refactor: format code and add test infrastructure (#19)

* refactor: format code and add test infrastructure

* chore: remove flake8-complexity (COM) rule from ruff linting config

* fix: update ruff formatting check command to use correct syntax

* fix: update ruff formatting command syntax to use check subcommand

* fix: remove unused variables in test files for routes and stateless store

* fix: remove unused variables in test files for routes and stateless store

* ci: rename test workflow to Unit Tests

* test: verify redirect URI construction in AuthClient initialization

* style: remove trailing whitespace in test_auth_client.py

Author: kishore7snehil

.github/workflows/tests.yml

@@ -0,0 +1,39 @@
+name: Unit Tests
+
+on:
+  push:
+    branches: [ main, master]
+  pull_request:
+    branches: [ main, master]
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        python-version: ['3.9', '3.10', '3.11', '3.12']
+
+    steps:
+    - uses: actions/checkout@v3
+    
+    - name: Set up Python ${{ matrix.python-version }}
+      uses: actions/setup-python@v4
+      with:
+        python-version: ${{ matrix.python-version }}
+    
+    - name: Install Poetry
+      run: |
+        curl -sSL https://install.python-poetry.org | python3 -
+        poetry --version
+    
+    - name: Install dependencies
+      run: |
+        poetry install
+
+    - name: Check formatting
+      run: |
+        poetry run ruff check .
+
+    - name: Run tests with coverage
+      run: |
+        poetry run pytest --cov=auth0_fastapi --cov-report=xml --cov-report=term-missing

.ruff.toml

@@ -0,0 +1,22 @@
+line-length = 120
+target-version = "py39"
+select = [
+    "E",   # pycodestyle errors
+    "W",   # pycodestyle warnings
+    "F",   # pyflakes
+    "I",   # isortbear
+    "C4",  # flake8-comprehensions
+    "UP",  # pyupgrade
+    "S",   # bandit (security)
+    "DTZ", # flake8-datetimez
+    "G",   # flake8-logging-format
+    "A",   # flake8-annotations
+    "C",   # flake8-coding¯
+    ]
+ignore = ["B904"]
+
+[per-file-ignores]
+"__init__.py" = ["F401", "F811"]
+"src/auth0_fastapi/config.py" = ["E501"]
+"src/auth0_fastapi/server/routes.py" = ["C901"]
+"src/auth0_fastapi/test/**/*.py" = ["F841", "S101", "COM812","S105", "S106"]

poetry.lock

@@ -13,7 +13,7 @@ packages = [
 [tool.poetry.dependencies]
 python = ">=3.9"
 auth0-server-python = ">=1.0.0b3"  
-fastapi = "^0.115.11"
+fastapi = ">=0.115.11,<0.117.0"
 itsdangerous = "^2.2.0"
 
 
@@ -24,9 +24,10 @@ pytest-asyncio = "^0.20.3"
 pytest-mock = "^3.14.0"
 uvicorn = "^0.34.0"
 twine = "^6.1.0"
+ruff = "^0.12.7"
 
 [tool.pytest.ini_options]
-addopts = "--cov=auth_server --cov-report=term-missing:skip-covered --cov-report=xml"
+addopts = "--cov=auth0_fastapi --cov-report=term-missing --cov-report=html"
 
 [build-system]
 requires = ["poetry-core>=1.4.0"]

pyproject.toml

@@ -1,56 +1,17 @@
-annotated-types==0.7.0
-anyio==4.9.0
+# Direct dependencies
 auth0-server-python==1.0.0b4
-Authlib==1.5.2
-backports.tarfile==1.2.0
-certifi==2025.1.31
-cffi==1.17.1
-charset-normalizer==3.4.1
-click==8.1.8
-coverage==7.8.0
-cryptography==44.0.1
-docutils==0.21.2
-exceptiongroup==1.3.0
-fastapi==0.115.12
-h11==0.16.0
-httpcore==1.0.9
-httpx==0.28.1
-id==1.5.0
-idna==3.10
-importlib_metadata==8.6.1
-iniconfig==2.1.0
+Authlib==1.6.1
+fastapi==0.116.1
 itsdangerous==2.2.0
-jaraco.classes==3.4.0
-jaraco.context==6.0.1
-jaraco.functools==4.1.0
-jwcrypto==1.5.6
-keyring==25.6.0
-markdown-it-py==3.0.0
-mdurl==0.1.2
-more-itertools==10.6.0
-nh3==0.2.21
-packaging==24.2
-pluggy==1.6.0
-pycparser==2.22
-pydantic==2.11.2
-pydantic_core==2.33.1
-Pygments==2.19.1
-PyJWT==2.10.1
+pydantic==2.11.7
+pydantic_core==2.33.2
+starlette==0.47.2
+typing_extensions==4.14.1
+uvicorn==0.34.3
 pytest==7.4.4
-pytest-asyncio==0.23.8
+pytest-asyncio==0.20.3
 pytest-cov==4.1.0
-pytest-mock==3.14.0
-readme_renderer==44.0
-requests==2.32.4
-requests-toolbelt==1.0.0
-rfc3986==2.0.0
-rich==14.0.0
-sniffio==1.3.1
-starlette==0.46.1
-tomli==2.2.1
+pytest-mock==3.14.1
+ruff==0.12.7
 twine==6.1.0
-typing-inspection==0.4.1
-typing_extensions==4.13.1
-urllib3==2.4.0
-uvicorn==0.34.0
-zipp==3.21.0
+coverage==7.10.2

requirements.txt

@@ -1,4 +1,3 @@
 from .auth_client import AuthClient
 
-
 __all__ = ["AuthClient"]

src/auth0_fastapi/auth/__init__.py

@@ -1,18 +1,13 @@
 
-from fastapi import Request, Response, HTTPException, status
+# Imported from auth0-server-python
+from auth0_server_python.auth_server.server_client import ServerClient
+from auth0_server_python.auth_types import LogoutOptions, StartInteractiveLoginOptions
+from fastapi import HTTPException, Request, Response, status
 
+from auth0_fastapi.config import Auth0Config
 from auth0_fastapi.stores.cookie_transaction_store import CookieTransactionStore
 from auth0_fastapi.stores.stateless_state_store import StatelessStateStore
 
-from auth0_fastapi.config import Auth0Config
-
-# Imported from auth0-server-python
-from auth0_server_python.auth_server.server_client import ServerClient
-from auth0_server_python.auth_types import (
-    StartInteractiveLoginOptions,
-    LogoutOptions
-)
-
 
 class AuthClient:
     """
@@ -22,7 +17,12 @@ class AuthClient:
     logging out, and handling backchannel logout.
     """
 
-    def __init__(self, config: Auth0Config, state_store=None, transaction_store=None):
+    def __init__(
+        self,
+        config: Auth0Config,
+        state_store=None,
+        transaction_store=None,
+    ):
         self.config = config
         # Build the redirect URI based on the provided app_base_url
         redirect_uri = f"{str(config.app_base_url).rstrip('/')}/auth/callback"
@@ -48,11 +48,16 @@ def __init__(self, config: Auth0Config, state_store=None, transaction_store=None
             authorization_params={
                 "audience": config.audience,
                 "redirect_uri": redirect_uri,
-                **(config.authorization_params or {})
+                **(config.authorization_params or {}),
             },
         )
 
-    async def start_login(self, app_state: dict = None, authorization_params: dict = None, store_options: dict = None) -> str:
+    async def start_login(
+        self,
+        app_state: dict = None,
+        authorization_params: dict = None,
+        store_options: dict = None,
+    ) -> str:
         """
         Initiates the interactive login process.
         Optionally, an app_state dictionary can be passed to persist additional state.
@@ -62,32 +67,47 @@ async def start_login(self, app_state: dict = None, authorization_params: dict =
         options = StartInteractiveLoginOptions(
             pushed_authorization_requests=pushed_authorization_requests,
             app_state=app_state,
-            authorization_params=authorization_params if not pushed_authorization_requests else None
+            authorization_params=authorization_params if not pushed_authorization_requests else None,
         )
         return await self.client.start_interactive_login(options, store_options=store_options)
 
-    async def complete_login(self, callback_url: str, store_options: dict = None) -> dict:
+    async def complete_login(
+        self,
+        callback_url: str,
+        store_options: dict = None,
+    ) -> dict:
         """
         Completes the interactive login process using the callback URL.
         Returns a dictionary with the session state data.
         """
         return await self.client.complete_interactive_login(callback_url, store_options=store_options)
 
-    async def logout(self, return_to: str = None, store_options: dict = None) -> str:
+    async def logout(
+        self,
+        return_to: str = None,
+        store_options: dict = None,
+    ) -> str:
         """
         Initiates logout by clearing the session and generating a logout URL.
         Optionally accepts a return_to URL for redirection after logout.
         """
         options = LogoutOptions(return_to=return_to)
         return await self.client.logout(options, store_options=store_options)
 
-    async def handle_backchannel_logout(self, logout_token: str) -> None:
+    async def handle_backchannel_logout(
+        self,
+        logout_token: str,
+    ) -> None:
         """
         Processes a backchannel logout using the provided logout token.
         """
         return await self.client.handle_backchannel_logout(logout_token)
 
-    async def start_link_user(self, options: dict, store_options: dict = None) -> str:
+    async def start_link_user(
+        self,
+        options: dict,
+        store_options: dict = None,
+    ) -> str:
         """
         Initiates the user linking process.
         Options should include:
@@ -99,15 +119,23 @@ async def start_link_user(self, options: dict, store_options: dict = None) -> st
         """
         return await self.client.start_link_user(options, store_options=store_options)
 
-    async def complete_link_user(self, url: str, store_options: dict = None) -> dict:
+    async def complete_link_user(
+        self,
+        url: str,
+        store_options: dict = None,
+    ) -> dict:
         """
         Completes the user linking process.
         The provided URL should be the callback URL from Auth0.
         Returns a dictionary containing the original appState.
         """
         return await self.client.complete_link_user(url, store_options=store_options)
 
-    async def start_unlink_user(self, options: dict, store_options: dict = None) -> str:
+    async def start_unlink_user(
+        self,
+        options: dict,
+        store_options: dict = None,
+    ) -> str:
         """
         Initiates the user unlinking process.
         Options should include:
@@ -118,15 +146,23 @@ async def start_unlink_user(self, options: dict, store_options: dict = None) ->
         """
         return await self.client.start_unlink_user(options, store_options=store_options)
 
-    async def complete_unlink_user(self, url: str, store_options: dict = None) -> dict:
+    async def complete_unlink_user(
+        self,
+        url: str,
+        store_options: dict = None,
+    ) -> dict:
         """
         Completes the user unlinking process.
         The provided URL should be the callback URL from Auth0.
         Returns a dictionary containing the original appState.
         """
         return await self.client.complete_unlink_user(url, store_options=store_options)
 
-    async def require_session(self, request: Request, response: Response) -> dict:
+    async def require_session(
+        self,
+        request: Request,
+        response: Response,
+    ) -> dict:
         """
         Dependency method to ensure a session exists.
         Retrieves the session from the state store using the underlying client.

src/auth0_fastapi/auth/auth_client.py

@@ -1,5 +1,7 @@
-from pydantic import BaseModel, AnyUrl, Field
-from typing import Optional, Dict, Any
+from typing import Any, Optional
+
+from pydantic import AnyUrl, BaseModel, Field
+
 
 class Auth0Config(BaseModel):
     """
@@ -11,7 +13,7 @@ class Auth0Config(BaseModel):
     app_base_url: AnyUrl = Field(..., alias="appBaseUrl", description="Base URL of your application (e.g., https://example.com)")
     secret: str = Field(..., description="Secret used for encryption and signing cookies")
     audience: Optional[str] = Field(None, description="Target audience for tokens (if applicable)")
-    authorization_params: Optional[Dict[str, Any]] = Field(None, description="Additional parameters to include in the authorization request")
+    authorization_params: Optional[dict[str, Any]] = Field(None, description="Additional parameters to include in the authorization request")
     pushed_authorization_requests: bool = Field(False, description="Whether to use pushed authorization requests")
     # Route-mounting flags with desired defaults
     mount_routes: bool = Field(True, description="Controls /auth/* routes: login, logout, callback, backchannel-logout")

src/auth0_fastapi/config.py

@@ -1,16 +1,16 @@
-from fastapi import Request, HTTPException
-from fastapi.responses import JSONResponse
-
 #Imported from auth0-server-python
 from auth0_server_python.error import (
-    Auth0Error,
-    MissingTransactionError,
-    ApiError,
     AccessTokenError,
-    MissingRequiredArgumentError,
+    AccessTokenForConnectionError,
+    ApiError,
+    Auth0Error,
     BackchannelLogoutError,
-    AccessTokenForConnectionError
+    MissingRequiredArgumentError,
+    MissingTransactionError,
 )
+from fastapi import Request
+from fastapi.responses import JSONResponse
+
 
 def auth0_exception_handler(request: Request, exc: Auth0Error):
     """
@@ -37,8 +37,8 @@ def auth0_exception_handler(request: Request, exc: Auth0Error):
         status_code=status_code,
         content={
             "error": getattr(exc, "code", "auth_error"),
-            "message": exc.message or "An authentication error occurred."
-        }
+            "message": exc.message or "An authentication error occurred.",
+        },
     )
 
 def register_exception_handlers(app):