{ "info": { "author": "Tommy Yu", "author_email": "tommy.yu@auckland.ac.nz", "bugtrack_url": null, "classifiers": [ "Development Status :: 4 - Beta", "Framework :: Plone :: 4.0", "Framework :: Plone :: 4.1", "Framework :: Plone :: 4.2", "License :: OSI Approved :: GNU General Public License v2 (GPLv2)", "Programming Language :: Python", "Programming Language :: Python :: 2.5", "Programming Language :: Python :: 2.6", "Programming Language :: Python :: 2.7", "Topic :: Software Development :: Libraries :: Python Modules" ], "description": "============\nIntroduction\n============\n\nThis module provides OAuth support for Zope/Plone, with the option to be\nextensible through the Zope Component Architecture to allow the addition\nof more feature-rich components. Features core to OAuth are fully\nsupported, this includes the full OAuth authentication workflow, client\n(consumer) management for site managers and access token management for\nresource owners. Scope restriction is also supported; site managers can\ndefine content types and subpaths that are available for client usage\nusing scope profiles, and clients can specify a list of them to better\ninform the resource owners of what will be accessed under their access\nrights.\n\n.. image:: https://travis-ci.org/PMR2/pmr2.oauth.svg?branch=0.6.x\n :target: https://travis-ci.org/PMR2/pmr2.oauth\n.. image:: https://coveralls.io/repos/PMR2/pmr2.oauth/badge.svg?branch=0.6.x&service=github\n :target: https://coveralls.io/github/PMR2/pmr2.oauth?branch=0.6.x\n\nWhile the test coverage is fairly complete and demonstrates that access\npermissions and scope restriction function as intended, the author does\nnot currently endorse the usage of this package in a mission critical\nenvironment where absolute security is required, as there are no audits\nhave been done on this package by security experts. Otherwise, please\nensure that your users are aware of who the trusted third-party clients\nare and that your site's privacy and security policies are updated to\nfully inform your users of risks that may be associated with the usage\nof OAuth with this package.\n\n\n------------\nInstallation\n------------\n\n~~~~~~~~~~~~\nRequirements\n~~~~~~~~~~~~\n\nThis package requires Plone 4.1 or later.\n\n~~~~~~~~~~~~~~~~~~~~~~~~\nInstalling with buildout\n~~~~~~~~~~~~~~~~~~~~~~~~\n\nYou can install pmr2.oauth using `buildout`_ by adding an entry for this\npackage in both eggs and zcml sections.\n\n.. _buildout: http://pypi.python.org/pypi/zc.buildout\n\nExample::\n\n [buildout]\n ...\n\n [instance]\n ...\n\n eggs =\n ...\n pmr2.oauth\n\n zcml =\n ...\n pmr2.oauth\n\nRun buildout, then restart the Zope/Plone instance. This package must\nalso be activated using the Add-ons panel under Site Setup within the\nPlone instance where OAuth based authorization is to be used.\n\n\n------------------------------------------\nFurther information and usage instructions\n------------------------------------------\n\nIf the add-on is correctly installed and activated, an index of views\nmade available as part of this add-on can be found at\n``${portal_url}/@@pmr2-oauth``.\n\nIf you are upgrading from a previously installed version of this add-on,\nplease refer to ``docs/UPGRADE.rst`` for some important information.\n\nFor more detailed information, please refer to the doctest file at\n``pmr2/oauth/README.rst``.\n\n\n~~~~~\nAbout\n~~~~~\n\nThis add-on was created as part of the `Physiome Model Repository`_ in\norder to enable it to provide secured web-service access using a well\nsupported, industry-standard authorization method for third-party\nclients.\n\n.. _`Physiome Model Repository`: https://models.physiomeproject.org/\n\n=========\nChangelog\n=========\n\n------------------\n0.6.1 - 2017-01-13\n------------------\n\n* Ensure the tests work with plone.protect>=3, and bumped dependencies.\n\n------------------\n0.6.0 - 2015-08-21\n------------------\n\n* Usability enhancements; reworded the user facing form and added a user\n action for easier linkage to their approved applications.\n* Updated dependency to oauthlib>=1.0.2.\n\n------------------\n0.5.1 - 2013-11-22\n------------------\n\n* Bug Fix: Corrected the handling of application/x-www-form-urlencoded\n for the signature verification. [PMR/pmr2.oauth#4]\n\n----------------\n0.5 - 2013-10-24\n----------------\n\n* Updated the supported oauthlib to 0.6.0\n* The design has been refactored to rely on the token endpoint classes\n for the validation.\n* Support OAuth requests encoded using URL query strings.\n* Addition of new content types into portal should no longer result in\n z3c.form-3.0.0 breaking on .\n* Updated a large amounts of text and even an internal management\n endpoint to be more clear and reflective of the terminology used in\n RFC 5849.\n* More usability fixes. The entire management interface should now be\n easily accessible through the Site Setup menu, and also the inner\n management pages should link back to the main OAuth management page.\n\n------------------\n0.4.5 - 2013-07-09\n------------------\n\n* Removed deprecated imports from zope.app.*.\n\n------------------\n0.4.4 - 2013-04-04\n------------------\n\n* URL encoding/decoding workaround to ensure the query parameters are\n being processed correctly.\n* Bug fix: Deleting a client (consumer) no longer prevents user from\n managing their list of issued tokens.\n* Depends on oauthlib 0.4.0\n\n------------------\n0.4.3 - 2013-02-01\n------------------\n\n* Pin the minimum supported oauthlib version to 0.3.5 to maintain\n consistency of the require_callback parameter.\n\n------------------\n0.4.2 - 2013-01-31\n------------------\n\n* Security Fix: Correctly apply CSRF protection to all forms.\n* Denying a non-existent token will no longer show a stack trace.\n\nNote: 0.4.1 was aborted due to incomplete fix.\n\n----------------\n0.4 - 2013-01-22\n----------------\n\n~~~~~~~~~~~~~~~~~~~~~~~~~~~\nMajor architectural changes\n~~~~~~~~~~~~~~~~~~~~~~~~~~~\n\n* Removal of python-oauth2 and use oauthlib. Significant changes to the\n PAS OAuthPlugin, including the removal of all private methods,\n replacement of the OAuthUtility with an adapter, with nearly all\n authentication and verification functions moved into this adapter,\n which extends the oauthlib server class.\n* Scope manager completely redefined to accept any identifiers, which\n can be client (consumer), temporary or access keys. Specific\n implementations can then make use of this change.\n* Default scope manager no longer manages permitted URIs based directly\n on regex, but views and subpaths within specific content types.\n* Consumer keys now randomly generated. For identification purposes the\n title and domain fields are introduced. Domain field serves an\n additional purpose for verification of callbacks by the default\n callback manager.\n\n~~~~~~~~~~~~\nNew features\n~~~~~~~~~~~~\n\n* Introduction of callback manager. This manages permitted targets for\n callbacks, so that resource owners will not be redirected to untrusted\n hosts especially for oob clients.\n* Default scope manager provides the concept of scope profiles, which\n are concise representations of access that will be granted by the\n resource owner to clients.\n* Base classes for extending/replacing provided functionalities.\n* An index of all valid endpoints (views) made available by this add-on.\n\n~~~~~~~~~~~~~~~~~~~~~~\nBugs (and maybe fixes)\n~~~~~~~~~~~~~~~~~~~~~~\n\n* The missing permissions.zcml is now included. (noted by ngi644)\n* Translations are not included with this release as there were too many\n new and modified text.\n\n-----------------\n0.3a - 2012-11-23\n-----------------\n\n* Scope manager now permit POST requests.\n* Corrected the scope verification to be based on the resolved internal\n script URL.\n* Corrected the signature verification method to use the actual URL, not\n the internal script URL.\n* Workaround the adherence to legacy part of the spec in python-oauth2.\n\nNote: This is a special release for development of PMR2-0.7 (or Release \n7), as this package now depends on some packages not yet released. This\nrelease is made regardless as it is needed for demonstration purposes.\n\n----------------\n0.2 - 2012-10-16\n----------------\n\n* Completing i18n coverage and added Italian support. [giacomos]\n* Added intermediate form class to eliminate the need to define wrapper\n classes for compatibility between Plone and z3c.form.\n\n----------------\n0.1 - 2011-10-20\n----------------\n\n* Provide the core functionality of OAuth into Zope/Plone, through the\n use of custom forms and the Pluggable Authentication System.\n* Contain just the basic storage for all associated data types, but\n extensibility is allowed.", "description_content_type": null, "docs_url": null, "download_url": "UNKNOWN", "downloads": { "last_day": -1, "last_month": -1, "last_week": -1 }, "home_page": "https://github.com/PMR2/pmr2.oauth", "keywords": "", "license": "GPL", "maintainer": null, "maintainer_email": null, "name": "pmr2.oauth", "package_url": "https://pypi.org/project/pmr2.oauth/", "platform": "UNKNOWN", "project_url": "https://pypi.org/project/pmr2.oauth/", "project_urls": { "Download": "UNKNOWN", "Homepage": "https://github.com/PMR2/pmr2.oauth" }, "release_url": "https://pypi.org/project/pmr2.oauth/0.6.1/", "requires_dist": null, "requires_python": null, "summary": "OAuth PAS Plugin, OAuth 1.0 provider for Plone.", "version": "0.6.1" }, "last_serial": 2571354, "releases": { "0.1": [ { "comment_text": "", "digests": { "md5": "edc22d1a5a514f828ef031fe61c2c6c9", "sha256": "978fb8bd0af2a27112182909652f9637d1c704a4c6f3bb41ae44654d39691344" }, "downloads": -1, "filename": "pmr2.oauth-0.1.tar.gz", "has_sig": false, "md5_digest": "edc22d1a5a514f828ef031fe61c2c6c9", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 47561, "upload_time": "2011-10-20T09:03:27", "url": "https://files.pythonhosted.org/packages/84/90/bdbd74a3ce26bec008302beacf437033dfc1a5cfd7760b955aa4044dfbcb/pmr2.oauth-0.1.tar.gz" } ], "0.2": [ { "comment_text": "", "digests": { "md5": "79b4a815fe456513553c5b4bcdc9c13d", "sha256": "1fb320bcd5c52130ef9a3d8f2d16033c5ca00a18e414830e769a4dd29d428812" }, "downloads": -1, "filename": "pmr2.oauth-0.2.tar.gz", "has_sig": false, "md5_digest": "79b4a815fe456513553c5b4bcdc9c13d", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 53094, "upload_time": "2012-10-16T04:22:24", "url": "https://files.pythonhosted.org/packages/cd/00/21ae45e32e93f119b3d4016d68ec89273cfd2866a8a2c579cacf3a0b7351/pmr2.oauth-0.2.tar.gz" } ], "0.4": [ { "comment_text": "", "digests": { "md5": "0f9f73098d659393ab474ed94be0ac55", "sha256": "d71d5edbac734d5e725ee855627f2208d412ce6f8f0a448dc75333efb9df84fa" }, "downloads": -1, "filename": "pmr2.oauth-0.4.tar.gz", "has_sig": false, "md5_digest": "0f9f73098d659393ab474ed94be0ac55", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 87322, "upload_time": "2013-01-22T06:31:24", "url": "https://files.pythonhosted.org/packages/55/75/cd81966755c518ed6f1b56c721e4815a1b561ff76814055c38d623d60618/pmr2.oauth-0.4.tar.gz" } ], "0.4.2": [ { "comment_text": "", "digests": { "md5": "9463b8ec6ec8d65e386bb3ef5e9126bf", "sha256": "6383d4415c9585c738e08c9104efa297d106e141d1bb3a5ab2bcb1ddfbfa5492" }, "downloads": -1, "filename": "pmr2.oauth-0.4.2.tar.gz", "has_sig": false, "md5_digest": "9463b8ec6ec8d65e386bb3ef5e9126bf", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 88640, "upload_time": "2013-01-31T04:21:31", "url": "https://files.pythonhosted.org/packages/01/7f/ddbdcf7e0db8a768288157d5b162fbb865be779007846e85159b36632a93/pmr2.oauth-0.4.2.tar.gz" } ], "0.4.3": [ { "comment_text": "", "digests": { "md5": "2fd5145f18f22695d0bd4723d9e81e10", "sha256": "e59f4d1e6151fa803de27fca8e16e194e5cd8e09d60f7c127efcf34b5f9424ae" }, "downloads": -1, "filename": "pmr2.oauth-0.4.3.tar.gz", "has_sig": false, "md5_digest": "2fd5145f18f22695d0bd4723d9e81e10", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 88811, "upload_time": "2013-02-01T05:51:08", "url": "https://files.pythonhosted.org/packages/4d/b5/5c08fd85138c15bb5714be058fbc2653ac96785470f6665bda37aa3578a1/pmr2.oauth-0.4.3.tar.gz" } ], "0.4.4": [ { "comment_text": "", "digests": { "md5": "73f1d956b4f9ef007c60834cf5757c80", "sha256": "474ec961223d50903882961ca8d05c2edd15a57f91ec9244a1237fd1ff56e392" }, "downloads": -1, "filename": "pmr2.oauth-0.4.4.tar.gz", "has_sig": false, "md5_digest": "73f1d956b4f9ef007c60834cf5757c80", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 90416, "upload_time": "2013-04-04T07:03:04", "url": "https://files.pythonhosted.org/packages/c9/c3/af4a406ccc9dda22fc06d79e050a70ffc90ef91185aad335df019ac3fd4f/pmr2.oauth-0.4.4.tar.gz" } ], "0.5": [ { "comment_text": "", "digests": { "md5": "dddf5053ac0fdeb2b19bc9a68c73effd", "sha256": "4c296ed3d6a20c6cccab527524e8a6a5f9c5c03f44bf97f082b46df2264ee5f2" }, "downloads": -1, "filename": "pmr2.oauth-0.5.tar.gz", "has_sig": false, "md5_digest": "dddf5053ac0fdeb2b19bc9a68c73effd", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 63715, "upload_time": "2013-10-24T10:18:29", "url": "https://files.pythonhosted.org/packages/24/c9/205947761baac040435f3e8155c7406203afab60ae41629103bdd048a79b/pmr2.oauth-0.5.tar.gz" } ], "0.5.1": [ { "comment_text": "", "digests": { "md5": "84b9086a31e341a74ee5cbb5e4b2ba6b", "sha256": "162039a536b0f025998ddbb205eed16fc71af2197fe72df57f15618891679dbd" }, "downloads": -1, "filename": "pmr2.oauth-0.5.1.tar.gz", "has_sig": false, "md5_digest": "84b9086a31e341a74ee5cbb5e4b2ba6b", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 61970, "upload_time": "2013-11-22T22:29:18", "url": "https://files.pythonhosted.org/packages/2a/9a/b0695f098853f74762803f4c1811c843be686377356a2e1cb8f97d6000dd/pmr2.oauth-0.5.1.tar.gz" } ], "0.6.0": [ { "comment_text": "", "digests": { "md5": "d0098ffc75f1a49b7b334ea8a0e393b7", "sha256": "4be5b5409afcce4243a82068d063e432dcadf90f22756730b37ec3da319a39ff" }, "downloads": -1, "filename": "pmr2.oauth-0.6.0.tar.gz", "has_sig": false, "md5_digest": "d0098ffc75f1a49b7b334ea8a0e393b7", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 63892, "upload_time": "2015-08-21T05:28:37", "url": "https://files.pythonhosted.org/packages/e7/46/5489d26350faacdd43014c3d578e9d6e6ba66dd38699c4bc4b266f8eabe6/pmr2.oauth-0.6.0.tar.gz" } ], "0.6.1": [ { "comment_text": "", "digests": { "md5": "1a439e0a463b541d03804675b108b2a4", "sha256": "d6d08b18364e2e59a426cf5941ff83bfddc8c74b394df39b65dea42acaf940c6" }, "downloads": -1, "filename": "pmr2.oauth-0.6.1.tar.gz", "has_sig": false, "md5_digest": "1a439e0a463b541d03804675b108b2a4", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 72200, "upload_time": "2017-01-13T05:04:43", "url": "https://files.pythonhosted.org/packages/eb/9d/bdd9cb901fc736e4eac5b462065053636bc52675ce549120bba9adbeb11e/pmr2.oauth-0.6.1.tar.gz" } ] }, "urls": [ { "comment_text": "", "digests": { "md5": "1a439e0a463b541d03804675b108b2a4", "sha256": "d6d08b18364e2e59a426cf5941ff83bfddc8c74b394df39b65dea42acaf940c6" }, "downloads": -1, "filename": "pmr2.oauth-0.6.1.tar.gz", "has_sig": false, "md5_digest": "1a439e0a463b541d03804675b108b2a4", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 72200, "upload_time": "2017-01-13T05:04:43", "url": "https://files.pythonhosted.org/packages/eb/9d/bdd9cb901fc736e4eac5b462065053636bc52675ce549120bba9adbeb11e/pmr2.oauth-0.6.1.tar.gz" } ] }