SrSSKJr SSKJr SSKJr SSKrSSKrSSKrSSKrSSK J r SSK J r SSK Jr SSKrS rS rS rS r"S S\ R*5rSrSrSrSrg)z/Utilities for generating Cloud CDN Signed URLs.)absolute_import)division)unicode_literalsN) exceptions)requests)encodingz,The URL scheme must be either HTTP or HTTPS.z,The URL must not have a '{}' query parameterz!The URL must not have a fragment.)ExpiresKeyName Signaturec\rSrSrSrSrg)InvalidCdnSignedUrlError(zInvalid URL error.N)__name__ __module__ __qualname____firstlineno____doc____static_attributes__r8lib/googlecloudsdk/command_lib/compute/sign_url_utils.pyr r (srr c[R"X[R5R 5n[ R "U5$)aGets the base64url encoded HMAC-SHA1 signature of the specified URL. Args: key: The key value to use for signing. url: The url to use for signing. Returns: The signature of the specified URL calculated using HMAC-SHA1 signature digest and encoding the result using base64url. )hmacnewhashlibsha1digestbase64urlsafe_b64encode)keyurl signatures r _GetSignaturer#,s2hhs.557)  ! !) ,,rcD[[R"5U-5$)z>Converts the number of seconds from now into a unix timestamp.)inttime)seconds_from_nows r_SecondsFromNowToUnixTimestampr(;s TYY[+ + ,,rcUR5n[RRRR U5nUR S:waUR S:wa[[5eUR(a[[5e[RRRRURSS9n[H&nXv;dM [[RU55e SRUU(aSOS[!U5US9n[#[$R&"U5UR)S 55n S RU[*R,"U 5S 9$) aFGets the Signed URL string for the specified URL and configuration. Args: url: The URL to sign. key_name: Signed URL key name to use for the 'KeyName=' query parameter. encoded_key_value: The base64url encoded key value to use for signing. validity_seconds: The number of seconds for which this signed URL will be valid, starting when this function is called. Returns: Returns the Signed URL appended with the query parameters based on the specified configuration. Raises: InvalidCdnSignedUrlError: if the URL is invalid and/or failed to parse the URL. httpshttpT)keep_blank_valuesz3{url}{separator}Expires={expires}&KeyName={keyName}&?)r! separatorexpireskeyNamezutf-8z{url}&Signature={signature})r!r")stripsixmovesurllibparseurlsplitschemer &_URL_SCHEME_MUST_BE_HTTP_HTTPS_MESSAGEfragment#_URL_MUST_NOT_HAVE_FRAGMENT_MESSAGEparse_qsquery_DISALLOWED_QUERY_PARAMETERS _URL_MUST_NOT_HAVE_PARAM_MESSAGEformatr(r#rurlsafe_b64decodeencoderDecode) r!key_nameencoded_key_valuevalidity_seconds stripped_url parsed_url query_paramsparam url_to_signr"s rSignUrlrL@sF$,yy%%..|<*'!j&7&76&A "#I JJ "#F GG!!''00$10,,e  $ * 1 1% 8 ::,FLL #,-=> M+ 01;3E3Eg3NP) & - - !; . ==rch[R"5nURSU5nUR$)zValidates the Signed URL by returning the response code for HEAD request. Args: signed_url: The Signed URL which should be validated. Returns: Returns the response code for the HEAD request to the specified Signed URL. HEAD)r GetSessionrequest status_code) signed_url http_client http_responses rValidateSignedUrlrUts0##%+%%fj9-  " ""r)r __future__rrrrrrr&googlecloudsdk.corercore_exceptionsrgooglecloudsdk.core.utilrsix.moves.urllib.parser3r9r?r;r>Errorr r#r(rLrUrrrr\sr6&'  =(-3'5!'J#B44 -- 1=h #r