Skip to content

PMR2/pmr2.oauth

Repository files navigation

Introduction

This module provides OAuth support for Zope/Plone, with the option to be extensible through the Zope Component Architecture to allow the addition of more feature-rich components. Features core to OAuth are fully supported, this includes the full OAuth authentication workflow, client (consumer) management for site managers and access token management for resource owners. Scope restriction is also supported; site managers can define content types and subpaths that are available for client usage using scope profiles, and clients can specify a list of them to better inform the resource owners of what will be accessed under their access rights.

https://travis-ci.org/PMR2/pmr2.oauth.svg?branch=master https://coveralls.io/repos/PMR2/pmr2.oauth/badge.svg?branch=master

While the test coverage is fairly complete and demonstrates that access permissions and scope restriction function as intended, the author does not currently endorse the usage of this package in a mission critical environment where absolute security is required, as there are no audits have been done on this package by security experts. Otherwise, please ensure that your users are aware of who the trusted third-party clients are and that your site's privacy and security policies are updated to fully inform your users of risks that may be associated with the usage of OAuth with this package.

Installation

Requirements

This package requires Plone 4.1 or later.

Installing with buildout

You can install pmr2.oauth using buildout by adding an entry for this package in both eggs and zcml sections.

Example:

[buildout]
...

[instance]
...

eggs =
    ...
    pmr2.oauth

zcml =
    ...
    pmr2.oauth

Run buildout, then restart the Zope/Plone instance. This package must also be activated using the Add-ons panel under Site Setup within the Plone instance where OAuth based authorization is to be used.

Further information and usage instructions

If the add-on is correctly installed and activated, an index of views made available as part of this add-on can be found at ${portal_url}/@@pmr2-oauth.

If you are upgrading from a previously installed version of this add-on, please refer to docs/UPGRADE.rst for some important information.

For more detailed information, please refer to the doctest file at pmr2/oauth/README.rst.

About

This add-on was created as part of the Physiome Model Repository in order to enable it to provide secured web-service access using a well supported, industry-standard authorization method for third-party clients.

About

OAuth PAS Plugin, OAuth 1.0 provider for Plone.

Resources

License

Stars

Watchers

Forks

Packages

No packages published