Rauth

0.7.3 · abandoned · verified Mon Apr 13

Rauth is a Python library that provides consumer support for OAuth 1.0/a, OAuth 2.0, and Ofly, built on top of the popular Requests library. Its last release, version 0.7.3, was in January 2017, indicating it is no longer actively maintained.

Warnings

breaking The Rauth library has not been updated since January 2017 (version 0.7.3). This means it is no longer actively maintained, receives no new features, bug fixes, or security patches, making it unsuitable for new projects and risky for existing ones, especially for security-sensitive OAuth flows.
Fix: Consider migrating to an actively maintained OAuth client library such as `requests-oauthlib` or a more modern HTTP client with OAuth capabilities.
gotcha Rauth was primarily built on Requests v1.x, and version 0.7.0 only explicitly allowed Requests versions >= 1.2.3. Newer versions of the `requests` library (e.g., Requests 2.x and later) may introduce breaking changes or behavioral differences that are not accounted for in Rauth, potentially leading to unexpected errors or vulnerabilities.
Fix: If using Rauth, pin the `requests` library to an older, compatible version (e.g., `requests<2.0`). However, due to Rauth's abandonment, this is still not recommended for production.
gotcha Python 3 support was introduced in Rauth version 0.6.0. Earlier versions are strictly Python 2.x compatible. Using `rauth` versions older than 0.6.0 with Python 3 environments will result in import errors or runtime failures.
Fix: Ensure you are using Rauth version 0.6.0 or higher for Python 3 compatibility. However, the library is abandoned, so Python 3.6+ compatibility might also be limited.
gotcha Users have reported issues with `OAuth1Session` objects returning 401 'Not Authorized' errors on subsequent requests after the initial successful authentication, suggesting potential problems with session management or token refreshing for OAuth 1.0/a flows.
Fix: There is no official fix for this specific issue within the Rauth library due to its abandonment. Workarounds might involve re-authenticating or manually managing tokens, but these are fragile and not recommended. Migration to an actively maintained library is advised.

Install

pip install rauth Install Rauth

Imports

OAuth1Service
```
from rauth import OAuth1Service
```
OAuth2Service
```
from rauth import OAuth2Service
```
OflyService
```
from rauth import OflyService
```

Quickstart

This quickstart demonstrates a basic OAuth 2.0 authorization code flow using Rauth. It simulates a web application by prompting the user to manually visit an authorization URL and then input the received authorization code to obtain an access token and make an authenticated API call. Remember to replace placeholder URLs and credentials with actual values for your OAuth provider.

import os
import webbrowser
from rauth import OAuth2Service

# --- Configuration (Replace with your actual app details and environment variables) ---
CLIENT_ID = os.environ.get('RAUTH_CLIENT_ID', 'your_client_id')
CLIENT_SECRET = os.environ.get('RAUTH_CLIENT_SECRET', 'your_client_secret')
REDIRECT_URI = 'http://localhost:8000/callback'

# Example for a hypothetical OAuth 2.0 provider
service = OAuth2Service(
    client_id=CLIENT_ID,
    client_secret=CLIENT_SECRET,
    name='example_provider',
    authorize_url='https://example.com/oauth/authorize',
    access_token_url='https://example.com/oauth/token',
    base_url='https://example.com/api/'
)

print('--- Starting OAuth 2.0 Flow ---')

# Step 1: Get the authorization URL and redirect the user
params = {
    'redirect_uri': REDIRECT_URI,
    'response_type': 'code',
    'scope': 'read_profile'
}
authorize_url = service.get_authorize_url(**params)

print(f"Please visit this URL in your browser:\n{authorize_url}")
webbrowser.open(authorize_url)

# In a real web application, this 'code' would come from the redirect_uri callback
# For this example, we simulate getting the code from user input after manual authorization.
authorization_code = input('Enter the authorization code from the redirect URL: ')

# Step 2: Exchange the authorization code for an access token
data = {
    'code': authorization_code,
    'grant_type': 'authorization_code',
    'redirect_uri': REDIRECT_URI
}
session = service.get_auth_session(data=data, decoder=lambda x: x.json())

# Step 3: Make an authenticated request
try:
    response = session.get('user/profile') # Example API endpoint
    response.raise_for_status() # Raise an exception for HTTP errors
    user_profile = response.json()
    print(f"Successfully fetched user profile: {user_profile}")
except Exception as e:
    print(f"Error during API request: {e}")
    if hasattr(e, 'response') and e.response is not None:
        print(f"Response content: {e.response.text}")

print('--- OAuth 2.0 Flow Complete ---')

view raw JSON →