{"id":23900882,"url":"https://github.com/mcpcpc/quart-authlib","last_synced_at":"2026-02-06T00:33:40.780Z","repository":{"id":270633850,"uuid":"910984907","full_name":"mcpcpc/quart-authlib","owner":"mcpcpc","description":"Quart extension for the Authlib library","archived":false,"fork":false,"pushed_at":"2025-01-04T23:31:01.000Z","size":30,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-08-19T23:59:42.053Z","etag":null,"topics":["authlib","quart","quart-extension"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"bsd-3-clause","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/mcpcpc.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":".github/funding.yml","license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null},"funding":{"github":"mcpcpc","custom":"https://www.paypal.me/mcpcpc/usd5"}},"created_at":"2025-01-02T01:23:29.000Z","updated_at":"2025-01-03T16:00:56.000Z","dependencies_parsed_at":null,"dependency_job_id":"789f1742-ee46-4d22-b617-6b91f3c46f92","html_url":"https://github.com/mcpcpc/quart-authlib","commit_stats":null,"previous_names":["mcpcpc/quart-authlib"],"tags_count":3,"template":false,"template_full_name":null,"purl":"pkg:github/mcpcpc/quart-authlib","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mcpcpc%2Fquart-authlib","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mcpcpc%2Fquart-authlib/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mcpcpc%2Fquart-authlib/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mcpcpc%2Fquart-authlib/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/mcpcpc","download_url":"https://codeload.github.com/mcpcpc/quart-authlib/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mcpcpc%2Fquart-authlib/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29140242,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-05T23:14:48.546Z","status":"ssl_error","status_checked_at":"2026-02-05T23:14:35.724Z","response_time":65,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["authlib","quart","quart-extension"],"created_at":"2025-01-04T20:54:16.285Z","updated_at":"2026-02-06T00:33:40.773Z","avatar_url":"https://github.com/mcpcpc.png","language":"Python","readme":"# Quart-Authlib\n\nA Quart extension for the Authlib library. This is an adoption from the existing Authlib Flask Client.  Since the primary Authlib developer rejected previous client integration attempts, this project will remain under independent development.\n\n**Important**: This project is in *early* development. Most features are considered unstable or non-functioning; thus, I would **strongly** advise against using any version less than 1.0 for production environments.\n\n## Install\n\n### PyPI\n\nInstall and update using pip:\n\n```shell\npip install -U quart-authlib\n```\n\n### Repository\n\nWhen using git, clone the repository and change your present working directory.\n\n```shell\ngit clone http://github.com/mcpcpc/quart-authlib\ncd quart_authlib/\n```\n\nCreate and activate a virtual environment.\n\n```shell\npython3 -m venv venv\nsource venv/bin/activate\n```\n\nInstall to the virtual environment.\n\n```shell\npip install -e .\n```\n\n## Usage\n\nQuart OAuth client can handle OAuth 1 and OAuth 2 services. It shares a similar API with Quart-OAuthlib, you can transfer your code from Quart-Authlib to Authlib with ease.\n\nCreate a registry with OAuth object:\n\n```python\nfrom quart_authlib import OAuth\n\noauth = OAuth(app)\n```\n\nYou can also initialize it later with `init_app()` method:\n\n```python\noauth = OAuth()\noauth.init_app(app)\n```\n\nThe common use case for OAuth is authentication, e.g. let your users log in with Twitter, GitHub, Google etc.\n\n### Configuration\n\nQuart-Authlib OAuth registry can load the configuration from Quart `app.config` automatically. Every key-value pair in `.register` can be omitted. They can be configured in your Quart App configuration. Config keys are formatted as `{name}_{key}` in uppercase. If you register your remote app as `oauth.register('example', ...)`, the config keys would look like:\n\n| Name                        | Key                                                        |\n| --------------------------- | ---------------------------------------------------------- |\n| EXAMPLE_CLIENT_ID           | OAuth Consumer Key                                         |\n| EXAMPLE_CLIENT_SECRET       | OAuth Consumer Secret                                      |\n| EXAMPLE_ACCESS_TOKEN_URL    | URL to fetch OAuth access token                            |\n\nHere is a full list of the configuration keys:\n\n* {name}_CLIENT_ID: Client key of OAuth 1, or Client ID of OAuth 2\n* {name}_CLIENT_SECRET: Client secret of OAuth 2, or Client Secret of OAuth 2\n* {name}_REQUEST_TOKEN_URL: Request Token endpoint for OAuth 1\n* {name}_REQUEST_TOKEN_PARAMS: Extra parameters for Request Token endpoint\n* {name}_ACCESS_TOKEN_URL: Access Token endpoint for OAuth 1 and OAuth 2\n* {name}_ACCESS_TOKEN_PARAMS: Extra parameters for Access Token endpoint\n* {name}_AUTHORIZE_URL: Endpoint for user authorization of OAuth 1 or OAuth 2\n* {name}_AUTHORIZE_PARAMS: Extra parameters for Authorization Endpoint.\n* {name}_API_BASE_URL: A base URL endpoint to make requests simple\n* {name}_CLIENT_KWARGS: Extra keyword arguments for OAuth1Session or OAuth2Session\n\nWe suggest that you keep ONLY `{name}_CLIENT_ID` and `{name}_CLIENT_SECRET` in your Quart application configuration.\n\n### Using Cache for Temporary Credential\n\nBy default, the Quart OAuth registry will use Quart session to store OAuth 1.0 temporary credential (request token). However, in this way, there are chances your temporary credential will be exposed.\n\nOur OAuth registry provides a simple way to store temporary credentials in a cache system. When initializing OAuth, you can pass an cache instance:\n\n```python\noauth = OAuth(app, cache=cache)\n\n# or initialize lazily\noauth = OAuth()\noauth.init_app(app, cache=cache)\n```\n\nAn example of a cache instance can be:\n\n```python\nfrom quart import Quart\n\nclass OAuthCache:\n\n    def __init__(self, app: Quart) -\u003e None:\n        \"\"\"Initialize the AuthCache.\"\"\"\n        self.app = app\n\n    def delete(self, key: str) -\u003e None:\n        ...\n\n    def get(self, key: str) -\u003e str | None:\n        ...\n\n    def set(self, key: str, value: str, expires: int | None = None) -\u003e None:\n        ...\n```\n\n### Routes for Authorization\n\nRoutes for authorization should look like:\n\n```python\nfrom quart import url_for, redirect\n\n@app.route('/login')\nasync def login():\n    redirect_uri = url_for('authorize', _external=True)\n    return oauth.twitter.authorize_redirect(redirect_uri)\n\n@app.route('/authorize')\nasync def authorize():\n    token = oauth.twitter.authorize_access_token()\n    resp = oauth.twitter.get('account/verify_credentials.json')\n    resp.raise_for_status()\n    profile = resp.json()\n    # do something with the token and profile\n    return redirect('/')\n```\n\n### Accessing OAuth Resources\n\nJust like above example, we don’t need to pass the `request` parameter, everything is handled by Authlib automatically:\n\n```python\nfrom quart import render_template\n\n@app.route('/github')\nasync def show_github_profile():\n    resp = oauth.github.get('user')\n    resp.raise_for_status()\n    profile = resp.json()\n    return await render_template('github.html', profile=profile)\n```\n\nIn this case, our `fetch_token` could look like:\n\n```python\nfrom your_project import current_user\n\ndef fetch_token(name):\n    if name in OAUTH1_SERVICES:\n        model = OAuth1Token\n    else:\n        model = OAuth2Token\n    token = model.find(\n        name=name,\n        user=current_user,\n    )\n    return token.to_token()\n\n# initialize the OAuth registry with this fetch_token function\noauth = OAuth(fetch_token=fetch_token)\n```\n\n### OpenID Connect Client\n\nAn OpenID Connect client is no different than a normal OAuth 2.0 client. When registered with `openid` scope, the built-in OAuth client will handle everything automatically:\n\n```python\noauth.register(\n    'google',\n    ...\n    server_metadata_url='https://accounts.google.com/.well-known/openid-configuration',\n    client_kwargs={'scope': 'openid profile email'}\n)\n```\n\nWhen we get the returned token:\n\n```python\ntoken = oauth.google.authorize_access_token()\n```\n\nThere should be a `id_token` in the response. Authlib has called *.parse_id_token* automatically, we can get `userinfo` in the `token`:\n\n```python\nuserinfo = token['userinfo']\n```\n\n## Examples\n\nSee the [examples](docs/examples) directory.\n\n\n## Contributing\n\nPlease create a new [Issue](https://github.com/mcpcpc/quart-authlib/issues/new) or [Pull Request](https://github.com/mcpcpc/quart-authlib/compare).\n\n## Resources\n\n* https://authlib.org\n* https://quart.palletsprojects.com/en/latest/\n* https://github.com/lepture/authlib/issues/429\n* https://docs.authlib.org/en/latest/client/flask.html\n* https://github.com/authlib/demo-oauth-client/tree/master\n","funding_links":["https://github.com/sponsors/mcpcpc","https://www.paypal.me/mcpcpc/usd5"],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmcpcpc%2Fquart-authlib","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmcpcpc%2Fquart-authlib","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmcpcpc%2Fquart-authlib/lists"}