| Server IP : 209.38.156.173 / Your IP : 216.73.216.122 [ Web Server : Apache/2.4.52 (Ubuntu) System : Linux lakekumayuhotel 5.15.0-136-generic #147-Ubuntu SMP Sat Mar 15 15:53:30 UTC 2025 x86_64 User : root ( 0) PHP Version : 8.1.2-1ubuntu2.22 Disable Function : NONE Domains : 2 Domains MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : OFF | Sudo : ON | Pkexec : ON Directory : /lib/python3/dist-packages/oauthlib/oauth2/rfc6749/endpoints/__pycache__/ |
Upload File : |
o
�������a)����������������������@���s����d�Z�ddlZddlZddlZddlmZ�ddlmZ�ddlm Z m
Z
�ddl
m
Z
�dd l
mZ�dd
lmZ�e�e�ZG�d
d
��d
e �ZdS�)
z�
oauthlib.oauth2.rfc6749.endpoint.metadata
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
An implementation of the `OAuth 2.0 Authorization Server Metadata`.
.. _`OAuth 2.0 Authorization Server Metadata`: https://tools.ietf.org/html/rfc8414
�����N����)�
grant_types����)�AuthorizationEndpoint)�
BaseEndpoint� catch_errors_and_unavailability)�IntrospectEndpoint)�RevocationEndpoint)�
TokenEndpointc�������������������@���sb���e�Zd�ZdZi�dfdd�Ze ddd��Zdd
d
�Zd
d
��Zdd��Z dd��Z
dd��Z
dd��Z
dS�)�MetadataEndpointa���OAuth2.0 Authorization Server Metadata endpoint.
This specification generalizes the metadata format defined by
`OpenID Connect Discovery 1.0` in a way that is compatible
with OpenID Connect Discovery while being applicable to a wider set
of OAuth 2.0 use cases. This is intentionally parallel to the way
that OAuth 2.0 Dynamic Client Registration Protocol [`RFC7591`_]
generalized the dynamic client registration mechanisms defined by
OpenID Connect Dynamic Client Registration 1.0
in a way that is compatible with it.
.. _`OpenID Connect Discovery 1.0`: https://openid.net/specs/openid-connect-discovery-1_0.html
.. _`RFC7591`: https://tools.ietf.org/html/rfc7591
Tc�����������������C���sP���t�|t�sJ��|D�] }t�|t�sJ��q t�|���||�_||�_||�_|����|�_d�S�)N) �
isinstance�dictr����__init__�
raise_errors� endpoints�initial_claims�validate_metadata_server�claims)�selfr���r���r����endpoint��r����L/usr/lib/python3/dist-packages/oauthlib/oauth2/rfc6749/endpoints/metadata.pyr���(���s���
zMetadataEndpoint.__init__�GETNc�����������������C���s
���ddd�}|t��|�j�dfS�)z!Create metadata response
zapplication/json�*)z
Content-TypezAccess-Control-Allow-Origin�����)�json�dumpsr���)r����uri�
http_method�body�headersr���r���r����create_metadata_response3���s����z)MetadataEndpoint.create_metadata_responseFc�����������������C���s��|�j�sd�S�||vr|rtd�|���d�S�|rE||��d�s'td�|||����d||�v�s9d||�v�s9d||�v�rCtd�|||����d�S�|rZ||��d�sXtd �|||����d�S�|r�t||�t�smtd
�|||����||�D�]}t|t�s�td
�|||�|���qqd�S�d�S�)
Nz key {} is a mandatory metadata.�httpsz key {}: {} must be an HTTPS URL�?�&�#z8key {}: {} must not contain query or fragment components�httpzkey {}: {} must be an URLzkey {}: {} must be an Arrayz/array {}: {} must contains only string (not {}))r����
ValueError�format�
startswithr
����list�str)r����array�key�
is_required�is_list�is_url� is_issuer�elemr���r���r����validate_metadata>���s2����$��
��z"MetadataEndpoint.validate_metadatac�����������������C���sX���|�j��|j������|�dddg��|�j|ddd��|�j|ddd��|�j|dddd��d S�)
z�
If the token endpoint is used in the grant type, the value of this
parameter MUST be the same as the value of the "grant_type"
parameter passed to the token endpoint defined in the grant type
definition.
�%token_endpoint_auth_methods_supported�client_secret_post�client_secret_basicT�r/����0token_endpoint_auth_signing_alg_values_supported�token_endpoint�r.���r0���N)�
_grant_types�extend�keys�
setdefaultr3����r���r���r���r���r���r����validate_metadata_tokenW���s
���z(MetadataEndpoint.validate_metadata_tokenc�����������������C���s����|��dttdd��|j�������|��dddg��d|d�v�r$|�j�d��|�j|dd d d
��|�j|dd d
��d
|d�v�ra|jd
�}t|t j
�sNt
|d
�rN|j
}|��dt|j
������|�j|dd d
��|�j|dd d d��d�S�)N�response_types_supportedc�����������������S���s���|�dkS�)N�noner���)�xr���r���r����<lambda>g���s����zBMetadataEndpoint.validate_metadata_authorization.<locals>.<lambda>�response_modes_supported�query�fragment�token�implicitT)r.���r/���r7����code�
default_grant� code_challenge_methods_supported�authorization_endpointr:���)r>���r*����filter�_response_typesr=���r;����appendr3���r
���r����AuthorizationCodeGrant�hasattrrK����_code_challenge_methods)r���r���r����
code_grantr���r���r���� validate_metadata_authorizatione���s"����
�z0MetadataEndpoint.validate_metadata_authorizationc�����������������C����F���|��dddg��|�j|ddd��|�j|ddd��|�j|dddd��d�S�) N�*revocation_endpoint_auth_methods_supportedr5���r6���Tr7����5revocation_endpoint_auth_signing_alg_values_supported�revocation_endpointr:����r>���r3���r?���r���r���r����
validate_metadata_revocation|����
����z-MetadataEndpoint.validate_metadata_revocationc�����������������C���rV���) N�-introspection_endpoint_auth_methods_supportedr5���r6���Tr7����8introspection_endpoint_auth_signing_alg_values_supported�introspection_endpointr:���rZ���r?���r���r���r���� validate_metadata_introspection����r\���z0MetadataEndpoint.validate_metadata_introspectionc�����������������C���s
��t��|�j�}|�j|dddd��|�j|ddd��|�j|ddd��|�j|ddd��|�j|d dd��|�j|d
dd��|�j|d
dd��g�|�_|�jD�].}t|t�rR|��||��t|t �r]|��
||��t|t
�rh|��
||��t|t
�rs|��||��qE|�d
|�j��|�j|d
dd��|S�)
a� ��
Authorization servers can have metadata describing their
configuration. The following authorization server metadata values
are used by this specification. More details can be found in
`RFC8414 section 2`_ :
issuer
REQUIRED
authorization_endpoint
URL of the authorization server's authorization endpoint
[`RFC6749#Authorization`_]. This is REQUIRED unless no grant types are supported
that use the authorization endpoint.
token_endpoint
URL of the authorization server's token endpoint [`RFC6749#Token`_]. This
is REQUIRED unless only the implicit grant type is supported.
scopes_supported
RECOMMENDED.
response_types_supported
REQUIRED.
Other OPTIONAL fields:
jwks_uri,
registration_endpoint,
response_modes_supported
grant_types_supported
OPTIONAL. JSON array containing a list of the OAuth 2.0 grant
type values that this authorization server supports. The array
values used are the same as those used with the "grant_types"
parameter defined by "OAuth 2.0 Dynamic Client Registration
Protocol" [`RFC7591`_]. If omitted, the default value is
"["authorization_code", "implicit"]".
token_endpoint_auth_methods_supported
token_endpoint_auth_signing_alg_values_supported
service_documentation
ui_locales_supported
op_policy_uri
op_tos_uri
revocation_endpoint
revocation_endpoint_auth_methods_supported
revocation_endpoint_auth_signing_alg_values_supported
introspection_endpoint
introspection_endpoint_auth_methods_supported
introspection_endpoint_auth_signing_alg_values_supported
code_challenge_methods_supported
Additional authorization server metadata parameters MAY also be used.
Some are defined by other specifications, such as OpenID Connect
Discovery 1.0 [`OpenID.Discovery`_].
.. _`RFC8414 section 2`: https://tools.ietf.org/html/rfc8414#section-2
.. _`RFC6749#Authorization`: https://tools.ietf.org/html/rfc6749#section-3.1
.. _`RFC6749#Token`: https://tools.ietf.org/html/rfc6749#section-3.2
.. _`RFC7591`: https://tools.ietf.org/html/rfc7591
.. _`OpenID.Discovery`: https://openid.net/specs/openid-connect-discovery-1_0.html
�issuerT)r.���r1����jwks_uri)r0����scopes_supportedr7����service_documentation�ui_locales_supported�
op_policy_uri�
op_tos_uri�grant_types_supported)�copy�deepcopyr���r3���r;���r���r
���r
���r@���r���rU���r ���r[���r���r`���r>���r?���r���r���r���r�������s,���
J
�z)MetadataEndpoint.validate_metadata_server)r���NN)FFFF)
�__name__�
__module__�
__qualname__�__doc__r���r���r!���r3���r@���rU���r[���r`���r���r���r���r���r���r
������s����
�
r
���)rn���ri���r����logging��r����
authorizationr����baser���r����
introspectr����
revocationr ���rH���r
���� getLoggerrk����logr
���r���r���r���r����<module>���s����