Authentication & authorization helpers for eoAPI

Project description

eoAPI Auth Utils

Helpers for authentication & authorization patterns for eoAPI applications.

Usage

Installation

pip install eoapi.auth-utils

Integration

In your eoAPI application:

from eoapi.auth_utils import AuthSettings, OpenIdConnectAuth
from fastapi import FastAPI
from fastapi.routing import APIRoute
from stac_fastapi.api.app import StacApi

auth_settings = AuthSettings(_env_prefix="AUTH_")

api = StacApi(
    app=FastAPI(
        # ...
        swagger_ui_init_oauth={
            "clientId": auth_settings.client_id,
            "usePkceWithAuthorizationCodeGrant": auth_settings.use_pkce,
        },
    ),
    # ...
)

if auth_settings.openid_configuration_url:
    oidc_auth = OpenIdConnectAuth.from_settings(auth_settings)

    # Implement custom auth logic...
    restricted_prefixes_methods = {
        "/collections": ("POST", "stac:collection:create"),
        "/collections/{collection_id}": ("PUT", "stac:collection:update"),
        "/collections/{collection_id}": ("DELETE", "stac:collection:delete"),
        "/collections/{collection_id}/items": ("POST", "stac:item:create"),
        "/collections/{collection_id}/items/{item_id}": ("PUT", "stac:item:update"),
        "/collections/{collection_id}/items/{item_id}": ("DELETE", "stac:item:delete"),
    }
    route_lookup = {
        route.path: route for route in api.app.routes if isinstance(route, APIRoute)
    }
    for endpoint, (method, scope) in restricted_prefixes_methods.items():
        route = route_lookup.get(endpoint)
        if route and method in route.methods:
            oidc_auth.apply_auth_dependencies(route, required_token_scopes=[scope])

Development

Releases

Releases are managed via CICD workflow, as described in the Python Packaging User Guide. To create a new release:

Update the version in eoapi/auth_utils/__init__.py following appropriate Semantic Versioning convention.
Push a tagged commit to main, with the tag matching the package's new version number.

[!NOTE]
This package makes use of Github's automatically generated release notes. These can be later augmented if one sees fit.

Project details

Release history Release notifications | RSS feed

0.4.0

Aug 26, 2024

This version

0.3.0

Aug 23, 2024

0.2.0

Aug 21, 2024

0.1.2

Aug 20, 2024

0.1.1

Aug 20, 2024

0.1.0

Aug 20, 2024

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

eoapi.auth-utils-0.3.0.tar.gz (5.2 kB view hashes)

Uploaded Aug 23, 2024 Source

Built Distribution

eoapi.auth_utils-0.3.0-py3-none-any.whl (6.7 kB view hashes)

Uploaded Aug 23, 2024 Python 3

Hashes for eoapi.auth-utils-0.3.0.tar.gz

Hashes for eoapi.auth-utils-0.3.0.tar.gz
Algorithm	Hash digest
SHA256	`5a83d61cc9cc0d60e232ff9660feec69703ba74b6a977faf5d58a2d728081fb7`
MD5	`37132c085622269c90d3ea992f7f72b4`
BLAKE2b-256	`81ce0b918443a1868f11c4381c7d2639c2cc9af42a76597d2ee64a5c23b789fa`

Hashes for eoapi.auth_utils-0.3.0-py3-none-any.whl

Hashes for eoapi.auth_utils-0.3.0-py3-none-any.whl
Algorithm	Hash digest
SHA256	`a90f30a4f25f78cb7557ab24909c70ba83da473e06d3d9bbbdea0b6af06913cd`
MD5	`07ed4595c935de2b96a18bd5244d0ed7`
BLAKE2b-256	`7e26ed8edec745ceca0760de03651b477aee77beb6edd639b3579353802f0731`