schemathesis 3.19.7__py3-none-any.whl → 3.20.1__py3-none-any.whl

schemathesis/schemas.py

@@ -37,8 +37,9 @@ from requests.structures import CaseInsensitiveDict
 
 from ._hypothesis import create_test
 from .auths import AuthStorage
-from .constants import DEFAULT_DATA_GENERATION_METHODS, CodeSampleStyle, DataGenerationMethod
-from .exceptions import InvalidSchema, UsageError
+from .code_samples import CodeSampleStyle
+from .constants import DEFAULT_DATA_GENERATION_METHODS, DataGenerationMethod
+from .exceptions import OperationSchemaError, UsageError
 from .hooks import HookContext, HookDispatcher, HookScope, dispatch
 from .models import APIOperation, Case
 from .stateful import APIStateMachine, Stateful, StatefulTest
@@ -100,6 +101,7 @@ class BaseSchema(Mapping):
     )
     code_sample_style: CodeSampleStyle = CodeSampleStyle.default()
     rate_limiter: Optional[Limiter] = None
+    sanitize_output: bool = True
 
     def __iter__(self) -> Iterator[str]:
         return iter(self.operations)
@@ -155,6 +157,9 @@ class BaseSchema(Mapping):
             return base_url.rstrip("/")
         return self._build_base_url()
 
+    def validate(self) -> None:
+        raise NotImplementedError
+
     @property
     def operations(self) -> Dict[str, MethodsDict]:
         if not hasattr(self, "_operations"):
@@ -166,7 +171,9 @@ class BaseSchema(Mapping):
     def operations_count(self) -> int:
         raise NotImplementedError
 
-    def get_all_operations(self) -> Generator[Result[APIOperation, InvalidSchema], None, None]:
+    def get_all_operations(
+        self, hooks: Optional[HookDispatcher] = None
+    ) -> Generator[Result[APIOperation, OperationSchemaError], None, None]:
         raise NotImplementedError
 
     def get_strategies_from_examples(self, operation: APIOperation) -> List[SearchStrategy[Case]]:
@@ -193,10 +200,11 @@ class BaseSchema(Mapping):
         settings: Optional[hypothesis.settings] = None,
         seed: Optional[int] = None,
         as_strategy_kwargs: Optional[Dict[str, Any]] = None,
+        hooks: Optional[HookDispatcher] = None,
         _given_kwargs: Optional[Dict[str, GivenInput]] = None,
-    ) -> Generator[Result[Tuple[APIOperation, Callable], InvalidSchema], None, None]:
+    ) -> Generator[Result[Tuple[APIOperation, Callable], OperationSchemaError], None, None]:
         """Generate all operations and Hypothesis tests for them."""
-        for result in self.get_all_operations():
+        for result in self.get_all_operations(hooks=hooks):
             if isinstance(result, Ok):
                 test = create_test(
                     operation=result.ok(),
@@ -276,6 +284,7 @@ class BaseSchema(Mapping):
         data_generation_methods: Union[DataGenerationMethodInput, NotSet] = NOT_SET,
         code_sample_style: Union[CodeSampleStyle, NotSet] = NOT_SET,
         rate_limiter: Optional[Limiter] = NOT_SET,
+        sanitize_output: Optional[Union[bool, NotSet]] = NOT_SET,
     ) -> "BaseSchema":
         if base_url is NOT_SET:
             base_url = self.base_url
@@ -303,6 +312,8 @@ class BaseSchema(Mapping):
             code_sample_style = self.code_sample_style
         if rate_limiter is NOT_SET:
             rate_limiter = self.rate_limiter
+        if sanitize_output is NOT_SET:
+            sanitize_output = self.sanitize_output
 
         return self.__class__(
             self.raw_schema,
@@ -321,6 +332,7 @@ class BaseSchema(Mapping):
             data_generation_methods=data_generation_methods,  # type: ignore
             code_sample_style=code_sample_style,  # type: ignore
             rate_limiter=rate_limiter,  # type: ignore
+            sanitize_output=sanitize_output,  # type: ignore
         )
 
     def get_local_hook_dispatcher(self) -> Optional[HookDispatcher]:
@@ -398,9 +410,12 @@ class BaseSchema(Mapping):
             return self.rate_limiter.ratelimit(label, delay=True, max_delay=0)
         return nullcontext()
 
+    def _get_payload_schema(self, definition: Dict[str, Any], media_type: str) -> Optional[Dict[str, Any]]:
+        raise NotImplementedError
+
 
 def operations_to_dict(
-    operations: Generator[Result[APIOperation, InvalidSchema], None, None]
+    operations: Generator[Result[APIOperation, OperationSchemaError], None, None]
 ) -> Dict[str, MethodsDict]:
     output: Dict[str, MethodsDict] = {}
     for result in operations:

schemathesis/serializers.py

@@ -2,17 +2,17 @@ import binascii
 import os
 from dataclasses import dataclass
 from io import BytesIO
-from typing import TYPE_CHECKING, Any, Callable, Collection, Dict, Generator, Optional, Type
+from typing import TYPE_CHECKING, Any, Callable, Collection, Dict, Generator, Optional, Type, cast
 
 import yaml
 from typing_extensions import Protocol, runtime_checkable
 
-from .utils import is_json_media_type, is_plain_text_media_type, parse_content_type
+from ._xml import _to_xml
+from .utils import is_json_media_type, is_plain_text_media_type, is_xml_media_type, parse_content_type
 
 if TYPE_CHECKING:
     from .models import Case
 
-
 try:
     from yaml import CSafeDumper as SafeDumper
 except ImportError:
@@ -31,6 +31,24 @@ class SerializerContext:
 
     case: "Case"
 
+    @property
+    def media_type(self) -> str:
+        # `media_type` is a string, otherwise we won't serialize anything
+        return cast(str, self.case.media_type)
+
+    # Note on type casting below.
+    # If we serialize data, then there should be non-empty definition for it in the first place
+    # Therefore `schema` is never `None` if called from here. However, `APIOperation.get_raw_payload_schema` is
+    # generic and can be called from other places where it may return `None`
+
+    def get_raw_payload_schema(self) -> Dict[str, Any]:
+        schema = self.case.operation.get_raw_payload_schema(self.media_type)
+        return cast(Dict[str, Any], schema)
+
+    def get_resolved_payload_schema(self) -> Dict[str, Any]:
+        schema = self.case.operation.get_resolved_payload_schema(self.media_type)
+        return cast(Dict[str, Any], schema)
+
 
 @runtime_checkable
 class Serializer(Protocol):
@@ -125,6 +143,15 @@ class YAMLSerializer:
         return _to_yaml(value)
 
 
+@register("application/xml")
+class XMLSerializer:
+    def as_requests(self, context: SerializerContext, value: Any) -> Dict[str, Any]:
+        return _to_xml(value, context.get_raw_payload_schema(), context.get_resolved_payload_schema())
+
+    def as_werkzeug(self, context: SerializerContext, value: Any) -> Dict[str, Any]:
+        return _to_xml(value, context.get_raw_payload_schema(), context.get_resolved_payload_schema())
+
+
 def _should_coerce_to_bytes(item: Any) -> bool:
     """Whether the item should be converted to bytes."""
     # These types are OK in forms, others should be coerced to bytes
@@ -249,4 +276,6 @@ def get(media_type: str) -> Optional[Type[Serializer]]:
         media_type = "application/json"
     if is_plain_text_media_type(media_type):
         media_type = "text/plain"
+    if is_xml_media_type(media_type):
+        media_type = "application/xml"
     return SERIALIZERS.get(media_type)

schemathesis/service/serialization.py

@@ -81,7 +81,6 @@ def serialize_after_execution(event: events.AfterExecution) -> Optional[Dict[str
                 {
                     "exception": error.exception,
                     "exception_with_traceback": error.exception_with_traceback,
-                    "example": None if error.example is None else _serialize_case(error.example),
                 }
                 for error in event.result.errors
             ],
@@ -95,8 +94,13 @@ def serialize_interrupted(_: events.Interrupted) -> Optional[Dict[str, Any]]:
 
 def serialize_internal_error(event: events.InternalError) -> Optional[Dict[str, Any]]:
     return {
+        "type": event.type.value,
+        "subtype": event.subtype.value if event.subtype else event.subtype,
+        "title": event.title,
         "message": event.message,
+        "extras": event.extras,
         "exception_type": event.exception_type,
+        "exception": event.exception,
         "exception_with_traceback": event.exception_with_traceback,
     }
 

schemathesis/specs/graphql/loaders.py

@@ -1,4 +1,5 @@
 import pathlib
+from json import JSONDecodeError
 from typing import IO, Any, Callable, Dict, Optional, Union, cast
 
 import backoff
@@ -11,12 +12,14 @@ from starlette_testclient import TestClient as ASGIClient
 from werkzeug import Client
 from yarl import URL
 
-from ...constants import DEFAULT_DATA_GENERATION_METHODS, WAIT_FOR_SCHEMA_INTERVAL, CodeSampleStyle
-from ...exceptions import HTTPError
+from ...code_samples import CodeSampleStyle
+from ...constants import DEFAULT_DATA_GENERATION_METHODS, WAIT_FOR_SCHEMA_INTERVAL
+from ...exceptions import SchemaError, SchemaErrorType
 from ...hooks import HookContext, dispatch
+from ...loaders import load_schema_from_url
 from ...throttling import build_limiter
 from ...types import DataGenerationMethodInput, PathLike
-from ...utils import WSGIResponse, prepare_data_generation_methods, require_relative_url, setup_headers
+from ...utils import GenericResponse, WSGIResponse, prepare_data_generation_methods, require_relative_url, setup_headers
 from .schemas import GraphQLSchema
 
 INTROSPECTION_QUERY = graphql.get_introspection_query()
@@ -32,6 +35,7 @@ def from_path(
     code_sample_style: str = CodeSampleStyle.default().name,
     rate_limit: Optional[str] = None,
     encoding: str = "utf8",
+    sanitize_output: bool = True,
 ) -> GraphQLSchema:
     """Load GraphQL schema via a file from an OS path.
 
@@ -47,9 +51,24 @@ def from_path(
             code_sample_style=code_sample_style,
             location=pathlib.Path(path).absolute().as_uri(),
             rate_limit=rate_limit,
+            sanitize_output=sanitize_output,
         )
 
 
+def extract_schema_from_response(response: GenericResponse) -> Dict[str, Any]:
+    try:
+        if isinstance(response, requests.Response):
+            decoded = response.json()
+        else:
+            decoded = response.json
+    except JSONDecodeError as exc:
+        raise SchemaError(
+            SchemaErrorType.UNEXPECTED_CONTENT_TYPE,
+            "Received unsupported content while expecting a JSON payload for GraphQL",
+        ) from exc
+    return decoded
+
+
 def from_url(
     url: str,
     *,
@@ -60,6 +79,7 @@ def from_url(
     code_sample_style: str = CodeSampleStyle.default().name,
     wait_for_schema: Optional[float] = None,
     rate_limit: Optional[str] = None,
+    sanitize_output: bool = True,
     **kwargs: Any,
 ) -> GraphQLSchema:
     """Load GraphQL schema from the network.
@@ -91,17 +111,18 @@ def from_url(
 
     else:
         _load_schema = requests.post
-    response = _load_schema(url, **kwargs)
-    HTTPError.raise_for_status(response)
-    decoded = response.json()
+
+    response = load_schema_from_url(lambda: _load_schema(url, **kwargs))
+    raw_schema = extract_schema_from_response(response)
     return from_dict(
-        raw_schema=decoded["data"],
+        raw_schema=raw_schema,
         location=url,
         base_url=base_url,
         app=app,
         data_generation_methods=data_generation_methods,
         code_sample_style=code_sample_style,
         rate_limit=rate_limit,
+        sanitize_output=sanitize_output,
     )
 
 
@@ -114,6 +135,7 @@ def from_file(
     code_sample_style: str = CodeSampleStyle.default().name,
     location: Optional[str] = None,
     rate_limit: Optional[str] = None,
+    sanitize_output: bool = True,
 ) -> GraphQLSchema:
     """Load GraphQL schema from a file descriptor or a string.
 
@@ -140,6 +162,7 @@ def from_file(
         code_sample_style=code_sample_style,
         location=location,
         rate_limit=rate_limit,
+        sanitize_output=sanitize_output,
     )
 
 
@@ -152,6 +175,7 @@ def from_dict(
     data_generation_methods: DataGenerationMethodInput = DEFAULT_DATA_GENERATION_METHODS,
     code_sample_style: str = CodeSampleStyle.default().name,
     rate_limit: Optional[str] = None,
+    sanitize_output: bool = True,
 ) -> GraphQLSchema:
     """Load GraphQL schema from a Python dictionary.
 
@@ -163,6 +187,8 @@ def from_dict(
     """
     _code_sample_style = CodeSampleStyle.from_str(code_sample_style)
     hook_context = HookContext()
+    if "data" in raw_schema:
+        raw_schema = raw_schema["data"]
     dispatch("before_load_schema", hook_context, raw_schema)
     rate_limiter: Optional[Limiter] = None
     if rate_limit is not None:
@@ -175,6 +201,7 @@ def from_dict(
         data_generation_methods=prepare_data_generation_methods(data_generation_methods),
         code_sample_style=_code_sample_style,
         rate_limiter=rate_limiter,
+        sanitize_output=sanitize_output,
     )  # type: ignore
     dispatch("after_load_schema", hook_context, instance)
     return instance
@@ -188,6 +215,7 @@ def from_wsgi(
     data_generation_methods: DataGenerationMethodInput = DEFAULT_DATA_GENERATION_METHODS,
     code_sample_style: str = CodeSampleStyle.default().name,
     rate_limit: Optional[str] = None,
+    sanitize_output: bool = True,
     **kwargs: Any,
 ) -> GraphQLSchema:
     """Load GraphQL schema from a WSGI app.
@@ -201,16 +229,17 @@ def from_wsgi(
     setup_headers(kwargs)
     kwargs.setdefault("json", {"query": INTROSPECTION_QUERY})
     client = Client(app, WSGIResponse)
-    response = client.post(schema_path, **kwargs)
-    HTTPError.check_response(response, schema_path)
+    response = load_schema_from_url(lambda: client.post(schema_path, **kwargs))
+    raw_schema = extract_schema_from_response(response)
     return from_dict(
-        raw_schema=response.json["data"],
+        raw_schema=raw_schema,
         location=schema_path,
         base_url=base_url,
         app=app,
         data_generation_methods=data_generation_methods,
         code_sample_style=code_sample_style,
         rate_limit=rate_limit,
+        sanitize_output=sanitize_output,
     )
 
 
@@ -222,6 +251,7 @@ def from_asgi(
     data_generation_methods: DataGenerationMethodInput = DEFAULT_DATA_GENERATION_METHODS,
     code_sample_style: str = CodeSampleStyle.default().name,
     rate_limit: Optional[str] = None,
+    sanitize_output: bool = True,
     **kwargs: Any,
 ) -> GraphQLSchema:
     """Load GraphQL schema from an ASGI app.
@@ -234,16 +264,17 @@ def from_asgi(
     setup_headers(kwargs)
     kwargs.setdefault("json", {"query": INTROSPECTION_QUERY})
     client = ASGIClient(app)
-    response = client.post(schema_path, **kwargs)
-    HTTPError.check_response(response, schema_path)
+    response = load_schema_from_url(lambda: client.post(schema_path, **kwargs))
+    raw_schema = extract_schema_from_response(response)
     return from_dict(
-        response.json()["data"],
+        raw_schema=raw_schema,
         location=schema_path,
         base_url=base_url,
         app=app,
         data_generation_methods=data_generation_methods,
         code_sample_style=code_sample_style,
         rate_limit=rate_limit,
+        sanitize_output=sanitize_output,
     )
 
 

schemathesis/specs/graphql/schemas.py

@@ -15,8 +15,14 @@ from ... import auths
 from ...auths import AuthStorage
 from ...checks import not_a_server_error
 from ...constants import DataGenerationMethod
-from ...exceptions import InvalidSchema
-from ...hooks import HookDispatcher
+from ...exceptions import OperationSchemaError
+from ...hooks import (
+    GLOBAL_HOOK_DISPATCHER,
+    HookContext,
+    HookDispatcher,
+    apply_to_all_dispatchers,
+    should_skip_operation,
+)
 from ...models import APIOperation, Case, CheckFunction, OperationDefinition
 from ...schemas import BaseSchema
 from ...stateful import Stateful, StatefulTest
@@ -92,6 +98,14 @@ class GraphQLOperationDefinition(OperationDefinition):
     type_: graphql.GraphQLType
     root_type: RootType
 
+    @property
+    def is_query(self) -> bool:
+        return self.root_type == RootType.QUERY
+
+    @property
+    def is_mutation(self) -> bool:
+        return self.root_type == RootType.MUTATION
+
 
 @dataclass
 class GraphQLSchema(BaseSchema):
@@ -130,7 +144,9 @@ class GraphQLSchema(BaseSchema):
                         total += len(type_def["fields"])
         return total
 
-    def get_all_operations(self) -> Generator[Result[APIOperation, InvalidSchema], None, None]:
+    def get_all_operations(
+        self, hooks: Optional[HookDispatcher] = None
+    ) -> Generator[Result[APIOperation, OperationSchemaError], None, None]:
         schema = self.client_schema
         for root_type, operation_type in (
             (RootType.QUERY, schema.query_type),
@@ -139,27 +155,33 @@ class GraphQLSchema(BaseSchema):
             if operation_type is None:
                 continue
             for field_name, definition in operation_type.fields.items():
-                yield Ok(
-                    APIOperation(
-                        base_url=self.get_base_url(),
-                        path=self.base_path,
-                        verbose_name=f"{operation_type.name}.{field_name}",
-                        method="POST",
-                        app=self.app,
-                        schema=self,
-                        # Parameters are not yet supported
-                        definition=GraphQLOperationDefinition(
-                            raw=definition,
-                            resolved=definition,
-                            scope="",
-                            parameters=[],
-                            type_=operation_type,
-                            field_name=field_name,
-                            root_type=root_type,
-                        ),
-                        case_cls=GraphQLCase,
-                    )
+                operation: APIOperation = APIOperation(
+                    base_url=self.get_base_url(),
+                    path=self.base_path,
+                    verbose_name=f"{operation_type.name}.{field_name}",
+                    method="POST",
+                    app=self.app,
+                    schema=self,
+                    # Parameters are not yet supported
+                    definition=GraphQLOperationDefinition(
+                        raw=definition,
+                        resolved=definition,
+                        scope="",
+                        parameters=[],
+                        type_=operation_type,
+                        field_name=field_name,
+                        root_type=root_type,
+                    ),
+                    case_cls=GraphQLCase,
                 )
+                context = HookContext(operation=operation)
+                if (
+                    should_skip_operation(GLOBAL_HOOK_DISPATCHER, context)
+                    or should_skip_operation(self.hooks, context)
+                    or (hooks and should_skip_operation(hooks, context))
+                ):
+                    continue
+                yield Ok(operation)
 
     def get_case_strategy(
         self,
@@ -220,11 +242,16 @@ def get_case_strategy(
     **kwargs: Any,
 ) -> Any:
     definition = cast(GraphQLOperationDefinition, operation.definition)
-    strategy = {
+    strategy_factory = {
         RootType.QUERY: gql_st.queries,
         RootType.MUTATION: gql_st.mutations,
     }[definition.root_type]
-    body = draw(strategy(client_schema, fields=[definition.field_name], custom_scalars=CUSTOM_SCALARS))
+    hook_context = HookContext(operation)
+    strategy = strategy_factory(
+        client_schema, fields=[definition.field_name], custom_scalars=CUSTOM_SCALARS, print_ast=_noop  # type: ignore
+    )
+    strategy = apply_to_all_dispatchers(operation, hook_context, hooks, strategy, "body").map(graphql.print_ast)
+    body = draw(strategy)
     instance = GraphQLCase(body=body, operation=operation, data_generation_method=data_generation_method)  # type: ignore
     context = auths.AuthContext(
         operation=operation,
@@ -232,3 +259,7 @@ def get_case_strategy(
     )
     auths.set_on_case(instance, context, auth_storage)
     return instance
+
+
+def _noop(node: graphql.Node) -> graphql.Node:
+    return node

schemathesis/specs/openapi/_hypothesis.py

@@ -14,8 +14,8 @@ from requests.structures import CaseInsensitiveDict
 
 from ... import auths, serializers, utils
 from ...constants import DataGenerationMethod
-from ...exceptions import InvalidSchema, SerializationNotPossible
-from ...hooks import GLOBAL_HOOK_DISPATCHER, HookContext, HookDispatcher
+from ...exceptions import OperationSchemaError, SerializationNotPossible
+from ...hooks import HookContext, HookDispatcher, apply_to_all_dispatchers
 from ...models import APIOperation, Case, cant_serialize
 from ...types import NotSet
 from ...utils import NOT_SET, compose, fast_deepcopy, skip
@@ -172,9 +172,9 @@ def get_case_strategy(
                 # Other media types are possible - avoid choosing this media type in the future
                 cant_serialize(parameter.media_type)
             media_type = draw(st.sampled_from(possible_media_types))
-            body_ = ValueContainer(value=draw(strategy), generator=body_generator)
+            body_ = ValueContainer(value=draw(strategy), location="body", generator=body_generator)
         else:
-            body_ = ValueContainer(value=body, generator=None)
+            body_ = ValueContainer(value=body, location="body", generator=None)
     else:
         media_types = operation.get_request_payload_content_types() or ["application/json"]
         # Take the first available media type.
@@ -183,10 +183,10 @@ def get_case_strategy(
         #   - On Open API 3.0, media types are explicit, and each example has it.
         #     We can pass `OpenAPIBody.media_type` here from the examples handling code.
         media_type = media_types[0]
-        body_ = ValueContainer(value=body, generator=None)
+        body_ = ValueContainer(value=body, location="body", generator=None)
 
     if operation.schema.validate_schema and operation.method.upper() == "GET" and operation.body:
-        raise InvalidSchema("Body parameters are defined for GET request.")
+        raise OperationSchemaError("Body parameters are defined for GET request.")
     # If we need to generate negative cases but no generated values were negated, then skip the whole test
     if generator.is_negative and not any_negated_values([query_, cookies_, headers_, path_parameters_, body_]):
         skip(operation.verbose_name)
@@ -265,12 +265,13 @@ class ValueContainer:
     """Container for a value generated by a data generator or explicitly provided."""
 
     value: Any
+    location: str
     generator: Optional[DataGenerationMethod]
 
     @property
     def is_generated(self) -> bool:
         """If value was generated."""
-        return self.value is not None and self.generator is not None
+        return self.generator is not None and (self.location == "body" or self.value is not None)
 
 
 def any_negated_values(values: List[ValueContainer]) -> bool:
@@ -307,7 +308,7 @@ def generate_parameter(
         # When we pass `explicit`, then its parts are excluded from generation of the final value
         # If the final value is the same, then other parameters were generated at all
         used_generator = None
-    return ValueContainer(value=value, generator=used_generator)
+    return ValueContainer(value=value, location=location, generator=used_generator)
 
 
 def can_negate_path_parameters(operation: APIOperation) -> bool:
@@ -499,22 +500,9 @@ def apply_hooks(
     strategy: st.SearchStrategy,
     location: str,
 ) -> st.SearchStrategy:
-    """Apply all `before_generate_` hooks related to the given location."""
-    strategy = _apply_hooks(context, GLOBAL_HOOK_DISPATCHER, strategy, location)
-    strategy = _apply_hooks(context, operation.schema.hooks, strategy, location)
-    if hooks is not None:
-        strategy = _apply_hooks(context, hooks, strategy, location)
-    return strategy
-
-
-def _apply_hooks(
-    context: HookContext, hooks: HookDispatcher, strategy: st.SearchStrategy, location: str
-) -> st.SearchStrategy:
-    """Apply all `before_generate_` hooks related to the given location & dispatcher."""
+    """Apply all hooks related to the given location."""
     container = LOCATION_TO_CONTAINER[location]
-    for hook in hooks.get_all_by_name(f"before_generate_{container}"):
-        strategy = hook(context, strategy)
-    return strategy
+    return apply_to_all_dispatchers(operation, context, hooks, strategy, container)
 
 
 def clear_cache() -> None: