Trees | Indices | Help |
---|
|
An OAuth 2.0 client. Tools for interacting with OAuth 2.0 protected resources.
Author: jcgregorio@google.com (Joe Gregorio)
|
|||
Error Base error for this module. |
|||
FlowExchangeError Error trying to exchange an authorization grant for an access token. |
|||
AccessTokenRefreshError Error trying to refresh an expired access token. |
|||
UnknownClientSecretsFlowError The client secrets file called for an unknown type of OAuth 2.0 flow. |
|||
AccessTokenCredentialsError Having only the access_token means no refresh is possible. |
|||
VerifyJwtTokenError Could on retrieve certificates for validation. |
|||
MemoryCache httplib2 Cache implementation which only caches locally. |
|||
Credentials Base class for all Credentials objects. |
|||
Flow Base class for all Flow objects. |
|||
Storage Base class for all Storage objects. |
|||
OAuth2Credentials Credentials object for OAuth 2.0. |
|||
AccessTokenCredentials Credentials object for OAuth 2.0. |
|||
AssertionCredentials Abstract Credentials object used for OAuth 2.0 assertion grants. |
|||
SignedJwtAssertionCredentials Credentials object used for OAuth 2.0 Signed JWT assertion grants. |
|||
OAuth2WebServerFlow Does the Web Server Flow for OAuth 2.0. |
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|
|||
HAS_OPENSSL = True
|
|||
logger = logging.getLogger(__name__)
|
|||
EXPIRY_FORMAT =
|
|||
ID_TOKEN_VERIFICATON_CERTS =
|
|||
OOB_CALLBACK_URN =
|
|||
_cached_http = httplib2.Http(MemoryCache())
|
|||
__package__ =
|
|
Verifies a signed JWT id_token. This function requires PyOpenSSL and because of that it does not work on App Engine. For App Engine you may consider using AppAssertionCredentials. Args: id_token: string, A Signed JWT. audience: string, The audience 'aud' that the token should be for. http: httplib2.Http, instance to use to make the HTTP request. Callers should supply an instance that has caching enabled. cert_uri: string, URI of the certificates in JSON format to verify the JWT against. Returns: The deserialized JSON in the JWT. Raises: oauth2client.crypt.AppIdentityError if the JWT fails to verify. |
Extract the JSON payload from a JWT. Does the extraction w/o checking the signature. Args: id_token: string, OAuth 2.0 id_token. Returns: object, The deserialized JSON payload. |
Parses response of an exchange token request. Most providers return JSON but some (e.g. Facebook) return a url-encoded string. Args: content: The body of a response Returns: Content as a dictionary object. Note that the dict could be empty, i.e. {}. That basically indicates a failure. |
Exchanges an authorization code for an OAuth2Credentials object. Args: client_id: string, client identifier. client_secret: string, client secret. scope: string or list of strings, scope(s) to request. code: string, An authroization code, most likely passed down from the client redirect_uri: string, this is generally set to 'postmessage' to match the redirect_uri that the client specified http: httplib2.Http, optional http instance to use to do the fetch token_uri: string, URI for token endpoint. For convenience defaults to Google's endpoints but any OAuth 2.0 provider can be used. Returns: An OAuth2Credentials object. Raises: FlowExchangeError if the authorization code cannot be exchanged for an access token |
Returns OAuth2Credentials from a clientsecrets file and an auth code. Will create the right kind of Flow based on the contents of the clientsecrets file or will raise InvalidClientSecretsError for unknown types of Flows. Args: filename: string, File name of clientsecrets. scope: string or list of strings, scope(s) to request. code: string, An authroization code, most likely passed down from the client message: string, A friendly string to display to the user if the clientsecrets file is missing or invalid. If message is provided then sys.exit will be called in the case of an error. If message in not provided then clientsecrets.InvalidClientSecretsError will be raised. redirect_uri: string, this is generally set to 'postmessage' to match the redirect_uri that the client specified http: httplib2.Http, optional http instance to use to do the fetch cache: An optional cache service client that implements get() and set() methods. See clientsecrets.loadfile() for details. Returns: An OAuth2Credentials object. Raises: FlowExchangeError if the authorization code cannot be exchanged for an access token UnknownClientSecretsFlowError if the file describes an unknown kind of Flow. clientsecrets.InvalidClientSecretsError if the clientsecrets file is invalid. |
Create a Flow from a clientsecrets file. Will create the right kind of Flow based on the contents of the clientsecrets file or will raise InvalidClientSecretsError for unknown types of Flows. Args: filename: string, File name of client secrets. scope: string or list of strings, scope(s) to request. message: string, A friendly string to display to the user if the clientsecrets file is missing or invalid. If message is provided then sys.exit will be called in the case of an error. If message in not provided then clientsecrets.InvalidClientSecretsError will be raised. cache: An optional cache service client that implements get() and set() methods. See clientsecrets.loadfile() for details. Returns: A Flow object. Raises: UnknownClientSecretsFlowError if the file describes an unknown kind of Flow. clientsecrets.InvalidClientSecretsError if the clientsecrets file is invalid. |
|
ID_TOKEN_VERIFICATON_CERTS
|
Trees | Indices | Help |
---|
Generated by Epydoc 3.0.1 on Fri Aug 3 07:38:25 2012 | http://epydoc.sourceforge.net |