Skip to content

Commit 43ed9d3

Browse files
breuleuxbreuleux
committed
Document fixtures
1 parent 9b09ebb commit 43ed9d3

1 file changed

Lines changed: 43 additions & 0 deletions

File tree

README.md

Lines changed: 43 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -51,6 +51,8 @@ oauth = OAuthManager(
5151
# File where each user's capability is stored
5252
user_file="caps.yaml",
5353
),
54+
# If you want routes to be at /api/v1/login etc., put "/api/v1" here
55+
prefix="",
5456
)
5557

5658
app = FastAPI()
@@ -122,6 +124,7 @@ capabilities:
122124
user_management: []
123125
auto_admin: true
124126
user_file: caps.yaml
127+
prefix: ""
125128
```
126129

127130
And instantiated like this:
@@ -227,6 +230,46 @@ curl -X POST -H "Content-Type: application/json" -d '{"email": "a@b.c"}' http://
227230
To use it with easy_oauth, set `server_metadata_url` to `http://127.0.0.1:8000/.well-known/openid-configuration` (depending on the host and port).
228231

229232

233+
### Fixtures
234+
235+
easy-oauth provides the `OAuthMock` and `AppTester` classes to make testing easier. Here is a very simple example of how to use them:
236+
237+
238+
```python
239+
from easy_oauth.testing.utils import AppTester, OAuthMock
240+
241+
@pytest.fixture(scope="session")
242+
def oauth_mock():
243+
# Start one mock oauth server for the session. It's important that the
244+
# OAUTH_PORT conforms to the server_metadata_url you configure the test app
245+
# with
246+
with OAuthMock(port=OAUTH_PORT) as oauth:
247+
yield oauth
248+
249+
@pytest.fixture(scope="session")
250+
def app(oauth_mock):
251+
# This doesn't have to be session-scoped, but if your app is read-only it may
252+
# as well be.
253+
with AppTester(your_app, oauth_mock) as appt:
254+
yield appt
255+
256+
def test_view_payroll(app):
257+
# Use app.client to pretend to be various users
258+
guest = app.client()
259+
user = app.client("simple.user@website.web")
260+
accountant = app.client("mr.bean@website.web")
261+
admin = app.client("admin@website.web")
262+
263+
# Guests are not authentified (so we expect HTTP error 401)
264+
guest.get("/payroll/view", expect=401)
265+
# Normal users are unauthorized to view the payroll
266+
user.get("/payroll/view", expect=403)
267+
# Accountants and admins are authorized
268+
accountant.get("/payroll/view", expect=200)
269+
admin.get("/payroll/view", expect=200)
270+
```
271+
272+
230273
## TODO
231274

232275
There are a few things that need to be done in the future:

0 commit comments

Comments
 (0)