oauth2.client_authenticator
— Client authentication¶
Every client that sends a request to obtain an access token needs to authenticate with the provider.
The authentication of confidential clients can be handled in several ways, some of which come bundled with this module.
-
class
oauth2.client_authenticator.
ClientAuthenticator
(client_store, source)[source]¶ Handles authentication of a client both by its identifier as well as by its identifier and secret.
Parameters: - client_store (oauth2.store.ClientStore) – The Client Store to retrieve a client from.
- source (callable) – A callable that returns a tuple (<client_id>, <client_secret>)
-
by_identifier
(request)[source]¶ Authenticates a client by its identifier.
Parameters: request (oauth2.web.Request) – The incoming request
Returns: The identified client
Return type: Raises: class OAuthInvalidNoRedirectError:
-
by_identifier_secret
(request)[source]¶ Authenticates a client by its identifier and secret (aka password).
Parameters: request (oauth2.web.Request) – The incoming request Returns: The identified client Return type: oauth2.datatype.Client Raises: OAuthInvalidError – If the client could not be found, is not allowed to to use the current grant or supplied invalid credentials
-
oauth2.client_authenticator.
http_basic_auth
(request)[source]¶ Extracts the credentials of a client using HTTP Basic Auth.
Expects the
client_id
to be the username and theclient_secret
to be the password part of the Authorization header.Parameters: request (oauth2.web.Request) – The incoming request Returns: A tuple in the format of (<CLIENT ID>, <CLIENT SECRET>)` Return type: tuple
-
oauth2.client_authenticator.
request_body
(request)[source]¶ Extracts the credentials of a client from the application/x-www-form-urlencoded body of a request.
Expects the client_id to be the value of the
client_id
parameter and the client_secret to be the value of theclient_secret
parameter.Parameters: request (oauth2.web.Request) – The incoming request Returns: A tuple in the format of (<CLIENT ID>, <CLIENT SECRET>) Return type: tuple