fix(svc): create ensure_valid method for regroup entity domain errors, delete empty check for get svc method

Author: Athroniaeth

src/fastapi_api_key/domain/base.py

@@ -103,3 +103,18 @@ def ensure_valid_scopes(self, required_scopes: List[str]) -> None:
             InvalidScopes: If the key does not have the required scopes.
         """
         ...
+
+    def ensure_valid(self, scopes: List[str]) -> None:
+        """Ensure the API key is valid for authentication and scopes.
+
+        This is a convenience method that combines both `ensure_can_authenticate`
+        and `ensure_valid_scopes`.
+
+        Arguments:
+            scopes (List[str]): List of required scopes to check against the key's scopes.
+        Raises:
+            KeyInactive: If the key is disabled.
+            KeyExpired: If the key is expired.
+            InvalidScopes: If the key does not have the required scopes.
+        """
+        ...

src/fastapi_api_key/domain/entities.py

@@ -174,6 +174,10 @@ def ensure_valid_scopes(self, required_scopes: List[str]) -> None:
             if missing_scopes:
                 raise InvalidScopes(f"API key is missing required scopes: {missing_scopes_str}")
 
+    def ensure_valid(self, scopes: List[str]) -> None:
+        self.ensure_can_authenticate()
+        self.ensure_valid_scopes(scopes)
+
     def __repr__(self):
         return (
             f"ApiKey(id_={self.id_!r}, name={self.name!r}, description={self.description!r}, "

src/fastapi_api_key/services/base.py

@@ -295,18 +295,15 @@ async def load_dotenv(self, envvar_prefix: str = "API_KEY_"):
             raise ConfigurationError(f"No environment variables found with prefix '{envvar_prefix}'")
 
         for key, api_key in zip(list_keys, list_api_key):
-            global_prefix, key_id, key_secret = self._get_parts(api_key)
+            parsed = self._get_parts(api_key)
 
             await self.create(
                 name=key,
-                key_id=key_id,
-                key_secret=key_secret,
+                key_id=parsed.key_id,
+                key_secret=parsed.key_secret,
             )
 
     async def get_by_id(self, id_: str) -> ApiKey:
-        if id_.strip() == "":
-            raise KeyNotProvided("No API key provided")
-
         entity = await self._repo.get_by_id(id_)
 
         if entity is None:
@@ -315,9 +312,6 @@ async def get_by_id(self, id_: str) -> ApiKey:
         return entity
 
     async def get_by_key_id(self, key_id: str) -> ApiKey:
-        if not key_id.strip():
-            raise KeyNotProvided("No API key key_id provided (key_id cannot be empty)")
-
         entity = await self._repo.get_by_key_id(key_id)
 
         if entity is None:
@@ -426,20 +420,10 @@ def _parse_and_validate_key(self, api_key: Optional[str]) -> ParsedApiKey:
             KeyNotProvided: If the key is None or empty.
             InvalidKey: If the format or prefix is invalid.
         """
-        if api_key is None:
+        if api_key is None or api_key.strip() == "":
             raise KeyNotProvided("Api key must be provided (not given)")
 
-        global_prefix, key_id, key_secret = self._get_parts(api_key)
-
-        if global_prefix != self.global_prefix:
-            raise InvalidKey("Api key is invalid (wrong global prefix)")
-
-        return ParsedApiKey(
-            global_prefix=global_prefix,
-            key_id=key_id,
-            key_secret=key_secret,
-            raw=api_key,
-        )
+        return self._get_parts(api_key)
 
     async def _verify_entity(self, entity: ApiKey, key_secret: str, required_scopes: List[str]) -> ApiKey:
         """Verify that an entity can authenticate with the provided secret.
@@ -458,18 +442,17 @@ async def _verify_entity(self, entity: ApiKey, key_secret: str, required_scopes:
             InvalidKey: If the hash does not match.
             InvalidScopes: If scopes are insufficient.
         """
-        assert entity.key_hash is not None, "key_hash must be set for existing API keys"  # nosec B101
+        # Todo: IDK if this line ise usefully
+        # assert entity.key_hash is not None, "key_hash must be set for existing API keys"  # nosec B101
 
-        entity.ensure_can_authenticate()
+        entity.ensure_valid(scopes=required_scopes)
 
         if not self._hasher.verify(entity.key_hash, key_secret):
             raise InvalidKey("API key is invalid (hash mismatch)")
 
-        entity.ensure_valid_scopes(required_scopes)
-
         return await self.touch(entity)
 
-    def _get_parts(self, api_key: str) -> Tuple[str, str, str]:
+    def _get_parts(self, api_key: str) -> ParsedApiKey:
         """Extract the parts of the API key string.
 
         Args:
@@ -486,10 +469,20 @@ def _get_parts(self, api_key: str) -> Tuple[str, str, str]:
         if len(parts) != 3:
             raise InvalidKey("API key format is invalid (wrong number of segments).")
 
-        if not all(parts):
+        if not all(p.strip() for p in parts):
             raise InvalidKey("API key format is invalid (empty segment).")
 
-        return parts[0], parts[1], parts[2]
+        parsed_api_key = ParsedApiKey(
+            global_prefix=parts[0],
+            key_id=parts[1],
+            key_secret=parts[2],
+            raw=api_key,
+        )
+
+        if parsed_api_key.global_prefix != self.global_prefix:
+            raise InvalidKey("Api key is invalid (wrong global prefix)")
+
+        return parsed_api_key
 
     async def touch(self, entity: ApiKey) -> ApiKey:
         """Update last_used_at to now and persist the change."""

src/fastapi_api_key/services/cached.py

@@ -112,12 +112,11 @@ async def _verify_key(self, api_key: Optional[str] = None, required_scopes: Opti
 
         # Compute cache key from the full API key (secure: requires complete key)
         cache_key = _compute_cache_key(parsed.raw)
-        cached_entity = await self.cache.get(cache_key)
+        cached_entity: ApiKey = await self.cache.get(cache_key)
 
         if cached_entity:
             # Cache hit: the full API key is correct (hash matched)
-            cached_entity.ensure_can_authenticate()
-            cached_entity.ensure_valid_scopes(required_scopes)
+            cached_entity.ensure_valid(scopes=required_scopes)
             return await self.touch(cached_entity)
 
         # Cache miss: perform full verification via parent's helper

tests/unit/test_service.py

@@ -92,12 +92,6 @@ async def test_get_by_id_success(self, service: ApiKeyService):
         result = await service.get_by_id(entity.id_)
         assert result.id_ == entity.id_
 
-    @pytest.mark.asyncio
-    async def test_get_by_id_empty_raises(self, service: ApiKeyService):
-        """get_by_id() raises KeyNotProvided for empty ID."""
-        with pytest.raises(KeyNotProvided):
-            await service.get_by_id("  ")
-
     @pytest.mark.asyncio
     async def test_get_by_id_not_found_raises(self, service: ApiKeyService):
         """get_by_id() raises KeyNotFound for missing ID."""
@@ -118,12 +112,6 @@ async def test_get_by_key_id_not_found_raises(self, service: ApiKeyService):
         with pytest.raises(KeyNotFound):
             await service.get_by_key_id("missing")
 
-    @pytest.mark.asyncio
-    async def test_get_by_key_id_empty_raises(self, service: ApiKeyService):
-        """get_by_key_id() raises KeyNotProvided for empty key_id."""
-        with pytest.raises(KeyNotProvided):
-            await service.get_by_key_id("   ")
-
 
 class TestServiceUpdate:
     """Tests for update() method."""
@@ -217,7 +205,7 @@ async def test_verify_none_raises(self, service: ApiKeyService):
     @pytest.mark.asyncio
     async def test_verify_empty_raises(self, service: ApiKeyService):
         """verify_key() raises InvalidKey for empty/whitespace string."""
-        with pytest.raises(InvalidKey, match="wrong number of segments"):
+        with pytest.raises(KeyNotProvided, match=r"Api key must be provided \(not given\)"):
             await service.verify_key("   ")
 
     @pytest.mark.asyncio