philorg/oidc-fastapi-test
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages 2 Wiki Activity Actions

Fix account url, use template for settings
Some checks failed
/ build (push) Failing after 14s
Details
/ test (push) Successful in 6s
Details

Browse source
This commit is contained in:
phil 2025-01-26 23:37:56 +01:00
parent dc93c7c05b
commit 5b6c6f1aac
3 changed files with 30 additions and 14 deletions
Download patch file Download diff file Expand all files Collapse all files

19
src/oidc_test/main.py
View file

@ -59,7 +59,7 @@ app.add_middleware(
# Add oidc providers to authlib from the settings # Add oidc providers to authlib from the settings
# fastapi_providers: dict[str, OpenIdConnect] = {} # fastapi_providers: dict[str, OpenIdConnect] = {}
providers_settings: dict[str, OIDCProvider] = {} oidc_providers_settings: dict[str, OIDCProvider] = {}
for provider in settings.oidc.providers: for provider in settings.oidc.providers:
authlib_oauth.register( authlib_oauth.register(
@ -80,7 +80,7 @@ for provider in settings.oidc.providers:
# fastapi_providers[provider.id] = OpenIdConnect( # fastapi_providers[provider.id] = OpenIdConnect(
# openIdConnectUrl=provider.openid_configuration # openIdConnectUrl=provider.openid_configuration
# ) # )
providers_settings[provider.id] = provider oidc_providers_settings[provider.id] = provider
@app.get("/") @app.get("/")
@ -94,7 +94,7 @@ async def home(
now = datetime.now() now = datetime.now()
if oidc_provider and ( if oidc_provider and (
( (
oidc_provider_settings := providers_settings.get( oidc_provider_settings := oidc_providers_settings.get(
request.session.get("oidc_provider_id", "") request.session.get("oidc_provider_id", "")
) )
) )
@ -111,6 +111,7 @@ async def home(
"settings": settings.model_dump(), "settings": settings.model_dump(),
"user": user, "user": user,
"now": now, "now": now,
"oidc_provider": oidc_provider,
"oidc_provider_settings": oidc_provider_settings, "oidc_provider_settings": oidc_provider_settings,
"resources": resources, "resources": resources,
"user_info_details": ( "user_info_details": (
@ -137,7 +138,7 @@ async def login(request: Request, oidc_provider_id: str) -> RedirectResponse:
except AttributeError: except AttributeError:
raise HTTPException(status.HTTP_401_UNAUTHORIZED, "No such provider") raise HTTPException(status.HTTP_401_UNAUTHORIZED, "No such provider")
# if ( # if (
# code_challenge_method := providers_settings[ # code_challenge_method := oidc_providers_settings[
# oidc_provider_id # oidc_provider_id
# ].code_challenge_method # ].code_challenge_method
# ) is not None: # ) is not None:
@ -220,12 +221,14 @@ async def account(
oidc_provider: Annotated[StarletteOAuth2App, Depends(get_oidc_provider)], oidc_provider: Annotated[StarletteOAuth2App, Depends(get_oidc_provider)],
) -> RedirectResponse: ) -> RedirectResponse:
if ( if (
provider := providers_settings.get(request.session.get("oidc_provider_id", "")) provider := oidc_providers_settings.get(
request.session.get("oidc_provider_id", "")
)
) is None: ) is None:
raise HTTPException( raise HTTPException(
status.HTTP_406_NOT_ACCEPTABLE, detail="No oidc provider setting" status.HTTP_406_NOT_ACCEPTABLE, detail="No oidc provider setting"
) )
return RedirectResponse(f"{provider.url}/account") return RedirectResponse(f"{provider.account_url}")
@app.get("/logout") @app.get("/logout")
@ -292,7 +295,9 @@ async def get_resource(
status.HTTP_406_NOT_ACCEPTABLE, detail="No such oidc provider" status.HTTP_406_NOT_ACCEPTABLE, detail="No such oidc provider"
) )
if ( if (
provider := providers_settings.get(request.session.get("oidc_provider_id", "")) provider := oidc_providers_settings.get(
request.session.get("oidc_provider_id", "")
)
) is None: ) is None:
raise HTTPException( raise HTTPException(
status.HTTP_406_NOT_ACCEPTABLE, detail="No oidc provider setting" status.HTTP_406_NOT_ACCEPTABLE, detail="No oidc provider setting"

23
src/oidc_test/settings.py
View file

@ -11,6 +11,9 @@ from pydantic_settings import (
PydanticBaseSettingsSource, PydanticBaseSettingsSource,
YamlConfigSettingsSource, YamlConfigSettingsSource,
) )
from starlette.requests import Request
from .models import User
class Resource(BaseModel): class Resource(BaseModel):
@ -32,7 +35,7 @@ class OIDCProvider(BaseModel):
code_challenge_method: str | None = None code_challenge_method: str | None = None
hint: str = "No hint" hint: str = "No hint"
resources: list[Resource] = [] resources: list[Resource] = []
account_url_suffix: str | None = None account_url_template: str | None = None
@computed_field @computed_field
@property @property
@ -44,11 +47,19 @@ class OIDCProvider(BaseModel):
def token_url(self) -> str: def token_url(self) -> str:
return "auth/" + self.id return "auth/" + self.id
@computed_field def get_account_url(self, request: Request, user: User) -> str | None:
@property if self.account_url_template:
def account_url(self) -> str | None: if not (
if self.account_url_suffix: self.url.endswith("/") or self.account_url_template.startswith("/")
return self.url + self.account_url_suffix ):
sep = "/"
else:
sep = ""
return (
self.url
+ sep
+ self.account_url_template.format(request=request, user=user)
)
else: else:
return None return None

2
src/oidc_test/templates/base.html
View file

@ -5,7 +5,7 @@
<script src="{{ url_for('static', path='/utils.js') }}"></script> <script src="{{ url_for('static', path='/utils.js') }}"></script>
</head> </head>
<body onload="checkPerms('links-to-check')"> <body onload="checkPerms('links-to-check')">
<h1>OIDC-test</h1> <h1>OIDC-test - FastAPI client</h1>
{% block content %} {% block content %}
{% endblock %} {% endblock %}
</body> </body>