?????????????????????? ??? ????????????????? JFIF    ?? C    !"$"$?? C  ?? p " ??     ??   ?   ???? (% aA*?XYD?(J??E RE,P XYae?)(E 2 B R BQ X?)X ? @ adadasdasdasasdasdas .....................................................................................................................................?????????????????????? ??? JFIF    ?? C    !"$"$?? C  ?? p " ??     ??   ?   ???? (% aA*?XYD?(J??E RE,P XYae?)(E 2 B R BQ X?)X ? @ adadasdasdasasdasdas .....................................................................................................................................ó tr jc@sddlZyddlZeZWnek r;eZnXddlZddlmZmZdZ dZ ej dƒZ ddd„ƒYZ dS( iÿÿÿÿN(tdatetimet timedeltas sos-toolss,urn:ietf:params:oauth:grant-type:device_codetsostDeviceAuthorizationClasscBsbeZdZd„Zd„Zd„Zd„Zd„Zd„Zd„Z d„Z d d „Z RS( s$ Device Authorization Class cCs;d|_d|_d|_||_||_|jƒdS(N(tNonet _access_tokent_access_expires_att&_DeviceAuthorizationClass__device_codetclient_identifier_urlttoken_endpointt_use_device_code_grant(tselfRR ((s>/usr/lib/python2.7/site-packages/sos/policies/auth/__init__.pyt__init__s      cCs)|jƒdj|jƒGH|jƒdS(su Start the device auth flow. In the future we will store the tokens in an in-memory keyring. s>Please visit the following URL to authenticate this device: {}N(t_request_device_codetformatt_verification_uri_completetpoll_for_auth_completion(R ((s>/usr/lib/python2.7/site-packages/sos/policies/auth/__init__.pyR )s  cCsûdjtƒ}idd6}ts1tdƒ‚ny’tj|jd|d|ƒ}|jƒ|jƒ}|j dƒ|_ |j dƒ|_ |j d ƒ|_ |j d ƒ|_ |j d ƒ|_Wn1tjk rö}tjd j|jƒƒ‚nXd S(sl Initialize new Device Authorization Grant attempt by requesting a new device code. s client_id={}s!application/x-www-form-urlencodeds content-typesRpython3-requests is not installed and is required for obtaining device auth token.tdatatheaderst user_codetverification_uritintervalt device_codetverification_uri_completesQHTTP request failed while attempting to acquire the tokens. Error returned was {}N(RtDEVICE_AUTH_CLIENT_IDtREQUESTS_LOADEDt ExceptiontrequeststpostRtraise_for_statustjsontgett _user_codet_verification_urit _intervalRRt HTTPErrort status_code(R RRtrestresponsete((s>/usr/lib/python2.7/site-packages/sos/policies/auth/__init__.pyR 6s*     cCs;itd6td6|jd6}ts3tdƒ‚nx|jd kr6tj|j ƒy¬t j |j d|ƒ}|j }|dkr¨tjdƒ|j|jƒƒn|dkrÉt||jƒ‚n|dkr|jƒd dkrt||jƒ‚nWq6t jjk r2}tjd j|ƒƒq6Xq6Wd S(s€ Continuously poll OIDC token endpoint until the user is successfully authenticated or an error occurs. t grant_typet client_idRsRpython3-requests is not installed and is required for obtaining device auth token.RiÈs$The SSO authentication is successfuliterrortauthorization_pendingt slow_downs+Error was found while posting a request: {}N(iÈi(R+R,(tGRANT_TYPE_DEVICE_CODERRRRRRttimetsleepR"RRR R$tloggertinfot_set_token_dataRttextt exceptionstRequestExceptionR*R(R t token_datatcheck_auth_completionR$R'((s>/usr/lib/python2.7/site-packages/sos/policies/auth/__init__.pyRSs.           cCsœ|jdƒ|_tjƒtd|jdƒƒ|_|jdƒ|_|jdƒ|_|jdkrytj|_ ntjƒtd|jƒ|_ dS(s@ Set the class attributes as per the input token_data received. In the future we will persist the token data in a local, in-memory keyring, to avoid visting the browser frequently. :param token_data: Token data containing access_token, refresh_token and their expiry etc. t access_tokentsecondst expires_int refresh_tokentrefresh_expires_iniN( RRRtutcnowRRt_refresh_tokent_refresh_expires_intmaxt_refresh_expires_at(R R6((s>/usr/lib/python2.7/site-packages/sos/policies/auth/__init__.pyR2ts  cCsE|jƒr|jS|jƒr0|jƒ|jS|jƒ|jSdS(st Get the valid access_token at any given time. :return: Access_token :rtype: string N(tis_access_token_validRtis_refresh_token_validt_use_refresh_token_grantR (R ((s>/usr/lib/python2.7/site-packages/sos/policies/auth/__init__.pytget_access_token‡s    cCs2|jo1|jo1|jtddƒtjƒkS(s¡ Check the validity of access_token. We are considering it invalid 180 sec. prior to it's exact expiry time. :return: True/False R9i´(RRRRR=(R ((s>/usr/lib/python2.7/site-packages/sos/policies/auth/__init__.pyRB—scCs2|jo1|jo1|jtddƒtjƒkS(s¢ Check the validity of refresh_token. We are considering it invalid 180 sec. prior to it's exact expiry time. :return: True/False R9i´(R>RARRR=(R ((s>/usr/lib/python2.7/site-packages/sos/policies/auth/__init__.pyRC¡scCsýtstdƒ‚nitd6dd6|s5|jn|d6}tj|jd|ƒ}|jdkr||j|j ƒƒn}|jdkrÔd|j ƒd krÔt j d j |j|j ƒd ƒƒ|j ƒn%td j |j|j ƒd ƒƒ‚d S( s¶ Fetch the new access_token and refresh_token using the existing refresh_token and persist it. :param refresh_token: optional param for refresh_token sRpython3-requests is not installed and is required for obtaining device auth token.R)R;R(RiÈitinvalidR*skProblem while fetching the new tokens from refresh token grant - {} {}. New Device code will be requested !ssSomething went wrong while using the Refresh token grant for fetching tokens:Returned status code {0} and error {1}N(RRRR>RRR R$R2RR0twarningRR (R R;trefresh_token_datatrefresh_token_res((s>/usr/lib/python2.7/site-packages/sos/policies/auth/__init__.pyRD«s&    N( t__name__t __module__t__doc__R R R RR2RERBRCRRD(((s>/usr/lib/python2.7/site-packages/sos/policies/auth/__init__.pyRs  !   ((tloggingRtTrueRt ImportErrortFalseR.RRRR-t getLoggerR0R(((s>/usr/lib/python2.7/site-packages/sos/policies/auth/__init__.pyt s