Some notes Steve Martinelli sent me to help:
1. The following are spots where we currently use the old library: https://github.com/openstack/keystone/blob/master/keystone/contrib/oauth1/core.py#L33 (to 40 - plug points for the library) https://github.com/openstack/keystone/blob/master/keystone/contrib/oauth1/core.py#L123 (splitting headers) https://github.com/openstack/keystone/blob/master/keystone/contrib/oauth1/controllers.py#L181 (to 192 - verifying request for request token call) https://github.com/openstack/keystone/blob/master/keystone/contrib/oauth1/controllers.py#L251 (to 267 - verifying request for access token call) https://github.com/openstack/keystone/blob/master/keystone/auth/plugins/oauth1.py#L57 (to 72 - verifying request for authenticate call) https://github.com/openstack/keystone/blob/master/keystone/tests/test_v3_oauth1.py (a bunch of places)
2a. The part that bugs me about oauthlib is the fact that you have to implement an interface (RequestValidator), https://oauthlib.readthedocs.org/en/latest/oauth1/server.html#implement-a-validator . At least this is my impression upon reading the docs. 2b. Actual RequestValidator class: https://github.com/idan/oauthlib/blob/master/oauthlib/oauth1/rfc5849/request_validator.py , raises a lot of not implemented exceptions.
3. I did find one instance of a coder that had to switch from using python-oauth2 to oauthlib, for a client application he was writing, it'll be handy for migrating the tests: https://github.com/gfairchild/yelpapi/commit/71b0a947d56445fe71750255827a07c56ce3f1e5
Indeed, the RequestValidator might be the tricky part.
Some notes Steve Martinelli sent me to help:
1. The following are spots where we currently use the old library: /github. com/openstack/ keystone/ blob/master/ keystone/ contrib/ oauth1/ core.py# L33 (to 40 - plug points for the library) /github. com/openstack/ keystone/ blob/master/ keystone/ contrib/ oauth1/ core.py# L123 (splitting headers) /github. com/openstack/ keystone/ blob/master/ keystone/ contrib/ oauth1/ controllers. py#L181 (to 192 - verifying request for request token call) /github. com/openstack/ keystone/ blob/master/ keystone/ contrib/ oauth1/ controllers. py#L251 (to 267 - verifying request for access token call) /github. com/openstack/ keystone/ blob/master/ keystone/ auth/plugins/ oauth1. py#L57 (to 72 - verifying request for authenticate call) /github. com/openstack/ keystone/ blob/master/ keystone/ tests/test_ v3_oauth1. py (a bunch of places)
https:/
https:/
https:/
https:/
https:/
https:/
2a. The part that bugs me about oauthlib is the fact that you have to implement an interface (RequestValidator), https:/ /oauthlib. readthedocs. org/en/ latest/ oauth1/ server. html#implement- a-validator . At least this is my impression upon reading the docs. /github. com/idan/ oauthlib/ blob/master/ oauthlib/ oauth1/ rfc5849/ request_ validator. py , raises a lot of not implemented exceptions.
2b. Actual RequestValidator class: https:/
3. I did find one instance of a coder that had to switch from using python-oauth2 to oauthlib, for a client application he was writing, it'll be handy for migrating the tests: https:/ /github. com/gfairchild/ yelpapi/ commit/ 71b0a947d56445f e71750255827a07 c56ce3f1e5
Indeed, the RequestValidator might be the tricky part.