fastapi-sso


Namefastapi-sso JSON
Version 0.17.0 PyPI version JSON
download
home_pagehttps://tomasvotava.github.io/fastapi-sso/
SummaryFastAPI plugin to enable SSO to most common providers (such as Facebook login, Google login and login via Microsoft Office 365 Account)
upload_time2024-11-04 14:01:33
maintainerNone
docs_urlNone
authorTomas Votava
requires_python<4.0,>=3.8
licenseMIT
keywords fastapi sso oauth google facebook spotify linkedin
VCS
bugtrack_url
requirements No requirements were recorded.
Travis-CI No Travis.
coveralls test coverage No coveralls. 
            # FastAPI SSO

![Supported Python Versions](https://img.shields.io/pypi/pyversions/fastapi-sso)
[![Test coverage](https://codecov.io/gh/tomasvotava/fastapi-sso/graph/badge.svg?token=SIFCTVSSOS)](https://codecov.io/gh/tomasvotava/fastapi-sso)
![Tests Workflow Status](https://img.shields.io/github/actions/workflow/status/tomasvotava/fastapi-sso/test.yml?label=tests)
![Lint Workflow Status](https://img.shields.io/github/actions/workflow/status/tomasvotava/fastapi-sso/lint.yml?label=ruff)
![Mypy Workflow Status](https://img.shields.io/github/actions/workflow/status/tomasvotava/fastapi-sso/lint.yml?label=mypy)
![Black Workflow Status](https://img.shields.io/github/actions/workflow/status/tomasvotava/fastapi-sso/lint.yml?label=black)
![CodeQL Workflow Status](https://img.shields.io/github/actions/workflow/status/tomasvotava/fastapi-sso/codeql-analysis.yml?label=CodeQL)
![PyPi weekly downloads](https://img.shields.io/pypi/dw/fastapi-sso)
![Project License](https://img.shields.io/github/license/tomasvotava/fastapi-sso)
![PyPi Version](https://img.shields.io/pypi/v/fastapi-sso)

FastAPI plugin to enable SSO to most common providers (such as Facebook login, Google login and login via
Microsoft Office 365 account).

This allows you to implement the famous `Login with Google/Facebook/Microsoft` buttons functionality on your
backend very easily.

**Documentation**: [https://tomasvotava.github.io/fastapi-sso/](https://tomasvotava.github.io/fastapi-sso/)

**Source Code**: [https://github.com/tomasvotava/fastapi-sso](https://github.com/tomasvotava/fastapi-sso/)

## Demo site

An awesome demo site was created and is maintained by even awesomer
[Chris Karvouniaris (@chrisK824)](https://github.com/chrisK824). Chris has also posted multiple
Medium articles about FastAPI and FastAPI SSO.

Be sure to see his tutorials, follow him and show him some appreciation!

Please see his [announcement](https://github.com/tomasvotava/fastapi-sso/discussions/150) with all the links.

Quick links for the eager ones:

- [Demo site](https://fastapi-sso-example.vercel.app/)
- [Medium articles](https://medium.com/@christos.karvouniaris247)

## Security Notice

### Version `0.16.0` Update: Race Condition Bug Fix & Context Manager Change

A race condition bug in the login flow that could, in rare cases, allow one user
to assume the identity of another due to concurrent login requests was recently discovered
by [@parikls](https://github.com/parikls).
This issue was reported in [#186](https://github.com/tomasvotava/fastapi-sso/issues/186) and has been resolved
in version `0.16.0`.

**Details of the Fix:**

The bug was mitigated by introducing an async lock mechanism that ensures only one user can attempt the login
process at any given time. This prevents race conditions that could lead to unintended user identity crossover.

**Important Change:**

To fully support this fix, **users must now use the SSO instance within an `async with`
context manager**. This adjustment is necessary for proper handling of asynchronous operations.

The synchronous `with` context manager is now deprecated and will produce a warning.
It will be removed in future versions to ensure best practices for async handling.

**Impact:**

This bug could potentially affect deployments with high concurrency or scenarios where multiple users initiate
login requests simultaneously. To prevent potential issues and deprecation warnings, **update to
version `0.16.0` or later and modify your code to use the async with context**.

Code Example Update:

```python
# Before (deprecated)
with sso:
    openid = await sso.verify_and_process(request)

# After (recommended)
async with sso:
    openid = await sso.verify_and_process(request)
```

Thanks to both [@parikls](https://github.com/parikls) and the community for helping me identify and improve the
security of `fastapi-sso`. If you encounter any issues or potential vulnerabilities, please report them
immediately so they can be addressed.

For more details, refer to Issue [#186](https://github.com/tomasvotava/fastapi-sso/issues/186)
and PR [#189](https://github.com/tomasvotava/fastapi-sso/pull/189).

## Support this project

If you'd like to support this project, consider [buying me a coffee ☕](https://www.buymeacoffee.com/tomas.votava).
I tend to process Pull Requests faster when properly caffeinated 😉.

<a href="https://www.buymeacoffee.com/tomas.votava" target="_blank">
<img src="https://cdn.buymeacoffee.com/buttons/v2/default-yellow.png"
    alt="Buy Me A Coffee" style="height: 60px !important;width: 217px !important;" ></a>

## Supported login providers

### Official

- Google
- Microsoft
- Facebook
- Spotify
- Fitbit
- Github (credits to [Brandl](https://github.com/Brandl) for hint using `accept` header)
- generic (see [docs](https://tomasvotava.github.io/fastapi-sso/reference/sso.generic/))
- Notion
- Twitter (X)

### Contributed

- Kakao (by Jae-Baek Song - [thdwoqor](https://github.com/thdwoqor))
- Naver (by 1tang2bang92) - [1tang2bang92](https://github.com/1tang2bang92)
- Gitlab (by Alessandro Pischedda) - [Cereal84](https://github.com/Cereal84)
- Line (by Jimmy Yeh) - [jimmyyyeh](https://github.com/jimmyyyeh)
- LinkedIn (by Alessandro Pischedda) - [Cereal84](https://github.com/Cereal84)
- Yandex (by Akim Faskhutdinov) – [akimrx](https://github.com/akimrx)
- Seznam (by Tomas Koutek) - [TomasKoutek](https://github.com/TomasKoutek)
- Discord (by Kaelian Baudelet) - [afi-dev](https://github.com/afi-dev)
- Bitbucket (by Kaelian Baudelet) - [afi-dev](https://github.com/afi-dev)

See [Contributing](#contributing) for a guide on how to contribute your own login provider.

## Installation

### Install using `pip`

```console
pip install fastapi-sso
```

### Install using `poetry`

```console
poetry add fastapi-sso
```

## Contributing

If you'd like to contribute and add your specific login provider, please see
[Contributing](https://tomasvotava.github.io/fastapi-sso/contributing) file.

Raw data

            {
    "_id": null,
    "home_page": "https://tomasvotava.github.io/fastapi-sso/",
    "name": "fastapi-sso",
    "maintainer": null,
    "docs_url": null,
    "requires_python": "<4.0,>=3.8",
    "maintainer_email": null,
    "keywords": "fastapi, sso, oauth, google, facebook, spotify, linkedin",
    "author": "Tomas Votava",
    "author_email": "info@tomasvotava.eu",
    "download_url": "https://files.pythonhosted.org/packages/91/7b/6f3c6ca695e5850ebbea7b5c31f3a85eab6da8d54db4a5fe2a20cc4fd70b/fastapi_sso-0.17.0.tar.gz",
    "platform": null,
    "description": "# FastAPI SSO\n\n![Supported Python Versions](https://img.shields.io/pypi/pyversions/fastapi-sso)\n[![Test coverage](https://codecov.io/gh/tomasvotava/fastapi-sso/graph/badge.svg?token=SIFCTVSSOS)](https://codecov.io/gh/tomasvotava/fastapi-sso)\n![Tests Workflow Status](https://img.shields.io/github/actions/workflow/status/tomasvotava/fastapi-sso/test.yml?label=tests)\n![Lint Workflow Status](https://img.shields.io/github/actions/workflow/status/tomasvotava/fastapi-sso/lint.yml?label=ruff)\n![Mypy Workflow Status](https://img.shields.io/github/actions/workflow/status/tomasvotava/fastapi-sso/lint.yml?label=mypy)\n![Black Workflow Status](https://img.shields.io/github/actions/workflow/status/tomasvotava/fastapi-sso/lint.yml?label=black)\n![CodeQL Workflow Status](https://img.shields.io/github/actions/workflow/status/tomasvotava/fastapi-sso/codeql-analysis.yml?label=CodeQL)\n![PyPi weekly downloads](https://img.shields.io/pypi/dw/fastapi-sso)\n![Project License](https://img.shields.io/github/license/tomasvotava/fastapi-sso)\n![PyPi Version](https://img.shields.io/pypi/v/fastapi-sso)\n\nFastAPI plugin to enable SSO to most common providers (such as Facebook login, Google login and login via\nMicrosoft Office 365 account).\n\nThis allows you to implement the famous `Login with Google/Facebook/Microsoft` buttons functionality on your\nbackend very easily.\n\n**Documentation**: [https://tomasvotava.github.io/fastapi-sso/](https://tomasvotava.github.io/fastapi-sso/)\n\n**Source Code**: [https://github.com/tomasvotava/fastapi-sso](https://github.com/tomasvotava/fastapi-sso/)\n\n## Demo site\n\nAn awesome demo site was created and is maintained by even awesomer\n[Chris Karvouniaris (@chrisK824)](https://github.com/chrisK824). Chris has also posted multiple\nMedium articles about FastAPI and FastAPI SSO.\n\nBe sure to see his tutorials, follow him and show him some appreciation!\n\nPlease see his [announcement](https://github.com/tomasvotava/fastapi-sso/discussions/150) with all the links.\n\nQuick links for the eager ones:\n\n- [Demo site](https://fastapi-sso-example.vercel.app/)\n- [Medium articles](https://medium.com/@christos.karvouniaris247)\n\n## Security Notice\n\n### Version `0.16.0` Update: Race Condition Bug Fix & Context Manager Change\n\nA race condition bug in the login flow that could, in rare cases, allow one user\nto assume the identity of another due to concurrent login requests was recently discovered\nby [@parikls](https://github.com/parikls).\nThis issue was reported in [#186](https://github.com/tomasvotava/fastapi-sso/issues/186) and has been resolved\nin version `0.16.0`.\n\n**Details of the Fix:**\n\nThe bug was mitigated by introducing an async lock mechanism that ensures only one user can attempt the login\nprocess at any given time. This prevents race conditions that could lead to unintended user identity crossover.\n\n**Important Change:**\n\nTo fully support this fix, **users must now use the SSO instance within an `async with`\ncontext manager**. This adjustment is necessary for proper handling of asynchronous operations.\n\nThe synchronous `with` context manager is now deprecated and will produce a warning.\nIt will be removed in future versions to ensure best practices for async handling.\n\n**Impact:**\n\nThis bug could potentially affect deployments with high concurrency or scenarios where multiple users initiate\nlogin requests simultaneously. To prevent potential issues and deprecation warnings, **update to\nversion `0.16.0` or later and modify your code to use the async with context**.\n\nCode Example Update:\n\n```python\n# Before (deprecated)\nwith sso:\n    openid = await sso.verify_and_process(request)\n\n# After (recommended)\nasync with sso:\n    openid = await sso.verify_and_process(request)\n```\n\nThanks to both [@parikls](https://github.com/parikls) and the community for helping me identify and improve the\nsecurity of `fastapi-sso`. If you encounter any issues or potential vulnerabilities, please report them\nimmediately so they can be addressed.\n\nFor more details, refer to Issue [#186](https://github.com/tomasvotava/fastapi-sso/issues/186)\nand PR [#189](https://github.com/tomasvotava/fastapi-sso/pull/189).\n\n## Support this project\n\nIf you'd like to support this project, consider [buying me a coffee \u2615](https://www.buymeacoffee.com/tomas.votava).\nI tend to process Pull Requests faster when properly caffeinated \ud83d\ude09.\n\n<a href=\"https://www.buymeacoffee.com/tomas.votava\" target=\"_blank\">\n<img src=\"https://cdn.buymeacoffee.com/buttons/v2/default-yellow.png\"\n    alt=\"Buy Me A Coffee\" style=\"height: 60px !important;width: 217px !important;\" ></a>\n\n## Supported login providers\n\n### Official\n\n- Google\n- Microsoft\n- Facebook\n- Spotify\n- Fitbit\n- Github (credits to [Brandl](https://github.com/Brandl) for hint using `accept` header)\n- generic (see [docs](https://tomasvotava.github.io/fastapi-sso/reference/sso.generic/))\n- Notion\n- Twitter (X)\n\n### Contributed\n\n- Kakao (by Jae-Baek Song - [thdwoqor](https://github.com/thdwoqor))\n- Naver (by 1tang2bang92) - [1tang2bang92](https://github.com/1tang2bang92)\n- Gitlab (by Alessandro Pischedda) - [Cereal84](https://github.com/Cereal84)\n- Line (by Jimmy Yeh) - [jimmyyyeh](https://github.com/jimmyyyeh)\n- LinkedIn (by Alessandro Pischedda) - [Cereal84](https://github.com/Cereal84)\n- Yandex (by Akim Faskhutdinov) \u2013 [akimrx](https://github.com/akimrx)\n- Seznam (by Tomas Koutek) - [TomasKoutek](https://github.com/TomasKoutek)\n- Discord (by Kaelian Baudelet) - [afi-dev](https://github.com/afi-dev)\n- Bitbucket (by Kaelian Baudelet) - [afi-dev](https://github.com/afi-dev)\n\nSee [Contributing](#contributing) for a guide on how to contribute your own login provider.\n\n## Installation\n\n### Install using `pip`\n\n```console\npip install fastapi-sso\n```\n\n### Install using `poetry`\n\n```console\npoetry add fastapi-sso\n```\n\n## Contributing\n\nIf you'd like to contribute and add your specific login provider, please see\n[Contributing](https://tomasvotava.github.io/fastapi-sso/contributing) file.\n",
    "bugtrack_url": null,
    "license": "MIT",
    "summary": "FastAPI plugin to enable SSO to most common providers (such as Facebook login, Google login and login via Microsoft Office 365 Account)",
    "version": "0.17.0",
    "project_urls": {
        "Documentation": "https://tomasvotava.github.io/fastapi-sso/",
        "Homepage": "https://tomasvotava.github.io/fastapi-sso/",
        "Repository": "https://github.com/tomasvotava/fastapi-sso"
    },
    "split_keywords": [
        "fastapi",
        " sso",
        " oauth",
        " google",
        " facebook",
        " spotify",
        " linkedin"
    ],
    "urls": [
        {
            "comment_text": "",
            "digests": {
                "blake2b_256": "e1baddf5c2d7fafb503d64765b485518ad5cd49a08dfab39bdb3500d494f10f5",
                "md5": "552127d76e70fab7db601705ed9803d3",
                "sha256": "5acadc7e46d7a9bd7974c7046c472048dc93fb2bf7b2d496550c012fc98d0f0f"
            },
            "downloads": -1,
            "filename": "fastapi_sso-0.17.0-py3-none-any.whl",
            "has_sig": false,
            "md5_digest": "552127d76e70fab7db601705ed9803d3",
            "packagetype": "bdist_wheel",
            "python_version": "py3",
            "requires_python": "<4.0,>=3.8",
            "size": 25910,
            "upload_time": "2024-11-04T14:01:32",
            "upload_time_iso_8601": "2024-11-04T14:01:32.383751Z",
            "url": "https://files.pythonhosted.org/packages/e1/ba/ddf5c2d7fafb503d64765b485518ad5cd49a08dfab39bdb3500d494f10f5/fastapi_sso-0.17.0-py3-none-any.whl",
            "yanked": false,
            "yanked_reason": null
        },
        {
            "comment_text": "",
            "digests": {
                "blake2b_256": "917b6f3c6ca695e5850ebbea7b5c31f3a85eab6da8d54db4a5fe2a20cc4fd70b",
                "md5": "c7a39540d1c5453a4291d4e113fb75ea",
                "sha256": "fa0e46a2a935999ea98874669c1925f4ef02d023d95ed703c8b126419275c627"
            },
            "downloads": -1,
            "filename": "fastapi_sso-0.17.0.tar.gz",
            "has_sig": false,
            "md5_digest": "c7a39540d1c5453a4291d4e113fb75ea",
            "packagetype": "sdist",
            "python_version": "source",
            "requires_python": "<4.0,>=3.8",
            "size": 17225,
            "upload_time": "2024-11-04T14:01:33",
            "upload_time_iso_8601": "2024-11-04T14:01:33.831053Z",
            "url": "https://files.pythonhosted.org/packages/91/7b/6f3c6ca695e5850ebbea7b5c31f3a85eab6da8d54db4a5fe2a20cc4fd70b/fastapi_sso-0.17.0.tar.gz",
            "yanked": false,
            "yanked_reason": null
        }
    ],
    "upload_time": "2024-11-04 14:01:33",
    "github": true,
    "gitlab": false,
    "bitbucket": false,
    "codeberg": false,
    "github_user": "tomasvotava",
    "github_project": "fastapi-sso",
    "travis_ci": false,
    "coveralls": false,
    "github_actions": true,
    "tox": true,
    "lcname": "fastapi-sso"
}
Tomas Votava
Elapsed time: 0.39943s