Stubs for oauthlib (#5766)

This was generated with stubgen, with a touch of manual intervention to clean up and 
have it pass tests.

pyrightconfig.stricter.json

@@ -53,6 +53,7 @@
         "stubs/Werkzeug",
         "stubs/beautifulsoup4",
         "stubs/slumber",
+        "stubs/oauthlib"
     ],
     "typeCheckingMode": "basic",
     "strictListInference": true,

stubs/oauthlib/@tests/stubtest_allowlist.txt

@@ -0,0 +1 @@
+oauthlib.oauth1.rfc5849.parameters.prepare_headers

stubs/oauthlib/METADATA.toml

@@ -0,0 +1 @@
+version = "3.1"

stubs/oauthlib/oauthlib/__init__.pyi

@@ -0,0 +1,2 @@
+def set_debug(debug_val) -> None: ...
+def get_debug(): ...

stubs/oauthlib/oauthlib/common.pyi

@@ -0,0 +1,56 @@
+from typing import Any, Dict
+
+UNICODE_ASCII_CHARACTER_SET: str
+CLIENT_ID_CHARACTER_SET: str
+SANITIZE_PATTERN: Any
+INVALID_HEX_PATTERN: Any
+always_safe: str
+log: Any
+
+def quote(s, safe: bytes = ...): ...
+def unquote(s): ...
+def urlencode(params): ...
+def encode_params_utf8(params): ...
+def decode_params_utf8(params): ...
+
+urlencoded: Any
+
+def urldecode(query): ...
+def extract_params(raw): ...
+def generate_nonce(): ...
+def generate_timestamp(): ...
+def generate_token(length: int = ..., chars=...): ...
+def generate_signed_token(private_pem, request): ...
+def verify_signed_token(public_pem, token): ...
+def generate_client_id(length: int = ..., chars=...): ...
+def add_params_to_qs(query, params): ...
+def add_params_to_uri(uri, params, fragment: bool = ...): ...
+def safe_string_equals(a, b): ...
+def to_unicode(data, encoding: str = ...): ...
+
+class CaseInsensitiveDict(Dict[Any, Any]):
+    proxy: Any
+    def __init__(self, data) -> None: ...
+    def __contains__(self, k): ...
+    def __delitem__(self, k) -> None: ...
+    def __getitem__(self, k): ...
+    def get(self, k, default: Any | None = ...): ...
+    def __setitem__(self, k, v) -> None: ...
+    def update(self, *args, **kwargs) -> None: ...
+
+class Request:
+    uri: Any
+    http_method: Any
+    headers: Any
+    body: Any
+    decoded_body: Any
+    oauth_params: Any
+    validator_log: Any
+    def __init__(self, uri, http_method: str = ..., body: Any | None = ..., headers: Any | None = ..., encoding: str = ...): ...
+    def __getattr__(self, name): ...
+    @property
+    def uri_query(self): ...
+    @property
+    def uri_query_params(self): ...
+    @property
+    def duplicate_params(self): ...

stubs/oauthlib/oauthlib/oauth1/__init__.pyi

@@ -0,0 +1,31 @@
+from .rfc5849 import (
+    SIGNATURE_HMAC as SIGNATURE_HMAC,
+    SIGNATURE_HMAC_SHA1 as SIGNATURE_HMAC_SHA1,
+    SIGNATURE_HMAC_SHA256 as SIGNATURE_HMAC_SHA256,
+    SIGNATURE_HMAC_SHA512 as SIGNATURE_HMAC_SHA512,
+    SIGNATURE_PLAINTEXT as SIGNATURE_PLAINTEXT,
+    SIGNATURE_RSA as SIGNATURE_RSA,
+    SIGNATURE_RSA_SHA1 as SIGNATURE_RSA_SHA1,
+    SIGNATURE_RSA_SHA256 as SIGNATURE_RSA_SHA256,
+    SIGNATURE_RSA_SHA512 as SIGNATURE_RSA_SHA512,
+    SIGNATURE_TYPE_AUTH_HEADER as SIGNATURE_TYPE_AUTH_HEADER,
+    SIGNATURE_TYPE_BODY as SIGNATURE_TYPE_BODY,
+    SIGNATURE_TYPE_QUERY as SIGNATURE_TYPE_QUERY,
+    Client as Client,
+)
+from .rfc5849.endpoints import (
+    AccessTokenEndpoint as AccessTokenEndpoint,
+    AuthorizationEndpoint as AuthorizationEndpoint,
+    RequestTokenEndpoint as RequestTokenEndpoint,
+    ResourceEndpoint as ResourceEndpoint,
+    SignatureOnlyEndpoint as SignatureOnlyEndpoint,
+    WebApplicationServer as WebApplicationServer,
+)
+from .rfc5849.errors import (
+    InsecureTransportError as InsecureTransportError,
+    InvalidClientError as InvalidClientError,
+    InvalidRequestError as InvalidRequestError,
+    InvalidSignatureMethodError as InvalidSignatureMethodError,
+    OAuth1Error as OAuth1Error,
+)
+from .rfc5849.request_validator import RequestValidator as RequestValidator

stubs/oauthlib/oauthlib/oauth1/rfc5849/__init__.pyi

@@ -0,0 +1,56 @@
+from typing import Any
+
+log: Any
+SIGNATURE_HMAC_SHA1: str
+SIGNATURE_HMAC_SHA256: str
+SIGNATURE_HMAC_SHA512: str
+SIGNATURE_HMAC: str
+SIGNATURE_RSA_SHA1: str
+SIGNATURE_RSA_SHA256: str
+SIGNATURE_RSA_SHA512: str
+SIGNATURE_RSA: str
+SIGNATURE_PLAINTEXT: str
+SIGNATURE_METHODS: Any
+SIGNATURE_TYPE_AUTH_HEADER: str
+SIGNATURE_TYPE_QUERY: str
+SIGNATURE_TYPE_BODY: str
+CONTENT_TYPE_FORM_URLENCODED: str
+
+class Client:
+    SIGNATURE_METHODS: Any
+    @classmethod
+    def register_signature_method(cls, method_name, method_callback) -> None: ...
+    client_key: Any
+    client_secret: Any
+    resource_owner_key: Any
+    resource_owner_secret: Any
+    signature_method: Any
+    signature_type: Any
+    callback_uri: Any
+    rsa_key: Any
+    verifier: Any
+    realm: Any
+    encoding: Any
+    decoding: Any
+    nonce: Any
+    timestamp: Any
+    def __init__(
+        self,
+        client_key,
+        client_secret: Any | None = ...,
+        resource_owner_key: Any | None = ...,
+        resource_owner_secret: Any | None = ...,
+        callback_uri: Any | None = ...,
+        signature_method=...,
+        signature_type=...,
+        rsa_key: Any | None = ...,
+        verifier: Any | None = ...,
+        realm: Any | None = ...,
+        encoding: str = ...,
+        decoding: Any | None = ...,
+        nonce: Any | None = ...,
+        timestamp: Any | None = ...,
+    ): ...
+    def get_oauth_signature(self, request): ...
+    def get_oauth_params(self, request): ...
+    def sign(self, uri, http_method: str = ..., body: Any | None = ..., headers: Any | None = ..., realm: Any | None = ...): ...

stubs/oauthlib/oauthlib/oauth1/rfc5849/endpoints/__init__.pyi

@@ -0,0 +1,7 @@
+from .access_token import AccessTokenEndpoint as AccessTokenEndpoint
+from .authorization import AuthorizationEndpoint as AuthorizationEndpoint
+from .base import BaseEndpoint as BaseEndpoint
+from .pre_configured import WebApplicationServer as WebApplicationServer
+from .request_token import RequestTokenEndpoint as RequestTokenEndpoint
+from .resource import ResourceEndpoint as ResourceEndpoint
+from .signature_only import SignatureOnlyEndpoint as SignatureOnlyEndpoint

stubs/oauthlib/oauthlib/oauth1/rfc5849/endpoints/access_token.pyi

@@ -0,0 +1,12 @@
+from typing import Any
+
+from .base import BaseEndpoint as BaseEndpoint
+
+log: Any
+
+class AccessTokenEndpoint(BaseEndpoint):
+    def create_access_token(self, request, credentials): ...
+    def create_access_token_response(
+        self, uri, http_method: str = ..., body: Any | None = ..., headers: Any | None = ..., credentials: Any | None = ...
+    ): ...
+    def validate_access_token_request(self, request): ...

stubs/oauthlib/oauthlib/oauth1/rfc5849/endpoints/authorization.pyi

@@ -0,0 +1,16 @@
+from typing import Any
+
+from .base import BaseEndpoint as BaseEndpoint
+
+class AuthorizationEndpoint(BaseEndpoint):
+    def create_verifier(self, request, credentials): ...
+    def create_authorization_response(
+        self,
+        uri,
+        http_method: str = ...,
+        body: Any | None = ...,
+        headers: Any | None = ...,
+        realms: Any | None = ...,
+        credentials: Any | None = ...,
+    ): ...
+    def get_realms_and_credentials(self, uri, http_method: str = ..., body: Any | None = ..., headers: Any | None = ...): ...

stubs/oauthlib/oauthlib/oauth1/rfc5849/endpoints/base.pyi

@@ -0,0 +1,6 @@
+from typing import Any
+
+class BaseEndpoint:
+    request_validator: Any
+    token_generator: Any
+    def __init__(self, request_validator, token_generator: Any | None = ...) -> None: ...

stubs/oauthlib/oauthlib/oauth1/rfc5849/endpoints/pre_configured.pyi

@@ -0,0 +1,9 @@
+from . import (
+    AccessTokenEndpoint as AccessTokenEndpoint,
+    AuthorizationEndpoint as AuthorizationEndpoint,
+    RequestTokenEndpoint as RequestTokenEndpoint,
+    ResourceEndpoint as ResourceEndpoint,
+)
+
+class WebApplicationServer(RequestTokenEndpoint, AuthorizationEndpoint, AccessTokenEndpoint, ResourceEndpoint):
+    def __init__(self, request_validator) -> None: ...

stubs/oauthlib/oauthlib/oauth1/rfc5849/endpoints/request_token.pyi

@@ -0,0 +1,12 @@
+from typing import Any
+
+from .base import BaseEndpoint as BaseEndpoint
+
+log: Any
+
+class RequestTokenEndpoint(BaseEndpoint):
+    def create_request_token(self, request, credentials): ...
+    def create_request_token_response(
+        self, uri, http_method: str = ..., body: Any | None = ..., headers: Any | None = ..., credentials: Any | None = ...
+    ): ...
+    def validate_request_token_request(self, request): ...

stubs/oauthlib/oauthlib/oauth1/rfc5849/endpoints/resource.pyi

@@ -0,0 +1,10 @@
+from typing import Any
+
+from .base import BaseEndpoint as BaseEndpoint
+
+log: Any
+
+class ResourceEndpoint(BaseEndpoint):
+    def validate_protected_resource_request(
+        self, uri, http_method: str = ..., body: Any | None = ..., headers: Any | None = ..., realms: Any | None = ...
+    ): ...

stubs/oauthlib/oauthlib/oauth1/rfc5849/endpoints/signature_only.pyi

@@ -0,0 +1,8 @@
+from typing import Any
+
+from .base import BaseEndpoint as BaseEndpoint
+
+log: Any
+
+class SignatureOnlyEndpoint(BaseEndpoint):
+    def validate_request(self, uri, http_method: str = ..., body: Any | None = ..., headers: Any | None = ...): ...

stubs/oauthlib/oauthlib/oauth1/rfc5849/errors.pyi

@@ -0,0 +1,28 @@
+from typing import Any
+
+class OAuth1Error(Exception):
+    error: Any
+    description: str
+    uri: Any
+    status_code: Any
+    def __init__(
+        self, description: Any | None = ..., uri: Any | None = ..., status_code: int = ..., request: Any | None = ...
+    ) -> None: ...
+    def in_uri(self, uri): ...
+    @property
+    def twotuples(self): ...
+    @property
+    def urlencoded(self): ...
+
+class InsecureTransportError(OAuth1Error):
+    error: str
+    description: str
+
+class InvalidSignatureMethodError(OAuth1Error):
+    error: str
+
+class InvalidRequestError(OAuth1Error):
+    error: str
+
+class InvalidClientError(OAuth1Error):
+    error: str

stubs/oauthlib/oauthlib/oauth1/rfc5849/parameters.pyi

@@ -0,0 +1,5 @@
+from typing import Any
+
+def prepare_headers(oauth_params, headers: Any | None = ..., realm: Any | None = ...): ...
+def prepare_form_encoded_body(oauth_params, body): ...
+def prepare_request_uri_query(oauth_params, uri): ...

stubs/oauthlib/oauthlib/oauth1/rfc5849/request_validator.pyi

@@ -0,0 +1,59 @@
+from typing import Any
+
+class RequestValidator:
+    def __init__(self) -> None: ...
+    @property
+    def allowed_signature_methods(self): ...
+    @property
+    def safe_characters(self): ...
+    @property
+    def client_key_length(self): ...
+    @property
+    def request_token_length(self): ...
+    @property
+    def access_token_length(self): ...
+    @property
+    def timestamp_lifetime(self): ...
+    @property
+    def nonce_length(self): ...
+    @property
+    def verifier_length(self): ...
+    @property
+    def realms(self): ...
+    @property
+    def enforce_ssl(self): ...
+    def check_client_key(self, client_key): ...
+    def check_request_token(self, request_token): ...
+    def check_access_token(self, request_token): ...
+    def check_nonce(self, nonce): ...
+    def check_verifier(self, verifier): ...
+    def check_realms(self, realms): ...
+    @property
+    def dummy_client(self) -> None: ...
+    @property
+    def dummy_request_token(self) -> None: ...
+    @property
+    def dummy_access_token(self) -> None: ...
+    def get_client_secret(self, client_key, request) -> None: ...
+    def get_request_token_secret(self, client_key, token, request) -> None: ...
+    def get_access_token_secret(self, client_key, token, request) -> None: ...
+    def get_default_realms(self, client_key, request) -> None: ...
+    def get_realms(self, token, request) -> None: ...
+    def get_redirect_uri(self, token, request) -> None: ...
+    def get_rsa_key(self, client_key, request) -> None: ...
+    def invalidate_request_token(self, client_key, request_token, request) -> None: ...
+    def validate_client_key(self, client_key, request) -> None: ...
+    def validate_request_token(self, client_key, token, request) -> None: ...
+    def validate_access_token(self, client_key, token, request) -> None: ...
+    def validate_timestamp_and_nonce(
+        self, client_key, timestamp, nonce, request, request_token: Any | None = ..., access_token: Any | None = ...
+    ) -> None: ...
+    def validate_redirect_uri(self, client_key, redirect_uri, request) -> None: ...
+    def validate_requested_realms(self, client_key, realms, request) -> None: ...
+    def validate_realms(self, client_key, token, request, uri: Any | None = ..., realms: Any | None = ...) -> None: ...
+    def validate_verifier(self, client_key, token, verifier, request) -> None: ...
+    def verify_request_token(self, token, request) -> None: ...
+    def verify_realms(self, token, realms, request) -> None: ...
+    def save_access_token(self, token, request) -> None: ...
+    def save_request_token(self, token, request) -> None: ...
+    def save_verifier(self, token, verifier, request) -> None: ...

stubs/oauthlib/oauthlib/oauth1/rfc5849/signature.pyi

@@ -0,0 +1,32 @@
+from typing import Any, Optional
+
+log: Any
+
+def signature_base_string(http_method: str, base_str_uri: str, normalized_encoded_request_parameters: str) -> str: ...
+def base_string_uri(uri: str, host: Optional[str] = ...) -> str: ...
+def collect_parameters(
+    uri_query: str = ...,
+    body: Any | None = ...,
+    headers: Any | None = ...,
+    exclude_oauth_signature: bool = ...,
+    with_realm: bool = ...,
+): ...
+def normalize_parameters(params) -> str: ...
+def sign_hmac_sha1_with_client(sig_base_str, client): ...
+def verify_hmac_sha1(request, client_secret: Any | None = ..., resource_owner_secret: Any | None = ...): ...
+def sign_hmac_sha1(base_string, client_secret, resource_owner_secret): ...
+def sign_hmac_sha256_with_client(sig_base_str, client): ...
+def verify_hmac_sha256(request, client_secret: Any | None = ..., resource_owner_secret: Any | None = ...): ...
+def sign_hmac_sha256(base_string, client_secret, resource_owner_secret): ...
+def sign_hmac_sha512_with_client(sig_base_str: str, client): ...
+def verify_hmac_sha512(request, client_secret: Optional[str] = ..., resource_owner_secret: Optional[str] = ...): ...
+def sign_rsa_sha1_with_client(sig_base_str, client): ...
+def verify_rsa_sha1(request, rsa_public_key: str): ...
+def sign_rsa_sha1(base_string, rsa_private_key): ...
+def sign_rsa_sha256_with_client(sig_base_str: str, client): ...
+def verify_rsa_sha256(request, rsa_public_key: str): ...
+def sign_rsa_sha512_with_client(sig_base_str: str, client): ...
+def verify_rsa_sha512(request, rsa_public_key: str): ...
+def sign_plaintext_with_client(_signature_base_string, client): ...
+def sign_plaintext(client_secret, resource_owner_secret): ...
+def verify_plaintext(request, client_secret: Any | None = ..., resource_owner_secret: Any | None = ...): ...

stubs/oauthlib/oauthlib/oauth1/rfc5849/utils.pyi

@@ -0,0 +1,9 @@
+UNICODE_ASCII_CHARACTER_SET: str
+
+def filter_params(target): ...
+def filter_oauth_params(params): ...
+def escape(u): ...
+def unescape(u): ...
+def parse_keqv_list(l): ...
+def parse_http_list(u): ...
+def parse_authorization_header(authorization_header): ...

stubs/oauthlib/oauthlib/oauth2/__init__.pyi

@@ -0,0 +1,59 @@
+from .rfc6749.clients import (
+    BackendApplicationClient as BackendApplicationClient,
+    Client as Client,
+    LegacyApplicationClient as LegacyApplicationClient,
+    MobileApplicationClient as MobileApplicationClient,
+    ServiceApplicationClient as ServiceApplicationClient,
+    WebApplicationClient as WebApplicationClient,
+)
+from .rfc6749.endpoints import (
+    AuthorizationEndpoint as AuthorizationEndpoint,
+    BackendApplicationServer as BackendApplicationServer,
+    IntrospectEndpoint as IntrospectEndpoint,
+    LegacyApplicationServer as LegacyApplicationServer,
+    MetadataEndpoint as MetadataEndpoint,
+    MobileApplicationServer as MobileApplicationServer,
+    ResourceEndpoint as ResourceEndpoint,
+    RevocationEndpoint as RevocationEndpoint,
+    Server as Server,
+    TokenEndpoint as TokenEndpoint,
+    WebApplicationServer as WebApplicationServer,
+)
+from .rfc6749.errors import (
+    AccessDeniedError as AccessDeniedError,
+    FatalClientError as FatalClientError,
+    InsecureTransportError as InsecureTransportError,
+    InvalidClientError as InvalidClientError,
+    InvalidClientIdError as InvalidClientIdError,
+    InvalidGrantError as InvalidGrantError,
+    InvalidRedirectURIError as InvalidRedirectURIError,
+    InvalidRequestError as InvalidRequestError,
+    InvalidRequestFatalError as InvalidRequestFatalError,
+    InvalidScopeError as InvalidScopeError,
+    MismatchingRedirectURIError as MismatchingRedirectURIError,
+    MismatchingStateError as MismatchingStateError,
+    MissingClientIdError as MissingClientIdError,
+    MissingCodeError as MissingCodeError,
+    MissingRedirectURIError as MissingRedirectURIError,
+    MissingResponseTypeError as MissingResponseTypeError,
+    MissingTokenError as MissingTokenError,
+    MissingTokenTypeError as MissingTokenTypeError,
+    OAuth2Error as OAuth2Error,
+    ServerError as ServerError,
+    TemporarilyUnavailableError as TemporarilyUnavailableError,
+    TokenExpiredError as TokenExpiredError,
+    UnauthorizedClientError as UnauthorizedClientError,
+    UnsupportedGrantTypeError as UnsupportedGrantTypeError,
+    UnsupportedResponseTypeError as UnsupportedResponseTypeError,
+    UnsupportedTokenTypeError as UnsupportedTokenTypeError,
+)
+from .rfc6749.grant_types import (
+    AuthorizationCodeGrant as AuthorizationCodeGrant,
+    ClientCredentialsGrant as ClientCredentialsGrant,
+    ImplicitGrant as ImplicitGrant,
+    RefreshTokenGrant as RefreshTokenGrant,
+    ResourceOwnerPasswordCredentialsGrant as ResourceOwnerPasswordCredentialsGrant,
+)
+from .rfc6749.request_validator import RequestValidator as RequestValidator
+from .rfc6749.tokens import BearerToken as BearerToken, OAuth2Token as OAuth2Token
+from .rfc6749.utils import is_secure_transport as is_secure_transport

stubs/oauthlib/oauthlib/oauth2/rfc6749/__init__.pyi

@@ -0,0 +1,11 @@
+from typing import Any
+
+from .endpoints.base import BaseEndpoint as BaseEndpoint, catch_errors_and_unavailability as catch_errors_and_unavailability
+from .errors import (
+    FatalClientError as FatalClientError,
+    OAuth2Error as OAuth2Error,
+    ServerError as ServerError,
+    TemporarilyUnavailableError as TemporarilyUnavailableError,
+)
+
+log: Any

stubs/oauthlib/oauthlib/oauth2/rfc6749/clients/__init__.pyi

@@ -0,0 +1,6 @@
+from .backend_application import BackendApplicationClient as BackendApplicationClient
+from .base import AUTH_HEADER as AUTH_HEADER, BODY as BODY, URI_QUERY as URI_QUERY, Client as Client
+from .legacy_application import LegacyApplicationClient as LegacyApplicationClient
+from .mobile_application import MobileApplicationClient as MobileApplicationClient
+from .service_application import ServiceApplicationClient as ServiceApplicationClient
+from .web_application import WebApplicationClient as WebApplicationClient

stubs/oauthlib/oauthlib/oauth2/rfc6749/clients/backend_application.pyi

@@ -0,0 +1,7 @@
+from typing import Any
+
+from .base import Client as Client
+
+class BackendApplicationClient(Client):
+    grant_type: str
+    def prepare_request_body(self, body: str = ..., scope: Any | None = ..., include_client_id: bool = ..., **kwargs): ...  # type: ignore[override]

stubs/oauthlib/oauthlib/oauth2/rfc6749/clients/base.pyi

@@ -0,0 +1,75 @@
+from typing import Any
+
+AUTH_HEADER: str
+URI_QUERY: str
+BODY: str
+FORM_ENC_HEADERS: Any
+
+class Client:
+    refresh_token_key: str
+    client_id: Any
+    default_token_placement: Any
+    token_type: Any
+    access_token: Any
+    refresh_token: Any
+    mac_key: Any
+    mac_algorithm: Any
+    token: Any
+    scope: Any
+    state_generator: Any
+    state: Any
+    redirect_url: Any
+    code: Any
+    expires_in: Any
+    def __init__(
+        self,
+        client_id,
+        default_token_placement=...,
+        token_type: str = ...,
+        access_token: Any | None = ...,
+        refresh_token: Any | None = ...,
+        mac_key: Any | None = ...,
+        mac_algorithm: Any | None = ...,
+        token: Any | None = ...,
+        scope: Any | None = ...,
+        state: Any | None = ...,
+        redirect_url: Any | None = ...,
+        state_generator=...,
+        **kwargs,
+    ) -> None: ...
+    @property
+    def token_types(self): ...
+    def prepare_request_uri(self, *args, **kwargs) -> None: ...
+    def prepare_request_body(self, *args, **kwargs) -> None: ...
+    def parse_request_uri_response(self, *args, **kwargs) -> None: ...
+    def add_token(
+        self,
+        uri,
+        http_method: str = ...,
+        body: Any | None = ...,
+        headers: Any | None = ...,
+        token_placement: Any | None = ...,
+        **kwargs,
+    ): ...
+    def prepare_authorization_request(
+        self, authorization_url, state: Any | None = ..., redirect_url: Any | None = ..., scope: Any | None = ..., **kwargs
+    ): ...
+    def prepare_token_request(
+        self,
+        token_url,
+        authorization_response: Any | None = ...,
+        redirect_url: Any | None = ...,
+        state: Any | None = ...,
+        body: str = ...,
+        **kwargs,
+    ): ...
+    def prepare_refresh_token_request(
+        self, token_url, refresh_token: Any | None = ..., body: str = ..., scope: Any | None = ..., **kwargs
+    ): ...
+    def prepare_token_revocation_request(
+        self, revocation_url, token, token_type_hint: str = ..., body: str = ..., callback: Any | None = ..., **kwargs
+    ): ...
+    def parse_request_body_response(self, body, scope: Any | None = ..., **kwargs): ...
+    def prepare_refresh_body(self, body: str = ..., refresh_token: Any | None = ..., scope: Any | None = ..., **kwargs): ...
+    def populate_code_attributes(self, response) -> None: ...
+    def populate_token_attributes(self, response) -> None: ...

stubs/oauthlib/oauthlib/oauth2/rfc6749/clients/legacy_application.pyi

@@ -0,0 +1,10 @@
+from typing import Any
+
+from .base import Client as Client
+
+class LegacyApplicationClient(Client):
+    grant_type: str
+    def __init__(self, client_id, **kwargs) -> None: ...
+    def prepare_request_body(  # type: ignore[override]
+        self, username, password, body: str = ..., scope: Any | None = ..., include_client_id: bool = ..., **kwargs
+    ): ...

stubs/oauthlib/oauthlib/oauth2/rfc6749/clients/mobile_application.pyi

@@ -0,0 +1,11 @@
+from typing import Any
+
+from .base import Client as Client
+
+class MobileApplicationClient(Client):
+    response_type: str
+    def prepare_request_uri(  # type: ignore[override]
+        self, uri, redirect_uri: Any | None = ..., scope: Any | None = ..., state: Any | None = ..., **kwargs
+    ): ...
+    token: Any
+    def parse_request_uri_response(self, uri, state: Any | None = ..., scope: Any | None = ...): ...  # type: ignore[override]

stubs/oauthlib/oauthlib/oauth2/rfc6749/clients/service_application.pyi

@@ -0,0 +1,33 @@
+from typing import Any
+
+from .base import Client as Client
+
+class ServiceApplicationClient(Client):
+    grant_type: str
+    private_key: Any
+    subject: Any
+    issuer: Any
+    audience: Any
+    def __init__(
+        self,
+        client_id,
+        private_key: Any | None = ...,
+        subject: Any | None = ...,
+        issuer: Any | None = ...,
+        audience: Any | None = ...,
+        **kwargs,
+    ) -> None: ...
+    def prepare_request_body(  # type: ignore[override]
+        self,
+        private_key: Any | None = ...,
+        subject: Any | None = ...,
+        issuer: Any | None = ...,
+        audience: Any | None = ...,
+        expires_at: Any | None = ...,
+        issued_at: Any | None = ...,
+        extra_claims: Any | None = ...,
+        body: str = ...,
+        scope: Any | None = ...,
+        include_client_id: bool = ...,
+        **kwargs,
+    ): ...

stubs/oauthlib/oauthlib/oauth2/rfc6749/clients/web_application.pyi

@@ -0,0 +1,15 @@
+from typing import Any
+
+from .base import Client as Client
+
+class WebApplicationClient(Client):
+    grant_type: str
+    code: Any
+    def __init__(self, client_id, code: Any | None = ..., **kwargs) -> None: ...
+    def prepare_request_uri(  # type: ignore[override]
+        self, uri, redirect_uri: Any | None = ..., scope: Any | None = ..., state: Any | None = ..., **kwargs
+    ): ...
+    def prepare_request_body(  # type: ignore[override]
+        self, code: Any | None = ..., redirect_uri: Any | None = ..., body: str = ..., include_client_id: bool = ..., **kwargs
+    ): ...
+    def parse_request_uri_response(self, uri, state: Any | None = ...): ...  # type: ignore[override]

stubs/oauthlib/oauthlib/oauth2/rfc6749/endpoints/__init__.pyi

@@ -0,0 +1,13 @@
+from .authorization import AuthorizationEndpoint as AuthorizationEndpoint
+from .introspect import IntrospectEndpoint as IntrospectEndpoint
+from .metadata import MetadataEndpoint as MetadataEndpoint
+from .pre_configured import (
+    BackendApplicationServer as BackendApplicationServer,
+    LegacyApplicationServer as LegacyApplicationServer,
+    MobileApplicationServer as MobileApplicationServer,
+    Server as Server,
+    WebApplicationServer as WebApplicationServer,
+)
+from .resource import ResourceEndpoint as ResourceEndpoint
+from .revocation import RevocationEndpoint as RevocationEndpoint
+from .token import TokenEndpoint as TokenEndpoint

stubs/oauthlib/oauthlib/oauth2/rfc6749/endpoints/authorization.pyi

@@ -0,0 +1,26 @@
+from typing import Any
+
+from .base import BaseEndpoint as BaseEndpoint
+
+log: Any
+
+class AuthorizationEndpoint(BaseEndpoint):
+    def __init__(self, default_response_type, default_token_type, response_types) -> None: ...
+    @property
+    def response_types(self): ...
+    @property
+    def default_response_type(self): ...
+    @property
+    def default_response_type_handler(self): ...
+    @property
+    def default_token_type(self): ...
+    def create_authorization_response(
+        self,
+        uri,
+        http_method: str = ...,
+        body: Any | None = ...,
+        headers: Any | None = ...,
+        scopes: Any | None = ...,
+        credentials: Any | None = ...,
+    ): ...
+    def validate_authorization_request(self, uri, http_method: str = ..., body: Any | None = ..., headers: Any | None = ...): ...

stubs/oauthlib/oauthlib/oauth2/rfc6749/endpoints/base.pyi

@@ -0,0 +1,20 @@
+from typing import Any
+
+log: Any
+
+class BaseEndpoint:
+    def __init__(self) -> None: ...
+    @property
+    def valid_request_methods(self): ...
+    @valid_request_methods.setter
+    def valid_request_methods(self, valid_request_methods) -> None: ...
+    @property
+    def available(self): ...
+    @available.setter
+    def available(self, available) -> None: ...
+    @property
+    def catch_errors(self): ...
+    @catch_errors.setter
+    def catch_errors(self, catch_errors) -> None: ...
+
+def catch_errors_and_unavailability(f): ...

stubs/oauthlib/oauthlib/oauth2/rfc6749/endpoints/introspect.pyi

@@ -0,0 +1,14 @@
+from typing import Any
+
+from .base import BaseEndpoint as BaseEndpoint
+
+log: Any
+
+class IntrospectEndpoint(BaseEndpoint):
+    valid_token_types: Any
+    valid_request_methods: Any
+    request_validator: Any
+    supported_token_types: Any
+    def __init__(self, request_validator, supported_token_types: Any | None = ...) -> None: ...
+    def create_introspect_response(self, uri, http_method: str = ..., body: Any | None = ..., headers: Any | None = ...): ...
+    def validate_introspect_request(self, request) -> None: ...

stubs/oauthlib/oauthlib/oauth2/rfc6749/endpoints/metadata.pyi

@@ -0,0 +1,21 @@
+from typing import Any
+
+from .base import BaseEndpoint as BaseEndpoint
+
+log: Any
+
+class MetadataEndpoint(BaseEndpoint):
+    raise_errors: Any
+    endpoints: Any
+    initial_claims: Any
+    claims: Any
+    def __init__(self, endpoints, claims=..., raise_errors: bool = ...) -> None: ...
+    def create_metadata_response(self, uri, http_method: str = ..., body: Any | None = ..., headers: Any | None = ...): ...
+    def validate_metadata(
+        self, array, key, is_required: bool = ..., is_list: bool = ..., is_url: bool = ..., is_issuer: bool = ...
+    ) -> None: ...
+    def validate_metadata_token(self, claims, endpoint) -> None: ...
+    def validate_metadata_authorization(self, claims, endpoint): ...
+    def validate_metadata_revocation(self, claims, endpoint) -> None: ...
+    def validate_metadata_introspection(self, claims, endpoint) -> None: ...
+    def validate_metadata_server(self): ...

stubs/oauthlib/oauthlib/oauth2/rfc6749/endpoints/pre_configured.pyi

@@ -0,0 +1,74 @@
+from typing import Any
+
+from .authorization import AuthorizationEndpoint as AuthorizationEndpoint
+from .introspect import IntrospectEndpoint as IntrospectEndpoint
+from .resource import ResourceEndpoint as ResourceEndpoint
+from .revocation import RevocationEndpoint as RevocationEndpoint
+from .token import TokenEndpoint as TokenEndpoint
+
+class Server(AuthorizationEndpoint, IntrospectEndpoint, TokenEndpoint, ResourceEndpoint, RevocationEndpoint):
+    auth_grant: Any
+    implicit_grant: Any
+    password_grant: Any
+    credentials_grant: Any
+    refresh_grant: Any
+    bearer: Any
+    def __init__(
+        self,
+        request_validator,
+        token_expires_in: Any | None = ...,
+        token_generator: Any | None = ...,
+        refresh_token_generator: Any | None = ...,
+        *args,
+        **kwargs,
+    ) -> None: ...
+
+class WebApplicationServer(AuthorizationEndpoint, IntrospectEndpoint, TokenEndpoint, ResourceEndpoint, RevocationEndpoint):
+    auth_grant: Any
+    refresh_grant: Any
+    bearer: Any
+    def __init__(
+        self,
+        request_validator,
+        token_generator: Any | None = ...,
+        token_expires_in: Any | None = ...,
+        refresh_token_generator: Any | None = ...,
+        **kwargs,
+    ) -> None: ...
+
+class MobileApplicationServer(AuthorizationEndpoint, IntrospectEndpoint, ResourceEndpoint, RevocationEndpoint):
+    implicit_grant: Any
+    bearer: Any
+    def __init__(
+        self,
+        request_validator,
+        token_generator: Any | None = ...,
+        token_expires_in: Any | None = ...,
+        refresh_token_generator: Any | None = ...,
+        **kwargs,
+    ) -> None: ...
+
+class LegacyApplicationServer(TokenEndpoint, IntrospectEndpoint, ResourceEndpoint, RevocationEndpoint):
+    password_grant: Any
+    refresh_grant: Any
+    bearer: Any
+    def __init__(
+        self,
+        request_validator,
+        token_generator: Any | None = ...,
+        token_expires_in: Any | None = ...,
+        refresh_token_generator: Any | None = ...,
+        **kwargs,
+    ) -> None: ...
+
+class BackendApplicationServer(TokenEndpoint, IntrospectEndpoint, ResourceEndpoint, RevocationEndpoint):
+    credentials_grant: Any
+    bearer: Any
+    def __init__(
+        self,
+        request_validator,
+        token_generator: Any | None = ...,
+        token_expires_in: Any | None = ...,
+        refresh_token_generator: Any | None = ...,
+        **kwargs,
+    ) -> None: ...

stubs/oauthlib/oauthlib/oauth2/rfc6749/endpoints/resource.pyi

@@ -0,0 +1,18 @@
+from typing import Any
+
+from .base import BaseEndpoint as BaseEndpoint
+
+log: Any
+
+class ResourceEndpoint(BaseEndpoint):
+    def __init__(self, default_token, token_types) -> None: ...
+    @property
+    def default_token(self): ...
+    @property
+    def default_token_type_handler(self): ...
+    @property
+    def tokens(self): ...
+    def verify_request(
+        self, uri, http_method: str = ..., body: Any | None = ..., headers: Any | None = ..., scopes: Any | None = ...
+    ): ...
+    def find_token_type(self, request): ...

stubs/oauthlib/oauthlib/oauth2/rfc6749/endpoints/revocation.pyi

@@ -0,0 +1,15 @@
+from typing import Any
+
+from .base import BaseEndpoint as BaseEndpoint
+
+log: Any
+
+class RevocationEndpoint(BaseEndpoint):
+    valid_token_types: Any
+    valid_request_methods: Any
+    request_validator: Any
+    supported_token_types: Any
+    enable_jsonp: Any
+    def __init__(self, request_validator, supported_token_types: Any | None = ..., enable_jsonp: bool = ...) -> None: ...
+    def create_revocation_response(self, uri, http_method: str = ..., body: Any | None = ..., headers: Any | None = ...): ...
+    def validate_revocation_request(self, request) -> None: ...

stubs/oauthlib/oauthlib/oauth2/rfc6749/endpoints/token.pyi

@@ -0,0 +1,28 @@
+from typing import Any
+
+from .base import BaseEndpoint as BaseEndpoint
+
+log: Any
+
+class TokenEndpoint(BaseEndpoint):
+    valid_request_methods: Any
+    def __init__(self, default_grant_type, default_token_type, grant_types) -> None: ...
+    @property
+    def grant_types(self): ...
+    @property
+    def default_grant_type(self): ...
+    @property
+    def default_grant_type_handler(self): ...
+    @property
+    def default_token_type(self): ...
+    def create_token_response(
+        self,
+        uri,
+        http_method: str = ...,
+        body: Any | None = ...,
+        headers: Any | None = ...,
+        credentials: Any | None = ...,
+        grant_type_for_scope: Any | None = ...,
+        claims: Any | None = ...,
+    ): ...
+    def validate_token_request(self, request) -> None: ...

stubs/oauthlib/oauthlib/oauth2/rfc6749/errors.pyi

@@ -0,0 +1,140 @@
+from typing import Any
+
+class OAuth2Error(Exception):
+    error: Any
+    status_code: int
+    description: str
+    uri: Any
+    state: Any
+    redirect_uri: Any
+    client_id: Any
+    scopes: Any
+    response_type: Any
+    response_mode: Any
+    grant_type: Any
+    def __init__(
+        self,
+        description: Any | None = ...,
+        uri: Any | None = ...,
+        state: Any | None = ...,
+        status_code: Any | None = ...,
+        request: Any | None = ...,
+    ) -> None: ...
+    def in_uri(self, uri): ...
+    @property
+    def twotuples(self): ...
+    @property
+    def urlencoded(self): ...
+    @property
+    def json(self): ...
+    @property
+    def headers(self): ...
+
+class TokenExpiredError(OAuth2Error):
+    error: str
+
+class InsecureTransportError(OAuth2Error):
+    error: str
+    description: str
+
+class MismatchingStateError(OAuth2Error):
+    error: str
+    description: str
+
+class MissingCodeError(OAuth2Error):
+    error: str
+
+class MissingTokenError(OAuth2Error):
+    error: str
+
+class MissingTokenTypeError(OAuth2Error):
+    error: str
+
+class FatalClientError(OAuth2Error): ...
+
+class InvalidRequestFatalError(FatalClientError):
+    error: str
+
+class InvalidRedirectURIError(InvalidRequestFatalError):
+    description: str
+
+class MissingRedirectURIError(InvalidRequestFatalError):
+    description: str
+
+class MismatchingRedirectURIError(InvalidRequestFatalError):
+    description: str
+
+class InvalidClientIdError(InvalidRequestFatalError):
+    description: str
+
+class MissingClientIdError(InvalidRequestFatalError):
+    description: str
+
+class InvalidRequestError(OAuth2Error):
+    error: str
+
+class MissingResponseTypeError(InvalidRequestError):
+    description: str
+
+class MissingCodeChallengeError(InvalidRequestError):
+    description: str
+
+class MissingCodeVerifierError(InvalidRequestError):
+    description: str
+
+class AccessDeniedError(OAuth2Error):
+    error: str
+
+class UnsupportedResponseTypeError(OAuth2Error):
+    error: str
+
+class UnsupportedCodeChallengeMethodError(InvalidRequestError):
+    description: str
+
+class InvalidScopeError(OAuth2Error):
+    error: str
+
+class ServerError(OAuth2Error):
+    error: str
+
+class TemporarilyUnavailableError(OAuth2Error):
+    error: str
+
+class InvalidClientError(FatalClientError):
+    error: str
+    status_code: int
+
+class InvalidGrantError(OAuth2Error):
+    error: str
+    status_code: int
+
+class UnauthorizedClientError(OAuth2Error):
+    error: str
+
+class UnsupportedGrantTypeError(OAuth2Error):
+    error: str
+
+class UnsupportedTokenTypeError(OAuth2Error):
+    error: str
+
+class InvalidTokenError(OAuth2Error):
+    error: str
+    status_code: int
+    description: str
+
+class InsufficientScopeError(OAuth2Error):
+    error: str
+    status_code: int
+    description: str
+
+class ConsentRequired(OAuth2Error):
+    error: str
+
+class LoginRequired(OAuth2Error):
+    error: str
+
+class CustomOAuth2Error(OAuth2Error):
+    error: Any
+    def __init__(self, error, *args, **kwargs) -> None: ...
+
+def raise_from_error(error, params: Any | None = ...) -> None: ...

stubs/oauthlib/oauthlib/oauth2/rfc6749/grant_types/__init__.pyi

@@ -0,0 +1,5 @@
+from .authorization_code import AuthorizationCodeGrant as AuthorizationCodeGrant
+from .client_credentials import ClientCredentialsGrant as ClientCredentialsGrant
+from .implicit import ImplicitGrant as ImplicitGrant
+from .refresh_token import RefreshTokenGrant as RefreshTokenGrant
+from .resource_owner_password_credentials import ResourceOwnerPasswordCredentialsGrant as ResourceOwnerPasswordCredentialsGrant

stubs/oauthlib/oauthlib/oauth2/rfc6749/grant_types/authorization_code.pyi

@@ -0,0 +1,18 @@
+from typing import Any
+
+from .base import GrantTypeBase as GrantTypeBase
+
+log: Any
+
+def code_challenge_method_s256(verifier, challenge): ...
+def code_challenge_method_plain(verifier, challenge): ...
+
+class AuthorizationCodeGrant(GrantTypeBase):
+    default_response_mode: str
+    response_types: Any
+    def create_authorization_code(self, request): ...
+    def create_authorization_response(self, request, token_handler): ...
+    def create_token_response(self, request, token_handler): ...
+    def validate_authorization_request(self, request): ...
+    def validate_token_request(self, request) -> None: ...
+    def validate_code_challenge(self, challenge, challenge_method, verifier): ...

stubs/oauthlib/oauthlib/oauth2/rfc6749/grant_types/base.pyi

@@ -0,0 +1,31 @@
+from typing import Any
+
+log: Any
+
+class ValidatorsContainer:
+    pre_auth: Any
+    post_auth: Any
+    pre_token: Any
+    post_token: Any
+    def __init__(self, post_auth, post_token, pre_auth, pre_token) -> None: ...
+    @property
+    def all_pre(self): ...
+    @property
+    def all_post(self): ...
+
+class GrantTypeBase:
+    error_uri: Any
+    request_validator: Any
+    default_response_mode: str
+    refresh_token: bool
+    response_types: Any
+    def __init__(self, request_validator: Any | None = ..., **kwargs) -> None: ...
+    def register_response_type(self, response_type) -> None: ...
+    def register_code_modifier(self, modifier) -> None: ...
+    def register_token_modifier(self, modifier) -> None: ...
+    def create_authorization_response(self, request, token_handler) -> None: ...
+    def create_token_response(self, request, token_handler) -> None: ...
+    def add_token(self, token, token_handler, request): ...
+    def validate_grant_type(self, request) -> None: ...
+    def validate_scopes(self, request) -> None: ...
+    def prepare_authorization_response(self, request, token, headers, body, status): ...

stubs/oauthlib/oauthlib/oauth2/rfc6749/grant_types/client_credentials.pyi

@@ -0,0 +1,9 @@
+from typing import Any
+
+from .base import GrantTypeBase as GrantTypeBase
+
+log: Any
+
+class ClientCredentialsGrant(GrantTypeBase):
+    def create_token_response(self, request, token_handler): ...
+    def validate_token_request(self, request) -> None: ...

stubs/oauthlib/oauthlib/oauth2/rfc6749/grant_types/implicit.pyi

@@ -0,0 +1,13 @@
+from typing import Any
+
+from .base import GrantTypeBase as GrantTypeBase
+
+log: Any
+
+class ImplicitGrant(GrantTypeBase):
+    response_types: Any
+    grant_allows_refresh_token: bool
+    def create_authorization_response(self, request, token_handler): ...
+    def create_token_response(self, request, token_handler): ...
+    def validate_authorization_request(self, request): ...
+    def validate_token_request(self, request): ...

stubs/oauthlib/oauthlib/oauth2/rfc6749/grant_types/refresh_token.pyi

@@ -0,0 +1,10 @@
+from typing import Any
+
+from .base import GrantTypeBase as GrantTypeBase
+
+log: Any
+
+class RefreshTokenGrant(GrantTypeBase):
+    def __init__(self, request_validator: Any | None = ..., issue_new_refresh_tokens: bool = ..., **kwargs) -> None: ...
+    def create_token_response(self, request, token_handler): ...
+    def validate_token_request(self, request) -> None: ...

stubs/oauthlib/oauthlib/oauth2/rfc6749/grant_types/resource_owner_password_credentials.pyi

@@ -0,0 +1,9 @@
+from typing import Any
+
+from .base import GrantTypeBase as GrantTypeBase
+
+log: Any
+
+class ResourceOwnerPasswordCredentialsGrant(GrantTypeBase):
+    def create_token_response(self, request, token_handler): ...
+    def validate_token_request(self, request) -> None: ...

stubs/oauthlib/oauthlib/oauth2/rfc6749/parameters.pyi

@@ -0,0 +1,13 @@
+from typing import Any
+
+def prepare_grant_uri(
+    uri, client_id, response_type, redirect_uri: Any | None = ..., scope: Any | None = ..., state: Any | None = ..., **kwargs
+): ...
+def prepare_token_request(grant_type, body: str = ..., include_client_id: bool = ..., **kwargs): ...
+def prepare_token_revocation_request(
+    url, token, token_type_hint: str = ..., callback: Any | None = ..., body: str = ..., **kwargs
+): ...
+def parse_authorization_code_response(uri, state: Any | None = ...): ...
+def parse_implicit_response(uri, state: Any | None = ..., scope: Any | None = ...): ...
+def parse_token_response(body, scope: Any | None = ...): ...
+def validate_token_parameters(params) -> None: ...

stubs/oauthlib/oauthlib/oauth2/rfc6749/request_validator.pyi

@@ -0,0 +1,32 @@
+from typing import Any
+
+log: Any
+
+class RequestValidator:
+    def client_authentication_required(self, request, *args, **kwargs): ...
+    def authenticate_client(self, request, *args, **kwargs) -> None: ...
+    def authenticate_client_id(self, client_id, request, *args, **kwargs) -> None: ...
+    def confirm_redirect_uri(self, client_id, code, redirect_uri, client, request, *args, **kwargs) -> None: ...
+    def get_default_redirect_uri(self, client_id, request, *args, **kwargs) -> None: ...
+    def get_default_scopes(self, client_id, request, *args, **kwargs) -> None: ...
+    def get_original_scopes(self, refresh_token, request, *args, **kwargs) -> None: ...
+    def is_within_original_scope(self, request_scopes, refresh_token, request, *args, **kwargs): ...
+    def introspect_token(self, token, token_type_hint, request, *args, **kwargs) -> None: ...
+    def invalidate_authorization_code(self, client_id, code, request, *args, **kwargs) -> None: ...
+    def revoke_token(self, token, token_type_hint, request, *args, **kwargs) -> None: ...
+    def rotate_refresh_token(self, request): ...
+    def save_authorization_code(self, client_id, code, request, *args, **kwargs) -> None: ...
+    def save_token(self, token, request, *args, **kwargs): ...
+    def save_bearer_token(self, token, request, *args, **kwargs) -> None: ...
+    def validate_bearer_token(self, token, scopes, request) -> None: ...
+    def validate_client_id(self, client_id, request, *args, **kwargs) -> None: ...
+    def validate_code(self, client_id, code, client, request, *args, **kwargs) -> None: ...
+    def validate_grant_type(self, client_id, grant_type, client, request, *args, **kwargs) -> None: ...
+    def validate_redirect_uri(self, client_id, redirect_uri, request, *args, **kwargs) -> None: ...
+    def validate_refresh_token(self, refresh_token, client, request, *args, **kwargs) -> None: ...
+    def validate_response_type(self, client_id, response_type, client, request, *args, **kwargs) -> None: ...
+    def validate_scopes(self, client_id, scopes, client, request, *args, **kwargs) -> None: ...
+    def validate_user(self, username, password, client, request, *args, **kwargs) -> None: ...
+    def is_pkce_required(self, client_id, request): ...
+    def get_code_challenge(self, code, request) -> None: ...
+    def get_code_challenge_method(self, code, request) -> None: ...

stubs/oauthlib/oauthlib/oauth2/rfc6749/tokens.pyi

@@ -0,0 +1,59 @@
+from typing import Any, Dict
+
+class OAuth2Token(Dict[Any, Any]):
+    def __init__(self, params, old_scope: Any | None = ...) -> None: ...
+    @property
+    def scope_changed(self): ...
+    @property
+    def old_scope(self): ...
+    @property
+    def old_scopes(self): ...
+    @property
+    def scope(self): ...
+    @property
+    def scopes(self): ...
+    @property
+    def missing_scopes(self): ...
+    @property
+    def additional_scopes(self): ...
+
+def prepare_mac_header(
+    token,
+    uri,
+    key,
+    http_method,
+    nonce: Any | None = ...,
+    headers: Any | None = ...,
+    body: Any | None = ...,
+    ext: str = ...,
+    hash_algorithm: str = ...,
+    issue_time: Any | None = ...,
+    draft: int = ...,
+): ...
+def prepare_bearer_uri(token, uri): ...
+def prepare_bearer_headers(token, headers: Any | None = ...): ...
+def prepare_bearer_body(token, body: str = ...): ...
+def random_token_generator(request, refresh_token: bool = ...): ...
+def signed_token_generator(private_pem, **kwargs): ...
+def get_token_from_header(request): ...
+
+class TokenBase:
+    def __call__(self, request, refresh_token: bool = ...) -> None: ...
+    def validate_request(self, request) -> None: ...
+    def estimate_type(self, request) -> None: ...
+
+class BearerToken(TokenBase):
+    request_validator: Any
+    token_generator: Any
+    refresh_token_generator: Any
+    expires_in: Any
+    def __init__(
+        self,
+        request_validator: Any | None = ...,
+        token_generator: Any | None = ...,
+        expires_in: Any | None = ...,
+        refresh_token_generator: Any | None = ...,
+    ) -> None: ...
+    def create_token(self, request, refresh_token: bool = ..., **kwargs): ...
+    def validate_request(self, request): ...
+    def estimate_type(self, request): ...

stubs/oauthlib/oauthlib/oauth2/rfc6749/utils.pyi

@@ -0,0 +1,7 @@
+def list_to_scope(scope): ...
+def scope_to_list(scope): ...
+def params_from_uri(uri): ...
+def host_from_uri(uri): ...
+def escape(u): ...
+def generate_age(issue_time): ...
+def is_secure_transport(uri): ...

stubs/oauthlib/oauthlib/openid/__init__.pyi

@@ -0,0 +1,2 @@
+from .connect.core.endpoints import Server as Server, UserInfoEndpoint as UserInfoEndpoint
+from .connect.core.request_validator import RequestValidator as RequestValidator

stubs/oauthlib/oauthlib/openid/connect/core/endpoints/__init__.pyi

@@ -0,0 +1,2 @@
+from .pre_configured import Server as Server
+from .userinfo import UserInfoEndpoint as UserInfoEndpoint

stubs/oauthlib/oauthlib/openid/connect/core/endpoints/pre_configured.pyi

@@ -0,0 +1,35 @@
+from typing import Any
+
+from oauthlib.oauth2.rfc6749.endpoints import (
+    AuthorizationEndpoint as AuthorizationEndpoint,
+    IntrospectEndpoint as IntrospectEndpoint,
+    ResourceEndpoint as ResourceEndpoint,
+    RevocationEndpoint as RevocationEndpoint,
+    TokenEndpoint as TokenEndpoint,
+)
+
+from .userinfo import UserInfoEndpoint as UserInfoEndpoint
+
+class Server(AuthorizationEndpoint, IntrospectEndpoint, TokenEndpoint, ResourceEndpoint, RevocationEndpoint, UserInfoEndpoint):
+    auth_grant: Any
+    implicit_grant: Any
+    password_grant: Any
+    credentials_grant: Any
+    refresh_grant: Any
+    openid_connect_auth: Any
+    openid_connect_implicit: Any
+    openid_connect_hybrid: Any
+    bearer: Any
+    jwt: Any
+    auth_grant_choice: Any
+    implicit_grant_choice: Any
+    token_grant_choice: Any
+    def __init__(
+        self,
+        request_validator,
+        token_expires_in: Any | None = ...,
+        token_generator: Any | None = ...,
+        refresh_token_generator: Any | None = ...,
+        *args,
+        **kwargs,
+    ) -> None: ...

stubs/oauthlib/oauthlib/openid/connect/core/endpoints/userinfo.pyi

@@ -0,0 +1,12 @@
+from typing import Any
+
+from oauthlib.oauth2.rfc6749.endpoints.base import BaseEndpoint as BaseEndpoint
+
+log: Any
+
+class UserInfoEndpoint(BaseEndpoint):
+    bearer: Any
+    request_validator: Any
+    def __init__(self, request_validator) -> None: ...
+    def create_userinfo_response(self, uri, http_method: str = ..., body: Any | None = ..., headers: Any | None = ...): ...
+    def validate_userinfo_request(self, request) -> None: ...

stubs/oauthlib/oauthlib/openid/connect/core/exceptions.pyi

@@ -0,0 +1,53 @@
+from typing import Any
+
+from oauthlib.oauth2.rfc6749.errors import FatalClientError as FatalClientError, OAuth2Error as OAuth2Error
+
+class FatalOpenIDClientError(FatalClientError): ...
+class OpenIDClientError(OAuth2Error): ...
+
+class InteractionRequired(OpenIDClientError):
+    error: str
+    status_code: int
+
+class LoginRequired(OpenIDClientError):
+    error: str
+    status_code: int
+
+class AccountSelectionRequired(OpenIDClientError):
+    error: str
+
+class ConsentRequired(OpenIDClientError):
+    error: str
+    status_code: int
+
+class InvalidRequestURI(OpenIDClientError):
+    error: str
+    description: str
+
+class InvalidRequestObject(OpenIDClientError):
+    error: str
+    description: str
+
+class RequestNotSupported(OpenIDClientError):
+    error: str
+    description: str
+
+class RequestURINotSupported(OpenIDClientError):
+    error: str
+    description: str
+
+class RegistrationNotSupported(OpenIDClientError):
+    error: str
+    description: str
+
+class InvalidTokenError(OAuth2Error):
+    error: str
+    status_code: int
+    description: str
+
+class InsufficientScopeError(OAuth2Error):
+    error: str
+    status_code: int
+    description: str
+
+def raise_from_error(error, params: Any | None = ...) -> None: ...

stubs/oauthlib/oauthlib/openid/connect/core/grant_types/__init__.pyi

@@ -0,0 +1,9 @@
+from .authorization_code import AuthorizationCodeGrant as AuthorizationCodeGrant
+from .base import GrantTypeBase as GrantTypeBase
+from .dispatchers import (
+    AuthorizationCodeGrantDispatcher as AuthorizationCodeGrantDispatcher,
+    AuthorizationTokenGrantDispatcher as AuthorizationTokenGrantDispatcher,
+    ImplicitTokenGrantDispatcher as ImplicitTokenGrantDispatcher,
+)
+from .hybrid import HybridGrant as HybridGrant
+from .implicit import ImplicitGrant as ImplicitGrant

stubs/oauthlib/oauthlib/openid/connect/core/grant_types/authorization_code.pyi

@@ -0,0 +1,10 @@
+from typing import Any
+
+from .base import GrantTypeBase as GrantTypeBase
+
+log: Any
+
+class AuthorizationCodeGrant(GrantTypeBase):
+    proxy_target: Any
+    def __init__(self, request_validator: Any | None = ..., **kwargs) -> None: ...
+    def add_id_token(self, token, token_handler, request): ...

stubs/oauthlib/oauthlib/openid/connect/core/grant_types/base.pyi

@@ -0,0 +1,13 @@
+from typing import Any
+
+log: Any
+
+class GrantTypeBase:
+    def __getattr__(self, attr): ...
+    def __setattr__(self, attr, value) -> None: ...
+    def validate_authorization_request(self, request): ...
+    def id_token_hash(self, value, hashfunc=...): ...
+    def add_id_token(self, token, token_handler, request, nonce: Any | None = ...): ...
+    def openid_authorization_validator(self, request): ...
+
+OpenIDConnectBase = GrantTypeBase

stubs/oauthlib/oauthlib/openid/connect/core/grant_types/dispatchers.pyi

@@ -0,0 +1,28 @@
+from typing import Any
+
+log: Any
+
+class Dispatcher:
+    default_grant: Any
+    oidc_grant: Any
+
+class AuthorizationCodeGrantDispatcher(Dispatcher):
+    default_grant: Any
+    oidc_grant: Any
+    def __init__(self, default_grant: Any | None = ..., oidc_grant: Any | None = ...) -> None: ...
+    def create_authorization_response(self, request, token_handler): ...
+    def validate_authorization_request(self, request): ...
+
+class ImplicitTokenGrantDispatcher(Dispatcher):
+    default_grant: Any
+    oidc_grant: Any
+    def __init__(self, default_grant: Any | None = ..., oidc_grant: Any | None = ...) -> None: ...
+    def create_authorization_response(self, request, token_handler): ...
+    def validate_authorization_request(self, request): ...
+
+class AuthorizationTokenGrantDispatcher(Dispatcher):
+    default_grant: Any
+    oidc_grant: Any
+    request_validator: Any
+    def __init__(self, request_validator, default_grant: Any | None = ..., oidc_grant: Any | None = ...) -> None: ...
+    def create_token_response(self, request, token_handler): ...

stubs/oauthlib/oauthlib/openid/connect/core/grant_types/hybrid.pyi

@@ -0,0 +1,15 @@
+from typing import Any
+
+from oauthlib.oauth2.rfc6749.errors import InvalidRequestError as InvalidRequestError
+
+from ..request_validator import RequestValidator as RequestValidator
+from .base import GrantTypeBase as GrantTypeBase
+
+log: Any
+
+class HybridGrant(GrantTypeBase):
+    request_validator: Any
+    proxy_target: Any
+    def __init__(self, request_validator: Any | None = ..., **kwargs) -> None: ...
+    def add_id_token(self, token, token_handler, request): ...
+    def openid_authorization_validator(self, request): ...

stubs/oauthlib/oauthlib/openid/connect/core/grant_types/implicit.pyi

@@ -0,0 +1,11 @@
+from typing import Any
+
+from .base import GrantTypeBase as GrantTypeBase
+
+log: Any
+
+class ImplicitGrant(GrantTypeBase):
+    proxy_target: Any
+    def __init__(self, request_validator: Any | None = ..., **kwargs) -> None: ...
+    def add_id_token(self, token, token_handler, request): ...
+    def openid_authorization_validator(self, request): ...

stubs/oauthlib/oauthlib/openid/connect/core/request_validator.pyi

@@ -0,0 +1,18 @@
+from typing import Any
+
+from oauthlib.oauth2.rfc6749.request_validator import RequestValidator as OAuth2RequestValidator
+
+log: Any
+
+class RequestValidator(OAuth2RequestValidator):
+    def get_authorization_code_scopes(self, client_id, code, redirect_uri, request) -> None: ...
+    def get_authorization_code_nonce(self, client_id, code, redirect_uri, request) -> None: ...
+    def get_jwt_bearer_token(self, token, token_handler, request) -> None: ...
+    def get_id_token(self, token, token_handler, request) -> None: ...
+    def finalize_id_token(self, id_token, token, token_handler, request) -> None: ...
+    def validate_jwt_bearer_token(self, token, scopes, request) -> None: ...
+    def validate_id_token(self, token, scopes, request) -> None: ...
+    def validate_silent_authorization(self, request) -> None: ...
+    def validate_silent_login(self, request) -> None: ...
+    def validate_user_match(self, id_token_hint, scopes, claims, request) -> None: ...
+    def get_userinfo_claims(self, request) -> None: ...

stubs/oauthlib/oauthlib/openid/connect/core/tokens.pyi

@@ -0,0 +1,19 @@
+from typing import Any
+
+from oauthlib.oauth2.rfc6749.tokens import TokenBase as TokenBase
+
+class JWTToken(TokenBase):
+    request_validator: Any
+    token_generator: Any
+    refresh_token_generator: Any
+    expires_in: Any
+    def __init__(
+        self,
+        request_validator: Any | None = ...,
+        token_generator: Any | None = ...,
+        expires_in: Any | None = ...,
+        refresh_token_generator: Any | None = ...,
+    ) -> None: ...
+    def create_token(self, request, refresh_token: bool = ...): ...
+    def validate_request(self, request): ...
+    def estimate_type(self, request): ...

stubs/oauthlib/oauthlib/signals.pyi

@@ -0,0 +1,20 @@
+from typing import Any
+
+signals_available: bool
+
+class Namespace:
+    def signal(self, name, doc: Any | None = ...): ...
+
+class _FakeSignal:
+    name: Any
+    __doc__: Any
+    def __init__(self, name, doc: Any | None = ...) -> None: ...
+    send: Any
+    connect: Any
+    disconnect: Any
+    has_receivers_for: Any
+    receivers_for: Any
+    temporarily_connected_to: Any
+    connected_to: Any
+
+scope_changed: Any

stubs/oauthlib/oauthlib/uri_validate.pyi

@@ -0,0 +1,43 @@
+from typing import Any
+
+DIGIT: str
+ALPHA: str
+HEXDIG: str
+pct_encoded: Any
+unreserved: Any
+gen_delims: str
+sub_delims: str
+pchar: Any
+reserved: Any
+scheme: Any
+dec_octet: Any
+IPv4address: Any
+IPv6address: str
+IPvFuture: Any
+IP_literal: Any
+reg_name: Any
+userinfo: Any
+host: Any
+port: Any
+authority: Any
+segment: Any
+segment_nz: Any
+segment_nz_nc: Any
+path_abempty: Any
+path_absolute: Any
+path_noscheme: Any
+path_rootless: Any
+path_empty: str
+path: Any
+query: Any
+fragment: Any
+hier_part: Any
+relative_part: Any
+relative_ref: Any
+URI: Any
+URI_reference: Any
+absolute_URI: Any
+
+def is_uri(uri): ...
+def is_uri_reference(uri): ...
+def is_absolute_uri(uri): ...