/oauth2helper

Validate and extract information from OAuth2 token

Primary LanguagePythonMIT LicenseMIT

This project is no longer maintained.
Please use layabauth module instead.



Validate and extract information from OAuth2 token

pypi version Build status Coverage Code style: black Number of tests Number of downloads

Validating an OAuth2 token

import oauth2helper

headers = {"Authorization": "Bearer YOUR_OAUTH2_TOKEN"}
my_token = headers.get('Authorization')[7:]

# Will raise InvalidTokenError or InvalidKeyError in case validation failed
oauth2helper.validate(my_token, "https://provider_url/common/discovery/keys")

Extracting user from a OAuth2 token

import oauth2helper

headers = {"Authorization": "Bearer YOUR_OAUTH2_TOKEN"}
my_token = headers.get('Authorization')[7:]

json_header, json_body = oauth2helper.validate(my_token, "https://provider_url/common/discovery/keys")
username = oauth2helper.user_name(json_body)

Starlette

A Starlette AuthenticationMiddleware backend is available.

from starlette.applications import Starlette
from starlette.authentication import requires
from starlette.middleware import Middleware
from starlette.middleware.authentication import AuthenticationMiddleware
from oauth2helper.starlette import OAuth2IdTokenBackend, unauthorized


backend = OAuth2IdTokenBackend(
    identity_provider_url="https://identity_provider_url",
    # You can extract scopes per user and validate them on @requires decorator
    scopes_retrieval=lambda json_body: ["authenticated"],
)
app = Starlette(middleware=[Middleware(AuthenticationMiddleware, backend=backend, on_error=unauthorized)])

@app.route("/authenticated_endpoint")
@requires(scopes=["authenticated"])
def endpoint(request):
    pass  # Implement your own logic

How to install

  1. python 3.6+ must be installed
  2. Use pip to install module:
python -m pip install oauth2helper