Skip to content

Refactor AuthManager from app.state to FastAPI dependency #57665

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
pierrejeambrun merged 1 commit into from
Nov 4, 2025
Merged

Refactor AuthManager from app.state to FastAPI dependency #57665

pierrejeambrun merged 1 commit into from
Nov 4, 2025

Conversation

@jason810496
Copy link
Member

@jason810496 jason810496 commented Nov 1, 2025

related: #50372
related comment: #50372 (comment)

Why

Replace request.app.state.auth_manager with AuthManagerDep for better dependency tracking in Core API.

@boring-cyborg boring-cyborg bot added the area:API Airflow's REST/HTTP API label Nov 1, 2025
@jason810496 jason810496 marked this pull request as ready for review November 1, 2025 09:07
@jason810496
Refactor AuthManager from app.state to FastAPI dependency
16b534a 
- Create new auth_manager.py module in common with AuthManagerDep
- Update security.py to use AuthManagerDep instead of request.app.state.auth_manager
- Update auth.py routes to use AuthManagerDep
- Remove Request parameter where no longer needed
- Follow the same dependency injection pattern as DagBag

Co-authored-by: jason810496 <68415893+jason810496@users.noreply.github.com>

Add unit tests for auth_manager dependency injection

- Create test_auth_manager.py to test the new dependency
- Verify auth_manager_from_app correctly retrieves from app.state
- Test integration with existing test client fixture

Co-authored-by: jason810496 <68415893+jason810496@users.noreply.github.com>

Fix linting issues with ruff

- Move BaseAuthManager import out of TYPE_CHECKING block
- Fix import ordering in security.py
- Remove unused pytest import from test
- Remove trailing whitespace
- Format code with ruff format

Co-authored-by: jason810496 <68415893+jason810496@users.noreply.github.com>

Move auth_manager dependency to security.py module

- Move auth_manager_from_app and AuthManagerDep from common/auth_manager.py to core_api/security.py
- Update import in routes/public/auth.py to use security module
- Move tests from common/test_auth_manager.py to core_api/test_security.py
- Delete now-unused common/auth_manager.py and common/test_auth_manager.py
- Import BaseAuthManager directly in security.py (not in TYPE_CHECKING)

Co-authored-by: jason810496 <68415893+jason810496@users.noreply.github.com>
@jason810496 jason810496 force-pushed the feature/AIP-84/refactor-auth-manager-dependency branch from 9998a38 to 16b534a Compare November 1, 2025 09:07
potiuk
potiuk approved these changes Nov 3, 2025
View reviewed changes
Copy link
Member

@potiuk potiuk left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM - but I am not a FastAPI expert (yet :). ) It des make sense though following all what I've learned about dependencies in FastAPI - looks like breaking out with "old/classic ways of doing things in Flask".

@potiuk
Copy link
Member

potiuk commented Nov 3, 2025

So - second pair of eyes would be great :)

vincbeck
vincbeck approved these changes Nov 3, 2025
View reviewed changes
Copy link
Contributor

@vincbeck vincbeck left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Very nice!

pierrejeambrun
pierrejeambrun approved these changes Nov 4, 2025
View reviewed changes
Copy link
Member

@pierrejeambrun pierrejeambrun left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, thanks

@pierrejeambrun pierrejeambrun added this to the Airflow 3.1.3 milestone Nov 4, 2025
@pierrejeambrun pierrejeambrun added the backport-to-v3-1-test Mark PR with this label to backport to v3-1-test branch label Nov 4, 2025
@pierrejeambrun pierrejeambrun merged commit 1242e07 into apache:main Nov 4, 2025
116 checks passed
@github-actions
Copy link

github-actions bot commented Nov 4, 2025

Backport failed to create: v3-1-test. View the failure log Run details

Status Branch Result
v3-1-test Commit Link

You can attempt to backport this manually by running:

cherry_picker 1242e07 v3-1-test

This should apply the commit to the v3-1-test branch and leave the commit in conflict state marking
the files that need manual conflict resolution.

After you have resolved the conflicts, you can continue the backport process by running:

cherry_picker --continue

jason810496 added a commit to jason810496/airflow that referenced this pull request Nov 4, 2025
@jason810496
Refactor AuthManager from app.state to FastAPI dependency (apache#57665)
fdcbbe2 
- Create new auth_manager.py module in common with AuthManagerDep
- Update security.py to use AuthManagerDep instead of request.app.state.auth_manager
- Update auth.py routes to use AuthManagerDep
- Remove Request parameter where no longer needed
- Follow the same dependency injection pattern as DagBag

Add unit tests for auth_manager dependency injection

- Create test_auth_manager.py to test the new dependency
- Verify auth_manager_from_app correctly retrieves from app.state
- Test integration with existing test client fixture

Fix linting issues with ruff

- Move BaseAuthManager import out of TYPE_CHECKING block
- Fix import ordering in security.py
- Remove unused pytest import from test
- Remove trailing whitespace
- Format code with ruff format

Move auth_manager dependency to security.py module

- Move auth_manager_from_app and AuthManagerDep from common/auth_manager.py to core_api/security.py
- Update import in routes/public/auth.py to use security module
- Move tests from common/test_auth_manager.py to core_api/test_security.py
- Delete now-unused common/auth_manager.py and common/test_auth_manager.py
- Import BaseAuthManager directly in security.py (not in TYPE_CHECKING)

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
(cherry picked from commit 1242e07)
@vincbeck
Copy link
Contributor

vincbeck commented Nov 4, 2025

Should it be backported? It is not a bug fix but more an optimization no? I am not against putting it in 3.1.X but the more we put things in patch releases, the more likely we can also add regressions

@jason810496
Copy link
Member Author

jason810496 commented Nov 4, 2025
edited
Loading

Should it be backported? It is not a bug fix but more an optimization no? I am not against putting it in 3.1.X but the more we put things in patch releases, the more likely we can also add regressions

Yeah, it's more like a optimization. I will close the backport PR #57814, we can reopen it again if anyone suggest to backport.

@pierrejeambrun
Copy link
Member

pierrejeambrun commented Nov 4, 2025

Sounds good to me, updated the milestone to 3.2.0 initially I wanted to backport because this will cause a lot of conflict when backporting other new PRs built on top of main. (They will use the AuthManagerDep that won't exist in the v3-1-test branch).

If that happens too often we can reconsider, maybe that will just be marginal.

Copilot AI added a commit to jason810496/airflow that referenced this pull request Dec 5, 2025
@jason810496
Refactor AuthManager from app.state to FastAPI dependency (apache#57665)
1b080d3 
- Create new auth_manager.py module in common with AuthManagerDep
- Update security.py to use AuthManagerDep instead of request.app.state.auth_manager
- Update auth.py routes to use AuthManagerDep
- Remove Request parameter where no longer needed
- Follow the same dependency injection pattern as DagBag



Add unit tests for auth_manager dependency injection

- Create test_auth_manager.py to test the new dependency
- Verify auth_manager_from_app correctly retrieves from app.state
- Test integration with existing test client fixture



Fix linting issues with ruff

- Move BaseAuthManager import out of TYPE_CHECKING block
- Fix import ordering in security.py
- Remove unused pytest import from test
- Remove trailing whitespace
- Format code with ruff format



Move auth_manager dependency to security.py module

- Move auth_manager_from_app and AuthManagerDep from common/auth_manager.py to core_api/security.py
- Update import in routes/public/auth.py to use security module
- Move tests from common/test_auth_manager.py to core_api/test_security.py
- Delete now-unused common/auth_manager.py and common/test_auth_manager.py
- Import BaseAuthManager directly in security.py (not in TYPE_CHECKING)

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@potiuk potiuk potiuk approved these changes

@pierrejeambrun pierrejeambrun pierrejeambrun approved these changes

@vincbeck vincbeck vincbeck approved these changes

@ephraimbuddy ephraimbuddy Awaiting requested review from ephraimbuddy ephraimbuddy is a code owner

@rawwar rawwar Awaiting requested review from rawwar rawwar is a code owner

@bugraoz93 bugraoz93 Awaiting requested review from bugraoz93 bugraoz93 is a code owner

@shubhamraj-git shubhamraj-git Awaiting requested review from shubhamraj-git shubhamraj-git is a code owner

Assignees

No one assigned

Labels

area:API Airflow's REST/HTTP API backport-to-v3-1-test Mark PR with this label to backport to v3-1-test branch

Projects

None yet

Milestone

Airflow 3.2.0

Development

Successfully merging this pull request may close these issues.

4 participants

@jason810496 @potiuk @vincbeck @pierrejeambrun