Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Implement 0-legged oauth1 #215

Open
wants to merge 5 commits into
base: master
Choose a base branch
from
Open

Implement 0-legged oauth1 #215

wants to merge 5 commits into from

Conversation

Ryan-K
Copy link
Contributor

@Ryan-K Ryan-K commented Jun 5, 2015

After several iterations, this is the cleanest implementation I've found to add support for oauth1 requests that do not include an access token. There are many cases when you an endpoint does not contain any user specific data, but it should still be restricted to known clients and not made public.

I've used this extensively in production environments and updated the documentation, but haven't run the sample code I threw into there. This does introduce one more lint error (for a line that's too long by 1 character) and adds one more untested line of code to the coverage report since I didn't add any tests for this.

The only thing to note is that the realms parameter is only applicable to access tokens. So, when require_user is false, the realms defined on the client is not compared to the realms defined in the require_oauth decorator. This should probably be explained in the docs or code should be added to validate the client has access to the specified realms. I don't use realms heavily in my applications, so I'm not sure what the desired behavior is.

@lepture
Copy link
Owner

lepture commented Jun 1, 2016

@Ryan-K Sorry for the delay. Could you add a test case for it?

BTW, it is the test_oauth1 directory.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants