Ld5ddlZddlmZddlmZmZddlmZddlm Z ddl m Z m Z ddlmZdd lmZdd lmZdd lmZGd d e Z dZe eZdS)N)contextmanager)gjson)request) LocalProxy) OAuth2ErrorResourceProtector)MissingAuthorizationError)FlaskJsonRequest)token_authenticated)raise_http_exceptionc@eZdZdZdZddZeddZd dZdS) r a~A protecting method for resource servers. Creating a ``require_oauth`` decorator easily with ResourceProtector:: from authlib.integrations.flask_oauth2 import ResourceProtector require_oauth = ResourceProtector() # add bearer token validator from authlib.oauth2.rfc6750 import BearerTokenValidator from project.models import Token class MyBearerTokenValidator(BearerTokenValidator): def authenticate_token(self, token_string): return Token.query.filter_by(access_token=token_string).first() require_oauth.register_token_validator(MyBearerTokenValidator()) # protect resource with require_oauth @app.route('/user') @require_oauth(['profile']) def user_profile(): user = User.query.get(current_token.user_id) return jsonify(user.to_dict()) c|j}tjt|}|}t |||dS)zRaise HTTPException for OAuth2Error. Developers can re-implement this method to customize the error response. :param error: OAuth2Error :raise: HTTPException N) status_coderdumpsdictget_body get_headersr)selferrorstatusbodyheaderss ZF:\djangOuth\env\Lib\site-packages\authlib/integrations/flask_oauth2/resource_protector.pyraise_error_responsez&ResourceProtector.raise_error_response-sV"z$u~~//0011##%%VT733333Nctt}t|tr|g}|||}t j|||t_|S)zA method to acquire current valid token with the given scope. :param scopes: a list of scope values :return: token object )token) r _req isinstancestrvalidate_requestr sendrauthlib_server_oauth2_token)rscopesrrs r acquire_tokenzResourceProtector.acquire_token9sb #4(( fc " " XF%%fg66 U3333(-% rc#K ||VdS#t$r }||Yd}~dSd}~wwxYw)akThe with statement of ``require_oauth``. Instead of using a decorator, you can use a with statement instead:: @app.route('/api/user') def user_api(): with require_oauth.acquire('profile') as token: user = User.query.get(token.user_id) return jsonify(user.to_dict()) N)r'rr)rr&rs racquirezResourceProtector.acquireHsp -$$V,, , , , , , - - -  % %e , , , , , , , , , -s AAAFcfd}|S)NcNtjfd}|S)Nc nb#t$r.}r |i|cYd}~S|Yd}~n/d}~wt$r}|Yd}~nd}~wwxYw|i|SN)r'r rr)argskwargsrfoptionalr&rs r decoratedz>ResourceProtector.__call__..wrapper..decoratedZs5&&v....05552 q$1&11111111--e44444444"555--e444444445q$)&)))s* A8 A A8A  A8A33A8) functoolswraps)r0r2r1r&rs` rwrapperz+ResourceProtector.__call__..wrapperYsI _Q   * * * * * * *  * r)rr&r1r5s``` r__call__zResourceProtector.__call__Xs/       rr-)NF) __name__ __module__ __qualname____doc__rr'rr)r7r6rrr r su4 4 4 4     - - -^ -rr c*tjdS)Nr%)rgetr6rr_get_current_tokenr>is 5. / //r)r3 contextlibrflaskrrrr werkzeug.localrauthlib.oauth2rr _ResourceProtectorauthlib.oauth2.rfc6749r requestsr signalsr errorsrr> current_tokenr6rrrIs6%%%%%%!!!!!!%%%%%%'&&&&&((((((((((((TTTTT*TTTn000 -.. r