Skip to main content

Pyramid OAuthLib integration

Project description

Pyramid OAuthLib

https://travis-ci.org/tilgovi/pyramid-oauthlib.svg?branch=master http://img.shields.io/coveralls/tilgovi/pyramid-oauthlib.svg

Pyramid OAuthLib is a library to integrate the excellent OAuthLib library easily into Pyramid applications. It is designed to ease development of OAuth applications, provide smooth migration possibilites to legacy codebases using other authentication or authorization schemes, and configuration patterns for creating pluggable OAuth components for Pyramid.

NOTICE: Pyramid OAuthLib is not feature complete! It is missing the hooks for token revocation. While this shouldn’t be hard to add, it wasn’t a priority to get the initial version released.

Usage Overview

Configuration:

def includeme(config):
    """Integration with OAuthLib is as smooth as possible."""
    from oauthlib.oauth2 import BearerToken, AuthorizationCodeGrant

    # Validator callback functions are passed Pyramid request objects so
    # you can access your request properties, database sessions, etc.
    # The request object is populated with accessors for the properties
    # referred to in the OAuthLib docs and used by its built in types.
    validator = MyRequestValidator()

    # Register response types to create grants.
    config.add_response_type('oauthlib.oauth2.AuthorizationCodeGrant',
                             name='code',
                             request_validator=validator)

    # Register grant types to validate token requests.
    config.add_grant_type('oauthlib.oauth2.AuthorizationCodeGrant',
                          name='authorization_code',
                          request_validator=validator)

    # Register the token types to use at token endpoints.
    # The second parameter to all registrations may be left out to set it
    # as default to use when no corresponding request parameter specifies
    # the grant, response or token type. Be aware that the built in types
    # will fail if a matching request parameter is missing, though.
    config.add_token_type('oauthlib.oauth2.BearerToken',
                          request_validator=validator)

Token response:

def access_token(request):
    """Core functionality is available directly from the request.

    Responses from OAuthLib are wrapped in a response object of type
    :class:`pyramid.response.Response` so they can be returned directly
    from views.
    """
    userid = request.authenticated_userid
    if userid is not None:
        credentials = dict(userId=userid)
    else:
        credentials = None

    return request.create_token_response(credentials=credentials)

Custom grant type:

from oauthlib.oauth2 import ClientCredentialsGrant, InvalidClientError
from pyramid.authentication import BadCSRFToken
from pyramid.session import check_csrf_token

class SessionGrant(ClientCredentialsGrant):

    """A combined authentication and authorization session assertion grant.

    When the Authorization Server and the Token Service are the same server
    this grant type uses a single assertion, the CSRF token, for client
    authentication and an authorization grant.[1] This works particularly
    well with :class:`pyramid.authentication.SessionAuthenticationPolicy`.

    [1] http://tools.ietf.org/html/draft-ietf-oauth-assertions-01#section-3
    """

    def validate_token_request(self, request):
        try:
            check_csrf_token(request, token='assertion')
        except BadCSRFToken:
            raise InvalidClientError(request=request)

        # An object with the confidential client_id and client_secret.
        request.client = LOCAL_CLIENT

        if request.client is None:
            raise InvalidClientError(request=request)

        request.client_id = request.client_id or request.client.client_id


def includeme(config):
    config.add_grant_type(SessionGrant, 'assertion')

License

Pyramid OAuthLib is released under the 2-Clause BSD License, sometimes referred to as the “Simplified BSD License” or the “FreeBSD License”. More license information can be found in the included LICENSE.txt file.

0.4.2 (2020-09-07)

Bug Fixes

  • Add missing parameters from OAuthLib.

0.4.1 (2019-06-28)

Bug Fixes

  • Fix duplicate_params request property.

  • Fix version specifier to indicate that OAuthLib 3 is not yet supported.

0.4.0 (2018-11-16)

Breaking Changes

  • Drop support for Pyramid 1.3 and below.

Features

  • Pyramid 1.10 support.

0.3.0 (2018-03-10)

Features

  • Python 3 support.

  • Support for password credential flow parameters.

0.2.0 (2014-11-21)

Features

  • Expose add_oauth_param as a directive on Configurator instances. OAuthLib code typically assumes these attributes exist on the request instance. Exposing this directive allows custom extensions to be more portable to non-Pyramid code by avoiding the use of request.params in favor of the transparent attribute access pattern of OAuthLib request instances.

0.1.1 (2014-08-04)

Features

  • Request methods for easy integration of OAuth flows.

  • Request parameters to integrate with OAuthLib modules.

  • Registration of new grant, response, and token types, (optionally) using dotted name resolution.

  • Introspectable configuration.

  • Full unit test coverage

Missing in this release

  • Support for revocation.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

pyramid_oauthlib-0.4.2.tar.gz (10.1 kB view details)

Uploaded Source

Built Distribution

pyramid_oauthlib-0.4.2-py2.py3-none-any.whl (7.7 kB view details)

Uploaded Python 2 Python 3

File details

Details for the file pyramid_oauthlib-0.4.2.tar.gz.

File metadata

  • Download URL: pyramid_oauthlib-0.4.2.tar.gz
  • Upload date:
  • Size: 10.1 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/3.2.0 pkginfo/1.5.0.1 requests/2.23.0 setuptools/46.1.3 requests-toolbelt/0.9.1 tqdm/4.48.2 CPython/3.8.5

File hashes

Hashes for pyramid_oauthlib-0.4.2.tar.gz
Algorithm Hash digest
SHA256 25d4ffccbf7a7ce9a19192d8a222f8ec77f8dd12ac4bd3528b0cfe8736868490
MD5 ad90ee7bb83178c74b1342802d74cf2b
BLAKE2b-256 91f75439d1b5652a2f7957e229d8055860941df82cec5301d21dfd8bdcb59678

See more details on using hashes here.

File details

Details for the file pyramid_oauthlib-0.4.2-py2.py3-none-any.whl.

File metadata

  • Download URL: pyramid_oauthlib-0.4.2-py2.py3-none-any.whl
  • Upload date:
  • Size: 7.7 kB
  • Tags: Python 2, Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/3.2.0 pkginfo/1.5.0.1 requests/2.23.0 setuptools/46.1.3 requests-toolbelt/0.9.1 tqdm/4.48.2 CPython/3.8.5

File hashes

Hashes for pyramid_oauthlib-0.4.2-py2.py3-none-any.whl
Algorithm Hash digest
SHA256 a0aa76f30b8971448dda609eea52b130b754de0d87567811e28da4b292f99915
MD5 d98767f908cf8048fd2fe4d21fcc5621
BLAKE2b-256 ced83ccfe6daec79a3943862a7aefe0d2459953930315125f435d541bdcc3b79

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page