Aah$bdZddlZddlZddlmZddlmZddlmZm Z m Z m Z ddl m Z ddlmZerdd lmZ dd lmZdd lmZmZdd lmZdd lmZn#e$re jddwxYw ddlmZmZn#e$re jddwxYwddl mZdZ dZ!dZ"dZ#dZ$GddeZ%dS)zOCI Authentication Plugin.N) b64encode)Path) TYPE_CHECKINGAnyDictOptional)errors)logger) MySQLSocket)UnsupportedAlgorithm)hashes serialization)padding)PRIVATE_KEY_TYPESz'Package 'cryptography' is not installed)config exceptionszGPackage 'oci' (Oracle Cloud Infrastructure Python SDK) is not installed)MySQLAuthPluginMySQLOCIAuthPlugini(z0Ephemeral security token is too large (10KB max)zGEphemeral security token file ('security_token_file') could not be readzKOCI configuration file does not contain a 'fingerprint' or 'key_file' entryc(eZdZUdZdZeed<dZeed<e j Z eed<e de deeefd efd Ze d ed efd Zd eeeffd Zed efdZed efdZde ded ee fdZddde ded e fdZdS)rz2Implement the MySQL OCI IAM authentication plugin.NcontextDEFAULToci_config_profileoci_config_file signature oci_configreturnct|}|d|d}|dr t|d}|jt krtjt| d|d<n3#ttf$r}tjt|d}~wwxYwtj|d S) a=Prepare client's authentication response Prepares client's authentication response in JSON format Args: signature (bytes): server's nonce to be signed by client. oci_config (dict): OCI configuration object. Returns: str: JSON string with the following format: {"fingerprint": str, "signature": str, "token": base64.base64.base64} Raises: ProgrammingError: If the ephemeral security token file can't be open or the token is too large. fingerprint)r rsecurity_token_filezutf-8)encodingtokenN),:) separators)rdecodegetrstatst_sizeOCI_SECURITY_TOKEN_MAX_SIZEr ProgrammingErrorOCI_SECURITY_TOKEN_TOO_LARGE read_textOSError UnicodeError%OCI_SECURITY_TOKEN_FILE_NOT_AVAILABLEjsondumps)rr signature_64 auth_responser!errs c/var/www/lms/venv/lib/python3.11/site-packages/mysql/connector/plugins/authentication_oci_client.py_prepare_auth_responsez)MySQLOCIAuthPlugin._prepare_auth_responseQs"!++ %m4%,,..   >>/ 0 0  &*:6K+L&M&M#&++--58SSS 12NOOO)<)F)FPW)F)X)X g&&\*   -9 z-J????sA)B--C>CCkey_pathcb ttj|d5}t j|d}dddn #1swxYwYn?#ttttf$r}tj d|d|d}~wwxYw|S)z+Get the private_key form the given locationrbN)passwordz2An error occurred while reading the API_KEY from "z": ) openospath expanduserrload_pem_private_keyread TypeErrorr/ ValueErrorr r r,)r9key_file private_keyr6s r7_get_private_keyz#MySQLOCIAuthPlugin._get_private_keyys bg((22D99 X+@MMOO!                 7J0DE   )'''!$''   s:-A0)A$ A0$A((A0+A(,A00B, B''B,c|g}ddd}i} tj|jp tj|jpd}|D]`\}} ||r*|||s|d|d9#t$r|d|Y]wxYwnk#tj tj tj tj tj f$r,}|t|Yd}~nd}~wwxYw|rtjd |jd ||S) z=Get a valid OCI config from the given configuration file pathc(t|dkS)N )lenxs r7z:MySQLOCIAuthPlugin._get_valid_oci_config..sc!ffrkcztjtj|S)N)r>r?existsr@rLs r7rNz:MySQLOCIAuthPlugin._get_valid_oci_config..s$27>>"'2D2DQ2G2G#H#HrO)r rErz Parameter "z " is invalidzDoes not contain parameter NzInvalid oci-config-file: z. Errors found: )r from_filerDEFAULT_LOCATIONritemsappendKeyErrorrConfigFileNotFound InvalidConfigInvalidKeyFilePathInvalidPrivateKeyProfileNotFoundstrr r,)self error_listreq_keysrreq_key req_valuer6s r7_get_valid_oci_configz(MySQLOCIAuthPlugin._get_valid_oci_configs 11HH   &(  ()$?(?'49J'/nn&6&6 O O"O!'*O99Z=P3Q3QO"))*M*M*M*MNNNOOO%%&MG&M&MNNNNNO  O  )  $  )  (  &   ( ( (   c#hh ' ' ' ' ' ' ' ' (  ).D,@..!+..  s<AB02BB0"B,)B0+B,,B00base64rpathlibrtypingrrrrr r networkr cryptography.exceptionsr cryptography.hazmat.primitivesrr)cryptography.hazmat.primitives.asymmetricr/cryptography.hazmat.primitives.asymmetric.typesr ImportErrorr,ocirrrAUTHENTICATION_PLUGIN_CLASSr+r-r1OCI_PROFILE_MISSING_PROPERTIESrrerOr7rs>! 555555555555&%%%%%%W<<<<<<DDDDDDDDAAAAAAQQQQQQQWWW !& !"K L LRVVW&&&&&&&&& !& !Q    2'QM&R ``````````sAA*.A77B