From 86ed53f3ef51930256c5d9c9473ce63f069d6633 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sebasti=C3=A1n=20Ram=C3=ADrez?= Date: Thu, 4 Dec 2025 22:59:52 +0100 Subject: [PATCH] =?UTF-8?q?=E2=9C=85=20Add=20minimal=20test=20replicating?= =?UTF-8?q?=20the=20reported=20issue?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- ...ation_code_bearer_scopes_openapi_simple.py | 49 +++++-------------- 1 file changed, 12 insertions(+), 37 deletions(-) diff --git a/tests/test_security_oauth2_authorization_code_bearer_scopes_openapi_simple.py b/tests/test_security_oauth2_authorization_code_bearer_scopes_openapi_simple.py index 2812bf566..3b59c4f91 100644 --- a/tests/test_security_oauth2_authorization_code_bearer_scopes_openapi_simple.py +++ b/tests/test_security_oauth2_authorization_code_bearer_scopes_openapi_simple.py @@ -1,18 +1,14 @@ # Ref: https://github.com/fastapi/fastapi/issues/14454 -from fastapi import APIRouter, Depends, FastAPI, Security -from fastapi.security import OAuth2AuthorizationCodeBearer, SecurityScopes +from fastapi import Depends, FastAPI, Security +from fastapi.security import OAuth2AuthorizationCodeBearer from fastapi.testclient import TestClient from inline_snapshot import snapshot from typing_extensions import Annotated -app = FastAPI() - oauth2_scheme = OAuth2AuthorizationCodeBearer( authorizationUrl="api/oauth/authorize", tokenUrl="/api/oauth/token", - refreshUrl="/api/oauth/token", - auto_error=False, scopes={"read": "Read access", "write": "Write access"}, ) @@ -21,34 +17,13 @@ async def get_token(token: Annotated[str, Depends(oauth2_scheme)]) -> str: return token -AccessToken = Annotated[str, Depends(get_token)] - - -async def require_oauth_scopes( - security_scopes: SecurityScopes, token: AccessToken -) -> None: - pass - - -async def check_limit(token: AccessToken) -> None: - pass - - -router = APIRouter(prefix="/v1", dependencies=[Depends(check_limit)]) - -channels_router = APIRouter(prefix="/channels", tags=["Channels"]) - - -@channels_router.get( - "/", dependencies=[Security(require_oauth_scopes, scopes=["read"])] -) -def read_items(): - return {"msg": "You have READ access"} +app = FastAPI(dependencies=[Depends(get_token)]) -router.include_router(channels_router) +@app.get("/admin", dependencies=[Security(get_token, scopes=["read", "write"])]) +async def read_admin(): + return {"message": "Admin Access"} -app.include_router(router) client = TestClient(app) @@ -61,18 +36,19 @@ def test_openapi_schema(): "openapi": "3.1.0", "info": {"title": "FastAPI", "version": "0.1.0"}, "paths": { - "/v1/channels/": { + "/admin": { "get": { - "tags": ["Channels"], - "summary": "Read Items", - "operationId": "read_items_v1_channels__get", + "summary": "Read Admin", + "operationId": "read_admin_admin_get", "responses": { "200": { "description": "Successful Response", "content": {"application/json": {"schema": {}}}, } }, - "security": [{"OAuth2AuthorizationCodeBearer": ["read"]}], + "security": [ + {"OAuth2AuthorizationCodeBearer": ["read", "write"]} + ], } } }, @@ -82,7 +58,6 @@ def test_openapi_schema(): "type": "oauth2", "flows": { "authorizationCode": { - "refreshUrl": "/api/oauth/token", "scopes": { "read": "Read access", "write": "Write access",