([f+7dZddlZddlZddlZddlmZddlmZmZddl m Z m Z dZ dZ d Zd Zd Zd Zdd ZddZdZdZdZdZdZdZdZdZdZdZdZdS)z authlib.oauth1.rfc5849.signature ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ This module represents a direct implementation of `section 3.4`_ of the spec. .. _`section 3.4`: https://tools.ietf.org/html/rfc5849#section-3.4 N)urlparse) to_unicodeto_bytes)escapeunescapez HMAC-SHA1zRSA-SHA1 PLAINTEXTHEADERQUERYBODYcvt||}g}|D]E\}}|dvr |drt|}|||fFt |}dt |t |t |gS)aXGenerate signature base string from request, per `Section 3.4.1`_. For example, the HTTP request:: POST /request?b5=%3D%253D&a3=a&c%40=&a2=r%20b HTTP/1.1 Host: example.com Content-Type: application/x-www-form-urlencoded Authorization: OAuth realm="Example", oauth_consumer_key="9djdj82h48djs9d2", oauth_token="kkk9d7dh3k39sjv7", oauth_signature_method="HMAC-SHA1", oauth_timestamp="137131201", oauth_nonce="7d8f3e4a", oauth_signature="bYT5CMsGcbgUdFHObYMEfcx6bsw%3D" c2&a3=2+q is represented by the following signature base string (line breaks are for display purposes only):: POST&http%3A%2F%2Fexample.com%2Frequest&a2%3Dr%2520b%26a3%3D2%2520q %26a3%3Da%26b5%3D%253D%25253D%26c%2540%3D%26c2%3D%26oauth_consumer_ key%3D9djdj82h48djs9d2%26oauth_nonce%3D7d8f3e4a%26oauth_signature_m ethod%3DHMAC-SHA1%26oauth_timestamp%3D137131201%26oauth_token%3Dkkk 9d7dh3k39sjv7 .. _`Section 3.4.1`: https://tools.ietf.org/html/rfc5849#section-3.4.1 )oauth_signaturerealmoauth_&)normalize_base_string_uri startswithrappendnormalize_parametersjoinrupper) methoduriparamshostbase_string_uriunescaped_paramskvnormalized_paramss T/var/www/piapp/venv/lib/python3.11/site-packages/authlib/oauth1/rfc5849/signature.pyconstruct_base_stringr"s>0T::O((1 , , ,  << ! !  AA''''--=>> 88v||~~ !!  ct|}tj|\}}}}}}|r|std|sd}|}|}||}d}d|vr!|dd\}} || f|vr|}tj||||ddfS)a7Normalize Base String URI per `Section 3.4.1.2`_. For example, the HTTP request:: GET /r%20v/X?id=123 HTTP/1.1 Host: EXAMPLE.COM:80 is represented by the base string URI: "http://example.com/r%20v/X". In another example, the HTTPS request:: GET /?q=1 HTTP/1.1 Host: www.example.net:8080 is represented by the base string URI: "https://www.example.net:8080/". .. _`Section 3.4.1.2`: https://tools.ietf.org/html/rfc5849#section-3.4.1.2 The host argument overrides the netloc part of the uri argument. z$uri must include a scheme and netloc/N))http80)https443:r)rr ValueErrorlowersplit urlunparse) rrschemenetlocpathrqueryfragment default_portsports r!rrQs* S//C4<4Ec4J4J1FFD&% AA?@@@ \\^^F \\^^F M f}}\\#q)) d D>] * *F  fb"E F FFr#cd|D}|d|D}d|S)a Normalize parameters per `Section 3.4.1.3.2`_. For example, the list of parameters from the previous section would be normalized as follows: Encoded:: +------------------------+------------------+ | Name | Value | +------------------------+------------------+ | b5 | %3D%253D | | a3 | a | | c%40 | | | a2 | r%20b | | oauth_consumer_key | 9djdj82h48djs9d2 | | oauth_token | kkk9d7dh3k39sjv7 | | oauth_signature_method | HMAC-SHA1 | | oauth_timestamp | 137131201 | | oauth_nonce | 7d8f3e4a | | c2 | | | a3 | 2%20q | +------------------------+------------------+ Sorted:: +------------------------+------------------+ | Name | Value | +------------------------+------------------+ | a2 | r%20b | | a3 | 2%20q | | a3 | a | | b5 | %3D%253D | | c%40 | | | c2 | | | oauth_consumer_key | 9djdj82h48djs9d2 | | oauth_nonce | 7d8f3e4a | | oauth_signature_method | HMAC-SHA1 | | oauth_timestamp | 137131201 | | oauth_token | kkk9d7dh3k39sjv7 | +------------------------+------------------+ Concatenated Pairs:: +-------------------------------------+ | Name=Value | +-------------------------------------+ | a2=r%20b | | a3=2%20q | | a3=a | | b5=%3D%253D | | c%40= | | c2= | | oauth_consumer_key=9djdj82h48djs9d2 | | oauth_nonce=7d8f3e4a | | oauth_signature_method=HMAC-SHA1 | | oauth_timestamp=137131201 | | oauth_token=kkk9d7dh3k39sjv7 | +-------------------------------------+ and concatenated together into a single string (line breaks are for display purposes only):: a2=r%20b&a3=2%20q&a3=a&b5=%3D%253D&c%40=&c2=&oauth_consumer_key=9dj dj82h48djs9d2&oauth_nonce=7d8f3e4a&oauth_signature_method=HMAC-SHA1 &oauth_timestamp=137131201&oauth_token=kkk9d7dh3k39sjv7 .. _`Section 3.4.1.3.2`: https://tools.ietf.org/html/rfc5849#section-3.4.1.3.2 cPg|]#\}}t|t|f$Sr.0rrs r! z(normalize_parameters..s-<<.s&999da!zzazz999r#r)sortr)r key_valuesparameter_partss r!rrsST= @ @@r#cJt|}t||jS)z4Sign a RSASSA-PKCS #1 v1.5 base64 encoded signature.)rHr_rsa_keyrcs r! sign_rsa_sha1rhds!099K k6> : ::r#c6t|j|jS)zSign a PLAINTEXT signature.)rarSrT)rdrGs r!sign_plaintextrjjs v3V5H I IIr#ct|}t||j|j}t j||jS)zVerify a HMAC-SHA1 signature.)rHrYrSrTrKcompare_digestrW)rGrRrXs r!verify_hmac_sha1rmosC099K W*G,@ B BC  sG$5 6 66r#cddlm}t|}tjt |j}||t ||jS)z6Verify a RSASSA-PKCS #1 v1.5 base64 encoded signature.r) verify_sha1)r\rorHrO a2b_base64rrWrsa_public_key)rGrorRrXs r!verify_rsa_sha1rrws[      099K  hw'899 : :C ;sH[1173I J JJr#cjt|j|j}tj||jS)zVerify a PLAINTEXT signature.)rarSrTrKrlrW)rGrXs r!verify_plaintextrts- g3W5I J JC  sG$5 6 66r#)N)__doc__rOrMrKauthlib.common.urlsrauthlib.common.encodingrrutilrrSIGNATURE_HMAC_SHA1SIGNATURE_RSA_SHA1SIGNATURE_PLAINTEXTSIGNATURE_TYPE_HEADERSIGNATURE_TYPE_QUERYSIGNATURE_TYPE_BODYr"rrrHrYr_rarerhrjrmrrrtr9r#r!rs ((((((88888888""""""""!! 5555pDGDGDGDGNY%Y%Y%x;;;+++\(@@@@;;; JJJ 777KKK77777r#