o Df>@sddlZddlZddlZddlZddlmZmZmZmZddl m Z ddl m Z m Z ddlmZddlmZdd lmZmZGd d d Zd d ZddZddZddZdS)N)to_bytes to_unicode json_loads json_dumps) JWTClaims) DecodeErrorInsecureClaimError)JsonWebSignature)JsonWebEncryption)KeySetKeyc@sReZdZdZedgdejZdddZ ddZ dd d Z  dd d Z dS) JsonWebToken)passwordtokensecret secret_key|)z1\b(?:3[47]\d|(?:4\d|5[1-5]|65)\d{2}|6011)\d{12}\bzB-----BEGIN[A-Z ]+PRIVATE KEY-----.+-----END[A-Z ]+PRIVATE KEY-----z3^\b(?!(000|666|9))\d{3}-(?!00)\d{2}-(?!0000)\d{4}\bNcCs t||d|_t||d|_dS)N)private_headers)r _jwsr _jwe)self algorithmsrrQ/home/ubuntu/webapp/venv/lib/python3.10/site-packages/authlib/jose/rfc7519/jwt.py__init__szJsonWebToken.__init__cCsF|D]}||jvr t|||}t|tr |j|r t|qdS)z0Check if payload contains sensitive information.N)SENSITIVE_NAMESr isinstancestrSENSITIVE_VALUESsearch)rpayloadkvrrrcheck_sensitive_data s z!JsonWebToken.check_sensitive_dataTcCs|dddD]}||}t|tjrt|||<q|r&||t||}t t |}d|vr=|j |||S|j |||S)aEncode a JWT with the given header, payload and key. :param header: A dict of JWS header :param payload: A dict to be encoded :param key: key used to sign the signature :param check: check if sensitive data in payload :return: bytes typJWT)expiatnbfenc) setdefaultgetrdatetimecalendartimegm utctimetupler%find_encode_keyrrrserialize_compactr)rheaderr"keycheckr#claimtextrrrencode,s      zJsonWebToken.encodec Cs|durt}t|r |}ntt|}t|}|d}|dkr)|j||t}n|dkr6|j ||t}nt d||d|d||dS) aDecode the JWT with the given key. This is similar with :meth:`verify`, except that it will raise BadSignatureError when signature doesn't match. :param s: text of JWT :param key: key used to verify the signature :param claims_cls: class to be used for JWT claims :param claims_options: `options` parameters for claims_cls :param claims_params: `params` parameters for claims_cls :return: claims_cls instance :raise: BadSignatureError N.rzInvalid input segments lengthr"r4)optionsparams) rcallablecreate_load_keyprepare_raw_keyrcountrdeserialize_compactdecode_payloadrr ) rsr5 claims_clsclaims_options claims_paramsload_key dot_countdatarrrdecodeGs"   zJsonWebToken.decode)N)T)NNN) __name__ __module__ __qualname__rrecompilejoinDOTALLr rr%r9rKrrrrrs  rcCs>ztt|}Wn tytdwt|tstd|S)NzInvalid payload valuezInvalid payload type)rr ValueErrorr rdict) bytes_payloadr"rrrrCls  rCcCsRt|tr|St|tr|dr|drt|}|St|ttfr'd|i}|S)N{}keys)rr r startswithendswithrtuplelist)rawrrrr@vs  r@cCst|tr|d}|r||St|j}|j|d<|St|trSd|vrS|d}|d}|D] }|d|kr?|Sq2|sOt|}|d|d<|St dt|trdd|vrd|d|d<|St|t rq|jrq|j|d<|S)NkidrXInvalid JSON Web Key Set) rr r- find_by_kidrandomchoicerXr^rTrSr)r5r4r^rvrXr#rrrr2s2          r2csfdd}|S)Ncsttr |dSttrEdvrEd}|d}|dur7|D] }|d|kr2|Sq%tdt|dkrA|dStdS)Nr^rXrrr_)rr r`r-rTlenrS)r4r"rXr^r#r5rrrHs   z!create_load_key..load_keyr)r5rHrrerr?s r?)rOrar.r/authlib.common.encodingrrrrclaimsrerrorsr r rfc7515r rfc7516r rfc7517r rrrCr@r2r?rrrrs   \