How to use the oauthlib.oauth2 function in oauthlib

To help you get started, we’ve selected a few oauthlib examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github MD-Studio / MDStudio / core / auth / auth / application.py View on Github external
def pre_init(self):
        self.oauth_client = oauth2.BackendApplicationClient('auth')
        self.component_waiters.append(CoreComponentSession.ComponentWaiter(self, 'db', self.group_context('mdstudio')))
        self.component_waiters.append(CoreComponentSession.ComponentWaiter(self, 'schema', self.group_context('mdstudio')))
        self.status_list = {'auth': True}
        super(AuthComponent, self).pre_init()
github MD-Studio / MDStudio / core / auth / auth / application.py View on Github external
def on_init(self):
        self.db_initialized = False
        self.authorizer = Authorizer()
        self.oauth_backend_server = oauth2.BackendApplicationServer(OAuthRequestValidator(self))
        self.user_repository = UserRepository(self.db)
github pinterest / teletraan / deploy-board / deploy_board / webapp / auth.py View on Github external
def get_client(self, token=None):
        if token and isinstance(token, (tuple, list)):
            token = {'access_token': token[0]}
        client = oauthlib.oauth2.WebApplicationClient(
            self.key, token=token)
        return client
github tilgovi / pyramid-oauthlib / pyramid_oauthlib / __init__.py View on Github external
'client_id',
    'client_secret',
    'code',
    'grant_type',
    'password',
    'refresh_token',
    'response_type',
    'redirect_uri',
    'scope',
    'state',
    'username',
)


class Server(
        oauth2.AuthorizationEndpoint,
        oauth2.ResourceEndpoint,
        oauth2.RevocationEndpoint,
        oauth2.TokenEndpoint,
        base.BaseEndpoint,
):
    def __init__(self):
        base.BaseEndpoint.__init__(self)

        # For grants and responses these are string keys.
        self._default_grant_type = ''
        self._default_response_type = ''
        self._default_token = ''

        self._grant_types = {}
        self._response_types = {}
        self._tokens = {}
github jupyterhub / jupyterhub / jupyterhub / apihandlers / auth.py View on Github external
def _complete_login(self, uri, headers, scopes, credentials):
        try:
            headers, body, status = self.oauth_provider.create_authorization_response(
                uri, 'POST', '', headers, scopes, credentials
            )

        except oauth2.FatalClientError as e:
            # TODO: human error page
            raise
        self.send_oauth_response(headers, body, status)
github Aalto-LeTech / a-plus / oauth_provider / store / db.py View on Github external
def create_access_token(self, request, oauth_request, consumer, request_token):
        try:
            scope = oauth_request.get_parameter('scope')
        except oauth.Error:
            scope = 'all'
        try:
            resource = Resource.objects.get(name=scope)
        except Resource.DoesNotExist:
            raise oauth.Error('Resource %s does not exist.' % oauth.escape(scope))

        access_token = Token.objects.create_token(
            token_type=Token.ACCESS,
            timestamp=oauth_request['oauth_timestamp'],
            consumer=Consumer.objects.get(key=consumer.key),
            user=request_token.user,
            resource=resource,
        )
        request_token.delete()
        return access_token
github jazzband / django-oauth-toolkit / oauth2_provider / oauth2_backends.py View on Github external
def validate_authorization_request(self, request):
        """
        A wrapper method that calls validate_authorization_request on `server_class` instance.

        :param request: The current django.http.HttpRequest object
        """
        try:
            uri, http_method, body, headers = self._extract_params(request)
            scopes, credentials = self.server.validate_authorization_request(
                uri, http_method=http_method, body=body, headers=headers)

            return scopes, credentials
        except oauth2.FatalClientError as error:
            raise FatalClientError(error=error)
        except oauth2.OAuth2Error as error:
            raise OAuthToolkitError(error=error)
github codalab / codalab-worksheets / codalab / server / oauth2_provider.py View on Github external
scopes, credentials = ret
                    kwargs['scopes'] = scopes
                    kwargs.update(credentials)
                except oauth2.FatalClientError as e:
                    log.debug('Fatal client error %r', e)
                    return redirect(e.in_uri(self.error_uri))
                except oauth2.OAuth2Error as e:
                    log.debug('OAuth2Error: %r', e)
                    return redirect(e.in_uri(redirect_uri))

            else:
                redirect_uri = request.params.get('redirect_uri', self.error_uri)

            try:
                rv = f(*args, **kwargs)
            except oauth2.FatalClientError as e:
                log.debug('Fatal client error %r', e)
                return redirect(e.in_uri(self.error_uri))
            except oauth2.OAuth2Error as e:
                log.debug('OAuth2Error: %r', e)
                return redirect(e.in_uri(redirect_uri))

            if not isinstance(rv, bool):
                # if is a response or redirect
                return rv

            if not rv:
                # denied by user
                e = oauth2.AccessDeniedError()
                return redirect(e.in_uri(redirect_uri))

            return self.confirm_authorization_request()
github lepture / flask-oauthlib / flask_oauthlib / provider / oauth2.py View on Github external
state=request.values.get('state', None)
        )
        log.debug('Fetched credentials from request %r.', credentials)
        redirect_uri = credentials.get('redirect_uri')
        log.debug('Found redirect_uri %s.', redirect_uri)

        uri, http_method, body, headers = extract_params()
        try:
            ret = server.create_authorization_response(
                uri, http_method, body, headers, scopes, credentials)
            log.debug('Authorization successful.')
            return create_response(*ret)
        except oauth2.FatalClientError as e:
            log.debug('Fatal client error %r', e, exc_info=True)
            return redirect(e.in_uri(self.error_uri))
        except oauth2.OAuth2Error as e:
            log.debug('OAuth2Error: %r', e, exc_info=True)
            # on auth error, we should preserve state if it's present according to RFC 6749
            state = request.values.get('state')
            if state and not e.state:
                e.state = state  # set e.state so e.in_uri() can add the state query parameter to redirect uri
            return redirect(e.in_uri(redirect_uri or self.error_uri))
        except Exception as e:
            log.exception(e)
            return redirect(add_params_to_uri(
                self.error_uri, {'error': str(e)}
            ))
github Aalto-LeTech / a-plus / oauth_provider / views.py View on Github external
from django.conf import settings
from django.contrib.auth.decorators import login_required
from django.http import HttpResponse, HttpResponseBadRequest, HttpResponseRedirect
from django.views.decorators.csrf import csrf_exempt
from django.utils.translation import ugettext as _
from django.core.urlresolvers import get_callable

from .decorators import oauth_required
from .forms import AuthorizeRequestTokenForm
from .store import store, InvalidConsumerError, InvalidTokenError
from .utils import verify_oauth_request, get_oauth_request, require_params, send_oauth_error
from .consts import OUT_OF_BAND

OAUTH_AUTHORIZE_VIEW = 'OAUTH_AUTHORIZE_VIEW'
OAUTH_CALLBACK_VIEW = 'OAUTH_CALLBACK_VIEW'
INVALID_PARAMS_RESPONSE = send_oauth_error( oauth.OAuth2Error( _('Invalid request parameters.') ) )

@csrf_exempt
def request_token(request):
    oauth_request = get_oauth_request(request)
    if oauth_request is None:
        return INVALID_PARAMS_RESPONSE

    missing_params = require_params(oauth_request, ('oauth_callback',))
    if missing_params is not None:
        return missing_params

    try:
        consumer = store.get_consumer(request, oauth_request, oauth_request['oauth_consumer_key'])
    except InvalidConsumerError:
        return HttpResponseBadRequest('Invalid Consumer.')