Comments (7)
Hello @rafalkrupinski
I am currently looking at finally introducing async coverage in the test suite. It requires some refactoring of the test suite, I'll keep you posted, once it's done I will consider reviewing your suggestions and the PR that is opened for quite some time already on this.
Thanks a lot for your patience
from httpx_auth.
I've just pushed a commit that removes the inner Client from Auth classes - https://github.com/python-lapidary/httpx_auth_async/tree/feature/async. If you like the direction I can separate the flows to sync and async versions.
edit:
The implementation itroduces meta-auth - using Auth object to authenticate auth flow requests. In other words, when Auth object needs to make authenticated request to the auth server, another auth object is used.
Because of that, and because auth flows need to read responses (which may be either sync or async), there isn't that much of implementation to share between a/sync versions.
It's possible that I know OAuth2 too little, and a simpler implementation is possible, e.g. if only HTTP Basic authentication is ever used, it could be simply done in the OAuth class, without using meta-auth.
Cheers
from httpx_auth.
The test suite is now ensuring non regression on async flows as well. Feel free to submit small scale focused PRs and I will gladly review.
The client is a parameter that is necessary because some users might have rules that requires specific proxy settings, certificates or whatever and this is not the goal of this package to reproduce every feature httpx offers to cover those cases, so we delegate to the user, the responsibility to provide a properly configured client in case they need to.
from httpx_auth.
Is it something mounts can't handle?
from httpx_auth.
I am not sure to follow, if the client has custom rules to achieve auth and an additional set of rules to reach the authenticated endpoint, how would you do it without providing N parameters to every auth class that would need to be forwarded to the inner client of the auth class? Let's say your certificate differs and your proxy differs (mounts can cover proxy on client side, but not certificate). And this is only an example I can think of, I am sure we would have to cover a whole lot of use cases, corporate networks are a nightmare ;)
from httpx_auth.
if the client has custom rules to achieve auth and an additional set of rules to reach the authenticated endpoint, how would you do it without providing N parameters to every auth
How large is N? Cookies, headers, query params, body... perhaps a single parameter request_args: dict
?
Proxy and cert should be handled by mounts...
mounts can cover proxy on client side, but not certificate
This doesn't work?
httpx.AsyncClient(mounts={'https://example.com', httpx.AsyncHTTPTransport(verify=ssl.SSLContext(...) or cert=...)})
And this is only an example I can think of, I am sure we would have to cover a whole lot of use cases, corporate networks are a nightmare ;)
Would be a great help if I knew some corner cases.
from httpx_auth.
You are right, I guess it's possible to do everything via mounts, though you would admit it's not as straightforward to provide for a client.
Anyway I will gladly review your proposal on async. If you could come up with the smallest possible enhancements that would help the review and increase the chances for it to get merged.
Thanks again !
from httpx_auth.
Related Issues (20)
- Allow for urn:ietf:wg:oauth:2.0:oob redirect_uri HOT 11
- Indicate that the project is typed HOT 3
- Question: Why define headers to sign HOT 3
- There is a security vulnerability in httpx<0.23.0 HOT 1
- Basic auth should not be enforced for resource owner password flow HOT 7
- ENH: AWS4Auth - add option to use boto3 for automatically retrieving credentials HOT 8
- Document how to use botocore to retrieve AWS credentials
- Handle WakaTime auth HOT 2
- Feature request: Google Cloud Auth
- Okta client credentials should not request OpenID scope by default HOT 1
- Authentication for Java Server Pages or Spring Basic Login HOT 2
- Creating AWS4Auth instances with STS tokens leaks memory, slows down over time HOT 2
- AWS4Auth produces incomplete canonical query string HOT 4
- Raise more concrete exceptions
- Relax or update httpx dependency version. HOT 1
- implicit doesn't support scope
- httpx_auth above v0.20.0 Results in a 403 Forbidden error on AWS API Gateway `execute-api` service with AWS Signature Version 4 auth HOT 1
- JSONDecodeError due to Improper Handling of Nested JSON Strings in JWT Payloads
- Add an option to disable cache HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from httpx_auth.