[19.0][MIG] fastapi_auth_api_key: Migration to 19.0

fastapi_auth_api_key/README.rst

@@ -0,0 +1,135 @@
+.. image:: https://odoo-community.org/readme-banner-image
+   :target: https://odoo-community.org/get-involved?utm_source=readme
+   :alt: Odoo Community Association
+
+====================
+Fastapi Auth API Key
+====================
+
+.. 
+   !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+   !! This file is generated by oca-gen-addon-readme !!
+   !! changes will be overwritten.                   !!
+   !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+   !! source digest: sha256:48191f57e5bf9c229b23db831db547eb150706930ed1dbafdc5386025ee20d09
+   !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+
+.. |badge1| image:: https://img.shields.io/badge/maturity-Beta-yellow.png
+    :target: https://odoo-community.org/page/development-status
+    :alt: Beta
+.. |badge2| image:: https://img.shields.io/badge/license-AGPL--3-blue.png
+    :target: http://www.gnu.org/licenses/agpl-3.0-standalone.html
+    :alt: License: AGPL-3
+.. |badge3| image:: https://img.shields.io/badge/github-OCA%2Frest--framework-lightgray.png?logo=github
+    :target: https://github.com/OCA/rest-framework/tree/19.0/fastapi_auth_api_key
+    :alt: OCA/rest-framework
+.. |badge4| image:: https://img.shields.io/badge/weblate-Translate%20me-F47D42.png
+    :target: https://translation.odoo-community.org/projects/rest-framework-19-0/rest-framework-19-0-fastapi_auth_api_key
+    :alt: Translate me on Weblate
+.. |badge5| image:: https://img.shields.io/badge/runboat-Try%20me-875A7B.png
+    :target: https://runboat.odoo-community.org/builds?repo=OCA/rest-framework&target_branch=19.0
+    :alt: Try me on Runboat
+
+|badge1| |badge2| |badge3| |badge4| |badge5|
+
+Provides FastAPI dependencies for Api Key authentication.
+
+**Table of contents**
+
+.. contents::
+   :local:
+
+Usage
+=====
+
+Getting an odoo environment
+---------------------------
+
+If you need to get an odoo env based on the provided api key, you can
+use authenticated_env_by_auth_api_key.
+
+.. code:: python
+
+   @router.get("/example_with_authenticated_env")
+   def example_with_authenticated_env(
+       env: Annotated[Environment, Depends(authenticated_env_by_auth_api_key)],
+   ) -> None:
+       # env.user is the user attached to the provided key
+       pass
+
+Getting the authenticated partner
+---------------------------------
+
+If want to get the partned related to the the provided api key, you can
+use authenticated_partner_by_api_key
+
+.. code:: python
+
+   @router.get("/example_with_authenticated_partner")
+   def example_with_authenticated_partner(
+       partner: Annotated[Partner, Depends(authenticated_partner_by_api_key)],
+   ) -> None:
+       # partner is the partner related to the provided key key.user_id.partner_id
+       pass
+
+Configuration
+-------------
+
+For this to work, the api key must be defined on the Endpoint. A new
+field auth_api_key_group_id has been added to the Endpoint model.
+
+Bug Tracker
+===========
+
+Bugs are tracked on `GitHub Issues <https://github.com/OCA/rest-framework/issues>`_.
+In case of trouble, please check there if your issue has already been reported.
+If you spotted it first, help us to smash it by providing a detailed and welcomed
+`feedback <https://github.com/OCA/rest-framework/issues/new?body=module:%20fastapi_auth_api_key%0Aversion:%2019.0%0A%0A**Steps%20to%20reproduce**%0A-%20...%0A%0A**Current%20behavior**%0A%0A**Expected%20behavior**>`_.
+
+Do not contact contributors directly about support or help with technical issues.
+
+Credits
+=======
+
+Authors
+-------
+
+* Camptocamp
+
+Contributors
+------------
+
+- Matthieu Méquignon <matthieu.mequignon@camptocamp.com>
+- Son Ho <sonhd@trobz.com>
+- Giuseppe Ardoselli <agiuseppe28@gmail.com>
+
+Other credits
+-------------
+
+The migration of this module from 17.0 to 18.0 was financially supported
+by Camptocamp
+
+Maintainers
+-----------
+
+This module is maintained by the OCA.
+
+.. image:: https://odoo-community.org/logo.png
+   :alt: Odoo Community Association
+   :target: https://odoo-community.org
+
+OCA, or the Odoo Community Association, is a nonprofit organization whose
+mission is to support the collaborative development of Odoo features and
+promote its widespread use.
+
+.. |maintainer-mmequignon| image:: https://github.com/mmequignon.png?size=40px
+    :target: https://github.com/mmequignon
+    :alt: mmequignon
+
+Current `maintainer <https://odoo-community.org/page/maintainer-role>`__:
+
+|maintainer-mmequignon| 
+
+This module is part of the `OCA/rest-framework <https://github.com/OCA/rest-framework/tree/19.0/fastapi_auth_api_key>`_ project on GitHub.
+
+You are welcome to contribute. To learn how please visit https://odoo-community.org/page/Contribute.

fastapi_auth_api_key/__init__.py

@@ -0,0 +1 @@
+from . import models

fastapi_auth_api_key/__manifest__.py

@@ -0,0 +1,20 @@
+# Copyright 2024 Camptocamp SA
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl)
+
+{
+    "name": "Fastapi Auth API Key",
+    "version": "19.0.1.0.0",
+    "category": "Others",
+    "website": "https://github.com/OCA/rest-framework",
+    "author": "Camptocamp, Odoo Community Association (OCA)",
+    "maintainers": ["mmequignon"],
+    "license": "AGPL-3",
+    "installable": True,
+    "depends": [
+        "fastapi",
+        "auth_api_key_group",
+    ],
+    "data": [
+        "views/fastapi_endpoint.xml",
+    ],
+}

fastapi_auth_api_key/dependencies.py

@@ -0,0 +1,69 @@
+# Copyright 2024 Camptocamp SA
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl)
+import os
+from typing import Annotated
+
+from fastapi.exceptions import HTTPException
+
+from odoo import SUPERUSER_ID
+from odoo.api import Environment
+from odoo.exceptions import ValidationError
+
+from odoo.addons.auth_api_key.models.auth_api_key import AuthApiKey
+from odoo.addons.base.models.res_partner import ResPartner
+from odoo.addons.fastapi.dependencies import fastapi_endpoint, odoo_env
+from odoo.addons.fastapi.models.fastapi_endpoint import FastapiEndpoint
+
+from fastapi import Depends, status
+from fastapi.security import APIKeyHeader
+
+HTTP_API_KEY_HEADER = os.environ.get("FASTAPI_AUTH_HTTP_API_KEY_HEADER", "HTTP-API-KEY")
+
+
+def authenticated_auth_api_key(
+    key: Annotated[str, Depends(APIKeyHeader(name=HTTP_API_KEY_HEADER))],
+    env: Annotated[Environment, Depends(odoo_env)],
+    endpoint: Annotated[FastapiEndpoint, Depends(fastapi_endpoint)],
+) -> AuthApiKey:
+    if not key:
+        raise HTTPException(
+            status_code=status.HTTP_401_UNAUTHORIZED,
+            detail=env._(
+                "Missing %(HTTP_API_KEY_HEADER)s header",
+                HTTP_API_KEY_HEADER=HTTP_API_KEY_HEADER,
+            ),
+            headers={"WWW-Authenticate": HTTP_API_KEY_HEADER},
+        )
+    admin_env = Environment(env.cr, SUPERUSER_ID, {})
+    try:
+        auth_api_key = admin_env["auth.api.key"]._retrieve_api_key(key)
+    except ValidationError as error:
+        raise HTTPException(
+            status_code=status.HTTP_401_UNAUTHORIZED,
+            detail=error.args,
+            headers={"WWW-Authenticate": HTTP_API_KEY_HEADER},
+        ) from error
+    # Ensure the api key is authorized for the current endpoint.
+    if (
+        endpoint.sudo().auth_api_key_group_id
+        and auth_api_key not in endpoint.sudo().auth_api_key_group_id.auth_api_key_ids
+    ):
+        raise HTTPException(
+            status_code=status.HTTP_401_UNAUTHORIZED,
+            detail=env._("Unauthorized"),
+            headers={"WWW-Authenticate": HTTP_API_KEY_HEADER},
+        )
+    return auth_api_key
+
+
+def authenticated_partner_by_api_key(
+    auth_api_key: Annotated[AuthApiKey, Depends(authenticated_auth_api_key)],
+) -> ResPartner:
+    return auth_api_key.user_id.partner_id
+
+
+def authenticated_env_by_auth_api_key(
+    auth_api_key: Annotated[AuthApiKey, Depends(authenticated_auth_api_key)],
+) -> Environment:
+    # set api key id in context
+    return auth_api_key.with_user(auth_api_key.user_id).env

fastapi_auth_api_key/i18n/fastapi_auth_api_key.pot

@@ -0,0 +1,41 @@
+# Translation of Odoo Server.
+# This file contains the translation of the following modules:
+# 	* fastapi_auth_api_key
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: Odoo Server 18.0\n"
+"Report-Msgid-Bugs-To: \n"
+"Last-Translator: \n"
+"Language-Team: \n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: \n"
+"Plural-Forms: \n"
+
+#. module: fastapi_auth_api_key
+#: model:ir.model.fields,field_description:fastapi_auth_api_key.field_fastapi_endpoint__auth_api_key_group_id
+msgid "Auth Api Key Group"
+msgstr ""
+
+#. module: fastapi_auth_api_key
+#: model:ir.model,name:fastapi_auth_api_key.model_fastapi_endpoint
+msgid "FastAPI Endpoint"
+msgstr ""
+
+#. module: fastapi_auth_api_key
+#: model:ir.model.fields,help:fastapi_auth_api_key.field_fastapi_endpoint__auth_api_key_group_id
+msgid "If not set, all 'auth.api.key' are allowed to access to endpoints"
+msgstr ""
+
+#. module: fastapi_auth_api_key
+#. odoo-python
+#: code:addons/fastapi_auth_api_key/dependencies.py:0
+msgid "Missing %(HTTP_API_KEY_HEADER)s header"
+msgstr ""
+
+#. module: fastapi_auth_api_key
+#. odoo-python
+#: code:addons/fastapi_auth_api_key/dependencies.py:0
+msgid "Unauthorized"
+msgstr ""

fastapi_auth_api_key/i18n/it.po

@@ -0,0 +1,46 @@
+# Translation of Odoo Server.
+# This file contains the translation of the following modules:
+# 	* fastapi_auth_api_key
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: Odoo Server 18.0\n"
+"Report-Msgid-Bugs-To: \n"
+"PO-Revision-Date: 2025-12-10 11:43+0000\n"
+"Last-Translator: mymage <stefano.consolaro@mymage.it>\n"
+"Language-Team: none\n"
+"Language: it\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: \n"
+"Plural-Forms: nplurals=2; plural=n != 1;\n"
+"X-Generator: Weblate 5.10.4\n"
+
+#. module: fastapi_auth_api_key
+#: model:ir.model.fields,field_description:fastapi_auth_api_key.field_fastapi_endpoint__auth_api_key_group_id
+msgid "Auth Api Key Group"
+msgstr "Gruppo chiave API autorizzazione"
+
+#. module: fastapi_auth_api_key
+#: model:ir.model,name:fastapi_auth_api_key.model_fastapi_endpoint
+msgid "FastAPI Endpoint"
+msgstr "Endpoint FastAPI"
+
+#. module: fastapi_auth_api_key
+#: model:ir.model.fields,help:fastapi_auth_api_key.field_fastapi_endpoint__auth_api_key_group_id
+msgid "If not set, all 'auth.api.key' are allowed to access to endpoints"
+msgstr ""
+"Se non impostata, tutte le 'auth.api.key' sono abilitate ad accedere agli "
+"endpoint"
+
+#. module: fastapi_auth_api_key
+#. odoo-python
+#: code:addons/fastapi_auth_api_key/dependencies.py:0
+msgid "Missing %(HTTP_API_KEY_HEADER)s header"
+msgstr "Header %(HTTP_API_KEY_HEADER)s mancante"
+
+#. module: fastapi_auth_api_key
+#. odoo-python
+#: code:addons/fastapi_auth_api_key/dependencies.py:0
+msgid "Unauthorized"
+msgstr "Non autorizzata"

fastapi_auth_api_key/models/__init__.py

@@ -0,0 +1 @@
+from . import fastapi_endpoint

fastapi_auth_api_key/models/fastapi_endpoint.py

@@ -0,0 +1,13 @@
+# Copyright 2024 Camptocamp SA
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl)
+
+from odoo import fields, models
+
+
+class FastapiEndpoint(models.Model):
+    _inherit = "fastapi.endpoint"
+
+    auth_api_key_group_id = fields.Many2one(
+        "auth.api.key.group",
+        help="If not set, all 'auth.api.key' are allowed to access to endpoints",
+    )

fastapi_auth_api_key/pyproject.toml

@@ -0,0 +1,3 @@
+[build-system]
+requires = ["whool"]
+build-backend = "whool.buildapi"

fastapi_auth_api_key/readme/CONTRIBUTORS.md

@@ -0,0 +1,3 @@
+- Matthieu Méquignon \<<matthieu.mequignon@camptocamp.com>\>
+- Son Ho \<<sonhd@trobz.com>\>
+- Giuseppe Ardoselli \<<agiuseppe28@gmail.com>\>

fastapi_auth_api_key/readme/CREDITS.md

@@ -0,0 +1,2 @@
+The migration of this module from 17.0 to 18.0 was financially supported
+by Camptocamp

fastapi_auth_api_key/readme/DESCRIPTION.md

@@ -0,0 +1 @@
+Provides FastAPI dependencies for Api Key authentication.

fastapi_auth_api_key/readme/USAGE.md

@@ -0,0 +1,32 @@
+## Getting an odoo environment
+
+If you need to get an odoo env based on the provided api key, you can
+use authenticated_env_by_auth_api_key.
+
+``` python
+@router.get("/example_with_authenticated_env")
+def example_with_authenticated_env(
+    env: Annotated[Environment, Depends(authenticated_env_by_auth_api_key)],
+) -> None:
+    # env.user is the user attached to the provided key
+    pass
+```
+
+## Getting the authenticated partner
+
+If want to get the partned related to the the provided api key, you can
+use authenticated_partner_by_api_key
+
+``` python
+@router.get("/example_with_authenticated_partner")
+def example_with_authenticated_partner(
+    partner: Annotated[Partner, Depends(authenticated_partner_by_api_key)],
+) -> None:
+    # partner is the partner related to the provided key key.user_id.partner_id
+    pass
+```
+
+## Configuration
+
+For this to work, the api key must be defined on the Endpoint. A new
+field auth_api_key_group_id has been added to the Endpoint model.