o Zh6.@sddlmZddlZddlZddlZddlZddlZddlmZddl m Z ddl m Z ddl mZmZmZddlmZmZmZejrIdd lmZGd d d ZGd d d eZGdddeZGdddeZGdddeZGdddejZdS)) annotationsN) b64encode)parse_http_list) ProtocolError)CookiesRequestResponse)to_bytesto_strunquote)_Hashc@s6eZdZdZdZdZdddZdd d Zdd d ZdS)Autha Base class for all authentication schemes. To implement a custom authentication scheme, subclass `Auth` and override the `.auth_flow()` method. If the authentication scheme does I/O such as disk access or network calls, or uses synchronization primitives such as locks, you should override `.sync_auth_flow()` and/or `.async_auth_flow()` instead of `.auth_flow()` to provide specialized implementations that will be used by `Client` and `AsyncClient` respectively. Frequestrreturn)typing.Generator[Request, Response, None]ccs |VdS)a Execute the authentication flow. To dispatch a request, `yield` it: ``` yield request ``` The client will `.send()` the response back into the flow generator. You can access it like so: ``` response = yield request ``` A `return` (or reaching the end of the generator) will result in the client returning the last response obtained from the server. You can dispatch as many requests as is necessary. NselfrrrB/var/www/html/lang_env/lib/python3.10/site-packages/httpx/_auth.py auth_flow#s zAuth.auth_flowccs^|jr|||}t|} |V}|jr|z||}Wn ty-YdSwq)z Execute the authentication flow synchronously. By default, this defers to `.auth_flow()`. You should override this method when the authentication scheme does I/O and/or uses concurrency primitives. TN)requires_request_bodyreadrnextrequires_response_bodysend StopIterationrrZflowresponserrrsync_auth_flow;s   zAuth.sync_auth_flow(typing.AsyncGenerator[Request, Response]cCsj|jr |IdH||}t|} |V}|jr"|IdHz||}Wn ty3YdSwq)z Execute the authentication flow asynchronously. By default, this defers to `.auth_flow()`. You should override this method when the authentication scheme does I/O and/or uses concurrency primitives. N)rZareadrrrrrrrrrasync_auth_flowTs   zAuth.async_auth_flowNrrrr)rrrr ) __name__ __module__ __qualname____doc__rrrrr!rrrrrs   rc@s$eZdZdZdddZdd d Zd S) FunctionAuthz Allows the 'auth' argument to be passed as a simple callable function, that takes the request, and returns a new, modified request. func#typing.Callable[[Request], Request]rNonecCs ||_dSNZ_func)rr(rrr__init__ts zFunctionAuth.__init__rrrccs||VdSr+r,rrrrrwszFunctionAuth.auth_flowN)r(r)rr*r")r#r$r%r&r-rrrrrr'ns r'c@s.eZdZdZdddZdd d ZdddZdS) BasicAuthzy Allows the 'auth' argument to be passed as a (username, password) pair, and uses HTTP Basic authentication. username str | bytespasswordrr*cCs||||_dSr+)_build_auth_header _auth_headerrr/r1rrrr-szBasicAuth.__init__rrrccs|j|jd<|VdS)N Authorization)r3headersrrrrrs  zBasicAuth.auth_flowstrcC,dt|t|f}t|}d|SN:zBasic joinr rdecoderr/r1Zuserpasstokenrrrr2  zBasicAuth._build_auth_headerNr/r0r1r0rr*r"r/r0r1r0rr7r#r$r%r&r-rr2rrrrr.{s   r.c@s0eZdZdZddddZdd d ZdddZdS) NetRCAuthzT Use a 'netrc' file to lookup basic auth credentials based on the url host. Nfile str | Nonerr*cCsddl}|||_dS)Nr)netrc _netrc_info)rrErGrrrr-szNetRCAuth.__init__rrrccsR|j|jj}|dus|ds|VdS|j|d|dd|jd<|VdS)Nr)r/r1r5)rHauthenticatorsurlhostr2r6)rrZ auth_inforrrrs   zNetRCAuth.auth_flowr/r0r1r7cCr8r9r;r>rrrr2r@zNetRCAuth._build_auth_headerr+)rErFrr*r"rBrCrrrrrDs    rDc @seZdZUejejejejejejejejdZde d<d)d d Z d*ddZ d+ddZ d,ddZ d-ddZd.d"d#Zd/d&d'Zd(S)0 DigestAuth)MD5zMD5-SESSSHAzSHA-SESSzSHA-256z SHA-256-SESSzSHA-512z SHA-512-SESSz*dict[str, typing.Callable[[bytes], _Hash]]_ALGORITHM_TO_HASH_FUNCTIONr/r0r1rr*cCs$t||_t||_d|_d|_dS)Nr)r _username _password_last_challenge _nonce_countr4rrrr-s   zDigestAuth.__init__rrrccs|jr|||j|jd<|V}|jdksd|jvrdS|jdD] }|dr.nq#dS|||||_d|_|||j|jd<|j rRt |j j |d|VdS)Nr5izwww-authenticatezdigest rr) rSr2r6 status_codeZget_listlower startswith_parse_challengerTcookiesrZset_cookie_header)rrr auth_headerrrrrs*   zDigestAuth.auth_flowrr r[r7_DigestAuthChallengec Cs|d\}}}|dksJi}t|D]}|dd\} } t| || <qz4|d} |d} |dd} d |vrF|d nd }d |vrR|d nd }t| | | ||d WSt yr}z d }t ||d|d }~ww)z Returns a challenge from a Digest WWW-Authenticate header. These take the form of: `Digest realm="realm@host.com",qop="auth,auth-int",nonce="abc",opaque="xyz"`  digest=rrealmnonce algorithmrNopaqueNqop)r`rarbrcrdz(Malformed Digest WWW-Authenticate headerrU) partitionrWrstripsplitr encodegetr\KeyErrorr)rrrr[scheme_fieldsZ header_dictfieldkeyvaluer`rarbrcrdexcmessagerrrrYs(     zDigestAuth._parse_challenge challengecsH|j|jdfdd }d|j|j|jf}|jj}d|j |f}||}d|j }| |j |j } |j d7_ ||} |jd rW|d| |j | f} |j|j|d } | durj| |j |g} n | |j || | |g} |j|j|j ||d| |j d } |jr|j| d <| rd | d<|| d<| | d<d|| S)Ndatabytesrcs|Sr+) hexdigestrh)rt hash_funcrrr^sz-DigestAuth._build_auth_header..digestr:s%08xrz-sessrU)r/r`raurirrbrcauthrdnccnoncezDigest )rtrurru)rPrbupperr<rQr`rRrKraw_pathmethodrhrT_get_client_noncerarWendswith _resolve_qoprdrc_get_header_value)rrrsr^A1pathA2HA2Znc_valuer|HA1rdZ digest_dataZ format_argsrrwrr2s<   zDigestAuth._build_auth_header nonce_countintrarucCsLt|}||7}|t7}|td7}t|ddS)N) r7rhtimectimeosurandomhashlibsha1rv)rrrasrrrr,s zDigestAuth._get_client_nonce header_fieldsdict[str, bytes]c Csbd}d}d}d}t|D] \}\}}|dkr|d7}||vr"|n|} || |t|7}q|S)N)rbrdr{z{}="{}"z{}={}rz, ) enumerateitemsformatr ) rrZNON_QUOTED_FIELDSZQUOTED_TEMPLATEZNON_QUOTED_TEMPLATE header_valueirnrptemplaterrrr4szDigestAuth._get_header_valuerd bytes | NonecCsN|durdStd|}d|vrdS|dgkrtdd|d}t||d)Ns, ?rzsauth-intz.Digest auth-int support is not yet implementedzUnexpected qop value "z" in digest authrU)rergNotImplementedErrorr)rrdrZqopsrrrrrrFs    zDigestAuth._resolve_qopNrAr")rrrr r[r7rr\)rrrsr\rr7)rrrarurru)rrrr7)rdrrrrr)r#r$r%rmd5rsha256sha512rP__annotations__r-rrYr2rrrrrrrrMs"     0 rMc@s6eZdZUded<ded<ded<ded<ded<d S) r\rur`rar7rbrrcrdN)r#r$r%rrrrrr\Ts  r\) __future__rrrrrtypingbase64rurllib.requestr _exceptionsrZ_modelsrrr _utilsr r r TYPE_CHECKINGr rr'r.rDrM NamedTupler\rrrrs(     [ )