Skip to main content

API for managing stored OAuth credentials.

Project description

Python Library for storing OAuth credentials in many locations

What's this for?

By their very nature, OAuth credentials are valuable and dangerous, and have to be stored securely. As a result, the same tasks to store these tokens in a simple and secure fashion have to be written each time, or copied and pasted around - leading to potential issues as problems are found and not fixed in all places.

This library will store OAuth tokens in any of the following places:

  1. Secret Manager
  2. Firestore
  3. Google Cloud Storage files
  4. A local json file

Other storage locations can be added at will simply by forking this library and extending the appropriate abstract classes.

Samples

Fetching a token from storage

from auth.credentials_helpers import encode_key
from auth.secret_manager import SecretManager

manager = SecretManager(project='<gcp project name>')
key = manager.get_document(encode_key('<token id>'))

Note the use of encode_key. This is because many of the storage systems supported do not allow special characters, and the most convenient identifier for most OAuth tokens is the email address of the user. encode_key is a base64 encoder - and no decoding is necessary.

The example given uses Secret Manager (part of Google Cloud). To use (say) GCS, the code would change like this:

from auth.credentials_helpers import encode_key
from auth.gcs_datastore import GCSDatastore

manager = GCSDatastore(project='<gcp project name>', bucket='<gcs bucket>')
key = manager.get_document(encode_key('<token id>'))

All that changes is where the datastore is!

Storing a token in Secret Manager

from auth.secret_manager import SecretManager
manager = SecretManager(project='<gcp project name>')

manager.update_document(id=encode_key('<token_id>'), new_data=<token string>)

This will implicitly create a secret if there was not one already, or simply update an existing secret with a new 'live' version of the secret.

Listing all the available secrets

from auth.secret_manager import SecretManager
manager = SecretManager(project='<gcp project name>')

manager.list_documents()

Removing a secret

from auth.secret_manager import SecretManager
manager = SecretManager(project='<gcp project name>')

manager.delete_document(id=encode_key('<token_id>'))

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

python-oauth-token-manager-0.2.2.tar.gz (16.0 kB view details)

Uploaded Source

File details

Details for the file python-oauth-token-manager-0.2.2.tar.gz.

File metadata

File hashes

Hashes for python-oauth-token-manager-0.2.2.tar.gz
Algorithm Hash digest
SHA256 ea879ce263d2e641adf1e901940b640f81e3c6b30e7e64297e76544e91283c8d
MD5 db65e4c6642f296256b2b6ecf3b33d0d
BLAKE2b-256 8d0f2d65bcf96244d6a02a8f433493f5e58656ae1a5528ee52fe8fad265234ab

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page