Page tree
Skip to end of metadata
Go to start of metadata

Sequence diagram for Personal Desktop authentication

Expand/Collapse All

Prerequisites

 Prerequisites
  • Installed Hermod, see here.

Step-by-step instruction

 Create authentication request in Hermod

An authentication request is generated in Hermod and a temporary URL is returned that is used on the web page to invoke Personal Desktop client.

  1. Send authentication request, see code example.

    Example: Authentication command
    POST /rest/command/authenticate
    {
       "commandHeader":{
          "lifespan":120,
          "timeout":120,
          "to":[
             "@tmp"
          ]
       },
       "authCommand":{
          "params":{
             "description":[
                {
                   "content_encoding":"base64",
                   "content_type":"text/plain",
                   "data":"TmV4dXN2aWxsZSBCYW5r",
                   "description":"Authentication request from",
                   "key":"Requestor",
                   "visible":true
                },
                {
              "content_encoding": "base64",
              "content_type": "image/jpeg",
              "key": "auth_image",
              "description": "Verification image",
              "data": "/9j/4QAYRXhpZgAASUkqAAgAAAAAAAAAAAAAAP/sABFEdWNreQABAAQAAAAKAAD/4QN7aHR0cDovL25zLmFkb2JlLmNvbS94YXAvMS4wLwA8P3hwYWNrZXQgYmVnaW49Iu+7vyIgaWQ9Ilc1TTBNcENlaGlIenJlU3pOVGN6a2M5ZCI/PiA8eDp4bXBtZXRhIHhtbG5zOng9ImFkb2JlOm5zOm1ldGEvIiB4OnhtcHRrPSJBZG9iZSBYTVAgQ29yZSA1LjYtYzEzMiA3OS4xNTkyODQsIDIwMTYvMDQvMTktMTM6MTM6NDAgICAgICAgICI+IDxyZGY6UkRGIHhtbG5zOnJkZj0iaHR0cDovL3d3dy53My5vcmcvMTk5OS8wMi8yMi1yZGYtc3ludGF4LW5zIyI+IDxyZGY6RGVzY3JpcHRpb24gcmRmOmFib3V0PSIiIHhtbG5zOnhtcE1NPSJodHRwOi8vbnMuYWRvYmUuY29tL3hhcC8xLjAvbW0vIiB4bWxuczpzdFJlZj0iaHR0cDovL25zLmFkb2JlLmNvbS94YXAvMS4wL3NUeXBlL1Jlc291cmNlUmVmIyIgeG1sbnM6eG1wPSJodHRwOi8vbnMuYWRvYmUuY29tL3hhcC8xLjAvIiB4bXBNTTpPcmlnaW5hbERvY3VtZW50SUQ9InhtcC5kaWQ6Y2I1YWY5NDEtYjBjZC00ZGU5LTk5YjQtMjRjY2M2NWE5OWU0IiB4bXBNTTpEb2N1bWVudElEPSJ4bXAuZGlkOkUyNEZGRUYyOUQzRDExRTZBNEE2RTM5NDA5MDU5RDQ5IiB4bXBNTTpJbnN0YW5jZUlEPSJ4bXAuaWlkOjcxMTI3MDEyOUQzODExRTZBNEE2RTM5NDA5MDU5RDQ5IiB4bXA6Q3JlYXRvclRvb2w9IkFkb2JlIFBob3Rvc2hvcCBDQyAyMDE1LjUgKE1hY2ludG9zaCkiPiA8eG1wTU06RGVyaXZlZEZyb20gc3RSZWY6aW5zdGFuY2VJRD0ieG1wLmlpZDpFMDEyQzE2NDg4Q0UxMUU2OUZCMDg3MjgyRkRENTZEMyIgc3RSZWY6ZG9jdW1lbnRJRD0ieG1wLmRpZDpFMDEyQzE2NTg4Q0UxMUU2OUZCMDg3MjgyRkRENTZEMyIvPiA8L3JkZjpEZXNjcmlwdGlvbj4gPC9yZGY6UkRGPiA8L3g6eG1wbWV0YT4gPD94cGFja2V0IGVuZD0iciI/Pv/uAA5BZG9iZQBkwAAAAAH/2wCEABQQEBkSGScXFycyJh8mMi4mJiYmLj41NTU1NT5EQUFBQUFBREREREREREREREREREREREREREREREREREREREQBFRkZIBwgJhgYJjYmICY2RDYrKzZERERCNUJERERERERERERERERERERERERERERERERERERERERERERERERERP/AABEIASwDIAMBIgACEQEDEQH/xACPAAACAwEBAQAAAAAAAAAAAAACAwEEBQAGBwEBAQEBAQEAAAAAAAAAAAAAAAECAwQFEAACAgEDAgQEBQIFBQADAQAAAQIDESESBDFBUSITBWFxMhSBkaFCUjMV8LHB4SPR8WJyBkMkNCURAQEBAAICAgEDBAMAAAAAAAABESECMQNBElFhMgRxIkITscEj/9oADAMBAAIRAxEAPwDvLBN46lRJdh1u7AqC11MO2mWRSxJ9EYXJs3zbXc2OZCVtW6PRGHKLXUYxaVgfDpgCFM7HiKLH2kq9XJfIVJAoldSFow4LLMtGxqndFY6IXZvh5Zdjc4vDxBbsruZ/udW2Sa6Bb1+VTj62RXxNyUcyTMThLN0Tcsk46rrjQ318OXbmrvGW2PzGz4Cmn5sZ/wAMq8VSSSk8tkT5EoNxk+pZT6g5XtHqVbE3vS3L/cQvYoPyRm8xaU3/ANC7yOavRzF46f4+QP3u5pQzj49Ne7NcVnmM3g+zfcVb5ya8zS+S7lqr2lVQzOWI4Wvxf+wb5z3uLbUIp9ur7fkia/coRinbLz+HgODaq/2VyxLd5WpSb+C6aGItZaHo5c+Dy3PpHavh4/izzsY+byrL7EtWbS5S8+EW1NxigY8axxdslhJrP4h+nujkxa6ScI9Y6PISeomUQYR8wGs7lbXh9MGc4pa9i9s/49GVF5n8DHg7A49W+1aYRvWzcILBm8ClztwjV5lWyKj3JbyvWcEQukXPVSjr4FGqI22LxjxJa1iKuOrHtl1Q2qtVNxZO7EFPutGI5HI3dOpvrzGbwZfHBUm4vQTZY5atic4NyMU5VSjmyt9Oq/6F7j8zbHOHJvT8Chx7nCRftsjT/wAi6Pt2yS8eFk1o0S9XM+nYo+589VR2Q6snh8xWZio4Zm+5NOzb3Je28LOuM927nlnLMnoM+2zhI06OLGuOe5VwPBpsffCLOcS9NvLEwsnGWi0Bm7HZGx6JPqSrjVqlLY45xgzOVLza6mrKcYxzF4bX4mHdFtt+JmKW5oWrMMF14OjXk0jW4ksouW1uyPgUuIvTwjVr1Od8rilRX6c9z6IsOauaXxCtik3lZK8MQ1ZuVnFvkT3vcm1jTUq5T+rUXyuSo47Z1Kcual3Lpi8kkGpRRjy9wS7iv7hkbUyNx2wQL5UUYEuc+wmXMm+45OGzyvcFHRMyrOe30Kc7HJ5YGTU1mny5MmLdrYrJGShjsZG4DJGQD3HZAydkA8nZBydkAjgcnZAIgjJ2QCSCUULJyEOio92WYKldZFDJ2S6NmMqseVZC9bHRYMRTlHoPhy5dJGLGtaTsk+rIk1jqVlmQarbMqJyWSG326eJYhXJJxykn1EYS06omrgFGxpY6Md9pPcoyWq0/E6Fux5WmDSc4Z0bWNfmDFWnjO2ezReLfY1K6KOJ080u7fQp02pTU4t7XjQm+ala4yyl1JBenZTdFuSWDGsxXPCz4obKuUn10WuCb4t2RwslswUblLc8xxgSrdslg1eU/uJbcJJeBlcmCrsxDVdh1rFny066vuMSj9USvy+E4ta5fcscCzbpkZbGe7E8YNXiunSSxTo4+OgNtars3PVliucXPBb5VMbKsxwmtckvJevDznJ+tsp2FzkfUynYdI5LXtqzY/kaKrW5Of4Gf7c9s3LwRbs5OcSerOffd4VYm11Ahhvpr2RXlJ9WRDkSjNNafExnCLdk03sm9PAR6UYR0QLlulp+ZNlucLGkSq1bM4K8rNMIiHLzr2GRhGySS7nS63MX+FR6nGlF9Xkw/K3iSN+7kw4u2pP5mBZHzPHidPhz+TFQsZr/IRKuUw4WOHUbdZmG5GLPw1L+VF4i8PsX+BS/6u3yJ9ShVB2yUfFnqbsVVbILCii9eml7ZWZPk2W2YQ2zgW3Ry9dNA+FXPrt6/A2YbljJOvWWr27ZHleHwZU34t0eMlrmTdcMrq/0Lvu0vSnCz4tFCViux3bePkO8y4z0urtV2IQ+WDubjGfBoryzCOxdYst1xd9XxOeumMrk2yi1n6FrtJ/u08pyXlT7Fb3ST9TaumCnl7TU2M3K0p+9zc/LFLwKtNkVap2a65ZSw9w6Whpgc5KcnKKwmyHY4axLPE4Ft8U0sR8ZGlX7TXHWx7n4dEbnS1m95FP2+ifO8km9qefxPRR9urqjhFWKVa2w8q8EC3L+T/M7T1zHP/bTLPa42dH+hl8j2/wBGWH+Zq132R6S/MG+D5C1eqM9vXxw3PbzyzuLHZo9U/ErciuUZ6Ywy0uNdGaT6eJY5HGrt2quTcs/hg4Xp2zXW9pV/2rjworz+56tk8qcO71FzujTVjODzXL5zse2L0RxktdLxGxVdCVjjHoi9OOY5POe3WNzPQWW7IJvRE7TLiy8Et5jKJmWTecmnPG3KMu5bXnt3OvXwxQOaYlzE2T2v4C/UyVFqM9TSi/VqaZiRlqbPEl5P8yUjuFdPc0tEVPclizcu5o08eW5pPEe2Cly0nbsWuO7M/Kzw7iPPUvynhCq69sQZSwaaH6m3zMKFzs+lY+Rnyu3PBpcWvbD1JaR/V/4/IWyeUnNOUVBavMmVr4Pa5FunE23jC+JV5Vu9NLojOteFF4YdeFqK6dRcrMdAL65UYtGzx7N6PJQzKSPTcNtQRjssTyHZLKh1Mu6c4PEs5NPlclV9Opj8vlb1jxL1ZpXOm5whYumMGa5s05eXjtPtkz5cfCTz2OsYpGQ4kemw1FlTAsFsKSFtMDmwXInYzvTCB3EZGKsJVjVwnUnA/wBM7YNMI2k7R2w7YNMKwdgbsO2jTCsEDGgWggSTsHYA447BwHHHHAcckccUXab1GOGw3yF2KKHVxck8dDGNasz5clpHuV/Ufc7KTyRp0YxLR1Z656F6HJlFqT6PRmfBjYR9SailnLBObw1eDyFG3HRYwo/HxC5cboSclrn8y3xqI0RT6vpnuyLJLJmznXu6ejjL5U63KEXKejK9vIy20y5ya3yI7U8FNcGcIbpaYf5jHH2+vt0n6flK5DVbj/IpWS3PIVj2LLfYqxsEjzW/CzXa4PTQs8nm408NZGdXJueewUpKx4fVvJ0k0lwuPMcbNw6/3Gd+K4+WPf4lOcVGTS7D+HCM7YqX05WS/WL9rR3Rbb0KlkZeDPbcudVG3dHWXRFedcZ67fwOf27Tn68NfWeN5eZ4KlvwaK4UGszljHQ1aq4xi5NLJjyk5vo8vojl19l9lsnH1O/T6Z+ouRXF6QegqHFc8yeiXTJybhLbLRrqOVjisNdTd2OflWbwsLx6hJOXwyNrqd0tsVk0eJTVS3Zct7Se2Pb8TWEYFNjWhbjdjoZyG7so6Ku2Wuxbs6iI3M6uXlK+/USlate27R+Apwcc1vqJonhrBq3xjL07fHyy/AXgnKr7XFRs1WT06gnrJZMNcmuuSjFY17Gtxrty3M117cJ26r6SSwlgXKcd2M6lS/kzl5Y6FanTOerNdav02bVb3tSuw4axiI9lpqsblY8tPOAuf7jGC9GGrXV+BiZkvpeMkubqZnEembrvtfo/RHRy8WP4c1KL29ngwOJy40w2AL3CytyVeib0MXrK6bk8rHOshXyHnVLsKknNqfptQWvzLHtbc5ZUU5d5vU1OTUmsvX5MmUk+Xl7rVbZuSwW+Dx1dPL6IjkcX05Pblrxx/mafAqVdee509fXa497wtOW1YQtzBnMXk9TyjyTkWmTkBuQlZgTkFyAuR5HZk+nXPWGj+BnuYyu7DyZrcZ3ulU63l5w/EyD1nJqXJr1efgeXuqlTNwlpg83brj0de2m8bkOiWVqaVU5chp2S0XYxU8Fiq95UU9q8TnZK6SvQXycY6fgUrZKWviWJNW0LY28d2UbU8ZRmcN2bNU7oiYodLXqMqgkacyox1NngVysXlwsd2Ir43qrC69jU49XpR+QrUQ+TXxpOtpZXcymndyHLqDyY+rY5ZLfAlBPHcXEh78sSrN+Vs0rYJorV8Z8mxV/tWshjV8KXC9ut5cvIvKusn0RuP26miPncpy+eEaUYKmKrgsRXZFPlSxFmvrJHOW2qGdteFpko2zSi0upN1u3TOWKVUprJyx21Vl1AaGWRceoHVAN4le6aPT8erbHCPOcSXpyyz03D50ZLRJMxZtPEZHulM8ZxhIwZ5WrPoNkY2x8yT+ep4/3jiejPcsYf8dDfXhi8k1v1aZJ9kHOvKyV+JPa3F9JLBfprdkVFLLNkUlVgF1mjLiWL9oqfGn/FjKvDOlWBsLsqZLswPTIYqqsJVljYdtJphKrJ2D1EhommEbDtg7aTtKEbSNo/aRtARtIcR+0FoBDiA4j2gGisktEYGNAmkDggJghHEHMgDsnZIycUEmOjJuO1dBKhktUxSIEz3JMGKbLezc3nRC4YyTVw+n2+dkYzTS3NpfNGhwuNtnKWU1F7c/HuUvvJJRrWFFNSXzL3D5DnU4+Dz+ZK7+jrvsi5bd4fgVt7byxVss9BDlLxMa+xJOsaEJYD5L31NeBRptzoy7F7lg15jl36ztP0rBnh5bOjX6yUa1rnoN5dSonjx6Fn26eySSXV9Sx8Xt1vW2Uu3i/bS2taKOXIo0KO5zkzd95viqMJrMmeepSeF1bZuMkzk3J/MdxbPTnFrqmdOpZlL46AwhGMk5ePQ1B6yXKhJepYs4WF8Aovet0VozJnz4whKEVrIYve4VxUdr0R5P5HXtZnrm/9O3qsl/u4acU1F5Mrh8iMHK6z6ktsCYe8q1uMYlKFUpSTfcn8fp36fa9p5Pd269s+roV/cWymnp1y/EdOMZapsv8AC4cqYK2xqMJZSX7i/Vx+NbHZUk2du1l/q5zrfLHo5UeNLyLMnoOlyJ2R8q06IP3HhfaS7J47CKeXKuKUY+WL1f8AkJeMZrCTGLUUFE6Ksx+kqdWWJS0FxXckKOM9uDTpt9SDr+OUYrepb4lu2aLSHrCuSZ6HitKGUjDs4suRbGMO/U3+Lxo0RSRNa+uiktkW31KfqquqVr7IZzrtkGYt97lQ4roml+LHVq1Qcm3l9+pymgGTXDdJI05HqGYbxeSxya4whiLfyKOWho0+BynXNLs2ei3pNNpPXueOrlhp/E9I5OcYRXVmpeHXpy3r4K2vC6NGFZL0o7fA253wqpUVJbkunc83ypnXp+Xk7+cEpZDRX4/mWWWDo5VJGTiGyjmxUpY6hSYO+PSXQlUEsx1XQhWDFBf/AI5JrwKdmYyeOiOduOkmtGm9LQqe61KyHqR6oVGzuHy+Rspw+5ntZiyXWIOohl5FRi5PCLtNWNDhXZe4t22Th+3Gp1slhoRKPpley1tjFnYM2sh1WorS1IWhU1rVchwkmjZjyY3V5X1Hl42ZRYp5Lg8pizSWw+Sak8jeNCW/Qh8iNq16ibOTZxmpRWYvuZsalbz6al/hUemsvq+ph+282zlzw4rC7nptK4ZZuTOana7xATfcx+ddjQtXcxvSJic256sna7wvXrnNIrfqWYNqFKUUjK9urz5mbSeTUnDNvKrPiqXYU/b4+BopEj6xPtWdH25ZzJvHgi5CmMVhLCHYIaLJEva0DucNM6Gfz4K2DS6lm3LegX2dl2NMfMlm+FjztVT3pd86I9NxOM6INyXnlrL4fAbxOBXxFn6p/wAn/oNka69cS9tV5IRNFmUcipVmqkUbFkTKJelUvEVKo52OkqjKAqUS7KGCvPCOdjcpLRGCJTQPqmFMwdgS7SHaU054Iyiu5sFyGJp7mhbmLbBbKmicgGyGwWyolsFkZOyEcQzjigcEYCICBwSjjgGJja5FdMdXLxCjlPd06gJoKUddAdmupAxY3JvojT4cdtWezbZlx1aSN1U7YqOei7Ga9n8Xr/de1+FaUU3plAuHix7RHT4mcfVVJz9Nrb17lzj3qSyjL5e+E9VhMXRa4S0enc1J8vlz33r7O07/ALfw2eRxlyFr1XQpyzTiCXmRap5Cki3VVCycZy/bqR193qneffr5/wCWTz/b7Ull641RY9t9llbD1pSUY9IuX6jeffq1LuVOROfowe54y8LwOnXbw+d3zqdb7RulhWxI/sVcFvnfH8v9ytxOPGyLlLV5Fe4VRqgtviN5+qfGl3uO5qLyuzKlgFbbYdnQrJvBzv0PU0QprqjG5+eX8e2Ty3D0loW6ORKaUnLVPuS78LM+Wr7lYpWelXpCuOEI4FrhYnF69BfIrk4b09X+pnVyspnnv2Oclxu1s+4St5VzhF518z+RnRlL+n1WS/wMzlsl0f1fIG2Md0rEsLsXrGL+WAMhHJDraG1wcU8mwqT7E50Ak8yDksFAMOp4kAgq1qB6n23DTkXrLlFYMrhTls2RC2yjPda/KjDpKnmRdkfmZHMca2qYapPc38Szzuc7PLWZby5a9Sxm1BxLINsObYLJIeoDKllxXiz0kXscV4IwOKs2wXxNtW+ra2ui8pL4denhav08/ijI5EsmlybMRSM6EHdYononHV5O3PancNYWpYaLVnCVUE08sqyk4adTfW7GO0yhbI6hKcZfBgyjt1RpkHR4IlHGq6DE4WaZwyVW46S1XjkiohHvHqV+U9kUvHWT7t/9DTqhWo/UmzL5EMxlZLxxE8vtvMd/WzbORKD0SK1lsrXmTyHdqyY141MuhvGisY7ltLGpUSa1Qc7/AC4XUDrp5YhsFzByESwSdxAErKC+IGSc+ADFNrVFii/rGWsX1KsZJB9PkUel9qsqqg1HCa6luXMV3lTPKRscNUM9eS1T0FmrLjftlhYRi8ue54LVXLd1fm+pFJrfYkc5OXS3hqe31t6mrGoTwobYovY0O7gqzbWgEZSLkaHY9PzLMOLCHXV/EIo1wnZ9C08S3Hh/yf5FlNLoQ5FC41Qh9KOkyJ2Y0QpyKJkIlIi6zGglsoZkRZalodKWEUbJ6ktWQ6VwidzFTswVbLDna3IZZc2V22+omVuoDtZzrRkgGxbk2A2wprkRvFYZKiwg95G4jaRtA5yIbC2nbQAycHsJ2DTC8HYGbCdg0wrBA7YRtGmFEYG7SMDTC9pyiGQVBRikMTSFEpkU1WP8fiLk/EmWBn21jhvUcxILHt9atszjSOrNa6zGhhUWSqbcXjJZhbyJvoseMtA9no9vTpM7auZyEosoX32VLcnCS6eUXD3CxrCSbGV6r/K9a1JK7MJlSziOp6JuPiWeF7pDjzbtSlJ6fI9PVbTyY/8AE0pf46ovXrXg9/t6+yzjP1eSojKclGlZNmVboim3l41NB1chppKtPpn/AAirb7dKb/5LYxXgPrU9fu/1z8z8KPIrje1FrM39KRR5UJwiozW3Deh6Hi1cSqzKm52Y6mR7xOMp4hnam1l+Pc6dJlcvb3nst7ZhPA/pv5ifc1/xr5j/AG9ZrfzF+6L/AI18zl/mn+LGr6jLBdf1DLOh0czeDHdPC7mrCqrgrCW6a7yMvgPbamXeVbmWWZrcBbfKx5bAjNp66gtjeNS+RZGuPVsiLlTdfmfWa/QdYsRw9ZPXHw+I2yMYJz/bHRfHwKkLNJT+qT6GvHCBjxFJjuZwtkU13RYothku8yKnXFrVHN2eRnRsYqb1NDm+UzpG450MBla1FwYxvDKje4nJ9JbfEVyK7eQ/M8RJ4TUkpeCLjg7HnojDTOnRGuLfaK/Uyk9W33Nn3KSilXH8fmY99coSbxozUShydkWpE7isjJA3HOQFvipqTlHqlp8zS40HRJ1y6p4KftqzNvqavuEUrFdHpNfqLONdepXLegrg62kTm5xaYftjSsOsu9XCzOzd5CzBIz5WJPDwaHMltimZcpQl1Onr8OPs8ulVGeucC9kodMNHJ4fkl+AXrY+uOfkdHMt1wn/4smNbWkmmhm6mfwJW2PR5Ip9XGqxv8DG5dnma7LsbfHsU009GZXJS3yilmTZ5fb5j0dPDK6vI+MQb4bZYJjPatTMdEN7HgVNahSZDKhLiDtY47BAnaTtG7TkgFbQowG7Rsa21kuBKrC24XwHpaExRcTVRPbo+gSeNOzCvr26iU9MEVY49uyWH0Zc4te61t9DOi8v4mv7ZHOU+o+V3jG5Roh6e57UVVPaizwYuadr7/T8jbDQj5YpIhsGDzknBpEN5BnLCwE2lqVJ3bnoAXXUhvQVuZE8qDYCrpLILYHp5Qca+4UmcuupSsjqXPTy2D6evQlqxSlU2Llx20aPpkOszWmRLinLio1JVEKtGK0zpcdYEy47Nh1i5VmasjJ9AlUl91guBGsUXWQqi5sO2EMVlUT6RZ2nbSGK3pkOssNAtBcV9h20ZgFk0wtoFoYwGVANAtBsFlQDICZGDTKME4OaZ3wQE/MdTfZS98GC6pbVLOfgc015n+CCadLlTknJRWfEq23TnpNt/A2/Z+PC+NsJpOTj5WZFlWMg0iyam8pYXgjoCw63qjSH18ZO1Z6Y3Mv5bk1F7IrrLudU1BNyWW0IirbpqMcJdl/qy9Ll5S8+FiCvs+lzmhtPB5Fs/P5Y+MmK51/I479N2vGP26FCN05PDk9fiTtlvEyE4nNeup4VcaZelLbj6rJeB57nSrwo1S3xT+rGDV9q2XVzqb8qXT4+JS9wqrjTGUMbm9dvT/uan7oXxS/bv6b+YHuv9L8Q/bvofzB91/pficr+9v/Fh1/UMn0F1/UMn0Ojmdwf6iyXb6o22JR0RS4Kzal4npVw6Oql5sGbL8Nyxj2cdRwk9WaftvGVMJX935Y/6hx41E+r1XxKl3uT4tnoxWYRRmSzyts+A8y7KjWui1ZFO2MW03leHiXIc6me1OpSlItcmNUIbFFR8cC3lZ1eXjyJruaNPuj2enP8ABmRklM65HPa0uXGNyTRnzqkl44Cha4j4WJvXQfU1mobhzaS6mzxuJXZLEksSFW+12US3V+ZL8zNWC4OYRaf5E2cmyAuPJafmWG3qafH4tjcpWYlHsMmG3f0efnym7FKRas58Zxxj9APda4wtW1YWCghDTpzi09NSttYwlIBWGRqNaICNX2ySjHK69zT5teOOpLopf5mJ7dPE9r6M9JyoKPA831PDL8Om8RkVrcsCKbXTZks8SSjFzl26FO7KlovzHWyTljvLbw9FZyHZWmln4FZ1uf1w0MqXLtUNqk0vhoV3Ob1bf5nbr2yOPbptbn29a7JE+mo9Dz7m/F/mT6ti+mTNfdj/AF/q3ZVRl1QH26XRGMuVcv3BfeW93kfeL9L+W3XW8gRrTtlKXRLGDOq9yuWiwbHBh6i3S1bOHs/u8OnSZ5YXM/q6aC5LKNf3CmuM28ambbXjVdDMbU840JTJmheSgu4S1AyNgsgQFtOwSmBCDjNweUC1gkqLDSktyFrrgCLx0DfiVDpQ9SOH1RmWRcHg1oYlHHcp8qHd/iSrFVM3PbXmWPEwksM1ODPbKLJFehnXnyLuakYquCiuyKdC3yT/ABLkjbKYvBLYGdQZTw8GkBybNkcd2IhHCyyLZepZjshr0ChOv0ikFHVgXvMkiAIw0JlFKIxICwikRWpE1hhpYIn0yRovB2Dt2oXcy0XKIDQcpagSZmrEMCRDngVK0zW46SFyIlaKcyKMjKF7jsmQe4FzByC2NBOQDZDYLZBLYDZDZAEMhksE0yhnKOTsDIT29ComPGk3osjf7fe+kGTDkzj0eAvurH+5/mAL9r5H8HqQ/a74Sw4MlTb/AO4XqS65eSoGz2zkVreovAr7C9JZjJItKTehKslHRNr8Sob7K3xbt1icY4xJspcqVUbJ7XuzJ7Ui1HlTXV5Hq92xWYp/gVnHnvQsk9Iss8PjyhYpWQbXh0NaVEJ9sfIrS9vsb8k3r4hV+69WQwoRT/yM2mqUblKUopfPsHZw/TxCWW+7X+RZ4/DrlBvb01yScJaT7gqr5LE1osFZU8eOm/8AHBoOjjqaSWiefnkfLi75YSxueiNYyya28SVW5Q6bv8eI/kTh9vBR7PVLp+fiWPc3ukuNVpGC3SwUuNU7ePKMXjDX4ied/C/GI4fLhWnverYHuHKruhtg9ck2cKuvRp7sZwBVxK39W4ZLfsu2TGdXFZ1Dl0HXUqubSWNRM+gZN4f9RGuuPYk3teWZPA/qx+Z7WPQXrK1O2MCriXSsTw0kU+Xx5zvaf1aLB65IyL+FdO6U4JavRssknCbbdJ9uodad1ixt+nJU5vMlNuMNWbl9KcErLEklrgq02cXiJqGspfu7mM5dNyPMEkHHRzTkOLFhFRocfkOvoatPOhZpPRnnoyGRmTyeG9fwoXSU+mS1TyEntloZFPNcI4fQZHkKyTwZsbl0z3rh+vH1odYr80eZyew49udH0Z5r3Di/bXSh+3rH5ELFVMnIByZWR5IIOAv+11Oy5Y7LLNTnV22LzSwl2E//AD6SlZJ+C/zLHPcpSUY/iZtdJ4F7bSsZa1Ld3Djbq9H8sjOEkolrQaPHc1enY4+BUcsmx73VtsUkuqMZo6S8Od8pyTnwAa8AW8DQ1yOyLychofCeOi1PWe1V4pUn31PJ1LLSPbcfEYQj8CUZXuEHZPXoYs7nuaN/3JbW2eZt0mzMX4TIRLRjtwEtTSAQyLxqLDRA9PKydjIvpqhiZRGckkHAdk7cCwMjRdpnoL5MsfI6roDyVoQVmi3Q8JfApJlunoB7D22W6G4uSZX4NXo0Ri+uMsbJnVlzkRJ5WRbYKs12+JQFKy2xwqHkQyOZAMrXcrt7ptlqXljhdSrBakIYLmHkVbLGpFBKWAW8xBciM50I0Upah5ER6jIvLI05gMZKILiSrFeTETLbrFyqOdbik8g4ZbdYLgYaVtTsDXEjBAGCGg2gWgFsFjGgWghbR2A8EADgFoJsByKiCQMnGmR5JyCkTtKgtyGERrx1HRhpp+hR0Y50Qe3d8PAOMWiUghUIZzhDowyviFh9kSoeGg0xEWxmXjK6kpPHQhw13foVBQtktX0GKcEsCcrutUDJ5fxKIhxZSsU8rQ1IVzgnN6zekV4LxMtycMeJEr7OzbKyHk8XkXSdcItQbzOfeX+xFVV9DcKY47Z/x3LC5Vn07ugpX2R1bz8CKOXt98lmS16ttiYe18hyz0XzOny7m8OT6h/eSSw2yy4Xlnc6v07ZRXYoz6FzlS3SbKU+hGTuB/Wj8z1U/ca4aJNs8pwXi1M1s4k2+oWLlvuk39KwVnzrZr6tCpZNLyr8WdGWfpQUyc8rLeovzT8yJnJZz4Awbxkgzzjsk41NIlI7JLIQBZOUsAMHIDXNvQs02Y17oopjqp4kijbqnhp9mD73V6tMbl1i8P5MXx3mtfB4LePWosrfeLx+Bz+cdc2a8qcjmaFXFT4c739SksfI05qJJwSQHpP/AJ+rFU5v9zS/Iu2UZlldWH7Ttp40E1q1uf4l53QzojnfLpOCKapKPQaq5Evk+CI9Z9CGsX36p7FLwZ59RbPS+8xcqvFo84vidunhy7eUqC7iroJLI9M62mVkW10SyzVZiggkCgkYaWONHdOK+KPcRhhL4I8f7ZU7L4pdtT0dlMuqk/zFqyK/uTcmed5KxI2eVJppPLyZPLjiRIt8EJgNEpnNFZCHBixkADehykTjKwKflYDcnZAiMSAFi2MkAA+iXYLkaorxeBtuXHIFbuaHt1fq2xh4soI3v/nqd1rn2iizyPT9BUmMYmbOjIJSEKWZIKbxqIm8PKKLcVl4LUUoLLKsblEC26U9CCw7d+cdgK1oDUsQZNa0AJoTesj8C5oVYqNA9BuCNphsjZqNrgc0MhgipcdAHEbJiZzQpEOIuSOdgqdhitxEsITKSQM7GV5Ns5tGOSBcgNrJUWFTkFk7TsEAg4DaBZEAwWGwGUAwGG2AzUZrlEZGAKYe4IOMEhi2LqJWWEqmxoa7IdCVdBdmAq4rqwoqKGh8b4PqmOhdW3l5Ku7BzmXTGjD05dGMfGT1T1Md2NdCYciyH0suo0pVt5TyBKWFj9RVfuDX9QtxdV2sXqajKopLPxJxpiOj7jZUyjqhLcl8yoDXAM5yig3JfNipTj4gDFY1XQbueiQCkp4/QY8JYX4gJlJxehKWVjuDLDkw0m3uTAo8lYeCnPoXeV9TKc+gZFxP6iNNuLbyZfF/qI2VXHOWFLksMnyrRBOKT+ZyjriH4sKBwj0kFGuP4DVxsPOclqFCXUuI8s2MhLJLgdGGE/mMBqDBY7csCpx1ZULkwSGmnhksiuJhLzAkIDa4Mt0ZL8TQ4v148dDH9sn/AMm3xTRr06TRzvl16+HmLYbJyj4No16Jr+22R+K/zKfutXpcmfg3u/MVVyMVSqfSX+ZpjwSMgsvAstcOG+2MfFoVHsq1shGPgkgtw51JkeijlrrhPzCWgz0yNg0Ufc5OPHljwPKN4+R7LmVp0z07M8Y+p29dcu7lNt6aG3VWq/brZ/ukupj1rXLN51te2zfii9/CdfLygcQMZGxh3yQbfsVWbHPwR6LQzPaKPSpy+stS/hrqYt5dJOCeXVCcWsa4PL3xmtLFhnq7VoYPucO5etSshxxqiBqQMoeBtgphRAloFHUgZuxoRLXUlrKIwBEWNTF7SUwJkAwmAwqRkLMaS6PqJY6umdsZOCztWWAM4bXp0PU+w17OO595P/I8nGXbse49vq9Lj1w+GfzN9Uq0xE2OkImzbJM2V5+KHTYiXQim1zWEMZSpnh7WXZ6tAPh9DIr1CWkCIeVBBgTegS1F2BYS2LlPAbiDsRloiU8h1yYTrSCjhBXSy0V5JstPoIZKsL2Aygh6QE0YrSrJIWx8ogOByrZLBHOALjgilgthtC2QQ2A2S2LbKjmwGzmwGWMobIJIyaQUUNiLUkEpEDVLB24WtQopkB5CTO2vASXbBQLz2O25GbGE4SwVCNvc5Qx2LCrcuwbokloUVJwwtBO6almLLkq5FeUc6LxKyt0e5OPls6FxKF3mhr8DFnW31AjZOl+RmtTGzKjvJfkVpUJdETx/dk/Lai/CdV607lRnKLxqglFvKNFURUdot0ZYxNZ1qjucY/AKMPjlFmfG3Sz2JjXjRdBi6yeWsSwUbOho85bZsz7OhEdxf6iN5V7ktDB4v9RHqIJYy9CqrKhjVUksYOt5lNPV5fZIzuR7pKWlei/UaNCzkV0rzduxn3c6Vz2x0RUhFzfmLEVHr3M6uK+MhbSYoJ5OjBW1hKHiTqEgK/Lr2uMl3QhmpKj168d0ZjTjo+pmtQBARBBZ4U9lsX8T0D8ssnmqXiSZ6STysmOzp0+VX3yjfGF6/wDWX+hncbhqymy2T+heVI9Aork0yqfdaFHgcfHB5En9X0/kW3hLOWLGJpe21f8APDPiUoo1PbVuugl/JGrOGZ5euSJwdk7J53VGCMEtkNhVP3F7ePY/geMlE9j7pPbxp/LB5Fno9XiuPsRCJ6blQf8AbWl2R52KPS2L/wDz3n+I9nwdHiu46mvMlr3EyHU6MqPdcalRrSQz0UwOJPfTCXTKRYyefXZXtoytDD90okoN9T0c+hmc6G+DXwEuUs4eUREjmsANnocQSBiTKQJA9Mlx7oUmMjLIHJktJgsjcBLAZLZAVOAqrZUyU4PDQJDAt1UevdGUekn5l4M9sljTw0PL/wDz9O+1zfRI9QjpPDNRJiJsY2IsZpCZsUw5MAiqs0/Ujg02tUZ8H/zL5MvZyxCrePKkB8BnSKBhHXIQ1LCK9hafQrzQWEMEY0dtMtFNHJDcEpIKW1oL2Fh4B6GasAoAyiNyLlIlikTikLeCbp4KrtOVdIbKSESkLnaIlaZU6UhUpipWC3MuJpjkA5C3IHcXGdMciGwMnFxnUtg5JOUclBRQ1RJhWyxGpmdXC4wGKI+FKHRqSGrit6Y2NbfRD1hMcp46AJjRKXUb9thasNWPug92SoBVqKSOn8As6dDpFQiVLayVZVRysaF2eZIqzjjVvUqESrj0K84x3PCLTaiis228orJC4+/PZIiO+t+VstRedCZRSeAgq+XdH4j48ybeAVXlaCUnKWhoXfvHnGCZXJrp0KaTjLLQ9y8rGooc6W6eTPn0L/MXm/Az5kHcb60aFkbZ5zIocf60bjSx45Cs1cVvVsbXxEmslqGcPQVveQqY8dbW11YcaNoSs8g2MlH6nqBlKSD3CcEao1rOH5IyJ3M7cxpjS4c9WmUfc6vTuaXR+b8xvEk9xHuj3Si/hgl8rPDNzocQEQdHRnpKZb6ov4Hm0bfBt3VY8GZ7eG+nlZqt2SNPjURsrt29LF+uDFnPzFz27lSpk4y+lmfhv5VeH7R6sFObaz2RZ4XFfH5ih1STka9NlX0prPgIdUnzfU/bGDj+LNW8MScr+47cAwWzi6GORG4Xk7JFVfdteNI8qeo9z/8A5p/I8sz0+rw4ezybXqemScuDtf8ABnmKj0kZf/oN/wDgx7fEPW8dLqFW8MCTCr6lR7nhNqiGf4otZK3GW2qC/wDFDjzXy7mN6alTkKLTHyloUOTJ4YHl7/LOSXiIkPv+p/MQz0OBTOSObCjqAIyLwc4gIBmcgnEAScQcFcEkCNrW9pLuEem9jp9Ojd3ka66Fbi1+lVGJafQ7MkSEWD5CJgJeoOAmjmskUiut+pn4F6uDzqCq8SZZr1EXsOXZBQiEoqTGKKQZAxFhakU7Mt6AgMkNnYfgC1IjTmzsguMjtshi6JsBs5x8WQ8LuMNQ5C5MYlkiUSYao8joUHI0r46GZJamLG5S5sTJssOIqccGMXSMkBOJCQRGCcB7ScE0wCROAsEoauBUcj66vE6CQ6JnVwcYpDYi0xsWgpiyT82CppE+o2BOMjI4EbmznJrQqLG7AxTKPq4I9fOpcTV9zXcCXKS6IpetnQW7ZZ1LjOrsuTuZWlYpP4FeVjzoLcn2NYmrDko9BWM9AVY32CTSKylJLoQ9CW8/Ilzz2AbW3jXuOgkmsioOCGb1+HYoKyO55BcdsWS5eGhE3mLAo8xa5M6Zo8rH6GfYEdx/rRtNNrQxKHiaN52JhSU21hg4kuoyUkviA7ckAZeB0emGJc9cLqyVJw0AobidwjcTuAdlEaMVvJUwLvG+oX7hPMkdxrMSQnlPdYBWQRCRIHGr7asxl4GWkantL3Tdf8uhL4ank2cGmOrlgNrXD6oW44OeuuLPItcIxsj16N+BqVcmNsIzj3WpkVNWxlU+6D9rlZlwmvEtmseK11PJDkDggxjQ92CNzAyvE5TRcNK5qc6Jx8UeUfU9dKxSTS1PJW+WyS8Gzt6+HLuZW9TclNr22b+GDz0JYZtx8/Ams9ma78xnpxXmw6vrjnxQEtEl3JrTckl4kV7xWRS+CI9fwK8emvUlYXRnHHXTXe32KfIt7DZtY1ZT5McLd3ZZE1i3vzMrSHcifm1K7Z0cwMKJByeAGqWRb6nJnZyBPyOZyOAjJKZxwHPxRc9uhvvgviVEaXste7kx+GpevketS8An0ATwwpPB1YKYmxYGWMrynkKHqL5FnppLuxsUV+TXuujnolkg0aFmKb7ofFbQKXuWnTA2cNNBB0GNTZXjoWFqAE23oirY8Fm19kVnHGrAXLIDyFJ6nJZCgeQNRrQBFA0dGGQ8BxWAOUcIhrAzPijnhlRSujlGZbDDNmyJQvgYrcUtugqcS1gRPVnOtFKvMci9uC7BeVorTWDNUKRzRyZMjKgZBLBKCUsBqxoWhkcAHGbGqQMR0dS4OUmTl+AyMWGoDE1X88uiB22PsXFD4BqOeiNSM2qDpsfYj7ex9DRUZPRrQb6baNfVn7Mn7az8SXxLX1NV1NvONSVXLpg19YzrLXt833JXAl0yakaWugfovquoyJtZD4E/En+3z8TZVUu+AlCXwLkTaxVwprRs58GWNXqbforrpkKNEf3DIbWD9lOPVh/ayXc2Xxk+5zoXihkNrF+2k++hz49j0XRmx9vHxOVEV3GQ2vN8utweH4GdYbPuqUbcLXQx5mVDT9SN9US2rCMGleZHsaoR2JN64LIWsr7WbIfCk31WDX2wS6hqiL6MuRNrF+wktWznwpY6m36Ee7AdMPEZDa8Vg4LJBhsJ2A1FyehLiAMJOLyjpvdmXxISJfQAESc1hnAcXvbZbb4v4lEt8JN2LAV6TnVpSU13KkloDyuZ52l5pdM/9CIT3I52Zy69bpcZenJM7lWypuU4vSSyRageQvVoUu8H+jETs1675WxUkQpSecsrcPk111qM+xbXPo7FZDGTJ6PQl8qqfTCBdkH0aKhi00R5vm0uN8/DOfzPRb49mjI9webG/kjXXipfDMw469jaqbr4E3jVplHjRjPcpdMxX6m1J0el6O7CawXtUjx7eWaPtnEfItX/AI+bHjgz5pJtZNTg7uBOFikpN9YrsiUj0UkssjCXUVDk14zJ6vUP7ql9ZGca10ks5RU5WpZlyaX0kVLrYPpJDDWHyNJYEKLbwh/Mkt+gmuz05bjTKMEtE2yjJ7o9GBuA7oQTnJwHZOOZwHZJIOAJM2/YMetL/wBWYkVnoeg/+fhhzk+qSNdfKVvx1OsIXUmxnRlXsEuIyx5ARGhRWNWU3f6tzx0Wg/nWelRvXUyePb/uEr0PDnuUsdE0i91Rme0+auX/ALGmghcoEw0WBuAWsahSbGVZvUs25fQR6b7gKYSCcEckFC0C/iMwA0Byj4BJHJBIDjnFE4IYCZrwZTuT7ou4yVbkZsalZ8/gJ29yxJZZEl28TGNF9BNscMsOJF6y8k7EUsBYOkiUc2y2gcDWiCAFEOKwckFgKOMh0bGisc5YGouK5+JPrvxKO871DSL3rvxBlc33Ke8hzZplarunjGWNV0vEzlKSDU5FZrQ9eXTJyueepnOUglKZUaHqPxYxW/ubM3NgxOzwKND1W31O9RrGpRXq+BOLfADQVmvUn1X46FBQuD9O1oC56r65CU21qyl6d3TsEqrxguKaXQ6L8Sqqr0T6V4xFL3J5s/Ay5mnzq5Rkt/XBm2IIGp+ZfM9KsbVnwPNVfUj0SpunFNdMaBQ3SxB40wDTbKS6kS4Vslq9DlwLV0GCwrH3Z25Ax4FjWssEr22b/eMHmMEkyWGC2RVngR3WKPjp+aLNdDU8NZSeBXt7226fuUl+hr0Rm7HNLyy/1RLcWR5+UdugD1Dullt/EhIqBazHPgCPUfLL5ZEAcWuBn1YrxZVHceW2aa8QN23hWN6Iirh2x7Gvu3JPd1RGV/Mv1J2xj2R7PqRxsbnB9GW+VXGOsXnPUoPyyyjlmV23Ysv2+c+2gP8AapvsaNNqnBScsB74fzOscazP7VNdDv7VPxNPdD+TO3V/yYw1m/2uxfuMO66WcN9Gz1jdTWNzKE/buHJ5YxNY/B3WT9NP6ma/9ukurDp4nFpluisMtbqfiXDXlruBa5vEdMmrw/bZ7PMsGpih+ISdS8Rhqk/a5NaMhe0T/kjRU6/iEp1+DJi7rIn7ZbHo0ypbxbI9Uejcqno0ypyONCSzBv5MEeUvTi8MOuGdHqX7eKpPzdQY8Vx1Qi2K0uFlZj1K8+POHVGvBNdRktslrqaxjWFhonU1J0RfQS6MExdUcMnay16QyFQw1Qw0SoNl98fJ3oY1RMNVqqpZPX+28Jcetv8AdJLJke30+pZH4PJ6q3EMI6dZwlVl1Iv0wNjHMhfKZaKjWQoLU6PxLFdemSKoe7OPpOPhHJi8WLniKLfNud6eH4xQXt9arjnuZ6/Kdmr7Uttcv/Y04md7esQkl4l2uWNGaQ1HORD0F5ChsEse9RckAsjIUugCAIhxCR2ABwSkcc2kBKQMiHYkLlcFS0Vr8dwbb2UL7W+5mrE2TimBG6Ly34FKbbFZkjm0vO7wEym2itvZ2ZMlWDcmcpEJMJIy07JK1OSDUTKoOCwcFCwWGwWVAMFhMHBYyHdgOFsV9SFsBmkaVMuPN4baL0OFTPo2ecbwOp5dlXRly/CbHpF7bT3l+o1e20/y/UyqPeJLG40a/cYy7ZM8rwtx9rp/kNXtdS6SKv3MX1Qf3Ee2SbVxZ/tdfaR39uiv3IrO5eJPrrGMl2ph/wBkl3QPobfAT6ue5GfEofsSCVaFJjFqAXponYiEk9AtuOg0YHvSxavkYlhve9VSlZFxTax2Ma2mf8X+RZ2n5ZspFS8yPc8eC9OPyPE11TUl5X+R7jjRzVH5IaSC9NMlQQxQJUCNFOCO2IaoHKAHzuS0yLaHdUJbNMLPGscJKa6xZYp9ys4sk0UqHiWPEdfXmOV2JZq7ivN7m34s6DIXXBKXdFRbqhvW0odNC7TPa8i+fT6F8oduq/HUCuP4+tkfmivks8P+rHHiB66PpYWY64C/4v4hfcpftO+6X8TowDNX8f0Mjk17JNpNRfQ2fu//ABK/Ls9etx24M9psb63KqcCxReJ6o0t8P4foZlVWMNdjT+6eiUcmel+Gu8+Xb4fwO3x/gd91N/sI+6s/gdHJO9fwO3r+BH3Nn8Tvubf4gTv/APA7e/4EfcW/xO9e7+IBKx/wC9SX8Bfr3fxJVt/8QGKyf8Cd8/4CvWv8CVbf4EU3fZ/AGVsl1gD6l2ehLndjVBYqchKzXGChNOJevc2sSTRQy09H+Bh1ngqOozHiA2m+mGS3objl2gJrHQUpOTx3HSJ4vHd9mI9iskThKDxJYZMGanO4MoVb2vpMqIQ1DMCUxqeUBe9oilc/lk3eR5o5XVanmeJd6N0Z/wCNT00ZKyOV0ZYpdUtMib9dR9UWlhgciO1For1rJcqe3QqQLVazqRp527j+lypVWZ9PDmsfHQa4xglt1TD98nhucfqUcfqjJ4/MljEuhj5K9L7T9M8+KL0441Rmeyy3Qm/ijXepuM0G7KIep30v4DNuehQlAzGSiBJZRFVpM5NIhoFgM3nOYpMmUgOc2wGwXMVKYDHIXOeBMrCvbbgKK21IpW3+Au20r7smLWoY5tgvUHJOTFrSUgkDkJJsxa0JEpEqI2MDKhSCwMUDmsBopkMNgsIFgMJgtlZCwGS2CzUQLFyYbFSZqMULJRBODSCTGQulDVMUcBp0+5OP1IvQ9zhLXbr8zzwSk0Z+sXa9GufF9I4OfIi/2r8zChe+jLMbNwxda33Sx0QUeUvDBmxl0aGxfiMNaC5PgNjyPgihFeA1Z+YwXo8p+CDXJl4IqJvq/AJJ41Iq1Oe/VipnRbWjIsZ8b3T/ANe39Xu6fshbwXqrsJLHRGe2XKvpPX/G83+jl7vCxG9krkCNjyHsz+B7nmMfIaZP3EhagyNrzoB4RJxeH3AksMdb0g/gDNZWUaYKTw9C7F7l8GUS1RLTAFVrbPAcH1iM5ENdyESe2QD4vUve+pSlXdHpKCT+cdDPzplHoOTxlf7eprVwaf5lHl8lz23W+L7JkR46Zq+0cRTswSVceh9asF8ioh8LPcj7JG2BevWBdyIODx1wc+HnuDPhLa8PXBKs8qFdijJxfct0XKttS7mVJyctFqWL542rvhHKXK9HabGp91Aj7uBFfFjKKb7on7OB2eZH3kDvvIE/ZwZP2cAB+8j4Hfexz0C+zgd9pAgD72PgT96vAP7WB32sAAfNXZHLmrwGfbQO+1rClrmrwJXM+A1casn7avwAryvVqccYyZd9HdG96EOxlW6No1JKze161nJPxyT8x0khUhmH20DLHt83XZlFZs1fZ4RlFuWOoqRZ5HJ9WuUWtGjz86XXLB6x1V46IxfcaVCScehItZ23K0OTaHRQM4d0aQps343ejx689Wsnn2jU508qMV0UUjHa46dJq7R7hh4zkt3TVqTTPIvOdDX4U5KGZPI+7X0aUYYY6UlCOSlLkKMWwbuR6lTinr2LeyfWsrnz3qbn1ei/BlWnh7lmIfI3Wylu0wvKFQ3WsP8AMzEra9jr2wn80a6KHtccUbv5Nsvo6MVEo5IhLGjDAaKGYTFzh3RKYNk8IgzpzwwHMix6iZMKbvyRKQtEtgDKWBE5hTkVbJARKwqXWhTZWs1MWtSFObbJWWFGsbGsxrchSixigOUBkYGWiY1Do1DFEbGBlQRrQxQQyMA9hGicC5IsuIqUQKzQDiPaAaKhTQDQ1oXIrNLYthyYmUjTNDJiiW8nGmHEnElHHHHAcQSQBw2u3AkgDSrsyPrs7GTCxotwtbIrUjPskOhLOE+hnwtbHKb8MkVeWOiLEcdc/IoRlhf6D6rmksxRFV/cuXZxnHZjVPJQfvFz8BnvEsuD+BktmL6unbm9Zp9+04laH93tfZHo+FZ6lMZPq0eKXU9dwMvjw8MGp069f2zD7Xt5rRz3OTeMiFuxrqHrjGpRYS6a6kvC6CFuXQNJ+IHgZS3JfAFSa6HZINMJ6jK5OLAWhClgC27fgmV7JbuqSI9TQ7e2sMDkvKem9um5cedMujgecgux67h0wVDmtHjJfg+Xno6aGn7XZsk2vAzprE2aXs8FOyUX0wYnl0vhpvmMXLmy7Isviw8AXxa+6OjkrLnSI+8bLP21fgSuLX4AY8sRn6j7alGVznbufyRqe51qt5XTsil7dw5cmzd2Ry+Xe3hprkzikl0SO+6m1kv/AG3wR32/wOjgzny5k/dTL/268Dlx/gBn/c2PuS+RNdzR+1+CC+2fgOFZn3M/xO9axs1Fxn4E/bPwGwZfrTeiOdlme5qrisn7RjYMj1LX4hKVvxNf7Un7YbDGQp2LxE3rXPib646MjnQ2zlHwZvpeXPvOGbITMdNiGbrEImzX4FM415S6mPYep4DUePDOjwYrpCPTt+JR5kJx+rJ6DfHxKnNUZwZJVrBi8ky0Bws4O3OPxRtzCy64erU5rsUm4voaPBktri9UzPacN9LlZvp6lqdnpVZAuj6cmip7hdtpS8Wji9W8GWcqXppvo31Dq5O5JLvoY0+W5x29F2LPtlmZ69EXGJ2243bOPuW2OhRdFkJbeuWWONy/Ut8Umi9CG6yMWurNRnt5aUI+lCMOyQ1M5rLIWmh1chkM44IDOBNzHtFW+W0KoWvUTkZPVi8ZIookyZK0QucioTYVJliwryJVKkJa1HSFpanKukdGIxROihsYmGkRgNUAowHRrI0CMRsYDY1Do1EUmMAthYUCdoxVSUBUo4LkkV5xyBTkgGi04AuOCoqSixEolyx4Ks2Vmq8o4ETY2yRWbyzUYrkcciSsuOOOA4kg4DjjskAcQcQBDY6m3GglkNdwNmlt9i9VF+H6HmoJvuWIwn2kyY1r0nmX1dPihykms4z8keerjan9cnhluFvIS0smTF1Pvmih8mYmTW5TsthF3bp48ZdDPfFb6GoxSY9T2Htkl9tDx1PLx4kupvcG66FShGuMlHxeovhY2IPGNRsZLJlf3CUXmdMl8hv9yrSblXJY/EzjWtLcsYeCcxRnQ9yo/enH4YHR53GbypA14MLASwTpk0wXhkbGWo4J8oqwiFDkvL27HOmSLNf1rZ1Lr2YX8siFUaaZ2LyrODW4vNlGDpfdYLftn2+17fqMrl/13s8RfC9fKJw1NH2rMG5Ip2fUavtW3bLPwMzy328LXryZCnPuPXpZGw9PJrlz4Vot9WNhGWS0vTzrgbHYZ5Xhl8vg/cpRfYscXhqlbIl9bQltI18EKruH6bXQfoFoVlW9FtBegWNDtAEKoj0iyRoAn00+5O1IZ5QPKB2zJKgkRp2DWQF7MrUlQD1CAVswYfucUrW/HB6BmH7x/UWPDU308sd/DEuwmVpNFi/JWe471whTWWenr4841xTXRI81D61k95Xt9OPhhHLs7dWX6UvAXdS3F5Nl+lkr8vZt8v6GY1XkbFiTTFsscvHqMrHZwAksmpwa865M3Q1fbsEqzyZzeE5R3R6nmvc4yjtjLQ9vPbtPK/8A0O3dDBx416OcYe0bTb6KlJdcYQLFz6MqTzw2valtUddZ6v5HouHrOPzML2z0tkN31bXj/HibfFzlY650LGa0pPU7J0upx0ZEmcwTtQgZZWqKnJW4uMqX9Aqg6m+hKra6jYBMCvLRFeyWhblkrzApzkJbH24+Al7TNahctQoVhR2j4YOddIGNQ+FRMR0DLUTGpIdGB0cDYmWnRiGokoICMENBEMBUhEkOkJkAqQmbwNmVrMgIskVbJDrMlWeTTFIskKClnJBpzcSQSUcccQQccccBBxxwHEEkAQQScBEXhl2rBRZc4+QLsNWXIV46+BWhtx/mWa9pGlpUQlHbnGUZso7JNPqng1a8Y06Y7FLlf1PjhZESkY8CxxbHXNPOnRlaOR0c/D/c1Uje9OedPmcoyn5WtBlPqejHf+nX/uHLdjy+GmevxOToRshW9I5wMjGt+XavHoCvV7YwNXfp0A//2Q==",
              "visible": true
            }
             ],
             "filter":{
                "op":"eq",
                "param":"key.type",
                "value":"RSA"
             },
             "format":"pkcs7",
             "nonce": "AABBCCDDEEFFAABBCCDDEEFFAABBCCDD",
             "mechanism":"CKM_SHA256_RSA_PKCS",
             "tbs":[
                {
                   "content_encoding":"base64",
                   "content_type":"text/plain",
                   "data":"TG9naW4gcmVxdWVzdCBmb3IgdXNlciBKb2huIERvZSB0byBOZXh1c3ZpbGxlIEJhbmsgTHRkICBmcm9tIExpbGplaG9sbWVuLCBTRSBbMTkyLjAuMC4xXSBAIEZyaSAyM3JkIEp1bmUgMjM6MDA=",
                   "key":"challenge",
                   "visible":true
                }
             
             ]
          }
       }
    }
    Example: Authentication response
    Response 200 OK
    {
        "commandId": "726",
        "destinations": [
            {
                "to": "@tmp",
                "bid": "56480f29-9c16-4178-b770-730037db82e2",
                "uri": "com.nexusgroup.plugout:///?url=https%3a%2f%2fnexus-cod1.test.nexusgroup.com%3A20400%2fhermod%2Frest%2Fms%2F56480f29-9c16-4178-b770-730037db82e2&token=759da21e-7977-45bf-b60d-a3c2388fc8a7",
                "mid": "56d34669-a594-4557-bb37-4b727806a0e2",
                "location": "https://nexus-cod1.test.nexusgroup.com:20400/hermod/rest/ms/56480f29-9c16-4178-b770-730037db82e2/56d34669-a594-4557-bb37-4b727806a0e2"
            }
        ],
        "commandType": "AUTH",
        "state": "IN_PROGRESS",
        "fqdn": "nexus-cod1.test.nexusgroup.com"
    }
 Start Personal Desktop

The URI from the response is added as a link on the login page and can be invoked either on loading the page or when user clicks the link.

Please note that user needs to verify that the server domain is the same as he is trying to log in to.

  1. Add the URI from the response as a link on the login page. Execute the link either on loading the page or when user clicks the link.

    Example URI
    com.nexusgroup.plugout:///?url=https%3a%2f%2fnexus-cod1.test.nexusgroup.com%3A20400%2fhermod%2Frest%2Fms%2F56480f29-9c16-4178-b770-730037db82e2&token=759da21e-7977-45bf-b60d-a3c2388fc8a7 


    The protocol handler for personal desktop will open the plugout dialog. 
    Start Personal Desktop

    The user needs to verify that the correct URL is used and then confirm the login by select a certificate that is inserted and enter the PIN.

 Validate authentication response

When the user has provided the smart card and entered the PIN then personal will sign the authentication request and send the response to Hermod which sends the response to the Application Server in a callback.

  1. Validate the response and check the following:

    1. That the signature is valid.
    2. That the certificate corresponds to the user.
    3. That the certificate is trusted and not revoked.
    4. That FQDN included in the signature matches the domain name for the Hermod server. 
    Example: Authentication response callback
    POST https://my-registered-callbackserver/rest/callback/authenticate
    {
      "responseHeader" : {
        "inReplyTo" : "https://nexus-cod1.test.nexusgroup.com:20400/hermod/rest/ms/62806293-ee37-45e4-b618-3b4db82bdfb5/81627ebb-0ac8-4292-9b0b-961c4e71cfaa",
        "status" : 200
      },
      "authResponse" : {
        "code" : 0,
        "result" : {
          "signature" : "MIIIlgYJKoZIhvcNAQcCoIIIhzCCCIMCAQExDzANBglghkgBZQMEAgEFADB9BgkqhkiG9w0BBwGgcARuTG9naW4gcmVxdWVzdCBmb3IgdXNlciBKb2huIERvZSB0byBOZXh1c3ZpbGxlIEJhbmsgTHRkICBmcm9tIExpbGplaG9sbWVuLCBTRSBbMTkyLjAuMC4xXSBAIEZyaSAyM3JkIEp1bmUgMjM6MDCgggXwMIIF7DCCA9SgAwIBAgICQhYwDQYJKoZIhvcNAQELBQAwPDELMAkGA1UEBhMCU0UxFDASBgNVBAoTC05leHVzIEdyb3VwMRcwFQYDVQQDEw5OZXh1cyBHcm91cCBDQTAeFw0xNzA1MjkxMDM0NDZaFw0yMDA1MjkxMDM0NDZaMF0xFDASBgNVBAoTC05leHVzIEdyb3VwMRcwFQYDVQQDEw5BbmRlcnMgV2FsbGJvbTEsMCoGCSqGSIb3DQEJARYdYW5kZXJzLndhbGxib21AbmV4dXNncm91cC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCa76uk2UYAlrbv7YP0soS8gAvgrnE4mcpQTKafwE5BwHMnUfousQQoUuDPrUhfNUoq6Byu5yfmt2gJCYSCZ3/QlVtfh4qa018245JyKi2lkz68UW/c4N77zL3NDhxEzvXl77aAILdyNsKKUfnB5sCRoEpmkEt1bhPiHCJZquTgmbJLHzX8E88rgjlR9799ghtPNr7HrMGXgClxZsYW9RYIPlWLJar2tfigBlHXMx9XN2egaiKoFCmZHSEE4iH7w5LjNI+lFgS47tQAsTXQ4cAQ0q1hG/5dEs2iTVdbjBSDWPDl8Gf5E5dUjkFWchilf+RIgiOrLUBl0ZxM2vrVXnVVAgMBAAGjggHVMIIB0TApBgNVHSUEIjAgBgorBgEEAYI3FAICBggrBgEFBQcDAgYIKwYBBQUHAwcwEQYDVR0OBAoECEGayCENVci9MDsGA1UdEQQ0MDKgMAYKKwYBBAGCNxQCA6AiDCBhbmRlcnMud2FsbGJvbUBhZC5uZXh1c2dyb3VwLmNvbTATBgNVHSMEDDAKgAhIXcHbqd/vYDBHBggrBgEFBQcBAQQ7MDkwNwYIKwYBBQUHMAGGK2h0dHA6Ly9vY3NwLmhzcy5uZXh1c2dyb3VwLmNvbS9OZXh1c0dyb3VwQ0EwDgYDVR0PAQH/BAQDAgWgMIHlBgNVHR8Egd0wgdowgdeggdSggdGGgY1sZGFwOi8vb2NzcC5oc3MubmV4dXNncm91cC5jb206Mzg5L0NOPU5leHVzJTIwR3JvdXAlMjBDQSxPPU5leHVzJTIwR3JvdXAsQz1TRT9jZXJ0aWZpY2F0ZVJldm9jYXRpb25MaXN0P2Jhc2U/b2JqZWN0Q2xhc3M9Q1JMRGlzdHJpYnV0aW9uUG9pbnSGP2h0dHA6Ly93d3cuaHNzLm5leHVzZ3JvdXAuY29tL2NybHMvTmV4dXMlMjBHcm91cCUyMENBJTIwQ1JMLmNybDANBgkqhkiG9w0BAQsFAAOCAgEAMKpQpqBHY2HyfESvXxy14/R2v3o9I5w9wcojGhS+2bp+QFGp96KfOjmr2B66e4O1ZYsbrt9If3lUEoKfQD8khwdiJxOvfNOZH9gbOpvGcS0uyNUPIYyflm61vA/f5drQUauy+ZO5HDDtB3pfggfLuG4HnGFRz5efuJJhgS+vLXHwYvs183V5c1tclYwm2x9xkezihm9DZpRCt2fdKy5FA3O8D4Gdc7bFK6US81WbUrj+zbgqzBHUYWFpZZIRuNkJgAGFkdOVEFygnDJZO6XU/GqlQZ2swuURpUgP5uWREyzeKTh2Ma2O9OALtz/YMaQMJ2/4ZF/3XM3NQ1GNXOQN7xj5AJml83WP4y1Kj1ckCDNGF+4jLWyn5tod1l2WQh2/qKhhqn9xNrLbb8Zmm4DSzfetVUP7leyWIvbwjLPncZCdGMwXLM9ZYFf17Krm9885o8as2KVJ/76gWWgkszN1MuCW2QUHZRTLaH4vdgULu/nMzfgV38eMi5jr0NusMTxmXGFxv0hKsU+cNW2MZNTwxxkrlxsTZSdA0sBHu/57nUjsc2yZUMg9K7RxX62qkJUZyvGnqWy12LOB7x+5OBzqKgIewle68CxU7S9GbMLqGaz2iGO4lBoq+By2NjxmC/vL3xj3LxJ/L4wRv+kA0ZZo/ow9cTXXF5B2Ecrq6uVuXCMxggH4MIIB9AIBATBCMDwxCzAJBgNVBAYTAlNFMRQwEgYDVQQKEwtOZXh1cyBHcm91cDEXMBUGA1UEAxMOTmV4dXMgR3JvdXAgQ0ECAkIWMA0GCWCGSAFlAwQCAQUAoIGIMAkGA1UEDTECDAAwGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAvBgkqhkiG9w0BCQQxIgQgMYXPjnLe0dqAPB8cnmJSbJXOSGzXGGuu6+pMCp/b6SYwMAYKKoZIhvcNAQkZAzEiBCBBQUJCQ0NEREVFRkZBQUJCQ0NEREVFRkZBQUJCQ0NERDANBgkqhkiG9w0BAQsFAASCAQA6gTaEox49+SDAcL2R5+ObYg9rilCthtkF/6WBSXVYXMIeX3vbIpJNj90QifBjmhenSCsFYfbk1SuPjA4aTZ/cneZCDgAeoj0PpQUpn+8Wu82zB7rikd48GXxpYoIDYM4EfYEZcO1qd2AnuaNCH2+c5xHeLvpd4DEtNG8LRmr6tOWggqVr9DFWN/Evz/GMxB5RvsNfYqVykMtqja6CwvVUq+ollU579iTLeO2RpjWybkGFdzCU+PFsHUGYO545gDzXJ4uEt2cN/KjIOpERUrbFUsuMaNYxamKqfk2+vsCWtgr7To8/+5VFxg1EtVTGK9rMPZ/mwD1S39seScXI6TPP",
          "mechanism" : "CKM_SHA256_RSA_PKCS",
          "format" : "pkcs7",
          "signer" : {
            "certificate" : "MIIF7DCCA9SgAwIBAgICQhYwDQYJKoZIhvcNAQELBQAwPDELMAkGA1UEBhMCU0UxFDASBgNVBAoTC05leHVzIEdyb3VwMRcwFQYDVQQDEw5OZXh1cyBHcm91cCBDQTAeFw0xNzA1MjkxMDM0NDZaFw0yMDA1MjkxMDM0NDZaMF0xFDASBgNVBAoTC05leHVzIEdyb3VwMRcwFQYDVQQDEw5BbmRlcnMgV2FsbGJvbTEsMCoGCSqGSIb3DQEJARYdYW5kZXJzLndhbGxib21AbmV4dXNncm91cC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCa76uk2UYAlrbv7YP0soS8gAvgrnE4mcpQTKafwE5BwHMnUfousQQoUuDPrUhfNUoq6Byu5yfmt2gJCYSCZ3/QlVtfh4qa018245JyKi2lkz68UW/c4N77zL3NDhxEzvXl77aAILdyNsKKUfnB5sCRoEpmkEt1bhPiHCJZquTgmbJLHzX8E88rgjlR9799ghtPNr7HrMGXgClxZsYW9RYIPlWLJar2tfigBlHXMx9XN2egaiKoFCmZHSEE4iH7w5LjNI+lFgS47tQAsTXQ4cAQ0q1hG/5dEs2iTVdbjBSDWPDl8Gf5E5dUjkFWchilf+RIgiOrLUBl0ZxM2vrVXnVVAgMBAAGjggHVMIIB0TApBgNVHSUEIjAgBgorBgEEAYI3FAICBggrBgEFBQcDAgYIKwYBBQUHAwcwEQYDVR0OBAoECEGayCENVci9MDsGA1UdEQQ0MDKgMAYKKwYBBAGCNxQCA6AiDCBhbmRlcnMud2FsbGJvbUBhZC5uZXh1c2dyb3VwLmNvbTATBgNVHSMEDDAKgAhIXcHbqd/vYDBHBggrBgEFBQcBAQQ7MDkwNwYIKwYBBQUHMAGGK2h0dHA6Ly9vY3NwLmhzcy5uZXh1c2dyb3VwLmNvbS9OZXh1c0dyb3VwQ0EwDgYDVR0PAQH/BAQDAgWgMIHlBgNVHR8Egd0wgdowgdeggdSggdGGgY1sZGFwOi8vb2NzcC5oc3MubmV4dXNncm91cC5jb206Mzg5L0NOPU5leHVzJTIwR3JvdXAlMjBDQSxPPU5leHVzJTIwR3JvdXAsQz1TRT9jZXJ0aWZpY2F0ZVJldm9jYXRpb25MaXN0P2Jhc2U/b2JqZWN0Q2xhc3M9Q1JMRGlzdHJpYnV0aW9uUG9pbnSGP2h0dHA6Ly93d3cuaHNzLm5leHVzZ3JvdXAuY29tL2NybHMvTmV4dXMlMjBHcm91cCUyMENBJTIwQ1JMLmNybDANBgkqhkiG9w0BAQsFAAOCAgEAMKpQpqBHY2HyfESvXxy14/R2v3o9I5w9wcojGhS+2bp+QFGp96KfOjmr2B66e4O1ZYsbrt9If3lUEoKfQD8khwdiJxOvfNOZH9gbOpvGcS0uyNUPIYyflm61vA/f5drQUauy+ZO5HDDtB3pfggfLuG4HnGFRz5efuJJhgS+vLXHwYvs183V5c1tclYwm2x9xkezihm9DZpRCt2fdKy5FA3O8D4Gdc7bFK6US81WbUrj+zbgqzBHUYWFpZZIRuNkJgAGFkdOVEFygnDJZO6XU/GqlQZ2swuURpUgP5uWREyzeKTh2Ma2O9OALtz/YMaQMJ2/4ZF/3XM3NQ1GNXOQN7xj5AJml83WP4y1Kj1ckCDNGF+4jLWyn5tod1l2WQh2/qKhhqn9xNrLbb8Zmm4DSzfetVUP7leyWIvbwjLPncZCdGMwXLM9ZYFf17Krm9885o8as2KVJ/76gWWgkszN1MuCW2QUHZRTLaH4vdgULu/nMzfgV38eMi5jr0NusMTxmXGFxv0hKsU+cNW2MZNTwxxkrlxsTZSdA0sBHu/57nUjsc2yZUMg9K7RxX62qkJUZyvGnqWy12LOB7x+5OBzqKgIewle68CxU7S9GbMLqGaz2iGO4lBoq+By2NjxmC/vL3xj3LxJ/L4wRv+kA0ZZo/ow9cTXXF5B2Ecrq6uVuXCM="
          }
        }
      },
      "commandId" : "726",
      "destinations" : [ {
        "to" : "@tmp",
        "bid" : "62806293-ee37-45e4-b618-3b4db82bdfb5",
        "uri" : "com.nexusgroup.plugout:///?url=https%3a%2f%2fnexus-cod1.test.nexusgroup.com%3A20400%2fhermod%2Frest%2Fms%2F62806293-ee37-45e4-b618-3b4db82bdfb5&token=73dcd669-1efc-41e7-afaf-b3feb7a7e386",
        "mid" : "81627ebb-0ac8-4292-9b0b-961c4e71cfaa",
        "location" : "https://nexus-cod1.test.nexusgroup.com:20400/hermod/rest/ms/62806293-ee37-45e4-b618-3b4db82bdfb5/81627ebb-0ac8-4292-9b0b-961c4e71cfaa"
      } ],
      "commandType" : "AUTH",
      "state" : "COMPLETED",
      "fqdn" : "nexus-cod1.test.nexusgroup.com"
    }

To avoid MITM attacks it is important to verify that FQDN included in the signature matches the domain name of the deployed Hermod server

 Poll for status

Callbacks are not guaranteed

Callbacks are not guaranteed, as a best effort to optimize response times. If callback are not received in expected time frame it is the responsibility of the integrator to poll for the status.

  1. To poll for the status, use the command GET /rest/command/poll/{commandId}. See example code:

    Example: Poll command
    GET https://nexus-cod1.test.nexusgroup.com:20400/hermod/rest/command/poll/730
    Example: Poll response
    Response 200 OK
    {
        "commandId": "730",
        "destinations": [
            {
                "to": "@tmp",
                "bid": "2c112368-c1aa-4562-9329-1446e5a22454",
                "uri": "com.nexusgroup.plugout:///?url=https%3a%2f%2fnexus-cod1.test.nexusgroup.com%3A20400%2fhermod%2Frest%2Fms%2F2c112368-c1aa-4562-9329-1446e5a22454&token=e21b7e4b-6626-4548-85ea-2274f67cead2",
                "mid": "48798402-9033-4869-9653-f8d28b1f93dc",
                "location": "https://nexus-cod1.test.nexusgroup.com:20400/hermod/rest/ms/2c112368-c1aa-4562-9329-1446e5a22454/48798402-9033-4869-9653-f8d28b1f93dc"
            }
        ],
        "commandType": "AUTH",
        "state": "IN_PROGRESS",
        "fqdn": "nexus-cod1.test.nexusgroup.com"
    }

Related information