rheddlZddlmZddlmZddlmZddlmZm Z m Z ddl Z ddl m Zddl mZmZmZmZdd lmZmZdd lmZdd lmZ dd l mZmZd Zhdj=ej>Z GddZ!y#e$rdZY1wxYw)N)Iterable) timedelta)cached_property)AnyOptionalUnion) gettext_lazy)ExpiredSignatureErrorInvalidAlgorithmErrorInvalidTokenError algorithms)TokenBackendErrorTokenBackendExpiredToken)Token) format_lazy) PyJWKClientPyJWKClientErrorTF> ES256ES384ES512HS256HS384HS512RS256RS384RS512c<eZdZ ddedeededeeedfdeedeedeeee dfd ee e jd dfd Z ed efd Zed efd Zdeed efdZded dfdZd e fdZded efdZdeeefd efdZddeded eeeffdZy) TokenBackendN algorithm signing_key verifying_keyaudienceissuerjwk_urlleeway json_encoderreturnc |j|||_||_||_||_||_t r|r t|nd|_nd|_||_ ||_ yN) _validate_algorithmr r!r"r#r$JWK_CLIENT_AVAILABLEr jwks_clientr&r') selfr r!r"r#r$r%r&r's t/var/www/html/ai-insurance-compliance-backend/venv/lib/python3.12/site-packages/rest_framework_simplejwt/backends.py__init__zTokenBackend.__init__)sb   +"&*   7>{73DD #D  (c8|j|jSr*) _prepare_keyr!r.s r/prepared_signing_keyz!TokenBackend.prepared_signing_keyDs  !1!122r1c8|j|jSr*)r3r"r4s r/prepared_verifying_keyz#TokenBackend.prepared_verifying_keyHs  !3!344r1keyc|ttjdds|Stjj|j}|j |S)Nget_algorithm_by_name)getattrjwtPyJWSr:r prepare_key)r.r8jws_algs r/r3zTokenBackend._prepare_keyLsG ;gcii1H$OJ))+33DNNC""3''r1c|tvrtttd||tj vr/tj stttd|yy)z Ensure that the nominated algorithm is recognized, and that cryptography is installed for those algorithms that require it z Unrecognized algorithm type '{}'z/You must have cryptography installed to use {}.N)ALLOWED_ALGORITHMSrr_r requires_cryptography has_crypto)r.r s r/r+z TokenBackend._validate_algorithmSsl . .#A@A9M   88 8AVAV#GH) BW 8r1cL|j tdSt|jttfrt|jSt|jtr |jSt t tdt|j)Nr)secondszIUnrecognized type '{}', 'leeway' must be of type int, float or timedelta.) r&r isinstanceintfloatrrrBtyper4s r/ get_leewayzTokenBackend.get_leewayds~ ;; Q' '  c5\ 2T[[1 1  Y /;; #c%  r1tokenc|jjdr |jS|jr& |jj |j S|jS#t $r}ttd|d}~wwxYw)NHSToken is invalid) r startswithr5r-get_signing_key_from_jwtr8rrrBr7)r.rLes r/get_verifying_keyzTokenBackend.get_verifying_keyus >> $ $T *,, ,    F''@@GKKK***$ F'*<(=>AE Fs$A&& B /BB payloadcB|j}|j|j|d<|j|j|d<tj||j |j |j}t|tr|jdS|S)zL Returns an encoded token for the given payload dictionary. audiss)r r'zutf-8) copyr#r$r<encoder5r r'rGbytesdecode)r.rT jwt_payloadrLs r/rYzTokenBackend.encodeslln == $!%K  ;; "!%K    % %nn**   eU #<<( ( r1verifyc  tj||j||jg|j|j |j |jdu|dS#t$r}ttd|d}~wt$r}ttd|d}~wt$r}ttd|d}~wwxYw)z Performs a validation of the given token and returns its payload dictionary. Raises a `TokenBackendError` if the token is malformed, if its signature check fails, or if its 'exp' claim indicates it has expired. N) verify_audverify_signature)r r#r$r&optionszInvalid algorithm specifiedzToken is expiredrO) r<r[rSr r#r$rKr rrBr rr )r.rLr]rRs r/r[zTokenBackend.decodes B::&&u- NN+{{("&--t";(.  % M#A&C$DE1 L$ I*1-?+@Aq H  B#A&8$9: A Bs0A&A)) C2B CB(( C4C  C)NNNNNN)T)__name__ __module__ __qualname__strrrrrIrHrrJjson JSONEncoderr0rrr5r7r3r+rKrrSdictrYboolr[r1r/rr(sl&*/3 $!%599=))c]) ) Xt+, )  )#)eS)T12)tD$4$456) )63c33555( (#(ST"I" +u + +d38n,BEB4B4S>Br1r)"rgcollections.abcrdatetimer functoolsrtypingrrrr<django.utils.translationr rBr r r r exceptionsrrtokensrutilsrrrr, ImportErrorunionrCrArrkr1r/rvs $%'' 6D!1 % (()IBIB!! !s A>>BB