8000 Support for authentication schemes by tomchristie · Pull Request #121 · core-api/python-client · GitHub
[go: up one dir, main page]
Skip to content
This repository was archived by the owner on Mar 18, 2019. It is now read-only.

Support for authentication schemes #121

Merged
merged 4 commits into from
Mar 9, 2017
Merged

Support for authentication schemes #121

Changes from 1 commit
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
a91c765
Add support for auth schemes
tomchristie Mar 8, 2017
f719334
Improve error titles
tomchristie Mar 8, 2017
704337e
Use 'scheme' not 'prefix' for TokenAuthentication.
tomchristie Mar 9, 2017
8cfad1d
Tweak docs
tomchristie Mar 9, 2017
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Tweak docs
  • Loading branch information
@tomchristie
tomchristie committed Mar 9, 2017
commit 8cfad1d30845b1e6f99785c1ddede4a283725701
10 changes: 5 additions & 5 deletions docs/api-guide/auth.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ Authentication instances are responsible for handling the network authentication

Typically, you'll provide authentication configuration by passing an authentication instance to the client.

import coreapi
import coreapi

auth = coreapi.auth.BasicAuthentication(username='...', password='...')
coreapi.Client(auth=auth)
Expand Down Expand Up @@ -43,18 +43,18 @@ Uses [HTTP Basic Authentication][basic-auth].

Uses [HTTP Bearer token authentication][bearer-auth], and can be used for OAuth 2, JWT, and custom token authentication schemes.

Outgoing requests will include the provided token in the request`Authorization` headers, in the following format:
Outgoing requests will include the provided token in the request `Authorization` headers, in the following format:

Authorization: Bearer xxxx-xxxxxxxx-xxxx

The prefix may be customized if required, in order to support HTTP authentication schemes that are not [officially registered][http-auth-schemes].
The scheme name may be customized if required, in order to support HTTP authentication schemes that are not [officially registered][http-auth-schemes].

A typical authentication flow using `TokenAuthentication` would be:

* Using an unauthenticated client make a request providing the users credentials to an endpoint to that returns an API token.
* Instantiate an authenticated client using the returned token, and use this for all future requests.

**Signature**: `TokenAuthentication(token, prefix='Bearer', domain='*')`
**Signature**: `TokenAuthentication(token, scheme='Bearer', domain='*')`

### SessionAuthentication

Expand All @@ -81,4 +81,4 @@ Custom authentication classes may be created by subclassing `requests.AuthBase`,

[basic-auth]: https://tools.ietf.org/html/rfc7617
[bearer-auth]: https://tools.ietf.org/html/rfc6750
[http-auth-schemes]: https://www.iana.org/assignments/http-authschemes/
[http-auth-schemes]: https://www.iana.org/assignments/http-authschemes/
0