Add OAuth support

[rbw]

[satzynu]

How would connecting with okta look like?

[rbw]

Can you elaborate? Do you mean OIDC, Okta and OAuth?

[rbw]

@satzynu ping

[SobieskiCodes]

Would love OAuth support if this is still on the table.

[rbw]

Life's a little busy right now, but yes - it sure is. I'll be looking into adding more authentication methods once I've completed some documentation updates.

If someone wants to help out with this, please go ahead. And I'd be happy to discuss the design beforehand.

[SobieskiCodes]

If someone wants to help out with this, please go ahead. And I'd be happy to discuss the design beforehand.

I havent a clue where to start, but I'll take a look at it throughout the week. Appreciate the project.

[padrian2s]

I'm pro for Oauth2 integration

[rbw]

I'll start working on this shortly.

[padrian2s]

Most of the mid-large organizations use OAuth2 with respect to the in-house security policies. Also a good practice is to use a service account instead of a regular (human) user. At first look the change is not big in aiosnow:

• aiosnow Client use session_cls for any future aiohttp requests, currently only basic_auth is provided
• using oauthlib we could pass bearer in the session headers after doing Auth against service token (look at Client->get_session()). Let the user provide oauth client.

The most intricate use case is the refresh of token before expiration.

After some research spent I would recommend oauthlib. @rbw I appreciate your work & time. aiosnow is the most comprehensive open source library and could spike in adoption with oauth2 integration.

[rbw]

I'm sorry this got delayed again.

Thank you for the input @padrian2s

Let the user provide oauth client.

Sounds like a great idea I think. Would you be interested in helping out with this? I can make you a contributor, so you can work on the code in your own branch and submit a PR for review when you're ready.

[weyCC81]

This would be an interesting feature, thanks for the updates on this.