oauth2.store
— Storing and retrieving data¶
Store adapters to persist and retrieve data during the OAuth 2.0 process or for later use. This module provides base classes that can be extended to implement your own solution specific to your needs. It also includes implementations for popular storage systems like memcache.
Data Types¶
-
class
oauth2.datatype.
AccessToken
(client_id, grant_type, token, data={}, expires_at=None, refresh_token=None, refresh_expires_at=None, scopes=[], user_id=None)[source]¶ An access token and associated data.
Base Classes¶
-
class
oauth2.store.
AccessTokenStore
[source]¶ Base class for persisting an access token after it has been generated. Used by two-legged and three-legged authentication flows.
-
delete_refresh_token
(refresh_token)[source]¶ Deletes an access token from the store using its refresh token to identify it. This invalidates both the access token and the refresh token.
Parameters: refresh_token – A string containing the refresh token. Returns: None. Raises: oauth2.error.AccessTokenNotFound
if no data could be retrieved for given refresh_token.
-
fetch_by_refresh_token
(refresh_token)[source]¶ Fetches an access token from the store using its refresh token to identify it.
Parameters: refresh_token – A string containing the refresh token. Returns: An instance of oauth2.datatype.AccessToken
.Raises: oauth2.error.AccessTokenNotFound
if no data could be retrieved for given refresh_token.
-
fetch_existing_token_of_user
(client_id, grant_type, user_id)[source]¶ Fetches an access token identified by its client id, type of grant and user id. This method must be implemented to make use of unique access tokens.
Parameters: - client_id – Identifier of the client a token belongs to.
- grant_type – The type of the grant that created the token
- user_id – Identifier of the user a token belongs to.
Returns: An instance of
oauth2.datatype.AccessToken
.Raises: oauth2.error.AccessTokenNotFound
if no data could be retrieved.
-
save_token
(access_token)[source]¶ Stores an access token and additional data.
Parameters: access_token – An instance of oauth2.datatype.AccessToken
.
-
-
class
oauth2.store.
AuthCodeStore
[source]¶ Base class for persisting and retrieving an auth token during the Authorization Code Grant flow.
-
delete_code
(code)[source]¶ Deletes an authorization code after it’s use per section 4.1.2.
http://tools.ietf.org/html/rfc6749#section-4.1.2
Parameters: code – The authorization code.
-
fetch_by_code
(code)[source]¶ Returns an AuthorizationCode fetched from a storage.
Parameters: code – The authorization code. Returns: An instance of oauth2.datatype.AuthorizationCode
.Raises: oauth2.error.AuthCodeNotFound
if no data could be retrieved for given code.
-
save_code
(authorization_code)[source]¶ Stores the data belonging to an authorization code token.
Parameters: authorization_code – An instance of oauth2.datatype.AuthorizationCode
.
-
-
class
oauth2.store.
ClientStore
[source]¶ Base class for handling OAuth2 clients.
-
fetch_by_client_id
(client_id)[source]¶ Retrieve a client by its identifier.
Parameters: client_id – Identifier of a client app. Returns: An instance of oauth2.datatype.Client
.Raises: oauth2.error.ClientNotFoundError
if no data could be retrieved for given client_id.
-
Implementations¶
oauth2.store.memcache
— Memcache store adaptersoauth2.store.memory
— In-memory store adaptersoauth2.store.mongodb
— Mongodb store adaptersoauth2.store.redisdb
— Redis store adaptersoauth2.store.dynamodb
— Dynamodb store adaptersoauth2.store.dbapi
— PEP249 compatible storesoauth2.store.dbapi.mysql
— Mysql store adapters