dd[+bddlmZddlZddlZddlZddlmZmZddlm Z m Z m Z m Z ddl mZmZmZmZddlmZmZddlmZerdd lmZmZGd d ZeZej4Zej6Zej8Zej:Zej<Zej>Zej@Z y) ) annotationsN) TYPE_CHECKINGAny) Algorithmget_default_algorithms has_cryptorequires_cryptography) DecodeErrorInvalidAlgorithmErrorInvalidSignatureErrorInvalidTokenError)base64url_decodebase64url_encode)RemovedInPyjwt3Warning)AllowedPrivateKeysAllowedPublicKeysc eZdZdZ d ddZeddZddZddZddZ ddZ d dd Z d dd Z d dd Z dd Zdd Z d d dZd!dZd"dZy)#PyJWSJWTNc2t|_| t|nt|j|_t |jj D]}||jvs|j|= |i}i|j ||_y)N)r _algorithmsset _valid_algslistkeys_get_default_optionsoptions)self algorithmsrkeys -/usr/lib/python3/dist-packages/jwt/api_jws.py__init__zPyJWS.__init__s 23)5C O3t?O?O;P  ((--/0 *C$***$$S) * ?GA$335AA c ddiS)Nverify_signatureTr'r$r"rzPyJWS._get_default_options1s "D))r$c||jvr tdt|ts t d||j|<|j j |y)zW Registers a new Algorithm for use when creating and verifying tokens. z Algorithm already has a handler.z!Object is not of type `Algorithm`N)r ValueError isinstancer TypeErrorradd)ralg_idalg_objs r"register_algorithmzPyJWS.register_algorithm5sX T%% %?@ @'9-?@ @#*  V$r$c||jvr td|j|=|jj|y)z Unregisters an Algorithm for use when creating and verifying tokens Throws KeyError if algorithm is not registered. zJThe specified algorithm could not be removed because it is not registered.N)rKeyErrorrremove)rr-s r"unregister_algorithmzPyJWS.unregister_algorithmBsH )) )1    V $ 'r$c,t|jS)zM Returns a list of supported values for the 'alg' parameter. )rr)rs r"get_algorithmszPyJWS.get_algorithmsPsD$$%%r$c |j|S#t$r/}ts|tvrt d|d|t d|d}~wwxYw)z For a given string name, return the matching Algorithm object. Example usage: >>> jws_obj.get_algorithm_by_name("RS256") z Algorithm 'z9' could not be found. Do you have cryptography installed?Algorithm not supportedN)rr1r r NotImplementedError)ralg_namees r"get_algorithm_by_namezPyJWS.get_algorithm_by_nameVsc H##H- - H(.C"C)!(+de&&?@a G  Hs A *AA cg}||nd} |r/|jd} | r|d} |jd} | durd}|j| d} |r"|j|| j|| ds| d=|rd| d<nd| vr| d=t j | d|| j } |jt| |r|}n t|}|j|d j|}|j| }|j|}|j||}|jt||rd |d <d j|}|jd S)Nnonealgb64FT)typr>r@),:) separatorscls sort_keys.r$rutf-8)get header_typ_validate_headersupdatejsondumpsencodeappendrjoinr; prepare_keysigndecode)rpayloadr! algorithmheaders json_encoderis_payload_detached sort_headerssegments algorithm_ headers_alg headers_b64header json_header msg_payload signing_inputr. signatureencoded_strings r"rNz PyJWS.encodegsy(1'<)&  !++e,K$U^ !++e,Ke#&*#*.!L   " "7 + MM' "e}u !F5M f_u jj z|| &(  (56 !K*73K $ (+ ,,Z8!!#&LL4 (34 HQK8,$$W--r$c |r4tjdt|jt|i}i|j |}|d}|r |s t d|j|\} } } } | jdddur5| t d|} dj| jdd d | g} |r|j| | | ||| | | d S) Nzypassing additional kwargs to decode_complete() is deprecated and will be removed in pyjwt version 3. Unsupported kwargs: r&z\It is required that you pass in a value for the "algorithms" argument when calling decode().r?TFzIt is required that you pass in a value for the "detached_payload" argument to decode a message having the b64 header set to false.rFrr)rTr^rb) warningswarntuplerrrr _loadrHrPrsplit_verify_signature) rjwtr!r rdetached_payloadkwargsmerged_optionsr&rTrar^rbs r"decode_completezPyJWS.decode_completes  MM'',V[[]';&<>'   ?G4DLL4G4)*<= Jn 59JJsO1 ::eT "e +'!Z'G II}';';D!'DQ'G&QRM   " "=&)S* U"  r$c |r4tjdt|jt|j |||||}|dS)Nzppassing additional kwargs to decode() is deprecated and will be removed in pyjwt version 3. Unsupported kwargs: )rlrT)rerfrgrrro)rrkr!r rrlrmdecodeds r"rSz PyJWS.decodesc  MM'',V[[]';&<>'   && j',/JJtQ,? )M>.;.A.A$.J +NO A*>:K DZZ ,F&$'LM M B&7G A(8I ::5 >34# = > 8>>* A67S @ A  D 7s;>* B78c A B 8>>* A67S @ Asx*C 0 C'<D- D49 E! C$ CC$'D D  D D1D,,D14E EE!F : FF c" |d}|r|||vr td |j|}|j |} |j || |s t dy#t$r tdwxYw#t$r}td|d}~wwxYw)Nr>zAlgorithm not specifiedz&The specified alg value is not allowedr7zSignature verification failed)r1r r;r8rQverifyr ) rrar^rbr!r r>r.r: prepared_keys r"rjzPyJWS._verify_signatures C-Cz-#Z2G'(PQ Q J005G**3/ ~~m\9E'(GH HF C'(AB B C# J'(AB I Js"AA4A14 B= B  Bc6d|vr|j|dyy)Nkid) _validate_kid)rrVs r"rJzPyJWS._validate_headers8s! G    wu~ . r$c:t|ts tdy)Nz(Key ID header parameter must be a string)r*rvr)rrs r"rzPyJWS._validate_kid<s#s##$NO O$r$)NN)r list[str] | Nonerdict[str, Any] | NonereturnNone)rzdict[str, bool])r-rvr.rrr)r-rvrr)rz list[str])r9rvrr)HS256NNFT)rTrwr!z AllowedPrivateKeys | str | bytesrUz str | NonerVrrWztype[json.JSONEncoder] | NonerXboolrYrrrv)NNN) rk str | bytesr!AllowedPublicKeys | str | bytesr rrrrl bytes | Nonerdict[str, Any]) rkrr!rr rrrrlrrr)rkrrr)rkrrz*tuple[bytes, bytes, dict[str, Any], bytes])rN) rarwr^rrbrwr!rr rrr)rVrrr)rrrr)__name__ __module__ __qualname__rIr# staticmethodrr/r3r5r;rNrorSrtrhrjrJrr'r$r"rrsJ(,)-B$B'B  B&** % (& H*!()-6:$)!C.C..C. C. ' C. 4 C."C.C. C.P02'+)-)- + + -+ % + ' + ' +  + `02'+)-)- " "-"% " ' " ' " "* $;V02'+ III I - I % I I2/Pr$r)! __future__rryrLretypingrrr rrr r exceptionsr r r rutilsrrrrrr_jws_global_objrNrorSr/r3r;rtr'r$r"rs" %  6,AcPcPL '   !11   $77&;;'=='==r$