Rǻi)ddlmZddlZddlZddlmZddlmZddlm Z ddl m Z m Z ddlmZmZe j"rdd l mZneZeGd d Zdd ZGd dej.ZGddeej.ZeGddZGddeej.ZGddeej.ZddZy)) annotationsN) dataclass)PathLike)_typing)_TAuthAuth)ConfigurationError Neo4jError)Protocolc2eZdZUdZded<dZded<ddZy) ExpiringAutha Represents potentially expiring authentication information. This class is used with :meth:`.AuthManagers.bearer` and :meth:`.AsyncAuthManagers.bearer`. :param auth: The authentication information. :param expires_at: Unix timestamp (seconds since 1970-01-01 00:00:00 UTC) indicating when the authentication information expires. If :data:`None`, the authentication information is considered to not expire until the server explicitly indicates so. .. seealso:: :meth:`.AuthManagers.bearer`, :meth:`.AsyncAuthManagers.bearer` .. versionadded:: 5.8 .. versionchanged:: 5.9 * Removed parameter and attribute ``expires_in`` (relative expiration time). Replaced with ``expires_at`` (absolute expiration time). * :meth:`.expires_in` can be used to create an :class:`.ExpiringAuth` with a relative expiration time. .. versionchanged:: 5.14 Stabilized from preview. rauthNz float | None expires_atcXt|jtj|zS)a? Return a (flat) copy of this object with a new expiration time. This is a convenience method for creating an :class:`.ExpiringAuth` for a relative expiration time ("expires in" instead of "expires at"). >>> import time, freezegun >>> with freezegun.freeze_time("1970-01-01 00:00:40"): ... ExpiringAuth(("user", "pass")).expires_in(2) ExpiringAuth(auth=('user', 'pass'), expires_at=42.0) >>> with freezegun.freeze_time("1970-01-01 00:00:40"): ... ExpiringAuth(("user", "pass"), time.time() + 2) ExpiringAuth(auth=('user', 'pass'), expires_at=42.0) :param seconds: The number of seconds from now until the authentication information expires. .. versionadded:: 5.9 )rrtime)selfsecondss T/opt/lhia/marcimex/agent/venv/lib/python3.12/site-packages/neo4j/_auth_management.py expires_inzExpiringAuth.expires_inMs *DIItyy{W'<==)rfloatreturnr)__name__ __module__ __qualname____doc____annotations__rrrrrr+s: L#J #>rrcT|j}|duxr|tjkS)N)rr)rrs rexpiring_auth_has_expiredr!es&J T ! >j499;&>>rcheZdZdZej ddZej ddZy) AuthManagera Abstract base class for authentication information managers. The driver provides some default implementations of this class in :class:`.AuthManagers` for convenience. Custom implementations of this class can be used to provide more complex authentication refresh functionality. .. warning:: The manager **must not** interact with the driver in any way as this can cause deadlocks and undefined behaviour. Furthermore, the manager is expected to be thread-safe. The token returned must always belong to the same identity. Switching identities using the ``AuthManager`` is undefined behavior. You may use :ref:`session-level authentication` for such use-cases. .. seealso:: :class:`.AuthManagers` .. versionadded:: 5.8 .. versionchanged:: 5.12 ``on_auth_expired`` was removed from the interface and replaced by :meth:`handle_security_exception`. The new method is called when the server returns any ``Neo.ClientError.Security.*`` error. Its signature differs in that it additionally receives the error returned by the server and returns a boolean indicating whether the error was handled. .. versionchanged:: 5.14 Stabilized from preview. cy)a# Return the current authentication information. The driver will call this method very frequently. It is recommended to implement some form of caching to avoid unnecessary overhead. .. warning:: The method must only ever return auth information belonging to the same identity. Switching identities using the ``AuthManager`` is undefined behavior. You may use :ref:`session-level authentication` for such use-cases. Nrrs rget_authzAuthManager.get_auths" rcy)a Handle the server indicating authentication failure. The driver will call this method when the server returns any ``Neo.ClientError.Security.*`` error. The error will then be processed further as usual. :param auth: The authentication information that was used when the server returned the error. :param error: The error returned by the server. :returns: Whether the error was handled (:data:`True`), in which case the driver will mark the error as retryable (see :meth:`.Neo4jError.is_retryable`). .. versionadded:: 5.12 Nrrrerrors rhandle_security_exceptionz%AuthManager.handle_security_exceptions0 rNrrrrr)r rboolrrrrabcabstractmethodr&r*rrrr#r#jsT!F   $   #-   rr#) metaclasscheZdZdZej ddZej ddZy)AsyncAuthManagera[ Async version of :class:`.AuthManager`. .. seealso:: :class:`.AuthManager` .. versionadded:: 5.8 .. versionchanged:: 5.12 ``on_auth_expired`` was removed from the interface and replaced by :meth:`handle_security_exception`. See :class:`.AuthManager`. .. versionchanged:: 5.14 Stabilized from preview. c Kyw)zu Async version of :meth:`.AuthManager.get_auth`. .. seealso:: :meth:`.AuthManager.get_auth` Nrr%s rr&zAsyncAuthManager.get_auth  c Kyw)z Async version of :meth:`.AuthManager.handle_security_exception`. .. seealso:: :meth:`.AuthManager.handle_security_exception` Nrr(s rr*z*AsyncAuthManager.handle_security_exceptions  r6Nr+r,r.rrrr3r3sS       #-   rr3c8eZdZUdZded<dZded<dZded<y) ClientCertificatez Simple data class to hold client certificate information. The attributes are the same as the arguments to :meth:`ssl.SSLContext.load_cert_chain()`. .. versionadded:: 5.19 .. versionchanged:: 5.27 Stabilized from preview. z-str | bytes | PathLike[str] | PathLike[bytes]certfileNz4str | bytes | PathLike[str] | PathLike[bytes] | Nonekeyfilez0t.Callable[[], str | bytes] | str | bytes | Nonepassword)rrrrrr;r<rrrr9r9s% <;DHG AHAEH>Err9c6eZdZdZej ddZy)ClientCertificateProvidera Interface for providing a client certificate to the driver for mutual TLS. This is an abstract base class (:class:`abc.ABC`) as well as a protocol (:class:`typing.Protocol`). Meaning you can either inherit from it or just implement all required method on a class to satisfy the type constraints. The package provides some default implementations of this class in :class:`.ClientCertificateProviders` for convenience. The driver will call :meth:`.get_certificate` to check if the client wants the driver to use as new certificate for mutual TLS. The certificate is only used as a second factor for authenticating the client. The DBMS user still needs to authenticate with an authentication token. Note that the work done in the methods of this interface count towards the connection acquisition affected by the respective timeout setting :ref:`connection-acquisition-timeout-ref`. Should fetching the certificate be particularly slow, it might be necessary to increase the timeout. .. warning:: The provider **must not** interact with the driver in any way as this can cause deadlocks and undefined behaviour. .. versionadded:: 5.19 .. versionchanged:: 5.27 Stabilized from preview. cy)a Return the new certificate (if present) to use for new connections. If no new certificate is available, return :data:`None`. This will make the driver continue using the current certificate. Note that a new certificate will only be used for new connections. Already established connections will continue using the old certificate as TLS is established during connection setup. :returns: The new certificate to use for new connections. Nrr%s rget_certificatez)ClientCertificateProvider.get_certificates rNrzClientCertificate | Nonerrrrr/r0r@rrrr>r>s"B     rr>c6eZdZdZej ddZy)AsyncClientCertificateProvidera Async version of :class:`.ClientCertificateProvider`. The package provides some default implementations of this class in :class:`.AsyncClientCertificateProviders` for convenience. .. seealso:: :class:`.ClientCertificateProvider`, :class:`.AsyncClientCertificateProviders` .. versionadded:: 5.19 .. versionchanged:: 5.27 Stabilized from preview. c Kyw)z Return the new certificate (if present) to use for new connections. .. seealso:: :meth:`.ClientCertificateProvider.get_certificate` Nrr%s rr@z.AsyncClientCertificateProvider.get_certificate5r5r6NrArBrrrrDrD%s!    rrDc|siSt|tr,dt|cxkrdkrnntt dg|S t|S#t t f$r}td||d}~wwxYw)Nbasicz#Cannot determine auth details from ) isinstancetuplelenvarsr KeyError TypeErrorr )res r to_auth_dictrQ?sw  D% Q#d)%8q%8D(4()) : )$ $5dX>  s A A0A++A0)rrrr-)rrrzdict[str, t.Any]) __future__rr/r dataclassesrosrrtapirr exceptionsr r TYPE_CHECKINGr _Protocolobjectrr!ABCMetar#r3r9r>rDrQrrrr]s"# ! ??.I 6>6> 6>r? O CKKO d! yCKK! H FF F"0 S[[0 f Y#++ 4 r