Closed LTsCreed closed 8 months ago
Can you provide a more specific example?
When the token does not contain all required scopes, the self.not_authenticated_exception
is raised. I wish to have the ability to raise a different exception, so the user would know that they don't have the necessary permissions.
` token = await self._get_token(request)
if token is None:
# No token is present in the request and no Exception has been raised (auto_error=False)
raise self.not_authenticated_exception
# when the manager was invoked using fastapi.Security(manager, scopes=[...])
# we have to check if all required scopes are contained in the token
if security_scopes is not None and security_scopes.scopes:
if not self.has_scopes(token, security_scopes):
raise self.not_authenticated_exception
return await self.get_current_user(token)`
So you'd like to have something like not_have_scopes_exception
?
Yes, something like that
Almost done. I'll release it in several days
Implement a custom exception for cases where OAuth2 scope requirements are not satisfied. This feature enables the display of distinct error messages for authenticated users, enhancing the overall understanding of the issue.