Skip to main content

No project description provided

Project description

Starlette OAuth2

A Startlette middleware for authentication through oauth2's via a secret key, which is often used to add authentication and authorization to a web application that interacts with an API on behalf of the user.

This middleware is intented to be used when the application relies on an external tenant (e.g. Microsoft AD) for authentication.

Check example/ for a concrete implementation.

How to run the example against Microsoft AD

Note: the values in capital such as CLIENT_ID are to be added to example/.venv.

  1. Generate a secret (e.g. openssl rand -base64 32) and write its value on SECRET_KEY

  2. Go to Azure AD, create an app registration (app registrations), give it a name, and add http://localhost:5001/authorized as a Redirect URI.

    • add the value on Application (client) ID to CLIENT_ID
    • add the value on Endpoints > OpenID Connect metadata document to SERVER_METADATA_URL
  3. In Certificates & secrets tab, create a new client secret.

    • add the value of the key you just created under Client secrets to CLIENT_SECRET
  4. Install dependencies and run:

cd example
python -m venv venv
venv/bin/pip install -r requirements.txt
venv/bin/python -m app

When you visit http://localhost:5001/public, you will see that you are not authenticated. When you visit http://localhost:5001/other, you will be redirected to your tenant, to authenticate. Once authenticated, you will be redirected back to http://localhost:5001/other, and your email will appear.

Public endpoints are optional. They are useful for e.g. health checks.

Project details

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

starlette-oauth2-0.3.4.tar.gz (3.3 kB view hashes)

Uploaded source

Supported by

AWS AWS Cloud computing Datadog Datadog Monitoring Facebook / Instagram Facebook / Instagram PSF Sponsor Fastly Fastly CDN Google Google Object Storage and Download Analytics Huawei Huawei PSF Sponsor Microsoft Microsoft PSF Sponsor NVIDIA NVIDIA PSF Sponsor Pingdom Pingdom Monitoring Salesforce Salesforce PSF Sponsor Sentry Sentry Error logging StatusPage StatusPage Status page