mirror of
https://github.com/fastapi/fastapi.git
synced 2025-12-25 07:08:11 -05:00
7dad5a820b
* ✨ Update OpenAPI models for JSON Schema 2020-12 and OpenAPI 3.1.0 * ✨ Add support for summary and webhooks * ✨ Update JSON Schema for UploadFiles * ⏪️ Revert making paths optional, to ensure always correctness * ⏪️ Keep UploadFile as format: binary for compatibility with the rest of Pydantic bytes fields in v1 * ✨ Update version of OpenAPI generated to 3.1.0 * ✨ Update the version of Swagger UI * 📝 Update docs about extending OpenAPI * 📝 Update docs and links to refer to OpenAPI 3.1.0 * ✨ Update logic for handling webhooks * ♻️ Update parameter functions and classes, deprecate example and make examples the main field * ✅ Update tests for OpenAPI 3.1.0 * 📝 Update examples for OpenAPI metadata * ✅ Add and update tests for OpenAPI metadata * 📝 Add source example for webhooks * 📝 Update docs for metadata * 📝 Update docs for Schema extra * 📝 Add docs for webhooks * 🔧 Add webhooks docs to MkDocs * ✅ Update tests for extending OpenAPI * ✅ Add tests for webhooks * ♻️ Refactor generation of OpenAPI and JSON Schema with params * 📝 Update source examples for field examples * ✅ Update tests for examples * ➕ Make sure the minimum version of typing-extensions installed has deprecated() (already a dependency of Pydantic) * ✏️ Fix typo in Webhooks example code * 🔥 Remove commented out code of removed nullable field * 🗑️ Add deprecation warnings for example argument * ✅ Update tests to check for deprecation warnings * ✅ Add test for webhooks with security schemes, for coverage * 🍱 Update image for metadata, with new summary * 🍱 Add docs image for Webhooks * 📝 Update docs for webhooks, add docs UI image
76 lines
2.6 KiB
Python
76 lines
2.6 KiB
Python
from base64 import b64encode
|
|
|
|
from fastapi import FastAPI, Security
|
|
from fastapi.security import HTTPBasic, HTTPBasicCredentials
|
|
from fastapi.testclient import TestClient
|
|
|
|
app = FastAPI()
|
|
|
|
security = HTTPBasic(realm="simple")
|
|
|
|
|
|
@app.get("/users/me")
|
|
def read_current_user(credentials: HTTPBasicCredentials = Security(security)):
|
|
return {"username": credentials.username, "password": credentials.password}
|
|
|
|
|
|
client = TestClient(app)
|
|
|
|
|
|
def test_security_http_basic():
|
|
response = client.get("/users/me", auth=("john", "secret"))
|
|
assert response.status_code == 200, response.text
|
|
assert response.json() == {"username": "john", "password": "secret"}
|
|
|
|
|
|
def test_security_http_basic_no_credentials():
|
|
response = client.get("/users/me")
|
|
assert response.json() == {"detail": "Not authenticated"}
|
|
assert response.status_code == 401, response.text
|
|
assert response.headers["WWW-Authenticate"] == 'Basic realm="simple"'
|
|
|
|
|
|
def test_security_http_basic_invalid_credentials():
|
|
response = client.get(
|
|
"/users/me", headers={"Authorization": "Basic notabase64token"}
|
|
)
|
|
assert response.status_code == 401, response.text
|
|
assert response.headers["WWW-Authenticate"] == 'Basic realm="simple"'
|
|
assert response.json() == {"detail": "Invalid authentication credentials"}
|
|
|
|
|
|
def test_security_http_basic_non_basic_credentials():
|
|
payload = b64encode(b"johnsecret").decode("ascii")
|
|
auth_header = f"Basic {payload}"
|
|
response = client.get("/users/me", headers={"Authorization": auth_header})
|
|
assert response.status_code == 401, response.text
|
|
assert response.headers["WWW-Authenticate"] == 'Basic realm="simple"'
|
|
assert response.json() == {"detail": "Invalid authentication credentials"}
|
|
|
|
|
|
def test_openapi_schema():
|
|
response = client.get("/openapi.json")
|
|
assert response.status_code == 200, response.text
|
|
assert response.json() == {
|
|
"openapi": "3.1.0",
|
|
"info": {"title": "FastAPI", "version": "0.1.0"},
|
|
"paths": {
|
|
"/users/me": {
|
|
"get": {
|
|
"responses": {
|
|
"200": {
|
|
"description": "Successful Response",
|
|
"content": {"application/json": {"schema": {}}},
|
|
}
|
|
},
|
|
"summary": "Read Current User",
|
|
"operationId": "read_current_user_users_me_get",
|
|
"security": [{"HTTPBasic": []}],
|
|
}
|
|
}
|
|
},
|
|
"components": {
|
|
"securitySchemes": {"HTTPBasic": {"type": "http", "scheme": "basic"}}
|
|
},
|
|
}
|