UNKNOWN
Project description
This module provides a python-social-auth and oauth2 support for django-rest-framework
The first aim of this package is to help setting up social auth for your rest api. It also helps setting up your Oauth2 provider.
This package is relying on python-social-auth and django-oauth-toolkit. You should probably read their docs if you were to go further than what is done here. If you have some hard time understanding Oauth2 you can read a simple explanation here
Installation
Install with pip:
pip install django-rest-framework-social-oauth2
Add these apps to your INSTALLED_APPS
INSTALLED_APPS = (
...
'oauth2_provider',
'social.apps.django_app.default',
'rest_framework_social_oauth2',
)
Include auth urls to your urls.py
urlpatterns = patterns(
...
(r'^auth/', include('rest_framework_social_oauth2.urls')),
)
Add these context processors to your TEMPLATE_CONTEXT_PROCESSORS
TEMPLATE_CONTEXT_PROCESSORS = (
...
'social.apps.django_app.context_processors.backends',
'social.apps.django_app.context_processors.login_redirect',
)
You can then enable the authentication classes for django rest framework by default or per view
REST_FRAMEWORK = {
'DEFAULT_AUTHENTICATION_CLASSES': (
'oauth2_provider.ext.rest_framework.OAuth2Authentication',
'rest_framework_social_oauth2.authentication.SocialAuthentication',
),
}
AUTHENTICATION_BACKENDS = (
...
'rest_framework_social_oauth2.backends.DjangoOAuth2',
'django.contrib.auth.backends.ModelBackend',
)
- The two only settings of this app are :
PROPRIETARY_APPLICATION_NAME sets the name of your client , defaults to “Owner”
PROPRIETARY_BACKEND_NAME sets the name of your Oauth2 social backend, defaults to “Django”
- Now go to django admin and add a new Application.
user should be your superuser
name should be set to PROPRIETARY_APPLICATION_NAME
client_id and client_secret shouldn’t be changed
authorization_grant_type should be set to ‘Resource owner password-based’
client_type should be set to public
redirect_uris should be left blank
The installation is done, you can now test the app.
Remember that you need to read the docs from python-social-auth and django-oauth-toolkit if you want to go further. If you want to enable a social backend (like facebook), check the docs of python-social-auth about supported backends or django-social-auth about bakends system
Testing the setup
Now that the installation is done, let’s try it ! Ask a token for an user using curl :
curl -X POST -d “client_id=<client_id>&client_secret=<client_secret>&grant_type=password&username=<user_name>&password=<password>” http://localhost:8000/auth/token
client_id and client_secret are the keys generated automatically that you can find in the model Application you created.
Now let’s imagine you need to refresh your token :
curl -X POST -d “grant_type=refresh_token&client_id=<client_id>&client_secret=<client_secret>&refresh_token=<your_refresh_token>” http://localhost:8000/auth/token
Now let’s try something else ! Let’s exchange an external token for a token linked to your app :
curl -H “Authorization: Bearer backend backend_token” http://localhost:8000/auth/convert-token
backend here needs to be replaced by the name of an enabled backend (facebook for example if that’s the case). Note that PROPRIETARY_BACKEND_NAME is a valid backend name but there is no use in using it here. backend_token is for the token you got from the service utilizing an iOS app for example.
This is possible because convert_token is an api_view using ‘rest_framework_social_oauth2.authentication.SocialAuthentication’ as an authentication class. This class simply gets the backend and the backend token from the Authorization header and try to authenticate the user using the right external provider.
If you have any questions feel free to explore the code (there is very little) and to ask me.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for django-rest-framework-social-oauth2-0.0.1.tar.gz
Algorithm | Hash digest | |
---|---|---|
SHA256 | 11937371c208bd64ae8f548d9969db95c6af75d0f0e11c07f4ad40c6a6ea6055 |
|
MD5 | 2270007244336e7d2f7ce03edcd9f4a6 |
|
BLAKE2b-256 | 4e480f4f1317be5ee2bf00f00a135e511f81727f533bf21a594c83031a8e49ff |
Hashes for django-rest-framework-social-oauth2-0.0.1.linux-x86_64.tar.gz
Algorithm | Hash digest | |
---|---|---|
SHA256 | ce0ef024f9e97d851c48a185d17781530c6c94f15d33306a384a605c86833b02 |
|
MD5 | 2676fbd28ee2d91ae9837830f44613ec |
|
BLAKE2b-256 | eec71b330c23c8c09e71d35575621538a88d0f94e53d44a85e0574d281160542 |