snarfed
Consider using an OAuth client library
Bridgy uses oauth-dropins, our home grown OAuth client library, to auth with the 11 different services that Bridgy needs. (Everything on the front page, minus Facebook and Instagram, plus IndieAuth.)
oauth-dropins is fine, but it takes a fair amount of maintenance, and it's not very widely adopted outside of Bridgy and granary, so we don't really get any benefit from using it. There's a solid selection of others that are more mature and widely supported that we could migrate to instead. It would be a significant project, and none of them have all of the services we need yet - Mastodon is a significant one that's missing from all of them, and takes extra work to implement - but long term, the ROI might be worth it.
Here are the options I've looked at:
Authlib / loginpass
- Flask support
- normalized user info: yes, based on OpenID Connect UserInfo claims
- storage: none built in
- loginpass seems to be a thin wrapper with built in configurations for many existing services, but it also says, Most of the time, you don't have to use loginpass, you can just register a remote app with Authlib's framework integrations. So, not sure which we'd use.
- authlib example code: Flask, multiple login
- Missing services: Blogger, Flickr, IndieAuth, Mastodon, Medium, Tumblr, WordPress.com
- optional commercial license
Authomatic
- Flask support
- storage: only legacy app engine ndb, https://github.com/authomatic/authomatic/issues/194
- normalized user data
- missing: Blogger, IndieAuth, Mastodon, Medium, WordPress
- how to add a new service: https://github.com/authomatic/authomatic/issues/17
python-social-auth
- unmaintained?! looking for maintainers, https://github.com/python-social-auth/social-core/issues/539
- Flask support
- storage: SQLAlchemy, MongoEngine, Peewee
- normalized user data: only username and email
- how to add a new provider
- missing: IndieAuth, Mastodon, Medium, Reddit, WordPress
