Comments (3)
Not very easy is mildly put considering this is still very much in development and I would not even consider it alpha as the api changes with almost every commit =) Well done on figuring it all out!
There will be a guide / tutorial / some docs detailing how to implement an oauth 2 provider and as you hint it would be a good idea to assert that the various classes are initialized correctly as to avoid weird errors down the road.
One example of api change is that I'm trying to move to inheritance by composition style (request validator) and avoid having to subclass just to override a method or two (save_token) but this is still not complete. The reason of the oauth 2 provider taking so long is a mix of very limited time on my side and the extreme flexibility of the protocol making an implementation that nicely support all of it tricky.
The seemingly insensible defaults stems from the defaults not imposing any specific grant type or token type on the developer and thus everyone is forced to actively pick them and supply them. This might change in the future depending on what people wish for...
from oauthlib.
I understand that it is hard to impose a specific grant type, but I guess we could impose that people insert something of their own rather than None
right?
I'll see if I can make a sensible PR
from oauthlib.
I've update the provider quite substantially and begun working on some docs, readable at https://oauthlib.readthedocs.org/en/latest/server2.html#creating-an-oauth-2-provider
I'm playing around with the idea of having different pre-configured endpoints associated with certain grant types. Also, the constructor defaults are now gone as all arguments are required.
from oauthlib.
Related Issues (20)
- Pre-configured OIDC server should use OIDC refresh token grant type HOT 5
- Security Issue in OAuthLib HOT 1
- CI/Pipeline broken since TravisCI consumed all "OSS credits" HOT 2
- Merging the fix of CVE-2022-36087 into tag v3.2.1 HOT 8
- URI validation does not support shortform localhost IPv6 URIs HOT 1
- Latest version on pypi.org (3.2.2) not reflected here - is it safe? HOT 2
- private_key_jwt
- Will the default warning behavior for scope changes be updated? HOT 1
- Please support http.client as the a request client HOT 3
- OAuth2Session is not pickleable HOT 2
- Docs: Add link to GitHub project sidebar? HOT 1
- Support for refresh token expiration
- typing issues HOT 2
- Problem with use oauthlib with last version cryptography
- Adopt `build` because running `setup.py` is deprecated for security reasons
- Oauthlib not catching error: CompactToken validation failed with reason code: 80049228 HOT 1
- accessing session user in validate_silent_login
- fastapi Support HOT 1
- Modifications of headers returned by Client.prepare_*_request affects future calls
- Csrf warning
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from oauthlib.