From f7e8e37ed2d5db737b70bde34e55e30415091c42 Mon Sep 17 00:00:00 2001
From: Milan Perera <milan@wso2.com>
Date: Thu, 11 Oct 2018 14:13:58 +0530
Subject: [PATCH 01/10] Add iot.http.port to iot-server.sh

---
 modules/distribution/src/core/bin/iot-server.sh | 1 +
 1 file changed, 1 insertion(+)

diff --git a/modules/distribution/src/core/bin/iot-server.sh b/modules/distribution/src/core/bin/iot-server.sh
index b412ae37..03c1f31a 100755
--- a/modules/distribution/src/core/bin/iot-server.sh
+++ b/modules/distribution/src/core/bin/iot-server.sh
@@ -323,6 +323,7 @@ do
     -Dmqtt.broker.port="1886" \
     -Diot.core.host="localhost" \
     -Diot.core.https.port="9443" \
+    -Diot.core.http.port="9763" \
     -Diot.keymanager.host="localhost" \
     -Diot.keymanager.https.port="9443" \
     -Diot.gateway.host="localhost" \

From 725f483e7e188967051dc6f7f77942690375c44b Mon Sep 17 00:00:00 2001
From: geethkokila <geeth@wso2.com>
Date: Sat, 20 Oct 2018 22:14:22 +0530
Subject: [PATCH 02/10] Add the migration to product. I am adding the migration
 related jar file also here. This is due to make this a complete instructive
 package. IS migration and device database migrations are run in two different
 ways.

---
 .../default/api/_TokenAPI_.xml                |  21 +-
 .../apim-migration.sql                        |  35 +
 .../archival.sql                              |  70 ++
 .../cdm-migration.sql                         | 160 ++++
 .../identity-migration/README.txt             |   9 +
 .../dbscripts/step1/identity/db2.sql          |  29 +
 .../5.0.0-SP1/dbscripts/step1/identity/h2.sql |  17 +
 .../dbscripts/step1/identity/mssql.sql        |  12 +
 .../dbscripts/step1/identity/mysql.sql        |  13 +
 .../dbscripts/step1/identity/mysql5.7.sql     |  13 +
 .../dbscripts/step1/identity/oracle.sql       |  15 +
 .../dbscripts/step1/identity/postgresql.sql   |  14 +
 .../5.1.0/dbscripts/step1/identity/db2.sql    | 410 +++++++++
 .../5.1.0/dbscripts/step1/identity/h2.sql     | 226 +++++
 .../5.1.0/dbscripts/step1/identity/mssql.sql  | 238 +++++
 .../5.1.0/dbscripts/step1/identity/mysql.sql  | 271 ++++++
 .../dbscripts/step1/identity/mysql5.7.sql     | 273 ++++++
 .../5.1.0/dbscripts/step1/identity/oracle.sql | 485 +++++++++++
 .../dbscripts/step1/identity/postgresql.sql   | 236 +++++
 .../5.1.0/dbscripts/step1/um/db2.sql          |  12 +
 .../5.1.0/dbscripts/step1/um/h2.sql           |  14 +
 .../5.1.0/dbscripts/step1/um/mssql.sql        |  13 +
 .../5.1.0/dbscripts/step1/um/mysql.sql        |  40 +
 .../5.1.0/dbscripts/step1/um/mysql5.7.sql     |  40 +
 .../5.1.0/dbscripts/step1/um/oracle.sql       | 212 +++++
 .../5.1.0/dbscripts/step1/um/postgresql.sql   |  11 +
 .../5.2.0/dbscripts/step1/identity/db2.sql    |  22 +
 .../5.2.0/dbscripts/step1/identity/h2.sql     |  16 +
 .../5.2.0/dbscripts/step1/identity/mssql.sql  |  16 +
 .../5.2.0/dbscripts/step1/identity/mysql.sql  |  18 +
 .../dbscripts/step1/identity/mysql5.7.sql     |  18 +
 .../5.2.0/dbscripts/step1/identity/oracle.sql |  25 +
 .../dbscripts/step1/identity/postgresql.sql   |  16 +
 .../5.2.0/dbscripts/step1/um/db2.sql          | 111 +++
 .../5.2.0/dbscripts/step1/um/h2.sql           |  96 ++
 .../5.2.0/dbscripts/step1/um/mssql.sql        |  96 ++
 .../5.2.0/dbscripts/step1/um/mysql.sql        |  96 ++
 .../5.2.0/dbscripts/step1/um/mysql5.7.sql     |  96 ++
 .../5.2.0/dbscripts/step1/um/oracle.sql       | 111 +++
 .../5.2.0/dbscripts/step1/um/postgresql.sql   |  96 ++
 .../5.3.0/data/claim-config.xml               | 279 ++++++
 .../5.3.0/data/resources.xml                  |  99 +++
 .../5.3.0/dbscripts/step1/identity/db2.sql    | 181 ++++
 .../5.3.0/dbscripts/step1/identity/h2.sql     |  94 ++
 .../5.3.0/dbscripts/step1/identity/mssql.sql  | 103 +++
 .../5.3.0/dbscripts/step1/identity/mysql.sql  | 119 +++
 .../dbscripts/step1/identity/mysql5.7.sql     | 119 +++
 .../5.3.0/dbscripts/step1/identity/oracle.sql | 200 +++++
 .../dbscripts/step1/identity/postgresql.sql   | 115 +++
 .../5.4.0/data/claim-config.xml               | 824 ++++++++++++++++++
 .../5.4.0/dbscripts/step1/identity/db2.sql    |  17 +
 .../5.4.0/dbscripts/step1/identity/h2.sql     |  14 +
 .../5.4.0/dbscripts/step1/identity/mssql.sql  |  15 +
 .../5.4.0/dbscripts/step1/identity/mysql.sql  |  14 +
 .../dbscripts/step1/identity/mysql5.7.sql     |  14 +
 .../5.4.0/dbscripts/step1/identity/oracle.sql |  24 +
 .../dbscripts/step1/identity/postgresql.sql   |  14 +
 .../5.4.0/dbscripts/step1/um/db2.sql          |   5 +
 .../5.4.0/dbscripts/step1/um/h2.sql           |   3 +
 .../5.4.0/dbscripts/step1/um/mssql.sql        |   3 +
 .../5.4.0/dbscripts/step1/um/mysql.sql        |   3 +
 .../5.4.0/dbscripts/step1/um/mysql5.7.sql     |   3 +
 .../5.4.0/dbscripts/step1/um/oracle.sql       |   5 +
 .../5.4.0/dbscripts/step1/um/postgresql.sql   |   3 +
 .../5.4.0/dbscripts/step2/identity/db2.sql    |  23 +
 .../5.4.0/dbscripts/step2/identity/h2.sql     |  16 +
 .../5.4.0/dbscripts/step2/identity/mssql.sql  |  28 +
 .../5.4.0/dbscripts/step2/identity/mysql.sql  |  21 +
 .../dbscripts/step2/identity/mysql5.7.sql     |  21 +
 .../5.4.0/dbscripts/step2/identity/oracle.sql |  62 ++
 .../dbscripts/step2/identity/postgresql.sql   |  18 +
 .../5.5.0/dbscripts/step1/consent/db2.sql     | 195 +++++
 .../5.5.0/dbscripts/step1/consent/h2.sql      | 121 +++
 .../5.5.0/dbscripts/step1/consent/mssql.sql   | 113 +++
 .../5.5.0/dbscripts/step1/consent/mysql.sql   | 121 +++
 .../dbscripts/step1/consent/mysql5.7.sql      | 121 +++
 .../5.5.0/dbscripts/step1/consent/oracle.sql  | 177 ++++
 .../dbscripts/step1/consent/oracle_rac.sql    | 177 ++++
 .../dbscripts/step1/consent/postgresql.sql    | 141 +++
 .../5.5.0/dbscripts/step1/identity/db2.sql    | 159 ++++
 .../5.5.0/dbscripts/step1/identity/h2.sql     |  76 ++
 .../5.5.0/dbscripts/step1/identity/mssql.sql  |  86 ++
 .../5.5.0/dbscripts/step1/identity/mysql.sql  |  79 ++
 .../dbscripts/step1/identity/mysql5.7.sql     |  77 ++
 .../5.5.0/dbscripts/step1/identity/oracle.sql | 174 ++++
 .../dbscripts/step1/identity/postgresql.sql   |  97 +++
 .../5.5.0/dbscripts/step2/identity/db2.sql    |   4 +
 .../5.5.0/dbscripts/step2/identity/h2.sql     |   2 +
 .../5.5.0/dbscripts/step2/identity/mssql.sql  |   2 +
 .../5.5.0/dbscripts/step2/identity/mysql.sql  |   2 +
 .../dbscripts/step2/identity/mysql5.7.sql     |   2 +
 .../5.5.0/dbscripts/step2/identity/oracle.sql |   4 +
 .../dbscripts/step2/identity/postgresql.sql   |   2 +
 .../migration-resources/migration-config.yaml | 212 +++++
 .../org.wso2.carbon.is.migration-5.5.0.jar    | Bin 0 -> 204005 bytes
 .../ios-migration.sql                         |  43 +
 96 files changed, 8367 insertions(+), 1 deletion(-)
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/apim-migration.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/archival.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/cdm-migration.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/README.txt
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.0.0-SP1/dbscripts/step1/identity/db2.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.0.0-SP1/dbscripts/step1/identity/h2.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.0.0-SP1/dbscripts/step1/identity/mssql.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.0.0-SP1/dbscripts/step1/identity/mysql.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.0.0-SP1/dbscripts/step1/identity/mysql5.7.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.0.0-SP1/dbscripts/step1/identity/oracle.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.0.0-SP1/dbscripts/step1/identity/postgresql.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/identity/db2.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/identity/h2.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/identity/mssql.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/identity/mysql.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/identity/mysql5.7.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/identity/oracle.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/identity/postgresql.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/um/db2.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/um/h2.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/um/mssql.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/um/mysql.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/um/mysql5.7.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/um/oracle.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/um/postgresql.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/identity/db2.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/identity/h2.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/identity/mssql.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/identity/mysql.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/identity/mysql5.7.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/identity/oracle.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/identity/postgresql.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/um/db2.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/um/h2.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/um/mssql.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/um/mysql.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/um/mysql5.7.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/um/oracle.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/um/postgresql.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.3.0/data/claim-config.xml
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.3.0/data/resources.xml
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.3.0/dbscripts/step1/identity/db2.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.3.0/dbscripts/step1/identity/h2.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.3.0/dbscripts/step1/identity/mssql.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.3.0/dbscripts/step1/identity/mysql.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.3.0/dbscripts/step1/identity/mysql5.7.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.3.0/dbscripts/step1/identity/oracle.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.3.0/dbscripts/step1/identity/postgresql.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/data/claim-config.xml
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/identity/db2.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/identity/h2.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/identity/mssql.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/identity/mysql.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/identity/mysql5.7.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/identity/oracle.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/identity/postgresql.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/um/db2.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/um/h2.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/um/mssql.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/um/mysql.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/um/mysql5.7.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/um/oracle.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/um/postgresql.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step2/identity/db2.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step2/identity/h2.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step2/identity/mssql.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step2/identity/mysql.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step2/identity/mysql5.7.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step2/identity/oracle.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step2/identity/postgresql.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/consent/db2.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/consent/h2.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/consent/mssql.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/consent/mysql.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/consent/mysql5.7.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/consent/oracle.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/consent/oracle_rac.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/consent/postgresql.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/identity/db2.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/identity/h2.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/identity/mssql.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/identity/mysql.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/identity/mysql5.7.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/identity/oracle.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/identity/postgresql.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step2/identity/db2.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step2/identity/h2.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step2/identity/mssql.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step2/identity/mysql.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step2/identity/mysql5.7.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step2/identity/oracle.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step2/identity/postgresql.sql
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/migration-config.yaml
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/org.wso2.carbon.is.migration-5.5.0.jar
 create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/ios-migration.sql

diff --git a/modules/distribution/src/core/api-resources/synapse-configs/default/api/_TokenAPI_.xml b/modules/distribution/src/core/api-resources/synapse-configs/default/api/_TokenAPI_.xml
index 74a0315b..d4dd08a1 100644
--- a/modules/distribution/src/core/api-resources/synapse-configs/default/api/_TokenAPI_.xml
+++ b/modules/distribution/src/core/api-resources/synapse-configs/default/api/_TokenAPI_.xml
@@ -2,7 +2,26 @@
     <resource methods="POST" url-mapping="/*" faultSequence="_token_fault_">
         <inSequence>
             <property name="uri.var.portnum" expression="get-property('system','iot.keymanager.https.port')"/>
-	    <property name="uri.var.hostname" expression="get-property('system','iot.keymanager.host')"/>
+	        <property name="uri.var.hostname" expression="get-property('system','iot.keymanager.host')"/>
+            <filter source="$body//scope" regex="PRODUCTION">
+                <then>
+                    <payloadFactory media-type="xml">
+                        <format>
+                            <xformValues>
+                                <refresh_token>$1</refresh_token>
+                                <grant_type>refresh_token</grant_type>
+                            </xformValues>
+                        </format>
+                        <args>
+                            <arg xmlns:m0="http://services.samples/xsd" expression="//refresh_token" />
+                        </args>
+                    </payloadFactory>
+                    <header name="Content-Type" scope="transport" value="application/x-www-form-urlencoded" />
+                    <property name="messageType" scope="axis2" type="STRING" value="application/x-www-form-urlencoded" />
+                </then>
+                <else>
+                </else>
+            </filter>
             <send>
                 <endpoint>
                      <http uri-template="https://{uri.var.hostname}:{uri.var.portnum}/oauth2/token">
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/apim-migration.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/apim-migration.sql
new file mode 100644
index 00000000..85439ba4
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/apim-migration.sql
@@ -0,0 +1,35 @@
+ALTER TABLE AM_SUBSCRIPTION_KEY_MAPPING MODIFY ACCESS_TOKEN VARCHAR(512);
+ALTER TABLE AM_APPLICATION_REGISTRATION MODIFY TOKEN_SCOPE VARCHAR(1500);
+
+CREATE TABLE IF NOT EXISTS `AM_CERTIFICATE_METADATA` (
+  `TENANT_ID` INT(11) NOT NULL,
+  `ALIAS` VARCHAR(45) NOT NULL,
+  `END_POINT` VARCHAR(100) NOT NULL,
+  CONSTRAINT PK_ALIAS PRIMARY KEY (`ALIAS`),
+  CONSTRAINT END_POINT_CONSTRAINT UNIQUE (`END_POINT`)
+) ENGINE=InnoDB;
+
+CREATE TABLE IF NOT EXISTS AM_APPLICATION_GROUP_MAPPING (
+    APPLICATION_ID INTEGER NOT NULL,
+    GROUP_ID VARCHAR(512)NOT NULL,
+    TENANT VARCHAR(255),
+    PRIMARY KEY (APPLICATION_ID,GROUP_ID,TENANT),
+    FOREIGN KEY (APPLICATION_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON DELETE CASCADE ON UPDATE CASCADE
+) ENGINE=InnoDB;
+
+CREATE TABLE IF NOT EXISTS AM_USAGE_UPLOADED_FILES (
+  TENANT_DOMAIN varchar(255) NOT NULL,
+  FILE_NAME varchar(255) NOT NULL,
+  FILE_TIMESTAMP TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+  FILE_PROCESSED tinyint(1) DEFAULT FALSE,
+  FILE_CONTENT MEDIUMBLOB DEFAULT NULL,
+  PRIMARY KEY (TENANT_DOMAIN, FILE_NAME, FILE_TIMESTAMP)
+) ENGINE=InnoDB;
+
+CREATE TABLE IF NOT EXISTS AM_API_LC_PUBLISH_EVENTS (
+    ID INTEGER(11) NOT NULL AUTO_INCREMENT,
+    TENANT_DOMAIN VARCHAR(500) NOT NULL,
+    API_ID VARCHAR(500) NOT NULL,
+    EVENT_TIME TIMESTAMP NOT NULL,
+    PRIMARY KEY (ID)
+) ENGINE=InnoDB;
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/archival.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/archival.sql
new file mode 100644
index 00000000..efc57d71
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/archival.sql
@@ -0,0 +1,70 @@
+-- This database has to be created separately.
+
+CREATE TABLE IF NOT EXISTS DM_OPERATION_ARCH (
+    ID INTEGER NOT NULL,
+    TYPE VARCHAR(20) NOT NULL,
+    CREATED_TIMESTAMP TIMESTAMP NOT NULL,
+    RECEIVED_TIMESTAMP TIMESTAMP NULL,
+    OPERATION_CODE VARCHAR(50) NOT NULL,
+    ARCHIVED_AT TIMESTAMP DEFAULT NOW(),
+    PRIMARY KEY (ID)
+)ENGINE = InnoDB;
+
+
+CREATE TABLE IF NOT EXISTS DM_ENROLMENT_OP_MAPPING_ARCH (
+    ID INTEGER NOT NULL,
+    ENROLMENT_ID INTEGER NOT NULL,
+    OPERATION_ID INTEGER NOT NULL,
+    STATUS VARCHAR(50) NULL,
+    PUSH_NOTIFICATION_STATUS VARCHAR(50) NULL,
+    CREATED_TIMESTAMP INTEGER NOT NULL,
+    UPDATED_TIMESTAMP INTEGER NOT NULL,
+    ARCHIVED_AT TIMESTAMP DEFAULT NOW(),
+    PRIMARY KEY (ID)
+)ENGINE = InnoDB;
+
+
+CREATE TABLE IF NOT EXISTS DM_DEVICE_OPERATION_RESPONSE_ARCH  (
+   ID  INT(11) NOT NULL,
+   ENROLMENT_ID  INTEGER NOT NULL,
+   OPERATION_ID  INTEGER NOT NULL,
+   EN_OP_MAP_ID  INTEGER NOT NULL,
+   OPERATION_RESPONSE  LONGBLOB DEFAULT NULL,
+   RECEIVED_TIMESTAMP  TIMESTAMP NULL,
+   ARCHIVED_AT TIMESTAMP DEFAULT NOW(),
+   PRIMARY KEY (ID)
+)ENGINE = InnoDB;
+
+CREATE TABLE IF NOT EXISTS DM_NOTIFICATION_ARCH (
+    NOTIFICATION_ID INTEGER NOT NULL,
+    DEVICE_ID INTEGER NOT NULL,
+    OPERATION_ID INTEGER NOT NULL,
+    TENANT_ID INTEGER NOT NULL,
+    STATUS VARCHAR(10) NULL,
+    DESCRIPTION VARCHAR(1000) NULL,
+    ARCHIVED_AT TIMESTAMP DEFAULT NOW(),
+    PRIMARY KEY (NOTIFICATION_ID)
+)ENGINE = InnoDB;
+
+CREATE TABLE IF NOT EXISTS DM_COMMAND_OPERATION_ARCH (
+    OPERATION_ID INTEGER NOT NULL,
+    ENABLED BOOLEAN NOT NULL DEFAULT FALSE,
+    ARCHIVED_AT TIMESTAMP DEFAULT NOW(),
+    PRIMARY KEY (OPERATION_ID)
+)ENGINE = InnoDB;
+
+CREATE TABLE IF NOT EXISTS DM_CONFIG_OPERATION_ARCH (
+    OPERATION_ID INTEGER NOT NULL,
+    OPERATION_CONFIG  BLOB DEFAULT NULL,
+    ENABLED BOOLEAN NOT NULL DEFAULT FALSE,
+    ARCHIVED_AT TIMESTAMP DEFAULT NOW(),
+    PRIMARY KEY (OPERATION_ID)
+)ENGINE = InnoDB;
+
+CREATE TABLE IF NOT EXISTS DM_PROFILE_OPERATION_ARCH (
+    OPERATION_ID INTEGER NOT NULL,
+    ENABLED INTEGER NOT NULL DEFAULT 0,
+    OPERATION_DETAILS BLOB DEFAULT NULL,
+    ARCHIVED_AT TIMESTAMP DEFAULT NOW(),
+    PRIMARY KEY (OPERATION_ID)
+)ENGINE = InnoDB;
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/cdm-migration.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/cdm-migration.sql
new file mode 100644
index 00000000..4a0f33ec
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/cdm-migration.sql
@@ -0,0 +1,160 @@
+ALTER TABLE DM_OPERATION
+ADD COLUMN INITIATED_BY VARCHAR(100) NULL DEFAULT NULL AFTER OPERATION_CODE;
+
+CREATE INDEX IDX_DEVICE_TYPE_PROVIDER ON DM_DEVICE_TYPE (NAME, PROVIDER_TENANT_ID);
+CREATE INDEX IDX_DEVICE_TYPE_DEVICE_NAME ON DM_DEVICE_TYPE(ID, NAME);
+
+
+ALTER TABLE DM_DEVICE_APPLICATION_MAPPING
+ADD COLUMN ENROLMENT_ID INT(11) NULL AFTER DEVICE_ID,
+ADD COLUMN APP_PROPERTIES BLOB NULL AFTER TENANT_ID,
+ADD COLUMN MEMORY_USAGE INT(11) NULL AFTER APP_PROPERTIES,
+ADD COLUMN IS_ACTIVE TINYINT NULL AFTER MEMORY_USAGE;
+
+SET SQL_SAFE_UPDATES = 0;
+
+UPDATE DM_DEVICE_APPLICATION_MAPPING dam,
+    DM_ENROLMENT de,
+    DM_APPLICATION da
+SET
+    dam.ENROLMENT_ID = de.ID,
+    dam.MEMORY_USAGE = da.MEMORY_USAGE,
+    dam.APP_PROPERTIES = da.APP_PROPERTIES,
+    dam.IS_ACTIVE = da.IS_ACTIVE
+WHERE
+    dam.APPLICATION_ID = da.ID
+	AND dam.DEVICE_ID = de.DEVICE_ID
+    AND de.STATUS = 'ACTIVE';
+
+SET SQL_SAFE_UPDATES = 1;
+
+
+-- This should run only after the 3.1.0 is shutdown completely.
+
+ALTER TABLE DM_DEVICE_APPLICATION_MAPPING
+CHANGE COLUMN IS_ACTIVE IS_ACTIVE TINYINT(4) NOT NULL ,
+ADD INDEX FK_DM_APP_MAP_DM_ENROL_idx (ENROLMENT_ID ASC);
+ALTER TABLE DM_DEVICE_APPLICATION_MAPPING
+ADD CONSTRAINT FK_DM_APP_MAP_DM_ENROL
+  FOREIGN KEY (ENROLMENT_ID)
+  REFERENCES DM_ENROLMENT (ID)
+  ON DELETE NO ACTION
+  ON UPDATE NO ACTION;
+
+-- Change the notification --
+
+ALTER TABLE DM_NOTIFICATION
+DROP FOREIGN KEY fk_dm_operation_notification;
+ALTER TABLE DM_NOTIFICATION
+CHANGE COLUMN OPERATION_ID OPERATION_ID INT(11) NULL ,
+ADD COLUMN LAST_UPDATED_TIMESTAMP TIMESTAMP NULL AFTER DESCRIPTION;
+
+
+ALTER TABLE DM_NOTIFICATION
+CHANGE COLUMN LAST_UPDATED_TIMESTAMP LAST_UPDATED_TIMESTAMP TIMESTAMP NOT NULL ;
+
+-- Change the device info ---
+
+ALTER TABLE DM_DEVICE_INFO
+ADD COLUMN ENROLMENT_ID INT(11) NULL AFTER DEVICE_ID;
+
+SET SQL_SAFE_UPDATES = 0;
+
+
+UPDATE DM_DEVICE_INFO di,
+    DM_ENROLMENT de
+SET
+    di.ENROLMENT_ID = de.ID
+WHERE
+    di.DEVICE_ID = de.DEVICE_ID
+        AND de.STATUS = 'ACTIVE';
+
+SET SQL_SAFE_UPDATES = 1;
+
+-- This should run only after the 3.1.0 is shutdown completely.
+
+ALTER TABLE DM_DEVICE_INFO
+CHANGE COLUMN ENROLMENT_ID ENROLMENT_ID INT(11) NOT NULL,
+ADD INDEX DM_DEVICE_LOCATION_DM_ENROLLMENT_idx (ENROLMENT_ID ASC);
+ALTER TABLE DM_DEVICE_INFO
+ADD CONSTRAINT DM_DEVICE_LOCATION_DM_ENROLLMENT
+  FOREIGN KEY (ENROLMENT_ID)
+  REFERENCES DM_ENROLMENT (ID)
+  ON DELETE NO ACTION
+  ON UPDATE NO ACTION;
+
+
+-- Change the device location ---
+
+ALTER TABLE DM_DEVICE_LOCATION
+CHANGE COLUMN STREET1 STREET1 VARCHAR(255) NULL DEFAULT NULL ,
+CHANGE COLUMN STREET2 STREET2 VARCHAR(255) NULL DEFAULT NULL ,
+ADD COLUMN ENROLMENT_ID INT(11) NULL AFTER DEVICE_ID,
+ADD COLUMN GEO_HASH VARCHAR(45) NULL AFTER UPDATE_TIMESTAMP,
+ADD INDEX DM_DEVICE_LOCATION_GEO_hashx (GEO_HASH ASC);
+
+
+SET SQL_SAFE_UPDATES = 0;
+
+
+UPDATE DM_DEVICE_LOCATION di,
+    DM_ENROLMENT de
+SET
+    di.ENROLMENT_ID = de.ID
+WHERE
+    di.DEVICE_ID = de.DEVICE_ID
+        AND de.STATUS = 'ACTIVE';
+
+SET SQL_SAFE_UPDATES = 1;
+
+-- This should run only after the 3.1.0 is shutdown completely.
+
+ALTER TABLE DM_DEVICE_LOCATION
+CHANGE COLUMN ENROLMENT_ID ENROLMENT_ID INT(11) NOT NULL ,
+ADD INDEX DM_DEVICE_LOCATION_DM_ENROLLMENT_idx (ENROLMENT_ID ASC);
+ALTER TABLE DM_DEVICE_LOCATION
+ADD CONSTRAINT FK_DM_DEVICE_LOCATION_DM_ENROLLMENT
+  FOREIGN KEY (ENROLMENT_ID)
+  REFERENCES DM_ENROLMENT (ID)
+  ON DELETE NO ACTION
+  ON UPDATE NO ACTION;
+
+
+-- Changes to the device details --
+
+ALTER TABLE DM_DEVICE_DETAIL
+CHANGE COLUMN CONNECTION_TYPE CONNECTION_TYPE VARCHAR(50) NULL DEFAULT NULL ,
+ADD COLUMN ENROLMENT_ID INT(11) NULL AFTER DEVICE_ID;
+
+
+SET SQL_SAFE_UPDATES = 0;
+
+
+UPDATE DM_DEVICE_DETAIL di,
+    DM_ENROLMENT de
+SET
+    di.ENROLMENT_ID = de.ID
+WHERE
+    di.DEVICE_ID = de.DEVICE_ID
+        AND de.STATUS = 'ACTIVE';
+
+SET SQL_SAFE_UPDATES = 1;
+
+-- This should run only after the 3.1.0 is shutdown completely.
+
+ALTER TABLE DM_DEVICE_DETAIL
+CHANGE COLUMN ENROLMENT_ID ENROLMENT_ID INT(11) NOT NULL ,
+ADD INDEX FK_DM_ENROLMENT_DEVICE_DETAILS_idx (ENROLMENT_ID ASC);
+ALTER TABLE DM_DEVICE_DETAIL
+ADD CONSTRAINT FK_DM_ENROLMENT_DEVICE_DETAILS
+  FOREIGN KEY (ENROLMENT_ID)
+  REFERENCES DM_ENROLMENT (ID)
+  ON DELETE NO ACTION
+  ON UPDATE NO ACTION;
+
+-- TEMP TABLE REQUIRED FOR DATA ARCHIVAL JOB
+CREATE TABLE IF NOT EXISTS DM_ARCHIVED_OPERATIONS (
+    ID INTEGER NOT NULL,
+    CREATED_TIMESTAMP TIMESTAMP NOT NULL,
+    PRIMARY KEY (ID)
+)ENGINE = InnoDB;
\ No newline at end of file
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/README.txt b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/README.txt
new file mode 100644
index 00000000..0dd7b577
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/README.txt
@@ -0,0 +1,9 @@
+* Copy the migration-resources folder  to the <IoT-3.3.1-HOME> directory.
+
+* Build this https://github.com/wso2-support/product-is/tree/support-5.5.0/modules/migration/migration-service and
+  copy the org.wso2.carbon.is.migration-5.5.0.jar to the <IoT-3.3.1-HOME>/dropins directory.
+
+* Copy and replace the keystores used in the previous version (IoT-3.1.0) to the <IoT-3.3.1-HOME>/repository/resources/security directory.
+
+* Run the following command
+   ./iot-server.sh -Dmigrate -Dcomponent=identity
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.0.0-SP1/dbscripts/step1/identity/db2.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.0.0-SP1/dbscripts/step1/identity/db2.sql
new file mode 100644
index 00000000..85d06993
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.0.0-SP1/dbscripts/step1/identity/db2.sql
@@ -0,0 +1,29 @@
+CREATE TABLE IDN_AUTH_SESSION_STORE (
+SESSION_ID VARCHAR (100) NOT NULL,
+SESSION_TYPE VARCHAR(100) NOT NULL,
+SESSION_OBJECT BLOB,
+TIME_CREATED TIMESTAMP,
+PRIMARY KEY (SESSION_ID, SESSION_TYPE)
+)/
+
+UPDATE IDP_AUTHENTICATOR SET NAME='samlsso' WHERE NAME = 'saml2sso' AND TENANT_ID = '-1234'/
+
+BEGIN
+ DECLARE STMT VARCHAR(200);
+ FOR v AS cur1 CURSOR FOR
+   select CONSTNAME from SYSCAT.TABCONST WHERE TABNAME='IDP_PROVISIONING_ENTITY' AND TYPE = 'U'
+ DO
+  SET STMT = 'ALTER TABLE IDP_PROVISIONING_ENTITY DROP UNIQUE ' ||  v.CONSTNAME;
+  PREPARE S1 FROM STMT;
+  EXECUTE S1;
+ END FOR;
+END
+/
+
+ALTER TABLE IDP_PROVISIONING_ENTITY ADD CONSTRAINT IDP_PROVISIONING_ENTITY_U1 UNIQUE(PROVISIONING_CONFIG_ID, ENTITY_TYPE, ENTITY_VALUE)
+/
+
+ALTER TABLE IDP_PROVISIONING_ENTITY ADD CONSTRAINT IDP_PROVISIONING_ENTITY_U2 UNIQUE(ENTITY_TYPE, TENANT_ID, ENTITY_LOCAL_USERSTORE, ENTITY_NAME, PROVISIONING_CONFIG_ID)
+/
+
+
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.0.0-SP1/dbscripts/step1/identity/h2.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.0.0-SP1/dbscripts/step1/identity/h2.sql
new file mode 100644
index 00000000..a2b5c255
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.0.0-SP1/dbscripts/step1/identity/h2.sql
@@ -0,0 +1,17 @@
+CREATE TABLE IDN_AUTH_SESSION_STORE (
+  SESSION_ID VARCHAR (100) DEFAULT NULL,
+  SESSION_TYPE VARCHAR(100) DEFAULT NULL,
+  SESSION_OBJECT BLOB,
+  TIME_CREATED TIMESTAMP,
+  PRIMARY KEY (SESSION_ID, SESSION_TYPE)
+);
+
+UPDATE IDP_AUTHENTICATOR SET NAME='samlsso' WHERE NAME = 'saml2sso' AND TENANT_ID = '-1234';
+
+CREATE ALIAS IF NOT EXISTS DROP_FK AS $$ void executeSql(Connection conn, String sql) throws SQLException { conn.createStatement().executeUpdate(sql); } $$;
+
+call drop_fk('ALTER TABLE IDP_PROVISIONING_ENTITY DROP CONSTRAINT ' || (SELECT CONSTRAINT_NAME FROM INFORMATION_SCHEMA.CONSTRAINTS WHERE TABLE_NAME = 'IDP_PROVISIONING_ENTITY' AND COLUMN_LIST  = 'ENTITY_TYPE,TENANT_ID,ENTITY_LOCAL_USERSTORE,ENTITY_NAME'));
+
+ALTER TABLE IDP_PROVISIONING_ENTITY ADD UNIQUE (ENTITY_TYPE, TENANT_ID, ENTITY_LOCAL_USERSTORE, ENTITY_NAME, PROVISIONING_CONFIG_ID);
+
+DROP ALIAS IF EXISTS DROP_FK;
\ No newline at end of file
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.0.0-SP1/dbscripts/step1/identity/mssql.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.0.0-SP1/dbscripts/step1/identity/mssql.sql
new file mode 100644
index 00000000..1bc0472b
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.0.0-SP1/dbscripts/step1/identity/mssql.sql
@@ -0,0 +1,12 @@
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_AUTH_SESSION_STORE]') AND TYPE IN (N'U'))
+CREATE TABLE IDN_AUTH_SESSION_STORE (
+        SESSION_ID VARCHAR (100) DEFAULT NULL,
+        SESSION_TYPE VARCHAR(100) DEFAULT NULL,
+        SESSION_OBJECT VARBINARY(MAX),
+        TIME_CREATED DATETIME,
+        PRIMARY KEY (SESSION_ID, SESSION_TYPE)
+);
+
+UPDATE IDP_AUTHENTICATOR SET NAME='samlsso' WHERE NAME = 'saml2sso' AND TENANT_ID = '-1234';
+
+DECLARE @COMMAND NVARCHAR(200);SELECT @COMMAND='ALTER TABLE IDP_PROVISIONING_ENTITY DROP CONSTRAINT ' + A.CONSTRAINT_NAME + ';' FROM (SELECT * from INFORMATION_SCHEMA.CONSTRAINT_COLUMN_USAGE WHERE TABLE_NAME='IDP_PROVISIONING_ENTITY' AND COLUMN_NAME='ENTITY_TYPE') A INNER JOIN (SELECT * from INFORMATION_SCHEMA.CONSTRAINT_COLUMN_USAGE WHERE TABLE_NAME='IDP_PROVISIONING_ENTITY' AND COLUMN_NAME='TENANT_ID') B ON A.CONSTRAINT_NAME=B.CONSTRAINT_NAME INNER JOIN (SELECT * from INFORMATION_SCHEMA.CONSTRAINT_COLUMN_USAGE WHERE TABLE_NAME='IDP_PROVISIONING_ENTITY' AND COLUMN_NAME='ENTITY_LOCAL_USERSTORE') C ON B.CONSTRAINT_NAME=C.CONSTRAINT_NAME INNER JOIN (SELECT * from INFORMATION_SCHEMA.CONSTRAINT_COLUMN_USAGE WHERE TABLE_NAME='IDP_PROVISIONING_ENTITY' AND COLUMN_NAME='ENTITY_NAME') D ON C.CONSTRAINT_NAME=D.CONSTRAINT_NAME;EXEC (@COMMAND);
\ No newline at end of file
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.0.0-SP1/dbscripts/step1/identity/mysql.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.0.0-SP1/dbscripts/step1/identity/mysql.sql
new file mode 100644
index 00000000..360a17c0
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.0.0-SP1/dbscripts/step1/identity/mysql.sql
@@ -0,0 +1,13 @@
+CREATE TABLE IDN_AUTH_SESSION_STORE (
+  SESSION_ID VARCHAR (100) NOT NULL,
+  SESSION_TYPE VARCHAR(100) NOT NULL,
+  SESSION_OBJECT BLOB,
+  TIME_CREATED TIMESTAMP,
+  PRIMARY KEY (SESSION_ID, SESSION_TYPE)
+)ENGINE INNODB;
+
+UPDATE IDP_AUTHENTICATOR SET NAME='samlsso' WHERE NAME = 'saml2sso' AND TENANT_ID = '-1234';
+
+ALTER TABLE IDP_PROVISIONING_ENTITY DROP INDEX ENTITY_TYPE;
+
+ALTER TABLE IDP_PROVISIONING_ENTITY ADD UNIQUE KEY ENTITY_TYPE( ENTITY_TYPE, TENANT_ID, ENTITY_LOCAL_USERSTORE, ENTITY_NAME, PROVISIONING_CONFIG_ID );
\ No newline at end of file
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.0.0-SP1/dbscripts/step1/identity/mysql5.7.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.0.0-SP1/dbscripts/step1/identity/mysql5.7.sql
new file mode 100644
index 00000000..091505f9
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.0.0-SP1/dbscripts/step1/identity/mysql5.7.sql
@@ -0,0 +1,13 @@
+CREATE TABLE IDN_AUTH_SESSION_STORE (
+  SESSION_ID VARCHAR (100) NOT NULL,
+  SESSION_TYPE VARCHAR(100) NOT NULL,
+  SESSION_OBJECT BLOB,
+  TIME_CREATED TIMESTAMP,
+  PRIMARY KEY (SESSION_ID, SESSION_TYPE)
+)ENGINE INNODB;
+
+UPDATE IDP_AUTHENTICATOR SET NAME='samlsso' WHERE NAME = 'saml2sso' AND TENANT_ID = '-1234';
+
+ALTER TABLE IDP_PROVISIONING_ENTITY DROP INDEX ENTITY_TYPE;
+
+ALTER TABLE IDP_PROVISIONING_ENTITY ADD UNIQUE KEY ENTITY_TYPE( ENTITY_TYPE, TENANT_ID, ENTITY_LOCAL_USERSTORE, ENTITY_NAME, PROVISIONING_CONFIG_ID );
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.0.0-SP1/dbscripts/step1/identity/oracle.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.0.0-SP1/dbscripts/step1/identity/oracle.sql
new file mode 100644
index 00000000..621ab0db
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.0.0-SP1/dbscripts/step1/identity/oracle.sql
@@ -0,0 +1,15 @@
+CREATE TABLE IDN_AUTH_SESSION_STORE (
+            SESSION_ID VARCHAR (100) DEFAULT NULL,
+            SESSION_TYPE VARCHAR(100) DEFAULT NULL,
+            SESSION_OBJECT BLOB,
+            TIME_CREATED TIMESTAMP,
+            PRIMARY KEY (SESSION_ID, SESSION_TYPE)
+)
+/
+
+UPDATE IDP_AUTHENTICATOR SET NAME='samlsso' WHERE NAME = 'saml2sso' AND TENANT_ID = '-1234'
+/
+ALTER TABLE IDP_PROVISIONING_ENTITY DROP UNIQUE (ENTITY_TYPE, TENANT_ID, ENTITY_LOCAL_USERSTORE, ENTITY_NAME)
+/
+ALTER TABLE IDP_PROVISIONING_ENTITY ADD UNIQUE (ENTITY_TYPE, TENANT_ID, ENTITY_LOCAL_USERSTORE, ENTITY_NAME, PROVISIONING_CONFIG_ID)
+/
\ No newline at end of file
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.0.0-SP1/dbscripts/step1/identity/postgresql.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.0.0-SP1/dbscripts/step1/identity/postgresql.sql
new file mode 100644
index 00000000..7dcec226
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.0.0-SP1/dbscripts/step1/identity/postgresql.sql
@@ -0,0 +1,14 @@
+DROP TABLE IF EXISTS IDN_AUTH_SESSION_STORE;
+CREATE TABLE IDN_AUTH_SESSION_STORE (
+  SESSION_ID VARCHAR(100) DEFAULT NULL,
+  SESSION_TYPE VARCHAR(100) DEFAULT NULL,
+  SESSION_OBJECT BYTEA,
+  TIME_CREATED TIMESTAMP,
+  PRIMARY KEY (SESSION_ID, SESSION_TYPE)
+);
+
+UPDATE IDP_AUTHENTICATOR SET NAME='samlsso' WHERE NAME = 'saml2sso' AND TENANT_ID = '-1234';
+
+ALTER TABLE IDP_PROVISIONING_ENTITY DROP CONSTRAINT IDP_PROVISIONING_ENTITY_ENTITY_TYPE_TENANT_ID_ENTITY_LOCAL__KEY;
+
+ALTER TABLE IDP_PROVISIONING_ENTITY ADD CONSTRAINT IDP_PROVISIONING_ENTITY_ENTITY_TYPE_TENANT_ID_ENTITY_LOCAL__KEY UNIQUE(ENTITY_TYPE, TENANT_ID, ENTITY_LOCAL_USERSTORE, ENTITY_NAME, PROVISIONING_CONFIG_ID);
\ No newline at end of file
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/identity/db2.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/identity/db2.sql
new file mode 100644
index 00000000..149866e8
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/identity/db2.sql
@@ -0,0 +1,410 @@
+BEGIN
+  DECLARE const_name VARCHAR(128);
+  DECLARE STMT VARCHAR(200);
+  select CONSTNAME into const_name from SYSCAT.TABCONST WHERE TABNAME='IDN_OAUTH1A_REQUEST_TOKEN' AND TYPE = 'F';
+  SET STMT = 'ALTER TABLE IDN_OAUTH1A_REQUEST_TOKEN DROP FOREIGN KEY ' ||  const_name;
+  PREPARE S1 FROM STMT;
+  EXECUTE S1;
+END
+/
+
+BEGIN
+  DECLARE const_name VARCHAR(128);
+  DECLARE STMT VARCHAR(200);
+  select CONSTNAME into const_name from SYSCAT.TABCONST WHERE TABNAME='IDN_OAUTH1A_ACCESS_TOKEN' AND TYPE = 'F';
+  SET STMT = 'ALTER TABLE IDN_OAUTH1A_ACCESS_TOKEN DROP FOREIGN KEY ' ||  const_name;
+  PREPARE S1 FROM STMT;
+  EXECUTE S1;
+END
+/
+
+BEGIN
+  DECLARE const_name VARCHAR(128);
+  DECLARE STMT VARCHAR(200);
+  select CONSTNAME into const_name from SYSCAT.TABCONST WHERE TABNAME='IDN_OAUTH2_ACCESS_TOKEN' AND TYPE = 'F';
+  SET STMT = 'ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN DROP FOREIGN KEY ' ||  const_name;
+  PREPARE S1 FROM STMT;
+  EXECUTE S1;
+END
+/
+
+BEGIN
+  DECLARE const_name VARCHAR(128);
+  DECLARE STMT VARCHAR(200);
+  select CONSTNAME into const_name from SYSCAT.TABCONST WHERE TABNAME='IDN_OAUTH2_AUTHORIZATION_CODE' AND TYPE = 'F';
+  SET STMT = 'ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE DROP FOREIGN KEY ' ||  const_name;
+  PREPARE S1 FROM STMT;
+  EXECUTE S1;
+END
+/
+
+CREATE TABLE IDP_METADATA (
+  ID INTEGER NOT NULL,
+  IDP_ID INTEGER NOT NULL,
+  NAME VARCHAR(255) NOT NULL,
+  VALUE VARCHAR(255),
+  DISPLAY_NAME VARCHAR(255),
+  TENANT_ID INTEGER DEFAULT -1,
+  PRIMARY KEY (ID),
+  CONSTRAINT IDP_METADATA_CONSTRAINT UNIQUE (IDP_ID, NAME),
+  FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE)
+/
+
+CREATE SEQUENCE IDP_METADATA_SEQ START WITH 1 INCREMENT BY 1 NOCACHE
+/
+CREATE TRIGGER IDP_METADATA_TRIG NO CASCADE
+BEFORE INSERT
+ON IDP_METADATA
+REFERENCING NEW AS NEW
+FOR EACH ROW MODE DB2SQL
+  BEGIN ATOMIC
+    SET (NEW.ID) = (NEXTVAL FOR IDP_METADATA_SEQ);
+  END
+/
+
+INSERT INTO IDP_METADATA (IDP_ID, NAME, VALUE, DISPLAY_NAME, TENANT_ID) SELECT ID, 'SessionIdleTimeout', '15',
+  'Session Idle Timeout', -1234 FROM IDP WHERE TENANT_ID = -1234 AND NAME = 'LOCAL'
+/
+
+INSERT INTO IDP_METADATA (IDP_ID, NAME, VALUE, DISPLAY_NAME, TENANT_ID) SELECT ID, 'RememberMeTimeout', '20160', 'RememberMe Timeout', -1234 FROM IDP WHERE TENANT_ID = -1234 AND NAME = 'LOCAL'
+/
+
+CREATE TABLE SP_METADATA (
+  ID INTEGER NOT NULL,
+  SP_ID INTEGER NOT NULL,
+  NAME VARCHAR(255) NOT NULL,
+  VALUE VARCHAR(255) NOT NULL,
+  DISPLAY_NAME VARCHAR(255),
+  TENANT_ID INTEGER DEFAULT -1,
+  PRIMARY KEY (ID),
+  CONSTRAINT SP_METADATA_CONSTRAINT UNIQUE (SP_ID, NAME),
+  FOREIGN KEY (SP_ID) REFERENCES SP_APP(ID) ON DELETE CASCADE)
+/
+CREATE SEQUENCE SP_METADATA_SEQ START WITH 1 INCREMENT BY 1 NOCACHE
+/
+CREATE TRIGGER SP_METADATA_TRIG NO CASCADE
+BEFORE INSERT
+ON SP_METADATA
+REFERENCING NEW AS NEW
+FOR EACH ROW MODE DB2SQL
+  BEGIN ATOMIC
+    SET (NEW.ID) = (NEXTVAL FOR SP_METADATA_SEQ);
+  END
+/
+
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS DROP PRIMARY KEY
+/
+
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD ID INTEGER NOT NULL DEFAULT 0
+/
+CREATE SEQUENCE IDN_OAUTH_CONSUMER_APPS_SEQUENCE START WITH 1 INCREMENT BY 1 NOCACHE
+/
+CREATE TRIGGER IDN_OAUTH_CONSUMER_APPS_TRIGGER NO CASCADE BEFORE INSERT ON IDN_OAUTH_CONSUMER_APPS REFERENCING NEW AS NEW FOR EACH ROW MODE DB2SQL BEGIN ATOMIC SET (NEW.ID) = (NEXTVAL FOR IDN_OAUTH_CONSUMER_APPS_SEQUENCE); END
+/
+CALL SYSPROC.ADMIN_CMD('REORG TABLE IDN_OAUTH_CONSUMER_APPS')
+/
+UPDATE IDN_OAUTH_CONSUMER_APPS SET ID = IDN_OAUTH_CONSUMER_APPS_SEQUENCE.NEXTVAL
+/
+
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD USER_DOMAIN VARCHAR(50)
+/
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD PRIMARY KEY (ID)
+/
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD CONSTRAINT CONSUMER_KEY_CONSTRAINT UNIQUE (CONSUMER_KEY)
+/
+
+ALTER TABLE IDN_OAUTH1A_REQUEST_TOKEN ADD CONSUMER_KEY_ID INTEGER
+/
+UPDATE IDN_OAUTH1A_REQUEST_TOKEN set CONSUMER_KEY_ID = (select CONSUMER_APPS.ID from IDN_OAUTH_CONSUMER_APPS CONSUMER_APPS where CONSUMER_APPS.CONSUMER_KEY = IDN_OAUTH1A_REQUEST_TOKEN.CONSUMER_KEY)
+/
+ALTER TABLE IDN_OAUTH1A_REQUEST_TOKEN DROP COLUMN CONSUMER_KEY
+/
+ALTER TABLE IDN_OAUTH1A_REQUEST_TOKEN ADD CONSTRAINT IDN_OAUTH1A_REQUEST_TOKEN_F1 FOREIGN KEY(CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE
+/
+ALTER TABLE IDN_OAUTH1A_REQUEST_TOKEN ADD TENANT_ID INTEGER DEFAULT -1
+/
+
+ALTER TABLE IDN_OAUTH1A_ACCESS_TOKEN ADD CONSUMER_KEY_ID INTEGER
+/
+UPDATE IDN_OAUTH1A_ACCESS_TOKEN set CONSUMER_KEY_ID = (select CONSUMER_APPS.ID from IDN_OAUTH_CONSUMER_APPS CONSUMER_APPS where CONSUMER_APPS.CONSUMER_KEY = IDN_OAUTH1A_ACCESS_TOKEN.CONSUMER_KEY)
+/
+ALTER TABLE IDN_OAUTH1A_ACCESS_TOKEN DROP COLUMN CONSUMER_KEY
+/
+ALTER TABLE IDN_OAUTH1A_ACCESS_TOKEN ADD CONSTRAINT IDN_OAUTH1A_ACCESS_TOKEN_F1 FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE
+/
+ALTER TABLE IDN_OAUTH1A_ACCESS_TOKEN ADD TENANT_ID INTEGER DEFAULT -1
+/
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN DROP PRIMARY KEY
+/
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD TOKEN_ID VARCHAR (255)
+/
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD CONSUMER_KEY_ID INTEGER NOT NULL WITH DEFAULT 0
+/
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD GRANT_TYPE VARCHAR (50)
+/
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD SUBJECT_IDENTIFIER VARCHAR(255)
+/
+UPDATE IDN_OAUTH2_ACCESS_TOKEN set CONSUMER_KEY_ID = (select CONSUMER_APPS.ID from IDN_OAUTH_CONSUMER_APPS CONSUMER_APPS where CONSUMER_APPS.CONSUMER_KEY = IDN_OAUTH2_ACCESS_TOKEN.CONSUMER_KEY)
+/
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN DROP UNIQUE CON_APP_KEY
+/
+
+BEGIN
+  DECLARE CONTINUE HANDLER FOR SQLSTATE '42704'
+  BEGIN END;
+  EXECUTE IMMEDIATE 'DROP INDEX IDX_AT_CK_AU';
+END
+/
+
+BEGIN
+  DECLARE CONTINUE HANDLER FOR SQLSTATE '42704'
+  BEGIN END;
+  EXECUTE IMMEDIATE 'DROP INDEX IDX_OAUTH_ACCTKN_CONK_UTYPE';
+END
+/
+
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN DROP COLUMN CONSUMER_KEY
+/
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD TENANT_ID INTEGER NOT NULL WITH DEFAULT -1
+/
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD USER_DOMAIN VARCHAR(50) NOT NULL WITH DEFAULT 'PRIMARY'
+/
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD REFRESH_TOKEN_TIME_CREATED TIMESTAMP
+/
+CALL SYSPROC.ADMIN_CMD('REORG TABLE IDN_OAUTH2_ACCESS_TOKEN')
+/
+UPDATE IDN_OAUTH2_ACCESS_TOKEN SET REFRESH_TOKEN_TIME_CREATED = TIME_CREATED
+/
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD REFRESH_TOKEN_VALIDITY_PERIOD BIGINT
+/
+CALL SYSPROC.ADMIN_CMD('REORG TABLE IDN_OAUTH2_ACCESS_TOKEN')
+/
+UPDATE IDN_OAUTH2_ACCESS_TOKEN SET REFRESH_TOKEN_VALIDITY_PERIOD = 84600000
+/
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD TOKEN_SCOPE_HASH VARCHAR (32) NOT NULL WITH DEFAULT 'DEFAULT'
+/
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ALTER COLUMN TOKEN_STATE_ID  SET DATA TYPE VARCHAR (128)
+/
+CALL SYSPROC.ADMIN_CMD('REORG TABLE IDN_OAUTH2_ACCESS_TOKEN')
+/
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD CONSTRAINT CON_APP_KEY UNIQUE (CONSUMER_KEY_ID,AUTHZ_USER,TENANT_ID,USER_DOMAIN,USER_TYPE,TOKEN_SCOPE_HASH,TOKEN_STATE,TOKEN_STATE_ID)
+/
+CREATE INDEX IDX_AT_CK_AU ON IDN_OAUTH2_ACCESS_TOKEN(CONSUMER_KEY_ID, AUTHZ_USER, TOKEN_STATE, USER_TYPE)
+/
+CREATE INDEX IDX_TC ON IDN_OAUTH2_ACCESS_TOKEN(TIME_CREATED)
+/
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE
+/
+ALTER TABLE IDN_OAUTH2_RESOURCE_SCOPE ADD TENANT_ID INTEGER DEFAULT -1
+/
+ALTER TABLE IDN_OPENID_ASSOCIATIONS ADD TENANT_ID INTEGER DEFAULT -1
+/
+ALTER TABLE IDN_THRIFT_SESSION ADD TENANT_ID INTEGER DEFAULT -1
+/
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD CONSUMER_KEY_ID INTEGER
+/
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD TENANT_ID INTEGER
+/
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD USER_DOMAIN VARCHAR(50) NOT NULL WITH DEFAULT 'PRIMARY'
+/
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD STATE VARCHAR (25) DEFAULT 'ACTIVE'
+/
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD TOKEN_ID VARCHAR(255)
+/
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD CODE_ID VARCHAR (255) NOT NULL WITH DEFAULT 'DEFAULT'
+/
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD SUBJECT_IDENTIFIER VARCHAR(255)
+/
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE DROP PRIMARY KEY
+/
+UPDATE IDN_OAUTH2_AUTHORIZATION_CODE set CONSUMER_KEY_ID = (select ID from IDN_OAUTH_CONSUMER_APPS where IDN_OAUTH_CONSUMER_APPS.CONSUMER_KEY = IDN_OAUTH2_AUTHORIZATION_CODE.CONSUMER_KEY)
+/
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE DROP COLUMN CONSUMER_KEY
+/
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE
+/
+
+CREATE TABLE IDN_OAUTH2_ACCESS_TOKEN_SCOPE (
+  TOKEN_ID VARCHAR (255) NOT NULL,
+  TOKEN_SCOPE VARCHAR (60) NOT NULL,
+  TENANT_ID INTEGER DEFAULT -1,
+  PRIMARY KEY (TOKEN_ID, TOKEN_SCOPE))
+/
+
+ALTER TABLE IDN_IDENTITY_USER_DATA  ALTER COLUMN DATA_VALUE DROP NOT NULL
+/
+
+UPDATE IDN_ASSOCIATED_ID set IDN_ASSOCIATED_ID.IDP_ID = (SELECT IDP.ID FROM IDP WHERE IDP.NAME = IDN_ASSOCIATED_ID.IDP_ID AND IDP.TENANT_ID = IDN_ASSOCIATED_ID.TENANT_ID )
+/
+
+BEGIN
+DECLARE const_name VARCHAR(128);
+DECLARE STMT VARCHAR(200);
+select CONSTNAME into const_name from SYSCAT.TABCONST WHERE TABNAME='IDN_ASSOCIATED_ID' AND TYPE = 'U';
+SET STMT = 'ALTER TABLE IDN_ASSOCIATED_ID DROP UNIQUE ' ||  const_name;
+PREPARE S1 FROM STMT;
+EXECUTE S1;
+END
+/
+ALTER TABLE IDN_ASSOCIATED_ID ALTER COLUMN IDP_ID SET DATA TYPE INTEGER
+/
+CALL SYSPROC.ADMIN_CMD('REORG TABLE IDN_ASSOCIATED_ID')
+/
+ALTER TABLE IDN_ASSOCIATED_ID ADD CONSTRAINT IDN_ASSOCIATED_ID_U1 UNIQUE (IDP_USER_ID, TENANT_ID, IDP_ID)
+/
+ALTER TABLE IDN_ASSOCIATED_ID ADD DOMAIN_NAME VARCHAR(255) NOT NULL WITH DEFAULT 'PRIMARY'
+/
+ALTER TABLE IDN_ASSOCIATED_ID ADD FOREIGN KEY (IDP_ID )  REFERENCES IDP (ID) ON DELETE CASCADE
+/
+
+DELETE FROM IDN_AUTH_SESSION_STORE
+/
+ALTER TABLE IDN_AUTH_SESSION_STORE ADD OPERATION VARCHAR(10) NOT NULL WITH DEFAULT 'INVALID'
+/
+ALTER TABLE IDN_AUTH_SESSION_STORE ADD TENANT_ID INTEGER DEFAULT -1
+/
+ALTER TABLE IDN_AUTH_SESSION_STORE ALTER COLUMN TIME_CREATED  SET DATA TYPE BIGINT
+/
+ALTER TABLE IDN_AUTH_SESSION_STORE ALTER COLUMN TIME_CREATED  SET NOT NULL
+/
+ALTER TABLE IDN_AUTH_SESSION_STORE DROP PRIMARY KEY
+/
+CALL SYSPROC.ADMIN_CMD('REORG TABLE IDN_AUTH_SESSION_STORE')
+/
+ALTER TABLE IDN_AUTH_SESSION_STORE ADD PRIMARY KEY (SESSION_ID, SESSION_TYPE, TIME_CREATED, OPERATION)
+/
+
+ALTER TABLE SP_APP ADD IS_USE_TENANT_DOMAIN_SUBJECT CHAR(1) DEFAULT '1'
+/
+ALTER TABLE SP_APP ADD IS_USE_USER_DOMAIN_SUBJECT CHAR(1) DEFAULT '1'
+/
+ALTER TABLE SP_APP ADD IS_DUMB_MODE CHAR(1) DEFAULT '0'
+/
+
+INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) SELECT -1234, ID, 'IDPProperties' FROM IDP WHERE TENANT_ID=-1234 AND NAME='LOCAL'
+/
+INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) SELECT -1234, ID, 'passivests' FROM IDP WHERE TENANT_ID=-1234 AND NAME='LOCAL'
+/
+INSERT INTO  IDP_AUTHENTICATOR_PROPERTY (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY,PROPERTY_VALUE, IS_SECRET ) SELECT -1234, IDP_AUTHENTICATOR.ID , 'IdPEntityId', 'localhost', '0' FROM IDP_AUTHENTICATOR,IDP WHERE IDP_AUTHENTICATOR.TENANT_ID = -1234 AND IDP_AUTHENTICATOR.NAME = 'passivests' AND IDP.NAME='LOCAL' AND IDP.ID = IDP_AUTHENTICATOR.IDP_ID
+/
+
+ALTER TABLE SP_INBOUND_AUTH ALTER COLUMN INBOUND_AUTH_KEY DROP NOT NULL
+/
+ALTER TABLE IDP_PROVISIONING_ENTITY ADD ENTITY_LOCAL_ID VARCHAR(255)
+/
+
+CREATE TABLE IDN_USER_ACCOUNT_ASSOCIATION (
+  ASSOCIATION_KEY VARCHAR(255) NOT NULL,
+  TENANT_ID INTEGER NOT NULL,
+  DOMAIN_NAME VARCHAR(255) NOT NULL,
+  USER_NAME VARCHAR(255) NOT NULL,
+  PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME))
+/
+
+
+CREATE TABLE FIDO_DEVICE_STORE (
+  TENANT_ID INTEGER NOT NULL,
+  DOMAIN_NAME VARCHAR(255) NOT NULL,
+  USER_NAME VARCHAR(45) NOT NULL,
+  TIME_REGISTERED TIMESTAMP,
+  KEY_HANDLE VARCHAR(200) NOT NULL,
+  DEVICE_DATA VARCHAR(2048) NOT NULL,
+  PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME, KEY_HANDLE))
+/
+
+CREATE TABLE WF_REQUEST (
+  UUID VARCHAR (45) NOT NULL,
+  CREATED_BY VARCHAR (255),
+  TENANT_ID INTEGER NOT NULL DEFAULT -1,
+  OPERATION_TYPE VARCHAR (50),
+  CREATED_AT TIMESTAMP,
+  UPDATED_AT TIMESTAMP,
+  STATUS VARCHAR (30),
+  REQUEST BLOB,
+  PRIMARY KEY (UUID))
+/
+
+CREATE TABLE WF_BPS_PROFILE (
+  PROFILE_NAME VARCHAR(45) NOT NULL,
+  HOST_URL VARCHAR(45),
+  USERNAME VARCHAR(45),
+  PASSWORD VARCHAR(255),
+  CALLBACK_HOST VARCHAR (45),
+  TENANT_ID INTEGER NOT NULL DEFAULT -1,
+  PRIMARY KEY (PROFILE_NAME, TENANT_ID))
+/
+
+CREATE TABLE WF_WORKFLOW(
+  ID VARCHAR (45) NOT NULL,
+  WF_NAME VARCHAR (45),
+  DESCRIPTION VARCHAR (255),
+  TEMPLATE_ID VARCHAR (45),
+  IMPL_ID VARCHAR (45),
+  TENANT_ID INTEGER NOT NULL DEFAULT -1,
+  PRIMARY KEY (ID))
+/
+
+CREATE TABLE WF_WORKFLOW_ASSOCIATION(
+  ID INTEGER NOT NULL,
+  ASSOC_NAME VARCHAR (45),
+  EVENT_ID VARCHAR(45),
+  ASSOC_CONDITION VARCHAR (2000),
+  WORKFLOW_ID VARCHAR (45),
+  IS_ENABLED CHAR (1) DEFAULT '1',
+  TENANT_ID INTEGER DEFAULT -1,
+  PRIMARY KEY(ID),
+  FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE)
+/
+
+CREATE SEQUENCE WF_WORKFLOW_ASSOCIATION_SEQ START WITH 1 INCREMENT BY 1 NOCACHE
+/
+
+CREATE TRIGGER WF_WORKFLOW_ASSOCIATION_TRIG NO CASCADE
+BEFORE INSERT
+ON WF_WORKFLOW_ASSOCIATION
+REFERENCING NEW AS NEW
+FOR EACH ROW MODE DB2SQL
+  BEGIN ATOMIC
+    SET (NEW.ID) = (NEXTVAL FOR WF_WORKFLOW_ASSOCIATION_SEQ);
+  END
+/
+
+CREATE TABLE WF_WORKFLOW_CONFIG_PARAM(
+  WORKFLOW_ID VARCHAR (45) NOT NULL,
+  PARAM_NAME VARCHAR (45) NOT NULL,
+  PARAM_VALUE VARCHAR (1000),
+  PARAM_QNAME VARCHAR (45) NOT NULL,
+  PARAM_HOLDER VARCHAR (45) NOT NULL,
+  TENANT_ID INTEGER DEFAULT -1,
+  PRIMARY KEY (WORKFLOW_ID, PARAM_NAME, PARAM_QNAME, PARAM_HOLDER),
+  FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE)
+/
+
+CREATE TABLE WF_REQUEST_ENTITY_RELATIONSHIP(
+  REQUEST_ID VARCHAR (45) NOT NULL,
+  ENTITY_NAME VARCHAR (255) NOT NULL,
+  ENTITY_TYPE VARCHAR (50) NOT NULL,
+  TENANT_ID INTEGER NOT NULL DEFAULT -1,
+  PRIMARY KEY(REQUEST_ID, ENTITY_NAME, ENTITY_TYPE, TENANT_ID),
+  FOREIGN KEY (REQUEST_ID) REFERENCES WF_REQUEST(UUID)ON DELETE CASCADE)
+/
+
+CREATE TABLE WF_WORKFLOW_REQUEST_RELATION(
+  RELATIONSHIP_ID VARCHAR (45) NOT NULL,
+  WORKFLOW_ID VARCHAR (45),
+  REQUEST_ID VARCHAR (45),
+  UPDATED_AT TIMESTAMP,
+  STATUS VARCHAR (30),
+  TENANT_ID INTEGER DEFAULT -1,
+  PRIMARY KEY (RELATIONSHIP_ID),
+  FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE,
+  FOREIGN KEY (REQUEST_ID) REFERENCES WF_REQUEST(UUID)ON DELETE CASCADE)
+/
+CALL SYSPROC.ADMIN_CMD('REORG TABLE SP_INBOUND_AUTH')
+/
+CALL SYSPROC.ADMIN_CMD('REORG TABLE IDN_OAUTH1A_REQUEST_TOKEN')
+/
+CALL SYSPROC.ADMIN_CMD('REORG TABLE IDN_OAUTH1A_ACCESS_TOKEN')
+/
+CALL SYSPROC.ADMIN_CMD('REORG TABLE IDN_IDENTITY_USER_DATA')
+/
\ No newline at end of file
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/identity/h2.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/identity/h2.sql
new file mode 100644
index 00000000..3220c2b4
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/identity/h2.sql
@@ -0,0 +1,226 @@
+CREATE ALIAS IF NOT EXISTS DROP_FK AS $$ void executeSql(Connection conn, String sql) throws SQLException { conn.createStatement().executeUpdate(sql); } $$;
+
+call drop_fk('ALTER TABLE IDN_OAUTH1A_REQUEST_TOKEN DROP CONSTRAINT ' || (SELECT CONSTRAINT_NAME FROM INFORMATION_SCHEMA.CONSTRAINTS WHERE TABLE_NAME = 'IDN_OAUTH1A_REQUEST_TOKEN' AND COLUMN_LIST  = 'CONSUMER_KEY'));
+call drop_fk('ALTER TABLE IDN_OAUTH1A_ACCESS_TOKEN DROP CONSTRAINT ' || (SELECT CONSTRAINT_NAME FROM INFORMATION_SCHEMA.CONSTRAINTS WHERE TABLE_NAME = 'IDN_OAUTH1A_ACCESS_TOKEN' AND COLUMN_LIST  = 'CONSUMER_KEY'));
+call drop_fk('ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN DROP CONSTRAINT ' || (SELECT CONSTRAINT_NAME FROM INFORMATION_SCHEMA.CONSTRAINTS WHERE TABLE_NAME = 'IDN_OAUTH2_ACCESS_TOKEN' AND COLUMN_LIST  = 'CONSUMER_KEY'));
+call drop_fk('ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE DROP CONSTRAINT ' || (SELECT CONSTRAINT_NAME FROM INFORMATION_SCHEMA.CONSTRAINTS WHERE TABLE_NAME = 'IDN_OAUTH2_AUTHORIZATION_CODE' AND COLUMN_LIST  = 'CONSUMER_KEY'));
+
+CREATE TABLE IF NOT EXISTS IDP_METADATA (
+  ID INTEGER AUTO_INCREMENT,
+  IDP_ID INTEGER,
+  NAME VARCHAR(255) NOT NULL,
+  VALUE VARCHAR(255) NOT NULL,
+  DISPLAY_NAME VARCHAR(255),
+  TENANT_ID INTEGER DEFAULT -1,
+  PRIMARY KEY (ID),
+  CONSTRAINT IDP_METADATA_CONSTRAINT UNIQUE (IDP_ID, NAME),
+  FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE);
+
+INSERT INTO IDP_METADATA (IDP_ID, NAME, VALUE, DISPLAY_NAME, TENANT_ID) SELECT ID, 'SessionIdleTimeout', '15',
+  'Session Idle Timeout', -1234 FROM IDP WHERE TENANT_ID = -1234 AND NAME = 'LOCAL';
+INSERT INTO IDP_METADATA (IDP_ID, NAME, VALUE, DISPLAY_NAME, TENANT_ID) SELECT ID, 'RememberMeTimeout', '20160', 'RememberMe Timeout', -1234 FROM IDP WHERE TENANT_ID = -1234 AND NAME = 'LOCAL';
+
+CREATE TABLE IF NOT EXISTS SP_METADATA (
+  ID INTEGER AUTO_INCREMENT,
+  SP_ID INTEGER,
+  NAME VARCHAR(255) NOT NULL,
+  VALUE VARCHAR(255) NOT NULL,
+  DISPLAY_NAME VARCHAR(255),
+  TENANT_ID INTEGER DEFAULT -1,
+  PRIMARY KEY (ID),
+  CONSTRAINT SP_METADATA_CONSTRAINT UNIQUE (SP_ID, NAME),
+  FOREIGN KEY (SP_ID) REFERENCES SP_APP(ID) ON DELETE CASCADE);
+
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS DROP PRIMARY KEY;
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD ID INTEGER UNSIGNED NOT NULL AUTO_INCREMENT;
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD USER_DOMAIN VARCHAR(50);
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD PRIMARY KEY (ID);
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS ALTER COLUMN CONSUMER_KEY VARCHAR (255)  NOT NULL;
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD CONSTRAINT CONSUMER_KEY_CONSTRAINT UNIQUE (CONSUMER_KEY);
+
+ALTER TABLE IDN_OAUTH1A_REQUEST_TOKEN ADD CONSUMER_KEY_ID INTEGER;
+UPDATE IDN_OAUTH1A_REQUEST_TOKEN REQUEST_TOKEN set REQUEST_TOKEN.CONSUMER_KEY_ID = (select CONSUMER_APPS.ID from IDN_OAUTH_CONSUMER_APPS CONSUMER_APPS where CONSUMER_APPS.CONSUMER_KEY = REQUEST_TOKEN.CONSUMER_KEY);
+ALTER TABLE IDN_OAUTH1A_REQUEST_TOKEN DROP COLUMN CONSUMER_KEY;
+ALTER TABLE IDN_OAUTH1A_REQUEST_TOKEN ADD FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE;
+ALTER TABLE IDN_OAUTH1A_REQUEST_TOKEN ADD TENANT_ID INTEGER DEFAULT -1;
+
+ALTER TABLE IDN_OAUTH1A_ACCESS_TOKEN ADD CONSUMER_KEY_ID INTEGER;
+UPDATE IDN_OAUTH1A_ACCESS_TOKEN ACCESS_TOKEN set ACCESS_TOKEN.CONSUMER_KEY_ID = (select CONSUMER_APPS.ID from IDN_OAUTH_CONSUMER_APPS CONSUMER_APPS where CONSUMER_APPS.CONSUMER_KEY = ACCESS_TOKEN.CONSUMER_KEY);
+ALTER TABLE IDN_OAUTH1A_ACCESS_TOKEN DROP COLUMN CONSUMER_KEY;
+ALTER TABLE IDN_OAUTH1A_ACCESS_TOKEN ADD FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE;
+ALTER TABLE IDN_OAUTH1A_ACCESS_TOKEN ADD TENANT_ID INTEGER DEFAULT -1;
+
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN DROP PRIMARY KEY;
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD TOKEN_ID VARCHAR (255);
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD CONSUMER_KEY_ID INTEGER;
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD GRANT_TYPE VARCHAR (50);
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD SUBJECT_IDENTIFIER VARCHAR(255);
+UPDATE IDN_OAUTH2_ACCESS_TOKEN ACCESS_TOKEN set ACCESS_TOKEN.CONSUMER_KEY_ID = (select CONSUMER_APPS.ID from IDN_OAUTH_CONSUMER_APPS CONSUMER_APPS where CONSUMER_APPS.CONSUMER_KEY = ACCESS_TOKEN.CONSUMER_KEY);
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN DROP CONSTRAINT CON_APP_KEY;
+DROP INDEX IF EXISTS IDX_AT_CK_AU;
+DROP INDEX IF EXISTS IDX_OAUTH_ACCTKN_CONK_UTYPE;
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN DROP COLUMN CONSUMER_KEY;
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD TENANT_ID INTEGER;
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD USER_DOMAIN VARCHAR(50);
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD REFRESH_TOKEN_TIME_CREATED TIMESTAMP DEFAULT 0;
+UPDATE IDN_OAUTH2_ACCESS_TOKEN SET REFRESH_TOKEN_TIME_CREATED = TIME_CREATED;
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD REFRESH_TOKEN_VALIDITY_PERIOD BIGINT;
+UPDATE IDN_OAUTH2_ACCESS_TOKEN SET REFRESH_TOKEN_VALIDITY_PERIOD = 84600000;
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD TOKEN_SCOPE_HASH VARCHAR (32);
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ALTER COLUMN TOKEN_STATE_ID VARCHAR (128) DEFAULT 'NONE' NOT NULL;
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD CONSTRAINT CON_APP_KEY UNIQUE (CONSUMER_KEY_ID,AUTHZ_USER,TENANT_ID,USER_DOMAIN,USER_TYPE,TOKEN_SCOPE_HASH,TOKEN_STATE,TOKEN_STATE_ID);
+CREATE INDEX IDX_AT_CK_AU ON IDN_OAUTH2_ACCESS_TOKEN(CONSUMER_KEY_ID, AUTHZ_USER, TOKEN_STATE, USER_TYPE);
+CREATE INDEX IDX_TC ON IDN_OAUTH2_ACCESS_TOKEN(TIME_CREATED);
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE;
+
+ALTER TABLE IDN_OAUTH2_RESOURCE_SCOPE ADD TENANT_ID INTEGER DEFAULT -1;
+ALTER TABLE IDN_OPENID_ASSOCIATIONS ADD TENANT_ID INTEGER DEFAULT -1;
+ALTER TABLE IDN_THRIFT_SESSION ADD TENANT_ID INTEGER DEFAULT -1;
+
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD CONSUMER_KEY_ID INTEGER;
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD TENANT_ID INTEGER;
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD USER_DOMAIN VARCHAR(50);
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD STATE VARCHAR (25) DEFAULT 'ACTIVE';
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD TOKEN_ID VARCHAR(255);
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD CODE_ID VARCHAR (255);
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD SUBJECT_IDENTIFIER VARCHAR(255);
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE DROP PRIMARY KEY;
+UPDATE IDN_OAUTH2_AUTHORIZATION_CODE AUTHORIZATION_CODE set AUTHORIZATION_CODE.CONSUMER_KEY_ID = (select CONSUMER_APPS.ID from IDN_OAUTH_CONSUMER_APPS CONSUMER_APPS where CONSUMER_APPS.CONSUMER_KEY = AUTHORIZATION_CODE.CONSUMER_KEY);
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE DROP COLUMN CONSUMER_KEY;
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE;
+
+CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN_SCOPE (
+  TOKEN_ID VARCHAR (255),
+  TOKEN_SCOPE VARCHAR (60),
+  TENANT_ID INTEGER DEFAULT -1,
+  PRIMARY KEY (TOKEN_ID, TOKEN_SCOPE)
+);
+
+DROP TABLE IF EXISTS IDN_SCIM_PROVIDER;
+
+ALTER TABLE IDN_IDENTITY_USER_DATA  ALTER COLUMN DATA_VALUE SET NULL;
+
+UPDATE IDN_ASSOCIATED_ID set IDN_ASSOCIATED_ID.IDP_ID = (SELECT IDP.ID FROM IDP WHERE IDP.NAME = IDN_ASSOCIATED_ID.IDP_ID AND IDP.TENANT_ID = IDN_ASSOCIATED_ID.TENANT_ID );
+ALTER TABLE IDN_ASSOCIATED_ID ALTER COLUMN IDP_ID INTEGER;
+ALTER TABLE IDN_ASSOCIATED_ID ADD DOMAIN_NAME VARCHAR(255);
+ALTER TABLE IDN_ASSOCIATED_ID ADD FOREIGN KEY (IDP_ID )  REFERENCES IDP (ID) ON DELETE CASCADE;
+
+DELETE FROM IDN_AUTH_SESSION_STORE;
+ALTER TABLE IDN_AUTH_SESSION_STORE ALTER COLUMN SESSION_ID DROP DEFAULT;
+ALTER TABLE IDN_AUTH_SESSION_STORE ALTER COLUMN SESSION_ID SET NOT NULL;
+ALTER TABLE IDN_AUTH_SESSION_STORE ALTER COLUMN SESSION_TYPE DROP DEFAULT;
+ALTER TABLE IDN_AUTH_SESSION_STORE ALTER COLUMN SESSION_TYPE SET NOT NULL;
+ALTER TABLE IDN_AUTH_SESSION_STORE ALTER COLUMN TIME_CREATED SET NOT NULL;
+ALTER TABLE IDN_AUTH_SESSION_STORE ALTER COLUMN TIME_CREATED BIGINT;
+ALTER TABLE IDN_AUTH_SESSION_STORE ADD OPERATION VARCHAR(10) NOT NULL;
+ALTER TABLE IDN_AUTH_SESSION_STORE ADD TENANT_ID INTEGER DEFAULT -1;
+ALTER TABLE IDN_AUTH_SESSION_STORE DROP PRIMARY KEY;
+ALTER TABLE IDN_AUTH_SESSION_STORE ADD PRIMARY KEY (SESSION_ID, SESSION_TYPE, TIME_CREATED, OPERATION);
+
+ALTER TABLE SP_APP ADD IS_USE_TENANT_DOMAIN_SUBJECT CHAR(1) DEFAULT '1' NOT NULL;
+ALTER TABLE SP_APP ADD IS_USE_USER_DOMAIN_SUBJECT CHAR(1) DEFAULT '1' NOT NULL;
+ALTER TABLE SP_APP ADD IS_DUMB_MODE CHAR(1) DEFAULT '0';
+
+INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) SELECT -1234, ID, 'IDPProperties' FROM IDP WHERE TENANT_ID=-1234 AND NAME='LOCAL';
+INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) SELECT -1234, ID, 'passivests' FROM IDP WHERE TENANT_ID=-1234 AND NAME='LOCAL';
+
+INSERT INTO  IDP_AUTHENTICATOR_PROPERTY (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY,PROPERTY_VALUE, IS_SECRET ) SELECT -1234, IDP_AUTHENTICATOR.ID , 'IdPEntityId', 'localhost', '0' FROM IDP_AUTHENTICATOR,IDP WHERE IDP_AUTHENTICATOR.TENANT_ID = -1234 AND IDP_AUTHENTICATOR.NAME = 'passivests' AND IDP.NAME='LOCAL' AND IDP.ID = IDP_AUTHENTICATOR.IDP_ID;
+
+ALTER TABLE SP_INBOUND_AUTH ALTER COLUMN INBOUND_AUTH_KEY SET NULL;
+
+ALTER TABLE IDP_PROVISIONING_ENTITY ADD ENTITY_LOCAL_ID VARCHAR(255);
+
+CREATE TABLE IF NOT EXISTS IDN_USER_ACCOUNT_ASSOCIATION (
+  ASSOCIATION_KEY VARCHAR(255) NOT NULL,
+  TENANT_ID INTEGER,
+  DOMAIN_NAME VARCHAR(255) NOT NULL,
+  USER_NAME VARCHAR(255) NOT NULL,
+  PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME));
+
+CREATE TABLE IF NOT EXISTS FIDO_DEVICE_STORE (
+  TENANT_ID INTEGER,
+  DOMAIN_NAME VARCHAR(255) NOT NULL,
+  USER_NAME VARCHAR(45) NOT NULL,
+  TIME_REGISTERED TIMESTAMP,
+  KEY_HANDLE VARCHAR(200) NOT NULL,
+  DEVICE_DATA LONGVARCHAR NOT NULL,
+  PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME, KEY_HANDLE));
+
+CREATE TABLE IF NOT EXISTS WF_REQUEST (
+  UUID VARCHAR (45),
+  CREATED_BY VARCHAR (255),
+  TENANT_ID INTEGER DEFAULT -1,
+  OPERATION_TYPE VARCHAR (50),
+  CREATED_AT TIMESTAMP,
+  UPDATED_AT TIMESTAMP,
+  STATUS VARCHAR (30),
+  REQUEST BLOB,
+  PRIMARY KEY (UUID)
+);
+
+CREATE TABLE IF NOT EXISTS WF_BPS_PROFILE (
+  PROFILE_NAME VARCHAR(45),
+  HOST_URL_MANAGER VARCHAR(45),
+  HOST_URL_WORKER VARCHAR(45),
+  USERNAME VARCHAR(45),
+  PASSWORD VARCHAR(255),
+  CALLBACK_HOST VARCHAR (45),
+  TENANT_ID INTEGER DEFAULT -1,
+  PRIMARY KEY (PROFILE_NAME, TENANT_ID)
+);
+
+CREATE TABLE IF NOT EXISTS WF_WORKFLOW(
+  ID VARCHAR (45),
+  WF_NAME VARCHAR (45),
+  DESCRIPTION VARCHAR (255),
+  TEMPLATE_ID VARCHAR (45),
+  IMPL_ID VARCHAR (45),
+  TENANT_ID INTEGER DEFAULT -1,
+  PRIMARY KEY (ID)
+);
+
+CREATE TABLE IF NOT EXISTS WF_WORKFLOW_ASSOCIATION(
+  ID INTEGER NOT NULL AUTO_INCREMENT,
+  ASSOC_NAME VARCHAR (45),
+  EVENT_ID VARCHAR(45),
+  ASSOC_CONDITION VARCHAR (2000),
+  WORKFLOW_ID VARCHAR (45),
+  IS_ENABLED CHAR (1) DEFAULT '1',
+  TENANT_ID INTEGER DEFAULT -1,
+  PRIMARY KEY(ID),
+  FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE
+);
+
+CREATE TABLE IF NOT EXISTS WF_WORKFLOW_CONFIG_PARAM(
+  WORKFLOW_ID VARCHAR (45),
+  PARAM_NAME VARCHAR (45),
+  PARAM_VALUE VARCHAR (1000),
+  PARAM_QNAME VARCHAR (45),
+  PARAM_HOLDER VARCHAR (45),
+  TENANT_ID INTEGER DEFAULT -1,
+  PRIMARY KEY (WORKFLOW_ID, PARAM_NAME, PARAM_QNAME, PARAM_HOLDER),
+  FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE
+);
+
+CREATE TABLE IF NOT EXISTS WF_REQUEST_ENTITY_RELATIONSHIP(
+  REQUEST_ID VARCHAR (45),
+  ENTITY_NAME VARCHAR (255),
+  ENTITY_TYPE VARCHAR (50),
+  TENANT_ID INTEGER DEFAULT -1,
+  PRIMARY KEY(REQUEST_ID, ENTITY_NAME, ENTITY_TYPE, TENANT_ID),
+  FOREIGN KEY (REQUEST_ID) REFERENCES WF_REQUEST(UUID)ON DELETE CASCADE
+);
+
+CREATE TABLE IF NOT EXISTS WF_WORKFLOW_REQUEST_RELATION(
+  RELATIONSHIP_ID VARCHAR (45),
+  WORKFLOW_ID VARCHAR (45),
+  REQUEST_ID VARCHAR (45),
+  UPDATED_AT TIMESTAMP,
+  STATUS VARCHAR (30),
+  TENANT_ID INTEGER DEFAULT -1,
+  PRIMARY KEY (RELATIONSHIP_ID),
+  FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE,
+  FOREIGN KEY (REQUEST_ID) REFERENCES WF_REQUEST(UUID)ON DELETE CASCADE
+);
+
+DROP ALIAS IF EXISTS DROP_FK;
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/identity/mssql.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/identity/mssql.sql
new file mode 100644
index 00000000..d8508d0d
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/identity/mssql.sql
@@ -0,0 +1,238 @@
+DECLARE @COMMAND NVARCHAR(200);SELECT @COMMAND= 'ALTER TABLE IDN_OAUTH1A_REQUEST_TOKEN DROP CONSTRAINT ' + RC.CONSTRAINT_NAME + ';' FROM INFORMATION_SCHEMA.REFERENTIAL_CONSTRAINTS RC JOIN INFORMATION_SCHEMA.KEY_COLUMN_USAGE KF ON RC.CONSTRAINT_NAME = KF.CONSTRAINT_NAME JOIN INFORMATION_SCHEMA.KEY_COLUMN_USAGE KP ON RC.UNIQUE_CONSTRAINT_NAME = KP.CONSTRAINT_NAME WHERE KF.TABLE_NAME = 'IDN_OAUTH1A_REQUEST_TOKEN';EXEC (@COMMAND);
+
+DECLARE @COMMAND NVARCHAR(200);SELECT @COMMAND='ALTER TABLE IDN_OAUTH1A_ACCESS_TOKEN DROP CONSTRAINT ' + RC.CONSTRAINT_NAME + ';' FROM INFORMATION_SCHEMA.REFERENTIAL_CONSTRAINTS RC JOIN INFORMATION_SCHEMA.KEY_COLUMN_USAGE KF ON RC.CONSTRAINT_NAME = KF.CONSTRAINT_NAME JOIN INFORMATION_SCHEMA.KEY_COLUMN_USAGE KP ON RC.UNIQUE_CONSTRAINT_NAME = KP.CONSTRAINT_NAME WHERE KF.TABLE_NAME = 'IDN_OAUTH1A_ACCESS_TOKEN';EXEC (@COMMAND);
+
+DECLARE @COMMAND NVARCHAR(200);SELECT @COMMAND='ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN DROP CONSTRAINT ' + RC.CONSTRAINT_NAME  + ';' FROM INFORMATION_SCHEMA.REFERENTIAL_CONSTRAINTS RC JOIN INFORMATION_SCHEMA.KEY_COLUMN_USAGE KF ON RC.CONSTRAINT_NAME = KF.CONSTRAINT_NAME JOIN INFORMATION_SCHEMA.KEY_COLUMN_USAGE KP ON RC.UNIQUE_CONSTRAINT_NAME = KP.CONSTRAINT_NAME WHERE KF.TABLE_NAME = 'IDN_OAUTH2_ACCESS_TOKEN';EXEC (@COMMAND);
+
+DECLARE @COMMAND NVARCHAR(200);SELECT @COMMAND='ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE DROP CONSTRAINT ' + RC.CONSTRAINT_NAME + ';' FROM INFORMATION_SCHEMA.REFERENTIAL_CONSTRAINTS RC JOIN INFORMATION_SCHEMA.KEY_COLUMN_USAGE KF ON RC.CONSTRAINT_NAME = KF.CONSTRAINT_NAME JOIN INFORMATION_SCHEMA.KEY_COLUMN_USAGE KP ON RC.UNIQUE_CONSTRAINT_NAME = KP.CONSTRAINT_NAME WHERE KF.TABLE_NAME = 'IDN_OAUTH2_AUTHORIZATION_CODE';EXEC (@COMMAND);
+
+DECLARE @COMMAND NVARCHAR(200);SELECT @COMMAND='ALTER TABLE IDN_OAUTH_CONSUMER_APPS DROP CONSTRAINT ' + NAME + ';' FROM   sys.key_constraints WHERE  [type] = 'PK' AND [parent_object_id] = Object_id('dbo.IDN_OAUTH_CONSUMER_APPS');EXEC (@COMMAND);
+
+DECLARE @COMMAND NVARCHAR(200);SELECT @COMMAND='ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN DROP CONSTRAINT ' + NAME + ';' FROM   sys.key_constraints WHERE  [type] = 'PK' AND [parent_object_id] = Object_id('dbo.IDN_OAUTH2_ACCESS_TOKEN');EXEC (@COMMAND);
+
+DECLARE @COMMAND NVARCHAR(200);SELECT @COMMAND='ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE DROP CONSTRAINT ' + NAME + ';' FROM   sys.key_constraints WHERE  [type] = 'PK' AND [parent_object_id] = Object_id('dbo.IDN_OAUTH2_AUTHORIZATION_CODE');EXEC (@COMMAND);
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDP_METADATA]') AND TYPE IN (N'U'))
+  CREATE TABLE IDP_METADATA (
+    ID INTEGER IDENTITY,
+    IDP_ID INTEGER,
+    NAME VARCHAR(255) NOT NULL,
+    VALUE VARCHAR(255) NOT NULL,
+    DISPLAY_NAME VARCHAR(255),
+    TENANT_ID INTEGER DEFAULT -1,
+    PRIMARY KEY (ID),
+    CONSTRAINT IDP_METADATA_CONSTRAINT UNIQUE (IDP_ID, NAME),
+    FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE);
+
+INSERT INTO IDP_METADATA (IDP_ID, NAME, VALUE, DISPLAY_NAME, TENANT_ID) SELECT ID, 'SessionIdleTimeout', '15',
+  'Session Idle Timeout', -1234 FROM IDP WHERE TENANT_ID = -1234 AND NAME = 'LOCAL';
+INSERT INTO IDP_METADATA (IDP_ID, NAME, VALUE, DISPLAY_NAME, TENANT_ID) SELECT ID, 'RememberMeTimeout', '20160', 'RememberMe Timeout', -1234 FROM IDP WHERE TENANT_ID = -1234 AND NAME = 'LOCAL';
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[SP_METADATA]') AND TYPE IN (N'U'))
+  CREATE TABLE SP_METADATA (
+    ID INTEGER IDENTITY,
+    SP_ID INTEGER,
+    NAME VARCHAR(255) NOT NULL,
+    VALUE VARCHAR(255) NOT NULL,
+    DISPLAY_NAME VARCHAR(255),
+    TENANT_ID INTEGER DEFAULT -1,
+    PRIMARY KEY (ID),
+    CONSTRAINT SP_METADATA_CONSTRAINT UNIQUE (SP_ID, NAME),
+    FOREIGN KEY (SP_ID) REFERENCES SP_APP(ID) ON DELETE CASCADE);
+
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD ID INTEGER NOT NULL IDENTITY PRIMARY KEY;
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD USER_DOMAIN VARCHAR(50);
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS ALTER COLUMN CONSUMER_KEY VARCHAR (255)  NOT NULL;
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD CONSTRAINT CONSUMER_KEY_CONSTRAINT UNIQUE (CONSUMER_KEY);
+
+ALTER TABLE IDN_OAUTH1A_REQUEST_TOKEN ADD CONSUMER_KEY_ID INTEGER;
+UPDATE IDN_OAUTH1A_REQUEST_TOKEN set IDN_OAUTH1A_REQUEST_TOKEN.CONSUMER_KEY_ID = (select IDN_OAUTH_CONSUMER_APPS.ID from IDN_OAUTH_CONSUMER_APPS where IDN_OAUTH_CONSUMER_APPS.CONSUMER_KEY = IDN_OAUTH1A_REQUEST_TOKEN.CONSUMER_KEY);
+ALTER TABLE IDN_OAUTH1A_REQUEST_TOKEN DROP COLUMN CONSUMER_KEY;
+ALTER TABLE IDN_OAUTH1A_REQUEST_TOKEN ADD FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE;
+ALTER TABLE IDN_OAUTH1A_REQUEST_TOKEN ADD TENANT_ID INTEGER DEFAULT -1;
+
+ALTER TABLE IDN_OAUTH1A_ACCESS_TOKEN ADD CONSUMER_KEY_ID INTEGER;
+UPDATE IDN_OAUTH1A_ACCESS_TOKEN set IDN_OAUTH1A_ACCESS_TOKEN.CONSUMER_KEY_ID = (select IDN_OAUTH_CONSUMER_APPS.ID from IDN_OAUTH_CONSUMER_APPS where IDN_OAUTH_CONSUMER_APPS.CONSUMER_KEY = IDN_OAUTH1A_ACCESS_TOKEN.CONSUMER_KEY);
+ALTER TABLE IDN_OAUTH1A_ACCESS_TOKEN DROP COLUMN CONSUMER_KEY;
+ALTER TABLE IDN_OAUTH1A_ACCESS_TOKEN ADD FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE;
+ALTER TABLE IDN_OAUTH1A_ACCESS_TOKEN ADD TENANT_ID INTEGER DEFAULT -1;
+
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD TOKEN_ID VARCHAR (255);
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD CONSUMER_KEY_ID INTEGER;
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD GRANT_TYPE VARCHAR (50);
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD SUBJECT_IDENTIFIER VARCHAR(255);
+UPDATE IDN_OAUTH2_ACCESS_TOKEN set IDN_OAUTH2_ACCESS_TOKEN.CONSUMER_KEY_ID = (select IDN_OAUTH_CONSUMER_APPS.ID from IDN_OAUTH_CONSUMER_APPS where IDN_OAUTH_CONSUMER_APPS.CONSUMER_KEY = IDN_OAUTH2_ACCESS_TOKEN.CONSUMER_KEY);
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN DROP CONSTRAINT CON_APP_KEY;
+IF EXISTS (SELECT *  FROM sys.indexes WHERE name='IDX_AT_CK_AU') begin DROP INDEX IDN_OAUTH2_ACCESS_TOKEN.IDX_AT_CK_AU; end;
+IF EXISTS (SELECT *  FROM sys.indexes WHERE name='IDX_OAUTH_ACCTKN_CONK_UTYPE') begin DROP INDEX IDN_OAUTH2_ACCESS_TOKEN.IDX_OAUTH_ACCTKN_CONK_UTYPE; end;
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN DROP COLUMN CONSUMER_KEY;
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD TENANT_ID INTEGER;
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD USER_DOMAIN VARCHAR(50);
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD REFRESH_TOKEN_TIME_CREATED DATETIME;
+UPDATE IDN_OAUTH2_ACCESS_TOKEN SET REFRESH_TOKEN_TIME_CREATED = TIME_CREATED;
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD REFRESH_TOKEN_VALIDITY_PERIOD BIGINT;
+UPDATE IDN_OAUTH2_ACCESS_TOKEN SET REFRESH_TOKEN_VALIDITY_PERIOD = 84600000;
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD TOKEN_SCOPE_HASH VARCHAR (32);
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ALTER COLUMN TOKEN_STATE_ID VARCHAR (128);
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD CONSTRAINT CON_APP_KEY UNIQUE (CONSUMER_KEY_ID,AUTHZ_USER,TENANT_ID,USER_DOMAIN,USER_TYPE,TOKEN_SCOPE_HASH,TOKEN_STATE,TOKEN_STATE_ID);
+CREATE INDEX IDX_AT_CK_AU ON IDN_OAUTH2_ACCESS_TOKEN(CONSUMER_KEY_ID, AUTHZ_USER, TOKEN_STATE, USER_TYPE);
+CREATE INDEX IDX_TC ON IDN_OAUTH2_ACCESS_TOKEN(TIME_CREATED);
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE;
+
+ALTER TABLE IDN_OAUTH2_RESOURCE_SCOPE ADD TENANT_ID INTEGER DEFAULT -1;
+ALTER TABLE IDN_OPENID_ASSOCIATIONS ADD TENANT_ID INTEGER DEFAULT -1;
+ALTER TABLE IDN_THRIFT_SESSION ADD TENANT_ID INTEGER DEFAULT -1;
+
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD CONSUMER_KEY_ID INTEGER;
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD TENANT_ID INTEGER;
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD USER_DOMAIN VARCHAR(50);
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD STATE VARCHAR (25) DEFAULT 'ACTIVE';
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD TOKEN_ID VARCHAR(255);
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD CODE_ID VARCHAR (255);
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD SUBJECT_IDENTIFIER VARCHAR(255);
+UPDATE IDN_OAUTH2_AUTHORIZATION_CODE set IDN_OAUTH2_AUTHORIZATION_CODE.CONSUMER_KEY_ID = (select IDN_OAUTH_CONSUMER_APPS.ID from IDN_OAUTH_CONSUMER_APPS where IDN_OAUTH_CONSUMER_APPS.CONSUMER_KEY = IDN_OAUTH2_AUTHORIZATION_CODE.CONSUMER_KEY);
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE DROP COLUMN CONSUMER_KEY;
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE;
+
+DROP TABLE IDN_SCIM_PROVIDER;
+
+ALTER TABLE IDN_IDENTITY_USER_DATA ALTER COLUMN DATA_VALUE VARCHAR(255) NULL;
+
+DECLARE @COMMAND NVARCHAR(200);SELECT @COMMAND='ALTER TABLE IDN_ASSOCIATED_ID DROP CONSTRAINT ' + NAME + ';' FROM sys.key_constraints WHERE  [type] = 'UQ' AND [parent_object_id] = Object_id('dbo.IDN_ASSOCIATED_ID');EXEC (@COMMAND);
+UPDATE IDN_ASSOCIATED_ID set IDN_ASSOCIATED_ID.IDP_ID = (SELECT IDP.ID FROM IDP WHERE IDP.NAME = IDN_ASSOCIATED_ID.IDP_ID AND IDP.TENANT_ID = IDN_ASSOCIATED_ID.TENANT_ID );
+ALTER TABLE IDN_ASSOCIATED_ID ALTER COLUMN IDP_ID INTEGER;
+ALTER TABLE IDN_ASSOCIATED_ID ADD DOMAIN_NAME VARCHAR(255);
+ALTER TABLE IDN_ASSOCIATED_ID ADD UNIQUE(IDP_USER_ID, TENANT_ID, IDP_ID);
+ALTER TABLE IDN_ASSOCIATED_ID ADD FOREIGN KEY (IDP_ID ) REFERENCES IDP (ID) ON DELETE CASCADE;
+
+DELETE FROM IDN_AUTH_SESSION_STORE;
+ALTER TABLE IDN_AUTH_SESSION_STORE ALTER COLUMN SESSION_ID VARCHAR (100) NOT NULL;
+ALTER TABLE IDN_AUTH_SESSION_STORE ALTER COLUMN SESSION_TYPE VARCHAR(100) NOT NULL;
+ALTER TABLE IDN_AUTH_SESSION_STORE DROP COLUMN TIME_CREATED;
+ALTER TABLE IDN_AUTH_SESSION_STORE ADD TIME_CREATED BIGINT NOT NULL;
+ALTER TABLE IDN_AUTH_SESSION_STORE ADD OPERATION VARCHAR(10) NOT NULL;
+ALTER TABLE IDN_AUTH_SESSION_STORE ADD TENANT_ID INTEGER DEFAULT -1;
+DECLARE @COMMAND NVARCHAR(200);SELECT @COMMAND='ALTER TABLE IDN_AUTH_SESSION_STORE DROP CONSTRAINT ' + NAME + ';' FROM   sys.key_constraints WHERE  [type] = 'PK' AND [parent_object_id] = Object_id('dbo.IDN_AUTH_SESSION_STORE');EXEC (@COMMAND);
+ALTER TABLE IDN_AUTH_SESSION_STORE ADD PRIMARY KEY (SESSION_ID, SESSION_TYPE, TIME_CREATED, OPERATION);
+
+ALTER TABLE SP_APP ADD IS_USE_TENANT_DOMAIN_SUBJECT CHAR(1) DEFAULT '1' NOT NULL;
+ALTER TABLE SP_APP ADD IS_USE_USER_DOMAIN_SUBJECT CHAR(1) DEFAULT '1' NOT NULL;
+ALTER TABLE SP_APP ADD IS_DUMB_MODE CHAR(1) DEFAULT '0';
+
+INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) SELECT -1234, ID, 'IDPProperties' FROM IDP WHERE TENANT_ID=-1234 AND NAME='LOCAL';
+INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) SELECT -1234, ID, 'passivests' FROM IDP WHERE TENANT_ID=-1234 AND NAME='LOCAL';
+
+INSERT INTO  IDP_AUTHENTICATOR_PROPERTY (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY,PROPERTY_VALUE, IS_SECRET ) SELECT -1234, IDP_AUTHENTICATOR.ID , 'IdPEntityId', 'localhost', '0' FROM IDP_AUTHENTICATOR,IDP WHERE IDP_AUTHENTICATOR.TENANT_ID = -1234 AND IDP_AUTHENTICATOR.NAME = 'passivests' AND IDP.NAME='LOCAL' AND IDP.ID = IDP_AUTHENTICATOR.IDP_ID;
+
+ALTER TABLE SP_INBOUND_AUTH ALTER COLUMN INBOUND_AUTH_KEY VARCHAR (255) NULL;
+
+ALTER TABLE IDP_PROVISIONING_ENTITY ADD ENTITY_LOCAL_ID VARCHAR(255);
+
+CREATE TABLE IDN_OAUTH2_ACCESS_TOKEN_SCOPE (
+  TOKEN_ID VARCHAR (255),
+  TOKEN_SCOPE VARCHAR (60),
+  TENANT_ID INTEGER DEFAULT -1,
+  PRIMARY KEY (TOKEN_ID, TOKEN_SCOPE)
+);
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_USER_ACCOUNT_ASSOCIATION]') AND TYPE IN (N'U'))
+  CREATE TABLE IDN_USER_ACCOUNT_ASSOCIATION (
+    ASSOCIATION_KEY VARCHAR(255) NOT NULL,
+    TENANT_ID INTEGER,
+    DOMAIN_NAME VARCHAR(255) NOT NULL,
+    USER_NAME VARCHAR(255) NOT NULL,
+    PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME));
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[FIDO_DEVICE_STORE]') AND TYPE IN (N'U'))
+  CREATE TABLE FIDO_DEVICE_STORE (
+    TENANT_ID INTEGER,
+    DOMAIN_NAME VARCHAR(255) NOT NULL,
+    USER_NAME VARCHAR(45) NOT NULL,
+    TIME_REGISTERED DATETIME,
+    KEY_HANDLE VARCHAR(200) NOT NULL,
+    DEVICE_DATA VARCHAR(2048) NOT NULL,
+    PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME, KEY_HANDLE));
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[WF_REQUEST]') AND TYPE IN (N'U'))
+  CREATE TABLE WF_REQUEST (
+    UUID VARCHAR (45),
+    CREATED_BY VARCHAR (255),
+    TENANT_ID INTEGER DEFAULT -1,
+    OPERATION_TYPE VARCHAR (50),
+    CREATED_AT DATETIME,
+    UPDATED_AT DATETIME,
+    STATUS VARCHAR (30),
+    REQUEST VARBINARY(MAX),
+    PRIMARY KEY (UUID)
+  );
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[WF_BPS_PROFILE]') AND TYPE IN (N'U'))
+  CREATE TABLE WF_BPS_PROFILE (
+    PROFILE_NAME VARCHAR(45),
+    HOST_URL_MANAGER VARCHAR(45),
+    HOST_URL_WORKER VARCHAR(45),
+    USERNAME VARCHAR(45),
+    PASSWORD VARCHAR(255),
+    CALLBACK_HOST VARCHAR (45),
+    TENANT_ID INTEGER DEFAULT -1,
+    PRIMARY KEY (PROFILE_NAME, TENANT_ID)
+  );
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[WF_WORKFLOW]') AND TYPE IN (N'U'))
+  CREATE TABLE WF_WORKFLOW(
+    ID VARCHAR (45),
+    WF_NAME VARCHAR (45),
+    DESCRIPTION VARCHAR (255),
+    TEMPLATE_ID VARCHAR (45),
+    IMPL_ID VARCHAR (45),
+    TENANT_ID INTEGER DEFAULT -1,
+    PRIMARY KEY (ID)
+  );
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[WF_WORKFLOW_ASSOCIATION]') AND TYPE IN (N'U'))
+  CREATE TABLE WF_WORKFLOW_ASSOCIATION(
+    ID INTEGER NOT NULL IDENTITY ,
+    ASSOC_NAME VARCHAR (45),
+    EVENT_ID VARCHAR(45),
+    ASSOC_CONDITION VARCHAR (2000),
+    WORKFLOW_ID VARCHAR (45),
+    IS_ENABLED CHAR (1) DEFAULT '1',
+    TENANT_ID INTEGER DEFAULT -1,
+    PRIMARY KEY(ID),
+    FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE
+  );
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[WF_WORKFLOW_CONFIG_PARAM]') AND TYPE IN (N'U'))
+  CREATE TABLE WF_WORKFLOW_CONFIG_PARAM(
+    WORKFLOW_ID VARCHAR (45),
+    PARAM_NAME VARCHAR (45),
+    PARAM_VALUE VARCHAR (1000),
+    PARAM_QNAME VARCHAR (45),
+    PARAM_HOLDER VARCHAR (45),
+    TENANT_ID INTEGER DEFAULT -1,
+    PRIMARY KEY (WORKFLOW_ID, PARAM_NAME, PARAM_QNAME, PARAM_HOLDER),
+    FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE
+  );
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[WF_REQUEST_ENTITY_RELATIONSHIP]') AND TYPE IN (N'U'))
+  CREATE TABLE WF_REQUEST_ENTITY_RELATIONSHIP(
+    REQUEST_ID VARCHAR (45),
+    ENTITY_NAME VARCHAR (255),
+    ENTITY_TYPE VARCHAR (50),
+    TENANT_ID INTEGER DEFAULT -1,
+    PRIMARY KEY(REQUEST_ID, ENTITY_NAME, ENTITY_TYPE, TENANT_ID),
+    FOREIGN KEY (REQUEST_ID) REFERENCES WF_REQUEST(UUID)ON DELETE CASCADE
+  );
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[WF_WORKFLOW_REQUEST_RELATION]') AND TYPE IN (N'U'))
+  CREATE TABLE WF_WORKFLOW_REQUEST_RELATION(
+    RELATIONSHIP_ID VARCHAR (45),
+    WORKFLOW_ID VARCHAR (45),
+    REQUEST_ID VARCHAR (45),
+    UPDATED_AT DATETIME,
+    STATUS VARCHAR (30),
+    TENANT_ID INTEGER DEFAULT -1,
+    PRIMARY KEY (RELATIONSHIP_ID),
+    FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE,
+    FOREIGN KEY (REQUEST_ID) REFERENCES WF_REQUEST(UUID)ON DELETE CASCADE
+  );
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/identity/mysql.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/identity/mysql.sql
new file mode 100644
index 00000000..d1be1314
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/identity/mysql.sql
@@ -0,0 +1,271 @@
+DROP PROCEDURE IF EXISTS drop_index_if_exists;
+CREATE PROCEDURE drop_index_if_exists(in theTable varchar(128), in theIndexName varchar(128) ) BEGIN IF((SELECT COUNT(*) AS index_exists FROM information_schema.statistics WHERE TABLE_SCHEMA = DATABASE() and table_name = theTable AND index_name = theIndexName) > 0) THEN SET @s = CONCAT('DROP INDEX ' , theIndexName , ' ON ' , theTable); PREPARE stmt FROM @s; EXECUTE stmt; END IF; END;
+
+SELECT CONCAT("ALTER TABLE IDN_OAUTH1A_REQUEST_TOKEN DROP FOREIGN KEY ",constraint_name)
+INTO @sqlst
+FROM INFORMATION_SCHEMA.KEY_COLUMN_USAGE
+where TABLE_SCHEMA = @databasename and TABLE_NAME = "IDN_OAUTH1A_REQUEST_TOKEN"
+and referenced_column_name is not NULL limit 1;
+
+PREPARE stmt FROM @sqlst;
+EXECUTE stmt;
+DEALLOCATE PREPARE stmt;
+SET @sqlst = NULL;
+
+SELECT CONCAT("ALTER TABLE IDN_OAUTH1A_ACCESS_TOKEN DROP FOREIGN KEY ",constraint_name)
+INTO @sqlst
+FROM INFORMATION_SCHEMA.KEY_COLUMN_USAGE
+where TABLE_SCHEMA = @databasename and TABLE_NAME = "IDN_OAUTH1A_ACCESS_TOKEN"
+and referenced_column_name is not NULL limit 1;
+
+PREPARE stmt FROM @sqlst;
+EXECUTE stmt;
+DEALLOCATE PREPARE stmt;
+SET @sqlst = NULL;
+
+SELECT CONCAT("ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN DROP FOREIGN KEY ",constraint_name)
+INTO @sqlst
+FROM INFORMATION_SCHEMA.KEY_COLUMN_USAGE
+where TABLE_SCHEMA = @databasename and TABLE_NAME = "IDN_OAUTH2_ACCESS_TOKEN"
+and referenced_column_name is not NULL limit 1;
+
+PREPARE stmt FROM @sqlst;
+EXECUTE stmt;
+DEALLOCATE PREPARE stmt;
+SET @sqlst = NULL;
+
+SELECT CONCAT("ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE DROP FOREIGN KEY ",constraint_name)
+INTO @sqlst
+FROM INFORMATION_SCHEMA.KEY_COLUMN_USAGE
+where TABLE_SCHEMA = @databasename and TABLE_NAME = "IDN_OAUTH2_AUTHORIZATION_CODE"
+and referenced_column_name is not NULL limit 1;
+
+PREPARE stmt FROM @sqlst;
+EXECUTE stmt;
+DEALLOCATE PREPARE stmt;
+SET @sqlst = NULL;
+
+CREATE TABLE IF NOT EXISTS IDP_METADATA (
+  ID INTEGER AUTO_INCREMENT,
+  IDP_ID INTEGER,
+  NAME VARCHAR(255) NOT NULL,
+  VALUE VARCHAR(255) NOT NULL,
+  DISPLAY_NAME VARCHAR(255),
+  TENANT_ID INTEGER DEFAULT -1,
+  PRIMARY KEY (ID),
+  CONSTRAINT IDP_METADATA_CONSTRAINT UNIQUE (IDP_ID, NAME),
+  FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE
+)ENGINE INNODB;
+
+INSERT INTO IDP_METADATA (IDP_ID, NAME, VALUE, DISPLAY_NAME, TENANT_ID) SELECT ID, 'SessionIdleTimeout', '15',
+  'Session Idle Timeout', -1234 FROM IDP WHERE TENANT_ID = -1234 AND NAME = 'LOCAL';
+INSERT INTO IDP_METADATA (IDP_ID, NAME, VALUE, DISPLAY_NAME, TENANT_ID) SELECT ID, 'RememberMeTimeout', '20160', 'RememberMe Timeout', -1234 FROM IDP WHERE TENANT_ID = -1234 AND NAME = 'LOCAL';
+
+CREATE TABLE IF NOT EXISTS SP_METADATA (
+  ID INTEGER AUTO_INCREMENT,
+  SP_ID INTEGER,
+  NAME VARCHAR(255) NOT NULL,
+  VALUE VARCHAR(255) NOT NULL,
+  DISPLAY_NAME VARCHAR(255),
+  TENANT_ID INTEGER DEFAULT -1,
+  PRIMARY KEY (ID),
+  CONSTRAINT SP_METADATA_CONSTRAINT UNIQUE (SP_ID, NAME),
+  FOREIGN KEY (SP_ID) REFERENCES SP_APP(ID) ON DELETE CASCADE
+)ENGINE INNODB;
+
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS DROP PRIMARY KEY;
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD ID INTEGER NOT NULL AUTO_INCREMENT PRIMARY KEY;
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD USER_DOMAIN VARCHAR(50);
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS MODIFY COLUMN CONSUMER_KEY VARCHAR (255)  NOT NULL;
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD CONSTRAINT CONSUMER_KEY_CONSTRAINT UNIQUE (CONSUMER_KEY);
+
+ALTER TABLE IDN_OAUTH1A_REQUEST_TOKEN ADD CONSUMER_KEY_ID INTEGER;
+UPDATE IDN_OAUTH1A_REQUEST_TOKEN REQUEST_TOKEN set REQUEST_TOKEN.CONSUMER_KEY_ID = (select CONSUMER_APPS.ID from IDN_OAUTH_CONSUMER_APPS CONSUMER_APPS where CONSUMER_APPS.CONSUMER_KEY = REQUEST_TOKEN.CONSUMER_KEY);
+ALTER TABLE IDN_OAUTH1A_REQUEST_TOKEN DROP COLUMN CONSUMER_KEY;
+ALTER TABLE IDN_OAUTH1A_REQUEST_TOKEN ADD FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE;
+ALTER TABLE IDN_OAUTH1A_REQUEST_TOKEN ADD TENANT_ID INTEGER DEFAULT -1;
+
+ALTER TABLE IDN_OAUTH1A_ACCESS_TOKEN ADD CONSUMER_KEY_ID INTEGER;
+UPDATE IDN_OAUTH1A_ACCESS_TOKEN ACCESS_TOKEN set ACCESS_TOKEN.CONSUMER_KEY_ID = (select CONSUMER_APPS.ID from IDN_OAUTH_CONSUMER_APPS CONSUMER_APPS where CONSUMER_APPS.CONSUMER_KEY = ACCESS_TOKEN.CONSUMER_KEY);
+ALTER TABLE IDN_OAUTH1A_ACCESS_TOKEN DROP COLUMN CONSUMER_KEY;
+ALTER TABLE IDN_OAUTH1A_ACCESS_TOKEN ADD FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE;
+ALTER TABLE IDN_OAUTH1A_ACCESS_TOKEN ADD TENANT_ID INTEGER DEFAULT -1;
+
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN DROP PRIMARY KEY;
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD TOKEN_ID VARCHAR (255);
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD CONSUMER_KEY_ID INTEGER;
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD GRANT_TYPE VARCHAR (50);
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD SUBJECT_IDENTIFIER VARCHAR(255);
+UPDATE IDN_OAUTH2_ACCESS_TOKEN ACCESS_TOKEN set ACCESS_TOKEN.CONSUMER_KEY_ID = (select CONSUMER_APPS.ID from IDN_OAUTH_CONSUMER_APPS CONSUMER_APPS where CONSUMER_APPS.CONSUMER_KEY = ACCESS_TOKEN.CONSUMER_KEY);
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN DROP INDEX CON_APP_KEY;
+CALL drop_index_if_exists("IDN_OAUTH2_ACCESS_TOKEN", "IDX_AT_CK_AU");
+CALL drop_index_if_exists("IDN_OAUTH2_ACCESS_TOKEN", "IDX_OAUTH_ACCTKN_CONK_UTYPE");
+
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN DROP COLUMN CONSUMER_KEY;
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD TENANT_ID INTEGER;
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD USER_DOMAIN VARCHAR(50);
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD REFRESH_TOKEN_TIME_CREATED TIMESTAMP DEFAULT 0;
+UPDATE IDN_OAUTH2_ACCESS_TOKEN SET REFRESH_TOKEN_TIME_CREATED = TIME_CREATED;
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD REFRESH_TOKEN_VALIDITY_PERIOD BIGINT;
+UPDATE IDN_OAUTH2_ACCESS_TOKEN SET REFRESH_TOKEN_VALIDITY_PERIOD = 84600000;
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD TOKEN_SCOPE_HASH VARCHAR (32);
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN MODIFY COLUMN TOKEN_STATE_ID VARCHAR (128) DEFAULT 'NONE' NOT NULL;
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD CONSTRAINT CON_APP_KEY UNIQUE (CONSUMER_KEY_ID,AUTHZ_USER,TENANT_ID,USER_DOMAIN,USER_TYPE,TOKEN_SCOPE_HASH,TOKEN_STATE,TOKEN_STATE_ID);
+CREATE INDEX IDX_AT_CK_AU ON IDN_OAUTH2_ACCESS_TOKEN(CONSUMER_KEY_ID, AUTHZ_USER, TOKEN_STATE, USER_TYPE);
+CREATE INDEX IDX_TC ON IDN_OAUTH2_ACCESS_TOKEN(TIME_CREATED);
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE;
+
+ALTER TABLE IDN_OAUTH2_RESOURCE_SCOPE ADD TENANT_ID INTEGER DEFAULT -1;
+ALTER TABLE IDN_OPENID_ASSOCIATIONS ADD TENANT_ID INTEGER DEFAULT -1;
+ALTER TABLE IDN_THRIFT_SESSION ADD TENANT_ID INTEGER DEFAULT -1;
+
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD CONSUMER_KEY_ID INTEGER;
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD TENANT_ID INTEGER;
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD USER_DOMAIN VARCHAR(50);
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD STATE VARCHAR (25) DEFAULT 'ACTIVE';
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD TOKEN_ID VARCHAR(255);
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD CODE_ID VARCHAR (255);
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD SUBJECT_IDENTIFIER VARCHAR(255);
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE DROP PRIMARY KEY;
+UPDATE IDN_OAUTH2_AUTHORIZATION_CODE AUTHORIZATION_CODE set AUTHORIZATION_CODE.CONSUMER_KEY_ID = (select CONSUMER_APPS.ID from IDN_OAUTH_CONSUMER_APPS CONSUMER_APPS where CONSUMER_APPS.CONSUMER_KEY = AUTHORIZATION_CODE.CONSUMER_KEY);
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE DROP COLUMN CONSUMER_KEY;
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE;
+
+DROP TABLE IF EXISTS IDN_SCIM_PROVIDER;
+
+ALTER TABLE IDN_IDENTITY_USER_DATA  MODIFY COLUMN DATA_VALUE VARCHAR(255) NULL;
+
+ALTER TABLE IDN_ASSOCIATED_ID MODIFY COLUMN IDP_ID VARCHAR(255);
+UPDATE IDN_ASSOCIATED_ID set IDN_ASSOCIATED_ID.IDP_ID = (SELECT IDP.ID FROM IDP WHERE IDP.NAME = IDN_ASSOCIATED_ID.IDP_ID AND IDP.TENANT_ID = IDN_ASSOCIATED_ID.TENANT_ID );
+DELETE FROM IDN_ASSOCIATED_ID WHERE IDP_ID is NULL;
+ALTER TABLE IDN_ASSOCIATED_ID MODIFY COLUMN IDP_ID INTEGER NOT NULL;
+ALTER TABLE IDN_ASSOCIATED_ID ADD DOMAIN_NAME VARCHAR(255);
+ALTER TABLE IDN_ASSOCIATED_ID ADD FOREIGN KEY (IDP_ID )  REFERENCES IDP (ID) ON DELETE CASCADE;
+
+DELETE FROM IDN_AUTH_SESSION_STORE;
+ALTER TABLE IDN_AUTH_SESSION_STORE ALTER COLUMN SESSION_ID DROP DEFAULT;
+ALTER TABLE IDN_AUTH_SESSION_STORE MODIFY COLUMN SESSION_ID VARCHAR (100) NOT NULL;
+ALTER TABLE IDN_AUTH_SESSION_STORE ALTER COLUMN SESSION_TYPE DROP DEFAULT;
+ALTER TABLE IDN_AUTH_SESSION_STORE MODIFY COLUMN SESSION_TYPE VARCHAR(100) NOT NULL;
+ALTER TABLE IDN_AUTH_SESSION_STORE MODIFY COLUMN TIME_CREATED BIGINT NOT NULL;
+ALTER TABLE IDN_AUTH_SESSION_STORE ADD OPERATION VARCHAR(10) NOT NULL;
+ALTER TABLE IDN_AUTH_SESSION_STORE ADD TENANT_ID INTEGER DEFAULT -1;
+ALTER TABLE IDN_AUTH_SESSION_STORE DROP PRIMARY KEY;
+ALTER TABLE IDN_AUTH_SESSION_STORE ADD PRIMARY KEY (SESSION_ID, SESSION_TYPE, TIME_CREATED, OPERATION);
+
+ALTER TABLE SP_APP ADD IS_USE_TENANT_DOMAIN_SUBJECT CHAR(1) DEFAULT '1' NOT NULL;
+ALTER TABLE SP_APP ADD IS_USE_USER_DOMAIN_SUBJECT CHAR(1) DEFAULT '1' NOT NULL;
+ALTER TABLE SP_APP ADD IS_DUMB_MODE CHAR(1) DEFAULT '0';
+
+INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) SELECT -1234, ID, 'IDPProperties' FROM IDP WHERE TENANT_ID=-1234 AND NAME='LOCAL';
+INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) SELECT -1234, ID, 'passivests' FROM IDP WHERE TENANT_ID=-1234 AND NAME='LOCAL';
+
+INSERT INTO  IDP_AUTHENTICATOR_PROPERTY (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY,PROPERTY_VALUE, IS_SECRET ) SELECT -1234, IDP_AUTHENTICATOR.ID , 'IdPEntityId', 'localhost', '0' FROM IDP_AUTHENTICATOR,IDP WHERE IDP_AUTHENTICATOR.TENANT_ID = -1234 AND IDP_AUTHENTICATOR.NAME = 'passivests' AND IDP.NAME='LOCAL' AND IDP.ID = IDP_AUTHENTICATOR.IDP_ID;
+
+ALTER TABLE SP_INBOUND_AUTH MODIFY COLUMN INBOUND_AUTH_KEY VARCHAR (255);
+
+ALTER TABLE IDP_PROVISIONING_ENTITY ADD ENTITY_LOCAL_ID VARCHAR(255);
+
+CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN_SCOPE (
+  TOKEN_ID VARCHAR (255),
+  TOKEN_SCOPE VARCHAR (60),
+  TENANT_ID INTEGER DEFAULT -1,
+  PRIMARY KEY (TOKEN_ID, TOKEN_SCOPE)
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_USER_ACCOUNT_ASSOCIATION (
+  ASSOCIATION_KEY VARCHAR(255) NOT NULL,
+  TENANT_ID INTEGER,
+  DOMAIN_NAME VARCHAR(255) NOT NULL,
+  USER_NAME VARCHAR(255) NOT NULL,
+  PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME)
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS FIDO_DEVICE_STORE (
+  TENANT_ID INTEGER,
+  DOMAIN_NAME VARCHAR(255) NOT NULL,
+  USER_NAME VARCHAR(45) NOT NULL,
+  TIME_REGISTERED TIMESTAMP,
+  KEY_HANDLE VARCHAR(200) NOT NULL,
+  DEVICE_DATA VARCHAR(2048) NOT NULL,
+  PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME, KEY_HANDLE)
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS WF_REQUEST (
+  UUID VARCHAR (45),
+  CREATED_BY VARCHAR (255),
+  TENANT_ID INTEGER DEFAULT -1,
+  OPERATION_TYPE VARCHAR (50),
+  CREATED_AT TIMESTAMP,
+  UPDATED_AT TIMESTAMP,
+  STATUS VARCHAR (30),
+  REQUEST BLOB,
+  PRIMARY KEY (UUID)
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS WF_BPS_PROFILE (
+  PROFILE_NAME VARCHAR(45),
+  HOST_URL_MANAGER VARCHAR(45),
+  HOST_URL_WORKER VARCHAR(45),
+  USERNAME VARCHAR(45),
+  PASSWORD VARCHAR(255),
+  CALLBACK_HOST VARCHAR (45),
+  TENANT_ID INTEGER DEFAULT -1,
+  PRIMARY KEY (PROFILE_NAME, TENANT_ID)
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS WF_WORKFLOW(
+  ID VARCHAR (45),
+  WF_NAME VARCHAR (45),
+  DESCRIPTION VARCHAR (255),
+  TEMPLATE_ID VARCHAR (45),
+  IMPL_ID VARCHAR (45),
+  TENANT_ID INTEGER DEFAULT -1,
+  PRIMARY KEY (ID)
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS WF_WORKFLOW_ASSOCIATION(
+  ID INTEGER NOT NULL AUTO_INCREMENT,
+  ASSOC_NAME VARCHAR (45),
+  EVENT_ID VARCHAR(45),
+  ASSOC_CONDITION VARCHAR (2000),
+  WORKFLOW_ID VARCHAR (45),
+  IS_ENABLED CHAR (1) DEFAULT '1',
+  TENANT_ID INTEGER DEFAULT -1,
+  PRIMARY KEY(ID),
+  FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS WF_WORKFLOW_CONFIG_PARAM(
+  WORKFLOW_ID VARCHAR (45),
+  PARAM_NAME VARCHAR (45),
+  PARAM_VALUE VARCHAR (1000),
+  PARAM_QNAME VARCHAR (45),
+  PARAM_HOLDER VARCHAR (45),
+  TENANT_ID INTEGER DEFAULT -1,
+  PRIMARY KEY (WORKFLOW_ID, PARAM_NAME, PARAM_QNAME, PARAM_HOLDER),
+  FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS WF_REQUEST_ENTITY_RELATIONSHIP(
+  REQUEST_ID VARCHAR (45),
+  ENTITY_NAME VARCHAR (255),
+  ENTITY_TYPE VARCHAR (50),
+  TENANT_ID INTEGER DEFAULT -1,
+  PRIMARY KEY(REQUEST_ID, ENTITY_NAME, ENTITY_TYPE, TENANT_ID),
+  FOREIGN KEY (REQUEST_ID) REFERENCES WF_REQUEST(UUID)ON DELETE CASCADE
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS WF_WORKFLOW_REQUEST_RELATION(
+  RELATIONSHIP_ID VARCHAR (45),
+  WORKFLOW_ID VARCHAR (45),
+  REQUEST_ID VARCHAR (45),
+  UPDATED_AT TIMESTAMP,
+  STATUS VARCHAR (30),
+  TENANT_ID INTEGER DEFAULT -1,
+  PRIMARY KEY (RELATIONSHIP_ID),
+  FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE,
+  FOREIGN KEY (REQUEST_ID) REFERENCES WF_REQUEST(UUID)ON DELETE CASCADE
+)ENGINE INNODB;
+
+DROP PROCEDURE IF EXISTS drop_index_if_exists;
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/identity/mysql5.7.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/identity/mysql5.7.sql
new file mode 100644
index 00000000..dea64f6e
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/identity/mysql5.7.sql
@@ -0,0 +1,273 @@
+DROP PROCEDURE IF EXISTS drop_index_if_exists;
+CREATE PROCEDURE drop_index_if_exists(in theTable varchar(128), in theIndexName varchar(128) ) BEGIN IF((SELECT COUNT(*) AS index_exists FROM information_schema.statistics WHERE TABLE_SCHEMA = DATABASE() and table_name = theTable AND index_name = theIndexName) > 0) THEN SET @s = CONCAT('DROP INDEX ' , theIndexName , ' ON ' , theTable); PREPARE stmt FROM @s; EXECUTE stmt; END IF; END;
+
+SELECT CONCAT("ALTER TABLE IDN_OAUTH1A_REQUEST_TOKEN DROP FOREIGN KEY ",constraint_name)
+INTO @sqlst
+FROM INFORMATION_SCHEMA.KEY_COLUMN_USAGE
+where TABLE_SCHEMA = @databasename and TABLE_NAME = "IDN_OAUTH1A_REQUEST_TOKEN"
+and referenced_column_name is not NULL limit 1;
+
+PREPARE stmt FROM @sqlst;
+EXECUTE stmt;
+DEALLOCATE PREPARE stmt;
+SET @sqlst = NULL;
+
+SELECT CONCAT("ALTER TABLE IDN_OAUTH1A_ACCESS_TOKEN DROP FOREIGN KEY ",constraint_name)
+INTO @sqlst
+FROM INFORMATION_SCHEMA.KEY_COLUMN_USAGE
+where TABLE_SCHEMA = @databasename and TABLE_NAME = "IDN_OAUTH1A_ACCESS_TOKEN"
+and referenced_column_name is not NULL limit 1;
+
+PREPARE stmt FROM @sqlst;
+EXECUTE stmt;
+DEALLOCATE PREPARE stmt;
+SET @sqlst = NULL;
+
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ALTER COLUMN TIME_CREATED DROP DEFAULT;
+
+SELECT CONCAT("ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN DROP FOREIGN KEY ",constraint_name)
+INTO @sqlst
+FROM INFORMATION_SCHEMA.KEY_COLUMN_USAGE
+where TABLE_SCHEMA = @databasename and TABLE_NAME = "IDN_OAUTH2_ACCESS_TOKEN"
+and referenced_column_name is not NULL limit 1;
+
+PREPARE stmt FROM @sqlst;
+EXECUTE stmt;
+DEALLOCATE PREPARE stmt;
+SET @sqlst = NULL;
+
+SELECT CONCAT("ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE DROP FOREIGN KEY ",constraint_name)
+INTO @sqlst
+FROM INFORMATION_SCHEMA.KEY_COLUMN_USAGE
+where TABLE_SCHEMA = @databasename and TABLE_NAME = "IDN_OAUTH2_AUTHORIZATION_CODE"
+and referenced_column_name is not NULL limit 1;
+
+PREPARE stmt FROM @sqlst;
+EXECUTE stmt;
+DEALLOCATE PREPARE stmt;
+SET @sqlst = NULL;
+
+CREATE TABLE IF NOT EXISTS IDP_METADATA (
+  ID INTEGER AUTO_INCREMENT,
+  IDP_ID INTEGER,
+  NAME VARCHAR(255) NOT NULL,
+  VALUE VARCHAR(255) NOT NULL,
+  DISPLAY_NAME VARCHAR(255),
+  TENANT_ID INTEGER DEFAULT -1,
+  PRIMARY KEY (ID),
+  CONSTRAINT IDP_METADATA_CONSTRAINT UNIQUE (IDP_ID, NAME),
+  FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE
+)ENGINE INNODB;
+
+INSERT INTO IDP_METADATA (IDP_ID, NAME, VALUE, DISPLAY_NAME, TENANT_ID) SELECT ID, 'SessionIdleTimeout', '15',
+  'Session Idle Timeout', -1234 FROM IDP WHERE TENANT_ID = -1234 AND NAME = 'LOCAL';
+INSERT INTO IDP_METADATA (IDP_ID, NAME, VALUE, DISPLAY_NAME, TENANT_ID) SELECT ID, 'RememberMeTimeout', '20160', 'RememberMe Timeout', -1234 FROM IDP WHERE TENANT_ID = -1234 AND NAME = 'LOCAL';
+
+CREATE TABLE IF NOT EXISTS SP_METADATA (
+  ID INTEGER AUTO_INCREMENT,
+  SP_ID INTEGER,
+  NAME VARCHAR(255) NOT NULL,
+  VALUE VARCHAR(255) NOT NULL,
+  DISPLAY_NAME VARCHAR(255),
+  TENANT_ID INTEGER DEFAULT -1,
+  PRIMARY KEY (ID),
+  CONSTRAINT SP_METADATA_CONSTRAINT UNIQUE (SP_ID, NAME),
+  FOREIGN KEY (SP_ID) REFERENCES SP_APP(ID) ON DELETE CASCADE
+)ENGINE INNODB;
+
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS DROP PRIMARY KEY;
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD ID INTEGER NOT NULL AUTO_INCREMENT PRIMARY KEY;
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD USER_DOMAIN VARCHAR(50);
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS MODIFY COLUMN CONSUMER_KEY VARCHAR (255)  NOT NULL;
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD CONSTRAINT CONSUMER_KEY_CONSTRAINT UNIQUE (CONSUMER_KEY);
+
+ALTER TABLE IDN_OAUTH1A_REQUEST_TOKEN ADD CONSUMER_KEY_ID INTEGER;
+UPDATE IDN_OAUTH1A_REQUEST_TOKEN REQUEST_TOKEN set REQUEST_TOKEN.CONSUMER_KEY_ID = (select CONSUMER_APPS.ID from IDN_OAUTH_CONSUMER_APPS CONSUMER_APPS where CONSUMER_APPS.CONSUMER_KEY = REQUEST_TOKEN.CONSUMER_KEY);
+ALTER TABLE IDN_OAUTH1A_REQUEST_TOKEN DROP COLUMN CONSUMER_KEY;
+ALTER TABLE IDN_OAUTH1A_REQUEST_TOKEN ADD FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE;
+ALTER TABLE IDN_OAUTH1A_REQUEST_TOKEN ADD TENANT_ID INTEGER DEFAULT -1;
+
+ALTER TABLE IDN_OAUTH1A_ACCESS_TOKEN ADD CONSUMER_KEY_ID INTEGER;
+UPDATE IDN_OAUTH1A_ACCESS_TOKEN ACCESS_TOKEN set ACCESS_TOKEN.CONSUMER_KEY_ID = (select CONSUMER_APPS.ID from IDN_OAUTH_CONSUMER_APPS CONSUMER_APPS where CONSUMER_APPS.CONSUMER_KEY = ACCESS_TOKEN.CONSUMER_KEY);
+ALTER TABLE IDN_OAUTH1A_ACCESS_TOKEN DROP COLUMN CONSUMER_KEY;
+ALTER TABLE IDN_OAUTH1A_ACCESS_TOKEN ADD FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE;
+ALTER TABLE IDN_OAUTH1A_ACCESS_TOKEN ADD TENANT_ID INTEGER DEFAULT -1;
+
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN DROP PRIMARY KEY;
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD TOKEN_ID VARCHAR (255);
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD CONSUMER_KEY_ID INTEGER;
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD GRANT_TYPE VARCHAR (50);
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD SUBJECT_IDENTIFIER VARCHAR(255);
+UPDATE IDN_OAUTH2_ACCESS_TOKEN ACCESS_TOKEN set ACCESS_TOKEN.CONSUMER_KEY_ID = (select CONSUMER_APPS.ID from IDN_OAUTH_CONSUMER_APPS CONSUMER_APPS where CONSUMER_APPS.CONSUMER_KEY = ACCESS_TOKEN.CONSUMER_KEY);
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN DROP INDEX CON_APP_KEY;
+CALL drop_index_if_exists("IDN_OAUTH2_ACCESS_TOKEN", "IDX_AT_CK_AU");
+CALL drop_index_if_exists("IDN_OAUTH2_ACCESS_TOKEN", "IDX_OAUTH_ACCTKN_CONK_UTYPE");
+
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN DROP COLUMN CONSUMER_KEY;
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD TENANT_ID INTEGER;
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD USER_DOMAIN VARCHAR(50);
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD REFRESH_TOKEN_TIME_CREATED TIMESTAMP DEFAULT CURRENT_TIMESTAMP;
+UPDATE IDN_OAUTH2_ACCESS_TOKEN SET REFRESH_TOKEN_TIME_CREATED = TIME_CREATED;
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD REFRESH_TOKEN_VALIDITY_PERIOD BIGINT;
+UPDATE IDN_OAUTH2_ACCESS_TOKEN SET REFRESH_TOKEN_VALIDITY_PERIOD = 84600000;
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD TOKEN_SCOPE_HASH VARCHAR (32);
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN MODIFY COLUMN TOKEN_STATE_ID VARCHAR (128) DEFAULT 'NONE' NOT NULL;
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD CONSTRAINT CON_APP_KEY UNIQUE (CONSUMER_KEY_ID,AUTHZ_USER,TENANT_ID,USER_DOMAIN,USER_TYPE,TOKEN_SCOPE_HASH,TOKEN_STATE,TOKEN_STATE_ID);
+CREATE INDEX IDX_AT_CK_AU ON IDN_OAUTH2_ACCESS_TOKEN(CONSUMER_KEY_ID, AUTHZ_USER, TOKEN_STATE, USER_TYPE);
+CREATE INDEX IDX_TC ON IDN_OAUTH2_ACCESS_TOKEN(TIME_CREATED);
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE;
+
+ALTER TABLE IDN_OAUTH2_RESOURCE_SCOPE ADD TENANT_ID INTEGER DEFAULT -1;
+ALTER TABLE IDN_OPENID_ASSOCIATIONS ADD TENANT_ID INTEGER DEFAULT -1;
+ALTER TABLE IDN_THRIFT_SESSION ADD TENANT_ID INTEGER DEFAULT -1;
+
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD CONSUMER_KEY_ID INTEGER;
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD TENANT_ID INTEGER;
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD USER_DOMAIN VARCHAR(50);
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD STATE VARCHAR (25) DEFAULT 'ACTIVE';
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD TOKEN_ID VARCHAR(255);
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD CODE_ID VARCHAR (255);
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD SUBJECT_IDENTIFIER VARCHAR(255);
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE DROP PRIMARY KEY;
+UPDATE IDN_OAUTH2_AUTHORIZATION_CODE AUTHORIZATION_CODE set AUTHORIZATION_CODE.CONSUMER_KEY_ID = (select CONSUMER_APPS.ID from IDN_OAUTH_CONSUMER_APPS CONSUMER_APPS where CONSUMER_APPS.CONSUMER_KEY = AUTHORIZATION_CODE.CONSUMER_KEY);
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE DROP COLUMN CONSUMER_KEY;
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE;
+
+DROP TABLE IF EXISTS IDN_SCIM_PROVIDER;
+
+ALTER TABLE IDN_IDENTITY_USER_DATA  MODIFY COLUMN DATA_VALUE VARCHAR(255) NULL;
+
+ALTER TABLE IDN_ASSOCIATED_ID MODIFY COLUMN IDP_ID VARCHAR(255);
+UPDATE IDN_ASSOCIATED_ID set IDN_ASSOCIATED_ID.IDP_ID = (SELECT IDP.ID FROM IDP WHERE IDP.NAME = IDN_ASSOCIATED_ID.IDP_ID AND IDP.TENANT_ID = IDN_ASSOCIATED_ID.TENANT_ID );
+DELETE FROM IDN_ASSOCIATED_ID WHERE IDP_ID is NULL;
+ALTER TABLE IDN_ASSOCIATED_ID MODIFY COLUMN IDP_ID INTEGER NOT NULL;
+ALTER TABLE IDN_ASSOCIATED_ID ADD DOMAIN_NAME VARCHAR(255);
+ALTER TABLE IDN_ASSOCIATED_ID ADD FOREIGN KEY (IDP_ID )  REFERENCES IDP (ID) ON DELETE CASCADE;
+
+DELETE FROM IDN_AUTH_SESSION_STORE;
+ALTER TABLE IDN_AUTH_SESSION_STORE ALTER COLUMN SESSION_ID DROP DEFAULT;
+ALTER TABLE IDN_AUTH_SESSION_STORE MODIFY COLUMN SESSION_ID VARCHAR (100) NOT NULL;
+ALTER TABLE IDN_AUTH_SESSION_STORE ALTER COLUMN SESSION_TYPE DROP DEFAULT;
+ALTER TABLE IDN_AUTH_SESSION_STORE MODIFY COLUMN SESSION_TYPE VARCHAR(100) NOT NULL;
+ALTER TABLE IDN_AUTH_SESSION_STORE MODIFY COLUMN TIME_CREATED BIGINT NOT NULL;
+ALTER TABLE IDN_AUTH_SESSION_STORE ADD OPERATION VARCHAR(10) NOT NULL;
+ALTER TABLE IDN_AUTH_SESSION_STORE ADD TENANT_ID INTEGER DEFAULT -1;
+ALTER TABLE IDN_AUTH_SESSION_STORE DROP PRIMARY KEY;
+ALTER TABLE IDN_AUTH_SESSION_STORE ADD PRIMARY KEY (SESSION_ID, SESSION_TYPE, TIME_CREATED, OPERATION);
+
+ALTER TABLE SP_APP ADD IS_USE_TENANT_DOMAIN_SUBJECT CHAR(1) DEFAULT '1' NOT NULL;
+ALTER TABLE SP_APP ADD IS_USE_USER_DOMAIN_SUBJECT CHAR(1) DEFAULT '1' NOT NULL;
+ALTER TABLE SP_APP ADD IS_DUMB_MODE CHAR(1) DEFAULT '0';
+
+INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) SELECT -1234, ID, 'IDPProperties' FROM IDP WHERE TENANT_ID=-1234 AND NAME='LOCAL';
+INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) SELECT -1234, ID, 'passivests' FROM IDP WHERE TENANT_ID=-1234 AND NAME='LOCAL';
+
+INSERT INTO  IDP_AUTHENTICATOR_PROPERTY (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY,PROPERTY_VALUE, IS_SECRET ) SELECT -1234, IDP_AUTHENTICATOR.ID , 'IdPEntityId', 'localhost', '0' FROM IDP_AUTHENTICATOR,IDP WHERE IDP_AUTHENTICATOR.TENANT_ID = -1234 AND IDP_AUTHENTICATOR.NAME = 'passivests' AND IDP.NAME='LOCAL' AND IDP.ID = IDP_AUTHENTICATOR.IDP_ID;
+
+ALTER TABLE SP_INBOUND_AUTH MODIFY COLUMN INBOUND_AUTH_KEY VARCHAR (255);
+
+ALTER TABLE IDP_PROVISIONING_ENTITY ADD ENTITY_LOCAL_ID VARCHAR(255);
+
+CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN_SCOPE (
+  TOKEN_ID VARCHAR (255),
+  TOKEN_SCOPE VARCHAR (60),
+  TENANT_ID INTEGER DEFAULT -1,
+  PRIMARY KEY (TOKEN_ID, TOKEN_SCOPE)
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_USER_ACCOUNT_ASSOCIATION (
+  ASSOCIATION_KEY VARCHAR(255) NOT NULL,
+  TENANT_ID INTEGER,
+  DOMAIN_NAME VARCHAR(255) NOT NULL,
+  USER_NAME VARCHAR(255) NOT NULL,
+  PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME)
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS FIDO_DEVICE_STORE (
+  TENANT_ID INTEGER,
+  DOMAIN_NAME VARCHAR(255) NOT NULL,
+  USER_NAME VARCHAR(45) NOT NULL,
+  TIME_REGISTERED TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+  KEY_HANDLE VARCHAR(200) NOT NULL,
+  DEVICE_DATA VARCHAR(2048) NOT NULL,
+  PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME, KEY_HANDLE)
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS WF_REQUEST (
+  UUID VARCHAR (45),
+  CREATED_BY VARCHAR (255),
+  TENANT_ID INTEGER DEFAULT -1,
+  OPERATION_TYPE VARCHAR (50),
+  CREATED_AT TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+  UPDATED_AT TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+  STATUS VARCHAR (30),
+  REQUEST BLOB,
+  PRIMARY KEY (UUID)
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS WF_BPS_PROFILE (
+  PROFILE_NAME VARCHAR(45),
+  HOST_URL_MANAGER VARCHAR(45),
+  HOST_URL_WORKER VARCHAR(45),
+  USERNAME VARCHAR(45),
+  PASSWORD VARCHAR(255),
+  CALLBACK_HOST VARCHAR (45),
+  TENANT_ID INTEGER DEFAULT -1,
+  PRIMARY KEY (PROFILE_NAME, TENANT_ID)
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS WF_WORKFLOW(
+  ID VARCHAR (45),
+  WF_NAME VARCHAR (45),
+  DESCRIPTION VARCHAR (255),
+  TEMPLATE_ID VARCHAR (45),
+  IMPL_ID VARCHAR (45),
+  TENANT_ID INTEGER DEFAULT -1,
+  PRIMARY KEY (ID)
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS WF_WORKFLOW_ASSOCIATION(
+  ID INTEGER NOT NULL AUTO_INCREMENT,
+  ASSOC_NAME VARCHAR (45),
+  EVENT_ID VARCHAR(45),
+  ASSOC_CONDITION VARCHAR (2000),
+  WORKFLOW_ID VARCHAR (45),
+  IS_ENABLED CHAR (1) DEFAULT '1',
+  TENANT_ID INTEGER DEFAULT -1,
+  PRIMARY KEY(ID),
+  FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS WF_WORKFLOW_CONFIG_PARAM(
+  WORKFLOW_ID VARCHAR (45),
+  PARAM_NAME VARCHAR (45),
+  PARAM_VALUE VARCHAR (1000),
+  PARAM_QNAME VARCHAR (45),
+  PARAM_HOLDER VARCHAR (45),
+  TENANT_ID INTEGER DEFAULT -1,
+  PRIMARY KEY (WORKFLOW_ID, PARAM_NAME, PARAM_QNAME, PARAM_HOLDER),
+  FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS WF_REQUEST_ENTITY_RELATIONSHIP(
+  REQUEST_ID VARCHAR (45),
+  ENTITY_NAME VARCHAR (255),
+  ENTITY_TYPE VARCHAR (50),
+  TENANT_ID INTEGER DEFAULT -1,
+  PRIMARY KEY(REQUEST_ID, ENTITY_NAME, ENTITY_TYPE, TENANT_ID),
+  FOREIGN KEY (REQUEST_ID) REFERENCES WF_REQUEST(UUID)ON DELETE CASCADE
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS WF_WORKFLOW_REQUEST_RELATION(
+  RELATIONSHIP_ID VARCHAR (45),
+  WORKFLOW_ID VARCHAR (45),
+  REQUEST_ID VARCHAR (45),
+  UPDATED_AT TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+  STATUS VARCHAR (30),
+  TENANT_ID INTEGER DEFAULT -1,
+  PRIMARY KEY (RELATIONSHIP_ID),
+  FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE,
+  FOREIGN KEY (REQUEST_ID) REFERENCES WF_REQUEST(UUID)ON DELETE CASCADE
+)ENGINE INNODB;
+
+DROP PROCEDURE IF EXISTS drop_index_if_exists;
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/identity/oracle.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/identity/oracle.sql
new file mode 100644
index 00000000..b03630b6
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/identity/oracle.sql
@@ -0,0 +1,485 @@
+declare
+  con_name varchar2(100);
+  command varchar2(200);
+  databasename VARCHAR2(100);
+BEGIN
+  databasename := 'SAMPLE';
+
+  begin
+    select constraint_name into con_name from all_constraints where table_name='IDN_OAUTH1A_REQUEST_TOKEN' AND UPPER(owner)=UPPER(databasename) AND constraint_type = 'R';
+
+    if TRIM(con_name) is not null
+    then
+      command := 'ALTER TABLE IDN_OAUTH1A_REQUEST_TOKEN DROP CONSTRAINT ' || con_name;
+      dbms_output.Put_line(command);
+      execute immediate command;
+    end if;
+
+    exception
+    when NO_DATA_FOUND
+    then
+    dbms_output.Put_line('Foreign key not found');
+  end;
+  begin
+    select constraint_name into con_name from all_constraints where table_name='IDN_OAUTH1A_ACCESS_TOKEN' AND UPPER(owner)=UPPER(databasename) AND constraint_type = 'R';
+
+    if TRIM(con_name) is not null
+    then
+      command := 'ALTER TABLE IDN_OAUTH1A_ACCESS_TOKEN DROP CONSTRAINT ' || con_name;
+      dbms_output.Put_line(command);
+      execute immediate command;
+    end if;
+
+    exception
+    when NO_DATA_FOUND
+    then
+    dbms_output.Put_line('Foreign key not found');
+  end;
+  begin
+    select constraint_name into con_name from all_constraints where table_name='IDN_OAUTH2_ACCESS_TOKEN' AND UPPER(owner)=UPPER(databasename) AND constraint_type = 'R';
+
+    if TRIM(con_name) is not null
+    then
+      command := 'ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN DROP CONSTRAINT ' || con_name;
+      dbms_output.Put_line(command);
+      execute immediate command;
+    end if;
+
+    exception
+    when NO_DATA_FOUND
+    then
+    dbms_output.Put_line('Foreign key not found');
+  end;
+  begin
+    select constraint_name into con_name from all_constraints where table_name='IDN_OAUTH2_AUTHORIZATION_CODE' AND UPPER(owner)=UPPER(databasename) AND constraint_type = 'R';
+
+    if TRIM(con_name) is not null
+    then
+      command := 'ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE DROP CONSTRAINT ' || con_name;
+      dbms_output.Put_line(command);
+      execute immediate command;
+    end if;
+
+    exception
+    when NO_DATA_FOUND
+    then
+    dbms_output.Put_line('Foreign key not found');
+  end;
+
+  begin
+    select constraint_name into con_name from all_constraints where table_name='IDN_OAUTH_CONSUMER_APPS' AND UPPER(owner)=UPPER(databasename) AND constraint_type = 'P';
+
+    if TRIM(con_name) is not null
+    then
+      command := 'ALTER TABLE IDN_OAUTH_CONSUMER_APPS DROP CONSTRAINT ' || con_name;
+      dbms_output.Put_line(command);
+      execute immediate command;
+    end if;
+
+    exception
+    when NO_DATA_FOUND
+    then
+    dbms_output.Put_line('Primary key not found');
+  end;
+  begin
+    select constraint_name into con_name from all_constraints where table_name='IDN_OAUTH2_ACCESS_TOKEN' AND UPPER(owner)=UPPER(databasename) AND constraint_type = 'P';
+
+    if TRIM(con_name) is not null
+    then
+      command := 'ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN DROP CONSTRAINT ' || con_name;
+      dbms_output.Put_line(command);
+      execute immediate command;
+    end if;
+
+    exception
+    when NO_DATA_FOUND
+    then
+    dbms_output.Put_line('Primary key not found');
+  end;
+  begin
+    select constraint_name into con_name from all_constraints where table_name='IDN_AUTH_SESSION_STORE' AND UPPER(owner)=UPPER(databasename) AND constraint_type = 'P';
+
+    if TRIM(con_name) is not null
+    then
+      command := 'ALTER TABLE IDN_AUTH_SESSION_STORE DROP CONSTRAINT ' || con_name;
+      dbms_output.Put_line(command);
+      execute immediate command;
+    end if;
+
+    exception
+    when NO_DATA_FOUND
+    then
+    dbms_output.Put_line('Primary key not found');
+  end;
+  begin
+    select constraint_name into con_name from all_constraints where table_name='IDN_OAUTH2_AUTHORIZATION_CODE' AND UPPER(owner)=UPPER(databasename) AND constraint_type = 'P';
+
+    if TRIM(con_name) is not null
+    then
+      command := 'ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE DROP CONSTRAINT ' || con_name;
+      dbms_output.Put_line(command);
+      execute immediate command;
+    end if;
+
+    exception
+    when NO_DATA_FOUND
+    then
+    dbms_output.Put_line('Primary key not found');
+  end;
+
+  DECLARE
+  COUNT_INDEXES INTEGER;
+  BEGIN
+    SELECT COUNT(*) INTO COUNT_INDEXES
+      FROM USER_INDEXES
+      WHERE INDEX_NAME = 'IDX_AT_CK_AU';
+
+    IF COUNT_INDEXES > 0 THEN
+      EXECUTE IMMEDIATE 'DROP INDEX IDX_AT_CK_AU';
+    END IF;
+  END;
+
+  DECLARE
+  COUNT_INDEXES INTEGER;
+  BEGIN
+    SELECT COUNT(*) INTO COUNT_INDEXES
+      FROM USER_INDEXES
+      WHERE INDEX_NAME = 'IDX_OAUTH_ACCTKN_CONK_UTYPE';
+
+    IF COUNT_INDEXES > 0 THEN
+      EXECUTE IMMEDIATE 'DROP INDEX IDX_OAUTH_ACCTKN_CONK_UTYPE';
+    END IF;
+  END;
+
+END;
+/
+
+CREATE TABLE IDP_METADATA (
+  ID INTEGER,
+  IDP_ID INTEGER,
+  NAME VARCHAR(255) NOT NULL,
+  VALUE VARCHAR(255) NOT NULL,
+  DISPLAY_NAME VARCHAR(255),
+  TENANT_ID INTEGER DEFAULT -1,
+  PRIMARY KEY (ID),
+  CONSTRAINT IDP_METADATA_CONSTRAINT UNIQUE (IDP_ID, NAME),
+  FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE)
+/
+CREATE SEQUENCE IDP_METADATA_SEQ START WITH 1 INCREMENT BY 1 NOCACHE
+/
+CREATE OR REPLACE TRIGGER IDP_METADATA_TRIG
+BEFORE INSERT
+ON IDP_METADATA
+REFERENCING NEW AS NEW
+FOR EACH ROW
+  BEGIN
+    SELECT IDP_METADATA_SEQ.nextval INTO :NEW.ID FROM dual;
+  END;
+/
+
+INSERT INTO IDP_METADATA (IDP_ID, NAME, VALUE, DISPLAY_NAME, TENANT_ID) SELECT ID, 'SessionIdleTimeout', '15',
+  'Session Idle Timeout', -1234 FROM IDP WHERE TENANT_ID = -1234 AND NAME = 'LOCAL'
+/
+INSERT INTO IDP_METADATA (IDP_ID, NAME, VALUE, DISPLAY_NAME, TENANT_ID) SELECT ID, 'RememberMeTimeout', '20160', 'RememberMe Timeout', -1234 FROM IDP WHERE TENANT_ID = -1234 AND NAME = 'LOCAL'
+/
+
+CREATE TABLE SP_METADATA (
+  ID INTEGER,
+  SP_ID INTEGER,
+  NAME VARCHAR(255) NOT NULL,
+  VALUE VARCHAR(255) NOT NULL,
+  DISPLAY_NAME VARCHAR(255),
+  TENANT_ID INTEGER DEFAULT -1,
+  PRIMARY KEY (ID),
+  CONSTRAINT SP_METADATA_CONSTRAINT UNIQUE (SP_ID, NAME),
+  FOREIGN KEY (SP_ID) REFERENCES SP_APP(ID) ON DELETE CASCADE)
+/
+CREATE SEQUENCE SP_METADATA_SEQ START WITH 1 INCREMENT BY 1 NOCACHE
+/
+CREATE OR REPLACE TRIGGER SP_METADATA_TRIG
+BEFORE INSERT
+ON SP_METADATA
+REFERENCING NEW AS NEW
+FOR EACH ROW
+  BEGIN
+    SELECT SP_METADATA_SEQ.nextval INTO :NEW.ID FROM dual;
+  END;
+/
+
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD ID INTEGER
+/
+CREATE SEQUENCE IDN_OAUTH_CONSUMER_APPS_SEQ START WITH 1 INCREMENT BY 1 NOCACHE
+/
+CREATE OR REPLACE TRIGGER IDN_OAUTH_CONSUMER_APPS_TRIG
+BEFORE INSERT
+ON IDN_OAUTH_CONSUMER_APPS
+REFERENCING NEW AS NEW
+FOR EACH ROW
+  BEGIN
+    SELECT IDN_OAUTH_CONSUMER_APPS_SEQ.nextval INTO :NEW.ID FROM dual;
+  END;
+/
+UPDATE IDN_OAUTH_CONSUMER_APPS SET ID = IDN_OAUTH_CONSUMER_APPS_SEQ.NEXTVAL
+/
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD USER_DOMAIN VARCHAR(50)
+/
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD PRIMARY KEY (ID)
+/
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS MODIFY CONSUMER_KEY VARCHAR (255)  NOT NULL
+/
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD CONSTRAINT CONSUMER_KEY_CONSTRAINT UNIQUE (CONSUMER_KEY)
+/
+
+ALTER TABLE IDN_OAUTH1A_REQUEST_TOKEN ADD CONSUMER_KEY_ID INTEGER
+/
+UPDATE IDN_OAUTH1A_REQUEST_TOKEN REQUEST_TOKEN set REQUEST_TOKEN.CONSUMER_KEY_ID = (select CONSUMER_APPS.ID from IDN_OAUTH_CONSUMER_APPS CONSUMER_APPS where CONSUMER_APPS.CONSUMER_KEY = REQUEST_TOKEN.CONSUMER_KEY)
+/
+ALTER TABLE IDN_OAUTH1A_REQUEST_TOKEN DROP COLUMN CONSUMER_KEY
+/
+ALTER TABLE IDN_OAUTH1A_REQUEST_TOKEN ADD FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE
+/
+ALTER TABLE IDN_OAUTH1A_REQUEST_TOKEN ADD TENANT_ID INTEGER DEFAULT -1
+/
+
+ALTER TABLE IDN_OAUTH1A_ACCESS_TOKEN ADD CONSUMER_KEY_ID INTEGER
+/
+UPDATE IDN_OAUTH1A_ACCESS_TOKEN ACCESS_TOKEN set ACCESS_TOKEN.CONSUMER_KEY_ID = (select CONSUMER_APPS.ID from IDN_OAUTH_CONSUMER_APPS CONSUMER_APPS where CONSUMER_APPS.CONSUMER_KEY = ACCESS_TOKEN.CONSUMER_KEY)
+/
+ALTER TABLE IDN_OAUTH1A_ACCESS_TOKEN DROP COLUMN CONSUMER_KEY
+/
+ALTER TABLE IDN_OAUTH1A_ACCESS_TOKEN ADD FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE
+/
+ALTER TABLE IDN_OAUTH1A_ACCESS_TOKEN ADD TENANT_ID INTEGER DEFAULT -1
+/
+
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD TOKEN_ID VARCHAR (255)
+/
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD CONSUMER_KEY_ID INTEGER
+/
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD GRANT_TYPE VARCHAR (50)
+/
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD SUBJECT_IDENTIFIER VARCHAR(255)
+/
+UPDATE IDN_OAUTH2_ACCESS_TOKEN ACCESS_TOKEN set ACCESS_TOKEN.CONSUMER_KEY_ID = (select CONSUMER_APPS.ID from IDN_OAUTH_CONSUMER_APPS CONSUMER_APPS where CONSUMER_APPS.CONSUMER_KEY = ACCESS_TOKEN.CONSUMER_KEY)
+/
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN DROP CONSTRAINT CON_APP_KEY
+/
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN DROP COLUMN CONSUMER_KEY
+/
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD TENANT_ID INTEGER
+/
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD USER_DOMAIN VARCHAR(50)
+/
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD REFRESH_TOKEN_TIME_CREATED TIMESTAMP
+/
+UPDATE IDN_OAUTH2_ACCESS_TOKEN SET REFRESH_TOKEN_TIME_CREATED = TIME_CREATED
+/
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD REFRESH_TOKEN_VALIDITY_PERIOD NUMBER(19)
+/
+UPDATE IDN_OAUTH2_ACCESS_TOKEN SET REFRESH_TOKEN_VALIDITY_PERIOD = 84600000
+/
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD TOKEN_SCOPE_HASH VARCHAR (32)
+/
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN MODIFY TOKEN_STATE_ID VARCHAR (128) DEFAULT 'NONE' NOT NULL
+/
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD CONSTRAINT CON_APP_KEY UNIQUE (CONSUMER_KEY_ID,AUTHZ_USER,TENANT_ID,USER_DOMAIN,USER_TYPE,TOKEN_SCOPE_HASH,TOKEN_STATE,TOKEN_STATE_ID)
+/
+CREATE INDEX IDX_AT_CK_AU ON IDN_OAUTH2_ACCESS_TOKEN(CONSUMER_KEY_ID, AUTHZ_USER, TOKEN_STATE, USER_TYPE)
+/
+CREATE INDEX IDX_TC ON IDN_OAUTH2_ACCESS_TOKEN(TIME_CREATED)
+/
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE
+/
+
+ALTER TABLE IDN_OAUTH2_RESOURCE_SCOPE ADD TENANT_ID INTEGER DEFAULT -1
+/
+ALTER TABLE IDN_OPENID_ASSOCIATIONS ADD TENANT_ID INTEGER DEFAULT -1
+/
+ALTER TABLE IDN_THRIFT_SESSION ADD TENANT_ID INTEGER DEFAULT -1
+/
+
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD CONSUMER_KEY_ID INTEGER
+/
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD TENANT_ID INTEGER
+/
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD USER_DOMAIN VARCHAR(50)
+/
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD STATE VARCHAR (25) DEFAULT 'ACTIVE'
+/
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD TOKEN_ID VARCHAR(255)
+/
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD CODE_ID VARCHAR (255)
+/
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD SUBJECT_IDENTIFIER VARCHAR(255)
+/
+UPDATE IDN_OAUTH2_AUTHORIZATION_CODE AUTHORIZATION_CODE set AUTHORIZATION_CODE.CONSUMER_KEY_ID = (select CONSUMER_APPS.ID from IDN_OAUTH_CONSUMER_APPS CONSUMER_APPS where CONSUMER_APPS.CONSUMER_KEY = AUTHORIZATION_CODE.CONSUMER_KEY)
+/
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE DROP COLUMN CONSUMER_KEY
+/
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE
+/
+
+CREATE TABLE IDN_OAUTH2_ACCESS_TOKEN_SCOPE (
+  TOKEN_ID VARCHAR2 (255),
+  TOKEN_SCOPE VARCHAR2 (60),
+  TENANT_ID INTEGER DEFAULT -1,
+  PRIMARY KEY (TOKEN_ID, TOKEN_SCOPE))
+/
+
+DROP TABLE IDN_SCIM_PROVIDER
+/
+
+ALTER TABLE IDN_IDENTITY_USER_DATA MODIFY (DATA_VALUE NULL)
+/
+
+UPDATE IDN_ASSOCIATED_ID set IDN_ASSOCIATED_ID.IDP_ID = (SELECT IDP.ID FROM IDP WHERE IDP.NAME = IDN_ASSOCIATED_ID.IDP_ID AND IDP.TENANT_ID = IDN_ASSOCIATED_ID.TENANT_ID )
+/
+ALTER TABLE IDN_ASSOCIATED_ID MODIFY (IDP_ID INTEGER)
+/
+ALTER TABLE IDN_ASSOCIATED_ID ADD DOMAIN_NAME VARCHAR2(255)
+/
+ALTER TABLE IDN_ASSOCIATED_ID ADD FOREIGN KEY (IDP_ID) REFERENCES IDP (ID) ON DELETE CASCADE
+/
+
+DELETE FROM IDN_AUTH_SESSION_STORE
+/
+ALTER TABLE IDN_AUTH_SESSION_STORE MODIFY (SESSION_ID NOT NULL)
+/
+ALTER TABLE IDN_AUTH_SESSION_STORE MODIFY (SESSION_TYPE NOT NULL)
+/
+ALTER TABLE IDN_AUTH_SESSION_STORE MODIFY (TIME_CREATED NUMBER(19) NOT NULL)
+/
+ALTER TABLE IDN_AUTH_SESSION_STORE ADD OPERATION VARCHAR(10) NOT NULL
+/
+ALTER TABLE IDN_AUTH_SESSION_STORE ADD TENANT_ID INTEGER DEFAULT -1
+/
+ALTER TABLE IDN_AUTH_SESSION_STORE ADD PRIMARY KEY (SESSION_ID, SESSION_TYPE, TIME_CREATED, OPERATION)
+/
+
+ALTER TABLE SP_APP ADD IS_USE_TENANT_DOMAIN_SUBJECT CHAR(1) DEFAULT '1' NOT NULL
+/
+ALTER TABLE SP_APP ADD IS_USE_USER_DOMAIN_SUBJECT CHAR(1) DEFAULT '1' NOT NULL
+/
+ALTER TABLE SP_APP ADD IS_DUMB_MODE CHAR(1) DEFAULT '0'
+/
+INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) SELECT -1234, ID, 'IDPProperties' FROM IDP WHERE TENANT_ID=-1234 AND NAME='LOCAL'
+/
+INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) SELECT -1234, ID, 'passivests' FROM IDP WHERE TENANT_ID=-1234 AND NAME='LOCAL'
+/
+
+INSERT INTO  IDP_AUTHENTICATOR_PROPERTY (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY,PROPERTY_VALUE, IS_SECRET ) SELECT -1234, IDP_AUTHENTICATOR.ID , 'IdPEntityId', 'localhost', '0' FROM IDP_AUTHENTICATOR,IDP WHERE IDP_AUTHENTICATOR.TENANT_ID = -1234 AND IDP_AUTHENTICATOR.NAME = 'passivests' AND IDP.NAME='LOCAL' AND IDP.ID = IDP_AUTHENTICATOR.IDP_ID
+/
+
+ALTER TABLE SP_INBOUND_AUTH MODIFY (INBOUND_AUTH_KEY NULL)
+/
+
+ALTER TABLE IDP_PROVISIONING_ENTITY ADD ENTITY_LOCAL_ID VARCHAR(255)
+/
+
+CREATE TABLE IDN_USER_ACCOUNT_ASSOCIATION (
+  ASSOCIATION_KEY VARCHAR(255) NOT NULL,
+  TENANT_ID INTEGER,
+  DOMAIN_NAME VARCHAR(255) NOT NULL,
+  USER_NAME VARCHAR(255) NOT NULL,
+  PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME))
+/
+CREATE TABLE FIDO_DEVICE_STORE (
+  TENANT_ID INTEGER,
+  DOMAIN_NAME VARCHAR(255) NOT NULL,
+  USER_NAME VARCHAR(45) NOT NULL,
+  TIME_REGISTERED TIMESTAMP,
+  KEY_HANDLE VARCHAR(200) NOT NULL,
+  DEVICE_DATA VARCHAR(2048) NOT NULL,
+  PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME, KEY_HANDLE))
+/
+
+CREATE TABLE WF_REQUEST (
+  UUID VARCHAR2 (45),
+  CREATED_BY VARCHAR2 (255),
+  TENANT_ID INTEGER DEFAULT -1,
+  OPERATION_TYPE VARCHAR2 (50),
+  CREATED_AT TIMESTAMP,
+  UPDATED_AT TIMESTAMP,
+  STATUS VARCHAR2 (30),
+  REQUEST BLOB,
+  PRIMARY KEY (UUID))
+/
+
+CREATE TABLE WF_BPS_PROFILE (
+  PROFILE_NAME VARCHAR2(45),
+  HOST_URL_MANAGER VARCHAR2(45),
+  HOST_URL_WORKER VARCHAR2(45),
+  USERNAME VARCHAR2(45),
+  PASSWORD VARCHAR2(1023),
+  CALLBACK_HOST VARCHAR2 (45),
+  TENANT_ID INTEGER DEFAULT -1,
+  PRIMARY KEY (PROFILE_NAME, TENANT_ID))
+/
+
+CREATE TABLE WF_WORKFLOW(
+  ID VARCHAR2 (45),
+  WF_NAME VARCHAR2 (45),
+  DESCRIPTION VARCHAR2 (255),
+  TEMPLATE_ID VARCHAR2 (45),
+  IMPL_ID VARCHAR2 (45),
+  TENANT_ID INTEGER DEFAULT -1,
+  PRIMARY KEY (ID))
+/
+
+CREATE TABLE WF_WORKFLOW_ASSOCIATION(
+  ID INTEGER,
+  ASSOC_NAME VARCHAR2 (45),
+  EVENT_ID VARCHAR2(45),
+  ASSOC_CONDITION VARCHAR2 (2000),
+  WORKFLOW_ID VARCHAR2 (45),
+  IS_ENABLED CHAR (1) DEFAULT '1',
+  TENANT_ID INTEGER DEFAULT -1,
+  PRIMARY KEY(ID),
+  FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE)
+/
+
+CREATE SEQUENCE WF_WORKFLOW_ASSOCIATION_SEQ START WITH 1 INCREMENT BY 1 NOCACHE
+/
+CREATE OR REPLACE TRIGGER WF_WORKFLOW_ASSOCIATION_TRIG
+BEFORE INSERT
+ON WF_WORKFLOW_ASSOCIATION
+REFERENCING NEW AS NEW
+FOR EACH ROW
+  BEGIN
+    SELECT WF_WORKFLOW_ASSOCIATION_SEQ.nextval
+    INTO :NEW.ID
+    FROM dual;
+  END;
+/
+
+CREATE TABLE WF_WORKFLOW_CONFIG_PARAM(
+  WORKFLOW_ID VARCHAR2 (45),
+  PARAM_NAME VARCHAR2 (45),
+  PARAM_VALUE VARCHAR2 (1000),
+  PARAM_QNAME VARCHAR2 (45),
+  PARAM_HOLDER VARCHAR2 (45),
+  TENANT_ID INTEGER DEFAULT -1,
+  PRIMARY KEY (WORKFLOW_ID, PARAM_NAME, PARAM_QNAME, PARAM_HOLDER),
+  FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE)
+/
+
+CREATE TABLE WF_REQUEST_ENTITY_RELATIONSHIP(
+  REQUEST_ID VARCHAR2 (45),
+  ENTITY_NAME VARCHAR2 (255),
+  ENTITY_TYPE VARCHAR2 (50),
+  TENANT_ID INTEGER DEFAULT -1,
+  PRIMARY KEY(REQUEST_ID, ENTITY_NAME, ENTITY_TYPE, TENANT_ID),
+  FOREIGN KEY (REQUEST_ID) REFERENCES WF_REQUEST(UUID)ON DELETE CASCADE)
+/
+
+CREATE TABLE WF_WORKFLOW_REQUEST_RELATION(
+  RELATIONSHIP_ID VARCHAR2 (45),
+  WORKFLOW_ID VARCHAR2 (45),
+  REQUEST_ID VARCHAR2 (45),
+  UPDATED_AT TIMESTAMP,
+  STATUS VARCHAR (30),
+  TENANT_ID INTEGER DEFAULT -1,
+  PRIMARY KEY (RELATIONSHIP_ID),
+  FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE,
+  FOREIGN KEY (REQUEST_ID) REFERENCES WF_REQUEST(UUID)ON DELETE CASCADE)
+/
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/identity/postgresql.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/identity/postgresql.sql
new file mode 100644
index 00000000..226d6cdf
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/identity/postgresql.sql
@@ -0,0 +1,236 @@
+DO $$ DECLARE con_name varchar(200); BEGIN SELECT 'ALTER TABLE idn_oauth1a_request_token DROP CONSTRAINT ' || tc .constraint_name || ';' INTO con_name FROM information_schema.table_constraints AS tc JOIN information_schema.key_column_usage AS kcu ON tc.constraint_name = kcu.constraint_name JOIN information_schema.constraint_column_usage AS ccu ON ccu.constraint_name = tc.constraint_name WHERE constraint_type = 'FOREIGN KEY' AND tc.table_name = 'idn_oauth1a_request_token' AND kcu.column_name = 'consumer_key'; EXECUTE con_name; END $$;
+
+DO $$ DECLARE con_name varchar(200); BEGIN SELECT 'ALTER TABLE idn_oauth1a_access_token DROP CONSTRAINT ' || tc .constraint_name || ';' INTO con_name FROM information_schema.table_constraints AS tc JOIN information_schema.key_column_usage AS kcu ON tc.constraint_name = kcu.constraint_name JOIN information_schema.constraint_column_usage AS ccu ON ccu.constraint_name = tc.constraint_name WHERE constraint_type = 'FOREIGN KEY' AND tc.table_name = 'idn_oauth1a_access_token' AND kcu.column_name = 'consumer_key'; EXECUTE con_name; END $$;
+
+DO $$ DECLARE con_name varchar(200); BEGIN SELECT 'ALTER TABLE idn_oauth2_access_token DROP CONSTRAINT ' || tc .constraint_name || ';' INTO con_name FROM information_schema.table_constraints AS tc JOIN information_schema.key_column_usage AS kcu ON tc.constraint_name = kcu.constraint_name JOIN information_schema.constraint_column_usage AS ccu ON ccu.constraint_name = tc.constraint_name WHERE constraint_type = 'FOREIGN KEY' AND tc.table_name = 'idn_oauth2_access_token' AND kcu.column_name = 'consumer_key'; EXECUTE con_name; END $$;
+
+DO $$ DECLARE con_name varchar(200); BEGIN SELECT 'ALTER TABLE idn_oauth2_authorization_code DROP CONSTRAINT ' || tc .constraint_name || ';' INTO con_name FROM information_schema.table_constraints AS tc JOIN information_schema.key_column_usage AS kcu ON tc.constraint_name = kcu.constraint_name JOIN information_schema.constraint_column_usage AS ccu ON ccu.constraint_name = tc.constraint_name WHERE constraint_type = 'FOREIGN KEY' AND tc.table_name = 'idn_oauth2_authorization_code' AND kcu.column_name = 'consumer_key'; EXECUTE con_name; END $$;
+
+DO $$ DECLARE con_name varchar(200); BEGIN SELECT 'ALTER TABLE idn_oauth_consumer_apps DROP CONSTRAINT ' || tc .constraint_name || ';' INTO con_name FROM information_schema.table_constraints AS tc JOIN information_schema.key_column_usage AS kcu ON tc.constraint_name = kcu.constraint_name JOIN information_schema.constraint_column_usage AS ccu ON ccu.constraint_name = tc.constraint_name WHERE constraint_type = 'PRIMARY KEY' AND tc.table_name = 'idn_oauth_consumer_apps'; EXECUTE con_name; END $$;
+
+DROP TABLE IF EXISTS IDP_METADATA;
+DROP SEQUENCE IF EXISTS IDP_METADATA_SEQ;
+CREATE SEQUENCE IDP_METADATA_SEQ;
+CREATE TABLE IDP_METADATA (
+  ID INTEGER DEFAULT NEXTVAL('IDP_METADATA_SEQ'),
+  IDP_ID INTEGER,
+  NAME VARCHAR(255) NOT NULL,
+  VALUE VARCHAR(255) NOT NULL,
+  DISPLAY_NAME VARCHAR(255),
+  TENANT_ID INTEGER DEFAULT -1,
+  PRIMARY KEY (ID),
+  CONSTRAINT IDP_METADATA_CONSTRAINT UNIQUE (IDP_ID, NAME),
+  FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE);
+
+INSERT INTO IDP_METADATA (IDP_ID, NAME, VALUE, DISPLAY_NAME, TENANT_ID) SELECT ID, 'SessionIdleTimeout', '15',
+  'Session Idle Timeout', -1234 FROM IDP WHERE TENANT_ID = -1234 AND NAME = 'LOCAL';
+INSERT INTO IDP_METADATA (IDP_ID, NAME, VALUE, DISPLAY_NAME, TENANT_ID) SELECT ID, 'RememberMeTimeout', '20160', 'RememberMe Timeout', -1234 FROM IDP WHERE TENANT_ID = -1234 AND NAME = 'LOCAL';
+
+DROP TABLE IF EXISTS SP_METADATA;
+DROP SEQUENCE IF EXISTS SP_METADATA_SEQ;
+CREATE SEQUENCE SP_METADATA_SEQ;
+CREATE TABLE SP_METADATA (
+  ID INTEGER DEFAULT NEXTVAL('SP_METADATA_SEQ'),
+  SP_ID INTEGER,
+  NAME VARCHAR(255) NOT NULL,
+  VALUE VARCHAR(255) NOT NULL,
+  DISPLAY_NAME VARCHAR(255),
+  TENANT_ID INTEGER DEFAULT -1,
+  PRIMARY KEY (ID),
+  CONSTRAINT SP_METADATA_CONSTRAINT UNIQUE (SP_ID, NAME),
+  FOREIGN KEY (SP_ID) REFERENCES SP_APP(ID) ON DELETE CASCADE);
+
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD USER_DOMAIN VARCHAR(50);
+DROP SEQUENCE IF EXISTS IDN_OAUTH_CONSUMER_APPS_PK_SEQ;
+CREATE SEQUENCE IDN_OAUTH_CONSUMER_APPS_PK_SEQ;
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD ID INTEGER DEFAULT NEXTVAL('IDN_OAUTH_CONSUMER_APPS_PK_SEQ');
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD PRIMARY KEY (ID);
+ALTER TABLE idn_oauth_consumer_apps ALTER COLUMN CONSUMER_KEY TYPE VARCHAR(255) USING CONSUMER_KEY::VARCHAR;
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD CONSTRAINT CONSUMER_KEY_CONSTRAINT UNIQUE (CONSUMER_KEY);
+
+ALTER TABLE IDN_OAUTH1A_REQUEST_TOKEN ADD CONSUMER_KEY_ID INTEGER;
+UPDATE IDN_OAUTH1A_REQUEST_TOKEN set CONSUMER_KEY_ID = (select ID from IDN_OAUTH_CONSUMER_APPS where IDN_OAUTH_CONSUMER_APPS.CONSUMER_KEY = IDN_OAUTH1A_REQUEST_TOKEN.CONSUMER_KEY);
+ALTER TABLE IDN_OAUTH1A_REQUEST_TOKEN DROP COLUMN CONSUMER_KEY;
+ALTER TABLE IDN_OAUTH1A_REQUEST_TOKEN ADD FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE;
+ALTER TABLE IDN_OAUTH1A_REQUEST_TOKEN ADD TENANT_ID INTEGER DEFAULT -1;
+
+ALTER TABLE IDN_OAUTH1A_ACCESS_TOKEN ADD CONSUMER_KEY_ID INTEGER;
+UPDATE IDN_OAUTH1A_ACCESS_TOKEN set CONSUMER_KEY_ID = (select ID from IDN_OAUTH_CONSUMER_APPS where IDN_OAUTH_CONSUMER_APPS.CONSUMER_KEY = IDN_OAUTH1A_ACCESS_TOKEN.CONSUMER_KEY);
+ALTER TABLE IDN_OAUTH1A_ACCESS_TOKEN DROP COLUMN CONSUMER_KEY;
+ALTER TABLE IDN_OAUTH1A_ACCESS_TOKEN ADD FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE;
+ALTER TABLE IDN_OAUTH1A_ACCESS_TOKEN ADD TENANT_ID INTEGER DEFAULT -1;
+
+DO $$ DECLARE con_name varchar(200); BEGIN SELECT 'ALTER TABLE idn_oauth2_access_token DROP CONSTRAINT ' || tc .constraint_name || ';' INTO con_name FROM information_schema.table_constraints AS tc JOIN information_schema.key_column_usage AS kcu ON tc.constraint_name = kcu.constraint_name JOIN information_schema.constraint_column_usage AS ccu ON ccu.constraint_name = tc.constraint_name WHERE constraint_type = 'PRIMARY KEY' AND tc.table_name = 'idn_oauth2_access_token'; EXECUTE con_name; END $$;
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD TOKEN_ID VARCHAR (255);
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD CONSUMER_KEY_ID INTEGER;
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD GRANT_TYPE VARCHAR (50);
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD SUBJECT_IDENTIFIER VARCHAR(255);
+UPDATE IDN_OAUTH2_ACCESS_TOKEN set CONSUMER_KEY_ID = (select ID from IDN_OAUTH_CONSUMER_APPS where IDN_OAUTH_CONSUMER_APPS.CONSUMER_KEY = IDN_OAUTH2_ACCESS_TOKEN.CONSUMER_KEY);
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN DROP CONSTRAINT CON_APP_KEY;
+DROP INDEX IF EXISTS IDX_AT_CK_AU;
+DROP INDEX IF EXISTS IDX_OAUTH_ACCTKN_CONK_UTYPE;
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN DROP COLUMN CONSUMER_KEY;
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD TENANT_ID INTEGER;
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD USER_DOMAIN VARCHAR(50);
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD REFRESH_TOKEN_TIME_CREATED TIMESTAMP;
+UPDATE IDN_OAUTH2_ACCESS_TOKEN SET REFRESH_TOKEN_TIME_CREATED = TIME_CREATED;
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD REFRESH_TOKEN_VALIDITY_PERIOD BIGINT;
+UPDATE IDN_OAUTH2_ACCESS_TOKEN SET REFRESH_TOKEN_VALIDITY_PERIOD = 84600000;
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD TOKEN_SCOPE_HASH VARCHAR (32);
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ALTER COLUMN TOKEN_STATE_ID TYPE VARCHAR(128) USING TOKEN_STATE_ID::VARCHAR;
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ALTER COLUMN TOKEN_STATE_ID SET DEFAULT 'NONE';
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD CONSTRAINT CON_APP_KEY UNIQUE (CONSUMER_KEY_ID,AUTHZ_USER,TENANT_ID,USER_DOMAIN,USER_TYPE,TOKEN_SCOPE_HASH,TOKEN_STATE,TOKEN_STATE_ID);
+CREATE INDEX IDX_AT_CK_AU ON IDN_OAUTH2_ACCESS_TOKEN(CONSUMER_KEY_ID, AUTHZ_USER, TOKEN_STATE, USER_TYPE);
+CREATE INDEX IDX_TC ON IDN_OAUTH2_ACCESS_TOKEN(TIME_CREATED);
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE;
+
+ALTER TABLE IDN_OAUTH2_RESOURCE_SCOPE ADD TENANT_ID INTEGER DEFAULT -1;
+ALTER TABLE IDN_OPENID_ASSOCIATIONS ADD TENANT_ID INTEGER DEFAULT -1;
+ALTER TABLE IDN_THRIFT_SESSION ADD TENANT_ID INTEGER DEFAULT -1;
+
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD CONSUMER_KEY_ID INTEGER;
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD TENANT_ID INTEGER;
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD USER_DOMAIN VARCHAR(50);
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD STATE VARCHAR (25) DEFAULT 'ACTIVE';
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD TOKEN_ID VARCHAR(255);
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD CODE_ID VARCHAR (255);
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD SUBJECT_IDENTIFIER VARCHAR(255);
+DO $$ DECLARE con_name varchar(200); BEGIN SELECT 'ALTER TABLE idn_oauth2_authorization_code DROP CONSTRAINT ' || tc .constraint_name || ';' INTO con_name FROM information_schema.table_constraints AS tc JOIN information_schema.key_column_usage AS kcu ON tc.constraint_name = kcu.constraint_name JOIN information_schema.constraint_column_usage AS ccu ON ccu.constraint_name = tc.constraint_name WHERE constraint_type = 'PRIMARY KEY' AND tc.table_name = 'idn_oauth2_authorization_code'; EXECUTE con_name; END $$;
+UPDATE IDN_OAUTH2_AUTHORIZATION_CODE set CONSUMER_KEY_ID = (select ID from IDN_OAUTH_CONSUMER_APPS where IDN_OAUTH_CONSUMER_APPS.CONSUMER_KEY = IDN_OAUTH2_AUTHORIZATION_CODE.CONSUMER_KEY);
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE DROP COLUMN CONSUMER_KEY;
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE;
+
+DROP TABLE IF EXISTS IDN_SCIM_PROVIDER;
+
+ALTER TABLE IDN_IDENTITY_USER_DATA  ALTER COLUMN DATA_VALUE DROP NOT NULL;
+
+UPDATE IDN_ASSOCIATED_ID set IDP_ID = (SELECT ID FROM IDP WHERE IDP.NAME = IDN_ASSOCIATED_ID.IDP_ID AND IDP.TENANT_ID = IDN_ASSOCIATED_ID.TENANT_ID );
+ALTER TABLE IDN_ASSOCIATED_ID ALTER COLUMN IDP_ID TYPE INTEGER USING IDP_ID::INTEGER;
+ALTER TABLE IDN_ASSOCIATED_ID ADD DOMAIN_NAME VARCHAR(255);
+ALTER TABLE IDN_ASSOCIATED_ID ADD FOREIGN KEY (IDP_ID )  REFERENCES IDP (ID) ON DELETE CASCADE;
+
+DELETE FROM IDN_AUTH_SESSION_STORE;
+ALTER TABLE IDN_AUTH_SESSION_STORE ALTER COLUMN SESSION_ID DROP DEFAULT;
+ALTER TABLE IDN_AUTH_SESSION_STORE ALTER COLUMN SESSION_ID SET NOT NULL;
+ALTER TABLE IDN_AUTH_SESSION_STORE ALTER COLUMN SESSION_TYPE DROP DEFAULT;
+ALTER TABLE IDN_AUTH_SESSION_STORE ALTER COLUMN SESSION_TYPE SET NOT NULL;
+ALTER TABLE IDN_AUTH_SESSION_STORE DROP COLUMN TIME_CREATED;
+ALTER TABLE IDN_AUTH_SESSION_STORE ADD COLUMN TIME_CREATED BIGINT NOT NULL;
+ALTER TABLE IDN_AUTH_SESSION_STORE ADD OPERATION VARCHAR(10) NOT NULL;
+ALTER TABLE IDN_AUTH_SESSION_STORE ADD TENANT_ID INTEGER DEFAULT -1;
+DO $$ DECLARE con_name varchar(200); BEGIN SELECT 'ALTER TABLE idn_auth_session_store DROP CONSTRAINT ' || tc .constraint_name || ';' INTO con_name FROM information_schema.table_constraints AS tc JOIN information_schema.key_column_usage AS kcu ON tc.constraint_name = kcu.constraint_name JOIN information_schema.constraint_column_usage AS ccu ON ccu.constraint_name = tc.constraint_name WHERE constraint_type = 'PRIMARY KEY' AND tc.table_name = 'idn_auth_session_store'; EXECUTE con_name; END $$;
+ALTER TABLE IDN_AUTH_SESSION_STORE ADD PRIMARY KEY (SESSION_ID, SESSION_TYPE, TIME_CREATED, OPERATION);
+
+ALTER TABLE SP_APP ADD IS_USE_TENANT_DOMAIN_SUBJECT CHAR(1) DEFAULT '1' NOT NULL;
+ALTER TABLE SP_APP ADD IS_USE_USER_DOMAIN_SUBJECT CHAR(1) DEFAULT '1' NOT NULL;
+ALTER TABLE SP_APP ADD IS_DUMB_MODE CHAR(1) DEFAULT '0';
+
+INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) SELECT -1234, ID, 'IDPProperties' FROM IDP WHERE TENANT_ID=-1234 AND NAME='LOCAL';
+INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) SELECT -1234, ID, 'passivests' FROM IDP WHERE TENANT_ID=-1234 AND NAME='LOCAL';
+
+INSERT INTO  IDP_AUTHENTICATOR_PROPERTY (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY,PROPERTY_VALUE, IS_SECRET ) SELECT -1234, IDP_AUTHENTICATOR.ID , 'IdPEntityId', 'localhost', '0' FROM IDP_AUTHENTICATOR,IDP WHERE IDP_AUTHENTICATOR.TENANT_ID = -1234 AND IDP_AUTHENTICATOR.NAME = 'passivests' AND IDP.NAME='LOCAL' AND IDP.ID = IDP_AUTHENTICATOR.IDP_ID;
+
+ALTER TABLE SP_INBOUND_AUTH ALTER INBOUND_AUTH_KEY DROP NOT NULL;
+
+ALTER TABLE IDP_PROVISIONING_ENTITY ADD ENTITY_LOCAL_ID VARCHAR(255);
+
+DROP TABLE IF EXISTS IDN_OAUTH2_ACCESS_TOKEN_SCOPE;
+CREATE TABLE IDN_OAUTH2_ACCESS_TOKEN_SCOPE (
+  TOKEN_ID VARCHAR (255),
+  TOKEN_SCOPE VARCHAR (60),
+  TENANT_ID INTEGER DEFAULT -1,
+  PRIMARY KEY (TOKEN_ID, TOKEN_SCOPE));
+
+DROP TABLE IF EXISTS IDN_USER_ACCOUNT_ASSOCIATION;
+CREATE TABLE IDN_USER_ACCOUNT_ASSOCIATION (
+  ASSOCIATION_KEY VARCHAR(255) NOT NULL,
+  TENANT_ID INTEGER,
+  DOMAIN_NAME VARCHAR(255) NOT NULL,
+  USER_NAME VARCHAR(255) NOT NULL,
+  PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME));
+
+DROP TABLE IF EXISTS WF_REQUEST;
+CREATE TABLE WF_REQUEST (
+  UUID VARCHAR (45),
+  CREATED_BY VARCHAR (255),
+  TENANT_ID INTEGER DEFAULT -1,
+  OPERATION_TYPE VARCHAR (50),
+  CREATED_AT TIMESTAMP,
+  UPDATED_AT TIMESTAMP,
+  STATUS VARCHAR (30),
+  REQUEST BYTEA,
+  PRIMARY KEY (UUID)
+);
+
+DROP TABLE IF EXISTS WF_BPS_PROFILE;
+CREATE TABLE WF_BPS_PROFILE (
+  PROFILE_NAME VARCHAR(45),
+  HOST_URL_MANAGER VARCHAR(45),
+  HOST_URL_WORKER VARCHAR(45),
+  USERNAME VARCHAR(45),
+  PASSWORD VARCHAR(255),
+  CALLBACK_HOST VARCHAR (45),
+  TENANT_ID INTEGER DEFAULT -1,
+  PRIMARY KEY (PROFILE_NAME, TENANT_ID)
+);
+
+DROP TABLE IF EXISTS WF_WORKFLOW;
+CREATE TABLE WF_WORKFLOW(
+  ID VARCHAR (45),
+  WF_NAME VARCHAR (45),
+  DESCRIPTION VARCHAR (255),
+  TEMPLATE_ID VARCHAR (45),
+  IMPL_ID VARCHAR (45),
+  TENANT_ID INTEGER DEFAULT -1,
+  PRIMARY KEY (ID)
+);
+
+DROP TABLE IF EXISTS WF_WORKFLOW_ASSOCIATION;
+DROP SEQUENCE IF EXISTS WF_WORKFLOW_ASSOCIATION_PK_SEQ;
+CREATE SEQUENCE WF_WORKFLOW_ASSOCIATION_PK_SEQ;
+CREATE TABLE WF_WORKFLOW_ASSOCIATION(
+  ID INTEGER DEFAULT NEXTVAL('WF_WORKFLOW_ASSOCIATION_PK_SEQ'),
+  ASSOC_NAME VARCHAR (45),
+  EVENT_ID VARCHAR(45),
+  ASSOC_CONDITION VARCHAR (2000),
+  WORKFLOW_ID VARCHAR (45),
+  IS_ENABLED CHAR (1) DEFAULT '1',
+  TENANT_ID INTEGER DEFAULT -1,
+  PRIMARY KEY(ID),
+  FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE
+);
+
+DROP TABLE IF EXISTS WF_WORKFLOW_CONFIG_PARAM;
+CREATE TABLE WF_WORKFLOW_CONFIG_PARAM(
+  WORKFLOW_ID VARCHAR (45),
+  PARAM_NAME VARCHAR (45),
+  PARAM_VALUE VARCHAR (1000),
+  PARAM_QNAME VARCHAR (45),
+  PARAM_HOLDER VARCHAR (45),
+  TENANT_ID INTEGER DEFAULT -1,
+  PRIMARY KEY (WORKFLOW_ID, PARAM_NAME, PARAM_QNAME, PARAM_HOLDER),
+  FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE
+);
+
+DROP TABLE IF EXISTS WF_REQUEST_ENTITY_RELATIONSHIP;
+CREATE TABLE WF_REQUEST_ENTITY_RELATIONSHIP(
+  REQUEST_ID VARCHAR (45),
+  ENTITY_NAME VARCHAR (255),
+  ENTITY_TYPE VARCHAR (50),
+  TENANT_ID INTEGER DEFAULT -1,
+  PRIMARY KEY(REQUEST_ID, ENTITY_NAME, ENTITY_TYPE, TENANT_ID),
+  FOREIGN KEY (REQUEST_ID) REFERENCES WF_REQUEST(UUID)ON DELETE CASCADE
+);
+
+DROP TABLE IF EXISTS WF_WORKFLOW_REQUEST_RELATION;
+CREATE TABLE WF_WORKFLOW_REQUEST_RELATION(
+  RELATIONSHIP_ID VARCHAR (45),
+  WORKFLOW_ID VARCHAR (45),
+  REQUEST_ID VARCHAR (45),
+  UPDATED_AT TIMESTAMP,
+  STATUS VARCHAR (30),
+  TENANT_ID INTEGER DEFAULT -1,
+  PRIMARY KEY (RELATIONSHIP_ID),
+  FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE,
+  FOREIGN KEY (REQUEST_ID) REFERENCES WF_REQUEST(UUID)ON DELETE CASCADE
+);
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/um/db2.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/um/db2.sql
new file mode 100644
index 00000000..931f3dd9
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/um/db2.sql
@@ -0,0 +1,12 @@
+BEGIN
+ DECLARE const_name VARCHAR(128);
+ DECLARE STMT VARCHAR(200);
+ select CONSTNAME into const_name from SYSCAT.TABCONST WHERE TABNAME='UM_HYBRID_USER_ROLE' AND TYPE = 'F';
+ SET STMT = 'ALTER TABLE UM_HYBRID_USER_ROLE DROP FOREIGN KEY ' ||  const_name;
+ PREPARE S1 FROM STMT;
+ EXECUTE S1;
+END
+/
+
+ALTER TABLE UM_HYBRID_USER_ROLE ADD CONSTRAINT UM_HYBRID_USER_ROLE_F1 FOREIGN KEY(UM_ROLE_ID,UM_TENANT_ID) REFERENCES UM_HYBRID_ROLE(UM_ID,UM_TENANT_ID) ON DELETE  CASCADE
+/
\ No newline at end of file
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/um/h2.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/um/h2.sql
new file mode 100644
index 00000000..ebd74a8d
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/um/h2.sql
@@ -0,0 +1,14 @@
+CREATE ALIAS IF NOT EXISTS DROP_FK AS $$ void executeSql(Connection conn, String sql) throws SQLException { conn.createStatement().executeUpdate(sql); } $$;
+
+call drop_fk('ALTER TABLE UM_ROLE_PERMISSION DROP CONSTRAINT ' || (SELECT CONSTRAINT_NAME FROM INFORMATION_SCHEMA.CONSTRAINTS WHERE TABLE_NAME = 'UM_ROLE_PERMISSION' AND COLUMN_LIST  = 'UM_PERMISSION_ID,UM_TENANT_ID'));
+ALTER TABLE UM_ROLE_PERMISSION ADD FOREIGN KEY (UM_PERMISSION_ID, UM_TENANT_ID) REFERENCES UM_PERMISSION(UM_ID, UM_TENANT_ID) ON DELETE CASCADE;
+
+call drop_fk('ALTER TABLE UM_USER_PERMISSION DROP CONSTRAINT ' || (SELECT CONSTRAINT_NAME FROM INFORMATION_SCHEMA.CONSTRAINTS WHERE TABLE_NAME = 'UM_USER_PERMISSION' AND COLUMN_LIST  = 'UM_PERMISSION_ID,UM_TENANT_ID'));
+ALTER TABLE UM_USER_PERMISSION ADD FOREIGN KEY (UM_PERMISSION_ID, UM_TENANT_ID) REFERENCES UM_PERMISSION(UM_ID, UM_TENANT_ID) ON DELETE CASCADE;
+
+call drop_fk('ALTER TABLE UM_HYBRID_USER_ROLE DROP CONSTRAINT ' || (SELECT CONSTRAINT_NAME FROM INFORMATION_SCHEMA.CONSTRAINTS WHERE TABLE_NAME = 'UM_HYBRID_USER_ROLE' AND COLUMN_LIST  = 'UM_ROLE_ID,UM_TENANT_ID'));
+ALTER TABLE UM_HYBRID_USER_ROLE ADD FOREIGN KEY (UM_ROLE_ID, UM_TENANT_ID) REFERENCES UM_HYBRID_ROLE(UM_ID, UM_TENANT_ID) ON DELETE CASCADE;
+
+update UM_PERMISSION set UM_RESOURCE_ID = REPLACE(UM_RESOURCE_ID, '-at-', '-AT-') where UM_TENANT_ID <> -1234;
+
+DROP ALIAS IF EXISTS DROP_FK;
\ No newline at end of file
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/um/mssql.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/um/mssql.sql
new file mode 100644
index 00000000..dcedbe09
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/um/mssql.sql
@@ -0,0 +1,13 @@
+DECLARE @COMMAND NVARCHAR(200);SELECT TOP 1 @COMMAND= 'ALTER TABLE UM_ROLE_PERMISSION DROP CONSTRAINT ' + RC.CONSTRAINT_NAME + ';' FROM INFORMATION_SCHEMA.REFERENTIAL_CONSTRAINTS RC JOIN INFORMATION_SCHEMA.KEY_COLUMN_USAGE KF ON RC.CONSTRAINT_NAME = KF.CONSTRAINT_NAME JOIN INFORMATION_SCHEMA.KEY_COLUMN_USAGE KP ON RC.UNIQUE_CONSTRAINT_NAME = KP.CONSTRAINT_NAME WHERE KF.TABLE_NAME = 'UM_ROLE_PERMISSION' AND KP.TABLE_NAME='UM_PERMISSION';EXEC (@COMMAND);
+
+DECLARE @COMMAND NVARCHAR(200);SELECT TOP 1 @COMMAND= 'ALTER TABLE UM_USER_PERMISSION DROP CONSTRAINT ' + RC.CONSTRAINT_NAME + ';' FROM INFORMATION_SCHEMA.REFERENTIAL_CONSTRAINTS RC JOIN INFORMATION_SCHEMA.KEY_COLUMN_USAGE KF ON RC.CONSTRAINT_NAME = KF.CONSTRAINT_NAME JOIN INFORMATION_SCHEMA.KEY_COLUMN_USAGE KP ON RC.UNIQUE_CONSTRAINT_NAME = KP.CONSTRAINT_NAME WHERE KF.TABLE_NAME = 'UM_USER_PERMISSION' AND KP.TABLE_NAME='UM_PERMISSION';EXEC (@COMMAND);
+
+DECLARE @COMMAND NVARCHAR(200);SELECT TOP 1 @COMMAND= 'ALTER TABLE UM_HYBRID_USER_ROLE DROP CONSTRAINT ' + RC.CONSTRAINT_NAME + ';' FROM INFORMATION_SCHEMA.REFERENTIAL_CONSTRAINTS RC JOIN INFORMATION_SCHEMA.KEY_COLUMN_USAGE KF ON RC.CONSTRAINT_NAME = KF.CONSTRAINT_NAME JOIN INFORMATION_SCHEMA.KEY_COLUMN_USAGE KP ON RC.UNIQUE_CONSTRAINT_NAME = KP.CONSTRAINT_NAME WHERE KF.TABLE_NAME = 'UM_HYBRID_USER_ROLE' AND KP.TABLE_NAME='UM_HYBRID_ROLE';EXEC (@COMMAND);
+
+ALTER TABLE UM_ROLE_PERMISSION ADD FOREIGN KEY (UM_PERMISSION_ID, UM_TENANT_ID) REFERENCES UM_PERMISSION(UM_ID, UM_TENANT_ID) ON DELETE CASCADE;
+
+ALTER TABLE UM_USER_PERMISSION ADD FOREIGN KEY (UM_PERMISSION_ID, UM_TENANT_ID) REFERENCES UM_PERMISSION(UM_ID, UM_TENANT_ID) ON DELETE CASCADE;
+
+ALTER TABLE UM_HYBRID_USER_ROLE ADD FOREIGN KEY (UM_ROLE_ID, UM_TENANT_ID) REFERENCES UM_HYBRID_ROLE(UM_ID, UM_TENANT_ID) ON DELETE CASCADE;
+
+update UM_PERMISSION set UM_RESOURCE_ID = REPLACE(UM_RESOURCE_ID, '-at-', '-AT-') where UM_TENANT_ID <> -1234;
\ No newline at end of file
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/um/mysql.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/um/mysql.sql
new file mode 100644
index 00000000..abc22b69
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/um/mysql.sql
@@ -0,0 +1,40 @@
+SELECT CONCAT("ALTER TABLE UM_ROLE_PERMISSION DROP FOREIGN KEY ",constraint_name)
+INTO @sqlst
+FROM INFORMATION_SCHEMA.KEY_COLUMN_USAGE
+WHERE TABLE_SCHEMA = @databasename AND TABLE_NAME = "UM_ROLE_PERMISSION"
+AND REFERENCED_TABLE_NAME="UM_PERMISSION" LIMIT 1;
+
+PREPARE stmt FROM @sqlst;
+EXECUTE stmt;
+DEALLOCATE PREPARE stmt;
+SET @sqlstr = NULL;
+
+ALTER TABLE UM_ROLE_PERMISSION ADD FOREIGN KEY (UM_PERMISSION_ID, UM_TENANT_ID) REFERENCES UM_PERMISSION(UM_ID, UM_TENANT_ID) ON DELETE CASCADE;
+
+SELECT CONCAT("ALTER TABLE UM_USER_PERMISSION DROP FOREIGN KEY ",constraint_name)
+INTO @sqlst
+FROM INFORMATION_SCHEMA.KEY_COLUMN_USAGE
+WHERE TABLE_SCHEMA = @databasename AND TABLE_NAME = "UM_USER_PERMISSION"
+AND REFERENCED_TABLE_NAME="UM_PERMISSION" LIMIT 1;
+
+PREPARE stmt FROM @sqlst;
+EXECUTE stmt;
+DEALLOCATE PREPARE stmt;
+SET @sqlstr = NULL;
+
+ALTER TABLE UM_USER_PERMISSION ADD FOREIGN KEY (UM_PERMISSION_ID, UM_TENANT_ID) REFERENCES UM_PERMISSION(UM_ID, UM_TENANT_ID) ON DELETE CASCADE;
+
+SELECT CONCAT("ALTER TABLE UM_HYBRID_USER_ROLE DROP FOREIGN KEY ",constraint_name)
+INTO @sqlst
+FROM INFORMATION_SCHEMA.KEY_COLUMN_USAGE
+WHERE TABLE_SCHEMA = @databasename AND TABLE_NAME = "UM_HYBRID_USER_ROLE"
+AND REFERENCED_TABLE_NAME="UM_HYBRID_ROLE" LIMIT 1;
+
+PREPARE stmt FROM @sqlst;
+EXECUTE stmt;
+DEALLOCATE PREPARE stmt;
+SET @sqlstr = NULL;
+
+ALTER TABLE UM_HYBRID_USER_ROLE ADD FOREIGN KEY (UM_ROLE_ID, UM_TENANT_ID) REFERENCES UM_HYBRID_ROLE(UM_ID, UM_TENANT_ID) ON DELETE CASCADE;
+
+update UM_PERMISSION set UM_RESOURCE_ID = REPLACE(UM_RESOURCE_ID, '-at-', '-AT-') where UM_TENANT_ID <> -1234;
\ No newline at end of file
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/um/mysql5.7.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/um/mysql5.7.sql
new file mode 100644
index 00000000..abc22b69
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/um/mysql5.7.sql
@@ -0,0 +1,40 @@
+SELECT CONCAT("ALTER TABLE UM_ROLE_PERMISSION DROP FOREIGN KEY ",constraint_name)
+INTO @sqlst
+FROM INFORMATION_SCHEMA.KEY_COLUMN_USAGE
+WHERE TABLE_SCHEMA = @databasename AND TABLE_NAME = "UM_ROLE_PERMISSION"
+AND REFERENCED_TABLE_NAME="UM_PERMISSION" LIMIT 1;
+
+PREPARE stmt FROM @sqlst;
+EXECUTE stmt;
+DEALLOCATE PREPARE stmt;
+SET @sqlstr = NULL;
+
+ALTER TABLE UM_ROLE_PERMISSION ADD FOREIGN KEY (UM_PERMISSION_ID, UM_TENANT_ID) REFERENCES UM_PERMISSION(UM_ID, UM_TENANT_ID) ON DELETE CASCADE;
+
+SELECT CONCAT("ALTER TABLE UM_USER_PERMISSION DROP FOREIGN KEY ",constraint_name)
+INTO @sqlst
+FROM INFORMATION_SCHEMA.KEY_COLUMN_USAGE
+WHERE TABLE_SCHEMA = @databasename AND TABLE_NAME = "UM_USER_PERMISSION"
+AND REFERENCED_TABLE_NAME="UM_PERMISSION" LIMIT 1;
+
+PREPARE stmt FROM @sqlst;
+EXECUTE stmt;
+DEALLOCATE PREPARE stmt;
+SET @sqlstr = NULL;
+
+ALTER TABLE UM_USER_PERMISSION ADD FOREIGN KEY (UM_PERMISSION_ID, UM_TENANT_ID) REFERENCES UM_PERMISSION(UM_ID, UM_TENANT_ID) ON DELETE CASCADE;
+
+SELECT CONCAT("ALTER TABLE UM_HYBRID_USER_ROLE DROP FOREIGN KEY ",constraint_name)
+INTO @sqlst
+FROM INFORMATION_SCHEMA.KEY_COLUMN_USAGE
+WHERE TABLE_SCHEMA = @databasename AND TABLE_NAME = "UM_HYBRID_USER_ROLE"
+AND REFERENCED_TABLE_NAME="UM_HYBRID_ROLE" LIMIT 1;
+
+PREPARE stmt FROM @sqlst;
+EXECUTE stmt;
+DEALLOCATE PREPARE stmt;
+SET @sqlstr = NULL;
+
+ALTER TABLE UM_HYBRID_USER_ROLE ADD FOREIGN KEY (UM_ROLE_ID, UM_TENANT_ID) REFERENCES UM_HYBRID_ROLE(UM_ID, UM_TENANT_ID) ON DELETE CASCADE;
+
+update UM_PERMISSION set UM_RESOURCE_ID = REPLACE(UM_RESOURCE_ID, '-at-', '-AT-') where UM_TENANT_ID <> -1234;
\ No newline at end of file
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/um/oracle.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/um/oracle.sql
new file mode 100644
index 00000000..f1601bee
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/um/oracle.sql
@@ -0,0 +1,212 @@
+declare
+  con_name varchar2(100);
+  command varchar2(200);
+  databasename VARCHAR2(100);
+BEGIN
+  databasename := 'SAMPLE';
+
+  begin
+    select a.constraint_name into con_name FROM all_cons_columns a JOIN all_constraints c ON a.owner = c.owner AND a.constraint_name = c.constraint_name JOIN all_constraints c_pk ON c.r_owner = c_pk.owner AND c.r_constraint_name = c_pk.constraint_name WHERE c.constraint_type = 'R' AND a.table_name = 'UM_ROLE_PERMISSION' AND UPPER(a.OWNER)=UPPER(databasename) AND c_pk.table_name='UM_PERMISSION' AND ROWNUM<2;
+
+    if TRIM(con_name) is not null
+    then
+      command := 'ALTER TABLE UM_ROLE_PERMISSION DROP CONSTRAINT ' || con_name;
+      dbms_output.Put_line(command);
+      execute immediate command;
+    end if;
+
+    exception
+    when NO_DATA_FOUND
+    then
+    dbms_output.Put_line('Foreign key not found');
+  end;
+
+  begin
+    select a.constraint_name into con_name FROM all_cons_columns a JOIN all_constraints c ON a.owner = c.owner AND a.constraint_name = c.constraint_name JOIN all_constraints c_pk ON c.r_owner = c_pk.owner AND c.r_constraint_name = c_pk.constraint_name WHERE c.constraint_type = 'R' AND a.table_name = 'UM_USER_PERMISSION' AND UPPER(a.OWNER)=UPPER(databasename) AND c_pk.table_name='UM_PERMISSION' AND ROWNUM<2;
+
+    if TRIM(con_name) is not null
+    then
+      command := 'ALTER TABLE UM_USER_PERMISSION DROP CONSTRAINT ' || con_name;
+      dbms_output.Put_line(command);
+      execute immediate command;
+    end if;
+
+    exception
+    when NO_DATA_FOUND
+    then
+    dbms_output.Put_line('Foreign key not found');
+  end;
+
+  begin
+    select a.constraint_name into con_name FROM all_cons_columns a JOIN all_constraints c ON a.owner = c.owner AND a.constraint_name = c.constraint_name JOIN all_constraints c_pk ON c.r_owner = c_pk.owner AND c.r_constraint_name = c_pk.constraint_name WHERE c.constraint_type = 'R' AND a.table_name = 'UM_HYBRID_USER_ROLE' AND UPPER(a.OWNER)=UPPER(databasename) AND c_pk.table_name='UM_HYBRID_ROLE' AND ROWNUM<2;
+
+    if TRIM(con_name) is not null
+    then
+      command := 'ALTER TABLE UM_HYBRID_USER_ROLE DROP CONSTRAINT ' || con_name;
+      dbms_output.Put_line(command);
+      execute immediate command;
+    end if;
+
+    exception
+    when NO_DATA_FOUND
+    then
+    dbms_output.Put_line('Foreign key not found');
+  end;
+
+END;
+/
+
+ALTER TABLE UM_ROLE_PERMISSION ADD FOREIGN KEY (UM_PERMISSION_ID, UM_TENANT_ID) REFERENCES UM_PERMISSION(UM_ID, UM_TENANT_ID) ON DELETE CASCADE
+/
+ALTER TABLE UM_USER_PERMISSION ADD FOREIGN KEY (UM_PERMISSION_ID, UM_TENANT_ID) REFERENCES UM_PERMISSION(UM_ID, UM_TENANT_ID) ON DELETE CASCADE
+/
+ALTER TABLE UM_HYBRID_USER_ROLE ADD FOREIGN KEY (UM_ROLE_ID, UM_TENANT_ID) REFERENCES UM_HYBRID_ROLE(UM_ID, UM_TENANT_ID) ON DELETE CASCADE
+/
+
+update UM_PERMISSION set UM_RESOURCE_ID = REPLACE(UM_RESOURCE_ID, '-at-', '-AT-') where UM_TENANT_ID <> -1234
+/
+
+DELETE FROM UM_CLAIM
+WHERE UM_CLAIM_URI = 'http://wso2.org/claims/passwordTimestamp'
+/
+
+INSERT INTO UM_CLAIM (
+  UM_DIALECT_ID,
+  UM_CLAIM_URI,
+  UM_DISPLAY_TAG,
+  UM_DESCRIPTION,
+  UM_MAPPED_ATTRIBUTE,
+  UM_TENANT_ID,
+  UM_READ_ONLY)
+VALUES ((SELECT UM_ID
+         FROM UM_DIALECT
+         WHERE UM_DIALECT_URI = 'http://wso2.org/claims' AND UM_TENANT_ID = -1234),
+        'http://wso2.org/claims/username', 'Username', 'Username', 'uid', -1234, 1)
+/
+
+INSERT INTO UM_CLAIM (
+  UM_DIALECT_ID,
+  UM_CLAIM_URI,
+  UM_DISPLAY_TAG,
+  UM_DESCRIPTION,
+  UM_MAPPED_ATTRIBUTE,
+  UM_TENANT_ID,
+  UM_READ_ONLY)
+  SELECT
+    DIALECT.UM_ID,
+    'http://wso2.org/username',
+    'Username',
+    'Username',
+    'uid',
+    DIALECT.UM_TENANT_ID,
+    1
+  FROM UM_DIALECT DIALECT
+    JOIN UM_TENANT TENANT ON DIALECT.UM_TENANT_ID = TENANT.UM_ID
+  WHERE DIALECT.UM_DIALECT_URI = 'http://wso2.org/claims'
+/
+
+INSERT INTO UM_CLAIM (
+  UM_DIALECT_ID,
+  UM_CLAIM_URI,
+  UM_DISPLAY_TAG,
+  UM_DESCRIPTION,
+  UM_MAPPED_ATTRIBUTE,
+  UM_TENANT_ID,
+  UM_READ_ONLY)
+VALUES ((SELECT UM_ID
+         FROM UM_DIALECT
+         WHERE UM_DIALECT_URI = 'http://wso2.org/claims' AND UM_TENANT_ID = -1234),
+        'http://wso2.org/claims/identity/failedLoginAttempts', 'Failed Login Attempts', 'Failed Login Attempts',
+        'failedLoginAttempts', -1234, 1)
+/
+
+INSERT INTO UM_CLAIM (
+  UM_DIALECT_ID,
+  UM_CLAIM_URI,
+  UM_DISPLAY_TAG,
+  UM_DESCRIPTION,
+  UM_MAPPED_ATTRIBUTE,
+  UM_TENANT_ID,
+  UM_READ_ONLY)
+  SELECT
+    DIALECT.UM_ID,
+    'http://wso2.org/claims/identity/failedLoginAttempts',
+    'Failed Login Attempts',
+    'Failed Login Attempts',
+    'failedLoginAttempts',
+    DIALECT.UM_TENANT_ID,
+    1
+  FROM UM_DIALECT DIALECT
+    JOIN UM_TENANT TENANT ON DIALECT.UM_TENANT_ID = TENANT.UM_ID
+  WHERE DIALECT.UM_DIALECT_URI = 'http://wso2.org/claims'
+/
+
+INSERT INTO UM_CLAIM (
+  UM_DIALECT_ID,
+  UM_CLAIM_URI,
+  UM_DISPLAY_TAG,
+  UM_DESCRIPTION,
+  UM_MAPPED_ATTRIBUTE,
+  UM_TENANT_ID,
+  UM_READ_ONLY)
+VALUES ((SELECT UM_ID
+         FROM UM_DIALECT
+         WHERE UM_DIALECT_URI = 'http://wso2.org/claims' AND UM_TENANT_ID = -1234),
+        'http://wso2.org/claims/identity/unlockTime', 'Unlock Time', 'Unlock Time', 'unlockTime', -1234, 1)
+/
+
+INSERT INTO UM_CLAIM (
+  UM_DIALECT_ID,
+  UM_CLAIM_URI,
+  UM_DISPLAY_TAG,
+  UM_DESCRIPTION,
+  UM_MAPPED_ATTRIBUTE,
+  UM_TENANT_ID,
+  UM_READ_ONLY)
+  SELECT
+    DIALECT.UM_ID,
+    'http://wso2.org/claims/identity/unlockTime',
+    'Unlock Time',
+    'Unlock Time',
+    'unlockTime',
+    DIALECT.UM_TENANT_ID,
+    1
+  FROM UM_DIALECT DIALECT
+    JOIN UM_TENANT TENANT ON DIALECT.UM_TENANT_ID = TENANT.UM_ID
+  WHERE DIALECT.UM_DIALECT_URI = 'http://wso2.org/claims'
+/
+
+INSERT INTO UM_CLAIM (
+  UM_DIALECT_ID,
+  UM_CLAIM_URI,
+  UM_DISPLAY_TAG,
+  UM_DESCRIPTION,
+  UM_MAPPED_ATTRIBUTE,
+  UM_TENANT_ID,
+  UM_READ_ONLY)
+VALUES ((SELECT UM_ID
+         FROM UM_DIALECT
+         WHERE UM_DIALECT_URI = 'http://wso2.org/claims' AND UM_TENANT_ID = -1234),
+        'http://wso2.org/claims/displayName', 'Display Name', 'Display Name', 'displayName', -1234, 1)
+/
+
+INSERT INTO UM_CLAIM (
+  UM_DIALECT_ID,
+  UM_CLAIM_URI,
+  UM_DISPLAY_TAG,
+  UM_DESCRIPTION,
+  UM_MAPPED_ATTRIBUTE,
+  UM_TENANT_ID,
+  UM_READ_ONLY)
+  SELECT
+    DIALECT.UM_ID,
+    'http://wso2.org/claims/displayName',
+    'Display Name',
+    'Display Name',
+    'displayName',
+    DIALECT.UM_TENANT_ID,
+    1
+  FROM UM_DIALECT DIALECT
+    JOIN UM_TENANT TENANT ON DIALECT.UM_TENANT_ID = TENANT.UM_ID
+  WHERE DIALECT.UM_DIALECT_URI = 'http://wso2.org/claims'
+/
\ No newline at end of file
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/um/postgresql.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/um/postgresql.sql
new file mode 100644
index 00000000..cf79e756
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/um/postgresql.sql
@@ -0,0 +1,11 @@
+DO $$ DECLARE con_name varchar(200); BEGIN SELECT 'ALTER TABLE um_role_permission DROP CONSTRAINT ' || tc .constraint_name || ';' INTO con_name FROM information_schema.table_constraints AS tc JOIN information_schema.key_column_usage AS kcu ON tc.constraint_name = kcu.constraint_name JOIN information_schema.constraint_column_usage AS ccu ON ccu.constraint_name = tc.constraint_name WHERE constraint_type = 'FOREIGN KEY' AND tc.table_name = 'um_role_permission' AND ccu.table_name='um_permission' LIMIT 1; EXECUTE con_name; END $$;
+
+DO $$ DECLARE con_name varchar(200); BEGIN SELECT 'ALTER TABLE um_user_permission DROP CONSTRAINT ' || tc .constraint_name || ';' INTO con_name FROM information_schema.table_constraints AS tc JOIN information_schema.key_column_usage AS kcu ON tc.constraint_name = kcu.constraint_name JOIN information_schema.constraint_column_usage AS ccu ON ccu.constraint_name = tc.constraint_name WHERE constraint_type = 'FOREIGN KEY' AND tc.table_name = 'um_user_permission' AND ccu.table_name='um_permission' LIMIT 1; EXECUTE con_name; END $$;
+
+DO $$ DECLARE con_name varchar(200); BEGIN SELECT 'ALTER TABLE um_hybrid_user_role DROP CONSTRAINT ' || tc .constraint_name || ';' INTO con_name FROM information_schema.table_constraints AS tc JOIN information_schema.key_column_usage AS kcu ON tc.constraint_name = kcu.constraint_name JOIN information_schema.constraint_column_usage AS ccu ON ccu.constraint_name = tc.constraint_name WHERE constraint_type = 'FOREIGN KEY' AND tc.table_name = 'um_hybrid_user_role' AND ccu.table_name='um_hybrid_role' LIMIT 1; EXECUTE con_name; END $$;
+
+ALTER TABLE UM_ROLE_PERMISSION ADD FOREIGN KEY (UM_PERMISSION_ID, UM_TENANT_ID) REFERENCES UM_PERMISSION(UM_ID, UM_TENANT_ID) ON DELETE CASCADE;
+ALTER TABLE UM_USER_PERMISSION ADD FOREIGN KEY (UM_PERMISSION_ID, UM_TENANT_ID) REFERENCES UM_PERMISSION(UM_ID, UM_TENANT_ID) ON DELETE CASCADE;
+ALTER TABLE UM_HYBRID_USER_ROLE ADD FOREIGN KEY (UM_ROLE_ID, UM_TENANT_ID) REFERENCES UM_HYBRID_ROLE(UM_ID, UM_TENANT_ID) ON DELETE CASCADE;
+
+update UM_PERMISSION set UM_RESOURCE_ID = REPLACE(UM_RESOURCE_ID, '-at-', '-AT-') where UM_TENANT_ID <> -1234;
\ No newline at end of file
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/identity/db2.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/identity/db2.sql
new file mode 100644
index 00000000..1e146cc3
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/identity/db2.sql
@@ -0,0 +1,22 @@
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD PKCE_MANDATORY CHAR(1) DEFAULT '0'
+/
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD PKCE_SUPPORT_PLAIN CHAR(1) DEFAULT '0'
+/
+
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD PKCE_CODE_CHALLENGE VARCHAR(255)
+/
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD PKCE_CODE_CHALLENGE_METHOD VARCHAR(128)
+/
+
+ALTER TABLE WF_BPS_PROFILE MODIFY HOST_URL_MANAGER VARCHAR2(255)
+/
+ALTER TABLE WF_BPS_PROFILE MODIFY HOST_URL_WORKER VARCHAR2(255)
+/
+
+INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME, IS_ENABLED)
+  SELECT TENANT_ID, IDP_ID, 'openidconnect', 0
+  FROM IDP_AUTHENTICATOR
+  WHERE IDP_ID
+  IN (SELECT ID FROM IDP WHERE NAME = 'LOCAL') GROUP BY TENANT_ID, IDP_ID
+  HAVING SUM(CASE NAME WHEN 'openidconnect' THEN 1 ELSE 0 END)=0
+/
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/identity/h2.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/identity/h2.sql
new file mode 100644
index 00000000..dfac7879
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/identity/h2.sql
@@ -0,0 +1,16 @@
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD COLUMN PKCE_MANDATORY CHAR(1) DEFAULT '0';
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD COLUMN PKCE_SUPPORT_PLAIN CHAR(1) DEFAULT '0';
+
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD COLUMN PKCE_CODE_CHALLENGE VARCHAR(255);
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD COLUMN PKCE_CODE_CHALLENGE_METHOD VARCHAR(128);
+
+ALTER TABLE WF_BPS_PROFILE ALTER COLUMN HOST_URL_MANAGER VARCHAR(255);
+ALTER TABLE WF_BPS_PROFILE ALTER COLUMN HOST_URL_WORKER VARCHAR(255);
+
+INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME, IS_ENABLED)
+  SELECT TENANT_ID, IDP_ID, 'openidconnect', 0
+  FROM IDP_AUTHENTICATOR
+  WHERE IDP_ID
+  IN (SELECT ID FROM IDP WHERE NAME = 'LOCAL')
+  GROUP BY TENANT_ID, IDP_ID
+  HAVING SUM(CASE NAME WHEN 'openidconnect' THEN 1 ELSE 0 END)=0;
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/identity/mssql.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/identity/mssql.sql
new file mode 100644
index 00000000..c06f8ff4
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/identity/mssql.sql
@@ -0,0 +1,16 @@
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD PKCE_MANDATORY CHAR(1) DEFAULT '0';
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD PKCE_SUPPORT_PLAIN CHAR(1) DEFAULT '0';
+
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD PKCE_CODE_CHALLENGE VARCHAR(255);
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD PKCE_CODE_CHALLENGE_METHOD VARCHAR(128);
+
+ALTER TABLE WF_BPS_PROFILE ALTER COLUMN HOST_URL_MANAGER VARCHAR(255);
+ALTER TABLE WF_BPS_PROFILE ALTER COLUMN HOST_URL_WORKER VARCHAR(255);
+
+INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME, IS_ENABLED)
+  SELECT TENANT_ID, IDP_ID, 'openidconnect', 0
+  FROM IDP_AUTHENTICATOR
+  WHERE IDP_ID
+  IN (SELECT ID FROM IDP WHERE NAME = 'LOCAL')
+  GROUP BY TENANT_ID, IDP_ID
+  HAVING SUM(CASE NAME WHEN 'openidconnect' THEN 1 ELSE 0 END)=0;
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/identity/mysql.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/identity/mysql.sql
new file mode 100644
index 00000000..6a99f2c4
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/identity/mysql.sql
@@ -0,0 +1,18 @@
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS
+  ADD COLUMN PKCE_MANDATORY CHAR(1) DEFAULT '0',
+  ADD COLUMN PKCE_SUPPORT_PLAIN CHAR(1) DEFAULT '0';
+
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE
+  ADD COLUMN PKCE_CODE_CHALLENGE VARCHAR(255),
+  ADD COLUMN PKCE_CODE_CHALLENGE_METHOD VARCHAR(128);
+
+ALTER TABLE WF_BPS_PROFILE MODIFY COLUMN HOST_URL_MANAGER VARCHAR(255);
+ALTER TABLE WF_BPS_PROFILE MODIFY COLUMN HOST_URL_WORKER VARCHAR(255);
+
+INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME, IS_ENABLED)
+  SELECT TENANT_ID, IDP_ID, 'openidconnect', 0
+  FROM IDP_AUTHENTICATOR
+  WHERE IDP_ID
+  IN (SELECT ID FROM IDP WHERE NAME = 'LOCAL')
+  GROUP BY TENANT_ID, IDP_ID
+  HAVING SUM(CASE NAME WHEN 'openidconnect' THEN 1 ELSE 0 END)=0;
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/identity/mysql5.7.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/identity/mysql5.7.sql
new file mode 100644
index 00000000..6a99f2c4
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/identity/mysql5.7.sql
@@ -0,0 +1,18 @@
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS
+  ADD COLUMN PKCE_MANDATORY CHAR(1) DEFAULT '0',
+  ADD COLUMN PKCE_SUPPORT_PLAIN CHAR(1) DEFAULT '0';
+
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE
+  ADD COLUMN PKCE_CODE_CHALLENGE VARCHAR(255),
+  ADD COLUMN PKCE_CODE_CHALLENGE_METHOD VARCHAR(128);
+
+ALTER TABLE WF_BPS_PROFILE MODIFY COLUMN HOST_URL_MANAGER VARCHAR(255);
+ALTER TABLE WF_BPS_PROFILE MODIFY COLUMN HOST_URL_WORKER VARCHAR(255);
+
+INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME, IS_ENABLED)
+  SELECT TENANT_ID, IDP_ID, 'openidconnect', 0
+  FROM IDP_AUTHENTICATOR
+  WHERE IDP_ID
+  IN (SELECT ID FROM IDP WHERE NAME = 'LOCAL')
+  GROUP BY TENANT_ID, IDP_ID
+  HAVING SUM(CASE NAME WHEN 'openidconnect' THEN 1 ELSE 0 END)=0;
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/identity/oracle.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/identity/oracle.sql
new file mode 100644
index 00000000..e5939286
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/identity/oracle.sql
@@ -0,0 +1,25 @@
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD PKCE_MANDATORY CHAR(1) DEFAULT '0'
+/
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD PKCE_SUPPORT_PLAIN CHAR(1) DEFAULT '0'
+/
+
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD PKCE_CODE_CHALLENGE VARCHAR(255)
+/
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD PKCE_CODE_CHALLENGE_METHOD VARCHAR(128)
+/
+
+ALTER TABLE WF_BPS_PROFILE MODIFY HOST_URL_MANAGER VARCHAR2(255)
+/
+ALTER TABLE WF_BPS_PROFILE MODIFY HOST_URL_WORKER VARCHAR2(255)
+/
+ALTER TABLE WF_BPS_PROFILE MODIFY PASSWORD VARCHAR2(1023)
+/
+
+INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME, IS_ENABLED)
+  SELECT TENANT_ID, IDP_ID, 'openidconnect', 0
+  FROM IDP_AUTHENTICATOR
+  WHERE IDP_ID
+  IN (SELECT ID FROM IDP WHERE NAME = 'LOCAL')
+  GROUP BY TENANT_ID, IDP_ID
+  HAVING SUM(CASE NAME WHEN 'openidconnect' THEN 1 ELSE 0 END)=0
+/
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/identity/postgresql.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/identity/postgresql.sql
new file mode 100644
index 00000000..d0979ba6
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/identity/postgresql.sql
@@ -0,0 +1,16 @@
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD COLUMN PKCE_MANDATORY CHAR(1) DEFAULT '0';
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD COLUMN PKCE_SUPPORT_PLAIN CHAR(1) DEFAULT '0';
+
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD COLUMN PKCE_CODE_CHALLENGE VARCHAR(255);
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD COLUMN PKCE_CODE_CHALLENGE_METHOD VARCHAR(128);
+
+ALTER TABLE WF_BPS_PROFILE ALTER COLUMN HOST_URL_MANAGER TYPE VARCHAR(255) USING CONSUMER_KEY::VARCHAR;
+ALTER TABLE WF_BPS_PROFILE ALTER COLUMN HOST_URL_WORKER TYPE VARCHAR(255) USING CONSUMER_KEY::VARCHAR;
+
+INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME, IS_ENABLED)
+  SELECT TENANT_ID, IDP_ID, 'openidconnect', 0
+  FROM IDP_AUTHENTICATOR
+  WHERE IDP_ID
+  IN (SELECT ID FROM IDP WHERE NAME = 'LOCAL')
+  GROUP BY TENANT_ID, IDP_ID
+  HAVING SUM(CASE NAME WHEN 'openidconnect' THEN 1 ELSE 0 END)=0;
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/um/db2.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/um/db2.sql
new file mode 100644
index 00000000..7db6c00a
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/um/db2.sql
@@ -0,0 +1,111 @@
+
+INSERT INTO UM_CLAIM (
+            UM_DIALECT_ID,
+            UM_CLAIM_URI,
+            UM_DISPLAY_TAG,
+            UM_DESCRIPTION,
+            UM_MAPPED_ATTRIBUTE,
+            UM_TENANT_ID,
+            UM_READ_ONLY,
+            UM_SUPPORTED,
+            UM_REQUIRED,
+            UM_DISPLAY_ORDER,
+            UM_CHECKED_ATTRIBUTE)
+VALUES ((SELECT UM_ID FROM UM_DIALECT WHERE UM_DIALECT_URI='http://wso2.org/claims' AND UM_TENANT_ID=-1234),
+'http://wso2.org/claims/identity/lastLoginTime','Last Login Time','Last Login Time','carLicense',-1234,1,0,0,7,0)
+/
+
+INSERT INTO UM_CLAIM (
+           UM_DIALECT_ID,
+           UM_CLAIM_URI,
+           UM_DISPLAY_TAG,
+           UM_DESCRIPTION,
+           UM_MAPPED_ATTRIBUTE,
+           UM_TENANT_ID,
+           UM_READ_ONLY)
+SELECT DIALECT.UM_ID,
+	   'http://wso2.org/claims/identity/lastLoginTime',
+           'Last Login Time',
+           'Last Login Time',
+           'carLicense',
+	   DIALECT.UM_TENANT_ID,
+           1
+           FROM UM_DIALECT DIALECT JOIN UM_TENANT TENANT ON DIALECT.UM_TENANT_ID=TENANT.UM_ID WHERE DIALECT.UM_DIALECT_URI='http://wso2.org/claims'
+/
+
+
+INSERT INTO UM_CLAIM (
+            UM_DIALECT_ID,
+            UM_CLAIM_URI,
+            UM_DISPLAY_TAG,
+            UM_DESCRIPTION,
+            UM_MAPPED_ATTRIBUTE,
+            UM_TENANT_ID,
+            UM_READ_ONLY,
+            UM_SUPPORTED,
+            UM_REQUIRED,
+            UM_DISPLAY_ORDER,
+            UM_CHECKED_ATTRIBUTE)
+VALUES ((SELECT UM_ID FROM UM_DIALECT WHERE UM_DIALECT_URI='http://wso2.org/claims' AND UM_TENANT_ID=-1234),
+'http://wso2.org/claims/identity/lastPasswordUpdateTime','Last Password Update','Last Password Update','businessCategory',-1234,1,0,0,7,0)
+/
+
+INSERT INTO UM_CLAIM (
+           UM_DIALECT_ID,
+           UM_CLAIM_URI,
+           UM_DISPLAY_TAG,
+           UM_DESCRIPTION,
+           UM_MAPPED_ATTRIBUTE,
+           UM_TENANT_ID,
+           UM_READ_ONLY)
+SELECT DIALECT.UM_ID,
+	'http://wso2.org/claims/identity/lastPasswordUpdateTime',
+        'Last Password Update',
+        'Last Password Update',
+        'businessCategory',
+        DIALECT.UM_TENANT_ID,
+        1
+        FROM UM_DIALECT DIALECT JOIN UM_TENANT TENANT ON DIALECT.UM_TENANT_ID=TENANT.UM_ID WHERE DIALECT.UM_DIALECT_URI='http://wso2.org/claims'
+/
+
+INSERT INTO UM_CLAIM (
+      UM_DIALECT_ID,
+      UM_CLAIM_URI,
+      UM_DISPLAY_TAG,
+      UM_DESCRIPTION,
+      UM_MAPPED_ATTRIBUTE,
+      UM_TENANT_ID,
+      UM_READ_ONLY)
+VALUES ((SELECT UM_ID FROM UM_DIALECT WHERE UM_DIALECT_URI='http://wso2.org/claims' AND UM_TENANT_ID=-1234),
+'http://wso2.org/claims/identity/accountDisabled','Account Disabled','Account Disabled','ref',-1234,1)
+/
+
+INSERT INTO UM_CLAIM (
+           UM_DIALECT_ID,
+           UM_CLAIM_URI,
+           UM_DISPLAY_TAG,
+           UM_DESCRIPTION,
+           UM_MAPPED_ATTRIBUTE,
+           UM_TENANT_ID,
+           UM_READ_ONLY)
+SELECT DIALECT.UM_ID,
+	   'http://wso2.org/claims/identity/accountDisabled',
+           'Account Disabled',
+           'Account Disabled',
+           'ref',
+	         DIALECT.UM_TENANT_ID,
+           1
+           FROM UM_DIALECT DIALECT JOIN UM_TENANT TENANT ON DIALECT.UM_TENANT_ID=TENANT.UM_ID WHERE DIALECT.UM_DIALECT_URI='http://wso2.org/claims'
+/
+
+CREATE INDEX REG_LOG_IND_BY_P1
+    ON REG_LOG(REG_LOGGED_TIME, REG_TENANT_ID)/
+
+CREATE INDEX REG_RESOURCE_IND_3
+    ON REG_RESOURCE(REG_UUID)/
+
+CREATE INDEX REG_RESOURCE_IND_4
+    ON REG_RESOURCE(REG_TENANT_ID, REG_UUID)/
+
+CREATE INDEX REG_RESOURCE_IND_5
+    ON REG_RESOURCE(REG_TENANT_ID, REG_MEDIA_TYPE)/
\ No newline at end of file
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/um/h2.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/um/h2.sql
new file mode 100644
index 00000000..1717f504
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/um/h2.sql
@@ -0,0 +1,96 @@
+INSERT INTO UM_CLAIM (
+            UM_DIALECT_ID, 
+            UM_CLAIM_URI,
+            UM_DISPLAY_TAG, 
+            UM_DESCRIPTION,
+            UM_MAPPED_ATTRIBUTE,
+            UM_TENANT_ID,
+            UM_READ_ONLY,
+            UM_SUPPORTED,
+            UM_REQUIRED,
+            UM_DISPLAY_ORDER,
+            UM_CHECKED_ATTRIBUTE)
+VALUES ((SELECT UM_ID FROM UM_DIALECT WHERE UM_DIALECT_URI='http://wso2.org/claims' AND UM_TENANT_ID=-1234),
+'http://wso2.org/claims/identity/lastLoginTime','Last Login Time','Last Login Time','carLicense',-1234,1,0,0,7,0);
+
+INSERT INTO UM_CLAIM (
+           UM_DIALECT_ID,
+           UM_CLAIM_URI,
+           UM_DISPLAY_TAG,
+           UM_DESCRIPTION,
+           UM_MAPPED_ATTRIBUTE,
+           UM_TENANT_ID,
+           UM_READ_ONLY)
+SELECT DIALECT.UM_ID,
+	   'http://wso2.org/claims/identity/lastLoginTime',
+           'Last Login Time',
+           'Last Login Time',
+           'carLicense',
+	   DIALECT.UM_TENANT_ID,
+           1
+           FROM UM_DIALECT as DIALECT JOIN UM_TENANT as TENANT ON DIALECT.UM_TENANT_ID=TENANT.UM_ID WHERE DIALECT.UM_DIALECT_URI='http://wso2.org/claims';
+
+INSERT INTO UM_CLAIM (
+            UM_DIALECT_ID, 
+            UM_CLAIM_URI,
+            UM_DISPLAY_TAG, 
+            UM_DESCRIPTION,
+            UM_MAPPED_ATTRIBUTE,
+            UM_TENANT_ID,
+            UM_READ_ONLY,
+            UM_SUPPORTED,
+            UM_REQUIRED,
+            UM_DISPLAY_ORDER,
+            UM_CHECKED_ATTRIBUTE)
+VALUES ((SELECT UM_ID FROM UM_DIALECT WHERE UM_DIALECT_URI='http://wso2.org/claims' AND UM_TENANT_ID=-1234),
+'http://wso2.org/claims/identity/lastPasswordUpdateTime','Last Password Update','Last Password Update','businessCategory',-1234,1,0,0,7,0);
+
+INSERT INTO UM_CLAIM (
+           UM_DIALECT_ID,
+           UM_CLAIM_URI,
+           UM_DISPLAY_TAG,
+           UM_DESCRIPTION,
+           UM_MAPPED_ATTRIBUTE,
+           UM_TENANT_ID,
+           UM_READ_ONLY)
+SELECT DIALECT.UM_ID,
+	'http://wso2.org/claims/identity/lastPasswordUpdateTime',
+        'Last Password Update',
+        'Last Password Update',
+        'businessCategory',
+        DIALECT.UM_TENANT_ID,
+        1
+        FROM UM_DIALECT as DIALECT JOIN UM_TENANT as TENANT ON DIALECT.UM_TENANT_ID=TENANT.UM_ID WHERE DIALECT.UM_DIALECT_URI='http://wso2.org/claims';
+
+INSERT INTO UM_CLAIM (
+      UM_DIALECT_ID,
+      UM_CLAIM_URI,
+      UM_DISPLAY_TAG,
+      UM_DESCRIPTION,
+      UM_MAPPED_ATTRIBUTE,
+      UM_TENANT_ID,
+      UM_READ_ONLY)
+VALUES ((SELECT UM_ID FROM UM_DIALECT WHERE UM_DIALECT_URI='http://wso2.org/claims' AND UM_TENANT_ID=-1234),
+'http://wso2.org/claims/identity/accountDisabled','Account Disabled','Account Disabled','ref',-1234,1);
+
+INSERT INTO UM_CLAIM (
+           UM_DIALECT_ID,
+           UM_CLAIM_URI,
+           UM_DISPLAY_TAG,
+           UM_DESCRIPTION,
+           UM_MAPPED_ATTRIBUTE,
+           UM_TENANT_ID,
+           UM_READ_ONLY)
+SELECT DIALECT.UM_ID,
+	   'http://wso2.org/claims/identity/accountDisabled',
+           'Account Disabled',
+           'Account Disabled',
+           'ref',
+	         DIALECT.UM_TENANT_ID,
+           1
+           FROM UM_DIALECT DIALECT JOIN UM_TENANT TENANT ON DIALECT.UM_TENANT_ID=TENANT.UM_ID WHERE DIALECT.UM_DIALECT_URI='http://wso2.org/claims';
+
+CREATE INDEX REG_LOG_IND_BY_REG_LOGTIME USING HASH ON REG_LOG(REG_LOGGED_TIME, REG_TENANT_ID);
+CREATE INDEX REG_RESOURCE_IND_BY_UUID USING HASH ON REG_RESOURCE(REG_UUID);
+CREATE INDEX REG_RESOURCE_IND_BY_TENANT USING HASH ON REG_RESOURCE(REG_TENANT_ID, REG_UUID);
+CREATE INDEX REG_RESOURCE_IND_BY_TYPE USING HASH ON REG_RESOURCE(REG_TENANT_ID, REG_MEDIA_TYPE);
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/um/mssql.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/um/mssql.sql
new file mode 100644
index 00000000..e4ea9ce1
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/um/mssql.sql
@@ -0,0 +1,96 @@
+INSERT INTO UM_CLAIM (
+            UM_DIALECT_ID, 
+            UM_CLAIM_URI,
+            UM_DISPLAY_TAG, 
+            UM_DESCRIPTION,
+            UM_MAPPED_ATTRIBUTE,
+            UM_TENANT_ID,
+            UM_READ_ONLY,
+            UM_SUPPORTED,
+            UM_REQUIRED,
+            UM_DISPLAY_ORDER,
+            UM_CHECKED_ATTRIBUTE)
+VALUES ((SELECT UM_ID FROM UM_DIALECT WHERE UM_DIALECT_URI='http://wso2.org/claims' AND UM_TENANT_ID=-1234),
+'http://wso2.org/claims/identity/lastLoginTime','Last Login Time','Last Login Time','carLicense',-1234,1,0,0,7,0);
+
+INSERT INTO UM_CLAIM (
+           UM_DIALECT_ID,
+           UM_CLAIM_URI,
+           UM_DISPLAY_TAG,
+           UM_DESCRIPTION,
+           UM_MAPPED_ATTRIBUTE,
+           UM_TENANT_ID,
+           UM_READ_ONLY)
+SELECT DIALECT.UM_ID,
+	   'http://wso2.org/claims/identity/lastLoginTime',
+           'Last Login Time',
+           'Last Login Time',
+           'carLicense',
+	   DIALECT.UM_TENANT_ID,
+           1
+           FROM UM_DIALECT as DIALECT JOIN UM_TENANT as TENANT ON DIALECT.UM_TENANT_ID=TENANT.UM_ID WHERE DIALECT.UM_DIALECT_URI='http://wso2.org/claims';
+
+INSERT INTO UM_CLAIM (
+            UM_DIALECT_ID,
+            UM_CLAIM_URI,
+            UM_DISPLAY_TAG,
+            UM_DESCRIPTION,
+            UM_MAPPED_ATTRIBUTE,
+            UM_TENANT_ID,
+            UM_READ_ONLY,
+            UM_SUPPORTED,
+            UM_REQUIRED,
+            UM_DISPLAY_ORDER,
+            UM_CHECKED_ATTRIBUTE)
+VALUES ((SELECT UM_ID FROM UM_DIALECT WHERE UM_DIALECT_URI='http://wso2.org/claims' AND UM_TENANT_ID=-1234),
+'http://wso2.org/claims/identity/lastPasswordUpdateTime','Last Password Update','Last Password Update','businessCategory',-1234,1,0,0,7,0);
+
+INSERT INTO UM_CLAIM (
+           UM_DIALECT_ID,
+           UM_CLAIM_URI,
+           UM_DISPLAY_TAG,
+           UM_DESCRIPTION,
+           UM_MAPPED_ATTRIBUTE,
+           UM_TENANT_ID,
+           UM_READ_ONLY)
+SELECT DIALECT.UM_ID,
+	'http://wso2.org/claims/identity/lastPasswordUpdateTime',
+        'Last Password Update',
+        'Last Password Update',
+        'businessCategory',
+        DIALECT.UM_TENANT_ID,
+        1
+        FROM UM_DIALECT as DIALECT JOIN UM_TENANT as TENANT ON DIALECT.UM_TENANT_ID=TENANT.UM_ID WHERE DIALECT.UM_DIALECT_URI='http://wso2.org/claims';
+
+INSERT INTO UM_CLAIM (
+          UM_DIALECT_ID,
+          UM_CLAIM_URI,
+          UM_DISPLAY_TAG,
+          UM_DESCRIPTION,
+          UM_MAPPED_ATTRIBUTE,
+          UM_TENANT_ID,
+          UM_READ_ONLY)
+VALUES ((SELECT UM_ID FROM UM_DIALECT WHERE UM_DIALECT_URI='http://wso2.org/claims' AND UM_TENANT_ID=-1234),
+'http://wso2.org/claims/identity/accountDisabled','Account Disabled','Account Disabled','ref',-1234,1);
+
+INSERT INTO UM_CLAIM (
+           UM_DIALECT_ID,
+           UM_CLAIM_URI,
+           UM_DISPLAY_TAG,
+           UM_DESCRIPTION,
+           UM_MAPPED_ATTRIBUTE,
+           UM_TENANT_ID,
+           UM_READ_ONLY)
+SELECT DIALECT.UM_ID,
+	   'http://wso2.org/claims/identity/accountDisabled',
+           'Account Disabled',
+           'Account Disabled',
+           'ref',
+	         DIALECT.UM_TENANT_ID,
+           1
+           FROM UM_DIALECT DIALECT JOIN UM_TENANT TENANT ON DIALECT.UM_TENANT_ID=TENANT.UM_ID WHERE DIALECT.UM_DIALECT_URI='http://wso2.org/claims';
+
+CREATE INDEX REG_LOG_IND_BY_REG_LOGTIME ON REG_LOG(REG_LOGGED_TIME, REG_TENANT_ID);
+CREATE INDEX REG_RESOURCE_IND_BY_UUID ON REG_RESOURCE(REG_UUID);
+CREATE INDEX REG_RESOURCE_IND_BY_TENANT ON REG_RESOURCE(REG_TENANT_ID, REG_UUID);
+CREATE INDEX REG_RESOURCE_IND_BY_TYPE ON REG_RESOURCE(REG_TENANT_ID, REG_MEDIA_TYPE);
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/um/mysql.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/um/mysql.sql
new file mode 100644
index 00000000..be9e89d2
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/um/mysql.sql
@@ -0,0 +1,96 @@
+INSERT INTO UM_CLAIM (
+            UM_DIALECT_ID, 
+            UM_CLAIM_URI,
+            UM_DISPLAY_TAG, 
+            UM_DESCRIPTION,
+            UM_MAPPED_ATTRIBUTE,
+            UM_TENANT_ID,
+            UM_READ_ONLY,
+            UM_SUPPORTED,
+            UM_REQUIRED,
+            UM_DISPLAY_ORDER,
+            UM_CHECKED_ATTRIBUTE)
+VALUES ((SELECT UM_ID FROM UM_DIALECT WHERE UM_DIALECT_URI='http://wso2.org/claims' AND UM_TENANT_ID=-1234),
+'http://wso2.org/claims/identity/lastLoginTime','Last Login Time','Last Login Time','carLicense',-1234,1,0,0,7,0);
+
+INSERT INTO UM_CLAIM (
+           UM_DIALECT_ID,
+           UM_CLAIM_URI,
+           UM_DISPLAY_TAG,
+           UM_DESCRIPTION,
+           UM_MAPPED_ATTRIBUTE,
+           UM_TENANT_ID,
+           UM_READ_ONLY)
+SELECT DIALECT.UM_ID,
+	   'http://wso2.org/claims/identity/lastLoginTime',
+           'Last Login Time',
+           'Last Login Time',
+           'carLicense',
+	   DIALECT.UM_TENANT_ID,
+           1
+           FROM UM_DIALECT as DIALECT JOIN UM_TENANT as TENANT ON DIALECT.UM_TENANT_ID=TENANT.UM_ID WHERE DIALECT.UM_DIALECT_URI='http://wso2.org/claims';
+
+INSERT INTO UM_CLAIM (
+            UM_DIALECT_ID,
+            UM_CLAIM_URI,
+            UM_DISPLAY_TAG,
+            UM_DESCRIPTION,
+            UM_MAPPED_ATTRIBUTE,
+            UM_TENANT_ID,
+            UM_READ_ONLY,
+            UM_SUPPORTED,
+            UM_REQUIRED,
+            UM_DISPLAY_ORDER,
+            UM_CHECKED_ATTRIBUTE)
+VALUES ((SELECT UM_ID FROM UM_DIALECT WHERE UM_DIALECT_URI='http://wso2.org/claims' AND UM_TENANT_ID=-1234),
+'http://wso2.org/claims/identity/lastPasswordUpdateTime','Last Password Update','Last Password Update','businessCategory',-1234,1,0,0,7,0);
+
+INSERT INTO UM_CLAIM (
+           UM_DIALECT_ID,
+           UM_CLAIM_URI,
+           UM_DISPLAY_TAG,
+           UM_DESCRIPTION,
+           UM_MAPPED_ATTRIBUTE,
+           UM_TENANT_ID,
+           UM_READ_ONLY)
+SELECT DIALECT.UM_ID,
+	'http://wso2.org/claims/identity/lastPasswordUpdateTime',
+        'Last Password Update',
+        'Last Password Update',
+        'businessCategory',
+        DIALECT.UM_TENANT_ID,
+        1
+        FROM UM_DIALECT as DIALECT JOIN UM_TENANT as TENANT ON DIALECT.UM_TENANT_ID=TENANT.UM_ID WHERE DIALECT.UM_DIALECT_URI='http://wso2.org/claims';
+
+INSERT INTO UM_CLAIM (
+      UM_DIALECT_ID,
+      UM_CLAIM_URI,
+      UM_DISPLAY_TAG,
+      UM_DESCRIPTION,
+      UM_MAPPED_ATTRIBUTE,
+      UM_TENANT_ID,
+      UM_READ_ONLY)
+VALUES ((SELECT UM_ID FROM UM_DIALECT WHERE UM_DIALECT_URI='http://wso2.org/claims' AND UM_TENANT_ID=-1234),
+'http://wso2.org/claims/identity/accountDisabled','Account Disabled','Account Disabled','ref',-1234,1);
+
+INSERT INTO UM_CLAIM (
+           UM_DIALECT_ID,
+           UM_CLAIM_URI,
+           UM_DISPLAY_TAG,
+           UM_DESCRIPTION,
+           UM_MAPPED_ATTRIBUTE,
+           UM_TENANT_ID,
+           UM_READ_ONLY)
+SELECT DIALECT.UM_ID,
+	   'http://wso2.org/claims/identity/accountDisabled',
+           'Account Disabled',
+           'Account Disabled',
+           'ref',
+	         DIALECT.UM_TENANT_ID,
+           1
+           FROM UM_DIALECT DIALECT JOIN UM_TENANT TENANT ON DIALECT.UM_TENANT_ID=TENANT.UM_ID WHERE DIALECT.UM_DIALECT_URI='http://wso2.org/claims';
+
+CREATE INDEX REG_LOG_IND_BY_REG_LOGTIME USING HASH ON REG_LOG(REG_LOGGED_TIME, REG_TENANT_ID);
+CREATE INDEX REG_RESOURCE_IND_BY_UUID USING HASH ON REG_RESOURCE(REG_UUID);
+CREATE INDEX REG_RESOURCE_IND_BY_TENANT USING HASH ON REG_RESOURCE(REG_TENANT_ID, REG_UUID);
+CREATE INDEX REG_RESOURCE_IND_BY_TYPE USING HASH ON REG_RESOURCE(REG_TENANT_ID, REG_MEDIA_TYPE);
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/um/mysql5.7.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/um/mysql5.7.sql
new file mode 100644
index 00000000..53cf7c78
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/um/mysql5.7.sql
@@ -0,0 +1,96 @@
+INSERT INTO UM_CLAIM (
+            UM_DIALECT_ID,
+            UM_CLAIM_URI,
+            UM_DISPLAY_TAG,
+            UM_DESCRIPTION,
+            UM_MAPPED_ATTRIBUTE,
+            UM_TENANT_ID,
+            UM_READ_ONLY,
+            UM_SUPPORTED,
+            UM_REQUIRED,
+            UM_DISPLAY_ORDER,
+            UM_CHECKED_ATTRIBUTE)
+VALUES ((SELECT UM_ID FROM UM_DIALECT WHERE UM_DIALECT_URI='http://wso2.org/claims' AND UM_TENANT_ID=-1234),
+'http://wso2.org/claims/identity/lastLoginTime','Last Login Time','Last Login Time','carLicense',-1234,1,0,0,7,0);
+
+INSERT INTO UM_CLAIM (
+           UM_DIALECT_ID,
+           UM_CLAIM_URI,
+           UM_DISPLAY_TAG,
+           UM_DESCRIPTION,
+           UM_MAPPED_ATTRIBUTE,
+           UM_TENANT_ID,
+           UM_READ_ONLY)
+SELECT DIALECT.UM_ID,
+	   'http://wso2.org/claims/identity/lastLoginTime',
+           'Last Login Time',
+           'Last Login Time',
+           'carLicense',
+	   DIALECT.UM_TENANT_ID,
+           1
+           FROM UM_DIALECT as DIALECT JOIN UM_TENANT as TENANT ON DIALECT.UM_TENANT_ID=TENANT.UM_ID WHERE DIALECT.UM_DIALECT_URI='http://wso2.org/claims';
+
+INSERT INTO UM_CLAIM (
+            UM_DIALECT_ID,
+            UM_CLAIM_URI,
+            UM_DISPLAY_TAG,
+            UM_DESCRIPTION,
+            UM_MAPPED_ATTRIBUTE,
+            UM_TENANT_ID,
+            UM_READ_ONLY,
+            UM_SUPPORTED,
+            UM_REQUIRED,
+            UM_DISPLAY_ORDER,
+            UM_CHECKED_ATTRIBUTE)
+VALUES ((SELECT UM_ID FROM UM_DIALECT WHERE UM_DIALECT_URI='http://wso2.org/claims' AND UM_TENANT_ID=-1234),
+'http://wso2.org/claims/identity/lastPasswordUpdateTime','Last Password Update','Last Password Update','businessCategory',-1234,1,0,0,7,0);
+
+INSERT INTO UM_CLAIM (
+           UM_DIALECT_ID,
+           UM_CLAIM_URI,
+           UM_DISPLAY_TAG,
+           UM_DESCRIPTION,
+           UM_MAPPED_ATTRIBUTE,
+           UM_TENANT_ID,
+           UM_READ_ONLY)
+SELECT DIALECT.UM_ID,
+	'http://wso2.org/claims/identity/lastPasswordUpdateTime',
+        'Last Password Update',
+        'Last Password Update',
+        'businessCategory',
+        DIALECT.UM_TENANT_ID,
+        1
+        FROM UM_DIALECT as DIALECT JOIN UM_TENANT as TENANT ON DIALECT.UM_TENANT_ID=TENANT.UM_ID WHERE DIALECT.UM_DIALECT_URI='http://wso2.org/claims';
+
+INSERT INTO UM_CLAIM (
+      UM_DIALECT_ID,
+      UM_CLAIM_URI,
+      UM_DISPLAY_TAG,
+      UM_DESCRIPTION,
+      UM_MAPPED_ATTRIBUTE,
+      UM_TENANT_ID,
+      UM_READ_ONLY)
+VALUES ((SELECT UM_ID FROM UM_DIALECT WHERE UM_DIALECT_URI='http://wso2.org/claims' AND UM_TENANT_ID=-1234),
+'http://wso2.org/claims/identity/accountDisabled','Account Disabled','Account Disabled','ref',-1234,1);
+
+INSERT INTO UM_CLAIM (
+           UM_DIALECT_ID,
+           UM_CLAIM_URI,
+           UM_DISPLAY_TAG,
+           UM_DESCRIPTION,
+           UM_MAPPED_ATTRIBUTE,
+           UM_TENANT_ID,
+           UM_READ_ONLY)
+SELECT DIALECT.UM_ID,
+	   'http://wso2.org/claims/identity/accountDisabled',
+           'Account Disabled',
+           'Account Disabled',
+           'ref',
+	         DIALECT.UM_TENANT_ID,
+           1
+           FROM UM_DIALECT DIALECT JOIN UM_TENANT TENANT ON DIALECT.UM_TENANT_ID=TENANT.UM_ID WHERE DIALECT.UM_DIALECT_URI='http://wso2.org/claims';
+
+CREATE INDEX REG_LOG_IND_BY_REG_LOGTIME USING HASH ON REG_LOG(REG_LOGGED_TIME, REG_TENANT_ID);
+CREATE INDEX REG_RESOURCE_IND_BY_UUID USING HASH ON REG_RESOURCE(REG_UUID);
+CREATE INDEX REG_RESOURCE_IND_BY_TENANT USING HASH ON REG_RESOURCE(REG_TENANT_ID, REG_UUID);
+CREATE INDEX REG_RESOURCE_IND_BY_TYPE USING HASH ON REG_RESOURCE(REG_TENANT_ID, REG_MEDIA_TYPE);
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/um/oracle.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/um/oracle.sql
new file mode 100644
index 00000000..2399d0c7
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/um/oracle.sql
@@ -0,0 +1,111 @@
+
+INSERT INTO UM_CLAIM (
+            UM_DIALECT_ID,
+            UM_CLAIM_URI,
+            UM_DISPLAY_TAG,
+            UM_DESCRIPTION,
+            UM_MAPPED_ATTRIBUTE,
+            UM_TENANT_ID,
+            UM_READ_ONLY,
+            UM_SUPPORTED,
+            UM_REQUIRED,
+            UM_DISPLAY_ORDER,
+            UM_CHECKED_ATTRIBUTE)
+VALUES ((SELECT UM_ID FROM UM_DIALECT WHERE UM_DIALECT_URI='http://wso2.org/claims' AND UM_TENANT_ID=-1234),
+'http://wso2.org/claims/identity/lastLoginTime','Last Login Time','Last Login Time','carLicense',-1234,1,0,0,7,0)
+/
+
+INSERT INTO UM_CLAIM (
+           UM_DIALECT_ID,
+           UM_CLAIM_URI,
+           UM_DISPLAY_TAG,
+           UM_DESCRIPTION,
+           UM_MAPPED_ATTRIBUTE,
+           UM_TENANT_ID,
+           UM_READ_ONLY)
+SELECT DIALECT.UM_ID,
+	   'http://wso2.org/claims/identity/lastLoginTime',
+           'Last Login Time',
+           'Last Login Time',
+           'carLicense',
+	   DIALECT.UM_TENANT_ID,
+           1
+           FROM UM_DIALECT DIALECT JOIN UM_TENANT TENANT ON DIALECT.UM_TENANT_ID=TENANT.UM_ID WHERE DIALECT.UM_DIALECT_URI='http://wso2.org/claims'
+/
+
+
+INSERT INTO UM_CLAIM (
+            UM_DIALECT_ID,
+            UM_CLAIM_URI,
+            UM_DISPLAY_TAG,
+            UM_DESCRIPTION,
+            UM_MAPPED_ATTRIBUTE,
+            UM_TENANT_ID,
+            UM_READ_ONLY,
+            UM_SUPPORTED,
+            UM_REQUIRED,
+            UM_DISPLAY_ORDER,
+            UM_CHECKED_ATTRIBUTE)
+VALUES ((SELECT UM_ID FROM UM_DIALECT WHERE UM_DIALECT_URI='http://wso2.org/claims' AND UM_TENANT_ID=-1234),
+'http://wso2.org/claims/identity/lastPasswordUpdateTime','Last Password Update','Last Password Update','businessCategory',-1234,1,0,0,7,0)
+/
+
+INSERT INTO UM_CLAIM (
+           UM_DIALECT_ID,
+           UM_CLAIM_URI,
+           UM_DISPLAY_TAG,
+           UM_DESCRIPTION,
+           UM_MAPPED_ATTRIBUTE,
+           UM_TENANT_ID,
+           UM_READ_ONLY)
+SELECT DIALECT.UM_ID,
+	'http://wso2.org/claims/identity/lastPasswordUpdateTime',
+        'Last Password Update',
+        'Last Password Update',
+        'businessCategory',
+        DIALECT.UM_TENANT_ID,
+        1
+        FROM UM_DIALECT DIALECT JOIN UM_TENANT TENANT ON DIALECT.UM_TENANT_ID=TENANT.UM_ID WHERE DIALECT.UM_DIALECT_URI='http://wso2.org/claims'
+/
+
+INSERT INTO UM_CLAIM (
+      UM_DIALECT_ID,
+      UM_CLAIM_URI,
+      UM_DISPLAY_TAG,
+      UM_DESCRIPTION,
+      UM_MAPPED_ATTRIBUTE,
+      UM_TENANT_ID,
+      UM_READ_ONLY)
+VALUES ((SELECT UM_ID FROM UM_DIALECT WHERE UM_DIALECT_URI='http://wso2.org/claims' AND UM_TENANT_ID=-1234),
+'http://wso2.org/claims/identity/accountDisabled','Account Disabled','Account Disabled','ref',-1234,1)
+/
+
+INSERT INTO UM_CLAIM (
+           UM_DIALECT_ID,
+           UM_CLAIM_URI,
+           UM_DISPLAY_TAG,
+           UM_DESCRIPTION,
+           UM_MAPPED_ATTRIBUTE,
+           UM_TENANT_ID,
+           UM_READ_ONLY)
+SELECT DIALECT.UM_ID,
+	   'http://wso2.org/claims/identity/accountDisabled',
+           'Account Disabled',
+           'Account Disabled',
+           'ref',
+	         DIALECT.UM_TENANT_ID,
+           1
+           FROM UM_DIALECT DIALECT JOIN UM_TENANT TENANT ON DIALECT.UM_TENANT_ID=TENANT.UM_ID WHERE DIALECT.UM_DIALECT_URI='http://wso2.org/claims'
+/
+
+CREATE INDEX REG_LOG_IND_BY_REGLOG ON REG_LOG(REG_LOGGED_TIME, REG_TENANT_ID)
+/
+CREATE INDEX REG_RESOURCE_IND_BY_UUID ON REG_RESOURCE(REG_UUID)
+/
+CREATE INDEX REG_RESOURCE_IND_BY_TENAN ON REG_RESOURCE(REG_TENANT_ID, REG_UUID)
+/
+CREATE INDEX REG_RESOURCE_IND_BY_TYPE ON REG_RESOURCE(REG_TENANT_ID, REG_MEDIA_TYPE)
+/
+
+UPDATE UM_CLAIM SET UM_CLAIM_URI = 'urn:scim:schemas:core:1.0:locale' WHERE UM_CLAIM_URI = 'urn:scim:schemas:core:1.0:local'
+/
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/um/postgresql.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/um/postgresql.sql
new file mode 100644
index 00000000..1b985e8c
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/um/postgresql.sql
@@ -0,0 +1,96 @@
+INSERT INTO UM_CLAIM (
+            UM_DIALECT_ID, 
+            UM_CLAIM_URI,
+            UM_DISPLAY_TAG, 
+            UM_DESCRIPTION,
+            UM_MAPPED_ATTRIBUTE,
+            UM_TENANT_ID,
+            UM_READ_ONLY,
+            UM_SUPPORTED,
+            UM_REQUIRED,
+            UM_DISPLAY_ORDER,
+            UM_CHECKED_ATTRIBUTE)
+VALUES ((SELECT UM_ID FROM UM_DIALECT WHERE UM_DIALECT_URI='http://wso2.org/claims' AND UM_TENANT_ID=-1234),
+'http://wso2.org/claims/identity/lastLoginTime','Last Login Time','Last Login Time','carLicense',-1234,1,0,0,7,0);
+
+INSERT INTO UM_CLAIM (
+           UM_DIALECT_ID,
+           UM_CLAIM_URI,
+           UM_DISPLAY_TAG,
+           UM_DESCRIPTION,
+           UM_MAPPED_ATTRIBUTE,
+           UM_TENANT_ID,
+           UM_READ_ONLY)
+SELECT DIALECT.UM_ID,
+	   'http://wso2.org/claims/identity/lastLoginTime',
+           'Last Login Time',
+           'Last Login Time',
+           'carLicense',
+	   DIALECT.UM_TENANT_ID,
+           1
+           FROM UM_DIALECT as DIALECT JOIN UM_TENANT as TENANT ON DIALECT.UM_TENANT_ID=TENANT.UM_ID WHERE DIALECT.UM_DIALECT_URI='http://wso2.org/claims';
+
+INSERT INTO UM_CLAIM (
+            UM_DIALECT_ID,
+            UM_CLAIM_URI,
+            UM_DISPLAY_TAG,
+            UM_DESCRIPTION,
+            UM_MAPPED_ATTRIBUTE,
+            UM_TENANT_ID,
+            UM_READ_ONLY,
+            UM_SUPPORTED,
+            UM_REQUIRED,
+            UM_DISPLAY_ORDER,
+            UM_CHECKED_ATTRIBUTE)
+VALUES ((SELECT UM_ID FROM UM_DIALECT WHERE UM_DIALECT_URI='http://wso2.org/claims' AND UM_TENANT_ID=-1234),
+'http://wso2.org/claims/identity/lastPasswordUpdateTime','Last Password Update','Last Password Update','businessCategory',-1234,1,0,0,7,0);
+
+INSERT INTO UM_CLAIM (
+           UM_DIALECT_ID,
+           UM_CLAIM_URI,
+           UM_DISPLAY_TAG,
+           UM_DESCRIPTION,
+           UM_MAPPED_ATTRIBUTE,
+           UM_TENANT_ID,
+           UM_READ_ONLY)
+SELECT DIALECT.UM_ID,
+	'http://wso2.org/claims/identity/lastPasswordUpdateTime',
+        'Last Password Update',
+        'Last Password Update',
+        'businessCategory',
+        DIALECT.UM_TENANT_ID,
+        1
+        FROM UM_DIALECT as DIALECT JOIN UM_TENANT as TENANT ON DIALECT.UM_TENANT_ID=TENANT.UM_ID WHERE DIALECT.UM_DIALECT_URI='http://wso2.org/claims';
+
+INSERT INTO UM_CLAIM (
+      UM_DIALECT_ID,
+      UM_CLAIM_URI,
+      UM_DISPLAY_TAG,
+      UM_DESCRIPTION,
+      UM_MAPPED_ATTRIBUTE,
+      UM_TENANT_ID,
+      UM_READ_ONLY)
+VALUES ((SELECT UM_ID FROM UM_DIALECT WHERE UM_DIALECT_URI='http://wso2.org/claims' AND UM_TENANT_ID=-1234),
+'http://wso2.org/claims/identity/accountDisabled','Account Disabled','Account Disabled','ref',-1234,1);
+
+INSERT INTO UM_CLAIM (
+           UM_DIALECT_ID,
+           UM_CLAIM_URI,
+           UM_DISPLAY_TAG,
+           UM_DESCRIPTION,
+           UM_MAPPED_ATTRIBUTE,
+           UM_TENANT_ID,
+           UM_READ_ONLY)
+SELECT DIALECT.UM_ID,
+	   'http://wso2.org/claims/identity/accountDisabled',
+           'Account Disabled',
+           'Account Disabled',
+           'ref',
+	         DIALECT.UM_TENANT_ID,
+           1
+           FROM UM_DIALECT DIALECT JOIN UM_TENANT TENANT ON DIALECT.UM_TENANT_ID=TENANT.UM_ID WHERE DIALECT.UM_DIALECT_URI='http://wso2.org/claims';
+
+CREATE INDEX REG_LOG_IND_BY_REG_LOGTIME ON REG_LOG(REG_LOGGED_TIME, REG_TENANT_ID);
+CREATE INDEX REG_RESOURCE_IND_BY_UUID  ON REG_RESOURCE(REG_UUID);
+CREATE INDEX REG_RESOURCE_IND_BY_TENANT ON REG_RESOURCE(REG_TENANT_ID, REG_UUID);
+CREATE INDEX REG_RESOURCE_IND_BY_TYPE ON REG_RESOURCE(REG_TENANT_ID, REG_MEDIA_TYPE);
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.3.0/data/claim-config.xml b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.3.0/data/claim-config.xml
new file mode 100644
index 00000000..7b4e5dd8
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.3.0/data/claim-config.xml
@@ -0,0 +1,279 @@
+<!--
+ ~ Copyright (c) 2018, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ ~
+ ~ WSO2 Inc. licenses this file to you under the Apache License,
+ ~ Version 2.0 (the "License"); you may not use this file except
+ ~ in compliance with the License.
+ ~ You may obtain a copy of the License at
+ ~
+ ~    http://www.apache.org/licenses/LICENSE-2.0
+ ~
+ ~ Unless required by applicable law or agreed to in writing,
+ ~ software distributed under the License is distributed on an
+ ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ ~ KIND, either express or implied.  See the License for the
+ ~ specific language governing permissions and limitations
+ ~ under the License.
+ -->
+<ClaimConfig>
+    <Dialects>
+        <Dialect dialectURI="http://wso2.org/claims">
+            <Claim>
+                <ClaimURI>http://wso2.org/claims/userid</ClaimURI>
+                <DisplayName>User ID</DisplayName>
+                <AttributeID>scimId</AttributeID>
+                <Description>Unique ID of the user</Description>
+                <ReadOnly/>
+            </Claim>
+            <Claim>
+                <ClaimURI>http://wso2.org/claims/externalid</ClaimURI>
+                <DisplayName>External User ID</DisplayName>
+                <AttributeID>externalId</AttributeID>
+                <Description>Unique ID of the user used in external systems</Description>
+                <ReadOnly/>
+            </Claim>
+            <Claim>
+                <ClaimURI>http://wso2.org/claims/created</ClaimURI>
+                <DisplayName>Created Time</DisplayName>
+                <AttributeID>createdDate</AttributeID>
+                <Description>Created timestamp of the user</Description>
+                <ReadOnly/>
+            </Claim>
+            <Claim>
+                <ClaimURI>http://wso2.org/claims/modified</ClaimURI>
+                <DisplayName>Last Modified Time</DisplayName>
+                <AttributeID>lastModifiedDate</AttributeID>
+                <Description>Last Modified timestamp of the user</Description>
+                <ReadOnly/>
+            </Claim>
+            <Claim>
+                <ClaimURI>http://wso2.org/claims/location</ClaimURI>
+                <DisplayName>Location</DisplayName>
+                <AttributeID>location</AttributeID>
+                <Description>Location</Description>
+            </Claim>
+
+            <Claim>
+                <ClaimURI>http://wso2.org/claims/formattedName</ClaimURI>
+                <DisplayName>Name - Formatted Name</DisplayName>
+                <AttributeID>formattedName</AttributeID>
+                <Description>Formatted Name</Description>
+            </Claim>
+            <Claim>
+                <ClaimURI>http://wso2.org/claims/middleName</ClaimURI>
+                <DisplayName>Middle Name</DisplayName>
+                <AttributeID>middleName</AttributeID>
+                <Description>Middle Name</Description>
+            </Claim>
+            <Claim>
+                <ClaimURI>http://wso2.org/claims/honorificPrefix</ClaimURI>
+                <DisplayName>Name - Honoric Prefix</DisplayName>
+                <AttributeID>honoricPrefix</AttributeID>
+                <Description>Honoric Prefix</Description>
+            </Claim>
+            <Claim>
+                <ClaimURI>http://wso2.org/claims/honorificSuffix</ClaimURI>
+                <DisplayName>Name - Honoric Suffix</DisplayName>
+                <AttributeID>honoricSuffix</AttributeID>
+                <Description>Honoric Suffix</Description>
+            </Claim>
+            <Claim>
+                <ClaimURI>http://wso2.org/claims/userType</ClaimURI>
+                <DisplayName>User Type</DisplayName>
+                <AttributeID>userType</AttributeID>
+                <Description>User Type</Description>
+            </Claim>
+            <Claim>
+                <ClaimURI>http://wso2.org/claims/preferredLanguage</ClaimURI>
+                <DisplayName>Preferred Language</DisplayName>
+                <AttributeID>preferredLanguage</AttributeID>
+                <Description>Preferred Language</Description>
+            </Claim>
+            <Claim>
+                <ClaimURI>http://wso2.org/claims/local</ClaimURI>
+                <DisplayName>Local</DisplayName>
+                <AttributeID>local</AttributeID>
+                <Description>Local</Description>
+            </Claim>
+            <Claim>
+                <ClaimURI>http://wso2.org/claims/timeZone</ClaimURI>
+                <DisplayName>Time Zone</DisplayName>
+                <AttributeID>timeZone</AttributeID>
+                <Description>Time Zone</Description>
+            </Claim>
+
+            <Claim>
+                <ClaimURI>http://wso2.org/claims/emails.work</ClaimURI>
+                <DisplayName>Emails - Work Email</DisplayName>
+                <AttributeID>workEmail</AttributeID>
+                <Description>Work Email</Description>
+            </Claim>
+            <Claim>
+                <ClaimURI>http://wso2.org/claims/emails.home</ClaimURI>
+                <DisplayName>Emails - Home Email</DisplayName>
+                <AttributeID>homeEmail</AttributeID>
+                <Description>Home Email</Description>
+            </Claim>
+            <Claim>
+                <ClaimURI>http://wso2.org/claims/emails.other</ClaimURI>
+                <DisplayName>Emails - Other Email</DisplayName>
+                <AttributeID>otherEmail</AttributeID>
+                <Description>Other Email</Description>
+            </Claim>
+            <Claim>
+                <ClaimURI>http://wso2.org/claims/phoneNumbers</ClaimURI>
+                <DisplayName>Phone Numbers</DisplayName>
+                <AttributeID>phoneNumbers</AttributeID>
+                <Description>Phone Numbers</Description>
+                <RegEx>^([a-zA-Z0-9_\.\-])+\@(([a-zA-Z0-9\-])+\.)+([a-zA-Z0-9]{2,4})+$</RegEx>
+            </Claim>
+            <Claim>
+                <ClaimURI>http://wso2.org/claims/phoneNumbers.home</ClaimURI>
+                <DisplayName>Phone Numbers - Home Phone Number</DisplayName>
+                <AttributeID>homePhone</AttributeID>
+                <Description>Home Phone</Description>
+            </Claim>
+            <Claim>
+                <ClaimURI>http://wso2.org/claims/phoneNumbers.work</ClaimURI>
+                <DisplayName>Phone Numbers - Work Phone Number</DisplayName>
+                <AttributeID>workPhone</AttributeID>
+                <Description>Work Phone</Description>
+            </Claim>
+            <Claim>
+                <ClaimURI>http://wso2.org/claims/phoneNumbers.fax</ClaimURI>
+                <DisplayName>Phone Numbers - Fax Number</DisplayName>
+                <AttributeID>fax</AttributeID>
+                <Description>Fax Number</Description>
+            </Claim>
+            <Claim>
+                <ClaimURI>http://wso2.org/claims/phoneNumbers.pager</ClaimURI>
+                <DisplayName>Phone Numbers - Pager Number</DisplayName>
+                <AttributeID>pager</AttributeID>
+                <Description>Pager Number</Description>
+            </Claim>
+            <Claim>
+                <ClaimURI>http://wso2.org/claims/phoneNumbers.other</ClaimURI>
+                <DisplayName>Phone Numbers - Other</DisplayName>
+                <AttributeID>otherPhoneNumber</AttributeID>
+                <Description>Other Phone Number</Description>
+            </Claim>
+            <Claim>
+                <ClaimURI>http://wso2.org/claims/gtalk</ClaimURI>
+                <DisplayName>IM - Gtalk</DisplayName>
+                <AttributeID>imGtalk</AttributeID>
+                <Description>IM - Gtalk</Description>
+            </Claim>
+            <Claim>
+                <ClaimURI>http://wso2.org/claims/skype</ClaimURI>
+                <DisplayName>IM - Skype</DisplayName>
+                <AttributeID>imSkype</AttributeID>
+                <Description>IM - Skype</Description>
+            </Claim>
+            <Claim>
+                <ClaimURI>http://wso2.org/claims/photos</ClaimURI>
+                <DisplayName>Photo</DisplayName>
+                <AttributeID>photos</AttributeID>
+                <Description>Photo</Description>
+            </Claim>
+            <Claim>
+                <ClaimURI>http://wso2.org/claims/photourl</ClaimURI>
+                <DisplayName>Photo URIL</DisplayName>
+                <AttributeID>photoUrl</AttributeID>
+                <Description>Photo URL</Description>
+            </Claim>
+            <Claim>
+                <ClaimURI>http://wso2.org/claims/thumbnail</ClaimURI>
+                <DisplayName>Photo - Thumbnail</DisplayName>
+                <AttributeID>thumbnail</AttributeID>
+                <Description>Photo - Thumbnail</Description>
+            </Claim>
+            <Claim>
+                <ClaimURI>http://wso2.org/claims/addresses</ClaimURI>
+                <DisplayName>Address</DisplayName>
+                <AttributeID>addresses</AttributeID>
+                <Description>Address</Description>
+            </Claim>
+            <Claim>
+                <ClaimURI>http://wso2.org/claims/addresses.formatted</ClaimURI>
+                <DisplayName>Address - Formatted</DisplayName>
+                <AttributeID>formattedAddress</AttributeID>
+                <Description>Address - Formatted</Description>
+            </Claim>
+            <Claim>
+                <ClaimURI>http://wso2.org/claims/addresses.locality</ClaimURI>
+                <DisplayName>Address - Locality</DisplayName>
+                <AttributeID>localityAddress</AttributeID>
+                <Description>Address - Locality</Description>
+            </Claim>
+            <Claim>
+                <ClaimURI>http://wso2.org/claims/groups</ClaimURI>
+                <DisplayName>Groups</DisplayName>
+                <AttributeID>groups</AttributeID>
+                <Description>Groups</Description>
+            </Claim>
+            <Claim>
+                <ClaimURI>http://wso2.org/claims/identity/verifyEmail</ClaimURI>
+                <DisplayName>Verify Email</DisplayName>
+                <AttributeID>manager</AttributeID>
+                <Description>Temporary claim to invoke email verified feature</Description>
+            </Claim>
+            <Claim>
+                <ClaimURI>http://wso2.org/claims/identity/askPassword</ClaimURI>
+                <DisplayName>Ask Password</DisplayName>
+                <AttributeID>postOfficeBox</AttributeID>
+                <Description>Temporary claim to invoke email ask Password feature</Description>
+            </Claim>
+            <Claim>
+                <ClaimURI>http://wso2.org/claims/identity/adminForcedPasswordReset</ClaimURI>
+                <DisplayName>Force Password Reset</DisplayName>
+                <AttributeID>departmentNumber</AttributeID>
+                <Description>Temporary claim to invoke email force password feature</Description>
+            </Claim>
+            <Claim>
+                <ClaimURI>http://wso2.org/claims/entitlements</ClaimURI>
+                <DisplayName>Entitlements</DisplayName>
+                <AttributeID>entitlements</AttributeID>
+                <Description>Entitlements</Description>
+            </Claim>
+            <Claim>
+                <ClaimURI>http://wso2.org/claims/x509Certificates</ClaimURI>
+                <DisplayName>X509Certificates</DisplayName>
+                <AttributeID>x509Certificates</AttributeID>
+                <Description>X509Certificates</Description>
+            </Claim>
+            <Claim>
+                <ClaimURI>http://wso2.org/claims/identity/failedPasswordRecoveryAttempts</ClaimURI>
+                <DisplayName>Failed Password Recovery Attempts</DisplayName>
+                <AttributeID>postalCode</AttributeID>
+                <Description>Number of consecutive failed attempts done for password recovery</Description>
+            </Claim>
+            <Claim>
+                <ClaimURI>http://wso2.org/claims/identity/emailVerified</ClaimURI>
+                <DisplayName>Email Verified</DisplayName>
+                <!-- Proper attribute Id in your user store must be configured for this -->
+                <AttributeID>postalAddress</AttributeID>
+                <Description>Email Verified</Description>
+            </Claim>
+            <Claim>
+                <ClaimURI>http://wso2.org/claims/identity/failedLoginLockoutCount</ClaimURI>
+                <DisplayName>Failed Lockout Count</DisplayName>
+                <!-- Proper attribute Id in your user store must be configured for this -->
+                <AttributeID>employeeNumber</AttributeID>
+                <Description>Failed Lockout Count</Description>
+            </Claim>
+            <Claim>
+                <ClaimURI>http://wso2.org/claims/identity/lastLogonTime</ClaimURI>
+                <DisplayName>Last Logon</DisplayName>
+                <!-- Proper attribute Id in your user store must be configured for this -->
+                <AttributeID>carLicense</AttributeID>
+                <Description>Last Logon Time</Description>
+            </Claim>
+            <Claim>
+                <ClaimURI>http://wso2.org/claims/active</ClaimURI>
+                <DisplayName>Active</DisplayName>
+                <AttributeID>active</AttributeID>
+                <Description>Status of the account</Description>
+            </Claim>
+        </Dialect>
+    </Dialects>
+</ClaimConfig>
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.3.0/data/resources.xml b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.3.0/data/resources.xml
new file mode 100644
index 00000000..e985d06c
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.3.0/data/resources.xml
@@ -0,0 +1,99 @@
+<!--
+  ~ Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+  ~
+  ~ WSO2 Inc. licenses this file to you under the Apache License,
+  ~ Version 2.0 (the "License"); you may not use this file except
+  ~ in compliance with the License.
+  ~ You may obtain a copy of the License at
+  ~
+  ~ http://www.apache.org/licenses/LICENSE-2.0
+  ~
+  ~ Unless required by applicable law or agreed to in writing,
+  ~ software distributed under the License is distributed on an
+  ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  ~ KIND, either express or implied.  See the License for the
+  ~ specific language governing permissions and limitations
+  ~ under the License.
+  -->
+<permissions>
+    <permission old="/permission/admin/configure/security">
+        <new>/permission/admin/manage/identity</new>
+    </permission>
+    <permission old="/permission/admin/manage/modify/service">
+        <new>/permission/admin/manage/identity/keystoremgt/view</new>
+        <new>/permission/admin/manage/identity/securitymgt</new>
+        <new>/permission/admin/manage/identity/rolemgt/view</new>
+    </permission>
+    <permission old="/permission/admin/configure/security/usermgt/users">
+        <new>/permission/admin/manage/identity/usermgt/create</new>
+        <new>/permission/admin/manage/identity/identitymgt/delete</new>
+    </permission>
+    <permission old="/permission/admin/configure/security/usermgt/passwords">
+        <new>/permission/admin/manage/identity/usermgt/update</new>
+        <new>/permission/admin/manage/identity/usermgt/delete</new>
+        <new>/permission/admin/manage/identity/usermgt/view</new>
+        <new>/permission/admin/manage/identity/usermgt/list</new>
+        <new>/permission/admin/manage/identity/identitymgt/update</new>
+    </permission>
+    <permission old="/permission/admin/configure/security/usermgt">
+        <new>/permission/admin/manage/identity/usermgt</new>
+    </permission>
+    <permission old="/permission/admin/configure/security/usermgt/profiles">
+        <new>/permission/admin/manage/identity/userprofile</new>
+        <new>/permission/admin/manage/identity/usermgt/list</new>
+    </permission>
+    <permission old="/permission/admin/configure/entitlement/policy/publish">
+        <new>/permission/admin/manage/identity/entitlement/pap/subscriber/create</new>
+        <new>/permission/admin/manage/identity/entitlement/pap/subscriber/delete</new>
+        <new>/permission/admin/manage/identity/entitlement/pap/subscriber/create</new>
+        <new>/permission/admin/manage/identity/entitlement/pap/subscriber/view</new>
+        <new>/permission/admin/manage/identity/entitlement/pap/subscriber/list</new>
+        <new>/permission/admin/manage/identity/entitlement/pap/policy/publish</new>
+        <new>/permission/admin/manage/identity/entitlement/pap/subscriber/update</new>
+    </permission>
+    <permission old="/permission/admin/configure/entitlement/policy/manage/demote">
+        <new>/permission/admin/manage/identity/entitlement/pap/policy/demote</new>
+    </permission>
+    <permission old="/permission/admin/configure/entitlement/policy/manage/enable">
+        <new>/permission/admin/manage/identity/entitlement/pap/policy/enable</new>
+    </permission>
+    <permission old="/permission/admin/configure/entitlement/policy/view">
+        <new>/permission/admin/manage/identity/entitlement/pap/policy/view</new>
+        <new>/permission/admin/manage/identity/entitlement/pap/policy/list</new>
+        <new>/permission/admin/manage/identity/entitlement/pdp/view</new>
+    </permission>
+    <permission old="/permission/admin/configure/entitlement/policy/manage/add">
+        <new>/permission/admin/manage/identity/entitlement/pap/policy/create</new>
+        <new>/permission/admin/manage/identity/entitlement/pap/policy/update</new>
+    </permission>
+    <permission old="/permission/admin/configure/entitlement/policy/manage/order">
+        <new>/permission/admin/manage/identity/entitlement/pap/policy/order</new>
+    </permission>
+    <permission old="/permission/admin/configure/entitlement/policy/manage/delete">
+        <new>/permission/admin/manage/identity/entitlement/pap/policy/delete</new>
+    </permission>
+    <permission old="/permission/admin/configure/entitlement/policy/manage/rollback">
+        <new>/permission/admin/manage/identity/entitlement/pap/policy/rollback</new>
+    </permission>
+    <permission old="/permission/admin/configure/entitlement/policy/manage/edit">
+        <new>/permission/admin/manage/identity/entitlement/pap/policy/update</new>
+    </permission>
+    <permission old="/permission/admin/configure/security/usermgt/">
+        <new>/permission/admin/manage/identity/userstore/count/view</new>
+    </permission>
+    <permission old="/permission/admin/configure/security/rolemgt">
+        <new>/permission/admin/manage/identity/rolemgt/view</new>
+    </permission>
+    <permission old="/permission/admin/configure/entitlement/pdp/manage">
+        <new>/permission/admin/manage/identity/entitlement/pdp/manage</new>
+    </permission>
+    <permission old="/permission/admin/configure/entitlement/policy/manage/test">
+        <new>/permission/admin/manage/identity/entitlement/pdp/test</new>
+    </permission>
+    <permission old="/permission/admin/configure/entitlement/pdp/view">
+        <new>/permission/admin/manage/identity/entitlement/pdp/view</new>
+    </permission>
+    <permission old="/permission/admin/manage/identity/pep">
+        <new>/permission/admin/manage/identity/applicationmgt</new>
+    </permission>
+</permissions>
\ No newline at end of file
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.3.0/dbscripts/step1/identity/db2.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.3.0/dbscripts/step1/identity/db2.sql
new file mode 100644
index 00000000..cee1c290
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.3.0/dbscripts/step1/identity/db2.sql
@@ -0,0 +1,181 @@
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD COLUMN APP_STATE VARCHAR (25) DEFAULT 'ACTIVE'
+/
+CREATE INDEX IDX_AT ON IDN_OAUTH2_ACCESS_TOKEN(ACCESS_TOKEN)
+/
+ALTER TABLE SP_APP ADD COLUMN ENABLE_AUTHORIZATION CHAR(1) DEFAULT '0'
+/
+ALTER TABLE SP_INBOUND_AUTH ADD COLUMN INBOUND_CONFIG_TYPE VARCHAR(255) DEFAULT NULL
+/
+ALTER TABLE SP_CLAIM_MAPPING ADD COLUMN IS_MANDATORY VARCHAR(128) DEFAULT '0'
+/
+ALTER TABLE SP_PROVISIONING_CONNECTOR ADD COLUMN RULE_ENABLED CHAR(1) NOT NULL DEFAULT '0'
+/
+ALTER TABLE IDP_PROVISIONING_CONFIG ADD COLUMN IS_RULES_ENABLED CHAR(1) NOT NULL DEFAULT '0'
+/
+
+CREATE TABLE IDN_RECOVERY_DATA (
+    USER_NAME VARCHAR(255) NOT NULL,
+    USER_DOMAIN VARCHAR(127) NOT NULL,
+    TENANT_ID INTEGER DEFAULT -1,
+    CODE VARCHAR(255) NOT NULL,
+    SCENARIO VARCHAR(255) NOT NULL,
+    STEP VARCHAR(127) NOT NULL,
+    TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    REMAINING_SETS VARCHAR(2500) DEFAULT NULL),
+    PRIMARY KEY(USER_NAME, USER_DOMAIN, TENANT_ID, SCENARIO,STEP),
+UNIQUE(CODE)
+    /
+
+CREATE TABLE IDN_PASSWORD_HISTORY_DATA (
+    ID INTEGER NOT NULL,
+    USER_NAME   VARCHAR(255) NOT NULL,
+    USER_DOMAIN VARCHAR(127) NOT NULL,
+    TENANT_ID   INTEGER DEFAULT -1,
+    SALT_VALUE  VARCHAR(255),
+    HASH        VARCHAR(255) NOT NULL,
+    TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    PRIMARY KEY (ID),
+    UNIQUE (USER_NAME,USER_DOMAIN,TENANT_ID,SALT_VALUE,HASH)
+)
+    /
+
+CREATE SEQUENCE IDN_PASSWORD_HISTORY_DATA_SEQ START WITH 1 INCREMENT BY 1 NOCACHE
+    /
+
+CREATE TRIGGER IDN_PASSWORD_HISTORY_DATA NO CASCADE
+BEFORE INSERT
+ON IDN_PASSWORD_HISTORY_DATA
+REFERENCING NEW AS NEW
+FOR EACH ROW MODE DB2SQL
+    BEGIN ATOMIC
+        SET (NEW.ID) = (NEXTVAL FOR IDN_PASSWORD_HISTORY_DATA_SEQ);
+    END
+        /
+
+CREATE TABLE IDN_CLAIM_DIALECT (
+    ID INTEGER NOT NULL,
+    DIALECT_URI VARCHAR (255) NOT NULL,
+    TENANT_ID INTEGER NOT NULL,
+    PRIMARY KEY (ID),
+    CONSTRAINT DIALECT_URI_CONSTRAINT UNIQUE (DIALECT_URI, TENANT_ID))
+    /
+CREATE SEQUENCE IDN_CLAIM_DIALECT_SEQ START WITH 1 INCREMENT BY 1 NOCACHE
+    /
+CREATE TRIGGER IDN_CLAIM_DIALECT_TRIG NO CASCADE
+BEFORE INSERT
+ON IDN_CLAIM_DIALECT
+REFERENCING NEW AS NEW
+FOR EACH ROW MODE DB2SQL
+    BEGIN ATOMIC
+        SET (NEW.ID) = (NEXTVAL FOR IDN_CLAIM_DIALECT_SEQ);
+    END
+        /
+
+CREATE TABLE IDN_CLAIM (
+    ID INTEGER NOT NULL,
+    DIALECT_ID INTEGER,
+    CLAIM_URI VARCHAR (255) NOT NULL,
+    TENANT_ID INTEGER NOT NULL,
+    PRIMARY KEY (ID),
+    FOREIGN KEY (DIALECT_ID) REFERENCES IDN_CLAIM_DIALECT(ID) ON DELETE CASCADE,
+    CONSTRAINT CLAIM_URI_CONSTRAINT UNIQUE (DIALECT_ID, CLAIM_URI, TENANT_ID))
+    /
+CREATE SEQUENCE IDN_CLAIM_SEQ START WITH 1 INCREMENT BY 1 NOCACHE
+    /
+CREATE TRIGGER IDN_CLAIM_TRIG NO CASCADE
+BEFORE INSERT
+ON IDN_CLAIM
+REFERENCING NEW AS NEW
+FOR EACH ROW MODE DB2SQL
+    BEGIN ATOMIC
+        SET (NEW.ID) = (NEXTVAL FOR IDN_CLAIM_SEQ);
+    END
+        /
+
+CREATE TABLE IDN_CLAIM_MAPPED_ATTRIBUTE (
+    ID INTEGER NOT NULL,
+    LOCAL_CLAIM_ID INTEGER,
+    USER_STORE_DOMAIN_NAME VARCHAR (255) NOT NULL,
+    ATTRIBUTE_NAME VARCHAR (255) NOT NULL,
+    TENANT_ID INTEGER NOT NULL,
+    PRIMARY KEY (ID),
+    FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE,
+    CONSTRAINT USER_STORE_DOMAIN_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, USER_STORE_DOMAIN_NAME, TENANT_ID))
+    /
+CREATE SEQUENCE IDN_CLAIM_MAPPED_ATTRIBUTE_SEQ START WITH 1 INCREMENT BY 1 NOCACHE
+    /
+CREATE TRIGGER IDN_CLAIM_MAPPED_ATTR_TRIG NO CASCADE
+BEFORE INSERT
+ON IDN_CLAIM_MAPPED_ATTRIBUTE
+REFERENCING NEW AS NEW
+FOR EACH ROW MODE DB2SQL
+    BEGIN ATOMIC
+        SET (NEW.ID) = (NEXTVAL FOR IDN_CLAIM_MAPPED_ATTRIBUTE_SEQ);
+    END
+        /
+
+CREATE TABLE IDN_CLAIM_PROPERTY (
+    ID INTEGER NOT NULL,
+    LOCAL_CLAIM_ID INTEGER,
+    PROPERTY_NAME VARCHAR (255) NOT NULL,
+    PROPERTY_VALUE VARCHAR (255) NOT NULL,
+    TENANT_ID INTEGER NOT NULL,
+    PRIMARY KEY (ID),
+    FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE,
+    CONSTRAINT PROPERTY_NAME_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, PROPERTY_NAME, TENANT_ID))
+    /
+CREATE SEQUENCE IDN_CLAIM_PROPERTY_SEQ START WITH 1 INCREMENT BY 1 NOCACHE
+    /
+CREATE TRIGGER IDN_CLAIM_PROPERTY_TRIG NO CASCADE
+BEFORE INSERT
+ON IDN_CLAIM_PROPERTY
+REFERENCING NEW AS NEW
+FOR EACH ROW MODE DB2SQL
+    BEGIN ATOMIC
+        SET (NEW.ID) = (NEXTVAL FOR IDN_CLAIM_PROPERTY_SEQ);
+    END
+        /
+
+CREATE TABLE IDN_CLAIM_MAPPING (
+    ID INTEGER NOT NULL,
+    EXT_CLAIM_ID INTEGER NOT NULL,
+    MAPPED_LOCAL_CLAIM_ID INTEGER NOT NULL,
+    TENANT_ID INTEGER NOT NULL,
+    PRIMARY KEY (ID),
+    FOREIGN KEY (EXT_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE,
+    FOREIGN KEY (MAPPED_LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE,
+    CONSTRAINT EXT_TO_LOC_MAPPING_CONSTRN UNIQUE (EXT_CLAIM_ID, TENANT_ID))
+    /
+CREATE SEQUENCE IDN_CLAIM_MAPPING_SEQ START WITH 1 INCREMENT BY 1 NOCACHE
+    /
+CREATE TRIGGER IDN_CLAIM_MAPPING_TRIG NO CASCADE
+BEFORE INSERT
+ON IDN_CLAIM_MAPPING
+REFERENCING NEW AS NEW
+FOR EACH ROW MODE DB2SQL
+    BEGIN ATOMIC
+        SET (NEW.ID) = (NEXTVAL FOR IDN_CLAIM_MAPPING_SEQ);
+    END
+        /
+
+CREATE TABLE IDN_SAML2_ASSERTION_STORE (
+    ID INTEGER NOT NULL,
+    SAML2_ID  VARCHAR(255) ,
+    SAML2_ISSUER  VARCHAR(255) ,
+    SAML2_SUBJECT  VARCHAR(255) ,
+    SAML2_SESSION_INDEX  VARCHAR(255) ,
+    SAML2_AUTHN_CONTEXT_CLASS_REF  VARCHAR(255) ,
+    SAML2_ASSERTION  VARCHAR(4096) ,
+    PRIMARY KEY (ID)
+        /
+        CREATE SEQUENCE IDN_SAML2_ASSERTION_STORE_SEQ START WITH 1 INCREMENT BY 1 NOCACHE
+        /
+        CREATE TRIGGER IDN_SAML2_ASSERTION_STORE_TRIG NO CASCADE
+        BEFORE INSERT
+        ON IDN_SAML2_ASSERTION_STORE
+        REFERENCING NEW AS NEW
+        FOR EACH ROW MODE DB2SQL
+        BEGIN ATOMIC
+    SET (NEW.ID) = (NEXTVAL FOR IDN_SAML2_ASSERTION_STORE_SEQ);
+END
+/
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.3.0/dbscripts/step1/identity/h2.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.3.0/dbscripts/step1/identity/h2.sql
new file mode 100644
index 00000000..6cee2918
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.3.0/dbscripts/step1/identity/h2.sql
@@ -0,0 +1,94 @@
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD COLUMN APP_STATE VARCHAR(25) DEFAULT 'ACTIVE';
+CREATE INDEX IDX_AT ON IDN_OAUTH2_ACCESS_TOKEN(ACCESS_TOKEN);
+ALTER TABLE SP_APP ADD COLUMN ENABLE_AUTHORIZATION CHAR(1) DEFAULT '0';
+ALTER TABLE SP_INBOUND_AUTH ADD COLUMN INBOUND_CONFIG_TYPE VARCHAR(255) NOT NULL;
+ALTER TABLE SP_CLAIM_MAPPING ADD COLUMN IS_MANDATORY VARCHAR(128) DEFAULT '0';
+ALTER TABLE SP_PROVISIONING_CONNECTOR ADD COLUMN RULE_ENABLED CHAR(1) NOT NULL DEFAULT '0';
+ALTER TABLE IDP_PROVISIONING_CONFIG ADD COLUMN IS_RULES_ENABLED CHAR(1) NOT NULL DEFAULT '0';
+
+CREATE TABLE IF NOT EXISTS IDN_RECOVERY_DATA (
+  USER_NAME VARCHAR(255) NOT NULL,
+  USER_DOMAIN VARCHAR(127) NOT NULL,
+  TENANT_ID INTEGER DEFAULT -1,
+  CODE VARCHAR(255) NOT NULL,
+  SCENARIO VARCHAR(255) NOT NULL,
+  STEP VARCHAR(127) NOT NULL,
+  TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
+  REMAINING_SETS VARCHAR(2500) DEFAULT NULL,
+  PRIMARY KEY(USER_NAME, USER_DOMAIN, TENANT_ID, SCENARIO,STEP),
+  UNIQUE(CODE)
+);
+
+CREATE TABLE IF NOT EXISTS IDN_PASSWORD_HISTORY_DATA (
+  ID INTEGER NOT NULL AUTO_INCREMENT,
+  USER_NAME   VARCHAR(255) NOT NULL,
+  USER_DOMAIN VARCHAR(127) NOT NULL,
+  TENANT_ID   INTEGER DEFAULT -1,
+  SALT_VALUE  VARCHAR(255),
+  HASH        VARCHAR(255) NOT NULL,
+  TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
+  PRIMARY KEY (ID),
+  UNIQUE (USER_NAME,USER_DOMAIN,TENANT_ID,SALT_VALUE,HASH),
+);
+
+CREATE TABLE IF NOT EXISTS IDN_CLAIM_DIALECT (
+  ID INTEGER NOT NULL AUTO_INCREMENT,
+  DIALECT_URI VARCHAR (255) NOT NULL,
+  TENANT_ID INTEGER NOT NULL,
+  PRIMARY KEY (ID),
+  CONSTRAINT DIALECT_URI_CONSTRAINT UNIQUE (DIALECT_URI, TENANT_ID)
+);
+
+CREATE TABLE IF NOT EXISTS IDN_CLAIM (
+  ID INTEGER NOT NULL AUTO_INCREMENT,
+  DIALECT_ID INTEGER,
+  CLAIM_URI VARCHAR (255) NOT NULL,
+  TENANT_ID INTEGER NOT NULL,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (DIALECT_ID) REFERENCES IDN_CLAIM_DIALECT(ID) ON DELETE CASCADE,
+  CONSTRAINT CLAIM_URI_CONSTRAINT UNIQUE (DIALECT_ID, CLAIM_URI, TENANT_ID)
+);
+
+CREATE TABLE IF NOT EXISTS IDN_CLAIM_MAPPED_ATTRIBUTE (
+  ID INTEGER NOT NULL AUTO_INCREMENT,
+  LOCAL_CLAIM_ID INTEGER,
+  USER_STORE_DOMAIN_NAME VARCHAR (255) NOT NULL,
+  ATTRIBUTE_NAME VARCHAR (255) NOT NULL,
+  TENANT_ID INTEGER NOT NULL,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE,
+  CONSTRAINT USER_STORE_DOMAIN_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, USER_STORE_DOMAIN_NAME, TENANT_ID)
+);
+
+CREATE TABLE IF NOT EXISTS IDN_CLAIM_PROPERTY (
+  ID INTEGER NOT NULL AUTO_INCREMENT,
+  LOCAL_CLAIM_ID INTEGER,
+  PROPERTY_NAME VARCHAR (255) NOT NULL,
+  PROPERTY_VALUE VARCHAR (255) NOT NULL,
+  TENANT_ID INTEGER NOT NULL,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE,
+  CONSTRAINT PROPERTY_NAME_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, PROPERTY_NAME, TENANT_ID)
+);
+
+CREATE TABLE IF NOT EXISTS IDN_CLAIM_MAPPING (
+  ID INTEGER NOT NULL AUTO_INCREMENT,
+  EXT_CLAIM_ID INTEGER NOT NULL,
+  MAPPED_LOCAL_CLAIM_ID INTEGER NOT NULL,
+  TENANT_ID INTEGER NOT NULL,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (EXT_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE,
+  FOREIGN KEY (MAPPED_LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE,
+  CONSTRAINT EXT_TO_LOC_MAPPING_CONSTRN UNIQUE (EXT_CLAIM_ID, TENANT_ID),
+);
+
+CREATE TABLE IF NOT EXISTS  IDN_SAML2_ASSERTION_STORE (
+  ID INTEGER NOT NULL AUTO_INCREMENT,
+  SAML2_ID  VARCHAR(255) ,
+  SAML2_ISSUER  VARCHAR(255) ,
+  SAML2_SUBJECT  VARCHAR(255) ,
+  SAML2_SESSION_INDEX  VARCHAR(255) ,
+  SAML2_AUTHN_CONTEXT_CLASS_REF  VARCHAR(255) ,
+  SAML2_ASSERTION  VARCHAR(4096) ,
+  PRIMARY KEY (ID)
+);
\ No newline at end of file
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.3.0/dbscripts/step1/identity/mssql.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.3.0/dbscripts/step1/identity/mssql.sql
new file mode 100644
index 00000000..17c8ade4
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.3.0/dbscripts/step1/identity/mssql.sql
@@ -0,0 +1,103 @@
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD APP_STATE VARCHAR (25) DEFAULT 'ACTIVE';
+CREATE INDEX IDX_AT ON IDN_OAUTH2_ACCESS_TOKEN(ACCESS_TOKEN);
+ALTER TABLE SP_APP ADD ENABLE_AUTHORIZATION CHAR(1) DEFAULT '0';
+ALTER TABLE SP_INBOUND_AUTH ADD INBOUND_CONFIG_TYPE VARCHAR(255) DEFAULT NULL;
+ALTER TABLE SP_CLAIM_MAPPING ADD IS_MANDATORY VARCHAR(128) DEFAULT '0';
+ALTER TABLE SP_PROVISIONING_CONNECTOR ADD RULE_ENABLED CHAR(1) NOT NULL DEFAULT '0';
+ALTER TABLE IDP_PROVISIONING_CONFIG ADD IS_RULES_ENABLED CHAR(1) NOT NULL DEFAULT '0';
+
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_RECOVERY_DATA]') AND TYPE IN (N'U'))
+  CREATE TABLE IDN_RECOVERY_DATA (
+    USER_NAME VARCHAR(255) NOT NULL,
+    USER_DOMAIN VARCHAR(127) NOT NULL,
+    TENANT_ID INTEGER DEFAULT -1,
+    CODE VARCHAR(255) NOT NULL,
+    SCENARIO VARCHAR(255) NOT NULL,
+    STEP VARCHAR(127) NOT NULL,
+    TIME_CREATED DATETIME NOT NULL,
+    REMAINING_SETS VARCHAR(2500) DEFAULT NULL,
+    PRIMARY KEY(USER_NAME, USER_DOMAIN, TENANT_ID, SCENARIO,STEP),
+    UNIQUE(CODE)
+  );
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_PASSWORD_HISTORY_DATA]') AND TYPE IN (N'U'))
+  CREATE TABLE IDN_PASSWORD_HISTORY_DATA (
+    ID INTEGER NOT NULL IDENTITY ,
+    USER_NAME   VARCHAR(255) NOT NULL,
+    USER_DOMAIN VARCHAR(127) NOT NULL,
+    TENANT_ID   INTEGER DEFAULT -1,
+    SALT_VALUE  VARCHAR(255),
+    HASH        VARCHAR(255) NOT NULL,
+    TIME_CREATED DATETIME NOT NULL,
+    PRIMARY KEY (ID),
+    UNIQUE (USER_NAME,USER_DOMAIN,TENANT_ID,SALT_VALUE,HASH),
+  );
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_CLAIM_DIALECT]') AND TYPE IN (N'U'))
+  CREATE TABLE IDN_CLAIM_DIALECT (
+    ID INTEGER NOT NULL IDENTITY,
+    DIALECT_URI VARCHAR (255) NOT NULL,
+    TENANT_ID INTEGER NOT NULL,
+    PRIMARY KEY (ID),
+    CONSTRAINT DIALECT_URI_CONSTRAINT UNIQUE (DIALECT_URI, TENANT_ID)
+  );
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_CLAIM]') AND TYPE IN (N'U'))
+  CREATE TABLE IDN_CLAIM (
+    ID INTEGER NOT NULL IDENTITY,
+    DIALECT_ID INTEGER,
+    CLAIM_URI VARCHAR (255) NOT NULL,
+    TENANT_ID INTEGER NOT NULL,
+    PRIMARY KEY (ID),
+    FOREIGN KEY (DIALECT_ID) REFERENCES IDN_CLAIM_DIALECT(ID) ON DELETE CASCADE,
+    CONSTRAINT CLAIM_URI_CONSTRAINT UNIQUE (DIALECT_ID, CLAIM_URI, TENANT_ID)
+  );
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_CLAIM_MAPPED_ATTRIBUTE]') AND TYPE IN (N'U'))
+  CREATE TABLE IDN_CLAIM_MAPPED_ATTRIBUTE (
+    ID INTEGER NOT NULL IDENTITY,
+    LOCAL_CLAIM_ID INTEGER,
+    USER_STORE_DOMAIN_NAME VARCHAR (255) NOT NULL,
+    ATTRIBUTE_NAME VARCHAR (255) NOT NULL,
+    TENANT_ID INTEGER NOT NULL,
+    PRIMARY KEY (ID),
+    FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE,
+    CONSTRAINT USER_STORE_DOMAIN_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, USER_STORE_DOMAIN_NAME, TENANT_ID)
+  );
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_CLAIM_PROPERTY]') AND TYPE IN (N'U'))
+  CREATE TABLE IDN_CLAIM_PROPERTY (
+    ID INTEGER NOT NULL IDENTITY,
+    LOCAL_CLAIM_ID INTEGER,
+    PROPERTY_NAME VARCHAR (255) NOT NULL,
+    PROPERTY_VALUE VARCHAR (255) NOT NULL,
+    TENANT_ID INTEGER NOT NULL,
+    PRIMARY KEY (ID),
+    FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE,
+    CONSTRAINT PROPERTY_NAME_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, PROPERTY_NAME, TENANT_ID)
+  );
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_CLAIM_MAPPING]') AND TYPE IN (N'U'))
+  CREATE TABLE IDN_CLAIM_MAPPING (
+    ID INTEGER NOT NULL IDENTITY,
+    EXT_CLAIM_ID INTEGER NOT NULL,
+    MAPPED_LOCAL_CLAIM_ID INTEGER NOT NULL,
+    TENANT_ID INTEGER NOT NULL,
+    PRIMARY KEY (ID),
+    FOREIGN KEY (EXT_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE,
+    FOREIGN KEY (MAPPED_LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE NO ACTION,
+    CONSTRAINT EXT_TO_LOC_MAPPING_CONSTRN UNIQUE (EXT_CLAIM_ID, TENANT_ID)
+  );
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_SAML2_ASSERTION_STORE]') AND TYPE IN (N'U'))
+  CREATE TABLE IDN_SAML2_ASSERTION_STORE (
+    ID INTEGER NOT NULL IDENTITY,
+    SAML2_ID  VARCHAR(255),
+    SAML2_ISSUER  VARCHAR(255),
+    SAML2_SUBJECT  VARCHAR(255),
+    SAML2_SESSION_INDEX  VARCHAR(255),
+    SAML2_AUTHN_CONTEXT_CLASS_REF  VARCHAR(255),
+    SAML2_ASSERTION  VARCHAR(4096),
+    PRIMARY KEY (ID)
+  );
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.3.0/dbscripts/step1/identity/mysql.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.3.0/dbscripts/step1/identity/mysql.sql
new file mode 100644
index 00000000..f81c02d0
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.3.0/dbscripts/step1/identity/mysql.sql
@@ -0,0 +1,119 @@
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS
+ADD COLUMN APP_STATE VARCHAR(25) DEFAULT 'ACTIVE';
+
+CREATE INDEX IDX_AT ON IDN_OAUTH2_ACCESS_TOKEN(ACCESS_TOKEN);
+
+ALTER TABLE SP_APP
+ADD COLUMN ENABLE_AUTHORIZATION CHAR(1) DEFAULT '0';
+
+ALTER TABLE SP_INBOUND_AUTH
+ADD COLUMN INBOUND_CONFIG_TYPE VARCHAR(255) NOT NULL;
+
+ALTER TABLE SP_CLAIM_MAPPING
+ADD COLUMN IS_MANDATORY VARCHAR(128) DEFAULT '0';
+
+ALTER TABLE SP_PROVISIONING_CONNECTOR
+ADD COLUMN RULE_ENABLED CHAR(1) NOT NULL DEFAULT '0';
+
+ALTER TABLE IDP_PROVISIONING_CONFIG
+ADD COLUMN IS_RULES_ENABLED CHAR(1) NOT NULL DEFAULT '0';
+
+CREATE TABLE IF NOT EXISTS IDN_RECOVERY_DATA (
+  USER_NAME      VARCHAR(255) NOT NULL,
+  USER_DOMAIN    VARCHAR(127) NOT NULL,
+  TENANT_ID      INTEGER               DEFAULT -1,
+  CODE           VARCHAR(255) NOT NULL,
+  SCENARIO       VARCHAR(255) NOT NULL,
+  STEP           VARCHAR(127) NOT NULL,
+  TIME_CREATED   TIMESTAMP    NOT NULL DEFAULT CURRENT_TIMESTAMP,
+  REMAINING_SETS VARCHAR(2500)         DEFAULT NULL,
+  PRIMARY KEY (USER_NAME, USER_DOMAIN, TENANT_ID, SCENARIO, STEP),
+  UNIQUE (CODE)
+)
+  ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_PASSWORD_HISTORY_DATA (
+  ID           INTEGER      NOT NULL AUTO_INCREMENT,
+  USER_NAME    VARCHAR(255) NOT NULL,
+  USER_DOMAIN  VARCHAR(127) NOT NULL,
+  TENANT_ID    INTEGER               DEFAULT -1,
+  SALT_VALUE   VARCHAR(255),
+  HASH         VARCHAR(255) NOT NULL,
+  TIME_CREATED TIMESTAMP    NOT NULL DEFAULT CURRENT_TIMESTAMP,
+  PRIMARY KEY (ID),
+  UNIQUE (USER_NAME, USER_DOMAIN, TENANT_ID, SALT_VALUE, HASH)
+)
+  ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_CLAIM_DIALECT (
+  ID          INTEGER      NOT NULL AUTO_INCREMENT,
+  DIALECT_URI VARCHAR(255) NOT NULL,
+  TENANT_ID   INTEGER      NOT NULL,
+  PRIMARY KEY (ID),
+  CONSTRAINT DIALECT_URI_CONSTRAINT UNIQUE (DIALECT_URI, TENANT_ID)
+)
+  ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_CLAIM (
+  ID         INTEGER      NOT NULL AUTO_INCREMENT,
+  DIALECT_ID INTEGER,
+  CLAIM_URI  VARCHAR(255) NOT NULL,
+  TENANT_ID  INTEGER      NOT NULL,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (DIALECT_ID) REFERENCES IDN_CLAIM_DIALECT (ID)
+    ON DELETE CASCADE,
+  CONSTRAINT CLAIM_URI_CONSTRAINT UNIQUE (DIALECT_ID, CLAIM_URI, TENANT_ID)
+)
+  ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_CLAIM_MAPPED_ATTRIBUTE (
+  ID                     INTEGER      NOT NULL AUTO_INCREMENT,
+  LOCAL_CLAIM_ID         INTEGER,
+  USER_STORE_DOMAIN_NAME VARCHAR(255) NOT NULL,
+  ATTRIBUTE_NAME         VARCHAR(255) NOT NULL,
+  TENANT_ID              INTEGER      NOT NULL,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM (ID)
+    ON DELETE CASCADE,
+  CONSTRAINT USER_STORE_DOMAIN_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, USER_STORE_DOMAIN_NAME, TENANT_ID)
+)
+  ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_CLAIM_PROPERTY (
+  ID             INTEGER      NOT NULL AUTO_INCREMENT,
+  LOCAL_CLAIM_ID INTEGER,
+  PROPERTY_NAME  VARCHAR(255) NOT NULL,
+  PROPERTY_VALUE VARCHAR(255) NOT NULL,
+  TENANT_ID      INTEGER      NOT NULL,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM (ID)
+    ON DELETE CASCADE,
+  CONSTRAINT PROPERTY_NAME_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, PROPERTY_NAME, TENANT_ID)
+)
+  ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_CLAIM_MAPPING (
+  ID                    INTEGER NOT NULL AUTO_INCREMENT,
+  EXT_CLAIM_ID          INTEGER NOT NULL,
+  MAPPED_LOCAL_CLAIM_ID INTEGER NOT NULL,
+  TENANT_ID             INTEGER NOT NULL,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (EXT_CLAIM_ID) REFERENCES IDN_CLAIM (ID)
+    ON DELETE CASCADE,
+  FOREIGN KEY (MAPPED_LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM (ID)
+    ON DELETE CASCADE,
+  CONSTRAINT EXT_TO_LOC_MAPPING_CONSTRN UNIQUE (EXT_CLAIM_ID, TENANT_ID)
+)
+  ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_SAML2_ASSERTION_STORE (
+  ID                            INTEGER NOT NULL AUTO_INCREMENT,
+  SAML2_ID                      VARCHAR(255),
+  SAML2_ISSUER                  VARCHAR(255),
+  SAML2_SUBJECT                 VARCHAR(255),
+  SAML2_SESSION_INDEX           VARCHAR(255),
+  SAML2_AUTHN_CONTEXT_CLASS_REF VARCHAR(255),
+  SAML2_ASSERTION               VARCHAR(4096),
+  PRIMARY KEY (ID)
+)
+  ENGINE INNODB;
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.3.0/dbscripts/step1/identity/mysql5.7.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.3.0/dbscripts/step1/identity/mysql5.7.sql
new file mode 100644
index 00000000..f81c02d0
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.3.0/dbscripts/step1/identity/mysql5.7.sql
@@ -0,0 +1,119 @@
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS
+ADD COLUMN APP_STATE VARCHAR(25) DEFAULT 'ACTIVE';
+
+CREATE INDEX IDX_AT ON IDN_OAUTH2_ACCESS_TOKEN(ACCESS_TOKEN);
+
+ALTER TABLE SP_APP
+ADD COLUMN ENABLE_AUTHORIZATION CHAR(1) DEFAULT '0';
+
+ALTER TABLE SP_INBOUND_AUTH
+ADD COLUMN INBOUND_CONFIG_TYPE VARCHAR(255) NOT NULL;
+
+ALTER TABLE SP_CLAIM_MAPPING
+ADD COLUMN IS_MANDATORY VARCHAR(128) DEFAULT '0';
+
+ALTER TABLE SP_PROVISIONING_CONNECTOR
+ADD COLUMN RULE_ENABLED CHAR(1) NOT NULL DEFAULT '0';
+
+ALTER TABLE IDP_PROVISIONING_CONFIG
+ADD COLUMN IS_RULES_ENABLED CHAR(1) NOT NULL DEFAULT '0';
+
+CREATE TABLE IF NOT EXISTS IDN_RECOVERY_DATA (
+  USER_NAME      VARCHAR(255) NOT NULL,
+  USER_DOMAIN    VARCHAR(127) NOT NULL,
+  TENANT_ID      INTEGER               DEFAULT -1,
+  CODE           VARCHAR(255) NOT NULL,
+  SCENARIO       VARCHAR(255) NOT NULL,
+  STEP           VARCHAR(127) NOT NULL,
+  TIME_CREATED   TIMESTAMP    NOT NULL DEFAULT CURRENT_TIMESTAMP,
+  REMAINING_SETS VARCHAR(2500)         DEFAULT NULL,
+  PRIMARY KEY (USER_NAME, USER_DOMAIN, TENANT_ID, SCENARIO, STEP),
+  UNIQUE (CODE)
+)
+  ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_PASSWORD_HISTORY_DATA (
+  ID           INTEGER      NOT NULL AUTO_INCREMENT,
+  USER_NAME    VARCHAR(255) NOT NULL,
+  USER_DOMAIN  VARCHAR(127) NOT NULL,
+  TENANT_ID    INTEGER               DEFAULT -1,
+  SALT_VALUE   VARCHAR(255),
+  HASH         VARCHAR(255) NOT NULL,
+  TIME_CREATED TIMESTAMP    NOT NULL DEFAULT CURRENT_TIMESTAMP,
+  PRIMARY KEY (ID),
+  UNIQUE (USER_NAME, USER_DOMAIN, TENANT_ID, SALT_VALUE, HASH)
+)
+  ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_CLAIM_DIALECT (
+  ID          INTEGER      NOT NULL AUTO_INCREMENT,
+  DIALECT_URI VARCHAR(255) NOT NULL,
+  TENANT_ID   INTEGER      NOT NULL,
+  PRIMARY KEY (ID),
+  CONSTRAINT DIALECT_URI_CONSTRAINT UNIQUE (DIALECT_URI, TENANT_ID)
+)
+  ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_CLAIM (
+  ID         INTEGER      NOT NULL AUTO_INCREMENT,
+  DIALECT_ID INTEGER,
+  CLAIM_URI  VARCHAR(255) NOT NULL,
+  TENANT_ID  INTEGER      NOT NULL,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (DIALECT_ID) REFERENCES IDN_CLAIM_DIALECT (ID)
+    ON DELETE CASCADE,
+  CONSTRAINT CLAIM_URI_CONSTRAINT UNIQUE (DIALECT_ID, CLAIM_URI, TENANT_ID)
+)
+  ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_CLAIM_MAPPED_ATTRIBUTE (
+  ID                     INTEGER      NOT NULL AUTO_INCREMENT,
+  LOCAL_CLAIM_ID         INTEGER,
+  USER_STORE_DOMAIN_NAME VARCHAR(255) NOT NULL,
+  ATTRIBUTE_NAME         VARCHAR(255) NOT NULL,
+  TENANT_ID              INTEGER      NOT NULL,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM (ID)
+    ON DELETE CASCADE,
+  CONSTRAINT USER_STORE_DOMAIN_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, USER_STORE_DOMAIN_NAME, TENANT_ID)
+)
+  ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_CLAIM_PROPERTY (
+  ID             INTEGER      NOT NULL AUTO_INCREMENT,
+  LOCAL_CLAIM_ID INTEGER,
+  PROPERTY_NAME  VARCHAR(255) NOT NULL,
+  PROPERTY_VALUE VARCHAR(255) NOT NULL,
+  TENANT_ID      INTEGER      NOT NULL,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM (ID)
+    ON DELETE CASCADE,
+  CONSTRAINT PROPERTY_NAME_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, PROPERTY_NAME, TENANT_ID)
+)
+  ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_CLAIM_MAPPING (
+  ID                    INTEGER NOT NULL AUTO_INCREMENT,
+  EXT_CLAIM_ID          INTEGER NOT NULL,
+  MAPPED_LOCAL_CLAIM_ID INTEGER NOT NULL,
+  TENANT_ID             INTEGER NOT NULL,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (EXT_CLAIM_ID) REFERENCES IDN_CLAIM (ID)
+    ON DELETE CASCADE,
+  FOREIGN KEY (MAPPED_LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM (ID)
+    ON DELETE CASCADE,
+  CONSTRAINT EXT_TO_LOC_MAPPING_CONSTRN UNIQUE (EXT_CLAIM_ID, TENANT_ID)
+)
+  ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_SAML2_ASSERTION_STORE (
+  ID                            INTEGER NOT NULL AUTO_INCREMENT,
+  SAML2_ID                      VARCHAR(255),
+  SAML2_ISSUER                  VARCHAR(255),
+  SAML2_SUBJECT                 VARCHAR(255),
+  SAML2_SESSION_INDEX           VARCHAR(255),
+  SAML2_AUTHN_CONTEXT_CLASS_REF VARCHAR(255),
+  SAML2_ASSERTION               VARCHAR(4096),
+  PRIMARY KEY (ID)
+)
+  ENGINE INNODB;
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.3.0/dbscripts/step1/identity/oracle.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.3.0/dbscripts/step1/identity/oracle.sql
new file mode 100644
index 00000000..e00118cc
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.3.0/dbscripts/step1/identity/oracle.sql
@@ -0,0 +1,200 @@
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD APP_STATE VARCHAR(25) DEFAULT 'ACTIVE'
+/
+CREATE INDEX IDX_AT ON IDN_OAUTH2_ACCESS_TOKEN(ACCESS_TOKEN)
+/
+ALTER TABLE SP_APP ADD ENABLE_AUTHORIZATION CHAR(1) DEFAULT '0'
+/
+ALTER TABLE SP_INBOUND_AUTH ADD INBOUND_CONFIG_TYPE VARCHAR(255) DEFAULT NULL
+/
+ALTER TABLE SP_CLAIM_MAPPING ADD IS_MANDATORY VARCHAR(128) DEFAULT '0'
+/
+ALTER TABLE SP_PROVISIONING_CONNECTOR ADD RULE_ENABLED CHAR(1) DEFAULT '0' NOT NULL
+/
+ALTER TABLE IDP_PROVISIONING_CONFIG ADD IS_RULES_ENABLED CHAR(1) DEFAULT '0' NOT NULL
+/
+CREATE TABLE IDN_RECOVERY_DATA (
+  USER_NAME      VARCHAR2(255)                       NOT NULL,
+  USER_DOMAIN    VARCHAR2(127)                       NOT NULL,
+  TENANT_ID      INTEGER        DEFAULT -1,
+  CODE           VARCHAR2(255)                       NOT NULL,
+  SCENARIO       VARCHAR2(255)                       NOT NULL,
+  STEP           VARCHAR2(127)                       NOT NULL,
+  TIME_CREATED   TIMESTAMP DEFAULT CURRENT_TIMESTAMP NOT NULL,
+  REMAINING_SETS VARCHAR2(2500) DEFAULT NULL,
+  PRIMARY KEY (USER_NAME, USER_DOMAIN, TENANT_ID, SCENARIO, STEP),
+  UNIQUE (CODE)
+)
+/
+CREATE TABLE IDN_PASSWORD_HISTORY_DATA (
+  ID           INTEGER,
+  USER_NAME    VARCHAR2(255)                       NOT NULL,
+  USER_DOMAIN  VARCHAR2(127)                       NOT NULL,
+  TENANT_ID    INTEGER DEFAULT -1,
+  SALT_VALUE   VARCHAR2(255),
+  HASH         VARCHAR2(255)                       NOT NULL,
+  TIME_CREATED TIMESTAMP DEFAULT CURRENT_TIMESTAMP NOT NULL,
+  PRIMARY KEY (ID),
+  UNIQUE (USER_NAME, USER_DOMAIN, TENANT_ID, SALT_VALUE, HASH)
+)
+/
+
+CREATE SEQUENCE IDN_PASSWORD_HISTORY_DATA_SEQ START WITH 1 INCREMENT BY 1 NOCACHE
+/
+
+CREATE OR REPLACE TRIGGER IDN_PASSWORD_HISTORY_DATA_TRIG
+BEFORE INSERT
+ON IDN_PASSWORD_HISTORY_DATA
+REFERENCING NEW AS NEW
+FOR EACH ROW
+  BEGIN
+    SELECT IDN_PASSWORD_HISTORY_DATA_SEQ.nextval
+    INTO :NEW.ID
+    FROM dual;
+  END;
+/
+
+CREATE TABLE IDN_CLAIM_DIALECT (
+  ID          INTEGER,
+  DIALECT_URI VARCHAR(255) NOT NULL,
+  TENANT_ID   INTEGER      NOT NULL,
+  PRIMARY KEY (ID),
+  CONSTRAINT DIALECT_URI_CONSTRAINT UNIQUE (DIALECT_URI, TENANT_ID)
+)
+/
+CREATE SEQUENCE IDN_CLAIM_DIALECT_SEQ START WITH 1 INCREMENT BY 1 NOCACHE
+/
+CREATE OR REPLACE TRIGGER IDN_CLAIM_DIALECT_TRIG
+BEFORE INSERT
+ON IDN_CLAIM_DIALECT
+REFERENCING NEW AS NEW
+FOR EACH ROW
+  BEGIN
+    SELECT IDN_CLAIM_DIALECT_SEQ.nextval
+    INTO :NEW.ID
+    FROM dual;
+  END;
+/
+
+CREATE TABLE IDN_CLAIM (
+  ID         INTEGER,
+  DIALECT_ID INTEGER,
+  CLAIM_URI  VARCHAR(255) NOT NULL,
+  TENANT_ID  INTEGER      NOT NULL,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (DIALECT_ID) REFERENCES IDN_CLAIM_DIALECT (ID) ON DELETE CASCADE,
+  CONSTRAINT CLAIM_URI_CONSTRAINT UNIQUE (DIALECT_ID, CLAIM_URI, TENANT_ID)
+)
+/
+CREATE SEQUENCE IDN_CLAIM_SEQ START WITH 1 INCREMENT BY 1 NOCACHE
+/
+CREATE OR REPLACE TRIGGER IDN_CLAIM_TRIG
+BEFORE INSERT
+ON IDN_CLAIM
+REFERENCING NEW AS NEW
+FOR EACH ROW
+  BEGIN
+    SELECT IDN_CLAIM_SEQ.nextval
+    INTO :NEW.ID
+    FROM dual;
+  END;
+/
+
+CREATE TABLE IDN_CLAIM_MAPPED_ATTRIBUTE (
+  ID                     INTEGER,
+  LOCAL_CLAIM_ID         INTEGER,
+  USER_STORE_DOMAIN_NAME VARCHAR(255) NOT NULL,
+  ATTRIBUTE_NAME         VARCHAR(255) NOT NULL,
+  TENANT_ID              INTEGER      NOT NULL,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM (ID) ON DELETE CASCADE,
+  CONSTRAINT USER_STORE_DOMAIN_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, USER_STORE_DOMAIN_NAME, TENANT_ID)
+)
+/
+CREATE SEQUENCE IDN_CLAIM_MAPPED_ATTRIBUTE_SEQ START WITH 1 INCREMENT BY 1 NOCACHE
+/
+CREATE OR REPLACE TRIGGER IDN_CLAIM_MAPPED_ATTR_TRIG
+BEFORE INSERT
+ON IDN_CLAIM_MAPPED_ATTRIBUTE
+REFERENCING NEW AS NEW
+FOR EACH ROW
+  BEGIN
+    SELECT IDN_CLAIM_MAPPED_ATTRIBUTE_SEQ.nextval
+    INTO :NEW.ID
+    FROM dual;
+  END;
+/
+
+CREATE TABLE IDN_CLAIM_PROPERTY (
+  ID             INTEGER,
+  LOCAL_CLAIM_ID INTEGER,
+  PROPERTY_NAME  VARCHAR(255) NOT NULL,
+  PROPERTY_VALUE VARCHAR(255) NOT NULL,
+  TENANT_ID      INTEGER      NOT NULL,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM (ID) ON DELETE CASCADE,
+  CONSTRAINT PROPERTY_NAME_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, PROPERTY_NAME, TENANT_ID)
+)
+/
+CREATE SEQUENCE IDN_CLAIM_PROPERTY_SEQ START WITH 1 INCREMENT BY 1 NOCACHE
+/
+CREATE OR REPLACE TRIGGER IDN_CLAIM_PROPERTY_TRIG
+BEFORE INSERT
+ON IDN_CLAIM_PROPERTY
+REFERENCING NEW AS NEW
+FOR EACH ROW
+  BEGIN
+    SELECT IDN_CLAIM_PROPERTY_SEQ.nextval
+    INTO :NEW.ID
+    FROM dual;
+  END;
+/
+
+CREATE TABLE IDN_CLAIM_MAPPING (
+  ID                    INTEGER,
+  EXT_CLAIM_ID          INTEGER NOT NULL,
+  MAPPED_LOCAL_CLAIM_ID INTEGER NOT NULL,
+  TENANT_ID             INTEGER NOT NULL,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (EXT_CLAIM_ID) REFERENCES IDN_CLAIM (ID) ON DELETE CASCADE,
+  FOREIGN KEY (MAPPED_LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM (ID) ON DELETE CASCADE,
+  CONSTRAINT EXT_TO_LOC_MAPPING_CONSTRN UNIQUE (EXT_CLAIM_ID, TENANT_ID)
+)
+/
+CREATE SEQUENCE IDN_CLAIM_MAPPING_SEQ START WITH 1 INCREMENT BY 1 NOCACHE
+/
+CREATE OR REPLACE TRIGGER IDN_CLAIM_MAPPING_TRIG
+BEFORE INSERT
+ON IDN_CLAIM_MAPPING
+REFERENCING NEW AS NEW
+FOR EACH ROW
+  BEGIN
+    SELECT IDN_CLAIM_MAPPING_SEQ.nextval
+    INTO :NEW.ID
+    FROM dual;
+  END;
+/
+
+CREATE TABLE IDN_SAML2_ASSERTION_STORE (
+  ID                            INTEGER,
+  SAML2_ID                      VARCHAR(255),
+  SAML2_ISSUER                  VARCHAR(255),
+  SAML2_SUBJECT                 VARCHAR(255),
+  SAML2_SESSION_INDEX           VARCHAR(255),
+  SAML2_AUTHN_CONTEXT_CLASS_REF VARCHAR(255),
+  SAML2_ASSERTION               VARCHAR2(4000),
+  PRIMARY KEY (ID)
+)
+/
+CREATE SEQUENCE IDN_SAML2_ASSERTION_STORE_SEQ START WITH 1 INCREMENT BY 1 NOCACHE
+/
+CREATE OR REPLACE TRIGGER IDN_SAML2_ASSERTION_STORE_TRIG
+BEFORE INSERT
+ON IDN_SAML2_ASSERTION_STORE
+REFERENCING NEW AS NEW
+FOR EACH ROW
+  BEGIN
+    SELECT IDN_SAML2_ASSERTION_STORE_SEQ.nextval
+    INTO :NEW.ID
+    FROM dual;
+  END;
+/
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.3.0/dbscripts/step1/identity/postgresql.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.3.0/dbscripts/step1/identity/postgresql.sql
new file mode 100644
index 00000000..c1ba4791
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.3.0/dbscripts/step1/identity/postgresql.sql
@@ -0,0 +1,115 @@
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD COLUMN APP_STATE VARCHAR(25) DEFAULT 'ACTIVE';
+CREATE INDEX IDX_AT ON IDN_OAUTH2_ACCESS_TOKEN(ACCESS_TOKEN);
+ALTER TABLE SP_APP ADD COLUMN ENABLE_AUTHORIZATION CHAR(1) DEFAULT '0';
+ALTER TABLE SP_INBOUND_AUTH ADD COLUMN INBOUND_CONFIG_TYPE VARCHAR(255) NULL;
+ALTER TABLE SP_CLAIM_MAPPING ADD COLUMN IS_MANDATORY VARCHAR(128) DEFAULT '0';
+ALTER TABLE SP_PROVISIONING_CONNECTOR ADD COLUMN RULE_ENABLED CHAR(1) NOT NULL DEFAULT '0';
+ALTER TABLE IDP_PROVISIONING_CONFIG ADD COLUMN IS_RULES_ENABLED CHAR(1) NOT NULL DEFAULT '0';
+
+DROP TABLE IF EXISTS IDN_RECOVERY_DATA;
+CREATE TABLE IDN_RECOVERY_DATA (
+  USER_NAME      VARCHAR(255) NOT NULL,
+  USER_DOMAIN    VARCHAR(127) NOT NULL,
+  TENANT_ID      INTEGER               DEFAULT -1,
+  CODE           VARCHAR(255) NOT NULL,
+  SCENARIO       VARCHAR(255) NOT NULL,
+  STEP           VARCHAR(127) NOT NULL,
+  TIME_CREATED   TIMESTAMP    NOT NULL DEFAULT CURRENT_TIMESTAMP,
+  REMAINING_SETS VARCHAR(2500)         DEFAULT NULL,
+  PRIMARY KEY (USER_NAME, USER_DOMAIN, TENANT_ID, SCENARIO, STEP),
+  UNIQUE (CODE)
+);
+
+DROP TABLE IF EXISTS IDN_PASSWORD_HISTORY_DATA;
+CREATE SEQUENCE IDN_PASSWORD_HISTORY_DATA_PK_SEQ;
+CREATE TABLE IDN_PASSWORD_HISTORY_DATA (
+  ID           INTEGER               DEFAULT NEXTVAL('IDN_PASSWORD_HISTORY_DATA_PK_SEQ'),
+  USER_NAME    VARCHAR(255) NOT NULL,
+  USER_DOMAIN  VARCHAR(127) NOT NULL,
+  TENANT_ID    INTEGER               DEFAULT -1,
+  SALT_VALUE   VARCHAR(255),
+  HASH         VARCHAR(255) NOT NULL,
+  TIME_CREATED TIMESTAMP    NOT NULL DEFAULT CURRENT_TIMESTAMP,
+  PRIMARY KEY (ID),
+  UNIQUE (USER_NAME, USER_DOMAIN, TENANT_ID, SALT_VALUE, HASH)
+);
+
+DROP TABLE IF EXISTS IDN_CLAIM_DIALECT;
+DROP SEQUENCE IF EXISTS IDN_CLAIM_DIALECT_SEQ;
+CREATE SEQUENCE IDN_CLAIM_DIALECT_SEQ;
+CREATE TABLE IDN_CLAIM_DIALECT (
+  ID          INTEGER DEFAULT NEXTVAL('IDN_CLAIM_DIALECT_SEQ'),
+  DIALECT_URI VARCHAR(255) NOT NULL,
+  TENANT_ID   INTEGER      NOT NULL,
+  PRIMARY KEY (ID),
+  CONSTRAINT DIALECT_URI_CONSTRAINT UNIQUE (DIALECT_URI, TENANT_ID)
+);
+
+DROP TABLE IF EXISTS IDN_CLAIM;
+DROP SEQUENCE IF EXISTS IDN_CLAIM_SEQ;
+CREATE SEQUENCE IDN_CLAIM_SEQ;
+CREATE TABLE IDN_CLAIM (
+  ID         INTEGER DEFAULT NEXTVAL('IDN_CLAIM_SEQ'),
+  DIALECT_ID INTEGER,
+  CLAIM_URI  VARCHAR(255) NOT NULL,
+  TENANT_ID  INTEGER      NOT NULL,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (DIALECT_ID) REFERENCES IDN_CLAIM_DIALECT (ID) ON DELETE CASCADE,
+  CONSTRAINT CLAIM_URI_CONSTRAINT UNIQUE (DIALECT_ID, CLAIM_URI, TENANT_ID)
+);
+
+DROP TABLE IF EXISTS IDN_CLAIM_MAPPED_ATTRIBUTE;
+DROP SEQUENCE IF EXISTS IDN_CLAIM_MAPPED_ATTRIBUTE_SEQ;
+CREATE SEQUENCE IDN_CLAIM_MAPPED_ATTRIBUTE_SEQ;
+CREATE TABLE IDN_CLAIM_MAPPED_ATTRIBUTE (
+  ID                     INTEGER DEFAULT NEXTVAL('IDN_CLAIM_MAPPED_ATTRIBUTE_SEQ'),
+  LOCAL_CLAIM_ID         INTEGER,
+  USER_STORE_DOMAIN_NAME VARCHAR(255) NOT NULL,
+  ATTRIBUTE_NAME         VARCHAR(255) NOT NULL,
+  TENANT_ID              INTEGER      NOT NULL,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM (ID) ON DELETE CASCADE,
+  CONSTRAINT USER_STORE_DOMAIN_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, USER_STORE_DOMAIN_NAME, TENANT_ID)
+);
+
+DROP TABLE IF EXISTS IDN_CLAIM_PROPERTY;
+DROP SEQUENCE IF EXISTS IDN_CLAIM_PROPERTY_SEQ;
+CREATE SEQUENCE IDN_CLAIM_PROPERTY_SEQ;
+CREATE TABLE IDN_CLAIM_PROPERTY (
+  ID             INTEGER DEFAULT NEXTVAL('IDN_CLAIM_PROPERTY_SEQ'),
+  LOCAL_CLAIM_ID INTEGER,
+  PROPERTY_NAME  VARCHAR(255) NOT NULL,
+  PROPERTY_VALUE VARCHAR(255) NOT NULL,
+  TENANT_ID      INTEGER      NOT NULL,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM (ID) ON DELETE CASCADE,
+  CONSTRAINT PROPERTY_NAME_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, PROPERTY_NAME, TENANT_ID)
+);
+
+DROP TABLE IF EXISTS IDN_CLAIM_MAPPING;
+DROP SEQUENCE IF EXISTS IDN_CLAIM_MAPPING_SEQ;
+CREATE SEQUENCE IDN_CLAIM_MAPPING_SEQ;
+CREATE TABLE IDN_CLAIM_MAPPING (
+  ID                    INTEGER DEFAULT NEXTVAL('IDN_CLAIM_MAPPING_SEQ'),
+  EXT_CLAIM_ID          INTEGER NOT NULL,
+  MAPPED_LOCAL_CLAIM_ID INTEGER NOT NULL,
+  TENANT_ID             INTEGER NOT NULL,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (EXT_CLAIM_ID) REFERENCES IDN_CLAIM (ID) ON DELETE CASCADE,
+  FOREIGN KEY (MAPPED_LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM (ID) ON DELETE CASCADE,
+  CONSTRAINT EXT_TO_LOC_MAPPING_CONSTRN UNIQUE (EXT_CLAIM_ID, TENANT_ID)
+);
+
+DROP TABLE IF EXISTS IDN_SAML2_ASSERTION_STORE;
+DROP SEQUENCE IF EXISTS IDN_SAML2_ASSERTION_STORE_SEQ;
+CREATE SEQUENCE IDN_SAML2_ASSERTION_STORE_SEQ;
+CREATE TABLE IDN_SAML2_ASSERTION_STORE (
+  ID                            INTEGER DEFAULT NEXTVAL('IDN_SAML2_ASSERTION_STORE_SEQ'),
+  SAML2_ID                      VARCHAR(255),
+  SAML2_ISSUER                  VARCHAR(255),
+  SAML2_SUBJECT                 VARCHAR(255),
+  SAML2_SESSION_INDEX           VARCHAR(255),
+  SAML2_AUTHN_CONTEXT_CLASS_REF VARCHAR(255),
+  SAML2_ASSERTION               VARCHAR(4096),
+  PRIMARY KEY (ID)
+);
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/data/claim-config.xml b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/data/claim-config.xml
new file mode 100644
index 00000000..21e396a8
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/data/claim-config.xml
@@ -0,0 +1,824 @@
+<!--
+ ~ Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ ~
+ ~ WSO2 Inc. licenses this file to you under the Apache License,
+ ~ Version 2.0 (the "License"); you may not use this file except
+ ~ in compliance with the License.
+ ~ You may obtain a copy of the License at
+ ~
+ ~    http://www.apache.org/licenses/LICENSE-2.0
+ ~
+ ~ Unless required by applicable law or agreed to in writing,
+ ~ software distributed under the License is distributed on an
+ ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ ~ KIND, either express or implied.  See the License for the
+ ~ specific language governing permissions and limitations
+ ~ under the License.
+ -->
+<ClaimConfig>
+	<Dialects>
+		<Dialect dialectURI="http://wso2.org/claims">
+			<Claim>
+				<ClaimURI>http://wso2.org/claims/department</ClaimURI>
+				<DisplayName>Department</DisplayName>
+				<AttributeID>departmentNumber</AttributeID>
+				<Description>Department</Description>
+				<SupportedByDefault />
+				<ReadOnly />
+			</Claim>
+			<Claim>
+				<ClaimURI>http://wso2.org/claims/resourceType</ClaimURI>
+				<DisplayName>Resource Type</DisplayName>
+				<AttributeID>ref</AttributeID>
+				<Description>Resource Type</Description>
+			</Claim>
+			<Claim>
+				<ClaimURI>http://wso2.org/claims/identity/phoneVerified</ClaimURI>
+				<DisplayName>Phone Verified</DisplayName>
+				<!-- Proper attribute Id in your user store must be configured for this -->
+				<AttributeID>phoneVerified</AttributeID>
+				<Description>Phone Verified</Description>
+			</Claim>
+			<Claim>
+				<ClaimURI>http://wso2.org/claims/userid</ClaimURI>
+				<DisplayName>User ID</DisplayName>
+				<AttributeID>scimId</AttributeID>
+				<Description>Unique ID of the user</Description>
+				<ReadOnly/>
+			</Claim>
+			<Claim>
+				<ClaimURI>http://wso2.org/claims/externalid</ClaimURI>
+				<DisplayName>External User ID</DisplayName>
+				<AttributeID>externalId</AttributeID>
+				<Description>Unique ID of the user used in external systems</Description>
+				<ReadOnly/>
+			</Claim>
+			<Claim>
+				<ClaimURI>http://wso2.org/claims/created</ClaimURI>
+				<DisplayName>Created Time</DisplayName>
+				<AttributeID>createdDate</AttributeID>
+				<Description>Created timestamp of the user</Description>
+				<ReadOnly/>
+			</Claim>
+			<Claim>
+				<ClaimURI>http://wso2.org/claims/modified</ClaimURI>
+				<DisplayName>Last Modified Time</DisplayName>
+				<AttributeID>lastModifiedDate</AttributeID>
+				<Description>Last Modified timestamp of the user</Description>
+				<ReadOnly/>
+			</Claim>
+			<Claim>
+				<ClaimURI>http://wso2.org/claims/location</ClaimURI>
+				<DisplayName>Location</DisplayName>
+				<AttributeID>location</AttributeID>
+				<Description>Location</Description>
+			</Claim>
+			<Claim>
+				<ClaimURI>http://wso2.org/claims/im</ClaimURI>
+				<DisplayName>IM</DisplayName>
+				<AttributeID>im</AttributeID>
+				<Description>IM</Description>
+				<DisplayOrder>9</DisplayOrder>
+				<SupportedByDefault />
+			</Claim>
+			<Claim>
+				<ClaimURI>http://wso2.org/claims/username</ClaimURI>
+				<DisplayName>Username</DisplayName>
+				<AttributeID>uid</AttributeID>
+				<Description>Username</Description>
+			</Claim>
+			<Claim>
+				<ClaimURI>http://wso2.org/claims/givenname</ClaimURI>
+				<DisplayName>First Name</DisplayName>
+				<AttributeID>givenName</AttributeID>
+				<Description>First Name</Description>
+				<Required />
+				<DisplayOrder>1</DisplayOrder>
+				<SupportedByDefault />
+			</Claim>
+			<Claim>
+				<ClaimURI>http://wso2.org/claims/lastname</ClaimURI>
+				<DisplayName>Last Name</DisplayName>
+				<AttributeID>sn</AttributeID>
+				<Description>Last Name</Description>
+				<Required />
+				<DisplayOrder>2</DisplayOrder>
+				<SupportedByDefault />
+			</Claim>
+			<Claim>
+				<ClaimURI>http://wso2.org/claims/formattedName</ClaimURI>
+				<DisplayName>Name - Formatted Name</DisplayName>
+				<AttributeID>formattedName</AttributeID>
+				<Description>Formatted Name</Description>
+			</Claim>
+			<Claim>
+				<ClaimURI>http://wso2.org/claims/middleName</ClaimURI>
+				<DisplayName>Middle Name</DisplayName>
+				<AttributeID>middleName</AttributeID>
+				<Description>Middle Name</Description>
+			</Claim>
+			<Claim>
+				<ClaimURI>http://wso2.org/claims/honorificPrefix</ClaimURI>
+				<DisplayName>Name - Honoric Prefix</DisplayName>
+				<AttributeID>honoricPrefix</AttributeID>
+				<Description>Honoric Prefix</Description>
+			</Claim>
+			<Claim>
+				<ClaimURI>http://wso2.org/claims/honorificSuffix</ClaimURI>
+				<DisplayName>Name - Honoric Suffix</DisplayName>
+				<AttributeID>honoricSuffix</AttributeID>
+				<Description>Honoric Suffix</Description>
+			</Claim>
+			<Claim>
+				<ClaimURI>http://wso2.org/claims/displayName</ClaimURI>
+				<DisplayName>Display Name</DisplayName>
+				<AttributeID>displayName</AttributeID>
+				<Description>Display Name</Description>
+			</Claim>
+			<Claim>
+				<ClaimURI>http://wso2.org/claims/nickname</ClaimURI>
+				<DisplayName>Nick Name</DisplayName>
+				<AttributeID>nickName</AttributeID>
+				<Description>Nick Name</Description>
+			</Claim>
+			<Claim>
+				<ClaimURI>http://wso2.org/claims/url</ClaimURI>
+				<DisplayName>URL</DisplayName>
+				<AttributeID>url</AttributeID>
+				<Description>URL</Description>
+				<DisplayOrder>10</DisplayOrder>
+				<SupportedByDefault />
+			</Claim>
+			<Claim>
+				<ClaimURI>http://wso2.org/claims/title</ClaimURI>
+				<DisplayName>Title</DisplayName>
+				<AttributeID>title</AttributeID>
+				<Description>Title</Description>
+			</Claim>
+			<Claim>
+				<ClaimURI>http://wso2.org/claims/userType</ClaimURI>
+				<DisplayName>User Type</DisplayName>
+				<AttributeID>userType</AttributeID>
+				<Description>User Type</Description>
+			</Claim>
+			<Claim>
+				<ClaimURI>http://wso2.org/claims/preferredLanguage</ClaimURI>
+				<DisplayName>Preferred Language</DisplayName>
+				<AttributeID>preferredLanguage</AttributeID>
+				<Description>Preferred Language</Description>
+			</Claim>
+			<Claim>
+				<ClaimURI>http://wso2.org/claims/local</ClaimURI>
+				<DisplayName>Local</DisplayName>
+				<AttributeID>local</AttributeID>
+				<Description>Local</Description>
+			</Claim>
+			<Claim>
+				<ClaimURI>http://wso2.org/claims/timeZone</ClaimURI>
+				<DisplayName>Time Zone</DisplayName>
+				<AttributeID>timeZone</AttributeID>
+				<Description>Time Zone</Description>
+			</Claim>
+			<Claim>
+				<ClaimURI>http://wso2.org/claims/active</ClaimURI>
+				<DisplayName>Active</DisplayName>
+				<AttributeID>active</AttributeID>
+				<Description>Status of the account</Description>
+			</Claim>
+			<Claim>
+				<ClaimURI>http://wso2.org/claims/emails.work</ClaimURI>
+				<DisplayName>Emails - Work Email</DisplayName>
+				<AttributeID>workEmail</AttributeID>
+				<Description>Work Email</Description>
+			</Claim>
+			<Claim>
+				<ClaimURI>http://wso2.org/claims/emails.home</ClaimURI>
+				<DisplayName>Emails - Home Email</DisplayName>
+				<AttributeID>homeEmail</AttributeID>
+				<Description>Home Email</Description>
+			</Claim>
+			<Claim>
+				<ClaimURI>http://wso2.org/claims/emails.other</ClaimURI>
+				<DisplayName>Emails - Other Email</DisplayName>
+				<AttributeID>otherEmail</AttributeID>
+				<Description>Other Email</Description>
+			</Claim>
+			<Claim>
+				<ClaimURI>http://wso2.org/claims/mobile</ClaimURI>
+				<DisplayName>Mobile</DisplayName>
+				<AttributeID>mobile</AttributeID>
+				<Description>Mobile</Description>
+				<DisplayOrder>8</DisplayOrder>
+				<SupportedByDefault />
+			</Claim>
+			<Claim>
+				<ClaimURI>http://wso2.org/claims/phoneNumbers.home</ClaimURI>
+				<DisplayName>Phone Numbers - Home Phone Number</DisplayName>
+				<AttributeID>homePhone</AttributeID>
+				<Description>Home Phone</Description>
+			</Claim>
+			<Claim>
+				<ClaimURI>http://wso2.org/claims/phoneNumbers.work</ClaimURI>
+				<DisplayName>Phone Numbers - Work Phone Number</DisplayName>
+				<AttributeID>workPhone</AttributeID>
+				<Description>Work Phone</Description>
+			</Claim>
+			<Claim>
+				<ClaimURI>http://wso2.org/claims/phoneNumbers.other</ClaimURI>
+				<DisplayName>Phone Numbers - Other</DisplayName>
+				<AttributeID>otherPhoneNumber</AttributeID>
+				<Description>Other Phone Number</Description>
+			</Claim>
+			<Claim>
+				<ClaimURI>http://wso2.org/claims/gtalk</ClaimURI>
+				<DisplayName>IM - Gtalk</DisplayName>
+				<AttributeID>imGtalk</AttributeID>
+				<Description>IM - Gtalk</Description>
+			</Claim>
+			<Claim>
+				<ClaimURI>http://wso2.org/claims/skype</ClaimURI>
+				<DisplayName>IM - Skype</DisplayName>
+				<AttributeID>imSkype</AttributeID>
+				<Description>IM - Skype</Description>
+			</Claim>
+			<Claim>
+				<ClaimURI>http://wso2.org/claims/photourl</ClaimURI>
+				<DisplayName>Photo URIL</DisplayName>
+				<AttributeID>photoUrl</AttributeID>
+				<Description>Photo URL</Description>
+			</Claim>
+			<Claim>
+				<ClaimURI>http://wso2.org/claims/thumbnail</ClaimURI>
+				<DisplayName>Photo - Thumbnail</DisplayName>
+				<AttributeID>thumbnail</AttributeID>
+				<Description>Photo - Thumbnail</Description>
+			</Claim>
+			<Claim>
+				<ClaimURI>http://wso2.org/claims/addresses.locality</ClaimURI>
+				<DisplayName>Address - Locality</DisplayName>
+				<AttributeID>localityAddress</AttributeID>
+				<Description>Address - Locality</Description>
+			</Claim>
+			<Claim>
+				<ClaimURI>http://wso2.org/claims/region</ClaimURI>
+				<DisplayName>Region</DisplayName>
+				<AttributeID>region</AttributeID>
+				<Description>Region</Description>
+			</Claim>
+			<Claim>
+				<ClaimURI>http://wso2.org/claims/groups</ClaimURI>
+				<DisplayName>Groups</DisplayName>
+				<AttributeID>groups</AttributeID>
+				<Description>Groups</Description>
+			</Claim>
+			<Claim>
+				<ClaimURI>http://wso2.org/claims/entitlements</ClaimURI>
+				<DisplayName>Entitlements</DisplayName>
+				<AttributeID>entitlements</AttributeID>
+				<Description>Entitlements</Description>
+			</Claim>
+			<Claim>
+				<ClaimURI>http://wso2.org/claims/role</ClaimURI>
+				<DisplayName>Role</DisplayName>
+				<AttributeID>role</AttributeID>
+				<Description>Role</Description>
+				<SupportedByDefault />
+				<ReadOnly />
+			</Claim>
+			<Claim>
+				<ClaimURI>http://wso2.org/claims/x509Certificates</ClaimURI>
+				<DisplayName>X509Certificates</DisplayName>
+				<AttributeID>x509Certificates</AttributeID>
+				<Description>X509Certificates</Description>
+			</Claim>
+			<Claim>
+				<ClaimURI>http://wso2.org/claims/organization</ClaimURI>
+				<DisplayName>Organization</DisplayName>
+				<AttributeID>organizationName</AttributeID>
+				<Description>Organization</Description>
+				<DisplayOrder>3</DisplayOrder>
+				<SupportedByDefault />
+			</Claim>
+			<Claim>
+				<ClaimURI>http://wso2.org/claims/stateorprovince</ClaimURI>
+				<DisplayName>State</DisplayName>
+				<AttributeID>stateOrProvinceName</AttributeID>
+				<Description>State</Description>
+			</Claim>
+			<Claim>
+				<ClaimURI>http://wso2.org/claims/gender</ClaimURI>
+				<DisplayName>Gender</DisplayName>
+				<AttributeID>gender</AttributeID>
+				<Description>Gender</Description>
+			</Claim>
+			<Claim>
+				<ClaimURI>http://wso2.org/claims/identity/askPassword</ClaimURI>
+				<DisplayName>Ask Password</DisplayName>
+				<AttributeID>askPassword</AttributeID>
+				<Description>Temporary claim to invoke email ask Password feature</Description>
+			</Claim>
+			<Claim>
+				<ClaimURI>http://wso2.org/claims/identity/verifyEmail</ClaimURI>
+				<DisplayName>Verify Email</DisplayName>
+				<AttributeID>verifyEmail</AttributeID>
+				<Description>Temporary claim to invoke email verified feature</Description>
+			</Claim>
+		</Dialect>
+		<Dialect dialectURI="urn:ietf:params:scim:schemas:core:2.0">
+			<Claim>
+				<ClaimURI>urn:ietf:params:scim:schemas:core:2.0:id</ClaimURI>
+				<DisplayName>Id</DisplayName>
+				<AttributeID>scimId</AttributeID>
+				<Description>Id</Description>
+				<Required />
+				<DisplayOrder>1</DisplayOrder>
+				<SupportedByDefault />
+				<MappedLocalClaim>http://wso2.org/claims/userid</MappedLocalClaim>
+			</Claim>
+			<Claim>
+				<ClaimURI>urn:ietf:params:scim:schemas:core:2.0:externalId</ClaimURI>
+				<DisplayName>External Id</DisplayName>
+				<AttributeID>externalId</AttributeID>
+				<Description>External Id</Description>
+				<Required />
+				<DisplayOrder>1</DisplayOrder>
+				<SupportedByDefault />
+				<MappedLocalClaim>http://wso2.org/claims/externalid</MappedLocalClaim>
+			</Claim>
+			<Claim>
+				<ClaimURI>urn:ietf:params:scim:schemas:core:2.0:meta.created</ClaimURI>
+				<DisplayName>Meta - Created</DisplayName>
+				<AttributeID>createdDate</AttributeID>
+				<Description>Meta - Created</Description>
+				<Required />
+				<DisplayOrder>1</DisplayOrder>
+				<SupportedByDefault />
+				<MappedLocalClaim>http://wso2.org/claims/created</MappedLocalClaim>
+			</Claim>
+			<Claim>
+				<ClaimURI>urn:ietf:params:scim:schemas:core:2.0:meta.lastModified</ClaimURI>
+				<DisplayName>Meta - Last Modified</DisplayName>
+				<AttributeID>lastModifiedDate</AttributeID>
+				<Description>Meta - Last Modified</Description>
+				<Required />
+				<DisplayOrder>1</DisplayOrder>
+				<SupportedByDefault />
+				<MappedLocalClaim>http://wso2.org/claims/modified</MappedLocalClaim>
+			</Claim>
+			<Claim>
+				<ClaimURI>urn:ietf:params:scim:schemas:core:2.0:meta.location</ClaimURI>
+				<DisplayName>Meta - Location</DisplayName>
+				<AttributeID>location</AttributeID>
+				<Description>Meta - Location</Description>
+				<Required />
+				<DisplayOrder>1</DisplayOrder>
+				<SupportedByDefault />
+				<MappedLocalClaim>http://wso2.org/claims/location</MappedLocalClaim>
+			</Claim>
+			<Claim>
+				<ClaimURI>urn:ietf:params:scim:schemas:core:2.0:meta.resourceType</ClaimURI>
+				<DisplayName>Meta - Location</DisplayName>
+				<AttributeID>ref</AttributeID>
+				<Description>Meta - Location</Description>
+				<Required />
+				<DisplayOrder>1</DisplayOrder>
+				<SupportedByDefault />
+				<MappedLocalClaim>http://wso2.org/claims/resourceType</MappedLocalClaim>
+			</Claim>
+			<Claim>
+				<ClaimURI>urn:ietf:params:scim:schemas:core:2.0:meta.version</ClaimURI>
+				<DisplayName>Meta - Version</DisplayName>
+				<AttributeID>im</AttributeID>
+				<Description>Meta - Version</Description>
+				<Required />
+				<DisplayOrder>1</DisplayOrder>
+				<SupportedByDefault />
+				<MappedLocalClaim>http://wso2.org/claims/im</MappedLocalClaim>
+			</Claim>
+		</Dialect>
+		<Dialect dialectURI="urn:ietf:params:scim:schemas:core:2.0:User">
+			<Claim>
+				<ClaimURI>urn:ietf:params:scim:schemas:core:2.0:User:userName</ClaimURI>
+				<DisplayName>User Name</DisplayName>
+				<AttributeID>uid</AttributeID>
+				<Description>User Name</Description>
+				<DisplayOrder>2</DisplayOrder>
+				<Required />
+				<SupportedByDefault />
+				<MappedLocalClaim>http://wso2.org/claims/username</MappedLocalClaim>
+			</Claim>
+			<Claim>
+				<ClaimURI>urn:ietf:params:scim:schemas:core:2.0:User:name.givenName</ClaimURI>
+				<DisplayName>Name - Given Name</DisplayName>
+				<AttributeID>givenName</AttributeID>
+				<Description>Given Name</Description>
+				<Required />
+				<DisplayOrder>1</DisplayOrder>
+				<SupportedByDefault />
+				<MappedLocalClaim>http://wso2.org/claims/givenname</MappedLocalClaim>
+			</Claim>
+			<Claim>
+				<ClaimURI>urn:ietf:params:scim:schemas:core:2.0:User:name.familyName</ClaimURI>
+				<DisplayName>Name - Family Name</DisplayName>
+				<AttributeID>sn</AttributeID>
+				<Description>Family Name</Description>
+				<DisplayOrder>2</DisplayOrder>
+				<Required />
+				<SupportedByDefault />
+				<MappedLocalClaim>http://wso2.org/claims/lastname</MappedLocalClaim>
+			</Claim>
+			<Claim>
+				<ClaimURI>urn:ietf:params:scim:schemas:core:2.0:User:name.formatted</ClaimURI>
+				<DisplayName>Name - Formatted Name</DisplayName>
+				<AttributeID>formattedName</AttributeID>
+				<Description>Formatted Name</Description>
+				<DisplayOrder>2</DisplayOrder>
+				<Required />
+				<SupportedByDefault />
+				<MappedLocalClaim>http://wso2.org/claims/formattedName</MappedLocalClaim>
+			</Claim>
+			<Claim>
+				<ClaimURI>urn:ietf:params:scim:schemas:core:2.0:User:name.middleName</ClaimURI>
+				<DisplayName>Name - Middle Name</DisplayName>
+				<AttributeID>middleName</AttributeID>
+				<Description>Middle Name</Description>
+				<DisplayOrder>2</DisplayOrder>
+				<Required />
+				<SupportedByDefault />
+				<MappedLocalClaim>http://wso2.org/claims/middleName</MappedLocalClaim>
+			</Claim>
+			<Claim>
+				<ClaimURI>urn:ietf:params:scim:schemas:core:2.0:User:name.honorificPrefix</ClaimURI>
+				<DisplayName>Name - Honoric Prefix</DisplayName>
+				<AttributeID>honoricPrefix</AttributeID>
+				<Description>Honoric Prefix</Description>
+				<DisplayOrder>2</DisplayOrder>
+				<Required />
+				<SupportedByDefault />
+				<MappedLocalClaim>http://wso2.org/claims/honorificPrefix</MappedLocalClaim>
+			</Claim>
+			<Claim>
+				<ClaimURI>urn:ietf:params:scim:schemas:core:2.0:User:name.honorificSuffix</ClaimURI>
+				<DisplayName>Name - Honoric Suffix</DisplayName>
+				<AttributeID>honoricSuffix</AttributeID>
+				<Description>Honoric Suffix</Description>
+				<DisplayOrder>2</DisplayOrder>
+				<Required />
+				<SupportedByDefault />
+				<MappedLocalClaim>http://wso2.org/claims/honorificSuffix</MappedLocalClaim>
+			</Claim>
+			<Claim>
+				<ClaimURI>urn:ietf:params:scim:schemas:core:2.0:User:displayName</ClaimURI>
+				<DisplayName>Display Name</DisplayName>
+				<AttributeID>displayName</AttributeID>
+				<Description>Display Name</Description>
+				<DisplayOrder>2</DisplayOrder>
+				<Required />
+				<SupportedByDefault />
+				<MappedLocalClaim>http://wso2.org/claims/displayName</MappedLocalClaim>
+			</Claim>
+			<Claim>
+				<ClaimURI>urn:ietf:params:scim:schemas:core:2.0:User:nickName</ClaimURI>
+				<DisplayName>Nick Name</DisplayName>
+				<AttributeID>nickName</AttributeID>
+				<Description>Nick Name</Description>
+				<DisplayOrder>2</DisplayOrder>
+				<Required />
+				<SupportedByDefault />
+				<MappedLocalClaim>http://wso2.org/claims/nickname</MappedLocalClaim>
+			</Claim>
+			<Claim>
+				<ClaimURI>urn:ietf:params:scim:schemas:core:2.0:User:profileUrl</ClaimURI>
+				<DisplayName>Profile URL</DisplayName>
+				<AttributeID>url</AttributeID>
+				<Description>Profile URL</Description>
+				<DisplayOrder>2</DisplayOrder>
+				<Required />
+				<SupportedByDefault />
+				<MappedLocalClaim>http://wso2.org/claims/url</MappedLocalClaim>
+			</Claim>
+			<Claim>
+				<ClaimURI>urn:ietf:params:scim:schemas:core:2.0:User:title</ClaimURI>
+				<DisplayName>Title</DisplayName>
+				<AttributeID>title</AttributeID>
+				<Description>Title</Description>
+				<DisplayOrder>2</DisplayOrder>
+				<Required />
+				<SupportedByDefault />
+				<MappedLocalClaim>http://wso2.org/claims/title</MappedLocalClaim>
+			</Claim>
+			<Claim>
+				<ClaimURI>urn:ietf:params:scim:schemas:core:2.0:User:userType</ClaimURI>
+				<DisplayName>User Type</DisplayName>
+				<AttributeID>userType</AttributeID>
+				<Description>User Type</Description>
+				<DisplayOrder>2</DisplayOrder>
+				<Required />
+				<SupportedByDefault />
+				<MappedLocalClaim>http://wso2.org/claims/userType</MappedLocalClaim>
+			</Claim>
+			<Claim>
+				<ClaimURI>urn:ietf:params:scim:schemas:core:2.0:User:preferredLanguage</ClaimURI>
+				<DisplayName>Preferred Language</DisplayName>
+				<AttributeID>preferredLanguage</AttributeID>
+				<Description>Preferred Language</Description>
+				<DisplayOrder>2</DisplayOrder>
+				<Required />
+				<SupportedByDefault />
+				<MappedLocalClaim>http://wso2.org/claims/preferredLanguage</MappedLocalClaim>
+			</Claim>
+			<Claim>
+				<ClaimURI>urn:ietf:params:scim:schemas:core:2.0:User:locale</ClaimURI>
+				<DisplayName>Locality</DisplayName>
+				<AttributeID>localityName</AttributeID>
+				<Description>Locality</Description>
+				<DisplayOrder>2</DisplayOrder>
+				<Required />
+				<SupportedByDefault />
+				<MappedLocalClaim>http://wso2.org/claims/local</MappedLocalClaim>
+			</Claim>
+			<Claim>
+				<ClaimURI>urn:ietf:params:scim:schemas:core:2.0:User:timezone</ClaimURI>
+				<DisplayName>Time Zone</DisplayName>
+				<AttributeID>timeZone</AttributeID>
+				<Description>Time Zone</Description>
+				<DisplayOrder>2</DisplayOrder>
+				<Required />
+				<SupportedByDefault />
+				<MappedLocalClaim>http://wso2.org/claims/timeZone</MappedLocalClaim>
+			</Claim>
+			<Claim>
+				<ClaimURI>urn:ietf:params:scim:schemas:core:2.0:User:active</ClaimURI>
+				<DisplayName>Active</DisplayName>
+				<AttributeID>active</AttributeID>
+				<Description>Active</Description>
+				<DisplayOrder>2</DisplayOrder>
+				<Required />
+				<SupportedByDefault />
+				<MappedLocalClaim>http://wso2.org/claims/active</MappedLocalClaim>
+			</Claim>
+			<Claim>
+				<ClaimURI>urn:ietf:params:scim:schemas:core:2.0:User:emails.work</ClaimURI>
+				<DisplayName>Emails - Work Email</DisplayName>
+				<AttributeID>workEmail</AttributeID>
+				<Description>Work Email</Description>
+				<DisplayOrder>5</DisplayOrder>
+				<SupportedByDefault />
+				<RegEx>^([a-zA-Z0-9_\.\-])+\@(([a-zA-Z0-9\-])+\.)+([a-zA-Z0-9]{2,4})+$</RegEx>
+				<MappedLocalClaim>http://wso2.org/claims/emails.work</MappedLocalClaim>
+			</Claim>
+			<Claim>
+				<ClaimURI>urn:ietf:params:scim:schemas:core:2.0:User:emails.home</ClaimURI>
+				<DisplayName>Emails - Home Email</DisplayName>
+				<AttributeID>homeEmail</AttributeID>
+				<Description>Home Email</Description>
+				<DisplayOrder>5</DisplayOrder>
+				<SupportedByDefault />
+				<RegEx>^([a-zA-Z0-9_\.\-])+\@(([a-zA-Z0-9\-])+\.)+([a-zA-Z0-9]{2,4})+$</RegEx>
+				<MappedLocalClaim>http://wso2.org/claims/emails.home</MappedLocalClaim>
+			</Claim>
+			<Claim>
+				<ClaimURI>urn:ietf:params:scim:schemas:core:2.0:User:emails.other</ClaimURI>
+				<DisplayName>Emails - Other Email</DisplayName>
+				<AttributeID>otherEmail</AttributeID>
+				<Description>Other Email</Description>
+				<DisplayOrder>5</DisplayOrder>
+				<SupportedByDefault />
+				<RegEx>^([a-zA-Z0-9_\.\-])+\@(([a-zA-Z0-9\-])+\.)+([a-zA-Z0-9]{2,4})+$</RegEx>
+				<MappedLocalClaim>http://wso2.org/claims/emails.other</MappedLocalClaim>
+			</Claim>
+			<Claim>
+				<ClaimURI>urn:ietf:params:scim:schemas:core:2.0:User:phoneNumbers.mobile</ClaimURI>
+				<DisplayName>Phone Numbers - Mobile Number</DisplayName>
+				<AttributeID>mobile</AttributeID>
+				<Description>Mobile Number</Description>
+				<DisplayOrder>5</DisplayOrder>
+				<SupportedByDefault />
+				<RegEx>^([a-zA-Z0-9_\.\-])+\@(([a-zA-Z0-9\-])+\.)+([a-zA-Z0-9]{2,4})+$</RegEx>
+				<MappedLocalClaim>http://wso2.org/claims/mobile</MappedLocalClaim>
+			</Claim>
+			<Claim>
+				<ClaimURI>urn:ietf:params:scim:schemas:core:2.0:User:phoneNumbers.home</ClaimURI>
+				<DisplayName>Phone Numbers - Home Phone Number</DisplayName>
+				<AttributeID>homePhone</AttributeID>
+				<Description>Home Phone</Description>
+				<DisplayOrder>5</DisplayOrder>
+				<SupportedByDefault />
+				<RegEx>^([a-zA-Z0-9_\.\-])+\@(([a-zA-Z0-9\-])+\.)+([a-zA-Z0-9]{2,4})+$</RegEx>
+				<MappedLocalClaim>http://wso2.org/claims/phoneNumbers.home</MappedLocalClaim>
+			</Claim>
+			<Claim>
+				<ClaimURI>urn:ietf:params:scim:schemas:core:2.0:User:phoneNumbers.work</ClaimURI>
+				<DisplayName>Phone Numbers - Work Phone Number</DisplayName>
+				<AttributeID>workPhone</AttributeID>
+				<Description>Work Phone</Description>
+				<DisplayOrder>5</DisplayOrder>
+				<SupportedByDefault />
+				<RegEx>^([a-zA-Z0-9_\.\-])+\@(([a-zA-Z0-9\-])+\.)+([a-zA-Z0-9]{2,4})+$</RegEx>
+				<MappedLocalClaim>http://wso2.org/claims/phoneNumbers.work</MappedLocalClaim>
+			</Claim>
+			<Claim>
+				<ClaimURI>urn:ietf:params:scim:schemas:core:2.0:User:phoneNumbers.other</ClaimURI>
+				<DisplayName>Phone Numbers - Other</DisplayName>
+				<AttributeID>otherPhoneNumber</AttributeID>
+				<Description>Other Phone Number</Description>
+				<DisplayOrder>5</DisplayOrder>
+				<SupportedByDefault />
+				<RegEx>^([a-zA-Z0-9_\.\-])+\@(([a-zA-Z0-9\-])+\.)+([a-zA-Z0-9]{2,4})+$</RegEx>
+				<MappedLocalClaim>http://wso2.org/claims/phoneNumbers.other</MappedLocalClaim>
+			</Claim>
+			<Claim>
+				<ClaimURI>urn:ietf:params:scim:schemas:core:2.0:User:ims.gtalk</ClaimURI>
+				<DisplayName>IM - Gtalk</DisplayName>
+				<AttributeID>imGtalk</AttributeID>
+				<Description>IM - Gtalk</Description>
+				<DisplayOrder>5</DisplayOrder>
+				<SupportedByDefault />
+				<MappedLocalClaim>http://wso2.org/claims/gtalk</MappedLocalClaim>
+			</Claim>
+			<Claim>
+				<ClaimURI>urn:ietf:params:scim:schemas:core:2.0:User:ims.skype</ClaimURI>
+				<DisplayName>IM - Skype</DisplayName>
+				<AttributeID>imSkype</AttributeID>
+				<Description>IM - Skype</Description>
+				<DisplayOrder>5</DisplayOrder>
+				<SupportedByDefault />
+				<MappedLocalClaim>http://wso2.org/claims/skype</MappedLocalClaim>
+			</Claim>
+			<Claim>
+				<ClaimURI>urn:ietf:params:scim:schemas:core:2.0:User:photos.photo</ClaimURI>
+				<DisplayName>Photo</DisplayName>
+				<AttributeID>photoUrl</AttributeID>
+				<Description>Photo</Description>
+				<DisplayOrder>5</DisplayOrder>
+				<SupportedByDefault />
+				<MappedLocalClaim>http://wso2.org/claims/photourl</MappedLocalClaim>
+			</Claim>
+			<Claim>
+				<ClaimURI>urn:ietf:params:scim:schemas:core:2.0:User:photos.thumbnail</ClaimURI>
+				<DisplayName>Photo - Thumbnail</DisplayName>
+				<AttributeID>thumbnail</AttributeID>
+				<Description>Photo - Thumbnail</Description>
+				<DisplayOrder>5</DisplayOrder>
+				<SupportedByDefault />
+				<MappedLocalClaim>http://wso2.org/claims/thumbnail</MappedLocalClaim>
+			</Claim>
+			<Claim>
+				<ClaimURI>urn:ietf:params:scim:schemas:core:2.0:User:addresses.home</ClaimURI>
+				<DisplayName>Address - Home</DisplayName>
+				<AttributeID>localityAddress</AttributeID>
+				<Description>Address - Home</Description>
+				<DisplayOrder>5</DisplayOrder>
+				<SupportedByDefault />
+				<MappedLocalClaim>http://wso2.org/claims/addresses.locality</MappedLocalClaim>
+			</Claim>
+			<Claim>
+				<ClaimURI>urn:ietf:params:scim:schemas:core:2.0:User:addresses.work</ClaimURI>
+				<DisplayName>Address - Work</DisplayName>
+				<AttributeID>region</AttributeID>
+				<Description>Address - Work</Description>
+				<DisplayOrder>5</DisplayOrder>
+				<SupportedByDefault />
+				<MappedLocalClaim>http://wso2.org/claims/region</MappedLocalClaim>
+			</Claim>
+			<Claim>
+				<ClaimURI>urn:ietf:params:scim:schemas:core:2.0:User:groups</ClaimURI>
+				<DisplayName>Groups</DisplayName>
+				<AttributeID>groups</AttributeID>
+				<Description>Groups</Description>
+				<DisplayOrder>5</DisplayOrder>
+				<SupportedByDefault />
+				<MappedLocalClaim>http://wso2.org/claims/groups</MappedLocalClaim>
+			</Claim>
+			<Claim>
+				<ClaimURI>urn:ietf:params:scim:schemas:core:2.0:User:entitlements.default</ClaimURI>
+				<DisplayName>Entitlements</DisplayName>
+				<AttributeID>entitlements</AttributeID>
+				<Description>Entitlements</Description>
+				<DisplayOrder>5</DisplayOrder>
+				<SupportedByDefault />
+				<MappedLocalClaim>http://wso2.org/claims/entitlements</MappedLocalClaim>
+			</Claim>
+			<Claim>
+				<ClaimURI>urn:ietf:params:scim:schemas:core:2.0:User:roles.default</ClaimURI>
+				<DisplayName>Roles</DisplayName>
+				<AttributeID>roles</AttributeID>
+				<Description>Roles</Description>
+				<DisplayOrder>5</DisplayOrder>
+				<SupportedByDefault />
+				<MappedLocalClaim>http://wso2.org/claims/role</MappedLocalClaim>
+			</Claim>
+			<Claim>
+				<ClaimURI>urn:ietf:params:scim:schemas:core:2.0:User:x509Certificates.default</ClaimURI>
+				<DisplayName>X509Certificates</DisplayName>
+				<AttributeID>x509Certificates</AttributeID>
+				<Description>X509Certificates</Description>
+				<DisplayOrder>5</DisplayOrder>
+				<SupportedByDefault />
+				<MappedLocalClaim>http://wso2.org/claims/x509Certificates</MappedLocalClaim>
+			</Claim>
+		</Dialect>
+		<Dialect dialectURI="urn:ietf:params:scim:schemas:extension:enterprise:2.0:User">
+			<Claim>
+				<ClaimURI>urn:ietf:params:scim:schemas:extension:enterprise:2.0:User:employeeNumber</ClaimURI>
+				<DisplayName>employeeNumber</DisplayName>
+				<AttributeID>externalId</AttributeID>
+				<Description>employeeNumber</Description>
+				<Required />
+				<DisplayOrder>1</DisplayOrder>
+				<SupportedByDefault />
+				<MappedLocalClaim>http://wso2.org/claims/externalid</MappedLocalClaim>
+			</Claim>
+			<Claim>
+				<ClaimURI>urn:ietf:params:scim:schemas:extension:enterprise:2.0:User:costCenter</ClaimURI>
+				<DisplayName>oneTimePassword</DisplayName>
+				<AttributeID>userType</AttributeID>
+				<Description>costCenter</Description>
+				<Required />
+				<DisplayOrder>1</DisplayOrder>
+				<SupportedByDefault />
+				<MappedLocalClaim>http://wso2.org/claims/userType</MappedLocalClaim>
+			</Claim>
+			<Claim>
+				<ClaimURI>urn:ietf:params:scim:schemas:extension:enterprise:2.0:User:organization</ClaimURI>
+				<DisplayName>Organization -division</DisplayName>
+				<AttributeID>organizationName</AttributeID>
+				<Description>Organization -division</Description>
+				<Required />
+				<DisplayOrder>1</DisplayOrder>
+				<SupportedByDefault />
+				<MappedLocalClaim>http://wso2.org/claims/organization</MappedLocalClaim>
+			</Claim>
+			<Claim>
+				<ClaimURI>urn:ietf:params:scim:schemas:extension:enterprise:2.0:User:department</ClaimURI>
+				<DisplayName>Organization -department</DisplayName>
+				<AttributeID>departmentNumber</AttributeID>
+				<Description>Organization -department</Description>
+				<Required />
+				<DisplayOrder>1</DisplayOrder>
+				<SupportedByDefault />
+				<MappedLocalClaim>http://wso2.org/claims/department</MappedLocalClaim>
+			</Claim>
+			<Claim>
+				<ClaimURI>urn:ietf:params:scim:schemas:extension:enterprise:2.0:User:division</ClaimURI>
+				<DisplayName>Manager - home</DisplayName>
+				<AttributeID>stateorprovince</AttributeID>
+				<Description>Manager - home</Description>
+				<Required />
+				<DisplayOrder>1</DisplayOrder>
+				<SupportedByDefault />
+				<MappedLocalClaim>http://wso2.org/claims/stateorprovince</MappedLocalClaim>
+			</Claim>
+			<Claim>
+				<ClaimURI>urn:ietf:params:scim:schemas:extension:enterprise:2.0:User:manager.value</ClaimURI>
+				<DisplayName>Manager - home</DisplayName>
+				<AttributeID>gender</AttributeID>
+				<Description>Manager - home</Description>
+				<Required />
+				<DisplayOrder>1</DisplayOrder>
+				<SupportedByDefault />
+				<MappedLocalClaim>http://wso2.org/claims/gender</MappedLocalClaim>
+			</Claim>
+			<Claim>
+				<ClaimURI>urn:ietf:params:scim:schemas:extension:enterprise:2.0:User:manager.$ref</ClaimURI>
+				<DisplayName>Manager - home</DisplayName>
+				<AttributeID>ref</AttributeID>
+				<Description>Manager - home</Description>
+				<Required />
+				<DisplayOrder>1</DisplayOrder>
+				<SupportedByDefault />
+				<MappedLocalClaim>http://wso2.org/claims/resourceType</MappedLocalClaim>
+			</Claim>
+			<Claim>
+				<ClaimURI>urn:ietf:params:scim:schemas:extension:enterprise:2.0:User:manager.displayName</ClaimURI>
+				<DisplayName>Manager - home</DisplayName>
+				<AttributeID>displayName</AttributeID>
+				<Description>Manager - home</Description>
+				<Required />
+				<DisplayOrder>1</DisplayOrder>
+				<SupportedByDefault />
+				<MappedLocalClaim>http://wso2.org/claims/displayName</MappedLocalClaim>
+			</Claim>
+			<Claim>
+				<ClaimURI>urn:ietf:params:scim:schemas:extension:enterprise:2.0:User:askPassword</ClaimURI>
+				<DisplayName>Ask Password</DisplayName>
+				<AttributeID>askPassword</AttributeID>
+				<Description>Temporary claim to invoke email ask Password feature</Description>
+				<Required />
+				<DisplayOrder>1</DisplayOrder>
+				<SupportedByDefault />
+				<MappedLocalClaim>http://wso2.org/claims/identity/askPassword</MappedLocalClaim>
+			</Claim>
+			<Claim>
+				<ClaimURI>urn:ietf:params:scim:schemas:extension:enterprise:2.0:User:verifyEmail</ClaimURI>
+				<DisplayName>Verify Email</DisplayName>
+				<AttributeID>verifyEmail</AttributeID>
+				<Description>Temporary claim to invoke email verified feature</Description>
+				<Required />
+				<DisplayOrder>1</DisplayOrder>
+				<SupportedByDefault />
+				<MappedLocalClaim>http://wso2.org/claims/identity/verifyEmail</MappedLocalClaim>
+			</Claim>
+		</Dialect>
+	</Dialects>
+</ClaimConfig>
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/identity/db2.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/identity/db2.sql
new file mode 100644
index 00000000..067680c4
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/identity/db2.sql
@@ -0,0 +1,17 @@
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD USER_ACCESS_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600000
+/
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD APP_ACCESS_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600000
+/
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD REFRESH_TOKEN_EXPIRE_TIME BIGINT DEFAULT 84600000
+/
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ALTER COLUMN ACCESS_TOKEN SET DATA TYPE VARCHAR(512)
+/
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ALTER COLUMN REFRESH_TOKEN SET DATA TYPE VARCHAR(512)
+/
+CREATE TABLE IDN_OAUTH2_SCOPE_BINDING (
+            SCOPE_ID INTEGER NOT NULL,
+            SCOPE_BINDING VARCHAR(255),
+            FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE(SCOPE_ID) ON DELETE CASCADE)
+/
+ALTER TABLE IDN_IDENTITY_USER_DATA ALTER COLUMN DATA_VALUE SET DATA TYPE VARCHAR(2048)
+/
\ No newline at end of file
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/identity/h2.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/identity/h2.sql
new file mode 100644
index 00000000..f4d77942
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/identity/h2.sql
@@ -0,0 +1,14 @@
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD USER_ACCESS_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600000;
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD APP_ACCESS_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600000;
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD REFRESH_TOKEN_EXPIRE_TIME BIGINT DEFAULT 84600000;
+
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN MODIFY ACCESS_TOKEN VARCHAR(512);
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN MODIFY REFRESH_TOKEN VARCHAR(512);
+
+CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE_BINDING (
+            SCOPE_ID INTEGER NOT NULL,
+            SCOPE_BINDING VARCHAR(255),
+            FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE(SCOPE_ID) ON DELETE CASCADE
+);
+
+ALTER TABLE IDN_IDENTITY_USER_DATA MODIFY DATA_VALUE VARCHAR(2048);
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/identity/mssql.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/identity/mssql.sql
new file mode 100644
index 00000000..db39706a
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/identity/mssql.sql
@@ -0,0 +1,15 @@
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD USER_ACCESS_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600000;
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD APP_ACCESS_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600000;
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD REFRESH_TOKEN_EXPIRE_TIME BIGINT DEFAULT 84600000;
+
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ALTER COLUMN ACCESS_TOKEN VARCHAR(512);
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ALTER COLUMN REFRESH_TOKEN VARCHAR(512);
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_OAUTH2_SCOPE_BINDING]') AND TYPE IN (N'U'))
+CREATE TABLE IDN_OAUTH2_SCOPE_BINDING (
+  SCOPE_ID INTEGER NOT NULL,
+  SCOPE_BINDING VARCHAR(255),
+  FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE(SCOPE_ID) ON DELETE CASCADE
+);
+
+ALTER TABLE IDN_IDENTITY_USER_DATA ALTER COLUMN DATA_VALUE VARCHAR(2048);
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/identity/mysql.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/identity/mysql.sql
new file mode 100644
index 00000000..93a582e8
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/identity/mysql.sql
@@ -0,0 +1,14 @@
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD USER_ACCESS_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600000;
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD APP_ACCESS_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600000;
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD REFRESH_TOKEN_EXPIRE_TIME BIGINT DEFAULT 84600000;
+
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN MODIFY ACCESS_TOKEN VARCHAR(512);
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN MODIFY REFRESH_TOKEN VARCHAR(512);
+
+CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE_BINDING (
+            SCOPE_ID INTEGER NOT NULL,
+            SCOPE_BINDING VARCHAR(255),
+            FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE(SCOPE_ID) ON DELETE CASCADE
+)ENGINE INNODB;
+
+ALTER TABLE IDN_IDENTITY_USER_DATA MODIFY DATA_VALUE VARCHAR(2048);
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/identity/mysql5.7.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/identity/mysql5.7.sql
new file mode 100644
index 00000000..93a582e8
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/identity/mysql5.7.sql
@@ -0,0 +1,14 @@
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD USER_ACCESS_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600000;
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD APP_ACCESS_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600000;
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD REFRESH_TOKEN_EXPIRE_TIME BIGINT DEFAULT 84600000;
+
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN MODIFY ACCESS_TOKEN VARCHAR(512);
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN MODIFY REFRESH_TOKEN VARCHAR(512);
+
+CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE_BINDING (
+            SCOPE_ID INTEGER NOT NULL,
+            SCOPE_BINDING VARCHAR(255),
+            FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE(SCOPE_ID) ON DELETE CASCADE
+)ENGINE INNODB;
+
+ALTER TABLE IDN_IDENTITY_USER_DATA MODIFY DATA_VALUE VARCHAR(2048);
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/identity/oracle.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/identity/oracle.sql
new file mode 100644
index 00000000..22c03e3f
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/identity/oracle.sql
@@ -0,0 +1,24 @@
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD USER_ACCESS_TOKEN_EXPIRE_TIME NUMBER(19) DEFAULT 3600000
+/
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD APP_ACCESS_TOKEN_EXPIRE_TIME NUMBER(19) DEFAULT 3600000
+/
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD REFRESH_TOKEN_EXPIRE_TIME NUMBER(19) DEFAULT 84600000
+/
+
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN MODIFY ACCESS_TOKEN VARCHAR(512)
+/
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN MODIFY REFRESH_TOKEN VARCHAR(512)
+/
+
+CREATE TABLE IDN_OAUTH2_SCOPE_BINDING (
+  SCOPE_ID INTEGER NOT NULL,
+  SCOPE_BINDING VARCHAR2(255),
+  FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE(SCOPE_ID) ON DELETE CASCADE)
+/
+
+
+ALTER TABLE IDN_IDENTITY_USER_DATA MODIFY DATA_VALUE VARCHAR(2048)
+/
+
+DELETE FROM IDN_CLAIM WHERE CLAIM_URI = 'urn:scim:schemas:core:1.0:roles'
+/
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/identity/postgresql.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/identity/postgresql.sql
new file mode 100644
index 00000000..f9203ee4
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/identity/postgresql.sql
@@ -0,0 +1,14 @@
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD USER_ACCESS_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600000;
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD APP_ACCESS_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600000;
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD REFRESH_TOKEN_EXPIRE_TIME BIGINT DEFAULT 84600000;
+
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ALTER COLUMN ACCESS_TOKEN TYPE VARCHAR(512);
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ALTER COLUMN REFRESH_TOKEN TYPE VARCHAR(512);
+
+CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE_BINDING (
+            SCOPE_ID INTEGER NOT NULL,
+            SCOPE_BINDING VARCHAR(255),
+            FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE(SCOPE_ID) ON DELETE CASCADE
+);
+
+ALTER TABLE IDN_IDENTITY_USER_DATA ALTER COLUMN DATA_VALUE TYPE VARCHAR(2048);
\ No newline at end of file
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/um/db2.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/um/db2.sql
new file mode 100644
index 00000000..e4067b01
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/um/db2.sql
@@ -0,0 +1,5 @@
+ALTER TABLE UM_PERMISSION ADD CONSTRAINT RES_ACT_TENANT_CONSTRAINT UNIQUE (UM_RESOURCE_ID,UM_ACTION,UM_TENANT_ID)
+/
+
+CREATE INDEX SYSTEM_ROLE_IND_BY_RN_TI ON UM_SYSTEM_ROLE(UM_ROLE_NAME, UM_TENANT_ID)
+/
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/um/h2.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/um/h2.sql
new file mode 100644
index 00000000..0b50b62b
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/um/h2.sql
@@ -0,0 +1,3 @@
+ALTER TABLE UM_PERMISSION ADD CONSTRAINT RES_ACT_TENANT_CONSTRAINT UNIQUE (UM_RESOURCE_ID,UM_ACTION,UM_TENANT_ID);
+
+CREATE INDEX IF NOT EXISTS SYSTEM_ROLE_IND_BY_RN_TI ON UM_SYSTEM_ROLE(UM_ROLE_NAME, UM_TENANT_ID);
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/um/mssql.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/um/mssql.sql
new file mode 100644
index 00000000..c9645d83
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/um/mssql.sql
@@ -0,0 +1,3 @@
+ALTER TABLE UM_PERMISSION ADD CONSTRAINT RES_ACT_TENANT_CONSTRAINT UNIQUE (UM_RESOURCE_ID,UM_ACTION,UM_TENANT_ID);
+
+CREATE INDEX SYSTEM_ROLE_IND_BY_RN_TI ON UM_SYSTEM_ROLE(UM_ROLE_NAME, UM_TENANT_ID);
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/um/mysql.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/um/mysql.sql
new file mode 100644
index 00000000..c9645d83
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/um/mysql.sql
@@ -0,0 +1,3 @@
+ALTER TABLE UM_PERMISSION ADD CONSTRAINT RES_ACT_TENANT_CONSTRAINT UNIQUE (UM_RESOURCE_ID,UM_ACTION,UM_TENANT_ID);
+
+CREATE INDEX SYSTEM_ROLE_IND_BY_RN_TI ON UM_SYSTEM_ROLE(UM_ROLE_NAME, UM_TENANT_ID);
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/um/mysql5.7.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/um/mysql5.7.sql
new file mode 100644
index 00000000..c9645d83
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/um/mysql5.7.sql
@@ -0,0 +1,3 @@
+ALTER TABLE UM_PERMISSION ADD CONSTRAINT RES_ACT_TENANT_CONSTRAINT UNIQUE (UM_RESOURCE_ID,UM_ACTION,UM_TENANT_ID);
+
+CREATE INDEX SYSTEM_ROLE_IND_BY_RN_TI ON UM_SYSTEM_ROLE(UM_ROLE_NAME, UM_TENANT_ID);
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/um/oracle.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/um/oracle.sql
new file mode 100644
index 00000000..f4167597
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/um/oracle.sql
@@ -0,0 +1,5 @@
+ALTER TABLE UM_PERMISSION ADD CONSTRAINT RES_ACT_TENANT_CONSTRAINT UNIQUE (UM_RESOURCE_ID,UM_ACTION,UM_TENANT_ID)
+/
+
+CREATE INDEX SYSTEM_ROLE_IND_BY_RN_TI ON UM_SYSTEM_ROLE(UM_ROLE_NAME, UM_TENANT_ID)
+/
\ No newline at end of file
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/um/postgresql.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/um/postgresql.sql
new file mode 100644
index 00000000..c9645d83
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/um/postgresql.sql
@@ -0,0 +1,3 @@
+ALTER TABLE UM_PERMISSION ADD CONSTRAINT RES_ACT_TENANT_CONSTRAINT UNIQUE (UM_RESOURCE_ID,UM_ACTION,UM_TENANT_ID);
+
+CREATE INDEX SYSTEM_ROLE_IND_BY_RN_TI ON UM_SYSTEM_ROLE(UM_ROLE_NAME, UM_TENANT_ID);
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step2/identity/db2.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step2/identity/db2.sql
new file mode 100644
index 00000000..ede38f3c
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step2/identity/db2.sql
@@ -0,0 +1,23 @@
+ALTER TABLE IDN_OAUTH2_SCOPE RENAME COLUMN NAME TO DISPLAY_NAME
+/
+ALTER TABLE IDN_OAUTH2_SCOPE RENAME COLUMN SCOPE_KEY TO NAME
+/
+ALTER TABLE IDN_OAUTH2_SCOPE DROP COLUMN ROLES
+/
+UPDATE IDN_OAUTH2_SCOPE SET TENANT_ID = -1 WHERE TENANT_ID = 0
+/
+ALTER TABLE IDN_OAUTH2_SCOPE ALTER COLUMN TENANT_ID SET DEFAULT -1
+/
+CREATE UNIQUE INDEX SCOPE_INDEX ON IDN_OAUTH2_SCOPE (NAME, TENANT_ID)
+/
+BEGIN
+ DECLARE const_name VARCHAR(128);
+ DECLARE STMT VARCHAR(200);
+ select CONSTNAME into const_name from SYSCAT.TABCONST WHERE TABNAME='IDN_OAUTH2_RESOURCE_SCOPE' AND TYPE = 'F';
+ SET STMT = 'ALTER TABLE IDN_OAUTH2_RESOURCE_SCOPE DROP FOREIGN KEY ' ||  const_name;
+ PREPARE S1 FROM STMT;
+ EXECUTE S1;
+END
+/
+ALTER TABLE IDN_OAUTH2_RESOURCE_SCOPE ADD CONSTRAINT IDN_OAUTH2_RESOURCE_SCOPE_F1 FOREIGN KEY(SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE(SCOPE_ID) ON DELETE CASCADE
+/
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step2/identity/h2.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step2/identity/h2.sql
new file mode 100644
index 00000000..196d42d4
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step2/identity/h2.sql
@@ -0,0 +1,16 @@
+ALTER TABLE IDN_OAUTH2_SCOPE MODIFY SCOPE_ID INTEGER NOT NULL AUTO_INCREMENT;
+ALTER TABLE IDN_OAUTH2_SCOPE ALTER COLUMN NAME RENAME TO DISPLAY_NAME;
+ALTER TABLE IDN_OAUTH2_SCOPE ALTER COLUMN SCOPE_KEY RENAME TO NAME;
+ALTER TABLE IDN_OAUTH2_SCOPE MODIFY NAME VARCHAR(255) NOT NULL;
+ALTER TABLE IDN_OAUTH2_SCOPE MODIFY DISPLAY_NAME VARCHAR(255) NOT NULL;
+ALTER TABLE IDN_OAUTH2_SCOPE DROP COLUMN ROLES;
+UPDATE IDN_OAUTH2_SCOPE SET TENANT_ID = -1 WHERE TENANT_ID = 0;
+ALTER TABLE IDN_OAUTH2_SCOPE MODIFY TENANT_ID INTEGER NOT NULL DEFAULT -1;
+CREATE UNIQUE INDEX SCOPE_INDEX ON IDN_OAUTH2_SCOPE (NAME, TENANT_ID);
+
+CREATE ALIAS IF NOT EXISTS DROP_FK AS $$ void executeSql(Connection conn, String sql) throws SQLException { conn.createStatement().executeUpdate(sql); } $$;
+
+CALL DROP_FK('ALTER TABLE IDN_OAUTH2_RESOURCE_SCOPE DROP CONSTRAINT ' || (SELECT CONSTRAINT_NAME FROM INFORMATION_SCHEMA.CONSTRAINTS WHERE TABLE_NAME = 'IDN_OAUTH2_RESOURCE_SCOPE' AND COLUMN_LIST  = 'SCOPE_ID'));
+
+ALTER TABLE IDN_OAUTH2_RESOURCE_SCOPE MODIFY SCOPE_ID INTEGER NOT NULL;
+ALTER TABLE IDN_OAUTH2_RESOURCE_SCOPE ADD FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE(SCOPE_ID) ON DELETE CASCADE;
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step2/identity/mssql.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step2/identity/mssql.sql
new file mode 100644
index 00000000..aea9f02f
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step2/identity/mssql.sql
@@ -0,0 +1,28 @@
+sp_rename 'IDN_OAUTH2_SCOPE.NAME', 'DISPLAY_NAME', 'COLUMN';
+sp_rename 'IDN_OAUTH2_SCOPE.SCOPE_KEY', 'NAME', 'COLUMN';
+ALTER TABLE IDN_OAUTH2_SCOPE ALTER COLUMN NAME VARCHAR(255) NOT NULL;
+ALTER TABLE IDN_OAUTH2_SCOPE ALTER COLUMN DISPLAY_NAME VARCHAR(255) NOT NULL;
+ALTER TABLE IDN_OAUTH2_SCOPE DROP COLUMN ROLES;
+UPDATE IDN_OAUTH2_SCOPE SET TENANT_ID = -1 WHERE TENANT_ID = 0;
+CREATE UNIQUE INDEX SCOPE_INDEX ON IDN_OAUTH2_SCOPE (NAME, TENANT_ID);
+
+DECLARE @Command NVARCHAR(max), @ConstaintName NVARCHAR(max), @TableName NVARCHAR(max),@ColumnName NVARCHAR(max)
+SET @TableName = 'IDN_OAUTH2_SCOPE'
+SET @ColumnName ='TENANT_ID'
+SELECT @ConstaintName = name
+    FROM sys.default_constraints
+    WHERE parent_object_id = object_id(@TableName)
+
+SELECT @Command = 'ALTER TABLE '+@TableName+' drop constraint '+ @ConstaintName
+
+IF @Command IS NOT NULL
+BEGIN
+    EXECUTE sp_executeSQL @Command
+    SELECT @Command = 'ALTER TABLE '+@TableName+' ADD CONSTRAINT '+@ConstaintName+' DEFAULT -1 FOR ' + @ColumnName
+    EXECUTE sp_executeSQL @Command
+END
+
+DECLARE @COMMAND1 NVARCHAR(200);SELECT TOP 1 @COMMAND1= 'ALTER TABLE IDN_OAUTH2_RESOURCE_SCOPE DROP CONSTRAINT ' + RC.CONSTRAINT_NAME + ';' FROM INFORMATION_SCHEMA.REFERENTIAL_CONSTRAINTS RC JOIN INFORMATION_SCHEMA.KEY_COLUMN_USAGE KF ON RC.CONSTRAINT_NAME = KF.CONSTRAINT_NAME JOIN INFORMATION_SCHEMA.KEY_COLUMN_USAGE KP ON RC.UNIQUE_CONSTRAINT_NAME = KP.CONSTRAINT_NAME WHERE KF.TABLE_NAME = 'IDN_OAUTH2_RESOURCE_SCOPE' AND KP.TABLE_NAME='IDN_OAUTH2_SCOPE';EXEC (@COMMAND1);
+
+ALTER TABLE IDN_OAUTH2_RESOURCE_SCOPE ALTER COLUMN SCOPE_ID INTEGER NOT NULL;
+ALTER TABLE IDN_OAUTH2_RESOURCE_SCOPE ADD FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE(SCOPE_ID) ON DELETE CASCADE;
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step2/identity/mysql.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step2/identity/mysql.sql
new file mode 100644
index 00000000..eae5def0
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step2/identity/mysql.sql
@@ -0,0 +1,21 @@
+ALTER TABLE IDN_OAUTH2_SCOPE MODIFY SCOPE_ID INTEGER NOT NULL AUTO_INCREMENT;
+ALTER TABLE IDN_OAUTH2_SCOPE CHANGE COLUMN `NAME` `DISPLAY_NAME` VARCHAR(255) NOT NULL;
+ALTER TABLE IDN_OAUTH2_SCOPE CHANGE COLUMN `SCOPE_KEY` `NAME` VARCHAR(255) NOT NULL;
+ALTER TABLE IDN_OAUTH2_SCOPE DROP COLUMN ROLES;
+UPDATE IDN_OAUTH2_SCOPE SET TENANT_ID = -1 WHERE TENANT_ID = 0;
+ALTER TABLE IDN_OAUTH2_SCOPE MODIFY TENANT_ID INTEGER NOT NULL DEFAULT -1;
+-- CREATE UNIQUE INDEX SCOPE_INDEX ON IDN_OAUTH2_SCOPE (NAME, TENANT_ID);
+
+SELECT CONCAT("ALTER TABLE IDN_OAUTH2_RESOURCE_SCOPE DROP FOREIGN KEY ",CONSTRAINT_NAME)
+INTO @sqlst
+FROM INFORMATION_SCHEMA.KEY_COLUMN_USAGE
+WHERE TABLE_SCHEMA = DATABASE() AND TABLE_NAME = "IDN_OAUTH2_RESOURCE_SCOPE"
+AND REFERENCED_TABLE_NAME = "IDN_OAUTH2_SCOPE" AND REFERENCED_COLUMN_NAME = "SCOPE_ID" ;
+
+PREPARE stmt FROM @sqlst;
+EXECUTE stmt;
+DEALLOCATE PREPARE stmt;
+SET @sqlstr = NULL;
+
+ALTER TABLE IDN_OAUTH2_RESOURCE_SCOPE MODIFY SCOPE_ID INTEGER NOT NULL;
+ALTER TABLE IDN_OAUTH2_RESOURCE_SCOPE ADD FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE(SCOPE_ID) ON DELETE CASCADE;
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step2/identity/mysql5.7.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step2/identity/mysql5.7.sql
new file mode 100644
index 00000000..6ebcdfd6
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step2/identity/mysql5.7.sql
@@ -0,0 +1,21 @@
+ALTER TABLE IDN_OAUTH2_SCOPE MODIFY SCOPE_ID INTEGER NOT NULL AUTO_INCREMENT;
+ALTER TABLE IDN_OAUTH2_SCOPE CHANGE COLUMN `NAME` `DISPLAY_NAME` VARCHAR(255) NOT NULL;
+ALTER TABLE IDN_OAUTH2_SCOPE CHANGE COLUMN `SCOPE_KEY` `NAME` VARCHAR(255) NOT NULL;
+ALTER TABLE IDN_OAUTH2_SCOPE DROP COLUMN ROLES;
+UPDATE IDN_OAUTH2_SCOPE SET TENANT_ID = -1 WHERE TENANT_ID = 0;
+ALTER TABLE IDN_OAUTH2_SCOPE MODIFY TENANT_ID INTEGER NOT NULL DEFAULT -1;
+CREATE UNIQUE INDEX SCOPE_INDEX ON IDN_OAUTH2_SCOPE (NAME, TENANT_ID);
+
+SELECT CONCAT("ALTER TABLE IDN_OAUTH2_RESOURCE_SCOPE DROP FOREIGN KEY ",CONSTRAINT_NAME)
+INTO @sqlst
+FROM INFORMATION_SCHEMA.KEY_COLUMN_USAGE
+WHERE TABLE_SCHEMA = DATABASE() AND TABLE_NAME = "IDN_OAUTH2_RESOURCE_SCOPE"
+AND REFERENCED_TABLE_NAME = "IDN_OAUTH2_SCOPE" AND REFERENCED_COLUMN_NAME = "SCOPE_ID" ;
+
+PREPARE stmt FROM @sqlst;
+EXECUTE stmt;
+DEALLOCATE PREPARE stmt;
+SET @sqlstr = NULL;
+
+ALTER TABLE IDN_OAUTH2_RESOURCE_SCOPE MODIFY SCOPE_ID INTEGER NOT NULL;
+ALTER TABLE IDN_OAUTH2_RESOURCE_SCOPE ADD FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE(SCOPE_ID) ON DELETE CASCADE;
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step2/identity/oracle.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step2/identity/oracle.sql
new file mode 100644
index 00000000..cade8aff
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step2/identity/oracle.sql
@@ -0,0 +1,62 @@
+ALTER TABLE IDN_OAUTH2_SCOPE
+  MODIFY SCOPE_ID INTEGER NOT NULL
+/
+ALTER TABLE IDN_OAUTH2_SCOPE
+  RENAME COLUMN NAME TO DISPLAY_NAME
+/
+ALTER TABLE IDN_OAUTH2_SCOPE
+  RENAME COLUMN SCOPE_KEY TO NAME
+/
+ALTER TABLE IDN_OAUTH2_SCOPE
+  DROP COLUMN ROLES
+/
+UPDATE IDN_OAUTH2_SCOPE
+SET TENANT_ID = -1
+WHERE TENANT_ID = 0
+/
+ALTER TABLE IDN_OAUTH2_SCOPE
+  MODIFY TENANT_ID INTEGER DEFAULT -1
+/
+CREATE UNIQUE INDEX SCOPE_INDEX
+  ON IDN_OAUTH2_SCOPE (NAME, TENANT_ID)
+/
+
+DECLARE
+  con_name     VARCHAR2(100);
+  command      VARCHAR2(200);
+  databasename VARCHAR2(100);
+BEGIN
+
+  SELECT sys_context('userenv', 'current_schema')
+  INTO databasename
+  FROM dual;
+
+  BEGIN
+    SELECT a.constraint_name
+    INTO con_name
+    FROM all_cons_columns a
+      JOIN all_constraints c ON a.owner = c.owner AND a.constraint_name = c.constraint_name
+      JOIN all_constraints c_pk ON c.r_owner = c_pk.owner AND c.r_constraint_name = c_pk.constraint_name
+    WHERE
+      c.constraint_type = 'R' AND a.table_name = 'IDN_OAUTH2_RESOURCE_SCOPE' AND UPPER(a.OWNER) = UPPER(databasename)
+      AND c_pk.table_name = 'IDN_OAUTH2_SCOPE' AND ROWNUM < 2;
+
+    IF TRIM(con_name) IS NOT NULL
+    THEN
+      command := 'ALTER TABLE IDN_OAUTH2_RESOURCE_SCOPE DROP CONSTRAINT ' || con_name;
+      dbms_output.Put_line(command);
+      EXECUTE IMMEDIATE command;
+    END IF;
+
+    EXCEPTION
+    WHEN NO_DATA_FOUND
+    THEN
+    dbms_output.Put_line('Foreign key not found');
+  END;
+
+END;
+/
+
+ALTER TABLE IDN_OAUTH2_RESOURCE_SCOPE
+  ADD FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE (SCOPE_ID) ON DELETE CASCADE
+/
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step2/identity/postgresql.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step2/identity/postgresql.sql
new file mode 100644
index 00000000..3e3ccf93
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step2/identity/postgresql.sql
@@ -0,0 +1,18 @@
+ALTER TABLE IDN_OAUTH2_SCOPE RENAME NAME TO DISPLAY_NAME;
+ALTER TABLE IDN_OAUTH2_SCOPE RENAME SCOPE_KEY TO NAME;
+ALTER TABLE IDN_OAUTH2_SCOPE ALTER COLUMN NAME TYPE VARCHAR(255);
+ALTER TABLE IDN_OAUTH2_SCOPE ALTER COLUMN NAME SET NOT NULL;
+ALTER TABLE IDN_OAUTH2_SCOPE ALTER COLUMN DISPLAY_NAME TYPE VARCHAR(255);
+ALTER TABLE IDN_OAUTH2_SCOPE ALTER COLUMN DISPLAY_NAME SET NOT NULL;
+ALTER TABLE IDN_OAUTH2_SCOPE DROP COLUMN ROLES;
+UPDATE IDN_OAUTH2_SCOPE SET TENANT_ID = -1 WHERE TENANT_ID = 0;
+ALTER TABLE IDN_OAUTH2_SCOPE ALTER COLUMN TENANT_ID TYPE INTEGER;
+ALTER TABLE IDN_OAUTH2_SCOPE ALTER COLUMN TENANT_ID SET NOT NULL;
+ALTER TABLE IDN_OAUTH2_SCOPE ALTER COLUMN TENANT_ID SET DEFAULT -1;
+CREATE UNIQUE INDEX SCOPE_INDEX ON IDN_OAUTH2_SCOPE (NAME, TENANT_ID);
+
+DO $$ DECLARE con_name varchar(200); BEGIN SELECT 'ALTER TABLE idn_oauth2_resource_scope DROP CONSTRAINT ' || tc .constraint_name || ';' INTO con_name FROM information_schema.table_constraints AS tc JOIN information_schema.key_column_usage AS kcu ON tc.constraint_name = kcu.constraint_name JOIN information_schema.constraint_column_usage AS ccu ON ccu.constraint_name = tc.constraint_name WHERE constraint_type = 'FOREIGN KEY' AND tc.table_name = 'idn_oauth2_resource_scope' AND ccu.table_name='idn_oauth2_scope' LIMIT 1; EXECUTE con_name; END $$;
+
+ALTER TABLE IDN_OAUTH2_RESOURCE_SCOPE ALTER COLUMN SCOPE_ID TYPE INTEGER;
+ALTER TABLE IDN_OAUTH2_RESOURCE_SCOPE ALTER COLUMN SCOPE_ID SET NOT NULL;
+ALTER TABLE IDN_OAUTH2_RESOURCE_SCOPE ADD FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE(SCOPE_ID) ON DELETE CASCADE;
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/consent/db2.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/consent/db2.sql
new file mode 100644
index 00000000..8e7a9159
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/consent/db2.sql
@@ -0,0 +1,195 @@
+CREATE TABLE CM_PII_CATEGORY (
+  ID           INTEGER NOT NULL ,
+  NAME         VARCHAR(255) NOT NULL,
+  DESCRIPTION  VARCHAR(1023),
+  DISPLAY_NAME VARCHAR(255),
+  IS_SENSITIVE INTEGER       NOT NULL,
+  TENANT_ID    INTEGER DEFAULT -1234 NOT NULL,
+  CONSTRAINT PII_CATEGORY_CONSTRAINT UNIQUE (NAME, TENANT_ID),
+  PRIMARY KEY (ID)
+)
+/
+CREATE SEQUENCE CM_PII_CATEGORY_SEQ
+  START WITH 1
+  INCREMENT BY 1 NOCACHE
+/
+CREATE TRIGGER CM_PII_CATEGORY_TRIGGER NO CASCADE BEFORE INSERT ON CM_PII_CATEGORY
+REFERENCING NEW AS NEW FOR EACH ROW MODE DB2SQL
+
+BEGIN ATOMIC
+
+    SET (NEW.ID)
+       = (NEXTVAL FOR CM_PII_CATEGORY_SEQ);
+
+END
+/
+CREATE TABLE CM_RECEIPT (
+  CONSENT_RECEIPT_ID  VARCHAR(255) NOT NULL,
+  VERSION             VARCHAR(255) NOT NULL,
+  JURISDICTION        VARCHAR(255) NOT NULL,
+  CONSENT_TIMESTAMP   TIMESTAMP     NOT NULL,
+  COLLECTION_METHOD   VARCHAR(255) NOT NULL,
+  LANGUAGE            VARCHAR(255) NOT NULL,
+  PII_PRINCIPAL_ID    VARCHAR(255) NOT NULL,
+  PRINCIPAL_TENANT_ID INTEGER DEFAULT -1234,
+  POLICY_URL          VARCHAR(255) NOT NULL,
+  STATE               VARCHAR(255) NOT NULL,
+  PII_CONTROLLER      VARCHAR(2048) NOT NULL,
+  PRIMARY KEY (CONSENT_RECEIPT_ID)
+)
+/
+CREATE TABLE CM_PURPOSE (
+  ID          INTEGER NOT NULL,
+  NAME        VARCHAR(255) NOT NULL,
+  DESCRIPTION VARCHAR(1023),
+  TENANT_ID   INTEGER DEFAULT -1234 NOT NULL,
+  CONSTRAINT PURPOSE_CONSTRAINT UNIQUE (NAME, TENANT_ID),
+  PRIMARY KEY (ID)
+)
+/
+CREATE SEQUENCE CM_PURPOSE_SEQ
+  START WITH 1
+  INCREMENT BY 1 NOCACHE
+/
+CREATE TRIGGER CM_PURPOSE_TRIGGER NO CASCADE BEFORE INSERT ON CM_PURPOSE
+REFERENCING NEW AS NEW FOR EACH ROW MODE DB2SQL
+
+BEGIN ATOMIC
+
+    SET (NEW.ID)
+       = (NEXTVAL FOR CM_PURPOSE_SEQ);
+
+END
+/
+CREATE TABLE CM_PURPOSE_CATEGORY (
+  ID          INTEGER NOT NULL,
+  NAME        VARCHAR(255) NOT NULL,
+  DESCRIPTION VARCHAR(1023),
+  TENANT_ID   INTEGER DEFAULT -1234 NOT NULL,
+  CONSTRAINT PURPOSE_CATEGORY_CONSTRAINT UNIQUE (NAME, TENANT_ID),
+  PRIMARY KEY (ID)
+)
+/
+CREATE SEQUENCE CM_PURPOSE_CATEGORY_SEQ
+  START WITH 1
+  INCREMENT BY 1 NOCACHE
+/
+CREATE TRIGGER CM_PURPOSE_CATEGORY_TRIGGER NO CASCADE BEFORE INSERT ON CM_PURPOSE_CATEGORY
+REFERENCING NEW AS NEW FOR EACH ROW MODE DB2SQL
+
+BEGIN ATOMIC
+
+    SET (NEW.ID)
+       = (NEXTVAL FOR CM_PURPOSE_CATEGORY_SEQ);
+
+END
+/
+CREATE TABLE CM_RECEIPT_SP_ASSOC (
+  ID                 INTEGER NOT NULL,
+  CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL,
+  SP_NAME            VARCHAR(255) NOT NULL,
+  SP_DISPLAY_NAME    VARCHAR(255),
+  SP_DESCRIPTION     VARCHAR(255),
+  SP_TENANT_ID       INTEGER DEFAULT -1234 NOT NULL,
+  CONSTRAINT RECEIPT_SP_ASSOC_CONSTRAINT UNIQUE (CONSENT_RECEIPT_ID, SP_NAME, SP_TENANT_ID),
+  PRIMARY KEY (ID)
+)
+/
+CREATE SEQUENCE CM_RECEIPT_SP_ASSOC_SEQ
+  START WITH 1
+  INCREMENT BY 1 NOCACHE
+/
+CREATE TRIGGER CM_RECEIPT_SP_ASSOC_TRIGGER NO CASCADE BEFORE INSERT ON CM_RECEIPT_SP_ASSOC
+REFERENCING NEW AS NEW FOR EACH ROW MODE DB2SQL
+
+BEGIN ATOMIC
+
+    SET (NEW.ID)
+       = (NEXTVAL FOR CM_RECEIPT_SP_ASSOC_SEQ);
+
+END
+/
+CREATE TABLE CM_SP_PURPOSE_ASSOC (
+  ID                     INTEGER NOT NULL,
+  RECEIPT_SP_ASSOC       INTEGER       NOT NULL,
+  PURPOSE_ID             INTEGER       NOT NULL,
+  CONSENT_TYPE           VARCHAR(255) NOT NULL,
+  IS_PRIMARY_PURPOSE     INTEGER       NOT NULL,
+  TERMINATION            VARCHAR(255) NOT NULL,
+  THIRD_PARTY_DISCLOSURE INTEGER       NOT NULL,
+  THIRD_PARTY_NAME       VARCHAR(255),
+  CONSTRAINT SP_PURPOSE_ASSOC UNIQUE (RECEIPT_SP_ASSOC, PURPOSE_ID),
+  PRIMARY KEY (ID)
+)
+/
+CREATE SEQUENCE CM_SP_PURPOSE_ASSOC_SEQ
+  START WITH 1
+  INCREMENT BY 1 NOCACHE
+/
+CREATE TRIGGER CM_SP_PURPOSE_ASSOC_TRIGGER NO CASCADE BEFORE INSERT ON CM_SP_PURPOSE_ASSOC
+REFERENCING NEW AS NEW FOR EACH ROW MODE DB2SQL
+
+BEGIN ATOMIC
+
+    SET (NEW.ID)
+       = (NEXTVAL FOR CM_SP_PURPOSE_ASSOC_SEQ);
+
+END
+/
+CREATE TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC (
+  SP_PURPOSE_ASSOC_ID INTEGER NOT NULL,
+  PURPOSE_CATEGORY_ID INTEGER NOT NULL,
+  CONSTRAINT SP_PUS_PS_CAT_ASSOC UNIQUE (SP_PURPOSE_ASSOC_ID, PURPOSE_CATEGORY_ID)
+)
+/
+CREATE TABLE CM_PURPOSE_PII_CAT_ASSOC (
+  PURPOSE_ID         INTEGER NOT NULL,
+  CM_PII_CATEGORY_ID INTEGER NOT NULL,
+  CONSTRAINT PURPOSE_PII_CAT_ASSOC UNIQUE (PURPOSE_ID, CM_PII_CATEGORY_ID)
+)
+/
+CREATE TABLE CM_SP_PURPOSE_PII_CAT_ASSOC (
+  SP_PURPOSE_ASSOC_ID INTEGER NOT NULL,
+  PII_CATEGORY_ID     INTEGER NOT NULL,
+  VALIDITY            VARCHAR(1023),
+  CONSTRAINT SP_PURPOSE_PII_CATEGORY_ASSOC UNIQUE (SP_PURPOSE_ASSOC_ID, PII_CATEGORY_ID)
+)
+/
+CREATE SEQUENCE CM_SP_PURPOSE_PII_CAT_ASSOC_SEQ
+  START WITH 1
+  INCREMENT BY 1 NOCACHE
+/
+CREATE TABLE CM_CONSENT_RECEIPT_PROPERTY (
+  CONSENT_RECEIPT_ID VARCHAR(255)  NOT NULL,
+  NAME               VARCHAR(255)  NOT NULL,
+  VALUE              VARCHAR(1023) NOT NULL,
+  CONSTRAINT CONSENT_RECEIPT_PROPERTY UNIQUE (CONSENT_RECEIPT_ID, NAME)
+)
+/
+ALTER TABLE CM_RECEIPT_SP_ASSOC
+  ADD CONSTRAINT CM_RECEIPT_SP_ASSOC_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID)
+/
+ALTER TABLE CM_SP_PURPOSE_ASSOC
+  ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk0 FOREIGN KEY (RECEIPT_SP_ASSOC) REFERENCES CM_RECEIPT_SP_ASSOC (ID)
+/
+ALTER TABLE CM_SP_PURPOSE_ASSOC
+  ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk1 FOREIGN KEY (PURPOSE_ID) REFERENCES CM_PURPOSE (ID)
+/
+ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC
+  ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID)
+/
+ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC
+  ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk1 FOREIGN KEY (PURPOSE_CATEGORY_ID) REFERENCES CM_PURPOSE_CATEGORY (ID)
+/
+ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC
+  ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID)
+/
+ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC
+  ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk1 FOREIGN KEY (PII_CATEGORY_ID) REFERENCES CM_PII_CATEGORY (ID)
+/
+ALTER TABLE CM_CONSENT_RECEIPT_PROPERTY
+  ADD CONSTRAINT CM_CONSENT_RECEIPT_PRT_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID)
+/
+INSERT INTO CM_PURPOSE (NAME, DESCRIPTION, TENANT_ID) values ('DEFAULT', 'For core functionalities of the product', '-1234')/
+
+INSERT INTO CM_PURPOSE_CATEGORY (NAME, DESCRIPTION, TENANT_ID) VALUES ('DEFAULT','For core functionalities of the product', '-1234')/
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/consent/h2.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/consent/h2.sql
new file mode 100644
index 00000000..3c9166bd
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/consent/h2.sql
@@ -0,0 +1,121 @@
+CREATE TABLE CM_PII_CATEGORY (
+  ID           INTEGER AUTO_INCREMENT,
+  NAME         VARCHAR(255) NOT NULL,
+  DESCRIPTION  VARCHAR(1023),
+  DISPLAY_NAME VARCHAR(255),
+  IS_SENSITIVE INTEGER      NOT NULL,
+  TENANT_ID    INTEGER DEFAULT '-1234',
+  UNIQUE KEY (NAME, TENANT_ID),
+  PRIMARY KEY (ID)
+);
+
+CREATE TABLE CM_RECEIPT (
+  CONSENT_RECEIPT_ID  VARCHAR(255) NOT NULL,
+  VERSION             VARCHAR(255) NOT NULL,
+  JURISDICTION        VARCHAR(255) NOT NULL,
+  CONSENT_TIMESTAMP   TIMESTAMP    NOT NULL,
+  COLLECTION_METHOD   VARCHAR(255) NOT NULL,
+  LANGUAGE            VARCHAR(255) NOT NULL,
+  PII_PRINCIPAL_ID    VARCHAR(255) NOT NULL,
+  PRINCIPAL_TENANT_ID INTEGER DEFAULT '-1234',
+  POLICY_URL          VARCHAR(255) NOT NULL,
+  STATE               VARCHAR(255) NOT NULL,
+  PII_CONTROLLER      VARCHAR(2048) NOT NULL,
+  PRIMARY KEY (CONSENT_RECEIPT_ID)
+);
+
+CREATE TABLE CM_PURPOSE (
+  ID          INTEGER AUTO_INCREMENT,
+  NAME        VARCHAR(255) NOT NULL,
+  DESCRIPTION VARCHAR(1023),
+  TENANT_ID   INTEGER DEFAULT '-1234',
+  UNIQUE KEY (NAME, TENANT_ID),
+  PRIMARY KEY (ID)
+);
+
+CREATE TABLE CM_PURPOSE_CATEGORY (
+  ID          INTEGER AUTO_INCREMENT,
+  NAME        VARCHAR(255) NOT NULL,
+  DESCRIPTION VARCHAR(1023),
+  TENANT_ID   INTEGER DEFAULT '-1234',
+  UNIQUE KEY (NAME, TENANT_ID),
+  PRIMARY KEY (ID)
+);
+
+CREATE TABLE CM_RECEIPT_SP_ASSOC (
+  ID                 INTEGER AUTO_INCREMENT,
+  CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL,
+  SP_NAME            VARCHAR(255) NOT NULL,
+  SP_DISPLAY_NAME    VARCHAR(255),
+  SP_DESCRIPTION     VARCHAR(255),
+  SP_TENANT_ID       INTEGER DEFAULT '-1234',
+  UNIQUE KEY (CONSENT_RECEIPT_ID, SP_NAME, SP_TENANT_ID),
+  PRIMARY KEY (ID)
+);
+
+CREATE TABLE CM_SP_PURPOSE_ASSOC (
+  ID                     INTEGER AUTO_INCREMENT,
+  RECEIPT_SP_ASSOC       INTEGER      NOT NULL,
+  PURPOSE_ID             INTEGER      NOT NULL,
+  CONSENT_TYPE           VARCHAR(255) NOT NULL,
+  IS_PRIMARY_PURPOSE     INTEGER      NOT NULL,
+  TERMINATION            VARCHAR(255) NOT NULL,
+  THIRD_PARTY_DISCLOSURE INTEGER      NOT NULL,
+  THIRD_PARTY_NAME       VARCHAR(255),
+  UNIQUE KEY (RECEIPT_SP_ASSOC, PURPOSE_ID),
+  PRIMARY KEY (ID)
+);
+
+CREATE TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC (
+  SP_PURPOSE_ASSOC_ID INTEGER NOT NULL,
+  PURPOSE_CATEGORY_ID INTEGER NOT NULL,
+  UNIQUE KEY (SP_PURPOSE_ASSOC_ID, PURPOSE_CATEGORY_ID)
+);
+
+CREATE TABLE CM_PURPOSE_PII_CAT_ASSOC (
+  PURPOSE_ID         INTEGER NOT NULL,
+  CM_PII_CATEGORY_ID INTEGER NOT NULL,
+  UNIQUE KEY (PURPOSE_ID, CM_PII_CATEGORY_ID)
+);
+
+CREATE TABLE CM_SP_PURPOSE_PII_CAT_ASSOC (
+  SP_PURPOSE_ASSOC_ID INTEGER NOT NULL,
+  PII_CATEGORY_ID     INTEGER NOT NULL,
+  VALIDITY            VARCHAR(1023),
+  UNIQUE KEY (SP_PURPOSE_ASSOC_ID, PII_CATEGORY_ID)
+);
+
+CREATE TABLE CM_CONSENT_RECEIPT_PROPERTY (
+  CONSENT_RECEIPT_ID VARCHAR(255)  NOT NULL,
+  NAME               VARCHAR(255)  NOT NULL,
+  VALUE              VARCHAR(1023) NOT NULL,
+  UNIQUE KEY (CONSENT_RECEIPT_ID, NAME)
+);
+
+ALTER TABLE CM_RECEIPT_SP_ASSOC
+  ADD CONSTRAINT CM_RECEIPT_SP_ASSOC_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID);
+
+ALTER TABLE CM_SP_PURPOSE_ASSOC
+  ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk0 FOREIGN KEY (RECEIPT_SP_ASSOC) REFERENCES CM_RECEIPT_SP_ASSOC (ID);
+
+ALTER TABLE CM_SP_PURPOSE_ASSOC
+  ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk1 FOREIGN KEY (PURPOSE_ID) REFERENCES CM_PURPOSE (ID);
+
+ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC
+  ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID);
+
+ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC
+  ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk1 FOREIGN KEY (PURPOSE_CATEGORY_ID) REFERENCES CM_PURPOSE_CATEGORY (ID);
+
+ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC
+  ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID);
+
+ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC
+  ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk1 FOREIGN KEY (PII_CATEGORY_ID) REFERENCES CM_PII_CATEGORY (ID);
+
+ALTER TABLE CM_CONSENT_RECEIPT_PROPERTY
+  ADD CONSTRAINT CM_CONSENT_RECEIPT_PRT_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID);
+
+INSERT INTO CM_PURPOSE (NAME, DESCRIPTION, TENANT_ID) values ('DEFAULT', 'For core functionalities of the product', '-1234');
+
+INSERT INTO CM_PURPOSE_CATEGORY (NAME, DESCRIPTION, TENANT_ID) VALUES ('DEFAULT','For core functionalities of the product', '-1234');
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/consent/mssql.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/consent/mssql.sql
new file mode 100644
index 00000000..645035c2
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/consent/mssql.sql
@@ -0,0 +1,113 @@
+IF NOT EXISTS ( SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[CM_PII_CATEGORY]') AND TYPE IN (N'U'))
+CREATE TABLE CM_PII_CATEGORY (
+  ID           INTEGER      NOT NULL  IDENTITY,
+  NAME         VARCHAR(255) NOT NULL,
+  DESCRIPTION  VARCHAR(1023),
+  DISPLAY_NAME VARCHAR(255),
+  IS_SENSITIVE INTEGER      NOT NULL,
+  TENANT_ID    INTEGER DEFAULT '-1234',
+  CONSTRAINT CM_PII_CATEGORY_CNT UNIQUE (NAME, TENANT_ID),
+  PRIMARY KEY (ID)
+);
+
+IF NOT EXISTS ( SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[CM_RECEIPT]') AND TYPE IN (N'U'))
+CREATE TABLE CM_RECEIPT (
+  CONSENT_RECEIPT_ID  VARCHAR(255) NOT NULL,
+  VERSION             VARCHAR(255) NOT NULL,
+  JURISDICTION        VARCHAR(255) NOT NULL,
+  CONSENT_TIMESTAMP   DATETIME    NOT NULL,
+  COLLECTION_METHOD   VARCHAR(255) NOT NULL,
+  LANGUAGE            VARCHAR(255) NOT NULL,
+  PII_PRINCIPAL_ID    VARCHAR(255) NOT NULL,
+  PRINCIPAL_TENANT_ID INTEGER DEFAULT '-1234',
+  POLICY_URL          VARCHAR(255) NOT NULL,
+  STATE               VARCHAR(255) NOT NULL,
+  PII_CONTROLLER      VARCHAR(2048) NOT NULL,
+  PRIMARY KEY (CONSENT_RECEIPT_ID)
+);
+
+IF NOT EXISTS ( SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[CM_PURPOSE]') AND TYPE IN (N'U'))
+CREATE TABLE CM_PURPOSE (
+  ID          INTEGER      NOT NULL  IDENTITY,
+  NAME        VARCHAR(255) NOT NULL,
+  DESCRIPTION VARCHAR(1023),
+  TENANT_ID   INTEGER DEFAULT '-1234',
+  CONSTRAINT CM_PURPOSE_CNT UNIQUE (NAME, TENANT_ID),
+  PRIMARY KEY (ID)
+);
+IF NOT EXISTS ( SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[CM_PURPOSE_CATEGORY]') AND TYPE IN (N'U'))
+CREATE TABLE CM_PURPOSE_CATEGORY (
+  ID          INTEGER      NOT NULL  IDENTITY,
+  NAME        VARCHAR(255) NOT NULL,
+  DESCRIPTION VARCHAR(1023),
+  TENANT_ID   INTEGER DEFAULT '-1234',
+  CONSTRAINT CM_PURPOSE_CATEGORY_CNT UNIQUE (NAME, TENANT_ID),
+  PRIMARY KEY (ID)
+);
+IF NOT EXISTS ( SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[CM_RECEIPT_SP_ASSOC]') AND TYPE IN (N'U'))
+CREATE TABLE CM_RECEIPT_SP_ASSOC (
+  ID                 INTEGER      NOT NULL  IDENTITY,
+  CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL,
+  SP_NAME            VARCHAR(255) NOT NULL,
+  SP_DISPLAY_NAME    VARCHAR(255),
+  SP_DESCRIPTION     VARCHAR(255),
+  SP_TENANT_ID       INTEGER DEFAULT '-1234',
+  CONSTRAINT CM_RECEIPT_SP_ASSOC_CNT UNIQUE (CONSENT_RECEIPT_ID, SP_NAME, SP_TENANT_ID),
+  FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID),
+  PRIMARY KEY (ID)
+);
+
+IF NOT EXISTS ( SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[CM_SP_PURPOSE_ASSOC]') AND TYPE IN (N'U'))
+CREATE TABLE CM_SP_PURPOSE_ASSOC (
+  ID                     INTEGER      NOT NULL  IDENTITY,
+  RECEIPT_SP_ASSOC       INTEGER      NOT NULL,
+  PURPOSE_ID             INTEGER      NOT NULL,
+  CONSENT_TYPE           VARCHAR(255) NOT NULL,
+  IS_PRIMARY_PURPOSE     INTEGER      NOT NULL,
+  TERMINATION            VARCHAR(255) NOT NULL,
+  THIRD_PARTY_DISCLOSURE INTEGER      NOT NULL,
+  THIRD_PARTY_NAME       VARCHAR(255),
+  CONSTRAINT CM_SP_PURPOSE_ASSOC_CNT UNIQUE (RECEIPT_SP_ASSOC, PURPOSE_ID),
+  FOREIGN KEY (RECEIPT_SP_ASSOC) REFERENCES CM_RECEIPT_SP_ASSOC (ID),
+  FOREIGN KEY (PURPOSE_ID) REFERENCES CM_PURPOSE (ID),
+  PRIMARY KEY (ID)
+);
+
+IF NOT EXISTS ( SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[CM_SP_PURPOSE_PURPOSE_CAT_ASSC]') AND TYPE IN (N'U'))
+CREATE TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC (
+  SP_PURPOSE_ASSOC_ID INTEGER NOT NULL,
+  PURPOSE_CATEGORY_ID INTEGER NOT NULL,
+  CONSTRAINT CM_SP_PURPOSE_PURPOSE_CAT_ASSC_CNT UNIQUE (SP_PURPOSE_ASSOC_ID, PURPOSE_CATEGORY_ID),
+  FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID),
+  FOREIGN KEY (PURPOSE_CATEGORY_ID) REFERENCES CM_PURPOSE_CATEGORY (ID)
+);
+
+IF NOT EXISTS ( SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[CM_PURPOSE_PII_CAT_ASSOC]') AND TYPE IN (N'U'))
+CREATE TABLE CM_PURPOSE_PII_CAT_ASSOC (
+  PURPOSE_ID         INTEGER NOT NULL,
+  CM_PII_CATEGORY_ID INTEGER NOT NULL,
+  CONSTRAINT CM_PURPOSE_PII_CAT_ASSOC_CNT UNIQUE (PURPOSE_ID, CM_PII_CATEGORY_ID)
+);
+
+IF NOT EXISTS ( SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[CM_SP_PURPOSE_PII_CAT_ASSOC]') AND TYPE IN (N'U'))
+CREATE TABLE CM_SP_PURPOSE_PII_CAT_ASSOC (
+  SP_PURPOSE_ASSOC_ID INTEGER NOT NULL,
+  PII_CATEGORY_ID     INTEGER NOT NULL,
+  VALIDITY            VARCHAR(1023),
+  CONSTRAINT CM_SP_PURPOSE_PII_CAT_ASSOC_CNT UNIQUE (SP_PURPOSE_ASSOC_ID, PII_CATEGORY_ID),
+  FOREIGN KEY (PII_CATEGORY_ID) REFERENCES CM_PII_CATEGORY (ID),
+  FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID)
+);
+
+IF NOT EXISTS ( SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[CM_CONSENT_RECEIPT_PROPERTY]') AND TYPE IN (N'U'))
+CREATE TABLE CM_CONSENT_RECEIPT_PROPERTY (
+  CONSENT_RECEIPT_ID VARCHAR(255)  NOT NULL,
+  NAME               VARCHAR(255)  NOT NULL,
+  VALUE              VARCHAR(1023) NOT NULL,
+  CONSTRAINT CM_CONSENT_RECEIPT_PROPERTY_CNT UNIQUE (CONSENT_RECEIPT_ID, NAME),
+  FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID)
+);
+
+INSERT INTO CM_PURPOSE (NAME, DESCRIPTION, TENANT_ID) values ('DEFAULT', 'For core functionalities of the product', '-1234');
+
+INSERT INTO CM_PURPOSE_CATEGORY (NAME, DESCRIPTION, TENANT_ID) VALUES ('DEFAULT','For core functionalities of the product', '-1234');
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/consent/mysql.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/consent/mysql.sql
new file mode 100644
index 00000000..3c9166bd
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/consent/mysql.sql
@@ -0,0 +1,121 @@
+CREATE TABLE CM_PII_CATEGORY (
+  ID           INTEGER AUTO_INCREMENT,
+  NAME         VARCHAR(255) NOT NULL,
+  DESCRIPTION  VARCHAR(1023),
+  DISPLAY_NAME VARCHAR(255),
+  IS_SENSITIVE INTEGER      NOT NULL,
+  TENANT_ID    INTEGER DEFAULT '-1234',
+  UNIQUE KEY (NAME, TENANT_ID),
+  PRIMARY KEY (ID)
+);
+
+CREATE TABLE CM_RECEIPT (
+  CONSENT_RECEIPT_ID  VARCHAR(255) NOT NULL,
+  VERSION             VARCHAR(255) NOT NULL,
+  JURISDICTION        VARCHAR(255) NOT NULL,
+  CONSENT_TIMESTAMP   TIMESTAMP    NOT NULL,
+  COLLECTION_METHOD   VARCHAR(255) NOT NULL,
+  LANGUAGE            VARCHAR(255) NOT NULL,
+  PII_PRINCIPAL_ID    VARCHAR(255) NOT NULL,
+  PRINCIPAL_TENANT_ID INTEGER DEFAULT '-1234',
+  POLICY_URL          VARCHAR(255) NOT NULL,
+  STATE               VARCHAR(255) NOT NULL,
+  PII_CONTROLLER      VARCHAR(2048) NOT NULL,
+  PRIMARY KEY (CONSENT_RECEIPT_ID)
+);
+
+CREATE TABLE CM_PURPOSE (
+  ID          INTEGER AUTO_INCREMENT,
+  NAME        VARCHAR(255) NOT NULL,
+  DESCRIPTION VARCHAR(1023),
+  TENANT_ID   INTEGER DEFAULT '-1234',
+  UNIQUE KEY (NAME, TENANT_ID),
+  PRIMARY KEY (ID)
+);
+
+CREATE TABLE CM_PURPOSE_CATEGORY (
+  ID          INTEGER AUTO_INCREMENT,
+  NAME        VARCHAR(255) NOT NULL,
+  DESCRIPTION VARCHAR(1023),
+  TENANT_ID   INTEGER DEFAULT '-1234',
+  UNIQUE KEY (NAME, TENANT_ID),
+  PRIMARY KEY (ID)
+);
+
+CREATE TABLE CM_RECEIPT_SP_ASSOC (
+  ID                 INTEGER AUTO_INCREMENT,
+  CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL,
+  SP_NAME            VARCHAR(255) NOT NULL,
+  SP_DISPLAY_NAME    VARCHAR(255),
+  SP_DESCRIPTION     VARCHAR(255),
+  SP_TENANT_ID       INTEGER DEFAULT '-1234',
+  UNIQUE KEY (CONSENT_RECEIPT_ID, SP_NAME, SP_TENANT_ID),
+  PRIMARY KEY (ID)
+);
+
+CREATE TABLE CM_SP_PURPOSE_ASSOC (
+  ID                     INTEGER AUTO_INCREMENT,
+  RECEIPT_SP_ASSOC       INTEGER      NOT NULL,
+  PURPOSE_ID             INTEGER      NOT NULL,
+  CONSENT_TYPE           VARCHAR(255) NOT NULL,
+  IS_PRIMARY_PURPOSE     INTEGER      NOT NULL,
+  TERMINATION            VARCHAR(255) NOT NULL,
+  THIRD_PARTY_DISCLOSURE INTEGER      NOT NULL,
+  THIRD_PARTY_NAME       VARCHAR(255),
+  UNIQUE KEY (RECEIPT_SP_ASSOC, PURPOSE_ID),
+  PRIMARY KEY (ID)
+);
+
+CREATE TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC (
+  SP_PURPOSE_ASSOC_ID INTEGER NOT NULL,
+  PURPOSE_CATEGORY_ID INTEGER NOT NULL,
+  UNIQUE KEY (SP_PURPOSE_ASSOC_ID, PURPOSE_CATEGORY_ID)
+);
+
+CREATE TABLE CM_PURPOSE_PII_CAT_ASSOC (
+  PURPOSE_ID         INTEGER NOT NULL,
+  CM_PII_CATEGORY_ID INTEGER NOT NULL,
+  UNIQUE KEY (PURPOSE_ID, CM_PII_CATEGORY_ID)
+);
+
+CREATE TABLE CM_SP_PURPOSE_PII_CAT_ASSOC (
+  SP_PURPOSE_ASSOC_ID INTEGER NOT NULL,
+  PII_CATEGORY_ID     INTEGER NOT NULL,
+  VALIDITY            VARCHAR(1023),
+  UNIQUE KEY (SP_PURPOSE_ASSOC_ID, PII_CATEGORY_ID)
+);
+
+CREATE TABLE CM_CONSENT_RECEIPT_PROPERTY (
+  CONSENT_RECEIPT_ID VARCHAR(255)  NOT NULL,
+  NAME               VARCHAR(255)  NOT NULL,
+  VALUE              VARCHAR(1023) NOT NULL,
+  UNIQUE KEY (CONSENT_RECEIPT_ID, NAME)
+);
+
+ALTER TABLE CM_RECEIPT_SP_ASSOC
+  ADD CONSTRAINT CM_RECEIPT_SP_ASSOC_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID);
+
+ALTER TABLE CM_SP_PURPOSE_ASSOC
+  ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk0 FOREIGN KEY (RECEIPT_SP_ASSOC) REFERENCES CM_RECEIPT_SP_ASSOC (ID);
+
+ALTER TABLE CM_SP_PURPOSE_ASSOC
+  ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk1 FOREIGN KEY (PURPOSE_ID) REFERENCES CM_PURPOSE (ID);
+
+ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC
+  ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID);
+
+ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC
+  ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk1 FOREIGN KEY (PURPOSE_CATEGORY_ID) REFERENCES CM_PURPOSE_CATEGORY (ID);
+
+ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC
+  ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID);
+
+ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC
+  ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk1 FOREIGN KEY (PII_CATEGORY_ID) REFERENCES CM_PII_CATEGORY (ID);
+
+ALTER TABLE CM_CONSENT_RECEIPT_PROPERTY
+  ADD CONSTRAINT CM_CONSENT_RECEIPT_PRT_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID);
+
+INSERT INTO CM_PURPOSE (NAME, DESCRIPTION, TENANT_ID) values ('DEFAULT', 'For core functionalities of the product', '-1234');
+
+INSERT INTO CM_PURPOSE_CATEGORY (NAME, DESCRIPTION, TENANT_ID) VALUES ('DEFAULT','For core functionalities of the product', '-1234');
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/consent/mysql5.7.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/consent/mysql5.7.sql
new file mode 100644
index 00000000..3c9166bd
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/consent/mysql5.7.sql
@@ -0,0 +1,121 @@
+CREATE TABLE CM_PII_CATEGORY (
+  ID           INTEGER AUTO_INCREMENT,
+  NAME         VARCHAR(255) NOT NULL,
+  DESCRIPTION  VARCHAR(1023),
+  DISPLAY_NAME VARCHAR(255),
+  IS_SENSITIVE INTEGER      NOT NULL,
+  TENANT_ID    INTEGER DEFAULT '-1234',
+  UNIQUE KEY (NAME, TENANT_ID),
+  PRIMARY KEY (ID)
+);
+
+CREATE TABLE CM_RECEIPT (
+  CONSENT_RECEIPT_ID  VARCHAR(255) NOT NULL,
+  VERSION             VARCHAR(255) NOT NULL,
+  JURISDICTION        VARCHAR(255) NOT NULL,
+  CONSENT_TIMESTAMP   TIMESTAMP    NOT NULL,
+  COLLECTION_METHOD   VARCHAR(255) NOT NULL,
+  LANGUAGE            VARCHAR(255) NOT NULL,
+  PII_PRINCIPAL_ID    VARCHAR(255) NOT NULL,
+  PRINCIPAL_TENANT_ID INTEGER DEFAULT '-1234',
+  POLICY_URL          VARCHAR(255) NOT NULL,
+  STATE               VARCHAR(255) NOT NULL,
+  PII_CONTROLLER      VARCHAR(2048) NOT NULL,
+  PRIMARY KEY (CONSENT_RECEIPT_ID)
+);
+
+CREATE TABLE CM_PURPOSE (
+  ID          INTEGER AUTO_INCREMENT,
+  NAME        VARCHAR(255) NOT NULL,
+  DESCRIPTION VARCHAR(1023),
+  TENANT_ID   INTEGER DEFAULT '-1234',
+  UNIQUE KEY (NAME, TENANT_ID),
+  PRIMARY KEY (ID)
+);
+
+CREATE TABLE CM_PURPOSE_CATEGORY (
+  ID          INTEGER AUTO_INCREMENT,
+  NAME        VARCHAR(255) NOT NULL,
+  DESCRIPTION VARCHAR(1023),
+  TENANT_ID   INTEGER DEFAULT '-1234',
+  UNIQUE KEY (NAME, TENANT_ID),
+  PRIMARY KEY (ID)
+);
+
+CREATE TABLE CM_RECEIPT_SP_ASSOC (
+  ID                 INTEGER AUTO_INCREMENT,
+  CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL,
+  SP_NAME            VARCHAR(255) NOT NULL,
+  SP_DISPLAY_NAME    VARCHAR(255),
+  SP_DESCRIPTION     VARCHAR(255),
+  SP_TENANT_ID       INTEGER DEFAULT '-1234',
+  UNIQUE KEY (CONSENT_RECEIPT_ID, SP_NAME, SP_TENANT_ID),
+  PRIMARY KEY (ID)
+);
+
+CREATE TABLE CM_SP_PURPOSE_ASSOC (
+  ID                     INTEGER AUTO_INCREMENT,
+  RECEIPT_SP_ASSOC       INTEGER      NOT NULL,
+  PURPOSE_ID             INTEGER      NOT NULL,
+  CONSENT_TYPE           VARCHAR(255) NOT NULL,
+  IS_PRIMARY_PURPOSE     INTEGER      NOT NULL,
+  TERMINATION            VARCHAR(255) NOT NULL,
+  THIRD_PARTY_DISCLOSURE INTEGER      NOT NULL,
+  THIRD_PARTY_NAME       VARCHAR(255),
+  UNIQUE KEY (RECEIPT_SP_ASSOC, PURPOSE_ID),
+  PRIMARY KEY (ID)
+);
+
+CREATE TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC (
+  SP_PURPOSE_ASSOC_ID INTEGER NOT NULL,
+  PURPOSE_CATEGORY_ID INTEGER NOT NULL,
+  UNIQUE KEY (SP_PURPOSE_ASSOC_ID, PURPOSE_CATEGORY_ID)
+);
+
+CREATE TABLE CM_PURPOSE_PII_CAT_ASSOC (
+  PURPOSE_ID         INTEGER NOT NULL,
+  CM_PII_CATEGORY_ID INTEGER NOT NULL,
+  UNIQUE KEY (PURPOSE_ID, CM_PII_CATEGORY_ID)
+);
+
+CREATE TABLE CM_SP_PURPOSE_PII_CAT_ASSOC (
+  SP_PURPOSE_ASSOC_ID INTEGER NOT NULL,
+  PII_CATEGORY_ID     INTEGER NOT NULL,
+  VALIDITY            VARCHAR(1023),
+  UNIQUE KEY (SP_PURPOSE_ASSOC_ID, PII_CATEGORY_ID)
+);
+
+CREATE TABLE CM_CONSENT_RECEIPT_PROPERTY (
+  CONSENT_RECEIPT_ID VARCHAR(255)  NOT NULL,
+  NAME               VARCHAR(255)  NOT NULL,
+  VALUE              VARCHAR(1023) NOT NULL,
+  UNIQUE KEY (CONSENT_RECEIPT_ID, NAME)
+);
+
+ALTER TABLE CM_RECEIPT_SP_ASSOC
+  ADD CONSTRAINT CM_RECEIPT_SP_ASSOC_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID);
+
+ALTER TABLE CM_SP_PURPOSE_ASSOC
+  ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk0 FOREIGN KEY (RECEIPT_SP_ASSOC) REFERENCES CM_RECEIPT_SP_ASSOC (ID);
+
+ALTER TABLE CM_SP_PURPOSE_ASSOC
+  ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk1 FOREIGN KEY (PURPOSE_ID) REFERENCES CM_PURPOSE (ID);
+
+ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC
+  ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID);
+
+ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC
+  ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk1 FOREIGN KEY (PURPOSE_CATEGORY_ID) REFERENCES CM_PURPOSE_CATEGORY (ID);
+
+ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC
+  ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID);
+
+ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC
+  ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk1 FOREIGN KEY (PII_CATEGORY_ID) REFERENCES CM_PII_CATEGORY (ID);
+
+ALTER TABLE CM_CONSENT_RECEIPT_PROPERTY
+  ADD CONSTRAINT CM_CONSENT_RECEIPT_PRT_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID);
+
+INSERT INTO CM_PURPOSE (NAME, DESCRIPTION, TENANT_ID) values ('DEFAULT', 'For core functionalities of the product', '-1234');
+
+INSERT INTO CM_PURPOSE_CATEGORY (NAME, DESCRIPTION, TENANT_ID) VALUES ('DEFAULT','For core functionalities of the product', '-1234');
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/consent/oracle.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/consent/oracle.sql
new file mode 100644
index 00000000..40cede58
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/consent/oracle.sql
@@ -0,0 +1,177 @@
+CREATE TABLE CM_PII_CATEGORY (
+  ID           INTEGER,
+  NAME         VARCHAR2(255) NOT NULL,
+  DESCRIPTION  VARCHAR2(1023),
+  DISPLAY_NAME VARCHAR(255),
+  IS_SENSITIVE INTEGER       NOT NULL,
+  TENANT_ID    INTEGER DEFAULT -1234,
+  CONSTRAINT PII_CATEGORY_CONSTRAINT UNIQUE (NAME, TENANT_ID),
+  PRIMARY KEY (ID)
+)
+/
+CREATE SEQUENCE CM_PII_CATEGORY_SEQ START WITH 1 INCREMENT BY 1 NOCACHE
+/
+CREATE OR REPLACE TRIGGER CM_PII_CATEGORY_TRIG
+  BEFORE INSERT
+  ON CM_PII_CATEGORY
+  REFERENCING NEW AS NEW
+  FOR EACH ROW
+  BEGIN
+    SELECT CM_PII_CATEGORY_SEQ.nextval INTO :NEW.ID FROM dual;
+  END;
+/
+CREATE TABLE CM_RECEIPT (
+  CONSENT_RECEIPT_ID  VARCHAR2(255) NOT NULL,
+  VERSION             VARCHAR2(255) NOT NULL,
+  JURISDICTION        VARCHAR2(255) NOT NULL,
+  CONSENT_TIMESTAMP   TIMESTAMP     NOT NULL,
+  COLLECTION_METHOD   VARCHAR2(255) NOT NULL,
+  LANGUAGE            VARCHAR2(255) NOT NULL,
+  PII_PRINCIPAL_ID    VARCHAR2(255) NOT NULL,
+  PRINCIPAL_TENANT_ID INTEGER DEFAULT -1234,
+  POLICY_URL          VARCHAR2(255) NOT NULL,
+  STATE               VARCHAR2(255) NOT NULL,
+  PII_CONTROLLER      VARCHAR2(2048) NOT NULL,
+  PRIMARY KEY (CONSENT_RECEIPT_ID)
+)
+/
+CREATE TABLE CM_PURPOSE (
+  ID          INTEGER,
+  NAME        VARCHAR2(255) NOT NULL,
+  DESCRIPTION VARCHAR2(1023),
+  TENANT_ID   INTEGER DEFAULT -1234,
+  CONSTRAINT PURPOSE_CONSTRAINT UNIQUE (NAME, TENANT_ID),
+  PRIMARY KEY (ID)
+)
+/
+CREATE SEQUENCE CM_PURPOSE_SEQ START WITH 1 INCREMENT BY 1 NOCACHE
+/
+CREATE OR REPLACE TRIGGER CM_PURPOSE_TRIG
+  BEFORE INSERT
+  ON CM_PURPOSE
+  REFERENCING NEW AS NEW
+  FOR EACH ROW
+  BEGIN
+    SELECT CM_PURPOSE_SEQ.nextval INTO :NEW.ID FROM dual;
+  END;
+/
+CREATE TABLE CM_PURPOSE_CATEGORY (
+  ID          INTEGER,
+  NAME        VARCHAR2(255) NOT NULL,
+  DESCRIPTION VARCHAR2(1023),
+  TENANT_ID   INTEGER DEFAULT -1234,
+  CONSTRAINT PURPOSE_CATEGORY_CONSTRAINT UNIQUE (NAME, TENANT_ID),
+  PRIMARY KEY (ID)
+)
+/
+CREATE SEQUENCE CM_PURPOSE_CATEGORY_SEQ START WITH 1 INCREMENT BY 1 NOCACHE
+/
+CREATE OR REPLACE TRIGGER CM_PURPOSE_CATEGORY_TRIG
+  BEFORE INSERT
+  ON CM_PURPOSE_CATEGORY
+  REFERENCING NEW AS NEW
+  FOR EACH ROW
+  BEGIN
+    SELECT CM_PURPOSE_CATEGORY_SEQ.nextval INTO :NEW.ID FROM dual;
+  END;
+/
+CREATE TABLE CM_RECEIPT_SP_ASSOC (
+  ID                 INTEGER,
+  CONSENT_RECEIPT_ID VARCHAR2(255) NOT NULL,
+  SP_NAME            VARCHAR2(255) NOT NULL,
+  SP_DISPLAY_NAME    VARCHAR(255),
+  SP_DESCRIPTION     VARCHAR(255),
+  SP_TENANT_ID       INTEGER DEFAULT -1234,
+  CONSTRAINT RECEIPT_SP_ASSOC_CONSTRAINT UNIQUE (CONSENT_RECEIPT_ID, SP_NAME, SP_TENANT_ID),
+  PRIMARY KEY (ID)
+)
+/
+CREATE SEQUENCE CM_RECEIPT_SP_ASSOC_SEQ START WITH 1 INCREMENT BY 1 NOCACHE
+/
+CREATE OR REPLACE TRIGGER CM_RECEIPT_SP_ASSOC_TRIG
+  BEFORE INSERT
+  ON CM_RECEIPT_SP_ASSOC
+  REFERENCING NEW AS NEW
+  FOR EACH ROW
+  BEGIN
+    SELECT CM_RECEIPT_SP_ASSOC_SEQ.nextval INTO :NEW.ID FROM dual;
+  END;
+/
+CREATE TABLE CM_SP_PURPOSE_ASSOC (
+  ID                     INTEGER,
+  RECEIPT_SP_ASSOC       INTEGER       NOT NULL,
+  PURPOSE_ID             INTEGER       NOT NULL,
+  CONSENT_TYPE           VARCHAR2(255) NOT NULL,
+  IS_PRIMARY_PURPOSE     INTEGER       NOT NULL,
+  TERMINATION            VARCHAR2(255) NOT NULL,
+  THIRD_PARTY_DISCLOSURE INTEGER       NOT NULL,
+  THIRD_PARTY_NAME       VARCHAR2(255),
+  CONSTRAINT SP_PURPOSE_ASSOC UNIQUE (RECEIPT_SP_ASSOC, PURPOSE_ID),
+  PRIMARY KEY (ID)
+)
+/
+CREATE SEQUENCE CM_SP_PURPOSE_ASSOC_SEQ START WITH 1 INCREMENT BY 1 NOCACHE
+/
+CREATE OR REPLACE TRIGGER CM_SP_PURPOSE_ASSOC_TRIG
+  BEFORE INSERT
+  ON CM_SP_PURPOSE_ASSOC
+  REFERENCING NEW AS NEW
+  FOR EACH ROW
+  BEGIN
+    SELECT CM_SP_PURPOSE_ASSOC_SEQ.nextval INTO :NEW.ID FROM dual;
+  END;
+/
+CREATE TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC (
+  SP_PURPOSE_ASSOC_ID INTEGER NOT NULL,
+  PURPOSE_CATEGORY_ID INTEGER NOT NULL,
+  CONSTRAINT SP_PUS_PS_CAT_ASSOC UNIQUE (SP_PURPOSE_ASSOC_ID,PURPOSE_CATEGORY_ID)
+)
+/
+CREATE TABLE CM_PURPOSE_PII_CAT_ASSOC (
+  PURPOSE_ID         INTEGER NOT NULL,
+  CM_PII_CATEGORY_ID INTEGER NOT NULL,
+  CONSTRAINT PURPOSE_PII_CAT_ASSOC UNIQUE (PURPOSE_ID, CM_PII_CATEGORY_ID)
+)
+/
+CREATE TABLE CM_SP_PURPOSE_PII_CAT_ASSOC (
+  SP_PURPOSE_ASSOC_ID INTEGER NOT NULL,
+  PII_CATEGORY_ID     INTEGER NOT NULL,
+  VALIDITY            VARCHAR(1023),
+  CONSTRAINT SP_PURPOSE_PII_CATEGORY_ASSOC UNIQUE (SP_PURPOSE_ASSOC_ID, PII_CATEGORY_ID)
+)
+/
+CREATE TABLE CM_CONSENT_RECEIPT_PROPERTY (
+  CONSENT_RECEIPT_ID VARCHAR2(255)  NOT NULL,
+  NAME               VARCHAR2(255)  NOT NULL,
+  VALUE              VARCHAR2(1023) NOT NULL,
+  CONSTRAINT CONSENT_RECEIPT_PROPERTY UNIQUE (CONSENT_RECEIPT_ID, NAME)
+)
+/
+ALTER TABLE CM_RECEIPT_SP_ASSOC
+  ADD CONSTRAINT CM_RECEIPT_SP_ASSOC_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID)
+/
+ALTER TABLE CM_SP_PURPOSE_ASSOC
+  ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk0 FOREIGN KEY (RECEIPT_SP_ASSOC) REFERENCES CM_RECEIPT_SP_ASSOC (ID)
+/
+ALTER TABLE CM_SP_PURPOSE_ASSOC
+  ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk1 FOREIGN KEY (PURPOSE_ID) REFERENCES CM_PURPOSE (ID)
+/
+ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC
+  ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID)
+/
+ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC
+  ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk1 FOREIGN KEY (PURPOSE_CATEGORY_ID) REFERENCES CM_PURPOSE_CATEGORY (ID)
+/
+ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC
+  ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID)
+/
+ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC
+  ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk1 FOREIGN KEY (PII_CATEGORY_ID) REFERENCES CM_PII_CATEGORY (ID)
+/
+ALTER TABLE CM_CONSENT_RECEIPT_PROPERTY
+  ADD CONSTRAINT CM_CONSENT_RECEIPT_PRT_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID)
+/
+INSERT INTO CM_PURPOSE (NAME, DESCRIPTION, TENANT_ID) values ('DEFAULT', 'For core functionalities of the product', '-1234')
+/
+INSERT INTO CM_PURPOSE_CATEGORY (NAME, DESCRIPTION, TENANT_ID) VALUES ('DEFAULT','For core functionalities of the product', '-1234')
+/
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/consent/oracle_rac.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/consent/oracle_rac.sql
new file mode 100644
index 00000000..da8f5629
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/consent/oracle_rac.sql
@@ -0,0 +1,177 @@
+CREATE TABLE CM_PII_CATEGORY (
+  ID           INTEGER,
+  NAME         VARCHAR2(255) NOT NULL,
+  DESCRIPTION  VARCHAR2(1023),
+  DISPLAY_NAME VARCHAR(255),
+  IS_SENSITIVE INTEGER       NOT NULL,
+  TENANT_ID    INTEGER DEFAULT -1234,
+  CONSTRAINT PII_CATEGORY_CONSTRAINT UNIQUE (NAME, TENANT_ID),
+  PRIMARY KEY (ID)
+)
+/
+CREATE SEQUENCE CM_PII_CATEGORY_SEQ START WITH 1 INCREMENT BY 1 CACHE 20 ORDER
+/
+CREATE OR REPLACE TRIGGER CM_PII_CATEGORY_TRIG
+  BEFORE INSERT
+  ON CM_PII_CATEGORY
+  REFERENCING NEW AS NEW
+  FOR EACH ROW
+  BEGIN
+    SELECT CM_PII_CATEGORY_SEQ.nextval INTO :NEW.ID FROM dual;
+  END;
+/
+CREATE TABLE CM_RECEIPT (
+  CONSENT_RECEIPT_ID  VARCHAR2(255) NOT NULL,
+  VERSION             VARCHAR2(255) NOT NULL,
+  JURISDICTION        VARCHAR2(255) NOT NULL,
+  CONSENT_TIMESTAMP   TIMESTAMP     NOT NULL,
+  COLLECTION_METHOD   VARCHAR2(255) NOT NULL,
+  LANGUAGE            VARCHAR2(255) NOT NULL,
+  PII_PRINCIPAL_ID    VARCHAR2(255) NOT NULL,
+  PRINCIPAL_TENANT_ID INTEGER DEFAULT -1234,
+  POLICY_URL          VARCHAR2(255) NOT NULL,
+  STATE               VARCHAR2(255) NOT NULL,
+  PII_CONTROLLER      VARCHAR2(2048) NOT NULL,
+  PRIMARY KEY (CONSENT_RECEIPT_ID)
+)
+/
+CREATE TABLE CM_PURPOSE (
+  ID          INTEGER,
+  NAME        VARCHAR2(255) NOT NULL,
+  DESCRIPTION VARCHAR2(1023),
+  TENANT_ID   INTEGER DEFAULT -1234,
+  CONSTRAINT PURPOSE_CONSTRAINT UNIQUE (NAME, TENANT_ID),
+  PRIMARY KEY (ID)
+)
+/
+CREATE SEQUENCE CM_PURPOSE_SEQ START WITH 1 INCREMENT BY 1 CACHE 20 ORDER
+/
+CREATE OR REPLACE TRIGGER CM_PURPOSE_TRIG
+  BEFORE INSERT
+  ON CM_PURPOSE
+  REFERENCING NEW AS NEW
+  FOR EACH ROW
+  BEGIN
+    SELECT CM_PURPOSE_SEQ.nextval INTO :NEW.ID FROM dual;
+  END;
+/
+CREATE TABLE CM_PURPOSE_CATEGORY (
+  ID          INTEGER,
+  NAME        VARCHAR2(255) NOT NULL,
+  DESCRIPTION VARCHAR2(1023),
+  TENANT_ID   INTEGER DEFAULT -1234,
+  CONSTRAINT PURPOSE_CATEGORY_CONSTRAINT UNIQUE (NAME, TENANT_ID),
+  PRIMARY KEY (ID)
+)
+/
+CREATE SEQUENCE CM_PURPOSE_CATEGORY_SEQ START WITH 1 INCREMENT BY 1 CACHE 20 ORDER
+/
+CREATE OR REPLACE TRIGGER CM_PURPOSE_CATEGORY_TRIG
+  BEFORE INSERT
+  ON CM_PURPOSE_CATEGORY
+  REFERENCING NEW AS NEW
+  FOR EACH ROW
+  BEGIN
+    SELECT CM_PURPOSE_CATEGORY_SEQ.nextval INTO :NEW.ID FROM dual;
+  END;
+/
+CREATE TABLE CM_RECEIPT_SP_ASSOC (
+  ID                 INTEGER,
+  CONSENT_RECEIPT_ID VARCHAR2(255) NOT NULL,
+  SP_NAME            VARCHAR2(255) NOT NULL,
+  SP_DISPLAY_NAME    VARCHAR(255),
+  SP_DESCRIPTION     VARCHAR(255),
+  SP_TENANT_ID       INTEGER DEFAULT -1234,
+  CONSTRAINT RECEIPT_SP_ASSOC_CONSTRAINT UNIQUE (CONSENT_RECEIPT_ID, SP_NAME, SP_TENANT_ID),
+  PRIMARY KEY (ID)
+)
+/
+CREATE SEQUENCE CM_RECEIPT_SP_ASSOC_SEQ START WITH 1 INCREMENT BY 1 CACHE 20 ORDER
+/
+CREATE OR REPLACE TRIGGER CM_RECEIPT_SP_ASSOC_TRIG
+  BEFORE INSERT
+  ON CM_RECEIPT_SP_ASSOC
+  REFERENCING NEW AS NEW
+  FOR EACH ROW
+  BEGIN
+    SELECT CM_RECEIPT_SP_ASSOC_SEQ.nextval INTO :NEW.ID FROM dual;
+  END;
+/
+CREATE TABLE CM_SP_PURPOSE_ASSOC (
+  ID                     INTEGER,
+  RECEIPT_SP_ASSOC       INTEGER       NOT NULL,
+  PURPOSE_ID             INTEGER       NOT NULL,
+  CONSENT_TYPE           VARCHAR2(255) NOT NULL,
+  IS_PRIMARY_PURPOSE     INTEGER       NOT NULL,
+  TERMINATION            VARCHAR2(255) NOT NULL,
+  THIRD_PARTY_DISCLOSURE INTEGER       NOT NULL,
+  THIRD_PARTY_NAME       VARCHAR2(255),
+  CONSTRAINT SP_PURPOSE_ASSOC UNIQUE (RECEIPT_SP_ASSOC, PURPOSE_ID),
+  PRIMARY KEY (ID)
+)
+/
+CREATE SEQUENCE CM_SP_PURPOSE_ASSOC_SEQ START WITH 1 INCREMENT BY 1 CACHE 20 ORDER
+/
+CREATE OR REPLACE TRIGGER CM_SP_PURPOSE_ASSOC_TRIG
+  BEFORE INSERT
+  ON CM_SP_PURPOSE_ASSOC
+  REFERENCING NEW AS NEW
+  FOR EACH ROW
+  BEGIN
+    SELECT CM_SP_PURPOSE_ASSOC_SEQ.nextval INTO :NEW.ID FROM dual;
+  END;
+/
+CREATE TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC (
+  SP_PURPOSE_ASSOC_ID INTEGER NOT NULL,
+  PURPOSE_CATEGORY_ID INTEGER NOT NULL,
+  CONSTRAINT SP_PUS_PS_CAT_ASSOC UNIQUE (SP_PURPOSE_ASSOC_ID, PURPOSE_CATEGORY_ID)
+)
+/
+CREATE TABLE CM_PURPOSE_PII_CAT_ASSOC (
+  PURPOSE_ID         INTEGER NOT NULL,
+  CM_PII_CATEGORY_ID INTEGER NOT NULL,
+  CONSTRAINT PURPOSE_PII_CAT_ASSOC UNIQUE (PURPOSE_ID, CM_PII_CATEGORY_ID)
+)
+/
+CREATE TABLE CM_SP_PURPOSE_PII_CAT_ASSOC (
+  SP_PURPOSE_ASSOC_ID INTEGER NOT NULL,
+  PII_CATEGORY_ID     INTEGER NOT NULL,
+  VALIDITY            VARCHAR(1023),
+  CONSTRAINT SP_PURPOSE_PII_CATEGORY_ASSOC UNIQUE (SP_PURPOSE_ASSOC_ID, PII_CATEGORY_ID)
+)
+/
+CREATE TABLE CM_CONSENT_RECEIPT_PROPERTY (
+  CONSENT_RECEIPT_ID VARCHAR2(255)  NOT NULL,
+  NAME               VARCHAR2(255)  NOT NULL,
+  VALUE              VARCHAR2(1023) NOT NULL,
+  CONSTRAINT CONSENT_RECEIPT_PROPERTY UNIQUE (CONSENT_RECEIPT_ID, NAME)
+)
+/
+ALTER TABLE CM_RECEIPT_SP_ASSOC
+  ADD CONSTRAINT CM_RECEIPT_SP_ASSOC_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID)
+/
+ALTER TABLE CM_SP_PURPOSE_ASSOC
+  ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk0 FOREIGN KEY (RECEIPT_SP_ASSOC) REFERENCES CM_RECEIPT_SP_ASSOC (ID)
+/
+ALTER TABLE CM_SP_PURPOSE_ASSOC
+  ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk1 FOREIGN KEY (PURPOSE_ID) REFERENCES CM_PURPOSE (ID)
+/
+ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC
+  ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID)
+/
+ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC
+  ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk1 FOREIGN KEY (PURPOSE_CATEGORY_ID) REFERENCES CM_PURPOSE_CATEGORY (ID)
+/
+ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC
+  ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID)
+/
+ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC
+  ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk1 FOREIGN KEY (PII_CATEGORY_ID) REFERENCES CM_PII_CATEGORY (ID)
+/
+ALTER TABLE CM_CONSENT_RECEIPT_PROPERTY
+  ADD CONSTRAINT CM_CONSENT_RECEIPT_PRT_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID)
+/
+INSERT INTO CM_PURPOSE (NAME, DESCRIPTION, TENANT_ID) values ('DEFAULT', 'For core functionalities of the product', '-1234')
+/
+INSERT INTO CM_PURPOSE_CATEGORY (NAME, DESCRIPTION, TENANT_ID) VALUES ('DEFAULT','For core functionalities of the product', '-1234')
+/
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/consent/postgresql.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/consent/postgresql.sql
new file mode 100644
index 00000000..1d5d8cfa
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/consent/postgresql.sql
@@ -0,0 +1,141 @@
+DROP TABLE IF EXISTS CM_PII_CATEGORY;
+DROP SEQUENCE IF EXISTS CM_PII_CATEGORY_PK_SEQ;
+CREATE SEQUENCE CM_PII_CATEGORY_PK_SEQ;
+CREATE TABLE CM_PII_CATEGORY (
+  ID           INTEGER DEFAULT NEXTVAL('CM_PII_CATEGORY_PK_SEQ'),
+  NAME         VARCHAR(255) NOT NULL,
+  DESCRIPTION  VARCHAR(1023),
+  DISPLAY_NAME VARCHAR(255),
+  IS_SENSITIVE INTEGER      NOT NULL,
+  TENANT_ID    INTEGER DEFAULT '-1234',
+  CONSTRAINT CM_PII_CATEGORY_CNT UNIQUE (NAME, TENANT_ID),
+  PRIMARY KEY (ID)
+);
+
+DROP TABLE IF EXISTS CM_RECEIPT;
+CREATE TABLE CM_RECEIPT (
+  CONSENT_RECEIPT_ID  VARCHAR(255) NOT NULL,
+  VERSION             VARCHAR(255) NOT NULL,
+  JURISDICTION        VARCHAR(255) NOT NULL,
+  CONSENT_TIMESTAMP   TIMESTAMP    NOT NULL,
+  COLLECTION_METHOD   VARCHAR(255) NOT NULL,
+  LANGUAGE            VARCHAR(255) NOT NULL,
+  PII_PRINCIPAL_ID    VARCHAR(255) NOT NULL,
+  PRINCIPAL_TENANT_ID INTEGER DEFAULT '-1234',
+  POLICY_URL          VARCHAR(255) NOT NULL,
+  STATE               VARCHAR(255) NOT NULL,
+  PII_CONTROLLER      VARCHAR(2048) NOT NULL,
+  PRIMARY KEY (CONSENT_RECEIPT_ID)
+);
+
+DROP TABLE IF EXISTS CM_PURPOSE;
+DROP SEQUENCE IF EXISTS CM_PURPOSE_PK_SEQ;
+CREATE SEQUENCE CM_PURPOSE_PK_SEQ;
+CREATE TABLE CM_PURPOSE (
+  ID          INTEGER DEFAULT NEXTVAL('CM_PURPOSE_PK_SEQ'),
+  NAME        VARCHAR(255) NOT NULL,
+  DESCRIPTION VARCHAR(1023),
+  TENANT_ID   INTEGER DEFAULT '-1234',
+  CONSTRAINT CM_PURPOSE_CNT UNIQUE  (NAME, TENANT_ID),
+  PRIMARY KEY (ID)
+);
+
+DROP TABLE IF EXISTS CM_PURPOSE_CATEGORY;
+DROP SEQUENCE IF EXISTS CM_PURPOSE_CATEGORY_PK_SEQ;
+CREATE SEQUENCE CM_PURPOSE_CATEGORY_PK_SEQ;
+CREATE TABLE CM_PURPOSE_CATEGORY (
+  ID          INTEGER DEFAULT NEXTVAL('CM_PURPOSE_CATEGORY_PK_SEQ'),
+  NAME        VARCHAR(255) NOT NULL,
+  DESCRIPTION VARCHAR(1023),
+  TENANT_ID   INTEGER DEFAULT '-1234',
+  CONSTRAINT CM_PURPOSE_CATEGORY_CNT UNIQUE  (NAME, TENANT_ID),
+  PRIMARY KEY (ID)
+);
+
+DROP TABLE IF EXISTS CM_RECEIPT_SP_ASSOC;
+DROP SEQUENCE IF EXISTS CM_RECEIPT_SP_ASSOC_PK_SEQ;
+CREATE SEQUENCE CM_RECEIPT_SP_ASSOC_PK_SEQ;
+CREATE TABLE CM_RECEIPT_SP_ASSOC (
+  ID                 INTEGER DEFAULT NEXTVAL('CM_RECEIPT_SP_ASSOC_PK_SEQ'),
+  CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL,
+  SP_NAME            VARCHAR(255) NOT NULL,
+  SP_DISPLAY_NAME    VARCHAR(255),
+  SP_DESCRIPTION     VARCHAR(255),
+  SP_TENANT_ID       INTEGER DEFAULT '-1234',
+  CONSTRAINT CM_RECEIPT_SP_ASSOC_CNT UNIQUE  (CONSENT_RECEIPT_ID, SP_NAME, SP_TENANT_ID),
+  PRIMARY KEY (ID)
+);
+
+DROP TABLE IF EXISTS CM_SP_PURPOSE_ASSOC;
+DROP SEQUENCE IF EXISTS CM_SP_PURPOSE_ASSOC_PK_SEQ;
+CREATE SEQUENCE CM_SP_PURPOSE_ASSOC_PK_SEQ;
+CREATE TABLE CM_SP_PURPOSE_ASSOC (
+  ID                     INTEGER DEFAULT NEXTVAL('CM_SP_PURPOSE_ASSOC_PK_SEQ'),
+  RECEIPT_SP_ASSOC       INTEGER      NOT NULL,
+  PURPOSE_ID             INTEGER      NOT NULL,
+  CONSENT_TYPE           VARCHAR(255) NOT NULL,
+  IS_PRIMARY_PURPOSE     INTEGER      NOT NULL,
+  TERMINATION            VARCHAR(255) NOT NULL,
+  THIRD_PARTY_DISCLOSURE INTEGER      NOT NULL,
+  THIRD_PARTY_NAME       VARCHAR(255),
+  CONSTRAINT CM_SP_PURPOSE_ASSOC_CNT UNIQUE  (RECEIPT_SP_ASSOC, PURPOSE_ID),
+  PRIMARY KEY (ID)
+);
+
+DROP TABLE IF EXISTS CM_SP_PURPOSE_PURPOSE_CAT_ASSC;
+CREATE TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC (
+  SP_PURPOSE_ASSOC_ID INTEGER NOT NULL,
+  PURPOSE_CATEGORY_ID INTEGER NOT NULL,
+  CONSTRAINT CM_SP_PURPOSE_PURPOSE_CAT_ASSC_CNT UNIQUE  (SP_PURPOSE_ASSOC_ID, PURPOSE_CATEGORY_ID)
+);
+
+DROP TABLE IF EXISTS CM_PURPOSE_PII_CAT_ASSOC;
+CREATE TABLE CM_PURPOSE_PII_CAT_ASSOC (
+  PURPOSE_ID         INTEGER NOT NULL,
+  CM_PII_CATEGORY_ID INTEGER NOT NULL,
+  CONSTRAINT CM_PURPOSE_PII_CAT_ASSOC_CNT UNIQUE  (PURPOSE_ID, CM_PII_CATEGORY_ID)
+);
+
+DROP TABLE IF EXISTS CM_SP_PURPOSE_PII_CAT_ASSOC;
+CREATE TABLE CM_SP_PURPOSE_PII_CAT_ASSOC (
+  SP_PURPOSE_ASSOC_ID INTEGER NOT NULL,
+  PII_CATEGORY_ID     INTEGER NOT NULL,
+  VALIDITY            VARCHAR(1023),
+  CONSTRAINT CM_SP_PURPOSE_PII_CAT_ASSOC_CNT UNIQUE  (SP_PURPOSE_ASSOC_ID, PII_CATEGORY_ID)
+);
+
+DROP TABLE IF EXISTS CM_CONSENT_RECEIPT_PROPERTY;
+CREATE TABLE CM_CONSENT_RECEIPT_PROPERTY (
+  CONSENT_RECEIPT_ID VARCHAR(255)  NOT NULL,
+  NAME               VARCHAR(255)  NOT NULL,
+  VALUE              VARCHAR(1023) NOT NULL,
+  CONSTRAINT CM_CONSENT_RECEIPT_PROPERTY_CNT UNIQUE  (CONSENT_RECEIPT_ID, NAME)
+);
+
+ALTER TABLE CM_RECEIPT_SP_ASSOC
+  ADD CONSTRAINT CM_RECEIPT_SP_ASSOC_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID);
+
+ALTER TABLE CM_SP_PURPOSE_ASSOC
+  ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk0 FOREIGN KEY (RECEIPT_SP_ASSOC) REFERENCES CM_RECEIPT_SP_ASSOC (ID);
+
+ALTER TABLE CM_SP_PURPOSE_ASSOC
+  ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk1 FOREIGN KEY (PURPOSE_ID) REFERENCES CM_PURPOSE (ID);
+
+ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC
+  ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID);
+
+ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC
+  ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk1 FOREIGN KEY (PURPOSE_CATEGORY_ID) REFERENCES CM_PURPOSE_CATEGORY (ID);
+
+ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC
+  ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID);
+
+ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC
+  ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk1 FOREIGN KEY (PII_CATEGORY_ID) REFERENCES CM_PII_CATEGORY (ID);
+
+ALTER TABLE CM_CONSENT_RECEIPT_PROPERTY
+  ADD CONSTRAINT CM_CONSENT_RECEIPT_PRT_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID);
+
+INSERT INTO CM_PURPOSE (NAME, DESCRIPTION, TENANT_ID) values ('DEFAULT', 'For core functionalities of the product', '-1234');
+
+INSERT INTO CM_PURPOSE_CATEGORY (NAME, DESCRIPTION, TENANT_ID) VALUES ('DEFAULT','For core functionalities of the product', '-1234');
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/identity/db2.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/identity/db2.sql
new file mode 100644
index 00000000..b02cbfb6
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/identity/db2.sql
@@ -0,0 +1,159 @@
+BEGIN
+  DECLARE CONTINUE HANDLER FOR SQLSTATE '42704'
+  BEGIN END;
+  EXECUTE IMMEDIATE 'DROP INDEX IDX_AT';
+END
+/
+
+BEGIN
+  DECLARE CONTINUE HANDLER FOR SQLSTATE '42704'
+  BEGIN END;
+  EXECUTE IMMEDIATE 'DROP INDEX IDX_AUTHORIZATION_CODE';
+END
+/
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ALTER COLUMN REFRESH_TOKEN SET DATA TYPE VARCHAR(2048)
+/
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ALTER COLUMN ACCESS_TOKEN SET DATA TYPE VARCHAR(2048)
+/
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ALTER COLUMN AUTHORIZATION_CODE SET DATA TYPE VARCHAR(2048)
+/
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS ALTER COLUMN CONSUMER_SECRET SET DATA TYPE VARCHAR(2048)
+/
+
+CREATE TABLE IDN_OAUTH2_SCOPE_VALIDATORS (
+	APP_ID INTEGER NOT NULL,
+	SCOPE_VALIDATOR VARCHAR (128) NOT NULL,
+	PRIMARY KEY (APP_ID, SCOPE_VALIDATOR),
+	FOREIGN KEY (APP_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE
+)
+/
+CREATE TABLE SP_AUTH_SCRIPT (
+  ID         INTEGER      NOT NULL,
+  TENANT_ID  INTEGER      NOT NULL,
+  APP_ID     INTEGER      NOT NULL,
+  TYPE       VARCHAR(255) NOT NULL,
+  CONTENT    BLOB    DEFAULT NULL,
+  IS_ENABLED CHAR(1) DEFAULT '0',
+  PRIMARY KEY (ID))
+/
+CREATE SEQUENCE SP_AUTH_SCRIPT_SEQ START WITH 1 INCREMENT BY 1 NOCACHE
+/
+CREATE TRIGGER SP_AUTH_SCRIPT_TRIG NO CASCADE
+            BEFORE INSERT
+            ON SP_AUTH_SCRIPT
+            REFERENCING NEW AS NEW
+            FOR EACH ROW MODE DB2SQL
+                BEGIN ATOMIC
+                    SET (NEW.ID) = (NEXTVAL FOR SP_AUTH_SCRIPT_SEQ);
+                END
+/
+CREATE TABLE IDN_OIDC_JTI (
+  JWT_ID VARCHAR(255) NOT NULL,
+  EXP_TIME TIMESTAMP NOT NULL,
+  TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
+  PRIMARY KEY (JWT_ID))
+/
+
+
+CREATE TABLE IDN_OIDC_PROPERTY (
+  ID INTEGER NOT NULL,
+  TENANT_ID  INTEGER,
+  CONSUMER_KEY  VARCHAR(255) ,
+  PROPERTY_KEY  VARCHAR(255) NOT NULL,
+  PROPERTY_VALUE  VARCHAR(2047) ,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (CONSUMER_KEY) REFERENCES IDN_OAUTH_CONSUMER_APPS(CONSUMER_KEY) ON DELETE CASCADE)
+/
+CREATE SEQUENCE IDN_OIDC_PROPERTY_SEQ START WITH 1 INCREMENT BY 1 NOCACHE
+/
+CREATE TRIGGER IDN_OIDC_PROPERTY_TRIG NO CASCADE
+            BEFORE INSERT
+            ON IDN_OIDC_PROPERTY
+            REFERENCING NEW AS NEW
+            FOR EACH ROW MODE DB2SQL
+                BEGIN ATOMIC
+                    SET (NEW.ID) = (NEXTVAL FOR IDN_OIDC_PROPERTY_SEQ);
+                END
+/
+
+CREATE TABLE IDN_OIDC_REQ_OBJECT_REFERENCE (
+  ID INTEGER NOT NULL,
+  CONSUMER_KEY_ID INTEGER ,
+  CODE_ID VARCHAR(255) ,
+  TOKEN_ID VARCHAR(255) ,
+  SESSION_DATA_KEY VARCHAR(255),
+  PRIMARY KEY (ID),
+  FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE,
+  FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE,
+  FOREIGN KEY (CODE_ID) REFERENCES IDN_OAUTH2_AUTHORIZATION_CODE(CODE_ID) ON DELETE CASCADE)
+/
+CREATE SEQUENCE IDN_OIDC_REQUEST_OBJECT_REF_SEQ START WITH 1 INCREMENT BY 1 NOCACHE
+/
+CREATE TRIGGER IDN_OIDC_REQUEST_OBJECT_REF_TRIG NO CASCADE
+            BEFORE INSERT
+            ON IDN_OIDC_REQ_OBJECT_REFERENCE
+            REFERENCING NEW AS NEW
+            FOR EACH ROW MODE DB2SQL
+               BEGIN ATOMIC
+                   SET (NEW.ID) = (NEXTVAL FOR IDN_OIDC_REQUEST_OBJECT_REF_SEQ);
+               END
+/
+
+CREATE TABLE IDN_OIDC_REQ_OBJECT_CLAIMS (
+  ID INTEGER NOT NULL,
+  REQ_OBJECT_ID INTEGER ,
+  CLAIM_ATTRIBUTE VARCHAR(255),
+  ESSENTIAL CHAR (1),
+  VALUE VARCHAR(255),
+  IS_USERINFO CHAR (1),
+  PRIMARY KEY (ID),
+  FOREIGN KEY (REQ_OBJECT_ID) REFERENCES IDN_OIDC_REQ_OBJECT_REFERENCE(ID) ON DELETE CASCADE)
+/
+CREATE SEQUENCE IDN_OIDC_REQ_OBJECT_CLAIMS_SEQ START WITH 1 INCREMENT BY 1 NOCACHE
+/
+CREATE TRIGGER IDN_OIDC_REQ_OBJECT_CLAIMS_TRIG NO CASCADE
+            BEFORE INSERT
+            ON IDN_OIDC_REQ_OBJECT_CLAIMS
+            REFERENCING NEW AS NEW
+            FOR EACH ROW MODE DB2SQL
+               BEGIN ATOMIC
+                   SET (NEW.ID) = (NEXTVAL FOR IDN_OIDC_REQ_OBJECT_CLAIMS_SEQ);
+               END
+/
+
+CREATE TABLE IDN_OIDC_REQ_OBJ_CLAIM_VALUES (
+  ID INTEGER NOT NULL,
+  REQ_OBJECT_CLAIMS_ID INTEGER,
+  CLAIM_VALUES VARCHAR(255),
+  PRIMARY KEY (ID),
+  FOREIGN KEY (REQ_OBJECT_CLAIMS_ID) REFERENCES IDN_OIDC_REQ_OBJECT_CLAIMS(ID) ON DELETE CASCADE)
+/
+CREATE SEQUENCE IDN_OIDC_REQ_OBJECT_CLAIM_VALUES_SEQ START WITH 1 INCREMENT BY 1 NOCACHE
+/
+CREATE TRIGGER IDN_OIDC_REQ_OBJECT_CLAIM_VALUES_TRIG
+            BEFORE INSERT
+            ON IDN_OIDC_REQ_OBJ_CLAIM_VALUES
+            REFERENCING NEW AS NEW
+            FOR EACH ROW MODE DB2SQL
+               BEGIN ATOMIC
+                   SET (NEW.ID) = (NEXTVAL FOR IDN_OIDC_REQ_OBJECT_CLAIM_VALUES_SEQ);
+               END
+/
+
+CREATE TABLE IDN_CERTIFICATE (
+            ID INTEGER NOT NULL,
+            NAME VARCHAR(100) NOT NULL,
+            CERTIFICATE_IN_PEM BLOB,
+            TENANT_ID INTEGER NOT NULL,
+            CONSTRAINT CERTIFICATE_UNIQUE_KEY UNIQUE (NAME, TENANT_ID),
+            PRIMARY KEY (ID))
+/
+CREATE SEQUENCE IDN_CERTIFICATE_SEQUENCE START WITH 1 INCREMENT BY 1 NOCACHE
+/
+CREATE TRIGGER IDN_CERTIFICATE_TRIGGER NO CASCADE BEFORE INSERT ON IDN_CERTIFICATE
+REFERENCING NEW AS NEW FOR EACH ROW MODE DB2SQL
+  BEGIN ATOMIC
+    SET (NEW.ID)
+    = (NEXTVAL FOR IDN_CERTIFICATE_SEQUENCE);
+  END
+/
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/identity/h2.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/identity/h2.sql
new file mode 100644
index 00000000..5fd3342c
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/identity/h2.sql
@@ -0,0 +1,76 @@
+DROP INDEX IF EXISTS IDX_AT ON IDN_OAUTH2_ACCESS_TOKEN;
+DROP INDEX IF EXISTS IDX_AUTHORIZATION_CODE ON IDN_OAUTH2_AUTHORIZATION_CODE;
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN modify REFRESH_TOKEN VARCHAR(2048);
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN modify ACCESS_TOKEN VARCHAR(2048);
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE modify AUTHORIZATION_CODE VARCHAR(2048);
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS modify CONSUMER_SECRET VARCHAR(2048);
+
+CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE_VALIDATORS (
+	APP_ID INTEGER NOT NULL,
+	SCOPE_VALIDATOR VARCHAR (128) NOT NULL,
+	PRIMARY KEY (APP_ID,SCOPE_VALIDATOR),
+	FOREIGN KEY (APP_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE
+);
+CREATE TABLE SP_AUTH_SCRIPT (
+  ID         INTEGER AUTO_INCREMENT NOT NULL,
+  TENANT_ID  INTEGER                NOT NULL,
+  APP_ID     INTEGER                NOT NULL,
+  TYPE       VARCHAR(255)           NOT NULL,
+  CONTENT    BLOB    DEFAULT NULL,
+  IS_ENABLED BOOLEAN DEFAULT FALSE,
+  PRIMARY KEY (ID));
+
+CREATE TABLE IF NOT EXISTS IDN_OIDC_JTI (
+  JWT_ID VARCHAR(255),
+  EXP_TIME TIMESTAMP NOT NULL ,
+  TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ,
+  PRIMARY KEY (JWT_ID)
+);
+CREATE TABLE IF NOT EXISTS IDN_OIDC_PROPERTY (
+  ID INTEGER NOT NULL AUTO_INCREMENT,
+  TENANT_ID  INTEGER,
+  CONSUMER_KEY  VARCHAR(255) ,
+  PROPERTY_KEY  VARCHAR(255) NOT NULL,
+  PROPERTY_VALUE  VARCHAR(2047) ,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (CONSUMER_KEY) REFERENCES IDN_OAUTH_CONSUMER_APPS(CONSUMER_KEY) ON DELETE CASCADE
+);
+CREATE TABLE IF NOT EXISTS IDN_OIDC_REQ_OBJECT_REFERENCE (
+  ID INTEGER NOT NULL AUTO_INCREMENT,
+  CONSUMER_KEY_ID INTEGER ,
+  CODE_ID VARCHAR(255) ,
+  TOKEN_ID VARCHAR(255) ,
+  SESSION_DATA_KEY VARCHAR(255),
+  PRIMARY KEY (ID),
+  FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE,
+  FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE,
+  FOREIGN KEY (CODE_ID) REFERENCES IDN_OAUTH2_AUTHORIZATION_CODE(CODE_ID) ON DELETE CASCADE
+);
+
+CREATE TABLE IF NOT EXISTS IDN_OIDC_REQ_OBJECT_CLAIMS (
+  ID INTEGER NOT NULL AUTO_INCREMENT,
+  REQ_OBJECT_ID INTEGER,
+  CLAIM_ATTRIBUTE VARCHAR(255) ,
+  ESSENTIAL BOOLEAN ,
+  VALUE VARCHAR(255) ,
+  IS_USERINFO BOOLEAN,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (REQ_OBJECT_ID) REFERENCES IDN_OIDC_REQ_OBJECT_REFERENCE (ID) ON DELETE CASCADE
+);
+
+CREATE TABLE IF NOT EXISTS IDN_OIDC_REQ_OBJ_CLAIM_VALUES (
+  ID INTEGER NOT NULL AUTO_INCREMENT,
+  REQ_OBJECT_CLAIMS_ID INTEGER ,
+  CLAIM_VALUES VARCHAR(255) ,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (REQ_OBJECT_CLAIMS_ID) REFERENCES  IDN_OIDC_REQ_OBJECT_CLAIMS(ID) ON DELETE CASCADE
+);
+
+CREATE TABLE IF NOT EXISTS IDN_CERTIFICATE (
+            ID INTEGER NOT NULL AUTO_INCREMENT,
+            NAME VARCHAR(100),
+            CERTIFICATE_IN_PEM BLOB,
+            TENANT_ID INTEGER DEFAULT 0,
+            PRIMARY KEY(ID),
+            CONSTRAINT CERTIFICATE_UNIQUE_KEY UNIQUE (NAME, TENANT_ID)
+);
\ No newline at end of file
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/identity/mssql.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/identity/mssql.sql
new file mode 100644
index 00000000..abd35f91
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/identity/mssql.sql
@@ -0,0 +1,86 @@
+IF EXISTS (SELECT *  FROM sys.indexes WHERE name='IDX_AT') begin DROP INDEX IDN_OAUTH2_ACCESS_TOKEN.IDX_AT; end;
+IF EXISTS (SELECT *  FROM sys.indexes WHERE name='IDX_AUTHORIZATION_CODE') begin DROP INDEX IDN_OAUTH2_AUTHORIZATION_CODE.IDX_AUTHORIZATION_CODE; end;
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ALTER COLUMN ACCESS_TOKEN VARCHAR(2048);
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ALTER COLUMN REFRESH_TOKEN VARCHAR(2048);
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ALTER COLUMN AUTHORIZATION_CODE VARCHAR(2048);
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS ALTER COLUMN CONSUMER_SECRET VARCHAR(2048);
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_OAUTH2_SCOPE_VALIDATORS]') AND TYPE IN (N'U'))
+CREATE TABLE IDN_OAUTH2_SCOPE_VALIDATORS (
+	APP_ID INTEGER NOT NULL,
+	SCOPE_VALIDATOR VARCHAR (128) NOT NULL,
+	PRIMARY KEY (APP_ID,SCOPE_VALIDATOR),
+	FOREIGN KEY (APP_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE
+);
+IF NOT EXISTS(SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[SP_AUTH_SCRIPT]') AND TYPE IN (N'U'))
+CREATE TABLE SP_AUTH_SCRIPT (
+  ID         INTEGER IDENTITY NOT NULL,
+  TENANT_ID  INTEGER          NOT NULL,
+  APP_ID     INTEGER          NOT NULL,
+  TYPE       VARCHAR(255)     NOT NULL,
+  CONTENT    VARBINARY(MAX)    DEFAULT NULL,
+  IS_ENABLED BIT DEFAULT 'FALSE',
+  PRIMARY KEY (ID)
+);
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_OIDC_JTI]') AND TYPE IN (N'U'))
+CREATE TABLE IDN_OIDC_JTI  (
+  JWT_ID VARCHAR(255) NOT NULL,
+  EXP_TIME DATETIME NOT NULL,
+  TIME_CREATED DATETIME NOT NULL,
+  PRIMARY KEY (JWT_ID)
+);
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_OIDC_PROPERTY]') AND TYPE IN (N'U'))
+CREATE TABLE IDN_OIDC_PROPERTY (
+  ID INTEGER NOT NULL IDENTITY,
+  TENANT_ID  INTEGER ,
+  CONSUMER_KEY  VARCHAR(255) ,
+  PROPERTY_KEY  VARCHAR(255) NOT NULL ,
+  PROPERTY_VALUE  VARCHAR(2047) ,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (CONSUMER_KEY) REFERENCES IDN_OAUTH_CONSUMER_APPS(CONSUMER_KEY) ON DELETE CASCADE
+);
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_OIDC_REQ_OBJECT_REFERENCE]') AND TYPE IN (N'U'))
+CREATE TABLE IDN_OIDC_REQ_OBJECT_REFERENCE (
+  ID INTEGER NOT NULL IDENTITY,
+  CONSUMER_KEY_ID INTEGER ,
+  CODE_ID VARCHAR(255) ,
+  TOKEN_ID VARCHAR(255) ,
+  SESSION_DATA_KEY VARCHAR(255),
+  PRIMARY KEY (ID),
+  FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE ,
+  FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID),
+  FOREIGN KEY (CODE_ID) REFERENCES IDN_OAUTH2_AUTHORIZATION_CODE(CODE_ID)
+);
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_OIDC_REQ_OBJECT_CLAIMS]') AND TYPE IN (N'U'))
+CREATE TABLE IDN_OIDC_REQ_OBJECT_CLAIMS (
+  ID INTEGER NOT NULL IDENTITY,
+  REQ_OBJECT_ID INTEGER,
+  CLAIM_ATTRIBUTE VARCHAR(255) ,
+  ESSENTIAL BIT ,
+  VALUE VARCHAR(255) ,
+  IS_USERINFO BIT,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (REQ_OBJECT_ID) REFERENCES IDN_OIDC_REQ_OBJECT_REFERENCE (ID) ON DELETE CASCADE
+);
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_OIDC_REQ_OBJ_CLAIM_VALUES]') AND TYPE IN (N'U'))
+CREATE TABLE IDN_OIDC_REQ_OBJ_CLAIM_VALUES (
+  ID INTEGER NOT NULL IDENTITY,
+  REQ_OBJECT_CLAIMS_ID INTEGER ,
+  CLAIM_VALUES VARCHAR(255) ,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (REQ_OBJECT_CLAIMS_ID) REFERENCES  IDN_OIDC_REQ_OBJECT_CLAIMS(ID) ON DELETE CASCADE
+);
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_CERTIFICATE]') AND TYPE IN (N'U'))
+CREATE TABLE IDN_CERTIFICATE (
+             ID INTEGER IDENTITY,
+             NAME VARCHAR(100),
+             CERTIFICATE_IN_PEM VARBINARY(MAX),
+             TENANT_ID INTEGER DEFAULT 0,
+             PRIMARY KEY(ID),
+             CONSTRAINT CERTIFICATE_UNIQUE_KEY UNIQUE (NAME, TENANT_ID)
+);
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/identity/mysql.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/identity/mysql.sql
new file mode 100644
index 00000000..b9dc92de
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/identity/mysql.sql
@@ -0,0 +1,79 @@
+DROP INDEX IDX_AT ON IDN_OAUTH2_ACCESS_TOKEN;
+DROP INDEX IDX_AUTHORIZATION_CODE ON IDN_OAUTH2_AUTHORIZATION_CODE;
+-- ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN modify REFRESH_TOKEN VARCHAR(2048);
+-- ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN modify ACCESS_TOKEN VARCHAR(2048);
+
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE modify AUTHORIZATION_CODE VARCHAR(2048);
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS modify CONSUMER_SECRET VARCHAR(2048);
+
+CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE_VALIDATORS (
+	APP_ID INTEGER NOT NULL,
+	SCOPE_VALIDATOR VARCHAR (128) NOT NULL,
+	PRIMARY KEY (APP_ID,SCOPE_VALIDATOR),
+	FOREIGN KEY (APP_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE
+)ENGINE INNODB;
+CREATE TABLE IF NOT EXISTS SP_AUTH_SCRIPT (
+  ID         INTEGER AUTO_INCREMENT NOT NULL,
+  TENANT_ID  INTEGER                NOT NULL,
+  APP_ID     INTEGER                NOT NULL,
+  TYPE       VARCHAR(255)           NOT NULL,
+  CONTENT    BLOB    DEFAULT NULL,
+  IS_ENABLED BOOLEAN DEFAULT FALSE,
+  PRIMARY KEY (ID));
+
+CREATE TABLE IF NOT EXISTS IDN_OIDC_JTI (
+  JWT_ID VARCHAR(255) NOT NULL,
+  EXP_TIME TIMESTAMP NOT NULL DEFAULT 0 ,
+  TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ,
+  PRIMARY KEY (JWT_ID)
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS  IDN_OIDC_PROPERTY (
+  ID INTEGER NOT NULL AUTO_INCREMENT,
+  TENANT_ID  INTEGER,
+  CONSUMER_KEY  VARCHAR(255) ,
+  PROPERTY_KEY  VARCHAR(255) NOT NULL,
+  PROPERTY_VALUE  VARCHAR(2047) ,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (CONSUMER_KEY) REFERENCES IDN_OAUTH_CONSUMER_APPS(CONSUMER_KEY) ON DELETE CASCADE
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_OIDC_REQ_OBJECT_REFERENCE (
+  ID INTEGER NOT NULL AUTO_INCREMENT,
+  CONSUMER_KEY_ID INTEGER ,
+  CODE_ID VARCHAR(255) ,
+  TOKEN_ID VARCHAR(255) ,
+  SESSION_DATA_KEY VARCHAR(255),
+  PRIMARY KEY (ID),
+  FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE,
+  FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE,
+  FOREIGN KEY (CODE_ID) REFERENCES IDN_OAUTH2_AUTHORIZATION_CODE(CODE_ID) ON DELETE CASCADE
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_OIDC_REQ_OBJECT_CLAIMS (
+  ID INTEGER NOT NULL AUTO_INCREMENT,
+  REQ_OBJECT_ID INTEGER,
+  CLAIM_ATTRIBUTE VARCHAR(255) ,
+  ESSENTIAL BOOLEAN ,
+  VALUE VARCHAR(255) ,
+  IS_USERINFO BOOLEAN,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (REQ_OBJECT_ID) REFERENCES IDN_OIDC_REQ_OBJECT_REFERENCE (ID) ON DELETE CASCADE
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_OIDC_REQ_OBJ_CLAIM_VALUES (
+  ID INTEGER NOT NULL AUTO_INCREMENT,
+  REQ_OBJECT_CLAIMS_ID INTEGER ,
+  CLAIM_VALUES VARCHAR(255) ,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (REQ_OBJECT_CLAIMS_ID) REFERENCES  IDN_OIDC_REQ_OBJECT_CLAIMS(ID) ON DELETE CASCADE
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_CERTIFICATE (
+             ID INTEGER NOT NULL AUTO_INCREMENT,
+             NAME VARCHAR(100),
+             CERTIFICATE_IN_PEM BLOB,
+             TENANT_ID INTEGER DEFAULT 0,
+             PRIMARY KEY(ID),
+             CONSTRAINT CERTIFICATE_UNIQUE_KEY UNIQUE (NAME, TENANT_ID)
+)ENGINE INNODB;
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/identity/mysql5.7.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/identity/mysql5.7.sql
new file mode 100644
index 00000000..c5cc3323
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/identity/mysql5.7.sql
@@ -0,0 +1,77 @@
+DROP INDEX IDX_AT ON IDN_OAUTH2_ACCESS_TOKEN;
+DROP INDEX IDX_AUTHORIZATION_CODE ON IDN_OAUTH2_AUTHORIZATION_CODE;
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN modify REFRESH_TOKEN VARCHAR(2048);
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN modify ACCESS_TOKEN VARCHAR(2048);
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE modify AUTHORIZATION_CODE VARCHAR(2048);
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS modify CONSUMER_SECRET VARCHAR(2048);
+
+CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE_VALIDATORS (
+	APP_ID INTEGER NOT NULL,
+	SCOPE_VALIDATOR VARCHAR (128) NOT NULL,
+	PRIMARY KEY (APP_ID,SCOPE_VALIDATOR),
+	FOREIGN KEY (APP_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE
+)ENGINE INNODB;
+CREATE TABLE IF NOT EXISTS SP_AUTH_SCRIPT (
+  ID         INTEGER AUTO_INCREMENT NOT NULL,
+  TENANT_ID  INTEGER                NOT NULL,
+  APP_ID     INTEGER                NOT NULL,
+  TYPE       VARCHAR(255)           NOT NULL,
+  CONTENT    BLOB    DEFAULT NULL,
+  IS_ENABLED BOOLEAN DEFAULT FALSE,
+  PRIMARY KEY (ID));
+CREATE TABLE IF NOT EXISTS IDN_OIDC_JTI (
+  JWT_ID VARCHAR(255) NOT NULL,
+  EXP_TIME TIMESTAMP NOT NULL ,
+  TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ,
+  PRIMARY KEY (JWT_ID)
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS  IDN_OIDC_PROPERTY (
+  ID INTEGER NOT NULL AUTO_INCREMENT,
+  TENANT_ID  INTEGER,
+  CONSUMER_KEY  VARCHAR(255) ,
+  PROPERTY_KEY  VARCHAR(255) NOT NULL,
+  PROPERTY_VALUE  VARCHAR(2047) ,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (CONSUMER_KEY) REFERENCES IDN_OAUTH_CONSUMER_APPS(CONSUMER_KEY) ON DELETE CASCADE
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_OIDC_REQ_OBJECT_REFERENCE (
+  ID INTEGER NOT NULL AUTO_INCREMENT,
+  CONSUMER_KEY_ID INTEGER ,
+  CODE_ID VARCHAR(255) ,
+  TOKEN_ID VARCHAR(255) ,
+  SESSION_DATA_KEY VARCHAR(255),
+  PRIMARY KEY (ID),
+  FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE,
+  FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE,
+  FOREIGN KEY (CODE_ID) REFERENCES IDN_OAUTH2_AUTHORIZATION_CODE(CODE_ID) ON DELETE CASCADE
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_OIDC_REQ_OBJECT_CLAIMS (
+  ID INTEGER NOT NULL AUTO_INCREMENT,
+  REQ_OBJECT_ID INTEGER,
+  CLAIM_ATTRIBUTE VARCHAR(255) ,
+  ESSENTIAL BOOLEAN ,
+  VALUE VARCHAR(255) ,
+  IS_USERINFO BOOLEAN,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (REQ_OBJECT_ID) REFERENCES IDN_OIDC_REQ_OBJECT_REFERENCE (ID) ON DELETE CASCADE
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_OIDC_REQ_OBJ_CLAIM_VALUES (
+  ID INTEGER NOT NULL AUTO_INCREMENT,
+  REQ_OBJECT_CLAIMS_ID INTEGER ,
+  CLAIM_VALUES VARCHAR(255) ,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (REQ_OBJECT_CLAIMS_ID) REFERENCES  IDN_OIDC_REQ_OBJECT_CLAIMS(ID) ON DELETE CASCADE
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_CERTIFICATE (
+             ID INTEGER NOT NULL AUTO_INCREMENT,
+             NAME VARCHAR(100),
+             CERTIFICATE_IN_PEM BLOB,
+             TENANT_ID INTEGER DEFAULT 0,
+             PRIMARY KEY(ID),
+             CONSTRAINT CERTIFICATE_UNIQUE_KEY UNIQUE (NAME, TENANT_ID)
+)ENGINE INNODB;
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/identity/oracle.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/identity/oracle.sql
new file mode 100644
index 00000000..4ab4c3e6
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/identity/oracle.sql
@@ -0,0 +1,174 @@
+DECLARE
+  COUNT_INDEXES INTEGER;
+  BEGIN
+    SELECT COUNT(*) INTO COUNT_INDEXES
+      FROM USER_INDEXES
+      WHERE INDEX_NAME = 'IDX_AT';
+
+    IF COUNT_INDEXES > 0 THEN
+      EXECUTE IMMEDIATE 'DROP INDEX IDX_AT';
+    END IF;
+  END;
+  /
+
+DECLARE
+  COUNT_INDEXES INTEGER;
+  BEGIN
+    SELECT COUNT(*) INTO COUNT_INDEXES
+      FROM USER_INDEXES
+      WHERE INDEX_NAME = 'IDX_AUTHORIZATION_CODE';
+
+    IF COUNT_INDEXES > 0 THEN
+      EXECUTE IMMEDIATE 'DROP INDEX IDX_AUTHORIZATION_CODE';
+    END IF;
+  END;
+/
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN modify REFRESH_TOKEN VARCHAR(2048)
+/
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN modify ACCESS_TOKEN VARCHAR(2048)
+/
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE modify AUTHORIZATION_CODE VARCHAR(2048)
+/
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS modify CONSUMER_SECRET VARCHAR(2048)
+/
+CREATE TABLE IDN_OAUTH2_SCOPE_VALIDATORS (
+	APP_ID INTEGER NOT NULL,
+	SCOPE_VALIDATOR VARCHAR (128) NOT NULL,
+	PRIMARY KEY (APP_ID,SCOPE_VALIDATOR),
+	FOREIGN KEY (APP_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE
+)
+/
+CREATE TABLE SP_AUTH_SCRIPT (
+  ID         INTEGER      NOT NULL,
+  TENANT_ID  INTEGER      NOT NULL,
+  APP_ID     INTEGER      NOT NULL,
+  TYPE       VARCHAR(255) NOT NULL,
+  CONTENT    BLOB    DEFAULT NULL,
+  IS_ENABLED CHAR(1) DEFAULT '0',
+  PRIMARY KEY (ID)
+)
+/
+CREATE SEQUENCE SP_AUTH_SCRIPT_SEQ START WITH 1 INCREMENT BY 1 NOCACHE
+/
+CREATE OR REPLACE TRIGGER SP_AUTH_SCRIPT_TRIG
+  BEFORE INSERT
+  ON SP_AUTH_SCRIPT
+  REFERENCING NEW AS NEW
+  FOR EACH ROW
+  BEGIN
+    SELECT SP_AUTH_SCRIPT_SEQ.nextval
+    INTO :NEW.ID
+    FROM dual;
+  END;
+/
+CREATE TABLE IDN_OIDC_JTI (
+  JWT_ID VARCHAR(255) NOT NULL,
+  EXP_TIME TIMESTAMP NOT NULL,
+  TIME_CREATED TIMESTAMP DEFAULT CURRENT_TIMESTAMP NOT NULL,
+  PRIMARY KEY (JWT_ID))
+/
+
+CREATE TABLE IDN_OIDC_PROPERTY (
+  ID INTEGER NOT NULL,
+  TENANT_ID  INTEGER,
+  CONSUMER_KEY  VARCHAR(255) ,
+  PROPERTY_KEY  VARCHAR(255) NOT NULL,
+  PROPERTY_VALUE  VARCHAR(2047) ,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (CONSUMER_KEY) REFERENCES IDN_OAUTH_CONSUMER_APPS(CONSUMER_KEY) ON DELETE CASCADE)
+/
+CREATE SEQUENCE IDN_OIDC_PROPERTY_SEQ START WITH 1 INCREMENT BY 1 NOCACHE
+/
+CREATE OR REPLACE TRIGGER IDN_OIDC_PROPERTY_TRIG
+            BEFORE INSERT
+            ON IDN_OIDC_PROPERTY
+            REFERENCING NEW AS NEW
+            FOR EACH ROW
+               BEGIN
+                   SELECT IDN_OIDC_PROPERTY_SEQ.nextval INTO :NEW.ID FROM dual;
+               END;
+/
+
+CREATE TABLE IDN_OIDC_REQ_OBJECT_REFERENCE (
+  ID INTEGER,
+  CONSUMER_KEY_ID INTEGER ,
+  CODE_ID VARCHAR(255) ,
+  TOKEN_ID VARCHAR(255) ,
+  SESSION_DATA_KEY VARCHAR(255),
+  PRIMARY KEY (ID),
+  FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE,
+  FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE,
+  FOREIGN KEY (CODE_ID) REFERENCES IDN_OAUTH2_AUTHORIZATION_CODE(CODE_ID) ON DELETE CASCADE)
+/
+CREATE SEQUENCE IDN_OIDC_REQ_OBJECT_REF_SEQ START WITH 1 INCREMENT BY 1 NOCACHE
+/
+CREATE OR REPLACE TRIGGER IDN_OIDC_REQ_OBJ_REF_TRIG
+            BEFORE INSERT
+            ON IDN_OIDC_REQ_OBJECT_REFERENCE
+            REFERENCING NEW AS NEW
+            FOR EACH ROW
+               BEGIN
+                   SELECT IDN_OIDC_REQ_OBJECT_REF_SEQ.nextval INTO :NEW.ID FROM dual;
+               END;
+/
+
+CREATE TABLE IDN_OIDC_REQ_OBJECT_CLAIMS (
+  ID INTEGER,
+  REQ_OBJECT_ID INTEGER ,
+  CLAIM_ATTRIBUTE VARCHAR(255) ,
+  ESSENTIAL CHAR (1),
+  VALUE VARCHAR(255),
+  IS_USERINFO CHAR (1),
+  PRIMARY KEY (ID),
+  FOREIGN KEY (REQ_OBJECT_ID) REFERENCES IDN_OIDC_REQ_OBJECT_REFERENCE(ID) ON DELETE CASCADE)
+/
+CREATE SEQUENCE IDN_OIDC_REQ_OBJ_CLAIMS_SEQ START WITH 1 INCREMENT BY 1 NOCACHE
+/
+CREATE OR REPLACE TRIGGER IDN_OIDC_REQ_OBJ_CLAIMS_TRIG
+            BEFORE INSERT
+            ON IDN_OIDC_REQ_OBJECT_CLAIMS
+            REFERENCING NEW AS NEW
+            FOR EACH ROW
+               BEGIN
+                   SELECT IDN_OIDC_REQ_OBJ_CLAIMS_SEQ.nextval INTO :NEW.ID FROM dual;
+               END;
+/
+
+CREATE TABLE IDN_OIDC_REQ_OBJ_CLAIM_VALUES (
+  ID INTEGER,
+  REQ_OBJECT_CLAIMS_ID INTEGER,
+  CLAIM_VALUES VARCHAR(255),
+  PRIMARY KEY (ID),
+  FOREIGN KEY (REQ_OBJECT_CLAIMS_ID) REFERENCES IDN_OIDC_REQ_OBJECT_CLAIMS(ID) ON DELETE CASCADE)
+/
+CREATE SEQUENCE IDN_OIDC_REQ_OBJ_CLM_VAL_SEQ START WITH 1 INCREMENT BY 1 NOCACHE
+/
+CREATE OR REPLACE TRIGGER IDN_OIDC_REQ_OBJ_CLM_VAL_TRIG
+            BEFORE INSERT
+            ON IDN_OIDC_REQ_OBJ_CLAIM_VALUES
+            REFERENCING NEW AS NEW
+            FOR EACH ROW
+               BEGIN
+                   SELECT IDN_OIDC_REQ_OBJ_CLM_VAL_SEQ.nextval INTO :NEW.ID FROM dual;
+               END;
+/
+
+CREATE TABLE IDN_CERTIFICATE (
+            ID INTEGER,
+            NAME VARCHAR(100),
+            CERTIFICATE_IN_PEM BLOB,
+            TENANT_ID INTEGER DEFAULT 0,
+            PRIMARY KEY(ID),
+            CONSTRAINT CERTIFICATE_UNIQUE_KEY UNIQUE (NAME, TENANT_ID))
+/
+CREATE SEQUENCE IDN_CERTIFICATE_SEQUENCE START WITH 1 INCREMENT BY 1 NOCACHE
+/
+CREATE OR REPLACE TRIGGER IDN_CERTIFICATE_TRIGGER
+		    BEFORE INSERT
+            ON IDN_CERTIFICATE
+            REFERENCING NEW AS NEW
+            FOR EACH ROW
+            BEGIN
+                SELECT IDN_CERTIFICATE_SEQUENCE.nextval INTO :NEW.ID FROM dual;
+            END;
+/
\ No newline at end of file
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/identity/postgresql.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/identity/postgresql.sql
new file mode 100644
index 00000000..3d1c7507
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/identity/postgresql.sql
@@ -0,0 +1,97 @@
+DROP INDEX IF EXISTS IDX_AT;
+DROP INDEX IF EXISTS IDX_AUTHORIZATION_CODE;
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ALTER COLUMN REFRESH_TOKEN TYPE VARCHAR(2048);
+ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ALTER COLUMN ACCESS_TOKEN TYPE VARCHAR(2048);
+ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ALTER COLUMN AUTHORIZATION_CODE TYPE VARCHAR(2048);
+ALTER TABLE IDN_OAUTH_CONSUMER_APPS ALTER COLUMN CONSUMER_SECRET TYPE VARCHAR(2048);
+
+DROP TABLE IF EXISTS IDN_OAUTH2_SCOPE_VALIDATORS;
+CREATE TABLE IDN_OAUTH2_SCOPE_VALIDATORS (
+	APP_ID INTEGER NOT NULL,
+	SCOPE_VALIDATOR VARCHAR (128) NOT NULL,
+	PRIMARY KEY (APP_ID,SCOPE_VALIDATOR),
+	FOREIGN KEY (APP_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE
+);
+DROP TABLE IF EXISTS SP_AUTH_SCRIPT;
+DROP SEQUENCE IF EXISTS SP_AUTH_SCRIPT_SEQ;
+CREATE SEQUENCE SP_AUTH_SCRIPT_SEQ;
+CREATE TABLE SP_AUTH_SCRIPT (
+  ID         INTEGER      NOT NULL DEFAULT NEXTVAL('SP_AUTH_SCRIPT_SEQ'),
+  TENANT_ID  INTEGER      NOT NULL,
+  APP_ID     INTEGER      NOT NULL,
+  TYPE       VARCHAR(255) NOT NULL,
+  CONTENT    BYTEA                 DEFAULT NULL,
+  IS_ENABLED BOOLEAN               DEFAULT FALSE,
+  PRIMARY KEY (ID)
+);
+DROP TABLE IF EXISTS IDN_OIDC_JTI;
+CREATE TABLE IDN_OIDC_JTI (
+  JWT_ID VARCHAR(255) NOT NULL,
+  EXP_TIME TIMESTAMP NOT NULL,
+  TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
+  PRIMARY KEY (JWT_ID)
+);
+
+DROP TABLE IF EXISTS IDN_OIDC_PROPERTY;
+DROP SEQUENCE IF EXISTS IDN_OIDC_PROPERTY_SEQ;
+CREATE SEQUENCE IDN_OIDC_PROPERTY_SEQ;
+CREATE TABLE IDN_OIDC_PROPERTY (
+  ID INTEGER DEFAULT NEXTVAL('IDN_OIDC_PROPERTY_SEQ'),
+  TENANT_ID  INTEGER,
+  CONSUMER_KEY  VARCHAR(255) ,
+  PROPERTY_KEY  VARCHAR(255) NOT NULL,
+  PROPERTY_VALUE  VARCHAR(2047) ,
+  PRIMARY KEY (ID) ,
+  FOREIGN KEY (CONSUMER_KEY) REFERENCES IDN_OAUTH_CONSUMER_APPS(CONSUMER_KEY) ON DELETE CASCADE
+);
+DROP TABLE IF EXISTS IDN_OIDC_REQ_OBJECT_REFERENCE;
+DROP SEQUENCE IF EXISTS IDN_OIDC_REQUEST_OBJECT_REF_SEQ;
+CREATE SEQUENCE IDN_OIDC_REQUEST_OBJECT_REF_SEQ;
+CREATE TABLE IDN_OIDC_REQ_OBJECT_REFERENCE (
+  ID INTEGER DEFAULT NEXTVAL('IDN_OIDC_REQUEST_OBJECT_REF_SEQ'),
+  CONSUMER_KEY_ID INTEGER ,
+  CODE_ID VARCHAR(255) ,
+  TOKEN_ID VARCHAR(255) ,
+  SESSION_DATA_KEY VARCHAR(255),
+  PRIMARY KEY (ID),
+  FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE,
+  FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE,
+  FOREIGN KEY (CODE_ID) REFERENCES IDN_OAUTH2_AUTHORIZATION_CODE(CODE_ID) ON DELETE CASCADE
+);
+
+DROP TABLE IF EXISTS IDN_OIDC_REQ_OBJECT_CLAIMS;
+DROP SEQUENCE IF EXISTS IDN_OIDC_REQ_OBJECT_CLAIMS_SEQ;
+CREATE SEQUENCE IDN_OIDC_REQ_OBJECT_CLAIMS_SEQ;
+CREATE TABLE IDN_OIDC_REQ_OBJECT_CLAIMS (
+  ID INTEGER DEFAULT NEXTVAL('IDN_OIDC_REQ_OBJECT_CLAIMS_SEQ'),
+  REQ_OBJECT_ID INTEGER,
+  CLAIM_ATTRIBUTE VARCHAR(255) ,
+  ESSENTIAL BOOLEAN ,
+  VALUE VARCHAR(255) ,
+  IS_USERINFO BOOLEAN,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (REQ_OBJECT_ID) REFERENCES IDN_OIDC_REQ_OBJECT_REFERENCE (ID) ON DELETE CASCADE
+);
+
+DROP TABLE IF EXISTS IDN_OIDC_REQ_OBJ_CLAIM_VALUES;
+DROP SEQUENCE IF EXISTS IDN_OIDC_REQ_OBJECT_CLAIM_VALUES_SEQ;
+CREATE SEQUENCE IDN_OIDC_REQ_OBJECT_CLAIM_VALUES_SEQ;
+CREATE TABLE IDN_OIDC_REQ_OBJ_CLAIM_VALUES (
+  ID INTEGER DEFAULT NEXTVAL('IDN_OIDC_REQ_OBJECT_CLAIM_VALUES_SEQ'),
+  REQ_OBJECT_CLAIMS_ID INTEGER ,
+  CLAIM_VALUES VARCHAR(255) ,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (REQ_OBJECT_CLAIMS_ID) REFERENCES IDN_OIDC_REQ_OBJECT_CLAIMS(ID) ON DELETE CASCADE
+);
+
+DROP TABLE IF EXISTS IDN_CERTIFICATE;
+DROP SEQUENCE IF EXISTS IDN_CERTIFICATE_PK_SEQ;
+CREATE SEQUENCE IDN_CERTIFICATE_PK_SEQ;
+CREATE TABLE IDN_CERTIFICATE (
+            ID INTEGER DEFAULT NEXTVAL('IDN_CERTIFICATE_PK_SEQ'),
+            NAME VARCHAR(100),
+            CERTIFICATE_IN_PEM BYTEA,
+            TENANT_ID INTEGER DEFAULT 0,
+            CONSTRAINT CERTIFICATE_UNIQUE_KEY UNIQUE (NAME, TENANT_ID),
+            PRIMARY KEY (ID)
+);
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step2/identity/db2.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step2/identity/db2.sql
new file mode 100644
index 00000000..0bd0bb88
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step2/identity/db2.sql
@@ -0,0 +1,4 @@
+CREATE INDEX IDX_ATH ON IDN_OAUTH2_ACCESS_TOKEN(ACCESS_TOKEN_HASH)
+/
+CREATE INDEX IDX_AUTHORIZATION_CODE_HASH ON IDN_OAUTH2_AUTHORIZATION_CODE (AUTHORIZATION_CODE_HASH,CONSUMER_KEY_ID)
+/
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step2/identity/h2.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step2/identity/h2.sql
new file mode 100644
index 00000000..7f2f5cac
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step2/identity/h2.sql
@@ -0,0 +1,2 @@
+CREATE INDEX IDX_ATH ON IDN_OAUTH2_ACCESS_TOKEN(ACCESS_TOKEN_HASH);
+CREATE INDEX IDX_AUTHORIZATION_CODE_HASH ON IDN_OAUTH2_AUTHORIZATION_CODE (AUTHORIZATION_CODE_HASH,CONSUMER_KEY_ID);
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step2/identity/mssql.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step2/identity/mssql.sql
new file mode 100644
index 00000000..7f2f5cac
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step2/identity/mssql.sql
@@ -0,0 +1,2 @@
+CREATE INDEX IDX_ATH ON IDN_OAUTH2_ACCESS_TOKEN(ACCESS_TOKEN_HASH);
+CREATE INDEX IDX_AUTHORIZATION_CODE_HASH ON IDN_OAUTH2_AUTHORIZATION_CODE (AUTHORIZATION_CODE_HASH,CONSUMER_KEY_ID);
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step2/identity/mysql.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step2/identity/mysql.sql
new file mode 100644
index 00000000..7f2f5cac
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step2/identity/mysql.sql
@@ -0,0 +1,2 @@
+CREATE INDEX IDX_ATH ON IDN_OAUTH2_ACCESS_TOKEN(ACCESS_TOKEN_HASH);
+CREATE INDEX IDX_AUTHORIZATION_CODE_HASH ON IDN_OAUTH2_AUTHORIZATION_CODE (AUTHORIZATION_CODE_HASH,CONSUMER_KEY_ID);
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step2/identity/mysql5.7.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step2/identity/mysql5.7.sql
new file mode 100644
index 00000000..7f2f5cac
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step2/identity/mysql5.7.sql
@@ -0,0 +1,2 @@
+CREATE INDEX IDX_ATH ON IDN_OAUTH2_ACCESS_TOKEN(ACCESS_TOKEN_HASH);
+CREATE INDEX IDX_AUTHORIZATION_CODE_HASH ON IDN_OAUTH2_AUTHORIZATION_CODE (AUTHORIZATION_CODE_HASH,CONSUMER_KEY_ID);
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step2/identity/oracle.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step2/identity/oracle.sql
new file mode 100644
index 00000000..6f816a37
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step2/identity/oracle.sql
@@ -0,0 +1,4 @@
+CREATE INDEX IDX_ATH ON IDN_OAUTH2_ACCESS_TOKEN(ACCESS_TOKEN_HASH)
+/
+CREATE INDEX IDX_AUTHORIZATION_CODE_HASH ON IDN_OAUTH2_AUTHORIZATION_CODE (AUTHORIZATION_CODE_HASH,CONSUMER_KEY_ID)
+/
\ No newline at end of file
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step2/identity/postgresql.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step2/identity/postgresql.sql
new file mode 100644
index 00000000..7f2f5cac
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step2/identity/postgresql.sql
@@ -0,0 +1,2 @@
+CREATE INDEX IDX_ATH ON IDN_OAUTH2_ACCESS_TOKEN(ACCESS_TOKEN_HASH);
+CREATE INDEX IDX_AUTHORIZATION_CODE_HASH ON IDN_OAUTH2_AUTHORIZATION_CODE (AUTHORIZATION_CODE_HASH,CONSUMER_KEY_ID);
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/migration-config.yaml b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/migration-config.yaml
new file mode 100644
index 00000000..4dbeb167
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/migration-config.yaml
@@ -0,0 +1,212 @@
+migrationEnable: "true"
+
+currentVersion: "5.3.0"
+migrateVersion: "5.5.0"
+
+continueOnError: "true"
+batchUpdate: "true"
+ignoreForInactiveTenants: "true"
+
+migrateTenantRange: "false"
+migrationStartingTenantID: "0"
+migrationEndingTenantID: "0"
+
+versions:
+ -
+  version: "5.0.0-SP1"
+  migratorConfigs:
+   -
+    name: "SchemaMigrator"
+    order: 1
+    parameters:
+      location: "step1"
+      schema: "identity"
+ -
+  version: "5.1.0"
+  migratorConfigs:
+   -
+    name: "IdentityDataCleaner"
+    order: 1
+    parameters:
+      schema: "identity"
+   -
+    name: "SchemaMigrator"
+    order: 2
+    parameters:
+      location: "step1"
+      schema: "identity"
+   -
+    name: "SchemaMigrator"
+    order: 3
+    parameters:
+      location: "step1"
+      schema: "um"
+   -
+    name: "IdentityDataMigrator"
+    order: 4
+    parameters:
+      schema: "identity"
+   -
+    name: "UMDataMigrator"
+    order: 5
+    parameters:
+      schema: "um"
+   -
+    name: "RegistryDataMigrator"
+    order: 6
+    parameters:
+      schema: "um"
+
+
+ -
+  version: "5.2.0"
+  migratorConfigs:
+   -
+    name: "SchemaMigrator"
+    order: 1
+    parameters:
+      location: "step1"
+      schema: "identity"
+   -
+    name: "SchemaMigrator"
+    order: 2
+    parameters:
+      location: "step1"
+      schema: "um"
+
+
+ -
+  version: "5.3.0"
+  migratorConfigs:
+   -
+    name: "SchemaMigrator"
+    order: 1
+    parameters:
+      location: "step1"
+      schema: "identity"
+   -
+    name: "ClaimDataMigrator"
+    order: 2
+    parameters:
+      schema: "um"
+   -
+    name: "PermissionDataMigrator"
+    order: 3
+    parameters:
+      schema: "um"
+   -
+    name: "EmailTemplateDataMigrator"
+    order: 4
+    parameters:
+      schema: "identity"
+
+   -
+    name: "ChallengeQuestionDataMigrator"
+    order: 5
+    parameters:
+      schema: "identity"
+   -
+    name: "ResidentIdpMetadataMigrator"
+    order: 6
+    parameters:
+      schema: "identity"
+   -
+    name: "OIDCScopeDataMigrator"
+    order: 7
+    parameters:
+      schema: "identity"
+
+
+ -
+  version: "5.4.0"
+  migratorConfigs:
+   -
+    name: "PermissionMigrator"
+    order: 1
+    parameters:
+      schema: "um"
+   -
+    name: "SchemaMigrator"
+    order: 2
+    parameters:
+      location: "step1"
+      schema: "identity"
+   -
+    name: "SchemaMigrator"
+    order: 3
+    parameters:
+      location: "step1"
+      schema: "um"
+   -
+    name: "ClaimDataMigrator"
+    order: 4
+    parameters:
+      schema: "um"
+   -
+    name: "OAuthDataMigrator"
+    order: 5
+    parameters:
+      schema: "identity"
+   -
+    name: "SchemaMigrator"
+    order: 6
+    parameters:
+      location: "step2"
+      schema: "identity"
+
+
+ -
+  version: "5.5.0"
+  migratorConfigs:
+   -
+    name: "SchemaMigrator"
+    order: 1
+    parameters:
+      location: "step1"
+      schema: "identity"
+   -
+    name: "SchemaMigrator"
+    order: 2
+    parameters:
+      location: "step1"
+      schema: "consent"
+   -
+    name: "OAuthDataMigrator"
+    order: 3
+    parameters:
+      schema: "identity"
+   -
+    name: "BPSProfileDataMigrator"
+    order: 4
+    parameters:
+      schema: "identity"
+   -
+    name: "UserStorePasswordMigrator"
+    order: 5
+    parameters:
+      schema: "identity"
+   -
+    name: "SysLogPropertiesMigrator"
+    order: 6
+   -
+    name: "SchemaMigrator"
+    order: 7
+    parameters:
+      location: "step2"
+      schema: "identity"
+   -
+    name: "PolicySubscriberDataMigrator"
+    order: 8
+    parameters:
+      schema: "identity"
+   -
+    name: "KeyStorePasswordMigrator"
+    order: 9
+    parameters:
+      schema: "identity"
+   -
+    name: "SecurityPolicyPasswordMigrator"
+    order: 10
+    parameters:
+      schema: "identity"
+
diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/org.wso2.carbon.is.migration-5.5.0.jar b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/org.wso2.carbon.is.migration-5.5.0.jar
new file mode 100644
index 0000000000000000000000000000000000000000..7ae0b8c89445184f35737ba080dad6780d806a47
GIT binary patch
literal 204005
zcmbrlbC592@+CaBZQHi>jBVStZQHhO+qP}bJY(*AclX=h-5c?3#Kv|+{m~tLvMM_x
zPIgx1k(UAnK>>h(fB-;s6_)|{w+jUT1VBbqS&&vjR*YUoP*y@rR7sgmM(k%20H8)g
z#_os>p$Gfk55e0CaUl`MrV;LCex@`8U4pHA>!yGLO3V<2Fx6bVvFGO%H!-prUXkd8
zC=BFr`e-_feJJ6t|I%B?amaU$v4`|h$qA7e*L!y83-4?cIMygVBjiCtU;EG7f`)sp
zmk%gdmpk&N-Vpn#eN49BP6%}_+RNF|Vk88m?nV&HHo_<LL=ep`+LwRd>K>03YGQME
zR8b4rMy@fr6xP@K=l7x~ZRCw3A3qM<dAt(*0!^j$?U8>mrv=6VEu1bSbC%uk*!!2S
zi`Q#=Zxe5B!o3g0-<rke$~Zg+pmcu%Ss42lX(g01iijeZrgiG2XGV`w``Cafx5Q8u
z<c&4FRE4*3Gr?U`5Ok7bn4dxBM!fsn;?(-KT(&L>uxa`+6mo}p$yOHXYjT|K0|=mZ
z53Y{S1@C3_tr<9VP2Wrx>wLDQh>^)4pv;8DAZ>=B#B+Z#NExT*0z?rMopA;b00PEn
z9YniM)fV$mS^&sd89l=Z2bX*t5>TvjMngswSMxjW*^h}8AW);d3JoB|x`wOsL7>Dk
zo9^=_YcsctY1<bei#$_pi>4nZkO=~K0Y$1|X*_=xWv>|mz>1MSd9f!7FUzuF8M3AR
z!-*pnuSLCh2@L%h?B&W*gDzwM5+|k<-~yG<ni8+~kT4bu$ZM4NOVz&0Ny=={p=NR2
zw=&d>D$Qie0$R)@F_g-2vJQAxXh);xVi%n3{w%%PLmLkY#kGmuB8Ge!DiXRxqe^$l
zB6A?{&CLvEKIA+?($8h}A}l7Zi&-@@aJM;7I2O(iQ^y_L1Tn$@Oqn;chD<grCq8O*
zaSyr<i$U#L)9p5-nvK(#_<~Aqx(!;F)6`8oIdf$STC!e7`&sF!4<*v;tWLeSm36|j
zA6G3)X-%34{>m1I*`*t()mm(xQX~BaG^K!rtaeKaUIQjJF!pW&Ok(HJfH@al7Cb&N
z=qsZJDNI>jL*X;|F5p+MqGgO8YWLUCse&qc4c`)7EuKclo>)}McRQbOP~w&==V^D+
zF-_;1ORv$`Bg#i-*K)m{AQa1+JzC22m6tQZ@qpr;-Z0Z{lyX5_$q%OSI!^U2>G+=P
zuPQ+@A2Y&d#zS||AOVLqLm~+#JKV|=R%O!7cQKJSpu|K>i|vF))|D`^@I4CCwoc!y
z6?JCmxld`5dXJHBeYaG-&T0zJ72W{T(XWB0`7!f|<k-n&Z!z_KbjEu;(L3H(xYaJG
zE%fplu1gZ1T1uc+<a>R*Pk@~0(8mO4Wg4iQ0<J;)9vu+A!K^by7(K=ugy5MyEB-pp
zp#9z>{02@}uS~#SsipDWLsLe&tZBV!SD8g|+UPv|40C=YF11}bnjSQP@sqiP&+Y8b
zOXG_s)kAgEsb|iOXvynscgZw0c2|3<FP9H%9ujKL3bDQ<^L2jmof?|gd6;y8t`4P1
zzX0-5;1HqO%<$qM008$G0RP<o|FIF|Kg{&M*a-N)1OLTUK>w4l{tJloA2f#g??4ez
zc~MyrQCVRLQKc1LE2k}v#J#`N>S}6j54Z828?u9yHMD(+>qg|e;~B>MGJ+^H3#V4%
zlC4fIzu)ujLG%iZL|n|M86em(x1&`H=U|?^Q@$^Lb)LLeWTFbEXFo_<O4<A7k;HRj
z8K`@j@7r_LBr$jOX-RRMvcmj>N>^+#!jFi;F9@^_#-t>KvSt*Ie(`rn<PU+4{INLx
zTR;tU5Q=AnQDL!Ri;x3XX0qpVikjn9YIVEFjoMds6pd&LJ}CSmV5ojxCK|0SC?{!p
z)oXuw<hFJ14h{wc74VAT0<Lc~o;FPS+$dbaX0gxiQD-oa7u+`zQ|lgq8A+%oI_$eS
zoXO-kUk)i<o$b^5+LJ_CVC%W<cNd>d{0njk?)V~>wl$7@1?EL|iDVp-*HTFLZT#Dy
z?`?O~6h6i=Iedz|?UJ8%qLz-3uTW0Rap)D{&3foLisV*ZaKJN2fc<e_PEzHAav;vU
zU_ieC8=iCAisJzVZ8g$*!-`<KR>S1<YNnbV-masb53ZLs(u$<6KCT{4-XlbRa(uAz
zG{jn_3qfm={ZHmR2WTL(zZmz5So|WLuJ}3HWDgmli>9&S=uKX_MEB_%DK!&Kr86bx
zj2K)~L4y^K&-ZpHW^c%|x3Cb-434{*IXNWb*~bodG~sI4L|-_(B3<p!-jGS<-Kiy$
zn?*Bk7xlP_WT*~k9q-S=RkpxUcteWYV#e^p&?YQ&@=2LY#tCq;=lnQ!yVFem66)tR
zq5N!|_}RQkLub%@>2u*c$-Kmkm8qukgRURC7}n5L4}W^`XX4SDX852WPAtV%Y_8J2
za}eTJ6$^5$(Zreox|;tY<rg<e@+7|qcI=u@4QYfbU3oGR4o^{8FC3nFU@$D2DJ^n~
zUr^RwrDG+)q`QiLm<#i<0$le|J`KP_D|!SgXJ$2DqHJ!Eh*H9gluVWo#UDa=N!WqC
z-v}5R+>wbkgS=3muahgIbY8$(9CR1N9c_I9mNbt1ntlf?MT>7@arr2@hMzKwj9u-L
z^;iDfF)1p5u!szi^hQ;vE7LRaJ5EwI^_!^Z7Fo!T10`#vNWI*Dm*Vwu_I2lt8ALWM
zXC*);DrV3Uk%#l5#A`6Qw9Iv%yl7~}6R317CnbczbIgJiL4f^K7sM<kOn^8`O?()e
zu&pFbIY|{h0PU^hQAY%NKByuV`)d<RT(OLJNEO11?<^7OyAYC<Ydr|cBoAc*l_Aq>
zs3ZnEJSVSAzdcY*;|!|Y0bSLjS@{=kP<11Xt|+104q<IWF2JiEq%zdz78W}Q)L*ry
z6~`nQAPXx!{Ux6oEOsC*jzZ&ua5?ff2@-rvZ{DBgB68^{UJ88X6D9NwU-G(o9$EP0
zW!*&3-|RSt$Q)e?Ni$<X<pSi{c^Rh(!k>swyw<osSP(?2tKw}`)x(g;ur$m$B!xR9
zA)&%ppf6jk$UCXv*O1>F7J2$OetL48(}X(~NJ4}%1DtHs;?Lq%>UO5+VZbJHM!FJ2
z8_$<f=>J811im`|@FvA_?|;ijPlVwe!0&E<3VUe&1#0Jt8lNPV@Cj5<xxZ?PI^wkw
zVYoVa#JzB4pg0PjMze^k)_|b?eJuOMf%^;`0RelaA*bSWZ85_pwS3zon#yKcnD4$|
z$>+xk5@FT=69FehQO_37J+{ni{~62rXnQy-a1mM)>^{T?#fx&OQgkCBnh4@;0x;i#
zD{k6_l&e%jGD&)#EV$IQ?g>AaugKK!ahpt_U{u4@Nu)8pfr-U*EmymOU+n{R%ypqu
z(s?dd!+8H4THtcx%xg(8WSUiq9)ENdn*xow`dlfY_+^C2js|Mih{bzOyfM(&`0^*t
zE)=lH%1_~~nP(e$9JTh$tE=VnYm}Y);pqDE_HlW+80GqKw#><mv+K>q_v_&##~*o&
zVCNk;)1<vWOr*J1Q2{%y=^ihdp!+?U>UIN#g+hZ|y-M8li%Z<jD(bWl`n`TcXMKo<
zLWW;({OfVKw@Mc;1EAImmHeG3>m<E;v-)7j<<qFk|Mt$KdmPFtGJ{n=m<K?B+q^$h
zTIYr4;dZR1=5s)MGLLzEr@XT2UWki6qkpV95+*Zn*<rBPb$HQ7K~6qce!#2YYpheo
zQ0e~GS1p0Fr&Vrf;&Jv4sV4zsbbmP*r=!c~xPv;!I~mg7zn62J>H;Ppoa@m@{lkP)
zJj16()7U+z=x#-AIq9Fe*<M(Saok#8h?iucV@fcd_?WI#jFhkaG2~LKpdeU*88B}w
zIeOfQ2uu^zjcDml=cS5ls0V|+4H9%2<IE*ykSRO~#cm&o2Jm!lHpI40k}ZXgDz=Di
z!=@AGoGjvG%Rt7a->Na20@@Gdh5Qs>2go_y9E(rZ5(N$W3RC8A9M+ITx_%_ZonRV8
z`6;Iu;0NTdTTmJbY{H`9-b{pPo<5A2fJm=sj1GF8RLjg{`5qfx;0t{XHCqzb`TWw~
zKOUAskbASI!3C8$XeQv!^3=%=24^|k#!PQ5h#BGnQcc~o+Geez@|`XFm0hgk$Jch4
zey%bTLdu8^<WW!AjWpbqI%2FF87`ENe}QFEA^i;MII$<cBXoG08J4*iE!0j_sGLXw
zm%-P#<dIyR>rm4mLasL0@s#kiAwp^TEu=JkG%wu2SGGtRlMM4+jck!B%HOpjer^vB
zdv!A~$GBn9cmQH8-63{kaD+C9RzdnZK1d;yl|bWor#o3_?DZqP2pI@h9+!8BV<*lr
z)AgAOq@|Lj0K@4fS7(c}5q@0=X`*wfz*5qGuNOjjZXQBe?#jC>gdnz|sk$z2s@af%
ztNI+22ok`OZ9~SB>h{VDeckon@#~WKhm^KO-&7oFe3?;^Rc)>Yv<PhrBY66MgES6Q
z(9-y@Hu2OP!M$yymML0^TXhjN@m{?!qA#j?iylVRad5|=)${Z6Y2X<&ipQk#s!L%g
z<tW1c5T=J9MTa{Fh+E9}bs^Iea$I*^eD4dWmqE`g&?J(1g|J#wjQa~(OfBX~v~SaJ
zVEn)=8VCk9P9Ml}%REmB+TbpqM07@)(Zv&x??oAC9k@M^G)Yd_lH!>7h$N3H^xe^f
zeGioP@q3%W@4|_(t}lrue-hd%0f48N%p-l=xkLKwKEWQfMWFq*+!wtqu)^NM=;Re(
z!+_l{;p3?411ot#M+1z?yyIB?%KX~j+uE<M6%(WegjcI6{jtqZKC&C{mkRt1_%Zm^
zx1aZOvzJe0|1;|4<s-OquPqxkE3abXXPz{O71@c(?PQMiVTEFGnly+rUifE-{l%Wa
zT}_Y08PY5^2*h<`E49i*5gVR*(%jmz%CTazik=jci(=+mOXR~oGKu5wUko<v%~Z7<
zz4WzWdGO*BmhmM0f?Av_6lz|^^oTy2m4s|1eo|r8Zm|`M3`tQu82FnX^W}MYiCaub
za`VuRy#7p4bmpm5X6>R0Bp$+9M0eyGmG*HG?4(045w7!rELBn4%~q;MDdKl7+|>L+
z?%@sZ9K5Qt#8K-Bzuz2K*e;!d!z0s>sJKSGicEeCoXsFNa8xCI(n90NcW7%>Te0YX
zq8WKHM?3Z35X-gCogaO3c!?Eul&nK7m`@%Kts?mp2`XS<nFD_fi>KD!d6YSQ&Ni?t
zqOj6E7<UIdFgtOFPgq#)p<SX9K02EyWKLs##qOJ+N@jBknClB;oJia64I)vi7^9Q!
z#*^#1g@h^dYy?r?Mu=Rg*x0e<dQC*JwCtLwv?=NRUjZdganxurR3ppm8Skp(!&D@7
zY#?yU(1#m;eVkjhCnSKf%s{<M{FHK18hWE*m#Clt2r$ChHD8jb9~L3b)=D;1)}?A@
z^mt1H!X)i?<xNxE1%v$a#s(d9hml}=q_vC+QWcK!6p7GL7U3?!_h=f^@pStTqC)oa
z7V^>wLMa<+Z{noN&zy%rA5X)PQN`kB6G78;4HaX;$J?ycxgVNGC#Jc4fYhAWK(~vc
zO*W#Tq6R4;ettgSXCvO*sE0GTeWZf!k&3aLyg78_%P-~_^m?|Z#r3Yfm?aB%$91=5
z4V=hQuf}U|u=yYTKK}DQ$~&2bK*_8hXL5DqO4E$;&72}}-6+FX%VNT|G##HI_hPoA
zkyXnYD-S_1H%7QG9{775p14TelN8<4$oSOUlh2Xw?i<fkKW?rbV?iJ$>P)c7G^E{N
zFP;)_NM98A3}AficNMB4@AWeCzBqcj%y~XjLESjCUbKbK;u=KQ`d%Rp|F^05zvyan
zGiJ|iBM|WB32JBTAz&NYl6FYLNxI=oi%Y@59f&p=jC0^aZ3)GJ2<3JRb$FMnV<v?B
z3+1>00k4HW27U}Q>r`V=<qIC86woq<qPx)dFrYot_XQoX`1YQn>P$@J@ler~wj}=q
z21JXfHJ-VunSJh6TXV|0m-f+S2Id*sF@Y8-eB%>!Vht=&FY=Zlmk!AKjAQBq>ut?s
zAKmuXxC2hLAy)kN6{zGLo_LfXSG~RsbWw%sN)Kgrb{IS|lk^cYAL5`91hG})N$Hr!
zrWAl-S%%9vLbp=TA@TTSR>1ns9v4b`CKwyj%k>@qqGrz$SJFbmim}p~CF~nmUF0sR
z<pa2r6t*}*?MEzG5-WJ-?29sEU(l{}L+53zH!A+tQQYG!bdU2R0C-(TtB4|FOhryn
zkQZU{y?$5lCJA2_EyLyEMl2MvnTn(Ey)<JA@4AbFc$)XP(lRWp(Dsj2*i;HM4d_G-
zL^if+NaRMFuRpp3LQ#b%<C<vYvSL0$JE}yZ;h&I4YIOVulnrMm2a^jopyhuinYDv9
z@gW(Pm3~I-WEK5mPDdEGgq5avDr4Ecf4k(;wOdLQ{nw*N*uq7DCU5H3e5>bEEUz31
z2fv+9Z`a#q&$OlRh=82hu6g`S7(MrDr>coV|0s3EAI|@uO#gsW-cCA1ztEW_%Y)@+
z&ejXIz1<{YiXtknhS5Z{PUgog$l?KB9zSmQWTB$tEo;xh*V)-jw^{{tDG)r^p8~I$
ze%7l1nb(IKQ<oulKoc0g-R#p9i!Yzbk#6ENqBp}la%_)N;Pr*CUk0^-9G?L=o+QSQ
zF%TJ00gtJ-*LscSoFKKL-om814xLcZj5ewt06w%zG|sA7VSq<ZxKbm%tkt=|5(8$T
zHN6s<R)wnX&V?ECkWT|>Vys092H+-bzb2xfXGWQOFgASXr}GnL*YaRF6W5Df5V+ig
zzd49Q%XB*jYEiP^iHk3r|Cy`7s%t`w1v^xnT^RfUe-EzqWnwQp@Z0uqaq<&#_>(%)
z#nhKo4W78$x7D<+m-dSYs0zwnkaQ)L)S;=?PlAErYl&i`qcq<O1;j#YVIJ)qM<LLH
zXLng7g}>6S7!Bn<Y(Fhci}$=@GIwTxblz0U`Q_W!`Gu80r_4ol#0Z0SEG!Cu@_QKB
zS2&Ye7$JFz8R3MPa!=>;RsZDaM@~E26^H)52kJ~OhrZC`%?y-0ydXN#`kgC{LbLvC
z*LZ(1Y#&^_op<Q`C=z;>fj43SBnvqFlvON2_gOMMbj=@}V1es-JI|}3l+UDq8YvH2
zUGeuRdDbW{dn}hrP(Ue^Dp5VIO4mR|b4|6jaTPHjBHn=>s?2~Bh#}mpIMP(?0$`r_
zi0U9E<U$$b>e?A)IaZcnDQ}oixSB<TWmD3(VI=~>FEN{Cxsp(F%4V{R$Jll9b7W?r
zQ+n^joY(dlW`+FEmoZtD@Qz-b-5ZO{aBo{Ih~$Gy&G0-<N}E!E_YiWpsL4wd^??!V
z@@%R(VMy3CTCc1h+!~^Yir5KRvyx!H<Kf}QI9KLOI1#v48@hPKXTIe&>FD`P5)7Y5
zCiM?hRPYkI?ybs^b3%dH{R3zSWQO_pl1%6L@)xi}85bH>n53JVC*{<lk?M+c_ZBAs
z!`qRbHn0%r@Lz(}q0x?Wk1fAI-cDfiza#qJh111Z7s`R|P7O_3k7I*>FSyA1<**&&
z=cl{Q3}PE$DNSKb!$9n6r=Er}fdPLeuU%m)an`0hCyB}~>}FEAZzo!p25ymCd@QWu
zsC3f<rkAs1wleHlwr&J5a9D@gqrMROw9$z~dj-{-?CCy1#ZMM?`>+PsoFFEANe5fh
zU+Kz!zz*yMdQ1tKxQSuYjr#H#Gqvl@x!x6MaB4dZgxaxcO+mKRLYfSC|8OafRp<Ej
zT28I9z^T=X5O5iuakr4cW~7{Bm1LOCpQ@6>qDx_Jy73w$EzT$m;##y#p{mzJxVpZi
z2SphJKyHT$^(D;~V-e!$sWP@%n4(WFFf?I26-}qWGuaxpDP_-+;fUeVNXSUAt?AR9
zWN<niuCVI5)&w-qPaKPNZO23g!N?*n@-)Phn?G8*a&y>2h)%W?(#O#@0yl?ucdWil
zwUbDbD!!|X(Y13CCJ`76xAm6t!AajRJrU!}`WCCIpR{nnDIm-Tq3#hk8dE<>-?ub3
zA*h;P%TvUTsNgr>?B%Q-Lhen=XJ2k%f1MjWiH|Cj@F%q$l0nEgkI=*Sd#%VrAy^*n
zzwB#uvbx~zkBNevm7I*niR>p&$Is8veFFa(VW#k!Y@8y7Q;45VnAu?@k;NkWNXZ?#
zv>JnEuqIRK2Jx)F*F}cCJ~t>(#J_g##ymTBFt;Rh;F)=BuU7-z(ij3l2THuvhb_Tl
zqU!nvKu*bmlF8ysvbKayyEM)X_sB@ukhaAwI1JDPupXA{F?;#lu|%IcB$~n}eW*Wa
z<<=2$o_t*nN|#oxRNGx7Nl)*`>ks8P-bqT3y!v_SiI9LheC#t7h26iN$x%hwhBeS>
zz?EyAda;fbimV~d75T<YSt*6PsRSm&|MJ>ne0<_~8{-(hj`w`ln27wCO`X4l<LtVL
zMb|XiB6I4@ad_2+r0O5#dnmeK<3#4*KA5El%^QCw)I<S>*46WE@7-RS!fJ*HZ5)V;
z6vYakeFU6Mafb(2=>LMp-jMTK3Z$iydpXsDK7#K}iR3ofM+1g{NW!C!ir&F)7OB8T
zeg-N%2+r$H)Og1^A#u7lMm(&WwT-?0D|hF$c)~KgizDibrs**)Z<Mm3kj0V6)9I2h
z<E@2Y>=f8uT19a7D%^(DI4cSY=hOIOfapOVhK56G?cq-&cnrz!$x(n^Rb{*ybqGQG
z%)Ia`$Y86EX)1c}bbX?4gm<Xp<@*u9!>?oF5(SwFSbE;pDBLjLCE(jMOFYNOYT{x9
zg**c8^HbTb6w<rS45Z=!3`^3*j7fQxybbTl;O2uOJEpQt<!7pIHuvPvYS5qpZ`1E^
zO6{F<Q1!I8o8ux-?*}LQS*!sgGwPFYy?;?y=E^ppu&C;*KKQJ_9G$vDq_Kmys*S?D
zZO=!gnAAdICVxX;4{F&PqcwFRs2(h-@*~X^4(EeB7Jxsaxr&sL<diD7S>8&HxiC%_
zdqh)puIq-JSUZY@dTaeusd_Nu`0RL(9F)2BKwN_g6J7Txr_VB~0oyH#uk$fwv*OuI
z=AME|{2f3e+QCIEBGHl%;vSiQ3<S)RvLv@lGt{H^ajUj%Eq|~-CpWd>>lNAX3=4`l
z>)XV4Nby{gg%Xwo!22!6!ok#6vb5egxS<El|7RNP&BHMavb&Co0FAOzXM#kHml3aZ
zO$ro#pO|?Ty{&E4gl}b2VF6R|qh0pM{x?<y#z$E;@_sZuKaTD*Wfx`g4OHm<(azm)
z)l)hN|6YXI@1JBpeQur{0xFOQ^vY{m0R8L!OWozmrjPJ~ff^~LZ=HN*u^KOxIzezE
z&b5dklYqVtl*S^HH9mlXk?0pNQBIziGD(v3#xh$AcwkZMd1zCjn5Ppcrw!lC-u`Ug
zDIj<N*KZlpR9^ng`PS5)uRjfhERn6+PDC;K&hW|2yuiqgtHQCcq|$H<%CbPElk2Bw
zX0VZTu*&jg%Bpgdn~A+~d6HNc96W*clEQ#PGnM?;6YQO<I99?ZW0AH<-UPH3O7%$c
zhsDStgL_AIo7B#5-vk$@lly!{s&*$f8&RVrG2j_*X8aM&1kKX6-4Qz$4gt_wE@B%s
z(H^8-3(OC&(O@l`uB4QITOJKXj`;Jsa`~2%FYdP9m2q|CEs7N@!KEpFAfEux5_v(G
z;3}kFb(4=aUjdCve~d`OFZwKL3pWAXxA9q+!yhEIT1USu$f5~b$}MJ2Q$Q`n#4sOw
zcr{~O+T{BqalFwiM?23ZbY_2-gSI5r%>~pF^vslCi++$@{dsuQ4)_eFI@Rsv9sTg<
z@cgskSu|T)y#lOW=O|*ZJRSUsg;fX`;JH4*=eIuL!3DJqHM_0`TynKfFS~l;<S6GA
znsH+EBy3t@MoIyKnoR<z%+I8JrC>)$wxQDZ;6?*Gs9h$1L?29_6qzT?6b%$NQR*<?
zasmh?<#nB1v+(Ql@A|{(Y4WpLb^^<;w_N#g#I?_Y#l#cd5CL1ScO9tjq7+7uR>LkR
z-9?qx87N!-)|U#MFKp{1xOUAw7Q}b=HLLx@Gm@(WhDp+L-mE<|5PCq)SQkOu$W)G1
z;8%AjfyKEtw8H9oNs|ok9}1WJzd9CJHpm4}YFo7L5{t&cF&16Tu@mEvf_k(OMrTz&
zJRc&jSaaW)vgoT5+j#_4V=!^7r4oNLPho0rX}5i)mo&{xfoXl5pUKfqbyzfYb<jiA
zIgo12A0JJ7Wlkxuz+v_#y6|A6D-=MU=vb*2`xLvs&c>RGmVN=%XdnV+@{qpfvd>?5
zoy3`pU$R6ul7Rq+%#(PW1svk_LQs|s==OnH715TP=zk8t0a*uMAOOCaz-3o(fIk<k
z?u67_3>Lt&Y)CACv_)1^?n)e9l216M&wnyD&WBw(yt$?p7xeQ@ZMk9=Se)v%vO7%3
z8nm<-E$UXH)<OBjek(T3s-UhD&__^$yn^FyB6uV>*jq)VHhw<+kPG7@q=0A3M3j-+
ze<?D1e7j!#G^gXrjGU{K-rpJ@b`4wze6$LZi_)btvhnh?*#V^Nj#h~>WV?r1b%zOe
zv%2uo?t*zqhk!Y1nhAX-4P1yk6161thkJL3D$;03dSOd=Javha%i2TSYQ}7O$$z^;
zRa{5_qQ}(6;m7+s>Xa8F#|=HpOetrxkKrV23-fN5Fb?o8*lvJkqc~gEhv*KI`0NL(
zqaM(`Slo>S#~Jl;kvC!7l3xZTl&_uRM(f%VqEaQG`Sv=nhfHlM89ecgPy#e~t*|-{
z1T-wU);{8;ou(+eyYAMt>ZTP9;;uTpFU(S1M{un7J!E(gZCDA58Z%iTyBXUO-PXLl
zZqL7>`D)e^#{k(F%W|;H@0Y!M^X-$$cawi1Q=ES~A|Ux!&0mewysDcQuFFkyh-|oO
z2)G4KaU!1}Q5^I#6D4fahS8S;s6H^qC20ks@-G6DtT@c;EBun~G+F15Kx5Dku;wRl
zd_c&J;@9>Dl4Kti?ES%ZBK6U`_LihW${9V?dVYG`jl~v3`n1IC6j4m<!Pq_c#4vS}
zPPC2N$Vr_3Ik?jvAw=L#9n1_09Zi9dTn&p=cox*|s+frLxae-^Q1e^H*u!9PXCiz8
zR@bm!F2~SZ=Xp*><4zXQNwXkBus&mMP82GbzUD5O9}7$=4lM4fD=RxgOVc`)V_cD5
zc7%!bTeT>Lw475Rj`4MPzMBkXk!K&dYc#Pxb&gnLET)?(H~h0DaTAR>IR*Q2nsE2v
zZ`UZ0?oU3G^vs<N;OzAHnak;((q3|Xyz4W<FoMAbpbIkRNB3v7t$}qGJt=w=yeTRy
zgqNH6Y67AR;swffA}|uKtwRU^UW4`uUgJz!ZvbiyD^DBK%AoU>br%1xP_AXtpOgDh
zK@6VvLo5a&%`W0tDBvfmQmWB&s@`V7PVUuV9UTOmiJ;=G#)-Sr$w>(|=xAL^K;&*C
z2^^2zLulR9x>;RPaLi_v1XJQTyy9*}lo1$Q=p&480g9bQ8Zs0MF9n9T*-t*P3h<>R
z*N_9q?wb?BCTH42{!vK`A?&umL51771ULoav=v3INd1_VA}N(pbTZCI&zJBX(O5D-
zr#wgB&ae9;E}7WDKAwsNr+8OldY2h}sQ|&ySkjjOidFuuu-UI}NkbBkZ@fwqPmRQ&
zwY+8FtCKcWc$0e_s|1b^C4~u~yXUcu-Bh#5_v#*&)23KbhXCKNbDsh)eGx2njFA1p
z{R5W0M&(;^!J8AHd0Z(l!_YulXu!jez!$~*ecY%6tTN-86C14@X^zd8K?F{&)G>}f
z7H~VpU614cJb6Um>`WaqBqFl&eSyiPEs|WIEqXSyr(KFd*?)_Z<F_KJLqF0)<_uCh
zLsHG<>f@&56XnR^wdqo0s<wg%F*$FS*y+Yk14Yc2IPLcrq~AAAV-=2lnLcULc}?N}
zf*C9vyY?<(?A&>2Zk}Gn5Kh%#e?%x(NT%N>A&($MrVIs7nvDzgH{xa5A-3wvYFhd2
z7num?K@BjTKz5c+-|bk=Iy7+@(h}%;EJ%X#csi;-Ft-8OgEnI|GqhVP(9`*ldWCzE
zig@#Vj_pCF;AS}C$->v`l8a_)-imp>Gw6S9sKi8+twXAfC3oHLrao|I-r9TMo!mQU
zWjB?^GE(pR;C~8gnGw#sSh2sBw(*qECUdesD`M~BQ`Az}OEiAz^0IU(TR2q;>j<KN
zz53_aO~2CPxT5(Gad?wl&F^$p`HN=%fI0|)Lojl;&^ehT*cnYQzt+v5tY5wELZ#3v
zWZ%wHl)|Mfs`O1^gf1s0Mj^`oFgjXrb9lfGJw!R}I}$hyYQ-S?xN(-V%d}Z664FTO
z<cfm`)%^?K%ez<<!~tW0Q|4OEHPn+N4J{mKEg};L(T(6GdZK(%CgLN}?y?jF?f}(R
zGB%iklSUBkTUWV2_0BchW4!Uhie?6p=?GR{+bZK??GiU0GurO<&Q*-hC@o)WO&B^0
zoozBRuBB`7;h#UeNQpiSE*S5*%C~Da(*$yqM(EW)-$4fjyf`pnIyBMepq*n3o<vK`
zWrv2Fkf2Uccbdf8Hb+Yq>^V1D$af5RPqrHSZQ@lyhjD1{IDb0kW{H5*vdCt6GIwaZ
zxyAn+8iPc1wt4SS?%K8}@pUYi36GxZEGq7KN_g+&U+d;Bwk0xNG-*i3IR=LLsdV2w
ziqCnjX8s9Jji!9<sonSp9O4+u?sC0pNbO2KYz!DP?7D8hwFg;CUT&V!O^C}5bYk0T
zvNK-N*t?OOHOB3R54$^J(Vk(`ZszSK&A-t|)#x;8lcowFT|t<29OGftRWs#GmdSsr
z@=ztbQi%`?REAkLb^VsyPyn}#&GeH`^l}>Z1`*x?ZftdNr-8m#L<{5(iD2`ik`g%a
zq~tx!Ub6Hgn_4{>LA~iq<$oAh*hzxV)(N#?vv*hA_+dYmx9jgZi=R`{I}igr-H^<(
z8SqoP+H3LgMC4j-KB*%F$v7)fZXk@+*mXVCoyljkbDJ?~Xw4fU5G;ukqK|1=<@zfL
z2Mr~@7Ckv2ZuBz#_Ym~m3)AZrRqedxV#HBBlUSeG<sQjYbC`h}a6p@$8;+*&Q98cN
z_pOTlj~>t6x}}~v?<eKU{<>onzUFw(y_(#uQo@n}CvI+&U~n5H)Prz#s;Fw1v{izL
z{AX7TG&?D)>7$42@0I|-N$y4qj`7(t>`CSWsO}y#pBg(cC3f-rg(-%6is6=cvsKFd
zBIwN4c7yBT?dD>QR<SMBRNA6QNWZnPp=nr623spRjFR4YC+yC&(l1+^ehDM3tD>*x
zXRC>Uy1bKSFJ=5s?49rKrerPbX9%m#+H+m13*e(LG+j@6qZEQk83*5%BlLYf1^KaP
zPd(g2wu>$G=?v;!l))>^56Bf=#HM{T>S@~goXcoiMZL;{9w)LZ6<E$E>)Pklqb>tb
zcXn!@wMiArn#UZ<RO31(T<5kym8NW4+Ml9_))*GuRgini+3zi=9s8>#{bJOoLF0Ux
zKxcvO0S(z4z{wdR^1O8w)@ND}eSl++M<n&~vOljmp;%kBOK+>>SJjoVO{^&aSO-X|
zi_n%N$^aU0mWdwKwm}ay8Gj<D8E0pA0*|Tcd-EaHU0E+A>f$(S)E*|7Ll2HaV)zy-
z9JPdNofEw@yls1t7y7M6a)+gkoU$}szrjS;wA&ObH?75{_iMu-M2R$=K;^&9%LmN6
zpu3)7Y7!REuK^wA&{Zc9d6krbW~308%@}5CmW;m4fy$_rtg?`Y?&@>3K6G4igwN`w
z{A5P2K7xinXwtx9Y&r1HM5rT}Pn23i!C_zFtFpg_L<QVI0qVM&s+g$oGl%HdT(H~g
zoTIG~09k8oXu<-aO~?o5y%|k?Q<DG}T4PHK@CTwiEJSN~6mwSu;~O?9Mf;W8wa}Qa
zkT9JqD6NPPv$RdV>vgeQvNWqi6`Xs$IUPB?NM_iX;fVBTA!wLwh+tAaNuiE$4y*R9
zZ(1@#=bUVa;1ga+C4t%QfwH5DUB=>~P4+~nc&?;Spm+^iZLOMgG3@Ox$rAI+YF){}
z5XWBsDG@X|*pN`EbKYXEW-tJP!&+hOzup!iNp2`M_-1;B+%0&A>+O3|7<yEi!P=YM
z=lzr*FzXZ;-glDm;@YFa#Pp^AYAk0lt?@-)aK+%~X)-8S=bh4d1F2^M`T7#+o$`5E
zfj#*==_uihal({MkQqmHf3f_{LDFqM&*xn!HSJc)luP&N*fFf9tgIpac$Z$n5Zw^*
z9{uYk^5Yf#C`!e~v6$LmNvdj#nHg!a+RMCt7mW>Z<|hVvp{=sA1jk9eOSzN_>5wGN
zeshKFTQ56s5ROZwjD4n|IK6+$Fg(XzuCbXyOe*EUl{rP-ZfkVGa8bwLQoY~K5bid9
zm$r0N_23Cpwj`mh+rZ{1-Q+y{*oW@kpb_>Jb#h%UJei`H;<&AERawu(ijn5rq{x1~
zaxNtEQpAQk3vgF{A%W*1GU!SD6A2J=>e34}xc-p+ikocV=_?ob*uisybX%&fGGkT$
z22ny`<Kwm>-ZlU!*?Fm@5#}6+O%LeK>V#$g=Q|$J@Weq}HGj3ZBo7!^Zw5c;D!ir6
zCK^gK5?u#2eDl<M({{Q{>$Yap3-BFDeaoF7U)s4H0IZFh|CL=cALH!)OSw}G<IvE7
z|4ELQDSt--aOiM!cQxdm7iM2q?`Ha+Jma6`L2X-#UN4hBTA+8>MU8(vq1MIRmH7LE
z|F3?#0tW)<Co%wl9B{yY+UWkje!Kr{n?v~bwmE4DVNqEn(H%`Kr>#*`-`Bcz$5JH=
zu+khB3+%IqhU3s0VGEHCTe74u(t3h6u=;U2g2?Y@-n5>8Vq>=tRhd#&iR+D~v&Wpf
z>=EdPjy_TPsT`y`mkO>jU7o+k{K+nx&WBg;S3+Mhu0_q@56@R?dpsTH>@eS1YIQH4
z-`b08PDX8YSi6%wo&nHzb$7m+Q6ra<-8~vQw0CLjRW0srPUL*mb<hrOK3;B4&j+-=
zI`c|uQ_tT!k74j{u#j(-bhXMg+`Rsdwm*Yb%zw!<A={E<h&4&M8T%!`O|;03)gl(1
zQR|Re8VsE)5mcX7m5n0w&~;Jxv@F=wdoUlo2y@EqrBotj1gljhgnEJASEILb-el9U
z_{`mBlZ~o657g<6<WQ(({OUcsu!A?;CZXgZ(Jl`NjybNQSAI*syR)6BLvwIItUFtf
z&|I}V$F~TT1Z+%*YbBl{kc`5>Np4c&NhKgP{W147=tuj3bp>m1>|nugt1X}iYoPG4
z6g&Hu_S=lq1{xQeYc9G;e)HF_48|PYhdSKNXf77wTG<g8Cn^^X2L3S9n~42!I26)*
zRBTdf1$foCN1`g={&6D&BbJ1e9Xsnr`H7&>7p3OzP&wz>UW+-IrB)69mR)!l_-w8t
z+2}BN!773*);6CH-ac~e{3Fp)JCNDaNE+Gu_VRp3Z@~?GYA^&Yc(e~z&-DSYZJYv)
zBzP?5q93dnL`}ZP%$qdj$95#G-LLtTmZNj38}>U-2H%OLkc#Tz?GAW}*t`OV3fQA{
zg9FMlf=Le8aYC}ZTCW93330K4_eaxCrKURM<jG0~?KfDfxpdK<MM47=r@E^Va{?tk
zxR5!>+_}oZ?Y@Zlxqj^4v6+yg1n4Skn^;g6hF?DTtM1vg`H8!|L;=%#+xiEzz`nBc
z8tx0X-N>4P-_lC+tzmltt{DyzNMV7~TQStX&<^Xj0Zp;qLtLAYH$Tn6Sz0_x*GLFc
zaTebRIsw4Uzm6Pyb^%)UqyPLy9`4Mxii&o`{`{|zAIr-UB*pcC)MC0l1Tk%i|Lq{7
zAyECrSA(VoU_6ib&bSQnBmYnd&;kl@eKKFN@o<R0tv;AL#~`*A6yB<_DkqG(*0_+M
z7X2X*Tt1%3*3fJ{LO$+bHu_;wRIgh7Ut$s^qnES^D7DE;@cP3bBy$9I?pT2Bqi)!*
ziyo3zL3wXtT&}tz<!XEQXy0(WQL638?U0W8y$i>*06-2ae=L9ui<KZUHA9pj3-4SA
zP&76+Zy?0o84orO1ND>SAaTMgsr6}=WR!YoI~VY-?2j*$IAGb8q$m2}hWGAghRmKj
z@$Nb-)fUCEFXf(Q6iRb+F0ra=OSpLO9df2^utLzI;-s2R7}+%dk=9gF)Ci)ggoSc)
z$pV+;ilntYqU293zty8LP6Q>kEqbhZa_#aG1$Y#;2gniolML~A<8`)XC|^IxcOt1s
zK!v^jRT+O9c3S{$9(Ryk!3ELGBu_q6bK=1VWKG0w>66<H%LHUp5tB{4BcG!Fbk_7k
zi^oTk72WB>3{zdSwNHqtdU4ix|5X4C^z)DyYl_$xv^5tIzR_7NJ$<xeF|`SK^Rj^w
zW5Um_!wp502I@WFA1N+CqDwGzb^%I3P1QysR7Y_3^3@XrI94}hbs@>hgda#(epNnG
z>IAD3F?uG93=u(7n`UhLZAWM26N|Cb`^Ba4xM24RmWna`;0q05o<Rlex~YX|xWu-U
z7i6J4nQIDpx|63?;_EPZ5&Q&$IWeNZ6>HF!RHC_+_iL7rxHlIb*YW;2#oTTG@VJ|W
zQbX`bYm{MRc`;FOILWimViM=eHpIiS0UIgcms7`>V0I~fu)?~t!#eRQ`>nQzw*ZZZ
z=kbx1vC9opGN~q<6jWu21Wa*)VE@_S!*Fx}&R`{=p{o^uRLBGH`88#)80{kF9jV9e
zAmpR5w0_TPG;DIG_!)b54K2_-7KAQvC8GE|Wv9L0gV2JlK-736-q8ohMN*EtG1zKQ
zYN7m>m|%gpJ^xv4OI)9$2+`fP6Bd3$#)Ok3+__|@K{VHSd}i<+Nsygi;5+SprWN>f
z{dq^20HT1vSnNWng})licYr$J2HfxY;U}OW<#B8-F+A{*{+0l~?|y&^(YWi3h~PX5
zFV*q-WZ5t>{d`belf8EJJ1n>yIn~kYCo0s~6$86p)~+1&M356T*bYrW*DkV}G8-CN
z0(tWb6u6dpxo_yVNSpdglzNDOKmG|Ks&Z4Y=)u4aVOLeO<#Qx<mDziSakUUFwsfhi
zAN(&uaPd$^TwEseTB?G!q(9OGXV|Y%%JoETt)m@j#tb}S7GlS8Uzj}fqQtMZ%fNUo
z3R-kP`VINshai8--*EaBWb{XJ>{^ntnK;i7Vo|>qkd#0frAJB=FesGF#e7PG#fVSR
z={*8e99;TQMDIe>6X+0Hp?YBk&}*O<>*cC3pn5Z+xKrdpPn%t+;UPC-6(H>8!EKob
zip<pUIzTLlt=WLa6>tcP0)E*Wh~&0R=?>%wG!irknZ%)LR4HE^ZLrQG+IzvTJ&`Z3
zL%NTXVi7E~meE&^e1W$s55gfdIiF*82!C>LlofqAZb^E}n6O^9jlCZC$rLQEi|YN(
z3SvhP0$&8(Fvz!gJFUHf+c6d?khNZEF@+nlFJ?_zn^b^F)DhjCRtJ^b0I+cJ>9#m*
z(}4>6VWd_X?iX|jXjGv*loApkp%w^BviPy%2xiZnU@G3y(y@!o;sqyFLLq3CF?q-`
zlbC1WD(oL5WTl>$%~wbRRiFCozUEh&R%X5*Z=PWi?;Hrcj5gnS;~mXDk2g{T`!l3D
z8))9Ckx@0}Ao-F}pVKMNmo=J*C?vA~ni}$yBQo6!o<oeJt+OIK?GBpVNDhE8VUgmt
zD!nJ~(o1YW4MVW`ATK8iju~GW7f2{~n7O?1f&Z0=Kk?wj6@b(s&mKtZkU_my?rj*U
zNHN*>+(@2!1v9Hw#y5dNgg6J-&>)ysrGJPIJI{hUbDC!$ZjeXHod3jiGYHo!GoAgC
zIS$ae;5ZJ#BVw%^moL41+a?<3k~aO@U_D+r=%;n<_82~046@P_(o2F2)!GaE=h&>!
z7itV!rKHo+8rUXBL>d6?_BW6_jxh!XClo_Jv}r<QiRwHf9en+P<7b^gZbvJdRpF8<
zymhfY7qWk0pV|o&>fvl$Wi%mMY?aHP!wkb4>n5jz$&hhFC!u1_T&cLZqC$g*XCd-<
zsUuyI1io#y)I%a5X{%BKHMSbtY(k`jF_z3IW4!{$1qeCJTWTh@4{~3ZwLyR#9iOYb
zFgCjs&!9-r=u--*2|AHuj{~P^+&VoarXd$chqN?~8xP(w{nF;~;;-LQrbnizr77SL
zQF^E9!Artg-L!wy;SKCcTFgNy%#y3r4Q?u;;!KP@Ty`aj9*6;!G2H_;W7j?)r8;A)
zh}QW9#XUTqa5=G3T;()Du0K20aAi%icb)UL*ISoAKOhPi&>;dEGoB8n&};yun=5f}
z=qtLVwB8_VsI`MF8YZl4PqI&cM(-~K*E_~(nD9JUjBs%=+e+o0*o|FWeLnX+WU8|x
zC5rFT;WLXRuqxQD!XRJ|wc%1g(q_`T^?2z%yB_RpGC=Ec-r1ofw`I=#Vk;VcfM1{v
z93y05Wfm}d{j!HqREoZTxA=@yW+3W>0pF{R;xmxTNWp+ZR3?AS(Nu&Jy+bW%Jik`;
zh$AmDKh5ft3&ZW$$#)z({_V)v$j*+TOJBEcR94rQ=Fe%4dbKZ_pI&XP|E+m1pzrWS
zxfJ<AFtrLBnGB|glOm@5C4dZFMkE%I7gU4(^ykU<=M_+OuV;sLPnTBhkLUN&^JOmr
zzs_FIH)6B)SG{*%_iu*K`Oc%SOV8;VIGXP0%^@7l%fa`d?6z-vSC59CQ_IQLAebGR
zz%L%#iu08KJM%WG><}oAnT#Flq7#=r>_SMK{1@r)%xMXajWZkvA|88xi)--pY%*8t
z1kB}6Zc1sxyXch#^HjrY8mBiL*@);}%l3IF-CUZw2k3mBEdj4OnD@$jJ+gDKEH`#b
za25?jJ|RA)v*nh#zFtWu&7qAOBj(BI#GKjDcVGn2>=Skmq0pa68wWhZJKDii;NF1!
zbJs6#Uj|RvNpLumz$q*l?9T{*4%Jpi?wo_8%X>)yPtN{lsJqpsEi-Wnf>!Soe~?hK
zPItny5U}9U4D9omBg-kbQ}q#}no+HzBeAq<PO)grckCSxGt>4=IT*U!9%OjUg9hv&
zz%JI(%`37zT;IS#>kr+-WCYHE@W?eq_M#I@k}S__q>ch2_fr{!ZqWYynVSJ@YVd#{
zhj5T@cZ4&OVS~<UJQkhA)t_hBaR9sEd&eO3In4VVZ5qjHNb?Z??)JY#sFyU9e7EtP
za!b!|jrSW@t^Gn%IgC7@B@$=HjX9>Z{acoz?m+T?uqJDjy~A_I^6|dmP~0kS?pG37
z5R97G1l<hSV)BF#?L0#2gQnB!H1~PZ>3jPY0R@eM9*Q=M$cJl;Sui%3k+Wz2*fl%L
zxMCx5w)LSE5Z3-;1+WZITu4ci?-Y`V$R!ohz<fz#c#-Ka^BD~~^(NU|nrBI_%-7yS
z>5r~tEOa!}5-Jd^Eksi0{IOcH$;iV2CKFbRouPtPh+67+INhHR<C+Jgjkm^{_~MHi
zjb;<m;qb3hQ&U%)>jC@IM{jF)kZ{7kmk({B2@vjiUq^pjcY9!0Jju69I<WVRPDk-&
zg|cKJl)nPjI4XqA7hEBh!1b<KRq6-?1wz6d^aEx`i7Ik>ou+4o_-4*@P_;t{f?QB}
z_t7ZpNk>;J{TlYxE09_w_;yDJ>T<PQ%9W3f04eZLgxAYGKI!Vp9@TLO=YJOWK$M*6
zsS02ZgvJI(U;bvnPYz2VJLkA9kW6TF(i&xMiXZ9FuDMhGGzqm64<>^{mmT29(k=#*
zYfzKE>-~|YCocoRgL`+>b28Xtg)>)77}k6OXIIUMv1oEg5B~P4@+IUMl>4Wxx^MA_
zPrS0)EHhLtp$~zI?mpmc_T=Q1g6N4D0z|v_>y2mLednDmIiFEXxtN2<<=a$viHQ?)
zBSauo7~*xV$MFNN{nOIt8%ep8RBv!T?-1`NhZ!X)W?6R6eo!jtE1(SH?N_`H_<^jc
zCMB~RAu!t<b{GbyW-AuKUH~$m#(B){<=sN!@apzS`!D)0;J-@s=H|mt8+ZT!U7CNF
z#{Flh{?7~lC5@AnQ~sw|XPs?;0%AlEUGVKSl%&m$u|VNQw5C<9kCl)HvLYjC0{h)H
z8MtHx-vzA=@HCQHT_!h^jM=4BCXQg%Zuho=Qjn*1S+{86KQ!vL@b{92l`>)18c4oj
z;ohr%km{_!%lUnah;lPGZor!xSvMKwZ-30*@eItOP?Q~-_abj%(ku+61?-3amk;5l
zAP`~ytT6AN@n72w|0y>9-+Zt!a5b@||38WR{u7S<@1Nj*!0jB(=-iy_nCL8={;y1N
z{GUzzFSAAlj)r!&|5&H9u`qKqaJI1fzgx1{|HC}?b~beOj&}AYj?NY)PBO7mP(cg`
z0C(?^pm$M{Ac#EZ@Fig{;D*{upk0tw*GG3*yPi1#29?N=6;sXqUjgNSI*vcG?Te#!
z+3*@{l3R%C(k`(;=y?UV1r0$r;9G;vJ%U>7Jsyd-I40NiLz^Hme=<`a)VyyRM0aDB
zrmOzG<9n4kB^y2r6nG~Gz61R$%yX<ZGXej&l>E>5uQ0#6{O_7_{{Kg(-EFK_)NPcu
zI1qkv^%~MHz|Rpl?boufEf*yMW=&$jLi-)Q%f}-X8c5X=C75z{?fO!#yZiR70t)cN
z?=Kf_o9Gi&gYU#FfL^t+3yu|h@>s6=NtF`f9~8bnE`^WcKDtzCze*O$0l%QfsIaXN
z_cYfHy6oq-e|_L>J<q`B6QcWPYg#r85MaWDnOH9UDRA$ExFz-%XBh1#VAo!Gh-5R=
z+{rM~LjS~1g<I9P;cQ}>ys5-q5A1<*a}da^JNSEYD)0GRxkRhLQQ`(Eqd5*KL@+QQ
zK!Wob@-z{UFr=79<R>~{KzUukrdaY|z9~~F_(&njIf#YY1$mIjbCcfYar#x5-SEIA
z0@(yM%|2MPxorxZE_tjm9gO;)>NyrH-2Gsfhc08>5FZ4?30mYgoN}0^6!9$&8gjk#
zmj~b~&h+GpV^oRqw?Q{#A&dY_12cFk3-#;-$=1Q$ZS~07%~^F^Xn%Y7`hc?EOij7I
zRyu74{gvY2yUTU1<vP>x{sg$WC4Z}0;@tp_O%N9LPPRA$Mna{lG~p{4dk2aLpc2oB
zW@bcy=}B^sHG*pxOiVgQG1e{{Z2!V4#_-^c5DzI?ol@0yD#e1OnUJoU%hu=zN<A&t
zEhQ>>)t)6kI{Y%a$F}Gkd>J1~KvZg`U)JNj&EMFD|9N*`9g3i|fv~8qLd!N8E_fJZ
z9^t8i8r4TOG%gfczvl?NdseMEjij7rXj^Qxl;<<3R>^fKM3bdiO=2)$K%CWA)?&<`
zE|eE37hHE3s$<@vP!1iyF=ngNeyL$UhP4PCICcS>=MfCMdk1Z4qZJA~Bv+ywkPjUg
zv_BAHcqnj}Q5jBh{BG?YGN>o0qUC0ANm1BQL*gZ?2ycn|ti;A(a{XgOQ>=<lO?nX9
zFQVue?mpTOPJ+BW{mzCOXEvCUpB90Q75Mol@>%>`yxds^DfRol9c*SebRGQanjfCB
z%``72Mb1>kGH%YYHkm43osO@Rh1{0(VAV($t3za@c3KasW;^oO!bp@X3kTCY^RZyj
zZEwJ-a+vhp;XM^PpK)eB=vdX12Nd`ElB22<51s5=`hq5l(oHv>W!L$sNBokefQXc`
zjioS^kNC3?*Xd?9ZhkGBllLf(@>mYtsN{37Gc_){!YUQ-*qo&22=t`^(ueKbX(Z&X
zelA&%@Dr+wO~}bhD*3Zo$i9f{zmfKiQIdE``f!)gW!tvRF59+kv&*(^+cvvwyRy(_
zb*W2l_0H_h?C<P<X7{|GGQZq7CvU`!cp~D7$l83Wd(QByuU`%L(Z^n!XvQ4)*`$o2
zPYUdZ0S)+A*TPY3?#<^K4)hE#8?JT+-Si9T-a{Ifb`q6=k$(38JmLb?Nzzg9Os|P2
zY=>8bbQLa`A*?}WH&hw6Ro%WOdHj&Rw`L8EIuR`lYX=isdrpP^4ryM8-w|HoOE8*U
z^Pc;v$D1BZs8t2&2_T5a!#d_dd7I5D$JSCR?yD~W#&%f`s5vP*n-W^JJt^##On_Hf
zm}NnHWo^MdkO;b_HaAv}y;>)&xXU$Hiy@tnjzQWrMbG5u;A|G9byc%sX&O`VrH!@k
z>$*NVI7IH$#A`azlAv?SBd=OMwHe{J3Hz72=?QIwH5r=z-o0av4$^d<CMzBKjs;Fo
zN+K^KblF|H4E6PdPakmYMyb;9yI|BxC$XX7bi?NB_W*%4mNsFP7G!Xh2}T}FsSN0r
zpzpZgXAo@X0~>Cs466-7)tAG_;psR(4)-E&4L8h}-a-C&T45u4`M1w``5d%=_OySE
zh=1ng<&?xE{$qQ`|0R?n{qsQ^6K4Zw4||h;89`D0GI5XhKT7ydQFNa^JUYHxc8~#K
z^pPjn1<A-pzoLKyH!Ol{7OoGZZQ1~i)YUjQBc*gy29luupk(3X@uN=LdRm8C7K6w`
zZ6Lb~%zyeRB#U<M-lS7=u!M@scq$d|uC!?}qgk8@{q9+JfZHjTniVGS*IdG{{)%`7
z=0e%Ax6>WZLapD6Jfe6x_->V3zAqC~UzO9vm2mJZ1!bVd6yfG}qzVV;xFr-^jR$`c
z%Sipi2wKpwbZYcVRzndEoC7^AWr}qEj*{2Iy^Jx&HAV5eScUxX*8l(l3vHVPXeXuo
zSpPmz+a&n+qnyeE*dI-GpO2~oJ}+Y*=wE3H<)5$1$;gq`-rB{?;$MS_zg{{1|3k*7
zI15`-yZ^XzMH#t42AJ+EHR1L|23d2<P7ov{2s#*FffUbSBK+jUmh&BeEA0j-(m~Sd
z%oXnjWlQdMI39%oOtE&Q7A3)|x{<l$^TTg<C;C<ugF-tazqmwwZ}Cjy@}w)yR_y9f
z19?W)G9p$_Nh{g2oUybTO(;GvF}58V8iNP8Q$^EL0q9?NmMoYl0t`7<lcgajS4pf*
zv4RGQc-Tzo-Bf3B>88IWfPK#Toa})i&!i>4$LaqN=;yd^^3o09&cmbSp)oD)nKh?u
z5qRd{mL{*VtWPOmuX!o8nnQX}>V*IxX-gpB__;$cSRr5>FI5dSV$tG9y@`|?#Wlq1
z3s$DqyS64VMLk;L90A%an@#cO@(<N~j2W90&lwku^qxDKzLpB3`xc#Zug2cdDIKZi
z8_52oFH!qhi7#Ib?eng@bo%v=PD7Wje1$&s8TPq(;vYEYulo3JPr%8<(bdApM99v@
z-p<y<*4gPl)R8dr`2=7_uDl{B+>l0~WNh37zU}t~_k$RhtI-_hW;L1E#dbE=5t96%
ztmprDC6#S{yOxC!z%(j5)ZCH;>K{Q9Qk!U98O`)+x1qxJi2(XG7I05!*HEn4lbXP$
z84D;gyp$I?{Y6>LSq%}wSfc@@iz>#ZhhqDwj&)76Q^8MlXtIF)QODz?l2MG?IM(`T
z9s_kOZu)?3vdfPm%<q=|e4N)fJWxR{WXJpj7|`+zvb+~Lsk?CI0$<@HHOlEdNg|-i
zaLhuVt5l%0D8T{0zjyQqBjNZxO&ORXeQH7as5PAiFX}CLvr&9aysm6%Lb+2*Qe(u4
z1#ZFtt6EbkzCdWA^x?<UtYrP@tn4GjO0f?I`R{9HR;}7!OTw8d#l8FzjlV(vTzrAy
z>k94X#jF3fi~p<J`}B)nJ|X(Q^jCj9^T$>GIrAr5_&*)|(<A+_gMZ5h{!izT|A+Jc
z$7}`ne-`n-OG%Lb;<#D<oiJeoX9FcW7e^x#83S7bGZRNTBWnXEr)G61ZyXiOk6z=%
zbXzi;1`->PChNc?7Kz5D6lzMKgqDN`iP)lGRguz6i3XF{I%X-YYPEi<(l9hFVF8hd
zGVzF}XfQ1WEfJKP0T2}Wu3@bTk=I`K#>}mAGL%KVOpnpW?kk_i$8MirJGpN-ej)|i
zvB_=QvCx|Y{Osd1UM!m|!2mCpO>O_jy*Edv(9L#{L5PC@2v@@u6kpqWz$brtfR7}#
zbz%+I(X}+oM}1K2wQTsFi;rrw^WfO%)~OZWWL3xit3zx|?27|E-`*(sO*!;tsGQoa
zZ`6-NJXrXjPf^DEf>3Lf2DveBj=U9nja+czRiOvR2DrHk4)UXf{Cu%u&fbDCdW$!t
zu%WCtb2lcqdN%-R9!>w+eMVfpg&P-6AMHW*SM$+(RCnN=#cNvJo#ks>+?`||KFaX#
zwZJ>0@UKsVIrBG7A^6Yr+EfOdzEuEBT>cwC=~H@0?$@UmnbC8Z5+y__eNXp7kK%St
zV?D&Lv}2d8P#7mq2{>J+;!FlwP~>j4EGalBkRgfX{c)Vuq9IlCB$%<tjKV+kSr{>(
z$sr^vJ<msMnGN7HDgBuj>t$RW4JZst*hrA`%WxyaAe2gw4-LnjkV%w!I5NVxF1p$b
zwl#tD%o=jFrN4?HtIBcp^h@5SV;gQl1tlUfw=7GG9IkJmymsbYPy3FexU|IGBpvG5
z1$Qu8JC76u(Qo0@ha4vGJZ0sV(aNu#rNvKlP8o<~^NEF`lwmYw)dXFnL6zqO!`|uk
zL?x5NR{~-}#w?1m&1n{;mPV&qJdoEKHdP^kqetbUd=rv0f!Wz8_Vd#uDj&EgvE24w
zfP>qBS?ArU6-`M@51}~*hm%=6)q<T=bTWlVXF#2Yh0$o>T^$D_DC$D=7=ST7uyTss
zCb&C!u#dMZw91v4mTVTjm&S0K#bTz~;ySR!f{6}9Nr@ey#x$?(-IK#>QF2>ys}fnU
z149%9N*SqY?<Q^9Gq8&#-XMI`{!Ed-ol9}c_acd#@$cm1{&>e@jVc!$q)!I|ttbkz
z>ToitOxDT{-m?@&$)ui2q6Mj|?nCcFfFFjyWyee6cTeJSg1dXbw|Ghp(Nju{Bxa<i
zdApREC}7$yL3ekHMETLjRmE;!{A!(;TUn=@_tqOJ1!C0~G~1<&#oA^O1_Meer@)Nn
zgS>>61l@v4-`_SG6|#fzMC)rtK)2QgnhM?2)n&hQ?FI6^&k6iJjN;y4SMI6NUq#(!
zmp%;ZXL4ijxCXxJ!qTXih!_{vS!xSp%p9EPg+9><XgF5%*Z~qwo;3J-Nbkf9KMW7O
zopxv;_<Q(w#<oPN5*8fhYvA|lJrSWVGoQI0p>Q~vB<vmlQ6Z!-3Xm%MWqw!MAf_*3
zm$aK24P31x;q4?0d9s3k)vCBADq)3hp@(M`>wNs@`YF6AO{sHFe^W7OfbD84MnM)d
zdIpP!&0HP2dXm+UIE{tW3#X7O;y}Fh>O#UdbdG%S0R)bn;<PB?`EnFantlA>rsDZV
zZMpc<JE{9>A22KlW<#FVM9jQ2L(u7T@$;;Oa>IhJG+q|ZWX6PI(lW{zKhd3YP9{>F
zooi@*IEIv=D1nJGJ+q_*BK@)tu#J)M(xkjLiO8CBnK*K%;Sf;O3h+^lSc?|pNk9BV
z6K27R2Oe?5X^u8f86Y6aVho1GIEijBMaYtz!iOTjF1B=s(M-9TY>kbmnujGXPGmE@
zR3uD9ZjR*0cnuVAoYVGJ;@PV0MjXkT;(X`UqAGz&Nox)?BbYsgSj=sN6~fJZAe?ho
z$>IAN`bgcc_={M$IF8ULR_U@_CTol3auqWOKs@C3in`UeSv%C}RY)Nmf{S$^6w7p7
z4QW(42<OfuhHDQ3Txf}^{2mR^R0!iiS;>$i31br~c`(%T8tAFs;5wpOMN5{jj5?FE
zL()Qv;mE8G352p}ji9nR3)S}BM2WStd6sNHX4`Aq_OT3G7M;#+JR`)2$d5F($Wqt?
zbEs>`WEq9!Ck<j5Q&iQg<KDB!nx4DWbl)$qB}v)avmdJ@unTx@Z8au6C4H}kbIfm3
zLj=<2St6xuTTgE{$#P*}M>pP~&8>&FKou4kYSsBG-Dow|7gm;9V@Ov!h-^mAp)O78
zsWld4BC@GHJw1Y+j;`yHf1;=H8>s0N$(Un@=H~N5^<0uLQ&rQtE@?jY$6F0zVp@!{
zE=Q%_j3@qX5PHKVqBIRQmIP~#8kBXLDouY(i_i4Y3MrrPfE5WxSFs;08i|-ESCqca
zui3U9xkd`<x-BT$&{!HLPe-4!&DSdI(0f)sYr#?4pBHfop0>{dYW27;q?j!xvFMmq
zv_kKlL6?CcImv5i(gNft<q!^v6o{pZS2)P<q^`4gy-u&uS4JFmgGBHu#a=P6Djjyj
zKE5j4yq*@wzA4rgEJS8eUDnSRO%zaWoER4_e3w|nbX4hWBjhni=Z6C~?t3g}QKD-!
z@>JKqlnN>}Yum2{NKCb_GZ{I|=tO=f5@@lhy|qN5jq@(39@H~ELz&8LZ^TP;wIniy
zqLwkYY8d&+4TW&xz@p+2z{?=t<z<l}(^|Fda<db=+urMGK7ouHyU9Lf3PqoV0r0y^
zWptTR(h*H7Xqz}=E0Ge8yR#V=TJC&GSLwCW0->uw<wKC3UjbFZeD8~^r6b6P$jOCz
zJuIBEghBKMkX<R2xZ26~Jk1XHpdXS?YUBJnw$iXyf*u0c!Mebg(wKXQ_!aiR^wh&=
z?&fsiKxU4Q);~EQz^6&Q85uPd0@)@<Jj%qlb>*r~x=KQ%wL{qB;OK|2QMt)JD&%j8
z;BP!y1bvBo=PyDJ>)mq<5z5v;J`k1h1cp0&81VdZ&t8)A5>m?#pxO`)e-d<)M%Ypc
zqlUxi$B8E_LTV%rEwf*U9O6kIy3v<h1Z+QHDsNrcsvg^dcTFKXvRhs9`!%>g$V>5+
zK$xBnOA{?!42Qqi&kMR#8=JGS_|g+G>y!;UW`#t~g)yisMBmjDRiZco%D+vAAdrrh
zG?-i1$iT8Wo&r?Ukq#W?;=FhSRasFb6(|O7uK61|KDx__@WFlxmCi=$ir{Ms=*|$8
z8okzz-}Xklj*dLRE2|w}>k)mwvbWJxoss&<y-!X=^EpsH2E5l-Rq~cry_(gEUy75j
zWU5~XIS#Ki@K%;;`&^-rr5aE&m^RN6(GJ|{V9~m1XO1`ArAXJg*f6GZw4WUx%U(*3
zuD*4uG|QC>Ji||csvgy8n%XG<<aT%XoC18gT&X3Lu0^jp!3^E5l@{w}X{EvEbqKAk
zR<rA3lF*wW(WIuN?e!t_-sJu6oXWp-D96n)kY{Ixq8+tx^5w$WPqgEP!P>4{#^cQo
zt9AgkE&N4pPvbQMke$UFE4l{&^sehf65Qk*!-*--XNW+S-j&POE^7_DI>4@=+qWbh
zUm`t*Bii|dU1x8`1Bmw-Z#W*|9b72@SBBl=35bp+jPbDgWQ`-%znz$g9f3wgoDW?c
zxBaOp<T8-fqD(^(9Y{&T=Bfdb4begH$hLR6gWv6ly|ELLY%#8g&cO$4iOx+2Y>!`M
zyPzKTr&c4Y-68Gz3*D*lj-O<5yrHj#m{(<ew56iEuzUMipRj8RRk!^MSINBHOK0nK
zq=%aqXFH!sdPFA&Toy-`3Ucb&gIJN#h^&DOjvah~Y*8j|@aoan!&mmY4T){hBw{GL
z<gAD3Zd^C1S^%z=w`>lyd?c>BaF$M?tHD}BIzc-^Pd-7h2tA?Kp-}um+53nCaL5lB
z2C>KwpaybI?=YlE?far7KN%{QOvKAb$jl_Bv(C4t7CW<^Da=f-%)w(DJiL;IhN;QF
zr+4dUbn&irlk@QCkYUk_C5PcJz^S=&o(85l!CYV|Dsi!_@?vFa+9mk<H%A0&tKtQl
zQxCbvqbD~S-*8AcfXJ`Xk0)fT<?d$X@UrhoOcxuKd(*oze@}6;d-SD&q}hyA3(btt
zH`R}i8ZlMLH<7eUf$BQ>GOdly!EHaym&F~ijO5HNwb+7JFg;T+omw`9ce)Q_IrBQm
zktlwA(|^V7=ZY3~r!|3fHg3$<l?NJXzZY2cIka3?6>;bfmn@F)wAYtlJN#{dkA|0{
zK=KvtT)0$ChHenX_o^5pSAYKlrE=V-DvG#l5U&Lio~h%Z(I3NP;Tj?Gaj+^rbd|!}
z|K>>qt($&M3Jze2lYjL+-MLqGTyL0;CuHNAb#ux+9*<2RQKeqh#*if?E`gi+@LAOQ
zXi|*IsV?|NRTQtrY|@4_H}WTx-CkADWA^as#yE0oe1en-I%juOJjLN!_CkZS*c#)a
zmHP`L%dHnmZ9dqJLb}>zi^=5ZhEzA56@N<fJ}VQV-Y){+h5(%YCIL0|(;A6&V`FU~
z--Lr6G1uH77Vq4ZcR#8ZLX`*SmM<%a9TLe~uQd@{az1$cY9?FdDPHs0s`!15>reX(
z*nV|q<Xa-ILw7+rBhOPtw(^bG&DA{ua#ra>iF66|ui7ns$7ZzO(O4m00~DTU%zD4E
zGHbvRd!zYEP4X9jeJ6U~@z|%g-g%EGp0uyLh9}*&%&8b#uMajWzLyL)D(hy-DN}s7
zp|n<W&)!;In#>A#q*X~t?XJI`mRwpa_ysn(RHrl8NmslTldoyyiK~<{Eu3i)e@r<A
zoa`U*rhfBf0nSU#f-L{wj(UP_H$Hf?T@~!o<!>EI-ThGHN7yf4gbDt+9P-!1lI`Cm
zmNNg@LKCvK_^gmf*w|bDEw$`cv$0oJ!}OK?^lYy5NhP3?);IEz5|Cp=^5)3WUo9x=
zGh-7FXhbHqI>|fHZ7;XBz1Z<p%Au)zmBFgn%2ei3c2*f-T}K>7ZeqW`Rs*7#?>|2;
zU<Ofgo!suAU`v=;6SHbxdS+hUauWG_KRS0nRzq7A%|`^F12N_YozCh&MiVe(jX+10
zFovOcz1hN#7dXPv=Q)CBPWJA=by@7Wf?+efcxk%FNe#|qbnTR(jVMSI78?uYrb!%B
z?X*Dv67HIKls-u;Gg6+|B#2mH2^3b($lzp3X#-9Esj%LHdCT`-ftk)Af}>O#&I`s@
z-=Es9f-!w5IdlmV@4xB*-$UTegm;Y1&2v%3{k*x8-0i6Xl>6Vh%YqTBP9I7LEw|FT
zEkfgT*W!^C6d*&NhYw4KyyryOfN}0ja2S|wQi7@;*e~$+o;u(jiueFXQv+aGi_aZ}
zlcJHSAfG+_WeFO&_J2Zy+k{?t8Nu0XH*;A9(<~s%9c*+dJ}K->RSN9ZH<!yB5bu^G
z`)QCznHxVuu^O0+#{*1%K~Z97+54MwGz5qrf(=Q$&rwFBdaf82iAMPIm-E)#>)?f+
z%zM+oRU_EjN7J2?J$Y6b<X*H&GM4z$V?8DKJAvzlJGm!7k;k28H>gP5F#z?_#POJS
zF5yVRz8v<cis4kx2D*iNg)YwtW4j`54yj$MARjyQ3sbv7XPrJleuwd%8d|x5%_suX
zW4V#>mePL=NNG4tkhgrS4se<tYQ4eb8Xl_De7xHC0=}@iZRtxHzJ?P6I=iu7o5M8T
ze`zz`XY%d4O^BzLd6mcS3XuZ$HQpa>Bbe<fb5@tY;XHz1qN2j2oVg{!L{N`^beS}-
zqpq@Bn|_mHAg=pNGXXG$J_u_@ZSX&k2Lrth<aduJTuIPL;VbnA>XUKm2O1lcMlgA<
zgf3xU7l&r9L&9^7Qp5Fj6A)tGW7WGItY-1as^yP-VqNRO$Ab%+wAovj<>`}E%4lns
zGo3M6IZuQ|dU3`ISOs&(8%j$g$Cr&|F%t5HVo+4_4%%30og_ovIYPygzXfO_h8G=+
zHLPdc&OZeDozsOwWn|K6e6BJswXVdWI*FC=<T<vqn6jpe2P7}$tzd)t&eBNv>nRGd
zY!QZPo5b@dQ>pHZKO;*vpoVgd0QgkKD}Oj{)(P$UcP91pwTQSOE~_pIdyz-IDoPx3
zOTQwirO#N|41@cc?60^d(poB<>tDi5nId<A(8{rqXPDx{Dt~T03F=l0p*`yd_Tm>V
zL|v`x+N#f{!}}!?F~nEi!Jh>56<3x(M_xfs`zxE#?A&}u%h};ODR0k8C1?UWZRTss
zQmv_KFChB43sSRz8ZcjMcM9^TcnD%wM$2MxI9l;F++&nA*%_^?-DB<1gZ^xy%RCsw
zG6DgLK8I~eiB2UGn8K4n9yvx2u9B*%sM=Y`r%-FsDpt+VYa%=M>Y(gF?!pQBgtF1T
z+gwnT>6Y3Uxcc$Zca)PstZd!;X;FMrE%u~^>KcKRrne(pJO8H_7o0tQxaM!wg$4^s
z(b`nKkU9ra{H^{Fv-Uj*5>VvvGBT%OAeClx9QjgbF+-E>;FlUX*lZ(i)tNcsl&R|l
znR^tB<MZv}pS*OPCTeHh+j*<gq0Y>pnolc5dcfYcD~?lYz@x60Oj%&Z9obg`+Q$Xp
zxHxA3p|Kf14Z=QK?+E6dBIBC5$!0s`NrFhu&<yJh8p~P&hc|X{mc=arAK3TaN=}To
zPSbdtS+TSI!Ut?|C}*-3GFt*#hCuRP<0wxc%Wli@mpaz&@3@<-&9-RRW)9zlKp?t3
z{O)Mjh6z?|Kk8k-8^T31n`;?ctV$<vTBi>O!fF9bkW=q?RQg@C&ME>*?<=U<e4)mL
zH1*#UPwpp**~w~l_tFC1ecaJDOzQ;g_;Xfs+gx8PjSRtMZum?|qN6NMYi}MOJT4+G
zP^q6{L$`ejF2M1s-yjF=v)h5N-pKIs`_%xPh{uaNb-6~=ZZ_h~q0*)+rl!fpx);W(
z7lXRaPCOB#_EAlx_I@9wyfH{QeG@;2z;K2{yfb1aY<u8x_q{F<d?N>+xIM4of9><)
z^!HvzmGvvcA9W$lM8Fw~puO#L94BHR;DL*T5i<H853z_2apIsKGg8q3g4|)rKa&$d
z?O>5=Jruh=7U}`CD<b-LP}27R#v3)1A$|pvj}YSbKxS58GpqUQeJ;)rl6#91)E9ZN
zv0!(VPda!Y+J)JnHi}HsiG$})l{xWBE)D)GM)D4Gjey(vrW!3Zt!Rzv7V^q_wfyf9
zze3&TgBNMjz~OphC%`>ncx>_>$#S}axAxIsY;E_N{E69b>NCsQs}W&%3PTGmejySF
z{+N;9GDH8}_t5sk-vyTY=z6SGW7MIV{vkk&!xZp7`=R%zN*;6cWrzmi%a^uKLd`$g
z6Mv1z%>OPPtC~1EeG*#!D=hyl7-y?NsbR06zJmwl(7@^+kP_NhuTe5~TAvS5maqh+
zrKu-4Fz9oiFu??35VN?O2FbKK?>zEuxw%PbWi>T~Zxq>dl)U)<R`Zkv_}ZD05Z1v4
zIl12*b$eZPUcFp0dF~CH<$&2ke#8_&$fCULjmY<XgF&}ffQtmSTOBxLhwh?`fW+}<
z7rRFLtffZuvIewDY_*Erz;!VPxQ%7Ijb7t*u}3g$lV876xIUHeBMd{_5c<Q5%|*ou
zU(ZqSg~WdKCW_$p373=1mK)n!n2(+jFU*bJhoXFIhvcK*=_LrIhxVonpr3H+A-Y!a
zuNAp*@fL#HL3vU|Nxio5zoICc($D}4Pckt}T<<EG!I0R>$ZWioP2kpG&Xp;tI!6TC
z<72k#cw02L!B#`SYAS&Ni>73@Glq6b4Dpf7oOB?~X>g`xuURYchDQ^+j5?tZ_Z-!>
zugWQ^SxZ#qv)~%zWVW)Z8B28-bbXReMRTvXcC#SbpP}*6VU97NPwR-6hJa>iEH08J
zZz-9!_^R2ko6&AO?yPNlRrTQE&~xzEN43@?ld~xYxG$_JnJH=Zm?`OV1M4Xz@cdO^
zJ1IpgI++N)ShZI|EjyyMvD{IfVjDkq#8bo@o+TP1s*|a#P?Ar=Y<^fOqv-W>neHq{
zea%Qu3b=PSF+a~r2pssbY)$<Fh@QEL6UFXa@dI(By6-U^513znIetljIdf$*K!yQ)
z<;#O&TSQ_o;)XgybpW$2u)f!rGwZxe5-!bZOT61eK|LysWbX25vkjN)*@XKMOQ<<p
zHNz>bf+!)dms+hEjoS~ZgVOPM*CI`Gj;l7!ZPxBYJF27!ObuH0yt5EM6-tCTF^m=M
zL}F`o96TB&Lgpe)Ax)!CvzyOF!W@2s?DPE?L~qth@wH4#P2g(A)7LY9%i|D~2}Jyp
z1t-Dq$QVs9E%p#;4G`BVI;pK&GOEk|ZmJlAG|Xy4sMPdjs+@rZD&HV{W*fHQ#)v?U
zqTQCIn_GeYNg2$j;s>payMP?_8%Py<0!Bv90&+&f&&~Q<GD*C0QNKsYWG$wx3)m4i
zqnJ@ev=weBrW2;8ld)<TuP*e48~T{3Y9!)QK;;^AxK@4c_^IAN&A@ys_BD7)3*aB;
z-AN@NthKa~(kqBUIZIk1at+i4XO1cZBXXr$u|(H;kDBK3&VnNJc0Ir#*o8%#TOvlU
zu~2)5YL#EHdKGT8cxw0E-2D|M))#b6#3WlIb^!2H?-b#3RjDD+54g=X6SCTA27aW@
z8?z({;SEAi3&e`-%CAr}DjHo5)2fl13`St@Rr~Z$l@YyrS7#!}r(x(%p%LHr^{jJ}
zon)nRn4Q73gk084@YK*kbcp-PzEAlp(PWi$ihr{q=IBg<XZmm=dsN%3GeTC$8<*pc
zS7%>Ap*-r+aJ4s60iooi<KBxpGLDL@c|05>_<Go#dRns^NLU%m#&35}8g>mE`5|+w
zm4d$}`wHD#J?>mS!d|0kXqGo##>t+`{0bisW|d6WdA7Xc)D@hb+oHayxuW~ccY9ck
zrNI#&UHg|DH1_dV&FS`VK0!-I)iY|2&EJZ@dw!WxSA#94L|yEp)hlYnsaiHu-XbN_
z_6&W*P!&;kOG&5lHE1s9*AL0k*lA<H&8rG#6C!(eSLiJHzs80}gkQq4^*DZ5QYo1x
zE$Hjt=@D4{wwU-Fb`)QbSSB(GIQGhSsdItlvpIX~fxOtO&BS|ORJ0GZ4$czcFpE8O
zPqUNYL*+YLuN7#Ylz_biU_78b?kD4@=zZzt*vB;N%}-K(hqpxBzmxVtWG#;|S)>wo
zqa!Z5E?qz%cY)TD<G4c^Vilg&?oV;Af=r&j_a4ILa7LX|A5wi@AIcAVVrp6Po7kY&
z=_SI2_JF%6-Vyk^)rQ?!A6wHzG<+=4WB_x)5e+x92CB0z1ECk}JN;90*A-WGZ>cT!
z5*}3TRt<00I*uB)>=|F#9|A1q9etGXAiHXp@cqsxsKwoYbRtrUKg(*h|Lk1)hN`ug
zJF<;;;c%;meGv!xlAp*7@5@xT%an`A<{Y-Fr-&2BdjpZ~J1AD|p6vSS5;Yy+@-_~g
zA-h{}k~GWL_05Gjnw0uhaOBh){<V7Lkb=}{$$g@t7CZ<9^8OczON03hDNFo=doc=+
z47*yuAuLl0Il(bhc+gJ_P!o87fiAOjx)7dv0NZaUi;TYO03d6`N$|QQBP`4;f-er{
zP2c$m<K-`Z5v0TB{d$yjlne00|F(kZ<^mk+{v+o16EOWgp1%^X5inq%%T~<17?PFx
zTF#x(BO@-SUqjp+KUwbbhIs(qa5!H$&C0eDUB<0A(407|HZFc?Urd!u{W8JI&FSa$
zO08k;L3Nlac;$g*Ir~stbSr&fVMy;!H<ezt8gG@9E<dlZvKEgSC}+<Z3ul!Zmm~^U
zhhq!}+@p=bEZpNXLyVjv)r`jpfn)CsiWvkE>{xei-VoZw@=>cX)3A(YJUy4i=>7X4
zZebbD%meF@%oAPJ4xms+vUXEq0K^^&AV0)6>Lv>S6v~AAirlc6G<gv}iTl-@P>LBR
zA2JQo-|00sS|M03Rge$^pk%5AP;oBhdVQ5G;Z7aDFY4dGE4+8eVOEe;sQ}dtK`=_v
z)Gb;9jaLm1fIONY{e;G`eTEGmRB$}74r^aSCD%G40UlT8FCTxPMWpq_&)=WW!s3%5
z^bct9SLOrf{}oz@+gTg`XCpZ~$;NJ89%b|+H53&ZcwlvLDwK08FOxb}7A$p=R211;
zoB_i}O)}8Uz-AsTYRB@9Ffsu{?<GI#xaCJ2t?4}a<L1lRbFS0n$;I3A*@oK})J0?C
zeDT#dL_Z`E@Jyu3ACN-f245?J0;0mMDaPZ1X~)98YNf;@v=9*=Qdc5fjvGVSGSk4o
zZ0w~xN4eQd6^|iTt}t4MSPnLHo_dW^m3Nr7(kdOscwUc6*<@2zGET}tSlf@9h_gO4
z`<FcEY%75g&X^~<$xK~rfDc|Sp8ftXslAZzYUg5a?;J#!Jk)~8=dBcqPlUC_nt6e+
z8T2h~_7a|lm0IznojNk)4Iq5Pb;B^!8T7H_sxdtUZFPFa?5q=aDAD^JEv_`FRK3a#
zW@aH!RP!iG8<(lNvm8CDeQtAd&eSSA!ja;TOz4#0v(nNGUl7DWx5qR%_#JH@<H7GN
zgsTh<dMZ`qb4<j6>a!%;77MXB=`=!#Mj>9$5M%FaB0(Y5NHOtEBS%C7aeSO+yh2`8
zF3EvLKR%yl(7$kJ;>DMD>b!z}{Ut;eg7)UozhLLvnKMR1`$&@=?FSmQGqLeW4b<$t
zpo=^6?^pe{{i#%hg7|6Zcq?IF0&!;jJe)vEA<%6c;wLb|L*{QnK^Cl!sES`|eGmu{
zvO$^rS4qN<+ZdpbKob%PM0N|{W4bbG7TQ86qFc*5GR5al!Iu?;;bP;&kfFI&1@JS6
z1knrB7%x=L=_MnU=4?~C*#&+Q&xabPqkBykQbo5?2=(2ePzw$glngpx_E>ok$+#zt
z*zI6#O`idds*w=otixbzEZ>pm#gsJE%qKnOU+w-Fcxp{Bhvz4|1RVUI4g9Zc5t4sr
z;6`?~rWXI2f$~>8&hWpKDfAzr{|3g3)h^U<)Np;tXlQ6af@Hoae#?NhQPc%aj1#um
z)*O%u01D9f2HOKSSSQ^uIh(ElS*_W;R8cKz(>$VD*@D%qU@;#zn+3SZJbr?BTI($w
zHS)QftUI5co-e>}d%V1Q*Ui~E!+pQWef)slrNAS(#>nE>1a0Xn@Ao|zYCsq@1Xi&}
zY6~HC@GJqJ*{62!ZpP9>?#)HE)~g+1x4e<zp<mSv186NhwLHBUvi1;P_EM)@g&!7c
zc12yS>_fECrQna;6oP7A13-2AD+Bh(4WG-^b&)4#h8%@x_+tV0pxb@)`%lF|5mm|Y
zaab+qQ3cbL>s2-8%bQsyT+nt*A?XSs)ss+Auuh^Qsyc&A5YjGGl~QqJq>EOZ8_P0o
z-&%2XCB)(M6wsAPD-{_o){{!DyXh;B+p$<CoMD+u^%x+mHyTJ6Wy@>Wyexb(tdU$X
zF&7%{1t;*BRHj(bemQI@%dF)43#7`miE|%(r+}xss9<9?dp*nd9l%MbYy9%+JZEzs
z5F4J+`g_)?CSD~3c9irwgT=qhcDf{*{M!n7cN#61YHUIILy`$qNa4W+L&Q;3yaI5l
zTvka7RW8}y?kLj59UGzBJOk__OXAWpA0gqgnGCYrV4cBfVS78}7TzOr0!|AHD|h~S
z$P+Gt(Pfq3u_bc{w=q|Zr6q}LYqK3(fN(y!lt@Xs=b#QzXEnrp2U9~yF}>Bb?`}rP
zOk^%O^xdu%9!taTGA^-07wIfl7vbzj{m~n;NWE``dr?6XF@pMgq_|tO?Geo~5nrJ6
z$ZsuV=2sGi9#Rn4bEh>+XD3@)>QI4-%Q;A;?yM|0kxh51eDb^FV;+LB>|Zj>hG|!S
zCN*4|Qy*$8aU-3sik2p+5>G;q>Hw;8lUt@xQtMW+gN>Dd;%A#B-rZ-P9bU(&n|iLr
zC4bYQBA>w=OYap`kSihPui1x;!_{sb(0%Xpsa}r^-H5rLMW54R0;84ZdR!&X@}`{*
zk*;qcMEp3CR$xbs{b6brIB}Y&$(AM?-jv+Ps`HB_b8yD?bBR(^BF8YC2K|%nhH9$t
z(!>)eA0>ce$R0AaFFh+hd-;OHmlnXD7I%ZT9Rp}(@(rbf!o@DxU>1Tg+;5LEcrTft
z54t3Ep`!+r$Zv$WLYXPa71RGJ8nL$GDs3<C8Z2+JrN_v~!BWevEC+Z~sv!CUgYPIE
z>swa2y>8xc_|gO5p9-Vg?4<@yKI}{-Id)NXEgez}WK2K+9(Ia7?6R#<{ChJ<)8D1(
z=Q(8-aLve4r|3L1?@yArD<Mu5nOQ`WaepQ`Am}i4%%P6z8PfoC9wMVQIOqXz+ljO7
z;Wdd4=*U?YOse*BAw-M#ND~J2zrqe7W5zi`3h|S73NVpIeK0HCbM2lyVRh0v3ao4q
z$LOhDA3RCn+PPRGrfolddUgy2mnYWM*6Gom#;85Lg~$Y^bhDInG<r8LJ$r0r9qC8l
z*qTIS`w)1kg%m$!4~=ovf@4(bSWSh7vcDS|Sz#YVp<><oN_WL~${70;J#ijkfAGWa
zzm|S0zLXn}fgA)&y3yFsM6t^cE$Mk;EGiY{W0VoGyVo2T0?k#)R(Qi|H!5jG?e+1O
zfh)Pc0xA*t&Q)rf&E&tAI{Y3D!d>RcSwdua5A0L)Sshe$$s#bu_Leik?;XMie1~Dm
z7=GQeh%{%nGaL2ra;u{TdXulihkMBRTrlhYQm=n39vmd+aXcE2u#kLg`o52IG-dJ5
z6$qW<SB?8f;KI|FGVv(yfL`y$TTb4#oGA1vhFrJ>e(F6hbT*c^vY;+R>*L?^J;Cd%
z+dUiAN6Z*RS;4@Qk8*9^5gU?rB2y~rVs>xz?_I7n0mV=`-C<SHT|TU<yjwDU+p*-$
z<@V1K7s4p+Hg7Wh!Y<`608Ii5r5_#v0)jB=_hzJZ%7D{R0?ywKa3JD$zreiLo$|s7
zX7W?mK^7Mz*}=OBau0Xdl)ZlhqL4$R=C8w-sTb@%_lX5}UiUTtcv-f_Au7g+W6(g$
zm>}bV45B~>O2=q{m6z&Y=rWcEv#!g~DHErOQMi0y_esXTVc-peZ3p`gr3eX-5&1ne
zGl;I6nUAY6r9doV9&{IcnI$pdR|AjJ(>v)x74+cIa{%z@5Jk+VUBC#v85&RK446q7
ziiU9yGG-P;se%`n6B;}@lEmp45HQCJkQMr$LxZ$`ORqHXbM_Lj#F%K7wYaJJ!dROY
zob7@`#>qcpc+VMoK-fq=AZo)_q6GTl{^f-Ua7x`KJDql|vp7bDm%!j?k2-~9s}B#~
zN%{&)Tc|_5y3igFYM0kw^?Vfik&trNJp0Lr0e;YrS31R#y21Q?S7pW~lEYh87^-(m
z7M$>?*`LZ=JL9=a^&TyZbGi)=DQY-h&|zWMmYEYN9fr0g<26|Ck;6ovBoT(>yx>d{
zr;PC<GG5@9IYBu?Tq?z#BPKy8@SorF5bUoV3z`rP-arp?fI8l#3I1d6%MWXkxMha8
z6(WC(IRVW<0o~F`Y!km<paL~@nUelINZ_}oByluH1%7|NqM2;dfe7=I4b)*m9n3Mr
zWyT9snG?i@_;-Ew+D-g$?);RE_&#h~Ar=bh+CTW<HU+y;Cc(=EOsGXX#XZ)UO+L{7
zpb+5zM7hOJn4SH}3;zeq{wrb-`d=c3zg6(;9RG$KNd9n;4L*m}?EcQ&ELNJZT@XOw
zHR5(Kvd-XhhcM3%`$b5jlB{0TltfS@PN`9Jie#}5XR0}>6pi~^h^Em%i3BZ-6+gHQ
zph;EiC#*iXIlAdJonD!4x5NJ(sLo#uufp8D&S7Pk7an!ft$x>VZWtuwv_#sZXIP&-
z^$|0xg$n^@K_@+8rEpK+Coi8k1@ndqqTEA!3K?CZ?7OTfjII`JZ2M9BJd7{7Ot39E
z&je_;jazceV4`$&DB=o8atPDcP^J<~3BjWIRwg*N$e{TPB5kfwE5<ejM8quxC*Zne
z65a{iko3J^ZF*8L>_k7EfOT#K7(xEyxj8z1I<x1tHQs|OkF;wRIIln<#KY<dOya8L
zREP1qc+9a(e%5Hm^q^y>%`D+3G>OOGmPN!jl33AB=wEX%$ncfQp54PpL+-zm-!KMh
zgqVHYOJbb%#`qh&yE*BnMTl%KKzu`&>j@P3ji55iTsUKxSiCWNseqDTVoXh)+sBt+
zv<H2$M6?zl*ZE!5?~6;r<Yuw;bon~jhB|L>v*;NJ)$~(oAJzsSU|wIB97aF$^*E?G
zFw@<C!(GFkCTlMVXC!mbyMLpP^_J!o97o+>Z-)?!T@p;Le8w4^x>C=ec8)8U`F(;l
zAYp*aQ^_Tg1j7qr!I-zAe0EJ`(f8A$ARvoiq@iy<nbcaJWa<C6h5ea>{42Tnlbrky
zX7S%~?tizizhTp4B`LcF0fcuphy9^87N6jhTPj*Y2T5rmO}JTIB0`m*7DWY;7}<`X
zYNSq0?!0$$ID&Xp;BfrD*l&|u@bg2wznIQ&XCBjTo@RD(dx4a%=l%R;aA#nK>e5BA
zNKvg(bFfib79$&C(7C9%S}>z3RyduCklhpdH{EpTDs4s|+h_9HWkZ=KS7ftiVzyj2
zQ+#m5_gZurNq9U4paveog%F+H`$+v8-cD@^)*s@3O}D{-K0?KN(`qB0GY;JabH%H5
zBNOFTL#5(7bHmc@a7VjR9J6M-ZpDAwf{>tnA_?nKyfdD7-}f@<JoyoFygty%T_Exf
zrjwELqR@2iW-ySrbS*jW83_SlKp*-1O_{xepGJLLu2;=fN!Vf4F8x($f%1FO?Cnd1
zafoEh2w6SPVn)vJrn|+Kg_{H?dNGd4GEVdhEkC)&N5#1$pQefiOH6l-^)36iDd)Y@
zEJ<h+LqsW-5(;qSJ9P#J>_#%CH0JskSY+-Wj7fIy8W>C;UfkAMx2An{UQRjDH())*
zN9*j~F|6xufxeL()ja7XrD?agIg3!)lnhJs!!%nDWeIcX^>qDJdSO0o!d(y-USVxQ
z3U54pOe|H3pp(A5s`ja}qHA6tbeXdEbOvt%`x{{dm}K}-{>a4FKI8DwL*Md?RL%(*
zDL>K}&IpBC^jP)f<tk)IUlC%7qDXpWF~&r&G>F3`h%0$X$fMPRD0Pj5r!=4zB7`yK
z$jB8VSZ;%09{M{$h%L^5J#T=^B?77$@lWDoS#sdO6T}ED+mv=(GY{NqP9!d13ad~J
zBhsK0nw*P_h~EBV%=j)b3e)a0c?$;nS4PeFzclK<_dovL_E1?<L>5Hh%?>6U{1X4A
z29ior95N8nmL@_0R3<=`rs7w1xDkf5sl92yZ&bcJupYx?Kk?+lM!h{Z^%T#}L;)ms
z1ghleiyW^RPPdb>Sbn`;AdEpJR0A05S(PUSoNwHsLypa0g>B2<-~fj0HM=1Z2(}e%
z!5h$I%H|lVjM3cCmsDv6^2;!ztTvJP#LWXMZMwUvx-*_J7Kh{*>yf70dpQ>*HfPD{
zZkPimtqEpmzmiTo4^YN4JR-eFNA=Te+<DR)vb)}wo5k*N+)}Ki*mb&LB&$4S2To78
zQo=2OZ8BJB7cxz+#URizfhAr@`&&z;Cw?SFNQK-*(WAl;ZcN_{5V=X$*W!S8nItxm
zy+?Z2YXj{o--WcQSBsfBU)M#H*+$E${mP4!$0o~jPBz<Sj(~9rZO1F+fU&ukF~H!)
zlkM9Vp;EP42DGnO^iV~X?&6`k$bFYN=B@xMzj)j9A2f2)o?0g*H=E2T2-GYd83fiI
zl*lp+J4c@4fcs9r$|5{lz6Z*MLc+Q^3L+^mNP}mYHpnyhb8gApJxCWUmbEC(G>wbv
z+xL088b=QSk0skCj|rwMWB<;YJ*pq(>V3!|Pl({jBUaxN&{9;Rvc#s=YGJ3ef~%@~
zm|>=lwi_=yMpTT-V8@x<m`Awfw!6>`B@as8xsoh`*<~a}V-(sPx=!G*?IgQ)*)|g;
ztNJe2)#94If^n6+{@~wThjV}v#fG3$!IrP4(&5z3Yt>8BjpqA3%OD;}1~No=VGBA|
z!dP(6k}W+bhlUVi6FBU;=hXxIK?a;#^oXfBoQe8V@QV+JREp}uC?^-l+VPxL|NMy>
z&({$?;<kE-SrT~qB~XaRfERIll`uIZ*5Un3NVa)+d1+-L=hSX0$N?k^=>5ncg^}L^
zd_aU@L7=X)LveWP{sVO}cuX0XJ;X^8)`HP?`6jsiLnEWT{ONJ$sYL~n0$CIxVQl^w
zhbetwD6?XGyyhbObcv)5HIj1<B9fSK;lIBNsUTdui5Qjz2kj;9n^K|1LOOKLmhD#S
z&62rd!)nCl!va`cB9+U=tD_d&#5JL$$1plnf6=pt&+`8XH+h(RKe$1@d?EM*HU9`V
ze=VzgE+qWd;l{$&*~HP-!1`ZK*!&eHiT$soN+|tTvs39W^ICtex2S5VZHOYgqk$l`
z_zh7O<=a%S5HcbVK^L(rQDB&h!xW`S5q6K=60yaTPHTqTD*gWYTlxh-e8yturO=a$
z8hb+@y4Yv#GRE}i<*0%9?Rh102PjHt$l)u13vcuWkuL^->|Ft1ZZ1Ji>pR9GW0fAB
z^S=S@>2rp#H6-(gF?E?NchMb8<;p3$2#6`=%Ao{Q#fZR4InV&wLuxS$b$6N4)&x3I
zx~;gmHyr~E8Ly?#x*dYAG}roMn49Dv^@0+O<FVAu%%?!Xrf0KJ`ShsJ@3d>yJz`15
ztan$pJ7|Ns)Pk$`Vkj7miPGK_87w(lCLwxAB~=yL=HY_5o(NNWE;PQj4<j4IOz`eq
zOUrM<dS8YP3Abj;pRW-<<4TC&1tw5eDT*k~)s|_p7D@}`e1}<x;2>_yIhXR9Y2nE%
z(AtXc?=h6fVJ$8A!Qf5W3zOYG>#9q;-l@=+<Qd}bzY^}6>fSbBQ>z{wYCyA;6vZTn
z7<IrpDViA8O(@5S*<Jx3a%R#S9?7@ozH~a`B&fmVty|WRj*hY)FPZP}c7wO1jUrAo
z5NKk-ji*O!4oeO0sJ>KZs*j5;+^t>J%XZDm#$t`NI`B1QRK`caMIEYmo@lcoe#|{!
zTj>@3VFB|#c)zA}4;y4>pBu!-U2O0X+}Cevwl`i2uh@JlqduMf1uQnRz&J;_UY`Iy
zbZ>-nYVcZLc3dFih5MU^0u$KtjZUJcu~wUDwHFLZ-Xi_CDmPhw!^s<l+eLL|W|&E2
z_$f$u#z}^r66h`KcG|#w{&gnlk1Og5gAKn(+z_jKY1(5wM{*w0aonVDy2j#dJl=GH
zI&^~|Aur`26X{<`Z{*-vA~8(gspmAfn{q*Q{iQNMlL~@Mj!2(9XqKrT-K$s2IGuw9
z1^1Mym=&_E3cSkwf7h+0xW->W+$Ot7Mh>vjFAzE=bOtz5S)p%Ozz_r0iWRxMTF6u+
zI8ky~sd17iwD5{%NL5_AkoJ@lBo}S<UT^e&A{A@o(04lZbWjKX#BLa#Rh1uL9;-=E
z9J2+SN;1Oa+`Vr?)kOWKCu5dlr;b}RyHE}f+f;Xo0jGPx*@yG7wVMmgn8V4J_}1yV
zzQ9m)Y{R9|#H6_at`~?qUjlZemMkzr#v2_0oXwZljOyl4YxxS1ZP>&o)q+Fl8nkSz
z)zkuyD^zGv`4JK`wG!57M50-L^EJxIndvo1cAcy<W^OAWcdolkb_E}g7<147G-ZUO
zCf-WqknfGlk1ROGAc41_F&Lil8yBF6HG(o~kMhlnqJnHqn$X{O-cn(xqG;(7Nb$hS
z?}5wk1QRw8s(@el>k*g+Mdmg$i=8lwiY1kIM?oAplnFF%T8zCHbqZ_KHh2?;Iy}%^
zStT&1N?s4MfSrhdkl4@iK+-WJ6x{&epZ!G1j^#jgwcx8_;q|g0G1}0p*gy?VUsj;(
z1HZ6C*`MtIohm0KmUJMaBK{QL<{8-N9pH%Ks@qm~JK@A)-B{iE<3H6tBFSAop}GY0
zKl{(W_FcsPe|Wk-V}1YJhAB?gQu@paN9FRGTEM?H-$$5tqbZ{S9a3=(aO|U`<@ZJQ
zSTAH_kfk~_4)2NdCZs}`d0&G(<>SnhP{vI`!*pdO%1l3hOy^|DyuZHPV}B{pum9rV
zo)PMFEuCRuVOo@)Y$}`aj6-v<+YTf$ZB35iUEBXuW5ftjat72oR?3h@fOa_5N4|w%
z2$mIJhb+#P5Pk;^qebV^r9x&N3Ed&-W62!*Y^c|fli;fPw24STs}zoYj5LF0d?L<z
zke;QmvZ01ASKeB$+Wa#RMwtToNJ(#3^%Tg4(Y9{@%B^=zCMw6JL7{GOYnH1tWuoO<
zxkkm+td6Ai=|&M@8(^d1sl|<htaJA%Mx7<Em94=>z?9N_FD1fd)Xd7JcI=7FrbF5i
z49%sL((Qn&Cmj(#Yu4}3*-L1jldW_h{;M9trBZ4Yi)tr3K$XTQbO+S73nDWd)`iN{
zinuf<Qn3s%t1??ru7w=k)#P(mN$9BlH>H!CK!ggW#FO7K3h}{X+cp)<&F=f#Z*~>m
zqE90e+2pCIBCGZ5sWUuijk+_!tAl=DOVZ-f9v)V%Ny4<BJKoBo8pZG(gI8IsyOmst
zvhv_{<Xm22rZwOOi_RXQd0qTK*5W;di5YXvkoT7&L)q<uLeDcF_yUt59}r2FRLq#a
z<ELiEe+>?U)75={1lI_vd;=dpswaVVqy9w~m4yCQUFx7d>xYp@JiS;CK8yzY`a~Pi
zPuO2Rh5Y?bA?UpJqzTFFwf!nhrsQALR_2ZkAZ>@ngyxX_Cf$BMM{IK>afieY+B3&w
zZH~VB<$y>7@%FJ8>y!C+pk7eKc6Mcp-dB{RVt7DYTFQ4*S%N9pp(-<e+X{TKP!<)j
z(LVqwvyjI`y@yk{LS57k!t$SEsgM(CX1FEfna}&JoD@pI?|<5L%fqvr-#~RrEE;2>
zpn<w1x@Zfm5~Bb*vQU;4u|D{NoFQNEP<hcz*heCd3nT{rox<@H|IZVfv{A{p_)H#T
zKSzQ8-w=iL-#xLv4|@Nf5X!%$V*RJk|ID-ho|C9vsA8+2Y=KZBhd_}E#J4DFor#H4
zl=}s@puieX%z5i08GinQHS=Z&<rvH~j5_|X+t1jJ6vI@0?=QJyhqs$!0s|!FP5eyk
z$J6azxv@UBw~xKw-@){uyr9YI8DTIp0%UklVrhdXqujj-0TT=<D8}(habkk~Y&}S^
z1p!Fo233$o<WXLR)j^Epc|9pN;sf%O-NlEBNF$9itB6u;X&Q1V+8YdKkEFu$DJN}{
z&eT;7KS+fag1tEtcjhXBy;Z2uzKTGddRAm@S6o_uE*8rOs!R`k{-#iAix#mY&6iAP
zMy1(Yb*S|0C^2BZP_{AIYz^#dxkyT5Lfe`1I#!RCz}0A#lFpK4JTXQf^thSO&Ri<2
zFShCWV-NIbxm};CTFBYge2D?pO=dvfx`l`^sl}DDJ5pot;CawAdc#E3%3c9g$}AeX
z5!T=(lhAF(o`ghi=EVNx$LzDk`4E;%Tjp03ea;6qR0Kh>vn_Ks!$vy|dEgCwI%<v3
z7Fo^_qb<+0`<5K?Y<%pomfEtC!mAsy#JqD?0qJ`uwWeb(euO;^rk;2P+_Oj=RvhR#
z)=42<2G)%h>spf?#oAxHzC{O2KK!F_U2J0nrD1zj%xXIuoOyi|Me&-YF2nXrE(;CM
zB_?LlC7mOP^iGKfvRm0~zk9GsG?QPW$lq2$0+~hWk{gj^avE7};$t{<2wG=KQ;=Z@
zk=yT6ZdEi*wpfC~h{=)C(Dy3c;a60&KmS*=N9hJbPI)L^-T}Xo$}p`M(Tliw;z?Ho
zmH!99IhHeKCvZxodS5|QDb?w$3XPG%u+B|dKkIm#&iJ<r%oQCdE1jm!EUc?{>Gt)_
z*xevC<qCt@7p36re(PqjfmbUfi?0l$(yGTK)rgj6Bb`veb?EQ4i8_#rlfmrx6U$+C
z%$cn16E+`k?`2oU;4JP+3=JTnlBBPui6fu8_(xf>NKDg3gIpg;wNJsMg;4nA4#*K_
za+MBC(dC+^+HEypr^`%Eff{iyGxM>38L>+A1`4%BNu>n@x&6TE<5*k3bxk{;z<r?5
zP~$ph{2kZVeO1J!sp2WtQF;v9kkBOAq#O1DbfPwM;S;NBtve|5@r832#9N&D9vJ^6
zbmfPafcq$NuTh?l=8Y@BnQV_xy1C06^hPF#B+TMR2k<j22tA1Z<ReUwX>!-l9!+&%
zz!NGs@+jotkuG?EMxG?CC&h|ZPH8_y+TAHCS+CX*i$MMt!u9qG2k(6+bKeHU{V;sM
z|Hs-n24@zu>pGek6FZsM6TGqQOl(bT+qP}nwryi#+s+%#$+yqmr}qA;&PJW{bNyMp
zs=BNDS$AL0eS^&zq6(xNMgA@#IS!Qt>;*`f^q#8RG;BZjnLxXla(hPZTJE7I>I#dJ
zjL7N6qPqzo1`w>W3xHGzzk<k{4>0py|H!(PK$o8VOBuIbVi-j95nzVxGOBYW#EnDR
zy^`P>kjp~6MY>nTJ4nM5cKt*|0EZ&xfnox~DK_XvymckySwq37ead@_lJ%WafqT!6
z7_q!+Baih^$qK1-dQ%|_n!tNeu{=jUz<qL3*w&a}A&tVzSTwQ*Ek5=xxJ6OyoIvvR
zUw-X`6S{Exze*D>xPQNI{&Q*aUm_v@w#6wLm>OB>{nJLLX6CE3l=S(_#i{GhQq5^`
zu3!9+pt^feqB0yr9;n&Lw+myl-qG_jF+~OKrDftq&3u$7(S00rC+4qX^DH&il!Xp9
zK|(MRhhli_#1tcoJpr4=Zg_Q(DE7Mhxg3*H?!Mrv<9Wm3n&-Lmn(MgJ{qtl23Uo4Q
zoyE{=CFoP%bfw0CpC{+3jw5#$8(;P1h8B@}muTs|Dw;5H=lVvd=(Ygm9V<lY29^7G
zK=!sX8q?DineTp=?7a)+Zzlx(J|?G*{GQM3trXe2Skp{}`G-aM3k9Lh2(I~9&Em};
z$wM|yZ%u!;+vH%M<y$VNops62<Y=F{o39esqv+iR=W{cJx^rKMZfof_JDTqVSP=cp
z@*aZZFk7?B=am|Q#QdHT{P$@W?>z<y?xv^wh0kaygp+svwl4VZvmOku+!XTCyTph*
zi;pzs4OPCBA9)aOrC`rb0^Xug3Y|H}xusk+%p9DQ6a5o~@d2Ym4OP(@@iv@jm4UhP
z<C04z(UdxKxx93JqZ!TiNW~Vnl;?!oc4@g8kdGfFWybmD<YmV7KNT0#O3qOVH4V#g
zGV><Vc+<!ik_<(|CY9clUm0Y|9m|%BL{l`h&per=1k*FgC?m<*A^L`e>uC(1QseMd
zDC1AAehn%TO*@M0Yv&CM{}J@tT2bg}tja4=-?8Z&?3{!jlK$0PoUpj-X~y%XaLUy^
z0DD4hF@}uTm@_>Tjyp~`GX~Z~{cK(>wB3#--?*(lbz)wn1zi?y81c06s8F(KAzY-R
zz>J3K=4beD!RZilSG_qnTaB#aU2FZY>4y2Vql?-YYXgZf6^$9cWk6bFc^%C|p^LDh
zzuS|SOA$(g5HesjE;J;+OwOf|#!M4WQhjV9ADL!R(#0`DrkOjg5I?<OAS&_~z{)w5
zs-mi8guuCwc+6C`ef8o<4v5QlL4A&+dJ(P0a}`7r{9@DEnW!3lVaeoSX~4pf(MvJQ
zk|y(jKt2C%Z_$E2R!DcXZk{vFLnG@+HO?b)I`}JMnqFMqEWaQ@Ld>B0S4Mi2j&<1t
zI^|4jvj}Qlu&XS&4Bf=VQ6Yus-}%U_<fR6txC_>{EXyOQoev1qU+kXh#&6CZs`P9p
zO4nBXJJZvdOKy2Q4Y9P!gNYpQEZll0)*C!#x0&(MNL^M-6il$h^ZZco35{g)<TA6)
zX=Ch21bzVP`Z;8p?_^a<<jK}eqI(zpnT~nn4lHS6CqKgnwIW|MP}2+tHL#U;umLDY
z4T~85XNrPjPfpP|kktbO;Hvxgox_6QfA(O7jwZnRGJ8N`(lZT4+fZ0-(VzRQA7F6;
za5XiJq5hDgW~GU9t|YD#ubf#TTLKih0(N&`*T){DYV#7%B8oji&eu{Ur{+xyXyfnU
z)oG=eIksbq>ZKFhg_0*=WmItN{VItE+dWRj`j>Vp)T_pDgm8?Kh-Bs~B_fC{jPSP)
zI@RIe+vGG(bu_mLTE^VLb$h>@hGU(AEfZzZ8*vBGp)?IE{5tGnh%ohHe&3gLuI_jx
z)8iH&!~#zAD*&nE!o(`nO+2U(k9XNQfCGIeaS@$y*l8^@6ws_bM`ElnG6fZek<Xpq
z7wJZ$tVDRlSxPKSSP#a?Qf`92Ykt#Lv7x_jVSH_`hi)<(wJg>0`f!&=@-qpWl_|VJ
z&y{}Mk;fYg@2U!VB4y!6lDp@RgllGLqeV~5XbsokX`=%}zJY(+^RPev^}FFmEQK$-
z!+7>(`6-iOi2IOyP^AC&DeBUSiK<D=EciBI;^2$MILF;^av^<K2_uf}VQi-Wz1M0@
zVDm#}jeQE1U5Du;tHXnxMF0RnLOg~%1t-4oGF{@K<U*%-J+|>IET$({VG_$e?Sjd$
z<pIaOEp|k8Tp5x;zS@sS6^_dLGu)6V4xXGiPC6bD_G(Q)wjE1pk!0AucjFgN%5~;w
zn(-(m8b+ri<D@~2{7tKh2147ftX8pZ)6qxCg4yg}qX_=;eTMp~)TVbu!l8~r-K1>g
zWf`f3{=&|)Q3;Wb!Jg_<n~^+`p8n&VN7UbGGBS6trPX0iTPRJ?tT-#Y5c`yvU7q|K
z)FmgI7F2A_q($C!f>TYy1xQ=R!^JAsew&*#mWWv;Ha8I~*|)MhqIRMon%|)dStqSS
zIOR}FAAynH58l@JK-{i5&no}YW*|p0RTs=mCABXnX@J{ZG%9j9X4<fcQDE(<KU;JX
z9aMpj(i)Lwd26V#r&Y5c4>L}dutsJj(N&JEanG<ndyRSF!`aSeubwnLZ4Ja~n21y$
z=*}#4nkP%}Dsq^#UY8dFaGP85wlxgMsf!=Ab7iX0M~{&lxf45>k!O{bJj!>I%N`mV
zshzm0mfys~IytX^NRwLOqWw9`VhjlPNXpx*E@!GCbHhJv`Z<+aw<y6q<X?7{FcI`<
zd2zxL?qYsMHknNCa5jz-#6)97{RWW`(m`orZ|$!4Gy5pxV53&Eox>?0NqV&!Pc!Y=
zocE~Rkh6&~eakN1J>d^c!-shjV$#EYuqH=-X$j0P5uyD0>+GBXhZDv65$$0F3*G?E
z8h~SA0Pje0Q*ry&GWVai3DOsN6g&AdzBvGVsq=1cNf9v#%_O&+`6TMFC3$po@ri)w
zbmS6>?yhAoebLl(P=?w=D)psm&Z|GkbEaI{a|ORl6n47(gd5qCGOTH14;J@EMqZ<1
zNSe9+p?-<ud;z=l<*ycwZSq4z6P)%vrBb$~C8zGHMr`GD)DTULo&o7*1?@vLTpOK+
zkRoXc#eou7C+pW^8Z~FhTH$^8d^-S!xhXzv-G-oIow0I16*2Y6yjI_;zN-4UqGWXm
zYMW<4|Jdu*ZbDPeyuvfMWW+F6)h6A#Y(IxL!Z+xR(dpd@l|e4;>?6B~4hQc~cLSA9
zDLPVPoW&NmVv@rxLoFjAAsuE5i3$qi@*lhr)H$d21^H!%Dq_VJB3gb?HFc$m2yG>r
z<%%L4wm_&{fxcQ#ZsKluuSpI#^aDKXIOZ~@m=B>)xxS^T<Ffs`nb7OecF(vEv^Q$5
z^suKsjl4uTh6Ew8vVf%$&$Ukzz1K3uTS-7a^U%T0AvG7v47NaQYMLZn<!j+z2L^N;
zXV9BH=EuWP9gviLSm<iQ9uQ8S_sYh%cb%r3ce#d~KWlfyXLk<CmzW$Hq8v23iK@>9
zxf<DmdQIE+XyH$*G}R_tutAm<JAHU)1_ahSqqfUCQmt{aeKH$0{Fkb&0q!DbUfu1S
za5cI!`9LaQcL+)kqwhQz<!vcwBFv(^Y<{gR$RS!o3t<87$7ee2@Wl|b7=v?xJ7TUN
zgRdQY$9_X<ZOR)YPDNJQ!lEc@+i4*VtmlRFwEnnv=9ZH7dQ5HsvvMvi`#{}}gfut2
z5D%nnaW0Zkl)1C}6o@g}S~B~B7Q3R1$>ph}Njs94`KSO(%Xt0~Zz3VT71vaC#py_;
zP>$PM6iJKjlII>`!2p3rgzqt_M=NYnwcuu+m#4DFtrd5)*-Fgu4Oq@Tl^eb?P|lI6
zj~SaDP_z~|(dHRd;}9$hGhuGF_m1J+GQ^>4I<Uj0*2@~HK)V+{lt|x4n;G+>HonEA
z<?F5$c(^jG!-fMrz67BUp4Sq5j%!Dg?)vHOiGXYR$5^8o#wWm8qXj*r^^PO8@lL;U
z6kkUKs>*B_*R*e4EyAS^k<k8<(egWfhS>)><LuA<I_2UW;xw29wl+2MTA8DQfELpP
zhUE!`vzlUW)JM(Io}gF!#chcX_D7FWAF?-968!;pF3(O`2;F8FCj{~x<0n{C6Bz40
zRZ0)L+Gj}e1{a#Z<W{Eaob#qw;_~BNY-`!LezHlccRGO~WXlEHw-L1_=>dE)qjIZd
z+b<7u<o%B5cvHg<ZF4PiDJi}}P~Agv0$vNVoz2#f!)=$bZWIEi6(c3ZU45U@<)cLT
zOTLK7s{#1Gt0NM_uO?jaC}Ml+o*)iuZ;Wggakg`ylNJ=s$01!%wYeW4(`HDnZ+6yv
z{k!@6@)&UI18aIzaHi_Cuoel|19!ehd^39H+jVRlYMHp5_8?Mg;2M0>NavuCAw?dH
zIy@;s5g(6!d$h^x<}t^XTa!aH^=fUH78dWAD_H=<-{>+HH#O7xQ{K$=k8E{g`5cvx
zdG*8F`sZ1^3O1L}UA`uFIwzk_UX*vbsUj8iT}~u2HMW&j9fV|{F+N%GklYVObKaHP
z9+s9)y^2^jhIImA^(!lBL&e^W$AzC$>Xxf3E)P5&4?plLIW?0+=kz9(r`t=Bn)GV)
z&yT@$GOD2DmZ~8?T7hyaC1_5Xj5{PzaCN~svq-VcXK9BSUi?oLB~lY55`wX|oO=*9
zNW(h{(t;=paeLC~g;P7+TB5Cw`sfmE!G&5gle0sWv800@Y3SAZysdu7@8nmmm>$pH
z3%7Sp<Wckpscd~gctg2vn660auKUG+<=-6&w{+4Xpp38yh^M-L;@%*f4zo#=@U{`e
zj8?e{UiG_}eiYpOAV?6qWvBBI%r3eZi5v~L=Mg^Vg-r60Xw=W<3=`Pn-7@BZ@#G`;
zoh>E)-DgNW%0s%A>R1`*Tvq7Lw(huem@BgZ20Xy#4h=cUQ*J!80CKw3i&pPkZIg1L
zy;%GIl}#1C8#}oxNG;pdL-48E)fBUZ3>uESX<SOgSL`r9DG)D1G`I5w^Kg7i<RHxJ
zj4QOF5Qw?`Nj7p$gUbO0Sp(*JKY8S;HS{6|>DHN2ufKJL{MWcRS%ejv`>imn7yI{O
zeoAp|MnJ2C)*tp20)8=2*kcdaW6U!6{zeq4UVVzR+Fu#hcI~uk>Cn%2u(EwZH_B+r
zuFV{9kiFqfjH`^hq!!U#42D97u?T0bKA0J>`Ys`SoRc^d^4i4E9^hL8r8pXBH^y}f
zgt)~Oq?>xdzJD^6-zQ6XB10^oLcz(~-!jl0+|M=)-5eaWF;ZR=9A~^J8{Vkal~F@1
zE0t;HozJcn1@g*yj+-W9|D2({xX$)(2sDThI2x<%UzoM6&gpGtBc42Y@{=gC+=dew
zNk<wf@LNlNB|VN?yGU0~pph#*c8Xjjc5wIvY?KcFOh6(Yd{Qrt2sju(k_#rRAAUoo
zsXng#&Nn2<J;MwHYu+)by+P3ja=3jkaeTlLAEDpvr5qer2!C2=y>PN@<vyso684ZA
z_(%<RljwAgI6m@Ly$2-j$1ufxP`N7p8qur==^;tjHa>ghK|SD#&$SM|?<iZB+T^*|
z=6|6}+#dVfOx%`w8Mt`f4G>_h83ah*gnJ#&?up%E#dUt?)9d$%yzqc=Nc)xJn{v!G
zRv%l!*50)xu-aw4wulY|+4c#&TG^^Y?s1FnnWEJ;747{wPZB=#7OmeNnwZ0Q4DE^2
zt?C7jPC033O*lAK>Vnq?(Y(($JSfUGLST?qfkf4wsr*_L-V!uW5)56j{}vGRpwvMM
z8UC^6t@Y%Uc+o(!e}1W<EwfbTHD6tx^9uNfqAM}I%L(}MXYBoQM*Y7lx^(|tMc0{y
zfk9D@@qeW3{+Ec}zsVl|_Hvc~J;?vLhyK@l=Qt@@Fh;Z>S?sNRXn)#`6GZ9Ug1Drb
zZ($X4vA>OVhm9-!%;w#IEsjQe{e(L)Oj~|&Sb`fXLp;x0nKe8Td_7xyAeniJBA`=D
zPvfRZvp@B6@?7)4(6t%WHnS&U2~VNM<Xn_~T<^UorF$@D%@v=T%1&zODRG)ics`U0
z23v^X=J18QCVKQsJM}7$9*?sTD=-Jnla42FW3N3KdiHM?ZGB=*pE~P`8jzqC?awBW
z7t#q;tUF{269c6ocyokBzwx@^9^elRkN(h5uRz7emE9_3R`&St6L6P85J|*>9q{9+
z#ioY4Oo-aO)BU16eeTpplL*B|7x)TCz@!xA=@tehu+4UX2p37|c+^S}5k^qT<xNGP
znu~s~Ru_i0d;wL)S4Idtz#xq;wj8u+d2S%;<f?xO2>Fk-0HL_+!24f1hf@Fd*8(HM
zf4UI<S^whvAH7*oURvJC$o|XM|6k`nW!-r}6fOAKHe3ok4{bc{SMDH;3}b8HydX5H
zM6`%uRDn?Gsen@?G}wr>6$LkcjmKO^w`fhf3jHgHS84TCoS_G)*sxzx6P{0cm5(u@
z@eFYL@8>5J$d%wTJ6>=URc&!ExozJvyo_CE{18oczs!1-Y4S+9G9H&zXZiIK+?2aT
z$M0uO0gE?KKUB$%rOPGFt|@niKQn$pJCT~oX$54uGk#J#ot4vQA`MnEyXWa?0Wx??
zGMWu|Gb*mi_o-G6A|}z(b`Mm34!5SJgzJfE+S7e45XLA0?dbtHeu}r8T6lNTDs%QX
z@J>n*s;JbkY#Xq@?(qF4nvX~^j+E)T`YY30s+a6<c>L7$80-5BSCJs9nFjjQ-_CEP
zuUv~Qun1aG^>-w_No~m{iWM5zBJo@yej2AGMsNVlG6SPfAgYa`RNF2q)iu~<vwDkY
zxty9pr%C6JIE}1NXNY^ytMdVx5Y;6CT{U{(DQLm2hP2py$KZeZ>ps9v44Rpw_kdl!
z_Fpl5yXyob-$iU#4b%{~CIsTY9HLeprF2xM1o}+P)$&23hvnBz9?<;~AWh0wc=Y(~
z;JU~e@O$*^gt*Q2sOh3KE%G2R?dZtiuvFs$@WEc>8|Fv@hv^(8hLlHE;S*kzT*kAt
zjbKH)c`8E(*<I|w&B*~-c<<7`tFPPI#^58RiZAKa&~80pTWDLT1!EulIB22p!A1xm
zt8$-1dv{;HU0{hNJ~>ndV3U}>99>N(Z`++|%IG$hI~QziRJwrm-42j+r3j?-@)T^Y
z{_H$$jtCO%YFM&H_qW!gSh-sC02Tameen&Ur?$oM*cnu@v+mpltS6%Cs&#YglKEZX
z$DnbrP>Zl;W-!wU#8r0$Yje4t$)RS=yJ$?WJsNL$MMNWE`$<O09qfV(bu$V60bsN0
zPrl$7Q*J8)RQm)C%;6#WYh$JQ-sT}Xm~$rz2U&#DS#E^V2_GC_gK&0f@ipE^!dHwg
z<E(g~p_15*b2~+PvYo%KT5GEKzV$Wf8<^}o0mYDD%tFaX?-!NF-o;s$3at=4x&=Wz
zFdIfI>_NOJU1S)yc6F9enq*pBkm7hNIy{KfpDc{uY;HL76HyQc-`idbnmhf#s<@o_
zY8B1ni9sSYOqb$&r~{3m<i`913xG_Bt}3uQ4Jer$Y&bcWQyU@|v<j;@7xgHyQEID9
zzZ5LeF-BW7SxKBl|C5eR&hki!*`c!fSq>Mu;uqTPEO}fmV|<ZI3Yrl+n*H0l*MY0}
z)%}G^<My23PKy`oK<FxHi?HWWx0OqzG|5wFJbLY%NYtV`_jP}&baeUP5OPn3w%NNE
znb_CuUMscg=(;1oWhJnEtiL0N^S1M3G@>5AzjhiWrO2@57krSSIBWn;_z%13sYf`z
zZd-{WOc_hnp}8=Q7!wB?owjE4-A&Pr;e6C46mQw_5&|Yg^q9i-;RS+<xm@R|Y7MQn
zp+(qg)w0t2xhkvo>S+V)@`O%4UJ=3KrwyA|o}BKJMi-`x(To)DkrY-cE65tJ^d14i
z?a`3wp^wczEV|>gy^{=$>|R3cMeB!?9UOlyGkJ4LJ&jBp9g28WIJdKas*0tn$3Lvz
zW<4WPTqj!fG<N!jTj)mZ*D90o4r3H$ESoVg4R$T1Ua~%^K|;U;f*npRUlLoio3%(s
z=;Bxh6dzwttv#f;5;9&tPlY|~14R^{Ku?Xmn7A2nPmCATuo<G96d>5Ab|Mhv&M2(r
zhi(#3(J*~aJ*<XESN7HfWt%@cfjx$s{ub;`CX7!^ClLsDpoxMRYf}P@9uzsCSM*ff
zBRlXw@d@(O-K&Y~i35IxX@{l65lVFWzpLp7cT(5+S4vhArI6|j*a*Kz_RUZL3%@h<
z&Sm(3z5tljM`jFm2O56w96K6<pflX^5oqTrKl=RR;1SCB>}>hsQMLcmj#-}n(ea?d
z!pQJX6+%|*l;i+ETF?yhhlE8_vkIK`pf(M2Lb!;qouVyzk=&R!P6+!vIm63slOtK{
z4X7vOZSin^QL8P6$rX=7_k__FpUyT&X0D<T3>_*L`5O9#O6`bTx13)%J$9t^j1gsY
zKiAl-t<n#h_!p%!O~$Oa1$)7-5+P4{`Pi7TTNQaA4b?n{Pjr{@IWRjIR24agMmIuD
z9#tZXTK3M7y|zut{^P^(mxC8}Op~;7s&MrpavS`m^^Dv1vK;_2&=bW19hhjP;GAem
z7vPFrCDSkLaVJTa{LZpDF1jc$8kEP`XgP5uI}9E?KZ~QrI&jL@Vtn#f;;4h}o?SSO
zmzN7ttr@9I0>30<PMgym)T21xm)gut&smP7%I90H0D9@xpbFx%!-^?-w#w`WVQHN(
zu7#WdI*(d}HNC==>_2AetTkPm@2f<R_)pEn|J!%<&R>)CucW+<{eN03{4=m9{Xbd^
zR{vs~_BDir;g@TgnWNi3NFE_eBR%VX>!_|$HIu_V#`f+Osg3x~nry&juVtb=!pizv
zZ{!!=jYwdm1jLFs`;d$vh8aRckcy7P?_=H!W|;)?F8c@Rg?5+o!a5?ege@`m7C_pV
zbn(X@!mLlzx0(dA&0|fNM&I0NX_KAxYuD}LuI=ju+`n#zEFc{>P<&52tbEm9UKDz2
zLiLDLsrJXh_@WFNP;ds+zs$uaPF?YtYLyK?N=K}4evQ?Tgk%PHzGE;;0~y2o!xwO-
z#aq|OHt?yh7Hv}qE$mu?JxHg!aIO|?eeel-18@l9w~<CaLRh%-_r4w;_k~=g2fm)F
zcVQ3+=WYs>_Nn-I!(+yF_w9j!;j-qg8sqMw0}a&K_xp;##_$<vrJ_q@P#$A05<L<N
zQn4x9c>=-~KpTUsXyv3hyKzh-+~P$OlZrPV2TltC>W#=nB2_K7vC-sKKd|<cG;){O
z#h;POtS|;Un(R-JjIQ_MI1HZiko3_-)^6c0{CZk#5?qWXNpxIG>uB0^U=s5HYKKc>
za<di1MivvmjmD>VVH7v6(acaf<g9eaLI16wB*9n(Os+q?u<)iH+BBL6yACd`)A!_v
z&rM}$I1+{=lht&KmP<Z}thU%SnJWo#Bxbm?M4%!Nw+?^}pmH(EBXx7j7__iAPLB|Z
z=GlsqPH)rd=QT5q9{jeP#1YMIylgwE#4W2h4D)MPF0QU2Rz_388fliUYq*t4U5G0C
za4OtnLdxW7#YPr(5!a~iqp-D-wsm_Feg37D>RYw+R7k?$<06$?{m5uLk>PYHurhq6
z49E>gfhpQ^Yj?I`(w2nt+4#vWaUV;z@8uShYn9RuZaT6B!g*+mzXsv_?CA37LfZc3
zuBq>(ZRhpZyKBOD`P5Bw<`99RrsWh)zg>F>6U-G<7k)>Iy<%?y)bpEekw2&>f-dHY
z)2Z3;cS5?<Xd@;!$OwW(Sq5Ww7n5r_-4Xu1o9Vo0aZ;QZB(hiQ$fvV}f?|WSyB**x
zKlfTqNmW8|w^4$(?E*$uL5rfxSnyt0w6NoLa<q8<o0_8($aXK=X%|R$kPU!sd=+zs
ztMTd8Kj~LmbT2yG<}Rd?JE^aOt2`n-%*9gLB8N613;BV3bdtr9BTWIOX;!u#{GmQF
zE*KC|2V<pGPUWF7jrL$F(L0=%L+DQh`wT>x94#2s#Kqj_XSX+IVNuf~C+4V~Wk|O^
z>q#-(*|6i{qRD<Ok1t#*>~EYJ=nLKNbqcMkQFsk#+<*<h0G@;<_p_<PQjvt^NClWI
zCXIB=!{acNd;W(In<!Mq1hQ4~fSmq~cw-ydggD{xYbLX+3rBq2J;1HrG2Ih$8`ZVG
zaJvKjq{(C(R8>+vWPZ5Ps;FtCzm3ZQ4RvJ!J4ysq{zJ~^OT9JUaAaR2%qn>52Diil
z?IbtAyE((`JqLP&@bx0Ca*k`jT4v?I42VYinY7g384r&htQxIiF}Yz_=8D(zsE(#b
zhZBCgF?biwbzT<t<BaiZ)Yls?F&>WyJ3^~xdQsPq_Nu|A`|^XQPygW3pyzq>3Gbrz
z#^{~7jR5)T?gj^<dr!d??L8{iDY_rF$|!`VmErLW{TeI2#g&F(Rz9I|9<E%``iA)7
zQ*DOcgRtWQ?Bbsw1AR)YHRhb&;8Om5x%W&?e;nkpo;jU_Wuz8S6Za^^=M2=UW1_GW
z&7ZrMKEWj@Ah^7{ROHh?DoPu|jcL)|S4p{Pr0MqT?|7`2d=r7FF|v?^hRZ>I<N$2T
zkFF!1navUF?%S0K3N@dA#(-;dtzpz8Jyl8Zv7AMWnIRe~UMYsla`DERM_MjV7GgCG
zA!BZ72WtLV=~}EyZi&!zl-d^*RA8QTY2k08a?tv%8KgEyE&K;z7M4bgqW%QdSeIM_
zBG+o<xG(YGCoC#un;7r+Y3Rx)$gwxyJEO@3rKV(oEJoXVvbN~XrZ%R9v*9aPEu}&;
z@0U@{ZdX8kQ{lkfCdRJ0FI+!XnNq)1Qr1(eo)L;Ob3zK_h58z>Xt7cv`R;nHh~8Wk
z--af3v!ism-f(R?EqhOEL2WE+ev7z_qNT=Ci#m>M!aik4Q!#~2g_i1hWTJ34R)1mM
zYbQ3&5RkuZj-}Q@uXXA4o7C#S{$cqq@GubJ-Kiynk7BjwARz@nc<c%3urZ>Xs@rGt
z*bMjmm|gzMyDh4t4H=3ZG8}?E6cO{por&h>{Zhl^ab9BD$2*uNm6_%@UvY_$ruXYi
zzw)ai9emJiFJxtbZRT?H(9{#;uKX#AwQ>>7C{snMVq=_g{>n0QoOJ)<Tpt`K*tK$@
zr3Gkct%A6}%8N)kz4beH_oiw^StH@UV;k<(PW#=Vf9^Y%zH+O$MbGS&v%;Wgq0SfE
zxuH`sKhP%kgf|8B(Fm@6tMuri0urcN%HA_C!!<5V4p?Txt)g|#lU-ZEo{2bl5v|n;
z>|noF1>Ns>l+?-ZYCe=xH!3-FjcG%*NaxkHst-(65fCSxTV*@RBe4`>=+X0D&y`AO
zsH0jskMWoXd3LW_VFqy%5h~}{DUPb<YxXxqxGk~GRAAy7<FD5T8kF=w@s}FI?#7Pi
zxxrS^y(7J_Gt20WsArllOcQGhw`&kzmWMWyibf2YT2^Ssm$pw4mV0T3uU@9xA~u=!
zb-996-1@spbw({oCe`b#_C9h>vl^7l7s1mQoAC^P>Eie=GBijuG4bA!fNFWNb78y@
z#%WD8`gL^@Jz60eoLX?2x&*9_@BP-529MUpht0JL)kZ~lq$Pc~I(Yfy_^zRcKvIh{
zv*mfX6XVydUR@8y&PalHWG`1#u^ZOcTa&?COwt<{_*$%(Fq{oi9H4fPKpo7;ko5-b
z(=NtbkY?GRScVt;0joVktUYA-h>}>e86vWuy=XRjfv#}-551*8RN7nB$S|LsLLeKH
zBsw`7LV_gEFB%$KQT3qpq^4FO^_Y&6GOnbkuQuNLBvHd8ZT6zZ0r~b(RFWC_JNQ_W
zSnjVbr&MloH_=f*uzx)HCe^%5?3MHUrc67O_%p*P0okU(JFlNdqR9#VstbWI50BG#
z`B%w;l4@a0M4<xw%LlaQQZKWZ*U?pkLIWgfr*hvrcI!fVH?prl^sWnKgv7-Wb#xVl
zE97a<$nya9adj5Kajyrb%u5ISCMnxueP3~kx(nigFIR-(J#zHx`*(ypB*7uO4}8bY
z03RLt5(&gC>aCh>h0G1lxYrj<BMLt_qE8X@2?Uh^x`rt4fb~GXwH+44)+aKhEQbuY
zwpE)w*NXLlkk5Y!8NzL-J+1#@Q3L)%5AZ+hN;3cNwc>wdt-91<Je8J~_>QM0H7V9(
zFN0#GeFFo(_ah=&B!4xa_(}WI5+f!MVT&`_8Kd~CHCZQWG?{CLt4LMB{>;4y(`fWo
zQsT9!nlQ0gO2(+5ds2KW3x(x*?n)aYO$+N=i_vYp?(BG<`J3%<)%LvU_IY6-2J#z6
zhe!wxFJ2EHFS+ytIZxGZWXDeBJ`k+Omjsp@Mi%Bq3OU<&&nL`Q$xpWr0EU-9gp3$=
zL+imyF>r62DKUZ$v~d*()NMG9Abt<#(M8#9Vd{jhsohhCyuqRQ3^{enlISrQx=y=d
z69$40xFvLTlJ%|=zsH67=zGaR-<TkO5(^<`8j@@w@754^()4=}zsm&nMA%9OK8pZD
zp#ReJLos<m6V~~sexQEJ2FL88e&Y>VxOfD7o9;a(_9W_0Vag10AodTXB&H|;jUrBm
zI1oXDKodz6P83lRW{ybxp`RZrK};TzN}Mk;h)i6JA|{Q>s67ae3=mNgnMAQG3|%#3
z!y_|5JgV;>59dY}YdFS29tlsS*Z1??H>4dT1|1>6((sysUN+C^X<J;{wQq5i-0W^<
z)%D0t)JX5ToGM!CK3au-$Fu2RV~-I<!=MvlPywcMLrW}eIm=p^tZT&d^ffgnnbR)u
zwp2K!O<WsY=SdpW4&n0KnwqmhdMZk8{`{+<>ruugw{~Rp)Zwq=4&(Z+t<zG{Xz_X=
zk@q$3;@p85l6yb~wYGq&Oldq2+8qik<#N+n7E0&`I*H)YT)|hywVvwhn%0){ux(ex
zg!0;1ej7)CcRFz&5onPJi!ei3)IF;_6x2&(Ut`Bwsf|71o?uT+RedJ;sTC3mxHbAC
z-Y$aD_nc|gn4Zc461nBWyJnPONeIQ>%kv)~Ivz~J75cZx{@n=K&QMes0ol%~9<gEJ
ztfJQeKiW70=u+5FkOBkco*7c&1(J<D#|E|(SbHT{AB1J)?b<f8`E&j9ei)uaf~7Pi
zbEc?>Jxl3vdU;<TrjI;eiNm>S@Lc^+)W(R4zp|oG7NFSI!hi;D=vaLhEZ@p?TF|J_
z^210MQew%l(l-%9b&J2PTC(J2lAQaE)ArFZa)L~JW@?VKaLddnf?-3cHfnUaC_s|7
zY!c9IUe7N&x%$(N*zh?@ZSUE!^*x*1B-XJJnH^y=(h8B4i6>b=O-O++p*H>Cv%yfg
zAeaHpV&)BYpq3Y#QKq2jq`;uD@XR28U#nsn3cm7JXn3vra@CB+V>Z8u#q24Jx!<UN
z`doR8R0VIdy-F58hKo(9os(%;2ve5t5ZJHpwZgq&iM!uglNIO=)j_4q%%;A6r|Q!$
z9-Lk`vx9V!s~6QcOo;a_f)QrTgMZL;))MF$M;XX_sRtBPHy5^B$1QN$WIM&hB$u$9
zG(h_Q^qDnp7#5d6{g!DsJjOm0sc4t(yD-HLZi1o?nC^%BUW~veKM$+Dc6#ff{xj{o
zQFWaLr!smRW?8hPtGl^!xLV4B`rLdRuW32x(TQbItE0HOvM$eDMnt=+p)NRmBAM1M
zeJ=RGUnEM3dIIO-)?Gd8DfnwDUOsk?r(1NCjA~2_j;AR)GVBni$=DF3Z4a}ymdTS_
zhT&Ory4LrvNclAB3)HQM@6+rEP*%VI$$A`a^O5Lk5^l@#W};j_N!fx|Q|*vd<l#ja
zQD*gqht!OQ;nd}$Sd1%&H~~KeaJm!ULm$NfHos%{p&DSYv+&LkgVL9l=Jc8v6{3u_
zf)yzPMpjtAV?6k+o}Ztev5dw`Bv4o+JiK{%pATcevQ>y>)M5bW2rLFCP^Vmxf3oev
zex1m<uF&65FPFV#DVe#8Sa$o+t8~m`^a0LlIC|jK%=^@x?7SaT14S`A@FE84B0-y{
zS_^V6d0o!_${v+=DvNY^vxd7(_6YZ?t$p$wKSWC^!w6#Jj!TQK(Ds`UoNnDuZ<hNR
z4Ed@=mW_;-qMS>bV*Opbk^A@jK(`5{;ee&L7Ukoa%5mZ`R~#<9f-kjwD>z}`^DOYO
zybE<AE5B>#Dy(K1pejdUR7?zB^zXn~)+})G;P5Sl@rI5*n^p3QWjN|($>`c|NFlVW
zhNWzyd{ffrf|S9kSqgA7ARbcf@L4nJf|T8-TC?evUF}$$fOhCe`fIjC5F5XTRg$Uq
z1Y`(#GxqZ0gS$`Fn-;K(m^i^S%t)9Fa1rB(j59;-?%9uqRM{PXunYRx@cTkDIJ}Ne
zzlAtg5hXQ28??9)FyGhx07mmYNQ@Vi1cZCsOcn<04fFn$6)u&Fv!)r<c(Drm*YAmP
zkWnJ7RH9qhi<jIDNVq8G*wn}f3Ip?TWEf+vPh2tZOm3qrxL*9lRy|_{L)#lzVo8)n
zx{O<qyv|CYBVH?IaC*zWfGwPl*b-bVk5dPyv;}q5-5)V3@l$WtG9T&8DWXKe8>KzM
z_-7{#fO-Bmp+&5~Fd=oPUTp7DG9IIq)jyH=v(!6A#t#O)kpdUY2AI~7G29o9hQrpu
ziWsONzSAUPBm4FQ>Me$~Ml@cR+3edGj)8xJuhbzn42LJ|0E}1|`mS0)>5aeV*hDm+
zm`rp}eT0DzU0gQ{dE0g!c|+IhrMirV@LmB$+B22+bC4=nPMZoX&OGuNQ$HI~(s=|}
zoj$l?dH=vgG)8aY6m(;}@=Hc3*N_OyvXTTc01=6Zc3|dBT5J4W-Ob{M`;#IC?L({+
zDKn(0@jN+{m>+lo)R9P#-Y7Q$V+p2+U!^iiuCZi2P}^9$qx*6!8{XQ4TL?P}?t;1!
zG}v8f5ty1i+5^@OcO?~MlI?3xi-r^~bMb`m`+dI+<g;;Ysf)ky<|{9iXN6LqR56ZT
z?ahbAY#$;%ZSJ0?NSArbX4FgoYBgXV7$xZ)2Xh-EH&26(jHn&i8*}d<$F&7qqzatL
z1fA_!Sj^BD(d-pl!)S$2Wgj4^c`UdxE-z`z$2eAlqVqiU%=NoYPxagayMG%9yEsKY
z=FiE@{iLGWb#y;lyJQ3rRE&W8j@UGt7#SpTaRrb+ug>U<v*N1XUfMdaSkR^21%^82
znn~jyaGDoF2=$#URr76TNLmon3mo-<y!ho83RF<8i&x|_+H+{~8rI)6L#dA}D}(^<
zx-J$`u{5WZc|XjF!)DKUs+XJPaQo5n3HXNlIT+mGWvupIqH+(>)0CqsHkT$#;j7eI
zB+Pmk8=OAfwSjvc(A0GdrXDf;wHEVxSlG!~)*D4KTgI|K)HKR?1gCe`(~DKz+E;^I
z#Au}K_w}pxQ(d-2@5tv4H}f9Y9Zn{Y=wkC-YMQF~P2(uqHN8M(7oFqfv1qXC)s{O%
zi?%lU^X_PI;|meOe!ZjxF#>qcX<xmnst$iXLk7O*wUh@XCVA32H87W1X)6}UsLq|i
zLKtIuEzz^aLY?P+12O$$q?$yEEwKesrPMs9NyQVFU3?n?`W)XYz?Iag!hz_il>Ue~
z3z}la?~OBQ7EmGzNeEVLQ!6d&i!#s52+9BB%cJxYYCtZ{Mo}Box89Bri*{It!LGOZ
zv=+lkv@vaVxIl(KBa{`!ifIk4F>Nl{w^_K6ERQY?>!$0+4<$@ocY%Z472;?Aem@zi
z=2WM#O6smy-``T?WHCZ};RCUT61)&p<@V6D58MzW%u~VGROa^dg~XO2EsKUy8uWz@
z3<HAtqV$F+i_j>_+S1C3F@05Mp#-D#MRg<M<}A3%{^P8^=B#CAL}9WG5B-$j-~VJ@
z##)ln4bo!jQAC=cWChXVj81OkV6!|666`18E;%qiiWgWLG+G;QfZ<t486?yG9v?BI
zhP(DH9LX~cGU`ls#tP5baQjI?XT&8vw~7V;Lmg#JuKC@YtBB<omW~3>86==dzNQea
z4p8qJRxocstH8J{T4ow!%}-4Wei<-Lvy`G!QG8@eFbb!uO1(9*d573kh5<j3KA91f
zncW=Z@oRQu>0?rUhCwYk)rSmQaAHgt#BMJwKVzI;0tX=V(P}2AuYzMTj6@kKB-3?3
zS$6Srgmz7z2DKf$%a@Op8lPq}r!6|l%v+`8rW0E;4>=c@)gn8jA|ID=Fh-^hM3&x(
zIu%yOuoXqk6N??Xv2ZC-l%^3$;PnRc&E$sHrtv}G7RXPX_<d`a+~)_!BB73|Q^wgZ
zrH!aza;{7PG(Iq(4YjA=!dof=XwgG*=aUPLR_vEHNC1_=*luQSX3HMG8`3k9*@jr#
zNiVul5;!@-JKIPHyJ|_vALIKbM;MNrouuK946yFc?`)6T&edk%mmT8Lkqb<Mo1uHO
za_f5G)DNVwbPfsua!~iZKV~0dcl*CbK*{Ek7H4BMEG}wc=^{ils71c8%Pk3g1*QrO
zh2kKTlk+MS%38hiCUa`KGg^GL8P(F(8KD6%>)7Pc9|jZHW2N?dClg9d2-b=y>qs?{
zgB_&x**8l`gP%faS<bOC6_&))<=;xMS*WK%<BaG<le@6gpYn4ls%A4v%ZaGckPZWG
z;?YQ?6e7DwhuEd+KRr_l6Y`8i>Bh1criw+KOi%vg#o>ZfnR|1+l}>Bz<I-U1-%J^L
zrqqQY?PZj4yb@~~e|=YVl9Ggrl|r3Sn+{opM4r{B5err4R0U}@^c&q+y#l6KIY~@k
zK)JMfpl1oLHfvo<Y>OeUOw`&IsuIT@2uCyc!S2On#mZJS;>vo%qnpV{s!MZs3uaIh
z)d*`b_e$!dL2`sTKLXeix6%e&1(gb_`wj|A9J)lMc(J}9QYBU1-|{eYZkou-@9IRg
zg8D&|utDg?)ZrdG^I5J*-l?`hh^Sn3S<#3*waLou`#B8V>KHexAQ(5*I&%+yhkx($
zL!Mh2^yr~eHG67{bQcTaPb4=C6}<S+M+SPCj!=(=P;dD0g?L(Xxx{;5-XX*j{XWS*
zW*y)Pe*UrD+TS`bx@Ll#!`2M~7gZwDRy-$XRL-#Zdrfi%N`^j7C+~Q~lQjoUIdhbL
zhvtVah+cy2w}X4Apn`rzwNYI<j4;$6x}BQi3B&UaNsDAw{+?zb58V%-x2aT@vB>2I
zU>rYOg0@=tyE~;m)p)CVXi&VYa<y`KT1Goo6y*~S$EinEN#jrO;V%jXAGEck?i^p)
z(*y`f0Yu2g0!&&UB)yQQ47f_E;HwOn_Id=7!7qV5Ah3Dx;d%bN2Gn{?D|$Gzg>lMC
z=ehMbXL*o6gE?<{QCbm``!UMf&@*pPO@AP<&WGzDhUk66^Gmv+IeQ_l4BqY|yD?D%
z_X&{N^|I|N*$H--4dkdrjL5~l+##W_92u$wO%b4}4rYB2glg_LT0!uBXN9nZ()vYk
zHu#ns(Y?y5kL0*7-wKu!WV0(}i{1^Zy02-AknL-6i>4Jr*o)u_*&Se_M?=y7+-lew
zmI2M?(6EDH&AKs87r5S9WXt8k`0i^FOlVhC8wEF?*A92J!#Z~_*_zNnaJ6Uc*U@%)
z1GqZ2MQXvlIz;UC+CW|z;{oqzO}K#;nF!d}-XXd|bxnOkamFQGF~I_TLnzqs)x*PM
zmJSvQUbS73L*xlIcb%LCiNOWCVHWvA55H+UXp7Hn){30XWEr4~eHCN^@3E7*`-9uU
z6(ySuFJM2|Wv2zrj~?q2v4_<YmL6xi-zJi&Q(rnjH7a4(X&)Y#Wykxz)e83cTMNzx
zhpksrl&{lj1Kx*82b?0Zr7tJSW!?cQGas7QtP^RA@hZs047AIHTXH`;B!()VkD(iy
z5NF#rCX!+&XV|BgVi;*xao-F$31K@dOqG@Y;jo|v>}Q7QW}XUcD28QD)iPyn${lkA
zr!KA<&9D~kYeW!P*rZG&7=&2hm1gb=EGt%J7<<4W&-nE_{FJ9Lm3J6^AtiOp!~ikp
ziv$l*_k@W)DA8l>0l9yHZM<`y+)vpv_2!7)&9KGW_7CbL9J$w4o79a$eW_9#zwVcK
z=gpiX94vcRWRK#DUU>OqOa2#fdT)CW4#+ouPwFL_)6elv!JhIL{utU94gz~3P>B}P
zzE&{RH>n@K5zeSpuC!l7kcTrcsa0*o7ZX;%-MZg>7q$|)dQfAxLycl1Tq>|*mg=G(
za+gwv7H=RT@YuG^7DW}h#J0#5M-?t-pNu%fLKvGKJ)%}U)7N4s>;%JVg)})&tWuz+
z741(%MXijbV9rW(O4#NJX3dbVD*$rna)oRwYI9GhRpO#=VyMKf0f?tV)E%iBZnLAj
zhyC7c*l$tDy+Iu{bY2M7sgv%{CXTs-F&51xsSM;PL$rzi*`HDL^F6N-rib2YShI-E
zHNz3G^>fp2y%68E$C2<Vkzi1Jo&@OY2tpX|exr8^vqATP@+>~HLo#pYsq~6)m83J|
zHGgf_^T0|F`{@r=^n6qMz{^YS<;ycKwnCFNG-5P(Sr2+0`>j)vz>hDk;pS%>$aPAD
zT?sdg%h<v#=xQ+1*!_)O8=lKVgl&vgRLrQ<t-KrdRg&s1?~B3)y~mAjCjrtpFE=gJ
z4PzUe$AR@lQVj{d=1s|+$_CNj?>^*zA+F<GkUy>ax5a=VFn?kCeZp^IP(B?3|626>
zq}}LJytBdlh1mU@bR&!W84~!HaW{wj9k5by18gPU^$PcYrWtEhlo-&K#Nf?6*b^GZ
z@>IhP=}3ZU6-$eZp#<E>8?jy~W9;w_MZYBtx$>6{1W1Ats3h+jj8k98tDqLA9H@8-
zp7!h3N)cTlB?`sJ4PONQ6fdw$fy2$iou_o^2Fcj5ua$%J!eLcBhaN8o*@cZ)pn5y(
zZ`qMF-}I-}`lc!bYb4-h342JOJ)UQYlKe@K9J%XlK*?w6YlFIFI*!5C&tgk=U@Ksa
zeR%V8bg%lLoTZDT?VO`ym_FmFf6SJr4rhq2DAE;t$;cMd;c~Di;#bI2CT_P-ykuIy
z>561kL)*uVcDYoEbl;gZ>FIFjgNEAPJ#jqGAiZ`g(_|VSjLo?gQ1PaHS_Fi>++jCn
zzyt?8$p_&xPn}ZA6;YA}lG?~07D%v9@e6*}Nb(yIm1bvh<-|p0I9q~KS~RU47k6b|
zWFl+GYZ<WehI2#Mi3(V5i)T$f=1&nwVheW<@BM=tcKZ*vgGy`26Ym|_wtnijmb$ci
z?ciHmt_Jj~8%`kTKCzc@N6iu4Du_X2TFK~UTzi$C?zl<6)A(6z;!HJ^P)ew=5%~Le
zZwTnHaLneu7{36+qO|F0zTyw>z<CIlSi?Zap>HnnhG5EVf%@koy+W*6h*!iCzFI~c
z8#3|G1xcbnDhZS<+%r8W2_`gZryD>#8l_74E<yYxgS=hu%&v~O@7TCtYfPbVYOzx9
z2Ps*fv=OMtWtU_1%D3OlLXRBwF(STD5Uz5*A>C)!yQ73)SumbxFuDemu(g_h!716n
zza4^Ia3H8$!Al$EKjOLeVAw*i!h1*S|2W=;3jgA&XG1mlLhQA%O88)>=OnBid?YJC
zVrB{BpXhTFsfU@eOnfbk{UdFJsXzpHC1bThKs>5){IhsE;{-DfQsnZUd7+Trk7Ya&
zVfjBGlLAZF!)WGidO&EFvWo!KTRPui#^Pf?Ma5rmUj1&KXo(7<KG4n_?P6GnueijZ
z?%r#_xqyUuX5%Q+^64)cN(DYo-}QVBj#IcVOOQdv>Z_sBp9A!2o=~N>Wf?A1<H6VH
zX`udo`v;@JZz#u>jsXH9!t(Et-v3XcxPp<1nS-PKzW@~fQ50`dgL6e&LjSzJB5zog
z27@3L)`83Cj<5axBN-$vHt>7;_et=Gxqd?cX+g$jYlBp;m<6(CQn-dDx&_T1N!60Z
zY_PCKBfaINW<^y~QFHUMxo+c-M$`P?=}GboLsb2qClW4)>$c-BQJmv1$1$R8&l^x4
zL~4kZa9J+}Ny<(JlCYzzl@*n6XoU2T^V=T}y8wS49ZxL<o5aN~SnInzW5Rmd2&A0e
zsx%-eZ&KL0Z3mLe?;OvK(}5DZ6g)4{XkHpIm$zENXTv>^D`ndpB*nUkh_}Nx(3g{B
z?wtF*dmZkRA<Rx!N^qq8i1^n~e|jqRlc7B6ue_y${fV@bKD}>@^zMhXvb+Q{gUFsD
zyxrwHrT!G1uJa*ez;sOAlxv&O5w^qE7ScCH`t0~?n=jJ)#d|Gcq7zt+=Pi2%?Di*g
zy%nPOJ{X9(jr2G9X3U(pw9L%BXhmgVT3TsSS-oCc)M+gwq-bUIkzD+W<CmE()p)7#
zqcCV4456+R*;<n*R+#`MgOLtzy)bC6-M6N=y1cq<ZYxe%zOA{ktauJ(k#Yx7WDVk-
zCC*fn|9sK^()|b4=}B%Ni0T?8qa13S!h$M}9*N30{{4{+%1xq}29<|a6!J3LAeY92
zX~8nee33+4F2-7+2m*&oXtr919;}k4dHbZe{Et!*P2yc&JxI>T=28p*JLBVtGf62_
zGreZ#D3MscpL^F7gTY)Dx`uRxQ)r`D9rnQswF|`KFDgH3a?XPTZ7_e!Hi_=DZK6%1
z48fA22Yg1qp@B&FH7UO+d4mq*`Spk8y92s;4n`j75V%R4W{zpaxdzePIsLfg^+{%D
z=X<P`1{{5jn|Y0@g*&o^06E26DqxuZF+?#tRI*&2z<OkJ>*cTPwVj%D6pcqK4Q@0V
zxOADh?+CM%pa@ttZ=?hOK|h?=h_m8!4Y5&X5+icDID69cJ$&~?{}{INj5t?jai3{i
zV~@pK4t$IyY_^O9CIEDiIJdFXNu+2qZk2oD!Jyo56$g5vYPM*|7U7F`Drv}a#tuP5
z(^F)}G*;wJRu&A}4EA1C(tylQ?Yteg3cPovzL~FdT74sigTm;VzPnKkA;}4;Zx=xd
z`QcIQx<ke<E54k54i*&^XA_2B8dnPLdr{G6IrP$t0Wu$e2j@NosJP>u=Z~rMjz?c^
zI`RT`AJU#H0(j)7i_=?)l}1AxCSlhq5>D;uo0k78O5yma!c&Y*v`{1R7>H2i4IqF&
zD{iABfW3UMi4gv1_Dnak&@mn6A_F5Y7MJjw0&l1JhjvQ`2a8Fk{<EqyQk1HuB8%7Y
zK|+kw|J3HNO>DVz4-;4vz7I^|KdseREDt$_f%-nJ4%QTQr$oTinr(QLX{h*s@6KSI
zhGKEe7HMuotE+Hhf!@<M0qb4y6~iOacdgtR&PVAgGjz^0=`)y<I!pZ-*;5Ln`Be(U
z{jA<2WG~x6K>s_K0sC3BN0<3Ml^e~;Vo!8bvJ~!9RzUHVbxZ!%#%#U=MWRAc%=9!r
z4;g2SjwC{jd-(?(8X}*y2x(<ZEPN%ofoy@^QevB<q!9;txh+f!|J=#pU?GW-l!ZQW
z)iu4~aWrC^xk>U$Y-z6a$Z6s>HX}lEXcl-!=DC0`ix@gVTyeN#UhP9^KMfN^F~@nC
zWLp_*&Zv@GCM^cFvLUML22V7P9%Uy)`KOpw23gPQsR(9;ey4bW5J&0{dnHDBX$6sL
zb|LhHA++XU*bJLQ67gwn)=GKx=|KrUO8{CPfU7N6bFoagK9#%}F7f>t!PpQUGl~Zx
z{8z{>nm8IjiBWMB0!vW~vXk$gxg|>ATU#9u&S^dFHiyA^mcegnErNO|7X=+Bu^!($
zShK(u5!Z-}ltssLjh}M?b?A4z>BUkmaJ1reIthDn%f&FkRM)nm?A3pQXskdxw{+Nr
zBNx`i&>D;v8L&D@MF%t}<u+%xr850#9SpPwt2g)89@M(3gE%u;1P!*{7yk&A^smgx
zYz<6I^glNToc`)^ez0h&T_%^o)~?$`2Mc(LtY%+A+>$J7rA0IU3aUPy%-~Btx832{
znm$#pXkG_f4kp&7#lD-ol-IUss&*FwrWCS&p7MdtQ#SlB+TJNTv~bJTU9poD+qTUW
z+vbXG+qP}nwr$(Cot*5dx~+CqyKSGlAMV3^oiG2GvyH!x(ZAld*aug=k!sXe9(R<g
zLT&pqrV0}cHmY%u%!@-p-Ln0BM~G-8k0A@B#_UX1Elo5bYZ@Slb8$b3b|$biCrAtI
znL|3pSzELKE?n#0YiM+6*!-}9wxx3k-BwaJF2*SWgHmwSMH_7eA5HhBiZjtxLyE!r
zU?&`8$yNSIz0L`mgo#XSyyJAWbX1Dh%2(SJ4iLU`Qjak`wBN&X?C<84zrrL2WPpn6
zlCMM5(M#kMWf1uVDUq5UbaNFy=d1tacP|$b=(tJ*s=rKL_Y~^df56O1qS2c|Fl31s
z*QEBXue<06&r0fD?k2f!_i8x(AZ{2lE$(p-NVqf=txdR5c3ra0;+LONk8ad4=)lJ)
zXwY42rNCi-)p3TTMOG*?VUV4{t*3&{mN;?Qn(v%lK*5LPAlUSSL`FK5lEPWpL@zGI
zln=$wUr}(|xtPU#RHr7pE|Jv2&||(L9z{tAW}0{KVIA{k)kR6t!~O*~CCI!au=APG
zDm&&XHRr*6+$eT$m~kJUy3aKCf<9@?Z4A&ASU|%DZ9Ai9xx=_gFeOBoT{h`MVzHNw
ztFUoV$3lC$y#ch`V}!fS2XCnv$KL}+b*|?1vYzq#&@Hk7T0Gke{0d73cTO`$=+y40
z(P%S8iO{&~gU6ulPvlwV2#;UIB>U=XF#T1icEoi*urJR6_`<<53Kq2^s=FQcJlxKe
zpQenQm^v-Vlb*boo3@*_I-H%mO%Qk5hCg}dNPUPWTfNRbyyT__+Pq!S^WUI;)_gEV
zYJ0ccYhg7pH&*2&RpqHM2^j{93`<q*HcNC@d*bUCgu%3eM3?&nQYUx8XL4%WnpHw<
zNt!G}a&A%7S2_@d*Q+6amy~OxDA?Ois;ptCsSh?Sj}W9+F9_Ow<hf{jqT_K}Kb>iG
z8;x9!06?B_a!2+$IsR31GEd?nUF3Xk925l6@mdt6k7dao&lnp>1QTpv71Z5^blJA3
zKO4h%I6Li_sB=}}CTfg0y@LtcKEvRCr05^TXkW&yUtG&NJ8$8dywczuf@|Xio&0O%
z9^KMfq%-1_%{xR*2%KrMGX!=y;ifA_f6TCv*4Q#R(;@QlC|a)d@}B4?8ca?<HYLrQ
ze>*8Pm{2m^WnOIm$ziv#*sTUyorLt8m%&Fhg;YmA`9L(_BrYV8LpnPqRPD{~p2KO#
z%%k7Jmn71N*pq6J9?jV2s1Y_38~c^~@lDDJv|&5PV7j7<e$5U$LW145%FT8xHc>e`
zow^+iLUVzLZ=P~ZumA<Dr7_aI=BJ-m`&VFhRxi4pjhdBu*`7}k>8J=fvEW$3Ag*0-
zRKX7A34f=L{$Xujh{*juMK^qv>8gJ*kEmbkV*HW40B9xUc=GWvcSML=!Y=7C#|1Ym
z-qe3-`m*<(OT)dUgGgZRp5aY)ZwO>_WaW}@33p<gZHO!1h}=666RRpgvV22u>LLL9
zoqkpQrVY^#JL-@qnFEaM0(V@qj=0K>=m~DrCQAZVnUt+_m}=J$h^w4B>w~Kh&K&rl
zJcHy~8gcU)N7rg;%tjFfdV11N(5lMOE?z~nR^);hg<IL`F(*dGzts_9XkT8EWXgyz
z0wjcPpGLn)D3zN89-Z`WQ+#>&LS_p>@_v5{pgTK<Pr1ty+%CF&7U8APg<h9tKUOP>
z^^V(aFAM>q`+#6q@s2P(s=E-p6+*d9xN5M*;A@MNX25!25T{_sOz1w1Ep?tA+*NVm
z`=C^d$VMp89?k|OP9IQSuy)exq8Qngo)t#Jn8>D9gEx2ikfA2rEta-f>S%pMFe+-8
zM^*_UB=aO`aDgS#xJ%pPM8Dqb0OQb3Ue)Q6nij%=^ph0IyXzgzn^o{UnFS0dxq#7;
zvOy+)YrJ1FCD}oCW^&;OmZYLhpdTf&<{$w3mhh*BsC)R~2la#vwL6$`EDhp@p>=)S
zt-$E$$ss$UrESt;olitYVP}aO(v`pRIi^V@)N9AunG5dge^96eWCjYzp@01v#Qaxx
zl>aN0_P?Eh|GY=8B=wK=?*Dl^DO7=QM*NB7%%V0oaD|Qn@Hasa#E-i1n?MNxKwL#p
z4JE=H1%(DMri#7<P}6VtWwlmdF1p?zmE1r~PAw&|Nh}2<2JMGnlGb3_Mzr}3=O!)V
z&F3bq@zxn@Fs|yvRxC1?&iTCg-r3&yp0)LLow)qVVrV;K#jju5qAyk)76_J09t6fe
zF+_J{^iQ&VzY<z+NkIe!)*wBIE!YrIYKdQ{Em)KaerN)a>FWfW4L^?z1>2z@HY{a|
z&5l5vM*{-xkO<LZ%7TX`EN)^CZv4XV;SB^B&*?z%O^P2W78~`XtGu{}dap6oO9dhh
z7x5tv>GF36qE64e-Af);SHaFWtjD0QF_On(X!Y(n<P><q@FYBd^NeJaOQS6{OPRa=
z(Mn3Hs4F|89+7azAA5s#AJ5=ex;e{*n~HVPzvpzp4!(nb2y=rO_5I!IR4^mr6)>6f
z)jhJ4m=4^tOeLZ*$bDhWQ{&0)^I40C!6pNiMO}v@VhfU3UgGBBNh4COxN8jsB(f|?
zIz4lxsVf8Tsv87HrQnxNd6DOb3u$`G?=LdA1{-c~Ygmj@9TYipUH36ELyO`cLdl{U
zvStuYdt!XRZ$w%Rh3w`>khHS)i=&1+XFGfMQq}cEWeOr61cOsWPv}Q8gJSm>Eg;KN
zYxQc|5^zYdC)qdSnPh%biHTfg%wCI~?W@b<h83Nzpd}MTFf#HCG>4D_wdXO35>eDR
zfRf}DGuT3kJ(}qaMg=z5QZiS7fJ{@kNcXZLWf*GJN+Nm0->$-kA2VJ>q@@~2Zd;BZ
zCr?ZbyS0XdS+?i|%D_JBmiGk7{*@V6#yo*#1#5p6+_bd3;wIU@l1{%;RF^2)th`b?
zRj=OBp!k_vLT0J_*nL$7T|Hz5iMpzHz$m;za7U9-O)A20_l0~Xn{~t`*R~?Em>fWx
zdCuV8INdh8va)<@Xb-IIp5OYrY_9oo<~up(u<b<LLD`D;NL@m8<!k{^LEPTlI6OPO
zoOMic%DcG{POw58z&@`^x>f3kEPXFG4!5=sqhG8I-}*A+m^<gDw4j^Al5ZjRHERS1
z%To|aGLqzNA(GWRn^COYhe8-f0XdHY@N^<KM)z$Alb{AyMAy#KU5z0afI^w{<&*}L
zV+WBzRFpoDuqmoWce;blDXeykDYS<vDZFUr-$A#KR2f-2zZBf4;+KLqhS5(Uid1@O
zRjG(s5_*6b&%Q(pIQ4v)nl0AM0Epv_<~;2Z29K7gWy`IE9iJVXmdjs=x8!dr(Yu>m
z{eLsYyLAycSeN8%z_YUH7)-9MYuI9LDc_oZ2oGA@cKdCYx`17my>Nf!>_xvIHhYee
z(04blTP<t&x*rd<&r6=zv&8ybe_Pc+{%43M-@T<S@&n{(*5(ti^3?Xk3h!|fnQxi~
zl$SF0V-(3`e5=CYRUjNS4yUl*ih&WAP-Lh34VlzB%{1M#A1nj1BysJqO9~rc=9i82
z56e79cUPc7R4Pk}(2c_xocghX(h*uofiH-6SugY|l`>I*%W%+CIB85m;?_Q8kX%(;
z)om)ap^uT)$x&S9ox!x;-<LTBIsG^%LT%E8CR|9&B6az|b()S@<-E;e9FYq$9EOUg
z!UEz`ajne`%fPrmBharT+k0~Lwo!o`uToQ4+#jqvvr}H?24%)WBj)u;;$TQ)9Iu}`
z)||t$fI}4NaV_l!tVH`8C*;lDV`FR+-W7-*>PoT5NVEJNSRAcyW?jKmg@Vi1$3PLY
z)QK7!^Rk`>7<eHlhzhj$4uD3I-p^N!ld>5mq;MS8L1OdpS+r)Ls-CK~Uv!qasVrhE
z^CtP%hz2(;AO5$i`OoTaumOeMtNMDIjZAZsD&BOQ5NAo@0}lfT%HW=nIIS7UICmk1
z#99m@b=kgBR$!QN8C8>FSo0F3%xETY;I&!{=jD>#MH*r&WMkW6(H^+dK%-*V<1^2*
zUB%I(H`I4^&Fok?DmkX9_Ap!1-Q;-jPJP}k!T<<@;mXvk75%avm<ThePo_z|kCR;M
zg!~p$C0Ae_x*=&cACQU}6~GPO7ATx|7og&6_ozL>=Vmxrb)%u294I^zK0Hb#%dGmW
z4g3>1nSzah9Qp49Kk0Bt<|Jb|rJ$mX{Msgta3Mo*R^!?f9A&1(CDjP!^m2l5PT;8>
zAr&D@OB9KbhIq}i!8(SG;uedh@{;rJfWyWr@`{cSI2#As#YBY`#_;yB-8!X~3)itO
z$<e(lyO|gzW7*5RQLA1|6aNBbsEcA;kQO*`ymh1{q?(hBgGqyOtv9#mfQn|HD^Ha0
z>b`lM_9?^efS~hu)_!&usD|6mKbZ9<2qtyHDuaehtU5z($&mv4hA!zZ=>wwWo(TS}
zjjR*hPabDDrCmjf^xGan=7r<7T7K3Il5M}hz9GM{zkAeYiKD<Hg_K0h(5Uws*eItC
zx2GAO`wvEr3tC95WWTt`yYe-a6Km?#eI6?iXerA;!fW7}sd|Ykt~rz)xXnug<22Ol
zEk7=FbDb25aW5Nk5FuXZeK%cTwLY$Y?|^*$k=(`C{wv@DrMtEwLg{`Zb1~>1vO|)W
z2kEH?{}gV>hIhr^z2Ym7hYc4_10DL?p%%4Y4_A2LPed3YoA5O>yg<elHcCDl!5rG}
z=skGbv^yEOFVitzfmg-^UWr%x1n;c7V|c{)1Xo`MTDc>oF#~e@NCsB2dyZ^tJ;@FM
z+Jh(zBP4`}B5dr9GQ<MT(@g$#mDzso8hb}EN82QKitc;GThLFhn0G69cw7RdAdEdQ
zbYDBFT{B&ImZN=0!sUMK_GEQ`Rgd^T4U{2dA?n-O=j&h}VEvF!q29S&TD@M*YWKf!
zGa+GH;0{8*(l0m@3l-VH{@~x@RHmFlz+z=wNtIW20Vpn6wM9(Q=70DtdK<kda1RS8
zue-kdhb0nu<*2p-{MWB!_<wGY{&yI_zv0Da`1ic{|AyJ}=grE@4FAGxS+8tv-U!9o
zW*%r{RvSWQ1zD8`o_JAg8$xIaO2XTfR0WL6;{!*$HK5vnglc3v-N|~~j&=08{|M7V
z&%vB9Q>ND*<^;lte8G?~t(21o1^UBGKo8URBt^%Ff;@2K$`-e$EMi=1z`6`grHl|i
z_E3wsQW~*2Gugi%mW692olpeR4D_h-AS4hHAd|}D8jYW|>CvK4+3ub?siMut{BIaT
z`?@{OKf@T(53q;-0b@`#{|AggyNv3f`rOGaFN%Qzx-iz$0FD8>$n9==0Q!@6lxw*!
z8VKohc77UAqF%Og?jInA(;JYB)HJ}QlB9Y=Fy^vHTA-y;phwJ=iCr&Pjmo}xgtlj(
zMidi$5HsrhcgoqyiNz1#e<=9*+>Cf^KQ2q5f9bOPHx8fiUmyPeHdk`}e_xpYd9#3p
zuBoMzu9dFw|6`^sRC#wsGX61B#!O0*AkvIWspo2#o5X<z1@W2YnBx0Tk>pyoAi3$+
zaaxdEOcnhkztlV!l{%j_qBMk6Vw_hV&c!r@J%+h(y~RHnfB%Z+b%{DwHNAc9N|j<6
zCt;>%KW_KFK6K4~b~paM`ASdz)v#07dz1r!$-QVI%+DgW%Eke^h!?np(Q;DWt6N|g
zKf8lo@<*BF^KMJOZq#%HGbP%e!($ch1dYiCSme+^bc~%OUFO6^bJ!MJ#>7Q_SOGL^
zi1F@=)RC)vKLF`1BS;3l1tfdv79A*i@Yumad#XEUzaZ+^(L-)H*}+3i`#mhG+UzCG
z7xl&wh8CmYJts&3(0*<;fv<uvT|&*NJM+Y`LXahX)Xg=VlYCi14SRJ#7=SyrX>(#}
zvK^SEWM1TM)reB}*sU(>@Tf8(eQdRBTx@F;rVU~kL$lc_GO?jv+1({xUXr+Q{^=qi
zK0USIDK9-iv2pZKvpW)Jf%O8p#A2ER+t(Gl>evCsz%66Ls-1K)(L{trxA=LDU1h3&
zP`rD25^A9Ui}&i#b6vuwwy{h1>1d)kezZqsS(+0fdoKNq^X=l#I>yar!{YAIXJjvz
zCE|h=uZTr6bjvBxwFDf+MuATVlpvBY;JNW%sc3z7U$KTlb%+=YQ<YK}L7L+SWBUya
zmO^eo36g%61sxwNk<cEg`ue&^4zqSoPTQ9GE0sLv3>3O1Y$>+SJ0tCW))VpO^g9c0
zJdw#!c`oBhw>7p2L!!j{Gp2nuTK(r|&e2Jp=qKoxhJ&nBimMDN-!4oF;mbJ~9;Ar_
zAO7{IH|Z%TM@Gfa8Bk9J0_?lZlPTB(gefN#Vf{b!Fe(zwk`@CbFxyPE=(MRVK$wyn
zp~{HoHQImKN3-rT4I<i3oFzx2i3O(2UXnts_alO?Q(Vxi>4-?W!mm?bc!EIGjewd%
zad(suc?Y5;KhSvTZxuR7Y8=AAV-kYk*E1yN26~$4vh^zI5v%trdiqk%2R(-Cxp|W&
zj4Y<qnKKw|aZn{Y@Dn3N<7xMx<HzX8=5C8@RCk6D_~sbyY5^~tb&hT4ZatQ9>lPp=
z_g|dmo-8Tj?|`%^ve)a+<YMoVAKtvY%L@Z4lI8$sF@&WecBK%lcZ~tVp?E0w1`}eI
z(3aEn037x9H%5oi#<Tb1_}0Hg_z}B%$~|oLFt%83C77EeKg3}v^rSN2+k_0E^R=MH
zRf%izfF($Y?7@pe!EVicF~joY?DT?sWEPU}GN|Y=y!7{)U$AwiSGf-*`ytG(&Q9}H
zmtsPlNu~WQdDDMpj4h?B8Hi_g6;pmwPYvUrx6hWsC@3nksVHS}kR5t&;?rv<Zozd0
z+MXihzkBc5USW>r526I>0)n*QkQ2>1ow~w%l^5TBIl7qDmDqHtLYxDR+o8>IKMzYp
zgIo^|<+xodU-NO50^gr-RUs?zuQ_~fws5G+*A{b#XO|PLb5p1(9SuA-Nh!`c&f63D
zkZVF}uJ#x9ME>nk>a=0Nx~;=I@nS(^WU%ropJ$9&I~uhUHzyQh&m1`ETYa6<2Xf-T
zm2qvz-<;wk2B3WzQeBiT3kGyvny$JK$1^k_-GU}rBI*m+CS7Fs$X#E8{so<*F|hu8
zv=Nbs2^rw9itc8NVvf?{og^*!ekjZ8X=d4sI1z+D7ur;!sG$MPj(l*BiOF*!fyH{i
z-WkX%cGMHYoS6@)cDRaJH&b7|2gwVFXM<{NnE~-+v@aAgB&XQn%Wk|_$<ky`4ranf
ztb9i*M0k}%>VMxNB36DBJdh;26uby4>k6A#U5_d*oT#of*o3V?9!)xE`=q4VX$Ko?
zvWV6IxxoUem1Dk$Rt6%y3k_C5XPsZvSa%C}L{*OEOP;<4KcR)IhQ%JKUwD3>w$=CX
ziCT+?f!)jB*w52Oma!0}M;}b6+UJDJ9IacbxHz%<?P3d!Th?>a7@VFr&W}Eened2E
zCw_Q^@+A)hzzQyd?YqTSa=qt`>iiDAgZHivd<iVm#V@L@?+vj2`sa>bvk&$I#}>pM
zilF12t;v>_Uu@dm8_e-{!*4hCF#Te`XGoqXSkOv)E<U^J@O-U5Xw`bYLGIuF$=ipe
z?+J|u>}^UV&h{O}zca$R>zC0AoD1AplOUqds3D~tTtk+_6!r@F1+6fm1uZc6@>yj9
z1ZcbkO-&=I!UKrd2t>qZsVkMn%Y<)c$4zihwT9jERmnj%DM0MIwWTpg3Sjr2#D)_i
zOldVaXOS#3CZflMK3Xg}oYTTY<(IPe4L{UWh(3Y1AXkEu;xOkqkQtsvcb}UB3o>)g
z@RI5;NtB*r{<^=~T@dQx{%yzYyqIV6iT|K-2Y|cXf76}2$M@pq4(r~<`|AD5KI!d_
z>2bFSh!W5vmfwSYN}r*`@uh^#mFWnHXz{CfA++0@9trR6Q+cq`|H=*!sC<_loDcSg
zKO3;|J=x0yoMm^z!{ZPk7F2Nu$z$yY5Bb7@HC>tRRdO(4yP;8zeO9r}R$nbtUi!d9
zRv_;84>ah>UJ+TjP8h8z+mKMwVL_M9XAuRB(|f#W>>fE+9#yF2FGA14`;vkGE;jvS
z^q|Tj<{?e#m?qD_aBYH>7>@TocDcJYVDdZIcGbEY?*t?<!hgjacQ0qG3pD#{EA&Mj
zQH4Huc}zT=Hd^0!Ea&R<@rQLGmqWWFkusW$KKkoF!a29yy+VJ;NxvWw|G9nr-#Z9`
z|5l&zPsvk4F8YQx4yM*t|Al^%llnn_{q_XeP!g0wikKDbAV)L*VABl=oeeN}1l-k5
zGAi}en%Cm<P9jBs`}*abVB1zP0M6>3GUd*Af5iOx;r9K@CNz_ZVTD0=U3gYFw6{&U
zE9?w<knmV60{9wgdw)`ta=RS68J(f|j|#&9_Tl*OZVsWNgu~kaQbrH*XVc8sPQZj9
zH!{NpoA1*L8}w8wr32|rE95JmtGZwqAK9a5Yg}{{&6G?2>y1K-yX|4Um>KlxpOaK#
z`yw<7sERK=b#Cm4$jlX9LY2Wlr63DNG&7YgN_|h~*jNR|lzs#%#3l5zZ+A4HY{V0B
zUin$d>k!#HVLu~8Ho-KWi43F^TmD%RMbeDC^)f}$zt*;%sd_9%&n5P_lnIGNS_9QX
z6exD8gfRJyStiUTB579b^4zI-k17{FL1VS5u4^oa^@#NGhqdq;8xh4&+yCf7W%gvW
z<$t<Rr~lD~{_kG#|C*=s-x}>tulS#$?9ajdL!s5vwKo*7GyJENRW+y|UuEjIcj|Cw
zs-`3wINcq_Z~Oove=b2V!9X8i#NP-#J}9K|5)5?FY>W_sg<XZ}6-_VvTJ4){;pgfq
z9>DSxPM$N5a_yB@ZzY?J=9gznn^w<CxZv-+&s(m*pk<rc6P?E%$DBXU``7oi2WywZ
z!TS%zKDM3thf2@Fr4z-|k+UD;_ASc&Gb`7w=#g+~1+3l~=IIE_K6&B9^$N>=y}{5{
z+3QwO|ISgjHgQoH*5KHBl6$a!bP*Z#&Sm<l1^f<hcKnd<{8kIyp1+~QzApc&X8s6=
zL;PXh!!5iE;12ETD4nyKy%55DAN4DKw5#7Wb9@O5UwgdBe5kO0VSeZDdpmw;4-aGT
z%-)v5G2W&|^>gqn+X@cLN$vD=aaD)D*s$=-7f2!|!$A#P_Iuox1ScCKNTF(Vjyv9(
z%I^vg^6U#hKcW?llbhAZCsRD)RE2Mo5*ifHEVf0+PtLYQ%o6uZ9w-(vB*DhpmT_u3
z4wo+h<NP5xLr}~V8>`y3@$M)d{|WDso;M70%htwMFidk>DEUDmmMj{AY7scLEzEn*
z<#6C@8ND4qrxp^`QyN66o6&5N8lN%9B-cBzYfz&t8FrCCdDul!EgWe2Qf8eY0H-UQ
zR>>BSB3!Zv%qkMZiW~7`orV#&^G}vmy*_9e6JeT4Jr?B`{Z+g_64f!#AhUPnT1ZJ&
z7(bC>LOE^CFEx;twJg<G3n!<`Usa_LyS$TRiDO1IVxUA*n=zdfOB63gk0#brW2C-W
zr?>@=G@C3k#YFCa(i>HE%EePuSSy*EJ2f}m+*2fttgwh8o<!~pg=O4CISolS%U5JV
z(7_ZNR@{bftKY1R$eFcUT#__XCc_YOE{MxjB}oWzEF?UW&5cOC3KyD`-QHMb6rg6W
zU27qXqem^C6lF;)T1A|&G-_ZqXK}pCsI~CcZe&jTiDt*G!Z6I6J)N*Pzm{Vmny?V0
zYuYLQ*(t`7wM6!xii&6)2^00R59pp1n$lYAFwj`Iu;t$oH$eN=b#Qf%kSG}DC?`3N
zjZe#vDWJP?b<FaL(0@uBumz32WT<bQXL4GRKNKk>RMockxakTpa4St|XDw8K_@l-m
zbRRZ-RxeOTRmic(WFocaqEME>ID^Q(UM`_pym38R)RdATpEP>Zxs@I{h@Hv8jM3hw
z2tci{W8;G(5ttUo-Kl1l8XLgCCLMAZT&Wf2zq78F#x0?6Dj2Xn;wBszn^zyrXeM`E
zB(-FvO|wzTMo-e6&u!#X)g(M(r;2U`A5Y>;mXTUsEOn(YyDngp8m`b8<~1icj3l-u
zzX~oj(<D46X2liIuW67;tqd%cp1S4Iw1_pfyU0!sqgEl7&!_V{l2h?<l}Hmqp##I4
zAc?7D5V(=_FdZ3&1lcIgV5tXY#dN2<B@Hai`iF&Oy(6w^_?NS4&L9+D;t)_O37zZG
zPKt)9KusO(P>@%O<P1g)pOU$CBt~gYZ^X=$*#@SHxj<?OeClm)09Oy$b~kmMu3We1
zF>8}<zQ?m=yC-|MJ*Ywn^m!jrY6;!0wgIZ>@Dsiv7u!K^8GYhGINyk*zLXW`+L{hL
z0VYV(FB4i?%nhoDDspD{C+39$EwY%wh%Q;$Z`K3nh(CEuC512wOoPfwx1y*fOkbRC
z-SQ_9Wo7j@lR>_wk*FXCbZD7KvAT;O#0;an9>xpo6)8IgRfEckw&e+lEAy&>XtIMj
z0;2(AmCCbE{KAP8_fY|QAFs7w=iy%D&vkNq*l#q@GJVgso)UqVcXP44Dv<yzb1C5>
zd_X@_DEO3d9zF5GkNZ>+*ZEAb<c)?rSzII!vIc=5kb~1`HbyZzm5H-`AyPH1jJ-K7
z8}d>}4WIRp?FbT(I4*>{XroDpdoPG6!9RYkcL5O+JuVKX>FnHoUZRj(fF{{VV9qSg
z{1JiwXZosiBpYjh024G#Pej@2w>uo-KhJc^Xi(mG$dq{Jh8Sd_pmlp|9N4`bLwO)B
zP!)F><e^l>a)8mg)T1!wPj|qfOEs+#CtW=E1FT<5KdSZDXg|dOQ)glog+9*d4t0|@
zVT)lLiNQot_y;WC(mDYqZNp#$_LTm>+-yGm5JjM?DnT=8NEly28lp%+gRvL96Px&l
z@UPUB8)UVgiB1ISFI}hK#&F=o{3LZ@@J0Y6u3kY_I8n#=mrmbkw9uN|+l3};l_&kz
z?L;c`HME{>lw&pMbaZ*cCaz{3b<(I2hTr&v!9oR;QPY5%+XBCu1ZCM=_Fl+E9E_is
zcaO$y&fnSZZj#vpSb-lntqTlNPDh<SqZYHEfq)r!`Fh)_O1mhA9AH~Taa1>oU75f&
zqBeeE88Zr5$2e3Wp_&roCouD22!h^}vCY)=WD!bzQ>3lE^Q4<&cW~5Wx}Frt!YX`Y
zCIZKh*a0MrDVBV^R5iJ&*l6FNx%L)jsBsiIn+5H3_Efm{S8|8`iOjfw`3ioI>sXRk
zTfJ?p7Mzm$F`WjK;Zup;Ff!^IGM8#q$U&iIg>v4|gD|#;G}~)1kY$+RS_<1Fu~=Y?
zba{<dH3cOxmoK5>q2Z>AM>^zZ1)%r|bFxnk^D5@4uHKRMW8qmFf>NU6Y$^YQ9X|=8
z9J!}~)F|57s$vvSmK1!scp0~=E$2du9?hfiiTC<5YN2at!D1%MBNTci<mX<wkf&5C
zcWeX9JUufprCj58NMDQs1x0BUgF?MhVOy&gKl0M5C`Y;)>bO&O4xbTPu%ieAb!mgC
z7X5&u>)b|?WqtS&1?Gj6mKX(9REfzM6=z*+${dzP$KKwRXj|eL1+Mye7FX_I+y{=N
z@Lq1wQlD|iBuwD6A$hx1Da{*!nyJ>7IYUwZE_0}!*e2>gsDh_?twC|C<zW%xOJJdc
zk4K0Vc~%qA>gh`zFj;1z#QO>+YrK{jLF#-#-^O~Z?avx^QE4d=Q$xclVl(&>Um~p|
z8$#3U#mVIu;?jI++n`zpS+<F^(1`0;`Cv8@D2ULjm*^3>2hIv2a*zdjE`3$eKrSSa
zl7;P6_yj#`Zwzhxn|$dZ(K!XD^6#$Kb`!K)crnx_dCc-?VMn()qNI(1>*;x!tY68(
zc|=5Nmxl(F_)|E5A1*}kxk}zU)3hl8JQhGZfij-dHA+Q178TD<$CJ}I=aaN3=abdA
zU5?=A%b2enp`C1pG+i>4o56MJu8>vg-S6ZsX2x6~)|Q(JGf(RF&ScnEpcyc%M|oKH
zvY~XsdOU!tKGn8FCe;Dyworc?6NK~{6Qm3+ys<f7kERUkTcXsj``6Y;cd-L#WZQWm
zlFfe~8p>9F-Y~yY8bSB0L_%uNS!B)?kCBUa&snKJsGAwTe15?Lp|$2UdEu5_`pWqY
z)4ToF2X3d2kn;ZfyLc@e*H4!+68YkfaXkh$ul{dD&5J5i9-q+5_umgP7(E8+HW)fU
zDRcal92A*XeE^b{)#<fx^H~t>(K^;HEBe%EH>#AN8`BqoU}|k%U_-YnY8!_g*@yS8
z9Z{?+-Qm=W&T6pTfQT=eVY)59@@t_HX9F;(h9#Nyu^MFC5XxV+)hmXC8}u00TDFKC
z-U~NK`<Pi6=#q6&Ia==2HzFNfkWlq`*ILIxuN)z?i>}TWJpJ3O<(@s8c=;9}Pt5!b
z36^%00YzFgxVwDU(Yln_V44+<@{~ckLal8d<oI<_4GlL8g9zQBf)?*e=s0Uy{JULm
zu!kgJoV~&Z6T_J{8vVMdF|K&Rc5h5tf;lb#%q&*qK(I7g(s@}?v&ObNU5OGEike;m
z`GcNB2uFKmq$DgiaecF+a$ih88D7-nAbG4Xd92KP-JrPBLqjf6%vkPkp4@q}{axUz
zYr5krKV2Ulbh)xO1!W>mRwqQQ@ZI(VW#Udwb-8Fsqvj&4gKVee_bJ4i?4!+JJJL?~
zF@`QUs@6n+Ee8E1*`gU%FG#yUOWy^|Iz=~CO5Q0Pw~gMh3Hb1h(f3*5QIBHv_k{`z
zu(WX|_79i1w6z^?_LO_6`Xr<PXpP}|$Ke&#L~CvC=nKH{tR7jBNk>1UaO6r!&IbZ^
zQ!cWtz=$rMmam2*YKE_?>t|{wc=NW*GR{rFxE4IH9L?lCb5~_eg6<}L*0mpNfl^kl
zc=d6OxZ|UT$)E~2Wu@RE_g67epjqSP#&n=8-|tEp&t0S&zXtB&%((yBR;5XPvS?UU
z+0lO`P)8pYLXI4-NYdWof_2C9epP4g4|k2+PLE=HPmM-@8%}wES$4%QZA~(63!Gn5
za@bROAE|y#)PAJuzcMx-PH)&<q_T1t(<pfVskiq#r>9W-WjBKF9d4fM-Q>xizr-8N
zx`8A4IL$50Fz0QQ8BahJ>b?swk&ie9*-m`H?o+=$x@@!J{_B1n?(ZM>o_4t7i~hbE
z5!cg=ry3_w3ZS)LQ&8sn*FySy_u0HYLhZYo_77T4D90St*nIl#eCxr)y4*Q%e^0F<
zl&_)s4!;b2?*N$8%%Tr0w5LbM!EAP|G?@hOqa#OKf#)TkuSLQk#~?{d)^HXkZmJs|
zNMIM+O+vJLxV=~%zRS38UR2<6lvcOeqKZ`3mzp+%!+h4e#l?WmlI|~t(>6s!mOwXX
zke?gHnS2~Gfm&Q}*X-rL-vBIBn~z6Cl&=9eRGDeyFtP+v@-rMyaTWqQDTY0XcN*<7
z#)8ZAH%oX5OEkg&aO1O~P{%Coctb0<fFdqF>vTG?b3C(W0Pl;Uf>q%^iG_D``46jY
zIB<4Ho?Q;P#tNR7*^*y9(6j!UVf@`&52h)qV={iWf4_VISawUZ@d(;^!{2?Qf`7zP
zal>)H1!RWZ#iO0bW;pDO#N9{ipfG$1mF$@|fZd7_a#2Xyw^R$ymH@mSQMs+!2+$d`
zeBrz532yk}cKy{I7ktY@{mqwEbOGXF5StrpvN^8!iI=N2r8T@eeT&L9i2-r12p3C1
z4soZsEU=HEpF)DG{17X^{#N7IE`+NEt1d|4FXP1r$Hfmvolm`;54Q2JmH5!7{}b)&
z`)waV=xpG!2roHbqtd^Rk;N7<iiDxiuaKnRq*yrywNjLN&`33<*2zga@dd0jiIHW|
zY;_B%h*ciFky%w`Zyh?zfA&*n*bXio>2-ElSNPv<MV0qd3@y*%;f|EniV)s_>Fgmo
zM%#^$>;54%b=>op9P<JZ%6DUzWc~b$Sb~Z+Me9~~_C<j<)n!h}o|s)`GL7#H?tOTw
zbF@U9Lm7XkW|N^<7LY7z;?7BU%0f43yq#m2pB`}#13Ce&@g->`Azi>~R=W#DRmApm
zi+orw)jqzeI0L}WL1PsUdp#+U?ByS&8*A-B8119K?b?pD71b{r4$EpmFwYkvCh+PE
zGw9@EsgE1C{Fcv<Ut4BBHiYYgtQ^!;_fJY&XLofsF<?)eV#{Mo(_98)#0gsD$3`M;
z<Knbej~+&qQt>n@o-6AlRDs7~Th$)1NpJ;2rnl>nUQ#?>B6QHR@85U9kK)Yl2LlWD
zhA3|T0_Ez5MYWWCJ8Jt<4)jDaKsVc7YcXKKh2Tz)irO_`RF9H<C=2f+Ld*n_H`q{E
zX3!)uNR<@`57lx1kxmS?n2f)z3+YT`2z8RqeN-_0c32hO^g7$>d4e6YF7!ZMcb4;l
zJA|w26gj)I&>pj3_*;8T)iEGhpDmgdjjKkS7F;-mWt0hYBc7;$&}u+1PT#(moxHi9
zAlSCYmvs&oI~jJKSeM?;B~?YnLb`+Nq+0v31D`=dpcHS68zj@u*eK%a+h&)+SyE<N
z9>5Vn?-BKdq@QjHQR*)4dj@8ok*JA&MS(-{TiLj7;}i)qz5)}A?D_d}c!`uw-IF&A
zS*@CxDSW!Swu?ObllLEz&gnhGvewT;*@EC-$#O#fmMr%_96|p%1tg;XFI`SvLk95=
z(pQmU+XJAyU@s-bT6oYPluRYsydIt@fJRBE_55WE_R17f{e0XP{C6;I+RF~yjR?Ao
zbNb&rYYT?s^!v>5tozHax6gf2pJkUUVOVGE4GF^VcUT;@6`PxxUP7>FYzq#Ty&Y4?
zK%_9}d!^EXO~Vw*Bo64&v@3|9!XU*x8>SOT`@VJn`q!W*mziB*=}+|322XSb1Gof)
zB9t3Cq=PPVll^woT(48N4TnZM!xPv7>z2fWfWC-A(v91xa?5674|H|LQv30AO<SFm
zNmS&Zz@`V}W<mjLa;B-5ly*W&Am{Ah&!(Ei6v&pl%_e5~*F>!{@#e=7m%Yvm*yg9~
zEsc2wb!!<{U)a(Latobjc{0P=5aJ-@D_6Gy3#szyIq1C5da`}={yi$iWZe!=E8&aM
z6`ibCu+F5L2i25O!>Lk&&na{UE-qe@Oqzz%*rPRAa$`0^bpoWMH&uExv;N5ghWkro
z;=-!$kdd1saV=A?t^8HxaBt7Z{HxR(i^2zp^@sOEI!`og`Q#gp%`QB6`o}xx8atj_
z7<=6DR|Du}y_9HtWPikde&|y)289=KPXtwx_CV-W&^VL1%ipe8y4b@jJzz*Pc`lfo
zY=4l8OL7HlXFO)HRC_6O5m@uBnrl#YIjlr3u<KY)3dlJzFZVwH{!w&&{`YHuKN_M1
z(Eq<h$M9c8r*JNf_y>&}DiO93q#bbYGf1`U(hfe~2Mq{ADvU($Mw#}f=%80KEscta
z4dzvDv_A4ff6{(&$6hRx$qGL7<5StUQ|~idJ?gu^KR!TqV6Tq;?o;$L2c5Gc(GS}A
z>!$6J2!!ee<xbdy@3II4=8o;qO&HN94|W9RB9|7ZHPWf3t=7e;L8bTgnMhIGc3?9F
zcnxCm&^u8(v~~|RO73|w=r<V};D1Y!=PrBT2>JDiG|IY9Ss_hv(kw^HvNPBLo|;+_
zfyB;WpF$Sbx6qw;AZ0~FY-t<^S=$V9=N2C&Q$t&e%h=8@HH>|(!Cu=GTNYe%9nL<1
zT2~e%OeY>&U{EJEZ%kLj$yhO3n5%HbjyjP>t5&8J%=+R|F2fOuum3jUv@oiT88(ej
zLn|HDDTtC3y5(DFKR_6^<PcbVY=th%x&Tj<bZmDm8_Wyj?_~X!(Fyq;)(RUwuf?Re
zgLZqCvppR`+;rKPCVi`2pk>HKNi;&UDMffy-4G!?BPea`b}#`Oe4%TuX5_augjJ2Z
z`kj12f}k}6$-L~Ih@#}ex-coo1&>P~Yrw^2^k|Cf`Pg)`qgwUQp<$`Nt9{zT=sLRs
zU!`_sZ1hGxF&Aw}_)2B=z+i$!`he`uZPfVzq`Zn#1J+G=-)8ZHo|lhlRD%q<)P$5?
zdqqOJh((H6D@M49^Z=#%^T`xc>g^A`mFMF;&^c_lAlC;ru}heA17ZFW!B{X>e6Ejh
zY%;OqF?|R~^E4!pkX)lu!Ye^7a;A5UbwT@&3Qk}Ct0wbP!GD1NRR#YWIVL|!`2Wjq
z^FQl%Qsckif+URBhDU*hcq3$IK6v<0`61w;8sHGXb$kd0@R0%x0kNZ!DXG8YG*~yz
z=h_r28!NR;EGzRY@$yv7RT|&Rnwr*@*36oxo7BsX-m~AgB#q)A2G*{h-{11@uR5={
zeu7+&y}yn(ocH6exjbS*P|DJwt>|15d!=wV{L{ltP?}wC>ea=~C9NLqFq<(umJaF*
zTBiEXUHy|;?^d<9298}`G_UAhxZtFYjN%3EHmD*qNu0%qspgtoTGE@v?FYt>?^)vW
zajte#Mr~c6P;Q;1MafNV#twLBuXi%<>c_`FJ$!>{55hY>c)YrkX@6D~kLCSolZmgM
z<k@xbudA3|DN=9DOk0O`%sU%=su^E^NOZ1q13mmlS;yYf4KQ(;UIprQYdTt24>TmZ
z7I)SSDshvF)(!7CCA$=kzC%WxQ$OV5uUS^D?}iI5_ep-@oSsF8WiUR-<9RQ0n_n60
zO1QPVB4`oVvzcG*Nwz8Nc&+bHCA+2%Xwy8pN8wUBmUqBlyha3$?dp@Kc4<>D5K?tm
zR;dv{4~(;W-?<wC!48jgP1*n65rXob<yv~k0`rpa>d?R1`gfn@YFj0-%A|ZStMx1w
z-oeC&AG}Jvz9t2CPs*fyB#g?0k98CBZYO46r+#?GJ_5yio7_Z8e$_5`>D|c~D)BPD
z9^-fkD?eBKcq=}j;=NCIk6%@^znFtzym|##@51lyG2^|@bH`tV{JoEJHC~9}zO!_a
zvU$-yMBp~3sz;{FwcEnK4Q{ewzQRYnA7?~fg-qYlCEt0qy&}J_cD-+SVZ1gESS7!b
zN3F-+y~l^P;^x+Iyn=&em5B7yxWf_|6n%rQj*SG6-Arg%8P#BFRoUb)VTj{*iQ>^i
zi4}5HjZ;n|hFtPETNu%GeqTTnvkdF^iZZMqo=OME!z;$^4n&C>v$gCW#7l!W1+^27
zD&~2sks+Hw4)SmA3NkDFVcMERnz7^W%$=&-{cGG&Oo}4`dRxSaa1P5d)IMt~u3<TT
z))uwY)|Av(+31K}ZoZ~M_lhwMcL@%XkN;pUK|F)46>h%o7Fb%(Kg&~bx6)RW7Bm#~
z)K;_@$$aUEO&vLoXY4AXFJUR=E&%1k<}Mh0)aJ;}&7rQLzLrV??ObA7X0D%RBD0+w
zCg^Xui*!U|7Va?2U)lwH#7*;jS(?A>#vv@}H?Y=*tg5JGt|6i@d8Sz_m8<Q*!QM<9
zUGmXqJfdx`vcSZ$#7tX#u3FzzCG|9aRAL=u;ZU($WJmuh#MjoDUs=_u??`zuv)1KX
zN_4zw^B!R6_{eOIx!(AOasD?3tCPM}CUStFbYAy!&efP6d1<J<ukKuwYGY%$o;||^
z&N3=!u<dqA_Mt+SfWWc1madT*5Xr5*zcdK?x4HOnr!iU5N@u?#cdlpy_r^S?5C|i3
zl2w8dLlODtoZV*Cluh->kgPKW7SL9TQIxt6t`TS*VXxCBNM<qT{enXg0cW3+eH}5%
z<uDdzDzpX)NtWXiTLE%&A%Et&4@4!7AV$D1e=l9K=3HnJ8KczSE(whF+%5+^lY(sM
z*AgKd$5Cl)yCsq`TW1alrwUO%i@5<6u4AjOTy}a?9gN&2j%1C<=loC`NbZ44nlDm+
z->W#@)#AdRR@>0^xH>~!tl472M(m0W9n~{UMXC{Dn_b%DEO{9>^|3UXDSu2PSPoCm
zMeypG)~~BH>vgXmHpXRc4&$ebK@2cT24rx64S#3}zc9waUrflL#;(pU{mK~KIJ+Dg
z>W&ZRc}a(B%LEWYw|%8Amt>hRq8x*l9|GfHD~uvvt9Y_ZoVofjqn!%ZYvV7a;X77l
zK!7Z8Kg(FQNP$`bf@GS-wnsAwk7Fkz@4jeC$l}g|Upe+U`{;DwR7o(f8bxnE<Pa=l
z-hz_-mNTCe^Fv9%@cOktR5I(pOwvtf+jVb1(NsktT==5$!vLD51kos@`>UDv%d`rw
zb<cxWC5EP9m;t1rhb9+g#@*97;bch<cl0a?0Ied!(#1S}t&+;KWS!;TW`eKhALEL}
z^lc12abB{t`;;JxM4mP1_=*s463CTwm9w~uHu}(Pt#8lOR5ZZ^)&Rry2;`{(D~~qx
zqi={6(-C99Ii4zut|FXPMURk>Bu`-?Z~T0LdE}u?C1hI)s4&ka+dM3s#E_R^1MYq=
z%X0?~zgaF8>;heWGqXGk<!S8-rhN&+M)(x^OXHTb8+l61%eRv}Y#?7>AeN@CPKr`M
zCr1fvEmS<RuvMbv_qC@SojAAqwY%m0$sxfygQ&7LvzRZm@OoTv(}ur}EgWlGeimfp
zT*+f*?9KWa$A=XOQg`MG$~!Tg|E_Nc5_rPdc*3MpipmI5wbmKCg4A*A{V}F15{56C
z-k(brM>Gt#pxfrHpo-ZR3^&ovixmdfs%ekNBzv$fpbS|75Nqh!mx$mQ1k68?H8CgF
zMmICM>wS~8_BScTB26XNoRntDk)Gc*m{vCduye~WFzF1?gA5Y|Pq`3eKm?vzaGI8g
zNje4_2Y?nAE}D*jr(_~4hSiPT3y*DJi3j;hdCG~-T4lxlomF^f5Yow`)p*b#hne9i
z0^wMMC{Rc==z&nx@}<5N>_LGqfn4c3CVh{QKr^c=^e}_`V3QdOj+fCQ@U7)+<`0cx
zE8+f)LqD5xN6oC1h-Q{n7$rLobJ)BPdqyTOS+g*EhDKza#Gwq55{1@Z(-S0R10XS}
zSWo4ckv7>t_gf5<pf*OD>KJUTNyyFJQ0eJuUBm+SJtg#8%`7U-@-{Z&G`e{~Q^~B<
zwQNH6FsV#7afD&0m|I}7SurLn2=@c5t#$$8Oi+NjW<ks>w@_L+JVn}F2AzAJzJH~D
zlN4=A+BMcp?F^}LMP5P?xsFOgsazq}L+y;ou`PG1rbRL{RB}R|8S-4C%*>G}D~>d>
z?nI8mq|~r%N#3yxCzd?ly`UnUm^whqDIhPlDgqEtNw4iNNj=xB*Q;M1vldYe@h(e@
za1zdY%OSQ<xlBn?g3&$#A(D!oiC4C{95ogE!a*L-w3ui#tmmjpk*`k+yx0XMOIU&#
zVu}>TT%w%Zq|^u?krOS-@u3%rG?Uw0+D=*M=r|+eaTUEn=z1omP<_EnqEfEX$5e$V
zl=)GkOsa8wS4yN@%ng(@x)CTv1njRv<iLY(j=p7j;nG+iq<pTGL}uZVnptPxt=(6<
z#I-H#wEwURRSZs1Bk@<uY~Ju``41M&l7H>AcOso-kc#HFB<&axoi8+fq`z>A**&KK
z$v(8jbO>iag2K?v#jKuPW_qc`2h=dr_pV;*nQq{g3xnSQUq@vzD~`WuJOckwc;yl2
zyO_R(my9z-3T<Z==hOv8=|atT1vqhYA3C*T6vwhWHem0)Vkes%*(NP#b<={8l2NJj
zB5_O{9E@pTff5tgaRl+VtyMT#L6a(1V6i$^Wb`k$J3_kXM>{@<b8H&mbqF`0k1hGl
zy{f9l%g4l>hDr*(()->Ev-A(aMGJvPRSIDNNf9_}!v+Yy9<SfGzh)H%l?n^p7TanC
z!V3oP5|G&b9`^v?@A|+}dsMtk-S*QyHVp-A&#tCw*mEgG&nu`T5k|wS3Wwn)sUw4{
za>X0}q3(4lD4&;K4-D*pMQbL&Wk%W<XN1<aNdSft^To#A^&r!ybkx%^6^VNt5rRoX
z3MhnL95yhd)w+OdTEmC`K<eZ$t{}1m;50wCr^EXcYOZyGtR=`8$ncddqd<HYIj$w}
zEY5XOE7Q^XTMD%(1WOvldyEQyUBB?YIGEHXm<ch7%U~-M#Gc_hOvEZQZDSKzP#UM(
z7fGX(tmc71XeHgSaQM)W>!fi8=}5fdj3oj*aAq;@B&-XKhJp=r+Tdm61SZy5=&x+v
zLk|&A5pOJ^MI6$t4!(oo``MV(Cf)Y|R$$jzXeG-^;Oj0kI(UJ&T^|4<$q0KG%m#>a
zWRo7B-efH`;Jmh-eH1~-w`Y)i4TLdb^Wb`Y!!VysD4dDTz`4Ng&ha>1=V2?&6SzPQ
z^WI1g+`Z)jC@6<|9ueMK9|QvHOkz;x1t$WJcQ>PguoEh3A%S%u%kjpU<>6=(2vU=C
z!*z{$zaj;v?j|ZJ^t%h8_V>lyQi7F5y)DUzI(&09=v^)-N5~V~wau@wdsj_=F_Bm%
z#rk2z<I#FpZa_8cqsG`&v0gatTB*6-4Eo?7%qln^IO4Kk{^cp$alOQG<neqfy4c$G
z&ZE$Pa6wz{)|L%)ZnvE#u5vKks*q|=olEqTR&ml1_fdMO3r8TYtEA=`_gdC5(`vX@
zI0<k-gx5UJ23m8hmm3cAu@R(c_#tNWVr$#wb<GS=6t>cLE7eSJjQtg5tAOcmmuS7<
zeh(LaQ{Ctb884Ag*rvYm_J`$X_)eK05L3VRdOG(~%){Fy;@CnHjOC@H6m}!^<Ri@Z
zaubJh@NhJ{{?m=w`;eI`p=(#>5w`P+Ohf8>2*l}odYhJsc+}q_rZ9keKq}yi6x99w
zu4mtfiyV6HV@~xc&xlfM=QV?=jq2>DNK;#Bp!tRj9yJ}T$jV%UdKP<KNnShd$y{X@
z`lKd`jq2{M_2UhCQMY|?5t(M(zFDaeC#yt>U#A}P?KWGHe;w`bPg$=oS0XgU2#={Y
z(8YaJI!ayiJ&f7p!r8*42u3d<bkm4ki`d<{(h&rWw8rTtIgvsm=(<@K77x){dB2tK
zEpUK$#DWx3&ncl2i)>Vg4Bl0=Tl6FW7<7t?JnSQ^TV0>KZfDG=AjkE$Z4YEj%P#K)
zk;obR5a#!8O-ZYLe>JNcbZCXzNFpWR@^0zsTqO5L`nz2M4da6Dps%FGPHan{aUQJJ
z33<?irJkCX!n<SKb1+^DmJbz1-2#rKJCYl=AJ2JtrgKwQzf(8XCos1*M-Qq=$tT-v
zoosL@Vey162omFC%)d1bX6XN5sltiQ5N~lj;}4~Z_M0Uc=oKW4Veh<FqE@%R-r`Gb
zWH>gX@mZ57<8w6oi0=_yaWdG3M$ok~r=IN94~54d@Z%-ytqlbaT^X%Cc`D%?*F;S4
zlXiKhQZ8>Ea)(YdR6PgTDI#?kI)X0NGd>tZHXtX-xjkrC<7G%~2x)qaI09TsBwEBw
z;T+QhjpHJVavml<OKbM!doLU#*!~<ldnRM~(c9g&i=tqvUqt>yCKm`9oJ#gNcxmy2
zC}TW4m2P2gZJ{EN2TgGhZ{Z|g3o><>7%R&VtzyYg4~ARbb+W>r+Db?3XBRTG*q$@5
zsF?P1%zC>jXX=N0coPaUnxbU>5ga^-#l%a9N_fZp+>r4fc%T~#tK$3QQ~qRIz#T19
z$^9b37W|~w`i4A<o>yUfB$fSESN@hN`SEIh!7OyAD#7J`RaUr>o^4N+vF3akD1UmS
zg=`m}m^OHTQIqbDy0ncw$?a-y9=5+c?uaGi@Qcqr%hp{;KX`UN61)L?&cM?NbmLQa
z#Aw3pjJkDbG+*^yN1qJG1ZI7JBL5|t9Zwni#6#z?j|oG%%ng;2zgLEiQ~G6y0yhUd
z6h}%xr^2Lyqp7G`GorLdLEaI3RZV3}U1Epp2u6L=4rVf!sTh<CW^xzgd2la<o>Mxf
z=~rxx;RSjEZXCA7(Cv;ZwJqayYIA^xT{xm9?Dh~*F?;I!etN>)P%}1i<|Jvw+PzzW
zf!(P@lI3+@yGgUf*x*L{AjITLB9KnrmW*SQHJ$Saa3Yj7J!Ai-mec4&gYCN=p8F_4
zcV!pRk>KHgjxD7k$F3#C>;S_&+t`p<<zIk#0@wy`ZN-1-ALCBBDboDsF8Jh68~UAf
zVfO!_?46=3>$b1&*tSuzZF|SA*tTs~?4)Ab72CFL+Z88Y&U4<2@BG_~c6M8B-|V*6
z%^GcuKIa_$*YiK&vKjO*u1{TUM&}K12|Z3J+$(0Bis`ZAJ{(@LKk)1fh=-??JVUcX
z(8qz-j!!VLZlxQhD4e2&roF<<aa!SD(QzNF-i=n?>A3rIG3f`^s~|d`$+7JOVY`vN
z1tW6Ln*Fnff?i2X!3my+KAbOt(6DmTq7S?FAuO8mdEDFSrxbg7Zv%sX(|G_zGLy+c
ztg*8OY%nHpUsN?957h4=K`K<GX*DNu=@}-qxmXjvJc1O)L`<xd(G(HE;NU^d2`ziV
z+oPZjrDKO~_|AS&AR5AQ$i&q_pbhG<>iLu(#nf8fk3d<}J3NyR63OdsZEuR)Mj}FK
z+p4wtgjuUic}Ro8?I*&sMUii1#bcCD?U$4Dq&fpf6%%|79o}(qnks3&^J?c4!9@sj
ze?WwlH&2Q^x9^-CLTY-cU=-A-EwtDG(GiRxga|7tg6DrboCtf?53I^o<SPi*X+rnL
zU!*KUXTefZ6@j|ldcED0p?%;o|3dd15?B_<gM{YfXFXs8*&_n|)#y38->GE)qSXU)
zzbaV<8gVmcpn3hFaEJ7EBJE8Jf1|xNtlE&1VIH?U-@hRlYoA1L$j?2JI%DL`#TS6i
zJEb<O_5#6}FX#rl#0FY@$K&}eI-fE9Url<>xn5a6fQ#LXLVaIJq#zFL>|YmeupeMP
zpuM<arV9j&k^)sgYriVu@U~C<H~ZCQwom+O-<I+E>Lot$Nx&Z#jk`pWAwK%QBXb^J
zwHEYeaP4L-AU@7*BCsCFKRd-5AwIl*#gKtF3+m+;L3ElJ^X}Nlydc1HZL}h0Pz}_7
z3Td(cszA1tfZO36(zW74-JLv4)<%*M%rOxZwDz;}a#G&be5{JJKmD^s;MiqZrki)y
z<>w6JeAqNog+lTNfQ~Yuvyqe0MmDhZYQo+SOl|a@0_8DJF1;i>#ZYT+Im!aD{!U1o
zn?c9djORT*e(7j#GZJVD&{#bT-Oj$QejPV_Dq|g+VLj1`f8wFN!<m1i5-lC?N_T@)
zec?2Gf{=b-G<@>Ryh`UjZi`&e<UXnqznH{55)yr(13b|S^n|XDXZNSS2+eiq|KMv1
zfI7(zWNaJHzmkWoc2!3@1zS&Ba0?y_KjBXbj(8BY2>b2!id6@SU7@&zpA)pr>#6VQ
z5;d4}YC~PYz|WbYMJil0L}p9*%@VnU-;}jsVeD!_lzJheW6<B_R}E;nZ~3lq1CZmg
zuHS_xN62(pE%q7_W}4tXe{>%{J>&dUY$$J;(CdixEGJJo7oHI4JsRD#T@k1(W9FAh
zR=BRmF1IeGdiH^@`T|n@L^X8}I-2b^=laN4>UrbneQVE~q1hE|b|ChN*(4G`1WZL{
zp6NZXWXnw7iF(FR%tjJPGhNz}W?7w}JYaCIi~3vy;-V{ZWW~+~{XUn{9E8YV{5lpS
z5;L!lyTb1!0MLm$aw#hBf>rKmHU$&ZRRhx>K{KxMBHfEVPyrz^7edW*7eeJ8B;;Sk
zF0NM2NL>+Y3WrX*LddhPKnkOcz!5(^#8@u#zSw2Zg-;z2|H2BQ0spD&UJg(53T2Ac
zRn8;WDLDDJIN}ai>Nx>4X)d6u4^vnqC&m@M3!n1Zd5lJ3>oDnZMeSCQe3lO)gFIV~
z{4KAR1eqizpD163jZn7nmx{&MzyS7jnGpxtIOC9oW}OtnYP1<ks{ZW!GgR2lwMd4$
zZZvI`<kAA%&Vw5ISVA0)O6%OaQ-B;v@Gkv;yh+=R+p0HfhyLWHwm3b##7KFrq_(6l
zf++wf(F8-Y0NMYZAS;3nA>qA*v&7sRZH6=$xmS_+B>-DMik|iZV7;yTit&(Q6Qs=$
zNMYqd$R&84NCCL}@RF!BM@GM)g6fDAx{=NuE2mwQovt)*BPYRoH)o#qk3bh5WlB@{
zvkgrq|IwU3IJh5<k!l>><?KDXcjtyqw>0|*7|F;wHhF!4YVu%V7Wd!}yx$>7Gp|G8
zmGdTV(i5ropvvlLT$ma+$7d*UatF`s3NY+Qs6IAr3)ea^)fH=YB*AOLZdHN3D>Z$^
z8R8$cYJkQt1aCIo>%FLSzfl>YmFK$E7nbAwO)=#&(2f8;Tr2{7p_NOq)|BJQVcI98
z9C8hVk8oA^7ba_+Jr&VR00koRU4r6KF6O%Yp?!`jE=kUrd5Z=%Zp@Dmg~ldkD?>6c
zW;rafzBF!GDD`}o6qm9GcX!cDBsK%daVms<di<mmgTh2ILL2B(>T(%m(<UYcMra+_
zM=nS3*j!2_9i?QqOyW;V+U7a*!)wt|N+5ALY3fYI%(ejQeW#p$7r33FOFk=VJu4`x
zU4NR{9qmGHOCZDu_0U<6+%N6Jc1r=BO?6vdDOe7)=jvXjJ~ui9q^|Qd_7)#PL9BM)
zI9vY;yj)xkm5YLm^j;#ujzrTU;5TBR#y+kjG=ki5_Gj3q*~wT3Rbp7k%|CgLgqxa&
zYx2#|``+rW8`W<ciia4v+ZrZNBLapwB6x4KaS2V+I=@E5AWsT#z1^-0V&Uh8$rw{#
z_&)PL9-w)yuCP7l^q%4Ge#u@N+_iTJ6%(TRIwDq8&gFpe(}fYV%o1n@2F;tj+d|i=
zZq<p)R{yzBOd&XY;{W*<XyGq@=_47QR3BxhtpIqVc8~AOYsraA5+`VaS1H<co8Xs$
zzcH-qJbc)?lr(4Hjx&GNq0K@s)7pds%)M)bQ{XF?WILDG@@}mo>~&$g2j=GZhkXa^
zjx(lVm-I=PHx*xh`>6*WwQv9Oj5McX$AsGa_6v9A&JWSPC#L&B^>H%myP{vE?H<&6
z0c^UUx*ZX*yA`c)hf-a-pbxGCH;w)y4(WB*;BjX6c!DR$m9Oqupclmu+2chw&F4Ex
z_cu$qTD7sv1JJ0@IfLlG&}<K|igiG)*K9B}k1Xv;s=%R+&y{<iS%XV|Fd0FAB+Bog
z0#8n^tb_1F(?A)Oz`hut@MK}GFlP(O=K8UrBPv3oTW&~Kav%}Kq0koQUyujM3k`hJ
z%z9PVShjKpx4xT`TFuaxLyxBel&^j?LB0lTO}Mk2OsHT+vlcgNWaO#5wKw&HJ5J8k
zK<n|19Lnp@VO5-Q)(Mud+QCzi6`jd0KBBbgF|IEsx0zYWZL9f3-`9716>a+6H`p5{
z!H@GpxrrvKPPo6spG3|N#9$3t=G@y-_0Q}?m;DXD?I7o_a+AF=*={$nxiw|@@dO6f
z>IEas`m%*3s<eX=W`?A6BYJvz#ON4;qHV_Livyc2@_SuoOq2V9AJZ6oDx3`^Sf79<
z`^2xkerb1Uyq!iON~*UL(joGSqC=W9NFnlzS_K0x?L7E>#C1aX778{1EarR-E!yXf
z;C#Wyv=1v4AsL)^>(h>1QMxXedDBv0CHem*p?>fGvq^jthL-sM|L1o9)4}pzM9Kbh
zZs%n2uMk;DV|!T>X9MGZk%s<r>Y++a+8$K`$;SweAPU7A^%EEj%Lvzkj2|NE1>49d
z$OL!%_rMV8{$_kf?HYPJ4el-Ui*mA2d4g6sXEAk&N;y<AXtK5vdi5w*s}tg|isvKl
zk5O{Si@7tKr}OOW?5niddOu%Jm>nnr_I*xzdpHgwFw6`GxKvJYE)+Z?ynQ^>fIa46
zQi%kkh<%u0)?w8cH_olY-@CsLTZWj19kTZMVxG9bhIzxL4D10hXcFm00sRLpy$*@}
zdn5KMcnA_H`xs&4yAIEITrpxXWHIY_9x*(4Zd_Lm8+Lt=vhF>#M}-y{pBAC2SvvD@
z(V#KJ*h{hLO?cxbM@2kjM|24d(cEpd#UWM@*JK6--TIzzdC2Q2SN>$Y@^j}mrTfK3
z(%DXw#jtK$bw<UQ<G(G`p2<7i=X6+Iu(d9@@M2}9rdbOwW3g6)A3}(|<B^&G(#;?G
zg#BxUX-y$HP8PLWv$%$e1CCu5gP|eKaY(C)V)0}b&a|iP#aUMs$(iH=ladt2XO1Iq
z`CE<extjX2^Mnm9<F_N}53n(_!H6O!gV3Q%l4<cmnkbHA699^1j@<$z{virt?}%wi
zdC5}`)=A`kY8I?~-KlXYo;a(f{R}E)h67>LwyOhcJr)^;ky2BD^Z~Xj{V>A`)!;e8
zFo}fc4~hMFBR-m$B7ArFzPHRgBd(v_hf)RyHEqS$(isLB$6V=$g|b>sMf88Vx`?Ez
zvD(h5MkU2JmXreTtjq&9jQ{Y5w3ZOGdbR+#pi>IA7chcl)0`R|v~Yj8HQZ?iYCoxY
zi=WR$27v*a`!bzt=51g#EgeEi_t$n-SMx4*x->5C+D#~}GH_KhS$lTvA2kNT_ZM4w
ztX@u8iZu>L90nVudFqZsK)XoJdUe*{Pf%68rO&E9XQR*ZIFYRoW>NKTnmsjLpPyu(
zpUqtjkwEU>zFop)RAfpmyKDrfnm&8x7ec2(z?i`%-Q=ID_mzOdt6^;gCe}yQUafR7
zUe-e4nyx*V?aywtLUn3PB{=uD-59SV1k?xz7uNN+S~p3di{e4^G{Nzd*;5@cqW_|C
zR`OynX~J`)3ec)Jz}EDTUbFDai;1x;sa#hqs+jT`E?meGlcZt(>*y7=BBT^-au}Hb
z*5CCyK%?6;4zQ_3J7Ml{WT)wXN8j4HtUNu69Bgg>(V3a3>oX2YV^4l4ShhcQQScQh
zd&#b1ZoKI9_LEWOw`=z$9s18oBXC_}@Rve{ja;tJj5KfNlJf?;xh?Ip)>18Um72Ng
z!Um;8X4y$)UIkX}G~1YUP*GT2i?4D66><q5g#ubLiHg~de7GhrW2DEE;E1C?Y!0E2
zEJ=eFr_`8>0k&mDNkQR@<+{kS5;0>8)S&ezd*iN)0WLosx9t?plQ4fFh@D!Q;Aeet
zSU_rrb7xCwI7?GzmeAA|lb_5W1^h^NJb`1+KV&atL%>?Rh40K>2hCb!djb!=uj%I!
zk$$8L%Ck^Z=i<uF_o;9ytoVx~%u#7=kIA|9l3?ro8M^S%r75XaMQP8gJj}G`Jk1-k
z6FVDLP4%z|$=cCVE;xsD_K95CUX|x^aZI89h!w5YzW%ehvSx>kjs<;VVJK4nvYf)4
zzRx8Z9ZPABV@V}yOC|WRf@Tf_T+0Kzi3$-nX;mwtRuP$<s_&?YPOP@kMhn?mt)p2>
zg_cKC7`;Pz^;(Is63&gLrNrg2AYxaS%uX%zZGjTs()JBKPq~*Kyd9l4S6>t!Syf5)
zn~XVt&RYr<hQ?b7C4qLKcw?US#-|DZm7BX)!z(m{#Hk~!IvGH4p7rBE*aea!4m1#r
z|3=>Y>Mg{%5C8IS(A#0`%HQUWoe8?OM~f|c_04<r5>I~OS=`Jy_~7zz515bIg@fIt
zU61l@f;?7-1HAy7suzO$0}WTFp{-8^SFeR-@MIs)H$e86Onj9CP;19D<lDpP6#@Mh
zm%d(rar9F-fo~Y?4Ob1v|1{L4MT!JC&oFDBb!twF<Q2A_H!Ps<$pa3fP~?GEB*)Z{
zkmdpQ>mL{F1^Ma(1OyOJ8~p#R|499p<97e2{`2qgkt($}KQuM;uPx(xmb9!Jbtvbu
zA`!p{IZ_jR;3c`C2tloluBoymP*LLMsA=ETgsUk#VkBM2PaB_tQvJn<rBa*42jqmI
zAN(_#dXF4_GlcKG0zKRB3%)&0X6&Q32_PSW1WwnPUQ>KE*IZ9iT57u8P&+}-8Nt+~
z;N~cyanusfp=2jm@%C`1K+KFFjPc1gP_)2JV9=7t2!u|VoYaO<-BFN?0rHMx1=^o2
zzvLapjNT6&fGJ3=MHB44M1d$AsQoE!Re*Aa%%1n_L9!9_S+b#boSr*=F+e^4@cT*#
zwt4>JUjxNSmj|JDc&@jvm5qGkg1o&$-9@!i84N*+eem1B{HK*>qs^o#rECTjMA3YM
z5;9u_d1xb`Z^BrnKW0WsibE-0j%9HG$=d4L+@rSs%iK;+-p)(Uuaa-7w#`WtUzLPQ
zLSCY6fwnGr_%SJun@iegMW<u!qO<s0c3r7AxXe3_>8|x}SK_wSr$)gp;~U>Jrb|Yj
z&%symq+%~r`noX6Ch3=?Da=EvN*`Z)<WFNSjn*J67ci|`N0F*n&9MGx!yi4Nl6G<S
ztYfoMkvET@-E6;#c(7>7UVx)WnQ*m;Nmu#KP-R<4GL2`-;3c+!R>ozD|8qlZYhW=X
z=irp$(XSx>V+kz!a!XwUFVQk};^o1ZUHsI5DHMJnucVcyGbL@2)+}FZ^2WG|3h8RW
zChTD8B=YY=2A$+uz9_EV%s$RMfA-9u4I2V22^N)pgOxwDf?O~#27<8<?X&~lT3b&k
z!3D9F1glp}a|e(-1GVLXZd%fa{aa7S4~3TEhGKVx3OAJ`Y843E{yw-7z>M)(kV5lP
zid_cpstnNgFoBtL3Sc25<H5G%7>nRF)qf&d3dm#P8LGn;BEd3IXDD{GK(f(qY|33A
zEQsgPgzC8Br<UW<IGlb8pU-$$UwPZLTp!SntOOx4HEc$_BH!R+Zx1>#U-fMo*F|0L
zcKBb9KLclD-iTl)KF9kLjz2@|66qOt{7S`Qr;mQ>%FLFt!~h-`@BFb}@|+fxV-!JL
ze$teWTMj#yCH4M0dom%4*)9de>RgrCqdy6puxTbXDwT<B2OYa+j}3dig~$k^9`3Qq
zls=2q65j;Ckr2VwjZU2XiS7irjVl)&O<Hcf!1L{`wM7P{ODU4GCmJyypa-@aY5AoG
z(?Yth_RMA?Gh}y@5VgJM7{39cZSszgO4Z8j8_PjO=rHNfqSeUeT9vR6x}d$Lh(hji
zA8e#4#lB6Qq{x;vkM<q6>0&fHhqEP&A+pZGDV)#z=|9fA)klbput7b7aeAvXV(>_T
z?KhOc{2ACi^`^a%i}m9&MQkey9`)z3lb9T4k-f#kcCo7;&5WiGhsgb8uz$okw`^p(
zsY6Dtkx@L76RVOj%9K^L4}n`L@9{$D2i4^10mXB*y-=c~{8Mq;IpG;FN-TC$0S@#T
z+*8Q8ZBxK?dvS+tTu`V~%uxGLxPzU1*C6mb&E2B0YEE%6%L`lR5IU_BNd_aGO>d<z
z_8*huw?v|e1YHJM4?%7Dy0AV#{6r&q4XMy%7Fu)R{KtKmo=eM>c#MEzb7$geC)I4g
zg<8GFWG;=Mi2F;tYI9W5b@}^}I7CAlwrUBCHlgm+XfjtZhuMm^jrMFKfFo3<EeK6>
z*Cm78SBHAPRJu)kxT6$vfmH7%#K^lyX1~)v29zNCg+{T$0`9czJ;dCH6Qe@Qm#Uo7
zvc$OE3%USetd?DSM843_HC18(^UPiZ`OVwsE@Q0L(#>jr;F4t{kJH-2t`o#Zus{mE
zOqB;s|BY`?_!Kq#iRgNZl-*bpJGrUTEkuSuSIE04i7mv4!|_l<F1$5WGg*&ZZMMF&
zt_GGNn!~JGueS(9>Z{fy=Jo=arD+CJ4&6sRd4@p;*1Rd4Fkb(mY_P0dQOc<;c;=qq
zdzl|S+fx1sqV7{`3{h0m%W-(OB`qH=K2yzaEtX{ZXE>TX0c=trs&n8wUQX#(I6_K>
zkj66Hdp#1CDKWD%ho}$n_8^~0k=J|j=h&ZnT7o;(SKNZWOS3u}QkjBxyr$)Dm~Fhm
z09YunLkkuAS8AM~ic_X&wt97~KuL^^Ud+IG^=64mwB^qafoTJ+ypvZDMYZyT!W%^S
za;40nQ1cf&c9d%y#Z!}D)4K2s4;~#Ckh~sR{vLY_isuW2Q0W!CWRXK+4-7X)`XaF7
z8+&`{hQJCq)#q)&ML`Q+F8-bU`YP|AN9jm8LXB3gfOL^b!J^;C9l<spa_LOVe_%_q
z#9F`*Wp(+wNJwQ1Y*88&>t^aN2eU&4G%hFy6Mfk|4hN~E&Ry{go(c#g9M<rsYd@||
zoKU%h1%YB_*88D^$*xEP1WBYKNMmL_aWH&rb3y}HSa}d}8HmD~nL_;x@V<t?w8A7b
zNMh=}%r_#3)nVmoKRCrSv-Pt$N8w5*dX?!F{y@b|0PzRDDG0S=nG4bMnt^?Z;;uo{
z9^dkE*AgBU9&6y`rir$z5Qn~5xbRpFf}RBT5GRM>=D6f#=pP%!=0bLYbrMPM6r7NJ
z?GNP6oSdFf=wydNVzTmz+J9m>;ETSfZU77Q0HN9gdJJBTz%JZof9!lGY)w|@YW56o
zcFVsbmTU=)sxnJy{}7tU9iDZoee9+z7zx~y2A8fp6Arg=k%oer$O}Mey+;o&-dNkU
zxNU!Ih*pQ#OqV9wTe7CY(I!UDa6ox`KP(NHg8%x*0wATukcIaRmgD*lu-yM7bNqJ%
zFl9v<5j$HaX9HVjr+=%E&YxO#8=`3ZiNyo5%4-k8H8ZE1xG61en&yDbN7A$<tCB9#
z8)L3W=;{O=3%A5BA|wI-i0(dA6vTHRU$nibWvf^QSl06L<fYH4%$F%QdV;r_?yqN5
zpsW5!4Nfpb)16&7Z@C>Pj=&U~SDVNl$$QlnLQ5V4H!Y{IkCyfivH+thT{lL!_Wo#l
zGX|v{<N)R3s(pIp<IA3%wo%ROiXI~nvxJbQuCA#l!6)7@fqTB<9!#(!mx2Z{VB;J;
z6W!JK;2v$;qfiiON|NSh1hpNSq-;g%TA3YTg1qt_s(^8>{s^OGu2c2EOykYE<+OdD
zf}Z+7@48s63YdnO3+6m7!C`hc9a}9JEU>Ac6Y56WeH&N-(x>@G8I?mu;2N!mh6f<$
zmJS8D){b^nJ9XkahHUiBAh8;4`bU6xX8Bxqxt$;i2Mz*57sRq?c#!$3t!CtaebbHT
z%FfNI((4c{p7`I%x)d9$P;YfTWe%RtKD<OXBNva&jmtq>I#sBDn>}^t2+Z4WT?O!l
zpdb|e1g=EaK7+iP*`A8H2x@_+`YYGh&)xEq)n_KhBO?vjk8`1Oklo!GeL*PhfSa3j
z#j=P4sAAxGIH>V-at&Eab7V;Z2FH|`A)K9}xn%AJgo>omj%TnIe>;xXQ*l&&0|s0!
zVvRNm3$}K)AU0=Yb6Qn&Z08Ok0vcKA=g0#pWJthK@Iy=5Ob!Z#k;rb&Ny|~dIZ_rt
zMd`qGG;K*kFAS=<4-%M5p2}o4RLMHaF15B8Y+0RJ8?(GPQ0hJkpr7k}<Hn9LRAt+X
zGFBZ{3;AtfwWnRx^;c~0V}YdY>d7aY3f=o|Oh9}A_f&VOP8BDTIZ>L(&b$R;bPd(S
z?T;_9(}$K@`^l`GaO9&OZf(5>p8Fp1i>$MbDt{X(@<xRig*oU-bN-g$b51n+lnf53
z+j+R7%pdR<NGYtddncMaN=W-U9*4ybP)M!d3YhL~=5JZNe|1XoFbi>|aI><TjEN5D
zk&DrGUftE+jY}EIzKfAKp}K)?vR=xXzE@;BZ-{$#C1z;KX!EImP{>SAd)UEZv%!wC
zMtUp^j4pJ$9Kzsi4SO#>`1i;c1*R@mB!l4B@-Om}X8F^6AI7x+mF)1!^c(cp;fN|T
z2C2v2AP>}|@JG1I^$jEWQSR>lk_WgG+)6@6x|fi7L)=QB@JBvp22bx_2L?0z=px;X
zMfUr#JN~OIxQ3{Ude`b#jr23bUIt26h<dU;=xt!Iz+gMotxw3ZSi?p?P4D?`$acVc
zN{jikK%`oaXtBeaO-BYUS1*1`q*~y5@bQNq(7&eRFMZ><Prkh!cHca21!+()G$1G_
zD4_qj%l2OYCBJvsezLLrZ-A0=eS&Bq(+Z!WXhKOLxSIjcaKPbAI2@$a<xIWK0t=G(
zpjpPR{Z^-A10jezBG`6TWKzFi+gpye*6%knC*Fq7as5#ns3~(5hitJYQT|G;m{ICd
z>V>4j{cPW7JQ#k}WnQp89M3T4Pd<{9F>A0`Swm-$z)GH2WhUe=_1~RX8rqK(L~Nm%
zP<hh^_pat85f&36lC9Jp-Jh+U#;0EX21=e*Q}k<*7!?)t#FOXJiF~s}2*qfhWu6Ig
zg2i75JkAgBC58Y3+L|<|_}FT?Wvt&o$<6~&bg?8Xn1Zd`WqFt1C#M3aEY4q~_1e+`
zF>xgl^8B#0qr#0cs1zoJA^VuMW|odCxtcPmbSkAkyWv&}5f<zWc!Juot=SyqX-;|(
z7c}!5*-9HD2&%>0l+->@|MiHL+H%PM-#|%*|7sy>XkuW?0Qye_eE$#V+aB@H=l@&*
z+~2?3IhrxJIoUBY7#TPk+SxK#I5F5*m^m8!i{-@dAEcmvZvPKj@_(&sQ?~8URMCc~
zFRrt)u2SacgnQ=#+hhWOH3cooQc}(=^HvA}G?v#_2<ritSIjJtthYj_gx_C;tPrv?
zD&CB|f_=jI;kS~gUq1+=ZZmn@O4d&|A)yhyu3NjOJ~FR6kEcE#uNk_5dngxFR-nfv
zPeReDw~F_u(XSP5>Cvwh>!iR7@&(1>Bb4xD(A)IWytN}mG(y;FOIrxSaA8Oz&`qlt
zCXdli(mJPXnF{*KO^kXQt1LZafE$gu9%0tijZMIn$mXfmer`5es^S^aPf@dK&nxDx
zYi-z9MKD=$(bLP)s~=K3;Wm}^c<Z}+H<_kJKV_{!7mQp8S6QmZ)Y&H6h<CvcH`r;2
z&9}HX9{g5h)L3lkIr~l~UR`sr2I2U%X8Q7O1LlVF=sD>+IoBF(agSrAq79ye4mZVa
z$4<LWOO+eWd32Frv2UIo`)5wO@lQap)lZGZ$yE2AN<$1CdP(bza?Pt?kll^EaTw8J
zOENfe7Aw`s$mqvF3x+?!gQTaHVn16atRvU*S@x<mN+-&`aL>@PphDF~Yy{#c&NVbf
zYYv*-lmR*>^I6tB!`T~omlUgwJAd}zc|nj@_nIW-4|&@&t7v(ggwTFmt(QNFcNRS<
z*}p3L=ff*g&L-uMbylr3A4!f`<Rm5I=}2FmHU;PZT3@%ov74@IKs^EMM0s4VQQ&P~
zG-iTJBJ5NR(vIx$u9}lJ3(J%rPP|zp?D1<=O^{cQ;6D7?HObWXBTaqsX-pWqKWv^^
z&d)JnZCbrEUX|gIPibNm{qfTQq-_eldOw&6MzPGsr)vO-ANk#*-wg3k(`YI^wTEfl
zxdrS@xXJ)?5<BuLc5M2Z(qndq%Uw4}cf@i=VvwHtuTmXi_M*Oj#0O((FOml22sfZ$
zy2rMoIb+#=u4xrwQw*NEwz}seu>;(p)RGZ0l~p|u+uJh8!Lu2pgqzo5?V92mZ~f0u
zdko_*!mzAo4@se4d!jU=d3T<vrA#;q`iRYMx6Nt~1rQwsNNm)-=ft!8L~D>Q?|dhq
zhXZ%u*3tS^`uK~4L3jT0;|67h@SIeERU+mVTck4vSXPeq>YUHGX2rGHM3ArcsKT$i
z<iU?5vcFE+Nn{@~quGgz&5UG!ov*s1qIj~;1{Y?_vI{M`RmcKtuDn5>KsLw%c}RDm
z3U?`CjPy^28GH6y?xFGUg{;uz`XxDGOE?WS3y^}1<D+1j0V7DwfHB5qKnGMapo_8@
z(1X<s=;Le#41hHQhDe(M0CXQhp(Z3X0|cwJ3N=5dwVb$D^tKd2kyn1UYa_qk!zo8z
z-ND(@f)GRNNtfsw5IGgb15||lz57_T&7)+MR8d%?m3%jwo?(wL5KN;we?98GsSNjy
zqMp|k<-7e-#b>$0nLQybpE>r3gRkC>QTDUu=hp3UbkQOy){sSd-yU$PN8JP;<fMgM
zjEQ!MMk>(`qVP!Zz*>W?wl09?C<KQJiQ<Vy^3ja75m2B5wR_pd@daI><LZ^-%#jYt
z(Ts%=P~ZbA_i&bgjcb5Bu&-BK<5oI>0Fp4w(8o;y5Bu#%U>f~wKOvFERMy<3U{DYP
zRSJpb9pl`Q3S+EnU4gKXh>i`!K@y+>Ta@C|m<UOU!ih#~wCiVqgSV*GI2lw)vB6#h
zVeZ<r<BgFHM6~Y}A>)YiMsStH7KlcMmEts7e^??NplaV+K*oUz$HUH5N`luPu~3bO
zc`OwM66NftGjRLkp=kttp#|6EI3V}{nLh015aG0Pe9x*rO2lCgZR`9By@vln*u(@>
z_dmbIc%HxyiJu@}w2-V(S(ntxCU{<d5q!?Rq6pCF?Y4ii6_4T{JVWU9+i|V?+NtH(
zKx}t;7_WsDz^-8K<>15T-!|MKUi|7egpf#mPc#+|63R+^h;l=Gs6jrm92d^cUcCLB
zRKD8XUb?;=e*s++Fznl~NwiSNCB3P4*2rAe^1e*|`lo~J&OUmqfdc`VBL3er#DBLc
z`KN=3S{PWH7&-sDhh!y8+s+Fj4RyO{AIIWrN~MF4*?@v`<@JHXP=h=QhoDgfib!8)
z7^62i+KjsPOFICCLxqDP_J|OhF8`Fpf9f+aGh^Lu?#6z5%E{>ly4Y6)#b`QL7goc6
zTD;AT$f71-UZ6;LGt7h|hqLaP8M%v%H&(~bzQum>CXngeCr#*mU=yK321ab?@gxCF
z!(&$2*rE!0Vb6pLJ<Nj}c#FJ`|0VZ4f;mQk=k%2%p>(J*E5kqfdsiPzT>07wkN<v%
z7bhfu!suFCjwBl(Wr#d^pzdCeIsMcTzZ2k=1cEZ!#-k2~M~PxaolxM-*jF%{`7AZ-
z>|(`Yx5(1Gp}V>;`E0qK-o8?FVf}}vRXYy<D}ybjKhm6bOOmZCv6WAe9RZIOUq#VL
zL83n(8mE8!YaOm%D(0_&vpAXaX@=GVhl+lw+KFjtm~(@RE~qk+^H%Oe!3ZV&qo2Re
zyv?|?W?M@DI(JqBFh`w~Vz`}&VNRQD1RdFx-Gsq|+i~dwkJIl~wTuSAFm4WLlgOm?
zgPFyx50xB`3N2O8@{B(A2iX9%(zU)dkiTwNdN3<IMJqOyW_u!MKZjDpr-bH@wdWoh
zM0hUSg6o+%L)TlBL6lxJfmZ3jTcy3|0(pxY(S`m3?jLZF8gU<QI_IK)4@O_420D*%
z7-9$^0PfFlka*TdikGZE{t3#I74~O_{njl}|6%L=pThOOgH--gbg~Ba_9n(c&d!b&
zhAz$~|1Q3wcxk)&f9cnOaMbqDhxn8(LKLOM21BU;)rwN|(h5OLvG_JT9ugK+L$xN<
zPYi$xfc6>qy)@!H++j`s=g8b+)-B(5=KhPz*T1~*D@}^M<sr;VbANOP#nCh1QUD2n
z)&fyxT35RP^_u`FZ(p(Y0KY!{zx{a%z-%Sd3X)+4tuIg76~hX?xPQZyuFC~|vEX&E
zebBB1okZl}Jbx&ia<9`;<fu&8FTs=K_{H=aU4@UpgH{{ztN4<lh()T48y!mW``(}Z
zYF7e#?`-Kz{<s&Y9^Lf~$T19yVMx5U*b=W-O<D;jl+_^hO#J|*$^QFSl{13ZBX5p1
z8e5A&sTvek3qeK&e?h_I<X!J)=u6qA^pm(JbkMBzW37amW}X-QtjO?bb@4X&2%B}e
zQ$yPfs{iIE!V-Ur$Z18kODTVdkV_T-w{T?uRkKQ__*4sjMn}plohyf_#)4dR$;tHX
z24M)T0|3y^I71k9g>EX@ZAaBWs4=@~ke*B})gyX5z^aY~r@pkK^cmeP-tw*vm@*~;
zWu`rB<<YQpBCoG<%P6$q8?ib{nc%f6nEAzIbx=Dq;#h}lv^0Wjq5Ihnpkw)y&o=D~
z`Y&1CUY{5|{Y}VR{SRmR|Ah3@|5v)#*ud_;Qq}+6JMmw4|3_4d3d#SwEIT#-m)&^s
zPM4ek7z7v+OhQpcSU66W$2yc0z?dNk<PiDoHV!Z*pORTwXj@n+`dRhXMLeT<9*7dI
zQq^8nm1A|@wPf4W=vuc}{_=U;#lgTb3f5cG9lIU-bk#oo9ohQD_2qSy_5MB%N$?|I
zV-1Q>XG|PHr;m&OuS4}zaj!>f<}`_;2Wf1AL;$b2^d{D+GG%NXckH}}K-LF8PH$-M
z{vn?b!P^^U4h0UcWGH^zI57XrPS640>M-Oz@elKesW2RE((OTh8QmX6WlGfOI%AF=
zIH|b2I$L3<y!{f&D{=fRKD?1;xV#jph{q&_N4OA>hkVOB9(UQ-1!NsPJ0W)th2APy
z9RPl6`050=#@<Mi@`3{+N&4lRIc@%Qt3$;Sr_NXm#~@yuqGhH(8{|P5@V3Z{sfTxt
zx_S3?{JNvVl9RW8W>Ad-D5SO%;cVHSjS0iP-PAU7E4KD4JB#^F67)5@McfjO7T`6>
z!`wkUMarqX`4Gc!SM1MdLHiICaB>kl1VPK^9la6;b&ujf950kp8DdY$@cffI^FHsg
z{2~v0$^>ST<EwYiDO1OQZ9C~lw*!aj-eYX<u3k*6cby=Hg%>Y=?qqn(TQ}R3IWY)5
zTG#f0oom?KR2=WL-c(%gkX|($?_{XfwH+(CuBDxGxGvqJR-t2DA8*v{%6q!G-kF!5
z<Z5P>K~xI3k#0$0Z6Y>SeTO!6)z#{(iZLlMfQEt&_9dp&QS);+v9@w*oZm4DogAcw
zEMx1!x2kpK9;Av}=%>HJ5|F(~`)(iOo9tg+S6NC@o5Ktblm7w$w^Na#B%|QJn@iof
z65E-V2uyJlal=E;z1n_;?9=6`W|dNvMmL6Vr-tnzzckToj<UsrDceeLYM{!Jip;XB
zKtx7#cX5*lUtTVmkuG4{N;5~(mFwVY5>j8o85~ZIa>6k-i>sJSuuWM?XU=JCdCS;5
z4mH^~%Mb^y%@xvGmB*vQ#e<TN_s=S@YRn^eoa|dgiWOi1VatSo_R(ZnV$b6vx^Ymn
z=Wcw0>fk71M})0sB<2~n(BR4DmmDW$+k2xb6Hu=&ErzruZvt@`3LVpNZx?eK(2%=2
zhw(}DWP2HbQC1Gl`c3#_$nJ{DoBiRUt;a=jiYoHQuvqrMMGNpikCWn^=ZN?VT&}vS
zu+V2&z2YaTR@%<9p&K8}UE!G^xIf~9{xg-TH=v4%;Cr?tF}@b7UsGG2d5-F1u-qo)
z&Z#T=s#dtf2;>m^sHd5;Z$(CJdm+p5X*I2U0ykoGCLP?#Wvlug5lCXJG3^M`#HFe;
zzC>Z#N)H^h@u`9ATtsIV4ZXDS#HP&TS^1vpFS?TmL{uA5I|!Rs32+Ys9+<CcB@LR;
z1X>}vY*?*(Y(3WqbuSb>8<O04Sq%B0$0QD1xQOKs;yD<WF#JkS;KkO}vnQMaC}laP
zLJ}OQzXJxdp`A(|3`G?oFG@mmD+k5=Xr^A52yASFs{rdc|C7O6_2t~sz){ODhR>9y
zgEfFKa%4nmx+{QytKl(DNcB{_Je<5Af4Ak&Gh&+XmssZ?c~JP>_(j~rUH1ip&f=O;
zPmu=o1=LgPVctMHUGDH6<}P#hprB?Bf{3Q!woF-o#b)7IaBSt$Qt6s~nz$COuT8Na
z1N(1vyo>-pb-vm)`&Xr8x9IUwscmEl<Aw$O$QJxnsyVI$4k*Y%T-m=#^PyJ)Wn5vx
zBun;W3AYWK8>R%s(ES6d(GkcjAUk{E3lO{o=Cy9{pHq98nG+jlxIe2xcvsoEXLlLj
z_&`S^JMt`~$2Vk@6t{vkZ?n<wH3LOL=&&k(FY;L(A_+8-;oh%tUoMO<<DG{$hhRz=
zCyq*+h|C*jN~+B+lIsYmoxPJJUhfbZZLfPBiz$K8NSmevL#i$=aHw%Kf?1wv;efEI
zK2{|+qO-YFsj{IrE+*3j{AiznIi`efP+3-6Xl__iL5ECHTcEG7ML?sYg{P$z-!i<*
z^2SWSOuRnwlG*BgO7|wbW^Ki6yZh)EKj8NT5}!=ZG<d@P<L`PP9e+S>+;&^rnPTsu
zV=0@Qh1^gAjl~hg!i=wuA3MAk0B@x~4%C5Y1Kdagu|_xiO-jh{GrS9WN3tGAWTCUD
z{yAP#219FWSvqd`8(q3Qqa4&?DUDDatF*KRr&dwWQs$FNAdq$ZK;nhzK$}gKTwqF`
zs9eSqbpAH+9c{jE7n8v=#VsT;@2>*0%GP3hLx(t*C{C2oGHK#wuOpdpIzSl|m0SQG
z?!@J_byOg6@dJ*mEsA~_n{E1+RAkCex^g&`L6Y-+2dqLqq-ZkGTgIjibD~yqyjrKQ
zIYD=$7I>$A_eld2w$(&*4Dzo)zfo4pp0d<n6f2}{a)EKg)Aw(V!|=3GSOpBl+8#1E
z7Bf+z-VUa$Z#ZE>F(AL4r9sjWGf^*vT3)%Oz_Vbq8-?MOts8{8mWOR1pklP<&S>ri
zXRnwF&(iLft1a`3iw0_!{AoDRE&B`n3%&W(DaIU3GsBt+x-PyjxAolpL*S_0oz{wr
zjBm!akg(}p`;U7?Uxo~kE9EWAyEl+)yMdEw6xy2r_b*@#ZN*FECJ|<xBsK!bz1re(
zR(+2>dt{9VHgC7M^C>;`sM?ef_Lt^&o-9ARJ3_F;_@E$}V}bN{;xEa*uW9nH5JKdy
z&yj=fyWy4O&}d$NY`{<^(87xy`InCAv#Be8d4;)kWwm9MxrIf!Mnh#0w}Q&Lf`+11
zbA)1wfx4BGw1~2cm8yu2n5>VLkC={&MGv;2A7a13l;;;Qf)fB^P=v}HR7Y-VBUxvC
zs5n$yr3SCuq<rw_(2GjBccbIifxPo4=AQssi>lGDqbHe9mCRI`PZ{?ofp@O?0|Uhq
zIq4Aw>?s?FR@jdH?tO#uK8M3R{ND(2YIsR#vBArccfZ}(&LDZIP+WK|^oe6mzNQ}m
z7AL}vcserQ2jO@JdKNUOHuI?|p-y7F1Zyf4bBXiTJ}g;QwO1m-Lz<$0IiU-iY9{QV
zjkRQbk2?B#KZ?b1SY!!Jb%I!B^$fFf%{E)W0)chrWhMt}em`Jz+RXW#I4L_BfzI%z
zb2RoBmfRN?k3&3B`GkHXZ5gjkAH%9NG>5H&%I;QU1*%>q1qdQ}j?1`KN0$8_0*F~&
zxw>d3`|g7j0Y^@PHd<`Z()EuKaB+rkumuSia#Ox_@zy3bG^K0CAmxOjTrYXc)Yk>S
zVyTm_HksZ))NwDN+Nk}NK0F0oi%vN-CTA~OBeu$9rklZoZ5Zqal!N2}O_5>Gi`Kz6
z)8M9Im(Njv{T;2sE$u_8pBX1Q{H+;Q@|gZw03y~@k5D{*W~4RO6>2tYSlm-fYc}6l
zb{G+PrCiNsk7|L9M%7ZCR-96Dc&$8@<y(+e7pWN*rjl!x?f-iS(J%2gPJUrSW%w}r
zirXKNnhzu+>~*p7#Mf#`DHKeR^voO&a)b0o7lZ+suxqZwX4A%sa{Uw4JW+RS>M9;N
z(gF(zEHxG0iIDRV+wmV35NX+m!mKv#P2($>qMR0wNpB0ZYC4V}kK_l`xTx+Cl_VC~
z$uME5F8zvqXX$tpW;K~JBqu4`OW4wdG_HcP*$oO$#g>5Av8Qog%Ac=L9AfKfW1)KX
zOOZe%*wS>aGKx!D1qrk$R`t(mbNvmI`r8z-vcuFLQ>*yk_>?sGkcT|hMi{2bx>rmF
zml4^<m2*wS?I)aRGPc8-nO-lvw@D3Jk&<4YCSbosQB-$T`S2GN6$w#zFYmYj@Nbk1
z_lM(fpu_0KimSy~GdjHLw(dW|U)3FvahBlgMOS(jH-kd(<4ule+l<?rYEx>agz54S
z&VTA<rCeZ1@sKl}o{MDh?S?Mq%l~Z`rp)3Nlq}f~y*AD&-{FrRm?23nQhUWW5>jl+
z==&wYWyG?ktP;%sny!$q>mgfQz>UE;Zzha4UVeFQN<wgcp^av#WyU3o|Ez5uYGK$G
zRQ#J_5iaf105`8pMt|8<yIvk|!u3y*sK?@ub>i=^J!{&Cel{60Umq1t>T$ScwIOb=
zw)~VNlD~Lv{X^^x)f3DQ&pzaR@e1?b{Mwu1V6g00onFKGhDl>>#U{qo-&EU>N6lD%
zaK$!J5^ch_vKZbeT+SI9K&I+3?3P=K*i(jz(z@aygY+|75x)-io|f!rBS}+n^l9Jb
zbyU2)qYrthbTj{`C2^}=Vw^sft($;x6yt{eM0%}%>J`P<gtv}favPi63?DIF_2TXu
zC62!g4o40zp2&rTr8%0E9kMjS?YotFW}g3C1rXazn@5Tz{zgJ@7|E7&btr}JZ65^@
ziocq0CMn&vJi_o>v|Di|(h*KYi5KT@EfpT6P|I?U72Q;IW@FL`s!4O-&y~(jcniN)
z1g%!hVta{%bDXzsLm-<!6J4f3=5hwzG>2W$YeZ^wi*x1JsvPoCy+n5366FxV@N^_8
z#4e4#{GrANxe1<~TQYHdN>U>()VzI}y(ZBX`EEP?>0=DYi*@|{GwBg|&ZFB4^DyP|
zhZB!1qNkhk=h!Bz;o%4CAAJ=DbeX{~U7X9OEqNmXgfls_?#~;(gM4k;g220lH{((T
zp^Am|q9h%#3?x;dPRqGd%7^kiVNI#T6Lan)%d*Tf#_I6E1sT{<@B-Y@1RUbLaBc<6
zB9k$IG-F!=`5c`y4V-_-+EKzBMw@IJskoK}F5F(ROGB0~5WKUdh(O`GVxsir1Ifev
z4E~7+QR^#HvRVn@xiiJNbE=$MfhgscQ-U1N-HC1;&%n|Cmruid(|tkdecoYaQWk6w
z!7|=Qg$!Q`)ybpRn|UTs#`P1%#j=EN^w9}+F-Is%XP!(Bi~eh780;fYZI3rrG5Aob
z8;ED4Lae9Oke(E{duZ-G_3wOqarNkI<h9tPKCtuBVD8;Q#dO4Zy513PP5I#&2tfF}
z<A`LgEz8+del$$*qWYUm)J4%7aGxVC!fm?~9_N(94(D*dz6@l{JU%D;EIs(JMrrfG
zp;0k^)C{`la6&tw6m}5t+$k{BbyzU5EQ&3=??>$@qX<jfrmR3+oQrHA1ec&YPh3^d
z=J0a+QH!*W535i?!dzguNomG{G~|Q>W?Ri+5n0hQ!b&n^xm5a}AcV7mQ4j}$2yn=!
zS>hnb>tZUwr<q(xHnH~7XB?cvC$yvyH9}dJS(qfLEKh8;vjuslv+=|6vYf6+1Z7#H
z8P@)4drh;ed=0sC>-Ij2ti&zP7M<M&g7~dh`1U?aIx0HnHxu;4s}dqzr#ExmvGL<b
zXoTcBkm8)VzT9fh^G@eNUg}E4$fl=m?egaml@~vcnIK^kPdJs{ukj14n^G*s!kTS`
z2_wfq4p4KCZJ-nOd)YgPmc4hLQncy%+ebPeF9h?y+BmYu@i|kFb=i;{UH-*0Pv!_K
z-t;~>7(w&6y+`A{hcvhR(7ao~k|jNl(?Dc7h;5xPSH7@#@ANIF@;eLN!7SYnx-Upm
zPj+pQPUeuYMP4roXNMXMk*SJ=IdC=SJzjK|NA#Y*Q6D(%aw&3O<X>1lgQp86@*ej)
zqO(<mmP8?j(C304kc9JsIv*IVPlUEXRa-m;B$anV=SUtX@m43bRN^dhA8}8af>TzG
zxjpgH+fJdqGU^KXEb4bu#=a78RNXg5J#v%<OG<{KGk*Ey%yVXCe<qDtBFk4G$%~6G
zyhr)k-tP+J8PaPK9Os4w=_(iqxy%58(wh$4Dcb+aEc5OEAfnSay*oy`XpXc@e={$O
z3?%3t*0E$N8dg4ODxKS>tFLe_8Cxqo@NtHSJbLLoQK|qev`3!36U6Pi!az99@s)1<
z%?*U$m9kMAQ>;F~#X5Rg^-hNjZ3B|`xbA7A2YR};e|ARyop@s6{Q+Zr3$t;i`rw^4
zH2<9ixD_n4os0dzzHy3g?RKri*9l4BMVPS)slT}$An%9R>KCBw3ug9CQ}`86AAEly
zs6%*0kk?Ixc@io+tc=SCisdw86am67adB~Tu@7VWlgvO{HrY4NKXvXWcn2(Vhy&lu
z6LE%_Q;%o23U5Z3-6|UVA;Mr^ONnw!{$x9v9*oBpT?5sH)E*qZeds%@*~~!+$vU>2
zXci@Q7{!GjiAyq{B=R>KoY_^8q-o43@KvST_A=3b*2XSYH})b9q>Uq_OO4@SCE90!
z^u!Cj2{o`yUu))KnT}cEksbHI@LaR(F3t$4IoMIOlkNm#p3=NDK5{mZj};|eVFcm@
zxjvCARcf`6D^miNE638E6u;ldoC|YKia>1G3HXN@Tvp#c8ZU)@vM;H=A$L}cgfTR4
zTjfRo#Z?cg8dGW6To602gC_!6Gc~jV!NL%lf-d-=xuc(4NbN^=DT;Va(5w@4)F*GJ
zKQUvQYg|_Rg(z6xiCh1P8(ITcr}Chyp(SEen@m3PFrl$so9uLzlF~y5i0eb)%#HiI
zI3YgGqx6NsgVdxHgiTa~wE4PRcHsV>fwNng^*6h?IcRE2n++8u4g35okt21XRHJ=Y
zuF8~>t!5+Q<$jQ69@=UpEPk*SSzuc+*1*VsRh0|2B9%##hQN|par%;a5ALk#u-Opa
zMEc|YQyl)lYDmcKk@{0t@9kkB$aW8av#ux<E^A;{mBK^dwk$>S#%XTLypTgl(4O4j
zFukf2_$mU=NU+&(ekxmkjjCmXGE=qm?wZJJDl1uXH1B5Y;p%QElvhL+1pYz(ZsZ%&
zOD&)F9B59?obQKv1V??&SO|pIRK*$E9nM${58h|)*zm6=1p8;n9s6F*m+3837t?ee
zYP!kIt*>1IKpUIb9K|)6WKQq_n|voj(B65ik=~K0Cu($WzU2;+^yqlw3f~!JEN-qc
z3HUP>^)7k(=;W_Jj0>glvUs%_$(?F;{_rJxnyUTeg~8!jlhSq!mu5pqd9rRD3zd$=
z+k~o^RBM+~_X?3gEqsR7#k{=?JnF8kyuFI~(w1P}kKD@LGIwoudeax5QHV!k+yxtq
zQoIFNVLkXW(e_$11+_;-Tw^#07hCeu%O1r)oi*Z%HQRhpi{t3!YUOU+<rM*zkP6X2
zi;aSfs8TM#i<An{z>BuIo-hisK#Qabn{X=f;N>O2i;sdXpe+V0I$>>e-kvz+Vcey*
zP70exxowj|E*Zk(MN(8M&77rM7rCB6!g>mwrt+nKqRYT*qtDWbOS?jngyZ@A%nR16
z^4c=`7#}V5*O6JrvVY*?+W0^Wl~Fzxe#3(!FWd$0N(0%b_1zQ;W0x!&486X*PLUW!
zg59&=t%WEELO3&BeaOZN0?x%(#I~9Z$Z!n?*YTPJ5H2LWnH0LfDD_~Px}(JJ(G_l_
z(tFhAiM`=v_pMItjhoQD`RK%|*ZVktH>(z+;o2ZyZp6Dn*zc>H!I}5g6~0Iow#NnR
zXSU$*l+2&F|GCO_G?j~vFR-p$X1bPz-fVF%k+EJ768P|~)(i`>#+s{|o-Rmiusz-^
zgqKQ}PJIr6=Rx*B&LLX;2iLlVUO-=~(08_4EiE0z4#<V4DukLd0f*duTBd|r<L@I?
zN)qyRc~6>`^AByHs`&WnA1moxSYXWdBP;`hDi}<9Qh$jVAVnMxex(`_-g;8O5YFWM
z$k~Q$%I!dD`F-sh0qw#|`y#<%wC~eaSUGdPoOe%!12*VIWq^;ANM-_#8pi&hgcuV*
zMW}73lL$5d&rz7np?N5oqKsjU!p=<lG~hJYla5*N8>Pu(JA}%}<~YM`z6{9$$1x)_
zaNg@Q!^wL}^3za5!ZLz|RuL+LMQlL>g{w=K8#iC66pL)?tjpw)fI(+kQu$;(4aP@;
z0QJz}>Sph{<i1JSxt9Lxa&+EQdei0L)oI?2^F}o#ea~A$XFTQ1G_P{z=J*>@&G=F5
zRIkr1ms;X^9KL>NvO)Vx86BsIL}NK~iA{^KG!?$hv_<g7xkN79H+Ir+iI_xBr{%Ch
z+ohpmz~y%>=2jI{SHCu~ht@@i%!4_v+YYTSVexu63q+wkVe~O%DVD_&>&4jp3$o@w
ztP;LJ=*A=Tg`&I?)b-*!t=KbHn}1G8<TJQ2!SuZB`wy%OGRBpfxUFvC_GdQFB)yX5
z7kJOu?ZVjG&*1H&_;-Zs>FYbVq~n`6?cVNP)ECg08@m^{r0HFOyViHJuHdh}<r_T@
zSigy<+wB+ZPe_5tyU2Iw?%}V!>1SmdR=;ZWdkRf1zcRX601wW!xa_<pTWXWgy}4SR
zcU4M-&8*BN0iC>;?)dW7oVex38fB_HjeT^VR}}jin;h={N7_3^S=M!1x*5)}ZD-h#
z5j$+#wr$(CZQHi($S^Z(`^I~|)2dE=w{Ep|>i*k%|5>ZGJ;z#e%<=Tz_W`QwGfMeV
z_EHOQwz$PFT1-th)dNkC)yj)ibHL$odgg`#26k-T=o_9u(X;kfaRNEBLZ@g0zOd50
zb#B<0>OEdm@g*$t63V#Cj_e;mBgZ(E=N)X~HpDs2LDTZ=?zBRUoA>0q#w(JPQd#qw
zaVTd6hMU=<Co^n;76;Bj7Zc+6u^*yY^TO@Qd$qJFNd;OHCkB(dN-+4mbP`WbnQA$X
z#!_{kMa=a%%CXg|Up9abFW<MY+n!v`p${1!KkBqkzuS_;J4~~$Jd;McyfEpnK|)=c
zLu1V7Y3d6>9a*k=Z_$^?@z=UL!yL)x<Z8YY_Vo9z$PWhr6rK8YsZ{lJu{g5uqVVHO
zJEVGG_HOfpI5Qmnf<_8vZ7O+RaB9TqVE`XyveL=6xj~n}*v`!_Z}FTzFQ?RRm%8kX
z8U9zr_&RYzh4b@^QSQQM2?^fQjh7I#j+YReAWtBGsp6MVEjMCmxoQO)3wDQD{xuwX
zGm+S8u)4xF)p^eJ%Bd1YE1;=mG&$Ld!k0CE^-^3hk$sOe<)rqyf*`Y&9}`(abT0K!
z6E@6B?i<sDDI97-4OvRZi@G@?SGAIV;8~pBG)+t*T#UI^&2B?XlWBHi(g7pW4R-^t
zWoQBIhxtMb$A%Psd;!_=47*Q;-y5&N+W2mjiA!hu`Wqq%4gY5iC<`2^g+_INW<>}K
z*3zj7-__XYch)Z5p*51p_TuT09FM+?a?BsOdEFAV$zN@X?}@tLEb%NJhCCheA9D3?
z1%_GKBC%)CSY|;JD0VnW=yll4J9gfVR4T$`SX#DowC&H@f7a>z5W9Wo%=S7nACWg4
zM{|IHv`K|aQk0-K!r)6%I@!OV{~7N6g-d}#{T2^%e3Og+6KeZ+P+I!GJ>2_G;qX5J
zc;7=flK=AcUjw-+`H62x0fo!?oDKdrh1ZX~S@~bFsc6J_70OAn#DQ|A=vDPOgUYGn
zb;RqCdpx|H=$5MlB)sN<gZ}V41qd!=a*%z{B<*ca(^>3K*$(IUJUw0zwh-802euUO
zASpts$h+Y`RfJlNbB%lDa~)caTA@%x{LpHvOLVL4M!_c^)n@CS5<(%eq}+e&dgsta
z(8hRhd$d#K{6(VE<s$+&Y;o;Puma0aI=TY-nzu8T+N(uwXKvlt@oQPXYVJJtZSowW
zv}EcTBch$&FHYwC%MfS3u|-U$=aftjR*Vd)-MHVt_IP}&M;r-wOknFYYEfH+0?8P0
zPH`bhwgn7oGw)c<;B9nyEjX*0%1oATuWMwm#lyBmi<lP~q?t!?GL<si>gTCTFi8`n
z6JLodE|XtS$?xy1_Vs(O#;k35(I!rPiR}lcTI!>%NFB)0%LSV03kSykG(v%?q;j>D
zS4W-vL~B?9+^>ZtO6HiJ`8ew)eRkt~<N*}(0x6Y3<J^ohCH6IwpVSaAGxOO*N=z1K
z<hxD1g7j%%^VH7-3@f7unJe;P^E4t}5&qEG_j3*zt^MQ-2}W<cA(iqG`dBI5fmOan
zgLdrTN)Hpt1T!RUrKm?bS5$-a##Dn0POk(N$<kJ~wVs?UrjBiQ0)5zL_ztA&PB@#K
z3%CJ*NwDPrPkUwq_sD?hh=N%x?7)}p94gjw!+s`0X^SmoW-WUr0xORJ5LN7g>uc9|
zQA^_fC3hcITv2EJ<{A3_7oOqYS1kYk&lUTht5n6z5qk;sb2yo~o>ST%cQ2GgC^2xf
zPZ&smKdUPI0s-+4TysN7tAW|MWGpEI7Q5Y_f$qj2els<3i9AsCUnGrUl2Ca?jl54;
z){aFqo6{%TpQf*ym}<$Eq_%K4_&raK+g?wbZ(dK`Pk)=fxSoK0?{2PsBonIyD6e`S
zfM5(|tDg_4(s27zDQcGOQSwy7?O<tA-JSu<*43b`d>b)YR}M+Fs-<ffo>Wm<E7)~}
za{#ACW#Z!}eHzSrYNm65nD%OUd-4x$0!@lYTW;)+kPr2DH9eznUyOKpZ_o`unBNd^
z6Hf_Ha%1=EdrE(YIlOc-$B5pQrat?(KBl_X>ZFepx%J1;l|Re>klCYvyqW-FWk;2v
zDvcs-&<d_{Ic~1zjVM|OUdo<#U?(og1teiABZQk&?uKSBA$LTI5-~BxiyaYVVzMp_
z#JL)~2Ki(DEli3wjqzWaPUmWybc+kLhBcl?WJ1Se2%*_zeIYhcEimp6jntlPXO3TF
zic|gLu6|#|yinYg&K;P+N_E|65+CfJX2)dZcq9T2TcLw5DJPFVLvp`pyvcaz!gpNf
zlIGasyjp8;l37)PjN(ndac`ZKE)>uuJS~Z3mXT0L(gHP-t`Bt@AAnsY$(U2y@qjo|
zwfS0#Cw3B8I@27Al0ubf>PT*%QbOdFGRW~n7FlUIt=3~z=u{^mq+VGJ6{I#X`uK;q
z+5aVh>bHEUhH(ANvXw#Lw5?mxP^gK_>FkW>_$8AeZR}|5N}y%o&Z1b>V}7c*ld_wk
zQ)6~(rNj&%m(eQ|%2jv>2o)mhz&klP0@3zKxE~pJX)2LA_kz$tbrzwgzfLuw!)A+B
zA+9wIx#w@PrPy<Quu%-E@??57S4rk+-8twcbjfjbCfw&KDrI+mZt)C`^qKS4Ub!t;
z4rR5W``MVGS{8F)Njtfix<&G-=6iL$mEM?)JAFfE@6Xw3v+5p`bx2hmC3<?6(I-b}
zpvfM_ILbt~T)Ko7q+x)<Ppe-#ZqcoIdMwMPs$oh{w8v+WF3nFN`nY*cU0hn{zk{1A
zug))EoJ2YRDm2kgjUxLI0&|zqvOXp*jU7G&%XQ{a;R0B2`#%>{2H3I{>=Xx9t~nE|
zD9@mhyY6JwMkJltjV*8GQO{&={DTc#<px%6U}5QYGb*uR>Gn0Sx}#K7`LMKyEU>x*
zuFRkDx@Yn$T`8||vi=4qMwrFi5Hv^niwGB5^fx>vj=dm(L@5YpWc*eT8<3w}GgHH)
zYBWJ7gjWM6kCK}XAv0$jOx*YR#e`xnQ!J|?IsktyVCG%8JL0O%_7diw1O@<oCn5yV
z%KDg#HuY)jm4rluW5_4s8GSTN7NU{BPf%RAR(OvrsYqSCc6j$ctl0eyKkW;5*>hRu
zl9D7=`P<`PRd?Avtz9hb;v<ump|_G}OdkGs_OGcYa!0i4_OPqtx-S*=@GJ_}l7bsC
zy7q$Rv&H;1)qA>A!R~MVi;Cwe|A#B3E>l;Ko`q`<zjyfgce!+)u=APuPKu%%^mnC!
z?d#;=p8YBcwzQMXUcS`$;n?YjJR(hlpxSA|lB;1S)UVlVnRf{RY~{oxm6;uDZ8j)r
zjvKAv35Qow);Q9`mgT@jhRvRd@pC)6K+MCV<v<}3ga%mfI6WY09yhDDHLy5P*3zR$
zDU@60zd|c@&5JR^whNHeN^XIY+ECEq4`h+anRk82(zl-pTF~?LBg5yA1&1?HU<&&Q
zq4sgnO-P_J<xFNV)zR^;#F$g-X%Uf)x&|ccOl9w)Yb@S+uI(2m@!@cj<Lw*Cvg_J?
zYthK*9CI2XPV<c>p-0AS%64bpvsoFOLx=u4D30sbxyUYIA{*?K16T{m`*cd498NQX
znu|`smOH&uPD-mk?fy#K8(2tXlGCBZ@(E_VwJRZ1e?^L5WzafWFBTfqh^NriB}n0m
z!=NCz_fvHsE62=wveJAl$Hv6ylGD#*s(nLMv=vbnVPyP$mN{<YI#lkWSilsYYE=nK
z-=_5cpqWupnT&;NxmU02m3I<A8Jh}z2MxCz#4DDew5ri6WRRA*x{9WywONYeI~*1I
zzeU*Gwe!zgj+2Q&6{OG+C1gz7y3&n3EDYF;97vjoov<^u*r&6_kWwXxR~;s3_T?w|
z#8xdJ3mQ&NEwy^~HzoI<dTv#jx_8t7GW%i%58vsl`FW@9qJeMU^{)ydYZ$Hz!h6*J
zP@Q*4zzMMLP=^A>l`K<w1B@#VMIDl6FH=kTAOO(de>s?Zj|j@M^=jD8yrLZ`)}2~I
zn@h_$N9iuH#IGu9F6G;kSZ5Gj*E&l&KXZ(_b6s$>gRTHM{;Vv=R*#(UP8v?KRW<DW
zD~D|66?2<=X)d5^Y^UXOjM12j_n=(+sbxFdlRw>0EruB?p!BJa&Di}F9*O6R@q`AN
z3sSo-=%uT29DYXK!RcKRf(D%GWja?*@#JCO<8v%Mk(A5D0G%6CeN;I*|F(8{H7BpM
z_I?a#Ro({yEr9hV(h$)+3o{K(ZKj`f_(Ml-Y5}=C6j+vn0HX^Mj9Ak2AWA44fo)4y
z1=+{}8D6O+(>DGGOtZ<47+A?yL)gv{anjsGDbm;74&J>s4vFWopY)hi$*C2@Yhy;j
z$9kBo`dW`kB?ofGu06MWHNSMVTt6fHg3>uQKSJreQ*kJSS(6gSJ_7s`erJH0I<t#U
z1UQpjl}83cVXc!t{p#0W<T<dyaTWedo?{CNgd;jaY17+D?2)%}#Cz8xba2`LZM`kM
zS_aXrGZ}o5((u32rTxhtBik?lLx3i&)m@7H%O?`;2V4q^(4p>BUG6IkvFYHiM?{zt
zd}EZi>(B)c97Yd@3@e@oR(9ScU1(!ns-_kLMCTn&`G&|3N_}FKM}(v*i~}A2M@dZq
zz*Ao@EJnT(vP=Rep<`$$4G}4SX-)%eo;P2e=y4x#9wSnI`SH*KT+`D1p;(AIJePZa
z-m*jwo>S?=Tn9w%0z{H_tJ8^ieB#ePQ`dMU87%zHnCp}<pP-)+VAxQVD@nE72aBKd
zBOMqK1KvsMrK>8ZGloM@chW<skmMW4NvAYbiwz@nu?yT|(L(%}WSCh+J3`df3L2bz
z4+#Czc#W<`8wY4jGQ$!Zb(H(x8X=wGsp?NQbri9vkG-Ec?bKVLvE7b5XwB^RIaFry
zKH9Tq%C2&Lq~5-EV75GX2GXKD)2ny`awRSf`ak)a(H<=GvrCroCWo|d*@MX*5jFXm
zs|Q&%h5ptIA5QvL*wR410yf4hTd`LbE@@mt<3((-tG0bd?1;1br8W-Hyj8cxYev_z
zI8ThE9T|w7_Zjy%Qz}ReIv06{#xQCKbS6_(Qndo65wGoUe!7;~f`VTAC*Wr5OSirf
z<A_OD#$~Er;{32iV-u?zz$_#scE%wm+M-y{eLX*~N+rW=&!*WTL_Dhhfpw}8v-56Z
z*C*FlFPg#?Q4TVM-Pa{Iz1L4KlEPt3jaR@}pvyp)4=s1+^G^p>r2Sr@3-#m2H0pot
z!2TVtWcqLIXaA)(va$a^GM4|oWmf*byM%zLo~5OcwTY3Olaa$e3a5X1zJDd4+t~l-
zHd;|b;k()UY^DL7Cr}jxqeKI>Y6EL?r9wy43r^bu!@zUZ=$FQlMBWG_>gmtfWdZ~o
z2k`Xb7iGid(Szi}NtgU-FqwJEI=g(r*XaSm7-7N%e|0==t=PxA6{q}FrZd1xYz2-@
zpEyh}2}=yPG*BGC5SV|k3f3G;X&!57Q$i~~RH5ufPj%Gi$hJ!M>=>2hIdPR{lM40J
ziy~w>vVjWz8^0fh&XEL5sPYmlkuEvb(%LaxRPb2Gh?<<`tH*BNfc;!hJaia*l_ssL
zjH7Won<qtJxKtOYmW6>Gw$#mhG``^!WD>E$K_u%u<2IVIrvN3%QBOkm`pzL?NtM7m
zz$U=T&7R`thgewEI8?FW$bP6MfNWNQ(u^EvPiH^OWeq(>e+Pd<mqSXhRh$&7VUzsq
ztcY<M7z}v|FECJeI1IL|@{Vg31}36Zebj#+qI3_QKBu3HOCxB!1B8d=8aM);&1+;Y
z?GK)A8<a;+S48K~VRV}qv2cB!S;QINHQE)WCC^R{E9vL&@zBFjsyE!LFv$q>f%?D@
zt@j%FQGCr$zEJ>~Ocaa<5~@G#blj;78eAsflt5?|VLJ!Sf2p=u_Q!K~et&KkG@@B#
zj_%ohZeRIWaj5*d6&-wTNW;YRYg0Bsh_a{p(s*SkB`r_7beQS>NG9rQB8o;YXh<P_
zss7$&DH9FVVtc3(8l{Tv={PU9Tu^&hx?!e`^JjPvPZ!g1u=~i5@*phvczKcq--Rd2
z3rTg%DyNT}zDF@p0)g#U(LX`TuUI1Bt-;Nq#{fTMMAu4iZr(l6$_1$V_>yjipVos6
z8-+d|-`i2qdH7L0A~h_6?nR(e?p(JM;zr4V9du^0I+<pQ(la%g=5YlGF<!q$kV5?8
z1U`Kne)7X2&ZE(4FthrzNd56)hQd(~w3g7C2<Ix%cM?<n0jnqiNdXru*yA#=6<pFE
z%*OWug*<%gF;I5$zkqk86Me4!BS`7dd1vJ8yF=ysHpTh>K2!Pc8RGnpivAbZ{QoMk
zDbIfZ=Z7zL7qYv52xo9$n6n)$etrZXh8?8%A9-TFB)&WT|Kur=Ae)d`=6^QQHZ8Yn
z*x6JFYpjbe@eY=M2bj#4FO_drT2(1`s99*my?1{@&JyvEB&T0bFB(i&-EWs%Pa6(B
z+YZxRSAR+#d7kMJr|hE`pM~kV`hOcOG<i0>Z|GlFX^+=iSTj9mfcs2H{P9fq2A`T0
zw=RcfaKX1via5K+cBJWGk1`~?C8}LA-f`VNH*vZ{dQt|qkMJ=(Yf^^AC$h-CWXmrn
zcHdrr%$5%iwK_G#H?_TEpGIc{*d1xVeuYf$hB!PUdMkQ+TV5NmJCb}2?&PGux26=|
zY9rnTCVG?c$b`q192}XwxCwiE)9!ieT{q-EI*{??4D=kJAB;t?zf*aS9i$w-hL80m
zpV>%$R;Boi^vvW{y_b*q#6or%-{K#>lApYpV4gV5UD0WK2W&IH)YyATcyFP#`7pg)
z+26qje3{+$z<7@w_;{GH_fYYC#pOJ~eAbLzMYO_8e$Gzd-;99!>=h-r<&5RHpHOev
z*vFLpltP(^VN9A(v{o=m8#kaFP%JL1mpWuoiY}uTICL*lIt*KbmoQ7s3-&mXWZ}2=
zELA2hVji!!T{2aO>H}R=6?oB;W0{uShh^!LSg+$Z&(9;nG_NlMo)wVlBPxw61`H~O
zq@U6&;98dx3+53Yn)$s;qMig5ryG|ODWDF>o41#VOR@|oiiicI1q0R;8+374)+_#&
z8r1HYSF7Mwh}Th?XXpLJK4lZYwJAp~oD0)dFCXtT_oGB-p^{XhSb{EECla7}lrJe~
zTtX7?8mlN*l8P=@l5kjLY}$}@DmK3^M>Q|XQ%*Z2=~b;_UBsf>tdVA2q|iQ<FL7To
zGq3u^DoLh7STBQK*=1gyTeduQj#X3->8e5~Q1vu#P_EW)jc^wP>lB>w7;e_FC@j}7
zq*#@2mQhAjZ2o&G%^saaX;RTn!70@|p^P;mk%q{=Ld8nK1k;=&p@MXN5~Va+Fhj!s
zqHh>BFMe3m!lIBy*`IuBxA|}UspuVN@wshfcR?KkN(93VR&nL9sE7v6AthNwXM1J2
zvDM4`T98sis^^jk=x;Cyb^l{c{1|@l*P~<sW6o7H9ZbuUpA3i0&7cESrJDG`zz&VT
z83u7_q)~mx?V=iDBGf2Blyb+!uoC@NRe8&zjuv8W<@kee3o=yweaW&0o%xm&3TixZ
zyWj06C(ib%s5$IVfK;DrZDA9;_B=}DDv|<`;GbksgW92L^fZZJS_R2Ag4I@rMa3*y
z=zgxd0ju5Tn_92F#U#ngTT$e5hDyK&TKR>k7J4`<=t@)IVC1}=5j|G2N69?yHo`Cz
z^?8kKWg*K34(#witKS7{5VinmhA}?ZKv}e4mK*;BRtfkx#-oDhqq4ObOp}DmDE_4)
zd55W0-FGgpRo}3yt3oN^V(?I6@uRuR-~bKj(yppzAnTuD!*mW%u9YBvE7EDkNn}+2
zi;KMCdNzc{YGS<buqb(fCD8S`QG4NX%LtJc;Kb>ra&rr4p*&A&vX5JjCl1LL{;SH^
z&5g}MlVhjAJjjK?)@)s&`tlfBn1rah!{KR5iZUJTtj3(mx?r$$HC+EC*3jO7Lb7>c
zrKrajnmFAACgn<QxQUkFKrLkXixeS&i$2p*iWihkGSL?9_M!*YEJ(f>ISM|fJXH~i
zPHqz5+s5oMtY6V`L~<zaAEKSP#2fP{NVAcbQIk~{kdAm;5YTrEfr?E-0#nD{oS@XF
zT?BV;9FZVD?bUH=NUJ6q8`FY6DtQz6*5Fx1eTsNyDh)@Of{D)V;GD;M>$`v6(Oi~{
zAq1Jx6$%{!Z$@F~6@cUP0~mh_WLcFuz&O#)^JW3wWAdg2s)Lzf&ColAJ(!8?Du~2_
z*}>9QXGhxZoh<e$8gTiQSc*D_!c8$G8@hy)kQp(VE8u^(fbHYT$?m=KMLrB+dCKA>
z{y{;#&)WCRO!-TWNAOcT)0tmbOp1TvHkm%Vq+@98@yD*{Sih}ADJzmrC`mp=R}j@a
zqD;G3qXsz5UPb<Ht21Y^vkFUJGl4Nf<FS19GBV`$i)eHlCNaFR`Kd+749qOZnvK50
zFKdyhL)^aP>sQ-fyEj0Dx%SF^y+0*4i|<;*2i5aTnUSi1dKsD`S;Z>n+jXfG<qtQO
z2tA-%g5{e<K4<O)`@XWaU;IH~b(1|q9uB>LHJ5(m;s??l{~oU8rVtm7#=&6s@^2v_
z#oAAk-{bQ`$m_P*BWW<iT1PR14PK95l~@31z_;aBL;aeBD?XhP?0R&rdraP04koC7
z$SjtvWWcg^u}|mTS30(%k25W8vxmN2RTb$tK*=ix)1cx%3!rBZ6cI3S4vd>V#*vQD
z#<D_^-xsSjGt+>+Wwc>aPO)SaXC?RmJ7N7NeghR&^v@YLUCCQ@WMIw!IEa{KP+EJB
zZVuz>^^K6M2@V=_P<Fj>rSasArsM(?xTC$7C~>~9P@S1WGoqRA#Ec>hWcQX!(Tb`x
z)}`+F7RxXek&%>C*AvLeOXY`V$qkEu%qCo_4c?l^Xyk>V2Wuc0mS`k_8PS4J0L$~2
zgbs}bJ0UW)yx3A$0J!k*W@_ZlQpM5v?l3cK<HIfZf_424M}P0(Xu{i>wJr3*+ZWI3
z)t5U6;qpB@q}u5_A=%r9V18`Qa?8px%O$;+_+O?pU60m5XYl%k81iVKVWLAJv{rhg
zs#6bs-D;8g7HW*`Ugie6OL*46*qw=Bb!xrhE5~yONEg2>@FILrTsE}}AN>U^GpMF}
z0ED;%>-xH$O7RH<S3aeT#rBh_IE0+wpsqwkU>s0M7jO{33=D{PtzdUq*RkT_-8`U5
zwQ0jK@7sOP6k2}2c@a1U&I*V=mv3C!SyzWe6$Z{MeeWU}AE#L$(X132#tA9`pTgnr
z$K8$I=G%*p&FN0`$@7e_-{LPMDfQP#H^CkTh@U?S{H4r}yv1Ous7tXz7jiZ={XY>;
zRGn~2qk4?yL_L0C!AI2Kq+_3Qlq5mSn8KNF6=KVLJ1FqAcXdOh-C=8F7AV?y6%wyu
z#A}iMn!U<(Xumh1<kW>K9+AnE*SJ@4pUB^yzoLHS>Kb?KKjKts{s!)$7xw5*3DQnl
z^TJP;@R1eK)$hT(%;tJdv_NMUi4uhh`l=qQ^(KGRC7g8b1$-i_D)l%T6V&a)EE12v
z3V}3~;B$Ei^PXXdW}||h-nSX-?C@v#bOO~B(aNJUWt~01wX4WCB&~w=v8Boq?CJtH
zL*u3sR1K>vk_Nw)7tt!|FfIN`ZkP1JO_coOU`OA~XHwt*-UCtk{cP;b7hHKAKOMgf
z=GD{H+ni7D4Nq@ERWgz{D4SS94F-(JtCUwzJF#?Glv+?bRkcs=3B1q?cn!#}RNyAJ
z^KF`zWh_o5w+n5Wm)=o3VRu=S*_7KnsJ|9!)GoFh&LJ>M^91v^o|n{li=n7CwboZN
zS^-;BPy&yDN!Ko3oWe<LmH}v-Qrg$$xBF=DM@BR}VP=|KxqfSSB7NsJxh!#sg2!j%
z-v_uvcuV!@QI;nn$Myb&y$1J_Dhp~RTq&RNJ@DluIHzBHqJHpt0IBsY!93MW6<m!4
zgRP*XcB)wmV~Z`O1@<fQF1-}+_FW4eU#nM73&^`{Sp+GckndQu1}zapLa9YA<Tc}+
zU7J!w`USOU17mS@WJ+QV8ZQi68FDFoS<%7u>+fm-9@6mVs62dy2#iyA5uOr{ar+gM
z?pN>Nud9IxI_1u(lo8kTB5!~E=vj?xhP>wDAHc<`f+Cvhv<wm-i6w-QKHUZ)#k>GK
z9F8YOZ-1b!8Em<V3>5MdV|UL8Q1FM=qQ~(W<ou685Ii&eflO|9V#eOazPENBzC8g+
z&-^@Z<1+Fkg|we+rTd%`TveCG>2i3M(2YWSeh+%9Y~6%mB5(Af1~gTy8zj$O;2vF*
zWXJ|m@bs`P8~~FotRfzCn_K7y5LMXDQVNac%6fe(H30#wC4W@dBvy^{l|cY%Glf!5
zWxM6WT5!FPw2+aPo7Pf&aCuRa<UV7lnnqn?aU~Rd!%c0q{oLAkg5}r)RWgl+`iiVt
zUt$41jgFiWxy!)9u$sDxoSI2XO$Bv@YDZ(UJIg}lj6E&!FV|)H8OW8leFsqp38GUs
zi4P<^jjr79Fe#x2DuFJ;vXmt%U;eNn@2Z`}TX%Au<kza!qg}57ho05~crFKz!^*Bp
zCrvDQdxImfX^m$=U#u=dJR3TiIsW2^M$jN1@&;LLx^zic(DOEk_yh>YT&W+TlJ1<Q
z$UjGzO#|vw3mIVSLE7VZYppB@>a_=0rX)nSwNuf;h?ydZk3C2CqE4TZ-IX*?@fUF=
zMfl3XqaTxPiGxpSw%iFFY+@pJkXN(yh@8E&N=X~V66+EmN3ME;Lw!RYvsrbojtWQa
z^WdbCUkhH56^77nUh%K%a5W1))Ae7Im(e6X)Vi!odsI(h8RjxhYl7V;<ZUW?)b7b&
z9nuRb)zkm(!zHcJkRr$;MGOozC1)xsXw^uZWMBJsY`L4Fh+Aw@h1VohGM)T3@OzjO
zwdhsmASi)Oe&u+FPrZj1_*jttlD|?FH)*1}z(MKAErv^_KeRow!Un_guZvPGS_{Sf
zc5)-n1<lVxgYBByeGWFf%-wgkY#&;Grk3ccur^NjjAeq6_z;P8zV9pWZgrU_5XGCv
zqe`sJZs2pwCXF&L{jM#YhweP?+QpDlV#@}ahq~9mlT<&K%zD<tUnFDRsoXiDo^1&W
zXVV#g3i?HE2`|bp`M*vx)R|+d$|_0<${~_AJ*Vut_xO|S(T7A~0YU<Q<TPlVDFzPf
zHLYWP=?-fM#bJ;{mMCUOCR8wfHjlnVRsnfYBQI=0!BID}pusm43&}l0sw6*`P`yx2
z9LA;1d~uebCr|iZ(kgh@4}sA=zh^j29D>zovY+Bs%FlNv3z9S0i30PIbSQ~2SJ&!X
z{v@JSsUDQb2C_*#QHtikOQIW?Y<yx5Tj9xVrkb&bb%6b?NlcwG!xCTSD$7lOcrHx#
z1aqQu5Gk?z_|^+<{^;`*A6sBxJrHba*l^dROj)Q*=++p5(|<|v@!?p*Ft52s2*JZT
z$d3;5V$iguQ#$4rFOn~(fgHK<b?>>g2;zyAxQ-Jp5m`55P-{n1t6?*zEXfteR4@6^
z9C#0gwJ&=7HK%AzjY4-8Dl$%7Rdoy1t5qxPh`(h`XSfEK#&AUg@lrPmY7WE#+B?K0
zWS7Lwsup@hSKRNfD+iM4F2Q^6H3RdmW&VNicT>i<M%O$?p~Vd|)9DH}E{d;2oSF(7
z3{$uVFJh42OcgKT<_x7Sf0KDCH~|{Ykp4vfbmpXS0}<?F#(2s$9=*VWOZr-9i`??(
zu(^PSA;bE;ks=>pExDRwfIH*29`%ucyaYnZEA@yHJ*xC5GO|Iwk1}79H&<+ic@fX*
z3C-`9By;IoY}hy!$#nwUNCRj_eL3M&#~m5dLkj^hQv_tF*O^j4fJ|N3>bWEd4{{*G
zf+e$P;im{pc;y|EN8r7TzwWD){!G!CkyH7+2PrpJ{K{Eeb8F}0SwS=t<O{bW|5dlw
zW&makNupE8`mzW(LZf_a+HR@lw}euQ8!_EOmx_$U2v{b%x$FRY&qmxYaON2k(Nn6n
zjDl-3_BUf!^rwMy#`t{;GYB<Vv2o+XjetbPClu)HcaSe=^?Gkp8aFlM!C=MRyCfBH
zjpQuj%fsxm<IwnT(1M4by@ab`bl(#(WkmIrIn6(0&!Bwu=?BSXTEQ=#&FL%_<;#Yu
zu2Nv7NS1zlF*u8+kjo`K?9O0^4M4cR=gmbP-$+DX@zTR)C|>l9$CL-^z)CmSdei$&
ztBvhKMGXDj$ZVl@dr<f}F|1`);Aju|fCP%eWTvjSG)m<CnOvwlX%@*tO)xs?Bw$;g
zl5=AV^m#d9LK7rUVbEQ0!-o$Xr~gnS;zT+>URDpDu+j~%?){juQYE(uW>*{QKZrPP
z3mA|s9)oed;<5;i`i1ETv^?XCGWJCN{V4O=M$`z^s<Og=6Izas{CsEnOhF><XGq-N
zWo3J59*4;*?Ll=9$@hjZ3cy^2lZ8}S<)EqM*@Xz8)L174xh3;T_FN&9Zl_r2Cf!`S
zPF|}?R$L-)F`SN;T=uXVY;LOTk&ekSkz``(rDMq%Br1OLD_;m%9+*DCsmT<djX@FN
zEQSAZi)_B$d|rE$lExth^ub}cHw~0d%--KRMvQp`cB`B*<mJCPx<xmb1-i6SlDCDP
z9wuHm1i|dR7K~F5hp#xW1(^+Vw1pF?Pw7^Ai5lgAWPYriZzi=J!`8K{YDIF{`VjY_
z@iSH~gI*HY5bvebD&bQmBa>O|?M4m6zVeE^w5vOF;vz{H#!X}8$^twKfa|@3<3#9;
zkND@pwQ-4etH9&M=jF-_2g1?!OF6Q5w&@-U5%VAk-ToJaTU>QbPl<{hu82?WO6W;U
z`z7H0BkZ$sqGmzo{sGn<d4;p_g{muPyTz_0yIz)vl5#_+eD>o<+rfxdYe>EF710cc
zVXkTQmcXCZhs*p-h|#sOq7T@fg1HP+!ZtHVBLx=2mAD+N<Ezpp%eH&?SMqAful`i=
z7<Oov+ew90p|%S7`Oa3PEYP%y1rk>r$g7>1sPv-ex8GeB6ZT&?Ga&-+E>E&}%s9$Z
zESeKV*0fW5@-ui?(c_3k!Q0m_?WPBmnj&MU#78a*rp4(*D!-%T8bgNji+UC%QR*W+
z_dCq|^VjyQ(?b(kCouCCBc>CaW7{&w3eIP4P2TiUeR(W?OHph|g*fW>W*%hm93lER
z|Hd6(lnUXCT)Da^9!PVZRVj1?T_|uQSvzu6@JlR7R)<8jkMImq50d|u0zGPIF;``T
zYaY0)W4S?<e8;0`y2(=WEV#&pZ3ozWSXTwtFw;4m&3F{f+B{lw6*Q1%V@#g?UT9o=
zHKidJ9h;k{yvO#g*<KS8aeC}5wsD@D%-?i$B$uLK@eytCauA$kpslB>n%9%RhW7w1
z$LcV(-u*ae50O-tKAJO9ot-$g_wtH^#S1dR87epwUvR_Dfyf<w04(N=q@0~Od3I?6
zfdWn1n8JC>1a&U_$X)<SC4emuzLi5hR0t&l+7g+?WX@VMqs<Z{pCwb5%wTwBRTnUs
z0{}8u=h;z;9OOK>9ou7R`@g!y(FH1?Pp}eg3MGya+Y_^ery?A|N}WlEyTi8%EYeN@
z&im%G50-OqcznNk-_G1P$3y0)I5Vtw+Z;Jk=CW||rK4xHaEh+(SleS}^4=H*JYFUm
z6X-@hmRft@Ry53hZ-*%%0B;Bo=Wd(6!VBN=2QVG?+;bbh5dD1t@)B*EwM6z3eES7)
z+jUPNjz;r0tr1^F&nR1*>z9#0fI(jo{8+>dwXw1*)I8fF<IDPaKZfnXyOgs7+NjY@
z)p_5fCUc~XJ~HX=7gq?A26WJ=5%GiEgFG=$OpQzl@FPBX+ynC{H;nr^_uK2h?An+D
z@;4;++tKfjnFZvhoz2pjGLr>_Pq6jwwSw&6F$}Jieck~hCq5%*KI9mja$g+D^t+z7
zc&)fVRtfe`a@Bna9=c1N0byB|w!J$PVbyM2%%`~qx-7!$Sv<u8?mJjhet^(P0W5+Q
zNe6pzZWh0X-Gf#%v=R3?p`EWf{&9zr7x50W?0oi1v+kEoM;uSVW#;W0=d2ND*`lEr
z-7m;Z$9(=2qS^(!kZ#7-UQZcxn(L&3gPDFAbR|cHqWtM>jmO!=r59@-<!%#n8fupC
z+g)zyYwXR&QK1Te$Mm1HgKfw0zN-P-kC=JUR|cuVkz>(Uim8&3zAEzGUUCX)89z0d
z0I3;MNoamy`9OGxgpFgwJz|9B`q?W(ZX_qX`_Toq--g3*{BrZ723q8)%IzeRwq^%W
z&gP&Z(@eUvMRN%d9G4|zscpVIg=1n=Gr*S!o~;O6pHmCxvHf&;O_5$x*6NxZR&-NT
zw@PA@zp|AVg(U8;QV?h=hBlW>3r^bAZ{DoSG|AwwxMedpVH;8AOyOyCE-KcA9`?rO
zn)4&D-Y>hZBQI&y=foDo8w&T!tpQ?joES%(*GcXN%Zn}EGsGNvWqOMIOn$MX*Y4P6
zMcvvzyng!=*mwPK=pkqmKKq%OYhw4rN&N-v-UICao;*zKmKwRJM_H-kFQ`X`6rv`I
zDGj=UMkuH1Z`%d@$OijpBY3^_)2vFhZ>n`W`VHE)3uUFE4!piPLa#w>tp!D|QrQ*h
zufAzVV7V(GB^M4&s`@WWbWdEoD}2zA$~6r4xSG_2Tk`D>^7s-6@pfbq;3;D$yXfhQ
zJpOU<8dle2&NMHiUk?-n;n3H6l@B=YxF9u_H4k;u>NYN=a*;ugRcP)%?ky~}7p19a
z?R#aYBpL!~OP-}K@)w+E^Fa%i0h|D#*PQCN0PSPV)4u*!E_Xe-)8gD~m(=Qe6Q>0L
z`o*FHS0>c4p~)1~?pG*xG2}g@zb#t!xxi+LBaCb(cvJ?08`1TyNgcV_8w)d7gB$ES
zMIet6?NZsF$HJkOv((=9d%uC4i*yfKEu_n~h15o^H{%j6&(`^hSSj;>zB}$bz)0rZ
zjSCLG4F~0uhbmid6wkQGYXkVBI@r5Aczp`_rnXvi*LR|F+?aN7s@%Dfp$A`g^XQ7{
z8+XCziebtmk<KVBp`V6LN~ch_aYv%U!MbirC6UhRWAbSIbghJ&P<NEGnQC0k5H0M?
zjKj8Ya7V&MH9PUGgTn9b_uaCLIFC{%miY=xv6x%07vkHHLj!5=Ct7nVT$U-G@tgjp
z>m9@cm6uOX@*aS)IH1Rz2KNI0Ld1QoI{?_@cycM#ZkjecIr=8%GC$Qv^7l}Z@9e^#
zy98+fWtUj@eS{g%i!;;Lual*`kmV=#4zmTg+t;Z1cj@#4>OdY5G~I^EV7-Da<{ni+
zOS#4rVY2X;`DJ<d`8GkQNTDQ7nS=bW%825TPgstuL@ti7LkL9DpD<4ZtR^5j?APN4
zekE?BK$L#9M%ODP*BF4LkvaFle&@hxE6y<5ow0i-ID(9H{_Q=1V?0Aet<caIB707-
z#_mb5djRjxo+&rYNpIIQgVw-_9U=3VU)<k8VrHBX8Ln_SVdNUFv^g^)x1^fmDmOQt
zAUVF8C6V}h_TK(f&qms#HFl^yQxeZT@1&ox6+s%DxM~NSAsXPBVp)HaAsF1)NHRqY
zo-qJO_Gr4l?a0=|w76~Z>@?xvf2Z5{iB#}zdwL@li7&dTUOGZHbj6~ZkA3%R+JW(5
zX*pvNa^u7A8EsIcbd|Q0bbJ&L&80_ld4_#NO0zdghALVZP2feGswS+=9;n)%6stxQ
z;sbhRVx2Hs-k|3!{wW0q0ZSX2A@ib@qZzTSzQQ*Gx=G85KQphf-{txh3P><>=4FNg
zS{<`o5n5=&AjanL4AH9BfH!_XAG_U!4|WzAPM~gEOMu{=i+bTlRr>q<5pjC{P>pYs
zVkX*MA31Y`>L7W)e?gA`mLsn>><`=ia74-P6(`ZX;~^^wzk5WqulBd&s=YbxW_*w$
zD|;4!ra&+njxEVyT%^lV4eCj7ZNk;pT%t#b>~~@3s9MYK@|2KU)1II?@qY&HRu!Mt
zrjp1XV5P_*eOtXac6Tn5qt;y5z{&o_Eq<iylTp+X<KY&q;GQ`Bkd<;!omMV|&8ERx
z?5-Oh&s4kOl5Ht@k=Jqjj(rSoU*lnu6t%1U8gvdh6s6`pVQ1h`=onaKU472fG|=H^
z9T39*GI5O(R1Go8@@+y#>)XNSPog*PlJ}gWc_WA}Mqzay*By~1${=qdMXXZf-{097
z`A8LzI4hO%i&8VnZnK1k_i{SBe){80cg)beqlY+Y%NpbXGLV4}HR7xc)HWO9S@~Mr
z(5YgldAZjpD{{vTiq*MfKEM-8S(k=us$^jur|`)Qmz60h6O3GOlu+CEj34gKo;yIp
zl~~93j1*_Lg75i^EqZE+tUK$s1G&wTUe|Z{X~yO7uNuDtj}!LD2fWiuV3x0lMBdMy
zEHeG`rys{|u^#1cU#Ok{oNe{iM5N1EjecrAo%mUolfVe4Fh?TYTdUb;0rH1<L;jec
zG=PB~?X+qsQx@Vfsjx5cOnp&b7RP++9HAqPk&n2y2YzD?+OZc(>C!#L)G{-_QCfB4
zEq6P<3{SD8=>uXJ-sIZ!Q@jUdh#uj4)sb<C-a?%=TK0uxrco=h9c2aE5Mhr9Qb*0W
zTC4?`HSCk5AvDskB{ymKPN*!SSR>+C{f-Wac|Hv_H$uU2mZNadwdvgvyH7IcmPFR5
zWrGEsQ;F-cl#YS@wzSJ5k(57O3Ms<HTYI7-OwUFi*Q?7MYB$y4vgDj`I+-Sx2U=m>
zQF-3jnF!Iul{6NB(7{O^VtYx;F{+gy596HLS~}dT%$b%k@NRVEXhHCkvC@SQ^+t#}
zfv$M}nW{06t|;l9#jqzufl9|O)s=K}TE&k*g&0^{fbROc2k;3%4P^#jx$z{%@BdBs
zyEX0XS$S|igRjFTz|iGZx%UCCJLBr`imc3;<0D>Xmf_LeJ?XcpKair>-nk@_Nr?cC
z8zra%-&F@&B!Hc`E$Lf5+&~{<!K;vWfapnayan7pdEmezH6@tYI5H2qV9yfNs5v_x
z7jb+%3ieUYT=h3@j@YEy?EL2{1VOrX6+rvtDQ@;s!F{55QzS8pmu+NM7W<PZj7iN2
zHaM0z*u`rF)p_oB`|;~$V?n#^nsxgwP<vehT+Pj<dIWjPMeZ(d^m%CQz(wH(SEHko
z-5l-fUt->)D6RV{>(}NTDjC+sma~hS>3+l<$!#H*^I{GQ=LJJVCbQ^{(c;Kxhjd0*
z`T4|?Mi*F@DTdok4pU*f?l`~*8wqTS%fxVB?Qgj0lcA5Gc5>mf^EQc!u5$wOiDUq}
z*o<oXSliaQrcEBWJGjQt-~$Jo>hCz$e0*8jWQv@QxarT>cTaq&owr>myj;xA2yr)f
z)^2z?uCGw6X9hqTeo0ej3f2oG)ZNUnzBkgzroz3Hce?lB41wJn7}wa$JkvWP*ThWU
z7dJfbSG@NC9Rc4PDpIpbJZ~0nLaUa|#=9sRrddgT4Kc7Nu<`6rqi+EY$oaBAnVleT
z5Ul4aH)UTFBKMn1>KL>b#SCeY?gwt`(Y%gpLZ^(VHKdhU2J(D-2$jX?I*0)U>=5uD
zSDTka*$sW->1`0Ni%PL~ZiH~OghR*5<sYyf^f`hmknmlvj{rCU|8w03cvXg*r#t5b
zml2l*u5k0(>TQGDkKBmMDw<_%+?cD7rm)5_SW~S1j$>{P3o$-xdnEg(3BCy4BOng7
zlk*oZqI5&jLD%@7G5}8jBnX;QZ3=d{?L^r<ws%Vki;^u;zuX9Cr@6~{91=C#hVOr*
z3N!^m$iKz*op!C@NjVf39&)v$$nQgBPqtx*g(ouS26B;ysB~MKt$WoQ_NH`GL&ont
zl&P648Yzsa^EC0us^EtHFlTI{hFHZ1MEgt%>Uy0y=}Wlj-Q~v<z9ZIGMEVQvx$>t#
z#tT;=@E70wGxug6{;c$8?Bn&wJ(~~k&SgPLtjkxJ$Exh4_TgVS%7_x(pcuJ7n&q8X
zgX^`PO}R79+}QM80oC&yIhJc;=r`=4z}o&}FFuWQTR^X2F-do)Zelu?0b0`)F?)9i
zbSREII1B<ioJn4yRm=L`Q};yrqanT$9P#xLvPW~aw1Z4E=y5}iYc&#$B86g&Iw6k*
zO;NFfy#d<5s^*@oCkmSbPYZf$C#)w9h9qG>7}uv9i|&5K-FqqpydTfm^II8PQ<iXx
z4{QaT(b%$!cPBN+sMLCj=bTPDAgF=xs`K{8uv8xkB?a#d>O*|rUVFsB!8JLgWRJ3=
zjs5OJ2M3tcqA8`KfoU|B#0X`NHUWbyq5amx^V#bTt(mJh##Uj$i~SAF*gl}cILkpc
zQA9k)XFVA}GInsqHg^Q|t`)Xp#q?_V=9?iSMP{A<DC4rQ&tY1L54zEzE^|=QaSTar
z*1tLPIM3)MMO-LyTv(MWvx&ox)%<;OBPBs$CZC;@xccWVaO#RYBEc<}Bud6<VSzDs
z<Vmvr{?70Oee=HZ+#y)(&r_xpePYha1BYq2*7EK2e6*N4_tl$G{UNj&jn47PZBSz}
zU2&6Voz4V0GR@PhK}AHL=M3$uQW+t_O~joC#n8*cPn<%iUm8+Ha^<nb<wO8+)CDnf
zKvt3XF%C;YwXDbjtU20dweiB!62pCNx`c-kMOWe9xifR_u7YS2d2-uqK-@?fm}cp?
zTXp#kR8#2LqCU5flG(2;VC|g1hc+x6R>QCa9PTB*_{6|A@f5T_<nh14zQgT7%yZ!#
zxt+j1a4?rbb_{VJpMa&_vJ`$?Jp3H}g6ZJWNim(-wq@gtj`U(i-8I3FT1w4qi9z#o
zQ7Dm?@<Vp}^Dw5euW+x1Cf9tmwt0W+#jF7{y5@`bVah<?DNyhN{tBvsUu;W~C4uiz
zfAZF-u$1uS1N0AiDa6nWU?BbRBTntVf?EG>jVk|t$3+TR>6uw78d=#|>Ny(yZ<$CL
zWImM7VidII2!c?1<OrzbGa|6>Jdwb_LR}(Q_)e*mF~-(SE8~=ZF_Gy6uRHM9B4sAY
zMX|muy6KmbnGW4onkL;|U$>~eDB7vD^t%0nxnU5aC!4Wbu-F)8`2(iJ!;BaqR^Pu1
zNMemLExP$l#L|F{H@O9IaP&L-+p}K_WH49XYjq&BGQq$$%%{w8650!7z?>B6YS1^L
z6w)m}jg#hucOJwQRw1x$tRIM<IuJ>Ua4;IG#%!L4^c7y%DnWT_1Usv>hl|9+<;g0Y
z{OkZ^<%kaY)u&8ox(mrwyK*AYxecx$!GalOs>VS$yi^fWrjs$#56z~T(&l1fq`9Ct
zyCtpTmAspa5?QMBC+QW!>5FU}Rm;Lae<3`bMSu>jcOu#yO<~mxg5|+sq!xG6GfxAw
z<y9SsR~4dF<J$GTdL%tGMXd9{s?geJ#RbvucI$%3UCnnf9nn%qO!6>SFu;?OpcI{b
zLOKl-P&|KAHMUqLwiX~wtEYm1J?L;4>-P0KP%}n;pk7c!>wWrvG+z^A;?6cw#_`Gk
z3DzBm&9B6pq;|+dU@}&RDu2-Lbqj2&O~Puqk+d7Np1z`di03MMT?*DyhW8(NqYS55
zMik%I6Ovg0T8gf8x3B1E1iEIYj4`IOu%A?lv~~rVj!1@ZQP0oXGUqBmdQ7zPL_wT*
z;enM%9^-jtx({yXGcjKmJp8?npP+I9$9;ub>5t5d_g&KD8Op*IAJ^oy0&9h{!rQ^B
zt0B&>>g3?9e$lDNWPS<^Y&szLgiheBW?<l>3p=EsE%6wDlWnDlecaPyh<m((YI=Up
z6XL}lk%=`346CSuoH@l1fqE$coiXtGrR;Vyh{#yS$OGg;OmbmtuKP>#8MS%~q2P1(
zy;S!EjQN8u^p>!i80ibq4+7KiUfckJNnRiDs8$W=Y98qyrshmBaW6mj>1hYm@*4ZP
z*uLI){-ekaLEGLAziCK{|AmJ9_agi6DNO$d4JjigD4<|qWBY$Bux87Yj$Fl|{9KwA
zA<8W%l3<BSiuj+qek~`A-|{_<sZ05Dx?4;s1g~p|=YmL+WO;hl&@gxohrj19-45Mp
zOn3W7EmuFXb^ing*&&l%X1Mx7T1lCo<@t$xpCpmQO6fx_fE!Cr>QDPl&C1Eq3bdDc
zuKZ=WObogxHCJ-;lk(9#X>*oqa|^B}JsGnNLP$HO74THLfDZ1?zaLy5Fc*8~=u{+}
z(UoKGte@~ITahy1q@M8Il}h~kOBT9$;3NLl5_47Q<drkA@n@h;N_6d6MB7WT#>=C!
zo|V(O982A>K=+?}dA?ya(7KE>d>pw26hA+=V4!g8cW?t;l;4`1J5JUrY+>enp=Bl<
z2h(p-+7abN7y6>q>`BGi4jQ<x(W|lQqUBaB4(TiW_^&jP`P;n)(9ol5j?@urcZqtX
zQs&TH$3_?$PhN*5G2@AZRT3pqG7ta}_ndePSL0oFZTiknoeq<oq9D#>4C5Lhw`c>^
z7h-Q6*E|^PMV4+;{+aJOQjfduDN5CQdBxg-Q~}T14y8Q8a{)t*bre#)_K)>|!yT!R
ze8g8Thb7GN76%7gDLDO|sB_(lJl?*Fi1*Y_VE)KuzCD?J`BGOw2Psf8OFl-Q)V64*
zQ3SFZ_#%;=RbLbBSaHa5cCb{5tr&NU?Fc01mPqQ7=GD|6K#=pX{xQUM|MnwRd(+8q
zXskH8$j(=pbt>}jbQzuQh~eP(7+&Q7X8<8;S?!0lE*lXRp)ED=k@^nuAZ;(%R4=Ge
zx}|_^gW3SitFVR>=y9lQnSvvN#ye;h{z=jcr~y602kIs+TePaA{G3o7VCJWtzc%Yf
z`Gaoy;uONZW}-vjs(T#CQVX$WdD;h@7r1@~_$65!LC_Icq=+8xQ?6V1feFS)+-k&>
z=z=TVeCp?acy|NuyFmAT*N)e>Y5e~riT}NJWd847P_jn$R%Q+k|65|eOBK>pbIIxR
z%JORJcx+;)j%6!0ibgnNWK}nylTd<~^TyQBqAm*Cf24ri?R+khk?EHIdv0%*kj&gj
z4U`_syOs+269H+W-|t6WqZD%dEL)*eXa;MZNAe{F<fYG*M}rvg$ibP)gu4sJH&guO
z@ab^1l(Oyls`f)ATpM5ixf9-rjg%(=U|l+3Cb_h0mKm2rXX+{(%~`P<ft9^*(`nhY
zGmvtf5APG1;(5I*!~9+r%yZWlL-$6H??Wrny*Hq8Qy*O8#=d(7=#~pnxkkt8ra;ZC
z8fdvT$L)^lS-eqkn!Ulr-A+18#PODj_LNzkez{(G?hfvmyJ^Al&fO2OKYjqb<9=#;
zf9An`h5F3j%+$Z5<MPBG#yGtTj>r_X`y`2fN_l^3nZLs0eo<h5747#N-sg<Xe2r%R
zJ~%o8c<1d);U4`#nhlx_5<r)xM5Wbgb=sW^`fE_5g3JwM0^p#W#hCajJP>vxcpHl;
zZ9FnupXQlLTu?S?%9f0~Ng}(Ak9mxJdKC_{(OUDHY$pa+8b>N{0a6?W#U3S*Un^5p
z)DX%8=>$@tw}CxL?Ay>kP4*5CNJYgtwadYvED|#ZgTwSMI5NaSv0}0m*}Ml*TcYK9
zR&{@#qPA{H{e>!b2W_V00h}?@t|B*QGS(C+6b0+8@uexHS#XSYlXul-)>M#7T3ekW
zw~XJVAmN;a%L4xtQl7icf$Ka@3g9-KKoQ8J(4F#dSOOQNK2j|Q2Hs?(KdzD8*ceKY
zO8z~{-oj|tlRAm+Cv{~yBKePc9epLV3#mvM^z&&la?8yJkRZX^Z^=4sIz6)-9lgyW
z^?CX7EP{EqR7f1t-JdYc`ExNb(<9Ys38R7fshbxggU6^Mnmk^yU+I`Rzh=jb^&{(F
zuOGt{-B%|eHH!tKLt<iz2KK{nyyEDp%%R0>OD*f_CC3jbcxKyb0zZq(lU^y`vIhQ;
zP)LBsI|4&n!ao#+xF|gr5-KiGFz%c-Eaf|4-lbY<RHv!1q+j9hASIK&xcon)y<?DN
z+qNxSmA0))+g7D*+qP}nwr$(C%}U#umCk&*_df64bM}kx#<%ZVKW40m6*1P2F<S3!
zwBBcLMg8waUig}5v_u}^W1E2O`iaCCi24!F5vi0bH?jzn&enP$a|2jK-y|oH!44-G
zLGg!8flTFfeS4B-B-9oaRyEdVo|7)gGsVaA+U<xp4PY4ZAO>eLv(a#()N2xo8iLJA
ztFcEBj3ZlM9)yA`(-Z^^&eJj>4h@Pb@n9IZ2`x76{Ze(;VleJ&&#wj65)_vQR2tL~
z?-=Q_x6-VNdoE=pEsXfkBB##NfqUJk<y(j1fGF})%M#t|T0bn-_K7!gO%woVr{l^p
zjwKH`=1<P)<S#=*h~&^4JF$$15cT79>e9B;$+5~JfQ3r2lTq>pQySGi6uLS>(u63Q
zv?yU3V@$VbJPYe=w?({vt7xs67(>1=Br2EBXeXp6Pe>V*<%`Q}z5}LRBUXr=u_F^6
z)<h=tq=h>t8zu=G6`C~njG2wyquQ3&6;L60QYg@kkx2uz&#2|uyR2YU$+bV|k)dZA
z;(6NBTmJCx@(m;GDEN)nC`3*-6a5{~IyswPgzf}$7opZCbsO$`?F?MFfPW7W(`}Zo
zKI_z`BC(6_@#iYKSP)V^L3hye1{`m#3ZghvtperzfE~XEIfiMMN-s7_<O&xZy&nCQ
z0v4e}St7Ag#K<Vc!4W-w1wuK~tU<`QU`VJ}6Ttuv%`TLW2zBx#6Ap)fXXGtwUOC3N
zmK9d)`=~`wYf+65;$)Bse5F9`(2jlx^K4ZpQxI5q<HTlA3tz>auYeJTUS~_3;@n)1
zrAszmRh*U^H&;$5bkGWE6>+^e4k|!71y#dMb(5{iCL6OxM|%s;&D@~QB$R+&Y*p`2
z?iObLrez(e)_T~*R8_Buc8BaDD8bFtla6gcbG17u@d1YW%d4B=bd`v=wSx}N*wrTd
zNwma#vtc@36+E^<7anuyWY7wJ6TLd7UV2N?b9F-s9y^hq&_P(x3UymW*Ib)K@t76A
zL%1Qx<<L)%%R$eekPsZ-BC+$70wSCHUWaQa&X8arp}ZSkkxw0cMy?eWONv}==)}XJ
zpP99}BRu*h>gxIL*?10_j5fh7OFf7#b3OV`Q0Vy0bT<0NluOMlbCwr%?bXc;7|QJl
zlOJ5<k<Pz`pgb_5!8+X2I?X)NW)F%OtK>rK8anhMEfbQmTcI1_eGkb!6fd)Y^?WO^
zjWj*^Z+d5tCsBXUMP}Yy(*HVe8eOwf26sg_UO%{a@vo=iz^<HIQ;bPeO!lF0PMmGe
zktM=vwm@ttoM<xJX8Z`7avjGktK0eXzhTOm9ax8|mA{r;@sc$y_lUE|#N(b=$RN-7
zg~@2VCLfMil1Gub>mtadDRb7!P}%MxOGW&0D&M|RF7?>U-+E5>D#(6Edh}rYBIt9K
zwtBVH;BU?NsxoEGO_ze!c<D*SWQ8<Y{}Zuu0iJ;&Kal?vSrVm1Zef~%7%7v@H2#5h
zqdz!hfFd1Tbauq%Mwd0+JWh<(LOMTgsTp_5T+&t4ihV)jOd4<!b%9k@q_Cg=ZRXiS
zP(HiEek8oNDq!Pzv0kgsOyi^+6=s1iUHSKO?x}FixjE^hVwdZIObj!0$|$&-%Nk_z
za9ihr_HQ_?8}UFFpt9IoM2j}E`p)ZQ?I#*m1&gsaE~=Lo7#w0)@?1*W9ygx#EVP<z
zK<L8Eu^5`@86V)r7b@sP2X!Q~Dp&U+gDpx2DWp2h1}?$hEqt$q;2_8jD96qIh_}<s
zl1!uW{a0B9mBxF4^$`%AC7VQ4+$kgJ^hoHzqYlj0N^09Oui*JvK6^?4CBHt`RxL9x
zm@bLH1~=+x70y=4@#vx%5FigP!5N(S#wKrXZ44*&fD@U2tA`eptoFMpsHwzbP0-ns
z(vFO3E?K5xLxhECw3HlXgB3VtbyRB9PbO4Fh*g%;VCDY|C5#S4OmZbRT2@Y5PCTp}
zAnpPFPzXgX;fL}83_oc1X&gN6rv^J$>I6BgnR-O-_CE)&N21)MiieXXkHz!)S!Pf7
z``TOuU?tp>61eKfAULg~i}4u=>tK{CDTj!<q9Rv^+gtPendzgev*6S;$tnrcG?-!O
z1!1Y_MN{5}W9Dq5t-=xl$2Yj9z;YFd5j4wxYsU<{O{&*DT|R^J)3dcjo~jFhy}P`$
z0$fW2hMP|%%BbPmnCc93rYfQ>4uNXp2-*d7QnkmGW%rxoQ!NBImV)|<N&5K^J0YEf
zzhu*4-wiQ}3EC_zxz~_qlJkDdl_I1nUH1Hb)QjLbl*jTbw4Z`EguRshCE?*iR`1){
zbdR^^Iw5uHfZvlT5W5Di@+%o-MCQQl)^uL)kNqxG4qF6!iu6ip8*EU?Hi&SA)kvb>
zhs*HhHtBWFc$@PBmQ8Y2*z8Z6J=u}R2A!D71b*gdsOd;(967RHWM88kj+kY|G4vN!
z$3CFyHa0<q7FoAOXG6*kka*sid0@=OlE0||9l25;&B)-2!C?^ZVni*;LT4W(^$$9g
zEt7ii+#{qE%Bv91tRH6d*@3FPCrjnd`nr^R4<aeC^B6ZHmW;D+1n3~oyUbuaNa{JR
zn=)n&6xxPLm1ySbJECLbsDit7JrOE9>M*pSLDnU#U*HoNv<44dkqJ&YP3$>i7P5o)
zIBD>;76z1ss%!b<@VR0iT@5r6Dxu<?2_?8W(FeGf8j|dhXaU%hVc7cRu(G-1S?O`M
zmgvK51*W4TZ9?>EACW#<^OKs>qW~{^gL(m88JUv9AWTrRBBxx<+Jq0>EqOs-EtUgB
zN86^01(z%j*5yua(+4W`tz4RA@}(mRlxSX;DiNMy8TR73(g!>@XsT`NO;V{Y@{~J~
z0kEtnxsLj54_Mn;*?NYazutT|_Z)_=GlLP<Lb0W87y8BJ(Xqel;yydLLspTPW%-~@
z7w8CMVblDwtj;7|{wY>o#Kv;`y;I~<)AD=gfVcGwM_@S+y9d<;uW}FeHIQfg%8V>(
zMg3Pzv4Y~1P7Oe<CuLwrXVX-}Gkq%KMx-60F#gEeL>aF>ub-&@I4wtfP_`Xg_@NG=
zqIvIFm$S<0l~!vX=EpEYnFl;g>0DSo)CpMLp^m`9Z29-Y_`(Pu;=`CmLQ&B7wMf~x
zBRC?tHymP`sF`}x4XL$F!M@Gmo9I|8Z-Km@5&13&2+{F+(s?~h(Yvlq+6K>xx1w$r
z&Y@2i6CT}@4^U<oJy*109Sfeoug-KtKlFoMar3LAWILj7K}k0SyuCv5sn?i%IaZDi
zCkUQ?E^#){`EDCa?v(|FDWjv)B;)THB2V%yTFIf$`&O5r*_Mq+@_n{S05oS5lUIjr
zbEML*=I&7UdiSJ<l;(7W^B<WOaLGfkN{eeI0`kC;(X#pjIPc-4160p@q-q4Isrg?v
z8Gb(ui+Y`1J>4z<o819-)8K916__Eg4=ZzVX|YH`rutQ9F290b)7+Tipq4DDcZNtL
zJ&p+C0$bZ1c;1o-)}2gt$7~e#s7t{%$DcGX60WCY@@ph`^(eL|(FRK{1za(H%cf)v
z`;;+`=>$5tOjNoJxydSorKBy+=aJro5}?Vxlszf~@dmxaTy>5s)bh5VR@BaY=Ae6t
z7`L1m^=F0C8j^uy`=DZ`#C)<?8E}KB!)CNfd-pnDf`tQBBhOu%e_LS5GNR48r&^Ex
z^1YAIGNny8BNl9%h-A6q;K&H0&<hfQCo@5D3KX^SfvVLr+fW|m^sb_!npayW%QrY#
z(7n~3%!za7*nH=^BpX<Q&wfsztHSEbJ>(Owp_?CYJJB)WKZr<ha*VlzV7)TxaSW#U
z4faW{!Md}1Np6s$56POc@VK)Hq_umBTRsR}0x#+*yMu=lu7*#d7^Rb5PuyvgJy4fp
zG}Z@VIgpm!7SiI(+fNpv=cd`IJbbuW?2~B}uCFx6tfpq`0Lj0eU4UWU)r!~E;91%_
zq4;x|*1!0p?j~;Hg!z!9V^fjbVmKP6jv5zs_eMhGi}rBF$JJ!)S1o2YE}RDC4Z@3%
zH!Dm1i};g$bMh$R7RVg1`$sXaxxPh*!xznOqSOOq35$1~$`}tHt-Nra_O8Pb+mcD$
zfv^lhPR?`sPQz8wz~vf~ep1%DWVQYVHcF=<s}MG66u3eZ7${#8><|*;#O(dC#)&B#
zVPCd}%{(oHw6}3CIX9hM;C$+O^iy=(RHHM{t1I<I@=WjbYiz-&H2f|(y;s^+v&{zY
z&$x)aDQLBF@8CcJU)$ADA)2BeodNk;eX`5p4YO1Ni@C-Gr;YFrz#b5?RL4{VWr^^c
zV|N%66H-|y4-wOWPZ;p;?C|d(@Secx*OK^dNvs~>?k<VN!_A|9SJyx<)YAFOV(=Z?
zLW{*~f(papB~j%qjwNgPPQNjfV=v{H&OBlpqf1hp<=O|7^A$w{tED(7Jvt3NV3+zH
z>29ruEJ@TlE+}PF7P~IqeA>K4h&#B(Est!|<x#sXIC~jp)jpM?Ml>tU?z$)KsO`%=
zw;|d#nvyl=EpEyky#*+}CoJv}w_v^0+!AG!N3#?Q*O$rHaa8N4Kz>{W&Cx3d8nSb#
zyRB8q+<mLgcFxL_&gJEb6BxX+0`Hb4i|2am{zIj&3VXE(f&2DNj_}__kiSnaQ23vT
zAaaKGrUr&q4*wcZXYhZ$SY4^0{+CWqWnqdMgI_}GC_BUFD+sYA=CTtPgVezzvTxaz
zX#u*vY2;*jfchLk{EO)3PaUyY9IqB1mg{^XBlXVnh@;+kYFc~S>zfK6U7#1I2wr3`
z2C;ldb7ZN`gGm1#7rmXRL@}LzN6;$LA#HW9LCCU3dM|0~7_+Otx}vU{Rp%vpmMBS+
zgGK%RnqbhE{g8-vB3$c<XV5^JIy{s=(Md>VzME>vPpzt1siJ+gj;85EsB;sB9p%E|
zYj&vl+YQ0_-LiA`qWg)q2INN~^eh=kQ}Fs$4V924O~WqatO~H<?J~xuz-fw&qxD(z
z(YZA*B!b49UW7=Wk@=b)T9izOUIto#hy)nd_;e;IHm4ea)$TL<vv+3efZdbdXmJ!u
zRAStXXE<cy7Gt<Hdl0sF-`k@w(dOua@PZ!BNVX%BI5tqkh7l=GNp(VXTf)7t0nrRb
ztVs{Z^A(9wg^&hnp^<Me>gH%q;p>A8v88V!bdNqiaG<9hJ9@-}TFv3J_t2C+uVMK_
zK2yTvL&4l&aKjqY3ht(eW~P(3k}hJdipra?te)%0eh2hpZ$nZ%{rc(|!&wr>cZO4N
z{e5cOJ44{-Zj>^rNnWIUz_0r}D9+)oc+li$Mh;RTuUu~xr=g5JA73B%Lx@bnNW0v2
znnLRHY*5c{%Y)kybd0eCT#d*?@<2pCh%(+t$bNbPeFdCK53Q({Wn*HOIMQwXI{_MW
zs1-abiXSBQHJKjjFQmyHLcz3CJ{yiX8<GWws(itp<UEGm1Rs}B;Ckn5f>*+)RM{~T
z_Xpkh$it!|j69@~Z~iLz1CXc2fD7Y6F(g&05&B#a92jE~d(@YLCk@CE^Tl|-h4`5x
z2``-mBm%5>w29w=UyKQ*`vPdF2Xbb??lPXB|G-SG+?_++mvHFxAHw0^hl>0&D`ZCp
zQ;Yw0pvd2KNr`_1$v>Cpx3;o((6w@~C;X#grl)IfsNia2X#c;*h*(O`%OH7;wKXQ-
zUyZE54VGe(9w^RAV!?zA0CORU7J0Q|Iwm+!HElxO1V6DD5b7~vaJ}Y79BH8d#6I;_
zh-Z;ZU$Q-N9#t53dwIWt>wGWIjG-&m#eswvLgrkc4H3plQh+jbXc_pLLm6W4m8X|r
zuO#SaFC`dvCy%V3k&Mh44|nIGWJ?LYSx#wSh@!F{46207yKSR6PQywG*5V<1|5kQ`
zcYPQEaW|f2zTzueU(N+-iQs#{avo;Lh;n2c;by`i)NAh_)2bWO=3uMD*MI_ag*_GQ
z*9b@hR^CM<Fuau!Fk+P|BYIJRq+OYcz`WH^?N-s7!G3jY$UZ-0e&E+EE`Lt8R@JCl
zok-=Kp7^YRENgw18PI&P%Vkd6uWPkP%fIbZzAEvGb&uK!Vegb;eb-lcS~qTn!u?uK
zFNts5?$ko5`vjqnnTkCI^JtN#P;9EKiL&I`MizGnYF4$|5T~s@qG^BDsL{@@MjW1Y
zviKg>XmzJml_@NB7sqaOO@+1`I~?YBgs`+OuPO`yjEydFiq;nr#TqON0}dk!qmPCs
zoUC4~+_vjNt%@ySOdVlZ-eIlCXJ&lj4K1e9@q`&#IidBytjU}(IX#yLJJ%f?7k#Jo
zZPz7SSUtnUwr)^A!(I5<g-l+E#A+9XP$DJ`_b__t>zy0y;t&sFq8(;ki3}oAu0W2;
zCt!yV>qalvTZ+8m7*~(s!l(9t7geN7JgO<vr+~L0Re@uEYzZkMX*iA-;Wj@qE9^(X
z3BZyRVorwJP>h}F;j0+&cd>n-Q#$s*83VkwfSG(g2S{5gVu5J5&M-JnzWZ`MsQV$W
zm<UEwVKF;IO(U{3fo9b(rdj=@1mc&8xU~TvSE!R?4>^ogz)AP`b73_n=n1f_K}UGr
z^<Y7$qrJcE;~P?5R9e0O`R%{0f^q#nAm%TOWX4WP0ni}@N*^c#@hTuW>hJPt&VY;P
zEubML1O)Kl2T+|vKqo<A&!a>{AN<Qfo@1|DoVobj%3AvB!qd~;>$^=rCX^m&VNGnG
z5rm=N1`)%AVcO%5%NF91rh@&l9fnH&3FxXS_ev{cl^;sMFub)tjTnSHiG>@C6Jqk^
z(-*)Bm?hG_-xYI4R&qa@@smVa`t7I2^kpCp{DuVqx)HMJ2fww%b2VnSZ9QdJKH5R_
z9e(>RkH0^yv#|l8J|)T_L*Q2JPyUc%2Phg?gh(eh0S1{?o_fuixo8fPiLo<ZJ=Q?Q
zFb`QYwkHXXLG7Kb&=*xVqMQ25Ma$i<Z+h5alkO3U*Iui+)0<y(fnqTXv9dADUz2i$
ztj`Rctbn%$O?K#Zj%I2N8yvGftr;GJE{4?uz%@b+LMdLhCIGp7H5v%179+D-u+7R|
z=i&m3l8Acj>W{bz!Nvfn{^f-!^R<=#Rgn2R7vcTq+xW#ptR3z24HdtF>|Z-ssA#E-
zs0`<2rBa8d3Y=f^B&Scs#A{QDuLK7lr!r6cUDBtlvTb#v&rD?Z5+v8UiM#)E2KFL(
z={}=r`!&1F(}^Ef@A^K&4(9PPGnM0Rf`Ng>yZhx``rF<UT||Eie4ho7y@*f@AG=@r
z(}22FV9X6+w%fQdyg@7^LA2|%175(oE>=$_Ed*&$O^F^^zyTQ7@Fwl$PFEO>f(IE~
zhmj)HV;he&XDwk4p}8U1Om<@#{k95)XuC-Qd4fPa(|idfdecE>b3j<T85_X-YFcL=
zx4jvv<9v;HW0@7(OIo8IX4RlS!G+^^!pqBnIO=_nx#B&?Tq%=<JoPOtQO$O&l~uhB
zM|#>grult(i1821v!F}P%HvVBMsmsNS%o~JO0-4f&R=Uvj)BR@@gM;Hn$}=Ir$8=x
z!mT>vZMx%jy-XUd#N}1S`tye~QP4X~<W{_H?1iTUVNQ^p(NYs6Z26b-xx2n$!TYMX
z8C$f5oBY2@TnK4(*nsU7tI*l9kyKI8%nDm}Kqb(tWUtXv#WoOU#yFFqgi%<|aK_E&
zn1G_LzDZb~*ekef4<I<aeXGc)!j7KPya9R-8eg{sf^m+n?vs&~(=8({&(UltY%z5O
z=AKb)y~_fG7Pd)%LY-T6s6!K<L@_=xf;@4-ce<PMpiWZDn4B{f?N?U8<Hu0ajU|ST
zz7gODHW!c+LDgqjV{`WyF4AX^$0#c?E!hL7Gj)Mb56tf!B!h;oU^qy#OhGQ)L1$L5
zFnhw-2D>+udk!8ww;&eYaz>TRNq(v`JuKc)_bA?Vhn~Li?^*aX*<k^gOvb5y28z1a
zw6iE~c8{d$pxP(3aE9ZkSI-54aWZxJy_h9A*R_*RS+&+^T#0uX;{=3V(k$cb(*@`4
z4u)`*MJZ_|Qol2{4sB{(H+M6jB~Q$v@d>S${<~77S+lCwrRZ$ok&S~ncrTT@hc)O_
z$w7)-)2Ys(0C5EKDzK{^w!@6Wt<_*{&c^&VbLHq#sx^^k@fO+&7!gNB_IbpjrQN}N
zkgRQoMt%GGh&RmP)@qv4VxrSx$#E)Q6%}Q}+9IS)xe}Rp9u{GdM5<!##-yva6$-Yr
z7wJ}}cG_z-hV9RDxyMiZ*3T)Y6UxuTX8H}jvUDc(CXg!Vu1Ov9>z7Hf$i`#Ri`k!E
z97#49{%>>-A8xoE#^Gmh((KN?ozD9#A=*#yJ#<yP+Aavgt!7k!8Nbkv``uXuDX#3|
zr;sk^31+`_1CC^w^TCgVzL_9)0?^nPDVXA;@puuIS*4QdO9r^{%yao3)Mk51XwAT$
zV1?NJjQrjaO*#eF1F8{BCw9R)r3V52V?l(1wo>{vXUNn$hzFE*2(upuZIEq?O?=x{
z?L628m}>|enSh)rKY^^_$KK|hL9et3A^a^JC&Fqhai5=wHhvs|f+Q{tapG~;taj}u
zFdxk<cWFc@9ua%an=hcVd)_P`BB(pv>N*2F*6F4gcZmcLs6Qh4CKiT*cN&!I5B}V4
zG#VdZN`@u+%NO@>|Fh%Aa)cgX0lU~1np(TPie*D1_TC7tAtsGMDB@T=OjWy@9{Jc;
zdgthLbs1M0f5-{0o^|_s$Jmc(Iqy*VK%A)gBieBGJ@+h~-c+Wlnf7G>SP!kh>5QnX
zWvKP?-Lf!IyJ9!aEWnRm+EJuxc%hua0GX3E$qUBM>eox7zv|#Cw;eBFUsQG;{NKaw
z-{~y*|NpSdNc)eN>_4y{{#sdHR^tEg*nctC#6Owq@N{BvC@w4jL<ow&rj48c4-|gs
zMIe*I#rZ{1N7<%@(dbH?<uBBm@Tai>RIhK`2{-q;HtW<wX!QkWS6SZE^HV2YA1@z(
z-<p0MkV5fT0WAsr0{2}dFk6i)S`AWYf=FkMk3=v8Dr%HJ>VwCWs;92AS~p*M1dAB2
zG%7x0Y)3A(y)?p&W*3$13qEHlt15YcAMcR|U^s}wS7p3p20Q~okuXaoubjcHusE*J
zC@7*z6f;2uuMm=+dn8)qtfgucNv%8;Jpl1#6JjC{K1nW7RX~@QP4G1aIwYVu$g})%
zg*r!HiAWuX^1MAf0!l)<k1#6Km{ULx6yxkc@fD<Y!3Th70<S3WEO6wo6%N&qxz4N3
zZ?H=4xu&Q-anwdc8#yEg0y$U`PVNafWYT<pt2k|<DqgdB&u&t*$3QN=c*eqpapHEx
z2546+*F@!ZR!i5LG*woYoIMLM*6O@)_!$tj-gRwO<x<<(h*#IFW{tznij`mS<rUi+
zoONXt#!~f~&j<oQiMaC2@(Dy-eK=c^)z(Pu`(9(u$LduU7kwFZBC0i0h(8JGHJoZ=
zf+5JOc)!AkFr$F|Y64zng-&K~oe^j;=V>qkjx0)%|9H-;#X6#U)t4&fih$PW=Mdnz
z!{efyL)<CB#)@Bqs%Xcy#|w_KNVIvYcmuFo&hty0-bMp%0G3!N&TuTn5`9<!_Awmf
zwJ{nw=Qi3Y9w#jU`2{^c?P>oJ77Qsb&t~}T@Ht&1RhHRsO<%Oh#?60Spwh*TX$z=K
zHt@s}CVX$PvnojRfl0ItAv!d;7B}?$C7Rc6hyJnjc1&6N6>qUeCE?AGqfhn7AGiQb
zP;~J*i#SbK=Vz=`U3+Q9ME3~Uu@-yrIBw`=QN2hLcPubvKhqm5AX>01S^!>;^N%?u
zG~Ov24{X<jJ<Jh(tk>!7eHQ@NxIMCc(<p1aX&cUP&fy!&eGaVYJ!9WJ!TokD8ocej
zC$25{&!3^o$ei$iAZTi@Ap7RHu0G2<zieQXZrD*Ee&KQUSp!4^D*k5qgI5u^LGojN
z`HNqI{yV_`&a1vW3cgv}8Pho1Thr6%>)PpAThW->)BM#9_SMHiV{d5ZWU6mS<HYm@
zL#40BUvntGe)<<Xj+qqe|HGZ0@x5Nj+`JKzrOiChD6A=j)C!_14=nM#*f!*Ak|Z&A
zS5g%aDwhu|(biX`9SPOQcDj@0s2%I@eeVIf2QCvs%tWzPQ?T7H6T%67?1)@u7TACB
zq7`bewksYAS{V42JxjW<6?q=rQZ4HDzyz{Tp?w#n&?C74t7F5>vwlf*3(156s79bi
zl?MU7AU~;O9_MKMtWA$5x$<`R)NvI}J|+QT;oeLlaRC*7`?@`j0REE%5LdQ<5HOc(
z`absX&<L)Yia8=SrnFWW<$m><lUrUCJvmfitfvJmJ$8}X?eqZDJNGE(a$htc(#h=n
zG=O-$Oy%5wD7xv%HSl?A8o*LXQoSK4Q`rLz;8H2z!<R+Zju(u2W#2qP+aq8jiitk3
z8CCu(#cbuo;v3K(TO=-__{#c4eFgu6`u;rz{{u<kYm4*@b*=tUAm;f;C*aTJrFk74
zOz8h?68zU8h?BIQ=Yb2_mON**#ZnVfHyIc1w$<oSM21NqM<C}D2vEQ$bsp9%tU|zC
zm4ajOf&+~SiDA74e3A`Wjf@v6CBUQRsNYL<%|^ev;^y}LUh<14I4BdqZUuQbi}m;5
zjf{V3?nI8D)wS>P6uL?z9*wp26G>3vOCf{JdDWitxe=C|*AbilF2~QQoFLw0VW?Kb
z>Bn92{#w=ctPh%4yYRFukfQ~M+{@>V*{ep^r!7<GRvs{o;&nSd>5cdt1Z@{WPdV7W
zsCPPuD2rwAbzf`u*v&ikTts(=P#4x~4J+6zC726lXOGu&LGCVAv#@6qxX%8)LzmkM
z)uPo06Y_!-CSN72;?YFP^n->%r2LZtWCl;MNHwPY-wh_`2V}pk8pb>rZ6AzgU^PF+
z5cjC1Y`Nhhp*MUCaijgdV+#TXv5Jw-X+M1?#>^l;sJ_Ov*KUYIs^6<Ix=BFL^Cfgd
z%p@*}Sct9xpw&{%w2CxOBPowosdM*yc}mbP<>S>Y?cpJrOQQ3=6PsIyVa<JG7S&I0
zJC{k;+~~tus);6gjxi(&qXL{87iZc5Pl~t)l2mf@6VAP&P?0pTsKeK8>>{``#LtN5
z6%Rwp4-g30VZJ0BR2)M=U}GCXZlca-Uc?%MDbKF}H=^z}U>tFS5cz!uB|?O30O(xp
zi#0=T%$p@Ud4mO4ON8e^gDj8=Tw3I}Aq^^P#4A;Lcz^{*@ZB{AB5%sCLkf6R0#w$R
zcS}xEA4Y`i`)VB1`d_`{;~tY7d|yyt_z#8c?-H2s|I>NpGqo}>wKD$KeNa|X8j}vr
zbBe?wnYhp+VcKUvw;neFH=`tm6hW>442Cz>?f%OSf^@agiDgIn;TuAU9PHaSFNMWg
zL;#`_a8;b?h@;64WA69ocd(owNl4cU34&ln%cU?Cn!G+4iMQk6ie_|`%wFbM7UU*H
zG};N~Dnae*C@{b+3H>o_I;5^LnZjWxNGZ>^t~I@pOd-or8M6|ZtjD&j2%5m<*f#C`
za4GQtvEhCL>P|WEep7-lK(Ba#*A3KK)IbfQj&eVhf-paUA<qNxE$)g7+piIw+8OtA
z<?n|SeF9Su25TNl365n2qheZxc2b%Qls}Ur3#Ql>MfJo-*ZW+J>rBegAM~`d$SO^3
zGd8M(R%>c>^L_Fn$s`yuI@B5Yp97}@ovGdzNUe3_KiH(RvvUOzBZc`-Cj6gv0aerU
zt`er_RPDTdTPa{iS~y@ww$OW^R#nY_D&jOrT!4Sn@?si5M<}7wX5sWl6oVR$d<q=*
zqDd8ZjkiCJykRlXq<l>aF@c2$f=1`kw*up0CNEjLcF#3RwMe9`I;o*8!H^|~BAe}=
z-DHhDzre(AM+~Lh9Y>43@ZK`v+4rGs{DhmO$pfW9pSacjBbv&#-QJFUMboser1xJ!
z!rzaN;Q#RW{6Rk*Ee-8>ZEXH^coNpX>~`RSjP0!~;$m=c8+c6D;tFP{h%{_uWRZ9T
z0+h`7eZ+?~=cq!lT{C&MLm^{IVp@KEcOe}(A3E)={T`a0`r!7FYHhsq@qG3Q`>mvJ
zld&L&9#~W*{xFHLxllDZh**~Z+!@TI$TCznn~i1#-q+)91`WNzSVgn#h<)Rfi!jD6
z)lkJsKl__094QpAy;;#{fXV7r>cjn>4~H<-mNAf>@x7#a=@HiNDcxNie5YA7D7Otp
z4J&oL6NKoN!A&X&xild2gmoZ2NB19q^^#V#7rNd38A-Dzbgl^NjBb|wJGZOr5v`ya
za3xHZ#p2vx?(u0s^R-lCz!!H_`6{G1)&r74!jEN`4gFBzmkU9cyqo3<mb5+khHVp-
z*_N9UrC19c5!Zv0AXtJ~0{sD%@j}Alh8B&)Q<sBcrz4PPPvjmz&-Peba3}*mnC6MP
z1yIO!ayMgkkOiLF@lVaXGc9G`#1-78aoCC7hYp^M-tASA7uYodB(aNdEB!&*U{G=M
z`IXYJ48S-)rgir!xh$uoj$%@)(xfr1eg!A=MN`4RtKulbi{^0hk!C-5NV!6T%^l84
z?aixiMCVN_b$u_bz~(Qgvw@nW5u^2IhNb&*YfP@~fhbZ5RNYX;8rOlL{$7$uDZL;D
zAYkK(4xxn}rqva$+{L$lCwd#OR#6i0!rCJ)@(W_ZeU~aCYQ$vFIV?%39f=8(ynloB
z6o_mGZ)elL{5$TfG*^rn?g&#0*LQmFDq;PY*AiDafV|R*r~Y1FNxy+N>{SRLRX;r$
zVLh)HcC)MipAil`NE%STfp^?#Kwc$3-d(Sl<dRjG@1t(G<-WM!+#^=FBa=EY0YCPc
z%(eo2_BmtX<`TRC{{X{-bpS`&S1j%PZ^cpWe-4KKYH|Ko>Q4~0o|l0e{*>xq3>D`y
z9hXb0iea_XY~vCC#!KOgUnnzsAVU}vuhvV{sJ>37+y#=snkWv73m?OZ+j5%<r?(ZJ
z$XI2+6LZ9JXY@Qd;r{&o_yvYLQo>lDEFVAgrVWE}O7+7P`f44#Q1zBd9a)}<HF#Vk
z;QIy3vm7fFQHi#qqlHZf)EBY#q1@bMsP?kz*D6D0NC1QUUG*qQtu9l{rfH~y_9V;a
zN8tUs!FjG?rooM*Z?=Q0bif7TNtRrtSBa9&{iMqhNlT?@ja2=ODOjX}pNR+HqzPEf
zW!*O!s-1c*hQmu#(%bcARlPY5(+;qeVWmH)C#H`L=W8CA<~Qp(qhUfd%hEDfvL<C$
z<CYT!D34AG`;AG;uBH$3POl!=Cqe3pD^*&60^QLX$afka$>yvZ*pqMB3E9^zCjBxS
ziB>sFFqvo)u1#H+E1m*3n9*51w%M9~Wq`DAn*lA>Tw*3Jmk)7SQ)@!7Yab#1tW&9<
zzo?R|S0SI$6BR@tL+)hF$Dd4sLR2gOqI`dpLE4bD#byCA=$rA7P{#(H{H+&IW#?Db
z9)PBwrx{^;O|x@j&HiN6q7}$P^fjI&s-U?b`Pg0b6@(Yl47W&<8E&}<1FrFV?e`Og
z#|vZT7}HLW*g9fbG1+0#Ay#TV0Km7=8xgbtSD!1i*dFHyq9Nx9;wk3{;etCzq+HSb
z`Q%mcHPnG9^-#mAi5o(*d0Y{EnUvg~XD-!xBzl_s$jtpU)7x3sfZifSNO>4qV2z<f
zu$ZS}xDgG)5yevpG(zc0D1XYhX*pE5C88u3Rs;bk|BY}U^iUA^e%$f>`Z-`iY@Z0B
zC?SaGLtDZTm3xx{T9Hr>rFI_!zu5?3zY*P-Mv<6M6F4@gI$o}HO`e5s0XQabXCW3V
zf?7+r!Z8DTZ#1M=c!SY*+_@EX;S8eP)yJ;Ey39Z01gIZsQQ`<aeek^k(2NxazVukj
zT^A|XS76B<qQ)Ev362c&mekt8#t6zz$QObEB*wYHn4^bqvFRVj5X3)d56QHS?z#U!
zVgI`8C;C@9!uW6RVEq3ag>u#whJQz5VWQ+$SsiWobN<pQmlDa>uOqBu)yh{82w8^F
z7ft*dI2<E!n#Fh#byItb`gOR=EFwuKTz=@{fd6cH_9$9*suhH06A5gltI?tB^Uu#z
zN$=1155OL*q+OGstq3%uC!0*zdXJXg;8wK5y_QgQx(%Zcl~*Xr@f@5qtI=D|@!I-^
z#eH@``+3q-DC{%Pq1s$j==Pke1kG`3%30Ud2IzK5jmOM5-B8klC`0uF!=Nn%W_LQu
zbjd3^5sE3ULdgpCrdC&lvDC||Sc)({sV&k=^s2$-k0J#xU00~bCG6&$?%x@zKdoEX
z{s1G5D)2HXV(n$>Wo;tM!`^c%`cGqwrY^}h^~R(S73vfKmNYT>_Bv%vQL^5Ioc>Do
z?+98p#ep78=4B3rbGmH}E=QShrQuv1SkjH^h%v(%>a(k6lCoY-O>z^;!a}o<gkA|8
zw08%E_wsf&0h->XA8h>T>Ld{SXHu&p-5azpfh+g4XuBL!vFR*7R5aeE+>nc1rI3?r
za`2;2kja0j%@*PJRysA%ZoF5Ahv~`=0#(s9fMUWaH!C~KBqAxFsItt@C&TY(7znba
zrG!dNfO~IJ8zD!m9p}`>D_NUp=enxAf)qU{!_9(_hnUGDi>S$!@hrvJ0goBS=7ta9
zm4Rva3N)tE@i7UJ&7--|Nwp)2%$?XVk+jVMf`!-9>Dso1)UawRsAR|>pcp5N-q9bF
zBb+kciKxE%jhI67!>6Z_7As-D*+F?8Kl&$+rlZOWm>WwD3|2|eG2rt%FP4K;JoP{U
z=Hkxcj%bjM=&*_~g4OZRg+ucw{4fYv=mf*}gz%vZ_Jf)?1m>l8803vX4pX)K)>j>l
ziUY1F07HIDi)6s40nY|j$4i$E&4bW|ub=zX!)U;PWWb3f0Pe?GltKc{v*ro+V)Cx>
zV>Foigo)}7r_LemIdFwzWOjZ+dVu+<Keb>Roc`@}B%v$sgbJk9tKn;IKraWbJR7gX
z%QsQZhLT?=h(8t?c3q{ib9kF$2>{|(ApERb)LMs{gOKJ15(hXvNq!0>!Ly6h7IDAP
z*xYg%XCu5zeg2s!5h8#7qW^*@-+w^#@2v43w8H%FJGi{fU)N+o7aLPMR|Qi`!!HVH
zWNPear~8Mc$6wjAGG5afffp%g`c_rPl%kR}Yz=~3XO0dT5it=c^ham`lV7Ly(g{7X
z)5rw%ns;I7&;X>j5BHdh(P}{3gc?l;o3Zn6&uQ1giSw^U81HX9m};&gd{m(5CFM5a
zf$QWOqkIIAl7JA*&V}5CyU0J8au&F24^dK8s`x>&bgJ$~e8Ol-kJp$J?MAlcA6JLb
z5sUem3qdTh=<Z!{X&~JwOR%a<oGVr>`YguvHzLWBT_-dS9ic>+(}Y0^+}^OOtnO3A
zVc$+d!g86?WClkq&Fu`pi?;d)6IhJqe3m__v2J;9J@wS}1~mH!Q|X0)BEc^Wr!2${
zVb>l<Le!|yCt%vUShlqN?pxd^u)KGAs46)Y&N4ISo$|jX>b6B3Q!^_Wn&~T2J~4Zh
z6>^US+gFZtyES3RhMOt$3R&w-<>T*lFU~Cgd~7kh)mC`^{un5k&EP2VU|-Z(%&gnT
zZjn+0!iIP&L))v63kD1b^KrGa3#}z}VdKDO3F~z8IkI~d?-#(=Qyh>7R)>D57h|tO
zDi@LdBt(muGGA$};{juUN^9gdI4;v?LJd>{yq<F7#p62o28@u6f7rI<0Ul00fvrH2
z(B}9^L6}r|*K3COvoeRzH5Y=Sq_|NB)&=!f7ziOc@anvuMqnAt*SFT_EGMWCj2bf!
zNyxY`Kh6a|jb;CWJY4CS`Oxol{4tnnF%C%kr6>l%uyIj-9X!+HXfb+Vb(k(zA0U6E
zlr2CJUFt7lx9}gA<iE>$|AUmG_@(syUnwPCTpCdp=_{p7<u~w$^W1zlga2{SK<ncJ
zi9{<DPmUWT4ApL$y3p$cVqDbnV167nAizS&Sew>D+xEbKzSr6u&sW?(Hn`z_*?E-l
zd6i{<^tgS+{cS=QFBB-uGe%agpAfTXC5IwKN)MzS!U{4()g2(9?%P9;17^~ZYLsSC
zrNBJHrenS?1e(Ss3k-Cp)e4j6yfamMlgQDZ#7^T+VkZtjy+3}SwQZ*>?DN#Kny-+m
zIL^GB9vOCGg`UVReW?)n61Agdfo&1?0XdFX({b9u^xk+hajMu~$=YP)>egS@8YG>-
z{vAh6QJy;^JAH|wNcU{Lp>ehqL{^L`o?z$>xGitLQCTmG!SL87|7;GOrXwCd`$CE+
z=q|8Ct)OFGYSp6}HeSE9iCs{ij)Y>>W0CPxi}cCVaJ%9qJW$ilre$+8;+F<b+p44O
z_xJQJS<hA@tZP5HeqchD%p!HBAF35S{F{ksdTfdYw8eR_qR3>-CCAFKLUKKwpQrwQ
zuE@)@csjTfQylg4jx$wgLnnpA$9Ul(bcA(!5n<CnLr09-B)pOR-y)Ap9)f-orO}vf
z<C^4C4K&oE?5-I=<|QGk$8g=P@E-DG^cc>yh+(jeu|(nFcZPtctx69t=%T6msC#Ne
zs(vv!Dj~!pls)(p51=DJj7+0L8dGgJj!Up{k2@4p*>xCSuy+B%Z5S<lYht`R^9-Hl
zKyf67QHF?yPWBW#A2K*OBoR(1dPHz~3}^&ce@dB&Oa>mg?;~i6t*8QTNC2u4K&^Zi
z;QmOZnYv&3qSYG&%p3u6N>E7vLU~`8aKyzyuz+?%Kg`t*M1;Kr>>ZZ3>T$n+Yr0P9
z?JL+*fB3z@$i1~ZA>Lw~DTj6u?5hlpAa(P(hVuqVQk;N=J;CE!o4qa6Z{da*%hU+Q
zt>3$Ik_2eNB$|&q<|KVlVlZMzXcp6m*>Qtp)Wm@w2}t|OXg0pua<8C&z)Ms#Ht+Ha
zUONAAZ~D6=OZ|@+n}M$NKT>4>S!wK#)&I;iU#7r+C6!HOO9y#l?9WZ+QOS772o$u`
z5qjN<z&cux5r78B3q$AvQ&TyuVKWgLOR=<oj&F(y&_g=uQY5rGzXXoXS3JHm_xb^n
zAY$*XA0BqOz5Qat;XYXfegF26mA=m`3Rw(wUGlSddi?WaJL~h)+52&{kivNCdx}5z
zSjajn2{|ohx&fgjEuOC6SQI0@lf@7UM^m2k&{5@+pNdueZn)k@95k~<^PcUO$C@+P
zsua5PnoOW(pG`5cbm(yV#fpFN;B^G8>rxQS9tGbHTkU%pS{HH9QQ-NR-U>yKr_y=y
zjUO^-1*^#*9)(teE;)?4t-uhAMT&27z#7ZoX$kT+0&F)`P_jXX#hxhweHTG5Mrh$&
zu8K-L?KY~kQ)^SfZoTG?jGZUvVOW7iXKa-LDfSL=ArXskUz+*d23x&GW^POQV7#a^
zi<=sXNDXDg0R9O(_`xC*1z`%tZl(k45NfFDhs2c|6*^R9w4B^YcrgDga;|~ExjmnJ
z8%JE6&ehzU76H1m<0OgnkyP8QKz>^R9*(%7TVnx9tWL~pndi^kNjzmU`Gr9eIx5Nx
zs*+JLh7*y6gYbg6d)e3pxl|MOoI;`qOh&VD@ltx`*ad{#f+cj3;5oHwl>E~I-o>T4
zV#eCQ$Q*<r*z|B9B8`MQZ2tIk8I9pCfvzN9gv~$}nSlp2(nIpfRX_G1%t3+x7Up0C
zH>6$RAqx5~iu`P!q#N?-LMv!<@Er!CJ+yMv5Qjm&6Nxyshlq;9X5z&)iM;p&rDkIM
z(Jq|=WpO4mOtAhbqMLnMml7PV=D9FPnRUoE{9gO{Rk4z>!!^~ExQJy!3oKcs<~*HU
zokU>k@pB&5tQi$FBCUpp?YI?HXSeKzb?`7hRz$wcOyIh~SQTT!r9ni+p<odr#tng%
z48+;x+$!{%cN83|AL1D`kIa6BjA<~*lxE>OdNizc0qLh}zuaZ9^!hEijW2zc0(VR<
z?TsJ@7)EQF2=QAS6+R&CyTQnGw?+tnlU@hhhppAw3xCz8RO?V5-W2$cy2p*mWV8AP
z0DoUBW(LZHruyJ<uU}iLmC)2YgDUfi=3d#cbf7jhH+6Eue8;BB`mG}$oO@_$2_2J)
z+!1vZn~v=9gBzEF;t4NGyrf&S36}(kxZoF%RNQf715$@C%ixaJfV97#JZt5z;oSnj
zlx%KOMx--4;P&_%s$KrPUr<wGE6ZDJ$KYkl?6C|vAek56Yt2n$0DYr$#_1QgbF0iA
zno6;Gt?S!Lx|T#I&$z7RlN(BXi*|6>m6=N|&14%<7b%{=xA4&^ScCWS{Em>{kgUg_
zQvD!ZgnOrLWqWC^oBXuHb~H8Qt|>H>uFY)^w|_Mwpd7rQnV6U=s^+e3h*=kJ&sWe_
zqGV%`njW9SXhu5cNW&QBvHno>h`7^rT}7}ZN_ptXQ}2%db@!sWl{0?^+XN+=uV1^o
zef+?^TS5I(=#n?mK5%$>N?xIU;(_Unaf@-D^y%l8{597{&M!cX-NgnZ{MLO3ix5OM
zRJJ?MiQ>|5BoESa>tBjg9b&haOknFt4?hbsIOD=qMf#5QFyd^M8?Su#XL27!wLqcq
zPWoD;4-y@hw;F~r_C$%3+TBrDGZP6!ey;PdlaaO`zAVcMu9pQem|D6DiT}RQSJh;A
zlUzocZz_6Nf5+$xeGIH{2cNIPu9q3m279^C%CKXFtPc69aEa`oF-7ANs@jAMDL|iO
z)6vYr*L`Tin1w(o`M^Wmds`rf0ZoE}fw2%z^b#T~wYM*5XtZVLOnR^k%U#uGWCGD~
zeW!CF5JQ4xG@#>=kAm6ZQRgbC)YYODF*}Hm#5iUuNSZc#k56N`k&raS#h~n-9A;4*
zVy=b{9~t1dphb}7uV%RhlGWutQa|gFL~?JarhO6{p`};=g2|b?#v#!yaHDcGnCsBu
z4ky@JS=we)sr=@LIb=tOu(L@_ON`dLUaB1ML0O9BrvitKrhm&m^dMO@@Z)sR2G)Cf
zY6sSZ9pQ&sRRt;Hwx$@)?j`ROg7Mw`JSj)7Ao>QDWk&DzIPt^)KvhBo0?H{hc@3B&
z8)*DJiO&h)SoE21K&N0bS5GYtY`%s`QYT+2AMgRCM7ebT250^p{kK*quTjf1wr>=Y
zlX2_2w6HmReRvY(KOxu6f?Mafz7;}gL}2tB(`O8&eBY1_N_<!5&Y<(DJ#T!*Ut*&~
z-GLiQM0nY89)}6%=L)oaSFsQ|k|$>f@Yu3M7J5X%l(bQvDdA(OJ1BrTdrn2I9n)<K
z37xR(m{C7v=8%A?uToA%ohqC;FM8@&7YZj6MA_SPQd@Bh5388b<<NG|Nc2L|wctU%
z6vAveIMl4zx?>IL->~kt^7IbM-h|wU-t*kc-*_V#`}}hH)xYHK%YNt-z2d<hve6iD
zT9&QP@+`|g3YG<g<!D2L&hRubpiG26MdK|DW_Obz!c02W%<hkp?(;IEJ~X5J5G@yS
zivKx*$6KLbc1IN>;Q}N%5XlmpTwy>)G){UVe4t2-JAOTClC+aNi=VGJWEaJAVJ787
z6HNS}J?NqURZaFmlxyB9HhqXdbS(CpxL+FioL}L|*o6*~<{${-N8<@m0vwNwH}+bq
zmT#geoVfQ+J;c~{wk%ukH|vXUmq@>mLsCg&+BGV$5HOAG)s51ylH^;?khqw9L_KmR
z^j=N%&EeNahm=s(+d+R(g6i7A*4jTfQgadL8ls%BKnb~`(W;s1QUT<9d;qz30J>jO
zh8N|)3fte&;XF#_T~S>|-wJt7^rT?svw@T#4>+Kl;-Qp<7OI6R4&0jw)PTrV2!^3u
z^|PyinsmZk?a%>g&xcMbE;QCuTpivFLQ2DEYZ%@TDVc{|CnoOS90XrL3?1aw{nl1_
zRv|;E;E%BZq;*L+a|B7wJai{&vAD%emTdicFPtP<5?RBkT1r<#VmyA$^I5R5i#0Nh
zv%T}qyT^*ophnTSQHnD;9kwQqW{>HEygctbrmI^*!6T=B4fu_T<<tL`A}$oWEbm<3
zQ+vb;-YGXY4RciP=RFot`vU?monCD+nmFwevCy$@faLuQKWut|s0d1px_8zlVSBGt
zJhW4~Ma??U3xyF2-U%9d`{Mg@-TF}r4EniKRJ~4fJOg>LcKW6f`Z+VfwADhYYF2*J
zYxv07t#?!h-?3geuxVxA?~RV&;??ntXq#^A>El<*0Hbi!6nfz3_<$^(erGr^j@5mV
z)j7?I1^I?;$;gX_waMs<EP%PRh=&4JUbSkB0>?Sr%6JgdOhTY=QE`z5^Vp>hb#XP!
zmP?GP_NrJ1XS1&M`a0~z_E(;!`A^Kv&2ifw?Ty)<uD+W;d$h0&4q$8LXy!g>D}T?O
z(zd%7l(cUWCdWE78;dx*L&<$zJ~l;O!ZBE$$zBq%YqAF|yy9>?01rsSF87$Q+#Tmv
zy8j$3l+0_##{6ZRx`O%dCA7b@-+y47`Xz?^pTR<aUsbs;>!GjD7r*}V^IuiEzu#Z~
zfs^CE|Hc1@lVhcttB%6rBDb-~Eips1rB6@Ih!3u)2tC+$JX|ncx)>k{I3QH4IN@7^
zBvyv+yK0qcmgbwMew9s)<cnp<fs_N4O;wr&j+Kt)jZ44R-`<+abh@@%uO<zQ=)pxF
zqC1?oJC8CivhFyJHb=v?vE2MZ#-0gKHTknm?zO4yW=NhH<37~$KWC4<H4}uhTS${X
zq=`RsXNxgB5AmBN+K%m0IrC;^Nj!J@YK8{~&h<cH?QLO>^iuB_ml&PQGOi3zLsqEj
z+tP#Yz#@g)Odz7|ZcKi+n6gCAx>UpukLvl(M4@US?(ZfJhhj+E$>Ig*8`Y&_xP+xg
z@0Hr!m~u`E8ggz94&Onkrk@-lx+Dz+Ql|-Lv$ldcQzwmEv?hQ}Qj#RIw@T=D#~-yk
z31poex@ue=K6mi!#b<Pk3?g@|42nM)L?*MlqH_)ugB_7!&^XH?SI@M}37#Dz(&-cq
zm2W7FmosS*Jjydw*~wy8JKnHYEwv1dHd3$koC!Xm)tdUpOWWIJrfASiV+Ky1^tr@`
ztWicAkMyBLHnTrVkYpe1*BkC)okLpBKWU(*V)b}kJ4Iq@Anp4MMN&hI6ED`{ja|*O
zj0(zHp-dW&HIPYhOYdb$!GuM`#P>@@v9=0kO*z{wjM9+|XKtMCYvSuQkF4+QGsD~Z
zj<nBwxzP+_X!kKvqM7R5DhlUGe(;Fr<gQ+`2=L{KupSPJ#iLu@DhsEfFq|YVj+dJ?
zDOOc$YBmOq%6n?*DEIt;^2y=C0me27Qr_)!!NuA}0&BvMxD3+ifzq`L2FHU;h}o<i
z(eUQSZTpGvyLl*rbU+YK9_-zS)gS<Wmf73z%3X&;uCj^|kT)N%%kJ5&=)hAYHByMx
zYG~a;3XcHC1Zn{ALq>jM8!bcy%Uw03u2+N~*JKiMx{?2g>{1QhWW|(GsrVM)PIf4(
z1s=Niw)&a=P1&%<Kcs`mXeEMX5CsLrQg5s@g0b&_pnS4Mb{%8QN`M8V2^4yjY}Qg9
z*KDl*XDXsKv%W<6>nYM*@I;XbuGQ}M_4;uO+PC(@<muXC0@?LMnTDY(U;4C0vyqXI
zK>$fKx{sm4fYGv_&_dzY$On5uXtsTfRPHiBY7(D9f&hBOf*OlpS&A__KZgcX20NLo
zK;9pMVxk!PeS=zB$5&Ev&=dLOEr$Y3{8o{KW-6lu%IQm8DFFI+wLvo@%M#(b`=Kx}
z0d9<n{2a8K8VTRnSTy5_h8xVt?o(28*W!?j6$AH#;^7q?80b@tNiem32v;lssU=A9
zIP0ViB?EXdexwa0e>X|h7}bQ^UTII-kOdObO%#aFO0$zFh9Yy~4;j!=8yY1h@0&j>
zLzu`lfz<IYJx^(oN#)B91r5`uP6%z<=^AT0Q{1V6A2hE`ffpCbwZmPRkWtV{z+?jG
zjbUxszF^1pXU_$AK29n@hY(m-65{*Lpn(adyBA!13Lr}`hrmrBgokMX5%F`yB4rK|
zgBGA*Yk*I!N!>iXKDDNR1`KvG8G(8D@rNd}bS^uU=7%!A>qD(8j(THZI8zta0UWRf
zqQf;a`i<f{>x%!cOF;ChE%u&<`)sg#EwW$C_$hb{-8d$QA<aVYlqC1D+tJM=#b~ia
zXhuj%51!T4hW+z;wk3-5^wg4V`#!VEnSuT?#XtCmK``Xaj1dr+4fmc5`K4?u9mwxj
zbm+(fg!64(u_T(Chk$7*16JW88_;H3$QZ&w)4f$EHx@uog8vt1?-V6k5N2tnZTqHe
z+qP}nwr$(CjhnV@+ji#Ms_xZYtL9~DUjB8S;w@H0?DOrtdyyr+6_w0?@Ri7w3hwW`
zHdaV=^w`-~qnJk3W2Gh;0lpJM^S3kFFNkX9!HilcNE-9ycI8R6T{=^2jWl0KusL&V
z^RY8zzbif2OOwJTD6f6ehxJy^Nk3>8JL~H2g=p|7+oaJ7H&8jZrQ7Ihz9>KVisO-V
zHu5=N8hHxxXVe~4u>6EhtKP9<`YImV-ZruHsvh0mICE-?E)jVt%csKoEPWa&1UM4c
zd3^8gMi0to34SqImY*$?1zEiQ2I|0<M5A0Js?3`cUu<qi^FP_xu>{3H800N*oNWHP
zjeDn_@SZ<8_vYHooo7AK#Mmvpla9dAUhkd)vASX(*Gah7GMXFmR0Ozxna0@7zpM7j
zoc4GFE8Y9&szK(wWdixWv98wTT>|5?w6YHQNO1IeT7`LI12^RKLh0EIk!jsViFvom
z_Ld_K)y%hTMzd*=ehRAAj!roD=Jb^*vGJ5XzP`id+#dZo`w~*HbEd1!#tLTv?sxe?
z{2Fk(kDHge@NVPY8hmAx;SsH?dgT3y7<oPS=KEDX1%DHGD&piDf(Hs?3@{0~iVcXT
ztlPDqWU(np(UAauch%=Z-tL;UTr=pK;X4dFZqz#!d&BakQm1@NKY5!<r^AW(oT{gz
ztnrDk<A*en76P&$YFKxjZ&+0<oJ+$BY0YNd$KtDe1mrDu=$gUZiWm_+rR5!RR{RZ-
zJ?KFS60RRIEq7(PpTCy%a(r&B#d5p+!r-gDN9N=kmwQfAS`Yc#gndzInYwB-|9<-Q
z<d4ai4iA#!N3fZK=t3^Z`I~qvt}o*Gy!?&{*{6^}Q2f}$sK=Om!hd@D<`JVe_bxJT
zB)&X0q4GIIxStz%;@({{P?w$z$p&rX{DaC@zIgcrM(7<cQF9TAN{R|`WT=M^!E9~)
zSTP%t4&vOsemA^f=s;AAG&lh+5vC{Q>&Ndm|IYTM6;P1o%sbV$`2PCUD0@5Cb%wO~
z!928qzbu)YqC0K+N2^KHsw+fOZ4y%ET<?6>*;ho+Vm!^F-^DkjZvLIc*C)Iyy<}Sk
zy6bq}JYU9>EoT=2(l0()<NkP)eLb1Y<);WGwC%06`5OQdi6(>4?s3w*&XbGAEiny8
zsa-9zAyq$LCQ<9u4MfKSuGiy2OG}ebA=w|*hAIX(U`1a$*00c!_Y{PkxfULLbLs9&
zmC2GhlK1xF3-1@QLM3T_Z~P$7#W#;{4uj#D;5VhhS)NANu8y8`G6JDDYXRH%Y@16V
zgr{LA$M@>i*;;ZxUT$L{?zXs1hsBxHXXY$;mfU;XhOv;r0?HcU1sx66`^uDs$oI2l
zSR>v8z|r5kPTX4`70raJf`-%e)q#_?9_^3N9@+KI#Sz2Wz<_`cp)oRdaHx_6fuI_Q
zp=i;AWg}O8XS*^;T#e`-vyQco9rY}c@!r@!M~F}6OrZ=HE>#V@)ferYZrc;iTYt$;
z9a&8h(915Gd_O%LsZ$x78aS}lX~5kmts}u->^U9Y`HWDMcwbl?Bw0G^$-ku(XPl?k
zD&?bu`C~D65Dl=>hJh030MobyWKNB7h28n*PRo~*M9u$9%Q73OeB;f;vKXO7uPI#w
zqs^I+-WTA<m;td3rJnFtudETxp{uq%b=SxAn?{tzSlU$~U5j4`P_bVp?y|1jA{eMt
za3hH|xMTiV{dTvi!U-mfp9}8K=MGq<H<xM}vE=J%$c8V8n$dP0AzJxo21v=YGhGX$
z_EYg`oY^$dW&BwRPq7IEfYQEZDecgpuV%YIvdI2`TcX6?z*gN-*UAC9Z5nzJ$XWfT
z8QF+<SDEO!0?0C+eG0My;Q8Y;fOd?}%6}qM$jJVJMI?-x1tsf30iL8w&Z4GoXCPWY
zj%d|vByAWUmN1-?#k;O}FhbNg;kcC6Y7TH$*D)1K#V;6sx1LIO2N^Qz(-$*uK4gvN
zL(GFp%uCFZ!e2}9PtC03h7XJmYHA*0hLqElk~Y$6m72L={k0}eWLrij*ATJ-ZT$Ku
z@KwZIA+F^nz@{`_v;!IQ+C;**k!9C@H)`f2ko~PNFhxuH*u2SnVv_T3$E=DOx(?4|
zX$PV+^Y`%>roKiB$OA~|CbyiUeXgp9^`|VJ_(WZ<aul^d>KI&viw)a)dgka*(`q)C
zH#Kt`DxX4LCU}ishuccgWCFKkP%V-cJ;LXb3xVPH)2+n4P^0g9#N0#o%@id%$0D34
zig0`jnHT<G)sd3k?Ozipx^u(TsT*ONi@ESc_EFomE7h`h3w%-Sgk9}%=Zte?Af%+b
z!Kb|;9ZiM9a*cPSpW0rK@o-<_9P@~OU^pCz#%A&ahvgF|dZDUqJG>~s(MI3z#Q9JW
zoK$(@nL0zW`{3OU;9AUyzeMO5Yz<`nqeL)Ue&C9=Et@NgrKH2%l{A7^?C@!B8Z)XD
zl@j4)u|&jN(Oeuw3SZ>I+?`cwO+j;>f0#?n%YV3GVTt}el#H1FAbneSh}+!f{&Z@B
z%Up!4&3O)Dz+@#L%Z4iWTo}0}OSvNjUB4#MltKB>?V+PgNL@Nvo_tP0SvA+)p<9#l
zmBU;XCF?wQ;=^N?YTRpYvjHvG`<H{(jBc6&_f(l~2GyucsL3`HeE&H2{kmB{yD3N3
zvMfY$)rSY1+NZnYg)3^Pq)Bn7LcIG>BU<4$3LT9qf!<k9PT1q>$jIHAkJXDkrU+75
ze|L2A6|y;D^={+H2eMU+^#v_6;!;yyCCHX&#cE8dg*jto@xD3WL>^aVj<m9HT3OD_
z|G=6vX{N*mB_C`<mb6yEvY5wM|I%$vt~|mwavdGPJ<NivM^50P0D+5q;IJYDec`=3
z-LO0HpgWW{khG>d*43frYZLBz|JoT4{M-;#TaCYJ+!^N^V4n|0Q>N(8LL7o_8v*1^
z;h!WhNQcg>8-cMte)J8e%`>7-bXy1hCiwhWANSQ_w=>_f6kr{_67c#==m=J`F*$qD
z_KgDW?Aa1<l?|R?vOn(X-hQb^pY$ixwg=B*{L8|FUjHC-(Kt(IfAyjuF$?Zm_mAX<
z9v)@M%$9P6E>YZS+Z^FMg?&Vg3vS64ESLKMJV&zkxkwmMXNUpE{0$WHMVUAa%&__?
z5#Ge2#-vo)i$W8)N`dg~K*6TM97-!GE{kK`iO1?%8DdE|Bx*B7uA1{gCB&DG9c`|w
zvI+4JAJjyG(X3TjD`bfWSGJnL&1KXMNLG(=?izzeMu-l>CQo(INEMrq#mlS0XT}}*
z1iHgTV{Ntlht7?P-W*odcAl*68`q8Qv{s3e90DBe;UrG;DB=<}J(5}7%$!7Stpvs$
zZ*6X~14fDj4>JiM9cAu{rL0>Qm$~(o%?XeP!e<&8Ym&~hYy(3rmjPB8ocLzZ^P1}S
zu4rqkhmZoB7^#s|7D%Z**0!8W-+L!E6`T7`E^};U?o~|`o9@h28?J=~LDEk0z5G-2
z>gXu4aji`zw7f#Fy2+Q3f8sQAB%AgDtdOWJ=JnZOT8I7xQmae`ObyS=l^P)F+a1F6
z$g^eQuRS$CM`obmkq{uIAY`QoASW`(8BTH@DM}ui@rf<DGvbX`LjNm%+6z%uXM))*
z{-Ca4Y)>f8H`8{^SYMis^PjkqPY*1fzhv`5+5+%SBs>E$&i+Qu@pZ+ny?`2y=q?Yy
zW09lh488$)r)=jEKk2!S(j{fMi|3f5)}AX3(Ya35`KPG1TcF<Mpsw7qa{19az_5A3
zq^Ck@Rr;s122yO!-dIkyXC7qVfw?4P#6Ozz9r&;DEl@H$@>TDNs;rD-;`HD>nMR1N
z=N`p+0YxYf#N;YR>Ed)idXD80yM=lIX0-CRCLgdT5A8_H4{hm-D3#P9uBl&X_`8YE
zNX8o6aAY1|wBv{NiKDmuLiDG$SPseFSUoW2@)!jE517+mfu`n9k<V+uFsp#1)(I67
zUJ^xW%TrcR<|n96`4H?)Nl=m;v5EniXJ3J?q&qzH?@pSFLQ0<=_o(I`;w;Q?{)b4~
zdSNAl%1#R*W!hWln-uav(&J*)tW?64G%bs^k`*~FrXsQtY-Kq!Qo<KrB=BTHE&L6h
zn8SOhlwkC9{Pi?}^pFvTb11;Lzx;NUvZfA(Obm^zixQ7#ah2BG#;+_ZQwCGvMPh3s
zT0c3tLwh7osTYYmBfDHrwKi)`{~Bz2r&z1e{`D*dm~hclPv4)cwc?TynP}G&wk>6C
z$`%AW+$Ni1y`qyp6Qs=RDJ1a~CY{?&v^!R(2pqqj$wgXfEVP@nIxr@NyY77_#ru8c
z>(*s3I$<zLFp&{YWzUaJz23h9KFO1eIxrk@D6q`ll+sT{=ZEUMX>y)_^)UBGK_PAz
zzEqV28S0>*cMmFEHZ==uE77;Moo41;by$Lig@i33KwFp;+q()S9`@#*Rs%IxEr~X6
z4@@_eMQsS{=bi>0oednF71DO9*LxI4^Q5iaWuA5@Pv4eUtf=2_=2Mo*>t4KTCO$Nx
zOiX^r>!u2Nct9N=`;gPg$-5?XfCBDKU*^}TnI}T(!Xi3}&|%#2BMU#l^AD9Vqn-cj
zM?MqgjBLGvZsy~0hTN#W^uXAj;qYJ6=C2eDTa%atveYwT^ZCo^Gewl{PF!2$PUzL1
zK6)pJH%aBey?PJA8`VQuJ`<SCGza7h@wR9jg)9(~fUAtrlOHH4Do6R2l)z8z>9-S3
z-vbZm$m4%W<gbgj3TRIP++wU`BJqZ8O8wDCcK!?c{uuu8F&`_Bm{~%Elo~!hEM^WX
zUs7I9PQs4+FqndxOwQav`8si3Pc9K0ayk+GNF^T|be7S>f$OXyQcGOMhTi)ldW#+>
z$<7<V%^gMRM1bm$@b%mEFs&Hn$2dKaWT9I7wI^RxmLf(9{Pcrcgmaa;DLb#*lk@av
zoUX+p5?G<v%$Q8)n_On2j<>>AZEYN?66dKw@s3YH?zm_wfU_;jHzO@>wo&D*rso&_
zKNQ7&R1*9RWB`C9`u{3g{&#}w|EHq(zy7TMzaorUG@<_~iWxsYlT%wBTN3)>KtUK_
z4CzC`33m{(2(SbR{785Kck<1HQzRXxj7&QjcjYUVe^xqaJ69^zYf@WGx?DF4nL#XI
zTd8c9H$K#Dwr^@b>o+^QTvs=2tP-yLZhDw9BuEL!LymTwejfW~{C<A9PPN@{o|5DM
z)unlCwWGwg*8=J$-ZGKHgdgj)zur2*{bELqy$4~*enjK@&WGBJy*DEU4bL0|JO_e^
z-eR$V*(vdY@Nfo`7-PE>0&hL<c({*;;-ismr-q7LG5jJ+Iq#dXcSqs3-n6(6M<lo}
zhjufHnoaAF`A{nJoDMy@@ejppr_k|u<Isl>NAbQu=sfNibrIv#Oul-sTimB(R_~P<
zUYHDCNHFc%6~g=wa`GnM#Mn~z6v%!gx_>pecTnQ|5P|sI4)j28`#SD#-6v!8_V|M3
z`kJ?L9;D_!Q}*1oV1CNXzthaW+su22sK2D8e^zC`;*fu-GH*HWu`zEu8sPd|4t}@Z
zaDC|x;R}Czv2)&v%yW<yfBBnbqekhWk%oe@iN~3TWmp?0kMN}<NID?{T7!3RVaNs(
z@K`V;o}Nh#D)8f+t?qC1wF<ie_S9>K|FssSmRDa8u4N)Aq{wfT4ll?4^yXCdQgkzo
zpy+84BE`CdxX3)w6w+)Ll|ayhX7E%9>(C>uxRD+R(4bx|c0Su{9?D8CyICQ!w0n&o
zNKrcq!q-||$-P!Xl?`5_h5SnpQBY}KQl{Lp!RV#!=E8{%SwEg>p2=k*y63l;;eXr-
z&qNt<pW4iT6Z700lo*tdRmd=oRZI=R<(+LbdYc<6{^3=zlO_$}0wG}(G&rd!&G~6Y
zgKo8`V9v5<64Q=>u+iXCTpbOR(P#{}){F@|v>4c8*grpwziTw_mjQ!jnw5VgW%1c1
zt&uY!>1w|5WpWRGHbdOXv1G@)lEzxBw4$v}i1BbF6*uSB0xl{V!76(tE5eyISJFKK
z+Baq_6@lT2Nr0$3D;2K8`r{Cd?g-mYH^4CCo>6<Vu&g|r9+08w#$8ZF1KGoZcM^ZA
zI<4NQu`vT#9aHK#eY`eyUf5cTM8Vrwol~hE)cA$6n>JPKaas<e{*yq|8aS;IJ<pjq
zTXWyMQF8&d8}c5DW_oy#HcpWgm7q-8CXE-$l!21b&E2r&Tz45woLHH19)SoIHdabD
z<a~WFynU{QO35P^3$s5MGLVeskyK<|f)>{Z$$Hh)NHN<H>(mI5YJ#{reJWpY+@%iD
zO?K!T=;T3cN>J6sG+!sSgeC*hW({*ggJ4U(77-4FiwGwP_^$=qa^*P~Ph6PryR%jl
z*vnI0@9zWM4lex@7-I^JBwY)C0U@R89Ye55X5}371EOklhKX`aS<4ge4!-kpW<8em
ztaLX;>Am|3qHA&~Rl68_r#&O>GN>Y<AfWF29gyI2umCHX5Q^jm|4dB)P0r;7(B-pm
zGhZT{u@97UW)$KYitIC(AO|pYId*G@O~x#=1U`*qCa{uV2~^5FOol1tQJDr~PT8C_
zr(S_$=AcWly#A7=^~F50S8%hS(>YKrYsiVh{ZY=9I0gemF|um-l0R!f66U3-JeCVj
zw_GuWK`%iQJ~)F~Mc2T0gR>fYsfY*3YE@@y_=IzTAS$z7X%tFjF=a+2YG=BoJFGNl
z)}ujNJ`$Kil7|r-+-VcJveYo6gLIHHq`^k`Y}H@|o+xz)nj@MbE{&nFqB#SNfxDu4
z1^&t+<3KjkRUDL#BtZriil%HDMROo6nf4DNfqDTId9i%a9E%b2RL#|@p@Iq-v&)O+
zxUnoPx_TM^inTtvnvm%sWcsHJdH$TFB~qLU6pIpc!TwcBW+#x~ddd>vqGgDt1?*v$
zpjCxTf$IfAzed@d=SKdVsK6ykjZ9&SMsue*w87^(x-y?xIM(q6ny++v&E>2}3zmIm
z%|Z>c*@Gt;b-i{^@LX7!XGm*=NHG?#Dy8>Qd!(HFACE)%Gs_v#&=p)L9U&Sh9Vrzk
zAL-_SW~BlM8wGMoRr^6P_5J|`(rQlhQMU|s=B{u%+?FK8w1h+8m$L^Vlw-STOyVg%
zqsI)|TjL?{umoQ#&6Xv%?9E4}KW|OF&bH>0>jh;N6emaCH)^ZHF*Wn;D)$!6-Un6~
ze>#+tdO8_T$69PpUAX5%TY<FXgW9W(8MIED95QS)z10GJ==Awvyt<Z~)ny*b2SzU^
zD1#j87-ka?dD&7>3bU{rS4~4p46cUF&yUcFv1HXVR@!6Za;*!O*|8yl2w3m-nIk^Y
zsw|_2MQ@?JXS&N9^EXwD>;hiIsS}Wx;Khn^zQ>7g<0x1t4cTre$22QD=rVT1AY{E^
zn4H!KZBAl2yl6j*E1}=tLDBju=RACL3%0QL5js6qY-yGg#Osa%b`&HM=X-dRQoveh
z2qu<NU@j?^t<g~qHn*v1mN{=!YA&YA1orbuO|O_#{gQ$7OaekE<`qdh)xAe@;!ek)
z8Uq&}K&GMdl_mp4HFoU5q=(2NbL}gIwkP$CqOj`{Cn_6AhQ|rIW3T|`GC5F=ch=Px
zZ|tKJ4AbaWG*$LgM+dSs4wtT6nFyxdA%tXik{1nRym##HTB}DgRJkgM8)Uhx?Oc0_
zio$Zvg~9S4&2nT~36Vjf9W|>S3R$Fk1!KhRl)F4&U8s)D8aii=%Deg^MnGEr9%;^k
zA(6hf80Y#&GWm|(9fJxdgG6;2e%&BVS`!1Q4L(h<fWDoSkQy0!9-B)5QZ%jiOdtC3
zXXIqsugxxCkG>Bb$i?uf8tKl9iBt6Qnme#esOSPHQ$Yt^oGqX}-XG&Ty*%8a*k<aH
zTv7b1a0DrPbnMzghgNtEB~&2QwgNo@VP;YjQ=f_v*Z>lg6I~cH;Yish4|l09ioSHY
z+P6K568$NrB;`eIre7j)ZoSl}i&h#a)NYb#u%}#>cPXXoPLINESM??xrM@Td*K)PJ
z6%Ni*xB-2a3DopKaZblZQugJ9F{E+*cc5d=#o!4gj0_|qlq#;#hgjrLQ{xJXWX-PV
z@&J4SO8el%W=6#c<OT}e;e|PAO%IFhV;PFJ^`CJ79~!U%s?s$DP`Vx=`N}b9YXunk
z((X4*x;s;3mxqB*?hTft2Z5dR2EMB`2@|0ilAskuR8*xe1jd-Nls2cA9SU&N3ejyk
zI3^pO9ahlHETEZMaPwGQIQ;Yg#8R0M^ZteLoe=*4tW8z$(YAA+v6%FHlCH-&ZJ4&e
z*<JM*;k{)*k=R2(`7@{tq_+pgP-6<v+nSklR?QQE$udfx!%j*=pjETW>c1dlJ~nqD
z$l6ykXon58p5bFl>m@O!aOs9|MVoZe2JhfK2>~uoEImsv{f9R;V>5POS2s|D%BKn3
z;Rk;Lp1&c}NtLl@=LXsstXtJdwx<Wg>C$AkJ0ZbiC4B0!!@j}_0hQp@Van_oJ%l@`
zoZG)7sGKv@lDCDz_ZWi~ZAKeklO-6r9M<C-ug?tt8Vr#;REpS|gZT@LtA}3A-_#iN
zLU2cM6>#ZuThKCrphev<2bH`3P<<dZ?c)NxehLHcZwW92W)m;7_t0J0PP3ULtGGM9
zoTG=pcpUVCN$Ogpd_tc&Kw91qb>FHv>|P`i^9yXD1wa*?z`fULrVYb}c6wci(#|bS
zQx-0Rw~4{XGHH>utL0ZVZw;Yj*={96>I>l2<cXqqL3~=%c%40O%{>)a!{99sWM6o0
z0wL~ImqDPDu}NyD^i(){p*guSbui^a$b_JhhIu8yQEU0n0YQSi)pT&+n^_wcSTa(w
z115{cZHqQcmIG?-zAy5Ih~5U#Ht}{K5(VY6#H+@wSo#m_Ii!XE=c@#`NM4jU%2$`V
zElL5lPPGH{<<>-Ir~0BQZQXTyK#L!m+My~~=QoUl8&fyWkjX0x?dE8^Jvc^#tUU$a
zAm|q|@g10=JF-Q0h;Mh$wmZC6If&P};8jtSJuu6mXeU-)KJS)r*SileuLRpZS|@s5
z;qBfcbNK8+QhQ47u+5W^cdl;#^%GW~UjWzH>Y7~NV9t}+mPnaHnR0MfNk+RE)LxV#
z&rKTEJ&6S@Uh>AhNd+{#lma*5^FF@VzCrH2z&R*4Wlv}w7QPD~unq_1+9q?51f*Df
zUQf!}YQ<Vm&s`&U-UzQZj>wX<YwTdmouol1U4I!wd4s=HnzGcSZv|@JUh0r9%OR<E
zqQEml1sI#tWULwSAKU%ZXf_YDJi}|+ZjsvqChGkWt|zM4#~PUIye9mmryJH4E6sKq
zt9{m1eMw(lDi1Cx#^6Nw00UX%tZ2R@hp=eAG>`T0KQ{)U(gLDz3G=SM^g&%jVY#UF
z@J+bm${^Ce08Z@&T%djTT+tr(X4P8;P3vRk+Z2bidp^p!fm72;XYu#wX}N+m(Oo&m
zwT`Q|`<Nqy?og4YxR1>bMlJg~6y1maOr5v`8ft)|u_w<Xxm2x%ba#)rQ>6yGe-%!y
zWh>D_R#<0B=YPs}nK>WWU@x}~44A1}`M*Wy8R<QB#%|i+^?Mq`su?qTVS(2$9N%yW
z*6H|KmN-l*s+LqPxX09q(mF2$Z!!<hwn)|4-nYdX)<HUE+r!;}1+KA%Qh~`Iu_N2y
z^#AR1TfqIhX;A+;QGzZ2LF`fUu3b|9Ia>PZR8T?iOGkBn^GTqByZCb<f;fcAF?7m9
z-0>SVYJBDj-&y%<kP|C#`{gi(TN?A;@Q}!dX)jou-i?9%gYg6Unv$4iOp@kktcq37
zvJ77)pIF;dU%G47kJ)*tC(75j1xU|L&)?AV!9*cPhhLkInlml;p1eu8H?-C7L+f|Q
zR-a%R-WjwwdR=&WSzHrl3}a%BneN@;9`{JG(6?Ji?zl3{w7%KpcjmnATmpF62Z~1x
z%29X=+T1eBZvM$TBFmwut9$6H?WiXR-NL#<6V6DrGZ0-9cs)})-IS9(mkKC8mU?Cj
zoL9=bVQ*>^trF`#^aH*~>VBW-4!D<N&Y2@{{W21?)QvOoQW8sspvrFK^pBUtptr<;
z%GU)R_joNOnCNO#-^B|dAR^eGu*NUFnFqe1FCa`J@?T_vLkkDqp24>ct91BDqI&ZM
zV{Yn0#2*5<PkKt&k|GQc)7)QP;((Z<Q0SmSMSqE}aWP>n+BAAziEEKVbH1P-?sAs{
zs`acn?ZayLc5f~)hiPPc99CN{qBa5t6;AW5_@9U0|Adp!adkxO;Q;{PNdD_P|G$$%
zQvb-J|L=h|{|8R`zs{Hcm2YF`_`g|tElBTdl@>m-jHy?X2N$WVRw49K=gAFz^kR$7
zVhhPq8B&`>L9J9*&i72&jHzG^!Ki$o#_;^Bv0jwwKtpI&o1xVMRS=(Bits{}ytr5S
zq1UCd*|Jp0uiZ}?rroJx*yg>(-MIG~-<ginui1{%on-Xgp9KNJ%-K(#Cj-xEA+-g+
z<T<~EOOhw2j}Y@-1;M^zwkU<q6v5w;1;4bpx^p(ew>GHnxG?6A9KpWVIdM;!l3&#0
zKSPnf$Sr)8Ph<)|8VH<~3tENTr3-q(@2zhzmD1!HDzpeD1#j*AIZ?{4RMq6wmD*PY
zm{*8GBv4j(lx3@bgT#{W#PLXYi%{{1JSB(Cs^6j?<zdqzX5Htr@zLaz*Deb{*GTh5
zk|f<3<rLg2!_Xei3-^)pEDXmn3++198HM&U@H9utqT;SHNP@F;29C8A22!+399zh(
zlyiwDG*f1k->C&mXg8j;riQ?+PAa(d5Y+P@)+zn?kDWl$LMT@wc0?#wq4A<rbPx7R
zx~2EQQqrOdL{rq<+auH}y=y0?DL++oOCBs!w1%cs?;*>#NRyjIk6R37x)ADxj%8C;
zE4*{fbLfmU=`698cgi0?DfP&S$(7y-Q|Qp96t;`+OyR*jq6P>`2gIwh##fP|+*ZN7
zf(mRrZOB&^k)ud085VG3T~}L&I?)+AE(hoB9U)bd)v`yAETdh{rHeEN6nNq<)(c0u
zg0u+FC~P7^0uvqs@9WL8a%zuS?E}xX$4?rCt!-_{F?NxnRzi_mc=m7H=`lr#3PwK%
z2zpxW`oEZ_Z`8Y8WAJVv$&k|LEL{b#hB3g-8*7#Ah;amasCbaOMcb_5UqG#t#_fw+
zNwUQa6WDlKc+lo?7nw#@1mH%~$xxz1pX1{ZzhF8eq=;H#T-m~zj5Ff#F4Z>|nu&^E
zGm8#$G}qUyEJ|6Vras*A3u!#*GYfJ>r2d*;k1se`o-EBdTPiQ$%qPHv(ptd2Nb&$A
zLb(xakVkg{rEE?F{gAm{j-$TUaCdRnaZozO+@80rGSF~B(lEuqh!Vn4j1(8{ODSde
zE4otwp(#0twR2%fmmbi&tlk;(Xn;t&np1(F{TZVZX&rblw>RDrh_X1BFof<0%A885
zpPDn3{SEfcg#(EoPewz-#qS<pSF&R!5(sAUW3F(!yiW@Fn<xV1cBpT#!A5P9n=K)S
zh3}!g0hyQ`&c=9r=7C;1<LEKC#NjQiWcGY0{KGYGo%@#+EYoHz5`Nf$Cn1uU>xp==
z{i$`MMwgmOme?Qyk0+8MX;Eoq=y^w9`}U$<G@#oCDy)DrNG>+b+AFS58V@0Z@JRi+
z2Z<oAb$CAh=3<U$uZ6W_)J<^y7!^}@HzArRjUnN7E6OMZ!}Y-dCe3i|Y_5y**_=Le
z$X9CeQCP}==!NLtDSIe!$6ETS_P6WFJgvw`nK0{U3P<M{jK1M_oufJ|^IYcH6;NoV
zCQCy6oqiVN$cLmSBXwmLo{VP}ZN~yb>8-KGpk1pqkA6ATY|@Xr4N04Dok~{r4!I#~
z3ABprnSe2Cu}RE{o9AnXoNshKq?%*li2d7(SSEHB+G6QLeyBUfozt+wU0e?nO+G!|
zOD&z~&B~cYr|90bS9m{sga=2YwZb9Vi^bC)Pk5o?z659WjK~>P>DWOeS*ssxe+9^-
zruUI+<K$yy$VjI`eqq&e`q2eL>)r(nIqmJjySLe#H!Gbk`%c72LQlJo85NB8ggkqW
zeViiZ^9-xB!9wk33oTBE6rk?jq#Iak8qQ`?X<s}I&n%NkJ3@6tah^7BgzMcghHp$Q
zd?N*-qSrb1c=GOr1IsTQ&Z;?!caWLHDRB%shv^)mXKIO2TVmrmSN#tJZr+L1Q={nY
zkv)2a<jPcDHuWnvb01y%FT|gpdiv>$q!uqiRH*Zap%rCgI79UvFQUan9CB9z&)_63
z2Z^{#Qp#t|EH5MC=zAC-B{i^pOr2iisiWMQrK)!#ET0Ix=D(!-+X!*sZcuK^Z<M`Q
zZkRE30bX}v@0z6{x16Mw-ne>o_po0KF?L6BR^CYf+tXi=F?<n#ACU+~(wfmH`i9tv
zZXtH_Z>qhp9Bm_QkGRrNa+Jju-er4UY4OLRy;_HI5hpwdLA|8J?qy3k1d>H|f2H1Z
zd*L%OM_wO+#aDwb_A*5-HQC<P%)jvYf~f&wUP@zIU9Mwf8ea{3K|Jt1v9Y+mZ2(DO
zpJz(>h4Pi62bJS2yQTc?JU1#GaChon&v}biHA;PQ;fTHgVpwFZYkp$k=C+6%VFg-y
zYDz4W@(WtV&1=oAZ0^9NY2ye8Faibe>b^?%2+gZ6%`MZ2L1RY4N)ryXp!_rsw*~pk
z;PoEwkf|UJ@7A~Gmll@R&XYcBUN~5&HbZ4imQ^e4OuV$JW()9l-=}4+Wo9&f{Oh!f
z(9cAOotL5fL=R^lkjvHRS@I}*rMVo%Ii^ez+Nw{A$+TJ_Z7v*NBHB{ryvov97GDhN
z>j9aATaVuCUlx5YGAzD|A&~M8snSac&Rz)+fHxR*UWXl^E(uG+ihTOT+oeL6XPIm?
z+Dt`+%#?VwoS9ut#*VeFv@&;;Z{&saLzGmVEuVlrRSwJEpvSZp;LM6AF?CO%-AKH(
zj2zDUBRJsJ8=pNZjj>CG3Gu>@4B>B=-z*A_&4i<?)B%YE{~o@V50eosVR&4~Q@}J9
zQ8x;4Mu>EsxHmf;7|;e0C~#4Oar7rvoF{h|P<@HSygKl`!AIq`%uFC>Tky&<ndQbw
zIdl%@Elsx&;ne-Z5n+8q8p+x5B>4rnwLy~vh_1z2Ep`3f#v;xUx7<gMFWJbAC3*Wh
z1y8xp<HXO#LzNj<FfPv_gW9URi`sq2_l1?@>>SI!l*UAl)JK0eAy-0*w2Z_bCYWkZ
zY_wW~;<~3%LI@jz5vbRemlH0oV~A*$x`tLXAC7(<Be>Q!tHc<}O1WQSh+fwRyRr49
zYK7k%b)as{GPQ5`cC=YAnL7W{8CT{r!uJuBC=a&ok8<r$Q1gfL9a%$@0)4<0Y?o7K
z&$5<g@>8Kikp>yOo2SdgVTb4x>U_ku{>!fZ8w%Y88a$D`*{XqJumqoz`uFPcsH@n#
zgC5(9BG{q&i22b5)Ee<osZ*b8M`F#>r~hCF<t;Z!tdiUD1lcC}FhdH;;@qeO4u58%
zZQnasvXkkRl`=ub)wymz4Aa*AWDa5Sw>7|7ezzb@QDWPh89VRXAR{i<w&32JaZ(=*
z9-~^FyDbAFn}xbO$Wo-^w;i9wt5`!t_--s!{|t%Lu7huuvoD*K;Wr(llKtMQpVNDQ
zP&XQyESkL%8{X%d(1D*bkIujNJ^a|e$I6R3+Fm8^U3?kh92cI3OgYwlx4A9~mqRY8
z%mj|jgh%P5Wx?ZLN+LX|&}Q(cvNphG2Xd)H)C4RE)K$iiKQk(v32nN^7eFT?hG6xY
z#a|JyC6A0iX3@Y15LU0iKK(`J&O}~m;k9D-Qvn<53$;a-H(!(*&E)9Da!0;<U1g{<
zP4Df-rtI25H73%zXXhZ|CkAR-ged5=#3*HF9kq2iP+;Y;rGXli5a1)q{E5nMWt4JE
ze6~d%=aa?aWHk8rGXF}r#pa7a<^oH9$#mDnc22dH)nz#%SEYveHuR*tk_7CR#qx#u
zZ)PxI$&3#R>vQ(zj|%C9it5VqvU?ZWI;n^DG&Hyl>p-K7)s{R`D35NmoNwpMFWE|}
z2egc(i^lQ@z@#l>vW~)UW|8=;Oj5VbuaEj13u(hE7^_P_>z=6%PoexyQQI$^sxnsj
zMNOyjnVc%(l8q{3%JECy<}A?`ZYd_#<eA`FGu#a+yi7Tl=5*%TV^D86>M{kEx`DPB
zvq{C~O?{Dh(Q#~d<bQW1m2TA+WKef9nNjyVY8@olv_)k|)R-9{?~?>{@0om1WtnS~
z{HBT+G{r=;dDJ~0T$%zh3ryE-e!WuB4@#E#C}&!qxXg3%8pG0MZNVCDFmBR0tXx4W
z57ri;PEGN-8J{J{nQLzjm%El`SwefryR+j2XCj|$sQzP#PDmE?GhJb}B2{6$*g3MZ
zq#<=R!M3>?peFB}i1p38M}rc9L)WYkT-F#afkWD<i-P%}wP2}&F4T`?!B=vBprR*~
zd4|Y*muR3jIK$hJ7h(<}n-Mcm-ymg4Nzdr9%zX;1;KO`Zwt2^p8>)g&hKs;*rnz4L
z9*F)u)vah=P$G(bp(d@o636^{Lj6?xG{8z@#(K?v5pW_)l^MB3nVfDht33QpP;)x_
zE~{gzHh{2m8K8#Uc{3Mf9lB{}xoZ5Ux1=>AweUChoiE}E!OK(uWQ8$v-=NHiw8fCl
z4A#Ant=rPr<l<Ts!VC)(vfHgGXaIij^MmCA-b$Z^q&7i27(75;sQ$WaJd`yQ<vZjx
z78>K}E?qpAu3jtG=_J+6S=vF)oE<bIyH?+AQTin*P&}^5OGWtheK01VbGOc(+F)&R
zN%m#47@4%`QH>bib`UbNa#m}VC_GZo@*G_=HW%9Wl%+Ff;h7aq%a<>eb60>L{%W}S
zPEaAVdNt#^jYGPPbDD}_B*4w$>Q<4f^J;dPRt|hL>pbrCVQWC(3~75*F}xdE#22A9
zVi>@o4tcL=B{5x4_^9@7O39)E`^e{t*{BYhl8~CvW;eyW&9p(OuKf300n_jU<Z259
z9|%6sWD`~FQo4fzcbw&rhjyUqsez^Ry^$%)Pa2*;EkbkM3PGth{M`mXf=jl^{`Nr|
zNk|AqXJJnqkl_(exaVgg@mC%n+&m!~K*W#pM%CThx*lOY4{%<`xGxiQ`l$djj+A)C
zP>N3eLBB8JZ#X3rMgv}MJtDCD@d|vRPAD5*$&rsn7ZzW+<8c)ww|`1gHKec}^eYLl
zl_uljDok$il>UUd+6L0thNAL9e(wTlZ$U|KgGp}#8gD_;Y=drY!%A-hOK*cmZ^29R
z07&zIXz>C`Ut<9&=@t8smPT(xFf7{{S@y+LWQB!P_=;QBbT8_9oKg%g1rRW>`0u7w
zBNyl+oCbs@8RSA1u22?R#Q--K0-U<!K!;i*fdj2}3`^82t~LH>RIcyQQ1ZC>XF@}u
z{sPn_rYx(Lh`?Q!sb*-a|3gl-oYQF^I^mPl5TL`|F#*K4On(}-Zg|A_!KqV(_@U9J
zooTW3)S^X(9TP^co-4yF;TApXF6m{0muw7oD6@@e?Gm!vhAy=6W7&w^M8Yn()fu)M
z3ae{Ds3fDE$IhNS<Ka?3<FRWD5+&w0uo6&IZUuM|h9R4Qp|VAF03s9)U_xzj{Rvo}
zwuv@(OViF!n@1N{&t#gucs_Pb(V>C6CH&%TQpg_9U0qT5WrgkiP?tuCP-H|nU<1mb
znzI1vpZz7{U;IyX?LC3AUji49^PAJi7SRPP=swRZaz$qEH2ib?eVJf-@eG9d^#F%Q
z8_MW_J&iije<I)rmtW>FGEPyT)YWDEGxtF#)iTJgZA`)Jo*?X@=Xga9!3c^I0XKvg
zH$7xasqN+;;FKl5-k2woOQRznXIm1pklMs;BO6H(Yfz1*S#uhc6PZYeL?{y|5_2@R
zt%xO!9`KGp59G{3gHSBzdhO#sq`@utYJ-^n?IK*b1p^h%9Js&<&PAmeC-;dTKLj}r
zzH5rKefK^|PjPsA%Vc<=-Mm4-)wq}Ku~FeqR8B#@6ubwUy*2VUfnTV&y?OKB+#NKV
zd|T4A&D;gq!@F-rYZnA6IKWl#{(TPj3AJ)Owh(|X8gad{>nGSd9vEBj{%iVjT#%MQ
z?j&7+mO*WSStlBwq)U5i^&O<(ws2t~_erJJw&ctm#e{vD=hn8R%^gNP(mxshF;NGf
zQkQ>sdycE#e5PMg2fRneKag?BCLg>eL$3~v5BZK99Q!|AvN2>IblAry)$e)!zMI&)
zgUUYmu#dy<5!W4<zYzfZ65a6t+0q4VBFcMVF2(MNzf+Xs_5<D<;ZX4PCp<8XCJ-`~
zxp@^oo#IdsN_~iNDE7wgvLV<W9ijor7fg{-!Ow+=PuH~NM}1nrbekxhp8%r>_c%x0
zV>OpC6Ep4$S`6MZW_ja2`N7@$3N*>jl<Jvsm#Jia^hnk2ug8}8pUM#nuf_|WtqXo(
z34VbIexd#6v~3skeiRn8##Iczu_pL|Aou|x_<{M4xr0@UKsOh4QY4NkDPXw?xS{Ij
zKM+M0<6$);R4nZoKO)Oone>O)W#MSlJlJ{d`tv+dXk{}Z{fj<jB|n~x05MDZIcdf<
zrGxagurZS{ZTnjR{TA;_Mdm}3No_>3S)IQ(zSIeExn2@_P3T!$(09e0C9YT&Pb5ph
z_L#xZ>p&9mZ_B<G1PCobM~4FX)=S<zxMg$34`>UJCjaA^-m%KCBW=+s*BN4D2LFWK
zUd5FI>YpNt2h2+UxI(TPYT&`$;ad`6AR&u5Ecj+;Ar*@uxZ9Lv2os)gCxz0-U57X4
zQ^-6hRr1)o^BK6j2CTz~1sOAW4#N!h$fpIyrYE5h*$r{@f|h92N!I<5w8o+XoFSb9
z$l`lpN)tMdcV^Ad);}iMW%5uaf8+|O5PoY<D_Q{~DXfLrE~LcR()&AEcJz0#?D(sv
zqisdwQt0c*X7Pt+AVsrrqZ$u)>ksFgH$&_8UcbFruf8`o?iQ2`2hZ#GVb<(Pt=Xl%
zcEjrTsn_a(ShGQ~XF_2o4F)Irys&=&$Xc2Sw6`F1e<<IN2!E&v|7fEvuif(0TBf~G
zjU50+qAR*2l;@c&Z5QU!UjQcucYyVEuExqL4J$Fs7D$YRn>}VQ!-M}Q=0?HT;;|4#
z^~i>*qst7aZIOx)KWtV$N`*93L!z2h&d{lhD!P!YGz}}PtweIHbi50F`5GTSn_(c|
z>U~y9DzWN1<yM=q=T__JwzX_yIYrg=YS~kH{H6KRgtMpG*uQNS)D^P=NC~t=<?w`Q
z@`u$Kwb_+OlSlmLqxc1Hz-A1{4L4@!1RZG0W$l8H6T2<SQx`^yS^%sk*^_=H?14a6
zHm-1Mc=D`i%m34_=-X4*g4ea9;BS}o*zJV>7w@L+r}fzFWWZN1%$QsJ3u{bMBb9oc
zqYvxaa`w^rcENXej6d4~M7uRRgt|F_{^%|WAeS5x;G{+K*P#r-X9dPTM_~Q&GQS{n
z{2UZ9h<`9EegUSqIWW>jz`sue*!X%h@iTjTfi2TrOeEV0fdQEp+!r1ZLC&xr24BAM
zu;9tCpkNa;B;GeRkpa{)5XgTPby$9&l}AzQcOd+ILHvC}{Cz`w1LXL6Jn=OUVrxJo
zRzS$CfMEQ11V?-U?e(31%gzW4OuvX+`v?xmCA55Hec!^AN-%^+O4V`m|M3h(aR_u6
z>0>D$dNp(0@B2ml50b3<uMhq?>c7y;e{D1W*PHs^?XUl{JnsK-#n=A~RQu26MJ=pN
z1pgI#8ULsMRnW!4+SufO>(@2vkm@+gxW7DWCaEUvXyLNah(<{W;*Ap0g#;KR{1;fU
z5FkOU2LM7CP2e}Q5V<WQL_1<FBO^_%_tr)mv;vmgm)lA<R`6O@@S7WpE0$V8eQaD^
z)b$)wtG9<<kFmc#Uprd58=q@<08%2Y*evZT{ped`e`{=w_gO(VQMPUd(6{Xkz2KC$
z5`wrK(r|86?c<<dJMTz3{PLjnQmOS6>IY%tj$Zfv^-cNX;3Wg$B{qfWxDUnD9atsm
zmqEv!=%e@6?qS<bC2KP^D8cP2BRCnQZe@fRP<XTjBC?%~<#4!5!xbs+w4rd{4B)X*
z)^CT9p>UsvqHm&dm+V>m<IgbJ&<-^~cU_Gzb5jPLXu0WR+zGJh4oEn>G~nvS_PHG2
zYH@nWSp4)fUx7J33j)<ZBQLTnD=)dQs<1COEq#`sU07;pfO0>Yo&mQnSA(*;Y3A!O
zx0)64+elHOg`f4CWnN#g6V0Kj_ys0RWqexd1oGV<R7XEdcZFXrR#r~n^k~*=GH7UI
z(^O2rrq3t?rW!qLfMPS{*-}ndvjmD7_~tBvwVq}BOk~TYUfa$MlxnYK#F|&5A*w6j
zL)biKV}euNyPoXL$j?}acKkd3)n&@i5{kP2y<+SJo=l~EcoCE7bBj4=Q@uni>Kdub
z3RwOw?c0Q40xQXJw6tM8^YMX^HkM&W(Kq&-l1Y@<OKz;_&tent<8$%s5;PdxBnk1D
z*8d9;JRqbi<*JSM+yNx2e7jQA`Bxzorbq7ff~ET-9}~*`eRWCxlnqFfUh-gSdL-W8
z2|pJvjl|t&4P|V;sJW<#&+@GkRQd9+snHlRrME)RJw%Af2sM1QII%0m?lwByGv<D|
zg|IQuhy_Mu3S@{?3G6ZWQ`<->N#5cHV!D^TG!-)58YF_cyL~h(&wGlk(kr%(Gw&>C
zTy)n>Yg~1E$5n{)YHqAjr)T<&i)V9Mz%AVTPjx#rRLdc=v!i$_?BOm;u5!R}m?jJ;
zq|-=DI%~sO*auQbpS7W9W$DV%QjW@!f$Ry_nXqpovAB*;SnZ{Jb`qtNR-xyr>4Um~
z;vE))UjHSOuW-8A%OzM>G;ahXA}F8g9WrUswQ(a)G}?=fzYlxW6+jHR0;OFNq77U~
z;W#aqYhHPMU+jz=MK*iq(eQ9O0d%49YKA~0lQWvW#KRQ&)n(jBn}i|?Lm}ghsGAEA
zxOxeTNglP4#Z_662DQ&N%mQ2lLyV_CE9bO+8v{9h_|Ce-nSt{&%Cm@BahDN_gkX#_
z5B<EMZXQ%^S$wLzU;AXZn31Puwk|nnRXI3a-oU*iheq6!VsoU_9S5Kc9*ieAu&-Ub
zs#rScpqJ%Vz{c;WO@I8-#y6#nhtROxJri1HWZoe<<<1ZtXzZ39AU#eCWWMBqVw2o(
z-5pwyHHDG`11}Z*XTD;^!RkV6+dVdF-|(&S7v6388}Lp+4H{rc6PfZCqMzbD?LXX&
z1bMH@<X@c@(+{D%Ykf}TL7n2nmz<&n<xgl|RXdOx6g3Y@x$-@HciBOn;~V<UZr#Uo
zb_;@JjPdCs?>(qgO)XuFI**>FijiJPm1K;&rDRZnxrN?ZxVnWVcZdPE<@V>Eg3_n@
zUigrsi=SK^B5S9TrutsJ@<B4PhWc;nAb2yU4oyY?Z(kdeZv0i_1*{CLt4HM<!mmMG
zt@6Fzmt4OX<x8RLFoq1WARH#45*(Zgy9Oy?R0$Eveqx44T-v<*E2~Sc&9Zs_Q7Gw-
zEPy5NLMbmb1gONCrR4Yk!yznIL-w<+d3jt{j-W~+oLYpG2*_Tht|u02U|Giej=K?E
ztWuec*MP%@THHdF7*<Sw`7;1dj@(3k3ps6;8XpHpF>UdV@xygk<12o%tfwV%gH;mj
z>=<cxLqfnCM~(HLmril3!?grf8P93rm{6pM%(EGGJSFw2W4lxb*}j`N>B#o$wrD9h
z8`&pFqhTymc3xN;tQ+S5Y1n{gG^ubildHp%g-_|v2y!ZX3%TyQ3DO=l5(x&06&d#`
zjb;*O&lt?uAt7E}9+l78!vNaHfyM~8w&uON#%8xx?uWU^4SBV`BUxPtu{2!uIHrYD
zHVG~^9joFV7pj-IIF@W;-_HgBD9bFYN}m{98kft;tSYUnObybNnBAqOIA3GX)3;~w
zrL_Es*e5s9tBEYtlgE;pp2WtdPmcLHPhQvomTm{k(uz3j7xN+R*?O#%u%dURF0egz
z+?H}+KUl{Uz>rJ1vTCOeUJetTzb$koH4Z+K6P{qJR!S=#_KrtIL0mCg9I1N!bxqzF
z2MSTe5k+5mAo7slmG!YqEV98$^HX-Lnsbs+Q1(knr635Kq6zc7(Nkcbo9ew;VW>s+
ztzO9n?V|BH0g`DW5nB3L<|$1$0b~WLrdI1{I<|>3H61pc9*(Aq$L1VpI=Lcga-3m3
zO7Ta^EG#n-ZXzbN<x@#kS$ukvyD<X_?&kUmB}z_~u^5ppUx>*N%4ln;YG{_At>Lm9
zO&L6yW+00ohV0di;xq7Mat*3S^M>iYupY^(ID?3q4kom0X6ji`Y95*es>P^rdt=hs
zrKp~cEMnfhMprKiQ^g}i#nv=zp^Cod^YhSeG||X0hG-PA6;lh1%w{lo2V{0^rn6)s
zs)Ew}u|0J+YhJ(PC-Kg<C504^M&yghpbS%s$vM*LgOV3`?i{rtQSWs6KvMO1PW6CM
zb2H3&GtRb07t+o}z`*R#YK72j4ld9zTcLPcVKVLjq^|qc(SPI05dTh|4PLT?+YwBO
zse#-E@x=HR=<^@x%O~rLo3rapjer_5(4t5=G_VKQ^=oPqt{f=Nhtd=Rr$yjt(*m^%
z!aVS}@U})q*{8IFs6|!T$Fu{kMrt|asD#@YV!6~59oyW=8_~!bxu7fDN^a<e8ESsA
zepeWkZH<tfoo64<Kdjn=aXeT!!Q>U>fi{03eryB?ZZswCTqL(a(-kJ^a#<|Gc-q$g
z=^8e8>Vf5m9`%a;E6O_PZ(op>xQ=JYLbNcFYK{_xkrrc(%L>f;h(cXO6Rm`uHA-S@
z+{|e_8d(G3m@2XRfN1!IGKGjZVo$_`OsYn~Xmd$O-po-XG2@#H7k{DBKAPTZ4SGt6
zp-ex-XREZ~@mDO}$|jdB6m?97WS?6Wg)c7dFNW$MQ-o~)yApZLwG*-v<yI7OP0H5H
zH^Aa31T)8{0=bIG)!+q;_TP#qINk6l`F{BaGa($a_QQI5bCHhayUgXgV@!9vj-qn&
z*Qq}vfn*0}Or&`<$!17fj5WOJqWHjFn?aiy$JgrNT=v{Il7OA4sx5ybn}9KyV(Vd&
zz{HE*CZ|{}nMh0?xV%tyTnWz#KNP5K{|qO-L>l05MVAN<np`v6c)*NaOBY(@4nN^X
zoe%)M45l6|wBvW#H(IQftO<r-$#lY`Z8nS_yb_KK(D=Cz5op6CFol_|s&R)|QE`us
z))PVwJVwOF@=WGrOg2e2N@l+vNKY#ywg?*z(JGJBH~Mt^OQfkplKRwgX%mi}LQ;bv
zL&!-%N;|B^P*v$fH(zJSCMQ@A#4}E_l7u0%8Asw8xzV5xv<%?drzCr*_GOOXs!~7w
zORv^taR$-lg7SFJE=x$rf~3W^NAa??c;#=VemdKTB%1MpUZ1k<j;q@+usGGY_E+E9
z#Jy1>C#;Iy>5zRVQ|%Bdcc!e`s-sMPwB)EOw}8?RbQj-CCUo?|OuY%a2Aje9luH)1
z;j<EFhG8nWaF4V~+^#k9$@FJUU#;de^$lSLe(x(Dg6PhJs-n#s=0BbVZQ~38{LlaZ
zGwA>IS@7S%lm9_O<-f?9|Gc*=nwVKQIXil&{GW!(8Z|3zrBlq`KJYP)V0Qvd%8MuU
zFcFl(a+es*Fa%2kAQJsy*>eJp;2;TE?o*KBjg6U>7sk`hDC|y`tgf}~8e0gL7MDxg
z8{hMlZSA(3!55c4AFZw%4>=?xeEjXN_}7Q*Q=i;lC!byI&)G*c0PCUM>~cYA;VnqO
z2E$}QIsqVX5e!*&ge3ik^#dWr0f0Pkj!^=#&^v%XaF6@p;ov0P%7I1h>F{y?4`uJz
z9SXNC3CFf=+s2M<>^M8NZQHhO+qP}n+Hul3_r87mj59{}c%MJ8KGm9Yu39y##9eJ5
zqxZaIdBR78ap?Pqc&0<hTZaV@<+$ol<nH!9kz{XQfjv3KLg2aXSoj7*;2pH^<8Boo
zON2e8`$t4zxb3h^GG9RW#^QL0_mna(7LfRe_bLNt?zc`zJazifNivb|Dg)`mU*ZGl
zx$jUtlky14#V`(yw?bVL1Ch>^cnNvY77mI-x`i8E2Nx>Eni*(rOt+4p9pC>pzHWGJ
z;eMg%x^&R5uCM9bTv%6Jtd8wkU;hR}kyFlN7MRE_aI}==4XaOVZPE-QQwc7g&aLU{
zsP5iIhjEUHkRE#gZ`b^on)=GE>1LfpFjQN*wjd$pwi#{huCA(D)74$svw@vdZ8fMs
zTdC|A1x>1OVMbZL(CcTfQIDwbGprP2<x0#h9iN&Pl5}j*H}%XRL(}j|AFG}EyOH}N
z6cY@eD;VKTKMONM6slucPc3K64N{)zEsnb2k&udTUtbC}))<y2w;JV+ATCFhc02`N
zY`u{eWDe$POqImDSfZdXKT-~P``rT@#aoW_41!$cBvDc0T>oKs4&oQ9JTM!DmY~eU
zWF->4oJfr2L|m-aEkwu~$EjahoXsLQsKW^w8`m6%G$uc`k3ybh|2M;(#|T2mEEI_t
zQz=UOT;4*i2dkdUSUy~|M9bK}VET4b|KcE?N2YJNmm?!lfg4-A3^!}t9axpsppny?
zY6bqHM3lI4n05;5{*j{i{I0~M%|y~3hI};{tK|GPWbD=ZK0IwaSSw<~+I#c_gqGAX
zS43j<Oqy42a7EZtd(iEiaxu2FN4_RkQ~;nQIR8x04(v*t&Abyx(m|;$cw{OF>;(ge
z9lZ)#vrcBvfljMeBv_L?WiYxB4YmSoNxxPGZ&6yMxfR%G35{HnMDAJzmD;Sd-gsP+
z2ytn#cC!N8e*CE(ExD^6dZ(BDm7%}(S6IlAbmAfKdF<yWlBhPuzylFo$1QE=Za-@0
zX}?tKc<s@*DKJcnQ3IJ_#x<jZyZ^YhV4vOI#!ECb{Xqvz{~kD{DxD|%4*DIi><8h1
z)&^_yhjILMKdaVZj<+z{Q5hy)HGan}@<(DGj|9erAmI`VIi>TSiPpu8Qn?S|ehS?O
zRFCr>>c?=<&b~@;60TSIB<N^3EukDhCkn^f-?ppo*sGMpgEQkcfgU}M;~01f1%3S8
zl+a9uN5FeEHPuP%(<3Z$kotZtZo*5{J*-!2E8pm~{4O?Nb-Ay-`=e64m_k0r$(+qh
z;g9I|y=P?}x(`4f$33}L*%Y(rsD+ounN1s&O`Eo_)G;qPnHzugu-35b+}I>cb9!w+
zFC`d{DD37;?BwH78<{o7Hd{w`<`Q&QrGm@P9eR*pRzB~f@c^$yBBS;VT61}OwK|lx
zm05#&qjyrL^5DJ)HhTErsn<h?GBb+-cj>u(Gb2toggbQfukaOe61!tE9oCKwd$h<j
z_P+Ww-Gs$*mIi?<2~kfw@9)4X_EjDCcm>f?yLHtQx3|h{LCF^H_L*eWH<LFSb@$=b
zpd=;CumXz7z1fR=`*Y;L9yoRxY^n{%jx*!^B|UDwrS%hqSjBfRZWb*eywbqlDSGuN
z`)@$ji@SPBA3QOHY{mGDcCv;^3#x}sxDv0|$tj*a&yY|<Stj0saDT;L<)?Xx>_iRT
zZ&QSXR>9fwuu@7AYx&X`mNP~@2p9dHj*{J;abwRqD69+UQffj<TD;S7D~k5z#O1@p
zsySIvk7(4VO5!y_%)n!&j!3>doSbyt*2&A251G`m6v1W1%Wh8Wh~^!ijeqC0wbv4<
zlkpEQt;<zSvZdC&8SaD<Vpi4Ti(U_sf5Nm2>%(Lv79;`+R=S-ruP1@;y3?|9s)*lv
zK(?&h@{@$lPMIGCbl%t|lMFSt9$k#r2krOGb3CsKdsHSjZLyMKiyn~d<gwOaO@-*X
z-%9n<&n&a|_!(4l6TfPKMQrcID67y8=q$kpI?QN$W!~E}Kke6VM%Py6yZKCX1Aws3
z=A;uv^DT4J>|Rw;db1nUuZ!cpL%^4F5tddZsDFn;db7-FMQWSMLQ;6b!tDp!-ZKSO
zOHr7%`SvrSFv1)-Yv=?Al;&$<3Eagaa%_<{mget3Xc?pu{~3!{n8Y38Nk0ZJ-@0a`
zL13V1y*d&E+!lPM-Ojg<R~IG3>#NccYdfGqgB7B4=?oMxpfKTx0{vV32POhE@=sXH
zDO0j@61sLjcc*?EhriKGE&7DW^F89|07slg6-ShTh0?^v=_G|}^nMm`>8M66-H5*m
z2-k!(_VZPOG-pVZ&REy_9Z-2YRJp%)5Q)7^Z3Tq~6-Ri}wmy=Ejuu^1UOT{Jl`)Qz
z44TrEuypoE>T(go(k8^hn`f%Iaj!CWbQxPjnKMx_>?@;{v|jm?{(2(%0`4orl5EHs
z4iDgZ$Bs(Y_P8HT*0!T_T=3#^(+Q=zSZZ&${8;)bC7bkvQ=Vk0C@G0vPwt-vUUFM<
z6_6qx>VkBD5+ozQ&c=07CkOPUapy+GCr5>>tAh3O5_hIh_rw=DMZ3)6d=4oiyX<g%
z5ZcyAfa-bADA_K5wh!FrU71EkKo3Y6aOAl$w0)gs7!Nhjs*2g6>t4QP-_J_O=LS`Z
z%7o+3Q#~xfONjnUvvfH^QB~np%*Q&Dxf!}$0PKP%RN*yNlGO^1(dq%ingRXq+}9lO
zdUi&F$&p-n0S8n(!V7q4JRHR4eZo9Mu^=>!mIFOK{%nF69;(M(MncgGkZ5S|yH;Bu
zx%DF-v<JwNh|2Y7{rX-Zwq`-1EzI>an5e@dvqDN4p%i)H?ADO=F+RV%tZuY8&~HHm
z+(kawhLpLmErdA&n&Gb103bm{L6Z(sCj=?8rj&eP8L;O$_0@`Jd6v^OQk)TQN2QMT
zoKb;EFW?Lj3Y$0#1rqpq4PkNNR5l{zU04hvcbCx6%6Im5hm)3CIM6d@0EIUoqQ)YS
z9-mI_>e_b#r(Z5-6wO+~gf?lD)@g9>$R-?rT7HcB{!4MpI?I(5{*#Y;{KE<V-}zvw
z|Nn|(*8g`#?thMy|G>rn=j8uAO$z^OTUpOq&*Xn|z)c#E|FS>iBTqZ*lEyP6?)BXz
zh#=g607?ezLjV%4Pm}NkfJzu6#!Q`zd?5SPm{Dp~<>+7*fof4jYOV=wN?7(|h-kK?
z(Ns0Bf3-i~wf^^eW5=BO^V-YCc$*{vVf{<xWb0_tVTO0YWxDGu;l}eyk4R&%hWgP*
zc3sHkcuxPVBVjwgWoU*!Q(5vGrOHM4f<;4GR$~%|Yg&<$I|nzjz_xlk+_YSF+Q5YG
zq#=0**){)#Qoa?TqD_2HpIj!7U4^bMg}h9QsyhL6fRaiMbyJ&44*BzpDyQHcrq7{x
z{G|L+)h#)dL+)seYDU4W`gBU^#WQI_IlIQbErGg~DW{@Uqmk#;6OdlsHE$gK_<=}=
z#ygq9Q-P26$c3^~S+8b%LRshfFv2Y;A^A?S?;a`1V(?9cYNfnW!?sMxEh<$bW9DM8
z@BCGfyygV#ZlTmRApxsR{iBh>Gi|&|)?81QugNZ>|BA{6VJeEsMzKwZg`L}s(+07s
zO13+*#`d0Vo37paj(Ke?3kM;?5i-o_u0iO-@x%chJgYOor3?ot!aWP;IFukNJck-J
z8d6Z`h$EU9Wvk@gx^4q6=^1M8J<AhSH>zPa1F9#ZY;@&#<G8|NOI}yA#mdUU!2?>!
zZb0_ix`+G_-o?Z7PK{x+E7DBRio|m8bMFPrr&P{l98RP?Z4)+5tz`uN3EbULj$nQR
znh4&wy>4^?0TH@{w6&#inSE)wWs$|wqU`RKjjg5HSaD^gsk+?4>MtW_x;fSbLwq{T
zT~p2dQuA^^Z*w7nC);A<l9i_J3Smf^aWf11;!6HXcX{4+3*2FqQ}^*-)jBho4X)y`
z+@~himSxzS(I=-Dtn?M8soSNc=9c9azpyb23_XeTXwPL+1uL10@?$cJT4zlwhlO-^
zTg3oHIlxoXqQz-E;`&+S+Yv5eJ-ON2N3afqFINOyp_nT;Fvpqep$Pih#`7%!V!R98
ztC)A}Pd%R&ynuWA6!3w*7pT$>%P+9gQnq=}Zcy01+U>=ajk1yTk1Rs%R2rn)5VjWs
zfw>ki+`H`DzQmoXk&6VTrNpW4m?A2G2DMHZ_yOGIKq8OS<HV>x>)@idk+~y<nq-GF
zQ4?$nmCW%22a}jD+FCmitk9yBkf}=9$!fMP423Qi+D(5+clVfPir(M2qJGgp1U0?D
z8px3>gFYo%p)oNgDw;pMw08mWQnC0QDODY@`nlS+SW6nSgb01AHK$21#uz|Eh=Y0E
z{TV%27@AI4pq<B;Q8UuxI=g2!*AJQvqQ8c}G=CH$MeeQYzfpMU0#FUw0T-5qvZDC#
z4yw^h*AMH~xp^KUX5@9c#)Qmz#15TJRwF4N+5Zf43wmbE${=9$0(^r7_n(W68q;zM
z@5=7#B80~getvdmV`Y0Wq%IQhWoFPvkysYiw@T*b7(Wl9Y}A&BcZJX7nyZQm6m<V(
zYe<EkSCe{FU>lNpEior(Rc@B+4gupz!YVM%GOxR^MuLMcrdE2}G>QeK3tou1Cr89&
zNuFl9$|HlLuV~)u9qDF()i->b*=?HAD4a`=1|mX&0`pjMDPI@@T=!+Fbt4(Y>Ec9&
z(VyrX`1b}@)SdUGrLB&x@cEo+`W}YYH*^j0GMOqyU_Mlj5#rqTT7oU6D&_)#n@FC3
z-`om_KDnKh$cqt>(PX(w0uoQsM3-T)Xe5<xl)|Kz9qV3=WmJSUBOUv98ZV%bcHFNV
zjzA~0;z|PV#z2x{!25#a@qJznsk|#1*jPwQvY;nkC*r2mqMIQ!NF5}_K{PaF5aR4N
z+eUh8_s(DErToUB0h#QghK=XmN{^fagKB(CN7cR;+BLV}C|?9ns6qUJT);~pzs4Rz
z14GtnmpH6j@Y;54heCaoiSy{FcPeJ%muO^OGmijezH}l_$P<?~+Y-!3YKtQB$qA_`
zlW^U$<__EBmwKhV`mSsFx6ubgzrME_nW=Pex**h%n-n6p+&T}oUA)2AnLimofr>rK
z?bS4DW+l5U4C1;=Il24zK;nyiH2ovNhyG3g6IKk`z7^grgNP)jrxQN>hK7@V2$7mS
zV|SD@(51j**<(|n#KPJVe`js?<Ey-d#oCI5^GUT?bmjLEK8TqI#`1~$as4BIA&bHj
zNU0`UER2vT>QExEAh8!u@em_9W^1wY*eV8C62<2c*~?(<4zdxcN+wKWt}2fhs&$rw
zpEjurK-$Foi{%6z#Xpv#__Bb7zq=9Z$NB}c6U|b2C(teQqZ`iZ-C!<sh~gh{A>f5?
z87>Dwpd!oCJm`3NkWRYJ-GdAMtOqJ{es=~fP#|=X{NqyZoKbYQHA{}-1#NpedA{%h
z-Iz0$pw3)SE?iLX2(SP};wV&T;<5-dHTiz&>x0RQA@%#X6m6{6SvsP3KSEStzIu)X
zWn7Tb`7ik&jd=BQ7)@BEb%UQw!?@e6R)RL<F=h#VICPV8{2}E6CftCP`8ggboiJN%
z3+plqtBRV3y^pf3T09dstxTi89Fo5>T^p^W4IRiMq+F!h$!M^nWZBa-5B6EZ(}({g
z4GZiEVZq<>LhV%Cc>$GlkLoJEOknNI=<2n<@VEb%3xJu55sM;x&BNO_)IanFlovu{
z;wfih;U5!Y;Tuu3TXvGx48!05Mh2kB>mfsXc!vHEbH{|^Bzh&8$O==?%FmS&Crr%0
zWsHh>ARx#LVR28>(JL2!bG@&%E}%!4g*6b<HRWjZjKc3ndY1^$F3la3I2x&3<C*K8
zj)kaB1z##*+)ppQTL~J@xbg&w+cqVM90~>xFGCA2Yu4hvdnD-YrHz@h$vwl|o5%W$
z(@9BM3Ss#I<FC9W#^N8}S$tvi&MbSoG*`$gv@!dz;`75cp`z$74ToWv<4s8eRrGV?
zeIh-#s=FqO>iLnAR9Q|kX?G^7CAAI9-CjvA(6CoTr%zwPtCU2ZA!u5Bknk7XJ-?Vm
z^~~V^e!+~&IXXf4@*Czy>3$;ame@OC_4bo9|1juQImiix@e0>nd?{(fZz>t454)LR
z`QrQrYQg`RgavEC{h=6d*ambDbng*^bkTNxvv?=vEWEIOp`I7}^dK$1tPqJzS-?j`
z)Nte3Wh~WjZx?hRTW*$hjL>ux{E8Xw7v@oQn!tjxR%P0>fJvnK!2Y6*H}+qTy-$A#
zl^jT*Sm43>j@DIpdB*zo`%Xnuq3}QqrdXe+d$GNUTPbNIDykw!TQlH;Q;yW&Z7d+9
zA7C@pW&{dBLL_@K&nqZlM67Dc%Wb7C!ic0eI^?1>t17)EW?OeVpysiwr%l_2mtxY&
z@C`I+rv^-&zgV?{h`$A$QSU})lo6YQxA<f7>dtKWw;x8%#KhZw9C5}*`yR9g&xJ&&
z1#fy#4ewZ0%>7f~)J1XaL)x8MoK74eIXS8jnLRnpfPV-G)qf8+PVYh{C+Wh$5phfU
z2=f@5$+bd@r9WU^F|SdB+uMJivVSd$1In67#OOh+Gp(%8&{bMCqq&QVg4er1A{`iN
zizZjrdA`X+f|dj8cmtR2^vhHkUg%6E?U7xd;%PE>m^jRn6A<QdCOcvT?w69Y#i$l}
zqTe}xS(xxDi?FnfZd~8U{3o}9j-f`+WuzMSvN?eYMARcCjNq#9OnI(6PqgN=o>Yp_
z?0PF&`dk}Zy=F|%kP@5ucI$Qq(nEgz8*_vqMn5fRG8z5&uT<f;QlV~y?li{!U5m9X
zpy?Eo#~eF;x3H5J4a3>$RJs5+Z_!p79Myizem_`bfRkjaF@!#1T^uc=X2y+<($Ee6
z>$qCQ97Ny1n)IV_+bHyO=6!7%zY`@SJ&t`Z8sd4Wc-B@dVUV7W+HUfvkZ?}4in?WA
z8#4f8J1^mNHH~D2*h!v{uIVXSZssI;{kp&#J)78u%2AAqv8KUeVC;Z9yapbvKReE9
zcdeEv95m9l^{Lp$6Dl$|#}}6o7t0A*CODM~Q`r@|YbWrq@WFu%Vf^0W@JOp3Xe)%2
z-A}9G63DRReo6^fu*>mo+pV@(`P0*hFN!Go$e9C}Ea^md?c1f|BH?ie-hHcn)F84+
zMQGGA@Zdz+?nKnm(<G<KDy#G2U=TD*kYsz!sr;5NRs2AP1N283+oQk7?fNA|y-*-Y
zK@Q9`k3#KnCB0VE4J+S_7Y?eF&?V8#jy4t*{9)?yKwza-mM|xg#q;Czgvcxk6znV-
z!m`WwtwYVJmbm#7h?tWlNf~Xg9>JZ9&csoNaB2~Vq+1%wukJ=XA;8tNQv?s+I@-+z
zZ#UZvQnVxtCxRC1K{^<sY#`8^jm%8r&g4#6BG4A_h^TVS8dKiF&Zr*iPbD8~id_nL
zqqYsOcS65BtUjF|cT6s91iwF<zlKhA4K7yldS;e&{l1!-zsw(N8lF;eeY&c8&_3Z;
z-@xAR8=neJeMXmiA~W}+Fs{N*e|jC`1L7mk3sX1e(Fo;5D9I;<x5LpNUN4xQbctX1
zDH9K;$c_n3FF2e+ha8e?A$LX_>tMF+Y1VZVF1aaDH;V%HFp9DUMnjC_yrSVR<s%gI
zO%H~b!U*gc8WM!~F!Q2HxjKYl8;5!lL>evg<aGgpB9D}BEF28Dxf{1b*&jc73-VoR
zI*-mzcJ_EhANp3IWQKD9s4U?+0!Ij_#tQ_ftobT1sij!?NPP!7EM$zll0`ZrkHC$y
zM;xLFHU;*T?xDqwI3;C6)dnmwFhU<@Lko8fk<*NAIbZHSpEH@pi4kX74kv@<Y0WBO
zpaG880JQhVtD~D|hSfMy@(9Ns4tGvRd`!0OSE0(Ph%){v29D&o_1!an9uas6duC=G
z?k{4`w_re#t%CIFM%u5`+(47&*-F`dIh01I#>-ylRYN!hEXWS_)4f<h@Dx0{2@epS
z7kN;?Y%9Fsz0K@;ASIUU`t=J_|M^lJFPWLWVi@2JrJfrH+>w(q;0zRq2lI@Bo5y8X
z$KjIA8NyS4<eb=>jO$>ycZ-}PY?8_Ac=(o(4eHLF&GVVX3Ic<Pe4=oi(Jbr)9rq}D
zFq-pv6tR6#oJZ8D!`Ul5gJ=jmn`ywwljrKcBuq~bNs2MN4eXeiM?Q`|f^4v?IF34o
z%x00}@ZrD&aXR9OxA%`GRxB$<#*p9jee!}T0Df%zSdaSVqd54??SZ4N_N)6l*XEn8
z?i<tQ8z}{V49g&gLZJ6Yg@3Xg9_$@w(uEy{!}p~J9pYA7_*n_#osj4T6ocK!bBgJ!
z%Q4&NL+V!s!`E2hot(ySj+9sk<_->~u_tZ79q`$(%TKP%$MaF)+54Y2t;tQx^loVk
z5APqJgqU!^uZBj?A+==s27Pw1R9bN3j?Yk#2H{H`;3wp-4gqf&hpIlBIrKl(LZ(~L
z<A9~lc!TF&^5f`;O1grT-k5dn{2Vv}m3W{z;Ciby{u2QVV~iN*tt?YNrsAk6)Mcb*
zu^9<qZJd}<afovmb(n)PlEtQ$QtZLVn>WDroAd>D)CGO^N8jW$zhjKzB{!&MUjDrL
zHv}C~K_^!XgHDj=rr!M7N>F>%PQ8FEeKVu@erH%^W_W5~7;xBqBu;&EOML^q<pE9T
zgs3Lp!{8qdSMohV7x022<{!F|8u;^Si<Auio$}{Z988UGo_QYgI)oX*bQ;NLy)iQn
z=P5A!^)sOH&l>_QibfAYl!*GGntG>UDBZaKT0#A5H4TP$*)1r2!pfdKPbUevhlI76
zwb``xp&h5B1G;<Cy=2Ng0`0}<D;Vv~C|&pJ${vNz9(G~U$XWb>vV%4qe5UuZ@tjKS
z;iEu#)0*}o(b_!K(k#XtJ;4EeS)fjF+9OobLPcY=j?nrC>im&~ctQ;k=@*#kYlmTO
z6>vTu#G&%9D=`MVguHJ4vYpS_eS$`Hpmf5w^rES>M6dMDLW)NO>PM%b?!4K7NR4wD
zjTf{j@nUvFMfH8T*J8Lcn`F3_4V9L4#jG_PC8whS<r4;#-|W&BGbN8qN?^AawddHk
z<@|jaUodiS&`!G@QD5nc1Cl6tF_OHK{@~sV^8<ei@tQT=ZRf!<@QxLh%`{>K;7bri
z*On<x=b!G>6!AN9;p=9!l<+NbWA4ZIo0<!>Gr2U%Z!;;-KeGnE5k26#tf)Co$Uw6*
zP+Z$dZQBuI$OCO3cV7~Acg5P`GUEMRagqF&-5gdksAmiCj^(w&A#FO98%erppUde&
zq*$XynWxw)Pp2G?VCRaYqXHVc?=e_ec!i^IRYuCjE*v>y6dKrfKzFRqD7r5>n&9H#
zrC3s&{jcrJ(1N!KHS81EZa`K*BsQ~2vPZXpRtAw-7Fg%<b4WDEJ`whGLSFrm7q6*m
zk5?j+hiYnF3o7L8H%U014f~EW;Ae4u?;%+AtrPv8Bd{7;158fACzw(>9mmb52I0aN
zpfrH}-Ept=D%2R2cX=grC^mF}kuSTckq4gV`-{yAMMzs3_=ZQv$^U+Lz18hEkN`Ef
z*$4p2DMDGHraWLicxk_8W?1#8rv7}AIM?qxVu})uUawB{Z88n^-f;GNf$oIz7qCWa
zasR*2t<2#avS^tLeQ;E}IO+XuEU<9xi7Mp>Jmz}jR{Ngo(^yxBkdCBsg%)kG*84>5
z0TE{mDYL*lVR#3MZ-jDr_z%kNY1)rmatB)3(?8o!a>tlF$lsYW4Xv3b4yZGGLp&)f
zw>+*ZubX{Fomtcb7OXA}As%jkx?|9G!K9rj=yxi)UjVuwXB7lKtUfR-E&j&<rf~kp
zva_3@>F;xV{Zd6I{7?sIyZ%qKfi{SOUX)(gXJrUxdi;uukm<gUcBt`-$e|hFwhrD%
zRX~}|2qJsW2)^8aQgXz0oOWWaz-Ol*xsMto1ttO|0^BFWaZkX_P^~he@xbX8x%j!6
zlYU?4ar<wSDK$V>536H+F6vcCh)Q9u!V{4rG<+}?nZlQxFW!ZHIRw_oloN*@P@bTz
zJW@j?W^83-k)5Tpa-@Tug|jolX`qp7qR32gKWRtQkI+Hhlx915#tmUUxHd`)8Hu2W
z8XRa25UJ^dMjGltT5JAVZdh-Wb#iOpA#NWK^N_@9;vkB4I)1-YQoYg!y~IdX06iZV
zJZkqrQ2Vw#tcgvQ2teUu55z@^k_i5)jE*9C`O!yHAt%~{aE-lmi#O89kBa~h>9`n6
zEF#5Kwku=SBM(IalxagWFYHv8qWF>bH}*#=rXM@yu1%2i(^>`<P59Xw95#D7^1}TI
zR!LyFheGkDChVh1@2fClTTvjb0lcp&a@G;k+#}NVq!jtHiNQYK(H8c%E~fg#_>G`t
zR_ujo*O+>1`go#Gl|qnbu9K=^PWAFO-LXds@T>=^S~O`?peOi(OP(twpX)8EG7OF^
z?>pB~DY>eomPo4E8#+X$EuGUIinxDiT%5AlCtj0litt90s0vl;K%&N1s#BQZ;D)S(
zG;U`i@DcpuSu8NiOdOb(eAot&^O8dZi#ohO;vvkKs3#{^?HH$LX#B3<w00RQMbYz!
zF&sDdNR{wVQMk)8)hPCNRqZ`&Yj~oAKbZ>D<`a~#4yW)P%{oPde+M-@`Q9uv1;I5z
z68nI)=Bd^;REM@Kt0ySyJ=^`A^L;~(|E5F-=da%m=vN~jGM!56rnof7!j|2Hv<=v(
zcR8`V_oZM-H#tRH(?d~@^s1<KQu9nLYRL+KGC;o+m&!Tq$IGe9g}t2eDyfn5(n@Kz
zi)Bgx5!S{isjCNrm<-bneR{8btZt0e?H}UzhXNL#eJLo=g<?AJb1fAVQ|a|&B^ptn
zSM(2S;-_}LK>sD?cyDPYhx`$8z_a~3r~jYK`#*@_{9)de6r_K$ogEzYtQ{Txzg*`O
zO{EP{l#v-SlF~#L^z}v-_Bbiv#i#)6_(nh+!YT{adPCKE*v2wyZaNB~OU#Yg7Vi>1
zr(*a|fKT}>ys`MEc8mbMRKyQev2Ta1q?hNOo^L>3likT)5&4q65i?hzKYj`kWsQ;-
z@ia;cm72rY<twyiN(E2z(QQSDt$AH7F_)KqTiX-qpVbT79wNKpn`X~%&K<f<@Nk+y
zxm%wHjfqn@;gIrJCkv00jzI7+%t}xGeUj(R0K*s~U<rm%Q1WEA9E}xfA^~L`@kLnf
z+H5G}B{aQgenWS|0<xEe^8u66KobX110R*hK|e0WgtnTBiKc|%@#?|`Rf_YVrAVy@
z8VnkLP*#+r&D9j;NX}^WTc%QU*c=-a^DF6+CX5@?xk2!7EYMNxT`G5TgZU9%9V@lf
zx^qTe;i#U`yr`86&`gXKF>|8GKB4{EYVp(AC~_%(;X-RtQX@ghYa4SLMTou=^wxk}
zzmXZqDB201HKR7vL53oJ8lumt120H&NvT224n`&JGY#G24&&S5Py@SLA-0}H3|T|n
zV*9<09%QKPGciMzAA@y@?IwRyxD@ClOE(xZi1>N|rL1KB+<gLDJ3Gh`N6G6>p_t#S
zC0q0G{45&U6V^D5o4{oYjqv5pD|TzTnddj$yg>9#vM%)R9yJLQY**F=3)5U(m*6Hf
z7SFhWIu#y=EShTtOG_o{nMJ!O7khDR2F`FDQ>uM-N7WDPIjuioZJl6Yy$@rLkXq1k
z3I%uFOP9#2Om@45Qqq^pk*S;6`hJ+C3M!B7d(HIdY1j%%Qst!82(>eE4ZmnHWt5Hc
z>qjHgDY4pvJJxQ!)I>3DGPjh}!g|--Os}(bNzFyZOEm$z6p>a2aR6Bn<oJmb>>)d9
zjkrx#u-3})^Q+QVg;MWoMNDS(O=dXO;{6NN6T`Oa`05j0bfn+{)sj-R5?A-nC9NSX
zoE7sD8N;dS6ePzyJ9|YFiK*V!>2=mEs8ridvFS5g?+1~H!L5jyOiR$<7N8o*W97+Z
zsX1jN%`fz0C}A3KJuwTpj;0~4o%K)TL~$l#$|E^vzc4y~iA5Jm6nHN`Fv?vE>c1eX
zewFJc5HvsW__dV4>^8nR9@fPoc5TI~<|iH)@smy;MnB}s(0H&)?t~1aeyVN8u3>6L
zp?JmdjbJjy`FMgK9_$T*EyI!&bHV)C^_Y6b^-MDw+|`sxkz56jIFGl6<yN4+-ErW!
z@dlW4nz6~{a2$m`$S<VMdvnJ_+XecnfU*TY)`Ox0^d=zE_BAu~JBW!j;rPOEOFp0;
z&9U`FeZ?ACiL<fg3HhKL$syc1d~rCW=g1z(q37%l^2{(`|LVZm5klkC`PDsh2YeWU
z!!P(1elRi`fkRJ7@9@EDAADdFn`4_P;yr!`WgmTD6PIJx8UB%ZfIdpk`33jt5v@yD
zW7iqo*=L9MO>{lNqQh=SdcoLRbkyVfah5jf+I2}g?dQL;<_9QGv1{Wg<e@tB-!@5<
zT$<u8AOHYM2>)K-{?iVb_aA*)s<N^&{I@UC|0LIE#mdR`|3VnrQOpgc@TWkh-|huT
z#=tUQ(GllSG4Mb0D$8gGYaja?qbnsxhW7#BO>xkunjh#|8{)>i@SM?k`95-i?aSEi
zq&!=#*Ag5Z#f$w8v*dtU{^H+v{=^%6FT5iWTwEdOmPKPczZt%k$!7KYUH=-gpuSBl
z`M?8}F|&Og<b!d3WE0)ESg4w)Tiy?`E}t--Or`s<>>#pL?CAV`1#=75(9^)M+!4ub
zUbxZd^zrRFKpZqDf?;=IwUmLtCZaQ85Cd~q%EGH0`CvjSDdfY+D>chB7b+ufA7*4g
zp<1?>{9AgG;U$5_p7xVNI1P{You-xsdI?J=GciszTBkR=j8ZSaoK@FZzGVG{=}!We
zd{5975FSeH65US_{1$#`lW>NGyag(+TEz8X^)mUtT96D_WFI>q0D#C(4&ML$TlpWX
z8U3^%eIq^Ve-tt;_>TbaU&jkLIhwi)*%%s0SR32?cb_YYpRr!}g)rRHv{lF!+(_ux
z7&On1L_&9-FDR!RS1uVUiHH+U^wer6Q?Ft!)r?%ohbpctj^he|2gTUYj1^}or)6wx
zVsiXGwchjn@d3IE>&&ZsJ2-@tP1R5~*+A7?zG|$7n&6pOc&~BD6ebrR5t_H%fuhtm
zLWFnUz>{=$ODjZL*s%Z|d@MNP5f@duD?ZG0!_;X?|CipF%L}Yzw&KYU$17C}HvcgJ
zBa&4BDcnxCP%&$wFd@cpc=n3)EY@c%9vCm&F?LYP_(Kv-X=<Q>B5Ryse_>$Yw<kha
zDn9Z}lOk6XKY62s0mjitgeLns?!tD|q}mn>O_{2_*^9)hqBUEDCfVHno(5Ua{y4W3
znHfe`!rPDSmZ9$0dus?Tz6#B|ZPH!sr0pX={9rAU=H<aI6O;p3$JUua##aW^rve*I
zk$7B@aMN>RjXz?n++V(|X-b=f8c_aT|1NB`z6tEr9mfISdM6G;O~Vz_S*{~C`GQH+
zxnR^vATC9FX)(#!{MP7@A{g?T>tz3%+U{+*n$yE#yi;`0qhD{urpZ&<<;}`X#~FEU
zTpdEZ9q#=F`R8b5ibRa<jDD*R1T#?tF;fJ8dBlJ5dbs$ul8R42>`w+<Vhb!!5=`@q
z0zP$i0}oOQEIZ8%>;4PCAiJta_dfvk{V6m52f+V1L-GG}gbB(k$=ll)|E#n9H@vbG
zrEGrS^~GkF#lj|GCgnx~+Fw9Y-3uBA4Dtkkq*z!Ql}Pn0)1F#|)KS0nC}#%{1`!6#
z?~5OlsvS~jzX_ePmNqx(3IG0_lhXsxIjjRohF56-3$IdIaa-y;0?MOTJ3X+QfD=K?
zhX|9g#mskfo%)`=5hHZwVHK=T<9R)jr3AK|cb_RXXM~_=)}7ED36F^twKOzsUcvc?
zfe)l4Q29(!7e`w<n22X@pl%pW)RSj7Px-0SY%s@YaP}H3??gwmkJ@E$KySB$$)0>3
z+Kr|xRG1@)cu!Wd3fP6B^``sg$s>#bN&c_!W(So+$J`{6Mzo?s3zH!wEE+D)Pq4NP
z%NQDU`#LjLmQO%ekhZy@deU2;2nP~=(Y(4kl6M|~)vBv`fp314Q=+9B1ykp%4LSx}
zvSf6Ki9U+OKJen14Z|7#7;(ui#RR4Br$#%SFJcBZ%7k)Mnaym+)dzsXUz1VJCd~Wk
z2h2zt_X<I~kZK?o(|bJaig{yL&D9|=rz}H!_BzN@={=?_%EQcQ6zA-A%|!B1x-N6`
zsn_Vu70|@83@5L3S+L`hGhn1R!`Im2B|Rl29VD6EzosW?-L(nQw4-Sb_Ao6H(^PRE
zDJXHD(nKy}AuMrJYsqBxzqsjZ2=hA?dY7cdA{&XTq=}j=#UfeaS{fI+gF{(e41eEj
zenbBYc-DlSx-dUg)9n8VJduA6JRwUnBWp(`BLjOQ$A7DC3ffZG0w}x<V`S;oQ9I3K
z%Mef*rMQ$&W%`tUf&`85ali0QR?eJBuKO>sz7yf0k_7QT0KX{Cvet50C341VnV+}Y
zPBtB!ukpQi09|9MptKf^6@<4ev5h(@4HEjG!6k>)<$^VgVIsDe8Bsh5_CueUs`gKT
z0}5m@)k5+d3-yz5nJeECyt0gQ@>XSKNrjp!^k0wmd1Bv$L4eId6Xapu1gR5Z!iO$H
zBr*A%ka6!OSlmX0@&ZVXsg6#l=82RN3l-s2C|+-GZ+*cP2RlDgj%7c138R+8jjv2p
zlRuAHn3o(o?To@P4~9s`;W+7EWbUtv-Bcf|<|OIcX7fHOBV&^61Z-gQLZGnlBq=;n
z`)CG6z8l9FzDXV}Y{>>D%P$NfvKNb7oK5F=u;;|Nv}08}bGHgEv6rA7RW*BhH9A^s
zHJ&t4tZDv4{}mwuS~jae?2JxX&4o8TWYBo<jhe(TCT1SZbM>2j#gHv&bI|19)8da$
zv8>aB?CR7L9<2>LLVQ_m&$X_&k<b`YZGmhsz*K#x7LzE7BXNgo&p=UZ#X{bfL#+?~
zjVx$B^QAy%7{l=XjiCP(iutjwzx@4Eqrf3jHF^(5e`;0`@W0or{~U|{nd0idx}u!k
zPg_*Bu`sg!H{iru$RP`$1kXGQo;hpQ(yAx`D&%R?8HAd4CSf2Fnvuj6@0g_IY14F!
zO*enh%CL}m--5psM4B`cHxIBd-c5KIZ)Z+0lRrGHJmUl0LNwpU2D~fciK{2n(-m3w
z(XiO>9{vgV<>!Wno{#Ij3+QKmkqL`=)sQPCw?7KsJ_9)!RfNMdN6dhK*AN<^qyL07
zf!FdAmxmc6TW6FqQu7G5<UYVc`M||<#8G<${;{>&f25Gn=0(>g81uwUbAP0rmezU#
z4dhY9a6TVHw3&w&vB{9zor~_xu3r~}-dB)!W5>0*<t45?4dgxvb{G0U!2xY&sg8kw
ze*PO08y5)GbLO3TrUoKGGu@LLOOW}v(fSl(tB#@M(<Cbyqhqr37MR}}$<^HV6J3mN
zlnW9(ZUo-5ZDIV-zS$@U7PQu~w&<`3r6{qmvX{&+<-5t}L&m2rdduN@2xR_A6#RPM
zBx|TAGbk}Lq9l<-BEL#sVMq}P+V?%cZPCKD03)o@r5oTiu`o%&1jzxBs`M`fV0o=?
z+%MSbihVNU62s<(JJivW33F<@lv-oXGkI*IGPrvZ#G_qo(bz<|dUKFAGcbuW0t>YU
zKF~o`f(X&rM!0<p0qZn@d9G2m<ylGsH&FWxi1;}H=STvVNdipVL&jyEG$2J~0x8kh
zO1S$;h<Zz~v2y~M%C!t2MMVPYmoc%fx736_HK*<}SniA$E)$D<2UriFOM_$V&2zxN
zZV||E36#^NU-ptJSK8U(;brO4vIQOKkDbrh|AH?J4z{rDPvxTr`*-;M=W06LKdO9&
zdN%*hk?}tp`mcX{`u|Lf!UA&t-O;<$EF6`WP`|8??QD$cfD9lo5ip9xf%<+O9)Spw
z!;hNk7y?1$yE3<t04JomnvnSpwY*eUJ%z2VudmN8HzO%vm4#I$H7~EXJn8=ay>hOh
zUD4C7>eE<}?tQY&UBly9R8em~!})&M@XY7o<8i~>{nS@s0I+<(i^=X*3n@xD9(PX^
z6^Smyk-u9CK4RP8KSRkuC*DHwv$$>rW&PVW#Ge~=vuM{ElpJM~czWw%$g5R%7#PZ5
zhbJ_|&{HQCFZm7>9_=6k3J>vue#~_-z=#2bhwKF}<u1^leCUx9l$=*Bx}=LE$Ru!<
z9{PR&s+)*n#{EvkQ^qqJSxXmvzMIf^CSrzt$X?A;mii?*WQEbtQ_~+ws&HO|s9b7w
zKAq*wJi0KxiB)0hRD#T0zbxHPEhn$YK&#NvfC6pFBACrmO>?1w)Iu=L@p~$2Os9)-
zQGr}f&-Ay8l-O@q-BRw&Iq%%Mg0k0NQWWz<eJk$b*z@N58u>M3@of5GeDyPC(&_07
z9Zjym>sy-oVQTF<{sr~sEg&TbG<wz+G<hv1VD63unipXgf@)0VLoODg(v?>E%v<<U
z61RWP&TOywo|04=I_BopsKm_X6hEWJT#X43vF7#dq^v}WoEjEo?yz*o^TdKS+snN=
zLCugPVR@6nN{HPx1l6-!sHKXK!tBwGTZp(dGh#%a1e9U}Uju^qN-^DSNUDmS0C@!j
zQV!d=$#3pM$<rHz`~A&e3y1wH)K?@~@uP|;wDa#ADCpf=Ww2Scq-Muoq9f4_JyT3c
zZOceZNVdA=FRrqN70S|Z2LWabDh2OcuW{ObPxo3WFrTS)7ALVmwV19M><#uAR+znX
zmRTMRsd2KU4oRJmY|8<C;%Q4A#t}WPEUk>aWJlgG@5ZU=3QC#4P@TQIuB0_t6A>}5
zN&z%ph@~Sd9IXD)xS@TtFgh|^nZ!uq6p1#1o0{gx-)5q<iJ7H85P|$ms7h}lHttN?
zVajK&9zxoBn{&)_NTi)>)pp~FGaL>*-!K3odVr4TLlvwKjKbgfb!^w%Tcm6$(iJ|{
z8tzuO4<l;WS-4N5le}xrEvibE68_s(R!~B!D$usDt*Nb!n?Xnf*7D}u6gn_t9o`Wl
zdL3Bl6{u>j+1BMxRyaNcZFDhM_!hTE-9|<S_87)>xV&p_#g7Vcc5b^p<*0)eX;&l_
z(5kL9PMQ>+iPU8ks)L(r?DK4ii6v`HxqW6<1~ojig%N=}{aJZAf9>=%z02coBZ~_w
zbW7unIkY9@VmZc81x*Ik^g#%ce@-`UU3;l3tO3p0!e1!V1A;*MX_xhDZ(=v$L~hiY
z1F=q>(x#3!>RDWKQ>(8~i@@}B<H!DM`QHXor4{xA?dw#i{KMGlMaFm`FhbnMO9#i8
zTk5zBLqQpQ!BQ$8AU5|_Od0dNVgru;^t&ZUh8rkx1^fo6zwaD6i}um`(>^=6G6c8q
zk1E9<99=fstK7-Zt+$L1235P9GQwN#q|iiAZ+2zu4s^?2SanqIus>9XZU!%(_aDF&
zM7M|VF(=hi*#ZzRbKPzoA93_QCxe??3(*)gZa5($jJ*@YTT5GKnemiz1l9A$P-QP*
ztmbR89j)9oEavBFdZnl;?nQKB-5V3Lw~SlvW?ILVMI~fJEydZ_n*h;X>MJYvUCR1T
zl+wNYtMu%Q0EG;CjD;UFn7DS5kD+U{MjM(OvBtKgS*#$lO?uX#aB7?F%gf8*eTK{4
z6nN7mF1VT7?IPEqY;<0{A8{f{-K)USEe0Ij`!AX1T$zd@{%&tzkHO6MDofr>^~{7r
z2R|XzKHV^Bmb}uG5SaL1EojXG7d`%B`%0Pd{E_olX9nA)7c}+?7?5j^`4^peyRdLF
zAV@{%GH})&W-5aaQ6;@MDR-E;*)3YRkwmOeScuMtZdop)T%3rRQTYtqkKaBzt4h15
z@&wSrr>TUZE4XHX(c)gsj4bPLQCCz$A1Hp2Z4ByWk=}-u0GUJ}2;-`KNS_N*eB6@?
zjI$|LA5z#kR&j;IGm}l2ygu22sP=`K2XZLUlCh)`NzH|lY4(yH!|meu9f(B#h+3=^
zSME0=uM$P3{}mQUI-n}{d9J`g>dcD%u=ELaSfZdKt|-nGrl@PS!C*aR?b^E6#I9`p
zh?bqotTHOXcB6G~O}Cl)o4`wbZ`jjgU<9`1X1{r9sepo7V3rb8+xvt9t@gS7^BOw!
z!sQ(;IzJ!8BlBq>Ho#h}YsU?6<y{+n7rioq1g0QslaBw!WsCvKesM|=477bDpq`^K
z|3%(Sevfd7=diBK+fB>Vj_W+76Ch2l+eK~R^9A`Uyyx!sw|ep;q(veMSF5xJ4egP;
z;C(2otkgx3%%Mwa9%et1H#-wXhAk$e;#jPXKxANOJg)Fql<)|^U7Y^x^<G#=>jMq&
z7mtuzI*tkAG4j4S+m*$tt%liztj0ng*n$LiyXhF5`BnUKL54<0VFg0mdF@2t+*WG9
zQlkO5QxbyU+S(s$XCLdoTGoHDjthb`wiXoxr&es8!CVwvumfC@WE`MO*8or(oYzU_
z_D8HJNgMMMnz>AgV+Z}8-JHf$>iSg_82h|RB10psF*_i(p6djMtuZ~Y47Dx@ykgiV
z<)FXGY5^p(SM&p35<oIM!fBL1{)Xe^33z{94LGUFieGSyZ=PvhY3ln|$(WO$Crhp>
zc>%_;qSw~0gAM=9b%@$A+s~(ys(|JCoObSU;5j9FFABOe5_rbK_9#M|y20WfK+y>V
zNJhrhc?kuuKncSs?rCq`9uyC23Q87vWHqf#A$zaQ>3DDLzz4VM!khzmmE=UPLm(}n
z#|E6Pgn+Qog*Eb*bg*8_a!L_%bqqOE!QT|w;6zKgH4SSLQxA&Xl$(NUXyuXPR^d|S
zjWP0=A)IYqcPTrYbq@1xuwNk!3&a^RLXzFTKYvi`Ub(sVGDe}6JjK~LIzGfvjn0ox
z<K?-dix5h>%^0<85m&_1F*0htba^-8ZfIDXDy&Ci&=i4-n55%U#-lmPQ{---E!V{~
znXN{3%GHm;ZL1Jzy6cecextDi4x<y@V8wg99lXy+hW6LVzSZb!4)vaKeTtwtct<p<
zL^HrVu-(Lyn+=HBrOe!a<G5yBskwLi23s+jtbD$_n<@Op{qE&&^M?0fT#-daeM+?u
zRTJRnG_VBvO!S0M;h5BlXwbkRBSKnCDh&2E7grSICnX_;Z{Rij@=-va;k7nyj==n)
zM;3xZ9MD3mU<*bW3&Xbc<!GI=7DW>w7TLAH=!V21FacaN&=VI`&V^X=ASbsyd(0eC
zzf2zlxkT}x<>W*k;0_A<J}OKdbvjfF@7=KYtC95(;8+N$e}>DP=38gJbB^Q6S%J2T
z8mdkl+aWSp9g9(WG-+2NexI&T>GUUR&2m}Yp(S-i<3T}7B2~I`ddyuxU0TgYe{*bM
zS9TAw2*Raa-4JY*FBk$l>DhA@5C32)+X$O;>M6jrUrW<=eY6<>NMwlC(_wS`$ttk-
z3g!z}`jz`^x&z~~gYp1G4)0_P*%Ipc@K0m-_Zy@TdzT9vG;!pS<QztxTd!waWSZ~z
z!07tICDRhz3^>IE(f)1EobAA&uVzvYxo&ZBl=IA?qLB#q^y@FWbpz){v2rhL<LJNZ
zWpg^e5w7+jdOp7+YKJ{=n20@S3yh+k@7QAIk4;*;Vc}CPsQa7pIUMASE>#)N*qOdy
zUE{~TQ8b?=+`rAT`G=HZ?iVT1a!jD|J6O=S7TQju5A(U>Bd$jiPoq869NE8W3My(3
zjqsNzrko*MX9_Z5%?_k&Gt(Y<bjEDvdAMHwi=k_m$Ye42Sy`vS`uFF;e-8BjU}gP>
zV*b~2;r|eH|1;4S{l0L({*C%wMQiq?))HorQHqhz<~16I8-$Rd>YO>=tVNx46q49#
zW;&^{zMe52-`-J=tW(tJmn=w$prN5N03-dfic*ZpDzu4d%mfVl0slFEn?%o`^w2?V
zW<+@}9dUKnb&~DzlaFxMaZ>&Lb_d=9m^nyqH2Ho<fad865WzI>-CDaVLgw4Rf!>Rh
z4YkXYoov?^@iTp6($j^ztwq$l?1f<ULe&fMkgujkntY!2mCr79sv&Q<1Ekz$V%!TF
zX<wp(sGtZ*(Bz;85P~TMAC<5}GmRs4y7x6M3aTd9QmM135@#6S36oS{Q4a|UvlCyu
zmFH=2p%)ulo~qN<GxB)y#4AO_g}pv@DtM~SSSZ!CDL`g3cI9dwAaM-<pOCbYMR00#
zv6rDYD!X}!Ff*M?W@la-GFBYVlm*i*vldTiEXY9msZ2?7;AO$VU(S_yn9?WDthn;*
z#@XJ-x95pYo;<{j>F4Dd1?A28QMFi}y^1Tc)0V%%OwpWFH5yBtno-a$x1p@*GBw7V
zo3=F;X{@)a=9>BlId(gxP<>T8lm>1$ch6oV#j880a}ew8Y+XOGn%qg2Wsj|)t<}lJ
z^`pwrUXJdaa=@SGzptGbFU4Es?8em*8Ym4L2`UVu4x{vBE=l%d)jg>g(^b`=DOXs|
zW^9sAJnLj#(xuo-+e>a_{+4lQFg;Yeux(|vy7D4a`;3Z|!q^I6rZHbi+7woTHS(14
zUp}AR?%!s`x=~}(?TGkttg|$1GUKkjF21mnE|tP~J)|o{kLQutl$}t%h3JRE>mNXZ
zW62N440bPqTCa2D!OWQqJT^FcoZsAE{A22EXU!ECNnfJhaMveKmK|QiG!a%d`?$Yp
zX=>)4c1^ot2*CuZJHigZ47xK24U+C}vnK)>^SMKrkbC*~tFPq_Y3}?bZ`Vl6=<hjP
z1VWEcDfJ7Tj>2tu=(7jJ%E44c&<|BMMPVHtk+;k0sVlgD`JqgMY!gP77|nifd+umz
zM%ImCBMF{Xx2Q}^Uh?y#1Joh6MEO9V4`1Dpza{=q>yxvU>5~I}BHLEHW$vun#ogPO
zxr6q1frm|qDn?w}948el$FpP}U(HYVquJ};+Q9R3ad|%!u}d9HS`a+%Z$1kwn!C#v
z7%{JM4w*Y>+A#FUXol&k)wrSVaMBg&s5F{LZkAt$VXN-G{q;V4O=X%w`%dVQ4zP!<
z$V$Jrw>7glwr^m{Z%8!mj1?y8us$Z&h<N05t?bZ-CbYC43H8jgw*S^Xov^v)IY%<u
zL6J?DlFG2KSn6t9k{_^QUND;l!rf*n$wM5sqRebmQb5jQ+XB7B-m&eZ8I<YyGAWAm
z-roU2rE`IWrF7n|%9=F?b;%x<sSQUqZLrLA0Y{GHj1cJ}*i>&3^|qW`ecKxZa(yx~
z9q@r=z>IPgo`{W`?-9q`yM)du<?nGw#$_FQ+KU+NJ)K(~F)k)SsX_>|PUeZxUzhIZ
z?E!Av6*BE|6%g1xavUy1#1Sn^xORtUxbC;;0sZrnzL(9repUAC`j=#Qdob0lWN3R)
zDfwx2FZrI8FqloB58vrEoN}(Cukdfs=heY3wiB|yDz!bpQY$Ur-i`j&VVW+t(z6cW
z0(wWjffwQ;N4ew_Ju%xCskW^#@zf7AZq(<flJKn5Pa<B*_iK`0SnQ`;SnUBN{?*(Z
z;x6xjn`x!or%>%yZFgJ_snRZqmsO=XSRolK?gfD6AeOMYNtll|u-y}h7NZ5DGaEv!
zz7<WcPQ`b)A7DL4Z&cg0D?Y=zx9rs(w}5=*Q{N=tJ1_Kn$LGW!6FME2iqe1ZM+jZj
z>+zBcavliLi~w|dDP;eIV~EG|Md)R-_bWx;B_e8Yic%BL1A2}H_ev!9;P>PoLMpx&
z!JTIrnyJrX(SWc@%j7Gb=Pwt4%o(uWDsw8>i;lHLUt4hzPGBV1Ne;J0E->MxARa)#
z<eZ?0+otaAu(|J9&{KYq5MHbm8@WUv44Ql$_+gGr1A<&5?Zp@j(N;Qg5jo!rW06WT
z$?RJXO2{3AQRNr;*#3?4@u+=ghKq+B3;-GfVif>9U=-LQ-xGQ%$R_+f`@qMiDd0mM
zyy^d?mGl?l?Ew{sNLwIOe(fuE@DnK+%*xcq{Bq2y_M|Ad1=8bw88+Dgm+XIW_Etf4
zgn^nM5D4z>?(Po3-QC^Y9ReJjgS)!~4|Z^e;O_2j!8OaBJG(V|w`QyEy!2!DOLz76
zf64`e48<#SxcGuc{>B*?vF-MOm%na@R3bSu<dUSSra#h_XIYl_1CIR<N#DQ5sU5Ps
z5+DU9b!FyYKFfLU2~3a`&9TYjr*;IY<FbkP8A2cVY6_V8H_62=8d~sTjQ2r5LR6(s
zXmo5n_^akBUPtUE-5bwEtT%^Wxd)}09=eAn9n=uPdfq=j&Toike2PnV!+6T<7u)_*
zdS|WyKtMx-fqnm4Df-{*V*fpF(SQ7P|8s=+|EADtv|#<!9ti(+bB+2b5TlRbPLV(`
zHkEDQ$lApl4`j7)K#8kAN*k{K$Vy2s>78kt<i*64I6i6?^IC9&b2PSSbmUvfS>FhD
zD>rkyQugXl;I`QQ=O>eOZyeo{-?{(vZ?ot6`srU!`Ii4ZE0`Q*M=Ub`?!ci$Msz&J
zKAe9Oj@BL>loo#j_A(7fv(F=>NvZDv&QZDEs1FF|sCvT+#ZCVV3Q_t4k{GUmb96H$
zbHvuYq8X;XrNzzHtZ%`|@5^PoLZcF*-*;1-=s$!LV!kqRHvRrOIKMdrf_{Q)cr)L)
z9`qL|*!d#aFiIlK37m`cBMC9izNj}!C?l-+2n+(OC#jqY@gP>BA=KSoEyznDC?m|2
zk!aSRBSVLFA?N3!hv<8!GPn1LF1&P1BRS7h-G?Rl>EqtAq9z<$w0)Zx+<bz%@mObb
zf`#5*UIJ-1&ZX>V=l2{#{8}=~WDVk~F=6ho^a@wGQO~AI((En6W_i;6^Mt1yP38b*
z*v%6lz+LJ3w?%4RJ=RmxLRpdlVl(3cTVZ!8FGy&|ZXNA@vGrxGm1F5UK4l7r!@Mu2
zl6rBQ@mzt%-?+;7Y^r4ZChM=2G>t@U3LS-fxp6M(`o)oflDt`rsME>HtD5%NS_j~n
zsE$C11h=)McxQQ3i@6pBX(32W>9sM~TW(xYIE6P6;LNgEgD)azeljY_IIBS%U)FBc
z+@(ulyPB(N8<w_$`j8-476I7Pu)vm1012>CJ8#z}Y?;-{(y-l&(`6x?$sE}$i|K{S
zrj3Rk?6jBZ@45(vZx!SE@?<O|`L+@jC!L0F)QD-(?jcwNjPr30S{&tKm|EO}(7O#1
zA%QZnjtGkpEznIwjbLou4xTgfkV0<&1M+=-j%<(Y=1knBVqaBag_n~y3Y_7_+U8m7
z0FHid1{vEN;pm?d3Y6q3O6Y`GAcRBdS2My}D)xki0bc6EVmmLT?<Reuof=NxboD$K
zk1C1x`hT5iuyxb#`vJsQ=5XheXhS_)x|$2N5bt8S7SX9>vmSEARP}WEI5>-!EH7p@
zWGezjrcnQ-+3jvn?ncI1QP>loZFMBZsgSGx!YSg+&gt_WgE_S$gFrK5+uyS%r8Rlc
zd-~eo#SMbR1m~!-2IMOg@4Y<-#}fZ~MvarJhxSZPy)50+dDj*d**Aqf{vM#v{p$H7
zJ+RbORztb-$j#woQ)#fh1)>~RTVKO-=YIM2>G?#4ISqRlhUl@d<h!=E^t^UHy5|J1
zTHaA(VK%clx6u?;EP&!Z?*PG%0*iYq-WfWnncFhIH79%3>HutW0#YaChCAA7iqFPg
z{i*G9Hz(jlT>PA$>Km3c%2pcO>J-|kb!E@rm%@384aDK<A2gz9%YJJpEH^3ggTMu8
zKToJApR&h-cDGg~PTF8~$%~#`$vwQzWq`n<HvU-eRzK&dd`9C3bWGu)X`XbAcY+>o
zJ($T&B;FGBceH7@YaACf)rRlK4Hgkse?2OtIjZr|(sZXr#7L(=&U`Qd=|raA*u%}!
zuZUV4SbrMr0-}xfLDAbgpjd46cP!>#&xBcba~oS0gI>|JHG5Cbp#Vy99kXJ)au%w>
z!j{U-<s-+s8oR$h-K%h}qSo$Gn}7lz@%oBqa>FqmE5&l%ff-M|^~vZ&6-`CEa>&f+
z^xJ4amKV>ScLtuR&QSi16%uApXmrnxPjE($tCH$1_q)N6uy~f;QY+U&OMG5Jfs?jC
zmED}du9LPw@t($eGP~YT&rLMU!8V;CI%WXjKb2dfFLD*JvvQ9@ibM%3i2<`hwa|RO
zn@xKst!5qOOdtu01y)T;_{n@ML3oz3lRD^pC(891oI#AE?Oi5UCJuk;g{?Q-&Uip3
zLq(ShWCb&)$yjKW))v+#X>hP5qJSt_qQ#xn?07|q&er}Hc@z$xuTo<0#YWc#Nh~0J
z7=0lwWh%7RXDx@~zO<$Z@79?vr3r(XhOoBP2C&ue`1gL6jXENg{7-uBYg46eZcUxs
z>9AvaT6Wn6d2J&(8oZTa5W3Xw{bR$Thx?O;dO-9nA+C@sz_U>^3a~WFKr`z7ot0hb
zgK<z$3wz%zQVI)ll44bC)?3v6pDqu9`~!<c6o80GpeHV2ne{ZbntPh#h#E<(ap>Ma
z<}M71p{N5F`?#xA8Mk=geM=^q0NLmfemu<GHAUHaffNlzCVIMuVYu;dY(NM&YM@)R
zde1{#Z4*Gid{5<d!csA4teh<SK`u`Dmo}szIZm7p$FFkx-k|W>LziuV6Q=UMs;0@F
z9i8WCp;W&(?BvCfUcu5P{op}aU5-LC^`pnhY~pCS3Hb-<^~Uk@0Y(JpR=FwT7Cfwi
zKT|KqpU%GwQnK*0a^C6Qt;{^JA>XLvs%Z6l?V#*$j0yAAV_+T1#>gON^E6pD^}+3-
zRi06<lW4D5Dn(y>?F*P(u{2fmP;nn+g8R?HK6aijB67thTwwk>WTeQcO1EQ5P)Y;~
z>1XLUyB6|v6}Xb-(6d^ClAcO@rb({HHo_Ws*Q^eiV&#}qocmPR@|Il;*HPs+)Y(QY
z_+v-E!H>VOmVy~(A2fH^e>mTM+uC&{7{X<e8f^-cXYQ5M^B_L*Aq-oDX1#;4bl^kq
z8odzXnIGagz6pe}dN6YY*Ka8X{jm^+OP}FT5+%;6oM3vEeN#>^t;L|So@U)i4V&5U
zFO)G16OE=lkXJMK`_s8U?N~hX>v}yH`&L-b^t1;q-^-fQ3!gy>OfHk2XCWQ|%`?hw
zcU5oT(ULTqb~j1?Lc8W6^N>cJAUP4Ad@@0*qu04~t8l@b62-(a=A=^r`YxdG9-GqJ
zqDm2}mgt9lAA5GD-d!76^n)FThFOG$T_lG*VYLkiKjBww5>)EU?S;B`BsUy<5fF7q
zGPf`Dn!Gn}TnLUi9ksOKXG&>zNpxpy$pCdFMEWIsCGBwWn}GvVwl2ye_H$f!r!pH7
zwK0*wmo`}n#vDNRTX$BE+jo)N>tZjcgAI6KA_kdwIFfweH+XXZ<y%VIBdr?TnfZy?
zR<AxTAsgSzl80pi^3c2Unf<{v1(j$bYGQ+ew2nQBuuMI#A{=_?`Oiv-b&2@d_^5Y@
zS%(LVedYq1nYMcK;HZh83-XanDfJESG$EK$tZf2_$()9IVHH9uzv;yEE}GlyCz;lN
zE-OB+wq2li#zk|W#V}-z3pxKJH>TTQxcA2>hNPc+!fW3t7jy78>O))3NUm7S5kfK?
zIG7t<?ptKh;(y+@!TO`nO;%=<@*_59N`CLfoYIiOhcP9YBTGR}ipoGSarSPaI;}Uc
zHOHbMCKgNEZXs3X0O8XV(yUP0yif36%|djMoW`nA9TF=o$AK#4`L~8P&@o-y?{R>9
zS95}1IAlzL$#1kMkin9DT`uk3%my6EOh-7)4dFi5Kdsmz>`(TITZFX^TwT+vz9+A~
zYx^|&7xg#BL5dt1hZT@V%`vJcURdOwucw~Q)?1XzT-Kiw?S8lvJ$vvw+kX*vj}7gz
zx+S3Zyksy(AS!ChR2D;Ts3nr=_{WRb#&;(3Pk!x1o$7JQ(>KhCoxqKd^_M`{T8?ev
zp?&X=Yjo$I+m}lpkf+Rd8J~39`TNVWu<Umbm>xLeReiI`Bvwh;(ji%DG-AwHX4DZQ
zOh}Qr1d!L|U4l(X1*w7yNd;+wNy!+&d8LE<?i==8&AF2wSy9EJDkJvas%!{olMn@0
zL>O>R5hsf%q)~Cs#YScLNUeUPG&xg{QznS3BRK38CGy_!uL=QRwW*iz8hwY0y>a0G
z{nnMg$FkJ<3$|f*waow03E#m;A{U>D2t~la%u5Y#3^7X&#-Q9NThOX1pdrJcOZm1z
zg%{u<{0m;i#8H^@gC~9Zqk>XEQD`!Pk5xsUr^lgllzc~_5ReqXy-L7@H?SoMs>oSR
zFTK`c&B{KxBlPb<@SF64myD4Z-?KG*axHKBKJLO;=s}1q^u|+JM-Ay%@E#~@piub%
zH~{LbF!aiYeD$q&!+2R4hlZ}+x+S2jo8*}yWr5)VfX!*r@nx1g+k*fE2&MqSab_Z2
zW4kqKXsP+gMFk{6B~1_EUaB?*KmEH5F*F<_wg=P&VTQ-YN&+oJ<l>tjk2e;CTVph!
zpDD;$wnF#9|6wkGE00)GL;wSe{r_bP|NG~b|KW=He~7|KEk9@VL(G4h7yDbA3`Ov;
z4B`f*))0NEG?DNC$0S6Z$(Rc?NX*XF4T_lT&3a^#ZX@HGc-`%S)K|KuX3Z2?@>FF9
zn`YZfF<auLwGrY=cfQ=y`+U!o&u+hKN6*HnZ~g8Q@>hb}FH>GqFH<j@Zd2X2x8u;@
z`jI_<R?Y_55crj&?8aOeYw1TGKq7rW#SK6<=0?$uW?#EP-&b2b=0@!fJlvJ?jRcez
z9Z0Tkb8kcN@EPqY_0|H4e$0jVN^6E>AG|L>d00$Qeb)pkKJozxir+%uY)}VB^ClzV
zGdgwz^8)Qa3sazQM~3=nuhLZjXa#tzi^_$@yuix&x*1<LDbY5D>NH&LHrj&Q-mSx}
zx1qpeG!T1mUjphar*pSH_F7umG|F94L7Wp-PB*zSa68TY_Y}5<n&2paIqeZ~_*Ko8
zYFI*7&LK{MbNfglX6otTmy8jGPji|zoI69Rvu;5HD-M!Vq`N+z{q_tROsn))wTwD<
zRW~T><SC53QoATWL=7*wy-U6oZ+fn*gMMWL6QLC&w~0B1(lpZ-Htj6S5q4?VoLQp0
zWf)D@&$C`iPGTVs#IunV`|H+`6BFGo*=7=9a1L$kty!MtD|F^DS>Cg8p{;AwTyYva
zY%ai`Aq~w{)c`VavTSylzAppCr^{KZ6gt~X^0h1FK}yNWS?y=mrzNrk$hXjsltM-M
zTE;qrX*GXum24(8Kn>+jnG0V?S;C*Hz;#fTQ&w5ba6f)FAaaqs%ag9im=V!s=+bhw
zV^Fw6%gq-Jn5|l0AQh|~{2iNaevy7_K$c-#me`pb`y}7o%8dfFJ-y|ljz>{D->qb-
ziATkw;XSha{_WN~ST&2+3(ep=cXrfJKusrv6E|n2C42aiauM@rV|f~!1{S%sH%&y5
z#=dzvA+*0Q2j}iN&F}7}z{*%uTxN8nUF{&zNprO(HfQ@*UYC7&QO}C>XY1t_Nc7o-
z8)eD!$)TopUw>n&$z|Fhk<_msngKZ<;)w4E7XY3ONjehfbusvj^>k96n{VHi0d=;;
z(zQ<|O=92jD;bcys;+Jq2m4cg6f^P;APE~2zsVlB)kc@$S%|8@#2_Uo%#7U~p=D0s
zZh{d(v9cCUJLWVMcD=6wYr*INY00yKXCLb=2j^JR+LYp(-NCokSy=XnNEp1BnAVOM
zR^C}t*rGhxF%z~7;FMGQwpc~26yU}(C!MIQl_A+_Kxo&$75BK*%y8{s!puCZRLF>>
zKsi4ul$L`u?_5%xJV))AcX}pY#{NO8z+D>oUjE%oZ-gx4?!tUU*XwV8OBv+~CdRI<
z(dLoCQH|R!^fT#~Bph*Dyx*^5f^T-}vOD6P`y;=85_I!Di$WgXZZ$Dj-8F_LoasyB
zm$gP}k_<7}k}fFZ<f*(1E-RbE@$UF$0AviVJ(GYxx7GKCcaqcgsa~UkF)D1&8TXBX
zDN#LhuG;DoMW-;=XR_@IpHiNurWy>(-y?(_SE~3c?TmT;jvF|Ir+R=alI13?9%fW;
z0=kjwJnu(M%);07;({VehNdTA=)U}mxqn5EL)k`~$ks-M;D*F#wA){ILsaz}zGs-9
zjH<_Fx0UCh|N5pIz6W~&dhZtc_E}lrlLl`6>ofwZMO1!1a*T`rhGWa`%k{hBSXo8?
zI0h0JrQTmXdQ8*OvG+KTS>o<L&gxOAEJ;q5L~HhGKhI{HoMqz0)75TSeFvi%pS9$=
zZXc2-!yScYYb!g%WmoCxk&tWUtEhErUgLZ)UhmUjHCfAqVoji|X5yfxxldB9RGKQ9
zZ&S*idNC=<9=@kG$=gT*cC3}2_3PzecD~eMv1m26g|4bJ+@|K{D2%<XkvZ*Ta?%$Q
zeHFF=N^*a+>7*qGePET8FGJC;%Z%K@rF0Je1!Mlxwk!X<hqU5Pma)<@cI?kk)IW#+
zaz>rB3ASUXQ3SB!Zbn6)Mhxb_e&wO~aq#lsj7M&p`aB;DXhPDrlOk7~dVVks@vuCg
zHk#TKWoP=V->*2(SBatf@uZf+LA$uUGZCG<=m632XWA59fvO{Vbe(pgSy4!_B7OS0
zRd!6sw_c8vL1y2uc!pNQY_T+V?h;T)48n2sxiP8*oo_~IqjE@iv2Pe}9kN@AE&MzZ
zEroLZzcttI2~<-YvH@m_vYkl)a`I3buSmuL;AzJ%Y4>-Yxq2hVrPifPvbq38XedqH
zv*Y+)Iul5)@57&H2e}mt=CtOQKL;+Y*MVP>mZD=yHa^q;FcPT#I>1o#q_arJaLmyy
z_?YMi&QBn6b6;H9INaGuv2-B>RvonZRFhZiFdKD@1mY0IZwi`0vX9q?r;HR-KXj13
zU8ecQKd{u^uK;k6C)4WjF9odbZpzB9CB^bO#I1{M-zto-B95?#f8Emyl$=E5P%V?k
z!_jNXeVk5<4hwaTw6MYl4GG^emzfd^B@i5~Pb%k=PNx1+q2w(&H3bT)c3~8BN+`{7
z@`O%P%8w86;0LOk(av|pO6yFOEbr5i*(9vUBsb>Lw8wx}ht!1zHU$B_LR3$fWltJS
z`wH&$4W4uPi}y6KPpBr)=Vjcax>spuF1U<dazJfzs0K~wMTd-#m-|v6*I48q0?w53
zt3PT=N0nME*^hiM4Nq-ngLJBXF5K<bi?Sczr|EuL_G>7kzEaMf8<eH7`OX447kqJ{
zk}94fm(%UpkJl`x1jYiYVw>5PMnO40K4FA#wf=y9iwyh9Wr+Jk#$$aFOF*Tt>WCri
z8KIdzq8YTq*`pXC5M~Yit17@Vifl@7%H;pJ+q62Fu}fZy>SL#@t`v;D2^q*xu?s0)
zbu!p#I9t)q+FyLBA+qZj;X7+pdH=G4od&)^pa&s^9yb854xt6%4JSxV$99J$j{Kku
zU|9PN^o<5L>SoU68V&U>{A<e>zK>OI7)%>r2As^YpOxl>dSSPrK$QrmgR4q@7jI$?
zc1@AIGif8kW-5<7krn*qxDwNHN5+LZ%Vrke4)<-9U4^78fA`0u%CCG^)~iPs?&0I%
z=^rG;C#3=3e_!y9b>PfIf8(*c49wZ&+7^^Tw(b}N;Zn|0MV)blOv|i*8(o4=7@Rk>
zP2={p*>iJwdBj!BMtx*(hrCp$cf@xO?dj1&(43VTYF1hVt1w%{Z<1#}u#FgqGSM^G
z6;#9)8DbIsy65-)W3nU{dafdw*)=Zik=xcQze`z^<!9fn9}w3TDUUzzi2uOvW2!hC
z1sBAtl!C9rok4VLeR*e}jJH=!q``xpZkGMh9Z|RuMSa7uyzX4r9f(-hD5+_}XLuyw
z)cH^Hv**^xf8rtHxud(~?51KwT?o36L`0@gSY%SHqK|6n1jFu%DuhH#Pv>i5Q#1_^
zZ6P7G%%l;i5FU1nPM~&K7GE)W%$-F?obAq|p&v4tOkr2y6(%yUaTPxY+!b=hb08oE
z=?^c(5CY5S3e65c!fqs8d}J_b$YYjE5k{NxQTMNJSz)I*AjpT255VY?NQPllGtK5Q
z7m5%YXL(Bess%+*>5-o<#VT@wPJ<Q6YxIMMtRf5z$%IMRv+9eLlXMP-g1^TKEEHLX
z>iSb)A;QdMEir?Qdk>R_A|&;c0Mbq&BD@*_O8Gzt&<PY`?5ZqP&2VkVu&A?!E$`Ca
zeK0t6<~!V>EGzBu1{lCJ+Idv^fQVvTzOBCl0TT+<u-xb<tt=s}Xg^y~)z@j7bMb0R
z!!NzDTaQh+;>(i&<+-x~?9l9S-`cV~0M3{5)cxdqJHy777l;`T)r3>=tb!343qkdc
zAKpK3y12MBr>Vrn?EMwkXA-D#M~inI&=H~SHa|ya>#H#kW8h}$L12hOI>Pt=#$QRC
zT6Cs8neUuBiFYPFUDVeH9&*3-!0~mACK}*D@v2YkZph9bBzI3J#s63u?_eT|2<^}L
zEB96MI^)se(FEf$&HW68*5CfF3S~?`_W8FUr<uR)P+N5Dnp^3a=uCXfWEMZE6ug7c
zt&XO3!;Eja2y5|xvBmD4r2VHJBKg4!xcYJ-3={mXddPn@Ewlf(Y{d>XR<0)QPOkqg
z=d#lO*(3fJx5IyQs{YR>|IdWC)|(do2<E4zbTx_{e<$OJ$8rN9JOWL#!WvA-Bs&Vc
zGZ_Mv;vUl+gdIiA?~cw_$F=+1?(CMzx4;>%{lPGh5aP#ZdAaa?&L_HH`AgSFA@l2G
zEdcUQoZb^bMs6GXQ-{~p$I;XY^1shXd@w~bL4c(^z?mRf!=7m@18%R<R=<B<^jV%W
zZ|D$Z3sHe%eo>l?QVdz7FIJm{e$b5#0aq&|1G(_K4Q?jM?;^XgKVdU~C|d#ODm*TN
zS%yE_2qv)Oqy&S}CtcK$Ptn(J;&*|hpFgdIXtI!D50S^cg#ht8#cYNN%86W7loc-X
zSwLG}M&5F%WJ@YD%S#$7OW=h)hvSr|Y{doJ@9=pAp!6L8GAKWDj`AV~Unjtwl)Xl8
zf6YBBX$_RQFo&LH5$R%h;&p_e*U!5=k>rpUOT}roHX(_~pT%m)ILXRW?_oD9eKtE3
z7Z>r@bUykqPbsH$0++nz$u5p7345M=RZsMJrq@+<8WsT$_IOC5>n_WIIa5=%f9o_S
z7ke0SJ<-|dJ-Ver0-J!G5EHFGJjs%)iW({l@ZD)Ekcsee9nDQ;K$J-WzjBMv8?DQR
z?u;TY(y2|d2EF4kpM!C;am%XafS}RcWB*aQ_5f~{V0G7hIS6&h#$Y@R(A1b6{zyT<
z$SYiQsP8`~HauePpL5{8nvv+d(a=;aXr`Mf$^gyC&Yq?S%r1VN`@uz<<Mr+Fhq;w_
zwpRp*s<Z>o_g4nqcBvuk!zyFbT$?U3Sxq7kc7%);>Q60(^hsxgG|QcY=bvW);1_^3
zdoc$p=8u-w)%jLPH#^N!R==?pTdr_^A)w8e@<D`~<SAWP@Up)>M6-$Z1VsT}QQEq#
z7@0`UXOMtVt}MPXIjSL<u1^hKMv9QOS`9s~?hIr(UDc2TOQ(zER{mS5bs^_C{S0QQ
zdHlH~L}_;(PAC-H!e6uR_{Im<=<EFJFVmNPi>a#GCug0ktW`4boMXWR3kGF0w2UDT
zPWol17#AqAP$~pm8Fa{>>WnyRb`E6J5zR98yv=<-mIE99&M@AzP|Ca8S(+UGTC{?-
zTCwVQp`jQv+hloe+mKTs@S~K!wW}sZz+X)C&S3dFY;q}6y(RT=*f%-1cJ^{TI(*J_
zVS$!kI_<x(r&8L@dEDrfbVMjN=H?p9Bz(#YK(5UwM$7K;7B=)Dh1IZd-BC`r<}}Y-
z-Nic{&v^i;Pphr5=k5^Vod~!<fCiNCu#$JHK<0_cjoQ0>-<SCUst1F;r=PyR&JNCS
z$PO+1pOaT)?APuWkQ3IyD@<o*U-0+GJr-HZN0#v>9TUFiedkpnzfp511MnhN=2KGk
z*Vf8CW{78Ww%2s^RiuIUh<^WPq?UY|!QBw9X4tE%D{|q&WSKz!m0j)Km09lG#2m|0
ztV~5&u1TvQOqG@OA<@psq~YE}$-ED4-Rpkh@4)mn7l_d&o0uBAN_A7x^hWpfB{eed
zTejvwpj(Ys&rKk`zIYSPsz+Dq)6ZAN#Ld<v2OwvP4#R<nSqwKYaV`M!nPN-CElcnh
zGym261?^wzbEGr)b2(Uw-4ngkO!x~`y?XilS*$t5N*-0Js6()?b^`3Wo69YGgFRFg
zGGd|4I_j64i_x<1OF&+p2?Ze#d0ag|(M$y2>q(7Ee8X`cDKhZdL1kjm0ZsWQ%5~hZ
zKWB+=UCgjl<Xg8xto|9}IcUc;FS1xy@~MTt*2;$)seD5oA^pi1<X=QDJ+YqSb9K9t
zYd2hwMuDmMEM1Q7h{&q}w~%g$$Ctf*28<v0Dp{J?W<x`Yga-Eme|(WPUY}A)F_Mwi
zTOu_u8<9d)K81_lBW;Op1-tH*!9KxA4XFKFiDqG>!aK-pJun^C0j_wrtt5k}<$+N^
zcSci1)_zY%XZwv?`BZEi?*RXc-e&-I$NgI31nkwcCRlfbl`Y{{q}50FW%Mv!7!BlU
zxMP`9n|;;?aa?RiLV@0$PyfDZTj+u23=9uP`-6dL=;tf^zbzcpqhG?>S~xF?uZHUX
zVLi4Uf)m9<^?y3|N}Mpk@Y5j7SR0d5sqO#a0)}fR;E7C^Q6r4wSMjj8qI0S>H`kn3
ztlzvMo?CB#hMfif>`1&g43gd-_8jB1z`yUlFpLD?xQsCG($zUYG4Dv|PX`6by<Fc)
zy+`ezuQ-p8zT*b<1zbJVRajL>WD!X*u6wDjNx;X?NpdH4L~bC$TQ$TQl0Bj}=1X^p
zpOt^|k|FLWAfVa61bvH#+;hyzw}e36#UY}iiuooOfK6oLn=dtXse!^8gJTsiXf#&m
zhrW1HqCwmsdLc;nhg^n8hvN3Q=DaKn%lAr$M=UDB(-QtNR@rSiX0=iO-}f`FHjSQG
zBHS*vS93=ZQ}i|Q8O&nwXPkfBxXEK^FKMF2$)5g1DD|U|P;eEcy^CV@;ra!9kY2Sb
zAyr$j$LM=Rvj{oKtj|h-LGe?SUGfan1C_)zpOlcC(GBtW1-{4l98fTekDM!E!n0zY
z@o^w*&wz-?L2J~$i#4KC5N<<%g{Hy4uJ#WEnL}vPRBjh%*$D#F$yw(^zPO=-B^Knt
zP$BtR$J&<ey>>F|`6&Rn(o7g+oN-Q6dvAgg%T6-Iu*94#T)NBxuRy5JBP3@y=&mu+
zIHM8#6P|BG$DApdjU4Cj0`)Ae;TRi#TnldYE{PbBM;%unQmkjh_9E`*7V@3!kh9_$
z`>~Bw_#d+VJO5A^&C<M$N>QG>0W(IgWh)Q3M)Qb~)B&fuzFSPr%BkUZ0)beer5TbQ
zG%tEErg!N7;9ng&Pt2uZz`#h*{#TszU)`Gjhag76^DEh^>|tte<7RE)`d>hdwvRuC
z7v?|3-=i0-yVCf^elw*h=IAh?Kk6wU<w%+uMw60$z@vKn=9l^I>D9vC$a|(iuX|l=
z=&-1Ju2Q8T*T5UCI-}d%yce+jq!Mp?TcP{@X&HY(mHjh6KIoveXTR&oZ{(?KJ6qs&
zB6I}YK1Cp~$#@}t66ekZBr+V+>Fol>+$U$zIf0B@Y`AeUGVYSB-Ps>Au=kW2vaewZ
zT8+_qyT$9&M5wzf#;SYTNAxa^<&Mhbe!Iom*c;Ki<znqLsP82IN!6)_(E8mO-|=bR
zz`K?Bx{uKG#ZdTa@NLjJJ@)CX0gX7}Rs@$A?e{g-K*W%9JaN_F1^IJDte=JdL`=Nj
zEvzt}OFp&~1c+EF;F*F5#+U$|jmkpa=hhf(<mSt_^0?1Kl;k2R>a#(Rf^x=DBcdT^
zGfQd!%!&eJHfiJ`;Ejqj&lA`uDz^<u<4tM00?wagZ|u3v+5us?lB)3~=pXHiRSzR=
zYMVBa&CiCDY=e9qr!L`NU}*7*lf0$P5NNB}lc|oVr+^chc7&t9(#~lw?%@Hdv@!5p
zZ(4XX5j=G-f7=fiEYUMqb+DzdlBU_(7Q$Op6aCJtleEcnv@fDT*Lt#)LkbJehip5L
zWt(xPNM5UEOfudk=EeaVGca`Ae|DGrD(%N+`;`q9T&h`pjI<d7Ofp&M7q|Kn#3&YX
zjP4jgFA@;4)Bqf1w0Dz$zlx(kXWF`RSkSgkj%D!0DYF=<>y;8V`x$^kD2A&jUxTN6
z-c$Mw16VmZ^rU`tw@IC(+mG-HJa%+j!0b7PeZ+A$xbAYE`=Ezw&|2gOpq3u~pp+w~
zuwjwVk|Vc3ZJka0fH6LEHnYf0y&o!8K_S@buL+tr9t%4+V-#l0<ocGgCuZ4)^5VYr
zteAoBm;?doR7#?Y>adl$zvl1&o6xakUl+&9Tyq8tEvt)-x97>3)n0$H%dJmnyBf-S
z1E`Yq@p5-=X&N>DwXJ_=R!WVXMYVT%N^G-*z1EHgf3hh*^AW96ujtnP@2lTL6Xs%=
z2^teauC85}JCxon0hCs>3B0b)X=i1&XDp~a_vP4HMoQG_WG&C&Tx>H9S57KdSu2id
zAz9{Dxz3UpjuV?8Vb=BJ1Le3~nLcHDDFLjai;H3(6)JxO8|E>S)o#3xD?!EaG9i-$
zrn_QCMWAd)&Rbu!*!Glmo(s}=AtNt3+l)-vadDP$v5O<9yk=*dr<5cP5OTa{3)}IJ
zJK1^^f&F48(lX-0onwpyv1Gr$AQ`SZq>k<x?>|OzpUYyMXunX<K>wOntSHp>&{L!(
z)b<E+q*dRu7?f~-JZ6S8?K5oPuN|xBwpb&YXG+D<=hP6ReOBBal^eZx#lGuXK&&v#
zurS?MbVa^C^_LV=w3mm)Pcq}15<t5upk+W@HWKE>s@1W4Kekh~qB*1ohT3rm9qyA(
z-B-5H<{en6UPL9m!Uu24>O12+{7j+ai{;Rs<@NCh>brvgKVM@UZxXfS$ZBB_#KOZZ
zLMs#(A}c}*k2R-J^TlD%te;s+n7O$|t5sbL?*@5y;U(*eA}_Ztl`^oG>P=~H26xk2
z=AE{wDti?)Pc_W>Zh|k)O658W+5tm?cJkTsG;f&S^@f8m1VY*Ug=Hyw05@$%jexY+
zC^5hs0y|@FB@4rZd-%OF-B*z7TUw?wdgRh?G&(eAS<#VymxO7QGKpg)u1CwfqZ7B7
zxPn0*%>AbXCG7gy{He~f{@2t-<w+y{UdPuF+O@!gpE95QPi9*GL<G-3!2Y5TI8IA`
z-;mO%X(=x(B{bXPK=0`FNLj|zxnzH9yy+;jSBFPFOUsyU*mMj+WA6Fgv<n)eP)?m9
zH-BgB^>%a<x)t}NZU^y3@oelZ<}V_SOz|<;fS~p|`z4RbbNMPc(FOMuOZ)Y~W?+uo
zk}WB2#EOUJcy(3JzT0|;fuoua+f4lJfJk9G&FS&T)<#q!M6Si$kS--m#hJ-=)(aIm
z*Vk2frlI@_CBrpX75yq>lQO|%c0y27Zw#feOIKjh;=HZA`TWD4dtg9NAB|d6UnC+M
zv*Wiqn>@M94O>XyKwO5R9~tG2ff`)(TV=gLiL(qFS;Zp*@UMHk_QB4J^=U5@f_xu1
zB0s-ZOw~cPH4G*8oZkAY1ACt5y*$VwaqsFPsWH;x`R<M3Y&Xf)JZ~p0$tv?{X|cEv
zfDZ5J8^Pcv&N0N)FacJ!aaCtC<;xcI)YeHMQ~N}Ya`2~?@KW%y%bo>(kkYMLv`aDt
zm_|mN+8L8sf{admMZML6c4$m=N=ZKi5l)>x=I6=2t2t?Oct=x(QAzjfGhCFhW#k1s
zqXy&7pU(_R_*D-~8uX)SE@w2SvFpeiN{cS&g`v2}1Y!<VajYI_R@%{q<v@^%0N!F2
zL0^$OVZn444srC`#!@&an994p67Vzk{m!{OQC;guV)LhKy50N-O<iq<s0A)woX8e8
zxKpze+NTTTFHEHUimaUxw}CTQ28@yz{khYQ^c$iA+`S<B<|c1W2gjl=hpS9KG0k{g
zhJKBc0;({)hRrE!buM`&#+}hq8HOv}eO#%BGnX9hs5_;CvNkep7k@R27pgYN+R9G&
zCrEnRgNMm2&V6k(8wB5xhNe~aD2vJN0w;n#%OJ5C^n0b9kfR?gEMf4J8{m!p$*RTX
z>0TygEXu|5yG3mByQZ+o+FSaV)mej-t-GD?D)qK-g=_?xB^}cOY*Co|pe7wyx{-QU
zqZ#(#@i>#kZnKI_YL1HRAKnBH=+-zRX9H}!k6Xa-qi8ehjr6+<UEdVVMcC_KxYyt5
zsp_u^$=xI3x0&P35WkTVtjAjrw9cwH2&~GC7)E)x?;N_D&~LVc#>Et%FBigx=4}2n
z0Ksm8!p`+(L-}W8pzEQjU*1?=h==ZI0*Dn&goTM;Z!q$%zn`-F`qL4c)XsBWd;vpA
zd(aa*SG!w{$!*3>`RaWPOlgVei!;XYb76#7IOjT>0cURR$o>1I_HVpWg82IGrbUCN
zHyct~(JGk4lG!<Ur!U!?lmnt5zr)6RddJk;Lfm4|{DjQQmcsM}!J}f#X&fhk^@OMm
zU+jxfftG1KwNcM0l-yEn5|xJ<gD+_v<x$rINCtvi-ZgP%6APglh6wv_$LcS_kz9@I
z9f>6crhvw;o9urPmU<%xao1G_E@3RClg@!&1MM^Vhh1}i%m*Zj0tEC(%;D1I{`3~B
z6by7Z!=|yNv+aO>%KkKA9zm(&@ODig6#)3^k}RxA%LPo7otq?D;#SRpujHsib^glU
zM3K3YhvY<u#Pg~_puSG!M6l;G>e2+=b2R$iQDnszy+`U5mUaD(+pj;bO#BD&ADEML
z23GFrYum{C|Fv!OUoof3{~2*6XW^sv#nD+Po4C1oIk}qu7u2b~sfMmaAczlvp9IB8
zrmc5jD}mm<RCF(f(u_)DrkWc*Tj`X3=&1wim)QZ&f&Ah3D$ifsl54a5CgtJ#XbF3&
z+(7u2;CKBgG|l_6`8JZ@^ZtE@Ybly1MizCTVl9Kgcx>1m^&<nf#AYd6t9KGjXjmV$
z)tMidt)!H{^4t_TebWZy$9mPJtKV5lMG|PBe`h>>v9*$tXpmAukqp+->I(@A9%6w@
zrnFT5rNnq(XRD^mqlQfWvbZ%BzHn|@EFsrc>p$yD=bjO0HSGTza~KP+Y*M89NWka>
z5!1)y;t~*yCG#g<`|M*Tee3i6eR86@=}EdJd*cutbp%@0iHi-Ibv2iSi$=O8)p1Y+
zZYOL7+fWY0mwnc}S2~6j+m~Q``^A;pL3Uf29re>w>;kVoWlpr=ocb(A2OA>FFL=ho
zaGWF-eKU{-Z5AaFrliIBT6pID)f`-uj^VXN{>oJC(#EJ3Q2Es?hi1lAdbA@TNuWOj
zllbvX3x4rXo$ARrW^n^S1p~DH`x4Lg>Wa0s6rF<0A_X9m{jJDiSjrbjZrH3T9n`7=
zXW7@so5Coc_iMxut)&yMR8c%dTiYX_lX$vKscCKF4!u=x+riV_ZCRr8a_iKEMFpQo
zK#gRX24h{@-5Fbs>xvf?4~^9QW3o?-LC^bMc&ZSH30?I(*FVwo%Qr<zhmKmRdE|F@
z>7oc<68vdchyN?$At8LR6J~j5>&ZS4drnFIbJHtJ2EOzMmEDo>U*1S$x<xOdzj7v>
zSmNsL5~t15&oUt9Ws5=5$VvLUjsBI}#kcH7b3LED-&s5cshD5;vy;m)CqUU&-^0pg
zZKuN5mJwvFXV1LDY`KZkA9pFond!iDs6d|$#;cFyI%C4W2?I3C;AZ~BX8O5`U`%^m
z)iW@~a|hQt)$wmM$!@|s`dv9r@6n%5W#xt@J5OTC=@F9|LTV3a=OO6=@#jr}0EpT`
z0PIq`313?*ec_*O;(9S~F`N+#H4BdOPtqVR*D9_JQrGkPQ>&XrrV6VKw~diNfC14v
z?ht`tv3h=%KkPAOcpPt9CW3s!Hitx3p~F%E&Si-eVFasm$@0okg#mG*f;&{F=?!@3
z;qEfe9r}eB`CLQfzJ6VH8TaS^_`uf?^zlu<%5K2E0tx^7FoNv=*$4igiG=?TDgGZz
zV=0H3f!q53%-MEfD9phuAQKZpcQwC5ih>|yexSuUpR(Lh<H}g>O+bq4GE}S-kr0)J
zH0#z35w#TkQE7QNNh4an^t^0YUs@u1T-$V9-*k*`HfWrF`xtq5gDe4e>Hhcc>e?^=
zSg`wgdU@+*13S{1N_f8vr^`@Y@SaiTQzFT!Bhg<fDJb=zBgtPW>Dul-TvFJ17I{-$
z)Jb+WUiM_<9-aFmWh?2x%JG%=Lo~@KZKm#Io8#4sJ9R!tdb5u5MTzzk$njj09VqpW
zax_TpuV3a%5XWn1%%`?!P?50Q`9F{O^?U5h<GR0(L4P0PBtIOp1`kXn^X_I6?l_s8
z)flncK`^QJWigzU?lNDtzD>MzkPTIrVLuTQ<1VRydXfnqvX>ifyz@K(5v|i9Q*FXA
zjSOAsO4Y43_u~9HUOeqlgMVr^-t!q6(TI>tZ6en`WhTjJbCP_DPOaN5#YJ+JIbkwo
zrKbxp#?C;Wx{X%#)azCqTgmO#oi>Y9g55wsZhzHrZDM&GlKam(feb{_gvYJGpBSeU
zq&tJoA8haj`qz6Bc-$b`{uoLfvQbrFdYca~w{2$#Z4dv_=z(4I5dTNtmT`sLQ-rCY
zV1spkeAbk7)BHBZdCoWoRg!g#!*cO>XjE;uwwI9-he{7Q&MA`P`BJ7g`TSy{c!1IG
z^SE$rZKY;c4m@HR4tJ@0>)#s4Ll5RxiP1+AMTrOg)z!9t`N|-0fi~7^6u(;UAMEG%
z9V9z`mub_ibTQ$?OK&kSNP9}4$;&NzdQzFre-s+~>oJ_gQ@jf%PI<H7icl4fc!`U)
z2aQzgs7>x^Z}iAw_3&gMaAi}jG+8c;eZR$DbhmSsn#l*%tZ)0O%_psk`PRioc$U_T
z8e99h)oay!!|OX}Id3Q+?Q>pfFjxpTovk2BvMu|&07CS<)$c92m8F57U#Z`!p?=ut
zAGkQ8!xUoEV~DJ&&{v~KG{>`)pGl8(e=CKg&r4=3V)-6V;q{_%eflZMUU$H@*|r|-
zK6`!EJQ$=lEO5sJ9^v52a%N<~+{wCzn$1rvY8_(B?lZ|)dxpdu6~5Quo9w%?b`|++
z;u6+n?9F%J1jR6wG$yN>GtAUw^JIhM+lZ=O7`O?YBhXzkbhMj?YbA|$amS0su7<^{
zwVfX)s^zqmx~2vwHyk=EF2%6b$U$`8ceHNG_^PM|5zW8f$eoY)_@~}+tXc?T4n3TV
z{m?-d&{q8T)6!#|PD9T!cAgLbYppPB0?VS>COC)JMP5tYK2b=QTU?^$vuC5@q?%Xt
z;0<9nUrZX{Awc!@eq`b?i^}$#t=oCrv?6j~X!3Dnto@>aZ|ZGBDW=J$2!Wdq5$Vq=
z3so(0Vc&?Bj2|$u-srz?pzkdi7b254EGJrYSSJ(J!@jth7nw{dNR~|tjIN0sBKNAG
z9ds`~yeT-uG}jh`*FyHJd6;5dRIM8`A-mAjmMo3(2za#Bg+`P-auu(Vva)S<<J4%e
zTrd4r>8&H{S5s!}n6*|mCKsxRjj%Y~Y*+RYx?bQ$WY$~G)C0pTEHSKYuNb4oAW5HB
zmWaK_&g$N7$U%tfdY~qNX9m|nYUOZl%$>qpy`~0Kps;%Qp)b4YWOa`4mTSmq`%{5+
z5!v?}%UEX8gkT|QpB1#iZvrv`j%nBay{rfzZg6!6=MpyZsT?^PnTB~-rkc4g@?}9T
zQM6jWn2gLTMVs815XmUGjA6n-OcOfG5rTN((zjP7%!3T`M{d0i*0d`e<BcS50j#IX
zi+<Ap7~S260D~D+qd$@Q4T^?`yNmwG!*&82V-9$A4>x><@k4jtf$NlwsM!e<vdB(J
zhjG#pXbuLqD~eHAf}NSI-rn@v7rS~Cu%=#}K&K@h3NwHpOdGd1=$praTq~=F5ehc>
zPqC(41WA$9hwg`(s<Jl}RKT04On#S{QB`n$9b?AI6+92!3~OG>$KGb7Pe6FgU1h~U
zdWwe9ENFhffZ+C~rqf{G5&6k^K@53zfGBQsUBx%!^tFc-^ytiNRxYSzdE1?vXrBHh
zIBitO%HPhg`c4eEgqvi)*M^!QQ$wxUQk&Rw_%~cRFNw>~(zn$ax-@oEyxZHFO^*-1
znwurN*0EP5OK3J9zIqFQ<m@5hNQt)k_)&*_o;`afI-Zfr@S!n{Z93Nnu6Lh&y^*(%
zcKKfdc<yU$YMyQkw~lu^o*j|5$=$6xn<}*Z@x;^k2Z_>f7wkH>2cG`ENi+)ooLLxv
zeilOBW*!x(h98O$cn2eXya`Pb7~FYE8;2;F-|X)Nc&LpCyu&y>&B)Er@{yk{oIx@#
zlt#3SOY?|&iSxb1!lDU*e#E%4<?R73@qxT#uuTcH{c8R<Ia4b94<))p0!l1}7tPEb
z;^|8r%>UBd=qy^)0e`H*{t#o3O*_}Ftua%919t~<(O^8iObg7lrZLJYc~6+><<!(L
z=Q7pUC~GN(b?EFI?lo3VP*+c?V{Gl2R9GkR<ugupk)xP|=q`k9>;Gj$5bqDj<1<AF
z^j3-+#S=Y2`T3!9Z3;8E|6>yzUf9`anlv2pJp2^^i)s1Hhq6t3pVWY`QvNLP4*KI{
zqFCBSftYzp05LyI{)&W4frI#_o{-jD4{+CG`2#jKK#Yo#w?i%QNo=9(&s%%P5jZxW
zbT^W5wzcT2DLhVIVl=%A$S303%SofNmOr!Hwn#sf{Fc{3_a<6KD`i|dl~-DC_1lO1
zUfkcv0?^i4<xpaK;7X&_#v0<*Q9OalR!5s@+2iNl-<Q!aH1trFA<GBl1iND14@UL8
zE}2FDHr@sr#b>=LMYPTS);#!<-brH>#8Az$Kqyz?=EJkGw!DrHo#o5ZyhE^}QDhVF
zdYI}l&p*R8J04?b$HoMzc9d`}B~EP2LC6h|$_JUFAYP)u8t~a`8cAD;Qp_6b4o=uP
zj8F$xO`cza>lXEe^%$~XiZ6`*-k`nLSa%G2PPrKSG5C7r7%@X>O7LTe_iAqY<5Pos
z0K0mKetuAz%tOcsIc6ixG9evjSUUg_Je__ro~4q>^Bec$Oza^v|KVD{>eBtX-W^=^
zkjql5r(UW@ya363_@gPP<aIB2DEcgGxk6`oxi-=Pn*LW#NaIDZziHp?Z>Rt;RdvC+
zWyhjH_sbzgs&E0R=-qk#kbq4YD;Eu<v?IJ9j*ejnQyr7P9Qpu4en+MTWU;T-AlBJm
zUS2<FWbCz&xy5}u?!B{h{d|z{89^H62n{QsFqx<TuwqBVLZ&l?W#CoJf_1O*rizBT
zgKi4?RpE-vtARh0MAYCrqCuaxsDV9Zt%IKL9in_O@V2M|0XJ2XJeD5`9Z8=VqwPC;
zb}jv7cBsq6W#ozRphuf|YI5^b-`o><2{&{&UN^nYQHDCh4>CmeyYnBlm_@gd;_dn!
z>gWC|OW^VdI4lz!ta0=^4XbM>)sL1msf~)-c^->#qw|A#?HEj&-2|wPJQhn#Ovz*7
zaWV*_u`Hg+F7&!4PBg`$kr{!N+BCJ>EOx;DoeNBkF*GW}m3n5xaAR@LzCIHkixVpz
zDcchyDl|80ql<Me12I7i@*)U4Ms5X)e?zo|c`|pa<#_{9heb%Imw##s1UgZH)j|sT
zx&P1(Ws;a>`e0LzXPHVYaMCOAPBG}Hgb@oX-JxX#B#qV-uKSWtyKuObfPN?rcQ>6a
zuNatnT7dlUeE6QdeU7G6g4CvTA6rGW({btv70JZxzl;9MCRjx}IA&aJC%zMI-w=y=
zt=W-lAk<~tY#=r(mXw2i=qdq^Gr6`oc9V;p$il$COLk4IfJfR{68(W|CcDI!M%G;X
zbHjKEL|!?u%q&pbD*|E_uf%`^hE)YZ9XUxt*4=`tU*4GA)SPtLzWTPRo>w$o+&rRY
zR8MJb+tuL@a9zXDwBqW&iNXE4PKCC5_9;H_hP6U6J|i?&Im;QIDYq5ka?Ej0*Pcs7
z7dp+lb!l97i4$2tu`T7(bo>MXQS)uT%js($u*wyVA!^0?GAlVk$AWjfbxnn|z+$=9
zr1cVvL>1`%Q3T`&1;20J)8w+}*A=|m-7CCe{XIV69KBO!I+i`ywggs9mJ=Vkd4n?-
zxz--pBysyRp<a;u8mW%y&Hg^og~PsNHas+wNJ-MCI?)t+ReX4l!f85%nPEd~sVmYm
zI2I^2dC%3%GEcW;&1q>rd{X5@SfjFm4s=$d9tJ@Vu1U4OJX)>Ub_eSt2?a*cy^+TG
z10U_&>m;wK5#9oqT`6L2&m)R3%g(BOy-a$nY3U+g3lXu;YD>?oe}b18I{!3125XB@
zUQ-9y!*Wf#wmF@sZD~hthP7XtpUmSZ+cO}H9cmSY6lc1pwbizht+_#T5K5s}%Fb#}
zB;4x%B;=l>Q!XN~c%Tc4Bq~HE?ScRM3V3-(7@MBKKG8T37MZT<6q#RDk9H@N)Qi7e
zV;$p*ol_(vaYl9!&7Lfn#)@sg6yz>E)_mpKETTD4<Fap*Y0ahGoAn|XT$dVnZMYFZ
zz3%U9qq$|%cI!1o{0AdjQh2qBeR9UOt<z2wZ!ewQ2KBw+5d-K1AynhhTd_1~ZBtM%
zrB}d`WtXaejNuKh`vY+XDuFLM9sy&~Ck8<p$mUdN6CROM2rIRl*_&f`nG`h=n{*yG
ze`D#QsV%Nivs)XzQ((LMecZ&bHe81_kG>(I`G*z#UqluH`c!x!Q7IcVPZ}QR9iAw%
zm4BZ1CzAO@O&f7(g4V0>(4P1+a&w{1i&8WDH0JIIY<x%*Q0JNIkwWMuwO0|4Qd!!^
zg$lGA+aia~`J5{8p&F7MVr9u3zCu6IiWRp2_}t0m#M!jUU__of=T{M2a;&^?>6zZx
zykqmbQ|#YGOIZCAC6UuC!TzBLB8=(w#<Y2>|IDxc8PWDbT6xnRy&&uxR6iJvBjV1+
z4kM3Jss~jWJw(_R#5}`9E1XqfJ&FJgz_54(&_r|yjwmQUS=-3*#sjqd-sur32li0%
z_?s4N4Y`0bA&_e?&Xwkq!j?7vyy3`U0cvMVWvTYBW8`0^1kt>w)t}Q5&=^qeV&DJL
zHX%3zLpP{qyH0$NeYaxPLMvXt3IxDdiNu|PF9S2;#o+E=5;nEr=qv7IgldFB)&vgV
z!Cs+nJ$s@95uS-Tchg(lpMiPE88xamt!gsDE!x(7*XBQ>te;)Oo?+Am2pKOlPwT(k
zlN*nQN-iAs7ePJCtRw)E<4xC!xuAsXRCf}Tjeiw>jbk+BKxPC&!5Tvd4?uRq1YgO6
z)?C}+bmz^5mQ71rd+DSSoFKgIFmL><>kywYE>a8P9bZ`>mPTgJ$xogjb%o=WlnO4@
ztUo9y?o_}YS@o)<*1?dAD`0PgpsOS7wUI4)ZJUC6?NdWM7~3c{LDltqB)KI&nn^Ix
z?=!${wsKeEGTK_FW+xu!IjV4x+_{_q^>x@MJ#pAMQ$~fn5cWUhpEuMvu5kpN4#yk?
zB<{Y2B|$a8Lr4(J@a!bDhXtED-TM5MHE5VsO!iV(YnxILwA9CNb}ImUBdU8N;B4}P
zH!Aqr5*pRf&5{a6J2kXfveukrTkxKm&GB?f)S7I3=ivM<+f}-iq}C+b4!XVKm7url
zDz&Pljb9?Z&eweF<kNt;dUF9If40O9fP+p}8dwyP;`CMwt;<u$FAckSk~@LyAH&|k
zH7r?lM|<~y4Sd50JK=~O#eM$SSU++6^L`urX*!ge`P-z{4y<9Av(dnb(ICz7soTB9
zLAR*UP>&PIk58_E+^xZNB@{aN{Ht(oZJ4b9oE-YW*!Z0fSeAC&z(bi7(gY|qq3AEx
z_lMGM4NhbDi4BYDvp>9G=x?-YWBC5R)W&><p|E^N+p5u<xdXC!8qoc%_L|)mzvm>J
zGA{lv*4_dt>t*{Nrn^HL6zT3pq`SMNyIVr(2I-RSZjc5k>Fx&U?iAh!&;8vidhWT$
z^M7X@*LifU*`L`nyJlv8XIEdDjB~%4f|mD9#mU=xFwWCmAidR*T0p?|kjs=dIWq}O
zsT|!5SWL%Zz6puArPK^2iFK`LK=wN4np+s3W!bE};<iGLPW4p~5WhrxJsj_y78I_l
z@AFphSqoF?1~t>wS6#Y_EiQOo*$Cb&UBN6qnI6K(x!sF;9}!FTm!ABV!TkQXxN2aU
zv3Uc6OTN)9;q9F`%R`7r%y&rhE~vuM1i<YC{I)#4jf)xT+eQHx9%0<yKt#Twe0mUD
zSptSD^xT7ft{i}@MClVuH^|^y<~OoI?xTrm7smGqGc!~Us)7De31{US%ja7QpG*B0
zjY~q#;h-zN(TA^{T@ZXy<saU4@qHqoh_Yg3cqznQoolUs4N7=gm7ZX;2D{3cXx9;H
zaI{UWOkvqC9gL$qL##Ca>4q&-)<$nelERc}aVj1;%drPJiz^kFL#pHs|C%RllVIdh
zdg~bS><U$_IaK6?cDbE%_{xLhv!Fei@U-4X;UQ~a_m8mKU~rA-8X_83x=I2j*D2vi
z%9LKGu#V<+!+R?s)Y?9hdX)!R+rE4XZ;AE#VlLLDD4N}R5NMi>ATYXpo)<e>kHlhW
zM2lLNU%)_MkRVU82b3+6e9i{PuHJDOMqnEsiRk+>u+9`hxkZ65h+2nYv;w0Ryoui&
zbWss^acs=-MQ;l!92~1_W;quUKNr`t8!{#+m+ymK4LMsZaP!D%)(i!Ba}X7+9h9wp
zHXa})38!X-iG(|fvt<4a|56I-O{g+k3D|tnUewz2Rk0G_etDou0y=5%{;}`>2kmDB
zKDBS<0;L<meqO@m(DuppjSM3D>n1N71ClhC6H<PXG}m%0)?P%!<tistDc4FoMN3)P
z^=FiE=!&z88oJ`t+zRs)CEsu@ELj_`26DHb1#)!;Lz*>p#@;s1tu!mQS|dY#=>$YU
zLzxuK5jn?hMYh1yUwx~5c1^%(Gn6dT92(<4H~Q3^GKd}7&JKjWw*+74mK+`i+-w`N
zt^3k#r82gEdJCqt+NHh?F&0{ysS1VO8F~nzk(x`J)(z$pNxLTb@lpq8zMbR~&1-9l
zb{7JcHs&3v#6j0j?Jf_#j+<eHT5X4lID{(&8gu>-@AG<qBlw79jCp0i=rOS6rlQAT
zE%F<XKA4H^(1`Dl;>wjOVO$k|c#D$-NGEgQ9$1EFN}Wqz#YxAt&TaJdYE%?;fWJ_M
zpKz807iL7V37`so1M4mpi#@pRN2U2;T|+(g#rOY`D)g}`4C;Db^u35S>N~NhC#NiO
z0YB8P;t|_p==kD6uQ>-d<`4-JHbS8I>A2wx(+E!Y<1l)lO-Nz9HKVyoaD~p><moav
zP!1tD<8ERc8ESvv&NlJ0KAqRqar?A_$vfi68u=0Xa;j^ZtUQG9z#r|9W@14B^=g~C
z>_D?=%#_B2VwQsChkyefh@y8-$=+e-)=Uj-;^aMme@pZTzS|9GBtF~#!7LGV4tuZe
zP`K&5<;mNou453`AXA?#WP@monT;JbV%licdMb6`YY{fq)aZ?14I-8zAW;*QvN5+U
z-x#dbeT&lwYqzHp>QouL<b8a&0n;2Me0=N7b+``Q7@m8??dYZrT6%mL<To`<Kj)sK
zIn+%)RB_`($UM8B-LNIjr|g)pkD2auJrhD2Pow=x<w~*uws_rfCVrP|CuC%BE;E@G
z8iC@R|0s^9cQ=mKD<2g&xNu8&%gyF+t=Bwa#Uq5%WZm_{o}hwF$8`*y^nLV5mDyOo
zN`@IwgJYDz6k*M7onl>zsuGR=ZeV<h!L7-T5&;g?+J%X~4Wm~BD4pe{r{ZOMHm;92
zyUz^4dvSKSxRd7^z5G>v1UaF1Pym<gaO96B9;??5n+~i^zu+I&Trl4)gc(;l!jt9*
zveOdAN^hlE<Fd<ey~-zW5{|V|+$XS<$C)~&SheAZzVtfxT}2Crv=RYXKv3V?L76kb
zdbL-~m9wWvBFV$_;XA|G&$5>kK<`c;Kp$`JFu?lLbO061<^TmY{`<kc;y*jsm$5Q8
z(Q}b^(6!UEHPJP&75L?hzgWRS9#;^_V*_D&%@UYc$hSj(#AhB)l!fnz7%9>jIC}@_
zEKeoI%C7H|M8%#=rR#H^t|1ShLfuu!ckg+`+#OYy3;5ENii&rV6Ap53w^I(T*M^on
zAgwV96+_asI-#)J(Ig=m(dUa+o>?ldtV!iuv#Aeo#1}4G<|H^BiK3^jGD4=pM!!Ub
zakkLo*FNZdqkio<Ged8)Dv!Fub~Z<%frP0xUM>|EkjI(=1y|J{i-KvktKz;ew@uMN
z-heFKHAnJc1l7c$h86*G)FK(mEy{mJy1$4(WRAJK6!o33zfw+OlE4f%9@#r9k9#Q_
z^P(0VLOfjiw+lpNi8lCs3MJ@bC$?d5SXuRV{ArGi(t+NtAgI0@X!S3m^p~cofq8F(
z_l<0&ZzA-=NM+tOzERAJ8pr<{p-;tc0FHkLd9c)c@ZLk1BOflMv}d7_tPva%w(*%~
zuPzdLXR)Ki5QM3qkzx`D?fD#*3&z@~<yBjf#m{pf19qYpa(LI&lcX^=y}L)vyG289
zaVE{ry~fo!Yfd?Ydz_OPTn-j?<&li#FMQ&#l7~-<#B67aZZm>!Rdfw$@R!qrg|7(L
zrgT+@@@ihY&#37&eX}s!LzmcoAUkcw3=Hm8d8YD^%K4=&D46y*rnUIp`ZXqL*;(SZ
z*dY02eCzi`6lvW+^~QpUH_hXREwcR38tm^3*&R6U7t4lr-9wuf-E+L`U*N2$<&91>
zVt}yBWxibt<#dxHE!64XQx4G#HTbZ@U7fGXq8{0TBi)mK&lJp^S7Bz<lG0XusBbry
z_|06+_Vd(`w6ia8DEG2_XU7Rh|GBG`;KzI4E}ka)_|+u#uBn)9ea6lSpsA0Hy-uG_
zuQBcrS>E}wea-L*j^@8!0b9(r4~IL#UmU`dMAGPOvvXe_CI8gRV;vLG$cQWP43}nP
z=L9;OKz0LC;vwYZYMBx)<_JZ~HRl>61_SdRTF)#Y$MF<>o&g~cJNpp2i(-?$v^Bl4
z>zjkArOZ@T&7d)SO8-|bu34!JKSbkX`j0f2p>kT;u~ukK5(l(=;s~$okC1)5&6pLo
zzQ*q;q#)37y*fe3Y)NyAk6W)Yk0Z-HHJ!iu{-*y03AUdQ;D&Dg$(#N^m!wesXNnA{
zW#V9KV(;>YLjSjmcy)O+VNC8O4Z|6{7hZ8-FT*gbF=)LpZIQtSV8{y`(KW>i-OT(P
zjq!5wQ&gdNNQPWU@);8S@7~|#Z6)YTn#Vi~%tjm=`=&W`eRF$r`0oA=ww3iN-%CdV
zzOB;$vYKH>QDRLDT-m0WZ{^&4lQW)tO(-Y9!Mc*KmK|~l=1h<T?I^L!uX#SAE%pSo
zvdLn#BbQ{{W{Xvljh60HnqD%^Xr|ITs^KNNB(XPH`Faj5l}+h;_45H_SQd$|g~GEZ
zX6leGa@9GIjW<m$P#AY1M=j&0rvh7w`6=ZG_%rrO5TaW+Sy|-+LeJ+Ywp5Z2N)tpN
zZ_OA)FG3c~(M<{M5F`_XjyPxBXq>VML<zO;*=0CYjnzU`(RYZdZ!h&J)EQ#aD?r2v
zJhw(}fiW*tIAhv^W9NJFD{2s$^~%914l76znlZ>|!DMAWi_O`arzzPhB?SwkHl~c&
z*x+W;2p##ho<#(3=7-%u*yS)tfgiX^&mtN&F`Kb)^6pgEJ8Ip2NT{WW!dNWE2gkGM
zHM_LU<k#0ikfcPpZtJA(kID=NpLZ+|AjWXAjsw4cy#Q_)Tg*H;H%F*k`o3p*;mk~_
z+jB9!q;IY>+!%`MZZCOtIVISj2ukBtyS%{zq?RXN80^{7>5_ttSQ;*KVUWy%58O-u
z(>b@`N4B>d?Ajb2hSRszDI4#~jy1ry-B^kyWU>og#KFuzHB{e_I(_>jrPLn3^)Kz!
ztS-^L(1>h7k_I0{ZwxB*a2i{1eX%n;2Dk9OSIsB%8}J!-<T<t3MFmzLxg@@3Bsw31
zW9rbe{7vHe8Js3$<PNuQEn3_kH*eYdg=2jxSJq0xT?YxL=u_P8!5=`!-o3`Pmj4W0
z;$3$HCuQq^2yYFOd-_^?v@V+S;qx2!JLzwJqs9+raM4FF-UF0lv@4AQ*UBMP43g_R
zW(v2~ua|U$u3`AkdMhMaSKb1nYh)Ql)?-)8`@BuaeVek7xzAP*9nMH;htB2~xCYm3
z*k8#NnttX-LJWzDFv!bxRPYtyY-|~%S7O+}?Nu%)Txfl%^`28Sg00d+#jCz^Ijz8+
z+D8{$qq--_4A9(+Cz|{JQ}T?wi=Bj(5ugs1wSld@iGkfu$uo);cBqPI9yRa_OwdX%
zp_*UUj*3N&nwyZDq81>@g-D8+6T-RKShB|L`|ewA9FSDEd>NX+dYwFS=y7?-meMd2
zjfZV!^AYe+#%1HH&5y1__s3JTEx?~Vt>oDJ&B*o3nIy$!{S!KDv8T!-KT}we^(1Ck
z?p!H!8;QE5@L}(Ah>1o!%!}#rcVm#d1<r9C7{}Xlse8*_W?59=S31_2xVXBe>?RSF
z`<f*=4AGdxQ@|>N;pj*7@eF^+bJi@;$)VBkXlbc!H}KzQ>*$%}4rWJ;N87=rM{O%P
zVrKeGciUX6t0r;aTte<<Cp{er?uGCw4phg+uB@g8x18Ig2GNagI8rOT@3nOcGBi}w
zD}@Z8{GH2Zhvc+qhAg@*mNUA|Er&fN5TO#WVV>KlKonkdEyNj;FRmh#VU%9w(AH7k
zy~da6Bx1cr2C?Hr=@`HWPw-dz_L|L55dRE>w#2;#k8W4h`}{MAUlWz=B@<C!EGjeM
z#Kq0%Y7(E~)hJI){#7)*3Iv8VJt#l*=5dPO=fF@*uM7#04G8Snu69Se&gV-D&FGk+
z5h)}1Ed5(_4+-V?s2^T<T3hgwbDK^jT{fFpu&Ph&OBK(uq(H^U5qme}?M(MC<2U!F
z`IRzG^CgR&Lxhf$*-*vMIDsMySOgw;xqy|dLPd7t_A6(fWtF#xm%;Ubl3%^nF$&WI
zo6knM669AbOV|0<vIGnt<NVxEb^cQEV+5>soo4&7iZXq-a<Q@Tm(&}4S&LQVIy3UR
zx1*Y`2)n^{1cwB`=WYlHio$NOm_{;kohV9Qa>B<+r${kr``mVnS-(<Nu3fOlgihp?
zu0xL=FRORBp%Sua=mVL2LsQA#DLu!P=UdvAk?Y7A_s*N0rRzo0A)=3VrKah84yhSU
zB?$d;@`@%b>7L%(k+q!ZwnD7fFWgFX=&S6t+b8vo<Xzi)VpiG%AIgwmNil4r-aDVX
z_v0qUedfq~(6lOZBzM2mj2@pEKFofjA)9DAixl%bkp!vuaI7awGxM9o3V0PiA&Cfb
zJWN8|(Tn1QbdXmWmA3W?A*6h36Y<9#lxt}Ftz3d?m}_rXK7SygUi&hU+99vBPC%c)
zeae_aa)k1Bg*|eJ{u^k?<U7F|S(eHx5Tkblqm1-7$sb;I5RJ0}>S>s^c-4Mh=$Ipt
z{Q_eTaZ*Kt@-Bv{6xoY-lnO;F%44cL1U=fCQ9$dt0tWOp?kkdx(-#iDdFvk%5l<<E
zU8slOK?M49yqX!ciMg+{r<x)1#Y1<eVFJskoQZS3B$dDy!ox=Qh@Iq98R~2SezY!c
zbqNEP0M^9{@JYyj0{oxj0=a({7bw~p*#1>+o(i<Hh9dgC6+^-$!|7<%SkC^ig&0O8
z(?HdBN-SSu&WA`*K6w}&S(2!!vyq-go!A=S^fWTB_ixnG6|*u>&}CubeffAtf&x~(
z8lIOZ+VFRRQyjM(HYG?zZfB%wGhQyZ0&1eA+@?N!bk$CE-93H@6dR<7U$y+2p6}{|
z7h>V3so?PCSBTw^2B)%!2i@I`S8T6VIzhK$21wD}#F}rbAhGckj<68LY+iTrpIobw
z-+c`7Utj)!%SGrwaGr(|-m`IPJDr=R-T7X_Or~><0>SkNEJeXupi`bAMd=tEUHfbq
z%dIDvcI`t@0A!_&LYs0{sFA^`BKi>dRU+hs?HyM$O_CLvbDKA|n>@?Xi7tC{@iHfc
zmco%H`qJqe;*^-tLvcGEnPYx*9=T&Z@|!?N+7$ytk09l*M@BFn2W@ZFzhP+Ip|qSV
zPqF1Jvr>2zt~!lgE2G~ndh;xY!`u_eU@|v=fk+x=P-2GpznnXJ)3JBJqSy0$$sVh`
z<W1B}wOVUaR{&Oi^+#E)a=}(bE5{v>Y)K&rD=8<Zt-yhmFf!t15=N9TOK4I!c1NF*
zah8|l!{*eLj3$#{FINQov0$-#-qeo7K;^<AM84JaM+PL+#!{<)4HytOA`F_F9#L=a
z`6|UYf@QlnOx`)U3X|feiOfwiK!kp$`bL*yu?HjRT!k&RfK^XDl!jw@)>Oo)i&+zW
z5g7s7&>FP6it*KeV5DtCk?FQUX3RW!UwrEx{oIE!=v3sYsi>5h-q8;hq{$2!Z7iD2
zsP^gou|n-&Y`YvwlK9Zt(p;cA10sxOQrqonYLq78zAxwaS3VgCw3)%&f0lR-il!m@
z3Ra@p##Fo;t1aS<<o2k%>XAjhfR~lqdMLWyGPx)sBt^9(ijK3tMLt-90P%!hc6k&T
z6N72Z;bzjpyiNohLZ*{In>PAgs7{4@Uq^CUOn5bU4;yc|APV<!^dfsv;g)QZdfZB4
zjQGJ3P5U0gNh$I88_HqI0g2qzZ8Ykg6-zAd{z*04uMBy3CNF36Nx`12SDV;(XYvaB
z-%n_cqNo{#v(;6Ng=DRJ!DDs9z_CQxuFl4fGWMsSjXAM|EGT+5i@!->Hc+-!c4CUJ
za)Z@EF|BCoUyq~!uJ&FD^G6lkzDgiXXb?r5E2)n{K)FZewG4sxPG5F-#-KzKOA(6!
z{!aM_k*1CW#bL)McR+%a@CJf%%`k;7xNsc?n<ZV6pOOYGkIN*q%$g7@ikuRi6`aP>
zEFZdxq<_$!2p!7c48+2b8rmFzv=-9TPRm-CP;eEDDmwsc7moBT$Y|61bpq%sY50fF
zIM}PBxqTx!%aZWj$5tERezkNRM5AA{(*r?dMLd!TQJGgF>jnAfa)nNvH2q|QigAa1
z)X5TM1j}11-bcV;mRl1U><t%!TFiwyYt*Oo-y|2Sdr}EhGOr+aCLX~^woix{X9&>n
zgfTRNPL(rl<a2=-u@a#e5|-KFtf7~oSnY`cyXJpF{oD$u62k6Eg}w&9^C0|ERMi6{
z;by1Wrf9LNA}s(q@hC8`Xe2ZJWhctpc?s;QsdnC6{P09>N7K4>RYIL}ePl5T-AIz&
z4t+t1kq(6wqs7e%b=xBj$&W8`=p_)ex7;SBUn=2z0kbyeBh#%XF$_pZj3>@h`nD7U
zSwf9j%h-u4+28r0H6$vQ$|a3tRD$xsnxXsi!rMsHvt{1_9aX8|N<mrF(+)SukHozR
zX~*W&Hl0-51eN4D!bGqPb@_oXvPA)6l2k~j=(5>?z8Pw$yge!TbwFPyg(ay_f>oa}
z$+kx$i!+r2o{o>V!>$fGe-XzPLFO&Cm5=#FA%oo|Ax1nyEk}xc5$UQ$ivg`%1C_Ev
z%+oj5fQ3=|%|7NgDZfFH^CPdA;pF@TXeL<#=C3PsA)-A2psAkNt}-9U>Q;<d<Z=4#
zix|5_j(oK2eWKo$jbN?!Lw($Nk15N`VkI8WxsM~(xs_eyJ`1jnGSVM<*>jjgl#4uP
z8pd&~&QU@rU5xs!Uri4&FnHS9hzhu|+k9}oizHe(q%J&P=-FV;ORde1-Mux|6{<@y
z6$dSGy<f{Aq8M)K5MVy)5aBfF&fh~Yj%<w|7Qq%o6jc&Y$*(wTgwtbSY&6V-Aj4~u
z1l8r98#+w~gkHSZEHE(K(MPUcj|nb09bIRMyhzs&v(XeD4at!oWKI`}Q|)48L)?>e
z@v`hBtfjjolIN(L5bxuPQXMw{+DM(;P%?5xf0?vCKuqRNsO75}`K|C2vu@AFQFvM<
zxhEM}uFGDSEpbx4Ml6we!y%8&lt_LsJFXwgZgU`sax%ZnleadEn3mQybkc#C@5?4f
zImZm{EOqdapcp}vb75~K{#UK8lQ~?6{3K-$Q)(=!RKa3d<%yZITZP)K<BuvsH}l&8
zM23+%<QX%(K^76lm4xdz^gH9d(y+B24jj0WDQVbrSm>1P2Cq`wZ>pDitv7=P;wm)g
z;*9gzH#hdLxJb3@urFi>vt99D_Q1>!<HcnS-4+wNOB%XS=Wq(KnQFX5JUO{r!ew|a
zc*2!6*c(Ma=GbW~5K3JG++BGb8;IL`gv$dQ^J%#;3S*P1dI7ADVp81pQjK68xxRi?
z;UV+=3{*NeP+@lCRb_73&>>Jw5<AQZ`4v^co<CcM6flkMZjDcHxo@!{<+84ZE|%%$
zR}eGXm#HTU9l|opcJLW_Kul{J(pW6(-og7YUmkR@{1tJhHsX`F;+vv*Fo@%9CfBhJ
zJ3P=b;;j%6UR$WqK`l=5D|#P6?R8r^HiAg=o0aVG_jpjLP5awG%J3Q?WL7m1thuA!
zEN9vi5;TjN-^duc%y6Cw5U)o8-b<Zacba&19UMmGgh8X+8_jU}Eq<StLf+I=v1Qgj
z|2AE*H>`!gXg&*YgB9oMUvemD5;cEj&%vCD<X_Y@AIKfwrTIm(R4{*{-WtJhRYM^?
z%tl4{>y+I)_-Rl0PxzZFh8I@dLWA%&7vR&uB=i1;u<6xs?FbUB=*~C_gK8nQYhr32
zp;2}0k#I09`N5Jk+-Vz!%O_6O(!5RLyeo>UL%F>pA@Uyll-m?xY6!X^z(-z0^C}Ko
z^pVLRtr75K(b)xf()Krl^31?Yk^>%ulIIf7h}#NE8oKF)wo*bJ%K=X>cxeV3*U+oM
zcp#is(69LN#o&9@ukW`B<4g5Fd`t-bib6#i>H945lp4aE5X2&WaD79r{=+xoul=?M
zcHq!;VT}<1ingU=cpX7(dY-=VX@hhe=Lj4q!F6QVpPkWEar*aM>gOxdpuU*L5ID1}
zgU4JWid-4OKSxUJf+rAgi8&!Mti`w)G&gg)-l(d^xZbF#Zg4-Hg`j(fWCYE0xmtuQ
zwyu!K@;*q`)L(X{xr_kzMus@h1+8Fd0yg_dRN+;>qJ;oOg81^_ygo0qi%i?rr1iVq
zx^|@0VmC{j#+UPYe!{$il7yYH&74qQv=ZU;LV3|RuWR1ljNvswVKw%xCJC5QXmrbF
zrfsrqsO;-!C=R8@)L9NTLQGYx*OrDVtN_`J2B?HX1#W!&sK0pq?CaN69fexjE#Wek
z*52jL^!7ZH(w%M;=+^|XVjFN?OKjDavV~U*Qa9R^u1fc`rHby9cRM;o=9k4g!u!va
zFwzjsF7zr7&4rs;ggt=9+%~^P9CmB8a0J-Z$(6S_1373&VzqMEPL|%p@Q(L=w#n3H
z59;wR*Wy@c#g-)^wIF*vA&XW?l-zB$Axj1eY3)JlI8{$n%X*{vtj-m=5)6xs=8JCz
zc}pO3rX*F~`PZ=|nceF1#@Ljl)A1LvH+mA&Yei!;xTwU&Xfe8>Y~5J33~a>FUp7fb
z$m_3~W11$ZMp9lDw<2MbEq{s!s}za19o0jImJ{C@kKn=){fHE3OaE3R!R$zDbosf-
z(euC~O!0Z0y)MR2z(atqoPiI!f}Ihy3}-mIDlRDwTFt23OV?;_>cUeF+SI2hxjrQ=
zE`CNFP!}Y&#F+TRPt}>MOMHN0Ru;}V{c<M{BSVYQ5;ZBW(w8Gnep776UM@G71Hxf+
z@9;CX65%|*7>^Kzw)8`A@!7QGkiw082+pz8h3PTUx5mJR;&#xp3y4VPmj~HHtWjTI
z;4a_Gb(~Yn-9DR#!Epb$akf*z(7x?L{Ee}vYw?y%IqmhHK5uh!Uj5bro-@x#EV(12
z8^6Zqk`8W|0|o0iFGR9wJ;il=q*O|_x1gS0FC;uEm66GmREjTZPFQ)y=2!(V8edMl
z(FDFIj}Rl~9}ShoZpZq@%V+CU(?3+RL#lk@3o(3027{n_>A7<I8Kve@1@htkkFvkk
zO<b`3fTvA`pFC~)^Akk0zqOZgus1RP%jbuF-m3BcK6yb)JzE!RdlM^5MF83#PYz`(
zh|8n$BHfdKp-ir$KhF?w2}(+%BD8K3=53`YBvcb(|6)>s^|{rMwVHF~SpJOFxfNCp
z|FIx-U&_F<HzF~Rm&4qE!`kzyG49*l%kWg7*mBd>Rv%AM39PNoDo?Eboa5KK?9}+C
zI@uqj(_4p6CEm(4z1gZb;e_kS&_;&?CEgC)H*6yGLTp@(B$hwHJ2*Icz2j~!QQ(fn
z&`5R7JMaqO8}Zx<Z|9{s)~tgn?5D^oXhCZtJRO4KBC1(QVoldRJFhXnS9gG`7Qcu@
znYmTAn&2G-rz9U9qZouM<XX*xiM<M#EM@h+B_?_}MM2!_F#nZu0tGCT1{}C=8So5a
z<c+08pX{#uSXb*qicy6H?mnY!U_ls&?9GpfdjN{`<+*1JS1iHd9*dcNTxo#?<WG}W
zwn?l+1a^N(z!awO1xIChmJfN@w@Z@prl&)mDoKSmY~}i$CQU@k>UE9nbKK4kR{r*P
zud6bGIVM|*QgwuGPavEw!0RS<?MbJCC)tg`;Obv!TTI~WMC)8=A5rVpZzt)7vuZjl
zn5$mnoQ^}kzlkkAk}0CGg7MFBTqv}x$$70ezbEDIu?^kRh03>rgN(hPeFjl6c_7rS
zQ#o7FjL`Raf$}D0^~|(DaArE!=%o}|&K5BCur@~g0cX#v*_kY??Ss!wWmZ)pX{q|s
z`nc^tqLu6KdEp`s1R>hLW_u$-Q}Mp7xAyEX`YPh!-nIoE=__%`{#L9ikw<tZBv~+!
z*%m@Ha;<6*`JVfRT|z*$!iUL^Nr(=6J&B}mKY(Ar1;xoYA}g~&z*C4hr%XVtA=hEl
zE~}*`hR&|o#~#kbw<F;FMa#qY$11kK=WV?Jm58gJ)L{Qv<N<e+KvuR!v`%(b477SW
zwz^i9v?g}67T@2{0!TG2;26TuM9+ZMkr_~0?7K#N|E7rHKjNOOs40yjjK=MaM@uDc
zOg>;V_gW1_0+oa~-2{gCMVKr#T#dOug*$IMLpf==Q_&1PHBWX+8m&t{MKu{>#LcMx
zeNI7da<$&;a@}m&QyZrPz_CM}-DT>7Rx^k-B%)i0-e7yRti~mMcu_bq)zuXW>%8??
zdj?{dx}N@hZ#xQqLH;frqoBo(MwQ_72d?qr*f3ow?H!7O(~Oc*y8d;T^~2Mc1vLZr
zhI-io^WrI(?EQtEC{yZ|YW0%n-fOXa=yrwU1U95b@-LO9@W3BV1;T)e1NOp<9f|l2
z6$N`sWUsFG5coNAFMBvt6(Z&jsxGqf1DkT}-*BJ};ORuqU51#<$<VipeZJ0Bp*@y~
z=f<-^KaDNG(LuM+H9=4yyKXx<p<XO6=n>z=n^So!As!bNbSi6%Fn4f-*vn!nBycQm
zp%&=+%C`Ih)r*Hg!oOhQxl-<+jG7|l=S}sDWV%!9q_&|4++HxI3v2%suOPFVx{xsM
z^Yq-g(GH3l1{i~xEt#%z7C7J9)7iKP#fuMSyja$|N3&MA&LG<OK!U1aC4K`bqaKP*
z5@f8=QPw9a!Gcbjz^^*c+M6DV$=Y+jHf*_J*nw7^l;JL$&BI%RV{p5n0**Q1%e)l*
zk}vx%ReFR^225pc@S9=F{BD6kB<S3%HDa@yj2NnNB^JaCKHXZ<h&K+;ImsVtUzn8f
zXN>A%mWqqpZzb-(Xs^Dm)fRFb)>FmF5YEfYEm%Zv5pyDxq$#(TD5cVz=Q~;CtKaoM
zozX#O28&=zcFKpNni^O+I+QK5J3QdWA*`DH5RbJgZ=bw-A*yI6iQG*&qcZ?kIey=j
zuM^hl)X7^Y&K4{>OieP0Hd>WK%DX14zrw_rI7D>^eW7lvpV%d#+ZYgT0#^@djj(Bg
z-ws|8PBd7Za$1)^jy#$K`%Z5a%E-er?jC)69QGzsY*?cZ!Vt=#COrNHUt9pDb)D;~
zwuI}|S72_|S<c8**&@nsDrQY8ZO9DoTIV#bU^8iN+=k?chOM6a;v8955_G;?WJE(J
zl@Ye7PQ5qx5>=H9#nst!x{?BM<n!ud@<{QyUS)nfKeTv<1N?Y95&YzK;%A>n_`fvt
zx7{4w-=fHGWoc)xV`=|~PYaC{w;Fqm)NM3Z<*<~EC?*cOF#~A<=ZpHBXvzUqyc};v
z3W?NgjjHDvPe!$Tba*FpASl86QXhc?wyNWFNSfVm19wIjEu8n~o88ht&Y-26Z%|T(
zS{LE=P*t3&3oHwoO%!k^D)E-&B$HcB_r0{_h_h^jZ5Z3u201~3)lhP=LMut&Zza4y
zL6R~#+H2f|o%a1Qw>>6U9H0@P_vRzHI31X~^IS{7XrcBNb7Z(Dcvww2#KNG=!-*3u
zl5t|V;^v~4<69eZICA50lhsJd_E>i6*Ietf)l#fJB0ul?Ix%4-K^^8gu@?jeqczSp
zMm==&DxLA2z9itj^%=Gy{Rxb=m{rDTDXWy3pL!?iPJwdFvQO)oEB@&osAtbNZxYYQ
z*ea}>yyJM)Z+V?Q!s;(@UYVi{mx+QCoV2_l-#v+Lm8C|;TQ^JmNCu2vOr+#oAkg^I
zxC{9P3o&MQvs<>mPE;Fg?<1o6e1A3<?kvdOXHXFTho$h=UgufIT`zD<HCu0*;Jk!5
zBCpn2$@B6zCLUZjDHgS(uaC6+Zsn2;qg%UFFo}+h7ReEf(N?pBgnAc<_{LmMgr{Cb
z>=K$>dP}gBn(4;{isRGGWNu?z7fZZewRmR4g@Y8oB@7mZ-u70scVyzVNu^di93dJR
z`7?&}GI1ZR7W9*<J^`5UHz4nv-@8nEp-2D^!kT~>e#izHA{;_@&eJA4B0Q1vj04=;
zxIwz0Pg*+TxnzE532szfcKxCbz9>|$y^J>>u|j3z9)L`2^gh4+@OAS#3f9y%*C)>@
zu&N~3WqPhQTF>0Notf`dG1n+PpiKa->lUCK|NUT{=5L9yyq>Xvh0Y&B93!tOKPH33
zT`QTy)B)nD^cqcJyaoyxtR)X!K*7+|1<F2WO&(hpI;Te>arLS+Esu?ZgX=aE_tFne
zJ`3@Kf5YYc0=KK9-C=4Aj|ZqqYabezF$4Y^sgC#n7c2_=69Z4zXT)%#&O~Du^xe`#
z`b1pob4Dl?D6v;HWUK7nRrjXF6?M(3dSubuE$Qy2E~kkmR}MoHd$E&MIL*k@V6&e4
z#`Sf2%%Q}7)03PKHV&B?@*LjtFnH*hCiHphntDUSxa}6kZ<psRy-_;ycf?%GB#q)d
z-X-w$aJQSNQ~M=o+{*=iE~u5%z3HnlQ=A>BU$??`@R#cNV6z6wPwu2;a?ij#USWhS
zHF0Dig?9{V$>ys+;<%sI@nKiiph<XzA{&B}r8;qR-_H!pBGs6oiAgSRy38xe266MG
z34#V)l2i_9=r}}Ic|38>@)_--N#K?Kg4u1(`RoSwMKYTqd#0DH2Xr@D^pV$W6Ir1b
zG!^BiP;_u*dcL52i$3_hWk#Nla&$gA^~U=-UT{l+Ih!?PuX$tJ&t@z!QF7MmHaE&;
zm#X{UpV2xZ+D_1`6=!R`d!V9RH*o#d?B?JSw)jD8h`yYwHwHwXF=D_r7}E+C6LSr8
zH9}+syQ|GQd6>H5E{gNb5)!A7TPjjJyjoN`E&nlUe8?(BKzM3zfy`A{2ffd?G9jls
zNwt_LvQ+};Z%krp?Ct6uqKtxQIo;tOsQTS}ovnK#NN7d0BhfBoxi)(v!x<N$Z&x@M
zWpSO_i(D1R{oS&pU-nUw!e~Fgr?sdMS0l`bl4-S%zKf8$zT6=7Nu=nU7)Soff95NL
zJWlyS!oQ3s9RW}V>^j)Gk-xT_#QwviSs(($Ie(e=m}r4cx9VBc2~L)~Uk+OE*%E2T
z{@(X;4-1HcGlc*(PzC=hHTa)<qVN9UF<b*=nf###$tuupXj3i^JSNqZYVaajFFb+T
zK_E(%y1hc^h29sBK`Egaf~$}qVC^G}#!no)HS}!_9b;0S!?oNwvz=uM9rIxcl_w~!
z@|uok$=AEI9Ho>z%(-;0&(}M7$5>goFd-Ij?=jjxciFt_zVvY0e7SL6Tha*kru5TR
zH~*)cWpsj)+hg%7190t=l|GL<7_H)V<)cJ`+@pHLmYw!e@+$`(1&yfirK1(r^;>4}
zmi2C{H77JT#kQ%hM^0wPu2=3n*vF7C_ru}vpOk`2*TTPU;lSLhG(QNmrQRGFd6>7Q
zQeMFl+{?k-QW7+8ceC6%P{-U$;@v-cM@oLL)y8u*LV^D9@;)EoA>>_td&}z5-Iddw
zzuR3d!GrHZN&CYxJov+Ido9uK!}XCNUUO*ejx~Rp6qGD6!NjYT2u9|Um2+6ZtGf)P
zD|FdSR0=1`$uHe%*LiW_5Q6g?7{DW2-S1U4Q6=5h)RK+6aNGjUUzK~-1V2li-U4jp
zRn0E~=e|u-)qLs3zE+_mI1ifM!Qd^IM4kgLh}stQe8XfRB~%siEOqqd@fqOs%s}uH
zgGm<2%aJqv+V_`f5eyanJ;<iq#LL^_r1qXSc@d++hB>76b`nV<wj@ZB-PK>o2bjKE
zIgLgoGf;W5s1Fpy90YYR+Yu%QVJhj*#xqqHwGl9?zQkhh@sDT{2%RH2-?R2O_OZ-1
z>i@K875|niiG>z#szM%Qm#=t4xEfZCD1T&BWiqQx|6Kp0q7k)0*2~S1Ec^&AjpE#8
z59&gA+d<??o+^dj(S)FaaUV((fux#RZBL=Pw4`UOFUtH1^z2WnHpo2Y3eX-}LQmCd
zXr_9h2S&ST42-jBd!8Fu1Y<{;P|I4|X>&LXK7W2t`bK%TcO-bO2w51!K^ZH0aXCN-
zNNP)skJZ4O#$-&?^O<@gu5eMbqgJi(nwv=KPEG=gzeC?BiAnMDJ9*yW;jPxrPbm=`
zqV<!q4VYq9^9y{p#R&~0u@kGC{?#Gys*{j{dv8RMjxffN+km^Q$g(>tyTIKgq)qaR
zKK6SLLs*ZORg9jix+c(R>2`-?CrPlpTow5M)U#n=!BYuy61Hw4Ws9WevDGP6z}hQm
zsbXqvXR?YyYI$-%mC3CF7MiZ0l&Y_S=tQ}S08a2`0W~iaaQj2esTX-YNZg#?KPaLm
zaVcI7nfa|rilVw6vkG6lmo7X0(v~v@HDyHtT}G~pm&)+d=0I?8w<LFF!dox;p`Ee%
z{c(yh3I#aP_8`Wn{x18v4bc%o!99fz8Ws}4dC|LGiOIEj{R|$w)Cj(}Mj=G>QsH$;
z&6sr}GV-Y2x`Mr5$Q+%(3)U{?Jl8|KCst)xNX4?@OdXlgpq4Z;#VLU!$XH#vDd3a@
zM39U3WF%k?nt^iW#B}$Zi#&Qlc61xNnV4tQxh?2L8^n4L7SZldjCDMl)+v<RMMKd0
zU-4cc>4m1Jr)PJus;Cb1qo^Y6%kY>DBh{TNWau-r5GzkNXMa{Qn&fD=r6|+V#pT>@
z_pz|S38AJB5n!^=qaS&lkkIUXoHf_@jlLnc*H-j&L2Hg&QppCw>Sc)KVtSzDjc{xY
zhkuS81$AYnB>H}a_afzxbba0PjCOmRy6gZcMS%{>Nma!?UX4z$RSD*qd=-8aRHb<)
z1{CexKJfbY3W9N;f^m~2ls)0In^GX7PBR@R$#hF84xZh{SNh^d_V(+Oi%;bwH&^+%
zGiB!DIx5b;yr5jwQp81CIE!Qx369;?3}VX)YF~Y&I8Xc5a-%;IAuC90gw)y@TG$Kv
z3ueUZxTYa@#dK*D#1t&J*TTl9gyz>IjK(T$3LH4m`<l{VJv4|?J>to>uwa6Ez8+#1
zz%wr1+ib8nl<L-wL4#!m!~1P}(fH9)1kWA4Y{z)F3mpgHd#^&*bOgE5f?n#1P_QQ|
z>t=RIxvD;(+eo0x(ia6FD~1HE1v$&0lL|;6>lLsCex#6E2_lp#Tzx@5SdtOs--(ri
zXO+GVEs*Taw!z4%KL~cJNw<|{L6>gC{L;h$!j;O*P)&}jBx&20p-}!HAitcQ1qp8p
z2lnDJ<oxWS1A?!(tqnD^z3o1VTUIGsSmD^wCRUOU{SXP8)0cwetK}+TTLm5tChTG=
zk57*!3Kv>qsrvfJ#zzX02>Fg^3b<o3vm%PYwJ4C}+DV*g2a0`m?JaLqsX@BC(<&I)
zPZ_HPZe0GGs-H1H9Rw<KRO-+o6gsO!dPH(&2!ec*IL2gJKKKhPN*DDPe0knI$sIY!
znLw9i{E~bKrA^fv!!vq7zZV+=PLz$ii{jZH6pBJIFJ)$TsGVO*+LYw>`F@P!dN0kF
zGO$9~-2z&Spm^C%aC&vQLLpLo1Fs{d+OxsdQSG;WI&GTwR1p}mwgJmCS#&*&QnJ&0
zh5K{;gGrGmxay<t#0rmzgP&EHkA+g9VlDK`ZIuKGe}ge9>dFq&u_;N3R;#CkVy`Tk
zKY>l4O&WB9DUH=xH|Vl2>MiQ5R7h~BXdmGy^@vzmO`}v0Jx|!OmCRJHS*#{^ugOz{
zf-4d0)jj;8t^xSuYe8fd7f^q-hw3sj8znJe%g$r$Yhsk1x6vi4=?HNLjqK%Wb1xIs
z5Fzd13e0|=h`~Tr|0_P~(L%HQ6t<))COvE8=d-CT(#2uoi@AA4DiTEYly{?IrRJR6
z`c1Aj;Rn<eP>}ATlB2?Xs0k!YieAI{490cil)U2jj<9hf)RgbY(_8lXD3djK#Yg(5
zqZ3kM1V;kD^ezF51-dFz+1uw^=2YqHlhrtzj}O2KX~Yq5hh-&myx{Q~PU<mnlH@bl
zhF`L*xEN`-{X*Eubtbu4Y*U7h9=6=B7KG1il{1}x9)Xe)gRZ=4{i^AVD9Ts84=;Uk
zV!pa|(Z^?^uk7s}D5xGS4<gaYe$`bFB@c*650?8GE+S}py6&fS+P0!>H9}d4IW8^&
zEyH_-=98F3m+j4vvACew(SvpI9oslv#g;FemP+reh2r4z*cAk{-||k<%JCOBqBX=c
z=G({lvdEcHj}D{8$Sc^KS6CLg5!T==eBdOWYj|xvljM>fQB%6%)$FW^P=-ilQUz~d
zq&{Q8)W?pu2bZi`(}DKR&IB5L;5<93=Z+O&8>AgOe((!IQ(Yt}MqgC7NU}Jmru&!X
zgdV2dq7U+v9uKp1wwjcm2E~~jlN%@%(qWdqGBVVxpy7kGW>A#E;uf#Rvr4}rSSf{C
z@;XdB;_5iXRan_~d%NG$U=u4n@uHP8?O2o2DwO6F^ka+}wdW2lS4x}=qZZy#m#s{g
zFUB$|*Ukp`%{4?la%-E{Fc2D1+8p1I&M10;tTFSFx?SG+Ea9B)TFQGK7A@4+4F5UG
zpo2DuvzZKU1kRi{Ko?uGVa_Y|6N<76E<~CRJYSk7MaJ?5jS6=^?Cj)~aI+l1cX!1U
z%5-m*=U5<^fu6hdr}JXlwvMgl8}}m5`)1aVyW)++J4$W~^|A<tjpDMuir7$$>NZN+
zOn1TJ>S9hLl{%`8K8_CXD>O;j2STvydvU~+@+qjx=GsmZL6SDj1%Fq#L>IK!B4V=X
zeW=~^`06&4c}n|!=^MMMeZ``>AnG;G;!`NCh7j+U2OA)B>jxq=FRdYk@$9Cz_s)Q_
z_c8*&=T+f*dXKsIre;&tUM14|jdiG0H{EJ69kKKE3CsGgX>fZgbqos@fU*Vh>K>DA
zcW)()39RvV=p~A{edKiKA$E%{=P|pLexZ#cp%OjsyZ=Sk&%^m63hl5mzU@Ib70s-t
z2TYv#p;E+yjT=UBLHlLBrw8dKj?6cU5OQa}wuZOpZkHa7NtO7c7U{VykcT$h3twvE
zD2+-pV(_5}`qC|c_q|wa5f-iH{N}V@X*3OueXaY3wP$K|Vvm<+lApl8*^La<$4lhD
z06Q)3J9c;)(8t>Bfi)moPh&j=a-r0QexspMKhWLJ-W%#-Uh6RWW>|wjJ}n^+-i}if
zOc1df5eY^ZI#myBP?TdAnM1IiOk$C4a;?dkU}YqP+kP36>>4x5G<GhILu&2z=v&se
zv?R;He*Y`+`gMfy`7}sVG&hwt;VV+8zI|4GA-kY9g(H0+o@I`jSeKLNHL{z`#92@N
zl~%y$lm(ZlmhnAx=s%Bty}mZtGd41uSNDyuUVbl5h&--It@&1F+1|e&3zE5k440`s
z_SpOl6==vRNtX@efO$7+f4URB@S^543;LSg)r$txy-vh6;ZM~N_RGS@dQ5b$=eaC4
z$2gPKE}zw-yJ@tAQ(gt~0Y1ZCOzj|DKsln96DP75Tp6a{n88I5rp@$F5jwng#JOUb
zZGszDo8O#m@+FHIJRi>1a`Q1GSl@}t%N=7G)x4Hd7>ZH7L$f$719OKNnqIHQO6`)C
z&#8+1(!e`O0iG&*q`Ljk=fHGibX2JyH>@G8RCk=oe#RB*hx^uUt1taw+F)KQXtWR$
z)2dI$8XwWxX3To|3zXByh}M_IFvo;O78u^#eVR17{#Ee$4sm%Lldmk;)4Z^bYm5R@
zM%z1mY!XRf%XSx&2vL#wg7fZSEj7qGJVr0eGU;kDc8^>*(Od%*0(&WJmFo%#>=)L)
zI8WA)@Yv?1I7G~XNUtRs%O3gSIJRZIOL0Tpy>1|j!b`j7Vm-!9aay>5F1coVr}@?Z
zpTC{B8GHK!@yWV7^TchV<YG>u(eUJ|$%!MLj2fEZDWE)955D;g)A+?R17KkTQ`dx9
z?M%*a(fHc2+UpxEgF5|cJcJPIGEoGfWRUvzYl>$J>3rGl*6h9OVipbZjEnrKUo#!v
zI|Fa9H@qg()WLZm-0c)ELRVIC*4D9UlDe7ta!f3=-WRe~cm?hTK6Ugqy+bJ8u)>2Z
z`a{*OF!Ofee!R=ot`?^u1AWOFc%w0E*>3bnhQ$DgM}$ogMFEZNhHCAWrT--aZ#opj
zE^P2Q@fn0^voCi=&3prqvt7p>m#w9oWi>Jk8T-e0{=L%+EW=~t6GaqS>&lpb?%u!_
z-qpfBq*N->dy?9d&d=AzN#YtfY%%TI80EXy3@5HvZap;*>xY2jBuFS`CRxr~1Rx;I
z7eDT+uN_1r0VhiTZt#F#wgz@q4z_v*b~Mfw=1nTHR%3KX9-GRz?z36deofEY;uUIM
z5Xw+i;~0lqx=B)_%uNsSX<zMs9JB9JVi_6Vm&d+5ICWY|9&#Miy1Xp~x^MMm5vQ#5
z_0K%Rlv-+ZcLL!7oH&UnaJ<j-z1-l|Q&fbf$d!hiHSDJAw~GfOfJC)7K9qq2QGvf&
z{@8~W!w>240<Yg7Y?+zL0XiGS*aTC@*jX&xigGLpdxcYtwAyQ|4TlXzsA=PH@z{U1
zX<1xmmVdj<H?&2bsafa)jGSh?hHVU?!YJ)d4|aSa<vh#lw;Sv;b|-XaELQ3umzOrx
z(aX%+Y2fPJUz&+Alry&#Q$>~<=JRlqL4#YwOk`Wlq34kbqlW^l1}TT1IU7dYzcdIC
zG{}ylP~ToYn^&GEgxYS5sT_@3@U}M#Lwh&(-e;}g;t)RfgM{mm37ce2^u*VjzN-yv
z4>;1Ol`W3C#Lvzk7;7U2w#gyFXBSw0nRBz}W(@UQz(gy?40jgh0p4GFpHmp%ya~Dr
z=+u}hQtE)uv89oRku@M5LSk_DSCZ9#GyH7S_l{$gJWm8>yAJWN`cTO2h5EPq>%z*|
zP4-aWDxue#t9s$waC9^<`6>ky8iv_|8+6p7^9EMy>bI0dgRJf_B>@akATgx=jL-U&
zP-{XSlK4QCjbChvKU0G3tY(J2K#dzT3l`j%N$w~RG=q(<hVdDNZ{4}mM&lr_Ou!YQ
zoQ1eLvY!jCa+IdF4PPMCcz|L9v2*i5<&<hqF04Z5>`=oVVV`8~68eZoSC6rd{UVp9
z#&wY8EZ}41V8W~smMUINYnbA=v#{i181m%uxXD&eNDiJ|j|6)r`?ER!E2v<cjot)t
zlUjiW`BZ0M$GCNS=b8nK1K6~MsT29(?(J|XCdY;=;dK^suxGPQ)7PoU`ruAbt9hSY
zn6Z!1=d}X;Bg48_7jKM#UKYda5T<@kDFvbtU}D#EEQdI;Hj584HO>^3&BV(&_kkzZ
z-3@f5@<?IRWIe%>ekYXK48bL`gjUgRa{QXP*~V|r(Xr?-3rxMBX#qNka`WQu!cN(J
z)?2yqAb!*JBma1|aIKjp%F_D^9>te?%MlmdxptULbEsyoZheO|XcxfdtPbvI9~CiK
z=_7;`;EXrx``f0#AZS2nKu}OnK#x}-ej1F3B7m#QBTOK`zXE<dX_A5pywsvnLbQ^+
zQldhF@(MJPLifFo>im?-V<*4~+V=){MD>Rj1|a!wDnE8Z0f495Jcm6a0Rl>f1O@_(
z?T6O=V>bao89^xlK`DMwLHVCaR8_6|Ss(%dX;A?IA^kuA2<V>j2V@CRenBaD!Jm5v
z7=l6h1A3(b{s4&l(DFHd=q)9!0O<c?=l{Ds`ah<hcD4Z2hW$6w7CL~61Auk-?=yz;
z11=Cy(XX8WH^(%OH^(%9E91W+#P)>H<zEx}H_<<?qXD#O{&OAuGs+ON#egS(dNkmV
z&=VAG?q7KQH)X(Z|NZ;VP^_&iXsrMJVb714k6uDRk5=XzKn_x#0RcVUpZ}*Ry!wB`
z1bCSr!G2!MrxM%@NLP`T7Z&}l2Y=NKP_5#JcKKsB3j=!{dlzeiC#(1PeN@w4x5^rz
z*D5d&5dIInfq>Wret`XV|Nr~(=qUecEND+?84LbE3-Bc~wY9l}k;zk`d>oDc#Gwa2
zU?c$mu_kyzq3FL*c>FBd($MPX;XD${(7l_Y1`tyL5PQlRm++6n`6Kax-^#+;$`VkT
z<9iJ7SF8af;)hl(@<(FDU-fvpp4<QG@jVseuev=oCxoKEW^nvfZ`2<K2?V73C%ylN
zGUGiVkp1Tb{#;`pvrn{E{ZTIg!Ii*sARwkEq)z@9smG7p<-Z4Hk~)?;Mh3QjTxa~q
z?IS|i22ckT;5FS(0OQB<1VLQo*SP|4`=7x|{$Jh;zqtuu%|$J&|CQ7AGe)p^-_{KP
z!vvsQkA?C6)8@4Q2ZoY?tsNk<=HF1iGVv&-aV5TNZvhet0Z0yD{||M*FBaq91Q4+@
z*Z;G*`q{h?J%Pb6`yViRR+fe)Mo%oq<LnD~Axn<~W+oY+>W`TQ|7m7_lOiDV06_TH
zX?dic1t$S>3{YNmfVKe)*$*w*?(dEFk9oJU{R4&QQNMM*S1SB-z|*J@EGxh|_<{og
zJ#}Lb4*vx3&r#B_UVY&N1ymLSOdS0WOaTFnJO4eDe@WG^<bPgeKv?rbvvm6(<V`H?
z4QwrS%zs&D<%eKW2f!+b!T_>1f1n5i)bY1zipu|63*>(?x4$y-s1^Mdii!Jx)sTV)
z0s@%JA6kj$-(}=i&_}!Sca?<r2TUL!WZ(aR`hV$jKidz1s3vSL!0d4X%5FZjABKOI
z<o^lspU;%&;0gyLz*DpW{N+>oAsX~I$NWd?#D9nRS+b~~OwC&2--K~wrlXUWq5nm|
zz~oo#Uj55YKUMYDNxw;2=?{p13)`<#_A@UOPk1@}__qP+>7Fq1D75@Z_l>mx^Pvgw
z6&z3KiYEUKU3pmvSqB4Kz^CTFj{gy7=To944`9MX0SW>Let&4jnZJXh#7s~38&maE
zd{MH02g>5RzXeo@{aHV7D$BMj07~u+@FEgFZ~_G6@Xr85^#T4IkOA?i>-^>hI+lOt
z5g%vqwZ05%A|SFCWCq0YPmt3~{}F3HBL8<~`YtHa9a-dnB=}Ci#_K6`P1iqymNPIi
zv9q`R&h%eHqfc*?7eN65#UcM}&DF;K5wxP@<4pf|(7#qV*ZIE<%J8egWpXn<X9FmL
z;4g|W@mqA2m>GUY5uVx%=f%Ix0^?H_9^;%PSC7DZKrjG<3IxRUL<&cLi!Q&pj)}#8
zjg}vUPI^^ZOAatuj)2J$c!I>S`8yo^;8q2l^$fm$6Y;B^dgN{U6naV%AZO-;KRfaJ
zt=~cXL%0B;^rNKd>ew0Z+ZsHUoc<N{k<ZWGr?Vgc9?bz^mf#aUM{a%x^@&dXu?-=j
z|8vNssW+<907zbdqkjr1^zHu@lHt!GpBuR_3j@r@<g1_KV<;ftznkd~kjFpa@>jse
z#oQyA>3`g#)C0D3PYrb|&hG)*nLL_kQGIJkz@dcxqw)Cfv-^lFrcRrT3ou#i08tWq
zvY@XC|NlY$mE%W2+V}Xtu>}w!D}bebs+!{zzk>^K=YT!P_Z;g#ap;d6PS&TA{J9+?
zq5T~sC1%Fov17DPCbNg`cc63up7j@JzA|#|G7Am_WC+-hKMjD$=zp8|cZ>Gx$~?}O
zB;R`mSb)BT0QBwY%9yhLHjaRaj=6!}ztZ1-4o?~?qkM({Mso%r2TzUW68mo>N$OZz
z8|d@e+XG(mbFeq~mA9XL<zwdaf7)}d-$B&ZvHE3wHW1=q&;dq+6A(2%oi~r)ru}_+
z1bC%?<>FCyx)i3=SO6>323R4f|F8h~^-cMAx%ii*cr^Y1Jfa`|`sdi$T6cwSV1R%I
z0Vn!=Pq0hX{@<{F#rt{1p2o=U41NdC;?H8_$H}~KT<+d|bT0t&tMr7S)qe)SZ>(c(
zZeVF-0N7^OJ$}>p*CE{F7zF8SIOvIifFe|XHo~$d|A@&y<mWF#$46CP2dleX2k=e~
z;QjH1o&U6(uz!RrXrW_bu3!K-@YAt3_-no&@j=#{U|RwB?f|p)RFJhJ{}H~lr~tpb
z9^fsp|BYP|bZZ^}*xJhx0gkKx!#LnqQp`WXmNBrkFtK|)l>BS(#|1B!JGHL>FzyIo
zT;U0LTFyTLmoxa)@&8NW|F>Q}byef}zcYgGdGS9R_Nw?Bl}`ZnfB<s!G@M~9_-*3<
zcJD-w^ZFQ}Dgf?U{)@ARVP^zY2e=d&06HLe`=J>W|8wMDr|@wRr%xJhpa2Uv2H0Wq
z{(uAoL{<9RSbzomekT9;iNUXMKU>15o21ODzYWLq>n4e$9+n^P|Lg4PLZS+yuvl4!
z6bM?Wg$5>(B$Wy(gsv&tn*T~9lBT!Za&_5U($LD-3dEPNP%L_=haM{OAzE3Kw7{}V
z7Agsi5`xGV1EG8nv2S+KopX0~y>r(WpXR&YIcLuKX6D{AsKE1BDABsLEH!RmCB_V9
zET~u#D>3_^41>y)Wc^Ak!6^eJRAL|6KV}#ZU`OEmOyc;P@`HOm1a>DaU%#^?S>jw+
zc#n|ohmYtMaq6%%6%Nf{YN|Ii`8gr@+icJ12gPB`;2c8H_DUZpo5nV?V$HHx#5~{3
zw5{v{$0)=hJrKVBS{l-ujD5jaD2Ais?qPr#0G3VoZ5fjWD{XF60s%5Fe&3K+dk_Zw
z?33}Ij7tNSSv-EsX|<TFZRIAj;yH)0;RpuxM@%_C|MtUqJV6ayN-0-ONIwB<tQUx~
zI$=?<?S$&bs{>lTmq)@9iS6DjYg#H~=vN4CnzVMhWXE>fQYg07ET{k-oR&fID?mph
z;$x?=LDhqEKDq*rp3w!MQT*-LU7cgWT5?;w8rS?s7p}*S0YxX9dQV3>V&|}W7)H%B
zlBrj*q6^m>huSwvspN4)1WUxDQ1Up&4+Ul77-|x|>ZunaBc%t=H8m;*2%UPjD-AZ2
z_~@BgGsTsDw+jN~7c5Fe$Yh)}?&^M(9ue~PfMz)Kz~B`lqp{?8nGg!oZO5wyG&#j3
z%8a|pz%9Z3z23k8_or9oUBdeL3zh&hf!xcM0Sv5qSmr+w(mjfe6Tv=ud!7tZC3=Uf
zZPxmxcy+F#5x(cR43tpyY@DqOUjUD5u$qC)+Yb4`vurI5m$RGem3;PoQC%ahPFIIS
zQ{2$$Fw`p(@Tea6Q6NpmP+W!{(`PZS#9)1=Mt;5nxf{>~RPUU`-m}J9g}8QG&hy#}
zdeU2!7BN2-7hy5c#|ptO$)_Iolt@Ds)xx0V%@>p=F`zm+Xgw}1mjP7QV>X?f`S+9S
zkp2>*)RK5WdhE5>5Y}Xdmh{XXycx<Z1m%k+z0Mk0Cf>;K3%B+0t*JunQ+I<L%@vF1
zWa0da4Mr??In6!~Gmgcmk)F56BDteM$VnXxRMu?nltJ<<Ys^Ex>+^815R3ErB9bo7
z>jU5%wXVj9bA=igQ59QJ6)AX9mo9cWc+0n?*mkDTbg@CP`qvrEiTqvkC4~8-JG#J)
zN?U*?*6O^;-<U&{h`mo2yhdHeU+_^uXjc#D!d?G%9-cZ&sr*d^>?RTKZ{G`DkD%pV
z5&j{V`}v0E)cvy#eGd`viUb~>*?{i>NcVJ)4(Wnlr-wR^uTCsfgLI9{;0skY-;RyS
z#5wuFMO_DZHq4rQcPT1DzD-E8aZe<!=Nk{EHr-xt?Bc&Gu64kK*5W$=VR6a*T$;vP
z-FfwuOw2TVV-+eVdOvA-TE3?cZwWRw|8W@&q6br2#%2qcwMH%c;Oxr-{(~8uw{yRL
bI1C|Qs}&nJL7fE!b>goWW%BAA1Y6L5<*Wc5

literal 0
HcmV?d00001

diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/ios-migration.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/ios-migration.sql
new file mode 100644
index 00000000..596e0485
--- /dev/null
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/ios-migration.sql
@@ -0,0 +1,43 @@
+-- -----------------------------------------------------
+-- Table `IOS_DEP_PROFILE`
+-- -----------------------------------------------------
+CREATE TABLE IOS_DEP_PROFILE (
+  ID INT NOT NULL AUTO_INCREMENT,
+  UUID VARCHAR(100) DEFAULT NULL,
+  PROFILE_NAME VARCHAR(200) DEFAULT NULL,
+  TENANT_DOMAIN VARCHAR(255) NOT NULL,
+  PROFILE_CONTENT Text DEFAULT NULL,
+  UNIQUE (UUID),
+  PRIMARY KEY (ID)
+);
+
+-- -----------------------------------------------------
+-- Table `IOS_PRE_ENROLLED_DEVICE`
+-- -----------------------------------------------------
+CREATE TABLE IOS_PRE_ENROLLED_DEVICE (
+  ID INT NOT NULL AUTO_INCREMENT,
+  SERIAL VARCHAR(45) DEFAULT NULL,
+  DEVICE_IDENTIFIER VARCHAR(45) DEFAULT NULL,
+  USERNAME VARCHAR(255),
+  TENANT_DOMAIN VARCHAR(255) NOT NULL,
+  STATUS VARCHAR(100) DEFAULT NULL,
+  DEP_PROFILE_ID INT DEFAULT NULL,
+  PROFILE_ASSIGN_TIME TIMESTAMP NULL,
+  PROFILE_PUSH_TIME TIMESTAMP NULL,
+  DEVICE_ASSIGNED_TIME TIMESTAMP NULL,
+  DEVICE_ASSIGNED_BY VARCHAR(100) DEFAULT NULL,
+  NEED_BASIC_AUTH INT DEFAULT 0,
+  IS_AGENT_REQUIRED INT DEFAULT 0,
+  OS VARCHAR(45) DEFAULT NULL,
+  DEVICE_FAMILY VARCHAR(45) DEFAULT NULL,
+  DEVICE_MODEL VARCHAR(45) DEFAULT NULL,
+  DESCRIPTION VARCHAR(200) DEFAULT NULL,
+  COLOR VARCHAR(200) DEFAULT NULL,
+  UNIQUE (SERIAL),
+  PRIMARY KEY (ID),
+  CONSTRAINT fk_IOS_PRE_ENROLLED_DEVICE_IOS_DEP_PROFILE
+    FOREIGN KEY (DEP_PROFILE_ID)
+    REFERENCES IOS_DEP_PROFILE (ID)
+    ON DELETE NO ACTION
+    ON UPDATE NO ACTION
+);
\ No newline at end of file

From 007c2479ba7814716be948532f7e0714d9016254 Mon Sep 17 00:00:00 2001
From: charitha <charitha@entgra.io>
Date: Wed, 24 Oct 2018 12:52:07 +0530
Subject: [PATCH 03/10] Update component versions & fixed tests

---
 .../jmeter/DeviceTypeManagementJMeterTestCase.java            | 2 +-
 pom.xml                                                       | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/modules/integration/tests-integration/src/test/java/org/wso2/iot/integration/jmeter/DeviceTypeManagementJMeterTestCase.java b/modules/integration/tests-integration/src/test/java/org/wso2/iot/integration/jmeter/DeviceTypeManagementJMeterTestCase.java
index a871e1d2..8f63a1df 100644
--- a/modules/integration/tests-integration/src/test/java/org/wso2/iot/integration/jmeter/DeviceTypeManagementJMeterTestCase.java
+++ b/modules/integration/tests-integration/src/test/java/org/wso2/iot/integration/jmeter/DeviceTypeManagementJMeterTestCase.java
@@ -89,7 +89,7 @@ public class DeviceTypeManagementJMeterTestCase extends TestBase {
         // Allow some time for message delivery
         Thread.sleep(10000);
         ArrayList<MqttMessage> mqttMessages = mqttDeviceSubscriberClient.getMqttMessages();
-        Assert.assertEquals("listener did not recieve mqtt messages ", 0, mqttMessages.size());
+        Assert.assertEquals("listener did not received mqtt messages ", 1, mqttMessages.size());
 
         String topicPub = automationContext.getContextTenant().getDomain() + "/"+deviceType+"/"+deviceId+"/events";
         int qos = 2;
diff --git a/pom.xml b/pom.xml
index fd22ede4..5f647a52 100644
--- a/pom.xml
+++ b/pom.xml
@@ -1528,14 +1528,14 @@
         <carbon.governance.version>4.7.23</carbon.governance.version>
 
         <!-- Carbon Device Management-->
-        <carbon.device.mgt.version>3.1.37</carbon.device.mgt.version>
+        <carbon.device.mgt.version>3.1.48</carbon.device.mgt.version>
         <carbon.device.mgt.version.range>[3.1.0, 4.0.0)</carbon.device.mgt.version.range>
 
         <!-- IOT Device Management -->
         <product.iot.version>${project.version}</product.iot.version>
 
         <!-- Carbon Device Management Plugins-->
-        <carbon.device.mgt.plugin.version>4.1.8</carbon.device.mgt.plugin.version>
+        <carbon.device.mgt.plugin.version>4.1.16</carbon.device.mgt.plugin.version>
 
         <!-- API Management -->
         <carbon.api.mgt.version>6.2.201</carbon.api.mgt.version>

From 4689d98525184437d1459bef9931780160ae4e81 Mon Sep 17 00:00:00 2001
From: charitha <charitha@entgra.io>
Date: Thu, 25 Oct 2018 01:04:11 +0530
Subject: [PATCH 04/10] Update component versions

---
 pom.xml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/pom.xml b/pom.xml
index 5f647a52..f747c310 100644
--- a/pom.xml
+++ b/pom.xml
@@ -1528,14 +1528,14 @@
         <carbon.governance.version>4.7.23</carbon.governance.version>
 
         <!-- Carbon Device Management-->
-        <carbon.device.mgt.version>3.1.48</carbon.device.mgt.version>
+        <carbon.device.mgt.version>3.1.49</carbon.device.mgt.version>
         <carbon.device.mgt.version.range>[3.1.0, 4.0.0)</carbon.device.mgt.version.range>
 
         <!-- IOT Device Management -->
         <product.iot.version>${project.version}</product.iot.version>
 
         <!-- Carbon Device Management Plugins-->
-        <carbon.device.mgt.plugin.version>4.1.16</carbon.device.mgt.plugin.version>
+        <carbon.device.mgt.plugin.version>4.1.18</carbon.device.mgt.plugin.version>
 
         <!-- API Management -->
         <carbon.api.mgt.version>6.2.201</carbon.api.mgt.version>

From 3ce9da92de4266a3e1b40028288eea4db8e4d5db Mon Sep 17 00:00:00 2001
From: geethkokila <geeth@wso2.com>
Date: Tue, 30 Oct 2018 14:01:44 +0530
Subject: [PATCH 05/10] Updating the migration script

---
 .../apim-migration.sql                               | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/apim-migration.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/apim-migration.sql
index 85439ba4..b31b8a13 100644
--- a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/apim-migration.sql
+++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/apim-migration.sql
@@ -33,3 +33,15 @@ CREATE TABLE IF NOT EXISTS AM_API_LC_PUBLISH_EVENTS (
     EVENT_TIME TIMESTAMP NOT NULL,
     PRIMARY KEY (ID)
 ) ENGINE=InnoDB;
+
+
+CREATE TABLE IF NOT EXISTS  IDN_SAML2_ASSERTION_STORE (
+  ID INTEGER NOT NULL AUTO_INCREMENT,
+  SAML2_ID  VARCHAR(255) ,
+  SAML2_ISSUER  VARCHAR(255) ,
+  SAML2_SUBJECT  VARCHAR(255) ,
+  SAML2_SESSION_INDEX  VARCHAR(255) ,
+  SAML2_AUTHN_CONTEXT_CLASS_REF  VARCHAR(255) ,
+  SAML2_ASSERTION  VARCHAR(4096) ,
+  PRIMARY KEY (ID)
+)ENGINE INNODB;
\ No newline at end of file

From 09319a37de642e44605d9d62465d00a01d855f84 Mon Sep 17 00:00:00 2001
From: geethkokila <geeth@wso2.com>
Date: Tue, 30 Oct 2018 14:23:30 +0530
Subject: [PATCH 06/10] Updating the versions

---
 pom.xml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/pom.xml b/pom.xml
index f747c310..39f5cf97 100644
--- a/pom.xml
+++ b/pom.xml
@@ -1528,14 +1528,14 @@
         <carbon.governance.version>4.7.23</carbon.governance.version>
 
         <!-- Carbon Device Management-->
-        <carbon.device.mgt.version>3.1.49</carbon.device.mgt.version>
+        <carbon.device.mgt.version>3.1.50</carbon.device.mgt.version>
         <carbon.device.mgt.version.range>[3.1.0, 4.0.0)</carbon.device.mgt.version.range>
 
         <!-- IOT Device Management -->
         <product.iot.version>${project.version}</product.iot.version>
 
         <!-- Carbon Device Management Plugins-->
-        <carbon.device.mgt.plugin.version>4.1.18</carbon.device.mgt.plugin.version>
+        <carbon.device.mgt.plugin.version>4.1.19</carbon.device.mgt.plugin.version>
 
         <!-- API Management -->
         <carbon.api.mgt.version>6.2.201</carbon.api.mgt.version>
@@ -1640,7 +1640,7 @@
         <caramel.version>1.0.1</caramel.version>
 
         <!-- App manager version-->
-        <appmgt.feature.version>1.2.53</appmgt.feature.version>
+        <appmgt.feature.version>1.2.57</appmgt.feature.version>
 
         <!-- Carbon Store version-->
         <carbon.store.version>1.5.1</carbon.store.version>

From 6f2647db7495c7c2259b446da144237f5a7b4ef1 Mon Sep 17 00:00:00 2001
From: geethkokila <geeth@wso2.com>
Date: Wed, 31 Oct 2018 10:43:27 +0530
Subject: [PATCH 07/10] Updating the versions

---
 modules/distribution/src/assembly/filter.properties | 4 ++--
 pom.xml                                             | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/modules/distribution/src/assembly/filter.properties b/modules/distribution/src/assembly/filter.properties
index 7d40938e..4ad208e4 100644
--- a/modules/distribution/src/assembly/filter.properties
+++ b/modules/distribution/src/assembly/filter.properties
@@ -18,8 +18,8 @@
 
 product.name=WSO2 IoT Server
 product.key=IoT
-product.version=3.3.0
-product.doc.version=330
+product.version=3.3.1
+product.doc.version=331
 
 carbon.version=4.4.26
 default.server.role=IoTServer
diff --git a/pom.xml b/pom.xml
index 39f5cf97..169c4c77 100644
--- a/pom.xml
+++ b/pom.xml
@@ -1528,7 +1528,7 @@
         <carbon.governance.version>4.7.23</carbon.governance.version>
 
         <!-- Carbon Device Management-->
-        <carbon.device.mgt.version>3.1.50</carbon.device.mgt.version>
+        <carbon.device.mgt.version>3.1.51</carbon.device.mgt.version>
         <carbon.device.mgt.version.range>[3.1.0, 4.0.0)</carbon.device.mgt.version.range>
 
         <!-- IOT Device Management -->

From 6491894e3fe8ea12d7a7bef4cb9fdc4e526f76fd Mon Sep 17 00:00:00 2001
From: geethkokila <geeth@wso2.com>
Date: Wed, 31 Oct 2018 15:04:25 +0530
Subject: [PATCH 08/10] Update the version

---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index 169c4c77..b7adb324 100644
--- a/pom.xml
+++ b/pom.xml
@@ -1535,7 +1535,7 @@
         <product.iot.version>${project.version}</product.iot.version>
 
         <!-- Carbon Device Management Plugins-->
-        <carbon.device.mgt.plugin.version>4.1.19</carbon.device.mgt.plugin.version>
+        <carbon.device.mgt.plugin.version>4.1.20</carbon.device.mgt.plugin.version>
 
         <!-- API Management -->
         <carbon.api.mgt.version>6.2.201</carbon.api.mgt.version>

From 5eac09ee38dda8cdd76c035a4b49cd8efa25a341 Mon Sep 17 00:00:00 2001
From: WSO2 Builder <jenkins-bot@wso2.com>
Date: Wed, 31 Oct 2018 11:24:19 +0000
Subject: [PATCH 09/10] [maven-release-plugin] prepare release v3.3.1-rc1

---
 modules/components/org.wso2.iot.core.admin.styles/pom.xml   | 2 +-
 modules/components/pom.xml                                  | 2 +-
 modules/cxf-filters/pom.xml                                 | 2 +-
 modules/distribution/pom.xml                                | 2 +-
 modules/features/org.wso2.iot.core.styles.feature/pom.xml   | 2 +-
 modules/features/pom.xml                                    | 2 +-
 modules/integration/pom.xml                                 | 2 +-
 modules/integration/tests-common/integration-common/pom.xml | 2 +-
 modules/integration/tests-common/pom.xml                    | 2 +-
 modules/integration/tests-common/web-ui-pages/pom.xml       | 2 +-
 modules/integration/tests-integration/pom.xml               | 2 +-
 modules/integration/tests-iot-web-ui/pom.xml                | 2 +-
 modules/p2-profile/analytics-profile/pom.xml                | 2 +-
 modules/p2-profile/broker-profile/pom.xml                   | 2 +-
 modules/p2-profile/iot-core-profile/pom.xml                 | 2 +-
 modules/p2-profile/pom.xml                                  | 2 +-
 modules/scripts/mobile-qsg/pom.xml                          | 4 ++--
 modules/scripts/pom.xml                                     | 2 +-
 modules/tools/cdmf-devicetype-archetype/pom.xml             | 4 ++--
 modules/tools/pom.xml                                       | 2 +-
 pom.xml                                                     | 4 ++--
 21 files changed, 24 insertions(+), 24 deletions(-)

diff --git a/modules/components/org.wso2.iot.core.admin.styles/pom.xml b/modules/components/org.wso2.iot.core.admin.styles/pom.xml
index 92d30773..425e4762 100644
--- a/modules/components/org.wso2.iot.core.admin.styles/pom.xml
+++ b/modules/components/org.wso2.iot.core.admin.styles/pom.xml
@@ -21,7 +21,7 @@
     <parent>
         <groupId>org.wso2.iot</groupId>
         <artifactId>wso2iot-components</artifactId>
-        <version>3.3.0-update1-SNAPSHOT</version>
+        <version>3.3.1</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 
diff --git a/modules/components/pom.xml b/modules/components/pom.xml
index b7da7c5d..52545bce 100644
--- a/modules/components/pom.xml
+++ b/modules/components/pom.xml
@@ -23,7 +23,7 @@
     <parent>
         <groupId>org.wso2.iot</groupId>
         <artifactId>wso2iot-parent</artifactId>
-        <version>3.3.0-update1-SNAPSHOT</version>
+        <version>3.3.1</version>
         <relativePath>../../pom.xml</relativePath>
     </parent>
 
diff --git a/modules/cxf-filters/pom.xml b/modules/cxf-filters/pom.xml
index c15c3af3..9f1bfab3 100644
--- a/modules/cxf-filters/pom.xml
+++ b/modules/cxf-filters/pom.xml
@@ -19,7 +19,7 @@
     <parent>
         <groupId>org.wso2.iot</groupId>
         <artifactId>wso2iot-parent</artifactId>
-        <version>3.3.0-update1-SNAPSHOT</version>
+        <version>3.3.1</version>
         <relativePath>../../pom.xml</relativePath>
     </parent>
 
diff --git a/modules/distribution/pom.xml b/modules/distribution/pom.xml
index 9be6598e..c7ebf127 100644
--- a/modules/distribution/pom.xml
+++ b/modules/distribution/pom.xml
@@ -22,7 +22,7 @@
 	<parent>
 		<groupId>org.wso2.iot</groupId>
 		<artifactId>wso2iot-parent</artifactId>
-		<version>3.3.0-update1-SNAPSHOT</version>
+		<version>3.3.1</version>
 		<relativePath>../../pom.xml</relativePath>
 	</parent>
 
diff --git a/modules/features/org.wso2.iot.core.styles.feature/pom.xml b/modules/features/org.wso2.iot.core.styles.feature/pom.xml
index 48972207..3e48915a 100644
--- a/modules/features/org.wso2.iot.core.styles.feature/pom.xml
+++ b/modules/features/org.wso2.iot.core.styles.feature/pom.xml
@@ -22,7 +22,7 @@
     <parent>
         <groupId>org.wso2.iot</groupId>
         <artifactId>wso2iot-features</artifactId>
-        <version>3.3.0-update1-SNAPSHOT</version>
+        <version>3.3.1</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 
diff --git a/modules/features/pom.xml b/modules/features/pom.xml
index 18c62c17..5078a6a0 100644
--- a/modules/features/pom.xml
+++ b/modules/features/pom.xml
@@ -23,7 +23,7 @@
     <parent>
         <groupId>org.wso2.iot</groupId>
         <artifactId>wso2iot-parent</artifactId>
-        <version>3.3.0-update1-SNAPSHOT</version>
+        <version>3.3.1</version>
         <relativePath>../../pom.xml</relativePath>
     </parent>
 
diff --git a/modules/integration/pom.xml b/modules/integration/pom.xml
index 9af68ea9..35f10016 100644
--- a/modules/integration/pom.xml
+++ b/modules/integration/pom.xml
@@ -21,7 +21,7 @@
     <parent>
         <groupId>org.wso2.iot</groupId>
         <artifactId>wso2iot-parent</artifactId>
-        <version>3.3.0-update1-SNAPSHOT</version>
+        <version>3.3.1</version>
         <relativePath>../../pom.xml</relativePath>
     </parent>
 
diff --git a/modules/integration/tests-common/integration-common/pom.xml b/modules/integration/tests-common/integration-common/pom.xml
index fac6050a..eaaf6eb7 100644
--- a/modules/integration/tests-common/integration-common/pom.xml
+++ b/modules/integration/tests-common/integration-common/pom.xml
@@ -22,7 +22,7 @@
     <parent>
         <groupId>org.wso2.iot</groupId>
         <artifactId>tests-common</artifactId>
-        <version>3.3.0-update1-SNAPSHOT</version>
+        <version>3.3.1</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 
diff --git a/modules/integration/tests-common/pom.xml b/modules/integration/tests-common/pom.xml
index a81c6597..03bc8952 100644
--- a/modules/integration/tests-common/pom.xml
+++ b/modules/integration/tests-common/pom.xml
@@ -21,7 +21,7 @@
     <parent>
         <groupId>org.wso2.iot</groupId>
         <artifactId>wso2iot-integration</artifactId>
-        <version>3.3.0-update1-SNAPSHOT</version>
+        <version>3.3.1</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 
diff --git a/modules/integration/tests-common/web-ui-pages/pom.xml b/modules/integration/tests-common/web-ui-pages/pom.xml
index c8b6010c..6a1c11db 100644
--- a/modules/integration/tests-common/web-ui-pages/pom.xml
+++ b/modules/integration/tests-common/web-ui-pages/pom.xml
@@ -22,7 +22,7 @@
     <parent>
         <groupId>org.wso2.iot</groupId>
         <artifactId>tests-common</artifactId>
-        <version>3.3.0-update1-SNAPSHOT</version>
+        <version>3.3.1</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 
diff --git a/modules/integration/tests-integration/pom.xml b/modules/integration/tests-integration/pom.xml
index 5804767e..c9b9ec93 100644
--- a/modules/integration/tests-integration/pom.xml
+++ b/modules/integration/tests-integration/pom.xml
@@ -20,7 +20,7 @@
     <parent>
         <groupId>org.wso2.iot</groupId>
         <artifactId>wso2iot-integration</artifactId>
-        <version>3.3.0-update1-SNAPSHOT</version>
+        <version>3.3.1</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 
diff --git a/modules/integration/tests-iot-web-ui/pom.xml b/modules/integration/tests-iot-web-ui/pom.xml
index bd2828a5..1aa62325 100644
--- a/modules/integration/tests-iot-web-ui/pom.xml
+++ b/modules/integration/tests-iot-web-ui/pom.xml
@@ -20,7 +20,7 @@
     <parent>
         <groupId>org.wso2.iot</groupId>
         <artifactId>wso2iot-integration</artifactId>
-        <version>3.3.0-update1-SNAPSHOT</version>
+        <version>3.3.1</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 
diff --git a/modules/p2-profile/analytics-profile/pom.xml b/modules/p2-profile/analytics-profile/pom.xml
index 38cec19a..8d6711f5 100644
--- a/modules/p2-profile/analytics-profile/pom.xml
+++ b/modules/p2-profile/analytics-profile/pom.xml
@@ -21,7 +21,7 @@
     <parent>
         <groupId>org.wso2.iot</groupId>
         <artifactId>wso2iot-p2-profile</artifactId>
-        <version>3.3.0-update1-SNAPSHOT</version>
+        <version>3.3.1</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 
diff --git a/modules/p2-profile/broker-profile/pom.xml b/modules/p2-profile/broker-profile/pom.xml
index e40b8b87..939ebe1c 100644
--- a/modules/p2-profile/broker-profile/pom.xml
+++ b/modules/p2-profile/broker-profile/pom.xml
@@ -20,7 +20,7 @@
     <parent>
         <groupId>org.wso2.iot</groupId>
         <artifactId>wso2iot-p2-profile</artifactId>
-        <version>3.3.0-update1-SNAPSHOT</version>
+        <version>3.3.1</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 
diff --git a/modules/p2-profile/iot-core-profile/pom.xml b/modules/p2-profile/iot-core-profile/pom.xml
index 1478f926..07716825 100644
--- a/modules/p2-profile/iot-core-profile/pom.xml
+++ b/modules/p2-profile/iot-core-profile/pom.xml
@@ -22,7 +22,7 @@
     <parent>
         <groupId>org.wso2.iot</groupId>
         <artifactId>wso2iot-p2-profile</artifactId>
-        <version>3.3.0-update1-SNAPSHOT</version>
+        <version>3.3.1</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 
diff --git a/modules/p2-profile/pom.xml b/modules/p2-profile/pom.xml
index d41db6d7..fffe68df 100644
--- a/modules/p2-profile/pom.xml
+++ b/modules/p2-profile/pom.xml
@@ -23,7 +23,7 @@
     <parent>
         <groupId>org.wso2.iot</groupId>
         <artifactId>wso2iot-parent</artifactId>
-        <version>3.3.0-update1-SNAPSHOT</version>
+        <version>3.3.1</version>
         <relativePath>../../pom.xml</relativePath>
     </parent>
 
diff --git a/modules/scripts/mobile-qsg/pom.xml b/modules/scripts/mobile-qsg/pom.xml
index df9e3885..7795f031 100644
--- a/modules/scripts/mobile-qsg/pom.xml
+++ b/modules/scripts/mobile-qsg/pom.xml
@@ -21,13 +21,13 @@
     <parent>
         <groupId>org.wso2.iot</groupId>
         <artifactId>wso2iot-scripts</artifactId>
-        <version>3.3.0-update1-SNAPSHOT</version>
+        <version>3.3.1</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 
     <modelVersion>4.0.0</modelVersion>
     <artifactId>mobile-qsg</artifactId>
-    <version>3.3.0-update1-SNAPSHOT</version>
+    <version>3.3.1</version>
     <name>WSO2 IoT - QSG Script</name>
     <description>This includes the tools for IoTs Quick Start Guide</description>
     <packaging>jar</packaging>
diff --git a/modules/scripts/pom.xml b/modules/scripts/pom.xml
index 424ff938..9473cbf2 100644
--- a/modules/scripts/pom.xml
+++ b/modules/scripts/pom.xml
@@ -21,7 +21,7 @@
     <parent>
         <groupId>org.wso2.iot</groupId>
         <artifactId>wso2iot-parent</artifactId>
-        <version>3.3.0-update1-SNAPSHOT</version>
+        <version>3.3.1</version>
         <relativePath>../../pom.xml</relativePath>
     </parent>
 
diff --git a/modules/tools/cdmf-devicetype-archetype/pom.xml b/modules/tools/cdmf-devicetype-archetype/pom.xml
index 23bf276f..82de1cba 100644
--- a/modules/tools/cdmf-devicetype-archetype/pom.xml
+++ b/modules/tools/cdmf-devicetype-archetype/pom.xml
@@ -20,13 +20,13 @@
     <parent>
         <groupId>org.wso2.iot</groupId>
         <artifactId>wso2iot-tools</artifactId>
-        <version>3.3.0-update1-SNAPSHOT</version>
+        <version>3.3.1</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 
     <modelVersion>4.0.0</modelVersion>
     <artifactId>iot-devicetype-archetype</artifactId>
-    <version>3.3.0-update1-SNAPSHOT</version>
+    <version>3.3.1</version>
     <name>WSO2 IoT - Device Type Archetype</name>
     <description>WSO2 IoT Device Type Archetype</description>
     <packaging>maven-archetype</packaging>
diff --git a/modules/tools/pom.xml b/modules/tools/pom.xml
index c51b3160..3659dc8f 100644
--- a/modules/tools/pom.xml
+++ b/modules/tools/pom.xml
@@ -21,7 +21,7 @@
     <parent>
         <groupId>org.wso2.iot</groupId>
         <artifactId>wso2iot-parent</artifactId>
-        <version>3.3.0-update1-SNAPSHOT</version>
+        <version>3.3.1</version>
         <relativePath>../../pom.xml</relativePath>
     </parent>
 
diff --git a/pom.xml b/pom.xml
index b7adb324..2980803d 100644
--- a/pom.xml
+++ b/pom.xml
@@ -23,7 +23,7 @@
     <groupId>org.wso2.iot</groupId>
     <artifactId>wso2iot-parent</artifactId>
     <packaging>pom</packaging>
-    <version>3.3.0-update1-SNAPSHOT</version>
+    <version>3.3.1</version>
     <name>WSO2 IoT - Parent</name>
     <url>http://wso2.org</url>
     <description>WSO2 IoT Server</description>
@@ -1687,7 +1687,7 @@
         <url>https://github.com/wso2/product-iots.git</url>
         <developerConnection>scm:git:https://github.com/wso2/product-iots.git</developerConnection>
         <connection>scm:git:https://github.com/wso2/product-iots.git</connection>
-        <tag>HEAD</tag>
+        <tag>v3.3.1-rc1</tag>
     </scm>
 
     <build>

From 08219aafeeebdcf0465b2733173c5bf170ef2208 Mon Sep 17 00:00:00 2001
From: WSO2 Builder <jenkins-bot@wso2.com>
Date: Wed, 31 Oct 2018 11:24:30 +0000
Subject: [PATCH 10/10] [maven-release-plugin] prepare for next development
 iteration

---
 modules/components/org.wso2.iot.core.admin.styles/pom.xml   | 2 +-
 modules/components/pom.xml                                  | 2 +-
 modules/cxf-filters/pom.xml                                 | 2 +-
 modules/distribution/pom.xml                                | 2 +-
 modules/features/org.wso2.iot.core.styles.feature/pom.xml   | 2 +-
 modules/features/pom.xml                                    | 2 +-
 modules/integration/pom.xml                                 | 2 +-
 modules/integration/tests-common/integration-common/pom.xml | 2 +-
 modules/integration/tests-common/pom.xml                    | 2 +-
 modules/integration/tests-common/web-ui-pages/pom.xml       | 2 +-
 modules/integration/tests-integration/pom.xml               | 2 +-
 modules/integration/tests-iot-web-ui/pom.xml                | 2 +-
 modules/p2-profile/analytics-profile/pom.xml                | 2 +-
 modules/p2-profile/broker-profile/pom.xml                   | 2 +-
 modules/p2-profile/iot-core-profile/pom.xml                 | 2 +-
 modules/p2-profile/pom.xml                                  | 2 +-
 modules/scripts/mobile-qsg/pom.xml                          | 4 ++--
 modules/scripts/pom.xml                                     | 2 +-
 modules/tools/cdmf-devicetype-archetype/pom.xml             | 4 ++--
 modules/tools/pom.xml                                       | 2 +-
 pom.xml                                                     | 4 ++--
 21 files changed, 24 insertions(+), 24 deletions(-)

diff --git a/modules/components/org.wso2.iot.core.admin.styles/pom.xml b/modules/components/org.wso2.iot.core.admin.styles/pom.xml
index 425e4762..ba9ba3fd 100644
--- a/modules/components/org.wso2.iot.core.admin.styles/pom.xml
+++ b/modules/components/org.wso2.iot.core.admin.styles/pom.xml
@@ -21,7 +21,7 @@
     <parent>
         <groupId>org.wso2.iot</groupId>
         <artifactId>wso2iot-components</artifactId>
-        <version>3.3.1</version>
+        <version>3.3.1-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 
diff --git a/modules/components/pom.xml b/modules/components/pom.xml
index 52545bce..1683bdff 100644
--- a/modules/components/pom.xml
+++ b/modules/components/pom.xml
@@ -23,7 +23,7 @@
     <parent>
         <groupId>org.wso2.iot</groupId>
         <artifactId>wso2iot-parent</artifactId>
-        <version>3.3.1</version>
+        <version>3.3.1-SNAPSHOT</version>
         <relativePath>../../pom.xml</relativePath>
     </parent>
 
diff --git a/modules/cxf-filters/pom.xml b/modules/cxf-filters/pom.xml
index 9f1bfab3..ec233611 100644
--- a/modules/cxf-filters/pom.xml
+++ b/modules/cxf-filters/pom.xml
@@ -19,7 +19,7 @@
     <parent>
         <groupId>org.wso2.iot</groupId>
         <artifactId>wso2iot-parent</artifactId>
-        <version>3.3.1</version>
+        <version>3.3.1-SNAPSHOT</version>
         <relativePath>../../pom.xml</relativePath>
     </parent>
 
diff --git a/modules/distribution/pom.xml b/modules/distribution/pom.xml
index c7ebf127..46a3d037 100644
--- a/modules/distribution/pom.xml
+++ b/modules/distribution/pom.xml
@@ -22,7 +22,7 @@
 	<parent>
 		<groupId>org.wso2.iot</groupId>
 		<artifactId>wso2iot-parent</artifactId>
-		<version>3.3.1</version>
+		<version>3.3.1-SNAPSHOT</version>
 		<relativePath>../../pom.xml</relativePath>
 	</parent>
 
diff --git a/modules/features/org.wso2.iot.core.styles.feature/pom.xml b/modules/features/org.wso2.iot.core.styles.feature/pom.xml
index 3e48915a..e3e1f6b2 100644
--- a/modules/features/org.wso2.iot.core.styles.feature/pom.xml
+++ b/modules/features/org.wso2.iot.core.styles.feature/pom.xml
@@ -22,7 +22,7 @@
     <parent>
         <groupId>org.wso2.iot</groupId>
         <artifactId>wso2iot-features</artifactId>
-        <version>3.3.1</version>
+        <version>3.3.1-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 
diff --git a/modules/features/pom.xml b/modules/features/pom.xml
index 5078a6a0..54948182 100644
--- a/modules/features/pom.xml
+++ b/modules/features/pom.xml
@@ -23,7 +23,7 @@
     <parent>
         <groupId>org.wso2.iot</groupId>
         <artifactId>wso2iot-parent</artifactId>
-        <version>3.3.1</version>
+        <version>3.3.1-SNAPSHOT</version>
         <relativePath>../../pom.xml</relativePath>
     </parent>
 
diff --git a/modules/integration/pom.xml b/modules/integration/pom.xml
index 35f10016..d5b3d1c7 100644
--- a/modules/integration/pom.xml
+++ b/modules/integration/pom.xml
@@ -21,7 +21,7 @@
     <parent>
         <groupId>org.wso2.iot</groupId>
         <artifactId>wso2iot-parent</artifactId>
-        <version>3.3.1</version>
+        <version>3.3.1-SNAPSHOT</version>
         <relativePath>../../pom.xml</relativePath>
     </parent>
 
diff --git a/modules/integration/tests-common/integration-common/pom.xml b/modules/integration/tests-common/integration-common/pom.xml
index eaaf6eb7..a3662bce 100644
--- a/modules/integration/tests-common/integration-common/pom.xml
+++ b/modules/integration/tests-common/integration-common/pom.xml
@@ -22,7 +22,7 @@
     <parent>
         <groupId>org.wso2.iot</groupId>
         <artifactId>tests-common</artifactId>
-        <version>3.3.1</version>
+        <version>3.3.1-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 
diff --git a/modules/integration/tests-common/pom.xml b/modules/integration/tests-common/pom.xml
index 03bc8952..54c7023d 100644
--- a/modules/integration/tests-common/pom.xml
+++ b/modules/integration/tests-common/pom.xml
@@ -21,7 +21,7 @@
     <parent>
         <groupId>org.wso2.iot</groupId>
         <artifactId>wso2iot-integration</artifactId>
-        <version>3.3.1</version>
+        <version>3.3.1-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 
diff --git a/modules/integration/tests-common/web-ui-pages/pom.xml b/modules/integration/tests-common/web-ui-pages/pom.xml
index 6a1c11db..9670606f 100644
--- a/modules/integration/tests-common/web-ui-pages/pom.xml
+++ b/modules/integration/tests-common/web-ui-pages/pom.xml
@@ -22,7 +22,7 @@
     <parent>
         <groupId>org.wso2.iot</groupId>
         <artifactId>tests-common</artifactId>
-        <version>3.3.1</version>
+        <version>3.3.1-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 
diff --git a/modules/integration/tests-integration/pom.xml b/modules/integration/tests-integration/pom.xml
index c9b9ec93..d8a0f365 100644
--- a/modules/integration/tests-integration/pom.xml
+++ b/modules/integration/tests-integration/pom.xml
@@ -20,7 +20,7 @@
     <parent>
         <groupId>org.wso2.iot</groupId>
         <artifactId>wso2iot-integration</artifactId>
-        <version>3.3.1</version>
+        <version>3.3.1-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 
diff --git a/modules/integration/tests-iot-web-ui/pom.xml b/modules/integration/tests-iot-web-ui/pom.xml
index 1aa62325..dad48399 100644
--- a/modules/integration/tests-iot-web-ui/pom.xml
+++ b/modules/integration/tests-iot-web-ui/pom.xml
@@ -20,7 +20,7 @@
     <parent>
         <groupId>org.wso2.iot</groupId>
         <artifactId>wso2iot-integration</artifactId>
-        <version>3.3.1</version>
+        <version>3.3.1-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 
diff --git a/modules/p2-profile/analytics-profile/pom.xml b/modules/p2-profile/analytics-profile/pom.xml
index 8d6711f5..18f6e970 100644
--- a/modules/p2-profile/analytics-profile/pom.xml
+++ b/modules/p2-profile/analytics-profile/pom.xml
@@ -21,7 +21,7 @@
     <parent>
         <groupId>org.wso2.iot</groupId>
         <artifactId>wso2iot-p2-profile</artifactId>
-        <version>3.3.1</version>
+        <version>3.3.1-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 
diff --git a/modules/p2-profile/broker-profile/pom.xml b/modules/p2-profile/broker-profile/pom.xml
index 939ebe1c..2480d743 100644
--- a/modules/p2-profile/broker-profile/pom.xml
+++ b/modules/p2-profile/broker-profile/pom.xml
@@ -20,7 +20,7 @@
     <parent>
         <groupId>org.wso2.iot</groupId>
         <artifactId>wso2iot-p2-profile</artifactId>
-        <version>3.3.1</version>
+        <version>3.3.1-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 
diff --git a/modules/p2-profile/iot-core-profile/pom.xml b/modules/p2-profile/iot-core-profile/pom.xml
index 07716825..ca04c88c 100644
--- a/modules/p2-profile/iot-core-profile/pom.xml
+++ b/modules/p2-profile/iot-core-profile/pom.xml
@@ -22,7 +22,7 @@
     <parent>
         <groupId>org.wso2.iot</groupId>
         <artifactId>wso2iot-p2-profile</artifactId>
-        <version>3.3.1</version>
+        <version>3.3.1-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 
diff --git a/modules/p2-profile/pom.xml b/modules/p2-profile/pom.xml
index fffe68df..cd0c665a 100644
--- a/modules/p2-profile/pom.xml
+++ b/modules/p2-profile/pom.xml
@@ -23,7 +23,7 @@
     <parent>
         <groupId>org.wso2.iot</groupId>
         <artifactId>wso2iot-parent</artifactId>
-        <version>3.3.1</version>
+        <version>3.3.1-SNAPSHOT</version>
         <relativePath>../../pom.xml</relativePath>
     </parent>
 
diff --git a/modules/scripts/mobile-qsg/pom.xml b/modules/scripts/mobile-qsg/pom.xml
index 7795f031..8e51ea70 100644
--- a/modules/scripts/mobile-qsg/pom.xml
+++ b/modules/scripts/mobile-qsg/pom.xml
@@ -21,13 +21,13 @@
     <parent>
         <groupId>org.wso2.iot</groupId>
         <artifactId>wso2iot-scripts</artifactId>
-        <version>3.3.1</version>
+        <version>3.3.1-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 
     <modelVersion>4.0.0</modelVersion>
     <artifactId>mobile-qsg</artifactId>
-    <version>3.3.1</version>
+    <version>3.3.1-SNAPSHOT</version>
     <name>WSO2 IoT - QSG Script</name>
     <description>This includes the tools for IoTs Quick Start Guide</description>
     <packaging>jar</packaging>
diff --git a/modules/scripts/pom.xml b/modules/scripts/pom.xml
index 9473cbf2..9215b7d3 100644
--- a/modules/scripts/pom.xml
+++ b/modules/scripts/pom.xml
@@ -21,7 +21,7 @@
     <parent>
         <groupId>org.wso2.iot</groupId>
         <artifactId>wso2iot-parent</artifactId>
-        <version>3.3.1</version>
+        <version>3.3.1-SNAPSHOT</version>
         <relativePath>../../pom.xml</relativePath>
     </parent>
 
diff --git a/modules/tools/cdmf-devicetype-archetype/pom.xml b/modules/tools/cdmf-devicetype-archetype/pom.xml
index 82de1cba..f9611ed4 100644
--- a/modules/tools/cdmf-devicetype-archetype/pom.xml
+++ b/modules/tools/cdmf-devicetype-archetype/pom.xml
@@ -20,13 +20,13 @@
     <parent>
         <groupId>org.wso2.iot</groupId>
         <artifactId>wso2iot-tools</artifactId>
-        <version>3.3.1</version>
+        <version>3.3.1-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 
     <modelVersion>4.0.0</modelVersion>
     <artifactId>iot-devicetype-archetype</artifactId>
-    <version>3.3.1</version>
+    <version>3.3.1-SNAPSHOT</version>
     <name>WSO2 IoT - Device Type Archetype</name>
     <description>WSO2 IoT Device Type Archetype</description>
     <packaging>maven-archetype</packaging>
diff --git a/modules/tools/pom.xml b/modules/tools/pom.xml
index 3659dc8f..e9b3d144 100644
--- a/modules/tools/pom.xml
+++ b/modules/tools/pom.xml
@@ -21,7 +21,7 @@
     <parent>
         <groupId>org.wso2.iot</groupId>
         <artifactId>wso2iot-parent</artifactId>
-        <version>3.3.1</version>
+        <version>3.3.1-SNAPSHOT</version>
         <relativePath>../../pom.xml</relativePath>
     </parent>
 
diff --git a/pom.xml b/pom.xml
index 2980803d..8be5a075 100644
--- a/pom.xml
+++ b/pom.xml
@@ -23,7 +23,7 @@
     <groupId>org.wso2.iot</groupId>
     <artifactId>wso2iot-parent</artifactId>
     <packaging>pom</packaging>
-    <version>3.3.1</version>
+    <version>3.3.1-SNAPSHOT</version>
     <name>WSO2 IoT - Parent</name>
     <url>http://wso2.org</url>
     <description>WSO2 IoT Server</description>
@@ -1687,7 +1687,7 @@
         <url>https://github.com/wso2/product-iots.git</url>
         <developerConnection>scm:git:https://github.com/wso2/product-iots.git</developerConnection>
         <connection>scm:git:https://github.com/wso2/product-iots.git</connection>
-        <tag>v3.3.1-rc1</tag>
+        <tag>HEAD</tag>
     </scm>
 
     <build>