Coverage for tests / test_security_http_basic_realm_description.py: 100%

1from base64 import b64encode 4 ctx1abcd

2 

3from fastapi import FastAPI, Security 4 ctx1abcd

4from fastapi.security import HTTPBasic, HTTPBasicCredentials 4 ctx1abcd

5from fastapi.testclient import TestClient 4 ctx1abcd

6from inline_snapshot import snapshot 4 ctx1abcd

7 

8app = FastAPI() 4 ctx1abcd

9 

10security = HTTPBasic(realm="simple", description="HTTPBasic scheme") 4 ctx1abcd

11 

12 

13@app.get("/users/me") 4 ctx1abcd

14def read_current_user(credentials: HTTPBasicCredentials = Security(security)): 4 ctx1abcd

15 return {"username": credentials.username, "password": credentials.password} 4 ctx1ijkl

16 

17 

18client = TestClient(app) 4 ctx1abcd

19 

20 

21def test_security_http_basic(): 4 ctx1abcd

22 response = client.get("/users/me", auth=("john", "secret")) 4 ctx1ijkl

23 assert response.status_code == 200, response.text 4 ctx1ijkl

24 assert response.json() == {"username": "john", "password": "secret"} 4 ctx1ijkl

25 

26 

27def test_security_http_basic_no_credentials(): 4 ctx1abcd

28 response = client.get("/users/me") 4 ctx1mnop

29 assert response.json() == {"detail": "Not authenticated"} 4 ctx1mnop

30 assert response.status_code == 401, response.text 4 ctx1mnop

31 assert response.headers["WWW-Authenticate"] == 'Basic realm="simple"' 4 ctx1mnop

32 

33 

34def test_security_http_basic_invalid_credentials(): 4 ctx1abcd

35 response = client.get( 4 ctx1qrst

36 "/users/me", headers={"Authorization": "Basic notabase64token"} 

37 ) 

38 assert response.status_code == 401, response.text 4 ctx1qrst

39 assert response.headers["WWW-Authenticate"] == 'Basic realm="simple"' 4 ctx1qrst

40 assert response.json() == {"detail": "Not authenticated"} 4 ctx1qrst

41 

42 

43def test_security_http_basic_non_basic_credentials(): 4 ctx1abcd

44 payload = b64encode(b"johnsecret").decode("ascii") 4 ctx1efgh

45 auth_header = f"Basic {payload}" 4 ctx1efgh

46 response = client.get("/users/me", headers={"Authorization": auth_header}) 4 ctx1efgh

47 assert response.status_code == 401, response.text 4 ctx1efgh

48 assert response.headers["WWW-Authenticate"] == 'Basic realm="simple"' 4 ctx1efgh

49 assert response.json() == {"detail": "Not authenticated"} 4 ctx1efgh

50 

51 

52def test_openapi_schema(): 4 ctx1abcd

53 response = client.get("/openapi.json") 4 ctx1uvwx

54 assert response.status_code == 200, response.text 4 ctx1uvwx

55 assert response.json() == snapshot( 4 ctx1uvwx

56 { 

57 "openapi": "3.1.0", 

58 "info": {"title": "FastAPI", "version": "0.1.0"}, 

59 "paths": { 

60 "/users/me": { 

61 "get": { 

62 "responses": { 

63 "200": { 

64 "description": "Successful Response", 

65 "content": {"application/json": {"schema": {}}}, 

66 } 

67 }, 

68 "summary": "Read Current User", 

69 "operationId": "read_current_user_users_me_get", 

70 "security": [{"HTTPBasic": []}], 

71 } 

72 } 

73 }, 

74 "components": { 

75 "securitySchemes": { 

76 "HTTPBasic": { 

77 "type": "http", 

78 "scheme": "basic", 

79 "description": "HTTPBasic scheme", 

80 } 

81 } 

82 }, 

83 } 

84 )