o Yh!@sddlmZddlmZddlmZmZmZddlmZm Z m Z m Z ddl m Z ddlmZddlmZmZer@Gdd d e ZGd d d Zd$ddZd%ddZd&ddZd'ddZd(ddZd)ddZd*d!d"Zd#S)+) annotations)Mapping)datetime timedeltatimezone) TYPE_CHECKINGAny TypedDictcast)config)StreamlitAuthError)AttrDictsecrets_singletonc@seZdZUded<ded<dS)ProviderTokenPayloadstrproviderintexpN)__name__ __module__ __qualname____annotations__rrT/var/www/html/Persson_Maskin/env/lib/python3.10/site-packages/streamlit/auth_util.pyrs  rc@sDeZdZdZdddZdd d ZddddZdddZdddZd S) AuthCachezBSimple cache implementation for storing info required for Authlib.returnNonecCs i|_dSNcacheselfrrr__init__#s zAuthCache.__init__keyrrcCs |j|Sr)rgetr!r#rrrr$&s z AuthCache.getNvalue expires_in int | NonecCs||j|<dSrr)r!r#r&r'rrrset+sz AuthCache.setdict[str, Any]cCs|jSrrr rrrget_dict.szAuthCache.get_dictcCs|j|ddSr)rpopr%rrrdelete1szAuthCache.delete)rr)r#rrrr)r#rr&rr'r(rr)rr*)r#rrr) rrr__doc__r"r$r)r+r-rrrrr s    rrboolc CsPzddl}|j}ttt|d}|dkrWdSWdSttfy'YdSw)zCheck if Authlib is installed.rN.)FT)authlib __version__tuplemaprsplit ImportErrorModuleNotFoundError)r4authlib_versionauthlib_version_tuplerrris_authlib_installed5sr=rcCs0td}trtd}|r|d|}|S)zEGet the cookie signing secret from the configuration or secrets.toml.zserver.cookieSecretauth cookie_secret)r get_optionrload_if_toml_existsr$)signing_secret auth_sectionrrrget_signing_secretDs   rDr cCs&ti} trtdtd}|S)Nr r>)r rrAr r$)rCrrrget_secrets_auth_sectionNs rErcCshzddlm}Wn tytddwddi}|ttjtddd }| ||t }| d S) zAReturns a signed JWT token with the provider and expiration time.r)jwtcTo use authentication features, you need to install Authlib>=1.3.2, e.g. via `pip install Authlib`.NalgHS256r3)minutes)rrzlatin-1) authlib.joserFr9r rnowrutcrencoderDdecode)rrFheaderpayloadprovider_tokenrrrencode_provider_tokenWs  rSrRc Csz ddlm}m}m}Wn tytddwddiddid}z|j|t|d}|Wn|yE}ztd |dd}~wwt d |S) z-Decode the JWT token and validate the claims.r) JoseError JWTClaimsrFrGN essentialT)rr)claims_optionszError decoding provider token: r) rKrTrUrFr9r rOrDvalidater )rRrTrUrF claim_optionsrQerrrdecode_provider_tokenjs(   r[rCr*cCsxi}|dr|d|d<|dr|d|d<|dr&|d|d<|dr:td|dti|d<|S)zKGenerate a default provider section for the 'auth' section of secrets.toml. client_id client_secretserver_metadata_url client_kwargsr )r$r r to_dict)rCdefault_provider_sectionrrr!generate_default_provider_sections     rbrcststdtd}|durtdd|vrtdd|vr%td||d|vr6td |d durB|d krBt|durV|d krNtd td |dttsctd|dgd}fdd|D}|r|d kr~td|dtd|d|ddS)z[Validate the general auth credentials and auth credentials for the given provider. zTo use authentication features you need to configure credentials for at least one authentication provider in `.streamlit/secrets.toml`.r>N redirect_urizAuthentication credentials in `.streamlit/secrets.toml` are missing the "redirect_uri" key. Please check your configuration.r?zAuthentication credentials in `.streamlit/secrets.toml` are missing the "cookie_secret" key. Please check your configuration._zAuth provider name "zI" contains an underscore. Please use a provider name without underscores.defaultzAuthentication credentials in `.streamlit/secrets.toml` are missing for the default authentication provider. Please check your configuration.zeAuthentication credentials in `.streamlit/secrets.toml` are missing for the authentication provider "z#". Please check your configuration.zYAuthentication credentials in `.streamlit/secrets.toml` for the authentication provider "z6" must be valid TOML. Please check your configuration.)r\r]r^csg|]}|vr|qSrr).0r#provider_sectionrr sz-validate_auth_credentials..zAuthentication credentials in `.streamlit/secrets.toml` for the default authentication provider are missing the following keys: z". Please check your configuration.z"" are missing the following keys: )rrAr r$rb isinstancer)rrC required_keys missing_keysrrgrvalidate_auth_credentialssr    rmN)rr/)rr)rr )rrrr)rRrrr)rCr rr*)rrrr) __future__rcollections.abcrrrrtypingrrr r streamlitr streamlit.errorsr streamlit.runtime.secretsr rrrr=rDrErSr[rbrmrrrrs"