qh")SrSSKrSSKrSSKrSSKJrJr SSKJr SSK J r J r SSK J r SS KJr SS KJr \R$"\5r"S S \ 5rg) z oauthlib.oauth2.rfc6749.endpoint.metadata ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ An implementation of the `OAuth 2.0 Authorization Server Metadata`. .. _`OAuth 2.0 Authorization Server Metadata`: https://tools.ietf.org/html/rfc8414 N) grant_typesutils)AuthorizationEndpoint) BaseEndpointcatch_errors_and_unavailability)IntrospectEndpoint)RevocationEndpoint) TokenEndpointcf\rSrSrSr0S4Sjr\SSj5rSSjrSr S r S r S r S r S rg)MetadataEndpointaOAuth2.0 Authorization Server Metadata endpoint. This specification generalizes the metadata format defined by `OpenID Connect Discovery 1.0` in a way that is compatible with OpenID Connect Discovery while being applicable to a wider set of OAuth 2.0 use cases. This is intentionally parallel to the way that OAuth 2.0 Dynamic Client Registration Protocol [`RFC7591`_] generalized the dynamic client registration mechanisms defined by OpenID Connect Dynamic Client Registration 1.0 in a way that is compatible with it. .. _`OpenID Connect Discovery 1.0`: https://openid.net/specs/openid-connect-discovery-1_0.html .. _`RFC7591`: https://tools.ietf.org/html/rfc7591 Tc[U[5(deUHn[U[5(aMe [R"U5 X0lXlX lUR5Ulg)N) isinstancedictr__init__ raise_errors endpointsinitial_claimsvalidate_metadata_serverclaims)selfrrrendpoints \/var/www/html/env/lib/python3.13/site-packages/oauthlib/oauth2/rfc6749/endpoints/metadata.pyrMetadataEndpoint.__init__(sc&$''''!Hh 55 55" d#("$335 NcRSSS.nU[R"UR5S4$)z!Create metadata response zapplication/json*)z Content-TypezAccess-Control-Allow-Origin)jsondumpsr)ruri http_methodbodyheaderss rcreate_metadata_response)MetadataEndpoint.create_metadata_response3s- /+.  4;;/44rcUR(dgX!;a"U(a[SRU55egU(ap[R"X5(d[SRX!U55eSX;dSX;dSX;a[SRX!U55egU(a6XR S5(d[SRX!U55egU(as[ X[5(d[S RX!U55eXH6n[ U[5(aM[S RX!UU55e gg) Nzkey {} is a mandatory metadata.zkey {}: {} must be an HTTPS URL?&#z8key {}: {} must not contain query or fragment componentshttpzkey {}: {} must be an URLzkey {}: {} must be an Arrayz/array {}: {} must contains only string (not {})) r ValueErrorformatris_secure_transport startswithrliststr)rarraykey is_requiredis_listis_url is_issuerelems rvalidate_metadata"MetadataEndpoint.validate_metadata>sN     !B!I!I#!NOO,,UZ88 !B!I!I#UXz!Z[[ej C5:$5 9J ![!b!bcfnqhr!stt:K:((00 !!E!EcQT:!VWW !$,,$%V%]%]^ailcmos%tuu#rcURRURR55 URSSS/5 UR USSS9 UR USSS9 UR USSSS9 g ) z If the token endpoint is used in the grant type, the value of this parameter MUST be the same as the value of the "grant_type" parameter passed to the token endpoint defined in the grant type definition. %token_endpoint_auth_methods_supportedclient_secret_postclient_secret_basicTr70token_endpoint_auth_signing_alg_values_supportedtoken_endpointr6r8N) _grant_typesextendkeys setdefaultr;rrrs rvalidate_metadata_token(MetadataEndpoint.validate_metadata_tokenWs   !6!6!;!;!=>ADXZoCpq v'NX\] v'Ycgh v'7TRVWrc URS[[SURR 5555 URSSS/5 SUS;aUR R S5 URUSSSS 9 URUSSS 9 S US;aURS n[U[R5(d[US 5(a URnURS [URR 555 URUS SS 9 URUSSSS9 g)Nresponse_types_supportedc US:g$)Nnone)xs rBMetadataEndpoint.validate_metadata_authorization..gsV rresponse_modes_supportedqueryfragmenttokenimplicitT)r6r7rAcode default_grant code_challenge_methods_supportedauthorization_endpointrD)rHr2filter_response_typesrGrEappendr;rrAuthorizationCodeGranthasattrrZ_code_challenge_methods)rrr code_grants rvalidate_metadata_authorization0MetadataEndpoint.validate_metadata_authorizationes@4v&;X=U=U=Z=Z=\]^ `4w 6KL f78 8    $ $Z 0 v'At]ab v'A4P V67 7!11&9Jj+*L*LMMRYZdfuRvRv'55   @":#E#E#J#J#LM O  " "6+MW[ " \ v'?TZ^_rcURSSS/5 URUSSS9 URUSSS9 URUSSSS9 g) N*revocation_endpoint_auth_methods_supportedr?r@TrA5revocation_endpoint_auth_signing_alg_values_supportedrevocation_endpointrDrHr;rIs rvalidate_metadata_revocation-MetadataEndpoint.validate_metadata_revocation|sfF/1FG I v'S]ab v'^hlm v'<$W[\rcURSSS/5 URUSSS9 URUSSS9 URUSSSS9 g) N-introspection_endpoint_auth_methods_supportedr?r@TrA8introspection_endpoint_auth_signing_alg_values_supportedintrospection_endpointrDrjrIs rvalidate_metadata_introspection0MetadataEndpoint.validate_metadata_introspectionsfI/1FG I v'V`de v'akop v'?TZ^_rc[R"UR5nURUSSSS9 URUSSS9 URUSSS9 URUSSS9 URUS SS9 URUS SS9 URUS SS9 /UlUR Hn[ U[5(aURX5 [ U[5(aURX5 [ U[5(aURX5 [ U[5(dMURX5 M URS UR5 URUS SS9 U$) aN Authorization servers can have metadata describing their configuration. The following authorization server metadata values are used by this specification. More details can be found in `RFC8414 section 2`_ : issuer REQUIRED authorization_endpoint URL of the authorization server's authorization endpoint [`RFC6749#Authorization`_]. This is REQUIRED unless no grant types are supported that use the authorization endpoint. token_endpoint URL of the authorization server's token endpoint [`RFC6749#Token`_]. This is REQUIRED unless only the implicit grant type is supported. scopes_supported RECOMMENDED. response_types_supported REQUIRED. Other OPTIONAL fields: jwks_uri, registration_endpoint, response_modes_supported grant_types_supported OPTIONAL. JSON array containing a list of the OAuth 2.0 grant type values that this authorization server supports. The array values used are the same as those used with the "grant_types" parameter defined by "OAuth 2.0 Dynamic Client Registration Protocol" [`RFC7591`_]. If omitted, the default value is "["authorization_code", "implicit"]". token_endpoint_auth_methods_supported token_endpoint_auth_signing_alg_values_supported service_documentation ui_locales_supported op_policy_uri op_tos_uri revocation_endpoint revocation_endpoint_auth_methods_supported revocation_endpoint_auth_signing_alg_values_supported introspection_endpoint introspection_endpoint_auth_methods_supported introspection_endpoint_auth_signing_alg_values_supported code_challenge_methods_supported Additional authorization server metadata parameters MAY also be used. Some are defined by other specifications, such as OpenID Connect Discovery 1.0 [`OpenID.Discovery`_]. .. _`RFC8414 section 2`: https://tools.ietf.org/html/rfc8414#section-2 .. _`RFC6749#Authorization`: https://tools.ietf.org/html/rfc6749#section-3.1 .. _`RFC6749#Token`: https://tools.ietf.org/html/rfc6749#section-3.2 .. _`RFC7591`: https://tools.ietf.org/html/rfc7591 .. _`OpenID.Discovery`: https://openid.net/specs/openid-connect-discovery-1_0.html issuerT)r6r9jwks_uri)r8scopes_supportedrAservice_documentationui_locales_supported op_policy_uri op_tos_urigrant_types_supported)copydeepcopyrr;rErrr rJrrdr rkr rqrHrIs rr)MetadataEndpoint.validate_metadata_serversjTt223 vxTTR vz$? v'94H v'>tL v'=tL vtD v|DAH(M22,,V>($9::44VF($67711&C($67744VF' 143D3DE v'>M r)rErrrr)GETNN)FFFF)__name__ __module__ __qualname____firstlineno____doc__rr r'r;rJrdrkrqr__static_attributes__rPrrrrsQ *,$ 6%DH)-5%5v2 X`.]`brr)rr|r!loggingrr authorizationrbaserr introspectr revocationr rWr getLoggerrlogrrPrrrsE !0?**  !W|Wr