elliotpeele / pyramid_oauth2_provider Goto Github PK
View Code? Open in Web Editor NEWAn Oauth2 provider built on pyramid
License: MIT License
An Oauth2 provider built on pyramid
License: MIT License
Due to the way exception handling works in pyramid, the db transaction is rolled back on an exception. When the authorization policy checks to see if a token is expired, the revoked flag never gets set because an exception is then raised.
OauthAuthenticationPolicy._get_auth_token raises a TypeError when util.getClientCredentials returns False rather than a tuple. Test this by hitting your site without providing headers/authorization.
I will submit a PR soon as a temporary fix, but exception handling should be revamped as a whole in the long run.
The access_token should be revoked if it is no longer valid.
It would be better if errors were returned in JSON rather than formatted in HTML.
The Oauth2Client model use the following definition
_client_secret = Column(Binary(255), unique=True, nullable=False)
On db initialization, the following error is raised
OperationalError: (_mysql_exceptions.OperationalError) (1170, "BLOB/TEXT column '_client_secret' used in key specification without a key length") [SQL: u'\nCREATE TABLE oidc_client (\n\tid INTEGER NOT NULL AUTO_INCREMENT, \n\tclient_id VARCHAR(64) NOT NULL, \n\t_client_secret BLOB(255) NOT NULL, \n\trevoked BOOL, \n\trevocation_date DATETIME, \n\tCONSTRAINT pk_oidc_client PRIMARY KEY (id), \n\tCONSTRAINT test UNIQUE (_client_secret), \n\tCONSTRAINT uq_oidc_client_client_id UNIQUE (client_id), \n\tCONSTRAINT ck_oidc_client_revoked CHECK (revoked IN (0, 1))\n)ENGINE=InnoDB CHARSET=utf8\n\n']
setting the column type to sqlalchemy.dialects.mysql.BINARY works as expected (but it's not a satisfying solution).
Hi, it seems there is no support for the Authorization code grant flow
https://tools.ietf.org/html/rfc6749#section-4.1
The token view doesn't support authorization_code grant_type
Am I right ?
"""Generate client credentials using the create_client_credentials script, provided as part of pyramid_oauth2_provider."""
Maybe adding the following entry in the setup.py file could help newcomers
[console_scripts]
...
create_client_credentials=pyramid_oauth2_provider.scripts.create_client_credentials:main
I want to thank you for this library, it has saved me quite some time.
I would like to work on some changes:
Let me know if you are open to this.
P.S. I confirmed the PRs from @tonthon are working.
The following script : https://github.com/elliotpeele/pyramid_oauth2_provider/blob/master/pyramid_oauth2_provider/scripts/create_client_credentials.py
uses epdb that is missing in the setup.py requirements
My setup :
OS : fedora
I installed the following packages : gcc libffi-devel python-devel openssl-devel
And I pip installed cryptography.
I get the following error
raise UnsupportedAlgorithm("This backend does not support scrypt.")
cryptography.exceptions.UnsupportedAlgorithm: This backend does not support scrypt.
It seems something is missing.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.