beanbag.auth – Authentication Helpers

Kerberos Helper

To setup kerberos auth:

>>> import requests
>>> session = requests.Session()
>>> session.auth = beanbag.KerbAuth()
>>> foo = beanbag.BeanBag("http://hostname/api/", session=session)
class beanbag.auth.KerbAuth(timeout=180)

Helper class for basic Kerberos authentication using requests library. A single instance can be used for multiple sites. Each request to the same site will use the same authorization token for a period of 180 seconds.

Example:
>>> session = requests.Session()
>>> session.auth = KerbAuth()
__init__(timeout=180)

OAuth 1.0a Helper

OAuth10aDance helps with determining the user creds, compared to using OAuth1 directly.

class beanbag.auth.OAuth10aDance(req_token=None, acc_token=None, authorize=None, client_key=None, client_secret=None, user_key=None, user_secret=None)
__init__(req_token=None, acc_token=None, authorize=None, client_key=None, client_secret=None, user_key=None, user_secret=None)

Create an OAuth10aDance object to negotiatie OAuth 1.0a credentials.

The first set of parameters are the URLs to the OAuth 1.0a service you wish to authenticate against.

Parameters:
  • req_token – Request token URL
  • authorize – User authorization URL
  • acc_token – Access token URL

These parameters (and the others) may also be provided by subclassing the OAuth10aDance class, eg:

Example:
>>> class OAuthDanceTwitter(beanbag.OAuth10aDance):
...     req_token = "https://api.twitter.com/oauth/request_token"
...     authorize = "https://api.twitter.com/oauth/authorize"
...     acc_token = "https://api.twitter.com/oauth/access_token"

The second set of parameters identify the client application to the server, and need to be obtained outside of the OAuth protocol.

Parameters:
  • client_key – client/consumer key
  • client_secret – client/consumer secret

The final set of parameters identify the user to server. These may be left as None, and obtained using the OAuth 1.0a protocol via the obtain_creds() method or using the get_auth_url() and verify_user() methods.

Parameters:
  • user_key – user key
  • user_secret – user secret

Assuming OAuthDanceTwitter is defined as above, and you have obtained the client key and secret (see https://apps.twitter.com/ for twitter) as k and s, then putting these together looks like:

Example:
>>> oauthdance = OAuthDanceTwitter(client_key=k, client_secret=s)
>>> oauthdance.obtain_creds()
Please go to url:
  https://api.twitter.com/oauth/authorize?oauth_token=...
  Please input the verifier: 1111111
>>> session = requests.Session()
>>> session.auth = oauthdance.oauth()
have_creds()

Check whether all credentials are filled in

get_auth_url()

URL for user to obtain verification code

verify_user(verifier)

Set user key and secret based on verification code

obtain_creds()

Fill in credentials by interacting with the user (input/print)

oauth()

Create an OAuth1 authenticator using client and user credentials