U 6³dÈã@s‚dZddlZddlZddlZddlZddlZddlmZGdd„dejƒZ Gdd„de ƒZ e  ej ¡Gdd „d e ƒƒZd d „ZdS) a'OAuth 2.0 Utilities. This module provides implementations for various OAuth 2.0 utilities. This includes `OAuth error handling`_ and `Client authentication for OAuth flows`_. OAuth error handling -------------------- This will define interfaces for handling OAuth related error responses as stated in `RFC 6749 section 5.2`_. This will include a common function to convert these HTTP error responses to a :class:`google.auth.exceptions.OAuthError` exception. Client authentication for OAuth flows ------------------------------------- We introduce an interface for defining client authentication credentials based on `RFC 6749 section 2.3.1`_. This will expose the following capabilities: * Ability to support basic authentication via request header. * Ability to support bearer token authentication via request header. * Ability to support client ID / secret authentication via request body. .. _RFC 6749 section 2.3.1: https://tools.ietf.org/html/rfc6749#section-2.3.1 .. _RFC 6749 section 5.2: https://tools.ietf.org/html/rfc6749#section-5.2 éN)Ú exceptionsc@seZdZdZdZdS)ÚClientAuthTypeééN)Ú__name__Ú __module__Ú __qualname__ÚbasicÚ request_body©r r ú7/tmp/pip-unpacked-wheel-h3lf9jv9/google/oauth2/utils.pyr7src@seZdZdZddd„ZdS)ÚClientAuthenticationz“Defines the client authentication credentials for basic and request-body types based on https://tools.ietf.org/html/rfc6749#section-2.3.1. NcCs||_||_||_dS)a€Instantiates a client authentication object containing the client ID and secret credentials for basic and response-body auth. Args: client_auth_type (google.oauth2.oauth_utils.ClientAuthType): The client authentication type. client_id (str): The client ID. client_secret (Optional[str]): The client secret. N)Úclient_auth_typeÚ client_idÚ client_secret)Úselfrrrr r r Ú__init__As zClientAuthentication.__init__)N)rrrÚ__doc__rr r r r r <sr cs>eZdZdZd ‡fdd„ Zd dd„Zd dd„Zd d „Z‡ZS)ÚOAuthClientAuthHandlerzUAbstract class for handling client authentication in OAuth-based operations. Ncstt|ƒ ¡||_dS)zîInstantiates an OAuth client authentication handler. Args: client_authentication (Optional[google.oauth2.utils.ClientAuthentication]): The OAuth client authentication credentials if available. N)ÚsuperrrÚ_client_authentication)rZclient_authentication©Ú __class__r r rVszOAuthClientAuthHandler.__init__cCs"| ||¡|dkr| |¡dS)a¼Applies client authentication on the OAuth request's headers or POST body. Args: headers (Mapping[str, str]): The HTTP request header. request_body (Optional[Mapping[str, str]]): The HTTP request body dictionary. For requests that do not support request body, this is None and will be ignored. bearer_token (Optional[str]): The optional bearer token. N)Ú_inject_authenticated_headersÚ"_inject_authenticated_request_body)rÚheadersr Ú bearer_tokenr r r Ú#apply_client_authentication_options`s z:OAuthClientAuthHandler.apply_client_authentication_optionscCsl|dk rd||d<nR|jdk rh|jjtjkrh|jj}|jjp@d}t d||f ¡¡  ¡}d||d<dS)Nz Bearer %sÚ AuthorizationÚz%s:%szBasic %s) rrrr rrÚbase64Ú b64encodeÚencodeÚdecode)rrrÚusernameÚpasswordÚ credentialsr r r rssÿ þ ÿz4OAuthClientAuthHandler._inject_authenticated_headerscCsL|jdk rH|jjtjkrH|dkr,t d¡‚n|jj|d<|jjpBd|d<dS)Nz*HTTP request does not support request-bodyrrr)rrrr rÚ OAuthErrorrr)rr r r r r‚sÿÿþÿ  ÿz9OAuthClientAuthHandler._inject_authenticated_request_body)N)NN)N) rrrrrrrrÚ __classcell__r r rr rPs ÿ  rc Cs–zhg}t |¡}| d |d¡¡d|kr@| d |d¡¡d|kr\| d |d¡¡d |¡}Wnttfk r„|}YnXt ||¡‚dS) zÕTranslates an error response from an OAuth operation into an OAuthError exception. Args: response_body (str): The decoded response data. Raises: google.auth.exceptions.OAuthError z Error code {}ÚerrorZerror_descriptionz: {}Z error_uriz - {}rN) ÚjsonÚloadsÚappendÚformatÚjoinÚKeyErrorÚ ValueErrorrr')Z response_bodyZerror_componentsZ error_dataZ error_detailsr r r Úhandle_error_response“s   r1)rÚabcr Úenumr*ÚsixZ google.authrÚEnumrÚobjectr Ú add_metaclassÚABCMetarr1r r r r Ús  B