Current File : //proc/self/root/usr/lib/python3/dist-packages/botocore/__pycache__/credentials.cpython-312.pyc
�

P��e;K��|�ddlZddlZddlZddlZddlZddlZddlZddlZddlm	Z	ddl
mZddlm
Z
ddlmZddlmZmZddlZddlZddlmZddlmZmZdd	lmZdd
lmZmZmZmZm Z m!Z!m"Z"m#Z#m$Z$ddl%m&Z&ddl'm(Z(m)Z)m*Z*m+Z+m,Z,m-Z-m.Z.ej^e0�Z1e	d
gd��Z2dZ3dZ4dGd�Z5Gd�d�Z6d�Z7d�Z8d�Z9dHd�Z:d�Z;d�Z<d�Z=Gd�d�Z>Gd�de>�Z?Gd�d e?�Z@Gd!�d"�ZAGd#�d$eA�ZBGd%�d&eB�ZCGd'�d(eB�ZDGd)�d*�ZEGd+�d,eE�ZFGd-�d.eE�ZGGd/�d0eE�ZHGd1�d2eE�ZIGd3�d4eE�ZJGd5�d6eE�ZKGd7�d8eE�ZLGd9�d:eE�ZMGd;�d<eE�ZNGd=�d>�ZOGd?�d@eE�ZPGdA�dB�ZQGdC�dDeA�ZRGdE�dFeE�ZSy)I�N)�
namedtuple)�deepcopy)�sha1��parse)�tzlocal�tzutc)�UNSIGNED)�compat_shell_split�
total_seconds)�Config)	�ConfigNotFound�CredentialRetrievalError�InfiniteLoopConfigError�InvalidConfigError�MetadataRetrievalError�PartialCredentialsError�RefreshWithMFAUnsupportedError�UnauthorizedSSOTokenError�UnknownCredentialError)�SSOTokenProvider)�ContainerMetadataFetcher�FileWebIdentityTokenLoader�InstanceMetadataFetcher�
JSONFileCache�SSOTokenLoader�parse_key_val_file�resolve_imds_endpoint_mode�ReadOnlyCredentials��
access_key�
secret_key�tokeniX�c�����jd�xsd}�jd�}�jd�}�j�jd�du}�jd�t��t�jd�d�}|�i}t�}t
�}	tt||�j�|�	��
�}
t�||��}t�fd�t�|�||t||	|
g�|�
�}||g}
|j||��}t�t!�|	|
g}|
|z|z}|r&|j#|�t$j'd�t)|��}|S)z�Create a default credential resolver.

    This creates a pre-configured credential resolver
    that includes the default lookup chain for
    credentials.

    �profile�default�metadata_service_timeout�metadata_service_num_attemptsN�ec2_metadata_service_endpoint�ec2_metadata_v1_disabled)r*�"ec2_metadata_service_endpoint_mode�ec2_credential_refresh_windowr+)�timeout�num_attempts�
user_agent�config)�iam_role_fetcher)�cache�region_namec����jS�N)�full_config��sessions��6/usr/lib/python3/dist-packages/botocore/credentials.py�<lambda>z,create_credential_resolver.<locals>.<lambda>ms
���G�/�/��)�load_config�client_creatorr3�profile_name�credential_sourcer�profile_provider_builder�r?�disable_env_varszWSkipping environment variable credential check because profile name was explicitly set.��	providers)�get_config_variable�instance_variables�getr�!_DEFAULT_ADVISORY_REFRESH_TIMEOUT�EnvProvider�ContainerProvider�InstanceMetadataProviderrr0�ProfileProviderBuilder�AssumeRoleProvider�_get_client_creator�CanonicalNameCredentialSourcerrE�OriginalEC2Provider�BotoProvider�remove�logger�debug�CredentialResolver)r9r3r4r?�metadata_timeoutr/rC�imds_config�env_provider�container_provider�instance_metadata_providerrA�assume_role_provider�pre_profile�profile_providers�post_profilerE�resolvers`                 r:�create_credential_resolverraAs�����.�.�y�9�F�Y�L��2�2�3M�N���.�.�/N�O�L��1�1�3�7�7�	�B�$�N��*1�)D�)D�+�*
�/I��/
�*K�$+�$?�$?�&�%
��K�
�}����=�L�*�,��!9�0�$�%��)�)�+��	
�"�� 6��u�+� ��.�/�*�7�K�@��!�9�
�-�/I�J�
�":�	��	���K�1�:�:�!�)�;���
	�����"�	�L��/�/�,�>�I�� 	����&����
8�	
�
"�I�6�H��Or<c�@�eZdZdZ	d
d�Zdd�Zd�Zd�Zd�Zd�Z	d	�Z
y)rMa�This class handles the creation of profile based providers.

    NOTE: This class is only intended for internal use.

    This class handles the creation and ordering of the various credential
    providers that primarly source their configuration from the shared config.
    This is needed to enable sharing between the default credential chain and
    the source profile chain created by the assume role provider.
    Nc�<�||_||_||_||_yr6)�_session�_cache�_region_name�_sso_token_cache)�selfr9r3r4�sso_token_caches     r:�__init__zProfileProviderBuilder.__init__�s"�� ��
����'��� /��r<c��|j||�|j|�|j|�|j|�|j	|�gSr6)�_create_web_identity_provider�_create_sso_provider�"_create_shared_credential_provider�_create_process_provider�_create_config_provider�rhr?rCs   r:rEz ProfileProviderBuilder.providers�sZ���.�.�� �
�
�%�%�l�3��3�3�L�A��)�)�,�7��(�(��6�	
�		
r<c�$��t|�fd���S)Nc�0���jjSr6�rdr7�rhs�r:r;zAProfileProviderBuilder._create_process_provider.<locals>.<lambda>������
�
� 9� 9�r<)r?r=)�ProcessProvider�rhr?s` r:roz/ProfileProviderBuilder._create_process_provider�s����%�9�
�	
r<c�R�|jjd�}t||��S)N�credentials_file)r?�creds_filename)rdrF�SharedCredentialProvider)rhr?�credential_files   r:rnz9ProfileProviderBuilder._create_shared_credential_provider�s*���-�-�;�;�<N�O��'�%�*�
�	
r<c�R�|jjd�}t||��S)N�config_file)r?�config_filename)rdrF�ConfigProvider)rhr?rs   r:rpz.ProfileProviderBuilder._create_config_provider�s)���m�m�7�7�
�F���%�'�
�	
r<c�z��t�fd�t�j�j��j||��S)Nc�0���jjSr6rtrus�r:r;zFProfileProviderBuilder._create_web_identity_provider.<locals>.<lambda>�rvr<)r=r>r3r?rC)�!AssumeRoleWithWebIdentityProviderrOrdrfrerqs`  r:rlz4ProfileProviderBuilder._create_web_identity_provider�s9���0�9�.��
�
�t�0�0���+�+�%�-�
�	
r<c���t�fd��jj|�j�jt�j�j|����S)Nc�0���jjSr6rtrus�r:r;z=ProfileProviderBuilder._create_sso_provider.<locals>.<lambda>�rvr<)r3r?)r=r>r?r3�token_cache�token_provider)�SSOProviderrd�
create_clientrergrrxs` r:rmz+ProfileProviderBuilder._create_sso_provider�sN����9��=�=�6�6�%��+�+��-�-�+��
�
��+�+�)��

�	
r<�NNN�F)�__name__�
__module__�__qualname__�__doc__rjrErornrprlrm�r<r:rMrM�s1���FJ�0�

�
�
�
�	
�
r<rMc�8�t|�}|j�Sr6)ra�load_credentials)r9r`s  r:�get_credentialsr��s��)�'�2�H��$�$�&�&r<c�P�tjjt��Sr6)�datetime�nowrr�r<r:�
_local_nowr��s����� � ���+�+r<c�P�t|tj�r|St|�Sr6)�
isinstancer�r)�values r:�_parse_if_neededr��s!���%��*�*�+�����<�r<c��t|tj�r#|r|j�S|jd�S|S)Nz%Y-%m-%dT%H:%M:%S%Z)r�r��	isoformat�strftime)r��isos  r:�_serialize_if_neededr��s7���%��*�*�+���?�?�$�$��~�~�3�4�4��Lr<c������fd�}|S)Nc�V��d�i}|jdi|���j|fi|��S)Nr4r�)�updater�)�service_name�kwargs�create_client_kwargsr4r9s   ��r:r>z+_get_client_creator.<locals>.client_creators;��� -�{�;��#��#�#�-�f�-�$�w�$�$�\�J�5I�J�Jr<r�)r9r4r>s`` r:rOrOs���K�
�r<c������fd�}|S)Nc�j���jdi���}|d}|d|d|dt|d�d�S)N�Credentials�AccessKeyId�SecretAccessKey�SessionToken�
Expiration�r!r"r#�expiry_timer�)�assume_roler�)�response�credentials�client�paramss  ��r:�refreshz-create_assume_role_refresher.<locals>.refreshsT���%�6�%�%�/��/���}�-��&�m�4�%�&7�8� ��0�/��L�0I�J�	
�	
r<r�)r�r�r�s`` r:�create_assume_role_refresherr�s���

��Nr<c�&�Gd�d�}||�S)Nc��eZdZd�Zd�Zy)�/create_mfa_serial_refresher.<locals>._Refresherc� �||_d|_y)NF)�_refresh�_has_been_called)rhr�s  r:rjz8create_mfa_serial_refresher.<locals>._Refresher.__init__ s��#�D�M�$)�D�!r<c�\�|jr
t��d|_|j�S�NT)r�rr�rus r:�__call__z8create_mfa_serial_refresher.<locals>._Refresher.__call__$s*���$�$�5�6�6�$(�D�!��=�=�?�"r<N)r�r�r�rjr�r�r<r:�
_Refresherr�s��	*�	#r<r�r�)�actual_refreshr�s  r:�create_mfa_serial_refresherr�s��#�#��n�%�%r<c�$�eZdZdZdd�Zd�Zd�Zy)r�ap
    Holds the credentials needed to authenticate requests.

    :param str access_key: The access key part of the credentials.
    :param str secret_key: The secret key part of the credentials.
    :param str token: The security token, valid only for session credentials.
    :param str method: A string which identifies where the credentials
        were found.
    Nc�d�||_||_||_|�d}||_|j	�y)N�explicit)r!r"r#�method�
_normalize)rhr!r"r#r�s     r:rjzCredentials.__init__;s2��$���$�����
��>��F�������r<c��tjj|j�|_tjj|j�|_yr6)�botocore�compat�ensure_unicoder!r"rus r:r�zCredentials._normalizeFs8��#�/�/�8�8����I���"�/�/�8�8����I��r<c�X�t|j|j|j�Sr6)rr!r"r#rus r:�get_frozen_credentialsz"Credentials.get_frozen_credentialsPs"��"��O�O�T�_�_�d�j�j�
�	
r<�NN)r�r�r�r�rjr�r�r�r<r:r�r�0s���	�J�
r<r�c��eZdZdZeZeZeddfd�Z	d�Z
e		dd��Ze
d��Zejd��Ze
d��Zejd	��Ze
d
��Zejd��Zd�Zdd
�Zd�Zd�Zd�Zed��Zd�Zd�Zy)�RefreshableCredentialsa�
    Holds the credentials needed to authenticate requests. In addition, it
    knows how to refresh itself.

    :param str access_key: The access key part of the credentials.
    :param str secret_key: The secret key part of the credentials.
    :param str token: The security token, valid only for session credentials.
    :param datetime expiry_time: The expiration time of the credentials.
    :param function refresh_using: Callback function to refresh the credentials.
    :param str method: A string which identifies where the credentials
        were found.
    :param function time_fetcher: Callback function to retrieve current time.
    Nc
��||_||_||_||_||_||_t
j�|_||_	t|||�|_|j�|�||_
|	�|	|_yyr6)�_refresh_using�_access_key�_secret_key�_token�_expiry_time�
_time_fetcher�	threading�Lock�
_refresh_lockr�r�_frozen_credentialsr��_advisory_refresh_timeout�_mandatory_refresh_timeout)
rhr!r"r#r��
refresh_usingr��time_fetcher�advisory_timeout�mandatory_timeouts
          r:rjzRefreshableCredentials.__init__ls���,���%���%������'���)���&�^�^�-������#6��
�E�$
�� �	
�����'�-=�D�*��(�.?�D�+�)r<c��tjj|j�|_tjj|j�|_yr6)r�r�r�r�r�rus r:r�z!RefreshableCredentials._normalize�s<��#�?�?�9�9�$�:J�:J�K���#�?�?�9�9�$�:J�:J�K��r<c
�z�i}|�||d<|�||d<|d|d|d|d|j|d�||d�|��}|S)	Nr�r�r!r"r#r�)r!r"r#r�r�r�r�)�_expiry_datetime)�cls�metadatar�r�r�r�r��instances        r:�create_from_metadataz+RefreshableCredentials.create_from_metadata�s|�����'�)9�F�%�&��(�*;�F�&�'��
���-���-��7�#��,�,�X�m�-D�E��'�

��
���r<c�:�|j�|jS�z�Warning: Using this property can lead to race conditions if you
        access another property subsequently along the refresh boundary.
        Please use get_frozen_credentials instead.
        )r�r�rus r:r!z!RefreshableCredentials.access_key����	
�
�
�����r<c��||_yr6)r��rhr�s  r:r!z!RefreshableCredentials.access_key��
�� ��r<c�:�|j�|jSr�)r�r�rus r:r"z!RefreshableCredentials.secret_key�r�r<c��||_yr6)r�r�s  r:r"z!RefreshableCredentials.secret_key�r�r<c�:�|j�|jSr�)r�r�rus r:r#zRefreshableCredentials.token�s��	
�
�
���{�{�r<c��||_yr6)r�r�s  r:r#zRefreshableCredentials.token�s	����r<c�R�|j|j�z
}t|�Sr6)r�r�r)rh�deltas  r:�_seconds_remainingz)RefreshableCredentials._seconds_remaining�s&���!�!�D�$6�$6�$8�8���U�#�#r<c��|j�y|�|j}|j�|k\rytj	d�y)a�Check if a refresh is needed.

        A refresh is needed if the expiry time associated
        with the temporary credentials is less than the
        provided ``refresh_in``.  If ``time_delta`` is not
        provided, ``self.advisory_refresh_needed`` will be used.

        For example, if your temporary credentials expire
        in 10 minutes and the provided ``refresh_in`` is
        ``15 * 60``, then this function will return ``True``.

        :type refresh_in: int
        :param refresh_in: The number of seconds before the
            credentials expire in which refresh attempts should
            be made.

        :return: True if refresh needed, False otherwise.

        Fz!Credentials need to be refreshed.T)r�r�r�rTrU)rh�
refresh_ins  r:�refresh_neededz%RefreshableCredentials.refresh_needed�sJ��(���$�����7�7�J��"�"�$�
�2�����8�9�r<c�&�|jd��S)Nr)r�)r�rus r:�_is_expiredz"RefreshableCredentials._is_expired�s���"�"�a�"�0�0r<c��|j|j�sy|jjd�r�	|j|j�s	|jj	�y|j|j
�}|j
|��	|jj	�y|j|j
�rM|j5|j|j
�s
	ddd�y|j
d��ddd�yy#|jj	�wxYw#1swYyxYw)NF)�is_mandatoryT)r�r�r��acquire�releaser��_protected_refresh)rh�is_mandatory_refreshs  r:r�zRefreshableCredentials._refresh�s/���"�"�4�#A�#A�B�����%�%�e�,�	
-��*�*�4�+I�+I�J���"�"�*�*�,�
(,�':�':��3�3�(�$��'�'�5I�'�J���"�"�*�*�,�
�
 �
 ��!@�!@�
A��#�#�
;��*�*�4�+J�+J�K��
;�
;��'�'�T�'�:�
;�
;�B���"�"�*�*�,��
;�
;�s#�D"�0-D"� E�E�"D>�E
c�l�	|j�}|j	|�t|j|j|j�|_	|j�r"d}tj|�t|��y#t$r$|rdnd}tjd|d��|r�YywxYw)N�	mandatory�advisoryzARefreshing temporary credentials failed during %s refresh period.T��exc_infozLCredentials were refreshed, but the refreshed credentials are still expired.)r��	ExceptionrT�warning�_set_from_datarr�r�r�r�r��RuntimeError)rhr�r��period_name�msgs     r:rz)RefreshableCredentials._protected_refreshs���	��*�*�,�H�$	
���H�%�#6����d�.�.����$
�� �����;�
�
�N�N�3���s�#�#���+�	�)5�+�:�K��N�N�,���	
�
���
�!	�s�B�*B3�2B3c��t|�Sr6r)�time_strs r:r�z'RefreshableCredentials._expiry_datetime=s���X��r<c�d�gd�}|s|}n|D�cgc]	}||vs�|��}}|r+d}t|j|dj|�z���|d|_|d|_|d|_t
|d�|_tjd	|j�|j�ycc}w)
Nr�z7Credential refresh failed, response did not contain: %s�, ��provider�	error_msgr!r"r#r�z(Retrieved credentials will expire at: %s)rr��joinr!r"r#rr�rTrUr�)rh�data�
expected_keys�missing_keys�k�messages      r:r	z%RefreshableCredentials._set_from_dataAs���L�
��(�L�'4�F�!���
�A�F�L�F��O�G�*����!�D�I�I�l�$;�;��
�
�|�,����|�,����'�]��
�!�$�}�"5�6������6��8I�8I�	
�	
�����!Gs
�	B-�B-c�:�|j�|jS)a�Return immutable credentials.

        The ``access_key``, ``secret_key``, and ``token`` properties
        on this class will always check and refresh credentials if
        needed before returning the particular credentials.

        This has an edge case where you can get inconsistent
        credentials.  Imagine this:

            # Current creds are "t1"
            tmp.access_key  ---> expired? no, so return t1.access_key
            # ---- time is now expired, creds need refreshing to "t2" ----
            tmp.secret_key  ---> expired? yes, refresh and return t2.secret_key

        This means we're using the access key from t1 with the secret key
        from t2.  To fix this issue, you can request a frozen credential object
        which is guaranteed not to change.

        The frozen credentials returned from this method should be used
        immediately and then discarded.  The typical usage pattern would
        be::

            creds = RefreshableCredentials(...)
            some_code = SomeSignerObject()
            # I'm about to sign the request.
            # The frozen credentials are only used for the
            # duration of generate_presigned_url and will be
            # immediately thrown away.
            request = some_code.sign_some_request(
                with_credentials=creds.get_frozen_credentials())
            print("Signed request:", request)

        )r�r�rus r:r�z-RefreshableCredentials.get_frozen_credentialsXs��D	
�
�
���'�'�'r<r�r6)r�r�r�r�rIr��"_DEFAULT_MANDATORY_REFRESH_TIMEOUTr�r�rjr��classmethodr��propertyr!�setterr"r#r�r�r�r�r�staticmethodr�r	r�r�r<r:r�r�Vs
��� !B��"D�� ���@�:L����
���2� �� ����!��!�� �� ����!��!������\�\����$� �D1�;�<%$�N�����.#(r<r�c�.��eZdZdZefd�Zd�fd�	Z�xZS)�DeferredRefreshableCredentialszyRefreshable credentials that don't require initial credentials.

    refresh_using will be called upon first access.
    c��||_d|_d|_d|_d|_||_t
j�|_||_	d|_
yr6)r�r�r�r�r�r�r�r�r�r�r�)rhr�r�r�s    r:rjz'DeferredRefreshableCredentials.__init__�sO��+������������ ���)���&�^�^�-������#'�� r<c�<��|j�yt�|�	|�Sr�)r��superr�)rhr��	__class__s  �r:r�z-DeferredRefreshableCredentials.refresh_needed�s"����#�#�+���w�%�j�1�1r<r6)r�r�r�r�r�rjr��
__classcell__�r%s@r:r!r!~s����
<F�	(�2�2r<r!c�H�eZdZdZdd�Zd�Zd�Zd�Zd�Zd�Z	d	�Z
d
�Zd�Zy)
�CachedCredentialFetcherr$Nc�n�|�i}||_|j�|_|�|j}||_yr6)re�_create_cache_key�
_cache_key�DEFAULT_EXPIRY_WINDOW_SECONDS�_expiry_window_seconds)rhr3�expiry_window_secondss   r:rjz CachedCredentialFetcher.__init__�s=���=��E�����0�0�2��� �(�$(�$F�$F�!�&;��#r<c��td��)Nz_create_cache_key()��NotImplementedErrorrus r:r+z)CachedCredentialFetcher._create_cache_key�s��!�"7�8�8r<c��|jdd�jtjd�}|jdd�S)N�:�_�/)�replace�os�sep)rh�filenames  r:�_make_file_safez'CachedCredentialFetcher._make_file_safe�s8���#�#�C��-�5�5�b�f�f�c�B������S�)�)r<c��td��)Nz_get_credentials()r1rus r:�_get_credentialsz(CachedCredentialFetcher._get_credentials�s��!�"6�7�7r<c�"�|j�Sr6)�_get_cached_credentialsrus r:�fetch_credentialsz)CachedCredentialFetcher.fetch_credentials�s���+�+�-�-r<c���|j�}|�"|j�}|j|�ntj	d�|d}t|dd��}|d|d|d|d	�S)
z�Get up-to-date credentials.

        This will check the cache for up-to-date credentials, calling assume
        role if none are available.
        z*Credentials for role retrieved from cache.r�r�T)r�r�r�r�r�)�_load_from_cacher=�_write_to_cacherTrUr�)rhr��creds�
expirations    r:r?z/CachedCredentialFetcher._get_cached_credentials�s����(�(�*�����,�,�.�H�� � ��*��L�L�E�F���'��)�%��*=�4�H�
��
�.�� 1�2��>�*�%�	
�	
r<c���|j|jvrJt|j|j�}|j|�s|Stjd�y)Nz6Credentials were found in cache, but they are expired.)r,rerr�rTrU)rhrDs  r:rBz(CachedCredentialFetcher._load_from_cache�sP���?�?�d�k�k�)��T�[�[����9�:�E��#�#�E�*������L��r<c�H�t|�|j|j<yr6)rrer,)rhr�s  r:rCz'CachedCredentialFetcher._write_to_cache�s��'/��'9����D�O�O�$r<c�n�t|dd�}t|t�z
�}||jkS)z!Check if credentials are expired.r�r�)r�rr�r.)rhr��end_time�secondss    r:r�z#CachedCredentialFetcher._is_expired�s8��#�K�
�$>�|�$L�M����:�<� 7�8����4�4�4�4r<r�)
r�r�r�r-rjr+r;r=r@r?rBrCr�r�r<r:r)r)�s5��$+�!�<�9�*�
8�.�
�,	�:�5r<r)c�2��eZdZ			d�fd�	Zd�Zd�Z�xZS)�BaseAssumeRoleCredentialFetcherc�.��||_||_|�i|_nt|�|_|j|jd<|jj	d�|_d|_|j
s|j�t�|�%||�y)N�RoleArn�RoleSessionNameF)
�_client_creator�	_role_arn�_assume_kwargsrrH�_role_session_name�_using_default_session_name�_generate_assume_role_namer$rj)rhr>�role_arn�
extra_argsr3r/r%s      �r:rjz(BaseAssumeRoleCredentialFetcher.__init__�s���� .���!�����"$�D��"*�:�"6�D��)-������I�&�"&�"5�"5�"9�"9�:K�"L���+0��(��&�&��+�+�-�
���� 5�6r<c��dttj��z|_|j|jd<d|_y)Nzbotocore-session-%srOT)�int�timerSrRrTrus r:rUz:BaseAssumeRoleCredentialFetcher._generate_assume_role_name�s9��"7�3�t�y�y�{�;K�"L���15�1H�1H����-�.�+/��(r<c�(�t|j�}|jr|d=d|vrtj|d�|d<tj
|d��}t
|jd��j�}|j|�S)��Create a predictable cache key for the current configuration.

        The cache key is intended to be compatible with file names.
        rO�PolicyT)�	sort_keys�utf-8)
rrRrT�json�loads�dumpsr�encode�	hexdigestr;�rh�args�
argument_hashs   r:r+z1BaseAssumeRoleCredentialFetcher._create_cache_key�s���
��+�+�,���+�+��&�'��t��"�Z�Z��X��7�D��N��z�z�$�$�/���T�[�[��1�2�<�<�>�
��#�#�M�2�2r<r�)r�r�r�rjrUr+r&r's@r:rLrL�s���
��"�
7�00�
3r<rLc�:��eZdZ				d�fd�	Zd�Zd�Zd�Z�xZS)�AssumeRoleCredentialFetcherc���||_||_|j�tj|_t�|�|||||��y)a�
        :type client_creator: callable
        :param client_creator: A callable that creates a client taking
            arguments like ``Session.create_client``.

        :type source_credentials: Credentials
        :param source_credentials: The credentials to use to create the
            client for the call to AssumeRole.

        :type role_arn: str
        :param role_arn: The ARN of the role to be assumed.

        :type extra_args: dict
        :param extra_args: Any additional arguments to add to the assume
            role request using the format of the botocore operation.
            Possible keys include, but may not be limited to,
            DurationSeconds, Policy, SerialNumber, ExternalId and
            RoleSessionName.

        :type mfa_prompter: callable
        :param mfa_prompter: A callable that returns input provided by the
            user (i.e raw_input, getpass.getpass, etc.).

        :type cache: dict
        :param cache: An object that supports ``__getitem__``,
            ``__setitem__``, and ``__contains__``.  An example of this is
            the ``JSONFileCache`` class in aws-cli.

        :type expiry_window_seconds: int
        :param expiry_window_seconds: The amount of time, in seconds,
        N�rWr3r/)�_source_credentials�
_mfa_prompter�getpassr$rj)	rhr>�source_credentialsrVrW�mfa_prompterr3r/r%s	        �r:rjz$AssumeRoleCredentialFetcher.__init__sO���R$6�� �)������%�!(���D��
�����!��"7�	�	
r<c�f�|j�}|j�}|jdi|��S)�'Get credentials by calling assume role.r�)�_assume_role_kwargs�_create_clientr�)rhr�r�s   r:r=z,AssumeRoleCredentialFetcher._get_credentialsFs4���)�)�+���$�$�&��!�v�!�!�+�F�+�+r<c��t|j�}|jd�}|�d|z}|j|�}||d<|jd�}|�||d<|S)�AGet the arguments for assume role based on current configuration.�SerialNumberzEnter MFA code for %s: �	TokenCode�DurationSeconds)rrRrHrm)rh�assume_role_kwargs�
mfa_serial�prompt�
token_code�duration_secondss      r:rsz/AssumeRoleCredentialFetcher._assume_role_kwargsLsx��%�d�&9�&9�:��'�+�+�N�;�
��!�.��;�F��+�+�F�3�J�.8��{�+�-�1�1�2C�D���'�4D��0�1�!�!r<c��|jj�}|jd|j|j|j
��S)z2Create an STS client using the source credentials.�sts)�aws_access_key_id�aws_secret_access_key�aws_session_token)rlr�rPr!r"r#)rh�frozen_credentialss  r:rtz*AssumeRoleCredentialFetcher._create_client^sM��!�5�5�L�L�N���#�#��0�;�;�"4�"?�"?�0�6�6�	$�
�	
r<)NNNN)r�r�r�rjr=rsrtr&r's@r:riris&������"�4
�l,�"�$
r<ric�2��eZdZ			d�fd�	Zd�Zd�Z�xZS)�*AssumeRoleWithWebIdentityCredentialFetcherc�<��||_t�|�	|||||��y)aG
        :type client_creator: callable
        :param client_creator: A callable that creates a client taking
            arguments like ``Session.create_client``.

        :type web_identity_token_loader: callable
        :param web_identity_token_loader: A callable that takes no arguments
        and returns a web identity token str.

        :type role_arn: str
        :param role_arn: The ARN of the role to be assumed.

        :type extra_args: dict
        :param extra_args: Any additional arguments to add to the assume
            role request using the format of the botocore operation.
            Possible keys include, but may not be limited to,
            DurationSeconds, Policy, SerialNumber, ExternalId and
            RoleSessionName.

        :type cache: dict
        :param cache: An object that supports ``__getitem__``,
            ``__setitem__``, and ``__contains__``.  An example of this is
            the ``JSONFileCache`` class in aws-cli.

        :type expiry_window_seconds: int
        :param expiry_window_seconds: The amount of time, in seconds,
        rkN)�_web_identity_token_loaderr$rj)rhr>�web_identity_token_loaderrVrWr3r/r%s       �r:rjz3AssumeRoleWithWebIdentityCredentialFetcher.__init__ls0���H+D��'�
�����!��"7�	�	
r<c��|j�}tt��}|jd|��}|jdi|��S)rr)�signature_versionr��r1r�)rsr
r
rP�assume_role_with_web_identity)rhr�r1r�s    r:r=z;AssumeRoleWithWebIdentityCredentialFetcher._get_credentials�sG���)�)�+���(�3���%�%�e�F�%�;��3�v�3�3�=�f�=�=r<c�Z�t|j�}|j�}||d<|S)rv�WebIdentityToken)rrRr�)rhrz�identity_tokens   r:rsz>AssumeRoleWithWebIdentityCredentialFetcher._assume_role_kwargs�s3��%�d�&9�&9�:���8�8�:��1?��-�.�!�!r<r�)r�r�r�rjr=rsr&r's@r:r�r�is�����"�,
�\>�"r<r�c�(�eZdZdZdZdd�Zd�Zd�Zy)�CredentialProviderNc��||_yr6r8)rhr9s  r:rjzCredentialProvider.__init__�s	����r<c��y)a~
        Loads the credentials from their source & sets them on the object.

        Subclasses should implement this method (by reading from disk, the
        environment, the network or wherever), returning ``True`` if they were
        found & loaded.

        If not found, this method should return ``False``, indictating that the
        ``CredentialResolver`` should fall back to the next available method.

        The default implementation does nothing, assuming the user has set the
        ``access_key/secret_key/token`` themselves.

        :returns: Whether credentials were found & set
        :rtype: Credentials
        Tr�rus r:�loadzCredentialProvider.load�s��"r<c��g}|D]}	|j||��|S#t$rt|j|���wxYw)N�r�cred_var)�append�KeyErrorr�METHOD)rh�mapping�	key_names�found�key_names     r:�_extract_creds_from_mappingz.CredentialProvider._extract_creds_from_mapping�sZ����!�	�H�
����W�X�.�/�	����	�
�-�!�[�[�8���
�s	�!�!Ar6)r�r�r�r��CANONICAL_NAMErjr�r�r�r<r:r�r��s��
�F��N���&	r<r�c�J�eZdZdZej
fd�Zd�Zd�Ze	d��Z
y)rwzcustom-processc�<�||_||_d|_||_yr6)�
_profile_name�_load_config�_loaded_config�_popen)rhr?r=�popens    r:rjzProcessProvider.__init__�s!��)���'���"�����r<c�����j���y�j��}|jd��%tj	|��fd��j
�St
|d|d|jd��j
��S)Nr�c�&���j��Sr6)�_retrieve_credentials_using)�credential_processrhs��r:r;z&ProcessProvider.load.<locals>.<lambda>�s����8�8�9K�L�r<r!r"r#)r!r"r#r�)�_credential_processr�rHr�r�r�r�)rh�
creds_dictr�s` @r:r�zProcessProvider.load�s����!�5�5���%���5�5�6H�I�
��>�>�-�(�4�)�>�>��L�����
��!�,�/�!�,�/��.�.��)��;�;�	
�	
r<c��t|�}|j|tjtj��}|j	�\}}|j
dk7r&t
|j|jd����tjjj|jd��}|jdd�}|dk7rt
|jd|�d	����	|d
|d|jd�|jd
�d�S#t$r}t
|jd|�����d}~wwxYw)N)�stdout�stderrrr_r�Versionz<Version key not provided>�zUnsupported version 'z8' for credential process provider, supported versions: 1r�r�r�r�r�z"Missing required key in response: )rr��
subprocess�PIPE�communicate�
returncoderr��decoder�r�r`rarHr�)	rhr��process_list�pr�r��parsed�version�es	         r:r�z+ProcessProvider._retrieve_credentials_using�s7��*�*<�=���K�K��������
�
����������<�<�1��*�����
�
�g�0F��
����%�%�+�+�F�M�M�'�,B�C���*�*�Y�(D�E���a�<�*����+�G�9�56�7��
�	�$�]�3�$�%6�7����N�3�%�z�z�,�7�	�
���	�*����>�q�c�B��
��	�s�/*D�	E�#D=�=Ec���|j�|j�|_|jjdi�j|ji�}|jd�S)N�profilesr�)r�r�rHr�)rh�profile_configs  r:r�z#ProcessProvider._credential_processsa�����&�"&�"3�"3�"5�D���,�,�0�0��R�@�D�D�����
���!�!�"6�7�7r<N)r�r�r�r�r��Popenrjr�r�rr�r�r<r:rwrw�s4��
�F�8B�8H�8H��
�(!�F�8��8r<rwc� �eZdZdZdZd�Zd�Zy)rLziam-role�Ec2InstanceMetadatac��||_yr6)�
_role_fetcher)rhr2s  r:rjz!InstanceMetadataProvider.__init__(s
��-��r<c���|j}|j�}|sytjd|d�tj||j|j��}|S)Nz#Found credentials from IAM Role: %s�	role_name�r�r�)r��retrieve_iam_role_credentialsrT�infor�r�r�)rh�fetcherr�rDs    r:r�zInstanceMetadataProvider.load+sj���$�$���8�8�:�������1�8�K�3H�	
�'�;�;���;�;�!�?�?�<�
��
�r<N)r�r�r�r�r�rjr�r�r<r:rLrL$s��
�F�*�N�.�r<rLc�B�eZdZdZdZdZdZddgZdZd
d	�Z	d
�Z
d�Zd�Zy)rJ�env�Environment�AWS_ACCESS_KEY_ID�AWS_SECRET_ACCESS_KEY�AWS_SECURITY_TOKEN�AWS_SESSION_TOKEN�AWS_CREDENTIAL_EXPIRATIONNc�b�|�tj}||_|j|�|_y)a�

        :param environ: The environment variables (defaults to
            ``os.environ`` if no value is provided).
        :param mapping: An optional mapping of variable names to
            environment variable names.  Use this if you want to
            change the mapping of access_key->AWS_ACCESS_KEY_ID, etc.
            The dict can have up to 3 keys: ``access_key``, ``secret_key``,
            ``session_token``.
        N)r8�environ�_build_mapping�_mapping)rhr�r�s   r:rjzEnvProvider.__init__Ks+���?��j�j�G�����+�+�G�4��
r<c��i}|�>|j|d<|j|d<|j|d<|j|d<|S|j	d|j�|d<|j	d|j�|d<|j	d|j�|d<t|dt�s	|dg|d<|j	d|j�|d<|S)Nr!r"r#r�)�
ACCESS_KEY�
SECRET_KEY�TOKENS�EXPIRY_TIMErHr��list)rhr��var_mappings   r:r�zEnvProvider._build_mapping[s������?�(,���K��%�(,���K��%�#'�;�;�K�� �)-�)9�)9�K�
�&���)0����d�o�o�)�K��%�)0����d�o�o�)�K��%�$+�;�;�w����#D�K�� ��k�'�2�D�9�(3�G�(<�'=��G�$�)0����t�/�/�*�K�
�&��r<c�f�|jj|jdd�}|r�tj	d�|j�}|d��}|d}|�/t
|�}t|d|d|d	|||j�
�St|d|d|d	|j��Sy)zK
        Search for credentials in explicit environment variables.
        r!�z+Found credentials in environment variables.F)�require_expiryr�Nr"r#)r�r��r�)
r�rHr�rTr��_create_credentials_fetcherrr�r�r�)rhr!r�r�r�s     r:r�zEnvProvider.loadss���
�\�\�%�%�d�m�m�L�&A�2�F�
���K�K�E�F��6�6�8�G�!��7�K�%�m�4�K��&�#�K�0��-���-���-���(��")��;�;�
����L�)��L�)��G�$��{�{�	�
�r<c�d����|j�|j�|j�d���fd�	}|S)Nc�z��i}�j�dd�}|st�	�d���||d<�j�dd�}|st�	�d���||d<d|d<�dD]}�j|d�}|s�||d<nd|d<�j�dd�}|r||d<|r|st�	�d���|S)Nr!r�r�r"r#r�)rHr)
r�r�r!r"�
token_env_varr#r�r�r�r�s
       ���r:r@zBEnvProvider._create_credentials_fetcher.<locals>.fetch_credentials�s����K� ���W�\�%:�B�?�J��-�#�g�l�.C���)3�K��%� ���W�\�%:�B�?�J��-�#�g�l�.C���)3�K��%�#'�K�� �!(��!1�
�
����M�2�6���+0�K��(��	
�*.�K�
�&�!�+�+�g�m�&<�b�A�K��-8��M�*��k�-�#�g�m�.D����r<)T)r�r�r�)rhr@r�r�r�s  @@@r:r�z'EnvProvider._create_credentials_fetcher�s,����-�-�������,�,��!	�F!� r<r�)
r�r�r�r�r�r�r�r�r�rjr�r�r�r�r<r:rJrJAs=��
�F�"�N�$�J�(�J�#�$7�
8�F�-�K�5� �0�B(!r<rJc�.�eZdZdZdZdZdZdZd	d�Zd�Z	y)
rQzec2-credentials-file�	Ec2Config�AWS_CREDENTIAL_FILE�AWSAccessKeyId�AWSSecretKeyNc�T�|�tj}|�t}||_||_yr6)r8r�r�_environ�_parser)rhr��parsers   r:rjzOriginalEC2Provider.__init__�s(���?��j�j�G��>�'�F���
���r<c�N�d|jvr�tjj|jd�}|j	|�}|j
|vrKtjd�||j
}||j}t|||j��Syy)zN
        Search for a credential file used by original EC2 CLI tools.
        r�z)Found credentials in AWS_CREDENTIAL_FILE.r�N)r�r8�path�
expanduserr�r�rTr�r�r�r�)rh�	full_pathrDr!r"s     r:r�zOriginalEC2Provider.load�s���!�D�M�M�1����*�*��
�
�3�4��I��L�L��+�E����%�'����G�H�"�4�?�?�3�
�"�4�?�?�3�
�"�:�z�$�+�+�N�N�(�r<r�)
r�r�r�r�r��
CRED_FILE_ENVr�r�rjr�r�r<r:rQrQ�s%��
#�F� �N�)�M�!�J��J��r<rQc�8�eZdZdZdZdZdZddgZdd�Zd	�Z	d
�Z
y)r|zshared-credentials-file�SharedCredentialsr�r��aws_security_tokenr�Nc�n�||_|�d}||_|�tjj}||_y)Nr')�_creds_filenamer�r��configloader�raw_config_parse�_ini_parser)rhr{r?�
ini_parsers    r:rjz!SharedCredentialProvider.__init__�s<��-�����$�L�)�����!�.�.�?�?�J�%��r<c��	|j|j�}|j|vr�||j}|j|vrtt
j
d|j�|j||j|j�\}}|j|�}t||||j��Syy#t$rYywxYw)Nz0Found credentials in shared credentials file: %sr�)r�r�rr�r�rTr�r�r��_get_session_tokenr�r�)rh�available_credsr1r!r"r#s      r:r�zSharedCredentialProvider.load�s���	�"�.�.�t�/C�/C�D�O�����0�$�T�%7�%7�8�F����&�(����F��(�(��*.�)I�)I��D�O�O�T�_�_�*�&�
�J��/�/��7��"��
�E�$�+�+���)�1���	��	�s�B>�>	C
�	C
c�<�|jD]
}||vs�||cSyr6�r�)rhr1�token_envvars   r:r�z+SharedCredentialProvider._get_session_token
s(�� �K�K�	,�L��v�%��l�+�+�	,r<r�)r�r�r�r�r�r�r�r�rjr�r�r�r<r:r|r|�s2��
&�F�(�N�$�J�(�J�#�$7�
8�F�&��(,r<r|c�<�eZdZdZdZdZdZdZddgZdd	�Z	d
�Z
d�Zy)
r�z0INI based config provider with profile sections.zconfig-file�SharedConfigr�r�r�r�Nc�f�||_||_|�tjj}||_y)a

        :param config_filename: The session configuration scoped to the current
            profile.  This is available via ``session.config``.
        :param profile_name: The name of the current profile.
        :param config_parser: A config parser callable.

        N)�_config_filenamer�r�r�r=�_config_parser)rhr�r?�
config_parsers    r:rjzConfigProvider.__init__s3��!0���)���� �$�1�1�=�=�M�+��r<c��	|j|j�}|j|dvr�|d|j}|j|vrtt
j
d|j�|j||j|j�\}}|j|�}t||||j��Syy#t$rYywxYw)zr
        If there is are credentials in the configuration associated with
        the session, use those.
        Nr�z$Credentials found in config file: %sr�)rrrr�r�rTr�r�r�r�r�r�)rhr7r�r!r"r#s      r:r�zConfigProvider.load,s���
	��-�-�d�.C�.C�D�K�����Z�!8�8�(��4�T�5G�5G�H�N����.�0����:��)�)��*.�)I�)I�"�D�O�O�T�_�_�*�&�
�J��/�/��?��"��
�E�$�+�+���1���#�	��	�s�C�	C�Cc�<�|jD]
}||vs�||cSyr6r)rhr��
token_names   r:r�z!ConfigProvider._get_session_tokenFs(���+�+�	2�J��^�+�%�j�1�1�	2r<r6)r�r�r�r�r�r�r�r�r�rjr�r�r�r<r:r�r�s5��:�
�F�#�N�$�J�(�J�#�$7�
8�F�
,��42r<r�c�6�eZdZdZdZdZddgZdZdZdd	�Z	d
�Z
y)rRzboto-config�Boto2Config�BOTO_CONFIGz
/etc/boto.cfgz~/.botor�r�Nc�|�|�tj}|�tjj}||_||_yr6)r8r�r�r�r�r�r�)rhr�r�s   r:rjzBotoProvider.__init__Us6���?��j�j�G���!�.�.�?�?�J���
�%��r<c��|j|jvr|j|jg}n|j}|D]�}	|j|�}d|vs�|d}|j
|vs�.tjd|�|j||j
|j�\}}t|||j��cSy#t$rY��wxYw)z;
        Look for credentials in boto config file.
        r�z)Found credentials in boto config file: %sr�N)�BOTO_CONFIG_ENVr��DEFAULT_CONFIG_FILENAMESr�rr�rTr�r�r�r�r�)rh�potential_locationsr:r1r�r!r"s       r:r�zBotoProvider.load]s������4�=�=�0�#'�=�=��1E�1E�#F�"G��"&�"?�"?��+�	�H�
��)�)�(�3����&�$�]�3���?�?�k�1��K�K�C�X��.2�-M�-M�#�T�_�_�d�o�o�.�*�J�
�'�"�J�t�{�{���	��"�
��
�s�C�	C�Cr�)r�r�r�r�r�rrr�r�rjr�r�r<r:rRrRLs0��
�F�"�N�#�O� /��;��$�J�(�J�&�r<rRc��eZdZdZdZdZdZdZejddfd�Z	d�Z
d�Zd	�Zd
�Z
d�Zd�Zd
�Zd�Zd�Zd�Zd�Zd�Zy)rN�assume-roleNrV�web_identity_token_filer$c��||_||_||_||_||_i|_||_||_|jg|_y)a�
        :type load_config: callable
        :param load_config: A function that accepts no arguments, and
            when called, will return the full configuration dictionary
            for the session (``session.full_config``).

        :type client_creator: callable
        :param client_creator: A factory function that will create
            a client when called.  Has the same interface as
            ``botocore.session.Session.create_client``.

        :type cache: dict
        :param cache: An object that supports ``__getitem__``,
            ``__setitem__``, and ``__contains__``.  An example
            of this is the ``JSONFileCache`` class in the CLI.

        :type profile_name: str
        :param profile_name: The name of the profile.

        :type prompter: callable
        :param prompter: A callable that returns input provided
            by the user (i.e raw_input, getpass.getpass, etc.).

        :type credential_sourcer: CanonicalNameCredentialSourcer
        :param credential_sourcer: A credential provider that takes a
            configuration, which is used to provide the source credentials
            for the STS call.
        N)	r3r�rPr��	_prompterr��_credential_sourcer�_profile_provider_builder�_visited_profiles)rhr=r>r3r?�prompterr@rAs        r:rjzAssumeRoleProvider.__init__�sX��V��
�'��� .���)���!���!���#5�� �)A��&�"&�"4�"4�!5��r<c��|j�|_|jjdi�}|j|ji�}|j	|�r|j|j�Sy�Nr�)r�r�rHr��_has_assume_role_config_vars�_load_creds_via_assume_role)rhr�r&s   r:r�zAssumeRoleProvider.load�sk��"�/�/�1����&�&�*�*�:�r�:���,�,�t�1�1�2�6���,�,�W�5��3�3�D�4F�4F�G�G�6r<c�>�|j|vxr|j|vSr6)�ROLE_CONFIG_VAR�WEB_IDENTITY_TOKE_FILE_VAR�rhr&s  r:r z/AssumeRoleProvider._has_assume_role_config_vars�s*��� � �G�+�
;�
�+�+�7�:�	
r<c���|j|�}|j||�}i}|jd�}|�||d<|jd�}|�||d<|jd�}|�||d<|jd�}|�||d<t|j||d	||j
|j�
�}	|	j}
|�t|
�}
t|j|
t��S)N�role_session_namerO�external_id�
ExternalIdr{rwr~ryrV)r>rorVrWrpr3)r�r�r�)�_get_role_config�_resolve_source_credentialsrHrirPrr3r@r�r!r�r�)rhr?�role_configrorWr'r(r{r~r��	refreshers           r:r!z.AssumeRoleProvider._load_creds_via_assume_role�s���+�+�L�9��!�=�=���
���
�'�O�O�,?�@���(�,=�J�(�)�!�o�o�m�4���"�'2�J�|�$� �_�_�\�2�
��!�)3�J�~�&�&�?�?�+=�>���'�,<�J�(�)�-��/�/�1� ��,�!�����*�*�

���-�-�	��!�3�I�>�I�
.��;�;�#�#�
�	
r<c��|jjdi�}||}|jd�}|d}|jd�}|jd�}|jd�}|jd�}	|jd�}
||||	||d	�}|
�	t|
�|d<|�|�t	d
|z���|�|�t|jd�
��|�|j||�|S|j||�|S#t$rY�cwxYw)z?Retrieves and validates the role configuration for the profile.r��source_profilerV�credential_sourcer{r(r'r~)rVr(r{r'r/r0zDThe profile "%s" contains both source_profile and credential_source.�rz#source_profile or credential_sourcer�)	r�rHrY�
ValueErrorrrr��_validate_credential_source�_validate_source_profile)rhr?r�r&r/rVr0r{r(r'r~r,s            r:r*z#AssumeRoleProvider._get_role_configsZ���&�&�*�*�:�r�:���<�(�� ���%5�6���:�&��#�K�K�(;�<���[�[��.�
��k�k�-�0��#�K�K�(;�<��"�;�;�'9�:��!�&�$�!2�,�!2�

���'�
�25�6F�2G��.�/��(�^�-G�$�)�+7�8��
��
&�>�+A�)����>��
��
*��,�,�\�;L�M���
�)�)�,��G����-�
��
�s�C?�?	D�
Dc��|j�td|�d|�d����|jj|�std|�d|�d����y)NzThe credential_source "z" is specified in profile "z)", but no source provider was configured.r1zThe credential source "z" referenced in profile "z" is not valid.)rr�is_supported)rh�parent_profiler0s   r:r3z.AssumeRoleProvider._validate_credential_source5s����#�#�+�$�.�/@�.A�B$�$2�#3�4=�>��
��'�'�4�4�5F�G�$�.�/@�.A�B$�$2�#3�3C�E��
�Hr<c�X�t|j|�|j|�g�Sr6)�any�_has_static_credentialsr r%s  r:�_source_profile_has_credentialsz2AssumeRoleProvider._source_profile_has_credentialsFs0����,�,�W�5��1�1�'�:�
�
�	
r<c��|jjdi�}||vrtd|�d|�d����||}||jvry||k7rt	||j���|j|�st	||j���y)Nr�zThe source_profile "z" referenced in the profile "z" does not exist.r1)r/�visited_profiles)r�rHrrrr:)rh�parent_profile_name�source_profile_namer�r/s     r:r4z+AssumeRoleProvider._validate_source_profileNs����&�&�*�*�:�r�:���h�.�$�+�,?�+@�A%�%8�$9�9K�M��
�"�"5�6���d�&<�&<�<���"5�5�)�2�!%�!7�!7��
��+�+�N�;�)�2�!%�!7�!7��
�<r<c�4��ddg}t�fd�|D��S)Nr�r�c3�&�K�|]}|�v���
y�wr6r�)�.0�
static_keyr&s  �r:�	<genexpr>z=AssumeRoleProvider._has_static_credentials.<locals>.<genexpr>vs�����G�Z�:��(�G���)r9)rhr&�static_keyss ` r:r:z*AssumeRoleProvider._has_static_credentialsts���.�0C�D���G�;�G�G�Gr<c��|jd�}|�|j||�S|d}|jj|�|j	|�S)Nr0r/)rH� _resolve_credentials_from_sourcerr��!_resolve_credentials_from_profile)rhr,r?r0r/s     r:r+z.AssumeRoleProvider._resolve_source_credentialsxsb��'�O�O�,?�@���(��8�8�!�<��
�%�%5�6�����%�%�n�5��5�5�n�E�Er<c��|jjdi�}||}|j|�r|js|j	|�S|j|�s|j|�sM|jj
|d��}t|�}|j�}|�d}t||z���|S|j|�S)Nr�TrBz.The source profile "%s" must have credentials.r1)r�rHr:r�(_resolve_static_credentials_from_profiler rErVr�rr!)rhr?r�r&r^�
profile_chainr��
error_messages        r:rIz4AssumeRoleProvider._resolve_credentials_from_profile�s����&�&�*�*�:�r�:���<�(��
�(�(��1��2�2��@�@��I�I�
�
)�
)��
��2�2�7�;� $� >� >� H� H�)�!%�!I�!��/�/@�A�M�'�8�8�:�K��"�D��)�+�l�:������/�/��=�=r<c��	t|d|d|jd���S#t$r%}t|jt|����d}~wwxYw)Nr�r�r�r r�)r�rHr�rr��str)rhr&r�s   r:rKz;AssumeRoleProvider._resolve_static_credentials_from_profile�s_��		��"�#6�7�"�#:�;��k�k�"5�6��
��
�	�)����s�1�v��
��	�s�"%�	A� A�Ac�`�|jj|�}|�t|d|z���|S)NzBNo credentials found in credential_source referenced in profile %sr)rror)rhr0r?r�s    r:rHz3AssumeRoleProvider._resolve_credentials_from_source�sJ���.�.�A�A��
����*�*�$�&2�3��
��r<)r�r�r�r�r�r#r$�EXPIRY_WINDOW_SECONDSrnrjr�r r!r*r3r;r4r:r+rIrKrHr�r<r:rNrNysy��
�F��N� �O�!:��$������!%�<6�|H�	
�*
�X/�b�"
�$�LH�	F�>�B
�r<rNc�L�eZdZdZdZdddd�Z			d
d�Zd�Zd	�Zd
�Z	d�Z
d�Zy)r�zassume-role-with-web-identityN�AWS_WEB_IDENTITY_TOKEN_FILE�AWS_ROLE_SESSION_NAME�AWS_ROLE_ARN)rr'rVc�v�||_||_||_||_d|_||_|�t}||_yr6)r3r�rPr��_profile_config�_disable_env_varsr�_token_loader_cls)rhr=r>r?r3rC�token_loader_clss       r:rjz*AssumeRoleWithWebIdentityProvider.__init__�sG����
�'���-���)���#���!1����#�9��!1��r<c�"�|j�Sr6)�_assume_role_with_web_identityrus r:r�z&AssumeRoleWithWebIdentityProvider.load�s���2�2�4�4r<c���|j�C|j�}|jdi�}|j|ji�|_|jj|�Sr)rWr�rHr�)rh�key�
loaded_configr�s    r:�_get_profile_configz5AssumeRoleWithWebIdentityProvider._get_profile_config�s^�����'� �-�-�/�M�$�(�(��R�8�H�#+�<�<��0B�0B�B�#G�D� ��#�#�'�'��,�,r<c��|jry|jj|�}|r%|tjvrtj|Syr6)rX�_CONFIG_TO_ENV_VARrHr8r�)rhr^�env_keys   r:�_get_env_configz1AssumeRoleWithWebIdentityProvider._get_env_config�sD���!�!���)�)�-�-�c�2���w�"�*�*�,��:�:�g�&�&�r<c�N�|j|�}|�|S|j|�Sr6)rdr`)rhr^�	env_values   r:�_get_configz-AssumeRoleWithWebIdentityProvider._get_config�s/���(�(��-�	�� ����'�'��,�,r<c�L�|jd�}|sy|j|�}|jd�}|sd}t|���i}|jd�}|�||d<t|j||||j
��}t
|j|j��S)	NrrVz�The provided profile or the current environment is configured to assume role with web identity but has no role ARN configured. Ensure that the profile has the role_arnconfiguration set or the AWS_ROLE_ARN env var is set.r1r'rO)r>r�rVrWr3r�)	rgrYrr�rPr3r!r�r@)rh�
token_path�token_loaderrVrrWr'r�s        r:r\z@AssumeRoleWithWebIdentityProvider._assume_role_with_web_identity�s����%�%�&?�@�
����-�-�j�9���#�#�J�/���H�
�%�y�9�9��
� �,�,�-@�A���(�,=�J�(�)�<��/�/�&2��!��*�*�
��.��;�;�!�3�3�
�	
r<)NFN)r�r�r�r�r�rbrjr�r`rdrgr\r�r<r:r�r��sF��
,�F��N�#@�4�"������2�&5�-��-�"
r<r�c�0�eZdZd�Zd�Zd�Zd�Zd�Zd�Zy)rPc��||_yr6)�
_providers�rhrEs  r:rjz'CanonicalNameCredentialSourcer.__init__s	��#��r<c�X�||jD�cgc]}|j��c}vScc}w)aLValidates a given source name.

        :type source_name: str
        :param source_name: The value of credential_source in the config
            file. This is the canonical name of the credential provider.

        :rtype: bool
        :returns: True if the credential provider is supported,
            False otherwise.
        )rmr�)rh�source_namer�s   r:r6z+CanonicalNameCredentialSourcer.is_supporteds'������I�A�q�/�/�I�I�I��Is�'c��|j|�}t|t�r|j�S|j	�S)aLoads source credentials based on the provided configuration.

        :type source_name: str
        :param source_name: The value of credential_source in the config
            file. This is the canonical name of the credential provider.

        :rtype: Credentials
        )�
_get_providerr�rVr�r�)rhrp�sources   r:roz1CanonicalNameCredentialSourcer.source_credentials+s:���#�#�K�0���f�0�1��*�*�,�,��{�{�}�r<c��|j|�}|j�dvr$|jd�}|�|�|St||g�S|�t	|���|S)a#Return a credential provider by its canonical name.

        :type canonical_name: str
        :param canonical_name: The canonical name of the provider.

        :raises UnknownCredentialError: Raised if no
            credential provider by the provided name
            is found.
        )�sharedconfig�sharedcredentialsr��name)�_get_provider_by_canonical_name�lower�_get_provider_by_methodrVr)rh�canonical_namerr\s    r:rrz,CanonicalNameCredentialSourcer._get_provider9sv���7�7��G�����!�%J�J�#'�#?�#?�
�#N� �#�/�
�#�/�/�
*�+?��*J�K�K���(�n�=�=��r<c��|jD]6}|j}|s�|j�|j�k(s�4|cSy)z�Return a credential provider by its canonical name.

        This function is strict, it does not attempt to address
        compatibility issues.
        N)rmr�rz)rhr|rrxs    r:ryz>CanonicalNameCredentialSourcer._get_provider_by_canonical_name_s@�����	 �H��*�*�D���
�
���(<�(<�(>�>���		 r<c�L�|jD]}|j|k(s�|cSy)z0Return a credential provider by its METHOD name.N)rmr�)rhr�rs   r:r{z6CanonicalNameCredentialSourcer._get_provider_by_methodks&�����	 �H����&�(���	 r<N)	r�r�r�rjr6rorrryr{r�r<r:rPrPs"��$�J��$�L
 � r<rPc�P�eZdZdZdZdZdZdZdZdd�Z	d	�Z
d
�Zd�Zd�Z
d
�Zd�Zy)rKzcontainer-role�EcsContainer�&AWS_CONTAINER_CREDENTIALS_RELATIVE_URI�"AWS_CONTAINER_CREDENTIALS_FULL_URI�!AWS_CONTAINER_AUTHORIZATION_TOKEN�&AWS_CONTAINER_AUTHORIZATION_TOKEN_FILENc�\�|�tj}|�
t�}||_||_yr6)r8r�rr��_fetcher)rhr�r�s   r:rjzContainerProvider.__init__zs+���?��j�j�G��?�.�0�G���
���
r<c��|j|jvs|j|jvr|j�Syr6)�ENV_VARr��ENV_VAR_FULL�_retrieve_or_failrus r:r�zContainerProvider.load�s:���<�<�4�=�=�(�D�,=�,=����,N��)�)�+�+�-Or<c
�J�|j�r3|jj|j|j�}n|j|j
}|j
|�}|�}t|d|d|d|jt|d�|��S)Nr!r"r#r�)r!r"r#r�r�r�)
�_provided_relative_urir��full_urlr�r�r��_create_fetcherr�r�r�)rh�full_urir�rDs    r:r�z#ContainerProvider._retrieve_or_fail�s����&�&�(��}�}�-�-�d�m�m�D�L�L�.I�J�H��}�}�T�%6�%6�7�H��&�&�x�0���	��%��\�*��\�*���.��;�;�(��}�)=�>�!�

�	
r<c�\�d}|j|jvr>|j|j}t|�5}|j�}ddd�n1|j|jvr|j|j}|�|j|�d|iSy#1swY�!xYw)N�
Authorization)�ENV_VAR_AUTH_TOKEN_FILEr��open�read�ENV_VAR_AUTH_TOKEN�_validate_auth_token)rh�
auth_token�auth_token_file_path�
token_files    r:�_build_headersz ContainerProvider._build_headers�s����
��'�'�4�=�=�8�#'�=�=��1M�1M�#N� ��*�+�
/�z�'�_�_�.�
�
/�
/�
�
$�
$��
�
�
5����t�'>�'>�?�J��!��%�%�j�1�#�Z�0�0�"�	
/�
/�s�B"�"B+c�*�d|vsd|vrtd��y)N�
�
z,Auth token value is not a legal header value)r2)rhr�s  r:r�z&ContainerProvider._validate_auth_token�s"���:����!3��K�L�L�"4r<c������fd�}|S)Nc���	�j�}�jj�|��}|d|d|d|d	d
�S#t$r=}tjd|d��t
�jt|����d}~wwxYw)N)�headersz'Error retrieving container metadata: %sTrrr�r��Tokenr�r�)	r�r��retrieve_full_urirrTrUrr�rO)r�r�r�r�rhs   ��r:�fetch_credsz6ContainerProvider._create_fetcher.<locals>.fetch_creds�s����
��-�-�/���=�=�:�:��g�;���'�}�5�&�'8�9�!�'�*�'��5�	�
��*�
����=�q�4���/�!�[�[�C��F����	
�s�-A�	B	�8B�B	r�)rhr�rfr�r�s``   r:r�z!ContainerProvider._create_fetcher�s���	�(�r<c�2�|j|jvSr6)r�r�rus r:r�z(ContainerProvider._provided_relative_uri�s���|�|�t�}�}�,�,r<r�)r�r�r�r�r�r�r�r�r�rjr�r�r�r�r�r�r�r<r:rKrKrsF��
�F�#�N�6�G�7�L�<��F�� �,�
� 
1�M��.-r<rKc�6�eZdZd�Zd�Zd�Zd�Zd�Zd�Zd�Z	y)	rVc��||_y)zQ

        :param providers: A list of ``CredentialProvider`` instances.

        NrDrns  r:rjzCredentialResolver.__init__�s��#��r<c���	|jD�cgc]}|j��c}j|�}|jj||�ycc}w#t$r
t	|���wxYw)a=
        Inserts a new instance of ``CredentialProvider`` into the chain that
        will be tried before an existing one.

        :param name: The short name of the credentials you'd like to insert the
            new credentials before. (ex. ``env`` or ``config``). Existing names
            & ordering can be discovered via ``self.available_methods``.
        :type name: string

        :param cred_instance: An instance of the new ``Credentials`` object
            you'd like to add to the chain.
        :type cred_instance: A subclass of ``Credentials``
        rwN)rEr��indexr2r�insert)rhrx�credential_providerr��offsets     r:�
insert_beforez CredentialResolver.insert_before�s`��	4�(,���7�1�a�h�h�7�=�=�d�C�F�	
�����f�&9�:��8���	4�(�d�3�3�	4�s�A�A�A�A�A-c�d�|j|�}|jj|dz|�y)a9
        Inserts a new type of ``Credentials`` instance into the chain that will
        be tried after an existing one.

        :param name: The short name of the credentials you'd like to insert the
            new credentials after. (ex. ``env`` or ``config``). Existing names
            & ordering can be discovered via ``self.available_methods``.
        :type name: string

        :param cred_instance: An instance of the new ``Credentials`` object
            you'd like to add to the chain.
        :type cred_instance: A subclass of ``Credentials``
        r�N)�_get_provider_offsetrEr�)rhrxr�r�s    r:�insert_afterzCredentialResolver.insert_after�s-���*�*�4�0�������f�q�j�*=�>r<c��|jD�cgc]}|j��}}||vry|j|�}|jj|�ycc}w)z�
        Removes a given ``Credentials`` instance from the chain.

        :param name: The short name of the credentials instance to remove.
        :type name: string
        N)rEr�r��pop)rhrxr��available_methodsr�s     r:rSzCredentialResolver.remove�sS��04�~�~�>�!�Q�X�X�>��>��(�(��"�(�(��.�������6�"��
?s�Ac�>�|j|j|�S)z�Return a credential provider by name.

        :type name: str
        :param name: The name of the provider.

        :raises UnknownCredentialError: Raised if no
            credential provider by the provided name
            is found.
        )rEr�)rhrxs  r:�get_providerzCredentialResolver.get_providers���~�~�d�7�7��=�>�>r<c��	|jD�cgc]}|j��c}j|�Scc}w#t$r
t	|���wxYw)Nrw)rEr�r�r2r)rhrxr�s   r:r�z'CredentialResolver._get_provider_offsetsH��	4�&*�n�n�5��A�H�H�5�;�;�D�A�A��5���	4�(�d�3�3�	4�s�:�5�:�:�Ac��|jD]8}tjd|j�|j	�}|��6|cSy)zw
        Goes through the credentials chain, returning the first ``Credentials``
        that could be loaded.
        zLooking for credentials via: %sN)rErTrUr�r�)rhrrDs   r:r�z#CredentialResolver.load_credentialssE�����	�H��L�L�:�H�O�O�L��M�M�O�E�� ���		�r<N)
r�r�r�rjr�r�rSr�r�r�r�r<r:rVrV�s%��#�;�(?�"
#�
?�4�r<rVc�@��eZdZdZ					d�fd�	Zd�Zd�Zd�Z�xZS)�SSOCredentialFetcherz%Y-%m-%dT%H:%M:%SZc���||_||_||_||_||_||_|	|_|
|_t�|�%||�yr6)
rP�_sso_region�
_role_name�_account_id�
_start_url�
_token_loader�_token_provider�_sso_session_namer$rj)rh�	start_url�
sso_regionr��
account_idr>rjr3r/r��sso_session_namer%s           �r:rjzSSOCredentialFetcher.__init__*sS��� .���%���#���%���#���)���-���!1���
���� 5�6r<c�,�|j|jd�}|jr|j|d<n|j|d<t	j
|dd��}t
|jd��j�}|j|�S)r\)�roleName�	accountId�sessionName�startUrlT)�,r4)r^�
separatorsr_)
r�r�r�r�r`rbrrcrdr;res   r:r+z&SSOCredentialFetcher._create_cache_keyAs�������)�)�
���!�!�"&�"8�"8�D���#���D����z�z�$�$�:�F���T�[�[��1�2�<�<�>�
��#�#�M�2�2r<c��|dz}tjj|t��}|j|j�S)Ng@�@)r��
fromtimestampr	r��_UTC_DATE_FORMAT)rh�timestamp_ms�timestamp_seconds�	timestamps    r:�_parse_timestampz%SSOCredentialFetcher._parse_timestampWs?��(�6�1���%�%�3�3�4E�u�w�O�	��!�!�$�"7�"7�8�8r<c��tt|j��}|jd|��}|jr5|jj�}|j
�j}n|j|j�d}|j|j|d�}	|jd
i|��}|d}d|d|d|d	|j!|d
�d�d�}|S#|jj$rt��wxYw)z4Get credentials by calling SSO get role credentials.)r�r4�ssor��accessToken)r�r�r��roleCredentials�accessKeyId�secretAccessKey�sessionTokenrE)r�r�r�r�)�ProviderTyper�r�)r
r
r�rPr��
load_token�get_frozen_tokenr#r�r�r�r��get_role_credentials�
exceptions�UnauthorizedExceptionrr�)rhr1r��initial_token_datar#r�r�r�s        r:r=z%SSOCredentialFetcher._get_credentials]s(���&��(�(�
���%�%�e�F�%�;�����!%�!5�!5�!@�!@�!B��&�7�7�9�?�?�E��&�&�t���7�
�F�E�����)�)� �
��
	.�2�v�2�2�<�V�<�H��0�1��"�*�=�9�#.�/@�#A� +�N� ;�"�3�3�K��4M�N�	�
������ � �6�6�	.�+�-�-�	.�s�)C'�'$D)NNNNN)	r�r�r�r�rjr+r�r=r&r's@r:r�r�'s.���+����"���7�.3�,9�!r<r�c��eZdZdZej
j
ej
jdddd��ZdZ	dZ
e	e
zZ			dd�Zd	�Z
d
�Zd�Zy)
r�r��~z.awsr3)�
sso_role_name�sso_account_id)�
sso_start_urlr�Nc��|�t|j�}||_||_|�i}||_||_||_||_yr6)r�_SSO_TOKEN_CACHE_DIR�_token_cacher�r3r�rPr�)rhr=r>r?r3r�r�s       r:rjzSSOProvider.__init__�sS����'��(A�(A�B�K�'���-����=��E���
�'���-���)��r<c����|j�}|jdi�}|j}|j|ji��|jdi�}t�fd�|jD��ry|j�|�\}}i}g}|j|z}	|	D] }
|
|vr	||
||
<�|j|
��"|r#dj|�}td|�d|�����|S)Nr��sso_sessionsc3�&�K�|]}|�v���
y�wr6r�)rB�cr�s  �r:rDz/SSOProvider._load_sso_config.<locals>.<genexpr>�s�����
�()�A�^�#�
�rErz
The profile "zB" is configured to use SSO but is missing required configuration: r1)
r�rHr��all�_PROFILE_REQUIRED_CONFIG_VARS�_resolve_sso_session_reference�_ALL_REQUIRED_CONFIG_VARSr�rr)
rhr_r�r?r��resolved_config�
extra_reqsr1�missing_config_vars�all_required_configs�
config_var�missingr�s
            @r:�_load_sso_configzSSOProvider._load_sso_config�s����)�)�+�
� �$�$�Z��4���)�)��!���d�&8�&8�"�=��$�(�(���<���
�-1�-O�-O�
�
��&*�&I�&I��L�'
�#����� ��#�=�=�
�J��.�	7�J��_�,�%4�Z�%@��z�"�#�*�*�:�6�		7���i�i� 3�4�G�$�5A�'�K��
��
r<c�(�|jd�}|�|dfS||vrd|�d�}t|���|j�}||}|j�D]:\}}|j||�|k7rd|�d||�d|�d	�}t|���|||<�<|d
fS)N�sso_sessionr�z+The specified sso-session does not exist: "�"r1zThe value for z" is inconsistent between profile (z) and sso-session (z).)r�)rHr�copy�items)	rhr�r�r�rr1r9r��vals	         r:r�z*SSOProvider._resolve_sso_session_reference�s���)�-�-�m�<���#�!�2�%�%��<�/�E�FV�EW�WX�Y�I�$�y�9�9��$�$�&���/�0��&�}�}��	%�O�J���z�z�*�c�*�c�1�$�Z�L�1 � &�z� 2�3�3F�s�e�2�O��)�9�=�=�!$�F�:��	%��'�'�'r<c�2�|j�}|sy|d|d|d|d|jt|j��|jd�}d|vr|d|d<|j
|d	<t
di|��}t|j|j�
�S)Nr�r�r�r�)r3)r�r�r�r�r>rjr3r�r�r�r�r�)
r�rPrr�r3r�r�r!r�r@)rh�
sso_config�fetcher_kwargs�sso_fetchers    r:r�zSSOProvider.load�s����*�*�,�
���$�O�4�$�\�2�#�O�4�$�%5�6�"�2�2�*��1B�1B�C��Z�Z�
���J�&�1;�M�1J�N�-�.�/3�/C�/C�N�+�,�*�<�^�<��-��;�;�%�7�7�
�	
r<r�)r�r�r�r�r8r�r�rr�r��_SSO_REQUIRED_CONFIG_VARSr�rjr�r�r�r�r<r:r�r��sr��
�F��7�7�-�-�
�����S�&�%��1���%�!�!��
	&�(A�A�����*�("�H(�.
r<r�r�r�)Tr�rnr`�loggingr8r�r�rZ�collectionsrr�r�hashlibr�dateutil.parserr�dateutil.tzrr	�botocore.compatr��botocore.configloaderr
rr�botocore.configr
�botocore.exceptionsrrrrrrrrr�botocore.tokensr�botocore.utilsrrrrrrr�	getLoggerr�rTrrrIrarMr�r�r�r�rOr�r�r�r�r!r)rLrir�r�rwrLrJrQr|r�rRrNr�rPrKrVr�r�r�r<r:�<module>rs������	����"���!�&����=�"�
�
�
�-����
��	�	�8�	$�� ��@���&-�"�$+�!�]�@J
�J
�Z'�
,����
� &�$#
�#
�Le(�[�e(�P	2�%;�2�.B5�B5�J23�&=�23�jW
�"A�W
�t@"�#�@"�F+�+�\G8�(�G8�T�1��:{!�$�{!�| �,� �F+,�1�+,�\92�'�92�x*�%�*�ZE�+�E�P
V
�(:�V
�rU �U �pN-�*�N-�ba�a�HW�2�W�tx
�$�x
r<
¿Qué es la limpieza dental de perros? - Clínica veterinaria


Es la eliminación del sarro y la placa adherida a la superficie de los dientes mediante un equipo de ultrasonidos que garantiza la integridad de las piezas dentales a la vez que elimina en profundidad cualquier resto de suciedad.

A continuación se procede al pulido de los dientes mediante una fresa especial que elimina la placa bacteriana y devuelve a los dientes el aspecto sano que deben tener.

Una vez terminado todo el proceso, se mantiene al perro en observación hasta que se despierta de la anestesia, bajo la atenta supervisión de un veterinario.

¿Cada cuánto tiempo tengo que hacerle una limpieza dental a mi perro?

A partir de cierta edad, los perros pueden necesitar una limpieza dental anual o bianual. Depende de cada caso. En líneas generales, puede decirse que los perros de razas pequeñas suelen acumular más sarro y suelen necesitar una atención mayor en cuanto a higiene dental.


Riesgos de una mala higiene


Los riesgos más evidentes de una mala higiene dental en los perros son los siguientes:

  • Cuando la acumulación de sarro no se trata, se puede producir una inflamación y retracción de las encías que puede descalzar el diente y provocar caídas.
  • Mal aliento (halitosis).
  • Sarro perros
  • Puede ir a más
  • Las bacterias de la placa pueden trasladarse a través del torrente circulatorio a órganos vitales como el corazón ocasionando problemas de endocarditis en las válvulas. Las bacterias pueden incluso acantonarse en huesos (La osteomielitis es la infección ósea, tanto cortical como medular) provocando mucho dolor y una artritis séptica).

¿Cómo se forma el sarro?

El sarro es la calcificación de la placa dental. Los restos de alimentos, junto con las bacterias presentes en la boca, van a formar la placa bacteriana o placa dental. Si la placa no se retira, al mezclarse con la saliva y los minerales presentes en ella, reaccionará formando una costra. La placa se calcifica y se forma el sarro.

El sarro, cuando se forma, es de color blanquecino pero a medida que pasa el tiempo se va poniendo amarillo y luego marrón.

Síntomas de una pobre higiene dental
La señal más obvia de una mala salud dental canina es el mal aliento.

Sin embargo, a veces no es tan fácil de detectar
Y hay perros que no se dejan abrir la boca por su dueño. Por ejemplo…

Recientemente nos trajeron a la clínica a un perro que parpadeaba de un ojo y decía su dueño que le picaba un lado de la cara. Tenía molestias y dificultad para comer, lo que había llevado a sus dueños a comprarle comida blanda (que suele ser un poco más cara y llevar más contenido en grasa) durante medio año. Después de una exploración oftalmológica, nos dimos cuenta de que el ojo tenía una úlcera en la córnea probablemente de rascarse . Además, el canto lateral del ojo estaba inflamado. Tenía lo que en humanos llamamos flemón pero como era un perro de pelo largo, no se le notaba a simple vista. Al abrirle la boca nos llamó la atención el ver una muela llena de sarro. Le realizamos una radiografía y encontramos una fístula que llegaba hasta la parte inferior del ojo.

Le tuvimos que extraer la muela. Tras esto, el ojo se curó completamente con unos colirios y una lentilla protectora de úlcera. Afortunadamente, la úlcera no profundizó y no perforó el ojo. Ahora el perro come perfectamente a pesar de haber perdido una muela.

¿Cómo mantener la higiene dental de tu perro?
Hay varias maneras de prevenir problemas derivados de la salud dental de tu perro.

Limpiezas de dientes en casa
Es recomendable limpiar los dientes de tu perro semanal o diariamente si se puede. Existe una gran variedad de productos que se pueden utilizar:

Pastas de dientes.
Cepillos de dientes o dedales para el dedo índice, que hacen más fácil la limpieza.
Colutorios para echar en agua de bebida o directamente sobre el diente en líquido o en spray.

En la Clínica Tus Veterinarios enseñamos a nuestros clientes a tomar el hábito de limpiar los dientes de sus perros desde que son cachorros. Esto responde a nuestro compromiso con la prevención de enfermedades caninas.

Hoy en día tenemos muchos clientes que limpian los dientes todos los días a su mascota, y como resultado, se ahorran el dinero de hacer limpiezas dentales profesionales y consiguen una mejor salud de su perro.


Limpiezas dentales profesionales de perros y gatos

Recomendamos hacer una limpieza dental especializada anualmente. La realizamos con un aparato de ultrasonidos que utiliza agua para quitar el sarro. Después, procedemos a pulir los dientes con un cepillo de alta velocidad y una pasta especial. Hacemos esto para proteger el esmalte.

La frecuencia de limpiezas dentales necesaria varía mucho entre razas. En general, las razas grandes tienen buena calidad de esmalte, por lo que no necesitan hacerlo tan a menudo e incluso pueden pasarse la vida sin requerir una limpieza. Sin embargo, razas pequeñas como el Yorkshire o el Maltés, deben hacérselas todos los años desde cachorros si se quiere conservar sus piezas dentales.

Otro factor fundamental es la calidad del pienso. Algunas marcas han diseñado croquetas que limpian la superficie del diente y de la muela al masticarse.

Ultrasonido para perros

¿Se necesita anestesia para las limpiezas dentales de perros y gatos?

La limpieza dental en perros no es una técnica que pueda practicarse sin anestesia general , aunque hay veces que los propietarios no quieren anestesiar y si tiene poco sarro y el perro es muy bueno se puede intentar…… , pero no se va a poder pulir ni acceder a todas la zona de la boca …. Además los limpiadores dentales van a irrigar agua y hay riesgo de aspiración a vías respiratorias si no se realiza una anestesia correcta con intubación traqueal . En resumen , sin anestesia no se va hacer una correcta limpieza dental.

Tampoco sirve la sedación ya que necesitamos que el animal esté totalmente quieto, y el veterinario tenga un acceso completo a todas sus piezas dentales y encías.

Alimentos para la limpieza dental

Hay que tener cierto cuidado a la hora de comprar determinados alimentos porque no todos son saludables. Algunos tienen demasiado contenido graso, que en exceso puede causar problemas cardiovasculares y obesidad.

Los mejores alimentos para los dientes son aquellos que están elaborados por empresas farmacéuticas y llevan componentes químicos con tratamientos específicos para el diente del perro. Esto implica no solo limpieza a través de la acción mecánica de morder sino también un tratamiento antibacteriano para prevenir el sarro.

Conclusión

Si eres como la mayoría de dueños, por falta de tiempo , es probable que no estés prestando la suficiente atención a la limpieza dental de tu perro. Por eso te animamos a que comiences a limpiar los dientes de tu perro y consideres atender a su higiene bucal con frecuencia.

Estas simples medidas pueden conllevar a que tu perro tenga una vida más larga y mucho más saludable.

Si te resulta imposible introducir un cepillo de dientes a tu perro en la boca, pásate con él por clínica Tus Veterinarios y te explicamos cómo hacerlo.

Necesitas hacer una limpieza dental profesional a tu mascota?
Llámanos al 622575274 o contacta con nosotros

Deja un comentario

Tu dirección de correo electrónico no será publicada. Los campos obligatorios están marcados con *

¡Hola!