From 8d8825e15d21d3f769fc02b60d14ea3bc5ccad14 Mon Sep 17 00:00:00 2001 From: bilalAlpaslan Date: Tue, 12 Apr 2022 22:55:06 +0300 Subject: [PATCH] APIKey scheme name default changed --- fastapi/security/api_key.py | 6 +- tests/test_security_api_key_cookie.py | 4 +- ...est_security_api_key_cookie_description.py | 4 +- .../test_security_api_key_cookie_optional.py | 4 +- tests/test_security_api_key_header.py | 4 +- ...est_security_api_key_header_description.py | 4 +- .../test_security_api_key_header_optional.py | 4 +- .../test_security_api_key_multiple_header.py | 105 ++++++++++++++++++ tests/test_security_api_key_query.py | 4 +- ...test_security_api_key_query_description.py | 4 +- tests/test_security_api_key_query_optional.py | 4 +- 11 files changed, 126 insertions(+), 21 deletions(-) create mode 100644 tests/test_security_api_key_multiple_header.py diff --git a/fastapi/security/api_key.py b/fastapi/security/api_key.py index 36ab60e30..adb619077 100644 --- a/fastapi/security/api_key.py +++ b/fastapi/security/api_key.py @@ -23,7 +23,7 @@ class APIKeyQuery(APIKeyBase): self.model: APIKey = APIKey( **{"in": APIKeyIn.query}, name=name, description=description ) - self.scheme_name = scheme_name or self.__class__.__name__ + self.scheme_name = scheme_name or name self.auto_error = auto_error async def __call__(self, request: Request) -> Optional[str]: @@ -50,7 +50,7 @@ class APIKeyHeader(APIKeyBase): self.model: APIKey = APIKey( **{"in": APIKeyIn.header}, name=name, description=description ) - self.scheme_name = scheme_name or self.__class__.__name__ + self.scheme_name = scheme_name or name self.auto_error = auto_error async def __call__(self, request: Request) -> Optional[str]: @@ -77,7 +77,7 @@ class APIKeyCookie(APIKeyBase): self.model: APIKey = APIKey( **{"in": APIKeyIn.cookie}, name=name, description=description ) - self.scheme_name = scheme_name or self.__class__.__name__ + self.scheme_name = scheme_name or name self.auto_error = auto_error async def __call__(self, request: Request) -> Optional[str]: diff --git a/tests/test_security_api_key_cookie.py b/tests/test_security_api_key_cookie.py index a5b2e44f0..b0b77ac85 100644 --- a/tests/test_security_api_key_cookie.py +++ b/tests/test_security_api_key_cookie.py @@ -38,13 +38,13 @@ openapi_schema = { }, "summary": "Read Current User", "operationId": "read_current_user_users_me_get", - "security": [{"APIKeyCookie": []}], + "security": [{"key": []}], } } }, "components": { "securitySchemes": { - "APIKeyCookie": {"type": "apiKey", "name": "key", "in": "cookie"} + "key": {"type": "apiKey", "name": "key", "in": "cookie"} } }, } diff --git a/tests/test_security_api_key_cookie_description.py b/tests/test_security_api_key_cookie_description.py index 2cd3565b4..ef6ae3e9f 100644 --- a/tests/test_security_api_key_cookie_description.py +++ b/tests/test_security_api_key_cookie_description.py @@ -38,13 +38,13 @@ openapi_schema = { }, "summary": "Read Current User", "operationId": "read_current_user_users_me_get", - "security": [{"APIKeyCookie": []}], + "security": [{"key": []}], } } }, "components": { "securitySchemes": { - "APIKeyCookie": { + "key": { "type": "apiKey", "name": "key", "in": "cookie", diff --git a/tests/test_security_api_key_cookie_optional.py b/tests/test_security_api_key_cookie_optional.py index 96a64f09a..451738147 100644 --- a/tests/test_security_api_key_cookie_optional.py +++ b/tests/test_security_api_key_cookie_optional.py @@ -45,13 +45,13 @@ openapi_schema = { }, "summary": "Read Current User", "operationId": "read_current_user_users_me_get", - "security": [{"APIKeyCookie": []}], + "security": [{"key": []}], } } }, "components": { "securitySchemes": { - "APIKeyCookie": {"type": "apiKey", "name": "key", "in": "cookie"} + "key": {"type": "apiKey", "name": "key", "in": "cookie"} } }, } diff --git a/tests/test_security_api_key_header.py b/tests/test_security_api_key_header.py index d53395f99..1816c7252 100644 --- a/tests/test_security_api_key_header.py +++ b/tests/test_security_api_key_header.py @@ -38,13 +38,13 @@ openapi_schema = { }, "summary": "Read Current User", "operationId": "read_current_user_users_me_get", - "security": [{"APIKeyHeader": []}], + "security": [{"key": []}], } } }, "components": { "securitySchemes": { - "APIKeyHeader": {"type": "apiKey", "name": "key", "in": "header"} + "key": {"type": "apiKey", "name": "key", "in": "header"} } }, } diff --git a/tests/test_security_api_key_header_description.py b/tests/test_security_api_key_header_description.py index cc9802708..0589224a8 100644 --- a/tests/test_security_api_key_header_description.py +++ b/tests/test_security_api_key_header_description.py @@ -38,13 +38,13 @@ openapi_schema = { }, "summary": "Read Current User", "operationId": "read_current_user_users_me_get", - "security": [{"APIKeyHeader": []}], + "security": [{"key": []}], } } }, "components": { "securitySchemes": { - "APIKeyHeader": { + "key": { "type": "apiKey", "name": "key", "in": "header", diff --git a/tests/test_security_api_key_header_optional.py b/tests/test_security_api_key_header_optional.py index 4ab599c2d..b7900176c 100644 --- a/tests/test_security_api_key_header_optional.py +++ b/tests/test_security_api_key_header_optional.py @@ -44,13 +44,13 @@ openapi_schema = { }, "summary": "Read Current User", "operationId": "read_current_user_users_me_get", - "security": [{"APIKeyHeader": []}], + "security": [{"key": []}], } } }, "components": { "securitySchemes": { - "APIKeyHeader": {"type": "apiKey", "name": "key", "in": "header"} + "key": {"type": "apiKey", "name": "key", "in": "header"} } }, } diff --git a/tests/test_security_api_key_multiple_header.py b/tests/test_security_api_key_multiple_header.py new file mode 100644 index 000000000..16c0d56fb --- /dev/null +++ b/tests/test_security_api_key_multiple_header.py @@ -0,0 +1,105 @@ +from fastapi import Depends, FastAPI, Security +from fastapi.security import APIKeyHeader +from fastapi.testclient import TestClient +from pydantic import BaseModel + +app = FastAPI() + +api_key = APIKeyHeader(name="key") +another_key = APIKeyHeader(name="another_key") + + +class User(BaseModel): + username: str + + +def get_current_user(oauth_header: str = Security(api_key)): + user = User(username=oauth_header) + return user + + +def get_current_user_with_another_key(oauth_header: str = Security(another_key)): + user = User(username=oauth_header) + return user + + +@app.get("/users/me") +def read_current_user(current_user: User = Depends(get_current_user)): + return current_user + + +@app.get("/another_key/users/me") +def read_current_user_another_key(current_user: User = Depends(get_current_user_with_another_key)): + return current_user + + +client = TestClient(app) + +openapi_schema = { + "openapi": "3.0.2", + "info": {"title": "FastAPI", "version": "0.1.0"}, + "paths": { + "/users/me": { + "get": { + "responses": { + "200": { + "description": "Successful Response", + "content": {"application/json": {"schema": {}}}, + } + }, + "summary": "Read Current User", + "operationId": "read_current_user_users_me_get", + "security": [{"key": []}], + } + }, + "/another_key/users/me": { + "get": { + "responses": { + "200": { + "description": "Successful Response", + "content": {"application/json": {"schema": {}}}, + } + }, + "summary": "Read Current User Another Key", + "operationId": "read_current_user_another_key_another_key_users_me_get", + "security": [{"another_key": []}], + } + } + }, + "components": { + "securitySchemes": { + "key": {"type": "apiKey", "name": "key", "in": "header"}, + "another_key": {"type": "apiKey", "name": "another_key", "in": "header"} + } + }, +} + + +def test_openapi_schema(): + response = client.get("/openapi.json") + assert response.status_code == 200, response.text + assert response.json() == openapi_schema + + +def test_security_api_key(): + response = client.get("/users/me", headers={"key": "secret"}) + assert response.status_code == 200, response.text + assert response.json() == {"username": "secret"} + + +def test_security_api_key_no_key(): + response = client.get("/users/me") + assert response.status_code == 403, response.text + assert response.json() == {"detail": "Not authenticated"} + + +def test_another_security_api_key(): + response = client.get("/another_key/users/me", headers={"another_key": "secret"}) + assert response.status_code == 200, response.text + assert response.json() == {"username": "secret"} + + +def test_another_security_api_key_no_key(): + response = client.get("/another_key/users/me") + assert response.status_code == 403, response.text + assert response.json() == {"detail": "Not authenticated"} diff --git a/tests/test_security_api_key_query.py b/tests/test_security_api_key_query.py index 4844c65e2..8bcb9334d 100644 --- a/tests/test_security_api_key_query.py +++ b/tests/test_security_api_key_query.py @@ -38,13 +38,13 @@ openapi_schema = { }, "summary": "Read Current User", "operationId": "read_current_user_users_me_get", - "security": [{"APIKeyQuery": []}], + "security": [{"key": []}], } } }, "components": { "securitySchemes": { - "APIKeyQuery": {"type": "apiKey", "name": "key", "in": "query"} + "key": {"type": "apiKey", "name": "key", "in": "query"} } }, } diff --git a/tests/test_security_api_key_query_description.py b/tests/test_security_api_key_query_description.py index 9b608233a..e7a88a86f 100644 --- a/tests/test_security_api_key_query_description.py +++ b/tests/test_security_api_key_query_description.py @@ -38,13 +38,13 @@ openapi_schema = { }, "summary": "Read Current User", "operationId": "read_current_user_users_me_get", - "security": [{"APIKeyQuery": []}], + "security": [{"key": []}], } } }, "components": { "securitySchemes": { - "APIKeyQuery": { + "key": { "type": "apiKey", "name": "key", "in": "query", diff --git a/tests/test_security_api_key_query_optional.py b/tests/test_security_api_key_query_optional.py index 9339b7b3a..b9e65d347 100644 --- a/tests/test_security_api_key_query_optional.py +++ b/tests/test_security_api_key_query_optional.py @@ -44,13 +44,13 @@ openapi_schema = { }, "summary": "Read Current User", "operationId": "read_current_user_users_me_get", - "security": [{"APIKeyQuery": []}], + "security": [{"key": []}], } } }, "components": { "securitySchemes": { - "APIKeyQuery": {"type": "apiKey", "name": "key", "in": "query"} + "key": {"type": "apiKey", "name": "key", "in": "query"} } }, }