{ "info": { "author": "Shane Hathaway", "author_email": "shane@hathawaymix.org", "bugtrack_url": null, "classifiers": [ "Development Status :: 3 - Alpha", "Framework :: Pylons", "Intended Audience :: Developers", "Programming Language :: Python", "Topic :: Internet :: WWW/HTTP", "Topic :: Internet :: WWW/HTTP :: WSGI :: Application" ], "description": "Yasso (Yet Another Single Sign-On) is a system for building a web-based\nsingle sign-on service using OAuth2. It is intended to be compliant with\ndraft 25 of the `OAuth2 specification`_.\n\n.. _`OAuth2 specification`: http://oauth.net/2/\n\n\nGetting Started\n===============\n\nA demo configuration is included to help you get started. Install\nand run the demo configuration like this::\n\n $ git clone git://github.com/hathawsh/yasso.git\n $ cd yasso\n $ virtualenv --no-site-packages .\n $ bin/pip install -U zc.buildout\n $ bin/buildout\n $ bin/pserve demo.ini\n\nThe demo Yasso server will then be available at http://localhost:8510/ .\nYou can browse to it, but you won't see much yet.\n\nIn another shell, install and run the oauth2sample client::\n\n $ git clone git://github.com/hathawsh/oauth2sample.git\n $ cd oauth2sample\n $ virtualenv --no-site-packages .\n $ bin/pip install -U zc.buildout\n $ bin/buildout\n $ bin/pserve yasso-demo.ini\n\nThe sample client will then be available at http://localhost:8511/ .\nBrowse there. You will be redirected to the Yasso authorize endpoint\nand Yasso will request that you log in using HTTP basic authentication.\nLog in with the username ``sample1``, password ``password``. Finally, you\nbe redirected back to the sample OAuth2 client and you will be logged in\nas sample1. End of demo.\n\nAssuming everything worked, that demo was short and quiet, which is\nhow it should be: single sign-on should be mostly invisible to users.\n\nHTTP basic authentication is probably the first thing you'll want to replace.\nTo change it, create a repoze.who configuration appropriate\nfor your organization and use your own Pyramid configuration file\n(instead of demo.ini) that points to your repoze.who configuration file.\n\n\nStructure\n=========\n\nYasso is composed of three distinct Pyramid applications. Each has\ndifferent security policies and views, but all use the same model objects.\n\n- The authorize application is visible to end users. When a user\n wants to log in at a client web site, the client redirects the\n user's browser to the Yasso authorize endpoint (which is part of\n the authorize application) to let the user log in.\n Once the user logs in, Yasso redirects the browser back to the client\n web site with OAuth2 parameters; the web site calls the token\n endpoint to finish authorization.\n\n- The token application, which provides the token endpoint, is not\n intended to be visible to users. Once a user has authenticated\n in Yasso, client web sites call the token endpoint directly\n (using a REST call) to create an access token. An access token\n lets the client use the resource application.\n\n- The resource application is also not intended to be visible\n to users. Calls to the resource application require a valid\n access token in the POST parameters or HTTP headers. The default\n resource application only allows the client web site to get\n the user ID, but you can create your own views that allow clients\n to do other things on behalf of the user.\n\nYasso includes a WSGI composite application that blends the three\napplications together. The composite application maps URL paths that\nstart with /resource to the resource application, URL paths that start\nwith /token to the token application, and all other URLs to the\nauthorize application.\n\n\n\n\n0.0\n---\n\n- Initial version", "description_content_type": null, "docs_url": null, "download_url": "UNKNOWN", "downloads": { "last_day": -1, "last_month": -1, "last_week": -1 }, "home_page": "https://github.com/hathawsh/yasso", "keywords": "web pylons pyramid oauth oauth2 yasso", "license": "BSD-derived (http://www.repoze.org/LICENSE.txt)", "maintainer": null, "maintainer_email": null, "name": "yasso", "package_url": "https://pypi.org/project/yasso/", "platform": "UNKNOWN", "project_url": "https://pypi.org/project/yasso/", "project_urls": { "Download": "UNKNOWN", "Homepage": "https://github.com/hathawsh/yasso" }, "release_url": "https://pypi.org/project/yasso/0.1/", "requires_dist": null, "requires_python": null, "summary": "Yet Another Single Sign-On: An OAuth2 Provider", "version": "0.1" }, "last_serial": 801937, "releases": { "0.1": [ { "comment_text": "", "digests": { "md5": "c8253f10002a9b5da939142c6286d121", "sha256": "704dec0da69b3983d634ba1521135306746d0dd0b00406ac1b9534c22c0b6e1c" }, "downloads": -1, "filename": "yasso-0.1.tar.gz", "has_sig": false, "md5_digest": "c8253f10002a9b5da939142c6286d121", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 62162, "upload_time": "2012-04-05T11:17:16", "url": "https://files.pythonhosted.org/packages/eb/81/bd31b5a7c3babc037cf07d76786d8c3dc2560a3f52ba5ac2e87b6afe3613/yasso-0.1.tar.gz" } ] }, "urls": [ { "comment_text": "", "digests": { "md5": "c8253f10002a9b5da939142c6286d121", "sha256": "704dec0da69b3983d634ba1521135306746d0dd0b00406ac1b9534c22c0b6e1c" }, "downloads": -1, "filename": "yasso-0.1.tar.gz", "has_sig": false, "md5_digest": "c8253f10002a9b5da939142c6286d121", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 62162, "upload_time": "2012-04-05T11:17:16", "url": "https://files.pythonhosted.org/packages/eb/81/bd31b5a7c3babc037cf07d76786d8c3dc2560a3f52ba5ac2e87b6afe3613/yasso-0.1.tar.gz" } ] }