&`$ndZddlZddlmZddlmZddlmZeje Z Gdd eZ y) aR oauthlib.oauth1.rfc5849.endpoints.access_token ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ This module is an implementation of the access token provider logic of OAuth 1.0 RFC 5849. It validates the correctness of access token requests, creates and persists tokens as well as create the proper response to be returned to the client. N) urlencode)errors) BaseEndpointc(eZdZdZdZ ddZdZy)AccessTokenEndpointaAn endpoint responsible for providing OAuth 1 access tokens. Typical use is to instantiate with a request validator and invoke the ``create_access_token_response`` from a view function. The tuple returned has all information necessary (body, status, headers) to quickly form and return a proper response. See :doc:`/oauth1/validator` for details on which validator methods to implement for this endpoint. cZ|jj|j||_|j |j dj |jd}|j ||jj||t|jS)aHCreate and save a new access token. Similar to OAuth 2, indication of granted scopes will be included as a space separated list in ``oauth_authorized_realms``. :param request: OAuthlib request. :type request: oauthlib.common.Request :returns: The token as an urlencoded string.  ) oauth_tokenoauth_token_secretoauth_authorized_realms) request_validator get_realmsresource_owner_keyrealmstoken_generatorjoinupdatesave_access_tokenritems)selfrequest credentialstokens P/usr/lib/python3/dist-packages/oauthlib/oauth1/rfc5849/endpoints/access_token.pycreate_access_tokenz'AccessTokenEndpoint.create_access_token s//::  & &1 //1"&"6"6"8'*xx'?    [! 00@''Nctddi} |j||||}|j|\}} |rL|j||xsi} |jj |j |j ||| dfSiddfS#tj$r#} || j| jfcYd} ~ Sd} ~ wwxYw)aCreate an access token response, with a new request token if valid. :param uri: The full URI of the token request. :param http_method: A valid HTTP verb, i.e. GET, POST, PUT, HEAD, etc. :param body: The request body as a string. :param headers: The request headers as a dict. :param credentials: A list of extra credentials to include in the token. :returns: A tuple of 3 elements. 1. A dict of headers to set on the response. 2. The response body as a string. 3. The response status code as an integer. An example of a valid request:: >>> from your_validator import your_validator >>> from oauthlib.oauth1 import AccessTokenEndpoint >>> endpoint = AccessTokenEndpoint(your_validator) >>> h, b, s = endpoint.create_access_token_response( ... 'https://your.provider/access_token?foo=bar', ... headers={ ... 'Authorization': 'OAuth oauth_token=234lsdkf....' ... }, ... credentials={ ... 'my_specific': 'argument', ... }) >>> h {'Content-Type': 'application/x-www-form-urlencoded'} >>> b 'oauth_token=lsdkfol23w54jlksdef&oauth_token_secret=qwe089234lkjsdf&oauth_authorized_realms=movies+pics&my_specific=argument' >>> s 200 An response to invalid request would have a different body and status:: >>> b 'error=invalid_request&description=missing+resource+owner+key' >>> s 400 The same goes for an an unauthorized request: >>> b '' >>> s 401 z Content-Typez!application/x-www-form-urlencodedNi) _create_requestvalidate_access_token_requestrrinvalidate_request_token client_keyrr OAuth1Error urlencoded status_code) ruri http_methodbodyheadersr resp_headersrvalidprocessed_requestres rcreate_access_token_responsez0AccessTokenEndpoint.create_access_token_response6s`'(KL  =**3 T7KG'+'I'I( $E$00+:KL&&??&&..$UC//4}$!! =q}}< < =s$A5B<BB7B2,B72B7c|j||j||jstjd|j j |jstjd|jstjd|j j|jstjd|j j|j|j|j||jsd|fS|j j|j|}|s|j j|_ |j j|j|j|}|s|j j |_|j j#|j|j|j|}|j%|d }||j&d <||j&d <||j&d <||j&d <t)||||f}|smt*j-dt*j-d|t*j-d|t*j-d|t*j-d|||fS)aJValidate an access token request. :param request: OAuthlib request. :type request: oauthlib.common.Request :raises: OAuth1Error if the request is invalid. :returns: A tuple of 2 elements. 1. The validation result (True or False). 2. The request object. zMissing resource owner.) descriptionz"Invalid resource owner key format.zMissing verifier.zInvalid verifier format.) request_tokenFT)is_token_requestclientresource_ownerverifier signaturez&[Failure] request verification failed.zValid client:, %szValid token:, %szValid verifier:, %szValid signature:, %s)_check_transport_security_check_mandatory_parametersrrInvalidRequestErrorrcheck_request_tokenr7check_verifiervalidate_timestamp_and_noncer$ timestampnoncevalidate_client_key dummy_clientvalidate_request_tokendummy_request_tokenvalidate_verifier_check_signature validator_logallloginfo)rr valid_clientvalid_resource_ownervalid_verifiervalid_signaturevs rr"z1AccessTokenEndpoint.validate_access_token_requestws &&w/ ((1)),,57 7%%99**,,,@B B,,/1 1%%44W5E5EF,,68 8%%BB""G$5$5w}}g%88C:'> !--AA   ) !%!7!7!D!DG  $55LL    : :G E#)-)?)?)S)SG &//AA     & &      //$/O+7h'2F./,:j)-<k* 3^ " # HH= > HH(, 7 HH')= > HH*N ; HH+_ ='zr)GETNNN)__name__ __module__ __qualname____doc__rr0r"rrr r s"(,IM?C?=B`rr ) rTloggingoauthlib.commonrrbaser getLoggerrQrIr rUrrr[s8%g!B,Br