Facebook Auth support in Kinto
Project description
Facebook Auth support in Kinto
Kinto-facebook enables authentication in Kinto applications using Facebook OAuth2 bearer tokens.
It provides:
An authentication policy class;
Integration with Kinto cache backend for token verifications;
Integration with Kinto for heartbeat view checks;
Some optional endpoints to perform the OAuth dance (optional).
Installation
First of all, create a Facebook Auth app.
You need to grab the client_id, client_secret and app_client_token in the app general settings page:
https://developers.facebook.com/apps/{client_id}/settings/basic/
https://developers.facebook.com/apps/{client_id}/settings/advanced/
Install the Python package:
pip install kinto-facebook
Include the package in the project configuration:
kinto.includes = kinto_facebook
And configure authentication policy using pyramid_multiauth formalism:
multiauth.policies = facebook multiauth.policy.facebook.use = kinto_facebook.authentication.FacebookAuthenticationPolicy
By default, it will rely on the cache configured in Kinto.
Configuration
Fill those settings with the values obtained during the application registration:
facebook.client_id = 89513028159972bc facebook.client_secret = 9aced230585cc0aaea0a3467dd800 facebook.app_access_token = 30ce836499a146428464b28816b1618b facebook.webapp.authorized_domains = * # facebook.cache_ttl_seconds = 300 # facebook.state.ttl_seconds = 3600
In case the application shall not behave as a relier (a.k.a. OAuth dance endpoints disabled):
facebook.relier.enabled = false
If necessary, override default values for authentication policy:
facebook.header_type = Bearer+Facebook
Login flow
OAuth Bearer token
Use the OAuth token with this header:
Authorization: Bearer <access_token>
- notes:
If the token is not valid, this will result in a 401 error response.
Obtain token using Web UI
Navigate the client to GET /facebook/login?redirect=http://app-endpoint/%23. There, a session cookie will be set, and the client will be redirected to a login form on the Facebook content server;
After submitting the credentials on the login page, the client will be redirected to http://app-endpoint/#{token} (the web-app).
Changelog
This document describes changes between each past release.
0.1.0 (2018-03-15)
Initial implementation.
Contributors
Mathieu Leplatre <mathieu@mozilla.com>
Rémy Hubscher <rhubscher@mozilla.com>
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file kinto-facebook-0.1.0.tar.gz.
File metadata
- Download URL: kinto-facebook-0.1.0.tar.gz
- Upload date:
- Size: 11.0 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 325ea9dfc8dc74937544bf897c6e72a04b5d6e0118b0cf3b6427d788898e7012 |
|
| MD5 | 3c97e483061872bd16cb4f80329f4106 |
|
| BLAKE2b-256 | b56eb5f1bf468160ed7fc87f8d30d193555cff398fc20bfd6a71e97b5b5b9aa5 |
File details
Details for the file kinto_facebook-0.1.0-py3-none-any.whl.
File metadata
- Download URL: kinto_facebook-0.1.0-py3-none-any.whl
- Upload date:
- Size: 14.8 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | cfbc832091908e71f00e5305dbe5ea050ff669bfde610ca8904fa1a7b0a561d4 |
|
| MD5 | b5cadd7da3f9e294b9c2caf784938558 |
|
| BLAKE2b-256 | b1b1c39e548a92bf6c801ca70229b993e4d987f16b0a53efd5a9a01898ee0da8 |
