Skip to content

Add Device Code (RFC 8628) authentication#39

Merged
petrsnd merged 11 commits into
OneIdentity:mainfrom
petrsnd:feature/device-code-login
Jul 1, 2026
Merged

Add Device Code (RFC 8628) authentication#39
petrsnd merged 11 commits into
OneIdentity:mainfrom
petrsnd:feature/device-code-login

Conversation

@petrsnd

@petrsnd petrsnd commented Jun 30, 2026

Copy link
Copy Markdown
Member

Adds OAuth 2.0 Device Authorization Grant (RFC 8628) login support for both sync and async clients.

What''s included

  • DeviceCodeInfo type and DeviceCodeAuth strategy; sync and async device-code login flows.
  • Caller-supplied callback for displaying the verification URL and user code — no library display I/O, no browser spawning.
  • Public exports, a usage sample, and documentation.

Tests

  • 36 new device-code unit tests (325 unit total); ruff + mypy --strict clean.
  • Live integration suite green (interactive human-approval tests are opt-in via env var and skipped by default).

Version bumped to 8.1.0 (new functionality → minor).

@petrsnd petrsnd requested a review from a team as a code owner June 30, 2026 21:58
Comment thread src/pysafeguard/async_device_code.py Fixed
Comment thread src/pysafeguard/async_device_code.py Fixed
Comment thread src/pysafeguard/async_device_code.py Dismissed
Comment thread tests/integration/test_device_code_auth.py Fixed
petrsnd added 2 commits June 30, 2026 16:22
The SDK intentionally supports verify=False so callers can reach appliances without a CA-signed certificate yet. Treat py/request-without-cert-validation as a known, accepted pattern via a CodeQL config query-filter.
Use isinstance(result, Awaitable) so the awaited callback is a recognized coroutine (clears py/ineffectual-statement), and manage the admin_client fixture with a 'with' block (clears py/should-use-with).
@petrsnd petrsnd merged commit 42c370a into OneIdentity:main Jul 1, 2026
5 checks passed
@petrsnd petrsnd deleted the feature/device-code-login branch July 1, 2026 01:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants