GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → Intility → fastapi-azure-auth

Intility / fastapi-azure-auth

Licence: MIT license
Easy and secure implementation of Azure AD for your FastAPI APIs 🔒 B2C, single- and multi-tenant support.

Programming Languages

python
139335 projects - #7 most used programming language
shell
77523 projects

Labels

securityoauth2authenticationazureopenidconnectopenapiasyncioopenidazure-active-directoryoidcasgiazure-adtrioazureadfastapianyio

Projects that are alternatives of or similar to fastapi-azure-auth

hypercorn-fastapi-docker
Docker image with Hypercorn for FastAPI apps in Python 3.7, 3.8, 3.9. Ready for HTTP2 and HTTPS
Stars: ✭ 18 (-89.66%)
Mutual labels:  asyncio, asgi, trio, fastapi
Fastapi
FastAPI framework, high performance, easy to learn, fast to code, ready for production
Stars: ✭ 39,588 (+22651.72%)
Mutual labels:  openapi, asyncio, fastapi
asyncer
Asyncer, async and await, focused on developer experience.
Stars: ✭ 572 (+228.74%)
Mutual labels:  asyncio, trio, anyio
Auth
:atom: Social (OAuth1\OAuth2\OpenID\OpenIDConnect) sign with PHP
Stars: ✭ 457 (+162.64%)
Mutual labels:  oauth2, openidconnect, openid
oidc-agent
oidc-agent for managing OpenID Connect tokens on the command line
Stars: ✭ 47 (-72.99%)
Mutual labels:  openidconnect, openid, oidc
HibiAPI
一个实现了多种常用站点的易用化API的程序 / A program that implements easy-to-use APIs for a variety of commonly used sites.
Stars: ✭ 427 (+145.4%)
Mutual labels:  openapi, asyncio, fastapi
IdentityServer4.PhoneNumberAuth
Sample passwordless phone number authentication using OAuth in ASP.NET Core 2.2
Stars: ✭ 83 (-52.3%)
Mutual labels:  oauth2, openid, oidc
Angular Auth Oidc Client
npm package for OpenID Connect, OAuth Code Flow with PKCE, Refresh tokens, Implicit Flow
Stars: ✭ 577 (+231.61%)
Mutual labels:  oauth2, openidconnect, openid
Node Oidc Provider
OpenID Certified™ OAuth 2.0 Authorization Server implementation for Node.js
Stars: ✭ 2,018 (+1059.77%)
Mutual labels:  oauth2, openid, oidc
Jose Jwt
Ultimate Javascript Object Signing and Encryption (JOSE) and JSON Web Token (JWT) Implementation for .NET and .NET Core
Stars: ✭ 692 (+297.7%)
Mutual labels:  oauth2, openidconnect, openid
python-socks
Core proxy client (SOCKS4, SOCKS5, HTTP) functionality for Python
Stars: ✭ 40 (-77.01%)
Mutual labels:  asyncio, trio, anyio
Hydra
OpenID Certified™ OpenID Connect and OAuth Provider written in Go - cloud native, security-first, open source API security for your infrastructure. SDKs for any language. Compatible with MITREid.
Stars: ✭ 11,884 (+6729.89%)
Mutual labels:  oauth2, openid, oidc
Jose2go
Golang (GO) implementation of Javascript Object Signing and Encryption specification
Stars: ✭ 150 (-13.79%)
Mutual labels:  oauth2, openidconnect, openid
fastapi-project
FastAPI application without global variables(almost) =)
Stars: ✭ 26 (-85.06%)
Mutual labels:  asgi, fastapi
sotsera.blazor.oidc
OpenID Connect client for Blazor client-side projects
Stars: ✭ 21 (-87.93%)
Mutual labels:  openid, oidc
oidc
Easy to use OpenID Connect client and server library written for Go and certified by the OpenID Foundation
Stars: ✭ 475 (+172.99%)
Mutual labels:  openidconnect, oidc
asgi-babel
Adds internationalization (i18n) support to ASGI applications (Asyncio/Trio)
Stars: ✭ 21 (-87.93%)
Mutual labels:  asgi, trio
fab-oidc
Flask-AppBuilder SecurityManager for OpenIDConnect
Stars: ✭ 28 (-83.91%)
Mutual labels:  openidconnect, oidc
ms-identity-mobile-apple-swift-objc
An iOS sample in Swift that authenticates Microsoft Account and Azure AD users and calls the Graph API using OAuth 2.0
Stars: ✭ 61 (-64.94%)
Mutual labels:  azure-active-directory, azuread
starlite
Light, Flexible and Extensible ASGI API framework
Stars: ✭ 1,525 (+776.44%)
Mutual labels:  openapi, asgi
View All Similar Projects ➔


FastAPI-Azure-Auth

Azure AD Authentication for FastAPI apps made easy.

Python version FastAPI Version Package version
Codecov Pre-commit Black mypy isort

🚀 Description

FastAPI is a modern, fast (high-performance), web framework for building APIs with Python, based on standard Python type hints.

At Intility we use FastAPI for both internal (single-tenant) and customer-facing (multi-tenant) APIs. This package enables our developers (and you 😊) to create features without worrying about authentication and authorization.

Also, we're hiring!

📚 Resources

The documentation contains a full tutorial on how to configure Azure AD and FastAPI for both single- and multi-tenant applications. It includes examples on how to lock down your APIs to certain scopes, tenants, roles etc. For first time users it's strongly advised to set up your application exactly how it's described there, and then alter it to your needs later.

MIT License | Documentation | GitHub

Setup

This is a tl;dr intended to give you an idea of what this package does and how to use it. For a more in-depth tutorial and settings reference you should read the documentation.

1. Install this library:

pip install fastapi-azure-auth
# or
poetry add fastapi-azure-auth

2. Configure your FastAPI app

Include swagger_ui_oauth2_redirect_url and swagger_ui_init_oauth in your FastAPI app initialization:

# file: main.py
app = FastAPI(
    ...
    swagger_ui_oauth2_redirect_url='/oauth2-redirect',
    swagger_ui_init_oauth={
        'usePkceWithAuthorizationCodeGrant': True,
        'clientId': settings.OPENAPI_CLIENT_ID,
    },
)

3. Setup CORS

Ensure you have CORS enabled for your local environment, such as http://localhost:8000.

4. Configure FastAPI-Azure-Auth

Configure either your SingleTenantAzureAuthorizationCodeBearer or MultiTenantAzureAuthorizationCodeBearer.

# file: demoproj/api/dependencies.py
from fastapi_azure_auth.auth import SingleTenantAzureAuthorizationCodeBearer

azure_scheme = SingleTenantAzureAuthorizationCodeBearer(
    app_client_id=settings.APP_CLIENT_ID,
    tenant_id=settings.TENANT_ID,
    scopes={
        f'api://{settings.APP_CLIENT_ID}/user_impersonation': 'user_impersonation',
    }
)

or for multi-tenant applications:

# file: demoproj/api/dependencies.py
from fastapi_azure_auth.auth import MultiTenantAzureAuthorizationCodeBearer

azure_scheme = MultiTenantAzureAuthorizationCodeBearer(
    app_client_id=settings.APP_CLIENT_ID,
    scopes={
        f'api://{settings.APP_CLIENT_ID}/user_impersonation': 'user_impersonation',
    },    
    validate_iss=False
)

To validate the iss, configure an iss_callable.

5. Configure dependencies

Add azure_scheme as a dependency for your views/routers, using either Security() or Depends().

# file: main.py
from demoproj.api.dependencies import azure_scheme

app.include_router(api_router, prefix=settings.API_V1_STR, dependencies=[Security(azure_scheme, scopes='user_impersonation')])

6. Load config on startup

Optional but recommended.

# file: main.py
@app.on_event('startup')
async def load_config() -> None:
    """
    Load OpenID config on startup.
    """
    await azure_scheme.openid_config.load_config()

📄 Example OpenAPI documentation

Your OpenAPI documentation will get an Authorize button, which can be used to authenticate. authorize

The user can select which scopes to authenticate with, based on your configuration. scopes

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].