B `O@sTddlZddlZddlZddlZddlZddlmZmZmZddlZddl Z ddl Z ddl Z ddl m Z mZmZmZmZmZmZddlmZddddd d d gZeZd ZGd dde ZGdddeZddZddZddfddZddZ ddZ!ddZ"GdddeZ#d Z$d!Z%d"e&e%Z'd#Z(d$e'Z)d%Z*d&e'Z+d'e$e(e+fZ,e)e*e,Z-e.ee-d(Z/e.ed)d(Z0ere1nd*dZ2ed+d,e3d-DZ4e45d.d,e6e47Derd/ne8d/Z9erd0ne8d0Z:d1d2Z;d3d4Ze j?e=Z@ee@ZAe j>e j?d6ZBeeBZCe@d7ZDed8d,e3d-DZEeE5eFeDeDesned9d,eEGDZEeEjHZId:ZJd;ZKdZLdd?ZNd@dAZOdBdCZPePZQePZRdDePdEdFeNdEdGeQdEdHeRdEdIZSeTeSZUeVeSZWeW5dJdKdLdMgdVdPd ZXGdQd d eZYGdRd d eZZGdSddeZ[eZ\GdTddeZ]GdUdde]Z^dS)WN)datedatetime timedelta)MutableMappingPY2 text_typebytes_text_native_ string_types)strings_differCookie CookieProfileSignedCookieProfileSignedSerializerJSONSerializerBase64Serializer make_cookieTc@seZdZdZddZeddZddZdd Zd d Z d d Z d)ddZ ddZ ddZ ddZddZerddZddZddZdd Zd!d"Zd#d$Zd%d&Zd'd(ZdS)*RequestCookieszwebob._parsed_cookiescCs ||_dS)N)_environ)selfenvironrU/home/kop/projects/devel/pgwui/test_venv/lib/python3.7/site-packages/webob/cookies.py__init__*szRequestCookies.__init__csh|j}|dd}||jidf\}}||kr4|Sddtfddt|D}||f||j<|S)N HTTP_COOKIEcSs |dS)Nutf8)decode)brrr4z'RequestCookies._cache..c3s"|]\}}||fVqdS)Nr).0kv)drr 5sz(RequestCookies._cache..)rget _cache_keydict parse_cookie)renvheadercacheZ cache_headerr)r%r_cache-s zRequestCookies._cachecCs*|jd}|dk }|pd}ts*|d}t|d}|dkrBd}ntt|d}|d|}t|}d} x|D]l} | \} } | d} | |krpd } |dkr|d|  d || d}n|d| ||| d}PqpW|dk r|r|d |7}n|}|rt |d|jd<n|r&d|jd<| S) Nrrzlatin-1asciizutf-8=FTs ;s; ) rr'rencoder _value_quote _rx_cookiefinditerspangrouprstripr )rnamevaluer,Z had_headerZ bytes_name replacementZ bytes_valmatchesfoundmatchstartendZ match_namerrr_mutate_header9s<          zRequestCookies._mutate_headercCsht|tst|dt|ts(t|d}yt|d}Wntk rRtdYnXt|sdtd|S)Nzcookie name must be a stringzutf-8r/z&cookie name must be encodable to asciiz/cookie name must be valid according to RFC 6265) isinstancer TypeErrorrr rUnicodeEncodeError_valid_cookie_name)rr9Zbytes_cookie_namerrrrE_s    z!RequestCookies._valid_cookie_namecCsf||}t|tst|dt|tsVyt|d}Wntk rTt|dYnX|||dS)Nzcookie value must be a stringzutf-8z,cookie value must be utf-8 binary or unicode)rErBr ValueErrorrr UnicodeDecodeErrorrA)rr9r:rrr __setitem__ls    zRequestCookies.__setitem__cCs |j|S)N)r.)rr9rrr __getitem__xszRequestCookies.__getitem__NcCs|j||S)N)r.r')rr9defaultrrrr'{szRequestCookies.getcCs&||}||d}|s"t|dS)N)rErAKeyError)rr9r=rrr __delitem__~s  zRequestCookies.__delitem__cCs |jS)N)r.keys)rrrrrMszRequestCookies.keyscCs |jS)N)r.values)rrrrrNszRequestCookies.valuescCs |jS)N)r.items)rrrrrOszRequestCookies.itemscCs |jS)N)r.iterkeys)rrrrrPszRequestCookies.iterkeyscCs |jS)N)r. itervalues)rrrrrQszRequestCookies.itervaluescCs |jS)N)r. iteritems)rrrrrRszRequestCookies.iteritemscCs ||jkS)N)r.)rr9rrr __contains__szRequestCookies.__contains__cCs |jS)N)r.__iter__)rrrrrTszRequestCookies.__iter__cCs t|jS)N)lenr.)rrrr__len__szRequestCookies.__len__cCsd|jd<dS)Nrr)r)rrrrclearszRequestCookies.clearcCs d|jfS)Nz+)r.)rrrr__repr__szRequestCookies.__repr__)N)__name__ __module__ __qualname__r(rpropertyr.rArErHrIr'rLrMrNrOrrPrQrRrSrTrVrWrXrrrrr&s* &   rc@sHeZdZdddZddZddZeZdd d Zd d ZeZ d dZ dS)r NcCs|r||dS)N)load)rinputrrrrszCookie.__init__cCs@i}x6t|D]*\}}|tkr,|||<q|||}qWdS)N) _parse_cookielower_c_keysadd)rdatamorselkeyvalrrrr]s   z Cookie.loadcCs>t|ts|dd}t|s"iSt||}t||||S)Nr/replace)rBbytesr2rEMorselr)rH)rrerfrrrrrbs   z Cookie.addTcsdfdd|DS)Nz; c3s|]}|VqdS)N) serialize)r"m)fullrrr&sz#Cookie.serialize..)joinrN)rrmr)rmrrkszCookie.serializecCsddt|DS)NcSsg|] \}}|qSrr)r"_rlrrr sz!Cookie.values..)sortedrO)rrrrrNsz Cookie.valuescCs d|jjdtt|fS)Nz <%s: [%s]>z, ) __class__rYrnmapreprrN)rrrrrXszCookie.__repr__)N)T) rYrZr[rr]rbrHrkrN__str__rXrrrrr s  ccs8ts|d}x$t|D]\}}|t|fVqWdS)Nzlatin-1)rr2r4findall_unquote)rcrerfrrrr_s r_cCsddt|DS)zA Parse cookies ignoring anything except names and values css"|]\}}t|r||fVqdS)N)rE)r"r#r$rrrr&szparse_cookie..)r_)rcrrrr*sr*cCs|S)Nr)r$rrrr r!r cs fdd}tfdd|S)Ncs||<dS)Nr)rr$)rerkrrfsetszcookie_property..fsetcs|S)Nr)r)rerrr r!z!cookie_property..)r\)rerkrxr)rerkrcookie_propertysrycCsBt|tr(t|j|jddd}nt|tr:t|}t|S)N<)rBrstrsecondsdaysintr)r$rrrserialize_max_ages   rcCs|dkr dSt|tr|St|tr.|dSt|trBt|d}t|trXt|}t|ttfrn| }t d|}t |t |dt|dfdS)Nr/)r}z%%s, %d-%%s-%Y %H:%M:%S GMTr1)rBrhrr2rrrutcnowr timetupletimestrftimerweekdaysmonths)r$rjrrrserialize_cookie_dates        rcCs$t|}tr |dkr td|S)N)sstrictslaxsnonez+SameSite must be 'strict', 'lax', or 'none')rSAMESITE_VALIDATIONr`rF)r$rrrserialize_samesites  rc@seZdZdZddZedZedZedZede Z ede Z ed e Zed e Zed eZd d ZdddZeZddZdS)ri)r9r:cCs@t|dd|_t|dd|_t|js*t|ttddS)Nr/)encoding) rr9r:rEAssertionErrorupdater)fromkeysra)rr9r:rrrrszMorsel.__init__spathsdomainscommentsexpiressmax-ageshttponlyssecuressamesitecCs(t|d}|tkr$t|||dS)Nr/)rr`rar)rH)rr#r$rrrrHszMorsel.__setitem__Tc Csg}|j}||jdt|j|rxDtD]<}||}|r,t|}|d}|d}||d||q,W|d} | r|d| |jr|d|jr|d|jr|js|j dkrt d |d |jt d |d S) Nr0r9quotersexpiressexpires=ssecuresHttpOnlysnonez]Incompatible cookie attributes: when the samesite equals 'none', then the secure must be Trues SameSite=s; r/) appendr9r3r: _c_valkeys _c_renamessecurehttponlysamesiter`rFr rn) rrmresultrbr#r$infor9rexpiresrrrrks0  zMorsel.serializecCsd|jjt|jt|jfS)Nz <%s: %s=%r>)rrrYr r9r:)rrrrrX4szMorsel.__repr__N)T)rYrZr[ __slots__rrypathdomaincommentrrrmax_ageboolrrrrrHrkrurXrrrrris      riz "(?:\\"|.)*?"z~!@#$%^&*()_+=-`.?|:/(){}<>'z[\w\d%s]z$\w{3},\s[\w\d-]{9,11}\s[\d:]{8}\sGMTz(%s+?)z\s*=\s*z(?:%s|\\(?:[0-3][0-7][0-7]|.))*z (%s|%s|%s)r/z\\([0-3][0-7][0-7]|.)cCs t|gS)N)rh)irrrr Mr!ccs"|]}td|t|fVqdS)z%03oN)r_bchr)r"rrrrr&Nsr&ccs|]}||fVqdS)Nr)r"r$rrrr&Qs$"cCs<|r0|d|dkr tkr0nn |dd}tt|S)Nrr1) _b_quote_mark _rx_unquotesub _ch_unquote)r$rrrrwVs$ rwcCst|dS)Nr1)_ch_unquote_mapr7)rlrrrr\srz!#$%&'()*+-./:<=>?@[]^_`{|}~z!#$%&'*+-.^_`|~ ccs|]}t|d|fVqdS)z\%03oN)chr)r"rrrrr&sccs$|]\}}t|t|dfVqdS)r/N)ordr)r"r#r$rrrr&s)MonTueWedThuFriSatSun) NJanFebMarAprMayJunJulAugSepOctNovDeccCs"tr||ntj||dddS)N) stacklevel) _should_raisewarningswarn)textZ warn_classZto_raiseZ raise_reasonrrr__warn_or_raises rcCs@|dt}|r|jddd|j}|} n<|dk rvy t|}Wntk rntdYnX|} nd} t||} |dk rt|| _|dk rt|| _ |rd| _ |rd| _ |dk r|| _ | dk r| | _ |dk rt|| _|dk r|| _| S) a Generate a cookie value. ``name`` The name of the cookie. ``value`` The ``value`` of the cookie. If it is ``None``, it will generate a cookie value with an expiration date in the past. ``max_age`` The maximum age of the cookie used for sessioning (in seconds). Default: ``None`` (browser scope). ``path`` The path used for the session cookie. Default: ``/``. ``domain`` The domain used for the session cookie. Default: ``None`` (no domain). ``secure`` The 'secure' flag of the session cookie. Default: ``False``. ``httponly`` Hide the cookie from JavaScript by setting the 'HttpOnly' flag of the session cookie. Default: ``False``. ``comment`` Set a comment on the cookie. Default: ``None`` ``samesite`` The 'SameSite' attribute of the cookie, can be either ``"strict"``, ``"lax"``, ``"none"``, or ``None``. By default, WebOb will validate the value to ensure it conforms to the allowable options in the various draft RFC's that exist. To disable this check and send headers that are experimental or introduced in a future RFC, set the module flag ``SAMESITE_VALIDATION`` to a false value like: .. code:: import webob.cookies webob.cookies.SAMESITE_VALIDATION = False ck = webob.cookies.make_cookie(cookie_name, value, samesite='future') .. danger:: This feature has known compatibility issues with various user agents, and is not yet an accepted RFC. It is therefore considered experimental and subject to change. For more information please see :ref:`Experimental: SameSite Cookies ` Nr!rzWed, 31-Dec-97 23:59:59 GMTr{rzzAmax_age should be an integer. Amount of seconds until expiration.T)rBrr~r}rrFrirrrrrrrrrrk) r9r:rrrrrrrrrdrrrrs@<      c@s eZdZdZddZddZdS)rz9 A serializer which uses `json.dumps`` and ``json.loads``cCstt|ddS)Nzutf-8)r)rjsondumps)r appstructrrrr/szJSONSerializer.dumpscCstt|ddS)Nzutf-8)r)rloadsr )rbstructrrrr2szJSONSerializer.loadsN)rYrZr[__doc__rrrrrrr-sc@s*eZdZdZd ddZddZddZdS) rz5 A serializer which uses base64 to encode/decode dataNcCs|dkrt}||_dS)N)r serializer)rrrrrr:szBase64Serializer.__init__cCs|j|}t|S)ze Given an ``appstruct``, serialize and sign the data. Returns a bytestring. )rrbase64urlsafe_b64encode)rrcstructrrrr@s zBase64Serializer.dumpsc CsTytt|}Wn4tjtfk rF}ztd|Wdd}~XYnX|j|S)z Given a ``bstruct`` (a bytestring), verify the signature and then deserialize and return the deserialized value. A ``ValueError`` will be raised if the signature fails to validate. zBadly formed base64 data: %sN) rurlsafe_b64decoderbinasciiErrorrCrFrr)rrrerrrrIs zBase64Serializer.loads)N)rYrZr[rrrrrrrrr7s  c@s*eZdZdZd ddZddZdd ZdS) ra+ A helper to cryptographically sign arbitrary content using HMAC. The serializer accepts arbitrary functions for performing the actual serialization and deserialization. ``secret`` A string which is used to sign the cookie. The secret should be at least as long as the block size of the selected hash algorithm. For ``sha512`` this would mean a 512 bit (64 character) secret. ``salt`` A namespace to avoid collisions between different uses of a shared secret. ``hashalg`` The HMAC digest algorithm to use for signing. The algorithm must be supported by the :mod:`hashlib` library. Default: ``'sha512'``. ``serializer`` An object with two methods: `loads`` and ``dumps``. The ``loads`` method should accept bytes and return a Python object. The ``dumps`` method should accept a Python object and return bytes. A ``ValueError`` should be raised for malformed inputs. Default: ``None`, which will use a derivation of :func:`json.dumps` and ``json.loads``. sha512Ncs|_|_|_yt|pdt|_Wn.tk rZt|pDddt|d_YnXdfdd _j_|dkrt}|_ dS)Nrzutf-8r!cstj|S)N)hashlibnewhashalg)string)rrrr r!z+SignedSerializer.__init__..)r!) saltsecretrr salted_secretrD digestmod digest_sizerr)rrrrrr)rrrts  zSignedSerializer.__init__cCs6|j|}t|j||j}t|| dS)ze Given an ``appstruct``, serialize and sign the data. Returns a bytestring. r0) rrhmacrrrdigestrrr8)rrrsigrrrrs zSignedSerializer.dumpsc Csy(dt| d}tt||}Wn4tjtfk r\}ztd|Wdd}~XYnX||jd}|d|j}t |j t||j  }t||rtd|j|S)z Given a ``bstruct`` (a bytestring), verify the signature and then deserialize and return the deserialized value. A ``ValueError`` will be raised if the signature fails to validate. r0zBadly formed base64 data: %sNzInvalid signature)rUrrrrrrCrFrrrrrrr rr)rrZ b64paddingZfstructrrZ expected_sigrrrrrs zSignedSerializer.loads)rN)rYrZr[rrrrrrrrrWs   c@sfeZdZdZdddZddZd d Zd d Zeeeeeefd dZ eeeeeefddZ ddZ dS)raA A helper class that helps bring some sanity to the insanity that is cookie handling. The helper is capable of generating multiple cookies if necessary to support subdomains and parent domains. ``cookie_name`` The name of the cookie used for sessioning. Default: ``'session'``. ``max_age`` The maximum age of the cookie used for sessioning (in seconds). Default: ``None`` (browser scope). ``secure`` The 'secure' flag of the session cookie. Default: ``False``. ``httponly`` Hide the cookie from Javascript by setting the 'HttpOnly' flag of the session cookie. Default: ``False``. ``samesite`` The 'SameSite' attribute of the cookie, can be either ``b"strict"``, ``b"lax"``, ``b"none"``, or ``None``. For more information please see the ``samesite`` documentation in :meth:`webob.cookies.make_cookie` ``path`` The path used for the session cookie. Default: ``'/'``. ``domains`` The domain(s) used for the session cookie. Default: ``None`` (no domain). Can be passed an iterable containing multiple domains, this will set multiple cookies one for each domain. ``serializer`` An object with two methods: ``loads`` and ``dumps``. The ``loads`` method should accept a bytestring and return a Python object. The ``dumps`` method should accept a Python object and return bytes. A ``ValueError`` should be raised for malformed inputs. Default: ``None``, which will use a derivation of :func:`json.dumps` and :func:`json.loads`. FNrc CsH||_||_||_||_||_||_||_|dkr8t}||_d|_ dS)N) cookie_namerrrrrdomainsrrrequest) rrrrrrrrrrrrrs zCookieProfile.__init__cCs ||S)z8 Bind a request to a copy of this instance and return it)bind)rrrrr__call__szCookieProfile.__call__c Cs0t|j|j|j|j|j|j|j|j}||_ |S)z8 Bind a request to a copy of this instance and return it) rrrrrrrrrr)rrselfishrrrrszCookieProfile.bindcCsP|jstd|jj|j}|dk rLy|jt|Stk rJdSXdS)a Looks for a cookie by name in the currently bound request, and returns its value. If the cookie profile is not bound to a request, this method will raise a :exc:`ValueError`. Looks for the cookie in the cookies jar, and if it can find it it will attempt to deserialize it. Returns ``None`` if there is no cookie or if the value in the cookie cannot be successfully deserialized. z"No request bound to cookie profileN)rrFcookiesr'rrrr)rcookierrr get_value s zCookieProfile.get_valuec Cs(|j|||||||d} |j| |S)z Set the cookies on a response.)rrrrrr) get_headersZ headerlistextend) rresponser:rrrrrrrrrr set_cookies"s zCookieProfile.set_cookiesc Cs6|dkrd}d}n |j|}|j|||||||dS)z Retrieve raw headers for setting cookies. Returns a list of headers that should be set for the cookies to be correctly tracked. Nr)rrrrrr)rr _get_cookies) rr:rrrrrrrrrrr2s zCookieProfile.get_headersc Cs|tkr|j}|tkr|j}|tkr*|j}|tkr8|j}|tkrF|j}|tkrT|j}|dk rxt|dkrxtdt|g}|st |j ||||||d} | d| fn6x4|D],} t |j ||| ||||d} | d| fqW|S)aInternal function This returns a list of cookies that are valid HTTP Headers. :environ: The request environment :value: The value to store in the cookie :domains: The domains, overrides any set in the CookieProfile :max_age: The max_age, overrides any set in the CookieProfile :path: The path, overrides any set in the CookieProfile :secure: Set this cookie to secure, overrides any set in CookieProfile :httponly: Set this cookie to HttpOnly, overrides any set in CookieProfile :samesite: Set this cookie to be for only the same site, overrides any set in CookieProfile. Niz,Cookie value is too long to store (%s bytes))rrrrrz Set-Cookie)rrrrrr) _defaultrrrrrrrUrFrrr) rr:rrrrrrrZ cookievaluerrrrrJsN  zCookieProfile._get_cookies)FNNNrNN) rYrZr[rrrrrrrrrrrrrrs$,   c@s"eZdZdZd ddZdd ZdS) raK A helper for generating cookies that are signed to prevent tampering. By default this will create a single cookie, given a value it will serialize it, then use HMAC to cryptographically sign the data. Finally the result is base64-encoded for transport. This way a remote user can not tamper with the value without uncovering the secret/salt used. ``secret`` A string which is used to sign the cookie. The secret should be at least as long as the block size of the selected hash algorithm. For ``sha512`` this would mean a 512 bit (64 character) secret. ``salt`` A namespace to avoid collisions between different uses of a shared secret. ``hashalg`` The HMAC digest algorithm to use for signing. The algorithm must be supported by the :mod:`hashlib` library. Default: ``'sha512'``. ``cookie_name`` The name of the cookie used for sessioning. Default: ``'session'``. ``max_age`` The maximum age of the cookie used for sessioning (in seconds). Default: ``None`` (browser scope). ``secure`` The 'secure' flag of the session cookie. Default: ``False``. ``httponly`` Hide the cookie from Javascript by setting the 'HttpOnly' flag of the session cookie. Default: ``False``. ``samesite`` The 'SameSite' attribute of the cookie, can be either ``b"strict"``, ``b"lax"``, ``b"none"``, or ``None``. ``path`` The path used for the session cookie. Default: ``'/'``. ``domains`` The domain(s) used for the session cookie. Default: ``None`` (no domain). Can be passed an iterable containing multiple domains, this will set multiple cookies one for each domain. ``serializer`` An object with two methods: `loads`` and ``dumps``. The ``loads`` method should accept bytes and return a Python object. The ``dumps`` method should accept a Python object and return bytes. A ``ValueError`` should be raised for malformed inputs. Default: ``None`, which will use a derivation of :func:`json.dumps` and ``json.loads``. FNrrc CsJ||_||_| |_| |_t||| |jd} tj|||||||| | d dS)N)r)rrrrrrr)rrroriginal_serializerrrr) rrrrrrrrrrrrZsigned_serializerrrrrs&  zSignedCookieProfile.__init__c Cs<t|j|j|j|j|j|j|j|j|j |j |j }||_ |S)z8 Bind a request to a copy of this instance and return it) rrrrrrrrrrrrr)rrrrrrrszSignedCookieProfile.bind)FNFNrNrN)rYrZr[rrrrrrrrs6 )NrNFFNN)_rrrrrrrrrerrrZ webob.compatrrrrr r r Z webob.utilr __all__objectZ_markerrrr)r r_r*ryrrrriZ _re_quotedZ_legal_special_charsescapeZ_re_legal_charZ_re_expires_valZ_re_cookie_str_keyZ_re_cookie_str_equalZ_re_unquoted_valZ_re_cookie_str_valZ_re_cookie_strcompiler4rrrrangerrlistrNrrrrwrZ_allowed_special_chars ascii_lettersdigitsZ_allowed_cookie_charsrZ_valid_token_charsrZ_escape_noop_charsZ _escape_mapziprOrIrrrrrr3rErZ _domain_quoteZ_max_age_quoterrqrsetrarrrrrrrrrrrs$  $ @    f  Yd