~hT7dZddlZddlZddlZddlmZddlmZddlmZddl m Z ddl m Z d Z d Z d Zd Zd ZdZddZddZdZdZdZdZdZdZdZdZdZdZdZy)zauthlib.oauth1.rfc5849.signature. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ This module represents a direct implementation of `section 3.4`_ of the spec. .. _`section 3.4`: https://tools.ietf.org/html/rfc5849#section-3.4 N)to_bytes) to_unicode)urlparseescape)unescapez HMAC-SHA1zRSA-SHA1 PLAINTEXTHEADERQUERYBODYc*t||}g}|D]9\}}|dvr |jdr t|}|j||f;t |}dj t |jt |t |gS)aXGenerate signature base string from request, per `Section 3.4.1`_. For example, the HTTP request:: POST /request?b5=%3D%253D&a3=a&c%40=&a2=r%20b HTTP/1.1 Host: example.com Content-Type: application/x-www-form-urlencoded Authorization: OAuth realm="Example", oauth_consumer_key="9djdj82h48djs9d2", oauth_token="kkk9d7dh3k39sjv7", oauth_signature_method="HMAC-SHA1", oauth_timestamp="137131201", oauth_nonce="7d8f3e4a", oauth_signature="bYT5CMsGcbgUdFHObYMEfcx6bsw%3D" c2&a3=2+q is represented by the following signature base string (line breaks are for display purposes only):: POST&http%3A%2F%2Fexample.com%2Frequest&a2%3Dr%2520b%26a3%3D2%2520q %26a3%3Da%26b5%3D%253D%25253D%26c%2540%3D%26c2%3D%26oauth_consumer_ key%3D9djdj82h48djs9d2%26oauth_nonce%3D7d8f3e4a%26oauth_signature_m ethod%3DHMAC-SHA1%26oauth_timestamp%3D137131201%26oauth_token%3Dkkk 9d7dh3k39sjv7 .. _`Section 3.4.1`: https://tools.ietf.org/html/rfc5849#section-3.4.1 )oauth_signaturerealmoauth_&)normalize_base_string_uri startswithr appendnormalize_parametersjoinrupper) methoduriparamshostbase_string_uriunescaped_paramskvnormalized_paramss \/opt/mcp/mcp-sentiment/venv/lib/python3.12/site-packages/authlib/oauth1/rfc5849/signature.pyconstruct_base_stringr#s<0T:O(1 , ,  << ! AA'(--=> 88 6<<> " ? # $ %  cVt|}tj|\}}}}}}|r|s td|sd}|j}|j}||j}d}d|vr|j dd\}} || f|vr|}tj ||||ddfS)a7Normalize Base String URI per `Section 3.4.1.2`_. For example, the HTTP request:: GET /r%20v/X?id=123 HTTP/1.1 Host: EXAMPLE.COM:80 is represented by the base string URI: "http://example.com/r%20v/X". In another example, the HTTPS request:: GET /?q=1 HTTP/1.1 Host: www.example.net:8080 is represented by the base string URI: "https://www.example.net:8080/". .. _`Section 3.4.1.2`: https://tools.ietf.org/html/rfc5849#section-3.4.1.2 The host argument overrides the netloc part of the uri argument. z$uri must include a scheme and netloc/))http80)https443:r)rr ValueErrorlowersplit urlunparse) rrschemenetlocpathrqueryfragment default_portsports r"rrVs* S/C4<4E4Ec4J1FFD&% ?@@ \\^F \\^F M f}\\#q) d D>] *F   fb"E FFr$c|Dcgc]\}}t|t|f}}}|j|Dcgc] \}}|d|}}}dj|Scc}}wcc}}w)a Normalize parameters per `Section 3.4.1.3.2`_. For example, the list of parameters from the previous section would be normalized as follows: Encoded:: +------------------------+------------------+ | Name | Value | +------------------------+------------------+ | b5 | %3D%253D | | a3 | a | | c%40 | | | a2 | r%20b | | oauth_consumer_key | 9djdj82h48djs9d2 | | oauth_token | kkk9d7dh3k39sjv7 | | oauth_signature_method | HMAC-SHA1 | | oauth_timestamp | 137131201 | | oauth_nonce | 7d8f3e4a | | c2 | | | a3 | 2%20q | +------------------------+------------------+ Sorted:: +------------------------+------------------+ | Name | Value | +------------------------+------------------+ | a2 | r%20b | | a3 | 2%20q | | a3 | a | | b5 | %3D%253D | | c%40 | | | c2 | | | oauth_consumer_key | 9djdj82h48djs9d2 | | oauth_nonce | 7d8f3e4a | | oauth_signature_method | HMAC-SHA1 | | oauth_timestamp | 137131201 | | oauth_token | kkk9d7dh3k39sjv7 | +------------------------+------------------+ Concatenated Pairs:: +-------------------------------------+ | Name=Value | +-------------------------------------+ | a2=r%20b | | a3=2%20q | | a3=a | | b5=%3D%253D | | c%40= | | c2= | | oauth_consumer_key=9djdj82h48djs9d2 | | oauth_nonce=7d8f3e4a | | oauth_signature_method=HMAC-SHA1 | | oauth_timestamp=137131201 | | oauth_token=kkk9d7dh3k39sjv7 | +-------------------------------------+ and concatenated together into a single string (line breaks are for display purposes only):: a2=r%20b&a3=2%20q&a3=a&b5=%3D%253D&c%40=&c2=&oauth_consumer_key=9dj dj82h48djs9d2&oauth_nonce=7d8f3e4a&oauth_signature_method=HMAC-SHA1 &oauth_timestamp=137131201&oauth_token=kkk9d7dh3k39sjv7 .. _`Section 3.4.1.3.2`: https://tools.ietf.org/html/rfc5849#section-3.4.1.3.2 =r)rsortr)rrr key_valuesparameter_partss r"rrssR6<> ::r$cBt|j|jS)zSign a PLAINTEXT signature.)r[rMrN)r^rAs r"sign_plaintextrdks v33V5H5H IIr$ct|}t||j|j}t j ||j S)zVerify a HMAC-SHA1 signature.)rBrSrMrNrEcompare_digestrQ)rArLrRs r"verify_hmac_sha1rgps?09K k7+@+@'BVBV WC   sG$5$5 66r$cddlm}t|}tjt |j }||t ||jS)z6Verify a RSASSA-PKCS #1 v1.5 base64 encoded signature.r) verify_sha1)rVrirBrI a2b_base64rrQrsa_public_key)rArirLrRs r"verify_rsa_sha1rlwsD 09K   hw'8'89 :C sH[173I3I JJr$ct|j|j}tj||j S)zVerify a PLAINTEXT signature.)r[rMrNrErfrQ)rArRs r"verify_plaintextrns3 g33W5I5I JC   sG$5$5 66r$)N)__doc__rIrGrEauthlib.common.encodingrrauthlib.common.urlsrutilrr SIGNATURE_HMAC_SHA1SIGNATURE_RSA_SHA1SIGNATURE_PLAINTEXTSIGNATURE_TYPE_HEADERSIGNATURE_TYPE_QUERYSIGNATURE_TYPE_BODYr#rrrBrSrYr[r_rbrdrgrlrnr$r"rzs ,.(!! 6rDGNX%vT *Z*>W ; J 7K7r$