kinto-facebook

Release 0.1.0

Facebook Auth support in Kinto

Homepage PyPI Python

Keywords
web, services
License
Apache-2.0
Install
pip install kinto-facebook==0.1.0

Documentation

Facebook Auth support in Kinto

travis Coverage

Kinto-facebook enables authentication in Kinto applications using Facebook OAuth2 bearer tokens.

It provides:

  • An authentication policy class;
  • Integration with Kinto cache backend for token verifications;
  • Integration with Kinto for heartbeat view checks;
  • Some optional endpoints to perform the OAuth dance (optional).
  • Kinto documentation
  • Issue tracker

Installation

First of all, create a Facebook Auth app.

You need to grab the client_id, client_secret and app_client_token in the app general settings page:

https://developers.facebook.com/apps/{client_id}/settings/basic/
https://developers.facebook.com/apps/{client_id}/settings/advanced/

Install the Python package:

pip install kinto-facebook

Include the package in the project configuration:

kinto.includes = kinto_facebook

And configure authentication policy using pyramid_multiauth formalism:

multiauth.policies = facebook
multiauth.policy.facebook.use = kinto_facebook.authentication.FacebookAuthenticationPolicy

By default, it will rely on the cache configured in Kinto.

Configuration

Fill those settings with the values obtained during the application registration:

facebook.client_id = 89513028159972bc
facebook.client_secret = 9aced230585cc0aaea0a3467dd800
facebook.app_access_token = 30ce836499a146428464b28816b1618b
facebook.webapp.authorized_domains = *
# facebook.cache_ttl_seconds = 300
# facebook.state.ttl_seconds = 3600

In case the application shall not behave as a relier (a.k.a. OAuth dance endpoints disabled):

facebook.relier.enabled = false

If necessary, override default values for authentication policy:

facebook.header_type = Bearer+Facebook

Login flow

OAuth Bearer token

Use the OAuth token with this header:

Authorization: Bearer <access_token>
notes: If the token is not valid, this will result in a 401 error response.

Obtain token using Web UI

  • Navigate the client to GET /facebook/login?redirect=http://app-endpoint/%23. There, a session cookie will be set, and the client will be redirected to a login form on the Facebook content server;
  • After submitting the credentials on the login page, the client will be redirected to http://app-endpoint/#{token} (the web-app).

Stats

Dependencies
0
Dependent packages
0
Dependent repositories
0
Total releases
1
Latest release
First release
Stars
0
Forks
1
Watchers
2
Contributors
1
Repository size
121 KB
SourceRank
6

Development practices

Source repo 2FA enabled
TEXT!
Package manager 2FA enabled
TEXT!
Is security responsive
TEXT!
Dependencies are managed
TEXT!
Issue-free release available
TEXT!
Succession plan available
TEXT!
Package manager 2FA enabled
TEXT!

The Tidelift Subscription provides access to a continuously curated stream of human-researched and maintainer-verified data on open source packages and their licenses, releases, vulnerabilities, and development practices.

Learn more

Releases

0.1.0

Contributors

Rémy HUBSCHER


See all contributors

Something wrong with this page? Make a suggestion

Export .ABOUT file for this package

Last synced: 2021-02-17 08:57:10 UTC

Login to resync this project