Just a few days ago, I had a pretty long geektalk with Dondy about OAuth. He wanted to talk about which OAuth version is best for his needs. Long story short, the answer was OAuth 1.0. He was the one who ‘introduced’ me into Python and I instantly got an itch to have a try in building an OAuth 1.0 Provider in Python.
First of all, I have no plans at the moment to support 3 legged authentications. I want to just go out there and code, make it work and refactor later to support things that are not supported initially.
The purpose of this provider is so that anyone can extends everything easily while still maintaining compatibility with RFC5849. At the current v0.1.1 version, the only available URI is
‘oauth/access_token’. This is to get XAuth working first. To provide authentication, modify or extend
_verify_xauth_credentials and suit your needs.
The next step is to abstract and provide decorators to initialize the provider in Flask.
Why Redis? Because Redis is unmatched in performance with atomic CRUDs. It’s lightning fast, CPU friendly and it’s basically a key/value store.
I am still new to Python, would love for some best practice pointers with the project. Forks and Pull Requests are welcomed.
The source code is available here at https://github.com/tistaharahap/oauth1-provider-redis-py
A test using Urbanesia’s OAuthnesia for Python is imported below.