kinto 19.6.0__py3-none-any.whl → 20.0.0__py3-none-any.whl

kinto/__main__.py

@@ -9,7 +9,6 @@ from pyramid.paster import bootstrap
 from pyramid.scripts import pserve
 
 from kinto import __version__
-from kinto import scripts as kinto_scripts
 from kinto.config import init
 from kinto.core import scripts as core_scripts
 from kinto.plugins.accounts import scripts as accounts_scripts
@@ -33,7 +32,6 @@ def main(args=None):
         "migrate",
         "flush-cache",
         "version",
-        "rebuild-quotas",
         "create-user",
     )
     subparsers = parser.add_subparsers(
@@ -107,16 +105,6 @@ def main(args=None):
                 default=False,
             )
 
-        elif command == "rebuild-quotas":
-            subparser.add_argument(
-                "--dry-run",
-                action="store_true",
-                help="Simulate the rebuild operation and show information",
-                dest="dry_run",
-                required=False,
-                default=False,
-            )
-
         elif command == "start":
             subparser.add_argument(
                 "--reload",
@@ -214,11 +202,6 @@ def main(args=None):
         env = bootstrap(config_file, options={"command": "flush-cache"})
         core_scripts.flush_cache(env)
 
-    elif which_command == "rebuild-quotas":
-        dry_run = parsed_args["dry_run"]
-        env = bootstrap(config_file, options={"command": "rebuild-quotas"})
-        return kinto_scripts.rebuild_quotas(env, dry_run=dry_run)
-
     elif which_command == "create-user":
         username = parsed_args["username"]
         password = parsed_args["password"]

kinto/config/kinto.tpl

@@ -36,7 +36,6 @@ kinto.includes = kinto.plugins.default_bucket
                  kinto.plugins.admin
                  kinto.plugins.accounts
 #                kinto.plugins.history
-#                kinto.plugins.quotas
 
 # Backends
 # https://kinto.readthedocs.io/en/latest/configuration/settings.html#storage
@@ -104,18 +103,6 @@ kinto.account_create_principals = system.Everyone
 kinto.account_write_principals = account:admin
 # Allow administrators to create buckets
 kinto.bucket_create_principals = account:admin
-# Enable the "account_validation" option.
-# kinto.account_validation = true
-# Set the sender for the validation email.
-# kinto.account_validation.email_sender = "admin@example.com"
-# Set the regular expression used to validate a proper email address.
-# kinto.account_validation.email_regexp = "^[a-zA-Z0-9_.+-]+@[a-zA-Z0-9-]+\\.[a-zA-Z0-9-.]+$"
-
-# Mail configuration (needed for the account validation option), see https://docs.pylonsproject.org/projects/pyramid_mailer/en/latest/#configuration
-# mail.host = localhost
-# mail.port = 25
-# mail.username = someusername
-# mail.password = somepassword
 
 # Notifications
 # https://kinto.readthedocs.io/en/latest/configuration/settings.html#notifications

kinto/contribute.json

@@ -0,0 +1,27 @@
+{
+  "name": "Kinto",
+  "description": "Kinto is a minimalist JSON storage service with synchronisation and sharing abilities.",
+  "repository": {
+    "url": "https://github.com/Kinto/kinto",
+    "license": "Apache License (2.0)",
+    "tests": "https://github.com/Kinto/kinto/actions"
+  },
+  "participate": {
+    "home": "https://kinto.readthedocs.io/en/latest/community.html#how-to-contribute",
+    "docs": "https://kinto.readthedocs.io/",
+    "irc": "irc://irc.freenode.org/#kinto",
+    "irc-contacts": ["alexis", "leplatrem", "magopian", "natim", "NiKo`"]
+  },
+  "bugs": {
+    "list": "https://github.com/Kinto/kinto/issues",
+    "report": "https://github.com/Kinto/kinto/issues/new"
+  },
+  "keywords": [
+    "JSON",
+    "Python",
+    "Pyramid",
+    "REST",
+    "API",
+    "Database"
+  ]
+}

kinto/core/initialization.py

@@ -334,16 +334,6 @@ def setup_sentry(config):
         config.add_subscriber(on_app_created, ApplicationCreated)
 
 
-def setup_statsd(config):
-    # It would be pretty rare to find users that have a custom ``kinto.initialization_sequence`` setting.
-    # But just in case, warn that it will be removed in next major.
-    warnings.warn(
-        "``setup_statsd()`` is now deprecated. Use ``kinto.core.initialization.setup_metrics()`` instead.",
-        DeprecationWarning,
-    )
-    setup_metrics(config)
-
-
 def install_middlewares(app, settings):
     "Install a set of middlewares defined in the ini file on the given app."
     # Setup new-relic.
@@ -544,10 +534,6 @@ def setup_metrics(config):
 
     config.add_subscriber(on_new_response, NewResponse)
 
-    # While statsd is deprecated, we include its plugin by default for retro-compability.
-    if settings["statsd_url"]:
-        config.include("kinto.plugins.statsd")
-
 
 class EventActionFilter:
     def __init__(self, actions, config):

kinto/core/storage/postgresql/pool.py

@@ -21,7 +21,7 @@ class _QueueWithMaxBacklog(Queue):
         with self.mutex:
             self.cur_backlog += 1
             try:
-                if self.max_backlog >= 0:
+                if self.max_backlog >= 0:  # pragma: no branch
                     if self.cur_backlog > self.max_backlog:
                         block = False
                         timeout = None

kinto/core/views/errors.py

@@ -22,6 +22,8 @@ def authorization_required(response, request):
     """
     if Authenticated not in request.effective_principals:
         if response.content_type != "application/json":
+            # This is always the case when `HTTPForbidden` is raised by Pyramid
+            # on protected views with unauthenticated requests.
             error_msg = "Please authenticate yourself to use this endpoint."
             response = http_error(
                 httpexceptions.HTTPUnauthorized(),

kinto/plugins/accounts/__init__.py

@@ -6,19 +6,12 @@ from pyramid.exceptions import ConfigurationError
 from kinto.authorization import PERMISSIONS_INHERITANCE_TREE
 
 from .authentication import AccountsAuthenticationPolicy as AccountsPolicy
-from .utils import (
-    ACCOUNT_CACHE_KEY,
-    ACCOUNT_POLICY_NAME,
-    ACCOUNT_RESET_PASSWORD_CACHE_KEY,
-    ACCOUNT_VALIDATION_CACHE_KEY,
-)
+from .utils import ACCOUNT_CACHE_KEY, ACCOUNT_POLICY_NAME
 
 
 __all__ = [
     "ACCOUNT_CACHE_KEY",
     "ACCOUNT_POLICY_NAME",
-    "ACCOUNT_RESET_PASSWORD_CACHE_KEY",
-    "ACCOUNT_VALIDATION_CACHE_KEY",
     "AccountsPolicy",
 ]
 
@@ -27,16 +20,13 @@ DOCS_URL = "https://kinto.readthedocs.io/en/stable/api/1.x/accounts.html"
 
 def includeme(config):
     settings = config.get_settings()
-    validation_enabled = settings.get("account_validation", False)
     config.add_api_capability(
         "accounts",
         description="Manage user accounts.",
         url="https://kinto.readthedocs.io/en/latest/api/1.x/accounts.html",
-        validation_enabled=validation_enabled,
+        validation_enabled=False,
     )
     kwargs = {}
-    if not validation_enabled:
-        kwargs["ignore"] = "kinto.plugins.accounts.views.validation"
     config.scan("kinto.plugins.accounts.views", **kwargs)
 
     PERMISSIONS_INHERITANCE_TREE["root"].update({"account:create": {}})
@@ -45,13 +35,6 @@ def includeme(config):
         "read": {"account": ["write", "read"]},
     }
 
-    if validation_enabled:
-        # Valid mailers other than the default are `debug` and `testing`
-        # according to
-        # https://docs.pylonsproject.org/projects/pyramid_mailer/en/latest/#debugging
-        mailer = settings.get("mail.mailer", "")
-        config.include("pyramid_mailer" + (f".{mailer}" if mailer else ""))
-
     # Check that the account policy is mentioned in config if included.
     accountClass = "AccountsPolicy"
     policy = None

kinto/plugins/accounts/authentication.py

@@ -5,31 +5,27 @@ from kinto.core import utils
 from kinto.core.storage import exceptions as storage_exceptions
 
 from .utils import (
+    ACCOUNT_CACHE_KEY,
     ACCOUNT_POLICY_NAME,
-    cache_account,
-    delete_cached_reset_password,
-    get_account_cache_key,
-    get_cached_account,
-    get_cached_reset_password,
-    is_validated,
-    refresh_cached_account,
 )
 
 
 def account_check(username, password, request):
     settings = request.registry.settings
-    validation_enabled = settings.get("account_validation", False)
-    cache_key = get_account_cache_key(username, request.registry)
+    hmac_secret = settings["userid_hmac_secret"]
+    cache_key = utils.hmac_digest(hmac_secret, ACCOUNT_CACHE_KEY.format(username))
+    cache_ttl = int(settings.get("account_cache_ttl_seconds", 30))
     hashed_password = utils.hmac_digest(cache_key, password)
 
     # Check cache to see whether somebody has recently logged in with the same
     # username and password.
-    cache_result = get_cached_account(username, request.registry)
+    cache = request.registry.cache
+    cache_result = cache.get(cache_key)
 
     # Username and password have been verified previously. No need to compare hashes
     if cache_result == hashed_password:
         # Refresh the cache TTL.
-        refresh_cached_account(username, request.registry)
+        cache.expire(cache_key, cache_ttl)
         return True
 
     # Back to standard procedure
@@ -41,53 +37,11 @@ def account_check(username, password, request):
     except storage_exceptions.ObjectNotFoundError:
         return None
 
-    if validation_enabled and not is_validated(existing):
-        return None
-
     hashed = existing["password"].encode(encoding="utf-8")
     pwd_str = password.encode(encoding="utf-8")
     # Check if password is valid (it is a very expensive computation)
     if bcrypt.checkpw(pwd_str, hashed):
-        cache_account(hashed_password, username, request.registry)
-        return True
-
-    # Last chance, is this a "reset password" flow?
-    return reset_password_flow(username, password, request)
-
-
-def reset_password_flow(username, password, request):
-    cache_key = get_account_cache_key(username, request.registry)
-    hashed_password = utils.hmac_digest(cache_key, password)
-    pwd_str = password.encode(encoding="utf-8")
-
-    cached_password = get_cached_reset_password(username, request.registry)
-    if not cached_password:
-        return None
-
-    # The temporary reset password is only available for changing a user's password.
-    if request.method.lower() not in ["post", "put", "patch"]:
-        return None
-
-    # Only allow modifying a user account, no other resource.
-    uri = utils.strip_uri_prefix(request.path)
-    resource_name, _ = utils.view_lookup(request, uri)
-    if resource_name != "account":
-        return None
-
-    try:
-        data = request.json["data"]
-    except (ValueError, KeyError):
-        return None
-
-    # Request one and only one data field: the `password`.
-    if not data or "password" not in data or len(data.keys()) > 1:
-        return None
-
-    cached_password_str = cached_password.encode(encoding="utf-8")
-    if bcrypt.checkpw(pwd_str, cached_password_str):
-        # Remove the temporary reset password from the cache.
-        delete_cached_reset_password(username, request.registry)
-        cache_account(hashed_password, username, request.registry)
+        cache.set(cache_key, hashed_password, ttl=cache_ttl)
         return True
 
 

kinto/plugins/accounts/utils.py

@@ -1,14 +1,8 @@
 import bcrypt
 
-from kinto.core import utils
-
 
 ACCOUNT_CACHE_KEY = "accounts:{}:verified"
 ACCOUNT_POLICY_NAME = "account"
-ACCOUNT_RESET_PASSWORD_CACHE_KEY = "accounts:{}:reset-password"
-ACCOUNT_VALIDATION_CACHE_KEY = "accounts:{}:validation-key"
-DEFAULT_RESET_PASSWORD_CACHE_TTL_SECONDS = 7 * 24 * 60 * 60
-DEFAULT_VALIDATION_KEY_CACHE_TTL_SECONDS = 7 * 24 * 60 * 60
 
 
 def hash_password(password):
@@ -17,130 +11,3 @@ def hash_password(password):
     pwd_str = password.encode(encoding="utf-8")
     hashed = bcrypt.hashpw(pwd_str, bcrypt.gensalt())
     return hashed.decode(encoding="utf-8")
-
-
-def is_validated(user):
-    """Is this user record validated?"""
-    # An account is "validated" if it has the `validated` field set to True, or
-    # no `validated` field at all (for accounts created before the "account
-    # validation option" was enabled).
-    return user.get("validated", True)
-
-
-def get_account_cache_key(username, registry):
-    """Given a username, return the cache key for this account."""
-    settings = registry.settings
-    hmac_secret = settings["userid_hmac_secret"]
-    cache_key = utils.hmac_digest(hmac_secret, ACCOUNT_CACHE_KEY.format(username))
-    return cache_key
-
-
-def cache_reset_password(reset_password, username, registry):
-    """Store a reset-password in the cache."""
-    settings = registry.settings
-    hmac_secret = settings["userid_hmac_secret"]
-    cache_key = utils.hmac_digest(hmac_secret, ACCOUNT_RESET_PASSWORD_CACHE_KEY.format(username))
-    # Store a reset password for 7 days by default.
-    cache_ttl = int(
-        settings.get(
-            "account_validation.reset_password_cache_ttl_seconds",
-            DEFAULT_RESET_PASSWORD_CACHE_TTL_SECONDS,
-        )
-    )
-
-    cache = registry.cache
-    cache_result = cache.set(cache_key, reset_password, ttl=cache_ttl)
-    return cache_result
-
-
-def get_cached_reset_password(username, registry):
-    """Given a username, get the reset-password from the cache."""
-    hmac_secret = registry.settings["userid_hmac_secret"]
-    cache_key = utils.hmac_digest(hmac_secret, ACCOUNT_RESET_PASSWORD_CACHE_KEY.format(username))
-
-    cache = registry.cache
-    cache_result = cache.get(cache_key)
-    return cache_result
-
-
-def delete_cached_reset_password(username, registry):
-    """Given a username, delete the reset-password from the cache."""
-    hmac_secret = registry.settings["userid_hmac_secret"]
-    cache_key = utils.hmac_digest(hmac_secret, ACCOUNT_RESET_PASSWORD_CACHE_KEY.format(username))
-
-    cache = registry.cache
-    cache_result = cache.delete(cache_key)
-    return cache_result
-
-
-def cache_validation_key(activation_key, username, registry):
-    """Store a validation_key in the cache."""
-    settings = registry.settings
-    hmac_secret = settings["userid_hmac_secret"]
-    cache_key = utils.hmac_digest(hmac_secret, ACCOUNT_VALIDATION_CACHE_KEY.format(username))
-    # Store an activation key for 7 days by default.
-    cache_ttl = int(
-        settings.get(
-            "account_validation.validation_key_cache_ttl_seconds",
-            DEFAULT_VALIDATION_KEY_CACHE_TTL_SECONDS,
-        )
-    )
-
-    cache = registry.cache
-    cache_result = cache.set(cache_key, activation_key, ttl=cache_ttl)
-    return cache_result
-
-
-def get_cached_validation_key(username, registry):
-    """Given a username, get the validation key from the cache."""
-    hmac_secret = registry.settings["userid_hmac_secret"]
-    cache_key = utils.hmac_digest(hmac_secret, ACCOUNT_VALIDATION_CACHE_KEY.format(username))
-    cache = registry.cache
-    activation_key = cache.get(cache_key)
-    return activation_key
-
-
-def delete_cached_validation_key(username, registry):
-    """Given a username, delete the validation key from the cache."""
-    hmac_secret = registry.settings["userid_hmac_secret"]
-    cache_key = utils.hmac_digest(hmac_secret, ACCOUNT_VALIDATION_CACHE_KEY.format(username))
-    cache = registry.cache
-    cache_result = cache.delete(cache_key)
-    return cache_result
-
-
-def cache_account(hashed_password, username, registry):
-    """Store an authenticated account in the cache."""
-    settings = registry.settings
-    cache_ttl = int(settings.get("account_cache_ttl_seconds", 30))
-    cache_key = get_account_cache_key(username, registry)
-    cache = registry.cache
-    cache_result = cache.set(cache_key, hashed_password, ttl=cache_ttl)
-    return cache_result
-
-
-def get_cached_account(username, registry):
-    """Given a username, get the account from the cache."""
-    cache_key = get_account_cache_key(username, registry)
-    cache = registry.cache
-    cached_account = cache.get(cache_key)
-    return cached_account
-
-
-def refresh_cached_account(username, registry):
-    """Given a username, refresh the cache TTL."""
-    settings = registry.settings
-    cache_ttl = int(settings.get("account_cache_ttl_seconds", 30))
-    cache_key = get_account_cache_key(username, registry)
-    cache = registry.cache
-    cache_result = cache.expire(cache_key, cache_ttl)
-    return cache_result
-
-
-def delete_cached_account(username, registry):
-    """Given a username, delete the account key from the cache."""
-    hmac_secret = registry.settings["userid_hmac_secret"]
-    cache_key = utils.hmac_digest(hmac_secret, ACCOUNT_CACHE_KEY.format(username))
-    cache = registry.cache
-    cache_result = cache.delete(cache_key)
-    return cache_result

kinto/plugins/accounts/{views/__init__.py → views.py}

@@ -1,6 +1,3 @@
-import re
-import uuid
-
 import colander
 from pyramid import httpexceptions
 from pyramid.authorization import Authenticated, Everyone
@@ -8,22 +5,12 @@ from pyramid.decorator import reify
 from pyramid.events import subscriber
 from pyramid.settings import aslist
 
-from kinto.core import resource
+from kinto.core import resource, utils
 from kinto.core.errors import http_error, raise_invalid
 from kinto.core.events import ACTIONS, ResourceChanged
 from kinto.views import NameGenerator
 
-from ..mails import Emailer
-from ..utils import (
-    ACCOUNT_POLICY_NAME,
-    cache_validation_key,
-    delete_cached_account,
-    get_cached_validation_key,
-    hash_password,
-)
-
-
-DEFAULT_EMAIL_REGEXP = "^[a-zA-Z0-9_.+-]+@[a-zA-Z0-9-]+\\.[a-zA-Z0-9-.]+$"
+from .utils import ACCOUNT_CACHE_KEY, ACCOUNT_POLICY_NAME, hash_password
 
 
 def _extract_posted_body_id(request):
@@ -63,13 +50,6 @@ class Account(resource.Resource):
         )
         # Shortcut to check if current is anonymous (before get_parent_id()).
         context.is_anonymous = Authenticated not in request.effective_principals
-        # Is the "accounts validation" setting set?
-        context.validation_enabled = settings.get("account_validation", False)
-        # Account validation requires the user id to be an email.
-        validation_email_regexp = settings.get(
-            "account_validation.email_regexp", DEFAULT_EMAIL_REGEXP
-        )
-        context.validation_email_regexp = re.compile(validation_email_regexp)
 
         super().__init__(request, context)
 
@@ -122,26 +102,6 @@ class Account(resource.Resource):
             error_details = {"name": "data.id", "description": "Accounts must have an ID."}
             raise_invalid(self.request, **error_details)
 
-        # Account validation requires that the record ID is an email address.
-        # TODO: this might be better suited for a schema. Do we have a way to
-        # dynamically change the schema according to the settings?
-        if self.context.validation_enabled and old is None:
-            email_regexp = self.context.validation_email_regexp
-            # Account validation requires that the record ID is an email address.
-            user_email = new[self.model.id_field]
-            if not email_regexp.match(user_email):
-                error_details = {
-                    "name": "data.id",
-                    "description": f"Account validation is enabled, and user id should match {email_regexp}",
-                }
-                raise_invalid(self.request, **error_details)
-
-            activation_key = str(uuid.uuid4())
-            new["validated"] = False
-
-            # Store the activation key in the cache to be used in the `validate` endpoint.
-            cache_validation_key(activation_key, new["id"], self.request.registry)
-
         # Administrators can reach other accounts and anonymous have no
         # selected_userid. So do not try to enforce.
         if self.context.is_administrator or self.context.is_anonymous:
@@ -164,28 +124,13 @@ class Account(resource.Resource):
 )
 def on_account_changed(event):
     request = event.request
+    cache = request.registry.cache
+    settings = request.registry.settings
+    hmac_secret = settings["userid_hmac_secret"]
 
     for obj in event.impacted_objects:
         # Extract username and password from current user
         username = obj["old"]["id"]
+        cache_key = utils.hmac_digest(hmac_secret, ACCOUNT_CACHE_KEY.format(username))
         # Delete cache
-        delete_cached_account(username, request.registry)
-
-
-# Send activation code by email on account creation if account validation is enabled.
-@subscriber(ResourceChanged, for_resources=("account",), for_actions=(ACTIONS.CREATE,))
-def on_account_created(event):
-    request = event.request
-    settings = request.registry.settings
-    if not settings.get("account_validation", False):
-        return
-
-    for impacted_object in event.impacted_objects:
-        account = impacted_object["new"]
-        user_email = account["id"]
-        activation_key = get_cached_validation_key(user_email, request.registry)
-        if activation_key is None:
-            continue
-
-        # Send an email to the user with the link to activate their account.
-        Emailer(request, account).send_activation(activation_key)
+        cache.delete(cache_key)

kinto/plugins/admin/VERSION

@@ -1 +1 @@
-3.5.1
+3.6.0

kinto/plugins/admin/build/VERSION

@@ -1 +1 @@
-3.5.1
+3.6.0

kinto/plugins/admin/build/assets/asn1-EdZsLKOL.js

@@ -0,0 +1 @@
+function u(i){for(var s={},c=i.split(" "),T=0;T<c.length;++T)s[c[T]]=!0;return s}const o={keywords:u("DEFINITIONS OBJECTS IF DERIVED INFORMATION ACTION REPLY ANY NAMED CHARACTERIZED BEHAVIOUR REGISTERED WITH AS IDENTIFIED CONSTRAINED BY PRESENT BEGIN IMPORTS FROM UNITS SYNTAX MIN-ACCESS MAX-ACCESS MINACCESS MAXACCESS REVISION STATUS DESCRIPTION SEQUENCE SET COMPONENTS OF CHOICE DistinguishedName ENUMERATED SIZE MODULE END INDEX AUGMENTS EXTENSIBILITY IMPLIED EXPORTS"),cmipVerbs:u("ACTIONS ADD GET NOTIFICATIONS REPLACE REMOVE"),compareTypes:u("OPTIONAL DEFAULT MANAGED MODULE-TYPE MODULE_IDENTITY MODULE-COMPLIANCE OBJECT-TYPE OBJECT-IDENTITY OBJECT-COMPLIANCE MODE CONFIRMED CONDITIONAL SUBORDINATE SUPERIOR CLASS TRUE FALSE NULL TEXTUAL-CONVENTION"),status:u("current deprecated mandatory obsolete"),tags:u("APPLICATION AUTOMATIC EXPLICIT IMPLICIT PRIVATE TAGS UNIVERSAL"),storage:u("BOOLEAN INTEGER OBJECT IDENTIFIER BIT OCTET STRING UTCTime InterfaceIndex IANAifType CMIP-Attribute REAL PACKAGE PACKAGES IpAddress PhysAddress NetworkAddress BITS BMPString TimeStamp TimeTicks TruthValue RowStatus DisplayString GeneralString GraphicString IA5String NumericString PrintableString SnmpAdminString TeletexString UTF8String VideotexString VisibleString StringStore ISO646String T61String UniversalString Unsigned32 Integer32 Gauge Gauge32 Counter Counter32 Counter64"),modifier:u("ATTRIBUTE ATTRIBUTES MANDATORY-GROUP MANDATORY-GROUPS GROUP GROUPS ELEMENTS EQUALITY ORDERING SUBSTRINGS DEFINED"),accessTypes:u("not-accessible accessible-for-notify read-only read-create read-write"),multiLineStrings:!0};function g(i){var s=i.keywords||o.keywords,c=i.cmipVerbs||o.cmipVerbs,T=i.compareTypes||o.compareTypes,N=i.status||o.status,d=i.tags||o.tags,f=i.storage||o.storage,m=i.modifier||o.modifier,C=i.accessTypes||o.accessTypes;i.multiLineStrings||o.multiLineStrings;var R=i.indentStatements!==!1,A=/[\|\^]/,E;function y(e,n){var t=e.next();if(t=='"'||t=="'")return n.tokenize=D(t),n.tokenize(e,n);if(/[\[\]\(\){}:=,;]/.test(t))return E=t,"punctuation";if(t=="-"&&e.eat("-"))return e.skipToEnd(),"comment";if(/\d/.test(t))return e.eatWhile(/[\w\.]/),"number";if(A.test(t))return e.eatWhile(A),"operator";e.eatWhile(/[\w\-]/);var r=e.current();return s.propertyIsEnumerable(r)?"keyword":c.propertyIsEnumerable(r)?"variableName":T.propertyIsEnumerable(r)?"atom":N.propertyIsEnumerable(r)?"comment":d.propertyIsEnumerable(r)?"typeName":f.propertyIsEnumerable(r)||m.propertyIsEnumerable(r)||C.propertyIsEnumerable(r)?"modifier":"variableName"}function D(e){return function(n,t){for(var r=!1,S,O=!1;(S=n.next())!=null;){if(S==e&&!r){var I=n.peek();I&&(I=I.toLowerCase(),(I=="b"||I=="h"||I=="o")&&n.next()),O=!0;break}r=!r&&S=="\\"}return O&&(t.tokenize=null),"string"}}function p(e,n,t,r,S){this.indented=e,this.column=n,this.type=t,this.align=r,this.prev=S}function a(e,n,t){var r=e.indented;return e.context&&e.context.type=="statement"&&(r=e.context.indented),e.context=new p(r,n,t,null,e.context)}function l(e){var n=e.context.type;return(n==")"||n=="]"||n=="}")&&(e.indented=e.context.indented),e.context=e.context.prev}return{name:"asn1",startState:function(){return{tokenize:null,context:new p(-2,0,"top",!1),indented:0,startOfLine:!0}},token:function(e,n){var t=n.context;if(e.sol()&&(t.align==null&&(t.align=!1),n.indented=e.indentation(),n.startOfLine=!0),e.eatSpace())return null;E=null;var r=(n.tokenize||y)(e,n);if(r=="comment")return r;if(t.align==null&&(t.align=!0),(E==";"||E==":"||E==",")&&t.type=="statement")l(n);else if(E=="{")a(n,e.column(),"}");else if(E=="[")a(n,e.column(),"]");else if(E=="(")a(n,e.column(),")");else if(E=="}"){for(;t.type=="statement";)t=l(n);for(t.type=="}"&&(t=l(n));t.type=="statement";)t=l(n)}else E==t.type?l(n):R&&((t.type=="}"||t.type=="top")&&E!=";"||t.type=="statement"&&E=="newstatement")&&a(n,e.column(),"statement");return n.startOfLine=!1,r},languageData:{indentOnInput:/^\s*[{}]$/,commentTokens:{line:"--"}}}}export{g as asn1};