4P@iiVdZddlmZmZddlZddlZddlZddlmZddl Z ddl m Z m Z ddl Z ddlmZddlmZmZej&eZdZed Zed Zd Zd ZeGd dZdefdZGddej:ZdZefdefdZ GddeZ!y)z5Mutual TLS for Google Compute Engine metadata server.) dataclassfieldN)Path)urlparse urlunparse) HTTPAdapter)environment_vars exceptionsntz#C:/ProgramData/Google/ComputeEnginez/run/google-mds-mtlscTtjtk(r tdz Stdz S)Nzmds-mtls-root.crtzroot.crtosname_WINDOWS_OS_NAME"_WINDOWS_MTLS_COMPONENTS_BASE_PATH_MTLS_COMPONENTS_BASE_PATHj/home/www/lebenam.kofcorporation.com/venv/lib/python3.12/site-packages/google/auth/compute_engine/_mtls.py_get_mds_root_crt_pathr,s& ww""14GGG)J66rcTtjtk(r tdz Stdz S)Nzmds-mtls-client.keyz client.keyr rrr"_get_mds_client_combined_cert_pathr3s& ww""14III)L88rcFeZdZUeeZeed<eeZ eed<y) MdsMtlsConfig)default_factory ca_cert_pathclient_combined_cert_pathN) __name__ __module__ __qualname__rrrr__annotations__rrrrrrr:s-.L$',:'trrmds_mtls_configctjj|jxr)tjj|jS)z&Checks if the mTLS certificates exist.)rpathexistsrr)r"s r _certs_existr&Ds: 77>>/66 7 BGGNN11=rceZdZdZdZdZdZy) MdsMtlsModeaGMDS mTLS mode. Used to configure connection behavior when connecting to MDS. STRICT: Always use HTTPS/mTLS. If certificates are not found locally, an error will be returned. NONE: Never use mTLS. Requests will use regular HTTP. DEFAULT: Use mTLS if certificates are found locally, otherwise use regular HTTP. strictnonedefaultN)rrr __doc__STRICTNONEDEFAULTrrrr(r(KsF DGrr(ctjjtjdj } t |S#t$r tdwxYw)z7Parses the GCE_METADATA_MTLS_MODE environment variable.r+zXInvalid value for GCE_METADATA_MTLS_MODE. Must be one of 'strict', 'none', or 'default'.)renvirongetr GCE_METADATA_MTLS_MODElowerr( ValueError)mode_strs r_parse_mds_moder7XsXzz~~// eg  8$$   f   s A Act}|tjk(r!t|st j dy|tj k(ryt|S)z:Determines if mTLS should be used for the metadata server.z+mTLS certificates not found in strict mode.TF)r7r(r-r&r MutualTLSChannelErrorr.)r"modes rshould_use_mds_mtlsr;esW  D {!!!O,22=  !! !O,,rcTeZdZdZefdeffd ZfdZfdZfdZxZ S)MdsMtlsAdapterz7An HTTP adapter that uses mTLS for the metadata server.r"ctj|_|jj|j|jj |j tt|&|i|y)N)cafile)certfile) sslcreate_default_context ssl_contextload_verify_locationsrload_cert_chainrsuperr=__init__)selfr"argskwargs __class__s rrGzMdsMtlsAdapter.__init__wsk557 ..o6R6R.S (($>> )  nd,d=f=rcH|j|d<tt||i|SNrC)rCrFr=init_poolmanagerrHrIrJrKs rrNzMdsMtlsAdapter.init_poolmanagers* $ 0 0}^T;TLVLLrcH|j|d<tt||i|SrM)rCrFr=proxy_manager_forrOs rrQz MdsMtlsAdapter.proxy_manager_fors* $ 0 0}^T+G+Gv+G+V W +GK'=L$<$$W77 7# 8s%AADA)D D D) rrr r,rrGrNrQrU __classcell__)rKs@rr=r=ts0A0=>,>MN88rr=)"r, dataclassesrrenumloggingrpathlibrrA urllib.parserrrXrequests.adaptersr google.authr r getLoggerrrZrrrrrrr&Enumr(r7r;r=rrrrns"<(   -)4 '  H % &**O%P"!"8979  - $))   :G - -08[08r