_in&@dZddlmZddlZddlZddlmZddlmZddlm Z m Z m Z m Z ddl mZddlmZmZmZmZmZdd lmZegd Z Gd d Zed gdZ edgdZ eddgZ d,dZd-d Zd.d$Zd/d'Z d0d+Z!dS)1z6Constants and types shared across multiple auth types.) annotationsN)standard_b64encode) namedtuple)AnyDictMappingOptional)Binary)_OIDCAzureCallback_OIDCGCPCallback_OIDCK8SCallback_OIDCProperties_OIDCTestCallback)ConfigurationError)GSSAPI MONGODB-OIDC MONGODB-X509 MONGODB-AWSPLAINz SCRAM-SHA-1z SCRAM-SHA-256DEFAULTcHeZdZdZedZd dZddZdd Zdd Z d S)_CachedatareturnNonecd|_dSNrselfs 6D:\Nbitz\venv\Lib\site-packages\pymongo/auth_shared.py__init__z_Cache.__init__7s  otherobjectboolc>t|trdStS)NT isinstancerNotImplementedr r$s r!__eq__z _Cache.__eq__:s eV $ $ 4r#c>t|trdStS)NFr(r+s r!__ne__z _Cache.__ne__@s eV $ $ 5r#intc|jSr) _hash_valrs r!__hash__z_Cache.__hash__Es ~r#N)rr)r$r%rr&)rr/) __name__ __module__ __qualname__ __slots__hashr1r"r,r.r2r#r!rr2svIXI  r#rMongoCredential) mechanismsourceusernamepasswordmechanism_propertiescacheGSSAPIProperties service_namecanonicalize_host_name service_realm service_host_AWSPropertiesaws_session_tokenvalue str | boolrcPgd}|dvr|dvS||vrtd|d||S)N)FTnoneforwardforwardAndReverse)truefalseTF)rNTzCANONICALIZE_HOST_NAME 'z' not in valid options: ) ValueError)rH valid_namess r! _validate_canonicalize_host_namerRZsTGGGK ...&& K`E``S^``aaa Lr#mechstrr; Optional[str]userpasswdextraMapping[str, Any]databasec |dvr|t|d|dkr||dkrtd|di}|dd }|d d}|d d } t| } |d } t || | |} t |d||| dS|dkr<|td||dkrtdt |d|dddS|dkry||td||dkrtd|di}|d} t | } t |d||| dS|dkr|di}|d}|d}|d}|dd}gd}|d|}|dd|tdd }|d!}t||s|r'|t||r|rd"}t|n||d#kr"|d$}t|t}n|d%kr#d}|std&t|}na|d'kr#d}|std(t|}n8|d)krd}t}n!td*|t|t||||||pd+}t |d|||tS|d,kr|p|pd}t ||||ddS|p|pd-}|td.t ||||dtS)/z8Build and return a mechanism specific credentials tuple.)rrrNz requires a usernamerz $externalz:authentication source must be $external or None for GSSAPIauthmechanismproperties SERVICE_NAMEmongodb SERVICE_HOSTCANONICALIZE_HOST_NAMErO SERVICE_REALMrArz+Passwords are not supported by MONGODB-X509z@authentication source must be $external or None for MONGODB-X509rz;username without a password is not supported by MONGODB-AWSz?authentication source must be $external or None for MONGODB-AWSAWS_SESSION_TOKEN)rGr OIDC_CALLBACKOIDC_HUMAN_CALLBACK ENVIRONMENTTOKEN_RESOURCE)z *.mongodb.netz*.mongodb-dev.netz*.mongodb-qa.netz*.mongodbgov.net localhostz 127.0.0.1z::1 ALLOWED_HOSTSz4ALLOWED_HOSTS is only valid with OIDC_HUMAN_CALLBACKzVauthentication with MONGODB-OIDC requires providing either a callback or a environmentz)password is not supported by MONGODB-OIDCz5cannot set both OIDC_CALLBACK and OIDC_HUMAN_CALLBACKtestz;test environment for MONGODB-OIDC does not support usernameazurezTAzure environment for MONGODB-OIDC requires a TOKEN_RESOURCE auth mechanism propertygcpzOGCP provider for MONGODB-OIDC requires a TOKEN_RESOURCE auth mechanism propertyk8sz+unrecognized ENVIRONMENT for MONGODB-OIDC: )callbackhuman_callback environment allowed_hoststoken_resourcer<radminzA password is required) rrPgetrRr@r9rFrr r r rr)rSr;rVrWrXrZ propertiesrBrE canonicalizerDpropsrG aws_propsrnroenvironrrdefault_allowedrqmsg oidc_propssource_databases r!_build_credentials_tupler~ds BBBt| D!>!>!>??? x  &K"7"7YZZ ZYY8"== !~~ni@@ !~~nd;; !~~&>HH 7 EE "77  %#/'%    t[$tLLL     $%RSS S  &K"7"7_`` `t[$dDIII     $%bcc c  &K"7"7$Q YY8"== &NN+>??"5FGGG t[$ 4PPP   YY8"== >>/22#(=>>..//#(8"==   #HH >>/4 0 0 <AW$%[\\ \ d   =C$S)) )  *~ *"(--- .N .M(---  &  #WC,S111,..G##%,n.n==E!!%,i,N;;E!!+--()`W^)`)`aaa$S)) )$)')ZR    t[$ FHHUUU  ;H; t_dFD$OOO 7H7 >$%=>> >t_dFD&((SSSr#firbytessecc\ddt||DS)zXOR two byte strings together.r#c:g|]\}}t||z gSr8)r).0xys r! z_xor..s(>>>1UAE7^^>>>r#)joinzip)rrs r!_xorrs+ 88>>C >>> ? ??r#responseDict[bytes, bytes]cZtd|dDS)z-Split a scram response into key, value pairs.c3K|]I}tjtjttf|ddVJdS)=N)typingcastTuplersplit)ritems r! z(_parse_scram_response..s[   FL. 40C0CDDr#,)dictr)rs r!_parse_scram_responsers< NN4((  r# credentialsr:4tuple[bytes, bytes, typing.MutableMapping[str, Any]]c |j}|ddddd}tt jd}d|zdz|z}d |t d |zd d d id }|||fS)Nzutf-8rs=3Drs=2C sn=s,r=rsn,,skipEmptyExchangeT) saslStartr:payload autoAuthorizeoptions)r<encodereplacerosurandomr )rr:r<rVnonce first_barecmds r!_authenticate_scram_startrs#H ??7 # # + +D& 9 9 A A$ O OD rz"~~ . .E&.J&:-..'.   C *c !!r#)rHrIrrI)rSrTr;rUrVrUrWrUrXrYrZrUrr9)rrrrrr)rrrr)rr9r:rTrr)"__doc__ __future__rrrbase64r collectionsrrrrr bsonr pymongo.auth_oidc_sharedr r r rrpymongo.errorsr frozenset MECHANISMSrr9r@rFrRr~rrrr8r#r!rs =<"""""" %%%%%%""""""////////////.----- Y      :.*TTT?:ccc6,/B.CDD:{T{T{T{T|@@@@ """"""r#