a !f.@sddlZddlZddlZddlZddlZddlmZddlmZddl m Z ddl m Z m Z mZddlmZmZmZejrddlmZGd d d ZGd d d eZGd ddeZGdddeZGdddeZGdddejZdS)N) b64encode)parse_http_list) ProtocolError)CookiesRequestResponse)to_bytesto_strunquote)_Hashc@sjeZdZdZdZdZeejee dfdddZ eejee dfdddZ eej ee fdd d Z dS) Autha Base class for all authentication schemes. To implement a custom authentication scheme, subclass `Auth` and override the `.auth_flow()` method. If the authentication scheme does I/O such as disk access or network calls, or uses synchronization primitives such as locks, you should override `.sync_auth_flow()` and/or `.async_auth_flow()` instead of `.auth_flow()` to provide specialized implementations that will be used by `Client` and `AsyncClient` respectively. FNrequestreturnccs |VdS)a Execute the authentication flow. To dispatch a request, `yield` it: ``` yield request ``` The client will `.send()` the response back into the flow generator. You can access it like so: ``` response = yield request ``` A `return` (or reaching the end of the generator) will result in the client returning the last response obtained from the server. You can dispatch as many requests as is necessary. NselfrrrL/var/www/html/python-backend/venv/lib/python3.9/site-packages/httpx/_auth.py auth_flow!szAuth.auth_flowccs`|jr|||}t|}|V}|jr4|z||}Wq tyXYq\Yq 0q dS)z Execute the authentication flow synchronously. By default, this defers to `.auth_flow()`. You should override this method when the authentication scheme does I/O and/or uses concurrency primitives. N)requires_request_bodyreadrnextrequires_response_bodysend StopIterationrrZflowresponserrrsync_auth_flow9s   zAuth.sync_auth_flowcCsl|jr|IdH||}t|}|V}|jr@|IdHz||}Wq&tydYqhYq&0q&dS)z Execute the authentication flow asynchronously. By default, this defers to `.auth_flow()`. You should override this method when the authentication scheme does I/O and/or uses concurrency primitives. N)rZareadrrrrrrrrrasync_auth_flowRs   zAuth.async_auth_flow)__name__ __module__ __qualname____doc__rrrtyping GeneratorrrrAsyncGeneratorrrrrrr s   r c@sHeZdZdZejegefddddZeejee dfdddZ dS) FunctionAuthz Allows the 'auth' argument to be passed as a simple callable function, that takes the request, and returns a new, modified request. N)funcrcCs ||_dSNZ_func)rr(rrr__init__rszFunctionAuth.__init__rccs||VdSr)r*rrrrruszFunctionAuth.auth_flow) r r!r"r#r$Callablerr+r%rrrrrrr'lsr'c@sxeZdZdZejeefejeefddddZe ej e e dfdddZ ejeefejeefedd d Z dS) BasicAuthzy Allows the 'auth' argument to be passed as a (username, password) pair, and uses HTTP Basic authentication. NusernamepasswordrcCs||||_dSr))_build_auth_header _auth_headerrr/r0rrrr+szBasicAuth.__init__rccs|j|jd<|VdS)N Authorization)r2headersrrrrrs zBasicAuth.auth_flowcCs,dt|t|f}t|}d|SN:zBasic joinr rdecoderr/r0Zuserpasstokenrrrr1s zBasicAuth._build_auth_header)r r!r"r#r$Unionstrbytesr+rr%rrr1rrrrr-ys r-c@sjeZdZdZd ejeddddZeej ee dfdddZ ej ee fej ee fed d d ZdS) NetRCAuthzT Use a 'netrc' file to lookup basic auth credentials based on the url host. N)filercCsddl}|||_dS)Nr)netrc _netrc_info)rrArBrrrr+szNetRCAuth.__init__rccsN|j|jj}|dus |ds(|Vn"|j|d|dd|jd<|VdS)Nr)r/r0r4)rCauthenticatorsurlhostr1r5)rrZ auth_inforrrrs zNetRCAuth.auth_flowr.cCs,dt|t|f}t|}d|Sr6r8r;rrrr1s zNetRCAuth._build_auth_header)N)r r!r"r#r$Optionalr>r+rr%rrr=r?r1rrrrr@s  r@c @seZdZUejejejejejejejejdZe j e e j e gdffed<e je e fe je e fddddZee jeedfdd d Zeee d d d dZed e dddZee e dddZe j e e fe dddZe je ee je dddZdS) DigestAuth)MD5zMD5-SESSSHAzSHA-SESSzSHA-256z SHA-256-SESSzSHA-512z SHA-512-SESSr _ALGORITHM_TO_HASH_FUNCTIONNr.cCs$t||_t||_d|_d|_dS)Nr)r _username _password_last_challenge _nonce_countr3rrrr+s  zDigestAuth.__init__rccs|jr|||j|jd<|V}|jdks4d|jvr8dS|jdD]}|drDq`qDdS|||||_d|_|||j|jd<|j rt |j j |d|VdS)Nr4izwww-authenticatezdigest rr) rOr1r5 status_codeZget_listlower startswith_parse_challengerPcookiesrZset_cookie_header)rrr auth_headerrrrrs&  zDigestAuth.auth_flow_DigestAuthChallenge)rrrWrc Cs|d\}}}|dks Ji}t|D]$}|dd\} } t| || <q,zh|d} |d} |dd} d |vr|d nd }d |vr|d nd }t| | | ||d WSt y}zd }t ||d|WYd }~n d }~00d S)z Returns a challenge from a Digest WWW-Authenticate header. These take the form of: `Digest realm="realm@host.com",qop="auth,auth-int",nonce="abc",opaque="xyz"`  digest=rrealmnonce algorithmrJopaqueNqop)r\r]r^r_r`z(Malformed Digest WWW-Authenticate headerrQ) partitionrSrstripsplitr encodegetrXKeyErrorr)rrrrWscheme_fieldsZ header_dictfieldkeyvaluer\r]r^r_r`excmessagerrrrUs$     zDigestAuth._parse_challenge)r challengerc s^|j|jttdfdd }d|j|j|jf}|jj }d|j |f}||}d|j }| |j |j} |j d7_ ||} |jdr|d| |j| f} |j|j|d} | dur| |j|g} n|j|| | |g} d| } |j|j|j||d| | f|j d }|jr2|j|d <| rPd |d <||d <| |d<d||S)N)datarcs|Sr)) hexdigestrd)rpZ hash_funcrrrZsz-DigestAuth._build_auth_header..digestr7s%08xrz-sessrQ)r/r\r]urirr^r_authr`nccnoncezDigest )rLr^upperr?r9rMr\rNrFraw_pathmethodrdrP_get_client_noncer]rSendswith _resolve_qopr`r__get_header_value)rrrorZA1pathA2HA2Znc_valuervHA1r`Z digest_dataZ key_digestZ format_argsrrrrr1s>   zDigestAuth._build_auth_header) nonce_countr]rcCsLt|}||7}|t7}|td7}t|ddS)N) r>rdtimectimeosurandomhashlibsha1rq)rrr]srrrrz1s  zDigestAuth._get_client_nonce) header_fieldsrc Csbd}d}d}d}t|D]@\}\}}|dkr8|d7}||vrD|n|} || |t|7}q|S)N)r^r`ruz{}="{}"z{}={}rz, ) enumerateitemsformatr ) rrZNON_QUOTED_FIELDSZQUOTED_TEMPLATEZNON_QUOTED_TEMPLATE header_valueirjrltemplaterrrr}9szDigestAuth._get_header_value)r`rrcCsR|dur dStd|}d|vr$dS|dgkr6tdd|d}t||ddS)Ns, ?rtsauth-intz.Digest auth-int support is not yet implementedzUnexpected qop value "z" in digest authrQ)rercNotImplementedErrorr)rr`rZqopsrnrrrr|Ks   zDigestAuth._resolve_qop)r r!r"rmd5rsha256sha512rLr$Dictr>r,r?__annotations__r=r+rr%rrrUr1intrzr}rHr|rrrrrIs0 $     / rIc@sBeZdZUeed<eed<eed<ejeed<ejeed<dS)rXr\r]r^r_r`N)r r!r"r?rr>r$rHrrrrrX[s rX)rrrrr$base64rurllib.requestr _exceptionsrZ_modelsrrr_utilsr r r TYPE_CHECKINGr r r'r-r@rI NamedTuplerXrrrrs$    [  ,