+ i+JRt^RIHt^RIHt^RIHtR RltRtRt Rt R#) zUtilites for mutual TLS.)getenv) exceptions) _mtls_helpercV'd*\P!\P4eR#\P!\P4eR#\ R4pV'd\P!V4eR#R#)aCheck if default client SSL credentials exists on the device. Args: include_context_aware (bool): include_context_aware indicates if context_aware path location will be checked or should it be skipped. Returns: bool: indicating if the default client cert source exists. TGOOGLE_API_CERTIFICATE_CONFIGF)r_check_config_pathCONTEXT_AWARE_METADATA_PATH&CERTIFICATE_CONFIGURATION_DEFAULT_PATHr)include_context_awarecert_config_paths& m/Users/igloo/.openclaw/workspace/scratch/fb_ad_env/lib/python3.14/site-packages/google/auth/transport/mtls.pyhas_default_client_cert_sourcer su   + +L,T,T U ''  ? ?   =>  + +,< = I c\\RR7'g\P!R4hRpV#)alGet a callback which returns the default client SSL credentials. Returns: Callable[[], [bytes, bytes]]: A callback which returns the default client certificate bytes and private key bytes, both in PEM format. Raises: google.auth.exceptions.DefaultClientCertSourceError: If the default client SSL credentials don't exist or are malformed. Tr z(Default client cert source doesn't existc\P!4wrpW3# \\\3dp\ P !T4pYChRp?ii;i)N)rget_client_cert_and_keyOSError RuntimeError ValueErrorrMutualTLSChannelError)_ cert_bytes key_bytes caught_excnew_excs r callback,default_client_cert_source..callbackGsT *'3'K'K'M $A9 $$ z2 * 66zBG ) *sAA  Ar rr)rs r default_client_cert_sourcer7s1 * E E.. 6  % Orchaa\RR7'g\P!R4hVV3RlpV#)a<Get a callback which returns the default encrpyted client SSL credentials. Args: cert_path (str): The cert file path. The default client certificate will be written to this file when the returned callback is called. key_path (str): The key file path. The default encrypted client key will be written to this file when the returned callback is called. Returns: Callable[[], [str, str, bytes]]: A callback which generates the default client certificate, encrpyted private key and passphrase. It writes the certificate and private key into the cert_path and key_path, and returns the cert_path, key_path and passphrase bytes. Raises: google.auth.exceptions.DefaultClientCertSourceError: If any problem occurs when loading or saving the client certificate and key. Trz2Default client encrypted cert source doesn't existc<\P!RR7wpppp\SR4;_uu_4pVPV4RRR4\S R4;_uu_4pVPV4RRR4SS T3# +'giLC;i +'giL(;i \P \ 3dp\P!T4pYvhRp?ii;i)T)generate_encrypted_keywbN)rget_client_ssl_credentialsopenwriterClientCertErrorrr) rrrpassphrase_bytes cert_filekey_filerr cert_pathkey_paths r r6default_client_encrypted_cert_source..callbackks * 77tT   i&&) +'h%%y)& ($444'&%%**G4 * 66zBG ) *sL0B&BB&!B3B& B B& B# B&#B&&CCCr)r+r,rsff r $default_client_encrypted_cert_sourcer.Ss2& * E E.. @  5$ Orc,\P!4#)a<Returns boolean for whether the client certificate should be used for mTLS. This is a wrapper around _mtls_helper.check_use_client_cert(). If GOOGLE_API_USE_CLIENT_CERTIFICATE is set to true or false, a corresponding bool value will be returned If GOOGLE_API_USE_CLIENT_CERTIFICATE is unset, the value will be inferred by reading a file pointed at by GOOGLE_API_CERTIFICATE_CONFIG, and verifying it contains a "workload" section. If so, the function will return True, otherwise False. Returns: bool: indicating whether the client certificate should be used for mTLS. )rcheck_use_client_certrr should_use_client_certr2s  - - //rN)T) __doc__osr google.authrgoogle.auth.transportrr rr.r2r1rr r7s)".@8*Z0r