philorg/oidc-fastapi-test
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages 2 Wiki Activity Actions

Create a sub-app for resource server move all resources to resource server;
All checks were successful
/ build (push) Successful in 5s
Details
/ test (push) Successful in 5s
Details

Browse source 
use token bearer instead of session cookie for resources and use fetch instead of XMLHttpRequest for checking resource status;
add UserWithRole class for fastapi depends (instead of has_role decorator);
add asserts for typing QC; code formatting;
comment out introspect endpoint processing
This commit is contained in:
phil 2025-02-07 13:57:17 +01:00
parent ee8ba3d2df
commit d39adf41ef
8 changed files with 188 additions and 153 deletions
Download patch file Download diff file Expand all files Collapse all files

2
src/oidc_test/templates/base.html
View file

@ -4,7 +4,7 @@
<link href="{{ url_for('static', path='/styles.css') }}" rel="stylesheet">
<script src="{{ url_for('static', path='/utils.js') }}"></script>
</head>
<body onload="checkPerms('links-to-check')">
<body onload="checkPerms('links-to-check', '{{ user.access_token }}', '{{ oidc_provider_settings.id }}')">
<h1>OIDC-test - FastAPI client</h1>
{% block content %}
{% endblock %}

16
src/oidc_test/templates/home.html
View file

@ -80,14 +80,14 @@
These links should get different response codes depending on the authorization:
</p>
<div class="links-to-check">
<a href="public">Public</a>
<a href="protected">Auth protected content</a>
<a href="protected-by-foorole">Auth + foorole protected content</a>
<a href="protected-by-foorole-or-barrole">Auth + foorole or barrole protected content</a>
<a href="protected-by-barrole">Auth + barrole protected content</a>
<a href="protected-by-foorole-and-barrole">Auth + foorole and barrole protected content</a>
<a href="fast_api_depends" class="hidden">Using FastAPI Depends</a>
<a href="introspect">Introspect token (401 expected)</a>
<a href="resource/public">Public</a>
<a href="resource/protected">Auth protected content</a>
<a href="resource/protected-by-foorole">Auth + foorole protected content</a>
<a href="resource/protected-by-foorole-or-barrole">Auth + foorole or barrole protected content</a>
<a href="resource/protected-by-barrole">Auth + barrole protected content</a>
<a href="resource/protected-by-foorole-and-barrole">Auth + foorole and barrole protected content</a>
<a href="resource/fast_api_depends" class="hidden">Using FastAPI Depends</a>
<!--<a href="resource/introspect">Introspect token (401 expected)</a>-->
</div>
{% if resources %}
<p>