https://github.com/authlib/authlib
django flask jose jwe jwk jws jwt oauth oauth2 oauth2-provider oauth2-server oidc openid-connect
Score: 32.459104556232546
Last synced: about 11 hours ago
JSON representation
Repository metadata:
The ultimate Python library in building OAuth, OpenID Connect clients and servers. JWS, JWE, JWK, JWA, JWT included.
- Host: GitHub
- URL: https://github.com/authlib/authlib
- Owner: authlib
- License: bsd-3-clause
- Created: 2017-10-27T06:52:26.000Z (over 8 years ago)
- Default Branch: main
- Last Pushed: 2026-03-20T08:00:57.000Z (7 days ago)
- Last Synced: 2026-03-25T01:52:34.309Z (3 days ago)
- Topics: django, flask, jose, jwe, jwk, jws, jwt, oauth, oauth2, oauth2-provider, oauth2-server, oidc, openid-connect
- Language: Python
- Homepage: https://authlib.org/
- Size: 3.8 MB
- Stars: 5,253
- Watchers: 58
- Forks: 525
- Open Issues: 131
-
Metadata Files:
- Readme: README.md
- Funding: .github/FUNDING.yml
- License: LICENSE
- Code of conduct: .github/CODE_OF_CONDUCT.md
- Security: .github/SECURITY.md
-
Funding:
- Github: authlib, lepture
Owner metadata:
- Name: Authlib
- Login: authlib
- Email:
- Kind: organization
- Description: The ultimate Python library in building OAuth and OpenID Connect servers.
- Website: https://authlib.org/
- Location: Japan
- Twitter: authlib
- Company:
- Icon url: https://avatars.githubusercontent.com/u/32964472?v=4
- Repositories: 11
- Last Synced at: 2025-10-14T16:26:06.852Z
- Profile URL: https://github.com/authlib
GitHub Events
Total
- Create event: 10
- Delete event: 4
- Fork event: 24
- Issue comment event: 91
- Issues event: 50
- Pull request event: 38
- Pull request review comment event: 20
- Pull request review event: 32
- Push event: 39
- Release event: 3
- Watch event: 209
- Total: 520
Last Year
- Create event: 10
- Delete event: 4
- Fork event: 24
- Issue comment event: 91
- Issues event: 50
- Pull request event: 38
- Pull request review comment event: 20
- Pull request review event: 32
- Push event: 39
- Release event: 3
- Watch event: 209
- Total: 520
Committers metadata
Last synced: 4 days ago
Total Commits: 1,524
Total Committers: 139
Avg Commits per committer: 10.964
Development Distribution Score (DDS): 0.231
Commits in past year: 192
Committers in past year: 12
Avg Commits per committer in past year: 16.0
Development Distribution Score (DDS) in past year: 0.365
| Name | Commits | |
|---|---|---|
| Hsiaoming Yang | m****e@l****m | 1172 |
| Éloi Rivard | e****i@y****p | 170 |
| Ber Zoidberg | b****g@g****m | 7 |
| Kai A. Hiller | g****t@k****e | 4 |
| Kartik Ohri | k****3@g****m | 4 |
| Jaap Roes | j****s@l****l | 4 |
| Félix Rohrlich | f****x@y****p | 4 |
| Tom Christie | t****m@t****m | 3 |
| Rogier van der Geer | r****r@g****m | 3 |
| Pablo Marti | p****o@a****u | 3 |
| Nikita Spivachuk | n****k@d****m | 3 |
| Grey Li | w****i@g****m | 3 |
| Alex Ball | a****l | 3 |
| Dong | l****y@g****m | 2 |
| François Voron | f****n@g****m | 2 |
| Bastian Venthur | m****l@v****e | 2 |
| princekhunt | i****o@p****m | 2 |
| Tomasz Kontusz | t****z@g****m | 2 |
| Tim Gates | t****s@i****m | 2 |
| Thomas Scholtes | g****r@a****m | 2 |
| Jacopo Nespolo | j****o@e****t | 2 |
| Mario Jimenez Carrasco | m****o@g****m | 2 |
| Randy Duodu | d****9@g****m | 2 |
| Dave Hallam | d****b@y****m | 2 |
| Jay Turner | j****r@k****o | 2 |
| Vlad Dmitrievich | 2****s@g****m | 2 |
| Thibault | t****t@T****l | 2 |
| Max Murashov | m****v@r****u | 2 |
| Borislav Ivanov | b****v@h****m | 1 |
| Cattī Crūdēlēs | 1****7 | 1 |
| and 109 more... | ||
Issue and Pull Request metadata
Last synced: 2 months ago
Total issues: 47
Total pull requests: 53
Average time to close issues: about 1 year
Average time to close pull requests: 9 days
Total issue authors: 34
Total pull request authors: 19
Average comments per issue: 1.79
Average comments per pull request: 0.7
Merged pull request: 30
Bot issues: 0
Bot pull requests: 1
Past year issues: 32
Past year pull requests: 46
Past year average time to close issues: about 1 month
Past year average time to close pull requests: 9 days
Past year issue authors: 20
Past year pull request authors: 13
Past year average comments per issue: 1.06
Past year average comments per pull request: 0.59
Past year merged pull request: 24
Past year bot issues: 0
Past year bot pull requests: 1
Top Issue Authors
- azmeuk (11)
- markhobson (3)
- bendavis78 (2)
- InfernalAzazel (1)
- Jsalaz1989 (1)
- MaidScientistIzutsumiMarin (1)
- kimminw00 (1)
- rcludwick (1)
- NomAnor (1)
- ziwang-com (1)
- spenhand (1)
- hfroot (1)
- agentydragon (1)
- Aetylus (1)
- se7entynine (1)
Top Pull Request Authors
- azmeuk (23)
- lepture (5)
- shc261392 (3)
- zachswasey (3)
- EpicWink (2)
- MartinPaulEve (2)
- Aetylus (2)
- aliaksei-protchanka (2)
- jdeepee (1)
- AL-Cybision (1)
- yannj-fr (1)
- V02460 (1)
- hxtmdev (1)
- kursataktas (1)
- thibault-tiro (1)
Top Issue Labels
- spec (7)
- role:authorization_server (6)
- documentation (5)
- bug (4)
- client (3)
- server (3)
- integration:httpx (2)
- jose (2)
- good first issue (2)
- spec:rfc6749 (1)
- Security (1)
- question (1)
- role:client (1)
- integration:flask (1)
- integration:requests (1)
Top Pull Request Labels
- bug (2)
- role:authorization_server (2)
- documentation (1)
- feature request (1)
- dependencies (1)
- github_actions (1)
Package metadata
- Total packages: 4
-
Total downloads:
- pypi: 104,132,304 last-month
- conda: 6,026 total
- Total docker downloads: 62,849,134
- Total dependent packages: 161 (may contain duplicates)
- Total dependent repositories: 2,188 (may contain duplicates)
- Total versions: 107
- Total maintainers: 1
- Total advisories: 9
pypi.org: authlib
The ultimate Python library in building OAuth and OpenID Connect servers and clients.
- Homepage:
- Documentation: https://docs.authlib.org/
- Licenses: BSD-3-Clause
- Latest release: 1.6.9 (published 25 days ago)
- Last Synced: 2026-03-23T01:13:09.718Z (5 days ago)
- Versions: 57
- Dependent Packages: 157
- Dependent Repositories: 2,180
- Downloads: 104,132,304 Last month
- Docker Downloads: 62,849,134
-
Rankings:
- Downloads: 0.103%
- Dependent packages count: 0.15%
- Dependent repos count: 0.236%
- Docker downloads count: 0.618%
- Average: 0.816%
- Stargazers count: 1.123%
- Forks count: 2.665%
- Maintainers (1)
-
Funding:
- https://github.com/sponsors/lepture
-
Advisories:
- Authlib: Fail-Open Cryptographic Verification in OIDC Hash Binding
- Authlib Vulnerable to JWE RSA1_5 Bleichenbacher Padding Oracle
- Authlib JWS JWK Header Injection: Signature Verification Bypass
- Authlib: Setting `alg: none` and a blank signature appears to bypass signature verification
- Authlib has 1-click Account Takeover vulnerability
- Authlib : JWE zip=DEF decompression bomb enables DoS
- Authlib is vulnerable to Denial of Service via Oversized JOSE Segments
- Authlib: JWS/JWT accepts unknown crit headers (RFC violation → possible authz bypass)
- Authlib has algorithm confusion with asymmetric public keys
proxy.golang.org: github.com/authlib/authlib
- Homepage:
- Documentation: https://pkg.go.dev/github.com/authlib/authlib#section-documentation
- Licenses: bsd-3-clause
- Latest release: v1.6.9 (published 25 days ago)
- Last Synced: 2026-03-23T00:02:36.114Z (5 days ago)
- Versions: 36
- Dependent Packages: 0
- Dependent Repositories: 0
-
Rankings:
- Dependent packages count: 5.488%
- Average: 5.672%
- Dependent repos count: 5.857%
anaconda.org: authlib
The ultimate Python library in building OAuth and OpenID Connect servers. It is designed from low level specifications implementations to high level frameworks integrations, to meet the needs of everyone.
- Homepage: https://authlib.org
- Licenses: BSD-3-Clause
- Latest release: 1.6.6 (published 3 months ago)
- Last Synced: 2026-03-06T22:08:44.652Z (21 days ago)
- Versions: 12
- Dependent Packages: 4
- Dependent Repositories: 8
- Downloads: 6,026 Total
-
Rankings:
- Dependent packages count: 11.114%
- Stargazers count: 13.772%
- Forks count: 17.638%
- Average: 20.523%
- Dependent repos count: 39.565%
spack.io: py-authlib
The ultimate Python library in building OAuth and OpenID Connect servers. JWS, JWK, JWA, JWT are included.
- Homepage: https://github.com/authlib/authlib
- Licenses: []
- Latest release: 1.6.7 (published about 1 month ago)
- Last Synced: 2026-03-23T00:02:34.539Z (5 days ago)
- Versions: 2
- Dependent Packages: 0
- Dependent Repositories: 0
-
Rankings:
- Dependent repos count: 0.0%
- Average: 26.511%
- Dependent packages count: 53.022%
Dependencies
- actions/checkout v2 composite
- github/codeql-action/analyze v1 composite
- github/codeql-action/init v1 composite
- actions/checkout v2 composite
- actions/setup-python v2 composite
- codecov/codecov-action v1 composite
- cryptography >=3.2
- coverage * test
- cryptography * test
- pytest * test
- anyio * test
- cachelib * test
- django * test
- flask * test
- httpx * test
- pytest-asyncio * test
- requests * test
- starlette * test
- werkzeug * test
- Django * test
- pytest-django * test
- Flask * test
- Flask-SQLAlchemy * test
- Django *
- Flask *
- SQLAlchemy *
- cryptography *
- httpx >=0.18.2
- pycryptodomex >=3.10,<4
- requests *
- shibuya *
- sphinx ==6.2.1
- sphinx-copybutton ==0.5.2
- sphinx-design ==0.4.1
- starlette *
- actions/checkout v3 composite
- actions/download-artifact v3 composite
- actions/setup-python v4 composite
- actions/upload-artifact v3 composite
- pypa/gh-action-pypi-publish release/v1 composite