Coverage for tests/test_security_http_basic_realm.py: 100%

Shortcuts on this page

r m x toggle line displays

j k next/prev highlighted chunk

0 (zero) top of page

1 (one) first highlighted chunk

[ ] prev/next file

u up to the index

? show/hide this help

35 statements

« prev ^ index » next coverage.py v7.6.1, created at 2024-08-08 03:53 +0000

1from base64 import b64encode 5 ctx1abcde

3from fastapi import FastAPI, Security 5 ctx1abcde

4from fastapi.security import HTTPBasic, HTTPBasicCredentials 5 ctx1abcde

5from fastapi.testclient import TestClient 5 ctx1abcde

7app = FastAPI() 5 ctx1abcde

9security = HTTPBasic(realm="simple") 5 ctx1abcde

12@app.get("/users/me") 5 ctx1abcde

13def read_current_user(credentials: HTTPBasicCredentials = Security(security)): 5 ctx1abcde

14 return {"username": credentials.username, "password": credentials.password} 5 ctx1abcde

17client = TestClient(app) 5 ctx1abcde

20def test_security_http_basic(): 5 ctx1abcde

21 response = client.get("/users/me", auth=("john", "secret")) 5 ctx1abcde

22 assert response.status_code == 200, response.text 5 ctx1abcde

23 assert response.json() == {"username": "john", "password": "secret"} 5 ctx1abcde

26def test_security_http_basic_no_credentials(): 5 ctx1abcde

27 response = client.get("/users/me") 5 ctx1abcde

28 assert response.json() == {"detail": "Not authenticated"} 5 ctx1abcde

29 assert response.status_code == 401, response.text 5 ctx1abcde

30 assert response.headers["WWW-Authenticate"] == 'Basic realm="simple"' 5 ctx1abcde

33def test_security_http_basic_invalid_credentials(): 5 ctx1abcde

34 response = client.get( 5 ctx1abcde

35 "/users/me", headers={"Authorization": "Basic notabase64token"}

36 )

37 assert response.status_code == 401, response.text 5 ctx1abcde

38 assert response.headers["WWW-Authenticate"] == 'Basic realm="simple"' 5 ctx1abcde

39 assert response.json() == {"detail": "Invalid authentication credentials"} 5 ctx1abcde

42def test_security_http_basic_non_basic_credentials(): 5 ctx1abcde

43 payload = b64encode(b"johnsecret").decode("ascii") 5 ctx1abcde

44 auth_header = f"Basic {payload}" 5 ctx1abcde

45 response = client.get("/users/me", headers={"Authorization": auth_header}) 5 ctx1abcde

46 assert response.status_code == 401, response.text 5 ctx1abcde

47 assert response.headers["WWW-Authenticate"] == 'Basic realm="simple"' 5 ctx1abcde

48 assert response.json() == {"detail": "Invalid authentication credentials"} 5 ctx1abcde

51def test_openapi_schema(): 5 ctx1abcde

52 response = client.get("/openapi.json") 5 ctx1abcde

53 assert response.status_code == 200, response.text 5 ctx1abcde

54 assert response.json() == { 5 ctx1abcde

55 "openapi": "3.1.0",

56 "info": {"title": "FastAPI", "version": "0.1.0"},

57 "paths": {

58 "/users/me": {

59 "get": {

60 "responses": {

61 "200": {

62 "description": "Successful Response",

63 "content": {"application/json": {"schema": {}}},

64 }

65 },

66 "summary": "Read Current User",

67 "operationId": "read_current_user_users_me_get",

68 "security": [{"HTTPBasic": []}],

69 }

70 }

71 },

72 "components": {

73 "securitySchemes": {"HTTPBasic": {"type": "http", "scheme": "basic"}}

74 },

75 }