From 3dda31efb721590f8b57afe0071cf1933d8ce45a Mon Sep 17 00:00:00 2001
From: LamGC <lam827@lamgc.net>
Date: Fri, 13 Aug 2021 00:29:19 +0800
Subject: [PATCH] [Initial] Initial Commit;

---
 .gitignore                                    |  33 +++
 build.gradle                                  |  46 +++++
 gradle/wrapper/gradle-wrapper.jar             | Bin 0 -> 59203 bytes
 gradle/wrapper/gradle-wrapper.properties      |   5 +
 gradlew                                       | 185 +++++++++++++++++
 gradlew.bat                                   |  89 +++++++++
 settings.gradle                               |   2 +
 .../lamgc/oracle/sentry/ApplicationMain.java  | 101 ++++++++++
 .../oracle/sentry/ComputeInstanceManager.java | 127 ++++++++++++
 .../oracle/sentry/OracleIdentityManager.java  | 189 ++++++++++++++++++
 .../sentry/common/InputStreamWrapper.java     |  79 ++++++++
 .../sentry/common/OutputStreamWrapper.java    |  34 ++++
 .../sentry/oci/compute/ComputeInstance.java   | 163 +++++++++++++++
 .../sentry/oci/compute/InstanceAction.java    |  36 ++++
 .../sentry/oci/compute/InstanceNetwork.java   |  62 ++++++
 .../sentry/oci/compute/ssh/InstanceSsh.java   |  83 ++++++++
 .../ssh/OracleInstanceServerKeyVerifier.java  |  79 ++++++++
 .../oci/compute/ssh/PasswordAuthInfo.java     |  22 ++
 .../oci/compute/ssh/PublicKeyAuthInfo.java    |  33 +++
 .../compute/ssh/SshAuthIdentityProvider.java  | 166 +++++++++++++++
 .../sentry/oci/compute/ssh/SshAuthInfo.java   |  76 +++++++
 .../compute/ssh/SshAuthInfoSerializer.java    | 130 ++++++++++++
 .../oci/compute/ssh/SshExecChannel.java       |  47 +++++
 .../sentry/oci/compute/ssh/SshSession.java    |  26 +++
 .../lamgc/oracle/sentry/script/Script.java    |  17 ++
 .../oracle/sentry/script/ScriptComponent.java |  14 ++
 .../oracle/sentry/script/ScriptInfo.java      |  60 ++++++
 .../oracle/sentry/script/ScriptLoader.java    |  34 ++++
 .../oracle/sentry/script/ScriptManager.java   | 119 +++++++++++
 .../script/groovy/GroovyDslDelegate.java      |  47 +++++
 .../script/groovy/GroovyScriptInfo.java       |  18 ++
 .../script/groovy/GroovyScriptLoader.java     |  69 +++++++
 .../script/groovy/GroovyTriggerProvider.java  |  50 +++++
 .../script/groovy/trigger/GroovyTrigger.java  |  19 ++
 .../script/groovy/trigger/OnceTrigger.java    |  24 +++
 .../script/groovy/trigger/TimerTrigger.java   |  55 +++++
 .../script/groovy/trigger/TriggerName.java    |  18 ++
 .../sentry/script/tools/http/HttpAccess.java  |  40 ++++
 .../script/tools/http/HttpAccessResponse.java |  51 +++++
 .../script/tools/http/ScriptHttpClient.java   |  21 ++
 ...et.lamgc.oracle.sentry.script.ScriptLoader |   1 +
 ...sentry.script.groovy.trigger.GroovyTrigger |   2 +
 src/main/resources/application.yml            |  10 +
 src/main/resources/log4j2.xml                 |  75 +++++++
 .../ssh/SshAuthInfoSerializerTest.java        |  50 +++++
 .../sentry/script/ScriptManagerTest.java      |  22 ++
 46 files changed, 2629 insertions(+)
 create mode 100644 .gitignore
 create mode 100644 build.gradle
 create mode 100644 gradle/wrapper/gradle-wrapper.jar
 create mode 100644 gradle/wrapper/gradle-wrapper.properties
 create mode 100644 gradlew
 create mode 100644 gradlew.bat
 create mode 100644 settings.gradle
 create mode 100644 src/main/java/net/lamgc/oracle/sentry/ApplicationMain.java
 create mode 100644 src/main/java/net/lamgc/oracle/sentry/ComputeInstanceManager.java
 create mode 100644 src/main/java/net/lamgc/oracle/sentry/OracleIdentityManager.java
 create mode 100644 src/main/java/net/lamgc/oracle/sentry/common/InputStreamWrapper.java
 create mode 100644 src/main/java/net/lamgc/oracle/sentry/common/OutputStreamWrapper.java
 create mode 100644 src/main/java/net/lamgc/oracle/sentry/oci/compute/ComputeInstance.java
 create mode 100644 src/main/java/net/lamgc/oracle/sentry/oci/compute/InstanceAction.java
 create mode 100644 src/main/java/net/lamgc/oracle/sentry/oci/compute/InstanceNetwork.java
 create mode 100644 src/main/java/net/lamgc/oracle/sentry/oci/compute/ssh/InstanceSsh.java
 create mode 100644 src/main/java/net/lamgc/oracle/sentry/oci/compute/ssh/OracleInstanceServerKeyVerifier.java
 create mode 100644 src/main/java/net/lamgc/oracle/sentry/oci/compute/ssh/PasswordAuthInfo.java
 create mode 100644 src/main/java/net/lamgc/oracle/sentry/oci/compute/ssh/PublicKeyAuthInfo.java
 create mode 100644 src/main/java/net/lamgc/oracle/sentry/oci/compute/ssh/SshAuthIdentityProvider.java
 create mode 100644 src/main/java/net/lamgc/oracle/sentry/oci/compute/ssh/SshAuthInfo.java
 create mode 100644 src/main/java/net/lamgc/oracle/sentry/oci/compute/ssh/SshAuthInfoSerializer.java
 create mode 100644 src/main/java/net/lamgc/oracle/sentry/oci/compute/ssh/SshExecChannel.java
 create mode 100644 src/main/java/net/lamgc/oracle/sentry/oci/compute/ssh/SshSession.java
 create mode 100644 src/main/java/net/lamgc/oracle/sentry/script/Script.java
 create mode 100644 src/main/java/net/lamgc/oracle/sentry/script/ScriptComponent.java
 create mode 100644 src/main/java/net/lamgc/oracle/sentry/script/ScriptInfo.java
 create mode 100644 src/main/java/net/lamgc/oracle/sentry/script/ScriptLoader.java
 create mode 100644 src/main/java/net/lamgc/oracle/sentry/script/ScriptManager.java
 create mode 100644 src/main/java/net/lamgc/oracle/sentry/script/groovy/GroovyDslDelegate.java
 create mode 100644 src/main/java/net/lamgc/oracle/sentry/script/groovy/GroovyScriptInfo.java
 create mode 100644 src/main/java/net/lamgc/oracle/sentry/script/groovy/GroovyScriptLoader.java
 create mode 100644 src/main/java/net/lamgc/oracle/sentry/script/groovy/GroovyTriggerProvider.java
 create mode 100644 src/main/java/net/lamgc/oracle/sentry/script/groovy/trigger/GroovyTrigger.java
 create mode 100644 src/main/java/net/lamgc/oracle/sentry/script/groovy/trigger/OnceTrigger.java
 create mode 100644 src/main/java/net/lamgc/oracle/sentry/script/groovy/trigger/TimerTrigger.java
 create mode 100644 src/main/java/net/lamgc/oracle/sentry/script/groovy/trigger/TriggerName.java
 create mode 100644 src/main/java/net/lamgc/oracle/sentry/script/tools/http/HttpAccess.java
 create mode 100644 src/main/java/net/lamgc/oracle/sentry/script/tools/http/HttpAccessResponse.java
 create mode 100644 src/main/java/net/lamgc/oracle/sentry/script/tools/http/ScriptHttpClient.java
 create mode 100644 src/main/resources/META-INF/services/net.lamgc.oracle.sentry.script.ScriptLoader
 create mode 100644 src/main/resources/META-INF/services/net.lamgc.oracle.sentry.script.groovy.trigger.GroovyTrigger
 create mode 100644 src/main/resources/application.yml
 create mode 100644 src/main/resources/log4j2.xml
 create mode 100644 src/test/java/net/lamgc/oracle/sentry/oci/compute/ssh/SshAuthInfoSerializerTest.java
 create mode 100644 src/test/java/net/lamgc/oracle/sentry/script/ScriptManagerTest.java

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..1d04144
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,33 @@
+# Compiled class file
+*.class
+
+# Log file
+*.log
+
+# BlueJ files
+*.ctxt
+
+# Mobile Tools for Java (J2ME)
+.mtj.tmp/
+
+# Package Files #
+*.jar
+*.war
+*.nar
+*.ear
+*.zip
+*.tar.gz
+*.rar
+
+# virtual machine crash logs, see http://www.java.com/en/download/help/error_hotspot.xml
+hs_err_pid*
+
+# test runs directory
+/run/
+
+# gradle
+/.gradle
+/build
+
+# Idea Editor
+/.idea
diff --git a/build.gradle b/build.gradle
new file mode 100644
index 0000000..aa629e0
--- /dev/null
+++ b/build.gradle
@@ -0,0 +1,46 @@
+plugins {
+    id 'java'
+    id 'org.springframework.boot' version '2.5.3'
+    id 'io.spring.dependency-management' version '1.0.11.RELEASE'
+}
+
+group 'net.lamgc.oracle'
+version '0.0.1-SNAPSHOT'
+compileJava.sourceCompatibility = '16'
+
+repositories {
+    mavenCentral()
+}
+
+dependencies {
+    def ociSdkVer = '2.3.2'
+    def sshdVer = '2.7.0'
+    def bouncyCastleVer = '1.69'
+
+    implementation 'org.springframework.boot:spring-boot-starter'
+    testImplementation 'org.springframework.boot:spring-boot-starter-test'
+
+    implementation 'org.slf4j:slf4j-api:1.7.31'
+    // implementation 'org.apache.logging.log4j:log4j-slf4j-impl:2.14.1'
+
+
+    implementation "com.oracle.oci.sdk:oci-java-sdk-core:${ociSdkVer}"
+    implementation "com.oracle.oci.sdk:oci-java-sdk-identity:${ociSdkVer}"
+
+    implementation "org.apache.sshd:sshd-core:${sshdVer}"
+    implementation "org.apache.sshd:sshd-sftp:${sshdVer}"
+
+    implementation "org.bouncycastle:bcpg-jdk15on:${bouncyCastleVer}"
+    implementation "org.bouncycastle:bcpkix-jdk15on:${bouncyCastleVer}"
+
+    implementation 'org.codehaus.groovy:groovy-all:3.0.7'
+
+    implementation 'com.google.code.gson:gson:2.8.7'
+
+    testImplementation 'org.junit.jupiter:junit-jupiter-api:5.7.0'
+    testRuntimeOnly 'org.junit.jupiter:junit-jupiter-engine:5.7.0'
+}
+
+test {
+    useJUnitPlatform()
+}
\ No newline at end of file
diff --git a/gradle/wrapper/gradle-wrapper.jar b/gradle/wrapper/gradle-wrapper.jar
new file mode 100644
index 0000000000000000000000000000000000000000..e708b1c023ec8b20f512888fe07c5bd3ff77bb8f
GIT binary patch
literal 59203
zcma&O1CT9Y(k9%tZQHhO+qUh#ZQHhO+qmuS+qP|E@9xZO?0h@l{(r>DQ>P;GjjD{w
zH}lENr;dU&FbEU?00aa80D$0M0RRB{U*7-#kbjS|qAG&4l5%47zyJ#WrfA#1$1Ctx
zf&Z_d{GW=lf^w2#qRJ|CvSJUi(^E3iv~=^Z(zH}F)3Z%V3`@+rNB7gT<C4E+e^X1+
z079LInxq~UYf-kNla?M9Qw5`wqM;O{-8tPk0sfaO{=LZmzBQ1)zwMpO|F66HKXsu0
zsblVBXkugf|5Qc(cU5;MLk9;_r~hk73h82L2Ot0dCNKa1{eNB}WN+`{?DBWLtf8fy
zvWuaUi>VU{Bb~90p|f+0(v;nz01EG7yDMX9@S~__vVgv%rS$+?IH+oZ03D5zYrv|^
zC1J)SruYHmCki$jLBlTaE5&dFG9-kq3!^i>^UQL`%gn6)jz54$WDmeYdsBE9;PqZ_
zoGd=P4+|(-u4U1dbAVQrFWoNgNd;0nrghPFbQrJctO>nwDdI`Q^i0XJDUYm|T|RWc
zZ3^Qgo_Qk$%Fvjj-G}1NB#ZJqIkh;kX%V{THPqOyiq)d)0+(r9o(qKlSp*hmK#iIY
zA^)Vr$-Hz<#SF=0@tL@;dCQsm`V9s1vYNq}K1B)!XSK?=I1)tX+bUV52$YQu*<ra!
z!v%7ZiKpO7g;NmE(;dSwu}#Qr14TWb<rzbgaS}{2FVDKaeCbmIt`T?_&=oa1ox)Gi
zqwS3lX?Fkmj%*6-JQ8ia`$(tFUJ#ol59+HHQxhli%Jb#vc@r`6ZP-EsfP2S!rwy#d
z;DP`C{cFdu2M4~`pHtE1KsUc1?BTR?&fOjbQh0|PcMiZgx_Kq$bLD%;`Ig2_LE~#`
zt32~lMNxY>0%fnWEukW>mxkz+%3-S!oguE8u#MGzST8_Dy^#U?fA@S#K$<FiPyhgu
zzq^L^|GyXf(+AWxl#$gjesG=F>S@9msUiX!gd_ow>08w5)nX{-KxqMOo7d?k2&?Vf
z&diGDtZr(0cwPe9z9FAUSD9KC)7(n^lMWuayCfxzy8EZsns%OEblHFSzP=cL6}?J|
z0U$H!4S_<U3#TVDkQ!s%Ox_BnFc2H6iNU0q=!|+Z9mk`Nbw?whndl6tI(Fj=$tl!^
zIOq<7BPlTvwG$fSu#@_%M(FvF2tpewu1-c35x~(IN{;#g5`-28n}V56vUKDyHalgc
zVFs4DD7(uszamXg!+b}p?!s)SZXGtIED*Jww1@^#7%op*kD~rw8S#!ebx(C|Oi-ci
zN~c@b8rVJSYHe*Cyn5uEa+-wenYQT6aAn!pd*%?%r>TVjj<`6dy^2j`V`)mC;cB%*
z8{>_%E1^FH!*{>4a7*C1v>~1*@TMcLK{7nEQ!_igZC}ikJ$*<$yHy>7)oy79A~#xE
zWavoJOIOC$5b6*q*F_qN1>2#MY)AXVyr$6x4b=$x^*aqF*L?vmj>Mgv+|ITnw_BoW
zO?jwHvNy^prH{9$rrik1#fhyU^MpFqF2fYEt(;4`Q&XWOGDH8k6<goGkkqwiLLr*g
z5z6x8$sF`?<e^h`j@COy$E+qY=Oj=v!b*KAnIYc*AP7qC0C#dwjl&srabEh<e-#E9
zv&sl%zw~Grb~0?}V1_A9--Q~b&NxawFDL54EJtT<qO4Z~5p7>M=%@fics4ajI;st#
zCU^r1CK&|jzUhRMv;+W~6N;u<;#DI6cCw-<Kad;hI?@=R3TXw!Cr}=BbI5m+uEl-w
zqErRfdJ>otsc@IsN3MoSD^O`eNflIoR~l4*&-%RBYk@gb^|-JXs&~KuSEmMxB}xSb
z@K76cXD=Y|=I&SNC2E+>Zg?R6E%DGCH5J1nU!A|@eX9oS(WPaMm==k2s_ueCqdZw|
z&hqHp)47`c{BgwgvY2{xz%OIkY1xDwkw!<0veB#yF4ZKJyabhyyVS`gZepcFIk%e2
zTcrmt2@-8`7i-@5Nz>oQWFuMC_KlroCl(PLSodswHqJ3fn<;gxg9=}~3x_L3P`9Sn
zChIf}8vCHvTriz~T2~FamRi?rh?>3bX1j}%bLH+uFX+p&+^aXbOK7clZxdU~6Uxgy
z8R=obwO4dL%pmVo*Ktf=lH6hnl<C=NTH%5`gfxBHGJj`iNz(A#<w&(&isR(NdjRau
zf|I4<<<u=|XXZxd2JFGs>z_5k3cG;m8lgaPp~?eD!Yn2kf)tU6PF{kLyn|oI@eQ`F
z3IF7~Blqg8-uwUuWZScRKn%c2_}dXB6Dx_&xR*n9M9LXasJhtZdr$vBY!rP{c@=)&
z#!?L$2UrkvClwQO>U*fSMs67oSj2mxiJ$t;E|>q%Kh_GzzWWO&3;ufU%2z%ucBU8H
z3WIwr$n)cfCXR&>tyB7BcSInK>=ByZA%;cVEJhcg<#6N{aZC4>K41XF>ZgjG`z_u&
zGY?;Ad?-sgiOnI`oppF1o1Gurqbi*;#x2>+SSV6|1^G@ooVy<y93LDm;wIOTj=5c$
zC-QhzvAl0y_;%{)gWRy`;Bf=?TtTe*SY!MP@9W|edu{l86Kr1<Cmr((Tem3gt4{#y
z3D<WVud@WzG8_>@fg?wyf@0Y!UZ4!}nGuLeC^l)6pwkh|oRY`s1Pm$>zZ3u-83T|9
z<QZfPf@8vDvzJ5u4A^A<#$7q&=f7lp3&n5W!oLxA;ja+?=SVAJ?`~&fZ)ozb9P1k`
z3pL1q5VB*z+Ct?<9|-*itS69vS4hVra5Z!lDKSySn;jjmUpRtte+Bax7QXjI?`90S
zA4?c)l!1W6+}k;06I}~wRC@!%R<xI9L>GaKJIV3_x+u1>cRibsaJpJqhcm%?0-L;2
zitBrdRxNmb0OO2J%Y&Ym(6*`_P3&&5Bw157{o7LFguvxC$4&zTy#U=W*l&(Q2MNO}
zfaUwYm{<Z#B+303&8&j|1AYBZQ1ef~@-GzfzfBY|H8XUzarxJ|f|I?ulc}?_jHR=S
zshz3QKN3ud>XtILD$3864IA_nn34oVa_g^FRuHL5wdUd)+W-p-iWCKe8m_cMHk+=?
zeKX)M?Dt(|{r5t7IenkAXo%&EXIb-i^w+0CX0D=xApC=|Xy(`xy+QG^UyF<x+1@YN
z-ZMAue9y-N{P;V-w=mmGh-1)C76Xu!U?t<}ByuZz$q|bl4S<l@37Jh~Glu1WLl}(l
zthb2~6ne4Q83FI<<Ay4c4`8D(It&am2#(!Ony)app0o62Q+)KCL_LQOA)tF@50mMJ
z<<yYk$({rlv3BkbtJ+SuacOk#dTZz@Qrop4gQ~UO=spb=-piAtn0x3U*bMbJdwI>e
z+#J6h_&T5i#sV)hj3D4WN%z;2+jJcZxcI3*CHXGmOF3^)JD5j&wfX)e?-|V0GPuA+
zQFot%aEqGNJJHn$!_}#PaAvQ^{3-Ye7b}rWwrUmX53(|~i0v{}G_sI9uDch_brX&6
zWl5Ndj-AYg(W9CGfQf<6!YmY>Ey)+uYd<oGrQ)76s0B|$EDBcWW*bGf!XzhAcke;%
zrh(E+RSxuWf~{)Nc=B!JS!X`$2DA4*+k72=D%60mnI%QDRarAyE}--rmK`Z^V+Yae
z&vDIckd3^cYT8wuAh(uIoqyu^LYf=&(`lZI>_J<fvopl!qQMd6Z#ZYajSPWAp}`qN
zjM~mJhn3N452gfOT)3x7am8MT`AA+VSSTZ}v@@8Ef-MrsX1vV|`Qx}Yh}~|pD;qlf
zbIL{96T!~st%_2?)f30K4Wp&xR_;627NS?#a?ONO1)C^TbaxNEe^u!aMYPy7;-Hq3
z8kFD}u19!l+a?p#Hl9<7(I=E6f85Gdi%U@U>NXH=>|`OH-CDCmcH(0%iD_aLlNHKH
z7bcW-^5+QV$jK?R*)wZ>r9t}loM@XN&M-Pw=F#xn(;u3!(3SXXY^@=aoj70;_=QE9
zGghsG3e<X)8z!NOUQ-K7Tg*M~$*Lq1YL~>kq#N||u{4We_25U=y#T*S{4I{++Ku)>
zQ!DZW;pVcn>b;&g2;YE#+V`v*Bl&Y-i@X6D*OpNA{G@JAXho&aOk(_j^weW{#3X5Y
z%$q_wpb07EYPdmyH(1^09i$ca<gJ(BN8tBcV!2)N5jxRqNZX(-f?Oe`25b>{O<}7)
zRWncXdSPgBE%BM#by!E>tdnc$8RwUJg1*x($6$}ae$e9Knj8gvVZe#bLi!<+&BkFj
zg@nOpDneyc+hU9P-;jmOSMN|*H#>^Ez#?;%C3hg_65leSUm;iz)UkW)jX#p)e&S&M
z1|a?wDzV5NVnlhRBCd_;F87wp>6c<&nkgvC+!@KGiIqWY4l}=&1w7|r6{oBN8xyzh
zG$b#2=RJp_iq6)#t5%yLkKx(0@D=C3w+oiXtSuaQ%I1WIb-eiE$d~!)b@|4XLy!CZ
z9p=t=%3ad@Ep+<9003D2KZ5VyP~_n$=;~r&YUg5UZ0KVD&tR1DHy9x)qWtKJp#Kq#
zP*8p#W(8JJ_*h_3W}FlvRam?<4Z+<U)YVE|@-H{P0L;lgD=4M+K83d`J=;XZ6cLXJ
z^Pb^7ai96hX*$t^`}X?;F@T^K^_U|s%%#VBR44vL@CQr;#z>-H77^$Lvi+#vmhL9J
zJ<1SV45xi;SrO2f=-OB(7#iNA5)x1uNC-yNxUw|!00vcW2PufRm>e~<GrW@0xg&;k
zL?iysf{CN}V{o=!B5cYHv{+Y1t=R-R>toH;M0Q85MQLWd?3O{i8H+5VkR@l9Dg-ma
ze2fZ%>G(u5(k9EHj2L6!;(KZ8%8|*-1V|B#EagbF(rc+5iL_5;Eu)L4Z-V;0HfK4d
z*{utLse_rvHZeQ>V5H=f78M3Ntg1BPxFCVD{HbNA6?9*^YIq;B-DJd{Ca2L#)qWP?
zvX^NhFmX?CTWw&Ns}lgs;r3i+Bq@y}Ul+U%pzOS0Fcv9~aB(0!>GT0)NO?p=25LjN
z2bh>6RhgqD7bQj#k-KOm@JLgMa6>%-ok1WpOe<hhSU`7#vu9^7%H57&(`pARdXnZM
z;eION-Jf1cVd1-MCh?1mFC&L}n&D)2PEzUHkSiE_t+j1!E~K#qcYI-`hc5a+<MQay
z<1}>)FS^XOU{c?d5shG(lIn3GiVBxmg`u%-j=)^v&pX1JecJics3&jvPI)mDut52?
z3jEA)DM%}BYbxxKrizVYwq?(P&19EXlwD9^-6J+4!}9{ywR9Gk42jjAURAF&EO|~N
z)?s>$Da@ikI4|^z0e{r`J8zIs>SpM~Vn^{3fArRu;?+43>lD+^XtUcY1HidJwnR6+
z!;oG2=B6Z_=M%*{z-RaHc(n|1RTKQdNjjV!Pn9lFt^4w|AeN06*j}Zyhq<HLE#a+A
zJ{@Y`FHfEI5bv;8o$ZEGCqCOp4`6-5eeTUyKzzSKd~k>Z^!-=cyGP_ShV1rGxkx8t
zB;8`h!S{LD%ot``700d0@Grql(DTt4Awgmi+Yr0@#jbe=2#UkK%rv=OLqF)9D7D1j
z!~McAwMYkeaL$~kI~90)5vBhBzWYc3Cj1WI0RS`z000R8-@ET0dA~*r(gS<U)h`aD
zLE6Dn5Q+3O*c2B9elF29G1VrakVK+eBtDr^Gf}-iF&NZnZ$t<sha>iCJmQMN&4%1D
zyVNf0?}sBH8zNbBLn>~(W{d3%@kL_eQ6jEcR{l><V*L*c8i9aN^J3k5@LC4D{kHc*
ztiPGM*MYdYK5-%KXLXp`;*IAihHn*4Pn*cYN8uZA$oHJE-8(VkYwPa2amx3wu)oxf
z;@K?9yEDA%g1*No{aF{@JJ45(#kW@dSB%B?ig4GNH`G^-kpE2q*E={oZNZKA>C|JK
z(R-fA!z|TTRG40|zv}7E@PqCAXP3n`;%|SCQ|ZS%ym$I{`}t3KPL&^l5`3>yah4*6
zifO#{VNz3)?<E9P2g)v<M^QTEwJXCARf%0EK}z-2B8QN$*7-J-mD@w9d6fzs+FVv4
zrJ6y#^xsh;O&ToHBFf~MC54(~Sb2j}sCotWQt($NS~kJz72WH?<eo8;ekt}!o;CT~
zFlF~#@UZt@DeNAn7u||SULov|N<ot`RP2<Gm?2rbIJ;;m_J~Yu)ZL<c+N#@?_iQO`
zRo%izIfJ9RLf%!Awp2T%_jV~S<vv}L?&aO;G&bt(!h60lS`2vX)v@WhGFXzOtRK;c
zyr@kt8OV3(72@wS&Pz;*6SWo#Z2jYhpl6$h+sV9U!&ep>ZL$be;NEaAk9b#{tV?V7
zP|wf5YA*1;s<)9A4~l3BHzG&HH`1xNr#%){4xZ!jq%o=7nN*wMuXlFV{HaiQLJ`5G
zBhDi#D(m`Q1pLh@Tq+L;OwuC52RdW7b8}~60WCOK5iYMUad9}7aWBuILb({5=z~YF
zt<!zJa=c$qO%0sJrsowK;!t%<S=X7Y&Jxn+nGDY&f(=_-CL}c~4K|D7ux0QbLt&^f
zSr24bBRsz?=*UjQu7gZoZ09|ewuhGV`hI~v^swhOT82+78;Tj2xT>?*Jr<A3W3T-3
z<1&Nz$ui_+E7n$IbPK2Rrimn|(;7EPx1h6Fi)-3?>5NG+WadM{mDL>GyiByCuR)hd
zA=HM?J6l1Xv0Dl+LW@w$OTcEoOda^nFCw*Sy^I@$sSuneMl{4ys)|RY#9&NxW4S)9
zq|%83IpslTLoz~&vTo!Ga@?rj_kw{|k{nv+w&Ku?fyk4Ki4I?);M|5Axm)t+BaE)D
zm(`AQ#k^DWrjbuXoJf2{Aj<e%564WZLSS(Vd#ROb?}iRVX%`%#SRY^TSh{u=kI84e
z3Ow&PB(uhOFrXgEsH|%j)I-Ug(1-{oj6dcgiDH#{Xclz$DM?xphY_S^6Z_M-j<Q{M
z3m5`Vg`@HsKN#jbtysG34Af*<`=E}BAe7{&&983YEEQfM{J8#P!otJO%!Ug4=|diY
zavSVyOcEEa#lU9-1SEeUY5cJ=<Ds##5c*EUsRi@fN(`2}Y5bh+k`b9uFL%rwlbF%M
zdSW_2pP9rtReb`cMyUFd*B2fwpi645^+_wI6EzB|mef<{4KFd8`yOM9scKF$vrUM|
zCoNlGyffVj5PnZZrY&Y5n|uW=PHnHX<YXTSdl@8HE*;J7fEIy#D!|gwR}m6V5SwWq
z(a}Z41Prc!Wk&AE!j3s3VBd*3Lw?gbM3E&oKBI9kltN8F1T6wcC{`?P4s@QUU>^KT
zFb1zMSqxq|vceV+Mf-)$oPflsO$@*A0n0Z!R{&(xh8s}=;t(lIy<Pl3uQSpJ4S8Y>
zv$S8x>m;vQNHuRzoaOo?eiWFe{0;$s`Bc+Osz~}Van${u;g(su`3lJ^TEfo~nERfP
z)?aFzpDgnLYiER<rBlW-W;>sKPu<X=38r|I{0&8J8r0^`tKAAKA8jUsvBhopXc14T
zgUW&TYxF3i;mZl;v5E+2qh>|0tq4l2wT)Atr6Qb%m-AUn6HnCue*yWICp7TjW$@sO
zm5rm4aTcPQ(rfi7a`xP7cKCFrJD}*&_~xgLyr^-bmsL}y;A5P|al8J3WUoBSjqu%v
zxC;mK!g(7r6RRJ852Z~feoC&sD3(6}^5-uLK8o)9{8L_%%rItZK9C){UxB|;G>JbP
zsRRtS4-3B*5c+K2kvmgZK8472%l>3cntWUO<l-B0`McQr%h#X$@@JrQb8#@ppQUG9
z)`zI{d#E;id*aB>VHxB|{Ay~aOg5RN<wtviA9uMGSHMzxbdkCR`SfK34yQ^bEpjN~
zPf^Bz$`=daT8!L25oqT&4i=+dRE^=E#-D#x^n<}e%YqXyp_!ut)H)b@E0UPjTon!Z
zEyxi=e>;{PJgeVD*H%ac+y!h#wi%o2bF2Ca8IyMyH{>4#{E_8u^@+l-+n=V}Sq?$O
z{091@v%Bd*<G_U#2l9N@Y9~(ygCl-h&9i8Yj9_3cV?DM!lxf11kY_LYnfWL$a@7F3
zk0$$mP<ka_iUf&lMdUX}1{nJ-EWCBw#je~5Smwg)p`tEv>3pk0^2UtiF9Z+(a@wy6
zUdw8J*ze$K#=$48IBi1U%;hmhO>lu!uU;+RS}p&6@rQila7WftH->*A4=5W|Fmtze
z)7E}jh@cbmr9iup^i%*(uF%LG&!+Fyl@LFA-}Ca#bxRfDJAiR2dt6644TaYw1Ma79
zt8&DYj31j^5WPNf5P&{)J?WlCe@<3u^78wnd(Ja4^a>{^Tw}W>|Cjt^If|7l^l)^Q
zbz|7~CF(k_9~n|h;ysZ+jHzkXf<NcXr7lv4BLC0%brrpzF{-obsvQr%!_>(*O*@5m
zLzUmbHp=x!Q|!9NVXyipZ3)^GuIG$k;D)EK!a5=8MFLI_lpf`HPKl=-Ww%z8H_0$j
ztJ||IfFG1lE9nmQ<au0Ml%cF(=R}3nZqu!gn~ulcq{4`|I}2tuFXsdOn=eq9Qz{LW
zP^cfInuhA7QFIUcH%13E<=O+Vy|WwD8Y7tHV5z9{b#53O<eDk6+LD+O<*lHC*Sh-<
zQQ*d{QylAFdIrjkp%D|@{O_AHu^XIETj$pt=r^Iy${cPPEHt@N92tqR6yn>0+jPQy
zCBdKkjArH@K7jVcMNz);Q(Q^R{d5G?-kk;Uu_IXSyWB)~KGIizZL(^&qF;|1PI7!E
zTP`%l)gpX|OFn&)M%txpQ2F!hdA~hX1Cm5)IrdljqzRg!f{mN%G~H1&oqe`5eJCIF
zHdD7O;AX-{XEV(a`gBFJ9ews#CVS2y!&>Cm_dm3C8*n3MA*e67(WC?uP@8TXuMroq
z{#<dYp{{+xCUwQw6)w9(r^`^0<F6$P{m>w$%z@CBIkRM7?}Xib+>hRjy?%G!fiw8!
z8(gB+8J~KOU}yO7UGm&1g_MDJ$IXS!`+*b*QW2x)9>K<JF7b%^NJe_9Fs0_(5~kP{
zjLlh(Gb|iDD!%2k=};N1Ay-P7$Wu_KP|<Nv<px9DnR*Bhp`@^|=#?&n9#0)w-FDC^
zYYwq=gkfiuN_5CjVN9Ao)scz%pogt!6S`BY&a-LBZ0vR8Hs`uYWwn}-oY<_#H(3U4
z+C^OQlGq~g8s<Q&bZc>~Y*E&bYMnjl6h!{17_8d!%&9D`a7r&LKZjC<&XOvTRaKJ1
zUY@hl5^R&kZl3lU3njk`3dPzxj$2foOL26r(9zsVF3n_F#<NB6ex9*oBW}l?xfbxx
zL%E!#nXs+R%q=x9ZnSy_@kOHMCrx3@5&BuHZd_<OOwDuA?g-PK!m67qWTCZlm0wKU
zv#i7p-7isYt{yv)OR8I5o;!7xop*Zm6Rp~J_EdjQW~sUFuwoyaW1U&NaV|M4U1?nR
z@)EUG9kIA_lYfhiyvI%HWy;Ge%?fKvOXHCrMb%0xeab5(rJo188D&|PUo17GFJ{-P
zs?t#M)7w#0RHw{KaZQP;u<ZWKm`x0&oP9ITEjmgxyDYbPrK*U@Usmmw0c2<WSXv-G
zvb6FvJhqfc@v@g(G}B*mRq{2pTwn0X@yc3sxqx=5S4D&>v)s5vv3<FgSd?p+)!kNm
zTv$3*E<J6vu2~)lp%4nMdtWE@=#AViY%^W&8R2_<v(+Qa%Mf{$Tn~RH;PHc?^uW;B
zl33*<G2>@dgs|lP#eylq62{<-vczqP!RpVBTgI>@O6&sU>W|do17+#OzQ7o5A$ICH
z?GqwqnK^n2%LR;$^oZM;)+>$X3s2n}2jZ7CdWIW0lnGK-<n4*9i9?XprV!b-2yz1y
z82;&r=GhqHm&zBz3e~(LKRa(8ZwPt%3TYt5`IuWWTX+)iO!EB5qiR4W$RDCd`g{-j
zZuyRBvdZnk><gEOlAyZgBQiT7{>b#EG01)P@aU`pg}th&J-TrU`tIpb5t((0eu|!u
zQz+3ZiOQ^?RxxK4;zs=l8q!-n7X{@jSwK(iqNFiRColuEOg}!7cyZi`iBX4g1pNBj
zAPzL?P^Ljhn;1$r8?bc=#n|Ed7wB&oHcw()&*k#SS#h}jO?ZB246EGItsz*;^&tzp
zu^YJ0=lwsi`eP_pU8}6JA7MS<SY@ZXteVGu2D;{e_dFnzL(OQbWI#IL1J(@}vxKG~
z{>;9pfD;DsSsLo~ogzMNP70@@;Fm8f0^;>$Z>~<d_jp#pvX)$*IF^kRoeC(j+t)Ur
zPx*FO4h)ZG=iqY;QK6W@ekh%ILEiXbr05ou^~><kZopq=@-e)e2pdVj4ZJKNAd~~=
zIWD3^k4g6+ly88l1dUP7-<u$%X=hfWc{o8z>}GWRw!W5J3tNX*^2+1f3hz{~rIzJo
z6W%J(H!g-eI_J1>0juX$X4Cl6i+3wbc~k146UIX&G22}WE<iA2ePZPFMn_vlC3@`(
zC;LX5HFTJ@i$J`Hbx0sRaj^uiUmU^s{mchNU>>0ga#WLsn9tY(&29zBvH1$`iWtTe
zG2jYl@P!P)eb<5DsR72BdI7-zP&cZNI{7q3e@?N8IKc4DE#UVr->|-ryuJXk^u^>4
z$3wE~=q390;XuOQP~TNoDR?#|NSPJ%sTMInA6*rJ%go|=YjGe!B>z6u$IhgQSwoV*
zjy3F2#I>uK{42{&IqP59)Y(1*Z>>#W8rCf4_eVsH)`v!P#^;BgzKDR`ARGEZzkNX+
zJUQu=*-ol=Xqqt5=`=pA@BIn@6a9G8C{c&`i^(i+BxQO9?YZ3iu%$$da&Kb?2kCCo
zo7t$UpSFWqmydXf@l3bVJ=%K?SSw)|?srhJ-1ZdFu*5QhL$~-IQS!K1s@XzAtv6*Y
zl8@(5BlWYL<vlUo^g==w+bwzmrMIfe1OGTk=p=b_r!$VPWnqI4+K-Q0Kn&YY_INtV
ze5P(@!H@m0AM%dGQN5FSnZ`He_+j(1bNGu}ee2>t1yAWy?rMD&bwze8bC3-GfNH=p
zynNFCdxyX?K&G(ZZ)afguQ2|<I|ToEQs5dh02L^JB6>r;XoV^=^(;Cku#qYn4<V}b
zA&FlaPRwlltsTXe9~a58?uH)L#hLx*;|`>Lus`UeKt6rAlFo_rU`|Rq<F_mt<XG?>
z&G?~iWMB<P-m~>io<78of-2X(ZYHx~=U0Vz4btyXkctMKdc9UM!vYr~B-(>)(Hc|D
zMzkN4!PBg%tZoh+=Gba!0++d193gbMk2&krfDgcbx0jI92cq?FFESVg0D$>F+bil}
zY~$)|>1HZsX=5sAZ2WgPB5P=8X#TI+NQ(M~GqyVB53c6IdX=k>Wu@A0Svf5#?uHaF
zsYn|koIi3$(%GZ2+G+7Fv^lHTb#5b8sAHSTnL^qWZLM<(1|9|QFw9pnRU{svj}_Al
zL)b9>fN{QiA($8peNEJyy`(a{&uh-T4_kdZFIVsKKVM(?05}76E<BOuTKNZ>Ez?#W
za^fiZOAd14IJ4zLX-n7Lq0qlQ^lW8Cvz4U<X+>KkV9~P}>sq0?xD3vg+$4vLm~C(+
zM{-3Z#qnZ09bJ>}j?6ry^h+@PfaD7*jZxBEY4)UG&daWb??6)TP+|3#Z&?GL?<NWw
zpo!n^_Mnx`#l`Mtp<H71ndq}LH(ZXJlzYuNAHINUglm=WWXJLtuPRY2?rIWUs=h@;
z1r9;ol65y`xO*SzvRa8o!D+_s;~<Bb-h5u71zg5ymFjIboenFkEakiwkF#l0c-sut
znM=(poO3Xq&}pnDV!O6|+_sscTBqqe%{pj$E^ku;b!#-zj>1i+280CFsE|vIXQbm|
zM}Pk!U`U5NsNbyKzkrul-DzwB{X?n3E6?TUHr{M&+R*2%yOiXdW-_2Yd6?38M9Vy^
z*lE%gA{wwoSR~vN0=no}tP2Ul5Gk5M(Xq`<W>$nw#ndFk`tcpd5A=Idue`XZ!FS>Q
zG^0w#>P4pPG<EP*xHW9WCTGn>+*NC9gLP4x2m=cKP}YuS!l^?sHSFf<ssGXChcP9X
za)*XSF8xSAX6O&AkMIyXtB<sR`J2gFTR8ck#bl<tOy9ZU%W%Jooi$>tZy{4CoQrb_
z^20(NnG`wAhMI=eq)SsIE~&Gp9Ne0nD4%Xiu|0Fj1UFk?6avDqjdXz{O1nKao*46y
zT8~iA%Exu=G#{x=KD;_C&M+Zx4+n`sHT>^>=-1YM;H<72k>$py1?F3#T1*ef9mLZw
z5naLQr?n7K;2l+{_uIw*_1nsTn~I|kkCgrn;|G~##hM;9l7Jy$yJfmk+&}W@JeKcF
zx@@Woiz8qdi|D%aH3XTx5*wDlbs?dC1_nrFpm^QbG@wM=i2?Zg;$VK!c^Dp8<}BTI
zyRhAq@#%2pGV49*Y5_mV4+OICP|%I(dQ7x=6Ob}>EjnB_-_18*xrY?b%-yEDT(wrO
z9RY2QT0`_OpGfMObKHV;QLVnrK%mc?$WAdIT`kJQT^n%GuzE7|9@k3ci5fYOh(287
zuIbg!GB3xLg$YN=n)^pHGB0jH+_iIiC=nUcD;G6LuJsjn2VI1cyZx=a?ShCsF==QK
z;q~*m&}L<-cb+mDDXzv<F>vrRsybcgQ;Vg21P(uLv5I+eGc7o7tc6`;OA9{soHFOz
zT~2?>Ts}gprIX$wRBb4yE>ot<8+*Bv`qbSDv*VtRi|cyWS>)Fjs>fkNOH-+PX&4(~
z&)T8Zam2L6puQl?;5zg9h<}k4#|yH9czHw;1jw-pwBM*O2hUR6yvHATrI%^mvs9q_
z&ccT0>f#eDG<^WG^q@oVqlJrhxH)dcq2cty@l3~|5#UDdExyXUmLQ}f4#;6fI{f^t
zDCsgIJ~0`af%YR%Ma<z>5VQq-p21k`vaBu6WE?66+5=XUd%Ay%D$irN>5LhluRWt7
zov-=f>QbMk*G##&DTQyou$s7UqjjW@k6=!I@!k+S{pP8R(2=e@io;N8E`EOB;OGoI
zw6Q+{X1_I{OO0HPpBz!X!@`5YQ2)t{+!?M_iH25X(d~-Zx~cXnS9z>u?+If|iNJbx
zyFU2d1!ITX64D|lE0Z{dLRqL1Ajj=CCMfC4lD3&mYR_R_VZ>_7_~|<^o*%_&jevU+
zQ4|qzci=0}Jydw|LXLCrO<tY^5#SIaz%jR-X`&*7)+bTVSc1BE2BLn%vVH`Mbz1R-
z>l1_P6Xf@c0$ieK2^7@A9UbF{@V_0p%lqW|L?5k>bVM8|p5v&2g;~r>B8uo<4N+`B
zH{J)h;SYiIVx@#jI&p-v3dwL5QNV1oxPr8J%ooezTnLW>i*3Isb49%5i!&ac_dEXv
zvXmVUck^QHmyrF8>CGXijC_R-y(Qr{3Zt~EmW)-nC!tiH`wlw5D*W7Pip;T?&j%kX
z6DkZX4&}iw>hE(boLyjOoupf6JpvBG8}jIh!!VhnD0>}KSMMo{1#uU6kiFcA04~|7
zVO8eI&x1`g4CZ<2cYUI(n#wz2MtVFHx47yE5eL~8bot~>EHbevSt}LLMQX?odD{Ux
zJMnam{d)W4da{l7&y-JrgiU~qY3$~}_F#G7|MxT)e;G{U`In&?`j<5D->}cb{}<s=
z)!EcZ!rs<Y#@^oA)#0D)Gvy7r4FLpRXcD*RfTd(<C=@A5lICI1^#y3rLIVLJon(Px
z9#Jw)(4Yq5v4TSV<tUJH3ExZMzKTk&i(qL2_(Map=flfs&WkPnAHQ!Ph9FQ-#b`+n
zGGm<qkbNX1D53P^JDqBMk-0!hNJ&trQIk`mzGOz)`{-cJ&~H;?Q%CleBz;+Wy0Yj`
zyHSagKdo#qV6?6Vcv+pcT%^1Q-l@v({R}QyX*+WEw%BJmI(}Q@j4m`CawF`x{MPHL
za$h&MF~4nMuyWgQrt}RgV#pg|Y^CiI*j!3z!tB-Jp4;1uuh(==9iU5dSb3$ZFATE!
z>{T(4DF0BOk<QYr>-=1195KB-E*o@c?`>y#4=dMtYtSY=&L{!TAjFVcq0y@AH`vH!
z$41+u!Ld&}F^COPgL(EE{0X7LY&%D7-(?!kjFF7=qw<;`V{nwWBq<)1QiGJgUc^Vz
ztMUlq1bZqKn17|6x6iAHbWc~l1HcmAxr%$Puv!znW)!JiukwIrqQ00|H$Z)OmGG@=
zv%A8*4cq}(?qn4rN6o`$Y))(MyXr8R<2S^J+v(wmFmtac!%VOfN?&(8Nr!T@kV`N;
z*Q33V3t`^rN&aBiHet)18wy{*wi1=W!B%B-Q6}SCrUl$~Hl{@!95ydml@FK8P=u4s
z4e*7gV2s=YxEvskw2Ju!2%{8h01<bQ)d%wXmu1Zpj%~-&jsiWxq+->rx-3`NCPc(O
zH&J0VH5etNB2KY6k4R@2Wvl^Ck$MoR3=)|SEclT2ccJ!RI9Nuter7u9@;<u*AgOz(
zn=C13+36e?Wp?2OIME<hmtjrXzJ<Zd*?$>sWf-%um;GfI!=eEIQ2l2p_YWUd{|6EG
ze{yO6;lMc>;2tPrsNdi@&1K6(1;|$xe8vLgiouj%QD%gYk`4p{Ktv9|j+!OF-P?@p
z;}SV|<w!@0*CQ5@xp9@`8c_*)IC@^rAGd{(#wPf?$`(^V&!%1qI&#?UztvBAF!4M;
z_oxBXB0!;X3yhd^D}+Xx4sUHZH*0n|si;UgfM!*1c|d1h4nY076_94CJP`FR$D}_!
zDgwP#mZV0tbmF7vmG7Log$Afqr(GuMl<urHsSR(EhO7^7wNPIUT%rDwjj%sGil746
zDLtAZLp-7)K|QJh+bT3@0I$b@q3|9LuBZk*!Xn-Gb?+~>oIK)iwlBs+`ROXkhd&NK
zzo__r!B>tOXpBJMDcv!Mq54P+n4(@dijL^EpO1wdg~q+!DT3lB<>9AA<tf}r`cy*Y
zjhdtI5OMNT6H0#L@X?3Sm%kGA7Vl5JMh4bZuEy3uPM@!CETCEPH`bN;-XzRi=Uj<*
zy1%%&-XKAU$eorwmA2>NSe!T1XgC=J^)IP0XEZ()_vpu!!3HQyJhwh?r`Ae%Yr~b%
zO*NY9t9#qWa@GCPYOF9aron7thfWT`eujS4`t2uG6)~JRTI;f(ZuoRQwjZjp5Pg34
z)rp$)Kr?R+KdJ;IO;pM{$6|2y<ydqUT>=k_siqvp%)2||cHTe|b5Ht8&A{wazGNca
zX$Ol?H)E_R@SDi~4{d-|8nGFhZPW;Cts1;08TwUvLLv&_2$O6Vt=M)X;g%HUr$&06
zISZb(6)Q3%?;3r~*3~USIg=HcJhFtHhIV(siOwV&QkQe#J%H9&E21!C*d@ln3E@J*
zVqRO^<)V^ky-R|%{(9`l-(JXq9J)1r$`uQ8a}$vr9E^nNiI*thK8=&UZ0dsFN_eSl
z(q~lnD?EymWLsNa3|1{CRPW60>DSkY9YQ;$4o3W7Ms&@&lv9eH!tk~N&dhqX&>K@}
zi1g~GqglxkZ5pEFkllJ)Ta<O6(=j@N_YA4+m(2{`eegY!ZQ2^vALR<RgI6}@oJ;#Q
znz8Q+-c~%`4rP2NC%pl75Va8USgVLiZL*d#F+vsZ>1I^c&Bt6#r(QLQ02yHTaJB~-
zCcE=5tmi`UA>@P=1LBfBiqk)HB4t8D?02;9eXj~kVPwv?m{5&!&TFY<knKM4n)!Ph
zud#tQR<C%y^0~@DM`a6)LueXb{y5yQ{QdB(pAh_Nx5%(@`(@LGcfv~*Wnh>hu>3=_
zsGmYZ^mo*-j69-42y&Jj0cBLLEulNRZ9vXE)8~mt9C#;tZs;=#M=1*hebkS;7(aGf
zcs7zH(I8Eui9UU4L--))yy<O?Y9%&u#eL}xwSxY`c_7W7JcW|iGpGkga)aNR1NtnV
zsQ!z$?wFhYyP2W>`&d&$In&VA2?DAEss4LAPCLd>-$i?lpXvn!gu^JJ$(DoUlc<UX
zkfN^{^6VUfk4qkMm$Kwn8iV7sNct*PLMd9WvC5vZDv+`U&Q-ZGnQrAf`3aDr3@9ll
zcH!Spxa>6wE98VLZ*z`QGQov5l4Fm_h?V-;mHLYDVOwKz7>e4+%AzeO>P6v}ndPW|
zM>m#6Tnp7K?0mbK=>gV}=@k*0Mr_PVAgGMu$j+pWxzq4MAa&jpCDU&-5eH27Iz>m^
zax1?*HhG%pJ((tkR(V(O(L%7v7L%!_X->IjS3H5kuXQT2!ow(;%FDE>16&3r){!ex
zhf==oJ!}YU89C9@mfDq!P3S4yx$aGB?rbtVH?sHpg?J5C->!_FHM%Hl3#D4eplxzQ
zRA+<@LD%LKSkTk2NyWCg7u=$%F#;SIL44~S_OGR}JqX}X+=bc@swpiClB`Zbz|f!4
z7Ysah7OkR8liXfI`}IIwtEoL}(URrGe;IM8%{>b1SsqXh)~w}P>yiFRaE>}rEnNkT
z!HXZUtxUp1NmFm)Dm@-{FI^aRQqpSkz}ZSyKR%Y}Y<Q&WCZ#r6E1BX>HNzBk)ZIp}
zMtS=aMvkgWKm9&oTcU0?S|L~CDqA+sHpOxwnswF-fEG)cXCzUR?ps@tZa$=O)=L+5
zf%m58cq8g_o}3?Bhh+c!w4(7AjxwQ3>WnVi<{{38g7yFboo>q|+7qs<$8CPXUFAN<
zG&}BHbbyQ5n|qqSr?U~GY{@GJ{(Jny{bMaOG{|IkUj7tj^9pa9|FB_<+KHLxSxR;@
zHpS$4V)PP+tx}22fWx(Ku9y+}Ap;VZqD0AZW4gCDTPCG=zgJmF{|x;(rvdM<f^n;1
zK8nxqYR0vKH0j_lDlpPKZ&MGwB{uMn`Y?-pX_!Y3B)-jRTo&O^8pthSIE0&!0lK-e
z!icB)w$6c%`*wHe1Fz?U<?TZjyK8JuG0UC$ZCke^hB6%|%?F1X$1uXP^O6o2PCxRi
zb_5>|2|9a}cex6xrMkERnkE;}jvU-kmzd%_J50$M`lIPCKf+^*zL=@LW`1SaEc%=m
zQ+lT06Gw+wVwvQ9fZ~#qd430v2HndFsBa9WjD0P}K(rZYdAt^5WQIvb%D^Q|pkVE^
z<umx#lsJRB+%c;<9rnPd8EZLPtdXF8y%S2H@ouSr1qOSZk)i$^f3$XJg9S<yWHU+7
zyJJ%uaeqUu9^B#_n2Ir_nIYz}G3SZ_C|5(`c6Umw#_yBgS{UuH<_&oA!pzsBV%g@=
zbOzA1`OA)5@fUbFgE?}SVsAWLGVW?bLByY#LXc_UE*PeNYf={+;y-vKh@$+ue#tsu
zvCKGNIefnaDUw~m>te$&#~zmULFACGfS#g=2OLOnIf2Of-k!(BIHjs77nr!5Q1*I9
z1%?=~#Oss!rV~?-6Gm~BWJiA4mJ5TY&iPm_$)H1_rTltuU1F3<q3^BkZ&_=uH2O^K
z_@P51{S(`LSn2c$B(%yIo=USrBfbZd`d}}bPg&0tq#f2!iBZc9Z>I(qTQ^U$S>%$l
z)Wx1}R?ij0idp@8w-p!Oz{&*W;v*IA;JFHA9%nUvVDy7Q8woheC#|8QuDZb-L_5@R
zOqHwrh|mVL9b=+$nJxM`3eE{O$sCt$UK<z2Kci>^2@L$R(r^-_+z?lOo+me-VW=Zw
z-Bn>$4ovfWd%S<yVaGCiuR4}{b|0tZrdZYdj>PY`ab-u9{INc*k2h+yH%toDHIyqQ
zO68=u`N}RIIs7lsn1D){)~%>ByF<>i@qFb<-axvu(Z+6t7v<^z&gm9McRB~BIaDn$
z#xSGT!rzgad8o>~kyj#h1?7g96tOcCJniQ+*#=b7wPio>|6a1Z?_(TS{)KrPe}(8j
z!#&A=k(&Pj^F;r)CI=Z{LVu>uj!_W1q4b`N1}<u;U_b=ty|*S;DXz*F-)!)F0Pv+Q
zRm=!T^zTn*A6)$bH1cl>E(i%;BWjbEcnD=mv$FL$l?zS6bW!{$7j1GR5ocn94P2u{
z70tAAcpqtQo<@cXw~@i-@6B23;317|l~S>CB?hR5qJ%J3EFgyBdJd^fH<ao26B*v)
zGUaiB1_W^rk+d9W+h~_tj2D}FfPY~B-BL~)lzp|oFVck~{r8sIIlCCz*!+vHo}=OE
zgW`_*^W8W`lLWY+AcSs_rDfwxzeg23BqYRWi$p*e3{sqP3719K#C&l{6X2y_TO;0c
zk>Zu7AzHF(BQ!tyAz<BOKd)9J&U=CXtSstlZ^pj1MMKG$H~T%~{<Zzl`|=?>^L0`X
z23S4Fe{2X$W0$zu9gm%rg~A>ijaE#GlYlrF9$ds^QtaszE#4M(OLVP2O-;XdT(XIC
zatwzF*)1c+t~c{L=fMG8Z=k5lv>U0;C{caN1NItnuSMp)6G3mbahu>E#sj&oy94KC
zpH}8oEw{G@N3pvHhp{^-YaZeH;K+T_1AUv;IKD<=mv^&Ueegrb!yf`4VlRl$M?wsl
zZyFol(2|_QM`e_2lYSABpKR{{NlxlDSYQNkS;J66aT#MSiTx~;tUmvs-b*CrR4w=f
z8+0;*th6kfZ3|5!Icx3RV11sp=?`0Jy3Fs0N4GZQMN=8HmT6%x9@{Dza)k}UwL6JT
zHRDh;%!XwXr6yuuy`4;Xsn0zlR$k%r%9abS1;_v?`HX_hI|+EibVnlyE@3aL5vhQq
zlIG?tN^w@0(v9M*&L+{_+RQZw=o|&BRPGB>e5=ys7H`nc8nx)|-g;s7mRc7hg{GJC
zAe^vCIJhaj<rU9d-Ny$?&}6qolDp7MDNB|ftJI`wi&EhaNhHyV!qQfb_Q>mm7C6g!
zL&!WAQ~5d_5)00?w_*|*H>3$loHrvFbitw#WvLB!JASO?#5Ig5$Ys10n>e4|3d;tS
zELJ0|R4n3Az(Fl3-r^QiV_C;)lQ1_CW{5bKS15U|E9?ZgLec@%kXr84>5jV2a5v=w
z?pB1GPdxD$IQL4)G||B_lI+A=08MUFFR4MxfGOu07vfIm+j=z9tp~5i_6jb`tR>qV
z$#`=BQ*jpCjm$F<t%->0+F)L%xRlnS%#&gro6PiRfu^l!EVan|r3y}AHJQOORGx4~
z&<)3=K-tx518DZyp%|!EqpU!+X3Et7n2AaC5(AtrkW>_57i}$eqs$rupubg0a1+WO
zGHZ<ibB|u&Jk?tUGE|?~tl5Wk^jlF-{lPR;A5i_2TUJp0F;38(es)rx!d-0-m4P-!
z$~|tV-l!W$kj%u&D~eY>KLN2L0D;ab%{_S1Pl<uJj0^JDir_rTS5CizT^_%RU3Cwc
zfrHnUz@7T<9U{4O%SD*qhHiuSo|}zv3Hju=+>m|hx8R?O14*w*f&2&bB050n!R2by
zw!@XOQx$SqZ5I<(Qu$V6g>o#A!JVwErWv#(Pjx=KeS0@hxr4?13zj#oWwPS(7Ro|v
z>Mp@Kmxo79q|}!5qtX2-O@U&&@6s~!I&)1WQIl?lTnh6UdKT_1R640S4~f=_xoN3-
zI+O)$R@RjV$F=>Ti7BlnG1-cFKCC(<Cu6MUX_IBo_X35UX_<48O%CsD25V#~38R@v
zrtYIkXvf1CPBiwCyX%=srhV;xX%`i(ICDDA6?ULc$>t|Qjm{SalS~V-t<tWc<BV1;
zl_jTzT9WFjJ~QeHdyK~l8BJDMnzlnWR?wVpES%e_)7o6AC7w~n8DW>X#+2ekRhwmN
zZr`8{QF6y~Z!D|{=1*2D-JUa<(1Z=;!Ei!KiRNH?o{p5o3crFF=_pX9O-YyJchr$~
zRC`+G+8kx~fD2k*ZIiiIGR<8r&M@3H?%JVOfE>)})7ScOd&?OjgAGT@WVNSCZ8N(p
zuQ<bOx+QY5+%zcISi3vNjYInP2!bhID0f~o9vf+-rhLL{z1^Ck(#`qsgx*#5swyXT
zW>G~76GE3%(%h1*vUXg$vH{ua0b`sQ4f0*y=u~lgyb^!#CcPJa2mkSEHGLsnO^kb$
zru5_l#nu=Y{rSMWiYx?nO{8I!gH+?wEj~UM?IrG}E|bRIBUM>UlY<`T1EHpRr36vv
zBi&dG8oxS|J$!zoaq{+JpJy+O^W(nt*|#g32bd&K^w-t>!Vu9N!k9eA8r!Xc{utY>
zg9aZ(D2E0gL#W0MdjwES-7~Wa8iubPrd?8-$C4BP?*wok&O8+ykOx{P=Izx+G~hM8
z*9?BYz!T8~dzcZr#ux8kS7u7r@A#DogBH8km8Ry4slyie^n|GrTbO|cLhpqgMdsjX
zJ_LdmM<k-VT(PJj^o5EU9N}k~N8WtTC-IGZ`@y!j$sb^<J0;G@Qw2FyCS!3I_NA$4
z1f*^zNnJ-2I0{osRtQts^V?d(XVo8U_KxuKrC4_(t;qw3T5EIb1gaTiFo3yT&HyFL
z)1@c>#I&4LqqsOUIXK8gW;V0B(7^$y#h3h>J0k^WJfAMeYek%Y-Dcb_+0zPJez!GM
zAmJ1u;*rK=FNM0Nf}Y!!P9c4)HIkMnq^b;JFd!S3?_Qi2G#LIQ)TF|iHl~WKK6JmK
zbv7rPE6VkYr_%_BT}CK8h=?%pk@3cz(UrZ{@h40%XgT<XHMp$hv;h9Ymj#=odkk`i
zIQae`_=X#DiyU&N400<DsTZGknpd*i59`VZ(hlvyF={mwt^rqfpTI2&<T<g_&ag;)
zGmdv3$7_Umm3*d1pC<tD4&^z@fB#qeFKt~J{6LxaG(+}hgg|*Exu--o{)yT#JuFbk
z1;57xTR<^av=7#O$H&Fm{_yrRCu{yYJoJ}c0L{yx#X=<de!)a1JlNVp083z$!k1?|
zV)^ps1(-LWXGsXjQ$H~1;~fb%PNBhFP?}VP6a;UunlMt9FKF=Z7zjl{Vm5wAE|rFq
z1-k1JTp~NHKqro%r!pzCx_v|wc?QzZb;2~gF~c_e(7kI?gTf@Sl;&2zZGHBdXMu10
ze@7*&Fo`5Se_O_wf2XJaP0LvFpQz-YM_~(7W9xrFv6N(8d1OJ9&>hP*-Oeo`T0eq9
zA8BnWZKzCy5e&&_GEsU4*;_k}(8l_&al5K-V*B<vk;3_5Y5GsaQRXITZ7En5+1cr}
zoEOfUwTvx(fB#P)g+XFq$3s&MIR%RGTY*w)u1F^x)_4KQF{~iPr`KL;JvOUA!)Bl1
z9p@=a4SF1Po>FM=O~;MgRkYsOs%9eOY6s6AtE*<7GQAR2ulC3RAJrG_P1iQK5Z~&B
z&f8X<>yJV6)oDGIlS$Y*D^Rj(cszTy5c81a5IwBr`BtnC6_e`ArI8CaTX_%rx7;cn
zR-0?J_LFg*?(#n~G8cXut(1nV<GD8u>F0Oka$A<Xrs+39Fcy_UX4+wJsyL;Ad#|W_
zoZzvm=HX_}HyBFXw08LR4`!>$1FGcERU<^ggx;p@CZc?3UB41RY+wLS`LWFNSs~YP
zuw1@DNN3lTd|jDL7gjBsd9}wIw}4xT2+8dBQzI00m<@?c2L%>}QLfK5%r!a-iII`p
zX@`VEUH)uj^$;7jVUYdADQ2k*!1O3WdfgF?OMtUXNpQ1}QINamBTKDuv19^{$`8A1
zeq%q*O0mi@(%sZU>Xdb0Ru96CFqk9-L3pzLVsMQ`Xpa~N6CR{9Rm2)A|CI21L(%GW
zh&)Y$BNHa=FD+=mBw3{qTgw)j0b!Eahs!rZnpu)z!!E$*eXE~##yaXz`KE5(nQM`s
zD<pRzTt9Ga7_+7V*(vgeNjPLq#T#Hzh4oMyk4m^&mDHa-;LXM`BMlpNPVXZiWB!7-
zsrLYk0v?{Pinwui>!$vW9XH)iMxu9R>r$VlLk9oIR%HxpUiW=BK@4U)|1WNQ=mz9a
z^!KkO=>GaJ!GBXm{KJj^;kh-MkUlEQ%lza`-G&}C5y1>La1sR6hT=d*NeCnuK%_LV
zOXt$}iP6(YJKc<sy3IAHEj2Y-R)3MS?rC66If(_;`nr~Onw70}P1hEBm+!itUy1C`
zNpHpki6_MC$7{&PcGt_M^XxtUNv`)v*iXj|1|scVAGjs`iL^4oZ_EXmgi;5b%!&n+
ziIZl66eo#;Grax0|H0Th2FKohS;Mhy+qQFJ+qP}z#I|iaIk9cqPEKq)Z~pVlJTr68
zJXP<9U-g%+tE>9j-Fxq~*ItVUqljQ8?oaysB-EYtFQp9oxZ|5m0^Hq(qV!S+hq#g(
z?|i*H2MIr^Kxgz+3vIljQ*Feejy6S4v~jKEPTF~Qhq!(ms5>NGtRgO5vfPPc4Z^AM
zTj!`5xEreIN)vaNxa|q6qWdg>+T`Ol0Uz)ckXBXEGvPNEL3R8hB3=C5`@=SYgAju1
z!)UBr{2~=~xa{b8>x2@C7weRAEuatC)3pkRhT#pMPTpSbA|tan%U7NGMvzmF?c!V8
z=pEWxbdXbTAGtWTyI?Fml%lEr-^AE}w#l(<7OIw;ctw}imYax&vR4UYNJZK6P7ZOd
zP87XfhnUHxCUHhM@b*NbTi#<F%^Z|eYk;z2_lk&RVh7s<F5xO2t#&+J(_Y0MwZqrY
zicy(G9z6&?{09>(-8|wcv%3BGNs#zRCVV(W?1Qj6^PPQa<{yaBwZ`+<`w|;rqUY_C
z&AeyKwwf*q#OW-F()lir=T^<^wjK65Lif$puuU5+tk$;e_EJ;Lu+pH>=-8=PDhkBg
z8cWt%@$Sc#C6F$Vd+0507;{OOyT7Hs%nKS88q-W!$f~9*WGBpHGgNp}=C*7!RiZ5s
zn1L_DbKF@B8kwhDiLKRB@lsXVVLK|ph=w%_`#owlf@s@V(pa`GY$8h%;-#h@<I6M_
zmQBeLGoxDbjVm1w<bC@g^^f(C!^JL|q^~JGpu4s;6B8qK+5^Y5Qq9@Z$yi1AO_ivY
zEj2e_U?RYgY($+y4MYyPw@#Znh;BBeSCVn{gx>TsO|Y8V=n@*!Rog7<7Cid%apR|x
zOjhHCy<N%=9>fbIt%+*PCveTEcuiDi%Wx;O;+K=W?OF<?k#V0K7HZbJn*d3I+eoH#
zh7<l$XDBh2e3X@S)0xR1RL*X3v}anZNmTRLP100Vjg6lZsj8M4WV<xI)QGou52W;l
zuhA|fVCliO=-1Jr275Sx<Y+M^NR?|nFbw_$)30P*nj@^6+|ZdgJZ18l!}qu2UJUSH
z1R0|V6_~e{(m?E}wM3qUG_Q$t&XB<F<iQ0B?7yghy}e3`PL?Jnn_FH7zs7FvV}ZNC
zg-k1nj;~OaAd0bVj&A17jIs@8j;@`1Da87%aS+QW)3w-0g!{V<Z8Jk0K;t-e-m_}H
z#$DpTS=ZJ!079fqU)_vsqe{Hxz{t*PFrYaR_X{Idl~pteGXU-!HXH+n-Nm@~!Nn|q
zjK^|6Bi^u9r}}mzbV)k27Kxg2T1S^j^-m&I%;>UV%)%~6;gl?<0%)?snDDqIvkHF{
zyI02)+lI9ov42^hL>ZRrh*HhjF9B$A@=H94iaBESBF=eC_KT$8A@uB^6$~o?3W<f9
zYtSca#$B|92$2MdaDc&Gb6a^9xjGKojcdPg>m5t1OIaqF^~><2?4e3c&)@wKn9bD?
zoeCs;H>b8DL^F&>Xw-xjZEUFFTv>JD^O#1E#)CMBaG4DX9bD(Wtc8Rzq}9soQ8`jf
zeSnHOL}<+WVSKp4kkq&?SbETjq6yr@4%SAqOG=9E(3YeLG9dtV+8vmzq+6PFPk{L;
z(&d++iu=^F%b+ea$i2UeTC{R*0Isk;vFK!no<;L+(`y`3&H-~VTdKROkdyowo1iqR
zbVW(3`+(PQ2>TKY>N!jGm<sD6AnGF=)0Re*7@0HIc_nG=Iw;>Go7oeoB8O|P_!Ic@
zZ^;3dnuXo;WJ?S+)%P>{Hcg!Jz#2SI(s&dY4QAy_vRlmOh)QHvs_7c&zkJCmJGVvV
zX;Mtb>QE+xp`KyciG$Cn*0?AK%-a|=o!+7x&&yzHQOS>8=B*R=niSnta^Pxp1`=md
z#;$pS$4WCT?mbiCYU?FcHGZ#)kHVJTTBt^%XE(Q};aaO=Zik0UgLcc0I(tUpt(>|&
zcxB_|fxCF7>&~5eJ=Dpn&5Aj{A^cV^^}(7w#p;HG&Q)EaN~~EqrE1qKrMAc&W<U9$
z+^)SZeHD%7BgO}J?hdzGer@n(wj6EYe>XIE;>@<&)5;gD2?={Xf@Mvn@OJKw=8Mgn
z!JUFMwD+s==JpjhroT&d{$kQAy%+d`a*XxDEVxy3`NHzmITrE`o!;5ClXNPb4t*8P
zzAivdr{j_v!=9!^?T3y?gzmqDWX6mkzhIzJ-3S{T5bcCFMr&RPDryMcdwbBuZbsgN
zGrp@^i?rcfN7v0NKGzDPGE#4yszxu=I_`MI%Z|10nFjU-UjQXXA?k8Pk|OE<(?ae)
zE%vG#eZAlj*E7_3dx#Zz4kMLj>H^;}33UAankJiDy5ZvEhrjr`!9eMD8COp}U*hP+
zF}KIYx@pkccIgyxFm#LNw~<U{`Via^B{gMVX)!#|jCh_xM6ikcrvnXbWa+dwBKVSS
zK-4G%y><Bux_?U*2>G&`;o&5)2`5aogs`1~7cMZQ7zj!%L4E`2yzlQN6REX20&O<9
zKV6fyr)TSc<e)zOh9v0_vMgh>JPPzNTC2gL+0x#=u>(({{D7j)c-%tvqls3#Y?Z1m
zV5WUE)zdJ{$p>yX;^P!UcXP?UD~YM;IRa#Rs5~l+*$&nO(;Ers`G=0D!twR(0GF@c
zHl9E5DQI}Oz7<JMjFG_&ureTdMV@FLw-eP(lgkhig$ECHD*ei9Xc()#hw||V#@>4n
zfKP>&$q0($T4y$6w(p=ERAFh+>n%iaeRA%!T%<^+p<H-<uJNd-sy)}Y@~CN#3u5W*
zjI&ROZ_Rx}0(a!_QCcJ9_!&~Uc}E0JQd?M`bT;-C9-Z?5E@UMa&Fe8b7GLT8{XPb5
zyf%i|Q0Xl+SI;QD#Yg>g?M)@ucY<&59$x9M#n+V&>}=nO9wCV{O~lg&v#+jcUj(tQ
z`0u1YH)-`U$15a{pBkGyPL0THv1P|4e@pf@3IBZS4dVJPo#H>pWq%Lr0YS-SeWash
z8R7=jb28KPMI|_lo#GEO|5B?N_e``H*23{~a!AmUJ+fb4HX-%QI@lSEUxKlGV7z7Q
zSKw@-TR>@1RL%w{x}dW#k1NgW+q4yt2Xf1J62Bx*O^WG8OJ|FqI4&@d3_o8Id@*)4
zYrk=>@!wv~mh7YWv*bZhxqSmFh2Xq)o=m;%n$I?GSz49l1$xRpPu_^N(vZ>*>Z<04
z2+rP70oM=NDysd!@fQdM2OcyT?3T^Eb@lIC-UG=Bw{BjQ&P`KCv$AcJ;?`vdZ4){d
z&gkoUK{$!$$K`3*O-j<Zi{jTPO?eI9$VNEqKns5`DQpeK-2u;%g&U>yM1~<ZC)5l@
zIkr@87e@uhA6MH$K<@Z>p-7T*qb)Ys>Myt^;<CgA4AYJg%~h2T>#1&a%O@x8A+E>!
zY<A2w=yT8AF-EkBw>8=eD`ZG)LVagDLBeHg>=atOG?Kr%h4B%E6m@J^C+U|y)XX@f
z8oyJDW|9g=<#f<{JRr{y#~euMnv)`7j=%cHWLc}ngjq~7k**6%4u>Px&W%4D94(r*
z+akunK}O0DC2A%Xo9jyF;DobX?!1I(7%}@7F>i%&nk*LMO)bMGg2N+1iqtg+r(70q
zF5{Msgsm5GS7DT`kBsjMvOrkx&|EU!{{~gL4d2MWrAT=KBQ-^zQCUq{5PD1orxlIL
zq;CvlWx#f1NWvh`hg011I%?T_s!e38l*lWVt|~z-PO4~~1g)SrJ|>*tXh=QfXT)%(
z+ex+inPvD&O4Ur;JGz>$sUOnWdpSLcm1X%aQDw4{dB!cnj`^muI$CJ2%p&-kULVCE
z>$eMR36kN$wCPR+OFDM3-U(VOrp9k3)lI&YVFqd;Kpz~K)@Fa<T;^H>&FRw}L(SoD
z9B4a+hQzZT-BnVltst&=kq6Y(f^S4hIGNKYBgMxGJ^;2yrO}P3;r)(-I-CZ)26Y6?
z&rzHI_1GCvGkgy-t1E;r^3Le30|%$ebDRu2+gdLG)r=A~Qz`}~&L@aGJ{}vVs_GE*
zVUjFnzHiXfKQbpv&bR&}l2bzIjAooB)=-XNcYmrGmBh(&iu@o!^hn0^#}m2yZZUK8
zufVm7Gq0y`Mj;9b>`c?&PZkU0j4>IL=UL&-Lp3j<Z6B(#r?G=5OTIVqppQV7;$oUZ
z_*bfNYVfkU+>&47B5pAW4JceG{!XCA)kT<%2nqCxj<)uy6XR_uws~>_MEKPOpAQ!H
zkn>FKh)<9DwwS*|Y(q?$^N!6<o$@lIm`~9<Ur$vhpA3&|(gF`!3*mR7y8%R>(51O0
z^JM~Ax{AI1Oj$fs-S5d4T7Z_i1?{%0SsIuQ&r8#(JA=2iLcTN+?>wOL532%&dMYkT
z*T5xepC+V6zxhS@vNbMoi|i)=rpli@R9~P!39tWbSSb904ekv7D#quKbgFEMTb48P
zuq(VJ+&L8aWU(_FCD$3^uD!YM%O^K(dvy~Wm2hUuh6bD|#(I39Xt>N1Y{ZqXL`Fg6
zKQ?T2htHN!(Bx;tV2bfTtIj7e)liN-29s1kew>v(D^@)#v;}C4-G=7x#;-dM4yRWm
zyY`cS21ulzMK{PoaQ6xChEZ}o_#}X-o}<&0)$1#3we?+QeLt;aVCjeA)hn!}UaKt<
zat1fHEx13y-rXNMvpUUmCVzocPmN~-Y4(YJvQ#db)4|%B!rBsgAe+*yor~}FrNH08
z3V!97S}D7d$zbSD{$z;@IYMxM6aHdypIuS*pr_U6;#Y!_?0i<Th%7C5rAWptzT;+8
z^q+L14xti*_qZw!_5cZk%7|55dKPFjM~R1_=~fye=uVS6nDqhi)PszECfuz7L#WMP
z!r+BR+k)}Z4nk;GJ*^~}T(1)9OIq4cSY?CPrYrC|{k3|*qwa%HsQZRC>|&yU*@16l
z*dcMqDQgfNBf}?quiu4e>H)yTVfsp#f+Du0@=Kc41QockXkCkvu>FBd6Q+@FL!(Yx
z2`YuX#eMEiLEDhp+9uFqME_E^faV&~9qjBHJkIp~%$x^bN=N)K@kvSVEMdDuzA0sn
z88CBG?`RX1@#hQNd`o^V{37)!w|nA)QfiYBE^m=yQKv-fQF+UCMcuEe1d4BH7$?>b
zJl-r9@0^Ie=)guO1vOd=i$_4sz>y3x^R7n4ED!5o<f!284U3o`_8>XL3@5**h<Hcp
z@=-jpH@#|<>(xr%Hv)_gILarO46q+MaDOF%ChaymKoI6JU5Pg;7#2n9-18|S1;AK+
zgsn6;k6-%!QD>D?cFy}8F;r@z8H9xN1jsOBw2vQONVqBVEbkiNUqgw~*!^##ht>w0
zUOykwH=$LwX<q*Afk5R&Mctbiz>2j&nLy=@{hr)2O&-wm-NyjW7n~Zs9UlH;P7iP3
zI}S(r0YFVYacnKH(+{*)Tbw)@;6>%=&Th=+Z6NHo_tR|JCI8TJiXv2N7ei7M^Q+RM
z?9o`meH$5Yi;@9XaNR#jIK^&{N|DYNNbtdb)XW1Lv2k{E>;?F`#Pq|&_;gm~&~Zc9
zf+6ZE%{x4|{YdtE?a^gKyzr}dA>OxQv+pq|@IXL%WS0CiX!V<r8QLM#*MRM`MfrL^
z$oozeKu(Nq#u9g*IQ%|9o}%#$^xUC(KN(HGggqLu?YF|WP9UQsZcqciD65u58u(o>
zm$fCePA%lU{%pTKD7|5NJHeXg=I0jL@$tOF@K*MI$)f?om)D63K*M|r`gb9edD1~Y
zc|w7N)Y%do7=0{RC|AziW7#am$)9jciRJ?IWl9PE{G3U+$%FcyKs_0Cgq`=K3@ttV
z9g;M!3z~f_?P%y3-ph%vBM<NK?r_G3UHy@sF~h!`(w;SXKRHdJ%HcvAvAAT4Qk5qo
zMgavqbI6bm$F8YQRbu-Q60TKKDjBrG#E!{k)-_O9;f|9i`Bf)1frR1W)S8zwM~^w3
zgTV=3ki=7ABU#jjo~7zOCe&Y02bU{vhUnu>eS@p7P&Ea8M@97+%XEj*(1E6vHj==d
zjsoviB>j^$_^OI_DEPvFkVo(BGRo%cJeD){6Uckei=~1}>sp299|IRjhXe)%?uP0I
zF5+>?0#Ye}T^Y$u_rc4=lPcq4K^D(TZG-w30-YiEM=dcK+4#o*>lJ8&JLi+3UcpZk
z!^?95S^C0ja^jwP`|{<+3cBVo<?ZqT?*63G^-kLfa79`_!t|3XN?#4oHPT!4lKDlS
z&|`dJ%anWz)cD{Izk)|S%W;K%rEUv+1C{y)t{{-Ax56UAAwT>g$(mRdQmadS+Vh~z
zS@|P}=|z3P6uS+&@QsMp0no9Od&27O&14zHXGAOEy<!&qoA;BoYe5Gd6XaoKZz3O>
zh~OKpymK5C%;LLb467@KgIiVwYbYd6wFxI{0-~MOGf<ue$0Kq0FKpj=H%&N{0wz|#
zv3H@VVff^)dR)T~U^4qB#5GIMnxWTKM_`%1WhbW1RX5wx$kbFST`O+(C#(QYZ1qYr
zH@an#>Tq$nBTB!{SrW<fHPfZ<Irz+G=%+OcFrK=FGzu_OrmZYz+$?F}3ABX2OV4Ts
zsD|%iq->mL9H<Tr^2xz>s}C&l&l#m?s*{tA?BHS4mVKHAVMqm63H<|c5n0~k)-kbg
zXidai&9ZUy0~WFYYKT;oe~rytRk?)r8bptITsWj(@HLI;@=v5|XUnSls7$uaxFRL+
zRVMGuL3w}NbV1`^=Pw*0?>bm8+xfeY(1PikW*PB>>Tq(FR`91N0c2&>lL2sZo5=VD
zQY{>7dh_TX98L2)n{2OV=T10~*YzX27i2Q7W<Ntl33%|cp7@_XQ%`!?JFZGy3th+(
z9`69=1diKn`u=0X>86M4$?gZIXZaBq#sA*{PH8){|GUi;oM>e?ua7eF4WFuFYZSG|
zze?srg|5Ti8Og{<A|-y4P^Vw-HZz`B)6iIj60J8RmoI9z56$O?KklBRh#A8wwXksP
zIQ{KLcY4jo=L=|_hbacrV%Qq6!Kf@BT^Q2N;#Sl~J=F}P(ian;6LK=Pia-a<t*`EG
zsvh#5MX1PG_H?pP{~kcN#Yl5&$-{v%{fm#~)VR&aYV*QjB+l!bVIL2ZIK*(o)mg>O
zeFx<XJQO~(UxB;12D)?%fz2kHQ0)}w{#l!~t+-NWg^{L<(tn&kN>uw9!U+zhyk?@w
zjsA6(oKD=Ka;A>Ca)oPORxK+kxH#O@<!C?nm{!PyX#FIJ5Fce^7Glx51z4q!IF-9T
z(}u{s9F?k?->zhC!!XS4@=swnuMk>t+JmLmFiE^1aX3f<)D@`%K0FGK^gg1a1j>zi
z2KhV>sjU7AX3F$SEqrXSC}fRx64GDoc%!u2Yag68Lw@w9v;xOONf@o)Lc|Uh3<2<E
zaTlN?EK~WL>1ctTYu-mFZuHk*+R{GjXHIGq3p)tFtQp%TYqD=j1&y)>@zxoxUJ!G@
zgI0XKmP6MNzw>n<q>RxK$-Gbzs}dyfFzt>#5;f6oR27ql!%+{tr+(`(>%51|k`ML}
zY4eE)Lxq|JMas(;JibNQds1bUB&r}ydMQXBY4x(^&fY_&LlQC)3hylc$~8&~|06-D
z#T+%66rYbHX%^KuqJED_wuGB+=h`nWA!>1n0)3wZrBG3%`b^Ozv6__dNa@%V14|!D
zQ?o$z5u0^8`giv%qE!B<jmp7|q6krbi_G>zZ!3j;BlDlJDk)h@9{nSQeEk!z9RGW)
z${RSF3phEM*ce*>Xdp}585vj$|40=&S{S-GTiE?Op*vY&Lvr9}BO$XWy80IF+6@%n
z5*2ueT_g@ofP#u5pxb7n*fv^Xtt7&?SRc{*2Ka-*!BuOpf}neHGCiHy$@Ka1^Dint
z;DkmIL$-e)rj4o2WQV%Gy;Xg(_Bh#qeOsTM2f@KEe~4kJ8kNLQ+;(!j^b<yk)2Ga*
z`Da!i<uGd>gJMcNhvklP5Z6I+9Fq@c&D~8Fb-4rmDT!MB5QC{Dsb;BharP*O;SF4&
zc$wj-7Oep7#$WZN!1nznc@Vb<_Dn%ga-O#J(l=OGB`dy=Sy&$(5<R7(thvp%XRU@s
zvD!RD|Ap4-iUR15Zc?p`W5PfYcwl?pqP=!?Ly8YQJV-_=LA<5F14$ueWH9bhJ%_)w
z7V5=v(sMJKH%(v>-n3zzu%d7E#^8`T@}V+5B;PP8J14#4cCPw-SQTdGa2gWL0*zKM
z#DfSXs_iWOMt<QB?xsXtvjwXo?shW#x+{vW<m&Lb0}Ev3ll-+Cv)H2yx72H2vfbao
z)&}#dlu-#QrCe#mI_dwQZ8aV{yR-kuQpUpp0FeFvxZ;1G7pk86VlScc8cAV!@aPt-
zLbAEaXYm_LG-m+FWTqvpGKKfn>)0*+Y>Lkd=LlyoHjublNLefhKBv@JoC>P7N1_#>
zv=mLWe96%EY;!ZGSQDbZ<UL<`wO?;KrMew|zF)HM0NF!*C)o2Xb2C86^s8tmic{Un
z9|@ov+&qEN=O7wL#??)8qe;19z|E|XhPC!>Wb#;tzqAGgx~uk+-$+2_8U`!ypbwXl
z^2E-FkM1?lY@yt8=J3%QK+xaZ6ok=-y%=KXCD^0r!5vUneW>95PzCkOPO*t}p$;->
ze5j-BLT_;)cZQzR2CEsm@rU7GZfFtdp*a|g4wDr%8?2QkIGasRfDWT-Dvy*U{?IHT
z*}wGnzdlSptl#ZF^sf)KT|BJs&kLG91^A6ls{CzFprZ6-Y!V0Xysh%9p%iMd7HLsS
zN+^Un$<a&ma`v<=_o?VGrwUGJw=O>tDV)T@i!v?3o0Fsx2qI(AX_$dDkBzQ@fRM%n
zRXk6hb9Py#JXUs+7)w@eo;g%QQ95Yq!K_<hHRNS7N*hWtqjDKgW@A%kX02U4KOU=O
zvdAz#;kT}}XkJ!QzU;bHk8JAq+{_%?pw^sYL|x|PeydT9?IGU9Y51^30i-q1#6m%s
zrcB|gv?mw<4R{=sU0@i6UC;{u0I&8wO=u?6r+b>d=z{0dGS+pToEI6=Bo8+{k$7&Z
zo4>PH(`ce8E-Ps&uv`NQ;U$%t;w~|@E3WVOCi~R4oj5wP?%<*1C%}Jq%a^q~T7u>K
zML5AKfQDv6>PuT`{SrKHRAF+^&edg6+5R_#H?Lz3iGoWo#PCEd0DS;)2U({{X#zU^
zw_xv{4x7|t!S)>44J;KfA|DC?;uQ($l+5Vp7oeqf7{GBF9356nx|&B~gs+@N^gSdd
zvb*>&W)|u#F{Z_b`f#GV<S^Bd2~Pyg*5%eHlTUz}@u5PV*7l^~{G24{Qqrx`@++o~
ztboMW3urCbjTB~&;i*a|(eC0qz31>tQ`pYv3#||N{xj1NgB<#=Odt6{eB%#9RLt5v
zIi|0u70`#ai}9fJjKv7dE!9ZrOIX!3{$z_K5FBd-Kp-&e4(J$LD-)NMTp^_pB`RT;
zftVVlK2g@+1Ahv2$D){@Y#cL#dUj<nH(n~Edj4!|Skt}P+Crb$TxBzD_v2O|_fXDf
zyOhDlptC3q?wEW8BD4DYDy}&OXN4=Gin3Clovb(?fZbl&a4@HKR2*IMYDM~#=eox}
zr@@VgW<o#eD*<OYTh-Dp*Y9Q~ulW+qlsH#Z{CRf%{8T(JHO1!sg=2L#MeC>9*&%#6
zd2m9{1NYp>)6=oAvqdCn5#cx{AJ%S8skUgMglu2*IAtd+z1>B&`MuEAS(D(<6X#Lj
z?f4CFx$)M&$=7*>9v1ER4b6!SIz-m0e{o0BfkySREchp?WdVPpQCh!q$t>?rL!&Jg
zd#heM;&~A}VEm8Dvy&P|J*eAV&w!&Nx6HFV&B8jJFVTmgLaswn!cx$&%JbTsloz!3
zMEz1d`k==`Ueub_JAy_&`!ogbwx27^ZXgFNAbx=g_I~5nO^r)}&myw~+yY*cJl4$I
znNJ32M&K=0(2Dj_>@39`3=FX!v3nZHno_@q^!y}%(yw0PqOo=);6Y@&ylVe>nMOZ~
zd>j#QQSBn3oaWd;qy<AH3+eYXyF}9Xqs&`j)Js;7`deezzO@(if{@wtUbaD%FKTU}
z5w@ZwEG`RDwK>$&5(5H$Ayi)0haAYO6TH<z?6tyk$+6-5SvI&DI1q3_)(4fdZ5Se9
zBbX2Qt9$@_(SU-uL9$`(89L9b^PH`sRc(S;t{a+9w+wmDT>>FR?rhqHmNOO+(})NB
zLI@B@v0)eq!ug`>G<@htRlp3n!EpU|n+G+AvXFrWSUsLMBfL*ZB`CRsIVHNTR&b?K
zxBg<HRwQH-Pd9_*;+0`Ns@&d6=NP#dv8(oIe;Q1jESZF+juys7ECR&=R-98_-67uO
z3$~aVQBexDk*n5GG0IbgeygBsp6J9Ak`^z@J>sN0BjfB>UVcJ|x%=-zb%OV7lmZc&
zxiupadZVF7)6QuhoY;;FK2b*qL0J-Rn-8!X4ZY$-ZSUXV5DFd7`T41c(#lAeLMoeT
z4%g655v@7AqT!i@)Edt5JMbN(=Q-6{=L4iG8RA%}w;&pKmtWvI4?G9pVRp|RTw`g0
zD5c12B&A2&P6Ng~8WM2eIW<Jfbv|J{U>=wxd?r7A*N+&!Be7PX3s|7~z=APxm=A?5
z<Ct?-npDR`F>t>xB4WG|*Td@VX{Rs)PV0|yK`oI3^xn(4c_j&vgxk_Y3o(-`_5o`V
zRTghg6%l@(qodXN;dB#+OKJEEvhfcnc#BeO2|E(5df-!fKDZ!%9!^BJ_4)9P+9Dq5
zK1=(v?KmIp34r?z{NEWnLB3Px{XYwy-akun4F7xTRr2^zeYW{gcK9)>aJDdU5;w5@
zak=<+-PLH-|04pelTb%ULpuuuJC7DgyT@D|p{!V!0v3KpDnRjANN12q6SUR3mb9<-
z>2r~IApQGhst<D{{Vf5G$!J9FyJ-E-*A*EoNl_C#=MT@p=Xle}_jo(=^L>Z!3*?5V
z8#)hJ0TdZ<kpQa~V_Tj9(@ze|2#~^ENp?G7Jt@Eflo`qt*qnbcmXouacBm8O7C@Os
z{Du2beNd5?Za)HL!ZE%zpwg!kyVuKIF9N=(m23`w*$5>g0M-BK#nGFP>$i=qk82DO
z7h;Ft!D5E15OgW)&%lej*?^1~2=*Z5$2VX>V{x8SC+{i10BbtUk9@I#Vi&hX)q<DD
zB<)Sw)<~oUy)n6wE>Q!LwySI{Bnv%Sm)yh{^sSVJ8&h_D-BJ_YZe5eCaAWU9b$O2c
z$T|{vWVRtOL!xC0DTc(Qbe`ItNtt5hr<)VijD0{U;T#bUEp381_y`%ZIav?kuY<v6
zX67v2C6cbIOG)5k!|qC-WsWgOfACm-q$QibFt!z9&vuM4Ra<@t5?aicE~iV+3AvjG
zIg1RVRV7=ipka+$YiU^iebt34R#X_ZP(5j+8#<1x%dt8dn8LWW*;+`tjJbED5GP+(
z;WzH$-`*O}!b)z&?E7%4&3EtV-<sTj?CD<=L+<P?A5!5CSPGi)w4A<JPgzq;6rR*O
zXNdyY$eTaKl$~z~drmdabQ@3giDtf2>G{iyYdEBPW=*xNSc;Rlt6~F4M`5G+VtOjc
z*0qGzCb@gME5udTjJA-9O<&TWd~}ysBd(eVT1-H82-doyH9RST)|+Pb{o*;$j9Tjs
zhU!IlsPsj8=(x3bAKJTopW3^6AKROHR^7wZ185wJGVhA~hEc|LP;k7NEz-@4p5o}F
z`AD6naG3(n=NF9HTH81=F+Q|JOz$7wm9I<+#BSmB@o_cLt2GkW9|?7mM;r!JZp89l
zbo!Hp8=n!XH1{GwaDU+k)pGp`C|cXkCU5%vcH)+v@0eK>%7gWxmuMu9YLlChA|_D@
zi#5zovN_!a-0?~pUV-Rj*1P)KwdU-LguR>YM&*Nen+ln8Q$?WFCJg%DY%K}2!!1FE
zDv-A%Cbwo^p(lzac&_TZ-l#9kq`mhLcY3h9ZTUVCM(Ad&=EriQY5{jJv<5K&g|*Lk
zgV%ILnf1%8V2B0E&;Sp4sYbYOvvMebLwYwzkRQ#F8GpTQq#uv=J`uaSJ34OW<hi?`
zP14gpnLmL&7H`p4L%8;nC1<^Sv9p;w<Wt?|_#g6*20U1pM3nHRfS>ITeSGo6+-8Xw
znCk*n{kdDEi)Hi&u^)~cs@iyCkFWB2SWZU|Uc%^43ZIZQ-vWNExCCtDW<BUzywAz*
z=(vxHv4d&65KOllAq-#$@U{@M^Tie>jqHs;;tWf$v{}0{p0Rvxkq``)*>+Akq%|Na
zA`@~-Vfe|+(AIlqru+7Ceh4nsVmO9p9jc8}HX^W&ViBDXT+uXbT#R#idPn&L>+#b6
zflC-4C5-X;kUnR~L>PSLh*gvL68}RBsu#2l`s_9KjUWRhiqF`j)`y`2`YU(>3bdBj
z?>iyjEhe-~$^I5!nn%B6Wh+I`FvLNv<KrLHuL|CB_`07?lkcY;`F}7N|9w?h$j;W(
z!pz0d;6Gc;=tP?z1|!0VS^mTNfuvL}h&K?b1^iwS6ciDpxQaBY5Gc}49BtNL@wSAH
zN-`fR84|MY8{n7xC}ub4B$LcEGUf*6``pjVtH+rgy&k|kpb4%YlJ~9w&{2Xuzeu1M
zq`UMUPdX@*+$axeLs?$}*bD{+cnrR~Y#}m-O=_R~Wti_#iWT_s(=ymH^VTEl)dozx
zf?Q;WOl1sf3*~dyaUWrzpj(B{DD^$`<1{1iWu+66OaaANG(C3>auve~eX<+Ipl&04
zT}};W&1a3%W?dJ2=N#0t?e+aK+%t}5q%jSLvp3jZ%?&F}nOOWr>+{GFIa%wO_2`et
z=JzoRR~}iKuuR+azPI8;Gf9)z3kyA4EIOSl!sRR$DlW}0>&?Gb<F6G*f~S_Xmd?&<
zcTp7FM31gIFJU_kMTKVvYfdLV&qNi%10o_cXO}T8c0JA~S7IvYJW{2Mc@QfYQPg<B
zM^$g#zoTZ3_m+CrHFauLo}15?s=HP)?JB{H_0#&&1l#xC0PUJEil&(!l3&4$4Oabl
z(t*+m#j)cGDV4roRR~6gh^^UTE<ORsZfX<yztwQw%!x#Q2cf-H-Ei*R_oEBu0*M}r
zaR*fDOfo;PPv!PbT7OdxPFjDUG&0BrIox?s;EQMl0XBMs85AAF!I(xegz)j_*&}F&
zVxM4&whWS?c~-!t@$rAV{-U7+LEraxy0yVT-$%W;DztTaLwSHk;hmJtJCfzd$8ZUU
zM49WF9Y$VtKqVmyl%^86>gPojmj<IO9KHY)gcrh=qY_}jG!}())PpS;BXBA!e*hSR
zilZbQ&4Xd81)(e#05gdbS)_Rc7=w(fM<O8%<WUPqvy2OZsgKBL!XxkiWU2;{7$;C6
z9R+3;R|H$*pUT7|00m@1wlw|z2Pi1^Q3j9tQwHGtFdr%Y_fp{BLtn(*#K`48rPtM-
zeUXnbzjJ6`4-eFtz^q{qhyCKLVL%|Li&oS2mxY?F!w9Q6rOe*>mnln;cTqCt=ADbE
zZ8GAnoM+S1(5$i8^O4t`ue;vO4i}z0wz-QEIVe5_u03;}-!G1NyY8;h^}y;tzY}i5
zqQr#Ur3Fy8sSa$Q0ys+f`!`+>9WbvU_I`Sj;$4{S>O3?#inLHCrtLy~!s#WXV=oVP
zeE93*Nc`PBi4q@%Ao$x4lw9vLHM!6mn3-b_cebF|n-2vt-zYVF_&sDE--J-P;2WHo
z+@n2areE0o$LjvjlV2X7ZU@j+`{*8zq`JR3gKF#EW|#+{nMyo-a>nFFTg&vhyT=b}
zDa8+v0(Dgx0yRL@ZXOYIlV<CBxH&myw-{Mgw|3Z>SZ0|MFizy0VPW8;AfA5|pe!#j
zX}Py^8fl5SyS4g1WSKKtnyP+_PoOwMMw<ZOz9;D51vwfT?(7P{J9uC+df4xbrr2zV
zB?xsPrQn{*Mv;KOgSS&5@+LuXkea1)Zq>u`(i@Z)diJp~U54*-miOchy7Z35eL>^M
z4p<-aIxH4VUZgS783@H%M7P9hX>t{|<kmOhY+3PLOlAj^>RU7$n4T(brCG#h9e9p!
z+o`i;EGGq3&pF;~5V~eBD}lC)>if$w%Vf}AFxGqO88|ApfHf&Bvu+xdG)@vuF}Yvk
z)o;~k-%+0K0g+L`Wal<EEr#pT9&cB!85zTR)doGHYQA;Y4iG{j=~O<Gh^(9@<v8&o
z)RDtDdQW7hx3ZX>a!$=ZV|z$e%>f0%XoLib%)!R^RoS+{!#X?h-<kGFCJU+*P>6uu
zF&&KxORdZU&EwQFITIRLo(7TA3W}y6X{?Y%y2j0It!ekU#<)$qghZtpcS>L3uh`Uj
z7GY;6f$9qKynP#oS3$$a{p^{D+0oJQ71`1?OAn_m8)UGZmj3l*ZI)`V-a>MKGGFG<
z&^jg#Ok%(hhm>hSrZ5;Qga4u(?^i>GiW_j9%_7M>j(^|Om$#{k+^*UL<NK}BVp#gd
zBD%KcbS)b{|CXjYx_P3_eGPFMMz1_Nk540?Us_HPBMy;cERLy0SxfOpX5xzV&cl#)
zt&&6pjk~F}sDOyA9s+XeyTf%9%I=S3nCcDp2Af;QpT#R>nEgzW_1gCICtAD^WpC`A
z{9&DXkG#01Xo)U$OC(L5Y$DQ|Q4C6CjUKk1UkPj$nXH##J{c8e#K|&{mA*;b$r0E4
zUNo0jthwA(c&N1l=PEe8Rw_8cEl|-eya9z&H3#n`B$t#+aJ03RFMzrV@gowbe8v(c
zIFM60^0&lCFO10NU4w@|61xiZ4CVXeaKjd;d?sv<gv6;u6elr3xr~p;CLrK1=+ZBw
z$Y<W|q#kt(G{*D&Qkw-trQSG}>52XM*lS8XiVjgWpRB;&U_C0g+`6B5V&w|O6B*_q
zsATxL!M}+$He)1eOWECce#eS@2n^xhlB4<_Nn?yCVEQWDs(r`|@2GqLe<#(|&P0U?
z$7V5IgpWf09uIf_RazRwC?qEqRaHyL?iiS05UiGesJy%^>-C{{ypTBI&B0-iUYhk>
zIk<5xpsuV@g|z(AZD+C-;A!fTG=df1=<%nxy(a(IS+U{ME4ZbDEBtcD_3V=icT6*_
z)>|J<Y(kIYsG`z6gyX&}qOiN*?9OL086m5X{hq6Ig4#W@iNENBRsw2^%kU7#L2|pp
zfdZ~o%7N|AM$3+2Q82nCBw2dK>?>&6%nvHhZERBtjK+s4xnut*@>G<VN!iYC0JC0F
z7C4lQZ~9^GNSctWumcZ#1X037wz24bZkA{*jo3r`%UXDS^K_+8hV8{gw8t#vVSJ;%
z9c?Ez0!rvl#uwpap|4<*d9UuKSjWn24OFIi&rE}!=sVnu59lQ~@4HIl&h;AmLia?2
zUL-?{m1bz0QDnL&$JD)qE4*iTL#%6dSw8A41Gt4doXWr-`$rleCkVKi0#mfRM!)mY
zIRoubkmw30NIQhtCJYLo7$LOA<y9EL8N*i`%g_PIUD8SHni$er{_LTTN*Wqfx<buS
zb$(_9;wX-c*`xTSvy6C@PDNyy2YoKV;`dWQKiLwa26g^kXh`=t6PlPNT~Q9So~U*X
z3nx6eVXazyi3=nJQw6@jVna;b;RTqKnF0f_=;<}6<0^@)YUgQHPBXXoP$FjaOB^=t
zP%99lNT=pyPA&53Wj%hQT>AmA5m*OTp$!^CHTr}vM4n(X1Q*;{e-Rd2BCF-u@1ZGm
z!S8hJ6L=Gl4T_SDa7Xx|-{4mxveJg=ctf`BJ*fy!yF6Dz&?w(Q_6B}WQVtNI!BVBC
zKfX<>7vd6C96}XAQmF-Jd?1Q4eTfRB3q7hCh0f!(JkdWT5<{iAE#dKy*Jxq&3a1@~
z8C||Dn2mFNyrUV|<-)C^_y7@8c2Fz+2jrae9deBDu;U}tJ{^xAdxCD248(k;dCJ%o
z`y3sADe>U%s<JWQeHbE;y_*tD>uxwwv~8A1+R$VB=Q?%U?4joI$um;aH+eCrBqpn-
z%79D_7rb;R-;-9RTrwi9dPlg8&@tfWhhZ(Vx<DUpdj8XcHW`q{6yqiIzcmGmhsxE(
z@-zez1_>&1PQ+6(huX`;M9x~LrW~~#3{j0Bh2kDU$}@!fFQej4VGkJv?M4rU^x!RU
zEwhu$!CA_iDjFjrJa`aocySDX16?~;+wgav;}Zut6Mg%C4><PTsD!{kIiIRy9=1Aw
zY;M8Eqj=FH#bx<r<6@cBrQ0UMw6e8^v|*8L6vZKlp_PoKF*td|-B1-bh(bXl;KGoy
ze|2jEKeeu5MGO@KpjsEha>}8FL?8)Kgwc(Qlj{@#2Pt0?G`$h7<q&K~4OS{ORv@L7
z>P#M+qoXtlV@d}%c&OzO+QYKK`kyXaK{U(O^2DyIXCZlNQjt0^8~8JzNGrIxhj}}M
z&~QZlbx%t;MJ(Vux;2tgNKGlAqphLq%pd}JG9uoVHUo?|hN{pLQ6Em%r*+7t^<);X
zm~6=qChlNAVXNN*Sow->*4;}T;l;D1I-5T{Bif@4_}=>l`tK;qqDdt5zvisCKhMAH
z#r}`)7VW?LZqfdmXQ%zo5bJ00{Xb9^YKrk0Nf|oIW*K@(=`o2Vndz}ZDyk{!u}PVx
zzd--+_WC*U{~DH3{?GI64IB+@On&@9X>EUAo&L+G{L^dozaI4C3G#2wr~hseW@K&g
zKWs{uHu-9Je!3;4pE>eBltKUXb^*hG8I&413)$J&{D4N%7PcloU6bn%jPxJyQL?g*
z9g+YFFEDiE`8rW^laCNzQmi7CTnPfwyg3VDHRAl>h=In6jeaVOP@!-CP60j3+#vpL
zEYmh_oP0{-gTe7Or`L6x)6w?77QVi~<VDx`fw;L`VTJ3A_($%0y%60sa5-^3a6v=d
zmmak>jD8lWN@3RHcm80iV%M1A!+Y6iHM)05iC64tb$X2lV_%Txk@0l^hZqi^%Z?#-
zE;LE0uFx)R08_S-#(wC=dS&}vj6P4>5ZWjhthP=*Hht&TdLtKDR;rXEX4*z0h74FA
zMCINqrh3Vq;s%3MC1YL`{WjIAPk<IG3Wg4CtfDQ*vr2eaPwC^O8I68!!&nV4u+r_F
z?Axith|qN&KZ99L>VL#3rj^9Pj9Ss7>7duy!9H0vYF%>1jh)EPqvlr6h%R%CxDsk|
z!BACz7E%j?bm=pH6Eaw{+suniuY7C9Ut~1cWfOX9KW9=H><&kQlinPV3h9R>3nJvK
z4L9(DRM=x;R&d#a@oFY7mB|m8h4692U5eYfcw|QKwqRsshN(q^v$4$)HgPpAJDJ`I
zkqj<O$?%~S@(l(Nhxp_sGA`$A%xJ7kG%+@Mg|5Rt6m|$*ZUs_O&tJj;*GHA8ccUky
ztdHVq5%mDvVz0+qo6-yO?&N>q(8Cd!K!+wCd=d@w%~e$=gdUgD&wj$LQ1r>-E=O@c
ze+Z$x{>6(JA-fNVr)X;*)40Eym1TtUZI1Pwwx1hUi+G1Jlk~vCYeXMNYtr)1?qwyg
zsX_e*$h?380O0<gk^3K^_@6N5|2rtFRkhT9jP1T;nZ|k<{vtt&=cCpw1{DoTNi|6*
zNR~&3M3w}sVsT4{Fd&%jPlD{py<BN_zia9hI9Ip7U3}jPq_+H)r9(in7-!PpJihq-
zw0+F|?s|8=Bj*cv!`7|95cO>0ou?0R@7-Fc59o$UvyVs4cUbujHUA>sH!}L54>`e`
zHUx#Q+Hn&Og#YVOuo*niy*GU3rH;%f``nk#NN5-xrZ34NeH$l`4@t);4(+0|Z#I>Y
z)~Kzs#exIAaf--65L0U<!Yaeav3)qH(`Lb>HT_SvV8O2WYeD>Mq^Y6L!Xu8%vnp<f
zF-ML?EA-QLj_KdFHPDT9@{&CgOfV=>ofG@w!}R7M28?i1*T&zp3X4^OMCY6(Dg<-!
zXmcGQrRgHXGYre7GfTJ)rhl|rs%abKT_Nt24_Q``XH{88NVPW+`x4ZdrMuO0iZ0g`
z%p}y};~T5gbb9SeL8BSc`SO#ixC$@QhXxZ=B}L`tP}&k?1oSPS=4%{UOHe0<_XWln
zwbl5cn(j-qK`)vGHY5B5C|QZd5)W7c@{bNVXqJ!<MH|d3P$j9&VqkPfJu|wcu=-=7
zLO~2}`PnP-On3_NOs4{hJ&4M7x*M^%g^_s4zus|ykus<=xkIi<3#(~DK73KtIuaza
zq3Ok{j4$g8v7e>!n$^ufc?N9C-BF2QK1(kv++h!>$QbAjq)_b$$PcJdV+F7hz0Hu@
zqj+}m0qn{t^tD3DfBb~0B36|Q`bs*xs|$i^G4uNUEBl4g;op-;Wl~iThgga?+dL7s
zUP(8lMO?g{GcYpDS{NM!UA8Hco?#}eNEioRBHy4`mq!Pd-9@-97|k$hpEX>xoX+dY
zDr$wfm^P&}Wu{!%?)U_(%Mn79$(ywvu*kJ9r4u|MyYLI_67U7%6Gd_vb##Nerf@>&
z8W11z$$~xEZt$dPG}+*IZky+os5Ju2eRi;1=rUEeIn>t-AzC_IGM-<V%6qUamagiO
zojXi&7L8*IWlJ}@8}`JxyIBN$u|oRzm@w!)u;`JJ^U^Jm{ZDgyeTstN3t7NGnWGqQ
z+EIa8gC_h)Zo3JN!q<7m%o03s)htD&NG?lXEop9Gx?#VaLBB3SgcFmh3F=U430hIe
z6>IXWK3^6QNU+2pe=MBn4I*R@A%-iLD<B3fBYdI`-^xCP#WQb@1Qb6Wc1|7$rrI$0
zS^}=1l87G|X!N)P#&2-ZEFApzIK5kn5Gfb61a_<ma9;3$9f;mz8FokB;4w(Y@!^ya
zu;TjxPaQyO7n{FcIlqEr<3P?P4i)3rOGc5I4};xC;qQa&0^@jzv_HUBAQxZ^AEFm5
zBTlS@?>COHTE-O^wo$sL_h{dcPl=^muAQb`_BRm};=cy{qSkui;`WSsj9%c^+bIDQ
z0`_?KX0<-=o!t{u(Ln)v><gH1Bl$-3LHEdi^mWSpxtdQaHDvah(~iGD|9egFyL#F~
z?1$GP^^-sUm)!YZ{+<LJ&0K7L{O*24r%mkt6Kzb6pOOS-L<yFAV=ioJ*0iBM>%VGL
z0pC=GB7*AQ?N7N{ut*a%MH-tdtNmNC+Yf$|KS)BW(g<Pdkm%)j?It(+K5~xj$IK!{
zp+6C1gYJS33v`?Xo$~~77W&2eyGU19<m6FlNMw~43kikpZyKWVZ@N_*wAeJPS%sqH
z40>QJ*z$d{+{j?(e&hgTy^2|AR9vx1Xre2fagGv0YXWqtNkg*v%40v?BJBt|f9wX5
z{QTlCM}b-0{mV?IG>TW_BdviUKhtosrBqdfq&Frdz>cF~yK{P@(w{Vr7z2qKFwLhc
zQuogKO@~YwyS9%+d-zD7mJG~@?EFJLSn!a&mhE5$_4xBl&6QHMzL?CdzEnC~C3$X@
zvY!{_GR06ep5;<#cKCSJ%srxX=+pn?ywDwtJ2{TV;0DKBO2t++B(tIO4)Wh`rD13P
z4fE$#%zkd=UzOB<aY_AGMe|>7<sX$yw1SM(554I3!t(H9Z3X!Z5et+k4_h&Thynx!
ziTh5;c|GaYsH@W32G0xdhr&KvFp@Nsj=Jm7RQGd8dhSlG9l$e(+pLSdq<w-kZ7W-l
z4}DfW=)F=&(6?c$=|K`W>4gi=-*CuID&Z3zI^-`4<B}t|X$V`AU_-K%EPFL_9twl_
zImK{&j6sLpH7WP2;B>U^S?dHxK8fP*;fE|a(KYMgMUo`T<LMf=xb>HIS1f!*6dOI2
zFjC3<eBkTsS?s~jirYF@Nrja2AilB1Grgok(Q{J!-yMdCbS>O=-AL`<v=HnY;qaP=
z%r%pyN;W|G{!13k5HgL{&1MZLLmT$ii@iPy4pvmSTAaNGh_&&=IOx}7|G?LkOre&5
ze$)ZX{wLMvAK$Ose+l($RV_DU6^yOKl5CcA-LOWBeC<Ob3qkCr#=PoHO}Zi7*=4i{
zhy`P5@RD?fbbG{Ww-4~nmy*sK0y=*cjfuaB@ZGQIADDEhtuw}4>6=9pp;`CYPTdVX
z8(*?V&%QoipuH0>WKlL8<OkjufLT@|_$itWfOgQQ1sL1my9jh5H&Aqu0?B`H1h6nM
zGosuE%;~qrp)5qiJt5TkvuY!P5&J7R#=`qhgmgE%$-tyU1wv>A*zTKckD!paN@~hh
zmXzm~qZhMGV<pYA7aBO1=rl8ewvtPYii`7)>dQGd=AG8&20HW0RGV8X{$9LldFZYm
zE?}`Q3i?xJRz43S?VFMmqRyvWaS#(~Lempg9nTM$EFDP(Gzx#$r)W&lpFKqc<y(GB
zQ)iBAS`N=DS_sKSXI55P(lHkwH)@Q89oTUc{-vd@Ue^>AoJh-AxEw$-bjW>`_+gEi
z2w`99#UbFZGiQjS8kj~@PGqpsPX`T{YO<m!OQBo2H4HfqK(14BF?XJ?$*LTUG|=XE
z%mXZ(W0fCU1)eodty#XEHD<Wgj8lxa(h;^9fW-UTt2UUeP&QC*>j`CaEqTFag;$jY
z8_{Wzz>HXx&G*Dx<5skhpETxIdhKH?DtY@b9l8$l?UkM#J-Snmts7bd7xayKTFJ(u
zyAT&@6cAYcs{PBfpqZa%sxhJ5nSZBPji?Zlf&}#L?t)vC4X5VLp%~fz2Sx<*oN<7`
z?ge=k<=X7r<~F7Tvp9#HB{!mA!QWBOf%EiSJ6KIF8QZNjg&x~-%e*tflL(ji_S^sO
ztmib1rp09uon}RcsFi#k)oLs@$?vs(i>5k3YN%$T(5Or(TZ5JW9mA6mIMD08=749$
z!d+l*iu{Il7^Yu}H;lgw=En1sJpCKPSqTCHy4(f&NPelr31^*l%KHq^QE>z>Ks_bH
zjbD?({~8Din7IvZeJ>8Ey=e;I?thpzD=zE5UHeO|neioJwG;IyLk?xOz(yO&0DTU~
z^#)xcs|s>Flgmp;SmYJ4g(|HMu3v7#<SE)AQQ4Qptn#EiMmi^p+Ei-7DkP+HtEnTf
z=ihEK*Qz1Ztg&vmf~iSIJvy;UM*1)`@_lXyy`^7!LwVESw8;X~PDDY`x##uAQg`Ks
z=exD#_B;<%p^vKWmo{iCKEmMLveyeSGEVy6BOKJM`)TA4((F&!tIH99l|b!Je=-ox
zTnV0#B=>;c*Aa8iF#UZo7CvDq4>8#qLJ|YdZ!AsH%^_7N1IQjCro<P>K7UpUK$>l@
zw`1S}(D?mUXu_C{wupRS-jiX~w=Uqqhf|Vb3Cm9L=<ElBA0am3@5~_j4>T+w91Cu^
z*&Ty%sN?x*h~mJc4g~k{xD4ZmF%FXZNC;oVDwLZ_WvrnzY|{v8hc1nmx4^<U$9gKZ
zXD;2On@pVz(zumYHw-cDICc(jj*0Lh@n}B_NB#b3S3Y`joU*Hg4D^tTlnR`X)wKiE
z<1(Wo3^4=KAZ|hOq%hItOAv2Yuv6FZW5>}Z;yriXsAf+Lp+OFLbR!&Ox?x<j>ABwl
zu8w&|5pCxmu#$?Cv2_-Vghl2LZ6m7}VLEfR5o2Ou$x02uA-%QB2$c(c1rH3R9hesc
zfpn#oqpbKuVsdfV#cv@5pV4^f_!WS+F>SV6N0JQ9E!T90EX((_{bSSFv9ld%I0&}9
zH&Jd4MEX1e0iqDtq~h?DBrxQX1iI0lIs<|kB$Yrh&cpeK0-^K%=FBsCBT46@h<vzQ
zR*F0_2h6Z11Y9Zzju}{_b;!1TT<IfdPup&BfzJrm?bo16`)8Tm1upGj;JDjh>#<Oy
z8t{(&!50W|bIsS-1avP5+*F7gID<ta6$a=EvLN_Gn#i|E*V;GvV|e9HOQ9zf{;k4c
z6E1|)o(`{GoSr=usmv~(8ivQq9h)k@J&LDI;_p0b!?ZsmFktoKIgcIE+yq!s*%$%)
z#ay6sWeCZZ>yi!AyDq1V(#V}^;{{V<B^hU0(%wtueKZDT`@J-_3mSLDBmaq~d|XD<
z7XM`Dzdz4EMpggFBJu`~KkDTFp@A11CGaoLc9C!MrY0!YzwKdGfx7t=5D@|7VVCk+
z^B@Uld)n>*@T4WJ&U-NTq43w=|K>z8%pr_nC>%C(Wa_l78Ufib$r8Od)IIN=u>417
z`Hl{9A$mI5A(;+-Q&$F&h-@;NR>Z<2U;Y21>>Z;s@0V@SbkMQQj%_;~+qTuQ?c|AV
zcWm3XZQHhP&R%QWarS%mJ!9R^&!_)*s(v+VR@I#QrAT}`17Y+l<`b-nvmDNW`De%y
zrwTZ9EJrj1AFA>B`1jYDow}~*dfPs}IZMO3=a{Fy#IOILc8F0;JS4x(k-NSpbN@qM
z`@aE_e}5{!$v3+qVs7u?sOV(y@1Os*Fgu`fCW9=G@F_#VQ%xf$hj0~wnnP0$hFI+@
zkQj~v#V>xn)u??YutKsX><O0LtJ*CTAYt%cbdwrkH)-u>pxKCl^p!C-o?+9;!Nug^
z{rP!|+KsP5%uF;ZCa5F;O^9TGac=<e#17!Ngq|n{jbexb$Js+_Pf5VvAs8ZxqWBs8
zB0&S13$r1<F)VBk$e5stmC}hMzOSHBA0t(kR!@rbH|QU6*IH0=h|_OeT6wpDmdv23
z34f|!XhwEd(Kkc%FUYK@H{gz+bBn7dd5Fl+jfYh}4;N_qJ7#NlT2O+)R4Pxe>M|=V
z_H(PfkV1rz4jl?gJ(ArXMyWT4y(86d3`$iI4^l9`vLdZkzpznSd5Ikfrs8qcSy&>z
zTIZgWZGXw0n9ibQxYWE@gI0(3#KA-dAdPcsL_|hg2@~C!VZDM}5;v_Nykfq!*@*Zf
zE_wVgx82GMDryKO{U{D>vSzSc%B~|cjDQrt5BN=Ugpsf8H8f1lR4SGo#hCuXPL;QQ
z#~<Fi-k$qL|7RVJ1Mm1Ag<$gB0(}Grl3S(KpYI)5f?u3vC7#V;7XHhGB(-?~L6q0H
z3n(8fq$!!dl{5-8`7Oj@C;&S?r8OD`wLCHxqX2ux!ard>b?C4MoepT3X`qdW2dNn&
z<Us;@%o6IHN`m_LE5@ycr7sZ5iN)2(z?4TB28{O!&JjxPf+H!xrjo)qWAjZifsc&}
zRUE<g)K;7gXjcN#UR5gfzb2nN2z_KhXjz-ToEUcM{^o{zAJg2QnR<7bsn(YUNIKF@
z%f>o8)K}%Lpu>0tQei+{<z4bzXqy$)s2?v=pRVAvTjJpopW)-K>>*VGErz|qjbK#9
zvtd8rcHplw%YyQCKR{kyo6fgg!)6tHUYT(L>B7er5)41iG`j$qe*kSh$fY!PehLcD
zWeKZHn<492B34*JUQh=CY1R~jT9Jt=k=jCU2=SL&&y5QI2uAG2?L8qd2U(^AW#{(x
zThSy=C#>k+QMo^7caQcpU?Qn}j-`s?1vXuzG#j8(A+RUAY})F@=r&F(8nI&HspAy4
z4>(M>hI9c7?DCW8rw6|23?qQMSq?*Vx?v30U%luBo)B-k2mkL)Ljk5xUha3pK>EEj
z@(;tH|M@xkuN?gsz;*bygizwYR!6=(Xgcg^>WlGtRYCozY<<HB2ZgQ)h*70uL|pZ2
z>rFX2E>kaZo)O<^J7a`MX8Pf`gBd4vrtD|qKn&B)C&wp0O-x*@-|m*0egT=-t@%dD
zgP2D+#WPptnc;_ugD6%zN}Z+X4=c61XNLb7L1gWd8;NHrBXwJ7s0ce#lWnnFUMTR&
z1_R9Fin4!d17d4jpKcfh?MKRxxQk$@)*hradH2$3)nyXep<KqaI3?gC#eK%i>5Z;B
z?yX+-Bd=TqO2!11?MDtG0n(*T^!CIiF@ZQymqq1wPM_X$Iu9-P=^}v7npvvPBu!d$
z7K?@CsA8H38+zjA@{;{kG)#AHME>Ix<711_iQ@WWMObXyVO)a&^qE1GqpP47Q|_AG
zP`(AD&r!V^MXQ^e+*n5~Lp9!B+#y3#f8J^5!iC@3Y@P`;FoUH{G*pj*q7MVV)29+j
z>BC`a|1@U_v%%o9VH_HsSnM`jZ-&CDvbiqDg)tQEnV>b%Ptm)T|1?TrpIl)Y$LnG_
zzKi5j2Fx^K^PG1=*?GhK;$(UCF-tM~^=Z*+Wp{FSuy7iHt9#4n(sUuH<I4zjuT^*g
zTOj)T0YzMUS}8lWAh=#M-<;W0su6sG+MC}XSqZj-`H_&HD?2Z|qE8QdIM(X#NffsX
zuwQ<4gm=;OFM%U76&;OT!|+5x?B#F>K??@v+6*|10Csdnyg9hAsC5_OrSL;jVkLlf
zHXIPukLqbhs~-*oa^gqgvtpgTk_7Gy<tuXYyQ=x)UZpuI%V@LXq4|I6hehHuRD*Qk
z+@3~62V_$Rc&ax*Fe`-_r5e~NV8Dh7^Qkc47_lIobqdmfrCP}{2YGKf1@Bh!U!R!l
zVh{a+_vh}x%?yACZT@@6M}$iwzkin{Cukrb?*D6_{O__PU~FPz|81A`Ki4JuH6?`4
zsEYmO+F8y*acunUpGD%Hp$-=5%jS}CI-%I;>pwH><53riYYL*M=Q@F-yEPLqQ&1Sc
zZB%w}T~RO|#jFjMWcKMZccxm-SL)s_ig?OC?y_~gLFj{n8D$J_Kw%{r0oB8?@dWzn
zB528d-wUBQzrrS<hDznyNCgL-qOb|p_nS%fSb5_Ze4V1&Bgk3Vp>SL<Uo&kY+&uyM
z)HW-LQUfYYW$q$nSg9;!DvA>q?fR!K%59Zv9J4yCQhhDGwhptpA5O5U?Hjqt>8nOD
zi{)0CI|&Gu%zunGI*XFZh(ix)q${jT8wnnzbBMPYVJc4HX*9d^mz|21$=R$J$(y7V
zo0dxdbX3N#=F$zjstTf*t8vL)2*{XH!+<2IJ1VVFa67|{?LP<VPiuN~9#0c!YR12a
zo;Lj{EKN(4nyG=Ui#tn@dJ(*;md5Ze)kd6mTF$dEZFv=nYr2Lr(==N%ad&FBajgz2
z6_^{6U)eu_=!Ix#bP)AA_tuIc?3=_Mq548F*;t3>&P41h$2i2;?N~RA30LV`BsUcj
zfO9#Pg1$t}7zpv#&)8`mis3~o+P(DxOMgz-V*(?wWaxi?R=NhtW}<#^Z?(BhSwyar
zG|A#Q7wh4OfK<|DAcl9THc-W4*>J4nTevsD%dkj`U~wSUCh15?_N@uMdF^Kw+{agk
zJ`im^wDqj`Ev)W3k3stasP`88-M0ZBs7;B6{-tSm3>I@_e-QfT?7|n0D~0RRqDb^G
zyHb=is;IwuQ&ITzL4KsP@Z`b$d%B0W<OzS}HhQ;U8}SDa=0^@=1zh?Ebwi(h3u<mG
zLDfZ57#t!A)c-~Y!O{*PdxzDz>uhioo1CWttW8yhsER1ZUZzA{F*K=wmi-sb#Ju+j
z-l@In^IKnb{bQG}Ps>+Vu_W#grNKNGto+yjA)<V{IjYd_d3*YH={C)J_}OyeI6i_H
zu|j9WcfZFU?Sgyac7umALud#l=-0F(fRl)O28qU<%HpKBh#im&8;uWW953cFj~Iy&
zlr`ZkkzG;HtUSI4CRZRj#8C;N*{hU?ezHzcM|gV*@iklj`$SU@402&viLPBGiWFL2
zQ6uyKx<>?>0?~X`4I3T@5G1)RqGUZuP^NJCq&^HykuYtMDD8qq+l8RcZNJsvN(10{
zQ1$XcGt}QH-U^WU!-wRR1d--{B$%vY{JLWIV%P<Wi12|;({s?oRC80?)@wj6UxV~n
zk2qyqDc_<v8oEujhH&m^Jq#Lrp)Z$Oj#rxlpUicHLpt@6dZF=U?wW~T_o?IN;ie!I
zV-bY1+kei0nc9KpW>4-KQuxxDeJaF#{eu&&r!3Qu{w}0f--8^H|KwE>)ORrcR+2Qf
zb})DRcH>k0zWK8@{RX}NYvTF;E~phK{+F;MkIP$)T$93Ba2R2TvKc>`D??#mv9wg$
zd~|-`Qx5LwwsZ2hb*Rt4S9dsF%Cny5<1fscy~)d;0m2r$f=83<->c~!GNyb!U)PA;
zq^!`@@)UaG)Ew(9V?5ZBq#c%dCWZrplmuM`o~TyHjAIMh0*#1{B>K4po-dx$Tk-Cq
z=WZDkP5x2W&Os`N8KiYHRH#UY*n|nvd<ovggige3u`1qGi1+Y8X!3s{W#*m=tX&CV
zNWQ(*z*>(U>yO=MFI-2BEp?x@=N<~CbLJBf6P)}vLS?xJXYJ2^<3KJUdrwKnJnTp{
zjIi|R=L7rn9b*D#Xxr4*R<3T5AuOS+#U8hNlfo&^9JO{VbH!v9^JbK=TCGR-5EWR@
zN8T-_I|&@<P6ysJp1u%bVccl?q?sU4Onn?IFII0`6;jp*_+1Vcjf$mX{%JA^!$Gkf
z>A}(hKeL4_*eb!1G8p~&_Im8|wc>Cdir+gg90n1dw?QaXcx6Op_W1r=axR<Rt0$d-
z&gdORS`9;Z%6j=d$PU%VL0xT-jF-dHo&#w}>w>4;rM*UOpT#Eb9xU1IiWo@h?|5uP
zka>-XW0Ikp@dIe;MN8B01a7+5V@h3WN{J=HJ*pe0uwQ3S&MyWFni47X32Q7SyCTNQ
z+sR!_9IZa5!&GTf&V$`q!%H8ci!a|RMx5}5MA_kr+bhtQy{-^)(hCVa@I!^TV4RBi
zAFa!Nsi3y37I5EK;0cqu|9MR<Vh>j<^r&h1lF}u0KpKQD^5Y+LvFEwM<n%Y4Ns0&r
z#Pgp7tfaM#i}k;d-@gi@qNBc}@xL(OgxbkB%Zc*U!8(yY_d_z4QrJ%DIL^_}pG(C;
zxV&Dt0*#6mW+VnKpUKH&)*t(_EhJ1#-d4~Kom-)N+kGAW3vl$z=E{EB!4#iw1#JGZ
zpZv7B?(+0N;`4s@&;+D$6BOaTPLlV-MY35`gn~5zS!mCgh|W$2sr@*jRa}74{|6)>
zLU@@v4_Na#Axy6tn3P%sD^5P#<7F;sd$f4a7L<t5V42bo`*JV+&3HWm9OI@30?%Oh
z5o+B(*v(C-H_!6}Lzhp-kE~j|H(u&BA@KX~k?60QV5NR)N2OJYIOG(f(FG`kmvdU7
zwM#zp&<w6$6785wBe4}t?5yT4MP5N47S8;*P_q6hn|Wj2S~%IPE(O9P2?RAKY>BMk
zGU^RZHBcxSA%kCx*eH&wgA?Qwazm8>9SCSz_!;MqY-QX<1@p$*T8lc?@`ikEqJ>#w
zcG``^CoFMAhdEXT9qt47g0IZkaU)4R7wkGs^Ax}usqJ5HfDYAV$!=6?>J6+Ha1I<5
z|6=9<InPN?WUE(MBZF{EDJ@lH!7KCH_7xC@JvfZL@&nc!7K2v>soU4>E))tW$<#>F
ziZ$6>K<f#VmS*<VCLk5Snrr-`d{Bp+A{=r<v#~0tw_zC-WYWg-s*<dPsHVYZm|7R#
z>Jf0bPfbx_)7-}tMINlc=}|H+$uX)mhC6-Hz+XZxsKd^b?RFB6et}O#+>Wmw9Ec9)
z{q}XFWp{3@qmyK*Jvzpyqv57LIR;hPXKsrh{G?&dRjF%Zt5<eso5q2Qq7|ChevXoo
zUUuocw%BMFdbc16MLS>&m20Ll?Oy<ul%w2Zua&zkQjQpssgWs#RKAL}6i`eHUzx7p
zSoNx{P@%ayUjixVqBLi(th$z4mR4dC*OaQENb9y_y<R>fUYC3WRn{cgQ?^V~UAv+5
z&_m#&nIwffgX1*Z2#5^Kl4DbE#NrD&Hi4|7SPqZ}(>_+JMz=s|k77aEL}<=0Zfb)a
z%F(*L3zCA<=xO)2U3B|pcTqDbBoFp>QyAEU(jMu8(jLA61-H!ucI804+B!$E^cQQa
z)_ERrW3g!B9iLb3nn3dlkvD7KsY?sRvls3QC0qPi>o<)GHx%4Xb$5a3GBTJ(k@`e@
z$RUa^%S15^1oLEmA=sayrP5;9qtf!Z1*?e$ORVPsXpL{j<cf(aoOxSwSjBR1mea0e
z^c3Q=wn8)%*koW31D%}j9dO0gR7Y@b_00J@vMv~iauOuPVkQGKG^LpkGueXj*z<(H
zv6PsTl$Bd^g^4yr-LK|PFHGhgs2bdrT$8)TR7nc(mnkPw6vrbaA_vA0JdMNVsoX7X
zzI)+QrS1A&rLp4hm_yCc#tP)G{!hBfUV@*{)uh;EQVyvIbs@16JE!9Psq3UaXMGQ^
zJ^Y2zHl3Zl1idw?=a56!^Y{sB%B-k(>L<6E)0sj&swP3}NPmR%FM?O>SQgN5XfHE<
zo(4#Cv11(%Nnw_{_Ro}r6=gKd{k?NebJ~<~Kv0r(r0qe4n3LFx$5%x(BKvrz$m?LG
zjLIc;hbj0FMdb9aH9Lpsof#yG$(0sG2%RL;d(n>;#jb!R_+dad+K;Ccw!|RY?uS(a
zj~?=&M!4C(5LnlH6k%aYvz@7?xRa^2gml%vn&eKl$R_lJ+e|xsNfXzr#xuh(>`}9g
zLHSyiFwK^-p!;p$yt7$F|3*IfO3Mlu9e>Dpx8O`37?fA`cj`C0B-m9uRhJjs^mRp#
zWB;Aj6|G^1V6`jg7#7V9UFvnB4((nIwG?k%c7h`?0tS8J3Bn0t#pb#SA}N-|45$-j
z$R>%7cc2ebAClXc(&0UtHX<>pd)akR3Kx_cK+n<}FhzmTx!8e9^u2e4%x{>T6pQ`6
zO182bh$-W5A3^wos0SV_TgPmF4WUP-+D25KjbC{y_6W_9I2_vNKwU(^qSdn&>^=*t
z&uvp*@c8#2*paD!ZMCi3;K<prH4a&u_&GPH7Wp*~+CzWZpzTbL&)4k=HC|E1=uT#O
zPuYcj5Jbb}c9+j=4foN!N-fSV`(c<30`iukl213!u4qI^cD3Ytg!~P3N1S(`-3^yF
zlFzoPUGJT0f@f{`ZDabbR@mNt3*M;G<P@?W{8}}Lg`Hvy7&Jmu=04fd1erYTPEwb=
z15%g^dl!<DS<}y*RUs*g6?{>{Na;I4Q35zw$YrW5U@Kk~)&rw;G?d7Q&c9|x<<Maw
zgBLn8*CoGPVj_^rpPn~ENvB}-`?vqbUaC%e+l73U+D^-Cb&Pj13W#6g!+x^$_tX)*
z@cs9Wk+{Dzx8NJw-G7(M|EOb>Hg|CNMsxovmfth*|E*GHezPTWa^Hd^F4!B3sF;)?
z(NaPyAhocu1jUe(!5Cy|dh|W2=!@fNmuNOzxi^tE_jAtzNJ0JR-avc_H|ve#KO}#S
z#a(8secu|^Tx553d4r@3#6^MHbH)vmiBpn0X^29xEv!Vuh1n(Sr5I0V&`jA2;WS|Y
zbf0e}X|)wA-Pf5gBZ>r4YX3Mav1kKY(ulAJ0Q*jB)YhviHK)w!TJsi3^dMa$L@^{`
z_De`fF4;M87vM3Ph9SzCoCi$#Fsd38u!^0#*sPful^p5oI(xGU?yeYjn;Hq1!wzFk
zG&2w}W3`AX4bxoVm03y>ts{KaDf!}b&7$(P4KAMP=vK5?1In^-YYNtx1f#}+2QK@h
zeSeAI@E6<gTYtZud5<DeMJ>Z8a?)>sZ`fbq9_snl6LCu6g>o)rO;ijp3|$vig+4t}
zylEo7$SEW<_U+qgVcaVhk+4k+C9THI5V10qV*dOV<w;)q>6pPtAI$)QN{!JRBKh-D
zk2^{j@bZ}yqW?<#VVuI_27*cI-V~sJiqQv&m07+10XF+#ZnIJdr8t`9s_EE;T2V;B
z4UnQUH9EdX%zwh-5&wflY#ve!IWt0UE-My3?L#^Bh%kcgP1q{<CvcqqQ2utk7s%sV
zoGl}#Zl)W@RNSAAf;w-DBO+*e0HO2%x-G=Z;*Pl$zHy^xW)%na$gbyTIw>&26eXLn
zTkjJ*w+(|_>Pq0v8{%nX$QZbf)tbJaLY$03;MO=Ic-uqYUmUCuXD>J>o6BCRF=xa%
z3R4SK9#t1!K4I_d>tZgE>&+kZ?Q}1qo4&h%U$GfY058s%*=!kac{0Z+4Hwm!)pFLR
zJ+5*OpgWUrm0FPI2ib4NPJ+Sk07j(`diti^i#kh&f}i>P4~|d?RFb#!JN)~<!~Z`*
zivNy#7kzu<{{tyjD6d)1{g;-B-EK2+0;|?2Nj`=2hUDsRiVj-}RAJN{d@x~38|)#_
zx&F#UxFFdbXxE(|#84p;-%dtBDbgEpl>D@)beox}bw?4VCf^y*`2{4`-@%SFTry2h
z>9VBc9#JxEs1+0i2^LR@B1J`B9Ac=#FW=(?2;5;#U$0E0UNag_!jY$&2diQk_n)bT
zl5Me_SUvqUjwCqmVcyb`igygB_4YUB*m$h5oeKv3uIF0s<pxU7XrV;DR{UhyjHRs5
zb+8Qf7A65FfQ?d1ZT2w}F_l*Eb)?ah<8c%Yy;Eal4{xBsX^nN@Pe5CxcymxUwL?eh
zv9_Z0XXBqZl6EhcKDo~Ou&%?PpG{{$wPe(7oy?yZ1mnWmr0b~pN$igR!(Rx*QN$iy
z=-Re}qI2g(ku?t~HgBj3V=|H$hiN2{j!P%zCB+1x34pnjx#?&{ENcU`o_2tynp}0U
zKI9mTgI{WS`?XY!3FH!0Q>k}~es!{D>4r%PC*F~FN3owq5e0|Y<Du-bB4EU)q{6=q
z#<0gBE8S|!ZrmQeH3JgM^AxLU0k8cAwCY-9?0w8gxwWKqzGP>eUTSG#Vq%&Gk7uwW
z0lDo#_wvflqHeRm*}l?}o;EILszBt|EW*zNPmq#?4A<L0#2f-Fpgzo6i9m?Cv{^Fe
z9>+&i0xx^?9obLyY4xx=Y9&^G;xYXYPxG)DOpPg!i_Ccl#3L}6xAAZzNhPK1XaC_~
z!A|mlo?Be*8Nn=a+FhgpOj@G7yYs(Qk(8&|h@_>w8Y^r<TLc~8#)=w@0;xlrL@mM3
zg*K(X)@-O)lt;P?5e(;WTL%O;a;rQNAE5;DqERSyAXc1biP%NUWXy?=-B^)wQ=+I4
zU%qA-ghSXXn27E3w8NMG!5XHJY>&5nCqe0V60rRz?b5%J;GYeBqSAjo|K692GxD4`
zRZyM2FdI+-jK2}WAZTZ()w_)V{n5tEb@>+JYluDozCb$fA4H)$bzg(Ux{*hXurjO^
zwAxc+UXu=&JV*E59}h3kzQPG4M)X8E*<G*nR0cBsK+3(q5`<{N)Z$_eT#;miD(s%h
z{fdYdgo~K&tWs<DY?yIi#?k!bT;M<ZDoV|<xhf7jcRFXDXl`LtGFz=LPAW$(hAEz}
zq@oGhJoeM0w4KvLTg%>}#_&}w*KEg<F5P|-B$Y<3$zfM|>tX)cU{vm9b$atHa;s>|
z+L6&cn8xUL*OSjx4YGjf6{Eq+Q3{!ZyhrL&^6Vz@jGbI%cAM9GkmFlamTbcQGvOlL
zmJ?(FI)c86=JEs|*;?h~o)88>12nXlpMR4@yh%qdwFNpct;vMlc=;{FSo*apJ;p}!
zAX~t;3tb~VuP|ZW;<Q&V!o{~5>z$=IHf->F@Ml)&-&Bnb{iQyE#;GZ@C$PzE<QuI)
zv_|vm%I_n1Dpq6lr--l%%tq7K!<v~?55k`WhA?y(q<f`<c6%@dUw9u~aA?j^`pueW
zW?_3n{u)d4@AQyf;UHiIRxp16RoWg&F+uwIJYB{!Spu!Z6TFEXau<!8UfawC4vbZv
zJTpZLC-RhzHO9xSd6HqYzkfjT+8e>f6~q}4D>9jic@mTO5x76ulDz@+XAcm35!VSu
zT*Gs>;f0b2TNpjU_BjHZ&S6Sqk6V1370+!eppV2H+FY!q*n=GHQ!9Rn6MjY!Jc77A
zG7Y!lFp8?TIHN!LXO?gCnsYM-gQxsm=Ek**V<u>mZu7vnuufD7K~GIxfxbsQ@qv2T
zPa`tvHB$fFCyZl>3oYg?_wW)C>^_iDOc^B7klnTOoytQH18WkOk)L2BSD0r%xgRSW
zQS9elF^?O=_@|58zKLK;(f77l-Zzu}4{fXed2saq!5k#UZAoDBqYQS{sn@j@Vtp|$
zG%gnZ$U|9@u#w1@11Sjl8ze^Co=)7yS(}=;68a3~g;NDe_X^}yJj;~s8xq9ahQ5_r
zxAlTMnep*)w1e(TG%tWsjo3RR;yVGPEO4V{Zp?=a_0R#=V^ioQu4YL=BO4r0$$XTX
zZfnw#_$V}sDAIDrezGQ+h?q24St0QNug_?{s-pI(^jg`#JRxM1YBV;a@@JQvH8*>>
zIJvku74E0NlXkYe_624>znU0J@L<-c=G#F3k4A_)*;ky!C(^uZfj%WB3-*{*B$?9+
zDm$WFp=0(xnt6`vDQV3Jl5f&R(Mp};;q8d3I%Kn>Kx=^;uSVCw0L=gw53%Bp==8Sw
zxtx=cs!^-_+i{2OK`Q;913+AXc_&Z5$@z3<)So0CU3;JAv=H?@Zpi~riQ{z-zLtVL
z!oF<}@IgJp)Iyz1zVJ42!SPHSkjYNS4%ulVVIXdRuiZ@5Mx8LJS}J#qD^Zi_xQ<pa
zK0_C<`%bp5M~CVCk7hV^j*M;Wzcj7kCsCfgg5CJ~2`y3|66=yp|GC7FJNP7A_Wc+(
zejiW#M^nRp{rUgmIRC{MB`ST%d>@>DKDr-_e#>5h3dtje*NcwH_h;i{Sx7}dkdpuW
z(yUCjckQsagv*QGMSi9u1`Z|V^}Wjf7B@q%j2DQXyd0nOyqg%m{CK_lAoKlJ7#8M}
z%IvR?Vh$6aDWK2W!=i?*<77q&B8O&3?zP(Cs@kapc)&p7En?J;t-TX9abGT#H?TW?
ztO5(lPKRuC7fs}zwcUKbRh=7E8wzTsa#Z{a`WR}?UZ%!HohN}d&xJ=JQhpO1PI#>X
zHkb>pW04pU%Bj_mf~U}1F1=wxdBZu1790>3Dm44bQ#F=T4V3&HlOLsGH)+AK$cHk6
zia$=$kog?)07HCL*PI6}DRhpM^*%I*kHM<#1Se+AQ!!xyhcy6j7`iDX7Z-2i73_n#
zas*?7LkxS<P{ZTB#tR|&N^U;Moy2#JwwW4RFPddYtD_bw0R1|Eo=5;j>-XSqv;YBa
zW_n*32D(HTYQ0$feV_Fru1ZxW0g&iwqixPX3=9t4o)o|kOo79V$?$uh?#8<F`E$a_
zutly1{7L1J@Y@6Vp*~KB!yXMF2QHqby@+ZG8+ND)X+s9is!(NOe)h&%h+bxjPFhwq
z$60~SJQ<aykcGl3;BUCZ>Q8e>4e)V6;_(x&ViUVxma+i25qea;d-oK7ouuDsB^ab{
zu1qjQ%`n56VtxBE#0qAzb7lph`Eb-}TYpXB!H-}3Ykqyp`otprp<BVE0iW(NxIg}T
zHQz%!Kt^1I=QqGS(r32Y=&DuF_0#yaLgW`I>7{VEuW*^IR2n$Fb99*nAtqT&oOFIf
z@w*6>YvOGw@Ja?Pp1=whZqydzx@9X4n^2!n83C5{C?G@|E?&$?p*g68)kNvUTJ)I6
z1Q|(#UuP6p<iHaJ>j78GUxq11m-GSszc+)X{C2eo-?8ud9sB=3(D47v?`JAa{V(IF
zPZQ_0AY*9M97>Jf<<kmA6!?J&2x7=_q{>o%#O_%Wq}8>YM=q0|tGY+hlXcpE=Z4Od
z`NT7Hu2hnvRoqOw@g1f=bv`+nba{GwA$Ak0INlqI1k<9!x_!sL()h?hEWoWrdU3w`
zZ%%)VR+Bc@_v!C#koM1p-3v_^L6)_Ktj4HE>aUh%2XZE@JFMOn)J~c`_7VWNb9c-N
z2b|SZMR4Z@E7j&q&9(6H3yjEu6HV7{2!1t0lgizD;mZ9$r(r7W5G$ky@w(T_dFnOD
z*p#+z$@pKE+>o@%eT(2-p_C}wbQ5s(%Sn_{$HDN@MB+Ev?t@3dPy`%TZ!z}AThZSu
zN<1i$s<Qod+!u+1TpqzHMAR;(P|C33h|NdU1+@toT{?QhAJAzzUDj;ch>iJhXFdjV
zP*y|V<`V8t=h#XTRUR~5`c`Z9^-`*BZf?WAehGdg)E2Je)hqFa!k{V(u+(hTf^Yq&
zoruUh2(^3pe)2{bvt4&4Y9CY3js<F>)PUHtd4rVG57}uFJL)D(JfSIo^{P=7liFXG
zq5yqgof0V8paQcP!gy+;^pp-DA5pj=gbMN0eW=-eY+N8~y+G>t+x}oa!5r>tW$xhI
zPQSv=pi;~653Gvf6~*JcQ%t1xOrH2l3Zy@8AoJ+wz@daW@m7?%LXkr!bw9GY@ns3e
zSfuWF_gkWnesv?s3I`@}NgE2xwgs&rj?k<VL?gG5MC{Nmj1vZX?3e8O$&f`#KcfCT
zD|dGfAH<9vQYUE_U}e#K2epdwK03De5{_327SI@sw~J+|<wi@;rZX!9Y2MH7_L7?E
z^an@e4GxaY9F(p#Ot=#L(YG%x=Gq!vNbxtM=IXzPyPmYSGU#`>H-FEy82=O8`+szN
ziHch`vvS`zNfap14!&#i9H@wF7}yIPm=UB%(o(}F{wsZ(wA0nJ2aD^@B41>>o-_U6
zUqD~vdo48S8~FTb^+%#zcbQiiYoDKYcj&$#^;Smmb+Ljp(L=1Kt_J!;0s%1|JK}Wi
z;={~oL!foo5n8=}rs6MmUW~R&;SIJO3TL4Ky?kh+b2rT9B1Jl4<n8E`j>>#Uh-Bec
z`Hsp<==#UEW6pGPhNk8H!!DUQR~#F9jEMI6T*OWfN^Ze&X(4nV$wa8QUJ>oTkruH#
zm~O<`J7Wxseo@FqaZMl#Y(mrFW9AHM9Kb|XBMqaZ2a)DvJgYipkDD_VUF_PKd~dT7
z#02}bBfPn9a!X!O#83=lbJSK#E}K&yx-HI#T6ua)6o0{|={*HFusCkHzs|Fn&|C3H
zBck1cmfcWVUN&i>X$YU^Sn6k2H;r3zuXbJFz)r5~3$d$tUj(l1?o={MM){kjgqXRO
zc5R*#{;V7AQh|G|)jLM@wGAK&rm2~@{Pewv#06pHbKn#wL0P6F1!^qw9g&cW3Z=9}
zj)POhOlwsh@eF=>z?#sIs*C-Nl(yU!#DaiaxhEs#iJqQ8w%(?+6lU02MYSeDkr!B-
zPjMv+on6OLXgGnAtl(ao>|X2Y8*Hb}GRW5}-IzXnoo-d0!m4Vy$GS!XOLy>3_+UGs
z2D|YcQx@M#M|}TDOetGi{9lGo9m-=0-^+nKE^*?$^uHkxZh}I{#UTQd;X!L+W@jm(
zDg@N4+lUqI92o_rNk{3P>1gxAL=&O;x)ZT=q1mk0kLlE$WeWuY<p^lk9k<q+rcOGG
zY)G$sy1c;kpqg0vV-}_XHLMzubt5&Y+X3Q{3Wa&iSOY9S8qUS1LUsYa--u3<U|kYH
zfL}q@Sl3A;lg32U^*mSX!dr5wpp#<9G)=5WC=&Cv)mW|a!muj?rXU0JHBrQ<`Qqt}
zCgYqLnoe5^we#~H-+!p+9n;rMDHiXMi5YFyOWW{wi{Tnu%1mqAov`>_$0`0jY-Kkt
zP*|m3AF}Ubd=`<>(Xg0har*_@x2YH}bn0Wk*OZz3*e5;Zc;2<o%?~}~ck-Gk+}B1o
z7H(amz-SpgFI})ialV|e<4!f0)HG}_n?GAIDeiC%vdRTJZ<WeGYT+p)vyz_FBWtO$
zz2K9gb9XN8(>uBdnl8?&XjupbkOeNZsNh6pvsq_ydmJI+*z**{<vBKXP!vVq<!p_e
z&dE_6Lim}RGRF|DDL<W_^>I{0K)-;p1~k8cpJXL$^t!-`E}=*4G^-E8>H!LjTPxSx
zcF<xkt%17w#Nu8CTO5_pkM9Mxb}Wf0;14cP1{yv5#7uIFNY2eGhq{_*hEBSbjQA$U
znAZkjT-yd=I_R8ZJ?H07yh5z>+cS`ommfKMhNSbas^<U&=a>@YbTpH1*RFrBuATUR
zt{oFWSk^$xU&kbFQ;MCX22RAN5F6eq9UfR$ut`Jw--p2YX)A*J69m^!oYfj2y7<PW
z+v>NYcH6&r+0~_sH^c^nzeN1AU4Ga7=FlR{S|Mm~MpzY0$Z+p2W(a={b-pR9EO1Rs
zB%KY|@wLcAA@)KXi!d2_Bxr<pdgvLNQgZmCJz&c*%>khDn`DT1=Dec}V!okd{$+wK
z4E{n8R*xKyci1(CnNdhf$Dp2(Jpof0-0%-38X=Dd9PQgT+w%Lshx9+loPS~MOm%ZT
zt%2B2iL_KU_ita<m0BJ>%N>xjB!<T714UjSOi9+HnppU8HTO6Xys3~>#71_3=3c}o
zgeW~^U_ZTJQ2!PqXulQd=3b=XOQhwATK$y(9$#1jOQ4}4?~l#&nek)H(04f(Sr=s|
zWv7Lu1=%WGk4FSw^;;!8&YPM)pQ<cfOEqZOX3qg|bi6Y+6raTouS~FCMLV)D&#=5p
zIeXB!ZqEvR`rjuFN1ix6GoI%|3=23*fhels&m^Kl7$Xb)d4}z-AG?ZOEDO)5!dX$;
zxo;%86BwnKIVK{n#wbp)z+DlG`Eo;!p1qmI5u}Dr3ERkBC^gA;rI=Ohq{XCvK{N9A
zv&z##C1k^|5<I!-;+MCJN#mX7#cD{4PE)89nNv$gm~ronTcb2Mq~#~4^M!^C-1#M(
z=1UT>DCY9DhU`hMty1@sq1=Tj7bFsOOBZOFlpR`W>-J$-(kezWJj;`?x-v>ev{*8V
z8p|KXJPV$HyQr1A(9LVrM47<GkZ=yfPF+Dq%S|w=MijcJ6`g68YLr!qXVkqpG~JGH
zv`>u-XpcrIyO`yWvx1pVYc&?154aneRpLqg<bQ>x)EMvRaa#|9?Wwqs2+W8n5~79G
z(}iCiLk;?enn}ew`HzhG+tu+Ru@T+K5juvZN)wY;x6HjvqD!&!)$$;1VAh~7fg0K|
zEha#aN=Yv|3^~YFH}cc38ovVb%L|g@9W6fo(JtT6$fa?zf@Ct88e}m?i)b*Jgc{fl
zExfdvw-BYDmH6>(4QMt#p0;FUIQqkhD}aH?a7)_%JtA~soqj{ppP_82yi9kaxuK>~
ze_)Zt>1?q=ZH*kF{1iq9sr*tVuy=u>Zev}!gEZx@O6-fjyu9X00gpIl-fS_pzjpqJ
z1yqBmf9NF!jaF<+YxgH6oXBdK)sH(>VZ)1siyA$P<#KDt;8NT*l_0{xit~5j1P)FN
zI8hhYK<Ctos5a2iSB6E;K{q?&ab{FphO?zxIqqf}%h}LQupBY+8nGBng;9rl>hQ)i
z37^aP<qpGiOwA$)u%NPBnx5-dJ?eaKuJ|k=(U7<z&!E=Ex{~rH$w*MsBugwy8}mlc
z@Cp`bIFkJ)nD=}RT7wXAD(8ljk?9q}6wNph<*7S`FnAlTK859*a=phG5gBZhql8^1
zqKXJBJSm<4{Im$>13B~u65?sg+_@2Kr^iWHN=U;EDSZ@2W2!5ALhGNWXnFBY%7W?1
z=HI9JzQ-pLKZDYTv<0-lt|6c-RwhxZ)mU2Os{bsX_i^@*fKUj8*aDO5pks=qn3Dv6
zwggpKLuyRCTVPwmw1r}B#AS}?X7b837UlXwp~E2|PJw2SGVueL7){Y&z!jL!XN=0i
zU^Eig`S2`{+<wl==2w=5|F9xM-02N5`F*r(R=yBH;xL${JnA$s&UywB#{_0RS^+hX
z*x9l+ftTA)(qqfU_K+4UB=w=A|0J9m!!ePjqBV0F7$&R=n`+yR@2tk2NwHhL{|&cH
z$fXb3^<M+ME~B<-d*&_qT19T_sRLwwvu;hmu)Vt+WHH@$?DQ6m2&aLvtcbK<MgTBu
zp(SQPX~F@0CgG?+)(jWG3Oc!+oEMIunjIDK0w|m6;WzWCMpr#dq3I<GeN7c@71Fqq
zf&ADs4Jz}_R;T_`?S9~(wB(9e>gU$68aRdWx?BZ{sU_f=8sn~>s~M?GU~`fH5kCc;
z8ICp+INM3(3{#k32RZdv6b9MQYdZXNuk<tNnM*Zj3!<Rmy`SQx3idGTVVW@OzSywq
z<sw@>7ed8;G?S2nT+NZBG=Tar^KFl2SvhW$bGW#kdWL-I)s_IqVnCDDM9fm8g;P;8
z7t4yZn3^*NQfx7SwmkzP$=fwdC}bafQSEF@pd&P8@H#`swGy_rz;Z?Ty5mkS%>m#%
zp_!m9e<()sfKiY(nF<1zBz&&`ZlJf6QLvLhl`_``%RW&{+O>Xhp;lwSsyRqGf=RWd
zpftiR`={2(siiPAS|p}@q=NhVc0ELprt%=fMXO3B)4ryC2LT(o=sLM7hJC!}T1@)E
zA3^J$3&1*M6Xq>03FX`R&w*NkrZE?FwU+Muut;>qNhj@bX17ZJxnOlPSZ=Zeiz~T_
zOu#yc3t6ONHB;?|r4w+pI)~KGN;HOGC)txxiUN8#m<I|Y6ES5NY<qwYy-|}EoiBmM
zzK&og-IJMpwjbL8IAA?{APd++5KnIBFcmKwZzO~h`v>exj+W(cz%9a4sx|IRG=}ia
zuEBuba3AHsV2feqw-3MvuL`I+2|`Ud4~7ZkN=JZ;L20|Oxna5vx1qbIh#k2O4$RQF
zo`tL()zxaqibg^GbB+BS5#U{@K;WWQj~GcB1zb}zJkPwH|5hZ9iH2308!>_;%msji
zJHSL~s)YHBR=Koa1mLEOHos*`gp=<n)R&-+66xg`pqUXP#0Zm{sf^MKJnR>s8KA-C
zu0aE+W!#iJ*0xqKm3A`fUGy#O+X+5W36myS>Uh2!R*s$aCU^`K&KKLCCDkejX2p=5
z%o7-fl03x`gaSNyr?3_JLv?2RLS3F*8ub>Jd@^Cc17)v8vYEK4aqo?OS@W9mt%ITJ
z9=S2%R8M){CugT@k~~0x`}Vl!svYqX=E)c_oU6o}#Hb^%G1l3BudxA{F*tbjG<UG_
z<Vo0tRnGPd)K5|7jd0}T-wQdZZG$TREj=4*<4bR;^};Y7orbT=`ITOz*@g<Y=x;1T
zesE`pc}OxPz?01Be<R|c+WT7B<35I5;~ham;Y6hY?F{PCSdwf@9qXBZn%JBWfW6@H
zxqGR{o+TW^4T&@lZ$GVT-8s0{R3MmXsMGGDxgNTZ8|S`+<Qxcf#Ei_^nsS}Yt*PB*
z5#h+HDAU+!GmbOJ#d(J8|6Rt?+U5gR1>;W_>=xV73pKY53v%>I)@D36I_@&p$h|Aw
zonQS`07z_F#@T-%@-Tb|)7;;anoD_WH>9ewFy(ZcEOM$#Y)8>qi7rCnsH9GO-_7zF
zu*C87{Df1P4TEOsnzZ@H%&lvV(3V@;Q!%+OYRp`g05PjY^gL$^$-t<lOaPfbWQ29U
ziQLZAEqJX}(BXW*YUz0#v0~iKqbJ35-`aw1m+YA~k)TQVyq!wOKDE%}gHJ%Woa=@J
z_G3Z9VfhbWs>0Y>H*CDDs?FZly*oZ&dxvsxaUWF!{em4{A>n@vpXg$dwvt@_rgmHF
z-MER`ABa8R-t_H*kv>}CzOpz;!>p^^9ztHMsHL|SRnS<-y5Z*r(_}c4=fXF`l<Xkw
zEy6TsVDdDoV_TNG(<WvkK8TcvFZ^8LA2wsz%Sl;DbLS}my*l(?>^-i}>e7v!qs_jv
zqvWhX^F=2sDNWA9c@P0?lUlr6ecrTKM%pNQ^?*Lq?p-0~?_j50xV%^(+H>sMul#Tw
zeciF*1=?a7cI(}352%>LO96pD+?9!fNyl^9v3^v&Y4L)mNGK0FN43&Xf8jUlxW1Bw
zyiu2;qW-aGNhs=zbuoxnxiwZ3{PFZM#Kw)9H@(hgX23h(`Wm~m4&TvoZoYp{plb^>
z_#?vXcxd>r7K+1HKJvhed>gtK`TAbJUazUWQY6T~t2af%#<+Veyr%7-#<!`u7=6z<
z@9(d@bkwuJK`;AXMIasQ=4>*A#@&*;@g58{i|E%6yC_InGXCOd{L0;$)z#?n7M`re
zh!kO{6=>7I?*}czyF7_frt#)s1CFJ_XE&VrDA?Dp3XbvF{qsEJgb&OLSNz_5g?HpK
z9)8rsr4JN!Af3G9!#Qn(6zaUDqLN(g2g8*M)Djap?WMK9NKlkC)E2|-g|#-rp%!Gz
zAHd%`iq|81efi93m3yTBw3g0j#;Yb2X{mhRAI?&KDmbGqou(2xiRNb^sV}%%Wu0?<
z?($L>(#BO*)^)<q1<y(%o-D>rSgyNRni$i`R4v;GhlCZ8$@e^ROX(p=2_v6Y!%^As
zu022)fHdv_-~Yu_H6WVPLpHQx!W%^6j)cBhS`O3QBW#x(eX54d&I22op(N59b*&$v
zFiSRY6r<ogkg`lB4Kzk}79-1@4WexUMjw+78PVxKkpJ}l$#uYSKRni~wAs(LFQ`S~
z)6H^=SsBl_=gtAZcCb%LqI~={V0L=Y2XD)_)<%!{eY=Ch6CuBtAu<8uk=VNIh~<**
z4}OE-7;4DiEfmH5r(r_l!C{NrR4GiA;)KB7^Z5GJe5Gi4jN{kozWVvza9J%ysu#}1
zV05Y-@;(u_e>Oc^(dgSV1<S;M;fP~XvG?H2UWU4_zajZjOwrCC*tclCC;-DiooNK0
zKT=dwZdL_ATeNsapPF;r>>a7-5C;(5S5MvKcM2Jm-LD9TGqDpP097%52V+0>Xqq!!
zq4e3vj53SE6i8J`XcQB|MZPP8j;PAOnpGnllH6#Ku~vS42xP*Nz@~y%db7Xi8s09P
z1)e%8ys6&M8D=Dt6&t`iKG_4X=!kgRQoh%Z`dc&mlOUqXk-k`jKv9@(a^2-Upw>?<
zt5*^DV~6Zedbec4NVl(<J^HBK@2E4@wD3MtdV(xxnq%Vbc}WuHo}5QftrZiThWddC
z`SqHbMkXtVXKo79381*cF)4R%emsAj0XSNL+PDEL#FejmgEu5hh1&sJBWank<?5||
zFa70^J_fIcXV;YE%H5TE-LegY#;Q{2+X5ec9PUkBc$GBoPD$f3kMxcc{GCuyqMnT@
zoFpa`18N8o#cD|?wHX2`2uRGD5<2)(v9&spIF?JOuSy<x-3h*1uo<tmXh9c!`+f(x
zJ!3;pKi`8)fAw>$2T{&b)zA@b#dUyd>`2JC0=xa_fIm8<d`*pjaOx{pV5Pe7q{O1W
zAT5c_%T(D{?pE<afMwAc3^p*w8J|rwP_Jm84rW1XYj_z!4LWkm8d^QnYM3TAJ00M}
zVy+@IpL$^~2r+Bvv<<LIU<+tp*%PbBjNTe&Z{H48g3%crRya-=a)qRylf)#ctNvw?
zlFff;8hFwWk7>{5u<t#%K`^*tgQ@!!adiD7YiKBgV_c5|kR2YSiy*0+0NhSocT-E<
zLsbh?CBfxQ!F7|i4p=%MX(y=Km3GT?bty_*CZh1*xF8v|8xjqfoni!cQE1EFLyy>m
zr-!ApXZhC8@=vC2WyxO|!@0Km)h8ep*`^he92$@YwP>VcdoS5OC^s38e#7RPsg4j+
zbVGG}WRSET&ZfrcR(x~k8n1rTP%CnfUNKUonD$P?FtNFF#cn!wEIab-;jU=B1dHK@
z(;(yAQJ`O$sMn>h;pf^8{JISW%d+@v6@CnXh9n5TXGC}?FI9i-D0OMaIg&mAg=0Kn
zNJ7oz5*ReJukD55fU<geid?Ih<u$lD<ZaBChRKMH%^g0f>sMuaP+H4tDN&V9zfqF@
zr=#ecUk9wu{0;!+gl;3Bw=Vn^)z$ahVhhw)io!na&9}LmWurLb0zubxK=UEnU*{5P
z+SP}&*(iBKSO4{alBHaY^)5Q=mZ+2OwIooJ7*Q5XJ+2|q`9#f?6myq!&oz?klihLq
z4C)$XP!BNS0G_Z1&TM>?Jk{S~{F3n83ioli=IO6f%wkvCl(RFFw~j0tb{Gv<R+ryT
zRX%I@y>XTx>*sB0McY0s&SNvj4+^h`9nJ_wM>F!Uc>X}9PifQekn0sKI2SAJP!a4h
z5cyGTuCj3ZBM^&{dRelIlT^9zcfaAuL5Y~bl!ppSf`wZbK$z#6U~rdclk``e+!qhe
z6Qspo*%<)eu6?C;Bp<^VuW6JI|Ncvyn+LlSl;Mp22Bl7ARQ0Xc24%29(<s4_N=u??
z$t{gru-VXd6Kxbxv5Bt?Z$yc1w+D)_3NsUN5!&<3)ieB&Nu@~@oJ<S*(@c3&Pewi0
z%9!QRq|vABdor|x%wu0~=1Z5hOOpQi`0!iyJhFLc128BQmq$$|x}WJU?iN}7Kl;!3
z&fH)Q*P121qPNW?v_ooy8Sm4CFA(z37NUr<`Xy>ZrdsIPw&-=yHQ7_Vle|5h>AST0
zUGX2Zk34vp?U~IHT|;$U86T+UUHl_NE4m|}>E~6q``7hccCaT^#y+?wD##Q%HwPd8
zV3x4L4|qqu`B<QDcIkg$mi~*?H~RNY_Wx4D`}Y)A)!YT!6xCZ~ZTPl7{FKBwUP;<e
zGwA>$4(LXqDJngNy-{&@aFBvVsywt@X^}iH7P%>bR?ciC$I^U-4Foa<B~H&?t+Qu`
zYwLM1`)@`@%8{2TvE*VigXq!t`qQLW_S5DOEz|2z2j3@V_m6j4f9Dj+Tf}F*MS{?9
z%5n(*$y|Ke#xMg=rzn#aJmhAj==f%8S}Mvc)f)j&X?h~FezLP0LfVpNB_5sLG5z-3
z-35pyFHV0nPmuu&M8{s3y}I4c7J41@C$_+Wqk&1f`MvOF;v`)pAYGN4MEXuFe)LY2
z=&C(w{X1B@m%`@ul3h(Gtch>`YKI^qDyGK7k%E%c_P=yzAi`YnxGA%DeNd++j3*h^
z=rn>oBd0|~lZ<6YvmkKY*ZJlJ;Im0tqgWu&E92eqt;+NYdxx`eS(4Hw_Jb5|yVvBg
z*tbdY^!AN;luEyN4VRhS@-_DC{({ziH{&Z}iGElSV~qvT>L<HMHzj7J-Kpa!p!c29
zr8L!oM5$VXc*@gwRrKuo*h${B7BEkfln@c=6oRf(*M;GdM=)m;H&XnLvs%-2b*+hr
z7OLt;wv$AG{1d5A_3iuPkRtq^Z3(lga~pLocX)JXz8xtPuFH$tb1E#7^Np@GfB#l+
z&L?_OtoPwP5<R)d%5@nIE}~}{W{Q)eZmHbhg7xXREu-ZQD=)K37HlG2J>-8G%+yEL
zX#MFOhj{InyKG=mvW-<1B@c-}x$vA(nU?>S>0*eN#!SLzQ)Ex7fvQ)S4D<8|I#N$3
zT5Ei`Z?cxBODHX8(Xp73v`IsAYC@9b;t}z0wxVuQSY1J^GRwDPN@qbM-ZF48T$GZ<
z8WU+;Pqo?{ghI-KZ-i*ydXu`Ep0Xw^McH_KE9J0S7G;x8Fe`DVG?j3Pv=0YzJ}yZR
z%2=oqHiUjvuk0~Ca>Kol4CFi0_xQT~;_F?=u+!kIDl-9g`#ZNZ9HCy17Ga1v^Jv9#
z{T4Kb1-AzUxq*MutfOWWZgD*HnFfyYg0&e9f(5tZ>krPF6{VikNeHoc{linPPt#Si
z&*g>(c54V8rT_AX!J&bNm-!umPvOR}vDai#`CX___J#=zeB*{4<&2WpaDncZsOkp*
zsg<%@@rbrMkR_ux9?LsQxzoBa1s%$BBn6<mos5IdgH=dhp$~J!{0^n6tTjg;U5Diz
zxn*0gDh2*1rZJV&&gt&fW9znj@{DqJLV4eBUx+J-d4%cpr)wD1@Vx?X)?B*tGi&A=
zu5vL>vk#{&&zUwcfzeCBJUwFYSF$08qDsB;gWQN*g!p8pxjofWbqNSZOEKOaTx@+*
zwdt5*Q47@EOZ~EZL9s?1o?A%9TJT=Ob_13yyugvPg*e&ZU(r6^k4=2+D-@n=Hv5vu
zSXG|hM(>h9^zn=eQ=$6`JO&70&2|%V5Lsx>)(%#;pcOfu>*nk_3HB_BNaH$`jM<^S
zcSftDU<V-inKL>1?nL;jy)+sfonQN}(}gUW?d_ikr*3=^{G)=tjBtEPe>TO|0ddVB
zTklrSHiW+!#26frPXQQ(YN8DG$PZo?(<o9TOVxrss2Tawf48g5GCBiDSDE3#UTp|k
z0pKVwU|jx{+EQY()yCur&pg1mIZ@qM8XqZ|+FwhjuUu?KF@3ju{(}}|suk~@HhJ@t
zQ#Y9~FZ`d#%R!jufJh!!RQMg1{%cNgteq&qcX<80AJGOV1RA*AhOQap$U?Y%h(E_|
z8KTI5C~yZDX7BVzv96*H*$a>po(QUCCf_OJC`pw*uey00%gmH!`WJkrKXj2!<hVw7
zGRWHF)G~HffGg-$(O!{Pk3Jwp$~FflQ(t@$&I&M44Aeq=eh)c85(&68I*-`m6uoK%
zdl?LKwDh&L2fOllfoB@M_mp%O$0z3aZY$k-iHXr}^=#M>#6?`T25mTu9OJp2L8z3!
z=arrL$ZqxuE{%yV)14Kd>k}j7pxZ6#$Dz8$@WV5p8kTqN<-7W)Q7Gt2{KoOPK_tZ|
zf2WG~O5@{qPI+W<4f_;reuFVdO^5`ADC1!JQE|N`s3cq@(0WB!n0uh@*c{=LAd;~}
zyGK@hbF-Oo+!nN)@i*O(`@FA#u?o=~e{`4O#5}z&=UkU*50fOrzi11D^&FOqe>wii
z?*k+2|EcUs;Gx{!@KBT~>PAwLrIDT7Th=Utu?~?np@t^gFs?zgX=D${RwOY^WGh-+
z+#4$066I<rp}NtcF5!lhZvD^1^l^-7{>Sh8eYW#FXWp~S`<*%O^ZuItL1Tyqt8#tZ
zY120E;^VG`!lZn&3sPd$RkdHpU#|w+bYV)pJC|SH9g%|5IkxVTQcBA4CL0}$&}ef@
zW^Vtj%M;;_1xxP9x#ex17&4N*{ksO*_4O}xYu(p*JkL#yr}@7b)t5X?%CY<+s5_MJ
zuiqt+N_;A(_)%lumoyRFixWa-M7qK_9s6<1X?JDa9fP!+_6u~~M$5L=ipB=7(j#f<
zZ<k8E`Rwou;l+s_T|L^56YmSu4%^`QFTOq==C$v}z48r)V)i|8HET~j$njp}R%Tx6
z6z1$DcJ|+-rK;8O+M4D2OI&h9Z=KBOt2kjcN}lMJQdr(sa_4xJa;t^b;+K^1J9dTU
z7E3oumY>34J%=bs549%~_mA(|={uZNs_0?o7;-LBP(ZRnkd{-^|2|=4vUTmtByHL8
zEph`(LSEzQj68a+`d$V<45J7cyv^#|^|%fD#si1Nx!4NW*`l*{->HEWNh6-|g>-=r
zXmQ|-i}Ku$ndUeHQ^&ieT!Lf}vf6GaqW9$DJ2NWrqwPY%%4nip$@vK$nRp*_C-v<|
zuKz~ZyN&<%!NS26&x?jhy+@awJipMQ-8(X4#Ae5??U<1QMt1l9R=w9fAnEF}NYu$2
z>6<Remz*?TALWUbsLm^V8JpOI8Qrv^I{Uf`UiQ}=bwlT?m7XzzYl?d75*MLY>}Vkc
zIb*A?G*z8^IvibmBKn_u^5&T_1oey0gZS2~obf(#xk=erZGTEdQnt3DMGM+0oPwss
zj5zXD;(oWhB_T@~Ig#9@v)AKtXu3>Inmgf@A|-lD-1U>cNyl3h?ADD9)GG4}zUGPk
zZzaXe!~Kf?<~@$G?Uql3t8jy9{2!doq4=J}j9ktTxss{p6!9Ud<L0{JvuM8zT}59}
zy?q<PQ`(o7I;|2vYuA@mlwTC2VWpG0`?f+&<cL+^MokC9tZR;`s@;M`H_iw&h5ar5
zCVhp4@v?m@Lrzz?2Z>jyDERlA*xZ!=Q)KDs5O)phz>Vq3BNGoM(H|=1*Q4$^2fTZw
z(%nq1P|5Rt81}SYJpEEzMPl5VJsV5&4e)ZWKDyo<HF@#^TWD2$%#hJqrPwhn_I`~h
zrl9TX+98FE%rR>Z>1EwpkHx-AQVQc8%JMz;{H~p{=FXV>jIxvm4X*qv52e?Y-f%DJ
zxEA165GikEASQ^fH6K#d!Tpu2HP{sFs%E=e$gYd$aj$+xue6N+Wc(rAz~wUsk2`(b
z8Kvmyz%bKQxpP}~baG-rwYcYCv<u@FIev&XxIE!%Ztbxbt-Y%ng;He-ByR+Lk{8!A
z+z_?%ukrIgzuh|^o09LLIM$E(jD2g{U~B*3O~s^?p1O(7xg6;i3B@l87#4eO$$oiS
znHnuA9vGDnw~@NpSw1YYZjoo+HWTzC%$-J_E}3wK-(9hvP0Ct}242U82Wv+8>kHOi
zlkR<=>ZBTU*8RF_d#Bl@zZsRIhx<%~Z@Z<pYsoy05ZE@HkOT*OyM_H}bO0QHT>=ik
z>adw3!DK(8R|q$vy{FTxw%#xliD~6qXmY^7_9kthVPTF~Xy1CfBqbU~?1QmxmU=+k
z(ggxvEuA;0e&+ci-zQR{-f7aO{O(Pz_OsEjLh_K>MbvoZ4nxtk5u{g@nPv)cgW_R}
z9}EA4K4@z0?7ue}Z(o~R(X&FjejUI2g~08PH1E4w>9o{)S(?1>Z0XMvTb|;&EuyOE
z<Uf?|k(eh=|5A0k%+DyPOynyZIUEys#os=5y;pE3-eqjU+vfn|kx^`PvS0aFgK5k7
z_Ws8b<tF{v{r8Xc%Ra(S^vGriKjcqYF_IFKBCZ&>GvWNpYX)Nv<8|a^;<iw`qCF!m
zJCer*R!Lka?@SE&ch5f_idG-0J0#H0t`-WqI6fU-<8)0T>1>bh#&znEcl-r!T#pn=
z4$?Yudha6F%4b>*8@=BdtXXY4N+`U4Dmx$}>HeVJk-QdTG@t!tVT#0(LeV0gvqyyw
z2sEp^9eY0N`u10Tm4n8No&A=)IeEC|gnmEXoNSzu!1<4R<%-9kY_8~5Ej?zReg<ow
z_S`;&)5*<v9D*b@Pp375jJ+bUt(~O-SF0ZSb>Mn78wuMs#;i&eUA0Zk_RXQ3b&TT}
z;SCI<r<Tr9OC%fOR>=7-FUB@*&;8|n>(_g^HGf3@QODE3LpmX~ELnymQm{Sx9xrKS
zK29p~?v@R$0=v6Dr5aW>-!{+h@?Q58|Kz8{{W`%J+lDAdb&M5VHrX_m<yIVSusgG)
z`wE|gu8*tGFN+9LZP$c*%%oTIyT7Y#Uu$+WtVYvbCQ+Do^ID=OntZUS+AP2A;pDLp
zQ|q{WRobah5mlF}4!P`?SD*ypcWDw;D;8QgDGN?GxP&*+636N@_L%TF<fCxBbhCW%
zM%&xYBGf(}%YX|$hc1=>DY;1-JLnf)ezmPau$)1;=`-FU=-r-83tX=C`S#}GZufju
zQ>sXNT0Ny=k@nc%cFnvA_i4SC)?_ORXHq8B4D%el1uPX`c~uG#S1M7C+*MMqLw78E
zhY2dI8@+N^qrM<pEkuRyo-$3h*azHIX|CuJeg6U1uTYr#f1L)jm7pty!Nt_EpVqGj
zXVf`s*T3XSv0ipIVh~5QdLCYp1wi6^@nTR33ob<X9tfmOm*uFzZ-27JIbc;RY)sW`
zt!7sXsMOap1pmxDHwCgCeJ^w>I1+;TUd<Y7V_}N3cTlx9g%Oxl!1(@Fz@fhB!X!Qg
zzGte&a;gDDb7s`2pRO@2w9ly`vje6Ilj<$_c7{OhbUJ}K%$c%`!Wu9kSA#`Xja47q
z=~M~uTQ&ejWO4`vDE9|h6MO?f*d<f1pCzFOx6YSGxl|H(I2h0=%!FyILZ_|=bX<Z@
zIXy76kKLDpG=TR2T<cl5;7+F|gWhKYZ346vNMyq9`PzDJfsBPN=&eq$MKd*arcmkB
zATW410h$o^5JE{IECTR`<Q+_;Q1BqjI5Ciw%m8kGTdmE2GB82|h<4gEtNm!8e#?mt
z;D<+GLqmLk>a(vGqGSRyU{Fnm`aqrr7bz4<dKN=G5TxM1z~0~yR6MN!z}y8FQ<9oh
z=+qK`&H;`)dq`^^SX>2c5xsOO-~oZpkzorD1g}Y<6rk&3>PsSGy}W?MtqFky@A(X#
zIuNZK0cK?^=;PUAu>j0#HtjbHCV*6?jzA&OoE$*Jlga*}LF`SF?WLhv1O|zqC<>*>
zYB;#lsYKx0&kH@BFpW8n*yDcc6?;_zaJs<-jPSkCsSX-!aV=P5kUgF@Nu<{a%#K*F
z134Q{9|YX7X(v$62_cY3^G%t~rD>Q0z@)1|zs)vjJ6Jq9;7#Ki`w+eS**En?7;n&7
zu==V3T&eFboN3ZiMx3D8qYc;VjFUk_H-WWCau(VFXSQf~viH0L$<p$oTrv;PAp(HR
zxGYwoQ{`RRg4u%PEm#VL7~lyq<6`h+F9OK~tPR1wo}q|fJ3M>gwD$<h61N|-us1_A
zl+PEzjP+uR3A<ynvirg<hO=WL=vh8&(Wl2haO~h*nJ_e*eGq{@?#~H&b}m8~6;8Z^
zpbmt5cVjrE;ei2}0ANsjD@<R3Rp?ZF=p4ZLJsD20%)C2Oh4~(z31DYTGiF#ITp7;7
z!>UfFHqNcgN`x}M+YQ6RnN<+@t>JUp#)9YOkqst-Ga?{FsDpEeX0(5v{0J~SEbWiL
zXC2}M4?UH@u&|;%0y`eb33ldo4~z-x8zY!oVmV=c+f$m?RfDC35mdQ2E>Pze7KWP-
z>!Bh<&57I+O_^s}9Tg^k)h7{xx@0a0IA~GAOt2yy!X%Q$1rt~LbTB6@Du!_0%HV>N
zlf)QI1&gvERKwso23mJ!Ou6ZS#zCS5W`gxE5T>C#E|{i<1D35C222I33?Njaz`On7
zi<+VWFP6D{e-{yiN#M|Jgk<44u1TiMI78S5W`Sdb5f+{zu34s{CfWN7a3Cf^@L%!&
zN$?|!!9j2c)j$~+R6n#891w-z8(!oBpL2K=+%a$r2|~8-(vQj5_XT`<0Ksf;oP+tz
z9CObS!0m)Tgg`K#xBM8B(|Z)Wb&DYL{WTYv`;A=q6~Nnx2+!lTIXtj8J7dZE!P_{z
z#f8w6F}^!?^KE#+ZDv+xd5O&3EmomZzsv?>E-~ygGum45fk!SBN&|eo1rKw^?aZJ4
E2O(~oYXATM

literal 0
HcmV?d00001

diff --git a/gradle/wrapper/gradle-wrapper.properties b/gradle/wrapper/gradle-wrapper.properties
new file mode 100644
index 0000000..f371643
--- /dev/null
+++ b/gradle/wrapper/gradle-wrapper.properties
@@ -0,0 +1,5 @@
+distributionBase=GRADLE_USER_HOME
+distributionPath=wrapper/dists
+distributionUrl=https\://services.gradle.org/distributions/gradle-7.0-bin.zip
+zipStoreBase=GRADLE_USER_HOME
+zipStorePath=wrapper/dists
diff --git a/gradlew b/gradlew
new file mode 100644
index 0000000..4f906e0
--- /dev/null
+++ b/gradlew
@@ -0,0 +1,185 @@
+#!/usr/bin/env sh
+
+#
+# Copyright 2015 the original author or authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+##############################################################################
+##
+##  Gradle start up script for UN*X
+##
+##############################################################################
+
+# Attempt to set APP_HOME
+# Resolve links: $0 may be a link
+PRG="$0"
+# Need this for relative symlinks.
+while [ -h "$PRG" ] ; do
+    ls=`ls -ld "$PRG"`
+    link=`expr "$ls" : '.*-> \(.*\)$'`
+    if expr "$link" : '/.*' > /dev/null; then
+        PRG="$link"
+    else
+        PRG=`dirname "$PRG"`"/$link"
+    fi
+done
+SAVED="`pwd`"
+cd "`dirname \"$PRG\"`/" >/dev/null
+APP_HOME="`pwd -P`"
+cd "$SAVED" >/dev/null
+
+APP_NAME="Gradle"
+APP_BASE_NAME=`basename "$0"`
+
+# Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
+DEFAULT_JVM_OPTS='"-Xmx64m" "-Xms64m"'
+
+# Use the maximum available, or set MAX_FD != -1 to use that value.
+MAX_FD="maximum"
+
+warn () {
+    echo "$*"
+}
+
+die () {
+    echo
+    echo "$*"
+    echo
+    exit 1
+}
+
+# OS specific support (must be 'true' or 'false').
+cygwin=false
+msys=false
+darwin=false
+nonstop=false
+case "`uname`" in
+  CYGWIN* )
+    cygwin=true
+    ;;
+  Darwin* )
+    darwin=true
+    ;;
+  MINGW* )
+    msys=true
+    ;;
+  NONSTOP* )
+    nonstop=true
+    ;;
+esac
+
+CLASSPATH=$APP_HOME/gradle/wrapper/gradle-wrapper.jar
+
+
+# Determine the Java command to use to start the JVM.
+if [ -n "$JAVA_HOME" ] ; then
+    if [ -x "$JAVA_HOME/jre/sh/java" ] ; then
+        # IBM's JDK on AIX uses strange locations for the executables
+        JAVACMD="$JAVA_HOME/jre/sh/java"
+    else
+        JAVACMD="$JAVA_HOME/bin/java"
+    fi
+    if [ ! -x "$JAVACMD" ] ; then
+        die "ERROR: JAVA_HOME is set to an invalid directory: $JAVA_HOME
+
+Please set the JAVA_HOME variable in your environment to match the
+location of your Java installation."
+    fi
+else
+    JAVACMD="java"
+    which java >/dev/null 2>&1 || die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
+
+Please set the JAVA_HOME variable in your environment to match the
+location of your Java installation."
+fi
+
+# Increase the maximum file descriptors if we can.
+if [ "$cygwin" = "false" -a "$darwin" = "false" -a "$nonstop" = "false" ] ; then
+    MAX_FD_LIMIT=`ulimit -H -n`
+    if [ $? -eq 0 ] ; then
+        if [ "$MAX_FD" = "maximum" -o "$MAX_FD" = "max" ] ; then
+            MAX_FD="$MAX_FD_LIMIT"
+        fi
+        ulimit -n $MAX_FD
+        if [ $? -ne 0 ] ; then
+            warn "Could not set maximum file descriptor limit: $MAX_FD"
+        fi
+    else
+        warn "Could not query maximum file descriptor limit: $MAX_FD_LIMIT"
+    fi
+fi
+
+# For Darwin, add options to specify how the application appears in the dock
+if $darwin; then
+    GRADLE_OPTS="$GRADLE_OPTS \"-Xdock:name=$APP_NAME\" \"-Xdock:icon=$APP_HOME/media/gradle.icns\""
+fi
+
+# For Cygwin or MSYS, switch paths to Windows format before running java
+if [ "$cygwin" = "true" -o "$msys" = "true" ] ; then
+    APP_HOME=`cygpath --path --mixed "$APP_HOME"`
+    CLASSPATH=`cygpath --path --mixed "$CLASSPATH"`
+
+    JAVACMD=`cygpath --unix "$JAVACMD"`
+
+    # We build the pattern for arguments to be converted via cygpath
+    ROOTDIRSRAW=`find -L / -maxdepth 1 -mindepth 1 -type d 2>/dev/null`
+    SEP=""
+    for dir in $ROOTDIRSRAW ; do
+        ROOTDIRS="$ROOTDIRS$SEP$dir"
+        SEP="|"
+    done
+    OURCYGPATTERN="(^($ROOTDIRS))"
+    # Add a user-defined pattern to the cygpath arguments
+    if [ "$GRADLE_CYGPATTERN" != "" ] ; then
+        OURCYGPATTERN="$OURCYGPATTERN|($GRADLE_CYGPATTERN)"
+    fi
+    # Now convert the arguments - kludge to limit ourselves to /bin/sh
+    i=0
+    for arg in "$@" ; do
+        CHECK=`echo "$arg"|egrep -c "$OURCYGPATTERN" -`
+        CHECK2=`echo "$arg"|egrep -c "^-"`                                 ### Determine if an option
+
+        if [ $CHECK -ne 0 ] && [ $CHECK2 -eq 0 ] ; then                    ### Added a condition
+            eval `echo args$i`=`cygpath --path --ignore --mixed "$arg"`
+        else
+            eval `echo args$i`="\"$arg\""
+        fi
+        i=`expr $i + 1`
+    done
+    case $i in
+        0) set -- ;;
+        1) set -- "$args0" ;;
+        2) set -- "$args0" "$args1" ;;
+        3) set -- "$args0" "$args1" "$args2" ;;
+        4) set -- "$args0" "$args1" "$args2" "$args3" ;;
+        5) set -- "$args0" "$args1" "$args2" "$args3" "$args4" ;;
+        6) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" ;;
+        7) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" ;;
+        8) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" ;;
+        9) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" "$args8" ;;
+    esac
+fi
+
+# Escape application args
+save () {
+    for i do printf %s\\n "$i" | sed "s/'/'\\\\''/g;1s/^/'/;\$s/\$/' \\\\/" ; done
+    echo " "
+}
+APP_ARGS=`save "$@"`
+
+# Collect all arguments for the java command, following the shell quoting and substitution rules
+eval set -- $DEFAULT_JVM_OPTS $JAVA_OPTS $GRADLE_OPTS "\"-Dorg.gradle.appname=$APP_BASE_NAME\"" -classpath "\"$CLASSPATH\"" org.gradle.wrapper.GradleWrapperMain "$APP_ARGS"
+
+exec "$JAVACMD" "$@"
diff --git a/gradlew.bat b/gradlew.bat
new file mode 100644
index 0000000..107acd3
--- /dev/null
+++ b/gradlew.bat
@@ -0,0 +1,89 @@
+@rem
+@rem Copyright 2015 the original author or authors.
+@rem
+@rem Licensed under the Apache License, Version 2.0 (the "License");
+@rem you may not use this file except in compliance with the License.
+@rem You may obtain a copy of the License at
+@rem
+@rem      https://www.apache.org/licenses/LICENSE-2.0
+@rem
+@rem Unless required by applicable law or agreed to in writing, software
+@rem distributed under the License is distributed on an "AS IS" BASIS,
+@rem WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+@rem See the License for the specific language governing permissions and
+@rem limitations under the License.
+@rem
+
+@if "%DEBUG%" == "" @echo off
+@rem ##########################################################################
+@rem
+@rem  Gradle startup script for Windows
+@rem
+@rem ##########################################################################
+
+@rem Set local scope for the variables with windows NT shell
+if "%OS%"=="Windows_NT" setlocal
+
+set DIRNAME=%~dp0
+if "%DIRNAME%" == "" set DIRNAME=.
+set APP_BASE_NAME=%~n0
+set APP_HOME=%DIRNAME%
+
+@rem Resolve any "." and ".." in APP_HOME to make it shorter.
+for %%i in ("%APP_HOME%") do set APP_HOME=%%~fi
+
+@rem Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
+set DEFAULT_JVM_OPTS="-Xmx64m" "-Xms64m"
+
+@rem Find java.exe
+if defined JAVA_HOME goto findJavaFromJavaHome
+
+set JAVA_EXE=java.exe
+%JAVA_EXE% -version >NUL 2>&1
+if "%ERRORLEVEL%" == "0" goto execute
+
+echo.
+echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
+echo.
+echo Please set the JAVA_HOME variable in your environment to match the
+echo location of your Java installation.
+
+goto fail
+
+:findJavaFromJavaHome
+set JAVA_HOME=%JAVA_HOME:"=%
+set JAVA_EXE=%JAVA_HOME%/bin/java.exe
+
+if exist "%JAVA_EXE%" goto execute
+
+echo.
+echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME%
+echo.
+echo Please set the JAVA_HOME variable in your environment to match the
+echo location of your Java installation.
+
+goto fail
+
+:execute
+@rem Setup the command line
+
+set CLASSPATH=%APP_HOME%\gradle\wrapper\gradle-wrapper.jar
+
+
+@rem Execute Gradle
+"%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" org.gradle.wrapper.GradleWrapperMain %*
+
+:end
+@rem End local scope for the variables with windows NT shell
+if "%ERRORLEVEL%"=="0" goto mainEnd
+
+:fail
+rem Set variable GRADLE_EXIT_CONSOLE if you need the _script_ return code instead of
+rem the _cmd.exe /c_ return code!
+if  not "" == "%GRADLE_EXIT_CONSOLE%" exit 1
+exit /b 1
+
+:mainEnd
+if "%OS%"=="Windows_NT" endlocal
+
+:omega
diff --git a/settings.gradle b/settings.gradle
new file mode 100644
index 0000000..433abbd
--- /dev/null
+++ b/settings.gradle
@@ -0,0 +1,2 @@
+rootProject.name = 'oracle-sentry'
+
diff --git a/src/main/java/net/lamgc/oracle/sentry/ApplicationMain.java b/src/main/java/net/lamgc/oracle/sentry/ApplicationMain.java
new file mode 100644
index 0000000..b0eeefd
--- /dev/null
+++ b/src/main/java/net/lamgc/oracle/sentry/ApplicationMain.java
@@ -0,0 +1,101 @@
+package net.lamgc.oracle.sentry;
+
+import com.oracle.bmc.auth.AuthenticationDetailsProvider;
+import net.lamgc.oracle.sentry.script.ScriptComponent;
+import net.lamgc.oracle.sentry.script.ScriptManager;
+import net.lamgc.oracle.sentry.script.tools.http.ScriptHttpClient;
+import org.apache.http.impl.client.HttpClientBuilder;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+
+import java.io.File;
+import java.io.IOException;
+
+/**
+ * <p> 程序入口
+ * @author LamGC
+ */
+@SpringBootApplication
+@Configuration
+public class ApplicationMain {
+
+    private final static Logger log = LoggerFactory.getLogger(ApplicationMain.class);
+
+    @SuppressWarnings("AlibabaConstantFieldShouldBeUpperCase")
+    private final static Object mainThreadWaiter = new Object();
+
+    @Value("${oracle.identity.location:./identity/}")
+    private String identityDirectory;
+    @Value("${oracle.identity.pattern:.*\\.oracle.ini$}")
+    private String identityFilePattern;
+    @Value("${sentry.script.location:./scripts/}")
+    private String scriptsLocation;
+    @Value("${oracle.script.ssh.identityPath:./ssh.config.json}")
+    private String sshIdentityPath;
+
+    public static void main(String[] args) {
+        SpringApplication.run(ApplicationMain.class, args);
+        Runtime.getRuntime().addShutdownHook(new Thread(mainThreadWaiter::notifyAll, "ShutdownMainThread"));
+        synchronized (mainThreadWaiter) {
+            try {
+                mainThreadWaiter.wait();
+            } catch (InterruptedException e) {
+                log.warn("", e);
+            }
+        }
+    }
+
+    @Bean("oracle.identity.manager")
+    public OracleIdentityManager initialOracleIdentityManager() throws IOException {
+        OracleIdentityManager oracleUserManager = new OracleIdentityManager();
+        log.info("正在加载 Oracle API 身份配置...");
+        log.debug("Oracle API 身份配置查找路径: \"{}\", 匹配表达式: {}", identityDirectory, identityFilePattern);
+        int loadedCount = oracleUserManager.loadFromDirectory(new File(identityDirectory), identityFilePattern);
+        log.info("已加载 {} 个身份配置.", loadedCount);
+        return oracleUserManager;
+    }
+
+    @Bean("oracle.compute.instance.manager")
+    @Autowired
+    public ComputeInstanceManager initialComputeInstanceManager(OracleIdentityManager identityManager) throws IOException {
+        ComputeInstanceManager instanceManager = new ComputeInstanceManager();
+        int addTotal = 0;
+        for (AuthenticationDetailsProvider provider : identityManager.getProviders()) {
+            String identityName = identityManager.getIdentityName(provider.getUserId());
+            log.info("正在加载用户 {} 所拥有的所有实例...", identityName);
+            int addCount;
+            try {
+                addCount = instanceManager.addComputeInstanceFromUser(provider);
+            } catch (Exception e) {
+                log.error("加载实例时发生异常.", e);
+                continue;
+            }
+            log.info("用户 {} 已添加 {} 个计算实例.", identityName, addCount);
+            addTotal += addCount;
+        }
+
+        log.info("正在初始化 SSH 认证配置提供器...");
+        instanceManager.initialSshIdentityProvider(new File(sshIdentityPath));
+        log.info("已完成 ComputeInstanceManager 初始化, 共加载了 {} 个计算实例.", addTotal);
+        return instanceManager;
+    }
+
+    @Bean("sentry.script.manager")
+    @Autowired
+    public ScriptManager initialScriptManager(ComputeInstanceManager instanceManager) {
+        ScriptComponent context = new ScriptComponent(new ScriptHttpClient(HttpClientBuilder.create()
+                .build()),
+                instanceManager);
+
+        ScriptManager manager = new ScriptManager(new File(scriptsLocation), context);
+        manager.loadScripts();
+        return manager;
+    }
+
+}
diff --git a/src/main/java/net/lamgc/oracle/sentry/ComputeInstanceManager.java b/src/main/java/net/lamgc/oracle/sentry/ComputeInstanceManager.java
new file mode 100644
index 0000000..7ced275
--- /dev/null
+++ b/src/main/java/net/lamgc/oracle/sentry/ComputeInstanceManager.java
@@ -0,0 +1,127 @@
+package net.lamgc.oracle.sentry;
+
+import com.oracle.bmc.auth.AuthenticationDetailsProvider;
+import com.oracle.bmc.core.ComputeClient;
+import com.oracle.bmc.core.model.Instance;
+import com.oracle.bmc.core.requests.ListInstancesRequest;
+import com.oracle.bmc.core.responses.ListInstancesResponse;
+import com.oracle.bmc.identity.IdentityClient;
+import com.oracle.bmc.identity.model.Compartment;
+import com.oracle.bmc.identity.requests.ListCompartmentsRequest;
+import com.oracle.bmc.identity.responses.ListCompartmentsResponse;
+import net.lamgc.oracle.sentry.oci.compute.ComputeInstance;
+import net.lamgc.oracle.sentry.oci.compute.ssh.SshAuthIdentityProvider;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.io.File;
+import java.io.IOException;
+import java.util.*;
+import java.util.concurrent.ConcurrentHashMap;
+import java.util.stream.Collectors;
+
+/**
+ * 计算实例管理器.
+ * @author LamGC
+ */
+public class ComputeInstanceManager {
+
+    private final static Logger log = LoggerFactory.getLogger(ComputeInstanceManager.class);
+
+    private final Map<String, ComputeInstance> instanceMap = new ConcurrentHashMap<>();
+    private SshAuthIdentityProvider sshIdentityProvider;
+
+    /**
+     * 初始化 SSH 认证配置提供器.
+     * @param sshIdentityJson SSH 认证配置文件.
+     * @throws IOException 加载时如有异常将直接抛出.
+     */
+    public void initialSshIdentityProvider(File sshIdentityJson) throws IOException {
+        sshIdentityProvider = new SshAuthIdentityProvider(this, sshIdentityJson);
+        sshIdentityProvider.loadAuthInfo();
+    }
+
+    public SshAuthIdentityProvider getSshIdentityProvider() {
+        return sshIdentityProvider;
+    }
+
+    /**
+     * 单独添加一个计算实例对象.
+     * @param instance 计算实例对象.
+     * @throws NullPointerException 当 instance 为 {@code null} 时抛出异常.
+     */
+    public void addComputeInstance(ComputeInstance instance) {
+        Objects.requireNonNull(instance);
+        instanceMap.put(instance.getInstanceId(), instance);
+    }
+
+    /**
+     * 获取某一用户的所有已添加实例.
+     * @param userId 用户 Id.
+     * @return 返回该用户所拥有的的所有已添加实例.
+     * @throws NullPointerException 当 userId 为 {@code null} 时抛出异常.
+     */
+    public Set<ComputeInstance> getInstancesByUserId(String userId) {
+        Objects.requireNonNull(userId);
+        return instanceMap.values().stream()
+                .filter(computeInstance -> computeInstance.getUserId().equals(userId))
+                .collect(Collectors.toSet());
+    }
+
+    /**
+     * 添加某一用户的所有计算实例.
+     * @param provider 用户身份提供器.
+     * @return 返回已成功添加的实例数量.
+     * @throws NullPointerException 如果 provider 为 {@code null} 则抛出异常.
+     */
+    public int addComputeInstanceFromUser(AuthenticationDetailsProvider provider) {
+        Objects.requireNonNull(provider);
+        IdentityClient identityClient = new IdentityClient(provider);
+        ComputeClient computeClient = new ComputeClient(provider);
+        ListCompartmentsResponse listCompartments = identityClient.listCompartments(ListCompartmentsRequest.builder()
+                .compartmentId(provider.getTenantId())
+                .build());
+        int addCount = 0;
+        Set<String> compartmentIds = listCompartments.getItems().stream()
+                .map(Compartment::getId).collect(Collectors.toSet());
+        compartmentIds.add(provider.getTenantId());
+        for (String compartmentId : compartmentIds) {
+            ListInstancesResponse listInstances = computeClient.listInstances(ListInstancesRequest.builder()
+                    .compartmentId(compartmentId)
+                    .build());
+            for (Instance instance : listInstances.getItems()) {
+                ComputeInstance computeInstance = new ComputeInstance(this, instance.getId(),
+                        provider.getUserId(), compartmentId, instance.getImageId(), provider);
+
+                addComputeInstance(computeInstance);
+                addCount ++;
+            }
+        }
+
+        return addCount;
+    }
+
+    /**
+     * 通过实例 Id 获取计算实例对象.
+     * @param instanceId 实例 Id.
+     * @return 返回计算实例对象.
+     * @throws NullPointerException 当 instanceId 为 {@code null} 时抛出异常.
+     * @throws NoSuchElementException 当未找到指定计算实例时抛出该异常.
+     */
+    public ComputeInstance getComputeInstanceById(String instanceId) {
+        Objects.requireNonNull(instanceId);
+        if (!instanceMap.containsKey(instanceId)) {
+            throw new NoSuchElementException(instanceId);
+        }
+        return instanceMap.get(instanceId);
+    }
+
+    /**
+     * 获取所有计算实例.
+     * @return 返回所有已添加的计算实例.
+     */
+    public Set<ComputeInstance> getComputeInstances() {
+        return instanceMap.values().stream().collect(Collectors.toUnmodifiableSet());
+    }
+
+}
diff --git a/src/main/java/net/lamgc/oracle/sentry/OracleIdentityManager.java b/src/main/java/net/lamgc/oracle/sentry/OracleIdentityManager.java
new file mode 100644
index 0000000..031477d
--- /dev/null
+++ b/src/main/java/net/lamgc/oracle/sentry/OracleIdentityManager.java
@@ -0,0 +1,189 @@
+package net.lamgc.oracle.sentry;
+
+import com.google.common.base.Throwables;
+import com.google.gson.JsonArray;
+import com.google.gson.JsonObject;
+import com.oracle.bmc.ConfigFileReader;
+import com.oracle.bmc.Region;
+import com.oracle.bmc.auth.AuthenticationDetailsProvider;
+import com.oracle.bmc.auth.SimpleAuthenticationDetailsProvider;
+import com.oracle.bmc.auth.SimplePrivateKeySupplier;
+import com.oracle.bmc.identity.IdentityClient;
+import com.oracle.bmc.identity.requests.GetUserRequest;
+import com.oracle.bmc.identity.responses.GetUserResponse;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.stereotype.Component;
+
+import java.io.File;
+import java.io.FileNotFoundException;
+import java.io.IOException;
+import java.io.InputStream;
+import java.util.Map;
+import java.util.NoSuchElementException;
+import java.util.Objects;
+import java.util.Set;
+import java.util.concurrent.ConcurrentHashMap;
+import java.util.function.Supplier;
+import java.util.stream.Collectors;
+
+/**
+ * Oracle 身份管理器.
+ * @author LamGC
+ */
+public final class OracleIdentityManager {
+
+    private final static Logger log = LoggerFactory.getLogger(OracleIdentityManager.class);
+
+    /**
+     * 认证身份 Map.
+     * Key: Identity Id
+     * Value {@link AuthenticationDetailsProvider}
+     */
+    private final Map<String, AuthenticationDetailsProvider> identityMap = new ConcurrentHashMap<>();
+    /**
+     * 用户名 Map.
+     * key Identity Id
+     * Value: Username
+     */
+    private final Map<String, String> identityNameMap = new ConcurrentHashMap<>();
+
+    /**
+     * 从目录扫描匹配的配置文件并加载.
+     * @param directory 待扫描的目录.
+     * @param pattern 文件匹配规则(正则表达式).
+     * @throws IOException 当加载发生异常时将抛出该异常.
+     * @return 返回成功加载的身份配置数量.
+     */
+    public int loadFromDirectory(File directory, String pattern) throws IOException {
+        if (!directory.exists()) {
+            throw new FileNotFoundException(directory.getCanonicalPath());
+        } else if (!directory.isDirectory()) {
+            throw new IOException("The specified path is not a folder");
+        }
+
+        File[] configFiles = directory.listFiles(file -> file.isFile() && file.getName().matches(pattern));
+        if (configFiles == null) {
+            throw new IOException("Unable to access the specified directory: " + directory.getCanonicalPath());
+        }
+        int loadedCount = 0;
+        for (File configFile : configFiles) {
+            try {
+                AuthenticationDetailsProvider provider = loadFromConfigFile(configFile);
+                loadedCount ++;
+                log.info("已成功加载身份配置文件.\nUserId: {}\nUsername: {}\nPath: {})",
+                        provider.getUserId(),
+                        getIdentityName(provider.getUserId()),
+                        configFile.getCanonicalPath());
+            } catch (Exception e) {
+                log.error("加载身份配置文件时发生异常.(Path: {})\n{}", configFile.getCanonicalPath(), Throwables.getStackTraceAsString(e));
+            }
+        }
+        return loadedCount;
+    }
+
+    /**
+     * 通过配置文件加载身份信息.
+     * @param identityConfig 身份信息文件.
+     * @throws IOException 如果读取文件发生问题时将抛出该异常.
+     */
+    public AuthenticationDetailsProvider loadFromConfigFile(File identityConfig) throws IOException {
+        if (!identityConfig.exists()) {
+            throw new FileNotFoundException(identityConfig.getAbsolutePath());
+        }
+
+        ConfigFileReader.ConfigFile config
+                = ConfigFileReader.parse(identityConfig.getAbsolutePath());
+
+        String keyFilePath = config.get("key_file");
+        if (keyFilePath.startsWith(".")) {
+            keyFilePath = new File(identityConfig.getParent(), config.get("key_file")).getCanonicalPath();
+        }
+        Supplier<InputStream> privateKeySupplier
+                = new SimplePrivateKeySupplier(keyFilePath);
+
+        AuthenticationDetailsProvider provider
+                = SimpleAuthenticationDetailsProvider.builder()
+                .region(Region.fromRegionCode(config.get("region")))
+                .tenantId(config.get("tenancy"))
+                .userId(config.get("user"))
+                .fingerprint(config.get("fingerprint"))
+                .privateKeySupplier(privateKeySupplier::get)
+                .build();
+
+        // 尝试获取身份所属用户名, 以此检查该身份配置是否正确.
+        String identityName = getIdentityName0(provider);
+        identityNameMap.put(provider.getUserId(), identityName);
+        identityMap.put(provider.getUserId(), provider);
+        return provider;
+    }
+
+    /**
+     * 获取身份所属用户的名称.
+     * @param provider 身份提供器.
+     * @return 返回用户名.
+     */
+    private String getIdentityName0(AuthenticationDetailsProvider provider) {
+        IdentityClient identityClient = new IdentityClient(provider);
+        GetUserResponse user = identityClient.getUser(GetUserRequest.builder()
+                .userId(provider.getUserId())
+                .build());
+        return user.getUser().getName();
+    }
+
+    /**
+     * 获取身份信息所属的用户名.
+     * @param userId 身份信息所属的用户 Id.
+     * @return 返回用户名.
+     * @throws NullPointerException 当 userId 为 {@code null} 时抛出该异常.
+     * @throws NoSuchElementException 指定的 UserId 未找到对应用户名时抛出该异常.
+     */
+    public String getIdentityName(String userId) {
+        Objects.requireNonNull(userId);
+        if (!identityMap.containsKey(userId)) {
+            throw new NoSuchElementException(userId);
+        }
+        return identityNameMap.get(userId);
+    }
+
+    /**
+     * 通过 UserId 获取指定身份提供器.
+     * @param userId 用户 Id.
+     * @return 返回身份提供器.
+     * @throws NullPointerException 当 userId 为 {@code null} 时抛出该异常.
+     * @throws NoSuchElementException 指定的 UserId 未找到对应 Provider 时抛出该异常.
+     */
+    public AuthenticationDetailsProvider getProviderByUserId(String userId) {
+        Objects.requireNonNull(userId);
+        if (!identityMap.containsKey(userId)) {
+            throw new NoSuchElementException(userId);
+        }
+        return identityMap.get(userId);
+    }
+
+    /**
+     * 导出身份信息.
+     * <p> 不包含私钥.
+     * @return 返回 Json 形式的身份信息数组.
+     */
+    public JsonArray exportIdentityInfo() {
+        JsonArray identityInfoArray = new JsonArray(identityMap.size());
+        for (AuthenticationDetailsProvider provider : identityMap.values()) {
+            JsonObject identity = new JsonObject();
+            identity.addProperty("UserId", provider.getUserId());
+            identity.addProperty("TenantId", provider.getTenantId());
+            identity.addProperty("Fingerprint", provider.getFingerprint());
+            identityInfoArray.add(identity);
+        }
+        return identityInfoArray;
+    }
+
+    /**
+     * 获取所有身份提供器.
+     * @return 返回包含所有身份提供器的集合对象.
+     */
+    public Set<AuthenticationDetailsProvider> getProviders() {
+        return identityMap.values().stream().collect(Collectors.toUnmodifiableSet());
+    }
+
+}
diff --git a/src/main/java/net/lamgc/oracle/sentry/common/InputStreamWrapper.java b/src/main/java/net/lamgc/oracle/sentry/common/InputStreamWrapper.java
new file mode 100644
index 0000000..c2c8af4
--- /dev/null
+++ b/src/main/java/net/lamgc/oracle/sentry/common/InputStreamWrapper.java
@@ -0,0 +1,79 @@
+package net.lamgc.oracle.sentry.common;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.OutputStream;
+
+public class InputStreamWrapper extends InputStream {
+    
+    private final InputStream source;
+    
+    public InputStreamWrapper(InputStream source) {
+        this.source = source;
+    }
+    
+    @Override
+    public int read() throws IOException {
+        return this.source.read();
+    }
+
+    @Override
+    public int read(byte[] b) throws IOException {
+        return this.source.read(b);
+    }
+
+    @Override
+    public int read(byte[] b, int off, int len) throws IOException {
+        return this.source.read(b, off, len);
+    }
+
+    @Override
+    public byte[] readAllBytes() throws IOException {
+        return this.source.readAllBytes();
+    }
+
+    @Override
+    public byte[] readNBytes(int len) throws IOException {
+        return this.source.readNBytes(len);
+    }
+
+    @Override
+    public int readNBytes(byte[] b, int off, int len) throws IOException {
+        return this.source.readNBytes(b, off, len);
+    }
+
+    @Override
+    public long skip(long n) throws IOException {
+        return this.source.skip(n);
+    }
+
+    @Override
+    public void skipNBytes(long n) throws IOException {
+        this.source.skipNBytes(n);
+    }
+
+    @Override
+    public int available() throws IOException {
+        return this.source.available();
+    }
+
+    @Override
+    public synchronized void mark(int readlimit) {
+        this.source.mark(readlimit);
+    }
+
+    @Override
+    public synchronized void reset() throws IOException {
+        this.source.reset();
+    }
+
+    @Override
+    public boolean markSupported() {
+        return this.source.markSupported();
+    }
+
+    @Override
+    public long transferTo(OutputStream out) throws IOException {
+        return this.source.transferTo(out);
+    }
+}
diff --git a/src/main/java/net/lamgc/oracle/sentry/common/OutputStreamWrapper.java b/src/main/java/net/lamgc/oracle/sentry/common/OutputStreamWrapper.java
new file mode 100644
index 0000000..3a4a4b6
--- /dev/null
+++ b/src/main/java/net/lamgc/oracle/sentry/common/OutputStreamWrapper.java
@@ -0,0 +1,34 @@
+package net.lamgc.oracle.sentry.common;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.OutputStream;
+
+public class OutputStreamWrapper extends OutputStream {
+    
+    private final OutputStream target;
+    
+    public OutputStreamWrapper(OutputStream target) {
+        this.target = target;
+    }
+
+    @Override
+    public void write(int b) throws IOException {
+        target.write(b);
+    }
+
+    @Override
+    public void write(byte[] b) throws IOException {
+        this.target.write(b);
+    }
+
+    @Override
+    public void write(byte[] b, int off, int len) throws IOException {
+        this.target.write(b, off, len);
+    }
+
+    @Override
+    public void flush() throws IOException {
+        this.target.flush();
+    }
+}
diff --git a/src/main/java/net/lamgc/oracle/sentry/oci/compute/ComputeInstance.java b/src/main/java/net/lamgc/oracle/sentry/oci/compute/ComputeInstance.java
new file mode 100644
index 0000000..1628459
--- /dev/null
+++ b/src/main/java/net/lamgc/oracle/sentry/oci/compute/ComputeInstance.java
@@ -0,0 +1,163 @@
+package net.lamgc.oracle.sentry.oci.compute;
+
+import com.oracle.bmc.auth.AuthenticationDetailsProvider;
+import com.oracle.bmc.core.ComputeClient;
+import com.oracle.bmc.core.model.Image;
+import com.oracle.bmc.core.model.Instance;
+import com.oracle.bmc.core.requests.GetImageRequest;
+import com.oracle.bmc.core.requests.GetInstanceRequest;
+import com.oracle.bmc.core.requests.InstanceActionRequest;
+import com.oracle.bmc.core.responses.GetImageResponse;
+import com.oracle.bmc.core.responses.GetInstanceResponse;
+import com.oracle.bmc.core.responses.InstanceActionResponse;
+import net.lamgc.oracle.sentry.ComputeInstanceManager;
+import net.lamgc.oracle.sentry.oci.compute.ssh.InstanceSsh;
+import net.lamgc.oracle.sentry.oci.compute.ssh.SshAuthInfo;
+
+import java.util.Objects;
+
+/**
+ * 计算实例.
+ * @author LamGC
+ */
+public final class ComputeInstance {
+
+    private final ComputeInstanceManager instanceManager;
+
+    private final String instanceId;
+    private final String userId;
+    private final String compartmentId;
+    private final String imageId;
+    private final AuthenticationDetailsProvider authProvider;
+    private final InstanceNetwork network;
+
+    private final ComputeClient computeClient;
+
+    public ComputeInstance(ComputeInstanceManager instanceManager, String instanceId, String userId,
+                           String compartmentId, String imageId, AuthenticationDetailsProvider provider) {
+        this.instanceManager = instanceManager;
+        this.instanceId = instanceId;
+        this.userId = userId;
+        this.compartmentId = compartmentId;
+        this.imageId = imageId;
+        this.authProvider = provider;
+
+        computeClient = new ComputeClient(provider);
+        this.network = new InstanceNetwork(this);
+    }
+
+    public String getInstanceId() {
+        return instanceId;
+    }
+
+    public String getUserId() {
+        return userId;
+    }
+
+    public String getCompartmentId() {
+        return compartmentId;
+    }
+
+    public String getImageId() {
+        return imageId;
+    }
+
+    /**
+     * 获取并返回实例镜像信息.
+     * <p> 可获取系统信息.
+     * <p> 如果实例被 dd, 则本信息不准确.
+     * @return 返回实例信息.
+     */
+    public Image getImage() {
+        GetImageResponse image = computeClient.getImage(GetImageRequest.builder()
+                .imageId(imageId)
+                .build());
+        return image.getImage();
+    }
+
+    /**
+     * 获取实例网络对象.
+     * <p> 可通过 InstanceNetwork 操作实例网络相关.
+     * @return 返回 InstanceNetwork.
+     */
+    public InstanceNetwork network() {
+        return network;
+    }
+
+    public InstanceSsh ssh() {
+        Instance.LifecycleState instanceState = getInstanceState();
+        if (instanceState != Instance.LifecycleState.Running) {
+            throw new IllegalStateException("The state of the current instance cannot connect to SSH: " + instanceState);
+        }
+        return new InstanceSsh(this, getSshIdentity());
+    }
+
+    public Instance.LifecycleState getInstanceState() {
+        GetInstanceResponse instance = computeClient.getInstance(GetInstanceRequest.builder()
+                .instanceId(instanceId)
+                .build());
+
+        return instance.getInstance().getLifecycleState();
+    }
+
+    /**
+     * 对实例执行操作.
+     * @param action 操作类型.
+     * @return 如果成功, 返回实例最新状态.
+     */
+    public Instance.LifecycleState execAction(InstanceAction action) {
+        InstanceActionResponse actionResponse = computeClient.instanceAction(InstanceActionRequest.builder()
+                .instanceId(instanceId)
+                .action(action.getActionValue())
+                .build());
+        return actionResponse.getInstance().getLifecycleState();
+    }
+
+    /**
+     * 获取实例名称.
+     */
+    public String getInstanceName() {
+        GetInstanceResponse instance = computeClient.getInstance(GetInstanceRequest.builder()
+                .instanceId(instanceId)
+                .build());
+        return instance.getInstance().getDisplayName();
+    }
+
+    /**
+     * 获得 OCI 的计算 API 客户端, 可通过该客户端执行更多的操作.
+     * @return 返回计算 API 客户端.
+     */
+    public ComputeClient getComputeClient() {
+        return computeClient;
+    }
+
+    AuthenticationDetailsProvider getAuthProvider() {
+        return authProvider;
+    }
+
+    @Override
+    public boolean equals(Object o) {
+        if (this == o) {
+            return true;
+        }
+        if (o == null || getClass() != o.getClass()) {
+            return false;
+        }
+        ComputeInstance that = (ComputeInstance) o;
+        return instanceId.equals(that.instanceId) && userId.equals(that.userId) && compartmentId.equals(that.compartmentId);
+    }
+
+    @Override
+    public int hashCode() {
+        return Objects.hash(instanceId, userId, compartmentId);
+    }
+
+    /**
+     * 获取 SSH 认证信息.
+     */
+    private SshAuthInfo getSshIdentity() {
+        return instanceManager.getSshIdentityProvider()
+                .getAuthInfoByInstanceId(instanceId);
+    }
+
+}
diff --git a/src/main/java/net/lamgc/oracle/sentry/oci/compute/InstanceAction.java b/src/main/java/net/lamgc/oracle/sentry/oci/compute/InstanceAction.java
new file mode 100644
index 0000000..26fc3ee
--- /dev/null
+++ b/src/main/java/net/lamgc/oracle/sentry/oci/compute/InstanceAction.java
@@ -0,0 +1,36 @@
+package net.lamgc.oracle.sentry.oci.compute;
+
+public enum InstanceAction {
+    /**
+     * 启动实例.
+     */
+    START("start"),
+    /**
+     * 硬停止实例.
+     */
+    STOP("stop"),
+    /**
+     * 硬重启实例.
+     */
+    RESET("reset"),
+    /**
+     * 软重启实例, 操作系统将按照正常的重启过程进行.
+     */
+    SOFT_RESET("softreset"),
+    /**
+     * 软停止实例, 操作系统将按照正常的关机过程进行.
+     */
+    SOFT_STOP("softstop")
+
+    ;
+
+    private final String actionValue;
+
+    InstanceAction(String actionValue) {
+        this.actionValue = actionValue;
+    }
+
+    public String getActionValue() {
+        return actionValue;
+    }
+}
diff --git a/src/main/java/net/lamgc/oracle/sentry/oci/compute/InstanceNetwork.java b/src/main/java/net/lamgc/oracle/sentry/oci/compute/InstanceNetwork.java
new file mode 100644
index 0000000..003261c
--- /dev/null
+++ b/src/main/java/net/lamgc/oracle/sentry/oci/compute/InstanceNetwork.java
@@ -0,0 +1,62 @@
+package net.lamgc.oracle.sentry.oci.compute;
+
+import com.oracle.bmc.core.VirtualNetworkClient;
+import com.oracle.bmc.core.model.VnicAttachment;
+import com.oracle.bmc.core.requests.GetVnicRequest;
+import com.oracle.bmc.core.requests.ListVnicAttachmentsRequest;
+import com.oracle.bmc.core.responses.GetVnicResponse;
+import com.oracle.bmc.core.responses.ListVnicAttachmentsResponse;
+
+import java.util.HashSet;
+import java.util.List;
+import java.util.NoSuchElementException;
+import java.util.Set;
+
+/**
+ * @author LamGC
+ */
+public class InstanceNetwork {
+
+    private final ComputeInstance instance;
+    private final VirtualNetworkClient vcnClient;
+
+    InstanceNetwork(ComputeInstance instance) {
+        this.instance = instance;
+        this.vcnClient = new VirtualNetworkClient(this.instance.getAuthProvider());
+    }
+
+    /**
+     * 获取实例的所有公共 IP.
+     * @return 返回所有公共 IP.
+     * @throws NoSuchElementException 当 InstanceId 所属实例未添加时抛出该异常.
+     * @throws NullPointerException 当 instanceId 为 {@code null} 时抛出该异常.
+     */
+    public Set<String> getInstancePublicIp() {
+        Set<String> publicIpSet = new HashSet<>();
+        for (VnicAttachment vnicAttachment : listVnicAttachments()) {
+            GetVnicResponse vnic = vcnClient.getVnic(GetVnicRequest.builder()
+                    .vnicId(vnicAttachment.getVnicId())
+                    .build());
+            publicIpSet.add(vnic.getVnic().getPublicIp());
+        }
+
+        return publicIpSet;
+    }
+
+    /**
+     * 获取所有已连接的 Vnic 信息.
+     * @return 返回所有已连接的 Vnic.
+     */
+    public List<VnicAttachment> listVnicAttachments() {
+        ListVnicAttachmentsResponse listVnicAttachments = instance.getComputeClient()
+                .listVnicAttachments(ListVnicAttachmentsRequest.builder()
+                        .compartmentId(instance.getCompartmentId())
+                        .instanceId(instance.getInstanceId())
+                        .build()
+                );
+
+        return listVnicAttachments.getItems().stream().toList();
+    }
+
+
+}
diff --git a/src/main/java/net/lamgc/oracle/sentry/oci/compute/ssh/InstanceSsh.java b/src/main/java/net/lamgc/oracle/sentry/oci/compute/ssh/InstanceSsh.java
new file mode 100644
index 0000000..59b8602
--- /dev/null
+++ b/src/main/java/net/lamgc/oracle/sentry/oci/compute/ssh/InstanceSsh.java
@@ -0,0 +1,83 @@
+package net.lamgc.oracle.sentry.oci.compute.ssh;
+
+import com.google.common.base.Strings;
+import net.lamgc.oracle.sentry.oci.compute.ComputeInstance;
+import org.apache.sshd.client.SshClient;
+import org.apache.sshd.client.future.AuthFuture;
+import org.apache.sshd.client.future.ConnectFuture;
+import org.apache.sshd.client.session.ClientSession;
+import org.apache.sshd.common.config.keys.FilePasswordProvider;
+import org.apache.sshd.common.keyprovider.FileKeyPairProvider;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.io.IOException;
+import java.util.Objects;
+import java.util.Set;
+import java.util.concurrent.TimeUnit;
+
+public class InstanceSsh implements AutoCloseable {
+
+    private final static Logger log = LoggerFactory.getLogger(InstanceSsh.class);
+
+    private final ComputeInstance instance;
+    private final SshAuthInfo authInfo;
+    private final SshClient sshClient;
+
+    public InstanceSsh(ComputeInstance instance, SshAuthInfo authInfo) {
+        this.instance = Objects.requireNonNull(instance);
+        this.authInfo = Objects.requireNonNull(authInfo);
+
+        sshClient = SshClient.setUpDefaultClient();
+        sshClient.setServerKeyVerifier(new OracleInstanceServerKeyVerifier(instance, authInfo));
+        if (authInfo instanceof PublicKeyAuthInfo info) {
+            sshClient.setKeyIdentityProvider(new FileKeyPairProvider(info.getPrivateKeyPath().toPath()));
+            if (!Strings.isNullOrEmpty(info.getKeyPassword())) {
+                sshClient.setFilePasswordProvider(FilePasswordProvider.of(info.getKeyPassword()));
+            }
+        } else if (authInfo instanceof PasswordAuthInfo info) {
+            sshClient.addPasswordIdentity(info.getPassword());
+        } else {
+            throw new IllegalArgumentException("Unsupported authentication type");
+        }
+        sshClient.start();
+    }
+
+    public SshSession createSession() throws IOException {
+        Set<String> instancePublicIps = instance.network().getInstancePublicIp();
+        if (instancePublicIps.stream().findFirst().isEmpty()) {
+            throw new IllegalStateException("Instance has no public IP available.");
+        }
+        String connectUri = "ssh://" + authInfo.getUsername() + "@" + instancePublicIps.stream().findFirst().get() + ":22";
+        log.info("SSH 正在连接: {}", connectUri);
+        ConnectFuture connect = sshClient.connect(connectUri);
+        connect.verify();
+        if (!connect.isConnected()) {
+            if (connect.getException() != null) {
+                throw new IOException(connect.getException());
+            }
+            throw new IOException("A connection to the server could not be established for an unknown reason.");
+        }
+        ClientSession clientSession = connect.getClientSession();
+        AuthFuture auth = clientSession.auth();
+        auth.verify(20, TimeUnit.SECONDS);
+        if (auth.isSuccess()) {
+            return new SshSession(clientSession);
+        } else {
+            if (auth.isFailure()) {
+                clientSession.close();
+                throw new IOException("Authentication with server failed.", clientSession.auth().getException());
+            } else if (auth.isCanceled()) {
+                clientSession.close();
+                throw new IOException("Authentication cancelled.", clientSession.auth().getException());
+            }
+            throw new IOException("Authentication timeout.");
+        }
+    }
+
+
+    @Override
+    public void close() {
+        sshClient.stop();
+    }
+}
diff --git a/src/main/java/net/lamgc/oracle/sentry/oci/compute/ssh/OracleInstanceServerKeyVerifier.java b/src/main/java/net/lamgc/oracle/sentry/oci/compute/ssh/OracleInstanceServerKeyVerifier.java
new file mode 100644
index 0000000..eb481ec
--- /dev/null
+++ b/src/main/java/net/lamgc/oracle/sentry/oci/compute/ssh/OracleInstanceServerKeyVerifier.java
@@ -0,0 +1,79 @@
+package net.lamgc.oracle.sentry.oci.compute.ssh;
+
+import net.lamgc.oracle.sentry.oci.compute.ComputeInstance;
+import org.apache.sshd.client.keyverifier.RequiredServerKeyVerifier;
+import org.apache.sshd.client.keyverifier.ServerKeyVerifier;
+import org.apache.sshd.client.session.ClientSession;
+import org.apache.sshd.common.config.keys.KeyUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.net.SocketAddress;
+import java.security.PublicKey;
+import java.util.Scanner;
+
+/**
+ * @author LamGC
+ */
+public class OracleInstanceServerKeyVerifier implements ServerKeyVerifier {
+
+    private final static Logger log = LoggerFactory.getLogger(OracleInstanceServerKeyVerifier.class);
+
+    private final ComputeInstance instance;
+    private final SshAuthInfo info;
+
+    public OracleInstanceServerKeyVerifier(ComputeInstance instance, SshAuthInfo info) {
+        this.instance = instance;
+        this.info = info;
+    }
+
+    @Override
+    public boolean verifyServerKey(ClientSession clientSession, SocketAddress remoteAddress, PublicKey serverKey) {
+        if (info.getServerKey() != null) {
+            return new RequiredServerKeyVerifier(info.getServerKey())
+                    .verifyServerKey(clientSession, remoteAddress, serverKey);
+        } else {
+            log.warn("首次连接实例 SSH, 需要用户确认服务器公钥是否可信...");
+            boolean result = confirm(remoteAddress, serverKey);
+            if (result) {
+                log.info("用户已确认服务器密钥可信, 将该密钥列入该实例下的信任密钥.");
+                info.setServerKey(serverKey);
+                return true;
+            } else {
+                log.warn("用户已确认该密钥不可信, 拒绝本次连接.");
+                return false;
+            }
+        }
+    }
+
+    public boolean confirm(SocketAddress address, PublicKey key) {
+        String fingerPrint = KeyUtils.getFingerPrint(key);
+        log.warn("开始密钥认证流程... (InstanceId: {}, ServerAddress: {}, KeyFingerPrint: {})",
+                instance.getInstanceId(), address, fingerPrint);
+        Scanner scanner = new Scanner(System.in);
+        log.info("""
+                    本次连接 SSH 为首次连接, 为确保 SSH 安全性，请通过可信渠道获取服务器密钥指纹, 并与下列指纹比对:
+                    实例 ID：{}
+                    实例名称：{}
+                    连接地址：{}
+                    密钥指纹：
+                    
+                                {}
+                                
+                    以上密钥指纹是否与服务器密钥指纹相同？如果指纹相同，对该密钥可信，请输入“Yes”，否则输入任意内容拒绝连接。
+                    该密钥是否可信？（Yes/No）：""",
+                instance.getInstanceId(),
+                instance.getInstanceName(),
+                address,
+                fingerPrint
+        );
+
+        do {
+            if (scanner.hasNextLine()) {
+                String input = scanner.nextLine();
+                return "yes".trim().equalsIgnoreCase(input);
+            }
+        } while (true);
+    }
+
+}
diff --git a/src/main/java/net/lamgc/oracle/sentry/oci/compute/ssh/PasswordAuthInfo.java b/src/main/java/net/lamgc/oracle/sentry/oci/compute/ssh/PasswordAuthInfo.java
new file mode 100644
index 0000000..06976f3
--- /dev/null
+++ b/src/main/java/net/lamgc/oracle/sentry/oci/compute/ssh/PasswordAuthInfo.java
@@ -0,0 +1,22 @@
+package net.lamgc.oracle.sentry.oci.compute.ssh;
+
+/**
+ * @author LamGC
+ */
+public class PasswordAuthInfo extends SshAuthInfo {
+
+    private String password;
+
+    @Override
+    public AuthType getType() {
+        return AuthType.PASSWORD;
+    }
+
+    public String getPassword() {
+        return password;
+    }
+
+    public void setPassword(String password) {
+        this.password = password;
+    }
+}
diff --git a/src/main/java/net/lamgc/oracle/sentry/oci/compute/ssh/PublicKeyAuthInfo.java b/src/main/java/net/lamgc/oracle/sentry/oci/compute/ssh/PublicKeyAuthInfo.java
new file mode 100644
index 0000000..2ba94e4
--- /dev/null
+++ b/src/main/java/net/lamgc/oracle/sentry/oci/compute/ssh/PublicKeyAuthInfo.java
@@ -0,0 +1,33 @@
+package net.lamgc.oracle.sentry.oci.compute.ssh;
+
+import org.apache.sshd.common.config.keys.FilePasswordProvider;
+
+import java.io.File;
+import java.security.KeyPair;
+
+public class PublicKeyAuthInfo extends SshAuthInfo{
+
+    private File privateKeyPath;
+    private String keyPassword;
+
+    @Override
+    public AuthType getType() {
+        return AuthType.PUBLIC_KEY;
+    }
+
+    public File getPrivateKeyPath() {
+        return privateKeyPath;
+    }
+
+    public void setPrivateKeyPath(File privateKeyPath) {
+        this.privateKeyPath = privateKeyPath;
+    }
+
+    public String getKeyPassword() {
+        return keyPassword;
+    }
+
+    public void setKeyPassword(String keyPassword) {
+        this.keyPassword = keyPassword;
+    }
+}
diff --git a/src/main/java/net/lamgc/oracle/sentry/oci/compute/ssh/SshAuthIdentityProvider.java b/src/main/java/net/lamgc/oracle/sentry/oci/compute/ssh/SshAuthIdentityProvider.java
new file mode 100644
index 0000000..cd62b20
--- /dev/null
+++ b/src/main/java/net/lamgc/oracle/sentry/oci/compute/ssh/SshAuthIdentityProvider.java
@@ -0,0 +1,166 @@
+package net.lamgc.oracle.sentry.oci.compute.ssh;
+
+import com.google.common.reflect.TypeToken;
+import com.google.common.util.concurrent.ThreadFactoryBuilder;
+import com.google.gson.Gson;
+import com.google.gson.GsonBuilder;
+import net.lamgc.oracle.sentry.ComputeInstanceManager;
+import net.lamgc.oracle.sentry.oci.compute.ComputeInstance;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.io.File;
+import java.io.FileReader;
+import java.io.IOException;
+import java.nio.charset.StandardCharsets;
+import java.nio.file.Files;
+import java.nio.file.StandardOpenOption;
+import java.util.Map;
+import java.util.NoSuchElementException;
+import java.util.Set;
+import java.util.concurrent.ConcurrentHashMap;
+import java.util.concurrent.ScheduledExecutorService;
+import java.util.concurrent.ScheduledThreadPoolExecutor;
+import java.util.concurrent.TimeUnit;
+import java.util.concurrent.atomic.AtomicBoolean;
+import java.util.stream.Collectors;
+
+/**
+ * @author LamGC
+ */
+@SuppressWarnings("UnstableApiUsage")
+public final class SshAuthIdentityProvider {
+
+    private final static String DEFAULT_AUTH_KEY = "@default";
+    private final static Logger log = LoggerFactory.getLogger(SshAuthIdentityProvider.class);
+
+    private final Map<String, SshAuthInfo> authInfoMap = new ConcurrentHashMap<>();
+    private final ComputeInstanceManager instanceManager;
+    private final File identityJsonFile;
+    private final Gson gson = new GsonBuilder()
+            .serializeNulls()
+            .setPrettyPrinting()
+            .registerTypeAdapter(SshAuthInfo.class, SshAuthInfoSerializer.INSTANCE)
+            .registerTypeAdapter(PublicKeyAuthInfo.class, SshAuthInfoSerializer.INSTANCE)
+            .registerTypeAdapter(PasswordAuthInfo.class, SshAuthInfoSerializer.INSTANCE)
+            .create();
+
+    private final ScheduledExecutorService scheduledExec = new ScheduledThreadPoolExecutor(1,
+            new ThreadFactoryBuilder()
+                    .setNameFormat("Thread-SshInfoSave-%d")
+                    .build());
+    private final AtomicBoolean needSave = new AtomicBoolean(false);
+
+
+    public SshAuthIdentityProvider(ComputeInstanceManager instanceManager, File identityJson) {
+        this.instanceManager = instanceManager;
+        this.identityJsonFile = identityJson;
+
+        scheduledExec.scheduleAtFixedRate(() -> {
+            if (!needSave.get()) {
+                return;
+            }
+            needSave.set(false);
+            try {
+                SshAuthIdentityProvider.this.saveAuthInfo();
+            } catch (Exception e) {
+                log.warn("本次 SSH 认证配置保存失败.", e);
+            }
+        }, 60, 10, TimeUnit.SECONDS);
+    }
+
+    public void addSshAuthIdentity(String instanceId, SshAuthInfo authInfo) {
+        authInfoMap.put(instanceId, authInfo);
+    }
+
+    /**
+     * 通过实例 Id 获取相应的实例 Id.
+     * @param instanceId 实例 Id.
+     * @return 返回指定实例 Id 的 SSH 认证配置.
+     * @throws NoSuchElementException 当没有对应实例的配置时将抛出该异常.
+     */
+    public SshAuthInfo getAuthInfoByInstanceId(String instanceId) {
+        if (!authInfoMap.containsKey(instanceId)) {
+            SshAuthInfo defaultAuthInfo = getDefaultAuthInfo();
+            if (defaultAuthInfo == null) {
+                throw new NoSuchElementException("The SSH authentication information to which the " +
+                        "specified instance ID belongs cannot be found: " + instanceId);
+            }
+            return defaultAuthInfo;
+        }
+        return authInfoMap.get(instanceId);
+    }
+
+    /**
+     * 获取默认配置.
+     * <p> 不建议使用, 因为服务器都不一样.
+     * @return 如果有, 返回配置, 没有默认配置则返回 {@code null}.
+     */
+    public SshAuthInfo getDefaultAuthInfo() {
+        if (authInfoMap.containsKey(DEFAULT_AUTH_KEY)) {
+            return authInfoMap.get(DEFAULT_AUTH_KEY);
+        }
+        return null;
+    }
+
+    /**
+     * 将所有认证配置保存到文件中.
+     * @throws IOException 如果保存时发生异常, 则抛出.
+     */
+    private synchronized void saveAuthInfo() throws IOException {
+        log.info("正在保存 SSH 认证配置...");
+        String output = gson.toJson(authInfoMap);
+        Files.writeString(identityJsonFile.toPath(), output,
+                StandardCharsets.UTF_8, StandardOpenOption.CREATE);
+        log.info("已成功保存 SSH 认证配置.");
+    }
+
+    /**
+     * 通知 Provider 需要保存配置.
+     */
+    public void notifySaveInfo() {
+        needSave.set(true);
+    }
+
+    /**
+     * 从文件加载所有认证配置.
+     * @throws IOException 如果读取文件时发生异常, 则抛出.
+     */
+    public synchronized void loadAuthInfo() throws IOException {
+        if (!identityJsonFile.exists()) {
+            log.warn("SSH 认证配置文件不存在, 跳过加载.");
+            return;
+        }
+        Map<String, SshAuthInfo> map = gson.fromJson(new FileReader(identityJsonFile, StandardCharsets.UTF_8),
+                new TypeToken<Map<String, SshAuthInfo>>(){}.getType());
+        for (String id : map.keySet()) {
+            SshAuthInfo info = map.get(id);
+            info.setProvider(this);
+            addSshAuthIdentity(id, info);
+        }
+
+        Set<String> missingInstances = checkForMissingInstances();
+        if (missingInstances.isEmpty()) {
+            return;
+        }
+        StringBuilder builder = new StringBuilder();
+        for (String missingInstanceId : missingInstances) {
+            builder.append(missingInstanceId).append('\n');
+        }
+        log.warn("以下实例不存在对应的 SSH 认证配置:\n{}", builder);
+    }
+
+    /**
+     * 获取所有不存在 SSH 配置的实例 Id.
+     */
+    private Set<String> checkForMissingInstances() {
+        Set<String> instanceIdSet = instanceManager.getComputeInstances().stream()
+                .map(ComputeInstance::getInstanceId)
+                .collect(Collectors.toSet());
+        for (String id : authInfoMap.keySet()) {
+            instanceIdSet.remove(id);
+        }
+        return instanceIdSet;
+    }
+
+}
diff --git a/src/main/java/net/lamgc/oracle/sentry/oci/compute/ssh/SshAuthInfo.java b/src/main/java/net/lamgc/oracle/sentry/oci/compute/ssh/SshAuthInfo.java
new file mode 100644
index 0000000..dd4a944
--- /dev/null
+++ b/src/main/java/net/lamgc/oracle/sentry/oci/compute/ssh/SshAuthInfo.java
@@ -0,0 +1,76 @@
+package net.lamgc.oracle.sentry.oci.compute.ssh;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.io.IOException;
+import java.security.PublicKey;
+
+/**
+ * Ssh 认证信息.
+ * @author LamGC
+ */
+@SuppressWarnings("unused")
+public abstract class SshAuthInfo {
+
+    private final static Logger log = LoggerFactory.getLogger(SshAuthInfo.class);
+
+    private String username;
+    /**
+     * 使用 Sha256 计算的密钥指纹.
+     */
+    private PublicKey serverKey;
+
+    private SshAuthIdentityProvider provider;
+
+    /**
+     * 获取认证类型.
+     * @return 返回认证类型.
+     */
+    public abstract AuthType getType();
+
+    public String getUsername() {
+        return username;
+    }
+
+    public PublicKey getServerKey() {
+        return serverKey;
+    }
+
+    public void setServerKey(PublicKey serverKey) {
+        this.serverKey = serverKey;
+        if (this.provider != null) {
+            this.provider.notifySaveInfo();
+        }
+    }
+
+    public void setUsername(String username) {
+        this.username = username;
+    }
+
+    void setProvider(SshAuthIdentityProvider provider) {
+        this.provider = provider;
+    }
+
+    public enum AuthType {
+        /**
+         * 密码认证.
+         */
+        PASSWORD(PasswordAuthInfo.class),
+        /**
+         * 公钥认证
+         */
+        PUBLIC_KEY(PublicKeyAuthInfo.class);
+
+        private final Class<? extends SshAuthInfo> targetClass;
+
+        AuthType(Class<? extends SshAuthInfo> targetClass) {
+            this.targetClass = targetClass;
+        }
+
+        public Class<? extends SshAuthInfo> getTargetClass() {
+            return targetClass;
+        }
+    }
+
+}
diff --git a/src/main/java/net/lamgc/oracle/sentry/oci/compute/ssh/SshAuthInfoSerializer.java b/src/main/java/net/lamgc/oracle/sentry/oci/compute/ssh/SshAuthInfoSerializer.java
new file mode 100644
index 0000000..7c08911
--- /dev/null
+++ b/src/main/java/net/lamgc/oracle/sentry/oci/compute/ssh/SshAuthInfoSerializer.java
@@ -0,0 +1,130 @@
+package net.lamgc.oracle.sentry.oci.compute.ssh;
+
+import com.google.common.base.Strings;
+import com.google.gson.*;
+import org.apache.sshd.common.config.keys.KeyUtils;
+import org.apache.sshd.common.config.keys.PublicKeyEntry;
+import org.apache.sshd.common.config.keys.PublicKeyEntryDataResolver;
+import org.apache.sshd.common.config.keys.PublicKeyEntryDecoder;
+
+import java.io.ByteArrayOutputStream;
+import java.io.File;
+import java.io.IOException;
+import java.lang.reflect.Type;
+import java.security.GeneralSecurityException;
+import java.security.PublicKey;
+import java.util.Base64;
+import java.util.Collections;
+
+/**
+ * @author LamGC
+ */
+public final class SshAuthInfoSerializer implements JsonSerializer<SshAuthInfo>, JsonDeserializer<SshAuthInfo> {
+
+    public final static SshAuthInfoSerializer INSTANCE = new SshAuthInfoSerializer();
+
+    @Override
+    public SshAuthInfo deserialize(JsonElement json, Type typeOfT, JsonDeserializationContext context) throws JsonParseException {
+        if (!json.isJsonObject()) {
+            throw new JsonParseException("It should be a JsonObject");
+        }
+        JsonObject infoObject = json.getAsJsonObject();
+        String type = getFieldToStringOrFail(infoObject, "authType");
+        SshAuthInfo.AuthType authType = SshAuthInfo.AuthType.valueOf(type.toUpperCase());
+        SshAuthInfo info;
+        if (authType == SshAuthInfo.AuthType.PASSWORD) {
+            PasswordAuthInfo pswAuthInfo = new PasswordAuthInfo();
+            pswAuthInfo.setPassword(getFieldToStringOrFail(infoObject, "password"));
+            info = pswAuthInfo;
+        } else if (authType == SshAuthInfo.AuthType.PUBLIC_KEY) {
+            PublicKeyAuthInfo publicKeyInfo = new PublicKeyAuthInfo();
+            String privateKeyPath = getFieldToStringOrFail(infoObject, "privateKeyPath");
+            File privateKeyFile = new File(privateKeyPath);
+            publicKeyInfo.setPrivateKeyPath(privateKeyFile);
+            info = publicKeyInfo;
+        } else {
+            throw new JsonParseException("Unsupported authentication type: " + authType);
+        }
+        info.setUsername(getFieldToStringOrFail(infoObject, "username"));
+        try {
+            info.setServerKey(decodeSshPublicKey(
+                    infoObject.has("serverKey") && infoObject.get("serverKey").isJsonPrimitive() ?
+                            infoObject.get("serverKey").getAsString() :
+                            null));
+        } catch (GeneralSecurityException | IOException e) {
+            throw new JsonParseException(e);
+        }
+        return info;
+    }
+
+    @Override
+    public JsonElement serialize(SshAuthInfo src, Type typeOfSrc, JsonSerializationContext context) {
+        JsonObject json = new JsonObject();
+        json.addProperty("authType", src.getType().toString());
+        json.addProperty("username", src.getUsername());
+        try {
+            json.addProperty("serverKey", encodeSshPublicKey(src.getServerKey()));
+        } catch (IOException e) {
+            throw new JsonParseException(e);
+        }
+        if (src instanceof PasswordAuthInfo info) {
+            json.addProperty("password", info.getPassword());
+        } else if (src instanceof PublicKeyAuthInfo info) {
+            try {
+                json.addProperty("privateKeyPath", info.getPrivateKeyPath().getCanonicalPath());
+            } catch (IOException e) {
+                throw new JsonParseException(e);
+            }
+            json.addProperty("keyPassword", info.getKeyPassword());
+        } else {
+            throw new JsonParseException("Unsupported type");
+        }
+        return json;
+    }
+
+    private String getFieldToStringOrFail(JsonObject object, String field) {
+        if (!object.has(field)) {
+            throw new JsonParseException("Missing field: " + field);
+        }
+        return object.get(field).getAsString();
+    }
+
+    private PublicKey decodeSshPublicKey(String publicKeyString) throws GeneralSecurityException, IOException {
+        if (Strings.isNullOrEmpty(publicKeyString)) {
+            return null;
+        }
+
+        String[] strings = publicKeyString.split(" ", 3);
+
+        @SuppressWarnings("unchecked") PublicKeyEntryDecoder<PublicKey, ?> decoder =
+                (PublicKeyEntryDecoder<PublicKey, ?>) KeyUtils.getPublicKeyEntryDecoder(strings[0]);
+        return decoder.decodePublicKey(null, strings[0], Base64.getDecoder().decode(strings[1]), Collections.emptyMap());
+    }
+
+    private String encodeSshPublicKey(PublicKey key) throws IOException {
+        if (key == null) {
+            return null;
+        }
+
+        StringBuilder builder = new StringBuilder();
+        PublicKeyEntry.appendPublicKeyEntry(builder, key);
+        return builder.toString();
+        /*
+        // 以下代码改写自 KnownHosts 的那个认证器, 说实话翻一下官方代码还可以找到不错的东西.
+        @SuppressWarnings("unchecked") PublicKeyEntryDecoder<PublicKey, ?> decoder
+                = (PublicKeyEntryDecoder<PublicKey, ?>) KeyUtils.getPublicKeyEntryDecoder(key);
+        if (decoder == null) {
+            throw new JsonParseException("Cannot retrieve decoder for key=" + key.getAlgorithm());
+        }
+
+        try (ByteArrayOutputStream s = new ByteArrayOutputStream(Byte.MAX_VALUE)) {
+            String keyType = decoder.encodePublicKey(s, key);
+            byte[] bytes = s.toByteArray();
+            PublicKeyEntryDataResolver encoder = PublicKeyEntry.resolveKeyDataEntryResolver(keyType);
+            return encoder.encodeEntryKeyData(bytes);
+        } catch (IOException e) {
+            throw new RuntimeException(e);
+        }*/
+    }
+
+}
diff --git a/src/main/java/net/lamgc/oracle/sentry/oci/compute/ssh/SshExecChannel.java b/src/main/java/net/lamgc/oracle/sentry/oci/compute/ssh/SshExecChannel.java
new file mode 100644
index 0000000..b37c9ff
--- /dev/null
+++ b/src/main/java/net/lamgc/oracle/sentry/oci/compute/ssh/SshExecChannel.java
@@ -0,0 +1,47 @@
+package net.lamgc.oracle.sentry.oci.compute.ssh;
+
+import net.lamgc.oracle.sentry.common.InputStreamWrapper;
+import net.lamgc.oracle.sentry.common.OutputStreamWrapper;
+import org.apache.sshd.client.channel.ChannelExec;
+import org.apache.sshd.client.channel.ClientChannelEvent;
+
+import java.io.Closeable;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.OutputStream;
+import java.util.EnumSet;
+
+public final class SshExecChannel implements Closeable {
+
+    private final ChannelExec channelExec;
+
+    public SshExecChannel(ChannelExec channelExec) {
+        this.channelExec = channelExec;
+    }
+
+    public void exec() throws IOException {
+        channelExec.open();
+        channelExec.waitFor(EnumSet.of(ClientChannelEvent.EXIT_STATUS, ClientChannelEvent.EXIT_SIGNAL), 0L);
+    }
+
+    public Integer exitCode() {
+        return channelExec.getExitStatus();
+    }
+
+    public void setIn(InputStream in) {
+        channelExec.setIn(new InputStreamWrapper(in));
+    }
+
+    public void setOut(OutputStream out) {
+        channelExec.setOut(new OutputStreamWrapper(out));
+    }
+
+    public void setErr(OutputStream err) {
+        channelExec.setErr(new OutputStreamWrapper(err));
+    }
+
+    @Override
+    public void close() throws IOException {
+        channelExec.close();
+    }
+}
diff --git a/src/main/java/net/lamgc/oracle/sentry/oci/compute/ssh/SshSession.java b/src/main/java/net/lamgc/oracle/sentry/oci/compute/ssh/SshSession.java
new file mode 100644
index 0000000..d116570
--- /dev/null
+++ b/src/main/java/net/lamgc/oracle/sentry/oci/compute/ssh/SshSession.java
@@ -0,0 +1,26 @@
+package net.lamgc.oracle.sentry.oci.compute.ssh;
+
+import org.apache.sshd.client.session.ClientSession;
+import org.apache.sshd.sftp.client.SftpClient;
+import org.apache.sshd.sftp.client.SftpClientFactory;
+
+import java.io.Closeable;
+import java.io.IOException;
+
+public class SshSession implements Closeable {
+
+    private final ClientSession clientSession;
+
+    public SshSession(ClientSession clientSession) {
+        this.clientSession = clientSession;
+    }
+
+    public SshExecChannel execCommand(String command) throws IOException {
+        return new SshExecChannel(clientSession.createExecChannel(command));
+    }
+
+    @Override
+    public void close() throws IOException {
+        clientSession.close();
+    }
+}
diff --git a/src/main/java/net/lamgc/oracle/sentry/script/Script.java b/src/main/java/net/lamgc/oracle/sentry/script/Script.java
new file mode 100644
index 0000000..a6dd598
--- /dev/null
+++ b/src/main/java/net/lamgc/oracle/sentry/script/Script.java
@@ -0,0 +1,17 @@
+package net.lamgc.oracle.sentry.script;
+
+import groovy.lang.Closure;
+import groovy.lang.DelegatesTo;
+
+/**
+ * @author LamGC
+ */
+public abstract class Script {
+
+    /**
+     * 获取脚本信息.
+     * @return 返回脚本 ScriptInfo 对象.
+     */
+    public abstract ScriptInfo getScriptInfo();
+
+}
diff --git a/src/main/java/net/lamgc/oracle/sentry/script/ScriptComponent.java b/src/main/java/net/lamgc/oracle/sentry/script/ScriptComponent.java
new file mode 100644
index 0000000..b556f09
--- /dev/null
+++ b/src/main/java/net/lamgc/oracle/sentry/script/ScriptComponent.java
@@ -0,0 +1,14 @@
+package net.lamgc.oracle.sentry.script;
+
+import net.lamgc.oracle.sentry.ComputeInstanceManager;
+import net.lamgc.oracle.sentry.script.tools.http.ScriptHttpClient;
+
+/**
+ * @author LamGC
+ */
+public final record ScriptComponent(
+        ScriptHttpClient HTTP,
+        ComputeInstanceManager InstanceManager
+) {
+
+}
diff --git a/src/main/java/net/lamgc/oracle/sentry/script/ScriptInfo.java b/src/main/java/net/lamgc/oracle/sentry/script/ScriptInfo.java
new file mode 100644
index 0000000..3e2f949
--- /dev/null
+++ b/src/main/java/net/lamgc/oracle/sentry/script/ScriptInfo.java
@@ -0,0 +1,60 @@
+package net.lamgc.oracle.sentry.script;
+
+import java.util.Objects;
+
+/**
+ * 脚本信息.
+ * @author LamGC
+ */
+public class ScriptInfo {
+
+    private String group;
+    private String artifact;
+    private String version;
+
+    public String getGroup() {
+        return group;
+    }
+
+    public String getArtifact() {
+        return artifact;
+    }
+
+    public String getVersion() {
+        return version;
+    }
+
+    @Override
+    public String toString() {
+        return getGroup() + ":" + getArtifact() + ":" + getVersion();
+    }
+
+    @Override
+    public boolean equals(Object o) {
+        if (this == o) {
+            return true;
+        }
+        if (o == null || getClass() != o.getClass()) {
+            return false;
+        }
+        ScriptInfo that = (ScriptInfo) o;
+        return group.equals(that.group) && artifact.equals(that.artifact) && version.equals(that.version);
+    }
+
+    @Override
+    public int hashCode() {
+        return Objects.hash(group, artifact, version);
+    }
+
+    public void setGroup(String group) {
+        this.group = group;
+    }
+
+    public void setArtifact(String artifact) {
+        this.artifact = artifact;
+    }
+
+    public void setVersion(String version) {
+        this.version = version;
+    }
+}
diff --git a/src/main/java/net/lamgc/oracle/sentry/script/ScriptLoader.java b/src/main/java/net/lamgc/oracle/sentry/script/ScriptLoader.java
new file mode 100644
index 0000000..2ef0a3d
--- /dev/null
+++ b/src/main/java/net/lamgc/oracle/sentry/script/ScriptLoader.java
@@ -0,0 +1,34 @@
+package net.lamgc.oracle.sentry.script;
+
+import java.io.File;
+
+/**
+ * 脚本加载器.
+ * @author LamGC
+ */
+public interface ScriptLoader {
+
+    /**
+     * 是否可以加载.
+     * @param scriptFile 脚本文件.
+     * @return 如果可以加载, 返回 {@code true}.
+     */
+    boolean canLoad(File scriptFile);
+
+    /**
+     * 加载脚本.
+     * @param context 脚本上下文.
+     * @param scriptFile 脚本文件.
+     * @return 返回脚本对象.
+     * @throws Exception 当 Loader 抛出异常时, 将视为脚本加载失败, 该脚本跳过加载.
+     */
+    Script loadScript(ScriptComponent context, File scriptFile) throws Exception;
+
+    /**
+     * 获取脚本信息.
+     * @param script 脚本对象.
+     * @return 返回脚本信息.
+     */
+    ScriptInfo getScriptInfo(Script script);
+
+}
diff --git a/src/main/java/net/lamgc/oracle/sentry/script/ScriptManager.java b/src/main/java/net/lamgc/oracle/sentry/script/ScriptManager.java
new file mode 100644
index 0000000..f6897d0
--- /dev/null
+++ b/src/main/java/net/lamgc/oracle/sentry/script/ScriptManager.java
@@ -0,0 +1,119 @@
+package net.lamgc.oracle.sentry.script;
+
+import com.google.common.base.Throwables;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.io.File;
+import java.lang.reflect.InvocationTargetException;
+import java.util.*;
+import java.util.concurrent.ConcurrentHashMap;
+
+/**
+ * 脚本管理器.
+ * @author LamGC
+ */
+public final class ScriptManager {
+
+    private final static Logger log = LoggerFactory.getLogger(ScriptManager.class);
+
+    private final Set<ScriptLoader> loaders = new HashSet<>();
+    private final File scriptsLocation;
+    private final ScriptComponent context;
+
+    private final Map<ScriptInfo, Script> scripts = new ConcurrentHashMap<>();
+
+    public ScriptManager(File scriptsLocation, ScriptComponent context) {
+        this.scriptsLocation = scriptsLocation;
+        this.context = context;
+        loadScriptLoaders();
+    }
+
+    private synchronized void loadScriptLoaders() {
+        if (!loaders.isEmpty()) {
+            return;
+        }
+        ServiceLoader<ScriptLoader> serviceLoader = ServiceLoader.load(ScriptLoader.class);
+        for (ScriptLoader scriptLoader : serviceLoader) {
+            loaders.add(scriptLoader);
+        }
+        log.info("存在 {} 个加载器可用.", loaders.size());
+    }
+
+    /**
+     * 从文件中加载一个脚本.
+     * @param scriptFile 脚本文件.
+     * @return 如果加载成功, 返回 {@code true}, 加载失败或无加载器可用时返回 {@code false}
+     * @throws InvocationTargetException 当加载器加载脚本抛出异常时, 将通过该异常包装后抛出.
+     * @throws NullPointerException 当 scriptFile 为 {@code null} 时抛出.
+     */
+    public boolean loadScript(File scriptFile) throws InvocationTargetException {
+        Objects.requireNonNull(scriptFile);
+        for (ScriptLoader loader : loaders) {
+            Script script;
+            try {
+                if (loader.canLoad(scriptFile)) {
+                    script = loader.loadScript(context, scriptFile);
+                    if (script == null) {
+                        log.warn("加载器未能正确加载脚本, 已跳过该脚本.(ScriptName: {})", scriptFile.getName());
+                        return false;
+                    }
+                } else {
+                    continue;
+                }
+            } catch (Exception e) {
+                log.error("脚本加载时发生异常.(Loader: {}, Path: {})\n{}",
+                        loader.getClass().getName(),
+                        scriptFile.getAbsolutePath(),
+                        Throwables.getStackTraceAsString(e));
+                throw new InvocationTargetException(e);
+            }
+            ScriptInfo scriptInfo = loader.getScriptInfo(script);
+            if (scriptInfo == null) {
+                log.warn("脚本加载成功, 但加载器没有返回脚本信息, 该脚本已放弃.");
+                return false;
+            }
+            scripts.put(scriptInfo, script);
+            return true;
+        }
+        return false;
+    }
+
+    /**
+     * 从指定位置加载所有脚本.
+     */
+    public void loadScripts() {
+        log.info("正在加载脚本...(Path: {})", scriptsLocation.getAbsolutePath());
+        File[] files = scriptsLocation.listFiles(File::isFile);
+        if (files == null) {
+            log.warn("脚本目录无法访问, 请检查程序是否有权限访问脚本目录.(Path: {})", scriptsLocation.getAbsolutePath());
+            return;
+        }
+        int loadCount = 0;
+        for (File scriptFile : files) {
+            try {
+                if (loadScript(scriptFile)) {
+                    loadCount ++;
+                }
+            } catch (InvocationTargetException ignored) {
+            }
+        }
+        log.info("脚本已全部加载完成, 共成功加载了 {} 个脚本.", loadCount);
+    }
+
+    /**
+     * 通过脚本信息返回脚本对象.
+     * @param scriptInfo 脚本信息.
+     * @return 返回脚本对象.
+     * @throws NoSuchElementException 当指定的 ScriptInfo 没有对应脚本对象时抛出该异常.
+     * @throws NullPointerException 当 scriptInfo 为 {@code null} 时抛出该异常.
+     */
+    public Script getScriptByScriptInfo(ScriptInfo scriptInfo) {
+        Objects.requireNonNull(scriptInfo);
+        if (!scripts.containsKey(scriptInfo)) {
+            throw new NoSuchElementException(scriptInfo.toString());
+        }
+        return scripts.get(scriptInfo);
+    }
+
+}
diff --git a/src/main/java/net/lamgc/oracle/sentry/script/groovy/GroovyDslDelegate.java b/src/main/java/net/lamgc/oracle/sentry/script/groovy/GroovyDslDelegate.java
new file mode 100644
index 0000000..689fa4e
--- /dev/null
+++ b/src/main/java/net/lamgc/oracle/sentry/script/groovy/GroovyDslDelegate.java
@@ -0,0 +1,47 @@
+package net.lamgc.oracle.sentry.script.groovy;
+
+import net.lamgc.oracle.sentry.ComputeInstanceManager;
+import net.lamgc.oracle.sentry.script.*;
+
+import groovy.lang.Closure;
+import groovy.lang.DelegatesTo;
+import net.lamgc.oracle.sentry.script.groovy.trigger.*;
+import net.lamgc.oracle.sentry.script.tools.http.ScriptHttpClient;
+import org.codehaus.groovy.runtime.DefaultGroovyMethods;
+
+import java.lang.reflect.Constructor;
+import java.lang.reflect.InvocationTargetException;
+
+/**
+ * Groovy DSL 脚本的父类.
+ * @author LamGC
+ */
+@SuppressWarnings({"unused", "FieldCanBeLocal"})
+public class GroovyDslDelegate extends Script {
+
+    private final GroovyScriptInfo scriptInfo = new GroovyScriptInfo();
+    private final ScriptHttpClient HTTP;
+    private final ComputeInstanceManager InstanceManager;
+
+    public GroovyDslDelegate(ScriptHttpClient httpClient, ComputeInstanceManager instanceManager) {
+        HTTP = httpClient;
+        InstanceManager = instanceManager;
+    }
+    
+    private void trigger(String triggerName, Closure<?> closure){
+        DefaultGroovyMethods.with(GroovyTriggerProvider.INSTANCE.getTriggerByName(triggerName), closure);
+    }
+
+    /**
+     * 脚本的基本信息.
+     * @param scriptInfoClosure 配置了脚本信息的闭包对象.
+     */
+    private void info(@DelegatesTo(GroovyScriptInfo.class) Closure<GroovyScriptInfo> scriptInfoClosure) {
+        DefaultGroovyMethods.with(scriptInfo, scriptInfoClosure);
+    }
+
+    @Override
+    public ScriptInfo getScriptInfo() {
+        return scriptInfo;
+    }
+}
diff --git a/src/main/java/net/lamgc/oracle/sentry/script/groovy/GroovyScriptInfo.java b/src/main/java/net/lamgc/oracle/sentry/script/groovy/GroovyScriptInfo.java
new file mode 100644
index 0000000..0a2b7ae
--- /dev/null
+++ b/src/main/java/net/lamgc/oracle/sentry/script/groovy/GroovyScriptInfo.java
@@ -0,0 +1,18 @@
+package net.lamgc.oracle.sentry.script.groovy;
+
+import net.lamgc.oracle.sentry.script.ScriptInfo;
+
+public class GroovyScriptInfo extends ScriptInfo {
+
+    public void artifact(String artifact) {
+        super.setArtifact(artifact);
+    }
+
+    public void group(String group) {
+        super.setGroup(group);
+    }
+
+    public void version(String version) {
+        super.setVersion(version);
+    }
+}
diff --git a/src/main/java/net/lamgc/oracle/sentry/script/groovy/GroovyScriptLoader.java b/src/main/java/net/lamgc/oracle/sentry/script/groovy/GroovyScriptLoader.java
new file mode 100644
index 0000000..66a573c
--- /dev/null
+++ b/src/main/java/net/lamgc/oracle/sentry/script/groovy/GroovyScriptLoader.java
@@ -0,0 +1,69 @@
+package net.lamgc.oracle.sentry.script.groovy;
+
+import com.google.common.base.Throwables;
+import groovy.lang.GroovyClassLoader;
+import groovy.util.DelegatingScript;
+import net.lamgc.oracle.sentry.script.Script;
+import net.lamgc.oracle.sentry.script.ScriptComponent;
+import net.lamgc.oracle.sentry.script.ScriptInfo;
+import net.lamgc.oracle.sentry.script.ScriptLoader;
+import org.codehaus.groovy.control.CompilerConfiguration;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.io.File;
+import java.io.IOException;
+import java.lang.reflect.Constructor;
+import java.lang.reflect.InvocationTargetException;
+import java.util.Map;
+import java.util.concurrent.ConcurrentHashMap;
+
+/**
+ * @author LamGC
+ */
+@SuppressWarnings("MapOrSetKeyShouldOverrideHashCodeEquals")
+public class GroovyScriptLoader implements ScriptLoader {
+
+    private final static Logger log = LoggerFactory.getLogger(GroovyScriptLoader.class);
+
+    private final GroovyClassLoader scriptClassLoader;
+
+    private final Map<Script, ScriptInfo> scriptInfoMap = new ConcurrentHashMap<>();
+
+    public GroovyScriptLoader() {
+        CompilerConfiguration compilerConfiguration = new CompilerConfiguration();
+        compilerConfiguration.setScriptBaseClass(DelegatingScript.class.getName());
+        this.scriptClassLoader = new GroovyClassLoader(GroovyClassLoader.class.getClassLoader(), compilerConfiguration);
+    }
+
+    @Override
+    public boolean canLoad(File scriptFile) {
+        return scriptFile.getName().endsWith(".groovy");
+    }
+
+    @Override
+    public Script loadScript(ScriptComponent context, File scriptFile) throws IOException {
+        Class<?> scriptClass = scriptClassLoader.parseClass(scriptFile);
+        if (!DelegatingScript.class.isAssignableFrom(scriptClass)) {
+            return null;
+        }
+        try {
+            Constructor<? extends DelegatingScript> constructor =
+                    scriptClass.asSubclass(DelegatingScript.class).getConstructor();
+            DelegatingScript newScriptObject = constructor.newInstance();
+            GroovyDslDelegate dslDelegate = new GroovyDslDelegate(context.HTTP(), context.InstanceManager());
+            newScriptObject.setDelegate(dslDelegate);
+            newScriptObject.run();
+            scriptInfoMap.put(dslDelegate, dslDelegate.getScriptInfo());
+            return dslDelegate;
+        } catch (NoSuchMethodException | InstantiationException | IllegalAccessException | InvocationTargetException e) {
+            log.error("加载脚本时发生异常.(ScriptPath: {})\n{}", scriptFile.getAbsolutePath(), Throwables.getStackTraceAsString(e));
+        }
+        return null;
+    }
+
+    @Override
+    public ScriptInfo getScriptInfo(Script script) {
+        return scriptInfoMap.get(script);
+    }
+}
diff --git a/src/main/java/net/lamgc/oracle/sentry/script/groovy/GroovyTriggerProvider.java b/src/main/java/net/lamgc/oracle/sentry/script/groovy/GroovyTriggerProvider.java
new file mode 100644
index 0000000..2fa4752
--- /dev/null
+++ b/src/main/java/net/lamgc/oracle/sentry/script/groovy/GroovyTriggerProvider.java
@@ -0,0 +1,50 @@
+package net.lamgc.oracle.sentry.script.groovy;
+
+import com.google.common.base.Strings;
+import net.lamgc.oracle.sentry.script.groovy.trigger.GroovyTrigger;
+import net.lamgc.oracle.sentry.script.groovy.trigger.TriggerName;
+import org.springframework.scheduling.Trigger;
+
+import java.util.Locale;
+import java.util.Map;
+import java.util.NoSuchElementException;
+import java.util.ServiceLoader;
+import java.util.concurrent.ConcurrentHashMap;
+
+/**
+ * @author LamGC
+ */
+public class GroovyTriggerProvider {
+
+    private final Map<String, ServiceLoader.Provider<GroovyTrigger>> triggerProviderMap = new ConcurrentHashMap<>();
+
+    public final static GroovyTriggerProvider INSTANCE = new GroovyTriggerProvider();
+
+    private GroovyTriggerProvider() {
+        ServiceLoader<GroovyTrigger> loader = ServiceLoader.load(GroovyTrigger.class);
+        loader.stream().iterator().forEachRemaining(triggerProvider -> {
+            Class<? extends GroovyTrigger> triggerClass = triggerProvider.type();
+            if (!triggerClass.isAnnotationPresent(TriggerName.class)) {
+                return;
+            }
+
+            TriggerName triggerName = triggerClass.getAnnotation(TriggerName.class);
+            if (!Strings.isNullOrEmpty(triggerName.value())) {
+                String name = triggerName.value().toLowerCase();
+                if (triggerProviderMap.containsKey(name)) {
+                    return;
+                }
+                triggerProviderMap.put(name, triggerProvider);
+            }
+
+        });
+    }
+
+    public GroovyTrigger getTriggerByName(String triggerName) {
+        if (!triggerProviderMap.containsKey(triggerName.toLowerCase())) {
+            throw new NoSuchElementException("The specified trigger could not be found: " + triggerName);
+        }
+        return triggerProviderMap.get(triggerName).get();
+    }
+
+}
diff --git a/src/main/java/net/lamgc/oracle/sentry/script/groovy/trigger/GroovyTrigger.java b/src/main/java/net/lamgc/oracle/sentry/script/groovy/trigger/GroovyTrigger.java
new file mode 100644
index 0000000..4a18990
--- /dev/null
+++ b/src/main/java/net/lamgc/oracle/sentry/script/groovy/trigger/GroovyTrigger.java
@@ -0,0 +1,19 @@
+package net.lamgc.oracle.sentry.script.groovy.trigger;
+
+import groovy.lang.DelegatesTo;
+
+/**
+ * @author LamGC
+ */
+public interface GroovyTrigger {
+
+    /**
+     * 启动触发器.
+     * <p> 注意, 触发器执行 run 方法不可以阻塞方法返回.
+     * @param task 触发器需要执行的任务.
+     */
+    void run(Runnable task);
+
+
+
+}
diff --git a/src/main/java/net/lamgc/oracle/sentry/script/groovy/trigger/OnceTrigger.java b/src/main/java/net/lamgc/oracle/sentry/script/groovy/trigger/OnceTrigger.java
new file mode 100644
index 0000000..0a2b1f7
--- /dev/null
+++ b/src/main/java/net/lamgc/oracle/sentry/script/groovy/trigger/OnceTrigger.java
@@ -0,0 +1,24 @@
+package net.lamgc.oracle.sentry.script.groovy.trigger;
+
+import com.google.common.util.concurrent.ThreadFactoryBuilder;
+
+import java.util.concurrent.ExecutorService;
+import java.util.concurrent.Executors;
+
+/**
+ * 只执行一次的触发器, 执行后将不再执行该任务.
+ * @author LamGC
+ */
+@TriggerName("once")
+public class OnceTrigger implements GroovyTrigger {
+
+    private final static ExecutorService executor = Executors.newFixedThreadPool(4,
+            new ThreadFactoryBuilder()
+                    .setNameFormat("GroovyOnceExec-%d")
+            .build());
+
+    @Override
+    public void run(Runnable task) {
+        executor.execute(task);
+    }
+}
diff --git a/src/main/java/net/lamgc/oracle/sentry/script/groovy/trigger/TimerTrigger.java b/src/main/java/net/lamgc/oracle/sentry/script/groovy/trigger/TimerTrigger.java
new file mode 100644
index 0000000..edffa07
--- /dev/null
+++ b/src/main/java/net/lamgc/oracle/sentry/script/groovy/trigger/TimerTrigger.java
@@ -0,0 +1,55 @@
+package net.lamgc.oracle.sentry.script.groovy.trigger;
+
+import com.google.common.base.Throwables;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.scheduling.TaskScheduler;
+import org.springframework.scheduling.concurrent.ThreadPoolTaskScheduler;
+import org.springframework.scheduling.support.CronTrigger;
+
+/**
+ * @author LamGC
+ */
+@TriggerName("timer")
+public class TimerTrigger implements GroovyTrigger {
+
+    private final static Logger log = LoggerFactory.getLogger(TimerTrigger.class);
+
+    private CronTrigger trigger;
+    private final TaskScheduler scheduler = new ThreadPoolTaskScheduler();
+
+    /**
+     * 设定定时时间.
+     * <p> 只允许在第一次执行时设置.
+     * @param expression Cron 时间表达式.
+     */
+    public void time(String expression) {
+        if (trigger == null) {
+            trigger = new CronTrigger(expression);
+        }
+    }
+
+    @Override
+    public void run(Runnable runnable) {
+        if (trigger == null) {
+            if (!log.isDebugEnabled()) {
+                log.warn("脚本尚未设置 Cron 时间表达式, 任务将不会执行(堆栈信息请检查调试级别日志).");
+            } else {
+                log.warn("{} - 脚本尚未设置 Cron 时间表达式, 任务将不会执行(堆栈信息请检查调试级别日志).", this);
+                log.warn("{} - 脚本尚未设置 Cron 时间表达式, 任务将不会执行.\n{}", this, Throwables.getStackTraceAsString(new Exception()));
+            }
+            return;
+        } else if (runnable == null) {
+            if (!log.isDebugEnabled()) {
+                log.warn("脚本尚未设置 Cron 时间表达式, 任务将不会执行(堆栈信息请检查调试级别日志).");
+            } else {
+                log.warn("{} - 脚本尚未设置任务动作, 任务将不会执行(堆栈信息请检查调试级别日志).", this);
+                log.warn("{} - 脚本尚未设置任务动作, 任务将不会执行.\n{}", this, Throwables.getStackTraceAsString(new Exception()));
+            }
+            return;
+        }
+
+        scheduler.schedule(runnable, trigger);
+    }
+
+}
diff --git a/src/main/java/net/lamgc/oracle/sentry/script/groovy/trigger/TriggerName.java b/src/main/java/net/lamgc/oracle/sentry/script/groovy/trigger/TriggerName.java
new file mode 100644
index 0000000..63acff4
--- /dev/null
+++ b/src/main/java/net/lamgc/oracle/sentry/script/groovy/trigger/TriggerName.java
@@ -0,0 +1,18 @@
+package net.lamgc.oracle.sentry.script.groovy.trigger;
+
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+/**
+ * 触发器名称.
+ * @author LamGC
+ */
+@Target(ElementType.TYPE)
+@Retention(RetentionPolicy.RUNTIME)
+public @interface TriggerName {
+
+    String value();
+
+}
diff --git a/src/main/java/net/lamgc/oracle/sentry/script/tools/http/HttpAccess.java b/src/main/java/net/lamgc/oracle/sentry/script/tools/http/HttpAccess.java
new file mode 100644
index 0000000..5f2e0c0
--- /dev/null
+++ b/src/main/java/net/lamgc/oracle/sentry/script/tools/http/HttpAccess.java
@@ -0,0 +1,40 @@
+package net.lamgc.oracle.sentry.script.tools.http;
+
+import org.apache.http.HttpResponse;
+import org.apache.http.client.HttpClient;
+import org.apache.http.client.methods.HttpGet;
+import org.apache.http.client.methods.HttpPost;
+import org.apache.http.entity.StringEntity;
+
+import java.io.IOException;
+import java.nio.charset.StandardCharsets;
+
+/**
+ *
+ * @author LamGC
+ */
+public class HttpAccess {
+
+    private final HttpClient client;
+    private final String url;
+
+    HttpAccess(HttpClient client, String url) {
+        this.client = client;
+        this.url = url;
+    }
+
+    public HttpAccessResponse get() throws IOException {
+        HttpGet request = new HttpGet(url);
+        HttpResponse response = client.execute(request);
+        return new HttpAccessResponse(response);
+    }
+
+    public HttpAccessResponse post(String body) throws IOException {
+        HttpPost request = new HttpPost(url);
+        request.setEntity(new StringEntity(body, StandardCharsets.UTF_8));
+        HttpResponse response = client.execute(request);
+        return new HttpAccessResponse(response);
+    }
+
+
+}
diff --git a/src/main/java/net/lamgc/oracle/sentry/script/tools/http/HttpAccessResponse.java b/src/main/java/net/lamgc/oracle/sentry/script/tools/http/HttpAccessResponse.java
new file mode 100644
index 0000000..7621f2a
--- /dev/null
+++ b/src/main/java/net/lamgc/oracle/sentry/script/tools/http/HttpAccessResponse.java
@@ -0,0 +1,51 @@
+package net.lamgc.oracle.sentry.script.tools.http;
+
+import org.apache.http.Header;
+import org.apache.http.HttpEntity;
+import org.apache.http.HttpResponse;
+import org.apache.http.StatusLine;
+import org.apache.http.util.EntityUtils;
+
+import java.io.File;
+import java.io.IOException;
+import java.util.Locale;
+import java.util.Map;
+import java.util.concurrent.ConcurrentHashMap;
+
+/**
+ * Http 响应.
+ * @author LamGC
+ */
+public final class HttpAccessResponse {
+
+    private final StatusLine statusLine;
+    private final Locale locale;
+    private final Map<String, String> headers = new ConcurrentHashMap<>();
+    private final HttpEntity entity;
+
+    HttpAccessResponse(HttpResponse response) {
+        this.statusLine = response.getStatusLine();
+        this.locale = response.getLocale();
+        for (Header header : response.getAllHeaders()) {
+            headers.put(header.getName(), header.getValue());
+        }
+        this.entity = response.getEntity();
+    }
+
+    public StatusLine getStatusLine() {
+        return statusLine;
+    }
+
+    public Locale getLocale() {
+        return locale;
+    }
+
+    public String getContentToString() throws IOException {
+        return EntityUtils.toString(entity);
+    }
+
+    public HttpEntity getEntity() {
+        return entity;
+    }
+
+}
diff --git a/src/main/java/net/lamgc/oracle/sentry/script/tools/http/ScriptHttpClient.java b/src/main/java/net/lamgc/oracle/sentry/script/tools/http/ScriptHttpClient.java
new file mode 100644
index 0000000..b2347d0
--- /dev/null
+++ b/src/main/java/net/lamgc/oracle/sentry/script/tools/http/ScriptHttpClient.java
@@ -0,0 +1,21 @@
+package net.lamgc.oracle.sentry.script.tools.http;
+
+import org.apache.http.client.HttpClient;
+
+public class ScriptHttpClient {
+
+    private final HttpClient httpClient;
+
+    public ScriptHttpClient(HttpClient httpClient) {
+        this.httpClient = httpClient;
+    }
+
+    /**
+     * 打开一个连接.
+     * @param url 要访问的 Url.
+     */
+    public HttpAccess create(String url) {
+        return new HttpAccess(httpClient, url);
+    }
+
+}
diff --git a/src/main/resources/META-INF/services/net.lamgc.oracle.sentry.script.ScriptLoader b/src/main/resources/META-INF/services/net.lamgc.oracle.sentry.script.ScriptLoader
new file mode 100644
index 0000000..16d1d37
--- /dev/null
+++ b/src/main/resources/META-INF/services/net.lamgc.oracle.sentry.script.ScriptLoader
@@ -0,0 +1 @@
+net.lamgc.oracle.sentry.script.groovy.GroovyScriptLoader
diff --git a/src/main/resources/META-INF/services/net.lamgc.oracle.sentry.script.groovy.trigger.GroovyTrigger b/src/main/resources/META-INF/services/net.lamgc.oracle.sentry.script.groovy.trigger.GroovyTrigger
new file mode 100644
index 0000000..7fd6e8f
--- /dev/null
+++ b/src/main/resources/META-INF/services/net.lamgc.oracle.sentry.script.groovy.trigger.GroovyTrigger
@@ -0,0 +1,2 @@
+net.lamgc.oracle.sentry.script.groovy.trigger.OnceTrigger
+net.lamgc.oracle.sentry.script.groovy.trigger.TimerTrigger
diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml
new file mode 100644
index 0000000..85f4928
--- /dev/null
+++ b/src/main/resources/application.yml
@@ -0,0 +1,10 @@
+oracle:
+  identity:
+    # location: "C:\\Users\\80728\\.oci\\global\\"
+  script:
+    ssh:
+      identityPath: "./ssh.config.json"
+
+logging:
+  level:
+    root: INFO
\ No newline at end of file
diff --git a/src/main/resources/log4j2.xml b/src/main/resources/log4j2.xml
new file mode 100644
index 0000000..99aa3d5
--- /dev/null
+++ b/src/main/resources/log4j2.xml
@@ -0,0 +1,75 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+  ~ Copyright (C) 2021  LamGC
+  ~
+  ~ ContentGrabbingJi is free software: you can redistribute it and/or modify
+  ~ it under the terms of the GNU Affero General Public License as
+  ~ published by the Free Software Foundation, either version 3 of the
+  ~ License.
+  ~
+  ~ ContentGrabbingJi is distributed in the hope that it will be useful,
+  ~ but WITHOUT ANY WARRANTY; without even the implied warranty of
+  ~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+  ~ GNU Affero General Public License for more details.
+  ~
+  ~ You should have received a copy of the GNU Affero General Public License
+  ~ along with this program.  If not, see <https://www.gnu.org/licenses/>.
+  -->
+
+<configuration status="WARN">
+    <!--
+        测试版跟发布版在日志配置文件上的区别仅仅只有'Loggers'的不同, 'properties'和'Appenders'是一致的.
+     -->
+    <properties>
+        <property name="logStorePath">./logs</property>
+        <property name="charset">UTF-8</property>
+        <property name="standard_pattern">[%-d{HH:mm:ss.SSS} %5level][%logger.%method():%-3L][%thread]: %msg%n</property>
+        <property name="mirai_pattern">[%-d{HH:mm:ss.SSS} %5level][%logger]: %msg%n</property>
+        <property name="logsDir">${sys:cgj.logsPath:-logs}</property>
+    </properties>
+
+    <Appenders>
+        <Console name="STANDARD_STDOUT" target="SYSTEM_OUT">
+            <PatternLayout charset="${charset}">
+                <MarkerPatternSelector defaultPattern="${standard_pattern}">
+                    <PatternMatch key="mirai" pattern="${mirai_pattern}" />
+                </MarkerPatternSelector>
+            </PatternLayout>
+            <Filters>
+                <LevelRangeFilter minLevel="INFO" maxLevel="INFO" onMatch="ACCEPT" onMismatch="DENY"/>
+            </Filters>
+        </Console>
+        <Console name="STANDARD_STDERR" target="SYSTEM_ERR">
+            <PatternLayout charset="${charset}">
+                <MarkerPatternSelector defaultPattern="${standard_pattern}">
+                    <PatternMatch key="mirai" pattern="${mirai_pattern}" />
+                </MarkerPatternSelector>
+            </PatternLayout>
+            <Filters>
+                <ThresholdFilter level="WARN" onMatch="ACCEPT" onMismatch="DENY"/>
+            </Filters>
+        </Console>
+
+        <RollingFile name="rollingFile" fileName="${logsDir}/latest.log" filePattern="${logsDir}/running.%-d{yyyy-MM-dd_HH-mm-ss}.log.gz">
+            <Filters>
+                <ThresholdFilter level="DEBUG" onMatch="ACCEPT" onMismatch="DENY"/>
+            </Filters>
+            <PatternLayout charset="${charset}">
+                <MarkerPatternSelector defaultPattern="${standard_pattern}">
+                    <PatternMatch key="mirai" pattern="${mirai_pattern}" />
+                </MarkerPatternSelector>
+            </PatternLayout>
+            <Policies>
+                <OnStartupTriggeringPolicy />
+            </Policies>
+        </RollingFile>
+    </Appenders>
+
+    <Loggers>
+        <Root level="DEBUG">
+            <AppenderRef ref="STANDARD_STDOUT"/>
+            <AppenderRef ref="STANDARD_STDERR"/>
+            <AppenderRef ref="rollingFile"/>
+        </Root>
+    </Loggers>
+</configuration>
\ No newline at end of file
diff --git a/src/test/java/net/lamgc/oracle/sentry/oci/compute/ssh/SshAuthInfoSerializerTest.java b/src/test/java/net/lamgc/oracle/sentry/oci/compute/ssh/SshAuthInfoSerializerTest.java
new file mode 100644
index 0000000..694146a
--- /dev/null
+++ b/src/test/java/net/lamgc/oracle/sentry/oci/compute/ssh/SshAuthInfoSerializerTest.java
@@ -0,0 +1,50 @@
+package net.lamgc.oracle.sentry.oci.compute.ssh;
+
+import com.google.gson.Gson;
+import com.google.gson.GsonBuilder;
+import com.google.gson.JsonObject;
+import org.apache.sshd.common.config.keys.KeyUtils;
+import org.junit.jupiter.api.Test;
+
+import static org.junit.jupiter.api.Assertions.*;
+
+class SshAuthInfoSerializerTest {
+
+    private final static Gson gson = new GsonBuilder()
+            .registerTypeAdapter(SshAuthInfo.class, new SshAuthInfoSerializer())
+            .create();
+
+    private JsonObject getPasswordAuthObject() {
+        return gson.fromJson("""
+                {
+                    "username": "opc",
+                    "authType": "password",
+                    "serverKey": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC/NGFFKkchNdE8HDE9WHGIcw97ZVOP5edY7drtRQn0xSSG6uLu08T36B8IWT+XJdg45/YMmcuVSzsG1QZs/R3s0URVUhsWjwdezWDeWeBHt8/6TGl2AsgA0iXSAOeRNldhZlITFvWoBEv2wElNjCTsEGo5bBp3rVPqqZNJFUs+FR9s/uVgmFqe7HGhuKhhk7BrRThJ/NcgDRicMQ4yXU3Hl++pG54TVLH+0HmgWg312XNAWtzw2iRmKBAuu2I4pP1TRp93K/lbD7QU8k8W7QcyGSAc73nZrhyzYVMko5wQGt4/vGpchOw7ehkotSejTB1GSyhzBTZobA23For76YLzuVFOjF3lEvSh1QV30ysu0PREKLtY83ad0WHVFqVgJrFHkkXQrglN335BhGwhFzwyMpRxbD8HCDtz6VjpqwoKtd/ExQkcfaj/g10o28vRzHGyzUbCTe433V61fjSsC4Bikw15vTnQ3ZuyOzfyoCYUNpFcf1Wv+mkoWqn9xU8lGvk= Test-Server",
+                    "password": "123456"
+                }
+                """, JsonObject.class);
+    }
+
+    private JsonObject getPublicKeyAuthObject() {
+        return gson.fromJson("""
+                {
+                    "username": "opc",
+                    "authType": "Public_Key",
+                    "serverKey": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC/NGFFKkchNdE8HDE9WHGIcw97ZVOP5edY7drtRQn0xSSG6uLu08T36B8IWT+XJdg45/YMmcuVSzsG1QZs/R3s0URVUhsWjwdezWDeWeBHt8/6TGl2AsgA0iXSAOeRNldhZlITFvWoBEv2wElNjCTsEGo5bBp3rVPqqZNJFUs+FR9s/uVgmFqe7HGhuKhhk7BrRThJ/NcgDRicMQ4yXU3Hl++pG54TVLH+0HmgWg312XNAWtzw2iRmKBAuu2I4pP1TRp93K/lbD7QU8k8W7QcyGSAc73nZrhyzYVMko5wQGt4/vGpchOw7ehkotSejTB1GSyhzBTZobA23For76YLzuVFOjF3lEvSh1QV30ysu0PREKLtY83ad0WHVFqVgJrFHkkXQrglN335BhGwhFzwyMpRxbD8HCDtz6VjpqwoKtd/ExQkcfaj/g10o28vRzHGyzUbCTe433V61fjSsC4Bikw15vTnQ3ZuyOzfyoCYUNpFcf1Wv+mkoWqn9xU8lGvk= Test-Server",
+                    "privateKeyPath": "",
+                    "keyPassword": ""
+                }
+                """, JsonObject.class);
+    }
+
+    @Test
+    public void deserializeTest() {
+        SshAuthInfo info = gson.fromJson(getPasswordAuthObject(), SshAuthInfo.class);
+
+        assertTrue(info instanceof PasswordAuthInfo);
+        assertEquals("opc", info.getUsername());
+        assertEquals("123456", ((PasswordAuthInfo) info).getPassword());
+        assertEquals("SHA256:qBu2jRXM6Wog/jWUJJ0WLTMb3UdDGAmYEVZQNZdFZNM", KeyUtils.getFingerPrint(info.getServerKey()));
+    }
+
+}
\ No newline at end of file
diff --git a/src/test/java/net/lamgc/oracle/sentry/script/ScriptManagerTest.java b/src/test/java/net/lamgc/oracle/sentry/script/ScriptManagerTest.java
new file mode 100644
index 0000000..01ce0d6
--- /dev/null
+++ b/src/test/java/net/lamgc/oracle/sentry/script/ScriptManagerTest.java
@@ -0,0 +1,22 @@
+package net.lamgc.oracle.sentry.script;
+
+import net.lamgc.oracle.sentry.ComputeInstanceManager;
+import net.lamgc.oracle.sentry.script.tools.http.ScriptHttpClient;
+import org.apache.http.impl.client.HttpClientBuilder;
+import org.junit.jupiter.api.Test;
+
+import java.io.File;
+
+class ScriptManagerTest {
+
+    @Test
+    public void loadScriptTest() {
+        ScriptManager manager = new ScriptManager(new File("./run/scripts"),
+                new ScriptComponent(new ScriptHttpClient(HttpClientBuilder.create().build()),
+                        new ComputeInstanceManager()));
+
+        manager.loadScripts();
+
+    }
+
+}
\ No newline at end of file