This is a Python library for accessing resources protected by OAuth 2.0.

Overview

Build Status Coverage Status Documentation Status

This is a client library for accessing resources protected by OAuth 2.0.

Note: oauth2client is now deprecated. No more features will be added to the libraries and the core team is turning down support. We recommend you use google-auth and oauthlib. For more details on the deprecation, see oauth2client deprecation.

Installation

To install, simply run the following command in your terminal:

$ pip install --upgrade oauth2client

Contributing

Please see the CONTRIBUTING page for more information. In particular, we love pull requests -- but please make sure to sign the contributor license agreement.

Supported Python Versions

We support Python 2.7 and 3.4+. More information in the docs.

Comments
  • SignedJwtAssertionCredentials has been removed: Why?

    SignedJwtAssertionCredentials has been removed: Why?

    To: @dhermes

    I am currently using class SignedJwtAssertionCredentials, and as of 2 days ago, it was removed.

    oauth2client/client.py

    https://github.com/google/oauth2client/commit/dcd20c9375308979e45ae280ec102a28d2ca60d1#diff-d8b1525b7f161cbce2f6438636be9c38

    What am I to use instead now?

    Signed JWT is expected for Google Cloud API Authentication.

    See SignedJwtAssertionCredentials._generate_assertion()

    opened by jefftune 88
  • Enable BYO http library

    Enable BYO http library

    If this is a duplicate I apologize.

    ISTM this requires

    • [x] Move all uses of httplib2 into a module (call it transport probably) (#554, #559, #561, #577)
    • [ ] Determine what assumed interface of httplib2.Http is needed
    • [ ] Optional. Try to reduce the interface needed
    • [x] Factor out the hard dependencies on httplib2 and just use these interfaces
    • [ ] Document the interface and allow credentials constructors to optionally take a custom Http object from any old library, e.g. twisted or requests.
    • [ ] Revisit all changes and ensure consistency
    • [ ] Revisit query string update hackery in #622
    opened by dhermes 55
  • \u003d  aka

    \u003d aka "=" character in json key breaks oauth2client

    Reported here: https://github.com/burnash/gspread/issues/239 for details, but in -----BEGIN PRIVATE KEY-----\n_**\n-----END PRIVATE KEY-----\n", it seems *_* must not contain \u003d

    This seems to be a problem only for python 2.7 (although possibly python 3 too as I am blocked by https://github.com/google/oauth2client/issues/106 so I might not have got that far with python 3).

    opened by felagund 52
  • Added self signed jwt service account credentials

    Added self signed jwt service account credentials

    Initial self signed jwt credential support #252. Here is my thinking with this initial API:

    -SelfSignedJWTCredentials class should not be on the OAuth2Client inheritance hierarchy, there are many oauth2 specific methods (like refresh) that don't apply to self signed credentials. -SelfSignedJWTCredentials can be placed in the service_account module, SelfSignedJWTCredentials are highly coupled with service account credentials, self signed jwts can only be signed using service account credentials -get_access_token() can be the external interface for generating tokens, it is consistent with the GoogleCredentials API, and there is nothing OAuth2 specific about the naming. -The fields contained in the JWT are Google specific as far as I can tell, so this should be considered a Google specific class

    cla: yes 
    opened by kpayson64 40
  • Flask 3LO helper

    Flask 3LO helper

    This should fix #224 once merged.

    Currently rough and looking for feedback. This intentionally deviates from the appengine/webapp2 decorator to be more idiomatic for flask users.

    1. The credentials are currently only stored on the session. I'd like some feedback on how to allow the user to specify storage, and how the session storage should fix into that (should it store both in the session and within the user provided storage?)
    2. I'm aware that it doesn't quite fit with the style of the rest of the codebase, I'll adjust to 2 spaces etc before merge.
    3. The scopes default to 'email' and 'profile', and there's a mechanism to fetch the user's full profile from google+. I can remove this if we feel it's bloated (users can easily add it back via authorize_callback).

    Tests will be added once I validate this approach.

    cla: yes 
    opened by theacodes 40
  • Service Account authentication fails on Linux, works on Mac OS X

    Service Account authentication fails on Linux, works on Mac OS X

    I am using gspread 0.2.5 and oauth2client 1.4.11. On a Mac with Python 2.7.5 I can authenticate to Google and retrieve data using this code:

    from oauth2client.client import SignedJwtAssertionCredentials
    scopes = ['https://spreadsheets.google.com/feeds/', 'https://docs.google.com/feeds']
    credentials = SignedJwtAssertionCredentials(client_email, private_key, scopes)
    gc = gspread.authorize(credentials)
    

    On Ubuntu 14.04 Linux with Python 2.7.6 and identical credentials, I see this error:

    Traceback (most recent call last):
      File "scripts/website-people-update.py", line 76, in <module>
        sheets = load_sheets(gdocs_client_email, gdocs_private_key)
      File "scripts/website-people-update.py", line 25, in load_sheets
        gc = gspread.authorize(credentials)
      File "/usr/local/lib/python2.7/dist-packages/gspread/client.py", line 335, in authorize
        client.login()
      File "/usr/local/lib/python2.7/dist-packages/gspread/client.py", line 98, in login
        self.auth.refresh(http)
      File "/usr/local/lib/python2.7/dist-packages/oauth2client/client.py", line 598, in refresh
        self._refresh(http.request)
      File "/usr/local/lib/python2.7/dist-packages/oauth2client/client.py", line 769, in _refresh
        self._do_refresh_request(http_request)
      File "/usr/local/lib/python2.7/dist-packages/oauth2client/client.py", line 834, in _do_refresh_request
        raise AccessTokenRefreshError(error_msg)
    AccessTokenRefreshError: invalid_grant
    

    I’m at a bit of a loss. Searches for invalid_grant come up with solutions that address incorrect configuration, rather than platform-specific failure.

    opened by migurski 36
  • Add Django Util With Decorator and Views

    Add Django Util With Decorator and Views

    This Django extension adds the views, decorators, and signals to oauth2client.

    This is heavily based on the work @jonparrott did for oauth2client/flask_util.

    Currently the only storage offered uses Django sessions. Based on issue #319 more storage options are planned along with integration to the existing CredentialsField in django_orm.

    This adds an environment variable to the tox script. This might not be strictly necessary, but it did simplify the tests a lot, since Django settings get looked up at import time and cached so it's easiest if they have an environment variable pointing to an existing settings module when the tests are started.

    This could have been squeezed into a single file, but I spilt it into separate files based on existing Django extension conventions.

    cla: yes 
    opened by waprin 35
  • Add multiprocess file storage.

    Add multiprocess file storage.

    Towards #470

    This is not ready for merge, this is an initial sketch of what this would look like. Please note:

    1. Instead of outright replacing multistore_file, I am introducing a new module to cover the same functionality named multiprocess_file_storage. We can do a release to deprecate multistore_file in favor of multiprocess_file_storage and then another release to remove it.
    2. The interface has changed. Instead of a bunch of get_storage_{} functions, there is now just MultiprocesFileStorage(filename, key). The key argument can be used to emulate how the previous helper methods worked, eg. key = '{}-{}-{}'.format(client_id, user_agent, scope).
    3. Tests are not done, want to sanity check this first.

    @thobrla, while writing this, I came across some interesting behavioral cases:

    1. The storage only holds the lock as long as needed to read/write the credentials file during put or get, but if at any point in time it fails to acquire the lock it will switch to read only mode and will never try locking again.
    2. The storage only reads the credentials file once, but writes to it constantly. This means if multiple processes access the store and write, they are probably erasing the other's stuff despite the locking.

    It seems that multistore_file never lived up to its promises, and neither will this class. As I mentioned before, a sqlite-based storage would be a true solution but it would require the cloud sdk and gsutil to take on a third-party binary dependency, which may be untenable for you. What are your thoughts?

    cla: yes 
    opened by theacodes 33
  • [Discussion] post 4.0.0 refactor

    [Discussion] post 4.0.0 refactor

    With 3.0.0 out and 4.0.0 on the way, we've finally addressed most of the "cruft" in this library without making huge, sweeping, breaking changes. However, some huge obstacles remain - such as the twisted class hierarchy and the strange naming of some of the credentials classes.

    I'd like to start a discussion on refactoring this library post-4.0.0. I'm not one to throw out well-tested and proven code, but the code that is here needs to be better organized to suit our downstream clients and our users.

    I want to put forth the idea of this package slowly migrating to two new packages: google.auth and google.oauth2. During the initial phases we'll retain code inside of and continue to publish the oauth2client package, but once complete the oauth2client package will be permanently deprecated.

    The google.auth package will focus solely on server-to-server authentication. A rough idea of what this package will look like is:

    • google.auth.default() returns the application default credentials.
    • google.auth.service_account.Credentials credentials using a service account key to obtain an access token.
    • google.auth.jwt.Credentials credentials using a service account key to directly assert credentials.
    • google.auth.gae.Credentials credentials using App Engine identity credentials.
    • google.auth.gce.Credentials credentials using the Compute Engine metadata server.
    • google.auth.access_token.Credentials credential using a bare access token.

    This package won't contain anything related to storage or end-user based credentials.

    The google.oauth2 package will contain the remainder of the current library and focus solely on oauth2 user-specific stuff, better organized:

    • google.oauth2.flow - generic flow that can be easily used with web frameworks.
    • google.oauth2.credentials - user credentials with access and refresh tokens.
    • google.oauth2.storage - a wrapper that allows credentials to be stored. etc.

    What are you initial thoughts @nathanielmanistaatgoogle @dhermes @waprin @thobrla @anthmgoogle @elibixby @pferate & any others.

    opened by theacodes 31
  • Add DictionaryStorage class for #319.

    Add DictionaryStorage class for #319.

    DictionaryStorage - implements an optionally-locked storage over a dictionary-like object.

    Additionally:

    • Storage now includes optional locking logic. Previously this was implemented in subclasses.
    • Remove flask_util.FlaskSessionStorage and replaced it with DictionaryStorage.
    cla: yes 
    opened by theacodes 31
  • Update GCE AppAssertionCredentials

    Update GCE AppAssertionCredentials

    This provides several much needed updates to GCE App Assertion Credentials

    1. Properly populates token expiry
    2. Retrieves credentials scopes from the metadata server
    3. Allows credentials to use custom service accounts by providing an optional email field
    4. Implements serialization/deserialization for this email field
    5. Provides a project_id property using metadata server in preparation for a pull request addressing #471
    cla: yes don't merge 
    opened by elibixby 26
  • Archive the repo

    Archive the repo

    Note: oauth2client is now deprecated. As such, it is unlikely that we will address or respond to your issue. We recommend you use google-auth and oauthlib.

    So reading that message above, I think it's time to archive the repo. Any thoughts?

    @broady @busunkim96 @crwilcox @tswast

    type: process 
    opened by JustinBeckwith 3
  • Bump django from 1.10.0 to 1.11.23 in /samples/django/django_user

    Bump django from 1.10.0 to 1.11.23 in /samples/django/django_user

    Bumps django from 1.10.0 to 1.11.23.

    Commits
    • 9748977 [1.11.x] Bumped version for 1.11.23 release.
    • 869b34e [1.11.x] Fixed CVE-2019-14235 -- Fixed potential memory exhaustion in django....
    • ed682a2 [1.11.x] Fixed CVE-2019-14234 -- Protected JSONField/HStoreField key and inde...
    • 52479ac [1.11.x] Fixed CVE-2019-14233 -- Prevented excessive HTMLParser recursion in ...
    • 42a66e9 [1.11.X] Fixed CVE-2019-14232 -- Adjusted regex to avoid backtracking issues ...
    • 693046e [1.11.x] Added stub release notes for security releases.
    • 6d054b5 [1.11.x] Added CVE-2019-12781 to the security release archive.
    • 7c849b9 [1.11.x] Post-release version bump.
    • 480380c [1.11.x] Bumped version for 1.11.22 release.
    • 32124fc [1.11.x] Fixed CVE-2019-12781 -- Made HttpRequest always trust SECURE_PROXY_S...
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    cla: yes dependencies 
    opened by dependabot[bot] 0
Releases(v4.1.3)
  • v4.1.3(Sep 7, 2018)

    Note: oauth2client is deprecated. No more features will be added to the libraries and the core team is turning down support. We recommend you use google-auth and oauthlib.

    • Changed OAuth2 endpoints to use oauth2.googleapis.com variants. (#742)
    Source code(tar.gz)
    Source code(zip)
  • v4.1.2(Jun 29, 2017)

    Note: oauth2client is deprecated. No more features will be added to the libraries and the core team is turning down support. We recommend you use google-auth and oauthlib.

    Bug fixes:

    • Fix packaging issue had erroneously installed the test package. (#688)
    Source code(tar.gz)
    Source code(zip)
  • v4.1.1(Jun 6, 2017)

    v4.1.1

    Note: oauth2client is deprecated. No more features will be added to the libraries and the core team is turning down support. We recommend you use google-auth and oauthlib.

    New features:

    • Allow passing prompt='consent' via the flow_from_clientsecrets. (#717)
    Source code(tar.gz)
    Source code(zip)
  • v4.1.0(May 10, 2017)

    Note: oauth2client is now deprecated. No more features will be added to the libraries and the core team is turning down support. We recommend you use google-auth and oauthlib.

    New features:

    • Allow customizing the GCE metadata service address via an env var. (#704)
    • Store original encoded and signed identity JWT in OAuth2Credentials. (#680)
    • Use jsonpickle in django contrib, if available. (#676)

    Bug fixes:

    • Typo fixes. (#668, #697)
    • Remove b64 padding from PKCE values, per RFC7636. (#683)
    • Include LICENSE in Manifest.in. (#694)
    • Fix tests and CI. (#705, #712, #713)
    • Escape callback error code in flask_util. (#710)
    Source code(tar.gz)
    Source code(zip)
  • v4.0.0(Jan 11, 2017)

    New features:

    New Django samples. (#636) Add support for RFC7636 PKCE. (#588) Release as a universal wheel. (#665) Bug fixes:

    Fix django authorization redirect by correctly checking validity of credentials. (#651) Correct query loss when using parse_qsl to dict. (#622) Switch django models from pickle to jsonpickle. (#614) Support new MIDDLEWARE Django 1.10 setting. (#623) Remove usage of os.environ.setdefault. (#621) Handle missing storage files correctly. (#576) Try to revoke token with POST when getting a 405. (#662) Internal changes:

    Use transport module for GCE environment check. (#612) Remove author lines and add contributors.md. (#627) Clean up imports. (#625) Use transport.request in tests. (#607) Drop unittest2 dependency (#610) Remove backslash line continuations. (#608) Use transport helpers in system tests. (#606) Clean up usage of HTTP mocks in tests. (#605) Remove all uses of MagicMock. (#598) Migrate test runner to pytest. (#569) Merge util.py and _helpers.py. (#579) Remove httplib2 imports from non-transport modules. (#577) Breaking changes:

    Drop Python 3.3 support. (#603) Drop Python 2.6 support. (#590) Remove multistore_file. (#589)

    Source code(tar.gz)
    Source code(zip)
  • v3.0.0(Jul 28, 2016)

    • Populate token_expiry for GCE credentials. (#473)
    • Move GCE metadata interface to a separate module. (#520)
    • Populate scopes for GCE credentials. (#524)
    • Fix Python 3.5 compatibility. (#531)
    • Add oauth2client.contrib.sqlalchemy, a SQLAlchemy-based credential store. (#527)
    • Improve error when an invalid client secret is provided. (#530)
    • Add oauth2client.contrib.multiprocess_storage. This supersedes the functionality in oauth2client.contrib.multistore_file. (#504)
    • Pull httplib2 usage into a separate transport module. (#559, #561)
    • Refactor all django-related code into oauth2client.contrib.django_util. Add DjangoORMStorage, remove FlowField. (#546)
    • Fix application default credentials resolution order. (#570)
    • Add configurable timeout for GCE metadata server check. (#571)
    • Add warnings when using deprecated approval_prompt='force'. (#572)
    • Add deprecation warning to oauth2client.contrib.multistore_file. (#574)
    • (Hygiene) PEP8 compliance and various style fixes (#537, #540, #552, #562)
    • (Hygiene) Remove duplicated exception classes in oauth2client.contrib.appengine. (#533)

    NOTE: The next major release of oauth2client (v4.0.0) will remove the oauth2client.contrib.multistore_file module.

    Source code(tar.gz)
    Source code(zip)
  • v2.2.0(Jul 28, 2016)

    • Added support to override token_uri and revoke_uri in oauth2client.service_account.ServiceAccountCredentials. (#510)
    • oauth2client.contrib.multistore_file now handles OSError in addition to IOError because Windows may raise OSError where other platforms will raise IOError.
    • oauth2client.contrib.django_util and oauth2client.contrib.django_orm have been updated to support Django 1.8 - 1.10. Versions of Django below 1.8 will not work with these modules.
    Source code(tar.gz)
    Source code(zip)
  • v2.1.0(May 20, 2016)

    • Add basic support for JWT access credentials. (#503)
    • Fix oauth2client.client.DeviceFlowInfo to use UTC instead of the system timezone when calculating code expiration.
    Source code(tar.gz)
    Source code(zip)
  • v2.0.2(Apr 15, 2016)

    • Fix issue where flask_util.UserOAuth2.required would accept expired credentials (#452).
    • Fix issue where flask_util would fill the session with Flow objects (#498).
    • Fix issue with Python 3 binary strings in Flow.step2_exchange (#446).
    • Improve test coverage to 100%.
    Source code(tar.gz)
    Source code(zip)
  • v2.0.1(Mar 8, 2016)

    • Making scopes optional on Google Compute Engine AppAssertionCredentials and adding a warning that GCE won't honor scopes (#419)
    • Adding common sign_blob() to service account types and a service_account_email property. (#421)
    • Improving error message in P12 factory ServiceAccountCredentials.from_p12_keyfile when pyOpenSSL is missing. (#424)
    • Allowing default flags in oauth2client.tools.run_flow() rather than forcing users to create a dummy argparser (#426)
    • Removing oauth2client.util.dict_to_tuple_key() from public interface (#429)
    • Adding oauth2client.contrib._appengine_ndb helper module for oauth2client.contrib.appengine and moving most code that uses the ndb library into the helper (#434)
    • Fix error in django_util sample code (#438)
    Source code(tar.gz)
    Source code(zip)
  • v2.0.0-post1(Feb 19, 2016)

    • Fix Google Compute Engine breakage (#411, breakage introduced in #387) that made it impossible to obtain access tokens
    • Implement ServiceAccountCredentials.from_p12_keyfile_buffer() to allow passing a file-like object in addition to the factory constructor that uses a filename directly (#413)
    • Implement ServiceAccountCredentials.create_delegated() to allow upgrading a credential to one that acts on behalf of a given subject (#420)
    Source code(tar.gz)
    Source code(zip)
  • v2.0.0(Feb 16, 2016)

    • Add django_util (#332)
    • Avoid OAuth2Credentials id_token going out of sync after a token refresh (#337)
    • Move to a contrib sub-package code not considered a core part of the library (#346, #353, #370, #375, #376, #382)
    • Add token_expiry to devshell credentials (#372)
    • Move Storage locking into a base class (#379)
    • Added dictionary storage (#380)
    • Added to_json and from_json methods to all Credentials classes (#385)
    • Fall back to read-only credentials on EACCES errors (#389)
    • Coalesced the two ServiceAccountCredentials classes (#395, #396, #397, #398, #400)

    Special Note About ServiceAccountCredentials:

    For JSON keys, you can create a credential via

    from oauth2client.service_account import ServiceAccountCredentials
    credentials = ServiceAccountCredentials.from_json_keyfile_name(
        key_file_name, scopes=[...])
    

    You can still rely on

    from oauth2client.client import GoogleCredentials
    credentials = GoogleCredentials.get_application_default()
    

    returning these credentials when you set the GOOGLE_APPLICATION_CREDENTIALS environment variable.

    For .p12 keys, construct via

    credentials = ServiceAccountCredentials.from_p12_keyfil(
        service_account_email, key_file_name, scopes=[...])
    

    though we urge you to use JSON keys (rather than .p12 keys) if you can. This is equivalent to the previous method

    # PRE-oauth2client 2.0.0 EXAMPLE CODE!
    from oauth2client.client import SignedJwtAssertionCredentials
    with open(key_file_name, 'rb') as key_file:
        private_key = key_file.read()
    credentials = SignedJwtAssertionCredentials(
        service_account_email, private_key, scope=[...])
    
    Source code(tar.gz)
    Source code(zip)
  • v1.5.2(Nov 18, 2015)

    • Add access token refresh error class that includes HTTP status (#310)
    • Python3 compatibility fixes for Django (#316, #318)
    • Fix incremental auth in flask_util (#322)
    • Fall back to credential refresh on EDEADLK in multistore_file (#336)
    Source code(tar.gz)
    Source code(zip)
  • v1.5.1(Sep 16, 2015)

  • v1.5.0(Sep 7, 2015)

    • Fix (more like clarify) bytes / str handling in crypto methods. (#203, #250, #272)
    • Replacing webapp with webapp2 in oauth2client.appengine (#217)
    • Added optional state parameter to step1_get_authorize_url. (#219 and #222)
    • Added flask_util module that provides a Flask extension to aid with using OAuth2 web server flow. This provides the same functionality as the appengine.webapp2 OAuth2Decorator, but will work with any Flask application regardless of hosting environment. (#226, #273)
    • Track scopes used on credentials objects (#230)
    • Moving docs to [readthedocs.org][1](#237, #238, #244)
    • Removing old_run module. Was deprecated July 2, 2013. (#285)
    • Avoid proxies when querying for GCE metadata (to check if running on GCE) (#114, #293)
    Source code(tar.gz)
    Source code(zip)
  • v1.4.12(Jul 13, 2015)

    • Fix OS X flaky test failure (#189).
    • Fix broken OpenSSL import (#191).
    • Remove @util.positional from wrapped request in Credentials.authorize() (#196, #197).
    • Changing pinned dependencies to >= (#200, #204).
    • Support client authentication using Authorization header (#206).
    • Clarify environment check in case where GAE imports succeed but GAE services aren't available (#208).

    See https://github.com/google/oauth2client/blob/master/CHANGELOG.md

    Source code(tar.gz)
    Source code(zip)
Owner
Google APIs
Clients for Google APIs and tools that help produce them.
Google APIs
A Python library for OAuth 1.0/a, 2.0, and Ofly.

Rauth A simple Python OAuth 1.0/a, OAuth 2.0, and Ofly consumer library built on top of Requests. Features Supports OAuth 1.0/a, 2.0 and Ofly Service

litl 1.6k Dec 8, 2022
The ultimate Python library in building OAuth, OpenID Connect clients and servers. JWS,JWE,JWK,JWA,JWT included.

Authlib The ultimate Python library in building OAuth and OpenID Connect servers. JWS, JWK, JWA, JWT are included. Authlib is compatible with Python2.

Hsiaoming Yang 2.3k Feb 17, 2021
Python library for generating a Mastercard API compliant OAuth signature.

oauth1-signer-python Table of Contents Overview Compatibility References Usage Prerequisites Adding the Library to Your Project Importing the Code Loa

null 23 Aug 1, 2022
A generic, spec-compliant, thorough implementation of the OAuth request-signing logic

OAuthLib - Python Framework for OAuth1 & OAuth2 *A generic, spec-compliant, thorough implementation of the OAuth request-signing logic for Python 3.5+

OAuthlib 2.5k Jan 2, 2023
A fully tested, abstract interface to creating OAuth clients and servers.

Note: This library implements OAuth 1.0 and not OAuth 2.0. Overview python-oauth2 is a python oauth library fully compatible with python versions: 2.6

Joe Stump 3k Jan 2, 2023
A generic, spec-compliant, thorough implementation of the OAuth request-signing logic

OAuthLib - Python Framework for OAuth1 & OAuth2 *A generic, spec-compliant, thorough implementation of the OAuth request-signing logic for Python 3.5+

OAuthlib 2.5k Jan 1, 2023
Doing the OAuth dance with style using Flask, requests, and oauthlib.

Flask-Dance Doing the OAuth dance with style using Flask, requests, and oauthlib. Currently, only OAuth consumers are supported, but this project coul

David Baumgold 915 Dec 28, 2022
Toolkit for Pyramid, a Pylons Project, to add Authentication and Authorization using Velruse (OAuth) and/or a local database, CSRF, ReCaptcha, Sessions, Flash messages and I18N

Apex Authentication, Form Library, I18N/L10N, Flash Message Template (not associated with Pyramid, a Pylons project) Uses alchemy Authentication Authe

null 95 Nov 28, 2022
Doing the OAuth dance with style using Flask, requests, and oauthlib.

Flask-Dance Doing the OAuth dance with style using Flask, requests, and oauthlib. Currently, only OAuth consumers are supported, but this project coul

David Baumgold 799 Feb 17, 2021
Doing the OAuth dance with style using Flask, requests, and oauthlib.

Flask-Dance Doing the OAuth dance with style using Flask, requests, and oauthlib. Currently, only OAuth consumers are supported, but this project coul

David Baumgold 802 Feb 22, 2021
Phishing Abusing Microsoft 365 OAuth Authorization Flow

Microsoft365_devicePhish Abusing Microsoft 365 OAuth Authorization Flow for Phishing Attack This is a simple proof-of-concept script that allows an at

bigb0ss 11 Dec 11, 2022
Abusing Microsoft 365 OAuth Authorization Flow for Phishing Attack

Microsoft365_devicePhish Abusing Microsoft 365 OAuth Authorization Flow for Phishing Attack This is a simple proof-of-concept script that allows an at

Optiv Security 76 Jan 2, 2023
Local server that gives you your OAuth 2.0 tokens needed to interact with the Conta Azul's API

What's this? This is a django project meant to be run locally that gives you your OAuth 2.0 tokens needed to interact with Conta Azul's API Prerequisi

Fábio David Freitas 3 Apr 13, 2022
A module making it easier to manage Discord oAuth with Quart

quart_discord A module making it easier to manage Discord oAuth with Quart Install pip install git+https://github.com/xelA/quart_discord@master How to

null 5 Oct 27, 2022
Plotly Dash plugin to allow authentication through 3rd party OAuth providers.

dash-auth-external Integrate your dashboards with 3rd parties and external OAuth providers. Overview Do you want to build a Plotly Dash app which pull

James Holcombe 15 Dec 11, 2022
Google Auth Python Library

Google Auth Python Library This library simplifies using Google's various server-to-server authentication mechanisms to access Google APIs. Installing

Google APIs 598 Jan 7, 2023
Python One-Time Password Library

PyOTP - The Python One-Time Password Library PyOTP is a Python library for generating and verifying one-time passwords. It can be used to implement tw

PyAuth 2.2k Dec 26, 2022
Simple yet powerful authorization / authentication client library for Python web applications.

Authomatic Authomatic is a framework agnostic library for Python web applications with a minimalistic but powerful interface which simplifies authenti

null 1k Dec 28, 2022
Django CAS 1.0/2.0/3.0 client authentication library, support Django 2.0, 2.1, 2.2, 3.0 and Python 3.5+

django-cas-ng django-cas-ng is Django CAS (Central Authentication Service) 1.0/2.0/3.0 client library to support SSO (Single Sign On) and Single Logou

django-cas-ng 347 Dec 18, 2022