o 6 h@sddlZddlZz ddlmZmZWney#ddlmZmZYnwddlmZddl m Z ddl m Z ddl mZmZddlmZmZde jfd d Zd#d d ZddZddZddZd$ddZddZddZddZddZddZd%d!d"ZdS)&N)IterableMapping)rr)jwk)Key) ALGORITHMS)JWSErrorJWSSignatureError)base64url_decodebase64url_encodecCs<|tjvr td|t||d}t|}t||||}|S)awSigns a claims set and returns a JWS string. Args: payload (str or dict): A string to sign key (str or dict): The key to use for signing the claim set. Can be individual JWK or JWK set. headers (dict, optional): A set of headers that will be added to the default headers. Any headers that are added as additional headers will override the default headers. algorithm (str, optional): The algorithm to use for signing the the claims. Defaults to HS256. Returns: str: The string representation of the header, claims, and signature. Raises: JWSError: If there is an error signing the token. Examples: >>> jws.sign({'a': 'b'}, 'secret', algorithm='HS256') 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhIjoiYiJ9.jiMyrsmD8AoHWeQgmxZ5yq8z0lXS67_QGs52AzC8Ru8' zAlgorithm %s not supported.)additional_headers)r SUPPORTEDr_encode_header_encode_payload_sign_header_and_claims)payloadkeyheaders algorithmencoded_headerencoded_payload signed_outputr\/var/www/html/construction_image-detection-poc/venv/lib/python3.10/site-packages/jose/jws.pysigns   rTcCs(t|\}}}}|rt||||||S)aVerifies a JWS string's signature. Args: token (str): A signed JWS to be verified. key (str or dict): A key to attempt to verify the payload with. Can be individual JWK or JWK set. algorithms (str or list): Valid algorithms that should be used to verify the JWS. Returns: str: The str representation of the payload, assuming the signature is valid. Raises: JWSError: If there is an exception verifying a token. Examples: >>> token = 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhIjoiYiJ9.jiMyrsmD8AoHWeQgmxZ5yq8z0lXS67_QGs52AzC8Ru8' >>> jws.verify(token, 'secret', algorithms='HS256') )_load_verify_signature)tokenr algorithmsverifyheaderr signing_input signaturerrrr4srcCst|\}}}}|S)a!Returns the decoded headers without verification of any kind. Args: token (str): A signed JWS to decode the headers from. Returns: dict: The dict representation of the token headers. Raises: JWSError: If there is an exception decoding the token. rrrclaimsr r!rrrget_unverified_headerR r%cCst|S)a{Returns the decoded headers without verification of any kind. This is simply a wrapper of get_unverified_header() for backwards compatibility. Args: token (str): A signed JWS to decode the headers from. Returns: dict: The dict representation of the token headers. Raises: JWSError: If there is an exception decoding the token. )r%)rrrrget_unverified_headersbsr'cCst|\}}}}|S)aReturns the decoded claims without verification of any kind. Args: token (str): A signed JWS to decode the headers from. Returns: str: The str representation of the token claims. Raises: JWSError: If there is an exception decoding the token. r"r#rrrget_unverified_claimstr&r(cCs6d|d}|r ||tj|dddd}t|S)NJWT)typalg,:T) separators sort_keysutf-8)updatejsondumpsencoder )rr r json_headerrrrr s  r cCsJt|tr!ztj|ddd}Wt|Sty Yt|Swt|S)Nr,)r/r1) isinstancerr3r4r5 ValueErrorr )rrrrrs  rc Csvd||g}zt|tst||}||}Wnty)}zt|d}~wwt|}d|||g}| dS)N.r1) joinr7rr constructr Exceptionrr decode) rencoded_claimsrrr r!eencoded_signatureencoded_stringrrrrs   rc Cst|tr |d}z|dd\}}|dd\}}t|}Wnty+tdtt j fy8tdwz t | d}WntyU}ztd|d}~wwt|ts_tdzt|}Wntt j fystdwzt|} Wntt j fytd w|||| fS) Nr1r9zNot enough segmentszInvalid header paddingzInvalid header string: %sz,Invalid header string: must be a json objectzInvalid payload paddingzInvalid crypto padding)r7strr5rsplitsplitr r8r TypeErrorbinasciiErrorr3loadsr=r) jwtr crypto_segmentheader_segmentclaims_segment header_datarr?rr!rrrrs<         rc CsN|D]"}t|tst||}z |||rWdSWqty$YqwdS)NTF)r7rrr;rr<)keysr r!r+rrrr_sig_matches_keyss    rPcCst|tr|fSz tj|ttd}Wn tyYnwt|tr;d|vr)|dSd|vr0|fS|}|r8|S|fSt|trLt|tsLt|t sL|S|fS)N) parse_int parse_floatrOkty) r7rr3rIrCr<rvaluesrbytes)rrTrrr _get_keyss&   rVcCs|d}|s td|dur||vrtdt|}z t||||s&tWdSty3tdty?td|w)Nr+z-No algorithm was specified in the JWS header.z&The specified alg value is not allowedzSignature verification failed.z$Invalid or unsupported algorithm: %s)getrrVrPr)r rr!rrr+rOrrrrs    r)T)N)rWN) rGr3collections.abcrr ImportError collectionsjoserjose.backends.baserjose.constantsrjose.exceptionsrr jose.utilsr r HS256rrr%r'r(r rrrrPrVrrrrrs0     $  !