Merge 8e2f8c10cd into 6db05770f6

3 days ago · 3e0c05b844
8 changed files with 28 additions and 22 deletions
--- a/docs/em/docs/advanced/security/oauth2-scopes.md
+++ b/docs/em/docs/advanced/security/oauth2-scopes.md
@ -62,7 +62,7 @@ Oauth2️⃣ 👫 🎻.

 🥇, ➡️ 🔜 👀 🍕 👈 🔀 ⚪️➡️ 🖼 👑 **🔰 - 👩‍💻 🦮** [Oauth2️⃣ ⏮️ 🔐 (&amp; 🔁), 📨 ⏮️ 🥙 🤝](../../tutorial/security/oauth2-jwt.md){.internal-link target=_blank}. 🔜 ⚙️ Oauth2️⃣ ↔:

-{* ../../docs_src/security/tutorial005.py hl[2,4,8,12,46,64,105,107:115,121:124,128:134,139,155] *}
+{* ../../docs_src/security/tutorial005.py hl[2,4,8,12,46,64,105,107:115,121:125,129:135,140,156] *}

 🔜 ➡️ 📄 👈 🔀 🔁 🔁.

@ -98,7 +98,7 @@ Oauth2️⃣ 👫 🎻.

 ///

-{* ../../docs_src/security/tutorial005.py hl[155] *}
+{* ../../docs_src/security/tutorial005.py hl[156] *}

 ## 📣 ↔ *➡ 🛠️* &amp; 🔗

@ -124,7 +124,7 @@ Oauth2️⃣ 👫 🎻.

 ///

-{* ../../docs_src/security/tutorial005.py hl[4,139,168] *}
+{* ../../docs_src/security/tutorial005.py hl[4,140,169] *}

 /// info | 📡 ℹ

@ -180,7 +180,7 @@ Oauth2️⃣ 👫 🎻.

 👥 ✔ 👈 👥 ✔️ 👩‍💻 ⏮️ 👈 🆔, &amp; 🚥 🚫, 👥 🤚 👈 🎏 ⚠ 👥 ✍ ⏭.

-{* ../../docs_src/security/tutorial005.py hl[46,116:127] *}
+{* ../../docs_src/security/tutorial005.py hl[46,116:128] *}

 ## ✔ `scopes`

@ -188,7 +188,7 @@ Oauth2️⃣ 👫 🎻.

 👉, 👥 ⚙️ `security_scopes.scopes`, 👈 🔌 `list` ⏮️ 🌐 👫 ↔ `str`.

-{* ../../docs_src/security/tutorial005.py hl[128:134] *}
+{* ../../docs_src/security/tutorial005.py hl[129:135] *}

 ## 🔗 🌲 &amp; ↔

--- a/docs/en/docs/advanced/security/oauth2-scopes.md
+++ b/docs/en/docs/advanced/security/oauth2-scopes.md
@ -62,7 +62,7 @@ For OAuth2 they are just strings.

 First, let's quickly see the parts that change from the examples in the main **Tutorial - User Guide** for [OAuth2 with Password (and hashing), Bearer with JWT tokens](../../tutorial/security/oauth2-jwt.md){.internal-link target=_blank}. Now using OAuth2 scopes:

-{* ../../docs_src/security/tutorial005_an_py310.py hl[5,9,13,47,65,106,108:116,122:125,129:135,140,156] *}
+{* ../../docs_src/security/tutorial005_an_py310.py hl[5,9,13,47,65,106,108:116,122:126,130:136,141,157] *}

 Now let's review those changes step by step.

@ -98,7 +98,7 @@ But in your application, for security, you should make sure you only add the sco

 ///

-{* ../../docs_src/security/tutorial005_an_py310.py hl[156] *}
+{* ../../docs_src/security/tutorial005_an_py310.py hl[157] *}

 ## Declare scopes in *path operations* and dependencies

@ -124,7 +124,7 @@ We are doing it here to demonstrate how **FastAPI** handles scopes declared at d

 ///

-{* ../../docs_src/security/tutorial005_an_py310.py hl[5,140,171] *}
+{* ../../docs_src/security/tutorial005_an_py310.py hl[5,141,172] *}

 /// info | Technical Details

@ -180,7 +180,7 @@ Instead of, for example, a `dict`, or something else, as it could break the appl

 We also verify that we have a user with that username, and if not, we raise that same exception we created before.

-{* ../../docs_src/security/tutorial005_an_py310.py hl[47,117:128] *}
+{* ../../docs_src/security/tutorial005_an_py310.py hl[47,117:129] *}

 ## Verify the `scopes`

@ -188,7 +188,7 @@ We now verify that all the scopes required, by this dependency and all the depen

 For this, we use `security_scopes.scopes`, that contains a `list` with all these scopes as `str`.

-{* ../../docs_src/security/tutorial005_an_py310.py hl[129:135] *}
+{* ../../docs_src/security/tutorial005_an_py310.py hl[130:136] *}

 ## Dependency tree and scopes

--- a/docs_src/security/tutorial005.py
+++ b/docs_src/security/tutorial005.py
@ -119,7 +119,8 @@ async def get_current_user(
        username: str = payload.get("sub")
        if username is None:
            raise credentials_exception
-        token_scopes = payload.get("scopes", [])
+        scope: str = payload.get("scope", "")
+        token_scopes = scope.split(" ")
        token_data = TokenData(scopes=token_scopes, username=username)
    except (InvalidTokenError, ValidationError):
        raise credentials_exception
@ -153,7 +154,7 @@ async def login_for_access_token(
        raise HTTPException(status_code=400, detail="Incorrect username or password")
    access_token_expires = timedelta(minutes=ACCESS_TOKEN_EXPIRE_MINUTES)
    access_token = create_access_token(
-        data={"sub": user.username, "scopes": form_data.scopes},
+        data={"sub": user.username, "scope": " ".join(form_data.scopes)},
        expires_delta=access_token_expires,
    )
    return Token(access_token=access_token, token_type="bearer")
--- a/docs_src/security/tutorial005_an.py
+++ b/docs_src/security/tutorial005_an.py
@ -120,7 +120,8 @@ async def get_current_user(
        username = payload.get("sub")
        if username is None:
            raise credentials_exception
-        token_scopes = payload.get("scopes", [])
+        scope: str = payload.get("scope", "")
+        token_scopes = scope.split(" ")
        token_data = TokenData(scopes=token_scopes, username=username)
    except (InvalidTokenError, ValidationError):
        raise credentials_exception
@ -154,7 +155,7 @@ async def login_for_access_token(
        raise HTTPException(status_code=400, detail="Incorrect username or password")
    access_token_expires = timedelta(minutes=ACCESS_TOKEN_EXPIRE_MINUTES)
    access_token = create_access_token(
-        data={"sub": user.username, "scopes": form_data.scopes},
+        data={"sub": user.username, "scope": " ".join(form_data.scopes)},
        expires_delta=access_token_expires,
    )
    return Token(access_token=access_token, token_type="bearer")
--- a/docs_src/security/tutorial005_an_py310.py
+++ b/docs_src/security/tutorial005_an_py310.py
@ -119,7 +119,8 @@ async def get_current_user(
        username = payload.get("sub")
        if username is None:
            raise credentials_exception
-        token_scopes = payload.get("scopes", [])
+        scope: str = payload.get("scope", "")
+        token_scopes = scope.split(" ")
        token_data = TokenData(scopes=token_scopes, username=username)
    except (InvalidTokenError, ValidationError):
        raise credentials_exception
@ -153,7 +154,7 @@ async def login_for_access_token(
        raise HTTPException(status_code=400, detail="Incorrect username or password")
    access_token_expires = timedelta(minutes=ACCESS_TOKEN_EXPIRE_MINUTES)
    access_token = create_access_token(
-        data={"sub": user.username, "scopes": form_data.scopes},
+        data={"sub": user.username, "scope": " ".join(form_data.scopes)},
        expires_delta=access_token_expires,
    )
    return Token(access_token=access_token, token_type="bearer")
--- a/docs_src/security/tutorial005_an_py39.py
+++ b/docs_src/security/tutorial005_an_py39.py
@ -119,7 +119,8 @@ async def get_current_user(
        username = payload.get("sub")
        if username is None:
            raise credentials_exception
-        token_scopes = payload.get("scopes", [])
+        scope: str = payload.get("scope", "")
+        token_scopes = scope.split(" ")
        token_data = TokenData(scopes=token_scopes, username=username)
    except (InvalidTokenError, ValidationError):
        raise credentials_exception
@ -153,7 +154,7 @@ async def login_for_access_token(
        raise HTTPException(status_code=400, detail="Incorrect username or password")
    access_token_expires = timedelta(minutes=ACCESS_TOKEN_EXPIRE_MINUTES)
    access_token = create_access_token(
-        data={"sub": user.username, "scopes": form_data.scopes},
+        data={"sub": user.username, "scope": " ".join(form_data.scopes)},
        expires_delta=access_token_expires,
    )
    return Token(access_token=access_token, token_type="bearer")
--- a/docs_src/security/tutorial005_py310.py
+++ b/docs_src/security/tutorial005_py310.py
@ -118,7 +118,8 @@ async def get_current_user(
        username: str = payload.get("sub")
        if username is None:
            raise credentials_exception
-        token_scopes = payload.get("scopes", [])
+        scope: str = payload.get("scope", "")
+        token_scopes = scope.split(" ")
        token_data = TokenData(scopes=token_scopes, username=username)
    except (InvalidTokenError, ValidationError):
        raise credentials_exception
@ -152,7 +153,7 @@ async def login_for_access_token(
        raise HTTPException(status_code=400, detail="Incorrect username or password")
    access_token_expires = timedelta(minutes=ACCESS_TOKEN_EXPIRE_MINUTES)
    access_token = create_access_token(
-        data={"sub": user.username, "scopes": form_data.scopes},
+        data={"sub": user.username, "scope": " ".join(form_data.scopes)},
        expires_delta=access_token_expires,
    )
    return Token(access_token=access_token, token_type="bearer")
--- a/docs_src/security/tutorial005_py39.py
+++ b/docs_src/security/tutorial005_py39.py
@ -119,7 +119,8 @@ async def get_current_user(
        username: str = payload.get("sub")
        if username is None:
            raise credentials_exception
-        token_scopes = payload.get("scopes", [])
+        scope: str = payload.get("scope", "")
+        token_scopes = scope.split(" ")
        token_data = TokenData(scopes=token_scopes, username=username)
    except (InvalidTokenError, ValidationError):
        raise credentials_exception
@ -153,7 +154,7 @@ async def login_for_access_token(
        raise HTTPException(status_code=400, detail="Incorrect username or password")
    access_token_expires = timedelta(minutes=ACCESS_TOKEN_EXPIRE_MINUTES)
    access_token = create_access_token(
-        data={"sub": user.username, "scopes": form_data.scopes},
+        data={"sub": user.username, "scope": " ".join(form_data.scopes)},
        expires_delta=access_token_expires,
    )
    return Token(access_token=access_token, token_type="bearer")