Coverage for polar/oauth2/dependencies.py: 38%

36 statements  

« prev     ^ index     » next       coverage.py v7.10.6, created at 2025-12-05 16:17 +0000

1from collections.abc import Generator 1a

2 

3from fastapi import Depends, Request 1a

4from fastapi.security import OpenIdConnect 1a

5from fastapi.security.utils import get_authorization_scheme_param 1a

6 

7from polar.auth.scope import SCOPES_SUPPORTED 1a

8from polar.exceptions import Unauthorized 1a

9from polar.kit.db.postgres import SyncSessionMaker 1a

10from polar.models import OAuth2Token 1a

11from polar.postgres import AsyncSession, get_db_session 1a

12 

13from .authorization_server import AuthorizationServer 1a

14from .exceptions import InvalidTokenError 1a

15from .service.oauth2_token import oauth2_token as oauth2_token_service 1a

16 

17openid_scheme = OpenIdConnect( 1a

18 scheme_name="oidc", 

19 openIdConnectUrl="/.well-known/openid-configuration", 

20 auto_error=False, 

21) 

22 

23 

24async def get_optional_token( 1a

25 authorization: str = Depends(openid_scheme), 

26 session: AsyncSession = Depends(get_db_session), 

27) -> tuple[OAuth2Token | None, bool]: 

28 scheme, access_token = get_authorization_scheme_param(authorization) 

29 if not authorization or scheme.lower() != "bearer": 

30 return None, False 

31 

32 token = await oauth2_token_service.get_by_access_token(session, access_token) 

33 return token, True 

34 

35 

36async def get_token( 1a

37 credentials: tuple[OAuth2Token | None, bool] = Depends(get_optional_token), 

38) -> OAuth2Token: 

39 token, authorization_set = credentials 

40 if token is None: 

41 if authorization_set: 

42 raise InvalidTokenError() 

43 raise Unauthorized() 

44 return token 

45 

46 

47def get_authorization_server( 1a

48 request: Request, 

49) -> Generator[AuthorizationServer, None, None]: 

50 sync_sessionmaker: SyncSessionMaker = request.state.sync_sessionmaker 

51 with sync_sessionmaker() as session: 

52 authorization_server = AuthorizationServer.build( 

53 session, scopes_supported=SCOPES_SUPPORTED 

54 ) 

55 try: 

56 yield authorization_server 

57 except: 

58 session.rollback() 

59 raise 

60 else: 

61 session.commit()