From eb926b25056e3bd855011a4b1779d883ab81f77e Mon Sep 17 00:00:00 2001 From: XiaoshuangMa Date: Fri, 14 Jan 2022 20:19:22 +0800 Subject: [PATCH 1/5] add coauth readme. Signed-off-by: XiaoshuangMa --- README.md | 130 ++++++++++++++---- ...h\346\236\266\346\236\204\345\233\276.png" | Bin 0 -> 22239 bytes 2 files changed, 104 insertions(+), 26 deletions(-) create mode 100644 "figures/coauth\346\236\266\346\236\204\345\233\276.png" diff --git a/README.md b/README.md index 61350ac..a38187d 100644 --- a/README.md +++ b/README.md @@ -1,39 +1,117 @@ # useriam_coauth -#### 介绍 -{**以下是 Gitee 平台说明,您可以替换此简介** -Gitee 是 OSCHINA 推出的基于 Git 的代码托管平台(同时支持 SVN)。专为开发者提供稳定、高效、安全的云端软件开发协作平台 -无论是个人、团队、或是企业,都能够用 Gitee 实现代码托管、项目管理、协作开发。企业项目请看 [https://gitee.com/enterprises](https://gitee.com/enterprises)} +- [简介](#简介) +- [目录](#目录) +- [约束](#约束) +- [编译构建](#编译构建) +- [说明](#说明) + - [接口说明](#接口说明) + - [使用说明](#使用说明) +- [Changelog](#changelog) +- [相关仓](#相关仓) -#### 软件架构 -软件架构说明 +## 简介 -#### 安装教程 +**协同认证(coauth)**是用户IAM子系统的基础部件之一,提供系统内认证相关资源的统一管理和协同调度能力,当前支持口令认证和人脸认证的对接。 -1. xxxx -2. xxxx -3. xxxx +我们将设备上的一个用户身份认证单元,称为**认证执行器**。 -#### 使用说明 +协同认证定义了一套**资源管理**接口,新增的认证执行器在实现了认证资源管理定义的接口后,可以对接到协同认证框架上,从而为系统提供相关身份认证能力。 -1. xxxx -2. xxxx -3. xxxx +**图1** 协同认证架构图 -#### 参与贡献 +coauth架构图 -1. Fork 本仓库 -2. 新建 Feat_xxx 分支 -3. 提交代码 -4. 新建 Pull Request -#### 特技 +如图所示,OpenHarmony框架已经实现了协同认证的系统服务,并对上封装了协同调度和资源管理的接口。协同认证部件内部分功能需要厂商适配来达到更高的安全性要求。需要南向厂商适配的接口,在用户IAM Common HDI中有定义。 + +## 目录 + +```undefined +//base/user_iam/coauth +├── coauth.gni # 构建配置 +├── ohos.build # 组件描述文件 +├── frameworks # 框架代码 +├── interfaces # 对外接口存放目录 +│ └── innerkits # 对内部子系统暴露的头文件,供系统服务使用 +├── sa_profile # Service Ability 配置文件 +├── services # Service Ability 服务实现 +├── test # 测试代码存入目录 +└── utils # 工具代码存放目录 +``` + +## 编译构建/使用方法 + + +### 准备 + +开发者需要在Linux上搭建编译环境: + +- [Ubuntu编译环境准备](https://gitee.com/openharmony/docs/blob/master/zh-cn/device-dev/quick-start/quickstart-lite-env-setup-linux.md) +- Hi3518EV300单板:参考[环境搭建](https://gitee.com/openharmony/docs/blob/master/zh-cn/device-dev/quick-start/quickstart-lite-steps-hi3518-setting.md) +- Hi3516DV300单板:参考[环境搭建](https://gitee.com/openharmony/docs/blob/master/zh-cn/device-dev/quick-start/quickstart-lite-steps-hi3516-setting.md) + +### 获取源码 + +在Linux服务器上下载并解压一套源代码,源码获取方式参考[源码获取](https://gitee.com/openharmony/docs/blob/master/zh-cn/device-dev/get-code/sourcecode-acquire.md)。 + +### 编译构建 + +开发者开发第一个应用程序可参考: + +- [helloworld for Hi3518EV300](https://gitee.com/openharmony/docs/blob/master/zh-cn/device-dev/quick-start/quickstart-lite-steps-hi3518-running.md) + +- [helloworld for Hi3516DV300](https://gitee.com/openharmony/docs/blob/master/zh-cn/device-dev/quick-start/quickstart-lite-steps-hi3516-running.md) + + +## 使用说明 + +### 接口说明 + +**表1** 资源管理接口 + +| 接口名 | 描述 | +| ------ | -------------------------------- | +| uint64_t Register(std::shared_ptr executorInfo, std::shared_ptr callback); | 注册接口,执行器传入基本信息和实现的回调函数 | +| void QueryStatus(AuthExecutor &executorInfo, std::shared_ptr callback); | 状态查询接口,查询当前执行器是否已经注册 | + +**表2** 执行器需要实现的回调接口 + +| 接口名 | 描述 | +| ------ | -------------------------------- | +| virtual void OnMessengerReady(const sptr<IExecutorMessenger> &messenger); | 通知执行器信使可用,传入信使(用于后续协同认证与执行器通信) | +| virtual int32_t OnBeginExecute(uint64_t scheduleId, std::vector &publicKey, std::shared_ptr commandAttrs); | 通知执行器开始执行认证相关操作,commandAttrs中传入本次操作的属性 | +| virtual int32_t OnEndExecute(uint64_t scheduleId, std::shared_ptr consumerAttr); | 通知执行器结束本次操作 | +| virtual int32_t OnSetProperty(std::shared_ptr properties); | 设置属性信息 | +| virtual int32_t OnGetProperty(std::shared_ptr conditions, std::shared_ptr values); | 获取属性信息 | + +**表3** 信使函数 + +| 接口名 | 描述 | +| ------------------------------------------------------------ | ------------------------------------------------------------ | +| virtual int32_t SendData(uint64_t scheduleId, uint64_t transNum, int32_t srcType, int32_t dstType, std::shared_ptr<AuthMessage> msg) override; | 发送消息,消息源为执行器,目的端为协同认证框架,消息内容由执行器指定,比如返回人脸认证过程中的提示信息(光线过暗) | +| virtual int32_t Finish(uint64_t scheduleId, int32_t srcType, int32_t resultCode, std::shared_ptr finalResult) override; | 操作结束,消息源为执行器,目的端为协同认证框架,消息内容为本次操作的最终结果 | + +**表4** 协同调度接口 + +| 接口名 | 描述 | +| ------------------------------------------------------------ | ---------------------------------------- | +| void coAuth(uint64_t scheduleId, AuthInfo &authInfo, std::shared_ptr callback); | 协同调度接口,传入调度参数,返回调度结果 | +| int32_t Cancel(uint64_t scheduleId); | 取消调度接口 | +| int32_t GetExecutorProp(AuthResPool::AuthAttributes &conditions, std::shared_ptr values); | 获取执行器属性信息 | +| void SetExecutorProp(AuthResPool::AuthAttributes &conditions, std::shared_ptr callback); | 设置执行器属性信息 | + +## 相关仓 + +**[useriam_coauth](https://gitee.com/openharmonys/useriam_coauth)** + +[useriam_useridm](https://gitee.com/openharmony/useriam_useridm) + +[useriam_userauth](https://gitee.com/openharmony/useriam_userauth) + +[useriam_pinauth](https://gitee.com/openharmony/useriam_pinauth) + +[useriam_faceauth](https://gitee.com/openharmony/useriam_faceauth) -1. 使用 Readme\_XXX.md 来支持不同的语言,例如 Readme\_en.md, Readme\_zh.md -2. Gitee 官方博客 [blog.gitee.com](https://blog.gitee.com) -3. 你可以 [https://gitee.com/explore](https://gitee.com/explore) 这个地址来了解 Gitee 上的优秀开源项目 -4. [GVP](https://gitee.com/gvp) 全称是 Gitee 最有价值开源项目,是综合评定出的优秀开源项目 -5. Gitee 官方提供的使用手册 [https://gitee.com/help](https://gitee.com/help) -6. Gitee 封面人物是一档用来展示 Gitee 会员风采的栏目 [https://gitee.com/gitee-stars/](https://gitee.com/gitee-stars/) diff --git "a/figures/coauth\346\236\266\346\236\204\345\233\276.png" "b/figures/coauth\346\236\266\346\236\204\345\233\276.png" new file mode 100644 index 0000000000000000000000000000000000000000..d22c5dc83fc47d852397304fae0d7c361af82291 GIT binary patch literal 22239 zcmd43cT`hN)IN%e0v1p~QH0QY6GV^_5KwyW9i>PI=@6O}#R7zmlmvm$oAerZ1u=9a zl+aOH2%!iGz1@TQer4Ue*1c=p-&)`I2aDvKIdf+A?3sD?v!BU3Ee*wMm+3B(kdRzc zR(hgCLUJBVLUQgO@=L%KW$$rQ;NLk<9Yr~kvVM9T@P*V)R$Z2aqyl>7==nw9JH<;S zV^0zi%J#Frb11h08xj%&FXbn)dVUsb$dJ!^Be3%65SVV=`3+Nctpu(-n(RbO1z%a{ z7uB2AR`mYJo6!ohpSZWZzh91htE~`ymlz}09r|VVnFq%mhS&t&?6C86`?*^~O!OCT zoDbtVM;}gWX_=apw{lokvpX^Ew1M>5U6&5>*;o&j*4LEXK<=0{HSOZIGinSrbg#>i zGe^XVlB4C%{@4CL{8xezeBDS8;n(9`(lj7ujPxV|bhoB=z6g?Z4|O^v#`>u1szC7< zNdLKn3vCW3UXKro1=%adf;uIYsF=seaG}Yh|8qCGqLPGL?wh=D^<49;3f{55+uDm1 zeD)I&M$^9*za0~Fu2C%)VsZ_Uf2r2H>#f`(zVNGSs{gu;@$wYyr}D$FsE^3W3c<%I zg?gI!&_8_(=cGEg(0WOS;^_#3%1e#Kr-hZoJ($L_RJdnh*o%a`^w)$t>f~Us2(8;!lW_9!bMszXoR1!w9)C2>y(TDw&Jo(yv&Tr*y~i91jqkOE zdn{g*w|$%+GEIAs$<~gV;f5l$Pw1vwR|M{U>hYanB2YE-3|~P+#;%4F@2qfwzeM_8 zOLUOIg-e$b?Qd(Khis7v@MG|_u+Qg^7KRIv2j~Yjv0i=yS-Khxwz;b>>9GuWZ!Q=* zOCtMRU3oE+67m908zJ#6C`g}OI**}lY;W5z85GS^oZkas2ZzMHuDiNjhKdPox9yFt z>p_^h8HPzuk!$5g!I2MsPDt_)%JGS9KN1$7=(|o46d7z+$k6giJF<|g+sSY*#;tP@ zmnS-hmq!Ytv<`3Pa^mV83%S6IUDmWkI}!sag>kbVcNv3CLCrR?n8JF=5A&4^J~bgf zz*|t?!jQu~F$aXAHtyqP-LfwbuN$WZG`IB<;eAwHcZ-nc!~_z2V-$86j06(~ z^akqgD}W{$#`DFi^}cZn(McTddXx+J{*)TO$*-#z3zDm(LR)v%5EHY~;^15rl!$oZ zDn9wcuqW@--upwb#c9HVr1GJ9tC=2#@9W=H-IKAeSB=Mf+=iqWf&^B z^|e5_=17WkPlk4=UQg86_Ct!r9!%gm2XJ9b=BB^B20ap;P@D@pZFJ~%b@ z*jRd*3JLp9S8YdLTHyx|dU9h1_iYnKk3K@e8(CmaN6?=3@659B4OZH1G^0ZPZX2@W zK95=~P#eydy84QVEo&!kXgg^(Czi#Pi|Cw}4Ae?$#I*6eGSdwccT3eT4{?^5lZO_~ zW!)v>yvgb}59apwB0^k?QsBoc;`qYS8&sU?&)J_V2!%VL$pbAl+FAa(d{6<_1%dJ+ z?_w}#dYFW<@Ea(vLsOUdYqfG`3cpB`s(lfu`*Q9hsQasKV9 zXHt#OkX3FiW!HR40p!vQyK453jrVyRGut5(_{~xxXow<-e?Gwia&#a!hV`~-lJZGv z)e;$--S`?O{6Zy#Z_MwX>4uN9X#*b{z_q32!3hcwni~3?^3eBTI@#I8kDgpIbcjMZ zNb^Bk1bjZU&SnWZkQnTf+Aq6>vEE2b?V0tp$T{&c@GBiC!@6l<{Ac;?6(HnY(n`>* z8MJi>Q+}QaZgU5kyqTb2m{@WUMNAy4vn%HN7-YHU^yPgpYkpV!g`bsWl(~E9UW{kY z0MLoga8HK#wKgAg2kxWp2`03H3KY5e9zwpD89PB|=*>CB zsPqoM@yD5uZhn!dZZY{D^~XWvk-7PeF?qFda4WJ;l699EWRba?Uk3+lCX@9&%I}_A zsYgt%ut98Aa7Al!A^VlSnwdBAKgJXY-WFj6zmKpE)E?YWepp|ArL~L=$F2OK<)r(A z|8Xv7cMBMAyR^s|Fn|Ji^Ub7l#vOX`k7;DLkg$3tGRSY04XIX96Zyh`ow*-y-bh{#v_&{KLBjx6j!rju4 z_Oc3UUNUq}LA#Qsc5FuL^+yOrbNL71JFECE$rKM=vsxl4#=iz#B^xY`Xr<{-=S|Nz zyrrlw2_fbgMH=Ui`ln7I_iS-7TY}U!1rp_1LjiN%+c*ELdVcl6Jy$n8ed%L@W+DTw z<**CLq37%Lk3Pp#&wF2@U`WX00vjkAl@j+X$pl)zJ?|hs2kHwT&si-z-s_1bSeb=EVqtMth{+UV9wXOJjiY zR&CccecG#J%gFbyuW+!@Y8NHIwK%_ zw|;b?k3;88P05DEm)-iW!a2&9QD4&Dsx~gJ*&EB>zp1xzu@7hxTIfZqDtd?Xg^<QyIy}(o6wY>hi%tpN$LyLvu zhYs78|Bh%h{z9XYcYytzjYNwxB4v}yS36RWam>pU8xXi^~dA8azE}10M=wX}gs@Bc?S{1&LkYu?L?SYGZr99x8*cC|iMbkJ1KanrwR)yC* zuW=kpu^&hI4G8kA)+j+0EOQ78cGimBDc~Czu5$+mwjPSRwdl-zavP3=($YIiFVei> zZ=U{M2Q;5*bF+f8ta$^+Ft02^tY;sv@0CjIn>}2rTfGd^_}-BFZF_P*jul(zl+&p;=)B!2#hzZ5m>}`2>0G;?2sVd; zoe7ci@qVR-s+Y4I!tli)rr%p%zQGC`_=_8|#_F_|epug8Z22=fu9nrT)g^cL=rY!) z3xYb4`o4~)HVdzCsy4|QtDOvhe!vta-ztwmdndg4F;V1&gno1><3~wnc6mT=OJJnE z!2)XgghY#jgTEs(tYV&$ITmzSJDnw9vCiDf~4#ZgX=6H5YK> zt=8pkWC#VOMXXV8C#X)rAArB)7;m?cQao?K8pQk2*IDUEqg0|ydeF5$D9e#OADzRk z?oy9HdAm}ehn~6Pt|@8KV{2|V#qbMN^o$#!_PmR>Y{|>CHyW=_Oyo@rp1*BoZ2|My zpDt>)ti#joK8BDp>tDhZCfVCPmo^KhautiCR2-y5>t@5zx_MQ<-~lb8&zQis4@_Vp z#^zTxce&VDWXDxDY}Ft)%PdVFHJ>W>;P4OZd)Q4+9;R?T6UqWyk9jeiIIN-vk^B0Z zt&V3E4RVzTNjHZ^#7X}8a+AbFESRwiT)%Uk=^KRoP+{&Y-6^uTrtR*Azy)y7( z(>6G6aJg_Ra{!Er6)d~O0$waDeN1_@I~3wJkEyuHehjB;;2OP^07utgS?WO-LW^LX z50lxzJA}7M+@1_}SO1!{LI1|CsT6PAwM`(HFK%_6d)_9Q)W3!$5cHI z7c+FS@$bxX@-jk@5-SztmN~c>?l~z&`FP?J{7YcbK*MDrjvcq}rF1@#E>YF7QBdop zNjYVn1~8w%JWDiDgjNaqE#!2_=hwRp|5UtWAX1@>H8SxDw60FE&`3ZTvTAK*+ua%P z?cYh1Eq~NOHSu|vbc|KjNAdZoWy%L>fk9QA5aUV3ECfl2@+Ivcs7naE>m<0+C_y=7 zAOv?#+OXUh(o?_EIW6hes+<>|X{D-{acz8rV z`mLsY)A-U!U#mM4IL%|jx_QV~6&eI9Kxq%&$BgXRHeSO^2rpW>@J_7_Ki)Kp4_UXu zrnCMDG<11mV%lkw_uRf$#I(2ZgEuL;W8@*{&jAKu9u#Ig36;9#t_;O>&JD=V*O?Zv z7MfYhLPT6~n`KuBC*y}x!Z*uU1A`RG(i1UpmXSf%^f?ab+c2J~PSMKQ8Q z(l^V#eD}7Fz%BFeb&61(O4rmwOw zrTB?KjG~bigcs~u;v~XCmj~nIB_%E|{^N!z8%V^U(jcm~=#0#^ z+ep!MExO=nh1X3*agRJRWQpT{h>$u8PK-yhKEQm&6NMjjI=tn zt8CqSgdN~LkDj+m_nL+@sin2{RS3#7A9u3~E5qzCFMu72Y_v=5SjzP{a|uWboEjYPbXQsKr%4sbqxiJ$R?tr#w;e+tnlr@#Y>E67>8WtH1YV4;uNC71eSS%LPvU z6&2vqdIO|>5NN+(UWsZnuNJT_yznzZIyZ3 zeBNCJ^FPC>tC;O%*#?F7WbSa5M2mZTHI*mK+&JAlX=jWCHBqd1rV#MICM!=j;^Eo9 zuD0lae9585Qq7IQGBfzZvXh`T0)T*^AC@O*@tbiMwpQi@8suf*LIAfS*1Y7j9f*9h zbl3Q}LukCxy`i_+R3=ypWJ+i`Jg&ogCQGsn^leSfwBo&6rAO9#nqpA7sGIOjRZ7VS zRIo)bk~Xt27t7c1h!{w?_-A!rQ6kp${Mek@rs|rd9A=z2sK`F$+8@7(uN!%`fH>rD z*qxI_-$>*org-Kxv!u&A*~RoohJ56}PHc;J?=wU?nvMinX{~R)t^~7y4+9#zFGIft zTgXQ0v1GQYvw{TxTlCKJavTmR9BamBFVJ2 zwfJoeqRPv0HfJZ%JTCO@p~nKU?%uVDp=UWtc-c2D?Kpa<;#(1OfetEVy_ zt50BL8Jac6PNNy$Oq9gmiCR4-zug zLO^W|pDWH-(HoU6k-U5=W{c!se$@Z5VVWnO9D$u8^pOu}iFX_t!h8$*Z&pyU-AT1l zhdu!Ml{`hdx6#npPdN_dZ=kr3X}dMRlVt$)1&4%->D+BvAAZ=l;KQ$^va^drg%T4d z$jQs5V>H;MVC{>w4Xs<{<6l;!V6%6g0MG~*MjVb?CM!MltL~k;&E4ei=Bhp;xF+@bcYg8t<1*1LA z`c$-nk`%|Co|gbZF`g33Gto8ae*Ecp?s^|XHO9Q|YYBzvEQ>UUDQcg~?y-U?e_k## z*Yq>MS>8EcsM)9h%weTQCa^bK4e^P@dmEe(gZy{yRF4b&O@mGTrXPD2uO5GqaeXHi zbbYP*Jt>-+ZhV}d%5R7qwj#Fks~{1;jRI?Y;NXU>sNleIo_h_o{O55L(XpUu?%e=Z zdCp?I03;e9nPRj^VXY5Nprlqib%=|#vJ$bpi4Jk^UpRXAv`6O#3$wDb9B|A)CftDTW4SkeGym4 z8YBRIaoK5^2v-vC6Y?K0(KD+da@9(C7YgcQy^UupWg$iClBxs2-Y#BjQFqpjw(o5? z;mRR8=18L7kXhAn;aH4nW2svdKmz}1Y^Le}EhE5BEqB0jWp4b`UAY=|5mBS0SrL5f z0w4dvf5O1f>9pHPqObVb?;(^4EO1}}A&LyEf%PZE%{ZDrtDYbh_m}M|{c9Q~cYkni zWz@ZFxQ){$-Nri+H-BK+1;9>>ARNqXORR;C>fgm_Ruww;>fqJxdMMiRO*D)t!4<}2 z-M_Q3W)1y5%mIEsJ?#;4-{$^n*K>b9Sri9Kb;Odq_J!Uo;rv;-O<91H3T_4Yt1 zoz6&!9*ADa4Uiq-0>7UVNr^vAwFq*@jc<1+qK^ydT^7#$-Jar>XA8C%PnDKd-zH91 zJQk1)`e?R;u=rjGDsLVzh3W>HeQg~y`K*y&f82SvwYqw^(0%2|TdF0{n@2w2;;v^dAu`UX#$QpRj-(@^zRb6OYlY>rwhAS@9jywBG$h>iRK~r zbqIKFWZZ0;36^i9ZDn@q!*ta-f5*G4KtIq=uz&b~_gW1)i1{hG!0yH{K+j$GgmO~m7MPgTj8qbbothzd!X zYdK&xw~Ab|c6+KnMMVZFp8{XHRI_!;fJd&QmzluocMShL&o01?xj!LK?qCxO=TOu6 zeNjY0`ESWipyWq8-%}m3saj4V5LJsGGHYA2gF$E`LV|lyOa!RaW zK%;k#Hm*Gdwtc9-`$l>5e>Uu^EJSGrNFB*-(IE2Qg%e|&0Z)e^nJ+Z6xYs;?9 z{UT9Dql;ar-|BQ_2P+@aT}MP-kIx61O^@Jo+35~ryq54>#^lop?N{e}OI8Ro(Vw!$ z)oY*W#d34RcTO&)p8gfDd$H2OT0U4Kzg2^K@O>n**@nP*xKxYkx^I*vJvgJOnjM9Qpphy$H>NCu zFFcV3w*QYoRYzQrf_)n{CBLv({>|NgUZSqu$5yxyB z0gNDB>E?t7MGUe}=vY7cv8_~1?td9@g!+a8B)EB@08*{JeizYA)u?zZ=yEf!%rOz< z#t${5Wd%oE*HHzWkP@9BI-)vIv8LIXYvLi{7MnZae?GL(q57*EFAq5MY7#0Vlk=&H zkHLyHu;Gvwvj6s>-`3jO8C5=xewo2{I-vT6XX!vy^C2tv;B;nlrsAQ7+rwwu4}c_S zm+s$}=&KBL_Sm!qnOE|74Z$7?=jtXgiYxl0@#BU9aNHa`U~yn6{ma&4~8hVer(Jp>j>2mA1PW}0YLh?PWfN=TVV#XL^cX;Ke186eFIm} zZ=^EY6$-<|`1I3gzVd^&@8T!~lLZtjj<5bVLj@reW84x0di%(ld?ZdDcT}tiV*`(C zcB*U?pvYEQG_|>WA`^J=H3vHQ&3_vn4Rnr2pj}EvIcCR;GU-&vrNw#7U5gSl#cP@( z!#4lM@u&L{?tOt*Vgjg2(B112;A^pIXG_hQXJitW>1B@cyv%*`_7Bb24>J8>UdX%0 zthut1@0SbI`On^jSo+(um>xSu#>8;OkQWs1#(jRh)oTp(@QCS(3vY}G-`cc`!Iix= z+83i;U1V7x#Z@fwQUJ3Cy?(ZADQWi4Q>fUmaSI0}QL1{}`Oh|h;&%b-#Y$boIm|JE z**5-5*Z%v`A+bY+Gb-BuG=%EPzT|wSuEu}I-I{NpT zhZqD&(8QY~F?at_!p5M8nM)vA_-hz>wWbV@HAQmr_5kfA(a24Eor7!hrR;&*&Ht z+lx*_d;YpY@@fefp0f-Vph+P4pZN5hvm_I2@`tr-`OTTW4vVr}n!rRl1)lC5-u`#et#=^N$+#h4l<7MHFXJ^6kuc zvDfahF(|x0fIZUrrk2XtBlBoo`rCXxUqeu=Vat4DZe@@0rLD_<@XsgB&Qc=RQCu2n zg)%RgPTxQ?Wm^S8S&~R0FQK0f6aKNZqv1c4o04W-#0fCTV<|Lj^iPJ8eOolxx@5TcsBe zzR*ZZ*>lp_!cZK-ZMTeBZ1b;Vuhgu<@83(j1Hk9ggIL3LNl%&gNufvoQEhh&@lgbu zvg`Xvr1kLWkQQI2$JcLpzZ1)%yvhR>{y(IG`jz9o_26{*JH97R8fD(CA1Z;GwALhp z-jwWFHBANN9h|08b){+D?R@Z8lhHWWrJ*O6{lUj64&J%*e$3^GVrn-(i>Pfv-b~wo zAd8~D>VW(95pj6bzCp&}GVi;yl=TYzS^N^vY`cC(e}JjMUq5O4ar>V@kcvpL83zhs zfO3+&Lq9Nap;DDIN95N}r^I@osg=|lxVfn?Z?#6ytd*xV0Siy~wf@ZlS&Z|fp9JC}IEdj{V$2 z70rqhj~v-F9t3AF{3o`>Iw-}=Tj5kI^|y*3QNVx4JcT3`SMuE?Ge`KeQRB9V*p0sy zkY?rsKOcV!J%4xn`ys3F&qR1<1xWj6fik4Gvlr1N+&1z?9i{+Lp-+)no8TD$Z+Xoc+W%uCAWh#eYEvtJl);e~@885sGTU&wk^{e^|g)N)qyH&bK%#)PfZ z!!O!a#lz=>4(PK{3I$EXC*mBY2EJWmUseLI*mWV(!`E^H2yAU(OL>1M^LNfMG<9;u z=i$8w+po9NTaw}1RZZ`8)w{5(|0IJ(M%9qN8ccA;o~;?^R;C=rS^P}-Soy?Yj#!68 zFVbJ)TYutuhak#t;oI|-<~Lo#>YI&B0AxSYoRA%mVrY^hogxsuIYLFSPOL^SnnP@S6pBt6U0Pi1IXJCANDG09>T#hgsRtyxKWde;vJw)X;TwJOfTqs$Lu%>k-lZ9-q?7*S zQ*WQ!BG`XZQ<>M3;E!)+h#m8?(iXCFp3$>P3H(xdYivTB1Cj!c{o0>Q5Q?6}&wQBy z`BD1^%IE<}nb$Wz{j|>Sn(E7y(Y(>AMl>}Q5(m7#0mK5j?h@Lt+P~u*>r|B9|NiY$<5Xq1j_1!0 zRN3dZ|I&^BQ!D%b{kJuBi|L6_ZwrGfNI0wudCDj$3ijmad0HrB9b*G2!vYHJftcTX6(s~Y24wB z3Fes8V`zlKWf(nEgjQvaDlAg>N(&Ie6k_Ya1 z_G}}xz;YcABo@DD<=*&8I!1nsNQzr4{X6^8!X#9nxbKe4!@(DE{)dICBPWBxa=sC? z{R#Xr!pt~rTRT_J#KAM^QJ9AV0=ul?|KmKrB+R4xqr=u%8pFxk_T+0@V~N^mP0Rx$ zqyQN`N=`5rYqh^Pmy$aaM1t4^=O|cG{9OA_(*WZS&r!>r8^55ursu^UnCJ!LWaRBXIPE&)3%COlL z1X<)a1i(2(F1T9K(#Af9aP;x2=$P3b6_&;*n|rjb>+vc>9RT3kHP5=A!j0)>sKTIn zXfSshFsG}BRmg!7#dl>7F0Z^T(-oQwuMyt#7LpFWXFDp#eI!hQcV$^a80S!D3j#C$ z8K8^Gml_CE8l|ZN;*Qu=0H$5cvo3hI`gg3~GubB4?_@;%T2dmyH0BA|~RoN9#wST|XETF0WXehJ)fvsjkk?M(- zgGqTgpo_Vp89ij%pF-wCI(ZiN`2dhR>;)ZeoU87d9&C(#daHK47QiBUiZk5va2YxQ zCuPn1as*hz&amSBnp}9h_E4cgEXYztq5BxTe(dVga{-Hc$a%b&!Tn)jgn=yAu7{@q zLru+odDodQW?^sJS4Hvkr*Kw4vGYWep+(T#C2?(704g@iW9|p<;>;rC+90L>LGn-d zKN&)vO|vonEetT2$J`=SSC#3JPoAGkCSU$loM1@MhuM?75pzIi=-3nAVP38#v=;Ti zrJ%NHgSc3HnzSVtdf#M?c+Wq-ce>sX;^UmuuoS4#Tucni__*t{SAMb_eZ9eN-;fn4 zJfaNkoQTXpol$SUhqaFt{Cf}24)gSaO_e<5l327+)%@=8rh8A<^kmrRAzF8uKo~IY z>LSA5UOjpWV64{&k@Jff%h(OyN!I(akuqw*6*F)-VTOZx_LGUMAN%kV-u>{0-ZhrU z@255@%ZTC;5+Qt=PZb<@+|qukbKcIsPCX&M_Y|rIHg_o(d1^m1 zDWb;<-n_wb#v_==!t*}OpsCmE(K^PEUOj`KCb)wHu<);}BYgB}{shSQJAFL-lYFxt zXx45gK-V;UVM*VF?LY&PJd;a1)(EADVEZVbS~NQg3Swlz()+hO?cEvkia(}Hcl+#J zU_GBBk_S8E%#R-x!sduN{z4QJ43K%dg05jyxKEyUGw03FLaev<9gH?<=(JMwkqRM;sd#Nt2@0&|-)Vo9up4rR;6snJ-^H`#CcwkbK#Kk~*v$OQhP#>f2~1}>q($oU z!|S0GXoj@Q!p>>T^7=vkaqyp18&^{{-$wmltI4r1Av&i74CvW5KQ#Fw`q$Pk{=rAw z%yVuIqF{)&&cxvKZ$^rYF;v#|m55j5a)ixlo8W`!VO5q(0I|Q$?(x*!QFTL=8>}eS z?E*RX>oL2K@~qCpG(WAeC2VK1dXnd7NU>T-K<_N(K2E%7;c;dazIg9TTA|7s7acda zNe{Vs$oj7vo(m>RuyBswO^qo8F+@!><577z-ZM~6CI}USA=bIp{N-TBjZhVC@Oy@p zsb)8En3#NW$o1Q)$BfM!b+EM%Q^z)5g_d4_?+h`;QKQ}7@zXE7!ZXxd+jMDeS`XFE z#8;}W7+rbJo;~)+Qq10OJ(t_G_U0bKhbB4>Ze3}+Ex+Y*%wN?{SPcE{6bVpql~>S1 zq<#$gI(CfI>B5IV4;^!JM|OXZwTvVc@Gl>|9vWXzQc zt_WJT{4h!N!moKukNrFe@{@?{rh->)i~__6?p=I~*uckoKwyRW7y$4PDU$|CErlbG zaN6`nb`k2c>54M>6vE%8s<2;snyhy(I7Sf*Fo(qF!ozbtUxGfcl;{3tT?CXg*Ec0! zf2Aw{)LfEQdi=Z_1c_=%gB6si?S%dGmudb1b~Tra&i)4y8}+TJHTsn6MocNVn9cQ? zEMX@gHcGk+=%v&6wE}GWlZsZ8uGl2#*U}%#jB$9{O$iuUJd^lQZpne^Gh!=d&5=2G zIAhNKAm5Cm-FtjUFp-zRmUgyu_gHC(#;wfGtyS~3>7*4l<5yt#S_-&9tQkzCyB7mW z9+{@PojLTY!neD3aU*gA1RIWN3xeNJYpNhrj1d>0EZ7(DVpp-YUlr5~G2_KHrG%L8 zPK%W0{qAL@lz*^=hsIxNSb_pI$tUJN2%ZzOr+djZKSvI2op+h zo*^NjBl+L)$w30gEfvB|@>umTK)e7_tN`iLJ0zb9|6=_ADg5}=-!3^rw_bUvY3JNy z^S^n_p$g?ZD34N>))iLU1IaQ8Rz75xpp1K5KuDtIY>L>fbAlKZ!^;iBRjF!u(L{bi zR&(wSUijV)Qcx0Rdo^=)t7mPTeWP(FCC6`-(*IBw6O zkauNUUj5aR3yPLtO1DU7Pss#7mIxD-I_Pr1^u}X%IeO?w1G$Pbn~Yohtz_`qx?YsA ztqrB71|f42-+rMSgnM~q9=lqsjm_r$@t}NMK@RbbF@?7kH${!5GGyj7I#6?iG56_8 zldw}tP82`*HDyDvL;PF5lytI7i)f_*jZ~R^8cm-Tk*y7z146M)G{}3bMFsxRy&hR3#>OD6zT53{<~HzaJkgc&T`IP99ZpSyM;z z9yhjNcP*mT(j=IsJo?`;&h1Q*tnvb1FAv4Zizhvp;Ci)syflL>ka&mUO$CO$wD zwl}){i#%69)^|>em%&*$3mW@3^Y(aD2O2q1er<$X`m--kCooexKdi+g&$Q;%F)Fge z>Wl@7fdWO0caVWHb0+ZMai&1hyP3oND6dmwd}e>K?fMs`R8fFrKV#O^ z6|0m7@WR__?6-1WbQKK**o?kjIlbT(_qqbd%L>kU(aBft>80uJpL40G3`ec21jW6a zUb|SJ5j3jr(I?ZFaI2z!?^QEWv;65ehnskw+ffbwmx)iGoV}*s8xPzx&9|uyA!eP9 zl{|c3=6`u~pnigitE_@z_%-|Pb#qWa`VLy^S>^$kdgnpoEu`Pi*C+z;z ztGg?60=?F&$qJq+(2~{I>+sk;c|zHF?}J-%>s|X%X8%2WNV1Xcqc4s50ko$I-{6i( zYrZX0t=q4hEhNcN=%mb>AsKW`8u} zmr_svE<7$XkhNI@r)qaJD;%`eZ*{i`#{NJco|@=oq2;sCx3v(kn7=J5E&h%75Xo65 zxtoG2S>#d4zwu0AMCuP!IOHXQQG&KE`$b6|wT%0`3^gm1nAy`)Qid3$-bfoepn6b~ zn<-C++ss8UVfe~ik^M#Dv-h1|xh9L_#d_X=ofaLcPV(o6Ejw8rI4)pjnHgZ5T^$eL z35Gk)35LnX$SAax&>qdcV{4Vo(Rt(>`zpRb;^EdUeLI|gI(BlL*-|1Pd$xZ^f9s!` z6Fsz{CRn*;E8Jm=XgX=rZaOV|;>@pU*EuYcMhL_*x59$4otn*}UXw$C`zumUUCkM! z?22K!f+>YPL}>X7V+$S=aus=b5xLz`(*Z%!WdQi1PYRwxZS zh&&p&m7J04X*elp@eEr3@kZm29&*N-5O^h}n?B&&XMg@H`NulRV{7S?}R{AspHuZfXxBoG7%teKcwx3E3B0#NDg+Rt*6sD-+fooKzNFV zX=l)F+8{(E5)~j2_WdXh zj716kT1Gf`8F!@;ct^q#fA5I{g7Z;i8+56oRmJ5efJiUc9H}zWfca0mb6<@|rC<6zpIx(>h#nXr2-hh#fdmg8^L(*H5@l9LBeVe<%?Qnk&b^FU@ z;J;f))pH3MtWrdsU>3FKDnSx?c`o)+BykTfZZ`Xm@JDN_D*>hb$sAIK-pntp>a8m*OBSDG+0ENu@J`*n z;5m;J|I$E){&lTk7izGtIh(}Exl(x{abeH0&MkvTs#Dm1_ytpXc%C6v{e#<9OOkh( zgtRip1s!FmRaN6svl}D`41@H^4ROQkRCpM7~^^=t*!$QnLzDM6!)zRUJ z7o5d9^XfV?P06ClfhX&mXCejB|KWv&_gT3HDTO}K;kd;BygM1fpOUfjuwlVB9f=Y= zA#mNz2A!@hMsVl8GWT5c(0A<&IZbNb+gIK4JU(SSF&Q{^sC^@16}>` zq4h+&5*OS31?Uzr$G0fvpw)l-n)uq}R(N660&aO(v*4)D<0r;@yu3@SyhU@VdEZrO zZuDrKY^Ei%{BsPi>uIP|HMkiZ*uRc7os!;WcS>j3qB{hDNJ?LPCh353SEmf0pSkF3 z1q|Ti(gSQh>p|vAM+x!88!OnXy~g;`kOLTBonnaeM?uVT&}=3{LdktHo57$Hf6J<0 zVARRzUtwk66LxKGPT+h5H2{K{9{k-Io-E_yDu=Y0aY8wACa&jy!{BKE1{1IS;rGvx z*pvM4_;e=n_$0V5_+fhT+{!g(wn-5fu#RHJU%m__15&J`Kt}5Ae+WFdT7$8URj;qh zDHQ|RkFW1RKmGmixuB>W;EEHl%YS9Nvk0V12Z7YKLn(mfK91!`o%?+k50rnxF40Z> zk3AK0M70KBCq1)&Z#tdbwCzECSgg6wngobO>bWEjP9gWsPW_hN00LlM#nbth+K`jA z54(K^z>(n6Go=JCV8DoKSD+?9WFB!H-3Tl}6#yL|r-TPc@2^0^fr9t`4-_1Zoi-PS zc%`h0QUxR>CFE*xDKXmy@p97IY^e}FS#0({ulDNDcvj~Xy&k>;2xQI-aT%=}-k4{OKr)0jwKF&imMG)-pI_i3SE6{^8F|#U@^uqv6 zCMgB3qXV-X{=qvplqX+mm&C7Fa3}PDsaW-q+me992I!^LMVx#7qcq(Iwxk>^QnJlA zQbgwFY2pg5rlKl5e(nwELP_?wsDmk!UP9?_$Zb*owgXg>{cZvCJ0}~xFkAsCwX$Rw zBENy7yqa#TwA$8J*{i!o`@Lnb*WyohIi-X@Mx56GP7!LSRZ0UXC@)q)i?Fy)?=N~6 z-OYNJL9J^TQ62cl{v#ckVQD1`S?>qqo_XaLUHsy}-jxFXZXeC5F7TzIu3@EI;nT+n z7R22@O)q5Wzmc(3fx+n^HIycm+=uNf+J^OA(AJq(fPL-XL5(40eSqZXuvaQ&xfKWU zJ=9i{?BJF-H3IZnqrkZjK%C8~-m9mTiYt6JQS2B}kU-RXh|W3PU|>vw^N_v|*u9RX z`QsFNF*3LGG}NN_hJ|g=j#IK_>}v$AhV;wyf1#)RQH*)V> zryeBRDdr|3zl}gqr%B%B`PW9A2O|WF?b9G0@JY*D!#52Y95Z4BkWT<(S;#WVrCBjV zHF^{Q7*UTK41ejjHZs5T3aGvGOt-_Uq?sFmX<#dx=I++idsbw`nebNdQOmErZL%D7 zq$iXVM^OVi3$1m}X69w|d<^)t{s@aLtBgKF0*{GSw%o1M78T_#LqN6g?@Q0-_a8e( zUY9cw``wYVsXP708v)IP_n+4NpDYNZ!~%E5?MV20GNH|uiSVFIXV2tw_P59#>HxvO zZ6&H|>WFI7SP;n-1la_I+yuW8)vJr>3u~mzYqt?(|D4B#`h>;$TtQ!W7D{|9DXY|U z5qIwMW5_2M6Jk1yNMghU{;qKy?J5f);REDvod4gdeY|;;xt`>|anj2g3vZY_=?^H` zZHPH%@AK#J_bz0Hw`@7PP01`gKo`ER{;B^e#DyUHf1xSyQBd9YY+xiUjVQUiDo@OumJ7aa-kIN@X1p0ry8hb#ccK2!mG zhKiu_J>W7mo}f$ zJeIi?6aXlbrEx#<5Rv$sOmu4}$nv~x03qB|_|v?UEw%s03z-ElbmZ^&X?m_ziN z%+8T5B(K}R%u91ZWi%3=FO4w|88r3qAq(|R&%)T^sHGoL4SZZFj+fV8IYV5Mqrf%o zl6lrYxP=$0%exH8(op#p0z;T}FM2XuIkYn%bLrUC8kpF?VfvwxVRMLU{QhX|dp{2y z81XDP&{=L){-&vyE%fWQ@iLvc5PE2^(01VugOQC*Wh`oxK*;+RaU<-iigtM$XR0{6 zslgjP{d3ZmZv;RkE4ZUKYO@d~FZy~THcY%poWo9-KdQB(|vwmQZV%F$5r>+VH*i?@;B&TuH5pg~NPMb`nppM13YORA383ZN7DH{0{%Tx(lvx zDVNTDY;WOCxklaNi>rwvZZ64n((jy47hL=|_l>ta-TJzNwjMhl5BM1W8gQJIX=S=6 z6J(f7W_#)oBh|FluETI;oiK_#IvSkq*+P!m#~Zg3m(v-0nkJLeYZQFDiCD`Nbqh(d zg*7%o)Z(Gg)o=nuU_P>3Fv^0)2^|22_) z1DPP_$c&dO7@N*_$IYI2fJ=}vrlGAGJH%spwr6z)DrOCBIvp(I1aSo5=OxO)tn->{ zzcANf68~hzR4Hck5|Dn`@L<9u#pvB2+qnl@M;Qct^W%kbjl;B~B=Hn&Xqlk;Kv2D0 zp2f5N9@Bi9>Y(>gmPf9IW)-k^TO<8pfw-?|0ypunMJoAz^l}~=Z}DH<*ntBl^dUxb z?=Ux4V~o#(L3DomrLig`Y_Mbl4CwZ$)m(561tMr`1Y!c~dqzeqe7e8qm`WWr=7$ei zkJE+(Y(BiYvdiAV2-`REaji%3&FRN){lLHQQeZfp+V%*Wkap~U(W*fRtYMlyM16w6 zR>TkHaxNBf8D%yL_~L6NIJ?i6XT*JIQ}$R4Lz92+N0xUonEbQ4+vbRk!JNO#0~?@d zHCj(mefk=MOxtaWc6fo?ZxSQfQqE-p_o+gB(_!;>DODA|ajS zLy7fn^Xa{PxCAz)OK=a`M~GI56idskjeNafZA|=d&hb!e;bd*aT`R?jAwDk33Q4g> zW7*EwS8Tm%=6ulR;$K&UXd3cS;(&@a9f_~GN) z;63>_7S_5;m3C%VBBH%6p2hKg@I|iOM#KH!Iw2*h$3e0XleG3wa?#)6qSAHi2q^J|r_0Fe%$*qo0;Zoo(1BWjdK|7*ueU&XUo$CEz4N=?YyaFHE$q{eYV;E83M@8 z-abjCtg#y$dCu(a)jvaHh#lGbrCa0-WT*gV*a>VjS^qwl=tuYhoOudAm{MK4guQi| zc6iQsZ+E9t`$8_Kk@MOf&tCtnI=?H4AAIHdJAVduRNafN;!v%iMl;u)b#!2IR7n3+IyRxs_GixQuA7x#ms^y* zh!!OA75_np@``)p5vFSz(D5*KHzs{y$U}9uzhkvOx19h_n{hKt6+MSLS0JdQS!^|$ zSda10;{$=1<;$e}pAN@~zUgzTgB*R-~;ccb$`##?QtI#5G{<|`ZhyCVnbT84&3bvWIt|P=nLn$D#IuR-C}Z0m&&M+}b;cHf#+ZDg8iSdr8RVk~p3@l~ z;~(IZ#jS3|WF^1VxLf5bL4#O_+SW$qE&X4e;+#^m&ko}|CsKYnnOR}8_&cz~Rnw+9 zUl$EW&P}PFpO9&%z*dIC$%_cGm994Bm8u}L3bw`P9L_l1`}%y?d)t@!ap| zd6A2PWEjwQOdE60k6<@{A8{`t!vQdl#N!G&!E)!=za0315#UUpQN@c$XUV`RS+Ydg4ki@o zoGi!8m@%>qnHfuBa1bJgFm`&4M2E@}gOhD6CG|b(obQkC`u;rsJ@55i&vQNR{XEb8 zKEM0Ef4`{JZu3#OeNBOV#Gf~-twCZlMMZtz-S+ZB6(g;w8BH~p%16tP2asif?V#q= zB#Aio zP-bTCnmAwt&X=|1lLT0$5W9`54mwCpDUn@*IB>t+iWb-=8ME2uuibnW+yzO$zFP;Z zL^R5G5fPg72&s5&o<(JX8Xh&ue!1thr$0b+$FSPn0-eA6MxFn0`Jg5&%kcdNR?p@M zo=1z&tHuRG)>8J)d;IC>T%g@2Z~YCWCY~x1`0B4kR_(iQPDU?RRG+529}~0Lmf_iU zR#R6Qr@DIcl}{?u6=^fi;qg_H71>%kf7M+rSwKQsg4d84NuNQSx$cFiA?n{7P*J*i zXv2pJpTA!aY?b%qlcE0q*hS8V!t4RGpfzJPgUQm_$1mo9tQEv{gK*ZQj=_CmXAe2a zw4IrLV_&T^EnCYG8i(7IB=NbE?#*-hTz#Tza6Qc<;+#72 zb4~30pmZxOhtOMOWVW?Yz@o}+$;IG~?if|K&f3uXsVn8VlWVKq;bV&bV&|tDAwQPE zFE2iRWr*(-Iv^;_Fn~jD@3<|T_=OWHZa-#-@pnlHp7O}n3*v?0(Q?R;wrfQ$BvZ-7 zymUbCHGfsl3CXM8>XR8GoVW)_N_KN_Q^`GbYJ=fxOKEDo%Dbu@4UoIFM3bopk)vmJ zSzeLK|D(dej@~l>k~SWvhL(Mm|L&fk+mG;l=Lo`q zgBuBzT#_KppKA)?^`h#X;^X@-jy4Hi$bm9Sm@1%=gj=?EtK_vKHaDsCq-aZzX~DCJ z&c^ZmWB7sHMqXv{Xp0ZU&}-F4r}s`ag9M~DjAb3$GrHmwphy2p>p6^8LpFQ%Gh4fpB9b0vJlog9FzoxU5q z>dfG$GZ@S+33^rp4NHR0#&ZLLWPG_W~ zmE)4(+0f$#C#xu62^fa`0$d)m0G z6{x|?GAzDgJD3;#8z6-F;flAi$7cG4GQiq7X9|sKgNBwr@L)CDz;V5O%10blq_FZM( zUN(=GOfe>yTcr(Y6ft^|g9t;xYOIcvGYMTQ)_438CP+`tWW<5%mtTjH8>{EmXO{ZN z#;#-S5m!e(06D!A&*llUW`xsV)T$?(W*U>wWRD_s@QH9e#Y#*pB9%S$K8x%|r1u3C z9z;$~NUG+%s7Mm>M;o~~`p>#$BCRL$16fC(^4Zcl4UZVw^Ul&%?M?g4El3u?nZnr5 z=I>=0URiM04Y)Nq9yw!xjGp+Ad%1@t^?bEI(J*|<5nGZA(Uu}ial&JS2`}g@SUj?i#)+~~vwJC-dwa1Xx>d=7FoD`{< z3%Ok<4{~P{Q$@{4Gb4>!N&LET+Ykt7es+J^7AY{9H)yVCC=S-dA7twR2%~{!#2tNTIyO|HGrF> zGLQ88V_9|>vU-V%((PdS?Csehgd+lS`}NR}2TR?w9)7q`136lg;{8k~bMdra|wUr+h|_I7@MPU3k6o?FJ)%SR?q#| zvRC%535NW*+v$sx82UQpbOb+51x9mIP9~Zz!Rj(YNk*VG_dG4pTK|@0SYK{WPp?CzRv`alDl~+yAtl z=j3Z>GnLpg!hcH^FH^^A_-e?vZe2l`gw0{Pf?)C0A>RFE8%BDyP$T|aY{%@~oU8() zZUdwzPRC>$Ua!hHtm&-xOj{xZf@pCey16`%+mgD^hx#YL@t6_Jqk& z3U3c@;I6o~>lTIObHl z${P(VdFXxQS>Xer2+Oo~6Y`}9m5zK5NoV>hP~fG7TOac@B36VYn>$9) zmg1}!jgCKs3l^hBFHJRKB%tl}YK{0Y}Jf`1>AB zp<;DU=N&4%K%z2Fz{!UQ1g9lkWSshW9X2}q;&qQw^DSG5uw<}86iIjBlA4M51cO;h zKQHClc~_G5WFGF(Gr}K0L*wK=dX*J%`+UG7KXoK-v~G&qv9UtfA^0xCsecX{kF!9^ z&UtDeOR^__=%F&*b#b;deNPlAr+3lhqm0EHe1cG;*!OT4-pQMtpIB$i&eu4wlFGEJ zJu$+h%3eH`%Qas}PwBWncy>HOSuZU?dG`-_FOF1#h%+y;FHiE+^v-fo1Y;Rn< zgC=#TWM2o$oeJV~_;0F+6X)2Ay`8V*inu4B@p=4;OmE|+Q!|J6aIIw>V@F@`eMf;$ z&5HhsEB1B~9QF;LF-m?*hx4YfbN~^W+_be2DbvNmW>iMH*p@e7vGXIItWMt>^u*i% z|8h?4pXHe`04MI1%*GJ19b*T1+jXv%UUQj zGe)w|XQ5Yp1w$sy$*>P(4MSi#&v()7*LUh(fafYdeSO)HB6gFVZ#?{95$$Y0@E{2pY06+NQW-uV<8zF!$lkdm25s+i2f`qlz#T;c4FMR;Ozod-qC)jy;cWYd3=mfa nQDjdL!uo$ou1D{+eUW&?aPTKxK)(c{v@ood&8ZR#*O>nR53btN literal 0 HcmV?d00001 -- Gitee From bde8678d076b3e258ddd5056e62d9395bbd80bd9 Mon Sep 17 00:00:00 2001 From: XiaoshuangMa Date: Fri, 14 Jan 2022 20:41:20 +0800 Subject: [PATCH 2/5] update readme Signed-off-by: XiaoshuangMa --- README.md | 18 ++++++++++++++---- 1 file changed, 14 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index a38187d..bf038fe 100644 --- a/README.md +++ b/README.md @@ -2,12 +2,14 @@ - [简介](#简介) - [目录](#目录) -- [约束](#约束) - [编译构建](#编译构建) + - [准备](#准备) + - [获取源码](#获取源码) + - [编译构建](#编译构建) + - [说明](#说明) - [接口说明](#接口说明) - [使用说明](#使用说明) -- [Changelog](#changelog) - [相关仓](#相关仓) @@ -42,7 +44,7 @@ └── utils # 工具代码存放目录 ``` -## 编译构建/使用方法 +## 编译构建 ### 准备 @@ -66,7 +68,7 @@ - [helloworld for Hi3516DV300](https://gitee.com/openharmony/docs/blob/master/zh-cn/device-dev/quick-start/quickstart-lite-steps-hi3516-running.md) -## 使用说明 +## 说明 ### 接口说明 @@ -103,6 +105,14 @@ | int32_t GetExecutorProp(AuthResPool::AuthAttributes &conditions, std::shared_ptr values); | 获取执行器属性信息 | | void SetExecutorProp(AuthResPool::AuthAttributes &conditions, std::shared_ptr callback); | 设置执行器属性信息 | + + +### 使用说明 + +- 协同认证SA南向提供执行器对接接口,各身份认证执行器调用资源管理接口完成认证执行器的注册 +- 协同认证北向提供协同调度接口,用户身份凭据管理SA和统一用户认证SA调用协同调度接口,通知对应执行器完成凭据录入/修改/删除和身份认证操作 +- 需在可信执行环境内实现头文件```common\hal\interface\coauth_interface.h``` 中定义的接口,保证认证执行器信息不可篡改,并在可信执行环境内校验认证执行器返回的结果 + ## 相关仓 **[useriam_coauth](https://gitee.com/openharmonys/useriam_coauth)** -- Gitee From 3d93bf5fcf6a17cdcb4749b7f9914290ebac05df Mon Sep 17 00:00:00 2001 From: XiaoshuangMa Date: Fri, 14 Jan 2022 20:46:33 +0800 Subject: [PATCH 3/5] remove coauth interface Signed-off-by: XiaoshuangMa --- README.md | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/README.md b/README.md index bf038fe..91d3a1f 100644 --- a/README.md +++ b/README.md @@ -96,21 +96,11 @@ | virtual int32_t SendData(uint64_t scheduleId, uint64_t transNum, int32_t srcType, int32_t dstType, std::shared_ptr<AuthMessage> msg) override; | 发送消息,消息源为执行器,目的端为协同认证框架,消息内容由执行器指定,比如返回人脸认证过程中的提示信息(光线过暗) | | virtual int32_t Finish(uint64_t scheduleId, int32_t srcType, int32_t resultCode, std::shared_ptr finalResult) override; | 操作结束,消息源为执行器,目的端为协同认证框架,消息内容为本次操作的最终结果 | -**表4** 协同调度接口 - -| 接口名 | 描述 | -| ------------------------------------------------------------ | ---------------------------------------- | -| void coAuth(uint64_t scheduleId, AuthInfo &authInfo, std::shared_ptr callback); | 协同调度接口,传入调度参数,返回调度结果 | -| int32_t Cancel(uint64_t scheduleId); | 取消调度接口 | -| int32_t GetExecutorProp(AuthResPool::AuthAttributes &conditions, std::shared_ptr values); | 获取执行器属性信息 | -| void SetExecutorProp(AuthResPool::AuthAttributes &conditions, std::shared_ptr callback); | 设置执行器属性信息 | - ### 使用说明 - 协同认证SA南向提供执行器对接接口,各身份认证执行器调用资源管理接口完成认证执行器的注册 -- 协同认证北向提供协同调度接口,用户身份凭据管理SA和统一用户认证SA调用协同调度接口,通知对应执行器完成凭据录入/修改/删除和身份认证操作 - 需在可信执行环境内实现头文件```common\hal\interface\coauth_interface.h``` 中定义的接口,保证认证执行器信息不可篡改,并在可信执行环境内校验认证执行器返回的结果 ## 相关仓 -- Gitee From e4eaef266106e4eea2d6a6f5983541dd00e21017 Mon Sep 17 00:00:00 2001 From: XiaoshuangMa Date: Mon, 17 Jan 2022 15:13:06 +0800 Subject: [PATCH 4/5] fix link error. Signed-off-by: XiaoshuangMa --- README.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index 91d3a1f..3fb133f 100644 --- a/README.md +++ b/README.md @@ -100,18 +100,18 @@ ### 使用说明 -- 协同认证SA南向提供执行器对接接口,各身份认证执行器调用资源管理接口完成认证执行器的注册 +- 协同认证SA提供执行器对接接口,各身份认证执行器调用资源管理接口完成认证执行器的注册 - 需在可信执行环境内实现头文件```common\hal\interface\coauth_interface.h``` 中定义的接口,保证认证执行器信息不可篡改,并在可信执行环境内校验认证执行器返回的结果 ## 相关仓 -**[useriam_coauth](https://gitee.com/openharmonys/useriam_coauth)** +**[useriam_coauth](https://gitee.com/openharmony-sig/useriam_coauth)** -[useriam_useridm](https://gitee.com/openharmony/useriam_useridm) +[useriam_useridm](https://gitee.com/openharmony-sig/useriam_useridm) -[useriam_userauth](https://gitee.com/openharmony/useriam_userauth) +[useriam_userauth](https://gitee.com/openharmony-sig/useriam_userauth) -[useriam_pinauth](https://gitee.com/openharmony/useriam_pinauth) +[useriam_pinauth](https://gitee.com/openharmony-sig/useriam_pinauth) [useriam_faceauth](https://gitee.com/openharmony/useriam_faceauth) -- Gitee From bcc619d7a23ec4e16740160adcb914bd15d0d44c Mon Sep 17 00:00:00 2001 From: XiaoshuangMa Date: Mon, 17 Jan 2022 16:27:16 +0800 Subject: [PATCH 5/5] fix readme file name. Signed-off-by: XiaoshuangMa --- README.en.md | 36 -------------- README.md | 129 ++++++++++----------------------------------------- README_ZH.md | 117 ++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 141 insertions(+), 141 deletions(-) delete mode 100644 README.en.md create mode 100644 README_ZH.md diff --git a/README.en.md b/README.en.md deleted file mode 100644 index 752cf33..0000000 --- a/README.en.md +++ /dev/null @@ -1,36 +0,0 @@ -# useriam_coauth - -#### Description -{**When you're done, you can delete the content in this README and update the file with details for others getting started with your repository**} - -#### Software Architecture -Software architecture description - -#### Installation - -1. xxxx -2. xxxx -3. xxxx - -#### Instructions - -1. xxxx -2. xxxx -3. xxxx - -#### Contribution - -1. Fork the repository -2. Create Feat_xxx branch -3. Commit your code -4. Create Pull Request - - -#### Gitee Feature - -1. You can use Readme\_XXX.md to support different languages, such as Readme\_en.md, Readme\_zh.md -2. Gitee blog [blog.gitee.com](https://blog.gitee.com) -3. Explore open source project [https://gitee.com/explore](https://gitee.com/explore) -4. The most valuable open source project [GVP](https://gitee.com/gvp) -5. The manual of Gitee [https://gitee.com/help](https://gitee.com/help) -6. The most popular members [https://gitee.com/gitee-stars/](https://gitee.com/gitee-stars/) diff --git a/README.md b/README.md index 3fb133f..752cf33 100644 --- a/README.md +++ b/README.md @@ -1,117 +1,36 @@ # useriam_coauth -- [简介](#简介) -- [目录](#目录) -- [编译构建](#编译构建) - - [准备](#准备) - - [获取源码](#获取源码) - - [编译构建](#编译构建) +#### Description +{**When you're done, you can delete the content in this README and update the file with details for others getting started with your repository**} -- [说明](#说明) - - [接口说明](#接口说明) - - [使用说明](#使用说明) -- [相关仓](#相关仓) +#### Software Architecture +Software architecture description +#### Installation -## 简介 +1. xxxx +2. xxxx +3. xxxx -**协同认证(coauth)**是用户IAM子系统的基础部件之一,提供系统内认证相关资源的统一管理和协同调度能力,当前支持口令认证和人脸认证的对接。 +#### Instructions -我们将设备上的一个用户身份认证单元,称为**认证执行器**。 +1. xxxx +2. xxxx +3. xxxx -协同认证定义了一套**资源管理**接口,新增的认证执行器在实现了认证资源管理定义的接口后,可以对接到协同认证框架上,从而为系统提供相关身份认证能力。 +#### Contribution -**图1** 协同认证架构图 +1. Fork the repository +2. Create Feat_xxx branch +3. Commit your code +4. Create Pull Request -coauth架构图 +#### Gitee Feature - -如图所示,OpenHarmony框架已经实现了协同认证的系统服务,并对上封装了协同调度和资源管理的接口。协同认证部件内部分功能需要厂商适配来达到更高的安全性要求。需要南向厂商适配的接口,在用户IAM Common HDI中有定义。 - -## 目录 - -```undefined -//base/user_iam/coauth -├── coauth.gni # 构建配置 -├── ohos.build # 组件描述文件 -├── frameworks # 框架代码 -├── interfaces # 对外接口存放目录 -│ └── innerkits # 对内部子系统暴露的头文件,供系统服务使用 -├── sa_profile # Service Ability 配置文件 -├── services # Service Ability 服务实现 -├── test # 测试代码存入目录 -└── utils # 工具代码存放目录 -``` - -## 编译构建 - - -### 准备 - -开发者需要在Linux上搭建编译环境: - -- [Ubuntu编译环境准备](https://gitee.com/openharmony/docs/blob/master/zh-cn/device-dev/quick-start/quickstart-lite-env-setup-linux.md) -- Hi3518EV300单板:参考[环境搭建](https://gitee.com/openharmony/docs/blob/master/zh-cn/device-dev/quick-start/quickstart-lite-steps-hi3518-setting.md) -- Hi3516DV300单板:参考[环境搭建](https://gitee.com/openharmony/docs/blob/master/zh-cn/device-dev/quick-start/quickstart-lite-steps-hi3516-setting.md) - -### 获取源码 - -在Linux服务器上下载并解压一套源代码,源码获取方式参考[源码获取](https://gitee.com/openharmony/docs/blob/master/zh-cn/device-dev/get-code/sourcecode-acquire.md)。 - -### 编译构建 - -开发者开发第一个应用程序可参考: - -- [helloworld for Hi3518EV300](https://gitee.com/openharmony/docs/blob/master/zh-cn/device-dev/quick-start/quickstart-lite-steps-hi3518-running.md) - -- [helloworld for Hi3516DV300](https://gitee.com/openharmony/docs/blob/master/zh-cn/device-dev/quick-start/quickstart-lite-steps-hi3516-running.md) - - -## 说明 - -### 接口说明 - -**表1** 资源管理接口 - -| 接口名 | 描述 | -| ------ | -------------------------------- | -| uint64_t Register(std::shared_ptr executorInfo, std::shared_ptr callback); | 注册接口,执行器传入基本信息和实现的回调函数 | -| void QueryStatus(AuthExecutor &executorInfo, std::shared_ptr callback); | 状态查询接口,查询当前执行器是否已经注册 | - -**表2** 执行器需要实现的回调接口 - -| 接口名 | 描述 | -| ------ | -------------------------------- | -| virtual void OnMessengerReady(const sptr<IExecutorMessenger> &messenger); | 通知执行器信使可用,传入信使(用于后续协同认证与执行器通信) | -| virtual int32_t OnBeginExecute(uint64_t scheduleId, std::vector &publicKey, std::shared_ptr commandAttrs); | 通知执行器开始执行认证相关操作,commandAttrs中传入本次操作的属性 | -| virtual int32_t OnEndExecute(uint64_t scheduleId, std::shared_ptr consumerAttr); | 通知执行器结束本次操作 | -| virtual int32_t OnSetProperty(std::shared_ptr properties); | 设置属性信息 | -| virtual int32_t OnGetProperty(std::shared_ptr conditions, std::shared_ptr values); | 获取属性信息 | - -**表3** 信使函数 - -| 接口名 | 描述 | -| ------------------------------------------------------------ | ------------------------------------------------------------ | -| virtual int32_t SendData(uint64_t scheduleId, uint64_t transNum, int32_t srcType, int32_t dstType, std::shared_ptr<AuthMessage> msg) override; | 发送消息,消息源为执行器,目的端为协同认证框架,消息内容由执行器指定,比如返回人脸认证过程中的提示信息(光线过暗) | -| virtual int32_t Finish(uint64_t scheduleId, int32_t srcType, int32_t resultCode, std::shared_ptr finalResult) override; | 操作结束,消息源为执行器,目的端为协同认证框架,消息内容为本次操作的最终结果 | - - - -### 使用说明 - -- 协同认证SA提供执行器对接接口,各身份认证执行器调用资源管理接口完成认证执行器的注册 -- 需在可信执行环境内实现头文件```common\hal\interface\coauth_interface.h``` 中定义的接口,保证认证执行器信息不可篡改,并在可信执行环境内校验认证执行器返回的结果 - -## 相关仓 - -**[useriam_coauth](https://gitee.com/openharmony-sig/useriam_coauth)** - -[useriam_useridm](https://gitee.com/openharmony-sig/useriam_useridm) - -[useriam_userauth](https://gitee.com/openharmony-sig/useriam_userauth) - -[useriam_pinauth](https://gitee.com/openharmony-sig/useriam_pinauth) - -[useriam_faceauth](https://gitee.com/openharmony/useriam_faceauth) - +1. You can use Readme\_XXX.md to support different languages, such as Readme\_en.md, Readme\_zh.md +2. Gitee blog [blog.gitee.com](https://blog.gitee.com) +3. Explore open source project [https://gitee.com/explore](https://gitee.com/explore) +4. The most valuable open source project [GVP](https://gitee.com/gvp) +5. The manual of Gitee [https://gitee.com/help](https://gitee.com/help) +6. The most popular members [https://gitee.com/gitee-stars/](https://gitee.com/gitee-stars/) diff --git a/README_ZH.md b/README_ZH.md new file mode 100644 index 0000000..3fb133f --- /dev/null +++ b/README_ZH.md @@ -0,0 +1,117 @@ +# useriam_coauth + +- [简介](#简介) +- [目录](#目录) +- [编译构建](#编译构建) + - [准备](#准备) + - [获取源码](#获取源码) + - [编译构建](#编译构建) + +- [说明](#说明) + - [接口说明](#接口说明) + - [使用说明](#使用说明) +- [相关仓](#相关仓) + + +## 简介 + +**协同认证(coauth)**是用户IAM子系统的基础部件之一,提供系统内认证相关资源的统一管理和协同调度能力,当前支持口令认证和人脸认证的对接。 + +我们将设备上的一个用户身份认证单元,称为**认证执行器**。 + +协同认证定义了一套**资源管理**接口,新增的认证执行器在实现了认证资源管理定义的接口后,可以对接到协同认证框架上,从而为系统提供相关身份认证能力。 + +**图1** 协同认证架构图 + +coauth架构图 + + + +如图所示,OpenHarmony框架已经实现了协同认证的系统服务,并对上封装了协同调度和资源管理的接口。协同认证部件内部分功能需要厂商适配来达到更高的安全性要求。需要南向厂商适配的接口,在用户IAM Common HDI中有定义。 + +## 目录 + +```undefined +//base/user_iam/coauth +├── coauth.gni # 构建配置 +├── ohos.build # 组件描述文件 +├── frameworks # 框架代码 +├── interfaces # 对外接口存放目录 +│ └── innerkits # 对内部子系统暴露的头文件,供系统服务使用 +├── sa_profile # Service Ability 配置文件 +├── services # Service Ability 服务实现 +├── test # 测试代码存入目录 +└── utils # 工具代码存放目录 +``` + +## 编译构建 + + +### 准备 + +开发者需要在Linux上搭建编译环境: + +- [Ubuntu编译环境准备](https://gitee.com/openharmony/docs/blob/master/zh-cn/device-dev/quick-start/quickstart-lite-env-setup-linux.md) +- Hi3518EV300单板:参考[环境搭建](https://gitee.com/openharmony/docs/blob/master/zh-cn/device-dev/quick-start/quickstart-lite-steps-hi3518-setting.md) +- Hi3516DV300单板:参考[环境搭建](https://gitee.com/openharmony/docs/blob/master/zh-cn/device-dev/quick-start/quickstart-lite-steps-hi3516-setting.md) + +### 获取源码 + +在Linux服务器上下载并解压一套源代码,源码获取方式参考[源码获取](https://gitee.com/openharmony/docs/blob/master/zh-cn/device-dev/get-code/sourcecode-acquire.md)。 + +### 编译构建 + +开发者开发第一个应用程序可参考: + +- [helloworld for Hi3518EV300](https://gitee.com/openharmony/docs/blob/master/zh-cn/device-dev/quick-start/quickstart-lite-steps-hi3518-running.md) + +- [helloworld for Hi3516DV300](https://gitee.com/openharmony/docs/blob/master/zh-cn/device-dev/quick-start/quickstart-lite-steps-hi3516-running.md) + + +## 说明 + +### 接口说明 + +**表1** 资源管理接口 + +| 接口名 | 描述 | +| ------ | -------------------------------- | +| uint64_t Register(std::shared_ptr executorInfo, std::shared_ptr callback); | 注册接口,执行器传入基本信息和实现的回调函数 | +| void QueryStatus(AuthExecutor &executorInfo, std::shared_ptr callback); | 状态查询接口,查询当前执行器是否已经注册 | + +**表2** 执行器需要实现的回调接口 + +| 接口名 | 描述 | +| ------ | -------------------------------- | +| virtual void OnMessengerReady(const sptr<IExecutorMessenger> &messenger); | 通知执行器信使可用,传入信使(用于后续协同认证与执行器通信) | +| virtual int32_t OnBeginExecute(uint64_t scheduleId, std::vector &publicKey, std::shared_ptr commandAttrs); | 通知执行器开始执行认证相关操作,commandAttrs中传入本次操作的属性 | +| virtual int32_t OnEndExecute(uint64_t scheduleId, std::shared_ptr consumerAttr); | 通知执行器结束本次操作 | +| virtual int32_t OnSetProperty(std::shared_ptr properties); | 设置属性信息 | +| virtual int32_t OnGetProperty(std::shared_ptr conditions, std::shared_ptr values); | 获取属性信息 | + +**表3** 信使函数 + +| 接口名 | 描述 | +| ------------------------------------------------------------ | ------------------------------------------------------------ | +| virtual int32_t SendData(uint64_t scheduleId, uint64_t transNum, int32_t srcType, int32_t dstType, std::shared_ptr<AuthMessage> msg) override; | 发送消息,消息源为执行器,目的端为协同认证框架,消息内容由执行器指定,比如返回人脸认证过程中的提示信息(光线过暗) | +| virtual int32_t Finish(uint64_t scheduleId, int32_t srcType, int32_t resultCode, std::shared_ptr finalResult) override; | 操作结束,消息源为执行器,目的端为协同认证框架,消息内容为本次操作的最终结果 | + + + +### 使用说明 + +- 协同认证SA提供执行器对接接口,各身份认证执行器调用资源管理接口完成认证执行器的注册 +- 需在可信执行环境内实现头文件```common\hal\interface\coauth_interface.h``` 中定义的接口,保证认证执行器信息不可篡改,并在可信执行环境内校验认证执行器返回的结果 + +## 相关仓 + +**[useriam_coauth](https://gitee.com/openharmony-sig/useriam_coauth)** + +[useriam_useridm](https://gitee.com/openharmony-sig/useriam_useridm) + +[useriam_userauth](https://gitee.com/openharmony-sig/useriam_userauth) + +[useriam_pinauth](https://gitee.com/openharmony-sig/useriam_pinauth) + +[useriam_faceauth](https://gitee.com/openharmony/useriam_faceauth) + -- Gitee