byp4a55 professor6T9

Linux SamCT211 4.4.302+ #86009 SMP Wed Nov 26 18:19:20 CST 2025 x86_64
nginx/1.23.1
192.168.4.211

File Name : auth.cpython-38.pyc

�����}�h)����������������������@���s����d�Z�ddlZddlZddlZddlZddlZddlmZ�dZdd��Z	G�dd��d�Z
G�d	d
��d
e
�ZG�dd��de
�ZG�d
d��de�Z
G�dd��de�ZdS�)a��
Authentication management.

Default is htpasswd authentication.

Apache's htpasswd command (httpd.apache.org/docs/programs/htpasswd.html)
manages a file for storing user credentials. It can encrypt passwords using
different methods, e.g. BCRYPT, MD5-APR1 (a version of MD5 modified for
Apache), SHA1, or by using the system's CRYPT routine. The CRYPT and SHA1
encryption methods implemented by htpasswd are considered as insecure. MD5-APR1
provides medium security as of 2015. Only BCRYPT can be considered secure by
current standards.

MD5-APR1-encrypted credentials can be written by all versions of htpasswd (it
is the default, in fact), whereas BCRYPT requires htpasswd 2.4.x or newer.

The `is_authenticated(user, password)` function provided by this module
verifies the user-given credentials by parsing the htpasswd credential file
pointed to by the ``htpasswd_filename`` configuration value while assuming
the password encryption method specified via the ``htpasswd_encryption``
configuration value.

The following htpasswd password encrpytion methods are supported by Radicale
out-of-the-box:

- plain-text (created by htpasswd -p...) -- INSECURE
    - CRYPT      (created by htpasswd -d...) -- INSECURE
    - SHA1       (created by htpasswd -s...) -- INSECURE

When passlib (https://pypi.python.org/pypi/passlib) is importable, the
following significantly more secure schemes are parsable by Radicale:

- MD5-APR1   (htpasswd -m...) -- htpasswd's default method
    - BCRYPT     (htpasswd -B...) -- Requires htpasswd 2.4.x

�����N)�
import_module)�None�none�remote_user�http_x_remote_user�htpasswdc��������������
���C���s����|���dd�}|dkrt}nn|dkr(t}n`|dkr6t}nR|dkrDt}nDzt|�j}W�n4�tk
r��}�ztd||f��|�W�5�d}~X�Y�nX�|�d	|��||�|�S�)
z8Load the authentication manager chosen in configuration.�auth�type)r���r���r���r���r���z+Failed to load authentication module %r: %sNzAuthentication type is %r)	�get�NoneAuth�RemoteUserAuth�HttpXRemoteUserAuth�Authr����	Exception�RuntimeError�info)�
configuration�loggerZ	auth_type�class_�e��r����4/tmp/pip-target-hu2ovxdm/lib/python/radicale/auth.py�loadC���s&������r���c�������������������@���s4���e�Zd�Zdd��Zdd��Zdd��Zdd��Zd	d
��ZdS�)�BaseAuthc�����������������C���s���||�_�||�_d�S��N)r���r���)�selfr���r���r���r���r����__init__Y���s����zBaseAuth.__init__c�����������������C���s���dS�)a+��Optionally provide the login and password externally.

``environ`` a dict with the WSGI environment

If ``()`` is returned, Radicale handles HTTP authentication.
        Otherwise, returns a tuple ``(login, password)``. For anonymous users
        ``login`` must be ``""``.

r���r����r����environr���r���r����get_external_login]���s����
zBaseAuth.get_external_loginc�����������������C���s���|���||�S�)z�Validate credentials.

``login`` the login name

``user`` the user from ``map_login_to_user(login)``.

``password`` the login password

)�is_authenticated)r����login�user�passwordr���r���r����is_authenticated2i���s����
zBaseAuth.is_authenticated2c�����������������C���s���t��dS�)zVValidate credentials.

DEPRECATED: use ``is_authenticated2`` instead

N)�NotImplementedError�r���r"���r#���r���r���r���r ���u���s����zBaseAuth.is_authenticatedc�����������������C���s���|S�)a��Map login name to internal user.

``login`` the login name, ``""`` for anonymous users

Returns a string with the user name.
        If a login can't be mapped to an user, return ``login`` and
        return ``False`` in ``is_authenticated2(...)``.

r���)r���r!���r���r���r����map_login_to_user}���s����
zBaseAuth.map_login_to_userN)�__name__�
__module__�__qualname__r���r���r$���r ���r'���r���r���r���r���r���X���s
���r���c�������������������@���s���e�Zd�Zdd��ZdS�)r���c�����������������C���s���dS�)NTr���r&���r���r���r���r �������s����zNoneAuth.is_authenticatedN)r(���r)���r*���r ���r���r���r���r���r�������s���r���c�����������������������sT���e�Zd�Z��fdd�Zdd��Zdd��Zdd��Zd	d
��Zdd��Zd
d��Z	dd��Z
���ZS�)r���c��������������
������s���t����||��tj�|�dd��|�_|�dd�|�_|�jdkrH|�j|�_	�nV|�jdkr^|�j
|�_	�n@|�jdkrt|�j|�_	�n*|�jdkr�zdd	lm
}�W�n,�tk
r��}�ztd
�|�W�5�d�}~X�Y�nX�t�|�j|�|�_	n�|�jdk�r6zddlm}�W�n.�tk
�r�}�ztd
�|�W�5�d�}~X�Y�nX�|�d��t�|�j|�|�_	nh|�jdk�r�zdd�l}W�n.�tk
�r|�}�ztd�|�W�5�d�}~X�Y�nX�t�|�j|�|�_	ntd|�j���d�S�)Nr���Zhtpasswd_filenameZhtpasswd_encryptionZssha�sha1�plain�md5r���)�
apr_md5_cryptzAThe htpasswd encryption method 'md5' requires the passlib module.�bcrypt)r/���zXThe htpasswd encryption method 'bcrypt' requires the passlib module with bcrypt support.ztest-bcrypt-backend�cryptzKThe htpasswd encryption method 'crypt' requires the crypt() system support.z3The htpasswd encryption method %r is not supported.)�superr����os�path�
expanduserr
����filenameZ
encryption�_ssha�verify�_sha1�_plainZpasslib.hashr.����ImportErrorr����	functools�partial�_md5apr1r/���Zencrypt�_bcryptr0����_crypt)r���r���r���r.���r���r/���r0�����	__class__r���r���r�������s^����
�

����
����z
Auth.__init__c�����������������C���s���t��||�S�)z=Check if ``hash_value`` and ``password`` match, plain method.)�hmac�compare_digest)r����
hash_valuer#���r���r���r���r9�������s����zAuth._plainc�����������������C���s���|����}t�|�||�|�S�)z=Check if ``hash_value`` and ``password`` match, crypt method.)�striprB���rC���r0���)r���r0���rD���r#���r���r���r���r?�������s�����zAuth._cryptc�����������������C���sR���t��|����dd��d��}|�|�j�dd��}t���}|�	|��t
�|���|�S�)z<Check if ``hash_value`` and ``password`` match, sha1 method.z{SHA}���ascii�encoding�stock�
�base64�	b64decoderE����replace�encoder���r
����hashlibr+����updaterB���rC����digest)r���rD���r#���r+���r���r���r���r8�������s�������
z
Auth._sha1c�����������������C���st���t��|����dd��d��}|�|�j�dd��}|dd��}|dd��}t���}|�	|��|�	|��t
�|���|�S�)z�Check if ``hash_value`` and ``password`` match, salted sha1 method.

This method is not directly supported by htpasswd, but it can be
        written with e.g. openssl, and nginx can parse it.

z{SSHA}rF���rG���rH���rI�������NrJ���)r���rD���r#���Z
salt_valuer+���r���r���r���r6�������s�������

z
Auth._sshac�����������������C���s���|����}|�||�S�r����rE���r7���)r���r/���rD���r#���r���r���r���r>�������s����zAuth._bcryptc�����������������C���s���|����}|�||�S�r���rS���)r���Zmd5_apr1rD���r#���r���r���r���r=�������s����z
Auth._md5apr1c�����������
������C���s��z�t�|�j���}|D�]�}|�d�}|���r|����d�szJ|jddd�\}}t�||�}|��||�}|r~|r~W��W�5�Q�R���W�dS�W�q�t	k
r��}	�zt
d|�j|	f��|	�W�5�d}	~	X�Y�qX�qW�5�Q�R�X�W�n6�tk
r��}	�zt
d	|�j|	f��|	�W�5�d}	~	X�Y�nX�d
S�)a���Validate credentials.

Iterate through htpasswd credential file until user matches, extract
        hash (encrypted password) and check hash against user-given password,
        using the method specified in the Radicale config.

The content of the file is not cached because reading is generally a
        very cheap operation, and it's useful to get live updates of the
        htpasswd file.

�
�#�:����)�maxsplitTzInvalid htpasswd file %r: %sNz#Failed to load htpasswd file %r: %sF)�openr5����rstrip�lstrip�
startswith�splitrB���rC���r7����
ValueErrorr����OSError)
r���r"���r#����f�liner!���rD���Zlogin_okZpassword_okr���r���r���r���r �������s0����
��$��zAuth.is_authenticated)r(���r)���r*���r���r9���r?���r8���r6���r>���r=���r ����
__classcell__r���r���r@���r���r�������s���-	r���c�������������������@���s���e�Zd�Zdd��ZdS�)r���c�����������������C���s���|��dd�dfS�)NZREMOTE_USERrF����r
���r���r���r���r���r�����s����z!RemoteUserAuth.get_external_loginN�r(���r)���r*���r���r���r���r���r���r�����s���r���c�������������������@���s���e�Zd�Zdd��ZdS�)r
���c�����������������C���s���|��dd�dfS�)NZHTTP_X_REMOTE_USERrF���rc���r���r���r���r���r�����s����z&HttpXRemoteUserAuth.get_external_loginNrd���r���r���r���r���r
�����s���r
���)�__doc__rK���r;���rO���rB���r2����	importlibr���ZINTERNAL_TYPESr���r���r���r���r���r
���r���r���r���r����<module>���s���%2|

Name	Type	Size	Owner/Group	Permission	Last Modified	Actions
.	dir	-	169531/169531	0755	2025-10-03 03:39:18
..	dir	-	169531/169531	0755	2025-10-03 03:39:18
__init__.cpython-38.pyc	text/x-bytecode.python	27.53 KB	169531/169531	0644	2025-10-03 03:39:18
__main__.cpython-38.pyc	text/x-bytecode.python	6.74 KB	169531/169531	0644	2025-10-03 03:39:18
auth.cpython-38.pyc	text/x-bytecode.python	9.04 KB	169531/169531	0644	2025-10-03 03:39:18
config.cpython-38.pyc	text/x-bytecode.python	5.25 KB	169531/169531	0644	2025-10-03 03:39:18
log.cpython-38.pyc	text/x-bytecode.python	1.93 KB	169531/169531	0644	2025-10-03 03:39:18
rights.cpython-38.pyc	text/x-bytecode.python	5.61 KB	169531/169531	0644	2025-10-03 03:39:18
storage.cpython-38.pyc	text/x-bytecode.python	46.71 KB	169531/169531	0644	2025-10-03 03:39:18
web.cpython-38.pyc	text/x-bytecode.python	3.59 KB	169531/169531	0644	2025-10-03 03:39:18
xmlutils.cpython-38.pyc	text/x-bytecode.python	29.49 KB	169531/169531	0644	2025-10-03 03:39:18

Team Anon Force

https://t.me/Professor6T9x