Name: authlib
Owner: University of Washington Clinical Informatics Research Group
Description: An ambitious authentication library for OAuth 1, OAuth 2, OpenID clients and servers.
Forked from: lepture/authlib
Created: 2018-03-24 00:11:41.0
Updated: 2018-03-24 00:11:43.0
Pushed: 2018-03-24 01:50:27.0
Homepage: https://authlib.org/
Size: 800
Language: Python
GitHub Committers
User | Most Recent Commit | # Commits |
---|
Other Committers
User | Most Recent Commit | # Commits |
---|
Authlib is an ambitious authentication library for OAuth 1, OAuth 2, OpenID clients, servers and more.
Authlib is compatible with Python2.7+ and Python3.5+.
orization_server.register_grant(AuthorizationCodeGrant)
orization_server.register_grant(ImplicitGrant)
orization_server.register_grant(ResourceOwnerPasswordGrant)
orization_server.register_grant(ClientCredentialsGrant)
orization_server.register_grant(RefreshTokenGrant)
orization_server.register_grant(OpenIDCodeGrant)
orization_server.register_grant(OpenIDImplicitGrant)
orization_server.register_grant(OpenIDHybridGrant)
orization_server.register_endpoint(RevocationEndpoint)
orization_server.register_endpoint(IntrospectionEndpoint)
Lovely features that Authlib has built-in:
? RFC5849: The OAuth 1.0 Protocol
? RFC6749: The OAuth 2.0 Authorization Framework
? RFC6750: The OAuth 2.0 Authorization Framework: Bearer Token Usage
? RFC7009: OAuth 2.0 Token Revocation
? RFC7515: JSON Web Signature (JWS)
? RFC7516: JSON Web Encryption (JWE)
JWE implementation is in plan now.
? RFC7517: JSON Web Key (JWK)
? RFC7518: JSON Web Algorithms (JWA)
? RFC7519: JSON Web Token (JWT)
JWT shares the same interface with JWS. Besides that, JWT has payload claims validation.
? RFC7521: Assertion Framework for OAuth 2.0 Client Authentication and Authorization Grants
RFC7521 implementation is in plan.
? RFC7522: Security Assertion Markup Language (SAML) 2.0 Profile for OAuth 2.0 Client Authentication and Authorization Grants
RFC7522 implementation is in plan.
? RFC7523: JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication and Authorization Grants
RFC7523 implementation is in plan.
? RFC7591: OAuth 2.0 Dynamic Client Registration Protocol
RFC7591 implementation is in plan. However, Flask SQLAlchemy ClientMixin is designed based on it.
? RFC7592: OAuth 2.0 Dynamic Client Registration Management Protocol
RFC7592 implementation is in plan.
? RFC7636: Proof Key for Code Exchange by OAuth Public Clients
RFC7636 implementation is in plan.
? RFC7662: OAuth 2.0 Token Introspection
? OpenID Connect 1.0
? OpenID Connect Discovery 1.0
Developers can create a JSON file himself.
And more will be added.
Framework integrations with current specification implementations:
If you found security bugs which can not be public, please send me email at me@lepture.com. Attachment with patch is welcome. My PGP Key fingerprint is:
E895 A70C EBDF 4F2A DFE0 7E55 E3E0 118B 2B4C
You can also find it at https://keybase.io/lepture.
Authlib is licensed under LGPLv3. Please see LICENSE for licensing details.
If this license does not fit your company, consider to purchase a commercial license.
Find more information on https://authlib.org/support#commercial-license