o
    Df	                     @   sP   d dl mZ d dlmZ ddlmZ ddlmZ ddlm	Z	 G dd deZ
d	S )
   )UnsupportedTokenTypeError)RevocationEndpoint    )ContinueIteration)InvalidTokenError)JWTBearerTokenValidatorc                       s2   e Zd ZdZd	 fdd	Zdd Zdd Z  ZS )
JWTRevocationEndpointa  JWTRevocationEndpoint inherits from `RFC7009`_
    :class:`~authlib.oauth2.rfc7009.RevocationEndpoint`.

    The JWT access tokens cannot be revoked.
    If the submitted token is a JWT access token, then revocation returns
    a `invalid_token_error`.

    :param issuer: The issuer identifier.

    :param \*\*kwargs: Other parameters are inherited from
        :class:`~authlib.oauth2.rfc7009.RevocationEndpoint`.

    Plain text access tokens and other kind of tokens such as refresh_tokens
    will be ignored by this endpoint and passed to the next revocation endpoint::

        class MyJWTAccessTokenRevocationEndpoint(JWTRevocationEndpoint):
            def get_jwks(self):
                ...

        authorization_server.register_endpoint(
            MyJWTAccessTokenRevocationEndpoint(
                issuer="https://authorization-server.example.org",
            )
        )
        authorization_server.register_endpoint(MyRefreshTokenRevocationEndpoint)

    .. _RFC7009: https://tools.ietf.org/html/rfc7009
    Nc                    s    t  j|d|i| || _d S )Nserver)super__init__issuer)selfr   r	   argskwargs	__class__ Z/home/ubuntu/webapp/venv/lib/python3.10/site-packages/authlib/oauth2/rfc9068/revocation.pyr   &   s   
zJWTRevocationEndpoint.__init__c                 C   sf   |  || |jddvrt t| jdd}| j|_z||jd  W t	  ty2   t w ) token_type_hint)access_tokenNN)r   resource_servertoken)
check_paramsformgetr   r   r   get_jwksauthenticate_tokenr   r   )r   requestclient	validatorr   r   r   r   *   s   z(JWTRevocationEndpoint.authenticate_tokenc                 C   s   t  )zReturn the JWKs that will be used to check the JWT access token signature.
        Developers MUST re-implement this method::

            def get_jwks(self):
                return load_jwks("jwks.json")
        )NotImplementedError)r   r   r   r   r   ?   s   zJWTRevocationEndpoint.get_jwks)N)__name__
__module____qualname____doc__r   r   r   __classcell__r   r   r   r   r      s
    r   N)rfc6749r   rfc7009r   authlib.common.errorsr   authlib.oauth2.rfc6750.errorsr   &authlib.oauth2.rfc9068.token_validatorr   r   r   r   r   r   <module>   s    