Because timedelta.seconds does take into account the days attribute of timedelta.
>>> from datetime import timedelta
>>> t = timedelta(days=365)
>>> t.seconds
0
>>> t.total_seconds()
30758400.0
Your project is so nicely implemented and clearly commented, I thought it deserves an improved documentation.
Besides, other great projects like django-rest-framework are willing to use yours as a dependency for the OAuth 2 support, but to achieve that it really needs a fresh-and-stylish documentation :)
I've made the changes necessary to remove all documentation build warnings. And now the doc will be able to have this beautiful new design. This is a just temporary (and protected) doc to show you how I've changed it.
According to[0]:
Like browser-based apps, mobile apps also cannot maintain the confidentiality of their client secret. Because of this, mobile apps must also use an OAuth flow that does not require a client secret.
Based on this, shouldn't client_id be enough to get the access token to get access token? Since client_secret could be used for something not directly related to token.
[0] http://aaronparecki.com/articles/2012/07/29/1/oauth2-simplified
enhancement compatibilityThis is adds support for Django 1.6. Specifically, this addresses #51, #53 and #55 by providing support for model serialization prior to storing as session data as well as adjusting form validation code to deal with a regression in the way scope is parsed.
Feedback welcomed.
This augment's PR #48 by cleaning things up a bit and by adding docs. The original pull request added support for expired tokens and grants instead of setting expiration.
I found it useful in my application to add the email_and_password grant type. If you think this makes sense too, feel free to accept. Perhaps there's a simpler way around the issue of using emails as an identifying criterion that I'm missing.
As discussed in issues #21 and #25. This provides a more rigerous check of the circumstances required for the client_secret to forgone.
(includes tests)
Since we can't trust all clients with the client secret I made the client_secret optional as per this blog post http://aaronparecki.com/articles/2012/07/29/1/oauth2-simplified.
In the ScopeChoice Field class in provider/oauth2/forms.py, the scope choice is no longer parsed correctly, so it raises an invalid_request. Writing something like
value = value.split('\s')
in line 60 (instead of raise OAuthValidationError....) fixes the problem
bug high-priority feedback neededHello there,
I'm trying to get this library to work. The installation works fine but when I run the code on a Django 1.6 installation, I get the following error after authorizing my app:
<Client: http://localhost:8001/callback> is not JSON serializable
Stacktrace:
Environment:
Request Method: POST
Request URL: http://localhost:8000/oauth2/authorize/confirm
Django Version: 1.6
Python Version: 2.7.5
Installed Applications:
('django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.sites',
'django.contrib.messages',
'django.contrib.staticfiles',
'provider',
'provider.oauth2',
'django.contrib.admin')
Installed Middleware:
('django.middleware.common.CommonMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware')
Traceback:
File "/home/tnaessens/Documents/Projects/Python/oauth2-provider/env/local/lib/python2.7/site-packages/django/core/handlers/base.py" in get_response
201. response = middleware_method(request, response)
File "/home/tnaessens/Documents/Projects/Python/oauth2-provider/env/local/lib/python2.7/site-packages/django/contrib/sessions/middleware.py" in process_response
38. request.session.save()
File "/home/tnaessens/Documents/Projects/Python/oauth2-provider/env/local/lib/python2.7/site-packages/django/contrib/sessions/backends/db.py" in save
57. session_data=self.encode(self._get_session(no_load=must_create)),
File "/home/tnaessens/Documents/Projects/Python/oauth2-provider/env/local/lib/python2.7/site-packages/django/contrib/sessions/backends/base.py" in encode
87. serialized = self.serializer().dumps(session_dict)
File "/home/tnaessens/Documents/Projects/Python/oauth2-provider/env/local/lib/python2.7/site-packages/django/core/signing.py" in dumps
88. return json.dumps(obj, separators=(',', ':')).encode('latin-1')
File "/usr/lib/python2.7/json/__init__.py" in dumps
250. sort_keys=sort_keys, **kw).encode(obj)
File "/usr/lib/python2.7/json/encoder.py" in encode
207. chunks = self.iterencode(o, _one_shot=True)
File "/usr/lib/python2.7/json/encoder.py" in iterencode
270. return _iterencode(o, 0)
File "/usr/lib/python2.7/json/encoder.py" in default
184. raise TypeError(repr(o) + " is not JSON serializable")
Exception Type: TypeError at /oauth2/authorize/confirm
Exception Value: <Client: http://localhost:8001/callback> is not JSON serializable
By googling, I found this similar bug in django-allauth: https://github.com/pennersr/django-allauth/issues/386. This was caused by the change from PickleSerializer to JSONSerializer from Django 1.5 to 1.6 as described here.
bug high-priority compatibilityHi,
I have a patch that's compatible with django 1.5 custom user model
There are 2 caveats:
I'm not quite sure how to make this work for both Django 1.4 and 1.5 but it's a start.
--Gilles
I need a migration plan for switching to either djangorestframework-oauth or django-oauth-toolkit. Basically wrapping the current API to the tools provided by one or the other of the above library seems the way to go. Also remove this project from pip / etc or give ownership to someone that will treat the huge pile of issue in it.
I am going to upgrade my django project form django=1.8.13 to django=1.10.3 but its failed and showing errors
Traceback (most recent call last): File "manage.py", line 10, in <module> execute_from_command_line(sys.argv) File "/home/nazmul/PycharmProjects/django_auth/local/lib/python2.7/site-packages/django/core/management/__init__.py", line 350, in execute_from_command_line utility.execute() File "/home/nazmul/PycharmProjects/django_auth/local/lib/python2.7/site-packages/django/core/management/__init__.py", line 324, in execute django.setup() File "/home/nazmul/PycharmProjects/django_auth/local/lib/python2.7/site-packages/django/__init__.py", line 18, in setup apps.populate(settings.INSTALLED_APPS) File "/home/nazmul/PycharmProjects/django_auth/local/lib/python2.7/site-packages/django/apps/registry.py", line 85, in populate app_config = AppConfig.create(entry) File "/home/nazmul/PycharmProjects/django_auth/local/lib/python2.7/site-packages/django/apps/config.py", line 90, in create module = import_module(entry) File "/usr/lib/python2.7/importlib/__init__.py", line 37, in import_module __import__(name) File "/home/nazmul/PycharmProjects/django_auth/local/lib/python2.7/site-packages/provider/oauth2/__init__.py", line 1, in <module> import backends File "/home/nazmul/PycharmProjects/django_auth/local/lib/python2.7/site-packages/provider/oauth2/backends.py", line 2, in <module> from .forms import ClientAuthForm, PublicPasswordGrantForm File "/home/nazmul/PycharmProjects/django_auth/local/lib/python2.7/site-packages/provider/oauth2/forms.py", line 10, in <module> from .models import Client, Grant, RefreshToken File "/home/nazmul/PycharmProjects/django_auth/local/lib/python2.7/site-packages/provider/oauth2/models.py", line 23, in <module> class Client(models.Model): File "/home/nazmul/PycharmProjects/django_auth/local/lib/python2.7/site-packages/django/db/models/base.py", line 94, in __new__ app_config = apps.get_containing_app_config(module) File "/home/nazmul/PycharmProjects/django_auth/local/lib/python2.7/site-packages/django/apps/registry.py", line 239, in get_containing_app_config self.check_apps_ready() File "/home/nazmul/PycharmProjects/django_auth/local/lib/python2.7/site-packages/django/apps/registry.py", line 124, in check_apps_ready raise AppRegistryNotReady("Apps aren't loaded yet.") django.core.exceptions.AppRegistryNotReady: Apps aren't loaded yet.
/usr/local/lib/python2.7/dist-packages/provider/oauth2/urls.py:54: RemovedInDjango110Warning: django.conf.url s.patterns() is deprecated and will be removed in Django 1.10. Update your urlpatterns to be a list of django .conf.urls.url() instances instead. name='access_token'),
As per their blog post of the 27th April ‘Securing subdomains’:
Starting today, Read the Docs will start hosting projects from subdomains on the domain readthedocs.io, instead of on readthedocs.org. This change addresses some security concerns around site cookies while hosting user generated data on the same domain as our dashboard.
Test Plan: Manually visited all the links I’ve modified.
Django OAuth Toolkit OAuth2 goodies for the Djangonauts! If you are facing one or more of the following: Your Django app exposes a web API you want to
Django OAuth Toolkit OAuth2 goodies for the Djangonauts! If you are facing one or more of the following: Your Django app exposes a web API you want to
Django REST Framework Social OAuth2 This module provides OAuth2 social authentication support for applications in Django REST Framework. The aim of th
Django REST Framework Social OAuth2 This module provides OAuth2 social authentication support for applications in Django REST Framework. The aim of th
Pexon-Rest-API A full Rest-API for request & response a JSON file, Building a Simple WorkFlow that help you to Request a JSON File Format and Handling
DogeAPI API with high performance built with FastAPI & SQLAlchemy, help to improve connection with your Backend Side to create a simple blog and Cruds
OAuth2-Python Discord Inplementation for OAuth2 login systems. This is a simple Python 'app' made to inplement in your programs that require (shitty)
Wagtail OAuth2.0 Login Plugin to replace Wagtail default login by an OAuth2.0 Authorization Server. What is wagtail-oauth2 OAuth2.0 is an authorizatio
FastAPI-Login FastAPI-Login tries to provide similar functionality as Flask-Login does. Installation $ pip install fastapi-login Usage To begin we hav
Welcome to django-rest-auth Repository is unmaintained at the moment (on pause). More info can be found on this issue page: https://github.com/Tivix/d
amazon_auth A Python tool to generate and refresh Amazon access tokens. Description This tool generates and outputs Amazon access and refresh tokens f
gitlab-personal-access-token Ensure PAT is present in gitlab database. This tool is mainly used when you need to automate gitlab installation and conf
Stronghold Get inside your stronghold and make all your Django views default login_required Stronghold is a very small and easy to use django app that
RecNet-Login This is a Python package, that allows you to acquire your RecNet bearer token with your account credentials! Installation Done via git: p
Read the docs: Flask-JWT-Router Flask JWT Router Flask JWT Router is a Python library that adds authorised routes to a Flask app. Both basic & Google'
A host-guest based app in which host can CREATE the room. and guest can join room with room code and vote for song to skip. User is authenticated using Spotify API
Flask App With Login by FranciscoCharles Este projeto basico é o resultado do estudos de algumas funcionalidades do micro framework Flask do Python. O
Django Queries App with JWT authentication, Class Based Views, Serializers, Swagger UI, CI/CD and other cool DRF stuff API Documentaion /swagger - Swa
Storefront A store App developed using Django, RESTFul API, JWT. SQLite has been
2.7k Jan 1, 2023
1k Dec 22, 2022
15 Jul 22, 2022
0 Jan 6, 2022
7 Oct 7, 2022
417 Jan 7, 2023
2.4k Jan 3, 2023
15 Nov 21, 2022
1 Jan 30, 2022
384 Nov 23, 2022
6 Aug 18, 2022
52 Jan 3, 2023
5 May 10, 2022
3 Nov 14, 2021
4 Jan 29, 2022
1 Jan 7, 2022