3 ,�[q9 � @ s@ d Z ddlmZmZ ddlZddlZddlZddlZddlZddl Z yddl mZ ddl mZ W n, e k r� ddlmZ ddlmZ Y nX y(ddlmZ ddlmZ dd lmZ W n8 e k r� ddlmZ ddlmZ dd lmZ Y nX yddlZW n e k �r ddljZY nX d ZdZejdej�Zejd �ZdZ ej!d�Z"ej#d dkZ$e$�rje%Z&e'Z(ne)Z&e%Z(d<dd�Zdd� Zdd� Zdd� Z*dd� Z+e,e �e,d�B Z-dd� Z.dd � Z/d!d"� Z0d#d$� Z1d%efd&d'�Z2d(d)� Z3d*d+� Z4d%efd,d-�Z5d.d/� Z6d=d1d2�Z7d3d4� Z8d>d6d7�Z9G d8d9� d9e:�Z;G d:d;� d;e<�Z=dS )?z| oauthlib.common ~~~~~~~~~~~~~~ This module provides data structures and utilities common to all implementations of OAuth. � )�absolute_import�unicode_literalsN)�randbits)�SystemRandom)�getrandbits)�quote)�unquote)� urlencodeZ>abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789z_ !"#$%&\'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}z&([^&;]*(?:password|token)[^=]*=)[^&;]+z&%[^0-9A-Fa-f]|%[0-9A-Fa-f][^0-9A-Fa-f]zAABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789_.-Zoauthlib� � /c C s: t | t�r| jd�n| } t| |�} t | t�r6| jd�} | S )Nzutf-8)� isinstance�unicode_type�encode�_quote� bytes_type�decode)�sZsafe� r �/usr/lib/python3.6/common.pyr @ s r c C s t | �} t| t�r| jd�} | S )Nzutf-8)�_unquoter r r )r r r r r J s r c C s, t | �}t|�}t|t�r|S |jd�S d S )Nzutf-8)�encode_params_utf8� _urlencoder r r )�paramsZutf8_params� urlencodedr r r r T s r c C sP g }xF| D ]>\}}|j t|t�r*|jd�n|t|t�r@|jd�n|f� q W |S )ziEnsures that all parameters in a list of 2-element tuples are encoded to bytestrings using UTF-8 zutf-8)�appendr r r )r Zencoded�k�vr r r r ] s r c C sP g }xF| D ]>\}}|j t|t�r*|jd�n|t|t�r@|jd�n|f� q W |S )zfEnsures that all parameters in a list of 2-element tuples are decoded to unicode using UTF-8. zutf-8)r r r r )r Zdecodedr r r r r �decode_params_utf8i s r z=&;:%+~,*@!()/?c C st | r.t | �tk r.d}t|t | �t | f ��tj| �r@td��t rZt| t�rZ| jd�n| } t j | dd�}t|�S )a� Decode a query string in x-www-form-urlencoded format into a sequence of two-element tuples. Unlike urlparse.parse_qsl(..., strict_parsing=True) urldecode will enforce correct formatting of the query string by validation. If validation fails a ValueError will be raised. urllib.parse_qsl will only raise errors if any of name-value pairs omits the equals sign. z�Error trying to decode a non urlencoded string. Found invalid characters: %s in the string: '%s'. Please ensure the request/response body is x-www-form-urlencoded.z%Invalid hex encoding in query string.zutf-8T)�keep_blank_values)�setr � ValueError�INVALID_HEX_PATTERN�search�PY3r r r �urlparse� parse_qslr )�query�errorr r r r � urldecodex s r( c C s� t | t�st | t�r<yt| �}W q� tk r8 d}Y q�X nnt| d�r�yt| � W n. tk rj d}Y q� tk r� d}Y q�X tt | t�r�| j � n| �}t |�}nd}|S )a* Extract parameters and return them as a list of 2-tuples. Will successfully extract parameters from urlencoded query strings, dicts, or lists of 2-tuples. Empty strings/dicts/lists will return an empty list of parameters. Any other input will result in a return value of None. N�__iter__)r r r r( r �hasattr�dict� TypeError�list�itemsr )�rawr r r r �extract_params� s r0 c C s t t td��t� �S )a� Generate pseudorandom nonce that is unlikely to repeat. Per `section 3.3`_ of the OAuth 1 RFC 5849 spec. Per `section 3.2.1`_ of the MAC Access Authentication spec. A random 64-bit number is appended to the epoch timestamp for both randomness and to decrease the likelihood of collisions. .. _`section 3.2.1`: https://tools.ietf.org/html/draft-ietf-oauth-v2-http-mac-01#section-3.2.1 .. _`section 3.3`: https://tools.ietf.org/html/rfc5849#section-3.3 �@ )r r �generate_timestampr r r r �generate_nonce� s r3 c C s t ttj� ��S )aD Get seconds since epoch (UTC). Per `section 3.3`_ of the OAuth 1 RFC 5849 spec. Per `section 3.2.1`_ of the MAC Access Authentication spec. .. _`section 3.2.1`: https://tools.ietf.org/html/draft-ietf-oauth-v2-http-mac-01#section-3.2.1 .. _`section 3.3`: https://tools.ietf.org/html/rfc5849#section-3.3 )r �int�timer r r r r2 � s r2 � c s$ t � �dj� �fdd�t| �D ��S )aX Generates a non-guessable OAuth token OAuth (1 and 2) does not specify the format of tokens except that they should be strings of random characters. Tokens should not be guessable and entropy when generating the random characters is important. Which is why SystemRandom is used instead of the default random.choice method. � c 3 s | ]}�j � �V qd S )N)Zchoice)�.0�x)�chars�randr r � <genexpr>� s z!generate_token.<locals>.<genexpr>)r �join�range)�lengthr: r )r: r; r �generate_token� s r@ c C sT dd l }tjj� }|j|tj|jd� d�}|j|j� |j|| d�}t |d�}|S )Nr )Zseconds)�scopeZexp�RS256zUTF-8) �jwt�datetimeZutcnowrA Z timedeltaZ expires_in�update�claimsr � to_unicode)Zprivate_pemZrequestrC ZnowrF �tokenr r r �generate_signed_token� s rI c C s dd l }|j|| dgd�S )Nr rB )Z algorithms)rC r )Z public_pemrH rC r r r �verify_signed_token� s rJ c C s t | |�S )z�Generates an OAuth client_id OAuth 2 specify the format of client_id in https://tools.ietf.org/html/rfc6749#appendix-A. )r@ )r? r: r r r �generate_client_id s rK c C s2 t |t�r|j� }tj| dd�}|j|� t|�S )z)Extend a query with a list of two-tuples.T)r )r r+ r. r$ r% �extendr )r&