FastAPI Auth OpenID Connect
Project description
FastAPI OIDC Security
This library allows your server-side application to check credentials with ease using OpenID Connect token flows. Use it with Firebase, Keycloak, Authentik or other OIDC providers.
Simple usage
You should provide OIDC configuration to the lib with one of the following ways:
-
Environment variables
OIDC_CONFIGURATION_URI=https://example.com/.well-known/openid-configuration
-
Programmatically (use this method if you want several auth providers)
Create python file with base configuration (e.g.
auth.py):from fastapi_auth_oidc import OIDCAuthFactory OIDCAuth = OIDCAuthFactory(configuration_uri='https://example.com/.well-known/openid-configuration')
Then use factory in your handlers
from fastapi_auth_oidc import OIDCAuth # if you use env vars
# from .auth import OIDCAuth # if you use programmatically configured factory
from fastapi import FastAPI
app = FastAPI()
@app.get("/")
def read_root(user: Annotated[dict[str, Any], Depends(OIDCAuth())]):
return user
Advanced configuration
You can customize various settings in your (default) factory and in each instance
Factory settings
| Env name | Factory arg name | Default value | Type | Comment |
|---|---|---|---|---|
| OIDC_CONFIGURATION_URI | configuration_uri | - | String (url) | Fetched data will be named config further |
| OIDC_JWKS_URI | jwks_uri | config["jwks_uri"] |
String (url) | Shoud be provided if no jwks_uri in configuration from configuration_uri |
| OIDC_USERINFO_URI | userinfo_uri | config["userinfo_uri"] |
String (url) | URI to fetch user info in JWT or JSON format |
| OIDC_ISSUER | issuer | config["issuer"] |
String | If no issuer provided, check will be skipped |
Provider settings
| Provider arg name | Default value | Type | Comment |
|---|---|---|---|
| auto_error | True |
Bool | If no credentials or credentials wrong, UnauthenticatedException will be thrown |
| force_check | False |
Bool | Will check token on server for additional security, otherwise will check locally |
| fetch_userdata | False |
Bool | If fetch_userdata == True and userinfo_endpoint provided, will return data from userdata endpoint |
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file fastapi_auth_oidc-0.1.1.tar.gz.
File metadata
- Download URL: fastapi_auth_oidc-0.1.1.tar.gz
- Upload date:
- Size: 10.8 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.11.11
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
13ff3bd6c41f11d175481b53f3dba3f9ed1df0931b41d3d6c44feaedf31d5349
|
|
| MD5 |
81c4eb1311fe03fbb0ae4a420f21254d
|
|
| BLAKE2b-256 |
083cfff04df53941f1b03c010b7f75ff9909dee594caaf7c1e4ae9399177d240
|
File details
Details for the file fastapi_auth_oidc-0.1.1-py3-none-any.whl.
File metadata
- Download URL: fastapi_auth_oidc-0.1.1-py3-none-any.whl
- Upload date:
- Size: 6.5 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.11.11
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
57331d3755f34e3f9239505c5cf674e7c5bcb524970dfa518e6a1bd66ba1405a
|
|
| MD5 |
e716e4a39162832fdb5da394b42fcf6f
|
|
| BLAKE2b-256 |
92e5fbf95da022a1f2fccb940ddf37581cd10b7286b888f1f06bb690810b68ee
|
