Comments (7)
Great job! I am wondering what's the status of OAuth2 provider.
from oauthlib.
The OAuth 2 provider is taking shape nicely but due to the limited time I can put in it is still going to take a little while before it's ready for use. I've not really kept track of the status anywhere so guess I might as well give the update here as anywhere else.
My current plan is along the lines of:
- Add a number of convenience methods to common.Request to facilitate parameter finding for grant_types
- Sort out resource endpoint error reporting and go over authorization and token endpoint error reporting and make sure it mimics the spec and my plans
- Bearer token token_type estimation
- Weed out the most broken bits of the endpoints and grant types by implementing extensive endpoint tests
- Play around with making a basic but fully functional oauth provider with Django or Flask to find any missing features, annoyances and see if the API is at level of usability I'm happy with
- Write some docs ;)
- MAC, JWT, SAML token support
- More docs ;)
I'm already working on some of this but I've not pushed it yet. Expect to see incremental improvements each week.
from oauthlib.
Good job Ib,
tell me more about Django basic oauth provider. How can I help you?
I'm interested in oauth 2 for Installed applications like described at google documentation [1].
I think that a good starting point is to learn how google do it and start write some
Django views that mimics the google way of do things. I mean a Django app or view to register your application,
branding information and get your generated clients ID like google api console [2]. It can be a django admin page
for now.
What do you think?
[1] https://developers.google.com/accounts/docs/OAuth2InstalledApp
[2] https://code.google.com/apis/console/
from oauthlib.
GJ guys, hope this feature could be done soon.
from oauthlib.
Sorry for taking so long. I'm struggling to squeeze open source in as much as I'd like but rest assured when I do I'll start crossing off my oauth 2 provider to-do list =)
I have many ideas for a django-oauth extension but afraid I won't be able to get to it before the summer. It's a good idea to have a look at the Google API Console and spend time streamlining the processes around registering and maintaining clients. Essentially such an extension could boil, if done right, reduce the complexity of authorizing api use with OAuth down to a simple decorator. Now that is the future, for now I'll focus on getting the OAuth 2 support in oauthlib working, spec compliant and well tested.
from oauthlib.
OAuth 2 provider support is shaping up nicely. A preview available in the newly added docs
https://oauthlib.readthedocs.org/en/latest/server2.html
from oauthlib.
Great.
from oauthlib.
Related Issues (20)
- oauth2 implicit grant does not seem to properly return the error in uri fragment when client is unauthorized to use response_type token HOT 1
- RFC5849 oauth1 signature base_string_uri doesn't parse IPv6 addresses
- Pre-configured OIDC server should use OIDC refresh token grant type HOT 5
- Security Issue in OAuthLib HOT 1
- CI/Pipeline broken since TravisCI consumed all "OSS credits" HOT 2
- Merging the fix of CVE-2022-36087 into tag v3.2.1 HOT 8
- URI validation does not support shortform localhost IPv6 URIs HOT 1
- Latest version on pypi.org (3.2.2) not reflected here - is it safe? HOT 2
- private_key_jwt
- Will the default warning behavior for scope changes be updated? HOT 1
- Please support http.client as the a request client HOT 3
- OAuth2Session is not pickleable HOT 2
- Docs: Add link to GitHub project sidebar? HOT 1
- Support for refresh token expiration
- typing issues HOT 2
- Problem with use oauthlib with last version cryptography
- Adopt `build` because running `setup.py` is deprecated for security reasons
- Oauthlib not catching error: CompactToken validation failed with reason code: 80049228 HOT 1
- accessing session user in validate_silent_login
- fastapi Support HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from oauthlib.