ndg-oauth-client OAuth 2.0 client
Download

ndg-oauth-client Ranking & Summary

ndg-oauth-client Tags

client Python library Python OAuth OAuth client

ndg-oauth-client Description

ndg-oauth-client is an OAuth 2.0 client library and WSGI middleware filter.It supports simple string-based bearer token and a custom extension to enable the use of X.509 certificates as tokens. The latter has been added to enable a SLCS (Short-lived Credential Service) to issue delegated X.509-based credentials using OAuth.ndg.oauth.client.lib.oauth2client:Oauth2Client is a client that calls a specified callable with an access token obtained from a configured OAuth server. ndg.oauth.client.lib.oauth2_myproxy_client:Oauth2MyProxyClient extends this to handle key creation for obtaining X.509 certificates.The filter ndg.oauth.client.wsgi.oauth2_client:Oauth2ClientMiddleware uses Oauth2MyProxyClient and sets the obtained access token in the WSGI environ. The token contains the key/certificate pair so that it can be used by other WSGI applications or middleware to authenticate.InstallationInstallation can be performed using easy_install or pip.ConfigurationExamples are contained in the examples/ sub-folder:bearer_tok/: This configures a simple test application that uses string based tokens.slcs/: This is a more complex and specialised example that issues X.509 certificate- based tokens as part of a Short-lived Credential Service. The corresponding authorisation server available from the ndg.oauth server package requires access to a specially configured MyProxyCA service ( http://grid.ncsa.illinois.edu/myproxy/ca/) configured with a custom PAM to allow issue of credentials. See: http://ndg-security.ceda.ac.uk/browser/trunk/MashMyData/pam_credential_translationThe examples should be used in conjunction with the ndg.oauth server package.Product's homepage

ndg-oauth-client Related Software