Add your description here

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for bastienexertier from gravatar.com bastienexertier

Unverified details

These details have not been verified by PyPI
Meta
Report project as malware

Project description

HTTPX-OAuth2

My implementation of an httpx.BaseTransport that negotiates an access token and puts it in the request headers before sending it.

Installation

pip install httpx-oauth2

Usage

The library only needs to be setup. Once it is done, the authentication will happen behind the usage of httpx.Client, meaning you shouldn't need to change existing code.

Imports

import httpx
from httpx_oauth2 import (
	OAuthAuthorityClient,
	ClientCredentials,
	ResourceOwnerCredentials,
	AuthenticatingTransportFactory
)

Client Credentials

api_client = httpx.Client(base_url='http://example')

# ============== ADD THIS ==============

oauth_authority = OAuthAuthorityClient(
	httpx.Client(base_url='http://localhost:8080/realms/master'),
)

transports = AuthenticatingTransportFactory(oauth_authority)

credentials = ClientCredentials('client-1', 'my-secret', ('scope-1',))

api_client._transport = transports.client_credentials_transport(api_client._transport, credentials)

# ===== JUST THIS. NOW USE A USUAL =====

api_client.get('/users')

Resource Owner (Client Credentials with a technical account)

api_client = httpx.Client(base_url='http://example')

# ============== ADD THIS ==============

oauth_authority = OAuthAuthorityClient(
	httpx.Client(base_url='http://localhost:8080/realms/master'),
)

transports = AuthenticatingTransportFactory(oauth_authority)

credentials = ResourceOwnerCredentials('client-3', 'my-secret').with_username_password('user', 'pwd')

api_client._transport = transports.technical_account_transport(api_client._transport, credentials)

# ===== JUST THIS. NOW USE A USUAL =====

api_client.get('/users')

Token Exchange

api_client = httpx.Client(base_url='http://example')

# ============== ADD THIS ==============

oauth_authority = OAuthAuthorityClient(
	httpx.Client(base_url='http://localhost:8080/realms/master'),
)

transports = AuthenticatingTransportFactory(oauth_authority)

credentials = ClientCredentials('client-1', 'my-secret', ('scope-1',))

api_client._transport = transports.token_exchange_transport(api_client._transport, credentials)

# ===== JUST THIS. NOW USE A USUAL =====

# * Put the token to be exchanged in the authorization headers

api_client.get('/users', headers={'Authorization': 'token_to_be_exchanged'})

Getting an access token

oauth_authority = OAuthAuthorityClient(
	httpx.Client(base_url='http://localhost:8080/realms/master'),
)

credentials = ClientCredentials('client-1', 'my-secret', ('scope-1',))

token = oauth_authority.get_token(credentials)

Cache and Automatic retry

Access token are cached. Exchanged tokens too.

If the AuthenticatingTransport see that the response is 401 (meaning the token wasn't valid anymore), it will:

  • Try to refresh the token with the refresh_token if supported.
  • Request a new token.
  • Re-send the request.

But '_' means its protected?

Yes. But I haven't found an easier way to let httpx build the base transport but still be able to wrap it with custom behavior.

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for bastienexertier from gravatar.com bastienexertier

Unverified details

These details have not been verified by PyPI
Meta

Release history Release notifications | RSS feed

This version

1.0.5

1.0.4

1.0.2

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

httpx_oauth2-1.0.5.tar.gz (18.5 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

httpx_oauth2-1.0.5-py3-none-any.whl (9.7 kB view details)

Uploaded Python 3

File details

Details for the file httpx_oauth2-1.0.5.tar.gz.

File metadata

  • Download URL: httpx_oauth2-1.0.5.tar.gz
  • Upload date:
  • Size: 18.5 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.12.9

File hashes

Hashes for httpx_oauth2-1.0.5.tar.gz
Algorithm Hash digest
SHA256 3825eeeb910a514f3be1ae3a311bb3ca8a357be76e2459a31aef51c3e4513f4b
MD5 3bae76d49e4b5369e79e82d83e2ff006
BLAKE2b-256 54451ddc0682eb1cc72fbe8b36f2a0440cd946039ac1921bac0d813bfe9a0137

See more details on using hashes here.

File details

Details for the file httpx_oauth2-1.0.5-py3-none-any.whl.

File metadata

  • Download URL: httpx_oauth2-1.0.5-py3-none-any.whl
  • Upload date:
  • Size: 9.7 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.12.9

File hashes

Hashes for httpx_oauth2-1.0.5-py3-none-any.whl
Algorithm Hash digest
SHA256 9f3d3f434d3753bcd236629ed2a7ac6a063a2084e0ba10c0703350f932e3bd40
MD5 92ffc057f1c6c74cb4117b57dc1ea503
BLAKE2b-256 f6f06b0b3e33db333c1d62cd8bad07d81cff886fe8b1462883dfff66cd73cfed

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page