File manager

File manager - Edit - /usr/local/CyberPanel/lib/python3.10/site-packages/google/auth/transport/__pycache__/grpc.cpython-310.pyc

Back
o ��hq6�� @��s��d�Z�ddlmZ�ddlZddlZddlmZ�ddlmZ�ddlm Z �ddl mZ�zddlZW�n�e y?�Z�ze d�e�dZ[ww�e�e�ZG�d d ��d ej�Z ddd�ZG�d d��d�ZdS�)zAuthorization support for gRPC.��)�absolute_importN)�environment_vars)� exceptions)�_mtls_helper)�service_accountzWgRPC is not installed from please install the grpcio package to use the gRPC transport.c��s2��e�Zd�ZdZd ��fdd� Zdd��Zdd��Z��ZS�) �AuthMetadataPluginan��A `gRPC AuthMetadataPlugin`_ that inserts the credentials into each request. .. _gRPC AuthMetadataPlugin: http://www.grpc.io/grpc/python/grpc.html#grpc.AuthMetadataPlugin Args: credentials (google.auth.credentials.Credentials): The credentials to add to requests. request (google.auth.transport.Request): A HTTP transport request object used to refresh credentials as needed. default_host (Optional[str]): A host like "pubsub.googleapis.com". This is used when a self-signed JWT is created from service account credentials. Nc��s$��t�t\|��\|\|�_\|\|�_\|\|�_d�S��N)�superr��__init__�_credentials�_request� _default_host)�self�credentials�request�default_host�� __class__��P/usr/local/CyberPanel/lib/python3.10/site-packages/google/auth/transport/grpc.pyr ��6��s�� zAuthMetadataPlugin.__init__c��C��sT��i�}t�\|�jtj�r\|�j�\|�jrd�\|�j�nd��\|�j�\|�j\|j \|j \|��t\|��S�)z�Gets the authorization headers for a request. Returns: Sequence[Tuple[str, str]]: A list of request headers (key, value) to add to the request. zhttps://{}/N) � isinstancer��r��Credentials�_create_self_signed_jwtr ��format�before_requestr��method_name�service_url�list�items)r��context�headersr��r��r��_get_authorization_headers?��s��z-AuthMetadataPlugin._get_authorization_headersc��C��s��\|\|��\|�d��dS�)a ��Passes authorization metadata into the given callback. Args: context (grpc.AuthMetadataContext): The RPC context. callback (grpc.AuthMetadataPluginCallback): The callback that will be invoked to pass in the authorization metadata. N)r!��)r��r��callbackr��r��r��__call__W��s��zAuthMetadataPlugin.__call__r��)�__name__� __module__�__qualname__�__doc__r ��r!��r#�� __classcell__r��r��r��r��r��%��s �� r��c�� K��s��t�\|�\|�}t�\|�}\|r\|rt�d��\|s>t�tjd�}\|dkr/\|r/\|��\} } tj \| \| d�}n\|dkr:t ��}\|j}nt� ��}t�\|\|�}tj \|\|fi�\|��S�)au��Creates a secure authorized gRPC channel. This creates a channel with SSL and :class:`AuthMetadataPlugin`. This channel can be used to create a stub that can make authorized requests. Users can configure client certificate or rely on device certificates to establish a mutual TLS channel, if the `GOOGLE_API_USE_CLIENT_CERTIFICATE` variable is explicitly set to `true`. Example:: import google.auth import google.auth.transport.grpc import google.auth.transport.requests from google.cloud.speech.v1 import cloud_speech_pb2 # Get credentials. credentials, _ = google.auth.default() # Get an HTTP request function to refresh credentials. request = google.auth.transport.requests.Request() # Create a channel. channel = google.auth.transport.grpc.secure_authorized_channel( credentials, regular_endpoint, request, ssl_credentials=grpc.ssl_channel_credentials()) # Use the channel to create a stub. cloud_speech.create_Speech_stub(channel) Usage: There are actually a couple of options to create a channel, depending on if you want to create a regular or mutual TLS channel. First let's list the endpoints (regular vs mutual TLS) to choose from:: regular_endpoint = 'speech.googleapis.com:443' mtls_endpoint = 'speech.mtls.googleapis.com:443' Option 1: create a regular (non-mutual) TLS channel by explicitly setting the ssl_credentials:: regular_ssl_credentials = grpc.ssl_channel_credentials() channel = google.auth.transport.grpc.secure_authorized_channel( credentials, regular_endpoint, request, ssl_credentials=regular_ssl_credentials) Option 2: create a mutual TLS channel by calling a callback which returns the client side certificate and the key (Note that `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable must be explicitly set to `true`):: def my_client_cert_callback(): code_to_load_client_cert_and_key() if loaded: return (pem_cert_bytes, pem_key_bytes) raise MyClientCertFailureException() try: channel = google.auth.transport.grpc.secure_authorized_channel( credentials, mtls_endpoint, request, client_cert_callback=my_client_cert_callback) except MyClientCertFailureException: # handle the exception Option 3: use application default SSL credentials. It searches and uses the command in a context aware metadata file, which is available on devices with endpoint verification support (Note that `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable must be explicitly set to `true`). See https://cloud.google.com/endpoint-verification/docs/overview:: try: default_ssl_credentials = SslCredentials() except: # Exception can be raised if the context aware metadata is malformed. # See :class:`SslCredentials` for the possible exceptions. # Choose the endpoint based on the SSL credentials type. if default_ssl_credentials.is_mtls: endpoint_to_use = mtls_endpoint else: endpoint_to_use = regular_endpoint channel = google.auth.transport.grpc.secure_authorized_channel( credentials, endpoint_to_use, request, ssl_credentials=default_ssl_credentials) Option 4: not setting ssl_credentials and client_cert_callback. For devices without endpoint verification support or `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not `true`, a regular TLS channel is created; otherwise, a mutual TLS channel is created, however, the call should be wrapped in a try/except block in case of malformed context aware metadata. The following code uses regular_endpoint, it works the same no matter the created channle is regular or mutual TLS. Regular endpoint ignores client certificate and key:: channel = google.auth.transport.grpc.secure_authorized_channel( credentials, regular_endpoint, request) The following code uses mtls_endpoint, if the created channle is regular, and API mtls_endpoint is confgured to require client SSL credentials, API calls using this channel will be rejected:: channel = google.auth.transport.grpc.secure_authorized_channel( credentials, mtls_endpoint, request) Args: credentials (google.auth.credentials.Credentials): The credentials to add to requests. request (google.auth.transport.Request): A HTTP transport request object used to refresh credentials as needed. Even though gRPC is a separate transport, there's no way to refresh the credentials without using a standard http transport. target (str): The host and port of the service. ssl_credentials (grpc.ChannelCredentials): Optional SSL channel credentials. This can be used to specify different certificates. This argument is mutually exclusive with client_cert_callback; providing both will raise an exception. If ssl_credentials and client_cert_callback are None, application default SSL credentials are used if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is explicitly set to `true`, otherwise one way TLS SSL credentials are used. client_cert_callback (Callable[[], (bytes, bytes)]): Optional callback function to obtain client certicate and key for mutual TLS connection. This argument is mutually exclusive with ssl_credentials; providing both will raise an exception. This argument does nothing unless `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is explicitly set to `true`. kwargs: Additional arguments to pass to :func:`grpc.secure_channel`. Returns: grpc.Channel: The created gRPC channel. Raises: google.auth.exceptions.MutualTLSChannelError: If mutual TLS channel creation failed for any reason. zUReceived both ssl_credentials and client_cert_callback; these are mutually exclusive.�false�true��certificate_chain�private_key)r��grpc�metadata_call_credentialsr��MalformedError�os�getenvr��!GOOGLE_API_USE_CLIENT_CERTIFICATE�ssl_channel_credentials�SslCredentials�ssl_credentials�composite_channel_credentials�secure_channel) r��r��targetr6��client_cert_callback�kwargs�metadata_plugin�google_auth_credentials�use_client_cert�cert�key�adc_ssl_credentils�composite_credentialsr��r��r��secure_authorized_channelb��s0�� rC��c��@��s0��e�Zd�ZdZdd��Zedd��Zedd��ZdS�) r5��aF��Class for application default SSL credentials. The behavior is controlled by `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable whose default value is `false`. Client certificate will not be used unless the environment variable is explicitly set to `true`. See https://google.aip.dev/auth/4114 If the environment variable is `true`, then for devices with endpoint verification support, a device certificate will be automatically loaded and mutual TLS will be established. See https://cloud.google.com/endpoint-verification/docs/overview. c��C��s:��t��tjd�}\|dkrd\|�_d�S�t�tj�}\|d�u\|�_d�S�)Nr)��r*��F)r1��r2��r��r3��_is_mtlsr��_check_dca_metadata_path�CONTEXT_AWARE_METADATA_PATH)r��r>�� metadata_pathr��r��r��r ��)��s�� zSslCredentials.__init__c�� C��sj��\|�j�r-zt��\}}}}tj\|\|d�\|�_W�\|�jS��tjy,�}�zt�\|�}\|\|�d}~ww�t��\|�_\|�jS�)a��Get the created SSL channel credentials. For devices with endpoint verification support, if the device certificate loading has any problems, corresponding exceptions will be raised. For a device without endpoint verification support, no exceptions will be raised. Returns: grpc.ChannelCredentials: The created grpc channel credentials. Raises: google.auth.exceptions.MutualTLSChannelError: If mutual TLS channel creation failed for any reason. r+��N) rD��r��get_client_ssl_credentialsr.��r4��_ssl_credentialsr��ClientCertError�MutualTLSChannelError)r��_r?��r@�� caught_exc�new_excr��r��r��r6��6��s�� zSslCredentials.ssl_credentialsc��C��s��\|�j�S�)z?Indicates if the created SSL channel credentials is mutual TLS.)rD��)r��r��r��r��is_mtlsT��s��zSslCredentials.is_mtlsN)r$��r%��r&��r'��r ��propertyr6��rO��r��r��r��r��r5��s�� r5��)NN)r'�� __future__r��loggingr1��google.authr��r��google.auth.transportr�� google.oauth2r��r.��ImportErrorrM�� getLoggerr$��_LOGGERr��rC��r5��r��r��r��r��<module>��s2�� A ��:

| ver. 1.4 | Github | . | PHP 8.2.28 | Generation time: 0.02 | proxy | phpinfo | Settings