Doing the OAuth dance with style using Flask, requests, and oauthlib.

Overview

Flask-Dance Build status Test coverage Documentation

Doing the OAuth dance with style using Flask, requests, and oauthlib. Currently, only OAuth consumers are supported, but this project could easily support OAuth providers in the future, as well. The full documentation for this project is hosted on ReadTheDocs, including the full list of supported OAuth providers, but this README will give you a taste of the features.

Installation

Just the basics:

$ pip install Flask-Dance

Or if you're planning on using the SQLAlchemy storage:

$ pip install Flask-Dance[sqla]

Quickstart

If you want your users to be able to log in to your app from any of the supported OAuth providers, you've got it easy. Here's an example using GitHub:

from flask import Flask, redirect, url_for
from flask_dance.contrib.github import make_github_blueprint, github

app = Flask(__name__)
app.secret_key = "supersekrit"
blueprint = make_github_blueprint(
    client_id="my-key-here",
    client_secret="my-secret-here",
)
app.register_blueprint(blueprint, url_prefix="/login")

@app.route("/")
def index():
    if not github.authorized:
        return redirect(url_for("github.login"))
    resp = github.get("/user")
    assert resp.ok
    return "You are @{login} on GitHub".format(login=resp.json()["login"])

If you're itching to try it out, check out the flask-dance-github example repository, with detailed instructions for how to run this code.

The github object is a context local, just like flask.request. That means that you can import it in any Python file you want, and use it in the context of an incoming HTTP request. If you've split your Flask app up into multiple different files, feel free to import this object in any of your files, and use it just like you would use the requests module.

You can also use Flask-Dance with any OAuth provider you'd like, not just the pre-set configurations. See the documentation for how to use other OAuth providers.

Storages

By default, OAuth access tokens are stored in Flask's session object. This means that if the user ever clears their browser cookies, they will have to go through the OAuth dance again, which is not good. You're better off storing access tokens in a database or some other persistent store, and Flask-Dance has support for swapping out the token storage. For example, if you're using SQLAlchemy, set it up like this:

from flask_sqlalchemy import SQLAlchemy
from flask_dance.consumer.storage.sqla import OAuthConsumerMixin, SQLAlchemyStorage

db = SQLAlchemy()

class User(db.Model):
    id = db.Column(db.Integer, primary_key=True)
    # ... other columns as needed

class OAuth(OAuthConsumerMixin, db.Model):
    user_id = db.Column(db.Integer, db.ForeignKey(User.id))
    user = db.relationship(User)

# get_current_user() is a function that returns the current logged in user
blueprint.storage = SQLAlchemyStorage(OAuth, db.session, user=get_current_user)

The SQLAlchemy storage seamlessly integrates with Flask-SQLAlchemy, as well as Flask-Login for user management, and Flask-Caching for caching.

Full Documentation

This README provides just a taste of what Flask-Dance is capable of. To see more, read the documentation on ReadTheDocs.

Comments
  • Twitter:

    Twitter: "ValueError: Cannot get OAuth token without an associated user"

    I was able to run the github-oauth based example correctly.

    I then created this gist which is the same except switching to twitter. It gives "ValueError: Cannot get OAuth token without an associated user".

    opened by chrisroat 24
  • Wrong session usage or possible security issue

    Wrong session usage or possible security issue

    Working according to the basic documentation, I'm hitting a serious problem where one user login session in one browser is propogated to another browser with no login credentials.

    Here's my relevant server code:

    from os import environ
    
    from flask import Flask, redirect, url_for, render_template
    from flask_sqlalchemy import SQLAlchemy
    from flask_migrate import Migrate
    from flask_dance.contrib.twitter import make_twitter_blueprint, twitter
    from flask_dance.consumer.backend.sqla import SQLAlchemyBackend, OAuthConsumerMixin
    from werkzeug.contrib.fixers import ProxyFix
    
    
    app = Flask(__name__)
    app.secret_key = environ.get('FLASK_SECRET_KEY')
    app.wsgi_app = ProxyFix(app.wsgi_app)
    app.config.from_object('config.Config')
    
    db = SQLAlchemy(app)
    migrate = Migrate(app, db)
    
    class OAuth(OAuthConsumerMixin, db.Model):
        pass
    
    twitter_blueprint = make_twitter_blueprint(
        api_key=app.config['TWITTER_CONSUMER_KEY'],
        api_secret=app.config['TWITTER_CONSUMER_SECRET'],
    )
    twitter_blueprint.backend = SQLAlchemyBackend(OAuth, db.session)
    app.register_blueprint(twitter_blueprint, url_prefix='/login')
    
    
    @app.route('/')
    def index():
        username = None
        if twitter.authorized:
            resp = twitter.get('account/settings.json')
            username = resp.json()['screen_name']
        return render_template('index.html', username=username)
    

    Steps:

    1. Open two separate browser sessions
    2. In both sessions, navigate to server:5000, homepage shows a login link {{ url_for('twitter.login') }}
    3. On browser A, perform Twitter authentication dance
    4. Redirect back to homepage, username is rendered correctly, inspecting the SQL database, the oauth tokens are indeed saved correctly for the user
    5. On browser B refresh homepage, username is now populated with the login session from browser A

    Other notes:

    • Happens on all environments, both with and without flask debug mode, as well as running through gunicorn
    • Backend database is a postgreSQL instance
    • Flask 1.0.2, Flask-dance 1.0.0, Python 3.7
    • Adding user_required=False as a param to SQLAlchemyBackend doesn't change this behavior

    This is no doubt a serious potential security bug. Either the library is behaving in an unexpected way, or I'm doing something wrong, and hitting a pitfall, in which case the documentation probably should be updated to warn about this behavior.

    opened by yuvadm 20
  • Okta provider not working

    Okta provider not working

    Trying to use the Okta provider (which doesn't have an example to follow)

    import os
    from flask import Flask, redirect, url_for
    from flask_dance.contrib.okta import make_okta_blueprint, okta
    from flask_dotenv import DotEnv
    
    app = Flask(__name__)
    env = DotEnv(app)
    
    app.secret_key = os.environ.get("FLASK_SECRET_KEY", "supersekrit")
    okta_bp = make_okta_blueprint(
        client_id=app.config["OKTA_OAUTH_CLIENT_ID"],
        client_secret=app.config["OKTA_OAUTH_CLIENT_SECRET"],)
    app.register_blueprint(okta_bp, url_prefix="/login")
    
    
    @app.route("/")
    def index():
        if not okta.authorized:
            return redirect(url_for("okta.login"))
        resp = okta.get("/user")
        assert resp.ok
        return "You are @{login} on Okta".format(login=resp.json()["login"])
    
    
    if __name__ == "__main__":
        app.run(debug=True, use_reloader=True)
    

    Gives me the following error:

    builtins.AttributeError
    AttributeError: 'NoneType' object has no attribute 'lower'
    
    Traceback (most recent call last)
    File "C:\work\python\okta-flask-example\env\lib\site-packages\flask\app.py", line 2328, in __call__
    return self.wsgi_app(environ, start_response)
    File "C:\work\python\okta-flask-example\env\lib\site-packages\flask\app.py", line 2314, in wsgi_app
    response = self.handle_exception(e)
    File "C:\work\python\okta-flask-example\env\lib\site-packages\flask\app.py", line 1760, in handle_exception
    reraise(exc_type, exc_value, tb)
    File "C:\work\python\okta-flask-example\env\lib\site-packages\flask\_compat.py", line 36, in reraise
    raise value
    File "C:\work\python\okta-flask-example\env\lib\site-packages\flask\app.py", line 2311, in wsgi_app
    response = self.full_dispatch_request()
    File "C:\work\python\okta-flask-example\env\lib\site-packages\flask\app.py", line 1834, in full_dispatch_request
    rv = self.handle_user_exception(e)
    File "C:\work\python\okta-flask-example\env\lib\site-packages\flask\app.py", line 1737, in handle_user_exception
    reraise(exc_type, exc_value, tb)
    File "C:\work\python\okta-flask-example\env\lib\site-packages\flask\_compat.py", line 36, in reraise
    raise value
    File "C:\work\python\okta-flask-example\env\lib\site-packages\flask\app.py", line 1832, in full_dispatch_request
    rv = self.dispatch_request()
    File "C:\work\python\okta-flask-example\env\lib\site-packages\flask\app.py", line 1818, in dispatch_request
    return self.view_functions[rule.endpoint](**req.view_args)
    File "C:\work\python\okta-flask-example\env\lib\site-packages\flask_dance\consumer\oauth2.py", line 201, in login
    self.authorization_url, state=self.state, **self.authorization_url_params
    File "C:\work\python\okta-flask-example\env\lib\site-packages\requests_oauthlib\oauth2_session.py", line 158, in authorization_url
    **kwargs), state
    File "C:\work\python\okta-flask-example\env\lib\site-packages\oauthlib\oauth2\rfc6749\clients\web_application.py", line 90, in prepare_request_uri
    redirect_uri=redirect_uri, scope=scope, state=state, **kwargs)
    File "C:\work\python\okta-flask-example\env\lib\site-packages\oauthlib\oauth2\rfc6749\parameters.py", line 70, in prepare_grant_uri
    if not is_secure_transport(uri):
    File "C:\work\python\okta-flask-example\env\lib\site-packages\oauthlib\oauth2\rfc6749\utils.py", line 94, in is_secure_transport
    return uri.lower().startswith('https://')
    AttributeError: 'NoneType' object has no attribute 'lower'
    

    because self.authorization_url is empty.

    Any ideas?

    opened by RichardCullen 19
  • Flask dance with twitch API

    Flask dance with twitch API

    I have been trying to use flask-dance for Twitch API via OAuth2ConsumerBlueprint. The requests seem to fail since Twitch API expects client ID in request headers.

    DEBUG:requests_oauthlib.oauth2_session:Supplying headers {u'Authorization': u'Bearer XXXXXX'} and data None
    DEBUG:requests_oauthlib.oauth2_session:Passing through key word arguments {'allow_redirects': True}.
    DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): api.twitch.tv
    DEBUG:urllib3.connectionpool:https://api.twitch.tv:443 "GET /user HTTP/1.1" 302 154
    DEBUG:urllib3.connectionpool:https://api.twitch.tv:443 "GET /kraken/base HTTP/1.1" 400 96
    {u'status': 400, u'message': u'No client id specified', u'error': u'Bad Request'}
    

    I have tried manually setting the headers and it seems to succeed (even though it leaves new questions for me). I can not see how I can set custom headers. Is it possible?

    opened by chanux 19
  • authorized_url is http, not https:

    authorized_url is http, not https:

    I'm calling flask-dance with make_slack_blueprint, and the URL flask-dance sends to Slack as the authorized_url is

    "http://mydomain.com/login/slack/authorized"

    instead of the proper

    "https://mydomain.com/login/slack/authorized"

    This means the call fails on my production server since I did not set the insecure HTTPS env variable there (and shouldn't)

    how do I get flask dance to pass the https URL for the authorized_url? If I try to specify an absolute path as the authorized url then it gets treated as a relative path.

    blueprint_slack = make_slack_blueprint(
        client_id="sdfdsg242894452",
        client_secret="53019238021358rrgdf",
        scope=["identify",  "chat:write:bot"],
        **authorized_url='https://www.mydomain.com/login/slack/authorized',**   
        redirect_url='/slack_authorized',
    

    )

    If it is meaningful:

    I'm running Flask 1.0+

    • with Flask-talisman 0 all URl's redirect to https:// and I have HSTS set
    • with a gunicorn server, with relevant https flags set in my gunicorn config file

    secure_proxy_ssl_header = ('HTTP_X_FORWARDED_PROTO', 'https') forwarded_allow_ips = '*' secure_scheme_headers = {'X-Forwarded-Proto': 'https'} x_forwarded_for_header = 'X-FORWARDED-FOR'

    PS: And yes, the client_id and secret above are bogus!

    opened by aardvark82 16
  • Add option to allow CSRF attacks

    Add option to allow CSRF attacks

    Fixes #191. Slack apps can be installed from the Slack app directory, which involves doing the OAuth dance starting from slack.com instead of from the Flask app. This is the same as a cross-site request forgery attack, but it is the expected behavior.

    Is there some way that we can narrow the scope of this vulnerability? Is there a reliable way to only bypass the state check for requests that were initiated by a subdomain of slack.com, for example? I don't know if Referer headers are reliable or not...

    opened by singingwolfboy 15
  • How does twitter.authorized know it's me?

    How does twitter.authorized know it's me?

    I don't really understand how I can log out, delete my cookie, then click the "Sign in with Twitter" button and it somehow knows who I am and just logs me in directly. twitter.authorized is evaluating to True, and I saw that the code I think that's being evaluating to True is:

    bool(self._client.client.client_secret) and
    bool(self._client.client.resource_owner_key) and
    bool(self._client.client.resource_owner_secret)
    

    How can the session still have a resource_owner_key and resource_owner_secret after I've logged out, deleted my session cookie in Chrome, and restarted the server?

    opened by NathanWailes 14
  • Added Bitbucket provider

    Added Bitbucket provider

    Bitbucket requires HTTP Basic Authentication witch client_id and client_secret to fetch tokens. OAuth2ConsumerBlueprint has been adjusted to pass through authentication details (object or tuple as expected by requests).

    A provider Bitbucket has been added.

    Test for new provider has been added.

    Documentation has been updated.

    opened by jsfan 13
  • Updated Azure to allow defining authorization_url_params

    Updated Azure to allow defining authorization_url_params

    I hope this is all okay. I have updated the Azure provider to allow someone to define authorization_url_params to pass additional data.

    Azure supports extra parameters such as prompt, login_hint and domain_hint

    https://docs.microsoft.com/en-us/azure/active-directory/develop/v1-protocols-oauth-code#request-an-authorization-code

    opened by gchq83514 11
  • client_id and client_secret required for Meetup

    client_id and client_secret required for Meetup

    Thanks very much for writing this package. Should make flask projects a lot tidier!

    I'm having an issue with the Meetup blueprint, and I can't figure out what's up. I've taken the flask-dance-github project as a test (and confirmed it works fine with Github) and modified it minimally so it should work with Meetup. (Slightly different parameter names.) However I get the following error:

    127.0.0.1 - - [16/Mar/2019 01:16:15] "GET /login/meetup/authorized?code=<code>&state=<state> HTTP/1.1" 500 -
    Traceback (most recent call last):
      File "/home/bob/projects/flask-dance-github/venv/lib/python3.6/site-packages/flask/app.py", line 2309, in __call__
        return self.wsgi_app(environ, start_response)
      File "/home/bob/projects/flask-dance-github/venv/lib/python3.6/site-packages/flask/app.py", line 2295, in wsgi_app
        response = self.handle_exception(e)
      File "/home/bob/projects/flask-dance-github/venv/lib/python3.6/site-packages/flask/app.py", line 1741, in handle_exception
        reraise(exc_type, exc_value, tb)
      File "/home/bob/projects/flask-dance-github/venv/lib/python3.6/site-packages/flask/_compat.py", line 35, in reraise
        raise value
      File "/home/bob/projects/flask-dance-github/venv/lib/python3.6/site-packages/flask/app.py", line 2292, in wsgi_app
        response = self.full_dispatch_request()
      File "/home/bob/projects/flask-dance-github/venv/lib/python3.6/site-packages/flask/app.py", line 1815, in full_dispatch_request
        rv = self.handle_user_exception(e)
      File "/home/bob/projects/flask-dance-github/venv/lib/python3.6/site-packages/flask/app.py", line 1718, in handle_user_exception
        reraise(exc_type, exc_value, tb)
      File "/home/bob/projects/flask-dance-github/venv/lib/python3.6/site-packages/flask/_compat.py", line 35, in reraise
        raise value
      File "/home/bob/projects/flask-dance-github/venv/lib/python3.6/site-packages/flask/app.py", line 1813, in full_dispatch_request
        rv = self.dispatch_request()
      File "/home/bob/projects/flask-dance-github/venv/lib/python3.6/site-packages/flask/app.py", line 1799, in dispatch_request
        return self.view_functions[rule.endpoint](**req.view_args)
      File "/home/bob/projects/flask-dance-github/venv/lib/python3.6/site-packages/flask_dance/consumer/oauth2.py", line 266, in authorized
        **self.token_url_params
      File "/home/bob/projects/flask-dance-github/venv/lib/python3.6/site-packages/requests_oauthlib/oauth2_session.py", line 307, in fetch_token
        self._client.parse_request_body_response(r.text, scope=self.scope)
      File "/home/bob/projects/flask-dance-github/venv/lib/python3.6/site-packages/oauthlib/oauth2/rfc6749/clients/base.py", line 415, in parse_request_body_response
        self.token = parse_token_response(body, scope=scope)
      File "/home/bob/projects/flask-dance-github/venv/lib/python3.6/site-packages/oauthlib/oauth2/rfc6749/parameters.py", line 425, in parse_token_response
        validate_token_parameters(params)
      File "/home/bob/projects/flask-dance-github/venv/lib/python3.6/site-packages/oauthlib/oauth2/rfc6749/parameters.py", line 432, in validate_token_parameters
        raise_from_error(params.get('error'), params)
      File "/home/bob/projects/flask-dance-github/venv/lib/python3.6/site-packages/oauthlib/oauth2/rfc6749/errors.py", line 405, in raise_from_error
        raise cls(**kwargs)
    oauthlib.oauth2.rfc6749.errors.InvalidClientIdError: (invalid_request) client_id and client_secret required
    

    I am being successfully redirected to the authorize endpoint on Meetup, and I accept, then I am quickly redirected back to /meetup/login/authorized. However it seems that the client_id and client_secret are not then being sent to the access endpoint on Meetup.

    Don't currently have a proxy to properly check the requests from flask. Any idea what the cause might be?

    Cheers.

    opened by electricworry 11
  • Make sqla backend know when to require a user

    Make sqla backend know when to require a user

    This resolves the issue raised in #88, where Flask-Dance should have raised an exception instead of trying to create an OAuth token without an associated user. This changes the SQLAlchemy backend to take a new optional argument: require_user. When set to True, the backend will not allow OAuth tokens to be created without an associated user. This argument is True by default when an argument is passed for user or user_id.

    @NathanWailes, can you take a look at this, and let me know if the functionality is what you had in mind?

    opened by singingwolfboy 11
  • Adds base_url to allow different data center usage

    Adds base_url to allow different data center usage

    Gives the ability to change base_url, currently, it defaults to the US data center (https://api.nylas.com/) but customers in EU are unable to make requests since the EU data center is at (https://ireland.api.nylas.com)

    opened by ajay-k 6
  • Failing tests/fixtures/test_pytest.py in the Debian build

    Failing tests/fixtures/test_pytest.py in the Debian build

    Hello,

    Thank you very much for your work on this! However, whilst trying to package this module for Debian, I seem to run into this test failure around fixtures:

    I: pybuild base:239: python3-coverage run -m pytest
    ============================= test session starts ==============================
    platform linux -- Python 3.10.6, pytest-7.1.2, pluggy-1.0.0+repack
    rootdir: /<<PKGBUILDDIR>>
    plugins: mock-3.8.2, betamax-0.8.1
    collected 192 items
    
    tests/test_utils.py ..                                                   [  1%]
    tests/consumer/test_oauth1.py ....................                       [ 11%]
    tests/consumer/test_oauth2.py ........................                   [ 23%]
    tests/consumer/test_requests.py ..........                               [ 29%]
    tests/consumer/storage/test_sqla.py ............                         [ 35%]
    tests/contrib/test_atlassian.py ......                                   [ 38%]
    tests/contrib/test_authentiq.py ....                                     [ 40%]
    tests/contrib/test_azure.py .......                                      [ 44%]
    tests/contrib/test_digitalocean.py .....                                 [ 46%]
    tests/contrib/test_discord.py ....                                       [ 48%]
    tests/contrib/test_dropbox.py ........                                   [ 53%]
    tests/contrib/test_facebook.py .....                                     [ 55%]
    tests/contrib/test_fitbit.py ...                                         [ 57%]
    tests/contrib/test_github.py ...                                         [ 58%]
    tests/contrib/test_gitlab.py ......                                      [ 61%]
    tests/contrib/test_google.py .............                               [ 68%]
    tests/contrib/test_heroku.py ...                                         [ 70%]
    tests/contrib/test_jira.py .......                                       [ 73%]
    tests/contrib/test_linkedin.py ...                                       [ 75%]
    tests/contrib/test_meetup.py ....                                        [ 77%]
    tests/contrib/test_nylas.py ...                                          [ 79%]
    tests/contrib/test_osm.py ...                                            [ 80%]
    tests/contrib/test_reddit.py ....                                        [ 82%]
    tests/contrib/test_salesforce.py ........                                [ 86%]
    tests/contrib/test_slack.py .........                                    [ 91%]
    tests/contrib/test_spotify.py ...                                        [ 93%]
    tests/contrib/test_strava.py ...                                         [ 94%]
    tests/contrib/test_twitch.py ...                                         [ 96%]
    tests/contrib/test_twitter.py ...                                        [ 97%]
    tests/contrib/test_zoho.py ...                                           [ 99%]
    tests/fixtures/test_pytest.py E                                          [100%]
    
    ==================================== ERRORS ====================================
    _______________________ ERROR at setup of test_home_page _______________________
    file /<<PKGBUILDDIR>>/tests/fixtures/test_pytest.py, line 44
      @pytest.mark.usefixtures("betamax_record_flask_dance")
      def test_home_page(app):
    E       fixture 'betamax_record_flask_dance' not found
    >       available fixtures: app, betamax_parametrized_recorder, betamax_parametrized_session, betamax_recorder, betamax_session, cache, capfd, capfdbinary, caplog, capsys, capsysbinary, class_mocker, doctest_namespace, flask_dance_sessions, mocker, module_mocker, monkeypatch, package_mocker, pytestconfig, record_property, record_testsuite_property, record_xml_attribute, recwarn, responses, session_mocker, tmp_path, tmp_path_factory, tmpdir, tmpdir_factory
    >       use 'pytest --fixtures [testpath]' for help on them.
    
    

    D'you have any idea how to get this working? TIA! \o/

    opened by utkarsh2102 8
  • Oauth using github gives page not found

    Oauth using github gives page not found

    Redirects 404 page.

    @app.route('/github')
    def github_login():
        if not github.authorized:
            return redirect(url_for('github.login'))
    
        account_info = github.get('/user')
    
        if account_info.ok:
            account_info_json = account_info.json()
    
            return '<h1>Your Github name is {}'.format(account_info_json['login'])
    
        return '<h1>Request failed!</h1>'
    
    opened by blpraveen 2
  • getting flask-dance to auto refresh my expired tokens

    getting flask-dance to auto refresh my expired tokens

    Hi,

    I'm using the fitbit flask-dance contributed module. All is good, but when my token expires, then i would like to configure flask-dance and requests-oauthlib to automatically refresh the token if expired.

    To do that with fitbit oauth, i use the same token url, but need to supply it with different body:

    Authorization: Basic Y2xpZW50X2lkOmNsaWVudCBzZWNyZXQ=
    Content-Type: application/x-www-form-urlencoded
    
    grant_type=refresh_token&refresh_token=abcdef01234567890abcdef01234567890abcdef01234567890abcdef0123456
    

    The authorization header is "Basic " + base64 encoded "client_id:client_secret". the body has grant_type and includes the refresh token.

    I see that requests_oauthlib does have the mechanism to automatically refresh the token, see https://github.com/requests/requests-oauthlib/blob/master/requests_oauthlib/oauth2_session.py#L405 for example.

    and it does check for expired tokens.

    my question is: how can i configure the flask-dance fitbit module so that it does the right thing. All i see are two parameters, fitbit_bp.auto_refresh_url and fitbit_bp.auto_refresh_kwargs (see https://github.com/singingwolfboy/flask-dance/blob/main/flask_dance/contrib/fitbit.py )

    i set fitbit_bp.auto_refresh_url to the current url for refreshing the tokens, and i tried setting fitbit_bp.auto_refresh_kwargs in a few different ways, but i'm just not getting a valid response.

    any help is greatly appreciated. thanks in advance...

    k

    opened by lila 2
  • CSRF Warning! State not equal in request and response.

    CSRF Warning! State not equal in request and response.

    Screen Shot 2022-05-20 at 11 12 28 AM I found this issue when trying to localtunneling for testing my local env. In local env, everything works ok.

    But concerned in production for someone else spotted this too: https://community.auth0.com/t/non-google-users-need-to-login-twice-due-to-csrf-error/77958

    https://github.com/lepture/authlib/issues/376

    oauthlib.oauth2.rfc6749.errors.MismatchingStateError: (mismatching_state) CSRF Warning! State not equal in request and response.

    I have redirect failing:

    opened by gg4u 1
  • Set response_type while using custom provider

    Set response_type while using custom provider

    I was wondering if there is any way to setup response_type while using custom provider. The provider I am using only supports implicit flow hence the requirement. Thanks

    opened by montumodi 0
Releases(v6.2.0)
Owner
David Baumgold
Web developer and technical trainer. Python and Javascript both inspire great ❤️ and great 😭. He/him
David Baumgold
Python module for generating and verifying JSON Web Tokens

python-jwt Module for generating and verifying JSON Web Tokens. Note: From version 2.0.1 the namespace has changed from jwt to python_jwt, in order to

David Halls 210 Dec 24, 2022
This python package provides a simple password reset strategy for django rest framework

Django Rest Password Reset This python package provides a simple password reset strategy for django rest framework, where users can request password r

Anexia 363 Dec 24, 2022
Simplifying third-party authentication for web applications.

Velruse is a set of authentication routines that provide a unified way to have a website user authenticate to a variety of different identity provider

Ben Bangert 253 Nov 14, 2022
RSA Cryptography Authentication Proof-of-Concept

RSA Cryptography Authentication Proof-of-Concept This project was a request by Structured Programming lectures in Computer Science college. It runs wi

Dennys Marcos 1 Jan 22, 2022
Basic auth for Django.

easy-basicauth WARNING! THIS LIBRARY IS IN PROGRESS! ANYTHING CAN CHANGE AT ANY MOMENT WITHOUT ANY NOTICE! Installation pip install easy-basicauth Usa

bichanna 2 Mar 25, 2022
Abusing Microsoft 365 OAuth Authorization Flow for Phishing Attack

Microsoft365_devicePhish Abusing Microsoft 365 OAuth Authorization Flow for Phishing Attack This is a simple proof-of-concept script that allows an at

Optiv Security 76 Jan 02, 2023
Ready to use and customizable Authentications and Authorisation management for FastAPI ⚡

AuthenticationX 💫 Ready-to-use and customizable Authentications and Oauth2 management for FastAPI ⚡

Yasser Tahiri 408 Jan 05, 2023
Graphical Password Authentication System.

Graphical Password Authentication System. This is used to increase the protection/security of a website. Our system is divided into further 4 layers of protection. Each layer is totally different and

Hassan Shahzad 12 Dec 16, 2022
Mock authentication API that acceccpts email and password and returns authentication result.

Mock authentication API that acceccpts email and password and returns authentication result.

Herman Shpryhau 1 Feb 11, 2022
Generate payloads that force authentication against an attacker machine

Hashgrab Generates scf, url & lnk payloads to put onto a smb share. These force authentication to an attacker machine in order to grab hashes (for exa

xct 35 Dec 20, 2022
Some scripts to utilise device code authorization for phishing.

OAuth Device Code Authorization Phishing Some scripts to utilise device code authorization for phishing. High level overview as per the instructions a

Daniel Underhay 6 Oct 03, 2022
JWT Key Confusion PoC (CVE-2015-9235) Written for the Hack the Box challenge - Under Construction

JWT Key Confusion PoC (CVE-2015-9235) Written for the Hack the Box challenge - Under Construction This script performs a Java Web Token Key Confusion

Alex Fronteddu 1 Jan 13, 2022
A generic, spec-compliant, thorough implementation of the OAuth request-signing logic

OAuthLib - Python Framework for OAuth1 & OAuth2 *A generic, spec-compliant, thorough implementation of the OAuth request-signing logic for Python 3.5+

OAuthlib 2.5k Jan 01, 2023
FastAPI extension that provides JWT Auth support (secure, easy to use, and lightweight)

FastAPI JWT Auth Documentation: https://indominusbyte.github.io/fastapi-jwt-auth Source Code: https://github.com/IndominusByte/fastapi-jwt-auth Featur

Nyoman Pradipta Dewantara 468 Jan 01, 2023
Imia is an authentication library for Starlette and FastAPI (python 3.8+).

Imia Imia (belarussian for "a name") is an authentication library for Starlette and FastAPI (python 3.8+). Production status The library is considered

Alex Oleshkevich 91 Nov 24, 2022
A simple username/password database authentication solution for Streamlit

TL;DR: This is a simple username/password login authentication solution using a backing database. Both SQLite and Airtable are supported.

Arvindra 49 Nov 25, 2022
Awesome Django authorization, without the database

rules rules is a tiny but powerful app providing object-level permissions to Django, without requiring a database. At its core, it is a generic framew

1.6k Dec 30, 2022
Automatizando a criação de DAGs usando Jinja e YAML

Automatizando a criação de DAGs no Airflow usando Jinja e YAML Arquitetura do Repo: Pastas por contexto de negócio (ex: Marketing, Analytics, HR, etc)

Arthur Henrique Dell' Antonia 5 Oct 19, 2021
A JOSE implementation in Python

python-jose A JOSE implementation in Python Docs are available on ReadTheDocs. The JavaScript Object Signing and Encryption (JOSE) technologies - JSON

Michael Davis 1.2k Dec 28, 2022
Script that provides your TESLA access_token and refresh_token

TESLA tokens This script helps you get your TESLA access_token and refresh_token in order to connect to third party applications (Teslamate, TeslaFi,

Bun-Ny TAN 3 Apr 28, 2022