o j@sddlmZmZddlmZmZmZmZmZGdddeZ Gddde Z Gddde Z Gd d d eZ Gd d d e ZGd ddeZGdddeZdS))AnyLiteral) AnyHttpUrlAnyUrl BaseModelFieldfield_validatorc@seZdZUdZeed<dZeded<dZe dBed<dZ edBed<dZ edBed<e dd d e d edBd edBfd dZdS) OAuthTokenzG See https://datatracker.ietf.org/doc/html/rfc6749#section-5.1 access_tokenBearer token_typeN expires_inscope refresh_tokenbeforemodevreturncCst|tr |S|SN) isinstancestrtitleclsrrB/home/kuhnn/.local/lib/python3.10/site-packages/mcp/shared/auth.pynormalize_token_types zOAuthToken.normalize_token_type)__name__ __module__ __qualname____doc__r__annotations__r rr intrrr classmethodrrrrrr s  "r c@eZdZdefddZdS)InvalidScopeErrormessagecC ||_dSrr'selfr'rrr__init__ zInvalidScopeError.__init__Nrrr rr,rrrrr&r&c@r%)InvalidRedirectUriErrorr'cCr(rr)r*rrrr,!r-z InvalidRedirectUriError.__init__Nr.rrrrr0 r/r0c@seZdZUdZedddZeedBed<dZ e ddBed<d d gZ ee d e Bed <d gZ ee ed<dZe dBed<dZe dBed<dZedBed<dZedBed<dZee dBed<dZedBed<dZedBed<dZedBed<dZedBed<dZe dBed<dZe dBed<edddddddededefddZd e dBdee dBfd!d"Zd#edBdefd$d%Z dS)&OAuthClientMetadataz RFC 7591 OAuth 2.0 Dynamic Client Registration metadata. See https://datatracker.ietf.org/doc/html/rfc7591#section-2 for the full specification. . min_lengthN redirect_uris)noneclient_secret_postclient_secret_basicprivate_key_jwttoken_endpoint_auth_methodauthorization_coder)r;rz+urn:ietf:params:oauth:grant-type:jwt-bearer grant_typescoderesponse_typesr client_name client_urilogo_uricontactstos_uri policy_urijwks_urijwks software_idsoftware_versionrrrrcCs|dkrdS|S)Nrrrrr"_empty_string_optional_url_to_noneJsz6OAuthClientMetadata._empty_string_optional_url_to_nonerequested_scopecCsT|durdS|d}|jdurgn|jd}|D] }||vr'td|q|S)N z%Client was not registered with scope )splitrr&)r+rKrequested_scopesallowed_scopesrrrrvalidate_scope\s z"OAuthClientMetadata.validate_scope redirect_uricCsZ|dur|jdus||jvrtd|d|S|jdur)t|jdkr)|jdStd)NzRedirect URI 'z' not registered for clientr2rzGredirect_uri must be specified when client has multiple registered URIs)r5r0len)r+rQrrrvalidate_redirect_urifs z)OAuthClientMetadata.validate_redirect_uri)!rrr r!rr5listrr"r:rr<rr>rr?r@rrArBrCrDrErFrrGrHrr$objectrJrPrSrrrrr1%sJ     r1c@sReZdZUdZdZedBed<dZedBed<dZe dBed<dZ e dBed<dS)OAuthClientInformationFullzn RFC 7591 OAuth 2.0 Dynamic Client Registration full response (client information plus metadata). N client_id client_secretclient_id_issued_atclient_secret_expires_at) rrr r!rWrr"rXrYr#rZrrrrrVrs rVc@seZdZUdZeed<eed<eed<dZedBed<dZee dBed<dgZ ee ed <dZ ee dBed <dZ ee dBed <dZ ee dBed <dZee dBed <dZedBed<dZee dBed<dZedBed<dZedBed<dZedBed<dZee dBed<dZee dBed<dZedBed<dZee dBed<dZee dBed<dZee dBed<dZedBed<dS) OAuthMetadataz{ RFC 8414 OAuth 2.0 Authorization Server Metadata. See https://datatracker.ietf.org/doc/html/rfc8414#section-2 issuerauthorization_endpointtoken_endpointNregistration_endpointscopes_supportedr=response_types_supportedresponse_modes_supportedgrant_types_supported%token_endpoint_auth_methods_supported0token_endpoint_auth_signing_alg_values_supportedservice_documentationui_locales_supported op_policy_uri op_tos_urirevocation_endpoint*revocation_endpoint_auth_methods_supported5revocation_endpoint_auth_signing_alg_values_supportedintrospection_endpoint-introspection_endpoint_auth_methods_supported8introspection_endpoint_auth_signing_alg_values_supported code_challenge_methods_supported%client_id_metadata_document_supported)rrr r!rr"r_r`rTrrarbrcrdrerfrgrhrirjrkrlrmrnrorprqboolrrrrr[~s0 r[c@seZdZUdZeed<edddZeeed<dZ edBed<dZ ee dBed <ed gd Z ee dBed <dZ ee dBed <dZe dBed<dZedBed<dZedBed<dZedBed<dZedBed<dZee dBed<dZee dBed<dZedBed<dS)ProtectedResourceMetadatazy RFC 9728 OAuth 2.0 Protected Resource Metadata. See https://datatracker.ietf.org/doc/html/rfc9728#section-2 resource.r2r3authorization_serversNrEr`header)defaultbearer_methods_supported%resource_signing_alg_values_supported resource_nameresource_documentationresource_policy_uriresource_tos_uri*tls_client_certificate_bound_access_tokens%authorization_details_types_supported!dpop_signing_alg_values_supported!dpop_bound_access_tokens_required)rrr r!rr"rrurTrEr`rrxryrzr{r|r}r~rrrrrrrrrrss rsN)typingrrpydanticrrrrrr Exceptionr&r0r1rVr[rsrrrrsM