Generic OAuth2 client that gets OAuth out of your way and lets you automate tasks against any OAuth2-enabled API.
Features:
- 🚀 Automatic browser-based OAuth flow
- 🔐 Secure token storage and auto-refresh
- 🎯 Simple one-line authentication
- 🔄 Works with any OAuth2-enabled API
- 💻 Uses the popular requests library
# Install dependencies and create virtual environment
uv sync
# Run the script
uv run api_blaster.pyOn first run, you'll be prompted for:
- OAuth Client ID
- OAuth Client Secret
- Redirect URI (default:
http://localhost:8080/cb)
The browser will open automatically, you authorize the app, and you're done! Tokens are saved and auto-refreshed.
- Prompts for OAuth credentials (client ID, secret, redirect URL)
- Starts local HTTP server on localhost:8080
- Opens browser automatically for OAuth authorization
- Captures callback and exchanges code for tokens
- Saves config to
./.api-blaster/api-blaster-conf.json - Saves tokens to
./.api-blaster/api-blaster-auth.json
- Loads saved tokens automatically
- Refreshes expired tokens transparently
- Just works! ✨
The default redirect URI is http://localhost:8080/cb. You can use different ports:
http://localhost:8080/cb(default)http://localhost:9090/callbackhttp://127.0.0.1:3000/auth/callback
Note: Make sure your OAuth provider (Google, GitHub, AWS Cognito, etc.) has the same redirect URI configured.
Edit api_blaster.py and customize your API calls. The authenticated session works exactly like the requests library:
# GET request
response = api_blaster.get('https://api.example.com/users')
# POST request
response = api_blaster.post('https://api.example.com/data', json={'key': 'value'})
# PUT request
response = api_blaster.put('https://api.example.com/resource/123', json={'updated': True})
# DELETE request
response = api_blaster.delete('https://api.example.com/resource/123')# Upgrade to latest versions
uv lock --upgrade
# Sync updated dependencies
uv syncYou'll need to register your application with your OAuth provider:
- Create OAuth application in provider console
- Set redirect URI to
http://localhost:8080/cb(or your custom URI) - Copy the Client ID and Client Secret
- Enter these when prompted by api-blaster
Common providers:
- AWS Cognito: Create app client, enable OAuth flows
- Google: Google Cloud Console → APIs & Services → Credentials
- GitHub: Settings → Developer settings → OAuth Apps
- Microsoft: Azure Portal → App registrations
Browser doesn't open?
- Copy the URL from terminal and paste in browser manually
Port already in use?
- Change redirect URI to use different port (e.g.,
http://localhost:9090/cb) - Update OAuth provider settings to match
Need to re-authenticate?
- Delete
.api-blaster/directory and run again
- The
.api-blaster/directory contains sensitive credentials and tokens - This directory is gitignored automatically
- Never commit this directory to version control
- HTTP on localhost is secure (traffic never leaves your machine, per OAuth2 RFC 8252)