Python library to manage OAuth access tokens
Clone or download

README.rst

Python Tokens

Build Status Code Coverage Latest PyPI version License

A Python library that keeps OAuth 2.0 service access tokens in memory for your usage.

Installation

$ sudo pip3 install --upgrade stups-tokens

Usage

import requests
import time
import tokens

# will use OAUTH2_ACCESS_TOKEN_URL environment variable by default
# will try to read application credentials from CREDENTIALS_DIR
tokens.configure(url='https://example.com/access_tokens')
tokens.manage('example', ['read', 'write'])
tokens.start()

tok = tokens.get('example')

requests.get('https://example.org/', headers={'Authorization': 'Bearer {}'.format(tok)})

time.sleep(3600) # make the token expire

tok = tokens.get('example') # will refresh the expired token
requests.get('https://example.org/', headers={'Authorization': 'Bearer {}'.format(tok)})

This library also allows reading tokens directly from a file. The token needs to be in a file name ${CREDENTIALS_DIR}/${TOKEN_NAME}-secret:

import tokens

# the environment variable CREDENTIALS_DIR must be set correctly
tokens.configure(from_file_only=True)
tokens.manage('full-access')
tok = tokens.get('full-access')

requests.get('https://example.org/', headers={'Authorization': 'Bearer {}'.format(tok)})

Local testing

The "tokens" library allows injecting fixed OAuth2 access tokens via the OAUTH2_ACCESS_TOKENS environment variable. This allows testing applications using the library locally with personal OAuth2 tokens (e.g. generated by "zign"):

$ MY_TOKEN=$(zign token -n mytok)
$ export OAUTH2_ACCESS_TOKENS=mytok=$MY_TOKEN
$ ./myapp.py # start my local Python app using the tokens library

Releasing

Uploading a new version to PyPI:

$ ./release.sh <NEW-VERSION>