(ph-SrSSKrSSKJr SSKJr SSKJr SSKJr SSKJr SSjr S r S r S r SS jr SS jrg)aA module that provides functions for handling rapt authentication. Reauth is a process of obtaining additional authentication (such as password, security token, etc.) while refreshing OAuth 2.0 credentials for a user. Credentials that use the Reauth flow must have the reauth scope, ``https://www.googleapis.com/auth/accounts.reauth``. This module provides a high-level function for executing the Reauth process, :func:`refresh_grant`, and lower-level helpers for doing the individual steps of the reauth process. Those steps are: 1. Obtaining a list of challenges from the reauth server. 2. Running through each challenge and sending the result back to the reauth server. 3. Refreshing the access token using the returned rapt token. N) exceptions)_client) _client_async) challenges)reauthc# SU0nU(aX4S'[R"U[RS-UUSS9IShvN $N7f)aDoes initial request to reauth API to get the challenges. Args: request (google.auth.transport.Request): A callable used to make HTTP requests. This must be an aiohttp request. supported_challenge_types (Sequence[str]): list of challenge names supported by the manager. access_token (str): Access token with reauth scopes. requested_scopes (Optional(Sequence[str])): Authorized scopes for the credentials. Returns: dict: The response from the reauth API. supportedChallengeTypes oauthScopesForDomainPolicyLookupz:startT access_tokenuse_jsonN)r_token_endpoint_requestr _REAUTH_API)requestsupported_challenge_typesr requested_scopesbodys N/var/www/html/venv/lib/python3.13/site-packages/google/oauth2/_reauth_async.py_get_challengesr,sU &'@ AD3C /066X% !   s> !   sAA A A c .# USGHnUSS:waM[RRUSS5nU(d][R"SR USSR [[RR55555eUR(d([R"SR US55eURU5nU(d g[UUS US UU5IShvN s $ gN 7f) aTGet the next challenge from msg and run it. Args: msg (dict): Reauth API response body (either from the initial request to https://reauth.googleapis.com/v2/sessions:start or from sending the previous challenge response to https://reauth.googleapis.com/v2/sessions/id:continue) request (google.auth.transport.Request): A callable used to make HTTP requests. This must be an aiohttp request. access_token (str): reauth access token Returns: dict: The response from the reauth API. Raises: google.auth.exceptions.ReauthError: if reauth failed. rstatusREADY challengeTypeNz4Unsupported challenge type {0}. Supported types: {1},z%Challenge {0} is not locally eligiblerr) rAVAILABLE_CHALLENGESgetrReauthFailErrorrjoinlistkeysis_locally_eligibleobtain_challenge_inputr )msgrr challengecrs r_run_next_challenger1js$& X ' )   + + / / /0JD Q,,FMMo.HHT*"A"A"F"F"HIJ  $$,,7>>o.  // : +    m $      +'8  sDD D Dc# [U[[RR 55UU5IShvN nUS[ R :XaUS$[S[ R5HnUS[ R:Xd?US[ R:Xd([R"SRUS55e[ R"5(d[R"S5e[X0U5IShvN nUS[ R :XdMUSs $ [R"S5eGNN?7f)aGiven an http request method and reauth access token, get rapt token. Args: request (google.auth.transport.Request): A callable used to make HTTP requests. This must be an aiohttp request. access_token (str): reauth access token requested_scopes (Sequence[str]): scopes required by the client application Returns: str: The rapt token. Raises: google.auth.exceptions.ReauthError: if reauth failed Nr"encodedProofOfReauthTokenrz6Reauthentication challenge failed due to API error: {}z_Reauthentication challenge could not be answered because you are not in an interactive session.zFailed to obtain rapt token.)rr*rr&r+r_AUTHENTICATEDrangeRUN_CHALLENGE_RETRY_LIMIT_CHALLENGE_REQUIRED_CHALLENGE_PENDINGrr(ris_interactiver1)rr rr._s r _obtain_raptr;s1  Z , , 1 1 34  C 8}---.// 1f66 7 MV77 78} 9 99,,HOOM  $$&&,,.  (lCC x=F11 123 3)8.  $ $%C DDC 6Ds(7EE CE E  E* E Ec # [RRS5 [R"UUUUU[ R /S9IShvN un n[XUS9IShvN nU$NN7f)ahGiven an http request method and refresh_token, get rapt token. Args: request (google.auth.transport.Request): A callable used to make HTTP requests. This must be an aiohttp request. client_id (str): client id to get access token for reauth scope. client_secret (str): client secret for the client_id refresh_token (str): refresh token to refresh access token token_uri (str): uri to refresh access token scopes (Optional(Sequence[str])): scopes required by the client application Returns: str: The rapt token. Raises: google.auth.exceptions.RefreshError: If reauth failed. zReauthentication required. )r client_id client_secret refresh_token token_uriscopesN)r)sysstderrwriter refresh_grantr _REAUTH_SCOPEr;) rr=r>r?r@rAr r: rapt_tokens rget_rapt_tokenrHsw&JJ34#0"="=##$$% #L!Q$GFSSJ Ts$A A/ A+A/$A-%A/-A/c # [RUUUS.nU(aSRU5US'U(aXhS'[R"XU5IShvN upn U (dU R S5[ R:XaU R S5[ R:Xd#U R S5[ R:XaWU(d[R"S5e[XXBXS 9IShvN nXhS'[R"XU5IShvN un n n U (d[R"X5 [R"X5n X4-$GNNfNE7f) aImplements the reauthentication flow. Args: request (google.auth.transport.Request): A callable used to make HTTP requests. This must be an aiohttp request. token_uri (str): The OAuth 2.0 authorizations server's token endpoint URI. refresh_token (str): The refresh token to use to get a new access token. client_id (str): The OAuth 2.0 application's client ID. client_secret (str): The Oauth 2.0 appliaction's client secret. scopes (Optional(Sequence[str])): Scopes to request. If present, all scopes must be authorized for the refresh token. Useful if refresh token has a wild card scope (e.g. 'https://www.googleapis.com/auth/any-api'). rapt_token (Optional(str)): The rapt token for reauth. enable_reauth_refresh (Optional[bool]): Whether reauth refresh flow should be used. The default value is False. This option is for gcloud only, other users should use the default value. Returns: Tuple[str, Optional[str], Optional[datetime], Mapping[str, str], str]: The access token, new refresh token, expiration, the additional data returned by the token endpoint, and the rapt token. Raises: google.auth.exceptions.RefreshError: If the token endpoint returned an error. ) grant_typer=r>r? scoperaptNerror error_subtypezaReauthentication is needed. Please run `gcloud auth application-default login` to reauthenticate.)rA)r_REFRESH_GRANT_TYPEr)r _token_endpoint_request_no_throwr'r_REAUTH_NEEDED_ERROR!_REAUTH_NEEDED_ERROR_INVALID_RAPT"_REAUTH_NEEDED_ERROR_RAPT_REQUIREDr RefreshErrorrH_handle_error_response_handle_refresh_grant_response) rr@r?r=r>rArGenable_reauth_refreshrresponse_status_ok response_dataretryable_errorrefresh_responses rrErEsaP11&&  D (W !V ?L?m?mD@:6    g &&*E*E E   o .77 8  1889%))s *  i  "V  @@       &&}F== m ++G:$  s8AE&EB"E&;E"<"E&E$AE&"E&$E&)N)NNF)__doc__rB google.authr google.oauth2rrrrrr r1r;rHrErrbs[( "!'$ HL:B.b0EhIM"V U,ra