Salesforce OAuth 2.0 / OAuth 2.1 / OIDC 1.0 identity provider implementations for Swarmauri
Project description
Swarmauri Auth IDP Salesforce
Salesforce OAuth 2.0 / OAuth 2.1 / OIDC 1.0 identity providers packaged for Swarmauri deployments.
Features
- PKCE-enabled Authorization Code flows that integrate with Salesforce authorization servers.
- JWT bearer app clients for Salesforce OAuth 2.0, OAuth 2.1, and OIDC 1.0 machine identities.
- Discovery-driven OAuth 2.1/OIDC login that verifies ID tokens against Salesforce JWKS.
- UserInfo and Identity URL fallbacks for normalized profile payloads.
- Retry-aware HTTP integration tuned for Salesforce REST endpoints.
- ComponentBase-compatible models registered under
swarmauri.auth_idpentry points.
Installation
pip
pip install swarmauri_auth_idp_salesforce
uv (project)
uv add swarmauri_auth_idp_salesforce
uv (environment)
uv pip install swarmauri_auth_idp_salesforce
Usage
Authorization Code logins
import asyncio
from pydantic import SecretBytes, SecretStr
from swarmauri_auth_idp_salesforce import SalesforceOAuth20Login
login = SalesforceOAuth20Login(
base_url="https://login.salesforce.com",
client_id="salesforce-client-id",
client_secret=SecretStr("salesforce-client-secret"),
redirect_uri="https://app.example.com/callback",
state_secret=SecretBytes(b"replace-with-random-bytes"),
)
# Optional discovery cache when running without network access.
login.discovery_cache = {
"authorization_endpoint": "https://login.salesforce.com/services/oauth2/authorize",
"token_endpoint": "https://login.salesforce.com/services/oauth2/token",
"userinfo_endpoint": "https://login.salesforce.com/services/oauth2/userinfo",
}
async def run_flow() -> None:
auth = await login.auth_url()
print(auth["url"])
# Redirect the browser to `auth["url"]`, then capture the callback `code` and `state`.
# Later, call `login.exchange_and_identity(code, state)` inside your callback handler.
asyncio.run(run_flow())
Workflow Summary
- Call
auth_url()and redirect the browser to the returned URL. - Persist the
stateand verify it during the callback handler. - Exchange the authorization code through
exchange_and_identity()to obtain tokens and profile metadata.
Server-to-server JWT bearer tokens
import asyncio
from pydantic import SecretStr
from swarmauri_auth_idp_salesforce import SalesforceOAuth20AppClient
client = SalesforceOAuth20AppClient(
token_endpoint="https://login.salesforce.com/services/oauth2/token",
client_id="connected-app-id",
user="integration.user@example.com",
private_key_pem=SecretStr("-----BEGIN PRIVATE KEY-----\n...\n-----END PRIVATE KEY-----"),
)
async def fetch_token() -> None:
access_token = await client.access_token()
print(access_token)
asyncio.run(fetch_token())
Use SalesforceOAuth21AppClient when your integration manages keys as JWKs, or
SalesforceOIDC10AppClient to discover tenant-specific endpoints before
requesting JWT bearer tokens.
Entry Points
swarmauri.auth_idp:SalesforceOAuth20AppClientswarmauri.auth_idp:SalesforceOAuth20Loginswarmauri.auth_idp:SalesforceOAuth21AppClientswarmauri.auth_idp:SalesforceOAuth21Loginswarmauri.auth_idp:SalesforceOIDC10AppClientswarmauri.auth_idp:SalesforceOIDC10Login
Contributing
To contribute to swarmauri-sdk, review the guidelines for contributing which cover development workflow, testing, and coding standards.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file swarmauri_auth_idp_salesforce-0.11.0.dev2.tar.gz.
File metadata
- Download URL: swarmauri_auth_idp_salesforce-0.11.0.dev2.tar.gz
- Upload date:
- Size: 13.1 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: uv/0.11.26 {"installer":{"name":"uv","version":"0.11.26","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
31d10f2d14f99d72d143feddb61f3fe43a1c651ec682c4d5d61b2939bbc9346f
|
|
| MD5 |
b34cc5c0142d6e310f50bed514766117
|
|
| BLAKE2b-256 |
6dc6dfbce239cb4f7d692ba06b2057445fdc02808fd2a11e8b22658eb905a321
|
File details
Details for the file swarmauri_auth_idp_salesforce-0.11.0.dev2-py3-none-any.whl.
File metadata
- Download URL: swarmauri_auth_idp_salesforce-0.11.0.dev2-py3-none-any.whl
- Upload date:
- Size: 17.8 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: uv/0.11.26 {"installer":{"name":"uv","version":"0.11.26","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
ae9ac0af7639af51699fb0fbcacdde158b9fdca89aeda75369bf22a6dbd6a732
|
|
| MD5 |
02b0639a27f864eac86d3b98bfe127e7
|
|
| BLAKE2b-256 |
169fcd224d5fa4fd9f2a92c2118b7d8526ac466a26df227c11a6ef58fd8ee8ef
|