Skip to content

fix(auth): expose cookie OAuth model for OpenAPI#2968

Open
gaoflow wants to merge 1 commit into
Chainlit:mainfrom
gaoflow:fix-2961-cookie-oauth-openapi-model
Open

fix(auth): expose cookie OAuth model for OpenAPI#2968
gaoflow wants to merge 1 commit into
Chainlit:mainfrom
gaoflow:fix-2961-cookie-oauth-openapi-model

Conversation

@gaoflow

@gaoflow gaoflow commented Jun 19, 2026
edited by cubic-dev-ai Bot
Loading

Copy link
Copy Markdown

Summary

  • add the OAuth2 OpenAPI model expected by FastAPI's security dependency handling to OAuth2PasswordBearerWithCookie
  • cover schema generation for the cookie OAuth dependency so FastAPI OpenAPI output no longer raises an AttributeError

Closes #2961

Tests

  • uv run --all-packages --all-extras --dev pytest backend/tests/auth/test_cookie.py -q
  • uv run --all-packages --all-extras --dev pytest backend/tests/auth backend/tests/test_callbacks.py -q
  • uv run pytest --cov=chainlit from backend/
  • uv run scripts/lint.py
  • uv run scripts/format.py --check
  • uv run scripts/type_check.py
  • git diff --check

AI assistance was used under my direction.

Summary by cubic

Expose the OAuth2 OpenAPI model in OAuth2PasswordBearerWithCookie so FastAPI generates a valid security scheme and OpenAPI no longer raises an AttributeError.

  • Bug Fixes
    • Set self.model to an oauth2 password flow with tokenUrl and empty scopes, enabling FastAPI’s security dependency to emit a valid OpenAPI schema.
    • Added a test to assert the OAuth2PasswordBearerWithCookie security scheme appears in OpenAPI as expected.

Written for commit ef05e52. Summary will update on new commits.

Review in cubic

@dosubot dosubot Bot added size:XS This PR changes 0-9 lines, ignoring generated files. auth Pertaining to authentication. backend Pertains to the Python backend. unit-tests Has unit tests. labels Jun 19, 2026
cubic-dev-ai[bot]
cubic-dev-ai Bot reviewed Jun 19, 2026
View reviewed changes

@cubic-dev-ai cubic-dev-ai Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No issues found across 2 files

Re-trigger cubic

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cubic-dev-ai cubic-dev-ai[bot] cubic-dev-ai[bot] left review comments
@hayescode hayescode Awaiting requested review from hayescode hayescode is a code owner
@asvishnyakov asvishnyakov Awaiting requested review from asvishnyakov asvishnyakov is a code owner
@sandangel sandangel Awaiting requested review from sandangel sandangel is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

auth Pertaining to authentication. backend Pertains to the Python backend. size:XS This PR changes 0-9 lines, ignoring generated files. unit-tests Has unit tests.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Incompatibility with FastAPI >= 0.137.0 (Missing model attribute) Description

1 participant

@gaoflow