o is.@sddlmZddlZddlZddlZddlZddlZddlmZddl m Z ddl m Z ddl mZmZmZddlmZmZmZejrIdd lmZgd ZGd d d ZGd ddeZGdddeZGdddeZGdddeZGdddejZdS)) annotationsN) b64encode)parse_http_list) ProtocolError)CookiesRequestResponse)to_bytesto_strunquote)_Hash)Auth BasicAuth DigestAuth NetRCAuthc@s6eZdZdZdZdZdddZdd d Zdd d ZdS)ra Base class for all authentication schemes. To implement a custom authentication scheme, subclass `Auth` and override the `.auth_flow()` method. If the authentication scheme does I/O such as disk access or network calls, or uses synchronization primitives such as locks, you should override `.sync_auth_flow()` and/or `.async_auth_flow()` instead of `.auth_flow()` to provide specialized implementations that will be used by `Client` and `AsyncClient` respectively. Frequestrreturn)typing.Generator[Request, Response, None]ccs |VdS)a Execute the authentication flow. To dispatch a request, `yield` it: ``` yield request ``` The client will `.send()` the response back into the flow generator. You can access it like so: ``` response = yield request ``` A `return` (or reaching the end of the generator) will result in the client returning the last response obtained from the server. You can dispatch as many requests as is necessary. NselfrrrE/home/kim/smarthome/.venv/lib/python3.10/site-packages/httpx/_auth.py auth_flow&s zAuth.auth_flowccs^|jr|||}t|} |V}|jr|z||}Wn ty-YdSwq)z Execute the authentication flow synchronously. By default, this defers to `.auth_flow()`. You should override this method when the authentication scheme does I/O and/or uses concurrency primitives. TN)requires_request_bodyreadrnextrequires_response_bodysend StopIterationrrZflowresponserrrsync_auth_flow>s   zAuth.sync_auth_flow(typing.AsyncGenerator[Request, Response]cCsj|jr |IdH||}t|} |V}|jr"|IdHz||}Wn ty3YdSwq)z Execute the authentication flow asynchronously. By default, this defers to `.auth_flow()`. You should override this method when the authentication scheme does I/O and/or uses concurrency primitives. N)rZareadrrrrrr rrrasync_auth_flowWs   zAuth.async_auth_flowNrrrr)rrrr#) __name__ __module__ __qualname____doc__rrrr"r$rrrrrs   rc@s$eZdZdZdddZdd d Zd S) FunctionAuthz Allows the 'auth' argument to be passed as a simple callable function, that takes the request, and returns a new, modified request. func#typing.Callable[[Request], Request]rNonecCs ||_dSNZ_func)rr+rrr__init__ws zFunctionAuth.__init__rrrccs||VdSr.r/rrrrrzszFunctionAuth.auth_flowN)r+r,rr-r%)r&r'r(r)r0rrrrrr*qs r*c@s.eZdZdZdddZdd d ZdddZdS)rzy Allows the 'auth' argument to be passed as a (username, password) pair, and uses HTTP Basic authentication. username str | bytespasswordrr-cCs||||_dSr.)_build_auth_header _auth_headerrr1r3rrrr0szBasicAuth.__init__rrrccs|j|jd<|VdS)N Authorization)r5headersrrrrrs  zBasicAuth.auth_flowstrcC,dt|t|f}t|}d|SN:zBasic joinr rdecoderr1r3Zuserpasstokenrrrr4  zBasicAuth._build_auth_headerNr1r2r3r2rr-r%r1r2r3r2rr9r&r'r(r)r0rr4rrrrr~s   rc@s0eZdZdZddddZdd d ZdddZdS)rzT Use a 'netrc' file to lookup basic auth credentials based on the url host. Nfile str | Nonerr-cCsddl}|||_dS)Nr)netrc _netrc_info)rrFrHrrrr0szNetRCAuth.__init__rrrccsR|j|jj}|dus|ds|VdS|j|d|dd|jd<|VdS)Nr)r1r3r7)rIauthenticatorsurlhostr4r8)rrZ auth_inforrrrs   zNetRCAuth.auth_flowr1r2r3r9cCr:r;r=r@rrrr4rBzNetRCAuth._build_auth_headerr.)rFrGrr-r%rDrErrrrrs    rc @seZdZUejejejejejejejejdZde d<d)d d Z d*ddZ d+ddZ d,ddZ d-ddZd.d"d#Zd/d&d'Zd(S)0r)MD5zMD5-SESSSHAzSHA-SESSzSHA-256z SHA-256-SESSzSHA-512z SHA-512-SESSz*dict[str, typing.Callable[[bytes], _Hash]]_ALGORITHM_TO_HASH_FUNCTIONr1r2r3rr-cCs$t||_t||_d|_d|_dS)Nr)r _username _password_last_challenge _nonce_countr6rrrr0s   zDigestAuth.__init__rrrccs|jr|||j|jd<|V}|jdksd|jvrdS|jdD] }|dr.nq#dS|||||_d|_|||j|jd<|j rRt |j j |d|VdS)Nr7izwww-authenticatezdigest rr) rSr4r8 status_codeZget_listlower startswith_parse_challengerTcookiesrZset_cookie_header)rrr! auth_headerrrrrs*   zDigestAuth.auth_flowr!r r[r9_DigestAuthChallengec Cs|d\}}}|dksJi}t|D]}|dd\} } t| || <qz4|d} |d} |dd} d |vrF|d nd }d |vrR|d nd }t| | | ||d WSt yr}z d }t ||d|d }~ww)z Returns a challenge from a Digest WWW-Authenticate header. These take the form of: `Digest realm="realm@host.com",qop="auth,auth-int",nonce="abc",opaque="xyz"`  digest=rrealmnonce algorithmrNopaqueNqop)r`rarbrcrdz(Malformed Digest WWW-Authenticate headerrU) partitionrWrstripsplitr encodegetr\KeyErrorr)rrr!r[scheme_fieldsZ header_dictfieldkeyvaluer`rarbrcrdexcmessagerrrrYs(     zDigestAuth._parse_challenge challengecsH|j|jdfdd }d|j|j|jf}|jj}d|j |f}||}d|j }| |j |j } |j d7_ ||} |jd rW|d| |j | f} |j|j|d } | durj| |j |g} n | |j || | |g} |j|j|j ||d| |j d } |jr|j| d <| rd | d<|| d<| | d<d|| S)Ndatabytesrcs|Sr.) hexdigestrh)rtZ hash_funcrrr^sz-DigestAuth._build_auth_header..digestr<s%08xrz-sessrU)r1r`raurir!rbrcauthrdnccnoncezDigest )rtrurru)rPrbupperr>rQr`rRrLraw_pathmethodrhrT_get_client_noncerarWendswith _resolve_qoprdrc_get_header_value)rrrsr^A1pathA2HA2Znc_valuer{HA1rdZ digest_dataZ format_argsrrwrr4s<   zDigestAuth._build_auth_header nonce_countintrarucCsLt|}||7}|t7}|td7}t|ddS)N) r9rhtimectimeosurandomhashlibsha1rv)rrrasrrrr/s zDigestAuth._get_client_nonce header_fieldsdict[str, bytes]c Csbd}d}d}d}t|D] \}\}}|dkr|d7}||vr"|n|} || |t|7}q|S)N)rbrdrzz{}="{}"z{}={}rz, ) enumerateitemsformatr ) rrZNON_QUOTED_FIELDSZQUOTED_TEMPLATEZNON_QUOTED_TEMPLATE header_valueirnrptemplaterrrr7szDigestAuth._get_header_valuerd bytes | NonecCsN|durdStd|}d|vrdS|dgkrtdd|d}t||d)Ns, ?rysauth-intz.Digest auth-int support is not yet implementedzUnexpected qop value "z" in digest authrU)rergNotImplementedErrorr)rrdrZqopsrrrrrrIs    zDigestAuth._resolve_qopNrCr%)rrr!r r[r9rr\)rrrsr\rr9)rrrarurru)rrrr9)rdrrrrr)r&r'r(rmd5rsha256sha512rP__annotations__r0rrYr4rrrrrrrrs"     0 rc@s6eZdZUded<ded<ded<ded<ded<d S) r\rur`rar9rbrrcrdN)r&r'r(rrrrrr\Ws  r\) __future__rrrrrtypingbase64rurllib.requestr _exceptionsrZ_modelsrrr Z_utilsr r r TYPE_CHECKINGr __all__rr*rrr NamedTupler\rrrrs*     [ )