From 04960e3f2d36ae374f21837ee423dba15ee62ec3 Mon Sep 17 00:00:00 2001 From: Brock Palen Date: Sat, 11 Mar 2017 11:08:43 -0500 Subject: [PATCH 1/3] Added header only auth documentation Added documentation for header only auth support. This support WSO2 API gateways that will throw 401 if client_id and client_secret are passed in the body POST response. --- docs/oauth2_workflow.rst | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/docs/oauth2_workflow.rst b/docs/oauth2_workflow.rst index eba0c68c..13bddb6b 100644 --- a/docs/oauth2_workflow.rst +++ b/docs/oauth2_workflow.rst @@ -156,7 +156,17 @@ The steps below outline how to use the Resource Owner Client Credentials Grant T >>> token = oauth.fetch_token(token_url='https://provider.com/oauth2/token', client_id=client_id, client_secret=client_secret) +1. Alternative fetch an access token from the provider that passes secret only via header. +.. code-block:: pycon + + >>> from oauthlib.oauth2 import BackendApplicationClient + >>> from requests.auth import HTTPBasicAuth + >>> auth = HTTPBasicAuth(client_id, client_secret) + >>> client = BackendApplicationClient(client_id=client_id) + >>> oauth = OAuth2Session(client=client) + >>> token = oauth.fetch_token(token_url='https://provider.com/oauth2/token', auth=auth) + Refreshing tokens ----------------- From 5fc1f4a3fe33f7e89b6953303e22b028ed1da2d1 Mon Sep 17 00:00:00 2001 From: Brock Palen Date: Sat, 11 Mar 2017 11:35:43 -0500 Subject: [PATCH 2/3] wso2 BackendApplicationClient example Example with WSO2 with header only HTTPBasicAuth --- docs/examples/wso2.rst | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) create mode 100644 docs/examples/wso2.rst diff --git a/docs/examples/wso2.rst b/docs/examples/wso2.rst new file mode 100644 index 00000000..6c36d09c --- /dev/null +++ b/docs/examples/wso2.rst @@ -0,0 +1,31 @@ +WSO2 OAuth 2 Tutorial +========================== + +Setup subscriptions following the instructions on your WSO2 gateway. When you +have obtained a ``client_id`` and a ``client_secret`` you can try out the +command line interactive example below. + + +.. code-block:: pycon + + >>> from requests.auth import HTTPBasicAuth + >>> from oauthlib.oauth2 import BackendApplicationClient + >>> from requests_oauthlib import OAuth2Session + + >>> #grab client_id and client_secret: + >>> client_id = u'' + >>> client_secret = u'' + >>> token_url = 'https://wso2gateway.myorg.org/token' + + >>> #generate HTTPBasicAuth Header + >>> basic_auth = HTTPBasicAuth(client_id, client_secret) + >>> client = BackendApplicationClient(client_id=client_id) + + >>> #start oauth session + >>> oauth = OAuth2Session(client=client) + >>> token = oauth.fetch_token(token_url=token_url, + auth=basic_auth) + + >>> r = oauth.get(u'https://wso2gateway.myorg.org/api/v1/api', + >>> headers={'Accept':'application/json'}) + >>> print(r.json()) From 583ac07a7fdb1fe21460c94cae240702844e0b3c Mon Sep 17 00:00:00 2001 From: Cory Benfield Date: Mon, 13 Mar 2017 10:06:05 +0000 Subject: [PATCH 3/3] Minor formatting changes. --- docs/oauth2_workflow.rst | 36 ++++++++++++++++++------------------ 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/docs/oauth2_workflow.rst b/docs/oauth2_workflow.rst index 13bddb6b..588480ec 100644 --- a/docs/oauth2_workflow.rst +++ b/docs/oauth2_workflow.rst @@ -141,31 +141,31 @@ The steps below outline how to use the Resource Owner Client Credentials Grant T 0. Obtain credentials from your OAuth provider. At minimum you will need a ``client_id`` and ``client_secret``. -.. code-block:: pycon - - >>> client_id = 'your_client_id' - >>> client_secret = 'your_client_secret' + .. code-block:: pycon + + >>> client_id = 'your_client_id' + >>> client_secret = 'your_client_secret' 1. Fetch an access token from the provider. -.. code-block:: pycon + .. code-block:: pycon - >>> from oauthlib.oauth2 import BackendApplicationClient - >>> client = BackendApplicationClient(client_id=client_id) - >>> oauth = OAuth2Session(client=client) - >>> token = oauth.fetch_token(token_url='https://provider.com/oauth2/token', client_id=client_id, - client_secret=client_secret) + >>> from oauthlib.oauth2 import BackendApplicationClient + >>> client = BackendApplicationClient(client_id=client_id) + >>> oauth = OAuth2Session(client=client) + >>> token = oauth.fetch_token(token_url='https://provider.com/oauth2/token', client_id=client_id, + client_secret=client_secret) -1. Alternative fetch an access token from the provider that passes secret only via header. + If your provider requires that you pass auth credentials in a Basic Auth header, you can do this instead: -.. code-block:: pycon + .. code-block:: pycon - >>> from oauthlib.oauth2 import BackendApplicationClient - >>> from requests.auth import HTTPBasicAuth - >>> auth = HTTPBasicAuth(client_id, client_secret) - >>> client = BackendApplicationClient(client_id=client_id) - >>> oauth = OAuth2Session(client=client) - >>> token = oauth.fetch_token(token_url='https://provider.com/oauth2/token', auth=auth) + >>> from oauthlib.oauth2 import BackendApplicationClient + >>> from requests.auth import HTTPBasicAuth + >>> auth = HTTPBasicAuth(client_id, client_secret) + >>> client = BackendApplicationClient(client_id=client_id) + >>> oauth = OAuth2Session(client=client) + >>> token = oauth.fetch_token(token_url='https://provider.com/oauth2/token', auth=auth) Refreshing tokens -----------------