Metadata-Version: 1.0
Name: oauth1-provider
Version: 0.2.0
Summary: OAuth 1.0 Provider with Redis in Python
Home-page: https://github.com/tistaharahap/oauth1-provider-redis-py/
Author: Batista Harahap
Author-email: batista@bango29.com
License: MIT
Description: # OAuth 1.0a Provider with Redis in Python
        
        I want to build a scalable OAuth 1.0a Provider that is easy to subclass specifically in authenticating users against
        various databases. Focuses in leveraging performance by using Redis as the primary OAuth Provider backend, user
        authentications can be handled differently using any other databases.
        
        Coded against [RFC5849](http://tools.ietf.org/html/rfc5849) so please excuse any mishaps, everyone is welcomed to fork
        and send pull requests.
        
        ## Compatibility Against [RFC5849](http://tools.ietf.org/html/rfc5849)
        
        With this README, I have no plans in supporting 3 legged authentications. I am only supporting XAuth at the moment.
        Fork and contribute to add support to 3 legged authentications.
        
        OAuth 1.0 Authorization components are all expected from Authorization header. Example below.
        
        ```
        Authorization: OAuth realm="http://localhost:5000/",
                oauth_consumer_key="dpf43f3p2l4k3l03",
                oauth_signature_method="HMAC-SHA1",
                oauth_timestamp="137131200",
                oauth_nonce="wIjqoS",
                oauth_signature="74KNZJeDHnMBp0EMJ9ZHt%2FXKycU%3D"
        ```
        
        ## Usage
        
        The main package depends on these Python modules:
        - Redis
        
        The examples/with_flask.py file depends on these Python modules:
        - flask
        
        The test.py file depends on these Python modules:
        - oauthnesia
        
        ### Real Usage and Extending The Provider
        
        You can use the provider with any Python web framework theoretically. Here are the codes to use the provider with flask.
        
        ```python
        from flask import Flask, jsonify
        from oauth1 import Oauth1, Oauth1Errors
        
        BASE_URL = "http://localhost:5000/"
        
        app = Flask(__name__)
        
        
        class ExampleProvider(Oauth1):
            @classmethod
            def _verify_xauth_credentials(cls, username, password):
                return username == 'username' and password == 'password'
        
        @app.route('/oauth/', methods=['GET', 'POST'])
        @app.route('/oauth/<action>', methods=['POST'])
        def oauth(action=None):
            if action == 'access_token':
                ExampleProvider.BASE_URL = BASE_URL
        
                cons_check = ExampleProvider.authorize_consumer()
                if isinstance(cons_check, str):
                    return Oauth1Errors.forbidden(cons_check)
        
                authorized = ExampleProvider.authorize_request(uri='oauth/access_token')
                if isinstance(authorized, str):
                    return Oauth1Errors.unauthorized(authorized)
        
                # Check username/password from XAuth
                x_check = ExampleProvider.authorize_xauth()
                if isinstance(x_check, str):
                    return Oauth1Errors.bad_request(x_check)
        
                return jsonify(status='ok')
            else:
                return Oauth1Errors.not_found('There is no valid resource here')
        
        @app.route('/user/<user_uri>', methods=['GET', 'POST'])
        def user(user_uri=None):
            if not user_uri:
                return Oauth1Errors.bad_request('You must supply a User URI')
            else:
                Oauth1.BASE_URL = BASE_URL
        
                cons_check = Oauth1.authorize_consumer()
                if isinstance(cons_check, str):
                    return Oauth1Errors.forbidden(cons_check)
        
                authorized = Oauth1.authorize_request(uri='oauth/access_token')
                if isinstance(authorized, str):
                    return Oauth1Errors.unauthorized(authorized)
        
                return jsonify(uri=user_uri)
        
        @app.errorhandler(404)
        def not_found(error):
            return Oauth1Errors.not_found()
        
        if __name__ == "__main__":
            app.debug = True
            app.run()
        ```
        
        ## Feedbacks
        
        Again I am still new to Python, please give some feedbacks on best practices. Pull Requests are very welcomed.
Keywords: oauth redis xauth
Platform: UNKNOWN
