From 5f2f99a202b61cc879c13890b5a3ee937ffb38b9 Mon Sep 17 00:00:00 2001 From: Jason Kulatunga Date: Sat, 24 Sep 2022 14:19:25 -0700 Subject: [PATCH] handle authorize claim for confidential sources. update BlueButton image to use Medicare logo. --- backend/pkg/constants.go | 48 ++++---- backend/pkg/models/metadata_source.go | 3 +- backend/pkg/models/source.go | 2 + backend/pkg/web/handler/metadata.go | 12 +- frontend/src/app/models/fasten/source.ts | 2 + .../app/models/lighthouse/authorize-claim.ts | 9 +- .../models/lighthouse/lighthouse-source.ts | 2 + .../medical-sources.component.html | 2 +- .../medical-sources.component.ts | 113 +++++++++++------- .../src/app/services/lighthouse.service.ts | 17 +++ frontend/src/assets/sources/bluebutton.png | Bin 33039 -> 4518 bytes 11 files changed, 134 insertions(+), 76 deletions(-) diff --git a/backend/pkg/constants.go b/backend/pkg/constants.go index 4a1f26e4..3d6d172b 100644 --- a/backend/pkg/constants.go +++ b/backend/pkg/constants.go @@ -6,27 +6,29 @@ type SourceType string const ( SourceTypeManual SourceType = "manual" - SourceTypeAetna SourceType = "aetna" - SourceTypeAthena SourceType = "athena" - SourceTypeAnthem SourceType = "anthem" - SourceTypeCedarSinai SourceType = "cedarssinai" - SourceTypeCerner SourceType = "cerner" - SourceTypeCigna SourceType = "cigna" - SourceTypeCommonSpirit SourceType = "commonspirit" - SourceTypeDeltaDental SourceType = "deltadental" - SourceTypeDignityHealth SourceType = "dignityhealth" - SourceTypeEpic SourceType = "epic" - SourceTypeHCAHealthcare SourceType = "hcahealthcare" - SourceTypeHumana SourceType = "humana" - SourceTypeKaiser SourceType = "kaiser" - SourceTypeLogica SourceType = "logica" - SourceTypeMetlife SourceType = "metlife" - SourceTypeProvidence SourceType = "providence" - SourceTypeStanford SourceType = "stanford" - SourceTypeSutter SourceType = "sutter" - SourceTypeTrinity SourceType = "trinity" - SourceTypeUCSF SourceType = "ucsf" - SourceTypeUnitedHealthcare SourceType = "unitedhealthcare" - SourceTypeVeteransHealthAdministration SourceType = "bluebutton" - SourceTypeVerity SourceType = "verity" + SourceTypeAetna SourceType = "aetna" + SourceTypeAthena SourceType = "athena" + SourceTypeAnthem SourceType = "anthem" + SourceTypeCareEvolution SourceType = "careevolution" + SourceTypeCedarSinai SourceType = "cedarssinai" + SourceTypeCerner SourceType = "cerner" + SourceTypeCigna SourceType = "cigna" + SourceTypeCommonSpirit SourceType = "commonspirit" + SourceTypeDeltaDental SourceType = "deltadental" + SourceTypeDignityHealth SourceType = "dignityhealth" + SourceTypeEpic SourceType = "epic" + SourceTypeHealthIT SourceType = "healthit" + SourceTypeHCAHealthcare SourceType = "hcahealthcare" + SourceTypeHumana SourceType = "humana" + SourceTypeKaiser SourceType = "kaiser" + SourceTypeLogica SourceType = "logica" + SourceTypeMetlife SourceType = "metlife" + SourceTypeProvidence SourceType = "providence" + SourceTypeStanford SourceType = "stanford" + SourceTypeSutter SourceType = "sutter" + SourceTypeTrinity SourceType = "trinity" + SourceTypeUCSF SourceType = "ucsf" + SourceTypeUnitedHealthcare SourceType = "unitedhealthcare" + SourceTypeBlueButtonMedicare SourceType = "bluebutton" + SourceTypeVerity SourceType = "verity" ) diff --git a/backend/pkg/models/metadata_source.go b/backend/pkg/models/metadata_source.go index 7385921c..a49d6abc 100644 --- a/backend/pkg/models/metadata_source.go +++ b/backend/pkg/models/metadata_source.go @@ -9,5 +9,6 @@ type MetadataSource struct { Display string `json:"display"` Category []string `json:"category"` - Supported bool `json:"enabled"` + Supported bool `json:"enabled"` + Confidential bool `json:"confidential"` } diff --git a/backend/pkg/models/source.go b/backend/pkg/models/source.go index 12a0f178..48973d85 100644 --- a/backend/pkg/models/source.go +++ b/backend/pkg/models/source.go @@ -30,6 +30,8 @@ type Source struct { ExpiresAt int64 `json:"expires_at"` CodeChallenge string `json:"code_challenge"` CodeVerifier string `json:"code_verifier"` + + Confidential bool `json:"confidential"` } /* diff --git a/backend/pkg/web/handler/metadata.go b/backend/pkg/web/handler/metadata.go index 88d2c8bc..40ff7b65 100644 --- a/backend/pkg/web/handler/metadata.go +++ b/backend/pkg/web/handler/metadata.go @@ -10,8 +10,9 @@ import ( func GetMetadataSource(c *gin.Context) { metadataSource := map[string]models.MetadataSource{ - string(pkg.SourceTypeLogica): {Display: "Logica (Sandbox)", SourceType: pkg.SourceTypeLogica, Category: []string{"Sandbox"}, Supported: true}, - string(pkg.SourceTypeAthena): {Display: "Athena (Sandbox)", SourceType: pkg.SourceTypeAthena, Category: []string{"Sandbox"}, Supported: true}, + string(pkg.SourceTypeLogica): {Display: "Logica (Sandbox)", SourceType: pkg.SourceTypeLogica, Category: []string{"Sandbox"}, Supported: true}, + string(pkg.SourceTypeAthena): {Display: "Athena (Sandbox)", SourceType: pkg.SourceTypeAthena, Category: []string{"Sandbox"}, Supported: true}, + string(pkg.SourceTypeHealthIT): {Display: "HealthIT (Sandbox)", SourceType: pkg.SourceTypeHealthIT, Category: []string{"Sandbox"}, Supported: true}, // enabled string(pkg.SourceTypeAetna): {Display: "Aetna", SourceType: pkg.SourceTypeAetna, Category: []string{"Insurance"}, Supported: true}, @@ -20,9 +21,10 @@ func GetMetadataSource(c *gin.Context) { //TODO: infinite pagination for Encounters?? string(pkg.SourceTypeCerner): {Display: "Cerner (Sandbox)", SourceType: pkg.SourceTypeCerner, Category: []string{"Sandbox"}, Supported: true}, - //does not support PKCE - string(pkg.SourceTypeVeteransHealthAdministration): {Display: "Veterans Health (BlueButton)", SourceType: pkg.SourceTypeVeteransHealthAdministration, Category: []string{"Hospital"}, Supported: false}, - string(pkg.SourceTypeEpic): {Display: "Epic (Sandbox)", SourceType: pkg.SourceTypeEpic, Category: []string{"Sandbox"}, Supported: false}, + //does not support PKCE/Public Clients + string(pkg.SourceTypeBlueButtonMedicare): {Display: "Medicare/VA Health (BlueButton)", SourceType: pkg.SourceTypeBlueButtonMedicare, Category: []string{"Hospital"}, Supported: false}, + string(pkg.SourceTypeEpic): {Display: "Epic (Sandbox)", SourceType: pkg.SourceTypeEpic, Category: []string{"Sandbox"}, Supported: false}, + string(pkg.SourceTypeCareEvolution): {Display: "CareEvolution (Sandbox)", SourceType: pkg.SourceTypeCareEvolution, Category: []string{"Sandbox"}, Supported: false}, // pending string(pkg.SourceTypeAnthem): {Display: "Anthem", SourceType: pkg.SourceTypeAnthem, Category: []string{"Insurance"}}, diff --git a/frontend/src/app/models/fasten/source.ts b/frontend/src/app/models/fasten/source.ts index 187e537b..fe67dab4 100644 --- a/frontend/src/app/models/fasten/source.ts +++ b/frontend/src/app/models/fasten/source.ts @@ -20,4 +20,6 @@ export class Source { expires_at: number code_challenge: string code_verifier: string + + confidential: boolean } diff --git a/frontend/src/app/models/lighthouse/authorize-claim.ts b/frontend/src/app/models/lighthouse/authorize-claim.ts index 73d58596..e064ca70 100644 --- a/frontend/src/app/models/lighthouse/authorize-claim.ts +++ b/frontend/src/app/models/lighthouse/authorize-claim.ts @@ -1,6 +1,11 @@ export class AuthorizeClaim { source_type: string state: string - code: string - ttl: number + code?: string + ttl?: number + + access_token?: string + refresh_token?: string + id_token?: string + expires_at?: number } diff --git a/frontend/src/app/models/lighthouse/lighthouse-source.ts b/frontend/src/app/models/lighthouse/lighthouse-source.ts index a1b846f5..e2313f46 100644 --- a/frontend/src/app/models/lighthouse/lighthouse-source.ts +++ b/frontend/src/app/models/lighthouse/lighthouse-source.ts @@ -11,4 +11,6 @@ export class LighthouseSource { scopes: string[] redirect_uri: string aud: string + + confidential: boolean } diff --git a/frontend/src/app/pages/medical-sources/medical-sources.component.html b/frontend/src/app/pages/medical-sources/medical-sources.component.html index bba181c3..df56df2c 100644 --- a/frontend/src/app/pages/medical-sources/medical-sources.component.html +++ b/frontend/src/app/pages/medical-sources/medical-sources.component.html @@ -83,7 +83,7 @@
- +
diff --git a/frontend/src/app/pages/medical-sources/medical-sources.component.ts b/frontend/src/app/pages/medical-sources/medical-sources.component.ts index f80ed1a1..282cd6f5 100644 --- a/frontend/src/app/pages/medical-sources/medical-sources.component.ts +++ b/frontend/src/app/pages/medical-sources/medical-sources.component.ts @@ -77,13 +77,25 @@ export class MedicalSourcesComponent implements OnInit { .subscribe(async (connectData: LighthouseSource) => { console.log(connectData); - // https://github.com/panva/oauth4webapi/blob/8eba19eac408bdec5c1fe8abac2710c50bfadcc3/examples/public.ts - const codeVerifier = Oauth.generateRandomCodeVerifier(); - const codeChallenge = await Oauth.calculatePKCECodeChallenge(codeVerifier); - const codeChallengeMethod = 'S256'; const state = this.uuidV4() - const authorizationUrl = this.lighthouseApi.generatePKCESourceAuthorizeUrl(codeVerifier, codeChallenge, codeChallengeMethod, state, connectData) + let authorizationUrl + + //only set if this is not a "confidential" source. + let codeVerifier + let codeChallenge + let codeChallengeMethod + + if(connectData.confidential){ + authorizationUrl = this.lighthouseApi.generateConfidentialSourceAuthorizeUrl(state, connectData) + } else { + // https://github.com/panva/oauth4webapi/blob/8eba19eac408bdec5c1fe8abac2710c50bfadcc3/examples/public.ts + codeVerifier = Oauth.generateRandomCodeVerifier(); + codeChallenge = await Oauth.calculatePKCECodeChallenge(codeVerifier); + codeChallengeMethod = 'S256'; + + authorizationUrl = this.lighthouseApi.generatePKCESourceAuthorizeUrl(codeVerifier, codeChallenge, codeChallengeMethod, state, connectData) + } console.log('authorize url:', authorizationUrl.toString()); // open new browser window @@ -94,50 +106,20 @@ export class MedicalSourcesComponent implements OnInit { console.log("claim response:", claimData) this.status[sourceType] = "token" - //swap code for token - let sub: string - let access_token: string + let payload: any + if(connectData.confidential){ - // @ts-expect-error - const client: oauth.Client = { - client_id: connectData.client_id, - token_endpoint_auth_method: 'none', + // we should have an access_token (and optionally a refresh_token) in the claim + payload = claimData + + } else { + payload = await this.swapOauthPKCEToken(state, codeVerifier, authorizationUrl, connectData, claimData) } - //check if the oauth_token_endpoint_auth_methods_supported field is set - if(connectData.oauth_token_endpoint_auth_methods_supported){ - let auth_methods = connectData.oauth_token_endpoint_auth_methods_supported.split(",") - client.token_endpoint_auth_method = auth_methods[0] - } - - const as = { - issuer: `${authorizationUrl.protocol}//${authorizationUrl.host}`, - authorization_endpoint: connectData.oauth_authorization_endpoint, - token_endpoint: connectData.oauth_token_endpoint, - introspection_endpoint: connectData.oauth_introspection_endpoint, - } - - console.log("STARTING--- Oauth.validateAuthResponse") - const params = Oauth.validateAuthResponse(as, client, new URLSearchParams(claimData as any), state) - if (Oauth.isOAuth2Error(params)) { - console.log('error', params) - throw new Error() // Handle OAuth 2.0 redirect error - } - console.log("ENDING--- Oauth.validateAuthResponse") - console.log("STARTING--- Oauth.authorizationCodeGrantRequest") - const response = await Oauth.authorizationCodeGrantRequest( - as, - client, - params, - connectData.redirect_uri, - codeVerifier, - ) - const payload = await response.json() - console.log("ENDING--- Oauth.authorizationCodeGrantRequest", payload) //If payload.patient is not set, make sure we extract the patient ID from the id_token or make an introspection req - if(!payload.patient){ + if(!payload.patient && payload.id_token){ // console.log("NO PATIENT ID present, decoding jwt to extract patient") //const introspectionResp = await Oauth.introspectionRequest(as, client, payload.access_token) @@ -145,6 +127,8 @@ export class MedicalSourcesComponent implements OnInit { payload.patient = jwtDecode(payload.id_token, new BrowserAdapter())["profile"].replace(/^(Patient\/)/,'') } + + //Create FHIR Client const sourceCredential: Source = { @@ -167,7 +151,7 @@ export class MedicalSourcesComponent implements OnInit { // @ts-ignore - in some cases the getAccessTokenExpiration is a string, which cases failures to store Source in db. expires_at: parseInt(getAccessTokenExpiration(payload, new BrowserAdapter())), - + confidential: connectData.confidential } await this.fastenApi.createSource(sourceCredential).subscribe( @@ -267,4 +251,45 @@ export class MedicalSourcesComponent implements OnInit { (c ^ crypto.getRandomValues(new Uint8Array(1))[0] & 15 >> c / 4).toString(16) ); } + + private async swapOauthPKCEToken(state: string, codeVerifier: any, authorizationUrl: URL, connectData: LighthouseSource, claimData: AuthorizeClaim){ + // @ts-expect-error + const client: oauth.Client = { + client_id: connectData.client_id, + token_endpoint_auth_method: 'none', + } + + //check if the oauth_token_endpoint_auth_methods_supported field is set + if(connectData.oauth_token_endpoint_auth_methods_supported){ + let auth_methods = connectData.oauth_token_endpoint_auth_methods_supported.split(",") + client.token_endpoint_auth_method = auth_methods[0] + } + + const as = { + issuer: `${authorizationUrl.protocol}//${authorizationUrl.host}`, + authorization_endpoint: connectData.oauth_authorization_endpoint, + token_endpoint: connectData.oauth_token_endpoint, + introspection_endpoint: connectData.oauth_introspection_endpoint, + } + + console.log("STARTING--- Oauth.validateAuthResponse") + const params = Oauth.validateAuthResponse(as, client, new URLSearchParams(claimData as any), state) + if (Oauth.isOAuth2Error(params)) { + console.log('error', params) + throw new Error() // Handle OAuth 2.0 redirect error + } + console.log("ENDING--- Oauth.validateAuthResponse") + console.log("STARTING--- Oauth.authorizationCodeGrantRequest") + const response = await Oauth.authorizationCodeGrantRequest( + as, + client, + params, + connectData.redirect_uri, + codeVerifier, + ) + let payload = await response.json() + console.log("ENDING--- Oauth.authorizationCodeGrantRequest", payload) + return payload + } + } diff --git a/frontend/src/app/services/lighthouse.service.ts b/frontend/src/app/services/lighthouse.service.ts index 2f2ffc58..f5548b31 100644 --- a/frontend/src/app/services/lighthouse.service.ts +++ b/frontend/src/app/services/lighthouse.service.ts @@ -42,6 +42,23 @@ export class LighthouseService { return authorizationUrl } + generateConfidentialSourceAuthorizeUrl(state: string, lighthouseSource: LighthouseSource): URL { + // generate the authorization url + const authorizationUrl = new URL(lighthouseSource.oauth_authorization_endpoint); + authorizationUrl.searchParams.set('client_id', lighthouseSource.client_id); + authorizationUrl.searchParams.set('redirect_uri', lighthouseSource.redirect_uri); + authorizationUrl.searchParams.set('response_type', 'code'); + authorizationUrl.searchParams.set('state', state); + if(lighthouseSource.scopes && lighthouseSource.scopes.length){ + authorizationUrl.searchParams.set('scope', lighthouseSource.scopes.join(' ')); + } + if (lighthouseSource.aud) { + authorizationUrl.searchParams.set('aud', lighthouseSource.aud); + } + return authorizationUrl + } + + getSourceAuthorizeClaim(sourceType: string, state: string): Observable { return this._httpClient.get(`${environment.lighthouse_api_endpoint_base}/claim/${sourceType}`, {params: {"state": state}}) .pipe( diff --git a/frontend/src/assets/sources/bluebutton.png b/frontend/src/assets/sources/bluebutton.png index 35a788d44ac8ceebf91010a495c425931e4593d9..37da45ca6246955b5b99a07a53d5d164b58a251e 100644 GIT binary patch literal 4518 zcma)=={FPr7siJ{3L$&eWXoQ*$P%GQlw~L~hO%TGWNqwQ_OkDLS;~yYz6>QrgJEPH zF@`c@8=BED$lH6)`v<(whkNhGd(J)QKKFND-nYEXaqi+d006*YcE{Kn0ASGnS68qC z|3&*rlaqgG?!JYs$?55-unKel05Fg083q8hdwai#iXw(qP7V$>_h=~%ShJXcdr8CS z%a?^!0xl{C3MdASWASsibql9g){s{apW=hVBkn8E$!S6d3afED?pbKHgl4FoW#ZfB zFEOcb(#BrWD2M+4jUYv4~lxz)Yy|**oo*EzYR)f zyX<>JCeLfCxdoJ}8p8Icrf7IP&dY0@i)#u1Af%kufaEvsNdW-3UYZ#j+J=>GJDn|A)ePj*%G6uD1+YrtwVEv1 zWzA|S{5;7@c#)9zi@ic!Q%hX z;K~;4cwM|-BMcaIYFI^Hj-r3TKRu?7_19BRHnsY%g$XSmZ_pa|{+3mdIaH~AY)Pol zj}tUyLHZK&t>qpUVx&L_6($X#Sh0g6E@BXDC8sA}mto<@UzdZ9*E`V32FJUDWYkb} zRF{|6?rQXvg;2W7u1qQW--X>3&eMUte_zxbR7}6M zoL+~`EPQb(A3#aEFfd}cE2f{OO8`8_H&wLT1h{4_)$d>T^EL1z>AZWo*0~~Ea?_AF z=rAb&QiE_(JnSlbN-=Q(tk}X!q9=a?7qOW;H9i|2oJCP=sptJjL2y9nRmGTQa0k6@ zi9^XV?oWNy;|x!uY^~n9!ME6cLU#>j4{$QfI1wtQf1C)R@wYOK^Y@1D7^3C+AW-AG zDcx3e{5o_~IU)u1jJ|Q+Wrjb-5kA{Uu-x+UqLIEE-LCLA+m6IrqI4IJigk6DNiL}E zbkG>0Jj#;3c!L64hyS2;F#yg*BSwNZ1VDhlfz)|eoTps;#B3kMoDMiT^10XLXT`T2 zwu!M=9@)NdCwno=X>XRnY+1XieB0-elFH<0iN<#Ym>=EJ5A-YC*&VDEnFf+}8)c0P zYU@}+tV?RTQPL(t&uufF(nxU>4A4;Aq8l*rn5ojwfP@zPkfFNm8unM3c!VA>0)qpO zj8`pFRZE0mLC)A{A-bRx3}nD$!9GXDfkMn2SLA$Lq{OiTu5;}fr!UkSJ&mKUSCc!l zWZe*OaZQJl5_R1T!b?E~x(g{k#<9L1HhdP)vDs}UHX$(c0F?K*pup~zh2`0L4?a4Q4VCM_oNd^&rH(pfFVcpbBeY6CfdtKfbGG#SseYN|m zYbh`NlOm+*hq^zlNB$STa~XZLOaN0yA+T6XF%{2Y)L@?-J-Q5J4~`dW8O$CKiAdx) zO&3G{;7SR;nj3oU3x_l%Y+EZ%;6cS1=u{<6y^4twQIb&h12*4+iyR3qxnS^U)6J3l z>bPzCJf`VPPk$|E-pY_$(Ph?%yuco}UL&|(-t7ee=Wk)f5^L_~Cpnno-S=<+%anG; zfZ|@oR+>tdi=nV^RwT9_Du=9UtQ zQ0@TY=7$|yOzRsK&-;)D9rLa~m!nQUjsHAFg>LyVR>g#|@RLfcVnt2&6n{l&yi`r~ z!qj_Nz0Z>HJ$rNg8(D8)iZ5S~QRC+;#%3bYN@#7SMBb|j;hz9Xx=l@-@6MVU_)yr6D9atd4{@zWL-EPmn_$bzmkCS_Y#1%5ykyXFgu*htKZ-Mkr^7(^t(s1VNIx&VC(Gfs-$y&C4=NnFR z+B;GF@Ju(+Pcl3>KN=DKwaJnR2K|03cxghwy+H&bos@`g3$p}6`P^$oG;q1(;m6Pq z`_#5QCMMDBFzKt;if1=$j?(^=9-iLhqNnTklqU2Z7)l7nm6oO%wCFPkiDPb#Gc=cR zzvUc_QWU;JueMEL=n_1xPo3B;McL$6ozY zDUs}#9ABGNT(=?h>-cYQei%?y{XTKn=n5SiJnZ6+JB+K zqTv0)Xj$69wp%D(xj*M?Y%PXErdo{>Mn-;Yz%iVWHiAD;9$KNk{LXD`YeyPa7zcU8 zV6iPP1*hePCY&wnsgt?awr@DRv!81=;lFveLc!-ktz^u(Ggt3PO{yAJ7Cy4B$nAD9GyHkVEit4F8)wQZkxg!3UIPY*$a9=6h&BC!t{idQ zyaaAT>Sw&eh6d_de$Gwf7lZxb*k%4PsEj*YsHr@t)d^I8n0^gZBw_)++LcC5b-`YT>IX$U${Az0b zy?@cC*obbVh}PPbv+wFQ<>a>xvpGpfxYhv7@bot`OfaK&^EwWjyw2D3aaa|}Y}61a z!DT73QM#O@@6)Fk!Kfuh*16&kR8z%yLlo6f@1e(^udrA4SkQdl$9r`?zU*>v@?wQqIoGw}RjLBD4$bXwCfif8 zKolm6;zqEcyKQ{!?}FdeS-I;n!2+d!{T-vu*Uf1M&(;$f>eIaP1N!4sCIs}jS54@W z?r9zXC{->b>LIbVO65@_IOe<*#$?vS_TG>@P-U_psN`l#ds2d4?j!FVkTJ>_3>1H9 zXu6cu^%hR#N<-Y=N~jx><_Yb8M9+VEw;ceI%oN1JPQ+VPoV=D}_goDwBO&S9q;}^T ze{MHf=98_w&Mb?;3k=VGre^!_yXo!1@TDxXdOFZ)$&O6Z{lEUzoHBLg`Y$>wI_n@i zudna#J~@6UcdUTQvcj0h`^gUVH7R2_ea#I<`qo-lvM;U1mkEf=RHMaqu0gr+!Hs|V zE_9~62M)xSbr9F|A>rW~#t$N)ANCCKfe1>RREkrE;DX)MMDn1ECNbR7L%GnR%bOS! zX36f5#b)XF0P5XPL^cYw3+C+<`2v$PYR{f-WA0xL5la|zq>E&2cI;cbj8|4!z4=*7 z&O6#!MF_EQZdNH*7qVrVGrwv65OrHz|5z1W%J@E@DTiWRP1*h4QfHMkMnvd`b8^7u zA`U;^b7^@j3j1`Rh}ToBeQdq5u|qmgnUKwDyaUehOY^?isn65#cd{td3Op8c`3d@k zR1%{oY~RkQFyPMsp?Uub&=5WNERs|fLpa`jXv0pCcshVgw(U7r=h#zOBmve|gkJx< zxgcxJQj#$3MkKN!&&vNKG;K9$LWcYm9du5)Ub~M{KA=L*SI((|%^V>6Ho>~zya?Ud z9%F%R3I0`CQcoTxic!HKQ9A$bFl4(kLi1aEaKn9tv6g^W?p&|<96pFXR|cntl`3z` zj{M%>Z)?U1kM;2{eI_~jC0d#o^hf=Y_P>RAiHECe*u$qhRJ2@e8$eb0nW*X<-mqte zW)2;L))1sqYpm4UJ&VbZrY3YURq6Jv7@cJIStwase?@c9%eS{F-0pV>o{xTR<#_j3 z6-XwrP0cnl^QICEq5}VX$A3&-p{Y;)^~iMqcBxLft@dU!$~e4O@%B)4uG7aZ;f1@l zZ@yjH+T295#AT# zOBp-~P>b~h-EksY;;O8Pih$&P0Qh_heA0gTXBV@kv%Tw87DZFlFC4}>n)TCD_KO95 z_I(CZ_CmwC;^imm5ATU+aWqhB{EL+xtA_iov0dWxe9{g0U}jK-QI4&jtZZXy{kCoK z$*KE+PH*>)&n3Yl6nSjQ)et_};mIN9QoMVP?J8b~OvI4Gne*G6K9pq<*_!g&a$YMx zlK86R%V*ZQdE?on$nU@$4-Mto6cga^i?qkzuH+Q=dbviN(2Hob*WXjj*+G6ZmhBwc z<(WUO_a{2S-@YGKy0^zO^}#M9Z^M?P{*jj^G+pXJO}zE)OHFUI^SyQRG;KKQ?n5p3 z7NNBiFcoR)Xyo`Wud%!8pwkmRjv+EB7A-WOLJ!%ZHvvc zY_K@vDR<(~TYn$a7OgoL)n6E!XX?)_V5^+k%C>0>ydg-R}i584&;#dSS6f zIkrgsj_x8%eacMH-#B~2y4d%2PGFzOGuH&|$-j_mpu~faJ4!pJ#4$lhX|(iaxU-kI zz=6j$E)bG0b5jW^HRy1!QZJj}5@*TFpkW&f=iveP(+$@FX42n(``(QLGAeD?WaWoxL>Ncr z*WI0qUm^}p84ii@58_f7ATP$K{V<7lNZq&oS-x`tO|PR`-YdY*{0VQzh%NZ$oq=Md zYNhmw`kFD-eS@rJ8y98y&xfu?Vw|~HFE6Y&S}bKo=$MQ1mArKn;nI)-E{?j{w{6Ut z?dbdM}~j?$L;u2rB4Phk6nJBrM<&_|7f>>6tdOKcb86-M)p@4#D~gURCX_f*3@fd9AR;jE`@zX}i0 UUDiVX{l5UrOe~F?ja=gX1GF^$qW}N^ literal 33039 zcmbq)Ra6|X+U?-(?(R-;cZcE(?i82e)*?fpxECnyFar$k6b5&9cc+vB#ryZ1*ZX#E z9X}r>Z=Mhd9S;y9QKU!tl-)*zA)?EIS=Bj%k0r%w5VJk&^tEx) zhyzER5rdFGfsROIar^Xp_kyBJ*2&eaFbT>+Cz}ivYI?`qM?qqG?Wn}one8!+^ZjJ- z$VRLd%i7^(Y5&Ue%j;4f=Ufw8Kt?k$oqmW6#rdy$LNW~vuiRuk_Fx3^3?Tn-JcA1# z;dBjaR6&=I6lGl5kFTnb*;)>Rg+DFF(|yEkc5mbOmxPOR4c zm~}1aULR1CcqiBGLS3F~(AR9)Ty27f&Yg=vVuysw!fvQ2DI6(For+4@2{k8`3oP=~ zEX5+$R#sAykY5{>lh6uqwUu_Y(&VDyqo!1&CgpNhKx$+cqd zUpw*&&w|jgdLZFtImpIjR9ktZsBtr@7=4nX;(d>R84;5^T_EMYwd}SkLu`Z_mMYj%jT;f@c&8vZ^7z*N9MmZNB%bB=^Omd zAxcsN_rEwdpWP7uXA}biYaDFE|KNnZSW?LTf8eat*`~*YvjY0Z!{#rDh|9@&c-?4) zaX*Hann!2`@g&1A4v2#h>YLQg-6nF_8)6IyU!;(!yAWQw;QmYF|B2or>pg5BXSsT6 zyUy97%Leh9($s)AQ2ke5?CtTpxf+DtpJdY9EgkMtZav3#o zClw!UL70&h*+dd9WO7|Xuc>}Sv*nqWPaYlqO7oxo7Dnua2<=gYjPo4l1|Lh^ROGF< ztAV3i&6}K4ORYI;Evi)okA@eys4eSXR2BuRGLN@^>y9eMN5Pd#R!q=?UYLyD*Z4*d zSs3#j9W8PR#e%C-gj)Bi^R;q6!EDEPCkDD-SZlwZvebT08a62Z3V(tBldM@7yp?=p z3`&;X+rR?`>98-V;n$S~=$|UxG*zED@OwS^@Mn)0exJM$&o^E5d(Lw&C0K32OFIA3 z9>o;@SiHmDt_UpVkHfur&J#yh_h6h<918iXJ3$i2BzMO3zVZybdNGl~VRQr-a}`Q~ zV{X0D4-AtOob;hjxeYw7w3yofO8NcW{Z6caox7%lO7~;7frN5vDT~RgS>oq&09A&{ z%~-X0UL>S@G92s&J^6IHF$X%8^&Ycpv5+p%$zWRb+Zqa=^A0C zIG*V8O=49xNK*9EM=V?94q}1RzMHd`>lCz{QAZ?b6Edjsd9eRKs8ge!kC` z+MF{)h?}UJqKNuvTyf8Xe7UFCcikIwcg=E4@-cLPUZ1c6Rh@VZx(hH;xDckS1e5|O zFT!9!g|sH-!SY{lu6ly(NgYxTf7hx#NB!f%Rfnir&Goyw-5ELh7$u=zB@b@RYS~*4 zI7Zv)L=w(Hd%hDG868mPGa)meY^se(>DG++9llk4@Y>$75N5B`-SUOp1({ ze{*sY&?yR_==>;*#3A~{_NN1(IrR!#a(Eiv`3qTCB%EcvF^-8JcBYp8x|_MdARbDM zq9QTf!Lcw(#`>Oq@WY$t{dGn=ygCJaC?Q59^k*Xw;6lkMETi)4xSube+Yum*q{Y2Y zn)|7UK+69K%G)_NarVVJ#@m7jH_?>=luRQPe3$DV>FT9&%Lq9KoqC(=Yl;qhD%*(6 zpxYxwq)_xE>QW3|F_pk1hX`{5dILGdWkcPDdGoaRHRrQ1VQ|hEXmrwR*e#`=A!QW= zmq(ORHbo<3QAG$l*2u90z;`mg477|-+%Vs9#=u+vvlYu9uw`z4W9mPAV=BuN$%~=0 zHJuGLem*5+qdN%J;^HP)biRP&sjIFdo-D*vw{I$ubD=#eMGkT8M=rADiPvkHSAjbi z+Om1NvPRE^MW1#7f#76>)-6!_9hh3oKuVY zwMc~8OitxOD}N9~_>RI+ero7r1?o1D8(t=!2Rv(JkVp-UkFFump{BDyi{dm@-^QmW z9QTG{|Nh%vkd)S2m%oN{l063{mpi*Uv$3ec#lPl;n~ z_;+oMD3leVhmG(*7kQ>0__Bmy)>iQ;K_ooB-MASFdL_oi^%liATNwIIC4)(kz zSE!&;Fs;#Iw=u)HYW3Gu>(XGv?#Gs#;%8$m%PBDq5Cb;o;wq*h+W;oMiBF%kZG7&` zby-u6xHq)t`Gz0^RQ!{{yA|U^VwXNhNo^ICPpZ|xDQb~PB3r-jza_PqZA_t5A{#x< zqSC^fNE@3}gFor!>!w*#-1eJk4=jgWam!W<<;IJ~95r8WZQSE%WY`UtpRrd8v+Cc~ zMzOh-z6Xn)KCj(KZ{^Mwku3L~*qr*KeLz2s+B9$GqF3#HZmSo`O+^72*jdWnt6fEG zC}I({TF09wx_f&dfF)3sQzoJsn67>0{dSG6i(LU?D~CE#Z_FeH z(|*2tAs*8vh+Q*ZFxF=wGq0*ew1q3+&O;Aa6~Mn{n&0g;&m$+Z7o|AKq#{(KWrtW? z5aC+YN*Z-;Mo>^Z2TY1b>#Y&$00oK&T?dnUtE&|eW!Uu)eI=RCF4my5FBU3YHp{@#a)xpn3VAp%X>mzHIb5S+-^tAHO zbj8I3B@h`bYJ2jH#8HUk&XuXaI+`MyJv>(1LN}o@Aw+%n=xekKvGaZ-SleiISqZ5r z0E9Wipzf`2d5Irt=fDca-*k{^G_QwMqkFALb!uh5f7g)@j@@QI@KpOokLJPwKZF&4 zxMoQgA$l}aj&0W{s-qyM;c z86*uM(-JvFS?lSpT?#Y(GCDl-A0bLbU^$>LzLU>PhWgE;uvjs-6+8c7vm=L%T}l}c z29LfCSmR`Xlx5a{xXn!@Gw+oDGy0D76zEWKB;Rr9_K_IZ6)%6O*_SMby&ETRFR!1? zAeJ7IHlR&BVkH<}r}CzTd+-+0hJf_EC-Q~$8wSY8`1Pc*bho_FCI^I=X(7Ah{V1UX z+6mN;d`5f#=&%d~^0#($U`l3`d|3{m5s20+CR7C4F*y|WG>lE(I6E?z3@2>jZm!rG z;X>`cn|LB=YJC#r%{a-cS}@1+xDnW2k+i#-F7o~(J8 zPJN~Xs&X677c&ljgrOF(*0{*1T^Sl0V|~f|5TY}(o6h)y2crHlZg$B~-FDnS;Y4Va zcYSy{A#}lr1Zb5(V*W}WIM(rZZ+)SYg;SN86|Bv#?X>CcSO;M)NZ>&i%}qrB8N_pe z>Ku{5Yw@hu!HD}Y1XIq1Ta+SKJe3^8miCVmnPIIJM>lWXlmXq7M#OPYKc90#ANt-? z)IN(svs&YG%mkt((-1wnXua4l=%>%Jq=@FbnXzYFDoUt0V!SPiDeqXH)s)-+US9S| z*c8kaRsaRb?qZkodqrlKP$%s*xe6g$TPD;lXl$Uj2k?*W5V<>%@KPdq$cq-;@#mv>!vyo30;>$e zsP^p#9dSPUzp+r}S#glfd;7(9qyZyY0%RSr0{uYi2Bf`Ifn}>(~2RmnH*Jh#I z4O#Fu01MllGBf*b;=wT1Pa1Q=ggQ&|#>Rh0HnNJw%LuA?7aAJf7s8$c9$Am29byd= zPILa5&4vkOwyH2C_os5tZv%WbOGd?p@~*xnECSrA_yr`NzjqdX z(^|DR3n~9}C4m+FTNx;>2ZnuV&Y^Kw#xe0Ix)+E1RR$@(yV4|juf&z0gXrV$(y{HHZ}XKBy=kry>uozq3$DddUvLQe?sTO28SduNUr$unU2>5;u&~F?I4zI z;I|1n5w610=I_{Ze}(NtguZooeFu)PQwqR*)-t>a~ZfOf)d`z6y*Z1>y z$IXqMp;3^rI$R1o+x_DO4nQ85uF9s5JauLc4bsLj+x%#Y90z?7C+^D*S*uGn=op{h`fu}A^qzhovL(=1njqcR z=F%qzSNlWStP0^UP%!xZ!XWzewCah0e2V0L>Q6-iKlaY8(j*c)rSj*CL@MGdJ2|5y z8c|5UJog7>Hf%4>L98soFJx1rh`#b90}814AA}km^XqU72Bx>QV9u}bEt!AOo%TM-hK*Syd% zXel|OPad>^WRTfBuBsix5X zRTa`>^2=_?#>*6KDZ8=2B{s3YWpSJBVQI#LF- HC>tp?M5NN@2*9*)u_2@b8yvg zvkP#^Q2PhtQLh2a%O0Gbn_O?rYTlw-96rP{Uvs_BJ6MLx_zQd1BngO} zVL~?ia=KN3b7XR^E^_R&iwNr~e=g;kNT-?KA7*ksWnsA0pjd0|)=S7kayA%Ra9=N` z1y?Bf^LU2qp{|*X8c7LSP9zgUslnk#4XF{{IFzt%`2>bmch@;59tO}+^yMi}7c^f9 zt%zWWRPu=|JS$os*ZTqA-LcoTnti%~BDsZ$kt}`@ZXI>feS_w!&yE<;N8;V_A zo}Rr+Aq5scA_o_rkk$&R#Fs$6D;w5Jh&SYzc>FGKsUbCl4`0xreM$V^DVUoS)AA4$ zV!sefQ$2yZUI6IzS3OXug+x1kr}6LSuAmAS{L3>{Zw$C}M_^e%6y03=+{2$RA!F!x zL{YIv6DzXi{+)N%HB64Fco|2+_xJ0EzXLS5pFbi~6uswYqd-PYtA=@V9zrwib^p`>_gTG4WdXf)s=RYn6&9)9ASf^}+*ltRmg|iNr(a7jL z^Stz$+Ud^ux{p3xGEVD_HS^*UU?J+E$0HWb76&rt;g&8HRw)W zkjAvdM9m?HQ~}PA9{^M1trx^sGYq3o$UFx&3b4i&ycYoI?Gu;xhC$+s-7nPpS~kf#`Yr+Oj17 zxjQnr{;C5y*3c8`(x?P{)0TocYc#hLrgAIyMIHJRMrEk_y6>+PZ9BZrShkLtj6qx|N+Qkk|{4>evualyaRi`r7@LPJnfLEUaP2>j1X2%J1@yLE;KJ?6?bx z`hb@&cDK>TQlN^PRZsNV_-&dLA9gO>#bzH!lE#M}?;DC&4YW3nRr5q~Uy?PTu;O6g z`XT%14DP17s`%kU!7ukG!97J)E^LtBHv)y^D#WWVtt%c z+VEJNrrty%A}0S7$uyVr7Gm=SK#u%Ge9f7aW;DkDYGukMS@I|p=S@SFo0_0UtDY{nELJr80 z)2kMT#eZjf{!<#DZdwe+X)rj(r(72|X}aV1PivR^9**`qnK(lRF$7Jh3nt`&pCnM{ z&2&YEFnA!V#ZW*edvX;lAFzK&!6rn1L(Kcw#P*oW_ zfp$(&7FJv-@P2qxhY2>$j&EpYKo8sM#F4 za6~=M_Re_1R2*n7X&}0gadoayMDx?`{h|Kd+dh?XDuU(k#oJl=y;{=v%e%6f+qKU< z-5qoPWO!@u__h4X>%}@)`4+!kE30E=;(j^mCog=si2#~KQXqxzM)39@5@*GPi6=XljkDb zf39;`CzPA$cKPc8smB$)eS{DNr((yn2!C{PF3a8`Z;NHfAHR@AyJyYmTuurRAHabz z%RAuA_ZgNJ0nQqdv6K0@pK9_KJh**NJ*Hm{HJ4yLi%&(Z-;862PXfqMsIq?Pybe=A z8j#@>n{4E{$^Ey67Tul3>r-EYyO9W&_Wwjopa;j&^Jg@pc@|vK?Vf?Yck(E&+&fp&!6vy`^B!4u`%&F0`otRreJ9^ z^3)+Y!CmonOi9Z+)MMUBrL|SqX#e zrBLp_ZAx0-*|wMRBow8ibukQ`8IpYpgc=c~pNiKjiJ2=^MAXV1yOdW%`>5v%JLJ@k zr9+3P7>1k0x43b_4i9Ft7v#F8(xJ@j300{1H+l369_}wP9dn5lKgLAxw*uVH)Bk+I zoQyGlf+v$9vY?T#*vV`9gFIQ3x11It^bR)a3YRM!935H&iV7xQ%iRI9!galaXofDy zz=G_PzOHLKB+Ux&K-6$;1{GCxikphn-1+bg?24rDBfk^Jm$N`1JkZ)()1CQ4#FJPg zd9Oa&(GKAsMW?hNQ{B`9r%XAHDP9S-8MvR+3^W7)JBZ2r3DF*m7mm>*vz2;=*e&2w zE6Bis^x*P-lgZjQ8^K)~Usb$kADwLbp8JKe7EjrYVGJLIiY(#g)v8SmH<6g+6dl@= zj$(pev2*gFwZ|;uu-ZIwdUlj~*h={uxZ>TNl2fh1__@zrf$$HJ8BCnMcect2Sx4Ub zw${GA-a)&kx8GcEGOXC+1RMl*m zwT7=DgI>6bNRe>5xWbY2ntT&BsRxdUxjh+xw3J+#J~-0AOIcWNPkjf6V{j+sk!(*A z@y$AxwQ(GJ#%mzzco5sg-1e=CT#=4m&x&>J^s|`qm_~oFLCH|sg2$&(YIUOJ{W|jO zf$2>RA>16N!0^`anpcOCG+{_fo%qPa}HHqD@Q_$V8S6cN4y47TamV+0H_D z6_MTd@hV$~1KX_a$$}{G5vIprKk(+mV*zpiP!S=A-DlppCLs|9W+O)lhl zN%n3&(#zJnCfg!j6OA@N07ZsjcnGqrR!Fp6HY)%sv+(>nUV=h?c}S>ja#zm8V|%5y@FFawu-rZc=QYkAR}*cY;XQJk`(yC~1YO)E_~?L8I@Sru@V~}W7SXs74huY zi1!(dZA_`(ZiHGE``2g^#6Og5JKmG8nORsQBEk0+0+2Y-;W@)GJDpOAssNf8>8L&E z4L&<2Y&RJ)wHKq9^_hvZbxTz3N|=@mVUf{^Tdu)`l+O?UHn@|YK3R?*4>=&^w}eke z;{lw{^_1_l?$P({dYQ)$%nR6l zU)xpxC})LGg~kpnV0RvX-5|e&V|YM@iEmj&f>(Zk6pfET~kS5m4N-@{-8KgQ9z5Vi(O9}F{%W$~7D5h|e*5Kx0(HWM* zl}#z7EmTNm+JuWO4`iQ^DP?kGhyt4&pZEs+;d=OxF>Wdk<=H=wJV5 zWAx%6*%Al_qJza=1*kH?AEIT&-Z&W)sJ?9F;MT^wGeDT5F$(62a#Alr2AOP-U#S1#ITh(klIs!!d zqICcTqRwnGnXbDE>Lw;Zxri8ms(M+G88g^e+PJw0n;uM(8~tso-~P|GrG!C6&Fb~- z6&l91|9j)1tluP={^MvCal(ldQHRs~?3>+pS$b=RIj2S1E&=K zZ(b5${E8$+YvYyhfUulAq90~LYr7TRTD+7z@zATtIbTuE=^I4IfqSX-SHPIYDQ!G% zM7#_eB}Ez`6Y(S9qg=Qi;|R8*zXbg?KcYoy>709@jtvb=BK67p_<|pQ>F9<$atN7C zjJl%IidF>;o}3KPx2Q`ScPEbUJ&NJaA4JM$^rKicAuWS{5P7>~D8EaKdY0{$dPm4~ zJ?OgBfrilh4S-=_*hk_6)BdwkADjecd(QN-O-{$cL=sUunCx%4QDuEk`9H% z>G}pWSn4_kZ16+64763y>R9}RO;Nl(ZiCc~2FUd}o2gqp8lK_9e6u}K{D4k+7wa%W zIxc2dT?FNLMBN5vf)cuD>=DA2sV%)Oi7HomxvM?U;RuHAOMX0a2Vi%7v{J=;T1@AXk57fe#|eHAWtmI>7sSX$DWb z@AH!uN+S8{&IyT-01P_LCT)aL-RYMXS9pUBmLYDOTPo3a62f(d#+Kg^Ai4w28mW5% z!{B6`k2;D8;ZVmBM7ow#BAwKJD*>Ivp@?twH9N?rE|(X^qCIS*g&a97r)`+Vv^3Fx zxMIZ2D3#a`Fo8n{AbL}CI5N6oW-0KR$O^OGY)Ct~_r-5-mL(5`Rx9Mwa#R$2j!($H z^X$v%kPgm$0i5fgY8;gFy{jd#_8$ew2fJ44AX^>a<4jW;k<54Hi_kQlKWCQ)tKT>O zQ4mPFUX2u9&zHPLi#5qL?TQZ~w^-NPbre=nKfbXctTuE5!n*iQs84K4r?v&RzN zs4|G)>_Is-bGee8oRLv5O67UkB`P?sUwAo~+JteTOmq6Y8c2@RO-P=0VIO$Tdia0Q zI>R~?vL3Lcnme#FHh*%2L9JT#of;%@tP^b1%lw_Ir|ibQ=>Z$rHdjdu_y5vDOwNmJ zV_{=)-r~k^3-;b~O~U@Z5c*)VKRCh1dkgxX2E87e83pV{Bfpm-a)&dAr-sS$jc~{y z%gYfe)LSFbC=ixb(yE2mfLkIbGT9;OM*jAvfH|*Azw6c7ck713OZE4Xeh&U(?iH7x z=e)08qc)NexnoW_kHpc@7~6%%UOlHCLq8uAzR`pkMD3?}$k)xfnU#L5?|i;J4gETt zv`kaX^yig{eX!LjhA4Rn4xtDACHc9%aBOO&`;0t#^R&`yjdaM-2ew63@nh$kusZ+( z3YuFNN9%<*J6$YiWUV`=8`HHt92+={RH|GfVU+Df5-(U4m_W|>_tHkUj|`N#`Ohch z(GhYmm)%W4k-Iboqc$GCA8c-{VQHB%wnl23fR$=C!I$Q{DwgmIr4yA;-b1HS=uX2m_2Gd!!7ccc^dlR!mUp)EKPM2 zra$USrAYCSfg(Y;Yu0>0$VYhOeM0D9kOfev$<}N9)QWEI~SB)*kLf6P_Bb3Fw(%5^i)&C~2ay=tz0kD9bP|IEao@|Acz-@~HQ$C4BLv%5sy& zCIDz+ia01DAk-CPb>~D6QWp4_SwjsJ$UZZzWUVwrr{5!!zhh&+ zFJKOGq>-<^3&^$Tj{H>>irtwPI=`oWRCa1ZBiSD^yfIJXkkNHcj z<+GWg%AudEaz<+bvZVj8nMmC#~up5i(P2AX(=(M zSN0t(xj&6N8)z7y1_EJn7Mq_7I4j|v+6qREPv)n+i$CTbmMQ{D| z2l#hM5ffv>Df%794DUz&n)xYCnSX9dEFdW+i5{M&>!ILXIog*6Q3A3FFo)mLGGKI* zU7M<6e#5HHP`jM8T$^((F9k>7a`;P6qVW-2d=eJt`%c`*pHJkwkRL{o3Iu=!VLUQx zgI0IFy0ftZ?Emg#`;u&I(Y|p2jBK$XnIce&6mrFQAtF%$F+Gi=l@0+`@V|0&R#PUM z#@YD|q92`adGafLbw$(&wa(PIzuzIl!o80^o2shDY#M=SjwB&Cwj_Bh3B z@f(n!cx!z?57)eG901tAfq4?uQU1JYcz4;93Y!8UM6Ch77Fg*5*QmkV<`Q)>X0JyK zsKGT-B_aL@^AG~7>4)d?Mjyxo82p7R>hNnyS9b$jNJ7u(b5Qs#v4Mn`Oy&`ePKv$G zM^vGG-^M1NJ`-*VHr>;pESYeC?FLIUiRk?`{%~dpIhQoe$BIHHv}@Qm^YcP(_2fFO zti2D^S94u_iahe^_S2r~P!J$>zki?9J%u=nbCbZ=g$V`ySlgco&c$Z1Mf~2mb>jIz z>e6T5+%E{VA19hQsr0sE#B#n=W7_|~JHnscc4iR1g*dYBFC#BVeN}0lRJ@gmY!m)r z4BQlZ=j+&J`eQuB`9Y3vwcD#tnv0KPe?jt}Ex)s-)j{ znpl(Ml`1L*jXola?zDM79@_{roZf-3q&{?B7>*}NyFGus62k?Xof&s;28NftJ~334 zrniU{#H2xl$7MK+QBU+T?t zVO%1hm~$EqGLXl~g_YWb2zql82pUY{;y^J}|NW&cQ}tTgm%|K5iT@imIev*gH%JNu zdQ1EAx3kt0e`m0iGrUw9e%{K(U9JoV)Vo_^0nX2Ts9%o-{Yt1aQ6;q;_m8c6cWQ+n zH94DTefgAgOagahK3^VIxu`rAWxlq|Pd$|m; z!ZR>h2yFN(OZ&aydpn*UlGq|&L=C*3(aw2r>7Wh23w#%9s|PiLZrALC7_DUE&5Gm9 zY*^XMxS%FcF~tX!7>#>`%1DN`&;nB`^Pxadt1{TJ0U(Z?QqbC??&D#vS~$~uTjn;& zN|)SuriRAJQb(?EvBXesYT-6M^TP7SJaTTDJ}yx#Q1yEN=ZpZZI;mCo6>RInwasdt z_J?6(OCdpR^p2ijVA`xZ%8#d*=_z)M1<2jMrO>KB0-tz4S|Pn?t^e#Pr?S@>P0luK?#e!#$&?5x zfY*_~1IDUB23}!#A!T&J_=Ku-_+fH2C$lNz`^&jpHh2a$9@%DG0w676~Z5|Q= zZ!!=t7RmF=3Cs6F|FPbt0W~qy+M|NT%yi~|3>^mjDIy$C>P;Rb24*ScQLaB8HM_>^ zVhiV8Y8@a_(t68UsRH2e6M??zhGt44lIRHDFHnBRskFW82&$~`Q-$UBGhneu^LqP7^jR?fActqb8M%VWrkAw@Ly&;)TIr%7Ru&JAgzykN zNrV>UlQ4U`wmO8ZR9;!o@ZJHX28Ov12|^&_zM6cyhAJU2Ntvm#RnGs|jsbi&EtKc% zOkaq}+WE7sXUy6%=X$hqC9-dhiIH4whsNE^>^FDH?6Qe7yGQVYMdz8BgpV!Ihvde) z#AR5#sMmxvCv8|7NW6wG5ck)@nVW{jfg1;sX+>&`WnXCkz$j}39hHh9ZQ-GC#y_?FAji)X!xYUc3OpnXC)dqK9GI8=`tuH3y zvG@7g3&?Rh+UzEw4e(=*!nx97)U){7(^X9Rj8~ zBVO(f9SwVk?nLIm84wop8V>E9BE8%31Xyp_ zN8rZ6-C8pnTSY0#X>Z1fr%rk8EY>Qnqa}To0d=6xqt)4On_mtD1zt-l8jP|4uV%pL zhvi+K-u+qL&**`j}PY02Y_M?B8|A@v1tb?gwJNY;^{LBduatGO!;E-aG0cD#zxGlUKGyk45CUIGf%dr7wgKl_ADxV6SNv`TAzEwq$xe*E z#&kv>%V>F5ehy)Pk?Pit($gJ?kWoY7d8_CbH%=X8)x8?!X7j(Be8qu1qbG2#`L34L zgWgLKu8~(0VZ3-pcd1yY$!Fjup3HMY9cU7WAg zJ}?15h(pddObg#DF?Y&SH%PBU3kn9D3Dnn?|D?$`8(n_z3DA1TINBRa?QLx2XS+n+ z>x$*=HS!5&S0@yXVD^(*?AKdd`=!Ko-I5SbJM{iaFWDgP{e_bBQUEEmy6_6S zF4MK&M=V52wJ@n05 z2|P(sGxWwb&w=>R5HB}1Pd*L<#!+h=q}ue}G!u5JC>P?v)g z%T^Vs#AlbGCZ}U4IdNQ>d-oH!UC>yWr!b|Shuv(bxk|>Gg#H%M6V@LYmpgJUOea&p z?3$}H$6&P1rW%CooZIV?Q*u)j0bh&{W-FCsj+X?sT377LcFwff!A{Li=Q|l2HyO6d z6;a+i%Wg61`Z>|5aTdA@v1d=U1dDC@B=S~pVN;ZsmECzEsbLM$BfAk`X7|BMi;;A4 za+_?ndQdNn6yu3EOjEYzUJO`}r$doP%`owempPk~^VnvYV>{ZtM2jMe`~}l<6bYyv z(JczW+Ppy0wrO1z(X9`fDz!KG^ibom%a?4Flw$PydoG<~AD>PMT)%NYRTdYWL!MX= z%JN+uJIRl+fO9jv=gVC!0J;~niFknfJ+HmQ9%K{rhbTH5lYw3GOE0Wun#!Jrg+>y! zbWHR;_fr1~gyCQVX|0;BO-)6f6Rl`KE=$|OZR6H5rk=T|{OZ>;SxkLAHqO;VdoAb_ zmXZKBG^jR0aMjfIog9Z9M`=(YV=n>7QYmwgoCH#)`u$pIUF!Sler5O_5!juU=EUqiI|I_|eNlBL6-90APDf=IWcgxEJ7LrJ)xJ|cd@<;% z0nv`u`w#n2G{*rf12y*ds(Kt*oMMGa%d@$LZ=4Cb5oLEM*?$-oW*ua))XMOKz z)a1$K*9)VcX*o#y`Y7J!ch&hFJ5L(vB}#_kEJGP4|wyXTHJc^;;0rxJEn+GmRvZ@BUBnAG#FO| zQv5e#njrUsm_X^hYN=i@Kh1_n`Upp-IE5Q9Lc1JGn+Ua@kx>TXffkMw1i$#_^z>8} z2Voq<%-e|Y1zkfmw;T?*rCKpLaMqra@zs>3seLAOP}xXHgUGlmA@Pg)^_&Xi^R_g@ zs-S-Rq6|B3_K|rEct&W{vo_eva;gZKn+b%!l>c7j_(aTz5?EK4Gbn^dls#~#5SZTf zjUtu}I+Z)YU9*`M`R%R!_ucB(%Knir+JD3TDVt|S)9q9~P)ueW1~f(KO&1h3*V|V< zK0!^dBX#^3e>C0MT_Sjo=aEBwBMohBR7&bEYCX%~Tv4bGDElB|Rv7h%dlRzW^c8_P zbA1>kw$(kihBxg^E7DG)v_2RKj%qbjtn=ASPhJ=WqO1)IN})k9G&?tTPbtX_99LcFxWfm;2JDi!v~qW69`^3U=RqKp4W*-f-HjVS5T9*TZ-T@fKti}#qup<#8AK4* zoowC~;P~pv(8CTNx1FG;Bdk#!W^}l3klK}u>O#tg5q2ph7k9ORdrq}#|FdW@G>-!t zvTS6o<9{3zl%+-Zw^~t{Cu0~Nh@w93M@V$Z1bTFRVeVR2z*`MmoFm;qqH%&z?tu>)qnMAltmypDpeE_|4RFOGK{;6Ee#jt0Rr z+_-ba1gLwrecdPGOJjE>;lnsWHdX;Ge!T||Ty6eLDZjWtj_5Gdf4bPYFBl9bS`IR- zuiO+pr8j+L8yM1zW%Y~wXNv^*ay=ffZE7XZwup;u#dG`;-xAi2f?RTA;^4+=)z3XaB7)qSZeMX6$<+7DL0;--yG*NqN~Q5nCUJG>r(GCRvm@$2iEX z!>^t~{4DW#m@?OkuqID#RdVtTSj|eMJa}MVhV+b`Ej>9g;q) z@^icKrLFetW_vKuiC6gDMPsvE40{LsdB9Q8CR;_(I`W9C0D0B87{uk|mEeEF6N+{J zv_X6bHUBr-%7do=$V4B6#6zbFOHR!sanD)e!UWxE3#-v>DqXXM)rBUd1T~UPK`ysi z=2+nX44=c2AAgVIhD*9-HQ}2nan;KDu4E=qF*GDfG@LQ(ZoBH?BynY}Bw-(e8}0Kk zEf=rm+;iz(9aM09Hz0L&(Ett>lzRf?yNZL0HR1MI(79QM%0WR&lJ#zoGS8wBclF_p-1kjF&lWyfXUV2d;r+#LtlUoG1#&#qS_!yMN(}Fibg^ml`N~`_p~P04#S+1a=;rx) zf6~a}y&?tIu0?HTA`aesXWa*;XoCS>CW*`tE7#`=M4x;3-Ngk)0I`~TEiLW4yY}xz z_@Ct0^84{zZiEt`$woAAHIE=nQXLjyAA7$~^>)F>P9y0T`2ZKMjB zXgzM5u?zcQz7O0+?mwcUv&ajwWK7g#LSd+JTAypB-_kHC4W|jtNrfukPXLd5ohMv% zxa{D#vVXB*)#cgIn@q44A9xhcsZYjYe<$ihJvZ4qYM?4X^bzCzzt+Ags;*#Z6L$;l z?(XjH!8y1DCj<=ycXto&et?5JoZzkjg1fsr4EL`8W!9{jr+Mst*j3fLtGnv!lIbn; zU~(F1(N4=vb?qi`ppikz>>tFS%+Bh9=n!3IjX=`)n7DlN{ zU;}iOc#H9S@YsX0rU_KBmznj#gD&6E!0wr7qQPC@Ukvt zFGWdyOrmT9IL}y?Q53GAVb2JwE9n4^6 zE{-Z`0DWChsVJE&sR(3LAeogE2UZWvs_FUgh~`yW{oQhljR<#e!(L(~9voR}>4FuM|J>~M~#VwT`={o(FXTXGd>l!qXa6YuzOw>^%KD$ zt%xWqxb2XbI&(q%CrEe@o)wwvNO*4K#^gyBn33}jCnLNft-ubg{hHtG=NaFz%yqAWWy$Zg`EF@V-ydkf*QHBIMk zQ<9{W@Zy9$T){S_46jdjTYUkEX8otJMyp#}1uHS3J%!3Ruh>E7+o|aiZ%vnzEZ8T5 zYV|dSP)>9Ll_x7wK%5!+9~xr`SLa%waEgltH#}GG$1N1Flhx#+aqZ-K8J`*_DvL!T zvPABM-lw%K^gx@oMVLP|tHTy|(iDp6;#z>qa~b`x5RA0)s?6HyO&v_^ebGe>HOe5U z*1p!VpOtrnUH#^AzRXnmAt6Xm%-IUMu#w)oK`7PX-X z7IvK*ak*9T*RTSw0ldvE*%LX9qfZm?YjJr7o5mAAQYbX}neEhGRId^bcpXII~ zj~W9-v!rP>%s$l_&Tic?U?(FOm($D`uP;!+&s&o z*>8sfkE_?aT>c4UzurrJeQ;oNk^h|^nCCRi3CB;I$4FmC-tY1?L#Qn!!3hUAMFs_m zf;WJJgNMfnE~2{sl0IhZAs(=&ti;uB$d5%w-Wu6oZ~k>w$l#Z$FJysf?@GJVq)SrJ7a7!0{P!js_xɭ~WR{w;lVccacv-&d?%8Z}U(IM$t2+cNf-oo`F&yVrYU;iOJ(AkRQqUC56WxhS>wCPt8X>zTsYY z$c>n+{F$EEW>vIvCejDND2+sBK7odnQV>NSplf3IJeMqI?Wi&_{ui}r0hOIMd~EM- zsS_=H?9ZCm9OJp|^6m)0h_;^}|X5vGr=$@8P2(7dc;hmQ3 z6kWvHQ+mK5Fl_7r8eUSZ$vF4yRt-J;3|G2EsO_YAJ*n7Q$yij>;~>1zHh_a%2zO}ff1WG=8|eq9xi61TdcgWnK%8xiYT|62OPMqQK7!4D5cmp5x>|5`AHeQhas zFjf}U&}@q&GIaHM6A2wyVC_NEIlkZ4rYcMv@%x~)=rpq$#^h}qp-NCPB=y(J;lBP$ zX8e;Kma)}DK{CBT;ak*5-|z2wM{vu0KJ(lOY6|}EMJ5XM15#Mne_9*(mHMN6uRdRc zw2n32q}R4_Z&vN$m>pu^D%RJY+}&N|96lr8u^?W`6Cokw9JQS&7DOK8q;4W=E)Cr2{6^B-_+&f9ied37zm>HxiU(Rp2`D>%A>fSZgG#L| zS@q(G$_-21X+uzD=d)9~T_z6-{&==OYQ~}y?fS4eSy&KVI-P^^%^b6`ASVd{BMqV~ zXUB}4n9bhCq)s7u$}QlCg16mw-1M#Xg_wpP=T&rt6b_XA{b7$jzPAQJ6D-{KQ3Cxi zOJgX1cYL_R#Z{VU+NQ}{AZe=;A~Z$N_hI|vxRU8f8f{>nBEw z7(B0x*g$fuY_`%EfC99>cybB}krCCaot3x)F{l95FHJO}5GgRW@=ZUDn=$=99J^9BW3G1C_WmW`0C5zE@gpZDY{ePf1G#_kYjHUO8rhZSexV-1;sk7bCXvOZF4j7CCK)J zqm57n;(K1NIYOBkf==D1NLMqkq)hK*CJ`+u-_b2iWK3}?UGV5xOb|ia`UaM=c~}6} zI0h+u1ZEYKfY8aAxY=a~N8Gi79Lw%T;m2$CEo!_tzch>#_Z^)v7BhmXjpbJq6UY1&Z{Gdi_@@gb0Nik>Wm*2hJkeMMz$>wPkQ^QTFv zxk8!Fto!c2tB|d+V@M!&2hr)wi+#*b`<(HmBKNl!?B*2MGKc6eqg_F{)$!uR6RwBBrcdh(QgnB?SmF9Wv>{04u@>D%^Bt(IIu7 z9$N|8on$K8KHkRqXP0-d0r39aZQrLZDyk@~z;-bySUS-o$1Elirk1I@Nc1f6&?g^d zDK>i-%+3U6Cz()HtZ-l`R)|_-;zN4xJSVT$tL7IudVWa_$z_ZxXS^ZA<1s?sjqJ_K z*(Fw3y{PDq`#DFS9ipj@L>VrfV-xmS`shHnPq&3Q0ryztE5E78^1WuvXr>1&zD$^a zvG$DOlIe#?>l~Z+PJ>y*{_gKDtm_KDPM0Pf9v)_8dgBV?miheOFl*p)fU9S$==RHh zB?Fs+vOzq5FyBX)kLA~UhJTa}-nP4CuzCrFxU}ftJ)=~2uy)lt2q@`&Yd2WIeTvw- zTu84YCigprc^VeypVp!b)TSTuw|~Z!LC*dA8|T{Z5@<3-YPoEqlCZbEaOJXy4LIX~ zNDE28a`e9d@7JI8P-?#YGrX0~J z;zV1nOPQ(?VcTX)&9>9~2J>a2JwK>+=d(5*2ca2kXg3vo1-VH1|IP^j1b4+3Dtvb; z34+>M0(7^CTwUVCTi}e*lfR~&^ViwwN~L*IB>h113bi=LecnsbQq@-%Fyq)G^4$YZ zg((&xH%8CW+aUf)8m*vX8jcGT|5?B<;zT)7p(Pc;be?iw24B0A0_I|_)`OzQE`#fr zIo-Rh-W|oAvy+Fd4fp5j$S;!I(db}YDbJ#MWgMPuE(IJCsTg61aJ^3kWuRt8&$ueE zVLS2jY!&m_K|qz*b@q+;giX z27JP`S6wZ9>F29gq>=kSHehvX-(Pnwd=7>r%meq?T)Lib zbsqcTdcj^Dd=tM1AHUmvr0Qc&se+|G$Ys_FYrUi(;kO+r+tmUX9m<+F$d61058|Rj zA}zhwsjCdB-KsVV6{qI*oOPQ@IP^^l+&Bcxi2CshY7N&HXcocIXC88OZ!=|c>*~Sv zHO->j^AB2@PIg?{fi4_2rrf)|weLQroxG zr);{+9IXoBL-A=?_cY8*V3wc;Of#U(ple?Xy|}R#cpU$i3JVB36{TYAhMw`e!{XW5~*l^{ZVYuBpjFYB<=ERPewBqn<;xo1*&+|9b^R=~s4yBXqZEr=> z7;nDjmo3lSjfV%}9~qS$>guvK$ysF8K}qGmFQJjs5qsWY77#t`EUJsj5$Xdm+$xjk z@Cxwo8#>j+nRWPJZYx~pk0jFJ5&+qiqO_>82R$!?awiMblfD?07x8k|wQ!0mhO;Lp zL#KimJ&(UvU8*99NxROoIYE2nRvbXNG)%m-P6uwzYkA{!tDh5=HhjidI)C_!9>G_# zFFzLEXJ~H+xeBRX9;vJ|FTs#PZBW-42w0?w)4Gh3zx-izg5DOkIWw;>OzL#Df|>S) zwOQAM^0xhZ(x7NowPlk-06Iuca>-LwR(?~1syvkmuWPjCP%Zoapt#_cp|yU_{^HGw zM8-jt&=*1MWrbp1b~_PmA3sC4iWOhtlt^_xhh&l~J^rDa^5t2pDJtAuFjfA zt>P5hGr20&{8&(>cbJ&1y>EVh>6JZdm{hf33M4U;C&-}xc3n=$tbfYe6}*|m2%`W#`>!O}1L z$4;E2(%WJn3U@CR7nVlpm){qeerT>=0G5BM&Mi3$s_WN%W7-9t`0MFj!J`nSB?peI zQLpM$sS*iT&mE)G4}8KQ7!-u7+-z-{;r;D@XoBZ!6m;Mv&5gDqf3gxq@Q^_P=c~x{ z(mR}Hx{!-5Oj_9&+fq)T{kw*orOLjU&4a|CA$e+X;*34z>1`p##4VZVI(7L zmg{R=)l~EtSyYZHQgZCNrxgjN{dfsHj|%8}%5Q+t(u~dM^Wk{#3F-Kxk;jD(fUT1# zV1C-hc*NA4U(^=TSpEJ)zGOkjjsiXgpP8>oa#2+0;AnfBX_{6Yu}Xz%K283t^7hkV z@8V^57jA~%SreFrxkV?&O?ZO9oH0Ab)6f-n%Y z$su(*$-h}j8<x!9?ARTBZZZVCB~irY-?c_9YOZR$2JxTCe3?8v^s* zAWX9M(d{9Wwn32EOD{U}YIegDcoHWua)=v~1$Q^(2KPl5Nr;Hd4%+4EXM36pSNl0f zIP|D)-(I^*8cTTn-vP)sRY~AQ10E#ESP-l0`RY5nMPLrM*L&AN_Ws|&)O}f!^3`<0 z4G6J0L^_+B1@k9hQxg&a&cJQ*#KI-4EC5O~SZhNpz4iNBAPuA4Iox|{(yF;S0yA|a zf~Tm9wF_}p@lzBrXdAlf!Rq=47DRL}o6;M$6P9UYJO&eFT7p6fLTxS>M>Sd)1fY)Q zr)vy@VXludOX}+RoPhH$@Kbz-DhtwZ#Q)uEphT6Twh;HaU2oC=QB__-xerggSg?^7xz z?=}^;`(VaYXk1b=gCNi`3o;PfB7~bx3ys+)iZO66Y?SmVmXo_J7PlMjQ^?C@2Ca}; zxB%SLdp0e_$G|4ISX3OGudK)r3oG%FE|RCQ>{DNv5t=zw?fC<%%+#zO3@a9>>V8E_ zK1s(TcgvdldeQLUEc4x3PJQ49GHonJos$E%W@A*X4%0f&`d4N(Ywo|RQ@f&mQ$eRMc+9{359Xa2 zo9g~FG&)-{B9r};Ohw<`CoZ%Af74B!To1i_Bv?RbgEF*$y-oAvRh2=k3Xv9>T^+B1 z0nq2spH*IOEGqvACQS z)1~&GLvg*aLTKNV@%8Fnldb1=v|2&T8l+DXy_QIUI8>vED(@%pGz0R8%-FDM6PW&~O$z@{Y&-!t}2*!!lD55xpvIH0=GUTVXFd?Xy=2R^2{pExyE zoC?HkFS@y_mY?wG1y8|}bPLvp{rZWIq6%;=(AB)c_u~rzfp^?ic7EnfA_>buWNQQ3 znHDcFVY+uxFBYRM-8D0ZRfOb3*Ol+>U`paf>0$E>rq>?Ri7>w$nE1c_ zJo|njzwT%+huh_R(Kd83IpG@&seIO<<{Di1Piu4z>_yJ}O&GVAX>4=5h;*&Ovy49H z4ZAe2Y@%BIm(CW|Qyg^=Q8TIc_o;$jkx05$#AyAq2758BtzJs!SQY?~gz7&x&h+rc z+NoH5_BJe7gOg^G971PY44(N2d&}X93qR-V&j}Uc2O5ZS*S^PA`(w(}PNTw}&@Kfs zXOuI==v=t_Q^*#qeQT1(?GbCSol0GO2a29rr;#j35vw>T_?gpxu<+b~Q^TXWSpcGgrX1LCx z7__}$=!X`!$(4TbJ_~bOn_w%n#$RrtwJhOz3&g9{p3d-#`1UfN%4(}?W`_Y%aQOyA z03f+a!m){&DM1HITS^3K%k**wOD|+WNAqI$_wV!T?SYdbuO<+$&(UcW>HWJ4&;XWU z_y)kaHWgG*@!ayx!M>X}!Wj;|tTST;!t2#_(;EmHITlq0{+?8CpcbpUTx6e*_dELc zluj9pZ(G(QIk^_=q0_rgsE7E`DMna=wvFHAQ0fc9Bkht0%VHYz_QFo2Bu7ySjKG5H?}iNYXGCE-H88W+wWEf z*FljPAq75YS>FH|>AMFF&E13e)##+;F??c1PLnGva4NY=xIn*iU9p}HUM7tR_NHsy zE0Jm;uFn|*DTtCP4|W}k6YVhJc%%6zn#+!Ia8GY`KVh_J#gaCL&5b}BWf7gXsM{XE_V3Nf7cxGU- z5UZRMFOe+kPGr5kz2&^7?)_XTPhP`4yZo!YtuY1#@OZSNc%ySJC=9Rx> zTw{Od@xD-kqCO81J8Fi+Q9|6rCNSLx8eLDBONOGnvOJiv!D%UYuCg$UMm@y&dHd-i zw)hQRx@r_b4_4ci$1LabTI|if%(*+csi$OWCig}oS#3SI8+_p!GH*WNFc7tOl*jy{CL>Ef z{$A{9UTSVS^PUa*{;WNg;>gaeIU_G*m2sWNRy;A~^DDKm z=8#o8Xo52*VO+xV2O6_J$KI&cLlea)%BMx1bNSW@oG_8m!FJJGsOs2&H>AKui;`ki zMiM|h5y!fWJgHvLN3B#93*po1I1Y=fh{|zeK0Q3-U-<+uzOC7)56NGUg^epq#UpbL z*0DBl(Ybf-2Z00Tp9G52jj8TQed~N*pJV3?7e<&gF--@${DS-=UU=9@`@foQyKYzd z{9H>Mi^w3Cm*JbJ#0SVjYB@7ogls>AYBGRahC67nO;ZzwN(ljt67u;jOTIuv8y3_Yy1*jQgo&KDJVdk-3X z@*{j-Byeh^^JapFx3{}z12C_uxu z^M865#WB*K>3o_YMD}$t)&#A6!!>wI*wE3!a_-H|a9ORn&GFw6eg|Xzvc^8}>|VMz zh)Ck;2qy!y=3RoRJw+-8n?3W&PMC{%F?P(VbZB@O8&R%rr5 zObuKwjf=}NHG?FRnL(5Y0PW9Qj|jy+es2)MEOVBsW>laIWpC0F6cg>{O#cTwJVr&L zu<))7)9G5cbFE~?-d9|A(=ET=_=j_m>(lzCIk0~H)pVWo8CT#<_wzA-+aRF?wjY#` zqyF+nq-$fg^7EQDd>C93>-DNx#ryrnq}0at?L@SoUFB1*ULOlbb2sUEOl{W@#?-d+7@0TST;f+SK<$fHJVR;90F*vY z{(EDqklLe##N3(AfgpIL(?SfA$JOIOHXTSH_+7XkT52lHJM4|{S&E!;>JP7hsSM0* zlLGsMo@oY-MF^4yIqkR~`nT_&PSTB*zaR*S_waRi&Qxi2WhK5#qnw76F1RtOgsgsr z!a=H)9cYc>zI~e`>{*Y#>AF<|pH@Tc8u*+>OT!bC>gGm$vb-OMmfk(6-cqhFHvVY| zuj z8R^RPRg%0YROfNDv&lC1>Wk+WI;tqcKSsM12J(ZL%{h>PD=1!n5ORq^8xPn@u)y zLUI%k0_yJ5?iz+{`DwDP(WfckL9=Fg;@sHBpx@&l6vu_+d~yrZR}Xy$!TJvNZ9&u; z!_saLQ?FWk|M%X4_G7pCi!AFD8zUtx^ZZXGYjPiDH+eASYn>7Wt|jW@3HGN+<|2>< z%_^fAL<|~6q<1bZAO`gJKO-uUfAG*yu!@+K2XGGjWxGP(OWg6^uocI-AF%Hfqs zS+E76=0~Yp`(`R!1Kw_+Ou!d09H#5}P|Q6rBUSv@2q;GUm@2Ex*z_W7KnW#V(Y(z; zPZyJxft0v%HVF0RUt2{+miZn%ujKa^xz|ciZA^Qnk;fnk#xBNjaT!* z7SaV6dUPcDq)4IXAsnN9NRmLW}d0{UH*H~k8ng`^Gnz8Xw zt~=0chJEXax0mO!|=IMP*06{61e#zql## z;U?~sZL+H~I{m<<`a{eljK)IENbn#B&vaUvInxm*_HB<2O!$aY zXn+ZkGGT~_(u!Zz8aCsqS)5<|5Bd0=&Wi<9zr)&#$~=p6vQr41$1GMK!`waKFx~C< z3x2T~*3q^@rC9T4s~N_xy$o@K1$OZ;qV4b2j;)zl9X0HNx9viP2`@Pp6VIR@ZpD06 z?dt`#C+9Y#phH^nS@S?$l~?oa>4C@-U0POjzN7GP{CwuKJSB_IUSsVt0zU8H^|ruXjGW$NYEE^43wyO{VXI# z*u+^Ne~4vFWDpH|wK#o@&RHWnqUuTG>|^k@mUL0jK;go15Zv#6)f2b!SDIYc3zkOT zapnqI-t}5%@9FMExfVb7$+it|)se|@i?%pY&eS2HX1+9&LF)A~X?&u5>#F+&QXd4l zs)Ld+!C)`n861+UXeK4S^s?Y4Z|7X^`Jxr*3%x|;jCz`k%1S8}`YP+b!#$bC@CoC4 z_Uu%j9F2RDOXT|>j%RJ8cFM<66^^Q`A`+~AE1O4Jm2cm@$&{q8Tk>YJur;?j)ANQ9l zgz0@aJei(>Nmlw28x)8cE<=U{mGpAbib{#%Q! z+@EuQ!|S+y?G$Okl!j|5jr5)C{@7t%5@u^M?>h&f4XrAya*vIB=yqXuJm!d{A`2GN ze|o`%C#G%>PL87H$6MicH%M@S6cuNdTE`(+XtW{;T3z!M(OQ)`P)?CZxi2Y|b_W)Z zN{LgyhqVf=hhvjld9RX6j)O#=ck{$qHYSCY$XNW5{DxPTg;~(9$X@-M(UwM8f@Q3ZMC=hBEvq*59=V2y>iLg&6m^g0)vCsO zOM-dif(NivjVQ3g!WBBy%iH2f1w#7}aE#`8LUb2PjFA7WK>FV}p7_dVT_(=sV(*Tm zzL2ferX1jauQv8W+A0gzKHM&d)OP4JezNoYnxP`A)!2)?fO%?lrCY=Uy-YI^H92*P zU0Gg8sUE_y$4WC$uy-6o#Muph6;)zwSEa%|mFI113F$VM=pNpVvpyu7PtFrd9Eyb{ zcj(dhIHY*qzwJwpb=jk6{UzqxCd-eP2VNIpDPr^FxXTxQCr#h<4n{v7!MP1bJKFo@ z{i5j~6m*83N*s??_rTDy=^s-Sg9F8sgJF*Z*F}UAb%BU62+*Cv(y;YVit@$&24puP zhpC2n^8<_*LZMqOjJ5$0bg}|;s=^EqI1@9#atW^n`pnNy@ zlkTgXqHAr7i!c_vDM!*z@c?dcsn3$!0%8K2_bHRFE(nr0kCZE9RZ+IPzmgif@fT7Yl?Z;-oaK z7I@b3G1?oq+9X+9f3$;s{M5^jcd>PciNFDgV=k$eoP=`MEu2*U{4<+xw$bg&x8|b~ z2Z__Um-Yvlw2UTE*9-FQ(V6^^dO|z01QJtnbH0fhyuH0WN=yNoMfyxzCy5*7{g=@9 zmlNuITo;CRkCj7*+QVcLm2D13gbx+C%Dz2z7UkJTG^Z-oy1LQ9Bh=yeqk8Ega0VN2 z;{r!s?=q(I2YXA_yZmCWY?=}s7UbK~xmutf#spYZD|~>z!IUdAmP5AtW{Sa;JYsC+ zVx8*CGlBMkf(UADZRM1+g+%TGu<4yOci$(YHtPIkH%3QYAHqN@>TC5ZHAw>M8BQ9Q z6=i7ye20D%MO3Mg3h&=`7@i=XT>L3wkL`71fdN!$Yn!@X!W-h!+o*Rs++vP(&Jj?k zhHE&D2{|9fZCtifOPF-ZV``z+D=z?8&Ppj1GtyPXh@k^S!+-Boxcp$W#~L@b1Lql5*MGP*iEmpn+XhmE6C$I6GS= z&B83W+Bmg$0QUpC6+^=WK)=0YZS8?_VH)PlBL_3K%BSKGWHB}74O^&(FQhKAZWwwF zEcoBpFHc(TXy%$IQsZF&zpvXQS&{qounqVbG6SMUE<$ht3Waah2^rHjvd|-&M{uht zH#{ibH8u8rO5_~~ZJ#?q0RiadMzaL%z-hPqysQvPZ|skWpry9_gATu}eDrdwjps(=AjfIf>v@5z7}KDiVTm26ZRYZ?M?$I3)%!pDUeOl%grkuc zaCV_ZT&)U`MsO@!7J>+aOO=MN$M76*`mYVt+0-_D%4sNWI-w`VTF_bF3gs8iL`OH| zO^e-&fV}b^YOa1Mp)A*xq;y$%^Z5547wWGN+byogj?x?;#^hy`5S}g^ql2m0n(wHU z|K{PDB@auCPOF2X1nU1+bFGYN8Psv`4+VlyFUKk^u|!3l4=H;yi1I`9U1PQ2=0 zmi6=u1bB2==G4X9I9AG))iqvxK5Fw>e#RX;z|uQSceSmRQ~e0~L?Bz;#*wwE!c$IN z0p&u4@Oa?(D8%Aa`rt>ZhjRjsNP0E0q$|NjIPJ+Bq#jJbPv;R{|37D9MQge;yxSqH zSh~P<(ZCm{!ISV%GYgz`wK_=(5hSLNVWvR35JN)(Iw;_6a&K??@$vC`Any_NFd?J{ zJ5Fu_DeYQacfzZK@nMc=84)`e?GV}^0TFI>4g%O#;@FL%M``zOG?>QgA;ZWyHFdO# z;@H}T09NyNn;eo1bM{S4C5)-|BET9Z7sJKbvUnB_*Z#uTrdMD()#2M*k<&y6Vv;7yOi4_4rsZG@Vsk%NGNVmqDCpP?ERE1W*<%I;tK`GVU2 zkl5Cp9)HzkKx!3~1IrthVE;>?bQT`>gsZ{kd$YU3N|k}U8x}k+d66s1s9gTZEoNPF zB2H=r*l{l{N1GhfeFe`KV*mm4?hds&(}spiprP)?u{5sV<(qw;N7%-+vwd8)nqa~P z7+nxn-+z5VqQKJ)i-Kf&D|Q;)0=4LBrN2>9mq-2{i{|;O@*IS(yE44&bnr|H)iZy) zzrR1wv}k&ej~ICO%pgOyyPi4Jdj$U zNCt3zIgFV=n+#j&=uzb4bNlMXi?~))2J@Gy1F!z_!?sU6oX~^d-hp+zng!01a|a5- z-WaX3T|B19Prbw_23SD1GqG24H{fg@8$*f(+FaLG*MWvyKxv8jT>DA{(Cng71dKQ8 zIK!z1z0JqWmN{5@Y-(>DWf^?9x!F4odrl9pkWW-Gapizm3c+E|xG6&Ye}_N6?S* z=a}nJ8M9Dx$TWFJWa)^(M1=sFtQcnixvOReITd%8$uKg&&@hAP3uu=98{$xm><(QN zt4gSN_pG@0)E6B;v6zmhVY>p2`e}0)ivSV} z-?dqrT^QM6aVv`BAD)FuR(!C#x_k(2YulGmP}{fR&HO&*)*DBMVcyuD5;na$i3?Y9 zXW9kzHP{LeadO2w0j)#CjB(9c^gkq+J6BH6=;G6CZ3s?MsZjT4XqW$?HD$XVGJs7qUNPXuX-t}8Zw(Z^gVqHHqqL4pe zh)hR9)+E2+cQ`E+#V{QcBc;!0S_DBfoU|Ffl18wLAiCwTR#2k8rmTKE&Ki9?#usTB zEjNlos4rh`wU<{08>81ug6?*lCW%FUt-qgk-7kALd@PG01Dz_=JQJ{$LNork*OUKC zL(f+U-cWuLY21r8(6KZQH8#PNd5GTLS|}puH4SL`+9|XYmxDizLX>p2ya%NYUAi9Z zBuTo|Lfv*02xlsaw@UEh|JDaaN=J&PS)iS=?C-+HpLM(T8U7Lv?ZZ}|7S&0J4m`ly zn_F5M8&JXOty~d{Wm2H(f~rv0ZDdSMal`AQdMO-H@x6qi`1aA}PXM^ygfla8`N^o1 z^T>gMJx7Yu4pAvB$Ii*iAuQzHeihCR3fV!&6Hd#@ePGGK*X3$4Etai>9$|!3l?X2W zOS!@ZT;aWg=oL05w>b5ug+3vp(-CO0{c7z>*Z$HCH=ChZ)gpdjlT}>!*mV*BFAwmH7nAXVv4BdY>z>H^G zB8}`Pzsm|M#FthflX9;L3iK2j7RpQE?vaXy64Ql7X| z#3o8-!3(h>aw_$U0$w-x{hq;?%p&Hkl}xFl&DMasojMbvo>f%?j<+eTg?l1V#X!@~=1O@r}bu*#2+?Y>|qV&%z0{@YU z1OT};uH~X&UVZ2_Wif_dbVy$%jhoP5igl;VIF^1@#a&d|o(82=5l1c}I`8KFNX==3 zrvhB>dpnD%%L71GBpP=7Fk+O-nZU;?7ndp{G<^XL-$nn0jk1I8k*&(`Yf)7}Whrzq zIx{b~drSzT>!7MTiynA9{`Uoe=|Af##!fQZG+(9ZUBC28YaDq6Vg3+dnigFn83lW< zNKSxUmnS$amW*k{r$L)hVy43MIGkfws+}k@0pD=scpm!l3FVUy1N5VRr6Mayg^}F2 zBgx^A6P)8ybbQ#6&-8-g;uesl#`p3b_GtP#7%*|kRS>CeTn;51#pS!u?2%FI<@x_e zyPZ6yeeM`Q*rFd%9QP+@sLO*D3^US|`wS~1s8n=DJhzSLe+mhyJFJor|9W2@I_Z8s zvEiK)-C2%beUK`OFRpIPO@dnM>!ZqkubjzA*iN#Qn^Xt}i zQCn=WFF*;Gy4Fmc@Dd_tl$|7BrroCtrY||KARayqxM-%C4-oHJ3Mgd-5>oO%fXUxpNZ9Dp8L9-mJEJtk8%&sb2r&rN<7uYy>G zAzTj;UY;o{@A>iWD}Bp3JhF-1>N9}<5^P)G!j-y=9WRIVB=6S|l~}5(g3xR*cTybw zWnW4&fVl0_MG+eJ%TWoXs1nvvFc~U6uJ)LyBxQ{STVJ^sPrSzt`=H<2XLLxM!%A`l zt3ozba?^mi&wjd+7X3YB&lF~kIo1dI7Fs~Tc}?n8mznpwr$dKcDb z<#pC7-PH*&{)_L)0pynZ;qEc8++v_%2TQ6XzFEl@ zp$JmJB0*E$&|vDVsmy-7{As_UCuINwek;q>^Mf2CN}_unsEFzV5lX_%YS*OUXY zrpif(Or~Q5J=IQWNl4++;H!yJrdfx@?v#BN=K;*JMV-rBO$frB<}q(?E(I<-yUqPc zO(XMm%~%_(Ql$|bYj9DysuRT2!N(Y8mih8OU{fW@He4w=|LqcY6&DdeoR3IK8LQV-P+hRb>@j5Z>H73+gsZu%1)X5(P2bip0`D)I${x;*Qax$VC5)4> zThLTV)O(l6AEG!1-$xgo@DF=1J+y$yN?{q_-CYm5@*_xg#YrS6!84=^;j-o|PfcIUKB#;N#XWZFYU#T%Kzp?I{WX=Wn^LF~ z8>NB~(j}y8KVQ68F(?^v1u(REb$a=+O0Dp%fT2>74S}k`b4}6{79yTh?^HC(t7JA8 zZ@)7>U%-Fe5L=fd7q}XN#7?(BTCMoI9z%}T?+^tdo=lJF+h`KeWB18>@uuy5^5C|R z$t`LB#@nWv>mwGH?i`*+-F0udbv;2>wO2^Sf@q@pauY<@5(Y}>* z!fo7^dU7dThbdL0DrdK94(S42e^ehY9jngs{W%Tgzq+!(fT%I|V{E9Lsd6;5$rx8d zxqBF~s7y^(-T_o)TQgMO=Y*)@NPCO&SJhwN?1#x#QQ4YZd~!+G^j$(VR7d^RR>16W zV2{!Fpfw8VDTj#3n0v1QjS*|1dR`*Cj>8ZVJYVw8(6BJy+*I1b$;`FmDe;e}awFDj z6SmVP^R72yqgdwtzCN}QD!@8HUn9FhmajqTCAWSAyU&kA-7?2~KpCjZ)D4rHj5~`2 zkvr?7hOU30KVNC5?&DiY2HBjp()<{FhCXco37*@TPTF?CG=qhhvKIxlUz@1UH^H^S zL4p0vbJ3W`E);E7noZplm+n{;8Dq2|dj17N|F>5+`NyKH+W+1v{Qp}Q@&7xC|DE9f xdxZ1c#`!;5l>c`k8>X=ximD<@j_*H11sPT88cEZj{{=4tf+YX|