a o=ic\@sRdZddlZddlmZddlmZddlmZmZe e Z Gdd d eZ dS) z oauthlib.oauth2.rfc6749.endpoint.revocation ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ An implementation of the OAuth 2 `Token Revocation`_ spec (draft 11). .. _`Token Revocation`: https://tools.ietf.org/html/draft-ietf-oauth-revocation-11 N)Request) OAuth2Error) BaseEndpointcatch_errors_and_unavailabilityc@s8eZdZdZdZdZd ddZedd d Zd d Z dS)RevocationEndpointzToken revocation endpoint. Endpoint used by authenticated clients to revoke access and refresh tokens. Commonly this will be part of the Authorization Endpoint. )Z access_tokenZ refresh_token)POSTNFcCs&t|||_|p|j|_||_dS)N)r__init__request_validatorvalid_token_typessupported_token_types enable_jsonp)selfr r rr}/home/droni/.local/share/virtualenvs/DPS-5Je3_V2c/lib/python3.9/site-packages/oauthlib/oauth2/rfc6749/endpoints/revocation.pyr s  zRevocationEndpoint.__init__r c Csdddd}t||||d}z||td|Wnjty}zRtd|||j}|jrt|jrtd|j|}| |j |||j fWYd }~Sd }~00|j |j|j|d }|jr|jr|jd }i|d fS) aRevoke supplied access or refresh token. The authorization server responds with HTTP status code 200 if the token has been revoked successfully or if the client submitted an invalid token. Note: invalid tokens do not cause an error response since the client cannot handle such an error in a reasonable way. Moreover, the purpose of the revocation request, invalidating the particular token, is already achieved. The content of the response body is ignored by the client as all necessary information is conveyed in the response code. An invalid token type hint value is ignored by the authorization server and does not influence the revocation response. zapplication/jsonzno-storezno-cache)z Content-Typez Cache-ControlZPragma) http_methodbodyheaderszToken revocation valid for %r.z)Client error during validation of %r. %r.z{}({});Nz();)rvalidate_revocation_requestlogdebugrjsonrcallbackformatupdater status_coder Z revoke_tokentokenZtoken_type_hint) rurirrrZ resp_headersrequesteZ response_bodyrrrcreate_revocation_response&s0   "   z-RevocationEndpoint.create_revocation_responsecCs6||||||||||dS)aEnsure the request is valid. The client constructs the request by including the following parameters using the "application/x-www-form-urlencoded" format in the HTTP request entity-body: token (REQUIRED). The token that the client wants to get revoked. token_type_hint (OPTIONAL). A hint about the type of the token submitted for revocation. Clients MAY pass this parameter in order to help the authorization server to optimize the token lookup. If the server is unable to locate the token using the given hint, it MUST extend its search across all of its supported token types. An authorization server MAY ignore this parameter, particularly if it is able to detect the token type automatically. This specification defines two such values: * access_token: An Access Token as defined in [RFC6749], `section 1.4`_ * refresh_token: A Refresh Token as defined in [RFC6749], `section 1.5`_ Specific implementations, profiles, and extensions of this specification MAY define other values for this parameter using the registry defined in `Section 4.1.2`_. The client also includes its authentication credentials as described in `Section 2.3`_. of [`RFC6749`_]. .. _`section 1.4`: https://tools.ietf.org/html/rfc6749#section-1.4 .. _`section 1.5`: https://tools.ietf.org/html/rfc6749#section-1.5 .. _`section 2.3`: https://tools.ietf.org/html/rfc6749#section-2.3 .. _`Section 4.1.2`: https://tools.ietf.org/html/draft-ietf-oauth-revocation-11#section-4.1.2 .. _`RFC6749`: https://tools.ietf.org/html/rfc6749 N)Z_raise_on_bad_methodZ_raise_on_bad_post_requestZ_raise_on_missing_tokenZ_raise_on_invalid_clientZ_raise_on_unsupported_token)rr!rrrrUs %    z.RevocationEndpoint.validate_revocation_request)NF)r NN) __name__ __module__ __qualname____doc__r Zvalid_request_methodsr rr#rrrrrrs  .r) r'loggingZoauthlib.commonrerrorsrbaserr getLoggerr$rrrrrrs