RFC6750: The OAuth 2.0 Authorization Framework: Bearer Token Usage

This section contains the generic implementation of RFC6750.

Guide on Bearer Token

Bearer token is used in OAuth 2.0 framework to protect resources. You need to implement the missing methods of BearerTokenValidator before using it. Learn how to use it in Resource Server.

API Reference

class authlib.oauth2.rfc6750.BearerTokenValidator(realm=None, **extra_attributes)
authenticate_token(token_string)

A method to query token from database with the given token string. Developers MUST re-implement this method. For instance:

def authenticate_token(self, token_string):
    return get_token_from_database(token_string)
Parameters:

token_string – A string to represent the access_token.

Returns:

token

validate_token(token, scopes, request)

Check if token is active and matches the requested scopes.

authlib.oauth2.rfc6750.BearerToken

alias of BearerTokenGenerator