Authenticate using OAuth2


This is a plugin intended for use in authenticating against Google. It uses OAuth2 authentication. In theory, it should work with other providers too. It currently replaces the existing HTTP authentication, however this is not strictly necessary and can be easily removed.

Requires the oauth2client Python module.

Released into the public domain. For specifics, please see

Bugs/Feature Requests

Existing bugs and feature requests for OAuth2Plugin are here.

If you have any issues, create a new ticket.


0 / 1


1 / 1


Download the zipped source from here.


You can check out OAuth2Plugin from here using Subversion, or browse the source with Trac.


  1. Obtain a "client_secrets.json" file. The instructions below assume you are using Google OAuth2 authentication.
    • Creating a new project here.
    • Under "APIS & AUTH" click "Credentials" and then "Create new Client ID".
    • Select "Web application".
    • For Javascript origins, set the address of your server, for example:
    • For redirect URI, set the path to your Trac project followed by oauth2callback, for example:
    • Under the newly created client ID section, click "Download JSON".
  2. Drop the plugin in your plugins directory.
  3. In your configuration section, disable the http authentication. Then specify the location of "client_secrets.json":
    trac.web.auth.loginmodule = disabled
    secrets = /path/to/client_secrets.json
  4. Optionally, if you would like to restrict access to a particular Google Apps domain, add the following:
    domain =

Recent Changes

14010 by ysobolev on 2014-07-19 23:25:04
Added unlicense.
14009 by ysobolev on 2014-07-19 22:22:48
Initial commit.
14008 by ysobolev on 2014-07-19 22:10:21
New hack OAuth2Plugin, created by ysobolev


Author: ysobolev
Maintainer: Yury Sobolev

Last modified 7 years ago Last modified on Dec 24, 2016, 12:21:51 PM