## Introduction
EasyOIDC is a Python library that provides a simple interface to the [OpenID Connect](https://en.wikipedia.org/wiki/OpenID#OpenID_Connect_(OIDC)) protocol. It is designed to be easy to use and to integrate into existing applications. It is built on top of the Authlib library.
EasyOIDC can basically adapt to any web framework that supports session variables, route definition, and redirection. As an example, integration examples with [Flask](https://github.com/pallets/flask), [NiceGUI](https://github.com/zauberzeug/nicegui/), [Streamlit](https://github.com/streamlit/streamlit) and [Taipy](https://github.com/Avaiga/taipy) are provided.
In addition, the library has high-level classes, to integrate even more easily with [Flask](https://github.com/pallets/flask), [NiceGUI](https://github.com/zauberzeug/nicegui/) and [Taipy](https://github.com/Avaiga/taipy). The idea of the project is to gradually incorporate high-level support for new web frameworks from the Python world.
EasyOIDC has been tested with OIDC backends such as [Keycloak](https://www.keycloak.org/), [Google](https://developers.google.com/identity/openid-connect/openid-connect?hl=es-419) and [Auth0](https://auth0.com/), and could connect to virtually any [OpenID Connect](https://en.wikipedia.org/wiki/OpenID#OpenID_Connect_(OIDC)) compatible server.
## Installation
The library is available via PyPi (https://pypi.org/project/EasyOIDC/)
```bash
pip install easyoidc
```
If you are going to use it with a specific web framework, you can install it like this:
```bash
pip install easyoidc[flask]
pip install easyoidc[nicegui]
pip install easyoidc[taipy]
```
## Usage
### Flask
This is an example of how to integrate EasyOIDC with Flask:
```python
from flask import Flask
from EasyOIDC import Config, SessionHandler
from EasyOIDC.frameworks.flask import FlaskOIDClient
app = Flask(__name__)
session_storage = SessionHandler(mode='redis')
auth_config = Config('.env')
auth = FlaskOIDClient(app, auth_config=auth_config, session_storage=session_storage)
@app.route('/')
def root():
is_authenticated = auth.is_authenticated()
if is_authenticated:
userinfo = auth.get_userinfo()
return f"Welcome to the Flask app with Middleware!.<br>User authenticated={is_authenticated}<br>{userinfo}<br><a href='/logout'>Logout</a>"
else:
return f"Welcome to the Flask app with Middleware!.<br><a href='/login'>Login</a>"
if __name__ == "__main__":
app.run()
```
### NiceGUI
This is an example of how you can integrate EasyOIDC with NiceGUI:
```python
from EasyOIDC import Config, SessionHandler
from EasyOIDC.frameworks.nicegui import NiceGUIOIDClient
from nicegui import app, ui
session_storage = SessionHandler(mode='shelve')
auth_config = Config('.env')
auth = NiceGUIOIDClient(app, auth_config=auth_config, session_storage=session_storage)
@ui.page('/')
def root():
is_authenticated = auth.is_authenticated()
with ui.column().classes('absolute-center '):
if is_authenticated:
ui.markdown(f"User authenticated!")
ui.markdown(f"Name: {auth.get_userinfo()['name']}")
ui.markdown(f"Email: {auth.get_userinfo()['email']}")
ui.markdown(f"Roles: {auth.get_user_roles()}")
ui.markdown(f"<a href='/logout'>Logout</a>").classes('text-2xl')
else:
ui.markdown(f"NiceGUI demo.<br><a href='/login'>Login</a>").classes('text-2xl')
if __name__ in {"__main__", "__mp_main__"}:
ui.run(storage_secret=auth_config.cookie_secret_key, port=5000)
```
## Configuration
Your app routes and server endpoints, can be provided from json and .env files, or via a dict or code of course.
The following is an example of a .env file:
```bash
# Auth0 example configuration
# Secret keys
client_id = RqtJHUjAyEMXdgT4j2ScdOfjUhFACS9G
client_secret = diylwTR8O_Y4B8_4AFXPYRPft3z_Im14hD8suAG8OiLCRtJPuCT6yHqlELQn_Yf
cookie_secret_key = some-secret-key
# OIDC
well_known_openid_url = https://myapplication.us.auth0.com/.well-known/openid-configuration
redirect_uri = http://localhost:5000/authorize
# Application routes
app_login_route = /login
app_logout_route = /logout
app_authorize_route = /authorize
unrestricted_routes = /
post_logout_uri = http://localhost:5000
```
In that case, EasyOIDC will get the server endpoints from the well-known url. You can also adapt the file examples/.env.google to your needs.
If you want to provide the endpoints manually, you can do it as follows:
```bash
# Google endpoints configuration example:
# OIDC
well_known_openid_url = https://accounts.google.com/.well-known/openid-configuration
authorization_endpoint = https://accounts.google.com/o/oauth2/auth
token_endpoint = https://oauth2.googleapis.com/token
userinfo_endpoint = https://openidconnect.googleapis.com/v1/userinfo
token_revoke_endpoint = https://oauth2.googleapis.com/revoke
redirect_uri = http://localhost:5000/authorize
scope = openid,profile,email
```
And more examples via code:
```python
from EasyOIDC import Config
config = Config(client_id='my_client_id',
client_secret='my_client_secret',
cookie_secret_key='some-secret-key',
redirect_uri='http://localhost:5000/authorize',
well_known_openid_url='https://myapplication.us.auth0.com/.well-known/openid-configuration',
app_login_route='/login',
app_logout_route='/logout',
app_authorize_route='/authorize',
unrestricted_routes='/',
post_logout_uri='http://localhost:5000')
```
### Server session data storage
EasyOIDC needs to store some data in the server session, like tokens and authenticated user information. The library provides a SessionHandler class that can be used to store the session data in memory, in a file or in a Redis database. The SessionHandler class is initialized as follows:
```python
from EasyOIDC import SessionHandler
# Redis memory storage
session_storage = SessionHandler(mode='redis')
# or for file storage
session_storage = SessionHandler(mode='shelve')
```
Raw data
{
"_id": null,
"home_page": "https://github.com/jpmanson/EasyOIDC",
"name": "EasyOIDC",
"maintainer": null,
"docs_url": null,
"requires_python": ">=3.9",
"maintainer_email": null,
"keywords": null,
"author": "Juan Pablo Manson",
"author_email": "jpmanson@gmail.com",
"download_url": "https://files.pythonhosted.org/packages/19/d1/bfa0ac66aca9bf21ffbcad9b58e0dd41f11671f984fd95634b8c04de5926/easyoidc-0.1.10.tar.gz",
"platform": null,
"description": "## Introduction\n\nEasyOIDC is a Python library that provides a simple interface to the [OpenID Connect](https://en.wikipedia.org/wiki/OpenID#OpenID_Connect_(OIDC)) protocol. It is designed to be easy to use and to integrate into existing applications. It is built on top of the Authlib library.\n\nEasyOIDC can basically adapt to any web framework that supports session variables, route definition, and redirection. As an example, integration examples with [Flask](https://github.com/pallets/flask), [NiceGUI](https://github.com/zauberzeug/nicegui/), [Streamlit](https://github.com/streamlit/streamlit) and [Taipy](https://github.com/Avaiga/taipy) are provided.\n\nIn addition, the library has high-level classes, to integrate even more easily with [Flask](https://github.com/pallets/flask), [NiceGUI](https://github.com/zauberzeug/nicegui/) and [Taipy](https://github.com/Avaiga/taipy). The idea of the project is to gradually incorporate high-level support for new web frameworks from the Python world.\n\nEasyOIDC has been tested with OIDC backends such as [Keycloak](https://www.keycloak.org/), [Google](https://developers.google.com/identity/openid-connect/openid-connect?hl=es-419) and [Auth0](https://auth0.com/), and could connect to virtually any [OpenID Connect](https://en.wikipedia.org/wiki/OpenID#OpenID_Connect_(OIDC)) compatible server.\n\n## Installation\n\nThe library is available via PyPi (https://pypi.org/project/EasyOIDC/)\n\n```bash\npip install easyoidc\n```\n\nIf you are going to use it with a specific web framework, you can install it like this: \n```bash\npip install easyoidc[flask]\npip install easyoidc[nicegui]\npip install easyoidc[taipy]\n```\n\n## Usage\n\n### Flask\nThis is an example of how to integrate EasyOIDC with Flask:\n\n```python\nfrom flask import Flask\nfrom EasyOIDC import Config, SessionHandler\nfrom EasyOIDC.frameworks.flask import FlaskOIDClient\n\napp = Flask(__name__)\nsession_storage = SessionHandler(mode='redis')\nauth_config = Config('.env')\nauth = FlaskOIDClient(app, auth_config=auth_config, session_storage=session_storage)\n\n@app.route('/')\ndef root():\n is_authenticated = auth.is_authenticated()\n if is_authenticated:\n userinfo = auth.get_userinfo()\n return f\"Welcome to the Flask app with Middleware!.<br>User authenticated={is_authenticated}<br>{userinfo}<br><a href='/logout'>Logout</a>\"\n else:\n return f\"Welcome to the Flask app with Middleware!.<br><a href='/login'>Login</a>\"\n\n\nif __name__ == \"__main__\":\n app.run()\n```\n\n### NiceGUI\nThis is an example of how you can integrate EasyOIDC with NiceGUI:\n\n```python\nfrom EasyOIDC import Config, SessionHandler\nfrom EasyOIDC.frameworks.nicegui import NiceGUIOIDClient\nfrom nicegui import app, ui\n\nsession_storage = SessionHandler(mode='shelve')\nauth_config = Config('.env')\nauth = NiceGUIOIDClient(app, auth_config=auth_config, session_storage=session_storage)\n\n@ui.page('/')\ndef root():\n is_authenticated = auth.is_authenticated()\n with ui.column().classes('absolute-center '):\n if is_authenticated:\n ui.markdown(f\"User authenticated!\")\n ui.markdown(f\"Name: {auth.get_userinfo()['name']}\")\n ui.markdown(f\"Email: {auth.get_userinfo()['email']}\")\n ui.markdown(f\"Roles: {auth.get_user_roles()}\")\n ui.markdown(f\"<a href='/logout'>Logout</a>\").classes('text-2xl')\n else:\n ui.markdown(f\"NiceGUI demo.<br><a href='/login'>Login</a>\").classes('text-2xl')\n\n\nif __name__ in {\"__main__\", \"__mp_main__\"}:\n ui.run(storage_secret=auth_config.cookie_secret_key, port=5000)\n\n```\n\n## Configuration\nYour app routes and server endpoints, can be provided from json and .env files, or via a dict or code of course.\n\nThe following is an example of a .env file:\n\n```bash\n# Auth0 example configuration\n\n# Secret keys\nclient_id = RqtJHUjAyEMXdgT4j2ScdOfjUhFACS9G\nclient_secret = diylwTR8O_Y4B8_4AFXPYRPft3z_Im14hD8suAG8OiLCRtJPuCT6yHqlELQn_Yf\ncookie_secret_key = some-secret-key\n\n# OIDC\nwell_known_openid_url = https://myapplication.us.auth0.com/.well-known/openid-configuration\nredirect_uri = http://localhost:5000/authorize\n\n# Application routes\napp_login_route = /login\napp_logout_route = /logout\napp_authorize_route = /authorize\nunrestricted_routes = /\npost_logout_uri = http://localhost:5000\n```\n\nIn that case, EasyOIDC will get the server endpoints from the well-known url. You can also adapt the file examples/.env.google to your needs.\n\nIf you want to provide the endpoints manually, you can do it as follows:\n\n```bash\n# Google endpoints configuration example: \n\n# OIDC\nwell_known_openid_url = https://accounts.google.com/.well-known/openid-configuration\nauthorization_endpoint = https://accounts.google.com/o/oauth2/auth\ntoken_endpoint = https://oauth2.googleapis.com/token\nuserinfo_endpoint = https://openidconnect.googleapis.com/v1/userinfo\ntoken_revoke_endpoint = https://oauth2.googleapis.com/revoke\nredirect_uri = http://localhost:5000/authorize\nscope = openid,profile,email\n```\n\nAnd more examples via code:\n```python\nfrom EasyOIDC import Config\nconfig = Config(client_id='my_client_id',\n client_secret='my_client_secret',\n cookie_secret_key='some-secret-key',\n redirect_uri='http://localhost:5000/authorize',\n well_known_openid_url='https://myapplication.us.auth0.com/.well-known/openid-configuration',\n app_login_route='/login',\n app_logout_route='/logout',\n app_authorize_route='/authorize',\n unrestricted_routes='/',\n post_logout_uri='http://localhost:5000')\n\n```\n\n### Server session data storage\n\nEasyOIDC needs to store some data in the server session, like tokens and authenticated user information. The library provides a SessionHandler class that can be used to store the session data in memory, in a file or in a Redis database. The SessionHandler class is initialized as follows:\n\n```python\nfrom EasyOIDC import SessionHandler\n\n# Redis memory storage\nsession_storage = SessionHandler(mode='redis')\n\n# or for file storage\nsession_storage = SessionHandler(mode='shelve')\n\n```\n",
"bugtrack_url": null,
"license": null,
"summary": "Easy integration with OIDC authentication servers",
"version": "0.1.10",
"project_urls": {
"Homepage": "https://github.com/jpmanson/EasyOIDC"
},
"split_keywords": [],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "f471a4b4672c7ff53393a7f709b1a4b25063f9c45533439e4fa7041014d3dbe1",
"md5": "2517a922dee4ac7c3f53faf1d94204c5",
"sha256": "a7811346dd2352de89aacbfa1a1c33425c1bb32cf6bd53cfa5fca437994dfc5c"
},
"downloads": -1,
"filename": "EasyOIDC-0.1.10-py3-none-any.whl",
"has_sig": false,
"md5_digest": "2517a922dee4ac7c3f53faf1d94204c5",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.9",
"size": 15233,
"upload_time": "2024-05-24T22:47:50",
"upload_time_iso_8601": "2024-05-24T22:47:50.719492Z",
"url": "https://files.pythonhosted.org/packages/f4/71/a4b4672c7ff53393a7f709b1a4b25063f9c45533439e4fa7041014d3dbe1/EasyOIDC-0.1.10-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "19d1bfa0ac66aca9bf21ffbcad9b58e0dd41f11671f984fd95634b8c04de5926",
"md5": "f2b98833517e4dd68c28b0f7188dfbfa",
"sha256": "c71d735e80276d21630e88618f1cd5a914bcdf3b41d39331e9cb9185c65a5ad4"
},
"downloads": -1,
"filename": "easyoidc-0.1.10.tar.gz",
"has_sig": false,
"md5_digest": "f2b98833517e4dd68c28b0f7188dfbfa",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.9",
"size": 11852,
"upload_time": "2024-05-24T22:47:52",
"upload_time_iso_8601": "2024-05-24T22:47:52.397041Z",
"url": "https://files.pythonhosted.org/packages/19/d1/bfa0ac66aca9bf21ffbcad9b58e0dd41f11671f984fd95634b8c04de5926/easyoidc-0.1.10.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2024-05-24 22:47:52",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "jpmanson",
"github_project": "EasyOIDC",
"travis_ci": false,
"coveralls": false,
"github_actions": true,
"requirements": [
{
"name": "authlib",
"specs": [
[
">=",
"1.3.0"
]
]
},
{
"name": "requests",
"specs": [
[
">=",
"2.31.0"
]
]
},
{
"name": "python-decouple",
"specs": [
[
">=",
"3.8"
]
]
},
{
"name": "redis_collections",
"specs": [
[
">=",
"0.12.0"
]
]
}
],
"lcname": "easyoidc"
}
JSON
