o [h.@sddlZddlZddlmZddlmZddlmZddlmZddlm Z ddlm Z dd lm Z dd l m Z dd l mZdd l mZdd l mZddl mZddlmZddlmZddlmZGdddeZGdddeZdS)N)datetime) number_types) _CompactJSON)json) base64_decode) base64_encode) want_bytes)BadData) BadHeader) BadPayload) BadSignature)SignatureExpired) Serializer) HMACAlgorithm) NoneAlgorithmc@seZdZdZeejeejeeje dZ dZ e Z      dddZddd Zd d Zd d ZdddZddZdddZdddZdddZdS)JSONWebSignatureSerializerzrThis serializer implements JSON Web Signature (JWS) support. Only supports the JWS Compact Serialization. )ZHS256ZHS384HS512nonerNc Cs<tj|||||||d|dur|j}||_|||_dS)N) secret_keysalt serializerserializer_kwargssigner signer_kwargs)r__init__default_algorithmalgorithm_namemake_algorithm algorithm)selfrrrrrrrr!w/home/ubuntu/experiments/live_experiments/Pythonexperiments/Otree/venv/lib/python3.10/site-packages/itsdangerous/jws.pyr&s  z#JSONWebSignatureSerializer.__init__Fc Cst|}d|vr td|dd\}}zt|}Wnty,}ztd|dd}~wwzt|}WntyE}ztd|dd}~wwz tj||td} Wnt yb}ztd|dd}~wwt | t sntd | d tj|||d}|r||| fS|S) N.zNo "." found in valuerz:Could not base64 decode the header because of an exception)original_errorz;Could not base64 decode the payload because of an exception)rz5Could not unserialize header because it was malformedz#Header payload is not a JSON object)header) r r splitr Exceptionr r load_payloadrr isinstancedict) r payloadr return_headerbase64d_headerbase64d_payloadZ json_headereZ json_payloadr%r!r!r"r(>sJ    z'JSONWebSignatureSerializer.load_payloadcCs@t|jj|fi|j}t|jj|fi|j}|d|S)Nr#)rrdumpsr)r r%objr-r.r!r!r" dump_payload_s z'JSONWebSignatureSerializer.dump_payloadcCs$z|j|WStytdw)NzAlgorithm not supported)jws_algorithmsKeyErrorNotImplementedError)r rr!r!r"rhs   z)JSONWebSignatureSerializer.make_algorithmcCsB|dur|j}|dur dnd}|dur|j}|j|j|d||dS)Nr.)rsepkey_derivationr)rrrr)r rrr8r!r!r" make_signernsz&JSONWebSignatureSerializer.make_signercCs|r|ni}|j|d<|S)Nalg)copyr)r header_fieldsr%r!r!r" make_header|s z&JSONWebSignatureSerializer.make_headercCs*||}|||j}||||S)zLike :meth:`.Serializer.dumps` but creates a JSON Web Signature. It also allows for specifying additional fields to be included in the JWS header. )r=r9rsignr2)r r1rr<r%rr!r!r"r0s z JSONWebSignatureSerializer.dumpscCsT|j|||jt|dd\}}|d|jkr"td||d|r(||fS|S)z{Reverse of :meth:`dumps`. If requested via ``return_header`` it will return a tuple of payload and header. Tr,r:zAlgorithm mismatch)r%r+)r(r9rZunsignr getrr )r srr,r+r%r!r!r"loadss z JSONWebSignatureSerializer.loadscCsd|i}|||||S)Nr,)Z_loads_unsafe_impl)r rArr,kwargsr!r!r" loads_unsafesz'JSONWebSignatureSerializer.loads_unsafe)NNNNNNNF)NN)__name__ __module__ __qualname____doc__rhashlibsha256sha384sha512rr3rrZdefault_serializerrr(r2rr9r=r0rBrDr!r!r!r"rs0 !   rc@s@eZdZdZdZdddZddZdd d Zd d Zd dZ dS)TimedJSONWebSignatureSerializeraWorks like the regular :class:`JSONWebSignatureSerializer` but also records the time of the signing and can be used to expire signatures. JWS currently does not specify this behavior but it mentions a possible extension like this in the spec. Expiry date is encoded into the header similar to what's specified in `draft-ietf-oauth -json-web-token `_. iNcKs,tj||fi||dur|j}||_dSN)rrDEFAULT_EXPIRES_IN expires_in)r rrQrCr!r!r"rs z(TimedJSONWebSignatureSerializer.__init__cCs2t||}|}||j}||d<||d<|S)Niatexp)rr=nowrQ)r r<r%rRrSr!r!r"r=s  z+TimedJSONWebSignatureSerializer.make_headerFcCstj|||dd\}}d|vrtd|dtd|d}z t|d|d<Wn ty.|w|ddkr7||d|krItd|||d |rO||fS|S) NTr?rSzMissing expiry date)r+zExpiry date is not an IntDaterzSignature expired)r+Z date_signed) rrBr r int ValueErrorrTrget_issue_date)r rArr,r+r%Zint_date_errorr!r!r"rBs,     z%TimedJSONWebSignatureSerializer.loadscCs&|d}t|trtt|SdS)NrR)r@r)rrutcfromtimestamprU)r r%rvr!r!r"rWs  z.TimedJSONWebSignatureSerializer.get_issue_datecCs ttSrO)rUtime)r r!r!r"rTs z#TimedJSONWebSignatureSerializer.nowrOrE) rFrGrHrIrPrr=rBrWrTr!r!r!r"rNs   rN)rJrZrZ_compatr_jsonrrencodingrrr excr r r r rrrrrrrrNr!r!r!r"s(