This is a pre-production deployment of Warehouse, however changes made here WILL affect the production instance of PyPI.
Latest Version Dependencies status unknown Test status unknown Test coverage unknown
Project Description

This is an OAuth 2.0 server library and WSGI middleware filter.

Releases

0.6.0

  • Clean up of password-based authentication of client by authorization server
  • Removal of redundant MyProxy hooks

0.5.1

Integrated enhancements from Willem van Engen including:

  • password-based client authentication, which is a commonly used client authentication method
  • resource authentication for the check_token endpoint, to avoid brute-force attacks on token check; also provides a starting point for audience-restricted tokens and resource-restricted attribute release
  • return user attribute from check_token endpoint, so that the resource knows what the user is; attribute name user_name according to CloudFoundry

Resource and client authentication use the same classes, and now are instantiated with a string indicating their use (to give meaningful log messages). The client_authenticator interface was removed, since all authenticators can derive directly from authenticator_interface, since they’re both used for clients and resources; they were also renamed to make that clear (removing _client).

In client_register.ini and resource_register.ini (the latter is new) the field secret is optional.

Client code is unchanged.

0.4.0

  • Revised examples in ndg.oauth.client.examples. bearer_tok uses bearer token to secure access to a simple html page on a resource server, slcs is an example protecting a short-lived credential service aka. Online Certificate Authority. This requires the ContrailOnlineCAService package and should be used in conjunction with the equivalent example in the ndg_oauth_client example.
  • Added discrete WSGI resource server middleware ndg.oauth.server.wsgi.resource_server.Oauth2ResourceServerMiddleware
  • Includes support for bearer access token passed in Authorization header to resource server.

Prerequisites

This has been developed and tested for Python 2.6 and 2.7.

Installation

Installation can be performed using easy_install or pip.

Configuration

Examples are contained in the examples/ sub-folder:

bearer_tok/:
This configures a simple test application that uses string based tokens.
slcs/:
Bearer token example protecting a Short-Lived Credential Service or OnlineCA. ContrailOnlineCAService package is needed for this example.

The examples should be used in conjunction with the ndg_oauth_client package.

Release History

Release History

0.6.0

This version

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

0.5.1

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

0.5.0

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

0.4.0

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

0.3.1

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

0.3.0

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

Download Files

Download Files

TODO: Brief introduction on what you do with files - including link to relevant help section.

File Name & Checksum SHA256 Checksum Help Version File Type Upload Date
ndg_oauth_server-0.6.0.tar.gz (100.0 kB) Copy SHA256 Checksum SHA256 Source Jun 8, 2015

Supported By

WebFaction WebFaction Technical Writing Elastic Elastic Search Pingdom Pingdom Monitoring Dyn Dyn DNS HPE HPE Development Sentry Sentry Error Logging CloudAMQP CloudAMQP RabbitMQ Heroku Heroku PaaS Kabu Creative Kabu Creative UX & Design Fastly Fastly CDN DigiCert DigiCert EV Certificate Rackspace Rackspace Cloud Servers DreamHost DreamHost Log Hosting