tiangolo.fastapi/docs/em/docs/advanced/security/oauth2-scopes.md

Oauth2️⃣ ↔

👆 💪 ⚙️ Oauth2️⃣ ↔ 🔗 ⏮️ FastAPI, 👫 🛠️ 👷 💎.

👉 🔜 ✔ 👆 ✔️ 🌖 👌-🧽 ✔ ⚙️, 📄 Oauth2️⃣ 🐩, 🛠️ 🔘 👆 🗄 🈸 (& 🛠️ 🩺).

Oauth2️⃣ ⏮️ ↔ 🛠️ ⚙️ 📚 🦏 🤝 🐕‍🦺, 💖 👱📔, 🇺🇸🔍, 📂, 🤸‍♂, 👱📔, ♒️. 👫 ⚙️ ⚫️ 🚚 🎯 ✔ 👩‍💻 & 🈸.

🔠 🕰 👆 "🕹 ⏮️" 👱📔, 🇺🇸🔍, 📂, 🤸‍♂, 👱📔, 👈 🈸 ⚙️ Oauth2️⃣ ⏮️ ↔.

👉 📄 👆 🔜 👀 ❔ 🛠️ 🤝 & ✔ ⏮️ 🎏 Oauth2️⃣ ⏮️ ↔ 👆 FastAPI 🈸.

!!! warning 👉 🌅 ⚖️ 🌘 🏧 📄. 🚥 👆 ▶️, 👆 💪 🚶 ⚫️.

👆 🚫 🎯 💪 Oauth2️⃣ ↔, & 👆 💪 🍵 🤝 & ✔ 👐 👆 💚.

✋️ Oauth2️⃣ ⏮️ ↔ 💪 🎆 🛠️ 🔘 👆 🛠️ (⏮️ 🗄) & 👆 🛠️ 🩺.

👐, 👆 🛠️ 📚 ↔, ⚖️ 🙆 🎏 💂‍♂/✔ 📄, 👐 👆 💪, 👆 📟.

📚 💼, Oauth2️⃣ ⏮️ ↔ 💪 👹.

✋️ 🚥 👆 💭 👆 💪 ⚫️, ⚖️ 👆 😟, 🚧 👂.

Oauth2️⃣ ↔ & 🗄

Oauth2️⃣ 🔧 🔬 "↔" 📇 🎻 🎏 🚀.

🎚 🔠 👉 🎻 💪 ✔️ 🙆 📁, ✋️ 🔜 🚫 🔌 🚀.

👫 ↔ 🎨 "✔".

🗄 (✅ 🛠️ 🩺), 👆 💪 🔬 "💂‍♂ ⚖".

🕐❔ 1️⃣ 👫 💂‍♂ ⚖ ⚙️ Oauth2️⃣, 👆 💪 📣 & ⚙️ ↔.

🔠 "↔" 🎻 (🍵 🚀).

👫 🛎 ⚙️ 📣 🎯 💂‍♂ ✔, 🖼:

• users:read ⚖️ users:write ⚠ 🖼.
• instagram_basic ⚙️ 👱📔 / 👱📔.
• https://www.googleapis.com/auth/drive ⚙️ 🇺🇸🔍.

!!! info Oauth2️⃣ "↔" 🎻 👈 📣 🎯 ✔ ✔.

⚫️ 🚫 🤔 🚥 ⚫️ ✔️ 🎏 🦹 💖 `:` ⚖️ 🚥 ⚫️ 📛.

👈 ℹ 🛠️ 🎯.

Oauth2️⃣ 👫 🎻.

🌐 🎑

🥇, ➡️ 🔜 👀 🍕 👈 🔀 ⚪️➡️ 🖼 👑 🔰 - 👩‍💻 🦮 Oauth2️⃣ ⏮️ 🔐 (& 🔁), 📨 ⏮️ 🥙 🤝{.internal-link target=_blank}. 🔜 ⚙️ Oauth2️⃣ ↔:

{!../../../docs_src/security/tutorial005.py!}

🔜 ➡️ 📄 👈 🔀 🔁 🔁.

Oauth2️⃣ 💂‍♂ ⚖

🥇 🔀 👈 🔜 👥 📣 Oauth2️⃣ 💂‍♂ ⚖ ⏮️ 2️⃣ 💪 ↔, me & items.

scopes 🔢 📨 dict ⏮️ 🔠 ↔ 🔑 & 📛 💲:

{!../../../docs_src/security/tutorial005.py!}

↩️ 👥 🔜 📣 📚 ↔, 👫 🔜 🎦 🆙 🛠️ 🩺 🕐❔ 👆 🕹-/✔.

& 👆 🔜 💪 🖊 ❔ ↔ 👆 💚 🤝 🔐: me & items.

👉 🎏 🛠️ ⚙️ 🕐❔ 👆 🤝 ✔ ⏪ 🚨 ⏮️ 👱📔, 🇺🇸🔍, 📂, ♒️:

🥙 🤝 ⏮️ ↔

🔜, 🔀 🤝 ➡ 🛠️ 📨 ↔ 📨.

👥 ⚙️ 🎏 OAuth2PasswordRequestForm. ⚫️ 🔌 🏠 scopes ⏮️ list str, ⏮️ 🔠 ↔ ⚫️ 📨 📨.

& 👥 📨 ↔ 🍕 🥙 🤝.

!!! danger 🦁, 📥 👥 ❎ ↔ 📨 🔗 🤝.

✋️ 👆 🈸, 💂‍♂, 👆 🔜 ⚒ 💭 👆 🕴 🚮 ↔ 👈 👩‍💻 🤙 💪 ✔️, ⚖️ 🕐 👆 ✔️ 🔁.

{!../../../docs_src/security/tutorial005.py!}

📣 ↔ ➡ 🛠️ & 🔗

🔜 👥 📣 👈 ➡ 🛠️ /users/me/items/ 🚚 ↔ items.

👉, 👥 🗄 & ⚙️ Security ⚪️➡️ fastapi.

👆 💪 ⚙️ Security 📣 🔗 (💖 Depends), ✋️ Security 📨 🔢 scopes ⏮️ 📇 ↔ (🎻).

👉 💼, 👥 🚶‍♀️ 🔗 🔢 get_current_active_user Security (🎏 🌌 👥 🔜 ⏮️ Depends).

✋️ 👥 🚶‍♀️ list ↔, 👉 💼 ⏮️ 1️⃣ ↔: items (⚫️ 💪 ✔️ 🌅).

& 🔗 🔢 get_current_active_user 💪 📣 🎧-🔗, 🚫 🕴 ⏮️ Depends ✋️ ⏮️ Security. 📣 🚮 👍 🎧-🔗 🔢 (get_current_user), & 🌖 ↔ 📄.

👉 💼, ⚫️ 🚚 ↔ me (⚫️ 💪 🚚 🌅 🌘 1️⃣ ↔).

!!! note 👆 🚫 🎯 💪 🚮 🎏 ↔ 🎏 🥉.

👥 🔨 ⚫️ 📥 🎦 ❔ **FastAPI** 🍵 ↔ 📣 🎏 🎚.

{!../../../docs_src/security/tutorial005.py!}

!!! info "📡 ℹ" Security 🤙 🏿 Depends, & ⚫️ ✔️ 1️⃣ ➕ 🔢 👈 👥 🔜 👀 ⏪.

✋️ ⚙️ `Security` ↩️ `Depends`, **FastAPI** 🔜 💭 👈 ⚫️ 💪 📣 💂‍♂ ↔, ⚙️ 👫 🔘, & 📄 🛠️ ⏮️ 🗄.

✋️ 🕐❔ 👆 🗄 `Query`, `Path`, `Depends`, `Security` & 🎏 ⚪️➡️ `fastapi`, 👈 🤙 🔢 👈 📨 🎁 🎓.

⚙️ SecurityScopes

🔜 ℹ 🔗 get_current_user.

👉 1️⃣ ⚙️ 🔗 🔛.

📥 👥 ⚙️ 🎏 Oauth2️⃣ ⚖ 👥 ✍ ⏭, 📣 ⚫️ 🔗: oauth2_scheme.

↩️ 👉 🔗 🔢 🚫 ✔️ 🙆 ↔ 📄 ⚫️, 👥 💪 ⚙️ Depends ⏮️ oauth2_scheme, 👥 🚫 ✔️ ⚙️ Security 🕐❔ 👥 🚫 💪 ✔ 💂‍♂ ↔.

👥 📣 🎁 🔢 🆎 SecurityScopes, 🗄 ⚪️➡️ fastapi.security.

👉 SecurityScopes 🎓 🎏 Request (Request ⚙️ 🤚 📨 🎚 🔗).

{!../../../docs_src/security/tutorial005.py!}

⚙️ scopes

🔢 security_scopes 🔜 🆎 SecurityScopes.

⚫️ 🔜 ✔️ 🏠 scopes ⏮️ 📇 ⚗ 🌐 ↔ ✔ ⚫️ & 🌐 🔗 👈 ⚙️ 👉 🎧-🔗. 👈 ⛓, 🌐 "⚓️"... 👉 💪 🔊 😨, ⚫️ 🔬 🔄 ⏪ 🔛.

security_scopes 🎚 (🎓 SecurityScopes) 🚚 scope_str 🔢 ⏮️ 👁 🎻, 🔌 👈 ↔ 👽 🚀 (👥 🔜 ⚙️ ⚫️).

👥 ✍ HTTPException 👈 👥 💪 🏤-⚙️ (raise) ⏪ 📚 ☝.

👉 ⚠, 👥 🔌 ↔ 🚚 (🚥 🙆) 🎻 👽 🚀 (⚙️ scope_str). 👥 🚮 👈 🎻 ⚗ ↔ WWW-Authenticate 🎚 (👉 🍕 🔌).

{!../../../docs_src/security/tutorial005.py!}

✔ username & 💽 💠

👥 ✔ 👈 👥 🤚 username, & ⚗ ↔.

& ⤴️ 👥 ✔ 👈 📊 ⏮️ Pydantic 🏷 (✊ ValidationError ⚠), & 🚥 👥 🤚 ❌ 👂 🥙 🤝 ⚖️ ⚖ 📊 ⏮️ Pydantic, 👥 🤚 HTTPException 👥 ✍ ⏭.

👈, 👥 ℹ Pydantic 🏷 TokenData ⏮️ 🆕 🏠 scopes.

⚖ 📊 ⏮️ Pydantic 👥 💪 ⚒ 💭 👈 👥 ✔️, 🖼, ⚫️❔ list str ⏮️ ↔ & str ⏮️ username.

↩️, 🖼, dict, ⚖️ 🕳 🙆, ⚫️ 💪 💔 🈸 ☝ ⏪, ⚒ ⚫️ 💂‍♂ ⚠.

👥 ✔ 👈 👥 ✔️ 👩‍💻 ⏮️ 👈 🆔, & 🚥 🚫, 👥 🤚 👈 🎏 ⚠ 👥 ✍ ⏭.

{!../../../docs_src/security/tutorial005.py!}

✔ scopes

👥 🔜 ✔ 👈 🌐 ↔ ✔, 👉 🔗 & 🌐 ⚓️ (🔌 ➡ 🛠️), 🔌 ↔ 🚚 🤝 📨, ⏪ 🤚 HTTPException.

👉, 👥 ⚙️ security_scopes.scopes, 👈 🔌 list ⏮️ 🌐 👫 ↔ str.

{!../../../docs_src/security/tutorial005.py!}

🔗 🌲 & ↔

➡️ 📄 🔄 👉 🔗 🌲 & ↔.

get_current_active_user 🔗 ✔️ 🎧-🔗 🔛 get_current_user, ↔ "me" 📣 get_current_active_user 🔜 🔌 📇 ✔ ↔ security_scopes.scopes 🚶‍♀️ get_current_user.

➡ 🛠️ ⚫️ 📣 ↔, "items", 👉 🔜 📇 security_scopes.scopes 🚶‍♀️ get_current_user.

📥 ❔ 🔗 🔗 & ↔ 👀 💖:

• ➡ 🛠️ read_own_items ✔️:
  • ✔ ↔ ["items"] ⏮️ 🔗:
  • get_current_active_user:
    • 🔗 🔢 get_current_active_user ✔️:
      • ✔ ↔ ["me"] ⏮️ 🔗:
      • get_current_user:
        • 🔗 🔢 get_current_user ✔️:
          • 🙅‍♂ ↔ ✔ ⚫️.
          • 🔗 ⚙️ oauth2_scheme.
          • security_scopes 🔢 🆎 SecurityScopes:
            • 👉 security_scopes 🔢 ✔️ 🏠 scopes ⏮️ list ⚗ 🌐 👫 ↔ 📣 🔛,:
              • security_scopes.scopes 🔜 🔌 ["me", "items"] ➡ 🛠️ read_own_items.
              • security_scopes.scopes 🔜 🔌 ["me"] ➡ 🛠️ read_users_me, ↩️ ⚫️ 📣 🔗 get_current_active_user.
              • security_scopes.scopes 🔜 🔌 [] (🕳) ➡ 🛠️ read_system_status, ↩️ ⚫️ 🚫 📣 🙆 Security ⏮️ scopes, & 🚮 🔗, get_current_user, 🚫 📣 🙆 scope 👯‍♂️.

!!! tip ⚠ & "🎱" 👜 📥 👈 get_current_user 🔜 ✔️ 🎏 📇 scopes ✅ 🔠 ➡ 🛠️.

🌐 ⚓️ 🔛 `scopes` 📣 🔠 *➡ 🛠️* & 🔠 🔗 🔗 🌲 👈 🎯 *➡ 🛠️*.

🌖 ℹ 🔃 SecurityScopes

👆 💪 ⚙️ SecurityScopes 🙆 ☝, & 💗 🥉, ⚫️ 🚫 ✔️ "🌱" 🔗.

⚫️ 🔜 🕧 ✔️ 💂‍♂ ↔ 📣 ⏮️ Security 🔗 & 🌐 ⚓️ 👈 🎯 ➡ 🛠️ & 👈 🎯 🔗 🌲.

↩️ SecurityScopes 🔜 ✔️ 🌐 ↔ 📣 ⚓️, 👆 💪 ⚙️ ⚫️ ✔ 👈 🤝 ✔️ 🚚 ↔ 🇨🇫 🔗 🔢, & ⤴️ 📣 🎏 ↔ 📄 🎏 ➡ 🛠️.

👫 🔜 ✅ ➡ 🔠 ➡ 🛠️.

✅ ⚫️

🚥 👆 📂 🛠️ 🩺, 👆 💪 🔓 & ✔ ❔ ↔ 👆 💚 ✔.

🚥 👆 🚫 🖊 🙆 ↔, 👆 🔜 "🔓", ✋️ 🕐❔ 👆 🔄 🔐 /users/me/ ⚖️ /users/me/items/ 👆 🔜 🤚 ❌ 💬 👈 👆 🚫 ✔️ 🥃 ✔. 👆 🔜 💪 🔐 /status/.

& 🚥 👆 🖊 ↔ me ✋️ 🚫 ↔ items, 👆 🔜 💪 🔐 /users/me/ ✋️ 🚫 /users/me/items/.

👈 ⚫️❔ 🔜 🔨 🥉 🥳 🈸 👈 🔄 🔐 1️⃣ 👫 ➡ 🛠️ ⏮️ 🤝 🚚 👩‍💻, ⚓️ 🔛 ❔ 📚 ✔ 👩‍💻 🤝 🈸.

🔃 🥉 🥳 🛠️

👉 🖼 👥 ⚙️ Oauth2️⃣ "🔐" 💧.

👉 ☑ 🕐❔ 👥 🚨 👆 👍 🈸, 🎲 ⏮️ 👆 👍 🕸.

↩️ 👥 💪 💙 ⚫️ 📨 username & password, 👥 🎛 ⚫️.

✋️ 🚥 👆 🏗 Oauth2️⃣ 🈸 👈 🎏 🔜 🔗 (➡, 🚥 👆 🏗 🤝 🐕‍🦺 🌓 👱📔, 🇺🇸🔍, 📂, ♒️.) 👆 🔜 ⚙️ 1️⃣ 🎏 💧.

🌅 ⚠ 🔑 💧.

🏆 🔐 📟 💧, ✋️ 🌖 🏗 🛠️ ⚫️ 🚚 🌅 📶. ⚫️ 🌅 🏗, 📚 🐕‍🦺 🔚 🆙 ✔ 🔑 💧.

!!! note ⚫️ ⚠ 👈 🔠 🤝 🐕‍🦺 📛 👫 💧 🎏 🌌, ⚒ ⚫️ 🍕 👫 🏷.

✋️ 🔚, 👫 🛠️ 🎏 Oauth2️⃣ 🐩.

FastAPI 🔌 🚙 🌐 👫 Oauth2️⃣ 🤝 💧 fastapi.security.oauth2.

Security 👨‍🎨 dependencies

🎏 🌌 👆 💪 🔬 list Depends 👨‍🎨 dependencies 🔢 (🔬 🔗 ➡ 🛠️ 👨‍🎨{.internal-link target=_blank}), 👆 💪 ⚙️ Security ⏮️ scopes 📤.