Skip to content

ccproxy.auth.dependencies

ccproxy.auth.dependencies

FastAPI dependency injection for authentication.

get_credentials_auth_manager async 

get_credentials_auth_manager()

Get credentials-based authentication manager.

Returns:

Type Description
AuthManager

CredentialsAuthManager instance
Source code in ccproxy/auth/dependencies.py 
22
23
24
25
26
27
28
async def get_credentials_auth_manager() -> AuthManager:
    """Get credentials-based authentication manager.

    Returns:
        CredentialsAuthManager instance
    """
    return CredentialsAuthManager()

get_bearer_auth_manager async 

get_bearer_auth_manager(credentials)

Get bearer token authentication manager.

Parameters:

Name Type Description Default
credentials Annotated[HTTPAuthorizationCredentials | None, Depends(bearer_scheme)]

HTTP authorization credentials

 required

Returns:

Type Description
AuthManager

BearerTokenAuthManager instance

Raises:

Type Description
HTTPException

If no valid bearer token provided
Source code in ccproxy/auth/dependencies.py 
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
async def get_bearer_auth_manager(
    credentials: Annotated[HTTPAuthorizationCredentials | None, Depends(bearer_scheme)],
) -> AuthManager:
    """Get bearer token authentication manager.

    Args:
        credentials: HTTP authorization credentials

    Returns:
        BearerTokenAuthManager instance

    Raises:
        HTTPException: If no valid bearer token provided
    """
    if not credentials or not credentials.credentials:
        raise HTTPException(
            status_code=status.HTTP_401_UNAUTHORIZED,
            detail="Bearer token required",
            headers={"WWW-Authenticate": "Bearer"},
        )

    return BearerTokenAuthManager(credentials.credentials)

get_auth_manager async 

get_auth_manager(credentials=None)

Get authentication manager with fallback strategy.

Try bearer token first, then fall back to credentials.

Parameters:

Name Type Description Default
credentials Annotated[HTTPAuthorizationCredentials | None, Depends(bearer_scheme)]

HTTP authorization credentials

 None

Returns:

Type Description
AuthManager

AuthManager instance

Raises:

Type Description
HTTPException

If no valid authentication available
Source code in ccproxy/auth/dependencies.py 
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
async def get_auth_manager(
    credentials: Annotated[
        HTTPAuthorizationCredentials | None, Depends(bearer_scheme)
    ] = None,
) -> AuthManager:
    """Get authentication manager with fallback strategy.

    Try bearer token first, then fall back to credentials.

    Args:
        credentials: HTTP authorization credentials

    Returns:
        AuthManager instance

    Raises:
        HTTPException: If no valid authentication available
    """
    # Import here to avoid circular imports
    from ccproxy.config.settings import get_settings

    settings = get_settings()
    return await _get_auth_manager_with_settings(credentials, settings)

get_auth_manager_with_injected_settings async 

get_auth_manager_with_injected_settings(credentials=None)

Get authentication manager with dependency-injected settings.

This version uses FastAPI's dependency injection for settings, which allows test overrides to work properly.

Parameters:

Name Type Description Default
credentials Annotated[HTTPAuthorizationCredentials | None, Depends(bearer_scheme)]

HTTP authorization credentials

 None
settings

Application settings (injected by FastAPI)

 required

Returns:

Type Description
AuthManager

AuthManager instance

Raises:

Type Description
HTTPException

If no valid authentication available
Source code in ccproxy/auth/dependencies.py 
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
async def get_auth_manager_with_injected_settings(
    credentials: Annotated[
        HTTPAuthorizationCredentials | None, Depends(bearer_scheme)
    ] = None,
) -> AuthManager:
    """Get authentication manager with dependency-injected settings.

    This version uses FastAPI's dependency injection for settings,
    which allows test overrides to work properly.

    Args:
        credentials: HTTP authorization credentials
        settings: Application settings (injected by FastAPI)

    Returns:
        AuthManager instance

    Raises:
        HTTPException: If no valid authentication available
    """
    # Import here to avoid circular imports
    from ccproxy.config.settings import get_settings

    settings = get_settings()
    return await _get_auth_manager_with_settings(credentials, settings)

require_auth async 

require_auth(auth_manager)

Require authentication for endpoint.

Parameters:

Name Type Description Default
auth_manager Annotated[AuthManager, Depends(get_auth_manager)]

Authentication manager

 required

Returns:

Type Description
AuthManager

AuthManager instance

Raises:

Type Description
HTTPException

If authentication fails
Source code in ccproxy/auth/dependencies.py 
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
async def require_auth(
    auth_manager: Annotated[AuthManager, Depends(get_auth_manager)],
) -> AuthManager:
    """Require authentication for endpoint.

    Args:
        auth_manager: Authentication manager

    Returns:
        AuthManager instance

    Raises:
        HTTPException: If authentication fails
    """
    try:
        if not await auth_manager.is_authenticated():
            raise AuthenticationRequiredError("Authentication required")
        return auth_manager
    except AuthenticationError as e:
        raise HTTPException(
            status_code=status.HTTP_401_UNAUTHORIZED,
            detail=str(e),
            headers={"WWW-Authenticate": "Bearer"},
        ) from e

get_access_token async 

get_access_token(auth_manager)

Get access token from authenticated manager.

Parameters:

Name Type Description Default
auth_manager Annotated[AuthManager, Depends(require_auth)]

Authentication manager

 required

Returns:

Type Description
str

Access token string

Raises:

Type Description
HTTPException

If token retrieval fails
Source code in ccproxy/auth/dependencies.py 
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
async def get_access_token(
    auth_manager: Annotated[AuthManager, Depends(require_auth)],
) -> str:
    """Get access token from authenticated manager.

    Args:
        auth_manager: Authentication manager

    Returns:
        Access token string

    Raises:
        HTTPException: If token retrieval fails
    """
    try:
        return await auth_manager.get_access_token()
    except AuthenticationError as e:
        raise HTTPException(
            status_code=status.HTTP_401_UNAUTHORIZED,
            detail=str(e),
            headers={"WWW-Authenticate": "Bearer"},
        ) from e

get_auth_manager_dependency async 

get_auth_manager_dependency(credentials=None)

Dependency wrapper for getting auth manager with settings injection.

Source code in ccproxy/auth/dependencies.py 
213
214
215
216
217
218
219
220
221
222
223
async def get_auth_manager_dependency(
    credentials: Annotated[
        HTTPAuthorizationCredentials | None, Depends(bearer_scheme)
    ] = None,
) -> AuthManager:
    """Dependency wrapper for getting auth manager with settings injection."""
    # Import here to avoid circular imports
    from ccproxy.config.settings import get_settings

    settings = get_settings()
    return await _get_auth_manager_with_settings(credentials, settings)