o 'hA @sxUdZddlmZddlZddlZddlZddlZddlmZm Z ddl m Z m Z m Z mZmZmZmZmZddlmZddlmZddlmZdd lmZmZdd lmZdd lmZm Z m!Z!m"Z"dd l#m$Z$m%Z%dd l&m'Z'e r}ddl(m)Z)ddl*m+Z+dZ,dZ-zddl.Z/e0e1e2e/j34ddddkrdZ-Wne5yzddl/Z/Wn e5ydZ,YnwYnwdZ6dHddZ7dId!d"Z8dJd$d%Z9dKd)d*Z:dLd+d,Z;dLd-d.Ze;e=eeed6Z@d7eAd8<Gd9d:d:ZBGd;d<dd>eBZDGd?d@d@eBZEeDej?eCd3d4ej?eCd5d4eEej?eCd5d4dAZFdBeAdC< dMdNdFdGZGdS)OzAuthentication helpers.) annotationsN)standard_b64decodestandard_b64encode) TYPE_CHECKINGAnyCallable CoroutineMappingMutableMappingOptionalcast)quote)Binary)_authenticate_aws)_authenticate_oidc_get_authenticator) _getaddrinfo)MongoCredential_authenticate_scram_start_parse_scram_response_xor)ConfigurationErrorOperationFailure)saslprep)AsyncConnection)HelloTF.)r credentialsrconnr mechanismstrreturnNonec s|j}|dkrd}tj}t|jd}nd}tj}t||jd}|j}|j }t j } |j } | rM| rMt| ts=J| jdusDJ| j\} } | j} nt||\} } }|||IdH} | dusdJ| d}t|}t|d}|dkrztd |d }|d }|| std d |}|jr|j\}}}}nd\}}}}|r||ks||krt||t||}| |d|}| |d|}||||f|_||}d| ||f}| |||}dtt||}d||f}t| |||}d| dt|d}|||IdH} t| d}t |d|s!td| dsBd| dtdd}|||IdH} | dsDtddSdS)zAuthenticate using SCRAM. SCRAM-SHA-256sha256utf-8sha1Npayloadiiz+Server returned an invalid iteration count.srz!Server returned an invalid nonce.s c=biws,r=)NNNNs Client Keys Server Key,sp=conversationId saslContinuer/r)vz%Server returned an invalid signature.donez%SASL conversation failed to complete.)!usernamehashlibr&rpasswordencoder(_password_digestsourcecachehmacHMACauth_ctxspeculate_succeeded isinstance _ScramContext scram_dataspeculative_authenticatercommandrintr startswithdata pbkdf2_hmacrdigestjoinrrrcompare_digest) rr r!r5rI digestmodrGr:r;_hmacctxnonce first_barerescmd server_firstparsed iterationssaltrnonce without_proof client_key server_keycsalt citerations salted_pass stored_keyauth_msg client_sig client_proof client_final server_sigrdU/var/www/html/olx_land/venv/lib/python3.10/site-packages/pymongo/asynchronous/auth.py_authenticate_scramHs~          rfr5r7cCspt|ts tdt|dkrtdt|ts!tdt|t}|d|}|| d| S)z0Get a password digest to use for authentication.z#password must be an instance of strrzpassword can't be emptyz)username must be an instance of str, not z:mongo:r') r@r" TypeErrorlen ValueErrortyper6md5updater8 hexdigest)r5r7md5hashrGrdrdrer9s   r9rOcCs:t||}t}|||}||d|S)z*Get an auth key to use for authentication.r')r9r6rkrlr8rm)rOr5r7rIrnrGrdrdre _auth_keys rohostnameoption str | boolcs|dvr|St|dddtjtjdIdHd\}}}}}|dkr%|Sz t|tj}Wntjy<|YSw|dS)z2Canonicalize hostname following MIT-krb5 behavior.)FnoneNr)familyrjprotoflagsforward)rsocket IPPROTO_TCP AI_CANONNAMElower getnameinfo NI_NAMEREQDgaierror)rprqafsocktyperu canonnamesockaddrnamerdrdre_canonicalize_hostnames*    rc s~tstdz!|j}|j}|j}|jp|jd}t||jIdH}|j d|}|j dur6|d|j }|durst rSd t |t |f}tj||tjd\}} n*d|vr`|dd\} } n|d} } tj|tj| | |d\}} n tj|tjd\}} |tjkrtd zt| d dkrtd t| } dd | dd } |d| IdH}tdD]3}t| t|d}|dkrtd t| pd } d|d| d} |d| IdH}|tjkrnqtdt| t|ddkrtdt| t| |dkrtdt| } d|d| d} |d| IdHWt| WdSt| wtjy>}ztt|dd}~ww)zAuthenticate using GSSAPI.zEThe "kerberos" module must be installed to use GSSAPI authentication.rN@:)gssflagsr.)ruserdomainr7z&Kerberos context failed to initialize.z*Unknown kerberos failure in step function.GSSAPI saslStartr!r) autoAuthorize $external r)r/r0z+Kerberos authentication failed to complete.z0Unknown kerberos failure during GSS_Unwrap step.z.Unknown kerberos failure during GSS_Wrap step.) HAVE_KERBEROSrr5r7mechanism_properties service_hostaddressrcanonicalize_host_name service_name service_realm_USE_PRINCIPALrJr kerberosauthGSSClientInitGSS_C_MUTUAL_FLAGsplitAUTH_GSS_COMPLETErauthGSSClientStepauthGSSClientResponserDranger"authGSSClientUnwrapauthGSSClientWrapauthGSSClientCleanKrbError)rr r5r7propshostservice principalresultrNrrr)rRresponse_excrdrdre_authenticate_gssapis         rcsP|j}|j}|j}d|d|}ddt|dd}|||IdHdS)z(Authenticate using SASL PLAIN (RFC 4616)r.PLAINrN)r:r5r7r8rrD)rr r:r5r7r)rRrdrdre_authenticate_plain@srcs>|j}|r |r dSt||j}|d|IdHdS)z Authenticate using MONGODB-X509.Nr)r>r? _X509Contextrspeculate_commandrD)rr rNrRrdrdre_authenticate_x509Os  rcs|jdkrB|jr |j}n|j}|}|d|j|d<|j||ddIdHdg}d|vr9t||dIdHSt||dIdHSt||dIdHS)NrsaslSupportedMechsF)publish_eventsr% SCRAM-SHA-1)max_wire_versionnegotiated_mechsr: hello_cmdr5rDgetrf)rr mechsr:rRrdrdre_authenticate_defaultZs rr)r!r%)r MONGODB-X509z MONGODB-AWS MONGODB-OIDCrrr%DEFAULTz6Mapping[str, Callable[..., Coroutine[Any, Any, None]]] _AUTH_MAPc@sBeZdZdddZedd d ZdddZdddZdddZdS) _AuthContextrrrtuple[str, int]r#r$cCs||_d|_||_dSN)rrCr)selfrrrdrdre__init__zs z_AuthContext.__init__credsOptional[_AuthContext]cCs$t|j}|rtt|||SdSr)_SPECULATIVE_AUTH_MAPrr!r r)rrspec_clsrdrdrefrom_credentialss z_AuthContext.from_credentials"Optional[MutableMapping[str, Any]]cCstr)NotImplementedErrorrrdrdrersz_AuthContext.speculate_commandhelloHello[Mapping[str, Any]]cCs |j|_dSr)rC)rrrdrdreparse_responses z_AuthContext.parse_responseboolcCs t|jSr)rrCrrdrdrer?s z _AuthContext.speculate_succeededN)rrrrr#r$)rrrrr#rr#r)rrr#r$)r#r) __name__ __module__ __qualname__r staticmethodrrrr?rdrdrdrerys    rcs(eZdZdfd d Zdd d ZZS)rArrrrr!r"r#r$cst||d|_||_dSr)superrrBr!)rrrr! __class__rdrers z_ScramContext.__init__rcCs.t|j|j\}}}|jj|d<||f|_|SNdb)rrr!r:rB)rrOrPrRrdrdrers  z_ScramContext.speculate_command)rrrrr!r"r#r$r)rrrrr __classcell__rdrdrrerAsrAc@eZdZdddZdS)rr#MutableMapping[str, Any]cCs&ddd}|jjdur|jj|d<|S)Nr.r) authenticater!r)rr5)rrRrdrdrers   z_X509Context.speculate_commandN)r#rrrrrrdrdrdrerrc@r) _OIDCContextr#rcCs2t|j|j}|}|durdS|jj|d<|Sr)rrrget_spec_auth_cmdr:)r authenticatorrRrdrdrers  z_OIDCContext.speculate_commandNrrrdrdrdrerrr)rrr%rrzMapping[str, Any]rreauthenticatercsB|j}t|}|dkrt|||IdHdS|||IdHdS)zAuthenticate connection.rN)r!rr)rr rr! auth_funcrdrdrers r)rrr rr!r"r#r$)r5r"r7r"r#r")rOr"r5r"r7r"r#r")rpr"rqrrr#r")rrr rr#r$)F)rrr rrrr#r$)H__doc__ __future__r functoolsr6r<rxbase64rrtypingrrrrr r r r urllib.parser bson.binaryrpymongo.asynchronous.auth_awsrpymongo.asynchronous.auth_oidcrrpymongo.asynchronous.helpersrpymongo.auth_sharedrrrrpymongo.errorsrrpymongo.saslpreprpymongo.asynchronous.poolr pymongo.hellorrr winkerberosrtuplemaprE __version__r ImportError_IS_SYNCrfr9rorrrrrpartialr__annotations__rrArrrrrdrdrdres (      "     U   n