Add remove_client method to base_client.registry.BaseOAuth

lepture / authlib

The ultimate Python library in building OAuth, OpenID Connect clients and servers. JWS,JWE,JWK,JWA,JWT included.

https://authlib.org/

BSD 3-Clause "New" or "Revised" License

4.45k stars 445 forks source link

Add remove_client method to base_client.registry.BaseOAuth #585

Open lcdunne opened 11 months ago

lcdunne commented 11 months ago

What kind of change does this PR introduce? (check at least one)

[ x ] Feature

Feature to support removing a client from the oauth instance (see this issue). This works with the Flask client but I am not familiar with the other frameworks enough to set them up to check. As I mentioned in the issue thread it really looks like those other clients inherit from BaseOAuth but please let me know if I'm overlooking something. I'll try to add what is needed.

[ x ] You consent that the copyright of your pull request source code belongs to Authlib's author.

lepture commented 11 months ago

Hi, thanks. It would be great if you can add a test case for this method.

lcdunne commented 11 months ago

Sure I'll give that a go. Is there a development build that installs all dependencies needed for testing? And any other information on how you are running the tests?

azmeuk commented 10 months ago

The whole testing process is automated with tox. Just run tox, and this will create environments for every python version supported, and a few dependency variants, and this will run pytest on those environments.

andersnauman commented 9 months ago

Can I give a suggestion to change the method name to unregister instead so the naming convention is kept in the same family so to say. Would also suggest the code to be more forgiven for odd behaviors (unlikely with this code but nonetheless a great failsafe).

Code suggestion:

    def unregister(self, name):
        err = None
        if name not in self._registry:
            err = f"Client {name} not found in registry."
        else:
            del self._registry[name]            

        if name not in self._clients:
            err = f"Client {name} not found in clients."
        else:
            del self._clients[name]

        if err:
            raise KeyError(err)

The method create_client first checks if self._clients contains name and if the unregister method do not finish deleting everything, you could end up with a half-deleted state where create_client returns a client that the registry does not have.

azmeuk commented 8 months ago

Can I give a suggestion to change the method name to unregister instead so the naming convention is kept in the same family so to say.

The register naming is not ideal anyways as it could be confused with registration like defined in OAuth 2.0 Dynamic Client Registration Protocol.

In the long run I think keeping remove_client but move register to add_client would be a better idea.

codespearhead commented 5 months ago

Also, can you link this PR to that issue ( #583 ), like this?