Django的REST框架 - 从外部供应商提供的OAuth2消费者API [英] Django REST Framework - OAuth2 Consumer API from external provider
问题描述
我想授权用户使用的oauth2我的Django的REST API框架访问某些资源。
I am trying to authorize users to access some resources from my Django REST framework API using Oauth2.
有关的OAuth2和API处理大多数的答案与制作API提供商。
Most answers about Oauth2 and API deal with making the API a provider.
不过,我打算与大家分享许多REST API的一个的OAuth2提供者,我无法弄清楚如何消耗它(而不是如何提供的OAuth2)。
But I plan to share an Oauth2 provider with many REST APIs, and I can't figure out how to consume it (not how to provide Oauth2).
我不知道用户如何登录上提供SSO,然后传达其令牌来我耗费的API,它必须与我的供应商认证用户(找回它的信息,主要是授权)。
I have no idea how a user can log in on the provider SSO, and then communicate its token to my consuming API, which must authenticate users against my provider (getting back its information, mainly authorizations).
有没有人对如何从Django的REST框架消耗的oauth2线索?
Does anyone have a clue on how to consume Oauth2 from Django REST framework?
的图:的
[用户] - > [我的API] < - > [的oauth2提供商(带Django的OAuth的提供商)] LT; - > [活动目录/任何]
[User] -> [My API] <-> [Oauth2 provider (with django-oauth-provider)] <-> [Active Directory / anything ]
推荐答案
纵观code。在<一个href=\"https://github.com/tomchristie/django-rest-framework/blob/master/rest_framework/authentication.py#L290\" rel=\"nofollow\">https://github.com/tomchristie/django-rest-framework/blob/master/rest_framework/authentication.py#L290这似乎是不可能的。 Django的,其余的框架内访问提供商的数据库表来检查令牌和验证使用这些数据的请求。
Looking at the code at https://github.com/tomchristie/django-rest-framework/blob/master/rest_framework/authentication.py#L290 it seems just not possible. The django-rest-framework internally accesses provider's database tables to check for tokens and authenticates requests using these data.
这对我来说有点失败在所有的OAuth的目的,但在这里我们去。
Which for me kinda defeats the purpose of OAuth at all, but here we go.
这篇关于Django的REST框架 - 从外部供应商提供的OAuth2消费者API的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
