fastapi-sso 0.19.0__tar.gz → 0.20.0__tar.gz

{fastapi_sso-0.19.0 → fastapi_sso-0.20.0}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: fastapi-sso
-Version: 0.19.0
+Version: 0.20.0
 Summary: FastAPI plugin to enable SSO to most common providers (such as Facebook login, Google login and login via Microsoft Office 365 Account)
 License: MIT
 License-File: LICENSE.md
@@ -67,14 +67,6 @@ Quick links for the eager ones:
 
 ## Security Notice
 
-### Version `0.16.0` Update: Race Condition Bug Fix & Context Manager Change
-
-A race condition bug in the login flow that could, in rare cases, allow one user
-to assume the identity of another due to concurrent login requests was recently discovered
-by [@parikls](https://github.com/parikls).
-This issue was reported in [#186](https://github.com/tomasvotava/fastapi-sso/issues/186) and has been resolved
-in version `0.16.0`.
-
 ### Version `0.19.0` Update: OAuth `state` Validation Fix
 
 A critical OAuth login CSRF vulnerability caused by missing `state` validation was
@@ -85,6 +77,14 @@ in version `0.19.0`.
 Starting with `fastapi-sso==1.0.0`, OAuth `state` will be backed by a pluggable server-side store
 (in-memory by default, with support for external stores such as `Redis`).
 
+### Version `0.16.0` Update: Race Condition Bug Fix & Context Manager Change
+
+A race condition bug in the login flow that could, in rare cases, allow one user
+to assume the identity of another due to concurrent login requests was recently discovered
+by [@parikls](https://github.com/parikls).
+This issue was reported in [#186](https://github.com/tomasvotava/fastapi-sso/issues/186) and has been resolved
+in version `0.16.0`.
+
 **Details of the Fix:**
 
 The bug was mitigated by introducing an async lock mechanism that ensures only one user can attempt the login
@@ -157,6 +157,7 @@ I tend to process Pull Requests faster when properly caffeinated 😉.
 - Seznam (by Tomas Koutek) - [TomasKoutek](https://github.com/TomasKoutek)
 - Discord (by Kaelian Baudelet) - [afi-dev](https://github.com/afi-dev)
 - Bitbucket (by Kaelian Baudelet) - [afi-dev](https://github.com/afi-dev)
+- Soundcloud (by John) - [john-9474](https://github.com/john-9474)
 
 See [Contributing](#contributing) for a guide on how to contribute your own login provider.
 

{fastapi_sso-0.19.0 → fastapi_sso-0.20.0}/README.md

@@ -38,14 +38,6 @@ Quick links for the eager ones:
 
 ## Security Notice
 
-### Version `0.16.0` Update: Race Condition Bug Fix & Context Manager Change
-
-A race condition bug in the login flow that could, in rare cases, allow one user
-to assume the identity of another due to concurrent login requests was recently discovered
-by [@parikls](https://github.com/parikls).
-This issue was reported in [#186](https://github.com/tomasvotava/fastapi-sso/issues/186) and has been resolved
-in version `0.16.0`.
-
 ### Version `0.19.0` Update: OAuth `state` Validation Fix
 
 A critical OAuth login CSRF vulnerability caused by missing `state` validation was
@@ -56,6 +48,14 @@ in version `0.19.0`.
 Starting with `fastapi-sso==1.0.0`, OAuth `state` will be backed by a pluggable server-side store
 (in-memory by default, with support for external stores such as `Redis`).
 
+### Version `0.16.0` Update: Race Condition Bug Fix & Context Manager Change
+
+A race condition bug in the login flow that could, in rare cases, allow one user
+to assume the identity of another due to concurrent login requests was recently discovered
+by [@parikls](https://github.com/parikls).
+This issue was reported in [#186](https://github.com/tomasvotava/fastapi-sso/issues/186) and has been resolved
+in version `0.16.0`.
+
 **Details of the Fix:**
 
 The bug was mitigated by introducing an async lock mechanism that ensures only one user can attempt the login
@@ -128,6 +128,7 @@ I tend to process Pull Requests faster when properly caffeinated 😉.
 - Seznam (by Tomas Koutek) - [TomasKoutek](https://github.com/TomasKoutek)
 - Discord (by Kaelian Baudelet) - [afi-dev](https://github.com/afi-dev)
 - Bitbucket (by Kaelian Baudelet) - [afi-dev](https://github.com/afi-dev)
+- Soundcloud (by John) - [john-9474](https://github.com/john-9474)
 
 See [Contributing](#contributing) for a guide on how to contribute your own login provider.
 

{fastapi_sso-0.19.0 → fastapi_sso-0.20.0}/fastapi_sso/__init__.py

@@ -18,6 +18,7 @@ from .sso.linkedin import LinkedInSSO
 from .sso.microsoft import MicrosoftSSO
 from .sso.naver import NaverSSO
 from .sso.notion import NotionSSO
+from .sso.soundcloud import SoundcloudSSO
 from .sso.spotify import SpotifySSO
 from .sso.twitter import TwitterSSO
 
@@ -38,6 +39,7 @@ __all__ = [
     "OpenID",
     "SSOBase",
     "SSOLoginError",
+    "SoundcloudSSO",
     "SpotifySSO",
     "TwitterSSO",
     "create_provider",

{fastapi_sso-0.19.0 → fastapi_sso-0.20.0}/fastapi_sso/sso/kakao.py

@@ -15,6 +15,10 @@ class KakaoSSO(SSOBase):
     scop: ClassVar = ["openid"]
     version = "v2"
 
+    @property
+    def _extra_query_params(self) -> dict:
+        return {"client_secret": self.client_secret}
+
     async def get_discovery_document(self) -> DiscoveryDocument:
         return {
             "authorization_endpoint": "https://kauth.kakao.com/oauth/authorize",

{fastapi_sso-0.19.0 → fastapi_sso-0.20.0}/fastapi_sso/sso/naver.py

@@ -15,6 +15,10 @@ class NaverSSO(SSOBase):
     scope: ClassVar[list[str]] = []
     additional_headers: ClassVar = {"accept": "application/json"}
 
+    @property
+    def _extra_query_params(self) -> dict:
+        return {"client_secret": self.client_secret}
+
     async def get_discovery_document(self) -> DiscoveryDocument:
         return {
             "authorization_endpoint": "https://nid.naver.com/oauth2.0/authorize",

{fastapi_sso-0.19.0 → fastapi_sso-0.20.0}/fastapi_sso/sso/seznam.py

@@ -18,6 +18,10 @@ class SeznamSSO(SSOBase):
     base_url = "https://login.szn.cz/api/v1"
     scope: ClassVar = ["identity", "avatar"]  # + ["contact-phone", "adulthood", "birthday", "gender"]
 
+    @property
+    def _extra_query_params(self) -> dict:
+        return {"client_secret": self.client_secret}
+
     async def get_discovery_document(self) -> DiscoveryDocument:
         """Get document containing handy urls."""
         return {

fastapi_sso-0.20.0/fastapi_sso/sso/soundcloud.py

@@ -0,0 +1,38 @@
+"""Soundcloud SSO Login Helper."""
+
+from typing import TYPE_CHECKING, ClassVar, Optional
+
+from fastapi_sso.sso.base import DiscoveryDocument, OpenID, SSOBase
+
+if TYPE_CHECKING:
+    import httpx  # pragma: no cover
+
+
+class SoundcloudSSO(SSOBase):
+    """Class providing login via Soundcloud OAuth."""
+
+    provider = "soundcloud"
+    scope: ClassVar = ["openid"]
+
+    @property
+    def _extra_query_params(self) -> dict:
+        return {"client_secret": self.client_secret}
+
+    async def get_discovery_document(self) -> DiscoveryDocument:
+        """Get document containing handy urls."""
+        return {
+            "authorization_endpoint": "https://secure.soundcloud.com/authorize",
+            "token_endpoint": "https://secure.soundcloud.com/oauth/token",
+            "userinfo_endpoint": "https://api.soundcloud.com/me",
+        }
+
+    async def openid_from_response(self, response: dict, session: Optional["httpx.AsyncClient"] = None) -> OpenID:
+        """Return OpenID from user information provided by Soundcloud."""
+        return OpenID(
+            id=str(response.get("id")),
+            first_name=response.get("first_name"),
+            last_name=response.get("last_name"),
+            display_name=response.get("username"),
+            picture=response.get("avatar_url"),
+            provider=self.provider,
+        )

{fastapi_sso-0.19.0 → fastapi_sso-0.20.0}/pyproject.toml

@@ -1,6 +1,6 @@
 [tool.poetry]
 name = "fastapi-sso"
-version = "0.19.0"
+version = "0.20.0"
 description = "FastAPI plugin to enable SSO to most common providers (such as Facebook login, Google login and login via Microsoft Office 365 Account)"
 authors = ["Tomas Votava <info@tomasvotava.eu>"]
 readme = "README.md"