f(ddlZddlmZddlmZmZddlmZddlm Z ddl m Z ddl m Z mZddlmZdd lmZdd lmZmZmZeed ij1d ij1d dZeed ij1d ij1ddZeed ij1d ij1ddZeed ij1d ij1ddZeed ij1d ij1ddZeed ij1d ij1ddZddZGddeZ ejBe Z"ejBe Z#Gdde Z$ee$jKZ&y)N)settings)PermissionDeniedValidationError) csrf_exempt)View) get_adapter)complete_social_loginrender_authentication_error)jwtkit) OAuth2Error) OAuth2AdapterOAuth2CallbackViewOAuth2LoginViewSOCIALACCOUNT_PROVIDERSgoogle CERTS_URLz*https://www.googleapis.com/oauth2/v1/certs IDENTITY_URLz-https://www.googleapis.com/oauth2/v2/userinfoACCESS_TOKEN_URLz#https://oauth2.googleapis.com/token AUTHORIZE_URLz,https://accounts.google.com/o/oauth2/v2/authID_TOKEN_ISSUERzhttps://accounts.google.comFETCH_USERINFOFcxtj|tt|jtj |S)N) credentialkeys_urlissueraudience lookup_kidverify_signature)r verify_and_decoderr client_idlookup_kid_pem_x509_certificate)apprrs g/var/www/cs2snipe.com/venv/lib/python3.12/site-packages/allauth/socialaccount/providers/google/views.py_verify_and_decoder$;s1  # #99)  c6eZdZdZeZeZeZ e Z e Z dZdZdZy)GoogleOAuth2Adapterrc Rd}|jd}|rV|j||}|jrSd|vrO|j|j}|jd} | r!| |d<n|j|j}|j j ||} | S)Nid_tokenpicture)get_decode_id_tokenfetch_userinfo_fetch_user_infotoken get_providersociallogin_from_response) selfrequestr"r/responsekwargsdatar)infor*logins r#complete_loginz"GoogleOAuth2Adapter.complete_loginNs<< + ((h7D""y'<,,U[[9((9-&-DO((5D!!#==gtL r%c8|j }t|||S)aB If the token was received by direct communication protected by TLS between this library and Google, we are allowed to skip checking the token signature according to the OpenID Connect Core 1.0 specification. https://openid.net/specs/openid-connect-core-1_0.html#IDTokenValidation )r)did_fetch_access_tokenr$)r2r"r)rs r#r,z$GoogleOAuth2Adapter._decode_id_token]s# $:::!#xBRSSr%ctjj|jddj |i}|j s t d|jS)N Authorizationz Bearer {})headerszRequest to user info failed)rget_requests_sessionr+ identity_urlformatokr json)r2 access_tokenresps r#r.z$GoogleOAuth2Adapter._fetch_user_infohsa M ! ! # S!!(+*<*<\*JK ww;< <yy{r%N)__name__ __module__ __qualname__ provider_idraccess_token_urlr authorize_urlrid_token_issuerrr@rr-r9r,r.r%r#r'r'Fs1K'!M%OL#N  T r%r'c0eZdZfdZdZdZdZxZS)LoginByTokenViewc0t|_|jj|tj|_ t ||S#ttjttf$r"}t||j |cYd}~Sd}~wwxYw)N) exception)radapterr0r'rIprovidersuperdispatchr requestsRequestExceptionrrr )r2r3exc __class__s r#rUzLoginByTokenView.dispatch{s"}  11 (44   V7#G, ,   % %     V /w QTU U  VsA#B3B BBctd)N405)r)r2r3s r#r+zLoginByTokenView.getsu%%r%c|j||jjd}|jj |d|i}t ||S)Nrr)) check_csrfPOSTr+rS verify_tokenr )r2r3argsr5rr8s r#postzLoginByTokenView.postsJ  \\%%l3  **7Z4LM$We44r%c|jjd}|s td|jjd}|s td||k7r tdy)N g_csrf_tokenzNo CSRF token in Cookie.zNo CSRF token in post body.z&Failed to verify double submit cookie.)COOKIESr+rr^)r2r3csrf_token_cookiecsrf_token_bodys r#r]zLoginByTokenView.check_csrfsb#OO//? "#=> >!,,**>:"#@A A  /"#KL L 0r%)rFrGrHrUr+rar] __classcell__)rYs@r#rOrOzs V& 5Mr%rO)T)'rV django.confrdjango.core.exceptionsrrdjango.views.decorators.csrfrdjango.views.genericrallauth.socialaccount.adapterrallauth.socialaccount.helpersr r allauth.socialaccount.internalr -allauth.socialaccount.providers.oauth2.clientr ,allauth.socialaccount.providers.oauth2.viewsr rrgetattrr+rrrrrrr$r' adapter_view oauth2_loginoauth2_callbackrOas_viewlogin_by_tokenrMr%r#rws D4%52E H/4S2SBC  H/4S2SHI  H/4S2S BC H/4S2SHI H/4S2S 9: H/4S2S 5!---`,++,?@ 1$112EF$Mt$MN-5578r%