fastapi_aad_auth.auth

Authenticator Class.

class fastapi_aad_auth.auth.AADAuth(config: fastapi_aad_auth.config.Config = None, add_to_base_routes: bool = True, base_context: Optional[Dict[str, Any]] = None, user_klass: Optional[type] = None)[source]

Authenticator class.

Creates the key components based on the provided configurations.

DEPRECATED - fastapi_aad_auth.auth:AADAuth will be deprecated in version 0.2.0, and is replaced by fastapi_aad_auth.auth:Authenticator

Initialise the Authenticator based on the provided configuration.

Keyword Args:

  • config (fastapi_aad_auth.config.Config): Authentication configuration (includes ui and routing, as well as AAD Application and Tenant IDs)

  • add_to_base_routes (bool): Add the authentication to the router

  • base_context (Dict[str, Any]): a base context to provide

  • user_klass (type): The user class to use as part of the auth state

DEPRECATED - fastapi_aad_auth.auth:AADAuth will be deprecated in version 0.2.0, and is replaced by fastapi_aad_auth.auth:Authenticator

property api_auth_scheme

Get the API Authentication Schema.

DEPRECATED - fastapi_aad_auth.auth:AADAuth.api_auth_scheme will be deprecated in version 0.2.0, and is replaced by fastapi_aad_auth.auth:Authenticator.auth_backend.requires_auth

class fastapi_aad_auth.auth.Authenticator(config: Optional[fastapi_aad_auth.config.Config] = None, add_to_base_routes: bool = True, base_context: Optional[Dict[str, Any]] = None, user_klass: Optional[type] = None)[source]

Authenticator class.

Creates the key components based on the provided configurations.

Initialise the Authenticator based on the provided configuration.

Keyword Args:

  • config (fastapi_aad_auth.config.Config): Authentication configuration (includes ui and routing, as well as AAD Application and Tenant IDs)

  • add_to_base_routes (bool): Add the authentication to the router

  • base_context (Dict[str, Any]): a base context to provide

  • user_klass (type): The user class to use as part of the auth state

DEPRECATED - fastapi_aad_auth.auth:AADAuth will be deprecated in version 0.2.0, and is replaced by fastapi_aad_auth.auth:Authenticator

api_auth_required(scopes: str = 'authenticated', allow_session: bool = True, roles: Optional[Union[List[str], str]] = None, groups: Optional[Union[List[str], str]] = None)[source]

Decorator to require specific scopes (and redirect to the login ui) for an endpoint.

This can be used for enabling authentication on an API endpoint, using the fastapi dependency injection logic.

This adds the authentication state to the endpoint arguments as auth_state.

Keyword Arguments

  • scopes -- scopes for the starlette requires decorator

  • allow_session -- whether to allow session authentication or not

app_routes_add_auth(app: fastapi.applications.FastAPI, route_list: List[str], invert: bool = False)[source]

Add authentication to specified routes in application router.

Used for default routes (e.g. api/docs and api/redocs, openapi.json etc)

Parameters

  • app -- fastapi application

  • route_list -- list of routes to add authentication to (e.g. api docs, redocs etc)

Keyword Arguments

invert -- Switch between using the route list as a block list or an allow list

auth_required(scopes: str = 'authenticated', redirect: str = 'login', roles: Optional[Union[List[str], str]] = None, groups: Optional[Union[List[str], str]] = None)[source]

Decorator to require specific permissions (and redirect to the login ui) for an endpoint.

This can be used for toggling authentication (e.g. between an internal/external server) as well as handling the redirection based on the session information

Keyword Arguments

  • scopes -- scopes for the starlette requires decorator

  • redirect -- name of the redirection url

configure_app(app: fastapi.applications.FastAPI, add_error_handlers=True)[source]

Configure the fastapi application to use these authentication handlers.

Adds authentication middleware, error handler and adds authentication to the default routes as well as adding the authentication specific routes

Parameters

app -- fastapi application

Keyword Arguments

add_error_handlers (bool) -- add the error handlers to the app (default is true, but can be set to False to configure specific handling)