httpx_auth integration - OAuth2, AWSSigV4, and more #92
Conversation
Using httpx_auth in the glue files so that the httpx authentication parameter is used as much as possible. The changes were designed to handle combination authentication methods. It brings support for OAuth2, AWSSigV4, and more.
Any authentication method in the httpx_auth library can be used directly and dynamically. In order to ensure Security Schemes Objects continue to follow the OpenAPI specifications, the type must be set to "http" and the scheme can be set to any of the httpx_auth classes that extend the httpx.Auth class.
Example Spec:
spec = {...}
spec["components"]["securitySchemes"]["sigv4"] = {"type": "http", "scheme": "aws4auth"}
api = OpenAPI("fict.iv", document=spec)
api.authenticate(
apiKey="asdf1234",
sigv4={
"access_id": "my-access-id",
"secret_key": "my-secret-key",
"service": "execute-api",
"region": "us-east-1",
},
)
Added httpx-auth to the install requirements
aiopenapi3/v30/glue.py
Outdated
|
|
||
| for auth in add_auths: | ||
| if self.req.auth: | ||
| self.req.auth += auth |
There was a problem hiding this comment.
this actually works?
I guess test_paths_security_combined should validate this
There was a problem hiding this comment.
Yes, although conditionally. It's a feature of httpx_auth. Ref: https://github.com/Colin-b/httpx_auth/blob/60bb9a7f4beb4b370398ae8fcb7d4402daa0b0bd/httpx_auth/authentication.py#L93
I think the code should be fine as is since all of that auth objects will be subclasses of httpx_auth.authentication.SupportMultiAuth, however I will add checks for this condition to be safe.
|
Hi, I'd be more comfortable if httpx-auth was optional and not a hard requirement. |
Only uses httpx_auth if it's been installed separately.
|
That's understandable. In that case, this would probably best be handled by an Authentication plugin of some kind. Although, that may be outside of my development window for the near future. |
|
Could you test https://github.com/commonism/aiopenapi3/tree/Esquire-Media/master ? I'll have to document httpx_auth & Colin-b/httpx_auth#48 somehow additionally. I'd be best if you'd grant me edit privileges for the PR, so I can adjust the PR/repo to incorporate my changes. |
|
My apologies, I'm just now seeing your request. Thank you for reviewing, cleaning up, and merging my code. With the issue being close, is there anything you need from me at this point? |
|
No - this is settled. |
Using httpx_auth in the glue files so that the httpx authentication parameter is used as much as possible. The changes were designed to handle combination authentication methods. It brings support for OAuth2, AWSSigV4, and more.
Any authentication method in the httpx_auth library can be used directly and dynamically. In order to ensure Security Schemes Objects continue to follow the OpenAPI specifications, the type must be set to "http" and the scheme can be set to any of the httpx_auth classes that extend the httpx.Auth class.
Example Spec: