Hi, I have tried the example in this "sanction" library and it looks that the authentication using oauth2 is really easy to implement. Unfortunately the example uses BaseHTTPRequestHandler and not web2py (which is the point of this discussion, of course)
I think that a first step would be, as the example in sanction demonstrates, to have an authentication token which can be used to access account info, which can be used to setup an internal web2py user linked to the oauth2 account. The data which can be accessed via oauth2 will differ from provider to provider, but probably some basic identification data can be obtained. It is not clear to me which data can be obtained, how the link account in web2py can be setup, what is the role of the authentication token, whether the authentication token can be saved for later use, how long is the authentication token valid, and lots of other open questions. In my research to have a OAuth2 system working I have also tried to use the oauth2 framework used in the application described in this thread<https://groups.google.com/d/topic/web2py/ftWKSXcOwVc/discussion> (Movuca <https://github.com/rochacbruno/Movuca>), but it turns out that the whole OAuth2 interaction is integrated with the data structures used by the application, and I have failed to split the pure OAuth2 parts from the rest. My goal is to have a basic demo of how to integrate a OAuth2 library with web2py, preferably this sanction library, since it seems that lots of providers are supported out of the box, and that more can be easily added. My main problem is that I am not familiar with the Auth system and I do not know to configure the login system in web2py to use the OAuth2 library. Maybe somebody could provide some assistance. I would be willing to contribute back of course. Regards, Daniel --
