Authentication & authorization helpers for eoAPI

Project description

eoAPI Auth Utils

Helpers for authentication & authorization patterns for eoAPI applications.

Usage

Installation

pip install eoapi.auth-utils

Integration

In your eoAPI application:

from eoapi.auth_utils import AuthSettings, OpenIdConnectAuth
from fastapi import FastAPI
from fastapi.routing import APIRoute
from stac_fastapi.api.app import StacApi

auth_settings = AuthSettings(_env_prefix="AUTH_")

api = StacApi(
    app=FastAPI(
        # ...
        swagger_ui_init_oauth={
            "clientId": auth_settings.client_id,
            "usePkceWithAuthorizationCodeGrant": auth_settings.use_pkce,
        },
    ),
    # ...
)

if auth_settings.openid_configuration_url:
    oidc_auth = OpenIdConnectAuth.from_settings(auth_settings)

    # Implement custom auth logic...
    restricted_prefixes_methods = {
        "/collections": ("POST", "stac:collection:create"),
        "/collections/{collection_id}": ("PUT", "stac:collection:update"),
        "/collections/{collection_id}": ("DELETE", "stac:collection:delete"),
        "/collections/{collection_id}/items": ("POST", "stac:item:create"),
        "/collections/{collection_id}/items/{item_id}": ("PUT", "stac:item:update"),
        "/collections/{collection_id}/items/{item_id}": ("DELETE", "stac:item:delete"),
    }
    route_lookup = {
        route.path: route for route in api.app.routes if isinstance(route, APIRoute)
    }
    for endpoint, (method, scope) in restricted_prefixes_methods.items():
        route = route_lookup.get(endpoint)
        if route and method in route.methods:
            oidc_auth.apply_auth_dependencies(route, required_token_scopes=[scope])

Development

Releases

Releases are managed via CICD workflow, as described in the Python Packaging User Guide. To create a new release:

Update the version in eoapi/auth_utils/__init__.py following appropriate Semantic Versioning convention.
Push a tagged commit to main, with the tag matching the package's new version number.

[!NOTE]
This package makes use of Github's automatically generated release notes. These can be later augmented if one sees fit.

Project details

Release history Release notifications | RSS feed

0.4.0

Aug 26, 2024

This version

0.3.0

Aug 23, 2024

0.2.0

Aug 21, 2024

0.1.2

Aug 20, 2024

0.1.1

Aug 20, 2024

0.1.0

Aug 20, 2024

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

eoapi.auth-utils-0.3.0.tar.gz (5.2 kB view details)

Uploaded Aug 23, 2024 Source

Built Distribution

eoapi.auth_utils-0.3.0-py3-none-any.whl (6.7 kB view details)

Uploaded Aug 23, 2024 Python 3

File details

Details for the file eoapi.auth-utils-0.3.0.tar.gz.

File metadata

Download URL: eoapi.auth-utils-0.3.0.tar.gz
Upload date: Aug 23, 2024
Size: 5.2 kB
Tags: Source
Uploaded using Trusted Publishing? Yes
Uploaded via: twine/5.1.0 CPython/3.12.5

File hashes

Hashes for eoapi.auth-utils-0.3.0.tar.gz
Algorithm	Hash digest
SHA256	`5a83d61cc9cc0d60e232ff9660feec69703ba74b6a977faf5d58a2d728081fb7`
MD5	`37132c085622269c90d3ea992f7f72b4`
BLAKE2b-256	`81ce0b918443a1868f11c4381c7d2639c2cc9af42a76597d2ee64a5c23b789fa`

See more details on using hashes here.

File details

Details for the file eoapi.auth_utils-0.3.0-py3-none-any.whl.

File metadata

Download URL: eoapi.auth_utils-0.3.0-py3-none-any.whl
Upload date: Aug 23, 2024
Size: 6.7 kB
Tags: Python 3
Uploaded using Trusted Publishing? Yes
Uploaded via: twine/5.1.0 CPython/3.12.5

File hashes

Hashes for eoapi.auth_utils-0.3.0-py3-none-any.whl
Algorithm	Hash digest
SHA256	`a90f30a4f25f78cb7557ab24909c70ba83da473e06d3d9bbbdea0b6af06913cd`
MD5	`07ed4595c935de2b96a18bd5244d0ed7`
BLAKE2b-256	`7e26ed8edec745ceca0760de03651b477aee77beb6edd639b3579353802f0731`