From 25dea603eef99c7b7ca25eb1d2ba8104a2816f2a Mon Sep 17 00:00:00 2001
From: Roman Zabaluev <gpg@haarolean.dev>
Date: Fri, 25 Oct 2024 22:10:09 +0300
Subject: [PATCH 01/15] Misc

---
 .../{AuthController.java => AuthenticationController.java}    | 4 ++--
 .../{AccessController.java => AuthorizationController.java}   | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)
 rename api/src/main/java/io/kafbat/ui/controller/{AuthController.java => AuthenticationController.java} (97%)
 rename api/src/main/java/io/kafbat/ui/controller/{AccessController.java => AuthorizationController.java} (97%)

diff --git a/api/src/main/java/io/kafbat/ui/controller/AuthController.java b/api/src/main/java/io/kafbat/ui/controller/AuthenticationController.java
similarity index 97%
rename from api/src/main/java/io/kafbat/ui/controller/AuthController.java
rename to api/src/main/java/io/kafbat/ui/controller/AuthenticationController.java
index e4532dda3..b50c64546 100644
--- a/api/src/main/java/io/kafbat/ui/controller/AuthController.java
+++ b/api/src/main/java/io/kafbat/ui/controller/AuthenticationController.java
@@ -13,13 +13,13 @@
 @RestController
 @RequiredArgsConstructor
 @Slf4j
-public class AuthController {
+public class AuthenticationController {
 
   @GetMapping(value = "/auth", produces = {"text/html"})
   public Mono<byte[]> getAuth(ServerWebExchange exchange) {
     Mono<CsrfToken> token = exchange.getAttributeOrDefault(CsrfToken.class.getName(), Mono.empty());
     return token
-        .map(AuthController::csrfToken)
+        .map(AuthenticationController::csrfToken)
         .defaultIfEmpty("")
         .map(csrfTokenHtmlInput -> createPage(exchange, csrfTokenHtmlInput));
   }
diff --git a/api/src/main/java/io/kafbat/ui/controller/AccessController.java b/api/src/main/java/io/kafbat/ui/controller/AuthorizationController.java
similarity index 97%
rename from api/src/main/java/io/kafbat/ui/controller/AccessController.java
rename to api/src/main/java/io/kafbat/ui/controller/AuthorizationController.java
index 5833f2e3c..ea1ef7739 100644
--- a/api/src/main/java/io/kafbat/ui/controller/AccessController.java
+++ b/api/src/main/java/io/kafbat/ui/controller/AuthorizationController.java
@@ -26,7 +26,7 @@
 @RestController
 @RequiredArgsConstructor
 @Slf4j
-public class AccessController implements AuthorizationApi {
+public class AuthorizationController implements AuthorizationApi {
 
   private final AccessControlService accessControlService;
 

From 1e668f8910805623ef700c8ca52de8e215d7a504 Mon Sep 17 00:00:00 2001
From: Roman Zabaluev <gpg@haarolean.dev>
Date: Sat, 26 Oct 2024 01:07:44 +0300
Subject: [PATCH 02/15] Impl authentication page backend

---
 .../auth/AbstractAuthSecurityConfig.java      |  3 +-
 .../ApplicationConfigController.java          | 10 +++-
 .../ui/service/ApplicationInfoService.java    | 47 ++++++++++++++++++-
 .../main/resources/swagger/kafbat-ui-api.yaml | 42 ++++++++++++++++-
 4 files changed, 98 insertions(+), 4 deletions(-)

diff --git a/api/src/main/java/io/kafbat/ui/config/auth/AbstractAuthSecurityConfig.java b/api/src/main/java/io/kafbat/ui/config/auth/AbstractAuthSecurityConfig.java
index f23a0dd2a..dc58a7299 100644
--- a/api/src/main/java/io/kafbat/ui/config/auth/AbstractAuthSecurityConfig.java
+++ b/api/src/main/java/io/kafbat/ui/config/auth/AbstractAuthSecurityConfig.java
@@ -18,7 +18,8 @@ protected AbstractAuthSecurityConfig() {
       "/login",
       "/logout",
       "/oauth2/**",
-      "/static/**"
+      "/static/**",
+      "/api/config/authentication"
   };
 
 }
diff --git a/api/src/main/java/io/kafbat/ui/controller/ApplicationConfigController.java b/api/src/main/java/io/kafbat/ui/controller/ApplicationConfigController.java
index 5d5d4ed98..e8d763545 100644
--- a/api/src/main/java/io/kafbat/ui/controller/ApplicationConfigController.java
+++ b/api/src/main/java/io/kafbat/ui/controller/ApplicationConfigController.java
@@ -6,6 +6,7 @@
 import io.kafbat.ui.api.ApplicationConfigApi;
 import io.kafbat.ui.config.ClustersProperties;
 import io.kafbat.ui.model.ActionDTO;
+import io.kafbat.ui.model.AppAuthenticationSettingsDTO;
 import io.kafbat.ui.model.ApplicationConfigDTO;
 import io.kafbat.ui.model.ApplicationConfigPropertiesDTO;
 import io.kafbat.ui.model.ApplicationConfigValidationDTO;
@@ -66,6 +67,13 @@ public Mono<ResponseEntity<ApplicationInfoDTO>> getApplicationInfo(ServerWebExch
     return Mono.just(applicationInfoService.getApplicationInfo()).map(ResponseEntity::ok);
   }
 
+  @Override
+  public Mono<ResponseEntity<AppAuthenticationSettingsDTO>> getAuthenticationSettings(
+      ServerWebExchange exchange) {
+    return Mono.just(applicationInfoService.getAuthenticationProperties())
+        .map(ResponseEntity::ok);
+  }
+
   @Override
   public Mono<ResponseEntity<ApplicationConfigDTO>> getCurrentConfig(ServerWebExchange exchange) {
     var context = AccessContext.builder()
@@ -109,7 +117,7 @@ public Mono<ResponseEntity<UploadedFileInfoDTO>> uploadConfigRelatedFile(Flux<Pa
         .then(fileFlux.single())
         .flatMap(file ->
             dynamicConfigOperations.uploadConfigRelatedFile((FilePart) file)
-                .map(path -> new UploadedFileInfoDTO().location(path.toString()))
+                .map(path -> new UploadedFileInfoDTO(path.toString()))
                 .map(ResponseEntity::ok))
         .doOnEach(sig -> audit(context, sig));
   }
diff --git a/api/src/main/java/io/kafbat/ui/service/ApplicationInfoService.java b/api/src/main/java/io/kafbat/ui/service/ApplicationInfoService.java
index 0a04ce9d6..7cc7e3e41 100644
--- a/api/src/main/java/io/kafbat/ui/service/ApplicationInfoService.java
+++ b/api/src/main/java/io/kafbat/ui/service/ApplicationInfoService.java
@@ -1,36 +1,49 @@
 package io.kafbat.ui.service;
 
+import static io.kafbat.ui.api.model.AuthType.DISABLED;
+import static io.kafbat.ui.api.model.AuthType.OAUTH2;
 import static io.kafbat.ui.model.ApplicationInfoDTO.EnabledFeaturesEnum;
 
+import com.google.common.collect.Streams;
+import io.kafbat.ui.model.AppAuthenticationSettingsDTO;
 import io.kafbat.ui.model.ApplicationInfoBuildDTO;
 import io.kafbat.ui.model.ApplicationInfoDTO;
 import io.kafbat.ui.model.ApplicationInfoLatestReleaseDTO;
+import io.kafbat.ui.model.AuthTypeDTO;
+import io.kafbat.ui.model.OAuthProviderDTO;
 import io.kafbat.ui.util.DynamicConfigOperations;
 import io.kafbat.ui.util.GithubReleaseInfo;
 import java.time.format.DateTimeFormatter;
 import java.util.ArrayList;
+import java.util.Collections;
 import java.util.List;
 import java.util.Optional;
 import java.util.Properties;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.info.BuildProperties;
 import org.springframework.boot.info.GitProperties;
+import org.springframework.context.ApplicationContext;
+import org.springframework.core.ResolvableType;
 import org.springframework.scheduling.annotation.Scheduled;
+import org.springframework.security.oauth2.client.registration.ClientRegistration;
+import org.springframework.security.oauth2.core.AuthorizationGrantType;
 import org.springframework.stereotype.Service;
-import reactor.core.publisher.Mono;
 
 @Service
 public class ApplicationInfoService {
 
   private final GithubReleaseInfo githubReleaseInfo = new GithubReleaseInfo();
 
+  private final ApplicationContext applicationContext;
   private final DynamicConfigOperations dynamicConfigOperations;
   private final BuildProperties buildProperties;
   private final GitProperties gitProperties;
 
   public ApplicationInfoService(DynamicConfigOperations dynamicConfigOperations,
+                                ApplicationContext applicationContext,
                                 @Autowired(required = false) BuildProperties buildProperties,
                                 @Autowired(required = false) GitProperties gitProperties) {
+    this.applicationContext = applicationContext;
     this.dynamicConfigOperations = dynamicConfigOperations;
     this.buildProperties = Optional.ofNullable(buildProperties).orElse(new BuildProperties(new Properties()));
     this.gitProperties = Optional.ofNullable(gitProperties).orElse(new GitProperties(new Properties()));
@@ -68,6 +81,38 @@ private List<EnabledFeaturesEnum> getEnabledFeatures() {
     return enabledFeatures;
   }
 
+  public AppAuthenticationSettingsDTO getAuthenticationProperties() {
+    return new AppAuthenticationSettingsDTO()
+        .authType(AuthTypeDTO.fromValue(getAuthType()))
+        .oAuthProviders(getOAuthProviders());
+  }
+
+  private String getAuthType() {
+    return Optional.ofNullable(applicationContext.getEnvironment().getProperty("auth.type"))
+        .orElse(DISABLED.getValue());
+  }
+
+  @SuppressWarnings("unchecked")
+  private List<OAuthProviderDTO> getOAuthProviders() {
+    if (!getAuthType().equalsIgnoreCase(OAUTH2.getValue())) {
+      return Collections.emptyList();
+    }
+    var type = ResolvableType.forClassWithGenerics(Iterable.class, ClientRegistration.class);
+    String[] names = this.applicationContext.getBeanNamesForType(type);
+    var bean = (Iterable<ClientRegistration>) (names.length == 1 ? this.applicationContext.getBean(names[0]) : null);
+
+    if (bean == null) {
+      return Collections.emptyList();
+    }
+
+    return Streams.stream(bean.iterator())
+        .filter(r -> AuthorizationGrantType.AUTHORIZATION_CODE.equals(r.getAuthorizationGrantType()))
+        .map(r -> new OAuthProviderDTO()
+            .clientName(r.getClientName())
+            .authorizationUri("/oauth2/authorization/" + r.getRegistrationId()))
+        .toList();
+  }
+
   // updating on startup and every hour
   @Scheduled(fixedRateString = "${github-release-info-update-rate:3600000}")
   public void updateGithubReleaseInfo() {
diff --git a/contract/src/main/resources/swagger/kafbat-ui-api.yaml b/contract/src/main/resources/swagger/kafbat-ui-api.yaml
index 19be2abaa..8312c6da5 100644
--- a/contract/src/main/resources/swagger/kafbat-ui-api.yaml
+++ b/contract/src/main/resources/swagger/kafbat-ui-api.yaml
@@ -2124,7 +2124,7 @@ paths:
     get:
       tags:
         - Authorization
-      summary: Get user authentication related info
+      summary: Get user authorization related info
       operationId: getUserAuthInfo
       responses:
         200:
@@ -2218,6 +2218,20 @@ paths:
               schema:
                 $ref: '#/components/schemas/UploadedFileInfo'
 
+  /api/config/authentication:
+    get:
+      tags:
+        - ApplicationConfig
+      summary: Get authentication methods enabled for the app and other related settings
+      operationId: getAuthenticationSettings
+      responses:
+        200:
+          description: OK
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/AppAuthenticationSettings'
+
 components:
   schemas:
     TopicSerdeSuggestion:
@@ -2328,6 +2342,32 @@ components:
             htmlUrl:
               type: string
 
+    AppAuthenticationSettings:
+      type: object
+      properties:
+        authType:
+          $ref: '#/components/schemas/AuthType'
+        oAuthProviders:
+          type: array
+          items:
+            $ref: '#/components/schemas/OAuthProvider'
+
+    OAuthProvider:
+      type: object
+      properties:
+        clientName:
+          type: string
+        authorizationUri:
+          type: string
+
+    AuthType:
+      type: string
+      enum:
+        - DISABLED
+        - OAUTH2
+        - LOGIN_FORM
+        - LDAP
+
     Cluster:
       type: object
       properties:

From d91e8b9241294dd163dd5fa344a8b498d165b1e8 Mon Sep 17 00:00:00 2001
From: Roman Zabaluev <gpg@haarolean.dev>
Date: Sun, 17 Nov 2024 20:45:12 +0800
Subject: [PATCH 03/15] Add POST auth endpoint

---
 .../main/resources/swagger/kafbat-ui-api.yaml | 24 +++++++++++++++----
 1 file changed, 20 insertions(+), 4 deletions(-)

diff --git a/contract/src/main/resources/swagger/kafbat-ui-api.yaml b/contract/src/main/resources/swagger/kafbat-ui-api.yaml
index 486a27bdc..da2d1a765 100644
--- a/contract/src/main/resources/swagger/kafbat-ui-api.yaml
+++ b/contract/src/main/resources/swagger/kafbat-ui-api.yaml
@@ -31,7 +31,6 @@ paths:
                 items:
                   $ref: '#/components/schemas/Cluster'
 
-
   /api/clusters/{clusterName}/cache:
     post:
       tags:
@@ -54,7 +53,6 @@ paths:
         404:
           description: Not found
 
-
   /api/clusters/{clusterName}/brokers:
     get:
       tags:
@@ -432,7 +430,6 @@ paths:
         404:
           description: Not found
 
-
   /api/clusters/{clusterName}/topics/{topicName}:
     get:
       tags:
@@ -2220,7 +2217,6 @@ paths:
               schema:
                 $ref: '#/components/schemas/ApplicationConfigValidation'
 
-
   /api/config/relatedfiles:
     post:
       tags:
@@ -2258,6 +2254,26 @@ paths:
               schema:
                 $ref: '#/components/schemas/AppAuthenticationSettings'
 
+  /auth:
+    post:
+      summary: Authenticate
+      requestBody:
+        required: true
+        content:
+          application/x-www-form-urlencoded:
+            schema:
+              type: object
+              properties:
+                username:
+                  type: string
+                password:
+                  type: string
+      responses:
+        '200':
+          description: OK
+        '401':
+          description: Unauthorized
+
 components:
   schemas:
     TopicSerdeSuggestion:

From 3e61608835c2d514cb814c87adcd8f8ed5ef7436 Mon Sep 17 00:00:00 2001
From: Renat Kalimulin <pianoparrot93@gmail.com>
Date: Mon, 20 May 2024 16:07:17 +0300
Subject: [PATCH 04/15] resolves #72

---
 frontend/public/serviceImage.png              | Bin 0 -> 7361 bytes
 frontend/src/components/App.tsx               |  83 ++++++++++--------
 .../components/AuthPage/AuthPage.styled.tsx   |  14 +++
 frontend/src/components/AuthPage/AuthPage.tsx |  18 ++++
 .../AuthPage/Footer/Footer.styled.tsx         |  45 ++++++++++
 .../src/components/AuthPage/Footer/Footer.tsx |  28 ++++++
 .../AuthPage/Header/Header.styled.tsx         |  33 +++++++
 .../src/components/AuthPage/Header/Header.tsx |  81 +++++++++++++++++
 .../components/AuthPage/Header/HeaderLogo.tsx |  29 ++++++
 .../SignIn/BasicSignIn/BasicSignIn.styled.tsx |  37 ++++++++
 .../SignIn/BasicSignIn/BasicSignIn.tsx        |  52 +++++++++++
 .../AuthCard/AuthCard.styled.tsx              |  58 ++++++++++++
 .../ServiceSignIn/AuthCard/AuthCard.tsx       |  36 ++++++++
 .../ServiceSignIn/ServiceSignIn.styled.tsx    |   7 ++
 .../SignIn/ServiceSignIn/ServiceSignIn.tsx    |  18 ++++
 .../AuthPage/SignIn/SignIn.styled.tsx         |  18 ++++
 .../src/components/AuthPage/SignIn/SignIn.tsx |  21 +++++
 .../components/common/Icons/GoogleIcon.tsx    |  32 +++++++
 .../components/common/Icons/ServiceImage.tsx  |  11 +++
 frontend/src/theme/theme.ts                   |  66 ++++++++++++++
 20 files changed, 649 insertions(+), 38 deletions(-)
 create mode 100644 frontend/public/serviceImage.png
 create mode 100644 frontend/src/components/AuthPage/AuthPage.styled.tsx
 create mode 100644 frontend/src/components/AuthPage/AuthPage.tsx
 create mode 100644 frontend/src/components/AuthPage/Footer/Footer.styled.tsx
 create mode 100644 frontend/src/components/AuthPage/Footer/Footer.tsx
 create mode 100644 frontend/src/components/AuthPage/Header/Header.styled.tsx
 create mode 100644 frontend/src/components/AuthPage/Header/Header.tsx
 create mode 100644 frontend/src/components/AuthPage/Header/HeaderLogo.tsx
 create mode 100644 frontend/src/components/AuthPage/SignIn/BasicSignIn/BasicSignIn.styled.tsx
 create mode 100644 frontend/src/components/AuthPage/SignIn/BasicSignIn/BasicSignIn.tsx
 create mode 100644 frontend/src/components/AuthPage/SignIn/ServiceSignIn/AuthCard/AuthCard.styled.tsx
 create mode 100644 frontend/src/components/AuthPage/SignIn/ServiceSignIn/AuthCard/AuthCard.tsx
 create mode 100644 frontend/src/components/AuthPage/SignIn/ServiceSignIn/ServiceSignIn.styled.tsx
 create mode 100644 frontend/src/components/AuthPage/SignIn/ServiceSignIn/ServiceSignIn.tsx
 create mode 100644 frontend/src/components/AuthPage/SignIn/SignIn.styled.tsx
 create mode 100644 frontend/src/components/AuthPage/SignIn/SignIn.tsx
 create mode 100644 frontend/src/components/common/Icons/GoogleIcon.tsx
 create mode 100644 frontend/src/components/common/Icons/ServiceImage.tsx

diff --git a/frontend/public/serviceImage.png b/frontend/public/serviceImage.png
new file mode 100644
index 0000000000000000000000000000000000000000..8006b13f5c09b4cee6289790a38df545177b25dc
GIT binary patch
literal 7361
zcmV;y96sZTP)<h;3K|Lk000e1NJLTq003YB003YJ1^@s6;+S_h00001b5ch_0Itp)
z=>Py6dr3q=RCodHoe6lB#ku$SzJBL?XSu$fo>Q_XBt(|TZrNRGL{UMCT18P%st8ua
zR_keNTdQ#cX^&b3WDg->2?>x5v+oJn$iDCUzOV20EWhuX_sy%3iUjh4FV<Ywea$@2
zGc(W3|37ojJ@?G}WYQ!n{R942iPyS+j{5I;{~qqO>W3*iZvW4O|M8rB{;#*%CU`Bj
zPk#Rnhp{5=iD$9fm;6|y6?sJ70Iym9EXuOdW?E0R1W0KgE&tabFV7zdAjg7hiMSvy
z!OQbUX|FE-SJtijf%UZfTdauyUG&n}?RWp!5+Gkm8DgaT!;&FX%eMjgr3ex#tLoEL
z|My$$i`V|u=H7lS)XSxSz0&*Vy>7J?qvG15ah=}~_1Ag-{&f@Ql>&6V(tl@&5UR$S
zd;H}Hy<v$UVBHTQy_Wyi<r;XSJQvo}4P!Zlc`f|68%f=aw-Z?XXb_WZ%m)kqW4sNz
zQPX93E&U-(vaW@lP&qfUuD{aGAV!1LsHE(z3;*f6sB$hxijf2_&;N6s4a%>+PU!o~
zRrI_5{99W$2;2U<4(@o{m%V@CzkRi9UgN9p!T+i!RuFaFNcdju{5|;Qk#fz|k(hAJ
zFZ(|HdLp=16SK9MngzbkP3_7$aA#xczD21!S2|ithsbz;sh!15RI$jiCOf|~{@vC3
z=#5o!#KWo*@t8bv-Ycr|+|HY=g#@FCYRSc#HLY;#LVveR8?>@e_MeC9KO4n=E>gfE
z`V!y$DDI;*PS!$#STS3~782Wp*3u|ZkHP3yeGJEDqK4cCQEMUMew2WD7(!ML_hbjI
zv!=REcv7}Dy<ZaW>NHKnv%PZ2t&sI=DD;B7KcFT)fplsy!&$rht%-mM&j-Q{YfTO6
zPy6(@hR{{0nOmX32ik+7IRMIcqC~7jAOD-7+Sr5htf|goyYs44k+rFw!s9Qv56Ay8
zR*GJOTCo#)<6$Hh1~Z^F03~ZP(z%D}Ej+!=ng|ee5l3ULm;`IGdPE~SV%~m47qMwj
z$$s7lIJ#m`8o*Eu18Jz0?;}V53{Cn+iP=6c-(*cB2&?Fd2(Y%^FTfm1d~1&(;z87k
z_n<cp<T{`o)E3Ybp*H)VWIlsF=B1&Itm8koCIUoVuE<qkZN2}3_p|QW*q6Gc)F+_X
z4@UA#;L`(if>aB=v8d&5VTgE$q0GOXur>mW6Y_Z02G-d7I}>-T(?@MU$$trYqQFoN
zM)3QAUehQTzJS`e4>{oxv`N2hDe&Dk)!InN_8N!R)Y^J~_TSb`8H#%?L`r!QwdO+@
zxd2KN&<6|vf`m@cmqAZBYW|BDq8_6sYtI&IBjB=gL4ud(zgSzP+hSh#)WpBoD(7s4
z){~$w1+{$?_`y*UdO)g!!F1H>_mC4GVJLma>5NZTIa^zMzR@Cz^t#XLj*<+<zxEe>
z(o-mv??PYv=;YfyN`M#vLi#{$#b_C|9z)LEj4tV={-&hAthP1+#F^BuwTQ&3*V-zZ
z_R$)rk>p<&8`3wTHhaTJwn^U$y>C=KV+b%##?{ahjZ*O@`uN8fNZ<a6wY5pq=W9<@
zSmWf|9{bxhx};6Wh1*bjB0(=E-_B9}FLb{UF&Bui8`NeP&VuH{Na^d*roPsgdGNU#
zV=}g;)5@Zk2p|7o(kuH68NWcOdLM?;L9R6c{RQY_Nf4u=4fMs(9fn-^OAJX*EA8h$
zdeGWN!QZJNYg9kY;lEj?OWjr@7i@*LW1uerT1;lAkpR*2$BH1J3#1wtN<*#Pfh<Nr
zrk9UUW!6T*SJaR-s-L0M*SATTFUV@;AE7r2r0UVdmjGJG#o&v3J)ky$wgB3^Q3|(U
z$olWbrnvW(SQ`OfaaCKB*HfsTtUc>p3^{M+sD<00{fNo-R~vzjQ57Usz?YIX6IuPy
z(C|L$g{`Wg_>+$+PXEE9$p7V=O7^dtlJ?OGr_`OdeXHA;F~7g(KfbVr!nfaHGtnL*
zfXmyv-mNO&wOREsuiw%f`_A&VgdLupsUNHw%=qBJf%EUIA58z#rjd+4zc`%r=4&Gt
z-t^LB{b`5p!doBf^4{L9%YXNfA^%-pec}6oa^d^YYVNCwTJtC9j|D^NsQT#|B|w;=
zX1SOM;UB68Z4Pw$K+%h+Ij{CBr61&}W!qDwqIYAYf_Fm<`EUE{^WHkD%YSdLF6ZsP
zY4hHBe<b&VH->YzzcQG$eM^7Vj>r4bx3BFv|L(nA@!Rig3j5QN+OXfx&pWc-ZK7C-
z{845HotM|7|2>fcGY_tt+7bQo+nShXEA)xa^~fo|)F`RXOG?TXl;q7QNxwi5c6|JL
zl=#O{;vPkbe*`7|QIy2TP?8@<NnMYUwgENkY1G{3P>WuInm3^9IOqyNsWDBkMhi%g
zAS@vv=C}yWB1TCw$d#Z;gN}Vr`zDmVhFY`@HE%0w&a<c&o<Yfc%J^R8{6>`24Jav3
zpd>$ulC;4j$xopqZ!)$)PJULElb$u`VmI{;#lDo(5d7*r6Twa7HO>R#M-&q&s44u_
zZ9U=7Xoo@`M0@sjr0~0uV;(?Fd>A$PQPkA+sOLAJragt4u?Z#P8KduB$$kMP_hr<=
z*HBAdM=ke4t=W#+_zAQfg1%tTW`itrzfeDIqbf)Me6g4b5ute2Y8nM{1!&TtKMXpL
znaXYc6t&?)<0P$Czl~b{25RZ+sKu|L7XBJFe;aD<3#i#!P_s6pW;}(OvK~2hEr!qU
zMsxN~1_ORd_n8NCt3rNr%S5m<u8PI46em(hd)St|j^HQhJADsBVJpy`-;5#ub(D&~
zpw{ey`UB8#7#e+`=_qQmA8PY4)Yg-zZ2_pAXN_i~aiSeafRQxN<$_cKN)^yx>d^vJ
zBME{Cvj~@jS;W1uabYnvfLaYw8R!d5<!Z8EBprrRVK5Q;W1uerdcsh<gHbyJQ9Jxm
z+m4~O_@Fc#K&t)(ef}G0QZ_RXau3};H`8`-8jT@awoe2*qjN6YYv~UsQb<eW^JQ&8
z>*+e}NniA13>WM`TYnU(BLt-<616WD2I62K5eAcBFxeym00D#mMCfaMJ{XEkU@4WL
z3bj)Y2*+FV=o}zGHH#o*Z2aPD@l50sqeqZfYbsN%0#UwPZX#JK0z-j`99_1lKAH>|
zPD33^M(&G6-w}eQavuX(f21qq9@>0n((FBlhSM7+w9-!9dE5V+G*SOgQ_Qygt>>Op
z+X8Q=Gx8z&3jT+oh5)oZu^0x=qi8OmiXLqc02hFv5DcQx0_+ly%RngywGt3LUZ@<g
z;1U}yf&c-YSp=9u1S#Jn=5%92a~UEO<%;sfdj!$dAczrlP%A(wLy?M+b@}K9(-`gu
zr?+B1o#$VpImnYnzgwvHU#Y7)yZPCPbl$v=J%2Q5qATF?)6Xwzj(#DtC3rQhVJqoO
zdxf5g!wj~4&PZPphT$w^Z4RojhZlk*qzI&9kcFBl9VMXRA`%2J0-&*E2;eRzWh}5?
z7dPh-fSXA*gD=V!gbNYmSD~tvC~_IHp%C3j7DHVz^w#^+p7S=%(T~$``Y!4M@24j8
z+3*X8H_n_00SR6UCr`43|3CBS(=(dlUW#pvTragotf4)1Gd<;d8E8JkNKY*Kp;TmT
z7K%;~Ax1-<X+%f`CNdPUzgq%onW+a-0Y))_@+C+DC_&8C$X9^|G2+Z3-dB#Ql%hyQ
z7<74P22vR8_?+%4Z`!i|Ohe?u)CJ#1P3Ss(b@-N}nY-3a*vDivMJ@H~mi!Z2X4l95
zYIjT2<7!Lf8roAf(^dQ-15JSpcSWEdOhOttkD|)}eHIvUKoXJ<ay}@++$;uFh_L(1
zMnyQ_1VCo6%&N*v&c)%_=jJ?SLQOymu)i!{ysHFNDMpd<F=#Rv>5r$s^)y|T`)Nu4
zjS>9XkX6)#KB}t>-}>GK@1MI*r01LSifzhC<_k-Ob#cFXy(wl>Yjea}T4NukGxyK*
z)*NQ2JqT@YB+_sKvNi=(p9Y2ukTOBa0yzhiTu=lV1)vs!S_G;X8G;lM3b4e6%vgfV
zM47|UG$I`$Psx{|u^dsR5K+F6d=xncNtcdpIFX^w5PBPYX)kz>rle=63%!?`;8j$H
zKAvBCX8psK!pU5Y#R(A0{F-ym|GXjg>5j&T2Wg3Wh>pw`>8;+&V5>jc-p?@%#UN`F
zQT54SI1h$2kTO8d1X*l33cr6YsCh<!P|bvxLo<kDLo=Y}d**AA$1I{eA);(S_yrUx
z14);Hb|8|W&NKAX?4v#R4Vq#fr8aCO)dKwBM>C6j*Do@IX35av1ehyVd}hny`nb*E
zLU%Srt)?w?1Kovh(cgH4k&Zz01Lu%NqEWQ*pi2OQAS1;@h?EBMC?QHFC|O3ZPz5nL
zqu`AV#mEsNKsDdbHW8@^LWPJ?CJ4>|B^^~dkE|0$LJXSTPzIWg(p~l!TFyU1eZ*>N
zf>ux&yh^GJe(ZyceQTzh+hytSnh_u>n(wn|c3te2;D)GmN@LV&T9O{2v+#HH)$e7v
z!yjE=5b|(1sx}IAv7nC!Ln0WGOk_wYAe{$U5Rwjxd6Wnc1(;@X1VN+MM&d*|q29zE
zLb|C8QI3=fqD(^)iY^{$Boa-}83vlY=`8v)&8ZuyJ9iJ&L7r3u-QQCd{K(sB@2$9|
zuIx#cnuIUaGZJ>La;}bf;pK+7$NL&0SJNE7hW5;->8X65q1MCb`%WPboki7#fi4{M
zQJ{|jgK)ydffNr?B1lQ2k_?g%K~6Hr=Ie_?kzV8zqe~DQXA*r3s!q&Bp=f(g(O>s5
zop~?O8213RVRunw1b<ac$+3s-zEqnmb>BD%Tfz(-PlYO?wr*`me5$n}aurSStLeyi
zoW9am(6sJB>hnV#4gk$r(1n0bknuU_1tDT9Qk(^f215);W5_Xs`b8*66VGEnA3Z7}
ze}su#QKl{oWh5AVuP?)m@6(n03z`$xP#bn9RY7-BarXYy0^gsl7*Crfn#O2`TEZ1Q
z-iqX(eEOF9q^B|(qaRRPWA33V<$i_>)}ycg9ZJtW7(50er(oo?i3~xARuB>j`Y_O+
z8x=v$s2Ik?&CiVlhMLIK3a4HWXwQNs5QYw;^z1}i|1twb8)!>jMSa8yszdM5Rh(UY
zF#Tgsi@2M|gGrj#^8cE!D`Gq^8k?ppVAH~exQ%|TQ7h<-xr3p!yU`Ush}`%BYWI6E
zBsO4<!^lY(@ds@HXahleW>f?zLIkKmpc@U1_snTdgI16j2pU1?DHuKi13RJXRg{(&
z&{k}u|H98`iCals<h_QfkhR-WKEB-|_WjuQepB4&ikPS~?wek4sb_KTEq7{)T(z?+
za(VAi!V+{DcOaKPjMB6Twewe~J#U~6d<;VeVE8DEh>;;k5pn`Ff}F8(;>%~ow8vmr
zsI?=ggP)-Gy@lHSDr(ouC~aGj>o=k;Ttk1xeY7P%SX~qP&=Z%c>$SXZbjD589euSG
z%=+-BE*<CYcxNPTDf*O!$c6W!)UHEmdlsc*D@xZ(C<3(JH&Ofl0)x9p3Gp@oJM05P
zKB&V&j-U>CqYfQL9omaJ_z`N~JE*<CL+##%+VxA+&gW4&o<nKch+Oq^bouu%n6sAV
zsHY#j+BQrypV1vX(G8iat%TT<?K!vbfF^1VhJ@M3*|(uotVU^i9Hn(5O8YNR+Bc(g
zY(eeVirV!&YS)XX-LIhb{1&zMPowg>>Dt)C1=u3p7SztosGZNCwr@ghe;TE2BTCD9
zl=_EJ%I-sd;Z}w-J!wl=yXk7%FwuO*4Vj5<NnULwO85PA`asy+bZz)_3~?UFnTwH2
zSD@5Ah|=_^39Qy9O~AE1H45Y=)Q)G2qICS?i@52YAna+>j;B%DMfwdWZBL-I3PK-4
zX?X;t=^>QrRVXE%7%~^3Ilq|h#FZ2B>0fR8MZPbNrd%&mbZli?PyOV+p>wl(be~T}
zikXg_z5u!KcI4`NQR-HsG^|Bw6l93G;SrSPbto+Y$j4Ax*P|MN72u8n+`0~>RS@?G
zO3Tktnjb=G68YDlG(LdRunMJaB}%0yO3`wp^abcr<}i?aTUOqYmDg;gJGRYZ<3?As
z`B+5u2lrg}FI{y7&UtM(bcU)w=Y|wL4e9(`<oqSb<#(V|uRy6?iBfkjO8qL720@4b
z@d1>^H7HF#Lup!z(!ACbZx+|1KsT;JX}lk$;Xai5l_>RhqtxAvQhO&#^&Kc>%TWpz
zA*atnpL{bz$xFKG0&n*m3(ob3i{D<G@t^c<9L(xFJ3B-Z?2i7ND^ip@Qp(N9ISY`B
z7bBM~L$0_LrBaX~fb&GDxeKNCE|fY!&I;t(yOBj$Cq&#A;%Nf9=BFq%BJb@eRm)MT
zL|IEw%9o%N{{%UIK62V@^vNEKBrj0Aqn5sYJwPA(j;|cdy593Z!cI@;fwLa<njlvU
zVN;MIry?cKM9!RT0;ljN$R&$VN*AM4Ec;R_mm^m!L#kYkp+d+qqevCYkgJv=S1m)S
zUW!t=1f^2sU5rw`2&HTxO6e`g#q*I1<{@X#MozmKL()t%Npt8=SbE)mUmUP*(pSG<
zJ<+YnvFu(h-f(pO?L$HCs`ji4hENv_5mS&7+>y@DK)N7C!ffQcIVP}*79bbRM-o!F
z0A0a+H2L!x&YjOt&H{#V=QENwA8p}$^u-G>lq^6hS%6$J54m^_Qqdfw!r4d#HzVhH
zAZH7rXCSA}KuVl}F2RGrghlnjEWTX5E%n^E0{%k(j7F~KdZ6><tY3|snTqa=6NV6H
z4Ch>sVqKAvrXr<HL&}(roauplVJ1?x2Zn49^cQYMljXrs`V9J0rqi7`jgExrbSBQA
zCwV#p=`$J1nu#{o1AU$chWwexc{7pnW+LZKN6Ma#lywtwhC5Q4J5usZ7~-d)i=Dx6
z;w^?6|2r333gF9?^A+`DCgOUjA+cf86F4(a6X=Tmv=fFPM+~8k7$Tf8#5yA-x*{dJ
zVn}htkm`mm#f_09HwNR~=!<csBixmiP#5Y?J5v|nMBQm;8iHJC`P`MxXgB&2-55@t
ziZ*>J`i!Ya8E(iKu1IOFNU1JJ$>JR@NO7)6vF_-jZek>EHl3d@ed%(*S?c-UsUI^5
z*Fz0e>{~K_;LMCt%_$f3fsPo?IA92}#}H<Z6z+&2$`M116Z#lubkWX?L^?4L?nHNp
zBW-6KY4mrb=9nWDM;$2haiGlCk#avLs{Ng4IO9xfm<!#JE)2%Gph<K=pEL@3k`q#*
zBT~ErQmg|~v@?b%S9B3KF%s=TPsGAQ*W<vh(f?xx{NnI>tcqLwZh2xTaJoi!(h-Bd
zJqCX}3<0(n&f1_4wm}zSi#F7r;b1!k&f3!*Xh+*gI~x7$sP(a@!rOt;Lyi=CJ5zkr
zMJ+n&ijZR8DU|uTP<_Igh5#qpf*j}xvu7y60d15$`e=I$QFcg?wn*W27(RDEf6fKn
z=k932r!f$<pt!{Qj#-xK<(Dd_>eFf8{F(fyYw+JI##W{~VD66L0C#l9?J=CNLw~{+
z{Rta%rzWF2Wy8oR8wO9=(0js$&SN$-AGM|4+m5P3_LLoTpyaSK#YbEz^u4K~z|X_0
z=!D17V*eT1;*&EdK0b}oV{TOVO`-O<6V3jPbe^%JKgbqMs4cosTMVH#7(#8)huEPD
zc0?QMh9=CNfrwdy%>fG^7+Y6M$G<oceR0npdws1Z<G#Q-7e-D@LFZ?W&es<0Q5!Tz
zCo_C>G6P2^)8jLl4)4h{AF`qTfGt(~?I_>xK<PneO1xbu@txLF<md6%l#dsG;X2Ma
zvUFKl$o#m{;CZ^zfSV~jF`ZIhH!6LcsrPlH<(NI)C+!#vutgJSgD!9~I%C`(%^4R)
zg5BspH-omIx$jsS^s(iA?c_Tad=VFu@wM8f%=u{fw0{4Y1H-<KXpY*U@v&jpdoqKE
zCewRxGMxv0Ov}E>H0-sZ<}+I=_l|;p$c56QQ<YM`={bc*7Ca=@5n~%B;uj9zHnSvX
z$;+i-3wp}V&Y|SwOiKLRsW>u)8gD0>eC+A;wWaTv4THyR7&eL>!>61WIz5H{;AwQ8
znH73*xt6*fSMN8I5%t%5Cv;-^QkAYfyl8E&uNwo0>=-y?OaB2Iy7x_{<Fm;$?U_vd
zZX2q1*;2mSj<U}jDL>#$xzAL!?D+Ji65lz$%>3(;%brHdKd^XqNywsI<sl3DN&{z6
za%>u<N8G47>`dK3N16`V(SF#LZf{$9kJ!=Y=Sbg47rF!7=s4}se67|4<Ldop0z`N%
z=7I)qk2gCHInlMxhAsj8-pMrYnM}hj8)|mhQn|~HvfcKS?RBE;kSk?AHz{SuJkAsy
zTyRCcnuMK8oeTXJZzvDGCA0MO97>PRq||3B<%g$GeZY~r{q{8Ox2NTRJ?-8Oboe;Z
z?&m^_|8%K*-z^qD|8qsX-%Ns~Eh1s!)g8F$WaAz?8h4pMul>}9>Q8N{*kw=o9tX<y
zIa7AXjq;<@)be99Q;U7)t-sW08qfWVolBj|gBHF~7PO$MEMOKTe$yy9=t}8+XDU8(
zq-u`?HG3VX+wWi;9ko90lpLD-<ao-yk~CM``^_X+^1oo@?O5hk^_gp8)hD)8{mq8T
zPXzFGl<#&h_4tERC_my(x$lgg62Dpd@;_WM<4PKNskDOlLZ4fIS`qw{b7iOJN+o_X
zC^|fqqP;E@?{=bOmjk7{>?sxX*f)ie{T>!|%zee{X$E$@VL-s7A6RNa&iru6jM80B
zIi;W2VU#_Nl<jk&?64c<J~vT*eC9~`iCKZU*FXgba*RayFI!c5dVWT!|17E4+nvIF
zQz+Q&M8T&H<bUcw!7gVCch7kHQe<A~eW7|Tx#}G+36^qIXYBNJF4;XLv}BJHrF(^{
zai!eHor)7Pl!}wHN=yCbJ(o0&N%l%XxHx^<{^fIvPu}wTl9RK0i+rY2u-}dR&!&*K
z%bC1SUAXYEhs8GNuUhq7Opc{aP857H>+TY7_v&)r=~BgUkM4?-v!hG==59#;c-eJ3
zi(@7v{o`dfmz<dQha$h3c}0iadvf=>wdQ`}{-LGZ5yle_7Xx{<*J5p8DXXa9;Jg*3
zzO!E`^;z&h-nRg}nE-Q`wrk<sf_?LTma%8{T}kg*#w9IO&lmf>R}1>Z`7Ajfm>d6H
z3@xJfF9zRy{r%_bzy6c;V>?pz)=B?l#_O7dmYS5uR{FaVx7eh6Ip(gFtKvo`Vq9ND
zyd1Ds^89-ezEnro9eguU->aiL9Il(%F@t__C?;l0nW#6C3KAZIYd+y#4ECk2g^Bu)
zM8Y*SH7^D7<?f5cnx$6E);to#3fJO`tjmFWCC|mY@Le1YLgjqx`hL7b2$f__|M+L3
zBPwOb-2a@gS984JSu)*?J{pX={%ZdFg(X3>L|Hc)5k?DVJfE7k1UT2T3~MJs^muVB
z$Eqh;OAvO%%ky8ve;1mlZnji@aa#EsKPzvEMq6VUVzL&aBF*die>Pu${twaH$4k7K
z3}HPbczI5?RPQ#Ile_&68}YSTLHKuG#f%s9Z%QXX5=Uc1FBOX)p|ZqC5kP+3K>=~k
n^vrXzNGtM)yh62DGvNOpcNnhV7f#5V00000NkvXXu0mjfcl}=D

literal 0
HcmV?d00001

diff --git a/frontend/src/components/App.tsx b/frontend/src/components/App.tsx
index 16dd1305d..108be9191 100644
--- a/frontend/src/components/App.tsx
+++ b/frontend/src/components/App.tsx
@@ -1,5 +1,5 @@
 import React, { Suspense, useContext } from 'react';
-import { Routes, Route, Navigate } from 'react-router-dom';
+import { Routes, Route, Navigate, useLocation } from 'react-router-dom';
 import {
   accessErrorPage,
   clusterPath,
@@ -24,6 +24,7 @@ import { GlobalSettingsProvider } from './contexts/GlobalSettingsContext';
 import { UserInfoRolesAccessProvider } from './contexts/UserInfoRolesAccessContext';
 import PageContainer from './PageContainer/PageContainer';
 
+const AuthPage = React.lazy(() => import('components/AuthPage/AuthPage'));
 const Dashboard = React.lazy(() => import('components/Dashboard/Dashboard'));
 const ClusterPage = React.lazy(
   () => import('components/ClusterPage/ClusterPage')
@@ -49,51 +50,57 @@ const queryClient = new QueryClient({
 });
 const App: React.FC = () => {
   const { isDarkMode } = useContext(ThemeModeContext);
+  const location = useLocation();
+  const isAuthPage = location.pathname === '/auth';
 
   return (
     <QueryClientProvider client={queryClient}>
       <GlobalSettingsProvider>
         <ThemeProvider theme={isDarkMode ? darkTheme : theme}>
           <Suspense fallback={<PageLoader fullSize />}>
-            <UserInfoRolesAccessProvider>
-              <ConfirmContextProvider>
-                <GlobalCSS />
-                <S.Layout>
-                  <PageContainer>
-                    <Routes>
-                      {['/', '/ui', '/ui/clusters'].map((path) => (
+            {isAuthPage ? (
+              <AuthPage />
+            ) : (
+              <UserInfoRolesAccessProvider>
+                <ConfirmContextProvider>
+                  <GlobalCSS />
+                  <S.Layout>
+                    <PageContainer>
+                      <Routes>
+                        {['/', '/ui', '/ui/clusters'].map((path) => (
+                          <Route
+                            key="Home" // optional: avoid full re-renders on route changes
+                            path={path}
+                            element={<Dashboard />}
+                          />
+                        ))}
                         <Route
-                          key="Home" // optional: avoid full re-renders on route changes
-                          path={path}
-                          element={<Dashboard />}
+                          path={getNonExactPath(clusterNewConfigPath)}
+                          element={<ClusterConfigForm />}
                         />
-                      ))}
-                      <Route
-                        path={getNonExactPath(clusterNewConfigPath)}
-                        element={<ClusterConfigForm />}
-                      />
-                      <Route
-                        path={getNonExactPath(clusterPath())}
-                        element={<ClusterPage />}
-                      />
-                      <Route
-                        path={accessErrorPage}
-                        element={
-                          <ErrorPage status={403} text="Access is Denied" />
-                        }
-                      />
-                      <Route path={errorPage} element={<ErrorPage />} />
-                      <Route
-                        path="*"
-                        element={<Navigate to={errorPage} replace />}
-                      />
-                    </Routes>
-                  </PageContainer>
-                  <Toaster position="bottom-right" />
-                </S.Layout>
-                <ConfirmationModal />
-              </ConfirmContextProvider>
-            </UserInfoRolesAccessProvider>
+                        <Route
+                          path={getNonExactPath(clusterPath())}
+                          element={<ClusterPage />}
+                        />
+                        <Route
+                          path={accessErrorPage}
+                          element={
+                            <ErrorPage status={403} text="Access is Denied" />
+                          }
+                        />
+                        <Route path={errorPage} element={<ErrorPage />} />
+                        <Route
+                          path="*"
+                          element={<Navigate to={errorPage} replace />}
+                        />
+                      </Routes>
+                    </PageContainer>
+                    <Toaster position="bottom-right" />
+                  </S.Layout>
+                  <ConfirmationModal />
+                </ConfirmContextProvider>
+              </UserInfoRolesAccessProvider>
+            )}
           </Suspense>
         </ThemeProvider>
       </GlobalSettingsProvider>
diff --git a/frontend/src/components/AuthPage/AuthPage.styled.tsx b/frontend/src/components/AuthPage/AuthPage.styled.tsx
new file mode 100644
index 000000000..16f86f714
--- /dev/null
+++ b/frontend/src/components/AuthPage/AuthPage.styled.tsx
@@ -0,0 +1,14 @@
+import styled, { css } from 'styled-components';
+
+export const AuthPageStyled = styled.div(
+  ({ theme }) => css`
+    display: flex;
+    flex-direction: column;
+    align-items: center;
+    justify-content: space-between;
+    min-height: 100vh;
+    background-color: ${theme.auth_page.backgroundColor};
+    font-family: ${theme.auth_page.fontFamily};
+    overflow-x: hidden;
+  `
+);
diff --git a/frontend/src/components/AuthPage/AuthPage.tsx b/frontend/src/components/AuthPage/AuthPage.tsx
new file mode 100644
index 000000000..9d40e6274
--- /dev/null
+++ b/frontend/src/components/AuthPage/AuthPage.tsx
@@ -0,0 +1,18 @@
+import React from 'react';
+
+import Footer from './Footer/Footer';
+import Header from './Header/Header';
+import SignIn from './SignIn/SignIn';
+import * as S from './AuthPage.styled';
+
+function AuthPage() {
+  return (
+    <S.AuthPageStyled>
+      <Header />
+      <SignIn type="service" />
+      <Footer />
+    </S.AuthPageStyled>
+  );
+}
+
+export default AuthPage;
diff --git a/frontend/src/components/AuthPage/Footer/Footer.styled.tsx b/frontend/src/components/AuthPage/Footer/Footer.styled.tsx
new file mode 100644
index 000000000..63fa63010
--- /dev/null
+++ b/frontend/src/components/AuthPage/Footer/Footer.styled.tsx
@@ -0,0 +1,45 @@
+import styled, { css } from 'styled-components';
+import GitHubIcon from 'components/common/Icons/GitHubIcon';
+
+export const FooterStyledWrapper = styled.div`
+  display: flex;
+  flex-direction: column;
+  align-items: center;
+  gap: 8px;
+  padding: 19px 150px;
+  font-size: 12px;
+`;
+
+export const AppVersionStyled = styled.div(
+  ({ theme }) => css`
+    display: flex;
+    align-items: center;
+    justify-content: center;
+    gap: 5px;
+    width: 200px;
+
+    ${GitHubIcon} {
+      width: 14px;
+      height: 14px;
+      fill: ${theme.auth_page.icons.githubColor};
+    }
+  `
+);
+
+export const AppVersionTextStyled = styled.span(
+  ({ theme }) => css`
+    font-weight: ${theme.auth_page.footer.span.fontWeight};
+    line-height: 18px;
+    color: ${theme.auth_page.footer.span.color};
+  `
+);
+
+export const InformationTextStyled = styled.p(
+  ({ theme }) => css`
+    font-size: 12px;
+    font-weight: ${theme.auth_page.footer.p.fontWeight};
+    line-height: 16px;
+    color: ${theme.auth_page.footer.p.color};
+    text-align: center;
+  `
+);
diff --git a/frontend/src/components/AuthPage/Footer/Footer.tsx b/frontend/src/components/AuthPage/Footer/Footer.tsx
new file mode 100644
index 000000000..ad9a19085
--- /dev/null
+++ b/frontend/src/components/AuthPage/Footer/Footer.tsx
@@ -0,0 +1,28 @@
+import React from 'react';
+import GitHubIcon from 'components/common/Icons/GitHubIcon';
+import { useLatestVersion } from 'lib/hooks/api/latestVersion';
+
+import * as S from './Footer.styled';
+
+function Footer() {
+  const { data: latestVersionInfo = {} } = useLatestVersion();
+  const { versionTag } = latestVersionInfo.latestRelease;
+  const { commitId } = latestVersionInfo.build;
+
+  return (
+    <S.FooterStyledWrapper>
+      <S.AppVersionStyled>
+        <GitHubIcon />
+        <S.AppVersionTextStyled>
+          {versionTag} ({commitId})
+        </S.AppVersionTextStyled>
+      </S.AppVersionStyled>
+      <S.InformationTextStyled>
+        Access to the system is provided by your system administrator. If you
+        have any questions, please contact your system administrator
+      </S.InformationTextStyled>
+    </S.FooterStyledWrapper>
+  );
+}
+
+export default Footer;
diff --git a/frontend/src/components/AuthPage/Header/Header.styled.tsx b/frontend/src/components/AuthPage/Header/Header.styled.tsx
new file mode 100644
index 000000000..4ba86f2bc
--- /dev/null
+++ b/frontend/src/components/AuthPage/Header/Header.styled.tsx
@@ -0,0 +1,33 @@
+import styled, { css } from 'styled-components';
+
+export const HeaderStyled = styled.div`
+  display: grid;
+  grid-template-columns: repeat(47, 41.11px);
+  grid-template-rows: repeat(4, 41.11px);
+  justify-content: center;
+  margin-bottom: 13.5px;
+`;
+
+export const HeaderCell = styled.div<{ $sections?: number }>(
+  ({ theme, $sections }) => css`
+    border: 1.23px solid ${theme.auth_page.header.cellBorderColor};
+    border-radius: 75.98px;
+    ${$sections && `grid-column: span ${$sections};`}
+  `
+);
+
+export const StyledSVG = styled.svg`
+  grid-column: span 3;
+`;
+
+export const StyledRect = styled.rect(
+  ({ theme }) => css`
+    fill: ${theme.auth_page.header.LogoBgColor};
+  `
+);
+
+export const StyledPath = styled.path(
+  ({ theme }) => css`
+    fill: ${theme.auth_page.header.LogoTextColor};
+  `
+);
diff --git a/frontend/src/components/AuthPage/Header/Header.tsx b/frontend/src/components/AuthPage/Header/Header.tsx
new file mode 100644
index 000000000..16980af29
--- /dev/null
+++ b/frontend/src/components/AuthPage/Header/Header.tsx
@@ -0,0 +1,81 @@
+import React from 'react';
+
+import * as S from './Header.styled';
+import HeaderLogo from './HeaderLogo';
+
+function Header() {
+  return (
+    <S.HeaderStyled>
+      <S.HeaderCell $sections={2} />
+      {Array(2).fill(<S.HeaderCell />)}
+      <S.HeaderCell $sections={2} />
+      {Array(2).fill(<S.HeaderCell />)}
+      <S.HeaderCell $sections={3} />
+      {Array(2).fill(<S.HeaderCell />)}
+      {Array(4).fill(<S.HeaderCell $sections={2} />)}
+      {Array(2).fill(<S.HeaderCell />)}
+      <S.HeaderCell $sections={2} />
+      {Array(2).fill(<S.HeaderCell />)}
+      <S.HeaderCell $sections={2} />
+      {Array(3).fill(<S.HeaderCell />)}
+      <S.HeaderCell $sections={2} />
+      {Array(2).fill(<S.HeaderCell />)}
+      {Array(2).fill(<S.HeaderCell $sections={3} />)}
+      {Array(2).fill(<S.HeaderCell />)}
+      <S.HeaderCell $sections={3} />
+
+      {Array(3).fill(<S.HeaderCell $sections={2} />)}
+      {Array(8).fill(<S.HeaderCell />)}
+      <S.HeaderCell $sections={2} />
+      {Array(2).fill(<S.HeaderCell />)}
+      <S.HeaderCell $sections={2} />
+      {Array(3).fill(<S.HeaderCell />)}
+      <S.HeaderCell $sections={2} />
+      {Array(6).fill(<S.HeaderCell />)}
+      {Array(3).fill(<S.HeaderCell $sections={3} />)}
+      <S.HeaderCell />
+      <S.HeaderCell $sections={2} />
+      {Array(2).fill(<S.HeaderCell />)}
+      <S.HeaderCell $sections={2} />
+
+      <S.HeaderCell $sections={2} />
+      <S.HeaderCell />
+      <S.HeaderCell $sections={2} />
+      <S.HeaderCell />
+      <S.HeaderCell $sections={3} />
+      {Array(2).fill(<S.HeaderCell />)}
+      <S.HeaderCell $sections={2} />
+      <S.HeaderCell />
+      <S.HeaderCell $sections={2} />
+      {Array(3).fill(<S.HeaderCell />)}
+      <S.HeaderCell $sections={3} />
+      <S.HeaderCell />
+      {Array(3).fill(<S.HeaderCell $sections={2} />)}
+      <S.HeaderCell />
+      {Array(3).fill(<S.HeaderCell $sections={3} />)}
+      {Array(3).fill(<S.HeaderCell />)}
+      <S.HeaderCell $sections={3} />
+      <S.HeaderCell $sections={2} />
+
+      <S.HeaderCell />
+      <S.HeaderCell $sections={2} />
+      {Array(2).fill(<S.HeaderCell />)}
+      <S.HeaderCell $sections={3} />
+      {Array(2).fill(<S.HeaderCell />)}
+      {Array(5).fill(<S.HeaderCell $sections={2} />)}
+      {Array(2).fill(<S.HeaderCell />)}
+
+      <HeaderLogo />
+
+      {Array(5).fill(<S.HeaderCell $sections={2} />)}
+      {Array(2).fill(<S.HeaderCell />)}
+      <S.HeaderCell $sections={2} />
+      {Array(2).fill(<S.HeaderCell />)}
+      <S.HeaderCell $sections={3} />
+      <S.HeaderCell />
+      <S.HeaderCell $sections={2} />
+    </S.HeaderStyled>
+  );
+}
+
+export default Header;
diff --git a/frontend/src/components/AuthPage/Header/HeaderLogo.tsx b/frontend/src/components/AuthPage/Header/HeaderLogo.tsx
new file mode 100644
index 000000000..e5d9ca12d
--- /dev/null
+++ b/frontend/src/components/AuthPage/Header/HeaderLogo.tsx
@@ -0,0 +1,29 @@
+import React from 'react';
+
+import * as S from './Header.styled';
+
+const HeaderLogo = () => (
+  <S.StyledSVG
+    width="125"
+    height="41"
+    viewBox="0 0 125 41"
+    xmlns="http://www.w3.org/2000/svg"
+  >
+    <S.StyledRect
+      x="0.33313"
+      y="0.333313"
+      width="123.74"
+      height="39.8993"
+      rx="19.9496"
+    />
+    <S.StyledPath d="M22.5302 7.67111C22.5302 7.67111 27.7857 15.256 37.1346 18.8977C37.1346 18.8977 43.3721 13.6116 37.341 21.2112C31.31 28.8109 22.1277 33.4135 22.5302 32.848C23.727 31.1663 27.6746 27.9528 25.6569 25.9708C29.6175 22.0802 20.7073 19.5151 20.7073 19.5151C23.0162 14.4527 22.5302 7.67111 22.5302 7.67111Z" />
+    <S.StyledPath d="M103.507 16.2373V18.1592H97.4464V16.2373H103.507ZM98.9427 14.4659H101.427V23.609C101.427 23.9431 101.478 24.1993 101.578 24.3778C101.684 24.5517 101.821 24.6706 101.99 24.7347C102.16 24.7987 102.347 24.8308 102.553 24.8308C102.709 24.8308 102.85 24.8193 102.979 24.7965C103.111 24.7736 103.212 24.753 103.281 24.7347L103.699 26.6771C103.567 26.7229 103.377 26.7732 103.13 26.8281C102.887 26.883 102.59 26.9151 102.237 26.9242C101.615 26.9425 101.054 26.8487 100.556 26.6428C100.057 26.4323 99.6611 26.1074 99.3683 25.6682C99.08 25.2289 98.9381 24.6798 98.9427 24.0209V14.4659Z" />
+    <S.StyledPath d="M90.5643 26.9929C89.8962 26.9929 89.2945 26.8739 88.7591 26.6359C88.2283 26.3934 87.8073 26.0365 87.4962 25.5652C87.1896 25.0939 87.0363 24.5128 87.0363 23.8218C87.0363 23.2269 87.1461 22.735 87.3658 22.3461C87.5854 21.9571 87.8851 21.646 88.2649 21.4126C88.6447 21.1793 89.0725 21.0031 89.5484 20.8841C90.0289 20.7606 90.5254 20.6713 91.0379 20.6164C91.6556 20.5524 92.1567 20.4952 92.541 20.4448C92.9254 20.3899 93.2045 20.3076 93.3784 20.1977C93.5569 20.0833 93.6461 19.9072 93.6461 19.6692V19.628C93.6461 19.111 93.4928 18.7106 93.1862 18.4269C92.8796 18.1432 92.4381 18.0013 91.8615 18.0013C91.2529 18.0013 90.7702 18.134 90.4133 18.3994C90.0609 18.6648 89.823 18.9783 89.6994 19.3398L87.3795 19.0103C87.5625 18.3697 87.8645 17.8343 88.2855 17.4042C88.7065 16.9695 89.2213 16.6446 89.8298 16.4295C90.4384 16.2099 91.1111 16.1001 91.8478 16.1001C92.3557 16.1001 92.8613 16.1596 93.3647 16.2785C93.868 16.3975 94.3279 16.5943 94.7443 16.8688C95.1607 17.1388 95.4947 17.5071 95.7464 17.9739C96.0027 18.4406 96.1308 19.024 96.1308 19.7241V26.7801H93.7422V25.3318H93.6598C93.5088 25.6247 93.296 25.8992 93.0215 26.1555C92.7515 26.4072 92.4106 26.6108 91.9988 26.7664C91.5915 26.9174 91.1134 26.9929 90.5643 26.9929ZM91.2095 25.1671C91.7082 25.1671 92.1406 25.0687 92.5067 24.872C92.8728 24.6706 93.1542 24.4052 93.351 24.0758C93.5523 23.7463 93.653 23.3871 93.653 22.9982V21.7558C93.5752 21.8199 93.4425 21.8794 93.2549 21.9343C93.0718 21.9892 92.8659 22.0372 92.6371 22.0784C92.4083 22.1196 92.1818 22.1562 91.9576 22.1882C91.7334 22.2203 91.5389 22.2477 91.3742 22.2706C91.0036 22.3209 90.6718 22.4033 90.3789 22.5177C90.0861 22.6321 89.855 22.7922 89.6857 22.9982C89.5164 23.1995 89.4318 23.4603 89.4318 23.7806C89.4318 24.2382 89.5988 24.5837 89.9328 24.817C90.2668 25.0504 90.6924 25.1671 91.2095 25.1671Z" />
+    <S.StyledPath d="M75.8523 26.7801V13.6661H78.337V17.9807H78.4399C78.568 17.7245 78.7488 17.4522 78.9822 17.164C79.2155 16.8711 79.5313 16.6217 79.9294 16.4158C80.3274 16.2053 80.8354 16.1001 81.4531 16.1001C82.2676 16.1001 83.002 16.3083 83.6564 16.7247C84.3153 17.1365 84.8369 17.7474 85.2213 18.5573C85.6103 19.3626 85.8047 20.351 85.8047 21.5224C85.8047 22.6801 85.6148 23.6639 85.235 24.4739C84.8552 25.2838 84.3382 25.9015 83.6838 26.3271C83.0295 26.7526 82.2882 26.9654 81.46 26.9654C80.856 26.9654 80.3549 26.8647 79.9568 26.6634C79.5587 26.4621 79.2384 26.2195 78.9959 25.9358C78.7579 25.6476 78.5726 25.3753 78.4399 25.1191H78.2958V26.7801H75.8523ZM78.2889 21.5087C78.2889 22.1905 78.385 22.7877 78.5772 23.3002C78.7739 23.8127 79.0554 24.213 79.4214 24.5013C79.7921 24.785 80.2405 24.9269 80.7667 24.9269C81.3158 24.9269 81.7757 24.7804 82.1463 24.4876C82.517 24.1902 82.7961 23.7852 82.9837 23.2727C83.1759 22.7556 83.272 22.1676 83.272 21.5087C83.272 20.8544 83.1782 20.2732 82.9906 19.7653C82.803 19.2574 82.5239 18.8593 82.1532 18.571C81.7826 18.2827 81.3204 18.1386 80.7667 18.1386C80.2359 18.1386 79.7852 18.2782 79.4146 18.5573C79.0439 18.8364 78.7625 19.2277 78.5703 19.731C78.3827 20.2343 78.2889 20.8269 78.2889 21.5087Z" />
+    <S.StyledPath d="M74.1831 17.7462V19.668H67.9508V17.7462H74.1831ZM69.5089 26.7801V16.751C69.5089 16.0417 69.6553 15.4514 69.9482 14.9801C70.2456 14.5088 70.6437 14.1564 71.1425 13.9231C71.6413 13.6897 72.1949 13.573 72.8035 13.573C73.2337 13.573 73.6157 13.6073 73.9498 13.676C74.2838 13.7446 74.5309 13.8064 74.6911 13.8613L74.1969 15.7832C74.0916 15.7511 73.9589 15.7191 73.7988 15.6871C73.6386 15.6505 73.4602 15.6322 73.2634 15.6322C72.8012 15.6322 72.4741 15.7443 72.2819 15.9685C72.0943 16.1881 72.0005 16.5039 72.0005 16.9157V26.7801H69.5089Z" />
+    <S.StyledPath d="M61.1648 26.9929C60.4967 26.9929 59.895 26.8739 59.3596 26.6359C58.8288 26.3934 58.4078 26.0365 58.0967 25.5652C57.7901 25.0939 57.6368 24.5128 57.6368 23.8218C57.6368 23.2269 57.7466 22.735 57.9663 22.3461C58.1859 21.9571 58.4856 21.646 58.8654 21.4126C59.2452 21.1793 59.6731 21.0031 60.149 20.8841C60.6294 20.7606 61.1259 20.6713 61.6384 20.6164C62.2561 20.5524 62.7572 20.4952 63.1416 20.4448C63.5259 20.3899 63.805 20.3076 63.9789 20.1977C64.1574 20.0833 64.2466 19.9072 64.2466 19.6692V19.628C64.2466 19.111 64.0933 18.7106 63.7867 18.4269C63.4802 18.1432 63.0386 18.0013 62.462 18.0013C61.8535 18.0013 61.3707 18.134 61.0138 18.3994C60.6614 18.6648 60.4235 18.9783 60.3 19.3398L57.98 19.0103C58.163 18.3697 58.465 17.8343 58.886 17.4042C59.307 16.9695 59.8218 16.6446 60.4304 16.4295C61.0389 16.2099 61.7116 16.1001 62.4483 16.1001C62.9562 16.1001 63.4619 16.1596 63.9652 16.2785C64.4685 16.3975 64.9284 16.5943 65.3448 16.8688C65.7612 17.1388 66.0953 17.5071 66.3469 17.9739C66.6032 18.4406 66.7313 19.024 66.7313 19.7241V26.7801H64.3427V25.3318H64.2603C64.1093 25.6247 63.8966 25.8992 63.622 26.1555C63.352 26.4072 63.0111 26.6108 62.5993 26.7664C62.1921 26.9174 61.7139 26.9929 61.1648 26.9929ZM61.81 25.1671C62.3087 25.1671 62.7412 25.0687 63.1072 24.872C63.4733 24.6706 63.7547 24.4052 63.9515 24.0758C64.1528 23.7463 64.2535 23.3871 64.2535 22.9982V21.7558C64.1757 21.8199 64.043 21.8794 63.8554 21.9343C63.6723 21.9892 63.4664 22.0372 63.2376 22.0784C63.0089 22.1196 62.7823 22.1562 62.5581 22.1882C62.3339 22.2203 62.1394 22.2477 61.9747 22.2706C61.6041 22.3209 61.2723 22.4033 60.9795 22.5177C60.6866 22.6321 60.4555 22.7922 60.2862 22.9982C60.1169 23.1995 60.0323 23.4603 60.0323 23.7806C60.0323 24.2382 60.1993 24.5837 60.5333 24.817C60.8674 25.0504 61.2929 25.1671 61.81 25.1671Z" />
+    <S.StyledPath d="M49.7783 23.4718L49.7714 20.4723H50.1695L53.9583 16.2373H56.8617L52.2012 21.4264H51.6864L49.7783 23.4718ZM47.5132 26.7801V13.6661H49.9979V26.7801H47.5132ZM54.1299 26.7801L50.698 21.9823L52.3728 20.2321L57.1019 26.7801H54.1299Z" />
+  </S.StyledSVG>
+);
+
+export default HeaderLogo;
diff --git a/frontend/src/components/AuthPage/SignIn/BasicSignIn/BasicSignIn.styled.tsx b/frontend/src/components/AuthPage/SignIn/BasicSignIn/BasicSignIn.styled.tsx
new file mode 100644
index 000000000..5b59c859d
--- /dev/null
+++ b/frontend/src/components/AuthPage/SignIn/BasicSignIn/BasicSignIn.styled.tsx
@@ -0,0 +1,37 @@
+import styled from 'styled-components';
+
+export const Form = styled.form`
+  display: flex;
+  flex-direction: column;
+  align-items: center;
+  justify-content: center;
+  gap: 40px;
+
+  div {
+    width: 100%;
+  }
+`;
+
+export const Fieldset = styled.fieldset`
+  display: flex;
+  flex-direction: column;
+  align-items: center;
+  justify-content: center;
+  gap: 16px;
+  border: none;
+`;
+
+export const Field = styled.div`
+  ${({ theme }) => theme.auth_page.signIn.label};
+  display: flex;
+  flex-direction: column;
+  justify-content: flex-start;
+  align-items: flex-start;
+  gap: 4px;
+`;
+
+export const Label = styled.label`
+  font-size: 12px;
+  font-weight: 500;
+  line-height: 16px;
+`;
diff --git a/frontend/src/components/AuthPage/SignIn/BasicSignIn/BasicSignIn.tsx b/frontend/src/components/AuthPage/SignIn/BasicSignIn/BasicSignIn.tsx
new file mode 100644
index 000000000..01a8cc875
--- /dev/null
+++ b/frontend/src/components/AuthPage/SignIn/BasicSignIn/BasicSignIn.tsx
@@ -0,0 +1,52 @@
+import React from 'react';
+import { Button } from 'components/common/Button/Button';
+import Input from 'components/common/Input/Input';
+import { FormProvider, useForm } from 'react-hook-form';
+
+import * as S from './BasicSignIn.styled';
+
+interface FormValues {
+  username: string;
+  password: string;
+}
+
+function BasicSignIn() {
+  const methods = useForm<FormValues>();
+
+  return (
+    <FormProvider {...methods}>
+      <S.Form style={{ width: '100%' }}>
+        <S.Fieldset style={{ width: '100%' }}>
+          <S.Field>
+            <S.Label htmlFor="username">Username</S.Label>
+            <Input
+              name="username"
+              id="username"
+              placeholder="Enter your username"
+              style={{ borderRadius: '8px' }}
+            />
+          </S.Field>
+          <S.Field>
+            <S.Label htmlFor="password">Password</S.Label>
+            <Input
+              name="password"
+              id="password"
+              placeholder="Enter your password"
+              style={{ borderRadius: '8px' }}
+            />
+          </S.Field>
+        </S.Fieldset>
+        <Button
+          buttonSize="L"
+          buttonType="primary"
+          onClick={() => console.log('click')}
+          style={{ width: '100%', borderRadius: '8px' }}
+        >
+          Log in
+        </Button>
+      </S.Form>
+    </FormProvider>
+  );
+}
+
+export default BasicSignIn;
diff --git a/frontend/src/components/AuthPage/SignIn/ServiceSignIn/AuthCard/AuthCard.styled.tsx b/frontend/src/components/AuthPage/SignIn/ServiceSignIn/AuthCard/AuthCard.styled.tsx
new file mode 100644
index 000000000..118e6b981
--- /dev/null
+++ b/frontend/src/components/AuthPage/SignIn/ServiceSignIn/AuthCard/AuthCard.styled.tsx
@@ -0,0 +1,58 @@
+import styled, { css } from 'styled-components';
+import GitHubIcon from 'components/common/Icons/GitHubIcon';
+
+export const AuthCardStyled = styled.div(
+  ({ theme }) => css`
+    display: flex;
+    flex-direction: column;
+    gap: 16px;
+    padding: 16px;
+    width: 400px;
+    border: 1px solid black;
+    border: 1px solid ${theme.auth_page.signIn.authCard.borderColor};
+    border-radius: ${theme.auth_page.signIn.authCard.borderRadius};
+    background-color: ${theme.auth_page.signIn.authCard.backgroundColor};
+  `
+);
+
+export const ServiceData = styled.div(
+  ({ theme }) => css`
+    display: flex;
+    gap: 8px;
+    align-items: center;
+
+    svg,
+    img {
+      margin: 8px;
+      width: 48px;
+      height: 48px;
+    }
+
+    ${GitHubIcon} {
+      fill: ${theme.auth_page.icons.githubColor};
+    }
+  `
+);
+
+export const ServiceDataTextContainer = styled.div`
+  display: flex;
+  flex-direction: column;
+`;
+
+export const ServiceNameStyled = styled.span(
+  ({ theme }) => css`
+    color: ${theme.auth_page.signIn.authCard.serviceNamecolor};
+    font-size: 16px;
+    font-weight: 500;
+    line-height: 24px;
+  `
+);
+
+export const ServiceTextStyled = styled.span(
+  ({ theme }) => css`
+    color: ${theme.auth_page.signIn.authCard.serviceTextColor};
+    font-size: 12px;
+    font-weight: 500;
+    line-height: 16px;
+  `
+);
diff --git a/frontend/src/components/AuthPage/SignIn/ServiceSignIn/AuthCard/AuthCard.tsx b/frontend/src/components/AuthPage/SignIn/ServiceSignIn/AuthCard/AuthCard.tsx
new file mode 100644
index 000000000..6dc2db526
--- /dev/null
+++ b/frontend/src/components/AuthPage/SignIn/ServiceSignIn/AuthCard/AuthCard.tsx
@@ -0,0 +1,36 @@
+import React, { ElementType } from 'react';
+import { Button } from 'components/common/Button/Button';
+import ServiceImage from 'components/common/Icons/ServiceImage';
+
+import * as S from './AuthCard.styled';
+
+interface Props {
+  serviceName: string;
+  Icon?: ElementType;
+}
+
+function AuthCard({ serviceName, Icon = ServiceImage }: Props) {
+  return (
+    <S.AuthCardStyled>
+      <S.ServiceData>
+        <Icon />
+        <S.ServiceDataTextContainer>
+          <S.ServiceNameStyled>{serviceName}</S.ServiceNameStyled>
+          <S.ServiceTextStyled>
+            Use an account issued by the organization
+          </S.ServiceTextStyled>
+        </S.ServiceDataTextContainer>
+      </S.ServiceData>
+      <Button
+        buttonSize="L"
+        buttonType="primary"
+        onClick={() => console.log('click')}
+        style={{ borderRadius: '8px', fontSize: '14px' }}
+      >
+        Log in with {serviceName}
+      </Button>
+    </S.AuthCardStyled>
+  );
+}
+
+export default AuthCard;
diff --git a/frontend/src/components/AuthPage/SignIn/ServiceSignIn/ServiceSignIn.styled.tsx b/frontend/src/components/AuthPage/SignIn/ServiceSignIn/ServiceSignIn.styled.tsx
new file mode 100644
index 000000000..6f3d67bbd
--- /dev/null
+++ b/frontend/src/components/AuthPage/SignIn/ServiceSignIn/ServiceSignIn.styled.tsx
@@ -0,0 +1,7 @@
+import styled from 'styled-components';
+
+export const ServiceSignInStyled = styled.div`
+  display: flex;
+  flex-direction: column;
+  gap: 8px;
+`;
diff --git a/frontend/src/components/AuthPage/SignIn/ServiceSignIn/ServiceSignIn.tsx b/frontend/src/components/AuthPage/SignIn/ServiceSignIn/ServiceSignIn.tsx
new file mode 100644
index 000000000..2255a80e9
--- /dev/null
+++ b/frontend/src/components/AuthPage/SignIn/ServiceSignIn/ServiceSignIn.tsx
@@ -0,0 +1,18 @@
+import React from 'react';
+import GitHubIcon from 'components/common/Icons/GitHubIcon';
+import GoogleIcon from 'components/common/Icons/GoogleIcon';
+
+import * as S from './ServiceSignIn.styled';
+import AuthCard from './AuthCard/AuthCard';
+
+function ServiceSignIn() {
+  return (
+    <S.ServiceSignInStyled>
+      <AuthCard Icon={GitHubIcon} serviceName="Github" />
+      <AuthCard Icon={GoogleIcon} serviceName="Google" />
+      <AuthCard serviceName="Service" />
+    </S.ServiceSignInStyled>
+  );
+}
+
+export default ServiceSignIn;
diff --git a/frontend/src/components/AuthPage/SignIn/SignIn.styled.tsx b/frontend/src/components/AuthPage/SignIn/SignIn.styled.tsx
new file mode 100644
index 000000000..c36847b79
--- /dev/null
+++ b/frontend/src/components/AuthPage/SignIn/SignIn.styled.tsx
@@ -0,0 +1,18 @@
+import styled, { css } from 'styled-components';
+
+export const SignInStyled = styled.div`
+  display: flex;
+  flex-direction: column;
+  align-items: center;
+  justify-content: center;
+  width: 320px;
+  gap: 56px;
+`;
+
+export const SignInTitle = styled.span(
+  ({ theme }) => css`
+    color: ${theme.auth_page.signIn.titleColor};
+    font-size: 24px;
+    font-weight: 600;
+  `
+);
diff --git a/frontend/src/components/AuthPage/SignIn/SignIn.tsx b/frontend/src/components/AuthPage/SignIn/SignIn.tsx
new file mode 100644
index 000000000..3f63cf623
--- /dev/null
+++ b/frontend/src/components/AuthPage/SignIn/SignIn.tsx
@@ -0,0 +1,21 @@
+import React from 'react';
+
+import BasicSignIn from './BasicSignIn/BasicSignIn';
+import * as S from './SignIn.styled';
+import ServiceSignIn from './ServiceSignIn/ServiceSignIn';
+
+interface Props {
+  type: 'service' | 'basic';
+}
+
+function SignInForm({ type }: Props) {
+  return (
+    <S.SignInStyled>
+      <S.SignInTitle>Sign in</S.SignInTitle>
+      {type === 'basic' && <BasicSignIn />}
+      {type === 'service' && <ServiceSignIn />}
+    </S.SignInStyled>
+  );
+}
+
+export default SignInForm;
diff --git a/frontend/src/components/common/Icons/GoogleIcon.tsx b/frontend/src/components/common/Icons/GoogleIcon.tsx
new file mode 100644
index 000000000..2e569dbfe
--- /dev/null
+++ b/frontend/src/components/common/Icons/GoogleIcon.tsx
@@ -0,0 +1,32 @@
+import React from 'react';
+import styled from 'styled-components';
+
+function GoogleIcon() {
+  return (
+    <svg
+      width="64"
+      height="64"
+      viewBox="0 0 64 64"
+      xmlns="http://www.w3.org/2000/svg"
+    >
+      <path
+        d="M31.9993 17.2799C36.506 17.2799 39.5459 19.2265 41.2792 20.8532L48.0525 14.2399C43.8925 10.3733 38.4793 8 31.9993 8C22.6128 8 14.5062 13.3866 10.5596 21.2265L18.3195 27.2531C20.2661 21.4665 25.6527 17.2799 31.9993 17.2799Z"
+        fill="#EA4335"
+      />
+      <path
+        d="M55.0398 32.5328C55.0398 30.5595 54.8798 29.1195 54.5331 27.6262H32V36.5328H45.2265C44.9599 38.7461 43.5199 42.0794 40.3199 44.3194L47.8932 50.186C52.4264 45.9994 55.0398 39.8394 55.0398 32.5328Z"
+        fill="#4285F4"
+      />
+      <path
+        d="M18.3466 36.7464C17.8399 35.2531 17.5466 33.6531 17.5466 31.9998C17.5466 30.3465 17.8399 28.7465 18.3199 27.2532L10.56 21.2266C8.93332 24.4799 8 28.1332 8 31.9998C8 35.8664 8.93332 39.5197 10.56 42.773L18.3466 36.7464Z"
+        fill="#FBBC05"
+      />
+      <path
+        d="M31.999 55.9992C38.479 55.9992 43.9189 53.8659 47.8922 50.1859L40.319 44.3193C38.2923 45.7327 35.5723 46.7193 31.999 46.7193C25.6524 46.7193 20.2658 42.5327 18.3459 36.7461L10.5859 42.7727C14.5326 50.6126 22.6125 55.9992 31.999 55.9992Z"
+        fill="#34A853"
+      />
+    </svg>
+  );
+}
+
+export default styled(GoogleIcon)``;
diff --git a/frontend/src/components/common/Icons/ServiceImage.tsx b/frontend/src/components/common/Icons/ServiceImage.tsx
new file mode 100644
index 000000000..9311334f1
--- /dev/null
+++ b/frontend/src/components/common/Icons/ServiceImage.tsx
@@ -0,0 +1,11 @@
+import React from 'react';
+
+interface Props {
+  serviceName: string;
+}
+
+function ServiceImage({ serviceName }: Props) {
+  return <img src="serviceImage.png" alt={serviceName} />;
+}
+
+export default ServiceImage;
diff --git a/frontend/src/theme/theme.ts b/frontend/src/theme/theme.ts
index f6cd2bacc..bb246bd2d 100644
--- a/frontend/src/theme/theme.ts
+++ b/frontend/src/theme/theme.ts
@@ -79,6 +79,42 @@ const Colors = {
 
 const baseTheme = {
   defaultIconColor: Colors.neutral[50],
+  auth_page: {
+    backgroundColor: Colors.brand[0],
+    fontFamily: 'Inter, sans-serif',
+    header: {
+      cellBorderColor: Colors.brand[10],
+      LogoBgColor: Colors.brand[90],
+      LogoTextColor: Colors.brand[0],
+    },
+    signIn: {
+      titleColor: Colors.brand[90],
+      label: {
+        color: Colors.brand[70],
+      },
+      authCard: {
+        borderRadius: '16px',
+        borderColor: Colors.brand[10],
+        backgroundColor: Colors.brand[0],
+        serviceNamecolor: Colors.brand[90],
+        serviceTextColor: Colors.brand[50],
+      },
+    },
+    footer: {
+      fontSize: '12px',
+      span: {
+        color: Colors.brand[70],
+        fontWeight: 500,
+      },
+      p: {
+        color: Colors.brand[50],
+        fontWeight: 400,
+      },
+    },
+    icons: {
+      githubColor: Colors.brand[90],
+    },
+  },
   heading: {
     h1: {
       color: Colors.neutral[90],
@@ -821,6 +857,36 @@ export type ThemeType = typeof theme;
 
 export const darkTheme: ThemeType = {
   ...baseTheme,
+  auth_page: {
+    backgroundColor: Colors.neutral[90],
+    fontFamily: baseTheme.auth_page.fontFamily,
+    header: {
+      cellBorderColor: Colors.brand[80],
+      LogoBgColor: Colors.brand[0],
+      LogoTextColor: Colors.brand[90],
+    },
+    signIn: {
+      titleColor: Colors.brand[0],
+      label: {
+        color: Colors.brand[30],
+      },
+      authCard: {
+        ...baseTheme.auth_page.signIn.authCard,
+        backgroundColor: Colors.brand[85],
+        serviceNamecolor: Colors.brand[0],
+      },
+    },
+    footer: {
+      ...baseTheme.auth_page.footer,
+      span: {
+        color: Colors.brand[10],
+        fontWeight: 500,
+      },
+    },
+    icons: {
+      githubColor: Colors.brand[0],
+    },
+  },
   logo: {
     color: '#FDFDFD',
   },

From 09f207009df9d641188a7d0233e9753c34cf89eb Mon Sep 17 00:00:00 2001
From: Renat Kalimulin <pianoparrot93@gmail.com>
Date: Sun, 17 Nov 2024 16:03:57 +0300
Subject: [PATCH 05/15] feat: auth page

---
 frontend/src/components/App.tsx               | 25 +++++++------
 frontend/src/components/AuthPage/AuthPage.tsx |  5 ++-
 .../src/components/AuthPage/Footer/Footer.tsx |  8 ++---
 .../AuthCard/AuthCard.styled.tsx              |  9 +++++
 .../AuthCard/AuthCard.tsx                     | 11 +++---
 .../OAuthSignIn.styled.tsx}                   |  2 +-
 .../SignIn/OAuthSignIn/OAuthSignIn.tsx        | 35 +++++++++++++++++++
 .../SignIn/ServiceSignIn/ServiceSignIn.tsx    | 18 ----------
 .../src/components/AuthPage/SignIn/SignIn.tsx | 16 ++++++---
 .../src/components/common/Button/Button.tsx   |  3 +-
 frontend/src/lib/hooks/api/appConfig.ts       |  8 +++++
 11 files changed, 91 insertions(+), 49 deletions(-)
 rename frontend/src/components/AuthPage/SignIn/{ServiceSignIn => OAuthSignIn}/AuthCard/AuthCard.styled.tsx (85%)
 rename frontend/src/components/AuthPage/SignIn/{ServiceSignIn => OAuthSignIn}/AuthCard/AuthCard.tsx (73%)
 rename frontend/src/components/AuthPage/SignIn/{ServiceSignIn/ServiceSignIn.styled.tsx => OAuthSignIn/OAuthSignIn.styled.tsx} (67%)
 create mode 100644 frontend/src/components/AuthPage/SignIn/OAuthSignIn/OAuthSignIn.tsx
 delete mode 100644 frontend/src/components/AuthPage/SignIn/ServiceSignIn/ServiceSignIn.tsx

diff --git a/frontend/src/components/App.tsx b/frontend/src/components/App.tsx
index 108be9191..413d397be 100644
--- a/frontend/src/components/App.tsx
+++ b/frontend/src/components/App.tsx
@@ -1,5 +1,5 @@
 import React, { Suspense, useContext } from 'react';
-import { Routes, Route, Navigate, useLocation } from 'react-router-dom';
+import { Routes, Route, Navigate, useMatch } from 'react-router-dom';
 import {
   accessErrorPage,
   clusterPath,
@@ -50,17 +50,16 @@ const queryClient = new QueryClient({
 });
 const App: React.FC = () => {
   const { isDarkMode } = useContext(ThemeModeContext);
-  const location = useLocation();
-  const isAuthPage = location.pathname === '/auth';
+  const isAuthRoute = useMatch('/auth/*');
 
   return (
     <QueryClientProvider client={queryClient}>
-      <GlobalSettingsProvider>
-        <ThemeProvider theme={isDarkMode ? darkTheme : theme}>
-          <Suspense fallback={<PageLoader fullSize />}>
-            {isAuthPage ? (
-              <AuthPage />
-            ) : (
+      <ThemeProvider theme={isDarkMode ? darkTheme : theme}>
+        {isAuthRoute ? (
+          <AuthPage />
+        ) : (
+          <GlobalSettingsProvider>
+            <Suspense fallback={<PageLoader fullSize />}>
               <UserInfoRolesAccessProvider>
                 <ConfirmContextProvider>
                   <GlobalCSS />
@@ -100,10 +99,10 @@ const App: React.FC = () => {
                   <ConfirmationModal />
                 </ConfirmContextProvider>
               </UserInfoRolesAccessProvider>
-            )}
-          </Suspense>
-        </ThemeProvider>
-      </GlobalSettingsProvider>
+            </Suspense>
+          </GlobalSettingsProvider>
+        )}
+      </ThemeProvider>
       <ReactQueryDevtools initialIsOpen={false} position="bottom-right" />
     </QueryClientProvider>
   );
diff --git a/frontend/src/components/AuthPage/AuthPage.tsx b/frontend/src/components/AuthPage/AuthPage.tsx
index 9d40e6274..9adf7f783 100644
--- a/frontend/src/components/AuthPage/AuthPage.tsx
+++ b/frontend/src/components/AuthPage/AuthPage.tsx
@@ -1,4 +1,5 @@
 import React from 'react';
+import { useAuthSettings } from 'lib/hooks/api/appConfig';
 
 import Footer from './Footer/Footer';
 import Header from './Header/Header';
@@ -6,10 +7,12 @@ import SignIn from './SignIn/SignIn';
 import * as S from './AuthPage.styled';
 
 function AuthPage() {
+  const { data } = useAuthSettings();
+
   return (
     <S.AuthPageStyled>
       <Header />
-      <SignIn type="service" />
+      {data && <SignIn appAuthenticationSettings={data} />}
       <Footer />
     </S.AuthPageStyled>
   );
diff --git a/frontend/src/components/AuthPage/Footer/Footer.tsx b/frontend/src/components/AuthPage/Footer/Footer.tsx
index ad9a19085..484559e8d 100644
--- a/frontend/src/components/AuthPage/Footer/Footer.tsx
+++ b/frontend/src/components/AuthPage/Footer/Footer.tsx
@@ -5,16 +5,16 @@ import { useLatestVersion } from 'lib/hooks/api/latestVersion';
 import * as S from './Footer.styled';
 
 function Footer() {
-  const { data: latestVersionInfo = {} } = useLatestVersion();
-  const { versionTag } = latestVersionInfo.latestRelease;
-  const { commitId } = latestVersionInfo.build;
+  // const { data: latestVersionInfo = {} } = useLatestVersion();
+  // const { versionTag } = latestVersionInfo.latestRelease;
+  // const { commitId } = latestVersionInfo.build;
 
   return (
     <S.FooterStyledWrapper>
       <S.AppVersionStyled>
         <GitHubIcon />
         <S.AppVersionTextStyled>
-          {versionTag} ({commitId})
+          {/* {versionTag} ({commitId}) */}
         </S.AppVersionTextStyled>
       </S.AppVersionStyled>
       <S.InformationTextStyled>
diff --git a/frontend/src/components/AuthPage/SignIn/ServiceSignIn/AuthCard/AuthCard.styled.tsx b/frontend/src/components/AuthPage/SignIn/OAuthSignIn/AuthCard/AuthCard.styled.tsx
similarity index 85%
rename from frontend/src/components/AuthPage/SignIn/ServiceSignIn/AuthCard/AuthCard.styled.tsx
rename to frontend/src/components/AuthPage/SignIn/OAuthSignIn/AuthCard/AuthCard.styled.tsx
index 118e6b981..189e0b843 100644
--- a/frontend/src/components/AuthPage/SignIn/ServiceSignIn/AuthCard/AuthCard.styled.tsx
+++ b/frontend/src/components/AuthPage/SignIn/OAuthSignIn/AuthCard/AuthCard.styled.tsx
@@ -1,5 +1,7 @@
 import styled, { css } from 'styled-components';
 import GitHubIcon from 'components/common/Icons/GitHubIcon';
+import { Link } from 'react-router-dom';
+import { Button } from 'components/common/Button/Button';
 
 export const AuthCardStyled = styled.div(
   ({ theme }) => css`
@@ -56,3 +58,10 @@ export const ServiceTextStyled = styled.span(
     line-height: 16px;
   `
 );
+
+export const ServiceButton = styled(Button)`
+  width: 100%;
+  border-radius: 8px;
+  font-size: 14px;
+  text-decoration: none;
+`
diff --git a/frontend/src/components/AuthPage/SignIn/ServiceSignIn/AuthCard/AuthCard.tsx b/frontend/src/components/AuthPage/SignIn/OAuthSignIn/AuthCard/AuthCard.tsx
similarity index 73%
rename from frontend/src/components/AuthPage/SignIn/ServiceSignIn/AuthCard/AuthCard.tsx
rename to frontend/src/components/AuthPage/SignIn/OAuthSignIn/AuthCard/AuthCard.tsx
index 6dc2db526..fc1162039 100644
--- a/frontend/src/components/AuthPage/SignIn/ServiceSignIn/AuthCard/AuthCard.tsx
+++ b/frontend/src/components/AuthPage/SignIn/OAuthSignIn/AuthCard/AuthCard.tsx
@@ -1,15 +1,15 @@
 import React, { ElementType } from 'react';
-import { Button } from 'components/common/Button/Button';
 import ServiceImage from 'components/common/Icons/ServiceImage';
 
 import * as S from './AuthCard.styled';
 
 interface Props {
   serviceName: string;
+  authPath: string | undefined;
   Icon?: ElementType;
 }
 
-function AuthCard({ serviceName, Icon = ServiceImage }: Props) {
+function AuthCard({ serviceName, authPath, Icon = ServiceImage }: Props) {
   return (
     <S.AuthCardStyled>
       <S.ServiceData>
@@ -21,14 +21,13 @@ function AuthCard({ serviceName, Icon = ServiceImage }: Props) {
           </S.ServiceTextStyled>
         </S.ServiceDataTextContainer>
       </S.ServiceData>
-      <Button
+      <S.ServiceButton
         buttonSize="L"
         buttonType="primary"
-        onClick={() => console.log('click')}
-        style={{ borderRadius: '8px', fontSize: '14px' }}
+        to={`http://localhost:8080${authPath}`}
       >
         Log in with {serviceName}
-      </Button>
+      </S.ServiceButton>
     </S.AuthCardStyled>
   );
 }
diff --git a/frontend/src/components/AuthPage/SignIn/ServiceSignIn/ServiceSignIn.styled.tsx b/frontend/src/components/AuthPage/SignIn/OAuthSignIn/OAuthSignIn.styled.tsx
similarity index 67%
rename from frontend/src/components/AuthPage/SignIn/ServiceSignIn/ServiceSignIn.styled.tsx
rename to frontend/src/components/AuthPage/SignIn/OAuthSignIn/OAuthSignIn.styled.tsx
index 6f3d67bbd..26bf22207 100644
--- a/frontend/src/components/AuthPage/SignIn/ServiceSignIn/ServiceSignIn.styled.tsx
+++ b/frontend/src/components/AuthPage/SignIn/OAuthSignIn/OAuthSignIn.styled.tsx
@@ -1,6 +1,6 @@
 import styled from 'styled-components';
 
-export const ServiceSignInStyled = styled.div`
+export const OAuthSignInStyled = styled.div`
   display: flex;
   flex-direction: column;
   gap: 8px;
diff --git a/frontend/src/components/AuthPage/SignIn/OAuthSignIn/OAuthSignIn.tsx b/frontend/src/components/AuthPage/SignIn/OAuthSignIn/OAuthSignIn.tsx
new file mode 100644
index 000000000..e333f29ba
--- /dev/null
+++ b/frontend/src/components/AuthPage/SignIn/OAuthSignIn/OAuthSignIn.tsx
@@ -0,0 +1,35 @@
+import React, { ElementType } from 'react';
+import GitHubIcon from 'components/common/Icons/GitHubIcon';
+import GoogleIcon from 'components/common/Icons/GoogleIcon';
+import ServiceImage from 'components/common/Icons/ServiceImage';
+import { OAuthProvider } from 'generated-sources';
+
+import * as S from './OAuthSignIn.styled';
+import AuthCard from './AuthCard/AuthCard';
+
+interface Props {
+  oAuthProviders: OAuthProvider[] | undefined;
+}
+
+const ServiceIconMap: Record<string, ElementType> = {
+  github: GitHubIcon,
+  google: GoogleIcon,
+  unknownService: ServiceImage,
+};
+
+function OAuthSignIn({ oAuthProviders }: Props) {
+  return (
+    <S.OAuthSignInStyled>
+      {oAuthProviders?.map((provider) => (
+        <AuthCard
+          key={provider.clientName}
+          authPath={provider.authorizationUri}
+          Icon={ServiceIconMap[provider.clientName?.toLowerCase() || 'unknownService']}
+          serviceName={provider.clientName || ''}
+        />
+      ))}
+    </S.OAuthSignInStyled>
+  );
+}
+
+export default OAuthSignIn;
diff --git a/frontend/src/components/AuthPage/SignIn/ServiceSignIn/ServiceSignIn.tsx b/frontend/src/components/AuthPage/SignIn/ServiceSignIn/ServiceSignIn.tsx
deleted file mode 100644
index 2255a80e9..000000000
--- a/frontend/src/components/AuthPage/SignIn/ServiceSignIn/ServiceSignIn.tsx
+++ /dev/null
@@ -1,18 +0,0 @@
-import React from 'react';
-import GitHubIcon from 'components/common/Icons/GitHubIcon';
-import GoogleIcon from 'components/common/Icons/GoogleIcon';
-
-import * as S from './ServiceSignIn.styled';
-import AuthCard from './AuthCard/AuthCard';
-
-function ServiceSignIn() {
-  return (
-    <S.ServiceSignInStyled>
-      <AuthCard Icon={GitHubIcon} serviceName="Github" />
-      <AuthCard Icon={GoogleIcon} serviceName="Google" />
-      <AuthCard serviceName="Service" />
-    </S.ServiceSignInStyled>
-  );
-}
-
-export default ServiceSignIn;
diff --git a/frontend/src/components/AuthPage/SignIn/SignIn.tsx b/frontend/src/components/AuthPage/SignIn/SignIn.tsx
index 3f63cf623..fb93f9e89 100644
--- a/frontend/src/components/AuthPage/SignIn/SignIn.tsx
+++ b/frontend/src/components/AuthPage/SignIn/SignIn.tsx
@@ -1,19 +1,25 @@
 import React from 'react';
+import { AppAuthenticationSettings, AuthType } from 'generated-sources';
 
 import BasicSignIn from './BasicSignIn/BasicSignIn';
 import * as S from './SignIn.styled';
-import ServiceSignIn from './ServiceSignIn/ServiceSignIn';
+import OAuthSignIn from './OAuthSignIn/OAuthSignIn';
 
 interface Props {
-  type: 'service' | 'basic';
+  appAuthenticationSettings: AppAuthenticationSettings;
 }
 
-function SignInForm({ type }: Props) {
+function SignInForm({ appAuthenticationSettings }: Props) {
+  const { authType, oAuthProviders } = appAuthenticationSettings;
+
   return (
     <S.SignInStyled>
       <S.SignInTitle>Sign in</S.SignInTitle>
-      {type === 'basic' && <BasicSignIn />}
-      {type === 'service' && <ServiceSignIn />}
+      {(authType === AuthType.LDAP ||
+        authType === AuthType.LOGIN_FORM) && <BasicSignIn />}
+      {authType === AuthType.OAUTH2 && (
+        <OAuthSignIn oAuthProviders={oAuthProviders} />
+      )}
     </S.SignInStyled>
   );
 }
diff --git a/frontend/src/components/common/Button/Button.tsx b/frontend/src/components/common/Button/Button.tsx
index 828b5d301..8964b6e17 100644
--- a/frontend/src/components/common/Button/Button.tsx
+++ b/frontend/src/components/common/Button/Button.tsx
@@ -9,6 +9,7 @@ export interface Props
     ButtonProps {
   to?: string | object;
   inProgress?: boolean;
+  className?: string;
 }
 
 export const Button: FC<Props> = ({
@@ -20,7 +21,7 @@ export const Button: FC<Props> = ({
 }) => {
   if (to) {
     return (
-      <Link to={to}>
+      <Link to={to} className={props.className}>
         <StyledButton disabled={disabled} type="button" {...props}>
           {children}
         </StyledButton>
diff --git a/frontend/src/lib/hooks/api/appConfig.ts b/frontend/src/lib/hooks/api/appConfig.ts
index e3ee0fdcb..66d746c33 100644
--- a/frontend/src/lib/hooks/api/appConfig.ts
+++ b/frontend/src/lib/hooks/api/appConfig.ts
@@ -6,6 +6,14 @@ import {
 } from 'generated-sources';
 import { QUERY_REFETCH_OFF_OPTIONS } from 'lib/constants';
 
+export function useAuthSettings() {
+  return useQuery(
+    ['app', 'authSettings'],
+    () => api.getAuthenticationSettings(),
+    QUERY_REFETCH_OFF_OPTIONS
+  );
+}
+
 export function useAppInfo() {
   return useQuery(
     ['app', 'info'],

From 09062ef240c557ad49be78a4d13594b92f3e61ac Mon Sep 17 00:00:00 2001
From: Renat Kalimulin <pianoparrot93@gmail.com>
Date: Tue, 17 Dec 2024 12:10:31 +0300
Subject: [PATCH 06/15] feat: auth page

---
 .../main/resources/swagger/kafbat-ui-api.yaml |  3 +
 frontend/src/components/AuthPage/AuthPage.tsx |  2 -
 .../AuthPage/Footer/Footer.styled.tsx         | 45 ---------
 .../src/components/AuthPage/Footer/Footer.tsx | 28 ------
 .../SignIn/BasicSignIn/BasicSignIn.styled.tsx | 19 ++++
 .../SignIn/BasicSignIn/BasicSignIn.tsx        | 91 ++++++++++++++-----
 .../OAuthSignIn/AuthCard/AuthCard.styled.tsx  |  3 +-
 .../SignIn/OAuthSignIn/OAuthSignIn.tsx        |  6 +-
 .../AuthPage/SignIn/SignIn.styled.tsx         |  1 +
 .../src/components/AuthPage/SignIn/SignIn.tsx |  5 +-
 .../components/NavBar/UserInfo/UserInfo.tsx   |  2 +-
 .../src/components/common/Icons/AlertIcon.tsx | 22 +++++
 .../contexts/GlobalSettingsContext.tsx        |  9 ++
 frontend/src/lib/hooks/api/appConfig.ts       | 11 ++-
 frontend/src/theme/theme.ts                   |  6 ++
 frontend/vite.config.ts                       | 16 ++++
 16 files changed, 164 insertions(+), 105 deletions(-)
 delete mode 100644 frontend/src/components/AuthPage/Footer/Footer.styled.tsx
 delete mode 100644 frontend/src/components/AuthPage/Footer/Footer.tsx
 create mode 100644 frontend/src/components/common/Icons/AlertIcon.tsx

diff --git a/contract/src/main/resources/swagger/kafbat-ui-api.yaml b/contract/src/main/resources/swagger/kafbat-ui-api.yaml
index d1215ec87..f1ce3702c 100644
--- a/contract/src/main/resources/swagger/kafbat-ui-api.yaml
+++ b/contract/src/main/resources/swagger/kafbat-ui-api.yaml
@@ -2256,7 +2256,10 @@ paths:
 
   /auth:
     post:
+      tags:
+        - ApplicationConfig
       summary: Authenticate
+      operationId: authenticate
       requestBody:
         required: true
         content:
diff --git a/frontend/src/components/AuthPage/AuthPage.tsx b/frontend/src/components/AuthPage/AuthPage.tsx
index 9adf7f783..a5ce93313 100644
--- a/frontend/src/components/AuthPage/AuthPage.tsx
+++ b/frontend/src/components/AuthPage/AuthPage.tsx
@@ -1,7 +1,6 @@
 import React from 'react';
 import { useAuthSettings } from 'lib/hooks/api/appConfig';
 
-import Footer from './Footer/Footer';
 import Header from './Header/Header';
 import SignIn from './SignIn/SignIn';
 import * as S from './AuthPage.styled';
@@ -13,7 +12,6 @@ function AuthPage() {
     <S.AuthPageStyled>
       <Header />
       {data && <SignIn appAuthenticationSettings={data} />}
-      <Footer />
     </S.AuthPageStyled>
   );
 }
diff --git a/frontend/src/components/AuthPage/Footer/Footer.styled.tsx b/frontend/src/components/AuthPage/Footer/Footer.styled.tsx
deleted file mode 100644
index 63fa63010..000000000
--- a/frontend/src/components/AuthPage/Footer/Footer.styled.tsx
+++ /dev/null
@@ -1,45 +0,0 @@
-import styled, { css } from 'styled-components';
-import GitHubIcon from 'components/common/Icons/GitHubIcon';
-
-export const FooterStyledWrapper = styled.div`
-  display: flex;
-  flex-direction: column;
-  align-items: center;
-  gap: 8px;
-  padding: 19px 150px;
-  font-size: 12px;
-`;
-
-export const AppVersionStyled = styled.div(
-  ({ theme }) => css`
-    display: flex;
-    align-items: center;
-    justify-content: center;
-    gap: 5px;
-    width: 200px;
-
-    ${GitHubIcon} {
-      width: 14px;
-      height: 14px;
-      fill: ${theme.auth_page.icons.githubColor};
-    }
-  `
-);
-
-export const AppVersionTextStyled = styled.span(
-  ({ theme }) => css`
-    font-weight: ${theme.auth_page.footer.span.fontWeight};
-    line-height: 18px;
-    color: ${theme.auth_page.footer.span.color};
-  `
-);
-
-export const InformationTextStyled = styled.p(
-  ({ theme }) => css`
-    font-size: 12px;
-    font-weight: ${theme.auth_page.footer.p.fontWeight};
-    line-height: 16px;
-    color: ${theme.auth_page.footer.p.color};
-    text-align: center;
-  `
-);
diff --git a/frontend/src/components/AuthPage/Footer/Footer.tsx b/frontend/src/components/AuthPage/Footer/Footer.tsx
deleted file mode 100644
index 484559e8d..000000000
--- a/frontend/src/components/AuthPage/Footer/Footer.tsx
+++ /dev/null
@@ -1,28 +0,0 @@
-import React from 'react';
-import GitHubIcon from 'components/common/Icons/GitHubIcon';
-import { useLatestVersion } from 'lib/hooks/api/latestVersion';
-
-import * as S from './Footer.styled';
-
-function Footer() {
-  // const { data: latestVersionInfo = {} } = useLatestVersion();
-  // const { versionTag } = latestVersionInfo.latestRelease;
-  // const { commitId } = latestVersionInfo.build;
-
-  return (
-    <S.FooterStyledWrapper>
-      <S.AppVersionStyled>
-        <GitHubIcon />
-        <S.AppVersionTextStyled>
-          {/* {versionTag} ({commitId}) */}
-        </S.AppVersionTextStyled>
-      </S.AppVersionStyled>
-      <S.InformationTextStyled>
-        Access to the system is provided by your system administrator. If you
-        have any questions, please contact your system administrator
-      </S.InformationTextStyled>
-    </S.FooterStyledWrapper>
-  );
-}
-
-export default Footer;
diff --git a/frontend/src/components/AuthPage/SignIn/BasicSignIn/BasicSignIn.styled.tsx b/frontend/src/components/AuthPage/SignIn/BasicSignIn/BasicSignIn.styled.tsx
index 5b59c859d..919fa662b 100644
--- a/frontend/src/components/AuthPage/SignIn/BasicSignIn/BasicSignIn.styled.tsx
+++ b/frontend/src/components/AuthPage/SignIn/BasicSignIn/BasicSignIn.styled.tsx
@@ -6,6 +6,7 @@ export const Form = styled.form`
   align-items: center;
   justify-content: center;
   gap: 40px;
+  width: 100%;
 
   div {
     width: 100%;
@@ -19,6 +20,7 @@ export const Fieldset = styled.fieldset`
   justify-content: center;
   gap: 16px;
   border: none;
+  width: 100%;
 `;
 
 export const Field = styled.div`
@@ -35,3 +37,20 @@ export const Label = styled.label`
   font-weight: 500;
   line-height: 16px;
 `;
+
+export const ErrorMessage = styled.div`
+  display: flex;
+  column-gap: 2px;
+  align-items: center;
+  justify-content: center;
+  font-weight: 400;
+  font-size: 14px;
+  line-height: 20px;
+`;
+
+export const ErrorMessageText = styled.span`
+  ${({ theme }) => theme.auth_page.signIn.errorMessage};
+  font-weight: 400;
+  font-size: 14px;
+  line-height: 20px;
+`;
diff --git a/frontend/src/components/AuthPage/SignIn/BasicSignIn/BasicSignIn.tsx b/frontend/src/components/AuthPage/SignIn/BasicSignIn/BasicSignIn.tsx
index 01a8cc875..0bb6c8a75 100644
--- a/frontend/src/components/AuthPage/SignIn/BasicSignIn/BasicSignIn.tsx
+++ b/frontend/src/components/AuthPage/SignIn/BasicSignIn/BasicSignIn.tsx
@@ -1,7 +1,10 @@
 import React from 'react';
 import { Button } from 'components/common/Button/Button';
 import Input from 'components/common/Input/Input';
-import { FormProvider, useForm } from 'react-hook-form';
+import { Controller, FormProvider, useForm } from 'react-hook-form';
+import { useAuthenticate } from 'lib/hooks/api/appConfig';
+import AlertIcon from 'components/common/Icons/AlertIcon';
+import { useNavigate } from 'react-router-dom';
 
 import * as S from './BasicSignIn.styled';
 
@@ -11,36 +14,78 @@ interface FormValues {
 }
 
 function BasicSignIn() {
-  const methods = useForm<FormValues>();
+  const methods = useForm<FormValues>({
+    defaultValues: { username: '', password: '' },
+  });
+  const navigate = useNavigate();
+  const { mutateAsync } = useAuthenticate();
+
+  const onSubmit = async (data: FormValues) => {
+    await mutateAsync(data, {
+      onSuccess(response) {
+        if (response.raw.url.includes('error')) {
+          methods.setError('root', { message: 'error' });
+        } else {
+          navigate('/');
+        }
+      },
+    });
+  };
 
   return (
     <FormProvider {...methods}>
-      <S.Form style={{ width: '100%' }}>
-        <S.Fieldset style={{ width: '100%' }}>
-          <S.Field>
-            <S.Label htmlFor="username">Username</S.Label>
-            <Input
-              name="username"
-              id="username"
-              placeholder="Enter your username"
-              style={{ borderRadius: '8px' }}
-            />
-          </S.Field>
-          <S.Field>
-            <S.Label htmlFor="password">Password</S.Label>
-            <Input
-              name="password"
-              id="password"
-              placeholder="Enter your password"
-              style={{ borderRadius: '8px' }}
-            />
-          </S.Field>
+      <S.Form onSubmit={methods.handleSubmit(onSubmit)}>
+        <S.Fieldset>
+          {methods.formState.errors.root && (
+            <S.ErrorMessage>
+              <AlertIcon />
+              <S.ErrorMessageText>
+                Username or password entered incorrectly
+              </S.ErrorMessageText>
+            </S.ErrorMessage>
+          )}
+          <Controller
+            name="username"
+            control={methods.control}
+            render={({ field }) => (
+              <S.Field>
+                <S.Label htmlFor={field.name}>Username</S.Label>
+                <Input
+                  onChange={field.onChange}
+                  value={field.value}
+                  name={field.name}
+                  id={field.name}
+                  placeholder="Enter your username"
+                  style={{ borderRadius: '8px' }}
+                />
+              </S.Field>
+            )}
+          />
+          <Controller
+            name="password"
+            control={methods.control}
+            render={({ field }) => (
+              <S.Field>
+                <S.Label htmlFor={field.name}>Password</S.Label>
+                <Input
+                  onChange={field.onChange}
+                  value={field.value}
+                  name={field.name}
+                  type="password"
+                  id={field.name}
+                  placeholder="Enter your password"
+                  style={{ borderRadius: '8px' }}
+                />
+              </S.Field>
+            )}
+          />
         </S.Fieldset>
         <Button
           buttonSize="L"
           buttonType="primary"
-          onClick={() => console.log('click')}
+          type="submit"
           style={{ width: '100%', borderRadius: '8px' }}
+          disabled={!methods.formState.isValid}
         >
           Log in
         </Button>
diff --git a/frontend/src/components/AuthPage/SignIn/OAuthSignIn/AuthCard/AuthCard.styled.tsx b/frontend/src/components/AuthPage/SignIn/OAuthSignIn/AuthCard/AuthCard.styled.tsx
index 189e0b843..d1eae050f 100644
--- a/frontend/src/components/AuthPage/SignIn/OAuthSignIn/AuthCard/AuthCard.styled.tsx
+++ b/frontend/src/components/AuthPage/SignIn/OAuthSignIn/AuthCard/AuthCard.styled.tsx
@@ -1,6 +1,5 @@
 import styled, { css } from 'styled-components';
 import GitHubIcon from 'components/common/Icons/GitHubIcon';
-import { Link } from 'react-router-dom';
 import { Button } from 'components/common/Button/Button';
 
 export const AuthCardStyled = styled.div(
@@ -64,4 +63,4 @@ export const ServiceButton = styled(Button)`
   border-radius: 8px;
   font-size: 14px;
   text-decoration: none;
-`
+`;
diff --git a/frontend/src/components/AuthPage/SignIn/OAuthSignIn/OAuthSignIn.tsx b/frontend/src/components/AuthPage/SignIn/OAuthSignIn/OAuthSignIn.tsx
index e333f29ba..5814a99c5 100644
--- a/frontend/src/components/AuthPage/SignIn/OAuthSignIn/OAuthSignIn.tsx
+++ b/frontend/src/components/AuthPage/SignIn/OAuthSignIn/OAuthSignIn.tsx
@@ -24,7 +24,11 @@ function OAuthSignIn({ oAuthProviders }: Props) {
         <AuthCard
           key={provider.clientName}
           authPath={provider.authorizationUri}
-          Icon={ServiceIconMap[provider.clientName?.toLowerCase() || 'unknownService']}
+          Icon={
+            ServiceIconMap[
+              provider.clientName?.toLowerCase() || 'unknownService'
+            ]
+          }
           serviceName={provider.clientName || ''}
         />
       ))}
diff --git a/frontend/src/components/AuthPage/SignIn/SignIn.styled.tsx b/frontend/src/components/AuthPage/SignIn/SignIn.styled.tsx
index c36847b79..0f24b45fd 100644
--- a/frontend/src/components/AuthPage/SignIn/SignIn.styled.tsx
+++ b/frontend/src/components/AuthPage/SignIn/SignIn.styled.tsx
@@ -7,6 +7,7 @@ export const SignInStyled = styled.div`
   justify-content: center;
   width: 320px;
   gap: 56px;
+  flex-grow: 1;
 `;
 
 export const SignInTitle = styled.span(
diff --git a/frontend/src/components/AuthPage/SignIn/SignIn.tsx b/frontend/src/components/AuthPage/SignIn/SignIn.tsx
index fb93f9e89..88c6e1df1 100644
--- a/frontend/src/components/AuthPage/SignIn/SignIn.tsx
+++ b/frontend/src/components/AuthPage/SignIn/SignIn.tsx
@@ -15,8 +15,9 @@ function SignInForm({ appAuthenticationSettings }: Props) {
   return (
     <S.SignInStyled>
       <S.SignInTitle>Sign in</S.SignInTitle>
-      {(authType === AuthType.LDAP ||
-        authType === AuthType.LOGIN_FORM) && <BasicSignIn />}
+      {(authType === AuthType.LDAP || authType === AuthType.LOGIN_FORM) && (
+        <BasicSignIn />
+      )}
       {authType === AuthType.OAUTH2 && (
         <OAuthSignIn oAuthProviders={oAuthProviders} />
       )}
diff --git a/frontend/src/components/NavBar/UserInfo/UserInfo.tsx b/frontend/src/components/NavBar/UserInfo/UserInfo.tsx
index dae43364c..b52cc7631 100644
--- a/frontend/src/components/NavBar/UserInfo/UserInfo.tsx
+++ b/frontend/src/components/NavBar/UserInfo/UserInfo.tsx
@@ -19,7 +19,7 @@ const UserInfo = () => {
         </S.Wrapper>
       }
     >
-      <DropdownItem href={`${window.basePath}/logout`}>
+      <DropdownItem href="logout">
         <S.LogoutLink>Log out</S.LogoutLink>
       </DropdownItem>
     </Dropdown>
diff --git a/frontend/src/components/common/Icons/AlertIcon.tsx b/frontend/src/components/common/Icons/AlertIcon.tsx
new file mode 100644
index 000000000..3c79f78e6
--- /dev/null
+++ b/frontend/src/components/common/Icons/AlertIcon.tsx
@@ -0,0 +1,22 @@
+import React from 'react';
+
+const AlertIcon: React.FC = () => {
+  return (
+    <svg
+      width="16"
+      height="16"
+      viewBox="0 0 16 16"
+      fill="none"
+      xmlns="http://www.w3.org/2000/svg"
+    >
+      <path
+        fillRule="evenodd"
+        clipRule="evenodd"
+        d="M9.09265 2.06673C8.60703 1.25046 7.39297 1.25046 6.90735 2.06673L1.17092 11.7088C0.685293 12.5251 1.29232 13.5454 2.26357 13.5454H13.7364C14.7077 13.5454 15.3147 12.5251 14.8291 11.7088L9.09265 2.06673ZM7 6C7 5.44772 7.44772 5 8 5C8.55228 5 9 5.44772 9 6V8C9 8.55228 8.55228 9 8 9C7.44772 9 7 8.55228 7 8V6ZM7 11C7 10.4477 7.44772 10 8 10C8.55228 10 9 10.4477 9 11C9 11.5523 8.55228 12 8 12C7.44772 12 7 11.5523 7 11Z"
+        fill="#E63B19"
+      />
+    </svg>
+  );
+};
+
+export default AlertIcon;
diff --git a/frontend/src/components/contexts/GlobalSettingsContext.tsx b/frontend/src/components/contexts/GlobalSettingsContext.tsx
index 4de05307b..bcf87841f 100644
--- a/frontend/src/components/contexts/GlobalSettingsContext.tsx
+++ b/frontend/src/components/contexts/GlobalSettingsContext.tsx
@@ -1,6 +1,7 @@
 import { useAppInfo } from 'lib/hooks/api/appConfig';
 import React from 'react';
 import { ApplicationInfoEnabledFeaturesEnum } from 'generated-sources';
+import { useNavigate } from 'react-router-dom';
 
 interface GlobalSettingsContextProps {
   hasDynamicConfig: boolean;
@@ -15,6 +16,14 @@ export const GlobalSettingsProvider: React.FC<
   React.PropsWithChildren<unknown>
 > = ({ children }) => {
   const info = useAppInfo();
+  const navigate = useNavigate();
+
+  React.useEffect(() => {
+    if (info.data?.raw.url.includes('auth')) {
+      navigate('auth');
+    }
+  }, []);
+
   const value = React.useMemo(() => {
     const features = info.data?.enabledFeatures || [];
     return {
diff --git a/frontend/src/lib/hooks/api/appConfig.ts b/frontend/src/lib/hooks/api/appConfig.ts
index 66d746c33..22f5da0dd 100644
--- a/frontend/src/lib/hooks/api/appConfig.ts
+++ b/frontend/src/lib/hooks/api/appConfig.ts
@@ -14,10 +14,19 @@ export function useAuthSettings() {
   );
 }
 
+export function useAuthenticate() {
+  return useMutation({
+    mutationFn: (params: { username: string; password: string }) =>
+      api.authenticateRaw(params, {
+        headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
+      }),
+  });
+}
+
 export function useAppInfo() {
   return useQuery(
     ['app', 'info'],
-    () => api.getApplicationInfo(),
+    () => api.getApplicationInfoRaw(),
     QUERY_REFETCH_OFF_OPTIONS
   );
 }
diff --git a/frontend/src/theme/theme.ts b/frontend/src/theme/theme.ts
index bb246bd2d..bdfe93271 100644
--- a/frontend/src/theme/theme.ts
+++ b/frontend/src/theme/theme.ts
@@ -57,6 +57,7 @@ const Colors = {
     '10': '#FAD1D1',
     '20': '#F5A3A3',
     '50': '#E51A1A',
+    '52': '#E63B19',
     '55': '#CF1717',
     '60': '#B81414',
   },
@@ -89,6 +90,9 @@ const baseTheme = {
     },
     signIn: {
       titleColor: Colors.brand[90],
+      errorMessage: {
+        color: Colors.red[52],
+      },
       label: {
         color: Colors.brand[70],
       },
@@ -866,12 +870,14 @@ export const darkTheme: ThemeType = {
       LogoTextColor: Colors.brand[90],
     },
     signIn: {
+      ...baseTheme.auth_page.signIn,
       titleColor: Colors.brand[0],
       label: {
         color: Colors.brand[30],
       },
       authCard: {
         ...baseTheme.auth_page.signIn.authCard,
+        borderColor: Colors.brand[80],
         backgroundColor: Colors.brand[85],
         serviceNamecolor: Colors.brand[0],
       },
diff --git a/frontend/vite.config.ts b/frontend/vite.config.ts
index 3a4e861e9..6cf7c0f15 100644
--- a/frontend/vite.config.ts
+++ b/frontend/vite.config.ts
@@ -3,6 +3,7 @@ import react from '@vitejs/plugin-react-swc';
 import tsconfigPaths from 'vite-tsconfig-paths';
 import { ViteEjsPlugin } from 'vite-plugin-ejs';
 import checker from 'vite-plugin-checker';
+import { IncomingMessage } from 'http';
 
 export default defineConfig(({ mode }) => {
   process.env = { ...process.env, ...loadEnv(mode, process.cwd()) };
@@ -87,6 +88,21 @@ export default defineConfig(({ mode }) => {
     ...defaultConfig.server,
     open: true,
     proxy: {
+      '/auth': {
+        target: isProxy,
+        changeOrigin: true,
+        secure: false,
+        bypass: (req: IncomingMessage) => {
+          if (req.method === 'GET') {
+            return req.url;
+          }
+        },
+      },
+      '/logout': {
+        target: isProxy,
+        changeOrigin: true,
+        secure: false,
+      },
       '/api': {
         target: isProxy,
         changeOrigin: true,

From 92b7db64857a7361ca9407f8ab93c1420d59290d Mon Sep 17 00:00:00 2001
From: Roman Zabaluev <gpg@haarolean.dev>
Date: Tue, 17 Dec 2024 23:09:51 +0800
Subject: [PATCH 07/15] Fix missing controller tag

---
 .../main/resources/swagger/kafbat-ui-api.yaml |  2 +-
 frontend/src/lib/api.ts                       |  2 ++
 frontend/src/lib/hooks/api/appConfig.ts       | 19 +++++++++++--------
 3 files changed, 14 insertions(+), 9 deletions(-)

diff --git a/contract/src/main/resources/swagger/kafbat-ui-api.yaml b/contract/src/main/resources/swagger/kafbat-ui-api.yaml
index f1ce3702c..2e0c8df14 100644
--- a/contract/src/main/resources/swagger/kafbat-ui-api.yaml
+++ b/contract/src/main/resources/swagger/kafbat-ui-api.yaml
@@ -2257,7 +2257,7 @@ paths:
   /auth:
     post:
       tags:
-        - ApplicationConfig
+        - Unmapped
       summary: Authenticate
       operationId: authenticate
       requestBody:
diff --git a/frontend/src/lib/api.ts b/frontend/src/lib/api.ts
index 19423d2ac..d6f409ea2 100644
--- a/frontend/src/lib/api.ts
+++ b/frontend/src/lib/api.ts
@@ -11,6 +11,7 @@ import {
   AuthorizationApi,
   ApplicationConfigApi,
   AclsApi,
+  UnmappedApi,
 } from 'generated-sources';
 import { BASE_PARAMS } from 'lib/constants';
 
@@ -27,3 +28,4 @@ export const consumerGroupsApiClient = new ConsumerGroupsApi(apiClientConf);
 export const authApiClient = new AuthorizationApi(apiClientConf);
 export const appConfigApiClient = new ApplicationConfigApi(apiClientConf);
 export const aclApiClient = new AclsApi(apiClientConf);
+export const internalApiClient = new UnmappedApi(apiClientConf);
diff --git a/frontend/src/lib/hooks/api/appConfig.ts b/frontend/src/lib/hooks/api/appConfig.ts
index 22f5da0dd..088bca092 100644
--- a/frontend/src/lib/hooks/api/appConfig.ts
+++ b/frontend/src/lib/hooks/api/appConfig.ts
@@ -1,4 +1,7 @@
-import { appConfigApiClient as api } from 'lib/api';
+import {
+  appConfigApiClient as appConfig,
+  internalApiClient as internalApi,
+} from 'lib/api';
 import { useMutation, useQuery, useQueryClient } from '@tanstack/react-query';
 import {
   ApplicationConfig,
@@ -9,7 +12,7 @@ import { QUERY_REFETCH_OFF_OPTIONS } from 'lib/constants';
 export function useAuthSettings() {
   return useQuery(
     ['app', 'authSettings'],
-    () => api.getAuthenticationSettings(),
+    () => appConfig.getAuthenticationSettings(),
     QUERY_REFETCH_OFF_OPTIONS
   );
 }
@@ -17,7 +20,7 @@ export function useAuthSettings() {
 export function useAuthenticate() {
   return useMutation({
     mutationFn: (params: { username: string; password: string }) =>
-      api.authenticateRaw(params, {
+      internalApi.authenticateRaw(params, {
         headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
       }),
   });
@@ -26,13 +29,13 @@ export function useAuthenticate() {
 export function useAppInfo() {
   return useQuery(
     ['app', 'info'],
-    () => api.getApplicationInfoRaw(),
+    () => appConfig.getApplicationInfoRaw(),
     QUERY_REFETCH_OFF_OPTIONS
   );
 }
 
 export function useAppConfig() {
-  return useQuery(['app', 'config'], () => api.getCurrentConfig());
+  return useQuery(['app', 'config'], () => appConfig.getCurrentConfig());
 }
 
 function aggregateClusters(
@@ -64,7 +67,7 @@ export function useUpdateAppConfig({
   const client = useQueryClient();
   return useMutation(
     async (cluster: ApplicationConfigPropertiesKafkaClusters) => {
-      const existingConfig = await api.getCurrentConfig();
+      const existingConfig = await appConfig.getCurrentConfig();
 
       const clusters = aggregateClusters(
         cluster,
@@ -80,7 +83,7 @@ export function useUpdateAppConfig({
           kafka: { clusters },
         },
       };
-      return api.restartWithConfig({ restartRequest: { config } });
+      return appConfig.restartWithConfig({ restartRequest: { config } });
     },
     {
       onSuccess: () => client.invalidateQueries(['app', 'config']),
@@ -99,7 +102,7 @@ export function useAppConfigFilesUpload() {
 
 export function useValidateAppConfig() {
   return useMutation((config: ApplicationConfigPropertiesKafkaClusters) =>
-    api.validateConfig({
+    appConfig.validateConfig({
       applicationConfig: { properties: { kafka: { clusters: [config] } } },
     })
   );

From 8e78c51af035cf4a7d5f3920a5a5e676ce7dbfd8 Mon Sep 17 00:00:00 2001
From: Renat Kalimulin <pianoparrot93@gmail.com>
Date: Tue, 17 Dec 2024 20:10:08 +0300
Subject: [PATCH 08/15] feat: auth page

---
 frontend/src/components/AuthPage/AuthPage.tsx |  4 +++-
 .../SignIn/BasicSignIn/BasicSignIn.tsx        |  1 +
 .../SignIn/OAuthSignIn/AuthCard/AuthCard.tsx  |  2 +-
 .../src/components/AuthPage/SignIn/SignIn.tsx |  9 ++++-----
 .../contexts/GlobalSettingsContext.tsx        | 20 +++++++++++--------
 5 files changed, 21 insertions(+), 15 deletions(-)

diff --git a/frontend/src/components/AuthPage/AuthPage.tsx b/frontend/src/components/AuthPage/AuthPage.tsx
index a5ce93313..ceae3069a 100644
--- a/frontend/src/components/AuthPage/AuthPage.tsx
+++ b/frontend/src/components/AuthPage/AuthPage.tsx
@@ -11,7 +11,9 @@ function AuthPage() {
   return (
     <S.AuthPageStyled>
       <Header />
-      {data && <SignIn appAuthenticationSettings={data} />}
+      {data && (
+        <SignIn authType={data.authType} oAuthProviders={data.oAuthProviders} />
+      )}
     </S.AuthPageStyled>
   );
 }
diff --git a/frontend/src/components/AuthPage/SignIn/BasicSignIn/BasicSignIn.tsx b/frontend/src/components/AuthPage/SignIn/BasicSignIn/BasicSignIn.tsx
index 0bb6c8a75..6684dd2c7 100644
--- a/frontend/src/components/AuthPage/SignIn/BasicSignIn/BasicSignIn.tsx
+++ b/frontend/src/components/AuthPage/SignIn/BasicSignIn/BasicSignIn.tsx
@@ -27,6 +27,7 @@ function BasicSignIn() {
           methods.setError('root', { message: 'error' });
         } else {
           navigate('/');
+          window.location.reload();
         }
       },
     });
diff --git a/frontend/src/components/AuthPage/SignIn/OAuthSignIn/AuthCard/AuthCard.tsx b/frontend/src/components/AuthPage/SignIn/OAuthSignIn/AuthCard/AuthCard.tsx
index fc1162039..065a2ab0c 100644
--- a/frontend/src/components/AuthPage/SignIn/OAuthSignIn/AuthCard/AuthCard.tsx
+++ b/frontend/src/components/AuthPage/SignIn/OAuthSignIn/AuthCard/AuthCard.tsx
@@ -24,7 +24,7 @@ function AuthCard({ serviceName, authPath, Icon = ServiceImage }: Props) {
       <S.ServiceButton
         buttonSize="L"
         buttonType="primary"
-        to={`http://localhost:8080${authPath}`}
+        to={`${window.basePath}${authPath}`}
       >
         Log in with {serviceName}
       </S.ServiceButton>
diff --git a/frontend/src/components/AuthPage/SignIn/SignIn.tsx b/frontend/src/components/AuthPage/SignIn/SignIn.tsx
index 88c6e1df1..987ee5ebf 100644
--- a/frontend/src/components/AuthPage/SignIn/SignIn.tsx
+++ b/frontend/src/components/AuthPage/SignIn/SignIn.tsx
@@ -1,17 +1,16 @@
 import React from 'react';
-import { AppAuthenticationSettings, AuthType } from 'generated-sources';
+import { AuthType, OAuthProvider } from 'generated-sources';
 
 import BasicSignIn from './BasicSignIn/BasicSignIn';
 import * as S from './SignIn.styled';
 import OAuthSignIn from './OAuthSignIn/OAuthSignIn';
 
 interface Props {
-  appAuthenticationSettings: AppAuthenticationSettings;
+  authType?: AuthType;
+  oAuthProviders?: OAuthProvider[];
 }
 
-function SignInForm({ appAuthenticationSettings }: Props) {
-  const { authType, oAuthProviders } = appAuthenticationSettings;
-
+function SignInForm({ authType, oAuthProviders }: Props) {
   return (
     <S.SignInStyled>
       <S.SignInTitle>Sign in</S.SignInTitle>
diff --git a/frontend/src/components/contexts/GlobalSettingsContext.tsx b/frontend/src/components/contexts/GlobalSettingsContext.tsx
index bcf87841f..27fb25cb4 100644
--- a/frontend/src/components/contexts/GlobalSettingsContext.tsx
+++ b/frontend/src/components/contexts/GlobalSettingsContext.tsx
@@ -17,20 +17,24 @@ export const GlobalSettingsProvider: React.FC<
 > = ({ children }) => {
   const info = useAppInfo();
   const navigate = useNavigate();
+  const [value, setValue] = React.useState<GlobalSettingsContextProps>({
+    hasDynamicConfig: false,
+  });
 
   React.useEffect(() => {
     if (info.data?.raw.url.includes('auth')) {
       navigate('auth');
+      return;
     }
-  }, []);
 
-  const value = React.useMemo(() => {
-    const features = info.data?.enabledFeatures || [];
-    return {
-      hasDynamicConfig: features.includes(
-        ApplicationInfoEnabledFeaturesEnum.DYNAMIC_CONFIG
-      ),
-    };
+    info.data?.value().then((res) => {
+      const features = res?.enabledFeatures || [];
+      setValue({
+        hasDynamicConfig: features.includes(
+          ApplicationInfoEnabledFeaturesEnum.DYNAMIC_CONFIG
+        ),
+      });
+    });
   }, [info.data]);
 
   return (

From b8161ebc2e6ecae31f07560c8b2f67f932d72f6e Mon Sep 17 00:00:00 2001
From: Renat Kalimulin <pianoparrot93@gmail.com>
Date: Wed, 18 Dec 2024 14:54:38 +0300
Subject: [PATCH 09/15] feat: auth page

---
 .../SignIn/BasicSignIn/BasicSignIn.tsx         |  6 ++++--
 .../contexts/GlobalSettingsContext.tsx         | 11 ++++++-----
 frontend/src/lib/hooks/api/appConfig.ts        | 18 ++++++++++++++++--
 3 files changed, 26 insertions(+), 9 deletions(-)

diff --git a/frontend/src/components/AuthPage/SignIn/BasicSignIn/BasicSignIn.tsx b/frontend/src/components/AuthPage/SignIn/BasicSignIn/BasicSignIn.tsx
index 6684dd2c7..29a56b75f 100644
--- a/frontend/src/components/AuthPage/SignIn/BasicSignIn/BasicSignIn.tsx
+++ b/frontend/src/components/AuthPage/SignIn/BasicSignIn/BasicSignIn.tsx
@@ -7,6 +7,7 @@ import AlertIcon from 'components/common/Icons/AlertIcon';
 import { useNavigate } from 'react-router-dom';
 
 import * as S from './BasicSignIn.styled';
+import { useQueryClient } from '@tanstack/react-query';
 
 interface FormValues {
   username: string;
@@ -19,15 +20,16 @@ function BasicSignIn() {
   });
   const navigate = useNavigate();
   const { mutateAsync } = useAuthenticate();
+  const client = useQueryClient();
 
   const onSubmit = async (data: FormValues) => {
     await mutateAsync(data, {
-      onSuccess(response) {
+      onSuccess: async (response) => {
         if (response.raw.url.includes('error')) {
           methods.setError('root', { message: 'error' });
         } else {
+          await client.invalidateQueries({queryKey: ['app', 'info']});
           navigate('/');
-          window.location.reload();
         }
       },
     });
diff --git a/frontend/src/components/contexts/GlobalSettingsContext.tsx b/frontend/src/components/contexts/GlobalSettingsContext.tsx
index 27fb25cb4..a0e51ae9c 100644
--- a/frontend/src/components/contexts/GlobalSettingsContext.tsx
+++ b/frontend/src/components/contexts/GlobalSettingsContext.tsx
@@ -22,19 +22,20 @@ export const GlobalSettingsProvider: React.FC<
   });
 
   React.useEffect(() => {
-    if (info.data?.raw.url.includes('auth')) {
+    if (info.data?.redirect && !info.isFetching) {
       navigate('auth');
       return;
     }
 
-    info.data?.value().then((res) => {
-      const features = res?.enabledFeatures || [];
+    const features = info?.data?.response.enabledFeatures
+
+    if (features) {
       setValue({
         hasDynamicConfig: features.includes(
           ApplicationInfoEnabledFeaturesEnum.DYNAMIC_CONFIG
         ),
-      });
-    });
+      })
+    }
   }, [info.data]);
 
   return (
diff --git a/frontend/src/lib/hooks/api/appConfig.ts b/frontend/src/lib/hooks/api/appConfig.ts
index 088bca092..bc2491b32 100644
--- a/frontend/src/lib/hooks/api/appConfig.ts
+++ b/frontend/src/lib/hooks/api/appConfig.ts
@@ -6,6 +6,7 @@ import { useMutation, useQuery, useQueryClient } from '@tanstack/react-query';
 import {
   ApplicationConfig,
   ApplicationConfigPropertiesKafkaClusters,
+  ApplicationInfo,
 } from 'generated-sources';
 import { QUERY_REFETCH_OFF_OPTIONS } from 'lib/constants';
 
@@ -29,8 +30,21 @@ export function useAuthenticate() {
 export function useAppInfo() {
   return useQuery(
     ['app', 'info'],
-    () => appConfig.getApplicationInfoRaw(),
-    QUERY_REFETCH_OFF_OPTIONS
+    async () => {
+      const data = await appConfig.getApplicationInfoRaw()
+
+      let response: ApplicationInfo = {}
+      try {
+        response = await data.value()
+      } catch {
+        response = {}
+      }
+
+      return {
+        redirect: data.raw.url.includes('auth'),
+        response,
+      }
+    },
   );
 }
 

From f65874a963bfbf4331ccafa6dcefe1cbbac8ac74 Mon Sep 17 00:00:00 2001
From: Roman Zabaluev <gpg@haarolean.dev>
Date: Thu, 19 Dec 2024 00:40:54 +0800
Subject: [PATCH 10/15] Lint

---
 .../SignIn/BasicSignIn/BasicSignIn.tsx        |  4 +--
 .../contexts/GlobalSettingsContext.tsx        |  4 +--
 frontend/src/lib/hooks/api/appConfig.ts       | 29 +++++++++----------
 3 files changed, 17 insertions(+), 20 deletions(-)

diff --git a/frontend/src/components/AuthPage/SignIn/BasicSignIn/BasicSignIn.tsx b/frontend/src/components/AuthPage/SignIn/BasicSignIn/BasicSignIn.tsx
index 29a56b75f..e283d4eac 100644
--- a/frontend/src/components/AuthPage/SignIn/BasicSignIn/BasicSignIn.tsx
+++ b/frontend/src/components/AuthPage/SignIn/BasicSignIn/BasicSignIn.tsx
@@ -5,9 +5,9 @@ import { Controller, FormProvider, useForm } from 'react-hook-form';
 import { useAuthenticate } from 'lib/hooks/api/appConfig';
 import AlertIcon from 'components/common/Icons/AlertIcon';
 import { useNavigate } from 'react-router-dom';
+import { useQueryClient } from '@tanstack/react-query';
 
 import * as S from './BasicSignIn.styled';
-import { useQueryClient } from '@tanstack/react-query';
 
 interface FormValues {
   username: string;
@@ -28,7 +28,7 @@ function BasicSignIn() {
         if (response.raw.url.includes('error')) {
           methods.setError('root', { message: 'error' });
         } else {
-          await client.invalidateQueries({queryKey: ['app', 'info']});
+          await client.invalidateQueries({ queryKey: ['app', 'info'] });
           navigate('/');
         }
       },
diff --git a/frontend/src/components/contexts/GlobalSettingsContext.tsx b/frontend/src/components/contexts/GlobalSettingsContext.tsx
index a0e51ae9c..aa6202bf7 100644
--- a/frontend/src/components/contexts/GlobalSettingsContext.tsx
+++ b/frontend/src/components/contexts/GlobalSettingsContext.tsx
@@ -27,14 +27,14 @@ export const GlobalSettingsProvider: React.FC<
       return;
     }
 
-    const features = info?.data?.response.enabledFeatures
+    const features = info?.data?.response.enabledFeatures;
 
     if (features) {
       setValue({
         hasDynamicConfig: features.includes(
           ApplicationInfoEnabledFeaturesEnum.DYNAMIC_CONFIG
         ),
-      })
+      });
     }
   }, [info.data]);
 
diff --git a/frontend/src/lib/hooks/api/appConfig.ts b/frontend/src/lib/hooks/api/appConfig.ts
index bc2491b32..a91c6eb4b 100644
--- a/frontend/src/lib/hooks/api/appConfig.ts
+++ b/frontend/src/lib/hooks/api/appConfig.ts
@@ -28,24 +28,21 @@ export function useAuthenticate() {
 }
 
 export function useAppInfo() {
-  return useQuery(
-    ['app', 'info'],
-    async () => {
-      const data = await appConfig.getApplicationInfoRaw()
+  return useQuery(['app', 'info'], async () => {
+    const data = await appConfig.getApplicationInfoRaw();
 
-      let response: ApplicationInfo = {}
-      try {
-        response = await data.value()
-      } catch {
-        response = {}
-      }
+    let response: ApplicationInfo = {};
+    try {
+      response = await data.value();
+    } catch {
+      response = {};
+    }
 
-      return {
-        redirect: data.raw.url.includes('auth'),
-        response,
-      }
-    },
-  );
+    return {
+      redirect: data.raw.url.includes('auth'),
+      response,
+    };
+  });
 }
 
 export function useAppConfig() {

From eae23e2f81fbbfedebab63dfc1141e0a41676882 Mon Sep 17 00:00:00 2001
From: German Osin <german.osin@gmail.com>
Date: Mon, 23 Dec 2024 11:53:38 +0100
Subject: [PATCH 11/15] Fixed login page renderer

---
 .java-version                                 |  1 +
 .../auth/AbstractAuthSecurityConfig.java      |  7 ++-
 .../ui/config/auth/OAuthSecurityConfig.java   | 15 ++++--
 .../controller/AuthenticationController.java  |  6 +++
 .../kafbat/ui/util/StaticFileWebFilter.java   | 52 +++++++++++++++++++
 frontend/src/components/App.tsx               |  2 +-
 6 files changed, 78 insertions(+), 5 deletions(-)
 create mode 100644 .java-version
 create mode 100644 api/src/main/java/io/kafbat/ui/util/StaticFileWebFilter.java

diff --git a/.java-version b/.java-version
new file mode 100644
index 000000000..aabe6ec39
--- /dev/null
+++ b/.java-version
@@ -0,0 +1 @@
+21
diff --git a/api/src/main/java/io/kafbat/ui/config/auth/AbstractAuthSecurityConfig.java b/api/src/main/java/io/kafbat/ui/config/auth/AbstractAuthSecurityConfig.java
index dc58a7299..d706daef8 100644
--- a/api/src/main/java/io/kafbat/ui/config/auth/AbstractAuthSecurityConfig.java
+++ b/api/src/main/java/io/kafbat/ui/config/auth/AbstractAuthSecurityConfig.java
@@ -19,7 +19,12 @@ protected AbstractAuthSecurityConfig() {
       "/logout",
       "/oauth2/**",
       "/static/**",
-      "/api/config/authentication"
+      "/api/config/authentication",
+      "/index.html",
+      "/assets/**",
+      "/manifest.json",
+      "/favicon/**",
+      "/api/authorization"
   };
 
 }
diff --git a/api/src/main/java/io/kafbat/ui/config/auth/OAuthSecurityConfig.java b/api/src/main/java/io/kafbat/ui/config/auth/OAuthSecurityConfig.java
index 09c7df794..7b32f7d2a 100644
--- a/api/src/main/java/io/kafbat/ui/config/auth/OAuthSecurityConfig.java
+++ b/api/src/main/java/io/kafbat/ui/config/auth/OAuthSecurityConfig.java
@@ -3,6 +3,7 @@
 import io.kafbat.ui.config.auth.logout.OAuthLogoutSuccessHandler;
 import io.kafbat.ui.service.rbac.AccessControlService;
 import io.kafbat.ui.service.rbac.extractor.ProviderAuthorityExtractor;
+import io.kafbat.ui.util.StaticFileWebFilter;
 import java.util.ArrayList;
 import java.util.List;
 import java.util.Map;
@@ -16,9 +17,11 @@
 import org.springframework.boot.context.properties.EnableConfigurationProperties;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.core.io.ClassPathResource;
 import org.springframework.security.config.Customizer;
 import org.springframework.security.config.annotation.method.configuration.EnableReactiveMethodSecurity;
 import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity;
+import org.springframework.security.config.web.server.SecurityWebFiltersOrder;
 import org.springframework.security.config.web.server.ServerHttpSecurity;
 import org.springframework.security.oauth2.client.oidc.userinfo.OidcReactiveOAuth2UserService;
 import org.springframework.security.oauth2.client.oidc.userinfo.OidcUserRequest;
@@ -50,7 +53,7 @@ public class OAuthSecurityConfig extends AbstractAuthSecurityConfig {
   public SecurityWebFilterChain configure(ServerHttpSecurity http, OAuthLogoutSuccessHandler logoutHandler) {
     log.info("Configuring OAUTH2 authentication.");
 
-    return http.authorizeExchange(spec -> spec
+    ServerHttpSecurity builder = http.authorizeExchange(spec -> spec
             .pathMatchers(AUTH_WHITELIST)
             .permitAll()
             .anyExchange()
@@ -58,8 +61,14 @@ public SecurityWebFilterChain configure(ServerHttpSecurity http, OAuthLogoutSucc
         )
         .oauth2Login(Customizer.withDefaults())
         .logout(spec -> spec.logoutSuccessHandler(logoutHandler))
-        .csrf(ServerHttpSecurity.CsrfSpec::disable)
-        .build();
+        .csrf(ServerHttpSecurity.CsrfSpec::disable);
+
+
+    builder.addFilterAt(new StaticFileWebFilter(
+        "/login", new ClassPathResource("/static/index.html")
+    ), SecurityWebFiltersOrder.LOGIN_PAGE_GENERATING);
+
+    return builder.build();
   }
 
   @Bean
diff --git a/api/src/main/java/io/kafbat/ui/controller/AuthenticationController.java b/api/src/main/java/io/kafbat/ui/controller/AuthenticationController.java
index b50c64546..1c7145847 100644
--- a/api/src/main/java/io/kafbat/ui/controller/AuthenticationController.java
+++ b/api/src/main/java/io/kafbat/ui/controller/AuthenticationController.java
@@ -3,6 +3,7 @@
 import java.nio.charset.Charset;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
+import org.springframework.core.io.ClassPathResource;
 import org.springframework.security.web.server.csrf.CsrfToken;
 import org.springframework.util.MultiValueMap;
 import org.springframework.web.bind.annotation.GetMapping;
@@ -15,6 +16,11 @@
 @Slf4j
 public class AuthenticationController {
 
+  @GetMapping(value = "/login", produces = {"text/html"})
+  public Mono<ClassPathResource> getLoginPage(ServerWebExchange exchange) {
+    return Mono.just(new ClassPathResource("static/index.html"));
+  }
+
   @GetMapping(value = "/auth", produces = {"text/html"})
   public Mono<byte[]> getAuth(ServerWebExchange exchange) {
     Mono<CsrfToken> token = exchange.getAttributeOrDefault(CsrfToken.class.getName(), Mono.empty());
diff --git a/api/src/main/java/io/kafbat/ui/util/StaticFileWebFilter.java b/api/src/main/java/io/kafbat/ui/util/StaticFileWebFilter.java
new file mode 100644
index 000000000..391fa8dbd
--- /dev/null
+++ b/api/src/main/java/io/kafbat/ui/util/StaticFileWebFilter.java
@@ -0,0 +1,52 @@
+package io.kafbat.ui.util;
+
+import java.io.IOException;
+import java.io.InputStream;
+import org.springframework.core.io.ClassPathResource;
+import org.springframework.core.io.buffer.DataBufferFactory;
+import org.springframework.http.HttpMethod;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.MediaType;
+import org.springframework.http.server.reactive.ServerHttpResponse;
+import org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcher;
+import org.springframework.security.web.server.util.matcher.ServerWebExchangeMatchers;
+import org.springframework.web.server.ServerWebExchange;
+import org.springframework.web.server.WebFilter;
+import org.springframework.web.server.WebFilterChain;
+import reactor.core.publisher.Mono;
+
+public class StaticFileWebFilter implements WebFilter {
+  private ServerWebExchangeMatcher matcher;
+  private String contents;
+
+  public StaticFileWebFilter(String path, ClassPathResource resource) {
+    this.matcher = ServerWebExchangeMatchers.pathMatchers(HttpMethod.GET, path);
+    try (InputStream inputStream = resource.getInputStream())  {
+      this.contents =  ResourceUtil.readAsString(resource);
+    } catch (IOException e) {
+      throw new RuntimeException(e);
+    }
+  }
+
+  @Override
+  public Mono<Void> filter(ServerWebExchange exchange, WebFilterChain chain) {
+    return this.matcher.matches(exchange)
+        .filter(ServerWebExchangeMatcher.MatchResult::isMatch)
+        .switchIfEmpty(chain.filter(exchange).then(Mono.empty()))
+        .flatMap((matchResult) -> this.render(exchange));
+  }
+
+  private Mono<Void> render(ServerWebExchange exchange) {
+    String contextPath = exchange.getRequest().getPath().contextPath().value();
+    String contentBody = contents
+        .replace("\"assets/", "\"" + contextPath + "/assets/")
+        .replace("PUBLIC-PATH-VARIABLE", contextPath);
+
+    ServerHttpResponse result = exchange.getResponse();
+    result.setStatusCode(HttpStatus.OK);
+    result.getHeaders().setContentType(MediaType.TEXT_HTML);
+    DataBufferFactory bufferFactory = exchange.getResponse().bufferFactory();
+    return result.writeWith(Mono.just(bufferFactory.wrap(contentBody.getBytes())));
+  }
+
+}
diff --git a/frontend/src/components/App.tsx b/frontend/src/components/App.tsx
index 413d397be..d15cb95a0 100644
--- a/frontend/src/components/App.tsx
+++ b/frontend/src/components/App.tsx
@@ -50,7 +50,7 @@ const queryClient = new QueryClient({
 });
 const App: React.FC = () => {
   const { isDarkMode } = useContext(ThemeModeContext);
-  const isAuthRoute = useMatch('/auth/*');
+  const isAuthRoute = useMatch('/login');
 
   return (
     <QueryClientProvider client={queryClient}>

From 6cf38817df5b2fbe7095cd37551199520105d28f Mon Sep 17 00:00:00 2001
From: German Osin <german.osin@gmail.com>
Date: Wed, 15 Jan 2025 12:44:40 +0100
Subject: [PATCH 12/15] Initial gradle support

---
 .gitignore                                    |   3 +
 api/build.gradle                              | 115 ++++++++
 api/pom.xml                                   |   4 +-
 .../kafbat/ui/config/WebclientProperties.java |   2 +-
 .../RoleBasedAccessControlProperties.java     |   2 +-
 build.gradle                                  |  31 +++
 contract/build.gradle                         | 116 ++++++++
 e2e-tests/build.gradle                        |  48 ++++
 frontend/build.gradle                         |  51 ++++
 frontend/vite.config.ts                       |   2 +-
 gradle.properties                             |   7 +
 gradle/libs.versions.toml                     | 103 ++++++++
 gradle/wrapper/gradle-wrapper.jar             | Bin 0 -> 43453 bytes
 gradle/wrapper/gradle-wrapper.properties      |   7 +
 gradlew                                       | 249 ++++++++++++++++++
 gradlew.bat                                   |  92 +++++++
 serde-api/build.gradle                        | 102 +++++++
 serde-api/gradle.properties                   |   2 +
 settings.gradle                               |  14 +
 19 files changed, 945 insertions(+), 5 deletions(-)
 create mode 100644 api/build.gradle
 create mode 100644 build.gradle
 create mode 100644 contract/build.gradle
 create mode 100644 e2e-tests/build.gradle
 create mode 100644 frontend/build.gradle
 create mode 100644 gradle.properties
 create mode 100644 gradle/libs.versions.toml
 create mode 100644 gradle/wrapper/gradle-wrapper.jar
 create mode 100644 gradle/wrapper/gradle-wrapper.properties
 create mode 100755 gradlew
 create mode 100644 gradlew.bat
 create mode 100644 serde-api/build.gradle
 create mode 100644 serde-api/gradle.properties
 create mode 100644 settings.gradle

diff --git a/.gitignore b/.gitignore
index efd6a9749..a6061e57f 100644
--- a/.gitignore
+++ b/.gitignore
@@ -42,3 +42,6 @@ build/
 *.tgz
 
 /docker/*.override.yaml
+out/
+node_modules/
+.gradle
diff --git a/api/build.gradle b/api/build.gradle
new file mode 100644
index 000000000..3def81ec6
--- /dev/null
+++ b/api/build.gradle
@@ -0,0 +1,115 @@
+
+plugins {
+    id 'antlr'
+    id 'checkstyle'
+    id 'org.springframework.boot' version '3.4.1'
+    id 'com.gorylenko.gradle-git-properties' version "2.4.2"
+}
+
+dependencies {
+    implementation project(":contract")
+    implementation project(":frontend")
+    implementation project(":serde-api")
+
+    implementation libs.spring.starter.webflux
+    implementation libs.spring.starter.security
+    implementation libs.spring.starter.actuator
+    implementation libs.spring.starter.logging
+    implementation libs.spring.starter.oauth2.client
+    implementation libs.spring.boot.actuator
+    compileOnly libs.spring.boot.devtools
+
+    implementation libs.spring.security.ldap
+
+    implementation libs.kafka.clients
+
+    implementation libs.apache.avro
+    implementation libs.apache.commons
+    implementation libs.apache.commons.pool2
+    implementation libs.apache.datasketches
+
+    implementation libs.confluent.schema.registry.client
+    implementation libs.confluent.avro.serializer
+    implementation libs.confluent.protobuf.serializer
+    implementation libs.confluent.json.schema.serializer
+
+    implementation libs.aws.msk.auth
+    implementation (libs.azure.identity) {
+        exclude group: 'io.netty', module: 'netty-tcnative-boringssl-static'
+    }
+
+    implementation libs.jackson.databind.nullable
+    implementation libs.cel
+    antlr libs.antlr
+    implementation libs.antlr.runtime
+
+    implementation libs.opendatadiscovery.oddrn
+    implementation (libs.opendatadiscovery.client) {
+        exclude group: 'org.springframework.boot', module: 'spring-boot-starter-webflux'
+        exclude group: 'io.projectreactor', module: 'reactor-core'
+        exclude group: 'io.projectreactor.ipc', module: 'reactor-netty'
+    }
+
+    runtimeOnly libs.micrometer.registry.prometheus
+
+    // CVE Fixes
+    implementation libs.apache.commons.compress
+    implementation libs.okhttp3.logging.intercepter
+
+    // Annotation processors
+    implementation libs.lombok
+    implementation libs.mapstruct
+    annotationProcessor libs.lombok
+    annotationProcessor libs.mapstruct.processor
+    annotationProcessor libs.spring.boot.configuration.processor
+    testAnnotationProcessor libs.lombok
+    testAnnotationProcessor libs.mapstruct.processor
+
+    // Tests
+    testImplementation libs.spring.starter.test
+    testImplementation libs.reactor.test
+    testImplementation libs.testcontainers
+    testImplementation libs.testcontainers.kafka
+    testImplementation libs.testcontainers.jupiter
+    testImplementation libs.junit.jupiter.engine
+    testImplementation libs.mockito.core
+    testImplementation libs.mockito.jupiter
+    testImplementation libs.bytebuddy
+    testImplementation libs.assertj
+    testImplementation libs.jsonschemavalidator
+
+    testImplementation libs.okhttp3
+    testImplementation libs.okhttp3.mockwebserver
+}
+
+generateGrammarSource {
+    maxHeapSize = "64m"
+    arguments += ["-package", "ksql"]
+}
+
+sourceSets {
+    main {
+        antlr {
+            srcDirs = ["src/main/antlr4"]
+        }
+        java {
+            srcDirs += generateGrammarSource.outputDirectory
+        }
+    }
+}
+
+tasks.withType(Checkstyle) {
+    exclude '**/ksql/**'
+}
+
+checkstyle {
+    toolVersion '10.3.1'
+    configFile = rootProject.file('etc/checkstyle/checkstyle-e2e.xml')
+    ignoreFailures = false
+    maxWarnings = 0
+    maxErrors = 0
+}
+
+test {
+    useJUnitPlatform()
+}
diff --git a/api/pom.xml b/api/pom.xml
index 3f7c044d0..4e5beb732 100644
--- a/api/pom.xml
+++ b/api/pom.xml
@@ -440,10 +440,10 @@
                                     <goal>copy-resources</goal>
                                 </goals>
                                 <configuration>
-                                    <outputDirectory>${basedir}/target/classes/static</outputDirectory>
+                                    <outputDirectory>${basedir}/target/classes/</outputDirectory>
                                     <resources>
                                         <resource>
-                                            <directory>../frontend/build</directory>
+                                            <directory>../frontend/build/vite/static</directory>
                                         </resource>
                                     </resources>
                                 </configuration>
diff --git a/api/src/main/java/io/kafbat/ui/config/WebclientProperties.java b/api/src/main/java/io/kafbat/ui/config/WebclientProperties.java
index afe0fa8ea..8b147c898 100644
--- a/api/src/main/java/io/kafbat/ui/config/WebclientProperties.java
+++ b/api/src/main/java/io/kafbat/ui/config/WebclientProperties.java
@@ -1,7 +1,7 @@
 package io.kafbat.ui.config;
 
 import io.kafbat.ui.exception.ValidationException;
-import javax.annotation.PostConstruct;
+import jakarta.annotation.PostConstruct;
 import lombok.Data;
 import org.springframework.boot.context.properties.ConfigurationProperties;
 import org.springframework.context.annotation.Configuration;
diff --git a/api/src/main/java/io/kafbat/ui/config/auth/RoleBasedAccessControlProperties.java b/api/src/main/java/io/kafbat/ui/config/auth/RoleBasedAccessControlProperties.java
index ee53d4424..8ecf12b99 100644
--- a/api/src/main/java/io/kafbat/ui/config/auth/RoleBasedAccessControlProperties.java
+++ b/api/src/main/java/io/kafbat/ui/config/auth/RoleBasedAccessControlProperties.java
@@ -1,9 +1,9 @@
 package io.kafbat.ui.config.auth;
 
 import io.kafbat.ui.model.rbac.Role;
+import jakarta.annotation.PostConstruct;
 import java.util.ArrayList;
 import java.util.List;
-import javax.annotation.PostConstruct;
 import org.springframework.boot.context.properties.ConfigurationProperties;
 
 @ConfigurationProperties("rbac")
diff --git a/build.gradle b/build.gradle
new file mode 100644
index 000000000..3e1363425
--- /dev/null
+++ b/build.gradle
@@ -0,0 +1,31 @@
+subprojects {
+    apply plugin: "java"
+
+    repositories {
+        mavenCentral()
+        maven {
+            name = 'confluent'
+            url = 'https://packages.confluent.io/maven/'
+        }
+    }
+
+    group = 'io.kafbat'
+    version = version
+
+    java {
+        sourceCompatibility = JavaVersion.VERSION_21
+        targetCompatibility = JavaVersion.VERSION_21
+    }
+}
+
+boolean resolveBooleanProperty(String propertyName, boolean defaultValue = false) {
+    def propertyValueStr = findProperty(propertyName)
+    return propertyValueStr == null ? defaultValue : propertyValueStr.toBoolean();
+}
+
+ext {
+    prod = resolveBooleanProperty("prod")
+}
+
+
+
diff --git a/contract/build.gradle b/contract/build.gradle
new file mode 100644
index 000000000..ad6e23110
--- /dev/null
+++ b/contract/build.gradle
@@ -0,0 +1,116 @@
+import org.openapitools.generator.gradle.plugin.tasks.GenerateTask
+
+plugins {
+    id "java-library"
+    id 'org.openapi.generator' version '7.9.0'
+}
+
+
+def specDir = project.layout.projectDirectory.dir("src/main/resources/swagger/")
+def targetDir = project.layout.buildDirectory.dir("generated").get()
+
+dependencies {
+    implementation libs.spring.starter.webflux
+    implementation libs.spring.starter.validation
+    api libs.swagger.integration.jakarta
+    api libs.jackson.databind.nullable
+    api libs.annotation.api
+    compileOnly libs.lombok
+    annotationProcessor libs.lombok
+}
+
+tasks.register('generateUiClient', GenerateTask) {
+    generatorName = "java"
+    inputSpec = specDir.file("kafbat-ui-api.yaml").asFile.absolutePath
+    outputDir = targetDir.dir("kafbat-ui-client").asFile.absolutePath
+    apiPackage = "io.kafbat.ui.api.api"
+    invokerPackage = "io.kafbat.ui.api"
+    modelPackage = "io.kafbat.ui.api.model"
+
+    configOptions = [library          : 'webclient',
+                     asyncNative      : 'true',
+                     useBeanValidation: 'true',
+                     dateLibrary      : 'java8',
+                     useJakartaEe     : 'true',]
+}
+
+tasks.register('generateBackendApi', GenerateTask) {
+    generatorName = "spring"
+    inputSpec = specDir.file("kafbat-ui-api.yaml").asFile.absolutePath
+    outputDir = targetDir.dir("api").asFile.absolutePath
+    apiPackage = "io.kafbat.ui.api"
+    invokerPackage = "io.kafbat.ui.api"
+    modelPackage = "io.kafbat.ui.model"
+    modelNameSuffix = "DTO"
+
+    additionalProperties = [removeEnumValuePrefix: "false"]
+
+    configOptions = [reactive                            : "true",
+                     interfaceOnly                       : "true",
+                     skipDefaultInterface                : "true",
+                     useTags                             : "true",
+                     useSpringBoot3                      : "true",
+                     dateLibrary                         : "java8",
+                     generateConstructorWithAllArgs      : "false",
+                     generatedConstructorWithRequiredArgs: "false",
+                     additionalModelTypeAnnotations      : """
+            @lombok.experimental.SuperBuilder
+            @lombok.AllArgsConstructor
+            @lombok.NoArgsConstructor
+            """]
+}
+
+tasks.register('generateConnectClient', GenerateTask) {
+    generatorName = "java"
+    inputSpec = specDir.file("kafka-connect-api.yaml").asFile.absolutePath
+    outputDir = targetDir.dir("kafka-connect-client").asFile.absolutePath
+    generateApiTests = false
+    generateModelTests = false
+    apiPackage = "io.kafbat.ui.connect.api"
+    modelPackage = "io.kafbat.ui.connect.model"
+    invokerPackage = "io.kafbat.ui.connect"
+
+
+    configOptions = [asyncNative      : "true",
+                     library          : "webclient",
+                     useJakartaEe     : "true",
+                     useBeanValidation: "true",
+                     dateLibrary      : "java8",]
+}
+
+tasks.register('generateSchemaRegistryClient', GenerateTask) {
+    generatorName = "java"
+    inputSpec = specDir.file("kafka-sr-api.yaml").asFile.absolutePath
+    outputDir = targetDir.dir("kafka-sr-client").asFile.absolutePath
+    generateApiTests = false
+    generateModelTests = false
+    apiPackage = "io.kafbat.ui.sr.api"
+    invokerPackage = "io.kafbat.ui.sr"
+    modelPackage = "io.kafbat.ui.sr.model"
+
+    configOptions = [asyncNative      : "true",
+                     library          : "webclient",
+                     useJakartaEe     : "true",
+                     useBeanValidation: "true",
+                     dateLibrary      : "java8",]
+}
+
+sourceSets {
+    main {
+        java {
+            srcDir targetDir.dir("api/src/main/java")
+            srcDir targetDir.dir("kafka-connect-client/src/main/java")
+            srcDir targetDir.dir("kafbat-ui-client/src/main/java")
+            srcDir targetDir.dir("kafka-sr-client/src/main/java")
+        }
+
+        resources {
+            srcDir specDir
+        }
+    }
+}
+
+compileJava.dependsOn generateUiClient, generateBackendApi, generateConnectClient, generateSchemaRegistryClient
+processResources.dependsOn generateUiClient, generateBackendApi, generateConnectClient, generateSchemaRegistryClient
+
+
diff --git a/e2e-tests/build.gradle b/e2e-tests/build.gradle
new file mode 100644
index 000000000..4b44e97fa
--- /dev/null
+++ b/e2e-tests/build.gradle
@@ -0,0 +1,48 @@
+plugins {
+    id 'java'
+    id 'checkstyle'
+    id 'io.qameta.allure' version '2.10.0'
+}
+
+ext {
+    kafkaVersion = "3.8.0"
+    aspectjVersion = "1.9.21"
+    allureVersion = "2.27.0"
+}
+
+dependencies {
+    implementation project(":contract")
+    implementation "org.apache.kafka:kafka_2.13:${kafkaVersion}"
+    implementation "org.aspectj:aspectjweaver:${aspectjVersion}"
+    implementation "commons-io:commons-io:2.16.1"
+    implementation "org.testng:testng:7.10.0"
+    implementation "com.codeborne:selenide:7.2.3"
+    implementation "io.qameta.allure:allure-testng:${allureVersion}"
+    implementation "io.qameta.allure:allure-selenide:${allureVersion}"
+    implementation "io.github.bonigarcia:webdrivermanager:5.8.0"
+    implementation libs.spring.starter.webflux
+    implementation "io.netty:netty-resolver-dns-native-macos:4.1.116.Final"
+
+    implementation libs.lombok
+
+    annotationProcessor libs.lombok
+    testAnnotationProcessor libs.lombok
+}
+
+checkstyle {
+    toolVersion '10.3.1'
+    configFile = rootProject.file('etc/checkstyle/checkstyle.xml')
+    ignoreFailures = false
+    maxWarnings = 10
+    maxErrors = 0
+}
+
+
+test {
+    useTestNG()
+}
+
+tasks.named('test') {
+    enabled = prod
+}
+
diff --git a/frontend/build.gradle b/frontend/build.gradle
new file mode 100644
index 000000000..db3bc3b61
--- /dev/null
+++ b/frontend/build.gradle
@@ -0,0 +1,51 @@
+plugins {
+  id 'com.github.node-gradle.node' version '7.0.2'
+}
+
+node {
+  download = !"true".equals(project.property("local_node"))
+  version = project.property("node_version").toString()
+  pnpmVersion = project.property("pnpm_version").toString()
+  nodeProjectDir = project.layout.projectDirectory
+}
+
+
+tasks.named("pnpmInstall") {
+  inputs.files(file("package.json"))
+  outputs.dir(project.layout.projectDirectory.dir("node_modules"))
+}
+
+tasks.register('generateContract', PnpmTask) {
+  dependsOn pnpmInstall
+  inputs.files(fileTree("../contract/src/main/resources"))
+  outputs.dir(project.layout.projectDirectory.dir("src/generated-sources"))
+  args = ['gen:sources']
+}
+
+
+tasks.register('buildFrontend', PnpmTask) {
+  dependsOn generateContract
+  inputs.files(fileTree("src/"))
+  outputs.dir(project.layout.buildDirectory.dir("vite"))
+  args = ['build']
+  environment = System.getenv() + [
+    "VITE_TAG": project.version,
+    // add git commit
+    "VITE_COMMIT": ""
+  ]
+}
+
+sourceSets {
+  main {
+    resources {
+      srcDir "build/vite"
+    }
+  }
+}
+
+processResources.dependsOn buildFrontend
+compileJava.dependsOn buildFrontend
+
+
+
+
diff --git a/frontend/vite.config.ts b/frontend/vite.config.ts
index 6cf7c0f15..e775a83e6 100644
--- a/frontend/vite.config.ts
+++ b/frontend/vite.config.ts
@@ -35,7 +35,7 @@ export default defineConfig(({ mode }) => {
       port: 3000,
     },
     build: {
-      outDir: 'build',
+      outDir: 'build/vite/static',
       rollupOptions: {
         output: {
           manualChunks(id: string) {
diff --git a/gradle.properties b/gradle.properties
new file mode 100644
index 000000000..6118f4e51
--- /dev/null
+++ b/gradle.properties
@@ -0,0 +1,7 @@
+description='Kafka UI'
+version=0.1.0-SNAPSHOT
+group=io.kafbat.ui
+local_node = false
+node_version = 18.17.1
+pnpm_version = 9.15.0
+tags=[]
diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml
new file mode 100644
index 000000000..44d319ce4
--- /dev/null
+++ b/gradle/libs.versions.toml
@@ -0,0 +1,103 @@
+[versions]
+spring-boot = '3.3.6'
+spring-ldap = '6.3.5'
+
+
+aws-msk-auth = '2.2.0'
+azure-identity = '1.14.2'
+
+apache-commons = '2.12.0'
+apache-datasketches = '3.1.0'
+apache-commons-compress = '1.26.0'
+
+assertj = '3.25.3'
+avro = '1.11.4'
+byte-buddy = '1.14.19'
+confluent = '7.8.0'
+
+jackson = '2.14.0'
+kafka-clients = '3.8.0'
+mapstruct = '1.6.2'
+lombok = '1.18.34'
+protobuf-java = '3.25.5'
+snakeyaml = '2.3'
+serde-api = '1.0.0'
+odd-oddrn-generator = '0.1.17'
+odd-oddrn-client = '0.1.39'
+cel = '0.3.0'
+guava = '33.3.1-jre'
+junit = '5.11.2'
+mockito = '5.14.2'
+okhttp3 = '4.12.0'
+testcontainers = '1.20.2'
+swagger-integration-jakarta = '2.2.8'
+annotation-api = '2.1.1'
+jackson-databind-nullable = '0.2.6'
+project-reactor = '3.6.12'
+micrometer = '1.13.8'
+antlr = '4.12.0'
+json-schema-validator = '2.2.14'
+
+
+[libraries]
+spring-starter-actuator = { module = 'org.springframework.boot:spring-boot-starter-actuator', version.ref = 'spring-boot' }
+spring-starter-test = { module = 'org.springframework.boot:spring-boot-starter-test', version.ref = 'spring-boot' }
+spring-starter-webflux = { module = 'org.springframework.boot:spring-boot-starter-webflux', version.ref = 'spring-boot' }
+spring-starter-security = { module = 'org.springframework.boot:spring-boot-starter-security', version.ref = 'spring-boot' }
+spring-starter-validation = { module = 'org.springframework.boot:spring-boot-starter-validation', version.ref = 'spring-boot' }
+spring-starter-oauth2-client = { module = 'org.springframework.boot:spring-boot-starter-oauth2-client', version.ref = 'spring-boot' }
+spring-starter-logging = {module = 'org.springframework.boot:spring-boot-starter-logging', version.ref = 'spring-boot'}
+spring-boot-actuator = { module = 'org.springframework.boot:spring-boot-actuator', version.ref = 'spring-boot' }
+spring-boot-devtools = { module = 'org.springframework.boot:spring-boot-devtools', version.ref = 'spring-boot' }
+spring-boot-configuration-processor = { module = 'org.springframework.boot:spring-boot-configuration-processor', version.ref = 'spring-boot' }
+
+
+spring-security-ldap = { module = 'org.springframework.security:spring-security-ldap', version.ref = 'spring-ldap' }
+
+swagger-integration-jakarta = {module = 'io.swagger.core.v3:swagger-integration-jakarta', version.ref = 'swagger-integration-jakarta'}
+lombok = {module = 'org.projectlombok:lombok', version.ref = 'lombok'}
+mapstruct = {module = 'org.mapstruct:mapstruct', version.ref = 'mapstruct'}
+mapstruct-processor = {module = 'org.mapstruct:mapstruct-processor', version.ref = 'mapstruct'}
+annotation-api = {module = 'jakarta.annotation:jakarta.annotation-api', version.ref = 'annotation-api'}
+jackson-databind-nullable = {module = 'org.openapitools:jackson-databind-nullable', version.ref = 'jackson-databind-nullable'}
+kafka-clients = { module = 'org.apache.kafka:kafka-clients', version.ref = 'kafka-clients'}
+
+apache-commons = { module = 'org.apache.commons:commons-lang3', version.ref = 'apache-commons'}
+apache-commons-compress = { module = 'org.apache.commons:commons-compress', version.ref = 'apache-commons-compress'}
+apache-commons-pool2 = { module = 'org.apache.commons:commons-pool2', version.ref = 'apache-commons'}
+apache-datasketches = { module = 'org.apache.datasketches:datasketches-java', version.ref='apache-datasketches'}
+apache-avro = { module = 'org.apache.avro:avro', version.ref = 'avro'}
+
+confluent-schema-registry-client = { module = 'io.confluent:kafka-schema-registry-client', version.ref = 'confluent'}
+confluent-avro-serializer = { module = 'io.confluent:kafka-avro-serializer', version.ref = 'confluent'}
+confluent-protobuf-serializer = { module = 'io.confluent:kafka-protobuf-serializer', version.ref = 'confluent'}
+confluent-json-schema-serializer = { module = 'io.confluent:kafka-json-schema-serializer', version.ref = 'confluent'}
+
+aws-msk-auth = { module = 'software.amazon.msk:aws-msk-iam-auth', version.ref = 'aws-msk-auth'}
+azure-identity = { module = 'com.azure:azure-identity', version.ref = 'azure-identity' }
+reactor-extra = { module = 'io.projectreactor.addons:reactor-extra', version.ref = 'project-reactor'}
+reactor-test = { module = 'io.projectreactor:reactor-test', version.ref = 'project-reactor'}
+micrometer-registry-prometheus = { module = 'io.micrometer:micrometer-registry-prometheus', version.ref = 'micrometer'}
+antlr = { module = 'org.antlr:antlr4', version.ref = 'antlr'}
+antlr-runtime = { module = 'org.antlr:antlr4-runtime', version.ref = 'antlr'}
+cel = {module='dev.cel:cel', version.ref='cel'}
+
+testcontainers = {module = 'org.testcontainers:testcontainers', version.ref='testcontainers'}
+testcontainers-kafka = {module = 'org.testcontainers:kafka', version.ref='testcontainers'}
+testcontainers-jupiter = {module = 'org.testcontainers:junit-jupiter', version.ref='testcontainers'}
+
+junit-jupiter-engine = {module = 'org.junit.jupiter:junit-jupiter-engine', version.ref='junit' }
+
+mockito-core = {module = 'org.mockito:mockito-core', version.ref = 'mockito'}
+mockito-jupiter = {module = 'org.mockito:mockito-junit-jupiter', version.ref = 'mockito'}
+
+okhttp3 = {module = 'com.squareup.okhttp3:okhttp', version.ref='okhttp3'}
+okhttp3-mockwebserver = {module = 'com.squareup.okhttp3:mockwebserver', version.ref='okhttp3'}
+okhttp3-logging-intercepter = {module = 'com.squareup.okhttp3:logging-interceptor', version.ref='okhttp3'}
+
+opendatadiscovery-oddrn = { module = 'org.opendatadiscovery:oddrn-generator-java', version.ref = 'odd-oddrn-generator'}
+opendatadiscovery-client = { module = 'org.opendatadiscovery:ingestion-contract-client', version.ref = 'odd-oddrn-client'}
+
+bytebuddy = {module = 'net.bytebuddy:byte-buddy', version.ref='byte-buddy'}
+assertj = {module = 'org.assertj:assertj-core', version.ref = 'assertj'}
+jsonschemavalidator = {module = 'com.github.java-json-tools:json-schema-validator', version.ref ='json-schema-validator'}
diff --git a/gradle/wrapper/gradle-wrapper.jar b/gradle/wrapper/gradle-wrapper.jar
new file mode 100644
index 0000000000000000000000000000000000000000..e6441136f3d4ba8a0da8d277868979cfbc8ad796
GIT binary patch
literal 43453
zcma&N1CXTcmMvW9vTb(Rwr$&4wr$(C?dmSu>@vG-+vuvg^_??!{yS%8zW-#zn-LkA
z5&1^$^{lnmUON?}LBF8_K|(?T0Ra(xUH{($5eN!MR#ZihR#HxkUPe+_R8Cn`RRs(P
z_^*#_XlXmGv7!4;*Y%p4nw?{bNp@UZHv1?Um8r6)Fei3p@ClJn0ECfg1hkeuUU@Or
zDaPa;U3fE=3L}DooL;8f;P0ipPt0Z~9P0)lbStMS)ag54=uL9ia-Lm3nh|@(Y?B`;
zx_#arJIpXH!U{fbCbI^17}6Ri*H<>OLR%c|^mh8+)*h~K8Z<V--Q23O4&HBVn~<)q
zmUaP7+TjluBM%#s1Ki#^GurGElkc7{cc6Skz+1nDVk%wAAQYx1^*wA%KSY>!9)DPf
zR2h?lbDZQ`p9P;&DQ4F0sur@TMa!Y}S8irn(%d-gi0*WxxCSk*A?3lGh=gcYN?FGl
z7D=Js!i~0=u3rox^e<cs4tSN~YA?c-d185$YFNA$Eq1&U{wh#b^OveuKoBPy0oYZ4
zAY2?B=x8yX9}pVM=cLrvugywt!e@Y3lH)i?7fvT*a`O;c)CJQ>O3i@$0=n{K1lPNU
zwmfjRVmLOCRfe=seV&P*1Iq=^i`502keY8Uy-WNPwVNNtJFx?IwA<BCEY82WDKJP<
zB^CxjFxi=mg*OyI?K3GoDfk;?-K<Z#JoxhYNeEUf896)l%7gL``44}zn)7|Rf;)SC
z_EfJr4I+3i(GiHN`R+vHqf}1wXtH?65<wKlxV1BU(#3XgtH<$Fir3S(7QeRA3)u89
zID&66K{&mq$DsB}s&o?H60{cskfh*hvn8hQW#~Q!qM04QtZvx3JEpqeKWE6|+OZW=
z(LB7}flr|t7va%>yR<KG!FYzS$bs7qXcpM&wV@~>PZo2<wCq%CszVO$mosTTuv*Mz
zOLoi?e^7B~xS22~QW8Rmnt{(AtL<HGi<_P9`0pH;3)@S9Eg`gt2X<om7C^q}pKX|*
zTy3X{nOr-xyt4=Qx1IjrzGb!_SyAv^SZcf;air&-;Ua+)5k0z=#R7@UW%)3oEjGA|
zZ#DE3px@h1k7w%|4rVIO=0Aid2A%?nBZrupg^_z5J-$$YKeDZ&q8+k7zccb<dc4D;
zz}+UYkl_eUNL3PW+reZ6UUB}=sHp~$z%Q}gZ-#ow+ffQIj|A3`B9LO*6%t@)0PV!x
ziJ=9fw_>Wo1+S(xF37LJZ~%i)kpFQ3Fw=mXfd@>%+)RpYQLnr}B~~zoof(JVm^^&f
zxKV^+3D3$A1G;qh4gPVjhrC8e(VYUHv#dy^)(RoUFM?o%W-EHxufuWf(l*@-l+7vt
z=l`qmR56K~F|v<^Pd*p~1_y^P0P^aPC##d8+HqX4IR1gu+7w#~TBFphJxF)T$2WEa
zxa?H&6=Qe7d(#tha?_1uQys2KtHQ{)Qco)qwGjrdNL7thd^G5i8Os)CHqc>iOidS}
z%nFEDdm=GXBw=yXe1W-ShHHFb?Cc70+$W~z_+}nAoHFYI1MV1wZegw*0y^tC*s%3h
zhD3tN8b=Gv&rj}!SUM6|ajSPp*58KR7MPpI{oAJCtY~JECm)*m_x>AZEu>DFgUcby
z1Qaw8lU4jZpQ_$;*7RME+gq1Ky<fW-rh4ehZ;%u960Gt5OF)<y$00S=6tVE=%Pt~(
z!&BP&2I%`@>SGG#Wql>aL~k9tLrSO()LWn*q&YxHE<sT^`N@Q|)S3y<ZACaLXO56z
zncP$~M5K!npWqz?)C50MMw=XqFtDO!3JHI*t-^8Ga&lGPHX2F0pIGdZ3w5ewE+{kf
z-&Ygi?@-h(ADD|ljIBw%VHHf1xuQ~}IeIQ5JqlA4#*Nlvd`IfDYzFa?PB=RCcFpZ4
z|HFmPZM=;^DQ_z<IPz$$+yG(H4803QQAA7vQF7;_gv|AD1bH*R-CP3f<<utDpH)Ht
zI@{uO12adp{;132YoKPx?C9{&;MtHdHb*0F0;Z~D42}#*l+WD2u?r>uzmwd1?aAtI
zBJ>P=&$=l1efe1CDU;`Fd+_;&wI07?V0aAIgc(<VS*?#8Zt!w88FJrjasA1!6>!{a
z0Jg6Y=inXc3^n!U0Atk`iCFIQooHqcWhO(qrieUOW8X(x?(RD}iYDLMjSwffH2~tB
z)oDgNBLB^AJBM1M^c5HdRx6fBfka`(LD-qrlh5jqH~);#nw|iyp)()xVYak3;Ybik
z0j`(+69aK*B>)e_p%=wu8XC&9e{AO4c~O1U`5X9}?0mrd*m$_EUek{R?DNSh(=br#
z#Q61gBzEpmy`$pA<eVn3dnmk^xq`=o2)~2c0ywsuTQsC?1WZZehsJYfK@LQ>*6!87
zSDD+=@fTY7<4A?GLqpA?Pb2z$pbCc4B4zL{BeZ?F-8`s$?>*lXXtn*NC61>|*w7J*
z$?!iB{6R-0=KFmyp1nnEmLsA-H0a6l+1uaH^g%c(p{iT&YFrbQ$&PRb8Up#X3@Zsk
zD^^&LK~111%cqlP%!_gFNa^dTYT?rhkGl}5=fL{a`UViaXWI$k-UcHJwmaH1s=S$4
z%4)PdWJX;hh5UoK?6aWoyLxX&NhNRqKam7tcOkLh{%j3K^4Mgx1@i|Pi&}<^5>hs5
zm8?uOS>%)NzT(%PjVPGa?X%`N2TQCKbeH2l;cTnHiHppPSJ<7y-yEIiC!P*ikl&!B
z%+?>VttCOQM@ShFguHVjxX^?mHX^hSaO_;pnyh^v9EumqSZTi+#f&_Vaija0Q-e*|
z7ulQj6Fs*bbmsWp{`auM04gGwsYYdNNZcg|ph0OgD>7O}Asn7^<IivRZw`Wa$`V6)
zgX@^QL9j}-Od{q5<J*k0+1U=R5+PCYj(U}4VpX+BjfI~+dttS?HJ6uZSGH#H-twTo
zaptG40+PAc$fs*zLFkOfGfc+xGs<T?rLGIA%SU7c%jh!E1SNN~*-`ccW8wo4gv2Sj
zhify^C(ygi)uGwqXDLqVbH>Z=eI>`$2*v78;sj-}oMoEj&@)9+ycEOo92xSyY344^
z11Hb8^kdOvbf^GNAK++bYioknrpdN>+u8R?JxG=!2Kd9r=YWCOJYXYuM0cOq^FhEd
zBg2puKy__7VT3-r*dG4c62Wgxi52EMCQ`bKgf*#*ou(D4-ZN$+m<X+=`m<r!lO%3T
zMp}MJd(WDoQ2&6(LClZxpv<vZPPM3Ngkye2VhB=i|B12g5ouw(%`gbWtRq8~sU|o*
z$kQ8Jb~6&{ak;r$7@?#t*q9RfAOj=^uAf1z5Y8`N%M`oM@?!~VqN{g%-u$XR1u1Im
zGE&AzFpIcER(5jtCPR%RZ)!+|*rU~jZBiOKdqYjO(%yK3Lz;{##(@QEVo>g&7$u!!
z-^<eVk1WtrWdvAzoBMHoB$s2RXJCv}%muyVFFJ``?>+Z%;-3IDwqZ|K=ah85OLwkO
zKxNBh+4QHh)u9D?MFtpbl)<T1$eOrb4-+U|WDC2BesgFRlgt`klbeQ^1S`7`r+uZ8
zH&U=geA}Si;CUcKvBA&^@<o1GQ7`{1Y(cCHZv|73JIJOvVwLOMZP%Q|)y@^j2e<+z
zWVo=#FL!4XNKS~-_1`gw*qi$0j6P7ym_LTvG>us}9+V!D%w9jfAMYEb>%$A;u)rrI
zuBudh;5PN}_6J_}l55P3l_)&RMlH{m!)ai-i$g)&*M`eN$XQMw{v^r@-125^RRCF0
z^2>|DxhQw(mtNEI2Kj(;<s2pnue6O@?^QaAp;Ze6z9nX*w}4h7342+0lU$@;Knnve
zqqY2Ci=`)@>KblC7x=JlK$@78`O~>V!`|1Lm-^JR$-5pUANAnb(5}B}JGjBsliK4&
zk6y(;$e&h)lh2)L=bvZKbvh@>vLlreBdH8No2>$#%_Wp1U0N7Ank!6$dFSi#xzh|(
zRi{U<eziQYNZ-=4ReK3@^LFvNQI~(Pdvp+X@J@g#bd~m0wFc+sW3Xf5tyA3xKp;T3
zy14<o-`F}$ET-DQ;B;yNy?d>w%-4W!{IXZ)fWx@XX6;&(m_F%c6~X8hx=BN1&q}*(
zoaNjWabE{oUPb!Bt$eyd#$5j9rItB-h*5JiNi(v^e|XKAj*8(k<5-2$&ZBR5fF|JA
z9&m4fbzNQnAU}r8ab>fFV%J0z5awe#UZ|bz?Ur)U9bCIKWEzi2%A+5CLqh?}K4JHi
z4vtM;+u<SJ)DEVF_yZnTw01M`(s#^BNx+c|MQ6ogb50Jjul0L;!#OmrYCs)iE)7(t
z?%I~O!zVNt#Bf3#O2WXsGz!B}&s@MfyDeaoqqf=GELN3g$+DA`&&GKy(`Ya~A@6vK
zn|WZ-+tB`DH^+SjI&K3KekF%-QIP%R{F)inWc~@cEO-=3Or<lm9g9}|`|ky#v{5*;
zKA5d<ecC{<o9p<U4UUK$m|+q#@(>PsVz{Lfr;78W78gC;z*yTch~4YkLr&m-7%-xc
ztw6Mh2<b07B|^BQBjvq{FXx?kyJ);`+G*=&9PMD`1uf<{+pNnnsIQx~kaB?*5<-7a
zqY)GyF_w$>d>_iO<o;tRi5=dcnU&wcur@4T5Z=-$xFUEsp-yX${|jSF|HMDPq3?MS
zw;p9zjR`yYJOfJZsK~C-S=JQ?nX{z_y@06JFIpheAo-rOG|5&Gxv)%95gpu@ESfi|
z7Auc&hjVL;&81Pc#L`^d9gJb`wEtLVH8q|h{>*$Rd8(-Cr1_V8EO1f*^@wRoSozS)
zy1UoC@pruAaC8Z_7~_w4Q6n*&B0AjOmMWa;s<dwKr_&w<X$Z*rmLmKUI3S>Iav&gu
z|J5&|{=a@vR!~k-OjKEgPFCzcJ>#A1uL&7xTDn;{X<DkOU(-L87#5hf4{m?aj!I6-
zPEt$K07IXK8mI0TYf-jhke2QjQw3v?qN5h0-#Fel0)Krq1f)#^AFsfd|K$I={`Xs9
z{JIr8M>BdeM}V=l3B8fE1--DHjSaxoSjNKEM9|U9#m2<eS=8Og#NOG$&X&%|8sOyg
zpZ6&%KPd&uh?v{hRMVvQjUL}gY3)Mk3{XQXF{><3>n{Iuo`r3UZp;>GkT2YBNAh|b
z^jTq-hJp(ebZh#Lk8hVBP%qXwv-@vbvoREX$TqRGTgEi$%_F9tZES@z8Bx}$#5eeG
zk^UsLBH{bc2VBW)*EdS({yw=?qmevwi?BL6*=12k9zM5gJv1>y#ML4!)iiPzVaH9%
zgSImetD@dam~e>{LvVh!phhzpW+iFvWpGT#CVE5TQ40n%F|p(sP5mXxna+Ev7PDwA
zamaV4m*^~*xV+&p;W749xhb_X=$|LD;FHuB&JL5?*Y2-oIT(wYY2;73<^#46S~Gx|
z^cez%V7x$81}UWqS13Gz80379Rj;6~WdiXWOSsdmzY39L;Hg3MH43o*y8ib<ko|2T
z<o~B%-$Y4Q9z_t97c`{g0veSfFt63Osbpe2Osn@<=nrAVk_JfMGt&lMGw9leshc#5
z*hkn0u>NBBH`(av4|u;YPq%{R;IuYow<+GEsf@R?=@tT@!}?#>zIIn0CoyV!hq3mw
zHj>OOjfJM3F{RG#6ujzo?y32m^tgSXf@v=J$ELdJ+=5j|=F-~hP$G&}tDZsZE?5rX
ztGj`!S>)CFmdkccxM9eGIcGnS2AfK#gXwj%esuIBNJQP1WV~b~+D7PJTmWGTSDrR`
zEAu4B8l>NPuhsk5a`rReSya2nfV<T&F{)-N{)9$`9a!^D!-03RDN<TPH!aW46TC4L
z>1EK01+G!x8aBdTs3Io$u5!6n6KX%uv@DxAp3F@{4UYg4SWJtQ-W~0MDb|j-$lwVn
znAm*Pl!?Ps&3wO=R115RWKb*JKoexo*)uhhHBncEDMSVa_PyA>k{Zm2(wMQ(5NM3#
z)jkza|GoWEQo4^s*wE(gHz?Xsg4`}HUAcs42cM1-qq_=+=!Gk^y710j=66(cSWqUe
zklbm8+zB_<cF$~mH3zum`PN7rn^cr1XvcjzxFO{ms_482AyMFYi+#o7!*vecrNhft
z48z<2q#fIw=ce!MXuptfT4+M8FP&|QfB3H@2)dceSR<*e5@hq<#7<$5tC^!RO8Zi<
zd_Wl!>syQv5A2rj!Vbw8;|$@C!vfNmNV!yJ<MblqN@23-5g1<aeoul%Um5K((_QY}
ze%_@BuNzay69}2PhmC<;m}2=FevDzrp!V!u4u|#h@B=rfKt+v!U`0k7>IWDQ>{+2x
zKjuFX`~~HKG~^6h5FntRpnnHt=D&rq0>IJ9#F0eM)Y-)GpRjiN7gkA8wvnG#K=q{q
z9dBn8_~wm4J<3J_vl|9H{7q6u2A!cW{bp#r*-f{gOV^e=8S{nc1DxMHFwuM$;aVI^
zz6A*}m8N-&x8;aunp1w7_vtB*pa+OYBw=TMc6Q<xVqo{NJ3h9-a)s5XuYMqZ=Y{7{
z$O63J`)FM-y*mko#!-UBa!3~eYtX1hjRQY2jMxAx=q5uKNm#uaKIak>K=mbA-|Cf*
zvyh8D4LRJImooUaSb7t*fVfih<97Gf@VE0|z>NcBwBQze);Rh!k3K_sfunToZY;f2
z^HmC4KjHRVg+eKYj;PRN^|E0>Gj_zagfRbrki68I^#~6-HaHg3BUW%<xsJq4AotN+
zH6twFV=)FlAbs*F6vGws^==x5Tl0AIbcP{&2yxB=)*u+bvK^L6$Vp}U2{9nj{bK~d
zee7tC)@DR<dI`D%cA(%7M9Ui3a)^iG?m=oJO0E^``<|5il2sf1fZHvy=D@e0<I)<l
zI!|d{`X3u}lz2(4Vn>+clM1<yhZZgPANro5CwhUb>xQEdPYt_g<2K+z!$>*$9nQ>;
zf9Bei{?zY^-e{q_*|W#2rJG`2fy@{%6u0i_VEWTq$*(ZN37|8lFFFt)nCG({r!q#9
z5VK_kkS<W$zJN%xs9<lngf<utn=i|I;bCdr-Lr<EzK)tkE-pYh-fc0wqKz?&U8TTN
zh_eAdl<>J3?zOH)OezMT{!YkCuSSn!<oaxO4?NS?VufjhPn>K#-Rhl$uUM(bq*jY?
zi1xbMVthJ`E>d>(f3)~fozjg^@eheMF6<)I`oeJYx4*+M&%c9VArn(OM-wp%M<-`x
z7sLP1&3^%Nld9Dhm@$3f2}87!quhI<BVn6Upp<cc;cU|)&2W%nk!Ak8tXK8aT!m*5
z^9zmeeS|PCG$hgM&Uh}0wp+#$jK3YCwOT&nx$??=a@_oQemQ~hS6nx6fB5r~bFSPp
z`alXuTYys4S5dCK)KDGR@7`I-JV^ewQ_BGM^o>@nwd@3~fZl_3LYW-B?Ia>ui`ELg
z&Qfe!7<FViITCBP{rA>m6ze=mZ<W0bN&bq-0D3>`Ia9$z|ARSw|IdMpooY4YiPN8K
z4B(ts3p%<w%rbophph+BzYj>2i(Td=<hfIaF6Ll8+9!48Ti=xpXB{FgJbk;>tgEHX
z0UQ_>URBtG+-?0E;E7Ld^dyZ;jjw0}XZ(}-QzC6+NN=40oDb2^v!L1g9xRvE#@IBR
zO!b-2N7wVfLV;mhEaXQ9XAU+>=XVA6f&T4Z-@AX!leJ8obP^P^wP0aICND?~w&N<u
ztispy>ykJ#54x3_@r7IDMdRNy4Hh;h*!u(Ol(#0bJdwEo$5437-UBjQ+j=Ic>Q2z`
zJNDf0yO6@mr6y1#n3)s(W|$iE_i8r@Gd@!DWD<Q)gT}bxTg_YpJQ5s|m8}+B)KBN6
zYnlzh>qZ7J&~gAm1#~maIGJ<sH@F<m!Fuh_fvrMbcDJNJ5~Yg;LF}NFN}&Y&LL76S
zv)~8W2?_rx`P;4LB-=JqsI{I~4U8DnSSIHWU2rHf%vWsA2-d=78An8z4q|lvgQ2iB
zhUUI!H+|C+_qp(Tjzu5usOu}cEoivZK&XA==sh0cD|Eg7eERXx?KwHI=}A9S_rx8S
zd)VLh_s!Juqi^!0xv7jH)UdSkEY~N|;QMWvs;HN`dMsdK=Dw2mtAHHcK8_+kS%a_V
zGgeQoaMM>1sls^gxL9LLG_Nh<XXk<>U!pTGty!TbhzQnu)I*S^54U6Yu%ZeCg`R>Q
zhBv$n5j<?~h)Y%y=zErI?{tl!(JWSDXxco7X8WI-6K;9Z-h&~kIv?$!6<k(g(xee?
z53>0v%O_j{QYWG!R9W?5_b&67KB$t}&e2LdMvd(PxN6Ir!H4>PNlerpBL>Zvyy!yw
z-SOo8caEpDt(}|gKPBd$qND5#a5nju^O>V&;f890?yEOfkSG^HQVmEbM3Ugzu+UtH
zC(INPDdraBN?P%kE;*Ae%Wto&sgw(crfZ#Qy(<4nk;S|hD3j{IQRI6Yq|f^basLY;
z-HB&Je%Gg}Jt@={_C{L$!RM;$$|<j7k-g{75e!h)4SlFvEZ*AkqrJI;EWu$Zx+OwM
zm{5Yk>iD6vu#3w?v?*;&()uB|I-XqEKqZPS!reW9JkLewLb!70T7n`i!gNtb1%vN-
zySZj{8-1>6E%H&=V}LM#xmt`J3XQoaD|@XygXjdZ1+P77-=;=eYpoEQ01B@L*a(uW
zrZeZz?HJsw_4g0vhUgkg@VF8<-X$B8pOqCuWAl28uB|@r`19DTUQQsb^pfqB6QtiT
z*`_UZ`fT}vtUY#%sq2{rchyfu*pCg;uec2$-$N_xgjZcoumE5vSI{+s@iLWoz^Mf;
zuI8kDP{!XY6OP~q5}%1&L}CtfH^N<3o4L@J@zg1-mt{9L`s^z$Vgb|mr{@WiwAqKg
zp#t-lhrU>F8o0s1q_9y`gQNf~Vb!F%70f}$>i7o4ho<sjDlFD=G`r<7$U?bJN+x5S
z@0&tQ=-XO1uDq(HCa$X)-l<u1!s<!W`30F78UcZaZKc8)G0af1Dsh%OOWh5)q+Q+n
zySBnE+3;9^#)U#Gq);&Cu=mtjNpsS~S0yjE@m4{Kq525G&cO_+b-_B$LeXWt_@XTq
z`)(;=^RDS@oh5dPjKyGAP?-Dbh507E5zZ=D2_C*6s^HXiA)B3f=65_M+rC&rMIUP6
zi4@u>$`uciNf=xgJ>&!gSt0g;M>*x4-`U)ysFW&Vs^Vk6m%?iuWU+o&m(2Jm26<Ea
z?or_^bK_`R)hBTfrBqA3Y^o7$K~Nzo)sh-vT%yWcc1I5wF1nkvk%!X_Vl_MK1IHC=
zt}Dt+sOmg0sH-?}kqNB|M_}ZXui7H;?;?xCCSIPSHh8@h^K8WU5X(!3W|>Y(3%TL;
zA7T)BP{WS!&xmxNw%J=$MPfn(9*^*TV;$JwRy8Zl*yUZi8jWYF>==j~&S|Xinsb%c
z2?B+kpet*muEW7@AzjBA^wAJBY8i|#C{WtO_or&Nj2{=6JTTX05}|H>N2B|Wf!*3_
z7hW*j6p3TvpghEc6-wufFiY!%-GvOx*bZrhZu+7?iSrZL5q9}igiF^*R3%DE4aCHZ
zqu>xS8LkW+Auv%z-<1Xs92u23R$nk@Pk}MU5!gT|c7vGlEA%G^2th&Q*zfg%-D^=f
z&J_}jskj|Q;73NP4<UD^T*M!yxMr=U!@&!rJfydk7CE7PGb<{)^=nM9Le#FQ=GkV~
z)_A$YPAn35??iNa@`g-wBX><4k*Y%pXPU2Thoqr+5uH1yEYM|VtBPW6lXaetokD0u
z9qVek6Q&wk)tFbQ8(^HGf3Wp16gKmr>G;#G(HRBx?F`9AIRboK+;OfHaLJ(P>IP0w
zyTbTkx_THEOs%Q&aPrxbZrJlio+hCC_HK<4%f3ZoSAyG7Dn`=X=&h@m*|UYO-4Hq0
z-Bq&+Ie!S##4A6OGoC~>ZW`Y5J)*ouaFl_e9GA*VSL!O_@xGiBw!AF}1{tB)z(w%c
zS1Hmrb9OC8>0a_$BzeiN?rkPLc9%&;1CZW*4}CDDNr2gcl_3z+WC15&H1Zc2{o~i)
z)LLW=WQ{?ricmC`G1GfJ0Yp4Dy~Ba;j6ZV4r{8xRs`13{dD!xXmr^Aga|C=iSmor%
z8hi|pTXH)5Yf&v~exp3o+sY4B^^b*eYkkCYl*T{*=-0HniSA_1F53eCb{x~1k3*`W
zr~};p1A`k{1DV9=UPnLDgz{aJH=-LQo<5%+Em!DNN252xwIf*wF_zS^!(XSm(9eoj
z=*dXG&n0>)_)N5<wxn0{TP0tnD=JAzVUcIUoR85Xt>oc6v!>-bd(2ragD8O=M|wGW
z!xJQS<)u70m&6OmrF0WSsr@I%T*c#Qo#Ha4d3COcX+9}hM5!7JIGF>7<~C(Ear^Sn
zm^ZFkV6~Ula6+8S?oOROOA6$C&q&dp`>oR-2Ym3(HT@O7Sd5c~+kjrmM)YmgPH*tL
zX+znN>`tv;5eOfX?h{AuX^LK~V#gPCu=)Tigtq9&?7Xh$qN|%A$?V*v=&-2F$zTUv
z`C#WyIrChS5|Kgm_GeudCFf;)!WH7FI60j^0o#65o6`w*S7R@)88n$1nrgU(oU0M9
zx+EuMkC>(4j1;m6N<sS-ys^qbJhGY7%0ZoC7dK=j7bGdau`J`{>oGqEkpJYJ?vc|B
zOlwT3<tNmX!mXZdsEW2s2`|?DC8;N?2tT*Lfq)F*|4vf>t&UgL!pX_P*6g36`ZXQ;
z9~Cv}ANFnJGp(;ZhS(@FT;3e)0)Kp;h^x;$*xZn*k0U6-&Fw<BqOnDKEdld8!Qk{Z
zjI1+R_ciEqL3CLOv$+J~YVpzIy`S&V{koIi$Lj}ZFEMN=!rL1?_EjSryIV+OBiiJ-
zIqT$oSMA>I=uOGaODdrsp-!K$Ac32^c{+FhI-HkYd5v=`PGsg%6I`4d9Jy)uW0y%)
zm&j^9WBAp*P8#kGJUhB!L?a%h$hJgQrx!6KCB_TRo%9{t0J7KW8!o1B!NC)VGLM5!
zpZy5Jc{`r{1e(jd%jsG7k%I+m#C<kI0i<ajCqQC!(pKlSsMl7M2N^mP%W`BGKb?hm
zBK`pddcg5+WhE#$46+K<Z!1CW-hZdo7hAw13ZUVqwW*}&ujL=eh{m~phuOy=JiBMN
z7FaCUn6boJ!M=6PtLN6%cveGkd12|1B{)kEYGTx#IiMN&re0`}NP-_{E-#FxOo3*P
zkAXSt{et292KfgGN`AR|C`p{MRpxF-I?+`ZY1Vsv>GS*BPA65ZVW~fLYw0dA-H_}O
zrkGFL&P1PG9p2(%Qi<evvBkNEkQkM%A>EWm6x;U-U&I#;Em$nx-_I^wtgw3xUPVVu
zqSuKnx&dIT-XT+T10p;yjo1Y)z(x1fb8Dzfn8e&#9yu?e%!_ptzGB|8GrCfu%p?(_
zQccdaaVK$5bz;*rnyK{_SQYM>;aES6Qs^lj9lEs6_J+%nIiuQC*fN;z8md>r_~Mfl
zU%p5Dt_YT>gQqfr@`cR!$NWr~+`CZb%dn;WtzrAOI>P_JtsB76<bUr7Lsb65vEd}g
z5JhMCmn#UeH#6Cew?bxogM)$x5ed{E)%2nWY5rb@Clvh$(JzQ#!CsQ(2I4QnhDDJ^
zYL%2bf8?`y)Ro=x{(dw<4^)(H^z7~3nfYFh-r7yBBb=l3V8dE-Dr&a%qs<OYcajo2
z(4Nw|k5_OQ@6zHmcIK%waj!yoZT(S1YlEFN?8-_lp9nf>PYe*<%H(y>qx-`Kq!X_;
z<{RpAqYhE=L1r*M<cT6p|4(5fVa-WIh|@AphR|cJ1`?N>)gNF3B8r(<%8mo*SR2hu
zccLRZwGARt)H<F*kMvg%oJV~29ud_q>lo1euqTyM>^!HK*!Q2P;4UYry<i)yWXzKa
zM^_qppY~vnIrhL_!;Z9msXMZTTwR{e`yH5t=HdD1Pni7?LqOpLoX}u5n5RfkGBvQ1
z@cdMeR4T6rp^S~>sje@;(<|$&%vQekbn|0Ruu_Io(w4#%p6ld2Yp7tlA`Y$cciThP
zKzNGIMPXX%&Ud0uQh!uQZz|FB`4KGD?3!ND?wQt6!n*f4EmCoJUh&b?;B{|lxs#F-
z31~HQ`SF4x$&v00@(P+j1pAaj5!s`)b2RDBp*PB=2IB>oBF!*6vwr7Dp%zpAx*dPr
zb@Zjq^XjN?O4QcZ*O+8>)|HlrR>oD*?WQl5ri3R#2?*W6iJ>>kH%KnnME&TT<gNU{
zn$Veg044#l=Z-&wsmEZhnw7IwT7Cd}hiZ%ke)-GzAR-Dt6)8Cb6>@Z<Y-SEE^OC5H
z=$M0HjdWR5p?n;s9OTXrEa1eGt}G;Eu)ifSop!$z#6V<>zrHS$Q%LC?n|e>V+D+8D
zYc4)QddFz7I8#}y#Wj6>4P%34dZH<AWj}HgE@5&D9Ra@o(Km_Gm}5Zb61p%9mDz1%
zya$Vd!_U~pDN*Y5%lo}-K~}4&F)rTjJ7uGyV@~kB-XNrIGRiB=UrNxJtX;JHb(EyQ
z{!R%v{vC7m|L3bx6lCRb7!mP~Is!r!q&OXpE5nKnH3@l({o}PrL`o>~OUDb?uP%-E
zwjXM(?Sg~1!|wI(RVu<h{6ESg9k500(D<HXwz52OGq(JEKS2CJR}8N&E-#%vhhaRN
zL#Q6%yUcel+!a#~g&e7w4$3s62d$Dv;SxCxhT}>xbu)-rH+O=igSho_pDCw(c6b=P
zKk4ATlB?bj9+HHlh<_!&z0rx13K3ZrAR8W)!@Y}o`?a*JJsD+twZIv`W)@Y?Amu_u
zz``@-e2X}27$i(2=9rvIu5uTUOVhzwu%mNazS|lZb&PT;XE2|B&W1>=B58#*!~D&)
zfVmJGg8UdP*fx(>Cj^?yS^zH#o-$Q-*$SnK(ZVFkw+er=>N^7!)FtP3y~Xxnu^nzY
zikgB>Nj0%;WOltWIob|}%lo?_C7<``a5hEkx&1ku$|)i>Rh6@3h*`slY=9U}(Ql_<
zaNG*J8vb&@zpdhAvv`?{=zDedJ23TD&Zg__snRAH4eh~^oawdYi6A3w8<<tS1{)`*
zH!u#2_lf&B)x2)tE$?4|aMAYUFZ{|Se7->Ozh@Kw)<E~4fKYaJ{OS+>#bdktM^GVb
zrG08?0bG?|NG+w^&JvD*7LAbjED{_Zkc`3H!My>0u5Q}m!+6VokMLXxl`Mkd=g&Xx
z-a>m*#G3SLlhbKB!)tnzfWOBV;u;ftU}S!NdD5+YtOjLg?X}dl>7m^gOpihrf1;PY
zvll&>dIuUGs{Q<Ww4SS<E23Sm*si$^C!!snD|AFym<+q$`*o0wokE?J{^g?f3>nd-
zwIR3oIrct8Va^Tm0t#(bJD7c$Z7DO9*7NnRZorrSm`b`cxz>OI<bVZt$VQ!oMxCu0
zbb7D5OIXV5Ynn@Y6)HLT=1`a=nh7{ee{vr<=$>C;jSE3DO8`hX955ui`s%||YQtt2
z5DNA&pG-V+4oI2s*x^>-$6J?p=I>C|9wZF8z;VjR??Icg?1w2v5Me+FgAeGGa8(3S
z4vg*$>zC-WIVZtJ7}o9{D-7d>zCe|z#<9>CFve-OPAYsneTb^JH!Enaza#j}^mXy1
z+ULn^10<XTm*l1Jg2Z;UvGEN!6Wq%I@OP4p{k`RNRKlKFWPt_of11^Gr%_Mg*mVP3
zm?)&3I719~aYcs)TY&q^$zmQ=xoC++VJH@~YG6>+rWLF6j2>Ya@@Kq?26>AqK{A_|
zQKb*~F1>sE*=d?A?W7N2j?L09_7n+H<SF8|SM#pTc9|9|rf1w*m4Y0Vdj643qA#D|
z!hJzb_-}IrrhkWr{zk_YC%(c-)UJl6Ma!mcbvj&~#yN-UhH?ZQ3TPq4hTVQ$(?eJ6
zNfJ_K+VJDBXN=l!7{2}lq?-$`fq|e&PEONfZDU<_SM+s2_3$vT_yqV<R&KG=K{zS}
zKQF$?mYsg%vV|E_E=a*SL!`7*AeN6GMVDXC59yPgi$F2!7&8e}EyHVLwCm{i%<pN!
zdc`SbZK}JQj7?6K&|261iHrsnVjdhxu_l_NKs&yy#;#^%8?Jlg`wcTlNZ3urUtEYd
zsFE!K0}Eg39)z+J6mLW)#Kn<ok4*6AAE=n*vh*;TpgGnnM|npykFpO|a0`4#SjP^b
z2<JG#Qk^#3FeFS`0eooK9|wEmCcvRKI*~6mamFTd^UW9Eg4!J4N9qz*C$3a#F;Sad
zi#o9LaqNG5TsiT<`SDtY^`)zkYx$(C5;&K9#(Zj}HolT_st~#C`VS8q%#q1)HN+hT
zz9IjVUdZNIp@;b88oR`~DvQL_zmsBy>Gi{VY;MoTGr_)G9)ot$p!-UY5zZ2Xtbm=t
z@dpPSGw<TLTZo~Zyx(+AKWvR~{L4S^5I;5+QT9bcQ-4cC{QnLfRBf&Pov~kv@`W6V
zA|h{EGx|7msvR1t`a-jF$JZ>gH=QtIcEulQNI>S-#ifbnO5EWkI;$A|pxJd885oM+
zGZ0_0gDvG8q2xebj+fbCHYfAXuZStH2j~|d^sBAzo46(K8n59+T6rzBwK)^rfPT+B
zyIFw)9YC-V^rhtK`!3jrhmW-sTmM+tPH+;nwjL#-SjQPUZ53L@A>y*rt(#M(qsiB2
zx6B)dI}6Wlsw%bJ8h|(lhkJVogQZA&n<jl%@&gd%^X|lsDQwDHEiKLCz}r`kC^h0t
z(!vYS%C)Ku?w$ti5R##9jSkNC#5)Juc{8XfEhczdGQy8yNrZL6+d0~%V=N|iF{V)E
zLT(gH!$j8Mf(1>{?Vgs6gNSXzuZpEyu*xySy8ro07QZ7Vk1!3tJphN_5V7qOiyK8p
z#@jcDD8nmtYi1^l8ml;AF<#IPK?!pqf9D4moYk>d99Im}Jtwj6c#+A;f)CQ*f-hZ<
z=p_T86jog%!p)D&5g9taSwYi&e<jP@@Q_fbXtVO&n9{e#)jg+D#~q=hoZ<9PIa)>P
z#JuEK%+NULWus;0w32-SYFku#i}d~+{Pkho&^{;RxzP&0!RCm3-9K6`>KZpnzS6?L
z^H^V*s!8<>x8bomvD%rh>Zp3>Db%kyin;qtl+jAv8Oo~1g~mqGAC&Qi_wy|xEt2iz
zWAJEfTV%cl2Cs<1L&DLRVVH05EDq`pH7Oh7sR<WSzBWU(MxAIA&4v~INVdLKA><BK
zwCgTxJU0mM{;1UV<^ZRk0SQNNN(;SRZsH7^EDWVUu%^mFfvW{m5jOQuQWSy`f586I
zTj}Z4e5WsvkNmBd`TJdfe=^>`NNkL%wi}8n>IXcO40hp+J+sC!W?!krJf!GJNE8uj
zg-y~Ns-<~D?yqbzVRB}G>0A^f0!^N7l=$m0OdZuqA<e9rzV|ixGyk9uS=Vov2_ECA
z^Sd0M$B)O&tv@%@UmTb%ngcl58ED9TyFp$y4JjFU+g+9EWUl?am<e#4uCGy9Tmt)z
z2Y|kWUahugFHsF<J6o!<?X(Ncsy&Wg9<QLPD}g-`PWGHWDY5P6;<Y+5J1vz2Z|PSy
zBN?Q^NkxnWq>OQq<EC8_d&#T2smn`YINd-HF@)Op)pBRHnx+Q|Hsv_BpWAPsT1>Lc
zX?AEGr1Ht+inZ-Qiwnl@Z0qukd__a!C*CKuGdy5#nD7VUBM^6OCpxCa2A(X;e0&V4
zM&WR8+wErQ7UIc6LY~Q9x%Sn*Tn>>P`^t&idaOEnOd(Ufw#>NoR^1QdhJ8s`h^|R_
zXX`c5*O~Xdvh%q;7L!_!ohf$NfEBmCde|#uVZvEo>OfEq%+Ns7&_f$OR9xsihRpBb
z+cjk8LyDm@U{YN>+r46?nn{7Gh(;WhFw6GAxtcKD+YWV?uge>;+q#Xx4!GpRkVZYu
zzsF}1)7$?%s9g9CH=Zs+B%M_)+~*j3L0&Q9u7!|+T`^O{xE6qvAP?XWv9_MrZKdo&
z%IyU)$Q95AB4!#hT!_dA>4e@zjOBD*Y=XjtMm)V|+IXzjuM;(l+8aA5#Kaz_$rR6!
zj>#&^DidYD$nUY(D$mH`9eb|dtV0b{S>H6FBfq>t5`;OxA4Nn{J(+XihF(stSch<f
zIn>e7$es&~N$epi&PDM_N`As;*9D^L==2Q7Z2zD+CiU(|+-kL*VG+&9!Yb3LgPy?A
zm<g7T4Wx!m(zMlVE_2jX$1$$5DcfL6>7Z&^qRG_JIxK7-FBzZI3Q<;{`DIxtc48k>
zc|0dmX;Z=W$+)qE)~`yn6MdoJ4co;%!`ddy+FV538Y)j(vg}5*k(WK)KWZ3WaOG!8
z!syGn=s{H$odtpqFrT#JGM*utN7B((abXnpDM6w56nhw}OY}0TiTG1#f*VFZr+^-g
zbP10`$LPq_;PvrA1XXlyx2uM^mrjTzX}w{yuLo-cOClE8MMk47T25G8M!9Z5ypOSV
zAJUBGEg5L2fY)ZGJb^E34R2z<C?_X1)4xsl9%Z|w&L9k!F(V>J?}Vf>{~gB!8=5Z)
z9y$>5c)=;o0HeHHSuE4U)#vG&KF|I%-cF6f$~pdYJWk_dD}iOA>iA$O$+4%@>JU08
zS`ep)$XLPJ+n0_i@PkF#ri6T8?ZeAot$6JIYHm&P6EB=BiaNY|aA$W0I+nz*zkz_z
zkEru!tj!QUffq%)8y0y`T&`fuus-1p>=^hnBiBqD^hXrPs`PY9tU3m0np~rISY09>
z`P3s=-kt_cYcxWd{de@}TwSqg<T-v~${38)1dqT{JCO5}Gk$$yZP*X!5)RaGFqqkZ
zeHhqUgXb37$91~LS-3Zi29CKKki0sBTh7unqEK$%FG?oo$Sp>*xVhp;E9zCsnXo6z
z?f&Sv^U7n4`xr=mXle94HzOdN!2kB~4=%)u&N!+2;z6UYKUDqi-s6AZ!haB;@&B`?
z_TRX0%@suz^TRdCb?!vNJYPY8L_}&07uySH9%W^Tc&1pia6y1q#?*Drf}GjGbPjBS
zbOPcUY#*$3sL2x4v_i*Y=N7E<UbOmi3K%)5<dOJui+{^+b*shA_w8&X4_Icv*!}kT
zW@BG{C%f{(K^kE?tjU`Led*kAj6wB_3f*UyIEV0T9TyMo4`NS;oA7Ec+71eFa;K|G
zCyaKKi1bvX9fTLQ+uAgF*@ZR8fB%|JlT8A-jK$7FMyxW>$mR}J%|GUI(>WEr+28+V
z%v5{#e!UF*6~G&%;l*q*$V?&r$Pp^sE^i-0$+RH3ERUUdQ0>rAq2(2QAbG}$y{de(
z>{qD~GGuO<V3ijl7+~xmS#nUvH{qF0*%7G(r|}BSXsu}HwrFbXWzcYJouIY*34axA
z(n@XsPrv%6;|GSbkH9Og>k559Y@%$?N^1ApVL_a704>8OD%8Y%8B;FCt%AoPu8*D1
zLB5X>b}Syz81pn;xnB}%0FnwazlWfUV<Vu@5P52pgIa+J{M)H4nAC<>)Z-~rZg6~b
z6!9J$EcE&sEbzcy?CI~=boWA&eeIa%z(7SE^qgVLz??1Vbc1*aRvc%Mri)AJaAG!p
z$X!_9Ds;Zz)f+;%s&d<S0a>RcJt2==P{^j3bf0M=nJd&xwUGlUFn?H=2W(*2I2Gdu
zv!gYCwM10aeus)`RIZSrCK=&oKaO_Ry~D1B5!y0R=%!i2*KfXGYX&gNv_u+n9wiR5
z*e$Zjju&ODRW3phN925%S(jL+bCHv6rZtc?!*`1<n2%>TyYXT6%Ju=|X;6D@lq$8T
zW{Y|e39ioPez(pBH%k)HzFITXHvnD6hw^lIoUMA;qAJ^CU?top1fo@s7xT13Fvn1H
z6JWa-6+FJF#x>~+A;D~;VDs2<i>6>^oH0EI`IYT2iagy23?nyJ==i{g4%HrAf1-*v
zK1)~@&(KkwR7TL}L(A@C_S0G;-GMDy=MJn2$FP5s<%wC)4jC5PXoxrQBFZ_k0P<n-
z??iM<JF!BTjD>{{s@<jPT1+pTPdk3<izB+}jAtjokIz)aPR$L&4%}45Et}?jz0w{(
zC4G}+Nu0D*w=ay`v91hMo+V&V8q(a!`~K-2<yR0H)sK+mcY?TAaSS8F<Q+!pSc;`*
z*c@5)+ZpT%-!K3O=Z0(hI8LH7KqK>sz+gX`-!=T8rcB(=7vW}^K6oLWMmp(rwDh}b
zwaGGd>yEy6fHv%jM$yJXo5oMAQ>c9j`**}F?MCry;T@47@r?&sKHgVe$MCqk#Z_3S
z1GZI~nOEN*P~+UaFGnj{{Jo@16`(qVNtbU>O0Hf57-P>x8Jikp=`s8xWs^dAJ9lCQ
z)GFm+=OV%AMVqVATtN@|vp61VVAHRn87}%PC^RAzJ%JngmZTasWBAWsoAqBU+8L8u
z4A&Pe?fmTm0?mK-BL9t+{y7o(7jm+RpOhL9Kn<D3v{}Wpv2i&ghEZe;t&DmOA_QYc
zM+NIUU}=*bkxOJsLKV3e^oGG8rufTpa8R~7Iki1y+fC(UT;;{l19@qfxO@0^!xMA?
z#|<YBZ6;vAb>Y#E&qu^}B6=K_dB}*VlSEiC9fn)+V=J;OnN)Ta5v66ic1rG+dGAJ1
z1%Zb_+!$=tQ~lxQrzv3x#CPb?CekEkA}0MYSgx$Jdd}q8+R=ma$|&1a#)TQ=l$1tQ
z=tL9&_^vJ)Pk}EDO-va`UCT1m#Uty1{v^A3P~83_#v^ozH}6*9mIjIr;t3Uv%@VeW
zGL6(CwCUp)Jq%G0bIG%?{_*Y#5IHf*5M@wPo6A{$Um++Co$wLC=J1aoG93&T7Ho}P
z=mGEPP7Gb<mBTnJH7dKM2CB)0*o-AW2E4i5R+rHU%4A2BTVwOqj4zmJqsb|5^*{DT
zv^HFARK6@^_1|vU{>voG!uD$k(H3A$Z))+i{Hy?QHdk>3xSBXR0j!11O^mEe9RH<y
zF3MI;^J1vHI9U>mw!pvzv?Ua~2_l2Yh~_!s1qS`|0~0)<BWX>YsbHSz8!mG)WiJE|
z2<APmuYD%tKwB@0u<C~CKyaC}XX{?mylzkDSuLMkAoj?zp*zFF7q515SrGD~s}ATn
z`Ded41yk>f($6TQtt6L_f~ApQYQKSb=`053LgrQq7G@98#igV>y#i==-nEjQ!XNu9
z<h*hnP2Pol+z>~;mE+gtj4IDDNQJ~JVk5Ux6&LCSFL!y=>79kE9=V}J7tD==Ga+IW
zX)r7>VZ9dY=V&}DR))xUoV!u(Z|%3ciQi_2jl}3=$Agc<a_3#EUXJj<z2jVv6VHGT
zV^v1FiRwA!kPmt}m$qdr&9#-6{QeZqtM3|tRl$sws3Gy`no`Kj@X-)O(^sv>(`RPb
z8kEBpvY>1FGQ9W$n>Cq=DIpski};nE)`p3IUw1Oz0|wxll^)4dq3;CCY@RyJgFgc#
zKouFh!`?Xuo{IMz^xi-h=StCis_M7y<P{h0$_I#EukRYag9%BMRXh|%Xl7C<>q$u)
z?XHvw*HP0VgR+KR6wI)jEMX|ssqYvSf*_3W8zVTQzD?3>H!#>InzpSO)@SC8q*ii-
z%%h}_#0{4JG;Jm`4zg};BPTGkYamx$Xo#O~lBirRY)q=5M45n{GCfV<Kqrcu9<z@R
zSE>7h9qwyu1NxOMoP4)jjZMxmT|IQQh0U7C$EbnMN<3)Kk?fFHYq$d|ICu>KbY_hO
zTZM+uKHe(cIZfEqyzyYSUBZa8;Fcut-GN!HSA9ius`lt<SmSV9vasBl&hE7ciOunD
z?%e1Hl-5B3e+<+8CD{j5U*D3h89nV<zn^0g+t=uRKgZiGu)3h;vu#^y`HqWe_=jGm
zW2p}*n<!QH%pQ2EV`&z|LD#BOpj0QS9R5#$q}3&-+@GL4F^wO-bcSo|J^I_{LATPF
z2$`fUCOO=XxYVD!<7Yz4te$d-_>NebF46ZX_BbZNU}}ZOm{M2&nAN<H$fJIKS=j8q
zwXlN!l^_4>L9@0qvih15(|`S~z}m&h!u4x~(%MAO$jHRWNfuxWF#B)E&g3ghSQ9|>
z(MFaLQj)NE0lowyjvg8z0#m6FIuKE9lDO~Glg}nSb7`~^&#(Lw{}GVOS>U)m8bF}x
zVjbXljBm<v)#bs=9p`s>34Cs-yM6TVusr+3kYFjr28STT3g056y3cH5Tmge~ASxBj
z%|yb>$eF;WgrcOZf569sDZOVwoo%8>XO>XQOX1OyN9I-SQgrm;U;+#3OI(zrWyow3
zk==|{<m8xZ#>lt2xrQ%FIXOTejR>;wv(Pb8u8}BUpx?yd(Abh<shPyABw|Ens8m6@
zIg($GO4)<g4x5icbki?U&2%56@tYd`zRs}Nk6R~4!AjVAihB3r8oDhQ8f)v^r}|(y
z4B&Q<ARRqYXKQGAeJa_KHe`)04jUO~B=%q#SUlU@pU?apz0v{Al@s`Cvzo)u;2>6?
zsoO3VYWkeLnF43&@*#MQ9-i-d0t*xN-UEyNKeyNMHw|A(k(_6QKO=nKMCxD(W(Yop
zsRQ)QeL4X3Lxp^L%wzi2-WVSsf61dqliPUM7srDB?Wm6Lzn0&{*}|IsKQW;02(Y&|
zaTKv|`U(pSzuvR6Rduu$wzK_W-Y-7>7s?G$)U}&uK;<>vU}^^ns@Z!p+9?St1s)dG
zK%y6xkPyyS1$~&6v{kl?Md6gwM|>mt6Upm>oa8RLD^8T{0?HC!Z>;(Bob7el(DV6x
zi`I)$&E&ngwFS@bi4^xFLAn`=fzTC;aimE^!cMI2n@Vo%Ae-ne`RF((&5y6xsjjAZ
zVguVoQ?Z9uk$2ON;ersE%PU*xGO@T*;j1BO5#TuZKEf(mB7|g7pcEA=nYJ{s3vlbg
zd4-DUlD{*6o%Gc^N!Nptgay>j6E5;3psI+C3Q!1ZIbeCubW%w4pq9)MSDyB{HLm|k
zxv-{$$A*pS@csolri$Ge<4VZ}e~78JOL-EVyrbxKra^d{?|NnPp86!q>t<&IP07?Z
z^>~IK^k#OEKgRH+LjllZXk7iA>2cfH6+(e&9ku5poo~6y{GC5>(bRK7hwjiurqAiZ
zg*DmtgY}v83IjE&AbiWgMyFbaRUPZ{lYiz$U^&Zt2YjG<%m((&_JUbZcfJ22(>bi5
z!J?<7AySj0JZ&<-qXX;mcV!f~>G=sB0KnjWca4}vrtunD^1TrpfeS^4dvFr!65knK
zZh`d;*VOkPs4*-9kL>$GP0`<?hW@{z#_gXtp%=2VbN+$~z+M($Vf(dl@)t-*82<$(
zHi{FrD1wO9L~*Rc0{A2WU%f?ar(T9V1JpQ?M0Q|&{UES|#Z~k2-mj@z)8Rw^(XeYc
zomT(B0EF!##4dQq_*NN<%Bo5)&+gCXSGZo`b>(M!j~B;#x?Ba<KDM~HJ!|Zzy=p2e
z8;av`GLw{_*RgO(W|UK-<iDeT!t_x1c=M3%wGk|fDk<e0lLe8-5ga6apKYJD`*a3G
zBl?Ps)hDb7X`7bW5S=IHr0Mm?fr|$zCf+gmZUrit$5n+)JZG>~&s6CopvO86oM?-?
zOw#dIRc;6A<R&%m3DDJhF+|tb*0Yw8mV{a-bf^E~gh66MdsMHkog<r9`fVIVE+h@O
zi)iM`rmA-Fs^c=>6T?B`Qp%^<<Dyu<%Kg0H=lq;E!p&UHzSpD1)q%^v)Y8yQkp>U5
z19x(ywSH$_N+Io!6;e?`tWaM$`=D<O;$E>b!gzx|lQ${DG!zb1Zl&|{kX0y6xvO1o
z220r<-oaS^^R2pEyY;=Qllqpmue|5yI~D|iI!IGt@iod{Opz@*ml^w2bNs)p`M(Io
z|E;;m*Xpjd9l)4G#KaWfV(t8YUn@A;nK^#xgv=LtnArX|vWQVuw3}B${h+frU2>9^
z!l6)!Uo4`5k`<<;E(ido7M6lKTgWezNLq>U*=uz<KVOwgK<qq^3FEy1LAV}ep3|Zt
z>&s=cc$1%>VrAeOoUtA|T6gO4>UNqsdK=NF*8|~*sl&wI=x9-EGiq*aqV!(VVXA57
zw9*o6Ir8Lj1npUXvlevtn(_+^X5rzdR>#(}4YcB9O50q97%rW2me5_L=%ffYPUSRc
z!vv?Kv>dH994Qi>U(a<0KF6NH5b16enCp+mw^Hb3Xs1^tThFpz!3QuN#}KBbww`(h
z7GO)1olDqy6?T$()R7y%NYx*B0k_2IBiZ14&8|JPFxeMF{vSTxF-Vi3+ZOI=Thq2}
zyQgjYY1_7^ZQHh{?P))4+qUiQJLi1&{yE>h?~jU%tjdV0h|FENbM3X(KnJdPKc?~k
zh=^Ixv*+smUll!DTWH!jrV*wSh*(mx0o6}1@JExzF(#9FXgmTXVoU+>kDe68N)dkQ
zH#_98Zv$}lQwjKL@yBd;U(UD0UCl322=pav<=6g>03{O_3oKTq;9bLFX1ia*lw;#K
zOiYDcBJf)82->83N_Y(J7Kr_3lE)hAu;)Q(nUVydv+l+nQ$?|%MWTy`t>{hav<vVD
zHx;qQ>FSQloHwiIkGK9YZ79^9?AZo0ZyQlVR#}lF%dn5n%xYksXf8gnBm=wO7g_^!
zauQ-bH1Dc@3ItZ-9D_*pH}p!IG7j8A_o<ZOCWxl^<k=*NA9oUpW$0D`yCb}VfC~vb
z4IkfiRDM@RHlIGG_SRrrd~6$XYP~2Y^<fekveOOZRCv69S{4_se`>94#~>$LR|TFq
zZ-b00*nuw|-5C2lJDCw&8p5N~Z1J&TrcyErds&!l3$eSz%`(*izc;-?HAFD9AHb-|
z>)id`QCrzRws^9(#&=pIx9OEf2rmlob8sK&xPCWS+nD~qzU|qG6KwA{zbikcfQrdH
z<yJStD<g^`?^d44p$8FFXwD2dL810^xg@~^x$C_H#3NSLs8fBVu~K)3BMKCOp^;|&
zKPz+s!|fXFr%*`Dg*#A{!QB-jnah3y4$Pe0L2%RM)706&eqyFTNAO2gMd<bcjBp>+
zQg>O<`K4L8rN7`GJB0*3<3`z({lWe#K!4AZLsI{%z#ja^OpfjU{!{)x0ZH~RB0W5X
zTwN^w=|nA!4PEU2=LR05x~}|B&ZP?#pNgDMwD*ajI6oJqv!L81gu=KpqH22avXf0w
zX3HjbCI!n9>l046)5rr5&v5ja!xkKK42zmqHzPx$9Nn_MZk`gLeSLgC=LFf;H1O#B
zn=8|^1iRrujHfbgA+8i<9jaXc;CQBAmQvMGQPhFec2H1knCK2x!T`e6soyrqCamX%
zTQ4dX_E*8so)E*TB$*io{$c6X)~{aWfaqdTh=xEeGvOAN9H&-t5tEE-qso<+C!2>+
zskX51H-H}#X{A75wqFe-J{?o8Bx|>fTBtl&tc<VVc3-U5wTq>bdR|<Uon(X?ZiT<<
zWC=zLEjacGDZ|?>132Ztqu5X0i-pisB-z8n71%q%>EF}yy5?z=Ve`}hVh{Drv1YWL
zW=%ug_&chF11gDv3D6B)Tz5g<uwqk#dj|RK7gNl@*lm*xHRBk*7MnT4(@7VIDfO0u
zB?1X+)GR^0j1A{Q#WUmQX%LN=W?aGzO$5=2@yxjXBzxbGO*{DYkV!aJ!$~-FNzvt;
z?r)HU;0!4T-%vWzAiHJ?*-ivIq!#dErMvhpJJ^QyZ5n0qmMn+}I>54H0mDHNj<FD1
z&CIP+ZDDy<;b2`JW=0_p9c4p<zwE30JFgdhO2HQiMRBb%Y9ZJ>uKZ+)CKFk4Z|$RD
zfRuKLW`1B>B?*RUfVd0+u8h3r-{@fZ{k)c!93t1b0+Q9vOaRnEn1*IL>5Z4E4dZ!7
ztp4GP-^1d>8~LMeb}bW!(aAnB1tM_*la=Xx)q(I0Y@__Zd$!KYb8T2VBRw%e$iSdZ
zkwdMwd}eV9q*;YvrBFTv1>1+}{H!JK2M*C|TNe$ZSA>UHKk);wz$(F$rXVc|sI^lD
zV^?_J!3cLM;GJuBMbftbaRUs$;F}HDEDtIeHQ)^EJJ1F9FKJTGH<(Jj`phE6OuvE)
zqK^K`;3S{Y#1M@8yRQwH`?kHMq4tHX#rJ>5lY3DM#o@or4&^_xtBC(|JpGTfrbGkA
z2Tu+AyT^pHannww!4^!$5?@5v`LYy~T`qs7SYt$JgrY(w%C+IWA;ZkwEF)u5sDvOK
zGk;G>Mh&elvXDcV69J_h02l&O;!{$({fng9Rlc3ID#tmB^FIG^w{HLUpF+iB`|<Dd
z$~}?*yaE3d3m&(}pR(IuL%&h+j{wz$6(l^GO8O{^N!08Gnw7N>NnX)EH+Nua)3Y(c
z&{(nX_ht=QbJ%DzAya}!&uNu!4V0xI)QE$SY__m)SAKcN0P(&JcoK*Lxr@P<Bj^D-
zi(H(l^zsWRcIm}YCou&G1we!7IMt1dAI3MKk4-3tybIvwniaUWp=||&s9lB&iptb>
zY&P=}&B3*UWNlc|&$Oh{BEqwK2+N2U$4WB7Fd|aIal`FGANUa9E-O)!gV`((ZGCc$
zBJA|FFrl<?%m-}hcKbonJcfriSKJrE#oY4SQUGFcnL~;J2>g~9OBp#f7aHodCe{6=
zay$6vN~zj1ddMZ9gQ4p32(7wD?(dE>KA2;SOzXRmPBiBc6g`eOsy+pVcHu=;Yd8@{
zSGgXf@%sKKQz~;!J;|2fC@emm#^_rnO0e<D`xKOl)v&1gxhN0@LroTIseY?HHF`U$
zRCxyayrK2fk|YppMxAKP{J=gze_dhnAkmEFp<%l9vvc1zcx#Lz*hP4TNeag4(W!Be
zM4c#}`np`hRl02rJ50(%WD@_u_Qk1TUrpL44g>sEn^QxXgJYd`#FPWOUU5b;9eMAF
zZhfiZb|gk8aJIw*YLp4!*(=3l8Cp{(%p?ho22*vN9+5NLV0TTazNY$B5L6UKUrd$n
zjbX%#m7&F#U?QNOBXkiiWB*_tk+H?N3`vg;1F-I+83{M2!8<^nydGr5XX}tC!10&e
z7D36bLaB56WrjL&HiiMVtpff|K%|*{t*ltt^5ood{FOG0<>k&1h95qPio)<rMG98B
zE?gDMmn^Zo(`Ek7uvNsnUgUfUfwFF7?z~>2`eL${YAGIx(b4VN*~nKn6E~SIQUuRH
zQ+5zP6jfnP$S0iJ<xI2U>@~t!Ai3o`X7biohl<ds?PbGDArmkAV12ldkGzY{P*80E
zF=Wk3w#9|J1dAeV)Rlk?%L=ol!+m5%A|(KP`fR=nD^&iHT@Z5DaZ(w0hqfh|V>i;E
zT#yXyl{bojG@-TGZzpdVDXhbmF%F9+-^YSIv|<!(knL3!Z+}F~)r$<ET0f@9KVjok
zfvU`%FUbk|yAc)S0rB`JBWTLd7hPAAqP2ltlwee5T}#_Gpbl80w-LA;|BD>MT1l3j
zrxOFq>gd2%U}?6}8mIj?M<N%?8n+3Rx8(2-`*c@op88}5-iqw*PHkqnj$k8#t^|g>
zc077Zc9fq(-)4+gXv?Az26IO6eV`RAJz8e3)SC7~>%rlzDwySVx*q$ygTR5kW2ds-
z!HBgcq0KON9*8Ff$X0wOq$`T7ml(@TF)VeoF}x1OttjuVHn3~sHrMB++}f7f9H%@f
z=|kP_?#+fve@{0MlbkC9tyvQ_R?lRdRJ@$qcB(8*jyMyeME5ns6ypVI1Xm*Zr{DuS
zZ!1)rQfa89c~;l~VkCiH<d?V{)&8(@3=6jm=fW<)H`CSQ9+iNwDH;4S!Xw4H9nux4
zKNscQ&OV9zHF_+cIJ=X)qIF;(!)}sl`hhO)dHz6nA0^W{a9q1^gzxvh-bS1(N273|
zq;PSR{n|+%3`+}9Q7}{mC7k)HXlUhkBKH%A@-sEx!4Mlk=^P1dtF=-lC3U?55B}ez
z`Fd)kItC)!X+F!>I|PCBd`S*2RLNQM8!g9L6?n`^evQNEwfO@&JJRme+uopQX0%Jo
zgd5G&#&{nX{o?TQwQvF1<^Cg3?2co;_06=~Hcb6~4XWpNFL!WU{+CK;>gH%|BLO<b
zgJpht0ltX3sE2RJAUcld5MW}&%<sw};dL~bdZ0?zVg~mRcaNBgUZe;8@DKXRQmlOf
zAIhHBNh=}LzcTdUnfgd6#GEx350bi`lb)LaBso2CW!*0Xe!UJNwIWeg)QXy=e3bwZ
zIJ8=;u}r&BGoF;ftQ-dJ!kBp#;lHIlNwC)v?OHP&#Mh~B%=jdgWQCSqpANGQEkG%n
zM?zk5@$%!-gPc55s943P-Mv1>h7@!hsa(>pNDAmpcuVO-?;Bic17R}^|6@8DahH)G
z!EmhsfunLL|3b=M0MeK2vqZ|OqUqS8npxwge$w-4pFVXFq$_EKrZY?BuP@Az@(k`L
z`<G71X#W|!P3Z{wEvg5Ob7@MbwprRM&*~yi*+R-9I8&p-;yM=Q)z$bTY1}y<i9f;W
zGBCz3n1=6)vV6bV+;GN8E|c1rg49&nk_(FLVA<i_4OxA`vE>ViQBSk`y+YwRT;&W|
z2e3UfkCo^uTA4}Qmmtqs+nk<f8_TTXgg$0%V(GO^t)<!()wOU}JKa$=7V(Fd-u5kW
zfKQU%n`CZ_1jFoAu|=do)|56^VkbaXtt)NlpAubGIJ@ET@k0K*McoNg@OCSSeKJ`(
z*rHh**zg=F3rmZ2ux+4MzedRxj4$W0VqcP)lO*|#;Iw4z!Gidd%|ry%SN>#gNr2W4
zTH%hhErhB)pkXR{B!q5P3-OM+M;qu~f>}IjtF%>w{~K-0*jPVLl?Chz&zIdxp}bjx
zStp&Iufr58FTQ36AHU)0+CmvaOpKF;W@sMTFpJ`j;3d)J_$tNQI^c<^1o<49Z(~K>
z;EZTBaVT%14(bFw2ob@?JLQ2@(1pCdg3S%E4*dJ}dA*v}_a4_P(a`cHnBFJxNobAv
zf&Zl-Yt*lhn-wjZsq<9<PjKts@j|?j*H<KG_l+Ikza{2Tyz(8wgaT$KKCTR@fUFh?
z9>v-IsXxAxMZ58C@e0!rzhJ+D@9^3~?~yllY^s$?&oNwyH!#~6x4gUrfxplCvK#!f
z$viuszW>MFEcFL?>ux*((!L$;R?xc*myjRIjgnQX7<gW>9@UPD$6Dz0jutM@7h_pq
z0Zr)#O<^y_K6jfY^X%A-ip>P%3saX{!v;fxT-*0C_j4=UMH+Xth(XVkVGiiKE#f)q
z%Jp=JT)uy{&}Iq2E*xr4YsJ5>w^=#-mRZ4vPXpI6q~1aFwi+lQcimO45V-JXP;>(Q
zo={U`{=_JF`EQj87Wf}{Qy35s8r1*9Mxg({CvOt}?Vh9d&(}iI-quvs-rm~P;eRA@
zG5?1HO}puruc@S{YNAF3vmUc2B4!k*yi))<5BQmvd3tr}cIs#9)*AX>t`=~{f#Uz0
z0&Nk!7sSZwJe}=)-R^$0{yeS!V`Dh7w{w5rZ9ir!Z7Cd7dwZcK;BT#V0bzTt>;@Cl
z#|#A!-IL6CZ@eHH!CG>OO8!%G8&8t4)Ro@}USB*k>oEUo0LsljsJ-%5Mo^MJF2I8-
z#v7a5VdJ-Cd%(a+y6QwTmi+?f8Nxtm{g-+WGL>t;s#epv7ug>inqimZCVm!uT5Pf6
ziEgQt7^%xJf#!aPWbuC_3Nxfb&CFbQy!(8ANp<Dkrrv&eXZOx^ui15L`|GC6Zo9J8
zt4l&YYgkq79`qbC=O@Wu>kWLI4oSnH?Q3f?0k1t$3d+lkQs{~(>06l&v|MpcFsyAv
zin6N!-;pggosR*vV=DO(#+}4ps|5$`u<dyVk_IJiOQUOA<$>dE%Kdmp?G7B#y%<bi
zGVk-OWo?nx8M9(n3)OkC>H`R|i8skKOd9Xzx8xgR$>Zo2R2Ytktq^w#ul4uicxW#{
zFjG_RNlBroV_n;a7U(KIpcp*{M~e~@>Q#Av90Jc5v%0c>egEdY4v3%|K1XvB{O_8G
zkTWLC>OZKf;XguMH2-Pw{BKbFzaY;4v2seZV0>^7Q~d4O=AwaPhP3h|!hw5aqOtT@
z!SNz}$of**Bl3TK209@F=T<Nh*u*7J=P_EEnnD=hbiG0v_)iQwN<!vDIogn=iGRs3
zt_h!RUdkzWHMpc*d}k%tjHimct$!p&AH8pRZ+FJo|9w~+h(n#lp$57vBXGLddx*%@
z5%Aj-8?hH;TIkF9$}Pwu0)KjO*p&uKv6>n1+mgZa8yh(Png%Zd6Mt}^NSjy)etQrF
zme*llAW=N_8R*O~d2!apJnF%(JcN??=`$qs3Y+~xs>L9x`0^NIn!8mMRFA_tg`etw
z3k{9J<p4JZCS-C}49WuHGGruT=x>Ajnl@ygIiJcNHTy02GMAvBVqEss&t2<2mnw!;
zU`J)0>lWiqVqo|ex7!+@0i>B~BSU1A_0w#Ee+2pJx0BFiZ7RDHEvE*ptc9md(B{&+
zKE>TM)+Pd>HEmdJao7U@S>nL(qq*A)#eLOuIfA<xx)>S@j`_sK0UEY6OAJJ-kOrHG
zjHx`g!9j*_jRcJ%>CE9K2MVf?BUZKFHY?EpV6ai7sET-tqk=nDFh-(65rhjtlKEY%
z@G&cQ<5BKatfdA1FKuB=i>CCC5(|9TMW%K~GbA4}80I5%B}(gck#Wlq@$nO3%@QP_
z8nvPkJFa|znk>V92cA!K1rKtr)skHEJD;k8P|R8RkCq1Rh^&}Evwa4BUJz2f!2=MH
zo4j8Y$YL2313}H~F7@J7mh>u%556Hw0VUOz-Un@ZASCL)y8}4XXS`t1AC*^>PLwIc
zUQok5PFS=*#)Z!3JZN&eZ6ZDP^-c@StY*t20JhCnbMxXf=LK#;`4KHEqMZ-Ly9KsS
zI2VUJGY&PmdbM+iT)zek)<hjl_Ql0Z<Zn_qAb)m1SGqs~RuzvnShAB@_vF{e+592q
z$DB!xBIZfcH*9&k=wlV*!)l9TjLaF6{FU=1emb_fuvC;885YA6nM5}UqhPTc%&*tY
z3h;oOpGO3Hx+t7EjPYfzaZ}+D=ndS&SDnV=GA-}a=$GiNOi~a`1gJao%JzT9!|NX9
z<CC9{n}y#@=&Y6rk@_w$wqbKs!E-bTFZW}3bqJ;f!@40M^ykqGs3;>#Qc#_i4uH43
z@T5SZBrhNCiK~~esjsO9!qBpaWK<`>!-`b71Y5R<QKZFC;tbrvH*7OQFB+SCa^&~y
zposW2PUqn>eXQ4AJU~T<enI;Gq30%Z%SsfHco3Z`w^cm#%0^~onRV&P&#QErx)JwE
z+PM!k!qYC}ESrBrHoDQz*X1YmFa#(SZW<AV$!J0LWu4IDbZ2bw=%%Iq9Hg*REoc?;
z{E60bn(-sNYKAv{(YDGA5Ne~oOSP*!BJYblyeWN+CVy8q4{fMj;2#8%D!ii%2bR=s
z%l;FFHzQ~S|A8UKuFT*34q|LzMc~~o#;)Kw9DtS!bp3JQi_@L6HQjXe7-;AjHEUja
z>2Njri1CEp5oKw;Lnm)-Y@Z3sEY}X<ceQi^_CPpPY_VEPYF+%Om#`r)SPUG}UXq2Y
zpr9=;`h)oB6MR*Xk2Eh4r7Hb|{>IgSy%xo=uek(kAAH5MsV$V3uTUsoTzxp_rF=tx
z<QsYQ(;?5S(qGqiH7>V07vlJNKtJhCu`b}*#m&5LV4TAE&%KtHViDAdv#c^x`J7bg
z&N;#I2GkF@SIGht6p-V}`!F_~lCXjl1BdTLIjD2hH$J^YFN`7f{Q?OHPFEM$65^!u
zNwkelo*5+$ZT|oQ%o%;rBX$+?xhvjb)SHgNHE_yP%wYkkvXHS{Bf$OiKJ5d1gI0j<
zF6N}Aq=(WDo(J{e-uOecxPD>XZ@|u-tgTR<972`q8;&ZD!cep^@B5CaqFz|oU!iFj
zU0;<Kr(xN%j}{P50=dczD~4jn(p0D1`)Q|ld@m)3cU?5-DDA%Lq4Vd2?$jcNa3@4}
zt0;5Pk0HJXk<P(S=!%ZtD121Ne##d}^nRI9>6fQX&~15E53EW&w1s9gQQ~Zk16X%6
zjG`j0yq}4deX2?Tr(03kg>C(!7a|b9qFI?jcE^Y>-VhudI@&LI6Qa}WQ>4H_!UVyF
z((cm&!3gmq@;BD#5P~0;_2qg<pD9=9nXg$TuH}wQh9<MTT}D~YJ$+K3jbd)SV}wix
zf+zmLDPNc@nH3C;GngJH(K9z-$bm-ym&hXvg&{t=h}^v&Zpkgh>ZhtJS|>WdtjY=q
zLnHH~Fm!cxw|Z?Vw8*~?I$g#9j&uvgm7vPr#&iZgPP~v~BI4jOv;*OQ?jYJtzO<^y
z7-#C={r7CO810!^s(MT!@@Vz_SVU)7VBi(e1%1rvS!?PTa}Uv`J!EP3s6Y!xUgM^8
z4f!fq<3Wer_#;u!5ECZ|^c1{|q_lh3m^9|nsMR1#Qm|?4Yp5~|e<cTgyd3~1T9l&*
zeQ01<P2U~{V&q4>r2?W^7~cl;_r4WSme_o68J9p03~Hc%X#VcX!xAu%1`R!dfGJCp
zV*&m47>s^%Ib0~-2f$6oSgn3jg8m%UA;ArcdcRyM5;}|r;)?a^D*lel5C`V5G=c~k
zy*w_&BfySOxE!(~PI$*dwG><<WF75p<o9EVVze~dTW<Z_^0lybcm7u?o5{_6x)ND;
zb8GQ#!>+-%KT5p?whOUMA*k<9*gi#T{h3DAxzAPxN&Xws8o9Cp*`PA5>d9*Z-ynV#
z9yY*1WR^D8|C%I@vo+d8r^pjJ$>eo|j>XiLWvTWLl(^;JHCsoPgem6PvegHb-OTf|
zvTgsHSa;BkbG=(NgPO|CZu9gUCGr$8*EoH2_Z#^BnxF0yM~t`|9ws_xZ8X8iZYqh!
zAh;HXJ)3P&)Q0(&F>!LN0g#bdbis-cQxyGn9Qgh`q+~49Fqd2epikEUw9ca<Icy-f
zOt40c5j7j)$)tP9?uvS*(MhNoK9DyuR}iw#hq(_Yg;FQNx_fxU*Eu(iTCigNUM7t<
z>M%V6WgP)532RMRW}8gNS%V%Hx7apSz}tn@bQy!<=lbhmAH=FsMD?leawbnP5BWM0
z5{)@EEIYMu5;u)!+HQ<i|FmCtfdneL-c-Zq4Plvb%6L#`yCeba4_fn4B8J3*R<jzl
zfvYN4K`&;0Sxn>WhQ;D3_Cm_NADNeb-f56}<{41aYq8p4=93d=-=q0Yx#knGYfXVt
z+kMxlus}t2T5FEyCN~!}90<Qw*O-2+V!RyNwDJ!D4}()%&9a2ilTUH&u5D!U%eI_q
zx}xGi`t`GnBsEW*ontVcR-ikx88LbjAhe<X@Zi_w7Y34lxFFrZ2Q&%wKjDtka2LVK
zHc8~1#H%sr<^E7ZD2HEuJ^9vl!WfP^A{M0b1kd0=9ymV8H)Sd)K8ApeV;=DNu1w7T
zq3y-B$08B=*qJh`RBSq*hM$V1Wi(wSS$C7SwYBw1{q+D%@|+@4!e&J2mmVQuQ$1nJ
zGVp>O_X@@PQpuy;kuGz@bWft%diBTx?d)_xWd_-(!LmVrh**oKg!1CNF&LX4{*j|)
zIvjCR0I2UUuuEXh<9}oT_zT#jOrJAHNLFT~Ilh9hGJPI1<5`C-WA{tUYlyMeoy!+U
zhA#=p!u1R7DNg9u4|QfED-2TuKI}>p#2P9--z;Bbf4Op*;Q9LCbO&aL2i<0O$ByoI
z!9;Ght733FC>Pz>$_mw(F`zU?`m@>gE`9_p*=7o=7av`-&ifU(^)UU`Kg3Kw`h9-1
z6`e6+im=|m2v`pN(2dE%%n8YyQz;#3Q-|x`91z?gj68cMrHl}C25|6(_dIGk*8cA3
zRHB|Nwv{@sP4W+Y<?>ZM)VKI>R<dU=sQkg7!lDS83Q3{+&sk$J+O!cATJ_o5Pb&W_
z)bdtK2>lB`n=Oj~Rzx~M+Khz$N$45rLn6k1nvvD^&HtsMA4`s=MmuOJID@$s8Ph4E
zAmSV^+s-z8cfv~Yd(40Sh4JG#F~aB>WFoX7ykaOr3JaJ&Lb49=B8Vk-SQT9%7TYhv
z?-Pprt{|=Y5ZQ1?od|A<_IJU93|l4oAfBm?3-wk{O<8ea+`}u%(kub(LFo2zFtd?4
zwpN|2mBNywv+d^y_8#<$r>*5+$wRTCygFLcrwT(qc^n&@9r+}Kd_u@Ithz(6Qb4}A
zWo_HdBj#V$VE#l6pD0a=NfB0l^6W^g`vm^sta>Tly?$E&{F?TTX~DsKF~poFfmN%2
z4x`Dc{u{Lkqz&y!33;X}weD}&;7p>xiI&ZUb1H9iD25a(gI|`|;G^NwJPv=1S5e)j
z;U;`?n}j<Q^Xq~o28<9wN;wOTm1lpjZMh*aUX(~T_Y3#ZnG~Ye&HG?FC8<&_!tool
z+@`jls~3x-4`e?M70izyrpLQDV~@R;Ddqa8ubupC&5hxJ!0Qn2&@6(rv>nY6rA{V^
zxTd{bK)Gi^odL3l989DQlN+Zs39Xe&otGeY(b5>rlIqfc7Ap4}EC?j<{M=hlH{1+d
zw|c}}yx88_xQr`{98Z!d^FNH77=u(p-L{W6RvIn40f-BldeF-YD>p6#)(Qzf)lfZj
z?3wAMtPPp>vMehkT`3gToPd%|D8~4`5WK{`#+}{L{jR<c)T{dJNa_2~nx}yzR>UMt
zrFz+O$C7y8$M&E4@+p+o<?<4i!4ikchlAhrd(TAazwXC#eTotZ4)SbD2SX9vq+(V^
zQt>V5c%uYzbqd2Y%SSgYy#xh4G3hQv>V*BnuKQhBa#=o<cI|?w3{ulWOpdl|%RYTA
zSx@6KnTs$R(CM2sHs-QJn!^oj_3M4<ToCw0Dysc#3eTjWBJ-T+adb-$?`_4mF<8?g
zSKY1V7KhH!;LK22fSg)B*<uJ7m~6W3CUps0^d9*o2V_Gub>ZB~w{azUB+q%bRe_R^
z>fHBilnRTUfaJ201czL8^~Ix#+qOHSO)A|xWLqOxB$dT2W~)e-r9;bm=;p;RjYahB
z*1hegN(VKK+ztr~h1}YP@6cfj{e#|sS`;3tJhIJK=tVJ-*h-5y9n*&cYCSdg#EHE#
zSIx=r#qOaLJoVVf6v;(okg6?*L_55atl^W(gm^yjR?$GplNP>BZsBYEf_>wM0Lc;T
zhf&gpzOWNxS>m+mN92N0{;4uw`P+9^*|-1~$<g_U{SU`H<rGXK<wL9(P>uXpggj4-
z^SFc4`uzj2OwdEVT@}Q`(^EcQ_5(ZtXTql*yGzdS&vrS_w<Vq*ng}zPHZxXbJ~5By
z5q!Q1MEDSMNOWX9zY-~b`9@lU+AIe>>~~ra|Nb5abwf}Y!uq6R5f&6g2ge~2p(%c<
z@O)cz%%rr4*cRJ5f`n@lvHNk@lE1a*96Kw6lJ~B-XfJW%?&-y?;E&?1AacU@`N`!O
z6}V>8^%RZ7SQnZ-<!aS@7Sy5FdEA^NVBSolPfAv!POl_VDW*<OY|VOa1x+Nt4h}kC
zF5f5bMcr5zsZz*#rv_qyg5_y;>z$(jsX`amu*5Fj8g!3RTRwK^`2_QH<oOlcTv0T*
zq^FmDESBJUwy8>e;_2y_n|6gSaGyPmI#kA0sYV<_qOZc#-2BO%hX)f$s-Z3xlI!ub
z^;3ru11DA`4heAu%}HIXo&ctujzE2!6DIGE{?Zs>2}J+p&C$rc7gJC<HidCCr+8PF
zWiTVZ>35gxhflorvsb%sGOxpuWhF)dL_&7&Z99=5M0b~Qa;Mo!j&Ti_kXW!86N%n=
zSC@6Lw>UQ__F&+&Rzv?gscwAz8IP!n63>SP)^62(HK98nGjLY2*e^OwOq`3O|C92?
z;TVhZ2SK%9AGW4ZavTB9?)mUbOoF`V7S=XM;#3EUpR+^oHtdV!GK^nXzCu>tpR|89
zdD{fnvCaN^^LL%amZ^}-E+214g&^56rpdc@yv0b<3<Gcz@z*K79?oK~*UzGlKFJXT
z{XOryj|k?!nDS(G1LtLxYD^Cq?c?_!zYn!x^#tLjQ6=Wb!)yrQsQW$6U<7{9%v7a-
zv*ocK5QN4V3`xVyd7lYi<tse4LzLtbxdam8l#%xfBL@jXus_3m`H&T(SG4<1{Xtfu
zMb*~2c3zevaj8sJ+%2=tK7#q$!xF@Xc_%7Ws0|ayo4RjQhmCcKBx<ij=1uikr$^Pt
z9|pP=(@t-<MX5uDFk4~}Y&YCR_($i(L2tZ?=zYb8^M2`}T)&sKMTvyh6Hf2vk#&E}
zXFWd3BT@?-Qm?6K=3M(cZ#LOR`xDd$o~J$T>}Ys?)f|fXN4oHf$six)-@<;W&&_kj
z-B}M5U*1sb4)77aR=@%I?|Wkn-QJVuA96an25;~!gq(g1@O-5VGo7y&E_srxL6ZfS
z*R%$gR}dyONgju*D&?geiSj7SZ@ftyA|<I`YtD1a%3oCr%5@GGkBtN{5mnwPyOw=G
z)5mh1d5f2bd0O6v9}uRb?jQWt0Hmbh{Lw~%;q96e<JYrfUt;Ww3`|kuk8YLozMnJA
zL-%S-b>}(*Y4KbvU!YLsi1EDQQCnb+-cM=K1io78o!v<D2B&P2)99nqSy|&vmf_z?
z=eWr~Nb^z}4FA|*1-U>*);o<<Bb~caN#d%78rHzz&LtUD8*+uiPJdUJ<!gd#RBLsK
z$C!13l?*$0KTH~HOk{`~({IY19$^eGtD0+`Ng;Krabee-ZmxY?a!#sR^lIs7X@lqE
z)iFHx46*Kc<U3%gK1Qg`N*=%M8g<Qr@DDqezg1<>XwjaQH%)uIP&Zm?)Nfbfn;jIr
z)d#!$gOe3QHp}2NBak@yYv3m(CPKkwI|{;d=gi552u?xj9ObCU^DJFQp4t4e1tPzM
zvsRIGZ6VF+{6PvqsplMZWhz10YwS={?`~O0Ec$`-!klNUYtzWA^f9m7tkEzCy<_nS
z=&<(awFeZvt51>@o_~>PLs05CY)$;}Oo$VDO)?l-{CS1Co=nxjqben*O1BR>#9`0^
zkwk^k-wcLCLGh|XLjdWv0_Hg54B&OzCE^3NCP}~OajK-LuRW53CkV~Su0U>zN%yQP
zH8UH#W5P3-!ToO-2k&)}nFe`t+mdqCxxAHgcifup^gKpMObbox9LFK;LP3}0dP-UW
z?Zo*^nrQ6*$FtZ(>kLCc2LY*|{!dUn$^RW~m9leoF|@Jy|M5p-G~j%+P0_#orRKf8
zvuu5<*XO!B?1E}-*SY~MOa$6c%2cM+xa8}_8x*aVn~57v&W(0mqN1W`5a7*VN{SUH
zXz98DDyCnX2EPl-`Lesf`=AQT%YSDb`$%;(jUT<emmKF_zfZmU9B12q_dyZ<_@h~k
zvEq1`Vx6X|zFHC1f>rNen$NPJrlpPDP}prI>Ml!r6bCT;mjsg<oj3+@ct5lWE*J;5
z4E~(;FwK{V8;n^S+p_aly?)G^7&y`S%eK)TJhe8?@}L_b8H};V-{Fr!7~z`5Jn&~y
zle5N-{eo+>@X^#&<}CGf0Jt<ps|x+2W>R{Ecwd&)2zuhr#nqdgHj+g2n}GK9CHuwO
zk><uMX@X}I+5rrj?NaO6BMSeLuD{-~8R-Gl2xdC9#?M&n3M8$1#r~F<bd_yU6EE{Y
z#eCFVb$%8`qmYLY$VN_bTcap4)*3IM0tVFqt0C)EHHU4$9K2ap4$RYn7cYx68f*63
zqjgq9d3s#J0z)IOp-dbsoyDl3q&F;wDIxirPuXzvw6-Mhm_%B8`dB@kd7fLXw-%?$
zoq?`st6r0!H5QKHrVxu9;wFCr4k6@&eG$(7Z2Wi#T=t;uR8LkI#eWjbL4#SB+RR!}
zkvLwWmhxM!7BIsi5NeXcxeg6+4^H8NJB5=2mJzA06v|{=fl0X|ig2$)&h*GM&JpHp
zr`8`GjG!&l9EyWchuo>oZxy{v<eHuSsx&-tHadS1q^a4f?|RTjYB^sRK14!iW+^lB
z!ebp33Hf8OUb(D`D*|G{AftC98wHP4tb?H!)=@9haZJ)F+0;HQc5`Qlnk&U!fz)-9
z%lX#G)XFlYmyE^D)O;h749_^`>cOL)$8-}L^iV<p27<5%t|ClWJe$Rd_|U|Ck(u@6
zTgwrC&(m^cFeKDxIl7TOJH#1Wo==_x;yAITBFJ1z$*I>fJHAGfwN$prHjY<ZwGVKY
zZ8+b}fUD+>V0ju}8%jWquw>}_W6j~m<}Jf!G?~r5&Rx)!9JNX!ts#SGe2HzobV5);
zpj@&`cNcO&q+%*<%D<T}5E&SDWDa4Lg;*h`<xw$&SGrTg$|CXl_i7+njSd+)yvyz7
z+0<o|PMTJL)R>7za|?m5qlmFK$=MJ_iv{aRs+BGVrs)98BlN^nMr{V_fcl_;<BiuS
ztTFCwthZrVHPPZYBIYp#EouQ9MTH{-OaLh9+PRHAG3=cqP}nnZd8AjsX8sR)@*@Na
z!0>jkzRju+c-y?gqBC_@J0dFLq-D9@VN&-`R9U;nv$Hg?>$oe4N&Ht$V_(JR3TG^!
zzJsbQb<dCovVFFYER#ii{pf+`)Dd4mJA8V_i{)g*7b35$IR9(S%Er0t1yr7X5aERc
zeK=jG4aV7X*X+)C@a&31a^^wDy<E&Lu}Ry(`Um&dxXGiHJfU<|q(iByYWWLIS^^>i
zFE6-{#9{G{+Z}ww!ycl*7rRdmU#_&|DqPfX3CR1I{Kk;bHwF6jh0opI`UV2W{*|nn
zf_Y@%wW6APb&9Rr<YY$Si*BvV^N#m{QYOko?PXQXU(La}0lCv3qWQ$bi`=<yuf89@
zA3M_;xKTP6E^K#?{F`hD*rTDZhZ!h73@a^*&yKH>bEN=PQRBEpM(N1w`81s=(xQj6
z-eO0k9=Al|>Ej|Mw&G`%q8e$2xVz1v4DXAi8G};R$y)ww638Y=9y$ZYFDM$}vzusg
zUf+~BPX>(SjA|tgaFZr_e0{)+z9i6G#lgt=F_n$d=beAt0Sa0a7>z-?vcjl3e+W}+
z1&9=|vC=$co}-Zh*%3588G?v&U7%N1<wSL*V~9}~r(eJ^+Xr3`-m(Sj@@;y|({lFw
zG+a0jI%A@viPJ_TgyiV93C-_fon>Qf-wNWJ)(v`iO5KHSkC5&g7CrKu8V}uQGcfcz
zmBz#Lbqwqy#Z~UzHgOQ;Q-rPxrRNvl(&u6ts4~0=KkeS;zqU<rCYLCOgtuj&A3yvF
z)|<)nA^eF$@T!K+ig@JbUkyVVJP%Y)>Rz%!-ERppmd%0v>iRlEf+H$yl{_8TMJzo0
z>n)`On|7=WQdsqhXI?#V{>+~}qt-cQbokEbgwV3QvSP7&hK4R{Z{aGHVS3;+h{|Hz
z6$Js}_AJr383c_+6sNR|$qu6dqHXQTc6?(XWPCVZv=)D#6_;D_8P-=zOGEN5&?~8S
zl5jQ?NL$c%O)*bOohdNwGIKM#jSAC?BVY={@A#c9GmX0=T(0G}xs`-%f3r=m6-cpK
z!%waekyAvm9C3%>sixdZj+I(wQlbB4wv9xKI*T13DYG^T%}zZYJ|0$Oj^YtY+d$V$
zAVudSc-)FMl|54n=N{BnZTM|!>=bhaja?o7s+v1*U$!v!qQ%`T-6fBvmdPbVmro&d
zk07TOp*KuxRUSTLRrBj{mjsnF8`d}rMViY8j`jo~Hp$fkv9F_g(jUo#Arp;Xw0M$~
zRIN!B22~$kx;QYmOkos@%|5k)!QypDMVe}1M9tZfkpXKGOxvKXB!=lo`p?|R1l=tA
zp(1}c6T3Fwj_CPJwVsYtgeRKg?9?}%oRq0F+r+kdB=bFUdVDRPa;<s*Z4&z%Yqy%U
zOeHw$WK*_?C+%QKv}yj&a(!5Ni>E~~>2$w}>O>v=?|e>#(-Lyx?nbg=ckJ#5U6;RT
zNvHhXk$<cTrzyFrc-kzJ80|Sr7cPKJYnxQh*Fg9@b51h^!>P}m9wSvFyU3}=7!y?Y
z=fg$PbV8d7g25&-jOcs{%}wTDKm>!Vk);&rr;O1nvO0VrU&Q?TtYVU=ir`te8SLlS
zKSNmV=+vF|ATGg`4$N1uS|n??f}C_4Sz!f|4Ly8#yTW-FBfvS48Tef|-46C(wE<BN
zM?~(EkSJJWr_!W7-HptZRmK`p&C>O_%pPhUC5$-~Y?!0vFZ^Gu`x=m7X99_?C-`|h
zfmMM&Y@zdfitA@KPw4Mc(YHcY1)3*1xv<iSQWzdA1>W9V-r4n-9ZuBpFcf{yz+SR{
zo$ZSU_|fgwF~aakGr(9Be`~A|3)B=9`$M-TWKipq-NqRDRQc}ABo*s_5kV%doIX<z
zw8f$0lCeVGD0^!OedVm2t32)213YQ46v=o)@UsVzy`KZ%hr__m!jsQbd@}{{Vg1hz
z`m2-BpqxgapTIephm4Cik^T6BeWfmt%BA@BRlvqT0ILcR0(vVdxD!}~F3BI!@Yuk*
zM2~`l5+!SvcPoj}AC@Q9McO3!2ke!m5VcW3F%a(IA*N@sL73(w3O(3~t5el4Dq{JU
z21IfDfV)n^u4cGvvfJlGe~Q~Yzeudy#8j^ja>7LRLRau_gd@Rd_aLFXGSU+U?uAqh
z8qusWW<lz^u{++i(BMS0kYpMurHwdx8=v!VDug!+!?SoQ%5#Z9_%%XQ)=}5@(OGY$
z!*NFRMlh?b0mZ-o&{hRY(q#;?AsyI_fTbU3vvt{86Gd^<UxrFKXriAuhLyoz-Rb+|
z<1fH@C7QEgQz2VdIb}M#v@~+roe%YIUs5B>cvgQ&wu{|sRXmv?sl=xc<$6AR$+cl&
zFNh5q1~kffG{3lDUdvEZu5c(aAG~+64FxdlfwY^*;JSS|m~CJusvi-!$XR`6@XtY2
znDHSz7}_Bx7zGq-^5{stTRy|I@N=>*y$zz>m^}^{d&~h;0kYiq8<^W<E|75Z!A4X;
zB0ckyjy2crb1=uu;OnTA+AN(`$!y~N){ZywsrcJ<-RJ-6@#;QH|7$vRI{)h?@p2NX
z`N+$B?J?QE9;Pm%%)e)K9b55SBEW5@Zc4|{XhN6&8tG6ODyNFgS%k;enJu!|jBjTn
zO3=N;{~$Us+^lM79~#+NVdMuMV*xv4<srsN5l%(Xfx|TFiWsSLu6VKb8+BQX%9T6)
zLIA<^s*!o98&YNSoO#lh*yl=4IaXWU@%j6|nHVJL2?PUhARrz8&IkW*Q<47%jpzTI
z4gPog-xBcuLB=pm_-|9W&~MFVz_3-f?M6(XIxnIg#$zC^5E`10kVD2)wtP_r+-MVn
zDB)nM192c6VQ(1fw5pgW;z9QPF|WVy-Pi3Kqyd;SXdDvK@g#36c@VC&u=_B=n%w}x
z9G42<h(@l93n9W)B(s=&>q7Dz0w31ShO^~LUfW6rfitR0(=3;Uue`Y%y@ex#eKPOW
zO~V?)M#AeHB2kovn1v=n^D?2{2jhIQd9t|_Q+c|ZFaWt+r&#yrOu-!4pXAJuxM+Cx
z*H&>eZ0v8Y`t}8{TV6smOj=__gFC=eah)mZt9gwz>>W$!>b3O;Rm^Ig*POZP8Rl0f
zT~o=Nu1J|lO>}xX&#P<uNYpwDdsi81$~7Dv-8cIS(lR52^!TF;6k;WMGV`thcu^6S
z@T3rgu^2l&lSgk|u&dqJ2P;_lKd-gsz+E~nyy$zL@l8HyyxzgF#YH#@jXdT>58%Yl
z83`HRs5#32Qm9mdCrMlV<JBDhyZ+y^N%S92djDerOElqpRE}K*p`=oMP>|NKNC+Z~
z9OB8xk5HJ>gBLi+m@(pvpw)<om*<*&g*ukIpJ5#uX6#7U*X+*MN|7vZ8*HK)=`Y9r
z)#d;zRimk{mmRK`xtmKSn@imtSD%un-#&@aHsi(XFSqmU+t2^tlw;mwe}X*y&#AIH
zlv#=?W?e4tr=1o`K<LAS)WBGaORGt!_L??}o8QF5X|ARAXjcw9(=`^ih&uvZ?3o=4
ztCfj-M@ZND9Dnt(PEoh14OzzWaAN5QQ)tU}4*nXvp1HQ^w*zt7KrnA5B`0hYyAdFC
zH+>1(OaVJKs*$Ou#@Knd#bk+V@y;YXT?)4eP9E5{J%KGtYinNYJUH9PU3A}66c>Xn
zZ{Bn0<;8$WCOAL$^NqTjwM?5d=RHgw3!72WRo0c;+houoUA@HWLZM;^U$&sycWrFd
zE7ekt9;kb0`lps{>R(}YnXlyGY}5pPd9zBpgXeJTY_jwaJGSJQC#-KJqmh-;ad&F-
z-Y)E>!&`Rz!HtC<wKL>z>%yO<y&s#nmyWumg2@9<En(?C^(|rjP3fstXvL7F_}@s~
zK?}vRELPAe=@^SDzf;4gMIY~6wbR)ERQj~L^17FRR>J|v(u7P*I$jqEY3}(Z-orn4
zlI?CYKNl`6I){#2P1h)y(6?i;^z`N3bxTV%wNvQW+eu|x=kbj~s8rhCR*0H=iGkSj
zk2<D*!UmdR0qg)7cV>3lr9kr|p7#qKL=UjgO`@UnvzU)`&fI>1Qs7ubq{@+lK{hH*
zvl6eSb9%yngRn^T<;jG1SVa)eA>T^XX=yUS@NCKpk?ovCW1D@!=@kn;l_BrG;hOTC
z6K&H{<8K#dI(A+zw-MWxS+~{g$tI7|SfP$EYKxA}LlVO^sT#Oby^grkdZ^^lA}uEF
zBSj$weBJG{+Bh@Yffzsw=HyChS(dtLE3i*}Zj@~!_T-Ay7z=B)+*~3|?w`Zd)Co2t
zC&4DyB<B`NVJ>!o&YgSw+fJn6`sn$e)29`kUwAc+1MND7YjV%lO;H2}fNy>hD#=gT
ze+-aFNpyKIoXY~Vq-}OWPBe?Rfu^{ps8>Xy%42r@RV#*QV~P83jdlFNgkPN=T|Kt7
zV*M`Rh*30&AWlb$;ae130e@}Tqi3zx2^JQHpM>j$6x`#{mu%tZlwx9Gj@Hc92IuY*
zarmT|*d0E~vt6<+r?W^UW0&#U&)8B6+1+;k^2|FWBRP9?C4Rk)HAh&=AS8FS|NQaZ
z2j!iZ)nbEyg4ZTp-zHwVlfLC~tXIrv(xrP8PAtR{*c;T24ycA-;auWsya-!kF~CWZ
zw_uZ|%urXgUbc@x=L=_g@QJ@m#5beS@6W195Hn7>_}z@Xt{DIEA`A&V82bc^#!q8$
zFh?z_Vn|ozJ;NPd^5uu(9tspo8t%&-U9Ckay-s@DnM*R5rtu|4)~e)`z0P-sy?)kc
zs_k&J@0&0!q4~%cKL)2l;N*T&0;mqX5T{Qy60%JtKTQZ-xb%KOcgqwJmb%MOOKk7N
zgq})R_6**{8A|6H?fO+2`#QU)p$Ei2&nbj6TpLSIT^D$|`TcSeh+)}VMb}LmvZ{O|
ze*1IdCt3+yhdYVxcM)Q_V0bIXLgr6~%JS<<&dxIgfL=Vnx4YHuU@I34JXA|+$_S3~
zy~X#gO_X!cSs^XM{yzDGNM>?v(+sF#<0;AH^YrE8smx<36bUsH<L8f?5hvib^(w-z
zQO~nQ$dVU0i#a3ki#~Zfn+z)A0X6&+uTO~YY-95PED8rYa#tnOB_5j0D(OiyL`p9s
zv+IJ_k!HYz5YcKEc7QF88Nvot?2oM%4aDY1Bzw#ErO+K${;d;Xz}Qst%^Hxe<y|{#
z0i<}um0l#qNYBrEHp~^dRc(MW&*nx$<xOZo&ngs@b)HTJL5#EBLw4XB%N{_Unwz1|
zV8i$e7agBMpxq^UD+OBzpAA4~Wm`dImRWzuo^(m(ArJer$O=jb))nZ!p#}ai;I|`b
zxh~i8wmS;I?uK@A5wM9(c}p9|(M`BOW}{O$gH|yS=WST0IY5xeK;n^|OTOu06VXGL
ziLV81^Z>bN#y57K8WEu(`qHvQ6cAZPo=J5C(lSmUCZ57Rj6cx!e^rfaI5%w}unz}4
zoX=nt)FVNV%QDJH`o!u9olLD4O5fl)xp+#RloZlaA92o3x4->?rB4`gS$;<QP`qnB
zxyR|2?xCkFimDvX6HOV?^)Ex~)EDlr;3{Zk;-f=p?%7c@-P$(ps9BR^)$rFZsteaA
z;pEqzR194rw0JOm6L~PJ9F(nNaRn+j%W1SvOz`}E|6u-%XnRuFO#whbo=$_b&QmEc
zz35A#zc{~jeDG0s#(%Oyh`}`Lr28fKNg=;!oXo#n2s2b!wHSqmp4gLtkq~?+{}p*~
zmyPE6L~1+ln$95dm03gaCX?Mx^?0LvGdEce@^Fw=4Li}NJ(PPrnJG8UTM7f;`bHcw
z$Z`@wnD>WO{R;Z3>cG3IgFX2EA?PK^M}@%1%A;?f6}s&CV$cIyEr#q5;yHdNZ9h{|
z-=dX+a5elJoDo?Eq&Og!nN6A)5yYpnGEp}?=!C-V)(*~z-+<AB{~}$sb=b_3)fww3
z1aC=mU#wAjt*hH!O=_Rq0hO_a&wY#~Xao9@|NW*<bx}+viW;viI*Z+I?~t{%B+v(!
zDDr@@d60%bC|=S0vZozViq<m)h@uyR_WM|>?kY1Q7qs#Rsy%hu_60rdbB+QQNr?S1
z?;xtjUv|*E3}HmuNyB9aFL5H~3Ho0UsmuMZELp1a#CA1g`P{-mT?B<X1H9ohvAM^;
z+8=gDne1h_tC$>chuLEtK}!QZ=3AWakRu~?f9V~3F;TV`5%9Pcs_$gq&CcU}r8gOO
zC2&SWPsSG{&o-LIGTBqp6SLQZPvYKp$$7L4WRRZ0BR$Kf0I0SCFkqveCp@f)o8W)!
z$%7D1R`&j7W9Q9CGus_)b%+B#J2G;l*FLz#s$hw{BHS~WNLODV#(!u_2Pe&tMsq={
zdm7>_WecWF#D=?eMjLj=-_z`aHMZ=3_-&E8;ibPmM}61i6J3i<Ry9$0oO(dC+M{8z
zs~&fm$9WhF63%!K_Mm6jbUbs_bSm8+)$j`QmCxcnfVz-~LWI0Pvt$(Iiice=m6f#A
znKpqTEVc`=3la-JE~IF8T$O7$xw2vGNtATg%;ITCJQ$<SdLX>s*=dKf%HC>=xbj4$
zS|Q-hWQ8T5mWde6h@;mS+?k=89?1FU<%qH9B(l&O>k|u_aD|DY*@~(`_pb|B#rJ&g
zR0(~(6<MTX1VH`>8fpUPz6TdS@4JT5MOPrqDh5_H(eX1$P2SQrkvN8sTxwV>l0)Qq
z0pzTuvtEAKRDkKGhhv^jk%|HQ1DdF%5oKq5BS>szk-CIke{%js?~%@$uaN3^Uz6Wf
z_iyx{bZ(;9y4X&>LPV=L=d+A}7I4GkK0c1Xts{rrW1Q7apHf-))`BgC^0^F(>At1*
za@e7{lq%yAkn*NH8Q1{@{lKhRg*^TfGvv!Sn*ed*x@6>M%aaqySxR|oNadYt1mpUZ
z6H(<Ni{=BqKRj2FW+}Co`K?u{@WLS%pQm3TU}Q0c616}yg+(R+@sl}k&>rupHYf&Z
z29$5g#|0MX#aR6TZ$@eGxxABRKakDYtD%5BmKp;HbG_ZbT+=81E&=XRk6m_3t9PvD
zr5Cqy(v?gHcYvYvXkNH@S#Po~q(_7MOuCAB8G$a9BC##gw^5mW16cML=T=ERL7wsk
zzNEayTG?mtB=x*wc@ifBCJ|irFVMOvH)AFRW8WE~U()QT=HBCe@s$dA9O!@`zAAT)
zaOZ7l6vyR+Nk_OOF!ZlZmjoImKh)dxFbbR~z(cM<ohJsx2;$$S(LMO!JiV@-OGlmm
z`NdjOOy9O@m26&M`?ASmTQ{@=-K%#U)U7w<-rclq>hfeX1l7S_`;h|v3gI}<v)x_w
zvu)Dq)`qX%>n9$sSQ>+3@AF<e#LTCwgPu=4ybha;DXu-e#IUo*sWeYFrWHoigJs{Q
zYu_ff&j$_|OP<X2&rv4d2FV^~F@43}*F8@FN!r^c>Ay9=B_y$)q;Wdl|C-X|VV3w8
z2S#>|5dGA8^9%Bu&fhmVRrTX>Z7{~3V&0UpJNEl0=N32euvDGCJ>#6dUSi&PxFW*s
zS`}TB>?}H(T2lxBJ!V#2taV;q%zd6fOr=SGHpoSG*4PDaiG0pdb5`jelVipkEk%FV
zThLc@Hc_AL1#D&T4D=w@UezYNJ%0=f3iVRuVL5H?eeZM}4W*bomebEU@e2d`M<~uW
zf#Bugwf`VezG|^Qbt6R_=U0}|=k;mIIakz99*>FrsQR{0aQRP6ko?5<7bkDN8evZ&
zB@_KqQG?ErKL=1*ZM9_5?Pq%lcS4uLSzN(Mr5=t6xHLS~Ym`UgM@D&VNu8e?_=<G2
z$Y^_uSNUz|Ag`4k$;;4dC>nSFtF$u@hpPSmI4Vo_t&v?>$~K4y(O~Rb*(MFy_igM7
z*~yYUyR6yQgzWnWMUgDov!!g=lInM+=lOmOk4L`O?{i&qxy&D*_qorRbDwj6?)!ef
z#JLd7F6Z2I$S0iYI={rZNk*<{HtIl^mx=h>Cim*04K4+Z4IJtd*-)%6XV2(M<qEcY
zKpTExU9W`Sp|>CscPiw_a+y*?BKbTS@BZ3AUao^%Zi#PhoY9Vib4N>SE%4>=Jco0v
zH_Miey{E;FkdlZSq)e<{`+S3W=*ttvD#hB8w=|2aV*D=yOV}<n%QCtpFj!1iP3=++
zF%bul8RQG~xNUT@7_D%fDp&f9U3+!yV(BF^EJ6M?ggfgy%D_aSJLQh<Q8L9^3Z4lP
zSliD?8{L~ZN{}ULe$or4iOcd9fCXx)uXD>(&p%0LbEWH$&@$X3x~CiF-?ejQ*N+-M
zc8zT@3iwkdRT2t(XS`d7`tJQAjRmKAhiw{WOqpuvFp`i@Q@!KMhwKgs<K(HF*wpN5
zv(vj1XA8yT@r9sbul0J^6}T8DTrg3?UvaTK(_8@BG(vOS@R#A};jf~t=|7FM{G%;V
z$moCx(glgj5-;%1QM|u%2d3FX97|2!-{zNf(~wZQL8&V6ON(xoE>A}%@sw8Xo5Y=F
zhRJZg)O4uqNWj?V&&vth*H#je6T}}p_<>!Dr#89q@uSjWv~JuW(>FqoJ5^ho0%K?E
z9?x_Q;kmcsQ@5=}z@tdljMSt9-Z3xn$k)kEjK|qXS>EfuDmu(Z8|(W?g<kN}okBu|
z`906+8rq=5w?nFA6VC1#eQVZ_=+&soKuCq9J4-B?5ajOsO<ZqBE?J2XT_J8fPV98+
zk#wtSBTro80%$s5KaeCr*oviwvkprv-mw0v@x!YSCMmDCbzwIduaRkq+nkD$>Y6-l
z@R_#M8=vxKMAoi&PwnaIYw2COJM@atcgfr=zK1bvjW?9B`-+Voe$Q+H$j!1$Tjn+*
z&LY<%)L@;zhnJlB^Og6I<R<r5yYZK!bg%i+z^Gb9&z&*Z#pVBay5jNKYESI$cqK!;
zs%j&*N?LE3ILkbKV_0UUpL<A`zeQtv+?k$&h|~*OX&e)^SV^abQ&PMGXtX3fI2kT=
z2Y%RbH`bf;|K;F8Mxo)Ov25Y*lHOz#D>&BOR-m?{IW;tyYC%FZ!&Z>kGjHJ6cqM-F
z&19n+e1=9AH1VrVeHrIzqlC`w9=*zfmrerF?JMzO&|Mmv;!4DKc(sp+jy^Dx?(8>1
zH&yS_4yL7m&GWX~mdfgH*AB4<e8V;o9`b8>{CKo;+egw=PrvkTaoBU+P-4u?E|&!c
z)DKc;>$$B6u*Zr1SjUh<mc1^2+c=@@6(J4|#?}T_|M2b62=4`4F-ba1m43BpL!aCj
zR^w2TEDEd$X7pi$++6T@mH_M(zN#-+gi}U5eaDqd^tUG_>2)FeuWLWHl5TH(UHWkf
zLs>7px!c5n;rbe^lO@ql<wf#W%s8knI~Th~JR_Kl+2&@Zoorl!op+Ba_ZYj2yD(^E
z$}7%1B7{$MlPHueM^5x<Vc5^Pd5$8yYQ@u;!UngDNs9O`zY)-uu_X-;n9-+TuAb`^
z<H1e|G%#k-<p?8qbT%m<kMd#1>YLzlDVp(z?6r<WUtyWnlD^G9B?_Ur{&KCOuHNMq
zk|B^K_<0Q-9-+@;d#BY&2k-R$to<44{eG#pW>PZel=YB)Uv&n!2{+Mb$-vQl=xKw(
zve&>xYx+jW_NJh!FV||r?;hdP<!CWxpcsZKiv4>*jOXYcLCp>DOtJ?2S^)DkM{{Eb
zS$!L$e_o0(^}n3tA1R3-$SNvgBq;DOEo}fNc|tB%%#g4RA3{|euq)p+xd3I8^4E&m
zFrD%}nvG^HUAIKe9_{tXB;tl|G<%>yk6R;8L2)KUJw4yHJXUO<O#J#etA!EQr#Ixj
zZuFu$GT+Wpqx#)|V^@Cm`sHrRN~=Je%6V#~5_a6U7SazOW-GgiQtB4%%~2(B0iBsg
z;PpJsF|+l@`Wy@y_OtfS`JgrB)rNO1MTjsxeQ7|k!FQ^3n6kbM;^~mT&4KxW*m77y
zq%{h&JwttX7mQ1|xDfr$rzHoYHzjn|^DmxVimK9<IM)^a;|9O2LO78(*WR_|D40bM
z4}thc%eqOsDqUE<D1~O4evp0zw~wzT!F>PM>(-+jxq4R;z8H#>rnJy*)8N+$wA$^F
z<U&lTYAkA<S9x1+2s?lu2|Zd2nj#EvZB!v_&9eAD+8*)ghmbT+{)~_^Px6pMeOz2X
zv~Wjk&YGtROVvA~E^msuyea-{C!TM*WVVa4lhy%2Gi&UvdDpYWzNapW2o<z2pU37x
zeudIr){wxOzdWU}R?Ue;nbpX4`c>N+H*3t)eFEgxLw+Nw3};4WV$qj&_D`%ADV2%r
zJCPCo%{=z7;`F98(us5JnT(G@sKTZ^;2FVitXyLe-S5(hV&Ium+1pIUB(CZ#h|g)u
zSLJJ<@HgrDiA-}V_6B^x1>c9B6%~847JkQ!^KLZ2skm;q*edo;UA)~?SghG8;QbHh
z_6M;ouo_1rq9=x$<`Y@EA{C%6-pEV}B(1#sDoe_e1s3^Y>n#1Sw;N|}8D|s|VPd+g
z-_$QhCz`vLxxrVMx3ape1xu3*wjx=yKSlM~nFgkNWb4?DDr*!?U)L_VeffF<+!j|b
zZ$Wn2$TDv3C3V@BHpSgv3JUif8%hk%OsGZ=OxH@8&4`bbf$`aAMchl^qN>Eyu3JH}
z9-S!x8-s4fE=lad%Pkp8hAs~u?|uRnL48O|;<hL9ZDZTaoVqCgAV4_fXA_B>*DEU!
zuS0{cpk%1E0nc__2%;apFsTm0bKtd&A0~S3Cj^?72-*Owk3V!ZG*PswDfS~}2<8le
z5+W^`Y(&R)yVF*tU_s!XMcJS`;<i5$MCe|U*GT!0%*LADX`D^%6_<=D#Ru0`TRN8+
zm@tIK)49`32a<@shitOU#x<QU%nW!IzfjK>(Tr`J0%>p=Z&InR%D3@KEzzI+-2)HK
zuoNZ&o=wUC&+*?ofPb0a(E6(<2Amd6%uSu_^-<1?hsxs~0K5^f(L<W1_uUGAdyXWF
z-9E^}>sGqgEF^+0_H=uNk9S0bb!|O8d?m5gQjUKevPaO+*VfSn^2892K~%crWM8+6
z25@V?Y@J<9w%@NXh-2!}SK_(X)O4AM1-WTg>sj1{lj5@=q&dxE^9xng1_z9w9DK>|
z6Iybcd0<ba%T-PM@iR4f+hWNy2(Dh#%r^4ZjOOcYUhl?lcc*@SuVYF<0NRX~sTl15
z&yX+gisvpMdp($7GpQ}~BtfayBnqkt65sVAS)H#))Ya=X_9qRpsELVk)K-Umx|Q>e
zy<csGv$iOY<#zt!tLyihB^h0nm-w?)HRS0&_TFyZkN{(*U!r-+J#Pt@VJw|c&+Ad7
zGuhURv<S1E^2YPq{$<>i;Ew!KBRIfGPGytQ6}z}MeXCfLY0?9%RiyagSp_D1?N&c{
zyo>VbJ4Gy`@Fv+5cKgUgs~na$>BV{*em7PU3%lloy_aEovR+J7TfQKh8BJXyL6<F;
zULuFu;b(C;CC(l^>|P8un-Jnq(ghd!_HEOh$zlv2$~y3krgeH;9zC}V3<xe_B^^Vb
z>f`uDtW(%mT#944DQa~^8ZI+zAUu4U(j0YcDfKR$bK#gvn_{JZ<YX};laf~yTsdEA
zA~Ra?VD!R`MyGN9;7}SV*B=q$h>>|gZ5+)u?T$w<UlM8Es^_5l0fa>7Q%F^;!Wk?G
z(le7r!ufT*cxS}PR6hIVtXa)i`d$-_1KkyBU>qmgz-=T};uxx&sKgv48akIWQ89F{
z0<y9Cbjk%^#=J+qPnsNw%*mP1XLirQj9jh94t22gxgVWwR*I>XiY?WM^~;|T8zBOr
zs#zuOONzH?svv*jokd5SK8wG>+yMC)LYL|vLqm^PMHcT=`}V$=nIRHe2?h)8WQa6O
zPAU}d`1y(>kZiP~Gr=mtJLMu`i<2CspL|q2DqAgAD^7*$xzM`PU4^ga`ilE134XBQ
z99P(LhHU@7qvl9Yzg$M`+dlS=x^(m-_3t|h>S}E0bcFMn=C|KamQ)=w2^e)35p`zY
zRV8X?d;s^>Cof2SPR&nP3E+-LCkS0J$H!eh8~k0qo$}00b=7!H_I2O+Ro@3O$nPdm
ztmbOO^B+IHzQ5w>@@@J4cKw5&^_w6s!s=H%&byAbUtczPQ7}wfTqxxtQNfn*u73Qw
zGuWsrky_ajPx-5`R<)6xHf>C(oqGf_Fw|-U*GfS?xLML$kv;h_pZ@Kk$y0X(S+K80
z6^|z)*`5VUkawg}=z`S;VhZhxyDfrE0$<offD>(PMurAxl~<>lfZa>JZ288ULK7D`
zl9|#L^JL}Y$j*j`0-K6kH#?bRmg#5L3iB4Z)%iF@SqT+Lp|{i`m%R-|ZE94Np7Pa5
zCqC^V3}B(FR340pmF*qaa}M}+h6}mqE~7Sh!9bDv9YRT|>vBNAqv09zXHMlcuhKD|
zcjjA(b*XCIwJ33?CB!+;{)vX@9xns_b-VO{i0y?}{!sdXj1GM8+$#v>W7nw;+O_9B
z_{4L;C6ol?(?W0<6taGEn1^uG=?Q3i29sE`RfYCaV$3DKc_;?HsL?D_fSYg}SuO5U
zOB_f4^vZ_x%o`5|C@9C5+o=mFy@au{s)sKw!UgC&L35aH(sgDxRE2De%(%OT=VUdN
ziVLEmdOvJ&5*tCMKRyXctCwQu_RH%;m<lO9)YlolKp~SHA~$RD@rJEPJ4LfFabjtz
zzIU?%C*Qz8oJB~DbsOtV|5q`38L}^8Uq{e{^Ki<?YLnvYT2b=9GoWdOL!w)E5Yy?N
zCPB}zb-LW~opI;Pm$>*$YK&m;jtbdH#Ak~13T1^f89tn`A%QEHWs~jnY~E}p_Z$XC
z=?YXLCkzVSK+Id`xZYTegb@W8_baLt-Fq`Tv|=)JPbFsKRm)4UW;yT+J`<<s6L^~#
zDKX^stn#n?Mc#=>)%#ue9DPOkje)YF2fsCilK9MIIK>p*`fkoD5nGfmLwt)!KOT+>
zOFq*VZktDDyM3P5UOg`~XL#cbzC}eL%qMB=Q5$d89MKuN<r)TznqqP**!jJ?cnTT2
zaaf?rvaC;><?H&|zm@ni*?D9zRWNdd5|h7<r<^y7j=M<<S|!iYxdgG*6u6u?mWfD3
zB)<Dfkbae`fO#+9WEYybHeZv}*cbdmPDkPU(jb+Sl1(!A;;QmZ9oNWRty}&5QMWy9
zX_w<YIby`Y;2BC{-IfA^=3f)~-*KF*rKr=krZyJeUl;NhG@Ajb2fr2VF0H7ZuP8_;
zl#_lD<2+R)LHx3c896sfpWG@kpwT@>#$6|4gx_Jt0Gfn8w&q}%lq4QU%6#jT*MRT%
zrLz~C8FYKHawn-EQWN1B75O&quS+Z81(zN)G>~vN8VwC+e+y(`>HcxC{MrJ;H1Z4k
zZWuv$w_F0-Ub%MVcpIc){4PGL^I7M{>;hS?;eH!;<Yf7EM>gmcOE66z3;Z1Phqo(t
zVP(Hg6q#0gIKgsg7L7WE!{Y#1nI(45tx2{$34dDd#!Z0NIyrm)HOn5W#7;f4pQci#
zDW!FI(g4e668kI9{2+mLwB+=#9bfqgX%!B34V-$wwSN(_cm*^{y0jQtv*4}eO^sOV
z*9xoNvX)c9isB}Tgx&ZRjp3kwhTVK?r9;n<haxnrRq){mtk9A+#MWR@iL>!x>^XYT
z@Q^7zp{rkIs{2mUSE^2!Gf6$6;j~&4=-0cSJJDizZp6LTe8b45;{AKM%v99}{{FfC
zz709%u0mC=1KXTo(=TqmZQ;c?$M3z(!xah>aywrj40sc2y3rKFw4jCq+Y+u=CH@_V
zxz|qeTwa>+<|H%8Dz5u>ZI5MmjTFwXS-Fv!TDd*`>3{krWoNVx$<133`(ftS?ZPyY
z&4@ah^3^i`vL$BZa>O|Nt?ucewzsF)0zX3qmM^|waXr=T0pfIb0*$AwU=?Ipl|1Y;
z*Pk6{C-p4MY;j@IJ|DW<V4g+WfmkDAI{!240rBm;^p*C?EK5<-i6<dFN`<4WIVA6x
zQ_A}VBKmDESd)f<tKV+_7{`O-ZQ=Kw_N>>QHZQJcp;Z~?8(Q+Kk3^0qJ}SCk^*n4W
zu9ZFwLHUx-$6xvaQ)SUQcYd6fF8&x)V`1bIuX@>{mE$b|Yd(qomn3;bPwnDUc0F=;
zh*6_((%bqAYQWQ~odER?h>1mkL4kpb3s7`0m@rDKGU*oyF)$j~Ffd4fXV$?`f~rHf
z<dmhsigJ=rWi_aV`WXyhB>B%Y)@5SXZvfwm10RY5X?TEo)PK_`L6qgBp=#>fO49$D
zDq8Ozj0q6213tV5Qq=;fZ0$|KroY{Dz=l@lU^J)?Ko@ti20TRplXzphBi>XGx4bou
zEWrkNjz0t5j!_ke{g5I#PUlEU$Km8g8TE|XK=MkU@PT4T><2OVamoK;wJ}3X0L$vX
zgd7gNa359*nc)R-0!`2X@FOTB`+oETOPc=ubp5R)VQgY+5BTZZJ2<L28T@@Z{~(FZ
zheu(w_rw1D2_zLx!dpDtOmwLC!DhBIo<Q>?9QwnO=<wr%&Gfr?0?EHFALMv;_+d?S
zzAg%@ydS-+C)WJy(gMckj>dnulIUF3gFn;BODC2)65)HeVd%t86sL7Rv^Y+nbn+&l
z6BAJY(ETvwI)Ts$aiE8rht4KD*qNyE{8{x6R|%akbTBzw;2+6<pQ&SDXNQj*or8md
z6z#{?Yky9DqRtSV0CMnGmM?NZ;=ja)lj3y_HwGOxfijBU4|3qigw`1zRQjL!B8PR+
zaRn%p#eR@M4(R@Wz!rx^(f#sKB!vBtl{_H&pMv^{xCn<;&`rM&o>Echkt+W+`u^XX
z_z&x%n<Jwv#rI=O_ITYt8jK&7Lbvimxh?Mpm*TNff4FbaUEWX?w*B~|ab(^T*a99t
zcJ#fCD8IP<V1pf_@pm2K2=}<d0_Y2*QClSUBi8yzf&VOuJ`CJAoEUwr?!mKD=5}o2
zV^&)q)<B;SMXmbXj|caU)A+-MMW5C}&8F^$XYi3}kDOaQe6Z+qH3z$S;;<vL9ydXD
zI5~P97&YCq9}$m^On$P-pTjcf#j%4IH8Sc*nG=+l4{M+gXHaFf{g{b8PUBySZmJ4r
UfUyy3EX0IC28@JalTrWuAK7&_a{vGU

literal 0
HcmV?d00001

diff --git a/gradle/wrapper/gradle-wrapper.properties b/gradle/wrapper/gradle-wrapper.properties
new file mode 100644
index 000000000..cea7a793a
--- /dev/null
+++ b/gradle/wrapper/gradle-wrapper.properties
@@ -0,0 +1,7 @@
+distributionBase=GRADLE_USER_HOME
+distributionPath=wrapper/dists
+distributionUrl=https\://services.gradle.org/distributions/gradle-8.12-bin.zip
+networkTimeout=10000
+validateDistributionUrl=true
+zipStoreBase=GRADLE_USER_HOME
+zipStorePath=wrapper/dists
diff --git a/gradlew b/gradlew
new file mode 100755
index 000000000..1aa94a426
--- /dev/null
+++ b/gradlew
@@ -0,0 +1,249 @@
+#!/bin/sh
+
+#
+# Copyright © 2015-2021 the original authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+##############################################################################
+#
+#   Gradle start up script for POSIX generated by Gradle.
+#
+#   Important for running:
+#
+#   (1) You need a POSIX-compliant shell to run this script. If your /bin/sh is
+#       noncompliant, but you have some other compliant shell such as ksh or
+#       bash, then to run this script, type that shell name before the whole
+#       command line, like:
+#
+#           ksh Gradle
+#
+#       Busybox and similar reduced shells will NOT work, because this script
+#       requires all of these POSIX shell features:
+#         * functions;
+#         * expansions «$var», «${var}», «${var:-default}», «${var+SET}»,
+#           «${var#prefix}», «${var%suffix}», and «$( cmd )»;
+#         * compound commands having a testable exit status, especially «case»;
+#         * various built-in commands including «command», «set», and «ulimit».
+#
+#   Important for patching:
+#
+#   (2) This script targets any POSIX shell, so it avoids extensions provided
+#       by Bash, Ksh, etc; in particular arrays are avoided.
+#
+#       The "traditional" practice of packing multiple parameters into a
+#       space-separated string is a well documented source of bugs and security
+#       problems, so this is (mostly) avoided, by progressively accumulating
+#       options in "$@", and eventually passing that to Java.
+#
+#       Where the inherited environment variables (DEFAULT_JVM_OPTS, JAVA_OPTS,
+#       and GRADLE_OPTS) rely on word-splitting, this is performed explicitly;
+#       see the in-line comments for details.
+#
+#       There are tweaks for specific operating systems such as AIX, CygWin,
+#       Darwin, MinGW, and NonStop.
+#
+#   (3) This script is generated from the Groovy template
+#       https://github.com/gradle/gradle/blob/HEAD/subprojects/plugins/src/main/resources/org/gradle/api/internal/plugins/unixStartScript.txt
+#       within the Gradle project.
+#
+#       You can find Gradle at https://github.com/gradle/gradle/.
+#
+##############################################################################
+
+# Attempt to set APP_HOME
+
+# Resolve links: $0 may be a link
+app_path=$0
+
+# Need this for daisy-chained symlinks.
+while
+    APP_HOME=${app_path%"${app_path##*/}"}  # leaves a trailing /; empty if no leading path
+    [ -h "$app_path" ]
+do
+    ls=$( ls -ld "$app_path" )
+    link=${ls#*' -> '}
+    case $link in             #(
+      /*)   app_path=$link ;; #(
+      *)    app_path=$APP_HOME$link ;;
+    esac
+done
+
+# This is normally unused
+# shellcheck disable=SC2034
+APP_BASE_NAME=${0##*/}
+# Discard cd standard output in case $CDPATH is set (https://github.com/gradle/gradle/issues/25036)
+APP_HOME=$( cd "${APP_HOME:-./}" > /dev/null && pwd -P ) || exit
+
+# Use the maximum available, or set MAX_FD != -1 to use that value.
+MAX_FD=maximum
+
+warn () {
+    echo "$*"
+} >&2
+
+die () {
+    echo
+    echo "$*"
+    echo
+    exit 1
+} >&2
+
+# OS specific support (must be 'true' or 'false').
+cygwin=false
+msys=false
+darwin=false
+nonstop=false
+case "$( uname )" in                #(
+  CYGWIN* )         cygwin=true  ;; #(
+  Darwin* )         darwin=true  ;; #(
+  MSYS* | MINGW* )  msys=true    ;; #(
+  NONSTOP* )        nonstop=true ;;
+esac
+
+CLASSPATH=$APP_HOME/gradle/wrapper/gradle-wrapper.jar
+
+
+# Determine the Java command to use to start the JVM.
+if [ -n "$JAVA_HOME" ] ; then
+    if [ -x "$JAVA_HOME/jre/sh/java" ] ; then
+        # IBM's JDK on AIX uses strange locations for the executables
+        JAVACMD=$JAVA_HOME/jre/sh/java
+    else
+        JAVACMD=$JAVA_HOME/bin/java
+    fi
+    if [ ! -x "$JAVACMD" ] ; then
+        die "ERROR: JAVA_HOME is set to an invalid directory: $JAVA_HOME
+
+Please set the JAVA_HOME variable in your environment to match the
+location of your Java installation."
+    fi
+else
+    JAVACMD=java
+    if ! command -v java >/dev/null 2>&1
+    then
+        die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
+
+Please set the JAVA_HOME variable in your environment to match the
+location of your Java installation."
+    fi
+fi
+
+# Increase the maximum file descriptors if we can.
+if ! "$cygwin" && ! "$darwin" && ! "$nonstop" ; then
+    case $MAX_FD in #(
+      max*)
+        # In POSIX sh, ulimit -H is undefined. That's why the result is checked to see if it worked.
+        # shellcheck disable=SC2039,SC3045
+        MAX_FD=$( ulimit -H -n ) ||
+            warn "Could not query maximum file descriptor limit"
+    esac
+    case $MAX_FD in  #(
+      '' | soft) :;; #(
+      *)
+        # In POSIX sh, ulimit -n is undefined. That's why the result is checked to see if it worked.
+        # shellcheck disable=SC2039,SC3045
+        ulimit -n "$MAX_FD" ||
+            warn "Could not set maximum file descriptor limit to $MAX_FD"
+    esac
+fi
+
+# Collect all arguments for the java command, stacking in reverse order:
+#   * args from the command line
+#   * the main class name
+#   * -classpath
+#   * -D...appname settings
+#   * --module-path (only if needed)
+#   * DEFAULT_JVM_OPTS, JAVA_OPTS, and GRADLE_OPTS environment variables.
+
+# For Cygwin or MSYS, switch paths to Windows format before running java
+if "$cygwin" || "$msys" ; then
+    APP_HOME=$( cygpath --path --mixed "$APP_HOME" )
+    CLASSPATH=$( cygpath --path --mixed "$CLASSPATH" )
+
+    JAVACMD=$( cygpath --unix "$JAVACMD" )
+
+    # Now convert the arguments - kludge to limit ourselves to /bin/sh
+    for arg do
+        if
+            case $arg in                                #(
+              -*)   false ;;                            # don't mess with options #(
+              /?*)  t=${arg#/} t=/${t%%/*}              # looks like a POSIX filepath
+                    [ -e "$t" ] ;;                      #(
+              *)    false ;;
+            esac
+        then
+            arg=$( cygpath --path --ignore --mixed "$arg" )
+        fi
+        # Roll the args list around exactly as many times as the number of
+        # args, so each arg winds up back in the position where it started, but
+        # possibly modified.
+        #
+        # NB: a `for` loop captures its iteration list before it begins, so
+        # changing the positional parameters here affects neither the number of
+        # iterations, nor the values presented in `arg`.
+        shift                   # remove old arg
+        set -- "$@" "$arg"      # push replacement arg
+    done
+fi
+
+
+# Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
+DEFAULT_JVM_OPTS='"-Xmx64m" "-Xms64m"'
+
+# Collect all arguments for the java command:
+#   * DEFAULT_JVM_OPTS, JAVA_OPTS, JAVA_OPTS, and optsEnvironmentVar are not allowed to contain shell fragments,
+#     and any embedded shellness will be escaped.
+#   * For example: A user cannot expect ${Hostname} to be expanded, as it is an environment variable and will be
+#     treated as '${Hostname}' itself on the command line.
+
+set -- \
+        "-Dorg.gradle.appname=$APP_BASE_NAME" \
+        -classpath "$CLASSPATH" \
+        org.gradle.wrapper.GradleWrapperMain \
+        "$@"
+
+# Stop when "xargs" is not available.
+if ! command -v xargs >/dev/null 2>&1
+then
+    die "xargs is not available"
+fi
+
+# Use "xargs" to parse quoted args.
+#
+# With -n1 it outputs one arg per line, with the quotes and backslashes removed.
+#
+# In Bash we could simply go:
+#
+#   readarray ARGS < <( xargs -n1 <<<"$var" ) &&
+#   set -- "${ARGS[@]}" "$@"
+#
+# but POSIX shell has neither arrays nor command substitution, so instead we
+# post-process each arg (as a line of input to sed) to backslash-escape any
+# character that might be a shell metacharacter, then use eval to reverse
+# that process (while maintaining the separation between arguments), and wrap
+# the whole thing up as a single "set" statement.
+#
+# This will of course break if any of these variables contains a newline or
+# an unmatched quote.
+#
+
+eval "set -- $(
+        printf '%s\n' "$DEFAULT_JVM_OPTS $JAVA_OPTS $GRADLE_OPTS" |
+        xargs -n1 |
+        sed ' s~[^-[:alnum:]+,./:=@_]~\\&~g; ' |
+        tr '\n' ' '
+    )" '"$@"'
+
+exec "$JAVACMD" "$@"
diff --git a/gradlew.bat b/gradlew.bat
new file mode 100644
index 000000000..25da30dbd
--- /dev/null
+++ b/gradlew.bat
@@ -0,0 +1,92 @@
+@rem
+@rem Copyright 2015 the original author or authors.
+@rem
+@rem Licensed under the Apache License, Version 2.0 (the "License");
+@rem you may not use this file except in compliance with the License.
+@rem You may obtain a copy of the License at
+@rem
+@rem      https://www.apache.org/licenses/LICENSE-2.0
+@rem
+@rem Unless required by applicable law or agreed to in writing, software
+@rem distributed under the License is distributed on an "AS IS" BASIS,
+@rem WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+@rem See the License for the specific language governing permissions and
+@rem limitations under the License.
+@rem
+
+@if "%DEBUG%"=="" @echo off
+@rem ##########################################################################
+@rem
+@rem  Gradle startup script for Windows
+@rem
+@rem ##########################################################################
+
+@rem Set local scope for the variables with windows NT shell
+if "%OS%"=="Windows_NT" setlocal
+
+set DIRNAME=%~dp0
+if "%DIRNAME%"=="" set DIRNAME=.
+@rem This is normally unused
+set APP_BASE_NAME=%~n0
+set APP_HOME=%DIRNAME%
+
+@rem Resolve any "." and ".." in APP_HOME to make it shorter.
+for %%i in ("%APP_HOME%") do set APP_HOME=%%~fi
+
+@rem Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
+set DEFAULT_JVM_OPTS="-Xmx64m" "-Xms64m"
+
+@rem Find java.exe
+if defined JAVA_HOME goto findJavaFromJavaHome
+
+set JAVA_EXE=java.exe
+%JAVA_EXE% -version >NUL 2>&1
+if %ERRORLEVEL% equ 0 goto execute
+
+echo. 1>&2
+echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. 1>&2
+echo. 1>&2
+echo Please set the JAVA_HOME variable in your environment to match the 1>&2
+echo location of your Java installation. 1>&2
+
+goto fail
+
+:findJavaFromJavaHome
+set JAVA_HOME=%JAVA_HOME:"=%
+set JAVA_EXE=%JAVA_HOME%/bin/java.exe
+
+if exist "%JAVA_EXE%" goto execute
+
+echo. 1>&2
+echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME% 1>&2
+echo. 1>&2
+echo Please set the JAVA_HOME variable in your environment to match the 1>&2
+echo location of your Java installation. 1>&2
+
+goto fail
+
+:execute
+@rem Setup the command line
+
+set CLASSPATH=%APP_HOME%\gradle\wrapper\gradle-wrapper.jar
+
+
+@rem Execute Gradle
+"%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" org.gradle.wrapper.GradleWrapperMain %*
+
+:end
+@rem End local scope for the variables with windows NT shell
+if %ERRORLEVEL% equ 0 goto mainEnd
+
+:fail
+rem Set variable GRADLE_EXIT_CONSOLE if you need the _script_ return code instead of
+rem the _cmd.exe /c_ return code!
+set EXIT_CODE=%ERRORLEVEL%
+if %EXIT_CODE% equ 0 set EXIT_CODE=1
+if not ""=="%GRADLE_EXIT_CONSOLE%" exit %EXIT_CODE%
+exit /b %EXIT_CODE%
+
+:mainEnd
+if "%OS%"=="Windows_NT" endlocal
+
+:omega
diff --git a/serde-api/build.gradle b/serde-api/build.gradle
new file mode 100644
index 000000000..f02bb3632
--- /dev/null
+++ b/serde-api/build.gradle
@@ -0,0 +1,102 @@
+plugins {
+    id 'java-library'
+    id 'signing'
+    id 'maven-publish'
+//    id 'io.github.gradle-nexus.publish-plugin' version '1.1.0'
+}
+
+ext {
+    env = findProperty('env') ?: 'dev'
+}
+
+tasks.register('sourceJar', Jar) {
+    archiveClassifier.set("sources")
+    from sourceSets.main.allJava
+}
+
+task javadocJar(type: Jar, dependsOn: javadoc) {
+    archiveClassifier.set("javadoc")
+    from javadoc.destinationDir
+}
+
+artifacts {
+    archives sourceJar, javadocJar
+}
+
+if (env == 'prod') {
+    signing {
+        sign(publishing.publications)
+    }
+}
+
+publishing {
+    if (env == 'prod') {
+        repositories {
+            maven {
+                url "https://s01.oss.sonatype.org/service/local/staging/deploy/maven2"
+                credentials {
+                    username sonatypeUsername
+                    password sonatypePassword
+                }
+            }
+        }
+    }
+
+    publications {
+        maven(MavenPublication) {
+            groupId = 'io.kafbat.ui'
+            artifactId = 'serde-api'
+            version = version
+
+            from components.java
+
+            artifact(sourceJar) {
+                classifier = 'sources'
+            }
+
+            artifact(javadocJar) {
+                classifier = 'javadoc'
+            }
+
+            pom {
+                name = 'kafbat-ui-serde-api'
+                description = 'kafbat-ui-serde-api'
+                url = 'http://github.com/kafbat/kafka-ui'
+
+                licenses {
+                    license {
+                        name = 'The Apache License, Version 2.0'
+                        url = 'https://www.apache.org/licenses/LICENSE-2.0.txt'
+                    }
+                }
+
+                developers {
+                    developer {
+                        id = 'Kafbat'
+                        name = 'Kafbat'
+                        organization = 'Kafbat'
+                        email = 'maintainers@kafbat.io'
+                    }
+                }
+
+                scm {
+                    connection = 'scm:git://github.com/kafbat/kafka-ui.git'
+                    developerConnection = 'scm:git:ssh://github.com:kafbat/kafka-ui.git'
+                    url = 'https://github.com/kafbat/kafka-ui'
+                }
+            }
+        }
+    }
+}
+
+//nexusPublishing {
+//    repositories {
+//        sonatype {
+//            nexusUrl = uri("https://s01.oss.sonatype.org/service/local/")
+//            snapshotRepositoryUrl = uri("https://s01.oss.sonatype.org/content/repositories/snapshots/")
+//
+//            username = sonatypeUsername
+//            password = sonatypePassword
+//        }
+//    }
+//}
diff --git a/serde-api/gradle.properties b/serde-api/gradle.properties
new file mode 100644
index 000000000..9888ad26f
--- /dev/null
+++ b/serde-api/gradle.properties
@@ -0,0 +1,2 @@
+sonatypeUsername=test
+sonatypePassword=test
diff --git a/settings.gradle b/settings.gradle
new file mode 100644
index 000000000..a9be51116
--- /dev/null
+++ b/settings.gradle
@@ -0,0 +1,14 @@
+pluginManagement {
+    repositories {
+        mavenCentral()
+        gradlePluginPortal()
+    }
+}
+
+rootProject.name = "kafbat-ui"
+include "contract"
+include "serde-api"
+include "api"
+include "frontend"
+include "e2e-tests"
+

From 4a6ee2b0439457d5ae446a5c2ab9e60773e78ac4 Mon Sep 17 00:00:00 2001
From: German Osin <german.osin@gmail.com>
Date: Wed, 15 Jan 2025 14:54:53 +0100
Subject: [PATCH 13/15] Plugins varion catalog

---
 api/build.gradle          | 11 ++++++-----
 contract/build.gradle     |  2 +-
 e2e-tests/build.gradle    |  4 ++--
 gradle.properties         |  2 +-
 gradle/libs.versions.toml |  7 +++++++
 serde-api/build.gradle    | 30 ++++++++++++++----------------
 6 files changed, 31 insertions(+), 25 deletions(-)

diff --git a/api/build.gradle b/api/build.gradle
index 3def81ec6..15b47a016 100644
--- a/api/build.gradle
+++ b/api/build.gradle
@@ -2,15 +2,16 @@
 plugins {
     id 'antlr'
     id 'checkstyle'
-    id 'org.springframework.boot' version '3.4.1'
-    id 'com.gorylenko.gradle-git-properties' version "2.4.2"
+    alias(libs.plugins.spring.boot)
+    alias(libs.plugins.git.properties)
 }
 
 dependencies {
     implementation project(":contract")
-    implementation project(":frontend")
+    if (prod) {
+        implementation project(":frontend")
+    }
     implementation project(":serde-api")
-
     implementation libs.spring.starter.webflux
     implementation libs.spring.starter.security
     implementation libs.spring.starter.actuator
@@ -104,7 +105,7 @@ tasks.withType(Checkstyle) {
 
 checkstyle {
     toolVersion '10.3.1'
-    configFile = rootProject.file('etc/checkstyle/checkstyle-e2e.xml')
+    configFile = rootProject.file('etc/checkstyle/checkstyle.xml')
     ignoreFailures = false
     maxWarnings = 0
     maxErrors = 0
diff --git a/contract/build.gradle b/contract/build.gradle
index ad6e23110..9d8ec8bda 100644
--- a/contract/build.gradle
+++ b/contract/build.gradle
@@ -2,7 +2,7 @@ import org.openapitools.generator.gradle.plugin.tasks.GenerateTask
 
 plugins {
     id "java-library"
-    id 'org.openapi.generator' version '7.9.0'
+    alias(libs.plugins.openapi.generator)
 }
 
 
diff --git a/e2e-tests/build.gradle b/e2e-tests/build.gradle
index 4b44e97fa..739368097 100644
--- a/e2e-tests/build.gradle
+++ b/e2e-tests/build.gradle
@@ -1,7 +1,7 @@
 plugins {
     id 'java'
     id 'checkstyle'
-    id 'io.qameta.allure' version '2.10.0'
+    alias(libs.plugins.allure)
 }
 
 ext {
@@ -31,7 +31,7 @@ dependencies {
 
 checkstyle {
     toolVersion '10.3.1'
-    configFile = rootProject.file('etc/checkstyle/checkstyle.xml')
+    configFile = rootProject.file('etc/checkstyle/checkstyle-e2e.xml')
     ignoreFailures = false
     maxWarnings = 10
     maxErrors = 0
diff --git a/gradle.properties b/gradle.properties
index 6118f4e51..f5d657382 100644
--- a/gradle.properties
+++ b/gradle.properties
@@ -1,4 +1,4 @@
-description='Kafka UI'
+description='Kafbat UI'
 version=0.1.0-SNAPSHOT
 group=io.kafbat.ui
 local_node = false
diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml
index 44d319ce4..dcbbcc10a 100644
--- a/gradle/libs.versions.toml
+++ b/gradle/libs.versions.toml
@@ -38,6 +38,13 @@ micrometer = '1.13.8'
 antlr = '4.12.0'
 json-schema-validator = '2.2.14'
 
+[plugins]
+spring-boot = { id = 'org.springframework.boot', version = '3.4.1' }
+git-properties = { id = 'com.gorylenko.gradle-git-properties', version = '2.4.2' }
+openapi-generator = { id = 'org.openapi.generator', version = '7.9.0' }
+allure = { id = 'io.qameta.allure', version='2.10.0' }
+nexus-publish-plugin = { id = 'io.github.gradle-nexus.publish-plugin', version = '1.1.0'}
+
 
 [libraries]
 spring-starter-actuator = { module = 'org.springframework.boot:spring-boot-starter-actuator', version.ref = 'spring-boot' }
diff --git a/serde-api/build.gradle b/serde-api/build.gradle
index f02bb3632..cdf1f6937 100644
--- a/serde-api/build.gradle
+++ b/serde-api/build.gradle
@@ -2,11 +2,7 @@ plugins {
     id 'java-library'
     id 'signing'
     id 'maven-publish'
-//    id 'io.github.gradle-nexus.publish-plugin' version '1.1.0'
-}
-
-ext {
-    env = findProperty('env') ?: 'dev'
+    alias(libs.plugins.nexus.publish.plugin)
 }
 
 tasks.register('sourceJar', Jar) {
@@ -89,14 +85,16 @@ publishing {
     }
 }
 
-//nexusPublishing {
-//    repositories {
-//        sonatype {
-//            nexusUrl = uri("https://s01.oss.sonatype.org/service/local/")
-//            snapshotRepositoryUrl = uri("https://s01.oss.sonatype.org/content/repositories/snapshots/")
-//
-//            username = sonatypeUsername
-//            password = sonatypePassword
-//        }
-//    }
-//}
+if (prod) {
+    nexusPublishing {
+        repositories {
+            sonatype {
+                nexusUrl = uri("https://s01.oss.sonatype.org/service/local/")
+                snapshotRepositoryUrl = uri("https://s01.oss.sonatype.org/content/repositories/snapshots/")
+
+                username = sonatypeUsername
+                password = sonatypePassword
+            }
+        }
+    }
+}

From 7c5fbd19047bfc087b3d9250e8000fd2dc5f116c Mon Sep 17 00:00:00 2001
From: German Osin <german.osin@gmail.com>
Date: Wed, 15 Jan 2025 14:57:06 +0100
Subject: [PATCH 14/15] Plugins varion catalog

---
 frontend/build.gradle     | 2 +-
 gradle/libs.versions.toml | 2 ++
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/frontend/build.gradle b/frontend/build.gradle
index db3bc3b61..dc774a184 100644
--- a/frontend/build.gradle
+++ b/frontend/build.gradle
@@ -1,5 +1,5 @@
 plugins {
-  id 'com.github.node-gradle.node' version '7.0.2'
+  alias(libs.plugins.node.gradle)
 }
 
 node {
diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml
index dcbbcc10a..f28bb323e 100644
--- a/gradle/libs.versions.toml
+++ b/gradle/libs.versions.toml
@@ -44,6 +44,8 @@ git-properties = { id = 'com.gorylenko.gradle-git-properties', version = '2.4.2'
 openapi-generator = { id = 'org.openapi.generator', version = '7.9.0' }
 allure = { id = 'io.qameta.allure', version='2.10.0' }
 nexus-publish-plugin = { id = 'io.github.gradle-nexus.publish-plugin', version = '1.1.0'}
+node-gradle = { id = 'com.github.node-gradle.node', version = '7.0.2'}
+
 
 
 [libraries]

From 112ede0db5de137b57c2918b1f6638cdcaba41e3 Mon Sep 17 00:00:00 2001
From: German Osin <german.osin@gmail.com>
Date: Wed, 15 Jan 2025 15:17:43 +0100
Subject: [PATCH 15/15] Added jib and nexus publish

---
 api/build.gradle          | 14 ++++++++++++++
 build.gradle              | 17 +++++++++++++++++
 gradle/libs.versions.toml |  1 +
 serde-api/build.gradle    | 19 ++-----------------
 4 files changed, 34 insertions(+), 17 deletions(-)

diff --git a/api/build.gradle b/api/build.gradle
index 15b47a016..6f3f67f46 100644
--- a/api/build.gradle
+++ b/api/build.gradle
@@ -4,6 +4,7 @@ plugins {
     id 'checkstyle'
     alias(libs.plugins.spring.boot)
     alias(libs.plugins.git.properties)
+    alias(libs.plugins.jib)
 }
 
 dependencies {
@@ -114,3 +115,16 @@ checkstyle {
 test {
     useJUnitPlatform()
 }
+
+jib {
+    from {
+        image = 'azul/zulu-openjdk-alpine:21.0.5-jre-headless'
+    }
+    to {
+        image = 'ghcr.io/kafbat/kafka-ui'
+    }
+    container {
+        user = "kafkaui"
+        jvmFlags = ['--add-opens java.rmi/javax.rmi.ssl=ALL-UNNAMED']
+    }
+}
diff --git a/build.gradle b/build.gradle
index 3e1363425..e0cbbd2f2 100644
--- a/build.gradle
+++ b/build.gradle
@@ -1,3 +1,7 @@
+plugins {
+    alias(libs.plugins.nexus.publish.plugin)
+}
+
 subprojects {
     apply plugin: "java"
 
@@ -27,5 +31,18 @@ ext {
     prod = resolveBooleanProperty("prod")
 }
 
+if (prod) {
+    nexusPublishing {
+        repositories {
+            sonatype {
+                nexusUrl = uri("https://s01.oss.sonatype.org/service/local/")
+                snapshotRepositoryUrl = uri("https://s01.oss.sonatype.org/content/repositories/snapshots/")
+
+                username = sonatypeUsername
+                password = sonatypePassword
+            }
+        }
+    }
+}
 
 
diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml
index f28bb323e..be9400280 100644
--- a/gradle/libs.versions.toml
+++ b/gradle/libs.versions.toml
@@ -45,6 +45,7 @@ openapi-generator = { id = 'org.openapi.generator', version = '7.9.0' }
 allure = { id = 'io.qameta.allure', version='2.10.0' }
 nexus-publish-plugin = { id = 'io.github.gradle-nexus.publish-plugin', version = '1.1.0'}
 node-gradle = { id = 'com.github.node-gradle.node', version = '7.0.2'}
+jib = { id = 'com.google.cloud.tools.jib', version = '3.4.4' }
 
 
 
diff --git a/serde-api/build.gradle b/serde-api/build.gradle
index cdf1f6937..7d44aa4a7 100644
--- a/serde-api/build.gradle
+++ b/serde-api/build.gradle
@@ -2,7 +2,6 @@ plugins {
     id 'java-library'
     id 'signing'
     id 'maven-publish'
-    alias(libs.plugins.nexus.publish.plugin)
 }
 
 tasks.register('sourceJar', Jar) {
@@ -19,14 +18,14 @@ artifacts {
     archives sourceJar, javadocJar
 }
 
-if (env == 'prod') {
+if (prod) {
     signing {
         sign(publishing.publications)
     }
 }
 
 publishing {
-    if (env == 'prod') {
+    if (prod) {
         repositories {
             maven {
                 url "https://s01.oss.sonatype.org/service/local/staging/deploy/maven2"
@@ -84,17 +83,3 @@ publishing {
         }
     }
 }
-
-if (prod) {
-    nexusPublishing {
-        repositories {
-            sonatype {
-                nexusUrl = uri("https://s01.oss.sonatype.org/service/local/")
-                snapshotRepositoryUrl = uri("https://s01.oss.sonatype.org/content/repositories/snapshots/")
-
-                username = sonatypeUsername
-                password = sonatypePassword
-            }
-        }
-    }
-}