Skip to content
/ sample-oauth2-py Public

Sample OAuth 2.0 Client, OAuth 2.0 Resource Server based on Python and Authlib

3 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

ddubson/sample-oauth2-py

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

11 Commits
.idea
.idea
 
 
client
client
 
 
resourceserver
resourceserver
 
 
.env.template
.env.template
 
 
.gitignore
.gitignore
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

Sample Python-based OAuth 2.0 Client and OAuth 2.0 Resource Server

Getting started

🎟 Pre-requisites

  • GNU Make

🔌 Initial startup:

# Ensure environment is created
make bootstrap

# Activate the environment
. venv/bin/activate

# Create a valid .env file
cp .env.template .env

Fill in the details of the .env file as per template.

OAuth 2.0 Client (Web - Django)

The sample OAuth 2.0 Client is built with Authlib Django library support

Starting the client

make client-serve
# Starts on port **8000**
open http://127.0.0.1:8000/client_app

🧑‍🍳 How it's made

🛒 On the OAuth 2.0 Client side

  • The client can be found in the client directory in the root of this repository
  • Django has the concept of sites and apps, so:
    • The site is located in client/client_site
    • The one and only app is located in client/client_app
  • 💎 Observe the global client configuration in authlib_registered_oauth2_clients in client/client_site/oauth2_clients.py
    • The client definitions are passed to Authlib via environment variable set in client/client_site/settings.py
  • 💎 Observe the OAuth client definition in client/client_app/oauth2.py
    • The OAuth clients defined are passed to client/client_app/views.py for use.
  • 💎 By default, the client is wired up with name messaging_client
  • ⭐️ Observe the available endpoints for the client application at client/client_app/urls.py

🔑 On the OAuth 2.0 Authorization Server side (bring your own):

  • Make sure to configure a client registration with name messaging_client that:
    • includes scopes openid and message.read
    • includes redirects like the following (change the host name as needed):
      • http://127.0.0.1:8000/client_app/authenticated (for OpenID authentication)
      • http://127.0.0.1:8000/client_app/auth-code-authorized (for Authorization Code grant type)
    • ⚠️ Make sure you don't confuse localhost and 127.0.0.1 loopback address. When in doubt, rely on 127.0.0.1 when setting up redirects and navigating in the browser.

Resources

OAuth 2.0 Resource Server (REST API - Flask 2.x)

The sample OAuth 2.0 Resource Server is built with Authlib Flask 2.0 library support

Operation

Starting the resource server

make resourceserver-serve
# Starts on port **8001**

To independently verify that your protected resources are fetchable given an access token, run:

jq command is required.

./resourceserver/scripts/test-access-token.sh <JSON_WEB_TOKEN_STRING>

client_id, client_secret, and token_introspection_endpoint variables must be set in .env file

Resources

About

Sample OAuth 2.0 Client, OAuth 2.0 Resource Server based on Python and Authlib

Topics

python3 oauth2-client authlib oauth2-resource-server

Resources

Readme
Activity

Stars

3 stars

Watchers

3 watching

Forks

0 forks
Report repository

Languages