by

Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Activity
Omer Katz
@thedrow
oauthlib does not do any I/O
So it's up for our third-parties to implement those
@jaredvacanti Yes, you are correct.
Jonathan Huot
@JonathanHuot
Hi /all, I'm going to force merge the PR lacking for reviewers in a couple of days. It's waiting for long time and it impacts the latest documentation available on the RTD site. Last chance to give your input !! :) Any inputs are welcomed
Omer Katz
@thedrow
Which PR?
Jonathan Huot
@JonathanHuot
I have integrated two PRs, feel free to read the documentation https://oauthlib.readthedocs.io/en/latest/oauth2/oidc.html and comment :)
Omer Katz
@thedrow
@JonathanHuot Any idea what should we do with oauthlib/oauthlib#724 ?
Jonathan Huot
@JonathanHuot
I agree that's a mess... I think we should remove the variants and include allinone package only for the sake's of simplicity. Then,
if anyone want to submit PR, as long as it simplifies maintenance, then I'm good for it
Omer Katz
@thedrow
@JonathanHuot Hi how are you? I see that you're less active these days.
Jonathan Huot
@JonathanHuot
Hello, I'm good :) Yeah, not much time to spend. I was trying to grab more privilege on requests-oauthlib, but without success. I think it is key to have more hands on oauthlib framework
Omer Katz
@thedrow
I don't have much time either
Jonathan Huot
@JonathanHuot
Ideally I'd like to improve the OIDC doc on oauthlib side; maybe a graph of calls... not sure.
Omer Katz
@thedrow
Reviewing PRs is more important
We have a bunch waiting
With some, I don't know what to do
Especially when its related to OAuth1
Jonathan Huot
@JonathanHuot
About OAuth1 I'm totally useless :D
Jonathan Huot
@JonathanHuot
I'm merging the PR related to OAuth2 Client
did you see the bump in the nb of "used by" packages ? we were used by 30k repositories, now we're used by 55k repositories :o
Jonathan Huot
@JonathanHuot
I'm merging the longlansting PR oauthlib/oauthlib#705 since no feedback since
Omer Katz
@thedrow
Nice!
Asif Saif Uddin
@auvipy
hi
Jonathan Huot
@JonathanHuot
Hi @auvipy and welcome ;)
educatedguessing
@educatedguessing
Hi all
first of all, thanks for Oauthlib! Currently I'm looking into using requests-oauthlib in conjunction with yelp/bravado. However, I would have to implement some changes. Is anyone here familiar/responsible for requests-oauthlib? I would appreciate a small chat before initiating a public conversation (I'm not that familiar with open source / pull requests)
Thanks
Jonathan Huot
@JonathanHuot
Hi @educatedguessing , I'm more familiar with the provider part than the client part, however I could help about the OSS/PR part.
educatedguessing
@educatedguessing
Hi @JonathanHuot ,I might take you up on your offer. However looking at more reported issues I realized that my idea might introduce other problems or at least complicate fixing them. Therefor I'm not going to request a PR just yet.
Preet Sharma
@sharmapreet.pune_gitlab
Hi All, I am new to OAuth2 and need some expert help here. Can someone help me to provide some information on Authorization server creation for PKCE flow ?
Jonathan Huot
@JonathanHuot
Hi @sharmapreet.pune_gitlab , sure you can ask
Jonathan Huot
@JonathanHuot
did you want to create your own oauth2 provider to allow PKCE flow ? do you have oauth2 native/desktop/mobile clients where you want to use PKCE ?
have you considered using a public oauth2 provider ?
Preet Sharma
@sharmapreet.pune_gitlab
Hi @JonathanHuot .Yes . we are in need to create our own oauth2 provider for PKCE flow coz of some customer requirement . we propose various public oauth2 provider however customer want own provider. Appreciate your help.
Jonathan Huot
@JonathanHuot
which webframework are you going to use ?
P Sharma
@pcsharma.uda_gitlab
iI am planning to use Django
Jonathan Huot
@JonathanHuot
You can follow the requestValidators implementation and implement the basic authorization code flow. Then implement the PKCE specifics methods.
Preet Sharma
@sharmapreet.pune_gitlab
@JonathanHuot Thanks for help. OK, let me try in this way. by the way any existing repo of server source code to reuse ?
Jonathan Huot
@JonathanHuot
I think not on my knowledge
Django-Oauth-Toolkit is implementing most of it though
but I not personally tested it; a lot of ppl is using it there.
Preet Sharma
@sharmapreet.pune_gitlab
ok @JonathanHuot , will try with Django TK. thanks for info.
michael-hart
@michael-hart
Hi all - looking for some feedback before I get too deep into coding something that won't work. I have a user account on a website Foo that I sign into using OAuth via my Google account. I want to make a Python application that can sign into Foo using OAuth via Google directly such that I can pull resources from Foo that are restricted to my user account. Is that possible?
Jonathan Huot
@JonathanHuot
Hi @michael-hart , yes. Do you have already a webframework?
michael-hart
@michael-hart
Thanks @JonathanHuot - I don't, the program in question is a Qt application. I want to be able to sign in to D&D Beyond, if you know it. I'm guessing that I can, in my program, get the user to sign directly into the website? Do I require that website to offer an API to do so? Any links you have on this would be great!
Jonathan Huot
@JonathanHuot
Hi @michael-hart , thanks for the details, it is clearer. Also, can you precise how do you plan to do the authorization part? only checking the identity or using oauth scope? Qt application -> you need to use an authorization grant with PKCE support (aka native)