feat(client): replace basic auth with OAuth ROPC flowfeat/oauth2-resource-password-flow

author: Nejc Habjan <nejc.habjan@siemens.com> 2022-01-19 23:05:47 +0100
committer: Nejc Habjan <nejc.habjan@siemens.com> 2023-02-16 20:22:10 +0100
commit: be7745dc3dfee64d453287ed7d350adc7e5cadae (patch)
tree: d2c2134b539893c73b6c6ee31242f3b995e0eb16 /gitlab/oauth.py
parent: 1da7c53fd3476a1ce94025bb15265f674af40e1a (diff)
download: gitlab-feat/oauth2-resource-password-flow.tar.gz
1 files changed, 33 insertions, 0 deletions
diff --git a/gitlab/oauth.py b/gitlab/oauth.py
new file mode 100644
index 0000000..f4fecf8
--- /dev/null
+++ b/gitlab/oauth.py
@@ -0,0 +1,33 @@
+import dataclasses
+from typing import Optional
+
+
+@dataclasses.dataclass
+class PasswordCredentials:
+    """
+    Resource owner password credentials modelled according to
+    https://docs.gitlab.com/ee/api/oauth2.html#resource-owner-password-credentials-flow
+    https://datatracker.ietf.org/doc/html/rfc6749#section-4-3.
+
+    If the GitLab server has disabled the ROPC flow without client credentials,
+    client_id and client_secret must be provided.
+    """
+
+    username: str
+    password: str
+    grant_type: str = "password"
+    scope: str = "api"
+    client_id: Optional[str] = None
+    client_secret: Optional[str] = None
+
+    def __post_init__(self) -> None:
+        basic_auth = (self.client_id, self.client_secret)
+
+        if not any(basic_auth):
+            self.basic_auth = None
+            return
+
+        if not all(basic_auth):
+            raise TypeError("Both client_id and client_secret must be defined")
+
+        self.basic_auth = basic_auth
author	Nejc Habjan <nejc.habjan@siemens.com>	2022-01-19 23:05:47 +0100
committer	Nejc Habjan <nejc.habjan@siemens.com>	2023-02-16 20:22:10 +0100
commit	be7745dc3dfee64d453287ed7d350adc7e5cadae (patch)
tree	d2c2134b539893c73b6c6ee31242f3b995e0eb16 /gitlab/oauth.py
parent	1da7c53fd3476a1ce94025bb15265f674af40e1a (diff)
download	gitlab-feat/oauth2-resource-password-flow.tar.gz