Autenticazione IAM per la cache OCI

Informazioni su come impostare l'autenticazione IAM per gli utenti della cache OCI.

Questo argomento descrive l'uso di token IAM (Identity and Access Management) a breve termine con la cache OCI.

Per richiedere e utilizzare un token di autenticazione IAM, effettuare le operazioni riportate di seguito.

  1. Utilizzare l'operazione createIdentityToken per richiedere un token di autenticazione.
  2. Firmare il token di autenticazione e utilizzarlo per accedere alla cache OCI.

Generazione e firma del token

Utilizzare l'operazione API CreateIdentityToken per generare il token dalla cache OCI. Il token scade dopo un'ora e deve essere rinnovato.

Per creare il token, eseguire i task riportati di seguito.

  1. Creare il client di identità della cache OCI.
  2. Creazione del token. Effettuare una chiamata client all'API CreateIdentityToken della cache OCI. Questa chiamata genera il token di identità.
    Nota

    Quando si genera un token per OciCacheUser, utilizzare OCID di OciCacheUser come valore redisUser. Durante la connessione al cluster Redis, specificare il nome di OciCacheUser (non OCID) come username.
  3. Generare la firma del cliente per il token utilizzando la chiave privata del cliente.
  4. Codifica la firma generata utilizzando base64.
  5. Generare la stringa composta nel formato: base64_signature|token.
  6. Codifica la stringa composta utilizzando base64 per ottenere il token finale.
  7. Utilizzare il token finale per eseguire l'accesso.

Ecco un esempio del token finale:


ZnpwcDdCNUs1MnFMamFJMVprbG12UGpsQ2xRL2Nrb00rZDhjTFJqZHBYbkVnU1hNMjV5aFF1emxQT1JJR21wNldUUjFaZGwwZjZiVVUyWjdIY00yeXhoS0YwZnB0dnFBc2haRlpJUWQ1MUlmY1pFV2tLVGJEY0ZwYjRTcG9jTURWYXErVkhMSnhjRmkzdjErTzFXM2xSUU84QVU5RWt0T05sTm9lTHEvL3FOOTR5ZWxmcDhKMjRselQ1ZDVMbUFQSFR2OHg0L2Fsb1U0Mitjd0VwMTgrbnN0ZkpkZnZJK3hNeWowcFdBNVJ1TnNBdkFUWEhuYUdrTkl0L1R4c2FYaFhIR040enBLRW93VTNvSVdHMW1jbmlPNjN0R0ZZbTB2enByR3pCWjhHUk9lRHpUUVVPeWd6RGZ0Vm1QbnFydklwd2w1UDVnZ3RhalFjY2s0YzlDOUdBPT18ZXlKaGJHY2lPaUpTVXpJMU5pSjkuZXlKaGRXUWlPaUp5WldScGMyTmhZMmhsZFhObGNqQXlJaXdpY0hWaWJHbGpTMlY1SWpvaVRGTXdkRXhUTVVOU1ZXUktWR2xDVVZaVlNrMVRWVTFuVXpCV1dreFRNSFJNVXpCTFZGVnNTbEZyYkhGUlZUVkRXakowZUdGSGRIQlNlbXd6VFVWS1FsVlZWa2RSVlVaUVVUQkdVazlGUms1VFZXeERVVEprVEZFd1JsSlNWVVo1WTBoS1JGVlhiRFZTVm5CM1YwWnNZVmt3TkRSak1GSkhVMEZ3TkZGV2JGbGFNR2hZVWtaa01VNVVSakpsYWtKR1YwUm5OV1I2VFhwaFJHZDNUbXhzVVdKVlZrSmpSa1pxV1hwU1JWUnFTa1ppUjA1MlkxZEtNRXN4WkdwaU0yeGFWMGRrVFdWdFZtMVhSM04zWTI1V1NVTnFTVEZVUkZJMFlXeGFVRkZZU2xkUk1rWjNZbFpTZFdKWVFsVldSbGswVWxjNWVsbFdiM0pWYW1SQ1ltMUdhMXBET1V4WmFsWklZVEl4VGxZeVdscGliWGQyVkRBMWFGUXpVbEJSTVZwQ1RWWmFlazlYYzB0VVdGcHZXbFJHU2xwRlNscE9WMDB5WWxSc1NGbFhlRVZoYm14aFRESm9UMkZ0YkU5T1ZscDVVbXRvTVVzd2NIVmhhbWh2WkhwT1QxTnJPVmhUUlhSTlRsYzVTbFF6VGtsVk0wRTBUVVp2ZWxkdFdraFNRWEIyVlVSR1NGSkZjek5UVm5CWVRsVktOV0pGYUZoVGVtaFFWVEZ3ZWxscVNqWmpSRkUxWkROS1IxWnFXa1ZYVmtwc1VqRkdNVkpJUmxCaWVtaHdVakJzV0ZWNlNrWlJhemxOVlRKNGRrMXJPVTlWTTFKS1EydDBlVk5WU2pObFZFNDFZVVZzV0VzeWFGQldXRlpvWlZkdmNsSnVZelZQUlhCdFpHcFdhRmx1Y0U1TE1taFFZVE5DV0ZWcmRIRmxWMmh6VlVkWk1HSXdOVVpMTWtveVltMDVlRlF4VGtaa1ZFbDNWVzV2UzFJeFJrcFNSVVpTVVZWSlMweFRNSFJNVXpGR1ZHdFJaMVZHVmtOVVJXeEVTVVYwUmxkVE1IUk1VekIwUTJjaUxDSmxlSEFpT2pFM05EVTJNVGt5TURJc0ltbGhkQ0k2TVRjME5UWXhOVFl3TWl3aWFuUnBJam9pWlhsS2NtRlhVV2xQYVVwb1l6TmtabU5IYURSWWVrVXpUVlJWTWsxNlNURlBSR04zVG5wWmFVeERTbWhpUjJOcFQybEtVMVY2U1RGT2FVbzVMbVY1U25wa2JVNVZXbGMxYUdKdVVrcGFRMGsyU1cwNWFtRlhVWGhNYmxKc1ltMUdkVmt6YTNWaU1rMTRUR2sxYUZsWFJtaFpWMFpvV1ZoYU5WbFliM2xqYmtJMVlYcFdiVTVVVW14aldFMHdZVmh3ZG1GSVJYbGFNamg2WkVSVk1HSkVVWHBPTWpWeFlsZHNiazF0Um5aaWJtaDRaREpLZG1WWVJuWk5Na1ZwVEVOS2VtUlhTV2xQYVVwMldUSnNhMDFUTlhsYVYxSndZekpPYzJSWVRqQmFXRWwxWWpKTmVFeHVRbTlsUXpWb1lsZEdhRmxYUm1oWldHaDRZMjVhYUdSSWJHaGtSRkpzVGtSa2VXVnVaSHBrTW14NldsUk9jV0l5U214bGJrcHNaVWhPZWxsdFJuRmpia0l5VFcxb2QwNHpXVEJqU0d4c1l6SndOV0V5UldsTVEwcDZaRzFOYVU5cFNubGFWMUp3WTNreGVscFlTakpoVjA1c1RGaFdkV016VW1oWmJYaHNTV2wzYVdGWVRucEphbTlwV1ZoV01HRkdUbXhqYmxwd1dUSlZkV0l6U21oWk1uaHNURzFPZG1KVFNYTkpia3BzWXpFNU1GcFhOV2hpYmxGcFQybEtkbGt5Ykd0TlV6VXdXbGMxYUdKdFRqVk1iVGxxVFZNMGRWbFhSbWhaVjBab1dWZEdNbVZYUmpaTmJrcDNaVmR6TVZwcVZUQmFXRVo2VGtkc05tSXlhSGhOYldSMlRUTlJNVTVIZHpCTmVtUjFZVzB4Y0ZwNlNtaGlNalUwWTFoa2FXSXpiSGhpZWs1b1NXbDNhV05JVWpWalIxVnBUMmxLZVZwWVRuWmtXRXBxV2xOSmMwbHVTbXhqTVRrd1pWaENiRWxxYjJsamJWWnJZVmhPYW1KSVZucGtSMVo1U1dsM2FWbFlWbXRKYW05cFlqSk9jRWxwZDJsamJWWjZXREpzYTBscWIybGlNazV3V2tSRmRXTnRWbXRoV0U1cVlraFdlbVJIVm5sTWJUbHFUVk0xZDJGSVozVlpWekZvV1ZkR2FGbFhSalJqV0VveVdWaFNOVmxZVVRCYVZGRXpZMjV3TTJNelpIQmpNbFY2WVcwNWFWcFljSGxhV0doNll6SkthR0Z1U25ka2FrcHZZMFJrTWs1SVFqVmFXRTV4WlZkMGFFbHBkMmxrU0ZJMVkwZFZhVTlwU25sYVdFNW1Zek5CYVV4RFNubGFXRTVtV1RJNWRHTkhSbmxrUnpGc1ltNVJhVTlwU25aWk1teHJUVk0xYW1JeU1YZFpXRW93WWxkV2RXUkROWFpaZWtWMVRHMUdhRmxYUm1oWlYwWm9UbnBXY1dOWWJHMWhiVFZ1WVZoQk1WbHVaSEJpUjFKcVlXMUdlbVJJVWpKaVJ6QXpaR3BrYUdGdVpETmFSMFkwVG01b2JFNVhhR3BrTW1oeFpGaEtOVnBYU25KalUwbHpTVzFXTkdORFNUWk5WR013VGxSWk1FNVVWVE5QUTNkcFlWZEdNRWxxYjNoT2VsRXhUbXBCZVUxNll6Uk1RMHB4WkVkcmFVOXBTbXRhYW14c1RsUkdhVTlUTUROT1JGa3pURlJTYlU0eVNYUlpWRUpyVGtNeGFVMXFWVEpOZWxGNlRUSktiRmw2UVdsTVEwb3dXbGMxYUdKdVVXbFBhVXAyV1RKc2EwMVROVEJhVnpWb1ltMU9OVXh0T1dwTlV6UjFXVmRHYUZsWFJtaFpWMFl5WlZkR05rMXVTbmRsVjNNeFdtcFZNRnBZUm5wT1IydzJZakpvZUUxdFpIWk5NMUV4VGtkM01FMTZaSFZoYlRGd1ducEthR0l5TlRSaldHUnBZak5zZUdKNlRtaEphWGRwWWpOQ2FreFhVbTVqZVVrMlNXeFpla3hIT1dwaFYxRjRURzVTYkdKdFJuVlpNMnQxWWpKTmVFeHBOV2haVjBab1dWZEdhRmxZV2pWWldHOTVZMjVDTldGNlZtMU9WRkpzWTFoTk1HRlljSFpoU0VWNVdqSTRlbVJFVlRCaVJGRjZUakkxY1dKWGJHNU5iVVoyWW01b2VHUXlTblpsV0VaMlRUSkZjMUZWUmtKUlZVWlNVVlZHUWxGVlNYWmFhazAxVERCR1FsRlZSbkZrZWpBNVRFVkdRbEZWUmtKUlZEQTVTV2wzYVdGdVpISkphbTlwWlRGM2FXRXliR3RZUTBrMldFTktkbGt5Ykd0TlV6VjVXbGRTY0dNeVRuTmtXRTR3V2xoSmRXSXlUWGhNYmtKdlpVTTFhR0pYUm1oWlYwWm9XVmhvZUdOdVdtaGtTR3hvWkVSU2JFNUVaSGxsYm1SNlpESnNlbHBVVG5GaU1rcHNaVzVLYkdWSVRucFpiVVp4WTI1Q01rMXRhSGRPTTFrd1kwaHNiR015Y0RWaE1rWmpTV2w0WTBsdE5XTkphbkJqU1c1c1VGb3pUbWhXYldSelZWUldVR1JYVW1oT00wWnNXbXRTYVdGWVJsTmlTR3hHVm1wbk1HRXpUWGRUVjBaUFVUQktTbEZyVG01VE1UbEhXa1ZrV1ZreldsWmpSVXA0VTFkU1QyRnRkSFZXYmxwT1pESnNWR0ZVVGtWUFNFRXhZVVZPVGsxdVNtNVRSbkJGVkc1R05rNHpRbVpTTVRsdVltMHhRMDFyTVROaWFURTBVV3RhVDFoNlRrSmpNMEpQVGpKV1QwNXRjRWhhVlRrMlZqRkNWR1JGZURKYVJYZDNZa1ZhU2xKck9VbGhNV3MwVVROb1psTnRkRkJrZVRFMFRGTXhSRmRWVmpGT1NHaHlVV3BDWmxaR1pIZGtSbVJPVWxka1MxWkZPVU5WU0doc1UydE9NMDVwTVZOTlIxcFVZVzE0Wmxac2JITmpWVXBEV21wQ1FsVnNUbGxXYlU1UlZWZGtlV0ZIZUhkaGJrWkhWMjFhZUZwWGR6RmlSRkpDWTFac2VtUlZVWGRTZWtaRllVUnJlRll6WkhKVk1uUnNXbXR3ZFZFemNGbFZWbEUxVFd0YWNWZ3lSbEZoYkZKMlQwaEtTVlJFV2tKbFdFNXFUVlJrUWxSV1pGbFdWa0o2WTJzNWJGSlhNV3hTTWtadldWaGtjVTlHYUc5alZrSm9VakIwUjFSV1JtRmxiV2hVWWtkMGMyVkhiR2xXUldzMFQwUmFObFl5Y0VaaFJsbDNZMnhzYkdSVVVUQlRhazB5VFhwa05GcEhjR0ZaVnpWd1ZWVm9RMkV4YUc5UmEyZ3dWVlozYVV4R2QybGFWbmRwVDJ4M2FWRldSa0pSYkhkcFRFWjNhV0V6VWpWWVEwazJXRU5LVTFVd1JtTkphWGhqU1cxR2Mxb3hkMmxQYkhkcFZXeE5lVTVVV21OSmFYaGpTVzVXZWxwV2QybFBiSGRwWXpKc2JsaERTamxKYmpBdVVVNTZlWEZ2WlZnM04wTjJhVVpWYkhsWGMySnZiRzV4Y1ZOZk9FUmxkSFoyVXpkRk9FcFhXbGsyWmtKV1JIVldjbTl2ZWpkVWVGUlZYMUkxY1Zrd1VVRTJaMDQyWjBWYVRITnJhWGxRWW1KZlJUbDJSazlQUzNaZkxVNWZjRTE0T0ZsMWNURm1jRUZQUmxaVVgxQndkWE5HZVRnMFVqWjNhWEpGU2poRGNtOUJkemh0Ym0xQ1duaGxaazVJWjNSUGJYZzVkVmhPYVVWdE9Ua3dialpWT0U5UlFrMXBXVUk1U1hSQ1ZFNTJSekl0VEU0NVFtUXRaV3BUYmpCb1dDMDRSbmRZUVdaQ2JrbE1TRk5zTUd4UGRUQndVRVJqYVRKdVJIaDJhMWxpY1RseFRHcEROMTlCT0RWZmEzaG5OMjlIUzNSUFNtWkljemgwWkd4U2RrY3lTVEExVDB4cFQwdzRZMEZ5UmtKcFVYQnRaRzFOVEhabGJVWkdabGhMVkRVd2RGWmhNMlp0UjFSWFgwaFlRMnAxUzFaS05YbElMVTVyYVcxME1sbDRTRXRuZDBRMGJXVTFiR1ZKYTFBM00wZG9RM05vTjE5bkluMC5QSksyTmVNZ05HLWY0VTJYNUoyUTZVaWVINUdmN3oybUVybUxUUFFBY0lBUDJLQXNsVkRNUVpTV0JZVGZMempjbEhqaHRubkdFOHZ1ZHYwVldJazZSRHRTU0M2cGNJLS1DQzUxemNpMlptcDdyU2N5SGlxX1Z3bm5rbEtVbDhTV0pVRURtWUxPdUs5bXFXY3N1SlNCNi1ZRk5faUFTZmVBczZlSWZLeHVDbmZ6clM1RC1zTUpnUTI3YktOVTR4UmluNWhYVFR0ZXhHNURoMmZ1UENNTzdKUGFGa3VBcGlwTEdwUlY5RDE5LTBhRUtCN0NZcDQxeHVxOUVpenJReVUtdzd2SFMtYnZvNnVyMVh0OGE3dXl3ZGg3UmhQQlhVUWRFRVA4Q2x4RDdKT0U5dkN2Mm5aY0tZMTgxWndHV0lTOVJPdEhCV0I0ZlFIZEt4N1drWloteGc=

Uso del token per autenticare l'utente della cache OCI

Eseguire l'autenticazione nel cluster utilizzando uno degli utenti della cache predefiniti e il token appena generato come password:

redis-cli --tls --user <ocicacheusername> -h <private_endpoint> -a <token>
                

Esempio di generazione e firma del token

Di seguito è riportato un esempio di generazione e firma di un token utilizzando CLI o API per gli utenti della cache OCI.

  • Questo task non può essere eseguito utilizzando OCI Console.

  • Utilizzare il comando oci redis-identity create-identity-token-details create-identity-token e i parametri richiesti per generare e autenticare un token:

    oci redis redis-identity create-identity-token-details create-identity-token --public-key <text> --redis-cluster-id <cluster_OCID> --redis-user <text> [OPTIONS]
    Nota

    Per l'argomento public key nel comando, fornire la chiave pubblica con codifica base64 dalla coppia di chiavi utilizzata per firmare il token recuperato.
    Di seguito sono riportati i passi per recuperare il token.
    1. Impostare l'ID cluster Redis:
      export REDIS_CLUSTER_ID=OCID1.rediscluster.OC1..<unique_ID>
                                          
    2. Recupera il cluster cache OCI specificato utilizzando il comando:
      oci raw-request --HTTP-method GET --target-uri  HTTPS://test.redis.us../redisClusters/${REDIS_CLUSTER_ID}
    3. Ottenere il token raw con il comando seguente:
      oci raw-request --HTTP-method POST --request-body "{  \"\publicKey\": \"LS0t..\",  \"redisUser\": \"OCID1.ocicacheuser.OC1..<unique_ID>"}" --target-uri "HTTPS://test.redis.us../redisClusters/${REDIS_CLUSTER_ID}/actions/identityToken"
    Dopo aver generato il token di identità raw, firmarlo utilizzando una chiave privata. Ad esempio:
    // java.security.Signature
    Signature signature = Signature.getInstance("SHA256withRSA");
    signature.initSign(<privateKey>); // private key of the user
    signature.update(redisToken.getBytes(StandardCharsets.UTF_8));
    byte[] signatureBytes = signature.sign();
    String encodedSignature = Base64.getUrlEncoder().encodeToString(signatureBytes);
     
    signature.initVerify(<publicKey>)); //public key of the user
    signature.update(redisToken.getBytes(StandardCharsets.UTF_8));
    boolean isValid = signature.verify(Base64.getUrlDecoder().decode(encodedSignature));
             
     
    final String composite = signedToken + "|" + redisToken;
    final String finalToken = Base64.getEncoder().encodeToString(composite.getBytes(StandardCharsets.UTF_8)); //Final token used for authenticating against the cluster
    Questo passo genera il token finale, ad esempio:
    
    ZnpwcDdCNUs1MnFMamFJMVprbG12UGpsQ2xRL2Nrb00rZDhjTFJqZHBYbkVnU1hNMjV5aFF1emxQT1JJR21wNldUUjFaZGwwZjZiVVUyWjdIY00yeXhoS0YwZnB0dnFBc2haRlpJUWQ1MUlmY1pFV2tLVGJEY0ZwYjRTcG9jTURWYXErVkhMSnhjRmkzdjErTzFXM2xSUU84QVU5RWt0T05sTm9lTHEvL3FOOTR5ZWxmcDhKMjRselQ1ZDVMbUFQSFR2OHg0L2Fsb1U0Mitjd0VwMTgrbnN0ZkpkZnZJK3hNeWowcFdBNVJ1TnNBdkFUWEhuYUdrTkl0L1R4c2FYaFhIR040enBLRW93VTNvSVdHMW1jbmlPNjN0R0ZZbTB2enByR3pCWjhHUk9lRHpUUVVPeWd6RGZ0Vm1QbnFydklwd2w1UDVnZ3RhalFjY2s0YzlDOUdBPT18ZXlKaGJHY2lPaUpTVXpJMU5pSjkuZXlKaGRXUWlPaUp5WldScGMyTmhZMmhsZFhObGNqQXlJaXdpY0hWaWJHbGpTMlY1SWpvaVRGTXdkRXhUTVVOU1ZXUktWR2xDVVZaVlNrMVRWVTFuVXpCV1dreFRNSFJNVXpCTFZGVnNTbEZyYkhGUlZUVkRXakowZUdGSGRIQlNlbXd6VFVWS1FsVlZWa2RSVlVaUVVUQkdVazlGUms1VFZXeERVVEprVEZFd1JsSlNWVVo1WTBoS1JGVlhiRFZTVm5CM1YwWnNZVmt3TkRSak1GSkhVMEZ3TkZGV2JGbGFNR2hZVWtaa01VNVVSakpsYWtKR1YwUm5OV1I2VFhwaFJHZDNUbXhzVVdKVlZrSmpSa1pxV1hwU1JWUnFTa1ppUjA1MlkxZEtNRXN4WkdwaU0yeGFWMGRrVFdWdFZtMVhSM04zWTI1V1NVTnFTVEZVUkZJMFlXeGFVRkZZU2xkUk1rWjNZbFpTZFdKWVFsVldSbGswVWxjNWVsbFdiM0pWYW1SQ1ltMUdhMXBET1V4WmFsWklZVEl4VGxZeVdscGliWGQyVkRBMWFGUXpVbEJSTVZwQ1RWWmFlazlYYzB0VVdGcHZXbFJHU2xwRlNscE9WMDB5WWxSc1NGbFhlRVZoYm14aFRESm9UMkZ0YkU5T1ZscDVVbXRvTVVzd2NIVmhhbWh2WkhwT1QxTnJPVmhUUlhSTlRsYzVTbFF6VGtsVk0wRTBUVVp2ZWxkdFdraFNRWEIyVlVSR1NGSkZjek5UVm5CWVRsVktOV0pGYUZoVGVtaFFWVEZ3ZWxscVNqWmpSRkUxWkROS1IxWnFXa1ZYVmtwc1VqRkdNVkpJUmxCaWVtaHdVakJzV0ZWNlNrWlJhemxOVlRKNGRrMXJPVTlWTTFKS1EydDBlVk5WU2pObFZFNDFZVVZzV0VzeWFGQldXRlpvWlZkdmNsSnVZelZQUlhCdFpHcFdhRmx1Y0U1TE1taFFZVE5DV0ZWcmRIRmxWMmh6VlVkWk1HSXdOVVpMTWtveVltMDVlRlF4VGtaa1ZFbDNWVzV2UzFJeFJrcFNSVVpTVVZWSlMweFRNSFJNVXpGR1ZHdFJaMVZHVmtOVVJXeEVTVVYwUmxkVE1IUk1VekIwUTJjaUxDSmxlSEFpT2pFM05EVTJNVGt5TURJc0ltbGhkQ0k2TVRjME5UWXhOVFl3TWl3aWFuUnBJam9pWlhsS2NtRlhVV2xQYVVwb1l6TmtabU5IYURSWWVrVXpUVlJWTWsxNlNURlBSR04zVG5wWmFVeERTbWhpUjJOcFQybEtVMVY2U1RGT2FVbzVMbVY1U25wa2JVNVZXbGMxYUdKdVVrcGFRMGsyU1cwNWFtRlhVWGhNYmxKc1ltMUdkVmt6YTNWaU1rMTRUR2sxYUZsWFJtaFpWMFpvV1ZoYU5WbFliM2xqYmtJMVlYcFdiVTVVVW14aldFMHdZVmh3ZG1GSVJYbGFNamg2WkVSVk1HSkVVWHBPTWpWeFlsZHNiazF0Um5aaWJtaDRaREpLZG1WWVJuWk5Na1ZwVEVOS2VtUlhTV2xQYVVwMldUSnNhMDFUTlhsYVYxSndZekpPYzJSWVRqQmFXRWwxWWpKTmVFeHVRbTlsUXpWb1lsZEdhRmxYUm1oWldHaDRZMjVhYUdSSWJHaGtSRkpzVGtSa2VXVnVaSHBrTW14NldsUk9jV0l5U214bGJrcHNaVWhPZWxsdFJuRmpia0l5VFcxb2QwNHpXVEJqU0d4c1l6SndOV0V5UldsTVEwcDZaRzFOYVU5cFNubGFWMUp3WTNreGVscFlTakpoVjA1c1RGaFdkV016VW1oWmJYaHNTV2wzYVdGWVRucEphbTlwV1ZoV01HRkdUbXhqYmxwd1dUSlZkV0l6U21oWk1uaHNURzFPZG1KVFNYTkpia3BzWXpFNU1GcFhOV2hpYmxGcFQybEtkbGt5Ykd0TlV6VXdXbGMxYUdKdFRqVk1iVGxxVFZNMGRWbFhSbWhaVjBab1dWZEdNbVZYUmpaTmJrcDNaVmR6TVZwcVZUQmFXRVo2VGtkc05tSXlhSGhOYldSMlRUTlJNVTVIZHpCTmVtUjFZVzB4Y0ZwNlNtaGlNalUwWTFoa2FXSXpiSGhpZWs1b1NXbDNhV05JVWpWalIxVnBUMmxLZVZwWVRuWmtXRXBxV2xOSmMwbHVTbXhqTVRrd1pWaENiRWxxYjJsamJWWnJZVmhPYW1KSVZucGtSMVo1U1dsM2FWbFlWbXRKYW05cFlqSk9jRWxwZDJsamJWWjZXREpzYTBscWIybGlNazV3V2tSRmRXTnRWbXRoV0U1cVlraFdlbVJIVm5sTWJUbHFUVk0xZDJGSVozVlpWekZvV1ZkR2FGbFhSalJqV0VveVdWaFNOVmxZVVRCYVZGRXpZMjV3TTJNelpIQmpNbFY2WVcwNWFWcFljSGxhV0doNll6SkthR0Z1U25ka2FrcHZZMFJrTWs1SVFqVmFXRTV4WlZkMGFFbHBkMmxrU0ZJMVkwZFZhVTlwU25sYVdFNW1Zek5CYVV4RFNubGFXRTVtV1RJNWRHTkhSbmxrUnpGc1ltNVJhVTlwU25aWk1teHJUVk0xYW1JeU1YZFpXRW93WWxkV2RXUkROWFpaZWtWMVRHMUdhRmxYUm1oWlYwWm9UbnBXY1dOWWJHMWhiVFZ1WVZoQk1WbHVaSEJpUjFKcVlXMUdlbVJJVWpKaVJ6QXpaR3BrYUdGdVpETmFSMFkwVG01b2JFNVhhR3BrTW1oeFpGaEtOVnBYU25KalUwbHpTVzFXTkdORFNUWk5WR013VGxSWk1FNVVWVE5QUTNkcFlWZEdNRWxxYjNoT2VsRXhUbXBCZVUxNll6Uk1RMHB4WkVkcmFVOXBTbXRhYW14c1RsUkdhVTlUTUROT1JGa3pURlJTYlU0eVNYUlpWRUpyVGtNeGFVMXFWVEpOZWxGNlRUSktiRmw2UVdsTVEwb3dXbGMxYUdKdVVXbFBhVXAyV1RKc2EwMVROVEJhVnpWb1ltMU9OVXh0T1dwTlV6UjFXVmRHYUZsWFJtaFpWMFl5WlZkR05rMXVTbmRsVjNNeFdtcFZNRnBZUm5wT1IydzJZakpvZUUxdFpIWk5NMUV4VGtkM01FMTZaSFZoYlRGd1ducEthR0l5TlRSaldHUnBZak5zZUdKNlRtaEphWGRwWWpOQ2FreFhVbTVqZVVrMlNXeFpla3hIT1dwaFYxRjRURzVTYkdKdFJuVlpNMnQxWWpKTmVFeHBOV2haVjBab1dWZEdhRmxZV2pWWldHOTVZMjVDTldGNlZtMU9WRkpzWTFoTk1HRlljSFpoU0VWNVdqSTRlbVJFVlRCaVJGRjZUakkxY1dKWGJHNU5iVVoyWW01b2VHUXlTblpsV0VaMlRUSkZjMUZWUmtKUlZVWlNVVlZHUWxGVlNYWmFhazAxVERCR1FsRlZSbkZrZWpBNVRFVkdRbEZWUmtKUlZEQTVTV2wzYVdGdVpISkphbTlwWlRGM2FXRXliR3RZUTBrMldFTktkbGt5Ykd0TlV6VjVXbGRTY0dNeVRuTmtXRTR3V2xoSmRXSXlUWGhNYmtKdlpVTTFhR0pYUm1oWlYwWm9XVmhvZUdOdVdtaGtTR3hvWkVSU2JFNUVaSGxsYm1SNlpESnNlbHBVVG5GaU1rcHNaVzVLYkdWSVRucFpiVVp4WTI1Q01rMXRhSGRPTTFrd1kwaHNiR015Y0RWaE1rWmpTV2w0WTBsdE5XTkphbkJqU1c1c1VGb3pUbWhXYldSelZWUldVR1JYVW1oT00wWnNXbXRTYVdGWVJsTmlTR3hHVm1wbk1HRXpUWGRUVjBaUFVUQktTbEZyVG01VE1UbEhXa1ZrV1ZreldsWmpSVXA0VTFkU1QyRnRkSFZXYmxwT1pESnNWR0ZVVGtWUFNFRXhZVVZPVGsxdVNtNVRSbkJGVkc1R05rNHpRbVpTTVRsdVltMHhRMDFyTVROaWFURTBVV3RhVDFoNlRrSmpNMEpQVGpKV1QwNXRjRWhhVlRrMlZqRkNWR1JGZURKYVJYZDNZa1ZhU2xKck9VbGhNV3MwVVROb1psTnRkRkJrZVRFMFRGTXhSRmRWVmpGT1NHaHlVV3BDWmxaR1pIZGtSbVJPVWxka1MxWkZPVU5WU0doc1UydE9NMDVwTVZOTlIxcFVZVzE0Wmxac2JITmpWVXBEV21wQ1FsVnNUbGxXYlU1UlZWZGtlV0ZIZUhkaGJrWkhWMjFhZUZwWGR6RmlSRkpDWTFac2VtUlZVWGRTZWtaRllVUnJlRll6WkhKVk1uUnNXbXR3ZFZFemNGbFZWbEUxVFd0YWNWZ3lSbEZoYkZKMlQwaEtTVlJFV2tKbFdFNXFUVlJrUWxSV1pGbFdWa0o2WTJzNWJGSlhNV3hTTWtadldWaGtjVTlHYUc5alZrSm9VakIwUjFSV1JtRmxiV2hVWWtkMGMyVkhiR2xXUldzMFQwUmFObFl5Y0VaaFJsbDNZMnhzYkdSVVVUQlRhazB5VFhwa05GcEhjR0ZaVnpWd1ZWVm9RMkV4YUc5UmEyZ3dWVlozYVV4R2QybGFWbmRwVDJ4M2FWRldSa0pSYkhkcFRFWjNhV0V6VWpWWVEwazJXRU5LVTFVd1JtTkphWGhqU1cxR2Mxb3hkMmxQYkhkcFZXeE5lVTVVV21OSmFYaGpTVzVXZWxwV2QybFBiSGRwWXpKc2JsaERTamxKYmpBdVVVNTZlWEZ2WlZnM04wTjJhVVpWYkhsWGMySnZiRzV4Y1ZOZk9FUmxkSFoyVXpkRk9FcFhXbGsyWmtKV1JIVldjbTl2ZWpkVWVGUlZYMUkxY1Zrd1VVRTJaMDQyWjBWYVRITnJhWGxRWW1KZlJUbDJSazlQUzNaZkxVNWZjRTE0T0ZsMWNURm1jRUZQUmxaVVgxQndkWE5HZVRnMFVqWjNhWEpGU2poRGNtOUJkemh0Ym0xQ1duaGxaazVJWjNSUGJYZzVkVmhPYVVWdE9Ua3dialpWT0U5UlFrMXBXVUk1U1hSQ1ZFNTJSekl0VEU0NVFtUXRaV3BUYmpCb1dDMDRSbmRZUVdaQ2JrbE1TRk5zTUd4UGRUQndVRVJqYVRKdVJIaDJhMWxpY1RseFRHcEROMTlCT0RWZmEzaG5OMjlIUzNSUFNtWkljemgwWkd4U2RrY3lTVEExVDB4cFQwdzRZMEZ5UmtKcFVYQnRaRzFOVEhabGJVWkdabGhMVkRVd2RGWmhNMlp0UjFSWFgwaFlRMnAxUzFaS05YbElMVTVyYVcxME1sbDRTRXRuZDBRMGJXVTFiR1ZKYTFBM00wZG9RM05vTjE5bkluMC5QSksyTmVNZ05HLWY0VTJYNUoyUTZVaWVINUdmN3oybUVybUxUUFFBY0lBUDJLQXNsVkRNUVpTV0JZVGZMempjbEhqaHRubkdFOHZ1ZHYwVldJazZSRHRTU0M2cGNJLS1DQzUxemNpMlptcDdyU2N5SGlxX1Z3bm5rbEtVbDhTV0pVRURtWUxPdUs5bXFXY3N1SlNCNi1ZRk5faUFTZmVBczZlSWZLeHVDbmZ6clM1RC1zTUpnUTI3YktOVTR4UmluNWhYVFR0ZXhHNURoMmZ1UENNTzdKUGFGa3VBcGlwTEdwUlY5RDE5LTBhRUtCN0NZcDQxeHVxOUVpenJReVUtdzd2SFMtYnZvNnVyMVh0OGE3dXl3ZGg3UmhQQlhVUWRFRVA4Q2x4RDdKT0U5dkN2Mm5aY0tZMTgxWndHV0lTOVJPdEhCV0I0ZlFIZEt4N1drWloteGc=

    Per un elenco completo dei parametri e dei valori per i comandi CLI, consultare il manuale CLI Command Reference.

  • Eseguire l'operazione CreateIdentityToken per generare e autenticare un token. L'API esegue i passi riportati di seguito.

    1. Creare un client di identità Redis con il codice seguente:
      public static RedisIdentityClient getRedisIdentityClient() throws IOException {
          return RedisIdentityClient.builder()
                  .region("regionname") //Region from SDK configuration
                  .endpoint("endPoint") //redis service prod endpoint (example: endpoint: redis.us-****-1.oci.oraclecloud.com for **** region)
                  .build(new SessionTokenAuthenticationDetailsProvider("~/.oci/config", "default"));
      }
    2. Chiamare la cache OCI IdentityTokenDetailsResponse per generare un token di identità raw.
      public static void createIdentityToken(RedisIdentityClient client, String clusterId) {
       
          String redisUser = "OCID1.ocicacheuser.OC1..<unique_ID>"; 
          // String redisUser = <OCID of oci cache user>; // OCI Cache user created by customer
          CreateIdentityTokenDetails createIdentityTokenDetails = CreateIdentityTokenDetails.builder()
                  .redisUser(redisUser)
                  .publicKey() //Public key of the key pair used by customer to sign fetched token
                  .build();
       
          CreateIdentityTokenRequest createIdentityTokenRequest = CreateIdentityTokenRequest.builder()
                  .createIdentityTokenDetails(createIdentityTokenDetails)
                  .redisClusterId(clusterId)
                  .build();
       
          CreateIdentityTokenResponse identityToken = client.createIdentityToken(createIdentityTokenRequest);
          String redisToken = identityToken.getIdentityTokenDetailsResponse().getIdentityToken(); // Identity Token created by the OCI Cache identity API
      }
      Nota

      Per l'argomento public key nel comando, fornire la chiave pubblica con codifica base64 dalla coppia di chiavi utilizzata per firmare il token recuperato.
    Dopo aver generato il token di identità raw, firmarlo utilizzando una chiave privata. Ad esempio:
    // java.security.Signature
    Signature signature = Signature.getInstance("SHA256withRSA");
    signature.initSign(<privateKey>); // private key of the user
    signature.update(redisToken.getBytes(StandardCharsets.UTF_8));
    byte[] signatureBytes = signature.sign();
    String encodedSignature = Base64.getUrlEncoder().encodeToString(signatureBytes);
     
    signature.initVerify(<publicKey>)); //public key of the user
    signature.update(redisToken.getBytes(StandardCharsets.UTF_8));
    boolean isValid = signature.verify(Base64.getUrlDecoder().decode(encodedSignature));
             
     
    final String composite = signedToken + "|" + redisToken;
    final String finalToken = Base64.getEncoder().encodeToString(composite.getBytes(StandardCharsets.UTF_8)); //Final token used for authenticating against the cluster
    Questo passo genera il token finale, ad esempio:
    
    ZnpwcDdCNUs1MnFMamFJMVprbG12UGpsQ2xRL2Nrb00rZDhjTFJqZHBYbkVnU1hNMjV5aFF1emxQT1JJR21wNldUUjFaZGwwZjZiVVUyWjdIY00yeXhoS0YwZnB0dnFBc2haRlpJUWQ1MUlmY1pFV2tLVGJEY0ZwYjRTcG9jTURWYXErVkhMSnhjRmkzdjErTzFXM2xSUU84QVU5RWt0T05sTm9lTHEvL3FOOTR5ZWxmcDhKMjRselQ1ZDVMbUFQSFR2OHg0L2Fsb1U0Mitjd0VwMTgrbnN0ZkpkZnZJK3hNeWowcFdBNVJ1TnNBdkFUWEhuYUdrTkl0L1R4c2FYaFhIR040enBLRW93VTNvSVdHMW1jbmlPNjN0R0ZZbTB2enByR3pCWjhHUk9lRHpUUVVPeWd6RGZ0Vm1QbnFydklwd2w1UDVnZ3RhalFjY2s0YzlDOUdBPT18ZXlKaGJHY2lPaUpTVXpJMU5pSjkuZXlKaGRXUWlPaUp5WldScGMyTmhZMmhsZFhObGNqQXlJaXdpY0hWaWJHbGpTMlY1SWpvaVRGTXdkRXhUTVVOU1ZXUktWR2xDVVZaVlNrMVRWVTFuVXpCV1dreFRNSFJNVXpCTFZGVnNTbEZyYkhGUlZUVkRXakowZUdGSGRIQlNlbXd6VFVWS1FsVlZWa2RSVlVaUVVUQkdVazlGUms1VFZXeERVVEprVEZFd1JsSlNWVVo1WTBoS1JGVlhiRFZTVm5CM1YwWnNZVmt3TkRSak1GSkhVMEZ3TkZGV2JGbGFNR2hZVWtaa01VNVVSakpsYWtKR1YwUm5OV1I2VFhwaFJHZDNUbXhzVVdKVlZrSmpSa1pxV1hwU1JWUnFTa1ppUjA1MlkxZEtNRXN4WkdwaU0yeGFWMGRrVFdWdFZtMVhSM04zWTI1V1NVTnFTVEZVUkZJMFlXeGFVRkZZU2xkUk1rWjNZbFpTZFdKWVFsVldSbGswVWxjNWVsbFdiM0pWYW1SQ1ltMUdhMXBET1V4WmFsWklZVEl4VGxZeVdscGliWGQyVkRBMWFGUXpVbEJSTVZwQ1RWWmFlazlYYzB0VVdGcHZXbFJHU2xwRlNscE9WMDB5WWxSc1NGbFhlRVZoYm14aFRESm9UMkZ0YkU5T1ZscDVVbXRvTVVzd2NIVmhhbWh2WkhwT1QxTnJPVmhUUlhSTlRsYzVTbFF6VGtsVk0wRTBUVVp2ZWxkdFdraFNRWEIyVlVSR1NGSkZjek5UVm5CWVRsVktOV0pGYUZoVGVtaFFWVEZ3ZWxscVNqWmpSRkUxWkROS1IxWnFXa1ZYVmtwc1VqRkdNVkpJUmxCaWVtaHdVakJzV0ZWNlNrWlJhemxOVlRKNGRrMXJPVTlWTTFKS1EydDBlVk5WU2pObFZFNDFZVVZzV0VzeWFGQldXRlpvWlZkdmNsSnVZelZQUlhCdFpHcFdhRmx1Y0U1TE1taFFZVE5DV0ZWcmRIRmxWMmh6VlVkWk1HSXdOVVpMTWtveVltMDVlRlF4VGtaa1ZFbDNWVzV2UzFJeFJrcFNSVVpTVVZWSlMweFRNSFJNVXpGR1ZHdFJaMVZHVmtOVVJXeEVTVVYwUmxkVE1IUk1VekIwUTJjaUxDSmxlSEFpT2pFM05EVTJNVGt5TURJc0ltbGhkQ0k2TVRjME5UWXhOVFl3TWl3aWFuUnBJam9pWlhsS2NtRlhVV2xQYVVwb1l6TmtabU5IYURSWWVrVXpUVlJWTWsxNlNURlBSR04zVG5wWmFVeERTbWhpUjJOcFQybEtVMVY2U1RGT2FVbzVMbVY1U25wa2JVNVZXbGMxYUdKdVVrcGFRMGsyU1cwNWFtRlhVWGhNYmxKc1ltMUdkVmt6YTNWaU1rMTRUR2sxYUZsWFJtaFpWMFpvV1ZoYU5WbFliM2xqYmtJMVlYcFdiVTVVVW14aldFMHdZVmh3ZG1GSVJYbGFNamg2WkVSVk1HSkVVWHBPTWpWeFlsZHNiazF0Um5aaWJtaDRaREpLZG1WWVJuWk5Na1ZwVEVOS2VtUlhTV2xQYVVwMldUSnNhMDFUTlhsYVYxSndZekpPYzJSWVRqQmFXRWwxWWpKTmVFeHVRbTlsUXpWb1lsZEdhRmxYUm1oWldHaDRZMjVhYUdSSWJHaGtSRkpzVGtSa2VXVnVaSHBrTW14NldsUk9jV0l5U214bGJrcHNaVWhPZWxsdFJuRmpia0l5VFcxb2QwNHpXVEJqU0d4c1l6SndOV0V5UldsTVEwcDZaRzFOYVU5cFNubGFWMUp3WTNreGVscFlTakpoVjA1c1RGaFdkV016VW1oWmJYaHNTV2wzYVdGWVRucEphbTlwV1ZoV01HRkdUbXhqYmxwd1dUSlZkV0l6U21oWk1uaHNURzFPZG1KVFNYTkpia3BzWXpFNU1GcFhOV2hpYmxGcFQybEtkbGt5Ykd0TlV6VXdXbGMxYUdKdFRqVk1iVGxxVFZNMGRWbFhSbWhaVjBab1dWZEdNbVZYUmpaTmJrcDNaVmR6TVZwcVZUQmFXRVo2VGtkc05tSXlhSGhOYldSMlRUTlJNVTVIZHpCTmVtUjFZVzB4Y0ZwNlNtaGlNalUwWTFoa2FXSXpiSGhpZWs1b1NXbDNhV05JVWpWalIxVnBUMmxLZVZwWVRuWmtXRXBxV2xOSmMwbHVTbXhqTVRrd1pWaENiRWxxYjJsamJWWnJZVmhPYW1KSVZucGtSMVo1U1dsM2FWbFlWbXRKYW05cFlqSk9jRWxwZDJsamJWWjZXREpzYTBscWIybGlNazV3V2tSRmRXTnRWbXRoV0U1cVlraFdlbVJIVm5sTWJUbHFUVk0xZDJGSVozVlpWekZvV1ZkR2FGbFhSalJqV0VveVdWaFNOVmxZVVRCYVZGRXpZMjV3TTJNelpIQmpNbFY2WVcwNWFWcFljSGxhV0doNll6SkthR0Z1U25ka2FrcHZZMFJrTWs1SVFqVmFXRTV4WlZkMGFFbHBkMmxrU0ZJMVkwZFZhVTlwU25sYVdFNW1Zek5CYVV4RFNubGFXRTVtV1RJNWRHTkhSbmxrUnpGc1ltNVJhVTlwU25aWk1teHJUVk0xYW1JeU1YZFpXRW93WWxkV2RXUkROWFpaZWtWMVRHMUdhRmxYUm1oWlYwWm9UbnBXY1dOWWJHMWhiVFZ1WVZoQk1WbHVaSEJpUjFKcVlXMUdlbVJJVWpKaVJ6QXpaR3BrYUdGdVpETmFSMFkwVG01b2JFNVhhR3BrTW1oeFpGaEtOVnBYU25KalUwbHpTVzFXTkdORFNUWk5WR013VGxSWk1FNVVWVE5QUTNkcFlWZEdNRWxxYjNoT2VsRXhUbXBCZVUxNll6Uk1RMHB4WkVkcmFVOXBTbXRhYW14c1RsUkdhVTlUTUROT1JGa3pURlJTYlU0eVNYUlpWRUpyVGtNeGFVMXFWVEpOZWxGNlRUSktiRmw2UVdsTVEwb3dXbGMxYUdKdVVXbFBhVXAyV1RKc2EwMVROVEJhVnpWb1ltMU9OVXh0T1dwTlV6UjFXVmRHYUZsWFJtaFpWMFl5WlZkR05rMXVTbmRsVjNNeFdtcFZNRnBZUm5wT1IydzJZakpvZUUxdFpIWk5NMUV4VGtkM01FMTZaSFZoYlRGd1ducEthR0l5TlRSaldHUnBZak5zZUdKNlRtaEphWGRwWWpOQ2FreFhVbTVqZVVrMlNXeFpla3hIT1dwaFYxRjRURzVTYkdKdFJuVlpNMnQxWWpKTmVFeHBOV2haVjBab1dWZEdhRmxZV2pWWldHOTVZMjVDTldGNlZtMU9WRkpzWTFoTk1HRlljSFpoU0VWNVdqSTRlbVJFVlRCaVJGRjZUakkxY1dKWGJHNU5iVVoyWW01b2VHUXlTblpsV0VaMlRUSkZjMUZWUmtKUlZVWlNVVlZHUWxGVlNYWmFhazAxVERCR1FsRlZSbkZrZWpBNVRFVkdRbEZWUmtKUlZEQTVTV2wzYVdGdVpISkphbTlwWlRGM2FXRXliR3RZUTBrMldFTktkbGt5Ykd0TlV6VjVXbGRTY0dNeVRuTmtXRTR3V2xoSmRXSXlUWGhNYmtKdlpVTTFhR0pYUm1oWlYwWm9XVmhvZUdOdVdtaGtTR3hvWkVSU2JFNUVaSGxsYm1SNlpESnNlbHBVVG5GaU1rcHNaVzVLYkdWSVRucFpiVVp4WTI1Q01rMXRhSGRPTTFrd1kwaHNiR015Y0RWaE1rWmpTV2w0WTBsdE5XTkphbkJqU1c1c1VGb3pUbWhXYldSelZWUldVR1JYVW1oT00wWnNXbXRTYVdGWVJsTmlTR3hHVm1wbk1HRXpUWGRUVjBaUFVUQktTbEZyVG01VE1UbEhXa1ZrV1ZreldsWmpSVXA0VTFkU1QyRnRkSFZXYmxwT1pESnNWR0ZVVGtWUFNFRXhZVVZPVGsxdVNtNVRSbkJGVkc1R05rNHpRbVpTTVRsdVltMHhRMDFyTVROaWFURTBVV3RhVDFoNlRrSmpNMEpQVGpKV1QwNXRjRWhhVlRrMlZqRkNWR1JGZURKYVJYZDNZa1ZhU2xKck9VbGhNV3MwVVROb1psTnRkRkJrZVRFMFRGTXhSRmRWVmpGT1NHaHlVV3BDWmxaR1pIZGtSbVJPVWxka1MxWkZPVU5WU0doc1UydE9NMDVwTVZOTlIxcFVZVzE0Wmxac2JITmpWVXBEV21wQ1FsVnNUbGxXYlU1UlZWZGtlV0ZIZUhkaGJrWkhWMjFhZUZwWGR6RmlSRkpDWTFac2VtUlZVWGRTZWtaRllVUnJlRll6WkhKVk1uUnNXbXR3ZFZFemNGbFZWbEUxVFd0YWNWZ3lSbEZoYkZKMlQwaEtTVlJFV2tKbFdFNXFUVlJrUWxSV1pGbFdWa0o2WTJzNWJGSlhNV3hTTWtadldWaGtjVTlHYUc5alZrSm9VakIwUjFSV1JtRmxiV2hVWWtkMGMyVkhiR2xXUldzMFQwUmFObFl5Y0VaaFJsbDNZMnhzYkdSVVVUQlRhazB5VFhwa05GcEhjR0ZaVnpWd1ZWVm9RMkV4YUc5UmEyZ3dWVlozYVV4R2QybGFWbmRwVDJ4M2FWRldSa0pSYkhkcFRFWjNhV0V6VWpWWVEwazJXRU5LVTFVd1JtTkphWGhqU1cxR2Mxb3hkMmxQYkhkcFZXeE5lVTVVV21OSmFYaGpTVzVXZWxwV2QybFBiSGRwWXpKc2JsaERTamxKYmpBdVVVNTZlWEZ2WlZnM04wTjJhVVpWYkhsWGMySnZiRzV4Y1ZOZk9FUmxkSFoyVXpkRk9FcFhXbGsyWmtKV1JIVldjbTl2ZWpkVWVGUlZYMUkxY1Zrd1VVRTJaMDQyWjBWYVRITnJhWGxRWW1KZlJUbDJSazlQUzNaZkxVNWZjRTE0T0ZsMWNURm1jRUZQUmxaVVgxQndkWE5HZVRnMFVqWjNhWEpGU2poRGNtOUJkemh0Ym0xQ1duaGxaazVJWjNSUGJYZzVkVmhPYVVWdE9Ua3dialpWT0U5UlFrMXBXVUk1U1hSQ1ZFNTJSekl0VEU0NVFtUXRaV3BUYmpCb1dDMDRSbmRZUVdaQ2JrbE1TRk5zTUd4UGRUQndVRVJqYVRKdVJIaDJhMWxpY1RseFRHcEROMTlCT0RWZmEzaG5OMjlIUzNSUFNtWkljemgwWkd4U2RrY3lTVEExVDB4cFQwdzRZMEZ5UmtKcFVYQnRaRzFOVEhabGJVWkdabGhMVkRVd2RGWmhNMlp0UjFSWFgwaFlRMnAxUzFaS05YbElMVTVyYVcxME1sbDRTRXRuZDBRMGJXVTFiR1ZKYTFBM00wZG9RM05vTjE5bkluMC5QSksyTmVNZ05HLWY0VTJYNUoyUTZVaWVINUdmN3oybUVybUxUUFFBY0lBUDJLQXNsVkRNUVpTV0JZVGZMempjbEhqaHRubkdFOHZ1ZHYwVldJazZSRHRTU0M2cGNJLS1DQzUxemNpMlptcDdyU2N5SGlxX1Z3bm5rbEtVbDhTV0pVRURtWUxPdUs5bXFXY3N1SlNCNi1ZRk5faUFTZmVBczZlSWZLeHVDbmZ6clM1RC1zTUpnUTI3YktOVTR4UmluNWhYVFR0ZXhHNURoMmZ1UENNTzdKUGFGa3VBcGlwTEdwUlY5RDE5LTBhRUtCN0NZcDQxeHVxOUVpenJReVUtdzd2SFMtYnZvNnVyMVh0OGE3dXl3ZGg3UmhQQlhVUWRFRVA4Q2x4RDdKT0U5dkN2Mm5aY0tZMTgxWndHV0lTOVJPdEhCV0I0ZlFIZEt4N1drWloteGc=