Pyramid OAuthLib
================
.. image:: https://travis-ci.org/tilgovi/pyramid-oauthlib.svg?branch=master
:target: https://travis-ci.org/tilgovi/pyramid-oauthlib
.. image:: http://img.shields.io/coveralls/tilgovi/pyramid-oauthlib.svg
:target: https://coveralls.io/r/tilgovi/pyramid-oauthlib
Pyramid OAuthLib is a library to integrate the excellent `OAuthLib`_ library
easily into `Pyramid`_ applications. It is designed to ease development of
OAuth applications, provide smooth migration possibilites to legacy codebases
using other authentication or authorization schemes, and configuration patterns
for creating pluggable OAuth components for Pyramid.
**NOTICE**: Pyramid OAuthLib is not feature complete! It is missing the hooks
for token revocation. While this shouldn't be hard to add, it wasn't a priority
to get the initial version released.
Usage Overview
--------------
Configuration::
def includeme(config):
"""Integration with OAuthLib is as smooth as possible."""
from oauthlib.oauth2 import BearerToken, AuthorizationCodeGrant
# Validator callback functions are passed Pyramid request objects so
# you can access your request properties, database sessions, etc.
# The request object is populated with accessors for the properties
# referred to in the OAuthLib docs and used by its built in types.
validator = MyRequestValidator()
# Register response types to create grants.
config.add_response_type('oauthlib.oauth2.AuthorizationCodeGrant',
name='code',
request_validator=validator)
# Register grant types to validate token requests.
config.add_grant_type('oauthlib.oauth2.AuthorizationCodeGrant',
name='authorization_code',
request_validator=validator)
# Register the token types to use at token endpoints.
# The second parameter to all registrations may be left out to set it
# as default to use when no corresponding request parameter specifies
# the grant, response or token type. Be aware that the built in types
# will fail if a matching request parameter is missing, though.
config.add_token_type('oauthlib.oauth2.BearerToken',
request_validator=validator)
Token response::
def access_token(request):
"""Core functionality is available directly from the request.
Responses from OAuthLib are wrapped in a response object of type
:class:`pyramid.response.Response` so they can be returned directly
from views.
"""
userid = request.authenticated_userid
if userid is not None:
credentials = dict(userId=userid)
else:
credentials = None
return request.create_token_response(credentials=credentials)
Custom grant type::
from oauthlib.oauth2 import ClientCredentialsGrant, InvalidClientError
from pyramid.authentication import BadCSRFToken
from pyramid.session import check_csrf_token
class SessionGrant(ClientCredentialsGrant):
"""A combined authentication and authorization session assertion grant.
When the Authorization Server and the Token Service are the same server
this grant type uses a single assertion, the CSRF token, for client
authentication and an authorization grant.[1] This works particularly
well with :class:`pyramid.authentication.SessionAuthenticationPolicy`.
[1] http://tools.ietf.org/html/draft-ietf-oauth-assertions-01#section-3
"""
def validate_token_request(self, request):
try:
check_csrf_token(request, token='assertion')
except BadCSRFToken:
raise InvalidClientError(request=request)
# An object with the confidential client_id and client_secret.
request.client = LOCAL_CLIENT
if request.client is None:
raise InvalidClientError(request=request)
request.client_id = request.client_id or request.client.client_id
def includeme(config):
config.add_grant_type(SessionGrant, 'assertion')
License
-------
Pyramid OAuthLib is released under the `2-Clause BSD License`_, sometimes
referred to as the "Simplified BSD License" or the "FreeBSD License". More
license information can be found in the included ``LICENSE.txt`` file.
.. _OAuthLib: https://github.com/idan/oauthlib
.. _Pyramid: http://www.pylonsproject.org/
.. _2-Clause BSD License: http://www.opensource.org/licenses/BSD-2-Clause
1.0.0 (2022-09-16)
==================
Breaking changes
----------------
- Pyramid OAuthLib now requires Python 3.7+.
- Pyramid OAuthLib now requires OAuthLib 3+.
0.4.2 (2020-09-07)
==================
Bug Fixes
---------
- Add missing parameters from OAuthLib.
0.4.1 (2019-06-28)
==================
Bug Fixes
---------
- Fix `duplicate_params` request property.
- Fix version specifier to indicate that OAuthLib 3 is not yet supported.
0.4.0 (2018-11-16)
==================
Breaking Changes
----------------
- Drop support for Pyramid 1.3 and below.
Features
--------
- Pyramid 1.10 support.
0.3.0 (2018-03-10)
==================
Features
--------
- Python 3 support.
- Support for password credential flow parameters.
0.2.0 (2014-11-21)
==================
Features
--------
- Expose `add_oauth_param` as a directive on `Configurator` instances.
OAuthLib code typically assumes these attributes exist on the request
instance. Exposing this directive allows custom extensions to be more
portable to non-Pyramid code by avoiding the use of `request.params`
in favor of the transparent attribute access pattern of OAuthLib
request instances.
0.1.1 (2014-08-04)
==================
Features
--------
- Request methods for easy integration of OAuth flows.
- Request parameters to integrate with OAuthLib modules.
- Registration of new grant, response, and token types, (optionally)
using dotted name resolution.
- Introspectable configuration.
- Full unit test coverage
Missing in this release
-----------------------
- Support for revocation.
Raw data
{
"_id": null,
"home_page": "https://github.com/tilgovi/pyramid_oauthlib",
"name": "pyramid-oauthlib",
"maintainer": "",
"docs_url": null,
"requires_python": ">=3.7",
"maintainer_email": "",
"keywords": "web pyramid pylons oauth authentication",
"author": "Randall Leeds",
"author_email": "tilgovi@hypothes.is",
"download_url": "https://files.pythonhosted.org/packages/c3/68/4e6eac91fd76c21cd70e8c722393fa5901e4bd509d63e7149a64a7eb8260/pyramid_oauthlib-1.0.0.tar.gz",
"platform": null,
"description": "Pyramid OAuthLib\n================\n\n.. image:: https://travis-ci.org/tilgovi/pyramid-oauthlib.svg?branch=master\n :target: https://travis-ci.org/tilgovi/pyramid-oauthlib\n.. image:: http://img.shields.io/coveralls/tilgovi/pyramid-oauthlib.svg\n :target: https://coveralls.io/r/tilgovi/pyramid-oauthlib\n\nPyramid OAuthLib is a library to integrate the excellent `OAuthLib`_ library\neasily into `Pyramid`_ applications. It is designed to ease development of\nOAuth applications, provide smooth migration possibilites to legacy codebases\nusing other authentication or authorization schemes, and configuration patterns\nfor creating pluggable OAuth components for Pyramid.\n\n**NOTICE**: Pyramid OAuthLib is not feature complete! It is missing the hooks\nfor token revocation. While this shouldn't be hard to add, it wasn't a priority\nto get the initial version released.\n\nUsage Overview\n--------------\n\nConfiguration::\n\n def includeme(config):\n \"\"\"Integration with OAuthLib is as smooth as possible.\"\"\"\n from oauthlib.oauth2 import BearerToken, AuthorizationCodeGrant\n\n # Validator callback functions are passed Pyramid request objects so\n # you can access your request properties, database sessions, etc.\n # The request object is populated with accessors for the properties\n # referred to in the OAuthLib docs and used by its built in types.\n validator = MyRequestValidator()\n\n # Register response types to create grants.\n config.add_response_type('oauthlib.oauth2.AuthorizationCodeGrant',\n name='code',\n request_validator=validator)\n\n # Register grant types to validate token requests.\n config.add_grant_type('oauthlib.oauth2.AuthorizationCodeGrant',\n name='authorization_code',\n request_validator=validator)\n\n # Register the token types to use at token endpoints.\n # The second parameter to all registrations may be left out to set it\n # as default to use when no corresponding request parameter specifies\n # the grant, response or token type. Be aware that the built in types\n # will fail if a matching request parameter is missing, though.\n config.add_token_type('oauthlib.oauth2.BearerToken',\n request_validator=validator)\n\n\nToken response::\n\n def access_token(request):\n \"\"\"Core functionality is available directly from the request.\n\n Responses from OAuthLib are wrapped in a response object of type\n :class:`pyramid.response.Response` so they can be returned directly\n from views.\n \"\"\"\n userid = request.authenticated_userid\n if userid is not None:\n credentials = dict(userId=userid)\n else:\n credentials = None\n\n return request.create_token_response(credentials=credentials)\n\nCustom grant type::\n\n from oauthlib.oauth2 import ClientCredentialsGrant, InvalidClientError\n from pyramid.authentication import BadCSRFToken\n from pyramid.session import check_csrf_token\n\n class SessionGrant(ClientCredentialsGrant):\n\n \"\"\"A combined authentication and authorization session assertion grant.\n\n When the Authorization Server and the Token Service are the same server\n this grant type uses a single assertion, the CSRF token, for client\n authentication and an authorization grant.[1] This works particularly\n well with :class:`pyramid.authentication.SessionAuthenticationPolicy`.\n\n [1] http://tools.ietf.org/html/draft-ietf-oauth-assertions-01#section-3\n \"\"\"\n\n def validate_token_request(self, request):\n try:\n check_csrf_token(request, token='assertion')\n except BadCSRFToken:\n raise InvalidClientError(request=request)\n\n # An object with the confidential client_id and client_secret.\n request.client = LOCAL_CLIENT\n\n if request.client is None:\n raise InvalidClientError(request=request)\n\n request.client_id = request.client_id or request.client.client_id\n\n\n def includeme(config):\n config.add_grant_type(SessionGrant, 'assertion')\n\nLicense\n-------\n\nPyramid OAuthLib is released under the `2-Clause BSD License`_, sometimes\nreferred to as the \"Simplified BSD License\" or the \"FreeBSD License\". More\nlicense information can be found in the included ``LICENSE.txt`` file.\n\n.. _OAuthLib: https://github.com/idan/oauthlib\n.. _Pyramid: http://www.pylonsproject.org/\n.. _2-Clause BSD License: http://www.opensource.org/licenses/BSD-2-Clause\n\n\n1.0.0 (2022-09-16)\n==================\n\nBreaking changes\n----------------\n\n- Pyramid OAuthLib now requires Python 3.7+.\n- Pyramid OAuthLib now requires OAuthLib 3+.\n\n0.4.2 (2020-09-07)\n==================\n\nBug Fixes\n---------\n\n- Add missing parameters from OAuthLib.\n\n0.4.1 (2019-06-28)\n==================\n\nBug Fixes\n---------\n\n- Fix `duplicate_params` request property.\n- Fix version specifier to indicate that OAuthLib 3 is not yet supported.\n\n0.4.0 (2018-11-16)\n==================\n\nBreaking Changes\n----------------\n\n- Drop support for Pyramid 1.3 and below.\n\nFeatures\n--------\n\n- Pyramid 1.10 support.\n\n0.3.0 (2018-03-10)\n==================\n\nFeatures\n--------\n\n- Python 3 support.\n- Support for password credential flow parameters.\n\n\n0.2.0 (2014-11-21)\n==================\n\nFeatures\n--------\n\n- Expose `add_oauth_param` as a directive on `Configurator` instances.\n OAuthLib code typically assumes these attributes exist on the request\n instance. Exposing this directive allows custom extensions to be more\n portable to non-Pyramid code by avoiding the use of `request.params`\n in favor of the transparent attribute access pattern of OAuthLib\n request instances.\n\n0.1.1 (2014-08-04)\n==================\n\nFeatures\n--------\n\n- Request methods for easy integration of OAuth flows.\n- Request parameters to integrate with OAuthLib modules.\n- Registration of new grant, response, and token types, (optionally)\n using dotted name resolution.\n- Introspectable configuration.\n- Full unit test coverage\n\nMissing in this release\n-----------------------\n\n- Support for revocation.\n",
"bugtrack_url": null,
"license": "",
"summary": "Pyramid OAuthLib integration",
"version": "1.0.0",
"project_urls": {
"Homepage": "https://github.com/tilgovi/pyramid_oauthlib"
},
"split_keywords": [
"web",
"pyramid",
"pylons",
"oauth",
"authentication"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "2b739bf750991174b2d42dc7fe03f6e6fa262e902379396652916c741cdd7f8b",
"md5": "be5d160b5a55a377ff72545102642d82",
"sha256": "bdf46192af490775840911749284abfe485578c0102a8b20038cae0198e9e1b8"
},
"downloads": -1,
"filename": "pyramid_oauthlib-1.0.0-py3-none-any.whl",
"has_sig": false,
"md5_digest": "be5d160b5a55a377ff72545102642d82",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.7",
"size": 7824,
"upload_time": "2022-09-17T04:40:33",
"upload_time_iso_8601": "2022-09-17T04:40:33.684768Z",
"url": "https://files.pythonhosted.org/packages/2b/73/9bf750991174b2d42dc7fe03f6e6fa262e902379396652916c741cdd7f8b/pyramid_oauthlib-1.0.0-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "c3684e6eac91fd76c21cd70e8c722393fa5901e4bd509d63e7149a64a7eb8260",
"md5": "d68cbd037338c6439157879350773dcf",
"sha256": "7d6147c7c3297cb2ced4ffbe41136e8636ee2072953784e2887d906acb99048f"
},
"downloads": -1,
"filename": "pyramid_oauthlib-1.0.0.tar.gz",
"has_sig": false,
"md5_digest": "d68cbd037338c6439157879350773dcf",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.7",
"size": 9554,
"upload_time": "2022-09-17T04:40:36",
"upload_time_iso_8601": "2022-09-17T04:40:36.107890Z",
"url": "https://files.pythonhosted.org/packages/c3/68/4e6eac91fd76c21cd70e8c722393fa5901e4bd509d63e7149a64a7eb8260/pyramid_oauthlib-1.0.0.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2022-09-17 04:40:36",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "tilgovi",
"github_project": "pyramid_oauthlib",
"travis_ci": true,
"coveralls": true,
"github_actions": false,
"tox": true,
"lcname": "pyramid-oauthlib"
}
JSON
