An experiment client with requests-oauthlib #136
Closed
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| endpoint_url='https://api.douban.com/', | ||
| access_token_url='https://www.douban.com/service/auth2/token', | ||
| authorization_url='https://www.douban.com/service/auth2/auth', | ||
| compliance_fixes='.weibo:weibo_compliance_fix') |
There was a problem hiding this comment.
@shonenada has sent a pull request which added the compliance fixes of Douban API to upstream.
tonyseek
changed the title
tonyseek
force-pushed
the
feature/requests-oauthlib
branch
from
b15f4b4 to
7769c0e
Compare
implement the OAuthProperty descriptor. comment the oauth property's implementation. add factory method to get extension state from flask app. And remove the binding of extension state and the app. decouple remote apps from the ext state. remove config_prefix (and use app.name instead). add session class. fix up typo. implement the oauth 1.0a authorization. endpoint_url is optional. implement authorized_response method. wrap the access token response. extract the session factory into mixin class. move client module into its package. extract components into standalone modules. refine the module names. human friendly exception message. remove the mixin classes and use application base class. integrate oauth application with extension. refine the base application class. add example for OAuth 1.0a protocol. implement oauth 2 application with insecure_transport(debug) mode and compliance hooks. add example for OAuth 2 protocol. install deps in travis ci. use douban_compliance_fix in the example file. See also: requests/requests-oauthlib#138 enable the insecure transport in testing mode too. warning for Man-in-the-middle attack in production environment. revise the warning message.
tonyseek
force-pushed
the
feature/requests-oauthlib
branch
from
7769c0e to
ece4d8f
Compare
tonyseek
changed the title
|
The refresh token support in OAuth 2.0 is finished now. @lepture Please review it. Thanks. |
|
Version should not be a required parameter, we can detect it by |
|
Sorry for my tardy response. Is there a reason to infer which version should be used in OAuth instead of defining it directly? In my opinion a explicit version argument is better. Because almost all third API documents specify their OAuth version clearly, and keeping the version argument give us ability to find a appropriate protocol implementation without any explicit condition. |
|
Merged int 85da337 |
|
Thank you. |
# for free
to join this conversation on GitHub.
Already have an account?
# to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Hi @lepture ,
There is an experiment implementation of the OAuth 1.0a/2.0 client, which based on requests-oauthlib.
The testing is poor for now. But the two examples (twitter and douban) work. Could you merge it into trunk without any document description, until I finished the refresh token mechanism and testing?
Thanks.