k7i5SSKJr SSKJr SSKJr SSKJr SSKJr SSKJr SSKJr SSKJ r SS KJ r SS KJ r SS K J r SS K Jr SS K Jr SSKJr SSKJr "SS5rSrSrSrg))json_b64encode)to_bytes) to_unicode)urlsafe_b64encode)BadSignatureError) DecodeError)#InvalidCritHeaderParameterNameErrorInvalidHeaderParameterNameError)MissingAlgorithmError)UnsupportedAlgorithmError) ensure_dict)extract_header)extract_segment) JWSHeader) JWSObjectc\rSrSr%\"/SQ5rSr\\S'0r SSjr \ S5r Sr SS jrS rSS jrS rSS jrSrSrSrSrSrSrg)JsonWebSignature) algjkujwkkidx5ux5cx5tzx5t#S256typctycritiMAX_CONTENT_LENGTHNcX lXlgN)_private_headers _algorithms)self algorithmsprivate_headerss R/home/james-whalen/.local/lib/python3.13/site-packages/authlib/jose/rfc7515/jws.py__init__JsonWebSignature.__init__*s /%cU(aURS:wa[SU<35eXRUR'g)NJWSzInvalid algorithm for JWS, )algorithm_type ValueErrorALGORITHMS_REGISTRYname)cls algorithms r)register_algorithm#JsonWebSignature.register_algorithm.s7I44=:9-HI I2; /r,cV[US5nURU5 URU5 URXU5upS[ UR 5n[ [U55nSRXg/5n[ URX55n SRXgU /5$)aGenerate a JWS Compact Serialization. The JWS Compact Serialization represents digitally signed or MACed content as a compact, URL-safe string, per `Section 7.1`_. .. code-block:: text BASE64URL(UTF8(JWS Protected Header)) || '.' || BASE64URL(JWS Payload) || '.' || BASE64URL(JWS Signature) :param protected: A dict of protected header :param payload: A bytes/string of payload :param key: Private key used to generate signature :return: byte N.) r_validate_private_headers_validate_crit_headers_prepare_algorithm_keyr protectedrrjoinsign) r&r<payloadkey jws_headerr4protected_segmentpayload_segment signing_input signatures r)serialize_compact"JsonWebSignature.serialize_compact4s y$/  &&y1 ##I.44YM *:+?+?@+HW,=> #4"FG %inn]&HI yy+iHIIr,c[U5UR:a [S5e[U5nUR SS5upEUR SS5upg[U5n URU 5 [U S5n [U5n U(aU"U 5n [U5n [XS5n URXU5upURXLU5(aU $[U 5e![an[ S5UeSnAff=f)aExact JWS Compact Serialization, and validate with the given key. If key is not provided, the returned dict will contain the signature, and signing input values. Via `Section 7.1`_. :param s: text of JWS Compact Serialization :param key: key used to verify the signature :param decode: a function to decode payload data :return: JWSObject :raise: BadSignatureError .. _`Section 7.1`: https://tools.ietf.org/html/rfc7515#section-7.1 zSerialization is too long.r8rzNot enough segmentsNcompact)lenr!r0rrsplitsplitr_extract_headerr:r_extract_payload_extract_signaturerr;verifyr)r&sr@decoderDsignature_segmentrBrCexcr<rAr?rErvr4s r)deserialize_compact$JsonWebSignature.deserialize_compactQs q6D++ +9: : > A/0xxa/@ ,M1>1D1DT11M . $$56  ##I.y$/ "?3 WoG&'89 zI 644Z#N   Mc : :I##! >34# = >s3C** D4 DDc0^^^^[T5mUUUU4Sjn[U[5(a,U"[R"U55n[ T5US'U$UVs/sHod"[R"U55PM nn[ T5US.$s snf)a.Generate a JWS JSON Serialization. The JWS JSON Serialization represents digitally signed or MACed content as a JSON object, per `Section 7.2`_. :param header_obj: A dict/list of header :param payload: A string/dict of payload :param key: Private key used to generate signature :return: JWSObject Example ``header_obj`` of JWS JSON Serialization:: { "protected: {"alg": "HS256"}, "header": {"kid": "jose"} } Pass a dict to generate flattened JSON Serialization, pass a list of header dict to generate standard JSON Serialization. c>T RU5 T RUR5 T RUR5 T R UTT5up[ UR5nSRUT /5n[URXB55n[U5[U5S.nURbURUS'U$)Nr8)r<rEheader) r9_reject_unprotected_critrZr:r<r;rr=rr>r) rA_alg_keyrBrDrErUr@r?rCr&s r)_sign.JsonWebSignature.serialize_json.._signs  * *: 6  ) )**;*; <  ' ' (<(< =44Z#NJD .z/C/C D  II'8/&JKM)$))M*HII((9:' 2B  ,)008 Ir,r?)r? signatures)r isinstancedictr from_dictr) r& header_objr?r@r^datahr`rCs ` `` @r)serialize_jsonJsonWebSignature.serialize_jsonws()1  * j$ ' ',,Z89D(9DOK=GHZeI//23Z H%o6jQQIs%Bc[US5nURS5nUc [S5e[U5n[ U5nU(aU"U5nSU;a4UR XEX5upg[ XeS5nU(aU$[U5e/n Sn USH3n UR XEX5upgU RU5 U(aM1Sn M5 [ XS5nU (aU$[U5e) aExact JWS JSON Serialization, and validate with the given key. If key is not provided, it will return a dict without signature verification. Header will still be validated. Via `Section 7.2`_. :param obj: text of JWS JSON Serialization :param key: key used to verify the signature :param decode: a function to decode payload data :return: JWSObject :raise: BadSignatureError .. _`Section 7.2`: https://tools.ietf.org/html/rfc7515#section-7.2 r.r?zMissing "payload" valuer`flatTFjson) rgetrrrN_validate_json_jwsrrappend) r&objr@rRrCr?rAvalidrUheadersis_validrds r)deserialize_json!JsonWebSignature.deserialize_jsons#u%''),  "78 8"?3"?3 WoG s " $ 7 7#! J:7B #B' 'l+J $ 7 7*! J NN: &5  ,w 0 I##r,c[U[[45(aURXU5$SU;aURXU5$UR XU5$)aGenerate a JWS Serialization. It will automatically generate a Compact or JSON Serialization depending on the given header. If a header is in a JSON header format, it will call :meth:`serialize_json`, otherwise it will call :meth:`serialize_compact`. :param header: A dict/list of header :param payload: A string/dict of payload :param key: Private key used to generate signature :return: byte/dict r<)ralisttuplergrF)r&rZr?r@s r) serializeJsonWebSignature.serializesV ftUm , ,&&v< < & &&v< <%%fs;;r,c[U[5(aURXU5$[U5nUR S5(a(UR S5(aURXU5$UR XU5$)aDeserialize JWS Serialization, both compact and JSON format. It will automatically deserialize depending on the given JWS. :param s: text of JWS Compact/JSON Serialization :param key: key used to verify the signature :param decode: a function to decode payload data :return: dict :raise: BadSignatureError If key is not provided, it will still deserialize the serialization without verification. {})rarbrsr startswithendswithrV)r&rQr@rRs r) deserializeJsonWebSignature.deserializesp a  ((8 8 QK <<  !**T"2"2((8 8''77r,c>SU;a [5eUSnURbX@R;a [5eX@R;a [5eURUn[ U5(a U"X5nOUc SU;aUSnUR U5nXS4$)Nrr)r r%r r1callable prepare_key)r&rZr?r@rr4s r)r;'JsonWebSignature._prepare_algorithm_keys  ') )Um    'C7G7G,G+- - .. .+- -,,S1 C==f&C [Uf_-C##C(~r,cURbOURR5nURUR5nUHnX2;dM [ U5e ggr#)r$!REGISTERED_HEADER_PARAMETER_NAMEScopyunionr )r&rZnamesks r)r9*JsonWebSignature._validate_private_headerssW  ,::??AEKK 5 56E>9!<< -r,c6U(aSU;a [S5egg)uGReject 'crit' when found in the unprotected header (RFC 7515 §4.1.11).r Nr )r&unprotected_headers r)r[)JsonWebSignature._reject_unprotected_crit s &,>">1&9 9#? r,chSU;aUSn[U[5(a[SU55(d [S5eURR 5nUR (aURUR 5nUH#nXC;a [U5eXA;dM[U5e gg)Nr c3B# UHn[U[5v M g7fr#)rastr).0xs r) :JsonWebSignature._validate_crit_headers..)s=,8q 1c""Ls) rarvallr rrr$rr )r&rZ crit_headersrrs r)r:'JsonWebSignature._validate_crit_headers%s V !&>LlD11=,8=::6f==::??AE$$ D$9$9:!>=a@@_=a@@ " r,c6URS5nU(d [S5eURS5nU(d [S5e[U5n[U5nURS5nU(a [ U[ 5(d [S5eUR U5 URU5 [Xx5n URXU5upSRXQ/5n [[U55n U RXU5(aU S4$U S 4$) Nr<zMissing "protected" valuerEzMissing "signature" valuerZzInvalid "header" valuer8TF) rlrrrMrarbr[r:rr;r=rOrP) r&rCr?rdr@rBrSr<rZrAr4rDrEs r)rm#JsonWebSignature._validate_json_jws6s&NN;7 9: :&NN;7 9: :$%67#$56 ) *VT2267 7 %%f- ##I.y1 44Z#N  #4"FG &x0A'BC   Mc : :t# #5  r,)r%r$)NNr#)__name__ __module__ __qualname____firstlineno__ frozensetrr!int__annotations__r1r* classmethodr5rFrVrgrsrxrr;r9r[r:rm__static_attributes__r,r)rrs}(1 )% %$&<< J:$$L1Rf0$d<$8*$ =: A"!r,rc"[U[5$r#)rr)header_segments r)rMrMUs .+ 66r,c$[U[S5$)NrErr)rSs r)rOrOYs ,k; GGr,c$[U[S5$)Nr?r)rCs r)rNrN]s ?K CCr,N)authlib.common.encodingrrrrauthlib.jose.errorsrrr r r r authlib.jose.utilrrrmodelsrrrrMrOrNrr,r)rsP2,.51+C?59),-!!D 7HDr,