diff --git a/src/main/java/net/gepafin/tendermanagement/config/SamlConfig.java b/src/main/java/net/gepafin/tendermanagement/config/SamlConfig.java index 67fd71e0..c66e26f1 100644 --- a/src/main/java/net/gepafin/tendermanagement/config/SamlConfig.java +++ b/src/main/java/net/gepafin/tendermanagement/config/SamlConfig.java @@ -49,6 +49,12 @@ public class SamlConfig { @Value("${base-url}") String baseUrl; + + @Value("${spid.ipd.base.url}") + String ipdBaseUrl; + + @Value("${active.profile.folder}") + String activeProfileFolder; @Bean public RelyingPartyRegistrationRepository relyingPartyRegistrationRepository() { @@ -66,8 +72,8 @@ public class SamlConfig { } }) .assertionConsumerServiceLocation(acsUrl) - .assertingPartyDetails(details -> details.entityId("https://federatest.umbriadigitale.it/gw/metadata") - .singleSignOnServiceLocation("https://federatest.umbriadigitale.it/gw/SSOProxy/SAML2") + .assertingPartyDetails(details -> details.entityId(ipdBaseUrl + "/gw/metadata") + .singleSignOnServiceLocation(ipdBaseUrl + "/gw/SSOProxy/SAML2") .singleSignOnServiceBinding(Saml2MessageBinding.POST) .wantAuthnRequestsSigned(true) .verificationX509Credentials(credentials -> { @@ -133,8 +139,8 @@ public Saml2AuthenticationRequestResolver authenticationRequestResolver(RelyingP authnRequest.setRequestedAuthnContext(buildRequestedAuthnContext()); // Log the SAML AuthnRequest after setting context -// String samlRequest = SamlRequestLogger.convertSAMLObjectToString(authnRequest); - logger.info("SAML Authentication Request."); + String samlRequest = SamlRequestLogger.convertSAMLObjectToString(authnRequest); + logger.info("SAML AuthnRequest after setting context: " + samlRequest); }); return authenticationRequestResolver; @@ -158,7 +164,7 @@ private RequestedAuthnContext buildRequestedAuthnContext() { public PrivateKey readPrivateKey() throws Exception { // Path to your private key PEM file - try (PemReader pemReader = new PemReader(new InputStreamReader(readKey("dev/saml/private-key.pem")))) { + try (PemReader pemReader = new PemReader(new InputStreamReader(readKey(activeProfileFolder + "/saml/private-key.pem")))) { // Read the PEM content byte[] pemContent = pemReader.readPemObject().getContent(); // Decode the PEM content @@ -170,7 +176,7 @@ private RequestedAuthnContext buildRequestedAuthnContext() { } public X509Certificate readCertificate() throws Exception { // Path to your certificate PEM fileFile - try (InputStream inStream = readKey("dev/saml/public-cert.pem")) { + try (InputStream inStream = readKey(activeProfileFolder + "/saml/public-cert.pem")) { CertificateFactory certFactory = CertificateFactory.getInstance("X.509"); return (X509Certificate) certFactory.generateCertificate(inStream); } @@ -178,7 +184,7 @@ private RequestedAuthnContext buildRequestedAuthnContext() { public X509Certificate readIdpCertificate() throws Exception { // Path to your IDP public certificate PEM file - try (InputStream inStream = readKey("dev/saml/idp-certificate.pem")) { + try (InputStream inStream = readKey(activeProfileFolder + "/saml/idp-certificate.pem")) { CertificateFactory certFactory = CertificateFactory.getInstance("X.509"); return (X509Certificate) certFactory.generateCertificate(inStream); } diff --git a/src/main/java/net/gepafin/tendermanagement/config/SamlSuccessHandler.java b/src/main/java/net/gepafin/tendermanagement/config/SamlSuccessHandler.java index 37aec12f..868b0eae 100644 --- a/src/main/java/net/gepafin/tendermanagement/config/SamlSuccessHandler.java +++ b/src/main/java/net/gepafin/tendermanagement/config/SamlSuccessHandler.java @@ -45,6 +45,7 @@ public class SamlSuccessHandler implements AuthenticationSuccessHandler { public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException { try { + logger.info("SAML login in Authentication Success Handler"); Saml2Authentication samlAuth = (Saml2Authentication) authentication; Saml2AuthenticatedPrincipal principal = (Saml2AuthenticatedPrincipal) samlAuth.getPrincipal(); diff --git a/src/main/java/net/gepafin/tendermanagement/dao/UserDao.java b/src/main/java/net/gepafin/tendermanagement/dao/UserDao.java index 8ce47e3b..53825d01 100644 --- a/src/main/java/net/gepafin/tendermanagement/dao/UserDao.java +++ b/src/main/java/net/gepafin/tendermanagement/dao/UserDao.java @@ -10,12 +10,14 @@ import net.gepafin.tendermanagement.entities.UserEntity; import net.gepafin.tendermanagement.enums.RoleStatusEnum; import net.gepafin.tendermanagement.enums.UserStatusEnum; import net.gepafin.tendermanagement.model.request.*; +import net.gepafin.tendermanagement.model.response.CompanyResponse; import net.gepafin.tendermanagement.model.response.RoleResponseBean; import net.gepafin.tendermanagement.model.response.UserSamlResponse; import net.gepafin.tendermanagement.model.response.UserResponseBean; import net.gepafin.tendermanagement.model.util.JWTToken; import net.gepafin.tendermanagement.repositories.BeneficiaryRepository; import net.gepafin.tendermanagement.repositories.UserRepository; +import net.gepafin.tendermanagement.service.CompanyService; import net.gepafin.tendermanagement.service.impl.AuthenticationService; import net.gepafin.tendermanagement.util.Utils; import net.gepafin.tendermanagement.web.rest.api.errors.CustomValidationException; @@ -27,18 +29,22 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.security.crypto.password.PasswordEncoder; +import org.springframework.stereotype.Component; import org.springframework.stereotype.Repository; +import java.util.List; + import static net.gepafin.tendermanagement.util.Utils.setIfUpdated; -@Repository +@Component public class UserDao { private final Logger log = LoggerFactory.getLogger(UserDao.class); @Autowired private UserRepository userRepository; - + @Autowired + private CompanyDao companyDao; @Autowired private AuthenticationService authService; @@ -77,8 +83,9 @@ public class UserDao { beneficiaryEntity.setLastName(userReq.getLastName()); beneficiaryEntity.setOrganization(userReq.getOrganization()); beneficiaryEntity.setPhoneNumber(userReq.getPhoneNumber()); + beneficiaryEntity =beneficiaryRepository.save(beneficiaryEntity); } - return beneficiaryRepository.save(beneficiaryEntity); + return beneficiaryEntity; } private void validateUserRequest(String tempToken, UserReq userReq) { @@ -188,6 +195,8 @@ public class UserDao { RoleResponseBean roleResponseBean = roleDao.convertRoleEntityToRoleResponse(userEntity.getRoleEntity()); userResponseBean.setRole(roleResponseBean); userResponseBean.setLastLogin(userEntity.getLastLogin()); + List companyResponseBeans = companyDao.getCompanyByUserId(userEntity.getId()); + userResponseBean.setCompanies(companyResponseBeans); if (userEntity.getBeneficiary() == null) { userResponseBean.setFirstName(userEntity.getFirstName()); userResponseBean.setLastName(userEntity.getLastName()); diff --git a/src/main/java/net/gepafin/tendermanagement/model/response/LoginResponse.java b/src/main/java/net/gepafin/tendermanagement/model/response/LoginResponse.java index 6317724e..d9cf63e9 100644 --- a/src/main/java/net/gepafin/tendermanagement/model/response/LoginResponse.java +++ b/src/main/java/net/gepafin/tendermanagement/model/response/LoginResponse.java @@ -6,6 +6,7 @@ import lombok.NoArgsConstructor; import lombok.Setter; import java.time.LocalDateTime; +import java.util.List; @Getter @Setter @@ -43,4 +44,6 @@ public class LoginResponse { private LocalDateTime createdDate; private LocalDateTime updatedDate; + + private List companies; } diff --git a/src/main/java/net/gepafin/tendermanagement/model/response/UserResponseBean.java b/src/main/java/net/gepafin/tendermanagement/model/response/UserResponseBean.java index 565e2561..c0457120 100644 --- a/src/main/java/net/gepafin/tendermanagement/model/response/UserResponseBean.java +++ b/src/main/java/net/gepafin/tendermanagement/model/response/UserResponseBean.java @@ -6,6 +6,7 @@ import net.gepafin.tendermanagement.enums.UserStatusEnum; import net.gepafin.tendermanagement.model.BaseBean; import java.time.LocalDateTime; +import java.util.List; @Getter @Setter @@ -37,4 +38,5 @@ public class UserResponseBean extends BaseBean { private LocalDateTime dateOfBirth; + private List companies; } diff --git a/src/main/java/net/gepafin/tendermanagement/service/impl/AuthenticationService.java b/src/main/java/net/gepafin/tendermanagement/service/impl/AuthenticationService.java index 96c0ce05..a84b325c 100644 --- a/src/main/java/net/gepafin/tendermanagement/service/impl/AuthenticationService.java +++ b/src/main/java/net/gepafin/tendermanagement/service/impl/AuthenticationService.java @@ -5,11 +5,13 @@ import jakarta.servlet.http.HttpServletResponse; import net.gepafin.tendermanagement.config.Translator; import net.gepafin.tendermanagement.config.jwt.TokenProvider; import net.gepafin.tendermanagement.constants.GepafinConstant; +import net.gepafin.tendermanagement.dao.CompanyDao; import net.gepafin.tendermanagement.dao.RoleDao; import net.gepafin.tendermanagement.entities.SamlResponseEntity; import net.gepafin.tendermanagement.entities.UserEntity; import net.gepafin.tendermanagement.enums.UserStatusEnum; import net.gepafin.tendermanagement.model.request.LoginReq; +import net.gepafin.tendermanagement.model.response.CompanyResponse; import net.gepafin.tendermanagement.model.response.LoginResponse; import net.gepafin.tendermanagement.model.response.RoleResponseBean; import net.gepafin.tendermanagement.model.response.UserSamlResponse; @@ -42,13 +44,15 @@ public class AuthenticationService { private final TokenProvider tokenProvider; private final AuthenticationManager authenticationManager; + @Autowired + private CompanyDao companyDao; @Autowired private UserRepository userRepository; @Autowired private RoleDao roleDao; - + @Autowired private SamlResponseRepository samlResponseLogRepository; @@ -90,10 +94,12 @@ public class AuthenticationService { return jwtToken; } - private static LoginResponse getLoginResponse(UserEntity user, RoleResponseBean roleResponseBean) { + private LoginResponse getLoginResponse(UserEntity user, RoleResponseBean roleResponseBean) { LoginResponse loginResponse = new LoginResponse(); loginResponse.setEmail(user.getEmail()); loginResponse.setId(user.getId()); + List companyResponseBeans = companyDao.getCompanyByUserId(user.getId()); + loginResponse.setCompanies(companyResponseBeans); loginResponse.setRole(roleResponseBean); loginResponse.setStatus(user.getStatus()); loginResponse.setLastLogin(user.getLastLogin()); diff --git a/src/main/resources/application-production.properties b/src/main/resources/application-production.properties index 8de9367a..f4ea18fa 100644 --- a/src/main/resources/application-production.properties +++ b/src/main/resources/application-production.properties @@ -9,4 +9,8 @@ spring.h2.console.enabled=true base-url=http://bandi-api.gepafin.it isVatCheckGloballyDisabled = false -fe.base.url=http://bandi.gepafin.it \ No newline at end of file +fe.base.url=http://gepafin-production-fe.s3-website.eu-central-1.amazonaws.com + +#SPID configuration +spid.ipd.base.url=https://login.regione.umbria.it +active.profile.folder=production \ No newline at end of file diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties index 1c16a251..3ce9ed17 100644 --- a/src/main/resources/application.properties +++ b/src/main/resources/application.properties @@ -44,3 +44,7 @@ isVatCheckGloballyDisabled = true vatCheckNewToken: 66026bd891a51044e90e08c4 fe.base.url=http://gepafin-staging-fe.s3-website.eu-central-1.amazonaws.com +#SPID configuration +spid.ipd.base.url=https://federatest.umbriadigitale.it +active.profile.folder=dev + diff --git a/src/main/resources/production/saml/idp-certificate.pem b/src/main/resources/production/saml/idp-certificate.pem new file mode 100644 index 00000000..dd9e7b96 --- /dev/null +++ b/src/main/resources/production/saml/idp-certificate.pem @@ -0,0 +1,3 @@ +-----BEGIN CERTIFICATE----- +MIIHBzCCBe+gAwIBAgIQBa/5uQoACfZc0a+0cFPKaDANBgkqhkiG9w0BAQsFADBwMQswCQYDVQQG EwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMS8w LQYDVQQDEyZEaWdpQ2VydCBTSEEyIEhpZ2ggQXNzdXJhbmNlIFNlcnZlciBDQTAeFw0xNDAyMDMw MDAwMDBaFw0xNzAyMDcxMjAwMDBaMIGRMQswCQYDVQQGEwJJVDEOMAwGA1UECBMFSXRhbHkxEDAO BgNVBAcTB1BlcnVnaWExFzAVBgNVBAoTDlJlZ2lvbmUgVW1icmlhMSkwJwYDVQQLEyBTZXJ2aXpp byBJbmZyYXN0cnV0dHVyZSBEaWdpdGFsaTEcMBoGA1UEAwwTKi5yZWdpb25lLnVtYnJpYS5pdDCC ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALx+hg0/SsF+kpakHw24sO8LFawtMiILsEKS jLbqU8LjUcvDj50CVDa/jz21OwdBfCEB6SBVEKp0a61x5RZFKBUnL795y7Na56VWzqA0kyLg7QNn 73Tu0SJPRF0Hm+2ePLLypU+TkIFfC85GO5iXn82E5rb6XRA8blLj/GauQ0DSHkY3ZTQGGzN3La9a ZJ1Tl80cIATY10iuwQdVkLXRx8VriVrS4jVJOOl8vGJ4VWLVwGYUkhmwvoR/zfeNkSQe7USjHmdf Zm4lLMYZjLM0S2wJMRQbj3MscVBKaXMHc6POqMlKrgO1nRK4/1dRYtnJeMCK/uK/ms/MYpxIX2ZG G/MCAwEAAaOCA3kwggN1MB8GA1UdIwQYMBaAFFFo/5CvAgd1PMzZZWRiohK4WXI7MB0GA1UdDgQW BBShweIeUSOk3EJgXqB9164xrkURDDAxBgNVHREEKjAoghMqLnJlZ2lvbmUudW1icmlhLml0ghFy ZWdpb25lLnVtYnJpYS5pdDAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsG AQUFBwMCMHUGA1UdHwRuMGwwNKAyoDCGLmh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9zaGEyLWhh LXNlcnZlci1nMS5jcmwwNKAyoDCGLmh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9zaGEyLWhhLXNl cnZlci1nMS5jcmwwggHEBgNVHSAEggG7MIIBtzCCAbMGCWCGSAGG/WwBATCCAaQwOgYIKwYBBQUH AgEWLmh0dHA6Ly93d3cuZGlnaWNlcnQuY29tL3NzbC1jcHMtcmVwb3NpdG9yeS5odG0wggFkBggr BgEFBQcCAjCCAVYeggFSAEEAbgB5ACAAdQBzAGUAIABvAGYAIAB0AGgAaQBzACAAQwBlAHIAdABp AGYAaQBjAGEAdABlACAAYwBvAG4AcwB0AGkAdAB1AHQAZQBzACAAYQBjAGMAZQBwAHQAYQBuAGMA ZQAgAG8AZgAgAHQAaABlACAARABpAGcAaQBDAGUAcgB0ACAAQwBQAC8AQwBQAFMAIABhAG4AZAAg AHQAaABlACAAUgBlAGwAeQBpAG4AZwAgAFAAYQByAHQAeQAgAEEAZwByAGUAZQBtAGUAbgB0ACAA dwBoAGkAYwBoACAAbABpAG0AaQB0ACAAbABpAGEAYgBpAGwAaQB0AHkAIABhAG4AZAAgAGEAcgBl ACAAaQBuAGMAbwByAHAAbwByAGEAdABlAGQAIABoAGUAcgBlAGkAbgAgAGIAeQAgAHIAZQBmAGUA cgBlAG4AYwBlAC4wgYMGCCsGAQUFBwEBBHcwdTAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlM aWNlcnQuY29tME0GCCsGAQUFBzAChkFodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNl cnRTSEEySGlnaEFzc3VyYW5jZVNlcnZlckNBLmNydDAMBgNVHRMBAf8EAjAAMA0GCSqGSIb3DQEB CwUAA4IBAQBPWrp7uoj9qX8h+7iGwyNOB7274/GDQZSqnk52FTQ3Qi8AzM7YV/tNDZG2j1Ran7vG /q214cqsv/gtyxSBfRR4/WgGCIylw5uZv35FsEC0lyAyPJGLKsZSMALqKkeBGQlzsmkNo7TyZgQV XMzoeuQz2mocC+ShpQjn4Uug/FptmbnYKCiKFShc0IAwAj5+U3kPmOhskml2tj+BTXDKpq4m9onY C8eN928I7tkJPvCYGDwdsBkf3EHyM/AUB4oZ/zcnT/8F7SoRfexmD9Eojslzs+hEMKkKg7M/UxJt ySAVQF/BznGvWiWfZtHrtvBCKgXsvUJ3h/7M/SqtRQnpNZ0C +-----END CERTIFICATE----- diff --git a/src/main/resources/production/saml/private-key.pem b/src/main/resources/production/saml/private-key.pem new file mode 100644 index 00000000..12869e56 --- /dev/null +++ b/src/main/resources/production/saml/private-key.pem @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCKHE1L4E95N6jG +4bED1vd7c5ZMry6J0qIqojpHAzG1YIEtfL28twxBfN9voNhFL9TD6dGsfWDwYaa7 +LXyMAHLRi7pI+sH852d7sq3xRd1ynKDmt+cU+6kMlDtUPulkbzeU9Z0lGFuS9qJw +CdjYliCuwUxwJsU3tVHTHlV8nAz5RaXw31Gl6u11QpgxLPeFP5AUWHzfduTA2Wr0 +5ePtx5iuMj1oIMv0o50DJaqGmCKtQAtGZMGSKIrtXhLerUAfEteH6M+6POzoKg0F +ZyfLEiuqAE1Ymt16P5PLfTPjRHz4XRBCcd6a+iAAvIpG0yQE9dS7PfNtY1akk51J +La150Ef1AgMBAAECggEAIH3MCX+58rCPekp6VIbsLhThVSUZc78j+5ey0iYEOcF8 +YnEoSg9eSMHR5vcWKiC4k2act1G/zo2KphprZJxuZrHSn3yuyoq+I7HDjjF7iY0j +pWO6b4tNF/J/irBKRCCOGPM3hxSV5pszV9xZMYsQIUzEaNYWK6bymxJV1jz4KGRL +w3nPIpeu8MwMZwOzQwz980bZ2vbr67Ft3GmsflKzM5SesmsW8ZyaYbVfHExvfQxV +nsf9ya0PLQqE9Gi81xY1sVkL3V+niU+AXYZ3w/neuXPz6eaJrxlu4hFdJifWlrQV +vW7mgfOmUuR/bEXr/1c95nZQykobrMqHCRVPpfesQQKBgQDCBrlYKD1XJXfXENnG +32O3TksbxVtL0Eyw1lstp20j6txetHn3F/rx/SFy70J02r2jdFHeP/V1iLrEJ81/ +5QVpsA+Au5Oxwdfee/izUFqhXwSpgvtLoVypBUNcglw/qi2tCKrL10nb0i+bocoD +PGaTIECJ0MWUxTX3SrzqC8XX2QKBgQC2OWw7gGu12eutQBHujTbaZXhjwv2QEBup +UZcVYeVn8KrPrK5621aLgQXUq5Db7GoelB09SXOoqy04WZkYy5XeF+ULRtz0M5ZD +cNgAaQXuuZZdxKWFVXbK1iliGJjcMkd9PEpx5BjM49Gq2r5n3FS5KK9A44iSPMbB +IZoYWsIbfQKBgQCeME08itI4Etw6BAsKEWeDM9oYsjdVAGcGZj3AYxigiANTU2F9 +C5gVY4O56UgNbanfch6tTQga43ciJjFtbJOVL230TvqDmr8dLYX+7Cx4FLgAXEH1 +z4F0bE4XRlFftqe2w7I8rzIQfrVB9g51xPD8UvdLZWMxf/gXvl93klGjQQKBgQCw +JWv5TJdR73jBPZjX50up68JndRrUwq1qjAMm2T3/roX/QCZdfl73dV4kiT/7R1oB +ex2Um8cguW959Cpo7ItPZ/uxXevCZ4eOY6t5IgxpCp9OvwNdkxLE2iagu7Qvzq6K +Ydh4pYxPqr2HkfHSxgpj/e8DI69l5TgfgxLJDhpqpQKBgAgSgck834l8lNZwVPa8 ++Vi9nOtoWy7pyf8pv7sDEKcVkTmUU6+53eZoccW8AUu6ilL1PtrQ7cNPTJcUom80 +IVyJsVTQjDy17mj1DU8Fw15pjFWE4zRfQo9vondblJaxs9aIIG/6x9vDQVjN0hwe +jTOz1k3Du8fEEpKQMgn97J/+ +-----END PRIVATE KEY----- diff --git a/src/main/resources/production/saml/public-cert.pem b/src/main/resources/production/saml/public-cert.pem new file mode 100644 index 00000000..55254d2d --- /dev/null +++ b/src/main/resources/production/saml/public-cert.pem @@ -0,0 +1,24 @@ +-----BEGIN CERTIFICATE----- +MIID7TCCAtWgAwIBAgIUQ2G093CKO3nbHlyw68f5998BIjkwDQYJKoZIhvcNAQEL +BQAwgYUxCzAJBgNVBAYTAklUMQ4wDAYDVQQIDAVJdGFseTEQMA4GA1UEBwwHUGVy +dWdpYTEQMA4GA1UECgwHR2VwYWZpbjELMAkGA1UECwwCSVQxEDAOBgNVBAMMB0dl +cGFmaW4xIzAhBgkqhkiG9w0BCQEWFGMubW9yZXR0aUBnZXBhZmluLml0MB4XDTI0 +MTAwMTA5MjIwMloXDTI1MTAwMTA5MjIwMlowgYUxCzAJBgNVBAYTAklUMQ4wDAYD +VQQIDAVJdGFseTEQMA4GA1UEBwwHUGVydWdpYTEQMA4GA1UECgwHR2VwYWZpbjEL +MAkGA1UECwwCSVQxEDAOBgNVBAMMB0dlcGFmaW4xIzAhBgkqhkiG9w0BCQEWFGMu +bW9yZXR0aUBnZXBhZmluLml0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC +AQEAihxNS+BPeTeoxuGxA9b3e3OWTK8uidKiKqI6RwMxtWCBLXy9vLcMQXzfb6DY +RS/Uw+nRrH1g8GGmuy18jABy0Yu6SPrB/Odne7Kt8UXdcpyg5rfnFPupDJQ7VD7p +ZG83lPWdJRhbkvaicAnY2JYgrsFMcCbFN7VR0x5VfJwM+UWl8N9RpertdUKYMSz3 +hT+QFFh833bkwNlq9OXj7ceYrjI9aCDL9KOdAyWqhpgirUALRmTBkiiK7V4S3q1A +HxLXh+jPujzs6CoNBWcnyxIrqgBNWJrdej+Ty30z40R8+F0QQnHemvogALyKRtMk +BPXUuz3zbWNWpJOdSS2tedBH9QIDAQABo1MwUTAdBgNVHQ4EFgQUQ+GP6sby5ZQX +KTgq0/MsCWfdcHcwHwYDVR0jBBgwFoAUQ+GP6sby5ZQXKTgq0/MsCWfdcHcwDwYD +VR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAWnzvIOhK4Z/GQA2H0jb+ +tkpPiwXucybEEOwQyb6+ErNGLjM7aj/HXJv70zibchmuPN5yd6C9dmrlajf/qLFz +T+Dfy6zl3r0mNErcT/bgaJzVA87u0z2/DRP77XqwV23zDGK56bp8G2C1nZGq6x2k +zswESJYBquXtBWNEJnreDKOLic9AucSyf8T0C9aeWhC8L0Hz4Bd825J2n54L4YZD +ShkCDSdCOZVdaZNikRv+KyD1SI6HM3KeUNNknW6z7g2jb5PG4dn5U9+lpzOsfoYD +QEBrNG8qFZ7k9DYzh8l1dTo9izSNmudaiyjhgFw+5DZ0pcrhti6h3hnPPysSA8q/ +Mg== +-----END CERTIFICATE-----