Simple library for using a third party authentication service like Keycloak or Auth0 with FastAPI

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for aiwizo from gravatar.com aiwizo

Unverified details

These details have not been verified by PyPI
Project links
GitHub Statistics

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

Meta

License: MIT License (MIT)

Author: HarryMWinters

Requires: Python >=3.8, <4.0

Classifiers

Project description

FastAPI Third Party Auth

Test Documentation Status Package version

Documentation: https://fastapi-third-party-auth.readthedocs.io/

Source Code: https://github.com/aiwizo/fastapi-third-party-auth

Simple library for using a third party authentication service with FastAPI. Verifies and decrypts 3rd party OpenID Connect tokens to protect your endpoints.

Easily used with authentication services such as:

FastAPI's generated interactive documentation supports the grant flows:

GrantType.AUTHORIZATION_CODE
GrantType.IMPLICIT
GrantType.PASSWORD
GrantType.CLIENT_CREDENTIALS

example documentation

Installation

poetry add fastapi-third-party-auth

Or, for the old-timers:

pip install fastapi-third-party-auth

Usage

See this example for how to use docker-compose to set up authentication with fastapi-third-party-auth + Keycloak.

Standard usage

from fastapi import Depends
from fastapi import FastAPI
from fastapi import Security
from fastapi import status

from fastapi_third_party_auth import Auth
from fastapi_third_party_auth import GrantType
from fastapi_third_party_auth import KeycloakIDToken

auth = Auth(
    openid_connect_url="http://localhost:8080/auth/realms/my-realm/.well-known/openid-configuration",
    issuer="http://localhost:8080/auth/realms/my-realm",  # optional, verification only
    client_id="my-client",  # optional, verification only
    scopes=["email"],  # optional, verification only
    grant_types=[GrantType.IMPLICIT],  # optional, docs only
    idtoken_model=KeycloakIDToken,  # optional, verification only
)

app = FastAPI(
    title="Example",
    version="dev",
    dependencies=[Depends(auth)],
)

@app.get("/protected")
def protected(id_token: KeycloakIDToken = Security(auth.required)):
    return dict(message=f"You are {id_token.email}")

Optional: Custom token validation

The IDToken class will accept any number of extra fields but you can also validate fields in the token like this:

class MyAuthenticatedUser(IDToken):
    custom_field: str
    custom_default: float = 3.14

auth = Auth(
    ...,
    idtoken_model=MyAuthenticatedUser,
)

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for aiwizo from gravatar.com aiwizo

Unverified details

These details have not been verified by PyPI
Project links
GitHub Statistics

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

Meta

License: MIT License (MIT)

Author: HarryMWinters

Requires: Python >=3.8, <4.0

Classifiers

Release history Release notifications | RSS feed

This version

0.1.2

0.1.1

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

fastapi-third-party-auth-0.1.2.tar.gz (7.6 kB view hashes)

Uploaded Source

Built Distribution

fastapi_third_party_auth-0.1.2-py3-none-any.whl (8.3 kB view hashes)

Uploaded Python 3

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page