mirror of
https://github.com/fastapi/fastapi.git
synced 2026-01-29 08:21:16 -05:00
7dad5a820b
* ✨ Update OpenAPI models for JSON Schema 2020-12 and OpenAPI 3.1.0 * ✨ Add support for summary and webhooks * ✨ Update JSON Schema for UploadFiles * ⏪️ Revert making paths optional, to ensure always correctness * ⏪️ Keep UploadFile as format: binary for compatibility with the rest of Pydantic bytes fields in v1 * ✨ Update version of OpenAPI generated to 3.1.0 * ✨ Update the version of Swagger UI * 📝 Update docs about extending OpenAPI * 📝 Update docs and links to refer to OpenAPI 3.1.0 * ✨ Update logic for handling webhooks * ♻️ Update parameter functions and classes, deprecate example and make examples the main field * ✅ Update tests for OpenAPI 3.1.0 * 📝 Update examples for OpenAPI metadata * ✅ Add and update tests for OpenAPI metadata * 📝 Add source example for webhooks * 📝 Update docs for metadata * 📝 Update docs for Schema extra * 📝 Add docs for webhooks * 🔧 Add webhooks docs to MkDocs * ✅ Update tests for extending OpenAPI * ✅ Add tests for webhooks * ♻️ Refactor generation of OpenAPI and JSON Schema with params * 📝 Update source examples for field examples * ✅ Update tests for examples * ➕ Make sure the minimum version of typing-extensions installed has deprecated() (already a dependency of Pydantic) * ✏️ Fix typo in Webhooks example code * 🔥 Remove commented out code of removed nullable field * 🗑️ Add deprecation warnings for example argument * ✅ Update tests to check for deprecation warnings * ✅ Add test for webhooks with security schemes, for coverage * 🍱 Update image for metadata, with new summary * 🍱 Add docs image for Webhooks * 📝 Update docs for webhooks, add docs UI image
254 lines
8.2 KiB
Python
254 lines
8.2 KiB
Python
from typing import Optional
|
|
|
|
import pytest
|
|
from fastapi import Depends, FastAPI, Security
|
|
from fastapi.security import OAuth2, OAuth2PasswordRequestFormStrict
|
|
from fastapi.testclient import TestClient
|
|
from pydantic import BaseModel
|
|
|
|
app = FastAPI()
|
|
|
|
reusable_oauth2 = OAuth2(
|
|
flows={
|
|
"password": {
|
|
"tokenUrl": "token",
|
|
"scopes": {"read:users": "Read the users", "write:users": "Create users"},
|
|
}
|
|
},
|
|
auto_error=False,
|
|
)
|
|
|
|
|
|
class User(BaseModel):
|
|
username: str
|
|
|
|
|
|
def get_current_user(oauth_header: Optional[str] = Security(reusable_oauth2)):
|
|
if oauth_header is None:
|
|
return None
|
|
user = User(username=oauth_header)
|
|
return user
|
|
|
|
|
|
@app.post("/login")
|
|
def login(form_data: OAuth2PasswordRequestFormStrict = Depends()):
|
|
return form_data
|
|
|
|
|
|
@app.get("/users/me")
|
|
def read_users_me(current_user: Optional[User] = Depends(get_current_user)):
|
|
if current_user is None:
|
|
return {"msg": "Create an account first"}
|
|
return current_user
|
|
|
|
|
|
client = TestClient(app)
|
|
|
|
|
|
def test_security_oauth2():
|
|
response = client.get("/users/me", headers={"Authorization": "Bearer footokenbar"})
|
|
assert response.status_code == 200, response.text
|
|
assert response.json() == {"username": "Bearer footokenbar"}
|
|
|
|
|
|
def test_security_oauth2_password_other_header():
|
|
response = client.get("/users/me", headers={"Authorization": "Other footokenbar"})
|
|
assert response.status_code == 200, response.text
|
|
assert response.json() == {"username": "Other footokenbar"}
|
|
|
|
|
|
def test_security_oauth2_password_bearer_no_header():
|
|
response = client.get("/users/me")
|
|
assert response.status_code == 200, response.text
|
|
assert response.json() == {"msg": "Create an account first"}
|
|
|
|
|
|
required_params = {
|
|
"detail": [
|
|
{
|
|
"loc": ["body", "grant_type"],
|
|
"msg": "field required",
|
|
"type": "value_error.missing",
|
|
},
|
|
{
|
|
"loc": ["body", "username"],
|
|
"msg": "field required",
|
|
"type": "value_error.missing",
|
|
},
|
|
{
|
|
"loc": ["body", "password"],
|
|
"msg": "field required",
|
|
"type": "value_error.missing",
|
|
},
|
|
]
|
|
}
|
|
|
|
grant_type_required = {
|
|
"detail": [
|
|
{
|
|
"loc": ["body", "grant_type"],
|
|
"msg": "field required",
|
|
"type": "value_error.missing",
|
|
}
|
|
]
|
|
}
|
|
|
|
grant_type_incorrect = {
|
|
"detail": [
|
|
{
|
|
"loc": ["body", "grant_type"],
|
|
"msg": 'string does not match regex "password"',
|
|
"type": "value_error.str.regex",
|
|
"ctx": {"pattern": "password"},
|
|
}
|
|
]
|
|
}
|
|
|
|
|
|
@pytest.mark.parametrize(
|
|
"data,expected_status,expected_response",
|
|
[
|
|
(None, 422, required_params),
|
|
({"username": "johndoe", "password": "secret"}, 422, grant_type_required),
|
|
(
|
|
{"username": "johndoe", "password": "secret", "grant_type": "incorrect"},
|
|
422,
|
|
grant_type_incorrect,
|
|
),
|
|
(
|
|
{"username": "johndoe", "password": "secret", "grant_type": "password"},
|
|
200,
|
|
{
|
|
"grant_type": "password",
|
|
"username": "johndoe",
|
|
"password": "secret",
|
|
"scopes": [],
|
|
"client_id": None,
|
|
"client_secret": None,
|
|
},
|
|
),
|
|
],
|
|
)
|
|
def test_strict_login(data, expected_status, expected_response):
|
|
response = client.post("/login", data=data)
|
|
assert response.status_code == expected_status
|
|
assert response.json() == expected_response
|
|
|
|
|
|
def test_openapi_schema():
|
|
response = client.get("/openapi.json")
|
|
assert response.status_code == 200, response.text
|
|
assert response.json() == {
|
|
"openapi": "3.1.0",
|
|
"info": {"title": "FastAPI", "version": "0.1.0"},
|
|
"paths": {
|
|
"/login": {
|
|
"post": {
|
|
"responses": {
|
|
"200": {
|
|
"description": "Successful Response",
|
|
"content": {"application/json": {"schema": {}}},
|
|
},
|
|
"422": {
|
|
"description": "Validation Error",
|
|
"content": {
|
|
"application/json": {
|
|
"schema": {
|
|
"$ref": "#/components/schemas/HTTPValidationError"
|
|
}
|
|
}
|
|
},
|
|
},
|
|
},
|
|
"summary": "Login",
|
|
"operationId": "login_login_post",
|
|
"requestBody": {
|
|
"content": {
|
|
"application/x-www-form-urlencoded": {
|
|
"schema": {
|
|
"$ref": "#/components/schemas/Body_login_login_post"
|
|
}
|
|
}
|
|
},
|
|
"required": True,
|
|
},
|
|
}
|
|
},
|
|
"/users/me": {
|
|
"get": {
|
|
"responses": {
|
|
"200": {
|
|
"description": "Successful Response",
|
|
"content": {"application/json": {"schema": {}}},
|
|
}
|
|
},
|
|
"summary": "Read Users Me",
|
|
"operationId": "read_users_me_users_me_get",
|
|
"security": [{"OAuth2": []}],
|
|
}
|
|
},
|
|
},
|
|
"components": {
|
|
"schemas": {
|
|
"Body_login_login_post": {
|
|
"title": "Body_login_login_post",
|
|
"required": ["grant_type", "username", "password"],
|
|
"type": "object",
|
|
"properties": {
|
|
"grant_type": {
|
|
"title": "Grant Type",
|
|
"pattern": "password",
|
|
"type": "string",
|
|
},
|
|
"username": {"title": "Username", "type": "string"},
|
|
"password": {"title": "Password", "type": "string"},
|
|
"scope": {"title": "Scope", "type": "string", "default": ""},
|
|
"client_id": {"title": "Client Id", "type": "string"},
|
|
"client_secret": {"title": "Client Secret", "type": "string"},
|
|
},
|
|
},
|
|
"ValidationError": {
|
|
"title": "ValidationError",
|
|
"required": ["loc", "msg", "type"],
|
|
"type": "object",
|
|
"properties": {
|
|
"loc": {
|
|
"title": "Location",
|
|
"type": "array",
|
|
"items": {
|
|
"anyOf": [{"type": "string"}, {"type": "integer"}]
|
|
},
|
|
},
|
|
"msg": {"title": "Message", "type": "string"},
|
|
"type": {"title": "Error Type", "type": "string"},
|
|
},
|
|
},
|
|
"HTTPValidationError": {
|
|
"title": "HTTPValidationError",
|
|
"type": "object",
|
|
"properties": {
|
|
"detail": {
|
|
"title": "Detail",
|
|
"type": "array",
|
|
"items": {"$ref": "#/components/schemas/ValidationError"},
|
|
}
|
|
},
|
|
},
|
|
},
|
|
"securitySchemes": {
|
|
"OAuth2": {
|
|
"type": "oauth2",
|
|
"flows": {
|
|
"password": {
|
|
"scopes": {
|
|
"read:users": "Read the users",
|
|
"write:users": "Create users",
|
|
},
|
|
"tokenUrl": "token",
|
|
}
|
|
},
|
|
}
|
|
},
|
|
},
|
|
}
|