mirror of https://github.com/tiangolo/fastapi.git
🐛 Fix cached dependencies when using a dependency in `Security()` and other places (e.g. `Depends()`) with different OAuth2 scopes (#2945)
Co-authored-by: Sebastián Ramírez <tiangolo@gmail.com>
This commit is contained in:
laggardkernel
GitHub
parent
982911f08f
commit
b993b4af28
|
|
@ -161,7 +161,6 @@ def get_sub_dependant(
|
|||
)
|
||||
if security_requirement:
|
||||
sub_dependant.security_requirements.append(security_requirement)
|
||||
sub_dependant.security_scopes = security_scopes
|
||||
return sub_dependant
|
||||
|
||||
|
||||
|
|
@ -278,7 +277,13 @@ def get_dependant(
|
|||
path_param_names = get_path_param_names(path)
|
||||
endpoint_signature = get_typed_signature(call)
|
||||
signature_params = endpoint_signature.parameters
|
||||
dependant = Dependant(call=call, name=name, path=path, use_cache=use_cache)
|
||||
dependant = Dependant(
|
||||
call=call,
|
||||
name=name,
|
||||
path=path,
|
||||
security_scopes=security_scopes,
|
||||
use_cache=use_cache,
|
||||
)
|
||||
for param_name, param in signature_params.items():
|
||||
if isinstance(param.default, params.Depends):
|
||||
sub_dependant = get_param_sub_dependant(
|
||||
|
|
@ -495,7 +500,6 @@ async def solve_dependencies(
|
|||
name=sub_dependant.name,
|
||||
security_scopes=sub_dependant.security_scopes,
|
||||
)
|
||||
use_sub_dependant.security_scopes = sub_dependant.security_scopes
|
||||
|
||||
solved_result = await solve_dependencies(
|
||||
request=request,
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
from fastapi import Depends, FastAPI
|
||||
from fastapi import Depends, FastAPI, Security
|
||||
from fastapi.testclient import TestClient
|
||||
|
||||
app = FastAPI()
|
||||
|
|
@ -35,6 +35,19 @@ async def get_sub_counter_no_cache(
|
|||
return {"counter": count, "subcounter": subcount}
|
||||
|
||||
|
||||
@app.get("/scope-counter")
|
||||
async def get_scope_counter(
|
||||
count: int = Security(dep_counter),
|
||||
scope_count_1: int = Security(dep_counter, scopes=["scope"]),
|
||||
scope_count_2: int = Security(dep_counter, scopes=["scope"]),
|
||||
):
|
||||
return {
|
||||
"counter": count,
|
||||
"scope_counter_1": scope_count_1,
|
||||
"scope_counter_2": scope_count_2,
|
||||
}
|
||||
|
||||
|
||||
client = TestClient(app)
|
||||
|
||||
|
||||
|
|
@ -66,3 +79,13 @@ def test_sub_counter_no_cache():
|
|||
response = client.get("/sub-counter-no-cache/")
|
||||
assert response.status_code == 200, response.text
|
||||
assert response.json() == {"counter": 4, "subcounter": 3}
|
||||
|
||||
|
||||
def test_security_cache():
|
||||
counter_holder["counter"] = 0
|
||||
response = client.get("/scope-counter/")
|
||||
assert response.status_code == 200, response.text
|
||||
assert response.json() == {"counter": 1, "scope_counter_1": 2, "scope_counter_2": 2}
|
||||
response = client.get("/scope-counter/")
|
||||
assert response.status_code == 200, response.text
|
||||
assert response.json() == {"counter": 3, "scope_counter_1": 4, "scope_counter_2": 4}
|
||||
|
|
|
|||
Loading…
Reference in New Issue