관리-도구

편집 파일: authorization.cpython-39.opt-1.pyc

����\��`�����������������������@���sR���d�Z�ddlZddlmZ�ddlmZ�ddlmZmZ�e�	e
�ZG�dd��de�ZdS�)	z�
oauthlib.oauth2.rfc6749
~~~~~~~~~~~~~~~~~~~~~~~

This module is an implementation of various logic needed
for consuming and providing OAuth 2.0 RFC6749.
�����N)�Request)�utils����)�BaseEndpoint�catch_errors_and_unavailabilityc�������������������@���sd���e�Zd�ZdZdd��Zedd���Zedd���Zedd	���Zed
d���Z	e
ddd��Ze
ddd��Zd
S�)�AuthorizationEndpointaa��Authorization endpoint - used by the client to obtain authorization
    from the resource owner via user-agent redirection.

The authorization endpoint is used to interact with the resource
    owner and obtain an authorization grant.  The authorization server
    MUST first verify the identity of the resource owner.  The way in
    which the authorization server authenticates the resource owner (e.g.
    username and password login, session cookies) is beyond the scope of
    this specification.

The endpoint URI MAY include an "application/x-www-form-urlencoded"
    formatted (per `Appendix B`_) query component,
    which MUST be retained when adding additional query parameters.  The
    endpoint URI MUST NOT include a fragment component::

https://example.com/path?query=component             # OK
        https://example.com/path?query=component#fragment    # Not OK

Since requests to the authorization endpoint result in user
    authentication and the transmission of clear-text credentials (in the
    HTTP response), the authorization server MUST require the use of TLS
    as described in Section 1.6 when sending requests to the
    authorization endpoint::

# We will deny any request which URI schema is not with https

The authorization server MUST support the use of the HTTP "GET"
    method [RFC2616] for the authorization endpoint, and MAY support the
    use of the "POST" method as well::

# HTTP method is currently not enforced

Parameters sent without a value MUST be treated as if they were
    omitted from the request.  The authorization server MUST ignore
    unrecognized request parameters.  Request and response parameters
    MUST NOT be included more than once::

# Enforced through the design of oauthlib.common.Request

.. _`Appendix B`: https://tools.ietf.org/html/rfc6749#appendix-B
    c�����������������C���s ���t��|���||�_||�_||�_d�S��N)r����__init__�_response_types�_default_response_type�_default_token_type)�self�default_response_type�default_token_type�response_types��r����S/usr/lib/python3.9/site-packages/oauthlib/oauth2/rfc6749/endpoints/authorization.pyr	���>���s����
zAuthorizationEndpoint.__init__c�����������������C���s���|�j�S�r���)r
����r
���r���r���r���r���E���s����z$AuthorizationEndpoint.response_typesc�����������������C���s���|�j�S�r���)r���r���r���r���r���r���I���s����z+AuthorizationEndpoint.default_response_typec�����������������C���s���|�j��|�j�S�r���)r����getr���r���r���r���r����default_response_type_handlerM���s����z3AuthorizationEndpoint.default_response_type_handlerc�����������������C���s���|�j�S�r���)r���r���r���r���r���r���Q���s����z(AuthorizationEndpoint.default_token_type�GETNc�����������������C���sn���t�||||d�}||_d|_|p"i����D�]\}}	t|||	��q(|�j�|j|�j�}
t	�
d|j|
��|
�||�j�S�)�:Extract response_type and route to the designated handler.��http_method�body�headersNz+Dispatching response_type %s request to %r.)
r����scopes�user�items�setattrr���r����
response_typer����log�debug�create_authorization_responser���)r
����urir���r���r���r���Zcredentials�request�k�v�response_type_handlerr���r���r���r#���U���s ��������z3AuthorizationEndpoint.create_authorization_responsec�����������������C���s:���t�||||d�}t�|j�|_|�j�|j|�j�}|�	|�S�)r���r���)
r���r���Z
scope_to_listZscoper���r���r���r ���r����validate_authorization_request)r
���r$���r���r���r���r%���r(���r���r���r���r)���g���s������z4AuthorizationEndpoint.validate_authorization_request)r���NNNN)r���NN)
�__name__�
__module__�__qualname__�__doc__r	����propertyr���r���r���r���r���r#���r)���r���r���r���r���r������s$���*

������r���)
r-���ZloggingZoauthlib.commonr���Zoauthlib.oauth2.rfc6749r����baser���r���Z	getLoggerr*���r!���r���r���r���r���r����<module>���s���