U
|
����ß=®d+��ã��������������������@���sð���d�d�l�Z�d�d�l�Z�d�d�l�m�Z���d�d�l�m�Z���d�d�l�m�Z���d�d�l�m Z ��d�d�l�m
|
Z
|
��e�j�e�e f���Z�e�j�e���Z�e�j�e�e�j�f���Z�e�j�e���Z�e�j�e
|
��Z�e�j�e�j�e�e�j�e�e�f���e�f�����Z�e�j�e�e�j�f���Z�e�j�e�j�e���e�f���Z�e�j�e�d��d d
|
�Z�G�d�d��d��Z�d�S�) é����Né����)�Ú
|
want_bytes)�Ú
|
BadPayload)�Ú�BadSignature)�Ú�_make_keys_list)�Ú�Signer)�Ú
|
serializerÚ�returnc��������������������C���s����t�|� �i�¡�t��S�)�z5Checks whether a serializer generates text or binary.)�Ú
|
isinstanceÚ�dumpsÚ�str)�r����©�r ���úNd:\z\workplace\vscode\pyvenv\venv\Lib\site-packages\itsdangerous/serializer.pyÚ�is_text_serializer����s������r����c���������������� ���@���sr���e�Z�d�Z�U�d�Z�e�Z�e�j�e�d�<�e Z
|
e�e�d�<�g�Z�e e�d�<�d,e�e�e�j�e�e�j�e���e�e�j�e ��d��d�d �Z�e�e�d
|
�d�d���Z�d-e�e�j�e�j���e�j�d �d�d��Z�e�j�e�d��d�d��Z�d.e�e d��d�d��Z�d/e�e�j�e ��d��d�d��Z�d0e�j�e�e�d��d�d��Z�d1e�j�e�j�e�d�d��d�d��Z�d2e�e�e�j�e�j�d��d�d �Z�d3e�j�e�e�j�d!�d"d#�Z d4e�e�e!d$�d%d&�Z"d5e�e�e�e�e!d'�d(d)�Z#d6e�j�e�e!d!�d*d+�Z$d�S�)7Ú
|
Serializera: ��A serializer wraps a :class:`~itsdangerous.signer.Signer` to
|
enable serializing and securely signing data other than bytes. It
|
can unsign to verify that the data hasn't been changed.
|
|
The serializer provides :meth:`dumps` and :meth:`loads`, similar to
|
:mod:`json`, and by default uses :mod:`json` internally to serialize
|
the data to bytes.
|
|
The secret key should be a random string of ``bytes`` and should not
|
be saved to code or version control. Different salts should be used
|
to distinguish signing in different contexts. See :doc:`/concepts`
|
for information about the security of the secret key and salt.
|
|
:param secret_key: The secret key to sign and verify with. Can be a
|
list of keys, oldest to newest, to support key rotation.
|
:param salt: Extra key to combine with ``secret_key`` to distinguish
|
signatures in different contexts.
|
:param serializer: An object that provides ``dumps`` and ``loads``
|
methods for serializing data to a string. Defaults to
|
:attr:`default_serializer`, which defaults to :mod:`json`.
|
:param serializer_kwargs: Keyword arguments to pass when calling
|
``serializer.dumps``.
|
:param signer: A ``Signer`` class to instantiate when signing data.
|
Defaults to :attr:`default_signer`, which defaults to
|
:class:`~itsdangerous.signer.Signer`.
|
:param signer_kwargs: Keyword arguments to pass when instantiating
|
the ``Signer`` class.
|
:param fallback_signers: List of signer parameters to try when
|
unsigning with the default signer fails. Each item can be a dict
|
of ``signer_kwargs``, a ``Signer`` class, or a tuple of
|
``(signer, signer_kwargs)``. Defaults to
|
:attr:`default_fallback_signers`.
|
|
.. versionchanged:: 2.0
|
Added support for key rotation by passing a list to
|
``secret_key``.
|
|
.. versionchanged:: 2.0
|
Removed the default SHA-512 fallback signer from
|
``default_fallback_signers``.
|
|
.. versionchanged:: 1.1
|
Added support for ``fallback_signers`` and configured a default
|
SHA-512 fallback. This fallback is for users who used the yanked
|
1.0.0 release which defaulted to SHA-512.
|
|
.. versionchanged:: 0.14
|
The ``signer`` and ``signer_kwargs`` parameters were added to
|
the constructor.
|
Ú�default_serializerÚ�default_signerÚ�default_fallback_signersó����itsdangerousN)�Ú
|
secret_keyÚ�saltr����Ú�serializer_kwargsÚ�signerÚ signer_kwargsÚ�fallback_signersc��������������������C���s���t�|��|�_�|�d�k r�t�|��}�|�|�_�|�d�k�r.|�j�}�|�|�_�t�|��|�_�|�d�k�rL|�j�}�|�|�_�|�pXi�|�_ |�d�k�rrt
|
|�j�pnd��}�|�|�_�|�p~i�|�_ d�S�)�Nr ���)�r�����secret_keysr����r����r����r����r����r����r����r�����listr����r����r����)��selfr����r����r����r����r����r����r����r ���r ���r�����__init__Y���s �����
|
|
|
�������z�Serializer.__init__)�r ���c��������������������C���s
|
���|�j�d���S�)�zThe newest (last) entry in the :attr:`secret_keys` list. This
|
is for compatibility from before key rotation support was added.
|
éÿÿÿÿ)�r����)�r����r ���r ���r����r�������s������z�Serializer.secret_key)�Ú�payloadr����r ���c����������������
|
���C���sv���|�d�k�r�|�j�}�|�j�}�n�t�|��}�z"|�r6|� �|� �d�¡�¡�W�S�|� �|�¡�W�S���t�k
|
rp��}���z�t�d�|�d��|��W�5�d�}�~�X�Y�n�X�d�S�)�a����Loads the encoded object. This function raises
|
:class:`.BadPayload` if the payload is not valid. The
|
``serializer`` parameter can be used to override the serializer
|
stored on the class. The encoded ``payload`` should always be
|
bytes.
|
Nú�utf-8zSCould not load the payload because an exception occurred on unserializing the data.)�Ú�original_error)�r����r����Ú�loadsÚ�decodeÚ Exceptionr����)�r����r ���r����Z�is_textÚ�er ���r ���r����Ú�load_payload���s����� �����������������������ý���üz�Serializer.load_payload)�Ú�objr ���c��������������������C���s����t�|�j�j�|�f�|�j���S�)�z¡Dumps the encoded object. The return value is always bytes.
|
If the internal serializer returns text, the value will be
|
encoded as UTF-8.
|
)�r����r����r����r����)�r����r(���r ���r ���r����Ú�dump_payload¤���s������z�Serializer.dump_payload)�r����r ���c��������������������C���s(���|�d�k�r�|�j�}�|�j�|�j�f�d�|�i�|�j���S�)�zCreates a new instance of the signer to be used. The default
|
implementation uses the :class:`.Signer` base class.
|
Nr����)�r����r����r����r����)�r����r����r ���r ���r����Ú�make_signer«���s����������z�Serializer.make_signerc��������������������c���s|���|�d�k�r�|�j�}�|� �|�¡�V���|�j�D�]V}�t�|�t��r:|�}�|�j�}�n�t�|�t��rN|�\�}�}�n�|�j�}�|�j�D�]�}�|�|�f�d�|�i�|���V���qZq d�S�)�z¯Iterates over all signers to be tried for unsigning. Starts
|
with the configured signer, then constructs each signer
|
specified in ``fallback_signers``.
|
Nr����) r����r*���r����r
|
���Ú�dictr����Ú�tupler����r����)�r����r����Ú�fallbackÚ�kwargsr����r ���r ���r����Ú�iter_unsigners´���s������������
|
|
|
|
|
�z�Serializer.iter_unsigners)�r(���r����r ���c��������������������C���s2���t�|� �|�¡��}�|� �|�¡� �|�¡�}�|�j�r.|� �d�¡�S�|�S�)�zÅReturns a signed string serialized with the internal
|
serializer. The return value can be either a byte or unicode
|
string depending on the format of the internal serializer.
|
r!���)�r����r)���r*����signr����r$���)�r����r(���r����r ����rvr ���r ���r����r�������s
|
|
�z�Serializer.dumps)�r(���Ú�fr����r ���c��������������������C���s����|� �|� �|�|�¡�¡���d�S�)�zLike :meth:`dumps` but dumps into a file. The file handle has
|
to be compatible with what the internal serializer expects.
|
N)�Ú�writer����)�r����r(���r2���r����r ���r ���r����Ú�dump×���s������z�Serializer.dump)�Ú�sr����r.���r ���c��������������������K���sj���t�|��}�d�}�|� �|�¡�D�]B}�z�|� �|� �|�¡�¡�W�����S���t�k
|
rV��}���z�|�}�W�5�d�}�~�X�Y�q�X�q�t� �t�|�¡��d�S�)�ziReverse of :meth:`dumps`. Raises :exc:`.BadSignature` if the
|
signature validation fails.
|
N)�r����r/���r'���Z�unsignr����Ú�_tÚ�cast)�r����r5���r����r.���Z�last_exceptionr����Ú�errr ���r ���r����r#���Ý���s��������������������z�Serializer.loads)�r2���r����r ���c��������������������C���s����|� �|� �¡�|�¡�S�)�z)Like :meth:`loads` but loads from a file.)�r#���Ú�read©�r����r2���r����r ���r ���r����Ú�loadî���s������z�Serializer.load)�r5���r����r ���c��������������������C���s����|� �|�|�¡�S�)�a9���Like :meth:`loads` but without verifying the signature. This
|
is potentially very dangerous to use depending on how your
|
serializer works. The return value is ``(signature_valid,
|
payload)`` instead of just the payload. The first item will be a
|
boolean that indicates if the signature is valid. This function
|
never fails.
|
|
Use it for debugging only and if you know that your serializer
|
module is not exploitable (for example, do not use it with a
|
pickle serializer).
|
|
.. versionadded:: 0.15
|
)�Ú�_loads_unsafe_impl)�r����r5���r����r ���r ���r����Ú�loads_unsafeò���s������z�Serializer.loads_unsafe)�r5���r����Ú�load_kwargsÚ�load_payload_kwargsr ���c��������������������C���s¬���|�d�k�r�i�}�z�d�|�j�|�f�d�|�i�|���f�W�S���t�k
|
r¦��}���z`|�j�d�k�rNW�Y�¢Pd�S�|�d�k�rZi�}�z�d�|�j�|�j�f�|��f�W���W�Y�¢"S���t�k
|
r������Y�W�Y�¢
|
d�S�X�W�5�d�}�~�X�Y�n�X�d�S�)�zfLow level helper function to implement :meth:`loads_unsafe`
|
in serializer subclasses.
|
NTr����)�FNF)�r#���r����r ���r'���r����)�r����r5���r����r>���r?���r&���r ���r ���r����r<�������s�����
|
|
|
����������þ����z�Serializer._loads_unsafe_implc��������������������C���s����|�j�|� �¡�|�d��S�)�zYLike :meth:`loads_unsafe` but loads from a file.
|
|
.. versionadded:: 0.15
|
)�r����)�r=���r9���r:���r ���r ���r����Ú�load_unsafe"���s������z�Serializer.load_unsafe)�r����NNNNN)�N)�N)�N)�N)�N)�N)�N)�N)�NN)�N)%Ú�__name__Ú
|
__module__Ú�__qualname__Ú�__doc__Ú�jsonr����r6���Ú�AnyÚ�__annotations__r����r����Ú _t_signerr����Ú�_t_fallbacksÚ _t_secret_keyÚ�_t_opt_str_bytesÚ _t_opt_kwargsÚ�Optionalr����Ú�propertyÚ�bytesr����r'���r)���r*���Ú�Iteratorr/���Ú�_t_str_bytesr����Ú�IOr4���r#���r;���Ú�_t_load_unsafer=���r<���r@���r ���r ���r ���r����r��������sp���
|
��6�����������������ø���������������ø�)�����ÿ����
|
��þ����� ��� ���ÿ���������þ�����ÿ�������þ�����û�����������ú��r����) rE���Ú�typingr6���Ú�encodingr����Ú�excr����r����r����r����r����Ú�Unionr����rO���rQ���rM���rK���Ú�DictrF���Z _t_kwargsrL���Ú�TyperH���Ú�ListÚ�TuplerI���Ú�boolrS���Ú�IterablerJ���r����r����r ���r ���r ���r����Ú�<module>����s �������������������
|
|
|
� �������
|
