o LfQ @sddlmZmZddlmZmZmZddlmZddlZddl m Z ddl m Z m Z ddZGd d d eZGd d d e ZdS) )datetime timedelta) parse_qslquote urlencode)ImproperlyConfiguredN) get_adapter) OAuth2Client OAuth2ErrorcOs(tj|i|}t|tr|d}|S)Nzutf-8)jwtencode isinstancebytesdecode)argskwargsresprm/var/www/html/humari/django-venv/lib/python3.10/site-packages/allauth/socialaccount/providers/apple/client.py jwt_encodes  rc@seZdZdZdZdS)ScopeemailnameN)__name__ __module__ __qualname__EMAILNAMErrrrrsrc@s2eZdZdZddZddZd ddZd d ZdS) AppleOAuth2Clientz Custom client because `Sign In With Apple`: * requires `response_mode` field in redirect_url * requires special `client_secret` as JWT cCst}t|j|jd}|jstd|jd}|s!td|jd| ||t ddd}|j d d }t ||d |d }|S) z6Create a JWT signed with an apple provided private keyapplezApple 'key' missingcertificate_keyzApple 'certificate_key' missingzhttps://appleid.apple.com)hours)issaudsubiatexpES256)kidalg)payloadkey algorithmheaders) rutcnowrrequestget_appr,rsettingsget get_client_idrconsumer_secretr)selfnowappr claimsr. client_secretrrrgenerate_client_secret#s$   z(AppleOAuth2Client.generate_client_secretcCs|jddS)zCWe support multiple client_ids, but use the first one for api calls,r) consumer_keysplit)r6rrrr49szAppleOAuth2Client.get_client_idNcCs|j}|}||d|j|d}|r||d<||tj|j|||j d}d}|j dvrIz| }Wnt yHt t|j}Ynw|rOd|vrVtd|j|S)Nauthorization_code) client_idcode grant_type redirect_urir: code_verifier)datar.) access_tokenz!Error retrieving access token: %s)access_token_urlr;r4 callback_url_strip_empty_keysrget_requests_sessionr0access_token_methodr. status_codejson ValueErrordictrtextr content)r6rApkce_code_verifierurlr:rErrHrrrget_access_token=s4     z"AppleOAuth2Client.get_access_tokencCsF||jd|jdd}|jr|j|d<||d|t|tdfS)N form_postz code id_token)r@rC response_modescope response_typestatez%s?%s) quote_via)r4rJrYr[updaterr)r6authorization_url extra_paramsparamsrrrget_redirect_urlYs  z"AppleOAuth2Client.get_redirect_url)N)rrr__doc__r;r4rVrarrrrrs   r)rr urllib.parserrrdjango.core.exceptionsrr allauth.socialaccount.adapterr-allauth.socialaccount.providers.oauth2.clientr r robjectrrrrrrs