Add your description here

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for bastienexertier from gravatar.com bastienexertier

Unverified details

These details have not been verified by PyPI
Meta
  • Author: exertieb
  • Requires: Python >=3.10
Report project as malware

Project description

HTTPX-OAuth2

My implementation of an httpx.BaseTransport that negotiates an access token and puts it in the request headers before sending it.

Installation

pip install httpx-oauth2

Usage

The library only needs to be setup. Once it is done, the authentication will happen behind the usage of httpx.Client, meaning you shouldn't need to change existing code.

Imports

import httpx
from httpx_oauth2 import (
	OAuthAuthorityClient,
	ClientCredentials,
	ResourceOwnerCredentials,
	AuthenticatingTransportFactory
)

Client Credentials

api_client = httpx.Client(base_url='http://example')

# ============== ADD THIS ==============

oauth_authority = OAuthAuthorityClient(
	httpx.Client(base_url='http://localhost:8080/realms/master'),
)

transports = AuthenticatingTransportFactory(oauth_authority)

credentials = ClientCredentials('client-1', 'my-secret', ('scope-1',))

api_client._transport = transports.client_credentials_transport(api_client._transport, credentials)

# ===== JUST THIS. NOW USE A USUAL =====

api_client.get('/users')

Resource Owner (Client Credentials with a technical account)

api_client = httpx.Client(base_url='http://example')

# ============== ADD THIS ==============

oauth_authority = OAuthAuthorityClient(
	httpx.Client(base_url='http://localhost:8080/realms/master'),
)

transports = AuthenticatingTransportFactory(oauth_authority)

credentials = ResourceOwnerCredentials('client-3', 'my-secret').with_username_password('user', 'pwd')

api_client._transport = transports.technical_account_transport(api_client._transport, credentials)

# ===== JUST THIS. NOW USE A USUAL =====

api_client.get('/users')

Token Exchange

api_client = httpx.Client(base_url='http://example')

# ============== ADD THIS ==============

oauth_authority = OAuthAuthorityClient(
	httpx.Client(base_url='http://localhost:8080/realms/master'),
)

transports = AuthenticatingTransportFactory(oauth_authority)

credentials = ClientCredentials('client-1', 'my-secret', ('scope-1',))

api_client._transport = transports.token_exchange_transport(api_client._transport, credentials)

# ===== JUST THIS. NOW USE A USUAL =====

# * Put the token to be exchanged in the authorization headers

api_client.get('/users', headers={'Authorization': 'token_to_be_exchanged'})

Getting an access token

oauth_authority = OAuthAuthorityClient(
	httpx.Client(base_url='http://localhost:8080/realms/master'),
)

credentials = ClientCredentials('client-1', 'my-secret', ('scope-1',))

token = oauth_authority.get_token(credentials)

Cache and Automatic retry

Access token are cached. Exchanged tokens too.

If the AuthenticatingTransport see that the response is 401 (meaning the token wasn't valid anymore), it will:

  • Try to refresh the token with the refresh_token if supported.
  • Request a new token.
  • Re-send the request.

But '_' means its protected?

Yes. But I haven't found an easier way to let httpx build the base transport but still be able to wrap it with custom behavior.

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for bastienexertier from gravatar.com bastienexertier

Unverified details

These details have not been verified by PyPI
Meta
  • Author: exertieb
  • Requires: Python >=3.10

Release history Release notifications | RSS feed

1.0.5

This version

1.0.4

1.0.2

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

httpx_oauth2-1.0.4.tar.gz (18.3 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

httpx_oauth2-1.0.4-py3-none-any.whl (9.5 kB view details)

Uploaded Python 3

File details

Details for the file httpx_oauth2-1.0.4.tar.gz.

File metadata

  • Download URL: httpx_oauth2-1.0.4.tar.gz
  • Upload date:
  • Size: 18.3 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.12.9

File hashes

Hashes for httpx_oauth2-1.0.4.tar.gz
Algorithm Hash digest
SHA256 c02344d636c0b5b79812258771c68ae91118359b37670d1512114beca8d23ad2
MD5 a3ba2f1a3e2dff56f7bf8e0a58b2b842
BLAKE2b-256 dd239ee7269fdf0c2c4e8ef41e2018ddd9d2b2fec796108f4ebe83527b389dc9

See more details on using hashes here.

File details

Details for the file httpx_oauth2-1.0.4-py3-none-any.whl.

File metadata

  • Download URL: httpx_oauth2-1.0.4-py3-none-any.whl
  • Upload date:
  • Size: 9.5 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.12.9

File hashes

Hashes for httpx_oauth2-1.0.4-py3-none-any.whl
Algorithm Hash digest
SHA256 e0fb3665c81c23c576ca9b2b9755e43103c1048026af42ce4cf4414cce030a24
MD5 5c649a8bc9d3ec8518ef2c37d256ba16
BLAKE2b-256 f62fc352e5c0022bc14cf509956ef4aaa6e270ed106ecf6e6cfc1edc724c7a07

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page