o a{-@srdZddlZddlmZmZmZddlmZmZm Z m Z m Z m Z m Z mZmZmZmZmZmZmZGdddZdS)z oauthlib.oauth1.rfc5849.endpoints.base ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ This module is an implementation of various logic needed for signing and checking OAuth 1.0 RFC 5849 requests. N)CaseInsensitiveDictRequestgenerate_token)CONTENT_TYPE_FORM_URLENCODEDSIGNATURE_HMAC_SHA1SIGNATURE_HMAC_SHA256SIGNATURE_HMAC_SHA512SIGNATURE_RSA_SHA1SIGNATURE_RSA_SHA256SIGNATURE_RSA_SHA512SIGNATURE_PLAINTEXTSIGNATURE_TYPE_AUTH_HEADERSIGNATURE_TYPE_BODYSIGNATURE_TYPE_QUERYerrors signatureutilsc@s@eZdZdddZddZddZdd Zd d Zdd dZdS) BaseEndpointNcCs||_|pt|_dSN)request_validatorrtoken_generator)selfrrrH/usr/lib/python3/dist-packages/oauthlib/oauth1/rfc5849/endpoints/base.py__init__szBaseEndpoint.__init__c Cstj|jddd}tj|jdd}tj|jdd}g}||||||ttddt|t |ft |t |ft |t |ff}t |dkr`d d |D}tjd d |fd z |d\}}} Wn tyvtjdd w||| fS)zExtracts parameters from query, headers and body. Signature type is set to the source in which parameters were found. FT)headersexclude_oauth_signatureZ with_realm)bodyr) uri_queryrcSs|dS)Nrr)srrr-sz=BaseEndpoint._get_signature_type_and_params..cSsg|]}|dqS)rr).0r rrr 7sz?BaseEndpoint._get_signature_type_and_params..zFoauth_ params must come from only 1 signaturetype but were found in %sz,  descriptionr#Missing mandatory OAuth parameters.)rZcollect_parametersrrrextendlistfilterrrZfilter_oauth_paramsrrlenrInvalidRequestErrorjoin IndexError) rrequestZ header_paramsZ body_paramsZ query_paramsparamsZ!signature_types_with_oauth_paramsZ found_typessignature_type oauth_paramsrrr_get_signature_type_and_paramssR       z+BaseEndpoint._get_signature_type_and_paramsc Cs$t|pi}d|vrt|dvrt||||}nt||d|}||\}}}tt|t|kr7tjddt|}|d|_ |d|_ |d|_ |d|_ |d |_ |d |_|d |_|d |_t|d |_||_dd|D|_d |jddvrdd|jD|_|S)Nz Content-TypezDuplicate OAuth1 entries.r%oauth_signatureZoauth_consumer_keyZ oauth_tokenZ oauth_nonceZoauth_timestampZoauth_callbackZoauth_verifierZoauth_signature_methodrealmcS g|] \}}|dkr||fqS)r5rr#kvrrrr$fs z0BaseEndpoint._create_request..Z AuthorizationcSr7)r6rr8rrrr$is )rrrr3r+dictrr,getr client_keyresource_owner_keynonce timestampZ redirect_uriZverifiersignature_methodr6r2r0r) ruriZ http_methodrrr/r1r0r2rrr_create_requestFs:          zBaseEndpoint._create_requestcCs(|jjr|jdstdSdS)Nzhttps://)rZ enforce_sslrBlower startswithrZInsecureTransportError)rr/rrr_check_transport_securityns z&BaseEndpoint._check_transport_securitycCst|j|j|j|j|jfstjdd|j|jj vr(tj d |j|jj dd|j vr:|j ddkr:tjddt |jdkrGtjddzt|j}Wn ty[tjd dwtt||jjkrrtjd |jjd|j|jstjd d|j|jstjd ddS) Nr'r%z"Invalid signature, {} not in {!r}.Z oauth_versionz1.0zInvalid OAuth version. zInvalid timestamp sizezTimestamp must be an integer.zCTimestamp given is invalid, differ from allowed by over %s seconds.zInvalid client key format.zInvalid nonce format.)allrr=r?r@rArr,rZallowed_signature_methodsZInvalidSignatureMethodErrorformatr2r+int ValueErrorabstimeZtimestamp_lifetimeZcheck_client_keyZ check_nonce)rr/tsrrr_check_mandatory_parametersts`     z(BaseEndpoint._check_mandatory_parametersFcCsD|jtks|jtks|jtkrB|j|j|}|jtkr$t||}|S|jtkr1t ||}|S|jtkr>t ||}|Sd}|S|j |j|}d}|j rf|r\|j |j|j |}n |j|j|j |}|jtkrtt|||}|S|jtkrt|||}|S|jtkrt|||}|S|jtkrt|||}|Sd}|S)NF)rAr r r rZ get_rsa_keyr=rZverify_rsa_sha1Zverify_rsa_sha256Zverify_rsa_sha512Zget_client_secretr>Zget_request_token_secretZget_access_token_secretrZverify_hmac_sha1rZverify_hmac_sha256r Zverify_hmac_sha512r Zverify_plaintext)rr/Zis_token_requestZrsa_keyZvalid_signatureZ client_secretZresource_owner_secretrrr_check_signaturesr   1 / -+    zBaseEndpoint._check_signaturer)F) __name__ __module__ __qualname__rr3rCrFrOrPrrrrrs *(Br)__doc__rMZoauthlib.commonrrrr4rrrr r r r r rrrrrrrrrrrs @