NddlmZddlZddlmZmZddlmZmZddlm Z ddlm Z m Z ddl Z ejeZGddeZGd d e j$Zy) )unicode_literalsN)generate_token urldecode)WebApplicationClientInsecureTransportError)LegacyApplicationClient)TokenExpiredErroris_secure_transportceZdZfdZxZS) TokenUpdatedc8tt| ||_yN)superr __init__token)selfr __class__s 3lib/third_party/requests_oauthlib/oauth2_session.pyrzTokenUpdated.__init__s ,&(DJ)__name__ __module__ __qualname__r __classcell__rs@rr r s rr ceZdZdZ dfd ZdZedZejdZejdZedZ e jdZ ed Z e jd Z e jd Z ed Z dd Z ddZdZ ddZ dfd ZdZxZS) OAuth2Sessiona6Versatile OAuth 2 extension to :class:`requests.Session`. Supports any grant type adhering to :class:`oauthlib.oauth2.Client` spec including the four core OAuth 2 grants. Can be used to create authorization urls, fetch tokens and access protected resources using the :class:`requests.Session` interface you are used to. - :class:`oauthlib.oauth2.WebApplicationClient` (default): Authorization Code Grant - :class:`oauthlib.oauth2.MobileApplicationClient`: Implicit Grant - :class:`oauthlib.oauth2.LegacyApplicationClient`: Password Credentials Grant - :class:`oauthlib.oauth2.BackendApplicationClient`: Client Credentials Grant Note that the only time you will be using Implicit Grant from python is if you are driving a user agent able to obtain URL fragments. c  >tt| di| |xs t|||_|xsi|_||_||_|xst|_ ||_ ||_ |xsi|_ | |_ d|_tttd|_y)aHConstruct a new OAuth 2 client session. :param client_id: Client id obtained during registration :param client: :class:`oauthlib.oauth2.Client` to be used. Default is WebApplicationClient which is useful for any hosted application but not mobile or desktop. :param scope: List of scopes you wish to request access to :param redirect_uri: Redirect URI you registered as callback :param token: Token dictionary, must include access_token and token_type. :param state: State string used to prevent CSRF. This will be given when creating the authorization url and must be supplied when parsing the authorization response. Can be either a string or a no argument callable. :auto_refresh_url: Refresh token endpoint URL, must be HTTPS. Supply this if you wish the client to automatically refresh your access tokens. :auto_refresh_kwargs: Extra arguments to pass to the refresh token endpoint. :token_updater: Method with one argument, token, to be used to update your token database on automatic token refresh. If not set a TokenUpdated warning will be raised when a token has been refreshed. This warning will carry the token in its token argument. :param kwargs: Arguments to pass to the Session constructor. )rc|Sr)rs rz(OAuth2Session.__init__..\s!r)access_token_responserefresh_token_responseprotected_requestNr)rrrr_clientrscope redirect_urirstate_stateauto_refresh_urlauto_refresh_kwargs token_updaterauthsetcompliance_hook) r client_idclientr*r+r&r'rr(r,kwargsrs rrzOAuth2Session.__init__*sJ -'1&1I1)5IDL"DJDJ$D(.DJDK,D28bD&DDI "%"%% UDrc |j|_tjd|j|jS#t$r?|j|_tjd|jY|jSwxYw)z6Generates a state string to be used in authorizations.zGenerated new state %s.z&Re-using previously supplied state %s.)r(r)logdebug TypeErrorrs r new_statezOAuth2Session.new_statefsoGJJLdk ii)4;;7 ;; GJJdk ii8$++F ;;Gs5A:B  B c0t|jddS)Nr0getattrr%r7s rr0zOAuth2Session.client_idps 4<<d 33rc&||j_yrr%r0rvalues rr0zOAuth2Session.client_idts"DLLrc|j`yrr=r7s rr0zOAuth2Session.client_idxs  rc0t|jddS)Nrr:r7s rrzOAuth2Session.token|s 4<<$ //rc\||j_|jj|yr)r%rpopulate_token_attributesr>s rrzOAuth2Session.tokens DLLLL**51rc0t|jddS)N access_tokenr:r7s rrEzOAuth2Session.access_tokens 4<< 66rc&||j_yrr%rEr>s rrEzOAuth2Session.access_tokens %DLLrc|j`yrrGr7s rrEzOAuth2Session.access_tokens  !rc,t|jS)aBoolean that indicates whether this session has an OAuth token or not. If `self.authorized` is True, you can reasonably expect OAuth-protected requests to the resource to succeed. If `self.authorized` is False, you need the user to go through the OAuth authentication dance before OAuth-protected requests to the resource will succeed. )boolrEr7s r authorizedzOAuth2Session.authorizeds !! ""rc |xs|j}|jj|f|j|j|d||fS)aFForm an authorization URL. :param url: Authorization endpoint url, must be HTTPS. :param state: An optional state string for CSRF protection. If not given it will be generated for you. :param kwargs: Extra parameters to include. :return: authorization_url, state )r'r&r()r8r%prepare_request_urir'r&)rurlr(r2s rauthorization_urlzOAuth2Session.authorization_urls]  %T^^%E +4<< + +  &&jj        rc 4t|s t|s@|r>|jj||j|jj }n?|s=t |jtr#|jj }|s tdt |jtr| td| td|||d<|||d<|| Qd} nN| durJ|j}|r? ?$,, 78  AB B  34 4#fZ#fZ   "! $ &NN  ))+,5 7,9+D-"-,,Y F$  ""/ ,4<< , ,   &&+     D$IGDJ ||~ )) IdO$  a ii6= 5 (( io&  a ii=tD > ??II@!--PII'):):;II#QYY^^4II8!))QVVLII1$&&'>?@B$$%<= ii#T* q'a> LL,,QVV4::,F##DJII"DJJ/ ::rc|jj||j|jj|_|jS)zParse token from the URI fragment, used by MobileApplicationClients. :param authorization_response: The full URL of the redirect back to you :return: A token dict rQ)r%rir)r)rrys rtoken_from_fragmentz!OAuth2Session.token_from_fragment^s?  LL++dkk,3##DJ ::rc |s tdt|s t|xs|jj d}t j d|j| j|j|jjd|||jd| }t j d||ddd}|j|tt|||||d | } t j d | jt j d | j | j"t j d t%|j&d|j&dD] } t j d| | | } "|jj)| j"|j|_d|jvr$t j d||jd<|jS)aFetch a new access token using a refresh token. :param token_url: The token endpoint, must be HTTPS. :param refresh_token: The refresh_token to use. :param body: Optional application/x-www-form-urlencoded body to add the include in the token request. Prefer kwargs over body. :param auth: An auth tuple or method as accepted by `requests`. :param timeout: Timeout of the request in seconds. :param headers: A dict of headers to be used by `requests`. :param verify: Verify SSL certificate. :param proxies: The `proxies` argument will be passed to `requests`. :param kwargs: Extra parameters to include in the token request. :return: A token dict z'No token endpoint set for auto_refresh. refresh_tokenz*Adding auto refresh key word arguments %s.)rWrr&z&Prepared refresh token request body %srYrZr[T)r^r-r_r`rawithhold_tokenrbz2Request to refresh token completed with status %s.rerfr#rgrhz)No new refresh token given. Re-using old.r)rkr rrrrr4r5r+updater%prepare_refresh_bodyr&rprqrrsr`rurvr/rw) rrxrrWr-r_r`rarbr2r r{s rrzOAuth2Session.refresh_tokenis0  @ AA y ) " $$!DTZZ^^O%DMII:&&( MM$**+ ,4<< , , L djj LDJ LDII6=&Lg  )D/ "   AIIBmmII8!))QVVLII1$&&'?@AC$$%=> ii#T* q'a?99 djj:"DJ djj ( ii;<$1djj! ::rc t|s t|jr|stj dt |j d|j dD]&} tj d| | |||\}}}(tj d|j |jj||||\}}}tj d ||tj d ||tj d |t%t&|R||f||d|S#t$r |jrtj d|j|jdd} |r:|r8| 6tj d |tjj||} |j|jfd| i|} |j rVtj d | |j |j!| |jj||||\}}}n t#| YpwxYw)z@&&':;$ %t,!#w5Wd< ii-tzz:!\\33 V$4AWd6II2C@II0'4@II6?  - ;$4 ;39 ;;7  ))G)) +FD)$ =dl IIW ==..y-HD$$$$T%:%:PPP%    II6(( *   u %!%!7!7dG"8"E C$u% %  #s*#D))DH>=H>c||jvrtd||j|j|j|y)aRegister a hook for request/response tweaking. Available hooks are: access_token_response invoked before token parsing. refresh_token_response invoked before refresh token parsing. protected_request invoked before making a request. If you find a new hook is needed please send a GitHub PR request or open an issue. zHook type %s is not in %s.N)r/rkadd)r hook_typer{s rregister_compliance_hookz&OAuth2Session.register_compliance_hooksF,,, 3Y++ --#''-r) NNNNNNNNNr) NNrTNNNr]NNTNNN)NrTNNNTN)NNFNN)rrr__doc__rr8propertyr0setterdeleterrrErKrOr|r~rrtrrrs@rrrst* $#' !:x 4 4 ##  0 0 <<22 7 7&&""  #  #&)-$( $n` #'   DR" 4;l.rr) __future__rloggingoauthlib.commonrroauthlib.oauth2rrrr r rl getLoggerrr4Warningr SessionrrrrrsL'5H3Bg!7^.H$$^.r