Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/lepture/Authlib

The ultimate Python library in building OAuth, OpenID Connect clients and servers. JWS,JWE,JWK,JWA,JWT included.
https://github.com/lepture/Authlib

django flask jose jwe jwk jws jwt oauth oauth2 oauth2-provider oauth2-server oidc openid-connect

Last synced: 3 months ago
JSON representation

The ultimate Python library in building OAuth, OpenID Connect clients and servers. JWS,JWE,JWK,JWA,JWT included.

Host: GitHub
URL: https://github.com/lepture/Authlib
Owner: lepture
License: bsd-3-clause
Created: 2017-10-27T06:52:26.000Z (about 7 years ago)
Default Branch: master
Last Pushed: 2024-07-19T06:54:12.000Z (4 months ago)
Last Synced: 2024-07-31T18:18:35.612Z (3 months ago)
Topics: django, flask, jose, jwe, jwk, jws, jwt, oauth, oauth2, oauth2-provider, oauth2-server, oidc, openid-connect
Language: Python
Homepage: https://authlib.org/
Size: 3.1 MB
Stars: 4,411
Watchers: 60
Forks: 440
Open Issues: 95
Metadata Files:
- Readme: README.md
- Funding: .github/FUNDING.yml
- License: LICENSE
- Code of conduct: .github/CODE_OF_CONDUCT.md
- Security: .github/SECURITY.md

Awesome Lists containing this project

README

        





# Authlib













The ultimate Python library in building OAuth and OpenID Connect servers.

JWS, JWK, JWA, JWT are included.

Authlib is compatible with Python3.6+.

**[Migrating from `authlib.jose` to `joserfc`](https://jose.authlib.org/en/dev/migrations/authlib/)**

## Sponsors



Kraken is the world's leading customer & culture platform for energy, water & broadband. Licensing enquiries at Kraken.tech.



A blogging and podcast hosting platform with minimal design but powerful features. Host your blog and Podcast with Typlog.com.

[**Fund Authlib to access additional features**](https://docs.authlib.org/en/latest/community/funding.html)

## Features

Generic, spec-compliant implementation to build clients and providers:

- [The OAuth 1.0 Protocol](https://docs.authlib.org/en/latest/basic/oauth1.html)

  - [RFC5849: The OAuth 1.0 Protocol](https://docs.authlib.org/en/latest/specs/rfc5849.html)

- [The OAuth 2.0 Authorization Framework](https://docs.authlib.org/en/latest/basic/oauth2.html)

  - [RFC6749: The OAuth 2.0 Authorization Framework](https://docs.authlib.org/en/latest/specs/rfc6749.html)

  - [RFC6750: The OAuth 2.0 Authorization Framework: Bearer Token Usage](https://docs.authlib.org/en/latest/specs/rfc6750.html)

  - [RFC7009: OAuth 2.0 Token Revocation](https://docs.authlib.org/en/latest/specs/rfc7009.html)

  - [RFC7523: JWT Profile for OAuth 2.0 Client Authentication and Authorization Grants](https://docs.authlib.org/en/latest/specs/rfc7523.html)

  - [RFC7591: OAuth 2.0 Dynamic Client Registration Protocol](https://docs.authlib.org/en/latest/specs/rfc7591.html)

  - [RFC7592: OAuth 2.0 Dynamic Client Registration Management Protocol](https://docs.authlib.org/en/latest/specs/rfc7592.html)

  - [RFC7636: Proof Key for Code Exchange by OAuth Public Clients](https://docs.authlib.org/en/latest/specs/rfc7636.html)

  - [RFC7662: OAuth 2.0 Token Introspection](https://docs.authlib.org/en/latest/specs/rfc7662.html)

  - [RFC8414: OAuth 2.0 Authorization Server Metadata](https://docs.authlib.org/en/latest/specs/rfc8414.html)

  - [RFC8628: OAuth 2.0 Device Authorization Grant](https://docs.authlib.org/en/latest/specs/rfc8628.html)

  - [RFC9068: JSON Web Token (JWT) Profile for OAuth 2.0 Access Tokens](https://docs.authlib.org/en/latest/specs/rfc9068.html)

- [Javascript Object Signing and Encryption](https://docs.authlib.org/en/latest/jose/index.html)

  - [RFC7515: JSON Web Signature](https://docs.authlib.org/en/latest/jose/jws.html)

  - [RFC7516: JSON Web Encryption](https://docs.authlib.org/en/latest/jose/jwe.html)

  - [RFC7517: JSON Web Key](https://docs.authlib.org/en/latest/jose/jwk.html)

  - [RFC7518: JSON Web Algorithms](https://docs.authlib.org/en/latest/specs/rfc7518.html)

  - [RFC7519: JSON Web Token](https://docs.authlib.org/en/latest/jose/jwt.html)

  - [RFC7638: JSON Web Key (JWK) Thumbprint](https://docs.authlib.org/en/latest/specs/rfc7638.html)

  - [ ] RFC7797: JSON Web Signature (JWS) Unencoded Payload Option

  - [RFC8037: ECDH in JWS and JWE](https://docs.authlib.org/en/latest/specs/rfc8037.html)

  - [ ] draft-madden-jose-ecdh-1pu-04: Public Key Authenticated Encryption for JOSE: ECDH-1PU

- [OpenID Connect 1.0](https://docs.authlib.org/en/latest/specs/oidc.html)

  - [x] OpenID Connect Core 1.0

  - [x] OpenID Connect Discovery 1.0

Connect third party OAuth providers with Authlib built-in client integrations:

- Requests

  - [OAuth1Session](https://docs.authlib.org/en/latest/client/requests.html#requests-oauth-1-0)

  - [OAuth2Session](https://docs.authlib.org/en/latest/client/requests.html#requests-oauth-2-0)

  - [OpenID Connect](https://docs.authlib.org/en/latest/client/requests.html#requests-openid-connect)

  - [AssertionSession](https://docs.authlib.org/en/latest/client/requests.html#requests-service-account)

- HTTPX

  - [AsyncOAuth1Client](https://docs.authlib.org/en/latest/client/httpx.html#httpx-oauth-1-0)

  - [AsyncOAuth2Client](https://docs.authlib.org/en/latest/client/httpx.html#httpx-oauth-2-0)

  - [OpenID Connect](https://docs.authlib.org/en/latest/client/httpx.html#httpx-oauth-2-0)

  - [AsyncAssertionClient](https://docs.authlib.org/en/latest/client/httpx.html#async-service-account)

- [Flask OAuth Client](https://docs.authlib.org/en/latest/client/flask.html)

- [Django OAuth Client](https://docs.authlib.org/en/latest/client/django.html)

- [Starlette OAuth Client](https://docs.authlib.org/en/latest/client/starlette.html)

- [FastAPI OAuth Client](https://docs.authlib.org/en/latest/client/fastapi.html)

Build your own OAuth 1.0, OAuth 2.0, and OpenID Connect providers:

- Flask

  - [Flask OAuth 1.0 Provider](https://docs.authlib.org/en/latest/flask/1/)

  - [Flask OAuth 2.0 Provider](https://docs.authlib.org/en/latest/flask/2/)

  - [Flask OpenID Connect 1.0 Provider](https://docs.authlib.org/en/latest/flask/2/openid-connect.html)

- Django

  - [Django OAuth 1.0 Provider](https://docs.authlib.org/en/latest/django/1/)

  - [Django OAuth 2.0 Provider](https://docs.authlib.org/en/latest/django/2/)

  - [Django OpenID Connect 1.0 Provider](https://docs.authlib.org/en/latest/django/2/openid-connect.html)

## Useful Links

1. Homepage: .

2. Documentation: .

3. Purchase Commercial License: .

4. Blog: .

5. Twitter: .

6. StackOverflow: .

7. Other Repositories: .

8. Subscribe Tidelift: [https://tidelift.com/subscription/pkg/pypi-authlib](https://tidelift.com/subscription/pkg/pypi-authlib?utm_source=pypi-authlib&utm_medium=referral&utm_campaign=links).

## Security Reporting

If you found security bugs, please do not send a public issue or patch.

You can send me email at . Attachment with patch is welcome.

My PGP Key fingerprint is:

```

72F8 E895 A70C EBDF 4F2A DFE0 7E55 E3E0 118B 2B4C

```

Or, you can use the [Tidelift security contact](https://tidelift.com/security).

Tidelift will coordinate the fix and disclosure.

## License

Authlib offers two licenses:

1. BSD (LICENSE)

2. COMMERCIAL-LICENSE

Companies can purchase a commercial license at

[Authlib Plans](https://authlib.org/plans).

**If your company is creating a closed source OAuth provider, it is strongly

suggested that your company purchasing a commercial license.**

## Support

If you need any help, you can always ask questions on StackOverflow with

a tag of "Authlib". DO NOT ASK HELP IN GITHUB ISSUES.

We also provide commercial consulting and supports. You can find more

information at .