Flask OAuthlib

1. Basic OAuth2 Implementation

from flask import Flask, request, redirect, url_for
from flask_oauthlib.client import OAuth2Client

app = Flask(__name__)
app.config['OAUTH2_CLIENT_ID'] = '123456'
app.config['OAUTH2_CLIENT_SECRET'] = 'abcdef'
oauth = OAuth2Client(app)

@app.route('/')
def index():
    return redirect(oauth.authorize_redirect('google'))

@app.route('/callback')
def callback():
    token = oauth.authorize_access_token()
    resp = oauth.get(
        'https://www.googleapis.com/oauth2/v2/userinfo')
    print(resp.data)
    return redirect(url_for('index'))

2. Customizing OAuth2 Configuration

from flask import Flask, request, redirect, url_for
from flask_oauthlib.client import OAuth2Client

app = Flask(__name__)
app.config['OAUTH2_CLIENT_ID'] = '123456'
app.config['OAUTH2_CLIENT_SECRET'] = 'abcdef'
app.config['OAUTH2_BASE_URL'] = 'https://example.com/oauth2/'
oauth = OAuth2Client(app)

@app.route('/')
def index():
    return redirect(oauth.authorize_redirect('google'))

@app.route('/callback')
def callback():
    token = oauth.authorize_access_token()
    resp = oauth.get(
        'https://example.com/oauth2/userinfo')
    print(resp.data)
    return redirect(url_for('index'))

3. Handling State Parameter

from flask import Flask, request, redirect, url_for
from flask_oauthlib.client import OAuth2Client

app = Flask(__name__)
app.config['OAUTH2_CLIENT_ID'] = '123456'
app.config['OAUTH2_CLIENT_SECRET'] = 'abcdef'

oauth = OAuth2Client(app)

@app.route('/')
def index():
    state = request.args.get('state')
    if state is None:
        return redirect(oauth.authorize_redirect('google'))
    return redirect(url_for('callback', state=state))

@app.route('/callback')
def callback():
    state = request.args.get('state')
    token = oauth.authorize_access_token(state=state)
    resp = oauth.get(
        'https://www.googleapis.com/oauth2/v2/userinfo')
    print(resp.data)
    return redirect(url_for('index'))

4. Using OAuth2 with Implicit Grant

from flask import Flask, request, redirect, url_for
from flask_oauthlib.client import OAuth2Client

app = Flask(__name__)
app.config['OAUTH2_CLIENT_ID'] = '123456'
app.config['OAUTH2_CLIENT_SECRET'] = None
oauth = OAuth2Client(app)

@app.route('/')
def index():
    return redirect(oauth.authorize_redirect('google'))

@app.route('/callback')
def callback():
    token = oauth.authorize_access_token()
    resp = oauth.get(
        'https://www.googleapis.com/oauth2/v2/userinfo')
    print(resp.data)
    return redirect(url_for('index'))

5. Using OAuth2 with PKCE

from flask import Flask, request, redirect, url_for
from flask_oauthlib.client import OAuth2Client

app = Flask(__name__)
app.config['OAUTH2_CLIENT_ID'] = '123456'
app.config['OAUTH2_CLIENT_SECRET'] = 'abcdef'
app.config['OAUTH2_PKCE_ENABLED'] = True
oauth = OAuth2Client(app)

@app.route('/')
def index():
    return redirect(oauth.authorize_redirect('google'))

@app.route('/callback')
def callback():
    token = oauth.authorize_access_token()
    resp = oauth.get(
        'https://www.googleapis.com/oauth2/v2/userinfo')
    print(resp.data)
    return redirect(url_for('index'))

6. Using OAuth2 with Multiple Providers

from flask import Flask, request, redirect, url_for
from flask_oauthlib.client import OAuth2Client

app = Flask(__name__)
app.config['OAUTH2_CLIENT_ID'] = {
    'google': '123456',
    'facebook': 'abcdef'
}
app.config['OAUTH2_CLIENT_SECRET'] = {
    'google': 'abcdef',
    'facebook': '123456'
}
oauth = OAuth2Client(app)

@app.route('/')
def index():
    return redirect(oauth.authorize_redirect('google'))

@app.route('/callback')
def callback():
    token = oauth.authorize_access_token()
    resp = oauth.get(
        'https://www.googleapis.com/oauth2/v2/userinfo')
    print(resp.data)
    return redirect(url_for('index'))

7. Using OAuth1 Implementation

from flask import Flask, request, redirect, url_for
from flask_oauthlib.client import OAuth1Client

app = Flask(__name__)
app.config['OAUTH1_CLIENT_ID'] = '123456'
app.config['OAUTH1_CLIENT_SECRET'] = 'abcdef'
oauth = OAuth1Client(app)

@app.route('/')
def index():
    return redirect(oauth.authorize_redirect('twitter'))

@app.route('/callback')
def callback():
    token = oauth.authorize_access_token()
    resp = oauth.get(
        'https://api.twitter.com/1.1/account/verify_credentials.json')
    print(resp.data)
    return redirect(url_for('index'))

8. Using OAuth2 with Authorization Server Discovery

from flask import Flask, request, redirect, url_for
from flask_oauthlib.client import OAuth2Client

app = Flask(__name__)
oauth = OAuth2Client(app)

@app.route('/')
def index():
    return redirect(oauth.authorize_redirect('google'))

@app.route('/callback')
def callback():
    token = oauth.authorize_access_token()
    resp = oauth.get(
        'https://www.googleapis.com/oauth2/v2/userinfo')
    print(resp.data)
    return redirect(url_for('index'))

9. Using OAuth2 with Dynamic Client Registration

from flask import Flask, request, redirect, url_for
from flask_oauthlib.client import OAuth2Client

app = Flask(__name__)
oauth = OAuth2Client(app)

@app.route('/')
def index():
    return redirect(oauth.authorize_redirect('example-client'))

@app.route('/callback')
def callback():
    token = oauth.authorize_access_token()
    resp = oauth.get(
        'https://example.com/api/v1/users/me')
    print(resp.data)
    return redirect(url_for('index'))

10. Using Refresh Tokens

from flask import Flask, request, redirect, url_for
from flask_oauthlib.client import OAuth2Client

app = Flask(__name__)
app.config['OAUTH2_REFRESH_TOKEN'] = '123456'
oauth = OAuth2Client(app)

@app.route('/')
def index():
    return redirect(oauth.authorize_redirect('google'))

@app.route('/callback')
def callback():
    token = oauth.authorize_access_token()
    resp = oauth.get(
        'https://www.googleapis.com/oauth2/v2/userinfo')
    print(resp.data)
    return redirect(url_for('index'))

11. Using OAuth2 with Scopes

from flask import Flask, request, redirect, url_for
from flask_oauthlib.client import OAuth2Client

app = Flask(__name__)
app.config['OAUTH2_CLIENT_ID'] = '123456'
app.config['OAUTH2_CLIENT_SECRET'] = 'abcdef'
app.config['OAUTH2_SCOPE'] = ['email', 'profile']
oauth = OAuth2Client(app)

@app.route('/')
def index():
    return redirect(oauth.authorize_redirect('google'))

@app.route('/callback')
def callback():
    token = oauth.authorize_access_token()
    resp = oauth.get(
        'https://www.googleapis.com/oauth2/v2/userinfo')
    print(resp.data)
    return redirect(url_for('index'))

12. Using OAuth2 with Custom Headers

from flask import Flask, request, redirect, url_for
from flask_oauthlib.client import OAuth2Client

app = Flask(__name__)
app.config['OAUTH2_CLIENT_ID'] = '123456'
app.config['OAUTH2_CLIENT_SECRET'] = 'abcdef'
app.config['OAUTH2_HEADERS'] = {
    'X-Requested-With': 'XMLHttpRequest'
}
oauth = OAuth2Client(app)

@app.route('/')
def index():
    return redirect(oauth.authorize_redirect('google'))

@app.route('/callback')
def callback():
    token = oauth.authorize_access_token()
    resp = oauth.get(
        'https://www.googleapis.com/oauth2/v2/userinfo')
    print(resp.data)
    return redirect(url_for('index'))

13. Using OAuth2 with Proxy

from flask import Flask, request, redirect, url_for
from flask_oauthlib.client import OAuth2Client

app = Flask(__name__)
app.config['OAUTH2_CLIENT_ID'] = '123456'
app.config['OAUTH2_CLIENT_SECRET'] = 'abcdef'
app.config['OAUTH2_PROXY'] = {
    'https': 'http://proxy.example.com'
}
oauth = OAuth2Client(app)

@app.route('/')
def index():
    return redirect(oauth.authorize_redirect('google'))

@app.route('/callback')
def callback():
    token = oauth.authorize_access_token()
    resp = oauth.get(
        'https://www.googleapis.com/oauth2/v2/userinfo')
    print(resp.data)
    return redirect(url_for('index'))

14. Using OAuth2 with Token Endpoint Auth

from flask import Flask, request, redirect, url_for
from flask_oauthlib.client import OAuth2Client

app = Flask(__name__)
app.config['OAUTH2_CLIENT_ID'] = '123456'
app.config['OAUTH2_CLIENT_SECRET'] = 'abcdef'
app.config['OAUTH2_TOKEN_ENDPOINT_AUTH_METHOD'] =\
    'client_secret_basic'
oauth = OAuth2Client(app)

@app.route('/')
def index():
    return redirect(oauth.authorize_redirect('google'))

@app.route('/callback')
def callback():
    token = oauth.authorize_access_token()
    resp = oauth.get(
        'https://www.googleapis.com/oauth2/v2/userinfo')
    print(resp.data)
    return redirect(url_for('index'))

15. Using OAuth2 with Implicit Grant without User Consent

from flask import Flask, request, redirect, url_for
from flask_oauthlib.client import OAuth2Client

app = Flask(__name__)
app.config['OAUTH2_CLIENT_ID'] = '123456'
app.config['OAUTH2_CLIENT_SECRET'] = None
app.config['OAUTH2_GRANT_TYPE'] = 'implicit'
app.config['OAUTH2_ACCESS_TOKEN_EXPIRES_IN'] = 3600
oauth = OAuth2Client(app)

@app.route('/')
def index():
    return redirect(oauth.authorize_redirect('google'))

@app.route('/callback')
def callback():
    token = oauth.authorize_access_token()
    resp = oauth.get(
        'https://www.googleapis.com/oauth2/v2/userinfo')
    print(resp.data)
    return redirect(url_for('index'))

16. Using OAuth2 with Explicit PKCE Code Exchange

from flask import Flask, request, redirect, url_for
from flask_oauthlib.client import OAuth2Client

app = Flask(__name__)
app.config['OAUTH2_CLIENT_ID'] = '123456'
app.config['OAUTH2_CLIENT_SECRET'] = 'abcdef'
app.config['OAUTH2_PKCE_ENABLED'] = True
app.config['OAUTH2_PKCE_CODE_EXCHANGE'] = True
oauth = OAuth2Client(app)

@app.route('/')
def index():
    return redirect(oauth.authorize_redirect('google'))

@app.route('/callback')
def callback():
    token = oauth.authorize_access_token()
    resp = oauth.get(
        'https://www.googleapis.com/oauth2/v2/userinfo')
    print(resp.data)
    return redirect(url_for('index'))

17. Using OAuth2 with Client Side Flow

from flask import Flask, request, redirect, url_for
from flask_oauthlib.client import OAuth2Client

app = Flask(__name__)
app.config['OAUTH2_CLIENT_ID'] = '123456'
app.config['OAUTH2_CLIENT_SECRET'] = 'abcdef'
app.config['OAUTH2_REDIRECT_URI'] = 'http://localhost:5000/callback'
oauth = OAuth2Client(app)

@app.route('/')
def index():
    return redirect(oauth.authorize_redirect('google'))

@app.route('/callback')
def callback():
    token = oauth.authorize_access_token()
    resp = oauth.get(
        'https://www.googleapis.com/oauth2/v2/userinfo')
    print(resp.data)
    return redirect(url_for('index'))

18. Using OAuth2 with Private Key

from flask import Flask, request, redirect, url_for
from flask_oauthlib.client import OAuth2Client

app = Flask(__name__)
app.config['OAUTH2_CLIENT_ID'] = '123456'
app.config['OAUTH2_CLIENT_SECRET'] = None
app.config['OAUTH2_PRIVATE_KEY_PATH'] = 'private_key.pem'
oauth = OAuth2Client(app)

@app.route('/')
def index():
    return redirect(oauth.authorize_redirect('google'))

@app.route('/callback')
def callback():
    token = oauth.authorize_access_token()
    resp = oauth.get(
        'https://www.googleapis.com/oauth2/v2/userinfo')
    print(resp.data)
    return redirect(url_for('index'))

19. Using OAuth2 with Refresh Token Flow

from flask import Flask, request, redirect, url_for
from flask_oauthlib.client import OAuth2Client

app = Flask(__name__)
app.config['OAUTH2_CLIENT_ID'] = '123456'
app.config['OAUTH2_CLIENT_SECRET'] = 'abcdef'
app.config['OAUTH2_REFRESH_TOKEN_FLOW'] = True
oauth = OAuth2Client(app)

@app.route('/')
def index():
    return redirect(oauth.authorize_redirect('google'))

@app.route('/callback')
def callback():
    token = oauth.authorize_access_token()
    resp = oauth.get(
        'https://www.googleapis.com/oauth2/v2/userinfo')
    print(resp.data)
    return redirect(url_for('index'))

20. Using OAuth2 with Authorization Code Flow

from flask import Flask, request, redirect, url_for
from flask_oauthlib.client import OAuth2Client

app = Flask(__name__)
app.config['OAUTH2_CLIENT_ID'] = '123456'
app.config['OAUTH2_CLIENT_SECRET'] = 'abcdef'
app.config['OAUTH2_FLOW'] = 'authorization_code'
oauth = OAuth2Client(app)

@app.route('/')
def index():
    return redirect(oauth.authorize_redirect('google'))

@app.route('/callback')
def callback():
    token = oauth.authorize_access_token()
    resp = oauth.get(
        'https://www.googleapis.com/oauth2/v2/userinfo')
    print(resp.data)
    return redirect(url_for('index'))

21. Using OAuth2 with Device Flow

from flask import Flask, request, redirect, url_for
from flask_oauthlib.client import OAuth2Client

app = Flask(__name__)
app.config['OAUTH2_CLIENT_ID'] = '123456'
app.config['OAUTH2_CLIENT_SECRET'] = 'abcdef'
app.config['OAUTH2_FLOW'] = 'device'
oauth = OAuth2Client(app)

@app.route('/')
def index():
    return redirect(oauth.authorize_redirect('google'))

@app.route('/callback')
def callback():
    token = oauth.authorize_access_token()
    resp = oauth.get(
        'https://www.googleapis.com/oauth2/v2/userinfo')
    print(resp.data)
    return redirect(url_for('index'))

22. Using OAuth2 with Token Exchange Flow

from flask import Flask, request, redirect, url_for
from flask_oauthlib.client import OAuth2Client

app = Flask(__name__)
app.config['OAUTH2_CLIENT_ID'] = '123456'
app.config['OAUTH2_CLIENT_SECRET'] = 'abcdef'
app.config['OAUTH2_FLOW'] = 'token_exchange'
oauth = OAuth2Client(app)

@app.route('/')
def index():
    return redirect(oauth.authorize_redirect('google'))

@app.route('/callback')

PreviousFlask Moment NextFlask RESTful reqparse