Skip to content

Instantly share code, notes, and snippets.

@lepture

lepture/CA.md Secret

Last active February 13, 2020 02:27
Show Gist options
  • Star 1 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save lepture/726e07a737b20f111d570d1d0437d5d4 to your computer and use it in GitHub Desktop.
Save lepture/726e07a737b20f111d570d1d0437d5d4 to your computer and use it in GitHub Desktop.
Authlib v0.13 Changes

Client Auth

  1. authlib.oauth2.ClientAuth.register_auth_method is removed
  2. OAuth2Client.register_client_auth_method is redesigned

The method register_session_client_auth_method in rfc7523 is deprecated. Instead of using register_session_client_auth_method, developers can import authlib.oauth2.rfc7523.ClientSecretJWT and authlib.oauth2.rfc7523.PrivateKeyJWT.

Previously:

from authlib.oauth2.rfc7523 import register_session_client_auth_method
from authlib.client import OAuth2Session

session = OAuth2Session(
    'your-client-id', 'your-client-secret',
    token_endpoint_auth_method='client_secret_jwt'
)
# just one hook here
register_session_client_auth_method(session)

Now:

from authlib.oauth2.rfc7523 import ClientSecretJWT
from authlib.integrations.requests_client import OAuth2Session

session = OAuth2Session(
    'your-client-id', 'your-client-secret',
    token_endpoint_auth_method='client_secret_jwt'
)
session.register_client_auth_method(ClientSecretJWT('https://example.com/oauth/token'))

Renaming

We moved our requests client, flask client/servers, and django client/servers into integrations folder. Which means:

Previously:

from authlib.client import OAuth1Session, OAuth2Session
from authlib.flask.client import OAuth, RemoteApp
from authlib.flask.oauth1 import AuthorizationServer, ResourceProtector
from authlib.flask.oauth2 import AuthorizationServer, ResourceProtector
from authlib.django.client import OAuth, RemoteApp
from authlib.django.oauth1 import AuthorizationServer, ResourceProtector
from authlib.django.oauth2 import AuthorizationServer, ResourceProtector

Now:

from authlib.integrations.requests_client import OAuth1Session, OAuth2Session
from authlib.integrations.flask_client import OAuth, RemoteApp
from authlib.integrations.flask_oauth1 import AuthorizationServer, ResourceProtector
from authlib.integrations.flask_oauth2 import AuthorizationServer, ResourceProtector
from authlib.integrations.django_client import OAuth, RemoteApp
from authlib.integrations.django_oauth1 import AuthorizationServer, ResourceProtector
from authlib.integrations.django_oauth2 import AuthorizationServer, ResourceProtector

This is a compatible change, Authlib will display a deprecated message for you.

@lepture
Copy link
Author

lepture commented Oct 3, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment