Flask OIDC Verifier
Implements implicit OIDC verification for Flask, similar to drf-oidc-auth in Django.
Quickstart
Assumptions: tokens are passed via headers of the form Authorization: Bearer $YOUR_TOKEN
. These can be changed in the settings
- Install with
pip install flask-oidc-verifier
- Add the following to your flask config (at a minimum, see the Config section for more options). Replace the values with relevant config values:
class Config():
...
OIDC_ENDPOINT = "https://my.oidc.endpoint"
OIDC_AUDIENCES = ("MY_AUDIENCES", )
...
- Initialize the authentication provider:
from flask import Flask
from flask_oidc_verifier.decorators import JWTVerification
from typing import Dict, Any
app = Flask(__name__)
# Define a callback for what to do with the verified JWT contents
def on_verified(d: Dict[Any, Any]) -> None:
# get_or_create_user
...
auth = auth.init_app(app, on_verified=on_verified)
- Use as a decorator:
@app.route("/protected/<path:filename>")
@auth.jwt_required
def protected_file(filename: str) -> None:
return send_from_directory("protected", filename)
Config
TODO