o &zh@sddlmZmZmZmZddlmZddlZddl m Z ddl m Z ddl mZmZmZmZmZmZmZmZddlmZddlmZdd lmZdd lmZdd lmZzd ej j!_"Wn e#ydYnwd Z$dd iZ%defddZ&deefddZ'deddfddZ(d3ddZ)de fddZ*dedefddZ+de,defdd Z-d!edefd"d#Z.deefd$d%Z/d&e0deefd'd(Z1dedefd)d*Z2d4defd+d,Z3defd-d.Z4dedefd/d0Z5Gd1d2d2Z6dS)5)AnyDictListOptional)get_user_modelN) Fido2Server)websafe_decode)AttestedCredentialDataAuthenticationResponseAuthenticatorDataPublicKeyCredentialRpEntityPublicKeyCredentialUserEntityRegistrationResponseResidentKeyRequirementUserVerificationRequirement)url_str_to_user_pk)context) app_settings) get_adapter) AuthenticatorTzmfa.webauthn.state credPropsreturncCst|}tdi|S)N)r%get_public_key_credential_user_entityr )userkwargsrr]/var/www/html/kangema/venv/lib/python3.10/site-packages/allauth/mfa/webauthn/internal/auth.pybuild_user_payload$s rcCstjjtSN)rrequestsessiongetSTATE_SESSION_KEYrrrr get_state)sr#statecCs|tjjt<dSr)rrr r")r$rrr set_state-sr%cCstjjtddSr)rrr popr"rrrr clear_state1sr'cCs:t}tdi|}d}tjrdd}t||d}|S)NcSsdS)NTr)orrr:szget_server..) verify_originr)r#get_public_key_credential_rp_entityr rWEBAUTHN_ALLOW_INSECURE_ORIGINr) rp_kwargsrpr*serverrrr get_server5s  r0responsecCs(zt|WStytdwNincorrect_code)r from_dict TypeErrorrvalidation_errorr1rrrparse_registration_response?s    r8 passwordlesscCsRt}t|}|jt|||rtjntj|rtjntjtd\}}t |t |S)N)r credentialsresident_key_requirementuser_verification extensions) r0get_credentialsregister_beginrrREQUIRED DISCOURAGEDr EXTENSIONSr%dict)rr9r/r:registration_datar$rrrbegin_registrationFs rE credentialcCsRt}t}|stdz|||}Wn ty#tdwt|Sr2)r0r#rr6register_complete ValueErrorr')rFr/r$bindingrrrcomplete_registration\s   rJcCsHg}tjj|tjjd}|D]}|jj}|r!||jjq|SN)rtype) robjectsfilterTypeWEBAUTHNwrapauthenticator_datacredential_dataappend)rr:authenticators authenticatorrSrrrr>js r> credential_idcCs<tjj|tjjd}|D]}||jjjkr|Sq dSrK) rrMrNrOrPrQrRrSrW)rrWrUrVrrr"get_authenticator_by_credential_idvs rXc Cs,zt|WSttfytdwr2)r r4r5rHrr6r7rrrparse_authentication_responses   rYcCs6t}|j|r t|ngtjd\}}t|t|S)N)r:r<)r0authenticate_beginr>r PREFERREDr%rC)rr/request_optionsr$rrrbegin_authentications r]c Csrz|did}tt|d}Wntttfy$tdwt j j |d }|s7td|S)Nr1 userHandleutf8r3)pk) r!rrdecoderHr5KeyErrorrr6rrMrNfirst)r1 user_handleuser_pkrrrrextract_user_from_responses  rfc Cst|}t}t}|stdz ||||}Wnty.}ztd|d}~wwtt||j }|s@td|Sr2) r>r0r#rr6authenticate_completerHr'rXrW)rr1r:r/r$rIerVrrrcomplete_authentications    ric@s|eZdZddZedededdfddZedefdd Z e j defd d Z ede fd d Z ede efd dZdS)WebAuthncCs ||_dSr)instance)selfrkrrr__init__s zWebAuthn.__init__namerFrcCs(t|tjj||dd}|||S)N)rnrF)rrLdata)rrOrPsave)clsrrnrFrkrrraddsz WebAuthn.addcCs |jjdSNrnrkrorlrrrrns z WebAuthn.namecCs||jjd<dSrsrt)rlrnrrrrnscCst|jjdjjjS)NrF)r8rkror1attestation_object auth_datarurrrrRs  zWebAuthn.authenticator_datacCs&|jjdidididS)NrFclientExtensionResultsrrk)rkror!rurrris_passwordlesss zWebAuthn.is_passwordlessN)__name__ __module__ __qualname__rm classmethodstrrCrrpropertyrnsetterr rRrboolrzrrrrrjs rj)rNr)7typingrrrrdjango.contrib.authrfido2.featuresfido2 fido2.serverr fido2.utilsrfido2.webauthnr r r r r rrrallauth.account.utilsr allauth.corer allauth.mfarallauth.mfa.adapterrallauth.mfa.modelsrfeatureswebauthn_json_mappingenabledAttributeErrorr"rBrr#r%r'r0r8rrErJr>bytesrXrYr]rfrirjrrrrsJ   (