An OAuth 2.0 client library for Python, with requests integration.
Project description
A Python OAuth 2.0 client, able to make backend requests to any OAuth2.0/OIDC compliant Authorization Server Token Endpoint.
It comes with a requests add-on to handle OAuth 2.0 Bearer based authorization. It can also act as an OAuth 2.0 client, to automatically get and renew access tokens, based on the Client Credentials and Authorization Code (+ Refresh token) grants.
Use it like this:
If you already managed to obtain an access token, you can simply use the BearerAuth authorization:
token = "an_access_token"
resp = requests.get("https://my.protected.api/endpoint", auth=BearerAuth(token))
If you want requests to fetch an access token automatically with OAuth2.0 Client Credentials grant, using a client_id and client_secret against a given Token Endpoint:
client = OAuth2Client(token_endpoint, ClientSecretPost("client_id", "client_secret"))
auth = OAuth2ClientCredentialsAuth(client, audience=audience) # pass scope, resource, audience or whatever param the AS use to grant you access
response = requests.get("https://my.protected.api/endpoint", auth=auth)
If you want to use the authorization code grant, you must first manage to obtain an authorization code, then exchange that code for an initial access token:
authorization_handler = AuthorizationCodeHandler(
authorization_endpoint,
client_id,
redirect_uri=redirect_uri,
scope=scope,
audience=audience,
)
print(authorization_request.request) # redirect the user to that URL to get a code
# once the user is successfully authenticated and authorized, the AS will respond with a redirection to the redirect_uri
# the code is one of those parameters, but you must also validate the state
params = input("Please enter the path and/or params obtained on the redirect_uri: ")
code = authorization_handler.validate_callback(params)
# initialize a OAuth2Client, same way as before
client = OAuth2Client(token_endpoint, ClientSecretPost(client_id, client_secret))
# once you have the code, you can exchange it manually for a token:
token = client.authorization_code(code=code, redirect_uri=redirect_uri)
resp = requests.post("https://your.protected.api/endpoint", auth=BearerAuthorization(token))
# or you can use the OAuth2AuthorizationCodeAuth auth scheme:
auth = OAuth2AuthorizationCodeAuth(client, code)
resp = requests.post("https://your.protected.api/endpoint", auth=auth)
# OAuth20AuthorizationCode will take care of refreshing the token automatically once it is expired,
# using the refresh token, if available
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
File details
Details for the file requests_oauth2client-0.5.0.tar.gz.
File metadata
- Download URL: requests_oauth2client-0.5.0.tar.gz
- Upload date:
- Size: 12.6 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.2.0 pkginfo/1.5.0.1 requests/2.24.0 setuptools/47.1.1 requests-toolbelt/0.9.1 tqdm/4.47.0 CPython/3.8.2
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
f89ac62d9a3ce7b46840b92442538818832887057c7b067b61a8b7881001a858
|
|
| MD5 |
49947db059a005c1d6034ba11bede2dd
|
|
| BLAKE2b-256 |
db47a7384fcfee4a36dc8ea775fff699798fd43d36d568a25ab0ebfb081ad1fa
|
