{ "info": { "author": "Josh Bialkowski", "author_email": "josh.bialkowski@gmail.com", "bugtrack_url": null, "classifiers": [], "description": "========\noauthsub\n========\n\n.. image:: https://travis-ci.com/cheshirekow/oauthsub.svg?branch=master\n :target: https://travis-ci.com/cheshirekow/oauthsub\n\n.. image:: https://readthedocs.org/projects/oauthsub/badge/\n :target: https://oauthsub.rtfd.io\n\nSimple oauth2 subrequest handler for reverse proxies\n\n-------\nPurpose\n-------\n\nThe goal of ``oauthsub`` is to enable simple and secure Single Sign On by\ndeferring authentication to an ``oauth2`` provider (like google, github,\nmicrosoft, etc).\n\nSee the examples in `the documentation`__ for ideas on how best to use it.\n\n.. __: https://oauthsub.rtfd.io\n\n------------\nInstallation\n------------\n\nInstall through pip::\n\n pip install oauthsub\n\nor see `the documentation`__ for more options.\n\n.. __: https://oauthsub.rtfd.io\n\n-----\nUsage\n-----\n\n.. dynamic: usage-begin\n\n.. code:: text\n\n usage: oauthsub [-h] [--dump-config] [-v] [-l {debug,info,warning,error}]\n [-c CONFIG_FILE] [-s {flask,gevent,twisted}]\n [--rooturl ROOTURL] [--flask-debug [FLASK_DEBUG]]\n [--flask-privkey FLASK_PRIVKEY]\n [--response-header RESPONSE_HEADER]\n [--allowed-domains [ALLOWED_DOMAINS [ALLOWED_DOMAINS ...]]]\n [--host HOST] [--port PORT] [--logdir LOGDIR]\n [--route-prefix ROUTE_PREFIX]\n [--session-key-prefix SESSION_KEY_PREFIX]\n [--bypass-key BYPASS_KEY] [--custom-template CUSTOM_TEMPLATE]\n [--enable-forbidden [ENABLE_FORBIDDEN]]\n\n This lightweight web service performs authentication. All requests that reach\n this service should be proxied through nginx. See:\n https://developers.google.com/api-client-library/python/auth/web-app\n\n optional arguments:\n -h, --help show this help message and exit\n --dump-config Dump configuration and exit\n -v, --version show program's version number and exit\n -l {debug,info,warning,error}, --log-level {debug,info,warning,error}\n Increase log level to include info/debug\n -c CONFIG_FILE, --config-file CONFIG_FILE\n use a configuration file\n -s {flask,gevent,twisted}, --server {flask,gevent,twisted}\n Which WGSI server to use\n --rooturl ROOTURL The root URL for browser redirects\n --flask-debug [FLASK_DEBUG]\n Enable flask debugging for testing\n --flask-privkey FLASK_PRIVKEY\n Secret key used to sign cookies\n --response-header RESPONSE_HEADER\n If specified, the authenticated user's ``username``\n will be passed as a response header with this key.\n --allowed-domains [ALLOWED_DOMAINS [ALLOWED_DOMAINS ...]]\n List of domains that we allow in the `hd` field of\n thegoogle response. Set this to your company gsuite\n domains.\n --host HOST The address to listening on\n --port PORT The port to listen on\n --logdir LOGDIR Directory where we store resource files\n --route-prefix ROUTE_PREFIX\n All flask routes (endpoints) are prefixed with this\n --session-key-prefix SESSION_KEY_PREFIX\n All session keys are prefixed with this\n --bypass-key BYPASS_KEY\n Secret string which can be used to bypass\n authorization if provided in an HTTP header\n `X-OAuthSub-Bypass`\n --custom-template CUSTOM_TEMPLATE\n Path to custom jinja template\n --enable-forbidden [ENABLE_FORBIDDEN]\n If true, enables the /forbidden endpoint, to which you\n can redirect 401 errors from your reverse proxy. This\n page is a simple message with active template but\n includes login links that will redirect back to the\n forbidden page after a successful auth.\n\n.. dynamic: usage-end\n\n-------------\nConfiguration\n-------------\n\n``oauthsub`` is configurable through a configuration file in python (the file\nis ``exec``ed). Each configuration variable can also be specified on the\ncommand line (use ``oauthsub --help`` to see a list of options). If you'd\nlike to dump a configuration file containing default values use::\n\n oauthsub --dump-config\n\nWhich outputs something like::\n\n.. dynamic: config-begin\n\n.. code:: python\n\n # The root URL for browser redirects\n rooturl = 'http://localhost'\n\n # Enable flask debugging for testing\n flask_debug = False\n\n # Secret key used to sign cookies\n flask_privkey = 'KALJE0Unas2dd8ao3p/T55htwbL5RrKX'\n\n # If specified, the authenticated user's ``username`` will be passed as a\n # response header with this key.\n response_header = None\n\n # List of domains that we allow in the `hd` field of thegoogle response. Set\n # this to your company gsuite domains.\n allowed_domains = ['gmail.com']\n\n # The address to listening on\n host = '0.0.0.0'\n\n # The port to listen on\n port = 8081\n\n # Directory where we store resource files\n logdir = '/tmp/oauthsub/logs'\n\n # Flask configuration options. Set session config here.\n flaskopt = {\n \"PERMANENT_SESSION_LIFETIME\": 864000,\n \"SESSION_FILE_DIR\": \"/tmp/oauthsub/session_data\",\n \"SESSION_TYPE\": \"filesystem\"\n }\n\n # All flask routes (endpoints) are prefixed with this\n route_prefix = '/auth'\n\n # All session keys are prefixed with this\n session_key_prefix = 'oauthsub-'\n\n # Secret string which can be used to bypass authorization if provided in an HTTP\n # header `X-OAuthSub-Bypass`\n bypass_key = None\n\n # Dictionary mapping oauth privider names to the client secrets for that\n # provider.\n client_secrets = {}\n\n # Path to custom jinja template\n custom_template = None\n\n # If true, enables the /forbidden endpoint, to which you can redirect 401 errors\n # from your reverse proxy. This page is a simple message with active template\n # but includes login links that will redirect back to the forbidden page after a\n # successful auth.\n enable_forbidden = True\n\n # Which WGSI server to use (flask, gevent, twisted)\n server = 'flask'\n\n\n # This is not used internally, but is used to implement our user lookup\n # callback below\n _user_map = {\n \"alice@example.com\": \"alice\",\n \"bob@example.com\": \"bob\"\n }\n\n # This is a callback used to lookup the user identity based on the credentials\n # provided by the authenticator.\n def user_lookup(authenticator, parsed_response):\n if authenticator.type == \"GOOGLE\":\n # Could also use `id` to lookup based on google user id\n return _user_map.get(parsed_response.get(\"email\"))\n\n return None\n\n.. dynamic: config-end\n\n\n-------------------\nTesting the service\n-------------------\n\nTest the service directly on localhost, put your client secrets in a\nconfiguration file and (assuming you've enabled\n``http://lvh.me:8081/auth/callback`` as an authorized redirect on google)\nrun with::\n\n oauthsub --flask-debug \\\n --config /path/to/your/config.py\n\nAnd then navigate to ``http://localhost:8081/auth`` from your browser.\n\nSee the documentation for more detailed testing instructions including how\nto test with NGINX.\n\n\n", "description_content_type": "", "docs_url": null, "download_url": "https://github.com/cheshirekow/oauthsub/archive/0.2.1.tar.gz", "downloads": { "last_day": -1, "last_month": -1, "last_week": -1 }, "home_page": "https://github.com/cheshirekow/oauthsub", "keywords": "oauth,nginx,flask", "license": "", "maintainer": "", "maintainer_email": "", "name": "oauthsub", "package_url": "https://pypi.org/project/oauthsub/", "platform": "", "project_url": "https://pypi.org/project/oauthsub/", "project_urls": { "Download": "https://github.com/cheshirekow/oauthsub/archive/0.2.1.tar.gz", "Homepage": "https://github.com/cheshirekow/oauthsub" }, "release_url": "https://pypi.org/project/oauthsub/0.2.1/", "requires_dist": [ "flask", "jinja2", "requests-oauthlib" ], "requires_python": "", "summary": "Simple oauth2 subrequest handler for nginx", "version": "0.2.1" }, "last_serial": 5529178, "releases": { "0.1.0": [ { "comment_text": "", "digests": { "md5": "eb1fe3538f9ddb1edffb2cb941cecd31", "sha256": "81eb2afe773c0ffa959e0a068776ea7dd7a002d5256791236b16ab49ce9b478c" }, "downloads": -1, "filename": "oauthsub-0.1.0.tar.gz", "has_sig": false, "md5_digest": "eb1fe3538f9ddb1edffb2cb941cecd31", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 15503, "upload_time": "2018-02-28T02:04:30", "url": "https://files.pythonhosted.org/packages/d3/3a/ed24f97ca8f9f80ac09c195c4acb58196b749be26900711795b23f70afda/oauthsub-0.1.0.tar.gz" } ], "0.1.2": [ { "comment_text": "", "digests": { "md5": "2727bb3b968d1177da659096aaf9e6e6", "sha256": "4b8dccee85e66b364481e4e3ad118cb1504004888d31544f23e31be18625631e" }, "downloads": -1, "filename": "oauthsub-0.1.2.tar.gz", "has_sig": false, "md5_digest": "2727bb3b968d1177da659096aaf9e6e6", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 12772, "upload_time": "2018-03-05T16:25:07", "url": "https://files.pythonhosted.org/packages/97/65/d4e873471e2b673e57cbd4ccfe7c81b2c6b83435a811b6cf9fd91c339806/oauthsub-0.1.2.tar.gz" } ], "0.1.3": [ { "comment_text": "", "digests": { "md5": "6fe6d644e58ea5d5efe4fd49d02973be", "sha256": "67c671340642a8fa68a71feda864dc131e016ed694e1dfbe0f680579c7a64d8f" }, "downloads": -1, "filename": "oauthsub-0.1.3.tar.gz", "has_sig": false, "md5_digest": "6fe6d644e58ea5d5efe4fd49d02973be", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 18226, "upload_time": "2019-02-09T00:34:26", "url": "https://files.pythonhosted.org/packages/c7/a2/a88dc544d8ac4d92116eeb75402c70d31483d5b1092bc1ba9df526b3b591/oauthsub-0.1.3.tar.gz" } ], "0.2.0": [ { "comment_text": "", "digests": { "md5": "a59f4191c35d7416d808281b3fd6fa11", "sha256": "943c330cb972cfa55ed7f7a5cc7c4934e46d1a50a4e215fcf97c0895f2ebbed8" }, "downloads": -1, "filename": "oauthsub-0.2.0-py3-none-any.whl", "has_sig": false, "md5_digest": "a59f4191c35d7416d808281b3fd6fa11", "packagetype": "bdist_wheel", "python_version": "py3", "requires_python": null, "size": 29627, "upload_time": "2019-05-23T19:05:49", "url": "https://files.pythonhosted.org/packages/4b/82/481c1ebfeef5ab3af465ffe4794f726b92f12d5291de02f8a808ad632530/oauthsub-0.2.0-py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "6835bdc4b6c2071c0ebadf950921c98c", "sha256": "19a93ab9ca1ae447678a5d38b78dd53fa1b1ddfc8ef0392e19372cd6cebddf4b" }, "downloads": -1, "filename": "oauthsub-0.2.0.tar.gz", "has_sig": false, "md5_digest": "6835bdc4b6c2071c0ebadf950921c98c", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 17317, "upload_time": "2019-05-23T19:05:50", "url": "https://files.pythonhosted.org/packages/c1/85/bba8ec7c01b04932fe2d1581293eb9b1702c589774adbd6fdc981c244304/oauthsub-0.2.0.tar.gz" } ], "0.2.1": [ { "comment_text": "", "digests": { "md5": "857cccdaf901459ce7b7a8260e4253c9", "sha256": "12300baef336bfd2f228f6f4d0c5a32063b037cc09ebc419e0a97eb9eb62f474" }, "downloads": -1, "filename": "oauthsub-0.2.1-py3-none-any.whl", "has_sig": false, "md5_digest": "857cccdaf901459ce7b7a8260e4253c9", "packagetype": "bdist_wheel", "python_version": "py3", "requires_python": null, "size": 26978, "upload_time": "2019-07-14T05:38:55", "url": "https://files.pythonhosted.org/packages/a0/4f/71e8efb11f4a160c9d2b6f6e4534bca2973a156bfb05f54714dc36fe0b67/oauthsub-0.2.1-py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "f7fab03e0942d7e9b255c4b2c60ddc97", "sha256": "150457b9ee9fc638697c35759ca2b3fd10be4bbc48fc221e50e2dbea52a2f22a" }, "downloads": -1, "filename": "oauthsub-0.2.1.tar.gz", "has_sig": false, "md5_digest": "f7fab03e0942d7e9b255c4b2c60ddc97", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 14074, "upload_time": "2019-07-14T05:38:57", "url": "https://files.pythonhosted.org/packages/14/5b/fa3b83ce676c6f2cc9868e68a121420e0b2273ff145d45b36ce54bd78015/oauthsub-0.2.1.tar.gz" } ] }, "urls": [ { "comment_text": "", "digests": { "md5": "857cccdaf901459ce7b7a8260e4253c9", "sha256": "12300baef336bfd2f228f6f4d0c5a32063b037cc09ebc419e0a97eb9eb62f474" }, "downloads": -1, "filename": "oauthsub-0.2.1-py3-none-any.whl", "has_sig": false, "md5_digest": "857cccdaf901459ce7b7a8260e4253c9", "packagetype": "bdist_wheel", "python_version": "py3", "requires_python": null, "size": 26978, "upload_time": "2019-07-14T05:38:55", "url": "https://files.pythonhosted.org/packages/a0/4f/71e8efb11f4a160c9d2b6f6e4534bca2973a156bfb05f54714dc36fe0b67/oauthsub-0.2.1-py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "f7fab03e0942d7e9b255c4b2c60ddc97", "sha256": "150457b9ee9fc638697c35759ca2b3fd10be4bbc48fc221e50e2dbea52a2f22a" }, "downloads": -1, "filename": "oauthsub-0.2.1.tar.gz", "has_sig": false, "md5_digest": "f7fab03e0942d7e9b255c4b2c60ddc97", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 14074, "upload_time": "2019-07-14T05:38:57", "url": "https://files.pythonhosted.org/packages/14/5b/fa3b83ce676c6f2cc9868e68a121420e0b2273ff145d45b36ce54bd78015/oauthsub-0.2.1.tar.gz" } ] }