&gvdZddlZddlmZddlmZddlmZmZej e Z GddeZ dS) z oauthlib.oauth2.rfc6749 ~~~~~~~~~~~~~~~~~~~~~~~ This module is an implementation of various logic needed for consuming and providing OAuth 2.0 RFC6749. N)Request)utils) BaseEndpointcatch_errors_and_unavailabilityceZdZdZdZedZedZedZedZ e d d Z e d d Z dS) AuthorizationEndpointaaAuthorization endpoint - used by the client to obtain authorization from the resource owner via user-agent redirection. The authorization endpoint is used to interact with the resource owner and obtain an authorization grant. The authorization server MUST first verify the identity of the resource owner. The way in which the authorization server authenticates the resource owner (e.g. username and password login, session cookies) is beyond the scope of this specification. The endpoint URI MAY include an "application/x-www-form-urlencoded" formatted (per `Appendix B`_) query component, which MUST be retained when adding additional query parameters. The endpoint URI MUST NOT include a fragment component:: https://example.com/path?query=component # OK https://example.com/path?query=component#fragment # Not OK Since requests to the authorization endpoint result in user authentication and the transmission of clear-text credentials (in the HTTP response), the authorization server MUST require the use of TLS as described in Section 1.6 when sending requests to the authorization endpoint:: # We will deny any request which URI schema is not with https The authorization server MUST support the use of the HTTP "GET" method [RFC2616] for the authorization endpoint, and MAY support the use of the "POST" method as well:: # HTTP method is currently not enforced Parameters sent without a value MUST be treated as if they were omitted from the request. The authorization server MUST ignore unrecognized request parameters. Request and response parameters MUST NOT be included more than once:: # Enforced through the design of oauthlib.common.Request .. _`Appendix B`: https://tools.ietf.org/html/rfc6749#appendix-B cXtj|||_||_||_dSN)r__init___response_types_default_response_type_default_token_type)selfdefault_response_typedefault_token_typeresponse_typess a/var/www/api/venv/lib/python3.11/site-packages/oauthlib/oauth2/rfc6749/endpoints/authorization.pyr zAuthorizationEndpoint.__init__>s1d###-&;##5   c|jSr )r rs rrz$AuthorizationEndpoint.response_typesEs ##rc|jSr )rrs rrz+AuthorizationEndpoint.default_response_typeIs **rc@|j|jSr )rgetrrs rdefault_response_type_handlerz3AuthorizationEndpoint.default_response_type_handlerMs"&&t'ABBBrc|jSr )rrs rrz(AuthorizationEndpoint.default_token_typeQs ''rGETNc`t||||}||_d|_|piD]\}} t ||| |j|j|j} t d|j| | ||j S):Extract response_type and route to the designated handler. http_methodbodyheadersNz+Dispatching response_type %s request to %r.) rscopesuseritemssetattrrr response_typerlogdebugcreate_authorization_responser) rurir!r"r#r$ credentialsrequestkvresponse_type_handlers rr+z3AuthorizationEndpoint.create_authorization_responseUs [tWFFF  &B--// # #DAq GQ " " " " $ 3 7 7  !4#E!G!G ?')> @ @ @$BB T,.. .rct||||}tj|j|_|j|j|j}| |S)rr ) rr scope_to_listscoper$rrr(rvalidate_authorization_request)rr,r!r"r#r.r1s rr5z4AuthorizationEndpoint.validate_authorization_requestgst [tWFFF,W];; $ 3 7 7  !4#E!G!G$CCGLLLr)rNNNN)rNN) __name__ __module__ __qualname____doc__r propertyrrrrrr+r5rrr r s((T666$$X$++X+CCXC((X(%IMMQ...%$."%JN/3 M M M%$ M M Mrr ) r9loggingoauthlib.commonroauthlib.oauth2.rfc6749rbaserr getLoggerr6r)r r;rrrAs######))))))????????g!!`M`M`M`M`ML`M`M`M`M`Mr