Security News
Maven Central Adds Sigstore Signature Validation
Maven Central now validates Sigstore signatures, making it easier for developers to verify the provenance of Java packages.
By Sarah Gooding - Feb 06, 2025
New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
- Maintainers
- 1
oauth2-cli-auth
Authenticate against OAuth2 Provider in Python CLIs
Features
- Simple
- Fancy callback page
Requirements
- Python 3.9+
Installation
pip install oauth2-cli-auth
Usage
Simple with OIDC well known configuration endpoint
This should work for every provider supporting OIDC e.g. gitlab.com:
from oauth2_cli_auth import get_access_token_with_browser_open, OAuth2ClientInfo
client_info = OAuth2ClientInfo.from_oidc_endpoint(
"https://gitlab.com/.well-known/openid-configuration",
client_id="my-client-id",
scopes=["openid"]
)
try:
token = get_access_token_with_browser_open(client_info)
print(f"Obtained token '{token}'")
except ValueError:
print("Failed to obtain token")
Simple with manual endpoint specification
The following should work for almost all use cases, for rest please check the lib docs.
from oauth2_cli_auth import get_access_token_with_browser_open, OAuth2ClientInfo
client_info = OAuth2ClientInfo(
client_id="<clientId>",
authorization_url="<authorizeUrl>",
token_url="<TokenUrl>",
scopes=["scopeA", "scopeB"]
)
try:
token = get_access_token_with_browser_open(client_info)
print(f"Obtained token '{token}'")
except ValueError:
print("Failed to obtain token")
Motivation
Building oauth2 integration for Python apps come quite handy, especially with Gitlab integration etc.
It is a bit cumbersome to do it manually everytime, existing solutions are way to overkill to put on this problem. So I created this small library without any dependencies besides the python standard library.
Documentation
Contributing
I love your input! I want to make contributing to this project as easy and transparent as possible, whether it's:
- Reporting a bug
- Discussing the current state of the configuration
- Submitting a fix
- Proposing new features
- Becoming a maintainer
To get started please read the Contribution Guidelines.
Development
Requirements
- Python 3.9+
- pre-commit
- Poetry
Test
poetry run pytest .
Build
poetry install
FAQs
Authenticate against OAuth2 Provider in Python CLIs
We found that oauth2-cli-auth demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
38% of CISOs Fear They’re Not Moving Fast Enough on AI
CISOs are racing to adopt AI for cybersecurity, but hurdles in budgets and governance may leave some falling behind in the fight against cyber threats.
By Sarah Gooding - Feb 04, 2025
Research
Security News
Go Supply Chain Attack: Malicious Package Exploits Go Module Proxy Caching for Persistence
Socket researchers uncovered a backdoored typosquat of BoltDB in the Go ecosystem, exploiting Go Module Proxy caching to persist undetected for years.
By Kirill Boychenko - Feb 04, 2025