Jump to >


Web API support for OAuth2 authentication.

class OAuth2TokenBackendMixin[source]

Bases: object

A authentication backend mixin for OAuth2 tokens.

This is similar to oauth2_provider.backends.OAuth2Backend except it adds an extension point (verify_request()) for sub-classes using this mixin to add additional verification.

See also

oauth2_provider.backends.OAuth2Backend, which this implementation is based off of.


Attempt to authenticate a request.

Parameters:**credentials (dict) – The credentials for authentication.
Returns:If authentication succeeds, the user that authenticated, otherwise None.
Return type:django.contrib.auth.models.User
verify_request(request, token, user)[source]

Perform additional request verification.

This method can be overrided by subclasses to perform additional verification (e.g., against a custom Application model that can be enabled or disabled).

class WebAPIOAuth2TokenAuthBackend[source]

Bases: djblets.webapi.auth.backends.base.WebAPIAuthBackend

A WebAPI auth backend for handling OAuth2 tokens.


Return the credentials for authorization.

This will parse the Authorization header and retrieve the OAuth2 token code.

This ensures that we only accept OAuth2 tokens provided in the headers and not in the request body.

Parameters:request (django.htttp.HttpRequest) – The current HTTP request.
Returns:Either the OAuth2 token code, or None if it could not be parsed or was not present.
Return type:dict