Skip to main content

API for managing stored OAuth credentials.

Project description

Python Library for storing OAuth credentials in many locations

What's this for?

By their very nature, OAuth credentials are valuable and dangerous, and have to be stored securely. As a result, the same tasks to store these tokens in a simple and secure fashion have to be written each time, or copied and pasted around - leading to potential issues as problems are found and not fixed in all places.

This library will store OAuth tokens in any of the following places:

  1. Secret Manager
  2. Firestore
  3. Google Cloud Storage files
  4. A local json file

Other storage locations can be added at will simply by forking this library and extending the appropriate abstract classes.

Initial Setup And Installation

Examples

Fetching a token from storage

from auth.credentials_helpers import encode_key
from auth.secret_manager import SecretManager

manager = SecretManager(project='<gcp project name>')
key = manager.get_document(encode_key('<token id>'))

Note the use of encode_key. This is because many of the storage systems supported do not allow special characters, and the most convenient identifier for most OAuth tokens is the email address of the user. encode_key is a base64 encoder - and no decoding is necessary.

The example given uses Secret Manager (part of Google Cloud). To use (say) GCS, the code would change like this:

from auth.credentials_helpers import encode_key
from auth.gcs_datastore import GCSDatastore

manager = GCSDatastore(project='<gcp project name>', bucket='<gcs bucket>')
key = manager.get_document(encode_key('<token id>'))

All that changes is where the datastore is!

Storing a token in Secret Manager

from auth.secret_manager import SecretManager
manager = SecretManager(project='<gcp project name>')

manager.update_document(id=encode_key('<token_id>'), new_data=<token string>)

This will implicitly create a secret if there was not one already, or simply update an existing secret with a new 'live' version of the secret.

Listing all the available secrets

from auth.secret_manager import SecretManager
manager = SecretManager(project='<gcp project name>')

manager.list_documents()

Removing a secret

from auth.secret_manager import SecretManager
manager = SecretManager(project='<gcp project name>')

manager.delete_document(id=encode_key('<token_id>'))

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

python_oauth_token_manager-0.5.0.tar.gz (17.6 kB view details)

Uploaded Source

Built Distribution

python_oauth_token_manager-0.5.0-py3-none-any.whl (29.1 kB view details)

Uploaded Python 3

File details

Details for the file python_oauth_token_manager-0.5.0.tar.gz.

File metadata

File hashes

Hashes for python_oauth_token_manager-0.5.0.tar.gz
Algorithm Hash digest
SHA256 57c68c0b949d191447d3d19a6218d3f7865a9346c86e1382339acdbe087a70dd
MD5 93c543bc7ea1c5ea6c5d7ebbceff1944
BLAKE2b-256 fb44b4bb79942f881b876efee1cfa1ca034914b3619e9546b21ebdb9dc2dcec6

See more details on using hashes here.

File details

Details for the file python_oauth_token_manager-0.5.0-py3-none-any.whl.

File metadata

File hashes

Hashes for python_oauth_token_manager-0.5.0-py3-none-any.whl
Algorithm Hash digest
SHA256 f75ee1c545aa0ef94a6bd8a6a735da229d425aa1d1feb369ede256990a0251f4
MD5 9a45e8a8967e7e5786a4f92378b86f72
BLAKE2b-256 ee994ffc5c6a668f239ce024859df78ce79273cf00db9618f237f400dde79287

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page