About

This is an authentication plugin for HTTPie which provides OAuth 2.0 support.

It currently implements:

• RFC 7591 OAuth 2.0 Dynamic Client Registration Protocol
• RFC 7636 Proof Key for Code Exchange by OAuth Public Clients
• RFC 8414 OAuth 2.0 Authorization Server Metadata
• RFC 9207 OAuth 2.0 Authorization Server Issuer Identification

Installation

httpie plugins install https://code.zash.se/httpie-oauth2/archive/1.1.0.tar.gz

Usage

In the happy path, the Authorization Server supports both RFC 7591 and RFC 8414, where HTTPie can acquire everything by itself:

https -A oauth2 -a auth.example.com api.example.com/resource

In the real world, you will likely have to register an OAuth 2.0 client to retrieve the client_id and client_secret and specify all the parameters yourself:

https -A oauth2 --oauth2-issuer auth.example.com \
    --oauth2-client-id "32a0a8f3-4016-5478-905a-c373156eca73" \
    --oauth2-client-secret "example-secret-token" \
    --oauth2-scope "read write openid" \
    --oauth2-authorization-endpoint "https://auth.example.com/oauth2/authorize" \
    --oauth2-token-endpoint "https://auth.example.com/oauth2/token" \
    api.example.com/resource # other HTTPie arguments ...

If you are lucky and the Authorization Server supports RFC 8414, you can omit the --oauth2-*-endpoint arguments and rely on the automatic discovery.