An OAuth 2.x client library for Python, with requests integration.
Project description
A Python OAuth 2.0 client, able to make backend requests to any OAuth2.x/OIDC compliant Authorization Server Token Endpoint.
It comes with a requests add-on to handle OAuth 2.0 Bearer based authorization. It can also act as an OAuth 2.0/2.1 client, to automatically get and renew access tokens, based on the Client Credentials or Authorization Code (+ Refresh token) grants.
Use it like this:
If you already managed to obtain an access token, you can simply use the BearerAuth authorization:
token = "an_access_token"
resp = requests.get("https://my.protected.api/endpoint", auth=BearerAuth(token))
To obtain tokens, you can do it the “manual” way, great for testing:
token_endpoint = "https://my.as/token"
client = OAuth2Client(token_endpoint, ClientSecretPost("client_id", "client_secret"))
token = client.client_credentials(scope="myscope") # you may pass additional kw params such as resource, audience, or whatever your AS needs
Or the “automated” way, for actual applications, with a custom requests Authentication Handler that will automatically fetch an access token before accessing the API, and will obtain a new one once it is expired:
token_endpoint = "https://my.as/token"
client = OAuth2Client(token_endpoint, ClientSecretPost("client_id", "client_secret"))
auth = OAuth2ClientCredentialsAuth(client, audience=audience) # you may additional kw params such as scope, resource, audience or whatever param the AS use to grant you access
response = requests.get("https://my.protected.api/endpoint", auth=auth)
If you want to use the authorization code grant, you must first manage to obtain an authorization code, then exchange that code for an initial access token:
auth_request = AuthorizationRequest(
authorization_endpoint,
client_id,
redirect_uri=redirect_uri,
scope=scope,
audience=audience,
) # add any other param that needs to be sent to your AS
print(auth_request) # redirect the user to that URL to get a code
# once the user is successfully authenticated and authorized, the AS will respond with a redirection to the redirect_uri
# the code is one of those parameters, but you must also validate the state
params = input("Please enter the path and/or params obtained on the redirect_uri: ")
code = auth_request.validate_callback(params)
# initialize a OAuth2Client, same way as before
client = OAuth2Client(token_endpoint, auth=ClientSecretPost(client_id, client_secret))
Once again you can have the “manual” way:
token = client.authorization_code(code=code, redirect_uri=redirect_uri) # add any other params as needed
resp = requests.post("https://your.protected.api/endpoint", auth=BearerAuthorization(token))
Or the “automated” way:
auth = OAuth2AuthorizationCodeAuth(client, code, redirect_uri=redirect_uri) # add any other params as needed
resp = requests.post("https://your.protected.api/endpoint", auth=auth)
# OAuth20AuthorizationCode will take care of refreshing the token automatically once it is expired,
# using the refresh token, if available
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Hashes for requests_oauth2client-0.12.1.tar.gz
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | c18e710fe7382a69939fcc02f8c6166a3197a44c52b767bf9daae82ed9609854 |
|
| MD5 | 4e74da11ca65777662caa90ef03c723d |
|
| BLAKE2b-256 | af0e4d7d83575afcde2adaf0ff9367a4855a68a3f4cdce6c1dead83f60bfc51f |
