1 changed files with 89 additions and 0 deletions
@ -0,0 +1,89 @@ |
|||
import importlib |
|||
from base64 import b64encode |
|||
|
|||
import pytest |
|||
from fastapi.testclient import TestClient |
|||
|
|||
|
|||
@pytest.fixture( |
|||
name="client", |
|||
params=[ |
|||
pytest.param("tutorial007_py39"), |
|||
pytest.param("tutorial007_an_py39"), |
|||
], |
|||
) |
|||
def get_client(request: pytest.FixtureRequest): |
|||
mod = importlib.import_module(f"docs_src.security.{request.param}") |
|||
return TestClient(mod.app) |
|||
|
|||
|
|||
def test_security_http_basic(client: TestClient): |
|||
response = client.get("/users/me", auth=("stanleyjobson", "swordfish")) |
|||
assert response.status_code == 200, response.text |
|||
assert response.json() == {"username": "stanleyjobson"} |
|||
|
|||
|
|||
def test_security_http_basic_no_credentials(client: TestClient): |
|||
response = client.get("/users/me") |
|||
assert response.json() == {"detail": "Not authenticated"} |
|||
assert response.status_code == 401, response.text |
|||
assert response.headers["WWW-Authenticate"] == "Basic" |
|||
|
|||
|
|||
def test_security_http_basic_invalid_credentials(client: TestClient): |
|||
response = client.get( |
|||
"/users/me", headers={"Authorization": "Basic notabase64token"} |
|||
) |
|||
assert response.status_code == 401, response.text |
|||
assert response.headers["WWW-Authenticate"] == "Basic" |
|||
assert response.json() == {"detail": "Not authenticated"} |
|||
|
|||
|
|||
def test_security_http_basic_non_basic_credentials(client: TestClient): |
|||
payload = b64encode(b"johnsecret").decode("ascii") |
|||
auth_header = f"Basic {payload}" |
|||
response = client.get("/users/me", headers={"Authorization": auth_header}) |
|||
assert response.status_code == 401, response.text |
|||
assert response.headers["WWW-Authenticate"] == "Basic" |
|||
assert response.json() == {"detail": "Not authenticated"} |
|||
|
|||
|
|||
def test_security_http_basic_invalid_username(client: TestClient): |
|||
response = client.get("/users/me", auth=("alice", "swordfish")) |
|||
assert response.status_code == 401, response.text |
|||
assert response.json() == {"detail": "Incorrect username or password"} |
|||
assert response.headers["WWW-Authenticate"] == "Basic" |
|||
|
|||
|
|||
def test_security_http_basic_invalid_password(client: TestClient): |
|||
response = client.get("/users/me", auth=("stanleyjobson", "wrongpassword")) |
|||
assert response.status_code == 401, response.text |
|||
assert response.json() == {"detail": "Incorrect username or password"} |
|||
assert response.headers["WWW-Authenticate"] == "Basic" |
|||
|
|||
|
|||
def test_openapi_schema(client: TestClient): |
|||
response = client.get("/openapi.json") |
|||
assert response.status_code == 200, response.text |
|||
assert response.json() == { |
|||
"openapi": "3.1.0", |
|||
"info": {"title": "FastAPI", "version": "0.1.0"}, |
|||
"paths": { |
|||
"/users/me": { |
|||
"get": { |
|||
"responses": { |
|||
"200": { |
|||
"description": "Successful Response", |
|||
"content": {"application/json": {"schema": {}}}, |
|||
} |
|||
}, |
|||
"summary": "Read Current User", |
|||
"operationId": "read_current_user_users_me_get", |
|||
"security": [{"HTTPBasic": []}], |
|||
} |
|||
} |
|||
}, |
|||
"components": { |
|||
"securitySchemes": {"HTTPBasic": {"type": "http", "scheme": "basic"}} |
|||
}, |
|||
} |
|||
Loading…
Reference in new issue