Skip to main content

Security Proxy for OGC Services like WPS.

Project description

Documentation Status Travis Build GitHub license Join the chat at
Twitcher (the bird-watcher)
a birdwatcher mainly interested in catching sight of rare birds. (Leo).

Twitcher is a security proxy for OWS services like Web Processing Services (WPS). The proxy service uses OAuth2 access tokens to protect the OWS service access. In addition one can also use X.509 certificates for client authentication.

The implementation is not restricted to WPS services. It will be extended to more OWS services like WMS (Web Map Service) and might also be used for Thredds catalog services.

Twitcher extensions:

  • Magpie is an AuthN/AuthZ service provided by the PAVICS project.
  • Weaver middleware by CRIM. A reimplementation of an old Twitcher fork for workflow execution and a Swagger RESTful interface for Web Processing Services.

Twitcher is implemented with the Python Pyramid web framework.

You can try Twitcher online using Binder, or view the notebooks on NBViewer.

Binder Launcher NBViewer

Twitcher is part of the Birdhouse project. The documentation is on ReadTheDocs.

Twitcher Docker images are also available for most recent tagged versions.



0.6.0 (2020-04-01)


  • Added Keycloak support (#91).
  • Added Keycloak demo notebook (#92, #93, #94).

0.5.3 (2020-02-20)


  • Reduce log level of "failed security check" from exception to warning as it corresponds to the expected code behavior (unauthorised access) when OWSException is raised, instead of dumping an unhandled error traceback.

0.5.2 (2019-07-11)

New Features:

  • Adds route /info which returns contents of twitcher.__version__.
  • Adds route /versions which returns version details such as Twitcher app version and employed adapter version.


  • Updated README.rst to match recent development, reference and docker image link.
  • Adds URI of /info and /versions routes in the frontpage response.
  • Corresponding HTTP status codes are returned for raised OWSException.


0.5.1 (2019-05-24)

New Features:

  • Add postgres extra requirements for when it is used as database driver with sqlalchemy.


  • Use container instead of config for AdapterInterface.owsproxy_config to match real use cases.


  • Improve the adapter import methodology to work with more use cases (
  • Fix incorrect setup for bump version within Makefile.
  • Fix Twitcher main including twitcher.<module> instead of .<module>.

0.5.0 (2019-05-22)


  • Skipped Buildout (#49).
  • Replaced mongodb by sqlalchemy (#51).
  • Simplified Makefile and skipped conda targets (#75).
  • Add Makefile targets for docker, bumpversion and coverage analysis related tasks (#67).
  • Removed unused config module (#70).

New Features:

  • Provided a Dockerfile for building Twitcher (#67).
  • Provide AdapterInterface to allow overriding store implementations with configuration setting twitcher.adapter (#67).
  • Add version auto-update (number and date) of these ‘changes’ with bump2version (#67).


  • Update requirements with missing dependencies when building docker image.
  • Various fixes (#74, #73, #72, #71)

0.4.0 (2019-05-02)


  • Skipped Python 2.7 support (#61).
  • Added public URL “purl” (#58).
  • Added SSL verify option (#55).
  • Skipped internal WPS (#52).
  • Moved tests to top-level folder (#47).

0.3.8 (2018-09-11)


  • Fixed the wps DataInputs params encoding (#42).
  • Fixed error 400 Contradictory scheme headers (#40).

New Features:

  • make protected path configurable (#36).

0.3.7 (2018-03-13)


  • fixed exclude filter in

New Features:

  • Feature #28: use request upstream when not using wps (e.g download file through thredds).

0.3.6 (2018-03-08)

  • pep8
  • removed unused c4i option.
  • added auth option to set authentication method.
  • updated docs for usage of x509 certificates.

New Features:

  • Feature #25: using x509 certificates for service authentication.

0.3.5 (2018-03-01)

  • pep8
  • updated makefile
  • updated buildout recipes
  • fixed nginx dependency
  • updated mongodb 3.4
  • configured csrf in xmlrpc
  • fixed tutorial example
  • added readthedocs, licence and chat badges

0.3.4 (2017-05-05)

  • updated logging.
  • fixed: creates workdir if it does not exist.

0.3.3 (2017-04-27)

  • fixed fetching of access token when service is public.

0.3.2 (2017-01-31)

  • set header X-X509-User-Proxy.

0.3.1 (2017-01-26)

  • pep8.
  • set permission of certfile.
  • added option ows-proxy-delegate.

0.3.0 (2017-01-11)

  • pep8.
  • changed rpc interface.
  • added twitcher.client module.
  • using esgf scls service to get credentials.
  • updated internal pywps to version 4.0.0.
  • using default port 5000.
  • added ipython notebook examples.
  • moved namesgenerator to top-level.
  • added _compat module for python 3.x/2.x compatibility.
  • added twitcher.api and cleaned up rpcinterface.
  • added with mongodb and memory implementation.
  • added twitcher.datatype with AccessToken and Service.
  • using https port only.
  • using OWSExceptions on errors in owsproxy.

0.2.4 (2016-12-23)

  • pep8.
  • using replace_caps_url in owsproxy.
  • pinned mongodb=2.6*|3.3.9.
  • replaced service_url by proxy_url.
  • added wms_130 and renamed wms_111.

0.2.3 (2016-11-18)

  • pep8
  • using doc2dict, renamed get_service_by_name().
  • added support for c4i tokens.
  • updated deps: pytest, mongodb.
  • updated buildout recipes.
  • fixed functional tests.

0.2.2 (2016-08-18)

  • pep8
  • don’t allow dupliate service names.

0.2.1 (2016-08-05)

  • register service with public access.
  • WMS services can be registered.

0.2.0 (2016-07-18)

  • updated to new buildout with seperated conda environment.
  • replaced nose by pytest.
  • updated installation docs.

0.1.7 (2016-06-09)


  • update of service failed (#17).

0.1.6 (2016-06-01)

  • updated docs.
  • renamed python package to pyramid_twitcher.
  • conda envionment.yml added.
  • using get_sane_name().
  • replaced httplib2 by requests.


  • don’t check token for allowed requests (#14).
  • ignore decoding errors of response content (#13).
  • fixed twitcher app config: wrong egg name.

0.1.5 (2016-04-22)

  • fixed docs links

0.1.4 (2016-04-19)

  • Fixed
  • Fixed service database index.
  • Updated makefile.
  • Added more links to appendix.

0.1.0 (2015-12-07)

Initial Release.

Project details

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Files for pyramid-twitcher, version 0.6.0
Filename, size File type Python version Upload date Hashes
Filename, size pyramid_twitcher-0.6.0.tar.gz (46.4 kB) File type Source Python version None Upload date Hashes View

Supported by

AWS AWS Cloud computing Datadog Datadog Monitoring Facebook / Instagram Facebook / Instagram PSF Sponsor Fastly Fastly CDN Google Google Object Storage and Download Analytics Huawei Huawei PSF Sponsor Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Salesforce Salesforce PSF Sponsor Sentry Sentry Error logging StatusPage StatusPage Status page