Features

• Trio support, by replacing aiohttp with httpx( @JonasKs #34 )
  • Testsuite is now running on both asyncio and trio, using anyio. aioresponses has been replaced with respx
  • Since FastAPI version 0.69.0, trio is officially supported

Fixes

• Fixes FastAPI version syntax ( @bmoore #30 )

Fixes

• Loosen FastAPI version requirement, allowing installation of this module on FastAPI 0.70.0+ ( @bmoore #28 )
  • Add Python3.10 and FastAPI==0.70.0 to pipeline matrix ( @jonasks #28 )

Fixes

• Multi-tenant schema documentation ( #20 @sondrelg )
• Multiple errors in the documentation ( #22 @daniwk )
• Update cryptography requirement to ^35.0.0 and fix imports ( #26 @bmoore )

This release contains breaking changes for how to setup your application, but also a bunch of new features.

The new documentation contains a full tutorial on how to configure Azure AD and FastAPI for both single- and multi-tenant applications.

Features

• Add v2 token support (and default) for single-tenant applications.
• Full multi-tenant support
  • Option to provide a callable which returns valid iss(issuers), for those who has multi-tenant applications, but only for specific tenants

Other

• User object is reworked, now also contain access_token for easier Azure Graph implementation
• Add support for denying requests with wrong scopes, when Securiy() is used (an alternativ to Depends())
• Moved InvalidAuth to exceptions.py
• Documentation for everything from role checks, guest users, locking down tenants etc.
• No longer inheriting OAuth2AuthorizationCodeBearer, solving mypy errors.
• Rename provider_config.py to openid_config.py and ProviderConfig() to OpenIdConfig()
• Removal of pre-instance of provider_config due to OpenAPI authorization URL issues. This is now instanced on SingleTenantAzureAuthorizationCodeBearer or MultiTenantAzureAuthorizationCodeBearer.

Features implemented in #16 ( @JonasKs )

Release candidate for 3.0.0.

Release notes will be written for the actual release.

Fixes

• Make upn an optional field in the User model, to support Client Credential Flow ( #12 @JonasKs )

Breaking changes

• Removal of app parameter from AzureAuthorizationCodeBearer
• AzureAuthorizationCodeBearer now returns a User object instead of a dictionary with claims

Other

• Documentation on how to create your own dependencies for checking roles, scp or similar
• Add docs on how to load provider config on startup, it is no longer auto-loaded by AzureAuthorizationCodeBearer

Related MR: #11 by @JonasKs

Upgrade guide from v1 to v2
I strongly suggest reading the entire README.md again, as it's a bit more verbose compared to before.
With that said, these are the steps you have to do in order to bump from v1 to v2:

1. Remove app=app from your AzureAuthorizationCodeBearer() in main.py.
2. If you have a dependencies.py file or similar, move the azure_scheme = AzureAuthorizationCodeBearer( ... ) to that file.
   2.1. In your main.py, import azure_scheme from dependencies.py
3. In your main.py file, load the provider config on startup:

@app.on_event('startup')
async def load_config() -> None:
    """
    Load config on startup.
    """
    await provider_config.load_config()

4. If you've overwritten the default tenant_id, you can also add that to load_config()

@app.on_event('startup')
async def load_config() -> None:
    """
    Load config on startup.
    """
+   provider_config.tenant_id = 'my-tenant-id' 
    await provider_config.load_config()

Features

• Improve how key to validate token is chosen. It's now based on kid, instead of trying all keys ( #10 @JonasKs )

Other/Improvements

• More test cases for validating tokens ( #10 @JonasKs )
• Test case for refreshing of provider config ( #10 @JonasKs )
• More comments describing patterns and choices in the code ( #10 @JonasKs )

Features

• User attached to the request state ( #6 @JonasKs )

Improvements

• py.typed added ( #6 @JonasKs )
• codecov.yaml added for codecov updated in PRs ( #6 @JonasKs )
• Better exception handling ( 49f0adbd19e8901025eea9d7c786bb8a3fc64dcc & 48bc86c0a51a61a4222f7db581c7ed037ee843d7 @JonasKs )

Features

• Simple setup of Azure Authentication for FastAPI apps