qhSrSSKJr SSKrSSKrSSKJr SSKrSSKJ r SSK J r SSK J r SSKJr \(aSS KJr "S S \ 5rg) a Sign In With Apple authentication backend. Docs: * https://developer.apple.com/documentation/signinwithapplerestapi * https://developer.apple.com/documentation/signinwithapplerestapi/tokenresponse Settings: * `TEAM` - your team id; * `KEY` - your key id; * `CLIENT` - your client id; * `AUDIENCE` - a list of authorized client IDs, defaults to [CLIENT]. Use this if you need to accept both service and bundle id to be able to login both via iOS and ie a web form. * `SECRET` - your secret key; * `SCOPE` (optional) - e.g. `['name', 'email']`; * `EMAIL_AS_USERNAME` - use apple email is username is set, use apple id otherwise. * `AppleIdAuth.TOKEN_TTL_SEC` - time before JWT token expiration, seconds. * `SOCIAL_AUTH_APPLE_ID_INACTIVE_USER_LOGIN` - allow inactive users email to login ) annotationsN) TYPE_CHECKING) RSAAlgorithm) PyJWTError) BaseOAuth2) AuthFailed)JWKDictc^\rSrSrSrSrSrSrSrSr Sr S r S r S r S rS rSrU4SjrSrSrSrSSSjjrSrSrU4SjrSrU=r$) AppleIdAuth)zapple-idz#https://appleid.apple.com/auth/keysz(https://appleid.apple.com/auth/authorizez$https://appleid.apple.com/auth/tokenNsubid_tokenTFz%20zhttps://appleid.apple.comiNcFURS5nURSU/S9$)NCLIENTAUDIENCE)defaultsetting)self client_ids L/var/www/html/env/lib/python3.13/site-packages/social_core/backends/apple.py get_audienceAppleIdAuth.get_audience:s%LL* ||J |<<c>[TU]"U0UD6nUR(aURUS'U$UR5(aSUS'U$)zV Apple requires to set `response_mode` to `form_post` if `scope` parameter is passed. response_mode form_post)super auth_params RESPONSE_MODE get_scope)rargskwargsparams __class__s rrAppleIdAuth.auth_params>sW $d5f5   &*&8&8F? # ^^  &1F? # rc$URS5$)zt Return contents of the private key file. Override this method to provide secret key from another source if needed. SECRETr)rs rget_private_keyAppleIdAuth.get_private_keyJs ||H%%rch[[R"55nURRSUR S55nUR S5nUR S5nUR 5nSU0nUUXR -URUS.n[R"XuSUS9$) NrrTEAMKEYkid)issiatexpaudr ES256)key algorithmheaders) inttimedatagetrr) TOKEN_TTL_SECTOKEN_AUDIENCEjwtencode)rnowrteam_idkey_id private_keyr6payloads rgenerate_client_secret"AppleIdAuth.generate_client_secretQs$))+IIMM+t||H/EF ,,v&e$**, &/+++&&  zz'gwWWrc~URRSURS55nUR5nX4$)Nrr)r9r:rrD)rr client_secrets rget_key_and_secretAppleIdAuth.get_key_and_secretcs6IIMM+t||H/EF 335 ''rc^URURS9RS5n[U[5(aU(d [ US5eT(a)[ R"[U4SjU555$SU5$)z5 Return requested Apple public key or all available. )urlkeyszInvalid jwk responsec3<># UHoST:XdM Uv M g7f)r.N).0r4r.s r ,AppleIdAuth.get_apple_jwk..rs"L$3e*:K33$s  c3N# UHn[R"U5v M g7fN)jsondumps)rOr4s rrPrQus04C 34s#%) get_jsonJWK_URLr: isinstancelistrrTrUnext)rr.rLs ` r get_apple_jwkAppleIdAuth.get_apple_jwkhsk}}}.226:$%%TT#9: : ::d"L$"LLM M1400rcPU(d [US5e[R"U5RS5n[R "UR U55n[R"UUUR5S/S9nU$![an[USU35eSnAff=f)zR Decode and validate JWT token from apple and return payload including user data. Missing id_token parameterr.RS256)r4audience algorithmszToken validation failed by N) rr=get_unverified_headerr:rfrom_jwkr[decoderr)rrr. public_keydecodederrors rdecode_id_tokenAppleIdAuth.decode_id_tokenws T#?@ @ J++H599%@C%..t/A/A#/FGJjj**,#9 G JT%@#HI I JsA0B B%B  B%c[R"URRSS55RS05nUR SURSS5URSS5S9up4nURSS5nURUR S5nU=(d SU=(d SU=(d SUS .nU(aUR S 5(aXhS 'U(aUR S 5(dXxS 'U$) Nuserz{}name firstNamelastName)fullname first_name last_nameemail)rprqrrrsEMAIL_AS_USERNAMEusername)rTloadsr9r:get_user_namesID_KEYr) rresponserlrprqrrrsapple_id user_detailss rget_user_detailsAppleIdAuth.get_user_detailsszz$))--56::62F*.*=*=xx R0hhz2.+>+ 'i  Wb)<< R0!(D$,"*d  T\\"566', $ DLL)<=='/ $rc>URSS5=(d 0nURUR5=(d UnU(d [US5eUR U5n[ TU]"U/UQ7SU0UD6$)Nryr^)popr: TOKEN_KEYrrhrdo_auth)r access_tokenr"r#ry jwt_string decoded_datar%s rrAppleIdAuth.do_authsn::j$/52\\$..1A\ T#?@ @++J7 w|TTTlTVTTrrNrS)returnz str | JWKDict)__name__ __module__ __qualname____firstlineno__rlrWAUTHORIZATION_URLACCESS_TOKEN_URLr rxrSTATE_PARAMETERREDIRECT_STATESCOPE_SEPARATORr<r;rrr)rDrHr[rhr|r__static_attributes__ __classcell__)r%s@rr r )sv D3GB=M FIONO0N)M= &X$( 1.0UUrr )__doc__ __future__rrTr8typingrr=jwt.algorithmsrjwt.exceptionsrsocial_core.backends.oauthrsocial_core.exceptionsr jwt.typesr r rNrrrs=.# '%1-!EU*EUr