f ddlmZmZddlmZmZmZddlmZddlZddl m Z ddl m Z m Z dZGdd ZGd d e Zy) )datetime timedelta) parse_qslquote urlencode)ImproperlyConfiguredN) get_adapter) OAuth2Client OAuth2Errorcrtj|i|}t|tr|j d}|S)Nzutf-8)jwtencode isinstancebytesdecode)argskwargsresps g/var/www/cs2snipe.com/venv/lib/python3.12/site-packages/allauth/socialaccount/providers/apple/client.py jwt_encoders2 ::t &v &D${{7# KceZdZdZdZy)ScopeemailnameN)__name__ __module__ __qualname__EMAILNAMErrrrs E Drrc*eZdZdZdZdZddZdZy)AppleOAuth2Clientz Custom client because `Sign In With Apple`: * requires `response_mode` field in redirect_url * requires special `client_secret` as JWT ctj}t|jj |jd}|j s t d|jjd}|s t d|j d|j||tdzd}|jd d }t||d | }|S) z6Create a JWT signed with an apple provided private keyapplezApple 'key' missingcertificate_keyzApple 'certificate_key' missingzhttps://appleid.apple.com)hours)issaudsubiatexpES256)kidalg)payloadkey algorithmheaders) rutcnowr requestget_appr2rsettingsget get_client_idrconsumer_secretr)selfnowappr&claimsr4 client_secrets rgenerate_client_secretz(AppleOAuth2Client.generate_client_secret#soo$,,'// gFww&'<= =,,**+<=&'HI I77.%%'++  ..w?"7G rc>|jjddS)zCWe support multiple client_ids, but use the first one for api calls,r) consumer_keysplit)r<s rr:zAppleOAuth2Client.get_client_id9s  &&s+A..rNc|j}|j}|j|d|j|d}|r||d<|j |t j j|j|||j}d}|jdvr |j}|rd|vrt!d|j"z|S#t$r!tt|j}YIwxYw)Nauthorization_code) client_idcode grant_type redirect_urir@ code_verifier)datar4) access_tokenz!Error retrieving access token: %s)access_token_urlrAr: callback_url_strip_empty_keysr get_requests_sessionr6access_token_methodr4 status_codejson ValueErrordictrtextr content)r<rIpkce_code_verifierurlr@rMrrPs rget_access_tokenz"AppleOAuth2Client.get_access_token=s##335 ++-. --*   $6D ! t$ M ! ! # WT--st||W T    z ) :#yy{ ~\AADLLPQ Q  :#Idii$89  :s%C'C?>C?c|jjt|}|j|jd|dd}|j r|j |d<|j ||dt|tS)N form_postz code id_token)rHrK response_modescope response_typestate?) quote_via) scope_delimiterjoinsetr:rRrdupdaterr)r<authorization_urlrb extra_paramsparamss rget_redirect_urlz"AppleOAuth2Client.get_redirect_urlYsu$$))#e*5++- --(,   ::"jjF7O l#+Yv-OPPr)N)rrr__doc__rAr:r^rnr!rrr#r#s ,/8 Qrr#)rr urllib.parserrrdjango.core.exceptionsrr allauth.socialaccount.adapterr -allauth.socialaccount.providers.oauth2.clientr r rrr#r!rrrts;(447 5  IQ IQr