OAuth Client

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for dmvieira from gravatar.com dmvieira Avatar for metal from gravatar.com metal Avatar for ricobl from gravatar.com ricobl

Unverified details

These details have not been verified by PyPI
Project links
GitHub Statistics

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

Meta

License: MIT License (MIT)

Author: Globo.com

Tags oauth, client, client_credentials, requests

Classifiers

Project description

https://travis-ci.org/globocom/alf.svg?branch=master

Python OAuth 2 Client

alf is an OAuth 2 Client based on requests.Session with seamless support for the Client Credentials Flow.

/assets/alf.jpeg?raw=true

Features

  • Automatic token retrieving and renewing

  • Token expiration control

  • Automatic token storage

  • Automatic retry on status 401 (UNAUTHORIZED)

Usage

Initialize the client and use it as a requests.Session object.

from alf.client import Client

alf = Client(
    token_endpoint='http://example.com/token',
    client_id='client-id',
    client_secret='secret')

resource_uri = 'http://example.com/resource'

alf.put(
    resource_uri, data='{"name": "alf"}',
    headers={'Content-Type': 'application/json'})

alf.get(resource_uri)

alf.delete(resource_uri)

Using your custom token storage

Now passing an object with get and set attributes you can store or retrieve a token.

This object can be a Redis, Memcache or your custom object.

from alf.client import Client
from redis import StrictRedis

redis = StrictRedis(host='localhost', port=6379, db=0)

alf = Client(
    token_endpoint='http://example.com/token',
    client_id='client-id',
    client_secret='secret',
    token_storage=redis)

resource_uri = 'http://example.com/resource'

alf.put(
    resource_uri, data='{"name": "alf"}',
    headers={'Content-Type': 'application/json'})

alf.get(resource_uri)

alf.delete(resource_uri)

How does it work?

Before any request the client tries to retrieve a token on the endpoint, expecting a JSON response with the access_token and expires_in keys.

The client keeps the token until it is expired, and according to the expires_in value calculates an expires_on value to store and validate token from multiple clients.

After getting the token, the request is issued with a Bearer authorization header:

GET /resource/1 HTTP/1.1
Host: example.com
Authorization: Bearer token

If the request fails with a 401 (UNAUTHORIZED) status, a new token is retrieved from the endpoint and the request is retried. This happens only once, if it fails again the error response is returned.

Workflow

/assets/workflow.png?raw=true

Troubleshooting

In case of an error retrieving a token, the error response will be returned, the real request won’t happen.

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for dmvieira from gravatar.com dmvieira Avatar for metal from gravatar.com metal Avatar for ricobl from gravatar.com ricobl

Unverified details

These details have not been verified by PyPI
Project links
GitHub Statistics

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

Meta

License: MIT License (MIT)

Author: Globo.com

Tags oauth, client, client_credentials, requests

Classifiers

Release history Release notifications | RSS feed

0.7.1

0.7.0

This version

0.6.0

0.5.0

0.4.2

0.4.1

0.4

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

alf-0.6.0.tar.gz (7.1 kB view hashes)

Uploaded Source

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page