Microsoft.PowerApps.AuthModule.psm1
|
$local:ErrorActionPreference = "Stop" Add-Type -Path (Join-Path (Split-Path $script:MyInvocation.MyCommand.Path) "Microsoft.Identity.Client.dll") function Get-JwtTokenClaims { [CmdletBinding()] param ( [Parameter(Mandatory=$true)] [string]$JwtToken ) $tokenSplit = $JwtToken.Split(".") $claimsSegment = $tokenSplit[1].Replace(" ", "+").Replace("-", "+").Replace('_', '/'); $mod = $claimsSegment.Length % 4 if ($mod -gt 0) { $paddingCount = 4 - $mod; for ($i = 0; $i -lt $paddingCount; $i++) { $claimsSegment += "=" } } $decodedClaimsSegment = [System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String($claimsSegment)) return ConvertFrom-Json $decodedClaimsSegment } function Get-DefaultAudienceForEndPoint { [CmdletBinding()] Param( [string] $Endpoint ) $audienceMapping = @{ "prod" = "https://service.powerapps.com/"; "preview" = "https://service.powerapps.com/"; "tip1"= "https://service.powerapps.com/"; "tip2"= "https://service.powerapps.com/"; "usgov"= "https://gov.service.powerapps.us/"; "usgovhigh"= "https://high.service.powerapps.us/"; "dod" = "https://service.apps.appsplatform.us/"; "china" = "https://service.powerapps.cn/"; } if ($null -ne $audienceMapping[$Endpoint]) { return $audienceMapping[$Endpoint]; } Write-Verbose "Unknown endpoint $Endpoint. Using https://service.powerapps.com/ as a default"; return "https://service.powerapps.com/"; } function Await-Task { param ( [Parameter(ValueFromPipeline=$true, Mandatory=$true)] $task ) process { while (-not $task.AsyncWaitHandle.WaitOne(200)) { } $task.GetAwaiter().GetResult() } } function Add-PowerAppsAccount { <# .SYNOPSIS Add PowerApps account. .DESCRIPTION The Add-PowerAppsAccount cmdlet logins the user or application account and save login information to cache. Use Get-Help Add-PowerAppsAccount -Examples for more detail. .PARAMETER Audience The service audience which is used for login. .PARAMETER Endpoint The serivce endpoint which to call. The value can be "prod", "preview", "tip1", "tip2", "usgov", "dod", "usgovhigh", or "china". .PARAMETER Username The user name used for login. .PARAMETER Password The password for the user. .PARAMETER TenantID The tenant Id of the user or application. .PARAMETER CertificateThumbprint The certificate thumbprint of the application. .PARAMETER ClientSecret The client secret of the application. .PARAMETER ApplicationId The application Id. .EXAMPLE Add-PowerAppsAccount Login to "prod" endpoint. .EXAMPLE Add-PowerAppsAccount -Endpoint "prod" -Username "username@test.onmicrosoft.com" -Password "password" Login to "prod" for user "username@test.onmicrosoft.com" by using password "password" .EXAMPLE Add-PowerAppsAccount ` -Endpoint "tip1" ` -TenantID 1a1fbe33-1ff4-45b2-90e8-4628a5112345 ` -ClientSecret ABCDE]NO_8:YDLp0J4o-:?=K9cmipuF@ ` -ApplicationId abcdebd6-e62c-4f68-ab74-b046579473ad Login to "tip1" for application abcdebd6-e62c-4f68-ab74-b046579473ad in tenant 1a1fbe33-1ff4-45b2-90e8-4628a5112345 by using client secret. .EXAMPLE Add-PowerAppsAccount ` -Endpoint "tip1" ` -TenantID 1a1fbe33-1ff4-45b2-90e8-4628a5112345 ` -CertificateThumbprint 12345137C1B2D4FED804DB353D9A8A18465C8027 ` -ApplicationId 08627eb8-8eba-4a9a-8c49-548266012345 Login to "tip1" for application 08627eb8-8eba-4a9a-8c49-548266012345 in tenant 1a1fbe33-1ff4-45b2-90e8-4628a5112345 by using certificate. #> [CmdletBinding()] param ( [string] $Audience = "https://service.powerapps.com/", [Parameter(Mandatory = $false)] [ValidateSet("prod","preview","tip1", "tip2", "usgov", "usgovhigh", "dod", "china")] [string]$Endpoint = "prod", [string]$Username = $null, [SecureString]$Password = $null, [string]$TenantID = $null, [string]$CertificateThumbprint = $null, [string]$ClientSecret = $null, [string]$ApplicationId = "1950a258-227b-4e31-a9cf-717495945fc2" ) if ($Audience -eq "https://service.powerapps.com/") { # It's the default audience - we should remap based on endpoint as needed $Audience = Get-DefaultAudienceForEndPoint($Endpoint) } $global:currentSession = $null Add-PowerAppsAccountInternal -Audience $Audience -Endpoint $Endpoint -Username $Username -Password $Password -TenantID $TenantID -CertificateThumbprint $CertificateThumbprint -ClientSecret $ClientSecret -ApplicationId $ApplicationId } function Add-PowerAppsAccountInternal { param ( [string] $Audience = "https://service.powerapps.com/", [Parameter(Mandatory = $false)] [ValidateSet("prod","preview","tip1", "tip2", "usgov", "usgovhigh", "dod", "china")] [string]$Endpoint = "prod", [string]$Username = $null, [SecureString]$Password = $null, [string]$TenantID = $null, [string]$CertificateThumbprint = $null, [string]$ClientSecret = $null, [string]$ApplicationId = "1950a258-227b-4e31-a9cf-717495945fc2" ) [string[]]$scopes = "$Audience/.default" if ([string]::IsNullOrWhiteSpace($ApplicationId)) { $ApplicationId = "1950a258-227b-4e31-a9cf-717495945fc2" } Write-Debug "Using appId, $ApplicationId" [Microsoft.Identity.Client.IClientApplicationBase]$clientBase = $null [Microsoft.Identity.Client.AuthenticationResult]$authResult = $null if ($global:currentSession.loggedIn -eq $true -and $global:currentSession.recursed -ne $true) { Write-Debug "Already logged in, checking for token for resource $Audience" $authResult = $null if ($global:currentSession.resourceTokens[$Audience] -ne $null) { if ($global:currentSession.resourceTokens[$Audience].accessToken -ne $null -and ` $global:currentSession.resourceTokens[$Audience].expiresOn -ne $null -and ` $global:currentSession.resourceTokens[$Audience].expiresOn -gt (Get-Date)) { Write-Debug "Token found and value, returning" return } else { # Already logged in with an account, silently asking for a token from MSAL which should refresh try { Write-Debug "Already logged in, silently requesting token from MSAL" $authResult = $global:currentSession.msalClientApp.AcquireTokenSilent($scopes, $global:currentSession.msalAccount).ExecuteAsync() | Await-Task } catch [Microsoft.Identity.Client.MsalUiRequiredException] { Write-Debug ('{0}: {1}' -f $_.Exception.GetType().Name, $_.Exception.Message) } } } if ($authResult -eq $null) { Write-Debug "No token found, reseting audience and recursing: $Audience" # Reset the current audience values and call Add-PowerAppsAccount again $global:currentSession.resourceTokens[$Audience] = $null $global:currentSession.recursed = $true Add-PowerAppsAccountInternal -Audience $Audience -Endpoint $global:currentSession.endpoint -Username $global:currentSession.username -Password $global:currentSession.password -TenantID $global:currentSession.InitialTenantId -CertificateThumbprint $global:currentSession.certificateThumbprint -ClientSecret $global:currentSession.clientSecret -ApplicationId $global:currentSession.applicationId $global:currentSession.recursed = $false # Afer recursing we can early return return } } else { [string] $jwtTokenForClaims = $null [Microsoft.Identity.Client.AzureCloudInstance] $authBaseUri = switch ($Endpoint) { "usgov" { [Microsoft.Identity.Client.AzureCloudInstance]::AzurePublic } "usgovhigh" { [Microsoft.Identity.Client.AzureCloudInstance]::AzureUsGovernment } "dod" { [Microsoft.Identity.Client.AzureCloudInstance]::AzureUsGovernment } "china" { [Microsoft.Identity.Client.AzureCloudInstance]::AzureChina } default { [Microsoft.Identity.Client.AzureCloudInstance]::AzurePublic } }; [Microsoft.Identity.Client.AadAuthorityAudience] $aadAuthAudience = [Microsoft.Identity.Client.AadAuthorityAudience]::AzureAdAndPersonalMicrosoftAccount if ($Username -ne $null -and $Password -ne $null) { $aadAuthAudience = [Microsoft.Identity.Client.AadAuthorityAudience]::AzureAdMultipleOrgs } Write-Debug "Using $aadAuthAudience : $Audience : $ApplicationId" if (![string]::IsNullOrWhiteSpace($TenantID) -and ` (![string]::IsNullOrWhiteSpace($ClientSecret) -or ![string]::IsNullOrWhiteSpace($CertificateThumbprint))) { $options = New-Object -TypeName Microsoft.Identity.Client.ConfidentialClientApplicationOptions $options.ClientId = $ApplicationId $options.TenantId = $TenantID [Microsoft.Identity.Client.IConfidentialClientApplication ]$ConfidentialClientApplication = $null if (![string]::IsNullOrWhiteSpace($CertificateThumbprint)) { Write-Debug "Using certificate for token acquisition" $clientCertificate = Get-Item -Path Cert:\CurrentUser\My\$CertificateThumbprint $ConfidentialClientApplication = [Microsoft.Identity.Client.ConfidentialClientApplicationBuilder ]::Create($ApplicationId).WithCertificate($clientCertificate).Build() } else { Write-Debug "Using clientSecret for token acquisition" $ConfidentialClientApplication = [Microsoft.Identity.Client.ConfidentialClientApplicationBuilder ]::Create($ApplicationId).WithClientSecret($ClientSecret).Build() } $authResult = $ConfidentialClientApplication.AcquireTokenForClient($scopes).WithAuthority($authBaseuri, $TenantID, $true).ExecuteAsync() | Await-Task $clientBase = $ConfidentialClientApplication } else { [Microsoft.Identity.Client.IPublicClientApplication]$PublicClientApplication = $null $PublicClientApplication = [Microsoft.Identity.Client.PublicClientApplicationBuilder]::Create($ApplicationId).WithAuthority($authBaseuri, $aadAuthAudience, $true).WithDefaultRedirectUri().Build() if ($Username -ne $null -and $Password -ne $null) { Write-Debug "Using username, password" $authResult = $PublicClientApplication.AcquireTokenByUsernamePassword($scopes, $UserName, $Password).ExecuteAsync() | Await-Task } else { Write-Debug "Using interactive login" $authResult = $PublicClientApplication.AcquireTokenInteractive($scopes).ExecuteAsync() | Await-Task } $clientBase = $PublicClientApplication } } if ($authResult -ne $null) { if (![string]::IsNullOrWhiteSpace($authResult.IdToken)) { $jwtTokenForClaims = $authResult.IdToken } else { $jwtTokenForClaims = $authResult.AccessToken } $claims = Get-JwtTokenClaims -JwtToken $jwtTokenForClaims if ($global:currentSession.loggedIn -eq $true) { Write-Debug "Adding new audience to resourceToken map. Expires $authResult.ExpiresOn" # addition of a new token for a new audience $global:currentSession.resourceTokens[$Audience] = @{ accessToken = $authResult.AccessToken; expiresOn = $authResult.ExpiresOn; }; } else { Write-Debug "Adding first audience to resourceToken map. Expires $authResult.ExpiresOn" $global:currentSession = @{ loggedIn = $true; recursed = $false; endpoint = $Endpoint; msalClientApp = $clientBase; msalAccount = $authResult.Account; upn = $claims.upn; InitialTenantId = $TenantID; tenantId = $claims.tid; userId = $claims.oid; applicationId = $ApplicationId; username = $Username; password = $Password; certificateThumbprint = $CertificateThumbprint; clientSecret = $ClientSecret; resourceTokens = @{ $Audience = @{ accessToken = $authResult.AccessToken; expiresOn = $authResult.ExpiresOn; } }; selectedEnvironment = "~default"; flowEndpoint = switch ($Endpoint) { "prod" { "api.flow.microsoft.com" } "usgov" { "gov.api.flow.microsoft.us" } "usgovhigh" { "high.api.flow.microsoft.us" } "dod" { "api.flow.appsplatform.us" } "china" { "api.powerautomate.cn" } "preview" { "preview.api.flow.microsoft.com" } "tip1" { "tip1.api.flow.microsoft.com"} "tip2" { "tip2.api.flow.microsoft.com" } default { throw "Unsupported endpoint '$Endpoint'"} }; powerAppsEndpoint = switch ($Endpoint) { "prod" { "api.powerapps.com" } "usgov" { "gov.api.powerapps.us" } "usgovhigh" { "high.api.powerapps.us" } "dod" { "api.apps.appsplatform.us" } "china" { "api.powerapps.cn" } "preview" { "preview.api.powerapps.com" } "tip1" { "tip1.api.powerapps.com"} "tip2" { "tip2.api.powerapps.com" } default { throw "Unsupported endpoint '$Endpoint'"} }; bapEndpoint = switch ($Endpoint) { "prod" { "api.bap.microsoft.com" } "usgov" { "gov.api.bap.microsoft.us" } "usgovhigh" { "high.api.bap.microsoft.us" } "dod" { "api.bap.appsplatform.us" } "china" { "api.bap.partner.microsoftonline.cn" } "preview" { "preview.api.bap.microsoft.com" } "tip1" { "tip1.api.bap.microsoft.com"} "tip2" { "tip2.api.bap.microsoft.com" } default { throw "Unsupported endpoint '$Endpoint'"} }; graphEndpoint = switch ($Endpoint) { "prod" { "graph.windows.net" } "usgov" { "graph.windows.net" } "usgovhigh" { "graph.windows.net" } "dod" { "graph.windows.net" } "china" { "graph.windows.net" } "preview" { "graph.windows.net" } "tip1" { "graph.windows.net"} "tip2" { "graph.windows.net" } default { throw "Unsupported endpoint '$Endpoint'"} }; cdsOneEndpoint = switch ($Endpoint) { "prod" { "api.cds.microsoft.com" } "usgov" { "gov.api.cds.microsoft.us" } "usgovhigh" { "high.api.cds.microsoft.us" } "dod" { "dod.gov.api.cds.microsoft.us" } "china" { "unsupported" } "preview" { "preview.api.cds.microsoft.com" } "tip1" { "tip1.api.cds.microsoft.com"} "tip2" { "tip2.api.cds.microsoft.com" } default { throw "Unsupported endpoint '$Endpoint'"} }; pvaEndpoint = switch ($Endpoint) { "prod" { "powerva.microsoft.com" } "usgov" { "gcc.api.powerva.microsoft.us" } "usgovhigh" { "high.api.powerva.microsoft.us" } "dod" { "powerva.api.appsplatform.us" } "china" { "unsupported" } "preview" { "bots.sdf.customercareintelligence.net" } "tip1" { "bots.ppe.customercareintelligence.net"} "tip2" { "bots.int.customercareintelligence.net"} default { throw "Unsupported endpoint '$Endpoint'"} }; }; } } } function Test-PowerAppsAccount { <# .SYNOPSIS Test PowerApps account. .DESCRIPTION The Test-PowerAppsAccount cmdlet checks cache and calls Add-PowerAppsAccount if user account is not in cache. Use Get-Help Test-PowerAppsAccount -Examples for more detail. .EXAMPLE Test-PowerAppsAccount Check if user account is cached. #> [CmdletBinding()] param ( ) if (-not $global:currentSession -or $global:currentSession.loggedIn -ne $true) { Add-PowerAppsAccountInternal } } function Remove-PowerAppsAccount { <# .SYNOPSIS Remove PowerApps account. .DESCRIPTION The Remove-PowerAppsAccount cmdlet removes the user or application login information from cache. Use Get-Help Remove-PowerAppsAccount -Examples for more detail. .EXAMPLE Remove-PowerAppsAccount Removes the login information from cache. #> [CmdletBinding()] param ( ) if ($global:currentSession -ne $null -and $global:currentSession.upn -ne $null) { Write-Verbose "Logging out $($global:currentSession.upn)" } else { Write-Verbose "No user logged in" } $global:currentSession = @{ loggedIn = $false; }; } function Get-JwtToken { <# .SYNOPSIS Get user login token. .DESCRIPTION The Get-JwtToken cmdlet get the user or application login information from cache. It will call Add-PowerAppsAccount if login token expired. Use Get-Help Get-JwtToken -Examples for more detail. .EXAMPLE Get-JwtToken "https://service.powerapps.com/" Get login token for PowerApps "prod". #> [CmdletBinding()] param ( [Parameter(Mandatory=$true)] [string] $Audience ) if ($global:currentSession -eq $null) { $global:currentSession = @{ loggedIn = $false; }; } Add-PowerAppsAccountInternal -Audience $Audience return $global:currentSession.resourceTokens[$Audience].accessToken; } function Invoke-OAuthDialog { [CmdletBinding()] param ( [Parameter(Mandatory=$true)] [string] $ConsentLinkUri ) Add-Type -AssemblyName System.Windows.Forms $form = New-Object -TypeName System.Windows.Forms.Form -Property @{ Width=440; Height=640 } $web = New-Object -TypeName System.Windows.Forms.WebBrowser -Property @{ Width=420; Height=600; Url=$ConsentLinkUri } $DocComp = { $Global:uri = $web.Url.AbsoluteUri if ($Global:uri -match "error=[^&]*|code=[^&]*") { $form.Close() } } $web.ScriptErrorsSuppressed = $true $web.Add_DocumentCompleted($DocComp) $form.Controls.Add($web) $form.Add_Shown({$form.Activate()}) $form.ShowDialog() | Out-Null $queryOutput = [System.Web.HttpUtility]::ParseQueryString($web.Url.Query) $output = @{} foreach($key in $queryOutput.Keys) { $output["$key"] = $queryOutput[$key] } return $output } function Get-TenantDetailsFromGraph { <# .SYNOPSIS Get my organization tenant details from graph. .DESCRIPTION The Get-TenantDetailsFromGraph function calls graph and gets my organization tenant details. Use Get-Help Get-TenantDetailsFromGraph -Examples for more detail. .PARAMETER GraphApiVersion Graph version to call. The default version is "1.6". .EXAMPLE Get-TenantDetailsFromGraph Get my organization tenant details from graph by calling graph service in version 1.6. #> param ( [string]$GraphApiVersion = "1.6" ) process { $TenantIdentifier = "myorganization" $route = "https://{graphEndpoint}/{tenantIdentifier}/tenantDetails`?api-version={graphApiVersion}" ` | ReplaceMacro -Macro "{tenantIdentifier}" -Value $TenantIdentifier ` | ReplaceMacro -Macro "{graphApiVersion}" -Value $GraphApiVersion; $graphResponse = InvokeApi -Method GET -Route $route if ($graphResponse.value -ne $null) { CreateTenantObject -TenantObj $graphResponse.value } else { return $graphResponse } } } #Returns users or groups from Graph #wrapper on top of https://msdn.microsoft.com/en-us/library/azure/ad/graph/api/users-operations & https://msdn.microsoft.com/en-us/library/azure/ad/graph/api/groups-operations function Get-UsersOrGroupsFromGraph( ) { <# .SYNOPSIS Returns users or groups from Graph. .DESCRIPTION The Get-UsersOrGroupsFromGraph function calls graph and gets users or groups from Graph. Use Get-Help Get-UsersOrGroupsFromGraph -Examples for more detail. .PARAMETER ObjectId User objec Id. .PARAMETER SearchString Search string. .PARAMETER GraphApiVersion Graph version to call. The default version is "1.6". .EXAMPLE Get-UsersOrGroupsFromGraph -ObjectId "12345ba9-805f-43f8-98f7-34fa34aa51a7" Get user with user object Id "12345ba9-805f-43f8-98f7-34fa34aa51a7" from graph by calling graph service in version 1.6. .EXAMPLE Get-UsersOrGroupsFromGraph -SearchString "gfd" Get users who's UserPrincipalName starting with "gfd" from graph by calling graph service in version 1.6. #> [CmdletBinding(DefaultParameterSetName="Id")] param ( [Parameter(Mandatory = $true, ParameterSetName = "Id")] [string]$ObjectId, [Parameter(Mandatory = $true, ParameterSetName = "Search")] [string]$SearchString, [Parameter(Mandatory = $false, ParameterSetName = "Search")] [Parameter(Mandatory = $false, ParameterSetName = "Id")] [string]$GraphApiVersion = "1.6" ) Process { if (-not [string]::IsNullOrWhiteSpace($ObjectId)) { $userGraphUri = "https://graph.windows.net/myorganization/users/{userId}`?&api-version={graphApiVersion}" ` | ReplaceMacro -Macro "{userId}" -Value $ObjectId ` | ReplaceMacro -Macro "{graphApiVersion}" -Value $GraphApiVersion; $userGraphResponse = InvokeApi -Route $userGraphUri -Method GET If($userGraphResponse.StatusCode -eq $null) { CreateUserObject -UserObj $userGraphResponse } $groupsGraphUri = "https://graph.windows.net/myorganization/groups/{groupId}`?api-version={graphApiVersion}" ` | ReplaceMacro -Macro "{groupId}" -Value $ObjectId ` | ReplaceMacro -Macro "{graphApiVersion}" -Value $GraphApiVersion; $groupGraphResponse = InvokeApi -Route $groupsGraphUri -Method GET If($groupGraphResponse.StatusCode -eq $null) { CreateGroupObject -GroupObj $groupGraphResponse } } else { $userFilter = "startswith(userPrincipalName,'$SearchString') or startswith(displayName,'$SearchString')" $userGraphUri = "https://graph.windows.net/myorganization/users`?`$filter={filter}&api-version={graphApiVersion}" ` | ReplaceMacro -Macro "{filter}" -Value $userFilter ` | ReplaceMacro -Macro "{graphApiVersion}" -Value $GraphApiVersion; $userGraphResponse = InvokeApi -Route $userGraphUri -Method GET foreach($user in $userGraphResponse.value) { CreateUserObject -UserObj $user } $groupFilter = "startswith(displayName,'$SearchString')" $groupsGraphUri = "https://graph.windows.net/myorganization/groups`?`$filter={filter}&api-version={graphApiVersion}" ` | ReplaceMacro -Macro "{filter}" -Value $groupFilter ` | ReplaceMacro -Macro "{graphApiVersion}" -Value $GraphApiVersion; $groupsGraphResponse = InvokeApi -Route $groupsGraphUri -Method GET foreach($group in $groupsGraphResponse.value) { CreateGroupObject -GroupObj $group } } } } function CreateUserObject { param ( [Parameter(Mandatory = $true)] [object]$UserObj ) return New-Object -TypeName PSObject ` | Add-Member -PassThru -MemberType NoteProperty -Name ObjectType -Value $UserObj.objectType ` | Add-Member -PassThru -MemberType NoteProperty -Name ObjectId -Value $UserObj.objectId ` | Add-Member -PassThru -MemberType NoteProperty -Name UserPrincipalName -Value $UserObj.userPrincipalName ` | Add-Member -PassThru -MemberType NoteProperty -Name Mail -Value $UserObj.mail ` | Add-Member -PassThru -MemberType NoteProperty -Name DisplayName -Value $UserObj.displayName ` | Add-Member -PassThru -MemberType NoteProperty -Name AssignedLicenses -Value $UserObj.assignedLicenses ` | Add-Member -PassThru -MemberType NoteProperty -Name AssignedPlans -Value $UserObj.assignedLicenses ` | Add-Member -PassThru -MemberType NoteProperty -Name Internal -Value $UserObj; } function CreateGroupObject { param ( [Parameter(Mandatory = $true)] [object]$GroupObj ) return New-Object -TypeName PSObject ` | Add-Member -PassThru -MemberType NoteProperty -Name ObjectType -Value $GroupObj.objectType ` | Add-Member -PassThru -MemberType NoteProperty -Name Objectd -Value $GroupObj.objectId ` | Add-Member -PassThru -MemberType NoteProperty -Name Mail -Value $GroupObj.mail ` | Add-Member -PassThru -MemberType NoteProperty -Name DisplayName -Value $GroupObj.displayName ` | Add-Member -PassThru -MemberType NoteProperty -Name Internal -Value $GroupObj; } function CreateTenantObject { param ( [Parameter(Mandatory = $true)] [object]$TenantObj ) return New-Object -TypeName PSObject ` | Add-Member -PassThru -MemberType NoteProperty -Name ObjectType -Value $TenantObj.objectType ` | Add-Member -PassThru -MemberType NoteProperty -Name TenantId -Value $TenantObj.objectId ` | Add-Member -PassThru -MemberType NoteProperty -Name Country -Value $TenantObj.countryLetterCode ` | Add-Member -PassThru -MemberType NoteProperty -Name Language -Value $TenantObj.preferredLanguage ` | Add-Member -PassThru -MemberType NoteProperty -Name DisplayName -Value $TenantObj.displayName ` | Add-Member -PassThru -MemberType NoteProperty -Name Domains -Value $TenantObj.verifiedDomains ` | Add-Member -PassThru -MemberType NoteProperty -Name Internal -Value $TenantObj; } # SIG # Begin signature block # MIIoLgYJKoZIhvcNAQcCoIIoHzCCKBsCAQExDzANBglghkgBZQMEAgEFADB5Bgor # BgEEAYI3AgEEoGswaTA0BgorBgEEAYI3AgEeMCYCAwEAAAQQH8w7YFlLCE63JNLG # KX7zUQIBAAIBAAIBAAIBAAIBADAxMA0GCWCGSAFlAwQCAQUABCBc3RYZ2GVufWei # GAMjtZMeWN4KYk34e8PMAvPSdlmus6CCDYUwggYDMIID66ADAgECAhMzAAADri01 # UchTj1UdAAAAAAOuMA0GCSqGSIb3DQEBCwUAMH4xCzAJBgNVBAYTAlVTMRMwEQYD # VQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNy # b3NvZnQgQ29ycG9yYXRpb24xKDAmBgNVBAMTH01pY3Jvc29mdCBDb2RlIFNpZ25p # bmcgUENBIDIwMTEwHhcNMjMxMTE2MTkwODU5WhcNMjQxMTE0MTkwODU5WjB0MQsw # CQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9u # ZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMR4wHAYDVQQDExVNaWNy # b3NvZnQgQ29ycG9yYXRpb24wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB # AQD0IPymNjfDEKg+YyE6SjDvJwKW1+pieqTjAY0CnOHZ1Nj5irGjNZPMlQ4HfxXG # yAVCZcEWE4x2sZgam872R1s0+TAelOtbqFmoW4suJHAYoTHhkznNVKpscm5fZ899 # QnReZv5WtWwbD8HAFXbPPStW2JKCqPcZ54Y6wbuWV9bKtKPImqbkMcTejTgEAj82 # 6GQc6/Th66Koka8cUIvz59e/IP04DGrh9wkq2jIFvQ8EDegw1B4KyJTIs76+hmpV # M5SwBZjRs3liOQrierkNVo11WuujB3kBf2CbPoP9MlOyyezqkMIbTRj4OHeKlamd # WaSFhwHLJRIQpfc8sLwOSIBBAgMBAAGjggGCMIIBfjAfBgNVHSUEGDAWBgorBgEE # AYI3TAgBBggrBgEFBQcDAzAdBgNVHQ4EFgQUhx/vdKmXhwc4WiWXbsf0I53h8T8w # VAYDVR0RBE0wS6RJMEcxLTArBgNVBAsTJE1pY3Jvc29mdCBJcmVsYW5kIE9wZXJh # dGlvbnMgTGltaXRlZDEWMBQGA1UEBRMNMjMwMDEyKzUwMTgzNjAfBgNVHSMEGDAW # gBRIbmTlUAXTgqoXNzcitW2oynUClTBUBgNVHR8ETTBLMEmgR6BFhkNodHRwOi8v # d3d3Lm1pY3Jvc29mdC5jb20vcGtpb3BzL2NybC9NaWNDb2RTaWdQQ0EyMDExXzIw # MTEtMDctMDguY3JsMGEGCCsGAQUFBwEBBFUwUzBRBggrBgEFBQcwAoZFaHR0cDov # L3d3dy5taWNyb3NvZnQuY29tL3BraW9wcy9jZXJ0cy9NaWNDb2RTaWdQQ0EyMDEx # XzIwMTEtMDctMDguY3J0MAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQELBQADggIB # AGrJYDUS7s8o0yNprGXRXuAnRcHKxSjFmW4wclcUTYsQZkhnbMwthWM6cAYb/h2W # 5GNKtlmj/y/CThe3y/o0EH2h+jwfU/9eJ0fK1ZO/2WD0xi777qU+a7l8KjMPdwjY # 0tk9bYEGEZfYPRHy1AGPQVuZlG4i5ymJDsMrcIcqV8pxzsw/yk/O4y/nlOjHz4oV # APU0br5t9tgD8E08GSDi3I6H57Ftod9w26h0MlQiOr10Xqhr5iPLS7SlQwj8HW37 # ybqsmjQpKhmWul6xiXSNGGm36GarHy4Q1egYlxhlUnk3ZKSr3QtWIo1GGL03hT57 # xzjL25fKiZQX/q+II8nuG5M0Qmjvl6Egltr4hZ3e3FQRzRHfLoNPq3ELpxbWdH8t # Nuj0j/x9Crnfwbki8n57mJKI5JVWRWTSLmbTcDDLkTZlJLg9V1BIJwXGY3i2kR9i # 5HsADL8YlW0gMWVSlKB1eiSlK6LmFi0rVH16dde+j5T/EaQtFz6qngN7d1lvO7uk # 6rtX+MLKG4LDRsQgBTi6sIYiKntMjoYFHMPvI/OMUip5ljtLitVbkFGfagSqmbxK # 7rJMhC8wiTzHanBg1Rrbff1niBbnFbbV4UDmYumjs1FIpFCazk6AADXxoKCo5TsO # zSHqr9gHgGYQC2hMyX9MGLIpowYCURx3L7kUiGbOiMwaMIIHejCCBWKgAwIBAgIK # YQ6Q0gAAAAAAAzANBgkqhkiG9w0BAQsFADCBiDELMAkGA1UEBhMCVVMxEzARBgNV # BAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jv # c29mdCBDb3Jwb3JhdGlvbjEyMDAGA1UEAxMpTWljcm9zb2Z0IFJvb3QgQ2VydGlm # aWNhdGUgQXV0aG9yaXR5IDIwMTEwHhcNMTEwNzA4MjA1OTA5WhcNMjYwNzA4MjEw # OTA5WjB+MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UE # BxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSgwJgYD # VQQDEx9NaWNyb3NvZnQgQ29kZSBTaWduaW5nIFBDQSAyMDExMIICIjANBgkqhkiG # 9w0BAQEFAAOCAg8AMIICCgKCAgEAq/D6chAcLq3YbqqCEE00uvK2WCGfQhsqa+la # UKq4BjgaBEm6f8MMHt03a8YS2AvwOMKZBrDIOdUBFDFC04kNeWSHfpRgJGyvnkmc # 6Whe0t+bU7IKLMOv2akrrnoJr9eWWcpgGgXpZnboMlImEi/nqwhQz7NEt13YxC4D # dato88tt8zpcoRb0RrrgOGSsbmQ1eKagYw8t00CT+OPeBw3VXHmlSSnnDb6gE3e+ # lD3v++MrWhAfTVYoonpy4BI6t0le2O3tQ5GD2Xuye4Yb2T6xjF3oiU+EGvKhL1nk # kDstrjNYxbc+/jLTswM9sbKvkjh+0p2ALPVOVpEhNSXDOW5kf1O6nA+tGSOEy/S6 # A4aN91/w0FK/jJSHvMAhdCVfGCi2zCcoOCWYOUo2z3yxkq4cI6epZuxhH2rhKEmd # X4jiJV3TIUs+UsS1Vz8kA/DRelsv1SPjcF0PUUZ3s/gA4bysAoJf28AVs70b1FVL # 5zmhD+kjSbwYuER8ReTBw3J64HLnJN+/RpnF78IcV9uDjexNSTCnq47f7Fufr/zd # sGbiwZeBe+3W7UvnSSmnEyimp31ngOaKYnhfsi+E11ecXL93KCjx7W3DKI8sj0A3 # T8HhhUSJxAlMxdSlQy90lfdu+HggWCwTXWCVmj5PM4TasIgX3p5O9JawvEagbJjS # 4NaIjAsCAwEAAaOCAe0wggHpMBAGCSsGAQQBgjcVAQQDAgEAMB0GA1UdDgQWBBRI # bmTlUAXTgqoXNzcitW2oynUClTAZBgkrBgEEAYI3FAIEDB4KAFMAdQBiAEMAQTAL # BgNVHQ8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAfBgNVHSMEGDAWgBRyLToCMZBD # uRQFTuHqp8cx0SOJNDBaBgNVHR8EUzBRME+gTaBLhklodHRwOi8vY3JsLm1pY3Jv # c29mdC5jb20vcGtpL2NybC9wcm9kdWN0cy9NaWNSb29DZXJBdXQyMDExXzIwMTFf # MDNfMjIuY3JsMF4GCCsGAQUFBwEBBFIwUDBOBggrBgEFBQcwAoZCaHR0cDovL3d3 # dy5taWNyb3NvZnQuY29tL3BraS9jZXJ0cy9NaWNSb29DZXJBdXQyMDExXzIwMTFf # MDNfMjIuY3J0MIGfBgNVHSAEgZcwgZQwgZEGCSsGAQQBgjcuAzCBgzA/BggrBgEF # BQcCARYzaHR0cDovL3d3dy5taWNyb3NvZnQuY29tL3BraW9wcy9kb2NzL3ByaW1h # cnljcHMuaHRtMEAGCCsGAQUFBwICMDQeMiAdAEwAZQBnAGEAbABfAHAAbwBsAGkA # YwB5AF8AcwB0AGEAdABlAG0AZQBuAHQALiAdMA0GCSqGSIb3DQEBCwUAA4ICAQBn # 8oalmOBUeRou09h0ZyKbC5YR4WOSmUKWfdJ5DJDBZV8uLD74w3LRbYP+vj/oCso7 # v0epo/Np22O/IjWll11lhJB9i0ZQVdgMknzSGksc8zxCi1LQsP1r4z4HLimb5j0b # pdS1HXeUOeLpZMlEPXh6I/MTfaaQdION9MsmAkYqwooQu6SpBQyb7Wj6aC6VoCo/ # KmtYSWMfCWluWpiW5IP0wI/zRive/DvQvTXvbiWu5a8n7dDd8w6vmSiXmE0OPQvy # CInWH8MyGOLwxS3OW560STkKxgrCxq2u5bLZ2xWIUUVYODJxJxp/sfQn+N4sOiBp # mLJZiWhub6e3dMNABQamASooPoI/E01mC8CzTfXhj38cbxV9Rad25UAqZaPDXVJi # hsMdYzaXht/a8/jyFqGaJ+HNpZfQ7l1jQeNbB5yHPgZ3BtEGsXUfFL5hYbXw3MYb # BL7fQccOKO7eZS/sl/ahXJbYANahRr1Z85elCUtIEJmAH9AAKcWxm6U/RXceNcbS # oqKfenoi+kiVH6v7RyOA9Z74v2u3S5fi63V4GuzqN5l5GEv/1rMjaHXmr/r8i+sL # gOppO6/8MO0ETI7f33VtY5E90Z1WTk+/gFcioXgRMiF670EKsT/7qMykXcGhiJtX # cVZOSEXAQsmbdlsKgEhr/Xmfwb1tbWrJUnMTDXpQzTGCGf8wghn7AgEBMIGVMH4x # CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRt # b25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xKDAmBgNVBAMTH01p # Y3Jvc29mdCBDb2RlIFNpZ25pbmcgUENBIDIwMTECEzMAAAOuLTVRyFOPVR0AAAAA # A64wDQYJYIZIAWUDBAIBBQCggaAwGQYJKoZIhvcNAQkDMQwGCisGAQQBgjcCAQQw # HAYKKwYBBAGCNwIBCzEOMAwGCisGAQQBgjcCARUwLwYJKoZIhvcNAQkEMSIEIJJz # n7T6LmUIyIP+qNQ22PR2QPx8dKoCtIUREfjqrzvvMDQGCisGAQQBgjcCAQwxJjAk # oBKAEABUAGUAcwB0AFMAaQBnAG6hDoAMaHR0cDovL3Rlc3QgMA0GCSqGSIb3DQEB # AQUABIIBAGTwEg9TJm0pPnFotGsDNT9VGDXhKQLkNOAtyRDQ9nyTEumgdZ0LxD0b # MQEmPuhh6z8z4XIbhAHT567Mx/kojIctvYx1TpD6bwW9iJta6Z58qa/rI12Nmhkz # tSAJn/fDg+z+DQQZN3vt2i0pZEDVNLpInL/MvsDhHhXwImik8zVUkQhZ1jGYZyAK # Rri7n0wweM08vj4oNjUQP/fFCwwMtPlHKXIa0y4VGfwrIxaExCwrzPJzGVQxBNIc # Z3mELN6tQvJfk4xQ3r35mJ8KBj0NYp2I0kDo5YwBX44bnjVdsqNC/iyg1caXfW9V # 2/X456VYlBOyjFstvAoiEBDFlHVJxPahgheXMIIXkwYKKwYBBAGCNwMDATGCF4Mw # ghd/BgkqhkiG9w0BBwKgghdwMIIXbAIBAzEPMA0GCWCGSAFlAwQCAQUAMIIBUgYL # KoZIhvcNAQkQAQSgggFBBIIBPTCCATkCAQEGCisGAQQBhFkKAwEwMTANBglghkgB # ZQMEAgEFAAQgEfqcwS4zAcs5oOdoEy/dHlXWVIJ4s3AesKWb9z5qJ2wCBmXnqAnn # iBgTMjAyNDAzMTExNjUzMDUuODYzWjAEgAIB9KCB0aSBzjCByzELMAkGA1UEBhMC # VVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNV # BAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjElMCMGA1UECxMcTWljcm9zb2Z0IEFt # ZXJpY2EgT3BlcmF0aW9uczEnMCUGA1UECxMeblNoaWVsZCBUU1MgRVNOOjkyMDAt # MDVFMC1EOTQ3MSUwIwYDVQQDExxNaWNyb3NvZnQgVGltZS1TdGFtcCBTZXJ2aWNl # oIIR7TCCByAwggUIoAMCAQICEzMAAAHnLo8vkwtPG+kAAQAAAecwDQYJKoZIhvcN # AQELBQAwfDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNV # BAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEmMCQG # A1UEAxMdTWljcm9zb2Z0IFRpbWUtU3RhbXAgUENBIDIwMTAwHhcNMjMxMjA2MTg0 # NTE5WhcNMjUwMzA1MTg0NTE5WjCByzELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldh # c2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBD # b3Jwb3JhdGlvbjElMCMGA1UECxMcTWljcm9zb2Z0IEFtZXJpY2EgT3BlcmF0aW9u # czEnMCUGA1UECxMeblNoaWVsZCBUU1MgRVNOOjkyMDAtMDVFMC1EOTQ3MSUwIwYD # VQQDExxNaWNyb3NvZnQgVGltZS1TdGFtcCBTZXJ2aWNlMIICIjANBgkqhkiG9w0B # AQEFAAOCAg8AMIICCgKCAgEAwlefL+CLkOufVzzNQ7WljL/fx0VAuZHYhBfPWAT+ # v0Z+5I6jJGeREnpn+RJYuAi7UFUnn0aRdY+0uSyyorDFjhkWi3GlWxk33JiNbzES # dbczMAjSKAqv78vFh/EHVdQfwG+bCvkPciL8xsOO031zxPEZa2rsCv3vp1p8DLdO # tGpBGYiSc9VYdS4UmCmoj/WdtxGZhhEwlooJCm3LgJ4b4d8qzGvPbgX2nh0GRBxk # KnbJDOPBAXFklnaYkkgYgMcoR1JG5J5fTz87Qf0lMc0WY1M1h4PW39ZqmdHCIgFg # tBIyuzjYZUHykkR1SyizT6Zd//lC+F43NGL3anPPIDi1K//OE/f8Sua/Nrpb0adg # PP2q/XBuFu+udLimgMUQJoC+ISoCF+f9GiALG8qiTmujiBkhfWvg315dS6UDzSke # /drHBe7Yw+VqsCLon0vWFIhzL0S44ypNEkglf5qVwtAaD5JOWrH8a6yWwrCXjx0j # hG5aSc0Zs2j+jjF8EXK2+01xUDrE5CrqpFr72CD71cwuvFDPjLJCz5XdXqnTjjCu # 0m239rRkmX9/ojsFkDHFlwfYMOYCtwCGCtPFpCSbssz6n4rYLm3UQpmK/QlbDTrl # vsBw2BoXIiQxdi5K45BVI1HF0iCXfX9rLGIrWfQrqxle+AUHH68Y75NS/I77Te5r # pSMCAwEAAaOCAUkwggFFMB0GA1UdDgQWBBTP/uCYgJ82OHaRH/2Za4dSu96PWDAf # BgNVHSMEGDAWgBSfpxVdAF5iXYP05dJlpxtTNRnpcjBfBgNVHR8EWDBWMFSgUqBQ # hk5odHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpb3BzL2NybC9NaWNyb3NvZnQl # MjBUaW1lLVN0YW1wJTIwUENBJTIwMjAxMCgxKS5jcmwwbAYIKwYBBQUHAQEEYDBe # MFwGCCsGAQUFBzAChlBodHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpb3BzL2Nl # cnRzL01pY3Jvc29mdCUyMFRpbWUtU3RhbXAlMjBQQ0ElMjAyMDEwKDEpLmNydDAM # BgNVHRMBAf8EAjAAMBYGA1UdJQEB/wQMMAoGCCsGAQUFBwMIMA4GA1UdDwEB/wQE # AwIHgDANBgkqhkiG9w0BAQsFAAOCAgEAdKHw25PpZVotXAup7H4nuSbadPaOm+gE # Qqb7Qz6tihT/oYvlDTT+yxnIirnJKlwpgUxSIXwXhksb5OsnKJHUK9/NeaRDmmFk # 5x70NPvISsvOq9ReK3wbuKBweXE8tPE+KIaxvzmBvwf4DZ89Dper+7v6hI8+PM12 # emZcShsmcCpimVmgXdg2BMMyqXS5AcbOgOnp1mUdI2PquRXW1eOYIRkyoEq+RAgD # pyw+J4ycH4yKtJkWVsA2UKF7SUmlR0rtpR0C92BxBYpLp21EyXzXwQyy+xr/rE5k # Yg2ZMuTgMaCxtoGk37ohW36Zknz3IJeQjlM3zEJ86Sn1+vhZCNEEDb7j6VrA1PLE # frp4tlZg6O65qia6JuIoYFTXS2jHzVKrwS+WYkitc5mhCwSfWvmDoxOaZkmq1ubB # m5+4lZBdlvSUCDh+rRlixSUuR7N+s2oZKB4fIg/ety3ho2apBbrCmlFu9sjI/8sU # 3hhAzqCK9+ZMF8a9VLvs5Lq9svhbjWNKGY6ac6feQFtZXoT9MWjvqAVdV372grq/ # weT1QKdsc66LDBFHAMKSaYqPlWHyLnxo+5nl3BkGFgPFJq/CugLqPiZY/CHhUupU # ryoakKZnQcwDBqjzkCrdTsN2V8XoSu7wIopt2YgC5TNCueOpNLGa8XWT4KZs+zvM # PYBy7smQEHswggdxMIIFWaADAgECAhMzAAAAFcXna54Cm0mZAAAAAAAVMA0GCSqG # SIb3DQEBCwUAMIGIMQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQ # MA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9u # MTIwMAYDVQQDEylNaWNyb3NvZnQgUm9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkg # MjAxMDAeFw0yMTA5MzAxODIyMjVaFw0zMDA5MzAxODMyMjVaMHwxCzAJBgNVBAYT # AlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYD # VQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xJjAkBgNVBAMTHU1pY3Jvc29mdCBU # aW1lLVN0YW1wIFBDQSAyMDEwMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKC # AgEA5OGmTOe0ciELeaLL1yR5vQ7VgtP97pwHB9KpbE51yMo1V/YBf2xK4OK9uT4X # YDP/XE/HZveVU3Fa4n5KWv64NmeFRiMMtY0Tz3cywBAY6GB9alKDRLemjkZrBxTz # xXb1hlDcwUTIcVxRMTegCjhuje3XD9gmU3w5YQJ6xKr9cmmvHaus9ja+NSZk2pg7 # uhp7M62AW36MEBydUv626GIl3GoPz130/o5Tz9bshVZN7928jaTjkY+yOSxRnOlw # aQ3KNi1wjjHINSi947SHJMPgyY9+tVSP3PoFVZhtaDuaRr3tpK56KTesy+uDRedG # bsoy1cCGMFxPLOJiss254o2I5JasAUq7vnGpF1tnYN74kpEeHT39IM9zfUGaRnXN # xF803RKJ1v2lIH1+/NmeRd+2ci/bfV+AutuqfjbsNkz2K26oElHovwUDo9Fzpk03 # dJQcNIIP8BDyt0cY7afomXw/TNuvXsLz1dhzPUNOwTM5TI4CvEJoLhDqhFFG4tG9 # ahhaYQFzymeiXtcodgLiMxhy16cg8ML6EgrXY28MyTZki1ugpoMhXV8wdJGUlNi5 # UPkLiWHzNgY1GIRH29wb0f2y1BzFa/ZcUlFdEtsluq9QBXpsxREdcu+N+VLEhReT # wDwV2xo3xwgVGD94q0W29R6HXtqPnhZyacaue7e3PmriLq0CAwEAAaOCAd0wggHZ # MBIGCSsGAQQBgjcVAQQFAgMBAAEwIwYJKwYBBAGCNxUCBBYEFCqnUv5kxJq+gpE8 # RjUpzxD/LwTuMB0GA1UdDgQWBBSfpxVdAF5iXYP05dJlpxtTNRnpcjBcBgNVHSAE # VTBTMFEGDCsGAQQBgjdMg30BATBBMD8GCCsGAQUFBwIBFjNodHRwOi8vd3d3Lm1p # Y3Jvc29mdC5jb20vcGtpb3BzL0RvY3MvUmVwb3NpdG9yeS5odG0wEwYDVR0lBAww # CgYIKwYBBQUHAwgwGQYJKwYBBAGCNxQCBAweCgBTAHUAYgBDAEEwCwYDVR0PBAQD # AgGGMA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAU1fZWy4/oolxiaNE9lJBb # 186aGMQwVgYDVR0fBE8wTTBLoEmgR4ZFaHR0cDovL2NybC5taWNyb3NvZnQuY29t # L3BraS9jcmwvcHJvZHVjdHMvTWljUm9vQ2VyQXV0XzIwMTAtMDYtMjMuY3JsMFoG # CCsGAQUFBwEBBE4wTDBKBggrBgEFBQcwAoY+aHR0cDovL3d3dy5taWNyb3NvZnQu # Y29tL3BraS9jZXJ0cy9NaWNSb29DZXJBdXRfMjAxMC0wNi0yMy5jcnQwDQYJKoZI # hvcNAQELBQADggIBAJ1VffwqreEsH2cBMSRb4Z5yS/ypb+pcFLY+TkdkeLEGk5c9 # MTO1OdfCcTY/2mRsfNB1OW27DzHkwo/7bNGhlBgi7ulmZzpTTd2YurYeeNg2Lpyp # glYAA7AFvonoaeC6Ce5732pvvinLbtg/SHUB2RjebYIM9W0jVOR4U3UkV7ndn/OO # PcbzaN9l9qRWqveVtihVJ9AkvUCgvxm2EhIRXT0n4ECWOKz3+SmJw7wXsFSFQrP8 # DJ6LGYnn8AtqgcKBGUIZUnWKNsIdw2FzLixre24/LAl4FOmRsqlb30mjdAy87JGA # 0j3mSj5mO0+7hvoyGtmW9I/2kQH2zsZ0/fZMcm8Qq3UwxTSwethQ/gpY3UA8x1Rt # nWN0SCyxTkctwRQEcb9k+SS+c23Kjgm9swFXSVRk2XPXfx5bRAGOWhmRaw2fpCjc # ZxkoJLo4S5pu+yFUa2pFEUep8beuyOiJXk+d0tBMdrVXVAmxaQFEfnyhYWxz/gq7 # 7EFmPWn9y8FBSX5+k77L+DvktxW/tM4+pTFRhLy/AsGConsXHRWJjXD+57XQKBqJ # C4822rpM+Zv/Cuk0+CQ1ZyvgDbjmjJnW4SLq8CdCPSWU5nR0W2rRnj7tfqAxM328 # y+l7vzhwRNGQ8cirOoo6CGJ/2XBjU02N7oJtpQUQwXEGahC0HVUzWLOhcGbyoYID # UDCCAjgCAQEwgfmhgdGkgc4wgcsxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNo # aW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29y # cG9yYXRpb24xJTAjBgNVBAsTHE1pY3Jvc29mdCBBbWVyaWNhIE9wZXJhdGlvbnMx # JzAlBgNVBAsTHm5TaGllbGQgVFNTIEVTTjo5MjAwLTA1RTAtRDk0NzElMCMGA1UE # AxMcTWljcm9zb2Z0IFRpbWUtU3RhbXAgU2VydmljZaIjCgEBMAcGBSsOAwIaAxUA # s3IE5xmrEsHv3a7vnD3tTRf78EOggYMwgYCkfjB8MQswCQYDVQQGEwJVUzETMBEG # A1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWlj # cm9zb2Z0IENvcnBvcmF0aW9uMSYwJAYDVQQDEx1NaWNyb3NvZnQgVGltZS1TdGFt # cCBQQ0EgMjAxMDANBgkqhkiG9w0BAQsFAAIFAOmZZk4wIhgPMjAyNDAzMTExMTE1 # MjZaGA8yMDI0MDMxMjExMTUyNlowdzA9BgorBgEEAYRZCgQBMS8wLTAKAgUA6Zlm # TgIBADAKAgEAAgIOWAIB/zAHAgEAAgITejAKAgUA6Zq3zgIBADA2BgorBgEEAYRZ # CgQCMSgwJjAMBgorBgEEAYRZCgMCoAowCAIBAAIDB6EgoQowCAIBAAIDAYagMA0G # CSqGSIb3DQEBCwUAA4IBAQCdLAIIB70Xma7Jhlsq+bjq5Ku9E7pvYeP1u/bpHMe8 # 8DY8oTia+BlqKBdRDtb/h6rpM6ByqMW620S/SvaHoGIoC1kKJx53h1LKHa/TgWr8 # VH/MSzovW+RzcCqg0n9C4hssYW5Izo/J8lHncyNWIIErM2YYrwb6ay1JuxKW81if # EX0JM036lk1OUCVa1a7netU6o2PUUZ141EqSErOyaP09MKYzDpnssbYkAjKh4hAy # ZHD9dPsUUsnOjKb8+LBGAlebF5AUBh/WaVmDviZaUAMkk150hdzwRNxIdHqB4+p4 # igMR5B6ZLqMoxCkrm51rpc6V4WJOfqTrE+QEksML6DbMMYIEDTCCBAkCAQEwgZMw # fDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1Jl # ZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEmMCQGA1UEAxMd # TWljcm9zb2Z0IFRpbWUtU3RhbXAgUENBIDIwMTACEzMAAAHnLo8vkwtPG+kAAQAA # AecwDQYJYIZIAWUDBAIBBQCgggFKMBoGCSqGSIb3DQEJAzENBgsqhkiG9w0BCRAB # BDAvBgkqhkiG9w0BCQQxIgQgluzTwZvBbxSrE+5TOStobatRvgIQobdJiv6DIcAh # I8cwgfoGCyqGSIb3DQEJEAIvMYHqMIHnMIHkMIG9BCDlNl0NdmqG/Q3gxVzPVBR3 # hF++Bb9AAb0DBu6gudZzrTCBmDCBgKR+MHwxCzAJBgNVBAYTAlVTMRMwEQYDVQQI # EwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3Nv # ZnQgQ29ycG9yYXRpb24xJjAkBgNVBAMTHU1pY3Jvc29mdCBUaW1lLVN0YW1wIFBD # QSAyMDEwAhMzAAAB5y6PL5MLTxvpAAEAAAHnMCIEIN+JuJLH1GrGWHbpsY1ZKjgk # rlQ8RJZONPEhRjlVdRXAMA0GCSqGSIb3DQEBCwUABIICAEiqF9pgwfXehn2/sBnW # SbS8l8ajMgzIugCHafXrM/duJji+10mYL9PdvGYV+oK7zH0J6tAfsFF5CgcqcMzT # 6yV8PQ6Xe0ARt1EqRHHmiUuiqlLaTsM92K0TacNfCcwXdbDWFD2Ium4fpKWd5KsB # /3xdin2rVQptkYPWYXx0CIv1ztHCWrYWxiO2zVxjB46nJOlntQpayWSRj84iEAoJ # tI2ubVJWZxJpxw8fVYT6rh/h9T9awFAgUXYqlPTa6q50j/9VtDLE2bS1HZ/2EfFF # mRWmeBCRURWlf2O0gfbsNMY8ATwUhYJVojGJKhqwRIuUdogU1hBkG7Tq12IZV81D # 12zsW8zzw02ptb39btaOmNdt8SYTbjMkfWUAZAFKVKLIs4RPSeVRiBR2m/xj6I++ # sldTfECZL9LASskg3EfgxfeaucZsbVKKe4btu6cKNqxzHNu5oL79Pr1tgoe42a8M # ZqUY8pO0ihOZj6GHRZP4+mta7jx9r3L3YwVoGvKcTj7ppjDqIfrplXjrSPgrVn+6 # rm2UPmjj1N7tyfYLSeKT4VCziDkRQ/2Stu6zOWsNS+jD7Sb1evEQxBt4aYVyjZTe # rSatCjYcQt40QXSeDYoquDZBSKZoplcTUVWKK8nmaBtyC4+pLkHhjTLFIiTpl7Hw # lL2mmXLl0bwOvXGQI1bWZGx4 # SIG # End signature block |