Skip to content

Commit

Permalink
[17.0][MIG] fastapi_auth_jwt: update version to 17.0
Browse files Browse the repository at this point in the history
  • Loading branch information
kobros-tech committed Dec 18, 2024
1 parent 9d24e36 commit 1e9cf0c
Show file tree
Hide file tree
Showing 14 changed files with 199 additions and 160 deletions.
1 change: 0 additions & 1 deletion .pre-commit-config.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,6 @@ exclude: |
^datamodel/|
^extendable/|
^extendable_fastapi/|
^fastapi_auth_jwt/|
^fastapi_auth_jwt_demo/|
^model_serializer/|
^rest_log/|
Expand Down
10 changes: 5 additions & 5 deletions README.md
Original file line number Diff line number Diff line change
@@ -1,4 +1,3 @@

[![Runboat](https://img.shields.io/badge/runboat-Try%20me-875A7B.png)](https://runboat.odoo-community.org/builds?repo=OCA/rest-framework&target_branch=17.0)
[![Pre-commit Status](https://github.com/OCA/rest-framework/actions/workflows/pre-commit.yml/badge.svg?branch=17.0)](https://github.com/OCA/rest-framework/actions/workflows/pre-commit.yml?query=branch%3A17.0)
[![Build Status](https://github.com/OCA/rest-framework/actions/workflows/test.yml/badge.svg?branch=17.0)](https://github.com/OCA/rest-framework/actions/workflows/test.yml?query=branch%3A17.0)
Expand Down Expand Up @@ -54,11 +53,12 @@ addon | version | maintainers | summary

This repository is licensed under [AGPL-3.0](LICENSE).

However, each module can have a totally different license, as long as they adhere to Odoo Community Association (OCA)
policy. Consult each module's `__manifest__.py` file, which contains a `license` key
that explains its license.
However, each module can have a totally different license, as long as they adhere to
Odoo Community Association (OCA) policy. Consult each module's `__manifest__.py` file,
which contains a `license` key that explains its license.

---

----
OCA, or the [Odoo Community Association](http://odoo-community.org/), is a nonprofit
organization whose mission is to support the collaborative development of Odoo features
and promote its widespread use.
91 changes: 52 additions & 39 deletions fastapi_auth_jwt/README.rst
Original file line number Diff line number Diff line change
Expand Up @@ -17,19 +17,20 @@ FastAPI Auth JWT support
:target: http://www.gnu.org/licenses/lgpl-3.0-standalone.html
:alt: License: LGPL-3
.. |badge3| image:: https://img.shields.io/badge/github-OCA%2Frest--framework-lightgray.png?logo=github
:target: https://github.com/OCA/rest-framework/tree/16.0/fastapi_auth_jwt
:target: https://github.com/OCA/rest-framework/tree/17.0/fastapi_auth_jwt
:alt: OCA/rest-framework
.. |badge4| image:: https://img.shields.io/badge/weblate-Translate%20me-F47D42.png
:target: https://translation.odoo-community.org/projects/rest-framework-16-0/rest-framework-16-0-fastapi_auth_jwt
:target: https://translation.odoo-community.org/projects/rest-framework-17-0/rest-framework-17-0-fastapi_auth_jwt
:alt: Translate me on Weblate
.. |badge5| image:: https://img.shields.io/badge/runboat-Try%20me-875A7B.png
:target: https://runboat.odoo-community.org/builds?repo=OCA/rest-framework&target_branch=16.0
:target: https://runboat.odoo-community.org/builds?repo=OCA/rest-framework&target_branch=17.0
:alt: Try me on Runboat

|badge1| |badge2| |badge3| |badge4| |badge5|

This module provides ``FastAPI`` ``Depends`` to allow authentication with `auth_jwt
<https://github.com/OCA/server-auth/tree/16.0/auth_jwt>`_.
This module provides ``FastAPI`` ``Depends`` to allow authentication
with
`auth_jwt <https://github.com/OCA/server-auth/tree/16.0/auth_jwt>`__.

**Table of contents**

Expand All @@ -39,83 +40,95 @@ This module provides ``FastAPI`` ``Depends`` to allow authentication with `auth_
Usage
=====

The following FastAPI dependencies are provided and importable from
The following FastAPI dependencies are provided and importable from
``odoo.addons.fastapi_auth_jwt.dependencies``:

``def auth_jwt_authenticated_payload() -> Payload``

Return the authenticated JWT payload. Raise a 401 (unauthorized) if absent or invalid.
Return the authenticated JWT payload. Raise a 401 (unauthorized) if
absent or invalid.

``def auth_jwt_optionally_authenticated_payload() -> Payload | None``

Return the authenticated JWT payload, or ``None`` if the ``Authorization`` header and
cookie are absent. Raise a 401 (unauthorized) if present and invalid.
Return the authenticated JWT payload, or ``None`` if the
``Authorization`` header and cookie are absent. Raise a 401
(unauthorized) if present and invalid.

``def auth_jwt_authenticated_partner() -> Partner``

Obtain the authenticated partner corresponding to the provided JWT token, according to
the partner strategy defined on the ``auth_jwt`` validator. Raise a 401 (unauthorized)
if the partner could not be determined for any reason.
Obtain the authenticated partner corresponding to the provided JWT
token, according to the partner strategy defined on the ``auth_jwt``
validator. Raise a 401 (unauthorized) if the partner could not be
determined for any reason.

This is function suitable and intended to override
``odoo.addons.fastapi.dependencies.authenticated_partner_impl``.
This is function suitable and intended to override
``odoo.addons.fastapi.dependencies.authenticated_partner_impl``.

The partner record returned by this function is bound to an environment that uses the
Odoo user obtained from the user strategy defined on the ``auth_jwt`` validator. When
used ``authenticated_partner_impl`` this in turn ensures that
``odoo.addons.fastapi.dependencies.authenticated_partner_env`` is also bound to the
correct Odoo user.
The partner record returned by this function is bound to an
environment that uses the Odoo user obtained from the user strategy
defined on the ``auth_jwt`` validator. When used
``authenticated_partner_impl`` this in turn ensures that
``odoo.addons.fastapi.dependencies.authenticated_partner_env`` is
also bound to the correct Odoo user.

``def auth_jwt_optionally_authenticated_partner() -> Partner``

Same as ``auth_jwt_partner`` except it returns an empty recordset bound to the
``public`` user if the ``Authorization`` header and cookie are absent, or if the JWT
validator could not find the partner and declares that the partner is not required.
Same as ``auth_jwt_partner`` except it returns an empty recordset
bound to the ``public`` user if the ``Authorization`` header and
cookie are absent, or if the JWT validator could not find the partner
and declares that the partner is not required.

``def auth_jwt_authenticated_odoo_env() -> Environment``

Return an Odoo environment using the the Odoo user obtained from the user strategy
defined on the ``auth_jwt`` validator, if the request could be authenticated using a
JWT validator. Raise a 401 (unauthorized) otherwise.
Return an Odoo environment using the the Odoo user obtained from the
user strategy defined on the ``auth_jwt`` validator, if the request
could be authenticated using a JWT validator. Raise a 401
(unauthorized) otherwise.

This is function suitable and intended to override
``odoo.addons.fastapi.dependencies.authenticated_odoo_env_impl``.
This is function suitable and intended to override
``odoo.addons.fastapi.dependencies.authenticated_odoo_env_impl``.

``def auth_jwt_default_validator_name() -> str | None``

Return the name of the default JWT validator to use.
Return the name of the default JWT validator to use.

The default implementation returns ``None`` meaning only one active JWT validator is
allowed. This dependency is meant to be overridden.
The default implementation returns ``None`` meaning only one active
JWT validator is allowed. This dependency is meant to be overridden.

``def auth_jwt_http_header_authorization() -> str | None``

By default, return the credentials part of the ``Authorization`` header, or ``None``
if absent. This dependency is meant to be overridden, in particular with
``fastapi.security.OAuth2AuthorizationCodeBearer`` to let swagger handle OAuth2
authorization (such override is only necessary for comfort when using the swagger
interface).
By default, return the credentials part of the ``Authorization``
header, or ``None`` if absent. This dependency is meant to be
overridden, in particular with
``fastapi.security.OAuth2AuthorizationCodeBearer`` to let swagger
handle OAuth2 authorization (such override is only necessary for
comfort when using the swagger interface).

Bug Tracker
===========

Bugs are tracked on `GitHub Issues <https://github.com/OCA/rest-framework/issues>`_.
In case of trouble, please check there if your issue has already been reported.
If you spotted it first, help us to smash it by providing a detailed and welcomed
`feedback <https://github.com/OCA/rest-framework/issues/new?body=module:%20fastapi_auth_jwt%0Aversion:%2016.0%0A%0A**Steps%20to%20reproduce**%0A-%20...%0A%0A**Current%20behavior**%0A%0A**Expected%20behavior**>`_.
`feedback <https://github.com/OCA/rest-framework/issues/new?body=module:%20fastapi_auth_jwt%0Aversion:%2017.0%0A%0A**Steps%20to%20reproduce**%0A-%20...%0A%0A**Current%20behavior**%0A%0A**Expected%20behavior**>`_.

Do not contact contributors directly about support or help with technical issues.

Credits
=======

Authors
~~~~~~~
-------

* ACSONE SA/NV

Contributors
------------

Mohamed Alkobrosli <[email protected]>

Maintainers
~~~~~~~~~~~
-----------

This module is maintained by the OCA.

Expand All @@ -135,6 +148,6 @@ Current `maintainer <https://odoo-community.org/page/maintainer-role>`__:

|maintainer-sbidoul|

This module is part of the `OCA/rest-framework <https://github.com/OCA/rest-framework/tree/16.0/fastapi_auth_jwt>`_ project on GitHub.
This module is part of the `OCA/rest-framework <https://github.com/OCA/rest-framework/tree/17.0/fastapi_auth_jwt>`_ project on GitHub.

You are welcome to contribute. To learn how please visit https://odoo-community.org/page/Contribute.
1 change: 1 addition & 0 deletions fastapi_auth_jwt/__init__.py
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
from . import models
4 changes: 2 additions & 2 deletions fastapi_auth_jwt/__manifest__.py
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@
"name": "FastAPI Auth JWT support",
"summary": """
JWT bearer token authentication for FastAPI.""",
"version": "16.0.1.0.1",
"version": "17.0.1.0.1",
"license": "LGPL-3",
"author": "ACSONE SA/NV,Odoo Community Association (OCA)",
"maintainers": ["sbidoul"],
Expand All @@ -16,5 +16,5 @@
],
"data": [],
"demo": [],
"installable": False,
"installable": True,
}
38 changes: 19 additions & 19 deletions fastapi_auth_jwt/dependencies.py
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
# License LGPL-3.0 or later (http://www.gnu.org/licenses/lgpl).

import logging
from typing import Annotated, Any, Dict, Optional, Tuple, Union
from typing import Annotated, Any

from starlette.status import HTTP_401_UNAUTHORIZED

Expand All @@ -25,11 +25,11 @@
_logger = logging.getLogger(__name__)


Payload = Dict[str, Any]
Payload = dict[str, Any]


def _get_auth_jwt_validator(
validator_name: Union[str, None],
validator_name: str | None,
env: Environment,
) -> AuthJwtValidator:
validator = env["auth.jwt.validator"].sudo()._get_validator_by_name(validator_name)
Expand All @@ -39,9 +39,9 @@ def _get_auth_jwt_validator(

def _request_has_authentication(
request: Request,
authorization_header: Optional[str],
authorization_header: str | None,
validator: AuthJwtValidator,
) -> Union[Payload, None]:
) -> Payload | None:
if authorization_header is not None:
return True
if not validator.cookie_enabled:
Expand All @@ -52,7 +52,7 @@ def _request_has_authentication(

def _get_jwt_payload(
request: Request,
authorization_header: Optional[str],
authorization_header: str | None,
validator: AuthJwtValidator,
) -> Payload:
"""Obtain and validate the JWT payload from the request authorization header or
Expand All @@ -76,9 +76,9 @@ def _get_jwt_payload(
def _get_jwt_payload_and_validator(
request: Request,
response: Response,
authorization_header: Optional[str],
authorization_header: str | None,
validator: AuthJwtValidator,
) -> Tuple[Payload, AuthJwtValidator]:
) -> tuple[Payload, AuthJwtValidator]:
try:
payload = None
exceptions = {}
Expand Down Expand Up @@ -117,15 +117,15 @@ def _get_jwt_payload_and_validator(
raise HTTPException(status_code=HTTP_401_UNAUTHORIZED) from e


def auth_jwt_default_validator_name() -> Union[str, None]:
def auth_jwt_default_validator_name() -> str | None:
return None


def auth_jwt_http_header_authorization(
credentials: Annotated[
Optional[HTTPAuthorizationCredentials],
HTTPAuthorizationCredentials | None,
Depends(HTTPBearer(auto_error=False)),
]
],
):
if credentials is None:
return None
Expand All @@ -134,7 +134,7 @@ def auth_jwt_http_header_authorization(

class BaseAuthJwt: # noqa: B903
def __init__(
self, validator_name: Optional[str] = None, allow_unauthenticated: bool = False
self, validator_name: str | None = None, allow_unauthenticated: bool = False
):
self.validator_name = validator_name
self.allow_unauthenticated = allow_unauthenticated
Expand All @@ -146,18 +146,18 @@ def __call__(
request: Request,
response: Response,
authorization_header: Annotated[
Optional[str],
str | None,
Depends(auth_jwt_http_header_authorization),
],
default_validator_name: Annotated[
Union[str, None],
str | None,
Depends(auth_jwt_default_validator_name),
],
env: Annotated[
Environment,
Depends(odoo_env),
],
) -> Optional[Payload]:
) -> Payload | None:
validator = _get_auth_jwt_validator(
self.validator_name or default_validator_name, env
)
Expand All @@ -176,11 +176,11 @@ def __call__(
request: Request,
response: Response,
authorization_header: Annotated[
Optional[str],
str | None,
Depends(auth_jwt_http_header_authorization),
],
default_validator_name: Annotated[
Union[str, None],
str | None,
Depends(auth_jwt_default_validator_name),
],
env: Annotated[
Expand Down Expand Up @@ -215,11 +215,11 @@ def __call__(
request: Request,
response: Response,
authorization_header: Annotated[
Optional[str],
str | None,
Depends(auth_jwt_http_header_authorization),
],
default_validator_name: Annotated[
Union[str, None],
str | None,
Depends(auth_jwt_default_validator_name),
],
env: Annotated[
Expand Down
Empty file.
3 changes: 3 additions & 0 deletions fastapi_auth_jwt/pyproject.toml
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
[build-system]
requires = ["whool"]
build-backend = "whool.buildapi"
1 change: 1 addition & 0 deletions fastapi_auth_jwt/readme/CONTRIBUTORS.md
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
Mohamed Alkobrosli \<<[email protected]>\>
2 changes: 2 additions & 0 deletions fastapi_auth_jwt/readme/DESCRIPTION.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
This module provides `FastAPI` `Depends` to allow authentication with
[auth_jwt](https://github.com/OCA/server-auth/tree/16.0/auth_jwt).
2 changes: 0 additions & 2 deletions fastapi_auth_jwt/readme/DESCRIPTION.rst

This file was deleted.

Loading

0 comments on commit 1e9cf0c

Please sign in to comment.