Skip to content

Fixes _access_token login issue #48

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 3 commits into from
Aug 8, 2024
Merged

Fixes _access_token login issue #48

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
90b9253
Fix #47 - Don't cache access_token
mrharpo Aug 7, 2024
6ddb7e9
Remove the "Access Token" section as of the last change
ArtyomVancyan Aug 8, 2024
11eff9d
Merge branch 'refs/heads/master' into 47-access-token
ArtyomVancyan Aug 8, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
51 changes: 1 addition & 50 deletions docs/references/tutorials.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,31 +28,6 @@ generated the client ID and secret to configure your `OAuth2Middleware` with at
Once the authentication is successful, the user will be redirected to the `redirect_uri` and the `request.user` will
contain the user information obtained from the IDP.

## Access token

When the user is authenticated, the `request.user` will contain the user information obtained from the IDP and
the `request.auth` will contain the authentication related information including the access token issued by the IDP. It
can be used to perform authorized requests to the IDP's API endpoints. Just make sure the token is issued with the
scopes required for the API endpoint.

::: details `request.auth.provider.access_token`

```mermaid
flowchart TB
subgraph level2["request (Starlette's Request object)"]
direction TB
subgraph level1["auth (Starlette's extended Auth Credentials)"]
direction TB
subgraph level0["provider (OAuth2 provider with client's credentials)"]
direction TB
token["access_token (Access token for the specified scopes)"]
end
end
end
```

:::

## Claims mapping

The `Claims` class includes permanent attributes like `display_name`, `identity`, `picture`, and `email`. It also allows
Expand Down Expand Up @@ -150,31 +125,7 @@ The request is considered invalid when one of the mandatory parameters, such as
request fails. And the errors that occur during the OAuth steps are considered authentication errors.

<style>
.info, .details {
.info {
border: 0;
}

g#level2 rect,
g#level1 rect,
g#level0 rect,
g[id^="flowchart-token"] rect {
color: #f6f6f7 !important;
stroke: #3c3c43 !important;
}

g#level2 rect {
fill: #00948680 !important;
}

g#level1 rect {
fill: #2b75a080 !important;
}

g#level0 rect {
fill: #5c837480 !important;
}

g[id^="flowchart-token"] rect {
fill: #44506980 !important;
}
</style>
5 changes: 1 addition & 4 deletions src/fastapi_oauth2/core.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -54,7 +54,6 @@ class OAuth2Core:
_oauth_client: Optional[WebApplicationClient] = None
_authorization_endpoint: str = None
_token_endpoint: str = None
_access_token: str = None
_state: str = None

def __init__(self, client: OAuth2Client) -> None:
Expand All @@ -71,9 +70,7 @@ def __init__(self, client: OAuth2Client) -> None:

@property
def access_token(self) -> str:
if not self._access_token:
self._access_token = self._oauth_client.access_token
return self._access_token
return self._oauth_client.access_token

def get_redirect_uri(self, request: Request) -> str:
return urljoin(str(request.base_url), "/oauth2/%s/token" % self.provider)
Expand Down
Loading