SrSSKrSSKrSSKrSSKrSSKJr SSKJr SS/rSr Sr \R"S 5S S j5r \R"S 5S S j5r g)z4Helper methods for creating & verifying XSRF tokens.N)_helpers)utilz "Doug Coker" z&"Joe Gregorio" :icV[R"[R"USS95nUR [R"[ U5SS95 UR [ 5 UR [R"USS95 UR [ 5 [R"[ U=(d [[R"555SS9nUR U5 UR5n[R"U[ -U-5nU$)aGenerates a URL-safe token for the given user, action, time tuple. Args: key: secret key to use. user_id: the user ID of the authenticated user. action_id: a string identifier of the action they requested authorization for. when: the time in seconds since the epoch at which the user was authorized for this action. If not set the current time is used. Returns: A string XSRF protection token. zutf-8)encoding) hmacnewr _to_bytesupdatestr DELIMITERinttimedigestbase64urlsafe_b64encode)keyuser_id action_idwhendigesterrtokens 0lib/third_party/oauth2client/contrib/xsrfutil.pygenerate_tokenr%sxx**3ABH OOH&&s7|gFG OOI OOH&&y7CD OOI   c$":#diik*:;g ND OOD __ F  $ $Vi%7$%> ?E LcU(dg[R"U5n[UR[5S5nUc[R"5nXF- [:ag[XUUS9n[U5[U5:wagSn[[U5[U55H upXU - -nM U(+$![ [ [R4a gf=f)a"Validates that the given token authorizes the user for the action. Tokens are invalid if the time of issue is too old or if the token does not match what generateToken outputs (i.e. the token was forged). Args: key: secret key to use. token: a string of the token generated by generateToken. user_id: the user ID of the authenticated user. action_id: a string identifier of the action they requested authorization for. Returns: A boolean - True if the user is authorized for the action, False otherwise. F)rrr)rurlsafe_b64decodersplitr TypeError ValueErrorbinasciiErrorrDEFAULT_TIMEOUT_SECSrlenzip bytearray) rrrr current_timedecoded token_timeexpected_token differentxys rvalidate_tokenr1As$ **51y1"56 yy{  #77$CI)35N 5zS((IIe$i&?@U A=% z8>> 2s7CC#"C#)N)__doc__rr$r r oauth2clientrr __authors__rr& positionalrr1rrr8st;  !',  6((r