Configuration

OAuth2Server configuration variables.

invenio_oauth2server.config.OAUTH2SERVER_ALLOWED_GRANT_TYPES = set(['client_credentials', 'refresh_token', 'authorization_code'])

A set of allowed grant types.

The allowed values are authorization_code, password, client_credentials, refresh_token). By default password is disabled, as it requires the client application to gain access to the username and password of the resource owner.

invenio_oauth2server.config.OAUTH2SERVER_ALLOWED_RESPONSE_TYPES = set(['token', 'code'])

A set of allowed response types.

The allowed values are code and token.

  • code is used for authorization_code grant types
  • token is used for implicit grant types
invenio_oauth2server.config.OAUTH2SERVER_ALLOWED_URLENCODE_CHARACTERS = '=&;:%+~,*@!()/?'

A string of special characters that should be valid inside a query string.

See also

See monkeypatch_oauthlib_urlencode_chars for a full explanation.

invenio_oauth2server.config.OAUTH2SERVER_CLIENT_ID_SALT_LEN = 40

Length of client id.

invenio_oauth2server.config.OAUTH2SERVER_CLIENT_SECRET_SALT_LEN = 60

Length of the client secret.

invenio_oauth2server.config.OAUTH2SERVER_JWT_AUTH_HEADER = 'Authorization'

Header for the JWT.

Note

Authorization: Bearer xxx

invenio_oauth2server.config.OAUTH2SERVER_JWT_AUTH_HEADER_TYPE = 'Bearer'

Header Authorization type.

Note

By default the authorization type is Bearer as recommented by JWT

invenio_oauth2server.config.OAUTH2SERVER_JWT_VERYFICATION_FACTORY = 'invenio_oauth2server.utils:jwt_verify_token'

Import path of factory used to verify JWT.

The request.headers should be passed as parameter.

invenio_oauth2server.config.OAUTH2SERVER_TOKEN_PERSONAL_SALT_LEN = 60

Length of the personal access token.

invenio_oauth2server.config.OAUTH2_CACHE_TYPE = 'redis'

Type of cache to use for storing the temporary grant token.

invenio_oauth2server.config.OAUTH2_PROVIDER_ERROR_ENDPOINT = 'invenio_oauth2server.errors'

Error view endpoint.

invenio_oauth2server.config.OAUTH2_PROVIDER_TOKEN_EXPIRES_IN = 3600

Life time of an access token.