o
    +ifI                     @   s   d dl Z d dlZd dlZd dlZddlmZ ddlmZmZ ddl	m
Z
 eeZdZdd Zd	d
 ZG dd deZG dd deZdS )    N   )canonicalize)decode_partdecode_id_token)Clientbrokerc                 C   s   t |fi | |kS N)dict)smallbig r   I/var/www/html/corbot_env/lib/python3.10/site-packages/msal/token_cache.pyis_subdict_of      r   c                 C   s   |  d|  dS )Npreferred_usernameupn)get)id_token_claimsr   r   r   _get_username   s   r   c                   @   s   e Zd ZdZG dd dZG dd dZdd Z	d%d	d
Zd%ddZd%ddZ	d&ddZ
d&ddZd%ddZdd Zd%ddZd%ddZdd Zdd Zdd  Zd!d" Zd#d$ ZdS )'
TokenCachea  This is considered as a base class containing minimal cache behavior.

    Although it maintains tokens using unified schema across all MSAL libraries,
    this class does not serialize/persist them.
    See subclass :class:`SerializableTokenCache` for details on serialization.
    c                   @   s    e Zd ZdZdZdZdZdZdS )zTokenCache.CredentialTypeAccessTokenRefreshTokenAccountIdTokenAppMetadataN)__name__
__module____qualname__ACCESS_TOKENREFRESH_TOKENACCOUNTID_TOKENAPP_METADATAr   r   r   r   CredentialType   s    r#   c                   @   s   e Zd ZdZdZdS )zTokenCache.AuthorityTypeADFSMSSTSN)r   r   r   r$   r%   r   r   r   r   AuthorityType%   s    r&   c                    sx   t   _i  _ jj	 	 d fdd	 jj	 	 d fdd	 jj	 	 d fdd	 jjd	dd jj	d
ddi _
d S )Nc                    s.   d | pd|pd jj|pdd|pdg S N- )joinr#   r   lower)home_account_idenvironment	client_idtarget!ignored_payload_from_a_real_tokenselfr   r   <lambda>.   s   z%TokenCache.__init__.<locals>.<lambda>c                    s2   d | pd|pd jj|pd|pd|pdg S r'   )r*   r#   r   r+   )r,   r-   r.   realmr/   r0   r1   r   r   r3   9   s   c                    s.   d | pd|pd jj|pd|pddg S r'   )r*   r#   r!   r+   )r,   r-   r.   r4   r0   r1   r   r   r3   D   s   c                 [   s    d | pd|pd|pdg S r'   )r*   r+   )r,   r-   r4   !ignored_payload_from_a_real_entryr   r   r   r3   O   s   c                 [   s   d | pd|pdS )Nzappmetadata-{}-{}r)   )format)r-   r.   kwargsr   r   r   r3   W   r   )NNNN)NNNNN)NNNNN)	threadingRLock_lock_cacher#   r   r   r!   r    r"   
key_makersr1   r   r1   r   __init__)   s&   




zTokenCache.__init__Nc              
   C   s2   | j | jj| jtjj ||||d|d|dS )N )r,   r-   r.   r4   r/   default)_getr#   r   r=   r   r*   )r2   r,   r-   r.   r4   r/   rA   r   r   r   _get_access_token[   s   zTokenCache._get_access_tokenc                 C   s&   | j | jj| jtjj ||d|dS )N)r-   r.   r@   )rB   r#   r"   r=   r   )r2   r-   r.   rA   r   r   r   _get_app_metadatak   s   zTokenCache._get_app_metadatac                 C   s@   | j  | j|i ||W  d    S 1 sw   Y  d S r   )r;   r<   r   )r2   credential_typekeyrA   r   r   r   rB   t   s   $zTokenCache._getc                 c   s   t |pg }t|tsJ dd}|| jjkrEt|trEd|v rEd|v rEd|v rEd|v rE|rE| |d |d |d |d |}|rE|V  t|}| j4 | j	
|i  D ]!}t|p\i |rw|rn|t|
dd krwn			 ||krw|V  qVW d   dS 1 sw   Y  dS )	zReturns a generator of matching entries.

        It is O(1) for AT hits, and O(n) for other types.
        Note that it holds a lock during the entire search.
        zInvalid parameter typeNr,   r-   r.   r4   r/   r)   )sorted
isinstancelistr#   r   r	   rC   setr;   r<   r   valuesr   split)r2   rE   r/   querypreferred_result
target_setentryr   r   r   _findx   s:   "zTokenCache._findc                 C   s   t | j|||dS )N)r/   rM   )rI   rQ   )r2   rE   r/   rM   r   r   r   find   r   zTokenCache.findc              	   C   sZ   dd }t |||di d||di dd}tdtj|d	d
td | j||dS )z:Handle a token obtaining event, and add tokens into cache.c                    s    fdd|   D S )Nc                    s"   i | ]\}}|| v rd n|qS )z********r   ).0kvsensitive_fieldsr   r   
<dictcomp>   s    z;TokenCache.add.<locals>.make_clean_copy.<locals>.<dictcomp>)items)
dictionaryrW   r   rV   r   make_clean_copy   s   
z'TokenCache.add.<locals>.make_clean_copydata)passwordclient_secretrefresh_token	assertionresponse)r   access_tokenr_   id_tokenusername)r\   ra   zevent=%s   T)indent	sort_keysrA   )now)r	   r   loggerdebugjsondumpsstr_TokenCache__add)r2   eventrh   r[   clean_eventr   r   r   add   s   

zTokenCache.addc                 C   s^   d|v rt t|d }d|v rd|v r|djdi |fS |r+|d }d|i|fS i dfS )z&Return client_info and home_account_idclient_infouidutidz{uid}.{utid}subNr   )rk   loadsr   r6   )r2   ra   r   rr   ru   r   r   r   __parse_account   s   zTokenCache.__parse_accountc                 C   s<  d  }}d|v rt |d \}}}d|v r|d }|di }|di }|d}|d}	|d}
|dpD|
rCt|
|d	 d
ni }| ||\}}dt|dpVg }| j6 t|d u rgt n|}|r|drzt|d| nd}t|d|}t|d|}| j	j
||||d	|||ddt|t|| t|| d}|dr|d|d< d|v r|d }t|| |d< | | j	j
|| |r,|ds,||||d|d|dt|p|dp|dpd|d|dkr| jjn| jjd}td d!tjd" f}|d#|v r#|d# |d$< | | j	j|| |
rF| j	j|
||||d	d%}| | j	j|| |	rn| j	j|	|||d	|t|d&}d'|v re|d' |d(< | | j	j|| |d	|d)}d'|v r|d'|d(< | | j	j|| W d    d S 1 sw   Y  d S )*Ntoken_endpointr-   ra   r\   rb   r_   rc   r   r.   )r.   r?   scope
expires_oniX  
expires_inext_expires_in
token_typeBearer)rE   secretr,   r-   r.   r/   r4   r}   	cached_atrz   extended_expires_onkey_id
refresh_in
refresh_onskip_account_creation_account_idoidru   rd   r)   authority_typeadfs)r,   r-   r4   local_account_idrd   r   authorization_coder]   
GRANT_TYPE
grant_typeaccount_source)rE   r   r,   r-   r4   r.   )rE   r   r,   r-   r.   r/   last_modification_timefoci	family_id)r.   r-   )r   r   r   _TokenCache__parse_accountr*   rG   r;   inttimer#   r   rm   modifyr   r&   r$   r%   _GRANT_TYPE_BROKERr   DEVICE_FLOWr    r!   r   r"   )r2   ro   rh   r-   r4   _ra   r\   rb   r_   rc   r   rr   r,   r/   default_expires_inr{   r|   atr   account%grant_types_that_establish_an_accountidtrtapp_metadatar   r   r   __add   s   










	
	
$zTokenCache.__addc                 C   s   | j | di |}| j0 |r"| j|i }t|fi |||< n| j|i |d  W d    d S W d    d S 1 s@w   Y  d S )Nr   )r=   r;   r<   
setdefaultr	   pop)r2   rE   	old_entrynew_key_value_pairsrF   entriesr   r   r   r   2  s   "zTokenCache.modifyc                 C   &   | d| jjksJ | | jj|S NrE   )r   r#   r   r   )r2   rt_itemr   r   r   	remove_rtD     zTokenCache.remove_rtc              	   C   s:   | d| jjksJ | | jj||ttt dS )NrE   )r   r   )r   r#   r   r   rm   r   r   )r2   r   new_rtr   r   r   	update_rtH  s
   zTokenCache.update_rtc                 C   r   r   )r   r#   r   r   )r2   at_itemr   r   r   	remove_atO  r   zTokenCache.remove_atc                 C   r   r   )r   r#   r!   r   )r2   idt_itemr   r   r   
remove_idtS  r   zTokenCache.remove_idtc                 C   s   d|v sJ |  | jj|S )Nr   )r   r#   r    )r2   account_itemr   r   r   remove_accountW  s   zTokenCache.remove_accountr   r8   )r   r   r   __doc__r#   r&   r>   rC   rD   rB   rQ   rR   rq   r   rn   r   r   r   r   r   r   r   r   r   r   r      s(    5


	

!


or   c                       sB   e Zd ZdZdZ fddZd fdd	Zdd	 Zd
d Z  Z	S )SerializableTokenCachea  This serialization can be a starting point to implement your own persistence.

    This class does NOT actually persist the cache on disk/db/etc..
    Depending on your need,
    the following simple recipe for file-based persistence may be sufficient::

        import os, atexit, msal
        cache_filename = os.path.join(  # Persist cache into this file
            os.getenv("XDG_RUNTIME_DIR", ""),  # Automatically wipe out the cache from Linux when user's ssh session ends. See also https://github.com/AzureAD/microsoft-authentication-library-for-python/issues/690
            "my_cache.bin")
        cache = msal.SerializableTokenCache()
        if os.path.exists(cache_filename):
            cache.deserialize(open(cache_filename, "r").read())
        atexit.register(lambda:
            open(cache_filename, "w").write(cache.serialize())
            # Hint: The following optional line persists only when state changed
            if cache.has_state_changed else None
            )
        app = msal.ClientApplication(..., token_cache=cache)
        ...

    :var bool has_state_changed:
        Indicates whether the cache state in the memory has changed since last
        :func:`~serialize` or :func:`~deserialize` call.
    Fc                    s"   t t| j|fi | d| _d S NT)superr   rq   has_state_changed)r2   ro   r7   	__class__r   r   rq   x  s   
zSerializableTokenCache.addNc                    s   t t| ||| d| _d S r   )r   r   r   r   )r2   rE   r   r   r   r   r   r   |  s   

zSerializableTokenCache.modifyc                 C   sF   | j  |rt|ni | _d| _W d   dS 1 sw   Y  dS )zEDeserialize the cache from a state previously obtained by serialize()FN)r;   rk   rv   r<   r   )r2   stater   r   r   deserialize  s   "z"SerializableTokenCache.deserializec                 C   s@   | j  d| _tj| jddW  d   S 1 sw   Y  dS )z0Serialize the current cache state into a string.Fre   )rf   N)r;   r   rk   rl   r<   r1   r   r   r   	serialize  s   $z SerializableTokenCache.serializer   )
r   r   r   r   r   rq   r   r   r   __classcell__r   r   r   r   r   \  s    r   )rk   r9   r   logging	authorityr   oauth2cli.oidcr   r   oauth2cli.oauth2r   	getLoggerr   ri   r   r   r   objectr   r   r   r   r   r   <module>   s    
  H