HEX
Server: LiteSpeed
System: Linux s1049.use1.mysecurecloudhost.com 4.18.0-477.27.2.lve.el8.x86_64 #1 SMP Wed Oct 11 12:32:56 UTC 2023 x86_64
User: xedaptot (3356)
PHP: 8.3.31
Disabled: NONE
Upload Files
File: //proc/thread-self/root/lib/python3.6/site-packages/jwcrypto/__pycache__/jwt.cpython-36.pyc
3

�-3[�?�@s�ddlZddlZddlmZddlmZmZmZddlm	Z	ddl
mZmZddl
mZddd	d
ddd
d�ZGdd�de�ZGdd�de�ZGdd�de�ZGdd�de�ZGdd�de�ZGdd�de�ZGdd�de�ZGdd�de�ZdS)�N)�string_types)�JWException�json_decode�json_encode)�JWE)�JWK�JWKSet)�JWSZIssuerZSubjectZAudiencezExpiration Timez
Not Beforez	Issued AtzJWT ID)�iss�sub�aud�exp�nbf�iat�jtics"eZdZdZd�fdd�	Z�ZS)�
JWTExpiredzmJson Web Token is expired.

    This exception is raised when a token is expired accoring to its claims.
    Ncs>d}|rt|�}nd}|r*|dt|�7}tt|�j|�dS)Nz
Token expiredz {%s})�str�superr�__init__)�self�message�	exception�msg)�	__class__��/usr/lib/python3.6/jwt.pyrs
zJWTExpired.__init__)NN)�__name__�
__module__�__qualname__�__doc__r�
__classcell__rr)rrrsrcs"eZdZdZd�fdd�	Z�ZS)�JWTNotYetValidz~Json Web Token is not yet valid.

    This exception is raised when a token is not valid yet according to its
    claims.
    Ncs>d}|rt|�}nd}|r*|dt|�7}tt|�j|�dS)NzToken not yet validz {%s})rrr!r)rrrr)rrrr1s
zJWTNotYetValid.__init__)NN)rrrrrr rr)rrr!*sr!cs"eZdZdZd�fdd�	Z�ZS)�JWTMissingClaimzsJson Web Token claim is invalid.

    This exception is raised when a claim does not match the expected value.
    Ncs>d}|rt|�}nd}|r*|dt|�7}tt|�j|�dS)NzInvalid Claim Valuez {%s})rrr"r)rrrr)rrrrBs
zJWTMissingClaim.__init__)NN)rrrrrr rr)rrr"<sr"cs"eZdZdZd�fdd�	Z�ZS)�JWTInvalidClaimValuezsJson Web Token claim is invalid.

    This exception is raised when a claim does not match the expected value.
    Ncs>d}|rt|�}nd}|r*|dt|�7}tt|�j|�dS)NzInvalid Claim Valuez {%s})rrr#r)rrrr)rrrrSs
zJWTInvalidClaimValue.__init__)NN)rrrrrr rr)rrr#Msr#cs"eZdZdZd�fdd�	Z�ZS)�JWTInvalidClaimFormatzqJson Web Token claim format is invalid.

    This exception is raised when a claim is not in a valid format.
    Ncs>d}|rt|�}nd}|r*|dt|�7}tt|�j|�dS)NzInvalid Claim Formatz {%s})rrr$r)rrrr)rrrrds
zJWTInvalidClaimFormat.__init__)NN)rrrrrr rr)rrr$^sr$cs"eZdZdZd�fdd�	Z�ZS)�JWTMissingKeyIDz�Json Web Token is missing key id.

    This exception is raised when trying to decode a JWT with a key set
    that does not have a kid value in its header.
    Ncs>d}|rt|�}nd}|r*|dt|�7}tt|�j|�dS)NzMissing Key IDz {%s})rrr%r)rrrr)rrrrvs
zJWTMissingKeyID.__init__)NN)rrrrrr rr)rrr%osr%cs"eZdZdZd�fdd�	Z�ZS)�
JWTMissingKeyz�Json Web Token is using a key not in the key set.

    This exception is raised if the key that was used is not available
    in the passed key set.
    Ncs>d}|rt|�}nd}|r*|dt|�7}tt|�j|�dS)NzMissing Keyz {%s})rrr&r)rrrr)rrrr�s
zJWTMissingKey.__init__)NN)rrrrrr rr)rrr&�sr&c@seZdZdZd3dd�Zedd��Zejdd��Zedd	��Zejd
d	��Zedd��Z	e	jd
d��Z	edd��Z
e
jdd��Z
edd��Zejdd��Zdd�Zdd�Z
dd�Zdd�Zdd�Zdd�Zd d!�Zd"d#�Zd$d%�Zd&d'�Zd(d)�Zd*d+�Zd,d-�Zd4d.d/�Zd5d1d2�ZdS)6�JWTzFJSON Web token object

    This object represent a generic token.
    NcCsxd|_d|_d|_||_d|_d|_d|_d|_|r:||_|dk	rH||_|dk	rV||_|r`||_	|dk	rt|j
||�dS)aNCreates a JWT object.

        :param header: A dict or a JSON string with the JWT Header data.
        :param claims: A dict or a string with the JWT Claims data.
        :param jwt: a 'raw' JWT token
        :param key: A (:class:`jwcrypto.jwk.JWK`) key to deserialize
         the token. A (:class:`jwcrypto.jwk.JWKSet`) can also be used.
        :param algs: An optional list of allowed algorithms
        :param default_claims: An optional dict with default values for
         registred claims. A None value for NumericDate type claims
         will cause generation according to system time. Only the values
         from RFC 7519 - 4.1 are evaluated.
        :param check_claims: An optional dict of claims that must be
         present in the token, if the value is not None the claim must
         match exactly.

        Note: either the header,claims or jwt,key parameters should be
        provided as a deserialization operation (which occurs if the jwt
        is provided will wipe any header os claim provided by setting
        those obtained from the deserialization of the jwt token.

        Note: if check_claims is not provided the 'exp' and 'nbf' claims
        are checked if they are set on the token but not enforced if not
        set. Any other RFC 7519 registered claims are checked only for
        format conformance.
        N�<iX)�_header�_claims�_token�_algs�_reg_claims�
_check_claims�_leeway�	_validity�header�claims�deserialize)rr1r2�jwt�keyZalgsZdefault_claimsZcheck_claimsrrrr�s$zJWT.__init__cCs|jdkrtd��|jS)Nz'header' not set)r)�KeyError)rrrrr1�s
z
JWT.headercCs t|t�rt|�|_n||_dS)N)�
isinstance�dictrr))r�hrrrr1�s
cCs|jdkrtd��|jS)Nz'claims' not set)r*r6)rrrrr2�s
z
JWT.claimscCsD|jrt|t�rt|�}t|t�r:|j|�t|�|_n||_dS)N)r-r7r8r�_add_default_claimsrr*)r�crrrr2�s

cCs|jS)N)r+)rrrr�token�sz	JWT.tokencCs2t|t�st|t�st|t�r&||_ntd��dS)Nz.Invalid token type, must be one of JWS,JWE,JWT)r7r	rr'r+�	TypeError)r�trrrr<�scCs|jS)N)r/)rrrr�leeway�sz
JWT.leewaycCst|�|_dS)N)�intr/)r�lrrrr?�scCs|jS)N)r0)rrrr�validityszJWT.validitycCst|�|_dS)N)r@r0)r�vrrrrBscCs.||krdS|jj|d�}|dk	r*|||<dS)N)r-�get)r�namer2�valrrr�_add_optional_claims
zJWT._add_optional_claimcCs@||krdS||jkr<|j|dkr.|||<n|j|||<dS)N)r-)rrEr2Zdefvalrrr�_add_time_claims

zJWT._add_time_claimcCs&d|ksd|jkrdStj�|d<dS)Nr)r-�uuidZuuid4)rr2rrr�_add_jti_claimszJWT._add_jti_claimcCs||jdkrdSttj��}|jd|�|jd|�|jd|�|jd|||j�|jd||�|jd||�|j|�dS)Nr
rrr
rr)r-r@�timerGrHrBrJ)rr2Znowrrrr:s
zJWT._add_default_claimscCs&||krdSt||t�s"td��dS)Nz"Claim %s is not a StringOrURI type)r7rr$)rrEr2rrr�_check_string_claim*szJWT._check_string_claimcCs\||krdSt||t�r<tdd�|D��rXtd|f��nt||t�sXtd|f��dS)Ncss|]}t|t�VqdS)N)r7r)�.0�claimrrr�	<genexpr>4sz3JWT._check_array_or_string_claim.<locals>.<genexpr>z'Claim %s contains non StringOrURI typesz"Claim %s is not a StringOrURI type)r7�list�anyr$r)rrEr2rrr�_check_array_or_string_claim0sz JWT._check_array_or_string_claimcCsD||krdSyt||�Wn"tk
r>td|f��YnXdS)NzClaim %s is not an integer)r@�
ValueErrorr$)rrEr2rrr�_check_integer_claim;szJWT._check_integer_claimcCs"|||krtd|||f��dS)Nz#Expired at %d, time: %d(leeway: %d))r)rrN�limitr?rrr�
_check_expDszJWT._check_expcCs"|||krtd|||f��dS)Nz#Valid from %d, time: %d(leeway: %d))r!)rrNrUr?rrr�
_check_nbfIszJWT._check_nbfcCs�|jd|�|jd|�|jd|�|jd|�|jd|�|jd|�|jd|�|jdkr�d|kr~|j|dtj�|j�d|kr�|j|dtj�|j�dS)Nr
rrr
rrr)rLrRrTr.rVrKr/rW)rr2rrr�_check_default_claimsNs
zJWT._check_default_claimscCs�|jdkrdSyt|j�}t|t�s*t��Wn&tk
rR|jdk	rNtd��dSX|j|�|jdkrldS�xj|jj�D�]Z\}}||kr�t	d|f��|d
kr�|dk	r�|||kr�t
d||||f��qz|dk�r(|dk	�r�|||kr�qzt||t��r|||k�rqzt
d	||||f��qz|d
k�rj|dk	�rP|j|||d�n|j||t
j
�|j�qz|dk�r�|dk	�r�|j|||d�n|j||t
j
�|j�qz|dk	rz|||krzt
d||||f��qzWdS)NFz4Claims check requested but claims is not a json dictzClaim %s is missingr
rrz*Invalid '%s' value. Expected '%s' got '%s'rz/Invalid '%s' value. Expected '%s' to be in '%s'r
rr)r
rr)r.rr2r7r8rSr$rX�itemsr"r#rPrVrKr/rW)rr2rE�valuerrr�_check_provided_claims]sX












zJWT._check_provided_claimscCs$t|j�}|j||jd�||_dS)aSigns the payload.

        Creates a JWS token with the header as the JWS protected header and
        the claims as the payload. See (:class:`jwcrypto.jws.JWS`) for
        details on the exceptions that may be reaised.

        :param key: A (:class:`jwcrypto.jwk.JWK`) key.
        )Z	protectedN)r	r2Z
add_signaturer1r<)rr5r>rrr�make_signed_token�s

zJWT.make_signed_tokencCs"t|j|j�}|j|�||_dS)a#Encrypts the payload.

        Creates a JWE token with the header as the JWE protected header and
        the claims as the plaintext. See (:class:`jwcrypto.jwe.JWE`) for
        details on the exceptions that may be reaised.

        :param key: A (:class:`jwcrypto.jwk.JWK`) key.
        N)rr2r1Z
add_recipientr<)rr5r>rrr�make_encrypted_token�s

zJWT.make_encrypted_tokencCsH|jd�}|dkrt�|_n|dkr.t�|_ntd��|jrF|j|j_|dkr^|jj|d�n�t|t	�rx|jj||�n�t|t
��r|jj|d�d|jjkr�td��|j
|jjd�}|s�td|jjd��t|jt�r�|jj|�n$t|jt��r|jj|�ntd	��ntd
��|dk	�rD|jj|_|jjjd�|_|j�dS)aaDeserialize a JWT token.

        NOTE: Destroys any current status and tries to import the raw
        token provided.

        :param jwt: a 'raw' JWT token.
        :param key: A (:class:`jwcrypto.jwk.JWK`) verification or
         decryption key, or a (:class:`jwcrypto.jwk.JWKSet`) that
         contains a key indexed by the 'kid' header.
        �.��zToken format unrecognizedNZkidzNo key ID in JWT headerzKey ID %s not in key setzUnknown Token TypezUnrecognized Key Typezutf-8)�countr	r<rrSr,Zallowed_algsr3r7rrZjose_headerr%Zget_keyr&ZdecryptZverify�RuntimeErrorr1Zpayload�decoder2r[)rr4r5r;Z	token_keyrrrr3�s<







zJWT.deserializeTcCs|jj|�S)a�Serializes the object into a JWS token.

        :param compact(boolean): must be True.

        Note: the compact parameter is provided for general compatibility
        with the serialize() functions of :class:`jwcrypto.jws.JWS` and
        :class:`jwcrypto.jwe.JWE` so that these objects can all be used
        interchangeably. However the only valid JWT representtion is the
        compact representation.
        )r<�	serialize)rZcompactrrrrd�sz
JWT.serialize)NNNNNNN)N)T)rrrrr�propertyr1�setterr2r<r?rBrGrHrJr:rLrRrTrVrWrXr[r\r]r3rdrrrrr'�s8
4	
	;
5r')rKrIZsixrZjwcrypto.commonrrrZjwcrypto.jwerZjwcrypto.jwkrrZjwcrypto.jwsr	ZJWTClaimsRegistryrr!r"r#r$r%r&�objectr'rrrr�<module>s*