OAuth

class moxie.oauth.services.OAuth1Service(oauth_endpoint, client_identifier, client_secret, request_token_path='request_token', access_token_path='access_token', authorize_path='authorize')

Enables using 3-legged authentication with OAuth v1 the Moxie client handles making actual redirections and user interactions.

Note

OAuth1 terminology varies, between the original spec and the formal RFC the terminology is far from consistent. We have tried to follow the RFC where possible however, we use requests.auth which uses differing terminology.

Parameters:
  • oauth_endpoint – URL of the form http://service.foo/oauth/
  • client_identifier – Client token identifier.
  • client_secret – Shared secret paired with the above identifier.
authorization_url(token_param='oauth_token', callback_uri=None)

Convenience method to both generate a new temporary credential and return a URL where a user can continue the OAuth workflow authentication. Always generates new temporary credentials.

authorized

Returns True if resource owner credentials are available.

refresh_temporary_credentials(callback_uri=None)

Requests new temporary credentials from the OAuth server.

Parameters:callback_uri – the request is (optionally) signed with this URL and the user should be redirected back here upon completing the OAuth workflow.
signer

Returns a OAuth1 object which can be used to sign http requests bound for protected resources:

oa = OAuth1Service('http://private.foo/oauth', 'private', 'key')
requests.get('http://private.foo/private_resource', auth=oa.signer)
verify(verifier)

Sends a signed request to the OAuth server trading in your temporary credentials for access credentials these can be used to sign requests for the users protected resources.

Parameters:verifier – Verification code passed from the OAuth server through the users OAuth workflow. Can be either passed in a redirect or the user could be instructed to copy it over.
class moxie.oauth.services.OAuthCredential(key)

Descriptor for caching our OAuth credentials in a user session. Only if one is available. Caches on the OAuth1Service object in an attribute named by OAuthCredential.credential_store