Coverage for tests / test_dependency_paramless.py: 100%

Shortcuts on this page

r m x toggle line displays

j k next/prev highlighted chunk

0 (zero) top of page

1 (one) first highlighted chunk

[ ] prev/next file

u up to the index

? show/hide this help

34 statements

« prev ^ index » next coverage.py v7.13.3, created at 2026-02-12 18:15 +0000

1from typing import Annotated, Union 4 ctx1abcd

3from fastapi import FastAPI, HTTPException, Security 4 ctx1abcd

4from fastapi.security import ( 4 ctx1abcd

5 OAuth2PasswordBearer,

6 SecurityScopes,

8from fastapi.testclient import TestClient 4 ctx1abcd

10app = FastAPI() 4 ctx1abcd

12oauth2_scheme = OAuth2PasswordBearer(tokenUrl="token") 4 ctx1abcd

15def process_auth( 4 ctx1abcd

16 credentials: Annotated[Union[str, None], Security(oauth2_scheme)],

17 security_scopes: SecurityScopes,

18):

19 # This is an incorrect way of using it, this is not checking if the scopes are

20 # provided by the token, only if the endpoint is requesting them, but the test

21 # here is just to check if FastAPI is indeed registering and passing the scopes

22 # correctly when using Security with parameterless dependencies.

23 if "a" not in security_scopes.scopes or "b" not in security_scopes.scopes: 9 ctx1efkghlijm

24 raise HTTPException(detail="a or b not in scopes", status_code=401) 3 ctx1klm

25 return {"token": credentials, "scopes": security_scopes.scopes} 6 ctx1efghij

28@app.get("/get-credentials") 4 ctx1abcd

29def get_credentials( 4 ctx1abcd

30 credentials: Annotated[dict, Security(process_auth, scopes=["a", "b"])],

31):

32 return credentials 3 ctx1egi

35@app.get( 4 ctx1abcd

36 "/parameterless-with-scopes",

37 dependencies=[Security(process_auth, scopes=["a", "b"])],

38)

39def get_parameterless_with_scopes(): 4 ctx1abcd

40 return {"status": "ok"} 3 ctx1fhj

43@app.get( 4 ctx1abcd

44 "/parameterless-without-scopes",

45 dependencies=[Security(process_auth)],

46)

47def get_parameterless_without_scopes(): 4 ctx1abcd

48 return {"status": "ok"} 3 ctx1nop

51client = TestClient(app) 4 ctx1abcd

54def test_get_credentials(): 4 ctx1abcd

55 response = client.get("/get-credentials", headers={"authorization": "Bearer token"}) 3 ctx1egi

56 assert response.status_code == 200, response.text 3 ctx1egi

57 assert response.json() == {"token": "token", "scopes": ["a", "b"]} 3 ctx1egi

60def test_parameterless_with_scopes(): 4 ctx1abcd

61 response = client.get( 3 ctx1fhj

62 "/parameterless-with-scopes", headers={"authorization": "Bearer token"}

63 )

64 assert response.status_code == 200, response.text 3 ctx1fhj

65 assert response.json() == {"status": "ok"} 3 ctx1fhj

68def test_parameterless_without_scopes(): 4 ctx1abcd

69 response = client.get( 3 ctx1klm

70 "/parameterless-without-scopes", headers={"authorization": "Bearer token"}

71 )

72 assert response.status_code == 401, response.text 3 ctx1klm

73 assert response.json() == {"detail": "a or b not in scopes"} 3 ctx1klm

76def test_call_get_parameterless_without_scopes_for_coverage(): 4 ctx1abcd

77 assert get_parameterless_without_scopes() == {"status": "ok"} 3 ctx1nop