Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

An experiment client with requests-oauthlib #136

Closed
wants to merge 5 commits into from

Conversation

@tonyseek
Copy link
Collaborator

commented Aug 24, 2014

Hi @lepture ,

There is an experiment implementation of the OAuth 1.0a/2.0 client, which based on requests-oauthlib.

The testing is poor for now. But the two examples (twitter and douban) work. Could you merge it into trunk without any document description, until I finished the refresh token mechanism and testing?

Thanks.

endpoint_url='https://api.douban.com/',
access_token_url='https://www.douban.com/service/auth2/token',
authorization_url='https://www.douban.com/service/auth2/auth',
compliance_fixes='.weibo:weibo_compliance_fix')

This comment has been minimized.

Copy link
@lepture

lepture Aug 25, 2014

Owner

douban vs weibo

This comment has been minimized.

Copy link
@tonyseek

tonyseek Aug 26, 2014

Author Collaborator

@shonenada has sent a pull request which added the compliance fixes of Douban API to upstream.

@tonyseek tonyseek changed the title An experiment client with requests-oauthlib [WIP] An experiment client with requests-oauthlib Aug 27, 2014

@tonyseek tonyseek force-pushed the tonyseek:feature/requests-oauthlib branch from b15f4b4 to 7769c0e Aug 28, 2014

tonyseek added some commits Aug 23, 2014

implement the experiment client with requests-oauthlib as backend.
implement the OAuthProperty descriptor.

comment the oauth property's implementation.

add factory method to get extension state from flask app.

And remove the binding of extension state and the app.

decouple remote apps from the ext state.

remove config_prefix (and use app.name instead).

add session class.

fix up typo.

implement the oauth 1.0a authorization.

endpoint_url is optional.

implement authorized_response method.

wrap the access token response.

extract the session factory into mixin class.

move client module into its package.

extract components into standalone modules.

refine the module names.

human friendly exception message.

remove the mixin classes and use application base class.

integrate oauth application with extension.

refine the base application class.

add example for OAuth 1.0a protocol.

implement oauth 2 application with insecure_transport(debug) mode and compliance hooks.

add example for OAuth 2 protocol.

install deps in travis ci.

use douban_compliance_fix in the example file.

See also: requests/requests-oauthlib#138

enable the insecure transport in testing mode too.

warning for Man-in-the-middle attack in production environment.

revise the warning message.

@tonyseek tonyseek force-pushed the tonyseek:feature/requests-oauthlib branch from 7769c0e to ece4d8f Dec 28, 2014

@tonyseek tonyseek changed the title [WIP] An experiment client with requests-oauthlib An experiment client with requests-oauthlib Dec 28, 2014

@tonyseek

This comment has been minimized.

Copy link
Collaborator Author

commented Dec 28, 2014

The refresh token support in OAuth 2.0 is finished now.

@lepture Please review it. Thanks.

@lepture

This comment has been minimized.

Copy link
Owner

commented Dec 28, 2014

Version should not be a required parameter, we can detect it by request_token_url.

@tonyseek

This comment has been minimized.

Copy link
Collaborator Author

commented Dec 30, 2014

Sorry for my tardy response.

Is there a reason to infer which version should be used in OAuth instead of defining it directly? In my opinion a explicit version argument is better. Because almost all third API documents specify their OAuth version clearly, and keeping the version argument give us ability to find a appropriate protocol implementation without any explicit condition.

@lepture

This comment has been minimized.

Copy link
Owner

commented Jan 19, 2015

Merged int 85da337

@lepture lepture closed this Jan 19, 2015

@tonyseek

This comment has been minimized.

Copy link
Collaborator Author

commented Jan 19, 2015

Thank you.

@tonyseek tonyseek deleted the tonyseek:feature/requests-oauthlib branch Jan 19, 2015

@pyup-bot pyup-bot referenced this pull request Jun 23, 2017
@pyup-bot pyup-bot referenced this pull request Dec 23, 2017
@pyup-bot pyup-bot referenced this pull request Jan 26, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
2 participants
You can’t perform that action at this time.