ó ªQ‹Yc@@sNdZddlmZmZddlZddlZddlZddlZddlZddl Z ddl Z ddl m Z ddl mZddlmZddlmZddlmZdd lmZmZdd lmZmZy4dd lmZdd lmZ dd lm!Z"WnAe#k rcdd l$mZdd l$mZ dd l$m!Z"nXyddl%Z%Wn e#k r–ddl$j&Z%nXddl'm(Z(defd„ƒYZdZ)dZ*ej+dej,ƒZ-ej+dƒZ.dZ/ej0dƒZ1e j2ddkZ3e3r*e4Z5e6Z7n e8Z5e4Z7dd„Zd„Zd„Z!d„Z9d„Z:e;e/ƒe;dƒBZ<d„Z=d „Z>d!„Z?d"„Z@d#e)d$„ZAd%„ZBd&„ZCd'„ZDd(„ZEd)„ZFd*„ZGd#e*d+„ZHd,„ZIeJd-„ZKd.„ZLd/d0„ZMd1eNfd2„ƒYZOd3ePfd4„ƒYZQdS(5u| oauthlib.common ~~~~~~~~~~~~~~ This module provides data structures and utilities common to all implementations of OAuth. i(tabsolute_importtunicode_literalsN(ttimegm(tJWK(tJWT(t json_decode(tdefault_backend(tload_pem_private_keytload_pem_public_key(t RSAPrivateKeyt RSAPublicKey(tquote(tunquote(t urlencode(trsaRcB@sMeZd„Zd„Zd„Zd„Zd„Zd„Zed„ƒZ RS(cK@sZtƒ|_tƒ|_tƒ|_d|kr@|j|n|rV|j|ndS(Nugenerate(tdictt_paramst_keyt_unknownt generate_keyt import_key(tselftkwargs((s3/usr/lib/python2.7/site-packages/oauthlib/common.pyt__init__-s    cK@sÃ|jƒ}|jddd|j|jjƒd|j|jjƒd|j|jƒd|j|jƒd|j|jƒd|j|j ƒd |j|j ƒd |j|j ƒƒ |j |dS( NtktyuRSAtntetdtptqtdptdqtqi( tprivate_numberstupdatet _encode_inttpublic_numbersRRRRRtdmp1tdmq1tiqmpR(Rtkeytparamstpn((s3/usr/lib/python2.7/site-packages/oauthlib/common.pyt_import_pyca_pri_rsa7s  cK@sQ|jƒ}|jddd|j|jƒd|j|jƒƒ|j|dS(NRuRSARR(R$R"R#RRR(RR(R)R*((s3/usr/lib/python2.7/site-packages/oauthlib/common.pyt_import_pyca_pub_rsaFs   c K@sy|jƒ}|jdddt|jjd|j|jjƒd|j|jjƒd|j|j ƒƒ|j |dS(NRuECtcrvtxtyR( R!R"tJWKpycaCurveMaptcurvetnameR#R$R.R/t private_valueR(RR(R)R*((s3/usr/lib/python2.7/site-packages/oauthlib/common.pyt_import_pyca_pri_ecOs  c K@sa|jƒ}|jdddt|jjd|j|jƒd|j|jƒƒ|j|dS(NRuECR-R.R/( R$R"R0R1R2R#R.R/R(RR(R)R*((s3/usr/lib/python2.7/site-packages/oauthlib/common.pyt_import_pyca_pub_ecZs  cC@sœt|tjƒr"|j|ƒnvt|tjƒrD|j|ƒnTt|tjƒrf|j|ƒn2t|tj ƒrˆ|j |ƒnt d|ƒ‚dS(NuUnknown key object %r( t isinstanceRR R+R R,tectEllipticCurvePrivateKeyR4tEllipticCurvePublicKeyR5tInvalidJWKValue(RR(((s3/usr/lib/python2.7/site-packages/oauthlib/common.pytimport_from_pycadscC@s|ƒ}|j|ƒ|S(N(R;(tclsR(tobj((s3/usr/lib/python2.7/site-packages/oauthlib/common.pyt from_pycaps  ( t__name__t __module__RR+R,R4R5R;t classmethodR>(((s3/usr/lib/python2.7/site-packages/oauthlib/common.pyR,s  u>abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789u_ !"#$%&\'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}u&([^&;]*(?:password|token)[^=]*=)[^&;]+u&%[^0-9A-Fa-f]|%[0-9A-Fa-f][^0-9A-Fa-f]uAABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789_.-uoauthlibit/cC@sXt|tƒr|jdƒn|}t||ƒ}t|tƒrT|jdƒ}n|S(Nuutf-8(R6t unicode_typetencodet_quotet bytes_typetdecode(tstsafe((s3/usr/lib/python2.7/site-packages/oauthlib/common.pyR ‘s $cC@s1t|ƒ}t|tƒr-|jdƒ}n|S(Nuutf-8(t_unquoteR6RFRG(RH((s3/usr/lib/python2.7/site-packages/oauthlib/common.pyR ›s cC@s<t|ƒ}t|ƒ}t|tƒr+|S|jdƒSdS(Nuutf-8(tencode_params_utf8t _urlencodeR6RCRG(R)t utf8_paramst urlencoded((s3/usr/lib/python2.7/site-packages/oauthlib/common.pyR ¥s   cC@spg}xc|D][\}}|jt|tƒr=|jdƒn|t|tƒr^|jdƒn|fƒq W|S(uiEnsures that all parameters in a list of 2-element tuples are encoded to bytestrings using UTF-8 uutf-8(tappendR6RCRD(R)tencodedtktv((s3/usr/lib/python2.7/site-packages/oauthlib/common.pyRK®s !,cC@spg}xc|D][\}}|jt|tƒr=|jdƒn|t|tƒr^|jdƒn|fƒq W|S(ufEnsures that all parameters in a list of 2-element tuples are decoded to unicode using UTF-8. uutf-8(ROR6RFRG(R)tdecodedRQRR((s3/usr/lib/python2.7/site-packages/oauthlib/common.pytdecode_params_utf8ºs !,u=&;:%+~,*@!()/?cC@sª|rBt|ƒtk rBd}t|t|ƒt|fƒ‚ntj|ƒr`tdƒ‚nt r…t|tƒr…|jdƒn|}t j |dt ƒ}t |ƒS(u‚Decode a query string in x-www-form-urlencoded format into a sequence of two-element tuples. Unlike urlparse.parse_qsl(..., strict_parsing=True) urldecode will enforce correct formatting of the query string by validation. If validation fails a ValueError will be raised. urllib.parse_qsl will only raise errors if any of name-value pairs omits the equals sign. u£Error trying to decode a non urlencoded string. Found invalid characters: %s in the string: '%s'. Please ensure the request/response body is x-www-form-urlencoded.u%Invalid hex encoding in query string.uutf-8tkeep_blank_values( tsetRNt ValueErrortINVALID_HEX_PATTERNtsearchtPY3R6RCRDturlparset parse_qsltTrueRT(tqueryterrorR)((s3/usr/lib/python2.7/site-packages/oauthlib/common.pyt urldecodeÉs #+cC@sØt|tƒst|tƒrKyt|ƒ}WqÔtk rGd}qÔXn‰t|dƒrÎyt|ƒWn-tk rd}qÔtk r—d}qÔXt t|tƒr¶|j ƒn|ƒ}t |ƒ}nd}|S(u*Extract parameters and return them as a list of 2-tuples. Will successfully extract parameters from urlencoded query strings, dicts, or lists of 2-tuples. Empty strings/dicts/lists will return an empty list of parameters. Any other input will result in a return value of None. u__iter__N( R6RFRCR`RWtNonethasattrRt TypeErrortlisttitemsRT(trawR)((s3/usr/lib/python2.7/site-packages/oauthlib/common.pytextract_paramsús       'cC@s tttjdƒƒtƒƒS(uàGenerate pseudorandom nonce that is unlikely to repeat. Per `section 3.3`_ of the OAuth 1 RFC 5849 spec. Per `section 3.2.1`_ of the MAC Access Authentication spec. A random 64-bit number is appended to the epoch timestamp for both randomness and to decrease the likelihood of collisions. .. _`section 3.2.1`: http://tools.ietf.org/html/draft-ietf-oauth-v2-http-mac-01#section-3.2.1 .. _`section 3.3`: http://tools.ietf.org/html/rfc5849#section-3.3 i@(RCtrandomt getrandbitstgenerate_timestamp(((s3/usr/lib/python2.7/site-packages/oauthlib/common.pytgenerate_nonces cC@stttjƒƒƒS(uBGet seconds since epoch (UTC). Per `section 3.3`_ of the OAuth 1 RFC 5849 spec. Per `section 3.2.1`_ of the MAC Access Authentication spec. .. _`section 3.2.1`: http://tools.ietf.org/html/draft-ietf-oauth-v2-http-mac-01#section-3.2.1 .. _`section 3.3`: http://tools.ietf.org/html/rfc5849#section-3.3 (RCtintttime(((s3/usr/lib/python2.7/site-packages/oauthlib/common.pyRj&s ic@s2tjƒ‰dj‡‡fd†t|ƒDƒƒS(uXGenerates a non-guessable OAuth token OAuth (1 and 2) does not specify the format of tokens except that they should be strings of random characters. Tokens should not be guessable and entropy when generating the random characters is important. Which is why SystemRandom is used instead of the default random.choice method. uc3@s|]}ˆjˆƒVqdS(N(tchoice(t.0R.(tcharstrand(s3/usr/lib/python2.7/site-packages/oauthlib/common.pys ;s(Rht SystemRandomtjointrange(tlengthRp((RpRqs3/usr/lib/python2.7/site-packages/oauthlib/common.pytgenerate_token2s cC@s€t|ttfƒrNt|tƒr6|jdƒ}nt|dtƒƒ}n|}t|tƒs|td|j j ƒ‚n|S(Nuasciiu"Expected RSAPrivateKey, but got %s( R6RFRCRDRRaRR Rct __class__R?(tdatat private_key((s3/usr/lib/python2.7/site-packages/oauthlib/common.pytget_rsa_private_key>scC@s}t|ttfƒrKt|tƒr6|jdƒ}nt|tƒƒ}n|}t|tƒsytd|jj ƒ‚n|S(Nuasciiu!Expected RSAPublicKey, but got %s( R6RFRCRDRRR RcRwR?(Rxt public_key((s3/usr/lib/python2.7/site-packages/oauthlib/common.pytget_rsa_public_keyNscC@sVxOdddgD]>}t|j|ƒtjƒrt||jƒƒ||RR‚tmake_signed_tokent to_unicodet serialize(RyR€trsa_private_keytjwkeyttoken((s3/usr/lib/python2.7/site-packages/oauthlib/common.pytgenerate_jwt_assertionfs  " cC@sVtjjƒ}i|jd6|tjd|jƒd6}|j|jƒt||ƒS(Nuscopetsecondsuexp(R~tutcnowtscopet timedeltat expires_inR"R€RŠ(t private_pemtrequesttnowR€((s3/usr/lib/python2.7/site-packages/oauthlib/common.pytgenerate_signed_tokenns  cC@s=t|ƒ}tj|ƒ}td|d|ƒ}t|jƒS(NR(tjwt(R|RR>RRR€(R{R‰trsa_public_keyRˆt signed_token((s3/usr/lib/python2.7/site-packages/oauthlib/common.pytverify_signed_tokenxs cC@s t||ƒS(u„Generates an OAuth client_id OAuth 2 specify the format of client_id in http://tools.ietf.org/html/rfc6749#appendix-A. (Rv(RuRp((s3/usr/lib/python2.7/site-packages/oauthlib/common.pytgenerate_client_idscC@sJt|tƒr|jƒ}ntj|dtƒ}|j|ƒt|ƒS(u)Extend a query with a list of two-tuples.RU(R6RReR[R\R]textendR (R^R)t queryparams((s3/usr/lib/python2.7/site-packages/oauthlib/common.pytadd_params_to_qsˆs  c C@sgtj|ƒ\}}}}}}|r9t||ƒ}nt||ƒ}tj||||||fƒS(u5Add a list of two-tuples to the uri query components.(R[R›t urlunparse( turiR)tfragmenttschtnettpathtparR^tfra((s3/usr/lib/python2.7/site-packages/oauthlib/common.pytadd_params_to_uri‘s !cC@sft|ƒt|ƒkrtSd}x7t||ƒD]&\}}|t|ƒt|ƒAO}q2W|dkS(u Near-constant time string comparison. Used in order to avoid timing attacks on sensitive information such as secret keys during request verification (`rootLabs`_). .. _`rootLabs`: http://rdist.root.org/2010/01/07/timing-independent-array-comparison/ i(tlentFalsetziptord(tatbtresultR.R/((s3/usr/lib/python2.7/site-packages/oauthlib/common.pytsafe_string_equals›s uUTF-8c@sÃt|tƒr|St|tƒr2t|dˆƒSt|dƒr¿yt|ƒWn2tk rbq¿tk rƒ‡fd†|DƒSXt|dƒr¢|jƒ}nt‡fd†|DƒƒSn|S(u:Convert a number of different types of objects to unicode.tencodingu__iter__c3@s|]}t|ˆƒVqdS(N(R…(Roti(R­(s3/usr/lib/python2.7/site-packages/oauthlib/common.pys ¼suitemsc3@s3|])\}}t|ˆƒt|ˆƒfVqdS(N(R…(RoRQRR(R­(s3/usr/lib/python2.7/site-packages/oauthlib/common.pys Ás(R6RCRFRbRRcRWRe(RxR­((R­s3/usr/lib/python2.7/site-packages/oauthlib/common.pyR…­s  tCaseInsensitiveDictcB@sMeZdZiZd„Zd„Zd„Zd„Zdd„Z d„Z RS(u3Basic case insensitive dict with strings only keys.cC@s<td„|Dƒƒ|_x|D]}||||Ís(Rtproxy(RRxRQ((s3/usr/lib/python2.7/site-packages/oauthlib/common.pyRÌs cC@s|jƒ|jkS(N(R°R±(RRQ((s3/usr/lib/python2.7/site-packages/oauthlib/common.pyt __contains__ÑscC@s=|j|jƒ}tt|ƒj|ƒ|j|jƒ=dS(N(R±R°tsuperR¯t __delitem__(RRQR(((s3/usr/lib/python2.7/site-packages/oauthlib/common.pyR´ÔscC@s)|j|jƒ}tt|ƒj|ƒS(N(R±R°R³R¯t __getitem__(RRQR(((s3/usr/lib/python2.7/site-packages/oauthlib/common.pyRµÙscC@s||kr||S|S(N((RRQtdefault((s3/usr/lib/python2.7/site-packages/oauthlib/common.pyR}ÝscC@s0tt|ƒj||ƒ||j|jƒ÷su access_tokenuclientu client_idu client_secretucodeuextra_credentialsu grant_typeu redirect_uriu refresh_tokenu request_tokenu response_typeuscopeuscopesustateutokenuuserutoken_type_hintu response_modeunonceudisplayupromptuclaimsumax_ageu ui_localesu id_token_hintu login_hintu acr_values(Rt http_methodR¯theaderstbodyRgt decoded_bodyt oauth_paramst validator_logRaRR"RR`t uri_query(RRR»R½R¼R­RD((R­s3/usr/lib/python2.7/site-packages/oauthlib/common.pyRôsN   cC@s*||jkr|j|St|ƒ‚dS(N(RtAttributeError(RR2((s3/usr/lib/python2.7/site-packages/oauthlib/common.pyt __getattr__$s cC@sl|j}|jjƒ}|r9tjdt|ƒƒ}nd|krRd|du Authorizationu uF(R½R¼tcopytSANITIZE_PATTERNtsubtstrRR»(RR½R¼((s3/usr/lib/python2.7/site-packages/oauthlib/common.pyt__repr__*s   cC@stj|jƒjS(N(R[RR^(R((s3/usr/lib/python2.7/site-packages/oauthlib/common.pyRÁ4scC@s)|js gStj|jdtdtƒS(NRUtstrict_parsing(RÁR[R\R](R((s3/usr/lib/python2.7/site-packages/oauthlib/common.pyturi_query_params8s cC@stjtƒ}d„|jp!g|jDƒ}x|D]}||cd7Bsi(t collectionst defaultdictRlR¾RÊRe(Rt seen_keystall_keysRQtc((s3/usr/lib/python2.7/site-packages/oauthlib/common.pytduplicate_params?s  N( R?R@R¸RaRRÃRÈtpropertyRÁRÊRÐ(((s3/usr/lib/python2.7/site-packages/oauthlib/common.pyR¹ås   /  (RR¸t __future__RRRËR~tloggingRhtretsysRmtcalendarRt jwcrypto.jwkRt_JWKt jwcrypto.jwtRtjwcrypto.commonRtcryptography.hazmat.backendsRt,cryptography.hazmat.primitives.serializationRRt-cryptography.hazmat.primitives.asymmetric.rsaR R turllibR RER RJR RLt ImportErrort urllib.parseR[tparset)cryptography.hazmat.primitives.asymmetricRtUNICODE_ASCII_CHARACTER_SETtCLIENT_ID_CHARACTER_SETtcompilet IGNORECASERÅRXt always_safet getLoggertlogt version_infoRZRÇRCtbytesRFtunicodeRKRTRVRNR`RgRkRjRvRzR|R‚RŠR“R—R˜R›R¦R¤R¬R…RR¯tobjectR¹(((s3/usr/lib/python2.7/site-packages/oauthlib/common.pyts‚         J   1