From 397bd62483b8c87c526e2a850373ddc8ab9a0f42 Mon Sep 17 00:00:00 2001 From: westinjiang Date: Sun, 4 Jan 2026 22:41:46 -0500 Subject: [PATCH] Cover success path in default realm test --- .../test_security_http_basic_default_realm.py | 30 +++++++++++-------- 1 file changed, 17 insertions(+), 13 deletions(-) diff --git a/tests/test_security_http_basic_default_realm.py b/tests/test_security_http_basic_default_realm.py index 21092e7b2..962c3006f 100644 --- a/tests/test_security_http_basic_default_realm.py +++ b/tests/test_security_http_basic_default_realm.py @@ -1,20 +1,24 @@ from fastapi import Depends, FastAPI from fastapi.security import HTTPBasic, HTTPBasicCredentials -from starlette.testclient import TestClient +from fastapi.testclient import TestClient +app = FastAPI() +security = HTTPBasic() -def test_http_basic_includes_realm_by_default(): - app = FastAPI() - security = HTTPBasic() # no realm provided +@app.get("/users/me") +def read_current_user(credentials: HTTPBasicCredentials = Depends(security)): + return {"username": credentials.username, "password": credentials.password} - @app.get("/protected") - def protected(credentials: HTTPBasicCredentials = Depends(security)): - return {"username": credentials.username} +client = TestClient(app) - client = TestClient(app) - resp = client.get("/protected") +def test_security_http_basic_default_realm(): + # 401 branch: should include default realm + response = client.get("/users/me") + assert response.status_code == 401, response.text + assert response.headers["WWW-Authenticate"] == 'Basic realm="FastAPI"' + assert response.json() == {"detail": "Not authenticated"} - assert resp.status_code == 401 - www_auth = resp.headers.get("www-authenticate") - assert www_auth is not None - assert www_auth.startswith('Basic realm="') + # 200 branch: execute the return line to satisfy 100% coverage + ok = client.get("/users/me", auth=("john", "secret")) + assert ok.status_code == 200, ok.text + assert ok.json() == {"username": "john", "password": "secret"}