a #/d*@srdZddlZddlmZmZmZddlmZmZm Z m Z m Z m Z m Z mZmZmZmZmZmZmZGdddZdS)z oauthlib.oauth1.rfc5849.endpoints.base ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ This module is an implementation of various logic needed for signing and checking OAuth 1.0 RFC 5849 requests. N)CaseInsensitiveDictRequestgenerate_token)CONTENT_TYPE_FORM_URLENCODEDSIGNATURE_HMAC_SHA1SIGNATURE_HMAC_SHA256SIGNATURE_HMAC_SHA512SIGNATURE_RSA_SHA1SIGNATURE_RSA_SHA256SIGNATURE_RSA_SHA512SIGNATURE_PLAINTEXTSIGNATURE_TYPE_AUTH_HEADERSIGNATURE_TYPE_BODYSIGNATURE_TYPE_QUERYerrors signatureutilsc@s@eZdZdddZddZddZdd Zd d Zdd dZdS) BaseEndpointNcCs||_|p t|_dS)N)request_validatorrtoken_generator)selfrrrJ/usr/lib/python3.9/site-packages/oauthlib/oauth1/rfc5849/endpoints/base.py__init__szBaseEndpoint.__init__c Cstj|jddd}tj|jdd}tj|jdd}g}||||||ttddt|t |ft |t |ft |t |ff}t |dkrd d |D}tjd d |fd z|d\}}} Wntytjdd Yn0||| fS)zExtracts parameters from query, headers and body. Signature type is set to the source in which parameters were found. FT)headersexclude_oauth_signatureZ with_realm)bodyr) uri_queryrcSs|dS)Nrr)srrr-z=BaseEndpoint._get_signature_type_and_params..cSsg|] }|dqS)rr).0rrrr 7r!z?BaseEndpoint._get_signature_type_and_params..zFoauth_ params must come from only 1 signaturetype but were found in %sz,  descriptionr#Missing mandatory OAuth parameters.)rZcollect_parametersrrrextendlistfilterrrZfilter_oauth_paramsrrlenrInvalidRequestErrorjoin IndexError) rrequestZ header_paramsZ body_paramsZ query_paramsparamsZ!signature_types_with_oauth_paramsZ found_typessignature_type oauth_paramsrrr_get_signature_type_and_paramssP       z+BaseEndpoint._get_signature_type_and_paramsc Cs&t|pi}d|vr0t|dvr0t||||}nt||d|}||\}}}tt|t|krntjddt|}|d|_ |d|_ |d|_ |d|_ |d |_ |d |_|d |_|d |_t|d |_||_dd|D|_d |jddvr"dd|jD|_|S)Nz Content-TypezDuplicate OAuth1 entries.r%oauth_signatureZoauth_consumer_keyZ oauth_tokenZ oauth_nonceZoauth_timestampZoauth_callbackZoauth_verifierZoauth_signature_methodrealmcSs g|]\}}|dkr||fqS)r5rr#kvrrrr$fr!z0BaseEndpoint._create_request..Z AuthorizationcSs g|]\}}|dkr||fqS)r6rr7rrrr$is)rrrr3r+dictrr,getr client_keyresource_owner_keynonce timestampZ redirect_uriZverifiersignature_methodr6r2r0r) ruriZ http_methodrrr/r1r0r2rrr_create_requestFs:          zBaseEndpoint._create_requestcCs$|jjr |jds tdS)Nzhttps://)rZ enforce_sslrAlower startswithrZInsecureTransportError)rr/rrr_check_transport_securitynsz&BaseEndpoint._check_transport_securitycCs$t|j|j|j|j|jfs(tjdd|j|jj vrPtj d |j|jj dd|j vrt|j ddkrttjddt |jdkrtjddzt|j}Wntytjd dYn.0tt||jjkrtjd |jjd|j|jstjd d|j|js tjd ddS) Nr'r%z"Invalid signature, {} not in {!r}.Z oauth_versionz1.0zInvalid OAuth version. zInvalid timestamp sizezTimestamp must be an integer.zCTimestamp given is invalid, differ from allowed by over %s seconds.zInvalid client key format.zInvalid nonce format.)allrr<r>r?r@rr,rZallowed_signature_methodsZInvalidSignatureMethodErrorformatr2r+int ValueErrorabstimeZtimestamp_lifetimeZcheck_client_keyZ check_nonce)rr/tsrrr_check_mandatory_parametersts\      z(BaseEndpoint._check_mandatory_parametersFcCs|jtttfvrtdn|j|j|}d}|jrb|rN|j |j|j|}n|j |j|j|}|jt kr|t |||}nR|jtkrt |||}n8|jtkrt |||}n|jtkrt |||}nd}|S)Nz)Using RSA-SHA is deprecated, use HMAC-SHAF)r@r r r rJrZget_client_secretr<r=Zget_request_token_secretZget_access_token_secretrrZverify_hmac_sha1rZverify_hmac_sha256r Zverify_hmac_sha512r Zverify_plaintext)rr/Zis_token_requestZ client_secretZresource_owner_secretZvalid_signaturerrr_check_signaturesN     zBaseEndpoint._check_signature)N)F) __name__ __module__ __qualname__rr3rBrErNrOrrrrrs  *(Br)__doc__rLZoauthlib.commonrrrr4rrrr r r r r rrrrrrrrrrrs@