web2py-oauth2

An OAuth 2.0 module for web2py framework, based in:

• João Alves original web2py-oauth2 code
• OAuth 2.0 draft 20
• PHP OAuth 2 Server
• YouTube API v2.0

Requirements

• Python

Using

From web2py\applications, clone the app git clone https://github.com/SamuelMarks/web2py-oauth2.git oauth2

Then follow these steps to test the module:

• Add a client (http://your_server[:port]/application/add_client)
• Change the client_id, client_secret and redirect_uri at controllers/callback.py for the ones given by the above step
• Browse http://your_server[:port]/application/auth with the required parameters and click "Yes"
• Get the access_token and refresh_token
• curl -H "Authorization: Bearer access_token_here" http://your_server[:port]/application/protected_resource

Contributing

Want to contribute? Great! Just fork this project and/or make a pull request ;)

TODO

• Unit tests
• Upgrade from Draft 20 to released OAuth2 standards

NOTE

My major changes to João Alves' code can be summarised in three points:

1. Reviewed the entire codebase; improving quality, fixing hacks and improving formatting along the way.
2. Rewrote all the relevant exceptions to use gluon.http.HTTP (with correct HTTP error codes + easier to understand specific exception messages)
3. Implemented subclasses of OAuthStorage for web2py's DAL. Now this project is no longer locked-into MongoDB ;]