Framework/Core/AzSKADOInfo/UserInfo.ps1

using namespace System.Management.Automation
Set-StrictMode -Version Latest 

class UserInfo: CommandBase {
    
    hidden [string] $organizationName;
    hidden [string] $userMail;
    hidden [string] $projectName;
    hidden $principleFlag;

    UserInfo([string] $organizationName, [string] $userMail, $principleFlag, [string] $ProjectName, [InvocationInfo] $invocationContext):
    Base($organizationName, $invocationContext) {
        $this.organizationName = $organizationName;
        $this.userMail = $userMail;
        $this.principleFlag = $principleFlag;
        $this.projectName = $ProjectName;
    }

    [string] GetUserDescriptor() {
        # fetching the users list to get the user descriptor mapped against user email id
        $url = "https://vssps.dev.azure.com/$($this.organizationName)/_apis/graph/users?api-version=6.0-preview.1"
        [PSObject] $allUsers = $null;
        try {
            $response = [WebRequestHelper]::InvokeGetWebRequest($url);
            if($response.count -gt 0) {
                $allUsers = $response;
            }
            else {
                $allUsers = $null;
            }
        }
        catch {
            $this.PublishCustomMessage("Could not fetch the list of users in the organization.", [MessageType]::Error)
            # [EventBase]::PublishGenericException($_);
        }
        $userDescriptor = ""
        $user = $allUsers | Where-Object { $_.mailAddress -eq $this.userMail }
        if([Helpers]::CheckMember($user, "descriptor")) {
            $userDescriptor = $user.descriptor;
        }
        return $userDescriptor;
    }
    
    [MessageData[]] GetPermissionDetails() {
        [MessageData[]] $returnMsgs = @();
        # getting the selected users descriptor
        $userDescriptor = $this.GetUserDescriptor()
        
        if([string]::IsNullOrWhiteSpace($userDescriptor)) {
            $this.PublishCustomMessage("Could not find the user in the organization. Please validate the principal name of the user.", [MessageType]::Warning);
        }
        else {
            # fetching membership details
            $url = "https://vssps.dev.azure.com/$($this.organizationName)/_apis/Graph/Memberships/$($userDescriptor)?api-version=6.0-preview.1"
            try {
                $response = [WebRequestHelper]::InvokeGetWebRequest($url);
                $formattedData = @()
                $count = 0
                foreach ($obj in $response) {
                    $url = "https://vssps.dev.azure.com/$($this.organizationName)/_apis/graph/groups/$($obj.containerDescriptor)?api-version=6.0-preview.1";
                    $res = [WebRequestHelper]::InvokeGetWebRequest($url);
                    $data = $res.principalName.Split("\");
                    $formattedData += @{
                        Group = $data[1];
                        Scope = $data[0];
                    }
                    $count += 1;
                }
                $returnMsgs += [MessageData]::new("Total number of groups user is a member of: $($count)")
                $this.PublishCustomMessage("Total number of groups user is a member of: $($count) `n")
                $formattedData = $formattedData | select-object @{Name="Group Name"; Expression={$_.Group}}, @{Name="User or scope"; Expression={$_.Scope}} | Out-String
                $returnMsgs += $formattedData
                $this.PublishCustomMessage($formattedData)
            }
            catch {
                $this.PublishCustomMessage("Could not fetch the membership details for the user.", [MessageType]::Error)
                # [EventBase]::PublishGenericException($_);
            }
            $this.PublishCustomMessage([Constants]::DoubleDashLine)
            $returnMsgs += [Constants]::DoubleDashLine;
            # fetching permission details based on project names parameter
            if ([string]::IsNullOrWhiteSpace($this.projectName)) {
                # if there are no project names provided, permissions details of org level needs to be displayed
                $url = "https://dev.azure.com/$($this.organizationName)/_apis/Contribution/HierarchyQuery?api-version=5.0-preview.1";
                $body = "{
                    'contributionIds':[
                        'ms.vss-admin-web.org-admin-groups-permissions-pivot-data-provider'
                    ],
                    'dataProviderContext':{
                        'properties':{
                            'subjectDescriptor':'',
                            'sourcePage':{
                                'url':'',
                                'routeId':'ms.vss-admin-web.collection-admin-hub-route',
                                'routeValues':{
                                    'adminPivot':'groups',
                                    'controller':'ContributedPage',
                                    'action':'Execute',
                                    'serviceHost':''
                                }
                            }
                        }
                    }
                }"
 | ConvertFrom-Json;
                $body.dataProviderContext.properties.subjectDescriptor = $userDescriptor;
                $body.dataProviderContext.properties.sourcePage.url = "https://dev.azure.com/$($this.organizationName)/_settings/groups?subjectDescriptor=$($userDescriptor)";
                $response = ""
                try {
                    $response = [WebRequestHelper]::InvokePostWebRequest($url, $body);
                    $returnMsgs += [MessageData]::new("User permissions (organization level):")
                    $this.PublishCustomMessage("User permissions (organization level): `n")
                    if ([Helpers]::CheckMember($response, "dataProviders") -and $response.dataProviders.'ms.vss-admin-web.org-admin-groups-permissions-pivot-data-provider' -and [Helpers]::CheckMember($response.dataProviders.'ms.vss-admin-web.org-admin-groups-permissions-pivot-data-provider', "subjectPermissions")) {
                        $permissions = $response.dataProviders.'ms.vss-admin-web.org-admin-groups-permissions-pivot-data-provider'.subjectPermissions
                        $formattedData = $permissions | select-object @{Name="DisplayName"; Expression = {$_.displayName}}, @{Name="Permissions"; Expression = {$_.permissionDisplayString}} | Out-String
                        $returnMsgs += $formattedData
                        $this.PublishCustomMessage($formattedData)
                    }
                }
                catch {
                    $this.PublishCustomMessage("Could not fetch the user permissions for the organization [$($this.organizationName)].", [MessageType]::Error)
                    # [EventBase]::PublishGenericException($_);
                }
            }
            else {
                # if project names are provided, permissions details of project level needs to be displayed
                $url = "https://dev.azure.com/$($this.organizationName)/_apis/Contribution/HierarchyQuery?api-version=5.0-preview.1"
                $body = "{
                    'contributionIds':[
                        'ms.vss-admin-web.org-admin-groups-permissions-pivot-data-provider'
                    ],
                    'dataProviderContext':{
                        'properties':{
                            'subjectDescriptor':'',
                            'sourcePage':{
                                'url':'',
                                'routeId':'ms.vss-admin-web.project-admin-hub-route',
                                'routeValues':{
                                    'project':'',
                                    'adminPivot':'permissions',
                                    'controller':'ContributedPage',
                                    'action':'Execute',
                                    'serviceHost':''
                                }
                            }
                        }
                    }
                }"
 | ConvertFrom-Json;
                $body.dataProviderContext.properties.subjectDescriptor = $userDescriptor;
                $body.dataProviderContext.properties.sourcePage.url = "https://dev.azure.com/$($this.organizationName)/$($this.projectName)/_settings/permissions";
                $body.dataProviderContext.properties.sourcePage.routeValues.project = $this.projectName
                $response = ""
                try {
                    $response = [WebRequestHelper]::InvokePostWebRequest($url, $body);
                    $returnMsgs += [MessageData]::new("User permissions for project [$($this.projectName)]:")
                    $this.PublishCustomMessage("User permissions for project [$($this.projectName)]: `n")
                    if ([Helpers]::CheckMember($response, "dataProviders") -and $response.dataProviders.'ms.vss-admin-web.org-admin-groups-permissions-pivot-data-provider' -and [Helpers]::CheckMember($response.dataProviders.'ms.vss-admin-web.org-admin-groups-permissions-pivot-data-provider', "subjectPermissions")) {
                        $permissions = $response.dataProviders.'ms.vss-admin-web.org-admin-groups-permissions-pivot-data-provider'.subjectPermissions
                        $formattedData = $permissions | select-object @{Name="DisplayName"; Expression = {$_.displayName}}, @{Name="Permissions"; Expression = {$_.permissionDisplayString}} | Out-String
                        $returnMsgs += $formattedData
                        $this.PublishCustomMessage($formattedData)
                    }
                }
                catch {
                    $this.PublishCustomMessage("Could not fetch the user permissions for project [$($this.projectName)]. Please validate the project name.", [MessageType]::Error)
                    # [EventBase]::PublishGenericException($_);
                }
            }
            $this.PublishCustomMessage([Constants]::DoubleDashLine)
            $returnMsgs += [Constants]::DoubleDashLine;
            # flag "$this.principleFlag: $true" if PrincipleName is not passed in the command.
            # This will not execute if principle name is provided as PAT and OAuth details can not be fetched for others.
            if($this.principleFlag) {
                # fetching list of all pat tokens
                $response = $null
                $url = "https://vssps.dev.azure.com/$($this.organizationName)/_apis/tokenadmin/personalaccesstokens/$($userDescriptor)?api-version=6.0-preview.1"
                try {
                    $response = [WebRequestHelper]::InvokeGetWebRequest($url);
                    if ([Helpers]::CheckMember($response[0], "displayName")) {
                        $formattedData = @()
                        $count = 0
                        foreach ($obj in $response) {
                            $formattedData += @{
                                DisplayName = $obj.displayName;
                                Scope = $obj.scope;
                                ValidFrom = $obj.validFrom;
                                ValidTo = $obj.validTo;
                                IsValid = $obj.isValid;
                                IsPublic = $obj.isPublic;
                            }
                            $count += 1;
                        }
                        $returnMsgs += [MessageData]::new("Total number of PAT Tokens of user [$($this.userMail)]: $($count)")
                        $this.PublishCustomMessage("Total number of PAT Tokens of user [$($this.userMail)]: $($count)")
                        $formattedData = $formattedData | select-object @{Name="Display Name"; Expression={$_.DisplayName}}, @{Name="Scope"; Expression={$_.Scope}} | Out-String
                        $returnMsgs += $formattedData
                        $this.PublishCustomMessage($formattedData)
                    }
                    else {
                        $this.PublishCustomMessage("No PAT token found for the user [$($this.userMail)].")
                        $returnMsgs +=[MessageData]::new("No PAT token found for the user [$($this.userMail)].")
                    }
                }
                catch {
                    $this.PublishCustomMessage("Could not fetch the PAT tokens for the user [$($this.userMail)].", [MessageType]::Error)
                    # [EventBase]::PublishGenericException($_);
                }
                $this.PublishCustomMessage([Constants]::DoubleDashLine)
                $returnMsgs += [Constants]::DoubleDashLine;
                # fetching list of all authorized oauth apps
                $url = "https://dev.azure.com/SafetiTestVSO/_usersSettings/authorizations?__rt=fps&__ver=2"
                try {
                    $response = [WebRequestHelper]::InvokeGetWebRequest($url);
                    if ([Helpers]::CheckMember($response, "fps") -and [Helpers]::CheckMember($response.fps, "dataProviders") -and [Helpers]::CheckMember($response.fps.dataProviders, "data") -and $response.fps.dataProviders.data."ms.vss-admin-web.authorizations-view-data-provider" -and [Helpers]::CheckMember($response.fps.dataProviders.data."ms.vss-admin-web.authorizations-view-data-provider", "authorizations")) {
                        $authorizations = $response.fps.dataProviders.data."ms.vss-admin-web.authorizations-view-data-provider".authorizations;
                        $formattedData = @()
                        $count = 0
                        foreach ($obj in $authorizations) {
                            $formattedData += @{
                                RegistrationName = $obj.authorization.clientRegistration.registrationName;
                                RegistrationLocation = $obj.authorization.clientRegistration.registrationLocation;
                                OrganizationName = $obj.authorization.clientRegistration.organizationName;
                                Scopes = $obj.authorization.clientRegistration.scopes;
                                IsValid = $obj.authorization.clientRegistration.isValid;
                            }
                            $count += 1;
                        }
                        $returnMsgs += [MessageData]::new("Total number of authorized oauth apps of user [$($this.userMail)]: $($count)")
                        $this.PublishCustomMessage("Total number of authorized oauth apps of user [$($this.userMail)]: $($count)")
                        $formattedData = $formattedData | select-object @{Name="Registration Name"; Expression={$_.RegistrationName}}, @{Name="Registration Location"; Expression={$_.RegistrationLocation}}, @{Name="Organization Name"; Expression={$_.OrganizationName}}, @{Name="Scopes"; Expression={$_.Scopes}} | Out-String
                        $returnMsgs += $formattedData
                        $this.PublishCustomMessage($formattedData)
                    }
                    else {
                        $this.PublishCustomMessage("No OAuth app found for the user [$($this.userMail)].")
                        $returnMsgs +=[MessageData]::new("No OAuth app found for the user [$($this.userMail)].")

                    }
                }
                catch {
                    $this.PublishCustomMessage("Could not fetch the list of authorized oauth apps for the user [$($this.userMail)].", [MessageType]::Error)
                    # [EventBase]::PublishGenericException($_);
                }
            }
            $this.PublishCustomMessage([Constants]::DoubleDashLine)
        }
        $returnMsgs += [Constants]::DoubleDashLine;
        return $returnMsgs
    }
}
# SIG # Begin signature block
# MIInvwYJKoZIhvcNAQcCoIInsDCCJ6wCAQExDzANBglghkgBZQMEAgEFADB5Bgor
# BgEEAYI3AgEEoGswaTA0BgorBgEEAYI3AgEeMCYCAwEAAAQQH8w7YFlLCE63JNLG
# KX7zUQIBAAIBAAIBAAIBAAIBADAxMA0GCWCGSAFlAwQCAQUABCC+FzunQqi+Ou/0
# TiwpX/ZI0qplTclyEMBQqz1dwvjD+KCCDXYwggX0MIID3KADAgECAhMzAAADrzBA
# DkyjTQVBAAAAAAOvMA0GCSqGSIb3DQEBCwUAMH4xCzAJBgNVBAYTAlVTMRMwEQYD
# VQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNy
# b3NvZnQgQ29ycG9yYXRpb24xKDAmBgNVBAMTH01pY3Jvc29mdCBDb2RlIFNpZ25p
# bmcgUENBIDIwMTEwHhcNMjMxMTE2MTkwOTAwWhcNMjQxMTE0MTkwOTAwWjB0MQsw
# CQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9u
# ZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMR4wHAYDVQQDExVNaWNy
# b3NvZnQgQ29ycG9yYXRpb24wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
# AQDOS8s1ra6f0YGtg0OhEaQa/t3Q+q1MEHhWJhqQVuO5amYXQpy8MDPNoJYk+FWA
# hePP5LxwcSge5aen+f5Q6WNPd6EDxGzotvVpNi5ve0H97S3F7C/axDfKxyNh21MG
# 0W8Sb0vxi/vorcLHOL9i+t2D6yvvDzLlEefUCbQV/zGCBjXGlYJcUj6RAzXyeNAN
# xSpKXAGd7Fh+ocGHPPphcD9LQTOJgG7Y7aYztHqBLJiQQ4eAgZNU4ac6+8LnEGAL
# go1ydC5BJEuJQjYKbNTy959HrKSu7LO3Ws0w8jw6pYdC1IMpdTkk2puTgY2PDNzB
# tLM4evG7FYer3WX+8t1UMYNTAgMBAAGjggFzMIIBbzAfBgNVHSUEGDAWBgorBgEE
# AYI3TAgBBggrBgEFBQcDAzAdBgNVHQ4EFgQURxxxNPIEPGSO8kqz+bgCAQWGXsEw
# RQYDVR0RBD4wPKQ6MDgxHjAcBgNVBAsTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEW
# MBQGA1UEBRMNMjMwMDEyKzUwMTgyNjAfBgNVHSMEGDAWgBRIbmTlUAXTgqoXNzci
# tW2oynUClTBUBgNVHR8ETTBLMEmgR6BFhkNodHRwOi8vd3d3Lm1pY3Jvc29mdC5j
# b20vcGtpb3BzL2NybC9NaWNDb2RTaWdQQ0EyMDExXzIwMTEtMDctMDguY3JsMGEG
# CCsGAQUFBwEBBFUwUzBRBggrBgEFBQcwAoZFaHR0cDovL3d3dy5taWNyb3NvZnQu
# Y29tL3BraW9wcy9jZXJ0cy9NaWNDb2RTaWdQQ0EyMDExXzIwMTEtMDctMDguY3J0
# MAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQELBQADggIBAISxFt/zR2frTFPB45Yd
# mhZpB2nNJoOoi+qlgcTlnO4QwlYN1w/vYwbDy/oFJolD5r6FMJd0RGcgEM8q9TgQ
# 2OC7gQEmhweVJ7yuKJlQBH7P7Pg5RiqgV3cSonJ+OM4kFHbP3gPLiyzssSQdRuPY
# 1mIWoGg9i7Y4ZC8ST7WhpSyc0pns2XsUe1XsIjaUcGu7zd7gg97eCUiLRdVklPmp
# XobH9CEAWakRUGNICYN2AgjhRTC4j3KJfqMkU04R6Toyh4/Toswm1uoDcGr5laYn
# TfcX3u5WnJqJLhuPe8Uj9kGAOcyo0O1mNwDa+LhFEzB6CB32+wfJMumfr6degvLT
# e8x55urQLeTjimBQgS49BSUkhFN7ois3cZyNpnrMca5AZaC7pLI72vuqSsSlLalG
# OcZmPHZGYJqZ0BacN274OZ80Q8B11iNokns9Od348bMb5Z4fihxaBWebl8kWEi2O
# PvQImOAeq3nt7UWJBzJYLAGEpfasaA3ZQgIcEXdD+uwo6ymMzDY6UamFOfYqYWXk
# ntxDGu7ngD2ugKUuccYKJJRiiz+LAUcj90BVcSHRLQop9N8zoALr/1sJuwPrVAtx
# HNEgSW+AKBqIxYWM4Ev32l6agSUAezLMbq5f3d8x9qzT031jMDT+sUAoCw0M5wVt
# CUQcqINPuYjbS1WgJyZIiEkBMIIHejCCBWKgAwIBAgIKYQ6Q0gAAAAAAAzANBgkq
# hkiG9w0BAQsFADCBiDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24x
# EDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlv
# bjEyMDAGA1UEAxMpTWljcm9zb2Z0IFJvb3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5
# IDIwMTEwHhcNMTEwNzA4MjA1OTA5WhcNMjYwNzA4MjEwOTA5WjB+MQswCQYDVQQG
# EwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwG
# A1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSgwJgYDVQQDEx9NaWNyb3NvZnQg
# Q29kZSBTaWduaW5nIFBDQSAyMDExMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC
# CgKCAgEAq/D6chAcLq3YbqqCEE00uvK2WCGfQhsqa+laUKq4BjgaBEm6f8MMHt03
# a8YS2AvwOMKZBrDIOdUBFDFC04kNeWSHfpRgJGyvnkmc6Whe0t+bU7IKLMOv2akr
# rnoJr9eWWcpgGgXpZnboMlImEi/nqwhQz7NEt13YxC4Ddato88tt8zpcoRb0Rrrg
# OGSsbmQ1eKagYw8t00CT+OPeBw3VXHmlSSnnDb6gE3e+lD3v++MrWhAfTVYoonpy
# 4BI6t0le2O3tQ5GD2Xuye4Yb2T6xjF3oiU+EGvKhL1nkkDstrjNYxbc+/jLTswM9
# sbKvkjh+0p2ALPVOVpEhNSXDOW5kf1O6nA+tGSOEy/S6A4aN91/w0FK/jJSHvMAh
# dCVfGCi2zCcoOCWYOUo2z3yxkq4cI6epZuxhH2rhKEmdX4jiJV3TIUs+UsS1Vz8k
# A/DRelsv1SPjcF0PUUZ3s/gA4bysAoJf28AVs70b1FVL5zmhD+kjSbwYuER8ReTB
# w3J64HLnJN+/RpnF78IcV9uDjexNSTCnq47f7Fufr/zdsGbiwZeBe+3W7UvnSSmn
# Eyimp31ngOaKYnhfsi+E11ecXL93KCjx7W3DKI8sj0A3T8HhhUSJxAlMxdSlQy90
# lfdu+HggWCwTXWCVmj5PM4TasIgX3p5O9JawvEagbJjS4NaIjAsCAwEAAaOCAe0w
# ggHpMBAGCSsGAQQBgjcVAQQDAgEAMB0GA1UdDgQWBBRIbmTlUAXTgqoXNzcitW2o
# ynUClTAZBgkrBgEEAYI3FAIEDB4KAFMAdQBiAEMAQTALBgNVHQ8EBAMCAYYwDwYD
# VR0TAQH/BAUwAwEB/zAfBgNVHSMEGDAWgBRyLToCMZBDuRQFTuHqp8cx0SOJNDBa
# BgNVHR8EUzBRME+gTaBLhklodHRwOi8vY3JsLm1pY3Jvc29mdC5jb20vcGtpL2Ny
# bC9wcm9kdWN0cy9NaWNSb29DZXJBdXQyMDExXzIwMTFfMDNfMjIuY3JsMF4GCCsG
# AQUFBwEBBFIwUDBOBggrBgEFBQcwAoZCaHR0cDovL3d3dy5taWNyb3NvZnQuY29t
# L3BraS9jZXJ0cy9NaWNSb29DZXJBdXQyMDExXzIwMTFfMDNfMjIuY3J0MIGfBgNV
# HSAEgZcwgZQwgZEGCSsGAQQBgjcuAzCBgzA/BggrBgEFBQcCARYzaHR0cDovL3d3
# dy5taWNyb3NvZnQuY29tL3BraW9wcy9kb2NzL3ByaW1hcnljcHMuaHRtMEAGCCsG
# AQUFBwICMDQeMiAdAEwAZQBnAGEAbABfAHAAbwBsAGkAYwB5AF8AcwB0AGEAdABl
# AG0AZQBuAHQALiAdMA0GCSqGSIb3DQEBCwUAA4ICAQBn8oalmOBUeRou09h0ZyKb
# C5YR4WOSmUKWfdJ5DJDBZV8uLD74w3LRbYP+vj/oCso7v0epo/Np22O/IjWll11l
# hJB9i0ZQVdgMknzSGksc8zxCi1LQsP1r4z4HLimb5j0bpdS1HXeUOeLpZMlEPXh6
# I/MTfaaQdION9MsmAkYqwooQu6SpBQyb7Wj6aC6VoCo/KmtYSWMfCWluWpiW5IP0
# wI/zRive/DvQvTXvbiWu5a8n7dDd8w6vmSiXmE0OPQvyCInWH8MyGOLwxS3OW560
# STkKxgrCxq2u5bLZ2xWIUUVYODJxJxp/sfQn+N4sOiBpmLJZiWhub6e3dMNABQam
# ASooPoI/E01mC8CzTfXhj38cbxV9Rad25UAqZaPDXVJihsMdYzaXht/a8/jyFqGa
# J+HNpZfQ7l1jQeNbB5yHPgZ3BtEGsXUfFL5hYbXw3MYbBL7fQccOKO7eZS/sl/ah
# XJbYANahRr1Z85elCUtIEJmAH9AAKcWxm6U/RXceNcbSoqKfenoi+kiVH6v7RyOA
# 9Z74v2u3S5fi63V4GuzqN5l5GEv/1rMjaHXmr/r8i+sLgOppO6/8MO0ETI7f33Vt
# Y5E90Z1WTk+/gFcioXgRMiF670EKsT/7qMykXcGhiJtXcVZOSEXAQsmbdlsKgEhr
# /Xmfwb1tbWrJUnMTDXpQzTGCGZ8wghmbAgEBMIGVMH4xCzAJBgNVBAYTAlVTMRMw
# EQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVN
# aWNyb3NvZnQgQ29ycG9yYXRpb24xKDAmBgNVBAMTH01pY3Jvc29mdCBDb2RlIFNp
# Z25pbmcgUENBIDIwMTECEzMAAAOvMEAOTKNNBUEAAAAAA68wDQYJYIZIAWUDBAIB
# BQCgga4wGQYJKoZIhvcNAQkDMQwGCisGAQQBgjcCAQQwHAYKKwYBBAGCNwIBCzEO
# MAwGCisGAQQBgjcCARUwLwYJKoZIhvcNAQkEMSIEINQJoxoBldRjeQj9EWXU320r
# FOsy22Kk2U8oUiAwDUB4MEIGCisGAQQBgjcCAQwxNDAyoBSAEgBNAGkAYwByAG8A
# cwBvAGYAdKEagBhodHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20wDQYJKoZIhvcNAQEB
# BQAEggEAAyY7P7QcZzpaP12HdMRH0VNaIQe/kdpFHljZa69c4Fyd/nMjYkXKqoOR
# NfUO7cL9eMYaMyh+3pdV9Z+2zsF4AHJbakwZ5vb3DYxBq+rdQwsj2ixx9/iFeEpP
# H/eBpTMGgVCxTXCBRpwKLdBoeyzk7SdARJgo5IFbhAtWfsSOqXoE70r+kkP3ttfz
# KytPbnL56RDr4GjeOw8Mv1JQmtIjRIlE/1254wNiPIX5Y6VgQMPD2N8ZpJrYuCx9
# dmKMqoc7tzHcqsgbSw0mw6kYXA5Fx0L6cKeAC4TKN2r/7QLM/6WyT1G9vAHsw2Io
# jDC9e6507RKQE9g6W8HxyeDbkgA7eKGCFykwghclBgorBgEEAYI3AwMBMYIXFTCC
# FxEGCSqGSIb3DQEHAqCCFwIwghb+AgEDMQ8wDQYJYIZIAWUDBAIBBQAwggFZBgsq
# hkiG9w0BCRABBKCCAUgEggFEMIIBQAIBAQYKKwYBBAGEWQoDATAxMA0GCWCGSAFl
# AwQCAQUABCCTNIqCu8mzuxej03rk+TcpXoA4/75SQIfiiISuXkI/TQIGZbqk+b1V
# GBMyMDI0MDIxMzEyMjUwOC44MTVaMASAAgH0oIHYpIHVMIHSMQswCQYDVQQGEwJV
# UzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UE
# ChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMS0wKwYDVQQLEyRNaWNyb3NvZnQgSXJl
# bGFuZCBPcGVyYXRpb25zIExpbWl0ZWQxJjAkBgNVBAsTHVRoYWxlcyBUU1MgRVNO
# OkZDNDEtNEJENC1EMjIwMSUwIwYDVQQDExxNaWNyb3NvZnQgVGltZS1TdGFtcCBT
# ZXJ2aWNloIIReDCCBycwggUPoAMCAQICEzMAAAHimZmV8dzjIOsAAQAAAeIwDQYJ
# KoZIhvcNAQELBQAwfDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24x
# EDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlv
# bjEmMCQGA1UEAxMdTWljcm9zb2Z0IFRpbWUtU3RhbXAgUENBIDIwMTAwHhcNMjMx
# MDEyMTkwNzI1WhcNMjUwMTEwMTkwNzI1WjCB0jELMAkGA1UEBhMCVVMxEzARBgNV
# BAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jv
# c29mdCBDb3Jwb3JhdGlvbjEtMCsGA1UECxMkTWljcm9zb2Z0IElyZWxhbmQgT3Bl
# cmF0aW9ucyBMaW1pdGVkMSYwJAYDVQQLEx1UaGFsZXMgVFNTIEVTTjpGQzQxLTRC
# RDQtRDIyMDElMCMGA1UEAxMcTWljcm9zb2Z0IFRpbWUtU3RhbXAgU2VydmljZTCC
# AiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBALVjtZhV+kFmb8cKQpg2mzis
# DlRI978Gb2amGvbAmCd04JVGeTe/QGzM8KbQrMDol7DC7jS03JkcrPsWi9WpVwsI
# ckRQ8AkX1idBG9HhyCspAavfuvz55khl7brPQx7H99UJbsE3wMmpmJasPWpgF05z
# ZlvpWQDULDcIYyl5lXI4HVZ5N6MSxWO8zwWr4r9xkMmUXs7ICxDJr5a39SSePAJR
# IyznaIc0WzZ6MFcTRzLLNyPBE4KrVv1LFd96FNxAzwnetSePg88EmRezr2T3HTFE
# lneJXyQYd6YQ7eCIc7yllWoY03CEg9ghorp9qUKcBUfFcS4XElf3GSERnlzJsK7s
# /ZGPU4daHT2jWGoYha2QCOmkgjOmBFCqQFFwFmsPrZj4eQszYxq4c4HqPnUu4hT4
# aqpvUZ3qIOXbdyU42pNL93cn0rPTTleOUsOQbgvlRdthFCBepxfb6nbsp3fcZaPB
# fTbtXVa8nLQuMCBqyfsebuqnbwj+lHQfqKpivpyd7KCWACoj78XUwYqy1HyYnStT
# me4T9vK6u2O/KThfROeJHiSg44ymFj+34IcFEhPogaKvNNsTVm4QbqphCyknrwBy
# qorBCLH6bllRtJMJwmu7GRdTQsIx2HMKqphEtpSm1z3ufASdPrgPhsQIRFkHZGui
# hL1Jjj4Lu3CbAmha0lOrAgMBAAGjggFJMIIBRTAdBgNVHQ4EFgQURIQOEdq+7Qds
# lptJiCRNpXgJ2gUwHwYDVR0jBBgwFoAUn6cVXQBeYl2D9OXSZacbUzUZ6XIwXwYD
# VR0fBFgwVjBUoFKgUIZOaHR0cDovL3d3dy5taWNyb3NvZnQuY29tL3BraW9wcy9j
# cmwvTWljcm9zb2Z0JTIwVGltZS1TdGFtcCUyMFBDQSUyMDIwMTAoMSkuY3JsMGwG
# CCsGAQUFBwEBBGAwXjBcBggrBgEFBQcwAoZQaHR0cDovL3d3dy5taWNyb3NvZnQu
# Y29tL3BraW9wcy9jZXJ0cy9NaWNyb3NvZnQlMjBUaW1lLVN0YW1wJTIwUENBJTIw
# MjAxMCgxKS5jcnQwDAYDVR0TAQH/BAIwADAWBgNVHSUBAf8EDDAKBggrBgEFBQcD
# CDAOBgNVHQ8BAf8EBAMCB4AwDQYJKoZIhvcNAQELBQADggIBAORURDGrVRTbnulf
# sg2cTsyyh7YXvhVU7NZMkITAQYsFEPVgvSviCylr5ap3ka76Yz0t/6lxuczI6w7t
# Xq8n4WxUUgcj5wAhnNorhnD8ljYqbck37fggYK3+wEwLhP1PGC5tvXK0xYomU1nU
# +lXOy9ZRnShI/HZdFrw2srgtsbWow9OMuADS5lg7okrXa2daCOGnxuaD1IO+65E7
# qv2O0W0sGj7AWdOjNdpexPrspL2KEcOMeJVmkk/O0ganhFzzHAnWjtNWneU11WQ6
# Bxv8OpN1fY9wzQoiycgvOOJM93od55EGeXxfF8bofLVlUE3zIikoSed+8s61NDP+
# x9RMya2mwK/Ys1xdvDlZTHndIKssfmu3vu/a+BFf2uIoycVTvBQpv/drRJD68eo4
# 01mkCRFkmy/+BmQlRrx2rapqAu5k0Nev+iUdBUKmX/iOaKZ75vuQg7hCiBA5xIm5
# ZIXDSlX47wwFar3/BgTwntMq9ra6QRAeS/o/uYWkmvqvE8Aq38QmKgTiBnWSS/uV
# PcaHEyArnyFh5G+qeCGmL44MfEnFEhxc3saPmXhe6MhSgCIGJUZDA7336nQD8fn4
# y6534Lel+LuT5F5bFt0mLwd+H5GxGzObZmm/c3pEWtHv1ug7dS/Dfrcd1sn2E4gk
# 4W1L1jdRBbK9xwkMmwY+CHZeMSvBMIIHcTCCBVmgAwIBAgITMwAAABXF52ueAptJ
# mQAAAAAAFTANBgkqhkiG9w0BAQsFADCBiDELMAkGA1UEBhMCVVMxEzARBgNVBAgT
# Cldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29m
# dCBDb3Jwb3JhdGlvbjEyMDAGA1UEAxMpTWljcm9zb2Z0IFJvb3QgQ2VydGlmaWNh
# dGUgQXV0aG9yaXR5IDIwMTAwHhcNMjEwOTMwMTgyMjI1WhcNMzAwOTMwMTgzMjI1
# WjB8MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMH
# UmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSYwJAYDVQQD
# Ex1NaWNyb3NvZnQgVGltZS1TdGFtcCBQQ0EgMjAxMDCCAiIwDQYJKoZIhvcNAQEB
# BQADggIPADCCAgoCggIBAOThpkzntHIhC3miy9ckeb0O1YLT/e6cBwfSqWxOdcjK
# NVf2AX9sSuDivbk+F2Az/1xPx2b3lVNxWuJ+Slr+uDZnhUYjDLWNE893MsAQGOhg
# fWpSg0S3po5GawcU88V29YZQ3MFEyHFcUTE3oAo4bo3t1w/YJlN8OWECesSq/XJp
# rx2rrPY2vjUmZNqYO7oaezOtgFt+jBAcnVL+tuhiJdxqD89d9P6OU8/W7IVWTe/d
# vI2k45GPsjksUZzpcGkNyjYtcI4xyDUoveO0hyTD4MmPfrVUj9z6BVWYbWg7mka9
# 7aSueik3rMvrg0XnRm7KMtXAhjBcTyziYrLNueKNiOSWrAFKu75xqRdbZ2De+JKR
# Hh09/SDPc31BmkZ1zcRfNN0Sidb9pSB9fvzZnkXftnIv231fgLrbqn427DZM9itu
# qBJR6L8FA6PRc6ZNN3SUHDSCD/AQ8rdHGO2n6Jl8P0zbr17C89XYcz1DTsEzOUyO
# ArxCaC4Q6oRRRuLRvWoYWmEBc8pnol7XKHYC4jMYctenIPDC+hIK12NvDMk2ZItb
# oKaDIV1fMHSRlJTYuVD5C4lh8zYGNRiER9vcG9H9stQcxWv2XFJRXRLbJbqvUAV6
# bMURHXLvjflSxIUXk8A8FdsaN8cIFRg/eKtFtvUeh17aj54WcmnGrnu3tz5q4i6t
# AgMBAAGjggHdMIIB2TASBgkrBgEEAYI3FQEEBQIDAQABMCMGCSsGAQQBgjcVAgQW
# BBQqp1L+ZMSavoKRPEY1Kc8Q/y8E7jAdBgNVHQ4EFgQUn6cVXQBeYl2D9OXSZacb
# UzUZ6XIwXAYDVR0gBFUwUzBRBgwrBgEEAYI3TIN9AQEwQTA/BggrBgEFBQcCARYz
# aHR0cDovL3d3dy5taWNyb3NvZnQuY29tL3BraW9wcy9Eb2NzL1JlcG9zaXRvcnku
# aHRtMBMGA1UdJQQMMAoGCCsGAQUFBwMIMBkGCSsGAQQBgjcUAgQMHgoAUwB1AGIA
# QwBBMAsGA1UdDwQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFNX2
# VsuP6KJcYmjRPZSQW9fOmhjEMFYGA1UdHwRPME0wS6BJoEeGRWh0dHA6Ly9jcmwu
# bWljcm9zb2Z0LmNvbS9wa2kvY3JsL3Byb2R1Y3RzL01pY1Jvb0NlckF1dF8yMDEw
# LTA2LTIzLmNybDBaBggrBgEFBQcBAQROMEwwSgYIKwYBBQUHMAKGPmh0dHA6Ly93
# d3cubWljcm9zb2Z0LmNvbS9wa2kvY2VydHMvTWljUm9vQ2VyQXV0XzIwMTAtMDYt
# MjMuY3J0MA0GCSqGSIb3DQEBCwUAA4ICAQCdVX38Kq3hLB9nATEkW+Geckv8qW/q
# XBS2Pk5HZHixBpOXPTEztTnXwnE2P9pkbHzQdTltuw8x5MKP+2zRoZQYIu7pZmc6
# U03dmLq2HnjYNi6cqYJWAAOwBb6J6Gngugnue99qb74py27YP0h1AdkY3m2CDPVt
# I1TkeFN1JFe53Z/zjj3G82jfZfakVqr3lbYoVSfQJL1AoL8ZthISEV09J+BAljis
# 9/kpicO8F7BUhUKz/AyeixmJ5/ALaoHCgRlCGVJ1ijbCHcNhcy4sa3tuPywJeBTp
# kbKpW99Jo3QMvOyRgNI95ko+ZjtPu4b6MhrZlvSP9pEB9s7GdP32THJvEKt1MMU0
# sHrYUP4KWN1APMdUbZ1jdEgssU5HLcEUBHG/ZPkkvnNtyo4JvbMBV0lUZNlz138e
# W0QBjloZkWsNn6Qo3GcZKCS6OEuabvshVGtqRRFHqfG3rsjoiV5PndLQTHa1V1QJ
# sWkBRH58oWFsc/4Ku+xBZj1p/cvBQUl+fpO+y/g75LcVv7TOPqUxUYS8vwLBgqJ7
# Fx0ViY1w/ue10CgaiQuPNtq6TPmb/wrpNPgkNWcr4A245oyZ1uEi6vAnQj0llOZ0
# dFtq0Z4+7X6gMTN9vMvpe784cETRkPHIqzqKOghif9lwY1NNje6CbaUFEMFxBmoQ
# tB1VM1izoXBm8qGCAtQwggI9AgEBMIIBAKGB2KSB1TCB0jELMAkGA1UEBhMCVVMx
# EzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoT
# FU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEtMCsGA1UECxMkTWljcm9zb2Z0IElyZWxh
# bmQgT3BlcmF0aW9ucyBMaW1pdGVkMSYwJAYDVQQLEx1UaGFsZXMgVFNTIEVTTjpG
# QzQxLTRCRDQtRDIyMDElMCMGA1UEAxMcTWljcm9zb2Z0IFRpbWUtU3RhbXAgU2Vy
# dmljZaIjCgEBMAcGBSsOAwIaAxUAFpuZafp0bnpJdIhfiB1d8pTohm+ggYMwgYCk
# fjB8MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMH
# UmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSYwJAYDVQQD
# Ex1NaWNyb3NvZnQgVGltZS1TdGFtcCBQQ0EgMjAxMDANBgkqhkiG9w0BAQUFAAIF
# AOl1nNkwIhgPMjAyNDAyMTMxNTQ2MzNaGA8yMDI0MDIxNDE1NDYzM1owdDA6Bgor
# BgEEAYRZCgQBMSwwKjAKAgUA6XWc2QIBADAHAgEAAgISkDAHAgEAAgJWADAKAgUA
# 6XbuWQIBADA2BgorBgEEAYRZCgQCMSgwJjAMBgorBgEEAYRZCgMCoAowCAIBAAID
# B6EgoQowCAIBAAIDAYagMA0GCSqGSIb3DQEBBQUAA4GBAKaoXTOBPHcFCpzjfUbD
# kXv0uTkPWx2oklX/2aU9BoaQDPzxo44N2P7svDfVSiSkYFCqlLl+sKYYDAhsiJ7t
# s0Bph66wNyhuyeqQjpud92P95FAoH2+TEwRw4mqCA7e3Hs23vgRzNTXCk0pauJyr
# Gx5uYuEE9exD5hfFu4277SKuMYIEDTCCBAkCAQEwgZMwfDELMAkGA1UEBhMCVVMx
# EzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoT
# FU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEmMCQGA1UEAxMdTWljcm9zb2Z0IFRpbWUt
# U3RhbXAgUENBIDIwMTACEzMAAAHimZmV8dzjIOsAAQAAAeIwDQYJYIZIAWUDBAIB
# BQCgggFKMBoGCSqGSIb3DQEJAzENBgsqhkiG9w0BCRABBDAvBgkqhkiG9w0BCQQx
# IgQgAjnvldOwSXawF1CnR+nCURlei8g2+VW1paRqpM8PppowgfoGCyqGSIb3DQEJ
# EAIvMYHqMIHnMIHkMIG9BCAriSpKEP0muMbBUETODoL4d5LU6I/bjucIZkOJCI9/
# /zCBmDCBgKR+MHwxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAw
# DgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24x
# JjAkBgNVBAMTHU1pY3Jvc29mdCBUaW1lLVN0YW1wIFBDQSAyMDEwAhMzAAAB4pmZ
# lfHc4yDrAAEAAAHiMCIEIFfeQWkkUSso7X/yaZwd78QWlfmYiEUkoRgg4HPaB9+y
# MA0GCSqGSIb3DQEBCwUABIICAAUHKWuJQ66Ha+V8gCPQVNm164Vv+CNiG00UmRIW
# o3xBvzAqoL6qW05M7Yc58rnh4+lEVxUHaeU2q7ErMlz/aDh0CBITVymzGwwi2mlI
# q4XHRoUxpSFc0ohm/Q46LP7V7tWn6i5BDz/6wc+O/+AeCyx2wRKn+yQ4XYBj0S30
# ntpOoSJBH9pQP0uHyHHoGyoziK9FMs08ys8D6DEosNnviCR2t2nEnFCgEBwDBfQp
# SdnJvoIiBYdyI3gfsOfcmTso7lb3SJQlXSIG2gZ89yKM6K7TEKEGwjFJBofUoFar
# A9Tv6hCaXlR3s7haEA6IQDbGvOZq/6SSqFFOg3mt2vEgF6b0v9HoRucn5LzxP5Dd
# HJt/no9FB4LQj8XiK8Fqr+9yYA8x3o2L179ha30WsdjgKimLQmU4NeNZ9LiumbY1
# IJAZLQDBr368X4+dnXiVmdmwDOEX5KZO5Z+auqvdBcuw6HjXft2II4+vxW5aFIT5
# QznnFZyc9algClUdbiOJVji8nuMBFtiubWPkgAcN6hVsvPHtdN/PfGh6Qyt0Nvxl
# GSKFceeG9WRG6lDEhq2jaaU2XzSOFHOqvXItsaTEtKj8czpbrh+WSzn1MmS7j8ku
# lNFDdiHRz1ef8u5822eON54pED7UAqWyrn78oB7R5ACXmut2AM9xAL11E+eGwpUE
# GLOy
# SIG # End signature block