[18.0][MIG] fastapi_auth_jwt: Migration to 18.0

.pre-commit-config.yaml

@@ -1,7 +1,7 @@
 exclude: |
   (?x)
   # NOT INSTALLABLE ADDONS
-  ^extendable/|
+  ^fastapi_auth_jwt/|
   # END NOT INSTALLABLE ADDONS
   # Files and folders generated by bots, to avoid loops
   ^setup/|/static/description/index\.html$|

base_rest_auth_api_key/static/description/index.html

@@ -374,7 +374,7 @@ <h1>Base Rest Auth Api Key</h1>
 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
 !! source digest: sha256:7c57ea5f8972ccd3fd126f96da0ff252203ec8d51cb0a1f2e4a1b101e730d838
 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! -->
-<p><a class="reference external image-reference" href="https://odoo-community.org/page/development-status"><img alt="Beta" src="https://img.shields.io/badge/maturity-Beta-yellow.png" /></a> <a class="reference external image-reference" href="http://www.gnu.org/licenses/lgpl-3.0-standalone.html"><img alt="License: LGPL-3" src="https://img.shields.io/badge/license-LGPL--3-blue.png" /></a> <a class="reference external image-reference" href="https://github.com/OCA/rest-framework/tree/18.0/base_rest_auth_api_key"><img alt="OCA/rest-framework" src="https://img.shields.io/badge/github-OCA%2Frest--framework-lightgray.png?logo=github" /></a> <a class="reference external image-reference" href="https://translation.odoo-community.org/projects/rest-framework-18-0/rest-framework-18-0-base_rest_auth_api_key"><img alt="Translate me on Weblate" src="https://img.shields.io/badge/weblate-Translate%20me-F47D42.png" /></a> <a class="reference external image-reference" href="https://runboat.odoo-community.org/builds?repo=OCA/rest-framework&amp;target_branch=18.0"><img alt="Try me on Runboat" src="https://img.shields.io/badge/runboat-Try%20me-875A7B.png" /></a></p>
+<p><a class="reference external image-reference" href="https://odoo-community.org/page/development-status"><img alt="Beta" src="https://img.shields.io/badge/maturity-Beta-yellow.png" /></a> <a class="reference external image-reference" href="http://www.gnu.org/licenses/lgpl-3.0-standalone.html"><img alt="License: LGPL-3" src="https://img.shields.io/badge/licence-LGPL--3-blue.png" /></a> <a class="reference external image-reference" href="https://github.com/OCA/rest-framework/tree/18.0/base_rest_auth_api_key"><img alt="OCA/rest-framework" src="https://img.shields.io/badge/github-OCA%2Frest--framework-lightgray.png?logo=github" /></a> <a class="reference external image-reference" href="https://translation.odoo-community.org/projects/rest-framework-18-0/rest-framework-18-0-base_rest_auth_api_key"><img alt="Translate me on Weblate" src="https://img.shields.io/badge/weblate-Translate%20me-F47D42.png" /></a> <a class="reference external image-reference" href="https://runboat.odoo-community.org/builds?repo=OCA/rest-framework&amp;target_branch=18.0"><img alt="Try me on Runboat" src="https://img.shields.io/badge/runboat-Try%20me-875A7B.png" /></a></p>
 <p>This technical addon extend base_rest to add the support for
 auth_api_key authentication mechanism into the generated openapi
 documentation.</p>

extendable/tests/common.py

@@ -3,7 +3,6 @@
 
 from contextlib import contextmanager
 
-import odoo
 from odoo import SUPERUSER_ID, api
 from odoo.modules.registry import Registry
 from odoo.tests import common

fastapi_auth_jwt/README.rst

@@ -0,0 +1,148 @@
+========================
+FastAPI Auth JWT support
+========================
+
+.. 
+   !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+   !! This file is generated by oca-gen-addon-readme !!
+   !! changes will be overwritten.                   !!
+   !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+   !! source digest: sha256:2829a34d48a1906819029e7b796d33a1ee2ad2a47693396da96f92ede04ec17d
+   !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+
+.. |badge1| image:: https://img.shields.io/badge/maturity-Beta-yellow.png
+    :target: https://odoo-community.org/page/development-status
+    :alt: Beta
+.. |badge2| image:: https://img.shields.io/badge/licence-LGPL--3-blue.png
+    :target: http://www.gnu.org/licenses/lgpl-3.0-standalone.html
+    :alt: License: LGPL-3
+.. |badge3| image:: https://img.shields.io/badge/github-OCA%2Frest--framework-lightgray.png?logo=github
+    :target: https://github.com/OCA/rest-framework/tree/18.0/fastapi_auth_jwt
+    :alt: OCA/rest-framework
+.. |badge4| image:: https://img.shields.io/badge/weblate-Translate%20me-F47D42.png
+    :target: https://translation.odoo-community.org/projects/rest-framework-18-0/rest-framework-18-0-fastapi_auth_jwt
+    :alt: Translate me on Weblate
+.. |badge5| image:: https://img.shields.io/badge/runboat-Try%20me-875A7B.png
+    :target: https://runboat.odoo-community.org/builds?repo=OCA/rest-framework&target_branch=18.0
+    :alt: Try me on Runboat
+
+|badge1| |badge2| |badge3| |badge4| |badge5|
+
+This module provides ``FastAPI`` ``Depends`` to allow authentication
+with
+`auth_jwt <https://github.com/OCA/server-auth/tree/18.0/auth_jwt>`__.
+
+**Table of contents**
+
+.. contents::
+   :local:
+
+Usage
+=====
+
+The following FastAPI dependencies are provided and importable from
+``odoo.addons.fastapi_auth_jwt.dependencies``:
+
+``def auth_jwt_authenticated_payload() -> Payload``
+
+   Return the authenticated JWT payload. Raise a 401 (unauthorized) if
+   absent or invalid.
+
+``def auth_jwt_optionally_authenticated_payload() -> Payload | None``
+
+   Return the authenticated JWT payload, or ``None`` if the
+   ``Authorization`` header and cookie are absent. Raise a 401
+   (unauthorized) if present and invalid.
+
+``def auth_jwt_authenticated_partner() -> Partner``
+
+   Obtain the authenticated partner corresponding to the provided JWT
+   token, according to the partner strategy defined on the ``auth_jwt``
+   validator. Raise a 401 (unauthorized) if the partner could not be
+   determined for any reason.
+
+   This is function suitable and intended to override
+   ``odoo.addons.fastapi.dependencies.authenticated_partner_impl``.
+
+   The partner record returned by this function is bound to an
+   environment that uses the Odoo user obtained from the user strategy
+   defined on the ``auth_jwt`` validator. When used
+   ``authenticated_partner_impl`` this in turn ensures that
+   ``odoo.addons.fastapi.dependencies.authenticated_partner_env`` is
+   also bound to the correct Odoo user.
+
+``def auth_jwt_optionally_authenticated_partner() -> Partner``
+
+   Same as ``auth_jwt_partner`` except it returns an empty recordset
+   bound to the ``public`` user if the ``Authorization`` header and
+   cookie are absent, or if the JWT validator could not find the partner
+   and declares that the partner is not required.
+
+``def auth_jwt_authenticated_odoo_env() -> Environment``
+
+   Return an Odoo environment using the the Odoo user obtained from the
+   user strategy defined on the ``auth_jwt`` validator, if the request
+   could be authenticated using a JWT validator. Raise a 401
+   (unauthorized) otherwise.
+
+   This is function suitable and intended to override
+   ``odoo.addons.fastapi.dependencies.authenticated_odoo_env_impl``.
+
+``def auth_jwt_default_validator_name() -> str | None``
+
+   Return the name of the default JWT validator to use.
+
+   The default implementation returns ``None`` meaning only one active
+   JWT validator is allowed. This dependency is meant to be overridden.
+
+``def auth_jwt_http_header_authorization() -> str | None``
+
+   By default, return the credentials part of the ``Authorization``
+   header, or ``None`` if absent. This dependency is meant to be
+   overridden, in particular with
+   ``fastapi.security.OAuth2AuthorizationCodeBearer`` to let swagger
+   handle OAuth2 authorization (such override is only necessary for
+   comfort when using the swagger interface).
+
+Bug Tracker
+===========
+
+Bugs are tracked on `GitHub Issues <https://github.com/OCA/rest-framework/issues>`_.
+In case of trouble, please check there if your issue has already been reported.
+If you spotted it first, help us to smash it by providing a detailed and welcomed
+`feedback <https://github.com/OCA/rest-framework/issues/new?body=module:%20fastapi_auth_jwt%0Aversion:%2018.0%0A%0A**Steps%20to%20reproduce**%0A-%20...%0A%0A**Current%20behavior**%0A%0A**Expected%20behavior**>`_.
+
+Do not contact contributors directly about support or help with technical issues.
+
+Credits
+=======
+
+Authors
+-------
+
+* ACSONE SA/NV
+
+Maintainers
+-----------
+
+This module is maintained by the OCA.
+
+.. image:: https://odoo-community.org/logo.png
+   :alt: Odoo Community Association
+   :target: https://odoo-community.org
+
+OCA, or the Odoo Community Association, is a nonprofit organization whose
+mission is to support the collaborative development of Odoo features and
+promote its widespread use.
+
+.. |maintainer-sbidoul| image:: https://github.com/sbidoul.png?size=40px
+    :target: https://github.com/sbidoul
+    :alt: sbidoul
+
+Current `maintainer <https://odoo-community.org/page/maintainer-role>`__:
+
+|maintainer-sbidoul| 
+
+This module is part of the `OCA/rest-framework <https://github.com/OCA/rest-framework/tree/18.0/fastapi_auth_jwt>`_ project on GitHub.
+
+You are welcome to contribute. To learn how please visit https://odoo-community.org/page/Contribute.

fastapi_auth_jwt/__manifest__.py

@@ -0,0 +1,21 @@
+# Copyright 2023 ACSONE SA/NV
+# License LGPL-3.0 or later (http://www.gnu.org/licenses/lgpl).
+
+{
+    "name": "FastAPI Auth JWT support",
+    "summary": """
+        JWT bearer token authentication for FastAPI.""",
+    "version": "18.0.1.0.0",
+    "license": "LGPL-3",
+    "author": "ACSONE SA/NV,Odoo Community Association (OCA)",
+    "maintainers": ["sbidoul"],
+    "website": "https://github.com/OCA/rest-framework",
+    "external_dependencies": {"python": ["pyjwt", "cryptography"]},
+    "depends": [
+        "fastapi",
+        "auth_jwt",
+    ],
+    "data": [],
+    "demo": [],
+    "installable": True,
+}