Ana Sayfa Keşfet Yardım
Giriş Yap
joostsijm
/
clean-python
1
0
Çatalla 0
Dosyalar Sorunlar 0 Değişiklik İstekleri 0 Wiki
Ağaç: ef76b33080
Dallar Biçim İmleri
clean-python
/
clean_python
/
fastapi
/
security.py

security.py 2.4 KB
Geçmiş Ham

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182 
  1. from typing import Optional
    2. 

  2. 

  3. from fastapi import Depends
    4. 

  4. from fastapi import Request
    5. 

  5. from fastapi.security import HTTPBearer
    6. 

  6. from fastapi.security import OAuth2AuthorizationCodeBearer
    7. 

  7. 

  8. from clean_python import PermissionDenied
    9. 

  9. from clean_python.oauth2 import BaseTokenVerifier
    10. 

  10. from clean_python.oauth2 import NoAuthTokenVerifier
    11. 

  11. from clean_python.oauth2 import OAuth2SPAClientSettings
    12. 

  12. from clean_python.oauth2 import Token
    13. 

  13. from clean_python.oauth2 import TokenVerifier
    14. 

  14. from clean_python.oauth2 import TokenVerifierSettings
    15. 

  15. 

  16. __all__ = ["get_token", "RequiresScope"]
    17. 

  17. 

  18. verifier: Optional[BaseTokenVerifier] = None
    19. 

  19. 

  20. 

  21. def clear_verifier() -> None:
    22. 

  22.     global verifier
    23. 

  23. 

  24.     verifier = None
    25. 

  25. 

  26. 

  27. def set_verifier(settings: Optional[TokenVerifierSettings]) -> None:
    28. 

  28.     global verifier
    29. 

  29. 

  30.     if settings is None:
    31. 

  31.         verifier = NoAuthTokenVerifier()
    32. 

  32.     else:
    33. 

  33.         verifier = TokenVerifier(settings=settings)
    34. 

  34. 

  35. 

  36. def get_token(request: Request) -> Token:
    37. 

  37.     """A fastapi 'dependable' yielding the validated token"""
    38. 

  38.     global verifier
    39. 

  39. 

  40.     assert verifier is not None
    41. 

  41.     return verifier(request.headers.get("Authorization"))
    42. 

  42. 

  43. 

  44. class RequiresScope:
    45. 

  45.     def __init__(self, scope: str):
    46. 

  46.         assert scope.replace(" ", "") == scope, "spaces are not allowed in a scope"
    47. 

  47.         self.scope = scope
    48. 

  48. 

  49.     async def __call__(self, token: Token = Depends(get_token)) -> None:
    50. 

  50.         if self.scope not in token.scope:
    51. 

  51.             raise PermissionDenied(f"this operation requires '{self.scope}' scope")
    52. 

  52. 

  53. 

  54. class OAuth2SPAClientSchema(OAuth2AuthorizationCodeBearer):
    55. 

  55.     """A fastapi 'dependable' configuring the openapi schema for the
    56. 

  56.     OAuth2 Authorization Code Flow with PKCE extension.
    57. 

  57. 

  58.     This includes the JWT Bearer token configuration.
    59. 

  59.     """
    60. 

  60. 

  61.     def __init__(self, client: OAuth2SPAClientSettings):
    62. 

  62.         super().__init__(
    63. 

  63.             scheme_name="OAuth2 Authorization Code Flow with PKCE",
    64. 

  64.             authorizationUrl=str(client.authorization_url),
    65. 

  65.             tokenUrl=str(client.token_url),
    66. 

  66.         )
    67. 

  67. 

  68.     async def __call__(self) -> None:
    69. 

  69.         pass
    70. 

  70. 

  71. 

  72. class JWTBearerTokenSchema(HTTPBearer):
    73. 

  73.     """A fastapi 'dependable' configuring the openapi schema for JWT Bearer tokens.
    74. 

  74. 

  75.     Note: for the client-side OAuth2 flow, use OAuth2SPAClientSchema instead.
    76. 

  76.     """
    77. 

  77. 

  78.     def __init__(self):
    79. 

  79.         super().__init__(scheme_name="JWT Bearer token", bearerFormat="JWT")
    80. 

  80. 

  81.     async def __call__(self) -> None:
    82. 

  82.         pass
    83.