Validate and extract information from OAuth2 token

pypi version Build status Coverage Code style: black Number of tests Number of downloads

Validating an OAuth2 token

import oauth2helper

headers = {"Authorization": "Bearer YOUR_OAUTH2_TOKEN"}
my_token = headers.get('Authorization')[7:]

# Will raise InvalidTokenError or InvalidKeyError in case validation failed
oauth2helper.validate(my_token, "https://provider_url/common/discovery/keys")

Extracting user from a OAuth2 token

import oauth2helper

headers = {"Authorization": "Bearer YOUR_OAUTH2_TOKEN"}
my_token = headers.get('Authorization')[7:]

json_header, json_body = oauth2helper.validate(my_token, "https://provider_url/common/discovery/keys")
username = oauth2helper.user_name(json_body)

Starlette

A Starlette AuthenticationMiddleware backend is available.

from starlette.applications import Starlette
from starlette.authentication import requires
from starlette.middleware import Middleware
from starlette.middleware.authentication import AuthenticationMiddleware
from oauth2helper.starlette import OAuth2IdTokenBackend, unauthorized


backend = OAuth2IdTokenBackend(
    identity_provider_url="https://identity_provider_url",
    # You can extract scopes per user and validate them on @requires decorator
    scopes_retrieval=lambda json_body: ["authenticated"],
)
app = Starlette(middleware=[Middleware(AuthenticationMiddleware, backend=backend, on_error=unauthorized)])

@app.route("/authenticated_endpoint")
@requires(scopes=["authenticated"])
def endpoint(request):
    pass  # Implement your own logic

How to install

  1. python 3.6+ must be installed
  2. Use pip to install module:
    python -m pip install oauth2helper