{ "info": { "author": "Seantis GmbH", "author_email": "info@seantis.ch", "bugtrack_url": null, "classifiers": [ "Intended Audience :: Developers", "License :: OSI Approved :: GNU General Public License v2 (GPLv2)", "Programming Language :: Python", "Programming Language :: Python :: 3", "Topic :: Software Development :: Libraries :: Python Modules" ], "description": "Description\n-----------\n\nDuring the OAuth workflow a webserver defined by redirect_uri receives the\nresult of a the authorization given by the enduser.\n\nThis redirect_uri is usually a whitelisted uri to avoid phising attacks.\n\nUnfortunately this makes it hard to write an OAuth integrated client to an\nAPI where the domain is not known in advance.\n\nFaced with such a situation we wrote this server to move the decision of\nwho can receive the result of an OAuth handshake from the OAuth provider\nto an intermediary.\n\nHow it Works\n------------\n\nUsing oauth_redirect the OAuth workflow works as follows:\n\n1. The oauth_redirect server is run on a TLS protected site. For example:\n https://oauth.seantis.ch.\n\n2. The OAuth provider is configured to allow redirects to\n https://oauth.seantis.ch/redirect.\n\n3. The client that wants to acquire the authorisation registers itself with\n the oauth_redirect server using a secret authentication code.\n\n4. The enduser is presented with the OAuth authorization site, with the\n redirect_uri set to https://oauth.seantis.ch/redirect.\n\n5. The result is sent to the oauth_redirect server, which will forward/proxy\n the request to the client, if and only if the client has registered itself\n before and the request from the OAuth provider contains a token to that\n effect.\n\nMethods\n-------\n\n``POST /register/``\n~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n\nUsed by the client/authorisation seeker to register itself. The client is\nrequired to include a secret authentication code in the registration message.\n\nThe body of the POST request is a json in this form::\n\n {\n 'url': \"The url that handles the forwarded OAuth response.\",\n 'method': \"The method with which the url should be called (get, put or post).\",\n 'success_url': \"The url the server redirects to if the handler url returns a 2XX code.\",\n 'error_url': \"The url the server redirects to if the handler url returns a non-2XX code.\",\n 'ttl': \"The optional time to live in seconds (defaults to 3600 seconds)\",\n 'secret': \"A client-specific secret that should be used authenticate\n the forwarded request. If the request does not contain this secret,\n someone other than oauth_redirect has sent it.\",\n }\n\nReturns the token which needs to be passed by the OAuth provider::\n\n {\n 'token': \"...\"\n }\n\n``(GET|POST) /redirect``\n~~~~~~~~~~~~~~~~~~~~~~~~\n\nThe endpoint communicated to the OAuth provider through the redirect_uri. To\nauthenticate the request coming from the OAuth provider must contain the\ntoken given by ``/register/``.\n\nUsually OAuth providers provide some kind of of value that may be passed from\nthe client to the redirect_uri. This value can be used to carry the token\nback to the oauth_redirect server.\n\nIf there is no such value, the token may also be passed by url, using query\nparamters (i.e. https://oauth.seantis.ch/redirect?token=...).\n\nAny value will do, a value in a json body, a formdata value or a query\nparameter.\n\nIf the redirect request is accepted it is proxied to the registered url. The\nresult of the ``/redirect`` request is the result of the proxied url.\n\nIf the request was accepted, it is deleted.\n\nDeployment\n----------\n\nThe server is implemented using `aiohttp `_.\nIt requires at least Python 3.5.\n\nThough it might be possible to implement TLS support on the oauth_redirect we\nrecommend that you put it behind a proper web proxy like nginx/apache.\n\nTo run the server run::\n\n oauth-redirect --host localhost --port 8080 --database registered --auth \n\n\nRun the Tests\n-------------\n\nInstall tox and run it::\n\n pip install tox\n tox\n\nLimit the tests to a specific python version::\n\n tox -e py27\n\nConventions\n-----------\n\nOauth_redirect follows PEP8 as close as possible. To test for it run::\n\n tox -e pep8\n\nOauth_redirect uses `Semantic Versioning `_\n\nBuild Status\n------------\n\n.. image:: https://travis-ci.org/seantis/oauth_redirect.png\n :target: https://travis-ci.org/seantis/oauth_redirect\n :alt: Build Status\n\nCoverage\n--------\n\n.. image:: https://coveralls.io/repos/seantis/oauth_redirect/badge.png?branch=master\n :target: https://coveralls.io/r/seantis/oauth_redirect?branch=master\n :alt: Project Coverage\n\nLatest PyPI Release\n-------------------\n\n.. image:: https://badge.fury.io/py/oauth_redirect.svg\n :target: https://badge.fury.io/py/oauth_redirect\n :alt: Latest PyPI Release\n\nLicense\n-------\noauth_redirect is released under GPLv2\n\nChangelog\n---------\n\n0.3.0 (2017-05-24)\n~~~~~~~~~~~~~~~~~~~~~\n\n- Adds the ability to define a success and an error url.\n [href]\n\n0.2.0 (2017-05-24)\n~~~~~~~~~~~~~~~~~~~~~\n\n- Adds the ability to define the HTTP method with which the redirect target\n should be called.\n [href]\n\n- Adds support for GET in addition to POST for the redirect view handler.\n [href]\n\n0.1.0 (2017-05-23)\n~~~~~~~~~~~~~~~~~~~~~\n\n- Initial Release.\n [href]", "description_content_type": null, "docs_url": null, "download_url": "", "downloads": { "last_day": -1, "last_month": -1, "last_week": -1 }, "home_page": "http://github.com/seantis/oauth_redirect", "keywords": "", "license": "GPLv2", "maintainer": "", "maintainer_email": "", "name": "oauth_redirect", "package_url": "https://pypi.org/project/oauth_redirect/", "platform": "any", "project_url": "https://pypi.org/project/oauth_redirect/", "project_urls": { "Homepage": "http://github.com/seantis/oauth_redirect" }, "release_url": "https://pypi.org/project/oauth_redirect/0.3.0/", "requires_dist": [ "aiohttp", "click", "purl", "coverage; extra == 'test'", "mirakuru; extra == 'test'", "morepath; extra == 'test'", "pytest; extra == 'test'", "pytest-localserver; extra == 'test'", "requests; extra == 'test'" ], "requires_python": "", "summary": "Securely redirects OAuth responses to known clients.", "version": "0.3.0" }, "last_serial": 2895307, "releases": { "0.1.0": [ { "comment_text": "", "digests": { "md5": "566f91b79893de8a6af160a72c637ec3", "sha256": "9410926960a8330fc515a9a3614e01d1960f825ce1343bb1cd5e74f1c282d0b3" }, "downloads": -1, "filename": "oauth_redirect-0.1.0-py3-none-any.whl", "has_sig": false, "md5_digest": "566f91b79893de8a6af160a72c637ec3", "packagetype": "bdist_wheel", "python_version": "3.6", "requires_python": null, "size": 11435, "upload_time": "2017-05-23T13:49:28", "url": "https://files.pythonhosted.org/packages/4f/7c/8f5d5e411b4f1b6b7b09ad7cd2a646e83ba5e79514db818f50dffad6be34/oauth_redirect-0.1.0-py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "96d15fd9e84f38b3123216fa77c18899", "sha256": "2f45b839c1ae4e214b5d2f6edc5c84cf1714a2c1c5075a4d37a1a4cd1202b904" }, "downloads": -1, "filename": "oauth_redirect-0.1.0.tar.gz", "has_sig": false, "md5_digest": "96d15fd9e84f38b3123216fa77c18899", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 7409, "upload_time": "2017-05-23T13:49:26", "url": "https://files.pythonhosted.org/packages/a3/ab/c46076772743f9192a1538a6c40701dc0d5c72dd8f9943f30e1dc5219785/oauth_redirect-0.1.0.tar.gz" } ], "0.2.0": [ { "comment_text": "", "digests": { "md5": "83cd8c056bc32559c19b34c5001071dd", "sha256": "f76dd0a30905eb9a1049a13b1a42ef62d1e6aac52567d304fde9c111b3ce5f03" }, "downloads": -1, "filename": "oauth_redirect-0.2.0-py3-none-any.whl", "has_sig": false, "md5_digest": "83cd8c056bc32559c19b34c5001071dd", "packagetype": "bdist_wheel", "python_version": "py3", "requires_python": null, "size": 12147, "upload_time": "2017-05-24T07:21:33", "url": "https://files.pythonhosted.org/packages/78/81/54c9c37870232e9f706b165e8c284f1b057bc2e37fdb736a28b7e69985a9/oauth_redirect-0.2.0-py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "27d9b53eef5a354a96bcb7ef83f11b00", "sha256": "056fcfef46c0234d8a715424261620e79945c97b5a287422bcd77fbe63613589" }, "downloads": -1, "filename": "oauth_redirect-0.2.0.tar.gz", "has_sig": false, "md5_digest": "27d9b53eef5a354a96bcb7ef83f11b00", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 7996, "upload_time": "2017-05-24T07:21:35", "url": "https://files.pythonhosted.org/packages/4e/05/a2d5078f7a59201da67dd02dcdeeb71e1227a93ac4eed47dc00c20fb8be0/oauth_redirect-0.2.0.tar.gz" } ], "0.3.0": [ { "comment_text": "", "digests": { "md5": "4769222313a7450fa36265e9debb0b45", "sha256": "f2c0ca2b0d870d70a220a2d27855534e18267e3cf65fb7430bec1a57af9dcb41" }, "downloads": -1, "filename": "oauth_redirect-0.3.0-py3-none-any.whl", "has_sig": false, "md5_digest": "4769222313a7450fa36265e9debb0b45", "packagetype": "bdist_wheel", "python_version": "py3", "requires_python": null, "size": 12435, "upload_time": "2017-05-24T08:38:28", "url": "https://files.pythonhosted.org/packages/4b/97/a3f36c39b53318ad1432b1b4f286cedbc616061ad47d92a5650c2e6b574d/oauth_redirect-0.3.0-py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "40abb8fa1c61418167d96ad5fa16c954", "sha256": "28b0fecace708df8093af79fee29ff5c17d5689e750343a8adf727afdb895242" }, "downloads": -1, "filename": "oauth_redirect-0.3.0.tar.gz", "has_sig": false, "md5_digest": "40abb8fa1c61418167d96ad5fa16c954", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 8208, "upload_time": "2017-05-24T08:38:30", "url": "https://files.pythonhosted.org/packages/c1/6b/816225d1425ecb5664b76f716dc7e74ea239f45110b1be53eabf5dc869ff/oauth_redirect-0.3.0.tar.gz" } ] }, "urls": [ { "comment_text": "", "digests": { "md5": "4769222313a7450fa36265e9debb0b45", "sha256": "f2c0ca2b0d870d70a220a2d27855534e18267e3cf65fb7430bec1a57af9dcb41" }, "downloads": -1, "filename": "oauth_redirect-0.3.0-py3-none-any.whl", "has_sig": false, "md5_digest": "4769222313a7450fa36265e9debb0b45", "packagetype": "bdist_wheel", "python_version": "py3", "requires_python": null, "size": 12435, "upload_time": "2017-05-24T08:38:28", "url": "https://files.pythonhosted.org/packages/4b/97/a3f36c39b53318ad1432b1b4f286cedbc616061ad47d92a5650c2e6b574d/oauth_redirect-0.3.0-py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "40abb8fa1c61418167d96ad5fa16c954", "sha256": "28b0fecace708df8093af79fee29ff5c17d5689e750343a8adf727afdb895242" }, "downloads": -1, "filename": "oauth_redirect-0.3.0.tar.gz", "has_sig": false, "md5_digest": "40abb8fa1c61418167d96ad5fa16c954", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 8208, "upload_time": "2017-05-24T08:38:30", "url": "https://files.pythonhosted.org/packages/c1/6b/816225d1425ecb5664b76f716dc7e74ea239f45110b1be53eabf5dc869ff/oauth_redirect-0.3.0.tar.gz" } ] }