Metadata-Version: 2.1
Name: fastapi-sso
Version: 0.2.12
Summary: FastAPI plugin to enable SSO to most common providers (such as Facebook login, Google login and login via Microsoft Office 365 Account)
Home-page: https://tomasvotava.github.io/fastapi-sso/
License: MIT
Keywords: fastapi,sso,oauth,google,facebook,spotify
Author: Tomas Votava
Author-email: info@tomasvotava.eu
Requires-Python: >=3.7,<4.0
Classifier: License :: OSI Approved :: MIT License
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.10
Classifier: Programming Language :: Python :: 3.7
Classifier: Programming Language :: Python :: 3.8
Classifier: Programming Language :: Python :: 3.9
Requires-Dist: fastapi (<1)
Requires-Dist: httpx (>=0.20.0,<0.21.0)
Requires-Dist: oauthlib (>=3.1.0)
Requires-Dist: pydantic (>=1.8.1)
Requires-Dist: starlette (>=0.13.6)
Project-URL: Documentation, https://tomasvotava.github.io/fastapi-sso/
Project-URL: Repository, https://github.com/tomasvotava/fastapi-sso
Description-Content-Type: text/markdown

# FastAPI SSO

FastAPI plugin to enable SSO to most common providers (such as Facebook login, Google login and login via Microsoft Office 365 account).

This allows you to implement the famous `Login with Google/Facebook/Microsoft` buttons functionality on your backend very easily.

## Installation

### Install using `pip`

```console
pip install fastapi-sso
```

### Install using `poetry`

```console
poetry add fastapi-sso
```

## Example

### `example.py`

```python
"""This is an example usage of fastapi-sso.
"""

from fastapi import FastAPI
from starlette.requests import Request
from fastapi_sso.sso.google import GoogleSSO

app = FastAPI()

google_sso = GoogleSSO("my-client-id", "my-client-secret", "https://my.awesome-web.com/google/callback")


@app.get("/google/login")
async def google_login():
    """Generate login url and redirect"""
    return await google_sso.get_login_redirect()


@app.get("/google/callback")
async def google_callback(request: Request):
    """Process login response from Google and return user info"""
    user = await google_sso.verify_and_process(request)
    return {
        "id": user.id,
        "picture": user.picture,
        "display_name": user.display_name,
        "email": user.email,
        "provider": user.provider,
    }
```

Run using `uvicorn example:app`.

## HTTP and development

**You should always use `https` in production**. But in case you need to test on `localhost` and do not want to
use self-signed certificate, make sure you set up redirect uri within your SSO provider to `http://localhost:{port}`
and then add this to your environment:

```bash
OAUTHLIB_INSECURE_TRANSPORT=1
```

And make sure you pass `allow_insecure_http = True` to SSO class' constructor, such as:

```python
google_sso = GoogleSSO("client-id", "client-secret", "callback-url", allow_insecure_http=True)
```

See [this issue](https://github.com/tomasvotava/fastapi-sso/issues/2) for more information.

## State

State is used in OAuth to make sure server is responding to the request we send. It may cause you trouble
as `fastsapi-sso` actually saves the state content as a cookie and attempts reading upon callback and this may
fail (e.g. when loging in from different domain then the callback is landing on). If this is your case,
you may want to disable state checking by passing `use_state = False` in SSO class's constructor, such as:

```python
google_sso = GoogleSSO("client-id", "client-secret", "callback-url", use_state=False)
```

See more on state [here](https://auth0.com/docs/configure/attack-protection/state-parameters).

