public/provisioning.ps1
|
function Approve-NimbusPendingChanges { Param( [Parameter(Mandatory = $false, Position = 0)] [Alias('d', 'dom')] [ValidateSet('portal_nimbload_com' , 'portal_luware_cloud', 'portal_stage_nimbdev_com', 'portal_uat_nimbdev_com')] [string]$domain = 'portal_luware_cloud', [Parameter(Mandatory = $false)] [object]$webhookData ) Check-Module # Initialize the variables if ( $inRunbook ) { $cred = Get-AutomationPSCredential -Name nimbusCredentials $domain = Get-AutomationVariable -Name nimbusEnvironment $callbackUrl = Get-AutomationVariable -Name callBackUrl $callbackUrl = [Text.Encoding]::Utf8.GetString( [Convert]::FromBase64String( $callbackUrl ) ) } else { $cred = New-CredentialsPrompt "AzureAd" } $pstnNumbers = [System.Collections.ArrayList]@() $callingBotPermissions = "Calls.Initiate.All", "Calls.InitiateGroupCall.All", "Calls.JoinGroupCall.All", "Calls.JoinGroupCallAsGuest.All", "OnlineMeetings.ReadWrite.All","Calls.AccessMedia.All" $generalBotPermissions = "Directory.Read.All", "Group.Read.All", "User.Read.All" $mediaBotPermissions = "Calls.AccessMedia.All","Calls.Initiate.All","Calls.InitiateGroupCall.All","Calls.JoinGroupCall.All","Calls.JoinGroupCallAsGuest.All" $nimbusDomain = $mapper.$domain.domain $nimbusAppId = $mapper.$domain.nimbusAppId $mediaBotId = $mapper.$domain.mediaBotId New-AzureAdLogin $cred New-MsolLogin $cred New-SkypeOnlineLogin $cred $webSession, $tenant = New-NimbusLogin -domain $nimbusDomain $msolAccountSkus = Get-MsolAccountSku # Retrieve pending changes if ( $inRunbook ) { try { $uri = "https://{0}/api/provisioning/v1/tenants/{1}/service-details/{2}" -f $nimbusDomain, $tenant, $webhookData.teamId $teams = Invoke-WebRequest -WebSession $webSession -Uri $uri -UseBasicParsing | ConvertFrom-Json } catch { Write-Output "Web Request Failed. StatusCode: $($_.Exception.Response.StatusCode.Value__)" Write-Output "Could not get changes for your tenant. Exiting." Write-Output $_.Exception.Message Cleanup-Environment -exitCode 1 } $teamJson = $teams | ConvertTo-Json -Compress -ErrorAction SilentlyContinue $webhookDataJson = $webhookData | ConvertTo-Json -Compress -ErrorAction SilentlyContinue if ( -not $teams -or ( Compare-Object $teamJson $webhookDataJson ) ) { Write-Output "Configuration mismatch, sending failure email." Write-Output $webhookDataJson $webhookData | Add-Member -MemberType NoteProperty -Name failed -Value $true -Force Invoke-RestMethod ` -Method:Post ` -UseBasicParsing ` -Uri $callbackUrl ` -Body ( $webhookData | ConvertTo-Json -Compress -Depth 5 ) ` -ContentType 'application/json' Cleanup-Environment -exitCode 1 } } else { try { $teams = Invoke-WebRequest ` -WebSession $webSession ` -Uri "https://$nimbusDomain/api/facade/v1/provisioning/tenants/$tenant/service-details" | ConvertFrom-Json } catch { Write-Output "Web Request Failed. StatusCode: $($_.Exception.Response.StatusCode.Value__)" Write-Output "Could not get changes for your tenant. Exiting" Cleanup-Environment -exitCode 1 } } try { Write-Output "Granting permissions for main Nimbus App" Update-ServicePrincipal -appId $nimbusAppId -permissions $generalBotPermissions Update-ServicePrincipal -appId $mediaBotId -permissions $mediaBotPermissions Write-Output " [Done]" } catch { Write-Output "[Failed]" } if ( Read-HostProxy "Would you like to re-grant all permissions to all the bots configured in your tenant?" ) { try { $botIds = Invoke-WebRequest ` -WebSession $webSession ` -Uri "https://$nimbusDomain/api/facade/v1/provisioning/tenants/$tenant/bot-ids" | ConvertFrom-Json Write-Output "Granting permissions for all $($botIds.Length) configured bots in your tenant" foreach ( $botId in $botIds ) { Update-ServicePrincipal -appId $botId -permissions $callingBotPermissions | Out-Null Set-CsApplicationMeetingConfiguration -AllowRemoveParticipantAppIds @{Add="$($botId)"} Write-Output "Bot $botId - All permissions were granted" } Write-Output " [Done]" } catch { Write-Output ( $_.Exception | Format-List -Force | Out-String ) -ErrorAction Continue Write-Output ( $_.InvocationInfo | Format-List -Force | Out-String ) -ErrorAction Continue Write-Output "Web Request Failed. StatusCode: $($_.Exception.Response.StatusCode.Value__)" Write-Output "Could not get existing botIds. Will continue with pending changes." } } else { Write-Output "Skip re-granting all permissions" } # Apply updates (prompt user if using interactive mode) Write-Output "Fetched Changes for $($teams | Measure-Object | Select-Object -ExpandProperty count) Services..." foreach ($team in $teams) { Write-Output "=============================================================" Write-Output "=============================================================" Write-Output "Service: $($team.teamName)" Write-Output "-------------------------------------------------------------" if ( -not [string]::IsNullOrEmpty($team.applicationId) -and $team.isSuspended ) { if ( Read-HostProxy "Would you like to delete the ApplicationInstance of '$($team.teamName)'? The service is suspended." ) { Write-Output "Removing ApplicationInstance for '$($team.teamName)'..." try { Remove-AzureADUser -ObjectId $team.applicationId -ErrorAction SilentlyContinue Sync-CsOnlineApplicationInstance -ObjectId $team.applicationId -ErrorAction SilentlyContinue } catch { Write-Output "[Failed]" Write-Output "Application Instance doesn't exist anymore" } finally { $team.applicationId = $null Invoke-WebRequest ` -WebSession $webSession ` -Method:Post ` -Uri "https://$nimbusDomain/api/provisioning/v1/tenants/$tenant/service-details/apply" ` -ContentType "application/json" ` -Body ($team | ConvertTo-Json) | Out-Null Write-Output " [Done]" } } else { Write-Output "Skip removing ApplicationInstance for '$($team.teamName)'" } } elseif ( [string]::IsNullOrEmpty($team.applicationId) ) { Write-Output "Values to be set:" Write-Output ($team.teamServiceDetails | Format-Table | Out-String) if ([string]::IsNullOrEmpty($team.teamServiceDetails.upn)) { Write-Output "No Upn is set. Please configure this service correctly." Write-Output "=============================================================" continue } if ( Read-HostProxy "Would you like to create an ApplicationInstance for '$($team.teamName)'?" ) { try { Write-Output "Granting permissions for Calling Bot Application" Update-ServicePrincipal -appId $team.botId -permissions $callingBotPermissionss Set-CsApplicationMeetingConfiguration -AllowRemoveParticipantAppIds @{Add="$($team.botId)"} Write-Output " [Done]" } catch { Write-Output "[Failed]" } Write-Output "Creating ApplicationInstance for '$($team.teamName)'..." try { try { $app = New-CsOnlineApplicationInstance -UserPrincipalName $team.teamServiceDetails.upn -DisplayName $team.teamServiceDetails.name -ApplicationId $team.botId } catch [System.Management.Automation.RemoteException] { if ($Error[0].Exception -match "provided UserPrincipalName is already used") { try { Write-Output " Upn already used. Generating new one..." $team.teamServiceDetails = Invoke-WebRequest ` -WebSession $webSession ` -Uri "https://$nimbusDomain/api/teammanager/v1/tenants/$tenant/teams/$($team.teamId)/service-details/regenerate-upn" | ConvertFrom-Json Write-Output " [Done]" } catch { Write-Output "[Failed]" Write-Output " Web Request Failed. StatusCode: $($_.Exception.Response.StatusCode.Value__)" Write-Output "[Failed]" continue } $app = New-CsOnlineApplicationInstance -UserPrincipalName $team.teamServiceDetails.upn -DisplayName $team.teamServiceDetails.name -ApplicationId $team.botId } else { Cleanup-Environment -exitCode 1 } } Sync-CsOnlineApplicationInstance -ObjectId $app.ObjectId $team.applicationId = $app.ObjectId $isDone = Update-Pstn -teamToCheck $team -msolAccountSkus $msolAccountSkus if ( -not $isDone ) { $pstnNumbers.Add($team) | Out-Null Write-Output "[Pending]" Write-Output " Could not yet complete PSTN number assignment will try again at the end." } else { Invoke-WebRequest ` -WebSession $webSession ` -Method:Post ` -Uri "https://$nimbusDomain/api/provisioning/v1/tenants/$tenant/service-details/apply" ` -ContentType "application/json" ` -Body ($team | ConvertTo-Json) | Out-Null Write-Output " [Done]" } } catch [System.Management.Automation.RemoteException] { Write-Output "[Failed]" Write-Output " Could not create ApplicationInstance $($_.Exception)" Write-Output " Please check your configuration." continue } catch { Write-Output "[Failed]" Write-Output " Web Request Failed. StatusCode: $($_.Exception.Response.StatusCode.Value__)" Write-Output " An Error occurred sending the update to Nimbus." continue } } else { Write-Output "Skip creating ApplicationInstance for '$($team.teamName)'" } } else { Write-Output "Values to be updated:" Write-Output ( $team.teamServiceDetails | Format-Table | Out-String ) if ( Read-HostProxy "Would you like to update the ApplicationInstance for '$($team.teamName)'?" ) { try { Write-Output "Updating ApplicationInstance for '$($team.teamName)'..." if ( -not [string]::IsNullOrEmpty($team.teamServiceDetails.upn) ) { try { Write-Output " Setting new UPN..." Set-MsolUserPrincipalName -ObjectId $team.applicationId -NewUserPrincipalName $team.teamServiceDetails.upn Write-Output " [Done]" } catch [Microsoft.Online.Administration.Automation.MicrosoftOnlineException] { if ($_.Exception -match "user principal name already exists") { Write-Output "[Failed]" Write-Output " $($_.Exception)" try { Write-Output " Regenerating UPN..." $team.teamServiceDetails = Invoke-WebRequest ` -WebSession $webSession ` -Uri "https://$nimbusDomain/api/teammanager/v1/tenants/$tenant/teams/$($team.teamId)/service-details/regenerate-upn" | ConvertFrom-Json Set-MsolUserPrincipalName -ObjectId $team.applicationId -NewUserPrincipalName $team.teamServiceDetails.upn Write-Output " [Done]" } catch { Write-Output "[Failed]" Write-Output " $($_.Exception)" $team.teamServiceDetails.PsObject.Properties.Remove('upn') } } else { Write-Output "[Failed]" Write-Output " $($_.Exception)" $team.teamServiceDetails.PsObject.Properties.Remove('upn') } } } if ( -not [string]::IsNullOrEmpty($team.teamServiceDetails.name) ) { Set-CsOnlineApplicationInstance -Identity $team.applicationId -DisplayName $team.teamServiceDetails.name | Out-Null } $isDone = Update-Pstn -teamToCheck $team Sync-CsOnlineApplicationInstance -ObjectId $team.applicationId if ( -not $isDone ) { $pstnNumbers.Add($team) | Out-Null Write-Output "[Pending]" Write-Output " Could not yet complete PSTN number assignment will try again at the end." } else { Invoke-WebRequest ` -WebSession $webSession ` -Method:Post ` -Uri "https://$nimbusDomain/api/provisioning/v1/tenants/$tenant/service-details/apply" ` -ContentType "application/json" ` -Body ( $team | ConvertTo-Json -Compress -Depth 5 ) | Out-Null Write-Output " [Done]" } } catch [System.Management.Automation.RemoteException] { Write-Output "[Failed]" Write-Output " Could not update ApplicationInstance $($_.Exception)" Write-Output " Please check your configuration." continue } catch [System.Net.WebException] { Write-Output "[Failed]" Write-Output " Web Request Failed. StatusCode: $($_.Exception.Response.StatusCode.Value__)" Write-Output " An Error occurred sending the update to Nimbus." continue } catch { Write-Output "[Failed]" Write-Output " An unexpected error occurred: $($_.Exception.Response.StatusCode.Value__)" } } else { Write-Output "Skip updating ApplicationInstance for '$($team.teamName)'" } Write-Output "=============================================================" } Write-Output "" Write-Output "" } $tries = 0 while ( $pstnNumbers.Count -gt 0 -and $tries -lt 10 ) { Write-Output "Retry to set pending PSTN number changes in 1 minute." 0..12 | Foreach-Object { Write-Output "." Start-Sleep -Seconds 5 } for ( $i = 0; $i -lt $pstnNumbers.Count; $i++ ) { $team = $pstnNumbers[$i] Write-Output "=============================================================" Write-Output "Service '$($team.teamName)'" $isDone = Add-PhoneNumber -ObjectId $team.applicationId -PstnNumber $team.teamServiceDetails.pstnNumber if ( $isDone ) { $pstnNumbers.RemoveAt($i) Update-NimbusServicePrincipal -team $team Write-Output " [Done]" if ( $pstnNumber.Count -eq 0 ) { break } $i-- } else { if ( $tries -eq 9 ) { Write-Output "[Failed]" } else { Write-Output "[Pending]" } } } $tries++ } if ( $pstnNumbers.Count -gt 0 ) { Write-Output "Unfortunately, not all numbers could be set." foreach ( $team in $pstnNumbers ) { $team.teamServiceDetails.PsObject.Properties.Remove('pstnNumber') Update-NimbusServicePrincipal -team $team } } Cleanup-Environment } # SIG # Begin signature block # MIIchQYJKoZIhvcNAQcCoIIcdjCCHHICAQExCzAJBgUrDgMCGgUAMGkGCisGAQQB # gjcCAQSgWzBZMDQGCisGAQQBgjcCAR4wJgIDAQAABBAfzDtgWUsITrck0sYpfvNR # AgEAAgEAAgEAAgEAAgEAMCEwCQYFKw4DAhoFAAQUILbdT+mlQhPIdfMIixwJX1Ss # 6BugghewMIIFGjCCBAKgAwIBAgIQAZyhpG3mRP4nVXpkMz8jhDANBgkqhkiG9w0B # AQsFADB2MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYD # VQQLExB3d3cuZGlnaWNlcnQuY29tMTUwMwYDVQQDEyxEaWdpQ2VydCBTSEEyIEhp # Z2ggQXNzdXJhbmNlIENvZGUgU2lnbmluZyBDQTAeFw0xOTA1MjEwMDAwMDBaFw0y # MjA1MjUxMjAwMDBaMFkxCzAJBgNVBAYTAkNIMRAwDgYDVQQIDAdaw7xyaWNoMRAw # DgYDVQQHDAdaw7xyaWNoMRIwEAYDVQQKEwlMdXdhcmUgQUcxEjAQBgNVBAMTCUx1 # d2FyZSBBRzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANx3Pfx2CKUz # Ot9W7Scb5rrrnI7m7jOkVG4X2Owj+hJJuEjTA3wIfA/6ay4Wa/Qv+MMdlsv6NRt4 # TgYUMRexmfGgKT7iy4AIebBuyS1lg2gmT/25xGtqO3TPqfhstLNEfcKMaMM2ZEZm # vCZbiAs3zP1G2oS94DWcCnDCjmPPll30nlOig+ZQGqBuhvNiZ/DGhnYRtrHoRx40 # 7iZjcixgPjkey9IGN6WEUYnhJ712npXTWWUIpiSZ2U475DxLWbEQ7bPHnLsivVNg # 59f4Jnf8pyqhNelrbGrTeLOuF4JyE5a8Mt2Bc58NCLWT4I9bz8N/7Uk3+RZFtD3O # Cv4nO2h7mG0CAwEAAaOCAb8wggG7MB8GA1UdIwQYMBaAFGedDyAJDMyKOuWCRnJi # /PHMkOVAMB0GA1UdDgQWBBQthLJG1fU0R5j9FwY+vNZOT2lf4DAOBgNVHQ8BAf8E # BAMCB4AwEwYDVR0lBAwwCgYIKwYBBQUHAwMwbQYDVR0fBGYwZDAwoC6gLIYqaHR0 # cDovL2NybDMuZGlnaWNlcnQuY29tL3NoYTItaGEtY3MtZzEuY3JsMDCgLqAshipo # dHRwOi8vY3JsNC5kaWdpY2VydC5jb20vc2hhMi1oYS1jcy1nMS5jcmwwTAYDVR0g # BEUwQzA3BglghkgBhv1sAwEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGln # aWNlcnQuY29tL0NQUzAIBgZngQwBBAEwgYgGCCsGAQUFBwEBBHwwejAkBggrBgEF # BQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMFIGCCsGAQUFBzAChkZodHRw # Oi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNlcnRTSEEySGlnaEFzc3VyYW5j # ZUNvZGVTaWduaW5nQ0EuY3J0MAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQELBQAD # ggEBAEl5ctCYW1yDBEcpCwfycyG6vhbpQ8U2wfOQeQI5DmXImLS3spcyXO+Xfn13 # Eh/BL0gXFIi1ybM0wRG/EimU1ag/uQpCtsTRWfq2vJ96LqLf8UxRYGVw+N+IM/8e # dXAKLexYb/ta4cvByjbJpoiJAJtYN32OclXRD5ph8yehuflmu+rw9TCVuPCa7hkO # mah1L3n59tGneFGd9ZbWvqknQUAZcuKQrOofTKDb9oZKYjk2JJF7aTcjnHMuDo/X # t+uHNCmhAuPyEy5Fa+RwdFptPLhudGH3WtNr4+5As2UsBDxm3gHxCiTUMIdnXChj # 9jLvqhx3P5Rtsl4VZbBcqy/nqo4wggVPMIIEN6ADAgECAhALfhCQPDhJD/ovZ5qH # oae5MA0GCSqGSIb3DQEBCwUAMGwxCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdp # Q2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5jb20xKzApBgNVBAMTIkRp # Z2lDZXJ0IEhpZ2ggQXNzdXJhbmNlIEVWIFJvb3QgQ0EwHhcNMTMxMDIyMTIwMDAw # WhcNMjgxMDIyMTIwMDAwWjB2MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNl # cnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMTUwMwYDVQQDEyxEaWdp # Q2VydCBTSEEyIEhpZ2ggQXNzdXJhbmNlIENvZGUgU2lnbmluZyBDQTCCASIwDQYJ # KoZIhvcNAQEBBQADggEPADCCAQoCggEBALRKXn0HD0HexPV2Fja9cf/PP09zS5zR # Df5Ky1dYXoUW3QIVVJnwjzwvTQJ4EGjI2DVLP8H3Z86YHK4zuS0dpApUk8SFot81 # sfXxPKezNPtdSMlGyWJEvEiZ6yhJU8M9j8AO3jWY6WJR3z1rQGHuBEHaz6dcVpbR # +Uy3RISHmGnlgrkT5lW/yJJwkgoxb3+LMqvPa1qfYsQ+7r7tWaRTfwvxUoiKewpn # JMuQzezSTTRMsOG1n5zG9m8szebKU3QBn2c13jhJLc7tOUSCGXlOGrK1+7t48Elm # p8/6XJZ1kosactn/UJJTzD7CQzIJGoYTaTz7gTIzMmR1cygmHQgwOwcCAwEAAaOC # AeEwggHdMBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgGGMBMGA1Ud # JQQMMAoGCCsGAQUFBwMDMH8GCCsGAQUFBwEBBHMwcTAkBggrBgEFBQcwAYYYaHR0 # cDovL29jc3AuZGlnaWNlcnQuY29tMEkGCCsGAQUFBzAChj1odHRwOi8vY2FjZXJ0 # cy5kaWdpY2VydC5jb20vRGlnaUNlcnRIaWdoQXNzdXJhbmNlRVZSb290Q0EuY3J0 # MIGPBgNVHR8EgYcwgYQwQKA+oDyGOmh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9E # aWdpQ2VydEhpZ2hBc3N1cmFuY2VFVlJvb3RDQS5jcmwwQKA+oDyGOmh0dHA6Ly9j # cmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEhpZ2hBc3N1cmFuY2VFVlJvb3RDQS5j # cmwwTwYDVR0gBEgwRjA4BgpghkgBhv1sAAIEMCowKAYIKwYBBQUHAgEWHGh0dHBz # Oi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCgYIYIZIAYb9bAMwHQYDVR0OBBYEFGed # DyAJDMyKOuWCRnJi/PHMkOVAMB8GA1UdIwQYMBaAFLE+w2kD+L9HAdSYJhoIAu9j # ZCvDMA0GCSqGSIb3DQEBCwUAA4IBAQBqDv9+E3wGpUvALoz5U2QJ4rpYkTBQ7Myf # 4dOoL0hGNhgp0HgoX5hWQA8eur2xO4dc3FvYIA3tGhZN1REkIUvxJ2mQE+sRoQHa # /bVOeVl1vTgqasP2jkEriqKL1yxRUdmcoMjjTrpsqEfSTtFoH4wCVzuzKWqOaiAq # ufIAYmS6yOkA+cyk1LqaNdivLGVsFnxYId5KMND66yRdBsmdFretSkXTJeIM8ECq # XE2sfs0Ggrl2RmkI2DK2gv7jqVg0QxuOZ2eXP2gxFjY4lT6H98fDr516dxnZ3pO1 # /W4r/JT5PbdMEjUsML7ojZ4FcJpIE/SM1ucerDjnqPOtDLd67GftMIIGajCCBVKg # AwIBAgIQAwGaAjr/WLFr1tXq5hfwZjANBgkqhkiG9w0BAQUFADBiMQswCQYDVQQG # EwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNl # cnQuY29tMSEwHwYDVQQDExhEaWdpQ2VydCBBc3N1cmVkIElEIENBLTEwHhcNMTQx # MDIyMDAwMDAwWhcNMjQxMDIyMDAwMDAwWjBHMQswCQYDVQQGEwJVUzERMA8GA1UE # ChMIRGlnaUNlcnQxJTAjBgNVBAMTHERpZ2lDZXJ0IFRpbWVzdGFtcCBSZXNwb25k # ZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjZF38fLPggjXg4PbG # KuZJdTvMbuBTqZ8fZFnmfGt/a4ydVfiS457VWmNbAklQ2YPOb2bu3cuF6V+l+dSH # dIhEOxnJ5fWRn8YUOawk6qhLLJGJzF4o9GS2ULf1ErNzlgpno75hn67z/RJ4dQ6m # WxT9RSOOhkRVfRiGBYxVh3lIRvfKDo2n3k5f4qi2LVkCYYhhchhoubh87ubnNC8x # d4EwH7s2AY3vJ+P3mvBMMWSN4+v6GYeofs/sjAw2W3rBerh4x8kGLkYQyI3oBGDb # vHN0+k7Y/qpA8bLOcEaD6dpAoVk62RUJV5lWMJPzyWHM0AjMa+xiQpGsAsDvpPCJ # EY93AgMBAAGjggM1MIIDMTAOBgNVHQ8BAf8EBAMCB4AwDAYDVR0TAQH/BAIwADAW # BgNVHSUBAf8EDDAKBggrBgEFBQcDCDCCAb8GA1UdIASCAbYwggGyMIIBoQYJYIZI # AYb9bAcBMIIBkjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29t # L0NQUzCCAWQGCCsGAQUFBwICMIIBVh6CAVIAQQBuAHkAIAB1AHMAZQAgAG8AZgAg # AHQAaABpAHMAIABDAGUAcgB0AGkAZgBpAGMAYQB0AGUAIABjAG8AbgBzAHQAaQB0 # AHUAdABlAHMAIABhAGMAYwBlAHAAdABhAG4AYwBlACAAbwBmACAAdABoAGUAIABE # AGkAZwBpAEMAZQByAHQAIABDAFAALwBDAFAAUwAgAGEAbgBkACAAdABoAGUAIABS # AGUAbAB5AGkAbgBnACAAUABhAHIAdAB5ACAAQQBnAHIAZQBlAG0AZQBuAHQAIAB3 # AGgAaQBjAGgAIABsAGkAbQBpAHQAIABsAGkAYQBiAGkAbABpAHQAeQAgAGEAbgBk # ACAAYQByAGUAIABpAG4AYwBvAHIAcABvAHIAYQB0AGUAZAAgAGgAZQByAGUAaQBu # ACAAYgB5ACAAcgBlAGYAZQByAGUAbgBjAGUALjALBglghkgBhv1sAxUwHwYDVR0j # BBgwFoAUFQASKxOYspkH7R7for5XDStnAs0wHQYDVR0OBBYEFGFaTSS2STKdSip5 # GoNL9B6Jwcp9MH0GA1UdHwR2MHQwOKA2oDSGMmh0dHA6Ly9jcmwzLmRpZ2ljZXJ0 # LmNvbS9EaWdpQ2VydEFzc3VyZWRJRENBLTEuY3JsMDigNqA0hjJodHRwOi8vY3Js # NC5kaWdpY2VydC5jb20vRGlnaUNlcnRBc3N1cmVkSURDQS0xLmNybDB3BggrBgEF # BQcBAQRrMGkwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBB # BggrBgEFBQcwAoY1aHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0 # QXNzdXJlZElEQ0EtMS5jcnQwDQYJKoZIhvcNAQEFBQADggEBAJ0lfhszTbImgVyb # hs4jIA+Ah+WI//+x1GosMe06FxlxF82pG7xaFjkAneNshORaQPveBgGMN/qbsZ0k # fv4gpFetW7easGAm6mlXIV00Lx9xsIOUGQVrNZAQoHuXx/Y/5+IRQaa9YtnwJz04 # HShvOlIJ8OxwYtNiS7Dgc6aSwNOOMdgv420XEwbu5AO2FKvzj0OncZ0h3RTKFV2S # Qdr5D4HRmXQNJsQOfxu19aDxxncGKBXp2JPlVRbwuwqrHNtcSCdmyKOLChzlldqu # xC5ZoGHd2vNtomHpigtt7BIYvfdVVEADkitrwlHCCkivsNRu4PQUCjob4489yq9q # jXvc2EQwggbNMIIFtaADAgECAhAG/fkDlgOt6gAK6z8nu7obMA0GCSqGSIb3DQEB # BQUAMGUxCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNV # BAsTEHd3dy5kaWdpY2VydC5jb20xJDAiBgNVBAMTG0RpZ2lDZXJ0IEFzc3VyZWQg # SUQgUm9vdCBDQTAeFw0wNjExMTAwMDAwMDBaFw0yMTExMTAwMDAwMDBaMGIxCzAJ # BgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5k # aWdpY2VydC5jb20xITAfBgNVBAMTGERpZ2lDZXJ0IEFzc3VyZWQgSUQgQ0EtMTCC # ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOiCLZn5ysJClaWAc0Bw0p5W # VFypxNJBBo/JM/xNRZFcgZ/tLJz4FlnfnrUkFcKYubR3SdyJxArar8tea+2tsHEx # 6886QAxGTZPsi3o2CAOrDDT+GEmC/sfHMUiAfB6iD5IOUMnGh+s2P9gww/+m9/ui # zW9zI/6sVgWQ8DIhFonGcIj5BZd9o8dD3QLoOz3tsUGj7T++25VIxO4es/K8DCuZ # 0MZdEkKB4YNugnM/JksUkK5ZZgrEjb7SzgaurYRvSISbT0C58Uzyr5j79s5AXVz2 # qPEvr+yJIvJrGGWxwXOt1/HYzx4KdFxCuGh+t9V3CidWfA9ipD8yFGCV/QcEogkC # AwEAAaOCA3owggN2MA4GA1UdDwEB/wQEAwIBhjA7BgNVHSUENDAyBggrBgEFBQcD # AQYIKwYBBQUHAwIGCCsGAQUFBwMDBggrBgEFBQcDBAYIKwYBBQUHAwgwggHSBgNV # HSAEggHJMIIBxTCCAbQGCmCGSAGG/WwAAQQwggGkMDoGCCsGAQUFBwIBFi5odHRw # Oi8vd3d3LmRpZ2ljZXJ0LmNvbS9zc2wtY3BzLXJlcG9zaXRvcnkuaHRtMIIBZAYI # KwYBBQUHAgIwggFWHoIBUgBBAG4AeQAgAHUAcwBlACAAbwBmACAAdABoAGkAcwAg # AEMAZQByAHQAaQBmAGkAYwBhAHQAZQAgAGMAbwBuAHMAdABpAHQAdQB0AGUAcwAg # AGEAYwBjAGUAcAB0AGEAbgBjAGUAIABvAGYAIAB0AGgAZQAgAEQAaQBnAGkAQwBl # AHIAdAAgAEMAUAAvAEMAUABTACAAYQBuAGQAIAB0AGgAZQAgAFIAZQBsAHkAaQBu # AGcAIABQAGEAcgB0AHkAIABBAGcAcgBlAGUAbQBlAG4AdAAgAHcAaABpAGMAaAAg # AGwAaQBtAGkAdAAgAGwAaQBhAGIAaQBsAGkAdAB5ACAAYQBuAGQAIABhAHIAZQAg # AGkAbgBjAG8AcgBwAG8AcgBhAHQAZQBkACAAaABlAHIAZQBpAG4AIABiAHkAIABy # AGUAZgBlAHIAZQBuAGMAZQAuMAsGCWCGSAGG/WwDFTASBgNVHRMBAf8ECDAGAQH/ # AgEAMHkGCCsGAQUFBwEBBG0wazAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGln # aWNlcnQuY29tMEMGCCsGAQUFBzAChjdodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5j # b20vRGlnaUNlcnRBc3N1cmVkSURSb290Q0EuY3J0MIGBBgNVHR8EejB4MDqgOKA2 # hjRodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vRGlnaUNlcnRBc3N1cmVkSURSb290 # Q0EuY3JsMDqgOKA2hjRodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vRGlnaUNlcnRB # c3N1cmVkSURSb290Q0EuY3JsMB0GA1UdDgQWBBQVABIrE5iymQftHt+ivlcNK2cC # zTAfBgNVHSMEGDAWgBRF66Kv9JLLgjEtUYunpyGd823IDzANBgkqhkiG9w0BAQUF # AAOCAQEARlA+ybcoJKc4HbZbKa9Sz1LpMUerVlx71Q0LQbPv7HUfdDjyslxhopyV # w1Dkgrkj0bo6hnKtOHisdV0XFzRyR4WUVtHruzaEd8wkpfMEGVWp5+Pnq2LN+4st # kMLA0rWUvV5PsQXSDj0aqRRbpoYxYqioM+SbOafE9c4deHaUJXPkKqvPnHZL7V/C # SxbkS3BMAIke/MV5vEwSV/5f4R68Al2o/vsHOE8Nxl2RuQ9nRc3Wg+3nkg2NsWmM # T/tZ4CMP0qquAHzunEIOz5HXJ7cW7g/DvXwKoO4sCFWFIrjrGBpN/CohrUkxg0eV # d3HcsRtLSxwQnHcUwZ1PL1qVCCkQJjGCBD8wggQ7AgEBMIGKMHYxCzAJBgNVBAYT # AlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2Vy # dC5jb20xNTAzBgNVBAMTLERpZ2lDZXJ0IFNIQTIgSGlnaCBBc3N1cmFuY2UgQ29k # ZSBTaWduaW5nIENBAhABnKGkbeZE/idVemQzPyOEMAkGBSsOAwIaBQCgeDAYBgor # BgEEAYI3AgEMMQowCKACgAChAoAAMBkGCSqGSIb3DQEJAzEMBgorBgEEAYI3AgEE # MBwGCisGAQQBgjcCAQsxDjAMBgorBgEEAYI3AgEVMCMGCSqGSIb3DQEJBDEWBBTG # n4W+nO9jYJSDrgmqsOL+E4lNajANBgkqhkiG9w0BAQEFAASCAQAcvmN9X4OX6U2U # 0iGnonDXkSJdizNM8LAtKZ+F7G0789J/9THnesByccpWXJ7mb97FLFPHZbS6rT6c # Aez1vi+3Gbm2SzpsaHnh8qDC7OCSPeuoxatuKTZQUhFdQ6HXuExxS6453R5mVDR0 # WUY4y8hQ8/3P17uwEN1q8r1kUJ5uHtthgNkZSaPu/X4PPkShftuylAopMVbZIp1p # 0Y646qnPos4xsi9Ry3+hlVJOVLCgiRkPvtoYkbCzKGDCvPeDm6cqyWnbo1KuI0DS # HofM1gdiYcBayXXuShc25Dra8mxNL+4Wpsh2oBSdfYABMSFE++CcCRBxaz079Dad # eSWpQdlhoYICDzCCAgsGCSqGSIb3DQEJBjGCAfwwggH4AgEBMHYwYjELMAkGA1UE # BhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3LmRpZ2lj # ZXJ0LmNvbTEhMB8GA1UEAxMYRGlnaUNlcnQgQXNzdXJlZCBJRCBDQS0xAhADAZoC # Ov9YsWvW1ermF/BmMAkGBSsOAwIaBQCgXTAYBgkqhkiG9w0BCQMxCwYJKoZIhvcN # AQcBMBwGCSqGSIb3DQEJBTEPFw0yMDExMDIwNDA2MzlaMCMGCSqGSIb3DQEJBDEW # BBTpKY6IPQw+si8f63kPVtrT41fm5TANBgkqhkiG9w0BAQEFAASCAQA56S9nFZf8 # 5qNdstNoEROZdwsJIcFmW4pStiOxuPdmgvjRaqa+wsByC77kGtMfAE2QAul9MXUH # S66t6p00MhIFd2XEzc0GlQNelu9dmkbPtu9DC2w40YnQ37EqvEcGOadXAfgUGBAk # m9wIqjcJIO6WoqT2TNLqBLCG5qfnVCN6SlehqnVRNjnj9jO47VTROzChLyq471Yy # gOyHSJIyPyrqNIWrIRlPS+5+nNPrq0lMet6IBOFf5az8OCYPxlxEOBbHJc6vrpi7 # Jvd0jCkAbxut83Cw4RbH/Z5Nv6cBEEH0EMo2LmXSAufQKyfZB+nArguoLNQZomnW # 3H8JWDJtCVtc # SIG # End signature block |