Security News
MCP Community Begins Work on Official MCP Metaregistry
The MCP community is launching an official registry to standardize AI tool discovery and let agents dynamically find and install MCP servers.
By Sarah Gooding - May 09, 2025
🚀 Big News: Socket Acquires Coana to Bring Reachability Analysis to Every Appsec Team.Learn more →
- Maintainers
- 1
oauth2-cli-auth
Authenticate against OAuth2 Provider in Python CLIs
Features
- Simple
- Fancy callback page
Requirements
- Python 3.9+
Installation
pip install oauth2-cli-auth
Usage
Simple with OIDC well known configuration endpoint
This should work for every provider supporting OIDC e.g. gitlab.com:
from oauth2_cli_auth import get_access_token_with_browser_open, OAuth2ClientInfo
client_info = OAuth2ClientInfo.from_oidc_endpoint(
"https://gitlab.com/.well-known/openid-configuration",
client_id="my-client-id",
scopes=["openid"]
)
try:
token = get_access_token_with_browser_open(client_info)
print(f"Obtained token '{token}'")
except ValueError:
print("Failed to obtain token")
Simple with manual endpoint specification
The following should work for almost all use cases, for rest please check the lib docs.
from oauth2_cli_auth import get_access_token_with_browser_open, OAuth2ClientInfo
client_info = OAuth2ClientInfo(
client_id="<clientId>",
authorization_url="<authorizeUrl>",
token_url="<TokenUrl>",
scopes=["scopeA", "scopeB"]
)
try:
token = get_access_token_with_browser_open(client_info)
print(f"Obtained token '{token}'")
except ValueError:
print("Failed to obtain token")
Motivation
Building oauth2 integration for Python apps come quite handy, especially with Gitlab integration etc.
It is a bit cumbersome to do it manually everytime, existing solutions are way to overkill to put on this problem. So I created this small library without any dependencies besides the python standard library.
Documentation
Contributing
I love your input! I want to make contributing to this project as easy and transparent as possible, whether it's:
- Reporting a bug
- Discussing the current state of the configuration
- Submitting a fix
- Proposing new features
- Becoming a maintainer
To get started please read the Contribution Guidelines.
Development
Requirements
- Python 3.9+
- pre-commit
- Poetry
Test
poetry run pytest .
Build
poetry install
FAQs
Authenticate against OAuth2 Provider in Python CLIs
We found that oauth2-cli-auth demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Security News
Malicious npm Packages Use Telegram to Exfiltrate BullX Credentials
Socket uncovers an npm Trojan stealing crypto wallets and BullX credentials via obfuscated code and Telegram exfiltration.
By Kush Pandya - May 08, 2025
Research
Security News
Backdooring the IDE: Malicious npm Packages Hijack Cursor Editor on macOS
Malicious npm packages posing as developer tools target macOS Cursor IDE users, stealing credentials and modifying files to gain persistent backdoor access.
By Kirill Boychenko - May 07, 2025