o ËÝ2gßGã@s$dZddlmZddlZddlmZmZddlmZm Z m Z ddl m Z ddl mZdd lmZdd lmZmZmZerHdd lmZdd lmZGd d„deƒZGdd„deƒZGdd„deƒZGdd„deƒZGdd„deƒZGdd„deƒZGdd„deƒZGdd„deƒZ Gdd„deƒZ!dS)z2Provides Authentication and Authorization classes.é)Ú annotationsN)ÚABCÚabstractmethod)Ú TYPE_CHECKINGÚAnyÚCallable)ÚRequest)Úcodesé)Úconst)ÚInvalidInvocationÚOAuthExceptionÚResponseException)ÚResponse)Ú Requestorc@sVeZdZdZedd„ƒZ d%d&d d„Zedfd'dd„Z d(d)dd „Z d%d*d#d$„Z dS)+ÚBaseAuthenticatorzEProvide the base authenticator object that stores OAuth2 credentials.cCsdS©N©©ÚselfrrúE/home/garg/my-data/venv/lib/python3.10/site-packages/prawcore/auth.pyÚ_authszBaseAuthenticator._authNÚ requestorrÚ client_idÚstrÚ redirect_uriú str | NoneÚreturnÚNonecCs||_||_||_dS)a%Represent a single authentication to Reddit's API. :param requestor: An instance of :class:`.Requestor`. :param client_id: The OAuth2 client ID to use with the session. :param redirect_uri: The redirect URI exactly as specified in your OAuth application settings on Reddit. This parameter is required if you want to use the :meth:`~.Authorizer.authorize_url` method, or the :meth:`~.Authorizer.authorize` method of the :class:`.Authorizer` class (default: ``None``). N)Ú _requestorrr)rrrrrrrÚ__init__s zBaseAuthenticator.__init__ÚokÚurlÚsuccess_statusÚintÚdatarrcKs<|jjd|| ¡t| ¡ƒddid}|j|krt|ƒ‚|S)NÚpostÚ ConnectionÚclose)Úauthr%Úheaders)rÚrequestrÚsortedÚitemsÚ status_coder)rr"r#r%ÚresponserrrÚ_post0s û zBaseAuthenticator._postFÚdurationÚscopesú list[str]ÚstateÚimplicitÚboolc Cs’|jdur d}t|ƒ‚|rt|tƒsd}t|ƒ‚|r$|dkr$d}t|ƒ‚|j||j|r-dndd |¡|d œ}|jjtj }t d ||d }|  ¡j S) anReturn the URL used out-of-band to grant access to your application. :param duration: Either ``"permanent"`` or ``"temporary"``. ``"temporary"`` authorizations generate access tokens that last only 1 hour. ``"permanent"`` authorizations additionally generate a refresh token that can be indefinitely used to generate new hour-long access tokens. Only ``"temporary"`` can be specified if ``implicit`` is set to ``True``. :param scopes: A list of OAuth scopes to request authorization for. :param state: A string that will be reflected in the callback to ``redirect_uri``. Elements must be printable ASCII characters in the range ``0x20`` through ``0x7E`` inclusive. This value should be temporarily unique to the client for whom the URL was generated. :param implicit: Use the implicit grant flow (default: ``False``). This flow is only available for ``UntrustedAuthenticators``. :returns: URL to be used out-of-band for granting access to your application. :raises: :class:`.InvalidInvocation` if ``redirect_uri`` is not provided, if ``implicit`` is ``True`` and an authenticator other than :class:`.UntrustedAuthenticator` is used, or ``implicit`` is ``True`` and ``duration`` is ``"permanent"``. Núredirect URI not providedzFOnly UntrustedAuthenticator instances can use the implicit grant flow.Ú temporaryz>The implicit grant flow only supports temporary access tokens.ÚtokenÚcodeú )rr1rÚ response_typeÚscoper4ÚGET)Úparams) rr Ú isinstanceÚUntrustedAuthenticatorrÚjoinrÚ reddit_urlr ÚAUTHORIZATION_PATHrÚpreparer") rr1r2r4r5Úmsgr?r"r+rrrÚ authorize_url>s( ÿ  ú zBaseAuthenticator.authorize_urlr9Ú token_typecCs<d|i}|dur ||d<|jjtj}|j|fi|¤ŽdS)a;Ask Reddit to revoke the provided token. :param token: The access or refresh token to revoke. :param token_type: When provided, hint to Reddit what the token type is for a possible efficiency gain. The value can be either ``"access_token"`` or ``"refresh_token"``. r9NÚtoken_type_hint)rrCr ÚREVOKE_TOKEN_PATHr0)rr9rHr%r"rrrÚ revoke_tokents  zBaseAuthenticator.revoke_tokenr)rrrrrrrr)r"rr#r$r%rrr©F) r1rr2r3r4rr5r6rr)r9rrHrrr) Ú__name__Ú __module__Ú __qualname__Ú__doc__rrr r r0rGrKrrrrrs  ü ÿ û6rc@sZeZdZUdZeZded<ddd „Zdd d „Zddd„Z ddd„Z ddd„Z ddd„Z dS)ÚBaseAuthorizerz6Superclass for OAuth2 authorization tokens and scopes.z tuple | typeÚAUTHENTICATOR_CLASSÚ authenticatorrrrcCs||_| ¡| ¡dS)z†Represent a single authorization to Reddit's API. :param authenticator: An instance of :class:`.BaseAuthenticator`. N)Ú_authenticatorÚ_clear_access_tokenÚ_validate_authenticator)rrSrrrr ‰s zBaseAuthorizer.__init__cCs|d|_d|_dSr)Ú access_tokenr2rrrrrU“s z"BaseAuthorizer._clear_access_tokenr%rcKsš|jjjtj}t ¡}|jjd d|i|¤Ž}| ¡}d|vr*t||d|  d¡ƒ‚|d|d|_ |d|_ d|vrA|d|_ t |d d ¡ƒ|_dS) Nr"ÚerrorÚerror_descriptioné Ú expires_inrWÚ refresh_tokenr=r;r)rTrrCr ÚACCESS_TOKEN_PATHÚtimer0Újsonr ÚgetÚ_expiration_timestamprWr\ÚsetÚsplitr2)rr%r"Úpre_request_timer/ÚpayloadrrrÚ_request_token˜sÿ  zBaseAuthorizer._request_tokencCsht|j|jƒs2d}t|jtƒr|d|jj›d7}t|ƒ‚|dd dd„|jDƒ¡›d7}t|ƒ‚dS)Nz!Must use an authenticator of typer;Ú.z or cSsg|]}|j‘qSr)rM)Ú.0ÚirrrÚ ¯sz:BaseAuthorizer._validate_authenticator..)r@rTrRÚtyperMrBr ©rrFrrrrV¨s ýÿøz&BaseAuthorizer._validate_authenticatorr6cCs|jduo t ¡|jkS)zÌReturn whether the :class`.Authorizer` is ready to authorize requests. A ``True`` return value does not guarantee that the ``access_token`` is actually valid on the server side. N)rWr^rarrrrÚis_valid³sÿzBaseAuthorizer.is_validcCs2|jdur d}t|ƒ‚|j |jd¡| ¡dS)z!Revoke the current Authorization.Nzno token available to revokerW)rWr rTrKrUrlrrrÚrevoke¾s  zBaseAuthorizer.revokeN)rSrrr©rr)r%rrr)rr6) rMrNrOrPrrRÚ__annotations__r rUrfrVrmrnrrrrrQ„s       rQcs>eZdZUdZdZded< dd‡fdd„ Zddd„Z‡ZS)ÚTrustedAuthenticatorzEStore OAuth2 authentication credentials for web, or script type apps.r:rÚ RESPONSE_TYPENrrrÚ client_secretrrrrcstƒ |||¡||_dS)auRepresent a single authentication to Reddit's API. :param requestor: An instance of :class:`.Requestor`. :param client_id: The OAuth2 client ID to use with the session. :param client_secret: The OAuth2 client secret to use with the session. :param redirect_uri: The redirect URI exactly as specified in your OAuth application settings on Reddit. This parameter is required if you want to use the :meth:`~.Authorizer.authorize_url` method, or the :meth:`~.Authorizer.authorize` method of the :class:`.Authorizer` class (default: ``None``). N)Úsuperr rs)rrrrsr©Ú __class__rrr Ís zTrustedAuthenticator.__init__útuple[str, str]cCs |j|jfSr)rrsrrrrrãs zTrustedAuthenticator._authr) rrrrrsrrrrr©rrw) rMrNrOrPrrrpr rÚ __classcell__rrrurrqÈs  ûrqc@seZdZdZddd„ZdS)rAzCStore OAuth2 authentication credentials for installed applications.rrwcCs |jdfS)NÚ)rrrrrrês zUntrustedAuthenticator._authNrx)rMrNrOrPrrrrrrAçsrAcsPeZdZdZddddœd‡fd d„Zddd„Zddd„Zdd‡fdd„ Z‡ZS)Ú Authorizerz/Manages OAuth2 authorization tokens and scopes.N)Úpost_refresh_callbackÚpre_refresh_callbackr\rSrr|ú#Callable[[Authorizer], None] | Noner}r\rrrcs"tƒ |¡||_||_||_dS)a¾Represent a single authorization to Reddit's API. :param authenticator: An instance of a subclass of :class:`.BaseAuthenticator`. :param post_refresh_callback: When a single-argument function is passed, the function will be called prior to refreshing the access and refresh tokens. The argument to the callback is the :class:`.Authorizer` instance. This callback can be used to inspect and modify the attributes of the :class:`.Authorizer`. :param pre_refresh_callback: When a single-argument function is passed, the function will be called after refreshing the access and refresh tokens. The argument to the callback is the :class:`.Authorizer` instance. This callback can be used to inspect and modify the attributes of the :class:`.Authorizer`. :param refresh_token: Enables the ability to refresh the authorization. N)rtr Ú_post_refresh_callbackÚ_pre_refresh_callbackr\)rrSr|r}r\rurrr ñs  zAuthorizer.__init__r:rcCs0|jjdur d}t|ƒ‚|j|d|jjddS)z§Obtain and set authorization tokens based on ``code``. :param code: The code obtained by an out-of-band authorization request to Reddit. Nr7Úauthorization_code)r:Ú grant_typer)rTrr rf)rr:rFrrrÚ authorizes  ýzAuthorizer.authorizecCsN|jr| |¡|jdurd}t|ƒ‚|jd|jd|jr%| |¡dSdS)z1Obtain a new access token from the refresh_token.Nzrefresh token not providedr\)r‚r\)r€r\r rfrrlrrrÚrefreshs  ÿÿzAuthorizer.refreshFÚ only_accessr6cs>|s|jdurtƒ ¡dS|j |jd¡| ¡d|_dS)aRevoke the current Authorization. :param only_access: When explicitly set to ``True``, do not evict the refresh token if one is set. Revoking a refresh token will in-turn revoke all access tokens associated with that authorization. Nr\)r\rtrnrTrKrU)rr…rurrrn+s   zAuthorizer.revoke) rSrr|r~r}r~r\rrr)r:rrrrorL)r…r6rr) rMrNrOrPr rƒr„rnryrrrurr{îsú   r{cs&eZdZdZeZd ‡fd d „ Z‡ZS)ÚImplicitAuthorizerz3Manages implicit installed-app type authorizations.rSrArWrr[r$r=rrcs4tƒ |¡t ¡||_||_t| d¡ƒ|_dS)aURepresent a single implicit authorization to Reddit's API. :param authenticator: An instance of :class:`.UntrustedAuthenticator`. :param access_token: The access_token obtained from Reddit via callback to the authenticator's ``redirect_uri``. :param expires_in: The number of seconds the ``access_token`` is valid for. The origin of this value was returned from Reddit via callback to the authenticator's redirect uri. Note, you may need to subtract an offset before passing in this number to account for a delay between when Reddit prepared the response, and when you make this function call. :param scope: A space-delimited string of Reddit OAuth2 scope names as returned from Reddit in the callback to the authenticator's redirect uri. r;N)rtr r^rarWrbrcr2)rrSrWr[r=rurrr Bs zImplicitAuthorizer.__init__) rSrArWrr[r$r=rrr)rMrNrOrPrArRr ryrrrurr†=sr†cs4eZdZdZeZ d d‡fd d „ Zdd d „Z‡ZS)ÚReadOnlyAuthorizerzÔManages authorizations that are not associated with a Reddit account. While the ``"*"`` scope will be available, some endpoints simply will not work due to the lack of an associated Reddit account. NrSrr2úlist[str] | Nonerrcstƒ |¡||_dS)zìRepresent a ReadOnly authorization to Reddit's API. :param scopes: A list of OAuth scopes to request authorization for (default: ``None``). The scope ``"*"`` is requested when the default argument is used. N)rtr Ú_scopes)rrSr2rurrr gs zReadOnlyAuthorizer.__init__cCs2i}|jr d |j¡|d<|jdddi|¤ŽdS)z#Obtain a new ReadOnly access token.r;r=r‚Úclient_credentialsNr)r‰rBrf)rÚadditional_kwargsrrrr„uszReadOnlyAuthorizer.refreshr)rSrr2rˆrrro© rMrNrOrPrqrRr r„ryrrrurr‡]s ýr‡cs6eZdZdZeZ  dd‡fdd„ Zddd„Z‡ZS)ÚScriptAuthorizerzšManages personal-use script type authorizations. Only users who are listed as developers for the application will be granted access tokens. NrSrÚusernamerÚpasswordÚtwo_factor_callbackúCallable | Noner2rˆrrcs(tƒ |¡||_||_||_||_dS)a³Represent a single personal-use authorization to Reddit's API. :param authenticator: An instance of :class:`.TrustedAuthenticator`. :param username: The Reddit username of one of the application's developers. :param password: The password associated with ``username``. :param two_factor_callback: A function that returns OTPs (One-Time Passcodes), also known as 2FA auth codes. If this function is provided, prawcore will call it when authenticating. :param scopes: A list of OAuth scopes to request authorization for (default: ``None``). The scope ``"*"`` is requested when the default argument is used. N)rtr Ú _passwordr‰Ú_two_factor_callbackÚ _username)rrSrŽrrr2rurrr ‡s  zScriptAuthorizer.__init__cCsTi}|jr d |j¡|d<|jo| ¡}|r||d<|jdd|j|jdœ|¤ŽdS)z3Obtain a new personal-use script type access token.r;r=Úotpr)r‚rŽrNr)r‰rBr“rfr”r’)rr‹Útwo_factor_coderrrr„¡sý üzScriptAuthorizer.refresh©NN) rSrrŽrrrrr‘r2rˆrrrorŒrrrurr}súrcs:eZdZdZeefZ  dd‡fd d „ Zdd d„Z‡Z S)ÚDeviceIDAuthorizerzÄManages app-only OAuth2 for 'installed' applications. While the ``"*"`` scope will be available, some endpoints simply will not work due to the lack of an associated Reddit account. NrSrÚ device_idrr2rˆrrcs(|durd}tƒ |¡||_||_dS)aÂRepresent an app-only OAuth2 authorization for 'installed' apps. :param authenticator: An instance of :class:`.UntrustedAuthenticator` or :class:`.TrustedAuthenticator`. :param device_id: A unique ID (20-30 character ASCII string) (default: ``None``). ``device_id`` is set to ``"DO_NOT_TRACK_THIS_DEVICE"`` when the default argument is used. For more information about this parameter, see: https://github.com/reddit/reddit/wiki/OAuth2#application-only-oauth :param scopes: A list of OAuth scopes to request authorization for (default: ``None``). The scope ``"*"`` is requested when the default argument is used. NÚDO_NOT_TRACK_THIS_DEVICE)rtr Ú _device_idr‰)rrSr™r2rurrr »s   zDeviceIDAuthorizer.__init__cCs:i}|jr d |j¡|d<d}|jd||jdœ|¤ŽdS)zObtain a new access token.r;r=z0https://oauth.reddit.com/grants/installed_client)r‚r™Nr)r‰rBrfr›)rr‹r‚rrrr„Ósþ ýzDeviceIDAuthorizer.refreshr—)rSrr™rr2rˆrrro) rMrNrOrPrqrArRr r„ryrrrurr˜±sür˜)"rPÚ __future__rr^ÚabcrrÚtypingrrrÚrequestsrÚrequests.status_codesr rzr Ú exceptionsr r rÚrequests.modelsrÚprawcore.requestorrrrQrqrAr{r†r‡rr˜rrrrÚs*      pDO  4