authlib icon indicating copy to clipboard operation
authlib copied to clipboard

Published 20 hours ago verified publisher icon lepture

Implemented the oauth2 integration between FastAPI and Authlib

Open gmachado-nextreason opened this issue 5 years ago • 13 comments
trafficstars

What kind of change does this PR introduce? (check at least one)

  • [ ] Bugfix
  • [X] Feature
  • [ ] Code style update
  • [ ] Refactor
  • [ ] Other, please describe:

Does this PR introduce a breaking change? (check one)

  • [ ] Yes
  • [X] No
  • [X] You consent that the copyright of your pull request source code belongs to Authlib's author.

gmachado-nextreason avatar Oct 08 '20 22:10 gmachado-nextreason

This is an example of OpenID Connect 1.0 server in FastAPI and Authlib.

https://github.com/gmachado-nextreason/example-oidc-server-fastapi

gmachado-nextreason avatar Oct 08 '20 22:10 gmachado-nextreason

It is impossible to implement FastAPI OAuth providers for now. Because FastAPI is async, Authlib is not ready for async providers. This should be done in v2.0.

lepture avatar Oct 09 '20 07:10 lepture

Thanks for quick review @lepture.

Although FastAPI supports third party non async libraries: https://github.com/tiangolo/fastapi/issues/260 https://fastapi.tiangolo.com/async/

"If you are using a third party library that communicates with something (a database, an API, the file system, etc) and doesn't have support for using await, (this is currently the case for most database libraries), then declare your path operation functions as normally, with just def"

As you can see on the routes.py example, I created all the endpoints without async: https://github.com/gmachado-nextreason/example-oidc-server-fastapi/blob/master/src/routes.py

This is just a proposed integration solution between FastAPI and Authlib without async. I'm aware authlib only supports async for client not server yet (https://github.com/lepture/authlib/issues/63), just wanted to provide more options if anyone else is interested. Please let me know if it is still not the case. Glad to help anyhow.

gmachado-nextreason avatar Oct 09 '20 17:10 gmachado-nextreason

@gmachado-nextreason Yes, you are correct. We can support sync mode at first. But I won't add it in v0.15, how about adding it to v1.0.

There are still works to do:

  • Adding test cases
  • Remove the deprecated code

lepture avatar Oct 10 '20 06:10 lepture

Removed deprecated code and added the test cases scenarios.

@lepture can you please review it again once you have a chance?

gmachado-nextreason avatar Oct 22 '20 18:10 gmachado-nextreason

I'll merge and refactor the code later. I'm working on other stuff right now.

lepture avatar Nov 13 '20 08:11 lepture

@lepture resolved the conflict on tox.ini file, it is ready for you to merge. Thank you.

gmachado-nextreason avatar Nov 13 '20 15:11 gmachado-nextreason

Will this be merged? I'm interested in using/contributing to this.

seweissman avatar Dec 11 '20 16:12 seweissman

Any updates on this PR? FastAPI integration (sync or async) would be a nice addon.

synchronizing avatar Feb 12 '21 05:02 synchronizing

I'm not sure if this will get merged. I would like to make it a separate package since I have a plan to move Flask and Django integrations into separate packages in v2.0.

For FastAPI, it is better to support async mode, but currently Authlib only has sync mode. I'll make it async in v2.0 too.

In this case, I wonder if it is a good idea to have this PR (FastAPI) as built-in OAuth provider.

lepture avatar Mar 05 '21 01:03 lepture

@lepture Roger that. There is current work over at aioauth to bring OAuth to the async world. I'm one of the contributors over there, and if you have any recommendations/tips - or would like to contribute on it yourself - that would be greatly appreciated.

synchronizing avatar Mar 05 '21 16:03 synchronizing

It is better to focus not on FastAPI support, but on Starlette, because FastAPI is based on Starlette.

toxadx avatar Oct 18 '21 11:10 toxadx