File: //var/opt/nydus/ops/mysql/connector/aio/__pycache__/authentication.cpython-39.pyc
a
�����,�hy/�����������������������@���s����d�Z�d�d�l�m�Z���d�g�Z�d�d�l�Z�d�d�l�m�Z�m�Z�m�Z�m Z ��d�d�l
m�Z�m�Z�m
Z
��d�d�l�m�Z�m�Z�m�Z�m�Z�m�Z�m�Z�m�Z���d�d l�m�Z���d
d�l�m�Z���d
d�l�m�Z�m�Z���d
d
l�m�Z���e�r�d
d�l�m�Z���G�d�d���d���Z�d�S�)�z6Implementing support for MySQL Authentication Plugins.�����)���annotations��MySQLAuthenticatorN)��
TYPE_CHECKING��Any��Dict��Optional�����)���InterfaceError��NotSupportedError�
get_exception)���AUTH_SWITCH_STATUS��DEFAULT_CHARSET_ID��DEFAULT_MAX_ALLOWED_PACKET�
ERR_STATUS��EXCHANGE_FURTHER_STATUS�
MFA_STATUS� OK_STATUS)��
HandShakeType�����)���logger)���MySQLAuthPlugin��get_auth_plugin)��
MySQLProtocol)���MySQLSocketc��������������������@���s����e�Z�d�Z�d�Z�d�d���d�d���Z�e�d�d���d�d�����Z�e�d d���d
d�����Z�d%d�d�d�d�d�d���d�d���Z�d�d�d�d���d�d���Z d�d�d�d���d�d���Z
d�d�d�d�d�e�d�e�d�d�d�d�f�d�d�d�d�d�d�d�d�d�d�d�d�d d�d!d�d"��d#d$��Z
d�S�)&r����z$Implements the authentication phase.��None)���returnc��������������������C���s(���d�|�_�i�|�_�i�|�_�d�|�_�d�|�_�d�|�_�d�S�)�z�Constructor.��FN)�� _username�
_passwords��_plugin_config��_ssl_enabled��_auth_strategy��_auth_plugin_class����self��r%����U/opt/nydus/tmp/pip-target-wkfpz8uv/lib64/python/mysql/connector/aio/authentication.py��__init__=���s����������������z�MySQLAuthenticator.__init__��boolc��������������������C���s����|�j�S�)�z&Signals whether or not SSL is enabled.)�r ���r#���r%���r%���r&�����ssl_enabledF���s������z�MySQLAuthenticator.ssl_enabledz�Dict[str, Any]c��������������������C���s����|�j�S�)�a����Custom arguments that are being provided to the authentication plugin.
The parameters defined here will override the ones defined in the
auth plugin itself.
The plugin config is a read-only property - the plugin configuration
provided when invoking `authenticate()` is recorded and can be queried
by accessing this property.
Returns:
dict: The latest plugin configuration provided when invoking
`authenticate()`.
)�r����r#���r%���r%���r&����
plugin_configK���s������z MySQLAuthenticator.plugin_configNr������strz
Optional[str]��int)���new_strategy_name��strategy_class��username��password_factorr����c��������������������C���sP���|�d�u�r�|�j�}�|�d�u�r�|�j�}�t���d�|�����t�|�|�d���|�|�j���|�d���|�j�d���|�_�d�S�)�a����Switch the authorization plugin.
Args:
new_strategy_name: New authorization plugin name to switch to.
strategy_class: New authorization plugin class to switch to
(has higher precedence than the authorization plugin name).
username: Username to be used - if not defined, the username
provided when `authentication()` was invoked is used.
password_factor: Up to three levels of authentication (MFA) are allowed,
hence you can choose the password corresponding to the 1st,
2nd, or 3rd factor - 1st is the default.
Nz�Switching to strategy %s)�Z�plugin_name��auth_plugin_classr����)�r)���) r����r"���r������debugr����r������getr)���r!���)�r$���r-���r.���r/���r0���r%���r%���r&�����_switch_auth_strategy\���s����������������������������z(MySQLAuthenticator._switch_auth_strategyr������bytesz�Optional[bytes])���sock��pktr����c������������������������s����d�}�|�d���t�k�r�|�|�j�v�r"t�d�����t���|���\�}�}�|�j�|�|�d�����t���d�|�|�j�j ����|�j�j
|�|�f�i�|�j�����I�d�H�}�|�d���t�k�r�t��
|���}�|�j�j�|�|�f�i�|�j�����I�d�H�}�|�d���t�k�r�t���d�����|�S�|�d���t�k�r�t�|�����|�d�7�}�q�t���d ����d�S�)
a����Handle MFA (Multi-Factor Authentication) response.
Up to three levels of authentication (MFA) are allowed.
Args:
sock: Pointer to the socket connection.
pkt: MFA response.
Returns:
ok_packet: If last server's response is an OK packet.
None: If last server's response isn't an OK packet and no ERROR was raised.
Raises:
InterfaceError: If got an invalid N factor.
errors.ErrorTypes: If got an ERROR response.
r���������z5Failed Multi Factor Authentication (invalid N factor))�r0���z�MFA %i factor %sNz�MFA completed succesfullyr����z"MFA terminated with a no ok packet)�r����r����r ���r����Z�parse_auth_next_factorr4���r����r2���r!�����name��auth_switch_responser����r������parse_auth_more_data��auth_more_responser����r����r������warning)�r$���r6���r7���Z�n_factorr-���� auth_datar%���r%���r&����
_mfa_n_factor~���s:���������
�������������������������
�������������
�������
�
�z MySQLAuthenticator._mfa_n_factorc������������������������s����|�d���t�k�r t�|���d�k�r t�d�����|�d���t�k�rlt���d�����t���|���\�}�}�|���|�����|�j�j |�|�f�i�|�j
����I�d�H�}�|�d���t�k�r�t���d�����t���|���}�|�j�j
|�|�f�i�|�j
����I�d�H�}�|�d���t�k�r�t���d�|�j�j�����|�S�|�d���t�k���r�t���d�����t���d |�j�j�����|���|�|���I�d�H�S�|�d���t�k���r�t�|�����d�S�)
a����Handle server's response.
Args:
sock: Pointer to the socket connection.
pkt: Server's response after completing the `HandShakeResponse`.
Returns:
ok_packet: If last server's response is an OK packet.
None: If last server's response isn't an OK packet and no ERROR was raised.
Raises:
errors.ErrorTypes: If got an ERROR response.
NotSupportedError: If got Authentication with old (insecure) passwords.
r8��������z�Authentication with old (insecure) passwords is not supported. For more information, lookup Password Hashing in the latest MySQL manualz+Server's response is an auth switch requestNz�Exchanging further packetsz�%s completed succesfullyz$Starting multi-factor authenticationz�MFA 1 factor %s)�r������lenr
���r����r2���r����Z�parse_auth_switch_requestr4���r!���r:���r����r����r;���r<���r����r9���r����r?���r����r����)�r$���r6���r7���r-���r>���r%���r%���r&�����_handle_server_response����s>���������������
���
�������������
�
�������������������
���������z*MySQLAuthenticator._handle_server_responser����r����Fr����z�Optional[Dict[str, str]]r����)�r6���� handshaker/���� password1� password2� password3��database��charset��client_flags��max_allowed_packet��auth_pluginr1����
conn_attrs��is_change_user_requestr*���r����c������������������������s����|�|�_�|�|�|�d���|�_�t���|���|�_�|�|�_�t�j�|�|�|�|�|�| |
|�|�|
|�|�j�|�j d��
\�}�|�_
|�r\d�n�d�}�|�j�|�g�|���R���I�d�H���t�|��
��I�d�H���}�|���|�|���I�d�H�}�|�d�u�r�t�d���d���|�S�)�a
���Perform the authentication phase.
During re-authentication you must set `is_change_user_request` to True.
Args:
sock: Pointer to the socket connection.
handshake: Initial handshake.
username: Account's username.
password1: Account's password factor 1.
password2: Account's password factor 2.
password3: Account's password factor 3.
database: Initial database name for the connection.
charset: Client charset (see [1]), only the lower 8-bits.
client_flags: Integer representing client capabilities flags.
max_allowed_packet: Maximum packet size.
auth_plugin: Authorization plugin name.
auth_plugin_class: Authorization plugin class (has higher precedence
than the authorization plugin name).
conn_attrs: Connection attributes.
is_change_user_request: Whether is a `change user request` operation or not.
plugin_config: Custom configuration to be passed to the auth plugin
when invoked. The parameters defined here will override the
ones defined in the auth plugin itself.
Returns:
ok_packet: OK packet.
Raises:
InterfaceError: If OK packet is NULL.
References:
[1]: https://dev.mysql.com/doc/dev/mysql-server/latest/ page_protocol_basic_character_set.html#a_protocol_character_set
)�r����r���������)
rC���r/�����passwordrG���rH���rI���rJ���rK���r1���rL���rM���r)���r*���)�r����r����)�NNNz�Got a NULL ok_pkt)�r����r������copy��deepcopyr����r"���r����Z make_authr)���r*���r!�����writer5�����readrB���r ���)�r$���r6���rC���r/���rD���rE���rF���rG���rH���rI���rJ���rK���r1���rL���rM���r*���Z�response_payloadZ send_argsr7���Z�ok_pktr%���r%���r&�����authenticate����s4����5������������������������������������������������
�z�MySQLAuthenticator.authenticate)�NNr����)���__name__�
__module__��__qualname__��__doc__r'�����propertyr)���r*���r4���r?���rB���r
���r����rT���r%���r%���r%���r&���r����:���s2�������� ���������������"�6�;������������������������) rX����
__future__r������__all__rP�����typingr����r����r����r������errorsr ���r
���r������protocolr����r
���r����r����r����r����r������typesr����r����Z�pluginsr����r����r������networkr����r����r%���r%���r%���r&�����<module>����s����������������$ ������������