PyPI - fastapi-sso - Versions diffs - 0.13.1__py3-none-any.whl → 0.14.0__py3-none-any.whl - Mend

fastapi-sso 0.13.1py3-none-any.whl → 0.14.0py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

fastapi_sso/sso/base.py CHANGED Viewed

@@ -8,7 +8,7 @@ import os
 import sys
 import warnings
 from types import TracebackType
-from typing import Any, Dict, List, Optional, Type, Union
+from typing import Any, Dict, List, Literal, Optional, Type, Union, overload
 import httpx
 import pydantic
@@ -296,6 +296,7 @@ class SSOBase:
             response.set_cookie("pkce_code_verifier", str(self._pkce_code_verifier))
         return response
+    @overload
     async def verify_and_process(
         self,
         request: Request,
@@ -303,7 +304,29 @@ class SSOBase:
         params: Optional[Dict[str, Any]] = None,
         headers: Optional[Dict[str, Any]] = None,
         redirect_uri: Optional[str] = None,
-    ) -> Optional[OpenID]:
+        convert_response: Literal[True] = True,
+    ) -> Optional[OpenID]: ...
+    @overload
+    async def verify_and_process(
+        self,
+        request: Request,
+        *,
+        params: Optional[Dict[str, Any]] = None,
+        headers: Optional[Dict[str, Any]] = None,
+        redirect_uri: Optional[str] = None,
+        convert_response: Literal[False],
+    ) -> Optional[Dict[str, Any]]: ...
+    async def verify_and_process(
+        self,
+        request: Request,
+        *,
+        params: Optional[Dict[str, Any]] = None,
+        headers: Optional[Dict[str, Any]] = None,
+        redirect_uri: Optional[str] = None,
+        convert_response: Union[Literal[True], Literal[False]] = True,
+    ) -> Union[Optional[OpenID], Optional[Dict[str, Any]]]:
         """
         Processes the login given a FastAPI (Starlette) Request object. This should be used for the /callback path.
@@ -312,12 +335,14 @@ class SSOBase:
             params (Optional[Dict[str, Any]]): Additional query parameters to pass to the provider.
             headers (Optional[Dict[str, Any]]): Additional headers to pass to the provider.
             redirect_uri (Optional[str]): Overrides the `redirect_uri` specified on this instance.
+            convert_response (bool): If True, userinfo response is converted to OpenID object.
         Raises:
             SSOLoginError: If the 'code' parameter is not found in the callback request.
         Returns:
-            Optional[OpenID]: User information in OpenID format if the login was successful.
+            Optional[OpenID]: User information as OpenID instance (if convert_response == True)
+            Optional[Dict[str, Any]]: The original JSON response from the API.
         """
         headers = headers or {}
         code = request.query_params.get("code")
@@ -338,6 +363,7 @@ class SSOBase:
             additional_headers=headers,
             redirect_uri=redirect_uri,
             pkce_code_verifier=pkce_code_verifier,
+            convert_response=convert_response,
         )
     def __enter__(self) -> "SSOBase":
@@ -363,6 +389,7 @@ class SSOBase:
     def _extra_query_params(self) -> Dict:
         return {}
+    @overload
     async def process_login(
         self,
         code: str,
@@ -372,7 +399,33 @@ class SSOBase:
         additional_headers: Optional[Dict[str, Any]] = None,
         redirect_uri: Optional[str] = None,
         pkce_code_verifier: Optional[str] = None,
-    ) -> Optional[OpenID]:
+        convert_response: Literal[True] = True,
+    ) -> Optional[OpenID]: ...
+    @overload
+    async def process_login(
+        self,
+        code: str,
+        request: Request,
+        *,
+        params: Optional[Dict[str, Any]] = None,
+        additional_headers: Optional[Dict[str, Any]] = None,
+        redirect_uri: Optional[str] = None,
+        pkce_code_verifier: Optional[str] = None,
+        convert_response: Literal[False],
+    ) -> Optional[Dict[str, Any]]: ...
+    async def process_login(
+        self,
+        code: str,
+        request: Request,
+        *,
+        params: Optional[Dict[str, Any]] = None,
+        additional_headers: Optional[Dict[str, Any]] = None,
+        redirect_uri: Optional[str] = None,
+        pkce_code_verifier: Optional[str] = None,
+        convert_response: Union[Literal[True], Literal[False]] = True,
+    ) -> Union[Optional[OpenID], Optional[Dict[str, Any]]]:
         """
         Processes login from the callback endpoint to verify the user and request user info endpoint.
         It's a lower-level method, typically, you should use `verify_and_process` instead.
@@ -384,12 +437,14 @@ class SSOBase:
             additional_headers (Optional[Dict[str, Any]]): Additional headers to be added to all requests.
             redirect_uri (Optional[str]): Overrides the `redirect_uri` specified on this instance.
             pkce_code_verifier (Optional[str]): A PKCE code verifier sent to the server to verify the login request.
+            convert_response (bool): If True, userinfo response is converted to OpenID object.
         Raises:
             ReusedOauthClientWarning: If the SSO object is reused, which is not safe and caused security issues.
         Returns:
-            Optional[OpenID]: User information in OpenID format if the login was successful.
+            Optional[OpenID]: User information in OpenID format if the login was successful (convert_response == True).
+            Optional[Dict[str, Any]]: Original userinfo API endpoint response.
         """
         # pylint: disable=too-many-locals
         if self._oauth_client is not None:  # pragma: no cover
@@ -417,6 +472,9 @@ class SSOBase:
         current_path = f"{url.scheme}://{url.netloc}{url.path}"
+        if pkce_code_verifier:
+            params.update({"code_verifier": pkce_code_verifier})
         token_url, headers, body = self.oauth_client.prepare_token_request(
             await self.token_endpoint,
             authorization_response=current_url,
@@ -432,11 +490,8 @@ class SSOBase:
         auth = httpx.BasicAuth(self.client_id, self.client_secret)
-        if pkce_code_verifier:
-            params.update({"code_verifier": pkce_code_verifier})
         async with httpx.AsyncClient() as session:
-            response = await session.post(token_url, headers=headers, content=body, auth=auth, params=params)
+            response = await session.post(token_url, headers=headers, content=body, auth=auth)
             content = response.json()
             self._refresh_token = content.get("refresh_token")
             self._id_token = content.get("id_token")
@@ -447,5 +502,6 @@ class SSOBase:
             session.headers.update(headers)
             response = await session.get(uri)
             content = response.json()
-            return await self.openid_from_response(content, session)
+            if convert_response:
+                return await self.openid_from_response(content, session)
+            return content

fastapi_sso/sso/gitlab.py CHANGED Viewed

@@ -1,6 +1,9 @@
 """Gitlab SSO Oauth Helper class"""
-from typing import TYPE_CHECKING, Optional
+from typing import TYPE_CHECKING, List, Optional, Tuple, Union
+from urllib.parse import urljoin
+import pydantic
 from fastapi_sso.sso.base import DiscoveryDocument, OpenID, SSOBase
@@ -14,19 +17,61 @@ class GitlabSSO(SSOBase):
     provider = "gitlab"
     scope = ["read_user", "openid", "profile"]
     additional_headers = {"accept": "application/json"}
+    base_endpoint_url = "https://gitlab.com"
+    def __init__(
+        self,
+        client_id: str,
+        client_secret: str,
+        redirect_uri: Optional[Union[pydantic.AnyHttpUrl, str]] = None,
+        allow_insecure_http: bool = False,
+        use_state: bool = False,  # TODO: Remove use_state argument
+        scope: Optional[List[str]] = None,
+        base_endpoint_url: Optional[str] = None,
+    ) -> None:
+        super().__init__(
+            client_id,
+            client_secret,
+            redirect_uri,
+            allow_insecure_http,
+            use_state,  # TODO: Remove use_state argument
+            scope,
+        )
+        self.base_endpoint_url = base_endpoint_url or self.base_endpoint_url
     async def get_discovery_document(self) -> DiscoveryDocument:
+        """Override the discovery document method to return Yandex OAuth endpoints."""
         return {
-            "authorization_endpoint": "https://gitlab.com/oauth/authorize",
-            "token_endpoint": "https://gitlab.com/oauth/token",
-            "userinfo_endpoint": "https://gitlab.com/api/v4/user",
+            "authorization_endpoint": urljoin(self.base_endpoint_url, "/oauth/authorize"),
+            "token_endpoint": urljoin(self.base_endpoint_url, "/oauth/token"),
+            "userinfo_endpoint": urljoin(self.base_endpoint_url, "/api/v4/user"),
         }
+    def _parse_name(self, full_name: Optional[str]) -> Tuple[Union[str, None], Union[str, None]]:
+        """Parses the full name from Gitlab into the first and last name."""
+        if not full_name or not isinstance(full_name, str):
+            return None, None
+        name_parts = full_name.split()
+        if len(name_parts) == 1:
+            return name_parts[0], None
+        first_name = name_parts[0]
+        last_name = " ".join(name_parts[1:])
+        return first_name, last_name
     async def openid_from_response(self, response: dict, session: Optional["httpx.AsyncClient"] = None) -> OpenID:
+        """Converts Gitlab user info response to OpenID object."""
+        first_name, last_name = self._parse_name(response.get("name"))
         return OpenID(
             email=response["email"],
             provider=self.provider,
             id=str(response["id"]),
+            first_name=first_name,
+            last_name=last_name,
             display_name=response["username"],
             picture=response["avatar_url"],
         )

fastapi_sso/sso/yandex.py ADDED Viewed

@@ -0,0 +1,44 @@
+"""Yandex SSO Login Helper
+"""
+from typing import TYPE_CHECKING, Optional
+from fastapi_sso.sso.base import DiscoveryDocument, OpenID, SSOBase
+if TYPE_CHECKING:
+    import httpx  # pragma: no cover
+class YandexSSO(SSOBase):
+    """Class providing login using Yandex OAuth."""
+    provider = "yandex"
+    scope = ["login:email", "login:info", "login:avatar"]
+    avatar_url = "https://avatars.yandex.net/get-yapic"
+    async def get_discovery_document(self) -> DiscoveryDocument:
+        """Override the discovery document method to return Yandex OAuth endpoints."""
+        return {
+            "authorization_endpoint": "https://oauth.yandex.ru/authorize",
+            "token_endpoint": "https://oauth.yandex.ru/token",
+            "userinfo_endpoint": "https://login.yandex.ru/info",
+        }
+    async def openid_from_response(self, response: dict, session: Optional["httpx.AsyncClient"] = None) -> OpenID:
+        """Converts Yandex user info response to OpenID object."""
+        picture = None
+        if (avatar_id := response.get("default_avatar_id")) is not None:
+            picture = f"{self.avatar_url}/{avatar_id}/islands-200"
+        return OpenID(
+            email=response.get("default_email"),
+            display_name=response.get("display_name"),
+            provider=self.provider,
+            id=response.get("id"),
+            first_name=response.get("first_name"),
+            last_name=response.get("last_name"),
+            picture=picture,
+        )

{fastapi_sso-0.13.1.dist-info → fastapi_sso-0.14.0.dist-info}/METADATA RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: fastapi-sso
-Version: 0.13.1
+Version: 0.14.0
 Summary: FastAPI plugin to enable SSO to most common providers (such as Facebook login, Google login and login via Microsoft Office 365 Account)
 Home-page: https://tomasvotava.github.io/fastapi-sso/
 License: MIT
@@ -85,6 +85,7 @@ I tend to process Pull Requests faster when properly caffeinated 😉.
 - Gitlab (by Alessandro Pischedda) - [Cereal84](https://github.com/Cereal84)
 - Line (by Jimmy Yeh) - [jimmyyyeh](https://github.com/jimmyyyeh)
 - LinkedIn (by Alessandro Pischedda) - [Cereal84](https://github.com/Cereal84)
+- Yandex (by Akim Faskhutdinov) – [akimrx](https://github.com/akimrx)
 See [Contributing](#contributing) for a guide on how to contribute your own login provider.

{fastapi_sso-0.13.1.dist-info → fastapi_sso-0.14.0.dist-info}/RECORD RENAMED Viewed

@@ -2,12 +2,12 @@ fastapi_sso/__init__.py,sha256=bQH_ECRRvpAQfPfpe5bIiGdfRoPULFgvbSjGS9OPkYQ,690
 fastapi_sso/pkce.py,sha256=_J9wMCaSwPsUk32qoHzorhB9HG79YVifcQcRA4l_N7I,790
 fastapi_sso/py.typed,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 fastapi_sso/sso/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-fastapi_sso/sso/base.py,sha256=VypbWdKTC4B2cmHpNv7TI8VjbI0Sl1gMwak8cHf3Z0w,17130
+fastapi_sso/sso/base.py,sha256=DDqOSjuXzP6-GrAuQeRAt5M4aKXAsxuDXztd8orBeO0,19272
 fastapi_sso/sso/facebook.py,sha256=fyO9R7wmhuDp8gZWOp5hogMfTLbff_7ms1XcrLL9udU,1347
 fastapi_sso/sso/fitbit.py,sha256=ofWcrGVeZk6n4b59RI9dLxPz_GzpizJiLNGLvrIphmY,1278
 fastapi_sso/sso/generic.py,sha256=nfH_ju0zRM4HAX-YYHMulSGRb_UEr342YAcK8JtJ3CE,2645
 fastapi_sso/sso/github.py,sha256=GA0jalPGjgBvhJH2SSyIxiizcj6PR8ccOXQYemmaKpQ,1713
-fastapi_sso/sso/gitlab.py,sha256=Fdq4_f3YmxQUEEx11GahXh6ELwExRyOC9ERwNYvbIHw,1057
+fastapi_sso/sso/gitlab.py,sha256=xYpzDfah8fRD0vVClG_w2_oHWoQ3JdkVh4zOWDVhoZs,2683
 fastapi_sso/sso/google.py,sha256=iyVqh5YG5Xw-Ss4y8xEv1APDvubdI9Vt3ijvPMmStVk,1380
 fastapi_sso/sso/kakao.py,sha256=-St6EEI0r3oFFphFd7UgqppA0z7XtZ22FmBOyhPfJ9M,884
 fastapi_sso/sso/line.py,sha256=1u27gqq8ZNiNn3XRumyTzNTj67vyTlo_HfVBRj4_crI,1210
@@ -17,8 +17,9 @@ fastapi_sso/sso/naver.py,sha256=L9rMTESnZrKZb1Z3odxn2oR2hxjrbnPa8rG8LcypbqU,921
 fastapi_sso/sso/notion.py,sha256=3OU70JpE4mle9DXyZrf4sRpwq1raWcOHjFJrRmsI-EM,1302
 fastapi_sso/sso/spotify.py,sha256=EyCuUK1fiP-I7NSg1ssDoPJilHnIULyXB4AyJNxPiYg,1269
 fastapi_sso/sso/twitter.py,sha256=NsRbKZlau_8gZNKgCywlggKv1jZLRP1oDXTp-TId2PU,1227
+fastapi_sso/sso/yandex.py,sha256=cTfxnK1xKBqGZ1GHd4Y1GtqTJGt1dYV6RAE6kACvX14,1489
 fastapi_sso/state.py,sha256=bwqsl73I5_VSf-TfCTvDfVb7L_3PwUqtP7jDjco-8Nw,298
-fastapi_sso-0.13.1.dist-info/LICENSE.md,sha256=5NVQtYs6liDtYdWM4VObWmTTKaK0k9C9txx5pLPJSyQ,1093
-fastapi_sso-0.13.1.dist-info/METADATA,sha256=oCN_56pDK4ELk7iPOAYHjLuB9FvgBnxbIR3gcpjouj0,4563
-fastapi_sso-0.13.1.dist-info/WHEEL,sha256=sP946D7jFCHeNz5Iq4fL4Lu-PrWrFsgfLXbbkciIZwg,88
-fastapi_sso-0.13.1.dist-info/RECORD,,
+fastapi_sso-0.14.0.dist-info/LICENSE.md,sha256=5NVQtYs6liDtYdWM4VObWmTTKaK0k9C9txx5pLPJSyQ,1093
+fastapi_sso-0.14.0.dist-info/METADATA,sha256=rhu8DYZyQHwK-A7z9eTYTpW6QILwqIKq7UkCWsUr83M,4635
+fastapi_sso-0.14.0.dist-info/WHEEL,sha256=sP946D7jFCHeNz5Iq4fL4Lu-PrWrFsgfLXbbkciIZwg,88
+fastapi_sso-0.14.0.dist-info/RECORD,,

{fastapi_sso-0.13.1.dist-info → fastapi_sso-0.14.0.dist-info}/LICENSE.md RENAMED Viewed

File without changes

{fastapi_sso-0.13.1.dist-info → fastapi_sso-0.14.0.dist-info}/WHEEL RENAMED Viewed

File without changes

fastapi-sso 0.13.1__py3-none-any.whl → 0.14.0__py3-none-any.whl

fastapi-sso 0.13.1py3-none-any.whl → 0.14.0py3-none-any.whl