This guide assumes you have successfully installed Flask-OAuth2Server and a working understanding of Flask. If not, follow the installation steps and read about Flask at http://flask.pocoo.org/docs/.

A Minimal Example

A minimal Flask-OAuth2Server usage example looks like this. First create the application and initialize the extension:

>>> from flask import Flask
>>> from flask_oauth2server import OAuth2Server
>>> app = Flask('myapp')
>>> ext = OAuth2Server(app=app)

Some Extended Example

Flask-OAuth2Server also has support for ...

# -*- coding: utf-8 -*-
# This file is part of Flask-OAuth2Server
# Copyright (C) 2014 CERN.
# Flask-OAuth2Server is free software; you can redistribute it and/or
# modify it under the terms of the Revised BSD License; see LICENSE
# file for more details.

"""Helper module to create an oauthclient for testing purposes."""

from unittest import TestCase
from flask import url_for, request, session, jsonify, abort, Flask
from flask_oauthlib.client import OAuth

class FlaskTestCase(TestCase):
    Mix-in class for creating the Flask application

    def setUp(self):
        app = Flask(__name__)
        app.config['DEBUG'] = True
        app.config['TESTING'] = True
        app.logger.disabled = True
        self.app = app

def create_client(app, name, **kwargs):
    """Helper function to create a OAuth2 client to test an OAuth2 provider."""
    default = dict(
        request_token_params={'scope': 'test:scope'},
        access_token_url='%s/oauth/token' % app.config['CFG_SITE_SECURE_URL'],
        authorize_url='%s/oauth/authorize' % app.config['CFG_SITE_SECURE_URL'],

    oauth = OAuth(app)
    remote = oauth.remote_app(name, **default)

    def login():
        return remote.authorize(callback=url_for('authorized', _external=True))

    def logout():
        session.pop('confidential_token', None)
        return "logout"

    def authorized(resp):
        if resp is None:
            return 'Access denied: error=%s' % (
                request.args.get('error', "unknown")
        if isinstance(resp, dict) and 'access_token' in resp:
            session['confidential_token'] = (resp['access_token'], '')
            return jsonify(resp)
        return str(resp)

    def get_test(test_url):
        if 'confidential_token' not in session:
            ret = remote.get(test_url)
            if ret.status != 200:
                return abort(ret.status)
            return ret.raw_data

    def test_ping():
        return get_test(url_for("oauth2server.ping"))

    def test_info():
        return get_test(url_for('oauth2server.info'))

    def test_invalid():
        return get_test(url_for('oauth2server.invalid'))

    def get_oauth_token():
        return session.get('confidential_token')

    return remote