ÿØÿà JFIF    ÿÛ C    !"$"$ÿÛ C  ÿ p " ÿÄ     ÿÄ   ÿÚ   ÕÔË® (% aA*‚XYD¡(J„¡E¢RE,P€XYae )(E¤²€B¤R¥ BQ¤¢ X«)X…€¤  @ .............................................................................................................................................................................. ............................................................................. ÿØÿà JFIF    ÿÛ C    !"$"$ÿÛ C  ÿ p " ÿÄ     ÿÄ   ÿÚ   ÕÔË® (% aA*‚XYD¡(J„¡E¢RE,P€XYae )(E¤²€B¤R¥ BQ¤¢ X«)X…€¤  @ .............................................................................................................................................................................. ............................................................................. o li#@sddlZddlZddlmZddlmZmZmZmZm Z ddl m Z m Z m Z mZddlmZmZmZmZddlmZmZGdd d ZeZejZejZejZejZejZejZdS) N)Mapping)AnyDictListOptionalType) Algorithmget_default_algorithms has_cryptorequires_cryptography) DecodeErrorInvalidAlgorithmErrorInvalidSignatureErrorInvalidTokenError)base64url_decodebase64url_encodec @seZdZdZd-ddZeddZddZd d Zd d Z  d.de de de e de e de eejde f ddZ   d/de de dee de de e eff ddZ   d/de de dee de de f ddZddZd d!Z  d0d"d#Zd$hZd%d&d'd(Zd)d*Zd+d,ZdS)1PyJWSJWTNcCslt|_|dur t|nt|j|_t|jD] }||jvr$|j|=q|dur+i}i|||_dS)N)r _algorithmsset _valid_algslistkeys_get_default_optionsoptions)self algorithmsrkeyr-/usr/lib/python3/dist-packages/jwt/api_jws.py__init__s zPyJWS.__init__cCsddiS)Nverify_signatureTrrrrr r'szPyJWS._get_default_optionscCs>||jvr tdt|tstd||j|<|j|dS)zW Registers a new Algorithm for use when creating and verifying tokens. z Algorithm already has a handler.z!Object is not of type `Algorithm`N)r ValueError isinstancer TypeErrorradd)ralg_idalg_objrrr register_algorithm+s   zPyJWS.register_algorithmcCs*||jvr td|j|=|j|dS)z Unregisters an Algorithm for use when creating and verifying tokens Throws KeyError if algorithm is not registered. zJThe specified algorithm could not be removed because it is not registered.N)rKeyErrorrremove)rr'rrr unregister_algorithm8s zPyJWS.unregister_algorithmcCs t|jS)zM Returns a list of supported values for the 'alg' parameter. )rr)rrrr get_algorithmsFs zPyJWS.get_algorithmsHS256payloadr algorithmheaders json_encoderreturnc Cs g}|durd}|rd|vr|dr|d}|j|d}|r1|j|dd|||ds1|d=tj|d|d}|t||t|d |} z|j |} | |}| | |} Wnt y~} zt su|tvrutd || td | d} ~ ww|t| d |} | d S) Nnonealg)typr5Tencodingr6),:) separatorscls.zFAlgorithm '%s' could not be found. Do you have cryptography installed?Algorithm not supportedutf-8) header_typ_validate_headersupdatejsondumpsencodeappendrjoinr prepare_keysignr*r r NotImplementedErrordecode)rr/rr0r1r2segmentsheader json_header signing_inputr( signatureeencoded_stringrrr rELsL         z PyJWS.encodejwtrrc Ksp|duri}i|j|}|d}|r|std||\}} } } || |r2|| | | |||| | dS)Nr"z\It is required that you pass in a value for the "algorithms" argument when calling decode().)r/rMrP)rr _loadrA_verify_signature) rrTrrrkwargsmerged_optionsr"r/rOrMrPrrr decode_completes  zPyJWS.decode_completecKs |j||||fi|}|dS)Nr/)rY)rrTrrrrWdecodedrrr rKsz PyJWS.decodecCs||d}|||S)zReturns back the JWT header parameters as a dict() Note: The signature is not verified so the header parameters should not be fully trusted until signature verification is complete )rUrA)rrTr1rrr get_unverified_headers zPyJWS.get_unverified_headerc Csjt|tr |d}t|tstdtz|dd\}}|dd\}}Wnty9}ztd|d}~wwzt|}Wnt t j fyT}ztd|d}~wwzt |}Wntyo} ztd| | d} ~ wwt|tsytdzt|} Wnt t j fy}ztd |d}~wwzt|} Wnt t j fy}ztd |d}~ww| ||| fS) Nr?z$Invalid token type. Token must be a r=rzNot enough segmentszInvalid header paddingzInvalid header string: %sz,Invalid header string: must be a json objectzInvalid payload paddingzInvalid crypto padding)r$strrEbytesr rsplitsplitr#rr%binasciiErrorrCloadsr) rrTrOcrypto_segmentheader_segmentpayload_segmenterr header_datarMrQr/rPrrr rUsL            z PyJWS._loadc Csv|d}|dur||vrtdz|j|}||}||||s'tdWdSty:}ztd|d}~ww)Nr5z&The specified alg value is not allowedzSignature verification failedr>)getrrrHverifyrr*) rrOrMrPrrr5r(rQrrr rVs    zPyJWS._verify_signatureb64Fr7cCs8d|vr ||d|sd|vr||dSdSdS)Nkidcrit) _validate_kid_validate_crit)rr1r8rrr rAs  zPyJWS._validate_headerscCst|ts tddS)Nz(Key ID header parameter must be a string)r$r]r)rrlrrr rns zPyJWS._validate_kidcCsv|d}t|trt|dkrtd|D]#}t|ts td||jvr,td|||vr8td|dqdS)Nrmrz/Invalid 'crit' header: must be a non-empty listz-Invalid 'crit' header: values must be stringsz Unsupported critical extension: zCritical extension 'z' is missing from headers)r$rlenrr]_supported_crit)rr1rmextrrr ros   zPyJWS._validate_crit)NN)r.NN)rSNN)rSN)__name__ __module__ __qualname__r@r! staticmethodrr)r,r-r^r]rrrrC JSONEncoderrErrrYrKr\rUrVrqrArnrorrrr rs|      :  "   +   r)rarCcollections.abcrtypingrrrrrrr r r r exceptionsr rrrutilsrrr_jws_global_objrErYrKr)r,r\rrrr s"