diff --git a/scripts/yourls_manager.py b/scripts/yourls_manager.py
index eac535e..3e9d857 100644
--- a/scripts/yourls_manager.py
+++ b/scripts/yourls_manager.py
@@ -1 +1,645 @@
-IyEvdXNyL2Jpbi9lbnYgcHl0aG9uMwoiIiIKeW91cmxzX21hbmFnZXIucHkg4oCUIENSVUQgb3BlcmF0aW9ucyBmb3IgbXBtLnRvIFlPVVJMUyBpbnN0YW5jZQoKQXV0aGVudGljYXRpb24gc3RyYXRlZ3kKLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0KQ3JlYXRlIGFuZCByZWFkIGFsd2F5cyB1c2UgdGhlIHNpZ25hdHVyZSB0b2tlbiB2aWEgeW91cmxzLWFwaS5waHAuCgpVcGRhdGUgYW5kIGRlbGV0ZSB0cnkgdGhlIHNpZ25hdHVyZSB0b2tlbiBmaXJzdCAocmVxdWlyZXMgdGhlIG1wbS1hcGktZXh0cmFzCnBsdWdpbiB0byBiZSBhY3RpdmUpLiBJZiB0aGUgcGx1Z2luIGlzIG5vdCBpbnN0YWxsZWQsIHRoZXkgYXV0b21hdGljYWxseSBmYWxsCmJhY2sgdG8gYW4gYWRtaW4gc2Vzc2lvbiAodXNlcm5hbWUgKyBwYXNzd29yZCkgdmlhIGFkbWluLWFqYXgucGhwLgoKQ3JlZGVudGlhbHMgYXJlIHN0b3JlZCBpbiBtYWNPUyBLZXljaGFpbiB1bmRlciBzZXJ2aWNlICdtcG0udG8teW91cmxzJzoKICBhY2NvdW50ICdzaWduYXR1cmUnICDihpIgc3RhdGljIEFQSSBzaWduYXR1cmUgdG9rZW4gIChyZXF1aXJlZCkKICBhY2NvdW50ICd1c2VybmFtZScgICDihpIgWU9VUkxTIGFkbWluIHVzZXJuYW1lICAgICAgICAob3B0aW9uYWwgZmFsbGJhY2spCiAgYWNjb3VudCAncGFzc3dvcmQnICAg4oaSIFlPVVJMUyBhZG1pbiBwYXNzd29yZCAgICAgICAgKG9wdGlvbmFsIGZhbGxiYWNrKQoKVXNhZ2U6CiAgeW91cmxzX21hbmFnZXIucHkgc2V0dXAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICMgU3RvcmUgY3JlZGVudGlhbHMKICB5b3VybHNfbWFuYWdlci5weSBjaGVjayAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIyBWZXJpZnkgJiB0ZXN0CiAgeW91cmxzX21hbmFnZXIucHkgY3JlYXRlIC0tdXJsIFVSTCBbLS1rZXl3b3JkIEtdIFstLXRpdGxlIFRdCiAgeW91cmxzX21hbmFnZXIucHkgcmVhZCAgIC0ta2V5d29yZCBLCiAgeW91cmxzX21hbmFnZXIucHkgbGlzdCAgIFstLWxpbWl0IE5dIFstLWZpbHRlciB0b3B8Ym90dG9tfGxhc3R8cmFuZF0KICB5b3VybHNfbWFuYWdlci5weSB1cGRhdGUgLS1rZXl3b3JkIEsgWy0tdXJsIFVSTF0gWy0tbmV3a2V5d29yZCBLMl0gWy0tdGl0bGUgVF0KICB5b3VybHNfbWFuYWdlci5weSBkZWxldGUgLS1rZXl3b3JkIEsgWy0tZm9yY2VdCiIiIgoKaW1wb3J0IGFyZ3BhcnNlCmltcG9ydCBnZXRwYXNzCmltcG9ydCBqc29uCmltcG9ydCByZQppbXBvcnQgc3VicHJvY2VzcwppbXBvcnQgc3lzCgpCQVNFX1VSTCAgICAgICAgID0gImh0dHBzOi8vbXBtLnRvIgpBUElfVVJMICAgICAgICAgID0gZiJ7QkFTRV9VUkx9L3lvdXJscy1hcGkucGhwIgpBRE1JTl9VUkwgICAgICAgID0gZiJ7QkFTRV9VUkx9L2FkbWluIgpLRVlDSEFJTl9TRVJWSUNFID0gIm1wbS50by15b3VybHMiCgoKIyAtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0KIyBLZXljaGFpbiBoZWxwZXJzIChtYWNPUykKIyAtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0KCmRlZiBrZXljaGFpbl9nZXQoYWNjb3VudDogc3RyKSAtPiBzdHIgfCBOb25lOgogICAgcmVzdWx0ID0gc3VicHJvY2Vzcy5ydW4oCiAgICAgICAgWyJzZWN1cml0eSIsICJmaW5kLWdlbmVyaWMtcGFzc3dvcmQiLAogICAgICAgICAiLWEiLCBhY2NvdW50LCAiLXMiLCBLRVlDSEFJTl9TRVJWSUNFLCAiLXciXSwKICAgICAgICBjYXB0dXJlX291dHB1dD1UcnVlLCB0ZXh0PVRydWUKICAgICkKICAgIHJldHVybiByZXN1bHQuc3Rkb3V0LnN0cmlwKCkgaWYgcmVzdWx0LnJldHVybmNvZGUgPT0gMCBlbHNlIE5vbmUKCgpkZWYga2V5Y2hhaW5fc2V0KGFjY291bnQ6IHN0ciwgdmFsdWU6IHN0cikgLT4gTm9uZToKICAgIHN1YnByb2Nlc3MucnVuKAogICAgICAgIFsic2VjdXJpdHkiLCAiYWRkLWdlbmVyaWMtcGFzc3dvcmQiLAogICAgICAgICAiLVUiLCAiLWEiLCBhY2NvdW50LCAiLXMiLCBLRVlDSEFJTl9TRVJWSUNFLCAiLXciLCB2YWx1ZV0sCiAgICAgICAgY2FwdHVyZV9vdXRwdXQ9VHJ1ZSwgY2hlY2s9VHJ1ZQogICAgKQoKCmRlZiBrZXljaGFpbl9kZWxldGUoYWNjb3VudDogc3RyKSAtPiBOb25lOgogICAgc3VicHJvY2Vzcy5ydW4oCiAgICAgICAgWyJzZWN1cml0eSIsICJkZWxldGUtZ2VuZXJpYy1wYXNzd29yZCIsCiAgICAgICAgICItYSIsIGFjY291bnQsICItcyIsIEtFWUNIQUlOX1NFUlZJQ0VdLAogICAgICAgIGNhcHR1cmVfb3V0cHV0PVRydWUKICAgICkKCgpkZWYgZ2V0X3NpZ25hdHVyZSgpIC0+IHN0cjoKICAgIHRva2VuID0ga2V5Y2hhaW5fZ2V0KCJzaWduYXR1cmUiKQogICAgaWYgbm90IHRva2VuOgogICAgICAgIHN5cy5leGl0KAogICAgICAgICAgICAiRXJyb3I6IE5vIHNpZ25hdHVyZSB0b2tlbiBmb3VuZC5cbiIKICAgICAgICAgICAgIlJ1biBgeW91cmxzX21hbmFnZXIucHkgc2V0dXBgIHRvIHN0b3JlIHlvdXIgY3JlZGVudGlhbHMuIgogICAgICAgICkKICAgIHJldHVybiB0b2tlbgoKCiMgLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCiMgS2V5d29yZCBub3JtYWxpc2F0aW9uCiMgLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCgpkZWYgbm9ybWFsaXplX2tleXdvcmQocmF3OiBzdHIpIC0+IHN0cjoKICAgICIiIgogICAgQXBwbHkgbXBtLnRvJ3Mga2V5d29yZCBjaGFyc2V0IHJ1bGVzIGNsaWVudC1zaWRlIHNvIHRoZSB1c2VyIHNlZXMgdGhlCiAgICBhY3R1YWwgc2hvcnQgY29kZSBiZWZvcmUgdGhlIHJlcXVlc3QgaXMgc2VudC4KCiAgICBtcG0udG8gaXMgY29uZmlndXJlZCB3aXRoIGEgbG93ZXJjYXNlIGFscGhhbnVtZXJpYyBjaGFyc2V0LCBzbyB1cHBlcmNhc2UKICAgIGxldHRlcnMsIGh5cGhlbnMsIHVuZGVyc2NvcmVzIGFuZCBhbGwgb3RoZXIgc3BlY2lhbCBjaGFyYWN0ZXJzIGFyZSBzaWxlbnRseQogICAgc3RyaXBwZWQgYnkgWU9VUkxTLiAgUmVwbGljYXRpbmcgdGhhdCBoZXJlIGxldHMgdXMgd2FybiB0aGUgdXNlciBlYXJseS4KICAgICIiIgogICAgaW1wb3J0IHJlIGFzIF9yZQogICAgcmV0dXJuIF9yZS5zdWIocidbXmEtejAtOV0nLCAnJywgcmF3Lmxvd2VyKCkpCgoKZGVmIHdhcm5faWZfc2FuaXRpemVkKHJlcXVlc3RlZDogc3RyLCBub3JtYWxpemVkOiBzdHIpIC0+IE5vbmU6CiAgICBpZiByZXF1ZXN0ZWQgIT0gbm9ybWFsaXplZDoKICAgICAgICBwcmludChmIiAgTm90ZToga2V5d29yZCAne3JlcXVlc3RlZH0nIHdhcyBub3JtYWxpc2VkIHRvICd7bm9ybWFsaXplZH0nIikKICAgICAgICBwcmludChmIiAgICAgICAgKG1wbS50byBvbmx5IGFsbG93cyBsb3dlcmNhc2UgbGV0dGVycyBhbmQgbnVtYmVycykiKQogICAgICAgIGlmIG5vdCBub3JtYWxpemVkOgogICAgICAgICAgICBzeXMuZXhpdCgiRXJyb3I6IEFmdGVyIG5vcm1hbGlzYXRpb24gdGhlIGtleXdvcmQgaXMgZW1wdHkuICIKICAgICAgICAgICAgICAgICAgICAgIkNob29zZSBhIGtleXdvcmQgdXNpbmcgb25seSBsb3dlcmNhc2UgbGV0dGVycyBhbmQgbnVtYmVycy4iKQoKCmRlZiBnZXRfYWRtaW5fY3JlZHMoKSAtPiB0dXBsZVtzdHIsIHN0cl0gfCBOb25lOgogICAgIiIiUmV0dXJuICh1c2VybmFtZSwgcGFzc3dvcmQpIGlmIGJvdGggYXJlIHN0b3JlZCwgb3RoZXJ3aXNlIE5vbmUuIiIiCiAgICB1c2VybmFtZSA9IGtleWNoYWluX2dldCgidXNlcm5hbWUiKQogICAgcGFzc3dvcmQgPSBrZXljaGFpbl9nZXQoInBhc3N3b3JkIikKICAgIGlmIHVzZXJuYW1lIGFuZCBwYXNzd29yZDoKICAgICAgICByZXR1cm4gdXNlcm5hbWUsIHBhc3N3b3JkCiAgICByZXR1cm4gTm9uZQoKCiMgLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCiMgU3RhbmRhcmQgQVBJIGNhbGxzIChhbHdheXMgdmlhIHNpZ25hdHVyZSB0b2tlbikKIyAtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0KCmRlZiBfcmVxdWVzdHMoKToKICAgIHRyeToKICAgICAgICBpbXBvcnQgcmVxdWVzdHMgYXMgcmVxCiAgICAgICAgcmV0dXJuIHJlcQogICAgZXhjZXB0IEltcG9ydEVycm9yOgogICAgICAgIHN5cy5leGl0KAogICAgICAgICAgICAiRXJyb3I6ICdyZXF1ZXN0cycgbGlicmFyeSBub3QgaW5zdGFsbGVkLlxuIgogICAgICAgICAgICAiRml4OiBwaXAzIGluc3RhbGwgcmVxdWVzdHMgLS1icmVhay1zeXN0ZW0tcGFja2FnZXMiCiAgICAgICAgKQoKCmRlZiBhcGlfY2FsbChwYXJhbXM6IGRpY3QpIC0+IGRpY3Q6CiAgICByZXEgPSBfcmVxdWVzdHMoKQogICAgcGFyYW1zWyJzaWduYXR1cmUiXSA9IGdldF9zaWduYXR1cmUoKQogICAgcGFyYW1zWyJmb3JtYXQiXSAgICA9ICJqc29uIgogICAgdHJ5OgogICAgICAgIHJlc3AgPSByZXEucG9zdChBUElfVVJMLCBkYXRhPXBhcmFtcywgdGltZW91dD0xNSkKICAgICAgICByZXNwLnJhaXNlX2Zvcl9zdGF0dXMoKQogICAgICAgIHJldHVybiByZXNwLmpzb24oKQogICAgZXhjZXB0IHJlcS5leGNlcHRpb25zLkNvbm5lY3Rpb25FcnJvcjoKICAgICAgICBzeXMuZXhpdChmIkVycm9yOiBDb3VsZCBub3QgY29ubmVjdCB0byB7QkFTRV9VUkx9LiBDaGVjayB5b3VyIG5ldHdvcmsuIikKICAgIGV4Y2VwdCByZXEuZXhjZXB0aW9ucy5UaW1lb3V0OgogICAgICAgIHN5cy5leGl0KGYiRXJyb3I6IFJlcXVlc3QgdGltZWQgb3V0LiIpCiAgICBleGNlcHQgRXhjZXB0aW9uIGFzIGU6CiAgICAgICAgc3lzLmV4aXQoZiJFcnJvcjogQVBJIGNhbGwgZmFpbGVkIOKAlCB7ZX0iKQoKCmRlZiBfaXNfdW5rbm93bl9hY3Rpb24ocmVzdWx0OiBkaWN0KSAtPiBib29sOgogICAgIiIiVHJ1ZSB3aGVuIFlPVVJMUyBzYXlzIGl0IGRvZXNuJ3Qga25vdyB0aGUgYWN0aW9uIOKAlCBwbHVnaW4gbm90IGluc3RhbGxlZC4iIiIKICAgIG1zZyA9IHJlc3VsdC5nZXQoIm1lc3NhZ2UiLCAiIikubG93ZXIoKQogICAgcmV0dXJuIHJlc3VsdC5nZXQoImVycm9yQ29kZSIpID09ICI0MDAiIGFuZCAoCiAgICAgICAgInVua25vd24iIGluIG1zZyBvciAibWlzc2luZyIgaW4gbXNnIG9yICJhY3Rpb24iIGluIG1zZwogICAgKQoKCiMgLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCiMgQWRtaW4gc2Vzc2lvbiAoZmFsbGJhY2sgZm9yIHVwZGF0ZSAmIGRlbGV0ZSB3aGVuIHBsdWdpbiBpcyBub3QgaW5zdGFsbGVkKQojIC0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQoKZGVmIGdldF9hZG1pbl9zZXNzaW9uKCk6CiAgICByZXEgPSBfcmVxdWVzdHMoKQogICAgY3JlZHMgPSBnZXRfYWRtaW5fY3JlZHMoKQogICAgaWYgbm90IGNyZWRzOgogICAgICAgIHN5cy5leGl0KAogICAgICAgICAgICAiRXJyb3I6IFRoZSBtcG0tYXBpLWV4dHJhcyBwbHVnaW4gaXMgbm90IGFjdGl2ZSwgYW5kIG5vIGFkbWluXG4iCiAgICAgICAgICAgICJjcmVkZW50aWFscyBhcmUgc3RvcmVkIGFzIGEgZmFsbGJhY2suXG5cbiIKICAgICAgICAgICAgIkNob29zZSBvbmU6XG4iCiAgICAgICAgICAgICIgIEEpIEluc3RhbGwgcGx1Z2luL21wbS1hcGktZXh0cmFzLnBocCBhbmQgYWN0aXZhdGUgaXQgaW4gWU9VUkxTIGFkbWluXG4iCiAgICAgICAgICAgICIgIEIpIFJ1biBgeW91cmxzX21hbmFnZXIucHkgc2V0dXBgIGFuZCBhZGQgYWRtaW4gdXNlcm5hbWUgKyBwYXNzd29yZCIKICAgICAgICApCiAgICB1c2VybmFtZSwgcGFzc3dvcmQgPSBjcmVkcwogICAgc2Vzc2lvbiA9IHJlcS5TZXNzaW9uKCkKICAgIHRyeToKICAgICAgICAjIFN0ZXAgMTogR0VUIHRoZSBhZG1pbiBwYWdlIHRvIGZldGNoIHRoZSBsb2dpbiBub25jZS4KICAgICAgICAjIFlPVVJMUyBlbWJlZHMgYSB0aW1lLWxpbWl0ZWQgbm9uY2UgaW4gYSBoaWRkZW4gPGlucHV0IG5hbWU9Im5vbmNlIj4gb24KICAgICAgICAjIHRoZSBsb2dpbiBmb3JtOyBpdCBtdXN0IGJlIGluY2x1ZGVkIGluIHRoZSBQT1NUIG9yIHRoZSBsb2dpbiBpcyByZWplY3RlZC4KICAgICAgICAjIFRoZSBsb2dpbiBlbmRwb2ludCBpcyBhZG1pbi8gKG5vdCBhIHNlcGFyYXRlIGxvZ2luLnBocCBmaWxlKS4KICAgICAgICBwYWdlID0gc2Vzc2lvbi5nZXQoZiJ7QURNSU5fVVJMfS8iLCBhbGxvd19yZWRpcmVjdHM9RmFsc2UsIHRpbWVvdXQ9MTUpCiAgICBleGNlcHQgRXhjZXB0aW9uIGFzIGU6CiAgICAgICAgc3lzLmV4aXQoZiJFcnJvcjogQ291bGQgbm90IHJlYWNoIGFkbWluIHBhZ2Ug4oCUIHtlfSIpCgogICAgbm9uY2VfbSA9ICgKICAgICAgICByZS5zZWFyY2gocic8aW5wdXRbXj5dK25hbWU9WyJcJ11ub25jZVsiXCddW14+XSt2YWx1ZT1bIlwnXShbXiJcJ10rKVsiXCddJywgcGFnZS50ZXh0KQogICAgICAgIG9yIHJlLnNlYXJjaChyJ25hbWU9WyJcJ11ub25jZVsiXCddW14+XSp2YWx1ZT1bIlwnXShbXiJcJ10rKVsiXCddJywgcGFnZS50ZXh0KQogICAgKQogICAgaWYgbm90IG5vbmNlX206CiAgICAgICAgc3lzLmV4aXQoIkVycm9yOiBDb3VsZCBub3QgZmluZCBsb2dpbiBub25jZSBvbiBhZG1pbiBwYWdlLiBZT1VSTFMgbWF5IGhhdmUgY2hhbmdlZC4iKQogICAgbG9naW5fbm9uY2UgPSBub25jZV9tLmdyb3VwKDEpCgogICAgdHJ5OgogICAgICAgIHJlc3AgPSBzZXNzaW9uLnBvc3QoCiAgICAgICAgICAgIGYie0FETUlOX1VSTH0vIiwKICAgICAgICAgICAgZGF0YT17InVzZXJuYW1lIjogdXNlcm5hbWUsICJwYXNzd29yZCI6IHBhc3N3b3JkLAogICAgICAgICAgICAgICAgICAibm9uY2UiOiBsb2dpbl9ub25jZSwgInN1Ym1pdCI6ICJMb2dpbiJ9LAogICAgICAgICAgICB0aW1lb3V0PTE1LAogICAgICAgICAgICBhbGxvd19yZWRpcmVjdHM9VHJ1ZQogICAgICAgICkKICAgIGV4Y2VwdCBFeGNlcHRpb24gYXMgZToKICAgICAgICBzeXMuZXhpdChmIkVycm9yOiBBZG1pbiBsb2dpbiByZXF1ZXN0IGZhaWxlZCDigJQge2V9IikKCiAgICBpZiAnbmFtZT0icGFzc3dvcmQiJyBpbiByZXNwLnRleHQ6CiAgICAgICAgc3lzLmV4aXQoCiAgICAgICAgICAgICJFcnJvcjogQWRtaW4gbG9naW4gZmFpbGVkLiBDaGVjayB1c2VybmFtZSBhbmQgcGFzc3dvcmQuXG4iCiAgICAgICAgICAgICJSZS1ydW4gYHlvdXJsc19tYW5hZ2VyLnB5IHNldHVwYCB0byB1cGRhdGUgc3RvcmVkIGNyZWRlbnRpYWxzLiIKICAgICAgICApCiAgICByZXR1cm4gc2Vzc2lvbgoKCmRlZiBnZXRfbGlua19yb3dfaW5mbyhzZXNzaW9uLCBrZXl3b3JkOiBzdHIpIC0+IGRpY3Q6CiAgICAiIiIKICAgIFNjcmFwZSB0aGUgYWRtaW4gaW5kZXggcGFnZSBmb3IgdGhlIG5vbmNlcyBhbmQgcm93IElEIG9mIGEgZ2l2ZW4ga2V5d29yZC4KICAgIFJldHVybnMgZGljdCB3aXRoIGtleXM6IGlkLCBkZWxldGVfbm9uY2UsIGVkaXRfbm9uY2UKCiAgICBXZSBzZWFyY2ggdGhlIGFkbWluIHBhZ2UgZm9yIHRoZSBzcGVjaWZpYyBrZXl3b3JkICg/cz1rZXl3b3JkKSBzbyB0aGF0CiAgICBZT1VSTFMgZmlsdGVycyB0aGUgdGFibGUgdG8gYSBzaW5nbGUgcm93IOKAlCBlc3NlbnRpYWwgd2hlbiB0aGVyZSBhcmUgaHVuZHJlZHMKICAgIG9mIGxpbmtzIGFuZCB0aGUgdGFyZ2V0IGtleXdvcmQgd291bGQgbm90IGFwcGVhciBvbiB0aGUgZmlyc3QgcGFnZSBvdGhlcndpc2UuCiAgICAiIiIKICAgIHJlc3AgPSBzZXNzaW9uLmdldCgKICAgICAgICBmIntBRE1JTl9VUkx9LyIsCiAgICAgICAgcGFyYW1zPXsicyI6IGtleXdvcmQsICJzZWFyY2hfaW4iOiAia2V5d29yZCJ9LAogICAgICAgIHRpbWVvdXQ9MTUsCiAgICAgICAgYWxsb3dfcmVkaXJlY3RzPVRydWUsCiAgICApCiAgICBodG1sID0gcmVzcC50ZXh0CgogICAgIyBZT1VSTFMgZW1iZWRzIG5vbmNlcyBpbiBhZG1pbi1hamF4LnBocCBocmVmcywgZS5nLjoKICAgICMgICBhZG1pbi1hamF4LnBocD9pZD15aWQtTiZhY3Rpb249ZGVsZXRlJmtleXdvcmQ9S0VZV09SRCZub25jZT1OT05DRQogICAgIyBQYXJhbWV0ZXIgb3JkZXIgY2FuIHZhcnk7IHRyeSBib3RoIG9yZGVyaW5ncy4KCiAgICBkZWYgZmluZF9hamF4X3VybChodG1sLCBhY3Rpb24sIGtleXdvcmQpOgogICAgICAgIHBhdHRlcm5zID0gWwogICAgICAgICAgICByJ2hyZWY9WyJcJ10oW14iXCddKmFkbWluLWFqYXhcLnBocFteIlwnXSphY3Rpb249JyArIHJlLmVzY2FwZShhY3Rpb24pCiAgICAgICAgICAgICsgcidbXiJcJ10qa2V5d29yZD0nICsgcmUuZXNjYXBlKGtleXdvcmQpICsgcidbXiJcJ10qKVsiXCddJywKICAgICAgICAgICAgcidocmVmPVsiXCddKFteIlwnXSphZG1pbi1hamF4XC5waHBbXiJcJ10qa2V5d29yZD0nICsgcmUuZXNjYXBlKGtleXdvcmQpCiAgICAgICAgICAgICsgcidbXiJcJ10qYWN0aW9uPScgKyByZS5lc2NhcGUoYWN0aW9uKSArIHInW14iXCddKilbIlwnXScsCiAgICAgICAgXQogICAgICAgIGZvciBwYXQgaW4gcGF0dGVybnM6CiAgICAgICAgICAgIG0gPSByZS5zZWFyY2gocGF0LCBodG1sKQogICAgICAgICAgICBpZiBtOgogICAgICAgICAgICAgICAgdXJsID0gbS5ncm91cCgxKS5yZXBsYWNlKCImYW1wOyIsICImIikKICAgICAgICAgICAgICAgIHFzICA9IGRpY3QocC5zcGxpdCgiPSIsIDEpIGZvciBwIGluIHVybC5zcGxpdCgiPyIsIDEpWzFdLnNwbGl0KCImIikgaWYgIj0iIGluIHApCiAgICAgICAgICAgICAgICByZXR1cm4gcXMKICAgICAgICByZXR1cm4gTm9uZQoKICAgIGRlbGV0ZV9xcyA9IGZpbmRfYWpheF91cmwoaHRtbCwgImRlbGV0ZSIsIGtleXdvcmQpCiAgICBlZGl0X3FzICAgPSBmaW5kX2FqYXhfdXJsKGh0bWwsICJlZGl0IiwgICBrZXl3b3JkKQoKICAgIGlmIG5vdCBkZWxldGVfcXM6CiAgICAgICAgIyBEaWFnbm9zZTogZG9lcyB0aGUga2V5d29yZCBhcHBlYXIgYXQgYWxsIGluIHRoZSBwYWdlPwogICAgICAgIGlmIGtleXdvcmQgaW4gaHRtbDoKICAgICAgICAgICAgc3lzLmV4aXQoCiAgICAgICAgICAgICAgICBmIkVycm9yOiBGb3VuZCAne2tleXdvcmR9JyBvbiBhZG1pbiBwYWdlIGJ1dCBjb3VsZCBub3QgZXh0cmFjdCAiCiAgICAgICAgICAgICAgICBmIm5vbmNlIGxpbmsuIFRoZSBwYWdlIHN0cnVjdHVyZSBtYXkgaGF2ZSBjaGFuZ2VkLiIKICAgICAgICAgICAgKQogICAgICAgIGVsc2U6CiAgICAgICAgICAgIHN5cy5leGl0KAogICAgICAgICAgICAgICAgZiJFcnJvcjogU2hvcnQgY29kZSAne2tleXdvcmR9JyBub3QgZm91bmQgb24gYWRtaW4gcGFnZS5cbiIKICAgICAgICAgICAgICAgIGYiICAgICAgIChhZG1pbiBwYWdlIFVSTCBhZnRlciByZWRpcmVjdDoge3Jlc3AudXJsfSkiCiAgICAgICAgICAgICkKCiAgICByZXR1cm4gewogICAgICAgICJpZCI6ICAgICAgICAgICBkZWxldGVfcXMuZ2V0KCJpZCIpLAogICAgICAgICJkZWxldGVfbm9uY2UiOiBkZWxldGVfcXMuZ2V0KCJub25jZSIpLAogICAgICAgICJlZGl0X25vbmNlIjogICBlZGl0X3FzLmdldCgibm9uY2UiKSBpZiBlZGl0X3FzIGVsc2UgTm9uZSwKICAgIH0KCgpkZWYgYWRtaW5fZGVsZXRlKGtleXdvcmQ6IHN0cikgLT4gTm9uZToKICAgIHNlc3Npb24gPSBnZXRfYWRtaW5fc2Vzc2lvbigpCiAgICBpbmZvICAgID0gZ2V0X2xpbmtfcm93X2luZm8oc2Vzc2lvbiwga2V5d29yZCkKCiAgICByZXNwID0gc2Vzc2lvbi5wb3N0KAogICAgICAgIGYie0FETUlOX1VSTH0vYWRtaW4tYWpheC5waHAiLAogICAgICAgIGRhdGE9ewogICAgICAgICAgICAiYWN0aW9uIjogICJkZWxldGUiLAogICAgICAgICAgICAia2V5d29yZCI6IGtleXdvcmQsCiAgICAgICAgICAgICJpZCI6ICAgICAgaW5mb1siaWQiXSwKICAgICAgICAgICAgIm5vbmNlIjogICBpbmZvWyJkZWxldGVfbm9uY2UiXSwKICAgICAgICB9LAogICAgICAgIHRpbWVvdXQ9MTUKICAgICkKICAgIHJlc3VsdCA9IHJlc3AuanNvbigpCiAgICBpZiByZXN1bHQuZ2V0KCJzdWNjZXNzIik6CiAgICAgICAgcHJpbnQoZiJEZWxldGVkOiB7QkFTRV9VUkx9L3trZXl3b3JkfSAgKHZpYSBhZG1pbiBzZXNzaW9uKSIpCiAgICBlbHNlOgogICAgICAgIHN5cy5leGl0KGYiRXJyb3IgZGVsZXRpbmcgJ3trZXl3b3JkfSc6IHtqc29uLmR1bXBzKHJlc3VsdCl9IikKCgpkZWYgYWRtaW5fdXBkYXRlKGtleXdvcmQ6IHN0ciwgbmV3X3VybDogc3RyLCBuZXdfa2V5d29yZDogc3RyLAogICAgICAgICAgICAgICAgIG5ld190aXRsZTogc3RyLCByb3dfaWQ6IHN0ciwgZWRpdF9ub25jZTogc3RyKSAtPiBOb25lOgogICAgc2Vzc2lvbiA9IGdldF9hZG1pbl9zZXNzaW9uKCkKICAgIGluZm8gICAgPSBnZXRfbGlua19yb3dfaW5mbyhzZXNzaW9uLCBrZXl3b3JkKQoKICAgICMgU3RlcCAxOiBmZXRjaCB0aGUgZWRpdCByb3cgdG8gZ2V0IHRoZSBlZGl0LXNhdmUgbm9uY2UKICAgIGRpc3AgPSBzZXNzaW9uLnBvc3QoCiAgICAgICAgZiJ7QURNSU5fVVJMfS9hZG1pbi1hamF4LnBocCIsCiAgICAgICAgZGF0YT17CiAgICAgICAgICAgICJhY3Rpb24iOiAgImVkaXRfZGlzcGxheSIsCiAgICAgICAgICAgICJrZXl3b3JkIjoga2V5d29yZCwKICAgICAgICAgICAgImlkIjogICAgICBpbmZvWyJpZCJdLAogICAgICAgICAgICAibm9uY2UiOiAgIGluZm9bImVkaXRfbm9uY2UiXSwKICAgICAgICB9LAogICAgICAgIHRpbWVvdXQ9MTUKICAgICkKICAgIGVkaXRfaHRtbCA9IGRpc3AuanNvbigpLmdldCgiaHRtbCIsICIiKQoKICAgICMgRXh0cmFjdCBlZGl0LXNhdmUgbm9uY2UgZnJvbSBoaWRkZW4gaW5wdXQ6IGlkPSJub25jZV88aWQ+IgogICAgcm93X2lkICAgICA9IGluZm9bImlkIl0KICAgIHNhdmVfbm9uY2UgPSBOb25lCiAgICBmb3IgcGF0IGluIFsKICAgICAgICByJ2lkPVsiXCddbm9uY2VfJyArIHJlLmVzY2FwZShyb3dfaWQpICsgcidbIlwnXVtePl0qdmFsdWU9WyJcJ10oW14iXCddKylbIlwnXScsCiAgICAgICAgcid2YWx1ZT1bIlwnXShbXiJcJ10rKVsiXCddW14+XSppZD1bIlwnXW5vbmNlXycgKyByZS5lc2NhcGUocm93X2lkKSArIHInWyJcJ10nLAogICAgXToKICAgICAgICBtID0gcmUuc2VhcmNoKHBhdCwgZWRpdF9odG1sKQogICAgICAgIGlmIG06CiAgICAgICAgICAgIHNhdmVfbm9uY2UgPSBtLmdyb3VwKDEpCiAgICAgICAgICAgIGJyZWFrCgogICAgaWYgbm90IHNhdmVfbm9uY2U6CiAgICAgICAgc3lzLmV4aXQoIkVycm9yOiBDb3VsZCBub3QgZXh0cmFjdCBlZGl0LXNhdmUgbm9uY2UuIFRyeSBhY3RpdmF0aW5nIHRoZSBwbHVnaW4gaW5zdGVhZC4iKQoKICAgICMgU3RlcCAyOiBzYXZlCiAgICBzYXZlID0gc2Vzc2lvbi5wb3N0KAogICAgICAgIGYie0FETUlOX1VSTH0vYWRtaW4tYWpheC5waHAiLAogICAgICAgIGRhdGE9ewogICAgICAgICAgICAiYWN0aW9uIjogICAgICJlZGl0X3NhdmUiLAogICAgICAgICAgICAia2V5d29yZCI6ICAgIGtleXdvcmQsCiAgICAgICAgICAgICJuZXdrZXl3b3JkIjogbmV3X2tleXdvcmQsCiAgICAgICAgICAgICJ1cmwiOiAgICAgICAgbmV3X3VybCwKICAgICAgICAgICAgInRpdGxlIjogICAgICBuZXdfdGl0bGUsCiAgICAgICAgICAgICJpZCI6ICAgICAgICAgcm93X2lkLAogICAgICAgICAgICAibm9uY2UiOiAgICAgIHNhdmVfbm9uY2UsCiAgICAgICAgfSwKICAgICAgICB0aW1lb3V0PTE1CiAgICApCiAgICByZXN1bHQgPSBzYXZlLmpzb24oKQogICAgaWYgcmVzdWx0LmdldCgic3RhdHVzIikgPT0gInN1Y2Nlc3MiOgogICAgICAgIHByaW50KGYiVXBkYXRlZDoge0JBU0VfVVJMfS97bmV3X2tleXdvcmR9ICAodmlhIGFkbWluIHNlc3Npb24pIikKICAgIGVsc2U6CiAgICAgICAgc3lzLmV4aXQoZiJFcnJvciB1cGRhdGluZyAne2tleXdvcmR9Jzoge3Jlc3VsdC5nZXQoJ21lc3NhZ2UnLCBqc29uLmR1bXBzKHJlc3VsdCkpfSIpCgoKIyAtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0KIyBDb21tYW5kcwojIC0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQoKZGVmIGNtZF9zZXR1cChhcmdzKToKICAgIHByaW50KCI9PT0gbXBtLnRvIFlPVVJMUyBDcmVkZW50aWFsIFNldHVwID09PSIpCiAgICBwcmludChmIlN0b3JlZCBpbiBtYWNPUyBLZXljaGFpbiB1bmRlciBzZXJ2aWNlICd7S0VZQ0hBSU5fU0VSVklDRX0nXG4iKQoKICAgICMgU2lnbmF0dXJlIHRva2VuIChyZXF1aXJlZCkKICAgIGV4aXN0aW5nX3NpZyA9IGtleWNoYWluX2dldCgic2lnbmF0dXJlIikKICAgIGlmIGV4aXN0aW5nX3NpZzoKICAgICAgICBhbnMgPSBpbnB1dCgiU2lnbmF0dXJlIHRva2VuIGFscmVhZHkgc3RvcmVkLiBSZXBsYWNlIGl0PyBbeS9OXSAiKS5zdHJpcCgpLmxvd2VyKCkKICAgICAgICBpZiBhbnMgPT0gInkiOgogICAgICAgICAgICB0b2tlbiA9IGdldHBhc3MuZ2V0cGFzcygiTmV3IHNpZ25hdHVyZSB0b2tlbjogIikuc3RyaXAoKQogICAgICAgICAgICBpZiB0b2tlbjoKICAgICAgICAgICAgICAgIGtleWNoYWluX3NldCgic2lnbmF0dXJlIiwgdG9rZW4pCiAgICAgICAgICAgICAgICBwcmludCgiICDinJMgU2lnbmF0dXJlIHRva2VuIHVwZGF0ZWQuIikKICAgIGVsc2U6CiAgICAgICAgdG9rZW4gPSBnZXRwYXNzLmdldHBhc3MoIlNpZ25hdHVyZSB0b2tlbiAocmVxdWlyZWQpOiAiKS5zdHJpcCgpCiAgICAgICAgaWYgbm90IHRva2VuOgogICAgICAgICAgICBzeXMuZXhpdCgiRXJyb3I6IFNpZ25hdHVyZSB0b2tlbiBpcyByZXF1aXJlZC4iKQogICAgICAgIGtleWNoYWluX3NldCgic2lnbmF0dXJlIiwgdG9rZW4pCiAgICAgICAgcHJpbnQoIiAg4pyTIFNpZ25hdHVyZSB0b2tlbiBzYXZlZC4iKQoKICAgICMgQWRtaW4gY3JlZGVudGlhbHMgKG9wdGlvbmFsIGZhbGxiYWNrKQogICAgcHJpbnQoKQogICAgcHJpbnQoIkFkbWluIHVzZXJuYW1lICsgcGFzc3dvcmQgYXJlIG9wdGlvbmFsLiBUaGV5IGFyZSB1c2VkIGFzIGEgZmFsbGJhY2siKQogICAgcHJpbnQoImZvciB1cGRhdGUvZGVsZXRlIGlmIHRoZSBtcG0tYXBpLWV4dHJhcyBwbHVnaW4gaXMgbm90IGluc3RhbGxlZC4iKQogICAgcHJpbnQoIlByZXNzIEVudGVyIHRvIHNraXAuXG4iKQoKICAgIGV4aXN0aW5nX3VzZXIgPSBrZXljaGFpbl9nZXQoInVzZXJuYW1lIikKICAgIHByb21wdCA9IGYiQWRtaW4gdXNlcm5hbWUgW3tleGlzdGluZ191c2VyfV06ICIgaWYgZXhpc3RpbmdfdXNlciBlbHNlICJBZG1pbiB1c2VybmFtZTogIgogICAgdXNlcm5hbWUgPSBpbnB1dChwcm9tcHQpLnN0cmlwKCkKCiAgICBpZiB1c2VybmFtZToKICAgICAgICBrZXljaGFpbl9zZXQoInVzZXJuYW1lIiwgdXNlcm5hbWUpCiAgICAgICAgcHJpbnQoIiAg4pyTIFVzZXJuYW1lIHNhdmVkLiIpCiAgICAgICAgcGFzc3dvcmQgPSBnZXRwYXNzLmdldHBhc3MoIkFkbWluIHBhc3N3b3JkOiAiKS5zdHJpcCgpCiAgICAgICAgaWYgcGFzc3dvcmQ6CiAgICAgICAgICAgIGtleWNoYWluX3NldCgicGFzc3dvcmQiLCBwYXNzd29yZCkKICAgICAgICAgICAgcHJpbnQoIiAg4pyTIFBhc3N3b3JkIHNhdmVkLiIpCiAgICBlbGlmIG5vdCBleGlzdGluZ191c2VyOgogICAgICAgIHByaW50KCIgIFNraXBwZWQg4oCUIHVwZGF0ZS9kZWxldGUgd2lsbCByZXF1aXJlIHRoZSBtcG0tYXBpLWV4dHJhcyBwbHVnaW4uIikKCiAgICBwcmludCgiXG5TZXR1cCBjb21wbGV0ZS4gUnVuIGBjaGVja2AgdG8gdmVyaWZ5LiIpCgoKZGVmIGNtZF9jaGVjayhhcmdzKToKICAgIHNpZyAgPSBrZXljaGFpbl9nZXQoInNpZ25hdHVyZSIpCiAgICB1c2VyID0ga2V5Y2hhaW5fZ2V0KCJ1c2VybmFtZSIpCiAgICBwdyAgID0ga2V5Y2hhaW5fZ2V0KCJwYXNzd29yZCIpCgogICAgcHJpbnQoZiJLZXljaGFpbiBzZXJ2aWNlIDoge0tFWUNIQUlOX1NFUlZJQ0V9IikKICAgIHByaW50KGYiICBTaWduYXR1cmUgdG9rZW4gIDogeyfinJMgc3RvcmVkJyBpZiBzaWcgZWxzZSAn4pyXIG1pc3Npbmcg4oCUIHJ1biBzZXR1cCd9IikKICAgIHByaW50KGYiICBBZG1pbiB1c2VybmFtZSAgIDogeyfinJMgJyArIHVzZXIgaWYgdXNlciBlbHNlICfil4sgbm90IHN0b3JlZCAob3B0aW9uYWwpJ30iKQogICAgcHJpbnQoZiIgIEFkbWluIHBhc3N3b3JkICAgOiB7J+KckyBzdG9yZWQnIGlmIHB3IGVsc2UgJ+KXiyBub3Qgc3RvcmVkIChvcHRpb25hbCknfSIpCgogICAgcHJpbnQoKQogICAgaWYgc2lnOgogICAgICAgIHByaW50KCJUZXN0aW5nIEFQSSBjb25uZWN0aW9uLi4uIiwgZW5kPSIgIiwgZmx1c2g9VHJ1ZSkKICAgICAgICByZXN1bHQgPSBhcGlfY2FsbCh7ImFjdGlvbiI6ICJkYi1zdGF0cyJ9KQogICAgICAgIGlmIHJlc3VsdC5nZXQoInN0YXR1c0NvZGUiKSA9PSAiMjAwIiBvciByZXN1bHQuZ2V0KCJtZXNzYWdlIikgPT0gInN1Y2Nlc3MiOgogICAgICAgICAgICBzdGF0cyA9IHJlc3VsdC5nZXQoImRiLXN0YXRzIiwge30pCiAgICAgICAgICAgIHByaW50KGYiT0sg4oCUIHtzdGF0cy5nZXQoJ3RvdGFsX2xpbmtzJywnPycpfSBzaG9ydCBVUkxzLCAiCiAgICAgICAgICAgICAgICAgIGYie3N0YXRzLmdldCgndG90YWxfY2xpY2tzJywnPycpfSB0b3RhbCBjbGlja3MiKQoKICAgICAgICAgICAgIyBDaGVjayBpZiBwbHVnaW4gaXMgYWN0aXZlCiAgICAgICAgICAgIHRlc3QgPSBhcGlfY2FsbCh7ImFjdGlvbiI6ICJkZWxldGUiLCAia2V5d29yZCI6ICJfX3Byb2JlX18ifSkKICAgICAgICAgICAgaWYgX2lzX3Vua25vd25fYWN0aW9uKHRlc3QpOgogICAgICAgICAgICAgICAgcHJpbnQoIiAgbXBtLWFwaS1leHRyYXMgcGx1Z2luIDog4pyXIG5vdCBhY3RpdmUiKQogICAgICAgICAgICAgICAgcHJpbnQoIiAgICDihpIgdXBkYXRlL2RlbGV0ZSB3aWxsIHVzZSBhZG1pbiBzZXNzaW9uIGZhbGxiYWNrIgogICAgICAgICAgICAgICAgICAgICAgaWYgdXNlciBhbmQgcHcgZWxzZQogICAgICAgICAgICAgICAgICAgICAgIiAgICDihpIgdXBkYXRlL2RlbGV0ZSB1bmF2YWlsYWJsZSB3aXRob3V0IHBsdWdpbiBvciBhZG1pbiBjcmVkZW50aWFscyIpCiAgICAgICAgICAgIGVsc2U6CiAgICAgICAgICAgICAgICBwcmludCgiICBtcG0tYXBpLWV4dHJhcyBwbHVnaW4gOiDinJMgYWN0aXZlIikKICAgICAgICBlbHNlOgogICAgICAgICAgICBwcmludChmIkZhaWxlZCDigJQge3Jlc3VsdC5nZXQoJ21lc3NhZ2UnLCAndW5leHBlY3RlZCByZXNwb25zZScpfSIpCiAgICBlbHNlOgogICAgICAgIHByaW50KCJDYW5ub3QgdGVzdCBjb25uZWN0aW9uIOKAlCBzaWduYXR1cmUgdG9rZW4gbWlzc2luZy4iKQoKCmRlZiBjbWRfY3JlYXRlKGFyZ3MpOgogICAgcGFyYW1zID0geyJhY3Rpb24iOiAic2hvcnR1cmwiLCAidXJsIjogYXJncy51cmx9CiAgICBpZiBhcmdzLmtleXdvcmQ6CiAgICAgICAgbm9ybSA9IG5vcm1hbGl6ZV9rZXl3b3JkKGFyZ3Mua2V5d29yZCkKICAgICAgICB3YXJuX2lmX3Nhbml0aXplZChhcmdzLmtleXdvcmQsIG5vcm0pCiAgICAgICAgcGFyYW1zWyJrZXl3b3JkIl0gPSBub3JtCiAgICBpZiBhcmdzLnRpdGxlOgogICAgICAgIHBhcmFtc1sidGl0bGUiXSA9IGFyZ3MudGl0bGUKCiAgICByZXN1bHQgPSBhcGlfY2FsbChwYXJhbXMpCiAgICBzdGF0dXMgPSByZXN1bHQuZ2V0KCJzdGF0dXMiLCAiIikKCiAgICBpZiBzdGF0dXMgPT0gInN1Y2Nlc3MiIG9yIHJlc3VsdC5nZXQoInN0YXR1c0NvZGUiKSA9PSAiMjAwIjoKICAgICAgICBzaG9ydCA9IHJlc3VsdC5nZXQoInNob3J0dXJsIiwgIiIpCiAgICAgICAgcHJpbnQoZiJDcmVhdGVkOiB7c2hvcnR9IikKICAgICAgICBwcmludChmIiAg4oaSIHthcmdzLnVybH0iKQogICAgICAgIGlmIGFyZ3MudGl0bGU6CiAgICAgICAgICAgIHByaW50KGYiICBUaXRsZToge2FyZ3MudGl0bGV9IikKICAgIGVsaWYgc3RhdHVzID09ICJmYWlsIjoKICAgICAgICBtc2cgPSByZXN1bHQuZ2V0KCJtZXNzYWdlIiwgIlVua25vd24gZXJyb3IiKQogICAgICAgIGlmICJhbHJlYWR5IGV4aXN0cyIgaW4gbXNnLmxvd2VyKCk6CiAgICAgICAgICAgIHByaW50KGYiU2hvcnQgY29kZSAne2FyZ3Mua2V5d29yZH0nIGFscmVhZHkgZXhpc3RzLiIpCiAgICAgICAgICAgIGV4aXN0aW5nID0gcmVzdWx0LmdldCgic2hvcnR1cmwiLCAiIikKICAgICAgICAgICAgaWYgZXhpc3Rpbmc6CiAgICAgICAgICAgICAgICBwcmludChmIiAgRXhpc3Rpbmc6IHtleGlzdGluZ30iKQogICAgICAgIGVsc2U6CiAgICAgICAgICAgIHN5cy5leGl0KGYiRXJyb3I6IHttc2d9IikKICAgIGVsc2U6CiAgICAgICAgc3lzLmV4aXQoZiJVbmV4cGVjdGVkIHJlc3BvbnNlOiB7anNvbi5kdW1wcyhyZXN1bHQsIGluZGVudD0yKX0iKQoKCmRlZiBjbWRfcmVhZChhcmdzKToKICAgIHJhdyAgICAgPSBhcmdzLmtleXdvcmQucmVwbGFjZShmIntCQVNFX1VSTH0vIiwgIiIpLnN0cmlwKCIvIikKICAgIGtleXdvcmQgPSBub3JtYWxpemVfa2V5d29yZChyYXcpCiAgICBpZiByYXcgIT0ga2V5d29yZDoKICAgICAgICBwcmludChmIiAgTm90ZTogbG9va2luZyB1cCAne2tleXdvcmR9JyAobm9ybWFsaXNlZCBmcm9tICd7cmF3fScpIikKICAgIGV4cGFuZCAgPSBhcGlfY2FsbCh7ImFjdGlvbiI6ICJleHBhbmQiLCAic2hvcnR1cmwiOiBrZXl3b3JkfSkKCiAgICBpZiBleHBhbmQuZ2V0KCJlcnJvckNvZGUiKSA9PSAiNDA0IiBvciBleHBhbmQuZ2V0KCJtZXNzYWdlIiwiIikubG93ZXIoKS5zdGFydHN3aXRoKCJlcnJvciIpOgogICAgICAgIHN5cy5leGl0KGYiRXJyb3I6IFNob3J0IGNvZGUgJ3trZXl3b3JkfScgbm90IGZvdW5kLiIpCgogICAgbG9uZ191cmwgPSBleHBhbmQuZ2V0KCJsb25ndXJsIiwgIiIpCiAgICB0aXRsZSAgICA9IGV4cGFuZC5nZXQoInRpdGxlIiwgIiIpCiAgICBzaG9ydCAgICA9IGV4cGFuZC5nZXQoInNob3J0dXJsIiwgZiJ7QkFTRV9VUkx9L3trZXl3b3JkfSIpCiAgICBzdGF0cyAgICA9IGFwaV9jYWxsKHsiYWN0aW9uIjogInVybC1zdGF0cyIsICJzaG9ydHVybCI6IGtleXdvcmR9KQogICAgbGluayAgICAgPSBzdGF0cy5nZXQoImxpbmsiLCB7fSkKICAgIGNsaWNrcyAgID0gbGluay5nZXQoImNsaWNrcyIsICI/IikKICAgIGNyZWF0ZWQgID0gbGluay5nZXQoInRpbWVzdGFtcCIsICIiKQoKICAgIHByaW50KGYiU2hvcnQgVVJMIDoge3Nob3J0fSIpCiAgICBwcmludChmIkxvbmcgVVJMICA6IHtsb25nX3VybH0iKQogICAgaWYgdGl0bGU6CiAgICAgICAgcHJpbnQoZiJUaXRsZSAgICAgOiB7dGl0bGV9IikKICAgIHByaW50KGYiQ2xpY2tzICAgIDoge2NsaWNrc30iKQogICAgaWYgY3JlYXRlZDoKICAgICAgICBwcmludChmIkNyZWF0ZWQgICA6IHtjcmVhdGVkfSIpCgoKZGVmIGNtZF9saXN0KGFyZ3MpOgogICAgbGltaXQgICA9IGFyZ3MubGltaXQgb3IgNTAKICAgIGZpbHRlcl8gPSBhcmdzLmZpbHRlciBvciAidG9wIgoKICAgIHJlc3VsdCA9IGFwaV9jYWxsKHsiYWN0aW9uIjogInN0YXRzIiwgImZpbHRlciI6IGZpbHRlcl8sICJsaW1pdCI6IGxpbWl0fSkKCiAgICBpZiByZXN1bHQuZ2V0KCJtZXNzYWdlIikgIT0gInN1Y2Nlc3MiIGFuZCByZXN1bHQuZ2V0KCJzdGF0dXNDb2RlIikgIT0gIjIwMCI6CiAgICAgICAgc3lzLmV4aXQoZiJFcnJvcjoge3Jlc3VsdC5nZXQoJ21lc3NhZ2UnLCAnVW5rbm93biBlcnJvcicpfSIpCgogICAgbGlua3MgPSBsaXN0KHJlc3VsdC5nZXQoImxpbmtzIiwge30pLnZhbHVlcygpKQogICAgaWYgbm90IGxpbmtzOgogICAgICAgIHByaW50KCJObyBzaG9ydCBVUkxzIGZvdW5kLiIpCiAgICAgICAgcmV0dXJuCgogICAgcHJpbnQoZiJ7J1Nob3J0IENvZGUnOjwyMn0geydDbGlja3MnOj43fSAgeydDcmVhdGVkJzo8MTJ9ICBUaXRsZSAvIFVSTCIpCiAgICBwcmludCgi4pSAIiAqIDg4KQogICAgZm9yIGxpbmsgaW4gbGlua3M6CiAgICAgICAgc2hvcnR1cmwgID0gbGluay5nZXQoInNob3J0dXJsIiwgIiIpCiAgICAgICAga2V5d29yZCAgID0gc2hvcnR1cmwucmVwbGFjZShCQVNFX1VSTCArICIvIiwgIiIpLnN0cmlwKCIvIikgaWYgc2hvcnR1cmwgZWxzZSBsaW5rLmdldCgia2V5d29yZCIsICIiKQogICAgICAgIHRpdGxlICAgICA9IGxpbmsuZ2V0KCJ0aXRsZSIsICIiKSBvciBsaW5rLmdldCgidXJsIiwgIiIpCiAgICAgICAgY2xpY2tzICAgID0gbGluay5nZXQoImNsaWNrcyIsIDApCiAgICAgICAgdGltZXN0YW1wID0gbGluay5nZXQoInRpbWVzdGFtcCIsICIiKQogICAgICAgIGRhdGVfc3RyICA9IHRpbWVzdGFtcFs6MTBdIGlmIHRpbWVzdGFtcCBlbHNlICIiCiAgICAgICAgbGFiZWwgICAgID0gKHRpdGxlWzo0OF0gKyAi4oCmIikgaWYgbGVuKHRpdGxlKSA+IDQ4IGVsc2UgdGl0bGUKICAgICAgICBwcmludChmIntrZXl3b3JkOjwyMn0ge2NsaWNrczo+N30gIHtkYXRlX3N0cjo8MTJ9ICB7bGFiZWx9IikKCiAgICB0b3RhbCA9IHJlc3VsdC5nZXQoInN0YXRzIiwge30pLmdldCgidG90YWxfbGlua3MiLCAiPyIpCiAgICBwcmludChmIlxue2xlbihsaW5rcyl9IG9mIHt0b3RhbH0gdG90YWwgc2hvcnQgVVJMcyAgKGZpbHRlcjoge2ZpbHRlcl99KSIpCgoKZGVmIGNtZF91cGRhdGUoYXJncyk6CiAgICBpZiBub3QgYW55KFthcmdzLnVybCwgYXJncy5uZXdrZXl3b3JkLCBhcmdzLnRpdGxlXSk6CiAgICAgICAgc3lzLmV4aXQoIkVycm9yOiBQcm92aWRlIGF0IGxlYXN0IG9uZSBvZiAtLXVybCwgLS1uZXdrZXl3b3JkLCBvciAtLXRpdGxlLiIpCgogICAgcmF3ICAgICA9IGFyZ3Mua2V5d29yZC5yZXBsYWNlKGYie0JBU0VfVVJMfS8iLCAiIikuc3RyaXAoIi8iKQogICAga2V5d29yZCA9IG5vcm1hbGl6ZV9rZXl3b3JkKHJhdykKICAgIGlmIGFyZ3MubmV3a2V5d29yZDoKICAgICAgICBub3JtX25ldyA9IG5vcm1hbGl6ZV9rZXl3b3JkKGFyZ3MubmV3a2V5d29yZCkKICAgICAgICB3YXJuX2lmX3Nhbml0aXplZChhcmdzLm5ld2tleXdvcmQsIG5vcm1fbmV3KQogICAgICAgIGFyZ3MubmV3a2V5d29yZCA9IG5vcm1fbmV3CgogICAgIyBSZXNvbHZlIGN1cnJlbnQgdmFsdWVzIGZvciBmaWVsZHMgbm90IHN1cHBsaWVkCiAgICBleHBhbmQgICAgICAgID0gYXBpX2NhbGwoeyJhY3Rpb24iOiAiZXhwYW5kIiwgInNob3J0dXJsIjoga2V5d29yZH0pCiAgICBjdXJyZW50X3VybCAgID0gZXhwYW5kLmdldCgibG9uZ3VybCIsICIiKQogICAgY3VycmVudF90aXRsZSA9IGV4cGFuZC5nZXQoInRpdGxlIiwgIiIpCiAgICBpZiBub3QgY3VycmVudF91cmw6CiAgICAgICAgc3lzLmV4aXQoZiJFcnJvcjogU2hvcnQgY29kZSAne2tleXdvcmR9JyBub3QgZm91bmQuIikKCiAgICBuZXdfdXJsICAgICA9IGFyZ3MudXJsICAgICAgICBvciBjdXJyZW50X3VybAogICAgbmV3X2tleXdvcmQgPSBhcmdzLm5ld2tleXdvcmQgb3Iga2V5d29yZAogICAgbmV3X3RpdGxlICAgPSBhcmdzLnRpdGxlIGlmIGFyZ3MudGl0bGUgaXMgbm90IE5vbmUgZWxzZSBjdXJyZW50X3RpdGxlCgogICAgIyBUcnkgQVBJIChwbHVnaW4pIGZpcnN0CiAgICByZXN1bHQgPSBhcGlfY2FsbCh7CiAgICAgICAgImFjdGlvbiI6ICAgICAidXBkYXRlIiwKICAgICAgICAia2V5d29yZCI6ICAgIGtleXdvcmQsCiAgICAgICAgInVybCI6ICAgICAgICBuZXdfdXJsLAogICAgICAgICJuZXdrZXl3b3JkIjogbmV3X2tleXdvcmQsCiAgICAgICAgInRpdGxlIjogICAgICBuZXdfdGl0bGUsCiAgICB9KQoKICAgIGlmIHJlc3VsdC5nZXQoInN0YXR1cyIpID09ICJzdWNjZXNzIiBvciByZXN1bHQuZ2V0KCJzdGF0dXNDb2RlIikgPT0gIjIwMCI6CiAgICAgICAgc2hvcnQgPSByZXN1bHQuZ2V0KCJzaG9ydHVybCIsIGYie0JBU0VfVVJMfS97bmV3X2tleXdvcmR9IikKICAgICAgICBwcmludChmIlVwZGF0ZWQ6IHtzaG9ydH0gICh2aWEgQVBJKSIpCiAgICAgICAgaWYgYXJncy51cmw6ICAgICAgICBwcmludChmIiAgVVJMICAgIDoge25ld191cmx9IikKICAgICAgICBpZiBhcmdzLm5ld2tleXdvcmQgYW5kIGFyZ3MubmV3a2V5d29yZCAhPSBrZXl3b3JkOgogICAgICAgICAgICBwcmludChmIiAgQ29kZSAgIDoge2tleXdvcmR9IOKGkiB7bmV3X2tleXdvcmR9IikKICAgICAgICBpZiBhcmdzLnRpdGxlIGlzIG5vdCBOb25lOiBwcmludChmIiAgVGl0bGUgIDoge25ld190aXRsZX0iKQogICAgICAgIHJldHVybgoKICAgIGlmIF9pc191bmtub3duX2FjdGlvbihyZXN1bHQpOgogICAgICAgICMgUGx1Z2luIG5vdCBpbnN0YWxsZWQg4oCUIGZhbGwgYmFjayB0byBhZG1pbiBzZXNzaW9uCiAgICAgICAgcHJpbnQoIk5vdGU6IG1wbS1hcGktZXh0cmFzIHBsdWdpbiBub3QgYWN0aXZlOyB1c2luZyBhZG1pbiBzZXNzaW9uIGZhbGxiYWNrLiIpCiAgICAgICAgYWRtaW5fdXBkYXRlKGtleXdvcmQsIG5ld191cmwsIG5ld19rZXl3b3JkLCBuZXdfdGl0bGUsCiAgICAgICAgICAgICAgICAgICAgIHJvd19pZD1Ob25lLCBlZGl0X25vbmNlPU5vbmUpCiAgICAgICAgaWYgYXJncy51cmw6ICAgICAgICBwcmludChmIiAgVVJMICAgIDoge25ld191cmx9IikKICAgICAgICBpZiBhcmdzLm5ld2tleXdvcmQgYW5kIGFyZ3MubmV3a2V5d29yZCAhPSBrZXl3b3JkOgogICAgICAgICAgICBwcmludChmIiAgQ29kZSAgIDoge2tleXdvcmR9IOKGkiB7bmV3X2tleXdvcmR9IikKICAgICAgICBpZiBhcmdzLnRpdGxlIGlzIG5vdCBOb25lOiBwcmludChmIiAgVGl0bGUgIDoge25ld190aXRsZX0iKQogICAgICAgIHJldHVybgoKICAgIHN5cy5leGl0KGYiRXJyb3I6IHtyZXN1bHQuZ2V0KCdtZXNzYWdlJywganNvbi5kdW1wcyhyZXN1bHQpKX0iKQoKCmRlZiBjbWRfZGVsZXRlKGFyZ3MpOgogICAgcmF3ICAgICA9IGFyZ3Mua2V5d29yZC5yZXBsYWNlKGYie0JBU0VfVVJMfS8iLCAiIikuc3RyaXAoIi8iKQogICAga2V5d29yZCA9IG5vcm1hbGl6ZV9rZXl3b3JkKHJhdykKCiAgICBpZiBub3QgYXJncy5mb3JjZToKICAgICAgICBleHBhbmQgICA9IGFwaV9jYWxsKHsiYWN0aW9uIjogImV4cGFuZCIsICJzaG9ydHVybCI6IGtleXdvcmR9KQogICAgICAgIGxvbmdfdXJsID0gZXhwYW5kLmdldCgibG9uZ3VybCIsICIobm90IGZvdW5kKSIpCiAgICAgICAgdGl0bGUgICAgPSBleHBhbmQuZ2V0KCJ0aXRsZSIsICIiKQogICAgICAgIHByaW50KGYiQWJvdXQgdG8gZGVsZXRlOiIpCiAgICAgICAgcHJpbnQoZiIgIFNob3J0IFVSTCA6IHtCQVNFX1VSTH0ve2tleXdvcmR9IikKICAgICAgICBwcmludChmIiAgTG9uZyBVUkwgIDoge2xvbmdfdXJsfSIpCiAgICAgICAgaWYgdGl0bGU6CiAgICAgICAgICAgIHByaW50KGYiICBUaXRsZSAgICAgOiB7dGl0bGV9IikKICAgICAgICBpZiBpbnB1dCgiXG5BcmUgeW91IHN1cmU/IFt5L05dICIpLnN0cmlwKCkubG93ZXIoKSAhPSAieSI6CiAgICAgICAgICAgIHByaW50KCJDYW5jZWxsZWQuIikKICAgICAgICAgICAgcmV0dXJuCgogICAgIyBUcnkgQVBJIChwbHVnaW4pIGZpcnN0CiAgICByZXN1bHQgPSBhcGlfY2FsbCh7ImFjdGlvbiI6ICJkZWxldGUiLCAia2V5d29yZCI6IGtleXdvcmR9KQoKICAgIGlmIHJlc3VsdC5nZXQoInN0YXR1cyIpID09ICJzdWNjZXNzIiBvciByZXN1bHQuZ2V0KCJzdGF0dXNDb2RlIikgPT0gIjIwMCI6CiAgICAgICAgcHJpbnQoZiJEZWxldGVkOiB7QkFTRV9VUkx9L3trZXl3b3JkfSAgKHZpYSBBUEkpIikKICAgICAgICByZXR1cm4KCiAgICBpZiBfaXNfdW5rbm93bl9hY3Rpb24ocmVzdWx0KToKICAgICAgICBwcmludCgiTm90ZTogbXBtLWFwaS1leHRyYXMgcGx1Z2luIG5vdCBhY3RpdmU7IHVzaW5nIGFkbWluIHNlc3Npb24gZmFsbGJhY2suIikKICAgICAgICBhZG1pbl9kZWxldGUoa2V5d29yZCkKICAgICAgICByZXR1cm4KCiAgICBzeXMuZXhpdChmIkVycm9yOiB7cmVzdWx0LmdldCgnbWVzc2FnZScsIGpzb24uZHVtcHMocmVzdWx0KSl9IikKCgojIC0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQojIENMSQojIC0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQoKZGVmIG1haW4oKToKICAgIHBhcnNlciA9IGFyZ3BhcnNlLkFyZ3VtZW50UGFyc2VyKAogICAgICAgIGRlc2NyaXB0aW9uPSJDUlVEIG1hbmFnZXIgZm9yIG1wbS50byBZT1VSTFMgc2hvcnQgVVJMcyIKICAgICkKICAgIHN1YiA9IHBhcnNlci5hZGRfc3VicGFyc2VycyhkZXN0PSJjb21tYW5kIiwgcmVxdWlyZWQ9VHJ1ZSkKCiAgICBzdWIuYWRkX3BhcnNlcigic2V0dXAiLCBoZWxwPSJTdG9yZSBjcmVkZW50aWFscyBpbiBtYWNPUyBLZXljaGFpbiIpCiAgICBzdWIuYWRkX3BhcnNlcigiY2hlY2siLCBoZWxwPSJWZXJpZnkgY3JlZGVudGlhbHMgYW5kIHRlc3QgY29ubmVjdGlvbiIpCgogICAgcCA9IHN1Yi5hZGRfcGFyc2VyKCJjcmVhdGUiLCBoZWxwPSJDcmVhdGUgYSBuZXcgc2hvcnQgVVJMIikKICAgIHAuYWRkX2FyZ3VtZW50KCItLXVybCIsICAgICByZXF1aXJlZD1UcnVlKQogICAgcC5hZGRfYXJndW1lbnQoIi0ta2V5d29yZCIsIGhlbHA9IkN1c3RvbSBzaG9ydCBjb2RlIChvcHRpb25hbCkiKQogICAgcC5hZGRfYXJndW1lbnQoIi0tdGl0bGUiLCAgIGhlbHA9IlRpdGxlIChvcHRpb25hbCkiKQoKICAgIHAgPSBzdWIuYWRkX3BhcnNlcigicmVhZCIsIGhlbHA9Ikxvb2sgdXAgYSBzaG9ydCBVUkwiKQogICAgcC5hZGRfYXJndW1lbnQoIi0ta2V5d29yZCIsIHJlcXVpcmVkPVRydWUpCgogICAgcCA9IHN1Yi5hZGRfcGFyc2VyKCJsaXN0IiwgaGVscD0iTGlzdCBzaG9ydCBVUkxzIikKICAgIHAuYWRkX2FyZ3VtZW50KCItLWxpbWl0IiwgIHR5cGU9aW50LCBkZWZhdWx0PTUwKQogICAgcC5hZGRfYXJndW1lbnQoIi0tZmlsdGVyIiwgZGVmYXVsdD0idG9wIiwKICAgICAgICAgICAgICAgICAgIGNob2ljZXM9WyJ0b3AiLCAiYm90dG9tIiwgImxhc3QiLCAicmFuZCJdKQoKICAgIHAgPSBzdWIuYWRkX3BhcnNlcigidXBkYXRlIiwgaGVscD0iVXBkYXRlIGEgc2hvcnQgVVJMIikKICAgIHAuYWRkX2FyZ3VtZW50KCItLWtleXdvcmQiLCAgICByZXF1aXJlZD1UcnVlKQogICAgcC5hZGRfYXJndW1lbnQoIi0tdXJsIiwgICAgICAgIGhlbHA9Ik5ldyBsb25nIFVSTCIpCiAgICBwLmFkZF9hcmd1bWVudCgiLS1uZXdrZXl3b3JkIiwgaGVscD0iTmV3IHNob3J0IGNvZGUiKQogICAgcC5hZGRfYXJndW1lbnQoIi0tdGl0bGUiLCAgICAgIGhlbHA9Ik5ldyB0aXRsZSIpCgogICAgcCA9IHN1Yi5hZGRfcGFyc2VyKCJkZWxldGUiLCBoZWxwPSJEZWxldGUgYSBzaG9ydCBVUkwiKQogICAgcC5hZGRfYXJndW1lbnQoIi0ta2V5d29yZCIsIHJlcXVpcmVkPVRydWUpCiAgICBwLmFkZF9hcmd1bWVudCgiLS1mb3JjZSIsICAgYWN0aW9uPSJzdG9yZV90cnVlIiwgaGVscD0iU2tpcCBjb25maXJtYXRpb24iKQoKICAgIGFyZ3MgPSBwYXJzZXIucGFyc2VfYXJncygpCiAgICB7CiAgICAgICAgInNldHVwIjogIGNtZF9zZXR1cCwKICAgICAgICAiY2hlY2siOiAgY21kX2NoZWNrLAogICAgICAgICJjcmVhdGUiOiBjbWRfY3JlYXRlLAogICAgICAgICJyZWFkIjogICBjbWRfcmVhZCwKICAgICAgICAibGlzdCI6ICAgY21kX2xpc3QsCiAgICAgICAgInVwZGF0ZSI6IGNtZF91cGRhdGUsCiAgICAgICAgImRlbGV0ZSI6IGNtZF9kZWxldGUsCiAgICB9W2FyZ3MuY29tbWFuZF0oYXJncykKCgppZiBfX25hbWVfXyA9PSAiX19tYWluX18iOgogICAgbWFpbigpCg==
\ No newline at end of file
+#!/usr/bin/env python3
+"""
+yourls_manager.py — CRUD operations for mpm.to YOURLS instance
+
+Authentication strategy
+-----------------------
+Create and read always use the signature token via yourls-api.php.
+
+Update and delete try the signature token first (requires the mpm-api-extras
+plugin to be active). If the plugin is not installed, they automatically fall
+back to an admin session (username + password) via admin-ajax.php.
+
+Credentials are stored in macOS Keychain under service 'mpm.to-yourls':
+ account 'signature' → static API signature token (required)
+ account 'username' → YOURLS admin username (optional fallback)
+ account 'password' → YOURLS admin password (optional fallback)
+
+Usage:
+ yourls_manager.py setup # Store credentials
+ yourls_manager.py check # Verify & test
+ yourls_manager.py create --url URL [--keyword K] [--title T]
+ yourls_manager.py read --keyword K
+ yourls_manager.py list [--limit N] [--filter top|bottom|last|rand]
+ yourls_manager.py update --keyword K [--url URL] [--newkeyword K2] [--title T]
+ yourls_manager.py delete --keyword K [--force]
+"""
+
+import argparse
+import getpass
+import json
+import re
+import subprocess
+import sys
+
+BASE_URL = "https://mpm.to"
+API_URL = f"{BASE_URL}/yourls-api.php"
+ADMIN_URL = f"{BASE_URL}/admin"
+KEYCHAIN_SERVICE = "mpm.to-yourls"
+
+
+# ---------------------------------------------------------------------------
+# Keychain helpers (macOS)
+# ---------------------------------------------------------------------------
+
+def keychain_get(account: str) -> str | None:
+ result = subprocess.run(
+ ["security", "find-generic-password",
+ "-a", account, "-s", KEYCHAIN_SERVICE, "-w"],
+ capture_output=True, text=True
+ )
+ return result.stdout.strip() if result.returncode == 0 else None
+
+
+def keychain_set(account: str, value: str) -> None:
+ subprocess.run(
+ ["security", "add-generic-password",
+ "-U", "-a", account, "-s", KEYCHAIN_SERVICE, "-w", value],
+ capture_output=True, check=True
+ )
+
+
+def keychain_delete(account: str) -> None:
+ subprocess.run(
+ ["security", "delete-generic-password",
+ "-a", account, "-s", KEYCHAIN_SERVICE],
+ capture_output=True
+ )
+
+
+def get_signature() -> str:
+ token = keychain_get("signature")
+ if not token:
+ sys.exit(
+ "Error: No signature token found.\n"
+ "Run `yourls_manager.py setup` to store your credentials."
+ )
+ return token
+
+
+# ---------------------------------------------------------------------------
+# Keyword normalisation
+# ---------------------------------------------------------------------------
+
+def normalize_keyword(raw: str) -> str:
+ """
+ Apply mpm.to's keyword charset rules client-side so the user sees the
+ actual short code before the request is sent.
+
+ mpm.to is configured with a lowercase alphanumeric charset, so uppercase
+ letters, hyphens, underscores and all other special characters are silently
+ stripped by YOURLS. Replicating that here lets us warn the user early.
+ """
+ import re as _re
+ return _re.sub(r'[^a-z0-9]', '', raw.lower())
+
+
+def warn_if_sanitized(requested: str, normalized: str) -> None:
+ if requested != normalized:
+ print(f" Note: keyword '{requested}' was normalised to '{normalized}'")
+ print(f" (mpm.to only allows lowercase letters and numbers)")
+ if not normalized:
+ sys.exit("Error: After normalisation the keyword is empty. "
+ "Choose a keyword using only lowercase letters and numbers.")
+
+
+def get_admin_creds() -> tuple[str, str] | None:
+ """Return (username, password) if both are stored, otherwise None."""
+ username = keychain_get("username")
+ password = keychain_get("password")
+ if username and password:
+ return username, password
+ return None
+
+
+# ---------------------------------------------------------------------------
+# Standard API calls (always via signature token)
+# ---------------------------------------------------------------------------
+
+def _requests():
+ try:
+ import requests as req
+ return req
+ except ImportError:
+ sys.exit(
+ "Error: 'requests' library not installed.\n"
+ "Fix: pip3 install requests --break-system-packages"
+ )
+
+
+def api_call(params: dict) -> dict:
+ req = _requests()
+ params["signature"] = get_signature()
+ params["format"] = "json"
+ try:
+ resp = req.post(API_URL, data=params, timeout=15)
+ resp.raise_for_status()
+ return resp.json()
+ except req.exceptions.ConnectionError:
+ sys.exit(f"Error: Could not connect to {BASE_URL}. Check your network.")
+ except req.exceptions.Timeout:
+ sys.exit(f"Error: Request timed out.")
+ except Exception as e:
+ sys.exit(f"Error: API call failed — {e}")
+
+
+def _is_unknown_action(result: dict) -> bool:
+ """True when YOURLS says it doesn't know the action — plugin not installed."""
+ msg = result.get("message", "").lower()
+ return result.get("errorCode") == "400" and (
+ "unknown" in msg or "missing" in msg or "action" in msg
+ )
+
+
+# ---------------------------------------------------------------------------
+# Admin session (fallback for update & delete when plugin is not installed)
+# ---------------------------------------------------------------------------
+
+def get_admin_session():
+ req = _requests()
+ creds = get_admin_creds()
+ if not creds:
+ sys.exit(
+ "Error: The mpm-api-extras plugin is not active, and no admin\n"
+ "credentials are stored as a fallback.\n\n"
+ "Choose one:\n"
+ " A) Install plugin/mpm-api-extras.php and activate it in YOURLS admin\n"
+ " B) Run `yourls_manager.py setup` and add admin username + password"
+ )
+ username, password = creds
+ session = req.Session()
+ try:
+ # Step 1: GET the admin page to fetch the login nonce.
+ # YOURLS embeds a time-limited nonce in a hidden on
+ # the login form; it must be included in the POST or the login is rejected.
+ # The login endpoint is admin/ (not a separate login.php file).
+ page = session.get(f"{ADMIN_URL}/", allow_redirects=False, timeout=15)
+ except Exception as e:
+ sys.exit(f"Error: Could not reach admin page — {e}")
+
+ nonce_m = (
+ re.search(r']+name=["\']nonce["\'][^>]+value=["\']([^"\']+)["\']', page.text)
+ or re.search(r'name=["\']nonce["\'][^>]*value=["\']([^"\']+)["\']', page.text)
+ )
+ if not nonce_m:
+ sys.exit("Error: Could not find login nonce on admin page. YOURLS may have changed.")
+ login_nonce = nonce_m.group(1)
+
+ try:
+ resp = session.post(
+ f"{ADMIN_URL}/",
+ data={"username": username, "password": password,
+ "nonce": login_nonce, "submit": "Login"},
+ timeout=15,
+ allow_redirects=True
+ )
+ except Exception as e:
+ sys.exit(f"Error: Admin login request failed — {e}")
+
+ if 'name="password"' in resp.text:
+ sys.exit(
+ "Error: Admin login failed. Check username and password.\n"
+ "Re-run `yourls_manager.py setup` to update stored credentials."
+ )
+ return session
+
+
+def get_link_row_info(session, keyword: str) -> dict:
+ """
+ Scrape the admin index page for the nonces and row ID of a given keyword.
+ Returns dict with keys: id, delete_nonce, edit_nonce
+
+ We search the admin page for the specific keyword (?s=keyword) so that
+ YOURLS filters the table to a single row — essential when there are hundreds
+ of links and the target keyword would not appear on the first page otherwise.
+ """
+ resp = session.get(
+ f"{ADMIN_URL}/",
+ params={"s": keyword, "search_in": "keyword"},
+ timeout=15,
+ allow_redirects=True,
+ )
+ html = resp.text
+
+ # YOURLS embeds nonces in admin-ajax.php hrefs, e.g.:
+ # admin-ajax.php?id=yid-N&action=delete&keyword=KEYWORD&nonce=NONCE
+ # Parameter order can vary; try both orderings.
+
+ def find_ajax_url(html, action, keyword):
+ patterns = [
+ r'href=["\']([^"\']*admin-ajax\.php[^"\']*action=' + re.escape(action)
+ + r'[^"\']*keyword=' + re.escape(keyword) + r'[^"\']*)["\']',
+ r'href=["\']([^"\']*admin-ajax\.php[^"\']*keyword=' + re.escape(keyword)
+ + r'[^"\']*action=' + re.escape(action) + r'[^"\']*)["\']',
+ ]
+ for pat in patterns:
+ m = re.search(pat, html)
+ if m:
+ url = m.group(1).replace("&", "&")
+ qs = dict(p.split("=", 1) for p in url.split("?", 1)[1].split("&") if "=" in p)
+ return qs
+ return None
+
+ delete_qs = find_ajax_url(html, "delete", keyword)
+ edit_qs = find_ajax_url(html, "edit", keyword)
+
+ if not delete_qs:
+ # Diagnose: does the keyword appear at all in the page?
+ if keyword in html:
+ sys.exit(
+ f"Error: Found '{keyword}' on admin page but could not extract "
+ f"nonce link. The page structure may have changed."
+ )
+ else:
+ sys.exit(
+ f"Error: Short code '{keyword}' not found on admin page.\n"
+ f" (admin page URL after redirect: {resp.url})"
+ )
+
+ return {
+ "id": delete_qs.get("id"),
+ "delete_nonce": delete_qs.get("nonce"),
+ "edit_nonce": edit_qs.get("nonce") if edit_qs else None,
+ }
+
+
+def admin_delete(keyword: str) -> None:
+ session = get_admin_session()
+ info = get_link_row_info(session, keyword)
+
+ resp = session.post(
+ f"{ADMIN_URL}/admin-ajax.php",
+ data={
+ "action": "delete",
+ "keyword": keyword,
+ "id": info["id"],
+ "nonce": info["delete_nonce"],
+ },
+ timeout=15
+ )
+ result = resp.json()
+ if result.get("success"):
+ print(f"Deleted: {BASE_URL}/{keyword} (via admin session)")
+ else:
+ sys.exit(f"Error deleting '{keyword}': {json.dumps(result)}")
+
+
+def admin_update(keyword: str, new_url: str, new_keyword: str,
+ new_title: str, row_id: str, edit_nonce: str) -> None:
+ session = get_admin_session()
+ info = get_link_row_info(session, keyword)
+
+ # Step 1: fetch the edit row to get the edit-save nonce
+ disp = session.post(
+ f"{ADMIN_URL}/admin-ajax.php",
+ data={
+ "action": "edit_display",
+ "keyword": keyword,
+ "id": info["id"],
+ "nonce": info["edit_nonce"],
+ },
+ timeout=15
+ )
+ edit_html = disp.json().get("html", "")
+
+ # Extract edit-save nonce from hidden input: id="nonce_"
+ row_id = info["id"]
+ save_nonce = None
+ for pat in [
+ r'id=["\']nonce_' + re.escape(row_id) + r'["\'][^>]*value=["\']([^"\']+)["\']',
+ r'value=["\']([^"\']+)["\'][^>]*id=["\']nonce_' + re.escape(row_id) + r'["\']',
+ ]:
+ m = re.search(pat, edit_html)
+ if m:
+ save_nonce = m.group(1)
+ break
+
+ if not save_nonce:
+ sys.exit("Error: Could not extract edit-save nonce. Try activating the plugin instead.")
+
+ # Step 2: save
+ save = session.post(
+ f"{ADMIN_URL}/admin-ajax.php",
+ data={
+ "action": "edit_save",
+ "keyword": keyword,
+ "newkeyword": new_keyword,
+ "url": new_url,
+ "title": new_title,
+ "id": row_id,
+ "nonce": save_nonce,
+ },
+ timeout=15
+ )
+ result = save.json()
+ if result.get("status") == "success":
+ print(f"Updated: {BASE_URL}/{new_keyword} (via admin session)")
+ else:
+ sys.exit(f"Error updating '{keyword}': {result.get('message', json.dumps(result))}")
+
+
+# ---------------------------------------------------------------------------
+# Commands
+# ---------------------------------------------------------------------------
+
+def cmd_setup(args):
+ print("=== mpm.to YOURLS Credential Setup ===")
+ print(f"Stored in macOS Keychain under service '{KEYCHAIN_SERVICE}'\n")
+
+ # Signature token (required)
+ existing_sig = keychain_get("signature")
+ if existing_sig:
+ ans = input("Signature token already stored. Replace it? [y/N] ").strip().lower()
+ if ans == "y":
+ token = getpass.getpass("New signature token: ").strip()
+ if token:
+ keychain_set("signature", token)
+ print(" ✓ Signature token updated.")
+ else:
+ token = getpass.getpass("Signature token (required): ").strip()
+ if not token:
+ sys.exit("Error: Signature token is required.")
+ keychain_set("signature", token)
+ print(" ✓ Signature token saved.")
+
+ # Admin credentials (optional fallback)
+ print()
+ print("Admin username + password are optional. They are used as a fallback")
+ print("for update/delete if the mpm-api-extras plugin is not installed.")
+ print("Press Enter to skip.\n")
+
+ existing_user = keychain_get("username")
+ prompt = f"Admin username [{existing_user}]: " if existing_user else "Admin username: "
+ username = input(prompt).strip()
+
+ if username:
+ keychain_set("username", username)
+ print(" ✓ Username saved.")
+ password = getpass.getpass("Admin password: ").strip()
+ if password:
+ keychain_set("password", password)
+ print(" ✓ Password saved.")
+ elif not existing_user:
+ print(" Skipped — update/delete will require the mpm-api-extras plugin.")
+
+ print("\nSetup complete. Run `check` to verify.")
+
+
+def cmd_check(args):
+ sig = keychain_get("signature")
+ user = keychain_get("username")
+ pw = keychain_get("password")
+
+ print(f"Keychain service : {KEYCHAIN_SERVICE}")
+ print(f" Signature token : {'✓ stored' if sig else '✗ missing — run setup'}")
+ print(f" Admin username : {'✓ ' + user if user else '○ not stored (optional)'}")
+ print(f" Admin password : {'✓ stored' if pw else '○ not stored (optional)'}")
+
+ print()
+ if sig:
+ print("Testing API connection...", end=" ", flush=True)
+ result = api_call({"action": "db-stats"})
+ if result.get("statusCode") == "200" or result.get("message") == "success":
+ stats = result.get("db-stats", {})
+ print(f"OK — {stats.get('total_links','?')} short URLs, "
+ f"{stats.get('total_clicks','?')} total clicks")
+
+ # Check if plugin is active
+ test = api_call({"action": "delete", "keyword": "__probe__"})
+ if _is_unknown_action(test):
+ print(" mpm-api-extras plugin : ✗ not active")
+ print(" → update/delete will use admin session fallback"
+ if user and pw else
+ " → update/delete unavailable without plugin or admin credentials")
+ else:
+ print(" mpm-api-extras plugin : ✓ active")
+ else:
+ print(f"Failed — {result.get('message', 'unexpected response')}")
+ else:
+ print("Cannot test connection — signature token missing.")
+
+
+def cmd_create(args):
+ params = {"action": "shorturl", "url": args.url}
+ if args.keyword:
+ norm = normalize_keyword(args.keyword)
+ warn_if_sanitized(args.keyword, norm)
+ params["keyword"] = norm
+ if args.title:
+ params["title"] = args.title
+
+ result = api_call(params)
+ status = result.get("status", "")
+
+ if status == "success" or result.get("statusCode") == "200":
+ short = result.get("shorturl", "")
+ print(f"Created: {short}")
+ print(f" → {args.url}")
+ if args.title:
+ print(f" Title: {args.title}")
+ elif status == "fail":
+ msg = result.get("message", "Unknown error")
+ if "already exists" in msg.lower():
+ print(f"Short code '{args.keyword}' already exists.")
+ existing = result.get("shorturl", "")
+ if existing:
+ print(f" Existing: {existing}")
+ else:
+ sys.exit(f"Error: {msg}")
+ else:
+ sys.exit(f"Unexpected response: {json.dumps(result, indent=2)}")
+
+
+def cmd_read(args):
+ raw = args.keyword.replace(f"{BASE_URL}/", "").strip("/")
+ keyword = normalize_keyword(raw)
+ if raw != keyword:
+ print(f" Note: looking up '{keyword}' (normalised from '{raw}')")
+ expand = api_call({"action": "expand", "shorturl": keyword})
+
+ if expand.get("errorCode") == "404" or expand.get("message","").lower().startswith("error"):
+ sys.exit(f"Error: Short code '{keyword}' not found.")
+
+ long_url = expand.get("longurl", "")
+ title = expand.get("title", "")
+ short = expand.get("shorturl", f"{BASE_URL}/{keyword}")
+ stats = api_call({"action": "url-stats", "shorturl": keyword})
+ link = stats.get("link", {})
+ clicks = link.get("clicks", "?")
+ created = link.get("timestamp", "")
+
+ print(f"Short URL : {short}")
+ print(f"Long URL : {long_url}")
+ if title:
+ print(f"Title : {title}")
+ print(f"Clicks : {clicks}")
+ if created:
+ print(f"Created : {created}")
+
+
+def cmd_list(args):
+ limit = args.limit or 50
+ filter_ = args.filter or "top"
+
+ result = api_call({"action": "stats", "filter": filter_, "limit": limit})
+
+ if result.get("message") != "success" and result.get("statusCode") != "200":
+ sys.exit(f"Error: {result.get('message', 'Unknown error')}")
+
+ links = list(result.get("links", {}).values())
+ if not links:
+ print("No short URLs found.")
+ return
+
+ print(f"{'Short Code':<22} {'Clicks':>7} {'Created':<12} Title / URL")
+ print("─" * 88)
+ for link in links:
+ shorturl = link.get("shorturl", "")
+ keyword = shorturl.replace(BASE_URL + "/", "").strip("/") if shorturl else link.get("keyword", "")
+ title = link.get("title", "") or link.get("url", "")
+ clicks = link.get("clicks", 0)
+ timestamp = link.get("timestamp", "")
+ date_str = timestamp[:10] if timestamp else ""
+ label = (title[:48] + "…") if len(title) > 48 else title
+ print(f"{keyword:<22} {clicks:>7} {date_str:<12} {label}")
+
+ total = result.get("stats", {}).get("total_links", "?")
+ print(f"\n{len(links)} of {total} total short URLs (filter: {filter_})")
+
+
+def cmd_update(args):
+ if not any([args.url, args.newkeyword, args.title]):
+ sys.exit("Error: Provide at least one of --url, --newkeyword, or --title.")
+
+ raw = args.keyword.replace(f"{BASE_URL}/", "").strip("/")
+ keyword = normalize_keyword(raw)
+ if args.newkeyword:
+ norm_new = normalize_keyword(args.newkeyword)
+ warn_if_sanitized(args.newkeyword, norm_new)
+ args.newkeyword = norm_new
+
+ # Resolve current values for fields not supplied
+ expand = api_call({"action": "expand", "shorturl": keyword})
+ current_url = expand.get("longurl", "")
+ current_title = expand.get("title", "")
+ if not current_url:
+ sys.exit(f"Error: Short code '{keyword}' not found.")
+
+ new_url = args.url or current_url
+ new_keyword = args.newkeyword or keyword
+ new_title = args.title if args.title is not None else current_title
+
+ # Try API (plugin) first
+ result = api_call({
+ "action": "update",
+ "keyword": keyword,
+ "url": new_url,
+ "newkeyword": new_keyword,
+ "title": new_title,
+ })
+
+ if result.get("status") == "success" or result.get("statusCode") == "200":
+ short = result.get("shorturl", f"{BASE_URL}/{new_keyword}")
+ print(f"Updated: {short} (via API)")
+ if args.url: print(f" URL : {new_url}")
+ if args.newkeyword and args.newkeyword != keyword:
+ print(f" Code : {keyword} → {new_keyword}")
+ if args.title is not None: print(f" Title : {new_title}")
+ return
+
+ if _is_unknown_action(result):
+ # Plugin not installed — fall back to admin session
+ print("Note: mpm-api-extras plugin not active; using admin session fallback.")
+ admin_update(keyword, new_url, new_keyword, new_title,
+ row_id=None, edit_nonce=None)
+ if args.url: print(f" URL : {new_url}")
+ if args.newkeyword and args.newkeyword != keyword:
+ print(f" Code : {keyword} → {new_keyword}")
+ if args.title is not None: print(f" Title : {new_title}")
+ return
+
+ sys.exit(f"Error: {result.get('message', json.dumps(result))}")
+
+
+def cmd_delete(args):
+ raw = args.keyword.replace(f"{BASE_URL}/", "").strip("/")
+ keyword = normalize_keyword(raw)
+
+ if not args.force:
+ expand = api_call({"action": "expand", "shorturl": keyword})
+ long_url = expand.get("longurl", "(not found)")
+ title = expand.get("title", "")
+ print(f"About to delete:")
+ print(f" Short URL : {BASE_URL}/{keyword}")
+ print(f" Long URL : {long_url}")
+ if title:
+ print(f" Title : {title}")
+ if input("\nAre you sure? [y/N] ").strip().lower() != "y":
+ print("Cancelled.")
+ return
+
+ # Try API (plugin) first
+ result = api_call({"action": "delete", "keyword": keyword})
+
+ if result.get("status") == "success" or result.get("statusCode") == "200":
+ print(f"Deleted: {BASE_URL}/{keyword} (via API)")
+ return
+
+ if _is_unknown_action(result):
+ print("Note: mpm-api-extras plugin not active; using admin session fallback.")
+ admin_delete(keyword)
+ return
+
+ sys.exit(f"Error: {result.get('message', json.dumps(result))}")
+
+
+# ---------------------------------------------------------------------------
+# CLI
+# ---------------------------------------------------------------------------
+
+def main():
+ parser = argparse.ArgumentParser(
+ description="CRUD manager for mpm.to YOURLS short URLs"
+ )
+ sub = parser.add_subparsers(dest="command", required=True)
+
+ sub.add_parser("setup", help="Store credentials in macOS Keychain")
+ sub.add_parser("check", help="Verify credentials and test connection")
+
+ p = sub.add_parser("create", help="Create a new short URL")
+ p.add_argument("--url", required=True)
+ p.add_argument("--keyword", help="Custom short code (optional)")
+ p.add_argument("--title", help="Title (optional)")
+
+ p = sub.add_parser("read", help="Look up a short URL")
+ p.add_argument("--keyword", required=True)
+
+ p = sub.add_parser("list", help="List short URLs")
+ p.add_argument("--limit", type=int, default=50)
+ p.add_argument("--filter", default="top",
+ choices=["top", "bottom", "last", "rand"])
+
+ p = sub.add_parser("update", help="Update a short URL")
+ p.add_argument("--keyword", required=True)
+ p.add_argument("--url", help="New long URL")
+ p.add_argument("--newkeyword", help="New short code")
+ p.add_argument("--title", help="New title")
+
+ p = sub.add_parser("delete", help="Delete a short URL")
+ p.add_argument("--keyword", required=True)
+ p.add_argument("--force", action="store_true", help="Skip confirmation")
+
+ args = parser.parse_args()
+ {
+ "setup": cmd_setup,
+ "check": cmd_check,
+ "create": cmd_create,
+ "read": cmd_read,
+ "list": cmd_list,
+ "update": cmd_update,
+ "delete": cmd_delete,
+ }[args.command](args)
+
+
+if __name__ == "__main__":
+ main()