Metadata-Version: 1.1
Name: oauth-slave-accounts
Version: 0.1.1
Summary: Custom Django Oauth backend for Ressource Servers to download full user data fom Authorization Server
Home-page: UNKNOWN
Author: Jean Ribes
Author-email: jean@ribes.me
License: BSD License
Description: Ressource Server Utilities
        ==========================
        
        If you've read RFCs on OAuth or (more likely) the **django-oauth-toolkit** docs, you know that a *Ressource Server* sorts
        of delegates user authentication to the *Authorization Server*.
        
        But the current implementation in *Django OAuth Toolkit* only copies the username from the *Authorization Server* in its
        database. This implies that all users have no special permissions, i.e. you lose administrator rights when you access
        the *Ressource Server* !
        
        The class FullUserOAuthBackend aims to fix this by fetching the full user model from the *Authorization Server* after
        you've accessed the *Ressource Server*.
        
        Installation
        ------------
        `pip install oauth-slave-accounts`
        
        Setup
        -----
        Authorization Server
        ~~~~~~~~~~~~~~~~~~~~
        You need to create an endpoint that exposes user data in a json manner (or further override my methods), the easiest being
        a DjangoRestFramework ModelViewset.
        The current implementation uses the user's Authorization token as `lookup_field`.
        
        .. code:: python
        
            class UserViewSet(viewset.ReadOnlyModelViewSet):
                queryset = User.objects.all()
                serializer_class = UserSerializer
                permission_classes = [ServerServerPermission]
                def get_object(self):
                    return  AccessToken.objects.get(token=self.kwargs.get('pk')).user
        ..
        
         **pro tip:** you should exclude the password from the serializer, because its confidential even if salted, and furthermore its useability probably depends on the `SECRET_KEY`
        
        Ressource Server
        ~~~~~~~~~~~~~~~~
        Subclass `ressource_server_utils.backend.FullUserOAuthBackend` and override the following :
         * property fetch_url : a string that describes your *Authorization Server*'s endpoint to get User data e.g. `http://auth.srv/user/{}/`
         * property UserSerializer : a DjangoRestFramework Serializer that defines how to parse your *Authorization Server*'s response
         * And optionnally
            - method get_auth_token()
            - method refresh_auth_token()
Platform: UNKNOWN
Classifier: Environment :: Web Environment
Classifier: Framework :: Django
Classifier: Intended Audience :: Developers
Classifier: Operating System :: OS Independent
Classifier: Programming Language :: Python
Classifier: Programming Language :: Python :: 3.5
Classifier: Programming Language :: Python :: 3.6
Classifier: Topic :: Internet :: WWW/HTTP
Classifier: Topic :: Internet :: WWW/HTTP :: Dynamic Content
