happyz
/
fastapi
mirror of https://github.com/tiangolo/fastapi.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

📝 Update advance oauth2 scopes with PyJWT examples

This commit is contained in:
Esteban Maya Cadavid 2024-05-17 00:05:37 -05:00
parent 5a6859263b
commit f252dc622d
7 changed files with 66 additions and 60 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

96
docs/en/docs/advanced/security/oauth2-scopes.md
View File

@ -58,19 +58,19 @@ First, let's quickly see the parts that change from the examples in the main **T
=== "Python 3.10+"
```Python hl_lines="4 8 12 46 64 105 107-115 121-124 128-134 139 155"
```Python hl_lines="5 9 13 47 65 106 108-116 122-125 129-135 140 156"
{!> ../../../docs_src/security/tutorial005_an_py310.py!}
```
=== "Python 3.9+"
```Python hl_lines="2 4 8 12 46 64 105 107-115 121-124 128-134 139 155"
```Python hl_lines="2 5 9 13 47 65 106 108-116 122-125 129-135 140 156"
{!> ../../../docs_src/security/tutorial005_an_py39.py!}
```
=== "Python 3.8+"
```Python hl_lines="2 4 8 12 47 65 106 108-116 122-125 129-135 140 156"
```Python hl_lines="2 5 9 13 48 66 107 109-117 123-126 130-136 141 157"
{!> ../../../docs_src/security/tutorial005_an.py!}
```
@ -79,7 +79,7 @@ First, let's quickly see the parts that change from the examples in the main **T
!!! tip
Prefer to use the `Annotated` version if possible.
```Python hl_lines="3 7 11 45 63 104 106-114 120-123 127-133 138 154"
```Python hl_lines="4 8 12 46 64 105 107-115 121-124 128-134 139 155"
{!> ../../../docs_src/security/tutorial005_py310.py!}
```
@ -88,7 +88,7 @@ First, let's quickly see the parts that change from the examples in the main **T
!!! tip
Prefer to use the `Annotated` version if possible.
```Python hl_lines="2 4 8 12 46 64 105 107-115 121-124 128-134 139 155"
```Python hl_lines="2 5 9 13 47 65 106 108-116 122-125 129-135 140 156"
{!> ../../../docs_src/security/tutorial005_py39.py!}
```
@ -97,7 +97,7 @@ First, let's quickly see the parts that change from the examples in the main **T
!!! tip
Prefer to use the `Annotated` version if possible.
```Python hl_lines="2 4 8 12 46 64 105 107-115 121-124 128-134 139 155"
```Python hl_lines="2 5 9 13 47 65 106 108-116 122-125 129-135 140 156"
{!> ../../../docs_src/security/tutorial005.py!}
```
@ -111,19 +111,19 @@ The `scopes` parameter receives a `dict` with each scope as a key and the descri
=== "Python 3.10+"
```Python hl_lines="62-65"
```Python hl_lines="63-66"
{!> ../../../docs_src/security/tutorial005_an_py310.py!}
```
=== "Python 3.9+"
```Python hl_lines="62-65"
```Python hl_lines="63-66"
{!> ../../../docs_src/security/tutorial005_an_py39.py!}
```
=== "Python 3.8+"
```Python hl_lines="63-66"
```Python hl_lines="64-67"
{!> ../../../docs_src/security/tutorial005_an.py!}
```
@ -132,7 +132,7 @@ The `scopes` parameter receives a `dict` with each scope as a key and the descri
!!! tip
Prefer to use the `Annotated` version if possible.
```Python hl_lines="61-64"
```Python hl_lines="62-65"
{!> ../../../docs_src/security/tutorial005_py310.py!}
```
@ -142,7 +142,7 @@ The `scopes` parameter receives a `dict` with each scope as a key and the descri
!!! tip
Prefer to use the `Annotated` version if possible.
```Python hl_lines="62-65"
```Python hl_lines="63-66"
{!> ../../../docs_src/security/tutorial005_py39.py!}
```
@ -151,7 +151,7 @@ The `scopes` parameter receives a `dict` with each scope as a key and the descri
!!! tip
Prefer to use the `Annotated` version if possible.
```Python hl_lines="62-65"
```Python hl_lines="63-66"
{!> ../../../docs_src/security/tutorial005.py!}
```
@ -178,19 +178,19 @@ And we return the scopes as part of the JWT token.
=== "Python 3.10+"
```Python hl_lines="155"
```Python hl_lines="156"
{!> ../../../docs_src/security/tutorial005_an_py310.py!}
```
=== "Python 3.9+"
```Python hl_lines="155"
```Python hl_lines="156"
{!> ../../../docs_src/security/tutorial005_an_py39.py!}
```
=== "Python 3.8+"
```Python hl_lines="156"
```Python hl_lines="157"
{!> ../../../docs_src/security/tutorial005_an.py!}
```
@ -199,7 +199,7 @@ And we return the scopes as part of the JWT token.
!!! tip
Prefer to use the `Annotated` version if possible.
```Python hl_lines="154"
```Python hl_lines="155"
{!> ../../../docs_src/security/tutorial005_py310.py!}
```
@ -208,7 +208,7 @@ And we return the scopes as part of the JWT token.
!!! tip
Prefer to use the `Annotated` version if possible.
```Python hl_lines="155"
```Python hl_lines="156"
{!> ../../../docs_src/security/tutorial005_py39.py!}
```
@ -217,7 +217,7 @@ And we return the scopes as part of the JWT token.
!!! tip
Prefer to use the `Annotated` version if possible.
```Python hl_lines="155"
```Python hl_lines="156"
{!> ../../../docs_src/security/tutorial005.py!}
```
@ -244,19 +244,19 @@ In this case, it requires the scope `me` (it could require more than one scope).
=== "Python 3.10+"
```Python hl_lines="4 139 170"
```Python hl_lines="5 140 171"
{!> ../../../docs_src/security/tutorial005_an_py310.py!}
```
=== "Python 3.9+"
```Python hl_lines="4 139 170"
```Python hl_lines="5 140 171"
{!> ../../../docs_src/security/tutorial005_an_py39.py!}
```
=== "Python 3.8+"
```Python hl_lines="4 140 171"
```Python hl_lines="5 141 172"
{!> ../../../docs_src/security/tutorial005_an.py!}
```
@ -265,7 +265,7 @@ In this case, it requires the scope `me` (it could require more than one scope).
!!! tip
Prefer to use the `Annotated` version if possible.
```Python hl_lines="3 138 167"
```Python hl_lines="4 139 168"
{!> ../../../docs_src/security/tutorial005_py310.py!}
```
@ -274,7 +274,7 @@ In this case, it requires the scope `me` (it could require more than one scope).
!!! tip
Prefer to use the `Annotated` version if possible.
```Python hl_lines="4 139 168"
```Python hl_lines="5 140 169"
{!> ../../../docs_src/security/tutorial005_py39.py!}
```
@ -283,7 +283,7 @@ In this case, it requires the scope `me` (it could require more than one scope).
!!! tip
Prefer to use the `Annotated` version if possible.
```Python hl_lines="4 139 168"
```Python hl_lines="5 140 169"
{!> ../../../docs_src/security/tutorial005.py!}
```
@ -310,19 +310,19 @@ This `SecurityScopes` class is similar to `Request` (`Request` was used to get t
=== "Python 3.10+"
```Python hl_lines="8 105"
```Python hl_lines="9 106"
{!> ../../../docs_src/security/tutorial005_an_py310.py!}
```
=== "Python 3.9+"
```Python hl_lines="8 105"
```Python hl_lines="9 106"
{!> ../../../docs_src/security/tutorial005_an_py39.py!}
```
=== "Python 3.8+"
```Python hl_lines="8 106"
```Python hl_lines="9 107"
{!> ../../../docs_src/security/tutorial005_an.py!}
```
@ -331,7 +331,7 @@ This `SecurityScopes` class is similar to `Request` (`Request` was used to get t
!!! tip
Prefer to use the `Annotated` version if possible.
```Python hl_lines="7 104"
```Python hl_lines="8 105"
{!> ../../../docs_src/security/tutorial005_py310.py!}
```
@ -340,7 +340,7 @@ This `SecurityScopes` class is similar to `Request` (`Request` was used to get t
!!! tip
Prefer to use the `Annotated` version if possible.
```Python hl_lines="8 105"
```Python hl_lines="9 106"
{!> ../../../docs_src/security/tutorial005_py39.py!}
```
@ -349,7 +349,7 @@ This `SecurityScopes` class is similar to `Request` (`Request` was used to get t
!!! tip
Prefer to use the `Annotated` version if possible.
```Python hl_lines="8 105"
```Python hl_lines="9 106"
{!> ../../../docs_src/security/tutorial005.py!}
```
@ -367,19 +367,19 @@ In this exception, we include the scopes required (if any) as a string separated
=== "Python 3.10+"
```Python hl_lines="105 107-115"
```Python hl_lines="106 108-116"
{!> ../../../docs_src/security/tutorial005_an_py310.py!}
```
=== "Python 3.9+"
```Python hl_lines="105 107-115"
```Python hl_lines="106 108-116"
{!> ../../../docs_src/security/tutorial005_an_py39.py!}
```
=== "Python 3.8+"
```Python hl_lines="106 108-116"
```Python hl_lines="107 109-117"
{!> ../../../docs_src/security/tutorial005_an.py!}
```
@ -388,7 +388,7 @@ In this exception, we include the scopes required (if any) as a string separated
!!! tip
Prefer to use the `Annotated` version if possible.
```Python hl_lines="104 106-114"
```Python hl_lines="105 107-115"
{!> ../../../docs_src/security/tutorial005_py310.py!}
```
@ -397,7 +397,7 @@ In this exception, we include the scopes required (if any) as a string separated
!!! tip
Prefer to use the `Annotated` version if possible.
```Python hl_lines="105 107-115"
```Python hl_lines="106 108-116"
{!> ../../../docs_src/security/tutorial005_py39.py!}
```
@ -406,7 +406,7 @@ In this exception, we include the scopes required (if any) as a string separated
!!! tip
Prefer to use the `Annotated` version if possible.
```Python hl_lines="105 107-115"
```Python hl_lines="105 108-116"
{!> ../../../docs_src/security/tutorial005.py!}
```
@ -426,19 +426,19 @@ We also verify that we have a user with that username, and if not, we raise that
=== "Python 3.10+"
```Python hl_lines="46 116-127"
```Python hl_lines="47 117-128"
{!> ../../../docs_src/security/tutorial005_an_py310.py!}
```
=== "Python 3.9+"
```Python hl_lines="46 116-127"
```Python hl_lines="47 117-128"
{!> ../../../docs_src/security/tutorial005_an_py39.py!}
```
=== "Python 3.8+"
```Python hl_lines="47 117-128"
```Python hl_lines="48 118-129"
{!> ../../../docs_src/security/tutorial005_an.py!}
```
@ -447,7 +447,7 @@ We also verify that we have a user with that username, and if not, we raise that
!!! tip
Prefer to use the `Annotated` version if possible.
```Python hl_lines="45 115-126"
```Python hl_lines="46 116-127"
{!> ../../../docs_src/security/tutorial005_py310.py!}
```
@ -456,7 +456,7 @@ We also verify that we have a user with that username, and if not, we raise that
!!! tip
Prefer to use the `Annotated` version if possible.
```Python hl_lines="46 116-127"
```Python hl_lines="47 117-128"
{!> ../../../docs_src/security/tutorial005_py39.py!}
```
@ -465,7 +465,7 @@ We also verify that we have a user with that username, and if not, we raise that
!!! tip
Prefer to use the `Annotated` version if possible.
```Python hl_lines="46 116-127"
```Python hl_lines="47 117-128"
{!> ../../../docs_src/security/tutorial005.py!}
```
@ -477,19 +477,19 @@ For this, we use `security_scopes.scopes`, that contains a `list` with all these
=== "Python 3.10+"
```Python hl_lines="128-134"
```Python hl_lines="129-135"
{!> ../../../docs_src/security/tutorial005_an_py310.py!}
```
=== "Python 3.9+"
```Python hl_lines="128-134"
```Python hl_lines="129-135"
{!> ../../../docs_src/security/tutorial005_an_py39.py!}
```
=== "Python 3.8+"
```Python hl_lines="129-135"
```Python hl_lines="130-136"
{!> ../../../docs_src/security/tutorial005_an.py!}
```
@ -498,7 +498,7 @@ For this, we use `security_scopes.scopes`, that contains a `list` with all these
!!! tip
Prefer to use the `Annotated` version if possible.
```Python hl_lines="127-133"
```Python hl_lines="128-134"
{!> ../../../docs_src/security/tutorial005_py310.py!}
```
@ -507,7 +507,7 @@ For this, we use `security_scopes.scopes`, that contains a `list` with all these
!!! tip
Prefer to use the `Annotated` version if possible.
```Python hl_lines="128-134"
```Python hl_lines="129-135"
{!> ../../../docs_src/security/tutorial005_py39.py!}
```
@ -516,7 +516,7 @@ For this, we use `security_scopes.scopes`, that contains a `list` with all these
!!! tip
Prefer to use the `Annotated` version if possible.
```Python hl_lines="128-134"
```Python hl_lines="129-135"
{!> ../../../docs_src/security/tutorial005.py!}
```

5
docs_src/security/tutorial005.py
View File

@ -1,13 +1,14 @@
from datetime import datetime, timedelta, timezone
from typing import List, Union
import jwt
from fastapi import Depends, FastAPI, HTTPException, Security, status
from fastapi.security import (
OAuth2PasswordBearer,
OAuth2PasswordRequestForm,
SecurityScopes,
)
from jose import JWTError, jwt
from jwt.exceptions import InvalidTokenError
from passlib.context import CryptContext
from pydantic import BaseModel, ValidationError
@ -120,7 +121,7 @@ async def get_current_user(
raise credentials_exception
token_scopes = payload.get("scopes", [])
token_data = TokenData(scopes=token_scopes, username=username)
except (JWTError, ValidationError):
except (InvalidTokenError, ValidationError):
raise credentials_exception
user = get_user(fake_users_db, username=token_data.username)
if user is None:

5
docs_src/security/tutorial005_an.py
View File

@ -1,13 +1,14 @@
from datetime import datetime, timedelta, timezone
from typing import List, Union
import jwt
from fastapi import Depends, FastAPI, HTTPException, Security, status
from fastapi.security import (
OAuth2PasswordBearer,
OAuth2PasswordRequestForm,
SecurityScopes,
)
from jose import JWTError, jwt
from jwt.exceptions import InvalidTokenError
from passlib.context import CryptContext
from pydantic import BaseModel, ValidationError
from typing_extensions import Annotated
@ -121,7 +122,7 @@ async def get_current_user(
raise credentials_exception
token_scopes = payload.get("scopes", [])
token_data = TokenData(scopes=token_scopes, username=username)
except (JWTError, ValidationError):
except (InvalidTokenError, ValidationError):
raise credentials_exception
user = get_user(fake_users_db, username=token_data.username)
if user is None:

5
docs_src/security/tutorial005_an_py310.py
View File

@ -1,13 +1,14 @@
from datetime import datetime, timedelta, timezone
from typing import Annotated
import jwt
from fastapi import Depends, FastAPI, HTTPException, Security, status
from fastapi.security import (
OAuth2PasswordBearer,
OAuth2PasswordRequestForm,
SecurityScopes,
)
from jose import JWTError, jwt
from jwt.exceptions import InvalidTokenError
from passlib.context import CryptContext
from pydantic import BaseModel, ValidationError
@ -120,7 +121,7 @@ async def get_current_user(
raise credentials_exception
token_scopes = payload.get("scopes", [])
token_data = TokenData(scopes=token_scopes, username=username)
except (JWTError, ValidationError):
except (InvalidTokenError, ValidationError):
raise credentials_exception
user = get_user(fake_users_db, username=token_data.username)
if user is None:

5
docs_src/security/tutorial005_an_py39.py
View File

@ -1,13 +1,14 @@
from datetime import datetime, timedelta, timezone
from typing import Annotated, List, Union
import jwt
from fastapi import Depends, FastAPI, HTTPException, Security, status
from fastapi.security import (
OAuth2PasswordBearer,
OAuth2PasswordRequestForm,
SecurityScopes,
)
from jose import JWTError, jwt
from jwt.exceptions import InvalidTokenError
from passlib.context import CryptContext
from pydantic import BaseModel, ValidationError
@ -120,7 +121,7 @@ async def get_current_user(
raise credentials_exception
token_scopes = payload.get("scopes", [])
token_data = TokenData(scopes=token_scopes, username=username)
except (JWTError, ValidationError):
except (InvalidTokenError, ValidationError):
raise credentials_exception
user = get_user(fake_users_db, username=token_data.username)
if user is None:

5
docs_src/security/tutorial005_py310.py
View File

@ -1,12 +1,13 @@
from datetime import datetime, timedelta, timezone
import jwt
from fastapi import Depends, FastAPI, HTTPException, Security, status
from fastapi.security import (
OAuth2PasswordBearer,
OAuth2PasswordRequestForm,
SecurityScopes,
)
from jose import JWTError, jwt
from jwt.exceptions import InvalidTokenError
from passlib.context import CryptContext
from pydantic import BaseModel, ValidationError
@ -119,7 +120,7 @@ async def get_current_user(
raise credentials_exception
token_scopes = payload.get("scopes", [])
token_data = TokenData(scopes=token_scopes, username=username)
except (JWTError, ValidationError):
except (InvalidTokenError, ValidationError):
raise credentials_exception
user = get_user(fake_users_db, username=token_data.username)
if user is None:

5
docs_src/security/tutorial005_py39.py
View File

@ -1,13 +1,14 @@
from datetime import datetime, timedelta, timezone
from typing import Union
import jwt
from fastapi import Depends, FastAPI, HTTPException, Security, status
from fastapi.security import (
OAuth2PasswordBearer,
OAuth2PasswordRequestForm,
SecurityScopes,
)
from jose import JWTError, jwt
from jwt.exceptions import InvalidTokenError
from passlib.context import CryptContext
from pydantic import BaseModel, ValidationError
@ -120,7 +121,7 @@ async def get_current_user(
raise credentials_exception
token_scopes = payload.get("scopes", [])
token_data = TokenData(scopes=token_scopes, username=username)
except (JWTError, ValidationError):
except (InvalidTokenError, ValidationError):
raise credentials_exception
user = get_user(fake_users_db, username=token_data.username)
if user is None: