# h:SSKrSSKrSSKrSSKrSSKr\R "\5rSrSr "SS\ 5r "SS\ 5r "SS \ 5r \ r\ r\ R \lg) Nc4URSS9$! Us$=f)Nzutf-8)encoding)encode)raws J/var/www/html/env/lib/python3.13/site-packages/msal/oauth2cli/assertion.py _str2bytesr s$zz7z++ scr[R"[R"U55R 5$N)base64urlsafe_b64encodebinasciia2b_hexdecode) thumbprints r_encode_thumbprintrs'  # #H$4$4Z$@ A H H JJc.\rSrSrSSjrSSjrSrg)AssertionCreatorNc [S5e)a Create an assertion in bytes, based on the provided claims. All parameter names are defined in https://tools.ietf.org/html/rfc7521#section-5 except the expires_in is defined here as lifetime-in-seconds, which will be automatically translated into expires_at in UTC. z Will be implemented by sub-class)NotImplementedError) selfaudienceissuersubject expires_at expires_in issued_at assertion_idkwargss rcreate_normal_assertion(AssertionCreator.create_normal_assertions""DEErc D^[XX4U4U4Sjj[US- S5S9$)zCreate an assertion as a callable, which will then compute the assertion later when necessary. This is a useful optimization to reuse the client assertion. c0>TR"XU4SU0UD6$)Nr)r!)aiser rs r@AssertionCreator.create_regenerative_assertion..)s,,Q1MMfMr<r)r) AutoRefreshermax)rrrrrr s` rcreate_regenerative_assertion.AssertionCreator.create_regenerative_assertion!s-7 N:b=!,. .r)NXNN)Nr1)__name__ __module__ __qualname____firstlineno__r!r.__static_attributes__r0rrrrsIL)- F>A .rrc(\rSrSrSrSSjrSrSrg)r,.zCache the output of a factory, and auto-refresh it when necessary. Usage:: r = AutoRefresher(time.time, expires_in=5) for i in range(15): print(r()) # the timestamp change only after every 5 seconds time.sleep(1) c*XlX l0Ulgr )_factory _expires_in_buf)rfactoryrs r__init__AutoRefresher.__init__6s % rcHSup[R"5nURRUS5U::a:[R S5 X R 5XUR -0UlO[R S5 URRU5$)N)rvaluerzRegenerating new assertionzReusing still valid assertion)timer<getloggerdebugr:r;)r EXPIRES_ATVALUEnows r__call__AutoRefresher.__call__:sv1 iik 99==Q '3 . LL5 6 4CSCS=STDI LL8 9yy}}U##r)r<r;r:N)i)r2r3r4r5__doc__r>rIr6r0rrr,r,.s$rr,c8\rSrSrSSS.SjjrSSjrSrg) JwtAssertionCreatorEN)sha256_thumbprintcXlX lU=(d 0UlU(a[U5URS'U(a[U5URS'gg)aConstruct a Jwt assertion creator. Args: key (str): An unencrypted private key for signing, in a base64 encoded string. It can also be a cryptography ``PrivateKey`` object, which is how you can work with a previously-encrypted key. See also https://github.com/jpadilla/pyjwt/pull/525 algorithm (str): "RS256", etc.. See https://pyjwt.readthedocs.io/en/latest/algorithms.html RSA and ECDSA algorithms require "pip install cryptography". sha1_thumbprint (str): The x5t aka X.509 certificate SHA-1 thumbprint. headers (dict): Additional headers, e.g. "kid" or "x5c" etc. sha256_thumbprint (str): The x5t#S256 aka X.509 certificate SHA-256 thumbprint. zx5t#S256x5tN)key algorithmheadersr)rrRrSsha1_thumbprintrTrOs rr>JwtAssertionCreator.__init__FsK*"}" '9:K'LDLL $ "4_"EDLL  rc @SSKn [R"5n UUU=(d UU=(d X-U=(d U U=(d [[R"55S.n U(aXS'U R U =(d 05 U R XRURURS9n[U5$! URRS5(d URRS5(a[RS5 e=f) zCreate a JWT Assertion. Parameters are defined in https://tools.ietf.org/html/rfc7523#section-3 Key-value pairs in additional_claims will be added into payload as-is. rN)audisssubexpiatjtinbf)rSrTRSESzSome algorithms requires "pip install cryptography". See https://pyjwt.readthedocs.io/en/latest/installation.html#cryptographic-dependencies-optional)jwtrBstruuiduuid4updaterrRrSrTr startswithrD exception)rrrrrrrr not_beforeadditional_claimsr rarHpayload str_or_bytess rr!+JwtAssertionCreator.create_normal_assertioncs iik$f3#"2#43tzz|#4  'EN(.B/ ::T^^T\\&SLl+ + ~~((..$..2K2KD2Q2Q  wx s 9CAD)rSrTrR)NN)NNr1NNNN)r2r3r4r5r>r!r6r0rrrMrMEs(<@FF<OR:>"rrM)rBr r rclogging getLoggerr2rDrrobjectrr,rMSigner JwtSignerr!sign_assertionr0rrrssq     8 $K.v.2$F$.=*=B   .FF r