You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The documentation for the FastAPI/starlette clients for Oauth2 are unclear. In Starlette, it says that it's not necessary to use SessionMiddleware for OAuth2, yet in FastAPI (Which uses the exact same client), it seems to say that it is necessary? indeed, if I don't include the middleware, I get an error saying that "SessionMiddleware must be installed to access request.session"?
This was supposedly fixed in #425 (commit 1089d54 ), but that doesn't work: framework.cache is None in my case, and the docs don't say anywhere where/how to initialize it?
Note that adding the SessionMiddleware doesn't work either, although that seems to be a separate bug. Happy to expand if necessary.
** Code **
fromauthlib.integrations.starlette_clientimportOAuthfromstarlette.middleware.sessionsimportSessionMiddlewarefromfastapi.responsesimportRedirectResponseCANVAS_CLIENT_ID="xxx"CANVAS_CLIENT_SECRET="xxx"oauth=OAuth()
oauth.register(
name="canvas",
client_id=CANVAS_CLIENT_ID,
client_secret=CANVAS_CLIENT_SECRET,
access_token_url="xxx",
access_token_params=None,
authorize_url="xxx",
authorize_params=None,
api_base_url="xxx",
client_kwargs={
"force_login": 1, # Custom parameter
}
)
# app.add_middleware(SessionMiddleware, secret_key="some-random-string") # Shouldnt be necessary, also fails if uncommented@app.get('/login/canvas')asyncdeflogin_via_canvas(request:Request) ->RedirectResponse:
canvas=oauth.create_client('canvas')
redirect_uri="http://localhost:xxx/auth/canvas"returnawaitcanvas.authorize_redirect(request, redirect_uri)
@app.get('/auth/canvas')asyncdefauthorize_canvas(request:Request) ->RedirectResponse:
canvas=oauth.create_client('canvas')
# do something with the token and userinfo# Just go back to the homepage for nowtoken=awaitcanvas.authorize_access_token(request)
user=token['userinfo']
print(token)
returnRedirectResponse(url="http://localhost:3018")
Environment:
OS: Linux
Python Version: 3.11
Authlib Version: 1.3.0
The text was updated successfully, but these errors were encountered:
I'm a bit confused... The error is shown even when you add the middleware? By what you've shown, your code is not setting the framework cache, as it should have been done in oauth creation. Do you intend to use the cache or the session approach?
I'm confused too, that's the point :-) The docs aren't clear.
That error is not shown when I add the middleware - I used to have an entirely different error, however it disappeared now and I'm not sure why, I don't think I changed anything - maybe it was related to the browser's cache.
But according to the docs, it's not necessary to use session middleware with Starlette for OAuth2, which doesn't appear to be true?
Yeah, I guess the docs are misleading or incomplete. You must either use the starlette session middleware or setup the cache service (which is only described in flask configuration for some reason)
Describe the bug
The documentation for the FastAPI/starlette clients for Oauth2 are unclear. In Starlette, it says that it's not necessary to use SessionMiddleware for OAuth2, yet in FastAPI (Which uses the exact same client), it seems to say that it is necessary? indeed, if I don't include the middleware, I get an error saying that "SessionMiddleware must be installed to access request.session"?
This was supposedly fixed in #425 (commit 1089d54 ), but that doesn't work:
framework.cache
isNone
in my case, and the docs don't say anywhere where/how to initialize it?Note that adding the
SessionMiddleware
doesn't work either, although that seems to be a separate bug. Happy to expand if necessary.** Code **
Environment:
The text was updated successfully, but these errors were encountered: