3 `=\r9@s8dZddlmZmZddlZddlZddlZddlZddlZddl Z yddl m Z ddl m Z Wn,e k rddlmZ ddlm Z YnXy(ddlmZddlmZdd lmZWn8e k rddlmZddlmZdd lmZYnXy ddlZWn e k rddljZYnXd Zd Zejd ejZejd ZdZ ej!dZ"ej#ddkZ$e$rfe%Z&ne'Z&dd6d7Z7Gd8d9d9e8Z9Gd:d;d;e:Z;dS)?z| oauthlib.common ~~~~~~~~~~~~~~ This module provides data structures and utilities common to all implementations of OAuth. )absolute_importunicode_literalsN)randbits) SystemRandom) getrandbits)quote)unquote) urlencodeZ>abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789z_ !"#$%&\'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}z&([^&;]*(?:password|token)[^=]*=)[^&;]+z&%[^0-9A-Fa-f]|%[0-9A-Fa-f][^0-9A-Fa-f]zAABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789_.-Zoauthlib/cCs:t|tr|jdn|}t||}t|tr6|jd}|S)Nzutf-8) isinstance unicode_typeencode_quotebytesdecode)ssaferi/private/var/folders/47/550316q90kl84vt_jn5ctz8chwmm0c/T/pip-install-yoigbb1v/oauthlib/oauthlib/common.pyr>s    rcCs t|}t|tr|jd}|S)Nzutf-8)_unquoter rr)rrrrrHs  rcCs,t|}t|}t|tr|S|jdSdS)Nzutf-8)encode_params_utf8 _urlencoder r r)paramsZ utf8_params urlencodedrrrr Rs  r cCsPg}xF|D]>\}}|jt|tr*|jdn|t|tr@|jdn|fq W|S)ziEnsures that all parameters in a list of 2-element tuples are encoded to bytestrings using UTF-8 zutf-8)appendr r r)rencodedkvrrrr[s  rcCsPg}xF|D]>\}}|jt|tr*|jdn|t|tr@|jdn|fq W|S)zfEnsures that all parameters in a list of 2-element tuples are decoded to unicode using UTF-8. zutf-8)rr rr)rdecodedrrrrrdecode_params_utf8gs  r z=&;:%+~,*@!()/?'$cCst|r.t|tk r.d}t|t|t|ftj|r@tdt rZt|trZ|jdn|}t j |dd}t |S)aDecode a query string in x-www-form-urlencoded format into a sequence of two-element tuples. Unlike urlparse.parse_qsl(..., strict_parsing=True) urldecode will enforce correct formatting of the query string by validation. If validation fails a ValueError will be raised. urllib.parse_qsl will only raise errors if any of name-value pairs omits the equals sign. zError trying to decode a non urlencoded string. Found invalid characters: %s in the string: '%s'. Please ensure the request/response body is x-www-form-urlencoded.z%Invalid hex encoding in query string.zutf-8T)keep_blank_values) setr ValueErrorINVALID_HEX_PATTERNsearchPY3r r rurlparse parse_qslr )queryerrorrrrr urldecodevs  r+c Cst|tst|trsz!generate_token..)rjoinrange)lengthr>r)r>r?rgenerate_tokensrDcCsTddl}tjj}|j|tj|jdd}|j|j|j||d}t |d}|S)Nr)seconds)scopeexpRS256zUTF-8) jwtdatetimeutcnowrF timedeltaZ expires_inupdateclaimsr to_unicode)Z private_pemrequestrInowrNtokenrrrgenerate_signed_tokens   rScCsddl}|j||dgdS)NrrH)Z algorithms)rIr)Z public_pemrRrIrrrverify_signed_tokensrTcCs t||S)zGenerates an OAuth client_id OAuth 2 specify the format of client_id in https://tools.ietf.org/html/rfc6749#appendix-A. )rD)rCr>rrrgenerate_client_idsrUcCs2t|tr|j}tj|dd}|j|t|S)z)Extend a query with a list of two-tuples.T)r!)r r.r1r'r(extendr )r)rZ queryparamsrrradd_params_to_qs s   rWFc CsFtj|\}}}}}}|r&t||}n t||}tj||||||fS)z5Add a list of two-tuples to the uri query components.)r'rW urlunparse) urirfragmentZschnetpathparr)Zfrarrradd_params_to_uris   r^cCsLt|t|krdSd}x*t||D]\}}|t|t|AO}q$W|dkS)a Near-constant time string comparison. Used in order to avoid timing attacks on sensitive information such as secret keys during request verification (`rootLabs`_). .. _`rootLabs`: http://rdist.root.org/2010/01/07/timing-independent-array-comparison/ Fr)lenzipord)abresultr=yrrrsafe_string_equalss rfUTF-8c st|tr|St|tr$t|dSt|dry t|Wn4tk rNYnJtk rnfdd|DSXt|dr|j}tfdd|DS|S)z:Convert a number of different types of objects to unicode.)encodingr,c3s|]}t|VqdS)N)rO)r<i)rhrrr@@szto_unicode..r1c3s&|]\}}t|t|fVqdS)N)rO)r<rr)rhrrr@Es)r r rr-r.r/r#r1)datarhr)rhrrO1s      rOcsbeZdZdZiZddZddZfddZfdd Zdd d Z fd dZ fddZ Z S)CaseInsensitiveDictz3Basic case insensitive dict with strings only keys.cCs2tdd|D|_x|D]}||||<qWdS)Ncss|]}|j|fVqdS)N)lower)r<rrrrr@Qsz/CaseInsensitiveDict.__init__..)r.proxy)selfrjrrrr__init__Ps zCaseInsensitiveDict.__init__cCs|j|jkS)N)rlrm)rnrrrr __contains__Usz CaseInsensitiveDict.__contains__cs.|j|j}tt|j||j|j=dS)N)rmrlsuperrk __delitem__)rnrkey) __class__rrrrXszCaseInsensitiveDict.__delitem__cs|j|j}tt|j|S)N)rmrlrqrk __getitem__)rnrrs)rtrrru]szCaseInsensitiveDict.__getitem__NcCs||kr||S|S)Nr)rnrdefaultrrrgetaszCaseInsensitiveDict.getcs$tt|j||||j|j<dS)N)rqrk __setitem__rmrl)rnrr)rtrrrxdszCaseInsensitiveDict.__setitem__cs8tt|j||x t||D]}||j|j<qWdS)N)rqrkrMr.rmrl)rnargskwargsr)rtrrrMhszCaseInsensitiveDict.update)N) __name__ __module__ __qualname____doc__rmrorprrrurwrxrM __classcell__rr)rtrrkJs    rkc@sNeZdZdZdddZddZd d Zed d Zed dZ eddZ dS)Requesta:A malleable representation of a signable HTTP request. Body argument may contain any data, but parameters will only be decoded if they are one of: * urlencoded query string * dict * list of 2-tuples Anything else will be treated as raw body data to be passed through unmolested. GETNutf-8csfdd}|||_|||_t||p*i|_|||_t|j|_g|_i|_ddddddddddddddddddddddddddddddd|_ |j j t t |j |j j t |jpgdS)Ncsrt|S|S)N)rO)r=)rhrrsz"Request.__init__..)Z access_tokenclientZ client_idZ client_secretcodeZcode_challengeZcode_challenge_methodZ code_verifierZextra_credentialsZ grant_typeZ redirect_uriZ refresh_tokenZ request_tokenZ response_typerFZscopesstaterRuserZtoken_type_hintZ response_modenoncedisplaypromptrNZmax_ageZ ui_localesZ id_token_hintZ login_hintZ acr_values)rY http_methodrkheadersbodyr3 decoded_bodyZ oauth_paramsZ validator_log_paramsrMr.r+ uri_query)rnrYrrrrhrr)rhrro}sP      zRequest.__init__cCs ||jkr|j|St|dS)N)rAttributeError)rnnamerrr __getattr__s  zRequest.__getattr__cCsH|j}|jj}|r$tjdt|}d|kr4d|d<d|j|j||fS)Nz  Authorizationz zF)rrcopySANITIZE_PATTERNsubstrrYr)rnrrrrr__repr__s zRequest.__repr__cCstj|jjS)N)r'rYr))rnrrrrszRequest.uri_querycCs|js gStj|jdddS)NT)r!strict_parsing)rr'r()rnrrruri_query_paramss zRequest.uri_query_paramscCsTtjt}dd|jpg|jD}x|D]}||d7<q*Wdd|jDS)Ncss|]}|dVqdS)rNr)r<prrrr@sz+Request.duplicate_params..cSsg|]\}}|dkr|qS)rr)r<rcrrr sz,Request.duplicate_params..) collections defaultdictr7rrr1)rnZ seen_keysZall_keysrrrrduplicate_paramss   zRequest.duplicate_params)rNNr) r{r|r}r~rorrpropertyrrrrrrrrns  1  r)r )F)rg)sn              1     $