a
    }|ägà<  ã                   @   s®  d Z ddlmZ ddlmZ ddlmZ ddlmZ ddlmZ ddlm	Z	 ddlm
Z
 dd	lmZ dd
lmZ ddlmZ ddlmZ ddlmZ ddlmZ ddlmZ ddlmZ zddlmZ W n eyÞ   eZY n0 erðddlmZ G dd„ dedZG dd„ dedZG dd„ deƒZ G dd„ deƒZ!G dd„ dedZ"G dd„ dedZ#G d d!„ d!edZ$G d"d#„ d#eƒZ%G d$d%„ d%eƒZ&G d&d'„ d'e&ƒZ'G d(d)„ d)e&ƒZ(d*S )+zCertbot client interfaces.é    )ÚABCMeta)Úabstractmethod)ÚArgumentParser)ÚAny)ÚIterable)ÚList)ÚOptional)ÚType)ÚTYPE_CHECKING)ÚUnion)Ú	Challenge)ÚChallengeResponse)ÚClientV2)Úconfiguration)ÚAnnotatedChallenge)Ú	Interface)ÚAccountc                   @   sP   e Zd ZdZeed dœdd„ƒZeeddœdd„ƒZede	d	d
œdd„ƒZ
d	S )ÚAccountStoragezAccounts storage interface.r   ©Úreturnc                 C   s
   t ƒ ‚dS )zXFind all accounts.

        :returns: All found accounts.
        :rtype: list

        N©ÚNotImplementedError©Úself© r   ú6/usr/lib/python3.9/site-packages/certbot/interfaces.pyÚfind_all   s    zAccountStorage.find_all)Ú
account_idr   c                 C   s
   t ƒ ‚dS )zéLoad an account by its id.

        :raises .AccountNotFound: if account could not be found
        :raises .AccountStorageError: if account could not be loaded

        :returns: The account loaded
        :rtype: .Account

        Nr   )r   r   r   r   r   Úload)   s    zAccountStorage.loadN)ÚaccountÚclientr   c                 C   s
   t ƒ ‚dS )z\Save account.

        :raises .AccountStorageError: if account could not be saved

        Nr   )r   r   r    r   r   r   Úsave6   s    zAccountStorage.save)Ú__name__Ú
__module__Ú__qualname__Ú__doc__r   r   r   Ústrr   r   r!   r   r   r   r   r      s   	r   )Ú	metaclassc                       sŒ   e Zd ZU dZeZeed< eZeed< e	e
ej eddœ‡ fdd„ƒZe	ddœd	d
„ƒZe	edœdd„ƒZee	eeddœdd„ƒƒZ‡  ZS )ÚPlugina-  Certbot plugin.

    Objects providing this interface will be called without satisfying
    any entry point "extras" (extra dependencies) you might have defined
    for your plugin, e.g (excerpt from ``setup.py`` script)::

      setup(
          ...
          entry_points={
              'certbot.plugins': [
                  'name=example_project.plugin[plugin_deps]',
              ],
          },
          extras_require={
              'plugin_deps': ['dep1', 'dep2'],
          }
      )

    Therefore, make sure such objects are importable and usable without
    extras. This is necessary, because CLI does the following operations
    (in order):

      - loads an entry point,
      - calls `inject_parser_options`,
      - requires an entry point,
      - creates plugin instance (`__call__`).

    ÚdescriptionÚnameN)Úconfigr*   r   c                    s   t ƒ  ¡  dS )z’Create a new `Plugin`.

        :param configuration.NamespaceConfig config: Configuration.
        :param str name: Unique plugin name.

        N)ÚsuperÚ__init__)r   r+   r*   ©Ú	__class__r   r   r-   d   s    zPlugin.__init__r   c                 C   s   dS )aŒ  Prepare the plugin.

        Finish up any additional initialization.

        :raises .PluginError:
            when full initialization cannot be completed.
        :raises .MisconfigurationError:
            when full initialization cannot be completed. Plugin will
            be displayed on a list of available plugins.
        :raises .NoInstallationError:
            when the necessary programs/files cannot be located. Plugin
            will NOT be displayed on a list of available plugins.
        :raises .NotSupportedError:
            when the installation is recognized, but the version is not
            currently supported.

        Nr   r   r   r   r   Úpreparen   s    zPlugin.preparec                 C   s   dS )zºHuman-readable string to help the user.

        Should describe the steps taken and any relevant info to help the user
        decide which plugin to use.

        :rtype str:

        Nr   r   r   r   r   Ú	more_info‚   s    zPlugin.more_info)Úparserr*   r   c                 C   s   dS )aœ  Inject argument parser options (flags).

        1. Be nice and prepend all options and destinations with
        `~.common.option_namespace` and `~common.dest_namespace`.

        2. Inject options (flags) only. Positional arguments are not
        allowed, as this would break the CLI.

        :param ArgumentParser parser: (Almost) top-level CLI parser.
        :param str name: Unique plugin name.

        Nr   )Úclsr2   r*   r   r   r   Úinject_parser_options   s    zPlugin.inject_parser_options)r"   r#   r$   r%   ÚNotImplementedr)   r&   Ú__annotations__r*   r   r   r   ZNamespaceConfigr-   r0   r1   Úclassmethodr   r4   Ú__classcell__r   r   r.   r   r(   @   s   
	
r(   c                   @   s`   e Zd ZdZeeeee  dœdd„ƒZ	ee
e e
e dœdd„ƒZee
e ddœd	d
„ƒZdS )ÚAuthenticatorz¡Generic Certbot Authenticator.

    Class represents all possible tools processes that have the
    ability to perform challenges and attain a certificate.

    )Údomainr   c                 C   s   dS )aÊ  Return `collections.Iterable` of challenge preferences.

        :param str domain: Domain for which challenge preferences are sought.

        :returns: `collections.Iterable` of challenge types (subclasses of
            :class:`acme.challenges.Challenge`) with the most
            preferred challenges first. If a type is not specified, it means the
            Authenticator cannot perform the challenge.
        :rtype: `collections.Iterable`

        Nr   )r   r:   r   r   r   Úget_chall_pref¦   s    zAuthenticator.get_chall_pref)Úachallsr   c                 C   s   dS )aå  Perform the given challenge.

        :param list achalls: Non-empty (guaranteed) list of
            :class:`~certbot.achallenges.AnnotatedChallenge`
            instances, such that it contains types found within
            :func:`get_chall_pref` only.

        :returns: list of ACME
            :class:`~acme.challenges.ChallengeResponse` instances corresponding to each provided
            :class:`~acme.challenges.Challenge`.
        :rtype: :class:`collections.List` of
            :class:`acme.challenges.ChallengeResponse`,
            where responses are required to be returned in
            the same order as corresponding input challenges

        :raises .PluginError: If some or all challenges cannot be performed

        Nr   ©r   r<   r   r   r   Úperform´   s    zAuthenticator.performNc                 C   s   dS )aÊ  Revert changes and shutdown after challenges complete.

        This method should be able to revert all changes made by
        perform, even if perform exited abnormally.

        :param list achalls: Non-empty (guaranteed) list of
            :class:`~certbot.achallenges.AnnotatedChallenge`
            instances, a subset of those previously passed to :func:`perform`.

        :raises PluginError: if original configuration cannot be restored

        Nr   r=   r   r   r   ÚcleanupÉ   s    zAuthenticator.cleanup)r"   r#   r$   r%   r   r&   r   r	   r   r;   r   r   r   r>   r?   r   r   r   r   r9   ž   s   r9   c                   @   sê   e Zd ZdZeee dœdd„ƒZeeeeeeddœdd„ƒZedeee	e
ee ef  dd	œd
d„ƒZeee dœdd„ƒZede	e eddœdd„ƒZededdœdd„ƒZeddœdd„ƒZeddœdd„ƒZeddœdd„ƒZdS )Ú	Installeraá  Generic Certbot Installer Interface.

    Represents any server that an X509 certificate can be placed.

    It is assumed that :func:`save` is the only method that finalizes a
    checkpoint. This is important to ensure that checkpoints are
    restored in a consistent manner if requested by the user or in case
    of an error.

    Using :class:`certbot.reverter.Reverter` to implement checkpoints,
    rollback, and recovery can dramatically simplify plugin development.

    r   c                 C   s   dS )zgReturns all names that may be authenticated.

        :rtype: `collections.Iterable` of `str`

        Nr   r   r   r   r   Úget_all_namesè   s    zInstaller.get_all_namesN)r:   Ú	cert_pathÚkey_pathÚ
chain_pathÚfullchain_pathr   c                 C   s   dS )aÚ  Deploy certificate.

        :param str domain: domain to deploy certificate file
        :param str cert_path: absolute path to the certificate file
        :param str key_path: absolute path to the private key file
        :param str chain_path: absolute path to the certificate chain file
        :param str fullchain_path: absolute path to the certificate fullchain
            file (cert plus chain)

        :raises .PluginError: when cert cannot be deployed

        Nr   )r   r:   rB   rC   rD   rE   r   r   r   Údeploy_certð   s    zInstaller.deploy_cert)r:   ÚenhancementÚoptionsr   c                 C   s   dS )aG  Perform a configuration enhancement.

        :param str domain: domain for which to provide enhancement
        :param str enhancement: An enhancement as defined in
            :const:`~certbot.plugins.enhancements.ENHANCEMENTS`
        :param options: Flexible options parameter for enhancement.
            Check documentation of
            :const:`~certbot.plugins.enhancements.ENHANCEMENTS`
            for expected options for each enhancement.

        :raises .PluginError: If Enhancement is not supported, or if
            an error occurs during the enhancement.

        Nr   )r   r:   rG   rH   r   r   r   Úenhance   s    zInstaller.enhancec                 C   s   dS )a	  Returns a `collections.Iterable` of supported enhancements.

        :returns: supported enhancements which should be a subset of
            :const:`~certbot.plugins.enhancements.ENHANCEMENTS`
        :rtype: :class:`collections.Iterable` of :class:`str`

        Nr   r   r   r   r   Úsupported_enhancements  s    z Installer.supported_enhancementsF)ÚtitleÚ	temporaryr   c                 C   s   dS )a1  Saves all changes to the configuration files.

        Both title and temporary are needed because a save may be
        intended to be permanent, but the save is not ready to be a full
        checkpoint.

        It is assumed that at most one checkpoint is finalized by this
        method. Additionally, if an exception is raised, it is assumed a
        new checkpoint was not finalized.

        :param str title: The title of the save. If a title is given, the
            configuration will be saved as a new checkpoint and put in a
            timestamped directory. `title` has no effect if temporary is true.

        :param bool temporary: Indicates whether the changes made will
            be quickly reversed in the future (challenges)

        :raises .PluginError: when save is unsuccessful

        Nr   )r   rK   rL   r   r   r   r!     s    zInstaller.saveé   )Úrollbackr   c                 C   s   dS )z‹Revert `rollback` number of configuration checkpoints.

        :raises .PluginError: when configuration cannot be fully reverted

        Nr   )r   rN   r   r   r   Úrollback_checkpoints3  s    zInstaller.rollback_checkpointsc                 C   s   dS )aA  Revert configuration to most recent finalized checkpoint.

        Remove all changes (temporary and permanent) that have not been
        finalized. This is useful to protect against crashes and other
        execution interruptions.

        :raises .errors.PluginError: If unable to recover the configuration

        Nr   r   r   r   r   Úrecovery_routine;  s    zInstaller.recovery_routinec                 C   s   dS )zMake sure the configuration is valid.

        :raises .MisconfigurationError: when the config is not in a usable state

        Nr   r   r   r   r   Úconfig_testG  s    zInstaller.config_testc                 C   s   dS )zoRestart or refresh the server content.

        :raises .PluginError: when server cannot be restarted

        Nr   r   r   r   r   ÚrestartO  s    zInstaller.restart)N)NF)rM   )r"   r#   r$   r%   r   r   r&   rA   rF   r   r   r   rI   rJ   Úboolr!   ÚintrO   rP   rQ   rR   r   r   r   r   r@   Ù   s0   ÿ ÿÿ	r@   c                   @   s”   e Zd ZdZeeedœdd„ƒƒZeeedœdd„ƒƒZeeedœdd„ƒƒZ	eeedœd	d
„ƒƒZ
eeedœdd„ƒƒZeee dœdd„ƒZdS )ÚRenewableCertz#Interface to a certificate lineage.r   c                 C   s   dS )z<Path to the certificate file.

        :rtype: str

        Nr   r   r   r   r   rB   [  s    zRenewableCert.cert_pathc                 C   s   dS )z<Path to the private key file.

        :rtype: str

        Nr   r   r   r   r   rC   d  s    zRenewableCert.key_pathc                 C   s   dS )zBPath to the certificate chain file.

        :rtype: str

        Nr   r   r   r   r   rD   m  s    zRenewableCert.chain_pathc                 C   s   dS )z€Path to the full chain file.

        The full chain is the certificate file plus the chain file.

        :rtype: str

        Nr   r   r   r   r   rE   v  s    zRenewableCert.fullchain_pathc                 C   s   dS )zEName given to the certificate lineage.

        :rtype: str

        Nr   r   r   r   r   Úlineagename  s    zRenewableCert.lineagenamec                 C   s   dS )z¾What are the subject names of this certificate?

        :returns: the subject names
        :rtype: `list` of `str`
        :raises .CertStorageError: if could not find cert file.

        Nr   r   r   r   r   ÚnamesŠ  s    zRenewableCert.namesN)r"   r#   r$   r%   Úpropertyr   r&   rB   rC   rD   rE   rV   r   rW   r   r   r   r   rU   X  s$   	rU   c                   @   s(   e Zd ZdZeeeeddœdd„ƒZdS )ÚGenericUpdateraI  Interface for update types not currently specified by Certbot.

    This class allows plugins to perform types of updates that Certbot hasn't
    defined (yet).

    To make use of this interface, the installer should implement the interface
    methods, and interfaces.GenericUpdater.register(InstallerClass) should
    be called from the installer code.

    The plugins implementing this enhancement are responsible of handling
    the saving of configuration checkpoints as well as other calls to
    interface methods of `interfaces.Installer` such as prepare() and restart()
    N©ÚlineageÚargsÚkwargsr   c                 O   s   dS )aò  Perform any update types defined by the installer.

        If an installer is a subclass of the class containing this method, this
        function will always be called when "certbot renew" is run. If the
        update defined by the installer should be run conditionally, the
        installer needs to handle checking the conditions itself.

        This method is called once for each lineage.

        :param lineage: Certificate lineage object
        :type lineage: RenewableCert

        Nr   ©r   r[   r\   r]   r   r   r   Úgeneric_updates®  s    zGenericUpdater.generic_updates)r"   r#   r$   r%   r   rU   r   r_   r   r   r   r   rY   Ÿ  s   rY   c                   @   s(   e Zd ZdZeeeeddœdd„ƒZdS )ÚRenewDeployera…  Interface for update types run when a lineage is renewed

    This class allows plugins to perform types of updates that need to run at
    lineage renewal that Certbot hasn't defined (yet).

    To make use of this interface, the installer should implement the interface
    methods, and interfaces.RenewDeployer.register(InstallerClass) should
    be called from the installer code.
    NrZ   c                 O   s   dS )a   Perform updates defined by installer when a certificate has been renewed

        If an installer is a subclass of the class containing this method, this
        function will always be called when a certificate has been renewed by
        running "certbot renew". For example if a plugin needs to copy a
        certificate over, or change configuration based on the new certificate.

        This method is called once for each lineage renewed

        :param lineage: Certificate lineage object
        :type lineage: RenewableCert

        Nr   r^   r   r   r   Úrenew_deployÊ  s    zRenewDeployer.renew_deploy)r"   r#   r$   r%   r   rU   r   ra   r   r   r   r   r`   ¿  s   
r`   c                   @   s   e Zd ZdZdS )ÚIPluginFactoryúSCompatibility shim for plugins that still use Certbot's old zope.interface classes.N©r"   r#   r$   r%   r   r   r   r   rb   Û  s   rb   c                   @   s   e Zd ZdZdS )ÚIPluginrc   Nrd   r   r   r   r   re   Þ  s   re   c                   @   s   e Zd ZdZdS )ÚIAuthenticatorrc   Nrd   r   r   r   r   rf   á  s   rf   c                   @   s   e Zd ZdZdS )Ú
IInstallerrc   Nrd   r   r   r   r   rg   ä  s   rg   N))r%   Úabcr   r   Úargparser   Útypingr   r   r   r   r	   r
   r   Zacme.challengesr   r   Zacme.clientr   Zcertbotr   Zcertbot.achallengesr   Zzope.interfacer   ZZopeInterfaceÚImportErrorÚobjectZcertbot._internal.accountr   r   r(   r9   r@   rU   rY   r`   rb   re   rf   rg   r   r   r   r   Ú<module>   s@   
$^;G 