qh|]SSKrSSKJrJr SSKJrJr SSKJr SSKJrJ r SSK r \R"\ 5r "SS\5r"SS \ R 5rg) N)generate_token urldecode)WebApplicationClientInsecureTransportError)LegacyApplicationClient)TokenExpiredErroris_secure_transportc(^\rSrSrU4SjrSrU=r$) TokenUpdated c6>[[U] 5 XlgN)superr __init__token)selfr __class__s R/var/www/html/env/lib/python3.13/site-packages/requests_oauthlib/oauth2_session.pyrTokenUpdated.__init__ s lD*, r)__name__ __module__ __qualname____firstlineno__r__static_attributes__ __classcell__rs@rr r s rr c^\rSrSrSrSU4Sjjr\S5r\RS5rSr \S5r \ RS5r \ RS 5r \S 5r \ RS 5r \S 5r \ RS 5r \ RS5r \S5rSSjrSSjrSrSSjrSU4SjjrSrSrU=r$) OAuth2SessionaVersatile OAuth 2 extension to :class:`requests.Session`. Supports any grant type adhering to :class:`oauthlib.oauth2.Client` spec including the four core OAuth 2 grants. Can be used to create authorization urls, fetch tokens and access protected resources using the :class:`requests.Session` interface you are used to. - :class:`oauthlib.oauth2.WebApplicationClient` (default): Authorization Code Grant - :class:`oauthlib.oauth2.MobileApplicationClient`: Implicit Grant - :class:`oauthlib.oauth2.LegacyApplicationClient`: Password Credentials Grant - :class:`oauthlib.oauth2.BackendApplicationClient`: Client Credentials Grant Note that the only time you will be using Implicit Grant from python is if you are driving a user agent able to obtain URL fragments. c  >[[U] "S0U D6 U=(d [XS9UlU=(d 0UlXPlX`lU=(d [Ul Xl X0l U=(d 0Ul Xl XlURS;a/[SR!UR"UR55eSUl['5['5['5['5['5S.Ulg)aConstruct a new OAuth 2 client session. :param client_id: Client id obtained during registration :param client: :class:`oauthlib.oauth2.Client` to be used. Default is WebApplicationClient which is useful for any hosted application but not mobile or desktop. :param scope: List of scopes you wish to request access to :param redirect_uri: Redirect URI you registered as callback :param token: Token dictionary, must include access_token and token_type. :param state: State string used to prevent CSRF. This will be given when creating the authorization url and must be supplied when parsing the authorization response. Can be either a string or a no argument callable. :auto_refresh_url: Refresh token endpoint URL, must be HTTPS. Supply this if you wish the client to automatically refresh your access tokens. :auto_refresh_kwargs: Extra arguments to pass to the refresh token endpoint. :token_updater: Method with one argument, token, to be used to update your token database on automatic token refresh. If not set a TokenUpdated warning will be raised when a token has been refreshed. This warning will carry the token in its token argument. :param pkce: Set "S256" or "plain" to enable PKCE. Default is disabled. :param kwargs: Arguments to pass to the Session constructor. r)S256plainNzWrong value for {}(.., pkce={})cU$r)rs r(OAuth2Session.__init__..^sar)access_token_responserefresh_token_responseprotected_requestrefresh_token_requestaccess_token_requestNr&)rr rr_clientr_scope redirect_urirstate_stateauto_refresh_urlauto_refresh_kwargs token_updater_pkceAttributeErrorformatrauthsetcompliance_hook) r client_idclientr4r5scoper1rr2r6pkcekwargsrs rrOAuth2Session.__init__$sR mT+5f5M!5i!M [b  (,n  0#6#<" * ::4 4 !B!I!I$..Z^ZdZd!ef f  &)U&)e!$%(U$'E  rc|URb UR$URbURR$g)zBBy default the scope from the client is used, except if overriddenN)r0r/r?rs rr?OAuth2Session.scopejs5 ;; ";;  \\ %<<%% %rcXlgr)r0)rr?s rr?rEts rcUR5Ul[RSUR5 UR$![a? URUl[RSUR5 UR$f=f)z6Generates a state string to be used in authorizations.zGenerated new state %s.z&Re-using previously supplied state %s.)r2r3logdebug TypeErrorrDs r new_stateOAuth2Session.new_statexso M**,DK II/ ={{ M**DK II> L{{ Ms5A;B  B c0[URSS5$)Nr=getattrr/rDs rr=OAuth2Session.client_idst||[$77rc$XRlgrr/r=rvalues rr=rPs !& rcUR?grrRrDs rr=rPs LL "rc0[URSS5$)NrrNrDs rrOAuth2Session.tokenst||Wd33rcZXRlURRU5 gr)r/rpopulate_token_attributesrSs rrrWs"  ..u5rc0[URSS5$)N access_tokenrNrDs rr[OAuth2Session.access_tokenst||^T::rc$XRlgrr/r[rSs rr[r\s $) !rcUR?grr^rDs rr[r\s LL %rc,[UR5$)aPBoolean that indicates whether this session has an OAuth token or not. If `self.authorized` is True, you can reasonably expect OAuth-protected requests to the resource to succeed. If `self.authorized` is False, you need the user to go through the OAuth authentication dance before OAuth-protected requests to the resource will succeed. )boolr[rDs r authorizedOAuth2Session.authorizedsD%%&&rc U=(d UR5nUR(a`URRS5UlURUS'URR URURS9US'URR "U4URURUS.UD6U4$)aForm an authorization URL. :param url: Authorization endpoint url, must be HTTPS. :param state: An optional state string for CSRF protection. If not given it will be generated for you. :param kwargs: Extra parameters to include. :return: authorization_url, state +code_challenge_method) code_verifierrfcode_challenge)r1r?r2) rKr7r/create_code_verifier_code_verifiercreate_code_challengeprepare_request_urir1r?)rurlr2rAs rauthorization_urlOAuth2Session.authorization_urls)) ::"&,,"C"CB"GD .2jjF* +'+||'I'I"11&*jj(J(F# $ LL , , !..jj        rc [U5(d [5eU(dAU(a:URRX0RS9 URR nONU(dG[ UR[5(a(URR nU(d [S5eUR(a'URc [S5eURUS'[ UR[5(aUc [S5eUc [S5eUbUUS'UbUUS'UbUcS nOUUS LaPURnU(a=[RS U5 UbUOS n[R R#UU5nU(aUbUUS 'URR$"S$UUUR&US.UD6nU =(d SSS.n 0Ul0nUR+5S:Xa![-[/U55UU (aSOS'O7UR+5S:Xa[-[/U55US'O [S5eUR0SH%n[RSU5 U"XU5upnM' UR2"S$UUU U UU U US.UD6n[RSUR45 [RSUR2R65 [RSUR2R85 [RSUR2R:5 [RSUR8UR<5 [RS[?UR0S 55 UR0S H!n[RS!U5 U"U5nM# URRAUR<URBS"9 URR(Ul[RS#UR(5 UR($)%a Generic method for fetching an access token from the token endpoint. If you are using the MobileApplicationClient you will want to use `token_from_fragment` instead of `fetch_token`. The current implementation enforces the RFC guidelines. :param token_url: Token endpoint URL, must use HTTPS. :param code: Authorization code (used by WebApplicationClients). :param authorization_response: Authorization response URL, the callback URL of the request back to you. Used by WebApplicationClients instead of code. :param body: Optional application/x-www-form-urlencoded body to add the include in the token request. Prefer kwargs over body. :param auth: An auth tuple or method as accepted by `requests`. :param username: Username required by LegacyApplicationClients to appear in the request body. :param password: Password required by LegacyApplicationClients to appear in the request body. :param method: The HTTP method used to make the request. Defaults to POST, but may also be GET. Other methods should be added as needed. :param force_querystring: If True, force the request body to be sent in the querystring instead. :param timeout: Timeout of the request in seconds. :param headers: Dict to default request headers with. :param verify: Verify SSL certificate. :param proxies: The `proxies` argument is passed onto `requests`. :param include_client_id: Should the request body include the `client_id` parameter. Default is `None`, which will attempt to autodetect. This can be forced to always include (True) or never include (False). :param client_secret: The `client_secret` paired to the `client_id`. This is generally required unless provided in the `auth` tuple. If the value is `None`, it will be omitted from the request, however if the value is an empty string, an empty string will be sent. :param cert: Client certificate to send for OAuth 2.0 Mutual-TLS Client Authentication (draft-ietf-oauth-mtls). Can either be the path of a file containing the private key and certificate or a tuple of two filenames for certificate and key. :param kwargs: Extra parameters to include in the token request. :return: A token dict r2z?Please supply either code or authorization_response parameters.zFCode verifier is not found, authorization URL must be generated beforergzQ`LegacyApplicationClient` requires both the `username` and `password` parameters.zGThe required parameter `username` was supplied, but `password` was not.usernamepasswordFTzIEncoding `client_id` "%s" with `client_secret` as Basic auth credentials. client_secret)codebodyr1include_client_idapplication/json!application/x-www-form-urlencodedAcceptz Content-TypePOSTparamsdataGETz%The method kwarg must be POST or GET.r.z&Invoking access_token_request hook %s.)methodrmtimeoutheadersr:verifyproxiescertz0Request to fetch token completed with status %s.zRequest url was %szRequest headers were %szRequest body was %s(Response headers were %s and content %s.!Invoking %d token response hooks.r*Invoking hook %s.r?zObtained token %s.r&)"r rr/parse_request_uri_responser3rv isinstancer ValueErrorr7rjrr=rHrIrequestsr: HTTPBasicAuthprepare_request_bodyr1rupperdictrr<request status_codermrrwtextlenparse_request_body_responser?)r token_urlrvauthorization_responserwr:rrrsrforce_querystringrrrrrxrurrAr=request_kwargshookr's r fetch_tokenOAuth2Session.fetch_tokensB#9--(* *. LL 3 3&kk 4 <<$$D*T\\3GHH<<$$D X ::""* \'+&9&9F? # dll$; < < < .  !)F:   !)F:    !($)!!, NN II5! 6C5NMTVM#==66y-PD (*7'||00 **/     (?   <<>V #HL$IN'88f E\\^u $'+IdO' E15N2 .IA LL    DammT & 6 +QYY->->? '8  (()@AD II)4 0QAB 00tzz0J\\''  & 3zzrcURRXRS9 URRUlUR$)zParse token from the URI fragment, used by MobileApplicationClients. :param authorization_response: The full URL of the redirect back to you :return: A token dict rq)r/rr3r)rrs rtoken_from_fragment!OAuth2Session.token_from_fragments? // "++ 0 \\'' zzrc U(d [S5e[U5(d [5eU=(d URR S5n[ R SUR5 U RUR5 URR"SX2URS.U D6n[ R SU5 UcSSS.nURS H%n [ R S U 5 U "XU5upnM' URU[[U55UUUUS US 9n [ R S U R 5 [ R SU R"U R$5 [ R S['URS55 URSH!n [ R SU 5 U "U 5n M# URR)U R$URS9UlSUR;a#[ R S5 X RS'UR$)aFetch a new access token using a refresh token. :param token_url: The token endpoint, must be HTTPS. :param refresh_token: The refresh_token to use. :param body: Optional application/x-www-form-urlencoded body to add the include in the token request. Prefer kwargs over body. :param auth: An auth tuple or method as accepted by `requests`. :param timeout: Timeout of the request in seconds. :param headers: A dict of headers to be used by `requests`. :param verify: Verify SSL certificate. :param proxies: The `proxies` argument will be passed to `requests`. :param kwargs: Extra parameters to include in the token request. :return: A token dict z'No token endpoint set for auto_refresh. refresh_tokenz*Adding auto refresh key word arguments %s.)rwrr?z&Prepared refresh token request body %sryrzr{r-z'Invoking refresh_token_request hook %s.T)rr:rrrwithhold_tokenrz2Request to refresh token completed with status %s.rrr+rrz)No new refresh token given. Re-using old.r&)rr rrgetrHrIr5updater/prepare_refresh_bodyr?r<postrrrrrrr) rrrrwr:rrrrrArr's rrOAuth2Session.refresh_tokens4FG G"9--(* *%H)H  8$:R:R   d../||00 $** HN  :DA ?,!DG (()@AD II? F'+I'E $IB II io&   F V  ? (()ABD II)4 0QAC\\==affDJJ=W $** , IIA B*7JJ 'zzrc  >[U5(d [5eUR(aU(d[R S[ UR S55 UR SH%n [R SU 5 U "X$U5up$nM' [R SUR5 URRX!X4S9up$n[R S X!5 [R S XC5 [R S U 5 [$[&U]R"X4XCUS.U D6$![Ga UR(Ga[R SUR5 U RSS5n U(a?U(a8U c5[R S U5 [RRXg5n UR"UR4SU 0U D6n UR (aQ[R S XR 5 UR!U 5 URRX!X4S9up$nGNp[#U 5eef=f)z ,,-@A -t4%)#%="dB II3TZZ @" %)\\%;%;$&<&"dF 6D 4gD :FC]D1  !(5 DJ  E% (((IIK-- "::fd3D ]  c% (}}::9T ..--48#   #Ob   MfB H22rr )loggingoauthlib.commonrroauthlib.oauth2rrrrr r getLoggerrrHWarningr Sessionr r&rrrsG5H3B !7 y2H$$y2r