
    $g,                    6   d dl mZ d dlZd dlZd dlZd dlmZmZ ddlm	Z	m
Z
mZmZ ddlmZ ddlmZmZmZmZ ddlmZmZ dd	lmZ erdd
lmZmZ  G d d          Z e            Zej        Zej        Zej        Zej        Zej         Z ej!        Z!ej"        Z"dS )    )annotationsN)TYPE_CHECKINGAny   )	Algorithmget_default_algorithms
has_cryptorequires_cryptography)PyJWK)DecodeErrorInvalidAlgorithmErrorInvalidSignatureErrorInvalidTokenError)base64url_decodebase64url_encode)RemovedInPyjwt3Warning)AllowedPrivateKeysAllowedPublicKeysc                      e Zd ZdZ	 	 d:d;d	Zed<d            Zd=dZd>dZd?dZ	d@dZ
	 	 	 	 	 dAdBd%Z	 	 	 	 dCdDd-Z	 	 	 	 dCdEd/ZdFd0ZdGd2Z	 	 dHdId6ZdJd7ZdKd9ZdS )LPyJWSJWTN
algorithmslist[str] | Noneoptionsdict[str, Any] | NonereturnNonec                6   t                      | _        |t          |          nt          | j                  | _        t	          | j                                                  D ]}|| j        vr| j        |= |i }i |                                 || _        d S )N)r   _algorithmsset_valid_algslistkeys_get_default_optionsr   )selfr   r   keys       K/var/www/html/netbox-4.1.3/venv/lib/python3.11/site-packages/jwt/api_jws.py__init__zPyJWS.__init__   s    
 233)5C
OOO3t?O;P;P 	
 (--//00 	* 	*C$***$S)?GA$3355AA    dict[str, bool]c                 
    ddiS )Nverify_signatureT r-   r)   r'   r$   zPyJWS._get_default_options2   s    "D))r)   alg_idstralg_objr   c                    || j         v rt          d          t          |t                    st	          d          || j         |<   | j                            |           dS )zW
        Registers a new Algorithm for use when creating and verifying tokens.
        z Algorithm already has a handler.z!Object is not of type `Algorithm`N)r   
ValueError
isinstancer   	TypeErrorr!   add)r%   r.   r0   s      r'   register_algorithmzPyJWS.register_algorithm6   sm     T%%%?@@@'9-- 	A?@@@#* V$$$$$r)   c                z    || j         vrt          d          | j         |= | j                            |           dS )z
        Unregisters an Algorithm for use when creating and verifying tokens
        Throws KeyError if algorithm is not registered.
        zJThe specified algorithm could not be removed because it is not registered.N)r   KeyErrorr!   remove)r%   r.   s     r'   unregister_algorithmzPyJWS.unregister_algorithmC   sS    
 )))1  
 V$'''''r)   	list[str]c                *    t          | j                  S )zM
        Returns a list of supported values for the 'alg' parameter.
        )r"   r!   )r%   s    r'   get_algorithmszPyJWS.get_algorithmsQ   s     D$%%%r)   alg_namec                    	 | j         |         S # t          $ r9}t          s|t          v rt	          d| d          |t	          d          |d}~ww xY w)z
        For a given string name, return the matching Algorithm object.

        Example usage:

        >>> jws_obj.get_algorithm_by_name("RS256")
        zAlgorithm 'z9' could not be found. Do you have cryptography installed?Algorithm not supportedN)r   r8   r	   r
   NotImplementedError)r%   r>   es      r'   get_algorithm_by_namezPyJWS.get_algorithm_by_nameW   s    	H#H-- 	H 	H 	H (.C"C"C)e(eee  &&?@@aG	Hs    
A4AAHS256FTpayloadbytesr&    AllowedPrivateKeys | str | bytes	algorithm
str | Noneheadersjson_encodertype[json.JSONEncoder] | Noneis_payload_detachedboolsort_headersc                d   g }||nd}	|r:|                     d          }
|
r|d         }	|                     d          }|du rd}| j        |	d}|r*|                     |           |                    |           |d         s|d= |rd|d<   nd|v r|d= t	          j        |d||	                                          }|                    t          |                     |r|}nt          |          }|                    |           d
	                    |          }| 
                    |	          }|                    |          }|                    ||          }|                    t          |                     |rd|d<   d
	                    |          }|                    d          S )Nnonealgb64FT)typrR   rT   ),:)
separatorscls	sort_keys   .r)   r   utf-8)get
header_typ_validate_headersupdatejsondumpsencodeappendr   joinrC   prepare_keysigndecode)r%   rE   r&   rH   rJ   rK   rM   rO   segments
algorithm_headers_algheaders_b64headerjson_headermsg_payloadsigning_inputr0   	signatureencoded_strings                      r'   rb   zPyJWS.encodeh   s     (1'<))&
  	+!++e,,K ,$U^
!++e,,Ke##&*# *.!L!L 	#""7+++MM'"""e} 	u 	!F5MMf__ujz||
 
 

&(( 	 	(55666 	4!KK*733K$$$ 		(++,,Z88!!#&&LL44	(33444  	HQK8,,$$W---r)    jwtstr | bytes'AllowedPublicKeys | PyJWK | str | bytesdetached_payloadbytes | Nonedict[str, Any]c                *   |r<t          j        dt          |                                           t                     |i }i | j        |}|d         }|r&|s$t          |t                    st          d          | 	                    |          \  }	}
}}|
                    dd          du rD|t          d          |}	d                    |
                    dd	          d
         |	g          }
|r|                     |
||||           |	||dS )Nzypassing additional kwargs to decode_complete() is deprecated and will be removed in pyjwt version 3. Unsupported kwargs: r,   z\It is required that you pass in a value for the "algorithms" argument when calling decode().rS   TFzIt is required that you pass in a value for the "detached_payload" argument to decode a message having the b64 header set to false.rZ   r   r   )rE   rl   rp   )warningswarntupler#   r   r   r3   r   r   _loadr\   rd   rsplit_verify_signature)r%   rs   r&   r   r   rv   kwargsmerged_optionsr,   rE   ro   rl   rp   s                r'   decode_completezPyJWS.decode_complete   sg     	M>',V[[]]';';> > '	   ?G4DL4G4)*<= 	J 	z#u7M7M 	n   59JJsOO1	::eT""e++'! Z   'G II}';';D!'D'DQ'G&QRRM 	V""=&)S*UUU "
 
 	
r)   r   c                    |r<t          j        dt          |                                           t                     |                     |||||          }|d         S )Nzppassing additional kwargs to decode() is deprecated and will be removed in pyjwt version 3. Unsupported kwargs: )rv   rE   )rz   r{   r|   r#   r   r   )r%   rs   r&   r   r   rv   r   decodeds           r'   rg   zPyJWS.decode   s|      	M>',V[[]]';';> > '	   &&j'<L ' 
 
 y!!r)   c                f    |                      |          d         }|                     |           |S )zReturns back the JWT header parameters as a dict()

        Note: The signature is not verified so the header parameters
        should not be fully trusted until signature verification is complete
           )r}   r^   )r%   rs   rJ   s      r'   get_unverified_headerzPyJWS.get_unverified_header   s1     **S//!$w'''r)   *tuple[bytes, bytes, dict[str, Any], bytes]c                   t          |t                    r|                    d          }t          |t                    st	          dt                     	 |                    dd          \  }}|                    dd          \  }}n"# t          $ r}t	          d          |d }~ww xY w	 t          |          }n.# t          t          j        f$ r}t	          d          |d }~ww xY w	 t          j        |          }n%# t          $ r}	t	          d|	           |	d }	~	ww xY wt          |t                    st	          d          	 t          |          }
n.# t          t          j        f$ r}t	          d	          |d }~ww xY w	 t          |          }n.# t          t          j        f$ r}t	          d
          |d }~ww xY w|
|||fS )Nr[   z$Invalid token type. Token must be a rZ   r   zNot enough segmentszInvalid header paddingzInvalid header string: z,Invalid header string: must be a json objectzInvalid payload paddingzInvalid crypto padding)r3   r/   rb   rF   r   r~   splitr2   r   r4   binasciiErrorr`   loadsdict)r%   rs   ro   crypto_segmentheader_segmentpayload_segmenterrheader_datarl   rB   rE   rp   s               r'   r}   zPyJWS._load   s0   c3 	&**W%%C#u%% 	NLULLMMM	>,/JJtQ,?,?)M>.;.A.A$.J.J+NOO 	> 	> 	>344#=	>	A*>::KK8>* 	A 	A 	A677S@	A	DZ,,FF 	D 	D 	D;;;<<!C	D &$'' 	NLMMM	B&77GG8>* 	B 	B 	B788cA	B	A(88II8>* 	A 	A 	A677S@	A 	::sx   2B 
B*B%%B*.B> >C)C$$C)-D 
D$DD$E F2FFF G1GGro   rl   rp   c                   |t          |t                    r|j        g}	 |d         }n# t          $ r t	          d          w xY w|r|||vrt	          d          t          |t                    r|j        }|j        }nN	 |                     |          }n"# t          $ r}	t	          d          |	d }	~	ww xY w|	                    |          }|
                    |||          st          d          d S )NrR   zAlgorithm not specifiedz&The specified alg value is not allowedr@   zSignature verification failed)r3   r   algorithm_namer8   r   r   r&   rC   rA   re   verifyr   )
r%   ro   rl   rp   r&   r   rR   r0   prepared_keyrB   s
             r'   r   zPyJWS._verify_signature   sD    *S%"8"8,-J	C-CC 	C 	C 	C'(ABBB	C  	Rz-#Z2G2G'(PQQQc5!! 	4mG7LLN44S99& N N N+,EFFAMN"..s33L~~m\9EE 	I'(GHHH	I 	Is!   * AB 
B8#B33B8c                H    d|v r|                      |d                    d S d S )Nkid)_validate_kid)r%   rJ   s     r'   r^   zPyJWS._validate_headers?  s3    Gwu~..... r)   r   c                N    t          |t                    st          d          d S )Nz(Key ID header parameter must be a string)r3   r/   r   )r%   r   s     r'   r   zPyJWS._validate_kidC  s0    #s## 	P#$NOOO	P 	Pr)   )NN)r   r   r   r   r   r   )r   r*   )r.   r/   r0   r   r   r   )r.   r/   r   r   )r   r;   )r>   r/   r   r   )rD   NNFT)rE   rF   r&   rG   rH   rI   rJ   r   rK   rL   rM   rN   rO   rN   r   r/   )rr   NNN)rs   rt   r&   ru   r   r   r   r   rv   rw   r   rx   )rs   rt   r&   ru   r   r   r   r   rv   rw   r   r   )rs   rt   r   rx   )rs   rt   r   r   )rr   N)ro   rF   rl   rx   rp   rF   r&   ru   r   r   r   r   )rJ   rx   r   r   )r   r   r   r   )__name__
__module____qualname__r]   r(   staticmethodr$   r6   r:   r=   rC   rb   r   rg   r   r}   r   r^   r   r-   r)   r'   r   r      s       J (,)-B B B B B& * * * \*% % % %( ( ( (& & & &H H H H* !()-6:$)!C. C. C. C. C.P 8:'+)-)-+
 +
 +
 +
 +
` 8:'+)-)-" " " " "*	 	 	 	$; $; $; $;V 8:'+I I I I I>/ / / /P P P P P Pr)   r   )#
__future__r   r   r`   rz   typingr   r   r   r   r   r	   r
   api_jwkr   
exceptionsr   r   r   r   utilsr   r   r   r   r   r   _jws_global_objrb   r   rg   r6   r:   rC   r   r-   r)   r'   <module>r      s   " " " " " "    % % % % % % % %                             6 5 5 5 5 5 5 5 , , , , , , BAAAAAAAAiP iP iP iP iP iP iP iPX	 %''		!1		$7 &; '= '=   r)   