This is an example of OAuth 2 Server.
Find more details on http://lepture.com/en/2013/create-oauth-server
The OAuth 2.0 Authorization Framework is described by rfc6749
+--------+ +---------------+
| |--(A)- Authorization Request ->| Resource |
| | | Owner |
| |<-(B)-- Authorization Grant ---| |
| | +---------------+
| |
| | +---------------+
| |--(C)-- Authorization Grant -->| Authorization |
| Client | | Server |
| |<-(D)----- Access Token -------| |
| | +---------------+
| |
| | +---------------+
| |--(E)----- Access Token ------>| Resource |
| | | Server |
| |<-(F)--- Protected Resource ---| |
+--------+ +---------------+
$ pip install -r requirements.txt
-
Start your provider server with:
$ python app.py -
Visit http://127.0.0.1:5000/ and fill a username.
At the database level this translates into adding a row to the user table:
-
And then visit http://127.0.0.1:5000/client
At the database level this translates into adding a row to the client table:
-
Take the client key and client secret, and modify our client.py script with the key and secret. Specifically update
CLIENT_IDandCLIENT_SECRETvariables on lines 5-6. These two strings are used to initialize theoauth.remote_appobject used by the client code. -
Start the client server with:
$ python client.py -
Visit http://localhost:8000. This page will redirect us to the server to authorize the client and when we click "yes" we are redirected back to the client which now has a pair of access token and secret.
At the database level this translates into adding a row to the token table:
-
Finally, if you visit http://localhost:8000 you can access the authorized data:
