o ahA@sdZddlZddlZddlZddlmZddlmZm Z m Z m Z m Z ddl mZmZeeZdZdZdZeZd Zd Zd ZeZd ZeeeeeeefZd ZdZdZdZ GdddZ!dS)a oauthlib.oauth1.rfc5849 ~~~~~~~~~~~~~~ This module is an implementation of various logic needed for signing and checking OAuth 1.0 RFC 5849 requests. It supports all three standard signature methods defined in RFC 5849: - HMAC-SHA1 - RSA-SHA1 - PLAINTEXT It also supports signature methods that are not defined in RFC 5849. These are based on the standard ones but replace SHA-1 with the more secure SHA-256: - HMAC-SHA256 - RSA-SHA256 N)Requestgenerate_noncegenerate_timestamp to_unicode urlencode) parameters signaturez HMAC-SHA1z HMAC-SHA256z HMAC-SHA512zRSA-SHA1z RSA-SHA256z RSA-SHA512 PLAINTEXT AUTH_HEADERQUERYBODY!application/x-www-form-urlencodedc@seZdZdZeejeeje ej e ej e ejeejeejiZeddZddddeedddddddf ddZdd Zd d Zd d ZdddZdddZdS)Clientz2A client used to sign OAuth 1.0 RFC 5849 requests.cCs||j|<dSN)SIGNATURE_METHODS)cls method_namemethod_callbackrB/usr/lib/python3/dist-packages/oauthlib/oauth1/rfc5849/__init__.pyregister_signature_methodWsz Client.register_signature_methodNutf-8csfdd}|||_|||_|||_|||_|||_|||_|||_|||_|| |_|| |_ ||_ || |_ || |_ |||_ dS)aCreate an OAuth 1 client. :param client_key: Client key (consumer key), mandatory. :param resource_owner_key: Resource owner key (oauth token). :param resource_owner_secret: Resource owner secret (oauth token secret). :param callback_uri: Callback used when obtaining request token. :param signature_method: SIGNATURE_HMAC, SIGNATURE_RSA or SIGNATURE_PLAINTEXT. :param signature_type: SIGNATURE_TYPE_AUTH_HEADER (default), SIGNATURE_TYPE_QUERY or SIGNATURE_TYPE_BODY depending on where you want to embed the oauth credentials. :param rsa_key: RSA key used with SIGNATURE_RSA. :param verifier: Verifier used when obtaining an access token. :param realm: Realm (scope) to which access is being requested. :param encoding: If you provide non-unicode input you may use this to have oauthlib automatically convert. :param decoding: If you wish that the returned uri, headers and body from sign be encoded back from unicode, then set decoding to your preferred encoding, i.e. utf-8. :param nonce: Use this nonce instead of generating one. (Mainly for testing) :param timestamp: Use this timestamp instead of using current. (Mainly for testing) csrt|S|Sr)r)xencodingrr|sz!Client.__init__..N) client_key client_secretresource_owner_keyresource_owner_secretsignature_methodsignature_type callback_urirsa_keyverifierrealmrdecodingnonce timestamp)selfrrrr r#r!r"r$r%r&rr'r(r)encoderrr__init__[s !             zClient.__init__cCspt|}|dr dnd|d<|drdnd|d<|dr dnd|d<ddd|D}d|jj|S) Nrz****r$r z, css |] \}}d||VqdS)z{}={}N)format).0kvrrr sz"Client.__repr__..z<{} {}>)varscopyjoinitemsr- __class____name__)r*attrs attribute_strrrr__repr__s zClient.__repr__c Cs|jtkr t|j|jS||\}}}tjt|j ||d}t d |t |}t||dd}t d |t d |t|j||}t d ||j|jvrbtd|j|j||} t d | | S) awGet an OAuth signature to be used in signing a request To satisfy `section 3.4.1.2`_ item 2, if the request argument's headers dict attribute contains a Host item, its value will replace any netloc part of the request argument's uri attribute value. .. _`section 3.4.1.2`: https://tools.ietf.org/html/rfc5849#section-3.4.1.2 ) uri_querybodyheaderszCollected params: {}HostNzNormalized params: {}zNormalized URI: {}z"Signing: signature base string: {}zInvalid signature method.z Signature: {})r!SIGNATURE_PLAINTEXTr sign_plaintextrr _rendercollect_parametersurlparsequerylogdebugr-normalize_parametersbase_string_urigetsignature_base_string http_methodr ValueError) r*requesturir=r<collected_paramsnormalized_paramsnormalized_uri base_stringsigrrrget_oauth_signatures0    zClient.get_oauth_signaturec Cs|jdurtn|j}|jdurtn|j}d|fd|fdd|jfd|jfg}|jr2|d|jf|jr=|d|jf|j rH|d |j f|j d d}|oW| d d k}|j duru|ru|d tt|j ddf|S)zMGet the basic OAuth parameters to be used in generating a signature. N oauth_nonceoauth_timestamp) oauth_versionz1.0oauth_signature_methodoauth_consumer_key oauth_tokenoauth_callbackoauth_verifier Content-Typerroauth_body_hashr)r(rr)rr!rrappendr#r%r=rIfindr<base64 b64encodehashlibsha1r+digestdecode)r*rMr(r)params content_typecontent_type_eligiblerrrget_oauth_paramss2   ,zClient.get_oauth_paramsFcCs|j|j|j}}}|jtkrtj|j|j|d}n/|jtkr8|j dur8t |j|j }|r3t |}d|d<n|jt krFt |j|j}ntd|||fS)aRender a signed request according to signature type Returns a 3-tuple containing the request URI, headers, and body. If the formencode argument is True and the body contains parameters, it is escaped and returned as a valid formencoded string. )r&Nrr]z!Unknown signature type specified.)rNr=r<r"SIGNATURE_TYPE_AUTH_HEADERrprepare_headers oauth_paramsSIGNATURE_TYPE_BODY decoded_bodyprepare_form_encoded_bodyrSIGNATURE_TYPE_QUERYprepare_request_uri_queryrL)r*rM formencoder&rNr=r<rrrrAs$     zClient._renderGETcCsbt|||||jd}|jdd}|o|d}|tk} |jdu} |r)| r)td| r1| s1td| s?| r?td|p;dt|j t krN| rJ| rJ|rNtd | d vrZ| rZtd | ||_ |j d ||f|j|d |ps|jd\}}}|jrtd|j||j}|r||jn|}i} |D]\} } | |j| | |j<q| }|||fS)aFSign a request Signs an HTTP request with the specified parts. Returns a 3-tuple of the signed request's URI, headers, and body. Note that http_method is not returned as it is unaffected by the OAuth signing process. Also worth noting is that duplicate parameters will be included in the signature, regardless of where they are specified (query, body). The body argument may be a dict, a list of 2-tuples, or a formencoded string. The Content-Type header must be 'application/x-www-form-urlencoded' if it is present. If the body argument is not one of the above, it will be returned verbatim as it is unaffected by the OAuth signing process. Attempting to sign a request with non-formencoded data using the OAuth body signature type is invalid and will raise an exception. If the body does contain parameters, it will be returned as a properly- formatted formencoded string. Body may not be included if the http_method is either GET or HEAD as this changes the semantic meaning of the request. All string data MUST be unicode or be encoded with the same encoding scheme supplied to the Client constructor, default utf-8. This includes strings inside body dicts, for example. rr]Nz multipart/z?Headers indicate a multipart body but body contains parameters.z?Headers indicate a formencoded body but body was not decodable.zEBody contains parameters but Content-Type header was {} instead of {}znot setz=Body signatures may only be used with form-urlencoded content)rtHEADz*GET/HEAD requests should not include body.oauth_signatureT)rsr&z%Encoding URI, headers and body to %s.)rrr=rI startswithCONTENT_TYPE_FORM_URLENCODEDrorLr-r"rnupperrjrmr_rTrAr&r'rErFr+r5)r*rNrKr<r=r&rMrh multipartshould_have_params has_params new_headersr/r0rrrsignsd         z Client.sign)FN)rtNNN)r7 __module__ __qualname____doc__SIGNATURE_HMAC_SHA1r sign_hmac_sha1_with_clientSIGNATURE_HMAC_SHA256sign_hmac_sha256_with_clientSIGNATURE_HMAC_SHA512sign_hmac_sha512_with_clientSIGNATURE_RSA_SHA1sign_rsa_sha1_with_clientSIGNATURE_RSA_SHA256sign_rsa_sha256_with_clientSIGNATURE_RSA_SHA512sign_rsa_sha512_with_clientr?sign_plaintext_with_clientr classmethodrrkr,r:rTrjrAr~rrrrrJs6  2 ) #%r)"rrarclogging urllib.parseparserCoauthlib.commonrrrrrrr getLoggerr7rErrrSIGNATURE_HMACrrr SIGNATURE_RSAr?rrkrqrnrxrrrrrs<