Skip to content

_oauth

OAuthSettings

Bases: BaseSettings

Settings for integration with an OAuth identity provider.

ATTRIBUTE DESCRIPTION
OAUTH_CLIENT_NAME

Name of the client.

TYPE: Annotated[NonEmptyStr, StringConstraints(to_lower=True)] | None

OAUTH_CLIENT_ID

ID of client.

TYPE: SecretStr | None

OAUTH_CLIENT_SECRET

Secret to authorise against the identity provider.

TYPE: SecretStr | None

OAUTH_OIDC_CONFIG_ENDPOINT

OpenID Connect configuration endpoint, for autodiscovery of relevant endpoints.

TYPE: SecretStr | None

OAUTH_REDIRECT_URL

String to be used as redirect_url argument in fastapi_users.get_oauth_router, and then in httpx_oauth.integrations.fastapi.OAuth2AuthorizeCallback.

TYPE: str | None

Source code in fractal_server/config/_oauth.py 
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
class OAuthSettings(BaseSettings):
    """
    Settings for integration with an OAuth identity provider.

    Attributes:
        OAUTH_CLIENT_NAME: Name of the client.
        OAUTH_CLIENT_ID: ID of client.
        OAUTH_CLIENT_SECRET:
            Secret to authorise against the identity provider.
        OAUTH_OIDC_CONFIG_ENDPOINT:
            OpenID Connect configuration endpoint, for autodiscovery of
            relevant endpoints.
        OAUTH_REDIRECT_URL:
            String to be used as `redirect_url` argument in
            `fastapi_users.get_oauth_router`, and then in
            `httpx_oauth.integrations.fastapi.OAuth2AuthorizeCallback`.
    """

    model_config = SettingsConfigDict(**SETTINGS_CONFIG_DICT)

    OAUTH_CLIENT_NAME: (
        Annotated[
            NonEmptyStr,
            StringConstraints(to_lower=True),
        ]
        | None
    ) = None
    OAUTH_CLIENT_ID: SecretStr | None = None
    OAUTH_CLIENT_SECRET: SecretStr | None = None
    OAUTH_OIDC_CONFIG_ENDPOINT: SecretStr | None = None
    OAUTH_REDIRECT_URL: str | None = None

    @model_validator(mode="after")
    def check_configuration(self: Self) -> Self:
        if (
            self.OAUTH_CLIENT_NAME not in ["google", "github", None]
            and self.OAUTH_OIDC_CONFIG_ENDPOINT is None
        ):
            raise ValueError(
                f"self.OAUTH_OIDC_CONFIG_ENDPOINT=None but "
                f"{self.OAUTH_CLIENT_NAME=}"
            )
        return self

    @property
    def is_set(self) -> bool:
        return None not in (
            self.OAUTH_CLIENT_NAME,
            self.OAUTH_CLIENT_ID,
            self.OAUTH_CLIENT_SECRET,
        )