o h.@sddlZddlZddlZddlZddlZddlmZddlmZddl m Z ddl m Z m Z mZddlmZmZmZejrCddlmZGd d d ZGd d d eZGd ddeZGdddeZGdddeZGdddejZdS)N) b64encode)parse_http_list) ProtocolError)CookiesRequestResponse)to_bytesto_strunquote)_Hashc@speZdZdZdZdZdedejee dffddZ dedejee dffdd Z dedej ee ffd d Z dS) Autha Base class for all authentication schemes. To implement a custom authentication scheme, subclass `Auth` and override the `.auth_flow()` method. If the authentication scheme does I/O such as disk access or network calls, or uses synchronization primitives such as locks, you should override `.sync_auth_flow()` and/or `.async_auth_flow()` instead of `.auth_flow()` to provide specialized implementations that will be used by `Client` and `AsyncClient` respectively. FrequestreturnNccs |VdS)a Execute the authentication flow. To dispatch a request, `yield` it: ``` yield request ``` The client will `.send()` the response back into the flow generator. You can access it like so: ``` response = yield request ``` A `return` (or reaching the end of the generator) will result in the client returning the last response obtained from the server. You can dispatch as many requests as is necessary. NselfrrrA/var/www/html/ai/venv/lib/python3.10/site-packages/httpx/_auth.py auth_flow!s zAuth.auth_flowccs^|jr|||}t|} |V}|jr|z||}Wn ty-YdSwq)z Execute the authentication flow synchronously. By default, this defers to `.auth_flow()`. You should override this method when the authentication scheme does I/O and/or uses concurrency primitives. TN)requires_request_bodyreadrnextrequires_response_bodysend StopIterationrrflowresponserrrsync_auth_flow9s   zAuth.sync_auth_flowcCsj|jr |IdH||}t|} |V}|jr"|IdHz||}Wn ty3YdSwq)z Execute the authentication flow asynchronously. By default, this defers to `.auth_flow()`. You should override this method when the authentication scheme does I/O and/or uses concurrency primitives. N)rareadrrrrrrrrrasync_auth_flowRs   zAuth.async_auth_flow)__name__ __module__ __qualname____doc__rrrtyping GeneratorrrrAsyncGeneratorr rrrrr s   r c@sLeZdZdZdejegefddfddZdedejee dffdd Z dS) FunctionAuthz Allows the 'auth' argument to be passed as a simple callable function, that takes the request, and returns a new, modified request. funcrNcCs ||_dSN_func)rr)rrr__init__rs zFunctionAuth.__init__rccs||VdSr*r+rrrrruszFunctionAuth.auth_flow) r!r"r#r$r%Callablerr-r&rrrrrrr(ls"r(c@seZdZdZdejeefdejeefddfddZde dej e e dffd d Z dejeefdejeefdefd d Z dS) BasicAuthzy Allows the 'auth' argument to be passed as a (username, password) pair, and uses HTTP Basic authentication. usernamepasswordrNcCs||||_dSr*)_build_auth_header _auth_headerrr0r1rrrr-szBasicAuth.__init__rccs|j|jd<|VdS)N Authorization)r3headersrrrrrs  zBasicAuth.auth_flowcC,dt|t|f}t|}d|SN:zBasic joinr rdecoderr0r1userpasstokenrrrr2  zBasicAuth._build_auth_header)r!r"r#r$r%Unionstrbytesr-rr&rrr2rrrrr/ys"     r/c@sreZdZdZddejeddfddZdedej ee dffdd Z d ej ee fd ej ee fdefd d ZdS) NetRCAuthzT Use a 'netrc' file to lookup basic auth credentials based on the url host. NfilercCsddl}|||_dS)Nr)netrc _netrc_info)rrErFrrrr-szNetRCAuth.__init__rccsR|j|jj}|dus|ds|VdS|j|d|dd|jd<|VdS)Nr)r0r1r5)rGauthenticatorsurlhostr2r6)rr auth_inforrrrs   zNetRCAuth.auth_flowr0r1cCr7r8r:r=rrrr2r@zNetRCAuth._build_auth_headerr*)r!r"r#r$r%OptionalrBr-rr&rrrArCr2rrrrrDs  rDc @seZdZUejejejejejejejejdZe j e e j e gdffed<de je e fde je e fddfdd Zd ede jeedffd d Zd ed ede ddfddZd eddde fddZdede de fddZde j e e fde fddZde je d ede je fddZdS) DigestAuth)MD5zMD5-SESSSHAzSHA-SESSzSHA-256z SHA-256-SESSzSHA-512z SHA-512-SESSr _ALGORITHM_TO_HASH_FUNCTIONr0r1rNcCs$t||_t||_d|_d|_dS)Nr)r _username _password_last_challenge _nonce_countr4rrrr-s   zDigestAuth.__init__rccs|jr|||j|jd<|V}|jdksd|jvrdS|jdD] }|dr.nq#dS|||||_d|_|||j|jd<|j rRt |j j |d|VdS)Nr5izwww-authenticatezdigest rr) rTr2r6 status_codeget_listlower startswith_parse_challengerUcookiesrset_cookie_header)rrr auth_headerrrrrs*   zDigestAuth.auth_flowrr^_DigestAuthChallengec Cs|d\}}}|dksJi}t|D]}|dd\} } t| || <qz4|d} |d} |dd} d |vrF|d nd }d |vrR|d nd }t| | | ||d WSt yr}z d }t ||d|d }~ww)z Returns a challenge from a Digest WWW-Authenticate header. These take the form of: `Digest realm="realm@host.com",qop="auth,auth-int",nonce="abc",opaque="xyz"`  digest=rrealmnonce algorithmrOopaqueNqop)rcrdrerfrgz(Malformed Digest WWW-Authenticate headerrV) partitionrYrstripsplitr encodegetr_KeyErrorr)rrrr^scheme_fields header_dictfieldkeyvaluercrdrerfrgexcmessagerrrr[s(     zDigestAuth._parse_challenge challengec s\|j|jdtdtffdd }d|j|j|jf}|jj }d|j |f}||}d|j }| |j |j} |j d7_ ||} |jdr[|d| |j| f} |j|j|d } | durn| |j|g} n|j|| | |g} d| } |j|j|j||d| | f|j d }|jr|j|d <| rd |d <||d<| |d<d||S)Ndatarcs|Sr*) hexdigestrk)rx hash_funcrrrasz-DigestAuth._build_auth_header..digestr9s%08xrz-sessrV)r0rcrdurirrerfauthrgnccnoncezDigest )rQreupperrCr;rRrcrSrJraw_pathmethodrkrU_get_client_noncerdrYendswith _resolve_qoprgrf_get_header_value)rrrwraA1pathA2HA2nc_valuerHA1rg digest_data key_digest format_argsrrzrr2s>   zDigestAuth._build_auth_header nonce_countrdcCsLt|}||7}|t7}|td7}t|ddS)N) rBrktimectimeosurandomhashlibsha1ry)rrrdsrrrr1s zDigestAuth._get_client_nonce header_fieldsc Csbd}d}d}d}t|D] \}\}}|dkr|d7}||vr"|n|} || |t|7}q|S)N)rergr~z{}="{}"z{}={}rz, ) enumerateitemsformatr ) rrNON_QUOTED_FIELDSQUOTED_TEMPLATENON_QUOTED_TEMPLATE header_valueirrrttemplaterrrr9szDigestAuth._get_header_valuergcCsN|durdStd|}d|vrdS|dgkrtdd|d}t||d)Ns, ?r}sauth-intz.Digest auth-int support is not yet implementedzUnexpected qop value "z" in digest authrV)rerjNotImplementedErrorr)rrgrqopsrvrrrrKs    zDigestAuth._resolve_qop)r!r"r#rmd5rsha256sha512rQr%DictrBr.rC__annotations__rAr-rr&rrr[r2intrrrMrrrrrrNsV $     /rNc@sBeZdZUeed<eed<eed<ejeed<ejeed<dS)r_rcrdrerfrgN)r!r"r#rCrrBr%rMrrrrr_[s r_)rrrrr%base64rurllib.requestr _exceptionsr_modelsrrr_utilsr r r TYPE_CHECKINGr r r(r/rDrN NamedTupler_rrrrs&    [  ,