Skip to main content
Help us improve Python packaging – donate today!

Facebook Auth support in Kinto

Project Description

Facebook Auth support in Kinto

travis Coverage

Kinto-facebook enables authentication in Kinto applications using Facebook OAuth2 bearer tokens.

It provides:

  • An authentication policy class;
  • Integration with Kinto cache backend for token verifications;
  • Integration with Kinto for heartbeat view checks;
  • Some optional endpoints to perform the OAuth dance (optional).
  • Kinto documentation
  • Issue tracker

Installation

First of all, create a Facebook Auth app.

You need to grab the client_id, client_secret and app_client_token in the app general settings page:

https://developers.facebook.com/apps/{client_id}/settings/basic/
https://developers.facebook.com/apps/{client_id}/settings/advanced/

Install the Python package:

pip install kinto-facebook

Include the package in the project configuration:

kinto.includes = kinto_facebook

And configure authentication policy using pyramid_multiauth formalism:

multiauth.policies = facebook
multiauth.policy.facebook.use = kinto_facebook.authentication.FacebookAuthenticationPolicy

By default, it will rely on the cache configured in Kinto.

Configuration

Fill those settings with the values obtained during the application registration:

facebook.client_id = 89513028159972bc
facebook.client_secret = 9aced230585cc0aaea0a3467dd800
facebook.app_access_token = 30ce836499a146428464b28816b1618b
facebook.webapp.authorized_domains = *
# facebook.cache_ttl_seconds = 300
# facebook.state.ttl_seconds = 3600

In case the application shall not behave as a relier (a.k.a. OAuth dance endpoints disabled):

facebook.relier.enabled = false

If necessary, override default values for authentication policy:

facebook.header_type = Bearer+Facebook

Login flow

OAuth Bearer token

Use the OAuth token with this header:

Authorization: Bearer <access_token>
notes:If the token is not valid, this will result in a 401 error response.

Obtain token using Web UI

  • Navigate the client to GET /facebook/login?redirect=http://app-endpoint/%23. There, a session cookie will be set, and the client will be redirected to a login form on the Facebook content server;
  • After submitting the credentials on the login page, the client will be redirected to http://app-endpoint/#{token} (the web-app).

Changelog

This document describes changes between each past release.

0.1.0 (2018-03-15)

  • Initial implementation.

Contributors

Release history Release notifications

This version
History Node

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Filename, size & hash SHA256 hash help File type Python version Upload date
kinto_facebook-0.1.0-py3-none-any.whl (14.8 kB) Copy SHA256 hash SHA256 Wheel py3 Mar 15, 2018
kinto-facebook-0.1.0.tar.gz (11.0 kB) Copy SHA256 hash SHA256 Source None Mar 15, 2018

Supported by

Elastic Elastic Search Pingdom Pingdom Monitoring Google Google BigQuery Sentry Sentry Error logging CloudAMQP CloudAMQP RabbitMQ AWS AWS Cloud computing Fastly Fastly CDN DigiCert DigiCert EV certificate StatusPage StatusPage Status page