o i%@s&ddlZddlmZddlmZmZddlmZmZm Z m Z m Z ddl m Z mZddlmZddlmZmZddlmZdd lmZdd lmZmZmZmZmZdd lmZm Z e!e"Z#Gd d d eZ$GdddeZ%de&dde BeBde&dBfddZ'Gddde eZ(eGdddZ)dS)N) dataclass)AnyLiteral)AnyUrl BaseModelField RootModelValidationError)FormData QueryParams)Request)RedirectResponseResponse)stringify_pydantic_error)PydanticJSONResponse)AuthorizationErrorCodeAuthorizationParamsAuthorizeError OAuthAuthorizationServerProviderconstruct_redirect_uri)InvalidRedirectUriErrorInvalidScopeErrorc@seZdZUedddZeed<edddZedBed<edddZ e d ed <edd dZ eed <ed ddZ e d ed<edddZ edBed<edddZedBed<edddZedBed<dS)AuthorizationRequest.z The client ID) description client_idNz&URL to redirect to after authorization redirect_uriz*Must be 'code' for authorization code flowcode response_typezPKCE code challengecode_challengeS256z(PKCE code challenge method, must be S256code_challenge_methodzOptional state parameterstatezOOptional scope; if specified, should be a space-separated list of scope stringsscopezIRFC 8707 resource indicator - the MCP server this token will be used withresource)__name__ __module__ __qualname__rrstr__annotations__rrrrrr r!r"r#r)r)h/var/www/html/karishye-ai-python/venv/lib/python3.10/site-packages/mcp/server/auth/handlers/authorize.pyrs rc@sBeZdZUeed<edBed<dZedBed<dZedBed<dS)AuthorizationErrorResponseerrorNerror_description error_urir!) r$r%r&rr(r'r.rr!r)r)r)r*r+,s  r+keyparamsreturncCs(|durdS||}t|tr|SdS)N)get isinstancer')r/r0valuer)r)r*best_effort_extract_string4s   r5c@seZdZUeed<dS) AnyUrlModelrootN)r$r%r&rr(r)r)r)r*r6=s r6c@s2eZdZUeeeefed<dedefddZdS)AuthorizationHandlerproviderrequestr1c sdddd ddtdtdBdtffdd }z|jdkr)|jn|IdHtdz t}|j Wn6t yu}z*d }| D]}|d d kr_|d d kr_d}nqM||t |IdHWYd}~WSd}~wwj |jIdHs|d d|jdddIdHWSz|jWnty}z|d |jdIdHWYd}~WSd}~wwz|j}Wnty}z|d|jdIdHWYd}~WSd}~wwt||j|jdu|jd}ztj |IdHdddidWWSty}z||j|jdIdHWYd}~WSd}~wwtyB}zt j!d|d|dddIdHWYd}~Sd}~ww)NTr,r-attempt_load_clientc sdur|rtd}|rj|IdHnddurFrFzdur+dvr+d}n ttdj}|Wn ttfyEYnwdurOtdt ||d}rorot t t fi|j ddddd id Std |dd id S) Nrrr!)r,r-r!T) exclude_none. Cache-Controlno-storeurl status_codeheadersi)rBcontentrC)r5r9 get_clientr6model_validater7validate_redirect_urir rr+r rr' model_dumpr)r,r-r;rraw_redirect_uri error_respclientr0rselfr!r)r*error_responseNsF    z3AuthorizationHandler.handle..error_responseGETr!invalid_requestloc)rtype literal_errorunsupported_response_typez Client ID 'z ' not foundF)r,r-r;)r,r- invalid_scope)r!scopesrr redirect_uri_provided_explicitlyr#r=r>r?r@z)Unexpected error in authorization_handler)exc_info server_errorzAn unexpected error occurred)T)"rr'boolmethod query_paramsformr5rrFr!r errorsrr9rErrGrrmessagevalidate_scoper"rrrr#r authorizerr,r- Exceptionlogger exception) rMr:rN auth_requestvalidation_errorr,erV auth_paramsr)rKr*handleEs@     "     $zAuthorizationHandler.handleN) r$r%r&rrr(r rrir)r)r)r*r8As r8)*logging dataclassesrtypingrrpydanticrrrrr starlette.datastructuresr r starlette.requestsr starlette.responsesr rmcp.server.auth.errorsrmcp.server.auth.json_responsermcp.server.auth.providerrrrrrmcp.shared.authrr getLoggerr$rcrr+r'r5r6r8r)r)r)r*s$     "