happyz
/
fastapi
mirror of https://github.com/tiangolo/fastapi.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add minimal test replicating the reported issue

This commit is contained in:
Sebastián Ramírez 2025-12-04 22:59:52 +01:00
parent b60884e470
commit 86ed53f3ef
1 changed files with 12 additions and 37 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

49
tests/test_security_oauth2_authorization_code_bearer_scopes_openapi_simple.py
View File

@ -1,18 +1,14 @@
# Ref: https://github.com/fastapi/fastapi/issues/14454 # Ref: https://github.com/fastapi/fastapi/issues/14454
from fastapi import APIRouter, Depends, FastAPI, Security from fastapi import Depends, FastAPI, Security
from fastapi.security import OAuth2AuthorizationCodeBearer, SecurityScopes from fastapi.security import OAuth2AuthorizationCodeBearer
from fastapi.testclient import TestClient from fastapi.testclient import TestClient
from inline_snapshot import snapshot from inline_snapshot import snapshot
from typing_extensions import Annotated from typing_extensions import Annotated
app = FastAPI()
oauth2_scheme = OAuth2AuthorizationCodeBearer( oauth2_scheme = OAuth2AuthorizationCodeBearer(
authorizationUrl="api/oauth/authorize", authorizationUrl="api/oauth/authorize",
tokenUrl="/api/oauth/token", tokenUrl="/api/oauth/token",
refreshUrl="/api/oauth/token",
auto_error=False,
scopes={"read": "Read access", "write": "Write access"}, scopes={"read": "Read access", "write": "Write access"},
) )
@ -21,35 +17,14 @@ async def get_token(token: Annotated[str, Depends(oauth2_scheme)]) -> str:
return token return token
AccessToken = Annotated[str, Depends(get_token)] app = FastAPI(dependencies=[Depends(get_token)])
async def require_oauth_scopes( @app.get("/admin", dependencies=[Security(get_token, scopes=["read", "write"])])
security_scopes: SecurityScopes, token: AccessToken async def read_admin():
) -> None: return {"message": "Admin Access"}
pass
async def check_limit(token: AccessToken) -> None:
pass
router = APIRouter(prefix="/v1", dependencies=[Depends(check_limit)])
channels_router = APIRouter(prefix="/channels", tags=["Channels"])
@channels_router.get(
"/", dependencies=[Security(require_oauth_scopes, scopes=["read"])]
)
def read_items():
return {"msg": "You have READ access"}
router.include_router(channels_router)
app.include_router(router)
client = TestClient(app) client = TestClient(app)
@ -61,18 +36,19 @@ def test_openapi_schema():
"openapi": "3.1.0", "openapi": "3.1.0",
"info": {"title": "FastAPI", "version": "0.1.0"}, "info": {"title": "FastAPI", "version": "0.1.0"},
"paths": { "paths": {
"/v1/channels/": { "/admin": {
"get": { "get": {
"tags": ["Channels"], "summary": "Read Admin",
"summary": "Read Items", "operationId": "read_admin_admin_get",
"operationId": "read_items_v1_channels__get",
"responses": { "responses": {
"200": { "200": {
"description": "Successful Response", "description": "Successful Response",
"content": {"application/json": {"schema": {}}}, "content": {"application/json": {"schema": {}}},
} }
}, },
"security": [{"OAuth2AuthorizationCodeBearer": ["read"]}], "security": [
{"OAuth2AuthorizationCodeBearer": ["read", "write"]}
],
} }
} }
}, },
@ -82,7 +58,6 @@ def test_openapi_schema():
"type": "oauth2", "type": "oauth2",
"flows": { "flows": {
"authorizationCode": { "authorizationCode": {
"refreshUrl": "/api/oauth/token",
"scopes": { "scopes": {
"read": "Read access", "read": "Read access",
"write": "Write access", "write": "Write access",