-
Notifications
You must be signed in to change notification settings - Fork 64
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update b2c and multi-tenant docs for pydantic v2 #154
Update b2c and multi-tenant docs for pydantic v2 #154
Conversation
- Better description in pyproject.toml
Request user attached to the request
- Add a testcase for when an evil token is provided, but with the correct `kid`.
Signature loop improvement
…quires the user to do some more configuration, but makes dependencies easier to make without circular imports - Add documentation and examples on how to do role checking - `AzureAuthorizationCodeBearer` now returns a User object - Add docs on how to load provider config on startup
- Add URL to image in README, for PyPI
v2: Remove `app` parameter from AzureAuthorizationCodeBearer, dependency now returns a User object
Make `upn` optional to support Client Credential Flow
…dd multi-tenant support. **Multi-tenant support:** - Support for multi-tenant applications - Takes a coroutine to fetch valid `iss` for given `tid` **Single-tenant features:** - Support for v2 tokens for single-tenant applications - User object is reworked, and now also contains the access_token for easier Azure Graph implementation **Removal:** - `allow_guest_users` setting is removed. This can be done in Azure AD instead. (Also removal of `GuestUserException`) **Other:** - Add SECURITY.md - Relax aiohttp requirement - Move `InvalidAuth` to `exceptions.py` - Add role check example in demo project - Add `iss` fetcher example in demo project - No longer inheriting `OAuth2AuthorizationCodeBearer`, solving mypy errors. - Rename `provider_config.py` to `openid_config.py` and `ProviderConfig()` to `OpenIdConfig()` - Removal of pre-instance of `provider_config` due to OpenAPI authorization URL issues. This is now instanced on `SingleTenantAzureAuthorizationCodeBearer` or `MultiTenantAzureAuthorizationCodeBearer`. **Tests:** - 100% codecov for v1 and v2 single-tenant applications - 99% codecov for openid_config **TODO:** - Documentation needs full rewrite - Tests for multi-tenant - Test for `openid_config` `app_id`
…y()` (instead of `Depends()`) - Fix missing `Authorize` button in OpenAPI documentation - Add tests for OpenAPI documentation, so this won't happen again.
- Add single-tenant tests for multi-tenant
…sas inheritance for the different app types
- Add test for validate_iss=False
* fix version comparison in skip condition * openapi_version based on fastapi version * add test to validate openapi spec * Make the generated openapi spec 3.1 compliant - Fix two operation that had the same operation id - Make the security scheme follow the pattern ^[a-zA-Z0-9._-]+$ * only test schema for version 2 of pydantic --------- Co-authored-by: Émile Nadeau <emile.nadeau@ruv.is>
…ity#145) * fix: make and optional to allow User validation in B2C * fix: adjust testing the openapi schema with optional tid and oid claims
…ty#146) * move openapi-spec-validator and pydantic-settings to dev deps * version bump
Co-authored-by: Jonas Krüger Svensson <jonas-ks@hotmail.com>
… have upgraded by now :)
Bumps [actions/cache](https://github.com/actions/cache) from 3.3.1 to 3.3.2. - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](actions/cache@v3.3.1...v3.3.2) --- updated-dependencies: - dependency-name: actions/cache dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v3...v4) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
|
||
|
||
class Settings(BaseSettings): | ||
BACKEND_CORS_ORIGINS: list[Union[str, AnyHttpUrl]] = ['http://localhost:8000'] | ||
BACKEND_CORS_ORIGINS: list[str | AnyHttpUrl] = ['http://localhost:8000'] | ||
TENANT_NAME: str = Field(default='', env='TENANT_NAME') |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nit, and probably out of scope too, but TENANT_NAME: str = Field(default='', env='TENANT_NAME')
here could be just TENANT_NAME: str = ''
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Same for all of the other uses of ´Field` too
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks, I still haven't been able to test out Pydanticv2 since the release candidates. Any nitpicking is good, I'd love to have it up2date.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'll update this as mentioned.
Thanks @nikstuckenbrock, I've added the label. 😊 |
Could you please have a look at #106 (comment)? Would love to ensure this is added to all the docs as well. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
For what it's worth, LGTM 🚀
8aa495f
to
83b611f
Compare
Please have a look at #158 . |
As mentioned in #150 I've updated the docs for multi-tenant and b2c according to pydantic v2.
I would appreciate if you could add the
HACKTOBERFEST-ACCEPTED
label to the pull request.