o RDi}. @sjdZddlmZddlmZddlmZddlmZddl m Z ddl m Z ddl mZeed d Zeed d Zeed dZeeddZeeddZeeddZidddddddd dd diddd d!d"d#d$d%d&d'd(d)d*d+gd,d-d.d/d0d1d2d3d4d5id6d5d7d d8dd9d:d;d<d=d:d>ed?ed@edAedBedCdDdEdFdGdHdIdJdKdLdMdNidOdPdQgdRdQgdSd:dTdUdVdUdWdUdXgdYdZd[gd\d]d^gd_d`dagdbd:dcd<ddd:ded<dfd<dgggd d d d5dhdsz"perform_import..) isinstancestrr]listtuple)valrar\r`rbperform_imports  ric Cs@zt|WSty}zd|||jj|f}t|d}~ww)zA Attempt to import a class from a string representation. z+Could not import %r for setting %r. %s: %s.N)r ImportError __class____name__)rhraemsgr\r\rbr]s r]c@seZdZdZddZdS)_PhonyHttpRequestr8cCs|jS)N)_schemeselfr\r\rb _get_schemesz_PhonyHttpRequest._get_schemeN)rl __module__ __qualname__rprsr\r\r\rbros roc@sReZdZdZdddZeddZddZd d Zed d Z d dZ ddZ dS)OAuth2ProviderSettingsz A settings object, that allows OAuth2 Provider settings to be accessed as properties. Any setting with string import paths will be automatically resolved and return the class, rather than the string literal. NcCs4|pi|_|pt|_|p t|_|pd|_t|_dS)Nr\)_user_settingsDEFAULTSdefaultsIMPORT_STRINGSimport_strings mandatoryset _cached_attrs)rr user_settingsryr{r|r\r\rb__init__s     zOAuth2ProviderSettings.__init__cCst|ds ttdi|_|jS)Nrwr )hasattrgetattrrrwrqr\r\rbrs z$OAuth2ProviderSettings.user_settingscCs||jvr td|z|j|}Wnty-|dkr&|jr&|jd}n|j|}Ynw|r:||jvr:t||}|dkrEt|j }|dkrjd|j vrTt|j }ng}|j D]}||j vrf| |qYt d||||j|t||||S)Nz"Invalid OAuth2Provider setting: %srrrPrRrz,Defined DEFAULT_SCOPES not present in SCOPES)ryAttributeErrorrKeyErrorr;r{rirfrkeysrrPappendrvalidate_settingr~addsetattr)rrattrrhscoper\r\rb __getattr__s4              z"OAuth2ProviderSettings.__getattr__cCs"|s ||jvrtd|dSdS)Nz'OAuth2Provider setting: %s is mandatory)r|r)rrrrhr\r\rbrs z'OAuth2ProviderSettings.validate_settingcs"fdddD}|j|S)a This is used to communicate settings to oauth server. Takes relevant settings and format them accordingly. There's also EXTRA_SERVER_KWARGS that can override every value and is more flexible regarding keys and acceptable values but doesn't have import string magic or any additional processing, callables have to be assigned directly. For the likes of signed_token_generator it means something like {"token_generator": signed_token_generator(privkey, **kwargs)} csi|] \}}|t|qSr\)r)r^keyvaluerqr\rb s z8OAuth2ProviderSettings.server_kwargs..))token_expires_inr$)refresh_token_expires_inr&)token_generatorr)refresh_token_generatorr)updater)rrkwargsr\rqrb server_kwargss  z$OAuth2ProviderSettings.server_kwargscCs<|jD]}t||q|jt|drt|ddSdS)Nrw)r~delattrclearr)rrrr\r\rbreloads    zOAuth2ProviderSettings.reloadcCsv|jr|jSt|tr|}nt|tr%t}|j|_|jddr$d|_nt d|| t d}|dt d S)a  Helper function to get the OIDC issuer URL, either from the settings or constructing it from the passed request. If only an oauthlib request is available, a dummy django request is built from that and used to generate the URL. X_DJANGO_OAUTH_TOOLKIT_SECUREFr9z4request must be a django or oauthlib request: got %rz+oauth2_provider:oidc-connect-discovery-infoNz!/.well-known/openid-configuration) r<rdrrroheadersMETAgetrp TypeErrorbuild_absolute_urirlen)rrrequestdjango_requestabs_urlr\r\rb oidc_issuers   z"OAuth2ProviderSettings.oidc_issuer)NNNN) rlrtru__doc__rpropertyrrrrrrr\r\r\rbrvs  *  rvcOs |d}|dkrtdSdS)Nsettingr )oauth2_settingsr)argsrrr\r\rbreload_oauth2_settings3s r) r django.confrdjango.core.exceptionsrdjango.core.signalsr django.httpr django.urlsrdjango.utils.module_loadingroauthlib.commonrr USER_SETTINGSr+r,r-r.r/rx MANDATORYrzrir]rorvrrconnectr\r\r\rbs                   !"#$%&'()*+459:;<=?@R {