No project description provided
Project description
Starlette OAuth2
A Startlette middleware for authentication and authorization through oauth2.
This middleware is intented to be used when the application relies on an external tenant (e.g. Microsoft AD) for authentication, and the organization's user groups (externally administred) for authorization.
It assumes that a user that is not authenticated is not authorized to do anything.
Check example/
for a concrete implementation.
How to run the example
This guide uses Microsoft (Azure AD) as the tenant. Refer to your tenant for details.
The values in capital such as CLIENT_ID
are to be replaced in example/.venv
.
-
Generate a secret and write its value on
SECRET_KEY
-
Go to Azure AD, create an app registration (
app registrations
), give it a name, and addhttp://localhost:5001/authorized
as aRedirect URI
.- replace the value on
CLIENT_ID
by the value onApplication (client) ID
- replace the value on
TENANT_ID
by the value onDirectory (tenant) ID
- replace the value on
-
In
Certificates & secrets
, create a new client secret.- replace the value on
CLIENT_SECRET
by the value of the key you just created underClient secrets
- replace the value on
-
Go to Azure AD groups and create a new group.
- replace the value on
USER_GROUP_ID
by theObject ID
of that group.
- replace the value on
-
Install dependencies and run:
cd examples
python -m venv venv
venv/bin/pip install -r requirements.txt
python -m app
When you visit http://localhost:5001
, you will be redirected to your tenant, to authorize access. Once authorized, you will
be redirected back to http://localhost:5001
, and your email will appear. If you try http://localhost:5001/private
, you will
get a message that you are not authorized to see that.
If you add yourself to the group created in step 3, you are now authorized to see http://localhost:5001/private
.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.