Enable login via oauth #229
Open
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Contributor
Author
|
@igorbenav please have a look, I think the pattern looks OK, but perhaps is trusting fastapi-sso too much?? l do like the use of the OpenID object though, but for example there is a bug in the microsoft provider that will require a PR in fastapi-sso (I will do that soon). |
…user password i null/None
igorbenav
reviewed
Dec 1, 2025
| """ | ||
| if not oauth_user.email: | ||
| raise UnauthorizedException(f"Invalid response from {self.provider_name.title()} OAuth.") | ||
| username = oauth_user.email.split("@")[0] |
Collaborator
There was a problem hiding this comment.
Isn't there any sort of collision handling here?
igorbenav
reviewed
Dec 1, 2025
| router.include_router(tasks_router) | ||
| router.include_router(tiers_router) | ||
| router.include_router(rate_limits_router) | ||
| router.include_router(users_router) |
Collaborator
There was a problem hiding this comment.
Any reason for this order change?
igorbenav
reviewed
Dec 1, 2025
| } | ||
|
|
||
|
|
||
| class GithubSSOProvider(BaseOAuthProvider): |
Collaborator
There was a problem hiding this comment.
Why is github the only one named with "SSO" instead of OAuth?
igorbenav
reviewed
Dec 1, 2025
| ) | ||
| return access_token | ||
|
|
||
| async def _login_handler(self): |
igorbenav
requested changes
Dec 1, 2025
Collaborator
igorbenav
left a comment
igorbenav
left a comment
There was a problem hiding this comment.
Just a few things that need addressing or answering, plus remove inline comments please (you can use docstrings to document decisions if necessary).
Good PR overall, thanks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This is a WIP because there are some bugs in the underlying fastapi-sso library and there is still missing code in this PR to address robustness, since oauth has to be quite air tight there are a log of exceptions to consider.
For the moment this draft PR adds the patterns to create an oauth provider to the application.
Google, GitHub oauth should be working as is, I tested it.