This is a Python library for accessing resources protected by OAuth 2.0.

Overview

Build Status Coverage Status Documentation Status

This is a client library for accessing resources protected by OAuth 2.0.

Note: oauth2client is now deprecated. No more features will be added to the libraries and the core team is turning down support. We recommend you use google-auth and oauthlib. For more details on the deprecation, see oauth2client deprecation.

Installation

To install, simply run the following command in your terminal:

$ pip install --upgrade oauth2client

Contributing

Please see the CONTRIBUTING page for more information. In particular, we love pull requests -- but please make sure to sign the contributor license agreement.

Supported Python Versions

We support Python 2.7 and 3.4+. More information in the docs.

Comments
  • SignedJwtAssertionCredentials has been removed: Why?

    SignedJwtAssertionCredentials has been removed: Why?

    To: @dhermes

    I am currently using class SignedJwtAssertionCredentials, and as of 2 days ago, it was removed.

    oauth2client/client.py

    https://github.com/google/oauth2client/commit/dcd20c9375308979e45ae280ec102a28d2ca60d1#diff-d8b1525b7f161cbce2f6438636be9c38

    What am I to use instead now?

    Signed JWT is expected for Google Cloud API Authentication.

    See SignedJwtAssertionCredentials._generate_assertion()

    opened by jefftune 88
  • Enable BYO http library

    Enable BYO http library

    If this is a duplicate I apologize.

    ISTM this requires

    • [x] Move all uses of httplib2 into a module (call it transport probably) (#554, #559, #561, #577)
    • [ ] Determine what assumed interface of httplib2.Http is needed
    • [ ] Optional. Try to reduce the interface needed
    • [x] Factor out the hard dependencies on httplib2 and just use these interfaces
    • [ ] Document the interface and allow credentials constructors to optionally take a custom Http object from any old library, e.g. twisted or requests.
    • [ ] Revisit all changes and ensure consistency
    • [ ] Revisit query string update hackery in #622
    opened by dhermes 55
  • \u003d  aka

    \u003d aka "=" character in json key breaks oauth2client

    Reported here: https://github.com/burnash/gspread/issues/239 for details, but in -----BEGIN PRIVATE KEY-----\n_**\n-----END PRIVATE KEY-----\n", it seems *_* must not contain \u003d

    This seems to be a problem only for python 2.7 (although possibly python 3 too as I am blocked by https://github.com/google/oauth2client/issues/106 so I might not have got that far with python 3).

    opened by felagund 52
  • Added self signed jwt service account credentials

    Added self signed jwt service account credentials

    Initial self signed jwt credential support #252. Here is my thinking with this initial API:

    -SelfSignedJWTCredentials class should not be on the OAuth2Client inheritance hierarchy, there are many oauth2 specific methods (like refresh) that don't apply to self signed credentials. -SelfSignedJWTCredentials can be placed in the service_account module, SelfSignedJWTCredentials are highly coupled with service account credentials, self signed jwts can only be signed using service account credentials -get_access_token() can be the external interface for generating tokens, it is consistent with the GoogleCredentials API, and there is nothing OAuth2 specific about the naming. -The fields contained in the JWT are Google specific as far as I can tell, so this should be considered a Google specific class

    cla: yes 
    opened by kpayson64 40
  • Flask 3LO helper

    Flask 3LO helper

    This should fix #224 once merged.

    Currently rough and looking for feedback. This intentionally deviates from the appengine/webapp2 decorator to be more idiomatic for flask users.

    1. The credentials are currently only stored on the session. I'd like some feedback on how to allow the user to specify storage, and how the session storage should fix into that (should it store both in the session and within the user provided storage?)
    2. I'm aware that it doesn't quite fit with the style of the rest of the codebase, I'll adjust to 2 spaces etc before merge.
    3. The scopes default to 'email' and 'profile', and there's a mechanism to fetch the user's full profile from google+. I can remove this if we feel it's bloated (users can easily add it back via authorize_callback).

    Tests will be added once I validate this approach.

    cla: yes 
    opened by theacodes 40
  • Service Account authentication fails on Linux, works on Mac OS X

    Service Account authentication fails on Linux, works on Mac OS X

    I am using gspread 0.2.5 and oauth2client 1.4.11. On a Mac with Python 2.7.5 I can authenticate to Google and retrieve data using this code:

    from oauth2client.client import SignedJwtAssertionCredentials
    scopes = ['https://spreadsheets.google.com/feeds/', 'https://docs.google.com/feeds']
    credentials = SignedJwtAssertionCredentials(client_email, private_key, scopes)
    gc = gspread.authorize(credentials)
    

    On Ubuntu 14.04 Linux with Python 2.7.6 and identical credentials, I see this error:

    Traceback (most recent call last):
      File "scripts/website-people-update.py", line 76, in <module>
        sheets = load_sheets(gdocs_client_email, gdocs_private_key)
      File "scripts/website-people-update.py", line 25, in load_sheets
        gc = gspread.authorize(credentials)
      File "/usr/local/lib/python2.7/dist-packages/gspread/client.py", line 335, in authorize
        client.login()
      File "/usr/local/lib/python2.7/dist-packages/gspread/client.py", line 98, in login
        self.auth.refresh(http)
      File "/usr/local/lib/python2.7/dist-packages/oauth2client/client.py", line 598, in refresh
        self._refresh(http.request)
      File "/usr/local/lib/python2.7/dist-packages/oauth2client/client.py", line 769, in _refresh
        self._do_refresh_request(http_request)
      File "/usr/local/lib/python2.7/dist-packages/oauth2client/client.py", line 834, in _do_refresh_request
        raise AccessTokenRefreshError(error_msg)
    AccessTokenRefreshError: invalid_grant
    

    I’m at a bit of a loss. Searches for invalid_grant come up with solutions that address incorrect configuration, rather than platform-specific failure.

    opened by migurski 36
  • Add Django Util With Decorator and Views

    Add Django Util With Decorator and Views

    This Django extension adds the views, decorators, and signals to oauth2client.

    This is heavily based on the work @jonparrott did for oauth2client/flask_util.

    Currently the only storage offered uses Django sessions. Based on issue #319 more storage options are planned along with integration to the existing CredentialsField in django_orm.

    This adds an environment variable to the tox script. This might not be strictly necessary, but it did simplify the tests a lot, since Django settings get looked up at import time and cached so it's easiest if they have an environment variable pointing to an existing settings module when the tests are started.

    This could have been squeezed into a single file, but I spilt it into separate files based on existing Django extension conventions.

    cla: yes 
    opened by waprin 35
  • Add multiprocess file storage.

    Add multiprocess file storage.

    Towards #470

    This is not ready for merge, this is an initial sketch of what this would look like. Please note:

    1. Instead of outright replacing multistore_file, I am introducing a new module to cover the same functionality named multiprocess_file_storage. We can do a release to deprecate multistore_file in favor of multiprocess_file_storage and then another release to remove it.
    2. The interface has changed. Instead of a bunch of get_storage_{} functions, there is now just MultiprocesFileStorage(filename, key). The key argument can be used to emulate how the previous helper methods worked, eg. key = '{}-{}-{}'.format(client_id, user_agent, scope).
    3. Tests are not done, want to sanity check this first.

    @thobrla, while writing this, I came across some interesting behavioral cases:

    1. The storage only holds the lock as long as needed to read/write the credentials file during put or get, but if at any point in time it fails to acquire the lock it will switch to read only mode and will never try locking again.
    2. The storage only reads the credentials file once, but writes to it constantly. This means if multiple processes access the store and write, they are probably erasing the other's stuff despite the locking.

    It seems that multistore_file never lived up to its promises, and neither will this class. As I mentioned before, a sqlite-based storage would be a true solution but it would require the cloud sdk and gsutil to take on a third-party binary dependency, which may be untenable for you. What are your thoughts?

    cla: yes 
    opened by theacodes 33
  • [Discussion] post 4.0.0 refactor

    [Discussion] post 4.0.0 refactor

    With 3.0.0 out and 4.0.0 on the way, we've finally addressed most of the "cruft" in this library without making huge, sweeping, breaking changes. However, some huge obstacles remain - such as the twisted class hierarchy and the strange naming of some of the credentials classes.

    I'd like to start a discussion on refactoring this library post-4.0.0. I'm not one to throw out well-tested and proven code, but the code that is here needs to be better organized to suit our downstream clients and our users.

    I want to put forth the idea of this package slowly migrating to two new packages: google.auth and google.oauth2. During the initial phases we'll retain code inside of and continue to publish the oauth2client package, but once complete the oauth2client package will be permanently deprecated.

    The google.auth package will focus solely on server-to-server authentication. A rough idea of what this package will look like is:

    • google.auth.default() returns the application default credentials.
    • google.auth.service_account.Credentials credentials using a service account key to obtain an access token.
    • google.auth.jwt.Credentials credentials using a service account key to directly assert credentials.
    • google.auth.gae.Credentials credentials using App Engine identity credentials.
    • google.auth.gce.Credentials credentials using the Compute Engine metadata server.
    • google.auth.access_token.Credentials credential using a bare access token.

    This package won't contain anything related to storage or end-user based credentials.

    The google.oauth2 package will contain the remainder of the current library and focus solely on oauth2 user-specific stuff, better organized:

    • google.oauth2.flow - generic flow that can be easily used with web frameworks.
    • google.oauth2.credentials - user credentials with access and refresh tokens.
    • google.oauth2.storage - a wrapper that allows credentials to be stored. etc.

    What are you initial thoughts @nathanielmanistaatgoogle @dhermes @waprin @thobrla @anthmgoogle @elibixby @pferate & any others.

    opened by theacodes 31
  • Add DictionaryStorage class for #319.

    Add DictionaryStorage class for #319.

    DictionaryStorage - implements an optionally-locked storage over a dictionary-like object.

    Additionally:

    • Storage now includes optional locking logic. Previously this was implemented in subclasses.
    • Remove flask_util.FlaskSessionStorage and replaced it with DictionaryStorage.
    cla: yes 
    opened by theacodes 31
  • Update GCE AppAssertionCredentials

    Update GCE AppAssertionCredentials

    This provides several much needed updates to GCE App Assertion Credentials

    1. Properly populates token expiry
    2. Retrieves credentials scopes from the metadata server
    3. Allows credentials to use custom service accounts by providing an optional email field
    4. Implements serialization/deserialization for this email field
    5. Provides a project_id property using metadata server in preparation for a pull request addressing #471
    cla: yes don't merge 
    opened by elibixby 26
  • Archive the repo

    Archive the repo

    Note: oauth2client is now deprecated. As such, it is unlikely that we will address or respond to your issue. We recommend you use google-auth and oauthlib.

    So reading that message above, I think it's time to archive the repo. Any thoughts?

    @broady @busunkim96 @crwilcox @tswast

    type: process 
    opened by JustinBeckwith 3
  • Bump django from 1.10.0 to 1.11.23 in /samples/django/django_user

    Bump django from 1.10.0 to 1.11.23 in /samples/django/django_user

    Bumps django from 1.10.0 to 1.11.23.

    Commits
    • 9748977 [1.11.x] Bumped version for 1.11.23 release.
    • 869b34e [1.11.x] Fixed CVE-2019-14235 -- Fixed potential memory exhaustion in django....
    • ed682a2 [1.11.x] Fixed CVE-2019-14234 -- Protected JSONField/HStoreField key and inde...
    • 52479ac [1.11.x] Fixed CVE-2019-14233 -- Prevented excessive HTMLParser recursion in ...
    • 42a66e9 [1.11.X] Fixed CVE-2019-14232 -- Adjusted regex to avoid backtracking issues ...
    • 693046e [1.11.x] Added stub release notes for security releases.
    • 6d054b5 [1.11.x] Added CVE-2019-12781 to the security release archive.
    • 7c849b9 [1.11.x] Post-release version bump.
    • 480380c [1.11.x] Bumped version for 1.11.22 release.
    • 32124fc [1.11.x] Fixed CVE-2019-12781 -- Made HttpRequest always trust SECURE_PROXY_S...
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    cla: yes dependencies 
    opened by dependabot[bot] 0
Releases(v4.1.3)
  • v4.1.3(Sep 7, 2018)

    Note: oauth2client is deprecated. No more features will be added to the libraries and the core team is turning down support. We recommend you use google-auth and oauthlib.

    • Changed OAuth2 endpoints to use oauth2.googleapis.com variants. (#742)
    Source code(tar.gz)
    Source code(zip)
  • v4.1.2(Jun 29, 2017)

    Note: oauth2client is deprecated. No more features will be added to the libraries and the core team is turning down support. We recommend you use google-auth and oauthlib.

    Bug fixes:

    • Fix packaging issue had erroneously installed the test package. (#688)
    Source code(tar.gz)
    Source code(zip)
  • v4.1.1(Jun 6, 2017)

    v4.1.1

    Note: oauth2client is deprecated. No more features will be added to the libraries and the core team is turning down support. We recommend you use google-auth and oauthlib.

    New features:

    • Allow passing prompt='consent' via the flow_from_clientsecrets. (#717)
    Source code(tar.gz)
    Source code(zip)
  • v4.1.0(May 10, 2017)

    Note: oauth2client is now deprecated. No more features will be added to the libraries and the core team is turning down support. We recommend you use google-auth and oauthlib.

    New features:

    • Allow customizing the GCE metadata service address via an env var. (#704)
    • Store original encoded and signed identity JWT in OAuth2Credentials. (#680)
    • Use jsonpickle in django contrib, if available. (#676)

    Bug fixes:

    • Typo fixes. (#668, #697)
    • Remove b64 padding from PKCE values, per RFC7636. (#683)
    • Include LICENSE in Manifest.in. (#694)
    • Fix tests and CI. (#705, #712, #713)
    • Escape callback error code in flask_util. (#710)
    Source code(tar.gz)
    Source code(zip)
  • v4.0.0(Jan 11, 2017)

    New features:

    New Django samples. (#636) Add support for RFC7636 PKCE. (#588) Release as a universal wheel. (#665) Bug fixes:

    Fix django authorization redirect by correctly checking validity of credentials. (#651) Correct query loss when using parse_qsl to dict. (#622) Switch django models from pickle to jsonpickle. (#614) Support new MIDDLEWARE Django 1.10 setting. (#623) Remove usage of os.environ.setdefault. (#621) Handle missing storage files correctly. (#576) Try to revoke token with POST when getting a 405. (#662) Internal changes:

    Use transport module for GCE environment check. (#612) Remove author lines and add contributors.md. (#627) Clean up imports. (#625) Use transport.request in tests. (#607) Drop unittest2 dependency (#610) Remove backslash line continuations. (#608) Use transport helpers in system tests. (#606) Clean up usage of HTTP mocks in tests. (#605) Remove all uses of MagicMock. (#598) Migrate test runner to pytest. (#569) Merge util.py and _helpers.py. (#579) Remove httplib2 imports from non-transport modules. (#577) Breaking changes:

    Drop Python 3.3 support. (#603) Drop Python 2.6 support. (#590) Remove multistore_file. (#589)

    Source code(tar.gz)
    Source code(zip)
  • v3.0.0(Jul 28, 2016)

    • Populate token_expiry for GCE credentials. (#473)
    • Move GCE metadata interface to a separate module. (#520)
    • Populate scopes for GCE credentials. (#524)
    • Fix Python 3.5 compatibility. (#531)
    • Add oauth2client.contrib.sqlalchemy, a SQLAlchemy-based credential store. (#527)
    • Improve error when an invalid client secret is provided. (#530)
    • Add oauth2client.contrib.multiprocess_storage. This supersedes the functionality in oauth2client.contrib.multistore_file. (#504)
    • Pull httplib2 usage into a separate transport module. (#559, #561)
    • Refactor all django-related code into oauth2client.contrib.django_util. Add DjangoORMStorage, remove FlowField. (#546)
    • Fix application default credentials resolution order. (#570)
    • Add configurable timeout for GCE metadata server check. (#571)
    • Add warnings when using deprecated approval_prompt='force'. (#572)
    • Add deprecation warning to oauth2client.contrib.multistore_file. (#574)
    • (Hygiene) PEP8 compliance and various style fixes (#537, #540, #552, #562)
    • (Hygiene) Remove duplicated exception classes in oauth2client.contrib.appengine. (#533)

    NOTE: The next major release of oauth2client (v4.0.0) will remove the oauth2client.contrib.multistore_file module.

    Source code(tar.gz)
    Source code(zip)
  • v2.2.0(Jul 28, 2016)

    • Added support to override token_uri and revoke_uri in oauth2client.service_account.ServiceAccountCredentials. (#510)
    • oauth2client.contrib.multistore_file now handles OSError in addition to IOError because Windows may raise OSError where other platforms will raise IOError.
    • oauth2client.contrib.django_util and oauth2client.contrib.django_orm have been updated to support Django 1.8 - 1.10. Versions of Django below 1.8 will not work with these modules.
    Source code(tar.gz)
    Source code(zip)
  • v2.1.0(May 20, 2016)

    • Add basic support for JWT access credentials. (#503)
    • Fix oauth2client.client.DeviceFlowInfo to use UTC instead of the system timezone when calculating code expiration.
    Source code(tar.gz)
    Source code(zip)
  • v2.0.2(Apr 15, 2016)

    • Fix issue where flask_util.UserOAuth2.required would accept expired credentials (#452).
    • Fix issue where flask_util would fill the session with Flow objects (#498).
    • Fix issue with Python 3 binary strings in Flow.step2_exchange (#446).
    • Improve test coverage to 100%.
    Source code(tar.gz)
    Source code(zip)
  • v2.0.1(Mar 8, 2016)

    • Making scopes optional on Google Compute Engine AppAssertionCredentials and adding a warning that GCE won't honor scopes (#419)
    • Adding common sign_blob() to service account types and a service_account_email property. (#421)
    • Improving error message in P12 factory ServiceAccountCredentials.from_p12_keyfile when pyOpenSSL is missing. (#424)
    • Allowing default flags in oauth2client.tools.run_flow() rather than forcing users to create a dummy argparser (#426)
    • Removing oauth2client.util.dict_to_tuple_key() from public interface (#429)
    • Adding oauth2client.contrib._appengine_ndb helper module for oauth2client.contrib.appengine and moving most code that uses the ndb library into the helper (#434)
    • Fix error in django_util sample code (#438)
    Source code(tar.gz)
    Source code(zip)
  • v2.0.0-post1(Feb 19, 2016)

    • Fix Google Compute Engine breakage (#411, breakage introduced in #387) that made it impossible to obtain access tokens
    • Implement ServiceAccountCredentials.from_p12_keyfile_buffer() to allow passing a file-like object in addition to the factory constructor that uses a filename directly (#413)
    • Implement ServiceAccountCredentials.create_delegated() to allow upgrading a credential to one that acts on behalf of a given subject (#420)
    Source code(tar.gz)
    Source code(zip)
  • v2.0.0(Feb 16, 2016)

    • Add django_util (#332)
    • Avoid OAuth2Credentials id_token going out of sync after a token refresh (#337)
    • Move to a contrib sub-package code not considered a core part of the library (#346, #353, #370, #375, #376, #382)
    • Add token_expiry to devshell credentials (#372)
    • Move Storage locking into a base class (#379)
    • Added dictionary storage (#380)
    • Added to_json and from_json methods to all Credentials classes (#385)
    • Fall back to read-only credentials on EACCES errors (#389)
    • Coalesced the two ServiceAccountCredentials classes (#395, #396, #397, #398, #400)

    Special Note About ServiceAccountCredentials:

    For JSON keys, you can create a credential via

    from oauth2client.service_account import ServiceAccountCredentials
    credentials = ServiceAccountCredentials.from_json_keyfile_name(
        key_file_name, scopes=[...])
    

    You can still rely on

    from oauth2client.client import GoogleCredentials
    credentials = GoogleCredentials.get_application_default()
    

    returning these credentials when you set the GOOGLE_APPLICATION_CREDENTIALS environment variable.

    For .p12 keys, construct via

    credentials = ServiceAccountCredentials.from_p12_keyfil(
        service_account_email, key_file_name, scopes=[...])
    

    though we urge you to use JSON keys (rather than .p12 keys) if you can. This is equivalent to the previous method

    # PRE-oauth2client 2.0.0 EXAMPLE CODE!
    from oauth2client.client import SignedJwtAssertionCredentials
    with open(key_file_name, 'rb') as key_file:
        private_key = key_file.read()
    credentials = SignedJwtAssertionCredentials(
        service_account_email, private_key, scope=[...])
    
    Source code(tar.gz)
    Source code(zip)
  • v1.5.2(Nov 18, 2015)

    • Add access token refresh error class that includes HTTP status (#310)
    • Python3 compatibility fixes for Django (#316, #318)
    • Fix incremental auth in flask_util (#322)
    • Fall back to credential refresh on EDEADLK in multistore_file (#336)
    Source code(tar.gz)
    Source code(zip)
  • v1.5.1(Sep 16, 2015)

  • v1.5.0(Sep 7, 2015)

    • Fix (more like clarify) bytes / str handling in crypto methods. (#203, #250, #272)
    • Replacing webapp with webapp2 in oauth2client.appengine (#217)
    • Added optional state parameter to step1_get_authorize_url. (#219 and #222)
    • Added flask_util module that provides a Flask extension to aid with using OAuth2 web server flow. This provides the same functionality as the appengine.webapp2 OAuth2Decorator, but will work with any Flask application regardless of hosting environment. (#226, #273)
    • Track scopes used on credentials objects (#230)
    • Moving docs to [readthedocs.org][1](#237, #238, #244)
    • Removing old_run module. Was deprecated July 2, 2013. (#285)
    • Avoid proxies when querying for GCE metadata (to check if running on GCE) (#114, #293)
    Source code(tar.gz)
    Source code(zip)
  • v1.4.12(Jul 13, 2015)

    • Fix OS X flaky test failure (#189).
    • Fix broken OpenSSL import (#191).
    • Remove @util.positional from wrapped request in Credentials.authorize() (#196, #197).
    • Changing pinned dependencies to >= (#200, #204).
    • Support client authentication using Authorization header (#206).
    • Clarify environment check in case where GAE imports succeed but GAE services aren't available (#208).

    See https://github.com/google/oauth2client/blob/master/CHANGELOG.md

    Source code(tar.gz)
    Source code(zip)
Owner
Google APIs
Clients for Google APIs and tools that help produce them.
Google APIs
it's a Django application to register and authenticate users using phone number.

django-phone-auth It's a Django application to register and authenticate users using phone number. CustomUser model created using AbstractUser class.

MsudD 4 Nov 29, 2022
AddressBookApp - Address Book App in Django

AddressBookApp Application Name Address Book App in Django, 2022 Technologies La

Joshua K 1 Aug 18, 2022
Two factor authentication system using azure services and python language and its api's

FUTURE READY TALENT VIRTUAL INTERSHIP PROJECT PROJECT NAME - TWO FACTOR AUTHENTICATION SYSTEM Resources used: * Azure functions(python)

BHUSHAN SATISH DESHMUKH 1 Dec 10, 2021
An introduction of Markov decision process (MDP) and two algorithms that solve MDPs (value iteration, policy iteration) along with their Python implementations.

Markov Decision Process A Markov decision process (MDP), by definition, is a sequential decision problem for a fully observable, stochastic environmen

Yu Shen 31 Dec 30, 2022
Script that provides your TESLA access_token and refresh_token

TESLA tokens This script helps you get your TESLA access_token and refresh_token in order to connect to third party applications (Teslamate, TeslaFi,

Bun-Ny TAN 3 Apr 28, 2022
REST implementation of Django authentication system.

djoser REST implementation of Django authentication system. djoser library provides a set of Django Rest Framework views to handle basic actions such

Sunscrapers 2.2k Jan 01, 2023
Ready to use and customizable Authentications and Authorisation management for FastAPI ⚡

AuthenticationX 💫 Ready-to-use and customizable Authentications and Oauth2 management for FastAPI ⚡ Source Code: https://github.com/yezz123/AuthX Doc

Yasser Tahiri 404 Dec 27, 2022
Simple extension that provides Basic, Digest and Token HTTP authentication for Flask routes

Flask-HTTPAuth Simple extension that provides Basic and Digest HTTP authentication for Flask routes. Installation The easiest way to install this is t

Miguel Grinberg 1.1k Jan 05, 2023
Django-react-firebase-auth - A web app showcasing OAuth2.0 + OpenID Connect using Firebase, Django-Rest-Framework and React

Demo app to show Django Rest Framework working with Firebase for authentication

Teshank Raut 6 Oct 13, 2022
This project is an open-source project which I made due to sharing my experience around the Python programming language.

django-tutorial This project is an open-source project which I made due to sharing my experience around the Django framework. What is Django? Django i

MohammadMasoumi 6 May 12, 2022
Brute force a JWT token. Script uses multithreading.

JWT BF Brute force a JWT token. Script uses multithreading. Tested on Kali Linux v2021.4 (64-bit). Made for educational purposes. I hope it will help!

Ivan Šincek 5 Dec 02, 2022
Django-registration (redux) provides user registration functionality for Django websites.

Description: Django-registration provides user registration functionality for Django websites. maintainers: Macropin, DiCato, and joshblum contributor

Andrew Cutler 920 Jan 08, 2023
Flask Implementation of a login page and some basic functionality.

login_page Flask Implementation of a login page and some basic functionality. How to Run $ chmod +x run.sh setup.sh $ # run setup.sh only if the datab

3 Jun 03, 2021
Per object permissions for Django

django-guardian django-guardian is an implementation of per object permissions [1] on top of Django's authorization backend Documentation Online docum

3.3k Jan 01, 2023
A JSON Web Token authentication plugin for the Django REST Framework.

Simple JWT Abstract Simple JWT is a JSON Web Token authentication plugin for the Django REST Framework. For full documentation, visit django-rest-fram

Jazzband 3.2k Dec 29, 2022
Auth-Starters - Different APIs using Django & Flask & FastAPI to see Authentication Service how its work

Auth-Starters Different APIs using Django & Flask & FastAPI to see Authentication Service how its work, and how to use it. This Repository based on my

Yasser Tahiri 7 Apr 22, 2022
Ready-to-use and customizable users management for FastAPI

FastAPI Users Ready-to-use and customizable users management for FastAPI Documentation: https://frankie567.github.io/fastapi-users/ Source Code: https

François Voron 2.4k Jan 04, 2023
A full Rest-API With Oauth2 and JWT for request & response a JSON file Using FastAPI and SQLAlchemy 🔑

Pexon-Rest-API A full Rest-API for request & response a JSON file, Building a Simple WorkFlow that help you to Request a JSON File Format and Handling

Yasser Tahiri 15 Jul 22, 2022
Accounts for Django made beautifully simple

Django Userena Userena is a Django application that supplies your Django project with full account management. It's a fully customizable application t

Bread & Pepper 1.3k Sep 18, 2022
Authentication testing framework

What is this This is a framework designed to test authentication for web applications. While web proxies like ZAProxy and Burpsuite allow authenticate

DigeeX 140 Jul 06, 2022