HTTPBearer token is set, Auth button not shown on /api/docs (#758)

Igoranze · pboers1988 · web-flow · commit 6230904ee08a · 2024-10-24T16:54:19.000+02:00
* Fix: Authenticate refactor for GraphQL and other

* linting

* tmp: add remote oauth2-lib branch

* fix: add brach oauth2-lib auth-b-shown

* Refactor: make it utilize existing class

* tmp: Fix lib import and unit test

* fix: linting

* Fix: linting imports

* Fix: failing tests

* update pyproject

* Fix: HTTPBearerExtractor

* Bump version and update oauth2-lib to 2.3.0

* version RC4

* set version pydantic-forms to 1.1.0 since 1.1.1 has breaking changes

---------

Co-authored-by: Peter Boers &lt;peter.boers@surf.nl&gt;
diff --git a/.bumpversion.cfg b/.bumpversion.cfg
@@ -1,5 +1,5 @@
 [bumpversion]
-current_version = 2.8.0rc3
+current_version = 2.8.0rc4
 commit = False
 tag = False
 parse = (?P<major>\d+)\.(?P<minor>\d+)\.(?P<patch>\d+)(rc(?P<build>\d+))?
diff --git a/orchestrator/__init__.py b/orchestrator/__init__.py
@@ -13,7 +13,7 @@
 
 """This is the orchestrator workflow engine."""
 
-__version__ = "2.8.0rc3"
+__version__ = "2.8.0rc4"
 
 from orchestrator.app import OrchestratorCore
 from orchestrator.settings import app_settings
diff --git a/orchestrator/security.py b/orchestrator/security.py
@@ -14,14 +14,12 @@
 
 from authlib.integrations.starlette_client import OAuth
 from fastapi import Depends
+from fastapi.security.http import HTTPAuthorizationCredentials
 from starlette.requests import Request
 from starlette.websockets import WebSocket
 
 from nwastdlib.url import URL
-from oauth2_lib.fastapi import (
-    HTTPX_SSL_CONTEXT,
-    OIDCUserModel,
-)
+from oauth2_lib.fastapi import HTTPX_SSL_CONTEXT, HttpBearerExtractor, OIDCUserModel
 from oauth2_lib.settings import oauth2lib_settings
 
 oauth_client_credentials = OAuth()
@@ -35,9 +33,15 @@
     client_kwargs={"verify": HTTPX_SSL_CONTEXT},
 )
 
+http_bearer_extractor = HttpBearerExtractor(auto_error=False)
+
 
-async def authenticate(request: Request) -> OIDCUserModel | None:
-    return await request.app.auth_manager.authentication.authenticate(request)
+async def authenticate(
+    request: Request,
+    http_auth_credentials: Annotated[HTTPAuthorizationCredentials | None, Depends(http_bearer_extractor)] = None,
+) -> OIDCUserModel | None:
+    token = http_auth_credentials.credentials if http_auth_credentials else None
+    return await request.app.auth_manager.authentication.authenticate(request, token)
 
 
 async def authorize(request: Request, user: Annotated[OIDCUserModel | None, Depends(authenticate)]) -> bool | None:
diff --git a/pyproject.toml b/pyproject.toml
@@ -61,7 +61,7 @@ dependencies = [
     "typer==0.12.5",
     "uvicorn[standard]~=0.32.0",
     "nwa-stdlib~=1.7.3",
-    "oauth2-lib~=2.2.0",
+    "oauth2-lib~=2.3.0",
     "tabulate==0.9.0",
     "strawberry-graphql==0.232.2",
     "pydantic-forms~=1.1.1",
