hmrc.auth package

Submodules

hmrc.auth.session module

HMRC API session with authorization support

class hmrc.auth.session.HmrcSession(client_id=None, *, client_secret=None, test=False, uri=None, token=None, storage=None, gdpr_consent=False, **kwargs)[source]

Bases: requests_oauthlib.oauth2_session.OAuth2Session

HMRC API session

AUTH_URI = '/oauth/authorize'
BASE_TEST_URI = 'https://test-api.service.hmrc.gov.uk'
BASE_URI = 'https://api.service.hmrc.gov.uk'
OOB_REDIRECT_URI = 'urn:ietf:wg:oauth:2.0:oob'
TOKEN_URI = '/oauth/token'
authorization_url(url=None, **kwargs)[source]

Form an authorization URL

defraud()[source]

Construct fraud prevention headers

static dmifile(filename, default='Unknown')[source]

Read DMI file contents

extend_scope(scope)[source]

Extend OAuth2 scope

fetch_token(url=None, **kwargs)[source]

Fetch an access token

request(method, url, params=None, data=None, headers=None, **kwargs)[source]

Send request

hmrc.auth.testuser module

Test user automatic authorization

class hmrc.auth.testuser.TestUserAuthClient(client_id, code=True, **kwargs)[source]

Bases: oauthlib.oauth2.rfc6749.clients.web_application.WebApplicationClient

Test user OAuth2 authorization client

This may be used as a drop-in replacement for oauthlib.oauth2.LegacyApplicationClient. It provides an OAuth2 client capable of obtaining an access token using a test user’s username and password.

Note that the HMRC API sandbox does not actually support the RFC6749 Resource Owner Password Credentials grant type. Instead, this OAuth2 client steps through the HMRC API sandbox login pages, filling in the HTML forms as required.

This OAuth2 client is usable only for test user accounts created using hmrc.api.testuser.

authorize(uri, username, password)[source]

Obtain authorization code using test user ID and password

static fetch_auth_page(session, uri, *args, method='GET', **kwargs)[source]

Fetch an authorization journey page

fetch_auth_page_form(session, uri, form, *args, **kwargs)[source]

Fetch an authorization journey page via a form submission

prepare_request_body(auth_uri, username, password, code=None, **kwargs)[source]

Prepare access token request body

hmrc.auth.token module

HMRC API token storage

class hmrc.auth.token.HmrcTokenStorage(token: dict = None)[source]

Bases: object

OAuth2 token storage

close()[source]

Close storage medium

delete()[source]

Delete token from storage

load()[source]

Load token from storage

save(token=None)[source]

Save token to storage

token = None

Token value

class hmrc.auth.token.HmrcTokenFileStorage(token: dict = None, file: TextIO = None, path: dataclasses.InitVar = None)[source]

Bases: hmrc.auth.token.HmrcTokenStorage

OAuth2 token storage in a local JSON file

close()[source]

Close file

file = None

File used to store JSON representation of OAuth2 token

load()[source]

Load token from JSON file

path = None

Path to file

save(token=None)[source]

Save token to JSON file

Module contents

HMRC authentication and authorisation