oauth2 Package

oauth2 Package

The MIT License

Copyright (c) 2007-2010 Leah Culver, Joe Stump, Mark Paschal, Vic Fryzel

Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the “Software”), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

class oauth2.Client(consumer, token=None, cache=None, timeout=None, proxy_info=None)[source]

Bases: httplib2.Http

OAuthClient is a worker to attempt to execute a request.

request(uri, method='GET', body='', headers=None, redirections=5, connection_type=None)[source]
set_signature_method(method)[source]
class oauth2.Consumer(key, secret)[source]

Bases: object

A consumer of OAuth-protected services.

The OAuth consumer is a “third-party” service that wants to access protected resources from an OAuth service provider on behalf of an end user. It’s kind of the OAuth client.

Usually a consumer must be registered with the service provider by the developer of the consumer software. As part of that process, the service provider gives the consumer a key and a secret with which the consumer software can identify itself to the service. The consumer will include its key in each request to identify itself, but will use its secret only when signing requests, to prove that the request is from that particular registered consumer.

Once registered, the consumer can then use its consumer credentials to ask the service provider for a request token, kicking off the OAuth authorization process.

key = None
secret = None
exception oauth2.Error(message='OAuth error occurred.')[source]

Bases: exceptions.RuntimeError

Generic exception class.

message[source]

A hack to get around the deprecation errors in 2.6.

exception oauth2.MissingSignature(message='OAuth error occurred.')[source]

Bases: oauth2.Error

class oauth2.Request(method='GET', url=None, parameters=None, body='', is_form_encoded=False)[source]

Bases: dict

The parameters and information for an HTTP request, suitable for authorizing with OAuth credentials.

When a consumer wants to access a service’s protected resources, it does so using a signed HTTP request identifying itself (the consumer) with its key, and providing an access token authorized by the end user to access those resources.

classmethod from_consumer_and_token(consumer, token=None, http_method='GET', http_url=None, parameters=None, body='', is_form_encoded=False)[source]
classmethod from_request(http_method, http_url, headers=None, parameters=None, query_string=None)[source]

Combines multiple parameter sources.

classmethod from_token_and_callback(token, callback=None, http_method='GET', http_url=None, parameters=None)[source]
get_nonoauth_parameters()[source]

Get any non-OAuth parameters.

get_normalized_parameters()[source]

Return a string that contains the parameters that must be signed.

get_parameter(parameter)[source]
classmethod make_nonce()[source]

Generate pseudorandom number.

classmethod make_timestamp()[source]

Get seconds since epoch (UTC).

method[source]
sign_request(signature_method, consumer, token)[source]

Set the signature parameter to the result of sign.

to_header(realm='')[source]

Serialize as a header for an HTTPAuth request.

to_postdata()[source]

Serialize as post data for a POST request.

to_url()[source]

Serialize as a URL for a GET request.

url[source]
version = '1.0'
class oauth2.Server(signature_methods=None)[source]

Bases: object

A skeletal implementation of a service provider, providing protected resources to requests from authorized consumers.

This class implements the logic to check requests for authorization. You can use it with your web server or web framework to protect certain resources with OAuth.

add_signature_method(signature_method)[source]
build_authenticate_header(realm='')[source]

Optional support for the authenticate header.

signature_methods = None
timestamp_threshold = 300
verify_request(request, consumer, token)[source]

Verifies an api call and checks all the parameters.

version = '1.0'
class oauth2.SignatureMethod[source]

Bases: object

A way of signing requests.

The OAuth protocol lets consumers and service providers pick a way to sign requests. This interface shows the methods expected by the other oauth modules for signing requests. Subclass it and implement its methods to provide a new way to sign requests.

check(request, consumer, token, signature)[source]

Returns whether the given signature is the correct signature for the given consumer and token signing the given request.

sign(request, consumer, token)[source]

Returns the signature for the given request, based on the consumer and token also provided.

You should use your implementation of signing_base() to build the message to sign. Otherwise it may be less useful for debugging.

signing_base(request, consumer, token)[source]

Calculates the string that needs to be signed.

This method returns a 2-tuple containing the starting key for the signing and the message to be signed. The latter may be used in error messages to help clients debug their software.

class oauth2.SignatureMethod_HMAC_SHA1[source]

Bases: oauth2.SignatureMethod

name = 'HMAC-SHA1'
sign(request, consumer, token)[source]

Builds the base signature string.

signing_base(request, consumer, token)[source]
class oauth2.SignatureMethod_PLAINTEXT[source]

Bases: oauth2.SignatureMethod

name = 'PLAINTEXT'
sign(request, consumer, token)[source]
signing_base(request, consumer, token)[source]

Concatenates the consumer key and secret with the token’s secret.

class oauth2.Token(key, secret)[source]

Bases: object

An OAuth credential used to request authorization or a protected resource.

Tokens in OAuth comprise a key and a secret. The key is included in requests to identify the token being used, but the secret is used only in the signature, to prove that the requester is who the server gave the token to.

When first negotiating the authorization, the consumer asks for a request token that the live user authorizes with the service provider. The consumer then exchanges the request token for an access token that can be used to access protected resources.

callback = None
callback_confirmed = None
static from_string(s)[source]

Deserializes a token from a string like one returned by to_string().

get_callback_url()[source]
key = None
secret = None
set_callback(callback)[source]
set_verifier(verifier=None)[source]
to_string()[source]

Returns this token as a plain string, suitable for storage.

The resulting string includes the token’s secret, so you should never send or store this string where a third party can read it.

verifier = None
oauth2.build_authenticate_header(realm='')[source]

Optional WWW-Authenticate header (401 error)

oauth2.build_xoauth_string(url, consumer, token=None)[source]

Build an XOAUTH string for use in SMTP/IMPA authentication.

oauth2.escape(s)[source]

Escape a URL including any /.

oauth2.generate_nonce(length=8)[source]

Generate pseudorandom number.

oauth2.generate_timestamp()[source]

Get seconds since epoch (UTC).

oauth2.generate_verifier(length=8)[source]

Generate pseudorandom number.

oauth2.setter(attr)[source]
oauth2.to_unicode(s)[source]

Convert to unicode, raise exception with instructive error message if s is not unicode, ascii, or utf-8.

oauth2.to_unicode_if_string(s)[source]
oauth2.to_unicode_optional_iterator(x)[source]

Raise TypeError if x is a str containing non-utf8 bytes or if x is an iterable which contains such a str.

oauth2.to_utf8(s)[source]
oauth2.to_utf8_if_string(s)[source]
oauth2.to_utf8_optional_iterator(x)[source]

Raise TypeError if x is a str or if x is an iterable which contains a str.

_version Module

Table Of Contents

Previous topic

not_found_handler_test Module

Next topic

query_server Module

This Page