`oauth2.web` — Interaction over HTTP¶

Site adapters¶

class oauth2.web.UserFacingSiteAdapter[source]¶

Extended by site adapters that need to interact with the user.

Display HTML or redirect the user agent to another page of your website where she can do something before being returned to the OAuth 2.0 server.

render_auth_page(request, response, environ, scopes, client)[source]¶

Defines how to display a confirmation page to the user.

Parameters:	request (oauth2.web.Request) – Incoming request data. response (oauth2.web.Response) – Response to return to a client. environ (dict) – Environment variables of the request. scopes (list) – A list of strings with each string being one requested scope. client (oauth2.datatype.Client) – The client that initiated the authorization process
Returns:	The response passed in as a parameter. It can contain HTML or issue a redirect.
Return type:	oauth2.web.Response

user_has_denied_access(request)[source]¶

Checks if the user has denied access. This will lead to oauth2-stateless returning a “acess_denied” response to the requesting client app.

Parameters:	request (oauth2.web.Request) – Incoming request data.
Returns:	Return `True` if the user has denied access.
Return type:	bool

class oauth2.web.AuthenticatingSiteAdapter[source]¶

Extended by site adapters that need to authenticate the user.

authenticate(request, environ, scopes, client)[source]¶

Authenticates a user and checks if she has authorized access.

Parameters:	request (oauth2.web.Request) – Incoming request data. environ (dict) – Environment variables of the request. scopes (list) – A list of strings with each string being one requested scope. client (oauth2.datatype.Client) – The client that initiated the authorization process
Returns:	A `dict` containing arbitrary data that will be passed to the current storage adapter and saved with auth code and access token. Return a tuple in the form (additional_data, user_id) if you want to use Unique Access Tokens.
Return type:	dict
Raises:	oauth2.error.UserNotAuthenticated – If the user could not be authenticated.

class oauth2.web.AuthorizationCodeGrantSiteAdapter[source]¶

Bases: oauth2.web.UserFacingSiteAdapter, oauth2.web.AuthenticatingSiteAdapter

Definition of a site adapter as required by oauth2.grant.AuthorizationCodeGrant.

authenticate(request, environ, scopes, client)¶

Authenticates a user and checks if she has authorized access.

Parameters:	request (oauth2.web.Request) – Incoming request data. environ (dict) – Environment variables of the request. scopes (list) – A list of strings with each string being one requested scope. client (oauth2.datatype.Client) – The client that initiated the authorization process
Returns:	A `dict` containing arbitrary data that will be passed to the current storage adapter and saved with auth code and access token. Return a tuple in the form (additional_data, user_id) if you want to use Unique Access Tokens.
Return type:	dict
Raises:	oauth2.error.UserNotAuthenticated – If the user could not be authenticated.

render_auth_page(request, response, environ, scopes, client)¶

Defines how to display a confirmation page to the user.

Parameters:	request (oauth2.web.Request) – Incoming request data. response (oauth2.web.Response) – Response to return to a client. environ (dict) – Environment variables of the request. scopes (list) – A list of strings with each string being one requested scope. client (oauth2.datatype.Client) – The client that initiated the authorization process
Returns:	The response passed in as a parameter. It can contain HTML or issue a redirect.
Return type:	oauth2.web.Response

user_has_denied_access(request)¶

Checks if the user has denied access. This will lead to oauth2-stateless returning a “acess_denied” response to the requesting client app.

Parameters:	request (oauth2.web.Request) – Incoming request data.
Returns:	Return `True` if the user has denied access.
Return type:	bool

class oauth2.web.ImplicitGrantSiteAdapter[source]¶

Bases: oauth2.web.UserFacingSiteAdapter, oauth2.web.AuthenticatingSiteAdapter

Definition of a site adapter as required by oauth2.grant.ImplicitGrant.

authenticate(request, environ, scopes, client)¶

Authenticates a user and checks if she has authorized access.

Parameters:	request (oauth2.web.Request) – Incoming request data. environ (dict) – Environment variables of the request. scopes (list) – A list of strings with each string being one requested scope. client (oauth2.datatype.Client) – The client that initiated the authorization process
Returns:	A `dict` containing arbitrary data that will be passed to the current storage adapter and saved with auth code and access token. Return a tuple in the form (additional_data, user_id) if you want to use Unique Access Tokens.
Return type:	dict
Raises:	oauth2.error.UserNotAuthenticated – If the user could not be authenticated.

render_auth_page(request, response, environ, scopes, client)¶

Defines how to display a confirmation page to the user.

Parameters:	request (oauth2.web.Request) – Incoming request data. response (oauth2.web.Response) – Response to return to a client. environ (dict) – Environment variables of the request. scopes (list) – A list of strings with each string being one requested scope. client (oauth2.datatype.Client) – The client that initiated the authorization process
Returns:	The response passed in as a parameter. It can contain HTML or issue a redirect.
Return type:	oauth2.web.Response

user_has_denied_access(request)¶

Checks if the user has denied access. This will lead to oauth2-stateless returning a “acess_denied” response to the requesting client app.

Parameters:	request (oauth2.web.Request) – Incoming request data.
Returns:	Return `True` if the user has denied access.
Return type:	bool

class oauth2.web.ResourceOwnerGrantSiteAdapter[source]¶

Bases: oauth2.web.AuthenticatingSiteAdapter

Definition of a site adapter as required by oauth2.grant.ResourceOwnerGrant.

authenticate(request, environ, scopes, client)¶

Authenticates a user and checks if she has authorized access.

Parameters:	request (oauth2.web.Request) – Incoming request data. environ (dict) – Environment variables of the request. scopes (list) – A list of strings with each string being one requested scope. client (oauth2.datatype.Client) – The client that initiated the authorization process
Returns:	A `dict` containing arbitrary data that will be passed to the current storage adapter and saved with auth code and access token. Return a tuple in the form (additional_data, user_id) if you want to use Unique Access Tokens.
Return type:	dict
Raises:	oauth2.error.UserNotAuthenticated – If the user could not be authenticated.

HTTP flow¶

class oauth2.web.Request[source]¶

Base class defining the interface of a request.

get_param(name, default=None)[source]¶: Retrieve a parameter from the query string of the request.

header(name, default=None)[source]¶: Retrieve a header of the request.

method¶: Returns the HTTP method of the request.

path¶: Returns the current path portion of the current uri. Used by some grants to determine which action to take.

post_param(name, default=None)[source]¶: Retrieve a parameter from the body of the request.

class oauth2.web.Response[source]¶

Contains data returned to the requesting user agent.

add_header(header, value)[source]¶: Add a header to the response.

oauth2.web — Interaction over HTTP¶

Site adapters¶

HTTP flow¶

`oauth2.web` — Interaction over HTTP¶