HEX

File: //usr/local/CyberCP/lib64/python3.10/site-packages/jwt/__pycache__/api_jws.cpython-310.pyc
o

�h�-�@s�ddlmZddlZddlZddlZddlmZddlmZm	Z	ddl
mZmZm
Z
mZddlmZddlmZmZmZmZdd	lmZmZdd
lmZerVddl
mZmZGdd
�d
�Ze�ZejZejZej Z ej!Z!ej"Z"ej#Z#ej$Z$dS)�)�annotationsN)�Sequence)�
TYPE_CHECKING�Any�)�	Algorithm�get_default_algorithms�
has_crypto�requires_cryptography)�PyJWK)�DecodeError�InvalidAlgorithmError�InvalidSignatureError�InvalidTokenError)�base64url_decode�base64url_encode)�RemovedInPyjwt3Warning)�AllowedPrivateKeys�AllowedPublicKeysc@s�eZdZdZ		dGdHd	d
�ZedIdd
��ZdJdd�ZdKdd�ZdLdd�Z	dMdd�Z
					dNdOd*d+�Z	,			dPdQd3d4�Z	,			dPdRd6d7�Z
dSd8d9�ZdTd;d<�Z	,	dUdVd@dA�ZdWdBdC�ZdXdEdF�ZdS)Y�PyJWS�JWTN�
algorithms�Sequence[str] | None�options�dict[str, Any] | None�return�NonecCslt�|_|durt|�nt|j�|_t|j���D]}||jvr$|j|=q|dur+i}i|���|�|_dS)N)r�_algorithms�set�_valid_algs�list�keys�_get_default_optionsr)�selfrr�key�r%�>/usr/local/CyberCP/lib/python3.10/site-packages/jwt/api_jws.py�__init__ s�
�zPyJWS.__init__�dict[str, bool]cCsddiS)N�verify_signatureTr%r%r%r%r&r"3szPyJWS._get_default_options�alg_id�str�alg_objrcCs>||jvr	td��t|t�std��||j|<|j�|�dS)zW
        Registers a new Algorithm for use when creating and verifying tokens.
        z Algorithm already has a handler.z!Object is not of type `Algorithm`N)r�
ValueError�
isinstancer�	TypeErrorr�add)r#r*r,r%r%r&�register_algorithm7s


zPyJWS.register_algorithmcCs*||jvr	td��|j|=|j�|�dS)z�
        Unregisters an Algorithm for use when creating and verifying tokens
        Throws KeyError if algorithm is not registered.
        zJThe specified algorithm could not be removed because it is not registered.N)r�KeyErrorr�remove)r#r*r%r%r&�unregister_algorithmDs
�zPyJWS.unregister_algorithm�	list[str]cCs
t|j�S)zM
        Returns a list of supported values for the 'alg' parameter.
        )r r)r#r%r%r&�get_algorithmsRs
zPyJWS.get_algorithms�alg_namec
CsNz|j|WSty&}zts|tvrtd|�d��|�td�|�d}~ww)z�
        For a given string name, return the matching Algorithm object.

        Example usage:

        >>> jws_obj.get_algorithm_by_name("RS256")
        zAlgorithm 'z9' could not be found. Do you have cryptography installed?�Algorithm not supportedN)rr2r	r
�NotImplementedError)r#r7�er%r%r&�get_algorithm_by_nameXs
��
��zPyJWS.get_algorithm_by_nameFT�payload�bytesr$�(AllowedPrivateKeys | PyJWK | str | bytes�	algorithm�
str | None�headers�json_encoder�type[json.JSONEncoder] | None�is_payload_detached�bool�sort_headerscCsNg}|durt|t�r|j}	nd}	n|}	|r,|�d�}
|
r!|d}	|�d�}|dur,d}|j|	d�}|r>|�|�|�|�|dsE|d=|rLd|d<nd|vrS|d=tj|d||d	��	�}
|�
t|
��|rj|}nt|�}|�
|�d
�|�}|�
|	�}t|t�r�|j}|�|�}|�||�}|�
t|��|r�d|d<d
�|�}|�d
�S)N�HS256�alg�b64FT)�typrHrJ)�,�:)�
separators�cls�	sort_keys�.�r�utf-8)r.r�algorithm_name�get�
header_typ�_validate_headers�update�json�dumps�encode�appendr�joinr;r$�prepare_key�sign�decode)r#r<r$r?rArBrDrF�segments�
algorithm_�headers_alg�headers_b64�header�json_header�msg_payload�
signing_inputr,�	signature�encoded_stringr%r%r&rZisX






��






zPyJWS.encode��jwt�str | bytes�'AllowedPublicKeys | PyJWK | str | bytes�detached_payload�bytes | None�dict[str, Any]c
Ks�|rtjdt|�����tdd�|duri}i|j�|�}|d}|r/|s/t|t�s/td��|�	|�\}	}
}}|�
dd�durW|durHtd	��|}	d
�|
�d
d�d|	g�}
|rb|�
|
||||�|	||d
�S)Nzypassing additional kwargs to decode_complete() is deprecated and will be removed in pyjwt version 3. Unsupported kwargs: ���
stacklevelr)z\It is required that you pass in a value for the "algorithms" argument when calling decode().rITFz�It is required that you pass in a value for the "detached_payload" argument to decode a message having the b64 header set to false.rPrr)r<rdrh)�warnings�warn�tupler!rrr.rr�_loadrTr\�rsplit�_verify_signature)
r#rkr$rrrn�kwargs�merged_optionsr)r<rgrdrhr%r%r&�decode_complete�s<	
�����zPyJWS.decode_completercKs>|rtjdt|�����tdd�|j|||||d�}|dS)Nzppassing additional kwargs to decode() is deprecated and will be removed in pyjwt version 3. Unsupported kwargs: rqrr)rnr<)rtrurvr!rr|)r#rkr$rrrnrz�decodedr%r%r&r_�s	
��
�zPyJWS.decodecCs|�|�d}|�|�|S)z�Returns back the JWT header parameters as a dict()

        Note: The signature is not verified so the header parameters
        should not be fully trusted until signature verification is complete
        rq)rwrV)r#rkrAr%r%r&�get_unverified_header�s
zPyJWS.get_unverified_header�*tuple[bytes, bytes, dict[str, Any], bytes]c
Cslt|t�r
|�d�}t|t�stdt����z|�dd�\}}|�dd�\}}Wnty9}ztd�|�d}~wwzt|�}Wnt	t
jfyT}ztd�|�d}~wwzt�
|�}Wntyp}	ztd|	���|	�d}	~	wwt|t�sztd��zt|�}
Wnt	t
jfy�}ztd	�|�d}~wwzt|�}Wnt	t
jfy�}ztd
�|�d}~ww|
|||fS)NrRz$Invalid token type. Token must be a rPrzNot enough segmentszInvalid header paddingzInvalid header string: z,Invalid header string: must be a json objectzInvalid payload paddingzInvalid crypto padding)r.r+rZr=rrx�splitr-rr/�binascii�ErrorrX�loads�dict)r#rkrg�crypto_segment�header_segment�payload_segment�err�header_datardr:r<rhr%r%r&rwsL



��
����

��
��zPyJWS._loadrgrdrhc

Cs�|dur
t|t�r
|jg}z|d}Wntytd�d�w|r*|dur.||vr.td��t|t�r:|j}|j}nz|�|�}WntyR}	ztd�|	�d}	~	ww|�	|�}|�
|||�sctd��dS)NrHzAlgorithm not specifiedz&The specified alg value is not allowedr8zSignature verification failed)r.rrSr2r
rr$r;r9r]�verifyr)
r#rgrdrhr$rrHr,�prepared_keyr:r%r%r&ry+s,
�

��
�zPyJWS._verify_signaturecCsd|vr
|�|d�dSdS)N�kid)�
_validate_kid)r#rAr%r%r&rVJs�zPyJWS._validate_headersr�cCst|t�s	td��dS)Nz(Key ID header parameter must be a string)r.r+r)r#r�r%r%r&r�Ns
�zPyJWS._validate_kid)NN)rrrrrr)rr()r*r+r,rrr)r*r+rr)rr5)r7r+rr)NNNFT)r<r=r$r>r?r@rArrBrCrDrErFrErr+)rjNNN)rkrlr$rmrrrrrnrorrp)rkrlr$rmrrrrrnrorr)rkrlrrp)rkrlrr)rjN)rgr=rdrprhr=r$rmrrrr)rArprr)r�rrr)�__name__�
__module__�__qualname__rUr'�staticmethodr"r1r4r6r;rZr|r_r~rwryrVr�r%r%r%r&rsD�



�P�1�

+�
r)%�
__future__rr�rXrt�collections.abcr�typingrrrrrr	r
�api_jwkr�
exceptionsrr
rr�utilsrrrrrr�_jws_global_objrZr|r_r1r4r;r~r%r%r%r&�<module>s08