a fWc8@sdZGdddeZGdddeZGdddeZGdddeZGd d d eZGd d d eZGd ddeZ GdddeZ Gddde Z Gddde Z Gddde Z GdddeZGdddeZGdddeZGdddeZGdd d eZGd!d"d"eZd#d$Zd%d&Zd'd(Zd)d*Zd?d,d-Zd@d.d/ZdAd0d1ZdBd2d3ZdCd4d5ZdDd7d8Zd6ZdEd:d;Z dFd=d>Z!d+S)Gz6passlib.exc -- exceptions & warnings raised by passlibc@seZdZdZddZdS)UnknownBackendErrorz Error raised if multi-backend handler doesn't recognize backend name. Inherits from :exc:`ValueError`. .. versionadded:: 1.7 cCs*||_||_d|j|f}t||dS)Nz%s: unknown backend: %r)hasherbackendname ValueError__init__)selfrrmessager //usr/lib/python3.9/site-packages/passlib/exc.pyr szUnknownBackendError.__init__N__name__ __module__ __qualname____doc__rr r r r rsrc@seZdZdZdS)MissingBackendErroraError raised if multi-backend handler has no available backends; or if specifically requested backend is not available. :exc:`!MissingBackendError` derives from :exc:`RuntimeError`, since it usually indicates lack of an external library or OS feature. This is primarily raised by handlers which depend on external libraries (which is currently just :class:`~passlib.hash.bcrypt`). Nr r rrr r r r rsrc@seZdZdZdS)InternalBackendErrorz Error raised if something unrecoverable goes wrong with backend call; such as if ``crypt.crypt()`` returning a malformed hash. .. versionadded:: 1.7.3 Nrr r r r r#src@seZdZdZdS)PasswordValueErrora Error raised if a password can't be hashed / verified for various reasons. This exception derives from the builtin :exc:`!ValueError`. May be thrown directly when password violates internal invariants of hasher (e.g. some don't support NULL characters). Hashers may also throw more specific subclasses, such as :exc:`!PasswordSizeError`. .. versionadded:: 1.7.3 Nrr r r r r,s rc@seZdZdZdZdddZdS)PasswordSizeErrora Error raised if a password exceeds the maximum size allowed by Passlib (by default, 4096 characters); or if password exceeds a hash-specific size limitation. This exception derives from :exc:`PasswordValueError` (above). Many password hash algorithms take proportionately larger amounts of time and/or memory depending on the size of the password provided. This could present a potential denial of service (DOS) situation if a maliciously large password is provided to an application. Because of this, Passlib enforces a maximum size limit, but one which should be *much* larger than any legitimate password. :exc:`PasswordSizeError` derives from :exc:`!ValueError`. .. note:: Applications wishing to use a different limit should set the ``PASSLIB_MAX_PASSWORD_SIZE`` environmental variable before Passlib is loaded. The value can be any large positive integer. .. attribute:: max_size indicates the maximum allowed size. .. versionadded:: 1.6 NcCs"||_|durd}t||dS)Nz%password exceeds maximum allowed size)max_sizerr)rrmsgr r r rXszPasswordSizeError.__init__)N)r r rrrrr r r r r:src@seZdZdZdddZdS)PasswordTruncateErrora] Error raised if password would be truncated by hash. This derives from :exc:`PasswordSizeError` (above). Hashers such as :class:`~passlib.hash.bcrypt` can be configured to raises this error by setting ``truncate_error=True``. .. attribute:: max_size indicates the maximum allowed size. .. versionadded:: 1.7 NcCs,|durd|j|jf}t||j|dS)Nz1Password too long (%s truncates to %d characters))rZ truncate_sizerr)rclsrr r r rps  zPasswordTruncateError.__init__)Nr r r r r rasrc@seZdZdZdS)PasslibSecurityErrorz Error raised if critical security issue is detected (e.g. an attempt is made to use a vulnerable version of a bcrypt backend). .. versionadded:: 1.6.3 Nrr r r r rwsrc@seZdZdZdZdddZdS) TokenErrora Base error raised by v:mod:`passlib.totp` when a token can't be parsed / isn't valid / etc. Derives from :exc:`!ValueError`. Usually one of the more specific subclasses below will be raised: * :class:`MalformedTokenError` -- invalid chars, too few digits * :class:`InvalidTokenError` -- no match found * :class:`UsedTokenError` -- match found, but token already used .. versionadded:: 1.7 zToken not acceptableNcOs,|dur|j}tj||g|Ri|dSN)_default_messagerr)rrargskwdsr r r rszTokenError.__init__)N)r r rrrrr r r r rsrc@seZdZdZdZdS)MalformedTokenErrorz Error raised by :mod:`passlib.totp` when a token isn't formatted correctly (contains invalid characters, wrong number of digits, etc) zUnrecognized tokenNr r rrrr r r r rsrc@seZdZdZdZdS)InvalidTokenErrorz Error raised by :mod:`passlib.totp` when a token is formatted correctly, but doesn't match any tokens within valid range. zToken did not matchNr r r r r r!sr!c@s eZdZdZdZdZddZdS)UsedTokenErrorz Error raised by :mod:`passlib.totp` if a token is reused. Derives from :exc:`TokenError`. .. autoattribute:: expire_time .. versionadded:: 1.7 z5Token has already been used, please wait for another.NcOs*|dd|_tj|g|Ri|dS)N expire_time)popr#rr)rrrr r r rszUsedTokenError.__init__)r r rrrr#rr r r r r"sr"c@s"eZdZdZdddZddZdS)UnknownHashErrorar Error raised by :class:`~passlib.crypto.lookup_hash` if hash name is not recognized. This exception derives from :exc:`!ValueError`. As of version 1.7.3, this may also be raised if hash algorithm is known, but has been disabled due to FIPS mode (message will include phrase "disabled for fips"). As of version 1.7.4, this may be raised if a :class:`~passlib.context.CryptContext` is unable to identify the algorithm used by a password hash. .. versionadded:: 1.7 .. versionchanged: 1.7.3 added 'message' argument. .. versionchanged:: 1.7.4 altered call signature. NcCs.||_|durd|}||_t|||dS)Nzunknown hash algorithm: %r)valuerrr)rrr&r r r rs zUnknownHashError.__init__cCs|jSr)r)rr r r __str__szUnknownHashError.__str__)NN)r r rrrr'r r r r r%s r%c@seZdZdZdS)PasslibWarningzxbase class for Passlib's user warnings, derives from the builtin :exc:`UserWarning`. .. versionadded:: 1.6 Nrr r r r r(sr(c@seZdZdZdS)PasslibConfigWarningaHWarning issued when non-fatal issue is found related to the configuration of a :class:`~passlib.context.CryptContext` instance. This occurs primarily in one of two cases: * The CryptContext contains rounds limits which exceed the hard limits imposed by the underlying algorithm. * An explicit rounds value was provided which exceeds the limits imposed by the CryptContext. In both of these cases, the code will perform correctly & securely; but the warning is issued as a sign the configuration may need updating. .. versionadded:: 1.6 Nrr r r r r)sr)c@seZdZdZdS)PasslibHashWarningaWarning issued when non-fatal issue is found with parameters or hash string passed to a passlib hash class. This occurs primarily in one of two cases: * A rounds value or other setting was explicitly provided which exceeded the handler's limits (and has been clamped by the :ref:`relaxed` flag). * A malformed hash string was encountered which (while parsable) should be re-encoded. .. versionadded:: 1.6 Nrr r r r r*sr*c@seZdZdZdS)PasslibRuntimeWarninga8Warning issued when something unexpected happens during runtime. The fact that it's a warning instead of an error means Passlib was able to correct for the issue, but that it's anomalous enough that the developers would love to hear under what conditions it occurred. .. versionadded:: 1.6 Nrr r r r r+sr+c@seZdZdZdS)PasslibSecurityWarningzxSpecial warning issued when Passlib encounters something that might affect security. .. versionadded:: 1.6 Nrr r r r r,sr,cCs|r |jSdS)Nz )rhandlerr r r _get_name"sr/cCs<|j}|jr&|jdvr&d|j|jfS|dur2dS|jSdS)zr r r ChecksumSizeError_s  rFhashcCs.ts|dust|trt|Sd|t|fS)a helper used to display sensitive data (hashes etc) within error messages. currently returns placeholder test UNLESS unittests are running, in which case the real value is displayed. mainly useful to prevent hashes / secrets from being exposed in production tracebacks; while still being visible from test failures. NOTE: api subject to change, may formalize this more in the future. Nz<%s %s value omitted>)ENABLE_DEBUG_ONLY_REPR isinstanceboolreprtyper7r r r debug_only_reprps rM crypt.crypt()cCs,t|}d||t|t|f}t|dS)z helper to generate standard message when ``crypt.crypt()`` returns invalid result. takes care of automatically masking contents of config & hash outside of UTs. z.%s returned invalid %s hash: config=%s hash=%sN)r/rMr)r.ZconfigrGsourcerrr r r CryptBackendErrors rP)N)N)N)NN)N)F)rG)rN)"rrr RuntimeErrorrrrrrrrrr!r"r% UserWarningr(r)r*r+r,r/r3r6r8r;r<r=r@rArFrHrMrPr r r r s>  ' !