gpddlZddlmZmZmZmZmZddlm Z ddl m Z GddeeeZ GddeZ y) N)BaseApp BaseOAuth OAuth2Mixin OAuthError OpenIDMixin) OAuth2Session)TornadoIntegrationceZdZeZfdZ ddejjfdZ dejjfdZ dZ xZ S)TornadoOAuth2Appcjt|}d|jdgvrd|jd<|S)zGWe enforce S256 code challenge method if it is supported by the server.S256 code_challenge_methods_supportedcode_challenge_method)superload_server_metadataget client_kwargs)selfresult __class__s T/var/www/openai/venv/lib/python3.12/site-packages/streamlit/web/server/oidc_mixin.pyrz%TornadoOAuth2App.load_server_metadata!s:-/ VZZ BBG G:@D  6 7 request_handlerc ~|j|fi|}|jdd|i||j|ddy)a(Create a HTTP Redirect for Authorization Endpoint. :param request_handler: HTTP request instance from Tornado. :param redirect_uri: Callback or redirect URI for authorization. :param kwargs: Extra parameters to include. :return: A HTTP redirect response. redirect_uriurli.)statusN)create_authorization_url_save_authorize_dataredirect)rrrkwargs auth_contexts rauthorize_redirectz#TornadoOAuth2App.authorize_redirect(sK5t44\LVL !!!L|L|L  e!4S Arc P|jdd}|r|jdd}t|||jd|jdd}|jjJd}|j dd}|jj ||j d}|jj||j d|j||}|jd i||} d | vr#d |vr|j| |d | } i| d | i} | S)zl :param request_handler: HTTP request instance from Tornado. :return: A token dict. errorNerror_description)r& descriptioncodestate)r)r*claims_optionsid_tokennonce)r-r+userinfor) get_argumentr frameworkcachepopget_state_datarclear_state_data_format_state_paramsfetch_access_tokenparse_id_token) rrr"r&r(paramssessionr+ state_datatokenr.s rauthorize_access_tokenz'TornadoOAuth2App.authorize_access_token6s< ,,Wd; )667JDQK5kB B$008$11':  ~~##///$4d;^^227FJJw''';&;F;  7j#8**Z0+H4u3j(3E rc |jdd}|r8|jjJd}|jj|||yt d)zAuthlib underlying uses the concept of "session" to store state data. In Tornado, we don't have a session, so we use the framework's cache option. r*NzMissing state value)r2r0r1set_state_data RuntimeError)rr"r*r9s rr z%TornadoOAuth2App._save_authorize_dataWsT 7D) >>''3 33G NN ) )'5& A45 5r)N) __name__ __module__ __qualname__r client_clsrtornadowebRequestHandlerr$r<r __classcell__rs@rr r sJJIM B&{{99 B&{{99B 6rr c(eZdZeZeZdfd ZxZS) TornadoOAuthc8t||||||_y)N)r1 fetch_token update_token)r__init__config)rrOr1rLrMrs rrNzTornadoOAuth.__init__hs% [|   r)NNNN) r@rArBr oauth2_client_clsr framework_integration_clsrNrGrHs@rrJrJds( 2rrJ) tornado.webrD authlib.integrations.base_clientrrrrr$authlib.integrations.requests_clientr0streamlit.web.server.authlib_tornado_integrationr r rJrrrrVs>PC6{KC6L9r