o 'hp%@sdZddlmZddlZddlZddlmZddlmZddlm Z m Z m Z m Z ddl mZddlmZmZmZmZmZdd lmZegd Z Gd d d Zed gdZ edgdZ eddgZ d1ddZd2d!d"Zd3d&d'Zd4d*d+Z d5d/d0Z!dS)6z6Constants and types shared across multiple auth types.) annotationsN)standard_b64encode) namedtuple)AnyDictMappingOptional)Binary)_OIDCAzureCallback_OIDCGCPCallback_OIDCK8SCallback_OIDCProperties_OIDCTestCallback)ConfigurationError)GSSAPI MONGODB-OIDC MONGODB-X509 MONGODB-AWSPLAINz SCRAM-SHA-1z SCRAM-SHA-256DEFAULTc@s@eZdZdZedZdddZdd d Zdd d ZdddZ dS)_CachedatareturnNonecCs d|_dSNrselfrO/var/www/html/olx_land/venv/lib/python3.10/site-packages/pymongo/auth_shared.py__init__7s z_Cache.__init__otherobjectboolcCt|trdStS)NT isinstancerNotImplementedrr!rrr__eq__:s z _Cache.__eq__cCr$)NFr%r(rrr__ne__@s z _Cache.__ne__intcCs|jSr) _hash_valrrrr__hash__Esz_Cache.__hash__N)rr)r!r"rr#)rr+) __name__ __module__ __qualname__ __slots__hashr,r r)r*r-rrrrr2s   rMongoCredential) mechanismsourceusernamepasswordmechanism_propertiescacheGSSAPIProperties service_namecanonicalize_host_name service_realm service_host_AWSPropertiesaws_session_tokenvalue str | boolrcCs8gd}|dvr |dvS||vrtd|d||S)N)FTnoneforwardforwardAndReverse)truefalseTF)rGTzCANONICALIZE_HOST_NAME 'z' not in valid options: ) ValueError)rB valid_namesrrr _validate_canonicalize_host_nameZs rKmechstrr5 Optional[str]userpasswdextraMapping[str, Any]databasecCsH|dvr|durt|d|dkrQ|dur|dkrtd|di}|dd }|d d}|d d } t| } |d } t|| | |d} t|d||| dS|dkrr|dur]td|duri|dkritdt|d|dddS|dkr|dur|durtd|dur|dkrtd|di}|d} t| d} t|d||| dS|dkrs|di}|d}|d}|d}|dd}gd}|d|}|dddur|durtdd }|durd!}t||s|r|durt||r|rd"}t|nU|durX|d#kr |durd$}t|t}n<|d%kr3d}|s.td&t|}n)|d'krFd}|sAtd(t |}n|d)krQd}t }n td*|t|t ||||||pfdd+}t|d|||t S|d,kr|p|pd}t||||ddS|p|pd-}|durtd.t||||dt S)/z8Build and return a mechanism specific credentials tuple.)rrrNz requires a usernamerz $externalz:authentication source must be $external or None for GSSAPIauthmechanismproperties SERVICE_NAMEmongodb SERVICE_HOSTCANONICALIZE_HOST_NAMErH SERVICE_REALMr;rz+Passwords are not supported by MONGODB-X509z@authentication source must be $external or None for MONGODB-X509rz;username without a password is not supported by MONGODB-AWSz?authentication source must be $external or None for MONGODB-AWSAWS_SESSION_TOKEN)rAr OIDC_CALLBACKOIDC_HUMAN_CALLBACK ENVIRONMENTTOKEN_RESOURCE)z *.mongodb.netz*.mongodb-dev.netz*.mongodb-qa.netz*.mongodbgov.net localhostz 127.0.0.1z::1 ALLOWED_HOSTSz4ALLOWED_HOSTS is only valid with OIDC_HUMAN_CALLBACKzVauthentication with MONGODB-OIDC requires providing either a callback or a environmentz)password is not supported by MONGODB-OIDCz5cannot set both OIDC_CALLBACK and OIDC_HUMAN_CALLBACKtestz;test environment for MONGODB-OIDC does not support usernameazurezTAzure environment for MONGODB-OIDC requires a TOKEN_RESOURCE auth mechanism propertygcpzOGCP provider for MONGODB-OIDC requires a TOKEN_RESOURCE auth mechanism propertyk8sz+unrecognized ENVIRONMENT for MONGODB-OIDC: )callbackhuman_callback environment allowed_hoststoken_resourcer6radminzA password is required) rrIgetrKr:r3r@rr r r r r)rLr5rOrPrQrS propertiesr<r? canonicalizer>propsrA aws_propsrfrgenvironrjdefault_allowedrimsg oidc_propssource_databaserrr_build_credentials_tupleds                            rvfirbytesseccCsdddt||DS)zXOR two byte strings together.cSsg|] \}}t||AgqSr)rx).0xyrrr sz_xor..)joinzip)rwryrrr_xorsrresponseDict[bytes, bytes]cCstdd|dDS)z-Split a scram response into key, value pairs.css.|]}ttjttf|ddVqdS)=N)typingcastTuplerxsplit)r{itemrrr s  z(_parse_scram_response..,)dictr)rrrr_parse_scram_responsesr credentialsr44tuple[bytes, bytes, typing.MutableMapping[str, Any]]cCsd|j}|ddddd}ttd}d|d|}d |td |d d d id }|||fS)Nzutf-8rs=3Drs=2C sn=s,r=rsn,,skipEmptyExchangeT) saslStartr4payload autoAuthorizeoptions)r6encodereplacerosurandomr )rr4r6rOnonce first_barecmdrrr_authenticate_scram_starts  r)rBrCrrC)rLrMr5rNrOrNrPrNrQrRrSrNrr3)rwrxryrxrrx)rrxrr)rr3r4rMrr)"__doc__ __future__rrrbase64r collectionsrrrrrbsonr pymongo.auth_oidc_sharedr r r r rpymongo.errorsr frozenset MECHANISMSrr3r:r@rKrvrrrrrrrs>         ~