o 2c@sddlZddlZddlZddlmZddlmZddlmZddlmZddl m Z ddl m Z dd l m Z dd l mZdd lmZdd lmZdd lmZddlmZddlmZddlmZddlmZddlmZGdddeZGdddeZdS)N)datetime)timezone)Decimal)Real) _CompactJSON) base64_decode) base64_encode) want_bytes)BadData) BadHeader) BadPayload) BadSignature)SignatureExpired) Serializer) HMACAlgorithm) NoneAlgorithmcseZdZdZeejeejeeje dZ dZ e Z      dfdd Zdfdd Zd d Zd d ZdddZddZdddZdddZdddZZS)JSONWebSignatureSerializerzThis serializer implements JSON Web Signature (JWS) support. Only supports the JWS Compact Serialization. .. deprecated:: 2.0 Will be removed in ItsDangerous 2.1. Use a dedicated library such as authlib. )HS256HS384HS512nonerNcsLtjdtddtj||||||d|dur|j}||_|||_dS)NzsJWS support is deprecated and will be removed in ItsDangerous 2.1. Use a dedicated JWS/JWT library such as authlib.) stacklevel)salt serializerserializer_kwargssigner signer_kwargs) warningswarnDeprecationWarningsuper__init__default_algorithmalgorithm_namemake_algorithm algorithm)self secret_keyrrrrrr% __class__F/var/www/html/gps/gps/lib/python3.10/site-packages/itsdangerous/jws.pyr#,s"  z#JSONWebSignatureSerializer.__init__Fc st|}d|vr td|dd\}}zt|}Wnty,}ztd|dd}~wwzt|}WntyE}ztd|dd}~wwz tj|td} Wnt yb}ztd|dd}~wwt | t sntd | d tj||d}|r||| fS|S) N.zNo "." found in valuerz:Could not base64 decode the header because of an exception)original_errorz;Could not base64 decode the payload because of an exception)rz5Could not unserialize header because it was malformedz#Header payload is not a JSON object)header) r r splitr Exceptionr r" load_payloadrr isinstancedict) r(payloadr return_headerbase64d_headerbase64d_payload json_headere json_payloadr0r*r,r-r3LsJ    z'JSONWebSignatureSerializer.load_payloadcCs@t|jj|fi|j}t|jj|fi|j}|d|S)Nr.)r rdumpsr)r(r0objr8r9r,r,r- dump_payloadvs z'JSONWebSignatureSerializer.dump_payloadcCs$z|j|WStytdw)NzAlgorithm not supported)jws_algorithmsKeyErrorNotImplementedError)r(r%r,r,r-r&s   z)JSONWebSignatureSerializer.make_algorithmcCsB|dur|j}|dur dnd}|dur|j}|j|j|d||dS)Nr.)rsepkey_derivationr')rr'r secret_keys)r(rr'rEr,r,r- make_signersz&JSONWebSignatureSerializer.make_signercCs|r|ni}|j|d<|S)Nalg)copyr%)r( header_fieldsr0r,r,r- make_headers z&JSONWebSignatureSerializer.make_headercCs*||}|||j}||||S)zLike :meth:`.Serializer.dumps` but creates a JSON Web Signature. It also allows for specifying additional fields to be included in the JWS header. )rKrGr'signr?)r(r>rrJr0rr,r,r-r=s z JSONWebSignatureSerializer.dumpscCsT|j|||jt|dd\}}|d|jkr"td||d|r(||fS|S)z{Reverse of :meth:`dumps`. If requested via ``return_header`` it will return a tuple of payload and header. Tr7rHzAlgorithm mismatch)r0r6)r3rGr'unsignr getr%r )r(srr7r6r0r,r,r-loadss z JSONWebSignatureSerializer.loadscCsd|i}|||||S)Nr7)_loads_unsafe_impl)r(rPrr7kwargsr,r,r- loads_unsafesz'JSONWebSignatureSerializer.loads_unsafe)NNNNNNNF)NN)__name__ __module__ __qualname____doc__rhashlibsha256sha384sha512rr@r$rdefault_serializerr#r3r?r&rGrKr=rQrT __classcell__r,r,r*r-rs0  *   rcsPeZdZdZdZdfdd ZfddZdfd d Zd d Zd dZ Z S)TimedJSONWebSignatureSerializeraWorks like the regular :class:`JSONWebSignatureSerializer` but also records the time of the signing and can be used to expire signatures. JWS currently does not specify this behavior but it mentions a possible extension like this in the spec. Expiry date is encoded into the header similar to what's specified in `draft-ietf-oauth -json-web-token `_. iNc s,tj|fi||dur|j}||_dSN)r"r#DEFAULT_EXPIRES_IN expires_in)r(r)rcrSr*r,r-r#s z(TimedJSONWebSignatureSerializer.__init__cs2t|}|}||j}||d<||d<|S)Niatexp)r"rKnowrc)r(rJr0rdrer*r,r-rKs  z+TimedJSONWebSignatureSerializer.make_headerFcstj||dd\}}d|vrtd|dtd|d}z t|d|d<Wn ty.|w|ddkr7||d|krItd|||d |rO||fS|S) NTrMrezMissing expiry date)r6zExpiry date is not an IntDaterzSignature expired)r6 date_signed) r"rQrr int ValueErrorrfrget_issue_date)r(rPrr7r6r0int_date_errorr*r,r-rQs(    z%TimedJSONWebSignatureSerializer.loadscCs0|d}t|ttfrtjt|tjdSdS)aRIf the header contains the ``iat`` field, return the date the signature was issued, as a timezone-aware :class:`datetime.datetime` in UTC. .. versionchanged:: 2.0 The timestamp is returned as a timezone-aware ``datetime`` in UTC rather than a naive ``datetime`` assumed to be UTC. rd)tzN) rOr4rrr fromtimestamprhrutc)r(r0rvr,r,r-rjs z.TimedJSONWebSignatureSerializer.get_issue_datecCs ttSra)rhtime)r(r,r,r-rfs z#TimedJSONWebSignatureSerializer.nowrarU) rVrWrXrYrbr#rKrQrjrfr_r,r,r*r-r`s  r`)rZrprrrdecimalrnumbersr_jsonrencodingrr r excr r r rrrrrrrrr`r,r,r,r-s,                $