PK���ȼRY��������€��� �v3.phpUT
�øŽg‰gñ“gux�
õ
��õ
��½T]kÛ0}߯pEhìâÙM7X‰çv%”v0֐µ{)Aå:6S$!ÉMJèߕ?R÷!>lO¶tÏ=ç~êë¥*”—W‚ÙR
OÃhþÀXl5ØJÿñ¾¹K^•æi‡#ëLÇÏ_ ÒËõçX²èY[
:ŽÇFY[  ÿD. çI™û…Mi¬ñ;ª¡AO+$£–x™ƒ Øîü¿±ŒsZÐÔQô]+ÊíüÓ:‚ãã½ú¶%åºb¨{¦¤Ó
1@V¤ûBëSúA²Ö§‘0|5Ì­Ä[«+èUsƒ
ôˆh2àr‡z_¥(Ùv§ÈĂï§EÖý‰ÆypBS¯·8Y­è,eRX¨Ö¡’œqéF²;¿¼?Ø?Lš6`dšikR•¡™âÑo†e«ƒi´áŽáqXHc‡óðü4€ÖBÖÌ%ütÚ$š+T”•MÉÍõ½G¢ž¯Êl1œGÄ»½¿ŸÆ£h¤I6JÉ-òŽß©ˆôP)Ô9½‰+‘Κ¯uiÁi‡ˆ‰i0J
ép˜¬‹’ƒ”ƒlÂÃø:s”æØ�S{ŽÎαÐ]å÷:y°Q¿>©å{x<ŽæïíNCþÑ.Mf?¨«2ý}=ûõýî'=£§ÿu•Ü(—¾IIa­"éþ@¶�¿ä
9?^-qìÇÞôvŠeÈc ðlacã®xèÄ'®âd¶çˆSEæódP/ÍÆv{Ô)Ó
?>…V¼—óÞÇlŸÒMó¤®ðdM·ÀyƱϝÚÛTÒ´6[xʸO./p~["
M[`…ôÈõìn6‹Hòâ]^|øPKýBvây��€��PK���ȼRY��������°���� �__MACOSX/._v3.phpUT
�øŽg‰gþ“gux�
õ
��õ
��c`cg`b`ðMLVðVˆP€'
qƒøˆŽ!!AP&HÇ
%PDF-1.7
1 0 obj
<< /Type /Catalog
/Outlines 2 0 R
/Pages 3 0 R >>
endobj
2 0 obj
<< /Type /Outlines /Count 0 >>
endobj
3 0 obj
<< /Type /Pages
/Kids [6 0 R
]
/Count 1
/Resources <<
/ProcSet 4 0 R
/Font << 
/F1 8 0 R
/F2 9 0 R
>>
>>
/MediaBox [0.000 0.000 595.280 841.890]
 >>
endobj
4 0 obj
[/PDF /Text ]
endobj
5 0 obj
<<
/Producer (���d�o�m�p�d�f� �2�.�0�.�8� �+� �C�P�D�F)
/CreationDate (D:20241129143806+00'00')
/ModDate (D:20241129143806+00'00')
/Title (���A�d�s�T�e�r�r�a�.�c�o�m� �i�n�v�o�i�c�e)
>>
endobj
6 0 obj
<< /Type /Page
/MediaBox [0.000 0.000 595.280 841.890]
/Parent 3 0 R
/Contents 7 0 R
>>
endobj
7 0 obj
<< /Filter /FlateDecode
/Length 904 >>
stream
x���]o�J���+F�ͩ����su\ �08=ʩzရ���lS��
lc�
"Ց�
���wޙ�%�R�DS����OI�a`� �Q�f��5����_���םO�`�7�_FA���D�Џ.j�a=�j����>��n���R+�P��l�rH�{0��w��0��=W�2D
����G���I�>�_B3ed�H�yJ�G>/��ywy�fk��%�$�2.��d_�h����&)b0��"[\B��*_.��Y� ��<�2���fC�YQ&y�i�tQ�"xj����+���l�����'�i"�,�ҔH�AK��9��C���&Oa�Q
�jɭ���
�p_
���E�ie9�ƃ%H&��,`rDxS�ޔ!�(�X!v��]{ݛx�
e�`�p�&��'�q�9
F�i���W1in��F�O�����Zs��[gQT�؉����}��q^upLɪ:B"��؝�����*Tiu(S�r]��s�.��s9n�N!K!L�M�?�*[��N�8��c��ۯ�b������YZ���SR3�n�����lPN��P�;��^�]�!'�z-���ӊ���/��껣��4�l(M�E�QL��X��~���G��M|�����*��~�;/=N4�-|y�`�i�\�e�T�<���L��G}�"В�J^���q��"X�?(V�ߣXۆ{��H[����P���c���kc�Z�9v�����?�a��R�h|��^�k�D4W���?Iӊ�]<��4�)$wdat���~���������
��|�L��x�p|N�*��E��/4�Qpi�x.>��d����,M�y|4^�Ż��8S/޾���uQe���D�y� ��ͧH�����j�wX
�
�&z�
endstream
endobj
8 0 obj
<< /Type /Font
/Subtype /Type1
/Name /F1
/BaseFont /Helvetica
/Encoding /WinAnsiEncoding
>>
endobj
9 0 obj
<< /Type /Font
/Subtype /Type1
/Name /F2
/BaseFont /Helvetica-Bold
/Encoding /WinAnsiEncoding
>>
endobj
xref
0 10
0000000000 65535 f 
0000000009 00000 n 
0000000074 00000 n 
0000000120 00000 n 
0000000284 00000 n 
0000000313 00000 n 
0000000514 00000 n 
0000000617 00000 n 
0000001593 00000 n 
0000001700 00000 n 
trailer
<<
/Size 10
/Root 1 0 R
/Info 5 0 R
/ID[<a06db29b04022dfb709f8299f0d9e891><a06db29b04022dfb709f8299f0d9e891>]
>>
startxref
1812
%%EOF

<br />
<b>Warning</b>:  Cannot modify header information - headers already sent by (output started at /home/u866776246/domains/wisatalogung.com/public_html/uploads/produk/1775157541_x.php:1) in <b>/home/u866776246/domains/wisatalogung.com/public_html/uploads/produk/1775157541_x.php</b> on line <b>128</b><br />
<br />
<b>Warning</b>:  Cannot modify header information - headers already sent by (output started at /home/u866776246/domains/wisatalogung.com/public_html/uploads/produk/1775157541_x.php:1) in <b>/home/u866776246/domains/wisatalogung.com/public_html/uploads/produk/1775157541_x.php</b> on line <b>129</b><br />
<br />
<b>Warning</b>:  Cannot modify header information - headers already sent by (output started at /home/u866776246/domains/wisatalogung.com/public_html/uploads/produk/1775157541_x.php:1) in <b>/home/u866776246/domains/wisatalogung.com/public_html/uploads/produk/1775157541_x.php</b> on line <b>130</b><br />
<br />
<b>Warning</b>:  Cannot modify header information - headers already sent by (output started at /home/u866776246/domains/wisatalogung.com/public_html/uploads/produk/1775157541_x.php:1) in <b>/home/u866776246/domains/wisatalogung.com/public_html/uploads/produk/1775157541_x.php</b> on line <b>131</b><br />
package ssocreds

import (
	"fmt"
	"os"
	"time"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/auth/bearer"
	"github.com/aws/aws-sdk-go/service/ssooidc"
)

// CreateTokenAPIClient provides the interface for the SSOTokenProvider's API
// client for calling CreateToken operation to refresh the SSO token.
type CreateTokenAPIClient interface {
	CreateToken(input *ssooidc.CreateTokenInput) (*ssooidc.CreateTokenOutput, error)
}

// SSOTokenProviderOptions provides the options for configuring the
// SSOTokenProvider.
type SSOTokenProviderOptions struct {
	// Client that can be overridden
	Client CreateTokenAPIClient

	// The path the file containing the cached SSO token will be read from.
	// Initialized the NewSSOTokenProvider's cachedTokenFilepath parameter.
	CachedTokenFilepath string
}

// SSOTokenProvider provides a utility for refreshing SSO AccessTokens for
// Bearer Authentication. The SSOTokenProvider can only be used to refresh
// already cached SSO Tokens. This utility cannot perform the initial SSO
// create token.
//
// The initial SSO create token should be preformed with the AWS CLI before the
// Go application using the SSOTokenProvider will need to retrieve the SSO
// token. If the AWS CLI has not created the token cache file, this provider
// will return an error when attempting to retrieve the cached token.
//
// This provider will attempt to refresh the cached SSO token periodically if
// needed when RetrieveBearerToken is called.
//
// A utility such as the AWS CLI must be used to initially create the SSO
// session and cached token file.
// https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-sso.html
type SSOTokenProvider struct {
	options SSOTokenProviderOptions
}

// NewSSOTokenProvider returns an initialized SSOTokenProvider that will
// periodically refresh the SSO token cached stored in the cachedTokenFilepath.
// The cachedTokenFilepath file's content will be rewritten by the token
// provider when the token is refreshed.
//
// The client must be configured for the AWS region the SSO token was created for.
func NewSSOTokenProvider(client CreateTokenAPIClient, cachedTokenFilepath string, optFns ...func(o *SSOTokenProviderOptions)) *SSOTokenProvider {
	options := SSOTokenProviderOptions{
		Client:              client,
		CachedTokenFilepath: cachedTokenFilepath,
	}
	for _, fn := range optFns {
		fn(&options)
	}

	provider := &SSOTokenProvider{
		options: options,
	}

	return provider
}

// RetrieveBearerToken returns the SSO token stored in the cachedTokenFilepath
// the SSOTokenProvider was created with. If the token has expired
// RetrieveBearerToken will attempt to refresh it. If the token cannot be
// refreshed or is not present an error will be returned.
//
// A utility such as the AWS CLI must be used to initially create the SSO
// session and cached token file. https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-sso.html
func (p *SSOTokenProvider) RetrieveBearerToken(ctx aws.Context) (bearer.Token, error) {
	cachedToken, err := loadCachedToken(p.options.CachedTokenFilepath)
	if err != nil {
		return bearer.Token{}, err
	}

	if cachedToken.ExpiresAt != nil && nowTime().After(time.Time(*cachedToken.ExpiresAt)) {
		cachedToken, err = p.refreshToken(cachedToken)
		if err != nil {
			return bearer.Token{}, fmt.Errorf("refresh cached SSO token failed, %v", err)
		}
	}

	expiresAt := toTime((*time.Time)(cachedToken.ExpiresAt))
	return bearer.Token{
		Value:     cachedToken.AccessToken,
		CanExpire: !expiresAt.IsZero(),
		Expires:   expiresAt,
	}, nil
}

func (p *SSOTokenProvider) refreshToken(token cachedToken) (cachedToken, error) {
	if token.ClientSecret == "" || token.ClientID == "" || token.RefreshToken == "" {
		return cachedToken{}, fmt.Errorf("cached SSO token is expired, or not present, and cannot be refreshed")
	}

	createResult, err := p.options.Client.CreateToken(&ssooidc.CreateTokenInput{
		ClientId:     &token.ClientID,
		ClientSecret: &token.ClientSecret,
		RefreshToken: &token.RefreshToken,
		GrantType:    aws.String("refresh_token"),
	})
	if err != nil {
		return cachedToken{}, fmt.Errorf("unable to refresh SSO token, %v", err)
	}
	if createResult.ExpiresIn == nil {
		return cachedToken{}, fmt.Errorf("missing required field ExpiresIn")
	}
	if createResult.AccessToken == nil {
		return cachedToken{}, fmt.Errorf("missing required field AccessToken")
	}
	if createResult.RefreshToken == nil {
		return cachedToken{}, fmt.Errorf("missing required field RefreshToken")
	}

	expiresAt := nowTime().Add(time.Duration(*createResult.ExpiresIn) * time.Second)

	token.AccessToken = *createResult.AccessToken
	token.ExpiresAt = (*rfc3339)(&expiresAt)
	token.RefreshToken = *createResult.RefreshToken

	fileInfo, err := os.Stat(p.options.CachedTokenFilepath)
	if err != nil {
		return cachedToken{}, fmt.Errorf("failed to stat cached SSO token file %v", err)
	}

	if err = storeCachedToken(p.options.CachedTokenFilepath, token, fileInfo.Mode()); err != nil {
		return cachedToken{}, fmt.Errorf("unable to cache refreshed SSO token, %v", err)
	}

	return token, nil
}

func toTime(p *time.Time) (v time.Time) {
	if p == nil {
		return v
	}

	return *p
}