API References of Django OAuth 2.0 Server

This part of the documentation covers the interface of Django OAuth 2.0 Server.

class authlib.integrations.django_oauth2.AuthorizationServer(client_model, token_model)

Django implementation of authlib.oauth2.rfc6749.AuthorizationServer. Initialize it with client model and token model:

from authlib.integrations.django_oauth2 import AuthorizationServer
from your_project.models import OAuth2Client, OAuth2Token

server = AuthorizationServer(OAuth2Client, OAuth2Token)

create_authorization_response(request=None, grant_user=None)

Validate authorization request and create authorization response.

Parameters:

• request – HTTP request instance.

• grant_user – if granted, it is resource owner. If denied, it is None.

Returns:

Response

create_endpoint_response(name, request=None)

Validate endpoint request and create endpoint response.

Parameters:

• name – Endpoint name

• request – HTTP request instance.

Returns:

Response

create_token_response(request=None)

Validate token request and create token response.

Parameters:

request – HTTP request instance

get_consent_grant(request=None, end_user=None)

Validate current HTTP request for authorization page. This page is designed for resource owner to grant or deny the authorization.

register_endpoint(endpoint_cls)

Add extra endpoint to authorization server. e.g. RevocationEndpoint:

authorization_server.register_endpoint(RevocationEndpoint)

Parameters:

endpoint_cls – A endpoint class

register_grant(grant_cls, extensions=None)

Register a grant class into the endpoint registry. Developers can implement the grants in authlib.oauth2.rfc6749.grants and register with this method:

class AuthorizationCodeGrant(grants.AuthorizationCodeGrant):
    def authenticate_user(self, credential):
        # ...

authorization_server.register_grant(AuthorizationCodeGrant)

Parameters:

• grant_cls – a grant class.

• extensions – extensions for the grant class.

class authlib.integrations.django_oauth2.ResourceProtector

acquire_token(request, scopes=None)

A method to acquire current valid token with the given scope.

Parameters:

• request – Django HTTP request instance

• scopes – a list of scope values

Returns:

token object

class authlib.integrations.django_oauth2.BearerTokenValidator(token_model, realm=None, **extra_attributes)

authenticate_token(token_string)

A method to query token from database with the given token string. Developers MUST re-implement this method. For instance:

def authenticate_token(self, token_string):
    return get_token_from_database(token_string)

Parameters:

token_string – A string to represent the access_token.

Returns:

token

class authlib.integrations.django_oauth2.RevocationEndpoint(server)

The revocation endpoint for OAuth authorization servers allows clients to notify the authorization server that a previously obtained refresh or access token is no longer needed.

Register it into authorization server, and create token endpoint response for token revocation:

from django.views.decorators.http import require_http_methods

# see register into authorization server instance
server.register_endpoint(RevocationEndpoint)

@require_http_methods(["POST"])
def revoke_token(request):
    return server.create_endpoint_response(
        RevocationEndpoint.ENDPOINT_NAME,
        request
    )

query_token(token, token_type_hint)

Query requested token from database.

revoke_token(token, request)

Mark the give token as revoked.

authlib.integrations.django_oauth2.client_authenticated

Signal when client is authenticated

authlib.integrations.django_oauth2.token_revoked

Signal when token is revoked

authlib.integrations.django_oauth2.token_authenticated

Signal when token is authenticated