Merge pull request #26 from /dev

tokusumi · Feb 23, 2021 · a8db880 · a8db880
1 parent 36d947f
commit a8db880
Show file tree

Hide file tree

Showing 2 changed files with 30 additions and 4 deletions.
diff --git a/fastapi_cloudauth/base.py b/fastapi_cloudauth/base.py
@@ -150,7 +150,10 @@ def verify_scope(self, http_auth: HTTPAuthorizationCredentials) -> bool:
         return True
 
     async def __call__(
-        self, http_auth: HTTPAuthorizationCredentials = Depends(HTTPBearer())
+        self,
+        http_auth: Optional[HTTPAuthorizationCredentials] = Depends(
+            HTTPBearer(auto_error=False)
+        ),
     ) -> Optional[bool]:
         """User access-token verification Shortcut to pass it into dependencies.
         Use as (`auth` is this instanse and `app` is fastapi.FastAPI instanse):
@@ -162,6 +165,14 @@ def api():
             return "hello"
         ```
         """
+        if http_auth is None:
+            if self.auto_error:
+                raise HTTPException(
+                    status_code=status.HTTP_403_FORBIDDEN, detail=NOT_AUTHENTICATED
+                )
+            else:
+                return None
+
         is_verified = self.verify_token(http_auth)
         if not is_verified:
             return None
@@ -179,7 +190,7 @@ class TokenUserInfoGetter(BaseTokenVerifier):
     Verify `ID token` and extract user information
     """
 
-    user_info: Type[BaseModel] = None
+    user_info: Optional[Type[BaseModel]] = None
 
     def __init__(self, *args, **kwargs):
         if not self.user_info:
@@ -189,8 +200,11 @@ def __init__(self, *args, **kwargs):
         super().__init__(*args, **kwargs)
 
     async def __call__(
-        self, http_auth: HTTPAuthorizationCredentials = Depends(HTTPBearer())
-    ) -> Optional[Type[BaseModel]]:
+        self,
+        http_auth: Optional[HTTPAuthorizationCredentials] = Depends(
+            HTTPBearer(auto_error=False)
+        ),
+    ) -> Optional[BaseModel]:
         """Get current user and verification with ID-token Shortcut.
         Use as (`Auth` is this subclass, `auth` is `Auth` instanse and `app` is fastapi.FastAPI instanse):
         ```
@@ -201,6 +215,14 @@ def api(current_user: Auth = Depends(auth)):
             return current_user
         ```
         """
+        if http_auth is None:
+            if self.auto_error:
+                raise HTTPException(
+                    status_code=status.HTTP_403_FORBIDDEN, detail=NOT_AUTHENTICATED
+                )
+            else:
+                return None
+
         is_verified = self.verify_token(http_auth)
         if not is_verified:
             return None

diff --git a/tests/test_cloudauth.py b/tests/test_cloudauth.py
@@ -62,6 +62,8 @@ def test_valid_token(self):
     def test_no_token(self):
         # handle in fastapi.security.HTTPBearer
         self.failure_case("/")
+        # not auto_error
+        self.success_case("no-error")
 
     def test_incompatible_kid_token(self):
         # manipulate header
@@ -124,6 +126,8 @@ def test_valid_id_token(self):
     def test_no_id_token(self):
         # handle in fastapi.security.HTTPBearer
         self.failure_case("/user/")
+        # not auto_error
+        self.success_case("/user/no-error")
 
     def test_incompatible_kid_id_token(self):
         # manipulate header