Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow passing custom headers to metadata request in authorize_redirect #710

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Allow passing custom headers to metadata request in authorize_redirect #710

wants to merge 1 commit into from

Conversation

AlexandrosMaragkakis
Copy link

This pull request implements a feature to allow custom HTTP headers to be passed to the metadata request made by authorize_redirect().

Previously (#633), when calling authorize_redirect(redirect_uri, headers=headers), the custom headers were not forwarded to the GET request for server metadata, causing a 401 Unauthorized error when the endpoint was protected by a security gateway.

What kind of change does this PR introduce? (check at least one)

  • Bugfix
  • Feature
  • Code style update
  • Refactor
  • Other, please describe:

Does this PR introduce a breaking change? (check one)

  • Yes
  • No
  • You consent that the copyright of your pull request source code belongs to Authlib's author.

@azmeuk azmeuk added the client Concerns a client implementation label Feb 21, 2025
@azmeuk
Copy link
Collaborator

azmeuk commented Feb 21, 2025

Hello. Thank you for your contribution. Would you consider adding some unit tests?

@AlexandrosMaragkakis
Copy link
Author

Hello. Unfortunately I don't have any experience in unit testing. Having said that, I am willing to give it a try. Perhaps you could suggest a file from the tests of the project, to serve as an example for me?

@azmeuk
Copy link
Collaborator

azmeuk commented Feb 21, 2025

You could take inspiration from this test, register a client with custom headers, and then check if the mocked send method is called with your custom headers.
If you are not familiar with mock, I guess the subject is pretty well covered on the internet.

azmeuk
azmeuk reviewed Feb 21, 2025
View reviewed changes
authlib/integrations/base_client/sync_app.py Outdated
Comment on lines 346 to 347
if self.client_kwargs is None:
self.client_kwargs = {}
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this needed as client_kwargs is automatically initialized as an empty dict when a None value is passed?

authlib/authlib/integrations/base_client/sync_app.py

Line 217 in da87c8b

self.client_kwargs = client_kwargs or {}

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You are correct, thanks for pointing it out. I also cleaned the other changes a bit.

@AlexandrosMaragkakis AlexandrosMaragkakis force-pushed the feat/authorize_redirect-headers branch from 58f6776 to eaf1e5a Compare February 22, 2025 08:54
@AlexandrosMaragkakis
Copy link
Author

I appreciate the guidance. I'll get on with adding the tests.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@azmeuk azmeuk azmeuk left review comments

Assignees
No one assigned
Labels
client Concerns a client implementation
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@AlexandrosMaragkakis @azmeuk