mirror
/
tiangolo.fastapi
mirror of https://github.com/tiangolo/fastapi
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

🐛 Add missing password format to OAuth2PasswordRequestFormStrict 

The strict variant was missing `json_schema_extra={"format": "password"}`
on its `password` and `client_secret` fields, unlike the non-strict
`OAuth2PasswordRequestForm` which already had them.  This meant the
Swagger UI rendered those fields as plain text inputs instead of masked
password inputs when using the strict form.

Signed-off-by: cluster2600 <[email protected]>
Signed-off-by: Maxime Grenu <[email protected]>
pull/15079/head
Maxime Grenu 3 months ago
parent
11614be902
commit
1de6760d94
No known key found for this signature in database GPG Key ID: 532A7B7866CFDC51
4 changed files with 20 additions and 5 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 4
      fastapi/security/oauth2.py
  2. 7
      tests/test_security_oauth2.py
  3. 7
      tests/test_security_oauth2_optional.py
  4. 7
      tests/test_security_oauth2_optional_description.py

4
fastapi/security/oauth2.py
View File

@ -255,7 +255,7 @@ class OAuth2PasswordRequestFormStrict(OAuth2PasswordRequestForm):
],
password: Annotated[
str,
Form(),
Form(json_schema_extra={"format": "password"}),
Doc(
"""
`password` string. The OAuth2 spec requires the exact field name
@ -306,7 +306,7 @@ class OAuth2PasswordRequestFormStrict(OAuth2PasswordRequestForm):
] = None,
client_secret: Annotated[
str | None,
Form(),
Form(json_schema_extra={"format": "password"}),
Doc(
"""
If there's a `client_password` (and a `client_id`), they can be sent

7
tests/test_security_oauth2.py
View File

@ -213,7 +213,11 @@ def test_openapi_schema():
"type": "string",
},
"username": {"title": "Username", "type": "string"},
"password": {"title": "Password", "type": "string"},
"password": {
"title": "Password",
"type": "string",
"format": "password",
},
"scope": {
"title": "Scope",
"type": "string",
@ -226,6 +230,7 @@ def test_openapi_schema():
"client_secret": {
"title": "Client Secret",
"anyOf": [{"type": "string"}, {"type": "null"}],
"format": "password",
},
},
},

7
tests/test_security_oauth2_optional.py
View File

@ -214,7 +214,11 @@ def test_openapi_schema():
"type": "string",
},
"username": {"title": "Username", "type": "string"},
"password": {"title": "Password", "type": "string"},
"password": {
"title": "Password",
"type": "string",
"format": "password",
},
"scope": {
"title": "Scope",
"type": "string",
@ -227,6 +231,7 @@ def test_openapi_schema():
"client_secret": {
"title": "Client Secret",
"anyOf": [{"type": "string"}, {"type": "null"}],
"format": "password",
},
},
},

7
tests/test_security_oauth2_optional_description.py
View File

@ -215,7 +215,11 @@ def test_openapi_schema():
"type": "string",
},
"username": {"title": "Username", "type": "string"},
"password": {"title": "Password", "type": "string"},
"password": {
"title": "Password",
"type": "string",
"format": "password",
},
"scope": {
"title": "Scope",
"type": "string",
@ -228,6 +232,7 @@ def test_openapi_schema():
"client_secret": {
"title": "Client Secret",
"anyOf": [{"type": "string"}, {"type": "null"}],
"format": "password",
},
},
},

Write Preview
Loading…
Cancel
Save