o [hM@sddlmZddlZddlZddlZddlmZmZmZm Z m Z m Z m Z m Z ddlmZddlmZddlmZmZdd lmZmZd d gZe eefZdddZGdd d eZ    dddd ZdS) ) annotationsN)Any AwaitableCallableIterableOptionalTupleUnioncast)Headers) InvalidHeader)build_www_authenticate_basicparse_authorization_basic) HTTPResponseWebSocketServerProtocol BasicAuthWebSocketServerProtocolbasic_auth_protocol_factoryvaluerreturnboolc Cs:z|\}}Wn ttfyYdSwt|tot|tSNF) TypeError ValueError isinstancestr)rusernamepasswordr}/home/ubuntu/experiments/live_experiments/Pythonexperiments/Otree/venv/lib/python3.10/site-packages/websockets/legacy/auth.pyis_credentialss  r!cs`eZdZUdZdZded< dZded< ddddfddZdddZdfdd Z Z S)rzC WebSocket server protocol that enforces HTTP Basic Auth. rrealmN Optional[str]rr#check_credentialsargsrr&/Optional[Callable[[str, str], Awaitable[bool]]]kwargsrNonecs*|dur||_||_tj|i|dSN)r#_check_credentialssuper__init__)selfr#r&r'r) __class__rr r.-sz)BasicAuthWebSocketServerProtocol.__init__rrcs"|jdur|||IdHSdS)a Check whether credentials are authorized. This coroutine may be overridden in a subclass, for example to authenticate against a database or an external service. Args: username: HTTP Basic Auth username. password: HTTP Basic Auth password. Returns: bool: :obj:`True` if the handshake should continue; :obj:`False` if it should fail with a HTTP 401 error. NF)r,)r/rrrrr r&9s z2BasicAuthWebSocketServerProtocol.check_credentialspathrequest_headersr Optional[HTTPResponse]csz|d}Wntytjjdt|jfgdfYSwzt|\}}Wnty<tjjdt|jfgdfYSw|||IdHsStjjdt|jfgdfS||_ t ||IdHS)zR Check HTTP Basic Auth and return a HTTP 401 response if needed. AuthorizationzWWW-AuthenticatesMissing credentials sUnsupported credentials NsInvalid credentials ) KeyErrorhttp HTTPStatus UNAUTHORIZEDrr#rr r&rr-process_request)r/r2r3 authorizationrrr0rr r:Ns0   z0BasicAuthWebSocketServerProtocol.process_request) r'rr#r$r&r(r)rrr*rrrrrr)r2rr3r rr4) __name__ __module__ __qualname____doc__r#__annotations__rr.r&r: __classcell__rrr0r rs    r#r$ credentials3Optional[Union[Credentials, Iterable[Credentials]]]r&r(create_protocol;Optional[Callable[[Any], BasicAuthWebSocketServerProtocol]]1Callable[[Any], BasicAuthWebSocketServerProtocol]cs|du|dukr td|durGt|rtt|g}n!t|tr5t|}tdd|Ds4td|ntd|t|dfd d }|durUtt t gt ft }t j |||d S)aI Protocol factory that enforces HTTP Basic Auth. :func:`basic_auth_protocol_factory` is designed to integrate with :func:`~websockets.server.serve` like this:: websockets.serve( ..., create_protocol=websockets.basic_auth_protocol_factory( realm="my dev server", credentials=("hello", "iloveyou"), ) ) Args: realm: indicates the scope of protection. It should contain only ASCII characters because the encoding of non-ASCII characters is undefined. Refer to section 2.2 of :rfc:`7235` for details. credentials: defines hard coded authorized credentials. It can be a ``(username, password)`` pair or a list of such pairs. check_credentials: defines a coroutine that verifies credentials. This coroutine receives ``username`` and ``password`` arguments and returns a :class:`bool`. One of ``credentials`` or ``check_credentials`` must be provided but not both. create_protocol: factory that creates the protocol. By default, this is :class:`BasicAuthWebSocketServerProtocol`. It can be replaced by a subclass. Raises: TypeError: if the ``credentials`` or ``check_credentials`` argument is wrong. Nz/provide either credentials or check_credentialscss|]}t|VqdSr+)r!).0itemrrr sz.basic_auth_protocol_factory..zinvalid credentials argument: rrrrrcs0z|}Wn tyYdSwt||Sr)r6hmaccompare_digest)rrZexpected_passwordZcredentials_dictrr r&s   z6basic_auth_protocol_factory..check_credentialsr%r<)rr!r Credentialsrrlistalldictrrr functoolspartial)r#rCr&rEZcredentials_listrrMr rus.&  )rrrr)NNNN) r#r$rCrDr&r(rErFrrG) __future__rrRrKr7typingrrrrrrr r Zdatastructuresr exceptionsr headersrrserverrr__all__rrNr!rrrrrr s$ (     Z