k7id6SSKJr SSKJr SSKJr SSKJr SSKJr SSKJr SSKJ r SS KJ r SS KJ r SS KJ r "S S \5r g))add_params_to_uri) is_valid_url) BaseServer)AccessDeniedError)InvalidClientError)InvalidRequestError)InvalidTokenError)MethodNotAllowedError)MissingRequiredParameterError) OAuth1Errorc\rSrSr/SQrSrSrSrSrSr Sr SS jr S r SS jr S rSrSrSrSrSrSrSrg )AuthorizationServer))z Content-Typez!application/x-www-form-urlencoded)z Cache-Controlzno-store)Pragmazno-cachePOSTcHURUR5nX!lU$N)get_client_by_id client_idclient)selfrequestrs e/home/james-whalen/.local/lib/python3.13/site-packages/authlib/oauth1/rfc5849/authorization_server.py _get_clientAuthorizationServer._get_clients"&&w'8'89 c[5erNotImplementedErrorrrs rcreate_oauth1_request)AuthorizationServer.create_oauth1_request !##rc[5err)r status_codepayloadheaderss rhandle_response#AuthorizationServer.handle_responser$rctURURUR5UR55$r)r)r&get_body get_headers)rerrors rhandle_error_response)AuthorizationServer.handle_error_response"s2##   u~~/1B1B1D  rcURR5UR:wa [5eUR(d [ S5eUR nUR (d [ S5eUS:wa[U5(d [S5eURU5nU(d [5eURU5 URU5 U$)z0Validate HTTP request for temporary credentials.oauth_consumer_keyoauth_callbackoobzInvalid "oauth_callback" value) methodupperTEMPORARY_CREDENTIALS_METHODr rr redirect_urirr rrvalidate_timestamp_and_noncevalidate_oauth_signature)rrr3rs r&validate_temporary_credentials_request:AuthorizationServer.validate_temporary_credentials_request's >>   !T%F%F F') )  /0DE E!--##/0@A A U "<+G+G%&FG G!!'*$& & ))'2 %%g.rNc<URU5nURU5 UR U5nSUR 54SUR 54S/nURSX@R5$![anURU5sSnA$SnAff=f)aValidate temporary credentials token request and create response for temporary credentials token. Assume the endpoint of temporary credentials request is ``https://photos.example.net/initiate``: .. code-block:: http POST /initiate HTTP/1.1 Host: photos.example.net Authorization: OAuth realm="Photos", oauth_consumer_key="dpf43f3p2l4k3l03", oauth_signature_method="HMAC-SHA1", oauth_timestamp="137131200", oauth_nonce="wIjqoS", oauth_callback="http%3A%2F%2Fprinter.example.com%2Fready", oauth_signature="74KNZJeDHnMBp0EMJ9ZHt%2FXKycU%3D" The server validates the request and replies with a set of temporary credentials in the body of the HTTP response: .. code-block:: http HTTP/1.1 200 OK Content-Type: application/x-www-form-urlencoded oauth_token=hh5s93j4hdidpola&oauth_token_secret=hdhd0244k9j7ao03& oauth_callback_confirmed=true :param request: OAuth1Request instance. :returns: (status_code, body, headers) N oauth_tokenoauth_token_secret)oauth_callback_confirmedT) r"r;r r/create_temporary_credentialget_oauth_tokenget_oauth_token_secretr)TOKEN_RESPONSE_HEADERrrr. credentialr's r%create_temporary_credentials_response9AuthorizationServer.create_temporary_credentials_responseFs> 5009G  7 7 @55g> J668 9 !:#D#D#F G .  ##C2L2LMM 5--e4 4 5s"A66 BBBBcUR(d [S5eURU5nU(d [5eX!lU$)z6Validate the request for resource owner authorization.r>)tokenr get_temporary_credentialr rG)rrrGs rvalidate_authorization_request2AuthorizationServer.validate_authorization_requestss=}}/ > >227; #% %(rcURU5nURU5 URnUR5nU(aUS:Xa1UR 5nUR U5nUR 5nUc9[5n[XGR55nURSSSU4/5$X!l URU5n SUR4SU 4/n [XJ5nURSSSU4/5$)aValidate authorization request and create authorization response. Assume the endpoint for authorization request is ``https://photos.example.net/authorize``, the client redirects Jane's user-agent to the server's Resource Owner Authorization endpoint to obtain Jane's approval for accessing her private photos:: https://photos.example.net/authorize?oauth_token=hh5s93j4hdidpola The server requests Jane to sign in using her username and password and if successful, asks her to approve granting 'printer.example.com' access to her private photos. Jane approves the request and her user-agent is redirected to the callback URI provided by the client in the previous request (line breaks are for display purposes only):: http://printer.example.com/ready? oauth_token=hh5s93j4hdidpola&oauth_verifier=hfdp7dh39dks9884 :param request: OAuth1Request instance. :param grant_user: if granted, pass the grant user, otherwise None. :returns: (status_code, body, headers) r4i.Locationr>oauth_verifier)r"rMrGget_redirect_uri get_client_idrget_default_redirect_urirrr,r)usercreate_authorization_verifierrK) rr grant_usertemporary_credentialsr8rrr.locationverifierparamss rcreate_authorization_response1AuthorizationServer.create_authorization_responses,,,W5 ++G4 ' 2 2,==? |u4-;;=I**95F!:: '--03CX2NO$\:##Cz8.D-EFFrcUR(d [S5eURU5nU(d [5eUR(d [S5eUR U5nU(d [ 5eURRS5nU(d [S5eURU5(d [S5eX1l URU5 URU5 U$)z#Validate request for issuing token.r2r>rRzInvalid "oauth_verifier")rr rrrKrLr oauth_paramsgetcheck_verifierr rGr9r:)rrrrKr[s rvalidate_token_request*AuthorizationServer.validate_token_requests  /0DE E!!'*$& &}}/ > >--g6#% %''++,<=/0@A A##H--%&@A A" ))'2 %%g.rcURU5nURU5 UR U5nSUR 54SUR54/nUR U5 URSX@R5$![anURU5sSnA$SnAff=f![a,nUR U5 URU5sSnA$SnAff=f)anValidate token request and create token response. Assuming the endpoint of token request is ``https://photos.example.net/token``, the callback request informs the client that Jane completed the authorization process. The client then requests a set of token credentials using its temporary credentials (over a secure Transport Layer Security (TLS) channel): .. code-block:: http POST /token HTTP/1.1 Host: photos.example.net Authorization: OAuth realm="Photos", oauth_consumer_key="dpf43f3p2l4k3l03", oauth_token="hh5s93j4hdidpola", oauth_signature_method="HMAC-SHA1", oauth_timestamp="137131201", oauth_nonce="walatlh", oauth_verifier="hfdp7dh39dks9884", oauth_signature="gKgrFCywp7rO0OXSjdot%2FIHF7IU%3D" The server validates the request and replies with a set of token credentials in the body of the HTTP response: .. code-block:: http HTTP/1.1 200 OK Content-Type: application/x-www-form-urlencoded oauth_token=nnch734d00sl2jdk&oauth_token_secret=pfkkdhi9sl3r4s00 :param request: OAuth1Request instance. :returns: (status_code, body, headers) Nr>r?rA) r"r r/rcdelete_temporary_credentialcreate_token_credentialrCrDr)rErFs rcreate_token_response)AuthorizationServer.create_token_responsesD 5009G 5  ' ' 0 11': J668 9 !:#D#D#F G  ((1##C2L2LMM 5--e4 4 5  5  , ,W 5--e4 4 5s:BB/ B,B'!B,'B,/ C%9!C C% C%c[5e)aGenerate and save a temporary credential into database or cache. A temporary credential is used for exchanging token credential. This method should be re-implemented:: def create_temporary_credential(self, request): oauth_token = generate_token(36) oauth_token_secret = generate_token(48) temporary_credential = TemporaryCredential( oauth_token=oauth_token, oauth_token_secret=oauth_token_secret, client_id=request.client_id, redirect_uri=request.redirect_uri, ) # if the credential has a save method temporary_credential.save() return temporary_credential :param request: OAuth1Request instance :return: TemporaryCredential instance rr!s rrB/AuthorizationServer.create_temporary_credential *"##rc[5e)aGet the temporary credential from database or cache. A temporary credential should share the same methods as described in models of ``TemporaryCredentialMixin``:: def get_temporary_credential(self, request): key = "a-key-prefix:{}".format(request.token) data = cache.get(key) # TemporaryCredential shares methods from TemporaryCredentialMixin return TemporaryCredential(data) :param request: OAuth1Request instance :return: TemporaryCredential instance rr!s rrL,AuthorizationServer.get_temporary_credentials "##rc[5e)aDelete temporary credential from database or cache. For instance, if temporary credential is saved in cache:: def delete_temporary_credential(self, request): key = "a-key-prefix:{}".format(request.token) cache.delete(key) :param request: OAuth1Request instance rr!s rrf/AuthorizationServer.delete_temporary_credential%s "##rc[5e)acCreate and bind ``oauth_verifier`` to temporary credential. It could be re-implemented in this way:: def create_authorization_verifier(self, request): verifier = generate_token(36) temporary_credential = request.credential user_id = request.user.id temporary_credential.user_id = user_id temporary_credential.oauth_verifier = verifier # if the credential has a save method temporary_credential.save() # remember to return the verifier return verifier :param request: OAuth1Request instance :return: A string of ``oauth_verifier`` rr!s rrW1AuthorizationServer.create_authorization_verifier1rlrc[5e)aCreate and save token credential into database. This method would be re-implemented like this:: def create_token_credential(self, request): oauth_token = generate_token(36) oauth_token_secret = generate_token(48) temporary_credential = request.credential token_credential = TokenCredential( oauth_token=oauth_token, oauth_token_secret=oauth_token_secret, client_id=temporary_credential.get_client_id(), user_id=temporary_credential.get_user_id(), ) # if the credential has a save method token_credential.save() return token_credential :param request: OAuth1Request instance :return: TokenCredential instance rr!s rrg+AuthorizationServer.create_token_credentialHs ,"##rr)__name__ __module__ __qualname____firstlineno__rEr7rr"r)r/r;rHrMr]rcrhrBrLrfrWrg__static_attributes__rurrrrsc $*  $$ >+NZ +GZ83Nj$.$ $$.$rrN)authlib.common.urlsrr base_serverrerrorsrrr r r r r rrurrr~s11,#%&'%)1P$*P$r