How to use the oauthlib.oauth2 function in oauthlib
To help you get started, we’ve selected a few oauthlib examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
MD-Studio / MDStudio / core / auth / auth / application.py View on Github 
def pre_init(self):
self.oauth_client = oauth2.BackendApplicationClient('auth')
self.component_waiters.append(CoreComponentSession.ComponentWaiter(self, 'db', self.group_context('mdstudio')))
self.component_waiters.append(CoreComponentSession.ComponentWaiter(self, 'schema', self.group_context('mdstudio')))
self.status_list = {'auth': True}
super(AuthComponent, self).pre_init()def on_init(self):
self.db_initialized = False
self.authorizer = Authorizer()
self.oauth_backend_server = oauth2.BackendApplicationServer(OAuthRequestValidator(self))
self.user_repository = UserRepository(self.db)def get_client(self, token=None):
if token and isinstance(token, (tuple, list)):
token = {'access_token': token[0]}
client = oauthlib.oauth2.WebApplicationClient(
self.key, token=token)
return client'client_id',
'client_secret',
'code',
'grant_type',
'password',
'refresh_token',
'response_type',
'redirect_uri',
'scope',
'state',
'username',
)
class Server(
oauth2.AuthorizationEndpoint,
oauth2.ResourceEndpoint,
oauth2.RevocationEndpoint,
oauth2.TokenEndpoint,
base.BaseEndpoint,
):
def __init__(self):
base.BaseEndpoint.__init__(self)
# For grants and responses these are string keys.
self._default_grant_type = ''
self._default_response_type = ''
self._default_token = ''
self._grant_types = {}
self._response_types = {}
self._tokens = {}def _complete_login(self, uri, headers, scopes, credentials):
try:
headers, body, status = self.oauth_provider.create_authorization_response(
uri, 'POST', '', headers, scopes, credentials
)
except oauth2.FatalClientError as e:
# TODO: human error page
raise
self.send_oauth_response(headers, body, status)def create_access_token(self, request, oauth_request, consumer, request_token):
try:
scope = oauth_request.get_parameter('scope')
except oauth.Error:
scope = 'all'
try:
resource = Resource.objects.get(name=scope)
except Resource.DoesNotExist:
raise oauth.Error('Resource %s does not exist.' % oauth.escape(scope))
access_token = Token.objects.create_token(
token_type=Token.ACCESS,
timestamp=oauth_request['oauth_timestamp'],
consumer=Consumer.objects.get(key=consumer.key),
user=request_token.user,
resource=resource,
)
request_token.delete()
return access_tokendef validate_authorization_request(self, request):
"""
A wrapper method that calls validate_authorization_request on `server_class` instance.
:param request: The current django.http.HttpRequest object
"""
try:
uri, http_method, body, headers = self._extract_params(request)
scopes, credentials = self.server.validate_authorization_request(
uri, http_method=http_method, body=body, headers=headers)
return scopes, credentials
except oauth2.FatalClientError as error:
raise FatalClientError(error=error)
except oauth2.OAuth2Error as error:
raise OAuthToolkitError(error=error)scopes, credentials = ret
kwargs['scopes'] = scopes
kwargs.update(credentials)
except oauth2.FatalClientError as e:
log.debug('Fatal client error %r', e)
return redirect(e.in_uri(self.error_uri))
except oauth2.OAuth2Error as e:
log.debug('OAuth2Error: %r', e)
return redirect(e.in_uri(redirect_uri))
else:
redirect_uri = request.params.get('redirect_uri', self.error_uri)
try:
rv = f(*args, **kwargs)
except oauth2.FatalClientError as e:
log.debug('Fatal client error %r', e)
return redirect(e.in_uri(self.error_uri))
except oauth2.OAuth2Error as e:
log.debug('OAuth2Error: %r', e)
return redirect(e.in_uri(redirect_uri))
if not isinstance(rv, bool):
# if is a response or redirect
return rv
if not rv:
# denied by user
e = oauth2.AccessDeniedError()
return redirect(e.in_uri(redirect_uri))
return self.confirm_authorization_request()state=request.values.get('state', None)
)
log.debug('Fetched credentials from request %r.', credentials)
redirect_uri = credentials.get('redirect_uri')
log.debug('Found redirect_uri %s.', redirect_uri)
uri, http_method, body, headers = extract_params()
try:
ret = server.create_authorization_response(
uri, http_method, body, headers, scopes, credentials)
log.debug('Authorization successful.')
return create_response(*ret)
except oauth2.FatalClientError as e:
log.debug('Fatal client error %r', e, exc_info=True)
return redirect(e.in_uri(self.error_uri))
except oauth2.OAuth2Error as e:
log.debug('OAuth2Error: %r', e, exc_info=True)
# on auth error, we should preserve state if it's present according to RFC 6749
state = request.values.get('state')
if state and not e.state:
e.state = state # set e.state so e.in_uri() can add the state query parameter to redirect uri
return redirect(e.in_uri(redirect_uri or self.error_uri))
except Exception as e:
log.exception(e)
return redirect(add_params_to_uri(
self.error_uri, {'error': str(e)}
))from django.conf import settings
from django.contrib.auth.decorators import login_required
from django.http import HttpResponse, HttpResponseBadRequest, HttpResponseRedirect
from django.views.decorators.csrf import csrf_exempt
from django.utils.translation import ugettext as _
from django.core.urlresolvers import get_callable
from .decorators import oauth_required
from .forms import AuthorizeRequestTokenForm
from .store import store, InvalidConsumerError, InvalidTokenError
from .utils import verify_oauth_request, get_oauth_request, require_params, send_oauth_error
from .consts import OUT_OF_BAND
OAUTH_AUTHORIZE_VIEW = 'OAUTH_AUTHORIZE_VIEW'
OAUTH_CALLBACK_VIEW = 'OAUTH_CALLBACK_VIEW'
INVALID_PARAMS_RESPONSE = send_oauth_error( oauth.OAuth2Error( _('Invalid request parameters.') ) )
@csrf_exempt
def request_token(request):
oauth_request = get_oauth_request(request)
if oauth_request is None:
return INVALID_PARAMS_RESPONSE
missing_params = require_params(oauth_request, ('oauth_callback',))
if missing_params is not None:
return missing_params
try:
consumer = store.get_consumer(request, oauth_request, oauth_request['oauth_consumer_key'])
except InvalidConsumerError:
return HttpResponseBadRequest('Invalid Consumer.')oauthlib
A generic, spec-compliant, thorough implementation of the OAuth request-signing logic
Package Health Score
93 / 100Popular oauthlib functions
- oauthlib.common
- oauthlib.common.add_params_to_uri
- oauthlib.common.generate_token
- oauthlib.common.Request
- oauthlib.common.to_unicode
- oauthlib.common.unicode_type
- oauthlib.common.urldecode
- oauthlib.common.urlencode
- oauthlib.oauth1
- oauthlib.oauth1.Client
- oauthlib.oauth1.rfc5849.Client
- oauthlib.oauth1.rfc5849.utils.escape
- oauthlib.oauth2
- oauthlib.oauth2.BackendApplicationClient
- oauthlib.oauth2.rfc6749.errors
- oauthlib.oauth2.rfc6749.errors.InvalidRequestError
- oauthlib.oauth2.rfc6749.errors.OAuth2Error
- oauthlib.oauth2.rfc6749.tokens.BearerToken
- oauthlib.oauth2.rfc6749.utils.is_secure_transport
- oauthlib.oauth2.WebApplicationClient