o RDi@sddlmZddlZddlZddlZddlmZmZmZddlm Z ddl m Z ddl Z ddl mZddlmZddlmZmZmZd d lmZmZd d lmZmZd d lmZd dlmZmZe e Z!GdddeZ"dS)) annotationsN)datetime timedeltatimezone) getLogger)Any)default_backend) RSAPrivateKey)Encoding PublicFormatload_der_private_key)ER_CONNECTION_TIMEOUTER_INVALID_PRIVATE_KEY)OperationalErrorProgrammingError)KEY_PAIR_AUTHENTICATOR) AuthByPluginAuthTypecseZdZdZdZdZdZdZdZdZ dZ dZ e fd6fdd Z d7ddZ ed8ddZd9ddZd:ddZed d!Zd;d$d%Zdfd0d1 Zed?d4d5ZZS)@ AuthByKeyPairzKey pair based authentication.RS256isssubexpiat< private_keybytes | str | RSAPrivateKeylifetime_in_secondsintreturnNonec sttjd dttdtji|ttttdtjd |_ ||_ d|_ d|_ tttd|d|_dS) a#Inits AuthByKeyPair class with private key. Args: private_key: a byte array of der formats of private key, or an object that implements the `RSAPrivateKey` interface. lifetime_in_seconds: number of seconds the JWT token will be valid max_retry_attemptsJWT_CNXN_RETRY_ATTEMPTSJWT_CNXN_WAIT_TIME)secondsrJWT_LIFETIME_IN_SECONDSN)super__init__r!osgetenvrDEFAULT_JWT_RETRY_ATTEMPTSrDEFAULT_JWT_CNXN_WAIT_TIME total_seconds_socket_timeout _private_key _jwt_token_jwt_token_exp _lifetime)selfrr kwargs __class__r*Y/var/www/Datamplify/venv/lib/python3.10/site-packages/snowflake/connector/auth/keypair.pyr,(s4    zAuthByKeyPair.__init__cCs d|_dSN)r3r7r*r*r; reset_secretsQ zAuthByKeyPair.reset_secretsrcCstjSr<)rKEY_PAIRr=r*r*r;type_TszAuthByKeyPair.type_accountstruserr8rc Ksd|vr |dd}n|dd}|}|}ttjjdd}t|jt rKz t |j|_Wnt yJ}z t d|dtdd}~wwt|jtrz t|jdtd }Wnt yr}z t d |d tdd}~wwt|tst d |jjd tdnt|jtr|j}n tdt|j||}||j|_|j|d|d||j|d||j||j|ji}tj|||j d} t| tr| !d|_"|j"S| |_"|j"S)Nz.global-r.)tzinfozFailed to decode private key: z` Please provide a valid unencrypted rsa private key in base64-encoded DER format as a str object)msgerrno)datapasswordbackendzFailed to load private key: zQ Please provide a valid unencrypted rsa private key in DER format as bytes objectzPrivate key type (zU) not supported. Please provide a valid rsa private key in DER format as bytes objectz%Expected bytes or RSAPrivateKey, got ) algorithmutf-8)# partitionupperrnowrutcreplace isinstancer3rCbase64 b64decode Exceptionrrbytesr rr r:__name__ TypeErrortype calculate_public_key_fingerprintr6r5ISSUERSUBJECT ISSUE_TIME EXPIRE_TIMEjwtencode ALGORITHMdecoder4) r7rBrDr8rQer public_key_fppayloadr4r*r*r;prepareXsl           zAuthByKeyPair.preparedict[str, bool]cKsddiS)NsuccessFr*)r7r8r*r*r;reauthenticateszAuthByKeyPair.reauthenticatecCsN|tjtj}t}||dt |  d}t d||S)NzSHA256:rNzPublic key fingerprint is %s) public_key public_bytesr DERr SubjectPublicKeyInfohashlibsha256updaterU b64encodedigestrdloggerdebug)rpublic_key_der sha256hashrfr*r*r;r\s  z.AuthByKeyPair.calculate_public_key_fingerprintbodydict[Any, Any]cCst|dd<|j|dd<dS)NrJ AUTHENTICATORTOKEN)rr4)r7ryr*r*r; update_bodys zAuthByKeyPair.update_bodycCs|jSr<)r4r=r*r*r;assertion_contentszAuthByKeyPair.assertion_contentcountboolcCs ||jkSr<)_jwt_retry_attempts)r7rr*r*r; should_retryr?zAuthByKeyPair.should_retry authenticator service_name str | NonerKc s>tdtj|||||ddtd|j||ddS)NzInvoking base timeout handlerF)rrrBrDrK delete_paramsz@Base timeout handler passed, preparing new token before retrying)rBrD)rurvr+handle_timeoutrh)r7rrrBrDrKr8r9r*r;rs  zAuthByKeyPair.handle_timeoutoprcCs|jturdSdS)NTF)rIr)rr*r*r;can_handle_exceptions z"AuthByKeyPair.can_handle_exception)rrr r!r"r#)r"r#)r"r)rBrCrDrCr8rr"rC)r8rr"ri)ryrzr"r#)r"rC)rr!r"r)rrCrrrBrCrDrCrKrr8rr"r#)rrr"r)rY __module__ __qualname____doc__rcr]r^r`r_LIFETIMEr/r0r,r>propertyrArhrk staticmethodr\r}r~rrr __classcell__r*r*r9r;rs2 )   L    r)# __future__rrUrpr-rrrloggingrtypingrracryptography.hazmat.backendsr-cryptography.hazmat.primitives.asymmetric.rsar ,cryptography.hazmat.primitives.serializationr r r errorcoderrerrorsrrnetworkr by_pluginrrrYrurr*r*r*r;s"