o Lf@sddlZddlmZddlmZmZddlmZddlm Z ddl m Z ddl m Z ddlmZdd lmZdd lmZdd lmZmZmZdd lmZmZd dlmZd dlmZd dlm Z GdddeZ!e dddZ"e#e!Z$e"Z%e#e!Z&dS)N) timedelta)HttpResponseNotAllowedHttpResponseRedirect)reverse)timezone) urlencode) csrf_exempt) get_adapter)jwtkit) SocialToken) OAuth2AdapterOAuth2CallbackViewOAuth2LoginView)build_absolute_uriget_request_param)get_apple_session)AppleOAuth2Client) AppleProviderc@sReZdZeZejZdZdZ dZ ddZ ddZ dd Z d d Zd d ZddZdS)AppleOAuth2Adapterz$https://appleid.apple.com/auth/tokenz(https://appleid.apple.com/auth/authorizez#https://appleid.apple.com/auth/keyscCs(tjd|jd}dd|jdDS)N)requestprovidercSsg|]}|qS)strip).0audrrl/var/www/html/humari/django-venv/lib/python3.10/site-packages/allauth/socialaccount/providers/apple/views.py "sz4AppleOAuth2Adapter.get_client_id..,)r get_app provider_id client_idsplit)selfrapprrr get_client_id sz AppleOAuth2Adapter.get_client_idcCs.|}||}tj||jd|tjd}|S)Nzhttps://appleid.apple.com) credentialkeys_urlissueraudience lookup_kid) get_providerr%r verify_and_decodepublic_key_urllookup_kid_jwk)r#id_tokenr allowed_audsdatarrrget_verified_identity_data$s z-AppleOAuth2Adapter.get_verified_identity_datacCsdt|dd}|dd|_||j}|r"ttt|d|_| |d}i|||_ |S)N access_token)token refresh_token)secondsr/) r get token_secretexpires_in_keyrnowrint expires_atr2 user_data)r#r1r4 expires_in identity_datarrr parse_token0s zAppleOAuth2Adapter.parse_tokencKs4|j}|j||d}|j|jd<t||S)N)rresponser/)r>r+sociallogin_from_responsestaterdelete)r#rr$r4kwargs extra_dataloginrrrcomplete_loginAs  z!AppleOAuth2Adapter.complete_logincCs4|jdd}zt|WStjyiYSw)Nuserr6)apple_login_sessionr8jsonloadsJSONDecodeError)r#ruser_scope_datarrrget_user_scope_dataMs  z&AppleOAuth2Adapter.get_user_scope_datac Csht|}t|d}|jdd}|j||d}|dd}|dur'|jd}i|||d|iS)z8We need to gather the info from the apple specific logincodepkce_code_verifierN)rRr/)rrsessionpopget_access_tokenr8storerP) r#rr$client apple_sessionrQrRaccess_token_datar/rrrget_access_token_dataVs    z(AppleOAuth2Adapter.get_access_token_dataN)__name__ __module__ __qualname__r client_classridr access_token_url authorize_urlr-r%r2rArIrPrZrrrrrs  rapple_finish_callbackc Cs|jdkr tdgSt|}gd}i}|D]}t||d}|r$|||<qddg}|D] }t||d|j|<q+t|t|}tdj|t |d} | | | S)a Apple uses a `form_post` response type, which due to CORS/Samesite-cookie rules means this request cannot access the request since the session cookie is unavailable. We work around this by storing the apple response in a separate, temporary session and redirecting to a more normal oauth flow. args: finish_endpoint_name (str): The name of a defined URL, which can be overridden in your url configuration if you have more than one callback endpoint. POST)rQrDerrorr6rJr/z {url}?{query})urlquery) methodrrrrVrrrformatrsave) rfinish_endpoint_namerXkeys_to_put_in_url url_paramskeyvaluekeys_to_save_to_sessionrerBrrrapple_post_callbackms&    rp)rb)'rLdatetimer django.httprr django.urlsr django.utilsrdjango.utils.httprdjango.views.decorators.csrfrallauth.socialaccount.adapterr allauth.socialaccount.internalr allauth.socialaccount.modelsr ,allauth.socialaccount.providers.oauth2.viewsr r r allauth.utilsrrrXrrWrrrrrp adapter_view oauth2_loginoauth2_callbackoauth2_finish_loginrrrrs*           T  (