Metadata-Version: 2.4
Name: armasec
Version: 3.0.3
Summary: Injectable FastAPI auth via OIDC
Project-URL: Homepage, https://github.com/omnivector-solutions/armasec
Project-URL: Repository, https://github.com/omnivector-solutions/armasec
Project-URL: Documentation, https://omnivector-solutions.github.io/armasec
Project-URL: Changelog, https://github.com/omnivector-solutions/armasec/blob/main/CHANGELOG.md
Project-URL: Code of Conduct, https://github.com/omnivector-solutions/armasec/blob/main/CONDUCT.md
Project-URL: Contributing, https://github.com/omnivector-solutions/armasec/blob/main/CONTRIBUTING.md
Author-email: Omnivector Engineering Team <info@omnivector.solutions>
License: MIT
License-File: LICENSE.md
Keywords: auth,fastapi,oauth2,oidc,security
Classifier: Development Status :: 5 - Production/Stable
Classifier: Framework :: FastAPI
Classifier: Intended Audience :: Developers
Classifier: License :: OSI Approved :: MIT License
Classifier: Programming Language :: Python :: 3.12
Classifier: Programming Language :: Python :: 3.13
Classifier: Topic :: Internet :: WWW/HTTP
Classifier: Topic :: Security
Classifier: Topic :: Software Development :: Libraries :: Python Modules
Requires-Python: >=3.12
Requires-Dist: auto-name-enum<4,>=3.0.0
Requires-Dist: fastapi<1,>=0.116.2
Requires-Dist: httpx<1,>=0.28.1
Requires-Dist: pluggy<2,>=1.4.0
Requires-Dist: py-buzz<8,>=7.3
Requires-Dist: pydantic<3,>=2.11.9
Requires-Dist: pytest<9,>=6
Requires-Dist: python-jose[cryptography]<4,>=3.2
Requires-Dist: respx<1,>=0.21
Requires-Dist: snick<3,>=2.1
Requires-Dist: typer<1,>=0.12
Provides-Extra: cli
Requires-Dist: loguru<1,>=0.5.3; extra == 'cli'
Requires-Dist: pendulum<4,>=3.0.0; extra == 'cli'
Requires-Dist: pyperclip<2,>=1.8.2; extra == 'cli'
Requires-Dist: rich<15,>=14.1.0; extra == 'cli'
Description-Content-Type: text/markdown

[![Build Status](https://github.com/omnivector-solutions/armasec/actions/workflows/test_on_push.yaml/badge.svg)](https://github.com/omnivector-solutions/armasec/actions/workflows/test_on_push.yaml)
[![Build Documentation](https://github.com/omnivector-solutions/armasec/actions/workflows/build_docs.yaml/badge.svg)](https://github.com/omnivector-solutions/armasec/actions/workflows/build_docs.yaml)


![Python Versions](https://img.shields.io/pypi/pyversions/armasec?label=python-versions&logo=python&style=plastic)
![PyPI Versions](https://img.shields.io/pypi/v/armasec?label=pypi-version&logo=python&style=plastic)
![License](https://img.shields.io/pypi/l/armasec?style=plastic)


> An [Omnivector](https://www.omnivector.io/) initiative
>
> [![omnivector-logo](https://omnivector-public-assets.s3.us-west-2.amazonaws.com/branding/omnivector-logo-text-black-horz.png)](https://www.omnivector.io/)



# Armasec

Adding a security layer on top of your API can be difficult, especially when working with an OIDC
platform. It's hard enough to get your OIDC provider configured correctly. Armasec aims to take the
pain out of securing your APIs routes.

Armasec is an opinionated library that attempts to use the most obvious and commonly used workflows
when working with OIDC and making configuration as simple as possible.

When using the
[Armasec](https://github.com/omnivector-solutions/armasec/blob/main/armasec/armasec.py) helper
class, you only need two configuration settings to get going:

1. Domain: the domain of your OIDC provider
2. Audience: An optional setting that restricts tokens to those intended for your API.

That's it! Once you have those settings dialed in, you can just worry about checking the permissions
scopes of your endpoints


## Documentation

Documentation is hosted hosted on `github.io` at
[the Armasec homepage](https://omnivector-solutions.github.io/armasec/).


## Quickstart

1. Install `armasec` and `uvicorn`:

```bash
pip install armasec uvicorn
```


2. Save th Minimal Example (example.py) locally:

```python
import os

from armasec import Armasec
from fastapi import FastAPI, Depends


app = FastAPI()
armasec = Armasec(
    domain=os.environ.get("ARMASEC_DOMAIN"),
    audience=os.environ.get("ARMASEC_AUDIENCE"),
)

@app.get("/stuff", dependencies=[Depends(armasec.lockdown("read:stuff"))])
async def check_access():
    return dict(message="Successfully authenticated!")
```


4. Set the Armasec environment variables:

* ARMASEC_DOMAIN
* ARMASEC_AUDIENCE


5. Run the app

```bash
uvicorn --host 0.0.0.0 example:app
```


## License

Distributed under the MIT License. See `LICENSE` for more information.
