Oauth2 server with Plone

MartronicSA · February 13, 2017, 10:16am

We have to authenticate an external service that has to acces content in Plone.
That external service needs a token from an oauth2 server. Is there a way to make Plone oauth2 server?
Do you know a plugin to make an oauth2 server with Plone? (using Plone login/pwd and returning token instead of cookie)

Thank you!

fredvd · February 14, 2017, 9:07am

Hi,

I'm not an oauth expert, but a quick search on pypi shows a few oauth modules for Plone:

pmr2.oauth (https://pypi.python.org/pypi/pmr2.oauth/0.6.1) seems to be well maintained and mature, the underlying used oauthlib library supports oauth1 and oauth2 but the pmr2.oauth documentation says oauth 1.0 only. Maybe you can contact the authors and discuss with them and other stakeholders the possibilities for adding oauth2 support.

djay · February 14, 2017, 9:24am

@fredvd I think he's asking for plone to be the oauth server/identity provider, rather than have plone authenticate against other oauth servers. I might be wrong but I think the plugin you mentioned is only a client.

fredvd · February 14, 2017, 9:35am

The headline on the pypi Page says:

pmr2.oauth 0.6.1
OAuth PAS Plugin, OAuth 1.0 provider for Plone.

Provider is an identity provider AFAIK. (I'm not the expert as well, but hopefully the pypi search info might show up other add'ons as well for him.)

MartronicSA · February 14, 2017, 9:46am

Thank you for pointing me on that module. It seems to be worth to try it out.