-
-
Notifications
You must be signed in to change notification settings - Fork 421
OAuthlib support for Python-Requests!
License
requests/requests-oauthlib
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Folders and files
Name | Name | Last commit message | Last commit date | |
---|---|---|---|---|
Repository files navigation
Requests-OAuthlib |build-status| |coverage-status| |docs| ========================================================= This project provides first-class OAuth library support for `Requests <https://requests.readthedocs.io>`_. The OAuth 1 workflow -------------------- OAuth 1 can seem overly complicated and it sure has its quirks. Luckily, requests_oauthlib hides most of these and lets you focus on the task at hand. Accessing protected resources using requests_oauthlib is as simple as: .. code-block:: pycon >>> from requests_oauthlib import OAuth1Session >>> twitter = OAuth1Session('client_key', client_secret='client_secret', resource_owner_key='resource_owner_key', resource_owner_secret='resource_owner_secret') >>> url = 'https://api.twitter.com/1/account/settings.json' >>> r = twitter.get(url) Before accessing resources you will need to obtain a few credentials from your provider (e.g. Twitter) and authorization from the user for whom you wish to retrieve resources. You can read all about this in the full `OAuth 1 workflow guide on RTD <https://requests-oauthlib.readthedocs.io/en/latest/oauth1_workflow.html>`_. The OAuth 2 workflow -------------------- OAuth 2 is generally simpler than OAuth 1 but comes in more flavours. The most common being the Authorization Code Grant, also known as the WebApplication flow. Fetching a protected resource after obtaining an access token can be extremely simple. However, before accessing resources you will need to obtain a few credentials from your provider (e.g. Google) and authorization from the user for whom you wish to retrieve resources. You can read all about this in the full `OAuth 2 workflow guide on RTD <https://requests-oauthlib.readthedocs.io/en/latest/oauth2_workflow.html>`_. Installation ------------ To install requests and requests_oauthlib you can use pip: .. code-block:: bash pip install requests requests-oauthlib .. |build-status| image:: https://github.com/requests/requests-oauthlib/actions/workflows/run-tests.yml/badge.svg :target: https://github.com/requests/requests-oauthlib/actions .. |coverage-status| image:: https://img.shields.io/coveralls/requests/requests-oauthlib.svg :target: https://coveralls.io/r/requests/requests-oauthlib .. |docs| image:: https://readthedocs.org/projects/requests-oauthlib/badge/ :alt: Documentation Status :scale: 100% :target: https://requests-oauthlib.readthedocs.io/ Advanced Configurations ----------------------- Logger Configuration Framework ------------------------------ `requests-oauthlib` now includes a flexible framework for applying custom filters and configurations to the logger, enhancing control over logging behavior and improving security. Custom Filters -------------- - **Debug Mode Token Filter**: To enhance security and provide more control over logging of sensitive information, requests-oauthlib introduces the Debug Mode Token Filter. This feature is controlled via the DEBUG_MODE_TOKEN_FILTER environment variable, allowing the suppression or masking of sensitive data in logs. Configuring the Debug Mode Token Filter --------------------------------------- - **Environment Variable**: `REQUESTS_OAUTHLIB_DEBUG_MODE_TOKEN_FILTER` - **Options**: - `DEFAULT`: No alteration to logging behavior. - `MASK`: Masks sensitive tokens in logs. - `SUPPRESS`: Prevents logging of potentially sensitive information. (logger ignores these logs entirely)
About
OAuthlib support for Python-Requests!