跳转至

认证模块

toolregistry_server.auth.BearerTokenAuth 

BearerTokenAuth(tokens: Sequence[str] | None = None)

Bearer token authentication handler.

This class provides Bearer token authentication for FastAPI endpoints. It supports multiple valid tokens and can be used as a FastAPI dependency.

Attributes:

Name Type Description
tokens set[str]

Set of valid tokens.
Example 
auth = BearerTokenAuth(tokens=["token1", "token2"])
auth.verify("token1")   # True
auth.verify("invalid")  # False

Initialize the authentication handler.

Parameters:

Name Type Description Default
tokens Sequence[str] | None

List of valid tokens. If None or empty, authentication is disabled (all requests pass).

 None
Source code in src/toolregistry_server/auth/__init__.py 
46
47
48
49
50
51
52
53
54
def __init__(self, tokens: "Sequence[str] | None" = None) -> None:
    """Initialize the authentication handler.

    Args:
        tokens: List of valid tokens. If None or empty, authentication
               is disabled (all requests pass).
    """
    self._tokens: set[str] = set(tokens) if tokens else set()
    self._enabled = bool(self._tokens)

enabled property 

enabled: bool

Check if authentication is enabled.

Returns:

Type Description
bool

True if at least one token is configured.

tokens property 

tokens: set[str]

Get the set of valid tokens.

Returns:

Type Description
set[str]

Set of valid tokens.

add_token 

add_token(token: str) -> None

Add a valid token.

Parameters:

Name Type Description Default
token str

The token to add.

 required
Source code in src/toolregistry_server/auth/__init__.py 
87
88
89
90
91
92
93
94
def add_token(self, token: str) -> None:
    """Add a valid token.

    Args:
        token: The token to add.
    """
    self._tokens.add(token)
    self._enabled = True

remove_token 

remove_token(token: str) -> None

Remove a token.

Parameters:

Name Type Description Default
token str

The token to remove.

 required
Source code in src/toolregistry_server/auth/__init__.py 
 96
 97
 98
 99
100
101
102
103
def remove_token(self, token: str) -> None:
    """Remove a token.

    Args:
        token: The token to remove.
    """
    self._tokens.discard(token)
    self._enabled = bool(self._tokens)

verify 

verify(token: str) -> bool

Verify a token.

Parameters:

Name Type Description Default
token str

The token to verify.

 required

Returns:

Type Description
bool

True if the token is valid or auth is disabled.
Source code in src/toolregistry_server/auth/__init__.py 
74
75
76
77
78
79
80
81
82
83
84
85
def verify(self, token: str) -> bool:
    """Verify a token.

    Args:
        token: The token to verify.

    Returns:
        True if the token is valid or auth is disabled.
    """
    if not self._enabled:
        return True
    return token in self._tokens

toolregistry_server.auth.create_bearer_dependency 

create_bearer_dependency(auth: BearerTokenAuth) -> Callable[..., Any]

Create a FastAPI dependency for Bearer token authentication.

This function creates a dependency that can be used with FastAPI's dependency injection system to protect endpoints with Bearer token authentication.

Parameters:

Name Type Description Default
auth BearerTokenAuth

The BearerTokenAuth instance to use for verification.

 required

Returns:

Type Description
Callable[..., Any]

A FastAPI dependency function.

Raises:

Type Description
ImportError

If FastAPI is not installed.
Example 
from fastapi import FastAPI, Depends
from toolregistry_server.auth import BearerTokenAuth, create_bearer_dependency

auth = BearerTokenAuth(tokens=["secret-token"])
dependency = create_bearer_dependency(auth)

app = FastAPI(dependencies=[Depends(dependency)])
Source code in src/toolregistry_server/auth/__init__.py 
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
def create_bearer_dependency(auth: BearerTokenAuth) -> "Callable[..., Any]":
    """Create a FastAPI dependency for Bearer token authentication.

    This function creates a dependency that can be used with FastAPI's
    dependency injection system to protect endpoints with Bearer token
    authentication.

    Args:
        auth: The BearerTokenAuth instance to use for verification.

    Returns:
        A FastAPI dependency function.

    Raises:
        ImportError: If FastAPI is not installed.

    Example:
        ```python
        from fastapi import FastAPI, Depends
        from toolregistry_server.auth import BearerTokenAuth, create_bearer_dependency

        auth = BearerTokenAuth(tokens=["secret-token"])
        dependency = create_bearer_dependency(auth)

        app = FastAPI(dependencies=[Depends(dependency)])
        ```
    """
    try:
        from typing import Annotated

        from fastapi import Depends, HTTPException, status
        from fastapi.security import HTTPAuthorizationCredentials, HTTPBearer
    except ImportError as e:
        raise ImportError(
            "FastAPI is required for authentication dependencies. "
            "Install with: pip install toolregistry-server[openapi]"
        ) from e

    security = HTTPBearer()

    async def verify_bearer_token(
        credentials: Annotated[HTTPAuthorizationCredentials, Depends(security)],
    ) -> str:
        """Verify Bearer token from Authorization header.

        Args:
            credentials: HTTP Bearer credentials from the Authorization header

        Returns:
            The verified token string

        Raises:
            HTTPException: If token is invalid or missing when required
        """
        # If no tokens configured, disable verification
        if not auth.enabled:
            return ""

        # Extract token from credentials
        token = credentials.credentials

        if not auth.verify(token):
            raise HTTPException(
                status_code=status.HTTP_401_UNAUTHORIZED,
                detail="Invalid authentication token",
                headers={"WWW-Authenticate": "Bearer"},
            )

        return token

    return verify_bearer_token

toolregistry_server.auth.verify_token 

verify_token(token: str, valid_tokens: Sequence[str]) -> bool

Verify a token against a list of valid tokens.

Parameters:

Name Type Description Default
token str

The token to verify.

 required
valid_tokens Sequence[str]

List of valid tokens.

 required

Returns:

Type Description
bool

True if the token is in the valid tokens list.
Source code in src/toolregistry_server/auth/__init__.py 
106
107
108
109
110
111
112
113
114
115
116
def verify_token(token: str, valid_tokens: "Sequence[str]") -> bool:
    """Verify a token against a list of valid tokens.

    Args:
        token: The token to verify.
        valid_tokens: List of valid tokens.

    Returns:
        True if the token is in the valid tokens list.
    """
    return token in valid_tokens