Skip to content

OAuthProvider

Base configuration and extension point for OAuth providers in Flet.

Instances describe OAuth endpoints, client credentials, optional PKCE parameters, and optional user/group retrieval behavior used by [AuthorizationService][flet.auth.authorization_service.AuthorizationService].

Parameters:

  • client_id (str) –

    OAuth client/application ID issued by the provider.

  • client_secret (str) –

    OAuth client secret issued by the provider.

  • authorization_endpoint (str) –

    Authorization endpoint URL used to build the login redirect URL.

  • token_endpoint (str) –

    Token endpoint URL used for authorization-code and refresh-token exchange.

  • redirect_url (str) –

    Redirect/callback URL registered with the provider.

  • scopes (list[str] | None, default: None ) –

    Base OAuth scopes always requested during login.

  • user_scopes (list[str] | None, default: None ) –

    Additional scopes requested when user profile loading is enabled.

  • user_endpoint (str | None, default: None ) –

    Endpoint used to fetch raw user profile data after login.

  • user_id_fn (Callable | None, default: None ) –

    Function extracting a stable user id from user_endpoint response data.

  • group_scopes (list[str] | None, default: None ) –

    Additional scopes requested when group loading is enabled.

  • code_challenge (str | None, default: None ) –

    PKCE code challenge.

  • code_challenge_method (str | None, default: None ) –

    PKCE challenge method. For example, S256.

  • code_verifier (str | None, default: None ) –

    PKCE code verifier used during token exchange.

  • authorization_params (dict[str, str] | None, default: None ) –

    Extra query parameters appended to authorization URL generation in AuthorizationService.get_authorization_data().

Properties

Properties#

authorization_endpoint instance-attribute #

authorization_endpoint = authorization_endpoint

authorization_params instance-attribute #

authorization_params = (
    authorization_params
    if authorization_params is not None
    else {}
)

client_id instance-attribute #

client_id = client_id

client_secret instance-attribute #

client_secret = client_secret

code_challenge instance-attribute #

code_challenge = code_challenge

code_challenge_method instance-attribute #

code_challenge_method = code_challenge_method

code_verifier instance-attribute #

code_verifier = code_verifier

group_scopes instance-attribute #

group_scopes = (
    group_scopes if group_scopes is not None else []
)

redirect_url instance-attribute #

redirect_url = redirect_url

scopes instance-attribute #

scopes = scopes if scopes is not None else []

token_endpoint instance-attribute #

token_endpoint = token_endpoint

user_endpoint instance-attribute #

user_endpoint = user_endpoint

user_id_fn instance-attribute #

user_id_fn = user_id_fn

user_scopes instance-attribute #

user_scopes = user_scopes if user_scopes is not None else []