cobalt/src/core/api.js

import cors from "cors";
import rateLimit from "express-rate-limit";

import { env, version } from "../modules/config.js";

import { generateHmac, generateSalt } from "../modules/sub/crypto.js";
import { Bright, Cyan } from "../modules/sub/consoleText.js";
import { languageCode } from "../modules/sub/utils.js";
import loc from "../localization/manager.js";

import { createResponse, normalizeRequest, getIP } from "../modules/processing/request.js";
import { verifyStream, getInternalStream } from "../modules/stream/manage.js";
import { extract } from "../modules/processing/url.js";
import match from "../modules/processing/match.js";
import stream from "../modules/stream/stream.js";

const acceptRegex = /^application\/json(; charset=utf-8)?$/;

const ipSalt = generateSalt();
const corsConfig = env.corsWildcard ? {} : {
    origin: env.corsURL,
    optionsSuccessStatus: 200
}

export function runAPI(express, app, gitCommit, gitBranch, __dirname) {
    const startTime = new Date();
    const startTimestamp = startTime.getTime();
    
    const serverInfo = {
        version: version,
        commit: gitCommit,
        branch: gitBranch,
        name: env.apiName,
        url: env.apiURL,
        cors: Number(env.corsWildcard),
        startTime: `${startTimestamp}`
    }

    const apiLimiter = rateLimit({
        windowMs: env.rateLimitWindow * 1000,
        max: env.rateLimitMax,
        standardHeaders: true,
        legacyHeaders: false,
        keyGenerator: req => generateHmac(getIP(req), ipSalt),
        handler: (req, res) => {
            return res.status(429).json({
                "status": "rate-limit",
                "text": loc(languageCode(req), 'ErrorRateLimit', env.rateLimitWindow)
            });
        }
    })

    const apiLimiterStream = rateLimit({
        windowMs: env.rateLimitWindow * 1000,
        max: env.rateLimitMax,
        standardHeaders: true,
        legacyHeaders: false,
        keyGenerator: req => generateHmac(getIP(req), ipSalt),
        handler: (req, res) => {
            return res.sendStatus(429)
        }
    })

    app.set('trust proxy', ['loopback', 'uniquelocal']);

    app.use('/api', cors({
        methods: ['GET', 'POST'],
        exposedHeaders: [
            'Ratelimit-Limit',
            'Ratelimit-Policy',
            'Ratelimit-Remaining',
            'Ratelimit-Reset'
        ],
        ...corsConfig,
    }))

    app.use('/api/json', apiLimiter);
    app.use('/api/stream', apiLimiterStream);

    app.use((req, res, next) => {
        try {
            decodeURIComponent(req.path)
        } catch { 
            return res.redirect('/')
        }
        next();
    })

    app.use('/api/json', express.json({
        verify: (req, res, buf) => {
            if (String(req.header('Accept')) === "application/json") {
                if (buf.length > 720) throw new Error();
                JSON.parse(buf);
            } else {
                throw new Error();
            }
        }
    }))

    // handle express.json errors properly (https://github.com/expressjs/express/issues/4065)
    app.use('/api/json', (err, req, res, next) => {
        let errorText = "invalid json body";
        const acceptHeader = String(req.header('Accept')) !== "application/json";

        if (err || acceptHeader) {
            if (acceptHeader) errorText = "invalid accept header";
            return res.status(400).json({
                status: "error",
                text: errorText
            });
        } else {
            next();
        }
    })

    app.post('/api/json', async (req, res) => {
        const request = req.body;
        const lang = languageCode(req);

        const fail = (t) => {
            const { status, body } = createResponse("error", { t: loc(lang, t) });
            res.status(status).json(body);
        }

        if (!acceptRegex.test(req.header('Content-Type'))) {
            return fail('ErrorInvalidContentType');
        }

        if (!request.url) {
            return fail('ErrorNoLink');
        }

        request.dubLang = request.dubLang ? lang : false;
        const normalizedRequest = normalizeRequest(request);
        if (!normalizedRequest) {
            return fail('ErrorCantProcess');
        }

        const parsed = extract(normalizedRequest.url);
        if (parsed === null) {
            return fail('ErrorUnsupported');
        }

        try {
            const result = await match(
                parsed.host, parsed.patternMatch, lang, normalizedRequest
            );

            res.status(result.status).json(result.body);
        } catch {
            fail('ErrorSomethingWentWrong');
        }
    })

    app.get('/api/stream', (req, res) => {
        const id = String(req.query.id);
        const exp = String(req.query.exp);
        const sig = String(req.query.sig);
        const sec = String(req.query.sec);
        const iv = String(req.query.iv);

        const checkQueries = id && exp && sig && sec && iv;
        const checkBaseLength = id.length === 21 && exp.length === 13;
        const checkSafeLength = sig.length === 43 && sec.length === 43 && iv.length === 22;

        if (checkQueries && checkBaseLength && checkSafeLength) {
            // rate limit probe, will not return json after 8.0
            if (req.query.p) {
                return res.status(200).json({
                    status: "continue"
                })
            }
            try {
                const streamInfo = verifyStream(id, sig, exp, sec, iv);
                if (!streamInfo?.service) {
                    return res.sendStatus(streamInfo.status);
                }
                return stream(res, streamInfo);
            } catch {
                return res.destroy();
            }
        }
        return res.sendStatus(400);
    })

    app.get('/api/istream', (req, res) => {
        try {
            if (!req.ip.endsWith('127.0.0.1'))
                return res.sendStatus(403);
            if (String(req.query.id).length !== 21)
                return res.sendStatus(400);

            const streamInfo = getInternalStream(req.query.id);
            if (!streamInfo) return res.sendStatus(404);
            streamInfo.headers = {
                ...req.headers,
                ...streamInfo.headers
            };
    
            return stream(res, { type: 'internal', ...streamInfo });
        } catch {
            return res.destroy();
        }
    })

    app.get('/api/serverInfo', (req, res) => {
        try {
            return res.status(200).json(serverInfo);
        } catch {
            return res.destroy();
        }
    })

    app.get('/favicon.ico', (req, res) => {
        res.sendFile(`${__dirname}/src/front/icons/favicon.ico`)
    })

    app.get('/*', (req, res) => {
        res.redirect('/api/serverInfo')
    })

    app.listen(env.apiPort, env.listenAddress, () => {
        console.log(`\n` +
            `${Cyan("cobalt")} API ${Bright(`v.${version}-${gitCommit} (${gitBranch})`)}\n` +
            `Start time: ${Bright(`${startTime.toUTCString()} (${startTimestamp})`)}\n\n` +
            `URL: ${Cyan(`${env.apiURL}`)}\n` +
            `Port: ${env.apiPort}\n`
        )
    })
}
separated web and api, build improvements wip: - separate web and api servers. - script for building static pages. - building improvements. - async localisation preloading. 2023-05-19 12:13:38 +02:00			`import cors from "cors";`
			`import rateLimit from "express-rate-limit";`

refactor: centralize envs and their defaults in `modules/config` (#464) * feat(config): centralized env variables and their default values * fix: fip `corsWildcard` variable check in `corsConfig` * fix(config): use already declared variables and default some strings to undefined * fix: check processingPriority against NaN 2024-04-29 13:56:05 +02:00			`import { env, version } from "../modules/config.js";`
api: clean up imports & consts 2024-05-16 10:20:40 +02:00
			`import { generateHmac, generateSalt } from "../modules/sub/crypto.js";`
new inner layout - one main controlling script (cobalt.js). - added api server name to serverInfo endpoint. - one dockerfile. - less mess. 2023-05-21 21:13:05 +02:00			`import { Bright, Cyan } from "../modules/sub/consoleText.js";`
api: clean up imports & consts 2024-05-16 10:20:40 +02:00			`import { languageCode } from "../modules/sub/utils.js";`
new inner layout - one main controlling script (cobalt.js). - added api server name to serverInfo endpoint. - one dockerfile. - less mess. 2023-05-21 21:13:05 +02:00			`import loc from "../localization/manager.js";`
api: clean up imports & consts 2024-05-16 10:20:40 +02:00
			`import { createResponse, normalizeRequest, getIP } from "../modules/processing/request.js";`
feat: internal streams 2024-04-26 13:53:50 +02:00			`import { verifyStream, getInternalStream } from "../modules/stream/manage.js";`
api: get rid of getJSON let's just call `match` directly 2024-05-15 14:45:23 +02:00			`import { extract } from "../modules/processing/url.js";`
api: clean up imports & consts 2024-05-16 10:20:40 +02:00			`import match from "../modules/processing/match.js";`
			`import stream from "../modules/stream/stream.js";`

			`const acceptRegex = /^application\/json(; charset=utf-8)?$/;`

			`const ipSalt = generateSalt();`
			`const corsConfig = env.corsWildcard ? {} : {`
			`origin: env.corsURL,`
			`optionsSuccessStatus: 200`
			`}`
separated web and api, build improvements wip: - separate web and api servers. - script for building static pages. - building improvements. - async localisation preloading. 2023-05-19 12:13:38 +02:00
oops 2023-06-05 08:47:03 +02:00			`export function runAPI(express, app, gitCommit, gitBranch, __dirname) {`
api: clean up imports & consts 2024-05-16 10:20:40 +02:00			`const startTime = new Date();`
			`const startTimestamp = startTime.getTime();`

			`const serverInfo = {`
			`version: version,`
			`commit: gitCommit,`
			`branch: gitBranch,`
			`name: env.apiName,`
			`url: env.apiURL,`
			`cors: Number(env.corsWildcard),`
			startTime: `${startTimestamp}`
			`}`
separated web and api, build improvements wip: - separate web and api servers. - script for building static pages. - building improvements. - async localisation preloading. 2023-05-19 12:13:38 +02:00
			`const apiLimiter = rateLimit({`
api: configurable rate limit through env 2024-05-16 09:54:11 +02:00			`windowMs: env.rateLimitWindow * 1000,`
api: remove duplicate defaults 2024-05-16 09:58:28 +02:00			`max: env.rateLimitMax,`
7.0: ui refresh and more 2023-08-04 20:43:12 +02:00			`standardHeaders: true,`
separated web and api, build improvements wip: - separate web and api servers. - script for building static pages. - building improvements. - async localisation preloading. 2023-05-19 12:13:38 +02:00			`legacyHeaders: false,`
crypto: rename sha256 func to generateHmac it has always been actually hmac 2024-03-05 15:55:17 +01:00			`keyGenerator: req => generateHmac(getIP(req), ipSalt),`
chore: remove unused imports/variables 2024-05-14 09:08:36 +02:00			`handler: (req, res) => {`
7.0: ui refresh and more 2023-08-04 20:43:12 +02:00			`return res.status(429).json({`
actually use rate-limit status 2023-08-13 21:51:55 +02:00			`"status": "rate-limit",`
localization: display actual rate limit window 2024-05-16 17:39:01 +02:00			`"text": loc(languageCode(req), 'ErrorRateLimit', env.rateLimitWindow)`
7.0: ui refresh and more 2023-08-04 20:43:12 +02:00			`});`
separated web and api, build improvements wip: - separate web and api servers. - script for building static pages. - building improvements. - async localisation preloading. 2023-05-19 12:13:38 +02:00			`}`
api: raw stream status responses, clean up core 2024-05-15 18:28:09 +02:00			`})`

separated web and api, build improvements wip: - separate web and api servers. - script for building static pages. - building improvements. - async localisation preloading. 2023-05-19 12:13:38 +02:00			`const apiLimiterStream = rateLimit({`
api: configurable rate limit through env 2024-05-16 09:54:11 +02:00			`windowMs: env.rateLimitWindow * 1000,`
api: remove duplicate defaults 2024-05-16 09:58:28 +02:00			`max: env.rateLimitMax,`
7.0: ui refresh and more 2023-08-04 20:43:12 +02:00			`standardHeaders: true,`
separated web and api, build improvements wip: - separate web and api servers. - script for building static pages. - building improvements. - async localisation preloading. 2023-05-19 12:13:38 +02:00			`legacyHeaders: false,`
crypto: rename sha256 func to generateHmac it has always been actually hmac 2024-03-05 15:55:17 +01:00			`keyGenerator: req => generateHmac(getIP(req), ipSalt),`
chore: remove unused imports/variables 2024-05-14 09:08:36 +02:00			`handler: (req, res) => {`
api: raw stream status responses, clean up core 2024-05-15 18:28:09 +02:00			`return res.sendStatus(429)`
separated web and api, build improvements wip: - separate web and api servers. - script for building static pages. - building improvements. - async localisation preloading. 2023-05-19 12:13:38 +02:00			`}`
api: raw stream status responses, clean up core 2024-05-15 18:28:09 +02:00			`})`
separated web and api, build improvements wip: - separate web and api servers. - script for building static pages. - building improvements. - async localisation preloading. 2023-05-19 12:13:38 +02:00
api: use req.ip instead of cloudflare headers, ratelimit ipv6 by prefix allows for more versatile configurations that do not necessarily have to use cloudflare also ratelimits IPv6 addresses by prefix instead of individual addresses currently set at /56, which should not be too strict (yet allows a /48 holder to make 256 as many requests instead of 2^80 as many requests), change if needed 2023-07-25 21:46:25 +02:00			`app.set('trust proxy', ['loopback', 'uniquelocal']);`

api: configurable rate limit through env 2024-05-16 09:54:11 +02:00			`app.use('/api', cors({`
stream: encrypt cached stream data & clean up related modules also limited CORS methods to GET and POST 2024-03-05 13:14:26 +01:00			`methods: ['GET', 'POST'],`
api: expose rate limit headers 2024-05-16 09:59:53 +02:00			`exposedHeaders: [`
			`'Ratelimit-Limit',`
			`'Ratelimit-Policy',`
			`'Ratelimit-Remaining',`
			`'Ratelimit-Reset'`
			`],`
			`...corsConfig,`
api: raw stream status responses, clean up core 2024-05-15 18:28:09 +02:00			`}))`
stream: encrypt cached stream data & clean up related modules also limited CORS methods to GET and POST 2024-03-05 13:14:26 +01:00
separated web and api, build improvements wip: - separate web and api servers. - script for building static pages. - building improvements. - async localisation preloading. 2023-05-19 12:13:38 +02:00			`app.use('/api/json', apiLimiter);`
			`app.use('/api/stream', apiLimiterStream);`

			`app.use((req, res, next) => {`
api: remove onDemand mention and slight clean up 2024-05-16 06:19:07 +02:00			`try {`
			`decodeURIComponent(req.path)`
			`} catch {`
			`return res.redirect('/')`
			`}`
separated web and api, build improvements wip: - separate web and api servers. - script for building static pages. - building improvements. - async localisation preloading. 2023-05-19 12:13:38 +02:00			`next();`
api: raw stream status responses, clean up core 2024-05-15 18:28:09 +02:00			`})`
stream: encrypt cached stream data & clean up related modules also limited CORS methods to GET and POST 2024-03-05 13:14:26 +01:00
separated web and api, build improvements wip: - separate web and api servers. - script for building static pages. - building improvements. - async localisation preloading. 2023-05-19 12:13:38 +02:00			`app.use('/api/json', express.json({`
			`verify: (req, res, buf) => {`
api: remove onDemand mention and slight clean up 2024-05-16 06:19:07 +02:00			`if (String(req.header('Accept')) === "application/json") {`
separated web and api, build improvements wip: - separate web and api servers. - script for building static pages. - building improvements. - async localisation preloading. 2023-05-19 12:13:38 +02:00			`if (buf.length > 720) throw new Error();`
7.0: ui refresh and more 2023-08-04 20:43:12 +02:00			`JSON.parse(buf);`
			`} else {`
			`throw new Error();`
separated web and api, build improvements wip: - separate web and api servers. - script for building static pages. - building improvements. - async localisation preloading. 2023-05-19 12:13:38 +02:00			`}`
			`}`
api: raw stream status responses, clean up core 2024-05-15 18:28:09 +02:00			`}))`
stream: encrypt cached stream data & clean up related modules also limited CORS methods to GET and POST 2024-03-05 13:14:26 +01:00
7.0: ui refresh and more 2023-08-04 20:43:12 +02:00			`// handle express.json errors properly (https://github.com/expressjs/express/issues/4065)`
			`app.use('/api/json', (err, req, res, next) => {`
core/api: no longer reassign to const 2024-05-15 18:51:26 +02:00			`let errorText = "invalid json body";`
api: raw stream status responses, clean up core 2024-05-15 18:28:09 +02:00			`const acceptHeader = String(req.header('Accept')) !== "application/json";`
separated web and api, build improvements wip: - separate web and api servers. - script for building static pages. - building improvements. - async localisation preloading. 2023-05-19 12:13:38 +02:00
api: raw stream status responses, clean up core 2024-05-15 18:28:09 +02:00			`if (err \|\| acceptHeader) {`
			`if (acceptHeader) errorText = "invalid accept header";`
7.0: ui refresh and more 2023-08-04 20:43:12 +02:00			`return res.status(400).json({`
			`status: "error",`
			`text: errorText`
			`});`
			`} else {`
			`next();`
			`}`
api: raw stream status responses, clean up core 2024-05-15 18:28:09 +02:00			`})`
stream: encrypt cached stream data & clean up related modules also limited CORS methods to GET and POST 2024-03-05 13:14:26 +01:00
separated web and api, build improvements wip: - separate web and api servers. - script for building static pages. - building improvements. - async localisation preloading. 2023-05-19 12:13:38 +02:00			`app.post('/api/json', async (req, res) => {`
api: refactor /api/json POST handler 2024-05-15 15:29:18 +02:00			`const request = req.body;`
			`const lang = languageCode(req);`
api: raw stream status responses, clean up core 2024-05-15 18:28:09 +02:00
api: refactor /api/json POST handler 2024-05-15 15:29:18 +02:00			`const fail = (t) => {`
api: move request functions to separate file - request status id is no longer a cryptic number - descriptive function names 2024-05-15 17:39:44 +02:00			`const { status, body } = createResponse("error", { t: loc(lang, t) });`
api: refactor /api/json POST handler 2024-05-15 15:29:18 +02:00			`res.status(status).json(body);`
			`}`

			`if (!acceptRegex.test(req.header('Content-Type'))) {`
			`return fail('ErrorInvalidContentType');`
			`}`

			`if (!request.url) {`
			`return fail('ErrorNoLink');`
			`}`

			`request.dubLang = request.dubLang ? lang : false;`
request: rename verifyRequest to normalizeRequest 2024-05-15 19:03:33 +02:00			`const normalizedRequest = normalizeRequest(request);`
api: refactor /api/json POST handler 2024-05-15 15:29:18 +02:00			`if (!normalizedRequest) {`
			`return fail('ErrorCantProcess');`
			`}`

			`const parsed = extract(normalizedRequest.url);`
			`if (parsed === null) {`
			`return fail('ErrorUnsupported');`
			`}`

separated web and api, build improvements wip: - separate web and api servers. - script for building static pages. - building improvements. - async localisation preloading. 2023-05-19 12:13:38 +02:00			`try {`
api: refactor /api/json POST handler 2024-05-15 15:29:18 +02:00			`const result = await match(`
			`parsed.host, parsed.patternMatch, lang, normalizedRequest`
			`);`
api: get rid of getJSON let's just call `match` directly 2024-05-15 14:45:23 +02:00
api: refactor /api/json POST handler 2024-05-15 15:29:18 +02:00			`res.status(result.status).json(result.body);`
			`} catch {`
			`fail('ErrorSomethingWentWrong');`
separated web and api, build improvements wip: - separate web and api servers. - script for building static pages. - building improvements. - async localisation preloading. 2023-05-19 12:13:38 +02:00			`}`
api: raw stream status responses, clean up core 2024-05-15 18:28:09 +02:00			`})`

			`app.get('/api/stream', (req, res) => {`
			`const id = String(req.query.id);`
			`const exp = String(req.query.exp);`
			`const sig = String(req.query.sig);`
			`const sec = String(req.query.sec);`
			`const iv = String(req.query.iv);`

			`const checkQueries = id && exp && sig && sec && iv;`
			`const checkBaseLength = id.length === 21 && exp.length === 13;`
			`const checkSafeLength = sig.length === 43 && sec.length === 43 && iv.length === 22;`

			`if (checkQueries && checkBaseLength && checkSafeLength) {`
			`// rate limit probe, will not return json after 8.0`
			`if (req.query.p) {`
			`return res.status(200).json({`
			`status: "continue"`
			`})`
			`}`
			`try {`
			`const streamInfo = verifyStream(id, sig, exp, sec, iv);`
			`if (!streamInfo?.service) {`
			`return res.sendStatus(streamInfo.status);`
			`}`
			`return stream(res, streamInfo);`
			`} catch {`
			`return res.destroy();`
			`}`
			`}`
			`return res.sendStatus(400);`
			`})`
separated web and api, build improvements wip: - separate web and api servers. - script for building static pages. - building improvements. - async localisation preloading. 2023-05-19 12:13:38 +02:00
api: raw stream status responses, clean up core 2024-05-15 18:28:09 +02:00			`app.get('/api/istream', (req, res) => {`
separated web and api, build improvements wip: - separate web and api servers. - script for building static pages. - building improvements. - async localisation preloading. 2023-05-19 12:13:38 +02:00			`try {`
api: raw stream status responses, clean up core 2024-05-15 18:28:09 +02:00			`if (!req.ip.endsWith('127.0.0.1'))`
			`return res.sendStatus(403);`
			`if (String(req.query.id).length !== 21)`
			`return res.sendStatus(400);`

			`const streamInfo = getInternalStream(req.query.id);`
			`if (!streamInfo) return res.sendStatus(404);`
tiktok: use new cookie for each request (#514) * api: allow passing headers from service handler * tiktok: use new cookie for each request 2024-05-23 18:29:39 +02:00			`streamInfo.headers = {`
			`...req.headers,`
			`...streamInfo.headers`
			`};`

api: raw stream status responses, clean up core 2024-05-15 18:28:09 +02:00			`return stream(res, { type: 'internal', ...streamInfo });`
			`} catch {`
			`return res.destroy();`
			`}`
			`})`

			`app.get('/api/serverInfo', (req, res) => {`
			`try {`
api: clean up imports & consts 2024-05-16 10:20:40 +02:00			`return res.status(200).json(serverInfo);`
api: raw stream status responses, clean up core 2024-05-15 18:28:09 +02:00			`} catch {`
			`return res.destroy();`
separated web and api, build improvements wip: - separate web and api servers. - script for building static pages. - building improvements. - async localisation preloading. 2023-05-19 12:13:38 +02:00			`}`
api: raw stream status responses, clean up core 2024-05-15 18:28:09 +02:00			`})`
stream: encrypt cached stream data & clean up related modules also limited CORS methods to GET and POST 2024-03-05 13:14:26 +01:00
new inner layout - one main controlling script (cobalt.js). - added api server name to serverInfo endpoint. - one dockerfile. - less mess. 2023-05-21 21:13:05 +02:00			`app.get('/favicon.ico', (req, res) => {`
			res.sendFile(`${__dirname}/src/front/icons/favicon.ico`)
api: raw stream status responses, clean up core 2024-05-15 18:28:09 +02:00			`})`
stream: encrypt cached stream data & clean up related modules also limited CORS methods to GET and POST 2024-03-05 13:14:26 +01:00
new inner layout - one main controlling script (cobalt.js). - added api server name to serverInfo endpoint. - one dockerfile. - less mess. 2023-05-21 21:13:05 +02:00			`app.get('/*', (req, res) => {`
api: raw stream status responses, clean up core 2024-05-15 18:28:09 +02:00			`res.redirect('/api/serverInfo')`
			`})`
separated web and api, build improvements wip: - separate web and api servers. - script for building static pages. - building improvements. - async localisation preloading. 2023-05-19 12:13:38 +02:00
api: add API_LISTEN_ADDRESS env for specifying bind address 2024-05-13 20:20:10 +02:00			`app.listen(env.apiPort, env.listenAddress, () => {`
7.0: ui refresh and more 2023-08-04 20:43:12 +02:00			console.log(`\n` +
			`${Cyan("cobalt")} API ${Bright(`v.${version}-${gitCommit} (${gitBranch})`)}\n` +
			`Start time: ${Bright(`${startTime.toUTCString()} (${startTimestamp})`)}\n\n` +
refactor: centralize envs and their defaults in `modules/config` (#464) * feat(config): centralized env variables and their default values * fix: fip `corsWildcard` variable check in `corsConfig` * fix(config): use already declared variables and default some strings to undefined * fix: check processingPriority against NaN 2024-04-29 13:56:05 +02:00			`URL: ${Cyan(`${env.apiURL}`)}\n` +
			`Port: ${env.apiPort}\n`
7.0: ui refresh and more 2023-08-04 20:43:12 +02:00			`)`
api: raw stream status responses, clean up core 2024-05-15 18:28:09 +02:00			`})`
separated web and api, build improvements wip: - separate web and api servers. - script for building static pages. - building improvements. - async localisation preloading. 2023-05-19 12:13:38 +02:00			`}`