diff --git a/fastapi/security/api_key.py b/fastapi/security/api_key.py index 70c2dca8a..c8779b736 100644 --- a/fastapi/security/api_key.py +++ b/fastapi/security/api_key.py @@ -104,7 +104,7 @@ class APIKeyQuery(APIKeyBase): name=name, description=description, ) - self.scheme_name = scheme_name or self.__class__.__name__ + self.scheme_name = scheme_name or name self.auto_error = auto_error async def __call__(self, request: Request) -> Optional[str]: @@ -192,7 +192,7 @@ class APIKeyHeader(APIKeyBase): name=name, description=description, ) - self.scheme_name = scheme_name or self.__class__.__name__ + self.scheme_name = scheme_name or name self.auto_error = auto_error async def __call__(self, request: Request) -> Optional[str]: @@ -280,7 +280,7 @@ class APIKeyCookie(APIKeyBase): name=name, description=description, ) - self.scheme_name = scheme_name or self.__class__.__name__ + self.scheme_name = scheme_name or name self.auto_error = auto_error async def __call__(self, request: Request) -> Optional[str]: diff --git a/tests/test_security_api_key_cookie.py b/tests/test_security_api_key_cookie.py index 4ddb8e2ee..d0280ec23 100644 --- a/tests/test_security_api_key_cookie.py +++ b/tests/test_security_api_key_cookie.py @@ -54,13 +54,13 @@ def test_openapi_schema(): }, "summary": "Read Current User", "operationId": "read_current_user_users_me_get", - "security": [{"APIKeyCookie": []}], + "security": [{"key": []}], } } }, "components": { "securitySchemes": { - "APIKeyCookie": {"type": "apiKey", "name": "key", "in": "cookie"} + "key": {"type": "apiKey", "name": "key", "in": "cookie"} } }, } diff --git a/tests/test_security_api_key_cookie_description.py b/tests/test_security_api_key_cookie_description.py index d99d616e0..3fc318e14 100644 --- a/tests/test_security_api_key_cookie_description.py +++ b/tests/test_security_api_key_cookie_description.py @@ -54,13 +54,13 @@ def test_openapi_schema(): }, "summary": "Read Current User", "operationId": "read_current_user_users_me_get", - "security": [{"APIKeyCookie": []}], + "security": [{"key": []}], } } }, "components": { "securitySchemes": { - "APIKeyCookie": { + "key": { "type": "apiKey", "name": "key", "in": "cookie", diff --git a/tests/test_security_api_key_cookie_optional.py b/tests/test_security_api_key_cookie_optional.py index cb5590168..21a5a4c25 100644 --- a/tests/test_security_api_key_cookie_optional.py +++ b/tests/test_security_api_key_cookie_optional.py @@ -61,13 +61,13 @@ def test_openapi_schema(): }, "summary": "Read Current User", "operationId": "read_current_user_users_me_get", - "security": [{"APIKeyCookie": []}], + "security": [{"key": []}], } } }, "components": { "securitySchemes": { - "APIKeyCookie": {"type": "apiKey", "name": "key", "in": "cookie"} + "key": {"type": "apiKey", "name": "key", "in": "cookie"} } }, } diff --git a/tests/test_security_api_key_header.py b/tests/test_security_api_key_header.py index 1ff883703..446c25404 100644 --- a/tests/test_security_api_key_header.py +++ b/tests/test_security_api_key_header.py @@ -54,13 +54,13 @@ def test_openapi_schema(): }, "summary": "Read Current User", "operationId": "read_current_user_users_me_get", - "security": [{"APIKeyHeader": []}], + "security": [{"key": []}], } } }, "components": { "securitySchemes": { - "APIKeyHeader": {"type": "apiKey", "name": "key", "in": "header"} + "key": {"type": "apiKey", "name": "key", "in": "header"} } }, } diff --git a/tests/test_security_api_key_header_description.py b/tests/test_security_api_key_header_description.py index 27f9d0f29..831d54ec3 100644 --- a/tests/test_security_api_key_header_description.py +++ b/tests/test_security_api_key_header_description.py @@ -54,13 +54,13 @@ def test_openapi_schema(): }, "summary": "Read Current User", "operationId": "read_current_user_users_me_get", - "security": [{"APIKeyHeader": []}], + "security": [{"key": []}], } } }, "components": { "securitySchemes": { - "APIKeyHeader": { + "key": { "type": "apiKey", "name": "key", "in": "header", diff --git a/tests/test_security_api_key_header_optional.py b/tests/test_security_api_key_header_optional.py index 6f9682a64..363231021 100644 --- a/tests/test_security_api_key_header_optional.py +++ b/tests/test_security_api_key_header_optional.py @@ -60,13 +60,13 @@ def test_openapi_schema(): }, "summary": "Read Current User", "operationId": "read_current_user_users_me_get", - "security": [{"APIKeyHeader": []}], + "security": [{"key": []}], } } }, "components": { "securitySchemes": { - "APIKeyHeader": {"type": "apiKey", "name": "key", "in": "header"} + "key": {"type": "apiKey", "name": "key", "in": "header"} } }, } diff --git a/tests/test_security_api_key_multiple_header.py b/tests/test_security_api_key_multiple_header.py new file mode 100644 index 000000000..b976da824 --- /dev/null +++ b/tests/test_security_api_key_multiple_header.py @@ -0,0 +1,107 @@ +from fastapi import Depends, FastAPI, Security +from fastapi.security import APIKeyHeader +from fastapi.testclient import TestClient +from pydantic import BaseModel + +app = FastAPI() + +api_key = APIKeyHeader(name="key") +another_key = APIKeyHeader(name="another_key") + + +class User(BaseModel): + username: str + + +def get_current_user(oauth_header: str = Security(api_key)): + user = User(username=oauth_header) + return user + + +def get_current_user_with_another_key(oauth_header: str = Security(another_key)): + user = User(username=oauth_header) + return user + + +@app.get("/users/me") +def read_current_user(current_user: User = Depends(get_current_user)): + return current_user + + +@app.get("/another_key/users/me") +def read_current_user_another_key( + current_user: User = Depends(get_current_user_with_another_key), +): + return current_user + + +client = TestClient(app) + +openapi_schema = { + "openapi": "3.1.0", + "info": {"title": "FastAPI", "version": "0.1.0"}, + "paths": { + "/users/me": { + "get": { + "responses": { + "200": { + "description": "Successful Response", + "content": {"application/json": {"schema": {}}}, + } + }, + "summary": "Read Current User", + "operationId": "read_current_user_users_me_get", + "security": [{"key": []}], + } + }, + "/another_key/users/me": { + "get": { + "responses": { + "200": { + "description": "Successful Response", + "content": {"application/json": {"schema": {}}}, + } + }, + "summary": "Read Current User Another Key", + "operationId": "read_current_user_another_key_another_key_users_me_get", + "security": [{"another_key": []}], + } + }, + }, + "components": { + "securitySchemes": { + "key": {"type": "apiKey", "name": "key", "in": "header"}, + "another_key": {"type": "apiKey", "name": "another_key", "in": "header"}, + } + }, +} + + +def test_openapi_schema(): + response = client.get("/openapi.json") + assert response.status_code == 200, response.text + assert response.json() == openapi_schema + + +def test_security_api_key(): + response = client.get("/users/me", headers={"key": "secret"}) + assert response.status_code == 200, response.text + assert response.json() == {"username": "secret"} + + +def test_security_api_key_no_key(): + response = client.get("/users/me") + assert response.status_code == 403, response.text + assert response.json() == {"detail": "Not authenticated"} + + +def test_another_security_api_key(): + response = client.get("/another_key/users/me", headers={"another_key": "secret"}) + assert response.status_code == 200, response.text + assert response.json() == {"username": "secret"} + + +def test_another_security_api_key_no_key(): + response = client.get("/another_key/users/me") + assert response.status_code == 403, response.text + assert response.json() == {"detail": "Not authenticated"} diff --git a/tests/test_security_api_key_query.py b/tests/test_security_api_key_query.py index dc7a0a621..06e79e1ef 100644 --- a/tests/test_security_api_key_query.py +++ b/tests/test_security_api_key_query.py @@ -54,13 +54,11 @@ def test_openapi_schema(): }, "summary": "Read Current User", "operationId": "read_current_user_users_me_get", - "security": [{"APIKeyQuery": []}], + "security": [{"key": []}], } } }, "components": { - "securitySchemes": { - "APIKeyQuery": {"type": "apiKey", "name": "key", "in": "query"} - } + "securitySchemes": {"key": {"type": "apiKey", "name": "key", "in": "query"}} }, } diff --git a/tests/test_security_api_key_query_description.py b/tests/test_security_api_key_query_description.py index 35dc7743a..1d430c2f3 100644 --- a/tests/test_security_api_key_query_description.py +++ b/tests/test_security_api_key_query_description.py @@ -54,13 +54,13 @@ def test_openapi_schema(): }, "summary": "Read Current User", "operationId": "read_current_user_users_me_get", - "security": [{"APIKeyQuery": []}], + "security": [{"key": []}], } } }, "components": { "securitySchemes": { - "APIKeyQuery": { + "key": { "type": "apiKey", "name": "key", "in": "query", diff --git a/tests/test_security_api_key_query_optional.py b/tests/test_security_api_key_query_optional.py index 4cc134bd4..b129a42e8 100644 --- a/tests/test_security_api_key_query_optional.py +++ b/tests/test_security_api_key_query_optional.py @@ -60,13 +60,11 @@ def test_openapi_schema(): }, "summary": "Read Current User", "operationId": "read_current_user_users_me_get", - "security": [{"APIKeyQuery": []}], + "security": [{"key": []}], } } }, "components": { - "securitySchemes": { - "APIKeyQuery": {"type": "apiKey", "name": "key", "in": "query"} - } + "securitySchemes": {"key": {"type": "apiKey", "name": "key", "in": "query"}} }, }