{"library":"pyop","title":"OpenID Connect Provider (OP) library for Python","description":"pyop is an OpenID Connect Provider (OP) library in Python, enabling applications to act as identity providers. It is actively maintained with a regular release cadence, adding new features, improving compatibility, and addressing bug fixes. The current version is 3.4.2.","language":"python","status":"active","last_verified":"Fri Apr 17","install":{"commands":["pip install pyop","pip install pyop[mongo]","pip install pyop[redis]"],"cli":null},"imports":["from pyop.server import Server","from pyop.storage import DictStorage"],"auth":{"required":false,"env_vars":[]},"quickstart":{"code":"import os\nfrom pyop.server import Server\nfrom pyop.storage import DictStorage\n\ndef create_op_server():\n    # In a real application, configuration would be loaded from a file or environment\n    OP_BASE_URL = os.environ.get('OP_BASE_URL', 'http://localhost:8090')\n    JWKS_URI = f'{OP_BASE_URL}/jwks.json'\n\n    # Client information (for registered clients)\n    # In a real scenario, this would come from a client registration process/database\n    CLIENTS = {\n        'test_client': {\n            'client_id': 'test_client',\n            'client_secret': 'test_secret',\n            'redirect_uris': ['http://localhost:8000/cb'],\n            'response_types': ['code', 'id_token', 'code id_token'],\n            'scope': ['openid', 'profile', 'email'],\n            'subject_type': 'pairwise'\n        }\n    }\n\n    # In-memory storage for demonstration purposes\n    # For production, use MongoStorage, RedisStorage, or a custom persistent storage\n    storage = DictStorage()\n    storage.store_clients(CLIENTS)\n\n    # Minimal server configuration\n    server_config = {\n        'issuer': OP_BASE_URL,\n        'jwks_uri': JWKS_URI,\n        'authentication_methods': ['client_secret_basic'],\n        'response_types_supported': ['code', 'id_token', 'code id_token'],\n        'subject_types_supported': ['pairwise'],\n        'scopes_supported': ['openid', 'profile', 'email'],\n        'claims_supported': ['sub', 'name', 'email', 'given_name', 'family_name']\n    }\n\n    op_server = Server(server_config, storage)\n    print(f\"OpenID Connect Provider Server initialized with issuer: {op_server.configuration.issuer}\")\n    return op_server\n\nif __name__ == '__main__':\n    # Example usage: this only initializes the server, does not run a web server.\n    # A production app would integrate this into Flask, Django, FastAPI, etc.\n    # Example: op_server.handle_authentication_request(request_params, session_id)\n    op = create_op_server()\n    # You would then integrate 'op' with your web framework to handle OIDC endpoints.","lang":"python","description":"This quickstart demonstrates how to initialize a basic pyop OpenID Connect Provider (OP) server using an in-memory dictionary storage. It sets up essential configuration like the issuer, JWKS URI, supported response types, and client information. For production environments, you would replace `DictStorage` with a persistent storage solution (e.g., `MongoStorage`, `RedisStorage`) and integrate the `Server` instance with your web framework (e.g., Flask, Django) to handle incoming OIDC requests at appropriate endpoints.","tag":null,"tag_description":null,"last_tested":null,"results":[]},"compatibility":null}