{"id":19310245,"url":"https://github.com/cedadev/dot-dynamic-scopes","last_synced_at":"2025-04-22T13:33:51.856Z","repository":{"id":24762148,"uuid":"102386134","full_name":"cedadev/dot-dynamic-scopes","owner":"cedadev","description":"Django OAuth Toolkit extension to provide dynamic scopes backed by a Django model.","archived":false,"fork":false,"pushed_at":"2024-04-15T15:35:09.000Z","size":37,"stargazers_count":3,"open_issues_count":0,"forks_count":2,"subscribers_count":9,"default_branch":"master","last_synced_at":"2024-09-22T00:05:34.531Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/cedadev.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null}},"created_at":"2017-09-04T17:33:25.000Z","updated_at":"2024-04-24T21:32:43.000Z","dependencies_parsed_at":"2024-04-15T17:05:26.130Z","dependency_job_id":null,"html_url":"https://github.com/cedadev/dot-dynamic-scopes","commit_stats":null,"previous_names":[],"tags_count":4,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cedadev%2Fdot-dynamic-scopes","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cedadev%2Fdot-dynamic-scopes/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cedadev%2Fdot-dynamic-scopes/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cedadev%2Fdot-dynamic-scopes/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/cedadev","download_url":"https://codeload.github.com/cedadev/dot-dynamic-scopes/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":223898861,"owners_count":17221842,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-10T00:23:20.635Z","updated_at":"2024-11-10T00:23:21.183Z","avatar_url":"https://github.com/cedadev.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# dot-dynamic-scopes\n\nDjango OAuth Toolkit extension to provide dynamic scopes backed by a Django model.\n\nIn a vanilla Django OAuth Toolkit application, all the scopes that an access token\ncan be granted for must be defined in the settings on the authorisation server. In\nthe case where the authorisation and resource servers are the same, this is fine.\nHowever, in the case where the resource servers are separate, and perhaps numerous,\nit means that the authorisation server must know *at deployment time* about all\nthe possible scopes on all the resource servers.\n\nThe `dot-dynamic-scopes` Django application provides a scopes-backend for Django\nOAuth Toolkit that is backed by a Django model, meaning that the scopes information\nis stored in the database and can be dynamic. It also provides an additional view\nthat can be used by resource servers to register their scopes, meaning that the\nauthorisation server does not need to know about all the possible scopes and\nresource servers in advance. This also means that a new resource can be protected\nby a new resource server without needing to roll out any settings updates on the\nauthorisation server. Similar to the\n[introspection endpoint](https://github.com/evonove/django-oauth-toolkit/blob/master/docs/resource_server.rst),\nthis is implemented by having the scope registration view protected by a special\nscope which is only granted to resource servers.\n\n**NOTE:** The extra complication added by this package is only worth using if\nyou have separate authorisation and resource servers. The rest of the README\nassumes that this is the case.\n\n\n## Installation\n\nJust install directly from Github using using `pip`:\n\n```bash\npip install -e git+https://github.com/cedadev/dot-dynamic-scopes.git@tag_branch_or_commit_hash#egg=dot_dynamic_scopes\n```\n\n## Usage\n\nOn both authorisation and resource servers, `dot-dynamic-scopes` must be enabled\nin `settings.py`:\n\n```python\n# Add dot_dynamic_scopes to INSTALLED_APPS\nINSTALLED_APPS = [\n    # ...\n    'dot_dynamic_scopes',\n]\n\n# Tell Django OAuth Toolkit to use the dynamic scopes backend\nOAUTH2_PROVIDER = {\n    'SCOPES_BACKEND_CLASS': 'dot_dynamic_scopes.scopes.DynamicScopes',\n    # ...\n}\n```\n\nOn the authorisation server, the scope registration endpoint must be enabled in `urls.py`:\n\n```python\nurls = [\n    # ...\n    url(r'^o/register_scope/$', dot_dynamic_scopes.views.register_scope, name = 'register-scope'),\n    # ...\n]\n```\n\nThen add the URL for that endpoint to `settings.py` on each resource server, along\nwith the other required configuration for a separate resource server:\n\n```python\nOAUTH2_PROVIDER = {\n    'RESOURCE_SERVER_INTROSPECTION_URL': 'https://my-authz-server.com/o/introspect/',\n    'RESOURCE_SERVER_AUTH_TOKEN': '3yUqsWtwKYKHnfivFcJu',\n}\n\nDOT_DYNAMIC_SCOPES = {\n    'RESOURCE_SERVER_REGISTER_SCOPE_URL': 'https://my-authz-server.com/o/register_scope/',\n}\n```\n\nThe scopes for the authorisation server and each resource server are then configured\nusing the usual ``SCOPES`` and ``DEFAULT_SCOPES`` settings. However, the ``SCOPES``\nsetting for the authorisation server only need contain the scopes used by the\nauthorisation server (i.e. the scopes for the introspect and register-scope endpoints),\nand ``SCOPES`` on each resource server need only contain the scopes used by that\nresource server.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcedadev%2Fdot-dynamic-scopes","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcedadev%2Fdot-dynamic-scopes","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcedadev%2Fdot-dynamic-scopes/lists"}