a #/dA@sdZddlZddlZddlZddlmZddlmZm Z m Z m Z m Z ddl mZmZeeZdZdZdZeZd Zd Zd ZeZd ZeeeeeeefZd ZdZdZdZ GdddZ!dS)a oauthlib.oauth1.rfc5849 ~~~~~~~~~~~~~~ This module is an implementation of various logic needed for signing and checking OAuth 1.0 RFC 5849 requests. It supports all three standard signature methods defined in RFC 5849: - HMAC-SHA1 - RSA-SHA1 - PLAINTEXT It also supports signature methods that are not defined in RFC 5849. These are based on the standard ones but replace SHA-1 with the more secure SHA-256: - HMAC-SHA256 - RSA-SHA256 N)Requestgenerate_noncegenerate_timestamp to_unicode urlencode) parameters signaturez HMAC-SHA1z HMAC-SHA256z HMAC-SHA512zRSA-SHA1z RSA-SHA256z RSA-SHA512Z PLAINTEXTZ AUTH_HEADERZQUERYZBODY!application/x-www-form-urlencodedc@seZdZdZeejeeje ej e ej e ejeejeejiZeddZddddeedddddddf ddZdd Zd d Zd d ZdddZdddZdS)Clientz2A client used to sign OAuth 1.0 RFC 5849 requests.cCs||j|<dSN)SIGNATURE_METHODS)clsZ method_nameZmethod_callbackrD/usr/lib/python3.9/site-packages/oauthlib/oauth1/rfc5849/__init__.pyregister_signature_methodYsz Client.register_signature_methodNutf-8csfdd}|||_|||_|||_|||_|||_|||_|||_|||_|| |_|| |_ ||_ || |_ || |_ |||_ dS)aCreate an OAuth 1 client. :param client_key: Client key (consumer key), mandatory. :param resource_owner_key: Resource owner key (oauth token). :param resource_owner_secret: Resource owner secret (oauth token secret). :param callback_uri: Callback used when obtaining request token. :param signature_method: SIGNATURE_HMAC, SIGNATURE_RSA or SIGNATURE_PLAINTEXT. :param signature_type: SIGNATURE_TYPE_AUTH_HEADER (default), SIGNATURE_TYPE_QUERY or SIGNATURE_TYPE_BODY depending on where you want to embed the oauth credentials. :param rsa_key: RSA key used with SIGNATURE_RSA. :param verifier: Verifier used when obtaining an access token. :param realm: Realm (scope) to which access is being requested. :param encoding: If you provide non-unicode input you may use this to have oauthlib automatically convert. :param decoding: If you wish that the returned uri, headers and body from sign be encoded back from unicode, then set decoding to your preferred encoding, i.e. utf-8. :param nonce: Use this nonce instead of generating one. (Mainly for testing) :param timestamp: Use this timestamp instead of using current. (Mainly for testing) csrt|S|Sr )r)xencodingrr~z!Client.__init__..N) client_key client_secretresource_owner_keyresource_owner_secretsignature_methodsignature_type callback_urirsa_keyverifierrealmrdecodingnonce timestamp)selfrrrrrrrrr r!rr"r#r$encoderrr__init__]s!              zClient.__init__cCspt|}|drdnd|d<|dr,dnd|d<|dr@dnd|d<ddd|D}d|jj|S) Nrz****rrz, css|]\}}d||VqdS)z{}={}N)format).0kvrrr rz"Client.__repr__..z<{} {}>)varscopyjoinitemsr( __class____name__)r%attrsZ attribute_strrrr__repr__s zClient.__repr__c Cs|jtkrt|j|jS||\}}}tjt|j ||d}t d |t |}t||dd}t d |t d |t|j||}t d ||j|jvrtd|j|j||} t d | | S) awGet an OAuth signature to be used in signing a request To satisfy `section 3.4.1.2`_ item 2, if the request argument's headers dict attribute contains a Host item, its value will replace any netloc part of the request argument's uri attribute value. .. _`section 3.4.1.2`: https://tools.ietf.org/html/rfc5849#section-3.4.1.2 )Z uri_querybodyheaderszCollected params: {}ZHostNzNormalized params: {}zNormalized URI: {}z"Signing: signature base string: {}zInvalid signature method.z Signature: {})rSIGNATURE_PLAINTEXTr Zsign_plaintextrr_renderZcollect_parametersurlparsequerylogdebugr(Znormalize_parametersZbase_string_urigetZsignature_base_string http_methodr ValueError) r%requesturir6r5Zcollected_paramsZnormalized_paramsZnormalized_uriZ base_stringZsigrrrget_oauth_signatures0    zClient.get_oauth_signaturec Cs|jdurtn|j}|jdur&tn|j}d|fd|fdd|jfd|jfg}|jrd|d|jf|jrz|d|jf|j r|d |j f|j d d}|o| d d k}|j dur|r|d tt|j ddf|S)zMGet the basic OAuth parameters to be used in generating a signature. NZ oauth_nonceZoauth_timestamp)Z oauth_versionz1.0Zoauth_signature_methodZoauth_consumer_keyZ oauth_tokenZoauth_callbackZoauth_verifier Content-Typer rZoauth_body_hashr)r#rr$rrrrappendrr r6r=findr5base64Z b64encodehashlibZsha1r&digestdecode)r%r@r#r$params content_typeZcontent_type_eligiblerrrget_oauth_paramss2 ,zClient.get_oauth_paramsFcCs|j|j|j}}}|jtkr6tj|j|j|d}n^|jtkrp|j durpt |j|j }|rft |}d|d<n$|jt krt |j|j}ntd|||fS)aRender a signed request according to signature type Returns a 3-tuple containing the request URI, headers, and body. If the formencode argument is True and the body contains parameters, it is escaped and returned as a valid formencoded string. )r!Nr rCz!Unknown signature type specified.)rAr6r5rSIGNATURE_TYPE_AUTH_HEADERrZprepare_headers oauth_paramsSIGNATURE_TYPE_BODY decoded_bodyZprepare_form_encoded_bodyrSIGNATURE_TYPE_QUERYZprepare_request_uri_queryr?)r%r@ formencoder!rAr6r5rrrr8s$     zClient._renderGETcCspt|||||jd}|jdd}|o.|d}|tk} |jdu} |rT| rTtdnh| rf| sftdnV| s| rtd|pzdtn8|j t kr| r| r|rtd n| d vr| rtd | ||_ |j d ||f|j|d |p|jd\}}}|jrftd|j||j}|r.||jn|}i} |D]"\} } | |j| | |j<q>| }|||fS)aFSign a request Signs an HTTP request with the specified parts. Returns a 3-tuple of the signed request's URI, headers, and body. Note that http_method is not returned as it is unaffected by the OAuth signing process. Also worth noting is that duplicate parameters will be included in the signature, regardless of where they are specified (query, body). The body argument may be a dict, a list of 2-tuples, or a formencoded string. The Content-Type header must be 'application/x-www-form-urlencoded' if it is present. If the body argument is not one of the above, it will be returned verbatim as it is unaffected by the OAuth signing process. Attempting to sign a request with non-formencoded data using the OAuth body signature type is invalid and will raise an exception. If the body does contain parameters, it will be returned as a properly- formatted formencoded string. Body may not be included if the http_method is either GET or HEAD as this changes the semantic meaning of the request. All string data MUST be unicode or be encoded with the same encoding scheme supplied to the Client constructor, default utf-8. This includes strings inside body dicts, for example. rrCNz multipart/z?Headers indicate a multipart body but body contains parameters.z?Headers indicate a formencoded body but body was not decodable.zEBody contains parameters but Content-Type header was {} instead of {}znot setz=Body signatures may only be used with form-urlencoded content)rSZHEADz*GET/HEAD requests should not include body.Zoauth_signatureT)rRr!z%Encoding URI, headers and body to %s.)rrr6r= startswithCONTENT_TYPE_FORM_URLENCODEDrPr?r(rrOupperrLrNrDrBr8r!r"r;r<r&r0)r%rAr>r5r6r!r@rKZ multipartZshould_have_paramsZ has_paramsZ new_headersr*r+rrrsign sd        z Client.sign)FN)rSNNN)r2 __module__ __qualname____doc__SIGNATURE_HMAC_SHA1r Zsign_hmac_sha1_with_clientSIGNATURE_HMAC_SHA256Zsign_hmac_sha256_with_clientSIGNATURE_HMAC_SHA512Zsign_hmac_sha512_with_clientSIGNATURE_RSA_SHA1Zsign_rsa_sha1_with_clientSIGNATURE_RSA_SHA256Zsign_rsa_sha256_with_clientSIGNATURE_RSA_SHA512Zsign_rsa_sha512_with_clientr7Zsign_plaintext_with_clientr classmethodrrMr'r4rBrLr8rWrrrrr Js4   2 )# %r )"rZrFrGZlogging urllib.parseparser9Zoauthlib.commonrrrrrrr Z getLoggerr2r;r[r\r]ZSIGNATURE_HMACr^r_r`Z SIGNATURE_RSAr7r rMrQrOrUr rrrrs: