NotificationsYou must be signed in to change notification settings
Fork8.7k
Star95.4k

Commit3b2e891

and

authored

✨ Adddescription parameter to all the security scheme classes, e.g.APIKeyQuery(name="key", description="A very cool API key") (#1757)

Co-authored-by: Hylke Postma <h.postma@docuwork.nl>Co-authored-by: Sebastián Ramírez <tiangolo@gmail.com>

1 parent9121fcc commit3b2e891Copy full SHA for 3b2e891

File tree

15 files changed

+1062

-16

lines changed

15 files changed

+1062

-16

lines changed

`‎fastapi/security/api_key.py‎`

Lines changed: 27 additions & 6 deletions

Original file line number	Diff line number	Diff line change
`@@ -13,9 +13,16 @@ class APIKeyBase(SecurityBase):`
`13`	`13`
`14`	`14`	`classAPIKeyQuery(APIKeyBase):`
`15`	`15`	`def__init__(`
`16`		`-self,*,name:str,scheme_name:Optional[str]=None,auto_error:bool=True`
	`16`	`+self,`
	`17`	`+*,`
	`18`	`+name:str,`
	`19`	`+scheme_name:Optional[str]=None,`
	`20`	`+description:Optional[str]=None,`
	`21`	`+auto_error:bool=True`
`17`	`22`	`):`
`18`		`-self.model:APIKey=APIKey(**{"in":APIKeyIn.query},name=name)`
	`23`	`+self.model:APIKey=APIKey(`
	`24`	`+**{"in":APIKeyIn.query},name=name,description=description`
	`25`	`+ )`
`19`	`26`	`self.scheme_name=scheme_nameorself.__class__.__name__`
`20`	`27`	`self.auto_error=auto_error`
`21`	`28`
`@@ -33,9 +40,16 @@ async def __call__(self, request: Request) -> Optional[str]:`
`33`	`40`
`34`	`41`	`classAPIKeyHeader(APIKeyBase):`
`35`	`42`	`def__init__(`
`36`		`-self,*,name:str,scheme_name:Optional[str]=None,auto_error:bool=True`
	`43`	`+self,`
	`44`	`+*,`
	`45`	`+name:str,`
	`46`	`+scheme_name:Optional[str]=None,`
	`47`	`+description:Optional[str]=None,`
	`48`	`+auto_error:bool=True`
`37`	`49`	`):`
`38`		`-self.model:APIKey=APIKey(**{"in":APIKeyIn.header},name=name)`
	`50`	`+self.model:APIKey=APIKey(`
	`51`	`+**{"in":APIKeyIn.header},name=name,description=description`
	`52`	`+ )`
`39`	`53`	`self.scheme_name=scheme_nameorself.__class__.__name__`
`40`	`54`	`self.auto_error=auto_error`
`41`	`55`
`@@ -53,9 +67,16 @@ async def __call__(self, request: Request) -> Optional[str]:`
`53`	`67`
`54`	`68`	`classAPIKeyCookie(APIKeyBase):`
`55`	`69`	`def__init__(`
`56`		`-self,*,name:str,scheme_name:Optional[str]=None,auto_error:bool=True`
	`70`	`+self,`
	`71`	`+*,`
	`72`	`+name:str,`
	`73`	`+scheme_name:Optional[str]=None,`
	`74`	`+description:Optional[str]=None,`
	`75`	`+auto_error:bool=True`
`57`	`76`	`):`
`58`		`-self.model:APIKey=APIKey(**{"in":APIKeyIn.cookie},name=name)`
	`77`	`+self.model:APIKey=APIKey(`
	`78`	`+**{"in":APIKeyIn.cookie},name=name,description=description`
	`79`	`+ )`
`59`	`80`	`self.scheme_name=scheme_nameorself.__class__.__name__`
`60`	`81`	`self.auto_error=auto_error`
`61`	`82`

`‎fastapi/security/http.py‎`

Lines changed: 19 additions & 6 deletions

Original file line number	Diff line number	Diff line change
`@@ -24,9 +24,14 @@ class HTTPAuthorizationCredentials(BaseModel):`
`24`	`24`
`25`	`25`	`classHTTPBase(SecurityBase):`
`26`	`26`	`def__init__(`
`27`		`-self,*,scheme:str,scheme_name:Optional[str]=None,auto_error:bool=True`
	`27`	`+self,`
	`28`	`+*,`
	`29`	`+scheme:str,`
	`30`	`+scheme_name:Optional[str]=None,`
	`31`	`+description:Optional[str]=None,`
	`32`	`+auto_error:bool=True,`
`28`	`33`	`):`
`29`		`-self.model=HTTPBaseModel(scheme=scheme)`
	`34`	`+self.model=HTTPBaseModel(scheme=scheme,description=description)`
`30`	`35`	`self.scheme_name=scheme_nameorself.__class__.__name__`
`31`	`36`	`self.auto_error=auto_error`
`32`	`37`
`@@ -51,9 +56,10 @@ def __init__(`
`51`	`56`	`*,`
`52`	`57`	`scheme_name:Optional[str]=None,`
`53`	`58`	`realm:Optional[str]=None,`
	`59`	`+description:Optional[str]=None,`
`54`	`60`	`auto_error:bool=True,`
`55`	`61`	`):`
`56`		`-self.model=HTTPBaseModel(scheme="basic")`
	`62`	`+self.model=HTTPBaseModel(scheme="basic",description=description)`
`57`	`63`	`self.scheme_name=scheme_nameorself.__class__.__name__`
`58`	`64`	`self.realm=realm`
`59`	`65`	`self.auto_error=auto_error`
`@@ -97,9 +103,10 @@ def __init__(`
`97`	`103`	`*,`
`98`	`104`	`bearerFormat:Optional[str]=None,`
`99`	`105`	`scheme_name:Optional[str]=None,`
	`106`	`+description:Optional[str]=None,`
`100`	`107`	`auto_error:bool=True,`
`101`	`108`	`):`
`102`		`-self.model=HTTPBearerModel(bearerFormat=bearerFormat)`
	`109`	`+self.model=HTTPBearerModel(bearerFormat=bearerFormat,description=description)`
`103`	`110`	`self.scheme_name=scheme_nameorself.__class__.__name__`
`104`	`111`	`self.auto_error=auto_error`
`105`	`112`
`@@ -127,8 +134,14 @@ async def __call__(`
`127`	`134`
`128`	`135`
`129`	`136`	`classHTTPDigest(HTTPBase):`
`130`		`-def__init__(self,*,scheme_name:Optional[str]=None,auto_error:bool=True):`
`131`		`-self.model=HTTPBaseModel(scheme="digest")`
	`137`	`+def__init__(`
	`138`	`+self,`
	`139`	`+*,`
	`140`	`+scheme_name:Optional[str]=None,`
	`141`	`+description:Optional[str]=None,`
	`142`	`+auto_error:bool=True,`
	`143`	`+ ):`
	`144`	`+self.model=HTTPBaseModel(scheme="digest",description=description)`
`132`	`145`	`self.scheme_name=scheme_nameorself.__class__.__name__`
`133`	`146`	`self.auto_error=auto_error`
`134`	`147`

`‎fastapi/security/oauth2.py‎`

Lines changed: 16 additions & 3 deletions

Original file line number	Diff line number	Diff line change
`@@ -118,9 +118,10 @@ def __init__(`
`118`	`118`	`*,`
`119`	`119`	`flows:Union[OAuthFlowsModel,Dict[str,Dict[str,Any]]]=OAuthFlowsModel(),`
`120`	`120`	`scheme_name:Optional[str]=None,`
	`121`	`+description:Optional[str]=None,`
`121`	`122`	`auto_error:Optional[bool]=True`
`122`	`123`	`):`
`123`		`-self.model=OAuth2Model(flows=flows)`
	`124`	`+self.model=OAuth2Model(flows=flows,description=description)`
`124`	`125`	`self.scheme_name=scheme_nameorself.__class__.__name__`
`125`	`126`	`self.auto_error=auto_error`
`126`	`127`
`@@ -142,12 +143,18 @@ def __init__(`
`142`	`143`	`tokenUrl:str,`
`143`	`144`	`scheme_name:Optional[str]=None,`
`144`	`145`	`scopes:Optional[Dict[str,str]]=None,`
	`146`	`+description:Optional[str]=None,`
`145`	`147`	`auto_error:bool=True,`
`146`	`148`	`):`
`147`	`149`	`ifnotscopes:`
`148`	`150`	`scopes= {}`
`149`	`151`	`flows=OAuthFlowsModel(password={"tokenUrl":tokenUrl,"scopes":scopes})`
`150`		`-super().__init__(flows=flows,scheme_name=scheme_name,auto_error=auto_error)`
	`152`	`+super().__init__(`
	`153`	`+flows=flows,`
	`154`	`+scheme_name=scheme_name,`
	`155`	`+description=description,`
	`156`	`+auto_error=auto_error,`
	`157`	`+ )`
`151`	`158`
`152`	`159`	`asyncdef__call__(self,request:Request)->Optional[str]:`
`153`	`160`	`authorization:str=request.headers.get("Authorization")`
`@@ -172,6 +179,7 @@ def __init__(`
`172`	`179`	`refreshUrl:Optional[str]=None,`
`173`	`180`	`scheme_name:Optional[str]=None,`
`174`	`181`	`scopes:Optional[Dict[str,str]]=None,`
	`182`	`+description:Optional[str]=None,`
`175`	`183`	`auto_error:bool=True,`
`176`	`184`	`):`
`177`	`185`	`ifnotscopes:`
`@@ -184,7 +192,12 @@ def __init__(`
`184`	`192`	`"scopes":scopes,`
`185`	`193`	`}`
`186`	`194`	`)`
`187`		`-super().__init__(flows=flows,scheme_name=scheme_name,auto_error=auto_error)`
	`195`	`+super().__init__(`
	`196`	`+flows=flows,`
	`197`	`+scheme_name=scheme_name,`
	`198`	`+description=description,`
	`199`	`+auto_error=auto_error,`
	`200`	`+ )`
`188`	`201`
`189`	`202`	`asyncdef__call__(self,request:Request)->Optional[str]:`
`190`	`203`	`authorization:str=request.headers.get("Authorization")`

`‎fastapi/security/open_id_connect_url.py‎`

Lines changed: 4 additions & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -13,9 +13,12 @@ def __init__(`
`13`	`13`	`*,`
`14`	`14`	`openIdConnectUrl:str,`
`15`	`15`	`scheme_name:Optional[str]=None,`
	`16`	`+description:Optional[str]=None,`
`16`	`17`	`auto_error:bool=True`
`17`	`18`	`):`
`18`		`-self.model=OpenIdConnectModel(openIdConnectUrl=openIdConnectUrl)`
	`19`	`+self.model=OpenIdConnectModel(`
	`20`	`+openIdConnectUrl=openIdConnectUrl,description=description`
	`21`	`+ )`
`19`	`22`	`self.scheme_name=scheme_nameorself.__class__.__name__`
`20`	`23`	`self.auto_error=auto_error`
`21`	`24`

`‎tests/test_security_api_key_cookie_description.py‎`

Lines changed: 73 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,73 @@`
	`1`	`+fromfastapiimportDepends,FastAPI,Security`
	`2`	`+fromfastapi.securityimportAPIKeyCookie`
	`3`	`+fromfastapi.testclientimportTestClient`
	`4`	`+frompydanticimportBaseModel`
	`5`	`+`
	`6`	`+app=FastAPI()`
	`7`	`+`
	`8`	`+api_key=APIKeyCookie(name="key",description="An API Cookie Key")`
	`9`	`+`
	`10`	`+`
	`11`	`+classUser(BaseModel):`
	`12`	`+username:str`
	`13`	`+`
	`14`	`+`
	`15`	`+defget_current_user(oauth_header:str=Security(api_key)):`
	`16`	`+user=User(username=oauth_header)`
	`17`	`+returnuser`
	`18`	`+`
	`19`	`+`
	`20`	`+@app.get("/users/me")`
	`21`	`+defread_current_user(current_user:User=Depends(get_current_user)):`
	`22`	`+returncurrent_user`
	`23`	`+`
	`24`	`+`
	`25`	`+client=TestClient(app)`
	`26`	`+`
	`27`	`+openapi_schema= {`
	`28`	`+"openapi":"3.0.2",`
	`29`	`+"info": {"title":"FastAPI","version":"0.1.0"},`
	`30`	`+"paths": {`
	`31`	`+"/users/me": {`
	`32`	`+"get": {`
	`33`	`+"responses": {`
	`34`	`+"200": {`
	`35`	`+"description":"Successful Response",`
	`36`	`+"content": {"application/json": {"schema": {}}},`
	`37`	`+ }`
	`38`	`+ },`
	`39`	`+"summary":"Read Current User",`
	`40`	`+"operationId":"read_current_user_users_me_get",`
	`41`	`+"security": [{"APIKeyCookie": []}],`
	`42`	`+ }`
	`43`	`+ }`
	`44`	`+ },`
	`45`	`+"components": {`
	`46`	`+"securitySchemes": {`
	`47`	`+"APIKeyCookie": {`
	`48`	`+"type":"apiKey",`
	`49`	`+"name":"key",`
	`50`	`+"in":"cookie",`
	`51`	`+"description":"An API Cookie Key",`
	`52`	`+ }`
	`53`	`+ }`
	`54`	`+ },`
	`55`	`+}`
	`56`	`+`
	`57`	`+`
	`58`	`+deftest_openapi_schema():`
	`59`	`+response=client.get("/openapi.json")`
	`60`	`+assertresponse.status_code==200,response.text`
	`61`	`+assertresponse.json()==openapi_schema`
	`62`	`+`
	`63`	`+`
	`64`	`+deftest_security_api_key():`
	`65`	`+response=client.get("/users/me",cookies={"key":"secret"})`
	`66`	`+assertresponse.status_code==200,response.text`
	`67`	`+assertresponse.json()== {"username":"secret"}`
	`68`	`+`
	`69`	`+`
	`70`	`+deftest_security_api_key_no_key():`
	`71`	`+response=client.get("/users/me")`
	`72`	`+assertresponse.status_code==403,response.text`
	`73`	`+assertresponse.json()== {"detail":"Not authenticated"}`

`‎tests/test_security_api_key_header_description.py‎`

Lines changed: 73 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,73 @@`
	`1`	`+fromfastapiimportDepends,FastAPI,Security`
	`2`	`+fromfastapi.securityimportAPIKeyHeader`
	`3`	`+fromfastapi.testclientimportTestClient`
	`4`	`+frompydanticimportBaseModel`
	`5`	`+`
	`6`	`+app=FastAPI()`
	`7`	`+`
	`8`	`+api_key=APIKeyHeader(name="key",description="An API Key Header")`
	`9`	`+`
	`10`	`+`
	`11`	`+classUser(BaseModel):`
	`12`	`+username:str`
	`13`	`+`
	`14`	`+`
	`15`	`+defget_current_user(oauth_header:str=Security(api_key)):`
	`16`	`+user=User(username=oauth_header)`
	`17`	`+returnuser`
	`18`	`+`
	`19`	`+`
	`20`	`+@app.get("/users/me")`
	`21`	`+defread_current_user(current_user:User=Depends(get_current_user)):`
	`22`	`+returncurrent_user`
	`23`	`+`
	`24`	`+`
	`25`	`+client=TestClient(app)`
	`26`	`+`
	`27`	`+openapi_schema= {`
	`28`	`+"openapi":"3.0.2",`
	`29`	`+"info": {"title":"FastAPI","version":"0.1.0"},`
	`30`	`+"paths": {`
	`31`	`+"/users/me": {`
	`32`	`+"get": {`
	`33`	`+"responses": {`
	`34`	`+"200": {`
	`35`	`+"description":"Successful Response",`
	`36`	`+"content": {"application/json": {"schema": {}}},`
	`37`	`+ }`
	`38`	`+ },`
	`39`	`+"summary":"Read Current User",`
	`40`	`+"operationId":"read_current_user_users_me_get",`
	`41`	`+"security": [{"APIKeyHeader": []}],`
	`42`	`+ }`
	`43`	`+ }`
	`44`	`+ },`
	`45`	`+"components": {`
	`46`	`+"securitySchemes": {`
	`47`	`+"APIKeyHeader": {`
	`48`	`+"type":"apiKey",`
	`49`	`+"name":"key",`
	`50`	`+"in":"header",`
	`51`	`+"description":"An API Key Header",`
	`52`	`+ }`
	`53`	`+ }`
	`54`	`+ },`
	`55`	`+}`
	`56`	`+`
	`57`	`+`
	`58`	`+deftest_openapi_schema():`
	`59`	`+response=client.get("/openapi.json")`
	`60`	`+assertresponse.status_code==200,response.text`
	`61`	`+assertresponse.json()==openapi_schema`
	`62`	`+`
	`63`	`+`
	`64`	`+deftest_security_api_key():`
	`65`	`+response=client.get("/users/me",headers={"key":"secret"})`
	`66`	`+assertresponse.status_code==200,response.text`
	`67`	`+assertresponse.json()== {"username":"secret"}`
	`68`	`+`
	`69`	`+`
	`70`	`+deftest_security_api_key_no_key():`
	`71`	`+response=client.get("/users/me")`
	`72`	`+assertresponse.status_code==403,response.text`
	`73`	`+assertresponse.json()== {"detail":"Not authenticated"}`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commit3b2e891

File tree

15 files changed

15 files changed

`‎fastapi/security/api_key.py‎`

`‎fastapi/security/http.py‎`

`‎fastapi/security/oauth2.py‎`

`‎fastapi/security/open_id_connect_url.py‎`

`‎tests/test_security_api_key_cookie_description.py‎`

`‎tests/test_security_api_key_header_description.py‎`

0 commit comments