Skip to main content

Authentication support for layab.

Project description

Authentication for layab

pypi version Build status Coverage Code style: black Number of tests Number of downloads

Provides a decorator to ensure that, in a context of a Flask server, a valid OAuth2 token was received.

As expected by the HTTP specification, token is extracted from Authorization header and must be prefixed with Bearer .

If validation fails, an werkzeug.exceptions.Unauthorized exception is raised. Otherwise user details are stored in flask.g.current_user, this variable is an instance of the User class, it contains name property holding the authenticated user name (extracted from the upn field inside the token).

Decorator works fine on flask-restplus methods as well.

Below is a sample Flask application with an endpoint requesting a Microsoft issued OAuth2 token.

import flask
import layabauth

app = flask.Flask(__name__)

def my_endpoint():
    return "OK"


You can generate OpenAPI security definition thanks to layabauth.authorizations.

You can generate OpenAPI method security thanks to layabauth.method_authorizations


Authentication can be mocked using layabauth.testing.auth_mock pytest fixture.

upn pytest fixture returning the UPN located in token used in tests must be provided.

from layabauth.testing import *

def upn():
    return ""

def test_authentication(auth_mock):

How to install

  1. python 3.6+ must be installed
  2. Use pip to install module:
python -m pip install layabauth

Project details

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

layabauth-3.2.0.tar.gz (4.4 kB view hashes)

Uploaded Source

Built Distribution

layabauth-3.2.0-py3-none-any.whl (5.4 kB view hashes)

Uploaded Python 3

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page