Authentication¶
Authenticator¶
The Authenticator object verifies that a request has proper authentication credentials. Optionally a “scope” kwarg of one or more AccessRange objects can be passed to verify that tokens used to access this resource are authorized to access the specific scope.
In the event of an error the Authenticator:error_response() method will wrap an error response with the appropriate OAuth2 headers.
from oauth2app.authenticate import Authenticator, AuthenticationException
from oauth2app.models import AccessRange
from django.http import HttpResponse
def test(request):
scope = AccessRange.objects.get(key="test_scope")
authenticator = Authenticator(scope=scope)
try:
# Validate the request.
authenticator.validate(request)
except AuthenticationException:
# Return an error response.
return authenticator.error_response(content="You didn't authenticate.")
username = authenticator.user.username
return HttpResponse(content="Hi %s, You authenticated!" % username)
JSONAuthenticator¶
The JSONAuthenticator adds convenience methods and supports an optional callback request parameter for use with JSONP requests.
In the event of an error the JSONAuthenticator:error_response() method will return a JSON formatted error HttpResponse.
JSONAuthenticator:response() will serialize an object and return a formatted HttpResponse.
from oauth2app.authenticate import JSONAuthenticator, AuthenticationException
def test(request):
authenticator = JSONAuthenticator()
try:
# Validate the request.
authenticator.validate(request)
except AuthenticationException:
# Return a JSON encoded error response.
return authenticator.error_response()
username = authenticator.user.userame
# Return a JSON encoded response.
return authenticator.response({"username":username})
Module Reference¶
OAuth 2.0 Authentication
-
exception
oauth2app.authenticate.
AuthenticationException
[source]¶ Authentication exception base class.
-
class
oauth2app.authenticate.
Authenticator
(scope=None, authentication_method=1)[source]¶ Django HttpRequest authenticator. Checks a request for valid credentials and scope.
Kwargs:
- scope: An iterable of oauth2app.models.AccessRange objects representing the scope the authenticator will authenticate. Default None
- authentication_method: Accepted authentication methods. Possible values are: oauth2app.consts.MAC, oauth2app.consts.BEARER, oauth2app.consts.MAC | oauth2app.consts.BEARER, Default oauth2app.consts.BEARER
-
access_token
= None¶
-
attempted_validation
= False¶
-
auth_type
= None¶
-
auth_value
= None¶
-
client
¶ The client associated with the valid access token.
oauth2app.models.Client object
-
error
= None¶
-
error_response
(content='', mimetype=None, content_type='text/html')[source]¶ Error response generator. Returns a Django HttpResponse with status 401 and the approproate headers set. See Django documentation for details. https://docs.djangoproject.com/en/dev/ref/request-response/#django.http.HttpResponse.__init__
Kwargs:
- content: See Django docs. Default ‘’
- mimetype: See Django docs. Default None
- content_type: See Django docs. Default DEFAULT_CONTENT_TYPE
-
scope
¶ The client scope associated with the valid access token.
QuerySet of AccessRange objects.
-
user
¶ The user associated with the valid access token.
django.auth.User object
-
valid
= False¶
-
exception
oauth2app.authenticate.
InsufficientScope
[source]¶ The request requires higher privileges than provided by the access token.
-
error
= 'insufficient_scope'¶
-
-
exception
oauth2app.authenticate.
InvalidRequest
[source]¶ The request is missing a required parameter, includes an unsupported parameter or parameter value, repeats the same parameter, uses more than one method for including an access token, or is otherwise malformed.
-
error
= 'invalid_request'¶
-
-
exception
oauth2app.authenticate.
InvalidToken
[source]¶ The access token provided is expired, revoked, malformed, or invalid for other reasons.
-
error
= 'invalid_token'¶
-
-
class
oauth2app.authenticate.
JSONAuthenticator
(scope=None)[source]¶ Wraps Authenticator, adds support for a callback parameter and JSON related. convenience methods.
Args:
- request: Django HttpRequest object.
Kwargs:
- scope: A iterable of oauth2app.models.AccessRange objects.
-
callback
= None¶
To Do¶
Todo
MAC Authentication