Undocumented response codes

[sobolevn]

I runned schemathesis on django-ninja-jwt, it found several problems:

____________________________ test_api[POST /api/token/refresh] ____________________________
.venv/lib/python3.12/site-packages/schemathesis/_hypothesis.py:81: in test_api
    def test_function(*args: Any, **kwargs: Any) -> Any:
tests/test_schemathesis/test_schema.py:15: in test_api
    case.call_and_validate(base_url=str(live_server))
E   schemathesis.exceptions.CheckFailed: 
E   
E   1. Undocumented HTTP status code
E   
E       Received: 400
E       Documented: 200
E   
E   [400] Bad Request:
E   
E       `{"detail": "Invalid input.", "code": "invalid", "refresh": "token is required"}`
E   
E   Reproduce with: 
E   
E       curl -X POST -H 'Content-Type: application/json' -d '{"refresh": ""}' http://localhost/api/token/refresh

____________________________ test_api[POST /api/token/verify] _____________________________
.venv/lib/python3.12/site-packages/schemathesis/_hypothesis.py:81: in test_api
    def test_function(*args: Any, **kwargs: Any) -> Any:
tests/test_schemathesis/test_schema.py:15: in test_api
    case.call_and_validate(base_url=str(live_server))
E   schemathesis.exceptions.CheckFailed: 
E   
E   1. Undocumented HTTP status code
E   
E       Received: 400
E       Documented: 200
E   
E   [400] Bad Request:
E   
E       `{"detail": "Invalid input.", "code": "invalid", "token": "token is required"}`
E   
E   Reproduce with: 
E   
E       curl -X POST -H 'Content-Type: application/json' -d '{"token": ""}' http://localhost/api/token/verify

_____________________________ test_api[POST /api/token/pair] ______________________________
.venv/lib/python3.12/site-packages/schemathesis/_hypothesis.py:81: in test_api
    def test_function(*args: Any, **kwargs: Any) -> Any:
tests/test_schemathesis/test_schema.py:15: in test_api
    case.call_and_validate(base_url=str(live_server))
E   schemathesis.exceptions.CheckFailed: 
E   
E   1. Undocumented HTTP status code
E   
E       Received: 400
E       Documented: 200
E   
E   [400] Bad Request:
E   
E       `{"detail": "Invalid input.", "code": "invalid", "email": "email is required"}`
E   
E   Reproduce with: 
E   
E       curl -X POST -H 'Content-Type: application/json' -d '{"email": "", "password": ""}' http://localhost/api/token/pair

Reproducer:

from ninja_extra import NinjaExtraAPI
from ninja_jwt.controller import NinjaJWTDefaultController


api = NinjaExtraAPI()
api.register_controllers(NinjaJWTDefaultController)

and a test case:

import schemathesis
import pytest

from api import api

schema = api.get_openapi_schema()

schemathesis.experimental.OPEN_API_3_1.enable()
schema = schemathesis.from_dict(schema)


@schema.parametrize()
def test_api(case: schemathesis.Case, live_server):
    case.call_and_validate(base_url=str(live_server))

[sobolevn]

More:

tests/test_schemathesis/test_schema.py:15: in test_api
    case.call_and_validate(base_url=str(live_server))
E   schemathesis.exceptions.CheckFailed: 
E   
E   1. Response violates schema
E   
E       [{'type': 'value_error', 'loc': ['body', 'user_token'], 'msg': 'Value error, A string literal cannot contain NUL (0x00) characters.', 'ctx': {'error': 'A string literal cannot contain NUL (0x00) characters.'}}] is not of type 'string'
E   
E       Schema at /additionalProperties:
E   
E           {
E               "type": "string"
E           }
E   
E       Value:
E   
E           [
E               {
E                   "type": "value_error",
E                   "loc": [
E                       "body",
E                       "user_token"
E                   ],
E                   "msg": "Value error, A string literal cannot contain NUL (0x00) chara...
E                   "ctx": {
E                       "error": "A string literal cannot contain NUL (0x00) characters."
E                   }
E               }
E           ]
E   
E   [422] Unprocessable Entity:
E   
E       `{"detail": [{"type": "value_error", "loc": ["body", "user_token"], "msg": "Value error, A string literal cannot contain NUL (0x00) characters.", "ctx": {"error": "A string literal cannot contain NUL (0x00) characters."}}]}`
E   
E   Reproduce with: 
E   
E       curl -X POST -H 'Content-Type: application/json' -d '{"email": "\u0000", "password": "0"}' http://localhost/api/token/pair

[eadwinCode]

ummh I see, I will look into this.