Skip to content

[FEATURE][AUTH]: Comprehensive OAuth2 base library with helper functions #1434

Open
Task
Open
[FEATURE][AUTH]: Comprehensive OAuth2 base library with helper functions#1434
Task
Labels
SHOULDP2: Important but not vital; high-value items that are not crucial for the immediate releaseenhancementNew feature or requestpythonPython / backend development (FastAPI)readyValidated, ready-to-work-on itemssecurityImproves security
Milestone
Release 1.1.0
@VRamakrishna

Description

@VRamakrishna
VRamakrishna
opened on Nov 13, 2025

Various operations listed in #1422 rely on OAuth2 protocol units as specified in the OAuth2 RFCs. We need to create a common library with a set of canonical functions for the following:

  • OAuth token validation
  • Claims extraction from OAuth tokens
  • OAuth token exchange
  • OAuth token refresh
  • OAuth token scope modifications
  • OIDC support

We will implement specifications from the following RFCs:

  • RFC 6749: The OAuth 2.0 Authorization Framework
  • RFC 8414: Authorization Server Metadata discovery
  • RFC 7591: Dynamic Client Registration
  • RFC 9728: Protected Resource Metadata
  • RFC 8707: Resource Indicators
  • RFC 8693: OAuth 2.0 Token Exchange

Wherever necessary, we will adhere to the OAuth2.1 specifications even though they have not yet been accepted as a standard:

  • The OAuth 2.1 Authorization Framework: draft-ietf-oauth-v2-1-14

(Note: we envision this as an evolving feature, incorporating new standards as they emerge.)

@aksharkaul @abhi201191 @viksharma1987 @sandeepnRES

Metadata

Metadata

Assignees

No one assigned

    Labels

    SHOULDP2: Important but not vital; high-value items that are not crucial for the immediate releaseenhancementNew feature or requestpythonPython / backend development (FastAPI)readyValidated, ready-to-work-on itemssecurityImproves security

    Type

    Task

    Projects

    No projects

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions