armasec

Injectable FastAPI auth via OIDC

3.0.0

PyPI

Maintainers: 1

License

An Omnivector initiative

Armasec

Adding a security layer on top of your API can be difficult, especially when working with an OIDC platform. It's hard enough to get your OIDC provider configured correctly. Armasec aims to take the pain out of securing your APIs routes.

Armasec is an opinionated library that attempts to use the most obvious and commonly used workflows when working with OIDC and making configuration as simple as possible.

When using the Armasec helper class, you only need two configuration settings to get going:

Domain: the domain of your OIDC provider
Audience: An optional setting that restricts tokens to those intended for your API.

That's it! Once you have those settings dialed in, you can just worry about checking the permissions scopes of your endpoints

Documentation

Documentation is hosted hosted on github.io at the Armasec homepage.

Quickstart

Install armasec and uvicorn:

pip install armasec uvicorn

Save th Minimal Example (example.py) locally:

import os

from armasec import Armasec
from fastapi import FastAPI, Depends


app = FastAPI()
armasec = Armasec(
    domain=os.environ.get("ARMASEC_DOMAIN"),
    audience=os.environ.get("ARMASEC_AUDIENCE"),
)

@app.get("/stuff", dependencies=[Depends(armasec.lockdown("read:stuff"))])
async def check_access():
    return dict(message="Successfully authenticated!")

Set the Armasec environment variables:

ARMASEC_DOMAIN
ARMASEC_AUDIENCE

Run the app

uvicorn --host 0.0.0.0 example:app

License

Distributed under the MIT License. See LICENSE for more information.

FAQs

What is armasec?

Is armasec well maintained?

Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install