A1i./bddlmZddlZddlZddlZddlmZmZddlm Z m Z m Z m Z ddl mZmZmZmZddlmZmZddlmZerdd lmZmZGd d ZeZej4Zej6Zej8Zej:Zej<Zej>Zej@Z y) ) annotationsN) TYPE_CHECKINGAny) Algorithmget_default_algorithms has_cryptorequires_cryptography) DecodeErrorInvalidAlgorithmErrorInvalidSignatureErrorInvalidTokenError)base64url_decodebase64url_encode)RemovedInPyjwt3Warning)AllowedPrivateKeysAllowedPublicKeyscJeZdZUdZ d ddZeddZddZddZddZ ddZ d dd Z d d!d Z d d"d Z d#d Zd$dZ d% d&dZdhZded<d d d'dZd(dZd)dZy)*PyJWSJWTNc2t|_| t|nt|j|_t |jj D]}||jvs|j|= |i}i|j ||_y)N)r _algorithmsset _valid_algslistkeys_get_default_optionsoptions)self algorithmsrkeys -/usr/lib/python3/dist-packages/jwt/api_jws.py__init__zPyJWS.__init__s 23)5C O3t?O?O;P  ((--/0 *C$***$$S) * ?GA$335AA c ddiS)Nverify_signatureTr'r$r"rzPyJWS._get_default_options1s "D))r$c||jvr tdt|ts t d||j|<|j j |y)zW Registers a new Algorithm for use when creating and verifying tokens. z Algorithm already has a handler.z!Object is not of type `Algorithm`N)r ValueError isinstancer TypeErrorradd)ralg_idalg_objs r"register_algorithmzPyJWS.register_algorithm5sX T%% %?@ @'9-?@ @#*  V$r$c||jvr td|j|=|jj|y)z Unregisters an Algorithm for use when creating and verifying tokens Throws KeyError if algorithm is not registered. zJThe specified algorithm could not be removed because it is not registered.N)rKeyErrorrremove)rr-s r"unregister_algorithmzPyJWS.unregister_algorithmBsH )) )1    V $ 'r$c,t|jS)zM Returns a list of supported values for the 'alg' parameter. )rr)rs r"get_algorithmszPyJWS.get_algorithmsPsD$$%%r$c |j|S#t$r/}ts|tvrt d|d|t d|d}~wwxYw)z For a given string name, return the matching Algorithm object. Example usage: >>> jws_obj.get_algorithm_by_name("RS256") z Algorithm 'z9' could not be found. Do you have cryptography installed?Algorithm not supportedN)rr1r r NotImplementedError)ralg_namees r"get_algorithm_by_namezPyJWS.get_algorithm_by_nameVsc H##H- - H(.C"C)!(+de&&?@a G  Hs A *AA Fcg}||nd} |r/|jd} | r|d} |jd} | durd}|j| d} |r$|j|d| j|| ds| d=|rd| d<nd| vr| d=t j | d || j } |jt| |r|}n t|}|j|d j|}|j| }|j|}|j||}|jt||rd |d <d j|}|jdS)Nnonealgb64FT)typr>encodingr@),:) separatorscls sort_keys.r$rutf-8)get header_typ_validate_headersupdatejsondumpsencodeappendrjoinr; prepare_keysigndecode)rpayloadr! algorithmheaders json_encoderis_payload_detached sort_headerssegments algorithm_ headers_alg headers_b64header json_header msg_payload signing_inputr. signatureencoded_strings r"rPz PyJWS.encodegs~(1'<)&  !++e,K$U^ !++e,Ke#&*#*.!L   " "7T " : MM' "e}u !F5M f_u jj z|| &(  (56 !K*73K $ (+ ,,Z8!!#&LL4 (34 HQK8,$$W--r$c |r4tjdt|jt|i}i|j |}|d}|r |s t d|j|\} } } } |j| | jdddur5| t d|} dj| jdd d | g} |r|j| | | ||| | | d S) Nzypassing additional kwargs to decode_complete() is deprecated and will be removed in pyjwt version 3. Unsupported kwargs: r&z\It is required that you pass in a value for the "algorithms" argument when calling decode().r?TFzIt is required that you pass in a value for the "detached_payload" argument to decode a message having the b64 header set to false.rHrr)rVr`rd) warningswarntuplerrrr _loadrLrJrRrsplit_verify_signature) rjwtr!r rdetached_payloadkwargsmerged_optionsr&rVrcr`rds r"decode_completezPyJWS.decode_completes  MM'',V[[]';&<>'   ?G4DLL4G4)*<= Jn 59JJsO1  v& ::eT "e +'!Z'G II}';';D!'DQ'G&QRM   " "=&)S* U"  r$c |r4tjdt|jt|j |||||}|dS)Nzppassing additional kwargs to decode() is deprecated and will be removed in pyjwt version 3. Unsupported kwargs: )rnrV)rgrhrirrrq)rrmr!r rrnrodecodeds r"rUz PyJWS.decodesc  MM'',V[[]';&<>'   && j',/JJtQ,? )M>.;.A.A$.J +NO A*>:K DZZ ,F&$'LM M B&7G A(8I ::5 >34# = > 8>>* A67S @ A  D 7s;>* B78c A B 8>>* A67S @ Asx*C 0 C'<D- D49 E! C$ CC$'D D  D D1D,,D14E EE!F : FF c" |d}|r|||vr td |j|}|j |} |j || |s t dy#t$r tdwxYw#t$r}td|d}~wwxYw)Nr>zAlgorithm not specifiedz&The specified alg value is not allowedr7zSignature verification failed)r1r r;r8rSverifyr ) rrcr`rdr!r r>r.r: prepared_keys r"rlzPyJWS._verify_signature!s C-Cz-#Z2G'(PQ Q J005G**3/ ~~m\9E'(GH HF C'(AB B C# J'(AB I Js"AA4A14 B= B  Br?zset[str]_supported_critrAcfd|vr|j|d|sd|vr|j|yyy)Nkidcrit) _validate_kid_validate_crit)rrXrBs r"rLzPyJWS._validate_headers=s= G    wu~ .Fg-    (.xr$c:t|ts tdy)Nz(Key ID header parameter must be a string)r*rxr)rrs r"rzPyJWS._validate_kidEs#s##$NO O$r$c|d}t|trt|dk(r td|D]L}t|ts td||j vrtd|||vs?td|dy)Nrrz/Invalid 'crit' header: must be a non-empty listz-Invalid 'crit' header: values must be stringsz Unsupported critical extension: zCritical extension 'z' is missing from headers)r*rlenrrxr)rrXrexts r"rzPyJWS._validate_critIsv$%Ta#$UV V Cc3''(WXX$...'*J3%(PQQ'!'*3%/HI  r$)NN)r list[str] | Nonerdict[str, Any] | NonereturnNone)rzdict[str, bool])r-rxr.rrr)r-rxrr)rz list[str])r9rxrr)HS256NNFT)rVryr!z AllowedPrivateKeys | str | bytesrWz str | NonerXrrYztype[json.JSONEncoder] | NonerZboolr[rrrx)NNN) rm str | bytesr!AllowedPublicKeys | str | bytesr rrrrn bytes | Nonerdict[str, Any]) rmrr!rr rrrrnrrr)rmrrr)rmrrz*tuple[bytes, bytes, dict[str, Any], bytes])rN) rcryr`rrdryr!rr rrr)rXrrBrrr)rrrr)rXrrr)__name__ __module__ __qualname__rKr# staticmethodrr/r3r5r;rPrqrUrvrjrlr__annotations__rLrrr'r$r"rrsJ(,)-B$B'B  B&** % (& H*!()-6:$)!C.C..C. C. ' C. 4 C."C.C. C.P02'+)-)- - - -- % - ' - ' -  - d02'+)-)- " "-"% " ' " ' " "* $;V02'+ III I - I % I I4"'OX'rs" %  6,Azzz '   !11   $77&;;'=='==r$