Coverage for tests / test_tutorial / test_security / test_tutorial007.py: 100%
44 statements
« prev ^ index » next coverage.py v7.13.3, created at 2026-04-06 01:24 +0000
1import importlib 1abcd
2from base64 import b64encode 1abcd
4import pytest 1abcd
5from fastapi.testclient import TestClient 1abcd
6from inline_snapshot import snapshot 1abcd
9@pytest.fixture( 1abcd
10 name="client",
11 params=[
12 pytest.param("tutorial007_py310"),
13 pytest.param("tutorial007_an_py310"),
14 ],
15)
16def get_client(request: pytest.FixtureRequest): 1abcd
17 mod = importlib.import_module(f"docs_src.security.{request.param}") 28 9 ! # $ % ' ( ) * + , - . / : ; = ? @ [ ] ^ _ ` { | } ~ abbbcbdbebfbgbhbibjbkblbmbnbob
18 return TestClient(mod.app) 28 9 ! # $ % ' ( ) * + , - . / : ; = ? @ [ ] ^ _ ` { | } ~ abbbcbdbebfbgbhbibjbkblbmbnbob
21def test_security_http_basic(client: TestClient): 1abcd
22 response = client.get("/users/me", auth=("stanleyjobson", "swordfish")) 1STUVWXYZ
23 assert response.status_code == 200, response.text 1STUVWXYZ
24 assert response.json() == {"username": "stanleyjobson"} 1STUVWXYZ
27def test_security_http_basic_no_credentials(client: TestClient): 1abcd
28 response = client.get("/users/me") 1mnopqrst
29 assert response.json() == {"detail": "Not authenticated"} 1mnopqrst
30 assert response.status_code == 401, response.text 1mnopqrst
31 assert response.headers["WWW-Authenticate"] == "Basic" 1mnopqrst
34def test_security_http_basic_invalid_credentials(client: TestClient): 1abcd
35 response = client.get( 1uvwxyzAB
36 "/users/me", headers={"Authorization": "Basic notabase64token"}
37 )
38 assert response.status_code == 401, response.text 1uvwxyzAB
39 assert response.headers["WWW-Authenticate"] == "Basic" 1uvwxyzAB
40 assert response.json() == {"detail": "Not authenticated"} 1uvwxyzAB
43def test_security_http_basic_non_basic_credentials(client: TestClient): 1abcd
44 payload = b64encode(b"johnsecret").decode("ascii") 1efghijkl
45 auth_header = f"Basic {payload}" 1efghijkl
46 response = client.get("/users/me", headers={"Authorization": auth_header}) 1efghijkl
47 assert response.status_code == 401, response.text 1efghijkl
48 assert response.headers["WWW-Authenticate"] == "Basic" 1efghijkl
49 assert response.json() == {"detail": "Not authenticated"} 1efghijkl
52def test_security_http_basic_invalid_username(client: TestClient): 1abcd
53 response = client.get("/users/me", auth=("alice", "swordfish")) 1CDEFGHIJ
54 assert response.status_code == 401, response.text 1CDEFGHIJ
55 assert response.json() == {"detail": "Incorrect username or password"} 1CDEFGHIJ
56 assert response.headers["WWW-Authenticate"] == "Basic" 1CDEFGHIJ
59def test_security_http_basic_invalid_password(client: TestClient): 1abcd
60 response = client.get("/users/me", auth=("stanleyjobson", "wrongpassword")) 1KLMNOPQR
61 assert response.status_code == 401, response.text 1KLMNOPQR
62 assert response.json() == {"detail": "Incorrect username or password"} 1KLMNOPQR
63 assert response.headers["WWW-Authenticate"] == "Basic" 1KLMNOPQR
66def test_openapi_schema(client: TestClient): 1abcd
67 response = client.get("/openapi.json") 101234567
68 assert response.status_code == 200, response.text 101234567
69 assert response.json() == snapshot( 101234567
70 {
71 "openapi": "3.1.0",
72 "info": {"title": "FastAPI", "version": "0.1.0"},
73 "paths": {
74 "/users/me": {
75 "get": {
76 "responses": {
77 "200": {
78 "description": "Successful Response",
79 "content": {"application/json": {"schema": {}}},
80 }
81 },
82 "summary": "Read Current User",
83 "operationId": "read_current_user_users_me_get",
84 "security": [{"HTTPBasic": []}],
85 }
86 }
87 },
88 "components": {
89 "securitySchemes": {"HTTPBasic": {"type": "http", "scheme": "basic"}}
90 },
91 }
92 )