OAuth2PasswordRequestFormStrict
This is a dependency class to collect the username and password as form data for an OAuth2 password flow.
The OAuth2 specification dictates that for a password flow the data should be collected using form data (instead of JSON) and that it should have the specific fields username and password.
All the initialization parameters are extracted from the request.
The only difference between OAuth2PasswordRequestFormStrict and OAuth2PasswordRequestForm is that OAuth2PasswordRequestFormStrict requires the client to send the form field grant_type with the value "password", which is required in the OAuth2 specification (it seems that for no particular reason), while for OAuth2PasswordRequestForm grant_type is optional.
Attributes
| Attribute | Type | Description |
|---|---|---|
| grant_type | str | the OAuth2 spec says it is required and MUST be the fixed string "password". This dependency is strict about it. If you want to be permissive, use instead the OAuth2PasswordRequestForm dependency class. |
| username | str | username string. The OAuth2 spec requires the exact field name "username". |
| password | str | password string. The OAuth2 spec requires the exact field name "password". |
| scope | str = "" | Optional string. Several scopes (each one a string) separated by spaces. E.g. "items:read items:write users:read profile openid" |
| client_id | `str | None` = None |
| client_secret | `str | None` = None |
Constructor
Signature
def OAuth2PasswordRequestFormStrict(
grant_type: str = null,
username: str = null,
password: str = null,
scope: str = "",
client_id: str | None = null,
client_secret: str | None = null
) - > null
Parameters
| Name | Type | Description |
|---|---|---|
| grant_type | str = null | The OAuth2 spec says it is required and MUST be the fixed string "password". This dependency is strict about it. If you want to be permissive, use instead the OAuth2PasswordRequestForm dependency class. Read more about it in the FastAPI docs for Simple OAuth2 with Password and Bearer. |
| username | str = null | username string. The OAuth2 spec requires the exact field name username. Read more about it in the FastAPI docs for Simple OAuth2 with Password and Bearer. |
| password | str = null | password string. The OAuth2 spec requires the exact field name password. Read more about it in the FastAPI docs for Simple OAuth2 with Password and Bearer. |
| scope | str = "" | A single string with actually several scopes separated by spaces. Each scope is also a string. For example, a single string with: python "items:read items:write users:read profile openid" would represent the scopes: * items:read * items:write * users:read * profile * openid Read more about it in the FastAPI docs for Simple OAuth2 with Password and Bearer. |
| client_id | `str | None` = null |
| client_secret | `str | None` = null |
Signature
def OAuth2PasswordRequestFormStrict(
grant_type: str,
username: str,
password: str,
scope: str = "",
client_id: str | None = None,
client_secret: str | None = None
) - > null
Parameters
| Name | Type | Description |
|---|---|---|
| grant_type | str | The OAuth2 grant type, which is required and MUST be the fixed string "password". This dependency is strict about it; use OAuth2PasswordRequestForm if a permissive approach is desired. |
| username | str | The username string, as required by the OAuth2 specification for the exact field name username. |
| password | str | The password string, as required by the OAuth2 specification for the exact field name password. |
| scope | str = "" | A single string containing multiple scopes separated by spaces (e.g., "items:read items:write users:read profile openid"). Each individual scope is also a string. |
| client_id | `str | None` = None |
| client_secret | `str | None` = None |