Update b2c and multi-tenant docs for pydantic v2 #154
Closed
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
- Better description in pyproject.toml
Request user attached to the request
- Add a testcase for when an evil token is provided, but with the correct `kid`.
Signature loop improvement
…quires the user to do some more configuration, but makes dependencies easier to make without circular imports - Add documentation and examples on how to do role checking - `AzureAuthorizationCodeBearer` now returns a User object - Add docs on how to load provider config on startup
- Add URL to image in README, for PyPI
v2: Remove `app` parameter from AzureAuthorizationCodeBearer, dependency now returns a User object
Make `upn` optional to support Client Credential Flow
…dd multi-tenant support. **Multi-tenant support:** - Support for multi-tenant applications - Takes a coroutine to fetch valid `iss` for given `tid` **Single-tenant features:** - Support for v2 tokens for single-tenant applications - User object is reworked, and now also contains the access_token for easier Azure Graph implementation **Removal:** - `allow_guest_users` setting is removed. This can be done in Azure AD instead. (Also removal of `GuestUserException`) **Other:** - Add SECURITY.md - Relax aiohttp requirement - Move `InvalidAuth` to `exceptions.py` - Add role check example in demo project - Add `iss` fetcher example in demo project - No longer inheriting `OAuth2AuthorizationCodeBearer`, solving mypy errors. - Rename `provider_config.py` to `openid_config.py` and `ProviderConfig()` to `OpenIdConfig()` - Removal of pre-instance of `provider_config` due to OpenAPI authorization URL issues. This is now instanced on `SingleTenantAzureAuthorizationCodeBearer` or `MultiTenantAzureAuthorizationCodeBearer`. **Tests:** - 100% codecov for v1 and v2 single-tenant applications - 99% codecov for openid_config **TODO:** - Documentation needs full rewrite - Tests for multi-tenant - Test for `openid_config` `app_id`
…y()` (instead of `Depends()`) - Fix missing `Authorize` button in OpenAPI documentation - Add tests for OpenAPI documentation, so this won't happen again.
- Add single-tenant tests for multi-tenant
…sas inheritance for the different app types
- Add test for validate_iss=False
* fix version comparison in skip condition * openapi_version based on fastapi version * add test to validate openapi spec * Make the generated openapi spec 3.1 compliant - Fix two operation that had the same operation id - Make the security scheme follow the pattern ^[a-zA-Z0-9._-]+$ * only test schema for version 2 of pydantic --------- Co-authored-by: Émile Nadeau <emile.nadeau@ruv.is>
…ity#145) * fix: make and optional to allow User validation in B2C * fix: adjust testing the openapi schema with optional tid and oid claims
…ty#146) * move openapi-spec-validator and pydantic-settings to dev deps * version bump
Co-authored-by: Jonas Krüger Svensson <jonas-ks@hotmail.com>
… have upgraded by now :)
Bumps [actions/cache](https://github.com/actions/cache) from 3.3.1 to 3.3.2. - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](actions/cache@v3.3.1...v3.3.2) --- updated-dependencies: - dependency-name: actions/cache dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v3...v4) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
martimors
reviewed
Oct 12, 2023
|
|
||
|
|
||
| class Settings(BaseSettings): | ||
| BACKEND_CORS_ORIGINS: list[Union[str, AnyHttpUrl]] = ['http://localhost:8000'] | ||
| BACKEND_CORS_ORIGINS: list[str | AnyHttpUrl] = ['http://localhost:8000'] | ||
| TENANT_NAME: str = Field(default='', env='TENANT_NAME') |
There was a problem hiding this comment.
Nit, and probably out of scope too, but TENANT_NAME: str = Field(default='', env='TENANT_NAME') here could be just TENANT_NAME: str = ''
There was a problem hiding this comment.
Same for all of the other uses of ´Field` too
There was a problem hiding this comment.
Thanks, I still haven't been able to test out Pydanticv2 since the release candidates. Any nitpicking is good, I'd love to have it up2date.
There was a problem hiding this comment.
I'll update this as mentioned.
|
Thanks @nikstuckenbrock, I've added the label. 😊 |
|
Could you please have a look at #106 (comment)? Would love to ensure this is added to all the docs as well. |
nikstuckenbrock
force-pushed
the
migrate-multi-tenant-and-b2c-docs
branch
from
8aa495f
to
83b611f
Compare
Closed
|
Please have a look at #158 . |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
As mentioned in #150 I've updated the docs for multi-tenant and b2c according to pydantic v2.
I would appreciate if you could add the
HACKTOBERFEST-ACCEPTEDlabel to the pull request.