o &zh @sddlZddlZddlmZddlmZddlmZddlm Z ddl m Z ddl m Z ddlmZmZdd lmZdd lmZd d d ddddZddZddZddZddZ  d&dededededef d d!Zd"ed#edefd$d%ZdS)'N) timedelta)cache) HttpRequest)timezone) get_adapter)jwtkit) SocialLogin SocialToken)Provider) GRAPH_API_URLidemail first_name last_namenamelink)subr given_name family_namer user_linkcCs2|jd}|jd}tj||tjd}|S)Nzutf-8) digestmod)tokenencodesecrethmacnewhashlibsha256 hexdigest)apprmsgkeyappsecret_proofr#i/var/www/html/kangema/venv/lib/python3.10/site-packages/allauth/socialaccount/providers/facebook/flows.pycompute_appsecret_proofs  r%cCsTtjtdd||jt|j|dd}| | }| ||}|S)Nz/me,)fields access_tokenr"params) rget_requests_sessiongetr join get_fieldsrr%rraise_for_statusjsonsociallogin_from_response)requestproviderrresp extra_dataloginr#r#r$complete_login$s    r7cCs|j}d|jd}t|}|s?tjtd|j|jddd}|| }|d}| dd }tj |||d |S) Nzallauth.facebook.app_token[]/oauth/access_tokenclient_credentials) client_id client_secret grant_typer)r(APP_TOKEN_CACHE_TIMEOUTi,)timeout) rr;rr,rr+r rr/r0 get_settingsset)r3r cache_key app_tokenr4datar?r#r#r$ get_app_token7s(  rEcCsvt|}tjtd||dd}||d}|ds'td|d|jj ks3|ds9tddS)Nz /debug_token) input_tokenr(r)rDis_valid invalid_tokenapp_id) rErr+r,r r/r0validation_errorrr;)r3rFrCr4rDr#r#r$ inspect_tokenPs   rKr3r( auth_type auth_noncereturnc Cs|j}t||d}|dkr7tjtd|j|dd}||}|o.||dk} | s7t d| drotjtdd |j|j |d d}||}|d }|d } | rot tt| d }t|||d} t||| } | | _| S)Nreauthenticatez/oauth/access_token_info)r;r(r)rNrHEXCHANGE_TOKENr9fb_exchange_token)r=r;r<rRr( expires_in)seconds)rr expires_at)rrKrr+r,r r;r/r0rJr@rrnowrintr r7r) r2r3r(rMrNrrUr4infookrSrr6r#r#r$ verify_tokenbsP      rZr2id_tokencs@tj||j|j|jjtjdfddtD}| ||S)aL Verifies a Facebook Limited Login token. See https://developers.facebook.com/docs/facebook-login/limited-login/token/validating. We validate the JWT, then convert its data/claims into a fake Facebook Graph API response, which is then passed to `provider.sociallogin_from_response` to be handled as normal. ) credentialkeys_urlissueraudience lookup_kidcs"i|] \}}|vr||qSr#r#).0 jwt_field graph_fieldjwt_datar#r$ s z.verify_limited_login_token..) rverify_and_decodelimited_login_jwks_url!limited_login_expected_jwt_issuerrr;lookup_kid_jwk JWT_FIELD_TO_GRAPH_API_FIELD_MAPitemsr1)r2r3r[ fake_responser#rdr$verify_limited_login_tokens   rn)rLrL)rrdatetimerdjango.core.cacher django.httpr django.utilsrallauth.socialaccount.adapterrallauth.socialaccount.internalrallauth.socialaccount.modelsrr $allauth.socialaccount.providers.baser 2allauth.socialaccount.providers.facebook.constantsr rkr%r7rErKstrrZrnr#r#r#r$sT           7