We have a REST-based application (non-browser application) that uses Kerberos-based SPNEGO authentication, and which has been working with Flask. We want to convert this application to run under FastAPI, but we haven't figured out to get the Kerberos negotiation to work under FastAPI using OIDC.
In our (non-OIDC) Flask application, we run the following code on the client side to send our REST request:
auth = HTTPKerberosAuth(mutual_authentication=OPTIONAL, principal="")
rest_response = requests.get(rest_url, headers, params, auth, verify=certfile)
... where rest_url, headers, params, and certfile are all valid and meaningful.
We know how to get Kerberos negotiation working under Flask (most of that is built in to the Flask environment), and the application works fine under Flask.
However, if we run the exact, same client-side code with the URL for our FastAPI REST server, we don't know how to get FastAPI on the server side to trigger the proper kerberos negotiation by means of OIDC. We've been told that this client-side instantiation of the HTTPKerberosAuth object should work when the proper code is run on the FastAPI server side to trigger the Kerberos negotiation, but after a couple days of searching on line and trying quite a few possibilities, we still haven't found what to do on the FastAPI server side to cause the Kerberos negotiation to be triggered.
Is there perhaps some way to configure FastAPI Middleware that I can use to trigger the OIDC-based Kerberos negotiation on the FastAPI REST server side? Or if not via FastAPI Middleware, perhaps some other way to do this?
Thank you very much in advance.
