Small connexion extension to add authentication into spec routes

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for exageraldo from gravatar.com exageraldo

Unverified details

These details have not been verified by PyPI
Project links
GitHub Statistics

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

Meta

License: BSD License (BSD-3-Clause)

Author: Geraldo Castro

Classifiers

Project description

Connexion Auth Paths Extended

Small connexion extension to add authentication into spec routes

The connexion framework it's possible to use a parameter called auth_all_paths (in FlaskApp and AioHttpApp), which in your documentation (link) is defined as:

:param auth_all_paths: whether to authenticate not defined paths
:type auth_all_paths: bool

And it can be used this way, during app initialization:

from connexion import FlaskApp # or AioHttpApp


connexion_app = FlaskApp(
    __name__,
    specification_dir='swagger/',
    auth_all_paths=True
)

But the only routes added to the authentication are the 404 Error route (link) routes, but there are other routes that should also be treated:

  • /openapi.json
  • /openapi.yaml
  • openapi_spec_path

The idea of this extension is to apply the default authentication on these routes, without changing the behavior of anything else.

Why?

This was once a requirement requested by the security team in an internal project. The API documentation provides very detailed technical information for the attackers external world, sometimes including email addresses, internal application’s url, API’s structure, and other stuffs. Think that specification it’s like a map, It's also very helpful for them to dig for vulnerabilities and detect targets.

What about the SwaggerUI (/ui/) route?

It is not necessary, as it does not make much sense to ask for a auth/token on a page that will be accessed by the browser. And if some kind of authentication is required, it must be provided to consume the routes through the interface.

Installation

Install with pip:

  pip install connexion-auth-paths-extd

or

  pip install connexion-auth-paths-extd[aiohttp]

Usage/Examples

from connexion.extended.auth_paths_extd import FlaskApp # or AioHttpApp


connexion_app = FlaskApp(
    __name__,
    specification_dir='swagger/',
    auth_all_paths=True
)

Almost the same, we just change where we are importing the FlaskApp class from. The auth_paths_extd.FlaskApp object works exactly the same as connexion.FlaskApp, same methods, attributes and initialization. No extra parameters are needed, just pass auth_all_paths as True.

No dependencies are required in addition to the connexion itself.

A better exemple is on examples folder.

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for exageraldo from gravatar.com exageraldo

Unverified details

These details have not been verified by PyPI
Project links
GitHub Statistics

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

Meta

License: BSD License (BSD-3-Clause)

Author: Geraldo Castro

Classifiers

Release history Release notifications | RSS feed

This version

0.0.6

0.0.5

0.0.4

0.0.3

0.0.3.dev0 pre-release

0.0.2.dev2 pre-release

0.0.2.dev0 pre-release

0.0.1.dev1 pre-release

0.0.1.dev0 pre-release

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

connexion_auth_paths_extd-0.0.6.tar.gz (6.1 kB view hashes)

Uploaded Source

Built Distribution

connexion_auth_paths_extd-0.0.6-py3-none-any.whl (6.5 kB view hashes)

Uploaded Python 3

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page