o Zh@sddlmZddlmZmZmZmZddlmZm Z m Z m Z m Z ddl mZddlmZer8ddlZddlmZGdd d e e eZGd d d e ZdS) ) annotations) TYPE_CHECKINGAnyCallablecast)BaseApp BaseOAuth OAuth2Mixin OAuthError OpenIDMixin) OAuth2Session)TornadoIntegrationN) AuthCachecsDeZdZeZdfdd Z ddd d ZdddZdddZZ S)TornadoOAuth2Appreturndict[str, Any]cs.tdt}d|dgvrd|jd<|S)zGWe enforce S256 code challenge method if it is supported by the server.rS256 code_challenge_methods_supportedcode_challenge_method)rsuperload_server_metadataget client_kwargs)selfresult __class__`/var/www/html/Persson_Maskin/env/lib/python3.10/site-packages/streamlit/web/server/oidc_mixin.pyr+s z%TornadoOAuth2App.load_server_metadataNrequest_handlertornado.web.RequestHandler redirect_urirkwargsNonecKs<|j|fi|}|jdd|i||j|ddddS)a(Create a HTTP Redirect for Authorization Endpoint. :param request_handler: HTTP request instance from Tornado. :param redirect_uri: Callback or redirect URI for authorization. :param kwargs: Extra parameters to include. :return: A HTTP redirect response. r!urli.)statusNr)create_authorization_url_save_authorize_dataredirect)rrr!r" auth_contextrrrauthorize_redirect2s z#TornadoOAuth2App.authorize_redirectc Ks|dd}|r|dd}t||d|d|dd}d}|dd}|j||d}|j||d|||}|jdi||} d | vred |vre|j | |d |d } i| d | i} t d | S)zl :param request_handler: HTTP request instance from Tornado. :return: A token dict. errorNerror_description)r+ descriptioncodestate)r.r/claims_optionsid_tokennonce)r2r0userinforr) get_argumentr pop frameworkget_state_datarclear_state_data_format_state_paramsfetch_access_tokenparse_id_tokenr) rrr"r+r-paramssessionr0 state_datatokenr3rrrauthorize_access_tokenCs&       z'TornadoOAuth2App.authorize_access_tokencKs0|dd}|rd}|j|||dStd)zAuthlib underlying uses the concept of "session" to store state data. In Tornado, we don't have a session, so we use the framework's cache option. r/NzMissing state value)r5r6set_state_data RuntimeError)rr"r/r=rrrr'cs z%TornadoOAuth2App._save_authorize_data)rr)N)rr r!rr"rrr#)rr r"rrr)r"rrr#) __name__ __module__ __qualname__r client_clsrr*r@r' __classcell__rrrrr(s  rcs0eZdZeZeZ    d d fd d ZZS) TornadoOAuthNconfigdict[str, Any] | NonecacheAuthCache | None fetch_token1Callable[[dict[str, Any]], dict[str, Any]] | None update_tokencstj|||d||_dS)N)rKrMrO)r__init__rI)rrIrKrMrOrrrrPss zTornadoOAuth.__init__)NNNN)rIrJrKrLrMrNrOrN) rCrDrEroauth2_client_clsr framework_integration_clsrPrGrrrrrHosrH) __future__rtypingrrrr authlib.integrations.base_clientrrr r r $authlib.integrations.requests_clientr 0streamlit.web.server.authlib_tornado_integrationr tornado.webtornadostreamlit.auth_utilrrrHrrrrs    G