U W+db@sdZddlZddlZddlmZddlmZGdddZGdddeZGd d d eZ d d Z e Z Gd ddeZ GdddeZ dS)z(SASL mechanisms for AMQP authentication.N)BytesIO) _write_tablec@s$eZdZdZeddZddZdS)SASLzThe base class for all amqp SASL authentication mechanisms. You should sub-class this if you're implementing your own authentication. cCstdS)z2Return a bytes containing the SASL mechanism name.NNotImplementedErrorselfr -/tmp/pip-unpacked-wheel-xhcdc304/amqp/sasl.py mechanismszSASL.mechanismcCstdS)z@Return the first response to a SASL challenge as a bytes object.Nrr connectionr r r startsz SASL.startN)__name__ __module__ __qualname____doc__propertyr rr r r r r s rc@s(eZdZdZdZddZdZddZdS) PLAINzbPLAIN SASL authentication mechanism. See https://tools.ietf.org/html/rfc4616 for details sPLAINcCs|||_|_dSNusernamepasswordrrrr r r __init__"szPLAIN.__init__rcCs^|jdks|jdkrtSt}|d||jd|d||jd|S)Nzutf-8)rrNotImplementedrwriteencodegetvaluerr Zlogin_responser r r r*s  z PLAIN.startNrrrrr r __slots__rr r r r rs rc@s(eZdZdZdZddZdZddZdS) AMQPLAINzhAMQPLAIN SASL authentication mechanism. This is a non-standard mechanism used by AMQP servers. sAMQPLAINcCs|||_|_dSrrrr r r r=szAMQPLAIN.__init__rcCsF|jdks|jdkrtSt}t|j|jd|jg|ddS)N)sLOGINsPASSWORD)rrrrrrrr r r r rEszAMQPLAIN.startNr!r r r r r#5s r#csZzddlddlWn(tk r<Gdddt}|YSXGfdddt}|SdS)Nrc@s&eZdZdZdZd ddZddZdS) z)_get_gssapi_mechanism..FakeGSSAPIz7A no-op SASL mechanism for when gssapi isn't available.NamqpFcSs|s tddS)Nz?You need to install the `gssapi` module for GSSAPI SASL supportrr client_nameservicerdns fail_softr r r rYsz2_get_gssapi_mechanism..FakeGSSAPI.__init__cSstSr)rrr r r r`sz/_get_gssapi_mechanism..FakeGSSAPI.start)Nr%FFrrrrr rrr r r r FakeGSSAPITs r,cs6eZdZdZdZd ddZdZd d Zfd d ZdS)z%_get_gssapi_mechanism..GSSAPIzsGSSAPI SASL authentication mechanism. See https://tools.ietf.org/html/rfc4752 for details sGSSAPINr%FcSs4|rt|ts|d}||_||_||_||_dS)Nascii) isinstancebytesrr'r*r(r)r&r r r rls  z._get_gssapi_mechanism..GSSAPI.__init__)r'r*r(r)cSs^|jj}|jr>|jtjtjfkr>|}t|d\}}}n|jj }t |t sZ| d}|S)Nrr-) transportsockr)familysocketAF_INETAF_INET6 getpeername gethostbyaddrhostr.r/r)rr r1Zpeerhostname_r r r get_hostname|s  z2_get_gssapi_mechanism..GSSAPI.get_hostnamecsz`|jrj|jd}nd}||}d|j|gjj}j||d}| dWSj j j k r|j rtYSYnXdS)N)name@)r<creds)r'Z CredentialsNamer;joinr(ZNameTypeZhostbased_serviceZSecurityContextsteprawmiscZGSSErrorr*r)rr r>r9r<contextgssapir r rs    z+_get_gssapi_mechanism..GSSAPI.start)Nr%FF) rrrrr rr"r;rr rEr r GSSAPIds  rG)rFZgssapi.raw.misc ImportErrorr)r,rGr rEr _get_gssapi_mechanismOs  5rIc@seZdZdZdZddZdS)EXTERNALzEXTERNAL SASL mechanism. Enables external authentication, i.e. not handled through this protocol. Only passes 'EXTERNAL' as authentication mechanism, but no further authentication data. sEXTERNALcCsdS)Nr r r r r rszEXTERNAL.startN)rrrrr rr r r r rJsrJc@s$eZdZdZdZddZddZdS)RAWzA generic custom SASL mechanism. This mechanism takes a mechanism name and response to send to the server, so can be used for simple custom authentication schemes. NcCs:t|tstt|tst|||_|_tdtdS)NznPassing login_method and login_response to Connection is deprecated. Please implement a SASL subclass instead.)r.r/AssertionErrorr responsewarningswarnDeprecationWarning)rr rNr r r rs z RAW.__init__cCs|jSr)rNr r r r rsz RAW.startr+r r r r rLsrL)rr3rOiorZamqp.serializationrrrr#rIrGrJrLr r r r s  M