New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add support to Client Credentials Flow (OAuth2) #5052
base: master
Are you sure you want to change the base?
Conversation
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## master #5052 +/- ##
==========================================
Coverage 100.00% 100.00%
==========================================
Files 535 537 +2
Lines 13825 13963 +138
==========================================
+ Hits 13825 13963 +138 ☔ View full report in Codecov by Sentry. |
📝 Docs preview for commit 48611ac at: https://62adefeee6a1801161daafce--fastapi.netlify.app |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
All for this! I do see you didn't provide any tests though, is that on the planning?
fastapi/security/oauth2.py
Outdated
HTTPException(status_code=400, detail="Client credentials not provided") | ||
pass | ||
|
||
This will allow the client server send credential either header or body. But the recommended |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This sentence is wrangled. Proposal: "This will allow the client to send its credentials either via headers or body with the request for a token."
fastapi/security/oauth2.py
Outdated
auto_error=False, scheme_name="oAuth2ClientCredentials" | ||
) | ||
|
||
@router.post("/login") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Client Credentials flow typically goes to a '/token' endpoint. Normally, a '/login' endpoint is for the Resource Owner Password Credentials flow.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Good! will fix the comments and add some tests too!
Will add test yep, sorry! |
📝 Docs preview for commit 6b5a4cc at: https://62b2119df868f015e2b47298--fastapi.netlify.app |
📝 Docs preview for commit b07569d at: https://62b7196e1aa56f7e7005c960--fastapi.netlify.app |
📝 Docs preview for commit 9c3dda9 at: https://62b71fa51aa56f036105c86c--fastapi.netlify.app |
📝 Docs preview for commit 232394d at: https://62b720b7f57baf090dfb812e--fastapi.netlify.app |
Ready to go! |
📝 Docs preview for commit cb0305e at: https://62b722f3e2b0760a373ddeb6--fastapi.netlify.app |
📝 Docs preview for commit f02c4aa at: https://62d18ce54624d43f5615452b--fastapi.netlify.app |
📝 Docs preview for commit a1893f0 at: https://62e29b96e3bee326f645bf5b--fastapi.netlify.app |
📝 Docs preview for commit 7090cdb at: https://630e1bf89f0bdf6afee85fc5--fastapi.netlify.app |
Hey @JarroVGIT, just wondering, is there a chance to get this merged? I'm willing to pick this up if there's any additional work needed to be done before merging. |
could some docs be added to the PR? |
Would it be appropriate to add some info about using this flow on the advanced/security/oauth2-scopes/ docs page? |
@tiangolo is there any plans to implement client credentials flow? |
Also looking for a good client credentials flow. Is this still going? |
issue : #774