Mixins for Class Based Views

class oauth2_provider.views.mixins.ClientProtectedResourceMixin

Mixin for protecting resources with client authentication as mentioned in rfc:3.2.1 This involves authenticating with any of: HTTP Basic Auth, Client Credentials and Access token in that order. Breaks off after first validation.

class oauth2_provider.views.mixins.OAuthLibMixin

This mixin decouples Django OAuth Toolkit from OAuthLib.

Users can configure the Server, Validator and OAuthlibCore classes used by this mixin by setting the following class variables:

  • server_class
  • validator_class
  • oauthlib_backend_class

  • authenticate_client(request)

    Returns a boolean representing if client is authenticated with client credentials method. Returns True if authenticated.

    Parameters:request – The current django.http.HttpRequest object

  • create_authorization_response(request, scopes, credentials, allow)

    A wrapper method that calls create_authorization_response on server_class instance.

    Parameters:
    • request – The current django.http.HttpRequest object
    • scopes – A space-separated string of provided scopes
    • credentials – Authorization credentials dictionary containing client_id, state, redirect_uri, response_type
    • allow – True if the user authorize the client, otherwise False

  • create_revocation_response(request)

    A wrapper method that calls create_revocation_response on the server_class instance.

    Parameters:request – The current django.http.HttpRequest object

  • create_token_response(request)

    A wrapper method that calls create_token_response on server_class instance.

    Parameters:request – The current django.http.HttpRequest object

  • error_response(error, **kwargs)

    Return an error to be displayed to the resource owner if anything goes awry.

    Parameters:errorOAuthToolkitError

  • classmethod get_oauthlib_backend_class()

    Return the OAuthLibCore implementation class to use

  • classmethod get_oauthlib_core()

    Cache and return OAuthlibCore instance so it will be created only on first request

  • get_scopes()

    This should return the list of scopes required to access the resources. By default it returns an empty list.

  • classmethod get_server()

    Return an instance of server_class initialized with a validator_class object

  • classmethod get_server_class()

    Return the OAuthlib server class to use

  • classmethod get_validator_class()

    Return the RequestValidator implementation class to use

  • validate_authorization_request(request)

    A wrapper method that calls validate_authorization_request on server_class instance.

    Parameters:request – The current django.http.HttpRequest object

  • verify_request(request)

    A wrapper method that calls verify_request on server_class instance.

    Parameters:request – The current django.http.HttpRequest object

class oauth2_provider.views.mixins.ProtectedResourceMixin

Helper mixin that implements OAuth2 protection on request dispatch, specially useful for Django Generic Views

class oauth2_provider.views.mixins.ReadWriteScopedResourceMixin

Helper mixin that implements “read and write scopes” behavior

  • get_scopes(args, kwargs*)

    Return the scopes needed to access the resource

    Parameters:args – Support scopes injections from the outside (not yet implemented)

class oauth2_provider.views.mixins.ScopedResourceMixin

Helper mixin that implements “scopes handling” behaviour

  • get_scopes(args, kwargs*)

    Return the scopes needed to access the resource

    Parameters:args – Support scopes injections from the outside (not yet implemented)