awesome-repositories.com
Blog
awesome-repositories.com

Entdecke die besten Open-Source-Repositories mit KI-gestützter Suche.

EntdeckenKuratierte SuchenOpen-Source-AlternativenSelf-hosted SoftwareBlogSitemap
ProjektÜber unsRanking-MethodikPresseMCP-Server
RechtlichesDatenschutzAGB
© 2026 Bringes Technology SRL·VAT RO45896025·hello@awesome-repositories.com
·
authlib avatar

authlib/authlib

0
View on GitHub↗
5,346 Stars·541 Forks·Python·BSD-3-Clause·5 Aufrufeauthlib.org↗

Authlib

Authlib ist eine umfassende Python-Bibliothek zum Erstellen und Integrieren von OAuth 1.0-, OAuth 2.0- und OpenID Connect-Clients und -Servern. Sie bietet ein einheitliches Set an Tools zur Verwaltung von Authentifizierungs- und Autorisierungsabläufen, wodurch Anwendungen entweder als Client, der sich mit externen Identitätsanbietern verbindet, oder als Anbieter, der Tokens ausstellt und Benutzeridentitäten verwaltet, agieren können.

Das Projekt zeichnet sich durch eine vollständige Implementierung der JOSE-Standards aus und bietet eine Suite kryptografischer Tools zum Generieren, Signieren, Verschlüsseln und Validieren von JSON Web Tokens, Signaturen, Verschlüsselung und Schlüsseln. Es unterstützt eine breite Palette an Algorithmen, einschließlich RSA, ECDSA, EdDSA und HMAC, sowie spezialisierte Funktionen für JSON Web Key-Management und Content-Entschlüsselung.

Über die Kern-Identitätsprotokolle hinaus deckt die Bibliothek Autorisierungsserver-Logik ab, einschließlich Grant-Type-Dispatching, Token-Lebenszyklusmanagement und dynamischer Client-Registrierung. Sie enthält zudem Funktionen für den Schutz von Ressourcenservern durch Bearer-Token-Validierung, PKCE-Sicherheit und Token-Introspektion.

Die Bibliothek ist mit einer asynchron-kompatiblen Transportschicht konzipiert, um verschiedene Python-Web-Frameworks zu unterstützen.

Features

  • JOSE Specifications - Provides a comprehensive implementation of JOSE standards, including JWS, JWE, and JWK.
  • OAuth 2.0 Authorization Servers - Provides a full authorization server implementation that manages client registrations and issues access tokens.
  • OpenID Connect Support - Provides a comprehensive implementation of the OpenID Connect protocol for user authentication and profile management.
  • Access and Refresh Token Issuances - Generates and stores access and refresh tokens after successful authorization flows.
  • JWT Format Tokens - Generates signed JSON Web Tokens as access tokens containing identity claims and expiration timestamps.
  • OpenID Connect Token Validations - Parses and validates OpenID Connect identity tokens to establish and verify user identity.
  • Metadata Validations - Validates client configurations including allowed grant types and redirect URIs for authorization requests.
  • Token Lifecycle Management - Tracks token expiration and revocation status to manage the validity of active sessions.
  • JWT Parsing - Implements the process of decoding compact token strings and retrieving payloads through signature validation.
  • JWT Claim Validation - Verifies standard claims within JSON Web Tokens to ensure essential payload data is present and valid.
  • JWT Generation - Implements the process of creating signed or encrypted JSON Web Tokens for secure data transmission.
  • Token Generation - Creates token dictionaries including access and refresh tokens based on grant types and requested scopes.
  • OAuth 2.0 Authorization Flows - Implements standard OAuth 2.0 client flows for exchanging authorization codes and managing tokens.
  • Client Registrations - Provides an API endpoint for dynamic OAuth client registration, including support for JWT software statements.
  • OAuth 2.0 Client Implementations - Integrates with external authorization servers to request access tokens and authenticate users across environments.
  • OAuth 2.0 Resource Servers - Provides a full implementation for building OAuth 2.0 resource servers that protect APIs through token validation.
  • OAuth and OpenID Connect Libraries - Serves as a comprehensive Python library for building OAuth 1.0, OAuth 2.0, and OpenID Connect clients and servers.
  • OAuth Grant Type Handlers - Routes authorization requests to specific handler logic based on the OAuth 2.0 grant type parameter.
  • OpenID Connect Providers - Implements OpenID Connect providers to issue identity tokens and enable standardized single sign-on.
  • Grant Handling - Implements OpenID Connect authorization request handling with support for code, implicit, and hybrid flows.
  • JWT Signing and Verification - Provides capabilities for creating and validating JSON Web Tokens using HMAC, RSA, and ECDSA signatures.
  • Token Signing Operations - Implements cryptographic signing of tokens using private keys to ensure client authenticity and integrity.
  • Authorization Code Management - Manages the creation and validation of short-lived authorization codes for confidential clients.
  • OAuth Client Metadata Validations - Validates incoming request parameters against registered client configurations to enforce redirect URIs and grant permissions.
  • Stateless Token Validation - Verifies JWT authenticity and claims locally using cryptographic signatures without database lookups.
  • OAuth Bearer Token Middlewares - Provides middleware to validate bearer tokens and verify permissions for protecting API endpoints.
  • OAuth Client Management - Allows editing and deleting registered OAuth clients via an API using the Dynamic Client Registration Management Protocol.
  • OAuth Client Registrations - Exposes standard endpoints for dynamic client registration and discovery according to RFC specifications.
  • OAuth 1.0 Authenticators - Implements the OAuth 1.0 protocol to authenticate requests to legacy APIs.
  • Token Revocation - Implements a dedicated endpoint for invalidating access and refresh tokens to prevent unauthorized continued use.
  • ECDSA JWT Signers - Uses the Elliptic Curve Digital Signature Algorithm to create compact asymmetric signatures for JSON Web Tokens.
  • RSA Signing Implementations - Implements RSA public-key cryptography with PKCS1v15 or PSS padding for asymmetric token signing.
  • Encrypted JWT Generation - Secures token payloads using symmetric or asymmetric encryption algorithms via the JWE standard.
  • JSON Web Key Pair Management - Provides tools to import and export JSON Web Keys using specific curve specifications like Ed25519 and X25519.
  • ECDH-ES Implementations - Implements the Elliptic Curve Diffie-Hellman Ephemeral Static algorithm for JSON Web Encryption.
  • HMAC JWT Signers - Implements symmetric signing for JSON Web Tokens using shared secrets and HMAC-SHA hashing.
  • Service Account Authorization - Handles automatic token authorization for service-to-service account communication using the Assertion Framework.
  • Service Account Authenticators - Obtains authorization grants using assertion-based service accounts to enable non-interactive logins.
  • OAuth Device Flows - Facilitates the OAuth 2.0 Device Authorization Grant for users on input-constrained devices.
  • JSON Web Key Imports - Converts PEM, JSON, or raw bytes into standardized JSON Web Key (JWK) structures.
  • Key Resolution - Identifies and selects the correct public key from a set to verify a specific token signature.
  • JSON Web Signatures - Implements the JWS standard to create and verify signed payloads using symmetric and asymmetric algorithms.
  • JWT Authentication - Verifies the identity of a client using signed JWT assertions with symmetric or asymmetric keys.
  • JSON Web - Configures and manages cryptographic keys following the JSON Web Key (JWK) standard.
  • JSON Web Encryption Decryptions - Decodes compact JWE strings back into their original header and payload using private keys.
  • OAuth 1.0 Authentication Strategies - Manages authorization requests and user approval flows specifically for the OAuth 1.0 protocol.
  • PKCE Authorization Flows - Secures authorization code flows using code challenges and verifiers to protect public clients from interception.
  • OAuth Client Authentications - Verifies client identities using multiple methods, including HTTP Basic, POST parameters, or custom logic.
  • Token Payload Encryption - Secures token content using key wrapping and encryption algorithms such as RSA, AES, and ECDH-ES.
  • Client Registrations - Provides registration and configuration of third-party services as OIDC clients with support for OIDC-specific metadata.
  • UserInfo Endpoints - Exposes UserInfo endpoints to return authenticated user profile information as JSON payloads or signed JWTs.
  • Pluggable Token Persistence - Allows developers to define custom storage logic for access and refresh tokens via callbacks.
  • Bearer Token Validators - Provides tools to verify that bearer access tokens are active and possess the required scopes.
  • JWT Token Validators - Verifies the authenticity, expiration, and claims of incoming JSON Web Tokens to protect resources.
  • Token Introspection - Checks the current validity and metadata of a token by querying a remote introspection endpoint.
  • Token Introspection and Revocation Endpoints - Exposes standard OAuth 2.0 endpoints for checking token validity and metadata.
  • EdDSA Signatures - Uses the Edwards-curve Digital Signature Algorithm to sign payloads within JSON Web Signatures.
  • JWT Grant Validation - Validates signed tokens as authorization grants to issue access tokens without traditional credentials.
  • Device Grant Implementations - Implements the OAuth 2.0 Device Authorization Grant, coordinating device codes and user verification.
  • Async-Sync Compatibility Layers - Provides an architectural bridge allowing authentication logic to work in both synchronous and asynchronous Python environments.
  • Authentication - Listed in the “Authentication” section of the Awesome Python awesome list.
  • Authentication and Permissions - JavaScript Object Signing and Encryption draft implementation.

Star-Verlauf

Star-Verlauf für authlib/authlibStar-Verlauf für authlib/authlib

KI-Suche

Entdecke weitere awesome Repositories

Beschreibe in einfachen Worten, was du brauchst — die KI bewertet tausende kuratierte Open-Source-Projekte nach Relevanz.

Start searching with AI

Häufig gestellte Fragen

Was macht authlib/authlib?

Authlib ist eine umfassende Python-Bibliothek zum Erstellen und Integrieren von OAuth 1.0-, OAuth 2.0- und OpenID Connect-Clients und -Servern. Sie bietet ein einheitliches Set an Tools zur Verwaltung von Authentifizierungs- und Autorisierungsabläufen, wodurch Anwendungen entweder als Client, der sich mit externen Identitätsanbietern verbindet, oder als Anbieter, der Tokens ausstellt und Benutzeridentitäten verwaltet, agieren können.

Was sind die Hauptfunktionen von authlib/authlib?

Die Hauptfunktionen von authlib/authlib sind: JOSE Specifications, OAuth 2.0 Authorization Servers, OpenID Connect Support, Access and Refresh Token Issuances, JWT Format Tokens, OpenID Connect Token Validations, Metadata Validations, Token Lifecycle Management.

Welche Open-Source-Alternativen gibt es zu authlib/authlib?

Open-Source-Alternativen zu authlib/authlib sind unter anderem: lepture/authlib — Authlib is a comprehensive Python framework for implementing OAuth 1.0, OAuth 2.0, and OpenID Connect clients and… doorkeeper-gem/doorkeeper — Doorkeeper is an OAuth 2 authorization server and provider for Ruby on Rails and Grape applications. It provides the… anomalyco/openauth — OpenAuth is a standards-based authentication server and identity provider that implements OAuth 2.0 and OpenID Connect… thephpleague/oauth2-server — This project is a PHP library for implementing a spec-compliant OAuth 2.0 authorization server. It serves as an… openiddict/openiddict-core — This project is a .NET identity stack and server framework used to build certified OpenID Connect and OAuth 2.0… jwtk/jjwt — This is a Java library and framework for creating, parsing, and validating JSON Web Tokens within Java and Android…

Open-Source-Alternativen zu Authlib

Ähnliche Open-Source-Projekte, sortiert nach der Anzahl der gemeinsamen Funktionen mit Authlib.
  • lepture/authlibAvatar von lepture

    lepture/authlib

    5,346Auf GitHub ansehen↗

    Authlib is a comprehensive Python framework for implementing OAuth 1.0, OAuth 2.0, and OpenID Connect clients and servers. It provides a complete toolkit for identity management, spanning the development of authorization servers, resource servers, and client-side integrations. The library distinguishes itself through a full implementation of the JOSE specifications, including JSON Web Tokens, Encryption, Signatures, and Keys. It features specialized capabilities for non-interactive authentication via service account assertion frameworks and a compliance-correction layer designed to handle ide

    Python
    Auf GitHub ansehen↗5,346
  • doorkeeper-gem/doorkeeperAvatar von doorkeeper-gem

    doorkeeper-gem/doorkeeper

    5,501Auf GitHub ansehen↗

    Doorkeeper is an OAuth 2 authorization server and provider for Ruby on Rails and Grape applications. It provides the necessary framework to build an authorization server that issues and validates security tokens for third-party applications, effectively acting as a security middleware to protect API endpoints. The project integrates an identity layer via OpenID Connect to verify user identities and retrieve profile information. It supports a variety of security patterns, including the implementation of the PKCE flow for public clients and the issuance of stateless JSON Web Tokens. Its broade

    Ruby
    Auf GitHub ansehen↗5,501
  • anomalyco/openauthAvatar von anomalyco

    anomalyco/openauth

    6,971Auf GitHub ansehen↗

    OpenAuth is a standards-based authentication server and identity provider that implements OAuth 2.0 and OpenID Connect protocols. It serves as a centralized system for managing user identities, issuing access tokens, and orchestrating authentication flows across various services. The project functions as a federated identity gateway, aggregating external providers such as Google, GitHub, Microsoft, Apple, and Discord into a unified login flow. It distinguishes itself with a multi-tenant architecture that supports pluggable identity providers and customizable user interface frameworks for bran

    TypeScript
    Auf GitHub ansehen↗6,971
  • thephpleague/oauth2-serverAvatar von thephpleague

    thephpleague/oauth2-server

    6,650Auf GitHub ansehen↗

    This project is a PHP library for implementing a spec-compliant OAuth 2.0 authorization server. It serves as an authentication framework for managing user identities and client authorizations, providing the necessary components to issue and validate access and refresh tokens. The server supports a wide range of standardized authorization flows, including authorization code exchange, device grants, implicit flows, and PKCE enforcement. It handles complex token lifecycles through refresh token rotation, scope management, and the use of asymmetric keys for signing digital tokens. The system pro

    PHPoauthoauth2oauth2-server
    Auf GitHub ansehen↗6,650
  • Alle 30 Alternativen zu Authlib anzeigen→