gk6dZddlmZddlZddlZddlmZddlmZddlm Z ddl m Z  ddl Z ejeZGd d e j$Z dd ZGd d Zy#e $rZe dedZ[wwxYw)zAuthorization support for gRPC.)absolute_importN)environment_vars) exceptions) _mtls_helper)service_accountzWgRPC is not installed from please install the grpcio package to use the gRPC transport.c0eZdZdZdfd ZdZdZxZS)AuthMetadataPluginanA `gRPC AuthMetadataPlugin`_ that inserts the credentials into each request. .. _gRPC AuthMetadataPlugin: http://www.grpc.io/grpc/python/grpc.html#grpc.AuthMetadataPlugin Args: credentials (google.auth.credentials.Credentials): The credentials to add to requests. request (google.auth.transport.Request): A HTTP transport request object used to refresh credentials as needed. default_host (Optional[str]): A host like "pubsub.googleapis.com". This is used when a self-signed JWT is created from service account credentials. cTtt| ||_||_||_yN)superr __init__ _credentials_request _default_host)self credentialsrequest default_host __class__s O/var/www/openai/venv/lib/python3.12/site-packages/google/auth/transport/grpc.pyr zAuthMetadataPlugin.__init__6s*  $02' )c|i}t|jtjrB|jj |j rdj |j nd|jj|j|j|j|t|jS)zGets the authorization headers for a request. Returns: Sequence[Tuple[str, str]]: A list of request headers (key, value) to add to the request. z https://{}/N) isinstancerr Credentials_create_self_signed_jwtrformatbefore_requestr method_name service_urllistitems)rcontextheaderss r_get_authorization_headersz-AuthMetadataPlugin._get_authorization_headers?s d'')D)D E    5 5<@O#<<_M/'' ,  ))  > >  f $)=,.ID#"::"&CO &!/!1 0@@O"::>0   v'< G GGrc6eZdZdZdZedZedZy)r:aFClass for application default SSL credentials. The behavior is controlled by `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable whose default value is `false`. Client certificate will not be used unless the environment variable is explicitly set to `true`. See https://google.aip.dev/auth/4114 If the environment variable is `true`, then for devices with endpoint verification support, a device certificate will be automatically loaded and mutual TLS will be established. See https://cloud.google.com/endpoint-verification/docs/overview. ctjtjd}|dk7rd|_yt j t j}|du|_y)Nr.r/F)r6r7rr8_is_mtlsr_check_config_pathCONTEXT_AWARE_METADATA_PATH)rrC metadata_paths rr zSslCredentials.__init__)sU))  > >  f $!DM);;88M*5DMrcN|jrB tj\}}}}tj|||_|j Stj|_|j S#t j$r}t j|}||d}~wwxYw)aGet the created SSL channel credentials. For devices with endpoint verification support, if the device certificate loading has any problems, corresponding exceptions will be raised. For a device without endpoint verification support, no exceptions will be raised. Returns: grpc.ChannelCredentials: The created grpc channel credentials. Raises: google.auth.exceptions.MutualTLSChannelError: If mutual TLS channel creation failed for any reason. r0N) rKrget_client_ssl_credentialsr3r9_ssl_credentialsrClientCertErrorMutualTLSChannelError)r_rDrE caught_excnew_excs rr;zSslCredentials.ssl_credentials6s == ."."I"I"K4a(,(D(D&*)%$$$%)$@$@$BD !$$$ -- .$:::F:- .s5A44B$BB$c|jS)z?Indicates if the created SSL channel credentials is mutual TLS.)rK)rs ris_mtlszSslCredentials.is_mtlsTs}}rN)r(r)r*r+r propertyr;rXrrr:r:s4  6%%:rr:)NN)r+ __future__rloggingr6 google.authrrgoogle.auth.transportr google.oauth2rr3 ImportErrorrU getLoggerr(_LOGGERr rHr:rZrrrcs&& (".) '  H %:A00:AB vHr<<} a  sA&&A9+ A44A9