From OAuth2 draft to RFC about oauthlib HOT 7 CLOSED

Great job! I am wondering what's the status of OAuth2 provider.

from oauthlib.

The OAuth 2 provider is taking shape nicely but due to the limited time I can put in it is still going to take a little while before it's ready for use. I've not really kept track of the status anywhere so guess I might as well give the update here as anywhere else.

My current plan is along the lines of:

• Add a number of convenience methods to common.Request to facilitate parameter finding for grant_types
• Sort out resource endpoint error reporting and go over authorization and token endpoint error reporting and make sure it mimics the spec and my plans
• Bearer token token_type estimation
• Weed out the most broken bits of the endpoints and grant types by implementing extensive endpoint tests
• Play around with making a basic but fully functional oauth provider with Django or Flask to find any missing features, annoyances and see if the API is at level of usability I'm happy with
• Write some docs ;)
• MAC, JWT, SAML token support
• More docs ;)

I'm already working on some of this but I've not pushed it yet. Expect to see incremental improvements each week.

from oauthlib.

Good job Ib,
tell me more about Django basic oauth provider. How can I help you?
I'm interested in oauth 2 for Installed applications like described at google documentation [1].

I think that a good starting point is to learn how google do it and start write some
Django views that mimics the google way of do things. I mean a Django app or view to register your application,
branding information and get your generated clients ID like google api console [2]. It can be a django admin page
for now.

What do you think?

[1] https://developers.google.com/accounts/docs/OAuth2InstalledApp
[2] https://code.google.com/apis/console/

from oauthlib.

GJ guys, hope this feature could be done soon.

from oauthlib.

Sorry for taking so long. I'm struggling to squeeze open source in as much as I'd like but rest assured when I do I'll start crossing off my oauth 2 provider to-do list =)

I have many ideas for a django-oauth extension but afraid I won't be able to get to it before the summer. It's a good idea to have a look at the Google API Console and spend time streamlining the processes around registering and maintaining clients. Essentially such an extension could boil, if done right, reduce the complexity of authorizing api use with OAuth down to a simple decorator. Now that is the future, for now I'll focus on getting the OAuth 2 support in oauthlib working, spec compliant and well tested.

from oauthlib.

OAuth 2 provider support is shaping up nicely. A preview available in the newly added docs

https://oauthlib.readthedocs.org/en/latest/server2.html

from oauthlib.

Great.

from oauthlib.