Implemented the oauth2 integration between FastAPI and Authlib

[gmachado-nextreason]

What kind of change does this PR introduce? (check at least one)

• Bugfix
• Feature
• Code style update
• Refactor
• Other, please describe:

Does this PR introduce a breaking change? (check one)

• Yes
• No

---

• You consent that the copyright of your pull request source code belongs to Authlib's author.

[gmachado-nextreason]

This is an example of OpenID Connect 1.0 server in FastAPI and Authlib.

https://github.com/gmachado-nextreason/example-oidc-server-fastapi

[lepture]

It is impossible to implement FastAPI OAuth providers for now. Because FastAPI is async, Authlib is not ready for async providers. This should be done in v2.0.

[gmachado-nextreason]

Thanks for quick review @lepture.

Although FastAPI supports third party non async libraries:
tiangolo/fastapi#260
https://fastapi.tiangolo.com/async/

"If you are using a third party library that communicates with something (a database, an API, the file system, etc) and doesn't have support for using await, (this is currently the case for most database libraries), then declare your path operation functions as normally, with just def"

As you can see on the routes.py example, I created all the endpoints without async:
https://github.com/gmachado-nextreason/example-oidc-server-fastapi/blob/master/src/routes.py

This is just a proposed integration solution between FastAPI and Authlib without async. I'm aware authlib only supports async for client not server yet (#63), just wanted to provide more options if anyone else is interested. Please let me know if it is still not the case. Glad to help anyhow.

[lepture]

@gmachado-nextreason Yes, you are correct. We can support sync mode at first. But I won't add it in v0.15, how about adding it to v1.0.

There are still works to do:

• Adding test cases
• Remove the deprecated code

[gmachado-nextreason]

Removed deprecated code and added the test cases scenarios.

@lepture can you please review it again once you have a chance?

[lepture]

It is not a good idea to import werkzeug for FastAPI.

[lepture]

I'll merge and refactor the code later. I'm working on other stuff right now.

[gmachado-nextreason]

@lepture resolved the conflict on tox.ini file, it is ready for you to merge. Thank you.

[seweissman]

Will this be merged? I'm interested in using/contributing to this.

[synchronizing]

Any updates on this PR? FastAPI integration (sync or async) would be a nice addon.

[lepture]

I'm not sure if this will get merged. I would like to make it a separate package since I have a plan to move Flask and Django integrations into separate packages in v2.0.

For FastAPI, it is better to support async mode, but currently Authlib only has sync mode. I'll make it async in v2.0 too.

In this case, I wonder if it is a good idea to have this PR (FastAPI) as built-in OAuth provider.

[synchronizing]

@lepture Roger that. There is current work over at aioauth to bring OAuth to the async world. I'm one of the contributors over there, and if you have any recommendations/tips - or would like to contribute on it yourself - that would be greatly appreciated.

[toxadx]

It is better to focus not on FastAPI support, but on Starlette, because FastAPI is based on Starlette.