by

Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Activity
Omer Katz
@thedrow
@JonathanHuot Hi how are you? I see that you're less active these days.
Jonathan Huot
@JonathanHuot
Hello, I'm good :) Yeah, not much time to spend. I was trying to grab more privilege on requests-oauthlib, but without success. I think it is key to have more hands on oauthlib framework
Omer Katz
@thedrow
I don't have much time either
Jonathan Huot
@JonathanHuot
Ideally I'd like to improve the OIDC doc on oauthlib side; maybe a graph of calls... not sure.
Omer Katz
@thedrow
Reviewing PRs is more important
We have a bunch waiting
With some, I don't know what to do
Especially when its related to OAuth1
Jonathan Huot
@JonathanHuot
About OAuth1 I'm totally useless :D
Jonathan Huot
@JonathanHuot
I'm merging the PR related to OAuth2 Client
did you see the bump in the nb of "used by" packages ? we were used by 30k repositories, now we're used by 55k repositories :o
Jonathan Huot
@JonathanHuot
I'm merging the longlansting PR oauthlib/oauthlib#705 since no feedback since
Omer Katz
@thedrow
Nice!
Asif Saif Uddin
@auvipy
hi
Jonathan Huot
@JonathanHuot
Hi @auvipy and welcome ;)
educatedguessing
@educatedguessing
Hi all
first of all, thanks for Oauthlib! Currently I'm looking into using requests-oauthlib in conjunction with yelp/bravado. However, I would have to implement some changes. Is anyone here familiar/responsible for requests-oauthlib? I would appreciate a small chat before initiating a public conversation (I'm not that familiar with open source / pull requests)
Thanks
Jonathan Huot
@JonathanHuot
Hi @educatedguessing , I'm more familiar with the provider part than the client part, however I could help about the OSS/PR part.
educatedguessing
@educatedguessing
Hi @JonathanHuot ,I might take you up on your offer. However looking at more reported issues I realized that my idea might introduce other problems or at least complicate fixing them. Therefor I'm not going to request a PR just yet.
Preet Sharma
@sharmapreet.pune_gitlab
Hi All, I am new to OAuth2 and need some expert help here. Can someone help me to provide some information on Authorization server creation for PKCE flow ?
Jonathan Huot
@JonathanHuot
Hi @sharmapreet.pune_gitlab , sure you can ask
Jonathan Huot
@JonathanHuot
did you want to create your own oauth2 provider to allow PKCE flow ? do you have oauth2 native/desktop/mobile clients where you want to use PKCE ?
have you considered using a public oauth2 provider ?
Preet Sharma
@sharmapreet.pune_gitlab
Hi @JonathanHuot .Yes . we are in need to create our own oauth2 provider for PKCE flow coz of some customer requirement . we propose various public oauth2 provider however customer want own provider. Appreciate your help.
Jonathan Huot
@JonathanHuot
which webframework are you going to use ?
P Sharma
@pcsharma.uda_gitlab
iI am planning to use Django
Jonathan Huot
@JonathanHuot
You can follow the requestValidators implementation and implement the basic authorization code flow. Then implement the PKCE specifics methods.
Preet Sharma
@sharmapreet.pune_gitlab
@JonathanHuot Thanks for help. OK, let me try in this way. by the way any existing repo of server source code to reuse ?
Jonathan Huot
@JonathanHuot
I think not on my knowledge
Django-Oauth-Toolkit is implementing most of it though
but I not personally tested it; a lot of ppl is using it there.
Preet Sharma
@sharmapreet.pune_gitlab
ok @JonathanHuot , will try with Django TK. thanks for info.
michael-hart
@michael-hart
Hi all - looking for some feedback before I get too deep into coding something that won't work. I have a user account on a website Foo that I sign into using OAuth via my Google account. I want to make a Python application that can sign into Foo using OAuth via Google directly such that I can pull resources from Foo that are restricted to my user account. Is that possible?
Jonathan Huot
@JonathanHuot
Hi @michael-hart , yes. Do you have already a webframework?
michael-hart
@michael-hart
Thanks @JonathanHuot - I don't, the program in question is a Qt application. I want to be able to sign in to D&D Beyond, if you know it. I'm guessing that I can, in my program, get the user to sign directly into the website? Do I require that website to offer an API to do so? Any links you have on this would be great!
Jonathan Huot
@JonathanHuot
Hi @michael-hart , thanks for the details, it is clearer. Also, can you precise how do you plan to do the authorization part? only checking the identity or using oauth scope? Qt application -> you need to use an authorization grant with PKCE support (aka native)