You're reading from Building Python Microservices with FastAPI Build secure, scalable, and structured Python microservices from design concepts to infrastructure

Product type Paperback

Published in Aug 2022

Publisher Packt

ISBN-13 9781803245966

Length 420 pages

Edition 1st Edition

Languages

Python

Tools

FastAPI

Concepts

Microservices

Author (1):

Sherwin John C. Tragura

View More author details

Table of Contents (17) Chapters

Preface

1. Part 1: Application-Related Architectural Concepts for FastAPI microservice development

2. Chapter 1: Setting Up FastAPI for Starters FREE CHAPTER

3. Chapter 2: Exploring the Core Features

4. Chapter 3: Investigating Dependency Injection

5. Chapter 4: Building the Microservice Application

6. Part 2: Data-Centric and Communication-Focused Microservices Concerns and Issues

7. Chapter 5: Connecting to a Relational Database

8. Chapter 6: Using a Non-Relational Database

9. Chapter 7: Securing the REST APIs

10. Chapter 8: Creating Coroutines, Events, and Message-Driven Transactions

11. Part 3: Infrastructure-Related Issues, Numerical and Symbolic Computations, and Testing Microservices

12. Chapter 9: Utilizing Other Advanced Features

13. Chapter 10: Solving Numerical, Symbolic, and Graphical Problems

14. Chapter 11: Adding Other Microservice Features

15. Index

Why subscribe?

16. Other Books You May Enjoy

Applying the OpenID Connect specification

There are three online auction projects created to impose the OAuth2 OpenID Connect authentication scheme. All these projects use third-party tools to perform authentication and authorization procedures. The ch07g project uses Auth0, ch07h uses Okta, and ch07i applies a Keycloak policy in authenticating client access to the API services. Let us first highlight Keycloak’s support for the OpenID Connect protocol.

Using HTTPBearer

The HTTPBearer class is a utility class from the fastapi.security module that provides an authorization scheme that relies directly on the authorization header with the Bearer tokens. Unlike the other OAuth2 schemes, this requires the generation of an access_token on the Keycloak side before running the authentication server. At this point, the framework has no straightforward way of accessing the credentials and the access_token from Keycloak’s identity provider. To utilize this class, we only need...