{ "info": { "author": "Victor Fernandez de Alba", "author_email": "sneridagh@gmail.com", "bugtrack_url": null, "classifiers": [ "Framework :: Pylons", "Programming Language :: Python", "Topic :: Internet :: WWW/HTTP", "Topic :: Internet :: WWW/HTTP :: WSGI :: Application" ], "description": "Introduction\n============\n\nOsiris (/o\u028a\u02c8sa\u026a\u0259r\u0268s/) is an Egyptian god, usually identified as the god of the\nafterlife, the underworld and the dead. He is classically depicted as a green-\nskinned man with a pharaoh's beard, partially mummy-wrapped at the legs, wearing\na distinctive crown with two large ostrich feathers at either side, and holding\na symbolic crook and flail. Osiris was the afterlife's judge, he weighed the\ndead souls and compare them with the Feather of Truth. Those which weighed the\nmost were sent to Ammut (the soul devourer) and not heavy enough to Aaru (the\negyptian paradise).\n\nOsiris is an oAuth 2.0 compliant server based on Pyramid. The current version\n(1.0) it supports the `resource owner password credentials` authentication flow.\nYou can use your preferred authentication backend (LDAP, SQL, etc.) in order to\noAuth enable it with Osiris. You can also use your preferred backend storage as\nOsiris uses a pluggable store factory to store the issued token information. The\ncurrent version includes the MongoDB one.\n\n\nThe `resource owner password credentials` flow\n==============================================\n\nThis flow is not the most popular oAuth flow, but it's useful in case that we\nwant to oAuth enable an app or a set of apps in an scenario with an already\nexisting user backend. Using this flow you can use Osiris as a gateway between\nyour existing user store and oAuth enable it. Osiris will authenticate the user\ncredentials against your user store and if suceeds it will issue a oAuth token.\nThen, an app can use it to impersonate the user's token to access an oAuth\nenabled REST API, for example.\n\nFor that reason and out of the oAuth specification, Osiris features an\nadditional endpoint to allow remote applications and resource servers to check\npreviously issued tokens and users and validate it. This endpoint will respond\nif the token is valid for the user specified and if the token is not expired or\nrevoked.\n\nYou can use Osiris as a standalone application or use it as a Pyramid plugin and\nmake your app Osiris enabled.\n\n\nSetup\n=====\n\nThis is the configuration to use it as a standalone Pyramid app, along with your\nown one using Paste urlmap in your app .ini::\n\n [server:main]\n use = egg:Paste#http\n host = 0.0.0.0\n port = 80\n\n [composite:main]\n use = egg:Paste#urlmap\n / = YOURAPP\n /oauth2 = osiris\n\n [app:osiris]\n use = egg:osiris\n\n osiris.store = osiris.store.mongodb_store\n osiris.store.host = localhost\n osiris.store.port = 27017\n osiris.store.db = osiris\n osiris.store.collection = tokens\n osiris.tokenexpiry = 0\n\n osiris.whoconfig = %(here)s/who.ini\n osiris.ldap_enabled = false\n\n [app:YOURAPP]\n use = egg:YOURAPP\n full_stack = true\n static_files = true\n\nYou can also Osiris enable your own app, in your __init__.py::\n\n config.include(osiris)\n\nand in the .ini::\n\n osiris.store = osiris.store.mongodb_store\n osiris.store.host = localhost\n osiris.store.port = 27017\n osiris.store.db = osiris\n osiris.store.collection = tokens\n osiris.tokenexpiry = 0\n\n osiris.whoconfig = %(here)s/who.ini\n osiris.ldap_enabled = false\n\nOr use it standalone (see production.ini).\n\n\nOptions\n=======\n\nThese are the .ini options available for Osiris:\n\nosiris.store\n Currently only available ``osiris.store.mongodb_store``. Required.\n\nosiris.store.host\n Defaults to 'localhost'. Optional.\n\nosiris.store.port\n Defaults to '27017'. Optional.\n\nosiris.store.db\n The name of the database. Defaults to 'osiris'. Optional.\n\nosiris.store.collection\n The collection to store the tokens. Defaults to 'tokens'. Optional.\n\nosiris.tokenexpiry\n The time in seconds that the token is valid. Defaults to 0 (unlimited). Optional.\n\nosiris.whoconfig\n The pyramid_who (repoze.who) .ini with the configuration of the authentication backends. Required.\n\n\nREST API for `resource owner password credentials` flow\n=======================================================\n\nFollowing the oAuth 2.0 authentication standard (draft 22), the `Resource owner\npassword credentials` flow must implement this web services and use these\nparameters:\n\n/token\n Method:\n POST\n\n Params:\n grant_type\n Required. Value must be set to password\n\n username\n Required. The resource owner username, encoded as UTF-8.\n\n password\n Required. The resource owner password, encoded as UTF-8.\n\n scope\n Optional. The scope of the access request.\n\n Content-Type:\n application/x-www-form-urlencoded\n\n Response:\n HTTP/1.1 200 OK\n Content-Type: application/json;charset=UTF-8\n Cache-Control: no-store\n Pragma: no-cache\n\n { \"access_token\":\"Qwe1235rwersdgasdfghjkyuiyuihfgh\",\n \"token_type\":\"bearer\",\n \"expires_in\":3600,\n \"scope\": \"exampleScope\" }\n\n/checktoken\n Method:\n POST\n\n Params:\n access_token\n Required. Value of the token to be checked\n\n username\n Required. The resource owner username, encoded as UTF-8.\n\n scope\n Optional. The scope of the access request.\n\n Content-Type:\n application/x-www-form-urlencoded\n\n Response:\n If successful: HTTP/1.1 200 OK\n If not successful: HTTP/1.1 401 Unauthorized\n\n\nAuthentication backend\n======================\n\nYou can choose between two authentication backend plugins: pyramid_ldap and\npyramid_who.\n\npyramid_ldap (for LDAP authentication backends)\n-----------------------------------------------\n\npyramid_ldap is the defacto standard plugin when dealing with ldap in pyramid.\n\nThis is the configuration needed in the .ini to enable LDAP::\n\n osiris.ldap_enabled = true\n osiris.ldap.server = ldaps://your.ldap.uri\n osiris.ldap.userbind = cn=user.to.bind,ou=users,dc=my,dc=domain\n osiris.ldap.password = secret\n osiris.ldap.userbasedn = ou=users,dc=my,dc=domain\n osiris.ldap.userfilter = (cn=%+(login)s)\n osiris.ldap.userscope = SCOPE_ONELEVEL\n osiris.ldap.groupbasedn = ou=groups,dc=my,dc=domain\n osiris.ldap.groupfilter = (&(objectClass=groupOfNames)(member=%+(userdn)s))\n osiris.ldap.groupscope = SCOPE_SUBTREE\n osiris.ldap.groupcache = 600\n\nAdjust them to match your LDAP configuration. For further information, see:\nhttp://docs.pylonsproject.org/projects/pyramid_ldap/en/latest/\n\npyramid_who\n-----------\n\npyramid_who is a plugin that provides a pluggable facility to connect with\nseveral user backends (htpass, SQL, etc.) using repoze.who plugins.\n\nIn order to use it, you should not to enable ldap::\n\n osiris.ldap_enabled = false\n\nand provide the path to your who.ini::\n\n osiris.whoconfig = %(here)s/who.ini\n\nFor more information see: http://docs.repoze.org/who/2.0/\n\n\nTo do\n=====\n\nOsiris features only one oAuth 2.0 authentication flow: the `Resource owner\npassword credentials` (http://tools.ietf.org/html/rfc6749#section-4.3). It's\nready to accomodate the remaining flows defined by oAuth 2.0. A similar case\nhappens with the available storage backends. The current version sports only the\nMongoDB storage but Osiris support the use of a plugin storage model and can\naccomodate more storage types.\n\nOf course, any contribution is welcome. Please, feel free to contribute with\nyour own storage plugins and help implementing the remaining oAuth flows.\n\n\nCredits\n=======\n\nPluggable store factory inspired by Ben Bangert's Velruse\n(https://github.com/bbangert/velruse). Borrowed error handling from pyramid-\noauth2 (http://code.google.com/p/pyramid-oauth2/) by Kevin Van Wilder et al.\n\n\nChangeLog\n=========\n\n1.4 (2014-05-26)\n----------------\n\n* Make Osiris support dual authentication (LDAP-based and WHO-based) with priority to the LDAP-based user repository. [Victor Fernandez de Alba]\n* Add License [Victor Fernandez de Alba]\n* Merge branch 'master' of github.com:sneridagh/osiris [Victor Fernandez de Alba]\n* More tests, unify ldap config on .ini [Victor Fernandez de Alba]\n* Unified extensions for README and CHANGES. Updated MANIFEST.in [Victor Fernandez de Alba]\n\n1.3 (2013-08-02)\n----------------\n\n * Added use of greenlets and handle reconnects if cluster is enabled [Victor Fernandez de Alba]\n * Support for mongoDB cluster [Victor Fernandez de Alba]\n\n1.2 (2013-06-13)\n------------------\n\n- Update the deprecated method to connect to a MongoDB database.\n- Added ability to connect to a MongoDB replica set.\n\n1.1 (2013-06-04)\n------------------\n\n- Added a new way of parse LDAP settings to use with pyramid_ldap via a config\n file ldap.ini\n\n1.0.1 (2013-06-04)\n------------------\n\n- Fix UnboundLocalError when LDAP plugin enabled\n\n1.0 (2013-05-19)\n----------------\n\n- Improved test coverage (91% overall, 100% on implemented parts)\n- Updated implementation to be standard with the final oAuth 2.0 spec.\n- Polished scopes, error handling, return codes and error messaging\n- Included support for pyramid_ldap plug-in, as it has a better implementation\n than the repoze.who one.\n- Deprecate capped collections on mongodb_store\n\n\n1.0 beta1 (2012-02-22)\n----------------------\n\n- Initial version", "description_content_type": null, "docs_url": null, "download_url": "UNKNOWN", "downloads": { "last_day": -1, "last_month": -1, "last_week": -1 }, "home_page": "https://github.com/sneridagh/osiris.git", "keywords": "web pyramid pylons", "license": "UNKNOWN", "maintainer": null, "maintainer_email": null, "name": "osiris", "package_url": "https://pypi.org/project/osiris/", "platform": "UNKNOWN", "project_url": "https://pypi.org/project/osiris/", "project_urls": { "Download": "UNKNOWN", "Homepage": "https://github.com/sneridagh/osiris.git" }, "release_url": "https://pypi.org/project/osiris/1.4/", "requires_dist": null, "requires_python": null, "summary": "Pyramid based oAuth server", "version": "1.4" }, "last_serial": 1104441, "releases": { "1.0": [ { "comment_text": "", "digests": { "md5": "7da352f1aea1fd8c646709ee20eca024", "sha256": "4beaa735707cc1b9f7d793887c0c4ab670466d861247b2e50b19293174df9516" }, "downloads": -1, "filename": "osiris-1.0.tar.gz", "has_sig": false, "md5_digest": "7da352f1aea1fd8c646709ee20eca024", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 20137, "upload_time": "2013-06-02T21:03:26", "url": "https://files.pythonhosted.org/packages/4c/c4/67186c54bd90d283a51ef4e29267c9cbb9e4371975723301a03eae322220/osiris-1.0.tar.gz" } ], "1.0.1": [ { "comment_text": "", "digests": { "md5": "629905b4bbbacf9439a3afa2ead872af", "sha256": "db5d56505162d9250128b2d237bf5c4af1198efc3e0bfb65bfc7b6cb98c23227" }, "downloads": -1, "filename": "osiris-1.0.1.tar.gz", "has_sig": false, "md5_digest": "629905b4bbbacf9439a3afa2ead872af", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 20746, "upload_time": "2013-06-04T14:01:49", "url": "https://files.pythonhosted.org/packages/0c/c1/8582b05b25215aaaecf65463c0e5b36e162dbfe72205d3f935f13d0324b5/osiris-1.0.1.tar.gz" } ], "1.0.beta1": [ { "comment_text": "", "digests": { "md5": "cc8126814c35d9f07dd7bc87dc0e7884", "sha256": "df10ef9fbc22946c13e492793103c80cd48c6d97c84d0bae87b3a61d94a72e0a" }, "downloads": -1, "filename": "osiris-1.0.beta1-py2.7.egg", "has_sig": false, "md5_digest": "cc8126814c35d9f07dd7bc87dc0e7884", "packagetype": "bdist_egg", "python_version": "2.7", "requires_python": null, "size": 23337, "upload_time": "2012-02-22T23:40:40", "url": "https://files.pythonhosted.org/packages/aa/b1/0d5eeeda0e43bd806bed485a3a637022b7af5fbecc4afb623e1d64c07d1c/osiris-1.0.beta1-py2.7.egg" }, { "comment_text": "", "digests": { "md5": "20b5bb8021f1d2c0d95b4135b9285bfd", "sha256": "14edb3d443b562f19bcc31bee7f1611ecef3d2abd952abd11dc119ba1c26404d" }, "downloads": -1, "filename": "osiris-1.0.beta1.tar.gz", "has_sig": false, "md5_digest": "20b5bb8021f1d2c0d95b4135b9285bfd", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 11089, "upload_time": "2012-02-22T23:40:39", "url": "https://files.pythonhosted.org/packages/6e/f8/54d07c6585e07011654bad9d0d5bb96cec439bd5f3329e34e06a69b3d697/osiris-1.0.beta1.tar.gz" } ], "1.1": [ { "comment_text": "", "digests": { "md5": "606542683b02e65690505bf4a2faf152", "sha256": "e1b82a67c90b45ce6da5cdd54df035bfa5f8b7f7a5a5316873549f540d718d0a" }, "downloads": -1, "filename": "osiris-1.1.tar.gz", "has_sig": false, "md5_digest": "606542683b02e65690505bf4a2faf152", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 21024, "upload_time": "2013-06-04T14:43:11", "url": "https://files.pythonhosted.org/packages/8d/c8/c78e9e6d3705c6e626754023b140becfc6c523e7aa94202da57703e2428f/osiris-1.1.tar.gz" } ], "1.2": [ { "comment_text": "", "digests": { "md5": "f172964e27d317c71098bc489bb49997", "sha256": "42c77151076dc2548ffc79565f4404b737923a2a31bf653839264881f7f4e433" }, "downloads": -1, "filename": "osiris-1.2.tar.gz", "has_sig": false, "md5_digest": "f172964e27d317c71098bc489bb49997", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 18741, "upload_time": "2013-06-19T08:11:16", "url": "https://files.pythonhosted.org/packages/0a/30/ad58c9e3b536579c515068049136415da8f206346f424bff13d9a1c2d39c/osiris-1.2.tar.gz" } ], "1.3": [ { "comment_text": "", "digests": { "md5": "9bc347fea237b8d107c0e2fadf402186", "sha256": "dcaf189abca17d0418174369765307feb42a5f01a9231a4ba8e2acf7c65372bd" }, "downloads": -1, "filename": "osiris-1.3.zip", "has_sig": false, "md5_digest": "9bc347fea237b8d107c0e2fadf402186", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 25724, "upload_time": "2013-08-02T12:48:35", "url": "https://files.pythonhosted.org/packages/2b/e8/a799c52b9da73ed7d48d5af3fbcaa8be41cadb397778d08942a2b382c594/osiris-1.3.zip" } ], "1.4": [ { "comment_text": "", "digests": { "md5": "3529c8232a64d79c2cbcbd95e2b88baf", "sha256": "502250d283b8ea1590167fbc13b0d858afdcf14b65a37c24e63520bfe734ed6b" }, "downloads": -1, "filename": "osiris-1.4.zip", "has_sig": false, "md5_digest": "3529c8232a64d79c2cbcbd95e2b88baf", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 39401, "upload_time": "2014-05-26T12:05:31", "url": "https://files.pythonhosted.org/packages/a6/31/3336d8bbcc7070d83c67aa31a971d6b8f264eaecfe658abcabdec2ae3ce0/osiris-1.4.zip" } ] }, "urls": [ { "comment_text": "", "digests": { "md5": "3529c8232a64d79c2cbcbd95e2b88baf", "sha256": "502250d283b8ea1590167fbc13b0d858afdcf14b65a37c24e63520bfe734ed6b" }, "downloads": -1, "filename": "osiris-1.4.zip", "has_sig": false, "md5_digest": "3529c8232a64d79c2cbcbd95e2b88baf", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 39401, "upload_time": "2014-05-26T12:05:31", "url": "https://files.pythonhosted.org/packages/a6/31/3336d8bbcc7070d83c67aa31a971d6b8f264eaecfe658abcabdec2ae3ce0/osiris-1.4.zip" } ] }