OAuth Provider

oauth_provider
REPOSITORY
REPOSITORYOCA/server-tools
GIT
GIThttps://github.com/OCA/server-tools.git
GIT FOLDER
GIT FOLDERhttps://github.com/OCA/server-tools/tree/9.0/oauth_provider
VERSION
VERSION 1.0.0
CATEGORY
CATEGORYAuthentication
LICENSE
LICENSEAGPL-3
APPLICATION
APPLICATIONNo
AUTO-INSTALLABLE
AUTO-INSTALLABLENo
AUTHORS
AUTHORSOdoo Community Association (OCA), SYLEAM
MAINTAINERS
MAINTAINERSOdoo Community Association (OCA), SYLEAM
COMMITTERS
COMMITTERSChristophe Combelles, OCA Transbot, oca-travis, Weblate, OCA-git-bot, Sylvain GARANCHER
WEBSITE
WEBSITEhttp://www.syleam.fr/
LAST TRACKING UPDATE
LAST TRACKING UPDATE2026-07-06 00:15:23
ODOO DEPENDENCIES
ODOO DEPENDENCIES odoo/odoo:
    - base
PYTHON DEPENDENCIES
PYTHON DEPENDENCIES oauthlib
SYSTEM DEPENDENCIES
SYSTEM DEPENDENCIES Not have
DESCRIPTION
DESCRIPTION

Code Analysis

Views touched (8)
XML IDNameModelTypeStatus
oauth_provider.authorization OAuth Authorization Error ir.ui.view qweb New
oauth_provider.authorization_error OAuth Authorization Error ir.ui.view qweb New
view_oauth_provider_client_form oauth.provider.client.form oauth.provider.client form New
view_oauth_provider_client_search oauth.provider.client.search oauth.provider.client search New
view_oauth_provider_client_tree oauth.provider.client.tree oauth.provider.client tree New
view_oauth_provider_scope_form oauth.provider.scope.form oauth.provider.scope form New
view_oauth_provider_scope_search oauth.provider.scope.search oauth.provider.scope search New
view_oauth_provider_scope_tree oauth.provider.scope.tree oauth.provider.scope tree New
Models touched (6)

New fields (6)
  • active Boolean
    default=True help='When unchecked, the code is invalidated.'
  • client_id Many2one → oauth.provider.client
    comodel_name='oauth.provider.client' help='Client associated to this authorization code.' required=True string='Client'
  • code Char
    help='Name of the authorization code.' required=True
  • redirect_uri_id Many2one → oauth.provider.redirect.uri
    comodel_name='oauth.provider.redirect.uri' help='Redirect URI associated to this authorization code.' required=True string='Redirect URI'
  • scope_ids Many2many → oauth.provider.scope
    comodel_name='oauth.provider.scope' help='Scopes allowed by this authorization code.' string='Scopes'
  • user_id Many2one → res.users
    comodel_name='res.users' help='User associated to this authorization code.' required=True string='User'
Public methods (0)

No public methods.

New fields (10)
  • application_type Selection
    default='web application' help='Application type to be used with this client.' required=True selection=[('web application', 'Web Application'), ('mobile application', 'Mobile Application'), ('legacy application', 'Legacy Application'), ('backend application', 'Backend Application (not implemented)')]
  • grant_type Selection
    compute='_compute_grant_response_type' help='Grant type used by the client for OAuth.' selection=[('authorization_code', 'Authorization Code'), ('implicit', 'Implicit'), ('password', 'Password'), ('client_credentials', 'Client Credentials')] store=True string='OAuth Grant Type'
  • identifier Char
    copy=False default=<expr> help='Unique identifier of the client.' readonly=True required=True string='Client Identifier'
  • name Char
    help='Name of this client.' required=True
  • redirect_uri_ids One2many → oauth.provider.redirect.uri
    comodel_name='oauth.provider.redirect.uri' help='Allowed redirect URIs for the client.' inverse_name='client_id' string='OAuth Redirect URIs'
  • response_type Selection
    compute='_compute_grant_response_type' help='Response type used by the client for OAuth.' selection=[('code', 'Authorization Code'), ('token', 'Token'), ('none', 'None')] store=True string='OAuth Response Type'
  • scope_ids Many2many → oauth.provider.scope
    comodel_name='oauth.provider.scope' help='List of scopes the client is allowed to access.' string='Allowed Scopes'
  • secret Char
    help='Optional secret used to authenticate the client.'
  • skip_authorization Boolean
    help="Check this box if the user shouldn't be prompted to authorize or not the requested scopes."
  • token_type Selection
    default='random' help='Type of token to return. The base module only provides randomly generated tokens.' required=True selection=[('random', 'Randomly generated')]
Public methods (3)
  • application_type_mapping(self)
    @api.model
  • generate_user_id(self, user)
    @api.multi
    Generates a unique user identifier for this client Include the client and user identifiers in the final identifier to generate a different identifier for the same user, depending on the client accessing this user. By doing this, clients cannot find a list of common users by comparing their identifiers list from tokeninfo.
  • get_oauth2_server(self, validator=None, **kwargs)
    @api.multi
    Returns an OAuth2 server instance, depending on the client application type Generates an OdooValidator instance if no custom validator is defined All other arguments are directly passed to the server constructor (for example, a token generator function)

New fields (3)
  • client_id Many2one → oauth.provider.client
    comodel_name='oauth.provider.client' help='Client allowed to redirect using this URI.' required=True string='Client'
  • name Char
    help='URI of the redirect.' required=True
  • sequence Integer
    default=10 help='Order of the redirect URIs.' required=True
Public methods (0)

No public methods.

New fields (7)
  • code Char
    help='Code of the scope, used in OAuth requests.' required=True
  • description Text
    help='Description of the scope, displayed to the user.' required=True translate=True
  • field_ids Many2many → ir.model.fields
    comodel_name='ir.model.fields' domain="[('model_id', '=', model_id)]" help='Fields allowed by this scope.' string='Fields'
  • filter_id Many2one → ir.filters
    comodel_name='ir.filters' domain="[('model_id', '=', model)]" help='Filter applied to retrieve records allowed by this scope.' string='Filter'
  • model Char
    help='Name of the model allowed to be accessed by this scope.' readonly=True related='model_id.model' string='Model Name'
  • model_id Many2one → ir.model
    comodel_name='ir.model' help='Model allowed to be accessed by this scope.' required=True string='Model'
  • name Char
    help='Name of the scope, displayed to the user.' required=True translate=True
Public methods (1)
  • get_data_for_model(self, model, res_id=None, all_scopes_match=False)
    @api.multi
    Return the data matching the scopes from the requested model

New fields (8)
  • active Boolean
    compute='_compute_active' help='A token is active only if it has not yet expired.' search='_search_active'
  • client_id Many2one → oauth.provider.client
    comodel_name='oauth.provider.client' help='Client associated to this token.' required=True string='Client'
  • expires_at Datetime
    help='Expiration time of the token.' required=True
  • refresh_token Char
    help='The refresh token, if applicable.'
  • scope_ids Many2many → oauth.provider.scope
    comodel_name='oauth.provider.scope' help='Scopes allowed by this token.' string='Scopes'
  • token Char
    help='The token itself.' required=True
  • token_type Selection
    default='Bearer' help='Type of token stored. Currently, only the bearer token type is available.' required=True selection=[('Bearer', 'Bearer')]
  • user_id Many2one → res.users
    comodel_name='res.users' help='User associated to this token.' required=True string='User'
Public methods (2)
  • generate_user_id(self)
    @api.multi
    Generates a unique user identifier for this token
  • get_data_for_model(self, model, res_id=None, all_scopes_match=False)
    @api.multi
    Returns the data of the accessible records of the requested model, Data are returned depending on the allowed scopes for the token If the all_scopes_match argument is set to True, return only records allowed by all token's scopes

New fields (1)
  • oauth_identifier Char
    copy=False default=<expr> help='String used to identify this user during an OAuth session.' readonly=True required=True string='OAuth Identifier'
Public methods (0)

No public methods.

STATUS
STATUSOpen migration PR - not merged yet for this version
REPOSITORY
REPOSITORYOCA/server-auth
PULL REQUEST
PULL REQUEST[WIP][MIG] oauth_provider: Migration to 19.0 (#853)