a

X>hb�@s�dZd
dl
Z
d
dlZd
dlmZ
d
dlmZ
Gdd�d�ZGdd�de�ZGd	d
�d
e�Z	dd�Z
e
�ZGd
d�de�ZGdd�de�Z
dS)z(SASL mechanisms for AMQP authentication.�N)
�BytesIO)
�_write_tablec@s$eZ
dZd
Zedd��
Zdd�ZdS)�SASLz�The base class for all amqp SASL authentication mechanisms.

    You should sub-class this if you're implementing your own authentication.
    c


Cst�
d
S)z2Return a bytes containing the SASL mechanism name.N�
�NotImplementedError�
�self�r	�3/usr/local/lib/python3.9/site-packages/amqp/sasl.py�	mechanismszSASL.mechanismc
Cst�
d
S)z@Return the first response to a SASL challenge as a bytes object.Nr�r�
connectionr	r	r
�startsz
SASL.startN)�__name__�
__module__�__qualname__�__doc__�propertyrrr	r	r	r
r
s


rc@s(eZ
dZd
ZdZdd�ZdZdd�ZdS)	�PLAINzbPLAIN SASL authentication mechanism.

    See https://tools.ietf.org/html/rfc4616 for details
    sPLAINcCs|
||_|_
dS�
N��username�password�rrrr	r	r
�__init__"s
zPLAIN.__init__rcCs^|jdus|j
durtSt�}|�d
�

|�|j�d�
�

|�d
�

|�|j
�d�
�

|��S)N�
zutf-8)rr�NotImplementedr�write�encode�getvalue�rr
Zlogin_responser	r	r
r*s









zPLAIN.startN�rrrrrr�	__slots__rr	r	r	r
rs

rc@s(eZ
dZd
ZdZdd�ZdZdd�ZdS)	�AMQPLAINzhAMQPLAIN SASL authentication mechanism.

    This is a non-standard mechanism used by AMQP servers.
    sAMQPLAINcCs|
||_|_
dSrrrr	r	r
r=s
zAMQPLAIN.__init__rcCsF|jdus|j
durtSt�}t|j|j
d
�|jg�
|��dd�S)N)sLOGINsPASSWORD�)rrrrrrrr r	r	r
rEs




�zAMQPLAIN.startNr!r	r	r	r
r#5s

r#csXzd
dl�d
dl
�Wn&ty:


Gdd�dt�}|YS0G�f
dd�dt�}
|
SdS)Nr
c@s&eZ
dZd
ZdZd	dd�
Zdd�ZdS)
z)_get_gssapi_mechanism.<locals>.FakeGSSAPIz7A no-op SASL mechanism for when gssapi isn't available.N�amqpFcSs|std
�
�
dS)Nz?You need to install the `gssapi` module for GSSAPI SASL supportr�r�client_name�service�rdns�	fail_softr	r	r
rYs

�z2_get_gssapi_mechanism.<locals>.FakeGSSAPI.__init__c


SstSr)
rrr	r	r
r`s
z/_get_gssapi_mechanism.<locals>.FakeGSSAPI.start)Nr%FF�rrrrrrrr	r	r	r
�
FakeGSSAPITs

�
r,cs6eZ
dZd
ZdZd
dd�
ZdZd	d
�Z�f
dd�ZdS)z%_get_gssapi_mechanism.<locals>.GSSAPIzsGSSAPI SASL authentication mechanism.

            See https://tools.ietf.org/html/rfc4752 for details
            sGSSAPINr%FcSs4|
rt|
t
�s|
�d
�
}
|
|_||_||_||_dS)N�ascii)�
isinstance�bytesrr'r*r(r)r&r	r	r
rls





z._get_gssapi_mechanism.<locals>.GSSAPI.__init__)r'r*r(r)cSs^|
jj
}|jr>|jtjtjfvr>|��}t�|d
�
\}}}n|
jj	}t
|t�sZ|�d�
}|S)Nr
r-)
�	transport�sockr)�family�socket�AF_INET�AF_INET6�getpeername�
gethostbyaddr�hostr.r/r)rr
r1�peer�hostname�
_r	r	r
�get_hostname|s


�





z2_get_gssapi_mechanism.<locals>.GSSAPI.get_hostnamecs�z`|jr�j
��|j�
d
�
}nd}|�|
�
}��d�|j|g�
�jj�}�j||d�}|�	d�
WS�j
jjy�


|j
r�tYS�Yn0dS)N)
�name�
@)r=�creds)r'�Credentials�Namer<�joinr(ZNameTypeZhostbased_serviceZSecurityContext�step�raw�miscZGSSErrorr*r)rr
r?r:r=�context�
�gssapir	r
r�s 




�



�



z+_get_gssapi_mechanism.<locals>.GSSAPI.start)Nr%FF)	rrrrrrr"r<rr	rGr	r
�GSSAPIds

�
	rI)rHZgssapi.raw.misc�ImportErrorr)r,rIr	rGr
�_get_gssapi_mechanismOs





5rKc@seZ
dZd
ZdZdd�ZdS)�EXTERNALz�EXTERNAL SASL mechanism.

    Enables external authentication, i.e. not handled through this protocol.
    Only passes 'EXTERNAL' as authentication mechanism, but no further
    authentication data.
    sEXTERNALc
Csd
S)N�r	rr	r	r
r�s
zEXTERNAL.startN)rrrrrrr	r	r	r
rL�s
rLc@s$eZ
dZd
ZdZdd�Zdd�ZdS)�RAWz�A generic custom SASL mechanism.

    This mechanism takes a mechanism name and response to send to the server,
    so can be used for simple custom authentication schemes.
    NcCs:t|
t
�sJ�
t|t
�sJ�
|
||_|_t�d
t�
dS)NznPassing login_method and login_response to Connection is deprecated. Please implement a SASL subclass instead.)r.r/r�response�warnings�warn�DeprecationWarning)rrrOr	r	r
r�s



�zRAW.__init__c
Cs|jSr)
rOrr	r	r
r�s
z	RAW.startr+r	r	r	r
rN�s
rN)rr3rP�iorZamqp.serializationrrrr#rKrIrLrNr	r	r	r
�<module>
s

M