Which OAuth library?

Roland Hedberg roland.hedberg at adm.umu.se
Tue Sep 2 12:15:51 CEST 2014


14 aug 2014 kl. 19:54 skrev Chris “Kwpolska” Warrick <kwpolska at gmail.com>:

> On 14 August 2014 18:51 "Richard Prosser" <ebizbytes at gmail.com> wrote:
> >
> > I "need" one for use with Flask, as I don't really have time to implement my own.
> 
> You should not implement things on your own if there are existing and same implementations.
> 
> > Initially this will be for the "Two-Legged" case but I may well have to support the "Three-Legged" version later on. "Open ID Connect" may also be an option eventually.
> >
> > The basic idea is to provide an authorization/authentication service in a fairly conventional manner. My boss has told me to use OAuth, probably because he has experience with it and also to allow for third-party transactions.
> >
> > However it is not clear to me how I should decide between the various packages on offer. Any advice from experienced/informed users would be very welcome.

I’m responsible for one implementation (pyoidc) that is primary a OpenID connect implementation.
But since OpenID Connect is a profile of OAuth2 it will work in an OAuth2 context too.

This implementation is special in that it’s the de facto reference implementation for OpenID Connect.
It’s that, due to the fact that I’ve built the OpenID Connect test suit which most today available
OpenID Provider implementations have verified themselves against.

— Roland

”Being able to think like a child is an important attribute of being an adult” - Eddie Izzard




More information about the Python-list mailing list