/ open-webui.git / app / env / lib64 / python3.11 / site-packages / msal / __pycache__ / token_cache.cpython-311.pyc

� u��g�P���dd
lZdd
l
Z
dd
lZdd
lZdd
lZddlmZ
ddlmZm Z
ddl mZ
eje �
�
ZdZd�Zd�ZGd �d e��ZGd�de��Zd
S) �N�
)
�canonicalize)�decode_part�decode_id_token)
�Client�brokerc�$�t
|
f
i|�
�
|
kS�
N)
�dict)�small�bigs �`/home/asafur/pinokio/api/open-webui.git/app/env/lib/python3.11/site-packages/msal/token_cache.py� is_subdict_ofrs������u����$�$�c
�T�|�d
|�d�
�
��S)N�preferred_username�upn)
�get)
�id_token_claimss
r� _get_usernamers.���������E�"�"�$�$�$rc ���eZ
dZd
ZGd�d��ZGd�d��Zd�Z dd�
Zdd �
Zdd �
Z e ddeded ede fd���Zddd�
d�Zddd�
d�Zdd�
Zd�Zdd�
Zdd�
Zd�Zd�Zd�Zd�Zd�ZdS)� TokenCachea
This is considered as a base class containing minimal cache behavior. Although it maintains tokens using unified schema across all MSAL libraries, this class does not serialize/persist them. See subclass :class:`SerializableTokenCache` for details on serialization. c
�"�eZ
dZd
ZdZdZdZdZdS)�TokenCache.CredentialType�AccessToken�RefreshToken�Account�IdToken�AppMetadataN)�__name__� __module__�__qualname__�ACCESS_TOKEN� REFRESH_TOKEN�ACCOUNT�ID_TOKEN�APP_METADATA�rr�CredentialTypers'������$��&� �����$���rr)c
��eZ
dZd
ZdZdS)�TokenCache.AuthorityType�ADFS�MSSTSN)r r!r"r,r-r(rr� AuthorityTyper+&s�����������rr.c
����t
j
���_i�_�jj d�f
d
� �jj d�f
d� �jj d�f
d� �jjdd�
�jj d d�
i�_ dS) Nc��
�d
�|p
d|
p
d�j
j|p
dd|p
dg�
�
���S�N�
-�)�joinr)r$�lower)�home_account_id�environment� client_id�target�!ignored_payload_from_a_real_token�selfs �r�<lambda>z%TokenCache.__init__.<locals>.<lambda>1sS����H�H�'�-�2�#�)�r��+�9�!��R����"� ���!�5�7�7�

rc��
�d
�|p
d|
p
d�j
j|p
d|p
d|p
dg�
�
���Sr1)r4r)r#r5)r6r7r8�realmr9r:r;s �rr<z%TokenCache.__init__.<locals>.<lambda><sY��� �H�H�'�-�2�#�)�r��+�8�!��R������"� ���!�5�7�7�

rc��
�d
�|p
d|
p
d�j
j|p
d|p
ddg�
�
���Sr1)r4r)r&r5)r6r7r8r>r:r;s �rr<z%TokenCache.__init__.<locals>.<lambda>KsS����H�H�'�-�2�#�)�r��+�4�!��R����� ���!�5�7�7�

rc�b�d
�|p
d|
p
d|p
dg�
�
�
��Sr1)r4r5)r6r7r>�!ignored_payload_from_a_real_entrys rr<z%TokenCache.__init__.<locals>.<lambda>Vs?���H�H�'�-�2�#�)�r�������!�5�7�7�

rc�6�d
�|p
d|
p
d��S)Nzappmetadata-{}-{}r3)
�format)r7r8�kwargss rr<z%TokenCache.__init__.<locals>.<lambda>^s#��'�.�.�{�/@�b�)�/�r�R�R�

r)NNNN)NNNNN)NNN�NN)� threading�RLock�_lock�_cacher)r$r#r&r%r'� key_makers�
r;s
`r�__init__zTokenCache.__init__*s�����_�&�&�� ���� ��-�IM�#� #� #� #� #� #� ��,�IM�+/� #� #� #� #� #� ��(�IM�"� #� #� #� #� #� ��'�#�#�#� ��,�
S
�
S
�
S
�c
3����rNc��|�|j
j|jtj
j|
|||d
�|�
�
���|���S)N�
)r6r7r8r>r9�
�default)�_getr)r#rJrr4)r;r6r7r8r>r9rPs r�_get_access_tokenzTokenCache._get_access_tokenbsi�� �y�y���,�C�D�O�J�5�B�C� /�'�#���x�x��'�'� � � ��� � � rc��|�|j
j|jtj
j|
|�
��|���S)N)r7r8rO)rQr)r'rJr)r;r7r8rPs r�_get_app_metadatazTokenCache._get_app_metadatarsR���y�y���,�C�D�O�J�5�B�C�'�#� � � �� ��� rc��|j5
|j
�|
i���||��cddd��
S#1swxYw

Y

dSr )rHrIr)r;�credential_type�keyrPs rrQzTokenCache._get{s��� �Z�
J
�
J
��;�?�?�?�B�7�7�;�;�C��I�I�
J
�
J
�
J
�
J
�
J
�
J
�
J
�
J
�
J
�
J
�
J
�
J
����
J
�
J
�
J
�
J
�
J
�
J
s�/A�A�
A�entry�query� target_set�returnc��t
|
p
i|��o<|r9|t|�d
d������
�
k
n
dS)Nr9r3T)r�setr�split)rXrYrZs r�_is_matchingzTokenCache._is_matchingsT���U�[�b�%�0�0�%��
$�J�#�e�i�i��"�5�5�;�;�=�=�>�>�>�>�#� %r�
�nowc
#�xK
�t
|p
g�
�
}t|t��s Jd
���
d}|
|jjkrtt|t ��r_d|vr[d|vrWd|vrSd|vrO|rM|�|d|d|d|d|��}|r|�||��r|V�

t|�
�
}|j 5
t|�tj��n
|�
�
}g}|j� |
i�����D]c}|
|jjkr/t|d�
�
|kr|�|�
�

�A||kr|�|||���r|V�

�d|D]} |�| �
�

� ddd��
dS#1swxYw

Y

dS) z�Returns a generator of matching entries. It is O(1) for AT hits, and O(n) for other types. Note that it holds a lock during the entire search. zInvalid parameter typeNr6r7r8r>� expires_on)
rZ)�sorted� isinstance�listr)r#rrRr_r]rH�int�timerIr�values�append� remove_at) r;rVr9rYra�preferred_resultrZ�expired_access_tokensrX�ats r�searchzTokenCache.search�s`�������"�%�%���&�$�'�'�A�A�)A�A�A�'����t�2�?�?�?��5�$�'�'� @
�!�U�*�*�}��/E�/E��u�$�$��E�)9�)9�f�)9�#�5�5��'�(�%� �*>��k�"�E�'�N�F� <� <�� � '�D�$5�$5� �%�%�%� '�'�&�&�&���[�[� � �Z� #� #��S�[�d�i�k�k�k�c�:�:�C�%�!� �����"�=�=�D�D�F�F� � ��#�t�':�'G�G�G��E�,�/�0�0�3�6�6�)�0�0��7�7�7���-�-�-��)�)�%��:�)�N�N�.� �K�K�K��+�
#�
#�����r�"�"�"�"�
#�' #� #� #� #� #� #� #� #� #� #� #� #���� #� #� #� #� #� #s�CF/�/F3�6
F3c
��t
j
d
t��
t|�|
|||����
�
S)z Equivalent to list(search(...)).z7Use list(search(...)) instead to explicitly get a list.)r9rYra)�warnings�warn�DeprecationWarningrfro)r;rVr9rYras r�findzTokenCache.find�sA��� �E�� � � ��D�K�K���e�QT�K�U�U�V�V�Vrc �>
�d
�}t
|
||
�
di��d��||
�
di��d�����}t�dt j|dd t� ����
|�|
|���S)z:Handle a token obtaining event, and add tokens into cache.c�D�
��
f
d
�|���D��S)Nc
�(�
�i|]\}
}|
|
�vrdn
|��S)
z********r()�.0�
k�
v�sensitive_fieldss �r� <dictcomp>z;TokenCache.add.<locals>.make_clean_copy.<locals>.<dictcomp>�s>�������A�q���&6�!6�!6�:�:�A���r)
�items)� dictionaryr{s `r�make_clean_copyz'TokenCache.add.<locals>.make_clean_copy�s:�������&�,�,�.�.���� r�data)�password� client_secret� refresh_token� assertion�response)r�access_tokenr��id_token�username)r�r�zevent=%s�T)�indent� sort_keysrPr`)rr�logger�debug�json�dumps�str�_TokenCache__add)r;�eventrar�clean_events r�addzTokenCache.add�s��� � � � �� �����6�2�!6�!6�9���%�_�U�Y�Y�z�2�%>�%>�A
���  �  �  �� ���Z��� ����" �" �" � � � ��z�z�%�S�z�)�)�)rc��d
|
vr>t
j
t|
d
�
�
�
�
}d|vrd|vr|djdi|�
�
fS|r|d}d|i
|fSidfS)z&Return client_info and home_account_id�client_info�uid�utidz{uid}.{utid}�subNr()r��loadsrrC)r;r�rr�r�s r�__parse_accountzTokenCache.__parse_account�s����H�$�$��*�[��-�1H�%I�%I�J�J�K���#�#��+�(=�(=�"�$9�N�$9�$H�$H�K�$H�$H�H�H�� %�!�%�(�C��3�<��$�$��4�x�rc� ��dx
}}d
|
vrt
|
d
�
�
\}}}d|
vr|
d}|
�
di��}|
�
di���|�
d�
�
}|�
d�
�
}|�
d�
�
} |�
d�
�
p| rt| |
d � ��n
i} |�|| ��\}}d�t|
�
d�
�
p
g�
�
�
�
} |j5
t|�tj��n
|�
�
}|�
rQ|�
d �
�
r%t|�
d �
�
�
�
|z n
d}t|�
d|���
�
}t|�
d|���
�
}|j j ||||
�
d �
�
| ||�
dd��t|�
�
t||z�
�
t||z�
�
d�}|��f
d��D���
�

d|vr|d}t||z�
�
|d<|� |j j ||��
|�
r!|
�
d�
�
�
s||||
�
d| �
d| �
d�
�
����t| �
�
p+��
d�
�
p|
�
d�
�
p
d|
�
d|dkr|jjn|jj��d�}t$d d!t&jd"f}|
�
d#�
�
|vr|
d#|d$<|� |j j||��
| rG|j j| ||||
�
d �
�
d%�}|� |j j||��
|rd|j j||||
�
d �
�
| t|�
�
d&�}d'|vr|d'|d(<|� |j j||��
|
�
d �
�
|d)�}d'|vr|�
d'�
�
|d(<|� |j j||��
ddd��
dS#1swxYw

Y

dS)*N�token_endpointr7r�r�r�r�r�rr8)
r8rN�scoperciX� expires_in�ext_expires_in� token_type�Bearer)rV�secretr6r7r8r9r>r�� cached_atrc�extended_expires_onc
�*�
�i|]}
|
dv�|
�|
��S)
>
�key_idr()rxryr�s �rr|z$TokenCache.__add.<locals>.<dictcomp>
s<������!�q�=�8�8�1�d�1�g�8�8�8r� refresh_in� refresh_on�skip_account_creation�_account_id�oidr�r�r3�authority_type�adfs)r6r7r>�local_account_idr�r��authorization_coder�� GRANT_TYPE� grant_type�account_source)rVr�r6r7r>r8)rVr�r6r7r8r9�last_modification_time�foci� family_id)r8r7)rrr�_TokenCache__parse_accountr4rdrHrgrhr)r#r��update�modifyrr.r,r-�_GRANT_TYPE_BROKERr�DEVICE_FLOWr%r&r$r')r;r�rar7r>�
_r�r�r�r�rr�r6r9�default_expires_inr�r�rnr��account�%grant_types_that_establish_an_account�idt�rt�app_metadatar�s @r�__addzTokenCache.__add�s����#�"��e��u�$�$�$0��7G�1H�$I�$I�!�A�{�E��E�!�!�� �.�K��9�9�Z��,�,���y�y���$�$���|�|�N�3�3�� ���_�5�5� ��<�<� �+�+��"�,�,�'8�9�9�Y
�GO�W�O�H��k�0B�C�C�C�C�UW� �(,�';�';�H�o�'V�'V�$��_����&����7�!3�!3�!9�r�:�:�;�;�� �Z�\
V
�\
V
��S�[�d�i�k�k�k�c�:�:�C�� F
�"���l�3�3�&=�����\�2�2�3�3�c�9�9�9<�#�!��L�L��/A�B�B�
D
�
D
� �!$��<�<� �*�-�-�
"/�
"/��(,�':�'G�*�'6�#.�!&���;�!7�!7�$�"�"*�,�,�|�X�"F�"F�!$�S���"%�c�J�&6�"7�"7�+.�s�^�/C�+D�+D����� � �����t�������  �8�+�+�!)�,�!7�J�'*�3��+;�'<�'<�B�|�$����D�/�<�b�"�E�E�E�� K
�5�9�9�-D�#E�#E� K
�'6�#.�"�(-� � �%�'�+�+�E�?�3F�3F�u�3M�3M�N�N�)P
�)P
�!.�o� >� >�!��8�8�J�/�/�!� �9�9�Z�0�0�!��&+�i�i�(�38�F�?�?��*�/�/�!%�!3�!9�';�';����&'�(<�j��&�|�4�96�5��9�9�\�*�*�.S�S�S�05�l�0C�G�,�-����D�/�7��'�J�J�J�� D
�'+�':�'C�&�'6�#.�"�!&���;�!7�!7� ������D�/�8�#�s�C�C�C�� G
�'+�':�'H�+�'6�#.�!&���;�!7�!7�$�.1�#�h�h�����X�%�%�&.�v�&6�B�{�O����D�/�=�r�2�F�F�F�#�Y�Y�{�3�3�*���L���!�!�,4�L�L��,@�,@��[�)��K�K��+�8�,��U�U�U�y\
V
�\
V
�\
V
�\
V
�\
V
�\
V
�\
V
�\
V
�\
V
�\
V
�\
V
�\
V
����\
V
�\
V
�\
V
�\
V
�\
V
�\
V
s�!N!S�S�
Sc�&
�|j|
d
i|�
�
}|j
5
|r,|j�|
i��}t |f
i|�
�
||<n/|j�|
i���|d��
ddd��
dS#1swxYw

Y

dS)Nr()rJrHrI� setdefaultr�pop)r;rV� old_entry�new_key_value_pairsrW�entriess rr�zTokenCache.modifyT
s
��/�d�o�o�.�;�;��;�;�� �Z� K
� K
�"� K
��+�0�0��"�E�E��#�� +� +�)� +� +�������&�&���;�;�?�?��T�J�J�J� K
� K
� K
� K
� K
� K
� K
� K
� K
� K
� K
� K
���� K
� K
� K
� K
� K
� K
s�AB�B �
B c��|
�d
�
�
|j
jksJ�
|�|j
j|
��S�NrV)rr)r$r�)r;�rt_items r� remove_rtzTokenCache.remove_rtf
s@���{�{�,�-�-��1D�1R�R�R�R�R��{�{�4�.�<�g�F�F�Frc���|
�d
�
�
|j
jksJ�
|�|j
j|
|t tt j���
�
�
�
d���S)NrV)r�r�)rr)r$r�r�rgrh)r;r��new_rts r� update_rtzTokenCache.update_rtj
sn���{�{�,�-�-��1D�1R�R�R�R�R��{�{�4�.�<�g��&)�#�d�i�k�k�*:�*:�&;�&;�H
�H
��� rc��|
�d
�
�
|j
jksJ�
|�|j
j|
��Sr�)rr)r#r�)r;�at_items rrkzTokenCache.remove_atq
s@���{�{�,�-�-��1D�1Q�Q�Q�Q�Q��{�{�4�.�;�W�E�E�Erc��|
�d
�
�
|j
jksJ�
|�|j
j|
��Sr�)rr)r&r�)r;�idt_items r� remove_idtzTokenCache.remove_idtu
s@���|�|�-�.�.�$�2E�2N�N�N�N�N��{�{�4�.�7��B�B�Brc�N�d
|
vsJ�
|�|j
j|
��S)Nr�)r�r)r%)r;�account_items r�remove_accountzTokenCache.remove_accounty
s-���<�/�/�/�/��{�{�4�.�6��E�E�Err rE)r r!r"�__doc__r)r.rLrRrTrQ�staticmethodrr]�boolr_rortr�r�r�r�r�r�rkr�r�r(rrrrs�
��������%�%�%�%�%�%�%�%���������6�6�6�v
����� ����J
�J
�J
�J
��%�%�D�%��%�3�%�$�%�%�%��\�%� -#�d�-#�-#�-#�-#�-#�^
W
�D�W
�W
�W
�W
�W
�*�*�*�*�4���p
V
�p
V
�p
V
�p
V
�dK
�K
�K
�K
�$G
�G
�G
����F
�F
�F
�C
�C
�C
�F
�F
�F
�F
�F
rrc�>��eZ
dZd
ZdZ�f
d�Zd�f
d� Zd�Zd�Z�x
Z S) �SerializableTokenCacheaThis serialization can be a starting point to implement your own persistence. This class does NOT actually persist the cache on disk/db/etc.. Depending on your need, the following simple recipe for file-based, unencrypted persistence may be sufficient:: import os, atexit, msal cache_filename = os.path.join( # Persist cache into this file os.getenv( # Automatically wipe out the cache from Linux when user's ssh session ends. # See also https://github.com/AzureAD/microsoft-authentication-library-for-python/issues/690 "XDG_RUNTIME_DIR", ""), "my_cache.bin") cache = msal.SerializableTokenCache() if os.path.exists(cache_filename): cache.deserialize(open(cache_filename, "r").read()) atexit.register(lambda: open(cache_filename, "w").write(cache.serialize()) # Hint: The following optional line persists only when state changed if cache.has_state_changed else None ) app = msal.ClientApplication(..., token_cache=cache) ... Alternatively, you may use a more sophisticated cache persistence library, `MSAL Extensions <https://github.com/AzureAD/microsoft-authentication-extensions-for-python>`_, which provides token cache persistence with encryption, and more. :var bool has_state_changed: Indicates whether the cache state in the memory has changed since last :func:`~serialize` or :func:`~deserialize` call. Fc�X�
�t
t|��j|
f
i|�
�

d
|_dS�NT)�superr�r��has_state_changed)r;r�rD� __class__s �rr�zSerializableTokenCache.add�
s7���/��$�d�+�+�/��@�@��@�@�@�!%����rNc�j�
�t
t|���|
||��
d
|_dSr�)r�r�r�r�)r;rVr�r�r�s �rr�zSerializableTokenCache.modify�
s<��� �$�d�+�+�2�2��Y�(;�
=�
=�
=�!%����rc��|j5
|
rtj|
�
�
n
i|_d
|_ddd��
dS#1swxYw

Y

dS)zEDeserialize the cache from a state previously obtained by serialize()FN)rHr�r�rIr�)r;�states r�deserializez"SerializableTokenCache.deserialize�
s����Z� +� +�/4�<�$�*�U�+�+�+�"�D�K�%*�D�"� +� +� +� +� +� +� +� +� +� +� +� +���� +� +� +� +� +� +s �%:�>�

>c
��|j5
d
|_
tj|jd���cddd��
S#1swxYw

Y

dS)z0Serialize the current cache state into a string.Fr�)
r�N)rHr�r�r�rIrKs
r� serializez SerializableTokenCache.serialize�
s����Z� 5� 5�%*�D�"��:�d�k�!�4�4�4� 5� 5� 5� 5� 5� 5� 5� 5� 5� 5� 5� 5���� 5� 5� 5� 5� 5� 5s�"7�;�
;r ) r r!r"r�r�r�r�r�r�� __classcell__)
r�s
@rr�r�~
s����������@
��&�&�&�&�&�&�&�&�&�&�&� +�+�+�5�5�5�5�5�5�5rr�)r�rFrh�loggingrq� authorityr�oauth2cli.oidcrr�oauth2cli.oauth2r� getLoggerr r�r�rr�objectrr�r(rr�<module>r�
s
�


���������������������#�#�#�#�#�#�8�8�8�8�8�8�8�8�$�$�$�$�$�$� �� �8� $� $����

%�

%�

%�
$�
$�
$� d
F
�d
F
�d
F
�d
F
�d
F
��d
F
�d
F
�d
F
�N8
5�8
5�8
5�8
5�8
5�Z�8
5�8
5�8
5�8
5�8
5r