test: update to handle new interface

Author: samedii

.pre-commit-config.yaml

@@ -41,4 +41,15 @@ repos:
     rev: "1.7.0"
     hooks:
       - id: bandit
-        entry: bandit -c .bandit.yml
+        entry: bandit -c .bandit.yml
+
+  - repo: local
+    hooks:
+      - id: pytest
+        name: pytest
+        entry: .venv/bin/pytest
+        language: script
+        pass_filenames: false
+        # alternatively you could `types: [python]` so it only runs when python files change
+        # though tests might be invalidated if you were to say change a data file
+        always_run: true

fastapi_oidc/auth.py

@@ -40,10 +40,6 @@ def test_auth(authenticated_user: AuthenticatedUser = Depends(authenticate_user)
 from fastapi_oidc import discovery
 from fastapi_oidc.types import IDToken
 
-# class AuthBearer(HTTPBearer):
-#     async def __call__(self, request: Request):
-#         return await super().__call__(request)
-
 
 class OAuth2Facade(OAuth2):
     async def __call__(self, request: Request) -> Optional[str]:
@@ -232,7 +228,9 @@ def authenticate_user(
             else:
                 return None
 
-        if not set(security_scopes.scopes).issubset(id_token["scope"].split(" ")):
+        if not set(security_scopes.scopes).issubset(
+            id_token.get("scope", "").split(" ")
+        ):
             if auto_error:
                 raise HTTPException(
                     status.HTTP_401_UNAUTHORIZED,

tests/conftest.py

@@ -137,5 +137,7 @@ class functions:
         auth_server = lambda **_: oidc_discovery
         public_keys = lambda _: public_key
         signing_algos = lambda x: x["id_token_signing_alg_values_supported"]
+        authorization_url = lambda x: x["authorization_endpoint"]
+        token_url = lambda x: x["token_endpoint"]
 
     return lambda *args, **kwargs: functions

tests/test_auth.py

@@ -1,4 +1,8 @@
-from fastapi_oidc import auth
+from fastapi.security import HTTPAuthorizationCredentials
+from fastapi.security import SecurityScopes
+
+import fastapi_oidc
+from fastapi_oidc import Auth
 from fastapi_oidc.types import IDToken
 
 
@@ -9,13 +13,17 @@ def test__authenticate_user(
     config_w_aud,
     test_email,
 ):
-
-    monkeypatch.setattr(auth.discovery, "configure", mock_discovery)
+    monkeypatch.setattr(fastapi_oidc.auth.discovery, "configure", mock_discovery)
 
     token = token_with_audience
 
-    authenticate_user = auth.get_auth(**config_w_aud)
-    id_token = IDToken(**authenticate_user(auth_header=f"Bearer {token}"))
+    auth = Auth(**config_w_aud)
+    id_token = auth.required(
+        security_scopes=SecurityScopes(scopes=[]),
+        authorization_credentials=HTTPAuthorizationCredentials(
+            scheme="hello", credentials=token
+        ),
+    )
 
     assert id_token.email == test_email  # nosec
     assert id_token.aud == config_w_aud["audience"]
@@ -30,13 +38,18 @@ def test__authenticate_user_no_aud(
     test_email,
 ):
 
-    monkeypatch.setattr(auth.discovery, "configure", mock_discovery)
+    monkeypatch.setattr(fastapi_oidc.auth.discovery, "configure", mock_discovery)
 
     token = token_without_audience
 
-    authenticate_user = auth.get_auth(**no_audience_config)
+    auth = Auth(**no_audience_config)
 
-    id_token = IDToken(**authenticate_user(auth_header=f"Bearer {token}"))
+    id_token = auth.required(
+        security_scopes=SecurityScopes(scopes=[]),
+        authorization_credentials=HTTPAuthorizationCredentials(
+            scheme="hello", credentials=token
+        ),
+    )
 
     assert id_token.email == test_email  # nosec
 
@@ -47,12 +60,20 @@ def test__authenticate_user_returns_custom_tokens(
     class CustomToken(IDToken):
         custom_field: str = "OnlySlightlyBent"
 
-    monkeypatch.setattr(auth.discovery, "configure", mock_discovery)
+    monkeypatch.setattr(fastapi_oidc.auth.discovery, "configure", mock_discovery)
 
     token = token_without_audience
 
-    authenticate_user = auth.get_auth(**no_audience_config)
-
-    custom_token = CustomToken(**authenticate_user(auth_header=f"Bearer {token}"))
+    auth = Auth(
+        **no_audience_config,
+        idtoken_model=CustomToken,
+    )
+
+    custom_token = auth.required(
+        security_scopes=SecurityScopes(scopes=[]),
+        authorization_credentials=HTTPAuthorizationCredentials(
+            scheme="hello", credentials=token
+        ),
+    )
 
     assert custom_token.custom_field == "OnlySlightlyBent"

tests/test_import.py

@@ -4,4 +4,4 @@
 def test_can_import_things_from_project_root():
     assert fastapi_oidc.IDToken
     assert fastapi_oidc.OktaIDToken
-    assert fastapi_oidc.get_auth
+    assert fastapi_oidc.Auth