Implementing OAuth 2.0 from SCRATCH
HTML-код
- Опубликовано: 19 май 2024
- Even if you choose not to implement it yourself in your application, OAuth 2.0 is definitely one of those things that's useful to know inside and out. In this video, we'll be implementing it in Python using the requests library!
-
If you enjoy my content, consider supporting me on Patreon or becoming a member!
• Patreon: / carberra
• Membership: / @carberra
Follow me elsewhere for even more Carberra!
• Discord: / discord
• Instagram: / carberratutorials
I get a lot of people asking, so here's my setup!
• Visual Studio Code: • My Visual Studio Code ...
• Terminal: • Make your terminal loo...
-
If you have any questions, don't hesitate to ask in the comments! I'll try and answer as soon as I can, providing someone else hasn't already done so.
#python #coding #howto
Thank you! It’s something new I learned tbh ❤
Thanks, this will be very helpful, refactoring my oauth … sadly not all provided libraries are easy to use
The json module has a "load" method to read a json file directly. There is no need to use either OS or Pathlib to load the json file. 😜
# Typical usage:
with ("secrets.json", "r") as file:
secrets = json.load(file)
Can't one-line it though! (Well, unless you don't close it.)
@@Carberra Oops mistake... it should have been
with open("secrets.json", "r") as file:
secrets = json.load(file)
I prefer Pathlib for all file-system operations because it's a lot easier to handle exceptions, relative/absolute conversions, and most importantly one-line code for read/write operations.
@@yibowei9636 I might argue that using the "with" keyword (context manager) is more "Pythonic". 🐍🐍🐍
If handling exception/s is required, I tend to use the following:
try:
with open(file, "r") as file:
# do something
json.load(file)
except IOError as ioe:
print(ioe)
except Exception as e:
print(e)
Great explanation. It will improve my access/refresh handling! I wrote an ugly selenium script to automate the authorize part. For my application the access/refresh tokens are very shortlived. Have you (or anybody) thought about automating the authorization part?
Thanks! As far as I know the authorisation part is designed specifically so it can't be automated. I don't know if anyone's managed it, but I tried once and couldn't manage it. I didn't try anything with Selenium though.
I think Selenium is kind of last resort to hack the unhackable. I don't think it will be resistant to changes on the website. But for now it avoids many clicks...There might me more maintable options than Selenium. But my knowledge here is limited...
Dunno... It's good to learn about these things but I don't think I'd ever be comfortable writing security critical things like this myself. There's a long, careful academic / peer / deployment process the libraries go through that I just couldn't duplicate on my own. Nah, I'd never get above 99.9% confident there wasn't a hidden exploit and that's just not good enough... On this sort of thing I'm going to be risk adverse and use a library all day long.