NSSKJr SSKrSSKJrJr SSKJrJr SSKJ r SSKJ r J r SSK r \R"\5r"SS\5r"S S \ R$5rg) )unicode_literalsN)generate_token urldecode)WebApplicationClientInsecureTransportError)LegacyApplicationClient)TokenExpiredErroris_secure_transportc(^\rSrSrU4SjrSrU=r$) TokenUpdatedc6>[[U] 5 XlgN)superr __init__token)selfr __class__s 3lib/third_party/requests_oauthlib/oauth2_session.pyrTokenUpdated.__init__s ,&(Jr)__name__ __module__ __qualname____firstlineno__r__static_attributes__ __classcell__rs@rr r s rr c^\rSrSrSrSU4SjjrSr\S5r\RS5r\RS5r\S5r \ RS 5r \S 5r \ RS 5r \ RS 5r \S 5r SSjrSSjrSrSSjrSU4SjjrSrSrU=r$) OAuth2SessionaVersatile OAuth 2 extension to :class:`requests.Session`. Supports any grant type adhering to :class:`oauthlib.oauth2.Client` spec including the four core OAuth 2 grants. Can be used to create authorization urls, fetch tokens and access protected resources using the :class:`requests.Session` interface you are used to. - :class:`oauthlib.oauth2.WebApplicationClient` (default): Authorization Code Grant - :class:`oauthlib.oauth2.MobileApplicationClient`: Implicit Grant - :class:`oauthlib.oauth2.LegacyApplicationClient`: Password Credentials Grant - :class:`oauthlib.oauth2.BackendApplicationClient`: Client Credentials Grant Note that the only time you will be using Implicit Grant from python is if you are driving a user agent able to obtain URL fragments. c  V>[[U] "S0U D6 U=(d [XS9UlU=(d 0UlXPlX`lU=(d [Ul Xl X0l U=(d 0Ul Xl SUl[5[5[5S.Ulg)aConstruct a new OAuth 2 client session. :param client_id: Client id obtained during registration :param client: :class:`oauthlib.oauth2.Client` to be used. Default is WebApplicationClient which is useful for any hosted application but not mobile or desktop. :param scope: List of scopes you wish to request access to :param redirect_uri: Redirect URI you registered as callback :param token: Token dictionary, must include access_token and token_type. :param state: State string used to prevent CSRF. This will be given when creating the authorization url and must be supplied when parsing the authorization response. Can be either a string or a no argument callable. :auto_refresh_url: Refresh token endpoint URL, must be HTTPS. Supply this if you wish the client to automatically refresh your access tokens. :auto_refresh_kwargs: Extra arguments to pass to the refresh token endpoint. :token_updater: Method with one argument, token, to be used to update your token database on automatic token refresh. If not set a TokenUpdated warning will be raised when a token has been refreshed. This warning will carry the token in its token argument. :param kwargs: Arguments to pass to the Session constructor. rcU$r)rs r(OAuth2Session.__init__..\s!r)access_token_responserefresh_token_responseprotected_requestNr%)rr!rr_clientrscope redirect_urirstate_stateauto_refresh_urlauto_refresh_kwargs token_updaterauthsetcompliance_hook) r client_idclientr1r2r-r.rr/r3kwargsrs rrOAuth2Session.__init__*sJ -'1&1I1)IDL"DJJ$(.DJK,28bD&DI "%"%% UDrcUR5Ul[RSUR5 UR$![a? URUl[RSUR5 UR$f=f)z6Generates a state string to be used in authorizations.zGenerated new state %s.z&Re-using previously supplied state %s.)r/r0logdebug TypeErrorrs r new_stateOAuth2Session.new_statefsoGJJLdk ii)4;;7 ;; GJJdk ii8$++F ;;Gs5A;B  B c0[URSS5$)Nr7getattrr,r?s rr7OAuth2Session.client_idps 4<<d 33rc$XRlgrr,r7rvalues rr7rEts "LLrcUR?grrGr?s rr7rExs  rc0[URSS5$)NrrCr?s rrOAuth2Session.token|s 4<<$ //rcZXRlURRU5 gr)r,rpopulate_token_attributesrHs rrrLsLLLL**51rc0[URSS5$)N access_tokenrCr?s rrPOAuth2Session.access_tokens 4<< 66rc$XRlgrr,rPrHs rrPrQs %LLrcUR?grrSr?s rrPrQs  !rc,[UR5$)aQBoolean that indicates whether this session has an OAuth token or not. If `self.authorized` is True, you can reasonably expect OAuth-protected requests to the resource to succeed. If `self.authorized` is False, you need the user to go through the OAuth authentication dance before OAuth-protected requests to the resource will succeed. )boolrPr?s r authorizedOAuth2Session.authorizeds !! ""rc U=(d UR5nURR"U4URURUS.UD6U4$)aForm an authorization URL. :param url: Authorization endpoint url, must be HTTPS. :param state: An optional state string for CSRF protection. If not given it will be generated for you. :param kwargs: Extra parameters to include. :return: authorization_url, state )r.r-r/)r@r,prepare_request_urir.r-)rurlr/r9s rauthorization_urlOAuth2Session.authorization_urls[  %T^^%E << + +  &&jj        rc [U5(d [5eU(dAU(a:URRX0RS9 URR nONU(dG[ UR[5(a(URR nU(d [S5e[ UR[5(aUc [S5eUc [S5eUbXoS'UbXS'UbU cSn OUU SLaPURnU(a=[RS U5 UbUOS n[RRUU5nU (aUbXS 'URR "S UUUR"U S .UD6nU =(d S SS.n 0UlUR'5S:Xa>UR)U[+[-U55U U UU U S9n[RSU5 O]UR'5S:Xa>UR/U[+[-U55U U UU U S9n[RSU5 O [S5e[RSUR05 [RSUR2R45 [RSUR2R65 [RSUR4UR85 [RSR<S55 UR<SH!n[RSU5 U"U5nM# URR?UR8UR@S9 URR$Ul[RSUR$5 UR$$)!aQGeneric method for fetching an access token from the token endpoint. If you are using the MobileApplicationClient you will want to use `token_from_fragment` instead of `fetch_token`. The current implementation enforces the RFC guidelines. :param token_url: Token endpoint URL, must use HTTPS. :param code: Authorization code (used by WebApplicationClients). :param authorization_response: Authorization response URL, the callback URL of the request back to you. Used by WebApplicationClients instead of code. :param body: Optional application/x-www-form-urlencoded body to add the include in the token request. Prefer kwargs over body. :param auth: An auth tuple or method as accepted by `requests`. :param username: Username required by LegacyApplicationClients to appear in the request body. :param password: Password required by LegacyApplicationClients to appear in the request body. :param method: The HTTP method used to make the request. Defaults to POST, but may also be GET. Other methods should be added as needed. :param timeout: Timeout of the request in seconds. :param headers: Dict to default request headers with. :param verify: Verify SSL certificate. :param proxies: The `proxies` argument is passed onto `requests`. :param include_client_id: Should the request body include the `client_id` parameter. Default is `None`, which will attempt to autodetect. This can be forced to always include (True) or never include (False). :param client_secret: The `client_secret` paired to the `client_id`. This is generally required unless provided in the `auth` tuple. If the value is `None`, it will be omitted from the request, however if the value is an empty string, an empty string will be sent. :param kwargs: Extra parameters to include in the token request. :return: A token dict r/z?Please supply either code or authorization_response parameters.zQ`LegacyApplicationClient` requires both the `username` and `password` parameters.zFThe required paramter `username` was supplied, but `password` was not.usernamepasswordFTzIEncoding `client_id` "%s" with `client_secret` as Basic auth credentials. client_secret)codebodyr.include_client_idapplication/json/application/x-www-form-urlencoded;charset=UTF-8Acceptz Content-TypePOST)datatimeoutheadersr4verifyproxiesz$Prepared fetch token request body %sGET)paramsrmrnr4rorpz+Prepared fetch token request querystring %sz%The method kwarg must be POST or GET.z0Request to fetch token completed with status %s.zRequest headers were %szRequest body was %s(Response headers were %s and content %s.!Invoking %d token response hooks.r)Invoking hook %s.r-zObtained token %s.r%)!r rr,parse_request_uri_responser0rd isinstancer ValueErrorrr7r<r=requestsr4 HTTPBasicAuthprepare_request_bodyr.rupperpostdictrget status_coderequestrnretextlenr6parse_request_body_responser-)r token_urlrdauthorization_responserer4r`ramethodrmrnrorprfrcr9r7r&hooks r fetch_tokenOAuth2Session.fetch_tokens_n y ) ) " $$ * ll-- .5 \\  d j/CDD \\  d >? ?$,, 788  AB B  34 4#Z#Z   "! $ &NN  ))+,5 7,9+D-"-,,Y F$  ""/ << , ,   &&+     D$IGDJ ||~ )) IdO$  a ii6= 5 (( io&  a ii=tD > ??II@!--PII'):):;II#QYY^^4II8!))QVVLII1$&&'>?@B$$%<= ii#T* q'a> LL,,QVV4::,F##DJII"DJJ/ ::rcURRXRS9 URRUlUR$)zParse token from the URI fragment, used by MobileApplicationClients. :param authorization_response: The full URL of the redirect back to you :return: A token dict r_)r,rwr0r)rrs rtoken_from_fragment!OAuth2Session.token_from_fragment^s=  LL++kk,3##DJ ::rc 0U(d [S5e[U5(d [5eU=(d URR S5n[ R SUR5 U RUR5 URR"SX2URS.U D6n[ R SU5 UcSSS.nURU[[U55UUUUS US 9n [ R S U R5 [ R S U R U R"5 [ R S [%UR&S55 UR&SH!n [ R SU 5 U "U 5n M# URR)U R"URS9UlSUR;a#[ R S5 X RS'UR$)aFetch a new access token using a refresh token. :param token_url: The token endpoint, must be HTTPS. :param refresh_token: The refresh_token to use. :param body: Optional application/x-www-form-urlencoded body to add the include in the token request. Prefer kwargs over body. :param auth: An auth tuple or method as accepted by `requests`. :param timeout: Timeout of the request in seconds. :param headers: A dict of headers to be used by `requests`. :param verify: Verify SSL certificate. :param proxies: The `proxies` argument will be passed to `requests`. :param kwargs: Extra parameters to include in the token request. :return: A token dict z'No token endpoint set for auto_refresh. refresh_tokenz*Adding auto refresh key word arguments %s.)rerr-z&Prepared refresh token request body %srgrhriT)rlr4rmrnrowithhold_tokenrpz2Request to refresh token completed with status %s.rsrtr*rurvz)No new refresh token given. Re-using old.r%)ryr rrrr<r=r2updater,prepare_refresh_bodyr-r~rrrrnrrr6r) rrrrer4rmrnrorpr9r&rs rrOAuth2Session.refresh_tokenis0  @ AA y ) ) " $$!DTZZ^^O%DMII:&&( MM$**+ << , , L djj LDJ LDII6=&Lg  )D/ "   AIIBmmII8!))QVVLII1$&&'?@AC$$%=> ii#T* q'a?99 djj:"DJ djj ( ii;<$1jj! ::rc >[U5(d [5eUR(aU(d[R S[ UR S55 UR SH%n [R SU 5 U "X$U5up$nM' [R SUR5 URRX!X4S9up$n[R S X!5 [R S XC5 [R S U5 [$[&U]R"X4XCS.UD6$![Ga UR(Ga[R SUR5 URSS5n U(a?U(a8U c5[R S U5 [RRXg5n UR"UR4SU 0UD6n UR (aR[R S U UR 5 UR!U 5 URRX!X4S9up$nGNp[#U 5eef=f)z@&&':;$ %t,!#5d< ii-tzz:!\\33 $4Ad6II2C@II0'@II6?  - ;$ ;39 ;;7  ))G)) +FD)$ =dl IIW ==..yHD$$T%:%:PPP%    II6(( *   u %!%!7!7d"8"E C$u% % -s9D//DI IcXR;a[SUUR5eURURU5 g)aIRegister a hook for request/response tweaking. Available hooks are: access_token_response invoked before token parsing. refresh_token_response invoked before refresh token parsing. protected_request invoked before making a request. If you find a new hook is needed please send a GitHub PR request or open an issue. zHook type %s is not in %s.N)r6ryadd)r hook_typers rregister_compliance_hook&OAuth2Session.register_compliance_hooksD,,, 3Y++ --#''-r) r,r0r4r2r1r6r.r-r/rr3) NNNNNNNNNr) NNrbNNNrkNNTNNN)NrbNNNTN)NNFNN)rrrr__doc__rr@propertyr7setterdeleterrrPrWr\rrrrrrrrs@rr!r!sy* $#' !:x 4 4 ##  0 0 <<22 7 7&&""  #  #&)-$( $n` #'   DR" 4;l..rr!) __future__rloggingoauthlib.commonrroauthlib.oauth2rrrr r rz getLoggerrr<Warningr Sessionr!r%rrrsJ'5H3B !7^.H$$^.r