chore(auth): require FastAPI authz middlware with FastAPI config

bento-platform · Aug 19, 2024 · ba70ef1 · ba70ef1
1 parent 4ba8c32
commit ba70ef1
Show file tree

Hide file tree

Showing 2 changed files with 21 additions and 10 deletions.
diff --git a/bento_lib/auth/middleware/base.py b/bento_lib/auth/middleware/base.py
@@ -6,7 +6,7 @@
 from abc import ABC, abstractmethod
 from typing import Any, Callable, Iterable
 
-from bento_lib.config.pydantic import BentoBaseConfig, BentoFastAPIBaseConfig
+from bento_lib.config.pydantic import BentoBaseConfig
 from ..exceptions import BentoAuthException
 from ..permissions import Permission
 from ..types import EvaluationResultMatrix, EvaluationResultDict
@@ -81,15 +81,6 @@ def build_from_pydantic_config(cls, config: BentoBaseConfig, logger: logging.Log
             **kwargs,
         )
 
-    @classmethod
-    def build_from_fastapi_pydantic_config(cls, config: BentoFastAPIBaseConfig, logger: logging.Logger, **kwargs):
-        exempt_request_patterns = (
-            (r"GET", re.escape(config.service_docs_path)),
-            (r"GET", re.escape(config.service_openapi_path)),
-            *kwargs.pop("exempt_request_patterns", ()),
-        )
-        return cls.build_from_pydantic_config(config, logger, exempt_request_patterns=exempt_request_patterns, **kwargs)
-
     @property
     def enabled(self) -> bool:
         return self._enabled

diff --git a/bento_lib/auth/middleware/fastapi.py b/bento_lib/auth/middleware/fastapi.py
@@ -1,4 +1,5 @@
 import logging
+import re
 
 from fastapi import Depends, FastAPI, Request, Response, status
 from fastapi.responses import JSONResponse
@@ -8,6 +9,7 @@
 from bento_lib.auth.middleware.base import BaseAuthMiddleware
 from bento_lib.auth.permissions import Permission
 from bento_lib.auth.resources import RESOURCE_EVERYTHING
+from bento_lib.config.pydantic import BentoFastAPIBaseConfig
 from bento_lib.responses.errors import http_error
 
 __all__ = [
@@ -16,6 +18,24 @@
 
 
 class FastApiAuthMiddleware(BaseAuthMiddleware):
+    @classmethod
+    def build_from_fastapi_pydantic_config(cls, config: BentoFastAPIBaseConfig, logger: logging.Logger, **kwargs):
+        """
+        Build a FastAPI authorization middlware instance from a Bento Pydantic FastAPI config instance and a logger
+        instance. This automatically exempts the FastAPI-generated docs OpenAPI schema paths from requiring
+        authorization.
+        :param config: instance of the FastAPI subclass of the Bento Pydantic config class.
+        :param logger: A Python logger to instantiate the FastAPI authorization middlware with.
+        :param kwargs: Keyword arguments to pass to the FastAPI authorization middleware constructor.
+        :return: An instance of the authorization middleware.
+        """
+        exempt_request_patterns = (
+            (r"GET", re.escape(config.service_docs_path)),
+            (r"GET", re.escape(config.service_openapi_path)),
+            *kwargs.pop("exempt_request_patterns", ()),
+        )
+        return cls.build_from_pydantic_config(config, logger, exempt_request_patterns=exempt_request_patterns, **kwargs)
+
     def attach(self, app: FastAPI):
         """
         Attach the middleware to an application. Must be called in order for requests to be checked.