gddlmZddlmZddlmZmZmZddlmZm Z m Z m Z ddl m Z ddlmZddlmZmZer Gdd e ZGd d Zdd Zdd ZddZddZddZddZddZy)) annotations)Mapping)datetime timedeltatimezone) TYPE_CHECKINGAny TypedDictcast)config)StreamlitAuthError)AttrDictsecrets_singletonc"eZdZUded<ded<y)ProviderTokenPayloadstrproviderintexpN)__name__ __module__ __qualname____annotations__H/var/www/openai/venv/lib/python3.12/site-packages/streamlit/auth_util.pyrrs  rrc.eZdZdZdZdZdZdZdZy) AuthCachezBSimple cache implementation for storing info required for Authlib.ci|_yNcacheselfs r__init__zAuthCache.__init__#s  rc8|jj|Sr )r"getr$keys rr'z AuthCache.get&szz~~c""rc"||j|<yr r!)r$r)value expires_ins rsetz AuthCache.set+s 3rc|jSr r!r#s rget_dictzAuthCache.get_dict.s zzrc<|jj|dyr )r"popr(s rdeletezAuthCache.delete1s sD!rN) rrr__doc__r%r'r-r/r2rrrrr sL#  "rrc ddl}|j}ttt|j d}|dkry y#t tf$rYywxYw)zCheck if Authlib is installed.rN.)FT)authlib __version__tuplemaprsplit ImportErrorModuleNotFoundError)r9authlib_versionauthlib_version_tuples ris_authlib_installedrB5sa !-- %c#/D/DS/I&J K 9 , -  , -s=AAActjd}tjr)tjd}|r|j d|}|S)zEGet the cookie signing secret from the configuration or secrets.toml.zserver.cookieSecretauth cookie_secret)r get_optionrload_if_toml_existsr')signing_secret auth_sections rget_signing_secretrJDsJ ++,ABN,,.(,,V4 )--o~NN rcti} tjr#tttjd}|S)NrD)rrrGr r')rIs rget_secrets_auth_sectionrLNs8B=1.3.2, e.g. via `pip install Authlib`.NalgHS256r8)minutes)rrzlatin-1) authlib.joserNr>r rnowrutcrencoderJdecode)rrNheaderpayloadprovider_tokens rencode_provider_tokenr[Ws$ W F||HLL)Ia,@@G JJvw8J8LMN   ++  u  s A++Bc ddlm}m}m}ddiddid} |j |t|}|jtd |S#t$r t ddwxYw#|$r}t d |dd}~wwxYw) z-Decode the JWT token and validate the claims.r) JoseError JWTClaimsrNrON essentialT)rr)claims_optionszError decoding provider token: r) rSr]r^rNr>r rWrJvalidater )rZr]r^rN claim_optionsrYes rdecode_provider_tokenrdjs::)$/k4=PQMR ZZ .0(   & 00!  u   R #B1#!FGTQRs" A,A'A$'B,A;;BcNi}|jdr|jd|d<|jdr|jd|d<|jdr|jd|d<|jdr"|jdj|d<|S)zKGenerate a default provider section for the 'auth' section of secrets.toml. client_id client_secretserver_metadata_url client_kwargs)r'to_dict)rIdefault_provider_sections r!generate_default_provider_sectionrls! $0<0@0@0M -(4@4D4D_4U 1-.:F:J:J !;  !67(4@4D4D 5 ') !1 $#rctjs tdtjd}| tdd|vr tdd|vr td|j|}||dk(r t |}||dk(r td td |d t |t std |d gd}|Dcgc] }||vs| }}|r&|dk(rtd|dtd |d|dycc}w)zVValidate the general auth credentials and auth credentials for the given provider.zTo use authentication features you need to configure credentials for at least one authentication provider in `.streamlit/secrets.toml`.rDN redirect_urizAuthentication credentials in `.streamlit/secrets.toml` are missing the "redirect_uri" key. Please check your configuration.rEzAuthentication credentials in `.streamlit/secrets.toml` are missing the "cookie_secret" key. Please check your configuration.defaultzAuthentication credentials in `.streamlit/secrets.toml` are missing for the default authentication provider. Please check your configuration.zeAuthentication credentials in `.streamlit/secrets.toml` are missing for the authentication provider "z#". Please check your configuration.zYAuthentication credentials in `.streamlit/secrets.toml` for the authentication provider "z6" must be valid TOML. Please check your configuration.)rfrgrhzAuthentication credentials in `.streamlit/secrets.toml` for the default authentication provider are missing the following keys: z". Please check your configuration.z"" are missing the following keys: )rrGr r'rl isinstancer)rrIprovider_section required_keysr) missing_keyss rvalidate_auth_credentialsrts  0 0 2  O  %((0L  O  \)  D  l*  E  $''1H $9<\J y $Y !,,4:6   & 0 ((0z2" #  JM#0P=CC?O4OC=LP y $S. BD  ! ((0z1Sn> @  Qs DDN)returnbool)rur)rur)rrrur)rZrrur)ruzdict[str, Any])rrruNone) __future__rcollections.abcrrrrtypingrr r r streamlitr streamlit.errorsr streamlit.runtime.secretsrrrrrBrJrLr[rdrlrtrrrr~s^##2266/Ay ""* ,&1.$$? r