Shortcuts on this page
r m x toggle line displays
j k next/prev highlighted chunk
0 (zero) top of page
1 (one) first highlighted chunk
1"""
2oauthlib.oauth2.rfc6749.endpoints.pre_configured
3~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
5This module is an implementation of various endpoints needed
6for providing OAuth 2.0 RFC6749 servers.
7"""
9from ..grant_types import (
10 AuthorizationCodeGrant,
11 ClientCredentialsGrant,
12 ImplicitGrant,
13 RefreshTokenGrant,
14 ResourceOwnerPasswordCredentialsGrant,
15)
16from ..tokens import BearerToken
17from .authorization import AuthorizationEndpoint
18from .introspect import IntrospectEndpoint
19from .resource import ResourceEndpoint
20from .revocation import RevocationEndpoint
21from .token import TokenEndpoint
22from oauthlib.oauth2.rfc8628.grant_types import DeviceCodeGrant
25class Server(
26 AuthorizationEndpoint, IntrospectEndpoint, TokenEndpoint, ResourceEndpoint, RevocationEndpoint
27):
28 """
29 An all-in-one endpoint featuring all four major grant types
30 and extension grants.
31 """
33 def __init__(
34 self,
35 request_validator,
36 token_expires_in=None,
37 token_generator=None,
38 refresh_token_generator=None,
39 *args,
40 **kwargs,
41 ):
42 """Construct a new all-grants-in-one server.
44 :param request_validator: An implementation of
45 oauthlib.oauth2.RequestValidator.
46 :param token_expires_in: An int or a function to generate a token
47 expiration offset (in seconds) given a
48 oauthlib.common.Request object.
49 :param token_generator: A function to generate a token from a request.
50 :param refresh_token_generator: A function to generate a token from a
51 request for the refresh token.
52 :param kwargs: Extra parameters to pass to authorization-,
53 token-, resource-, and revocation-endpoint constructors.
54 """
55 self.auth_grant = AuthorizationCodeGrant(request_validator)
56 self.implicit_grant = ImplicitGrant(request_validator)
57 self.password_grant = ResourceOwnerPasswordCredentialsGrant(request_validator)
58 self.credentials_grant = ClientCredentialsGrant(request_validator)
59 self.refresh_grant = RefreshTokenGrant(request_validator)
60 self.device_code_grant = DeviceCodeGrant(request_validator, **kwargs)
62 self.bearer = BearerToken(
63 request_validator, token_generator, token_expires_in, refresh_token_generator
64 )
66 AuthorizationEndpoint.__init__(
67 self,
68 default_response_type="code",
69 response_types={
70 "code": self.auth_grant,
71 "token": self.implicit_grant,
72 "none": self.auth_grant,
73 },
74 default_token_type=self.bearer,
75 )
77 TokenEndpoint.__init__(
78 self,
79 default_grant_type="authorization_code",
80 grant_types={
81 "authorization_code": self.auth_grant,
82 "password": self.password_grant,
83 "client_credentials": self.credentials_grant,
84 "refresh_token": self.refresh_grant,
85 "urn:ietf:params:oauth:grant-type:device_code": self.device_code_grant,
86 },
87 default_token_type=self.bearer,
88 )
89 ResourceEndpoint.__init__(
90 self, default_token="Bearer", token_types={"Bearer": self.bearer}
91 )
92 RevocationEndpoint.__init__(self, request_validator)
93 IntrospectEndpoint.__init__(self, request_validator)
96class WebApplicationServer(
97 AuthorizationEndpoint, IntrospectEndpoint, TokenEndpoint, ResourceEndpoint, RevocationEndpoint
98):
99 """An all-in-one endpoint featuring Authorization code grant and Bearer tokens."""
101 def __init__(
102 self,
103 request_validator,
104 token_generator=None,
105 token_expires_in=None,
106 refresh_token_generator=None,
107 **kwargs,
108 ):
109 """Construct a new web application server.
111 :param request_validator: An implementation of
112 oauthlib.oauth2.RequestValidator.
113 :param token_expires_in: An int or a function to generate a token
114 expiration offset (in seconds) given a
115 oauthlib.common.Request object.
116 :param token_generator: A function to generate a token from a request.
117 :param refresh_token_generator: A function to generate a token from a
118 request for the refresh token.
119 :param kwargs: Extra parameters to pass to authorization-,
120 token-, resource-, and revocation-endpoint constructors.
121 """
122 self.auth_grant = AuthorizationCodeGrant(request_validator)
123 self.refresh_grant = RefreshTokenGrant(request_validator)
124 self.bearer = BearerToken(
125 request_validator, token_generator, token_expires_in, refresh_token_generator
126 )
127 AuthorizationEndpoint.__init__(
128 self,
129 default_response_type="code",
130 response_types={"code": self.auth_grant},
131 default_token_type=self.bearer,
132 )
133 TokenEndpoint.__init__(
134 self,
135 default_grant_type="authorization_code",
136 grant_types={
137 "authorization_code": self.auth_grant,
138 "refresh_token": self.refresh_grant,
139 },
140 default_token_type=self.bearer,
141 )
142 ResourceEndpoint.__init__(
143 self, default_token="Bearer", token_types={"Bearer": self.bearer}
144 )
145 RevocationEndpoint.__init__(self, request_validator)
146 IntrospectEndpoint.__init__(self, request_validator)
149class MobileApplicationServer(
150 AuthorizationEndpoint, IntrospectEndpoint, ResourceEndpoint, RevocationEndpoint
151):
152 """An all-in-one endpoint featuring Implicit code grant and Bearer tokens."""
154 def __init__(
155 self,
156 request_validator,
157 token_generator=None,
158 token_expires_in=None,
159 refresh_token_generator=None,
160 **kwargs,
161 ):
162 """Construct a new implicit grant server.
164 :param request_validator: An implementation of
165 oauthlib.oauth2.RequestValidator.
166 :param token_expires_in: An int or a function to generate a token
167 expiration offset (in seconds) given a
168 oauthlib.common.Request object.
169 :param token_generator: A function to generate a token from a request.
170 :param refresh_token_generator: A function to generate a token from a
171 request for the refresh token.
172 :param kwargs: Extra parameters to pass to authorization-,
173 token-, resource-, and revocation-endpoint constructors.
174 """
175 self.implicit_grant = ImplicitGrant(request_validator)
176 self.bearer = BearerToken(
177 request_validator, token_generator, token_expires_in, refresh_token_generator
178 )
179 AuthorizationEndpoint.__init__(
180 self,
181 default_response_type="token",
182 response_types={"token": self.implicit_grant},
183 default_token_type=self.bearer,
184 )
185 ResourceEndpoint.__init__(
186 self, default_token="Bearer", token_types={"Bearer": self.bearer}
187 )
188 RevocationEndpoint.__init__(
189 self, request_validator, supported_token_types=["access_token"]
190 )
191 IntrospectEndpoint.__init__(
192 self, request_validator, supported_token_types=["access_token"]
193 )
196class LegacyApplicationServer(
197 TokenEndpoint, IntrospectEndpoint, ResourceEndpoint, RevocationEndpoint
198):
199 """An all-in-one endpoint featuring Resource Owner Password Credentials grant and Bearer tokens."""
201 def __init__(
202 self,
203 request_validator,
204 token_generator=None,
205 token_expires_in=None,
206 refresh_token_generator=None,
207 **kwargs,
208 ):
209 """Construct a resource owner password credentials grant server.
211 :param request_validator: An implementation of
212 oauthlib.oauth2.RequestValidator.
213 :param token_expires_in: An int or a function to generate a token
214 expiration offset (in seconds) given a
215 oauthlib.common.Request object.
216 :param token_generator: A function to generate a token from a request.
217 :param refresh_token_generator: A function to generate a token from a
218 request for the refresh token.
219 :param kwargs: Extra parameters to pass to authorization-,
220 token-, resource-, and revocation-endpoint constructors.
221 """
222 self.password_grant = ResourceOwnerPasswordCredentialsGrant(request_validator)
223 self.refresh_grant = RefreshTokenGrant(request_validator)
224 self.bearer = BearerToken(
225 request_validator, token_generator, token_expires_in, refresh_token_generator
226 )
227 TokenEndpoint.__init__(
228 self,
229 default_grant_type="password",
230 grant_types={
231 "password": self.password_grant,
232 "refresh_token": self.refresh_grant,
233 },
234 default_token_type=self.bearer,
235 )
236 ResourceEndpoint.__init__(
237 self, default_token="Bearer", token_types={"Bearer": self.bearer}
238 )
239 RevocationEndpoint.__init__(self, request_validator)
240 IntrospectEndpoint.__init__(self, request_validator)
243class BackendApplicationServer(
244 TokenEndpoint, IntrospectEndpoint, ResourceEndpoint, RevocationEndpoint
245):
246 """An all-in-one endpoint featuring Client Credentials grant and Bearer tokens."""
248 def __init__(
249 self,
250 request_validator,
251 token_generator=None,
252 token_expires_in=None,
253 refresh_token_generator=None,
254 **kwargs,
255 ):
256 """Construct a client credentials grant server.
258 :param request_validator: An implementation of
259 oauthlib.oauth2.RequestValidator.
260 :param token_expires_in: An int or a function to generate a token
261 expiration offset (in seconds) given a
262 oauthlib.common.Request object.
263 :param token_generator: A function to generate a token from a request.
264 :param refresh_token_generator: A function to generate a token from a
265 request for the refresh token.
266 :param kwargs: Extra parameters to pass to authorization-,
267 token-, resource-, and revocation-endpoint constructors.
268 """
269 self.credentials_grant = ClientCredentialsGrant(request_validator)
270 self.bearer = BearerToken(
271 request_validator, token_generator, token_expires_in, refresh_token_generator
272 )
273 TokenEndpoint.__init__(
274 self,
275 default_grant_type="client_credentials",
276 grant_types={"client_credentials": self.credentials_grant},
277 default_token_type=self.bearer,
278 )
279 ResourceEndpoint.__init__(
280 self, default_token="Bearer", token_types={"Bearer": self.bearer}
281 )
282 RevocationEndpoint.__init__(
283 self, request_validator, supported_token_types=["access_token"]
284 )
285 IntrospectEndpoint.__init__(
286 self, request_validator, supported_token_types=["access_token"]
287 )