i#PSSKrSSKJrJr SSKJrJrJr SSKJ r SSK J r SSK J r SSKJr SSKJr SS KJr SS KJr S \R,\R.\\\R2\4S \R,\S \S\S\R,\S\S\S\S\S\R4S\4SjrSSSSS\R8S\R:4S \R,\R.\\\R2\4S \R,\S \S\S\R,\S\S\S\S\R4S\4SjjrSSS\R8S\R:4SS.S \S\S\R,\S\S\S\S\R,\R.\\\R2\4S\R4S\4Sjjjrg)N) ContextProxy ContextReq) CredentialNTLMHashunify_credentials) CredSSPProxy) GSSAPIProxy)NegotiateProxy) NTLMProxy) SSPIProxy)GssChannelBindings)NegotiateOptionsusernamepasswordhostnameservicechannel_bindings context_reqprotocoloptionsusagekwargsreturnc UR5n [X5n [R"US9n [R"US9n [ R [ R-[ R-[ R-nX~-S:gn[5nU H<n[U[5(dMURS5 URS5 M> U(a!UHnXl;dM U RU5 M U S:Xa[nOU[ R -(d U(d X;a[nOU[ R-(dU(dU S:XdX;a[nOpU[ R-(d U(d U S:Xa[ nODU[ R-(d U(dU S:XaU S:XaSOU n ["nO[%SU-5eU"S U SUUUUUU US. U D6$) N)rr negotiatentlmcredsspkerberoszEInvalid protocol specified '%s', must be kerberos, negotiate, or ntlm) rrrrrrrrr)lowerrr available_protocolsr ruse_sspi use_gssapi use_negotiateuse_ntlmset isinstanceraddremoverr r ValueError)rrrrrrrrrrproto credentialssspi_protocolsgssapi_protocols use_flags use_specified sspi_removecredproxys E/home/james-whalen/.local/lib/python3.13/site-packages/spnego/auth.py _new_contextr5s NN E#H7K227CN"66wG !!  % % &  ( ( )  # # $ '1,M%K dH % % OOK ( OOF #  #H)%%h/$  #,, ,]uG^ #.. . u 2e6O #11 1-EU`L` #,, ,]uPV;.E`ckkll  )     unspecifiedhostrc "[XX#XEXgS4 0UD6$)a Create a client context to be used for authentication. Credentials can be provides in 3 different ways: * omitted entirely * `username` set to a string with an optional password * `username` set to a single or list of :class:`Credential` objects If the credential is omitted the authentication protocol will use a protocol specific mechanism to find the credential in some cache. If no cache or credentials are found an exception is raised. If `username` is a string but `password` is not defined then the provider specific cache is used but for the principal specified. If `password` is specified then a new credential is retrieved using the username/password combiniation. Using both `username` and `password` is the same as using :class:`Password` as a credential. If `username` is a, or list of, `Credential` object the object(s) are passed into the authentication implementation for use. The behaviour of these credentials are defined by the authentication protocol implementation that uses the credential(s). Currently the :class:`Passowrd` credential is supported by all authentication protocols and is the same as specifying the username/password as separate arugments. The ``negotiate`` protocol can be given a list of credentials for each of the sub auth protocols it negotiates to use. For example to have Negotiate use a Kerberos CCache for Kerberos and an NT/LM hash value for NTLM the following can be specified:: import spnego credential = [ spnego.KerberosCCache(ccache="FILE:/tmp/my-ccache"), spnego.NTLMHash( username="user", nt_hash="8ADB9B997580D69E69CAA2BBB68F4697", ) ] client = spnego.auth(credential, hostname="server") In the example above, the negotiate protocol will attempt use the CCache for Kerberos auth and fallback to the NT/LM hash for NTLM auth if Kerberos fails. If a credential for a specific sub protocol is not available then Negotiate will move onto the next available one. Args: username: The username/credential(s) to authenticate with. Certain providers can use a cache if omitted. password: The password to authenticate with. Should only be specified when username is a string. hostname: The principal part of the SPN. This is required for Kerberos auth to build the SPN. service: The service part of the SPN. This is required for Kerberos auth to build the SPN. channel_bindings: The optional :class:`spnego.channel_bindings.GssChannelBindings` for the context. context_req: The :class:`spnego.ContextReq` flags to use when setting up the context. protocol: The protocol to authenticate with, can be `ntlm`, `kerberos`, `negotiate`, or `credssp`. options: The :class:`spnego.NegotiateOptions` that define pyspnego specific options to control the negotiation. kwargs: Optional arguments to pass through to the authentiction context. Returns: ContextProxy: The context proxy for a client. initiater5) rrrrrrrrrs r4clientr<bs'N H/?hak ou r6)r,r,c $[USXX#XES4 0UD6$)aDCreate a server context to be used for authentication. It is only possible to specify a credential when running on Windows and using Kerberos either through Negotiate or Kerberos directly. Other platforms and protocols may be supported in the future. Args: hostname: The principal part of the SPN. This is required for Kerberos auth to build the SPN. service: The service part of the SPN. This is required for Kerberos auth to build the SPN. channel_bindings: The optional :class:`spnego.channel_bindings.GssChannelBindings` for the context. context_req: The :class:`spnego.ContextReq` flags to use when setting up the context. protocol: The protocol to authenticate with, can be `ntlm`, `kerberos`, `negotiate`, or `credssp`. options: The :class:`spnego.NegotiateOptions` that define pyspnego specific options to control the negotiation. credentials: A credential or list or credentials to use with the server auth context. kwargs: Optional arguments to pass through to the authentiction context. Returns: ContextProxy: The context proxy for a client. Nacceptr;)rrrrrrr,rs r4serverr?s(< T8.>X`h lr r6) typingspnego._contextrrspnego._credentialrrrspnego._credsspr spnego._gssr spnego._negotiater spnego._ntlmr spnego._sspir spnego.channel_bindingsr spnego.exceptionsrOptionalUnionstrListAnyr5defaultnoner<r?rr6r4rQsf4FF(#,""6.Noofll3 FKK