2 مستودعات
Verification processes ensuring that the requested grant type is permissible for the client and user.
Distinct from Custom OAuth Grant Types: Focuses on the validation logic of the grant request rather than the registration of custom types.
Explore 2 awesome GitHub repositories matching security & cryptography · Grant Type Validations. Refine with filters or upvote what's useful.
This project is a PHP library for implementing a spec-compliant OAuth 2.0 authorization server. It serves as an authentication framework for managing user identities and client authorizations, providing the necessary components to issue and validate access and refresh tokens. The server supports a wide range of standardized authorization flows, including authorization code exchange, device grants, implicit flows, and PKCE enforcement. It handles complex token lifecycles through refresh token rotation, scope management, and the use of asymmetric keys for signing digital tokens. The system pro
Validates client and user credentials across various grant flows to ensure secure API access.
Authlib is a comprehensive Python library for building and integrating OAuth 1.0, OAuth 2.0, and OpenID Connect clients and servers. It provides a unified set of tools to manage authentication and authorization flows, allowing applications to either act as a client connecting to external identity providers or as a provider issuing tokens and managing user identities. The project distinguishes itself through a full implementation of the JOSE standards, offering a suite of cryptographic tools for generating, signing, encrypting, and validating JSON Web Tokens, Signatures, Encryption, and Keys.
Validates client configurations including allowed grant types and redirect URIs for authorization requests.