API References of Django OAuth 2.0 Server¶
This part of the documentation covers the interface of Django OAuth 2.0 Server.
- class authlib.integrations.django_oauth2.AuthorizationServer(client_model, token_model)¶
Django implementation of
authlib.oauth2.rfc6749.AuthorizationServer
. Initialize it with client model and token model:from authlib.integrations.django_oauth2 import AuthorizationServer from your_project.models import OAuth2Client, OAuth2Token server = AuthorizationServer(OAuth2Client, OAuth2Token)
- create_authorization_response(request=None, grant_user=None)¶
Validate authorization request and create authorization response.
- Parameters:
request – HTTP request instance.
grant_user – if granted, it is resource owner. If denied, it is None.
- Returns:
Response
- create_endpoint_response(name, request=None)¶
Validate endpoint request and create endpoint response.
- Parameters:
name – Endpoint name
request – HTTP request instance.
- Returns:
Response
- create_token_response(request=None)¶
Validate token request and create token response.
- Parameters:
request – HTTP request instance
- get_consent_grant(request=None, end_user=None)¶
Validate current HTTP request for authorization page. This page is designed for resource owner to grant or deny the authorization.
- register_endpoint(endpoint_cls)¶
Add extra endpoint to authorization server. e.g. RevocationEndpoint:
authorization_server.register_endpoint(RevocationEndpoint)
- Parameters:
endpoint_cls – A endpoint class
- register_grant(grant_cls, extensions=None)¶
Register a grant class into the endpoint registry. Developers can implement the grants in
authlib.oauth2.rfc6749.grants
and register with this method:class AuthorizationCodeGrant(grants.AuthorizationCodeGrant): def authenticate_user(self, credential): # ... authorization_server.register_grant(AuthorizationCodeGrant)
- Parameters:
grant_cls – a grant class.
extensions – extensions for the grant class.
- class authlib.integrations.django_oauth2.ResourceProtector¶
- acquire_token(request, scopes=None)¶
A method to acquire current valid token with the given scope.
- Parameters:
request – Django HTTP request instance
scopes – a list of scope values
- Returns:
token object
- class authlib.integrations.django_oauth2.BearerTokenValidator(token_model, realm=None, **extra_attributes)¶
- authenticate_token(token_string)¶
A method to query token from database with the given token string. Developers MUST re-implement this method. For instance:
def authenticate_token(self, token_string): return get_token_from_database(token_string)
- Parameters:
token_string – A string to represent the access_token.
- Returns:
token
- class authlib.integrations.django_oauth2.RevocationEndpoint(server)¶
The revocation endpoint for OAuth authorization servers allows clients to notify the authorization server that a previously obtained refresh or access token is no longer needed.
Register it into authorization server, and create token endpoint response for token revocation:
from django.views.decorators.http import require_http_methods # see register into authorization server instance server.register_endpoint(RevocationEndpoint) @require_http_methods(["POST"]) def revoke_token(request): return server.create_endpoint_response( RevocationEndpoint.ENDPOINT_NAME, request )
- query_token(token, token_type_hint)¶
Query requested token from database.
- revoke_token(token, request)¶
Mark the give token as revoked.
- authlib.integrations.django_oauth2.client_authenticated¶
Signal when client is authenticated
- authlib.integrations.django_oauth2.token_revoked¶
Signal when token is revoked
- authlib.integrations.django_oauth2.token_authenticated¶
Signal when token is authenticated