line |
stmt |
bran |
cond |
sub |
pod |
time |
code |
1
|
|
|
|
|
|
|
# Copyrights 2013-2019 by [Mark Overmeer ]. |
2
|
|
|
|
|
|
|
# For other contributors see ChangeLog. |
3
|
|
|
|
|
|
|
# See the manual pages for details on the licensing terms. |
4
|
|
|
|
|
|
|
# Pod stripped from pm file by OODoc 2.02. |
5
|
|
|
|
|
|
|
# This code is part of distribution Net-OAuth2. Meta-POD processed |
6
|
|
|
|
|
|
|
# with OODoc into POD and HTML manual-pages. See README.md |
7
|
|
|
|
|
|
|
# Copyright Mark Overmeer. Licensed under the same terms as Perl itself. |
8
|
|
|
|
|
|
|
|
9
|
|
|
|
|
|
|
package Net::OAuth2::Profile; |
10
|
4
|
|
|
4
|
|
27
|
use vars '$VERSION'; |
|
4
|
|
|
|
|
7
|
|
|
4
|
|
|
|
|
157
|
|
11
|
|
|
|
|
|
|
$VERSION = '0.66'; |
12
|
|
|
|
|
|
|
|
13
|
|
|
|
|
|
|
|
14
|
4
|
|
|
4
|
|
18
|
use warnings; |
|
4
|
|
|
|
|
6
|
|
|
4
|
|
|
|
|
89
|
|
15
|
4
|
|
|
4
|
|
15
|
use strict; |
|
4
|
|
|
|
|
6
|
|
|
4
|
|
|
|
|
73
|
|
16
|
|
|
|
|
|
|
|
17
|
4
|
|
|
4
|
|
1618
|
use LWP::UserAgent (); |
|
4
|
|
|
|
|
114277
|
|
|
4
|
|
|
|
|
79
|
|
18
|
4
|
|
|
4
|
|
44
|
use URI (); |
|
4
|
|
|
|
|
11
|
|
|
4
|
|
|
|
|
67
|
|
19
|
4
|
|
|
4
|
|
452
|
use JSON::MaybeXS qw/decode_json/; |
|
4
|
|
|
|
|
5003
|
|
|
4
|
|
|
|
|
245
|
|
20
|
4
|
|
|
4
|
|
31
|
use Carp qw/confess carp/; |
|
4
|
|
|
|
|
9
|
|
|
4
|
|
|
|
|
165
|
|
21
|
4
|
|
|
4
|
|
21
|
use Scalar::Util qw/blessed/; |
|
4
|
|
|
|
|
5
|
|
|
4
|
|
|
|
|
145
|
|
22
|
4
|
|
|
4
|
|
2113
|
use Encode qw/encode/; |
|
4
|
|
|
|
|
38558
|
|
|
4
|
|
|
|
|
242
|
|
23
|
|
|
|
|
|
|
|
24
|
4
|
|
|
4
|
|
25
|
use constant MIME_URLENC => 'application/x-www-form-urlencoded'; |
|
4
|
|
|
|
|
8
|
|
|
4
|
|
|
|
|
6838
|
|
25
|
|
|
|
|
|
|
|
26
|
|
|
|
|
|
|
# old names still supported: |
27
|
|
|
|
|
|
|
# bearer_token_scheme => token_scheme |
28
|
|
|
|
|
|
|
|
29
|
|
|
|
|
|
|
sub new(@) |
30
|
2
|
|
|
2
|
1
|
1122
|
{ my $class = shift; |
31
|
2
|
50
|
|
|
|
9
|
$class ne __PACKAGE__ |
32
|
|
|
|
|
|
|
or carp 'you need to create an extension, not base-class '.__PACKAGE__; |
33
|
2
|
|
|
|
|
16
|
(bless {}, $class)->init( {@_} ); |
34
|
|
|
|
|
|
|
} |
35
|
|
|
|
|
|
|
|
36
|
|
|
|
|
|
|
# rfc6849 Appendix B, http://www.w3.org/TR/1999/REC-html401-19991224 |
37
|
|
|
|
|
|
|
sub _url_enc($) |
38
|
4
|
|
|
4
|
|
14
|
{ my $x = encode 'utf8', shift; # make bytes |
39
|
4
|
|
|
|
|
144
|
$x =~ s/([^A-Za-z0-9 ])/sprintf("%%%02x", ord $1)/ge; |
|
4
|
|
|
|
|
21
|
|
40
|
4
|
|
|
|
|
7
|
$x =~ s/ /+/g; |
41
|
4
|
|
|
|
|
10
|
$x; |
42
|
|
|
|
|
|
|
} |
43
|
|
|
|
|
|
|
|
44
|
|
|
|
|
|
|
sub init($) |
45
|
2
|
|
|
2
|
0
|
6
|
{ my ($self, $args) = @_; |
46
|
|
|
|
|
|
|
my $id = $self->{NOP_id} = $args->{client_id} |
47
|
2
|
50
|
|
|
|
12
|
or carp "profile needs id"; |
48
|
|
|
|
|
|
|
my $secret = $self->{NOP_secret} = $args->{client_secret} |
49
|
2
|
50
|
|
|
|
7
|
or carp "profile needs secret"; |
50
|
|
|
|
|
|
|
|
51
|
2
|
|
|
|
|
7
|
$self->{NOP_id_enc} = _url_enc $id; |
52
|
2
|
|
|
|
|
6
|
$self->{NOP_secret_enc} = _url_enc $secret; |
53
|
|
|
|
|
|
|
|
54
|
2
|
|
33
|
|
|
22
|
$self->{NOP_agent} = $args->{user_agent} || LWP::UserAgent->new; |
55
|
|
|
|
|
|
|
$self->{NOP_scheme} = $args->{token_scheme} |
56
|
2
|
|
50
|
|
|
4839
|
|| $args->{bearer_token_scheme} || 'auth-header:Bearer'; |
57
|
2
|
|
|
|
|
6
|
$self->{NOP_scope} = $args->{scope}; |
58
|
2
|
|
|
|
|
6
|
$self->{NOP_state} = $args->{state}; |
59
|
2
|
|
|
|
|
4
|
$self->{NOP_hd} = $args->{hd}; |
60
|
2
|
|
50
|
|
|
9
|
$self->{NOP_method} = $args->{access_token_method} || 'POST'; |
61
|
2
|
|
50
|
|
|
11
|
$self->{NOP_acc_param} = $args->{access_token_param} || []; |
62
|
2
|
|
|
|
|
5
|
$self->{NOP_init_params} = $args->{init_params}; |
63
|
2
|
|
|
|
|
3
|
$self->{NOP_grant_type} = $args->{grant_type}; |
64
|
|
|
|
|
|
|
$self->{NOP_show_secret} = exists $args->{secrets_in_params} |
65
|
2
|
50
|
|
|
|
8
|
? $args->{secrets_in_params} : 1; |
66
|
|
|
|
|
|
|
|
67
|
2
|
|
|
|
|
4
|
my $site = $self->{NOP_site} = $args->{site}; |
68
|
2
|
|
|
|
|
6
|
foreach my $c (qw/access_token protected_resource authorize refresh_token/) |
69
|
8
|
|
66
|
|
|
46
|
{ my $link = $args->{$c.'_url'} || $args->{$c.'_path'} || "/oauth/$c"; |
70
|
8
|
|
|
|
|
38
|
$self->{"NOP_${c}_url"} = $self->site_url($link); |
71
|
8
|
|
100
|
|
|
44
|
$self->{"NOP_${c}_method"} = $args->{$c.'_method'} || 'POST'; |
72
|
8
|
|
50
|
|
|
38
|
$self->{"NOP_${c}_param"} = $args->{$c.'_param'} || []; |
73
|
|
|
|
|
|
|
} |
74
|
|
|
|
|
|
|
|
75
|
2
|
|
|
|
|
9
|
$self; |
76
|
|
|
|
|
|
|
} |
77
|
|
|
|
|
|
|
|
78
|
|
|
|
|
|
|
#---------------- |
79
|
|
|
|
|
|
|
|
80
|
3
|
|
|
3
|
1
|
520
|
sub id() {shift->{NOP_id}} |
81
|
0
|
|
|
0
|
0
|
0
|
sub id_enc() {shift->{NOP_id_enc}} |
82
|
2
|
|
|
2
|
1
|
8
|
sub secret() {shift->{NOP_secret}} |
83
|
0
|
|
|
0
|
0
|
0
|
sub secret_enc() {shift->{NOP_secret_enc}} |
84
|
1
|
|
|
1
|
1
|
504
|
sub user_agent() {shift->{NOP_agent}} |
85
|
11
|
|
|
11
|
1
|
22
|
sub site() {shift->{NOP_site}} |
86
|
0
|
|
|
0
|
1
|
0
|
sub scope() {shift->{NOP_scope}} |
87
|
1
|
|
|
1
|
1
|
4
|
sub state() {shift->{NOP_state}} |
88
|
1
|
|
|
1
|
1
|
4
|
sub hd() {shift->{NOP_hd}} |
89
|
1
|
|
|
1
|
1
|
4
|
sub grant_type() {shift->{NOP_grant_type}} |
90
|
|
|
|
|
|
|
|
91
|
0
|
|
|
0
|
1
|
0
|
sub bearer_token_scheme() {shift->{NOP_scheme}} |
92
|
|
|
|
|
|
|
|
93
|
|
|
|
|
|
|
#---------------- |
94
|
|
|
|
|
|
|
|
95
|
|
|
|
|
|
|
sub request($@) |
96
|
0
|
|
|
0
|
1
|
0
|
{ my ($self, $request) = (shift, shift); |
97
|
|
|
|
|
|
|
#print $request->as_string; |
98
|
0
|
|
|
|
|
0
|
my $response = $self->user_agent->request($request, @_); |
99
|
|
|
|
|
|
|
#print $response->as_string; |
100
|
|
|
|
|
|
|
#$response; |
101
|
|
|
|
|
|
|
} |
102
|
|
|
|
|
|
|
|
103
|
|
|
|
|
|
|
|
104
|
|
|
|
|
|
|
sub request_auth(@) |
105
|
0
|
|
|
0
|
1
|
0
|
{ my ($self, $token) = (shift, shift); |
106
|
0
|
|
|
|
|
0
|
my $request; |
107
|
0
|
0
|
|
|
|
0
|
if(@_==1) { $request = shift } |
|
0
|
|
|
|
|
0
|
|
108
|
|
|
|
|
|
|
else |
109
|
0
|
|
|
|
|
0
|
{ my ($method, $uri, $header, $content) = @_; |
110
|
0
|
|
|
|
|
0
|
$request = HTTP::Request->new |
111
|
|
|
|
|
|
|
( $method => $self->site_url($uri) |
112
|
|
|
|
|
|
|
, $header, $content |
113
|
|
|
|
|
|
|
); |
114
|
|
|
|
|
|
|
} |
115
|
0
|
|
|
|
|
0
|
$self->add_token($request, $token, $self->bearer_token_scheme); |
116
|
0
|
|
|
|
|
0
|
$self->request($request); |
117
|
|
|
|
|
|
|
} |
118
|
|
|
|
|
|
|
|
119
|
|
|
|
|
|
|
#-------------------- |
120
|
|
|
|
|
|
|
|
121
|
|
|
|
|
|
|
sub site_url($@) |
122
|
10
|
|
|
10
|
1
|
21
|
{ my ($self, $path) = (shift, shift); |
123
|
10
|
100
|
66
|
|
|
34
|
my @params = @_==1 && ref $_[0] eq 'HASH' ? %{$_[0]} : @_; |
|
1
|
|
|
|
|
4
|
|
124
|
10
|
|
|
|
|
23
|
my $site = $self->site; |
125
|
10
|
100
|
|
|
|
35
|
my $uri = $site ? URI->new_abs($path, $site) : URI->new($path); |
126
|
10
|
100
|
|
|
|
11398
|
$uri->query_form($uri->query_form, @params) if @params; |
127
|
10
|
|
|
|
|
211
|
$uri; |
128
|
|
|
|
|
|
|
} |
129
|
|
|
|
|
|
|
|
130
|
|
|
|
|
|
|
|
131
|
|
|
|
|
|
|
sub add_token($$$) |
132
|
0
|
|
|
0
|
1
|
0
|
{ my ($self, $request, $token, $bearer) = @_; |
133
|
0
|
|
|
|
|
0
|
my $access = $token->access_token; |
134
|
|
|
|
|
|
|
|
135
|
0
|
|
|
|
|
0
|
my ($scheme, $opt) = split ':', $bearer; |
136
|
0
|
|
|
|
|
0
|
$scheme = lc $scheme; |
137
|
0
|
0
|
|
|
|
0
|
if($scheme eq 'auth-header') |
|
|
0
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
138
|
|
|
|
|
|
|
{ # Specs suggest using Bearer or OAuth2 for this value, but OAuth |
139
|
|
|
|
|
|
|
# appears to be the de facto accepted value. |
140
|
|
|
|
|
|
|
# Going to use OAuth until there is wide acceptance of something else. |
141
|
0
|
|
0
|
|
|
0
|
my $auth_scheme = $opt || 'OAuth'; |
142
|
0
|
|
|
|
|
0
|
$request->headers->header(Authorization => "$auth_scheme $access"); |
143
|
|
|
|
|
|
|
} |
144
|
|
|
|
|
|
|
elsif($scheme eq 'uri-query') |
145
|
0
|
|
0
|
|
|
0
|
{ my $query_param = $opt || 'oauth_token'; |
146
|
0
|
|
|
|
|
0
|
$request->uri->query_form($request->uri->query_form |
147
|
|
|
|
|
|
|
, $query_param => $access); |
148
|
|
|
|
|
|
|
} |
149
|
|
|
|
|
|
|
elsif($scheme eq 'form-body') |
150
|
0
|
0
|
|
|
|
0
|
{ $request->headers->content_type eq MIME_URLENC |
151
|
|
|
|
|
|
|
or die "embedding access token in request body is only valid " |
152
|
|
|
|
|
|
|
. "for 'MIME_URLENC' content type"; |
153
|
|
|
|
|
|
|
|
154
|
0
|
|
0
|
|
|
0
|
my $query_param = $opt || 'oauth_token'; |
155
|
0
|
|
|
|
|
0
|
my $content = $request->content; |
156
|
0
|
0
|
0
|
|
|
0
|
$request->add_content(($content && length $content ? '&' : '') |
157
|
|
|
|
|
|
|
. uri_escape($query_param).'='.uri_escape($access)); |
158
|
|
|
|
|
|
|
} |
159
|
|
|
|
|
|
|
else |
160
|
0
|
|
|
|
|
0
|
{ carp "unknown bearer schema $bearer"; |
161
|
|
|
|
|
|
|
} |
162
|
|
|
|
|
|
|
|
163
|
0
|
|
|
|
|
0
|
$request; |
164
|
|
|
|
|
|
|
} |
165
|
|
|
|
|
|
|
|
166
|
|
|
|
|
|
|
|
167
|
|
|
|
|
|
|
sub build_request($$$) |
168
|
3
|
|
|
3
|
1
|
7
|
{ my ($self, $method, $uri_base, $params) = @_; |
169
|
3
|
100
|
|
|
|
15
|
my %params = ref $params eq 'HASH' ? %$params : @$params; |
170
|
|
|
|
|
|
|
|
171
|
|
|
|
|
|
|
# rfc6749 section "2.3.1. Client Password" |
172
|
|
|
|
|
|
|
# The Auth Header is always supported, but client_id/client_secret as |
173
|
|
|
|
|
|
|
# parameters may be as well. We do both when ->new(secrets_in_params) |
174
|
|
|
|
|
|
|
# to support old servers. |
175
|
|
|
|
|
|
|
delete @params{qw/client_id client_secret/} |
176
|
3
|
50
|
|
|
|
9
|
unless $self->{NOP_show_secret}; |
177
|
|
|
|
|
|
|
|
178
|
3
|
|
|
|
|
5
|
my $request; |
179
|
|
|
|
|
|
|
|
180
|
3
|
100
|
|
|
|
9
|
if($method eq 'POST') |
|
|
50
|
|
|
|
|
|
181
|
1
|
|
|
|
|
4
|
{ my $p = URI->new('http:'); # taken from HTTP::Request::Common |
182
|
1
|
|
|
|
|
50
|
$p->query_form(%params); |
183
|
|
|
|
|
|
|
|
184
|
1
|
|
|
|
|
67
|
$request = HTTP::Request->new |
185
|
|
|
|
|
|
|
( $method => $uri_base |
186
|
|
|
|
|
|
|
, [Content_Type => MIME_URLENC] |
187
|
|
|
|
|
|
|
, $p->query |
188
|
|
|
|
|
|
|
); |
189
|
|
|
|
|
|
|
} |
190
|
|
|
|
|
|
|
elsif($method eq 'GET') |
191
|
2
|
50
|
33
|
|
|
15
|
{ my $uri = blessed $uri_base && $uri_base->isa('URI') |
192
|
|
|
|
|
|
|
? $uri_base->clone : URI->new($uri_base); |
193
|
|
|
|
|
|
|
|
194
|
2
|
|
|
|
|
2661
|
$uri->query_form($uri->query_form, %params); |
195
|
2
|
|
|
|
|
239
|
$request = HTTP::Request->new($method, $uri); |
196
|
|
|
|
|
|
|
} |
197
|
|
|
|
|
|
|
else |
198
|
0
|
|
|
|
|
0
|
{ confess "unknown request method $method"; |
199
|
|
|
|
|
|
|
} |
200
|
|
|
|
|
|
|
|
201
|
3
|
|
|
|
|
291
|
my $uri = $request->uri; |
202
|
3
|
|
|
|
|
23
|
my $head = $request->headers; |
203
|
3
|
|
|
|
|
20
|
$request->protocol('HTTP/1.1'); |
204
|
|
|
|
|
|
|
|
205
|
|
|
|
|
|
|
# 2016-01-15 Instagram does not like the portnumber to appear |
206
|
|
|
|
|
|
|
# my ($host, $port) = ($uri->host, $uri->port); |
207
|
|
|
|
|
|
|
# $host .= ':'.$port if $port != $uri->default_port; |
208
|
3
|
|
|
|
|
31
|
$head->header(Host => $uri->host); |
209
|
|
|
|
|
|
|
|
210
|
3
|
|
|
|
|
230
|
$head->header(Connection => 'Keep-Alive'); |
211
|
3
|
|
|
|
|
98
|
$request; |
212
|
|
|
|
|
|
|
} |
213
|
|
|
|
|
|
|
|
214
|
|
|
|
|
|
|
|
215
|
|
|
|
|
|
|
sub params_from_response($$) |
216
|
2
|
|
|
2
|
1
|
2008
|
{ my ($self, $response, $why) = @_; |
217
|
2
|
|
|
|
|
4
|
my ($error, $content); |
218
|
2
|
50
|
33
|
|
|
14
|
$content = $response->decoded_content || $response->content if $response; |
219
|
|
|
|
|
|
|
|
220
|
2
|
50
|
|
|
|
269
|
if(!$response) |
|
|
50
|
|
|
|
|
|
221
|
0
|
|
|
|
|
0
|
{ $error = 'no response received'; |
222
|
|
|
|
|
|
|
} |
223
|
|
|
|
|
|
|
elsif(!$response->is_success) |
224
|
0
|
|
|
|
|
0
|
{ $error = 'received error: '.$response->status_line; |
225
|
|
|
|
|
|
|
} |
226
|
|
|
|
|
|
|
else |
227
|
|
|
|
|
|
|
{ # application/json is often not correctly configured: is not |
228
|
|
|
|
|
|
|
# (yet) an apache pre-configured extension :( |
229
|
2
|
100
|
|
|
|
15
|
if(my $params = eval {decode_json $content} ) |
|
2
|
|
|
|
|
26
|
|
230
|
|
|
|
|
|
|
{ # content is JSON |
231
|
1
|
50
|
|
|
|
8
|
return ref $params eq 'HASH' ? %$params : @$params; |
232
|
|
|
|
|
|
|
} |
233
|
|
|
|
|
|
|
|
234
|
|
|
|
|
|
|
# otherwise form-encoded parameters (I hope) |
235
|
1
|
|
|
|
|
5
|
my $uri = URI->new; |
236
|
1
|
|
|
|
|
53
|
$uri->query($content); |
237
|
1
|
|
|
|
|
56
|
my @res_params = $uri->query_form; |
238
|
1
|
50
|
|
|
|
88
|
return @res_params if @res_params; |
239
|
|
|
|
|
|
|
|
240
|
0
|
|
|
|
|
0
|
$error = "cannot read parameters from response"; |
241
|
|
|
|
|
|
|
} |
242
|
|
|
|
|
|
|
|
243
|
0
|
0
|
|
|
|
0
|
substr($content, 200) = '...' if length $content > 200; |
244
|
0
|
|
|
|
|
0
|
die "failed oauth call $why: $error\n$content\n"; |
245
|
|
|
|
|
|
|
} |
246
|
|
|
|
|
|
|
|
247
|
|
|
|
|
|
|
sub authorize_method() {panic} # user must use autorize url |
248
|
0
|
|
|
0
|
0
|
0
|
sub access_token_method() {shift->{NOP_access_token_method} } |
249
|
1
|
|
|
1
|
0
|
1464
|
sub refresh_token_method() {shift->{NOP_refresh_token_method} } |
250
|
0
|
|
|
0
|
0
|
0
|
sub protected_resource_method() {shift->{NOP_protected_resource_method} } |
251
|
|
|
|
|
|
|
|
252
|
1
|
|
|
1
|
0
|
3
|
sub authorize_url() {shift->{NOP_authorize_url}} |
253
|
1
|
|
|
1
|
0
|
1116
|
sub access_token_url() {shift->{NOP_access_token_url}} |
254
|
1
|
|
|
1
|
0
|
6
|
sub refresh_token_url() {shift->{NOP_refresh_token_url}} |
255
|
0
|
|
|
0
|
0
|
0
|
sub protected_resource_url() {shift->{NOP_protected_resource_url}} |
256
|
|
|
|
|
|
|
|
257
|
|
|
|
|
|
|
sub authorize_params(%) |
258
|
1
|
|
|
1
|
0
|
3
|
{ my $self = shift; |
259
|
1
|
|
|
|
|
1
|
my %params = (@{$self->{NOP_authorize_param}}, @_); |
|
1
|
|
|
|
|
4
|
|
260
|
1
|
|
33
|
|
|
3
|
$params{scope} ||= $self->scope; |
261
|
1
|
|
33
|
|
|
18
|
$params{state} ||= $self->state; |
262
|
1
|
|
33
|
|
|
12
|
$params{hd} ||= $self->hd; |
263
|
1
|
|
33
|
|
|
5
|
$params{client_id} ||= $self->id; |
264
|
1
|
|
|
|
|
3
|
\%params; |
265
|
|
|
|
|
|
|
} |
266
|
|
|
|
|
|
|
|
267
|
|
|
|
|
|
|
sub access_token_params(%) |
268
|
1
|
|
|
1
|
0
|
2
|
{ my $self = shift; |
269
|
1
|
|
|
|
|
1
|
my %params = (@{$self->{NOP_access_token_param}}, @_); |
|
1
|
|
|
|
|
6
|
|
270
|
1
|
|
50
|
|
|
7
|
$params{code} ||= ''; |
271
|
1
|
|
33
|
|
|
4
|
$params{client_id} ||= $self->id; |
272
|
1
|
|
33
|
|
|
6
|
$params{client_secret} ||= $self->secret; |
273
|
1
|
|
33
|
|
|
7
|
$params{grant_type} ||= $self->grant_type; |
274
|
1
|
|
|
|
|
3
|
\%params; |
275
|
|
|
|
|
|
|
} |
276
|
|
|
|
|
|
|
|
277
|
|
|
|
|
|
|
sub refresh_token_params(%) |
278
|
0
|
|
|
0
|
0
|
|
{ my $self = shift; |
279
|
0
|
|
|
|
|
|
my %params = (@{$self->{NOP_refresh_token_param}}, @_); |
|
0
|
|
|
|
|
|
|
280
|
0
|
|
0
|
|
|
|
$params{client_id} ||= $self->id; |
281
|
0
|
|
0
|
|
|
|
$params{client_secret} ||= $self->secret; |
282
|
0
|
|
|
|
|
|
\%params; |
283
|
|
|
|
|
|
|
} |
284
|
|
|
|
|
|
|
|
285
|
|
|
|
|
|
|
sub protected_resource_params(%) |
286
|
0
|
|
|
0
|
0
|
|
{ my $self = shift; |
287
|
0
|
|
|
|
|
|
my %params = (@{$self->{NOP_protected_resource_param}}, @_); |
|
0
|
|
|
|
|
|
|
288
|
0
|
|
|
|
|
|
\%params; |
289
|
|
|
|
|
|
|
} |
290
|
|
|
|
|
|
|
|
291
|
|
|
|
|
|
|
1; |