o Lf~ @sjddlZddlZddlmZddlmZddlmZddlm Z ddZ dd Z d d Z d d ddZ dS)N)default_backend)load_pem_x509_certificate) get_adapter) OAuth2ErrorcCs,||}|rt|dt}|SdS)zu Looks up the key given keys data of the form: {"": "-----BEGIN CERTIFICATE----- CERTIFICATE"} utf8N)getrencoder public_key) keys_datakidkeyr r f/var/www/html/humari/django-venv/lib/python3.10/site-packages/allauth/socialaccount/internal/jwtkit.pylookup_kid_pem_x509_certificate s  rcCs:|dD]}|d|krtjjt|}|SqdS)a1 Looks up the key given keys data of the form: { "keys": [ { "kty": "RSA", "kid": "W6WcOKB", "use": "sig", "alg": "RS256", "n": "2Zc5d0-zk....", "e": "AQAB" }] } keysr N)jwt algorithms RSAAlgorithmfrom_jwkjsondumps)r r dr r r rlookup_kid_jwks  rc Cs`t|}|d}|d}t|}||}|||}|s,td|d||fS)Nr algzInvalid 'kid': '')rget_unverified_headerrget_requests_sessionrraise_for_statusrr) credentialkeys_urllookupheaderr rresponser r r r r fetch_key/s  r#T)verify_signaturec Cspz%|rt|||\}}|g}nd}d}tj|||dddd|||d} | WStjy7} ztd| d} ~ ww)NT)r$ verify_iss verify_aud verify_exp)r optionsissueraudiencerzInvalid id_token)r#rdecode PyJWTErrorr) rrr*r+ lookup_kidr$rr rdataer r rverify_and_decode=s.  r1)rrcryptography.hazmat.backendsrcryptography.x509rallauth.socialaccount.adapterr-allauth.socialaccount.providers.oauth2.clientrrrr#r1r r r rs