def test_blueprint_enable_openapi_with_methodview(app, client): auth = HTTPBasicAuth() @app.get('/hello') @auth_required(auth) def hello(): pass bp = APIBlueprint('foo', __name__, tag='test', enable_openapi=False) auth = HTTPTokenAuth() @bp.before_request @auth_required(auth) def before(): pass @bp.route('/foo') class Foo(MethodView): def get(self): pass def post(self): pass app.register_blueprint(bp) rv = client.get('/foo') assert rv.status_code == 401 rv = client.get('/openapi.json') assert rv.status_code == 200 validate_spec(rv.json) assert rv.json['tags'] == [] assert '/hello' in rv.json['paths'] assert '/foo' not in rv.json['paths'] assert 'BearerAuth' not in rv.json['components']['securitySchemes']
def test_auth_error_schema_bad_type(app): app.config['AUTH_ERROR_SCHEMA'] = 'schema' auth = HTTPBasicAuth() @app.post('/foo') @auth_required(auth) def foo(): pass with pytest.raises(RuntimeError): app.spec
def test_auth_error_schema(app, client): auth = HTTPBasicAuth() @app.post('/foo') @auth_required(auth) def foo(): pass rv = client.get('/openapi.json') assert rv.status_code == 200 validate_spec(rv.json) assert rv.json['paths']['/foo']['post']['responses']['401'] assert 'HTTPError' in rv.json['components']['schemas']
def test_auth_error_schema(app, client, schema): app.config['AUTH_ERROR_SCHEMA'] = schema auth = HTTPBasicAuth() @app.post('/foo') @auth_required(auth) def foo(): pass rv = client.get('/openapi.json') assert rv.status_code == 200 validate_spec(rv.json) assert rv.json['paths']['/foo']['post']['responses']['401'] assert rv.json['paths']['/foo']['post']['responses']['401'][ 'description'] == 'Authentication error' assert 'AuthorizationError' in rv.json['components']['schemas']
def test_auth_error_status_code_and_description(app, client): app.config['AUTH_ERROR_STATUS_CODE'] = 403 app.config['AUTH_ERROR_DESCRIPTION'] = 'Bad' auth = HTTPBasicAuth() @app.post('/foo') @auth_required(auth) def foo(): pass rv = client.get('/openapi.json') assert rv.status_code == 200 validate_spec(rv.json) assert rv.json['paths']['/foo']['post']['responses']['403'] is not None assert rv.json['paths']['/foo']['post']['responses']['403'][ 'description'] == 'Bad'
def test_current_user_as_property(app, client): auth = HTTPBasicAuth() @auth.verify_password def verify_password(username, password): if username == 'foo' and password == 'bar': return {'user': '******'} @app.route('/foo') @auth_required(auth) def foo(): return auth.current_user rv = client.get('/foo', headers={'Authorization': 'Basic Zm9vOmJhcg=='}) assert rv.status_code == 200 assert rv.json == {'user': '******'}
def test_auto_auth_error_response(app, client, config_value): app.config['AUTO_AUTH_ERROR_RESPONSE'] = config_value auth = HTTPBasicAuth() @app.post('/foo') @auth_required(auth) def foo(): pass rv = client.get('/openapi.json') assert rv.status_code == 200 validate_spec(rv.json) assert bool('401' in rv.json['paths']['/foo']['post']['responses']) is config_value if config_value: assert 'AuthorizationError' in rv.json['components']['schemas'] assert '#/components/schemas/AuthorizationError' in \ rv.json['paths']['/foo']['post']['responses']['401'][ 'content']['application/json']['schema']['$ref']
def test_auth_required(app, client): auth = HTTPBasicAuth() @auth.verify_password def verify_password(username, password): if username == 'foo' and password == 'bar': return {'user': '******'} elif username == 'bar' and password == 'foo': return {'user': '******'} @auth.get_user_roles def get_roles(user): if user['user'] == 'bar': return 'admin' return 'normal' @app.route('/foo') @auth_required(auth) def foo(): return auth.current_user @app.route('/bar') @auth_required(auth, role='admin') def bar(): return auth.current_user rv = client.get('/foo') assert rv.status_code == 401 rv = client.get('/foo', headers={'Authorization': 'Basic Zm9vOmJhcg=='}) assert rv.status_code == 200 assert rv.json == {'user': '******'} rv = client.get('/bar', headers={'Authorization': 'Basic Zm9vOmJhcg=='}) assert rv.status_code == 403 rv = client.get('/foo', headers={'Authorization': 'Basic YmFyOmZvbw=='}) assert rv.status_code == 200 assert rv.json == {'user': '******'} rv = client.get('/bar', headers={'Authorization': 'Basic YmFyOmZvbw=='}) assert rv.status_code == 200 assert rv.json == {'user': '******'}
def test_auth_required(app, client): auth = HTTPBasicAuth() @auth.verify_password def verify_password(username, password): if username == 'foo' and password == 'bar': return {'user': '******'} elif username == 'bar' and password == 'foo': return {'user': '******'} elif username == 'baz' and password == 'baz': return {'user': '******'} @auth.get_user_roles def get_roles(user): if user['user'] == 'bar': return 'admin' elif user['user'] == 'baz': return 'moderator' return 'normal' @app.route('/foo') @auth_required(auth) def foo(): return auth.current_user @app.route('/bar') @auth_required(auth, role='admin') def bar(): return auth.current_user @app.route('/baz') @auth_required(auth, roles=['admin', 'moderator']) def baz(): return auth.current_user rv = client.get('/foo') assert rv.status_code == 401 rv = client.get('/foo', headers={'Authorization': 'Basic Zm9vOmJhcg=='}) assert rv.status_code == 200 assert rv.json == {'user': '******'} rv = client.get('/bar', headers={'Authorization': 'Basic Zm9vOmJhcg=='}) assert rv.status_code == 403 rv = client.get('/foo', headers={'Authorization': 'Basic YmFyOmZvbw=='}) assert rv.status_code == 200 assert rv.json == {'user': '******'} rv = client.get('/bar', headers={'Authorization': 'Basic YmFyOmZvbw=='}) assert rv.status_code == 200 assert rv.json == {'user': '******'} rv = client.get('/baz', headers={'Authorization': 'Basic Zm9vOmJhcg=='}) assert rv.status_code == 403 rv = client.get('/baz', headers={'Authorization': 'Basic YmFyOmZvbw=='}) assert rv.status_code == 200 assert rv.json == {'user': '******'} rv = client.get('/baz', headers={'Authorization': 'Basic YmF6OmJheg=='}) assert rv.status_code == 200 assert rv.json == {'user': '******'} rv = client.get('/openapi.json') assert rv.status_code == 200 validate_spec(rv.json) assert 'BasicAuth' in rv.json['components']['securitySchemes'] assert rv.json['components']['securitySchemes']['BasicAuth'] == { 'scheme': 'Basic', 'type': 'http' } assert 'BasicAuth' in rv.json['paths']['/foo']['get']['security'][0] assert 'BasicAuth' in rv.json['paths']['/bar']['get']['security'][0] assert 'BasicAuth' in rv.json['paths']['/baz']['get']['security'][0]
def test_auth_required_at_app_before_request(app, client): auth = HTTPBasicAuth() @auth.verify_password def verify_password(username, password): if username == 'foo' and password == 'bar': return {'user': '******'} @app.before_request @auth_required(auth) def before(): pass @app.get('/foo') def foo(): pass @app.route('/bar') class Bar(MethodView): def get(self): pass def post(self): pass bp = APIBlueprint('test', __name__) @bp.get('/baz') def baz(): pass @bp.get('/eggs') def eggs(): pass app.register_blueprint(bp) rv = client.get('/foo') assert rv.status_code == 401 rv = client.get('/bar') assert rv.status_code == 401 rv = client.post('/bar') assert rv.status_code == 401 rv = client.get('/baz') assert rv.status_code == 401 rv = client.get('/eggs') assert rv.status_code == 401 rv = client.get('/openapi.json', headers={'Authorization': 'Basic Zm9vOmJhcg=='}) assert rv.status_code == 200 validate_spec(rv.json) assert 'BasicAuth' in rv.json['components']['securitySchemes'] assert rv.json['components']['securitySchemes']['BasicAuth'] == { 'scheme': 'Basic', 'type': 'http' } assert 'BasicAuth' in rv.json['paths']['/foo']['get']['security'][0] assert 'BasicAuth' in rv.json['paths']['/bar']['get']['security'][0] assert 'BasicAuth' in rv.json['paths']['/bar']['post']['security'][0] assert 'BasicAuth' in rv.json['paths']['/baz']['get']['security'][0] assert 'BasicAuth' in rv.json['paths']['/eggs']['get']['security'][0]