CtrlK
BlogDocsLog inGet started
Tessl Logo

tessl/pypi-oauth2

A Python OAuth 1.0 library providing comprehensive authentication, signing, and client capabilities.

Pending
Quality

Pending

Does it follow best practices?

Impact

Pending

No eval scenarios have been run

SecuritybySnyk

Pending

The risk profile of this skill

Overview
Eval results
Files

index.mddocs/

OAuth2

A comprehensive Python library for OAuth 1.0 authentication that provides consumer management, token handling, request signing, HTTP client functionality, and server-side verification. This library is fully compatible with Python 2.6, 2.7, 3.3, and 3.4, offering a clean API design that extends beyond basic OAuth to include specialized clients for SMTP and IMAP protocols.

Package Information

  • Package Name: oauth2
  • Language: Python
  • Installation: pip install oauth2
  • Dependencies: httplib2

Core Imports

import oauth2

Common patterns:

from oauth2 import Consumer, Token, Request, Client, Server
from oauth2 import SignatureMethod_HMAC_SHA1, SignatureMethod_PLAINTEXT

For protocol-specific clients:

from oauth2.clients.imap import IMAP4_SSL
from oauth2.clients.smtp import SMTP

Basic Usage

import oauth2

# 1. Create consumer with your app credentials
consumer = oauth2.Consumer(
    key="your_consumer_key",
    secret="your_consumer_secret"
)

# 2. Create access token (obtained from OAuth flow)
token = oauth2.Token(
    key="user_access_token", 
    secret="user_access_token_secret"
)

# 3. Make authenticated HTTP requests
client = oauth2.Client(consumer, token)
response, content = client.request(
    uri="https://api.example.com/protected_resource",
    method="GET"
)

# 4. Or manually sign requests
request = oauth2.Request.from_consumer_and_token(
    consumer=consumer,
    token=token,
    http_method="GET",
    http_url="https://api.example.com/protected_resource"
)

# Sign with HMAC-SHA1 (default)
signature_method = oauth2.SignatureMethod_HMAC_SHA1()
request.sign_request(signature_method, consumer, token)

# Get signed authorization header
auth_header = request.to_header()

Architecture

The library follows a modular design with distinct responsibilities:

  • Consumer/Token: Credential management and OAuth parameter handling
  • Request: Parameter collection, normalization, and signing coordination
  • Signature Methods: Pluggable signing algorithms (HMAC-SHA1, PLAINTEXT)
  • Client: HTTP wrapper with automatic request signing via httplib2
  • Server: Request verification for service providers
  • Protocol Extensions: Specialized clients for SMTP/IMAP with XOAUTH support

Capabilities

Core OAuth Operations

Essential OAuth 1.0 functionality including consumer and token management, request construction, parameter normalization, and signature generation using HMAC-SHA1 or PLAINTEXT methods.

class Consumer:
    def __init__(self, key: str, secret: str): ...

class Token:
    def __init__(self, key: str, secret: str): ...
    def set_callback(self, callback: str): ...
    def set_verifier(self, verifier: str = None): ...

class Request(dict):
    def __init__(self, method: str = 'GET', url: str = None, parameters: dict = None, body: bytes = b'', is_form_encoded: bool = False): ...
    def sign_request(self, signature_method, consumer, token): ...

Core OAuth Operations

HTTP Client

Automated OAuth-enabled HTTP client that extends httplib2 to handle request signing transparently, supporting all HTTP methods with proper OAuth authorization headers.

class Client:
    def __init__(self, consumer, token=None, **kwargs): ...
    def request(self, uri: str, method: str = "GET", body: bytes = b'', headers: dict = None) -> tuple: ...

HTTP Client

Server Verification

Server-side OAuth request verification for service providers, including signature validation, timestamp checking, and parameter extraction with support for multiple signature methods.

class Server:
    def __init__(self, signature_methods: dict = None): ...
    def verify_request(self, request, consumer, token) -> dict: ...
    def add_signature_method(self, signature_method): ...

Server Verification

Client Extensions

Protocol-specific OAuth clients for SMTP and IMAP that provide XOAUTH authentication support, extending standard Python email clients with OAuth capabilities.

class IMAP4_SSL:
    def authenticate(self, url: str, consumer, token): ...

class SMTP:
    def authenticate(self, url: str, consumer, token): ...

Client Extensions

Exception Handling

class Error(RuntimeError):
    def __init__(self, message: str = 'OAuth error occurred.'): ...

class MissingSignature(Error):
    pass

Common exceptions include signature validation failures, missing required parameters, expired timestamps, and invalid consumer/token credentials.

Constants and Version Information

OAUTH_VERSION = '1.0'  # OAuth protocol version
HTTP_METHOD = 'GET'    # Default HTTP method
SIGNATURE_METHOD = 'PLAINTEXT'  # Default signature method

__version__  # Package version information

String Handling Utilities

def to_unicode(s) -> str:
    """Convert string to unicode, handling encoding properly."""

def to_utf8(s) -> bytes:
    """Convert string to UTF-8 bytes."""

def to_unicode_if_string(s):
    """Convert to unicode if string, otherwise return unchanged."""

def to_utf8_if_string(s):
    """Convert to UTF-8 if string, otherwise return unchanged."""

docs

client-extensions.md

http-client.md

index.md

oauth-core.md

server-verification.md

tile.json