OAuth2 support

[StijnCaerts]

Hi, we're interested in adding OAuth2/OIDC support to the HttpClient. Would you like this to be a configuration option on the existing HttpClient, or should we create a dedicated class for this? We can use the aiohttp-oauth2-session package to add OAuth2 token integration to the aiohttp ClientSession object.
It would also be nice if the configuration can be automatically loaded from the authentication STAC extension, but that would probably require some changes to the way clients are loaded:

stac-asset/src/stac_asset/client.py

Lines 189 to 221 in a201bba

	async def get_client(self, href: str) -> Client:
	"""Gets a client for the provided href.
	Args:
	href: The file href to download
	Returns:
	Client: An instance of that client.
	"""
	from .filesystem_client import FilesystemClient
	from .http_client import HttpClient
	from .planetary_computer_client import PlanetaryComputerClient
	from .s3_client import S3Client
	url = URL(href)
	if not url.host:
	client_class: Type[Client] = FilesystemClient
	elif url.scheme == "s3":
	client_class = S3Client
	elif url.host.endswith("blob.core.windows.net"):
	client_class = PlanetaryComputerClient
	elif url.scheme == "http" or url.scheme == "https":
	client_class = HttpClient
	else:
	raise ValueError(f"could not guess client class for href: {href}")
	async with self.lock:
	if client_class in self.clients:
	return self.clients[client_class]
	else:
	client = await client_class.from_config(self.config)
	self.clients[client_class] = client
	return client

What are your thoughts on this?

[gadomski]

Thanks for the interest and the idea! At first glance, I think it makes sense to add to the existing HttpClient, and we can break it out later if it feels awkward. And 👍🏼 to automatically detecting the extension, that would be super-cool.

[StijnCaerts]

I'm looking into this feature again, but I was wondering what the best way is to handle all the configuration parameters.
Things like:

• OAuth2 grant type
• token / authorization URL
• client ID
• username, password
• ...

Should these all go in the Config dataclass?

Here is a small example of how it can be used with an external dependency:

import stac_asset
from aiohttp_oauth2_client.client import OAuth2Client
from aiohttp_oauth2_client.grant.device_code import DeviceCodeGrant

...

async with DeviceCodeGrant(
    token_url=TOKEN_URL,
    device_authorization_url=DEVICE_AUTH_URL,
    client_id=CLIENT_ID,
    pkce=True,
) as grant, OAuth2Client(grant) as client:
    download_client = stac_asset.HttpClient(session=client)
    await stac_asset.download_item_collection(item_collection, "./Downloads", clients=[download_client])

[gadomski]

I think I'm 👎🏼 on putting them in Config, at least for starters. As mentioned here, I'm a little queasy about how some clients bubble their configuration up to Config, but not all/everything. I've opened #176 to document my unhappiness and one possible pseudo-solution.

All this to say, I'd build out your custom client first, and we can figure out how to wire it into Config and the CLI later.

[gadomski]

This has been implemented in #143