL&ml8$0|PT|KS`#HwM&Kg?iVEeu$$V%S*MEo@^;k{AvIU?%rB~i zhG#?lW(@`1x<1LYh8)1|)HsOEb~3IK?eg^eH@P(>x4?R?o2v6q3ma5}6Y1!+03Wpq zn1$%L+s?9DuEN1&MjE_Z^vI7-ooX%SX`s2%V>N;>i!-f0wQliY=+VP4Y19>!I}la> z6iDKPqth)5_g6nFv}VP0t3ov$#8xl0R%=F-j%bzFSVtgE?L%c{L&(dED{vE?bdXs0 z;c6ueZ@A37z@!oJWpkp{EKMu2`ePPN5G`wwYp<;eN^})`){H-|CZW8B2gF#>wX)eTq?mPEX7?oK)VMebP+V zNv}o`P?C=rx%(}M-|Y2VNQcR2gBD!O&jXC2?<&qIg@T%ef^HR9%AvtZ)02XMJjxLn z3A<4vM$oR)HB97)i{pNalb$NoAMSI9n75sen98`hMI+ky0sNiR)VM_8CoyF8yArm% z;4ki1sel&f(e?{gw znMZY&K{sPh4ECpMN;vrlt)i9Gf4H0W^#_ZVxz06oj1dsiB9zkkp&;0{`wU2|Ox3lL zE;D|D-*Z-NeqY>3VQPYQb_FO->Th-%jd%GAYwo;GR~Y_5VWL>$RPwJ7Nr-Czm{=rUH|dseJU zODLK}A4~1csifAZR2X6O(^Lm#&&f#h{TG&qiOJmjpZ_4!NCHW1s(O0RN{hsz*v5S7-Z3V%w^fnkGBKUvUNgDenW;tAkx1qJ-jy8V1ky;)hDfks2OdODE~{+}PrNvC zdOR&;eb52jeF<4=TJkqnhCM&|AAFOK!$9p{y*Tx%=f~8^SPRVFS|G>qHIY`#>$oML z1HU%-58fr8Xgollmi$e$W3eVzfR5m%%#ZpPTy2ufrAn$*p>_2z#2Gauf&iFoZp}h| zK8)=RKUk$Noc+KN4-O%pw?Kr)r@O_@$6HtrrUJCdmWho~#Hd7lpfw>)jXY3nOI~gk zNq=XC+YkV_QANdf5qds}WL zg6eAdcSTZr^>UM7%NkGwATE{?)R$uPWIWq0mcFL2YQaD$mr*kGzY=YJkwbs6^acRV zVu;svt8}55of6q6R#pWd9`4w}EKrl)Z6KTv@NORv1#<{`Px=nf4)vSsZWIds`E{2G z;O_44z|Ff`y2<8fN+B)y)}4G(&>Q=-fF>Ip>ZVOZ$u0t@K9jkWhJVa#ZPYRs6Fr%X z4T*>i0Ibih4|^LiEhV@|f>#YR2y{vz^-+3=FRSc^2O6m5Fh6pitcA`d(FQ@@*;Dco zZ1>sjw*mbkX!Sa99=`wk8o;4FHSF0eq<&d#D$X>fB-MAQ1;>v73~ULYYW(bpKgyvC zRA0b0jNFWp{AXVxwrjQYxy@@_%HV9r;ELz1l!3qmzAQsjEb}?ppw+lrV#rq0t==n^W z7W}8X9keZ<5Nyo6T_Q};7LO+MdjqJV|MkkiKNsYGU@f2OLFLJ}Rm`MOVl83e1^l)F zKfiK>XyQARDVvj~#5-*+rQZ`wP1GJV97Gsk;7zCP#dP2@zaDS;*^tI;CO5KU@C1O} zw~L5z0{GYS+(8TMQlI`i4={({>J1*14TfdijuuYUSJ|434XMj}@^vq)wBQQYnmF)6 zEJU7e0V{ZB6S~#tr({tPGY@QioLRJphI)WYVIKG-^$9x%9sT1gVA&IerQj_w4d)2IARd3@MqG}*ARg1 ziWk*-v3W(jL({|n;GvUQJaiW2ckrL41`#dpMdge`_2$xmikN;+-CD#63B2b-(^m6* z6UsS(q?>a4uwzrBiR*6}o+m5Zxm?reat+Tdmewg$n~;5 zgu4Q9N%!%uIU?MhdUVNNt_r|CePc0}8OfX5`|Nexf<1uY*#0#f9QjbW%+j0SWG3>L z)XI)`>BJeodah%w<%mn&4T>CWccA4;v|>{TJ~aHG-EgUZ`HNpl6RE7%+xu{Q!y2b9 zJV;?@%Ldgb!J%K(kaz9=TD!JcRuLdo6}}d(^E~^!RFCR%)#NGPl*Biz- z^|A>FJaM}9^qH3}YYuO+1r#1Hp3DV{U6oY&wfTU;hJ7IPE-zl$?C3wfhqd7iSMM2Qhg6qP#6^7XvFX+?1+jJ8Z>VHgEnr`k zASr;ns1WVM!nb;|UWW6!<3I?{b^1amM_eSCe~(!rek5Y?e|f?_W7s?%`AjXN zPrA~2<$mJ+4Eco`jz2ETln$XAOqbWOzX2)%KMz=1!y74w*gAo;zP5y zWd6IpaB}BC-bUfh0y%<5tAI1p_w;>KS|%^%NNf<;2s-Z5S8O74+O6m%>9imF;^MOzeF*Q8+p0!;-Aq;-IM z+H+p6OsKFOw&QUq1^}tbR#y@Le4*k*`wyPlR|-S-ne`7043s>+VjLrPzwY^@S_l9K zeG@*E6};OSw9E7;tXg?RAy@jXggB*`Y6=Mh=wp5f!Q4(y_anmmXm)xRi=W@qom&9< zx2LzSzZ6fj>IT5CpRaHB#RYFR-R31f%mW~J=|>F$Pp^#rX<4fxTfG*OPK{Doy3=ao zKeoR#uDcvq1PB8y322RkmF!x1Rf4`J7a#iQwaIN92gD&GV9&7tzi9Ir{eP1VC8*?q zi9gu6uYQp*3nU*E>+4(0jy2S+(W8aFWr1SXvMz0%fLX4)OWAaQjHC;>x)!>`67v9< zU5u(1e>M)>X3dddwh(H;X$=TACM~N0#{PEOfX`EK^|IzxakDUG26fX!4FKYF;;+Pj zmG5)_h-6Z2XLq9(S4u2+c<$z>pMM_^7wq7pRSq9`V;{Wl3HMJHRT0RbDl|5cv?7); z$(nI#b{WXgC^I2T6*I%Rce93vy$Op@A=(EIMa%ytN*aF3Df0`UZvf>2iPd{R=7Lyx zcH;I2GwHdzPcZMTMeXDQcN%v#8T|i7Lfv8I9v;6F^I~!T}@!wPaSgq(v36O&W~} z7&mtQh`!s+^D0%b`Hc7G*Uw@fQd1psk|5tdi^#yK9opo~wfbD+ZsD{O5`Dk{4m1h< zC7g0YWghgsCutSj@Rt9@9wE*mESLwSK2iU~zH!2|jxE6WXD`!@F z707~qsZFd*#GtMibL8kgM$Wfmx6gDrB|iZ0<$9as8tzstRQDSnAZ&VuC``2S(($ST z6CrI<$bxYZdb9i$I5*1MNF?r zjZ4GJW4pJ<-`y5oMs-S&0x2klDu6no!w>B5`cD~G9{}TH+l@?MWV4FS>mUe9F|Iwo z5n}dakd=m3Ksd|3J3>{L$|r)842Ng4qhhRFouy1=4`LoP^NFZgoFh4#ZGTF%9!i{B zc>yFv{Z*y?@`Up#F5~H0{mw9f8zwNw&?sA60^rPUZH5$OQWD^r7HcFgfDLuN2dEa@ zv&nh!*kiAGOL?F;%%|%Xpau)>*>sJ7qWAzAqif7scs8WE%*mYnaelu8=X``(#y#B^ zeJFE4Mz(&n7o<9D-DYhnBymzVrcc4*ve)Dto16q~H6^jW`A|NGeN;fXNB4rG=I=m( z)=pzzbh4&Bg49!`c-R*3*0Uz;@OaacRF8W%4!YVKX)wytWl0KsncbQDR9(E4yH2FJ zORIaHbcNLmwJI0|nRRu)-+O=egpq1jB68&f_L}xSqx8`+wzxRp-_xRjP4TX+`ZZEb=^c}6; zv-i3}2}jxWmOSpISDh;b&$fX6#fP1jl7Fkz~o z6&HY)vD#(44>v2{XP*|p76BWaPm{d( zpuk)G9>rk~Et>>To^|kYV@OhrM`iT|`KNwX%Uvz$KY;M9+X`q}YbBr7kk10jf5+2XvitE*rBAB}t> zwC4w(jX5?1#OJjIV7H&qD|-^A!u_fTw)5pq>l?U9Y;P{Gs~&P3+eh7P*9Cgo%x5&t6beGrV^H+ zx($ViAfJ_&Pg-@6d#<+tV2*#*=&stk2ZA{ybz$z;*B|qnQc4c|*}ccA z^hM`&p?Nd|s6?G#oyXo@rWN2nCE%r5(&`BgO&Ah%g}y<8j4!hgGdK-=_Jjoba;j^pqALU`!W~c963`hwtOGwa1VVE_2LJfwDy8XBNSEi<}AW>RQb>vfV7ot)qT|em6G%c zFdoguTq1wGOFO3z~QRY{x47y4Dmz9^r1W^#RRW zAa#&dN-?u|^(({CoOvXzo-6#XAw`vTu)G8y5y;oe0_94qKL)!Ae7Y9_9~Q4Vz7W_F z4&ztGNu>GLxqBaGM9=>_ck!xs*IQn|9%M7G|6g;T|EDvjNyDs<)_?*(G`q*E6J<0` z^6D$qBr<@?4#V}4RI%{lUulhVLr5 zWXb2bPG4zI1Kf(QiS=L0>Sf{Zz(O)+o<9t|ZL-)_aj8=H@$sTV#Lk4sZg{C5b;K><-Xl){ba^8f6dOhvkU`N&5q6QBGUZ<`=G_Wv<265E zcx{Ro2Y|`#IpAu>_ILNtiBQ0iJWK<^c&{r^o!!;nVj*0XjEKo-5Dr)+g z136H$D*(`!fGXRa94e4_u^I-i)5eAoyQ?D1T@n8udzk)!Glv6<5M4PLqc;rbJSXsQ z%5(w%$(W}n%O|3|BSF~rqcXj%nYs|DIv_;Hu@bKv&kj@ol~vLr@YhmVkD>QD?bqMl zQvqyGONXU911QfBV(3FKu2w?Dvaku03V_AeGY}z^^A@pocd8$N!5Rd>$IdB^277M| zITwoecyFoKusX=BoJ2P-Av2o^0508}QLi@8F2k2PLS}V|5VFfU*-<(6JtKJPY$X9J zOOcyb`w&W>)42y74f82;Eo)o|WYhh!lQr{!gk<*=Y(Bfp ztTo;&kyA(Ev6pk%ep&+%#R1vIHwlCPv6WKOEF4s(dw>s6bI9pAB`p3yzB>i`l~#Q{ zAXpCQ&c912D09}#<)oaC_cO1f;peg9@wo*gyNKh`;wRWSxYww+Bg`xlb#rTh-qz^; zi`)jpahcj3uga^1S$40~YZHoFrI4Hb&sYr`fVllM7_hJ!44Ba6yadpVY6R1zw1DG~ zm_7rLgpFbd>^!QS5=DUp&ldp;Tw5&wq$qAc#^V}lD<`Sb=S&75aEmG{4@D3H8LVyw zZN9G!F$!qhF_k~-I76oN30>R6Kso(N!b!_ze{ciJo8faFny+h=vh@9mNyx zm_$e9eM(q?4WKKg1vY?tHVH@~5u3v_A9K)?q0mQys5DaI^dN%C2)Rul`?)9lhH3#39PRaqSh`Rz6&Ir}#IXkLEwwkQeGN?J>P$d(R%~qdh>mgUb#t}b z>Fz+B^}a0xH*4~KW@RW@yV{`=I;iY6uO!+F+beX!Jo=rLh7DRG;hApw)xIn8OhDH# zP4S@X2cm#aSaK|X67(#a*|DJOoM0H-+~yw3LK$E0MJsHl@2*K`Fg7Qm33mR|F3qgGpea=-EtH~y`s{@ z0|H7BlqLcqp^DTX)zA_k$3~NYKmt+{EGPm>l-@f?M_Pa&;aD)zNu-4$M4A|^g%9mr%@XI+fBcy2vkN|p2cq&M)8uqKKu5;r%&uAK=yq4$FJl@Df7hr9m-QXyE#G?NeCAy-*` z^yJ6=fy}K*68>tk)+y2kob6)%DQI0KkaD)po5waVxcwhVS#z=|mB9pVJIDqa zN}Q01KljQ2j=kWoBsUpWIW^1ei)s>9w1A`wzH_C`&CV1dk%CA7YJ#}j3%r`H0X|aS zNo}$rg4#se`qYR=r?KInvLgw8*|#A}sx1)&R~sebDfA~uP0iefB)6&#naz(rF|`d8 zt~0dGlD{kV8LlYDNBHVnDQKTuM(ri159eQq-jLdhQto>Tpmf=b8u-1& z*Z`h?$<+Efzf?IW9MoMY3zjLQ6CFJRHCr(gS2su_>7I?1iX@4;JF1VW9UCyPZ0VujGd!JwPRid>J&L9pDSL zUM@HV)8G*BT)AdrKHn%m3f4_Z4_DTS!d*^|P64`YZn({92Y87uc)2mc$zgR>4Ek^t zN)IvCkVU}OUL|fIbTR$=9P}X;5X-of{Qj~;*jV3%VpC8?H8_D2!BzfpJx0*gQ|M8e zDOQrXeLzZIw~%@~l_i~ukjea3h3VLRDo?B#V+9FVKiFCbX}9b`xXX|e%kDp{=t6ESFI z!RL(n;%yo6q_23XTAfI7w_#aQ0WFPM%|+J)m24}=x=I)11J_(ju5l{iG}=SX@uN}z z36!$YIy1OsJbqxwE;-muqZN6Tk=T<+H5X zn{Omwoz)<6IeWY)4CvqR)2tEv5I@{_N_GRzc%j^aky>53;FbBLeUqw6C=l#I+0OvE zHVFHd-u`%8XzK)^er?bws9Z*f)T*}0tO{3m)=Ss=r@Qics?Y~?_xWPjyTcM^Pbe%>1ur!EN0O-Yg{;-jDhNwvwW(V*X|4ds$w}<1x~~O)d*YaNOngX z!0Sf1WI-5Wr_t_K40E$?NQfrK-^NeDWyEtNCKkv$=?;0;BpLDh`N+2PYSG~{bt~or zn$GwGR&`aL4wB0g4T*HrunRG_qY26HT59VGFdrCgx?@TG$FoKwkw8a)!}(n819M(( z(TO@Bitr_>Rj!pqh{{y-aM_1Mbo;){M~qt2asH9cIrR_?HxVd%-N=7W>p~D`;kEv= zg)E;Arw*5Kh%>PzLbSzKoT9;_pxrvP3yePuj|hNe4amX3qd8&plabPp$ueaL(PcqE z^hPAuj!lJ1-1D`c{Gcn5oz+8?EiFohFq|tH4~Ob%0y#s)0r`qyxFUR8e`HG zP3Y#|hT2KgwYPBiRoZTbZK$VB`4B(2(_Sg-_8tq=SCU=Rq${%FBLCZx?d1740LbgX zf409{eBMz5YwE*4I0>Jed6gd6TOsS{*|-z6W}m871-E1Ix+NB0Qy)0y0u3Gm5`<#C zCFMAG66%{7<3PsC9F6qLDK)u{a^4611uI&Z&99F_>wp1{!(D1T6wN3$8BxC>nVsEF zWe;dLG=JiS>KSX8-XSP9^3IZDpC61(h){N7v=+`WJ8=s^>kCYM(Q1Q(<2EW&CMx5m zXZd-+ecaNjOw+|8=qz2ja*n=G$+(+r=<=~BGak#7OTwRU`Hl@OS-i*+O}>q zE=Qm|mr-pD3$!YKP3xw<2|T-cB-e7%l6)>ejII^zdvIk-x@=+a@7B#d_d_vJutI~dVBfTM}0Yviq;h9;PzLd!NxUP8Ffaj z$H+E)8Sgx$wU%Ul6O^}smJ488GA19Uf z=RC#?I<(mCvXa5(0P$g%)&WL`$UX;WWS}9#XyoCXFJ9kCH?{)5qkO3t^%bb#NKg(?+7_{KyTj}h zpX^TGE8^5UMOt3H23u>1SPRa*lxmEU7z7%DB+x(J{~yO-ay^UwO$zB`R#RAW%JU4!YJOqs)e&nIIFX3=a;O?gSgObRW6r`Pt|)X z8u%%xNUYT68zY-hdbi2~uWxE_7T=L*nggMT-KhM?*FZ+KgjM<(2N;zKBrr80R}PYa zSsF@qzz$t^@iaxHxQGOCo*-9?pvo`7n;I_pQfK5YiYb_2U&qAx=BM=df}kZ(z9fZm z&EvAo^nm9p!!WjA-YVp5OdjxP1PR;hXIU(T$<}mo(&U_0{Fxtl*!|w?*=zURFNhpjDR^jxcCxRw zbJRpH&2(C{BzNP7M|X~Gtzce7l-tr*Pn`$Q$NKr3RA^}?Tz9GR6l^2@6|ybz@dK&q z8irRGYz(?4fnEdM$qQ^_8Q%NsH3jLg6CuYF;#_f$eZ_c^vL;zqz^63h7Ovz?Cs~)% zWiPj5IGg@KNA}ps??;KtCEsZ9=WNl_@@Nm-HCkkozTv&a+^lTrtZd$AQfK(eXm?4W zP!|}NjAUrp-E%1SE0}U>Yrh$i1Tv$$akPstzfY?DoujPsMbnD&o`(Y(voeiBc!+3 zFUgEEs1$ckCgO$>&^GMH7S3&HO47w?7POY0DU{l@C)0+oxP;L|1wuOXEsv8fgL+!y zHxTbksu|Fl!j;hvVO;>4{GtubrOc|&X)d>DG{+B-mW`0hlQiinmh|)QqNGX*uce;< zrzyYtPz4sSZ+sMrx@*@?1f`dTB6rx!6E7&%sKD&j0oF5PQMd6Sedd?yFXm?Q@APXaL4Yhos!v;qSC zRN*&v8M$ag4Zou8gcxdDdKvRR~PO@xWR*+XHesKyqgq?Y|tG9>KXC3$F|07w@ zo8!>*jGMXE_vc?A4^YC~>Pr}-%La7pADVb+Wf-W|7m&?=5Wef}Ql%gNQg%mOg9ltY zSvq#*Uv%`@qx6q&>bP?8U&Ntf&3BIEHu;a~JfI-js$4Mt1F`bo3+{i?UH?ug7X{1& z12g?*I)7MIc*Z=0B)B^J9-emsf0_(%h0iwUzd2JhG9+dv%+pe%r-1bNFgDHPrzJSR`9_RBv_#1v2)H!fl#P|mbgkf9Z z|7e#VV-v**e#`pcB{t*@)!ol8&a1EPD|s-KxzpoZt{ zPU{K1*Xdt|_h|486+GtUQ~3Fty~68X4H-O!9Z&wPTjM|OU=(lkF*>Lue*MjYI1jjR zadNIHn)l%`@`2X2pMZU$mbC;ryn^@MG5YCw!cTb`zJkVw$~wZ|``3?)0|~2OAd*#~ z<_Qlakej#a@DTWm) zzq2F_3@;Cl&mId+TX(>V0_5xRA1~Y81!Twq?@N!%4jG1ikBZfd`af`T$Ya}3xv}_m z3?Z&{p*|ayEW~>r0-9Ho0RHTC4@ED)Txh%!rB?#PKIirL?s|L-2(`?4PDBESlhUj5 z1i0oyq17}XE&BGEdJ&DgKu~GeE6Mjj46dyQ?yl(};A}RdSGkG0T|JHiK-TR;`rh!1 zKzgoWI%S{OdB8fTcNsee99B?=otFWQm&^ZO{qe2#HXUqZ0e+fi>kzMrEiZ4>?R~s) zx+1QIalhFsq0XNaIMk?8`it8k6T3UmY4RX+I%l}pXJ{B%>oWapg z1}QJKpUT6toP@l4f|=M6VgNl{dap?=w=)0#LfekRxm$FP(4P=tpyMdUiG=!elJ>nSuh zM_h0FR%<9scHv$;J3o#&y$~)ft`#&@X){Hj2uwxf%{3o*@wI{)Fi%)set`CDUrMdq z{!MuaT^O9PrUs`JgB9!HrtK47ZhE?3?wt zwFP?UXkG}bWG$^_Gibf#(GG)2(RB1eF+Wj&D7Ka&8flFH zNc+`@(5URsu7Pe894o`JP96UBLh$d`wNiFX<~)nkXN@FZse?kyK7nru#|7Ni)+?zB zo~noKnr?3MpmEs#`Wo9hiaG06p&|spa7H0Z>5bSzh@8<{PT3b#)$!f?#h)q@XtkT} z3!lDpI85K#_OX-LwH-^tq>4`1Ju-uBR?Utie>nt)%-?+Hxx{qdlCWHumRviRN;(Yp zeN)H&`sx>Q)_N!`V((LUNA*#&1}lTbp84CVuJ4ihMQHL*Jcj*Xc`q_1hB|rA467X1 zc)sxMHQI}frU*D~;(~#~)`_z(PNe9WvD3WOmzdSUi9-cpUHNgD@r4=At4BFkVo-Qh zE8#MefL59}Ersc+yUkuIzbV{5RDgFrOrZBhrXV^*nC8N*B;4ek=$Ua7HF3+j{taqw zH^wAD_vY7k5v_`}<730YHYg=0EY41cm7>ar?QzE8Bbb{v+9z!x;epM@0RGRq07x{Z z&W7J|aH({tiFm8mOSD7pow($KmeNT5=+~fI) zlm3=*^p`NK|E=w27XDVh!a!@FWB~$Uf~sA{xW#On4Sgbn9VHX~x*htDMs)OEUkrZd zQav#ea3L& zC#)LPP#>;&$X&p&JpAi9(p^NqK+H0*9wBsAhbKCDCbaE!z zHXcXLAUZ@v0y;n`)n+i=+sgX>M{Oc7CXGe^e1)%Szpg*Kg%6%sg9#4?h}@zS)=)XI z(rSWEh`8{qIAl|4ywZ!szLK>vkC_9lGfstt{+ll#BuRrZ5u%H(Z)I~Afe=fdmAda2 z;4a;v%|$27qWWbMm=ZOoapTkcn`n4fWS!F3r*@eWOlLnLtxPhy02&LdQUmo|Ao46X zK`CigFR96mD!i8fxVJyA!*wbpyAQ^V$5x2}#-2j}B8{J9Kxn!Sqme0VqdB(y}Rz`gzgh z!eWrq)9S3~*$}dfs@7(N<7Sa#1MyOO1#@xjgha!!$c)hWDdyKpUxG~Od>b*Nh$5y+o5gdAfPU@tp`>r>0XOCpQl*xUn{$Sx3yA# z{9RB^PxgY)TxSut1k<#X_mY+-gZ^6Fjg5;?3Gu)s4k~5m#XK};$Vvc}Td51^ypX`t zVT-@dF8#l%CIke$v;UKS2&h8;|MlYtJST8OnFb;)D+TUw?)MfZ*2dLFzuf&Vy=@l< literal 0 HcmV?d00001 diff --git a/sdk/jdbc/azure-identity-providers-jdbc-postgresql/README.md b/sdk/jdbc/azure-identity-providers-jdbc-postgresql/README.md index ae018e399d228..8217487bfb742 100644 --- a/sdk/jdbc/azure-identity-providers-jdbc-postgresql/README.md +++ b/sdk/jdbc/azure-identity-providers-jdbc-postgresql/README.md @@ -1,44 +1,239 @@ +- [Azure identity JDBC PostgreSQL plugin library for Java](#azure-identity-jdbc-postgresql-plugin-library-for-java) + * [Getting started](#getting-started) + + [Prerequisites](#prerequisites) + + [Include the package](#include-the-package) + - [Include direct dependency](#include-direct-dependency) + + [Prepare the Azure Database for PostgreSQL](#prepare-the-azure-database-for-postgresql) + - [Prepare the working environment](#prepare-the-working-environment) + - [Create an Azure Database for PostgreSQL server](#create-an-azure-database-for-postgresql-server) + - [Configure a firewall rule for your PostgreSQL server](#configure-a-firewall-rule-for-your-postgresql-server) + - [Enable Azure AD-based authentication](#enable-azure-ad-based-authentication) + * [Key concepts](#key-concepts) + + [Azure AD authentication with PostgreSQL](#azure-ad-authentication-with-postgresql) + + [Architecture](#architecture) + * [Examples](#examples) + + [Authenticating with DefaultAzureCredential](#authenticating-with-defaultazurecredential) + + [Connect using managed identity](#connect-using-managed-identity) + + [Connect using service principal](#connect-using-service-principal) + + [Cloud Configuration](#cloud-configuration) + * [JDBC Parameters](#jdbc-parameters) + * [Troubleshooting](#troubleshooting) + * [Next steps](#next-steps) + * [Contributing](#contributing) + # Azure identity JDBC PostgreSQL plugin library for Java -This package contains the jdbc authentication plugin to authenticate with Azure AD for Azure hosted PostgreSQL services. +This package contains the jdbc authentication plugin to authenticate with Azure Active Directory (Azure AD) for Azure hosted PostgreSQL services. + +[Source code][source] | [API reference documentation][docs] | [Product documentation][product_docs] +| [Quickstart][quick_start_postgresql] ## Getting started ### Prerequisites -- An Azure account with an active subscription. [Create an account for free](https://azure.microsoft.com/free/?WT.mc_id=A261C142F). +- An Azure account with an active subscription. [Create an account for free](https://azure.microsoft.com/free/). - [Java Development Kit (JDK)][jdk] with version 8 or above. - [Apache Maven](https://maven.apache.org/download.cgi). +- Azure Database for PostgreSQL instance. + - Step-by-step guide for [creating a PostgreSQL instance using the Azure Portal](https://learn.microsoft.com/azure/postgresql/single-server/quickstart-create-server-database-portal) ### Include the package +The package is not part of the `azure-sdk-bom` now, so it can only be included via a direct dependency. + +#### Include direct dependency + [//]: # ({x-version-update-start;com.azure:azure-identity-providers-jdbc-postgresql;current}) + ```xml + com.azure azure-identity-providers-jdbc-postgresql - 1.0.0-beta.1 + 1.0.0-beta.1 + ``` + [//]: # ({x-version-update-end}) +### Prepare the Azure Database for PostgreSQL + +#### Prepare the working environment + +First, use the following command to set up some environment variables. + +```bash +export AZ_RESOURCE_GROUP=database-workshop +export AZ_DATABASE_NAME={YOUR_DATABASE_NAME} +export AZ_LOCATION={YOUR_AZURE_REGION} +export AZ_POSTGRESQL_AD_ADMIN_USERNAME=demo@tenant.com +export AZ_POSTGRESQL_AD_NON_ADMIN_USERNAME={YOUR_POSTGRESQL_AD_NON_ADMIN_USERNAME} +export AZ_LOCAL_IP_ADDRESS={YOUR_LOCAL_IP_ADDRESS} +``` + +Replace the placeholders with the following values, which are used throughout this article: + +- ${YOUR_DATABASE_NAME}: The name of your PostgreSQL server. It should be unique across Azure. +- ${YOUR_AZURE_REGION}: The Azure region you'll use. You can use eastus by default, but we recommend that you configure a + region closer to where you live. You can have the full list of available regions by entering az account + list-locations. +- ${YOUR_POSTGRESQL_AD_NON_ADMIN_USERNAME}: The username of your PostgreSQL database server. Make ensure the username is + a valid user in your Azure AD tenant. +- ${YOUR_LOCAL_IP_ADDRESS}: The IP address of your local computer, from which you'll run your Spring Boot application. + One convenient way to find it is to point your browser to [whatismyip.akamai.com][whatismyip.akamai.com]. + +#### Create an Azure Database for PostgreSQL server + +```Azure CLI +az postgres server create \ + --resource-group $AZ_RESOURCE_GROUP \ + --name $AZ_DATABASE_NAME \ + --location $AZ_LOCATION \ + --sku-name B_Gen5_1 \ + --storage-size 5120 \ + --output tsv +``` + +#### Configure a firewall rule for your PostgreSQL server + +If you are going to connect to the PostgreSQL server from local machine, you need to create a firewall rule to enable +it. + +```Azure CLI +az postgres server firewall-rule create \ + --resource-group $AZ_RESOURCE_GROUP \ + --name $AZ_DATABASE_NAME-database-allow-local-ip \ + --server $AZ_DATABASE_NAME \ + --start-ip-address $AZ_LOCAL_IP_ADDRESS \ + --end-ip-address $AZ_LOCAL_IP_ADDRESS \ + --output tsv +``` + +#### Enable Azure AD-based authentication + +To use Azure Active Directory access with Azure Database for PostgreSQL, you should set the Azure AD admin user first. +Only an Azure AD Admin user can create/enable users for Azure AD-based authentication. + +```Azure CLI +az postgres server ad-admin create \ + --resource-group $AZ_RESOURCE_GROUP \ + --server-name $AZ_DATABASE_NAME \ + --display-name $AZ_POSTGRESQL_AD_ADMIN_USERNAME \ + --object-id `(az ad signed-in-user show --query id -o tsv)` +``` + ## Key concepts +### Azure AD authentication with PostgreSQL + +Microsoft Azure Active Directory (Azure AD) authentication is a mechanism of connecting to Azure Database for PostgreSQL +using identities defined in Azure AD. With Azure AD authentication, you can manage database user identities and other +Microsoft services in a central location, which simplifies permission management. + +The following high-level diagram summarizes how authentication works using Azure AD authentication with Azure Database +for PostgreSQL. The arrows indicate communication pathways. + +![postgresql-architecture.png](img/postgresql-architecture.png) + +To learn more about using Azure AD with PostgreSQL, see Use (Use Azure Active Directory for authenticating with +PostgreSQL)[Use Azure Active Directory for authenticating with PostgreSQL] + +### Architecture + This picture shows how the jdbc authentication plugin for PostgreSQl authenticating with MSI. ![postgresql_design.png](img/postgresql_design.png) ## Examples -For documentation on how to use this package, please refer to [Quickstart:Use Java and JDBC with Azure Database for PostgreSQL](https://aka.ms/quickstart-jdbc-postgresql). + +### Authenticating with DefaultAzureCredential + +```java +Properties properties=new Properties(); +properties.put("sslmode","require"); +properties.put("authenticationPluginClassName","com.azure.identity.providers.postgresql.AzureIdentityPostgresqlAuthenticationPlugin"); +properties.put("user","${YOUR_POSTGRESQL_USERNAME}@${AZ_DATABASE_NAME}"); +String url="${YOUR_JDBC_URL}"; +Connection connection=DriverManager.getConnection(url,properties); +``` + +### Connect using managed identity + +```java +Properties properties=new Properties(); +properties.put("sslmode","require"); +properties.put("authenticationPluginClassName","com.azure.identity.providers.postgresql.AzureIdentityPostgresqlAuthenticationPlugin"); +properties.put("azure.managedIdentityEnabled","true"); +properties.put("user","${YOUR_POSTGRESQL_USERNAME}@${AZ_DATABASE_NAME}"); +String url="${YOUR_JDBC_URL}"; +Connection connection=DriverManager.getConnection(url,properties); +``` + +### Connect using service principal + +```java +Properties properties=new Properties(); +properties.put("sslmode","require"); +properties.put("authenticationPluginClassName","com.azure.identity.providers.postgresql.AzureIdentityPostgresqlAuthenticationPlugin"); +properties.put("azure.clientId","${YOUR_CLIENT_ID}"); +properties.put("azure.clientSecret","${YOUR_CLIENT_SECRET}"); +properties.put("azure.tenantId","${YOUR_TENANT_ID}"); +properties.put("user","${YOUR_POSTGRESQL_USERNAME}@${AZ_DATABASE_NAME}"); +String url="${YOUR_JDBC_URL}"; + +Connection connection=DriverManager.getConnection(url,properties); +``` + +### Cloud Configuration + +Credentials default to authenticating to the Azure Active Directory endpoint for Azure Public Cloud. To access resources +in other clouds, such as Azure Government or a private cloud, configure credentials with the `azure.authorityHost` +argument. [AzureAuthorityHosts](https://docs.microsoft.com/java/api/com.azure.identity.azureauthorityhosts?view=azure-java-stable) +defines authorities for well-known clouds: + +```java +Properties properties=new Properties(); +properties.put("sslmode","require"); +properties.put("authenticationPluginClassName","com.azure.identity.providers.postgresql.AzureIdentityPostgresqlAuthenticationPlugin"); +properties.put("azure.managedIdentityEnabled","true"); +properties.put("user","${YOUR_POSTGRESQL_USERNAME}@${AZ_DATABASE_NAME}"); +properties.put("azure.authorityHost",AzureAuthorityHosts.AZURE_GOVERNMENT); +String url="${YOUR_JDBC_URL}"; + +Connection connection=DriverManager.getConnection(url,properties); +``` + +## JDBC Parameters + +|Parameter Key | Description| +|---|---| +|azure.clientId|Client ID to use when performing service principal authentication with Azure.| +|azure.clientSecret|Client secret to use when performing service principal authentication with Azure.| +|azure.clientCertificatePath|Path of a PEM/PFX certificate file to use when performing service principal authentication with Azure.| +|azure.clientCertificatePassword|Password of the certificate file.| +|azure.username|Username to use when performing username/password authentication with Azure.| +|azure.password|Password to use when performing username/password authentication with Azure.| +|azure.managedIdentityEnabled|Whether to enable managed identity to authenticate with Azure.| +|azure.authorityHost|The well known authority hosts for the Azure Public Cloud and sovereign clouds.| +|azure.tenantId|Tenant ID for Azure resources.| +|azure.claims|Claims for Azure resources.| +|azure.scopes|Scopes for Azure resources.| +|azure.accessTokenTimeoutInSeconds|Max time to get an access token.| +|azure.tokenCredentialProviderClassName|The canonical class name of a class that implements 'TokenCredentialProvider'.| +|azure.tokenCredentialBeanName|The given bean name of a TokenCredential bean in the Spring context.| ## Troubleshooting + If you encounter any bugs, please file issues via [Issues](https://github.com/Azure/azure-sdk-for-java/issues). ## Next steps ## Contributing -For details on contributing to this repository, see the [contributing guide](https://github.com/Azure/azure-sdk-for-java/blob/main/CONTRIBUTING.md). +For details on contributing to this repository, see +the [contributing guide](https://github.com/Azure/azure-sdk-for-java/blob/main/CONTRIBUTING.md). 1. Fork it 1. Create your feature branch (`git checkout -b my-new-feature`) @@ -46,7 +241,14 @@ For details on contributing to this repository, see the [contributing guide](htt 1. Push to the branch (`git push origin my-new-feature`) 1. Create new Pull Request - -[jdk]: https://docs.microsoft.com/java/azure/jdk/ +[jdk]: https://docs.microsoft.com/java/azure/jdk/ +[azure-identity-providers-jdbc-mysql]: https://github.com/Azure/azure-sdk-for-java/tree/main/sdk/jdbc/azure-identity-providers-jdbc-mysql +[azure-identity-providers-core]: https://github.com/Azure/azure-sdk-for-java/tree/main/sdk/jdbc/azure-identity-providers-core +[source]: https://github.com/Azure/azure-sdk-for-java/tree/main/sdk/jdbc/azure-identity-providers-jdbc-postgresql +[docs]: https://azure.github.io/azure-sdk-for-java/ +[product_docs]: https://docs.microsoft.com/azure/postgresql/single-server/overview +[quick_start_postgresql]: https://aka.ms/passwordless/quickstart/postgresql +[Use Azure Active Directory for authenticating with PostgreSQL]:https://docs.microsoft.com/azure/postgresql/single-server/concepts-azure-ad-authentication +[whatismyip.akamai.com]: https://whatismyip.akamai.com/ diff --git a/sdk/jdbc/azure-identity-providers-jdbc-postgresql/img/postgresql-architecture.png b/sdk/jdbc/azure-identity-providers-jdbc-postgresql/img/postgresql-architecture.png new file mode 100644 index 0000000000000000000000000000000000000000..9fee2b9e345fdf4ea892a9d4235f184be7842055 GIT binary patch literal 45329 zcmeFYXJ1oW^FQnn6{U)xbdVy5(nGI`5RfXp*U%v#y#`dIX#yg>OYb0ET2R46TIe-E zga83Tkq)8V@m%Lz*Y73V5B^W~XYHMpHM3^Td}sE|?ARCDs+43*WLK_Sp?t2Utas%K z3F^v~zbbCtAU>g~N2Oi4^6JWS<);RLRvX!*fpp`Oh}7G6ZeHVL_<^Rdx|Cf5ObZ61E-~!my-ijzqDp1JPB~_Kbh!(8@%x5fBavfJ1FVVYJTH`GC zRTuO9;h3)Vk5w5}h<*V}9KjVhDZ9?h><}%%%T((A+VvyhsO0yao}VF6oTet$Kx&IzA6m0IuF zddfDlz7gUe&v(ieH+=*5efsESwYT)TmtZzVAj{1OQ|T@?q#N&ccd@j_RqUrOrW<7G zlewO=1fhlem_Bk1s#I{8ob(xc-5Mvu9}Rbn*c5v?RuB&gmvAP9ll#lh#BRT%j4Mbl zU_-`Y8@~k%%^f|GS@&WqU_Fo;Jg!E6@>~p_I{2df#Y$oe9*y7F$oxVoeVWq=pPtv< zh6@1$`!<64Lz>{xguMc??XmTn7*Ho;khH!5qxzcWb2fZpdP&a-k){r z{nj6zI0;f=;WIXhsLmee=sizwvm=#I(w)<(YGhF9YUxpcwI<%PuHJJ|#%lG{&dln^ zoMbj6{)5jA>$na!yari|=UacL2K>1n(ATC-p^-VyGIxerxsA=5KO8Y#9e}yHsW{>f zX+U;*HR0zF(-&Oe$+qzOGvS4s!AI1}Xeso;1r*?s7Xg0F3b zpy08f=Xm()Mdn7k5HRG7*{Mx|sBA8C^yiGY{aNDGsZEgUNaYB#R6j@m_x2&ymA^`x z|Ll1C@AD48_#6%R#}OI`#C2mj2e;t3t<3*iPV>=HC4Sbvms;9`kYNdwKZK|sM;QD6 z99;b$yGfaW&_D+Nuspa7UnR=$z~x-)Fu)q>KXwX0IkgG3Uh-JS{H;6FlC=U%P9Hgj zhH+oWZ~g1C?OyW=8n^v>&rSa3CZw?K!+){-UOcm(7yX@oU3~YVR=jxp6^^y5E;DHs z5&ul9lkp64&U$_$=E!7??4MBJ<9Ir**3pQU+tQ}@L~=Ir-^bU#b=#nfcWAt|e_49` z+*4#u3-X9C*2MGtGr?QswOC}!mJ(^8i}d^+zZFO0YaQo*ovVe&*K70v^fIL@wR$aJ z>{*I#lFwiN@YbT~yjaVl#>4%|7eJU>eKj0bkO-V(J)ndYGYN=gY!6idH(|R$mA=1! z01u#brWG#H*$!f3tB(ra0TW?BCPQH+r~NeDpzU2Xdew$gz5-cT2J`hG{6DmpEKF?a zaDv=Rp|A2f=0GYLxguuxbH&~lqzER~os?%K@+rd#4!-rew+aM+;f$2K-05?}KvH=l zv9=^#(gIJIf<*AQRmu29dFA#HW{CZMO)~{yrZietoBE%l$YTD@9?E+6xukHD)?B33 zIupdhcNV1bhBt^`A1XTbx)&%fZ-k4u7)-SHPz|h%*~8BdcF8|S1ieAdOhf}6pfb#x z;)GF9`qltYl2IHmwVsO}Q2LUp{KS-t@>?)gu0PQ}3(0)GUJI3g`ap-{=a)V9O!#Jk zhjG+Uv!KeIn`-C_R2zRjO8VcR@S}u}+{9-crIG77O<$*4`CRuuAw^4Mp*&1l zk~3=p=8gv4%?-%Wp4G>mb9+F;j%C{%ZY*@CzsU>1;MnYS(X+~4aBtq>D+ya)DLa5L zzsjsL5_VrXPh?N>AE6aq52ZRMc`g}qr*m0w-((HlCjb1#U0v%!BXq8-*Yn?YfZ4ot~HrI|*>1x6pwrY*=W%m4nUAu7;=sx1!R4 zOVhU~_AA)>q%e!mMO)HXPZi_E!=_!bXytog0M0q#%}YQz@s}kvE@c1Q!+NLne|2B! zDi!B)?boIh3W2YdEv0ed~3Aagzr|M%3TG|Ba@nU8Ey?fL5yzgyur!M zVY$O|z&?4Sb@AT$y{tJY5XL&V(m^t?@)p7-EqvF64=s%P*R}+0LIFe*S!(}AF)3WG zmH?D#U{;RP4IcvuL|mTI^6Zx{)$$xDiOmSA?jNgcw=yVNq8`qJU_n6cw%5GUf$U;U zk$xgr3CF4V=BTsIA6YiwTD z=2S(ox&4wyh)+ta<7@i`9e+fbA`Wdo+J=z_E2@T6PB&!VmuF6JU?6;Bd(7Hi91Y6+ z2cy*_d9F-WBI1p z&hg?;MgKSZHx!w1KmETD8TPgNXJ|a&xnvQ{tmWTDxXE|pqKT9lKeZv%jqm@5*AJB_ z-vXX3C8d$8+g@P2jWT=bP{Z_ZRaP7vygOod4;QFJi zmN^Kf@4lP-#I>Hc7NHW{2yp05jmPdrY~Z{6QvRaUi>*g1Y|SVLrj3P$3AeZKQ4-}7 zE>rKZP{UbItw*QgARr*aA?mc94%<4ly0H+F^*rjK+Zf6+&FXi-?up_ZdypOd-z!yx z^ZYF4vNUSj4oT%w!iFkX>>`2=b2^O&6(4zz&I9OFbWPRwXklLS0X#3LYft{1cQ8YC z0B@mJ@xw20>9aC#&eNtk%;vC(#l6nPK$p=4<9Ac z*RKzOVJAb8R@1MUSW1p61_G;$J0VSN)7`MNgIlxy8j*- z@Wdk0Ey(U`am*4o;he?yuD3kjOB>ab$h#cP9`=EjSNlsvoy>n1!o>lX|2~X=r#1y% zo*xxyqzdX4YclegHIybjGE~nHcjLiN*61|N9&VzSJC5cPNl2-FhF_kiR&FWztn@RQ z);q%Xx8}?}I?w$B4o;M?n!0q!&&fV}A>68hiE7*Oa7ap@F4<58%fGvWWY_rd?(X%> zpP7<1W2L&!yqA9F<&xjyf5JyuSJo z;G`Y<{=JWoH~i0fDh?m7x@TDf*71L&*~|Rn%m0xFCkO#e`1I+1nN>$?=)t(L_wQd% zPl&V+021gr2MuWmp+V5R-cd`yyw$hN?J<1{Cj8PeL(C=rl!}TfMLS!jgs;sM#pBTuoz#o- z(>_x6(E9)nc-hXRb$CyuX}xbJC9_15`*ht2bdSif0J;gB=rUT| zv-sova=hZj%PI)!f1*J$i@*GXCFgQP>nB%G6KJ9!Vq z$mB#cCr!OqFdvTsmVaTU@BgUkJ*|PLwQinIzkk2v(<_WIs4_F$YTwhgypdq3dDEy! z{jQ}WDoc8IR7bIlk4+);3zMVfOrs}8L42;!bzF}Nc3>N}N$1J1955fGdblyowTBy= ztW%04>mdr(vZ_uh^!RggwN`?=WWz{r!~Bw5~A2pzvi^ z(p9t+mps$3qb8^0;8&QhtGRH`!w8$twplc<5$>}RX)i0m=q9r*?MZ}8oB!s=p`jNr zwRje3Js^}J4_i_@aOZ*gPbecGbd&7Le`SFa1m68WDA76s+netQDGEC$++k$o^Ms!i z3)zwDzYmb*T7+tOPJMpbmrdiufCC}p){dQ%1k4)LjH)flf>+X=_Qj1%sH0}%q%a}d z9dHQOySaQ7a?9{u?96R&ZS28^h1xQC>b!}U%ea20YQ-8=natPFixZ%(~ zn=?_)UbS(nHvg)c*_G~CTGs~lz+Zpe<+*{Mt}pQ@F>7>nMTrzMfz7|X%meo5WXmki z_qY5H(pLU>iBfyIZ9&by0olROat*;a8;q~Y5Tvx7z*}_$uTe}KPAvmrOg)~R=f!=C ze)9RrQu!SKXPN3SFt$ z9KO{rb(^D)}F?D?5A^q)SmxA;jNzAYWfTd|2?x| zDeFL+tV}T%P8u2-Z=%m@s}Q>TkH(3imh|qo>Bh7Pcl-G*5?4o}KsyKHUt<9G{MoV6fxJea1n zT>7Rn^HV@bGSN`cSKZ%oWACbb$k}(x8uAAX(;l6tGmA{0h{=MVKJyo`3id+HhfjD- z&-@!^&pjF{686?O@Xy?_)uGF3*E9?z4;2m3X2*>`g0^G z*XNg__>-;H`dfYI)6TU!63>FGsAKyjaa6c%B?~uq#UJ9*i*vZA8-U+9Qgl}RrDAg1 zmJ<2-b%@7zr&EXHzTBSU_#x2@tRc!m6X$#LpE;MGN9;b`-#Q=!DD_h>)e(dxMy-bI~fvlU8 zPna`%-)O@i!WoI#4Ws8h~=!@isP@m?ATT8UQkj>3)mqkD}j z-zK?CYq#=;@z1T$f3H0X+Ldm(Xt|UPh&URx7Inv~PF!dtedM#g_?QQ=cK-HD>)5_V zj1^!>mQ=%SJn8bV%lcI5^i{|-lnhZkJmmF!lDoO+bIet}LNhHFg$15;dkV+dh+9gmWa;N!o|C?$)G0LE2;5eP z93X%4-kSSSQ_0)A{H1-7Z6#{+vBF3%J8hkjH}I!^`4N7E!cxEc%>bRq`b zAiJfDKLN+0SpofQGppzxvLc7E9ZsE#wTR+)J1;?&doeEVx;dgwY*J5|LR$ZUL3Q!wVD z-#vLTVz{@~qRL9>p~d(mAuQh&t+F>MDMb`n5zSz19#yxXR;d|UTAd=P^-xeK`&KAM zp1x>Os`JRI=y#*4j78g)+6H+h)dS@=Jb?Dr2QS3qG70buH?xHMkg1&xn@T2A*GIk|w(!Z?u_N z2r-^sRKH3mV#~t(UBs(ykp{rl|?y{}hX|c{YyVS_K zzGKL18ROJ8qSK9L82A3;|5DFGvUVa^%5svKmvsCiwqz^bWdPAHzrN)Z-PG}4qH)RJ zO0o-)mvxwEhDtslOk);9{Y!K=pJs(E##aRdH(HeRlCs}n&5{&AsOvbnoO z5{yWLNkBB#CCm=^9@LznwFbzbCo=W%2c0Hmv#5hvS@Op?IEOcAYwy1!hSV|Si!?iMdB%5kb!W6dmatfx;hA>f_87vB^v zFJ>tA06{_WFspk|io~}07$cHxS)(j^A-QDK-<2Q$}3Xrw>v zW6=TNTs8-dSW~QzEkL&h*%$HTfj9TRI#nft(eowdTMFy#R;@V!($=yYgY$bUEQ`Ok zoGwt!it@j8-N5y8VfHNiflaXi=pL9)Pw&F+FDLNwp>bwk+JnX-BXT_H&HSM`gmIGb z#Tw61`=mP8q>9E$!Vgbi=4O_;?A0-y=^Y=?;G3WclNOwFy2EFVA7k2sFcs3{zrIK%}`)@xBfOFJlIw+hI4Fgj(Oo;~R6Nel2NG*#he zCTBz9_UjKd@SzS3){7=?mVg(hrnT#S4vQtH4l7%VONj08#0tFFkk5;JE827q1#F1X z#J)a%CKq?feqbO>^JFEBX_=U{GVhGn%ms`2=HK;GV8^x(5)=rV6$t0X&)jKV# zFOPB*j}ABBwgQ>^ke$YFAqo&QCK?h_^IEcFzExsNqS)XS3^2dIvh?SD{zLKa3}OUk zU+jgT-c=ctOjJTpEZ@BKk-+-?IqI_wpSipe+sUl@WK=DipN>G;WM0gem?Fvz$Xlk~ zbyak)>_(kk0I5sLZNB7nTx#1uykDBEd&pFkc%hLm&6<4CN8r~xh@{l@0rK7~KbXUD zws@iQ+Uy8ONd=@X%d9_S#nqwGw=_}8)4#o&y*a|7b9&soInGb&K>hKMM15^Qv_^!* zjmlr!v3;mGvp=jN{alrfD%o!Ndr{wS@7?Zds=D=X*2e6INP;l47HxG(5Oap}x_cu} zWFemN?$SJ1phzkEW-J`h09FkV*Nkzdg15A?P5SNSFGY^tstfkyWo#@=NvdJwIC;O6 zB(q80SBPBa1!OkOA{dK*&x5N%9q~PLtVOuOUNhtFETOdZlKw-|jO7Y(0q!o(8or9K z)%zWumE6SWrk7H~t3n>O|G7rlj!I_KtktuE%tHm={@;fZ zcNAN*=pJX9SBruX2ic8HweA<v|vnxo1D8v6)Hb}Md~tbMvAn$XmPnPm}_#r zi^@1(NuZicPKa)59>3W8&OT@Vn{#wx<+}a%2tP40vx$a0mu9uH$=Xtb(oAa)NNr2a z;OvQ+hRcMwUVeYAd_#wyC2yS3;|TP0ahG(Cgmo(#-ZV zaKaNOaYO)oeq?_qzlR`9=TJQ-E}0*XaLFyTC7cBM% zn{HM`-bafG5Zx50#%)|soAvOFrZ848sr!wF?H815?e_gLufTWRKWYqEPbU!(4Gc?a zYI!m&?BYDbXixAf!S}f)&4IJ}#^LH#3Zs^t#?G{;0LoFeu?4d{9j*>`hC4D z0e(b$Z95pZy|+d5)IU$RJB4U@G(U_KX=qH>IXEDojBtmmYAK?q=AT;nNmD9Q63G9hVP~y6wIVmY*EVi?8Yx;Nm#Wntr(&VW4 zViid}8>nv#_k)To(u&PY`xC14%Do!)L!GO9EqCA2mD4@&JEcrz4&Zi`hZ=s{HGGh- z%vUxd^6gzzFf7|#8*3q5T%m~$ve5da2^uNhydcJfRi%E$$&YwP1J0}Q{l^PQ$~qZb zDvy9JWbQfNRSNacCX9z8s;wU5Q*3v1+uv44m)f?hQjG*G8=ZesJWJlx6EALiOV1}L z{oPyRwRdvi^s0+vW{ICAS_;=6keqQ$=4k2OX@I>q;yLhGfs2$@(RmcD2RG!s_1Hjp zG=#>*9kA)x_nQGLf{j)zx?DFd^2Mgi#C@*V&D@&<1`A*cad-O$X7*AkBu@D-bsb9p zu;4vI4KppvQX2o}^dEjKghk$!P~+4WHD0iXx@JsNj6#V6Ey&$T#nWm7S9-Tz4Rz(7 z5xttrn~Xb%R0S+xqe!PnJ^Gr9uyeycgrHJ3>h!rd_$VwiaRPlxgl#o_#r+@g2UE81 zKHOt79TiPtU70JG1XZtDLvn+4%l+3KQD6~1lcx5u4*wWv(2=aTv1@OCr&oadqXa)@ z4d?mLk8MwE%f{gEJ(wZ#!MzrI7PT4neF@Ll$$ou%-k*Q!P%cvZMM8iVC4#OhMb2In z%NEXUwC&F{WkRA`*h-29VB`aSu6*+Bro6X~Q|t;q`NKQx2M9hDbH~u7nwz%i?nUiRzc^9)iqpyQJ+6Ns0^3~nfw`Q zy-va4;h_F@CFxc!tCSE{Zn>gsg+Q4a^HXo8lPs@hUU)84NIQ4{uSm#tlXHJVCyHdU zs{AsxA^qYs=1{+W8=s5j`Qa)lJb4n_vT%99>yX(n;xpyC&M9v^fY45jMDlaNf(vtv zH@#tp;8_3ya-1k8e0~Mf75aCyrVfPfB=ZaV(JCr(S9w_6zl-)y5e$&yzjY*E);Hc6 z235G`#U8IuOzOV1zgfs<@h6d!?vj-d$0Avtb@91+yfsD>(w;*nNK>q{ZBt5&@f2rh z5lM+G(h>W>YYu&mDo<)>Kg*W8t-rj;p9q%p1eZsVM9KO)oA%se;f6uW-iVYBw|^GY z?_x;)b=xf@J34jzrzyu=%?UPLw(Z(=Q=Qwk`Ru2~;CKG$?_p7MF6URiN)7VDJ!@!W z)7pCCCl0hy8V+AnLOW`jiseG&rnyT*EKNv}mT>%k_HiILV@V{m9GL zWl*5sPFc3Tn@yf4@>VOJ9{JQ_yUI&15~)VtuS(6_mCc7L$i2$zP3DbG5(VF)YUI3c ziA*MjiOw7ecXv&262|^udN#37Fb2STgI^&SSV}pJ%sIqoiDF_eAID+*p+B(vbvI1# z@xsdS3u-{>W4UNwX5*&?`&}OIKUR>L^W0s#C{@Kgv=X$~3M(mUCs+r73N_LpH=h3p zzV0h)a*rDLnPMg~`i>OOzN(!4E%8Ze#GVM~MK*#Flc*aoIYM`ECwbSov+JZDKth&E zF$%`cG_#xN#W&h*-h_OK<5mlt>o(n(rG(7~|a=H`Lm zb*OQNGvZIZB9)kQUn3?aFW9m9J3+_47tFRLP>L7F1%C=Nc6N44V`chgmz&L)^|ox< zJ9q4fr4>Ys zF)uYpc%GwRjD>oAuPW)EWZy4h5(DrYKZj*4@@L}4R3(w(Hf%VK4^I!>1%`RHc)pbVWCqqlCnCtX#q(9Dq^n zzY_#$-BBuKHwKE7JEB^_3`<~!qxbkSYU->NMn~sgQO%km z!^JE{W22S&(+swS$wXwY9~`sIWC*C}v@D-U!cTMvl559MnCz9Gn7>flr4w{j*&jIg zMiQ4pUG@CloF6mJRtS<0B%?8wd-2e$s(8W=?w2mE`77mgT)2P&cfYOWa4O)n=<{+IoDyYsjW#@B&#a}mRh^rG zrLUuJ1lqiIuqCV2Ja{{A)ah;y+e6l^R!F*|A0&+9*Q62Bw|dzsCuz&3iMbk!__Cc3 z%)Ta9nxe&aR_ay^lfBf^!Gb7633u=%|(CO1X`5K(8b>Qu{*mn<2fu|w_mt5XvXY=13$S(E< z5+KXu)#b>?hDVSZg8W{c2RZdCp78941(*wjML~IMmN@_Y)C=~b6q=fFzC;Dt`{URU zb86}GiIHuZChL+T8zv`j(+>l*uM8slMNu(hRRG5>?U0Tz+a#vQ-Nq^ro*htcpZYfU z3!QU@g2ZR?hgu;)zpxVCekyosN$8ZNXQP-RL6*>;I4TvurYF&plvcNnkm?Hk#y{?2 zY=Dq|p_)Q``^@l#jrpPX1s>=y)868`$rY{W9Fy@~>I<5hLyI}l$u?7DGIjhAlqJUyZ}*&l-oYNMdeIP zJShVAswYINPLoDrFq<_EL)h21LfutEOnKGb*;{bhkcx*ig&#Y1M)S*Gn@g*Zn zTRWsK2bk=W22w3#09ngY3KXELXG%XYZTcx9)%Mto@xfpG<3s0-cog+ix$>^Ri|!c^ z5}RzmIIuVG9ncpZ)hH>7K)8F|kz3Dx@;u>Yz_HIolPc$#6Zze)P_wo|`D<|WG#F%OJruwu_$x17p->q4SC@PM2-K5J zuNYTXmZ!r0y>TeaeSK%>lU1}`tH6fmS%hCh4VT;1+?}u8PFcnhLtzvo#6kr>Ngf65 zM=k5|7h6F!k%xR15s~H@>m-@d#jGZR0rM<%`vprhzQm+>K)dZh!SAy?Z)Al)=;^DI zoYs7JSgxKpD%L1iiW6Jg*7F&DSlB$(gV0kg`tdb9~te|d|I!C9UI}PTd?t5U*h}DeeJBvSxJTY+BHwh?M z>~|Z-h=F(zG@%K$M?_`8)1&Q4uaOvj+2-LA9d_75kR^XSSbp~>mupU~g`Hi#AGHYH zmT?1@Y8{r4B4F-ndS5!s@hDu1*!B=y=B#hmzg7~bd3-cMg6Xa7aJu~K-A|tUTnF=} z$-POtS^ji5z7V+kyG0xGO>}1zLg+e1Wb@j$pIjd69Q9FdZ|GW*AzFY(VOI62TFo>edwMV>4l~MU`n8tybJU#OF&nlajUm*c zibJ&egCyr9n^8v;SrNQAyxD8BESW3?r2E`WI_x{poD95cRKo|kI`wZ>`>jx zqUD(C1%?b*c3!T=n5QEJu2b|!+C$|T-5ZI}^b(qcZYKsBhU*O-Yo&a8pM0fbbEH&Z zq!iBDpxd&j7BtItrwpGF+%CbDtZlAMi7N!P7wIFqSTs1+{*|J!b4@!veBYXt+M@OO z<2ma&H&T2f^Z9&$UX_Lpe!EP>JWzNDlf@pwBG>PO<-jh_7z+J7ras~ZtZ8GjIt@%? zbLyV73PIFmP@SskOk6PVqRiJAtXXR1q;jf?0mEd_VhO3(0hPc>gp= zs$=4>vxPizwi^dlaMMmepxWzYn<$zp57AxVT#7=s2!?%AXC>G+x3Pvb-;`>cmar;w z9Jk0e23dP_o>MG7ukaPo60a-%r)c&Ex&y(Z4ZO_G@5)@FL_P|P-SlTQej0vEFThw_ z_W6(+5<dV&~(w$v2Q z9(n^{IZa!j^u<-H2jYa2F&z;qtc3|zjwC}wz%R2SJ5W2OJt zv`>{@-^DIB_y6m z3|CzwuJF8iw#1}6Sx!m5S_jc$%s+3;uiB|~=8gLc5P-RS%A9`u0-R2;hk!A}8UXOu*Jekxk)Jnn>^U+Es=AorSzxBfDOd zp5a9;B8%WcXP3vW?Z=xde40GfxAfwP9|oMg7xUlOD7-Hj+Z@MUHWfG&vG1d7r5n}L z{jzFf^HVm-iotkK!;AP;X-)CoQBc;-SI4ijt}$`Ft=2Mb8FIZE22_%h9cBHN7?aT^ z4Wr%)UFWQAI?#5!85Z9L6RN?dRHqn^o*Rc^o<9ny(SN^Xj6YGR@KRta!Dj15Z!a#X zuCMLP9-BY}x}GubLyn|7hU#E@9FP8 z=E+ND95Iu-7O#DVXTehdpp4D*LRK396czy+oo-A(QG(nfz<2pgUW`_Ep6zN(!y#?! z#CDV+u+3G`Lf5Vs#p7QQ@B?8KA&S{!XzceB?~UBKV5&LXf!=UE5@dgnz`QhZE;}lQ zin((LK$O@p;ys_SgLphoEDJZG=Hl7(w5*iVguIK@=I|s?whScNb)O9H+j8(!{L^UX zrQy5m0#RGG?@*ukE|syLBWd_{#FeJ1Dq&Qy|9Euk7;M7;|8&bM)NTR zrxlGjGK57<3*ike#w>28)~rX6Ga!e4-xMGH!bbExe6<1cVGpusK=^J7Yg4g?&mPD*lGzVn&73 zqpxdJ`l%<4sL8U$ECATFKT*3Gy`H}4);UxkkGnN<$wZxL52ubEI5bPcbe?dB?SMqL z3gij5DIt|Vj!la(?HuR1L8k0bn-H~aWWe>KtD%Ap{bysIcN)(x2#Myz+=Ea^<*kpm zT8`~gi1}@=_UapJmBP}(R-2?LDW%1c5SMAmDv#2Yzxq7o?+RH0lgAm0b)#>JQ``;n zt(@J&NOAS94N7&XnSwrG#YUXBsU_)T{qE_M=|&x{NogCO4p+OC7!Etw^qMi(qgy?n ziyuCWIAQk+p|re5$Byndy|Fs~5cFFyAXnUKcM|JL(iul;u^@`3Jdc&?wi6Eg& zw~?PASyMdKjQK~xLsRU%B2jG)+jmAL_8pXwx;K2{d>j?ezI_SZAoXLIjOQnHSL{GA z@@)s&ymGL~60yQ4G;g`Z?;mMLXp{sB&`m^g2rg*>kiV~mQt#M&QhxBbo`m{J&P7>) z!p&W`td7&%R!%-cX2^}xjOM(A6kBuZ@ac)k8o`vTvYC}Z|Dh0!5t(&J1NIjsauI|1 zzz}|8k^!5Mjh`x;!N>jRhV%Kn5xN_DcGQTzedB7gSJ*lq9;uk$>Cv0~n3vchWr&5A zic$Cz!A#4#U+`!yAlI{{E1KH;d}v>hAEZ%WMDzmUMx7UgisEq3*)PM*Y*0Xd;9RR8 z#NqWqXZ$Q~Pj56!zGNaxqg;Z*3~P(68k?P6Am-@#5K|7Y{)|1gfJrW+^0Jd}P_P|^ z0F+~0*wK48j*Ae%M&s0pm_9QBD)+c#)l&3RYm!c=TpNxfGdnuEuQ4A&CAQVY4oRev zM(1XDA^eF!R-byZ#DQdnKj)(vT&>m}(~<-s%V}+$D3oKCt<3FnW%XKztM%qlu8W@j3DJrmiZB)e_RCu&WLeltTL~<5kD&ebusuVTR(2tDy*qcVt?{TIDc8n zx{(FJh=!@Jf(K&4hTiRV1+HJPoR3JyvWbfBLk1k%CXNZ6_8Dt9hA!(bp@tYg#=Q$c z)~!!vGeCW~^p>pk>SdyWqJ1^qX(9~zfhJ+t04$gEv~XHGd@`h@xP<Y@Q)iecShkG1Tf*Ta1+A!AvIc?{7 ze|58BxT7jCF2k*_n7}o8+hyzk3daRrwUy(%d6>>#gFO zG=rwa9SrZ^`xiQ7*&5jBF(d97*JIk<3V{hb89Y!wAU6Z>ULV&cBaPFk$$jN73F{ur zs;lk@#spJkb<+OEd@^CfKwhB{=p3RY!G$)i6aD2~@Rn`HJ$ILK+D_Y#T6%{sSo10xyXh1&_CWr%|CWXo! z8Hrg!Dyomsif#pnyM1Z}Z85*bn}Qy?}#$7vw~9Sgw`#B}1b z@87?V-S2wEE*Cgdk{fe0Y|=J^M~tJ#hk{u!rX_r@%9$cU zx-QQ@A+G7ZfYz!=kMLKqkEXb!t;9$n=T2gZJvkRm$=7m^=Yx?_XapmTa&{xyO>-}` zN!0Lmp3=HNzGYLjW$h35%Vs*{O9`wT(wDtWK89%#dGUL)Q#gE^KVrtdn;Z64YdWak z384o-rFGv*e3mEF)$eCnr^Gcy^z`|CMZzeA*!?+^fwA}!zxGGH36I``CXy`c1vFpy z4|L(}k00kgM`vygIgCk#Pzuewd7gB8vn%38NW1UaN|j%hSc+;$tK#nl;C?91ZG6vl zVh%vp1_R`0{1krDK!a9Fx{cMTWf}P);&GSS@SQ>I2%VX7fe4Bj$Tay=nj=krO9YkC zcxBW{^MSq2Vbs3A@`!Dm*KArSC4%vEtI0Q+Nos=}RHz%b7dv(&SR8JfFDB>yHK^Of zKg&sTeK}5wtAk;MH4!qM2+OlJYKs2r3)E-sqD$P493bbmjR_9ZjdON+7uMoh0S(48 z$3C>ugYk)yhSG*HM#TDh*=yRITg6ub@QO8{yd6eju}{$PVmk@wCh|0usmGmxmZg%K z4CUl4d~-Ok-+A7B%mB6ul8s@*8u}c2d{SJHIj}x5tHXYOc84J-Eub=D;TFTCX9>2z z8YVnRMt$WajERb+s?X4ay@VPv6fImYjYyYdB(@eXW#K5Wv#RZcNFl?v1!>KjD|9eG z3*9RhVC(mw1V-Z4nL7$omIQ1V7v@LHe@>mQr`645grUDOSQe((^*@9T=HoI~H-=1_ zfc0vXs}`;zb`T_uy7HvEt^3 zkMhvZ%$n-Yg|DeSL&yjV5nHAz5mz^nh3cE6NfR>t?NH;h*(11v?}t0^-z~+iAB4HY zMyhOQNKrM#zyS%A+L4O#Jh3(XUc$(G$Qt}v)vD}Bo%KaY#f0q*@1*2vCJr69-k0qe zDus&(hEdW)Du5^Zdt%^d@s)+^&HL%%gbc9i67vtbNk4XRv__v4mLau$QjgcZ>)Bg2 z+Q+4QQM%0j=9J<#dr&?rCk3wcci?aQ3N39B3SwW6L4{u@C6MR85B*)s$?pvo@lcsw zSBsA-Lo6AZ(1WA+o?(=htkG^W4a82bk)2???HeNDS-E``bFI0-oG!vbtXmX*dGMDl z`ls(#@vewlERsC!-!<1vn(gM!WQys}zi##Uv&S>)84a4>+CC0txH!G6F|4z_BIR@- zb8mRhr0V%o$Q(VJ)%{*dK!^ku8Z8_6;~gq zNBD@Kgn8%K1J#k{8HR;xpPy%3km}Ls4iN`Wz zAzCcnH;HaU#=~q0W=H~O>n%WpOd5b6bFxC(K*0lP6}cigs4=&&zmvUyKggoe?Ggu|Lq2xB<3S} znnLY7nh!y8zu!Mj6vyBc+5`g-9zdJVZOShE3LMraRS#ymeu3m()(?-4e@0U$s!PIB zV$swmC~-tOX!r5h!op3$9fVKUM)VR&paV9HfHPCVpKj2B!4cB_@~Tu=XdW#w|8G>V z+XU=5X@oEKope08{6X?2zqrQGnHBq(`Q%W$1Gh-v5RE6jF(tSH_#??>yW6-e%NOvw=(KI8WR(2A z>|3!A3f`}x>F!yift9~FIMx>HAn^cATap^n?-Y}23k?GlP=3Vn43L55*GI#ToTGus zAI{CnON+0=I4TNP7=c}3q~Oga6~7I)&yy6{15%*Q7{^6J)#*2Ku46W2drMu)57}T= zt>}1z-)S61bb#>TEI!Ue>hN)Gyv>0O7MWVj@%2n}L)-Q(8S2BS3TH0ZI& z#HdQc^%}PCOQwNZG`;-TSwq-h$F?e-zxQGEU(8~P>Z1j^(J^)M3rxh%2Oihin0@wy zKA2C7Q43k8amw8&EszX;M`tg`|HS&+l93Cs;fvOtxu*C#K~2kJzW%Lt`Q1AiTGpo5 zKymxH9qRE$M}0{gJGIt2GY5nnZ=2%mPP#&YjDXw|A%41G5)*|z7ABXemK3EEUSl3P zsTHiFeuoU`Yn7FF_u$E4odTqJ9I0~`p#{`kV?Hr)fKn=629q05Y7s`VkcC? zb7AJ@58ih=Q=B^eOu};)f(d(Im_4Dg&vDfXA4&KB(e>70QFU$KzX;L-Bi$vTbPp{x zG)O2Z-JJqbf^?UZ14xSjBHhwGbR#efFm!jm8?XDmp65M&@9%F8_Uyg(TIV{y-*uj! z?ZEzl=+xIb%3KDq|`>Rpkh9 zg=p`3MwUDOxDu|8ZIIwgjJANHSPelud{+BDx@}MM_yFR|^WjgRH0NsJXqz9FK8;i1 z%xLKgXf6F}t3irh(*P)(SUW-_@EjgKTB5}g86Q9O4gyVf=L8DTQx8PwD{7mq->%pj zpLg-L6PV)ua7+P?f2?@B?&xKeOg(_UDf6H+7{iI+^W69%YIE}Ri0iJHjqj7^xJMtO zT*FE>8!jz-4KS^kKgG3#@C4C^_Sy&?;r$5!AOvbWuMlv8J~lG*_cj6n+vWqM;@@~Q zLwINi%Y=T#Z)M60ed)E~L%hC;IZ2F)(q2=dCalCIbUX20vd!9m9zI26%F9{o8fFqh z;Mk4!`aI^~XL*fy!P=ytdAilqa`sUlzi!51=r?}3;Jw;P1YsRX^J3`v=RbPZ9 zxor|4A5_VWv>s_iWwbgHMt|X(72gUU(>%%y60xr+dQ6$C&Y%>tsu>Nwx?COOvP&UB zQu8V28?SK&V+_v}+(0|uQFA9!jt-Uwz#<-A&K8*oZ0h4X{WAUaL+$c6n!n5bB!1Ie z#UT(l0C6w z?psJHztvFc>d%ub!939}92Zpq^I^Vk-t4d>2V5UJS-!GTf>H=+nNSf+kS39McWtsvG<2rS*8OvuG?|h)!zN_AAY+BG2XzRdvZuyei?8w;Z)W~(wbvmmFNw#R?Mj1 z1m!ce@SsacwRR~id<>203D3tJ`WNsR zW(0ikhKYQsDV<=($s=0+Wzy3Ab(7Sqv&2Jom2>{h4u}}`2Zn^PQ7rn;hPipY12IhF#0i-wD9LIdLpi-W z4Q87O*oY}?hnf)rbDg?dN;`RBP+&!rr4Fay&Jh|Mk$EB26%U4!7WhC}| zjv9SLP8ADFq>_{4zP?vBqzf4f&a1BlYP@xa_cqdwePiE=y=*&saHGw#&O5hWaVY#v zJre0j+E;p%gv|Eq_S|mOjDZgJ$9pl^K%}1>RW^HH{r45 zZI|^b&-?Y}4qNUDE>o`B?h>&B7P}oS>YDplSKnnCH3&go-w>FqQmt8w_SWQ#PS2gF z-w~O|7#WybEsqz}rztXbpUxwvn)X(%&hBPP9(R8)uT+SJe40mx)eXwG*mCttI9m@& z?Aq~3Fuoy6cKaco!mljQCzO6vzdcqhVl{p9ld-D$hor?|K&)OFsIaS{cCVZ5({+LE zoODQ|ZScugc9mPJD!!8~lbuB$&Ob;YMa6#ew$jttG$AH^h~O%3$sXZWndr1$yyXu4 z-4xfwVTp6Up7YrwuZA5FuH%eqrh9+4wt{2GZR?2tUPHWj_jq#o5N2%rY4+K$wHn8Eel$Px|sae*!+vc}; zYDoB8(W?q{+j}Qf4V8;YFe*jxZ)Pm;)NwcEFWkI#I$y%D7e>~Xo_=;(ySsgfie|pf zPfeggL&Luw@@irA&zv;5W*ZOXafDEFlC5am=ClFwtyRX3nPfU0P6cnn)=lr?!R%bH zZTI&ch0dzkB)<$IM-|oEIHbdRy_QQ=xae+gnH@baP+VKm3k9 zbDaL_KJ8NG9z{0nA22wXwhUxe_J2N@>qx(=sG8bLyHaTpvxyy1D~EcPatrzlr#gz@ z2+tB8cAYG)j}eCWE&dD?i*XO^9+e17x#taRdDBaCN@Q3(k6{x+;Ke#%gcnX?PZNPLpRokN4Oap7*f?61^htFRr&rIUoZDxIV0Qb!d*&aiM7?Gxk$uce7um`9Xt!2!+*z0R zQiW`BnTMYFa+B?Rz$RCi4K(t;y}ce9!dl8R%oixaG4?il_)BRsgd^)&+jwCvz?x`| zi?WEAg-kX4FS^2iX%m3We8H42ao<>%*8*Tfz+C_IXy>^y|D{j-15ap*`3gWF6r=l3 z#qS9gq%wMcz&RqGO1I|-e1Gv2$(P}ln%`<#W2RtJ8m3K^R;^uIMS%a9u~waBLfv>Y zvo?^yx3K_0{~v?~VG@0*z`NFe`{DaGyU6#9<6>e`ntaddzm0!R<$R+r@^+h*MGfkr z!(!f-@=UYN%~D`sY4clID$sykGNKv_)Yxyv9DCCq)xAFxlRTSuKinwJ*|bgvEK(um zI4a?l^^yG2LR7r}s|i21_}{kRj}x&+$?6i%q@<({0jNU(cU_L(VdTm{hSq(%d(nx5 zN{+-EyUFhxe6VB|^;GK|e?dKu>A`5O<}X)jDk>g27prHBfoYo)-@Ykg*z5s+X9oBY z6JL%Vh5Zi*q@A_rjY5xH&|gT%*Y8fycv?wLxhSHZxuwuEu?7UPO$CJ(AaEXk)Cn3U5xtV?AN~ z>nr6sY{JJ{cy+4csd7zCkF7<^@%_5qmeXwRoE9YRs{RY}ps~{K{=e@<%FqxBAUxWw z6HsuUohk1v zGzo-?iisKCqcP&e4i$iVv%EarVGG3}ojkVRwg)f|nMtudZiPx8pX!tv>MsJMfQ!>P z=T!g_pv~u4oYYPLoc8yR{xp?&ru*}A3WvdK#!<<;>xxN64!`5|k;|7RKu?5bxtSaQ zKZ)9R<_9Cxz(f=$f zbKE-H2O@d4w`d%@9{dPr<)e;KVx2p3^L&LR+glny*O3=_-CkeVK~1gLw7-0|cI;fJMaIfS@;Se4?s9gmVSV(%b}4MB6hi+-~7%2Cvit~w^l~d zJaxC;bE^+no+o^>58ZJ;1OhTTRz%2tQiVdmZefL6fjBBy)P04!Ly^L^9U zdO@do-TVRAOr@!zsawnCCY#TCZaBXsr3SnLI3?M-+$x)@bQX&6Xkfu;C$p9f1>J;c z$UnWVo^u)#NuL$*-0Z2e9XsaB8&^Zb@C+@m2GLAiQ&_%0(daKy{R0Zn)CXwR8HQbpz`a-uJg|FS@aMXi&s~ewxj<= zsVHmzw~fKU^baRNa z1MOAoTZ!9q^H?);Q8I+eeMIu~xko~zY5Z(RNQnN6WYBx1ljPckI~&1ou2CR52Qq8K z#_l2WLi5yXJ zxvjP#4GGeC`S@eTWk%wEgeJSsZ5!WVBT5|s$$^3Lm!*=H4eZn10Qc;^@Z%q}geMcZ zwX8X4q|;#r=3)DOokvB0c~RQp6p(~zbIvVq2G@Wx0ZRaOBC<=4PHJMc#iX2i-X*}e zLm5W=Y>~U#dx*E|6@vH`cT)sjJUJg^s~o=)rNXt{1kp4I1eFQPpIovPJg7o3JY9-u zKufnO|BGYalg){GiBr^ee0OI`GpecIL8tG#^={cICu@AP8 z9+kt(=l&PDv8luhLk7F2I-1C*kA3j{UO`A^EGjqO6(INeov`O-O2fL}|BA6|_f#!( z8xxNY|L&V||AAus!*3Fze1o{}_e7^?TK!*m4#NMTT_ItRRRA+q@Mr;X{q_InDu4MN z)9b(mw(z?hy$`f?X8hRW{!+yXfqqJQ9@8K9R51pA7_z<4845ta-rl+<&RpFU0#GhZ zeHRs4Y$un+Gt9blI@R1{;71&kw%zuQSQ`9Wc*=1;(ojdv{cuau8V@D7G6<_Y87f^{ zoc5hRYw8E(x=PS;`XI!thcbLgs6OsF&w7RBaehC&t?0L@x!o$w|AIp|KWDXffiybv z=lZb1gMCk{7dd?z z7GVsPZ#qyM3 z;8OAH!1cyJu&^%^?2UYn4J%c!`^nHI)?ZRb>-4P-GS4ZczDVZvKL!~j!S zku)|IK#}!6Vwqbr77>~`^cAz(xpCftr|a)N!o+%NfM5NsW8<>@s(;i|XX6@y*gxow4;4(>yK$joKD+Q`6 z!TZCloTfmBIqkuz5YNrd`fR&6PyW+;uH9|~+MvX~dJZsiF1${g11(Qm?<_8ZTGI08 zn^@^XECdpYeq*U~GB9L2Y!M%p%! zNgcVhV{}g_6sC0dQif;v-Wdt*MKo*atkDYI?Oq}C$tAA?eXUWfbX;%YozxFQ&=i7} z9tAfLvr)AFi864(=^(5uEL13$c2yrY#hfKkG`U4)4YISaczH24c%7{^ z?;ZK6|FVvQWr!|bTQz4K<(zi<%gGiAU}{Y_)@o$Nf07x*mFe>EU$5rz%phYt z$G*$PJ29-m_qAXAnTqJl5?8|?c@{NSFAym4a$S_)Vc7b7`s^y;RGA3YR1tU;aM_>U zOdJ2Fwzf=xtw`0Xfj!|G+?Z}*clq6Rmz-KY=)*m~6u(u13yz0+E=Z#!Z7=3<24s>RSFs+6&XfJ~F zj1&ZV*7+O1EvZR@+;{H%5Ki00;>@B<_n&|^c}ey+VvvH5%U)2+C=;o#KGBqgK0wvz z59?mp{szM6^nor9x%tLpoAoWBtU^WagU%0D^`0IzQ{gLXLM#oADpSViMMu%5p7NNo zvIQEKc(gUDi|XC68%G;MgqYSOSX)AV^Xbj)0qd{tf9B97cF{HUnaRz7+H+H5+E3+l_hncl%n#)z%pSGR+8odT@XheiU zb^v4Bwtx8Tbl`BBU&DpY2-IOIo#4{{@P_V`jfQO$yY3ku>FUScu03!XsQHgr!0}#M zo0)3WT$jhq#w6EGQ3e0wnt+*|JbKs8Q|&e8=gyLgyhWcDJxD-_=;ZsYfjT>)9`k$| z+;}%(u{TUynHQfr+b(ghHfEZ0LMEcRqbj8Z2fv%U<|~-*QzOHpC=2z{oqEjBloN&LHi?~{U?KDyJ_zgeBgBOX<;FCOW?j%BZ1)2vy*|9Eaf%23U zgT$Q(Sy|b`~w>{fo%aCXIUVam?BQ3O1b8?v<=*^ec-C3Q0SDrzoMsX=KRS}3A!)vUkLI}!u zy^%h{+!;H1{nI76O|MTe%jNWHkb!}h7|Ofd{buNrJ_LAC_08$bnkWOtS`9CLMQA_7 zwtgmrZ4Cn1ViUnM;rqgBBnl*nN-yB-s}MLl1A}T%o8EJ(76iK%TFzq|gL&4$c;L#h zZF;h@nGZuNw7~)0dPNbB`9!OLwMH9SkwO_-5fQ=v2-~{Eg|%jmSSX4=Y|+(;9=Ny@ z5sZOhl!z5t*fzsjAs0<4NAY0~Ojt^13H;LPTIz^FT!ZI$YCxQltZWfBa2ajJkY|R# zPp-nNxoWU85=wO8RMP1}6@!(1KZ{#7?vAt;kMYghrx!`bDqlMukp%iOFmUvOa;|IJ zKdXRqxUY-tqih)%#-2x8o;ECZ+0ol4I3>)iahOXwoD6t6fAX z%N%6FFxu!~biEU)FxKj<@=45hc`ir2fyurJ_rh(Sv6J61Y0y@SL%v~Pjn#=L5xwX6 z4<0EA&b9u6B>a$QXkqLks1=* zUJM0>nYM?i{#?{C_9q5_bHvnIb>yON9lVz#S=#!!S`1Y(wTWOq&_t}fapW&W#kz@66zk7^>+4|*wFxA=byq24RAC+p(zD1>|V*$9`>=dCn<9ZC#vT*xd5oR z?wfVLVrth8kbHKckv;2+PaP|vA1HM`lV`gSGY7Y7%}98#~GR1ILl#!sA6 zTW366>vMqLFED;OC|A?*=(-I741>no1iVu@w%nqqKL%uja<%+z2Ug>ivQ1N&1 zb66TDRL?rA3RXPa+R}#2)=^J6(#Og-{MK|%+vB%73BK6=3tfvux#cFu#)Gb0K=GPp z`>aKtxy)Fmh0+F`=X&>4Mzz(gdh=HRun{>5^Zd+Nm(Z_If#*$rIqlN^m}NQukn3I9 zBfxy&70CjgwO&nj*jyRYp5l>3!ERxi5%$@FuXCjzSituBW?W0Xb7V)y$cHKHH*e-S zpope+bV3jdz$<3eB|AaXlfk%Kznt|XG9oUpdhINns@v*_U+nqXf&C79Sv==9sPt?L zKbkQj01E{Nz?+(ZfgRl(4K0f)q>jE`>lhV2meL9sD151^eXoP@(pYl*cvFQbm_yDh zXy-6*I3HO?x^?&u0%KL)iW+j|iVw^@d8#@E)3ubrYk@*VAX?l{5+d06oX~=|`S%)N zHC;@PWPgSg4+blA1rl)jPn(8Mc!n$sh2c?CoOPBFyg6I?fZuhBWxA-MtZbX(f2s$C zodW9&(ryfAl(^n+N1vkxz?fc*3xH!`;Pu1*bcRJm=#PhK%gt$YR)--*U~qZY0RR0U z*YZ|4b;dHpmaD5emMOn_LO}pK9{z=+h6Mf-2Pmadqw+Bi;DezcKTI?E7iCyQUBQGF z{oq0^7pg?#F%Z782#r>9t91Gz0KT~C3VV(hnke0Iwj9kxqb7bb&Kft3K|cz3souMq zO9YCD#*mXDjlM<~2px|)2}|wG>70rkOkt#~*;+7K!e+j)R+cBB9qfxhU{^#BjI|GE3<7O2wd{0TH|Z<#8lK=7P3K!QPkrxG3qc z8v>FLcdd;@AWUj-GZx(Khf9V~d(HF2O~XH@lSXMN(QAR3sL;fJJmdHJ@K`Wnxd5}N z@eYXad4#ftS#EvL2(he3fo@XT8a|e)=8=vAR;U5W@g}2K@9P+!L4LZ@+T|!Rw=_r! zR*ivmmgh2m@FNmkx>ODbDnU2DH>*2P#S(2939^NG0;{9j{O+VIa3YI#q_Ll~Ap{@+ zH)j&F&#aWuMr5#rW=K6 zrQgyHC?m$~OY4}6G-?Cg87HLD56-&55W07npMBLzy{|ABEig2J11jO?$tG z0-FS?bcV)UC7mX(EGJws^3`iSCMWBO9kjM^M@+nTZ}faVWgArQ)NhrJ*z)wnoWF1> zCa&9n%YEUCQdMx2p=-W7t!e3WUkl|kt(6JGjTEoPp!Rra__P4!?;dHnUS(a7zO4$; zrGA`pOhYdI*>8ASF(JE8lcL0`Bgn;WZIv%G#>I*jmeIj~yg9+c+#|Ixk3&g~ z$Z7~}F~&C(iTE<1e%QujQsA*(o z-Y&;15eH#FVH_C98L&Tahk8Z>S%XQ)nl_% z5V8{c3BsUrf`0<7f4I$MgI-dIFMW{C1Z`d`az9459ht`#kNdATcSJ-c|YZy8+#Y#!=s!T zjD8{62&f4yZ003u=%HFWR?wiZ&3?f;j_vDzW)CFPJy=b3({Yx8z2jp}p8M1rFIBpv z$nU6YoP>iNf+9A0Uy?@b@>15PS!S`|St7d!lD4@@vrI8BE3&Fp{o%7%MNO`^{1007 zd0tii0)qbP`pds*y2|rh8aRM4=CyW>y_S|AsG#>ttt+I0K{XZHGJNte%}BhIjxw>t z^SnsR`3ZPBpjl6$Gx!)Ozc=W9&cF=w!d`;aMG0(Q?D++t2vdlq#EuW=ZjbQD=u$Fx z{ivG!N(jTW>R^}tG-A?6+4c@t=FygMF13v=upw(Jr3c7jLqZZG?6sY-T2slj%8>{q zwqHsWf3wmyepV>CB6DNLh5-A^%+JY0JpHp|=L95~A$cxVn*?M1(_wc~VhFACG%ga&cw0sv^rB}wSV8efIf$5bOq#;hG@8Gd#Xl~JprkS#J=)sua-(>}6f_$`CZ94U z`UwIB(PPQtetXMjmW6-ADd*ott^t$Q{9e$DX(sc{06ouxLA1i5q6mp(OIqn<%`Z>pba8QAd2NP2gU>RCozc`ON{l>4act5oY{Aqy zqgD1(>+Sn`&@}fEC&jGhb3#Z3Xn2hEelSNULMv2ID5u85*tD5|4R0WVYSBe4`WdJ+ z=>f(1V+`(y6~%?)1c-T6W-2#J3iO^ zNCzDh3m=)zl&YKOB&tRz-}`oV=2ew}`{zD zL5m(YB$EhGe|(@KDL8J-_NePn=5sOT+xKy=Zq*y!b8!`5GK$EIF?>14ZH`G;6Gj9^ z{K{{Vz6v|V-6~tsBGXtSLw~Z*65`HSZM*eTLoR{V+uh)C0B`e^^ew-FpDS%^CJ(bgS2fV)>D)bQxPy5thW?N0GTw_n!S zkUb>V7>uB0^uxr3faqzz#`aiRnxD=&HS8=G7epNeDl?i={>iEet=8?^a|>`1%T9zsF5mE{8#n7=Z35-%O|Ou265%3 z9!iA9sh`T&An+reK7<6Qi|$meTie_%Y3W8YRz1_~7SHdb8e%Z5OtWcsagZ4%$@6dH zA(N&tPHo=)t-ya9GO~j&asJumnEwM1sdbBiaK)Y2D-9Qmq_d#RU=!1$gOZ=ffDwNB z1b`k6ak=8Rc2Ht{_4;VhRV}ti^Gfj>AhJhQLTq)x$PE3QB;&0|>0QYr#4_ha855JKo|O-Am60;a#;qj-L6P6hp)%*+%&$^-*-RIH1=L#-1b}ZhS=tLe_%_E{Vr( zK(%vPA*jn*e6&XB8+rEKq=9p6%ctWv+loPp(;D*B#FKy}P;%3xiuHH=RDxZs@VIgo z<~+t!5j9a4*H3cZ1BwMdy5TkMIdyaCelJT7QF12Hq#L{IF%}K0!sSly{<(cD+tytI*|XM2WRKq zAprDHL^-8%BM&=}1}u2QxGlzNcGNnEayjya49b<85ARM>lpoPdEZ2p&e*+cpdRImue!R#g+(o}BO{y59)&0sHrJ+%}?1;(w&03YaDK0;o-qM`c7CqWA%wObvkY2w3{|itSDIsv+~|F3VY+Zw;*m*0pN~!JaE<{ zjVwRDGK=7E^9Jm%$84pwX6H!BJMu^5dw2&IbBnivYZt8;v{XRd1(D#4MRNMo`h}0FANL@D)WD&<_VK}K4`aM+xiDbDb&E0JPa9#E)*O#2ce}OS z5Ii67spS$;dw2X6+YiBbCC zT%)IRHNnFuyBeR;Uc|b@164=ySHrc9Kt5#77>3S*T=EC9dVNpJG%a*6>)~t!!}n0eHzESI*p0UoMmV5iK zC0^Yu<>)@eJmKkHbnEBvy!t6A5%Ml`#Bmd{sRwa78h&=2)^g1>DSSQyBodCn9-sLV z1hG$qPB`+vzAy-h6W^p2L9eBuekZpsTUY_g`S@E$6RD9?SpDcCS%k;ut%Q%lC$w6O z!>6HD2uk4NGOgZfBF}A$hXv^z#PB6@e7ny^s@uF?wve8o?q=Z`ZF>5R0TNKJrU+wi z5IFH|;#ji3s)L#WjOuoy3JyvEW{|*IU3`o!HUB zzu&<>a6f7z{+jeM-la=}9VidV1u(a+9Wh-8z=P_ujFR=r#w;DX=xZlM&{coTEYl}~ zY0nxsH+d30QQ^mn_K0WgM0gYDpMyq>?F)z@vZ(D;Y(AhM)h1(y>y5 zC~aP-%_LEd#Fm}tn_?)R86L)Hv;P%1v%g~5g#a7V80gOmNp!15RJ!o5aK*mY#Nj${ zkf(B$^*D@~Wj=`1MUcH1r)va09<&J-QMw(WyT|@PbSd&8ygGYWVv_*_P&i7Fg7~;O zIcGcm!HV~3tIvIf|J#)P9Yhc+M%U3(`o}Ah-6P-!kP>9Nd0aX^rh_a=a6E7DQE_X# zJ5Za%3=>^5ywKP~>*nQEl8J6y4scn)VgLDJpzJ9WsP zgqhx|*hy%)#xAg7m4c(BW#X=w7riCtMM0>Iv>H<*|yq~Tfjz4JBTOTpgA zMjRBhN(9pmMn6^cTLP1Q(GDZ#SFbD!_5unJk zP2`~%!8E6cg{JwbQ{$w#Q}lV5&<%k4R;Y)11x1=D$T)QVJN3DWj|k~s(~j4aFeZsS z%up5dey2&TvU6Ox5?yP>5|RU=HUq| zH8zkVxPHe04Pt6$C#$J!Du_^Pp@B36SLmCGBG%#A>+?nCt_FZV?2?Z93^UChiLoIFMJ=>t6+Ejmo;oqgSZnrJ5u0KQIQGQZfv!+OvlK& zdFb*8*p9VF6}oIS>ddrZV7li46w`&zdm3Gsv%*AS$uD103~4XLfcb{3_Lo}Ae-+mx zYv{IV*!Cb)TzQWJiZz5Foz|Zmt3}{3d@p`7JOE)*eL$7B`1qs%VXFyOxusjuoaUul zaRJAy6U!vk$?sBzL!AAd)p{*FLZVQS55e5w!?tMLcHPUW7bBjK?Oyc-(z`>Wa9ncD zG(4~&1$%@d1z#bg$+c%*bUBU{rSugMtdUJb`~8`+&kH{$ptKey>iot$7($*!gIRP* z@|0fxL6AOfvKr&L7@H-bhH?SQGA&~~xn3bpg7gFsfoY$_$ZAz5(Z94MIEX1h!Qi)8 z_s*S94AW&<1P%Gr%1f8jNi2VIQ|y)vwk~j$Iu|?(!7SpDW5Mp;-?a@HCMakRT11zN zxjPa?Jypc1O>n+08eM-p98m~OfccLRtjrLcQ>BSeod5XovklwxqOXd~lOBj_`3(GV z-uTzdk(Zy3!Zn`86}!`Wdef!Y>LzkE+V6(CwXzcIVe`bg6dlnC43D}(qt7OOKVSTB za&RHe5Db!vl@fpP2h!B-Or8_xjP#1=jK}xC642+F(tOm8J#j5t zp*&Ny7CjO432`=|l=uN&#i;eV7NkZI_dShiPCE;?=^h%rP`--xTawTW=g)#WAR9dj z81gnumTnJ>OT@!_ia%s|LH?-GjFkkxEZX^9uF{mp(c?PLC*j#eZXL5zrAduI+#hi1 zSWf<^)sUs2yPvzT_t&6>?$S z$8sE+ZPtN$mP*={4v9v{`p{5`nA)FUF^h=T7Moe4 z!p->eTrNG5=%5>s#Zn<759ot~bW+w{xzkWMui!&49t@?#@b-#7%);94_cho4Xil!G z7Aw`qJ4US3y7xiDBY^8ffW&(*=JQW{M)*dyPdL9s1oSg~2PWEC*INkB`cp+VQ+GUw zkPU018X|t{aMxP`0zgiv)DdaO&(H_(fEAtR?h!69nGjhT3S)kX4KT_An`NB;hC)9Q z<*|yaBsFu4_rBP5e+23t%E*8Xfsdkp!jiCXoHg4dhwxwN3i#zLEsJF1$QVHc@=F>a z^h1eZg!QJ(CRGPf0GrfJ+yj{iloLG9cg>9Wx%~e7w%v9jZaTzlNNT^+tMk zlM?bk{BzL!f~|8O%kfk01zmUPj4qgnZmfv!Re2A2SnS_!9UTCIJLxC)FF-=~S|tul zayfk`0enyLZh2=`@tBCG?`T1Ia&VPe9vD{m$cs*JkV{c+%(<#*6BZQo*nxeCt04B2i||Kf;bL+? zux&kD#83NitatHSQ$qNL1|>R$caqtlSe^N;8dQg0vEKoB(zb1J$#SgPtDHPs$|j3 z0lOQIU#Mi5jSG9aEu)T#nfYlLfydOOY8mti&uL|uo1ygt#&4kRgG3^yy;C_p`}r#< zJMsK2neVbMMLAS5KjRhip&r0QJG@LB%=txVIl|&iX9e|)i^9pRb4aZ1Frh-R*dioJsAelby)#|c0o-O|X0U9&7n33OVVwFh zD@R0Uax6KgcK1^eIU3A5O3Z~cQ4R*B4T`Q2QW9=H0_i`mAk%KzDrv!+0?jPUBSvFD)( z?m}%LhpgJ7l?OH-NYxb|$aSOTo_S!uR6E=k!&IYquB)#deJH~ijShNDCW2-YQb=5` zSPbuLcp5KUEip|>Z-hHhgv#!zz(g?054A-bRanc|AfU(ZA%vt6jHTGdh^_rWF0xE5 z)u=7-1j`D)21;yb?$0VN6V%+%G)oki{Xi|YA`~TrWGG!2$kwtklA=1$=kuT*{<6I!DEZ$C& zD7nqbSpzG?CrlSoNap6$Q``UwV`C!Nc@U8}no6!x8+nVIK`uBg15fktom&VWvOp`Z z_MG|3B|gLoAp;mht=`6BsB=DHMD=Pkqp-ZA>_)YVERo`|Ot#9cs6=-$p{!wSrB3s;d1~i=aaR>_@(_@K-uaWuO_{EnMKwLyCK{b$FJvi1BOHiDkr0|_%3*NhM zrBsm0+Ra+-Lu9oUrp`0KN7u;%CfiYh>$`yy6bdR#s&{T1{++!`=cAibU}sqhymY(> zzibwlqT~Id1U*^S=nU>X66>%r=I?1P<{czMgEkDY*_E|gn}x-o_n#4D6r?e9Pt3w? z%pa*7Qp=}>FrKO1f{LP-@)<+XvG(3WK#wU7p=bS=94b*RYcyD>7UR^`26ox**r0q@ znQ*i-S=6vC!l+ntq!|Ba8;`<|8Fid_DRsSy9V5eL{Aeipb||7IqDPyoQzcNsUyuk< zMsg322-vY)^UKqXH zt<9+fljZtReb7*|(JqGUKP!elk#o6pAZh8XGy|_f!*cGcz(AWI*mYRR-c0Db2Fw;b?ufX0f!pfGhkUWys71spy#Me|Je%#F9gt->Ue+1Q4CUNEkxj2^wrORy7H4~74si}zZLN(Mo zUdu4TI5>d7)WII@NRX+T{}8FNkce?jd(aIR!;!|y4NGQ%){dXO2Q>{iGYkpS#u3QF z?q<3o=!e41E#nBK;{(Z?km5zc)|gaKaoY%+4#HS`h;@*cDjAn_*pRsEU5GQ!GE|oP zEcij8Mw_rpOpM3qOp-)sN1IcO60*J8hUx%DPOPAo@<<+xe?`*XPRP$%i+V zCCTPEi5LU@w!yeamne}nXOVP+VWPyM9tyYE=+N{DP9gpjqSI49ju3%V)#3NCAuTCT z^D7PG@o;uI1Uxjo8P3}MlhiS7+e*e*xmH8eP&>FbpyBohb4wKbO1eE^VXQ;#qJ`fJ z)B}cV3qX-BOyYwd*MyJUah0Voi1MiNWkQfeJdg!9$$1>hkYCc~kyp9qp)g*+0XZ$6 z=+j!4pr+h|rNlwk=f2F?i|WTd)Dbm>sSA^t3#rfUf%-Lt zxpajO+lmXfWt@^;1npVs;~-ZS)(Pm^!h1?DMIa^JAlP`TZK3<7a~wRYK*M@Br$qjo z!jES!r15DW7-KKa#U1uBgxjZ=uRu-xFwQ?>Sra%GA#LgZ?&WG;MWBRfO-1n7O_o?K zB8=z%wD+B1O(*Z#mQ|@LB7#(bl_E&5p}Byd(gakB6zRPQ(u=O4h9Zj8KvtxPD8)z< zLNt_66N>Z_si7u7fDl5+`Qh$=cdzq)JzviIzVjhhAk&{`W}bQGzGsY|>ZuEH#K#Z* z@W1weS8w``s(`LE6>mW=M%^?lI<1xBhKe6>zrrDZA~A6GuK)Yw(9IaVil@^~7>IlO zvzZRAYU3aC{=94EANm3n%KT63rRMN-zY|1ppi|`0--PS}JP*1xC++1HgV;d#nV^zX z8S4(D0?YX(g)1-Lx!gO4M^Bo8uAbKkW4lR|O}T(7AB~S;)1vfQ@8VTbOHEN!j9Taq zE?x~ju}Nk~?3MPHV)GOgeLIFtJCBS06$)Q^qLUxLI#;aAPIZ`+FL#x{1G%A-Enf(= z{|#!|pMi(UYn|cghyl6O15fo;s!yK5qQcxC^Jc|fPBkZR+NVjEn6o(;poPdfrQ&a=67HtriQDR* z&9l#<0~qxpmWzz3eXfPQH>vSWMMipOltw=IwO(FQ7yXntXX%pX=6tBg#{i8#YorIa zA`08W!eIyP0!1OW5ty&1_?Y*^ci;H5QB6*s2+IB>kbhzC0mjrDxiR^94%o;Ho(*&! zZvM+C>$_4q(=(~dJ-{H(%Rh4qY%Pd6FM99uO^KmBBMFnmHntN_yE0EJ6+SB%YU+3^ z=PJ;8V)nScb_-8G2KQ8cfmh{rvR*jTh!Os4b^i;$D=eQoV*?AnFGYC0QN%qw@kXyQ z;xJ#R&;1cJe5LHFnn&(RgUF8ht55c2xYqd>obQX>C8M|j*f($>sRx$t6Yok8&-c{* zqu=V5sCD((cJy5LvU3qU4Kom_z_z@%cJM_k2vfb`%zgXnO9ogz@fY1tHY?z~T)6ou z&0Wi119Y4O%P6#SzJ3<8u_U&Ln^lgz+_~6LHEYey2$EkmEEaz4HIwGfF8GM#mD(re zKw|*QdHEJ88gu>fs7Oh}#Itmslv>N84U5{~oD}wv0u8cld-R^wLoZvtJ2!r7UOK;H zc|Ref!o*Dldt>4{jNbHW+p02hdV_!Ykr6gQY|(P-!ZR%O7IpBlt@qsVkp(`5A1665 z*Uymhtgcw;io6CKvc?K`#}p;*eFyuN`e}(+W+#~v_fg@cFI?F%a!>jm3F;=BGB0+1 zx*)DG4L&w_Qd7L}ehK5x{b%+sGtkm!#!HOuMmvEGgko`!Y$C6dwF&o?W2aAZm9?K) z)PMi*cM*&MfMW^p`3w9F^lPBOGtwJ$#)g<4uT}m_ibAr&1?!b}|iKamhQD63pfA>y9)>A{hK$R&m1lynE(Z3QrJ-VCgt5l83o?T(5yBxw1| zzB{q?-w8SvJ^mFEaE*lwp7jcynR&f5PQ)cjJ1_wHXyJ{W*l09XZcVW_fnfuU|L z^m-CfgUy5cPjowgD*yI)t@H?ZXjOclx;eD6_{y=_@Y-0lkKDwqa+Zj#yk;#e$`jb# z$%>kAFY}*R`|}qu1CReYcpAU-Gii;hD^D#rg^x-TF^QQFb=HpSRAVpB>VF`y2r)0pl~=rV{Zsc^F5FS=b;a_9?2TzIprsjsLGfJp&dkCoHl z=*0{m@E-$9FAx(LksKIypku8{p7O~xR{x(Y3uBBo;;-I4$Dw?O1eEgcw2?Wz4<^M1 zxbD;V@R_>*rgiAPPv4POEBo&`vX$w%_IghPub@T$L)zHBd^uQKg-jQ+u{C5bJEqj- zy$O_gyV%J!%VoDSG(rK6qvzVdbzRfu2k3V44$mgk;pp~Khpb`4J%`Qf@)2@b(Wb7* z&SJk;WAY8#%yJLKvZfW`_{Yn5*V-FW`F_=iYy-Nv(fUDbD<%h#X`m$!ZwOqLyiIqN zLd3WR0=d2zi)h$3m(NqpioWG4usD#0^^UXIH*HY(pwAHHrmKPjed-=vBRW0y5O5Bb zIg{d+*%Q7nfa~?f*}s~LI?Dx%L!^)KH*AM_dcu^8k-1~W4MAJWP#X{>n_g?%*mIa` zfY;d2yuj=h>>x#3&K)P`{LmmZn}Ze}b=!azz*{c|1j@^J$4<%bX7Pd za9PcD_l^|pL(lm9KuGu6j?Mlbxs2WX<(kc}42b6D6Em+>WZ-0=2SR0?q-YyGnj+UF zyn?>Z$C9>l_zcEFsbcV!_R?>LIXgYYB%V>NEX=_l(Q|`Ub)F&zO)WM#`2_}e)sW8O zK@T$8X5RqdTU-(uAO3zgY`#y*dD2}hojpcr*mjd&g&Gj=$_I>1T+3>9cg>m~$f?y1 zyM1?eYe(qGqh`B#I_nSw3JEL;s%TSWpERhpn=fEjH_+J;3j3{~XxkA{A7$iIP!hBS zvX|bH+S-}DtXM;o{MI<1UlO#^HWs*?5gUmJy<_B)bDP)N{9%dNet=?)i&Q|6REk`< zF7RQfaPLm3UC{^8J=Sdu&=Q9g)8BD@Uu{4;vxJ7Am7CEJ@qC;+P!Z)GKULs&oKluC z-woRr17*V8<(y?+7ry`Y{ib+6=$id5XxPwF+6>LHdUFMpfuW0{MFT%Nj&)O=39loJ zm(>k`Osq&dLYgP+)2~z}?Kn2CrH||tW~8Rg=KmUM(FD)HH1>=@sKej)wFhLnP?AWI z5#D>|4_(dn6BXHqAsU|TBak^(f&4#`XIspS+;#d9Y&P9>V{2sQuuEG-Ps{@`Bl$y<%X zhD)zD9f0C$o=szl$>llz72ef$t?`SiHzU`OkC*p;%)g>2Ocis173|tLdYTH9s@5wvN6$l7Vn1QH^JjAt! zhIlCBwPKFIWrNIH_TpK_GicST{=Z7#2PlH`5<<~El#6QT zHlWv`&Cm3oKdP|-X%X)AAAh~O(hziw5(#>J^G?g9JHnXf`cEj;FEC+S#!sm~!o~Bc z9m;oa;iJt#*mOU25|l4+d0uA%7|*)VfI`Yj9{?7szNQB5*sR9FU|3q1Xluk`RB2Gx zZ?cH$Pgy3g$xr(G^BEcg5SL0zC6Y_!y)i&QTXKLRUHbEX2Cos3W38qO-TW!I$g#I< z9D}FR2>XGFY;Ikipjyk_(KJ$V5J4E{AtUaRhVLw`>n(nD?x+^#)oUExi${5jmae5w z-yM_4>^1wV6iX$8AqeG@g=C(&nY7Zq-SNK)gX{>o2-*X{+sb>0Y`4O2*{lbW5ztc0 zUGDdsVX5t1uD~$zC#-A1IgkH_*c{XQ4xZOdq>#;`WP4a zSQhw0G85tW=SNQ#!VzI98PRJc{mI^Z1Y$n->SrUA#g9f2N4Kl_cSy=>M27M7LK;W< zaPpgRGhddWqvh*LtS6b~J^7?f0if230GRjxunHm16BBNY0c5lWz+OnWW&U$r{PgDE zYnPCa3jmP&Pl6-HVOQM0xrYe}8La;%90DX*o`16$0h+DSKPwnuA?Ox)14O&YpWnm* zT*CiQ1@b^gL`gZ0ZC<5{i5#tKM+LE5ff5fZ)KHYH9zA#K%gI}D9CdXGto&0nc%FU; zvSx4Me0oVS5v|2H;I%YbM@`vt(Iq-KDf+y>E@5Jyzx(7OMwz2K58%SSdK~yJ$6+Iz zfSn=_o}Foi)ee4kt&516)U*zWFc{U)^5*fSzkkT3{)x)dhKoy3xQ>WB3>tizF37^g ze!@|Iuw=ZM`OQe_T>CD!Qf)|eQzAgmRIQ7u3CJr)PE<_2z$$+1@^;Q*cpH;UgvHpqf2u_nX z_?`+R<2YEJS#^ivZ9{goxg4l1A{On`}ErU@9?M}Z>&NE>-1FCbhy57?lTBe4PD-W9-<-FgF02Ms(zp|k82e*-&`aRPj&e?Ecp0#+RZ)-rg*2Q3k=lXus zU|FNV&m}d}I_T+uMY7=bq4#7(o5FQJVZ7wF z4BZ*8@AI-uPzuN`@vvqd-KchgJZU%*fPyfS8&D4>`JY0(6=tg9m0NN@Tl}Z2x*#a4 zL4}Vf!=EBCv%81^l5@EJ6mj}iq5rUgQMruyPf2EQ#=?QDV}YH{k-VD3po&I=*Lwa` zfQ6egA3Sm&IF$U9v$*vC>LMSoDMi|RD(c=(t}m1{~kLL ze3BR?%X_#t@dkeeH$ArEEfX8tI2q056jO)9 z6s2=xtLFl*j|#3u&7FLML+bD{F5rw(16XCSmMY6f`$+henJ9 zNj4vrY-(=Rc5tu8O;sX9Q*W3Ac}vup!{tzZ_g z9RUuMuLX`{T&mjeVxiZ1l)DO{2HW!0n<|*r#CFNX;dOn~*vDE{eNAd*A00COf)EY% z&0-)L&wOW3@X~${_o?PAyq*d^;rJ5<%iZxN2wM=ysI|! zh4U}IX>OV<@#+WRDhn-iXX;tzGY2G!|G}!g;gx7FEJepM@_8=`Ktgja`Xc>D=k_BC zN3~Xwf@?W60l|EZsjBwrc<`&~!%x1LjehL86v4$aQzY#sLZV-41$%+b^NnpCfiQXK zem@<>HiqDXG7@zJ!Zn}=)5-zhMzlE*?WR8e&BC!h{KCQHoI~1XWDAP1GOcI8p7qQW z*)cekJQuKrri4wm@JFce(ih*2M|9QZ?+s`BFTM3^4rWw7na-HyQwmh-|s*&$DUo!w9@p2ImBIV zDfIH=YDqT1{Ic=2QfG8&N%M_Sd>d-~3~x?iqe;tCLvP_*SskrJ==!DPzzh@0UW`Lo zZ!IGnJE61|x!n84oNPNw`Et1YiK`i^d+qH+#MG95cGR<7S;T~D47PRo+!NuirF2nn zO4>RP=tH%y<&zPu?@8aW(Try%cf2iwAr%gbs*4}^(lM#Hjf8@kB|6nYJ=LGI+g-_} zGZ=C(vEwlFdidQ`rO`yy&{Jf)@$aY9K62OfDom_7OzEVuiXx~_)Pq;$rC59}SqXip zU-xy$r$vCR7NHV^5r-kg7T=Lcj#GZvbBFAilN)4*=C&-xDGW`Y*M;y}gJjH!<65+S zr(+rPk+txVAF_wZVR6ihn7%4G>9JFVS0uN(Jv!Wd$>Rqwa9uJt@%Cy#^lpx7`Pm}F zr+%T%SQ%WQfh#34Xmk&Jy!yG*CaV%_Y0N6IZslJi!0TkY3@q$Xwo9$*Y=?YdW0`XtecoCvZ6URSD(5;?({c0wI2w3iN2?X2R$5h@b^F;5eAPAyCt>$Trl`B?F7L z-ksUx(x`?1*2g_*R}ZpHjeoI!z>5l!$8bf*bmhDmK_0TVBu!kevAGyHMUM>Q%4YP@ zd#~n$jJTMUUpsM~z1Tj!hP=v_=Ax^_=%$@A$h$%#gexU=oU*V~J=E|LNoqI^iOJt+ zf5)g@!`8Mc5a5_C&Yldf%~6h%;N%oB2#k^?c+_Z|V^YlNAXIJT&a~F)#mghl0dufG zB03NOY=M=wBk2=d(HNWrvB`wxz7`=x+A$k6kvaNka9p(?cEGi0U*t5o+sI$q8Zoh5 zG`IpLX)0@6)DOLU+!wM@P$3dm$Nr`H>&x!A%dSvy?;-jmXl8O9+C5jD;PQ(UvPO}t zs^I(31C2n9&1tjP+I!K*)oq%)Qv+ZH#AtT??6KO7YhLa5>n#Luzsb&hfV<*VeqEzu z@v{lxI1?J}LH^%1PQw?UyCV10U||8a?%UcDA1~ttVY{{rwwSJ3Y~u}gq)lmkii{_C zr510?v6zjt&DLUXPu{J7)6?0R@rFSoqEKa(191JVOM+83O?xQHniclEd<8B58)U`= zq1>-+i$tSlJXa|;fSFP4{?Kz#wx*o73N}drv#dRC=iyT_clZU)a z#@DlcYg}8jovp3e)pR~FGbzR1H5u5H_Qt8jRRjC37rqAS`AzC7wDFLV1e!6lV?RWU z`_>4f!R3Rd{s+KR$)JP|UTOAPyEnSl`kU;pc{Hwk9Jvh#p% zmiI4&GJJarqyNf;2h0Jb9$Y}#OH|kdsj}js&4*AeXbc+Sn=IJB*4>2r^12*OW0a=T z%G}zj0(4!mhGN*MH%i-K@escctW^F7YL5}$iJn>wH8ZBAVD@Q#b5SU{f$~P|+VmBHjwBYYg`jsJ;@VIlq*ShcWnbo5wogn zg$TL+E~aUQI|G(1AINB}_OOuygcVl)?G-m%v~V;=7k?)pq7E*_D%woFpYK0SEjc54 z0W-k@LYmG@DoxZ`1S7_=x-=-`mR*3_2tIN>YyBeL#m|4Q)AR=^*(>#&lk`=n)r*w$ zfCnqCf-<_wkWYNnfxf=EGBOIVwD{G;ck4F~v#}mhl%%N;*3zhTzuNake;fNlJ~sjI zhdjW!4O`NwjKh8S?3yp8v9(OrNfX7f8u)!Nnrw$oyuwjIOa^)-c<&L-wT(I+6q`vi z_k(eVG?_U`cpEJV6;^8C`@urRsWgUtHfgjc(3M_u=pQ;tileqjS+Fp6`yp(h@ftwn zI6kQ+sqJn;OpCBdFPOR=;7~~;gn}^CspXe>bDAHXM)lF8(O8htNB{O(e-yI*7VvucgG#IEJ+S{&=(j0Ux`pfQilN;680_91II!7glkF0bq2i)pSp3jqV&os_- zHM^jw=cpVn65qo8;8D1gvzi|qt7dN*HWJm+NsQqk(pyKG84Nzu1!Vi~FYDy3eTh7o z+lJ!euqXd;nyaz8uf|A0_%)bspT>tO8w9*(n!sV;#k_~-)U}wpVjtLONY?aU zau_Kmu#~TT@>3UuS+DGDl1=wE$Bv^9^CwA&zo|;Jg2ee&baC1!YQ9!`m-^m zOVyy|DZj!O$vBfkGT7y`puQ@Ig7BL?gvOhiVsg4H_8UXJqvB*-D>nY{(^lF1C>wAQ zG~Jz@Xfe0Q4TY^I7!s5TXwi~(VoT&~D2)wir!~bstL8IjSu1EsX*5=;tk+W)WzKF3 z`+@r&T~JPlM&pHrM}joZKgNWqa#BBC2w6uQUO>he@$YmW!U*v(ss$0Q3bbTDG%_uN z^Q{-QO=FuoM(X38e zvj2wW3lr9&k+D5C+U)L^NJ&DaN9W%g&kr7~Jdl^wS4Q?V!ZR;^$$jvThQUh|y}=LJ zJ&hPb0RM<}>%Y?c-{L^{A90fy5KY>fL&ir0S$N-i03Ms)S-CE2S4#oc$+4xo7GXC6 z9+G+3f{7ZD&=SD&ay)pYN+3kyPruTUcj*6z|L1!^j`2W?Q