Skip to main content

Easy and secure implementation of Azure AD for your FastAPI APIs

Project description


FastAPI-Azure-auth

Azure AD Authentication for FastAPI apps made easy.

Python version FastAPI Version Package version

Codecov Pre-commit Black mypy isort

🚀 Description

FastAPI is a modern, fast (high-performance), web framework for building APIs with Python, based on standard Python type hints.

At Intility, FastAPI is a popular framework among its developers, with customer-facing and internal services developed entirely on a FastAPI backend.

This package enables our developers (and you 😊) to create features without worrying about authentication and authorization.

Also, we're hiring!

⚡️ Quick start

Azure

Azure docs will be available when create-fastapi-app is developed. In the meantime please use the .NET documentation.

FastAPI

  1. Install this library:
pip install fastapi-azure-auth
# or
poetry add fastapi-azure-auth
  1. Include swagger_ui_oauth2_redirect_url and swagger_ui_init_oauth in your FastAPI app initialization:
app = FastAPI(
    ...
    swagger_ui_oauth2_redirect_url='/oauth2-redirect',
    swagger_ui_init_oauth={
        'usePkceWithAuthorizationCodeGrant': True, 
        'clientId': settings.OPENAPI_CLIENT_ID  # SPA app with grants to your app
    },
)
  1. Ensure you have CORS enabled for your local environment, such as http://localhost:8000. See main.py and the BACKEND_CORS_ORIGINS in config.py

  2. Import and configure your Azure authentication:

from fastapi_azure_auth.auth import AzureAuthorizationCodeBearer

azure_scheme = AzureAuthorizationCodeBearer(
    app=app,
    app_client_id=settings.APP_CLIENT_ID,  # Web app
    scopes={
        f'api://{settings.APP_CLIENT_ID}/user_impersonation': 'User Impersonation',
    },
)
  1. Set your intility_scheme as a dependency for your wanted views/routers:
app.include_router(api_router, prefix=settings.API_V1_STR, dependencies=[Depends(azure_scheme)])

⚙️ Configuration

For those using a non-Intility tenant, you also need to make changes to the provider_config:

from fastapi_azure_auth.provider_config import provider_config

intility_scheme = AzureAuthorizationCodeBearer(
    ...
)

provider_config.tenant_id = 'my-own-tenant-id'

If you want, you can deny guest users to access your API by passing the allow_guest_users=False to AzureAuthorizationCodeBearer:

intility_scheme = AzureAuthorizationCodeBearer(
    ...
    allow_guest_users=False
)

💡 Nice to knows

A User object is attached to the request state if the token is valid. Unparsed claims can be accessed at request.state.user.claims.

from fastapi_azure_auth.user import User
from fastapi import Request

@router.get(...)
async def world(request: Request) -> dict:
    user: User = request.state.user
    return {'user': user}

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

fastapi-azure-auth-1.1.0.tar.gz (8.2 kB view details)

Uploaded Source

Built Distribution

fastapi_azure_auth-1.1.0-py3-none-any.whl (8.3 kB view details)

Uploaded Python 3

File details

Details for the file fastapi-azure-auth-1.1.0.tar.gz.

File metadata

  • Download URL: fastapi-azure-auth-1.1.0.tar.gz
  • Upload date:
  • Size: 8.2 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: poetry/1.1.7 CPython/3.9.6 Linux/5.8.0-1039-azure

File hashes

Hashes for fastapi-azure-auth-1.1.0.tar.gz
Algorithm Hash digest
SHA256 b609ca6dcfa1d2ede8b603bfd56c4528ee5761252b0dcee8235b582e082c7b89
MD5 b92400bccd65438c886018ebb8c4216f
BLAKE2b-256 a228db4ea691a562e9f9e05471dddc0d174ffd59d293f5ce6c68e12a8efc073d

See more details on using hashes here.

File details

Details for the file fastapi_azure_auth-1.1.0-py3-none-any.whl.

File metadata

  • Download URL: fastapi_azure_auth-1.1.0-py3-none-any.whl
  • Upload date:
  • Size: 8.3 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: poetry/1.1.7 CPython/3.9.6 Linux/5.8.0-1039-azure

File hashes

Hashes for fastapi_azure_auth-1.1.0-py3-none-any.whl
Algorithm Hash digest
SHA256 c35a95b06bbfc7766aa89cbfba96594ea44bef90712416be990dfd60de1e937c
MD5 375e5c110385765eaee87bdb728200d1
BLAKE2b-256 3ab5cc57f9d80c51e18cf64396b88c87a9732991a7d7b495fc5f5f2f6a9f6685

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page