i[fddlZddlmZddlmZmZddlmZddlm Z ddl m Z m Z ddlmZdd lmZdd lmZdd lmZGd d e Z dZe eZdS)N)contextmanager)gjson)request) LocalProxy) OAuth2ErrorResourceProtector)MissingAuthorizationError)FlaskJsonRequest)token_authenticated)raise_http_exceptionc@eZdZdZdZddZeddZd dZdS) r axA protecting method for resource servers. Creating a ``require_oauth`` decorator easily with ResourceProtector:: from authlib.integrations.flask_oauth2 import ResourceProtector require_oauth = ResourceProtector() # add bearer token validator from authlib.oauth2.rfc6750 import BearerTokenValidator from project.models import Token class MyBearerTokenValidator(BearerTokenValidator): def authenticate_token(self, token_string): return Token.query.filter_by(access_token=token_string).first() require_oauth.register_token_validator(MyBearerTokenValidator()) # protect resource with require_oauth @app.route('/user') @require_oauth(['profile']) def user_profile(): user = User.get(current_token.user_id) return jsonify(user.to_dict()) c|j}tjt|}|}t |||dS)zRaise HTTPException for OAuth2Error. Developers can re-implement this method to customize the error response. :param error: OAuth2Error :raise: HTTPException N) status_coderdumpsdictget_body get_headersr)selferrorstatusbodyheaderss h/var/www/piapp/venv/lib/python3.11/site-packages/authlib/integrations/flask_oauth2/resource_protector.pyraise_error_responsez&ResourceProtector.raise_error_response-sV"z$u~~//0011##%%VT733333Nc tt}||d<|D])}t||tr ||g||<*|jdd|i|}t j|||t_|S)zA method to acquire current valid token with the given scope. :param scopes: a list of scope values :return: token object scopesr)token) r _req isinstancestrvalidate_requestr sendrauthlib_server_oauth2_token)rrkwargsrclaimr s r acquire_tokenzResourceProtector.acquire_token9s #4((!x 0 0E&--- 0!'u %%@@g@@@ U3333(-% rc#K ||VdS#t$r }||Yd}~dSd}~wwxYw)aeThe with statement of ``require_oauth``. Instead of using a decorator, you can use a with statement instead:: @app.route('/api/user') def user_api(): with require_oauth.acquire('profile') as token: user = User.get(token.user_id) return jsonify(user.to_dict()) N)r*rr)rrrs racquirezResourceProtector.acquireJsp -$$V,, , , , , , - - -  % %e , , , , , , , , , -s AAAFc (||d<fd}|S)NrcNtjfd}|S)Nc jdinb#t$r.}r |i|cYd}~S|Yd}~n/d}~wt$r}|Yd}~nd}~wwxYw|i|S)Nr!)r*r rr)argsr(rclaimsfoptionalrs r decoratedz>ResourceProtector.__call__..wrapper..decorated_s5&D&00000005552 q$1&11111111--e44444444"555--e444444445q$)&)))s*  A0 AA0A A0A++A0) functoolswraps)r2r4r1r3rs` rwrapperz+ResourceProtector.__call__..wrapper^sI _Q   * * * * * * *  * rr!)rrr3r(r7r1s` ` @r__call__zResourceProtector.__call__Zs>!x       r)N)NF) __name__ __module__ __qualname____doc__rr*rr,r8r!rrr r su4 4 4 4" - - -^ -rr c*tjdS)Nr')rgetr!rr_get_current_tokenr?ns 5. / //r)r5 contextlibrflaskrrrr"werkzeug.localrauthlib.oauth2rr _ResourceProtectorauthlib.oauth2.rfc6749r requestsr signalsr errorsrr? current_tokenr!rrrJs6%%%%%%!!!!!!%%%%%%'&&&&&((((((((((((YYYYY*YYYx000 -.. r