On 16 November 2016 at 22:50, Cory Benfield <c...@lukasa.co.uk> wrote: > >> On 16 Nov 2016, at 11:51, Roland Hedberg <rol...@catalogix.se> wrote: >> >> The bottom line is of course that it would benefit the community to have a >> high quality OAuth2/OIDC implementation within easy reach. > > I think the core question you need to answer for this proposal is: why is > “pip install oic” not easy-enough reach?
From an architectural point of view, I'd also note that anyone trying to do modern web and network service development *without* the ability to use additional components beyond the standard library toolkit has many more problems than just the lack of a readily accessible OAuth2/OIDC implementation (such as the absence of 'requests' itself). I do think it could be useful for you to ask the requests developers if they'd be willing to explicitly recommend a particular approach to implementing OIDC atop requests and provide a pointer from their documentation. Searching on Google for "python oidc" indicates both "pip install oidc" and "pip install oic" are available (with the latter being the case discussed here), but of the two, only yours appears to provide API usage documentation. The protocol walkthrough at http://pyoidc.readthedocs.io/en/latest/howto/rp.html seems like it would be particularly useful to many folks as a hands-on introduction to the steps involved in OIDC based client authentication. Cheers, Nick. -- Nick Coghlan | ncogh...@gmail.com | Brisbane, Australia _______________________________________________ Python-ideas mailing list Python-ideas@python.org https://mail.python.org/mailman/listinfo/python-ideas Code of Conduct: http://python.org/psf/codeofconduct/
