From 68760ad345356dac5585501eb81e8189eca76c68 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sebasti=C3=A1n=20Ram=C3=ADrez?= <tiangolo@gmail.com>
Date: Thu, 4 Dec 2025 13:32:43 +0100
Subject: [PATCH] =?UTF-8?q?=F0=9F=A7=AA=20Add=20failing=20test?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 ...uthorization_code_bearer_scopes_openapi.py | 74 +++++++++++++++++++
 1 file changed, 74 insertions(+)
 create mode 100644 tests/test_security_oauth2_authorization_code_bearer_scopes_openapi.py

diff --git a/tests/test_security_oauth2_authorization_code_bearer_scopes_openapi.py b/tests/test_security_oauth2_authorization_code_bearer_scopes_openapi.py
new file mode 100644
index 0000000000..675a041dcf
--- /dev/null
+++ b/tests/test_security_oauth2_authorization_code_bearer_scopes_openapi.py
@@ -0,0 +1,74 @@
+from typing import Optional
+
+from fastapi import FastAPI, Security
+from fastapi.security import OAuth2AuthorizationCodeBearer
+from fastapi.testclient import TestClient
+from inline_snapshot import snapshot
+
+oauth2_scheme = OAuth2AuthorizationCodeBearer(
+    authorizationUrl="authorize",
+    tokenUrl="token",
+    auto_error=True,
+    scopes={"read": "Read access", "write": "Write access"},
+)
+
+app = FastAPI(dependencies=[Security(oauth2_scheme)])
+
+
+@app.get("/items/")
+async def read_items(token: Optional[str] = Security(oauth2_scheme, scopes=["read"])):
+    return {"token": token}
+
+
+client = TestClient(app)
+
+
+def test_token():
+    response = client.get("/items", headers={"Authorization": "Bearer testtoken"})
+    assert response.status_code == 200, response.text
+    assert response.json() == {"token": "testtoken"}
+
+
+def test_openapi_schema():
+    response = client.get("/openapi.json")
+    assert response.status_code == 200, response.text
+    assert response.json() == snapshot(
+        {
+            "openapi": "3.1.0",
+            "info": {"title": "FastAPI", "version": "0.1.0"},
+            "paths": {
+                "/items/": {
+                    "get": {
+                        "summary": "Read Items",
+                        "operationId": "read_items_items__get",
+                        "responses": {
+                            "200": {
+                                "description": "Successful Response",
+                                "content": {"application/json": {"schema": {}}},
+                            }
+                        },
+                        "security": [
+                            {"OAuth2AuthorizationCodeBearer": ["read"]},
+                        ],
+                    }
+                }
+            },
+            "components": {
+                "securitySchemes": {
+                    "OAuth2AuthorizationCodeBearer": {
+                        "type": "oauth2",
+                        "flows": {
+                            "authorizationCode": {
+                                "scopes": {
+                                    "read": "Read access",
+                                    "write": "Write access",
+                                },
+                                "authorizationUrl": "authorize",
+                                "tokenUrl": "token",
+                            }
+                        },
+                    }
+                }
+            },
+        }
+    )