Ed$XddlZddlZddlZddlmZddlmZddlmZddlmZddl m Z ej e e fZejeZej ejeefZGdd ZGd d eZGd d eZdedeje fdZGddZdS)N)_base64_alphabet) base64_decode) base64_encode want_bytes) BadSignaturec>eZdZdZdededefdZdedededefdZdS) SigningAlgorithmzgSubclasses must implement :meth:`get_signature` to provide signature generation functionality. keyvaluereturnct)z2Returns the signature for the given key and value.)NotImplementedErrorselfr r s \C:\Users\ChattiNader\Documents\MyHotelMatch\api\dev\Lib\site-packages\itsdangerous/signer.py get_signaturezSigningAlgorithm.get_signatures!###sigcTtj||||S)zMVerifies the given signature matches the expected signature. )hmaccompare_digestr)rr r rs rverify_signaturez!SigningAlgorithm.verify_signatures'"3(:(:3(F(FGGGrN)__name__ __module__ __qualname____doc__bytesrboolrrrr r s$$u$$$$$HEH%HeHHHHHHHrr c&eZdZdZdededefdZdS) NoneAlgorithmz`Provides an algorithm that does not perform any signing and returns an empty signature. r r rcdS)Nrr!rs rrzNoneAlgorithm.get_signature%ssrN)rrrrrrr!rrr#r# sGurr#cteZdZUdZeejZej e d<d dej fdZ de de de fd Z dS) HMACAlgorithmz*Provides signature generation using HMACs.default_digest_methodN digest_methodc&||j}||_dSN)r'r()rr(s r__init__zHMACAlgorithm.__init__1s   6M%2rr r rcbtj|||j}|S)N)msg digestmod)rnewr(digest)rr r macs rrzHMACAlgorithm.get_signature7s)hs1CDDDzz||rr*)rrrr staticmethodhashlibsha1r'_tAny__annotations__r+rrr!rrr&r&)s44 %1L$>$>26>>>33bf3333 urr& secret_keyrcrt|ttfrt|gSd|DS)Nc,g|]}t|Sr!r).0ss r z#_make_keys_list..@s . . .aJqMM . . .r) isinstancestrrr)r8s r_make_keys_listr@<s=*sEl++(:&&'' . .: . . ..rcPeZdZUdZeejZej e d<dZ e e d< dde d ed ed eje d ejej d ejef dZedefdZddedefdZdedefdZdedefdZdededefdZdedefdZdedefdZdS)SigneraA signer securely signs bytes, then unsigns them to verify that the value hasn't been changed. The secret key should be a random string of ``bytes`` and should not be saved to code or version control. Different salts should be used to distinguish signing in different contexts. See :doc:`/concepts` for information about the security of the secret key and salt. :param secret_key: The secret key to sign and verify with. Can be a list of keys, oldest to newest, to support key rotation. :param salt: Extra key to combine with ``secret_key`` to distinguish signatures in different contexts. :param sep: Separator between the signature and value. :param key_derivation: How to derive the signing key from the secret key and salt. Possible values are ``concat``, ``django-concat``, or ``hmac``. Defaults to :attr:`default_key_derivation`, which defaults to ``django-concat``. :param digest_method: Hash function to use when generating the HMAC signature. Defaults to :attr:`default_digest_method`, which defaults to :func:`hashlib.sha1`. Note that the security of the hash alone doesn't apply when used intermediately in HMAC. :param algorithm: A :class:`SigningAlgorithm` instance to use instead of building a default :class:`HMACAlgorithm` with the ``digest_method``. .. versionchanged:: 2.0 Added support for key rotation by passing a list to ``secret_key``. .. versionchanged:: 0.18 ``algorithm`` was added as an argument to the class constructor. .. versionchanged:: 0.14 ``key_derivation`` and ``digest_method`` were added as arguments to the class constructor. r' django-concatdefault_key_derivationitsdangerous.Signer.Nr8saltsepkey_derivationr( algorithmc@t||_t||_|jtvrt d|t|}nd}||_||j}||_||j }||_ |t|j }||_ dS)NzThe given separator cannot be used because it may be contained in the signature itself. ASCII letters, digits, and '-_=' must not be used.rE) r@ secret_keysrrHr ValueErrorrGrDrIr'r(r&rJ)rr8rGrHrIr(rJs rr+zSigner.__init__xs,;:+F+F$S// 8' ' '7   d##DD)D  !!8N#1   6M%2  %d&899I+4rrc|jdS)zThe newest (last) entry in the :attr:`secret_keys` list. This is for compatibility from before key rotation support was added. )rL)rs rr8zSigner.secret_keys ##rcn||jd}nt|}|jdkrGtjt ||j|zS|jdkrJtjt ||jdz|zS|jdkrItj ||j}| |j|S|jdkr|Std ) aThis method is called to derive the key. The default key derivation choices can be overridden here. Key derivation is not intended to be used as a security method to make a complex key out of a short password. Instead you should use large random secret keys. :param secret_key: A specific secret key to derive from. Defaults to the last item in :attr:`secret_keys`. .. versionchanged:: 2.0 Added the ``secret_key`` parameter. NrOconcatrCssignerr)r.nonezUnknown key derivation method) rLrrIr5castrr(rGr0rr/update TypeError)rr8r1s r derive_keyzSigner.derive_keys   )"-JJ#J//J  ( * *75$"4"4TY5K"L"L"S"S"U"UVV V  O 3 37t))$)i*?**LMMTTVV  F * *(:1CDDDC JJty ! ! !::<<   F * * ;<< >>>NNNNrcT ||dS#t$rYdSwxYw)znOnly validates the given signed value. Returns ``True`` if the signature exists and is valid. TF)rar )rr]s rvalidatezSigner.validates@  KK % % %4   55 s  '')rErFNNNr*)rrrrr2r3r4r'r5r6r7rDr? _t_secret_key_t_opt_str_bytes _t_str_bytesOptionalr r+propertyrr8rVrrYr rrarcr!rrrBrBCs##V%1L$>$>26>>>#2C111 "8 +/-137,5,5!,5,5 ,5  C( ,5 {26* ,5;/0,5,5,5,5\$E$$$X$ ==%5=====B"<"E""""<,<5<<<< l$" O< OE O O O O\drrB)r3rtypingr5encodingrrrrexcr Unionr?rrfrgreIterablerdr r#r&Listr@rBr!rrros &&&&&&############ xU # ;|,\2L@A  H H H H H H H H $$&/ /"'%.////~~~~~~~~~~r