{"id":25181800,"url":"https://github.com/glocktober/bottleoidc","last_synced_at":"2025-08-23T17:43:12.365Z","repository":{"id":57416126,"uuid":"401119531","full_name":"Glocktober/BottleOIDC","owner":"Glocktober","description":"OIDC provider for Bottle apps","archived":false,"fork":false,"pushed_at":"2021-09-21T21:15:53.000Z","size":12,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-02-09T17:33:51.804Z","etag":null,"topics":["bottle","oidc","oidc-client","python3"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Glocktober.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2021-08-29T18:57:14.000Z","updated_at":"2022-02-27T12:45:17.000Z","dependencies_parsed_at":"2022-08-23T16:40:35.051Z","dependency_job_id":null,"html_url":"https://github.com/Glocktober/BottleOIDC","commit_stats":null,"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Glocktober%2FBottleOIDC","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Glocktober%2FBottleOIDC/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Glocktober%2FBottleOIDC/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Glocktober%2FBottleOIDC/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Glocktober","download_url":"https://codeload.github.com/Glocktober/BottleOIDC/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247129852,"owners_count":20888463,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bottle","oidc","oidc-client","python3"],"created_at":"2025-02-09T17:28:10.986Z","updated_at":"2025-04-04T06:22:17.233Z","avatar_url":"https://github.com/Glocktober.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"\n## BottleOIDC - OIDC Service Provider for Bottle\n\n**BottleOIDC** is an OpenID Connect module providing authentication and authorization for [Bottle web Framework](https://bottlepy.org) web apps.\n\n**BottleOIDC** supports OIDC auto discovery to simplify configuration and deployment.\n### Installing\n\n```bash\n# pip install BottleOIDC\n```\nThis loads the necessary python modules including bottle and BottleSessions, requests, and PyJWT.\n### Using BottleOIDC\n```python\nfrom bottle import Bottle\nfrom BottleSessions import BottleSessions\nfrom BottleOIDC import BottleOIDC\nfrom config import oidc_config\n\napp = Bottle()\nBottleSessions(app)\nauth = BottleOIDC(app, config=oidc_config)\n\n@app.route('/login')\n@auth.require_login\ndef login():\n return f'hello {auth.my_username}'\n\n@app.route('/bob')\n@auth.require_user('bob')\n return 'You must be bob'\n\nif __name__ == '__main__:\n app.run()\n\n```\n#### Signature and Parameters\n\n```\nauth = BottleOIDC(app, config)\n```\n**`app`** - the Bottle() application context object. **Required.**\n\n**`config`** - a python `dict` of configuration parameters and options. **Required.**\n\n### Configuration Options\n**BottleOIDC** is configured by passing a python `dict` with the necessary parameters:\n\u003e Example Configuration\n```python\noidc_config = {\n \"discovery_url\": \"https://login.microsoftonline.com/\u003ctenentid\u003e/V2.0/.well-known/openid-configuration\",\n \"client_id\": \"1b170767-1234-5678-abcd-90ff90ff90ff\",\n \"client_secret\": \"MYCLIENTsecret\",\n \"client_scope\": [\"openid\", \"email\", \"profile\", ],\n \"user_attr\" : \"email\",\n}\n```\n\n**`discovery_url`** - oidc auto discovery url of the IdP. **Required.**\n\n**`client_id`** - oidc client identifier of the app registered with IdP. **Required.**\n\n**`client_secret`** - oidc client secret for the app provided by the IdP. **Required.**\n\n**`client_scope`** - a Python `list` of requested scopes. Default is *['openid', 'email', 'profile']*).\n\n**`user_attr`** - attribute to set username. Default is `email`\n\n**`logout_idp`** - on logout, initiate IdP logout process. Default is `False`.\n\n#### BottleOIDC Object Properties\n**`auth.is_authenticated`** - Is `True` if the current session is authenticated.\n\n**`auth.my_username`** - Returns None if the user is not authenticated. Returns `user_attr` value from the Id token, or 'AuthenticatedUser' if the attribute was not available in the Id token.\n\n**`auth.my_attrs`** - Returns dict of attrs returned in the Id token, or {} if not authenticated.\n\n\u003e Example using object properties:\n```python\n@app.route('/status')\ndef view():\n if auth.is_authenticated:\n return {\n 'user': auth.my_username,\n 'data': auth.my_attrs\n }\n else:\n return 'You are not Authenticated.'\n```\n### BottleSaml methods\n\n#### auth.initiate_login()\n\n```python\nreturn auth.initiate_login(next, force_reauth, userhint)\n```\n\n`init_login()` returns OIDC code grant request redirect to iDP that initiates login. Arguments:\n\n**`next`** - URL to redirect after login completed. Optional. \n\n**`force_reauth`** - `True` requests IdP to require full reauth for this login. Default `False`\n\n**`userhint`** - (where possible) provides the iDP with username hint. Default `None`\n\n#### auth.initiate_logout()\n```python \nreturn auth.initiate_logout(next)\n``` \n`initiate_logout()` clears the Session data to log the user out locally. (To logout from IdP set the **`logout_idp`** config option to `True`.)\n\n**`next`** - URL to redirect after logout completed. Default is '/', *Optional.*\n\n```python\n@app.route('/logout')\ndef logout():\n return auth.initiate_logout()\n```\n\n#### @auth.login_required\n```python\n@auth.login_required\ndef view():\n return 'logged in'\n```\nDecorates a function to initiate login if the session is not authenticated. On successful authentication the browser will be redirected to the view.\n\n#### @auth.add_login_hook\n```python\n@oidc.add_login_hook\ndef hook(username, attrs):\n return username, attrs\n```\nDecorates a function to runs after OIDC authentication is completed and tokens have been retrieved. \n\nLogin hooks can process and filter username and Id token attributes before the data is stored in the session. Hooks are run in the order they are added.\n\n#### @auth.require_user\n```python\n@auth.require_user(['bob', 'alice'])\ndef view():\n return 'only bob or alice can get here'\n```\nDecorator adds authorization requirement to a view. If the sessions `username` is in the list, the view is reached and processed. Otherwise returns a `403 Unauthorized` error if the user is not in the list.\n\n#### @auth.require_attr(attr, value)\n```python\n@auth.require_attr(attr='groups', value=['sysadmin', 'netadmin']) \ndef view():\n return 'you are in sysadmin or netadmin'\n```\nDecorator adds authorization requirement to a view. If the session has the desired attribute (in the id token) and it matches one of the values listed, the view is reached and processed. Otherwise returns a `403 Unauthorized` error.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fglocktober%2Fbottleoidc","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fglocktober%2Fbottleoidc","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fglocktober%2Fbottleoidc/lists"}