In this article, we’ll first look at what OAuth is. Then, we’ll use the OAuthLib and Requests libraries to implement OAuth2.

Objectives

By the end of this article, you will be able to:

1. Explain what OAuth and OAuth2 are and how they can be used
2. Describe the OAuth2 flow between a web client and server
3. Implement OAuth2 via the Web Application Flow (also known as the Authorization Code Grant)

What is OAuth?

OAuth is a secure open protocol for authorizing users between unrelated services. Put another way, it enables one service to access resources hosted on other services without having to share user credentials, like username and password.

It’s all about delegation:

1. One service (client) accesses resources from another service (resource server) on behalf of a user.
2. The user does not have to share their credentials with the client.

Parties involved:

1. Resource owner / user - the person who gives permission to access their protected resources hosted by a third-party provider
2. Client - the web application acting on behalf of the user to access their resources hosted by a third-party provider
3. Authorization server - the third-party server contacted by the client that displays a prompt for the user to authorize the client to act on the user’s behalf
4. Resource server - the third-party server hosting the user’s protected resources

The authorization server and resource server may be the same entity.

OAuth2 is the latest version of the OAuth protocol used by services like Google, Spotify, Trello, and Vimeo, to name a few.

#python #oauth2 #oauth #security